Changeset 464 for azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src
- Timestamp:
- Jun 22, 2021, 9:00:19 PM (3 years ago)
- Location:
- azure_iot_hub_f767zi/trunk/wolfssl-4.7.0
- Files:
-
- 10 edited
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/bio.c
r457 r464 160 160 static int wolfSSL_BIO_MD_read(WOLFSSL_BIO* bio, void* buf, int sz) 161 161 { 162 int ret = sz;163 164 162 if (wolfSSL_EVP_MD_CTX_type((WOLFSSL_EVP_MD_CTX*)bio->ptr) == NID_hmac) { 165 163 if (wolfSSL_EVP_DigestSignUpdate((WOLFSSL_EVP_MD_CTX*)bio->ptr, buf, 166 164 sz) != WOLFSSL_SUCCESS) 167 165 { 168 ret =WOLFSSL_FATAL_ERROR;166 return WOLFSSL_FATAL_ERROR; 169 167 } 170 168 } 171 169 else { 172 if (wolfSSL_EVP_DigestUpdate((WOLFSSL_EVP_MD_CTX*)bio->ptr, buf, ret)170 if (wolfSSL_EVP_DigestUpdate((WOLFSSL_EVP_MD_CTX*)bio->ptr, buf, sz) 173 171 != WOLFSSL_SUCCESS) { 174 ret =WOLFSSL_FATAL_ERROR;175 } 176 } 177 return ret;172 return WOLFSSL_FATAL_ERROR; 173 } 174 } 175 return sz; 178 176 } 179 177 #endif /* WOLFCRYPT_ONLY */ … … 232 230 #ifndef NO_FILESYSTEM 233 231 if (bio && bio->type == WOLFSSL_BIO_FILE) { 234 ret = (int)XFREAD(buf, 1, len, (XFILE)bio->ptr); 232 if (bio->ptr) 233 ret = (int)XFREAD(buf, 1, len, (XFILE)bio->ptr); 234 #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\ 235 && !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2) 236 else 237 ret = (int)XREAD(bio->num, buf, len); 238 #endif 235 239 } 236 240 #endif … … 574 578 575 579 /* write bios */ 576 if (bio && bio->type == WOLFSSL_BIO_BIO) {580 if (bio->type == WOLFSSL_BIO_BIO) { 577 581 ret = wolfSSL_BIO_BIO_write(bio, data, len); 578 582 } 579 583 580 if (bio && bio->type == WOLFSSL_BIO_MEMORY) {584 if (bio->type == WOLFSSL_BIO_MEMORY) { 581 585 ret = wolfSSL_BIO_MEMORY_write(bio, data, len); 582 586 } … … 584 588 #ifndef NO_FILESYSTEM 585 589 if (bio && bio->type == WOLFSSL_BIO_FILE) { 586 ret = (int)XFWRITE(data, 1, len, (XFILE)bio->ptr); 590 if (bio->ptr) 591 ret = (int)XFWRITE(data, 1, len, (XFILE)bio->ptr); 592 #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\ 593 && !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2) 594 else 595 ret = (int)XWRITE(bio->num, data, len); 596 #endif 587 597 } 588 598 #endif 589 599 590 600 #ifndef WOLFCRYPT_ONLY 591 if (bio && bio->type == WOLFSSL_BIO_SSL) {601 if (bio->type == WOLFSSL_BIO_SSL) { 592 602 /* already got eof, again is error */ 593 603 if (front->eof) { … … 599 609 } 600 610 601 if (bio && bio->type == WOLFSSL_BIO_MD) {611 if (bio->type == WOLFSSL_BIO_MD) { 602 612 if (bio->next != NULL) { /* data passing through MD BIO */ 603 613 ret = wolfSSL_BIO_MD_write(bio, data, len); … … 608 618 /* advance to the next bio in list */ 609 619 bio = bio->next; 610 }611 612 if (frmt != NULL) {613 XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER);614 620 } 615 621 … … 619 625 WOLFSSL_BIO_CB_WRITE | WOLFSSL_BIO_CB_RETURN, 620 626 (const char*)data, 0, 0, ret); 627 } 628 629 if (frmt != NULL) { 630 XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER); 621 631 } 622 632 … … 943 953 } 944 954 945 if (bio->type == WOLFSSL_BIO_MD) { 946 /* MD is a wrapper only get next bio */ 955 if (bio->type == WOLFSSL_BIO_MD || 956 bio->type == WOLFSSL_BIO_BASE64) { 957 /* these are wrappers only, get next bio */ 947 958 while (bio->next != NULL) { 948 959 bio = bio->next; 949 if (bio->type != WOLFSSL_BIO_MD) { 960 if (bio->type == WOLFSSL_BIO_MD || 961 bio->type == WOLFSSL_BIO_BASE64) { 950 962 break; 951 963 } … … 1308 1320 const WOLFSSL_EVP_MD* md = 1309 1321 wolfSSL_EVP_MD_CTX_md((WOLFSSL_EVP_MD_CTX*)bio->ptr); 1322 wolfSSL_EVP_MD_CTX_cleanup((WOLFSSL_EVP_MD_CTX*)bio->ptr); 1310 1323 wolfSSL_EVP_MD_CTX_init((WOLFSSL_EVP_MD_CTX*)bio->ptr); 1311 1324 wolfSSL_EVP_DigestInit((WOLFSSL_EVP_MD_CTX*)bio->ptr, md); … … 1322 1335 1323 1336 #ifndef NO_FILESYSTEM 1337 /** 1338 * Creates a new file BIO object 1339 * @param fd file descriptor for to use for the new object 1340 * @param close_flag BIO_NOCLOSE or BIO_CLOSE 1341 * @return New BIO object or NULL on failure 1342 */ 1343 WOLFSSL_BIO *wolfSSL_BIO_new_fd(int fd, int close_flag) 1344 { 1345 WOLFSSL_BIO* bio; 1346 1347 bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file()); 1348 if (!bio) { 1349 WOLFSSL_MSG("wolfSSL_BIO_new error"); 1350 return NULL; 1351 } 1352 1353 if (wolfSSL_BIO_set_fd(bio, fd, close_flag) != WOLFSSL_SUCCESS) { 1354 wolfSSL_BIO_free(bio); 1355 WOLFSSL_MSG("wolfSSL_BIO_set_fp error"); 1356 return NULL; 1357 } 1358 1359 return bio; 1360 } 1361 1324 1362 long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c) 1325 1363 { … … 1528 1566 long wolfSSL_BIO_set_nbio(WOLFSSL_BIO* bio, long on) 1529 1567 { 1568 int ret = 0; 1530 1569 #ifndef WOLFSSL_DTLS 1531 1570 (void)on; … … 1539 1578 int flag = XFCNTL(bio->num, F_GETFL, 0); 1540 1579 if (on) 1541 XFCNTL(bio->num, F_SETFL, flag | O_NONBLOCK);1580 ret = XFCNTL(bio->num, F_SETFL, flag | O_NONBLOCK); 1542 1581 else 1543 XFCNTL(bio->num, F_SETFL, flag & ~O_NONBLOCK);1582 ret = XFCNTL(bio->num, F_SETFL, flag & ~O_NONBLOCK); 1544 1583 } 1545 1584 #endif … … 1555 1594 break; 1556 1595 } 1557 1558 return 1; 1596 if (ret != -1) 1597 return 1; 1598 else 1599 return 0; 1559 1600 } 1560 1601 … … 1678 1719 int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio, void* p) 1679 1720 { 1721 WOLFSSL_BIO* mem_bio; 1680 1722 WOLFSSL_ENTER("wolfSSL_BIO_get_mem_data"); 1681 1723 … … 1683 1725 return WOLFSSL_FATAL_ERROR; 1684 1726 1727 mem_bio = bio; 1728 /* Return pointer from last memory BIO in chain */ 1729 while (bio->next) { 1730 bio = bio->next; 1731 if (bio->type == WOLFSSL_BIO_MEMORY) 1732 mem_bio = bio; 1733 } 1734 1685 1735 if (p) { 1686 *(byte**)p = (byte*) bio->ptr;1687 } 1688 1689 return bio->num;1736 *(byte**)p = (byte*)mem_bio->ptr; 1737 } 1738 1739 return mem_bio->num; 1690 1740 } 1691 1741 -
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/crl.c
r457 r464 35 35 #include <wolfssl/error-ssl.h> 36 36 37 #include <string.h> 37 #ifndef WOLFSSL_LINUXKM 38 #include <string.h> 39 #endif 38 40 39 41 #ifdef HAVE_CRL_MONITOR … … 491 493 492 494 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) 495 /* helper function to create a new dynamic WOLFSSL_X509_CRL structure */ 496 static WOLFSSL_X509_CRL* wolfSSL_X509_crl_new(WOLFSSL_CERT_MANAGER* cm) 497 { 498 WOLFSSL_X509_CRL* ret; 499 500 ret = (WOLFSSL_X509_CRL*)XMALLOC(sizeof(WOLFSSL_X509_CRL), cm->heap, 501 DYNAMIC_TYPE_CRL); 502 if (ret != NULL) { 503 if (InitCRL(ret, cm) < 0) { 504 WOLFSSL_MSG("Unable to initialize new CRL structure"); 505 XFREE(ret, cm->heap, DYNAMIC_TYPE_CRL); 506 ret = NULL; 507 } 508 } 509 return ret; 510 } 511 512 513 /* returns head of copied list that was alloc'd */ 514 static RevokedCert *DupRevokedCertList(RevokedCert* in, void* heap) 515 { 516 RevokedCert* head = NULL; 517 RevokedCert* current = in; 518 RevokedCert* prev = NULL; 519 while (current) { 520 RevokedCert* tmp = (RevokedCert*)XMALLOC(sizeof(RevokedCert), heap, 521 DYNAMIC_TYPE_REVOKED); 522 if (tmp != NULL) { 523 XMEMCPY(tmp->serialNumber, current->serialNumber, 524 EXTERNAL_SERIAL_SIZE); 525 tmp->serialSz = current->serialSz; 526 tmp->next = NULL; 527 if (prev != NULL) 528 prev->next = tmp; 529 if (head == NULL) 530 head = tmp; 531 prev = tmp; 532 } 533 else { 534 WOLFSSL_MSG("Failed to allocate new RevokedCert structure"); 535 /* free up any existing list */ 536 while (head != NULL) { 537 current = head; 538 head = head->next; 539 XFREE(current, heap, DYNAMIC_TYPE_REVOKED); 540 } 541 return NULL; 542 } 543 current = current->next; 544 } 545 546 (void)heap; 547 return head; 548 } 549 550 551 /* returns a deep copy of ent on success and null on fail */ 552 static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap) 553 { 554 CRL_Entry *dupl; 555 556 dupl = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), heap, DYNAMIC_TYPE_CRL_ENTRY); 557 if (dupl == NULL) { 558 WOLFSSL_MSG("alloc CRL Entry failed"); 559 return NULL; 560 } 561 XMEMSET(dupl, 0, sizeof(CRL_Entry)); 562 563 XMEMCPY(dupl->issuerHash, ent->issuerHash, CRL_DIGEST_SIZE); 564 XMEMCPY(dupl->lastDate, ent->lastDate, MAX_DATE_SIZE); 565 XMEMCPY(dupl->nextDate, ent->nextDate, MAX_DATE_SIZE); 566 dupl->lastDateFormat = ent->lastDateFormat; 567 dupl->nextDateFormat = ent->nextDateFormat; 568 dupl->certs = DupRevokedCertList(ent->certs, heap); 569 570 dupl->totalCerts = ent->totalCerts; 571 dupl->verified = ent->verified; 572 573 if (!ent->verified) { 574 dupl->tbsSz = ent->tbsSz; 575 dupl->signatureSz = ent->signatureSz; 576 dupl->signatureOID = ent->signatureOID; 577 dupl->toBeSigned = (byte*)XMALLOC(dupl->tbsSz, heap, 578 DYNAMIC_TYPE_CRL_ENTRY); 579 if (dupl->toBeSigned == NULL) { 580 FreeCRL_Entry(dupl, heap); 581 XFREE(dupl, heap, DYNAMIC_TYPE_CRL_ENTRY); 582 return NULL; 583 } 584 585 dupl->signature = (byte*)XMALLOC(dupl->signatureSz, heap, 586 DYNAMIC_TYPE_CRL_ENTRY); 587 if (dupl->signature == NULL) { 588 FreeCRL_Entry(dupl, heap); 589 XFREE(dupl, heap, DYNAMIC_TYPE_CRL_ENTRY); 590 return NULL; 591 } 592 XMEMCPY(dupl->toBeSigned, ent->toBeSigned, dupl->tbsSz); 593 XMEMCPY(dupl->signature, ent->signature, dupl->signatureSz); 594 #ifndef NO_SKID 595 dupl->extAuthKeyIdSet = ent->extAuthKeyIdSet; 596 if (dupl->extAuthKeyIdSet) 597 XMEMCPY(dupl->extAuthKeyId, ent->extAuthKeyId, KEYID_SIZE); 598 #endif 599 } 600 else { 601 dupl->toBeSigned = NULL; 602 dupl->tbsSz = 0; 603 dupl->signature = NULL; 604 dupl->signatureSz = 0; 605 } 606 607 return dupl; 608 } 609 610 611 /* returns the head of a deep copy of the list on success and null on fail */ 612 static CRL_Entry* DupCRL_list(CRL_Entry* crl, void* heap) 613 { 614 CRL_Entry* current; 615 CRL_Entry* head = NULL; 616 CRL_Entry* prev = NULL; 617 618 current = crl; 619 while (current != NULL) { 620 CRL_Entry* tmp = DupCRL_Entry(current, heap); 621 if (tmp != NULL) { 622 tmp->next = NULL; 623 if (head == NULL) 624 head = tmp; 625 if (prev != NULL) 626 prev->next = tmp; 627 prev = tmp; 628 } 629 else { 630 WOLFSSL_MSG("Failed to allocate new CRL_Entry structure"); 631 /* free up any existing list */ 632 while (head != NULL) { 633 current = head; 634 head = head->next; 635 FreeCRL_Entry(current, heap); 636 } 637 638 return NULL; 639 } 640 current = current->next; 641 } 642 return head; 643 } 644 645 646 /* Duplicates everything except the parent cm pointed to. 647 * Expects that Init has already been done to 'dupl' 648 * return 0 on success */ 649 static int DupX509_CRL(WOLFSSL_X509_CRL *dupl, const WOLFSSL_X509_CRL* crl) 650 { 651 if (dupl == NULL || crl == NULL) { 652 return BAD_FUNC_ARG; 653 } 654 655 if (crl->monitors[0].path) { 656 int pathSz = (int)XSTRLEN(crl->monitors[0].path) + 1; 657 dupl->monitors[0].path = (char*)XMALLOC(pathSz, dupl->heap, 658 DYNAMIC_TYPE_CRL_MONITOR); 659 if (dupl->monitors[0].path != NULL) { 660 XSTRNCPY(dupl->monitors[0].path, crl->monitors[0].path, pathSz); 661 } 662 else { 663 return MEMORY_E; 664 } 665 } 666 667 if (crl->monitors[1].path) { 668 int pathSz = (int)XSTRLEN(crl->monitors[1].path) + 1; 669 dupl->monitors[1].path = (char*)XMALLOC(pathSz, dupl->heap, 670 DYNAMIC_TYPE_CRL_MONITOR); 671 if (dupl->monitors[1].path != NULL) { 672 XSTRNCPY(dupl->monitors[1].path, crl->monitors[1].path, pathSz); 673 } 674 else { 675 if (dupl->monitors[0].path != NULL) { 676 XFREE(dupl->monitors[0].path, dupl->heap, 677 DYNAMIC_TYPE_CRL_MONITOR); 678 } 679 return MEMORY_E; 680 } 681 } 682 683 dupl->crlList = DupCRL_list(crl->crlList, dupl->heap); 684 #ifdef HAVE_CRL_IO 685 dupl->crlIOCb = crl->crlIOCb; 686 #endif 687 688 return 0; 689 } 690 691 /* returns WOLFSSL_SUCCESS on success. Does not take ownership of newcrl */ 493 692 int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newcrl) 494 693 { 495 694 CRL_Entry *crle; 496 WOLFSSL_ CRL *crl;695 WOLFSSL_X509_CRL *crl; 497 696 498 697 WOLFSSL_ENTER("wolfSSL_X509_STORE_add_crl"); 499 if (store == NULL || newcrl == NULL )698 if (store == NULL || newcrl == NULL || store->cm == NULL) 500 699 return BAD_FUNC_ARG; 501 700 502 crl = store->crl; 503 crle = newcrl->crlList; 504 505 if (wc_LockMutex(&crl->crlLock) != 0) 506 { 507 WOLFSSL_MSG("wc_LockMutex failed"); 508 return BAD_MUTEX_E; 509 } 510 crle->next = crl->crlList; 511 crl->crlList = crle; 512 newcrl->crlList = NULL; 513 wc_UnLockMutex(&crl->crlLock); 701 if (store->cm->crl == NULL) { 702 crl = wolfSSL_X509_crl_new(store->cm); 703 if (DupX509_CRL(crl, newcrl) != 0) { 704 FreeCRL(crl, 1); 705 return WOLFSSL_FAILURE; 706 } 707 store->crl = store->cm->crl = crl; 708 if (wolfSSL_CertManagerEnableCRL(store->cm, WOLFSSL_CRL_CHECKALL) 709 != WOLFSSL_SUCCESS) { 710 WOLFSSL_MSG("wolfSSL_CertManagerEnableCRL error"); 711 return WOLFSSL_FAILURE; 712 } 713 return WOLFSSL_SUCCESS; 714 } 715 716 /* find tail of current list and add new list */ 717 crl = store->cm->crl; 718 crle = crl->crlList; 719 if (newcrl->crlList != NULL) { 720 CRL_Entry *tail = crle; 721 CRL_Entry *toAdd; 722 723 if (wc_LockMutex(&crl->crlLock) != 0) 724 { 725 WOLFSSL_MSG("wc_LockMutex failed"); 726 return BAD_MUTEX_E; 727 } 728 729 toAdd = DupCRL_list(newcrl->crlList, crl->heap); 730 if (tail == NULL) { 731 crl->crlList = toAdd; 732 } 733 else { 734 while (tail->next != NULL) tail = tail->next; 735 tail->next = toAdd; 736 } 737 wc_UnLockMutex(&crl->crlLock); 738 } 739 740 if (wolfSSL_CertManagerEnableCRL(store->cm, WOLFSSL_CRL_CHECKALL) 741 != WOLFSSL_SUCCESS) { 742 WOLFSSL_MSG("wolfSSL_CertManagerEnableCRL error"); 743 return WOLFSSL_FAILURE; 744 } 514 745 515 746 WOLFSSL_LEAVE("wolfSSL_X509_STORE_add_crl", WOLFSSL_SUCCESS); … … 882 1113 883 1114 if (FD_ISSET(crl->mfd, &readfds)) { 1115 word64 r64; 1116 int rlen; 1117 884 1118 WOLFSSL_MSG("got custom shutdown event, breaking out"); 1119 1120 /* read out the bytes written to the event to clean up */ 1121 rlen = (int) read(crl->mfd, &r64, sizeof(r64)); 1122 if (rlen < 0) { 1123 WOLFSSL_MSG("read custom event failure"); 1124 } 1125 885 1126 break; 886 1127 } … … 961 1202 #else /* HAVE_CRL_MONITOR */ 962 1203 963 #if ndef NO_FILESYSTEM1204 #if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) 964 1205 965 1206 static int StartMonitorCRL(WOLFSSL_CRL* crl) … … 973 1214 } 974 1215 975 #endif /* NO_FILESYSTEM*/1216 #endif /* !NO_FILESYSTEM && !NO_WOLFSSL_DIR */ 976 1217 977 1218 #endif /* HAVE_CRL_MONITOR */ -
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/internal.c
r457 r464 38 38 * certificates. This also allows loading intermediate CA's as trusted 39 39 * and ignoring no signer failures for CA's up the chain to root. 40 * WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT: 41 * Enable resending the previous DTLS handshake flight only on a network 42 * read timeout. By default we resend in two more cases, when we receive: 43 * - an out of order last msg of the peer's flight 44 * - a duplicate of the first msg from the peer's flight 45 * WOLFSSL_NO_DEF_TICKET_ENC_CB: 46 * No default ticket encryption callback. 47 * Server only. 48 * Application must set its own callback to use session tickets. 49 * WOLFSSL_TICKET_ENC_CHACHA20_POLY1305 50 * Use ChaCha20-Poly1305 to encrypt/decrypt session tickets in default 51 * callback. Default algorithm if none defined and algorithms compiled in. 52 * Server only. 53 * WOLFSSL_TICKET_ENC_AES128_GCM 54 * Use AES128-GCM to encrypt/decrypt session tickets in default callback. 55 * Server only. Default algorithm if ChaCha20/Poly1305 not compiled in. 56 * WOLFSSL_TICKET_ENC_AES256_GCM 57 * Use AES256-GCM to encrypt/decrypt session tickets in default callback. 58 * Server only. 59 * WOLFSSL_TICKET_DECRYPT_NO_CREATE 60 * Default callback will not request creation of new ticket on successful 61 * decryption. 62 * Server only. 40 63 */ 41 64 … … 73 96 defined(CHACHA_AEAD_TEST) || defined(WOLFSSL_SESSION_EXPORT_DEBUG) 74 97 #ifndef NO_STDIO_FILESYSTEM 75 #include <stdio.h> 98 #ifdef FUSION_RTOS 99 #include <fclstdio.h> 100 #else 101 #include <stdio.h> 102 #endif 76 103 #endif 77 104 #endif … … 125 152 static int SendHelloVerifyRequest(WOLFSSL*, const byte*, byte); 126 153 #endif /* WOLFSSL_DTLS */ 127 #endif 154 155 #endif /* !NO_WOLFSSL_SERVER */ 128 156 129 157 #endif /* !WOLFSSL_NO_TLS12 */ 158 159 #ifndef NO_WOLFSSL_SERVER 160 #if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) 161 static int TicketEncCbCtx_Init(WOLFSSL_CTX* ctx, 162 TicketEncCbCtx* keyCtx); 163 static void TicketEncCbCtx_Free(TicketEncCbCtx* keyCtx); 164 static int DefTicketEncCb(WOLFSSL* ssl, 165 byte key_name[WOLFSSL_TICKET_NAME_SZ], 166 byte iv[WOLFSSL_TICKET_IV_SZ], 167 byte mac[WOLFSSL_TICKET_MAC_SZ], 168 int enc, byte* ticket, int inLen, int* outLen, 169 void* userCtx); 170 #endif 171 #endif 130 172 131 173 #ifdef WOLFSSL_DTLS … … 162 204 #if !defined(NO_OLD_TLS) && !defined(WOLFSSL_AEAD_ONLY) 163 205 static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, 164 int padSz, int content, int verify );206 int padSz, int content, int verify, int epochOrder); 165 207 166 208 #endif … … 205 247 static WC_INLINE int IsEncryptionOn(WOLFSSL* ssl, int isSend) 206 248 { 207 (void)isSend;208 209 249 #ifdef WOLFSSL_DTLS 210 250 /* For DTLS, epoch 0 is always not encrypted. */ … … 213 253 #endif /* WOLFSSL_DTLS */ 214 254 215 #ifdef WOLFSSL_TLS13 216 if (isSend) 217 return ssl->encrypt.setup; 218 else 219 return ssl->decrypt.setup; 220 #else 221 return ssl->keys.encryptionOn; 222 #endif 255 return ssl->keys.encryptionOn && 256 (isSend ? ssl->encrypt.setup : ssl->decrypt.setup); 223 257 } 224 258 … … 229 263 static WC_INLINE int IsDtlsNotSctpMode(WOLFSSL* ssl) 230 264 { 231 int result = ssl->options.dtls;232 233 if (result) {234 265 #ifdef WOLFSSL_SCTP 235 result = !ssl->options.dtlsSctp; 236 #endif 237 } 238 239 return result; 266 return ssl->options.dtls && !ssl->options.dtlsSctp; 267 #else 268 return ssl->options.dtls; 269 #endif 240 270 } 241 271 #endif /* DTLS || !WOLFSSL_NO_TLS12 */ … … 363 393 { 364 394 (void)opaque; 365 return XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);395 return (void *)XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ); 366 396 } 367 397 … … 641 671 } 642 672 643 static int ImportCipherSpecState(WOLFSSL* ssl, byte* exp, word32 len, byte ver)673 static int ImportCipherSpecState(WOLFSSL* ssl, const byte* exp, word32 len, byte ver) 644 674 { 645 675 word32 idx = 0; … … 678 708 679 709 680 static int ImportKeyState(WOLFSSL* ssl, byte* exp, word32 len, byte ver)710 static int ImportKeyState(WOLFSSL* ssl, const byte* exp, word32 len, byte ver) 681 711 { 682 712 word32 idx = 0; … … 911 941 exp[idx++] = options->createTicket; 912 942 exp[idx++] = options->useTicket; 943 exp[idx++] = options->noTicketTls12; 913 944 #ifdef WOLFSSL_TLS13 914 945 if (ver > DTLS_EXPORT_VERSION_3) { … … 974 1005 /* copy items from Export struct to Options struct 975 1006 * On success returns size of buffer used on failure returns a negative value */ 976 static int dtls_export_load(WOLFSSL* ssl, byte* exp, word32 len, byte ver)1007 static int dtls_export_load(WOLFSSL* ssl, const byte* exp, word32 len, byte ver) 977 1008 { 978 1009 int idx = 0; … … 1076 1107 options->createTicket = exp[idx++]; /* Server to create new Ticket */ 1077 1108 options->useTicket = exp[idx++]; /* Use Ticket not session cache */ 1109 options->noTicketTls12 = exp[idx++]; /* Server won't create new Ticket */ 1078 1110 #ifdef WOLFSSL_TLS13 1079 1111 if (ver > DTLS_EXPORT_VERSION_3) { … … 1156 1188 1157 1189 1158 static int ImportPeerInfo(WOLFSSL* ssl, byte* buf, word32 len, byte ver)1190 static int ImportPeerInfo(WOLFSSL* ssl, const byte* buf, word32 len, byte ver) 1159 1191 { 1160 1192 word16 idx = 0; … … 1358 1390 1359 1391 /* On success return amount of buffer consumed */ 1360 int wolfSSL_dtls_import_state_internal(WOLFSSL* ssl, byte* buf, word32 sz)1392 int wolfSSL_dtls_import_state_internal(WOLFSSL* ssl, const byte* buf, word32 sz) 1361 1393 { 1362 1394 word32 idx = 0; … … 1425 1457 1426 1458 WOLFSSL_LEAVE("wolfSSL_dtls_import_state_internal", ret); 1427 return ret;1459 return idx; 1428 1460 } 1429 1461 1430 1462 1431 1463 /* On success return amount of buffer consumed */ 1432 int wolfSSL_dtls_import_internal(WOLFSSL* ssl, byte* buf, word32 sz)1464 int wolfSSL_dtls_import_internal(WOLFSSL* ssl, const byte* buf, word32 sz) 1433 1465 { 1434 1466 word32 idx = 0; … … 1551 1583 1552 1584 SetKeysSide(ssl, ENCRYPT_AND_DECRYPT_SIDE); 1553 1585 /* make sure is a valid suite used */ 1586 if (wolfSSL_get_cipher(ssl) == NULL) { 1587 WOLFSSL_MSG("Can not match cipher suite imported"); 1588 return MATCH_SUITE_ERROR; 1589 } 1590 1591 #ifndef WOLFSSL_AEAD_ONLY 1554 1592 /* set hmac function to use when verifying */ 1555 1593 if (ssl->options.tls == 1 || ssl->options.tls1_1 == 1 || 1556 1594 ssl->options.dtls == 1) { 1557 1595 ssl->hmac = TLS_hmac; 1558 }1559 1560 /* make sure is a valid suite used */1561 if (wolfSSL_get_cipher(ssl) == NULL) {1562 WOLFSSL_MSG("Can not match cipher suite imported");1563 return MATCH_SUITE_ERROR;1564 1596 } 1565 1597 … … 1570 1602 return SANITY_CIPHER_E; 1571 1603 } 1604 #endif /* !WOLFSSL_AEAD_ONLY */ 1572 1605 1573 1606 return idx; … … 1659 1692 return BAD_MUTEX_E; 1660 1693 } 1694 1695 #ifndef NO_CERTS 1696 ctx->privateKeyDevId = INVALID_DEVID; 1697 #endif 1661 1698 1662 1699 #ifndef NO_DH … … 1782 1819 1783 1820 #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) 1821 #ifndef WOLFSSL_NO_DEF_TICKET_ENC_CB 1822 ret = TicketEncCbCtx_Init(ctx, &ctx->ticketKeyCtx); 1823 if (ret != 0) return ret; 1824 ctx->ticketEncCb = DefTicketEncCb; 1825 ctx->ticketEncCtx = (void*)&ctx->ticketKeyCtx; 1826 #endif 1784 1827 ctx->ticketHint = SESSION_TICKET_HINT_DEFAULT; 1785 1828 #endif … … 1791 1834 #ifdef WOLFSSL_EARLY_DATA 1792 1835 ctx->maxEarlyDataSz = MAX_EARLY_DATA_SZ; 1836 #endif 1837 1838 #if defined(WOLFSSL_TLS13) && !defined(HAVE_SUPPORTED_CURVES) 1839 ctx->noPskDheKe = 1; 1793 1840 #endif 1794 1841 … … 1848 1895 #ifdef KEEP_OUR_CERT 1849 1896 if (ctx->ourCert && ctx->ownOurCert) { 1850 FreeX509(ctx->ourCert); 1851 XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509); 1897 wolfSSL_X509_free(ctx->ourCert); 1852 1898 ctx->ourCert = NULL; 1853 1899 } … … 1857 1903 ctx->cm = NULL; 1858 1904 #ifdef OPENSSL_EXTRA 1859 /* ctx->cm was free'd so cm of x509 store should now be NULL */1860 if (ctx->x509_store_pt != NULL) {1861 ctx->x509_store_pt->cm = NULL;1862 }1863 1905 wolfSSL_X509_STORE_free(ctx->x509_store_pt); 1864 1906 while (ctx->ca_names != NULL) { … … 1870 1912 #endif 1871 1913 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 1872 while (ctx->x509Chain != NULL) { 1873 WOLFSSL_STACK *next = ctx->x509Chain->next; 1874 wolfSSL_X509_free(ctx->x509Chain->data.x509); 1875 XFREE(ctx->x509Chain, NULL, DYNAMIC_TYPE_OPENSSL); 1876 ctx->x509Chain = next; 1914 if (ctx->x509Chain) { 1915 wolfSSL_sk_X509_free(ctx->x509Chain); 1916 ctx->x509Chain = NULL; 1877 1917 } 1878 1918 #endif … … 1908 1948 ctx->alpn_cli_protos = NULL; 1909 1949 } 1950 #endif 1951 #ifdef WOLFSSL_STATIC_EPHEMERAL 1952 #ifndef NO_DH 1953 if (ctx->staticKE.dhKey) 1954 FreeDer(&ctx->staticKE.dhKey); 1955 #endif 1956 #ifdef HAVE_ECC 1957 if (ctx->staticKE.ecKey) 1958 FreeDer(&ctx->staticKE.ecKey); 1959 #endif 1910 1960 #endif 1911 1961 #ifdef WOLFSSL_STATIC_MEMORY … … 1943 1993 WOLFSSL_MSG("CTX ref count down to 0, doing full free"); 1944 1994 SSL_CtxResourceFree(ctx); 1995 #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ 1996 !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) 1997 TicketEncCbCtx_Free(&ctx->ticketKeyCtx); 1998 #endif 1945 1999 wc_FreeMutex(&ctx->countMutex); 1946 2000 #ifdef WOLFSSL_STATIC_MEMORY … … 3334 3388 #ifndef NO_CERTS 3335 3389 3336 void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag )3390 void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag, void* heap) 3337 3391 { 3338 3392 (void)dynamicFlag; 3393 (void)heap; 3339 3394 3340 3395 if (name != NULL) { … … 3342 3397 name->dynamicName = 0; 3343 3398 name->sz = 0; 3399 name->heap = heap; 3344 3400 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 3345 XMEMSET(&name->fullName, 0, sizeof(DecodedName)); 3346 XMEMSET(&name->cnEntry, 0, sizeof(WOLFSSL_X509_NAME_ENTRY)); 3347 XMEMSET(&name->extra, 0, sizeof(name->extra)); 3348 name->cnEntry.value = &(name->cnEntry.data); /* point to internal data*/ 3349 name->cnEntry.nid = ASN_COMMON_NAME; 3401 XMEMSET(name->entry, 0, sizeof(name->entry)); 3350 3402 name->x509 = NULL; 3403 name->entrySz = 0; 3351 3404 #endif /* OPENSSL_EXTRA */ 3352 3405 } … … 3354 3407 3355 3408 3356 void FreeX509Name(WOLFSSL_X509_NAME* name , void* heap)3409 void FreeX509Name(WOLFSSL_X509_NAME* name) 3357 3410 { 3358 3411 if (name != NULL) { 3359 3412 if (name->dynamicName) { 3360 XFREE(name->name, heap, DYNAMIC_TYPE_SUBJECT_CN);3413 XFREE(name->name, name->heap, DYNAMIC_TYPE_SUBJECT_CN); 3361 3414 name->name = NULL; 3362 3415 } … … 3364 3417 { 3365 3418 int i; 3366 if (name->fullName.fullName != NULL) {3367 XFREE(name->fullName.fullName, heap, DYNAMIC_TYPE_X509);3368 name->fullName.fullName = NULL;3369 }3370 3419 for (i = 0; i < MAX_NAME_ENTRIES; i++) { 3371 /* free ASN1 string data */3372 if (name->extra[i].set && name->extra[i].data.data != NULL) {3373 XFREE(name->extra[i].data.data, heap, DYNAMIC_TYPE_OPENSSL);3420 if (name->entry[i].set) { 3421 wolfSSL_ASN1_OBJECT_free(name->entry[i].object); 3422 wolfSSL_ASN1_STRING_free(name->entry[i].value); 3374 3423 } 3375 3424 } 3376 wolfSSL_ASN1_OBJECT_free(&name->cnEntry.object);3377 3425 } 3378 3426 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 3379 3427 } 3380 (void)heap;3381 3428 } 3382 3429 … … 3393 3440 3394 3441 x509->heap = heap; 3395 InitX509Name(&x509->issuer, 0 );3396 InitX509Name(&x509->subject, 0 );3442 InitX509Name(&x509->issuer, 0, heap); 3443 InitX509Name(&x509->subject, 0, heap); 3397 3444 x509->dynamicMemory = (byte)dynamicFlag; 3398 3445 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) … … 3409 3456 return; 3410 3457 3411 FreeX509Name(&x509->issuer , x509->heap);3412 FreeX509Name(&x509->subject , x509->heap);3458 FreeX509Name(&x509->issuer); 3459 FreeX509Name(&x509->subject); 3413 3460 if (x509->pubKey.buffer) { 3414 3461 XFREE(x509->pubKey.buffer, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY); … … 3434 3481 wolfSSL_sk_X509_EXTENSION_free(x509->ext_sk); 3435 3482 } 3483 if (x509->ext_sk_full != NULL) { 3484 wolfSSL_sk_X509_EXTENSION_free(x509->ext_sk_full); 3485 } 3436 3486 #endif /* OPENSSL_ALL || WOLFSSL_QT */ 3437 3487 #ifdef OPENSSL_EXTRA … … 3460 3510 } 3461 3511 #endif /* OPENSSL_ALL */ 3512 #if defined(WOLFSSL_CERT_REQ) && defined(OPENSSL_ALL) 3513 if (x509->challengePwAttr) { 3514 wolfSSL_X509_ATTRIBUTE_free(x509->challengePwAttr); 3515 } 3516 #endif /* WOLFSSL_CERT_REQ */ 3462 3517 if (x509->altNames) { 3463 3518 FreeAltNames(x509->altNames, x509->heap); … … 3571 3626 #ifndef NO_RSA 3572 3627 #ifndef WOLFSSL_NO_TLS12 3573 #if !defined(NO_WOLFSSL_SERVER) || (!defined(NO_WOLFSSL_CLIENT) && \ 3574 !defined(WOLFSSL_NO_CLIENT_AUTH)) 3628 #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT) 3575 3629 static int TypeHash(int hashAlgo) 3576 3630 { … … 4257 4311 #endif 4258 4312 { 4259 ret = wc_ecc_shared_secret(priv_key, pub_key, out, outlen); 4313 #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ 4314 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ 4315 !defined(HAVE_SELFTEST) 4316 ret = wc_ecc_set_rng(priv_key, ssl->rng); 4317 if (ret == 0) 4318 #endif 4319 ret = wc_ecc_shared_secret(priv_key, pub_key, out, outlen); 4260 4320 } 4261 4321 … … 4288 4348 4289 4349 /* get key size */ 4290 if (peer == NULL ) {4350 if (peer == NULL || peer->dp == NULL) { 4291 4351 keySz = ssl->eccTempKeySz; 4292 4352 } 4293 4353 else { 4294 4354 keySz = peer->dp->size; 4355 ecc_curve = peer->dp->id; 4295 4356 } 4296 4357 … … 5259 5320 ssl->ctx = ctx; /* only for passing to calls, options could change */ 5260 5321 ssl->version = ctx->method->version; 5322 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 5323 ssl->options.mask = ctx->mask; 5324 #endif 5325 #ifdef OPENSSL_EXTRA 5326 if (ssl->version.minor == TLSv1_3_MINOR && 5327 (ssl->options.mask & SSL_OP_NO_TLSv1_3) == SSL_OP_NO_TLSv1_3) { 5328 if (!ctx->method->downgrade) { 5329 WOLFSSL_MSG("\tInconsistent protocol options. TLS 1.3 set but not " 5330 "allowed and downgrading disabled."); 5331 return VERSION_ERROR; 5332 } 5333 WOLFSSL_MSG("\tOption set to not allow TLSv1.3, Downgrading"); 5334 ssl->version.minor = TLSv1_2_MINOR; 5335 } 5336 if (ssl->version.minor == TLSv1_2_MINOR && 5337 (ssl->options.mask & SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2) { 5338 if (!ctx->method->downgrade) { 5339 WOLFSSL_MSG("\tInconsistent protocol options. TLS 1.2 set but not " 5340 "allowed and downgrading disabled."); 5341 return VERSION_ERROR; 5342 } 5343 WOLFSSL_MSG("\tOption set to not allow TLSv1.2, Downgrading"); 5344 ssl->version.minor = TLSv1_1_MINOR; 5345 } 5346 if (ssl->version.minor == TLSv1_1_MINOR && 5347 (ssl->options.mask & SSL_OP_NO_TLSv1_1) == SSL_OP_NO_TLSv1_1) { 5348 if (!ctx->method->downgrade) { 5349 WOLFSSL_MSG("\tInconsistent protocol options. TLS 1.1 set but not " 5350 "allowed and downgrading disabled."); 5351 return VERSION_ERROR; 5352 } 5353 WOLFSSL_MSG("\tOption set to not allow TLSv1.1, Downgrading"); 5354 ssl->options.tls1_1 = 0; 5355 ssl->version.minor = TLSv1_MINOR; 5356 } 5357 if (ssl->version.minor == TLSv1_MINOR && 5358 (ssl->options.mask & SSL_OP_NO_TLSv1) == SSL_OP_NO_TLSv1) { 5359 if (!ctx->method->downgrade) { 5360 WOLFSSL_MSG("\tInconsistent protocol options. TLS 1 set but not " 5361 "allowed and downgrading disabled."); 5362 return VERSION_ERROR; 5363 } 5364 WOLFSSL_MSG("\tOption set to not allow TLSv1, Downgrading"); 5365 ssl->options.tls = 0; 5366 ssl->options.tls1_1 = 0; 5367 ssl->version.minor = SSLv3_MINOR; 5368 } 5369 if (ssl->version.minor == SSLv3_MINOR && 5370 (ssl->options.mask & SSL_OP_NO_SSLv3) == SSL_OP_NO_SSLv3) { 5371 WOLFSSL_MSG("\tError, option set to not allow SSLv3"); 5372 return VERSION_ERROR; 5373 } 5374 5375 if (ssl->version.minor < ssl->options.minDowngrade) { 5376 WOLFSSL_MSG("\tversion below minimum allowed, fatal error"); 5377 return VERSION_ERROR; 5378 } 5379 #endif 5261 5380 5262 5381 #ifdef HAVE_ECC … … 5269 5388 5270 5389 #ifdef OPENSSL_EXTRA 5271 ssl->options.mask = ctx->mask;5272 5390 ssl->CBIS = ctx->CBIS; 5273 5391 #endif … … 5285 5403 5286 5404 #ifndef NO_PSK 5287 ssl->options.havePSK = ctx->havePSK;5405 ssl->options.havePSK = ctx->havePSK; 5288 5406 ssl->options.client_psk_cb = ctx->client_psk_cb; 5289 5407 ssl->options.server_psk_cb = ctx->server_psk_cb; 5408 ssl->options.psk_ctx = ctx->psk_ctx; 5290 5409 #ifdef WOLFSSL_TLS13 5291 5410 ssl->options.client_psk_tls13_cb = ctx->client_psk_tls13_cb; … … 5350 5469 ssl->buffers.keyType = ctx->privateKeyType; 5351 5470 ssl->buffers.keyId = ctx->privateKeyId; 5471 ssl->buffers.keyLabel = ctx->privateKeyLabel; 5352 5472 ssl->buffers.keySz = ctx->privateKeySz; 5353 5473 ssl->buffers.keyDevId = ctx->privateKeyDevId; … … 5391 5511 } 5392 5512 } /* writeDup check */ 5513 5514 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 5515 if (ctx->mask != 0 && wolfSSL_set_options(ssl, ctx->mask) == 0) { 5516 WOLFSSL_MSG("wolfSSL_set_options error"); 5517 return BAD_FUNC_ARG; 5518 } 5519 #endif 5393 5520 5394 5521 #ifdef WOLFSSL_SESSION_EXPORT … … 5687 5814 #endif 5688 5815 5816 #if defined(WOLFSSL_OPENVPN) && defined(HAVE_KEYING_MATERIAL) 5817 /* Save arrays by default for OpenVPN */ 5818 ssl->options.saveArrays = 1; 5819 #endif 5689 5820 5690 5821 ssl->cipher.ssl = ssl; … … 5695 5826 ssl->options.useClientOrder = ctx->useClientOrder; 5696 5827 ssl->options.mutualAuth = ctx->mutualAuth; 5828 5829 #ifdef WOLFSSL_STATIC_EPHEMERAL 5830 ssl->staticKE = ctx->staticKE; 5831 #endif 5697 5832 5698 5833 #ifdef WOLFSSL_TLS13 … … 5871 6006 5872 6007 #ifdef HAVE_SESSION_TICKET 6008 ssl->options.noTicketTls12 = ctx->noTicketTls12; 5873 6009 ssl->session.ticket = ssl->session.staticTicket; 5874 6010 #endif … … 6045 6181 6046 6182 /* Allocate memory for key */ 6047 *pKey = XMALLOC(sz, ssl->heap, type);6183 *pKey = (void *)XMALLOC(sz, ssl->heap, type); 6048 6184 if (*pKey == NULL) { 6049 6185 return MEMORY_E; … … 6192 6328 ssl->async.freeArgs = NULL; 6193 6329 } 6330 FreeBuildMsgArgs(ssl, &ssl->async.buildArgs); 6194 6331 #endif 6195 6332 } … … 6289 6426 #endif /* WOLFSSL_DTLS */ 6290 6427 #ifdef OPENSSL_EXTRA 6428 #ifndef NO_BIO 6291 6429 if (ssl->biord != ssl->biowr) /* only free write if different */ 6292 6430 wolfSSL_BIO_free(ssl->biowr); … … 6294 6432 ssl->biowr = NULL; 6295 6433 ssl->biord = NULL; 6434 #endif 6296 6435 #endif 6297 6436 #ifdef HAVE_LIBZ … … 6424 6563 } 6425 6564 #endif 6565 #ifdef WOLFSSL_STATIC_EPHEMERAL 6566 #ifndef NO_DH 6567 if (ssl->staticKE.dhKey && ssl->staticKE.dhKey != ssl->ctx->staticKE.dhKey) 6568 FreeDer(&ssl->staticKE.dhKey); 6569 #endif 6570 #ifdef HAVE_ECC 6571 if (ssl->staticKE.ecKey && ssl->staticKE.ecKey != ssl->ctx->staticKE.ecKey) 6572 FreeDer(&ssl->staticKE.ecKey); 6573 #endif 6574 #endif 6426 6575 6427 6576 #ifdef WOLFSSL_STATIC_MEMORY … … 6471 6620 void FreeHandshakeResources(WOLFSSL* ssl) 6472 6621 { 6622 WOLFSSL_ENTER("FreeHandshakeResources"); 6623 6624 #ifdef WOLFSSL_DTLS 6625 /* DTLS_POOL */ 6626 if (ssl->options.dtls) { 6627 DtlsMsgPoolReset(ssl); 6628 DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap); 6629 ssl->dtls_rx_msg_list = NULL; 6630 ssl->dtls_rx_msg_list_sz = 0; 6631 } 6632 #endif 6473 6633 6474 6634 #ifdef HAVE_SECURE_RENEGOTIATION … … 6515 6675 } 6516 6676 } 6517 6518 #ifdef WOLFSSL_DTLS6519 /* DTLS_POOL */6520 if (ssl->options.dtls) {6521 DtlsMsgPoolReset(ssl);6522 DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap);6523 ssl->dtls_rx_msg_list = NULL;6524 ssl->dtls_rx_msg_list_sz = 0;6525 }6526 #endif6527 6677 6528 6678 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) && \ … … 6566 6716 #ifdef HAVE_ECC 6567 6717 dtype = DYNAMIC_TYPE_ECC; 6718 #elif defined(HAVE_CURVE25519) 6719 dtype = DYNAMIC_TYPE_CURVE25519; 6720 #else 6721 dtype = DYNAMIC_TYPE_CURVE448; 6568 6722 #endif 6569 #ifdef HAVE_CURVE25519 6570 #ifdef HAVE_ECC 6723 #if defined(HAVE_ECC) && defined(HAVE_CURVE25519) 6571 6724 if (ssl->peerX25519KeyPresent || 6572 6725 ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE25519) 6573 #endif /* HAVE_ECC */6574 6726 { 6575 6727 dtype = DYNAMIC_TYPE_CURVE25519; 6576 6728 } 6577 #endif /* HAVE_CURVE25519 */6578 #if def HAVE_CURVE4486579 #ifdef HAVE_ECC6729 #endif 6730 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 6731 defined(HAVE_CURVE448) 6580 6732 if (ssl->peerX448KeyPresent || 6581 6733 ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE448) 6582 #endif /* HAVE_ECC */6583 6734 { 6584 6735 dtype = DYNAMIC_TYPE_CURVE448; 6585 6736 } 6586 #endif /* HAVE_CURVE448 */6737 #endif 6587 6738 FreeKey(ssl, dtype, (void**)&ssl->eccTempKey); 6588 6739 ssl->eccTempKeyPresent = 0; … … 6701 6852 6702 6853 #if !defined(NO_OLD_TLS) || defined(WOLFSSL_DTLS) || \ 6854 !defined(WOLFSSL_NO_TLS12) || \ 6703 6855 ((defined(HAVE_CHACHA) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM)) \ 6704 6856 && defined(HAVE_AEAD)) … … 6730 6882 static WC_INLINE void DtlsGetSEQ(WOLFSSL* ssl, int order, word32 seq[2]) 6731 6883 { 6884 #ifdef HAVE_SECURE_RENEGOTIATION 6885 order = DtlsCheckOrder(ssl, order); 6886 #endif 6732 6887 if (order == PREV_ORDER) { 6733 6888 /* Previous epoch case */ … … 6775 6930 { 6776 6931 word32 seq; 6932 #ifdef HAVE_SECURE_RENEGOTIATION 6933 order = DtlsCheckOrder(ssl, order); 6934 #endif 6777 6935 6778 6936 if (order == PREV_ORDER) { … … 6801 6959 6802 6960 #if defined(WOLFSSL_DTLS) || !defined(WOLFSSL_NO_TLS12) 6803 static WC_INLINEvoid WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out)6961 void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out) 6804 6962 { 6805 6963 word32 seq[2] = {0, 0}; … … 6818 6976 } 6819 6977 #endif /* WOLFSSL_DTLS || !WOLFSSL_NO_TLS12 */ 6820 #endif /* !NO_OLD_TLS || WOLFSSL_DTLS || 6978 #endif /* !NO_OLD_TLS || WOLFSSL_DTLS || !WOLFSSL_NO_TLS12 || 6821 6979 * ((HAVE_CHACHA || HAVE_AESCCM || HAVE_AESGCM) && HAVE_AEAD) */ 6822 6980 … … 6833 6991 { 6834 6992 DtlsMsg* msg; 6993 WOLFSSL_ENTER("DtlsMsgNew()"); 6835 6994 6836 6995 (void)heap; … … 6858 7017 { 6859 7018 (void)heap; 7019 WOLFSSL_ENTER("DtlsMsgDelete()"); 6860 7020 6861 7021 if (item != NULL) { … … 6876 7036 { 6877 7037 DtlsMsg* next; 7038 WOLFSSL_ENTER("DtlsMsgListDelete()"); 6878 7039 while (head) { 6879 7040 next = head->next; … … 6883 7044 } 6884 7045 7046 /** 7047 * Drop messages when they are no longer going to be retransmitted 7048 */ 7049 void DtlsTxMsgListClean(WOLFSSL* ssl) 7050 { 7051 DtlsMsg* head = ssl->dtls_tx_msg_list; 7052 DtlsMsg* next; 7053 WOLFSSL_ENTER("DtlsTxMsgListClean()"); 7054 while (head) { 7055 next = head->next; 7056 if (VerifyForTxDtlsMsgDelete(ssl, head)) 7057 DtlsMsgDelete(head, ssl->heap); 7058 else 7059 /* Stored packets should be in order so break on first failed 7060 * verify */ 7061 break; 7062 ssl->dtls_tx_msg_list_sz--; 7063 /* Reset timer as deleting a node means that state has progressed */ 7064 ssl->dtls_timeout = ssl->dtls_timeout_init; 7065 head = next; 7066 } 7067 ssl->dtls_tx_msg_list = head; 7068 } 6885 7069 6886 7070 /* Create a DTLS Fragment from *begin - end, adjust new *begin and bytesLeft */ … … 6890 7074 DtlsFrag* newFrag; 6891 7075 word32 added = end - *begin + 1; 7076 7077 WOLFSSL_ENTER("CreateFragment()"); 6892 7078 6893 7079 (void)heap; … … 6908 7094 6909 7095 6910 int DtlsMsgSet(DtlsMsg* msg, word32 seq, const byte* data, byte type,7096 int DtlsMsgSet(DtlsMsg* msg, word32 seq, word16 epoch, const byte* data, byte type, 6911 7097 word32 fragOffset, word32 fragSz, void* heap) 6912 7098 { 7099 WOLFSSL_ENTER("DtlsMsgSet()"); 6913 7100 if (msg != NULL && data != NULL && msg->fragSz <= msg->sz && 6914 7101 (fragOffset + fragSz) <= msg->sz) { … … 6921 7108 6922 7109 msg->seq = seq; 7110 msg->epoch = epoch; 6923 7111 msg->type = type; 6924 7112 … … 7009 7197 7010 7198 7011 DtlsMsg* DtlsMsgFind(DtlsMsg* head, word32 seq)7199 DtlsMsg* DtlsMsgFind(DtlsMsg* head, word32 epoch, word32 seq) 7012 7200 { 7013 while (head != NULL && head->seq != seq) { 7201 WOLFSSL_ENTER("DtlsMsgFind()"); 7202 while (head != NULL && !(head->epoch == epoch && head->seq == seq)) { 7014 7203 head = head->next; 7015 7204 } … … 7018 7207 7019 7208 7020 void DtlsMsgStore(WOLFSSL* ssl, word32 seq, const byte* data,7209 void DtlsMsgStore(WOLFSSL* ssl, word32 epoch, word32 seq, const byte* data, 7021 7210 word32 dataSz, byte type, word32 fragOffset, word32 fragSz, void* heap) 7022 7211 { … … 7039 7228 7040 7229 DtlsMsg* head = ssl->dtls_rx_msg_list; 7230 WOLFSSL_ENTER("DtlsMsgStore()"); 7041 7231 7042 7232 if (head != NULL) { 7043 DtlsMsg* cur = DtlsMsgFind(head, seq);7233 DtlsMsg* cur = DtlsMsgFind(head, epoch, seq); 7044 7234 if (cur == NULL) { 7045 7235 cur = DtlsMsgNew(dataSz, heap); 7046 7236 if (cur != NULL) { 7047 if (DtlsMsgSet(cur, seq, data, type,7048 7237 if (DtlsMsgSet(cur, seq, epoch, data, type, 7238 fragOffset, fragSz, heap) < 0) { 7049 7239 DtlsMsgDelete(cur, heap); 7050 7240 } … … 7057 7247 else { 7058 7248 /* If this fails, the data is just dropped. */ 7059 DtlsMsgSet(cur, seq, data, type, fragOffset, fragSz, heap); 7249 DtlsMsgSet(cur, seq, epoch, data, type, fragOffset, 7250 fragSz, heap); 7060 7251 } 7061 7252 } 7062 7253 else { 7063 7254 head = DtlsMsgNew(dataSz, heap); 7064 if (DtlsMsgSet(head, seq, data, type, fragOffset, fragSz, heap) < 0) { 7255 if (DtlsMsgSet(head, seq, epoch, data, type, fragOffset, 7256 fragSz, heap) < 0) { 7065 7257 DtlsMsgDelete(head, heap); 7066 7258 head = NULL; … … 7078 7270 DtlsMsg* DtlsMsgInsert(DtlsMsg* head, DtlsMsg* item) 7079 7271 { 7080 if (head == NULL || item->seq < head->seq) { 7272 WOLFSSL_ENTER("DtlsMsgInsert()"); 7273 if (head == NULL || (item->epoch <= head->epoch && 7274 item->seq < head->seq)) { 7081 7275 item->next = head; 7082 7276 head = item; … … 7089 7283 DtlsMsg* prev = head; 7090 7284 while (cur) { 7091 if (item->seq < cur->seq) { 7285 if (item->epoch <= cur->epoch && 7286 item->seq < cur->seq) { 7092 7287 item->next = cur; 7093 7288 prev->next = item; … … 7106 7301 7107 7302 7108 /* DtlsMsgPoolSave() adds the message to the end of the stored transmit list. */ 7109 int DtlsMsgPoolSave(WOLFSSL* ssl, const byte* data, word32 dataSz) 7303 /** 7304 * DtlsMsgPoolSave() adds the message to the end of the stored transmit 7305 * list. Must be called BEFORE BuildMessage or DtlsSEQIncrement or 7306 * anything else that increments ssl->keys.dtls_handshake_number. 7307 */ 7308 int DtlsMsgPoolSave(WOLFSSL* ssl, const byte* data, word32 dataSz, 7309 enum HandShakeType type) 7110 7310 { 7111 7311 DtlsMsg* item; … … 7126 7326 XMEMCPY(item->buf, data, dataSz); 7127 7327 item->sz = dataSz; 7128 item->seq = ssl->keys.dtls_epoch; 7328 item->epoch = ssl->keys.dtls_epoch; 7329 item->seq = ssl->keys.dtls_handshake_number; 7330 item->type = type; 7129 7331 7130 7332 if (cur == NULL) … … 7149 7351 { 7150 7352 int result = -1; 7353 WOLFSSL_ENTER("DtlsMsgPoolTimeout()"); 7151 7354 if (ssl->dtls_timeout < ssl->dtls_timeout_max) { 7152 7355 ssl->dtls_timeout *= DTLS_TIMEOUT_MULTIPLIER; … … 7168 7371 ssl->dtls_tx_msg = NULL; 7169 7372 ssl->dtls_tx_msg_list_sz = 0; 7170 ssl->dtls_timeout = ssl->dtls_timeout_init;7171 }7373 } 7374 ssl->dtls_timeout = ssl->dtls_timeout_init; 7172 7375 } 7173 7376 … … 7186 7389 ((!ssl->options.verifyPeer) && (type == client_key_exchange)))) || 7187 7390 ((ssl->options.side == WOLFSSL_CLIENT_END) && 7188 (type == server_hello)))); 7391 (type == hello_request || type == server_hello)))); 7392 } 7393 7394 7395 /** 7396 * Verify if message `item` from `ssl->dtls_tx_msg_list` should be deleted 7397 * depending on the current state of the handshake negotiation. 7398 */ 7399 int VerifyForTxDtlsMsgDelete(WOLFSSL* ssl, DtlsMsg* item) 7400 { 7401 WOLFSSL_ENTER("VerifyForTxDtlsMsgDelete()"); 7402 if (item->epoch < ssl->keys.dtls_epoch - 1) 7403 /* Messages not from current or previous epoch can be deleted */ 7404 return 1; 7405 switch (ssl->options.side) { 7406 case WOLFSSL_CLIENT_END: 7407 if (item->type == client_hello && 7408 ssl->options.serverState >= SERVER_HELLODONE_COMPLETE) 7409 return 1; /* client can forget first client_hello if received full 7410 * flight of packets from server */ 7411 else 7412 return 0; 7413 case WOLFSSL_SERVER_END: 7414 if (ssl->options.clientState >= CLIENT_HELLO_COMPLETE && 7415 item->type == hello_request) 7416 return 1; /* Server can forget HelloRequest if client sent a valid 7417 * ClientHello */ 7418 if (ssl->options.clientState >= CLIENT_FINISHED_COMPLETE && 7419 item->type <= server_hello_done) 7420 return 1; /* server can forget everything up to ServerHelloDone if 7421 * a client finished message has been received and 7422 * successfully processed */ 7423 else 7424 return 0; 7425 default: 7426 return 0; 7427 } 7189 7428 } 7190 7429 … … 7196 7435 int ret = 0; 7197 7436 DtlsMsg* pool; 7437 int epochOrder; 7198 7438 7199 7439 WOLFSSL_ENTER("DtlsMsgPoolSend()"); … … 7203 7443 if (pool != NULL) { 7204 7444 if ((ssl->options.side == WOLFSSL_SERVER_END && 7205 !(ssl->options.acceptState == SERVER_HELLO_DONE || 7445 !(ssl->options.acceptState == ACCEPT_BEGIN_RENEG || 7446 ssl->options.acceptState == SERVER_HELLO_DONE || 7206 7447 ssl->options.acceptState == ACCEPT_FINISHED_DONE || 7207 7448 ssl->options.acceptState == ACCEPT_THIRD_REPLY_DONE)) || … … 7218 7459 7219 7460 while (pool != NULL) { 7220 if (pool-> seq== 0) {7461 if (pool->epoch == 0) { 7221 7462 DtlsRecordLayerHeader* dtls; 7222 int epochOrder;7223 7463 7224 7464 dtls = (DtlsRecordLayerHeader*)pool->buf; … … 7238 7478 } 7239 7479 7240 XMEMCPY(ssl->buffers.outputBuffer.buffer, 7480 XMEMCPY(ssl->buffers.outputBuffer.buffer + 7481 ssl->buffers.outputBuffer.idx + 7482 ssl->buffers.outputBuffer.length, 7241 7483 pool->buf, pool->sz); 7242 ssl->buffers.outputBuffer. idx = 0;7243 ssl->buffers.outputBuffer.length = pool->sz;7244 }7245 else if (pool->seq == ssl->keys.dtls_epoch) {7484 ssl->buffers.outputBuffer.length += pool->sz; 7485 } 7486 else { 7487 /* Handle sending packets from previous epoch */ 7246 7488 byte* input; 7247 7489 byte* output; … … 7251 7493 inputSz = pool->sz; 7252 7494 sendSz = inputSz + MAX_MSG_EXTRA; 7495 7496 #ifdef HAVE_SECURE_RENEGOTIATION 7497 /* 7498 * CUR_ORDER will use ssl->secure_renegotiation from epoch 2+. 7499 * ssl->keys otherwise 7500 * PREV_ORDER will always use ssl->keys 7501 */ 7502 if (DtlsSCRKeysSet(ssl)) { 7503 if (pool->epoch == ssl->secure_renegotiation->tmp_keys.dtls_epoch) 7504 epochOrder = CUR_ORDER; 7505 else 7506 epochOrder = PREV_ORDER; 7507 } 7508 else { 7509 epochOrder = CUR_ORDER; 7510 } 7511 #else 7512 epochOrder = CUR_ORDER; 7513 #endif 7514 7253 7515 7254 7516 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) { … … 7259 7521 output = ssl->buffers.outputBuffer.buffer + 7260 7522 ssl->buffers.outputBuffer.length; 7261 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 7262 handshake, 0, 0, 0); 7523 if (inputSz != ENUM_LEN) 7524 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 7525 handshake, 0, 0, 0, epochOrder); 7526 else 7527 /* inputSz == ENUM_LEN must mean that this is a change cipher 7528 * spec message */ 7529 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 7530 change_cipher_spec, 0, 0, 0, epochOrder); 7531 7263 7532 if (sendSz < 0) { 7264 7533 WOLFSSL_ERROR(BUILD_MSG_ERROR); … … 7269 7538 } 7270 7539 7271 ret = SendBuffered(ssl); 7272 if (ret < 0) { 7273 WOLFSSL_ERROR(ret); 7274 return ret; 7275 } 7540 7541 if (!ssl->options.groupMessages) 7542 ret = SendBuffered(ssl); 7276 7543 7277 7544 /** … … 7284 7551 */ 7285 7552 if (sendOnlyFirstPacket && 7286 ssl->options.side == WOLFSSL_SERVER_END) { 7287 7553 ssl->options.side == WOLFSSL_SERVER_END) 7288 7554 pool = NULL; 7289 }7290 7555 else 7291 7556 pool = pool->next; 7292 7557 ssl->dtls_tx_msg = pool; 7293 7558 } 7559 7560 if (ret == 0 && ssl->options.groupMessages) 7561 ret = SendBuffered(ssl); 7294 7562 } 7295 7563 … … 7398 7666 word32 LowResTimer(void) 7399 7667 { 7400 const uint32_tsystemTickTimeInHz = 1000000 / systemTickInMicroseconds();7401 uint32_t*systemTickPtr = systemTickPointer();7668 const word32 systemTickTimeInHz = 1000000 / systemTickInMicroseconds(); 7669 word32 *systemTickPtr = systemTickPointer(); 7402 7670 7403 7671 return (word32) *systemTickPtr/systemTickTimeInHz; … … 7543 7811 { 7544 7812 return k_uptime_get() / 1000; 7813 } 7814 7815 #elif defined(WOLFSSL_LINUXKM) 7816 #include <linux/time.h> 7817 #include <linux/ktime.h> 7818 word32 LowResTimer(void) 7819 { 7820 return (word32)ktime_get_real_ns(); 7545 7821 } 7546 7822 … … 7590 7866 #endif /* (HAVE_ED25519 || HAVE_ED448) && !WOLFSSL_NO_CLIENT_AUTH */ 7591 7867 7592 #ifndef NO_CERTS 7593 int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz) 7868 int HashRaw(WOLFSSL* ssl, const byte* data, int sz) 7594 7869 { 7595 7870 int ret = 0; 7596 7871 7597 (void) output;7872 (void)data; 7598 7873 (void)sz; 7599 7874 7600 if (ssl->hsHashes == NULL) 7875 if (ssl->hsHashes == NULL) { 7601 7876 return BAD_FUNC_ARG; 7602 7603 #ifdef HAVE_FUZZER 7604 if (ssl->fuzzerCb) 7605 ssl->fuzzerCb(ssl, output, sz, FUZZ_HASH, ssl->fuzzerCtx); 7606 #endif 7877 } 7878 7607 7879 #ifndef NO_OLD_TLS 7608 7880 #ifndef NO_SHA 7609 wc_ShaUpdate(&ssl->hsHashes->hashSha, output, sz);7881 wc_ShaUpdate(&ssl->hsHashes->hashSha, data, sz); 7610 7882 #endif 7611 7883 #ifndef NO_MD5 7612 wc_Md5Update(&ssl->hsHashes->hashMd5, output, sz);7884 wc_Md5Update(&ssl->hsHashes->hashMd5, data, sz); 7613 7885 #endif 7614 7886 #endif /* NO_OLD_TLS */ … … 7616 7888 if (IsAtLeastTLSv1_2(ssl)) { 7617 7889 #ifndef NO_SHA256 7618 ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, output, sz);7890 ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, data, sz); 7619 7891 if (ret != 0) 7620 7892 return ret; 7621 7893 #endif 7622 7894 #ifdef WOLFSSL_SHA384 7623 ret = wc_Sha384Update(&ssl->hsHashes->hashSha384, output, sz);7895 ret = wc_Sha384Update(&ssl->hsHashes->hashSha384, data, sz); 7624 7896 if (ret != 0) 7625 7897 return ret; 7626 7898 #endif 7627 7899 #ifdef WOLFSSL_SHA512 7628 ret = wc_Sha512Update(&ssl->hsHashes->hashSha512, output, sz);7900 ret = wc_Sha512Update(&ssl->hsHashes->hashSha512, data, sz); 7629 7901 if (ret != 0) 7630 7902 return ret; … … 7633 7905 ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \ 7634 7906 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH))) 7635 ret = EdDSA_Update(ssl, output, sz);7907 ret = EdDSA_Update(ssl, data, sz); 7636 7908 if (ret != 0) 7637 7909 return ret; … … 7641 7913 return ret; 7642 7914 } 7643 #endif /* NO_CERTS */7644 7645 7915 7646 7916 /* add output to md5 and sha handshake hashes, exclude record header */ 7647 7917 int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz) 7648 7918 { 7649 int ret = 0;7650 7919 const byte* adj; 7651 7920 … … 7666 7935 } 7667 7936 #endif 7668 #ifndef NO_OLD_TLS 7669 #ifndef NO_SHA 7670 wc_ShaUpdate(&ssl->hsHashes->hashSha, adj, sz); 7671 #endif 7672 #ifndef NO_MD5 7673 wc_Md5Update(&ssl->hsHashes->hashMd5, adj, sz); 7674 #endif 7675 #endif 7676 7677 if (IsAtLeastTLSv1_2(ssl)) { 7678 #ifndef NO_SHA256 7679 ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, adj, sz); 7680 if (ret != 0) 7681 return ret; 7682 #endif 7683 #ifdef WOLFSSL_SHA384 7684 ret = wc_Sha384Update(&ssl->hsHashes->hashSha384, adj, sz); 7685 if (ret != 0) 7686 return ret; 7687 #endif 7688 #ifdef WOLFSSL_SHA512 7689 ret = wc_Sha512Update(&ssl->hsHashes->hashSha512, adj, sz); 7690 if (ret != 0) 7691 return ret; 7692 #endif 7693 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \ 7694 ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \ 7695 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH))) 7696 ret = EdDSA_Update(ssl, adj, sz); 7697 if (ret != 0) 7698 return ret; 7699 #endif 7700 } 7701 7702 return ret; 7937 7938 return HashRaw(ssl, adj, sz); 7703 7939 } 7704 7940 … … 7707 7943 int HashInput(WOLFSSL* ssl, const byte* input, int sz) 7708 7944 { 7709 int ret = 0;7710 7945 const byte* adj; 7946 7947 if (ssl->hsHashes == NULL) { 7948 return BAD_FUNC_ARG; 7949 } 7711 7950 7712 7951 adj = input - HANDSHAKE_HEADER_SZ; 7713 7952 sz += HANDSHAKE_HEADER_SZ; 7714 7715 (void)adj;7716 7953 7717 7954 #ifdef WOLFSSL_DTLS … … 7722 7959 #endif 7723 7960 7724 if (ssl->hsHashes == NULL) { 7725 return BAD_FUNC_ARG; 7726 } 7727 7728 #ifndef NO_OLD_TLS 7729 #ifndef NO_SHA 7730 wc_ShaUpdate(&ssl->hsHashes->hashSha, adj, sz); 7731 #endif 7732 #ifndef NO_MD5 7733 wc_Md5Update(&ssl->hsHashes->hashMd5, adj, sz); 7734 #endif 7735 #endif 7736 7737 if (IsAtLeastTLSv1_2(ssl)) { 7738 #ifndef NO_SHA256 7739 ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, adj, sz); 7740 if (ret != 0) 7741 return ret; 7742 #endif 7743 #ifdef WOLFSSL_SHA384 7744 ret = wc_Sha384Update(&ssl->hsHashes->hashSha384, adj, sz); 7745 if (ret != 0) 7746 return ret; 7747 #endif 7748 #ifdef WOLFSSL_SHA512 7749 ret = wc_Sha512Update(&ssl->hsHashes->hashSha512, adj, sz); 7750 if (ret != 0) 7751 return ret; 7752 #endif 7753 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \ 7754 ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \ 7755 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH))) 7756 ret = EdDSA_Update(ssl, adj, sz); 7757 if (ret != 0) 7758 return ret; 7759 #endif 7760 } 7761 7762 return ret; 7961 return HashRaw(ssl, adj, sz); 7763 7962 } 7764 7963 7765 7964 7766 7965 /* add record layer header for message */ 7767 static void AddRecordHeader(byte* output, word32 length, byte type, WOLFSSL* ssl )7966 static void AddRecordHeader(byte* output, word32 length, byte type, WOLFSSL* ssl, int epochOrder) 7768 7967 { 7769 7968 RecordLayerHeader* rl; 7969 7970 (void)epochOrder; 7770 7971 7771 7972 /* record layer header */ … … 7778 7979 #ifdef WOLFSSL_TLS13 7779 7980 if (IsAtLeastTLSv1_3(ssl->version)) { 7780 #ifdef WOLFSSL_TLS13_DRAFT_187781 rl->pvMinor = TLSv1_MINOR;7782 #else7783 7981 rl->pvMinor = TLSv1_2_MINOR; 7784 #endif7785 7982 } 7786 7983 else … … 7806 8003 /* dtls record layer header extensions */ 7807 8004 dtls = (DtlsRecordLayerHeader*)output; 7808 WriteSEQ(ssl, 0, dtls->sequence_number);8005 WriteSEQ(ssl, epochOrder, dtls->sequence_number); 7809 8006 c16toa((word16)length, dtls->length); 7810 8007 #endif … … 7858 8055 #endif 7859 8056 7860 AddRecordHeader(output, length + lengthAdj, handshake, ssl );8057 AddRecordHeader(output, length + lengthAdj, handshake, ssl, CUR_ORDER); 7861 8058 AddHandShakeHeader(output + outputAdj, length, 0, length, type, ssl); 7862 8059 } … … 7881 8078 #endif 7882 8079 7883 AddRecordHeader(output, fragSz + lengthAdj, handshake, ssl );8080 AddRecordHeader(output, fragSz + lengthAdj, handshake, ssl, CUR_ORDER); 7884 8081 AddHandShakeHeader(output + outputAdj, length, fragOffset, fragSz, type, ssl); 7885 8082 } … … 7904 8101 case WOLFSSL_CBIO_ERR_GENERAL: /* general/unknown error */ 7905 8102 #if defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD) 8103 #ifndef NO_BIO 7906 8104 if (ssl->biord) { 7907 8105 /* If retry and read flags are set, return WANT_READ */ … … 7911 8109 } 7912 8110 } 8111 #endif 7913 8112 #endif 7914 8113 return -1; … … 7953 8152 #ifdef WOLFSSL_DTLS 7954 8153 if (IsDtlsNotSctpMode(ssl) && 7955 !ssl->options.handShakeDone&&8154 ssl->options.handShakeState != HANDSHAKE_DONE && 7956 8155 DtlsMsgPoolTimeout(ssl) == 0 && 7957 8156 DtlsMsgPoolSend(ssl, 0) == 0) { … … 8236 8435 8237 8436 8238 /* check available size into output buffer, make room if needed */ 8437 /* Check available size into output buffer, make room if needed. 8438 * This function needs to be called before anything gets put 8439 * into the output buffers since it flushes pending data if it 8440 * predicts that the msg will exceed MTU. */ 8239 8441 int CheckAvailableSize(WOLFSSL *ssl, int size) 8240 8442 { … … 8243 8445 return BAD_FUNC_ARG; 8244 8446 } 8447 8448 #ifdef WOLFSSL_DTLS 8449 if (ssl->options.dtls && 8450 size + ssl->buffers.outputBuffer.length - 8451 ssl->buffers.outputBuffer.idx > ssl->dtls_expected_rx) { 8452 int ret; 8453 WOLFSSL_MSG("CheckAvailableSize() flushing buffer " 8454 "to make room for new message"); 8455 if ((ret = SendBuffered(ssl)) != 0) { 8456 return ret; 8457 } 8458 } 8459 #endif 8245 8460 8246 8461 if (ssl->buffers.outputBuffer.bufferSize - ssl->buffers.outputBuffer.length … … 8297 8512 8298 8513 #ifdef WOLFSSL_DTLS 8299 if (IsDtlsNotSctpMode(ssl) && !DtlsCheckWindow(ssl)) { 8514 if (IsDtlsNotSctpMode(ssl)) { 8515 if (!DtlsCheckWindow(ssl) || 8516 (rh->type == application_data && ssl->keys.curEpoch == 0) || 8517 (rh->type == alert && ssl->options.handShakeDone && 8518 ssl->keys.curEpoch == 0 && ssl->keys.dtls_epoch != 0)) { 8300 8519 WOLFSSL_LEAVE("GetRecordHeader()", SEQUENCE_ERROR); 8301 8520 return SEQUENCE_ERROR; 8521 } 8302 8522 } 8303 8523 #endif … … 8309 8529 if (rh->pvMajor != ssl->version.major || 8310 8530 (rh->pvMinor != ssl->version.minor && 8311 #ifdef WOLFSSL_TLS13_DRAFT_188312 (!IsAtLeastTLSv1_3(ssl->version) || rh->pvMinor != TLSv1_MINOR)8313 #else8314 8531 (!IsAtLeastTLSv1_3(ssl->version) || rh->pvMinor != TLSv1_2_MINOR) 8315 #endif8316 8532 )) 8317 8533 #endif … … 9281 9497 9282 9498 9283 /* try to find an altName match to domain, return 1 on success */9284 int CheckAltNames(DecodedCert* dCert, char* domain)9285 {9286 int match = 0;9287 DNS_entry* altName = NULL;9288 9289 WOLFSSL_MSG("Checking AltNames");9290 9291 if (dCert)9292 altName = dCert->altNames;9293 9294 while (altName) {9295 WOLFSSL_MSG("\tindividual AltName check");9296 9297 if (MatchDomainName(altName->name, altName->len, domain)){9298 match = 1;9299 break;9300 }9301 9302 altName = altName->next;9303 }9304 9305 return match;9306 }9307 9308 #ifdef OPENSSL_EXTRA9309 9499 /* Check that alternative names, if they exists, match the domain. 9310 9500 * Fail if there are wild patterns and they didn't match. … … 9314 9504 * domain Domain name to compare against. 9315 9505 * checkCN Whether to check the common name. 9316 * returns whether there was a problem in matching. 9506 * returns 1 : match was found. 9507 * 0 : no match found. 9508 * -1 : No matches and wild pattern match failed. 9317 9509 */ 9318 static int CheckForAltNames(DecodedCert* dCert,char* domain, int* checkCN)9510 int CheckForAltNames(DecodedCert* dCert, const char* domain, int* checkCN) 9319 9511 { 9320 int match;9512 int match = 0; 9321 9513 DNS_entry* altName = NULL; 9514 char *buf; 9515 word32 len; 9322 9516 9323 9517 WOLFSSL_MSG("Checking AltNames"); … … 9326 9520 altName = dCert->altNames; 9327 9521 9328 *checkCN = altName == NULL; 9329 match = 0; 9522 if (checkCN != NULL) { 9523 *checkCN = (altName == NULL) ? 1 : 0; 9524 } 9525 9330 9526 while (altName) { 9527 #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME) 9528 char name[WOLFSSL_MAX_IPSTR] = {0}; 9529 #endif 9530 9331 9531 WOLFSSL_MSG("\tindividual AltName check"); 9332 9532 9333 if (MatchDomainName(altName->name, altName->len, domain)) { 9533 #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME) 9534 /* check if alt name is stored as IP addr octet */ 9535 if (altName->type == ASN_IP_TYPE) { 9536 char tmp[4]; 9537 int i; 9538 word32 idx = 0; 9539 for (i = 0; (idx < WOLFSSL_MAX_IPSTR) && (i < altName->len); i++) { 9540 XMEMSET(tmp, 0, sizeof(tmp)); 9541 XSNPRINTF(tmp, sizeof(tmp), (altName->len <= 4) ? "%u" : "%02X", 9542 altName->name[i]); 9543 idx += (word32)XSTRLEN(tmp); 9544 XSTRNCAT(name, tmp, (altName->len <= 4) ? 3 : 2); 9545 if ((idx < WOLFSSL_MAX_IPSTR ) && ((i + 1) < altName->len)) { 9546 name[idx++] = (altName->len <= 4) ? '.' : ':'; 9547 } 9548 } 9549 if (idx >= WOLFSSL_MAX_IPSTR) { 9550 idx = WOLFSSL_MAX_IPSTR -1; 9551 } 9552 name[idx] = '\0'; 9553 buf = name; 9554 len = (word32)XSTRLEN(name); 9555 } 9556 else 9557 #endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */ 9558 { 9559 buf = altName->name; 9560 len = altName->len; 9561 } 9562 9563 if (MatchDomainName(buf, len, domain)) { 9334 9564 match = 1; 9335 *checkCN = 0; 9565 if (checkCN != NULL) { 9566 *checkCN = 0; 9567 } 9568 WOLFSSL_MSG("\tmatch found"); 9336 9569 break; 9337 9570 } 9338 9571 /* No matches and wild pattern match failed. */ 9339 else if (altName->name && altName->len >=1 && 9340 altName->name[0] == '*' && match == 0) { 9572 else if (buf && (len >=1) && (buf[0] == '*')) { 9341 9573 match = -1; 9574 WOLFSSL_MSG("\twildcard match failed"); 9342 9575 } 9343 9576 … … 9345 9578 } 9346 9579 9347 return match != -1;9580 return match; 9348 9581 } 9582 9349 9583 9350 9584 /* Check the domain name matches the subject alternative name or the subject … … 9356 9590 * returns DOMAIN_NAME_MISMATCH when no match found and 0 on success. 9357 9591 */ 9358 int CheckHostName(DecodedCert* dCert, c har *domainName, size_t domainNameLen)9592 int CheckHostName(DecodedCert* dCert, const char *domainName, size_t domainNameLen) 9359 9593 { 9360 9594 int checkCN; 9595 int ret = DOMAIN_NAME_MISMATCH; 9361 9596 9362 9597 /* Assume name is NUL terminated. */ 9363 9598 (void)domainNameLen; 9364 9599 9365 if (CheckForAltNames(dCert, domainName, &checkCN) == 0) { 9366 WOLFSSL_MSG("DomainName match on alt names failed too"); 9367 return DOMAIN_NAME_MISMATCH; 9368 } 9600 if (CheckForAltNames(dCert, domainName, &checkCN) != 1) { 9601 WOLFSSL_MSG("DomainName match on alt names failed"); 9602 } 9603 else { 9604 ret = 0; 9605 } 9606 9369 9607 if (checkCN == 1) { 9370 9608 if (MatchDomainName(dCert->subjectCN, dCert->subjectCNLen, 9371 domainName) == 0) { 9609 domainName) == 1) { 9610 ret = 0; 9611 } 9612 else { 9372 9613 WOLFSSL_MSG("DomainName match on common name failed"); 9373 return DOMAIN_NAME_MISMATCH; 9374 } 9375 } 9376 9377 return 0; 9614 } 9615 } 9616 9617 return ret; 9378 9618 } 9379 9619 9380 int CheckIPAddr(DecodedCert* dCert, c har* ipasc)9620 int CheckIPAddr(DecodedCert* dCert, const char* ipasc) 9381 9621 { 9382 9622 WOLFSSL_MSG("Checking IPAddr"); … … 9384 9624 return CheckHostName(dCert, ipasc, (size_t)XSTRLEN(ipasc)); 9385 9625 } 9386 #endif 9626 9387 9627 9388 9628 #ifdef SESSION_CERTS … … 9415 9655 return BAD_FUNC_ARG; 9416 9656 9657 if (x509->issuer.name == NULL || x509->subject.name == NULL) { 9658 WOLFSSL_MSG("Either init was not called on X509 or programming error"); 9659 return BAD_FUNC_ARG; 9660 } 9661 9417 9662 x509->version = dCert->version + 1; 9418 9663 … … 9421 9666 x509->issuer.sz = (int)XSTRLEN(x509->issuer.name) + 1; 9422 9667 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 9423 if (dCert->issuerName.fullName != NULL) { 9424 XMEMCPY(&x509->issuer.fullName, 9425 &dCert->issuerName, sizeof(DecodedName)); 9426 x509->issuer.fullName.fullName = (char*)XMALLOC( 9427 dCert->issuerName.fullNameLen, x509->heap, 9428 DYNAMIC_TYPE_X509); 9429 if (x509->issuer.fullName.fullName != NULL) 9430 XMEMCPY(x509->issuer.fullName.fullName, 9431 dCert->issuerName.fullName, dCert->issuerName.fullNameLen); 9432 } 9433 x509->issuer.x509 = x509; 9668 if (dCert->issuerName != NULL) { 9669 wolfSSL_X509_set_issuer_name(x509, 9670 (WOLFSSL_X509_NAME*)dCert->issuerName); 9671 x509->issuer.x509 = x509; 9672 } 9434 9673 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 9435 9674 … … 9438 9677 x509->subject.sz = (int)XSTRLEN(x509->subject.name) + 1; 9439 9678 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 9440 if (dCert->subjectName.fullName != NULL) { 9441 XMEMCPY(&x509->subject.fullName, 9442 &dCert->subjectName, sizeof(DecodedName)); 9443 x509->subject.fullName.fullName = (char*)XMALLOC( 9444 dCert->subjectName.fullNameLen, x509->heap, DYNAMIC_TYPE_X509); 9445 if (x509->subject.fullName.fullName != NULL) 9446 XMEMCPY(x509->subject.fullName.fullName, 9447 dCert->subjectName.fullName, dCert->subjectName.fullNameLen); 9448 } 9449 x509->subject.x509 = x509; 9679 if (dCert->subjectName != NULL) { 9680 wolfSSL_X509_set_subject_name(x509, 9681 (WOLFSSL_X509_NAME*)dCert->subjectName); 9682 x509->subject.x509 = x509; 9683 } 9450 9684 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 9451 9685 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) … … 9466 9700 else 9467 9701 x509->subjectCN[0] = '\0'; 9702 9703 #ifdef WOLFSSL_CERT_REQ 9704 x509->isCSR = dCert->isCSR; 9705 /* CSR attributes */ 9706 if (dCert->cPwd) { 9707 if (dCert->cPwdLen < CTC_NAME_SIZE) { 9708 XMEMCPY(x509->challengePw, dCert->cPwd, dCert->cPwdLen); 9709 x509->challengePw[dCert->cPwdLen] = '\0'; 9710 #ifdef OPENSSL_ALL 9711 if (x509->challengePwAttr) { 9712 wolfSSL_X509_ATTRIBUTE_free(x509->challengePwAttr); 9713 } 9714 x509->challengePwAttr = wolfSSL_X509_ATTRIBUTE_new(); 9715 if (x509->challengePwAttr) { 9716 x509->challengePwAttr->value->value.asn1_string = 9717 wolfSSL_ASN1_STRING_new(); 9718 if (wolfSSL_ASN1_STRING_set( 9719 x509->challengePwAttr->value->value.asn1_string, 9720 dCert->cPwd, dCert->cPwdLen) != WOLFSSL_SUCCESS) { 9721 ret = MEMORY_E; 9722 } 9723 x509->challengePwAttr->value->type = V_ASN1_PRINTABLESTRING; 9724 } 9725 else { 9726 ret = MEMORY_E; 9727 } 9728 #endif 9729 } 9730 else { 9731 WOLFSSL_MSG("Challenge password too long"); 9732 ret = MEMORY_E; 9733 } 9734 } 9735 #endif 9468 9736 9469 9737 #ifdef WOLFSSL_SEP … … 9729 9997 int ret = 0; 9730 9998 OcspRequest* request; 9999 WOLFSSL_ENTER("ProcessCSR"); 9731 10000 9732 10001 #ifdef WOLFSSL_SMALL_STACK 9733 10002 CertStatus* status; 10003 OcspEntry* single; 9734 10004 OcspResponse* response; 9735 10005 #else 9736 10006 CertStatus status[1]; 10007 OcspEntry single[1]; 9737 10008 OcspResponse response[1]; 9738 10009 #endif … … 9764 10035 #ifdef WOLFSSL_SMALL_STACK 9765 10036 status = (CertStatus*)XMALLOC(sizeof(CertStatus), ssl->heap, 9766 DYNAMIC_TYPE_OCSP_STATUS); 10037 DYNAMIC_TYPE_OCSP_STATUS); 10038 single = (OcspEntry*)XMALLOC(sizeof(OcspEntry), ssl->heap, 10039 DYNAMIC_TYPE_OCSP_ENTRY); 9767 10040 response = (OcspResponse*)XMALLOC(sizeof(OcspResponse), ssl->heap, 9768 9769 9770 if (status == NULL || response == NULL) {10041 DYNAMIC_TYPE_OCSP_REQUEST); 10042 10043 if (status == NULL || single == NULL || response == NULL) { 9771 10044 if (status) 9772 XFREE(status, NULL, DYNAMIC_TYPE_OCSP_STATUS); 10045 XFREE(status, ssl->heap, DYNAMIC_TYPE_OCSP_STATUS); 10046 if (single) 10047 XFREE(single, ssl->heap, DYNAMIC_TYPE_OCSP_ENTRY); 9773 10048 if (response) 9774 XFREE(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST);10049 XFREE(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 9775 10050 9776 10051 return MEMORY_ERROR; … … 9778 10053 #endif 9779 10054 9780 InitOcspResponse(response, s tatus, input +*inOutIdx, status_length);10055 InitOcspResponse(response, single, status, input +*inOutIdx, status_length, ssl->heap); 9781 10056 9782 10057 if (OcspResponseDecode(response, ssl->ctx->cm, ssl->heap, 0) != 0) … … 9786 10061 else if (response->responseStatus != OCSP_SUCCESSFUL) 9787 10062 ret = BAD_CERTIFICATE_STATUS_ERROR; 9788 else if (response->s tatus->status == CERT_REVOKED)10063 else if (response->single->status->status == CERT_REVOKED) 9789 10064 ret = OCSP_CERT_REVOKED; 9790 else if (response->s tatus->status != CERT_GOOD)10065 else if (response->single->status->status != CERT_GOOD) 9791 10066 ret = BAD_CERTIFICATE_STATUS_ERROR; 10067 10068 else { 10069 XMEMCPY(ssl->ocspProducedDate, response->producedDate, sizeof ssl->ocspProducedDate); 10070 ssl->ocspProducedDateFormat = response->producedDateFormat; 10071 } 9792 10072 9793 10073 *inOutIdx += status_length; … … 9795 10075 #ifdef WOLFSSL_SMALL_STACK 9796 10076 XFREE(status, ssl->heap, DYNAMIC_TYPE_OCSP_STATUS); 10077 XFREE(single, ssl->heap, DYNAMIC_TYPE_OCSP_ENTRY); 9797 10078 XFREE(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 9798 10079 #endif 9799 10080 10081 WOLFSSL_LEAVE("ProcessCSR", ret); 9800 10082 return ret; 9801 10083 } … … 9876 10158 if (ret == ASN_AFTER_DATE_E || ret == ASN_BEFORE_DATE_E) { 9877 10159 alertWhy = certificate_expired; 10160 } else if (ret == ASN_NO_SIGNER_E) { 10161 alertWhy = unknown_ca; 9878 10162 } 9879 10163 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) … … 9911 10195 { 9912 10196 int verify_ok = 0, use_cb = 0; 9913 void *heap = (ssl != NULL) ? ssl->heap : cm->heap; 10197 void *heap; 10198 10199 if (cm == NULL) { 10200 return BAD_FUNC_ARG; 10201 } 10202 10203 heap = (ssl != NULL) ? ssl->heap : cm->heap; 9914 10204 9915 10205 /* Determine if verify was okay */ … … 9942 10232 /* If altNames names is present, then subject common name is ignored */ 9943 10233 if (args->dCert->altNames != NULL) { 9944 if (Check AltNames(args->dCert, ssl->param->hostName) == 0) {10234 if (CheckForAltNames(args->dCert, ssl->param->hostName, NULL) != 1) { 9945 10235 if (ret == 0) { 9946 10236 ret = DOMAIN_NAME_MISMATCH; … … 9995 10285 char domain[ASN_NAME_MAX]; 9996 10286 #endif 10287 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 10288 int x509Free = 0; 10289 #endif 9997 10290 9998 10291 #ifdef WOLFSSL_SMALL_STACK … … 10044 10337 store->certs = args->certs; 10045 10338 store->totalCerts = args->totalCerts; 10046 #if defined(HAVE_EX_DATA) || defined(FORTRESS) 10339 #if (defined(HAVE_EX_DATA) || defined(FORTRESS)) && \ 10340 (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) 10047 10341 if (wolfSSL_CRYPTO_set_ex_data(&store->ex_data, 0, ssl) 10048 10342 != WOLFSSL_SUCCESS) { … … 10101 10395 if (CopyDecodedToX509(x509, args->dCert) == 0) { 10102 10396 store->current_cert = x509; 10397 x509Free = 1; 10103 10398 } 10104 10399 else { … … 10113 10408 #ifndef NO_WOLFSSL_CM_VERIFY 10114 10409 /* non-zero return code indicates failure override */ 10115 if ( (cm != NULL) && (cm->verifyCallback != NULL)) {10410 if (cm->verifyCallback != NULL) { 10116 10411 store->userCtx = cm; 10117 10412 if (cm->verifyCallback(verify_ok, store)) { … … 10167 10462 } 10168 10463 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 10169 if ( args->certIdx > 0)10464 if (x509Free) { 10170 10465 FreeX509(x509); 10466 } 10171 10467 #endif 10172 10468 #if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA) … … 10562 10858 10563 10859 /* allocate buffer for certs */ 10564 #ifdef OPENSSL_EXTRA10565 args->certs = (buffer*)XMALLOC(sizeof(buffer) *10566 (ssl->verifyDepth + 1), ssl->heap, DYNAMIC_TYPE_DER);10567 if (args->certs == NULL) {10568 ERROR_OUT(MEMORY_E, exit_ppc);10569 }10570 XMEMSET(args->certs, 0, sizeof(buffer) * (ssl->verifyDepth + 1));10571 #else10572 10860 args->certs = (buffer*)XMALLOC(sizeof(buffer) * MAX_CHAIN_DEPTH, 10573 10861 ssl->heap, DYNAMIC_TYPE_DER); … … 10576 10864 } 10577 10865 XMEMSET(args->certs, 0, sizeof(buffer) * MAX_CHAIN_DEPTH); 10578 #endif /* OPENSSL_EXTRA */10579 10866 10580 10867 /* Certificate List */ … … 10597 10884 word32 certSz; 10598 10885 10886 10599 10887 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 10600 if (args->totalCerts > ssl->verifyDepth) {10888 if (args->totalCerts >= MAX_CHAIN_DEPTH) { 10601 10889 ssl->peerVerifyRet = X509_V_ERR_CERT_CHAIN_TOO_LONG; 10602 ERROR_OUT(MAX_CHAIN_ERROR, exit_ppc); 10890 ret = MAX_CHAIN_ERROR; 10891 WOLFSSL_MSG("Too many certs for MAX_CHAIN_DEPTH"); 10892 break; /* break out to avoid reading more certs then buffer 10893 * can hold */ 10603 10894 } 10604 10895 #else … … 10636 10927 word16 extSz; 10637 10928 10929 if (args->exts == NULL) { 10930 ERROR_OUT(BUFFER_ERROR, exit_ppc); 10931 } 10638 10932 if ((args->idx - args->begin) + OPAQUE16_LEN > totalSz) { 10639 10933 ERROR_OUT(BUFFER_ERROR, exit_ppc); … … 10664 10958 args->certIdx = 0; /* select peer cert (first one) */ 10665 10959 10666 if (args->count == 0 && ssl->options.mutualAuth && 10960 if (args->count == 0 && (ssl->options.mutualAuth || 10961 (ssl->options.failNoCert && IsAtLeastTLSv1_3(ssl->version))) && 10667 10962 ssl->options.side == WOLFSSL_SERVER_END) { 10668 10963 ret = NO_PEER_CERT; … … 10837 11132 } 10838 11133 #endif /* HAVE_OCSP || HAVE_CRL */ 10839 11134 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 11135 if (ret == 0 && 11136 /* extend the limit "+1" until reaching 11137 * an ultimately trusted issuer.*/ 11138 args->count > (ssl->verifyDepth + 1)) { 11139 ssl->peerVerifyRet = X509_V_ERR_CERT_CHAIN_TOO_LONG; 11140 ret = MAX_CHAIN_ERROR; 11141 } 11142 #endif 10840 11143 /* Do verify callback */ 10841 11144 ret = DoVerifyCallback(ssl->ctx->cm, ssl, ret, args); 11145 if (ssl->options.verifyNone && 11146 (ret == CRL_MISSING || ret == CRL_CERT_REVOKED)) { 11147 WOLFSSL_MSG("Ignoring CRL problem based on verify setting"); 11148 ret = ssl->error = 0; 11149 } 10842 11150 10843 11151 #ifdef WOLFSSL_ALT_CERT_CHAINS … … 10853 11161 } 10854 11162 10855 ret = 0; /* clear error and continue */ 11163 ret = 0; /* clear errors and continue */ 11164 args->verifyErr = 0; 10856 11165 } 10857 11166 … … 10951 11260 #endif /* SESSION_CERTS && WOLFSSL_ALT_CERT_CHAINS */ 10952 11261 11262 /* Check peer's certificate version number. TLS 1.2 / 1.3 11263 * requires the clients certificate be version 3 unless a 11264 * different version has been negotiated using RFC 7250 */ 11265 if ((ret == 0) && 11266 (ssl->options.side == WOLFSSL_SERVER_END)) { 11267 if (args->dCert->version != WOLFSSL_X509_V3) { 11268 WOLFSSL_MSG("Peers certificate was not version 3!"); 11269 args->lastErr = ASN_VERSION_E; 11270 /* setting last error but not considering it fatal 11271 * giving the user a chance to override */ 11272 } 11273 } 11274 10953 11275 /* check if fatal error */ 10954 11276 if (args->verifyErr) { 10955 11277 args->fatal = 1; 10956 if (ret == 0) { 10957 ret = args->lastErr; 10958 } 11278 ret = args->lastErr; 10959 11279 } 10960 11280 else { … … 10964 11284 else if (ret == ASN_PARSE_E || ret == BUFFER_E) { 10965 11285 WOLFSSL_MSG("Got Peer cert ASN PARSE or BUFFER ERROR"); 11286 #if defined(WOLFSSL_EXTRA_ALERTS) || defined(OPENSSL_EXTRA) || \ 11287 defined(OPENSSL_EXTRA_X509_SMALL) 11288 DoCertFatalAlert(ssl, ret); 11289 #endif 10966 11290 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 10967 SendAlert(ssl, alert_fatal, bad_certificate);10968 11291 ssl->peerVerifyRet = X509_V_ERR_CERT_REJECTED; 10969 11292 #endif … … 10980 11303 /* check if fatal error */ 10981 11304 args->fatal = (args->verifyErr) ? 1 : 0; 11305 #if defined(WOLFSSL_EXTRA_ALERTS) || \ 11306 defined(OPENSSL_EXTRA) || \ 11307 defined(OPENSSL_EXTRA_X509_SMALL) 11308 if (args->fatal) 11309 DoCertFatalAlert(ssl, ret); 11310 #endif 10982 11311 } 10983 11312 else { 10984 11313 WOLFSSL_MSG("\tNo callback override available, fatal"); 10985 11314 args->fatal = 1; 10986 #ifdef OPENSSL_EXTRA 10987 SendAlert(ssl, alert_fatal, bad_certificate); 11315 #if defined(WOLFSSL_EXTRA_ALERTS) || \ 11316 defined(OPENSSL_EXTRA) || \ 11317 defined(OPENSSL_EXTRA_X509_SMALL) 11318 DoCertFatalAlert(ssl, ret); 10988 11319 #endif 10989 11320 } … … 11042 11373 args->dCert, ssl->heap); 11043 11374 doLookup = 0; 11044 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER)11375 #if defined(WOLFSSL_TLS13) 11045 11376 if (ssl->options.tls1_3) { 11046 11377 TLSX* ext = TLSX_Find(ssl->extensions, … … 11057 11388 } 11058 11389 #endif 11390 } 11391 /* Ensure a stapling response was seen */ 11392 else if (ssl->options.tls1_3 && 11393 ssl->ctx->cm->ocspMustStaple) { 11394 ret = OCSP_CERT_UNKNOWN; 11395 goto exit_ppc; 11059 11396 } 11060 11397 #endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ … … 11115 11452 int copyRet = 0; 11116 11453 11454 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH 11455 if (ssl->options.handShakeDone) { 11456 FreeX509(&ssl->peerCert); 11457 InitX509(&ssl->peerCert, 0, ssl->heap); 11458 } 11459 else 11460 #endif 11117 11461 #ifdef HAVE_SECURE_RENEGOTIATION 11118 11462 if (ssl->secure_renegotiation && … … 11120 11464 /* free old peer cert */ 11121 11465 FreeX509(&ssl->peerCert); 11466 InitX509(&ssl->peerCert, 0, ssl->heap); 11122 11467 } 11468 else 11123 11469 #endif 11470 { 11471 } 11124 11472 11125 11473 /* set X509 format for peer cert */ … … 11202 11550 * alternative name extension MUST be used." */ 11203 11551 if (args->dCert->altNames) { 11204 if (CheckAltNames(args->dCert, 11205 (char*)ssl->buffers.domainName.buffer) == 0 ) { 11552 if (CheckForAltNames(args->dCert, 11553 (char*)ssl->buffers.domainName.buffer, 11554 NULL) != 1) { 11206 11555 WOLFSSL_MSG("DomainName match on alt names failed"); 11207 11556 /* try to get peer key still */ … … 11224 11573 (char*)ssl->buffers.domainName.buffer) == 0) { 11225 11574 WOLFSSL_MSG("DomainName match on common name failed"); 11226 if (CheckAltNames(args->dCert, 11227 (char*)ssl->buffers.domainName.buffer) == 0 ) { 11575 if (CheckForAltNames(args->dCert, 11576 (char*)ssl->buffers.domainName.buffer, 11577 NULL) != 1) { 11228 11578 WOLFSSL_MSG( 11229 11579 "DomainName match on alt names failed too"); … … 11279 11629 #ifdef HAVE_PK_CALLBACKS 11280 11630 #ifndef NO_RSA 11281 #ifdef HAVE_SECURE_RENEGOTIATION 11631 #if defined(HAVE_SECURE_RENEGOTIATION) || \ 11632 defined(WOLFSSL_POST_HANDSHAKE_AUTH) 11282 11633 if (ssl->buffers.peerRsaKey.buffer) { 11283 11634 XFREE(ssl->buffers.peerRsaKey.buffer, … … 11357 11708 ssl->peerEccDsaKeyPresent = 1; 11358 11709 #ifdef HAVE_PK_CALLBACKS 11710 if (ssl->buffers.peerEccDsaKey.buffer) 11711 XFREE(ssl->buffers.peerEccDsaKey.buffer, 11712 ssl->heap, DYNAMIC_TYPE_ECC); 11359 11713 ssl->buffers.peerEccDsaKey.buffer = 11360 11714 (byte*)XMALLOC(args->dCert->pubKeySize, … … 11381 11735 WOLFSSL_MSG("Peer ECC key is too small"); 11382 11736 } 11737 11738 /* populate curve oid - if missing */ 11739 if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->ecdhCurveOID == 0) 11740 ssl->ecdhCurveOID = args->dCert->pkCurveOID; 11383 11741 break; 11384 11742 } … … 11431 11789 WOLFSSL_MSG("Peer ECC key is too small"); 11432 11790 } 11791 11792 /* populate curve oid - if missing */ 11793 if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->ecdhCurveOID == 0) 11794 ssl->ecdhCurveOID = ECC_X25519_OID; 11433 11795 break; 11434 11796 } … … 11480 11842 WOLFSSL_MSG("Peer ECC key is too small"); 11481 11843 } 11844 11845 /* populate curve oid - if missing */ 11846 if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->ecdhCurveOID == 0) 11847 ssl->ecdhCurveOID = ECC_X448_OID; 11482 11848 break; 11483 11849 } … … 11573 11939 #endif /* WOLFSSL_ASYNC_CRYPT || WOLFSSL_NONBLOCK_OCSP */ 11574 11940 11941 #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP) || \ 11942 defined(WOLFSSL_SMALL_STACK) 11943 if (args) 11944 { 11945 FreeProcPeerCertArgs(ssl, args); 11946 } 11947 #else 11575 11948 FreeProcPeerCertArgs(ssl, args); 11949 #endif /* WOLFSSL_ASYNC_CRYPT || WOLFSSL_NONBLOCK_OCSP || WOLFSSL_SMALL_STACK */ 11576 11950 11577 11951 #if defined(WOLFSSL_ASYNC_CRYPT) … … 11667 12041 11668 12042 #ifdef WOLFSSL_SMALL_STACK 11669 CertStatus* status; 12043 CertStatus* status; 12044 OcspEntry* single; 11670 12045 OcspResponse* response; 11671 12046 #else 11672 CertStatus status[1]; 12047 CertStatus status[1]; 12048 OcspEntry single[1]; 11673 12049 OcspResponse response[1]; 11674 12050 #endif … … 11686 12062 status = (CertStatus*)XMALLOC(sizeof(CertStatus), ssl->heap, 11687 12063 DYNAMIC_TYPE_OCSP_STATUS); 12064 single = (OcspEntry*)XMALLOC(sizeof(OcspEntry), ssl->heap, 12065 DYNAMIC_TYPE_OCSP_ENTRY); 11688 12066 response = (OcspResponse*)XMALLOC(sizeof(OcspResponse), ssl->heap, 11689 DYNAMIC_TYPE_OCSP_REQUEST);11690 11691 if (status == NULL || response == NULL) {12067 DYNAMIC_TYPE_OCSP_REQUEST); 12068 12069 if (status == NULL || single == NULL || response == NULL) { 11692 12070 if (status) 11693 12071 XFREE(status, ssl->heap, DYNAMIC_TYPE_OCSP_STATUS); 12072 if (single) 12073 XFREE(single, ssl->heap, DYNAMIC_TYPE_OCSP_ENTRY); 11694 12074 if (response) 11695 12075 XFREE(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); … … 11715 12095 11716 12096 if (status_length) { 11717 InitOcspResponse(response, s tatus, input +*inOutIdx,11718 status_length);12097 InitOcspResponse(response, single, status, input +*inOutIdx, 12098 status_length, ssl->heap); 11719 12099 11720 12100 if ((OcspResponseDecode(response, ssl->ctx->cm, ssl->heap, 11721 12101 0) != 0) 11722 12102 || (response->responseStatus != OCSP_SUCCESSFUL) 11723 || (response->s tatus->status != CERT_GOOD))12103 || (response->single->status->status != CERT_GOOD)) 11724 12104 ret = BAD_CERTIFICATE_STATUS_ERROR; 11725 12105 … … 11735 12115 ret = BAD_CERTIFICATE_STATUS_ERROR; 11736 12116 } 12117 FreeOcspResponse(response); 11737 12118 11738 12119 *inOutIdx += status_length; … … 11747 12128 #ifdef WOLFSSL_SMALL_STACK 11748 12129 XFREE(status, NULL, DYNAMIC_TYPE_OCSP_STATUS); 12130 XFREE(single, NULL, DYNAMIC_TYPE_OCSP_ENTRY); 11749 12131 XFREE(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST); 11750 12132 #endif … … 11805 12187 11806 12188 if (IsEncryptionOn(ssl, 0)) { 12189 /* If size == totalSz then we are in DtlsMsgDrain so no need to worry 12190 * about padding */ 11807 12191 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 11808 12192 if (ssl->options.startedETMRead) { 11809 12193 word32 digestSz = MacSize(ssl); 11810 if (*inOutIdx + ssl->keys.padSz + digestSz > totalSz) 12194 if (size != totalSz && 12195 *inOutIdx + ssl->keys.padSz + digestSz > totalSz) 11811 12196 return BUFFER_E; 11812 12197 *inOutIdx += ssl->keys.padSz + digestSz; … … 11816 12201 { 11817 12202 /* access beyond input + size should be checked against totalSz */ 11818 if (*inOutIdx + ssl->keys.padSz > totalSz) 12203 if (size != totalSz && 12204 *inOutIdx + ssl->keys.padSz > totalSz) 11819 12205 return BUFFER_E; 11820 12206 … … 11852 12238 return BUFFER_ERROR; 11853 12239 11854 /* check against totalSz */ 12240 /* check against totalSz 12241 * If size == totalSz then we are in DtlsMsgDrain so no need to worry about 12242 * padding */ 12243 if (size != totalSz) { 11855 12244 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 11856 12245 if (ssl->options.startedETMRead) { … … 11864 12253 return BUFFER_E; 11865 12254 } 12255 } 11866 12256 11867 12257 #ifdef WOLFSSL_CALLBACKS … … 11892 12282 } 11893 12283 #endif 12284 #ifdef OPENSSL_ALL 12285 if (ssl->options.side == WOLFSSL_CLIENT_END) 12286 XMEMCPY(ssl->serverFinished, 12287 input + *inOutIdx, TLS_FINISHED_SZ); 12288 else 12289 XMEMCPY(ssl->clientFinished, 12290 input + *inOutIdx, TLS_FINISHED_SZ); 12291 #endif 11894 12292 11895 12293 /* force input exhaustion at ProcessReply consuming padSz */ … … 11934 12332 #ifdef WOLFSSL_DTLS 11935 12333 if (ssl->options.dtls) { 11936 DtlsMsgPoolReset(ssl); 12334 if ((!ssl->options.resuming && ssl->options.side == WOLFSSL_CLIENT_END) || 12335 (ssl->options.resuming && ssl->options.side == WOLFSSL_SERVER_END)){ 12336 DtlsMsgPoolReset(ssl); 12337 ssl->keys.dtls_handshake_number = 0; 12338 ssl->keys.dtls_expected_peer_handshake_number = 0; 12339 } 11937 12340 } 11938 12341 #endif … … 12085 12488 } 12086 12489 #endif 12490 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ 12491 defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) 12492 /* Check that a status request extension was seen as the 12493 * CertificateStatus wasn't when an OCSP staple is required. 12494 */ 12495 if ( 12496 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST 12497 !ssl->status_request && 12498 #endif 12499 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 12500 !ssl->status_request_v2 && 12501 #endif 12502 ssl->ctx->cm->ocspMustStaple) { 12503 return OCSP_CERT_UNKNOWN; 12504 } 12505 #endif 12087 12506 } 12088 12507 … … 12180 12599 return DUPLICATE_MSG_E; 12181 12600 } 12601 #ifdef WOLFSSL_DTLS 12602 if (ssl->options.dtls) { 12603 if (ssl->keys.curEpoch == 0) { 12604 WOLFSSL_MSG("Finished received with epoch 0"); 12605 return SEQUENCE_ERROR; 12606 } 12607 } 12608 #endif 12182 12609 ssl->msgsReceived.got_finished = 1; 12183 12610 … … 12194 12621 if (ssl->msgsReceived.got_change_cipher) { 12195 12622 WOLFSSL_MSG("Duplicate ChangeCipher received"); 12196 #ifdef WOLFSSL_EXTRA_ALERTS12197 SendAlert(ssl, alert_fatal, unexpected_message);12198 #endif12199 12623 return DUPLICATE_MSG_E; 12200 12624 } … … 12244 12668 ssl->options.havePeerCert) { 12245 12669 12246 if (!ssl->options.havePeerVerify) { 12670 if (!ssl->options.havePeerVerify || 12671 !ssl->msgsReceived.got_certificate_verify) { 12247 12672 WOLFSSL_MSG("client didn't send cert verify"); 12248 12673 #ifdef WOLFSSL_DTLS … … 12297 12722 #endif 12298 12723 12299 #if !defined( WOLFSSL_NO_SERVER) && \12724 #if !defined(NO_WOLFSSL_SERVER) && \ 12300 12725 defined(HAVE_SECURE_RENEGOTIATION) && \ 12301 12726 defined(HAVE_SERVER_RENEGOTIATION_INFO) … … 12404 12829 WOLFSSL_MSG("processing hello verify request"); 12405 12830 ret = DoHelloVerifyRequest(ssl, input,inOutIdx, size); 12831 if (IsEncryptionOn(ssl, 0)) { 12832 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 12833 if (ssl->options.startedETMRead) { 12834 word32 digestSz = MacSize(ssl); 12835 if (*inOutIdx + ssl->keys.padSz + digestSz > totalSz) 12836 return BUFFER_E; 12837 *inOutIdx += ssl->keys.padSz + digestSz; 12838 } 12839 else 12840 #endif 12841 { 12842 /* access beyond input + size should be checked against totalSz 12843 */ 12844 if (*inOutIdx + ssl->keys.padSz > totalSz) 12845 return BUFFER_E; 12846 12847 *inOutIdx += ssl->keys.padSz; 12848 } 12849 } 12406 12850 break; 12407 12851 … … 12511 12955 } 12512 12956 #endif 12957 /* If size == totalSz then we are in DtlsMsgDrain so no need to worry 12958 * about padding */ 12513 12959 if (IsEncryptionOn(ssl, 0)) { 12514 12960 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 12515 12961 if (ssl->options.startedETMRead) { 12516 12962 word32 digestSz = MacSize(ssl); 12517 if (*inOutIdx + ssl->keys.padSz + digestSz > totalSz) 12963 if (size != totalSz && 12964 *inOutIdx + ssl->keys.padSz + digestSz > totalSz) 12518 12965 return BUFFER_E; 12519 12966 *inOutIdx += ssl->keys.padSz + digestSz; … … 12524 12971 /* access beyond input + size should be checked against totalSz 12525 12972 */ 12526 if (*inOutIdx + ssl->keys.padSz > totalSz) 12973 if (size != totalSz && 12974 *inOutIdx + ssl->keys.padSz > totalSz) 12527 12975 return BUFFER_E; 12528 12529 12976 *inOutIdx += ssl->keys.padSz; 12530 12977 } … … 12565 13012 #endif 12566 13013 ) { 12567 ShrinkInputBuffer(ssl, NO_FORCED_FREE); 13014 if (IsEncryptionOn(ssl, 0)) { 13015 word32 extra = ssl->keys.padSz; 13016 13017 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 13018 if (ssl->options.startedETMRead) 13019 extra += MacSize(ssl); 13020 #endif 13021 13022 if (extra > ssl->buffers.inputBuffer.idx) 13023 return BUFFER_E; 13024 13025 ssl->buffers.inputBuffer.idx -= extra; 13026 ShrinkInputBuffer(ssl, NO_FORCED_FREE); 13027 ssl->buffers.inputBuffer.idx += extra; 13028 } 13029 else { 13030 ShrinkInputBuffer(ssl, NO_FORCED_FREE); 13031 } 12568 13032 } 12569 13033 … … 12776 13240 #endif 12777 13241 else if (curLT) { 12778 word32 idx = diff / DTLS_WORD_BITS; 12779 word32 newDiff = diff % DTLS_WORD_BITS; 13242 word32 idx; 13243 word32 newDiff; 13244 if (diff == 0) { 13245 WOLFSSL_MSG("DTLS sanity check failed"); 13246 return 0; 13247 } 13248 diff--; 13249 idx = diff / DTLS_WORD_BITS; 13250 newDiff = diff % DTLS_WORD_BITS; 12780 13251 12781 13252 /* verify idx is valid for window array */ … … 12797 13268 #ifdef WOLFSSL_MULTICAST 12798 13269 static WC_INLINE word32 UpdateHighwaterMark(word32 cur, word32 first, 12799 word32 second, word32 max)13270 word32 second, word32 high) 12800 13271 { 12801 13272 word32 newCur = 0; … … 12805 13276 else if (cur < second) 12806 13277 newCur = second; 12807 else if (cur < max)12808 newCur = max;13278 else if (cur < high) 13279 newCur = high; 12809 13280 12810 13281 return newCur; … … 12880 13351 if (cur_hi == *next_hi) { 12881 13352 curLT = cur_lo < *next_lo; 12882 diff = curLT ? *next_lo - cur_lo : cur_lo - *next_lo;13353 diff = curLT ? *next_lo - cur_lo - 1 : cur_lo - *next_lo + 1; 12883 13354 } 12884 13355 else { 12885 13356 curLT = cur_hi < *next_hi; 12886 diff = curLT ? cur_lo - *next_lo : *next_lo - cur_lo;13357 diff = curLT ? cur_lo - *next_lo - 1 : *next_lo - cur_lo + 1; 12887 13358 } 12888 13359 … … 12902 13373 12903 13374 temp = 0; 12904 diff++;12905 13375 idx = diff / DTLS_WORD_BITS; 12906 13376 newDiff = diff % DTLS_WORD_BITS; … … 12943 13413 ret == 0) { 12944 13414 word32 idx = 0; 12945 ssl->keys.dtls_expected_peer_handshake_number++; 12946 ret = DoHandShakeMsgType(ssl, item->msg, 12947 &idx, item->type, item->sz, item->sz); 13415 if ((ret = DoHandShakeMsgType(ssl, item->msg, &idx, item->type, 13416 item->sz, item->sz)) == 0) { 13417 if (item->type != finished) 13418 ssl->keys.dtls_expected_peer_handshake_number++; 13419 DtlsTxMsgListClean(ssl); 13420 } 12948 13421 #ifdef WOLFSSL_ASYNC_CRYPT 12949 13422 if (ret == WC_PENDING_E) { 12950 ssl->keys.dtls_expected_peer_handshake_number--;12951 13423 break; 12952 13424 } … … 12970 13442 word32 fragOffset, fragSz; 12971 13443 int ret = 0; 13444 int ignoreFinished = 0; 12972 13445 12973 13446 WOLFSSL_ENTER("DoDtlsHandShakeMsg()"); 12974 12975 /* process any pending DTLS messages - this flow can happen with async */12976 if (ssl->dtls_rx_msg_list != NULL) {12977 ret = DtlsMsgDrain(ssl);12978 if (ret != 0)12979 return ret;12980 12981 /* if done processing fragment exit with success */12982 if (totalSz == *inOutIdx)12983 return ret;12984 }12985 13447 12986 13448 /* parse header */ … … 13003 13465 WOLFSSL_ERROR(INCOMPLETE_DATA); 13004 13466 return INCOMPLETE_DATA; 13467 } 13468 13469 if (type == finished && ssl->keys.dtls_peer_handshake_number >= 13470 ssl->keys.dtls_expected_peer_handshake_number && 13471 ssl->keys.curEpoch == ssl->keys.dtls_epoch) { 13472 /* finished msg should be ignore from the current epoch 13473 * if it comes from a previous handshake */ 13474 if (ssl->options.side == WOLFSSL_CLIENT_END) { 13475 ignoreFinished = ssl->options.connectState < FINISHED_DONE; 13476 } 13477 else { 13478 ignoreFinished = ssl->options.acceptState < ACCEPT_FINISHED_DONE; 13479 } 13005 13480 } 13006 13481 … … 13015 13490 */ 13016 13491 if (ssl->keys.dtls_peer_handshake_number > 13017 ssl->keys.dtls_expected_peer_handshake_number) { 13492 ssl->keys.dtls_expected_peer_handshake_number && 13493 /* Only client_hello shouldn't be ignored if the handshake 13494 * num is greater */ 13495 (type == client_hello || 13496 ssl->options.handShakeState != HANDSHAKE_DONE) && 13497 !ignoreFinished) { 13018 13498 /* Current message is out of order. It will get stored in the list. 13019 13499 * Storing also takes care of defragmentation. If the messages is a … … 13025 13505 * the client could be sending multiple new client hello messages 13026 13506 * with newer and newer cookies.) */ 13507 WOLFSSL_MSG("Current message is out of order"); 13027 13508 if (type != client_hello) { 13028 13509 if (ssl->dtls_rx_msg_list_sz < DTLS_POOL_SZ) { 13029 DtlsMsgStore(ssl, ssl->keys.dtls_peer_handshake_number, 13510 DtlsMsgStore(ssl, ssl->keys.curEpoch, 13511 ssl->keys.dtls_peer_handshake_number, 13030 13512 input + *inOutIdx, size, type, 13031 13513 fragOffset, fragSz, ssl->heap); 13032 13514 } 13033 13515 *inOutIdx += fragSz; 13516 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 13517 if (ssl->options.startedETMRead && ssl->keys.curEpoch != 0) { 13518 word32 digestSz = MacSize(ssl); 13519 if (*inOutIdx + ssl->keys.padSz + digestSz > totalSz) 13520 return BUFFER_E; 13521 *inOutIdx += digestSz; 13522 } 13523 else 13524 #endif 13525 { 13526 if (*inOutIdx + ssl->keys.padSz > totalSz) { 13527 WOLFSSL_ERROR(BUFFER_E); 13528 return BUFFER_E; 13529 } 13530 } 13531 *inOutIdx += ssl->keys.padSz; 13034 13532 ret = 0; 13533 #ifndef WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT 13534 /* If we receive an out of order last flight msg then retransmit */ 13535 if (type == server_hello_done || type == finished) { 13536 ret = DtlsMsgPoolSend(ssl, 0); 13537 } 13538 #endif 13035 13539 } 13036 13540 else { … … 13043 13547 } 13044 13548 else if (ssl->keys.dtls_peer_handshake_number < 13045 ssl->keys.dtls_expected_peer_handshake_number) { 13549 ssl->keys.dtls_expected_peer_handshake_number || 13550 /* ignore all handshake messages if we are done with the 13551 * handshake */ 13552 (ssl->keys.dtls_peer_handshake_number > 13553 ssl->keys.dtls_expected_peer_handshake_number && 13554 ssl->options.handShakeState == HANDSHAKE_DONE) || 13555 ignoreFinished) { 13046 13556 /* Already saw this message and processed it. It can be ignored. */ 13557 WOLFSSL_MSG("Already saw this message and processed it"); 13047 13558 *inOutIdx += fragSz; 13048 if(type == finished ) {13049 13559 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 13050 if (ssl->options.startedETMRead) {13051 13052 13053 13054 *inOutIdx += ssl->keys.padSz +digestSz;13055 13056 13560 if (ssl->options.startedETMRead && ssl->keys.curEpoch != 0) { 13561 word32 digestSz = MacSize(ssl); 13562 if (*inOutIdx + ssl->keys.padSz + digestSz > totalSz) 13563 return BUFFER_E; 13564 *inOutIdx += digestSz; 13565 } 13566 else 13057 13567 #endif 13058 { 13059 if (*inOutIdx + ssl->keys.padSz > totalSz) { 13060 WOLFSSL_ERROR(BUFFER_E); 13061 return BUFFER_E; 13062 } 13063 *inOutIdx += ssl->keys.padSz; 13064 } 13065 } 13568 { 13569 if (*inOutIdx + ssl->keys.padSz > totalSz) { 13570 WOLFSSL_ERROR(BUFFER_E); 13571 return BUFFER_E; 13572 } 13573 } 13574 #ifndef WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT 13066 13575 if (IsDtlsNotSctpMode(ssl) && 13067 13576 VerifyForDtlsMsgPoolSend(ssl, type, fragOffset)) { … … 13069 13578 ret = DtlsMsgPoolSend(ssl, 0); 13070 13579 } 13580 #endif 13581 *inOutIdx += ssl->keys.padSz; 13071 13582 } 13072 13583 else if (fragSz < size) { … … 13074 13585 * be pointing to the message with this fragment in it. Check it to see 13075 13586 * if it is completed. */ 13587 WOLFSSL_MSG("Branch is in order, but fragmented"); 13076 13588 if (ssl->dtls_rx_msg_list_sz < DTLS_POOL_SZ) { 13077 DtlsMsgStore(ssl, ssl->keys.dtls_peer_handshake_number, 13589 DtlsMsgStore(ssl, ssl->keys.curEpoch, 13590 ssl->keys.dtls_peer_handshake_number, 13078 13591 input + *inOutIdx, size, type, 13079 13592 fragOffset, fragSz, ssl->heap); 13080 13593 } 13081 13594 *inOutIdx += fragSz; 13595 *inOutIdx += ssl->keys.padSz; 13596 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 13597 if (ssl->options.startedETMRead && ssl->keys.curEpoch != 0) { 13598 word32 digestSz = MacSize(ssl); 13599 if (*inOutIdx + digestSz > totalSz) 13600 return BUFFER_E; 13601 *inOutIdx += digestSz; 13602 } 13603 #endif 13082 13604 ret = 0; 13083 13605 if (ssl->dtls_rx_msg_list != NULL && … … 13086 13608 } 13087 13609 else { 13088 /* This branch is in order next, and a complete message. */ 13610 /* This branch is in order next, and a complete message. On success 13611 * clean the tx list. */ 13612 #ifdef WOLFSSL_ASYNC_CRYPT 13613 word32 idx = *inOutIdx; 13614 #endif 13615 WOLFSSL_MSG("Branch is in order and a complete message"); 13616 #ifdef WOLFSSL_ASYNC_CRYPT 13617 /* In async mode always store the message and process it with 13618 * DtlsMsgDrain because in case of a WC_PENDING_E it will be 13619 * easier this way. */ 13620 if (ssl->dtls_rx_msg_list_sz < DTLS_POOL_SZ) { 13621 DtlsMsgStore(ssl, ssl->keys.curEpoch, 13622 ssl->keys.dtls_peer_handshake_number, 13623 input + idx, size, type, 13624 fragOffset, fragSz, ssl->heap); 13625 } 13626 if (idx + fragSz + ssl->keys.padSz > totalSz) 13627 return BUFFER_E; 13628 *inOutIdx = idx + fragSz + ssl->keys.padSz; 13629 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 13630 if (ssl->options.startedETMRead && ssl->keys.curEpoch != 0) { 13631 word32 digestSz = MacSize(ssl); 13632 if (*inOutIdx + digestSz > totalSz) 13633 return BUFFER_E; 13634 *inOutIdx += digestSz; 13635 } 13636 #endif 13637 ret = DtlsMsgDrain(ssl); 13638 #else 13089 13639 ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz); 13090 13640 if (ret == 0) { 13091 if (type != client_hello || !IsDtlsNotSctpMode(ssl)) 13641 DtlsTxMsgListClean(ssl); 13642 if (type != finished) 13092 13643 ssl->keys.dtls_expected_peer_handshake_number++; 13093 13644 if (ssl->dtls_rx_msg_list != NULL) { … … 13095 13646 } 13096 13647 } 13648 #endif 13097 13649 } 13098 13650 … … 13106 13658 #ifdef HAVE_AEAD 13107 13659 13108 #if !defined(NO_PUBLIC_GCM_SET_IV) && \13109 (( (defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \13110 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))) || \13111 (defined(HAVE_POLY1305) && defined(HAVE_CHACHA)) )13660 #if (!defined(NO_PUBLIC_GCM_SET_IV) && \ 13661 ((defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \ 13662 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)))) || \ 13663 (defined(HAVE_POLY1305) && defined(HAVE_CHACHA)) 13112 13664 static WC_INLINE void AeadIncrementExpIV(WOLFSSL* ssl) 13113 13665 { … … 13882 14434 c16toa(sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size, 13883 14435 ssl->decrypt.additional + AEAD_LEN_OFFSET); 13884 XMEMCPY(ssl->decrypt.nonce, ssl->keys.aead_dec_imp_IV, 13885 AESGCM_IMP_IV_SZ); 14436 14437 #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION) 14438 if (ssl->options.dtls && IsDtlsMsgSCRKeys(ssl)) 14439 XMEMCPY(ssl->decrypt.nonce, 14440 ssl->secure_renegotiation->tmp_keys.aead_dec_imp_IV, 14441 AESGCM_IMP_IV_SZ); 14442 else 14443 #endif 14444 XMEMCPY(ssl->decrypt.nonce, ssl->keys.aead_dec_imp_IV, 14445 AESGCM_IMP_IV_SZ); 13886 14446 XMEMCPY(ssl->decrypt.nonce + AESGCM_IMP_IV_SZ, input, 13887 14447 AESGCM_EXP_IV_SZ); … … 14007 14567 case CIPHER_STATE_DO: 14008 14568 { 14569 #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION) 14570 if (ssl->options.dtls && DtlsSCRKeysSet(ssl)) { 14571 /* For epochs >1 the current cipher parameters are located in 14572 * ssl->secure_renegotiation->tmp_keys. Previous cipher 14573 * parameters and for epoch 1 use ssl->keys */ 14574 if (ssl->keys.curEpoch == 14575 ssl->secure_renegotiation->tmp_keys.dtls_epoch) { 14576 if (ssl->decrypt.src != SCR) { 14577 ssl->secure_renegotiation->cache_status = 14578 SCR_CACHE_NEEDED; 14579 if ((ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY)) != 0) 14580 break; 14581 } 14582 } 14583 else { 14584 if (ssl->decrypt.src != KEYS) { 14585 ssl->secure_renegotiation->cache_status = 14586 SCR_CACHE_NULL; 14587 if ((ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY)) != 0) 14588 break; 14589 } 14590 } 14591 } 14592 #endif 14593 14009 14594 ret = DecryptDo(ssl, plain, input, sz); 14010 14595 … … 14242 14827 * the size to make sure is valid. */ 14243 14828 ret = ssl->hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen, 14244 content, 1 );14829 content, 1, PEER_ORDER); 14245 14830 good |= MaskMac(input, pLen, ssl->specs.hash_size, verify); 14246 14831 … … 14275 14860 #ifdef WOLFSSL_EARLY_DATA 14276 14861 if (ssl->options.tls1_3 && ssl->options.handShakeDone == 0) { 14277 i f (ssl->options.side == WOLFSSL_SERVER_END &&14278 ssl->earlyData != no_early_data && 14279 ssl->options.clientState < CLIENT_FINISHED_COMPLETE) {14862 int process = 0; 14863 14864 if (ssl->options.side == WOLFSSL_SERVER_END) { 14280 14865 ssl->earlyDataSz += ssl->curSize; 14281 if (ssl->earlyDataSz <= ssl->options.maxEarlyDataSz) { 14866 if ((ssl->earlyData != no_early_data) && 14867 (ssl->options.clientState == CLIENT_HELLO_COMPLETE)) { 14868 process = 1; 14869 } 14870 if (!process && (ssl->earlyDataSz <= ssl->options.maxEarlyDataSz)) { 14282 14871 WOLFSSL_MSG("Ignoring EarlyData!"); 14283 14872 *inOutIdx = ssl->buffers.inputBuffer.length; 14284 14873 return 0; 14285 14874 } 14286 WOLFSSL_MSG("Too much EarlyData!"); 14287 } 14288 } 14875 if (ssl->earlyDataSz > ssl->options.maxEarlyDataSz) { 14876 WOLFSSL_MSG("Too much EarlyData!"); 14877 process = 0; 14878 } 14879 } 14880 if (!process) { 14881 WOLFSSL_MSG("Received App data before a handshake completed"); 14882 SendAlert(ssl, alert_fatal, unexpected_message); 14883 return OUT_OF_ORDER_E; 14884 } 14885 } 14886 else 14289 14887 #endif 14290 14888 if (ssl->options.handShakeDone == 0) { … … 14360 14958 14361 14959 *inOutIdx = idx; 14960 #ifdef HAVE_SECURE_RENEGOTIATION 14961 if (IsSCR(ssl)) { 14962 /* Reset the processReply state since 14963 * we finished processing this message. */ 14964 ssl->options.processReply = doProcessInit; 14965 /* If we are in a secure renegotiation then APP DATA is treated 14966 * differently */ 14967 return APP_DATA_READY; 14968 } 14969 #endif 14362 14970 return 0; 14363 14971 } … … 14533 15141 } 14534 15142 14535 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1 );15143 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1, PEER_ORDER); 14536 15144 ret |= ConstantCompare(verify, input + msgSz - digestSz, digestSz); 14537 15145 if (ret != 0) { … … 14586 15194 } 14587 15195 PadCheck(dummy, (byte)pad, MAX_PAD_SIZE); /* timing only */ 14588 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz - pad - 1, pad,14589 content, 1);15196 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz - pad - 1, 15197 pad, content, 1, PEER_ORDER); 14590 15198 if (ConstantCompare(verify, input + msgSz - digestSz - pad - 1, 14591 15199 digestSz) != 0) … … 14596 15204 } 14597 15205 else if (ssl->specs.cipher_type == stream) { 14598 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1); 15206 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1, 15207 PEER_ORDER); 14599 15208 if (ConstantCompare(verify, input + msgSz - digestSz, digestSz) != 0){ 14600 15209 return VERIFY_MAC_ERROR; … … 14639 15248 14640 15249 if (ssl->error != 0 && ssl->error != WANT_READ && ssl->error != WANT_WRITE 15250 #ifdef HAVE_SECURE_RENEGOTIATION 15251 && ssl->error != APP_DATA_READY 15252 #endif 14641 15253 #ifdef WOLFSSL_ASYNC_CRYPT 14642 15254 && ssl->error != WC_PENDING_E … … 14649 15261 return ssl->error; 14650 15262 } 15263 15264 #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_ASYNC_CRYPT) 15265 /* process any pending DTLS messages - this flow can happen with async */ 15266 if (ssl->dtls_rx_msg_list != NULL) { 15267 ret = DtlsMsgDrain(ssl); 15268 if (ret != 0) { 15269 WOLFSSL_ERROR(ret); 15270 return ret; 15271 } 15272 } 15273 #endif 14651 15274 14652 15275 for (;;) { … … 14770 15393 #endif /* WOLFSSL_DTLS_DROP_STATS */ 14771 15394 14772 if (IsDtlsNotSctpMode(ssl) && ssl->options.dtlsHsRetain) {14773 ret = DtlsMsgPoolSend(ssl, 0);14774 if (ret != 0)14775 return ret;14776 }14777 14778 15395 continue; 14779 15396 } … … 14819 15436 14820 15437 if (IsEncryptionOn(ssl, 0)) { 15438 #if defined(WOLFSSL_TLS13) || defined(WOLFSSL_EXTRA_ALERTS) 14821 15439 int tooLong = 0; 15440 #endif 14822 15441 14823 15442 #ifdef WOLFSSL_TLS13 … … 14832 15451 tooLong = ssl->curSize > MAX_TLS_CIPHER_SZ; 14833 15452 #endif 15453 #if defined(WOLFSSL_TLS13) || defined(WOLFSSL_EXTRA_ALERTS) 14834 15454 if (tooLong) { 14835 15455 WOLFSSL_MSG("Encrypted data too long"); 14836 #if defined(WOLFSSL_TLS13) || defined(WOLFSSL_EXTRA_ALERTS)14837 15456 SendAlert(ssl, alert_fatal, record_overflow); 14838 #endif14839 15457 return BUFFER_ERROR; 14840 15458 } 15459 #endif 14841 15460 } 14842 15461 ssl->keys.padSz = 0; … … 14888 15507 case decryptMessage: 14889 15508 14890 #if !defined(WOLFSSL_TLS13) || defined(WOLFSSL_TLS13_DRAFT_18)14891 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0)14892 #else14893 15509 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0 && 14894 15510 (!IsAtLeastTLSv1_3(ssl->version) || 14895 15511 ssl->curRL.type != change_cipher_spec)) 14896 #endif14897 15512 { 14898 15513 bufferStatic* in = &ssl->buffers.inputBuffer; … … 14937 15552 in->buffer + in->idx, 14938 15553 ssl->curSize - digestSz); 14939 ssl->keys.padSz = 14940 in->buffer[in->idx + ssl->curSize - digestSz - 1]; 14941 ssl->keys.padSz += 1; 14942 ssl->keys.decryptedCur = 1; 15554 if (ret == 0) { 15555 ssl->keys.padSz = 15556 in->buffer[in->idx + ssl->curSize - 15557 digestSz - 1]; 15558 ssl->keys.padSz += 1; 15559 ssl->keys.decryptedCur = 1; 15560 } 14943 15561 } 14944 15562 else … … 14957 15575 { 14958 15576 #ifdef WOLFSSL_TLS13 14959 #if defined(WOLFSSL_TLS13_DRAFT_18) || \14960 defined(WOLFSSL_TLS13_DRAFT_22) || \14961 defined(WOLFSSL_TLS13_DRAFT_23)14962 ret = DecryptTls13(ssl,14963 in->buffer + in->idx,14964 in->buffer + in->idx,14965 ssl->curSize, NULL, 0);14966 #else14967 15577 ret = DecryptTls13(ssl, 14968 15578 in->buffer + in->idx, … … 14970 15580 ssl->curSize, 14971 15581 (byte*)&ssl->curRL, RECORD_HEADER_SZ); 14972 #endif14973 15582 #else 14974 15583 ret = DECRYPT_ERROR; … … 15041 15650 case verifyMessage: 15042 15651 15043 #if !defined(WOLFSSL_TLS13) || defined(WOLFSSL_TLS13_DRAFT_18)15044 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0)15045 #else15046 15652 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0 && 15047 15653 (!IsAtLeastTLSv1_3(ssl->version) || 15048 15654 ssl->curRL.type != change_cipher_spec)) 15049 #endif15050 15655 { 15051 15656 if (!atomicUser … … 15091 15696 word16 i = (word16)(ssl->buffers.inputBuffer.length - 15092 15697 ssl->keys.padSz); 15698 15699 /* sanity check on underflow */ 15700 if (ssl->keys.padSz >= ssl->buffers.inputBuffer.length) { 15701 WOLFSSL_ERROR(DECRYPT_ERROR); 15702 return DECRYPT_ERROR; 15703 } 15704 15093 15705 /* Remove padding from end of plain text. */ 15094 15706 for (--i; i > ssl->buffers.inputBuffer.idx; i--) { … … 15111 15723 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 15112 15724 if (IsEncryptionOn(ssl, 0) && ssl->options.startedETMRead) { 15113 if (ssl->buffers.inputBuffer.length - ssl->keys.padSz - 15114 ssl->buffers.inputBuffer.idx - 15115 MacSize(ssl) > MAX_PLAINTEXT_SZ) { 15725 if ((ssl->buffers.inputBuffer.length - 15726 ssl->keys.padSz - 15727 MacSize(ssl) - 15728 ssl->buffers.inputBuffer.idx > MAX_PLAINTEXT_SZ) 15729 #ifdef WOLFSSL_ASYNC_CRYPT 15730 && ssl->buffers.inputBuffer.length != 15731 ssl->buffers.inputBuffer.idx 15732 #endif 15733 ) { 15116 15734 WOLFSSL_MSG("Plaintext too long - Encrypt-Then-MAC"); 15117 15735 #if defined(WOLFSSL_EXTRA_ALERTS) … … 15123 15741 else 15124 15742 #endif 15125 if (ssl->buffers.inputBuffer.length - ssl->keys.padSz - 15126 ssl->buffers.inputBuffer.idx > MAX_PLAINTEXT_SZ) { 15743 if (ssl->buffers.inputBuffer.length - 15744 ssl->keys.padSz - 15745 ssl->buffers.inputBuffer.idx > MAX_PLAINTEXT_SZ 15746 #ifdef WOLFSSL_ASYNC_CRYPT 15747 && ssl->buffers.inputBuffer.length != 15748 ssl->buffers.inputBuffer.idx 15749 #endif 15750 ) { 15127 15751 WOLFSSL_MSG("Plaintext too long"); 15128 15752 #if defined(WOLFSSL_TLS13) || defined(WOLFSSL_EXTRA_ALERTS) … … 15132 15756 } 15133 15757 15134 15758 #ifdef WOLFSSL_DTLS 15135 15759 if (IsDtlsNotSctpMode(ssl)) { 15136 15760 DtlsUpdateWindow(ssl); 15137 15761 } 15138 15762 #endif /* WOLFSSL_DTLS */ 15139 15763 15140 15764 WOLFSSL_MSG("received record layer msg"); … … 15142 15766 switch (ssl->curRL.type) { 15143 15767 case handshake : 15768 WOLFSSL_MSG("got HANDSHAKE"); 15144 15769 /* debugging in DoHandShakeMsg */ 15145 15770 if (ssl->options.dtls) { … … 15151 15776 #endif 15152 15777 } 15153 else if (!IsAtLeastTLSv1_3(ssl->version)) { 15778 else if (!IsAtLeastTLSv1_3(ssl->version) 15779 #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_TLS12) 15780 || !TLSv1_3_Capable(ssl) 15781 #endif 15782 ) { 15154 15783 #ifndef WOLFSSL_NO_TLS12 15155 15784 ret = DoHandShakeMsg(ssl, … … 15163 15792 else { 15164 15793 #ifdef WOLFSSL_TLS13 15794 ssl->msgsReceived.got_change_cipher = 0; 15165 15795 ret = DoTls13HandShakeMsg(ssl, 15166 15796 ssl->buffers.inputBuffer.buffer, … … 15182 15812 #endif 15183 15813 } 15184 if (ret != 0) { 15814 if (ret != 0 15815 #ifdef WOLFSSL_ASYNC_CRYPT 15816 /* In async case, on pending, move onto next message. 15817 * Current message should have been DtlsMsgStore'ed and 15818 * should be processed with DtlsMsgDrain */ 15819 && (!ssl->options.dtls 15820 || ret != WC_PENDING_E) 15821 #endif 15822 ) { 15185 15823 WOLFSSL_ERROR(ret); 15186 15824 return ret; … … 15198 15836 change_cipher_spec, 15199 15837 ssl->buffers.inputBuffer.buffer + 15200 ssl->buffers.inputBuffer.idx - RECORD_HEADER_SZ, 15838 ssl->buffers.inputBuffer.idx - RECORD_HEADER_SZ - 15839 (ssl->options.dtls ? DTLS_RECORD_EXTRA : 0), 15201 15840 1 + RECORD_HEADER_SZ, READ_PROTO, ssl->heap); 15202 15841 #ifdef WOLFSSL_CALLBACKS … … 15207 15846 15208 15847 #ifdef WOLFSSL_TLS13 15209 #ifdef WOLFSSL_TLS13_DRAFT_1815210 if (IsAtLeastTLSv1_3(ssl->version)) {15211 SendAlert(ssl, alert_fatal, illegal_parameter);15212 return UNKNOWN_RECORD_TYPE;15213 }15214 #else15215 15848 if (IsAtLeastTLSv1_3(ssl->version)) { 15216 15849 word32 i = ssl->buffers.inputBuffer.idx; … … 15225 15858 } 15226 15859 ssl->buffers.inputBuffer.idx++; 15860 if (!ssl->msgsReceived.got_change_cipher) { 15861 ssl->msgsReceived.got_change_cipher = 1; 15862 } 15863 else { 15864 SendAlert(ssl, alert_fatal, illegal_parameter); 15865 return UNKNOWN_RECORD_TYPE; 15866 } 15227 15867 break; 15228 15868 } 15229 #endif15230 15869 #endif 15231 15870 15232 15871 #ifndef WOLFSSL_NO_TLS12 15872 if (ssl->buffers.inputBuffer.buffer[ 15873 ssl->buffers.inputBuffer.idx] != 1) { 15874 WOLFSSL_MSG("ChangeCipher msg wrong value"); 15875 return LENGTH_ERROR; 15876 } 15877 15878 if (IsEncryptionOn(ssl, 0) && ssl->options.handShakeDone) { 15879 #ifdef HAVE_AEAD 15880 if (ssl->specs.cipher_type == aead) { 15881 if (ssl->specs.bulk_cipher_algorithm != wolfssl_chacha) 15882 ssl->curSize -= AESGCM_EXP_IV_SZ; 15883 ssl->buffers.inputBuffer.idx += ssl->specs.aead_mac_size; 15884 ssl->curSize -= ssl->specs.aead_mac_size; 15885 } 15886 else 15887 #endif 15888 { 15889 ssl->buffers.inputBuffer.idx += ssl->keys.padSz; 15890 ssl->curSize -= (word16)ssl->keys.padSz; 15891 ssl->curSize -= ssl->specs.iv_size; 15892 } 15893 15894 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 15895 if (ssl->options.startedETMRead) { 15896 word32 digestSz = MacSize(ssl); 15897 ssl->buffers.inputBuffer.idx += digestSz; 15898 ssl->curSize -= digestSz; 15899 } 15900 #endif 15901 } 15902 15903 if (ssl->curSize != 1) { 15904 WOLFSSL_MSG("Malicious or corrupted ChangeCipher msg"); 15905 return LENGTH_ERROR; 15906 } 15907 15908 ssl->buffers.inputBuffer.idx++; 15909 15233 15910 ret = SanityCheckMsgReceived(ssl, change_cipher_hs); 15234 15911 if (ret != 0) { … … 15243 15920 if (ret != DUPLICATE_MSG_E && ret != OUT_OF_ORDER_E) 15244 15921 return ret; 15245 15246 if (IsDtlsNotSctpMode(ssl)) { 15247 ret = DtlsMsgPoolSend(ssl, 1); 15248 if (ret != 0) 15249 return ret; 15250 } 15251 15252 if (ssl->curSize != 1) { 15253 WOLFSSL_MSG("Malicious or corrupted" 15254 " duplicate ChangeCipher msg"); 15255 return LENGTH_ERROR; 15256 } 15257 ssl->buffers.inputBuffer.idx++; 15922 /* Reset error */ 15923 ret = 0; 15258 15924 break; 15259 15925 #endif /* WOLFSSL_DTLS */ … … 15261 15927 } 15262 15928 15263 if (IsEncryptionOn(ssl, 0) && ssl->options.handShakeDone) {15264 ssl->buffers.inputBuffer.idx += ssl->keys.padSz;15265 ssl->curSize -= (word16) ssl->buffers.inputBuffer.idx;15266 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)15267 if (ssl->options.startedETMRead) {15268 word32 digestSz = MacSize(ssl);15269 ssl->buffers.inputBuffer.idx += digestSz;15270 ssl->curSize -= digestSz;15271 }15272 #endif15273 }15274 15275 if (ssl->curSize != 1) {15276 WOLFSSL_MSG("Malicious or corrupted ChangeCipher msg");15277 return LENGTH_ERROR;15278 }15279 15280 ssl->buffers.inputBuffer.idx++;15281 15929 ssl->keys.encryptionOn = 1; 15282 15930 … … 15332 15980 #ifdef WOLFSSL_DTLS 15333 15981 if (ssl->options.dtls && ssl->options.dtlsHsRetain) { 15982 #ifdef HAVE_SECURE_RENEGOTIATION 15983 /* 15984 * Only free HS resources when not in the process of a 15985 * secure renegotiation and we have received APP DATA 15986 * from the current epoch 15987 */ 15988 if (!IsSCR(ssl) && (DtlsUseSCRKeys(ssl) 15989 || !DtlsSCRKeysSet(ssl))) { 15990 FreeHandshakeResources(ssl); 15991 ssl->options.dtlsHsRetain = 0; 15992 } 15993 #else 15334 15994 FreeHandshakeResources(ssl); 15335 15995 ssl->options.dtlsHsRetain = 0; 15996 #endif 15336 15997 } 15337 15998 #endif … … 15367 16028 if (type == decrypt_error) 15368 16029 return FATAL_ERROR; 16030 16031 /* Reset error if we got an alert level in ret */ 16032 if (ret > 0) 16033 ret = 0; 15369 16034 break; 15370 16035 … … 15376 16041 ssl->options.processReply = doProcessInit; 15377 16042 15378 /* input exhausted? */ 15379 if (ssl->buffers.inputBuffer.idx >= ssl->buffers.inputBuffer.length) 15380 return 0; 16043 /* input exhausted */ 16044 if (ssl->buffers.inputBuffer.idx >= ssl->buffers.inputBuffer.length 16045 #ifdef WOLFSSL_DTLS 16046 /* If app data was processed then return now to avoid 16047 * dropping any app data. */ 16048 || (ssl->options.dtls && ssl->curRL.type == application_data) 16049 #endif 16050 ) 16051 return ret; 15381 16052 15382 16053 /* more messages per record */ … … 15413 16084 } 15414 16085 } 15415 15416 continue;15417 16086 } 15418 16087 /* more records */ 15419 16088 else { 15420 16089 WOLFSSL_MSG("More records in input"); 15421 ssl->options.processReply = doProcessInit; 15422 continue; 15423 } 15424 16090 } 16091 #ifdef WOLFSSL_ASYNC_CRYPT 16092 /* We are setup to read next message/record but we had an error 16093 * (probably WC_PENDING_E) so return that so it can be handled 16094 * by higher layers. */ 16095 if (ret != 0) 16096 return ret; 16097 #endif 16098 continue; 15425 16099 default: 15426 16100 WOLFSSL_MSG("Bad process input state, programming error"); … … 15432 16106 15433 16107 16108 #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) || \ 16109 (defined(WOLFSSL_TLS13) && defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT)) 15434 16110 int SendChangeCipher(WOLFSSL* ssl) 15435 16111 { … … 15474 16150 ssl->buffers.outputBuffer.length; 15475 16151 15476 AddRecordHeader(output, 1, change_cipher_spec, ssl );16152 AddRecordHeader(output, 1, change_cipher_spec, ssl, CUR_ORDER); 15477 16153 15478 16154 output[idx] = 1; /* turn it on */ … … 15483 16159 15484 16160 input[0] = 1; /* turn it on */ 16161 #ifdef WOLFSSL_DTLS 16162 if (IsDtlsNotSctpMode(ssl) && 16163 (ret = DtlsMsgPoolSave(ssl, input, inputSz, change_cipher_hs)) != 0) { 16164 return ret; 16165 } 16166 #endif 15485 16167 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 15486 change_cipher_spec, 0, 0, 0 );16168 change_cipher_spec, 0, 0, 0, CUR_ORDER); 15487 16169 if (sendSz < 0) { 15488 16170 return sendSz; 15489 16171 } 15490 16172 } 15491 15492 16173 #ifdef WOLFSSL_DTLS 16174 else { 15493 16175 if (IsDtlsNotSctpMode(ssl)) { 16176 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz, change_cipher_hs)) != 0) 16177 return ret; 15494 16178 DtlsSEQIncrement(ssl, CUR_ORDER); 15495 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0) 15496 return ret; 15497 } 16179 } 16180 } 15498 16181 #endif 15499 16182 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) … … 15505 16188 ssl->buffers.outputBuffer.length += sendSz; 15506 16189 16190 #ifdef WOLFSSL_TLS13 16191 if (!ssl->options.tls1_3) 16192 #endif 16193 { 16194 /* setup encrypt keys */ 16195 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) != 0) 16196 return ret; 16197 16198 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 16199 ssl->options.startedETMWrite = ssl->options.encThenMac; 16200 #endif 16201 } 16202 15507 16203 if (ssl->options.groupMessages) 15508 16204 return 0; … … 15517 16213 return SendBuffered(ssl); 15518 16214 } 16215 #endif 15519 16216 15520 16217 15521 16218 #if !defined(NO_OLD_TLS) && !defined(WOLFSSL_AEAD_ONLY) 15522 16219 static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, 15523 int padLen, int content, int verify )16220 int padLen, int content, int verify, int epochOrder) 15524 16221 { 15525 16222 byte result[WC_MAX_DIGEST_SIZE]; … … 15534 16231 byte seq[SEQ_SZ]; 15535 16232 byte conLen[ENUM_LEN + LENGTH_SZ]; /* content & length */ 15536 const byte* macSecret = wolfSSL_GetMacSecret(ssl, verify);16233 const byte* macSecret = NULL; 15537 16234 15538 16235 (void)padLen; … … 15543 16240 #endif 15544 16241 16242 #ifdef WOLFSSL_DTLS 16243 if (ssl->options.dtls) 16244 macSecret = wolfSSL_GetDtlsMacSecret(ssl, verify, epochOrder); 16245 else 16246 macSecret = wolfSSL_GetMacSecret(ssl, verify); 16247 #else 16248 macSecret = wolfSSL_GetMacSecret(ssl, verify); 16249 #endif 16250 15545 16251 XMEMSET(seq, 0, SEQ_SZ); 15546 16252 conLen[0] = (byte)content; 15547 16253 c16toa((word16)sz, &conLen[ENUM_LEN]); 15548 WriteSEQ(ssl, verify, seq);16254 WriteSEQ(ssl, epochOrder, seq); 15549 16255 15550 16256 if (ssl->specs.mac_algorithm == md5_mac) { … … 15635 16341 } 15636 16342 #endif /* !NO_OLD_TLS && !WOLFSSL_AEAD_ONLY */ 15637 15638 15639 #ifndef NO_CERTS15640 16343 15641 16344 #if !defined(NO_MD5) && !defined(NO_OLD_TLS) … … 15781 16484 } 15782 16485 15783 #endif /* !NO_CERTS */15784 15785 16486 #ifndef WOLFSSL_NO_TLS12 15786 /* Persistable BuildMessage arguments */ 15787 typedef struct BuildMsgArgs { 15788 word32 digestSz; 15789 word32 sz; 15790 word32 pad; 15791 word32 idx; 15792 word32 headerSz; 15793 word16 size; 15794 word32 ivSz; /* TLSv1.1 IV */ 15795 byte* iv; 15796 } BuildMsgArgs; 15797 15798 static void FreeBuildMsgArgs(WOLFSSL* ssl, void* pArgs) 16487 void FreeBuildMsgArgs(WOLFSSL* ssl, BuildMsgArgs* args) 15799 16488 { 15800 BuildMsgArgs* args = (BuildMsgArgs*)pArgs; 15801 15802 (void)ssl; 15803 (void)args; 15804 15805 if (args->iv) { 15806 XFREE(args->iv, ssl->heap, DYNAMIC_TYPE_SALT); 15807 args->iv = NULL; 16489 if (args) { 16490 if (ssl && args->iv) 16491 XFREE(args->iv, ssl->heap, DYNAMIC_TYPE_SALT); 16492 XMEMSET(args, 0, sizeof(BuildMsgArgs)); 15808 16493 } 15809 16494 } … … 15812 16497 /* Build SSL Message, encrypted */ 15813 16498 int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, 15814 int inSz, int type, int hashOutput, int sizeOnly, int asyncOkay) 16499 int inSz, int type, int hashOutput, int sizeOnly, int asyncOkay, 16500 int epochOrder) 15815 16501 { 15816 16502 #ifndef WOLFSSL_NO_TLS12 … … 15819 16505 BuildMsgArgs lcl_args; 15820 16506 #ifdef WOLFSSL_ASYNC_CRYPT 15821 args = (BuildMsgArgs*)ssl->async.args; 15822 typedef char args_test[sizeof(ssl->async.args) >= sizeof(*args) ? 1 : -1]; 15823 (void)sizeof(args_test); 16507 args = &ssl->async.buildArgs; 15824 16508 #endif 15825 16509 #endif … … 15830 16514 return BAD_FUNC_ARG; 15831 16515 } 16516 16517 (void)epochOrder; 15832 16518 15833 16519 #ifdef WOLFSSL_NO_TLS12 … … 15867 16553 args->idx = RECORD_HEADER_SZ; 15868 16554 args->headerSz = RECORD_HEADER_SZ; 15869 #ifdef WOLFSSL_ASYNC_CRYPT15870 ssl->async.freeArgs = FreeBuildMsgArgs;15871 #endif15872 16555 } 15873 16556 … … 15883 16566 ERROR_OUT(BAD_FUNC_ARG, exit_buildmsg); 15884 16567 } 16568 #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION) 16569 if (ssl->options.dtls && DtlsSCRKeysSet(ssl)) { 16570 /* For epochs >1 the current cipher parameters are located in 16571 * ssl->secure_renegotiation->tmp_keys. Previous cipher 16572 * parameters and for epoch 1 use ssl->keys */ 16573 switch (epochOrder) { 16574 case PREV_ORDER: 16575 if (ssl->encrypt.src != KEYS) { 16576 ssl->secure_renegotiation->cache_status = 16577 SCR_CACHE_NULL; 16578 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) != 0) 16579 ERROR_OUT(ret, exit_buildmsg); 16580 } 16581 break; 16582 case CUR_ORDER: 16583 if (ssl->keys.dtls_epoch == 16584 ssl->secure_renegotiation->tmp_keys.dtls_epoch) { 16585 if (ssl->encrypt.src != SCR) { 16586 ssl->secure_renegotiation->cache_status = 16587 SCR_CACHE_NEEDED; 16588 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) 16589 != 0) 16590 ERROR_OUT(ret, exit_buildmsg); 16591 } 16592 } 16593 else { 16594 if (ssl->encrypt.src != KEYS) { 16595 ssl->secure_renegotiation->cache_status = 16596 SCR_CACHE_NULL; 16597 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) 16598 != 0) 16599 ERROR_OUT(ret, exit_buildmsg); 16600 } 16601 } 16602 break; 16603 default: 16604 WOLFSSL_MSG("BuildMessage only supports PREV_ORDER and " 16605 "CUR_ORDER"); 16606 ERROR_OUT(BAD_FUNC_ARG, exit_buildmsg); 16607 } 16608 } 16609 #endif 15885 16610 15886 16611 ssl->options.buildMsgState = BUILD_MSG_SIZE; … … 15970 16695 15971 16696 args->size = (word16)(args->sz - args->headerSz); /* include mac and digest */ 15972 AddRecordHeader(output, args->size, (byte)type, ssl );16697 AddRecordHeader(output, args->size, (byte)type, ssl, epochOrder); 15973 16698 15974 16699 /* write to output */ … … 16065 16790 ret = ssl->hmac(ssl, hmac, 16066 16791 output + args->headerSz + args->ivSz, inSz, 16067 -1, type, 0 );16792 -1, type, 0, epochOrder); 16068 16793 XMEMCPY(output + args->idx, hmac, args->digestSz); 16069 16794 … … 16076 16801 { 16077 16802 ret = ssl->hmac(ssl, output + args->idx, output + 16078 args->headerSz + args->ivSz, inSz, -1, type, 0 );16803 args->headerSz + args->ivSz, inSz, -1, type, 0, epochOrder); 16079 16804 } 16080 16805 } … … 16088 16813 case BUILD_MSG_ENCRYPT: 16089 16814 { 16815 #if defined(HAVE_SECURE_RENEGOTIATION) && defined(WOLFSSL_DTLS) 16816 /* If we want the PREV_ORDER then modify CUR_ORDER sequence number 16817 * for all encryption algos that use it for encryption parameters */ 16818 word16 dtls_epoch = 0; 16819 word16 dtls_sequence_number_hi = 0; 16820 word32 dtls_sequence_number_lo = 0; 16821 int swap_seq = ssl->options.dtls && epochOrder == PREV_ORDER && 16822 DtlsUseSCRKeys(ssl); 16823 if (swap_seq) { 16824 dtls_epoch = ssl->keys.dtls_epoch; 16825 dtls_sequence_number_hi = ssl->keys.dtls_sequence_number_hi; 16826 dtls_sequence_number_lo = ssl->keys.dtls_sequence_number_lo; 16827 ssl->keys.dtls_epoch--; 16828 ssl->keys.dtls_sequence_number_hi = 16829 ssl->keys.dtls_prev_sequence_number_hi; 16830 ssl->keys.dtls_sequence_number_lo = 16831 ssl->keys.dtls_prev_sequence_number_lo; 16832 } 16833 #endif 16090 16834 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 16091 16835 if (ssl->options.startedETMWrite) { … … 16100 16844 output + args->headerSz, args->size, asyncOkay); 16101 16845 } 16846 #if defined(HAVE_SECURE_RENEGOTIATION) && defined(WOLFSSL_DTLS) 16847 /* Restore sequence numbers */ 16848 if (swap_seq) { 16849 ssl->keys.dtls_epoch = dtls_epoch; 16850 ssl->keys.dtls_sequence_number_hi = dtls_sequence_number_hi; 16851 ssl->keys.dtls_sequence_number_lo = dtls_sequence_number_lo; 16852 } 16853 #endif 16102 16854 if (ret != 0) 16103 16855 goto exit_buildmsg; … … 16129 16881 ret = ssl->hmac(ssl, hmac, output + args->headerSz, 16130 16882 args->ivSz + inSz + args->pad + 1, -1, type, 16131 0 );16883 0, epochOrder); 16132 16884 XMEMCPY(output + args->idx + args->pad + 1, hmac, 16133 16885 args->digestSz); … … 16143 16895 output + args->headerSz, 16144 16896 args->ivSz + inSz + args->pad + 1, -1, type, 16145 0 );16897 0, epochOrder); 16146 16898 } 16147 16899 } … … 16165 16917 #ifdef WOLFSSL_DTLS 16166 16918 if (ret == 0 && ssl->options.dtls) 16167 DtlsSEQIncrement(ssl, CUR_ORDER);16919 DtlsSEQIncrement(ssl, epochOrder); 16168 16920 #endif 16169 16921 … … 16174 16926 /* Final cleanup */ 16175 16927 FreeBuildMsgArgs(ssl, args); 16176 #ifdef WOLFSSL_ASYNC_CRYPT16177 ssl->async.freeArgs = NULL;16178 #endif16179 16928 16180 16929 return ret; … … 16199 16948 WOLFSSL_ENTER("SendFinished"); 16200 16949 16201 /* setup encrypt keys */16202 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) != 0)16203 return ret;16204 16205 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)16206 ssl->options.startedETMWrite = ssl->options.encThenMac;16207 #endif16208 16209 16950 /* check for available size */ 16210 16951 outputSz = sizeof(input) + MAX_MSG_EXTRA; … … 16247 16988 } 16248 16989 #endif 16990 #ifdef OPENSSL_ALL 16991 if (ssl->options.side == WOLFSSL_CLIENT_END) 16992 XMEMCPY(ssl->clientFinished, 16993 hashes, TLS_FINISHED_SZ); 16994 else 16995 XMEMCPY(ssl->serverFinished, 16996 hashes, TLS_FINISHED_SZ); 16997 #endif 16249 16998 16250 16999 #ifdef WOLFSSL_DTLS 16251 17000 if (IsDtlsNotSctpMode(ssl)) { 16252 if ((ret = DtlsMsgPoolSave(ssl, input, headerSz + finishedSz )) != 0)17001 if ((ret = DtlsMsgPoolSave(ssl, input, headerSz + finishedSz, finished)) != 0) 16253 17002 return ret; 16254 17003 } … … 16256 17005 16257 17006 sendSz = BuildMessage(ssl, output, outputSz, input, headerSz + finishedSz, 16258 handshake, 1, 0, 0 );17007 handshake, 1, 0, 0, CUR_ORDER); 16259 17008 if (sendSz < 0) 16260 17009 return BUILD_MSG_ERROR; … … 16298 17047 16299 17048 ret = SendBuffered(ssl); 17049 17050 #ifdef WOLFSSL_DTLS 17051 if ((!ssl->options.resuming && 17052 ssl->options.side == WOLFSSL_SERVER_END) || 17053 (ssl->options.resuming && 17054 ssl->options.side == WOLFSSL_CLIENT_END)) { 17055 ssl->keys.dtls_handshake_number = 0; 17056 ssl->keys.dtls_expected_peer_handshake_number = 0; 17057 } 17058 #endif 16300 17059 16301 17060 WOLFSSL_LEAVE("SendFinished", ret); … … 16443 17202 #endif /* !NO_WOLFSSL_SERVER */ 16444 17203 17204 #if (!defined(WOLFSSL_NO_TLS12) && !defined(NO_CERTS)) \ 17205 || (defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)) 17206 static int cipherExtraData(WOLFSSL* ssl) 17207 { 17208 /* Cipher data that may be added by BuildMessage */ 17209 return ssl->specs.hash_size + ssl->specs.block_size + 17210 ssl->specs.aead_mac_size + ssl->specs.iv_size + 17211 ssl->specs.pad_size; 17212 } 17213 #endif 17214 16445 17215 #ifndef WOLFSSL_NO_TLS12 16446 17216 … … 16554 17324 } 16555 17325 17326 if (IsEncryptionOn(ssl, 1)) 17327 sendSz += cipherExtraData(ssl); 17328 16556 17329 /* check for available size */ 16557 17330 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) … … 16566 17339 AddFragHeaders(output, fragSz, 0, payloadSz, certificate, ssl); 16567 17340 if (!IsEncryptionOn(ssl, 1)) 16568 Hash OutputRaw(ssl, output + RECORD_HEADER_SZ,17341 HashRaw(ssl, output + RECORD_HEADER_SZ, 16569 17342 HANDSHAKE_HEADER_SZ); 16570 17343 } … … 16572 17345 #ifdef WOLFSSL_DTLS 16573 17346 AddHeaders(output, payloadSz, certificate, ssl); 16574 if (!IsEncryptionOn(ssl, 1)) 16575 HashOutputRaw(ssl, 16576 output + RECORD_HEADER_SZ + DTLS_RECORD_EXTRA, 16577 HANDSHAKE_HEADER_SZ + DTLS_HANDSHAKE_EXTRA); 17347 HashRaw(ssl, 17348 output + RECORD_HEADER_SZ + DTLS_RECORD_EXTRA, 17349 HANDSHAKE_HEADER_SZ + DTLS_HANDSHAKE_EXTRA); 16578 17350 /* Adding the headers increments these, decrement them for 16579 17351 * actual message header. */ … … 16586 17358 /* list total */ 16587 17359 c32to24(listSz, output + i); 16588 if ( !IsEncryptionOn(ssl, 1))16589 Hash OutputRaw(ssl, output + i, CERT_HEADER_SZ);17360 if (ssl->options.dtls || !IsEncryptionOn(ssl, 1)) 17361 HashRaw(ssl, output + i, CERT_HEADER_SZ); 16590 17362 i += CERT_HEADER_SZ; 16591 17363 length -= CERT_HEADER_SZ; … … 16593 17365 if (certSz) { 16594 17366 c32to24(certSz, output + i); 16595 if ( !IsEncryptionOn(ssl, 1))16596 Hash OutputRaw(ssl, output + i, CERT_HEADER_SZ);17367 if (ssl->options.dtls || !IsEncryptionOn(ssl, 1)) 17368 HashRaw(ssl, output + i, CERT_HEADER_SZ); 16597 17369 i += CERT_HEADER_SZ; 16598 17370 length -= CERT_HEADER_SZ; 16599 17371 fragSz -= CERT_HEADER_SZ; 16600 17372 16601 if ( !IsEncryptionOn(ssl, 1)) {16602 Hash OutputRaw(ssl, ssl->buffers.certificate->buffer, certSz);17373 if (ssl->options.dtls || !IsEncryptionOn(ssl, 1)) { 17374 HashRaw(ssl, ssl->buffers.certificate->buffer, certSz); 16603 17375 if (certChainSz) 16604 Hash OutputRaw(ssl, ssl->buffers.certChain->buffer,17376 HashRaw(ssl, ssl->buffers.certChain->buffer, 16605 17377 certChainSz); 16606 17378 } … … 16609 17381 else { 16610 17382 if (!ssl->options.dtls) { 16611 AddRecordHeader(output, fragSz, handshake, ssl );17383 AddRecordHeader(output, fragSz, handshake, ssl, CUR_ORDER); 16612 17384 } 16613 17385 else { … … 16642 17414 if (IsEncryptionOn(ssl, 1)) { 16643 17415 byte* input = NULL; 16644 int inputSz = i - RECORD_HEADER_SZ; /* build msg adds rec hdr */ 17416 int inputSz = i; /* build msg adds rec hdr */ 17417 int recordHeaderSz = RECORD_HEADER_SZ; 17418 17419 if (ssl->options.dtls) 17420 recordHeaderSz += DTLS_RECORD_EXTRA; 17421 inputSz -= recordHeaderSz; 16645 17422 16646 17423 if (inputSz < 0) { … … 16654 17431 if (input == NULL) 16655 17432 return MEMORY_E; 16656 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 16657 } 16658 17433 XMEMCPY(input, output + recordHeaderSz, inputSz); 17434 } 17435 17436 #ifndef WOLFSSL_DTLS 16659 17437 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 16660 handshake, 1, 0, 0); 16661 16662 if (inputSz > 0) 16663 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 17438 handshake, 1, 0, 0, CUR_ORDER); 17439 #else 17440 if (!ssl->options.dtls) 17441 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 17442 handshake, 1, 0, 0, CUR_ORDER); 17443 else /* DTLS 1.2 has to ignore fragmentation in hashing so we need to 17444 * calculate the hash ourselves above */ { 17445 if ((ret = DtlsMsgPoolSave(ssl, input, inputSz, certificate)) != 0) { 17446 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 17447 return ret; 17448 } 17449 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 17450 handshake, 0, 0, 0, CUR_ORDER); 17451 } 17452 #endif 17453 17454 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 16664 17455 16665 17456 if (sendSz < 0) … … 16667 17458 } 16668 17459 else { 17460 sendSz = i; 16669 17461 #ifdef WOLFSSL_DTLS 17462 if (IsDtlsNotSctpMode(ssl)) { 17463 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz, certificate)) != 0) 17464 return ret; 17465 } 16670 17466 if (ssl->options.dtls) 16671 17467 DtlsSEQIncrement(ssl, CUR_ORDER); 16672 17468 #endif 16673 17469 } 16674 16675 #ifdef WOLFSSL_DTLS16676 if (IsDtlsNotSctpMode(ssl)) {16677 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0)16678 return ret;16679 }16680 #endif16681 17470 16682 17471 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) … … 16720 17509 word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 16721 17510 word32 dnLen = 0; 16722 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 17511 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) 16723 17512 WOLF_STACK_OF(WOLFSSL_X509_NAME)* names; 16724 17513 #endif … … 16733 17522 reqSz += LENGTH_SZ + ssl->suites->hashSigAlgoSz; 16734 17523 16735 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 17524 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) 16736 17525 /* Certificate Authorities */ 16737 17526 names = ssl->ctx->ca_names; … … 16762 17551 #endif 16763 17552 } 17553 17554 if (IsEncryptionOn(ssl, 1)) 17555 sendSz += cipherExtraData(ssl); 17556 16764 17557 /* check for available size */ 16765 17558 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) … … 16798 17591 c16toa((word16)dnLen, &output[i]); /* auth's */ 16799 17592 i += REQ_HEADER_SZ; 16800 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 17593 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) 16801 17594 names = ssl->ctx->ca_names; 16802 17595 while (names != NULL) { … … 16815 17608 16816 17609 if (IsEncryptionOn(ssl, 1)) { 16817 byte* input; 16818 int inputSz = i - RECORD_HEADER_SZ; /* build msg adds rec hdr */ 17610 byte* input = NULL; 17611 int inputSz = i; /* build msg adds rec hdr */ 17612 int recordHeaderSz = RECORD_HEADER_SZ; 17613 17614 if (ssl->options.dtls) 17615 recordHeaderSz += DTLS_RECORD_EXTRA; 17616 inputSz -= recordHeaderSz; 17617 17618 if (inputSz <= 0) { 17619 WOLFSSL_MSG("Send Cert Req bad inputSz"); 17620 return BUFFER_E; 17621 } 16819 17622 16820 17623 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); … … 16822 17625 return MEMORY_E; 16823 17626 16824 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 17627 XMEMCPY(input, output + recordHeaderSz, inputSz); 17628 #ifdef WOLFSSL_DTLS 17629 if (IsDtlsNotSctpMode(ssl) && 17630 (ret = DtlsMsgPoolSave(ssl, input, inputSz, certificate_request)) != 0) { 17631 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 17632 return ret; 17633 } 17634 #endif 16825 17635 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 16826 handshake, 1, 0, 0 );17636 handshake, 1, 0, 0, CUR_ORDER); 16827 17637 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 16828 17638 … … 16830 17640 return sendSz; 16831 17641 } else { 17642 sendSz = i; 16832 17643 #ifdef WOLFSSL_DTLS 17644 if (IsDtlsNotSctpMode(ssl)) { 17645 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz, certificate_request)) != 0) 17646 return ret; 17647 } 16833 17648 if (ssl->options.dtls) 16834 17649 DtlsSEQIncrement(ssl, CUR_ORDER); 16835 if (IsDtlsNotSctpMode(ssl)) {16836 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0)16837 return ret;16838 }16839 17650 #endif 16840 17651 ret = HashOutput(ssl, output, sendSz, 0); … … 16919 17730 if (IsEncryptionOn(ssl, 1)) { 16920 17731 byte* input; 16921 int inputSz = idx - RECORD_HEADER_SZ; 16922 17732 int inputSz = idx; /* build msg adds rec hdr */ 17733 int recordHeaderSz = RECORD_HEADER_SZ; 17734 17735 if (ssl->options.dtls) 17736 recordHeaderSz += DTLS_RECORD_EXTRA; 17737 inputSz -= recordHeaderSz; 16923 17738 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 16924 17739 if (input == NULL) 16925 17740 return MEMORY_E; 16926 17741 16927 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 16928 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 16929 handshake, 1, 0, 0); 17742 XMEMCPY(input, output + recordHeaderSz, inputSz); 17743 #ifdef WOLFSSL_DTLS 17744 ret = DtlsMsgPoolSave(ssl, input, inputSz, certificate_status); 17745 #endif 17746 if (ret == 0) 17747 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 17748 handshake, 1, 0, 0, CUR_ORDER); 16930 17749 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 16931 17750 … … 16935 17754 else { 16936 17755 #ifdef WOLFSSL_DTLS 16937 if (ssl->options.dtls) 17756 if (ret == 0 && IsDtlsNotSctpMode(ssl)) 17757 ret = DtlsMsgPoolSave(ssl, output, sendSz, certificate_status); 17758 if (ret == 0 && ssl->options.dtls) 16938 17759 DtlsSEQIncrement(ssl, CUR_ORDER); 16939 17760 #endif 16940 17761 ret = HashOutput(ssl, output, sendSz, 0); 16941 17762 } 16942 16943 #ifdef WOLFSSL_DTLS16944 if (ret == 0 && IsDtlsNotSctpMode(ssl))16945 ret = DtlsMsgPoolSave(ssl, output, sendSz);16946 #endif16947 17763 16948 17764 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) … … 17047 17863 DecodedCert cert[1]; 17048 17864 #endif 17865 DerBuffer* chain; 17049 17866 17050 17867 #ifdef WOLFSSL_SMALL_STACK … … 17063 17880 } 17064 17881 17065 while (idx + OPAQUE24_LEN < ssl->buffers.certChain->length) { 17066 c24to32(ssl->buffers.certChain->buffer + idx, &der.length); 17882 /* use certChain if available, otherwise use peer certificate */ 17883 chain = ssl->buffers.certChain; 17884 if (chain == NULL) { 17885 chain = ssl->buffers.certificate; 17886 } 17887 17888 while (chain && idx + OPAQUE24_LEN < chain->length) { 17889 c24to32(chain->buffer + idx, &der.length); 17067 17890 idx += OPAQUE24_LEN; 17068 17891 17069 der.buffer = ssl->buffers.certChain->buffer + idx;17892 der.buffer = chain->buffer + idx; 17070 17893 idx += der.length; 17071 17894 17072 if (idx > ssl->buffers.certChain->length)17895 if (idx > chain->length) 17073 17896 break; 17074 17897 … … 17148 17971 17149 17972 17973 17974 #if defined(HAVE_SECURE_RENEGOTIATION) && defined(WOLFSSL_DTLS) 17975 /** 17976 * Check if the SCR keys are set in ssl->secure_renegotiation->tmp_keys. 17977 */ 17978 int DtlsSCRKeysSet(WOLFSSL* ssl) 17979 { 17980 return ssl->secure_renegotiation && 17981 ssl->secure_renegotiation->tmp_keys.dtls_epoch != 0; 17982 } 17983 17984 /** 17985 * ssl->keys contains the current cipher parameters only for epoch 1. For 17986 * epochs >1 ssl->secure_renegotiation->tmp_keys contains the current 17987 * cipher parameters. This function checks if the message currently being 17988 * processed should use ssl->keys or ssl->secure_renegotiation->tmp_keys. 17989 */ 17990 int IsDtlsMsgSCRKeys(WOLFSSL* ssl) 17991 { 17992 return DtlsSCRKeysSet(ssl) && 17993 ssl->keys.curEpoch == 17994 ssl->secure_renegotiation->tmp_keys.dtls_epoch; 17995 } 17996 17997 /** 17998 * ssl->keys contains the current cipher parameters only for epoch 1. For 17999 * epochs >1 ssl->secure_renegotiation->tmp_keys contains the current 18000 * cipher parameters. This function checks if the message currently being 18001 * built should use ssl->keys or ssl->secure_renegotiation->tmp_keys. 18002 */ 18003 int DtlsUseSCRKeys(WOLFSSL* ssl) 18004 { 18005 return DtlsSCRKeysSet(ssl) && 18006 ssl->secure_renegotiation->tmp_keys.dtls_epoch == 18007 ssl->keys.dtls_epoch; 18008 } 18009 18010 /** 18011 * If ssl->secure_renegotiation->tmp_keys.dtls_epoch > ssl->keys.dtls_epoch 18012 * then PREV_ORDER refers to the current epoch. 18013 * */ 18014 int DtlsCheckOrder(WOLFSSL* ssl, int order) 18015 { 18016 if (order == PREV_ORDER && ssl->secure_renegotiation && 18017 ssl->secure_renegotiation->tmp_keys.dtls_epoch > ssl->keys.dtls_epoch) { 18018 return CUR_ORDER; 18019 } 18020 else { 18021 return order; 18022 } 18023 } 18024 #endif /* HAVE_SECURE_RENEGOTIATION && WOLFSSL_DTLS */ 18025 17150 18026 /* If secure renegotiation is disabled, this will always return false. 17151 18027 * Otherwise it checks to see if we are currently renegotiating. */ 17152 static WC_INLINEint IsSCR(WOLFSSL* ssl)18028 int IsSCR(WOLFSSL* ssl) 17153 18029 { 17154 18030 #ifndef HAVE_SECURE_RENEGOTIATION … … 17156 18032 #else /* HAVE_SECURE_RENEGOTIATION */ 17157 18033 if (ssl->secure_renegotiation && 17158 ssl->secure_renegotiation->enabled && 17159 ssl->options.handShakeState != HANDSHAKE_DONE) 18034 ssl->secure_renegotiation->enabled && /* Is SCR enabled? */ 18035 ssl->options.handShakeDone && /* At least one handshake done? */ 18036 ssl->options.handShakeState != HANDSHAKE_DONE) /* Currently handshaking? */ 17160 18037 return 1; 17161 18038 #endif /* HAVE_SECURE_RENEGOTIATION */ … … 17197 18074 if (ssl->options.handShakeState == HANDSHAKE_DONE) { 17198 18075 WOLFSSL_MSG("handshake complete, trying to send early data"); 17199 return BUILD_MSG_ERROR; 18076 ssl->error = BUILD_MSG_ERROR; 18077 return WOLFSSL_FATAL_ERROR; 17200 18078 } 17201 18079 #ifdef WOLFSSL_EARLY_DATA_GROUP … … 17264 18142 len = wolfSSL_GetMaxRecordSize(ssl, sz - sent); 17265 18143 17266 #ifdef WOLFSSL_DTLS 17267 if (IsDtlsNotSctpMode(ssl)) { 17268 len = min(len, MAX_UDP_SIZE); 18144 #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_DTLS_SIZE_CHECK) 18145 if (ssl->options.dtls && (len < sz - sent)) { 18146 ssl->error = DTLS_SIZE_ERROR; 18147 WOLFSSL_ERROR(ssl->error); 18148 return ssl->error; 17269 18149 } 17270 18150 #endif … … 17295 18175 if (!ssl->options.tls1_3) { 17296 18176 sendSz = BuildMessage(ssl, out, outputSz, sendBuffer, buffSz, 17297 application_data, 0, 0, 1 );18177 application_data, 0, 0, 1, CUR_ORDER); 17298 18178 } 17299 18179 else { … … 17353 18233 17354 18234 /* reset error state */ 17355 if (ssl->error == WANT_READ 17356 #ifdef WOLFSSL_ASYNC_CRYPT 17357 || ssl->error == WC_PENDING_E 17358 #endif 17359 ) { 18235 if (ssl->error == WANT_READ) { 17360 18236 ssl->error = 0; 17361 18237 } … … 17370 18246 #endif /* WOLFSSL_DTLS */ 17371 18247 17372 if (ssl->error != 0 && ssl->error != WANT_WRITE) { 18248 if (ssl->error != 0 && ssl->error != WANT_WRITE 18249 #ifdef WOLFSSL_ASYNC_CRYPT 18250 && ssl->error != WC_PENDING_E 18251 #endif 18252 #ifdef HAVE_SECURE_RENEGOTIATION 18253 && ssl->error != APP_DATA_READY 18254 #endif 18255 ) { 17373 18256 WOLFSSL_MSG("User calling wolfSSL_read in error state, not allowed"); 17374 18257 return ssl->error; … … 17380 18263 else 17381 18264 #endif 17382 if (ssl->options.handShakeState != HANDSHAKE_DONE) { 17383 int err; 17384 WOLFSSL_MSG("Handshake not complete, trying to finish"); 17385 if ( (err = wolfSSL_negotiate(ssl)) != WOLFSSL_SUCCESS) { 17386 #ifdef WOLFSSL_ASYNC_CRYPT 17387 /* if async would block return WANT_WRITE */ 17388 if (ssl->error == WC_PENDING_E) { 17389 return WOLFSSL_CBIO_ERR_WANT_READ; 17390 } 17391 #endif 17392 return err; 18265 { 18266 int negotiate = 0; 18267 #ifdef HAVE_SECURE_RENEGOTIATION 18268 if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled) { 18269 if (ssl->options.handShakeState != HANDSHAKE_DONE 18270 && ssl->buffers.clearOutputBuffer.length == 0) 18271 negotiate = 1; 18272 } 18273 else 18274 #endif 18275 if (ssl->options.handShakeState != HANDSHAKE_DONE) 18276 negotiate = 1; 18277 18278 if (negotiate) { 18279 int err; 18280 WOLFSSL_MSG("Handshake not complete, trying to finish"); 18281 if ( (err = wolfSSL_negotiate(ssl)) != WOLFSSL_SUCCESS) { 18282 #ifdef WOLFSSL_ASYNC_CRYPT 18283 /* if async would block return WANT_WRITE */ 18284 if (ssl->error == WC_PENDING_E) { 18285 return WOLFSSL_CBIO_ERR_WANT_READ; 18286 } 18287 #endif 18288 return err; 18289 } 17393 18290 } 17394 18291 } … … 17397 18294 startScr: 17398 18295 if (ssl->secure_renegotiation && ssl->secure_renegotiation->startScr) { 17399 int err;18296 int ret; 17400 18297 WOLFSSL_MSG("Need to start scr, server requested"); 17401 if ( (err = wolfSSL_Rehandshake(ssl)) != WOLFSSL_SUCCESS) 17402 return err; 18298 ret = wolfSSL_Rehandshake(ssl); 17403 18299 ssl->secure_renegotiation->startScr = 0; /* only start once */ 18300 if (ret != WOLFSSL_SUCCESS) 18301 return ret; 17404 18302 } 17405 18303 #endif … … 17410 18308 if (ssl->error == ZERO_RETURN) { 17411 18309 WOLFSSL_MSG("Zero return, no more data coming"); 17412 return 0; 18310 return 0; /* no more data coming */ 17413 18311 } 17414 18312 if (ssl->error == SOCKET_ERROR_E) { … … 17417 18315 ssl->error = SOCKET_PEER_CLOSED_E; 17418 18316 WOLFSSL_ERROR(ssl->error); 17419 return 0; 18317 return 0; /* peer reset or closed */ 17420 18318 } 17421 18319 } … … 17427 18325 goto startScr; 17428 18326 } 18327 if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled && 18328 ssl->options.handShakeState != HANDSHAKE_DONE 18329 && ssl->buffers.clearOutputBuffer.length == 0) { 18330 /* ProcessReply processed a handshake packet and not any APP DATA 18331 * so let's move the handshake along */ 18332 int err; 18333 WOLFSSL_MSG("Handshake not complete, trying to finish"); 18334 if ( (err = wolfSSL_negotiate(ssl)) != WOLFSSL_SUCCESS) { 18335 #ifdef WOLFSSL_ASYNC_CRYPT 18336 /* if async would block return WANT_WRITE */ 18337 if (ssl->error == WC_PENDING_E) { 18338 return WOLFSSL_CBIO_ERR_WANT_READ; 18339 } 18340 #endif 18341 return err; 18342 } 18343 } 17429 18344 #endif 17430 } 17431 17432 if (sz < (int)ssl->buffers.clearOutputBuffer.length) 17433 size = sz; 17434 else 17435 size = ssl->buffers.clearOutputBuffer.length; 18345 #ifdef WOLFSSL_TLS13 18346 if (IsAtLeastTLSv1_3(ssl->version) && ssl->options.handShakeDone && 18347 ssl->curRL.type == handshake && peek) { 18348 WOLFSSL_MSG("Got Handshake Messge in APP data"); 18349 if (ssl->buffers.inputBuffer.length == 0) { 18350 ssl->error = WOLFSSL_ERROR_WANT_READ; 18351 return 0; 18352 } 18353 } 18354 #endif 18355 } 18356 18357 size = min(sz, (int)ssl->buffers.clearOutputBuffer.length); 17436 18358 17437 18359 XMEMCPY(output, ssl->buffers.clearOutputBuffer.buffer, size); … … 17522 18444 } 17523 18445 17524 /* only send encrypted alert if handshake actually complete, otherwise 17525 other side may not be able to handle it */ 17526 if (IsEncryptionOn(ssl, 1) && (IsAtLeastTLSv1_3(ssl->version) || 17527 ssl->options.handShakeDone)) { 18446 /* send encrypted alert if encryption is on - can be a rehandshake over 18447 * an existing encrypted channel. 18448 * TLS 1.3 encrypts handshake packets after the ServerHello 18449 */ 18450 if (IsEncryptionOn(ssl, 1)) { 17528 18451 sendSz = BuildMessage(ssl, output, outputSz, input, ALERT_SIZE, alert, 17529 0, 0, 0 );18452 0, 0, 0, CUR_ORDER); 17530 18453 } 17531 18454 else { 17532 18455 17533 AddRecordHeader(output, ALERT_SIZE, alert, ssl );18456 AddRecordHeader(output, ALERT_SIZE, alert, ssl, CUR_ORDER); 17534 18457 output += RECORD_HEADER_SZ; 17535 18458 #ifdef WOLFSSL_DTLS … … 18000 18923 return "TLS1.3 Secret Callback Error"; 18001 18924 18925 case DTLS_SIZE_ERROR: 18926 return "DTLS trying to send too much in single datagram error"; 18927 18928 case NO_CERT_ERROR: 18929 return "TLS1.3 No Certificate Set Error"; 18930 18002 18931 default : 18003 18932 return "unknown error number"; … … 18013 18942 } 18014 18943 18015 #ifndef NO_ERROR_STRINGS 18016 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 18017 #define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w),(v),(u)} 18944 #ifdef NO_CIPHER_SUITE_ALIASES 18945 #ifndef NO_ERROR_STRINGS 18946 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 18947 #define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NONE} 18948 #define SUITE_ALIAS(x,z,w,v,u) 18949 #else 18950 #define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NONE} 18951 #define SUITE_ALIAS(x,z,w,v,u) 18952 #endif 18018 18953 #else 18019 #define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w)} 18954 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 18955 #define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NONE} 18956 #define SUITE_ALIAS(x,z,w,v,u) 18957 #else 18958 #define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NONE} 18959 #define SUITE_ALIAS(x,z,w,v,u) 18960 #endif 18020 18961 #endif 18021 #else 18022 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 18023 #define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w),(v),(u)} 18962 #else /* !NO_CIPHER_SUITE_ALIASES */ 18963 18964 /* note that the comma is included at the end of the SUITE_ALIAS() macro 18965 * definitions, to allow aliases to be gated out by the above null macros 18966 * in the NO_CIPHER_SUITE_ALIASES section. 18967 */ 18968 18969 #ifndef NO_ERROR_STRINGS 18970 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \ 18971 defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX) 18972 #define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NONE} 18973 #define SUITE_ALIAS(x,z,w,v,u) {(x),"",(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS}, 18974 #else 18975 #define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NONE} 18976 #define SUITE_ALIAS(x,z,w,v,u) {(x),"",(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS}, 18977 #endif 18024 18978 #else 18025 #define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w)} 18979 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \ 18980 defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX) 18981 #define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NONE} 18982 #define SUITE_ALIAS(x,z,w,v,u) {(x),(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS}, 18983 #else 18984 #define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NONE} 18985 #define SUITE_ALIAS(x,z,w,v,u) {(x),(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS}, 18986 #endif 18026 18987 #endif 18027 #endif 18988 #endif /* NO_CIPHER_SUITE_ALIASES */ 18028 18989 18029 18990 static const CipherSuiteInfo cipher_names[] = … … 18048 19009 #ifdef BUILD_TLS_AES_128_CCM_8_SHA256 18049 19010 SUITE_INFO("TLS13-AES128-CCM-8-SHA256","TLS_AES_128_CCM_8_SHA256",TLS13_BYTE,TLS_AES_128_CCM_8_SHA256,TLSv1_3_MINOR, SSLv3_MAJOR), 19011 SUITE_ALIAS("TLS13-AES128-CCM8-SHA256",TLS13_BYTE,TLS_AES_128_CCM_8_SHA256,TLSv1_3_MINOR, SSLv3_MAJOR) 18050 19012 #endif 18051 19013 … … 18158 19120 #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8 18159 19121 SUITE_INFO("PSK-AES128-CCM-8","TLS_PSK_WITH_AES_128_CCM_8",ECC_BYTE,TLS_PSK_WITH_AES_128_CCM_8,TLSv1_MINOR,SSLv3_MAJOR), 19122 SUITE_ALIAS("PSK-AES128-CCM8",ECC_BYTE,TLS_PSK_WITH_AES_128_CCM_8,TLSv1_MINOR,SSLv3_MAJOR) 18160 19123 #endif 18161 19124 18162 19125 #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8 18163 19126 SUITE_INFO("PSK-AES256-CCM-8","TLS_PSK_WITH_AES_256_CCM_8",ECC_BYTE,TLS_PSK_WITH_AES_256_CCM_8,TLSv1_MINOR,SSLv3_MAJOR), 19127 SUITE_ALIAS("PSK-AES256-CCM8",ECC_BYTE,TLS_PSK_WITH_AES_256_CCM_8,TLSv1_MINOR,SSLv3_MAJOR) 18164 19128 #endif 18165 19129 … … 18214 19178 #ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8 18215 19179 SUITE_INFO("AES128-CCM-8","TLS_RSA_WITH_AES_128_CCM_8",ECC_BYTE,TLS_RSA_WITH_AES_128_CCM_8, TLSv1_2_MINOR, SSLv3_MAJOR), 19180 SUITE_ALIAS("AES128-CCM8",ECC_BYTE,TLS_RSA_WITH_AES_128_CCM_8, TLSv1_2_MINOR, SSLv3_MAJOR) 18216 19181 #endif 18217 19182 18218 19183 #ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8 18219 19184 SUITE_INFO("AES256-CCM-8","TLS_RSA_WITH_AES_256_CCM_8",ECC_BYTE,TLS_RSA_WITH_AES_256_CCM_8, TLSv1_2_MINOR, SSLv3_MAJOR), 19185 SUITE_ALIAS("AES256-CCM8",ECC_BYTE,TLS_RSA_WITH_AES_256_CCM_8, TLSv1_2_MINOR, SSLv3_MAJOR) 18220 19186 #endif 18221 19187 … … 18226 19192 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 18227 19193 SUITE_INFO("ECDHE-ECDSA-AES128-CCM-8","TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, TLSv1_2_MINOR, SSLv3_MAJOR), 19194 SUITE_ALIAS("ECDHE-ECDSA-AES128-CCM8",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, TLSv1_2_MINOR, SSLv3_MAJOR) 18228 19195 #endif 18229 19196 18230 19197 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 18231 19198 SUITE_INFO("ECDHE-ECDSA-AES256-CCM-8","TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, TLSv1_2_MINOR, SSLv3_MAJOR), 19199 SUITE_ALIAS("ECDHE-ECDSA-AES256-CCM8",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, TLSv1_2_MINOR, SSLv3_MAJOR) 18232 19200 #endif 18233 19201 … … 18525 19493 for (i = 0; i < GetCipherNamesSize(); i++) { 18526 19494 if ((cipher_names[i].cipherSuite0 == cipherSuite0) && 18527 (cipher_names[i].cipherSuite == cipherSuite)) { 19495 (cipher_names[i].cipherSuite == cipherSuite) 19496 #ifndef NO_CIPHER_SUITE_ALIASES 19497 && (! (cipher_names[i].flags & WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS)) 19498 #endif 19499 ) { 18528 19500 nameInternal = cipher_names[i].name; 18529 19501 break; … … 18542 19514 n3 = n[3]; 18543 19515 n4 = n[4]; 19516 19517 #ifdef HAVE_NTRU 19518 if (XSTRNCMP(n0,"NTRU",4) == 0) 19519 return "NTRU"; 19520 #endif 18544 19521 18545 19522 if (XSTRNCMP(n0,"ECDHE",5) == 0 && XSTRNCMP(n1,"PSK",3) == 0) … … 18578 19555 n2 = n[2]; 18579 19556 19557 #ifdef HAVE_NTRU 19558 if (XSTRNCMP(n0,"NTRU",4) == 0) 19559 return "NTRU"; 19560 #endif 19561 18580 19562 if ((XSTRNCMP(n0,"AES128",6) == 0) || (XSTRNCMP(n0,"AES256",6) == 0) || 18581 19563 ((XSTRNCMP(n0,"TLS13",5) == 0) && ((XSTRNCMP(n1,"AES128",6) == 0) || … … 18591 19573 else if (XSTRNCMP(n1,"ECDSA",5) == 0) 18592 19574 authStr = "ECDSA"; 19575 else if (XSTRNCMP(n0,"ADH",3) == 0) 19576 authStr = "None"; 18593 19577 else 18594 19578 authStr = "unknown"; … … 18640 19624 (XSTRNCMP(n2,"CAMELLIA128",11) == 0)) 18641 19625 encStr = "CAMELLIA(128)"; 18642 else if ((XSTRNCMP(n0,"RC4",3) == 0) || (XSTRNCMP(n2,"RC4",3) == 0)) 19626 else if ((XSTRNCMP(n0,"RC4",3) == 0) || (XSTRNCMP(n1,"RC4",3) == 0) || 19627 (XSTRNCMP(n2,"RC4",3) == 0)) 18643 19628 encStr = "RC4"; 18644 else if (((XSTRNCMP(n0,"DES",3) == 0) || (XSTRNCMP(n2,"DES",3) == 0)) && 18645 ((XSTRNCMP(n1,"CBC3",4) == 0) || (XSTRNCMP(n3,"CBC3",4) == 0))) 19629 else if (((XSTRNCMP(n0,"DES",3) == 0) || (XSTRNCMP(n1,"DES",3) == 0) || 19630 (XSTRNCMP(n2,"DES",3) == 0)) && 19631 ((XSTRNCMP(n1,"CBC3",4) == 0) || (XSTRNCMP(n2,"CBC3",4) == 0) || 19632 (XSTRNCMP(n3,"CBC3",4) == 0))) 18646 19633 encStr = "3DES"; 18647 19634 else if ((XSTRNCMP(n1,"CHACHA20",8) == 0 && XSTRNCMP(n2,"POLY1305",8) == 0) || … … 18733 19720 for (i = 0; i < GetCipherNamesSize(); i++) { 18734 19721 if ((cipher_names[i].cipherSuite0 == cipherSuite0) && 18735 (cipher_names[i].cipherSuite == cipherSuite)) { 19722 (cipher_names[i].cipherSuite == cipherSuite) 19723 #ifndef NO_CIPHER_SUITE_ALIASES 19724 && (! (cipher_names[i].flags & WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS)) 19725 #endif 19726 ) { 18736 19727 nameIana = cipher_names[i].name_iana; 18737 19728 break; … … 18765 19756 18766 19757 int GetCipherSuiteFromName(const char* name, byte* cipherSuite0, 18767 byte* cipherSuite )19758 byte* cipherSuite, int* flags) 18768 19759 { 18769 19760 int ret = BAD_FUNC_ARG; 18770 19761 int i; 18771 unsigned long len = (unsigned long)XSTRLEN(name); 19762 unsigned long len; 19763 const char* nameDelim; 19764 19765 /* Support trailing : */ 19766 nameDelim = XSTRSTR(name, ":"); 19767 if (nameDelim) 19768 len = (unsigned long)(nameDelim - name); 19769 else 19770 len = (unsigned long)XSTRLEN(name); 18772 19771 18773 19772 for (i = 0; i < GetCipherNamesSize(); i++) { 18774 if (XSTRNCMP(name, cipher_names[i].name, len) == 0) { 19773 if ((XSTRNCMP(name, cipher_names[i].name, len) == 0) && 19774 (cipher_names[i].name[len] == 0)) { 18775 19775 *cipherSuite0 = cipher_names[i].cipherSuite0; 18776 19776 *cipherSuite = cipher_names[i].cipherSuite; 19777 *flags = cipher_names[i].flags; 18777 19778 ret = 0; 18778 19779 break; … … 18912 19913 18913 19914 #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_CERTS) 19915 static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo) 19916 { 19917 #ifdef HAVE_ED25519 19918 if (ssl->pkCurveOID == ECC_ED25519_OID) { 19919 /* Certificate has Ed25519 key, only match with Ed25519 sig alg */ 19920 return sigAlgo == ed25519_sa_algo; 19921 } 19922 #endif 19923 #ifdef HAVE_ED448 19924 if (ssl->pkCurveOID == ECC_ED448_OID) { 19925 /* Certificate has Ed448 key, only match with Ed448 sig alg */ 19926 return sigAlgo == ed448_sa_algo; 19927 } 19928 #endif 19929 #ifdef WC_RSA_PSS 19930 /* RSA certificate and PSS sig alg. */ 19931 if (ssl->suites->sigAlgo == rsa_sa_algo) { 19932 #if defined(WOLFSSL_TLS13) 19933 /* TLS 1.3 only supports RSA-PSS. */ 19934 if (IsAtLeastTLSv1_3(ssl->version)) 19935 return sigAlgo == rsa_pss_sa_algo; 19936 #endif 19937 /* TLS 1.2 and below - RSA-PSS allowed. */ 19938 if (sigAlgo == rsa_pss_sa_algo) 19939 return 1; 19940 } 19941 #endif 19942 /* Signature algorithm matches certificate. */ 19943 return sigAlgo == ssl->suites->sigAlgo; 19944 } 19945 19946 #if defined(HAVE_ECC) && defined(WOLFSSL_TLS13) || \ 19947 defined(USE_ECDSA_KEYSZ_HASH_ALGO) 19948 static int CmpEccStrength(int hashAlgo, int curveSz) 19949 { 19950 int dgstSz = GetMacDigestSize(hashAlgo); 19951 if (dgstSz <= 0) 19952 return -1; 19953 return dgstSz - (curveSz & (~0x3)); 19954 } 19955 #endif 19956 19957 static byte MinHashAlgo(WOLFSSL* ssl) 19958 { 19959 #ifdef WOLFSSL_TLS13 19960 if (IsAtLeastTLSv1_3(ssl->version)) { 19961 return sha256_mac; 19962 } 19963 #endif 19964 #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_ALLOW_TLS_SHA1) 19965 if (IsAtLeastTLSv1_2(ssl)) { 19966 return sha256_mac; 19967 } 19968 #endif /* WOLFSSL_NO_TLS12 */ 19969 return sha_mac; 19970 } 19971 18914 19972 int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz) 18915 19973 { 18916 19974 word32 i; 18917 19975 int ret = MATCH_SUITE_ERROR; 18918 18919 ssl->suites->sigAlgo = ssl->specs.sig_algo; 19976 byte minHash; 18920 19977 18921 19978 /* set defaults */ 18922 19979 if (IsAtLeastTLSv1_3(ssl->version)) { 18923 ssl->suites->hashAlgo = sha256_mac;18924 19980 #ifndef NO_CERTS 19981 /* TLS 1.3 cipher suites don't have public key algorithms in them. 19982 * Using the one in the certificate - if any. 19983 */ 18925 19984 ssl->suites->sigAlgo = ssl->buffers.keyType; 18926 19985 #endif 18927 19986 } 18928 #ifndef WOLFSSL_NO_TLS12 18929 else if (IsAtLeastTLSv1_2(ssl)) { 18930 #ifdef WOLFSSL_ALLOW_TLS_SHA1 18931 ssl->suites->hashAlgo = sha_mac; 18932 #else 18933 ssl->suites->hashAlgo = sha256_mac; 18934 #endif 18935 } 18936 else { 18937 ssl->suites->hashAlgo = sha_mac; 18938 } 18939 #endif 18940 19987 else 19988 ssl->suites->sigAlgo = ssl->specs.sig_algo; 19989 if (ssl->suites->sigAlgo == 0) { 19990 /* PSK ciphersuite - get digest to use from cipher suite */ 19991 ssl->suites->hashAlgo = ssl->specs.mac_algorithm; 19992 return 0; 19993 } 19994 ssl->suites->hashAlgo = minHash = MinHashAlgo(ssl); 19995 19996 /* No list means go with the defaults. */ 18941 19997 if (hashSigAlgoSz == 0) 18942 19998 return 0; 18943 19999 18944 /* i+1 since peek a byte ahead for type*/20000 /* i+1 since two bytes used to describe hash and signature algorithm */ 18945 20001 for (i = 0; (i+1) < hashSigAlgoSz; i += HELLO_EXT_SIGALGO_SZ) { 18946 20002 byte hashAlgo = 0, sigAlgo = 0; 18947 20003 18948 20004 DecodeSigAlg(&hashSigAlgo[i], &hashAlgo, &sigAlgo); 20005 /* Keep looking if hash algorithm not strong enough. */ 20006 if (hashAlgo < minHash) 20007 continue; 20008 /* Keep looking if signature algorithm isn't supported by cert. */ 20009 if (!MatchSigAlgo(ssl, sigAlgo)) 20010 continue; 20011 18949 20012 #ifdef HAVE_ED25519 18950 20013 if (ssl->pkCurveOID == ECC_ED25519_OID) { 18951 if (sigAlgo != ed25519_sa_algo) 18952 continue; 18953 if (sigAlgo == ed25519_sa_algo && 18954 ssl->suites->sigAlgo == ecc_dsa_sa_algo) { 18955 ssl->suites->sigAlgo = sigAlgo; 18956 ssl->suites->hashAlgo = sha512_mac; 18957 ret = 0; 18958 break; 18959 } 20014 /* Matched Ed25519 - set chosen and finished. */ 20015 ssl->suites->sigAlgo = sigAlgo; 20016 ssl->suites->hashAlgo = hashAlgo; 20017 ret = 0; 20018 break; 18960 20019 } 18961 20020 #endif 18962 20021 #ifdef HAVE_ED448 18963 20022 if (ssl->pkCurveOID == ECC_ED448_OID) { 18964 if (sigAlgo != ed448_sa_algo) 20023 /* Matched Ed448 - set chosen and finished. */ 20024 ssl->suites->sigAlgo = sigAlgo; 20025 ssl->suites->hashAlgo = hashAlgo; 20026 ret = 0; 20027 break; 20028 } 20029 #endif 20030 20031 #if defined(WOLFSSL_ECDSA_MATCH_HASH) && defined(USE_ECDSA_KEYSZ_HASH_ALGO) 20032 #error "WOLFSSL_ECDSA_MATCH_HASH and USE_ECDSA_KEYSZ_HASH_ALGO cannot " 20033 "be used together" 20034 #endif 20035 20036 #if defined(HAVE_ECC) && (defined(WOLFSSL_TLS13) || \ 20037 defined(WOLFSSL_ECDSA_MATCH_HASH)) 20038 if (sigAlgo == ecc_dsa_sa_algo 20039 #ifndef WOLFSSL_ECDSA_MATCH_HASH 20040 && IsAtLeastTLSv1_3(ssl->version) 20041 #endif 20042 ) { 20043 /* Must be exact match. */ 20044 if (CmpEccStrength(hashAlgo, ssl->buffers.keySz) != 0) 18965 20045 continue; 18966 20046 18967 if (sigAlgo == ed448_sa_algo && 18968 ssl->suites->sigAlgo == ecc_dsa_sa_algo) { 18969 ssl->suites->sigAlgo = sigAlgo; 18970 ssl->suites->hashAlgo = sha512_mac; 18971 ret = 0; 18972 break; 18973 } 18974 } 18975 #endif 18976 #if defined(WOLFSSL_TLS13) && defined(HAVE_ECC) 18977 if (IsAtLeastTLSv1_3(ssl->version) && sigAlgo == ssl->suites->sigAlgo && 18978 sigAlgo == ecc_dsa_sa_algo) { 18979 18980 int digestSz = GetMacDigestSize(hashAlgo); 18981 if (digestSz <= 0) 18982 continue; 18983 18984 /* TLS 1.3 signature algorithms for ECDSA match hash length with 18985 * key size. 18986 */ 18987 if (digestSz != ssl->buffers.keySz) 18988 continue; 18989 20047 /* Matched ECDSA exaclty - set chosen and finished. */ 18990 20048 ssl->suites->hashAlgo = hashAlgo; 18991 20049 ssl->suites->sigAlgo = sigAlgo; 18992 20050 ret = 0; 18993 break; /* done selected sig/hash algorithms */ 18994 } 18995 else 20051 break; 20052 } 18996 20053 #endif 20054 18997 20055 /* For ECDSA the `USE_ECDSA_KEYSZ_HASH_ALGO` build option will choose a hash 18998 20056 * algorithm that matches the ephemeral ECDHE key size or the next highest … … 19001 20059 */ 19002 20060 #if defined(HAVE_ECC) && defined(USE_ECDSA_KEYSZ_HASH_ALGO) 19003 if (sigAlgo == ssl->suites->sigAlgo && sigAlgo == ecc_dsa_sa_algo) { 19004 int digestSz = GetMacDigestSize(hashAlgo); 19005 if (digestSz <= 0) 20061 if (sigAlgo == ecc_dsa_sa_algo) { 20062 int cmp = CmpEccStrength(hashAlgo, ssl->eccTempKeySz); 20063 20064 /* Keep looking if digest not strong enough. */ 20065 if (cmp < 0) 19006 20066 continue; 19007 20067 19008 /* For ecc_dsa_sa_algo, pick hash algo that is curve size unless 19009 algorithm in not compiled in, then choose next highest */ 19010 if (digestSz == ssl->eccTempKeySz) { 20068 /* Looking for exact match or next highest. */ 20069 if (ret != 0 || hashAlgo <= ssl->suites->hashAlgo) { 19011 20070 ssl->suites->hashAlgo = hashAlgo; 19012 20071 ssl->suites->sigAlgo = sigAlgo; … … 19015 20074 #endif 19016 20075 ret = 0; 19017 break; /* done selected sig/hash algorithms */19018 } 19019 /* not strong enough, so keep checking hashSigAlso list*/19020 if ( digestSz < ssl->eccTempKeySz)20076 } 20077 20078 /* Continue looking if not the same strength. */ 20079 if (cmp > 0) 19021 20080 continue; 19022 19023 /* mark as highest and check remainder of hashSigAlgo list */ 19024 ssl->suites->hashAlgo = hashAlgo; 19025 ssl->suites->sigAlgo = sigAlgo; 19026 ret = 0; 19027 } 19028 else 20081 /* Exact match - finished. */ 20082 break; 20083 } 19029 20084 #endif 19030 #ifdef WC_RSA_PSS 19031 if (IsAtLeastTLSv1_3(ssl->version) && 19032 ssl->suites->sigAlgo == rsa_sa_algo && 19033 sigAlgo != rsa_pss_sa_algo) { 19034 continue; 19035 } 19036 else if (sigAlgo == ssl->suites->sigAlgo || 19037 (sigAlgo == rsa_pss_sa_algo && 19038 (ssl->suites->sigAlgo == rsa_sa_algo))) 19039 #else 19040 if (sigAlgo == ssl->suites->sigAlgo) 19041 #endif 19042 { 19043 /* pick highest available between both server and client */ 19044 switch (hashAlgo) { 19045 case sha_mac: 19046 #ifdef WOLFSSL_SHA224 19047 case sha224_mac: 20085 20086 switch (hashAlgo) { 20087 #ifndef NO_SHA 20088 case sha_mac: 20089 #endif 20090 #ifdef WOLFSSL_SHA224 20091 case sha224_mac: 20092 #endif 20093 #ifndef NO_SHA256 20094 case sha256_mac: 20095 #endif 20096 #ifdef WOLFSSL_SHA384 20097 case sha384_mac: 20098 #endif 20099 #ifdef WOLFSSL_SHA512 20100 case sha512_mac: 20101 #endif 20102 #ifdef WOLFSSL_STRONGEST_HASH_SIG 20103 /* Is hash algorithm weaker than chosen/min? */ 20104 if (hashAlgo < ssl->suites->hashAlgo) 20105 break; 20106 #else 20107 /* Is hash algorithm stonger than last chosen? */ 20108 if (ret == 0 && hashAlgo > ssl->suites->hashAlgo) 20109 break; 19048 20110 #endif 19049 #ifndef NO_SHA256 19050 case sha256_mac: 19051 #endif 19052 #ifdef WOLFSSL_SHA384 19053 case sha384_mac: 19054 #endif 19055 #ifdef WOLFSSL_SHA512 19056 case sha512_mac: 19057 #endif 19058 /* not strong enough, so keep checking hashSigAlso list */ 19059 if (hashAlgo < ssl->suites->hashAlgo) { 19060 ret = 0; 19061 continue; 19062 } 19063 /* mark as highest and check remainder of hashSigAlgo list */ 19064 ssl->suites->hashAlgo = hashAlgo; 19065 ssl->suites->sigAlgo = sigAlgo; 19066 break; 19067 default: 19068 continue; 19069 } 19070 ret = 0; 19071 break; 19072 } 19073 #if defined(WOLFSSL_TLS13) 19074 else if (ssl->specs.sig_algo == 0 && IsAtLeastTLSv1_3(ssl->version)) { 19075 } 19076 #endif 19077 else if (ssl->specs.sig_algo == 0) 19078 { 19079 ssl->suites->hashAlgo = ssl->specs.mac_algorithm; 19080 ret = 0; 20111 /* The chosen one - but keep looking. */ 20112 ssl->suites->hashAlgo = hashAlgo; 20113 ssl->suites->sigAlgo = sigAlgo; 20114 ret = 0; 20115 break; 20116 default: 20117 /* Support for hash algorithm not compiled in. */ 20118 break; 19081 20119 } 19082 20120 } … … 19107 20145 int sz = GetCipherNamesSize(); 19108 20146 19109 for (i = 0; i < sz; i++) 20147 for (i = 0; i < sz; i++) { 20148 #ifndef NO_CIPHER_SUITE_ALIASES 20149 if (cipher_names[i].flags & WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS) 20150 continue; 20151 #endif 19110 20152 if (info->ssl->options.cipherSuite == 19111 20153 (byte)cipher_names[i].cipherSuite) { … … 19116 20158 break; 19117 20159 } 20160 } 19118 20161 19119 20162 /* error max and min are negative numbers */ … … 19279 20322 #if !defined(NO_CERTS) 19280 20323 20324 #ifdef WOLF_CRYPTO_CB 20325 /* Create a private key for a device. 20326 * 20327 * pkey Key object. 20328 * data Data to identify key. 20329 * length Length of data. 20330 * hsType Type of the key to create. 20331 * heap Custom heap to use for mallocs/frees 20332 * devId Id for device. 20333 * return 0 on success. 20334 * return NOT_COMPILED_IN if algorithm type not supported. 20335 * return MEMORY_E on memory allocation failure. 20336 * return other internal error 20337 */ 20338 int CreateDevPrivateKey(void** pkey, byte* data, word32 length, int hsType, 20339 int label, int id, void* heap, int devId) 20340 { 20341 int ret = NOT_COMPILED_IN; 20342 20343 if (hsType == DYNAMIC_TYPE_RSA) { 20344 #ifndef NO_RSA 20345 RsaKey* rsaKey; 20346 20347 rsaKey = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); 20348 if (rsaKey == NULL) { 20349 return MEMORY_E; 20350 } 20351 20352 if (label) { 20353 ret = wc_InitRsaKey_Label(rsaKey, (char*)data, heap, devId); 20354 } 20355 else if (id) { 20356 ret = wc_InitRsaKey_Id(rsaKey, data, length, heap, devId); 20357 } 20358 if (ret == 0) { 20359 *pkey = (void*)rsaKey; 20360 } 20361 else { 20362 XFREE(rsaKey, heap, DYNAMIC_TYPE_RSA); 20363 } 20364 #endif 20365 } 20366 else if (hsType == DYNAMIC_TYPE_ECC) { 20367 #ifdef HAVE_ECC 20368 ecc_key* ecKey; 20369 20370 ecKey = (ecc_key*)XMALLOC(sizeof(ecc_key), heap, DYNAMIC_TYPE_ECC); 20371 if (ecKey == NULL) { 20372 return MEMORY_E; 20373 } 20374 20375 if (label) { 20376 ret = wc_ecc_init_label(ecKey, (char*)data, heap, devId); 20377 } 20378 else if (id) { 20379 ret = wc_ecc_init_id(ecKey, data, length, heap, devId); 20380 } 20381 if (ret == 0) { 20382 *pkey = (void*)ecKey; 20383 } 20384 else { 20385 XFREE(ecKey, heap, DYNAMIC_TYPE_ECC); 20386 } 20387 #endif 20388 } 20389 20390 return ret; 20391 } 20392 #endif 20393 19281 20394 /* Decode the private key - RSA/ECC/Ed25519/Ed448 - and creates a key object. 19282 20395 * The signature type is set as well. … … 19309 20422 19310 20423 #ifdef HAVE_PKCS11 19311 if (ssl->buffers.keyDevId != INVALID_DEVID && ssl->buffers.keyId) { 20424 if (ssl->buffers.keyDevId != INVALID_DEVID && (ssl->buffers.keyId || 20425 ssl->buffers.keyLabel)) { 19312 20426 if (ssl->buffers.keyType == rsa_sa_algo) 19313 20427 ssl->hsType = DYNAMIC_TYPE_RSA; … … 19321 20435 if (ssl->buffers.keyType == rsa_sa_algo) { 19322 20436 #ifndef NO_RSA 19323 ret = wc_InitRsaKey_Id((RsaKey*)ssl->hsKey, 19324 ssl->buffers.key->buffer, ssl->buffers.key->length, 19325 ssl->heap, ssl->buffers.keyDevId); 20437 if (ssl->buffers.keyLabel) { 20438 ret = wc_InitRsaKey_Label((RsaKey*)ssl->hsKey, 20439 (char*)ssl->buffers.key->buffer, 20440 ssl->heap, ssl->buffers.keyDevId); 20441 } 20442 else if (ssl->buffers.keyId) { 20443 ret = wc_InitRsaKey_Id((RsaKey*)ssl->hsKey, 20444 ssl->buffers.key->buffer, 20445 ssl->buffers.key->length, ssl->heap, 20446 ssl->buffers.keyDevId); 20447 } 19326 20448 if (ret == 0) { 19327 20449 if (ssl->buffers.keySz < ssl->options.minRsaKeySz) { … … 19339 20461 else if (ssl->buffers.keyType == ecc_dsa_sa_algo) { 19340 20462 #ifdef HAVE_ECC 19341 ret = wc_ecc_init_id((ecc_key*)ssl->hsKey, ssl->buffers.key->buffer, 19342 ssl->buffers.key->length, ssl->heap, 19343 ssl->buffers.keyDevId); 20463 if (ssl->buffers.keyLabel) { 20464 ret = wc_ecc_init_label((ecc_key*)ssl->hsKey, 20465 (char*)ssl->buffers.key->buffer, 20466 ssl->heap, ssl->buffers.keyDevId); 20467 } 20468 else if (ssl->buffers.keyId) { 20469 ret = wc_ecc_init_id((ecc_key*)ssl->hsKey, 20470 ssl->buffers.key->buffer, 20471 ssl->buffers.key->length, ssl->heap, 20472 ssl->buffers.keyDevId); 20473 } 19344 20474 if (ret == 0) { 19345 20475 if (ssl->buffers.keySz < ssl->options.minEccKeySz) { … … 19532 20662 19533 20663 #endif /* WOLFSSL_TLS13 || !NO_WOLFSSL_CLIENT */ 20664 20665 #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_TLS12) 20666 /* returns 1 if able to do TLS 1.3 otherwise 0 */ 20667 int TLSv1_3_Capable(WOLFSSL* ssl) 20668 { 20669 #ifndef WOLFSSL_TLS13 20670 return 0; 20671 #else 20672 int ret = 0; 20673 20674 if (IsAtLeastTLSv1_3(ssl->ctx->method->version)) { 20675 ret = 1; 20676 } 20677 20678 #ifdef OPENSSL_EXTRA 20679 if ((wolfSSL_get_options(ssl) & SSL_OP_NO_TLSv1_3)) { 20680 /* option set at run time to disable TLS 1.3 */ 20681 ret = 0; 20682 } 20683 #endif 20684 return ret; 20685 #endif 20686 } 20687 #endif /* WOLFSSL_TLS13 */ 19534 20688 19535 20689 /* client only parts */ … … 19731 20885 if (IsEncryptionOn(ssl, 1)) { 19732 20886 byte* input; 19733 int inputSz = idx - RECORD_HEADER_SZ; /* build msg adds rec hdr */ 19734 20887 int inputSz = idx; /* build msg adds rec hdr */ 20888 int recordHeaderSz = RECORD_HEADER_SZ; 20889 20890 if (ssl->options.dtls) 20891 recordHeaderSz += DTLS_RECORD_EXTRA; 20892 inputSz -= recordHeaderSz; 19735 20893 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 19736 20894 if (input == NULL) 19737 20895 return MEMORY_E; 19738 20896 19739 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 20897 XMEMCPY(input, output + recordHeaderSz, inputSz); 20898 #ifdef WOLFSSL_DTLS 20899 if (IsDtlsNotSctpMode(ssl) && 20900 (ret = DtlsMsgPoolSave(ssl, input, inputSz, client_hello)) != 0) { 20901 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 20902 return ret; 20903 } 20904 #endif 19740 20905 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 19741 handshake, 1, 0, 0 );20906 handshake, 1, 0, 0, CUR_ORDER); 19742 20907 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 19743 20908 … … 19747 20912 #ifdef WOLFSSL_DTLS 19748 20913 if (IsDtlsNotSctpMode(ssl)) { 19749 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz )) != 0)20914 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz, client_hello)) != 0) 19750 20915 return ret; 19751 20916 } … … 20196 21361 return ret; 20197 21362 } 20198 20199 #ifdef WOLFSSL_TLS1320200 /* returns 1 if able to do TLS 1.3 otherwise 0 */20201 static int TLSv1_3_Capable(WOLFSSL* ssl)20202 {20203 #ifndef WOLFSSL_TLS1320204 return 0;20205 #else20206 int ret = 0;20207 20208 if (IsAtLeastTLSv1_3(ssl->ctx->method->version)) {20209 ret = 1;20210 }20211 20212 #ifdef OPENSSL_EXTRA20213 if ((wolfSSL_get_options(ssl) & SSL_OP_NO_TLSv1_3)) {20214 /* option set at run time to disable TLS 1.3 */20215 ret = 0;20216 }20217 #endif20218 return ret;20219 #endif20220 }20221 #endif /* WOLFSSL_TLS13 */20222 21363 20223 21364 int CompleteServerHello(WOLFSSL* ssl) … … 20244 21385 #endif 20245 21386 if (ssl->ctx->method->version.major == SSLv3_MAJOR && 20246 ssl->ctx->method->version.minor == TLSv1_2_MINOR) { 21387 ssl->ctx->method->version.minor == TLSv1_2_MINOR 21388 #ifdef OPENSSL_EXTRA 21389 && (wolfSSL_get_options(ssl) & SSL_OP_NO_TLSv1_2) == 0 21390 #endif 21391 ) { 20247 21392 /* TLS v1.2 capable client not allowed to downgrade when 20248 21393 * connecting to TLS v1.2 capable server. … … 20286 21431 } 20287 21432 } 20288 #ifdef WOLFSSL_DTLS20289 if (ssl->options.dtls) {20290 DtlsMsgPoolReset(ssl);20291 }20292 #endif20293 20294 21433 return SetCipherSpecs(ssl); 20295 21434 } 20296 21435 20297 #endif /* WOLFSSL_NO_TLS12 */21436 #endif /* !WOLFSSL_NO_TLS12 */ 20298 21437 20299 21438 … … 20481 21620 20482 21621 switch (tlsCurveId) { 20483 #if defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)21622 #if (defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 160 20484 21623 #ifndef NO_ECC_SECP 20485 21624 case WOLFSSL_ECC_SECP160R1: return ECC_SECP160R1_OID; … … 20492 21631 #endif /* HAVE_ECC_KOBLITZ */ 20493 21632 #endif 20494 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)21633 #if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192 20495 21634 #ifndef NO_ECC_SECP 20496 21635 case WOLFSSL_ECC_SECP192R1: return ECC_SECP192R1_OID; … … 20500 21639 #endif /* HAVE_ECC_KOBLITZ */ 20501 21640 #endif 20502 #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)21641 #if (defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224 20503 21642 #ifndef NO_ECC_SECP 20504 21643 case WOLFSSL_ECC_SECP224R1: return ECC_SECP224R1_OID; … … 20508 21647 #endif /* HAVE_ECC_KOBLITZ */ 20509 21648 #endif 20510 #if def HAVE_CURVE2551921649 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 20511 21650 case WOLFSSL_ECC_X25519: return ECC_X25519_OID; 20512 21651 #endif 20513 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)21652 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 20514 21653 #ifndef NO_ECC_SECP 20515 21654 case WOLFSSL_ECC_SECP256R1: return ECC_SECP256R1_OID; … … 20522 21661 #endif /* HAVE_ECC_BRAINPOOL */ 20523 21662 #endif 20524 #if def HAVE_CURVE44821663 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 20525 21664 case WOLFSSL_ECC_X448: return ECC_X448_OID; 20526 21665 #endif 20527 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)21666 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384 20528 21667 #ifndef NO_ECC_SECP 20529 21668 case WOLFSSL_ECC_SECP384R1: return ECC_SECP384R1_OID; … … 20533 21672 #endif /* HAVE_ECC_BRAINPOOL */ 20534 21673 #endif 20535 #if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)21674 #if (defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 512 20536 21675 #ifdef HAVE_ECC_BRAINPOOL 20537 21676 case WOLFSSL_ECC_BRAINPOOLP512R1: return ECC_BRAINPOOLP512R1_OID; 20538 21677 #endif /* HAVE_ECC_BRAINPOOL */ 20539 21678 #endif 20540 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)21679 #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 20541 21680 #ifndef NO_ECC_SECP 20542 21681 case WOLFSSL_ECC_SECP521R1: return ECC_SECP521R1_OID; … … 20548 21687 } 20549 21688 20550 #endif /* HAVE_ECC */21689 #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */ 20551 21690 20552 21691 /* Persistable DoServerKeyExchange arguments */ 20553 21692 typedef struct DskeArgs { 20554 21693 byte* output; /* not allocated */ 20555 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_ ED25519) || \20556 defined(HAVE_ED448)21694 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ 21695 defined(HAVE_CURVE448) 20557 21696 byte* verifySig; 20558 21697 #endif 20559 21698 word32 idx; 20560 21699 word32 begin; 20561 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_ ED25519) || \20562 defined(HAVE_ED448)21700 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ 21701 defined(HAVE_CURVE448) 20563 21702 word16 verifySigSz; 20564 21703 #endif … … 20578 21717 (void)args; 20579 21718 20580 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_ ED25519) || \20581 defined(HAVE_ED448)21719 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ 21720 defined(HAVE_CURVE448) 20582 21721 if (args->verifySig) { 20583 21722 XFREE(args->verifySig, ssl->heap, DYNAMIC_TYPE_SIGNATURE); … … 20598 21737 #endif 20599 21738 20600 ssl->buffers.weOwnDH = 1; 20601 20602 ssl->buffers.serverDH_P.buffer = NULL; 20603 ssl->buffers.serverDH_G.buffer = NULL; 20604 ssl->buffers.serverDH_Pub.buffer = NULL; 21739 if (ssl->buffers.weOwnDH) { 21740 if (ssl->buffers.serverDH_P.buffer) { 21741 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 21742 DYNAMIC_TYPE_PUBLIC_KEY); 21743 ssl->buffers.serverDH_P.buffer = NULL; 21744 } 21745 21746 if (ssl->buffers.serverDH_G.buffer) { 21747 XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, 21748 DYNAMIC_TYPE_PUBLIC_KEY); 21749 ssl->buffers.serverDH_G.buffer = NULL; 21750 } 21751 21752 } 21753 21754 if (ssl->buffers.serverDH_Pub.buffer) { 21755 XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, 21756 DYNAMIC_TYPE_PUBLIC_KEY); 21757 ssl->buffers.serverDH_Pub.buffer = NULL; 21758 } 20605 21759 20606 21760 /* p */ … … 20644 21798 /* g */ 20645 21799 if ((args->idx - args->begin) + OPAQUE16_LEN > size) { 21800 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 21801 DYNAMIC_TYPE_PUBLIC_KEY); 21802 ssl->buffers.serverDH_P.buffer = NULL; 20646 21803 ERROR_OUT(BUFFER_ERROR, exit_gdpk); 20647 21804 } … … 20651 21808 20652 21809 if ((args->idx - args->begin) + length > size) { 21810 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 21811 DYNAMIC_TYPE_PUBLIC_KEY); 21812 ssl->buffers.serverDH_P.buffer = NULL; 20653 21813 ERROR_OUT(BUFFER_ERROR, exit_gdpk); 21814 } 21815 21816 if (length > ssl->options.maxDhKeySz) { 21817 WOLFSSL_MSG("Server using a DH key generator that is too big"); 21818 SendAlert(ssl, alert_fatal, handshake_failure); 21819 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 21820 DYNAMIC_TYPE_PUBLIC_KEY); 21821 ssl->buffers.serverDH_P.buffer = NULL; 21822 ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk); 20654 21823 } 20655 21824 … … 20660 21829 } 20661 21830 else { 21831 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 21832 DYNAMIC_TYPE_PUBLIC_KEY); 21833 ssl->buffers.serverDH_P.buffer = NULL; 20662 21834 ERROR_OUT(MEMORY_ERROR, exit_gdpk); 20663 21835 } … … 20669 21841 /* pub */ 20670 21842 if ((args->idx - args->begin) + OPAQUE16_LEN > size) { 21843 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 21844 DYNAMIC_TYPE_PUBLIC_KEY); 21845 ssl->buffers.serverDH_P.buffer = NULL; 21846 XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, 21847 DYNAMIC_TYPE_PUBLIC_KEY); 21848 ssl->buffers.serverDH_G.buffer = NULL; 20671 21849 ERROR_OUT(BUFFER_ERROR, exit_gdpk); 20672 21850 } … … 20676 21854 20677 21855 if ((args->idx - args->begin) + length > size) { 21856 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 21857 DYNAMIC_TYPE_PUBLIC_KEY); 21858 ssl->buffers.serverDH_P.buffer = NULL; 21859 XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, 21860 DYNAMIC_TYPE_PUBLIC_KEY); 21861 ssl->buffers.serverDH_G.buffer = NULL; 20678 21862 ERROR_OUT(BUFFER_ERROR, exit_gdpk); 21863 } 21864 21865 if (length > ssl->options.maxDhKeySz) { 21866 WOLFSSL_MSG("Server using a public DH key that is too big"); 21867 SendAlert(ssl, alert_fatal, handshake_failure); 21868 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 21869 DYNAMIC_TYPE_PUBLIC_KEY); 21870 ssl->buffers.serverDH_P.buffer = NULL; 21871 XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, 21872 DYNAMIC_TYPE_PUBLIC_KEY); 21873 ssl->buffers.serverDH_G.buffer = NULL; 21874 ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk); 20679 21875 } 20680 21876 … … 20685 21881 } 20686 21882 else { 21883 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 21884 DYNAMIC_TYPE_PUBLIC_KEY); 21885 ssl->buffers.serverDH_P.buffer = NULL; 21886 XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, 21887 DYNAMIC_TYPE_PUBLIC_KEY); 21888 ssl->buffers.serverDH_G.buffer = NULL; 20687 21889 ERROR_OUT(MEMORY_ERROR, exit_gdpk); 20688 21890 } … … 20690 21892 XMEMCPY(ssl->buffers.serverDH_Pub.buffer, input + args->idx, 20691 21893 length); 21894 ssl->buffers.weOwnDH = 1; 20692 21895 args->idx += length; 20693 21896 … … 21216 22419 case ecc_diffie_hellman_kea: 21217 22420 { 21218 #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(HAVE_ED25519)\21219 && !defined(HAVE_ED448)22421 #if defined(NO_DH) && !defined(HAVE_ECC) && \ 22422 !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) 21220 22423 ERROR_OUT(NOT_COMPILED_IN, exit_dske); 21221 22424 #else … … 21389 22592 case ecc_diffie_hellman_kea: 21390 22593 { 21391 #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(HAVE_ED25519)\21392 && !defined(HAVE_ED448)22594 #if defined(NO_DH) && !defined(HAVE_ECC) && \ 22595 !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) 21393 22596 ERROR_OUT(NOT_COMPILED_IN, exit_dske); 21394 22597 #else … … 21563 22766 case ecc_diffie_hellman_kea: 21564 22767 { 21565 #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(HAVE_ED25519)\21566 && !defined(HAVE_ED448)22768 #if defined(NO_DH) && !defined(HAVE_ECC) && \ 22769 !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) 21567 22770 ERROR_OUT(NOT_COMPILED_IN, exit_dske); 21568 22771 #else … … 22624 23827 XMEMCPY(args->output, ssl->arrays->client_identity, esSz); 22625 23828 args->output += esSz; 23829 args->length = args->encSz - esSz - OPAQUE16_LEN; 22626 23830 args->encSz = esSz + OPAQUE16_LEN; 22627 22628 args->length = 0;22629 23831 22630 23832 ret = AllocKey(ssl, DYNAMIC_TYPE_DH, … … 23297 24499 23298 24500 if (IsEncryptionOn(ssl, 1)) { 23299 args->inputSz = idx - RECORD_HEADER_SZ; /* buildmsg adds rechdr */ 24501 int recordHeaderSz = RECORD_HEADER_SZ; 24502 24503 if (ssl->options.dtls) 24504 recordHeaderSz += DTLS_RECORD_EXTRA; 24505 args->inputSz = idx - recordHeaderSz; /* buildmsg adds rechdr */ 23300 24506 args->input = (byte*)XMALLOC(args->inputSz, ssl->heap, 23301 24507 DYNAMIC_TYPE_IN_BUFFER); … … 23304 24510 } 23305 24511 23306 XMEMCPY(args->input, args->output + RECORD_HEADER_SZ,24512 XMEMCPY(args->input, args->output + recordHeaderSz, 23307 24513 args->inputSz); 23308 24514 } … … 23316 24522 { 23317 24523 if (IsEncryptionOn(ssl, 1)) { 24524 #ifdef WOLFSSL_DTLS 24525 if (IsDtlsNotSctpMode(ssl) && 24526 (ret = DtlsMsgPoolSave(ssl, args->input, args->inputSz, client_key_exchange)) != 0) { 24527 goto exit_scke; 24528 } 24529 #endif 23318 24530 ret = BuildMessage(ssl, args->output, args->sendSz, 23319 args->input, args->inputSz, handshake, 1, 0, 0 );24531 args->input, args->inputSz, handshake, 1, 0, 0, CUR_ORDER); 23320 24532 XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 23321 24533 args->input = NULL; /* make sure its not double free'd on cleanup */ … … 23328 24540 else { 23329 24541 #ifdef WOLFSSL_DTLS 24542 if (IsDtlsNotSctpMode(ssl)) { 24543 if ((ret = DtlsMsgPoolSave(ssl, args->output, args->sendSz, client_key_exchange)) != 0) { 24544 goto exit_scke; 24545 } 24546 } 23330 24547 if (ssl->options.dtls) 23331 24548 DtlsSEQIncrement(ssl, CUR_ORDER); … … 23337 24554 goto exit_scke; 23338 24555 } 23339 23340 #ifdef WOLFSSL_DTLS23341 if (IsDtlsNotSctpMode(ssl)) {23342 if ((ret = DtlsMsgPoolSave(ssl, args->output, args->sendSz)) != 0) {23343 goto exit_scke;23344 }23345 }23346 #endif23347 24556 23348 24557 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) … … 23397 24606 23398 24607 #endif /* !WOLFSSL_NO_TLS12 */ 24608 24609 #ifndef NO_CERTS 24610 24611 #ifndef WOLFSSL_NO_TLS12 24612 24613 #ifndef WOLFSSL_NO_CLIENT_AUTH 24614 typedef struct ScvArgs { 24615 byte* output; /* not allocated */ 24616 #ifndef NO_RSA 24617 byte* verifySig; 24618 #endif 24619 byte* verify; /* not allocated */ 24620 byte* input; 24621 word32 idx; 24622 word32 extraSz; 24623 word32 sigSz; 24624 int sendSz; 24625 int inputSz; 24626 word16 length; 24627 byte sigAlgo; 24628 } ScvArgs; 24629 24630 static void FreeScvArgs(WOLFSSL* ssl, void* pArgs) 24631 { 24632 ScvArgs* args = (ScvArgs*)pArgs; 24633 24634 (void)ssl; 24635 24636 #ifndef NO_RSA 24637 if (args->verifySig) { 24638 XFREE(args->verifySig, ssl->heap, DYNAMIC_TYPE_SIGNATURE); 24639 args->verifySig = NULL; 24640 } 24641 #endif 24642 if (args->input) { 24643 XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 24644 args->input = NULL; 24645 } 24646 } 24647 24648 /* handle generation of certificate_verify (15) */ 24649 int SendCertificateVerify(WOLFSSL* ssl) 24650 { 24651 int ret = 0; 24652 #ifdef WOLFSSL_ASYNC_CRYPT 24653 ScvArgs* args = (ScvArgs*)ssl->async.args; 24654 typedef char args_test[sizeof(ssl->async.args) >= sizeof(*args) ? 1 : -1]; 24655 (void)sizeof(args_test); 24656 #else 24657 ScvArgs args[1]; 24658 #endif 24659 24660 WOLFSSL_START(WC_FUNC_CERTIFICATE_VERIFY_SEND); 24661 WOLFSSL_ENTER("SendCertificateVerify"); 24662 24663 #ifdef WOLFSSL_ASYNC_CRYPT 24664 /* BuildMessage does its own Pop */ 24665 if (ssl->error != WC_PENDING_E || 24666 ssl->options.asyncState != TLS_ASYNC_END) 24667 ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState); 24668 if (ret != WC_NOT_PENDING_E) { 24669 /* Check for error */ 24670 if (ret < 0) 24671 goto exit_scv; 24672 } 24673 else 24674 #endif 24675 { 24676 /* Reset state */ 24677 ret = 0; 24678 ssl->options.asyncState = TLS_ASYNC_BEGIN; 24679 XMEMSET(args, 0, sizeof(ScvArgs)); 24680 #ifdef WOLFSSL_ASYNC_CRYPT 24681 ssl->async.freeArgs = FreeScvArgs; 24682 #endif 24683 } 24684 24685 switch(ssl->options.asyncState) 24686 { 24687 case TLS_ASYNC_BEGIN: 24688 { 24689 if (ssl->options.sendVerify == SEND_BLANK_CERT) { 24690 return 0; /* sent blank cert, can't verify */ 24691 } 24692 24693 args->sendSz = MAX_CERT_VERIFY_SZ + MAX_MSG_EXTRA; 24694 if (IsEncryptionOn(ssl, 1)) { 24695 args->sendSz += MAX_MSG_EXTRA; 24696 } 24697 24698 /* check for available size */ 24699 if ((ret = CheckAvailableSize(ssl, args->sendSz)) != 0) { 24700 goto exit_scv; 24701 } 24702 24703 /* get output buffer */ 24704 args->output = ssl->buffers.outputBuffer.buffer + 24705 ssl->buffers.outputBuffer.length; 24706 24707 /* Advance state and proceed */ 24708 ssl->options.asyncState = TLS_ASYNC_BUILD; 24709 } /* case TLS_ASYNC_BEGIN */ 24710 FALL_THROUGH; 24711 24712 case TLS_ASYNC_BUILD: 24713 { 24714 ret = BuildCertHashes(ssl, &ssl->hsHashes->certHashes); 24715 if (ret != 0) { 24716 goto exit_scv; 24717 } 24718 24719 if (ssl->buffers.key == NULL) { 24720 #ifdef HAVE_PK_CALLBACKS 24721 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) 24722 args->length = GetPrivateKeySigSize(ssl); 24723 else 24724 #endif 24725 ERROR_OUT(NO_PRIVATE_KEY, exit_scv); 24726 } 24727 else { 24728 /* Decode private key. */ 24729 ret = DecodePrivateKey(ssl, &args->length); 24730 if (ret != 0) { 24731 goto exit_scv; 24732 } 24733 } 24734 24735 if (args->length == 0) { 24736 ERROR_OUT(NO_PRIVATE_KEY, exit_scv); 24737 } 24738 24739 /* idx is used to track verify pointer offset to output */ 24740 args->idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 24741 args->verify = &args->output[RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ]; 24742 args->extraSz = 0; /* tls 1.2 hash/sig */ 24743 24744 /* build encoded signature buffer */ 24745 ssl->buffers.sig.length = MAX_ENCODED_SIG_SZ; 24746 ssl->buffers.sig.buffer = (byte*)XMALLOC(ssl->buffers.sig.length, 24747 ssl->heap, DYNAMIC_TYPE_SIGNATURE); 24748 if (ssl->buffers.sig.buffer == NULL) { 24749 ERROR_OUT(MEMORY_E, exit_scv); 24750 } 24751 24752 #ifdef WOLFSSL_DTLS 24753 if (ssl->options.dtls) { 24754 args->idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; 24755 args->verify += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; 24756 } 24757 #endif 24758 24759 #ifndef NO_OLD_TLS 24760 #ifndef NO_SHA 24761 /* old tls default */ 24762 SetDigest(ssl, sha_mac); 24763 #endif 24764 #else 24765 #ifndef NO_SHA256 24766 /* new tls default */ 24767 SetDigest(ssl, sha256_mac); 24768 #endif 24769 #endif /* !NO_OLD_TLS */ 24770 24771 if (ssl->hsType == DYNAMIC_TYPE_RSA) { 24772 #ifdef WC_RSA_PSS 24773 if (IsAtLeastTLSv1_2(ssl) && 24774 (ssl->pssAlgo & (1 << ssl->suites->hashAlgo))) { 24775 args->sigAlgo = rsa_pss_sa_algo; 24776 } 24777 else 24778 #endif 24779 args->sigAlgo = rsa_sa_algo; 24780 } 24781 else if (ssl->hsType == DYNAMIC_TYPE_ECC) 24782 args->sigAlgo = ecc_dsa_sa_algo; 24783 else if (ssl->hsType == DYNAMIC_TYPE_ED25519) 24784 args->sigAlgo = ed25519_sa_algo; 24785 else if (ssl->hsType == DYNAMIC_TYPE_ED448) 24786 args->sigAlgo = ed448_sa_algo; 24787 24788 if (IsAtLeastTLSv1_2(ssl)) { 24789 EncodeSigAlg(ssl->suites->hashAlgo, args->sigAlgo, 24790 args->verify); 24791 args->extraSz = HASH_SIG_SIZE; 24792 SetDigest(ssl, ssl->suites->hashAlgo); 24793 } 24794 #ifndef NO_OLD_TLS 24795 else { 24796 /* if old TLS load MD5 and SHA hash as value to sign */ 24797 XMEMCPY(ssl->buffers.sig.buffer, 24798 (byte*)ssl->hsHashes->certHashes.md5, FINISHED_SZ); 24799 } 24800 #endif 24801 24802 #ifndef NO_RSA 24803 if (args->sigAlgo == rsa_sa_algo) { 24804 ssl->buffers.sig.length = FINISHED_SZ; 24805 args->sigSz = ENCRYPT_LEN; 24806 24807 if (IsAtLeastTLSv1_2(ssl)) { 24808 ssl->buffers.sig.length = wc_EncodeSignature( 24809 ssl->buffers.sig.buffer, ssl->buffers.digest.buffer, 24810 ssl->buffers.digest.length, 24811 TypeHash(ssl->suites->hashAlgo)); 24812 } 24813 24814 /* prepend hdr */ 24815 c16toa(args->length, args->verify + args->extraSz); 24816 } 24817 #ifdef WC_RSA_PSS 24818 else if (args->sigAlgo == rsa_pss_sa_algo) { 24819 XMEMCPY(ssl->buffers.sig.buffer, ssl->buffers.digest.buffer, 24820 ssl->buffers.digest.length); 24821 ssl->buffers.sig.length = ssl->buffers.digest.length; 24822 args->sigSz = ENCRYPT_LEN; 24823 24824 /* prepend hdr */ 24825 c16toa(args->length, args->verify + args->extraSz); 24826 } 24827 #endif 24828 #endif /* !NO_RSA */ 24829 #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH) 24830 if (args->sigAlgo == ed25519_sa_algo) { 24831 ret = Ed25519CheckPubKey(ssl); 24832 if (ret != 0) 24833 goto exit_scv; 24834 } 24835 #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */ 24836 #if defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH) 24837 if (args->sigAlgo == ed448_sa_algo) { 24838 ret = Ed448CheckPubKey(ssl); 24839 if (ret != 0) 24840 goto exit_scv; 24841 } 24842 #endif /* HAVE_ED448 && !NO_ED448_CLIENT_AUTH */ 24843 24844 /* Advance state and proceed */ 24845 ssl->options.asyncState = TLS_ASYNC_DO; 24846 } /* case TLS_ASYNC_BUILD */ 24847 FALL_THROUGH; 24848 24849 case TLS_ASYNC_DO: 24850 { 24851 #ifdef HAVE_ECC 24852 if (ssl->hsType == DYNAMIC_TYPE_ECC) { 24853 ecc_key* key = (ecc_key*)ssl->hsKey; 24854 24855 ret = EccSign(ssl, 24856 ssl->buffers.digest.buffer, ssl->buffers.digest.length, 24857 ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length, 24858 key, 24859 #ifdef HAVE_PK_CALLBACKS 24860 ssl->buffers.key 24861 #else 24862 NULL 24863 #endif 24864 ); 24865 } 24866 #endif /* HAVE_ECC */ 24867 #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH) 24868 if (ssl->hsType == DYNAMIC_TYPE_ED25519) { 24869 ed25519_key* key = (ed25519_key*)ssl->hsKey; 24870 24871 ret = Ed25519Sign(ssl, 24872 ssl->hsHashes->messages, ssl->hsHashes->length, 24873 ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length, 24874 key, 24875 #ifdef HAVE_PK_CALLBACKS 24876 ssl->buffers.key 24877 #else 24878 NULL 24879 #endif 24880 ); 24881 } 24882 #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */ 24883 #if defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH) 24884 if (ssl->hsType == DYNAMIC_TYPE_ED448) { 24885 ed448_key* key = (ed448_key*)ssl->hsKey; 24886 24887 ret = Ed448Sign(ssl, 24888 ssl->hsHashes->messages, ssl->hsHashes->length, 24889 ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length, 24890 key, 24891 #ifdef HAVE_PK_CALLBACKS 24892 ssl->buffers.key 24893 #else 24894 NULL 24895 #endif 24896 ); 24897 } 24898 #endif /* HAVE_ED448 && !NO_ED448_CLIENT_AUTH */ 24899 #ifndef NO_RSA 24900 if (ssl->hsType == DYNAMIC_TYPE_RSA) { 24901 RsaKey* key = (RsaKey*)ssl->hsKey; 24902 24903 /* restore verify pointer */ 24904 args->verify = &args->output[args->idx]; 24905 24906 ret = RsaSign(ssl, 24907 ssl->buffers.sig.buffer, ssl->buffers.sig.length, 24908 args->verify + args->extraSz + VERIFY_HEADER, &args->sigSz, 24909 args->sigAlgo, ssl->suites->hashAlgo, key, 24910 ssl->buffers.key 24911 ); 24912 } 24913 #endif /* !NO_RSA */ 24914 24915 /* Check for error */ 24916 if (ret != 0) { 24917 goto exit_scv; 24918 } 24919 24920 /* Advance state and proceed */ 24921 ssl->options.asyncState = TLS_ASYNC_VERIFY; 24922 } /* case TLS_ASYNC_DO */ 24923 FALL_THROUGH; 24924 24925 case TLS_ASYNC_VERIFY: 24926 { 24927 /* restore verify pointer */ 24928 args->verify = &args->output[args->idx]; 24929 24930 switch (ssl->hsType) { 24931 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) 24932 #ifdef HAVE_ECC 24933 case DYNAMIC_TYPE_ECC: 24934 #endif 24935 #ifdef HAVE_ED25519 24936 case DYNAMIC_TYPE_ED25519: 24937 #endif 24938 #ifdef HAVE_ED448 24939 case DYNAMIC_TYPE_ED448: 24940 #endif 24941 args->length = (word16)ssl->buffers.sig.length; 24942 /* prepend hdr */ 24943 c16toa(args->length, args->verify + args->extraSz); 24944 XMEMCPY(args->verify + args->extraSz + VERIFY_HEADER, 24945 ssl->buffers.sig.buffer, ssl->buffers.sig.length); 24946 break; 24947 #endif 24948 #ifndef NO_RSA 24949 case DYNAMIC_TYPE_RSA: 24950 { 24951 RsaKey* key = (RsaKey*)ssl->hsKey; 24952 24953 if (args->verifySig == NULL) { 24954 args->verifySig = (byte*)XMALLOC(args->sigSz, ssl->heap, 24955 DYNAMIC_TYPE_SIGNATURE); 24956 if (args->verifySig == NULL) { 24957 ERROR_OUT(MEMORY_E, exit_scv); 24958 } 24959 XMEMCPY(args->verifySig, args->verify + args->extraSz + 24960 VERIFY_HEADER, args->sigSz); 24961 } 24962 24963 /* check for signature faults */ 24964 ret = VerifyRsaSign(ssl, 24965 args->verifySig, args->sigSz, 24966 ssl->buffers.sig.buffer, ssl->buffers.sig.length, 24967 args->sigAlgo, ssl->suites->hashAlgo, key, 24968 ssl->buffers.key 24969 ); 24970 break; 24971 } 24972 #endif /* !NO_RSA */ 24973 default: 24974 break; 24975 } 24976 24977 /* Check for error */ 24978 if (ret != 0) { 24979 goto exit_scv; 24980 } 24981 24982 /* Advance state and proceed */ 24983 ssl->options.asyncState = TLS_ASYNC_FINALIZE; 24984 } /* case TLS_ASYNC_VERIFY */ 24985 FALL_THROUGH; 24986 24987 case TLS_ASYNC_FINALIZE: 24988 { 24989 if (args->output == NULL) { 24990 ERROR_OUT(BUFFER_ERROR, exit_scv); 24991 } 24992 AddHeaders(args->output, (word32)args->length + args->extraSz + 24993 VERIFY_HEADER, certificate_verify, ssl); 24994 24995 args->sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + 24996 (word32)args->length + args->extraSz + VERIFY_HEADER; 24997 24998 #ifdef WOLFSSL_DTLS 24999 if (ssl->options.dtls) { 25000 args->sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; 25001 } 25002 #endif 25003 25004 if (IsEncryptionOn(ssl, 1)) { 25005 int recordHeaderSz = RECORD_HEADER_SZ; 25006 25007 if (ssl->options.dtls) 25008 recordHeaderSz += DTLS_RECORD_EXTRA; 25009 args->inputSz = args->sendSz - recordHeaderSz; 25010 /* build msg adds rec hdr */ 25011 args->input = (byte*)XMALLOC(args->inputSz, ssl->heap, 25012 DYNAMIC_TYPE_IN_BUFFER); 25013 if (args->input == NULL) { 25014 ERROR_OUT(MEMORY_E, exit_scv); 25015 } 25016 25017 XMEMCPY(args->input, args->output + recordHeaderSz, 25018 args->inputSz); 25019 } 25020 25021 /* Advance state and proceed */ 25022 ssl->options.asyncState = TLS_ASYNC_END; 25023 } /* case TLS_ASYNC_FINALIZE */ 25024 FALL_THROUGH; 25025 25026 case TLS_ASYNC_END: 25027 { 25028 if (IsEncryptionOn(ssl, 1)) { 25029 #ifdef WOLFSSL_DTLS 25030 if (IsDtlsNotSctpMode(ssl) && 25031 (ret = DtlsMsgPoolSave(ssl, args->input, args->inputSz, certificate_verify)) != 0) { 25032 goto exit_scv; 25033 } 25034 #endif 25035 ret = BuildMessage(ssl, args->output, 25036 MAX_CERT_VERIFY_SZ + MAX_MSG_EXTRA, 25037 args->input, args->inputSz, handshake, 25038 1, 0, 1, CUR_ORDER); 25039 #ifdef WOLFSSL_ASYNC_CRYPT 25040 if (ret == WC_PENDING_E) 25041 goto exit_scv; 25042 #endif 25043 25044 XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 25045 args->input = NULL; /* make sure its not double free'd on cleanup */ 25046 25047 if (ret >= 0) { 25048 args->sendSz = ret; 25049 ret = 0; 25050 } 25051 } 25052 else { 25053 #ifdef WOLFSSL_DTLS 25054 if (IsDtlsNotSctpMode(ssl)) { 25055 ret = DtlsMsgPoolSave(ssl, args->output, args->sendSz, certificate_verify); 25056 } 25057 if (ret == 0 && ssl->options.dtls) 25058 DtlsSEQIncrement(ssl, CUR_ORDER); 25059 #endif 25060 if (ret == 0) 25061 ret = HashOutput(ssl, args->output, args->sendSz, 0); 25062 } 25063 25064 if (ret != 0) { 25065 goto exit_scv; 25066 } 25067 25068 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 25069 if (ssl->hsInfoOn) 25070 AddPacketName(ssl, "CertificateVerify"); 25071 if (ssl->toInfoOn) 25072 AddPacketInfo(ssl, "CertificateVerify", handshake, 25073 args->output, args->sendSz, WRITE_PROTO, ssl->heap); 25074 #endif 25075 25076 ssl->buffers.outputBuffer.length += args->sendSz; 25077 25078 if (!ssl->options.groupMessages) { 25079 ret = SendBuffered(ssl); 25080 } 25081 break; 25082 } 25083 default: 25084 ret = INPUT_CASE_ERROR; 25085 } /* switch(ssl->options.asyncState) */ 25086 25087 exit_scv: 25088 25089 WOLFSSL_LEAVE("SendCertificateVerify", ret); 25090 WOLFSSL_END(WC_FUNC_CERTIFICATE_VERIFY_SEND); 25091 25092 #ifdef WOLFSSL_ASYNC_CRYPT 25093 /* Handle async operation */ 25094 if (ret == WC_PENDING_E) { 25095 return ret; 25096 } 25097 #endif /* WOLFSSL_ASYNC_CRYPT */ 25098 25099 /* Digest is not allocated, so do this to prevent free */ 25100 ssl->buffers.digest.buffer = NULL; 25101 ssl->buffers.digest.length = 0; 25102 25103 /* Final cleanup */ 25104 FreeScvArgs(ssl, args); 25105 FreeKeyExchange(ssl); 25106 25107 return ret; 25108 } 25109 #endif /* WOLFSSL_NO_CLIENT_AUTH */ 25110 25111 #endif /* WOLFSSL_NO_TLS12 */ 25112 25113 #endif /* NO_CERTS */ 25114 25115 25116 #ifdef HAVE_SESSION_TICKET 25117 int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length) 25118 { 25119 /* Free old dynamic ticket if we already had one */ 25120 if (ssl->session.isDynamic) { 25121 XFREE(ssl->session.ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK); 25122 ssl->session.ticket = ssl->session.staticTicket; 25123 ssl->session.isDynamic = 0; 25124 } 25125 25126 if (length > sizeof(ssl->session.staticTicket)) { 25127 byte* sessionTicket = 25128 (byte*)XMALLOC(length, ssl->heap, DYNAMIC_TYPE_SESSION_TICK); 25129 if (sessionTicket == NULL) 25130 return MEMORY_E; 25131 ssl->session.ticket = sessionTicket; 25132 ssl->session.isDynamic = 1; 25133 } 25134 ssl->session.ticketLen = (word16)length; 25135 25136 if (length > 0) { 25137 XMEMCPY(ssl->session.ticket, ticket, length); 25138 if (ssl->session_ticket_cb != NULL) { 25139 ssl->session_ticket_cb(ssl, 25140 ssl->session.ticket, ssl->session.ticketLen, 25141 ssl->session_ticket_ctx); 25142 } 25143 /* Create a fake sessionID based on the ticket, this will 25144 * supersede the existing session cache info. */ 25145 ssl->options.haveSessionId = 1; 25146 #ifdef WOLFSSL_TLS13 25147 if (ssl->options.tls1_3) { 25148 XMEMCPY(ssl->session.sessionID, 25149 ssl->session.ticket + length - ID_LEN, ID_LEN); 25150 } 25151 else 25152 #endif 25153 XMEMCPY(ssl->arrays->sessionID, 25154 ssl->session.ticket + length - ID_LEN, ID_LEN); 25155 } 25156 25157 return 0; 25158 } 25159 25160 #ifndef WOLFSSL_NO_TLS12 25161 25162 /* handle processing of session_ticket (4) */ 25163 static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, 25164 word32 size) 25165 { 25166 word32 begin = *inOutIdx; 25167 word32 lifetime; 25168 word16 length; 25169 int ret; 25170 25171 if (ssl->expect_session_ticket == 0) { 25172 WOLFSSL_MSG("Unexpected session ticket"); 25173 return SESSION_TICKET_EXPECT_E; 25174 } 25175 25176 if (OPAQUE32_LEN > size) 25177 return BUFFER_ERROR; 25178 25179 ato32(input + *inOutIdx, &lifetime); 25180 *inOutIdx += OPAQUE32_LEN; 25181 25182 if ((*inOutIdx - begin) + OPAQUE16_LEN > size) 25183 return BUFFER_ERROR; 25184 25185 ato16(input + *inOutIdx, &length); 25186 *inOutIdx += OPAQUE16_LEN; 25187 25188 if ((*inOutIdx - begin) + length > size) 25189 return BUFFER_ERROR; 25190 25191 if ((ret = SetTicket(ssl, input + *inOutIdx, length)) != 0) 25192 return ret; 25193 *inOutIdx += length; 25194 if (length > 0) { 25195 ssl->timeout = lifetime; 25196 #ifndef NO_SESSION_CACHE 25197 AddSession(ssl); 25198 #endif 25199 } 25200 25201 if (IsEncryptionOn(ssl, 0)) { 25202 *inOutIdx += ssl->keys.padSz; 25203 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) 25204 if (ssl->options.startedETMRead) 25205 *inOutIdx += MacSize(ssl); 25206 #endif 25207 } 25208 25209 ssl->expect_session_ticket = 0; 25210 25211 return 0; 25212 } 25213 25214 #endif /* !WOLFSSL_NO_TLS12 */ 25215 25216 #endif /* HAVE_SESSION_TICKET */ 25217 25218 #endif /* NO_WOLFSSL_CLIENT */ 23399 25219 23400 25220 #ifndef NO_CERTS … … 23443 25263 #endif /* HAVE_PK_CALLBACKS */ 23444 25264 23445 #ifndef WOLFSSL_NO_TLS1223446 23447 #ifndef WOLFSSL_NO_CLIENT_AUTH23448 typedef struct ScvArgs {23449 byte* output; /* not allocated */23450 #ifndef NO_RSA23451 byte* verifySig;23452 #endif23453 byte* verify; /* not allocated */23454 byte* input;23455 word32 idx;23456 word32 extraSz;23457 word32 sigSz;23458 int sendSz;23459 int inputSz;23460 word16 length;23461 byte sigAlgo;23462 } ScvArgs;23463 23464 static void FreeScvArgs(WOLFSSL* ssl, void* pArgs)23465 {23466 ScvArgs* args = (ScvArgs*)pArgs;23467 23468 (void)ssl;23469 23470 #ifndef NO_RSA23471 if (args->verifySig) {23472 XFREE(args->verifySig, ssl->heap, DYNAMIC_TYPE_SIGNATURE);23473 args->verifySig = NULL;23474 }23475 #endif23476 if (args->input) {23477 XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);23478 args->input = NULL;23479 }23480 }23481 23482 /* handle generation of certificate_verify (15) */23483 int SendCertificateVerify(WOLFSSL* ssl)23484 {23485 int ret = 0;23486 #ifdef WOLFSSL_ASYNC_CRYPT23487 ScvArgs* args = (ScvArgs*)ssl->async.args;23488 typedef char args_test[sizeof(ssl->async.args) >= sizeof(*args) ? 1 : -1];23489 (void)sizeof(args_test);23490 #else23491 ScvArgs args[1];23492 #endif23493 23494 WOLFSSL_START(WC_FUNC_CERTIFICATE_VERIFY_SEND);23495 WOLFSSL_ENTER("SendCertificateVerify");23496 23497 #ifdef WOLFSSL_ASYNC_CRYPT23498 ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);23499 if (ret != WC_NOT_PENDING_E) {23500 /* Check for error */23501 if (ret < 0)23502 goto exit_scv;23503 }23504 else23505 #endif23506 {23507 /* Reset state */23508 ret = 0;23509 ssl->options.asyncState = TLS_ASYNC_BEGIN;23510 XMEMSET(args, 0, sizeof(ScvArgs));23511 #ifdef WOLFSSL_ASYNC_CRYPT23512 ssl->async.freeArgs = FreeScvArgs;23513 #endif23514 }23515 23516 switch(ssl->options.asyncState)23517 {23518 case TLS_ASYNC_BEGIN:23519 {23520 if (ssl->options.sendVerify == SEND_BLANK_CERT) {23521 return 0; /* sent blank cert, can't verify */23522 }23523 23524 args->sendSz = MAX_CERT_VERIFY_SZ + MAX_MSG_EXTRA;23525 if (IsEncryptionOn(ssl, 1)) {23526 args->sendSz += MAX_MSG_EXTRA;23527 }23528 23529 /* check for available size */23530 if ((ret = CheckAvailableSize(ssl, args->sendSz)) != 0) {23531 goto exit_scv;23532 }23533 23534 /* get output buffer */23535 args->output = ssl->buffers.outputBuffer.buffer +23536 ssl->buffers.outputBuffer.length;23537 23538 /* Advance state and proceed */23539 ssl->options.asyncState = TLS_ASYNC_BUILD;23540 } /* case TLS_ASYNC_BEGIN */23541 FALL_THROUGH;23542 23543 case TLS_ASYNC_BUILD:23544 {23545 ret = BuildCertHashes(ssl, &ssl->hsHashes->certHashes);23546 if (ret != 0) {23547 goto exit_scv;23548 }23549 23550 if (ssl->buffers.key == NULL) {23551 #ifdef HAVE_PK_CALLBACKS23552 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))23553 args->length = GetPrivateKeySigSize(ssl);23554 else23555 #endif23556 ERROR_OUT(NO_PRIVATE_KEY, exit_scv);23557 }23558 else {23559 /* Decode private key. */23560 ret = DecodePrivateKey(ssl, &args->length);23561 if (ret != 0) {23562 goto exit_scv;23563 }23564 }23565 23566 if (args->length == 0) {23567 ERROR_OUT(NO_PRIVATE_KEY, exit_scv);23568 }23569 23570 /* idx is used to track verify pointer offset to output */23571 args->idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;23572 args->verify = &args->output[RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ];23573 args->extraSz = 0; /* tls 1.2 hash/sig */23574 23575 /* build encoded signature buffer */23576 ssl->buffers.sig.length = MAX_ENCODED_SIG_SZ;23577 ssl->buffers.sig.buffer = (byte*)XMALLOC(ssl->buffers.sig.length,23578 ssl->heap, DYNAMIC_TYPE_SIGNATURE);23579 if (ssl->buffers.sig.buffer == NULL) {23580 ERROR_OUT(MEMORY_E, exit_scv);23581 }23582 23583 #ifdef WOLFSSL_DTLS23584 if (ssl->options.dtls) {23585 args->idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;23586 args->verify += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;23587 }23588 #endif23589 23590 #ifndef NO_OLD_TLS23591 #ifndef NO_SHA23592 /* old tls default */23593 SetDigest(ssl, sha_mac);23594 #endif23595 #else23596 #ifndef NO_SHA25623597 /* new tls default */23598 SetDigest(ssl, sha256_mac);23599 #endif23600 #endif /* !NO_OLD_TLS */23601 23602 if (ssl->hsType == DYNAMIC_TYPE_RSA) {23603 #ifdef WC_RSA_PSS23604 if (IsAtLeastTLSv1_2(ssl) &&23605 (ssl->pssAlgo & (1 << ssl->suites->hashAlgo))) {23606 args->sigAlgo = rsa_pss_sa_algo;23607 }23608 else23609 #endif23610 args->sigAlgo = rsa_sa_algo;23611 }23612 else if (ssl->hsType == DYNAMIC_TYPE_ECC)23613 args->sigAlgo = ecc_dsa_sa_algo;23614 else if (ssl->hsType == DYNAMIC_TYPE_ED25519)23615 args->sigAlgo = ed25519_sa_algo;23616 else if (ssl->hsType == DYNAMIC_TYPE_ED448)23617 args->sigAlgo = ed448_sa_algo;23618 23619 if (IsAtLeastTLSv1_2(ssl)) {23620 EncodeSigAlg(ssl->suites->hashAlgo, args->sigAlgo,23621 args->verify);23622 args->extraSz = HASH_SIG_SIZE;23623 SetDigest(ssl, ssl->suites->hashAlgo);23624 }23625 #ifndef NO_OLD_TLS23626 else {23627 /* if old TLS load MD5 and SHA hash as value to sign */23628 XMEMCPY(ssl->buffers.sig.buffer,23629 (byte*)ssl->hsHashes->certHashes.md5, FINISHED_SZ);23630 }23631 #endif23632 23633 #ifndef NO_RSA23634 if (args->sigAlgo == rsa_sa_algo) {23635 ssl->buffers.sig.length = FINISHED_SZ;23636 args->sigSz = ENCRYPT_LEN;23637 23638 if (IsAtLeastTLSv1_2(ssl)) {23639 ssl->buffers.sig.length = wc_EncodeSignature(23640 ssl->buffers.sig.buffer, ssl->buffers.digest.buffer,23641 ssl->buffers.digest.length,23642 TypeHash(ssl->suites->hashAlgo));23643 }23644 23645 /* prepend hdr */23646 c16toa(args->length, args->verify + args->extraSz);23647 }23648 #ifdef WC_RSA_PSS23649 else if (args->sigAlgo == rsa_pss_sa_algo) {23650 XMEMCPY(ssl->buffers.sig.buffer, ssl->buffers.digest.buffer,23651 ssl->buffers.digest.length);23652 ssl->buffers.sig.length = ssl->buffers.digest.length;23653 args->sigSz = ENCRYPT_LEN;23654 23655 /* prepend hdr */23656 c16toa(args->length, args->verify + args->extraSz);23657 }23658 #endif23659 #endif /* !NO_RSA */23660 #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)23661 if (args->sigAlgo == ed25519_sa_algo) {23662 ret = Ed25519CheckPubKey(ssl);23663 if (ret != 0)23664 goto exit_scv;23665 }23666 #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */23667 #if defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)23668 if (args->sigAlgo == ed448_sa_algo) {23669 ret = Ed448CheckPubKey(ssl);23670 if (ret != 0)23671 goto exit_scv;23672 }23673 #endif /* HAVE_ED448 && !NO_ED448_CLIENT_AUTH */23674 23675 /* Advance state and proceed */23676 ssl->options.asyncState = TLS_ASYNC_DO;23677 } /* case TLS_ASYNC_BUILD */23678 FALL_THROUGH;23679 23680 case TLS_ASYNC_DO:23681 {23682 #ifdef HAVE_ECC23683 if (ssl->hsType == DYNAMIC_TYPE_ECC) {23684 ecc_key* key = (ecc_key*)ssl->hsKey;23685 23686 ret = EccSign(ssl,23687 ssl->buffers.digest.buffer, ssl->buffers.digest.length,23688 ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length,23689 key,23690 #ifdef HAVE_PK_CALLBACKS23691 ssl->buffers.key23692 #else23693 NULL23694 #endif23695 );23696 }23697 #endif /* HAVE_ECC */23698 #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)23699 if (ssl->hsType == DYNAMIC_TYPE_ED25519) {23700 ed25519_key* key = (ed25519_key*)ssl->hsKey;23701 23702 ret = Ed25519Sign(ssl,23703 ssl->hsHashes->messages, ssl->hsHashes->length,23704 ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length,23705 key,23706 #ifdef HAVE_PK_CALLBACKS23707 ssl->buffers.key23708 #else23709 NULL23710 #endif23711 );23712 }23713 #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */23714 #if defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)23715 if (ssl->hsType == DYNAMIC_TYPE_ED448) {23716 ed448_key* key = (ed448_key*)ssl->hsKey;23717 23718 ret = Ed448Sign(ssl,23719 ssl->hsHashes->messages, ssl->hsHashes->length,23720 ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length,23721 key,23722 #ifdef HAVE_PK_CALLBACKS23723 ssl->buffers.key23724 #else23725 NULL23726 #endif23727 );23728 }23729 #endif /* HAVE_ED448 && !NO_ED448_CLIENT_AUTH */23730 #ifndef NO_RSA23731 if (ssl->hsType == DYNAMIC_TYPE_RSA) {23732 RsaKey* key = (RsaKey*)ssl->hsKey;23733 23734 /* restore verify pointer */23735 args->verify = &args->output[args->idx];23736 23737 ret = RsaSign(ssl,23738 ssl->buffers.sig.buffer, ssl->buffers.sig.length,23739 args->verify + args->extraSz + VERIFY_HEADER, &args->sigSz,23740 args->sigAlgo, ssl->suites->hashAlgo, key,23741 ssl->buffers.key23742 );23743 }23744 #endif /* !NO_RSA */23745 23746 /* Check for error */23747 if (ret != 0) {23748 goto exit_scv;23749 }23750 23751 /* Advance state and proceed */23752 ssl->options.asyncState = TLS_ASYNC_VERIFY;23753 } /* case TLS_ASYNC_DO */23754 FALL_THROUGH;23755 23756 case TLS_ASYNC_VERIFY:23757 {23758 /* restore verify pointer */23759 args->verify = &args->output[args->idx];23760 23761 switch (ssl->hsType) {23762 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)23763 #ifdef HAVE_ECC23764 case DYNAMIC_TYPE_ECC:23765 #endif23766 #ifdef HAVE_ED2551923767 case DYNAMIC_TYPE_ED25519:23768 #endif23769 #ifdef HAVE_ED44823770 case DYNAMIC_TYPE_ED448:23771 #endif23772 args->length = (word16)ssl->buffers.sig.length;23773 /* prepend hdr */23774 c16toa(args->length, args->verify + args->extraSz);23775 XMEMCPY(args->verify + args->extraSz + VERIFY_HEADER,23776 ssl->buffers.sig.buffer, ssl->buffers.sig.length);23777 break;23778 #endif23779 #ifndef NO_RSA23780 case DYNAMIC_TYPE_RSA:23781 {23782 RsaKey* key = (RsaKey*)ssl->hsKey;23783 23784 if (args->verifySig == NULL) {23785 args->verifySig = (byte*)XMALLOC(args->sigSz, ssl->heap,23786 DYNAMIC_TYPE_SIGNATURE);23787 if (args->verifySig == NULL) {23788 ERROR_OUT(MEMORY_E, exit_scv);23789 }23790 XMEMCPY(args->verifySig, args->verify + args->extraSz +23791 VERIFY_HEADER, args->sigSz);23792 }23793 23794 /* check for signature faults */23795 ret = VerifyRsaSign(ssl,23796 args->verifySig, args->sigSz,23797 ssl->buffers.sig.buffer, ssl->buffers.sig.length,23798 args->sigAlgo, ssl->suites->hashAlgo, key,23799 ssl->buffers.key23800 );23801 break;23802 }23803 #endif /* !NO_RSA */23804 default:23805 break;23806 }23807 23808 /* Check for error */23809 if (ret != 0) {23810 goto exit_scv;23811 }23812 23813 /* Advance state and proceed */23814 ssl->options.asyncState = TLS_ASYNC_FINALIZE;23815 } /* case TLS_ASYNC_VERIFY */23816 FALL_THROUGH;23817 23818 case TLS_ASYNC_FINALIZE:23819 {23820 if (args->output == NULL) {23821 ERROR_OUT(BUFFER_ERROR, exit_scv);23822 }23823 AddHeaders(args->output, (word32)args->length + args->extraSz +23824 VERIFY_HEADER, certificate_verify, ssl);23825 23826 args->sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ +23827 (word32)args->length + args->extraSz + VERIFY_HEADER;23828 23829 #ifdef WOLFSSL_DTLS23830 if (ssl->options.dtls) {23831 args->sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;23832 }23833 #endif23834 23835 if (IsEncryptionOn(ssl, 1)) {23836 args->inputSz = args->sendSz - RECORD_HEADER_SZ;23837 /* build msg adds rec hdr */23838 args->input = (byte*)XMALLOC(args->inputSz, ssl->heap,23839 DYNAMIC_TYPE_IN_BUFFER);23840 if (args->input == NULL) {23841 ERROR_OUT(MEMORY_E, exit_scv);23842 }23843 23844 XMEMCPY(args->input, args->output + RECORD_HEADER_SZ,23845 args->inputSz);23846 }23847 23848 /* Advance state and proceed */23849 ssl->options.asyncState = TLS_ASYNC_END;23850 } /* case TLS_ASYNC_FINALIZE */23851 FALL_THROUGH;23852 23853 case TLS_ASYNC_END:23854 {23855 if (IsEncryptionOn(ssl, 1)) {23856 ret = BuildMessage(ssl, args->output,23857 MAX_CERT_VERIFY_SZ + MAX_MSG_EXTRA,23858 args->input, args->inputSz, handshake,23859 1, 0, 1);23860 #ifdef WOLFSSL_ASYNC_CRYPT23861 if (ret == WC_PENDING_E)23862 goto exit_scv;23863 #endif23864 23865 XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);23866 args->input = NULL; /* make sure its not double free'd on cleanup */23867 23868 if (ret >= 0) {23869 args->sendSz = ret;23870 ret = 0;23871 }23872 }23873 else {23874 #ifdef WOLFSSL_DTLS23875 if (ssl->options.dtls)23876 DtlsSEQIncrement(ssl, CUR_ORDER);23877 #endif23878 ret = HashOutput(ssl, args->output, args->sendSz, 0);23879 }23880 23881 if (ret != 0) {23882 goto exit_scv;23883 }23884 23885 #ifdef WOLFSSL_DTLS23886 if (IsDtlsNotSctpMode(ssl)) {23887 ret = DtlsMsgPoolSave(ssl, args->output, args->sendSz);23888 }23889 #endif23890 23891 23892 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)23893 if (ssl->hsInfoOn)23894 AddPacketName(ssl, "CertificateVerify");23895 if (ssl->toInfoOn)23896 AddPacketInfo(ssl, "CertificateVerify", handshake,23897 args->output, args->sendSz, WRITE_PROTO, ssl->heap);23898 #endif23899 23900 ssl->buffers.outputBuffer.length += args->sendSz;23901 23902 if (!ssl->options.groupMessages) {23903 ret = SendBuffered(ssl);23904 }23905 break;23906 }23907 default:23908 ret = INPUT_CASE_ERROR;23909 } /* switch(ssl->options.asyncState) */23910 23911 exit_scv:23912 23913 WOLFSSL_LEAVE("SendCertificateVerify", ret);23914 WOLFSSL_END(WC_FUNC_CERTIFICATE_VERIFY_SEND);23915 23916 #ifdef WOLFSSL_ASYNC_CRYPT23917 /* Handle async operation */23918 if (ret == WC_PENDING_E) {23919 return ret;23920 }23921 #endif /* WOLFSSL_ASYNC_CRYPT */23922 23923 /* Digest is not allocated, so do this to prevent free */23924 ssl->buffers.digest.buffer = NULL;23925 ssl->buffers.digest.length = 0;23926 23927 /* Final cleanup */23928 FreeScvArgs(ssl, args);23929 FreeKeyExchange(ssl);23930 23931 return ret;23932 }23933 #endif /* WOLFSSL_NO_CLIENT_AUTH */23934 23935 #endif /* WOLFSSL_NO_TLS12 */23936 23937 25265 #endif /* NO_CERTS */ 23938 23939 23940 #ifdef HAVE_SESSION_TICKET23941 int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)23942 {23943 /* Free old dynamic ticket if we already had one */23944 if (ssl->session.isDynamic) {23945 XFREE(ssl->session.ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);23946 ssl->session.ticket = ssl->session.staticTicket;23947 ssl->session.isDynamic = 0;23948 }23949 23950 if (length > sizeof(ssl->session.staticTicket)) {23951 byte* sessionTicket =23952 (byte*)XMALLOC(length, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);23953 if (sessionTicket == NULL)23954 return MEMORY_E;23955 ssl->session.ticket = sessionTicket;23956 ssl->session.isDynamic = 1;23957 }23958 ssl->session.ticketLen = (word16)length;23959 23960 if (length > 0) {23961 XMEMCPY(ssl->session.ticket, ticket, length);23962 if (ssl->session_ticket_cb != NULL) {23963 ssl->session_ticket_cb(ssl,23964 ssl->session.ticket, ssl->session.ticketLen,23965 ssl->session_ticket_ctx);23966 }23967 /* Create a fake sessionID based on the ticket, this will23968 * supersede the existing session cache info. */23969 ssl->options.haveSessionId = 1;23970 #ifdef WOLFSSL_TLS1323971 if (ssl->options.tls1_3) {23972 XMEMCPY(ssl->session.sessionID,23973 ssl->session.ticket + length - ID_LEN, ID_LEN);23974 }23975 else23976 #endif23977 XMEMCPY(ssl->arrays->sessionID,23978 ssl->session.ticket + length - ID_LEN, ID_LEN);23979 }23980 23981 return 0;23982 }23983 23984 #ifndef WOLFSSL_NO_TLS1223985 23986 /* handle processing of session_ticket (4) */23987 static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,23988 word32 size)23989 {23990 word32 begin = *inOutIdx;23991 word32 lifetime;23992 word16 length;23993 int ret;23994 23995 if (ssl->expect_session_ticket == 0) {23996 WOLFSSL_MSG("Unexpected session ticket");23997 return SESSION_TICKET_EXPECT_E;23998 }23999 24000 if (OPAQUE32_LEN > size)24001 return BUFFER_ERROR;24002 24003 ato32(input + *inOutIdx, &lifetime);24004 *inOutIdx += OPAQUE32_LEN;24005 24006 if ((*inOutIdx - begin) + OPAQUE16_LEN > size)24007 return BUFFER_ERROR;24008 24009 ato16(input + *inOutIdx, &length);24010 *inOutIdx += OPAQUE16_LEN;24011 24012 if ((*inOutIdx - begin) + length > size)24013 return BUFFER_ERROR;24014 24015 if ((ret = SetTicket(ssl, input + *inOutIdx, length)) != 0)24016 return ret;24017 *inOutIdx += length;24018 if (length > 0) {24019 ssl->timeout = lifetime;24020 #ifndef NO_SESSION_CACHE24021 AddSession(ssl);24022 #endif24023 }24024 24025 if (IsEncryptionOn(ssl, 0)) {24026 *inOutIdx += ssl->keys.padSz;24027 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)24028 if (ssl->options.startedETMRead)24029 *inOutIdx += MacSize(ssl);24030 #endif24031 }24032 24033 ssl->expect_session_ticket = 0;24034 24035 return 0;24036 }24037 24038 #endif /* !WOLFSSL_NO_TLS12 */24039 24040 #endif /* HAVE_SESSION_TICKET */24041 24042 #endif /* NO_WOLFSSL_CLIENT */24043 25266 24044 25267 #ifdef HAVE_ECC … … 24046 25269 word16 GetCurveByOID(int oidSum) { 24047 25270 switch(oidSum) { 24048 #if defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)25271 #if (defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 160 24049 25272 #ifndef NO_ECC_SECP 24050 25273 case ECC_SECP160R1_OID: … … 24060 25283 #endif /* HAVE_ECC_KOBLITZ */ 24061 25284 #endif 24062 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)25285 #if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192 24063 25286 #ifndef NO_ECC_SECP 24064 25287 case ECC_SECP192R1_OID: … … 24070 25293 #endif /* HAVE_ECC_KOBLITZ */ 24071 25294 #endif 24072 #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)25295 #if (defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224 24073 25296 #ifndef NO_ECC_SECP 24074 25297 case ECC_SECP224R1_OID: … … 24080 25303 #endif /* HAVE_ECC_KOBLITZ */ 24081 25304 #endif 24082 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)25305 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 24083 25306 #ifndef NO_ECC_SECP 24084 25307 case ECC_SECP256R1_OID: … … 24094 25317 #endif /* HAVE_ECC_BRAINPOOL */ 24095 25318 #endif 24096 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)25319 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384 24097 25320 #ifndef NO_ECC_SECP 24098 25321 case ECC_SECP384R1_OID: … … 24104 25327 #endif /* HAVE_ECC_BRAINPOOL */ 24105 25328 #endif 24106 #if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)25329 #if (defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 512 24107 25330 #ifdef HAVE_ECC_BRAINPOOL 24108 25331 case ECC_BRAINPOOLP512R1_OID: … … 24110 25333 #endif /* HAVE_ECC_BRAINPOOL */ 24111 25334 #endif 24112 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)25335 #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 24113 25336 #ifndef NO_ECC_SECP 24114 25337 case ECC_SECP521R1_OID: … … 24190 25413 #ifdef WOLFSSL_DTLS 24191 25414 if (ssl->options.dtls) { 24192 /* Server Hello should use the same sequence number as the 24193 * Client Hello. */ 24194 ssl->keys.dtls_sequence_number_hi = ssl->keys.curSeq_hi; 24195 ssl->keys.dtls_sequence_number_lo = ssl->keys.curSeq_lo; 25415 if (((ssl->keys.dtls_sequence_number_hi == ssl->keys.curSeq_hi && 25416 ssl->keys.dtls_sequence_number_lo < ssl->keys.curSeq_lo) || 25417 (ssl->keys.dtls_sequence_number_hi < ssl->keys.curSeq_hi))) { 25418 /* Server Hello should use the same sequence number as the 25419 * Client Hello if available. */ 25420 ssl->keys.dtls_sequence_number_hi = ssl->keys.curSeq_hi; 25421 ssl->keys.dtls_sequence_number_lo = ssl->keys.curSeq_lo; 25422 } 24196 25423 idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; 24197 25424 sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; … … 24236 25463 if (ssl->ctx->method->version.major == SSLv3_MAJOR && 24237 25464 ssl->ctx->method->version.minor == TLSv1_2_MINOR && 25465 #ifdef OPENSSL_EXTRA 25466 (wolfSSL_get_options(ssl) & SSL_OP_NO_TLSv1_2) == 0 && 25467 #endif 24238 25468 !IsAtLeastTLSv1_2(ssl)) { 24239 25469 /* TLS v1.2 capable server downgraded. */ … … 24306 25536 if (IsEncryptionOn(ssl, 1)) { 24307 25537 byte* input; 24308 int inputSz = idx - RECORD_HEADER_SZ; /* build msg adds rec hdr */ 24309 25538 int inputSz = idx; /* build msg adds rec hdr */ 25539 int recordHeaderSz = RECORD_HEADER_SZ; 25540 25541 if (ssl->options.dtls) 25542 recordHeaderSz += DTLS_RECORD_EXTRA; 25543 inputSz -= recordHeaderSz; 24310 25544 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 24311 25545 if (input == NULL) 24312 25546 return MEMORY_E; 24313 25547 24314 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 25548 XMEMCPY(input, output + recordHeaderSz, inputSz); 25549 #ifdef WOLFSSL_DTLS 25550 if (IsDtlsNotSctpMode(ssl) && 25551 (ret = DtlsMsgPoolSave(ssl, input, inputSz, server_hello)) != 0) { 25552 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 25553 return ret; 25554 } 25555 #endif 24315 25556 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 24316 handshake, 1, 0, 0 );25557 handshake, 1, 0, 0, CUR_ORDER); 24317 25558 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 24318 25559 … … 24321 25562 } else { 24322 25563 #ifdef WOLFSSL_DTLS 25564 if (IsDtlsNotSctpMode(ssl)) { 25565 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz, server_hello)) != 0) 25566 return ret; 25567 } 24323 25568 if (ssl->options.dtls) 24324 25569 DtlsSEQIncrement(ssl, CUR_ORDER); … … 24340 25585 ssl->buffers.outputBuffer.length += sendSz; 24341 25586 24342 #ifdef WOLFSSL_DTLS24343 if (IsDtlsNotSctpMode(ssl)) {24344 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0)24345 return ret;24346 }24347 #endif24348 24349 25587 if (ssl->options.groupMessages) 24350 25588 ret = 0; … … 24376 25614 byte* output; /* not allocated */ 24377 25615 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \ 24378 (!defined(NO_DH) && !defined(NO_RSA))25616 !defined(NO_RSA) 24379 25617 byte* sigDataBuf; 24380 25618 #endif … … 24391 25629 word32 sigSz; 24392 25630 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \ 24393 (!defined(NO_DH) && !defined(NO_RSA))25631 !defined(NO_RSA) 24394 25632 word32 sigDataSz; 24395 25633 #endif … … 24534 25772 ERROR_OUT(MEMORY_E, exit_sske); 24535 25773 } 25774 ssl->buffers.serverDH_Pub.length = 25775 ssl->buffers.serverDH_P.length + OPAQUE16_LEN; 24536 25776 } 24537 25777 … … 24544 25784 ERROR_OUT(MEMORY_E, exit_sske); 24545 25785 } 25786 ssl->buffers.serverDH_Priv.length = 25787 ssl->buffers.serverDH_P.length + OPAQUE16_LEN; 24546 25788 } 24547 25789 … … 25535 26777 } 25536 26778 #endif /* (HAVE_ECC || CURVE25519 || CURVE448) && !NO_PSK */ 25537 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || \25538 defined(HAVE_ED448)26779 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ 26780 defined(HAVE_CURVE448) 25539 26781 case ecc_diffie_hellman_kea: 25540 26782 { … … 25859 27101 if (IsEncryptionOn(ssl, 1)) { 25860 27102 args->inputSz = args->length + HANDSHAKE_HEADER_SZ; 25861 /* buildmsg adds rechdr */ 27103 if (ssl->options.dtls) 27104 args->inputSz += DTLS_HANDSHAKE_EXTRA; 25862 27105 args->input = (byte*)XMALLOC(args->inputSz, ssl->heap, 25863 27106 DYNAMIC_TYPE_IN_BUFFER); … … 25870 27113 } 25871 27114 25872 XMEMCPY(args->input, args->output + RECORD_HEADER_SZ, 27115 if (!ssl->options.dtls) 27116 XMEMCPY(args->input, args->output + RECORD_HEADER_SZ, 25873 27117 args->inputSz); 27118 else 27119 XMEMCPY(args->input, args->output + DTLS_RECORD_HEADER_SZ, 27120 args->inputSz); 27121 27122 #ifdef WOLFSSL_DTLS 27123 if (IsDtlsNotSctpMode(ssl) && 27124 (ret = DtlsMsgPoolSave(ssl, args->input, args->inputSz, server_key_exchange)) 27125 != 0) { 27126 goto exit_sske; 27127 } 27128 #endif 25874 27129 ret = BuildMessage(ssl, args->output, args->sendSz, 25875 args->input, args->inputSz, handshake, 1, 0, 0 );27130 args->input, args->inputSz, handshake, 1, 0, 0, CUR_ORDER); 25876 27131 XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 25877 27132 args->input = NULL; … … 25887 27142 if (IsDtlsNotSctpMode(ssl)) { 25888 27143 if ((ret = DtlsMsgPoolSave(ssl, 25889 args->output, args->sendSz )) != 0) {27144 args->output, args->sendSz, server_key_exchange)) != 0) { 25890 27145 goto exit_sske; 25891 27146 } … … 25943 27198 25944 27199 /* Final cleanup */ 27200 if (args->input != NULL) { 27201 XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 27202 args->input = NULL; 27203 } 25945 27204 FreeSskeArgs(ssl, args); 25946 27205 FreeKeyExchange(ssl); … … 26098 27357 #ifdef WOLFSSL_TLS13 26099 27358 if (IsAtLeastTLSv1_3(ssl->version) && 26100 ssl->options.side == WOLFSSL_SERVER_END) { 27359 ssl->options.side == WOLFSSL_SERVER_END) { 27360 #ifdef HAVE_SUPPORTED_CURVES 26101 27361 /* Try to establish a key share. */ 26102 27362 int ret = TLSX_KeyShare_Establish(ssl); … … 26105 27365 else if (ret != 0) 26106 27366 return 0; 27367 #endif 26107 27368 } 26108 27369 else if (first == TLS13_BYTE || (first == ECC_BYTE && … … 26288 27549 if (clSuites.suiteSz > WOLFSSL_MAX_SUITE_SZ) 26289 27550 return BUFFER_ERROR; 27551 /* Make sure the suiteSz is a multiple of 3. (Old Client Hello) */ 27552 if (clSuites.suiteSz % 3 != 0) 27553 return BUFFER_ERROR; 26290 27554 clSuites.hashSigAlgoSz = 0; 26291 27555 … … 26427 27691 SendAlert(ssl, alert_fatal, handshake_failure); 26428 27692 #endif 27693 #ifdef HAVE_EXT_CACHE 27694 wolfSSL_SESSION_free(session); 27695 #endif 26429 27696 return EXT_MASTER_SECRET_NEEDED_E; 26430 27697 } … … 26519 27786 ssl->chVersion = pv; /* store */ 26520 27787 #ifdef WOLFSSL_DTLS 26521 if (IsDtlsNotSctpMode(ssl) ) {27788 if (IsDtlsNotSctpMode(ssl) && !IsSCR(ssl) && !ssl->options.resuming) { 26522 27789 #if defined(NO_SHA) && defined(NO_SHA256) 26523 27790 #error "DTLS needs either SHA or SHA-256" … … 26535 27802 ssl->buffers.dtlsCookieSecret.buffer, 26536 27803 ssl->buffers.dtlsCookieSecret.length); 26537 if (ret != 0) return ret;27804 if (ret != 0) goto out; 26538 27805 ret = wc_HmacUpdate(&cookieHmac, 26539 27806 (const byte*)ssl->buffers.dtlsCtx.peer.sa, 26540 27807 ssl->buffers.dtlsCtx.peer.sz); 26541 if (ret != 0) return ret;27808 if (ret != 0) goto out; 26542 27809 ret = wc_HmacUpdate(&cookieHmac, input + i, OPAQUE16_LEN); 26543 if (ret != 0) return ret;27810 if (ret != 0) goto out; 26544 27811 } 26545 27812 #endif /* WOLFSSL_DTLS */ … … 26561 27828 if (!ssl->options.downgrade) { 26562 27829 WOLFSSL_MSG("Client trying to connect with lesser version"); 26563 return VERSION_ERROR; 27830 ret = VERSION_ERROR; 27831 goto out; 26564 27832 } 26565 27833 if (pv.minor < ssl->options.minDowngrade) { 26566 27834 WOLFSSL_MSG("\tversion below minimum allowed, fatal error"); 26567 return VERSION_ERROR; 27835 ret = VERSION_ERROR; 27836 goto out; 26568 27837 } 26569 27838 … … 26634 27903 (ssl->options.mask & SSL_OP_NO_SSLv3) == SSL_OP_NO_SSLv3) { 26635 27904 WOLFSSL_MSG("\tError, option set to not allow SSLv3"); 26636 return VERSION_ERROR; 27905 ret = VERSION_ERROR; 27906 goto out; 26637 27907 } 26638 27908 26639 27909 if (ssl->version.minor < ssl->options.minDowngrade) { 26640 27910 WOLFSSL_MSG("\tversion below minimum allowed, fatal error"); 26641 return VERSION_ERROR; 27911 ret = VERSION_ERROR; 27912 goto out; 26642 27913 } 26643 27914 … … 26669 27940 XMEMCPY(ssl->arrays->clientRandom, input + i, RAN_LEN); 26670 27941 #ifdef WOLFSSL_DTLS 26671 if (IsDtlsNotSctpMode(ssl) ) {27942 if (IsDtlsNotSctpMode(ssl) && !IsSCR(ssl) && !ssl->options.resuming) { 26672 27943 ret = wc_HmacUpdate(&cookieHmac, input + i, RAN_LEN); 26673 if (ret != 0) return ret;27944 if (ret != 0) goto out; 26674 27945 } 26675 27946 #endif /* WOLFSSL_DTLS */ … … 26697 27968 26698 27969 if (b == ID_LEN || bogusID) { 26699 if ((i - begin) + b > helloSz) 26700 return BUFFER_ERROR; 27970 if ((i - begin) + b > helloSz) { 27971 ret = BUFFER_ERROR; 27972 goto out; 27973 } 26701 27974 26702 27975 XMEMCPY(ssl->arrays->sessionID, input + i, b); 26703 27976 #ifdef WOLFSSL_DTLS 26704 if (IsDtlsNotSctpMode(ssl)) { 27977 if (IsDtlsNotSctpMode(ssl) && !IsSCR(ssl) && 27978 !ssl->options.resuming) { 26705 27979 ret = wc_HmacUpdate(&cookieHmac, input + i - 1, b + 1); 26706 if (ret != 0) return ret;27980 if (ret != 0) goto out; 26707 27981 } 26708 27982 #endif /* WOLFSSL_DTLS */ … … 26714 27988 else if (b) { 26715 27989 WOLFSSL_MSG("Invalid session ID size"); 26716 return BUFFER_ERROR; /* session ID nor 0 neither 32 bytes long */ 27990 ret = BUFFER_ERROR; /* session ID nor 0 neither 32 bytes long */ 27991 goto out; 26717 27992 } 26718 27993 … … 26721 27996 if (ssl->options.dtls) { 26722 27997 26723 if ((i - begin) + OPAQUE8_LEN > helloSz) 26724 return BUFFER_ERROR; 27998 if ((i - begin) + OPAQUE8_LEN > helloSz) { 27999 ret = BUFFER_ERROR; 28000 goto out; 28001 } 26725 28002 26726 28003 peerCookieSz = input[i++]; 26727 28004 26728 28005 if (peerCookieSz) { 26729 if (peerCookieSz > MAX_COOKIE_LEN) 26730 return BUFFER_ERROR; 26731 26732 if ((i - begin) + peerCookieSz > helloSz) 26733 return BUFFER_ERROR; 28006 if (peerCookieSz > MAX_COOKIE_LEN) { 28007 ret = BUFFER_ERROR; 28008 goto out; 28009 } 28010 28011 if ((i - begin) + peerCookieSz > helloSz) { 28012 ret = BUFFER_ERROR; 28013 goto out; 28014 } 26734 28015 26735 28016 XMEMCPY(peerCookie, input + i, peerCookieSz); … … 26741 28022 26742 28023 /* suites */ 26743 if ((i - begin) + OPAQUE16_LEN > helloSz) 26744 return BUFFER_ERROR; 28024 if ((i - begin) + OPAQUE16_LEN > helloSz) { 28025 ret = BUFFER_ERROR; 28026 goto out; 28027 } 26745 28028 26746 28029 ato16(&input[i], &clSuites.suiteSz); 26747 28030 i += OPAQUE16_LEN; 26748 28031 28032 /* Cipher suite lists are always multiples of two in length. */ 28033 if (clSuites.suiteSz % 2 != 0) { 28034 ret = BUFFER_ERROR; 28035 goto out; 28036 } 28037 26749 28038 /* suites and compression length check */ 26750 if ((i - begin) + clSuites.suiteSz + OPAQUE8_LEN > helloSz) 26751 return BUFFER_ERROR; 26752 26753 if (clSuites.suiteSz > WOLFSSL_MAX_SUITE_SZ) 26754 return BUFFER_ERROR; 28039 if ((i - begin) + clSuites.suiteSz + OPAQUE8_LEN > helloSz) { 28040 ret = BUFFER_ERROR; 28041 goto out; 28042 } 28043 28044 if (clSuites.suiteSz > WOLFSSL_MAX_SUITE_SZ) { 28045 ret = BUFFER_ERROR; 28046 goto out; 28047 } 26755 28048 26756 28049 XMEMCPY(clSuites.suites, input + i, clSuites.suiteSz); … … 26764 28057 ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions, ssl->heap); 26765 28058 if (ret != WOLFSSL_SUCCESS) 26766 return ret;28059 goto out; 26767 28060 26768 28061 extension = TLSX_Find(ssl->extensions, TLSX_RENEGOTIATION_INFO); … … 26781 28074 WOLFSSL_MSG("Client trying to connect with lesser version"); 26782 28075 SendAlert(ssl, alert_fatal, inappropriate_fallback); 26783 return VERSION_ERROR; 28076 ret = VERSION_ERROR; 28077 goto out; 26784 28078 } 26785 28079 } … … 26787 28081 26788 28082 #ifdef WOLFSSL_DTLS 26789 if (IsDtlsNotSctpMode(ssl) ) {28083 if (IsDtlsNotSctpMode(ssl) && !IsSCR(ssl) && !ssl->options.resuming) { 26790 28084 ret = wc_HmacUpdate(&cookieHmac, 26791 28085 input + i - OPAQUE16_LEN, 26792 28086 clSuites.suiteSz + OPAQUE16_LEN); 26793 if (ret != 0) return ret;28087 if (ret != 0) goto out; 26794 28088 } 26795 28089 #endif /* WOLFSSL_DTLS */ … … 26800 28094 b = input[i++]; 26801 28095 26802 if ((i - begin) + b > helloSz) 26803 return BUFFER_ERROR; 28096 if ((i - begin) + b > helloSz) { 28097 ret = BUFFER_ERROR; 28098 goto out; 28099 } 26804 28100 26805 28101 if (b == 0) { … … 26808 28104 SendAlert(ssl, alert_fatal, decode_error); 26809 28105 #endif 26810 return COMPRESSION_ERROR; 28106 ret = COMPRESSION_ERROR; 28107 goto out; 26811 28108 } 26812 28109 26813 28110 #ifdef WOLFSSL_DTLS 26814 28111 if (IsDtlsNotSctpMode(ssl)) { 26815 byte newCookie[MAX_COOKIE_LEN]; 26816 26817 ret = wc_HmacUpdate(&cookieHmac, input + i - 1, b + 1); 26818 if (ret != 0) return ret; 26819 ret = wc_HmacFinal(&cookieHmac, newCookie); 26820 if (ret != 0) return ret; 26821 26822 /* If a cookie callback is set, call it to overwrite the cookie. 26823 * This should be deprecated. The code now calculates the cookie 26824 * using an HMAC as expected. */ 26825 if (ssl->ctx->CBIOCookie != NULL && 26826 ssl->ctx->CBIOCookie(ssl, newCookie, cookieSz, 26827 ssl->IOCB_CookieCtx) != cookieSz) { 26828 return COOKIE_ERROR; 26829 } 26830 26831 /* Check the cookie, see if we progress the state machine. */ 26832 if (peerCookieSz != cookieSz || 26833 XMEMCMP(peerCookie, newCookie, cookieSz) != 0) { 26834 26835 /* Send newCookie to client in a HelloVerifyRequest message 26836 * and let the state machine alone. */ 26837 ssl->msgsReceived.got_client_hello = 0; 26838 ssl->keys.dtls_handshake_number = 0; 26839 ssl->keys.dtls_expected_peer_handshake_number = 0; 26840 *inOutIdx += helloSz; 26841 return SendHelloVerifyRequest(ssl, newCookie, cookieSz); 28112 if (!IsSCR(ssl) && !ssl->options.resuming) { 28113 byte newCookie[MAX_COOKIE_LEN]; 28114 28115 ret = wc_HmacUpdate(&cookieHmac, input + i - 1, b + 1); 28116 if (ret != 0) goto out; 28117 ret = wc_HmacFinal(&cookieHmac, newCookie); 28118 if (ret != 0) goto out; 28119 28120 /* If a cookie callback is set, call it to overwrite the cookie. 28121 * This should be deprecated. The code now calculates the cookie 28122 * using an HMAC as expected. */ 28123 if (ssl->ctx->CBIOCookie != NULL && 28124 ssl->ctx->CBIOCookie(ssl, newCookie, cookieSz, 28125 ssl->IOCB_CookieCtx) != cookieSz) { 28126 ret = COOKIE_ERROR; 28127 goto out; 28128 } 28129 28130 /* Check the cookie, see if we progress the state machine. */ 28131 if (peerCookieSz != cookieSz || 28132 XMEMCMP(peerCookie, newCookie, cookieSz) != 0) { 28133 28134 /* Send newCookie to client in a HelloVerifyRequest message 28135 * and let the state machine alone. */ 28136 ssl->msgsReceived.got_client_hello = 0; 28137 ssl->keys.dtls_handshake_number = 0; 28138 ssl->keys.dtls_expected_peer_handshake_number = 0; 28139 *inOutIdx += helloSz; 28140 ret = SendHelloVerifyRequest(ssl, newCookie, cookieSz); 28141 goto out; 28142 } 26842 28143 } 26843 28144 … … 26845 28146 * verify request. */ 26846 28147 ret = HashInput(ssl, input + *inOutIdx, helloSz); 26847 if (ret != 0) return ret;28148 if (ret != 0) goto out; 26848 28149 } 26849 28150 #endif /* WOLFSSL_DTLS */ … … 26877 28178 SendAlert(ssl, alert_fatal, illegal_parameter); 26878 28179 #endif 26879 return COMPRESSION_ERROR; 28180 ret = COMPRESSION_ERROR; 28181 goto out; 26880 28182 } 26881 28183 } … … 26900 28202 /* auto populate extensions supported unless user defined */ 26901 28203 if ((ret = TLSX_PopulateExtensions(ssl, 1)) != 0) 26902 return ret; 26903 #endif 26904 26905 if ((i - begin) + OPAQUE16_LEN > helloSz) 26906 return BUFFER_ERROR; 28204 goto out; 28205 #endif 28206 28207 if ((i - begin) + OPAQUE16_LEN > helloSz) { 28208 ret = BUFFER_ERROR; 28209 goto out; 28210 } 26907 28211 26908 28212 ato16(&input[i], &totalExtSz); 26909 28213 i += OPAQUE16_LEN; 26910 28214 26911 if ((i - begin) + totalExtSz > helloSz) 26912 return BUFFER_ERROR; 28215 if ((i - begin) + totalExtSz > helloSz) { 28216 ret = BUFFER_ERROR; 28217 goto out; 28218 } 26913 28219 26914 28220 #ifdef HAVE_TLS_EXTENSIONS … … 26916 28222 if ((ret = TLSX_Parse(ssl, (byte *) input + i, totalExtSz, 26917 28223 client_hello, &clSuites))) 26918 return ret;28224 goto out; 26919 28225 #ifdef WOLFSSL_TLS13 26920 28226 if (TLSX_Find(ssl->extensions, … … 26922 28228 WOLFSSL_MSG( 26923 28229 "Client attempting to connect with higher version"); 26924 return VERSION_ERROR; 28230 ret = VERSION_ERROR; 28231 goto out; 26925 28232 } 26926 28233 #endif 26927 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)28234 #ifdef HAVE_SNI 26928 28235 if((ret=SNI_Callback(ssl))) 26929 return ret;28236 goto out; 26930 28237 ssl->options.side = WOLFSSL_SERVER_END; 26931 28238 #endif … … 26936 28243 word16 extId, extSz; 26937 28244 26938 if (OPAQUE16_LEN + OPAQUE16_LEN > totalExtSz) 26939 return BUFFER_ERROR; 28245 if (OPAQUE16_LEN + OPAQUE16_LEN > totalExtSz) { 28246 ret = BUFFER_ERROR; 28247 goto out; 28248 } 26940 28249 26941 28250 ato16(&input[i], &extId); … … 26944 28253 i += OPAQUE16_LEN; 26945 28254 26946 if (OPAQUE16_LEN + OPAQUE16_LEN + extSz > totalExtSz) 26947 return BUFFER_ERROR; 28255 if (OPAQUE16_LEN + OPAQUE16_LEN + extSz > totalExtSz) { 28256 ret = BUFFER_ERROR; 28257 goto out; 28258 } 26948 28259 26949 28260 if (extId == HELLO_EXT_SIG_ALGO) { … … 26953 28264 i += OPAQUE16_LEN; 26954 28265 26955 if (OPAQUE16_LEN + hashSigAlgoSz > extSz) 26956 return BUFFER_ERROR; 28266 if (OPAQUE16_LEN + hashSigAlgoSz > extSz) { 28267 ret = BUFFER_ERROR; 28268 goto out; 28269 } 28270 28271 if (hashSigAlgoSz % 2 != 0) { 28272 ret = BUFFER_ERROR; 28273 goto out; 28274 } 26957 28275 26958 28276 clSuites.hashSigAlgoSz = hashSigAlgoSz; … … 26991 28309 ret = HandleTlsResumption(ssl, bogusID, &clSuites); 26992 28310 if (ret != 0) 26993 return ret; 26994 26995 #ifdef HAVE_SECURE_RENEGOTIATION 26996 if (ssl->secure_renegotiation && 26997 ssl->secure_renegotiation->enabled && 26998 IsEncryptionOn(ssl, 0)) 26999 ssl->secure_renegotiation->startScr = 1; 27000 #endif 28311 goto out; 27001 28312 27002 28313 if (ssl->options.clientState == CLIENT_KEYEXCHANGE_COMPLETE) { … … 27004 28315 WOLFSSL_END(WC_FUNC_CLIENT_HELLO_DO); 27005 28316 27006 return ret;28317 goto out; 27007 28318 } 27008 28319 } … … 27015 28326 ret = TLSX_SupportedFFDHE_Set(ssl); 27016 28327 if (ret != 0) 27017 return ret;28328 goto out; 27018 28329 } 27019 28330 #endif … … 27028 28339 #endif 27029 28340 27030 #ifdef HAVE_SECURE_RENEGOTIATION 27031 if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled && 27032 IsEncryptionOn(ssl, 0)) { 27033 ssl->secure_renegotiation->startScr = 1; 27034 } 28341 #ifdef WOLFSSL_DTLS 28342 if (ret == 0 && ssl->options.dtls) 28343 DtlsMsgPoolReset(ssl); 27035 28344 #endif 27036 28345 WOLFSSL_LEAVE("DoClientHello", ret); 27037 28346 WOLFSSL_END(WC_FUNC_CLIENT_HELLO_DO); 28347 28348 out: 28349 28350 #ifdef WOLFSSL_DTLS 28351 wc_HmacFree(&cookieHmac); 28352 #endif 27038 28353 27039 28354 return ret; … … 27483 28798 byte* input; 27484 28799 int inputSz = HANDSHAKE_HEADER_SZ; /* build msg adds rec hdr */ 28800 int recordHeaderSz = RECORD_HEADER_SZ; 28801 28802 if (ssl->options.dtls) { 28803 recordHeaderSz += DTLS_RECORD_EXTRA; 28804 inputSz += DTLS_HANDSHAKE_EXTRA; 28805 } 27485 28806 27486 28807 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); … … 27488 28809 return MEMORY_E; 27489 28810 27490 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 28811 XMEMCPY(input, output + recordHeaderSz, inputSz); 28812 #ifdef WOLFSSL_DTLS 28813 if (IsDtlsNotSctpMode(ssl) && 28814 (ret = DtlsMsgPoolSave(ssl, input, inputSz, server_hello_done)) != 0) { 28815 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 28816 return ret; 28817 } 28818 #endif 27491 28819 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 27492 handshake, 1, 0, 0 );28820 handshake, 1, 0, 0, CUR_ORDER); 27493 28821 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 27494 28822 … … 27498 28826 #ifdef WOLFSSL_DTLS 27499 28827 if (IsDtlsNotSctpMode(ssl)) { 27500 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz )) != 0)28828 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz, server_hello_done)) != 0) 27501 28829 return ret; 27502 28830 } … … 27546 28874 word32 ageAdd; /* Obfuscation of age */ 27547 28875 word16 namedGroup; /* Named group used */ 27548 #ifndef WOLFSSL_TLS13_DRAFT_1827549 28876 TicketNonce ticketNonce; /* Ticket nonce */ 27550 #endif27551 28877 #ifdef WOLFSSL_EARLY_DATA 27552 28878 word32 maxEarlyDataSz; /* Max size of early data */ … … 27555 28881 } InternalTicket; 27556 28882 28883 /* RFC 5077 defines this for session tickets */ 27557 28884 /* fit within SESSION_TICKET_LEN */ 27558 28885 typedef struct ExternalTicket { … … 27604 28931 /* Resumption master secret. */ 27605 28932 XMEMCPY(it.msecret, ssl->session.masterSecret, SECRET_LEN); 27606 #ifndef WOLFSSL_TLS13_DRAFT_1827607 28933 XMEMCPY(&it.ticketNonce, &ssl->session.ticketNonce, 27608 28934 sizeof(TicketNonce)); 27609 #endif 27610 #endif 27611 } 27612 27613 /* build external */ 27614 XMEMCPY(et->enc_ticket, &it, sizeof(InternalTicket)); 28935 #endif 28936 } 27615 28937 27616 28938 /* encrypt */ … … 27620 28942 } 27621 28943 else { 28944 /* build external */ 28945 XMEMCPY(et->enc_ticket, &it, sizeof(InternalTicket)); 28946 27622 28947 ret = ssl->ctx->ticketEncCb(ssl, et->key_name, et->iv, et->mac, 1, 27623 28948 et->enc_ticket, sizeof(InternalTicket), 27624 28949 &encLen, ssl->ctx->ticketEncCtx); 28950 if (ret != WOLFSSL_TICKET_RET_OK) { 28951 ForceZero(et->enc_ticket, sizeof(it)); 28952 } 27625 28953 } 27626 28954 if (ret == WOLFSSL_TICKET_RET_OK) { 27627 28955 if (encLen < (int)sizeof(InternalTicket) || 27628 28956 encLen > WOLFSSL_TICKET_ENC_SZ) { 28957 ForceZero(&it, sizeof(it)); 28958 ForceZero(et->enc_ticket, sizeof(it)); 27629 28959 WOLFSSL_MSG("Bad user ticket encrypt size"); 27630 28960 return BAD_TICKET_KEY_CB_SZ; … … 27635 28965 /* internal ticket can't be the same if encrypted */ 27636 28966 if (XMEMCMP(et->enc_ticket, &it, sizeof(InternalTicket)) == 0) { 28967 ForceZero(&it, sizeof(it)); 28968 ForceZero(et->enc_ticket, sizeof(it)); 27637 28969 WOLFSSL_MSG("User ticket encrypt didn't encrypt"); 27638 28970 return BAD_TICKET_ENCRYPT; 27639 28971 } 27640 28972 28973 ForceZero(&it, sizeof(it)); 27641 28974 XMEMSET(zeros, 0, sizeof(zeros)); 27642 28975 … … 27676 29009 { 27677 29010 ExternalTicket* et; 27678 InternalTicket *it;29011 InternalTicket it; 27679 29012 int ret; 27680 29013 int outLen; … … 27690 29023 27691 29024 et = (ExternalTicket*)input; 27692 it = (InternalTicket*)et->enc_ticket;27693 29025 27694 29026 /* decrypt */ … … 27714 29046 } 27715 29047 29048 /* copy the decrypted ticket to avoid alignment issues */ 29049 XMEMCPY(&it, et->enc_ticket, sizeof(InternalTicket)); 29050 ForceZero(et->enc_ticket, sizeof(it)); 29051 27716 29052 /* get master secret */ 27717 29053 if (ret == WOLFSSL_TICKET_RET_OK || ret == WOLFSSL_TICKET_RET_CREATE) { 27718 if (ssl->version.minor < it->pv.minor) { 29054 if (ssl->version.minor < it.pv.minor) { 29055 ForceZero(&it, sizeof(it)); 27719 29056 WOLFSSL_MSG("Ticket has greater version"); 27720 29057 return VERSION_ERROR; 27721 29058 } 27722 else if (ssl->version.minor > it->pv.minor) { 29059 else if (ssl->version.minor > it.pv.minor) { 29060 if (IsAtLeastTLSv1_3(it.pv) != IsAtLeastTLSv1_3(ssl->version)) { 29061 ForceZero(&it, sizeof(it)); 29062 WOLFSSL_MSG("Tickets cannot be shared between " 29063 "TLS 1.3 and TLS 1.2 and lower"); 29064 return VERSION_ERROR; 29065 } 29066 27723 29067 if (!ssl->options.downgrade) { 29068 ForceZero(&it, sizeof(it)); 27724 29069 WOLFSSL_MSG("Ticket has lesser version"); 27725 29070 return VERSION_ERROR; … … 27728 29073 WOLFSSL_MSG("Downgrading protocol due to ticket"); 27729 29074 27730 if (it->pv.minor < ssl->options.minDowngrade) 29075 if (it.pv.minor < ssl->options.minDowngrade) { 29076 ForceZero(&it, sizeof(it)); 27731 29077 return VERSION_ERROR; 27732 ssl->version.minor = it->pv.minor; 29078 } 29079 ssl->version.minor = it.pv.minor; 27733 29080 } 27734 29081 27735 29082 27736 29083 if (!IsAtLeastTLSv1_3(ssl->version)) { 27737 XMEMCPY(ssl->arrays->masterSecret, it ->msecret, SECRET_LEN);29084 XMEMCPY(ssl->arrays->masterSecret, it.msecret, SECRET_LEN); 27738 29085 /* Copy the haveExtendedMasterSecret property from the ticket to 27739 29086 * the saved session, so the property may be checked later. */ 27740 ssl->session.haveEMS = it ->haveEMS;29087 ssl->session.haveEMS = it.haveEMS; 27741 29088 #ifndef NO_RESUME_SUITE_CHECK 27742 ssl->session.cipherSuite0 = it ->suite[0];27743 ssl->session.cipherSuite = it ->suite[1];29089 ssl->session.cipherSuite0 = it.suite[0]; 29090 ssl->session.cipherSuite = it.suite[1]; 27744 29091 #endif 27745 29092 } … … 27747 29094 #ifdef WOLFSSL_TLS13 27748 29095 /* Restore information to renegotiate. */ 27749 ssl->session.ticketSeen = it ->timestamp;27750 ssl->session.ticketAdd = it ->ageAdd;27751 ssl->session.cipherSuite0 = it ->suite[0];27752 ssl->session.cipherSuite = it ->suite[1];29096 ssl->session.ticketSeen = it.timestamp; 29097 ssl->session.ticketAdd = it.ageAdd; 29098 ssl->session.cipherSuite0 = it.suite[0]; 29099 ssl->session.cipherSuite = it.suite[1]; 27753 29100 #ifdef WOLFSSL_EARLY_DATA 27754 ssl->session.maxEarlyDataSz = it ->maxEarlyDataSz;29101 ssl->session.maxEarlyDataSz = it.maxEarlyDataSz; 27755 29102 #endif 27756 29103 /* Resumption master secret. */ 27757 XMEMCPY(ssl->session.masterSecret, it->msecret, SECRET_LEN); 27758 #ifndef WOLFSSL_TLS13_DRAFT_18 27759 XMEMCPY(&ssl->session.ticketNonce, &it->ticketNonce, 29104 XMEMCPY(ssl->session.masterSecret, it.msecret, SECRET_LEN); 29105 XMEMCPY(&ssl->session.ticketNonce, &it.ticketNonce, 27760 29106 sizeof(TicketNonce)); 27761 #endif 27762 ssl->session.namedGroup = it->namedGroup; 27763 #endif 27764 } 27765 } 29107 ssl->session.namedGroup = it.namedGroup; 29108 #endif 29109 } 29110 } 29111 29112 ForceZero(&it, sizeof(it)); 27766 29113 27767 29114 WOLFSSL_LEAVE("DoClientTicket", ret); … … 27802 29149 #endif 27803 29150 } 29151 29152 if (IsEncryptionOn(ssl, 1) && ssl->options.handShakeDone) 29153 sendSz += cipherExtraData(ssl); 29154 27804 29155 /* check for available size */ 27805 29156 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) … … 27826 29177 if (IsEncryptionOn(ssl, 1) && ssl->options.handShakeDone) { 27827 29178 byte* input; 27828 int inputSz = idx - RECORD_HEADER_SZ; /* build msg adds rec hdr */ 27829 29179 int inputSz = idx; /* build msg adds rec hdr */ 29180 int recordHeaderSz = RECORD_HEADER_SZ; 29181 29182 if (ssl->options.dtls) 29183 recordHeaderSz += DTLS_RECORD_EXTRA; 29184 inputSz -= recordHeaderSz; 27830 29185 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 27831 29186 if (input == NULL) 27832 29187 return MEMORY_E; 27833 29188 27834 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz);29189 XMEMCPY(input, output + recordHeaderSz, inputSz); 27835 29190 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 27836 handshake, 1, 0, 0 );29191 handshake, 1, 0, 0, CUR_ORDER); 27837 29192 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 27838 29193 … … 27843 29198 #ifdef WOLFSSL_DTLS 27844 29199 if (ssl->options.dtls) { 27845 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz )) != 0)29200 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz, session_ticket)) != 0) 27846 29201 return ret; 27847 29202 … … 27856 29211 ssl->buffers.outputBuffer.length += sendSz; 27857 29212 27858 ret = SendBuffered(ssl); 29213 if (!ssl->options.groupMessages) 29214 ret = SendBuffered(ssl); 27859 29215 27860 29216 WOLFSSL_LEAVE("SendTicket", ret); … … 27863 29219 return ret; 27864 29220 } 29221 29222 #ifndef WOLFSSL_NO_DEF_TICKET_ENC_CB 29223 29224 /* Initialize the context for session ticket encryption. 29225 * 29226 * @param [in] ctx SSL context. 29227 * @param [in] keyCtx Context for session ticket encryption. 29228 * @return 0 on success. 29229 * @return BAD_MUTEX_E when initializing mutex fails. 29230 */ 29231 static int TicketEncCbCtx_Init(WOLFSSL_CTX* ctx, TicketEncCbCtx* keyCtx) 29232 { 29233 int ret = 0; 29234 29235 XMEMSET(keyCtx, 0, sizeof(*keyCtx)); 29236 keyCtx->ctx = ctx; 29237 29238 #ifndef SINGLE_THREADED 29239 ret = wc_InitMutex(&keyCtx->mutex); 29240 #endif 29241 29242 return ret; 29243 } 29244 29245 /* Setup the session ticket encryption context for this. 29246 * 29247 * Initialize RNG, generate name, generate primeary key and set primary key 29248 * expirary. 29249 * 29250 * @param [in] keyCtx Context for session ticket encryption. 29251 * @param [in] heap Dynamic memory allocation hint. 29252 * @param [in] devId Device identifier. 29253 * @return 0 on success. 29254 * @return Other value when random number generator fails. 29255 */ 29256 static int TicketEncCbCtx_Setup(TicketEncCbCtx* keyCtx, void* heap, int devId) 29257 { 29258 int ret; 29259 29260 #ifndef SINGLE_THREADED 29261 ret = 0; 29262 29263 /* Check that key wasn't set up while waiting. */ 29264 if (keyCtx->expirary[0] == 0) 29265 #endif 29266 { 29267 ret = wc_InitRng_ex(&keyCtx->rng, heap, devId); 29268 if (ret == 0) { 29269 ret = wc_RNG_GenerateBlock(&keyCtx->rng, keyCtx->name, 29270 sizeof(keyCtx->name)); 29271 } 29272 if (ret == 0) { 29273 /* Mask of the bottom bit - used for index of key. */ 29274 keyCtx->name[WOLFSSL_TICKET_NAME_SZ - 1] &= 0xfe; 29275 29276 /* Generate initial primary key. */ 29277 ret = wc_RNG_GenerateBlock(&keyCtx->rng, keyCtx->key[0], 29278 WOLFSSL_TICKET_KEY_SZ); 29279 } 29280 if (ret == 0) { 29281 keyCtx->expirary[0] = LowResTimer() + WOLFSSL_TICKET_KEY_LIFETIME; 29282 } 29283 } 29284 29285 return ret; 29286 } 29287 /* Free the context for session ticket encryption. 29288 * 29289 * Zeroize keys and name. 29290 * 29291 * @param [in] keyCtx Context for session ticket encryption. 29292 */ 29293 static void TicketEncCbCtx_Free(TicketEncCbCtx* keyCtx) 29294 { 29295 /* Zeroize sensitive data. */ 29296 ForceZero(keyCtx->name, sizeof(keyCtx->name)); 29297 ForceZero(keyCtx->key[0], sizeof(keyCtx->key[0])); 29298 ForceZero(keyCtx->key[1], sizeof(keyCtx->key[1])); 29299 29300 #ifndef SINGLE_THREADED 29301 wc_FreeMutex(&keyCtx->mutex); 29302 #endif 29303 wc_FreeRng(&keyCtx->rng); 29304 } 29305 29306 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \ 29307 !defined(WOLFSSL_TICKET_ENC_AES128_GCM) && \ 29308 !defined(WOLFSSL_TICKET_ENC_AES256_GCM) 29309 /* Ticket encryption/decryption implementation. 29310 * 29311 * @param [in] key Key for encryption/decryption. 29312 * @param [in] keyLen Length of key in bytes. 29313 * @param [in] iv IV/Nonce for encryption/decryption. 29314 * @param [in] aad Additional authentication data. 29315 * @param [in] aadSz Length of additional authentication data. 29316 * @param [in] in Data to encrypt/decrypt. 29317 * @param [in] inLen Length of encrypted data. 29318 * @param [out] out Resulting data from encrypt/decrypt. 29319 * @param [out] outLen Size of resulting data. 29320 * @param [in] tag Authentication tag for encrypted data. 29321 * @param [in] heap Dynamic memory allocation data hint. 29322 * @param [in] enc 1 when encrypting, 0 when decrypting. 29323 * @return 0 on success. 29324 * @return Other value when encryption/decryption fails. 29325 */ 29326 static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz, 29327 byte* in, int inLen, byte* out, int* outLen, byte* tag, 29328 void* heap, int enc) 29329 { 29330 int ret; 29331 29332 (void)keyLen; 29333 (void)heap; 29334 29335 if (enc) { 29336 ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, aadSz, in, inLen, out, 29337 tag); 29338 } 29339 else { 29340 ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, aadSz, in, inLen, tag, 29341 out); 29342 } 29343 29344 *outLen = inLen; 29345 29346 return ret; 29347 } 29348 #elif defined(HAVE_AESGCM) 29349 /* Ticket encryption/decryption implementation. 29350 * 29351 * @param [in] key Key for encryption/decryption. 29352 * @param [in] keyLen Length of key in bytes. 29353 * @param [in] iv IV/Nonce for encryption/decryption. 29354 * @param [in] aad Additional authentication data. 29355 * @param [in] aadSz Length of additional authentication data. 29356 * @param [in] in Data to encrypt/decrypt. 29357 * @param [in] inLen Length of encrypted data. 29358 * @param [out] out Resulting data from encrypt/decrypt. 29359 * @param [out] outLen Size of resulting data. 29360 * @param [in] tag Authentication tag for encrypted data. 29361 * @param [in] heap Dynamic memory allocation data hint. 29362 * @param [in] enc 1 when encrypting, 0 when decrypting. 29363 * @return 0 on success. 29364 * @return MEMORY_E when dynamic memory allocation fails. 29365 * @return Other value when encryption/decryption fails. 29366 */ 29367 static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz, 29368 byte* in, int inLen, byte* out, int* outLen, byte* tag, 29369 void* heap, int enc) 29370 { 29371 int ret; 29372 #ifdef WOLFSSL_SMALL_STACK 29373 Aes* aes; 29374 #else 29375 Aes aes[1]; 29376 #endif 29377 29378 (void)heap; 29379 29380 #ifdef WOLFSSL_SMALL_STACK 29381 aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_TMP_BUFFER); 29382 if (aes == NULL) 29383 return MEMORY_E; 29384 #endif 29385 29386 if (enc) { 29387 ret = wc_AesInit(aes, NULL, INVALID_DEVID); 29388 if (ret == 0) { 29389 ret = wc_AesGcmSetKey(aes, key, keyLen); 29390 } 29391 if (ret == 0) { 29392 ret = wc_AesGcmEncrypt(aes, in, out, inLen, iv, GCM_NONCE_MID_SZ, 29393 tag, AES_BLOCK_SIZE, aad, aadSz); 29394 } 29395 wc_AesFree(aes); 29396 } 29397 else { 29398 ret = wc_AesInit(aes, NULL, INVALID_DEVID); 29399 if (ret == 0) { 29400 ret = wc_AesGcmSetKey(aes, key, keyLen); 29401 } 29402 if (ret == 0) { 29403 ret = wc_AesGcmDecrypt(aes, in, out, inLen, iv, GCM_NONCE_MID_SZ, 29404 tag, AES_BLOCK_SIZE, aad, aadSz); 29405 } 29406 wc_AesFree(aes); 29407 } 29408 29409 #ifdef WOLFSSL_SMALL_STACK 29410 XFREE(aes, heap, DYNAMIC_TYPE_TMP_BUFFER); 29411 #endif 29412 29413 *outLen = inLen; 29414 29415 return ret; 29416 } 29417 #else 29418 #error "No encryption algorithm available for default ticket encryption." 29419 #endif 29420 29421 /* Choose a key to use for encryption. 29422 * 29423 * Generate a new key if the current ones are expired. 29424 * If the secondary key has not been used and the primary key has expired then 29425 * generate a new primary key. 29426 * 29427 * @param [in] Ticket encryption callback context. 29428 * @param [in] Session ticket lifetime. 29429 * @param [out] Index of key to use for encryption. 29430 * @return 0 on success. 29431 * @return Other value when random number generation fails. 29432 */ 29433 static int TicketEncCbCtx_ChooseKey(TicketEncCbCtx* keyCtx, int ticketHint, 29434 int* keyIdx) 29435 { 29436 int ret = 0; 29437 29438 /* Get new current time as lock may have taken some time. */ 29439 word32 now = LowResTimer(); 29440 29441 /* Check expirary of primary key for encrypt. */ 29442 if (keyCtx->expirary[0] >= now + ticketHint) { 29443 *keyIdx = 0; 29444 } 29445 /* Check expirary of primary key for encrypt. */ 29446 else if (keyCtx->expirary[1] >= now + ticketHint) { 29447 *keyIdx = 1; 29448 } 29449 /* No key available to use. */ 29450 else { 29451 int genKey; 29452 29453 /* Generate which ever key is expired for decrypt - primary first. */ 29454 if (keyCtx->expirary[0] < now) { 29455 genKey = 0; 29456 } 29457 else if (keyCtx->expirary[1] < now) { 29458 genKey = 1; 29459 } 29460 /* Timeouts and expirary should not allow this to happen. */ 29461 else { 29462 return BAD_STATE_E; 29463 } 29464 29465 /* Generate the required key */ 29466 ret = wc_RNG_GenerateBlock(&keyCtx->rng, keyCtx->key[genKey], 29467 WOLFSSL_TICKET_KEY_SZ); 29468 if (ret == 0) { 29469 keyCtx->expirary[genKey] = now + WOLFSSL_TICKET_KEY_LIFETIME; 29470 *keyIdx = genKey; 29471 } 29472 } 29473 29474 return ret; 29475 } 29476 29477 /* Default Session Ticket encryption/decryption callback. 29478 * 29479 * Use ChaCha20-Poly1305 or AES-GCM to encrypt/decrypt the ticket. 29480 * Two keys are used: 29481 * - When the first expires for encryption, then use the other. 29482 * - Don't encrypt with key if the ticket lifetime will go beyond expirary. 29483 * - Generate a new primary key when primary key expired for decrypt and 29484 * no secondary key is activate for encryption. 29485 * - Generate a new secondary key when expired and needed. 29486 * - Calculate expirary starting from first encrypted ticket. 29487 * - Key name has last bit set to indicate index of key. 29488 * Keys expire for decryption after ticket key lifetime from the first encrypted 29489 * ticket. 29490 * Keys can only be use for encryption while the ticket hint does not exceed 29491 * the key lifetime. 29492 * Lifetime of a key must be greater than the lifetime of a ticket. This means 29493 * that if one ticket is only valid for decryption, then the other will be 29494 * valid for encryption. 29495 * AAD = key_name | iv | ticket len (16-bits network order) 29496 * 29497 * @param [in] ssl SSL connection. 29498 * @param [in,out] key_name Name of key from client. 29499 * Encrypt: name of key returned. 29500 * Decrypt: name from ticket message to check. 29501 * @param [in] iv IV to use in encryption/decryption. 29502 * @param [in] mac MAC for authentication of encrypted data. 29503 * @param [in] enc 1 when encrypting ticket, 0 when decrypting. 29504 * @param [in,out] ticket Encrypted/decrypted session ticket bytes. 29505 * @param [in] inLen Length of incoming ticket. 29506 * @param [out] outLen Length of outgoing ticket. 29507 * @param [in] userCtx Context for encryption/decryption of ticket. 29508 * @return WOLFSSL_TICKET_RET_OK when successful. 29509 * @return WOLFSSL_TICKET_RET_CREATE when successful and a new ticket is to 29510 * be created for TLS 1.2 and below. 29511 * @return WOLFSSL_TICKET_RET_REJECT when failed to produce valid encrypted or 29512 * decrypted ticket. 29513 * @return WOLFSSL_TICKET_RET_FATAL when key name does not match. 29514 */ 29515 static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ], 29516 byte iv[WOLFSSL_TICKET_IV_SZ], 29517 byte mac[WOLFSSL_TICKET_MAC_SZ], 29518 int enc, byte* ticket, int inLen, int* outLen, 29519 void* userCtx) 29520 { 29521 int ret; 29522 TicketEncCbCtx* keyCtx = (TicketEncCbCtx*)userCtx; 29523 WOLFSSL_CTX* ctx = keyCtx->ctx; 29524 word16 sLen = XHTONS(inLen); 29525 byte aad[WOLFSSL_TICKET_NAME_SZ + WOLFSSL_TICKET_IV_SZ + sizeof(sLen)]; 29526 int aadSz = WOLFSSL_TICKET_NAME_SZ + WOLFSSL_TICKET_IV_SZ + sizeof(sLen); 29527 byte* p = aad; 29528 int keyIdx = 0; 29529 29530 /* Check we have setup the RNG, name and primary key. */ 29531 if (keyCtx->expirary[0] == 0) { 29532 #ifndef SINGLE_THREADED 29533 /* Lock around access to expirary and key - stop initial key being 29534 * generated twice at the same time. */ 29535 if (wc_LockMutex(&keyCtx->mutex) != 0) { 29536 WOLFSSL_MSG("Couldn't lock key context mutex"); 29537 return WOLFSSL_TICKET_RET_REJECT; 29538 } 29539 #endif 29540 /* Sets expirary of primary key in setup. */ 29541 ret = TicketEncCbCtx_Setup(keyCtx, ssl->ctx->heap, ssl->ctx->devId); 29542 #ifndef SINGLE_THREADED 29543 wc_UnLockMutex(&keyCtx->mutex); 29544 #endif 29545 if (ret != 0) 29546 return ret; 29547 } 29548 29549 if (enc) { 29550 /* Return the name of the key - missing key index. */ 29551 XMEMCPY(key_name, keyCtx->name, WOLFSSL_TICKET_NAME_SZ); 29552 29553 /* Generate a new IV into buffer to be returned. 29554 * Don't use the RNG in keyCtx as it's for generating private data. */ 29555 ret = wc_RNG_GenerateBlock(ssl->rng, iv, WOLFSSL_TICKET_IV_SZ); 29556 if (ret != 0) { 29557 return WOLFSSL_TICKET_RET_REJECT; 29558 } 29559 } 29560 else { 29561 /* Mask of last bit that is the key index. */ 29562 byte lastByte = key_name[WOLFSSL_TICKET_NAME_SZ - 1] & 0xfe; 29563 29564 /* For decryption, see if we know this key - check all but last byte. */ 29565 if (XMEMCMP(key_name, keyCtx->name, WOLFSSL_TICKET_NAME_SZ - 1) != 0) { 29566 return WOLFSSL_TICKET_RET_FATAL; 29567 } 29568 /* Ensure last byte without index bit matches too. */ 29569 if (lastByte != keyCtx->name[WOLFSSL_TICKET_NAME_SZ - 1]) { 29570 return WOLFSSL_TICKET_RET_FATAL; 29571 } 29572 } 29573 29574 /* Build AAD from: key name, iv, and length of ticket. */ 29575 XMEMCPY(p, keyCtx->name, WOLFSSL_TICKET_NAME_SZ); 29576 p += WOLFSSL_TICKET_NAME_SZ; 29577 XMEMCPY(p, iv, WOLFSSL_TICKET_IV_SZ); 29578 p += WOLFSSL_TICKET_IV_SZ; 29579 XMEMCPY(p, &sLen, sizeof(sLen)); 29580 29581 /* Encrypt ticket. */ 29582 if (enc) { 29583 word32 now; 29584 29585 now = LowResTimer(); 29586 /* As long as encryption expirary isn't imminent - no lock. */ 29587 if (keyCtx->expirary[0] > now + ctx->ticketHint) { 29588 keyIdx = 0; 29589 } 29590 else if (keyCtx->expirary[1] > now + ctx->ticketHint) { 29591 keyIdx = 1; 29592 } 29593 else { 29594 #ifndef SINGLE_THREADED 29595 /* Lock around access to expirary and key - stop key being generated 29596 * twice at the same time. */ 29597 if (wc_LockMutex(&keyCtx->mutex) != 0) { 29598 WOLFSSL_MSG("Couldn't lock key context mutex"); 29599 return WOLFSSL_TICKET_RET_REJECT; 29600 } 29601 #endif 29602 ret = TicketEncCbCtx_ChooseKey(keyCtx, ctx->ticketHint, &keyIdx); 29603 #ifndef SINGLE_THREADED 29604 wc_UnLockMutex(&keyCtx->mutex); 29605 #endif 29606 if (ret != 0) { 29607 return WOLFSSL_TICKET_RET_REJECT; 29608 } 29609 } 29610 /* Set the name of the key to the index chosen. */ 29611 key_name[WOLFSSL_TICKET_NAME_SZ - 1] |= keyIdx; 29612 /* Update AAD too. */ 29613 aad[WOLFSSL_TICKET_NAME_SZ - 1] |= keyIdx; 29614 29615 /* Encrypt ticket data. */ 29616 ret = TicketEncDec(keyCtx->key[keyIdx], WOLFSSL_TICKET_KEY_SZ, iv, aad, 29617 aadSz, ticket, inLen, ticket, outLen, mac, ssl->heap, 29618 1); 29619 if (ret != 0) return WOLFSSL_TICKET_RET_REJECT; 29620 } 29621 /* Decrypt ticket. */ 29622 else { 29623 /* Get index of key from name. */ 29624 keyIdx = key_name[WOLFSSL_TICKET_NAME_SZ - 1] & 0x1; 29625 /* Update AAD with index. */ 29626 aad[WOLFSSL_TICKET_NAME_SZ - 1] |= keyIdx; 29627 29628 /* Check expirary */ 29629 if (keyCtx->expirary[keyIdx] <= LowResTimer()) { 29630 return WOLFSSL_TICKET_RET_REJECT; 29631 } 29632 29633 /* Decrypt ticket data. */ 29634 ret = TicketEncDec(keyCtx->key[keyIdx], WOLFSSL_TICKET_KEY_SZ, iv, aad, 29635 aadSz, ticket, inLen, ticket, outLen, mac, ssl->heap, 29636 0); 29637 if (ret != 0) { 29638 return WOLFSSL_TICKET_RET_REJECT; 29639 } 29640 } 29641 29642 #ifndef WOLFSSL_TICKET_DECRYPT_NO_CREATE 29643 if (!IsAtLeastTLSv1_3(ssl->version) && !enc) 29644 return WOLFSSL_TICKET_RET_CREATE; 29645 #endif 29646 return WOLFSSL_TICKET_RET_OK; 29647 } 29648 29649 #endif /* !WOLFSSL_NO_DEF_TICKET_ENC_CB */ 27865 29650 27866 29651 #endif /* HAVE_SESSION_TICKET */ … … 27885 29670 sendSz += MAX_MSG_EXTRA; 27886 29671 29672 if (ssl->options.dtls) 29673 sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; 29674 27887 29675 /* check for available size */ 27888 29676 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) … … 27898 29686 byte* input; 27899 29687 int inputSz = HANDSHAKE_HEADER_SZ; /* build msg adds rec hdr */ 29688 int recordHeaderSz = RECORD_HEADER_SZ; 29689 29690 if (ssl->options.dtls) { 29691 recordHeaderSz += DTLS_RECORD_EXTRA; 29692 inputSz += DTLS_HANDSHAKE_EXTRA; 29693 } 27900 29694 27901 29695 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); … … 27903 29697 return MEMORY_E; 27904 29698 27905 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 29699 XMEMCPY(input, output + recordHeaderSz, inputSz); 29700 #ifdef WOLFSSL_DTLS 29701 if (IsDtlsNotSctpMode(ssl) && 29702 (ret = DtlsMsgPoolSave(ssl, input, inputSz, hello_request)) != 0) { 29703 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 29704 return ret; 29705 } 29706 #endif 27906 29707 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 27907 handshake, 0, 0, 0 );29708 handshake, 0, 0, 0, CUR_ORDER); 27908 29709 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 27909 29710 … … 27935 29736 int ret; 27936 29737 29738 /* are we in scr */ 29739 if (IsEncryptionOn(ssl, 1)) { 29740 sendSz += MAX_MSG_EXTRA; 29741 } 29742 27937 29743 /* check for available size */ 27938 29744 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) … … 27970 29776 sendSz, WRITE_PROTO, ssl->heap); 27971 29777 #endif 29778 29779 /* are we in scr */ 29780 if (IsEncryptionOn(ssl, 1)) { 29781 byte* input; 29782 int inputSz = HANDSHAKE_HEADER_SZ + length; /* build msg adds rec hdr */ 29783 int recordHeaderSz = RECORD_HEADER_SZ; 29784 29785 if (ssl->options.dtls) { 29786 recordHeaderSz += DTLS_RECORD_EXTRA; 29787 inputSz += DTLS_HANDSHAKE_EXTRA; 29788 } 29789 29790 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 29791 if (input == NULL) 29792 return MEMORY_E; 29793 29794 XMEMCPY(input, output + recordHeaderSz, inputSz); 29795 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 29796 handshake, 0, 0, 0, CUR_ORDER); 29797 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 29798 29799 if (sendSz < 0) 29800 return sendSz; 29801 } 27972 29802 27973 29803 ssl->buffers.outputBuffer.length += sendSz; … … 28054 29884 } 28055 29885 28056 #if ndef NO_CERTS29886 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH) 28057 29887 if (ssl->options.verifyPeer && ssl->options.failNoCert) { 28058 29888 if (!ssl->options.havePeerCert) { … … 28069 29899 } 28070 29900 } 28071 #endif /* !NO_CERTS */29901 #endif /* !NO_CERTS && !WOLFSSL_NO_CLIENT_AUTH */ 28072 29902 28073 29903 #if defined(WOLFSSL_CALLBACKS) … … 28254 30084 if (ssl->arrays->psk_keySz == 0 || 28255 30085 ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) { 30086 #if defined(WOLFSSL_EXTRA_ALERTS) || \ 30087 defined(WOLFSSL_PSK_IDENTITY_ALERT) 30088 SendAlert(ssl, alert_fatal, 30089 unknown_psk_identity); 30090 #endif 28256 30091 ERROR_OUT(PSK_KEY_ERROR, exit_dcke); 28257 30092 } … … 28507 30342 28508 30343 ssl->peerEccKeyPresent = 1; 30344 30345 #if defined(WOLFSSL_TLS13) || defined(HAVE_FFDHE) 30346 /* client_hello may have sent FFEDH2048, which sets namedGroup, 30347 but that is not being used, so clear it */ 30348 /* resolves issue with server side wolfSSL_get_curve_name */ 30349 ssl->namedGroup = 0; 30350 #endif 28509 30351 #endif /* HAVE_ECC */ 28510 30352 … … 29127 30969 if (ssl->arrays->psk_keySz == 0 || 29128 30970 ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) { 30971 #if defined(WOLFSSL_EXTRA_ALERTS) || \ 30972 defined(WOLFSSL_PSK_IDENTITY_ALERT) 30973 SendAlert(ssl, alert_fatal, 30974 unknown_psk_identity); 30975 #endif 29129 30976 ERROR_OUT(PSK_KEY_ERROR, exit_dcke); 29130 30977 } … … 29242 31089 29243 31090 ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; 29244 #if ndef NO_CERTS31091 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH) 29245 31092 if (ssl->options.verifyPeer) { 29246 31093 ret = BuildCertHashes(ssl, &ssl->hsHashes->certHashes); … … 29283 31130 #endif /* !WOLFSSL_NO_TLS12 */ 29284 31131 29285 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ 29286 defined(WOLFSSL_HAPROXY) 31132 #ifdef HAVE_SNI 29287 31133 int SNI_Callback(WOLFSSL* ssl) 29288 31134 { … … 29300 31146 return 0; 29301 31147 } 29302 #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY*/31148 #endif /* HAVE_SNI */ 29303 31149 29304 31150 #endif /* NO_WOLFSSL_SERVER */ … … 29412 31258 #endif /* HAVE_MAX_FRAGMENT */ 29413 31259 #ifdef WOLFSSL_DTLS 29414 if ((ssl->options.dtls) && (maxFragment > MAX_UDP_SIZE)) { 29415 maxFragment = MAX_UDP_SIZE; 31260 if (IsDtlsNotSctpMode(ssl)) { 31261 if (maxFragment > MAX_UDP_SIZE) { 31262 maxFragment = MAX_UDP_SIZE; 31263 } 31264 #if defined(WOLFSSL_DTLS_MTU) 31265 if (maxFragment > 31266 ssl->dtlsMtuSz - RECORD_HEADER_SZ - DTLS_RECORD_EXTRA) { 31267 maxFragment = ssl->dtlsMtuSz - RECORD_HEADER_SZ - DTLS_RECORD_EXTRA; 31268 } 31269 #endif 29416 31270 } 29417 31271 #endif -
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/keys.c
r457 r464 1075 1075 ssl->specs.pad_size = PAD_SHA; 1076 1076 ssl->specs.static_ecdh = 0; 1077 ssl->specs.key_size = WC_SHA256_DIGEST_SIZE / 2;1077 ssl->specs.key_size = WC_SHA256_DIGEST_SIZE; 1078 1078 ssl->specs.block_size = 0; 1079 1079 ssl->specs.iv_size = HMAC_NONCE_SZ; … … 1093 1093 ssl->specs.pad_size = PAD_SHA; 1094 1094 ssl->specs.static_ecdh = 0; 1095 ssl->specs.key_size = WC_SHA384_DIGEST_SIZE / 2;1095 ssl->specs.key_size = WC_SHA384_DIGEST_SIZE; 1096 1096 ssl->specs.block_size = 0; 1097 1097 ssl->specs.iv_size = HMAC_NONCE_SZ; … … 2910 2910 } 2911 2911 2912 if (enc) { 2913 if (wc_HmacInit(enc->hmac, heap, devId) != 0) { 2914 WOLFSSL_MSG("HmacInit failed in SetKeys"); 2915 XFREE(enc->hmac, heap, DYNAMIC_TYPE_CIPHER); 2916 enc->hmac = NULL; 2917 return ASYNC_INIT_E; 2918 } 2919 } 2920 2912 2921 if (dec && dec->hmac == NULL) { 2913 2922 dec->hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, … … 2917 2926 } 2918 2927 2919 if (enc) {2920 if (wc_HmacInit(enc->hmac, heap, devId) != 0) {2921 WOLFSSL_MSG("HmacInit failed in SetKeys");2922 return ASYNC_INIT_E;2923 }2924 }2925 2928 if (dec) { 2926 2929 if (wc_HmacInit(dec->hmac, heap, devId) != 0) { 2927 2930 WOLFSSL_MSG("HmacInit failed in SetKeys"); 2931 XFREE(dec->hmac, heap, DYNAMIC_TYPE_CIPHER); 2932 dec->hmac = NULL; 2928 2933 return ASYNC_INIT_E; 2929 2934 } … … 2932 2937 if (side == WOLFSSL_CLIENT_END) { 2933 2938 if (enc) { 2939 XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV, 2940 HMAC_NONCE_SZ); 2934 2941 hmacRet = wc_HmacSetKey(enc->hmac, hashType, 2935 2942 keys->client_write_key, specs->key_size); … … 2937 2944 } 2938 2945 if (dec) { 2946 XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV, 2947 HMAC_NONCE_SZ); 2939 2948 hmacRet = wc_HmacSetKey(dec->hmac, hashType, 2940 2949 keys->server_write_key, specs->key_size); … … 2944 2953 else { 2945 2954 if (enc) { 2955 XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV, 2956 HMAC_NONCE_SZ); 2946 2957 hmacRet = wc_HmacSetKey(enc->hmac, hashType, 2947 2958 keys->server_write_key, specs->key_size); … … 2949 2960 } 2950 2961 if (dec) { 2962 XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV, 2963 HMAC_NONCE_SZ); 2951 2964 hmacRet = wc_HmacSetKey(dec->hmac, hashType, 2952 2965 keys->client_write_key, specs->key_size); … … 3059 3072 if (ssl->secure_renegotiation && ssl->secure_renegotiation->cache_status) { 3060 3073 keys = &ssl->secure_renegotiation->tmp_keys; 3061 copy = 1; 3074 #ifdef WOLFSSL_DTLS 3075 /* For DTLS, copy is done in StoreKeys */ 3076 if (!ssl->options.dtls) 3077 #endif 3078 copy = 1; 3062 3079 } 3063 3080 #endif /* HAVE_SECURE_RENEGOTIATION */ … … 3134 3151 3135 3152 #ifdef HAVE_SECURE_RENEGOTIATION 3153 #ifdef WOLFSSL_DTLS 3154 if (ret == 0 && ssl->options.dtls) { 3155 if (wc_encrypt) 3156 wc_encrypt->src = keys == &ssl->keys ? KEYS : SCR; 3157 if (wc_decrypt) 3158 wc_decrypt->src = keys == &ssl->keys ? KEYS : SCR; 3159 } 3160 #endif 3161 3136 3162 if (copy) { 3137 3163 int clientCopy = 0; … … 3210 3236 int sz, i = 0; 3211 3237 Keys* keys = &ssl->keys; 3238 #ifdef WOLFSSL_DTLS 3239 /* In case of DTLS, ssl->keys is updated here */ 3240 int scr_copy = 0; 3241 #endif 3212 3242 3213 3243 #ifdef HAVE_SECURE_RENEGOTIATION 3214 if (ssl->secure_renegotiation && ssl->secure_renegotiation->cache_status ==3215 3244 if (ssl->secure_renegotiation && 3245 ssl->secure_renegotiation->cache_status == SCR_CACHE_NEEDED) { 3216 3246 keys = &ssl->secure_renegotiation->tmp_keys; 3247 #ifdef WOLFSSL_DTLS 3248 if (ssl->options.dtls) { 3249 /* epoch is incremented after StoreKeys is called */ 3250 ssl->secure_renegotiation->tmp_keys.dtls_epoch = ssl->keys.dtls_epoch + 1; 3251 /* we only need to copy keys on second and future renegotiations */ 3252 if (ssl->keys.dtls_epoch > 1) 3253 scr_copy = 1; 3254 ssl->encrypt.src = KEYS_NOT_SET; 3255 ssl->decrypt.src = KEYS_NOT_SET; 3256 } 3257 #endif 3217 3258 CacheStatusPP(ssl->secure_renegotiation); 3218 3259 } … … 3225 3266 sz = ssl->specs.hash_size; 3226 3267 #ifndef WOLFSSL_AEAD_ONLY 3268 3269 #ifdef WOLFSSL_DTLS 3270 if (scr_copy) { 3271 XMEMCPY(ssl->keys.client_write_MAC_secret, 3272 keys->client_write_MAC_secret, sz); 3273 XMEMCPY(ssl->keys.server_write_MAC_secret, 3274 keys->server_write_MAC_secret, sz); 3275 } 3276 #endif 3227 3277 XMEMCPY(keys->client_write_MAC_secret,&keyData[i], sz); 3228 3278 XMEMCPY(keys->server_write_MAC_secret,&keyData[i], sz); … … 3231 3281 } 3232 3282 sz = ssl->specs.key_size; 3283 #ifdef WOLFSSL_DTLS 3284 if (scr_copy) { 3285 XMEMCPY(ssl->keys.client_write_key, 3286 keys->client_write_key, sz); 3287 XMEMCPY(ssl->keys.server_write_key, 3288 keys->server_write_key, sz); 3289 } 3290 #endif 3233 3291 XMEMCPY(keys->client_write_key, &keyData[i], sz); 3234 3292 XMEMCPY(keys->server_write_key, &keyData[i], sz); … … 3236 3294 3237 3295 sz = ssl->specs.iv_size; 3296 #ifdef WOLFSSL_DTLS 3297 if (scr_copy) { 3298 XMEMCPY(ssl->keys.client_write_IV, 3299 keys->client_write_IV, sz); 3300 XMEMCPY(ssl->keys.server_write_IV, 3301 keys->server_write_IV, sz); 3302 } 3303 #endif 3238 3304 XMEMCPY(keys->client_write_IV, &keyData[i], sz); 3239 3305 XMEMCPY(keys->server_write_IV, &keyData[i], sz); … … 3242 3308 if (ssl->specs.cipher_type == aead) { 3243 3309 /* Initialize the AES-GCM/CCM explicit IV to a zero. */ 3310 #ifdef WOLFSSL_DTLS 3311 if (scr_copy) { 3312 XMEMCPY(ssl->keys.aead_exp_IV, 3313 keys->aead_exp_IV, AEAD_MAX_EXP_SZ); 3314 } 3315 #endif 3244 3316 XMEMSET(keys->aead_exp_IV, 0, AEAD_MAX_EXP_SZ); 3245 3317 } … … 3254 3326 if (side & PROVISION_CLIENT) { 3255 3327 #ifndef WOLFSSL_AEAD_ONLY 3328 #ifdef WOLFSSL_DTLS 3329 if (scr_copy) 3330 XMEMCPY(ssl->keys.client_write_MAC_secret, 3331 keys->client_write_MAC_secret, sz); 3332 #endif 3256 3333 XMEMCPY(keys->client_write_MAC_secret,&keyData[i], sz); 3257 3334 #endif … … 3260 3337 if (side & PROVISION_SERVER) { 3261 3338 #ifndef WOLFSSL_AEAD_ONLY 3339 #ifdef WOLFSSL_DTLS 3340 if (scr_copy) 3341 XMEMCPY(ssl->keys.server_write_MAC_secret, 3342 keys->server_write_MAC_secret, sz); 3343 #endif 3262 3344 XMEMCPY(keys->server_write_MAC_secret,&keyData[i], sz); 3263 3345 #endif … … 3267 3349 sz = ssl->specs.key_size; 3268 3350 if (side & PROVISION_CLIENT) { 3351 #ifdef WOLFSSL_DTLS 3352 if (scr_copy) 3353 XMEMCPY(ssl->keys.client_write_key, 3354 keys->client_write_key, sz); 3355 #endif 3269 3356 XMEMCPY(keys->client_write_key, &keyData[i], sz); 3270 3357 i += sz; 3271 3358 } 3272 3359 if (side & PROVISION_SERVER) { 3360 #ifdef WOLFSSL_DTLS 3361 if (scr_copy) 3362 XMEMCPY(ssl->keys.server_write_key, 3363 keys->server_write_key, sz); 3364 #endif 3273 3365 XMEMCPY(keys->server_write_key, &keyData[i], sz); 3274 3366 i += sz; … … 3277 3369 sz = ssl->specs.iv_size; 3278 3370 if (side & PROVISION_CLIENT) { 3371 #ifdef WOLFSSL_DTLS 3372 if (scr_copy) 3373 XMEMCPY(ssl->keys.client_write_IV, 3374 keys->client_write_IV, sz); 3375 #endif 3279 3376 XMEMCPY(keys->client_write_IV, &keyData[i], sz); 3280 3377 i += sz; 3281 3378 } 3282 if (side & PROVISION_SERVER) 3379 if (side & PROVISION_SERVER) { 3380 #ifdef WOLFSSL_DTLS 3381 if (scr_copy) 3382 XMEMCPY(ssl->keys.server_write_IV, 3383 keys->server_write_IV, sz); 3384 #endif 3283 3385 XMEMCPY(keys->server_write_IV, &keyData[i], sz); 3386 } 3284 3387 3285 3388 #ifdef HAVE_AEAD 3286 3389 if (ssl->specs.cipher_type == aead) { 3287 3390 /* Initialize the AES-GCM/CCM explicit IV to a zero. */ 3391 #ifdef WOLFSSL_DTLS 3392 if (scr_copy) 3393 XMEMMOVE(ssl->keys.aead_exp_IV, 3394 keys->aead_exp_IV, AEAD_MAX_EXP_SZ); 3395 #endif 3288 3396 XMEMSET(keys->aead_exp_IV, 0, AEAD_MAX_EXP_SZ); 3289 3397 } … … 3342 3450 } 3343 3451 #endif 3344 3452 XMEMSET(shaOutput, 0, WC_SHA_DIGEST_SIZE); 3345 3453 ret = wc_InitMd5(md5); 3346 3454 if (ret == 0) { … … 3472 3580 } 3473 3581 #endif 3582 XMEMSET(shaOutput, 0, WC_SHA_DIGEST_SIZE); 3474 3583 3475 3584 ret = wc_InitMd5(md5); -
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/ocsp.c
r457 r464 76 76 CertStatus *status, *next; 77 77 78 if (entry == NULL) 79 return; 80 78 81 WOLFSSL_ENTER("FreeOcspEntry"); 79 82 … … 83 86 if (status->rawOcspResponse) 84 87 XFREE(status->rawOcspResponse, heap, DYNAMIC_TYPE_OCSP_STATUS); 88 89 #ifdef OPENSSL_EXTRA 90 if (status->serialInt) { 91 if (status->serialInt->isDynamic) { 92 XFREE(status->serialInt->data, NULL, DYNAMIC_TYPE_OPENSSL); 93 } 94 XFREE(status->serialInt, NULL, DYNAMIC_TYPE_OPENSSL); 95 } 96 status->serialInt = NULL; 97 #endif 85 98 86 99 XFREE(status, heap, DYNAMIC_TYPE_OCSP_STATUS); … … 273 286 #ifdef WOLFSSL_SMALL_STACK 274 287 CertStatus* newStatus; 288 OcspEntry* newSingle; 275 289 OcspResponse* ocspResponse; 276 290 #else 277 291 CertStatus newStatus[1]; 292 OcspEntry newSingle[1]; 278 293 OcspResponse ocspResponse[1]; 279 294 #endif … … 283 298 #ifdef WOLFSSL_SMALL_STACK 284 299 newStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL, 285 DYNAMIC_TYPE_TMP_BUFFER); 300 DYNAMIC_TYPE_OCSP_STATUS); 301 newSingle = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL, 302 DYNAMIC_TYPE_OCSP_ENTRY); 286 303 ocspResponse = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL, 287 DYNAMIC_TYPE_TMP_BUFFER); 288 289 if (newStatus == NULL || ocspResponse == NULL) { 290 if (newStatus) XFREE(newStatus, NULL, DYNAMIC_TYPE_TMP_BUFFER); 291 if (ocspResponse) XFREE(ocspResponse, NULL, DYNAMIC_TYPE_TMP_BUFFER); 304 DYNAMIC_TYPE_OCSP_REQUEST); 305 306 if (newStatus == NULL || newSingle == NULL || ocspResponse == NULL) { 307 if (newStatus) XFREE(newStatus, NULL, DYNAMIC_TYPE_OCSP_STATUS); 308 if (newSingle) XFREE(newSingle, NULL, DYNAMIC_TYPE_OCSP_ENTRY); 309 if (ocspResponse) XFREE(ocspResponse, NULL, DYNAMIC_TYPE_OCSP_REQUEST); 292 310 293 311 WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR); … … 295 313 } 296 314 #endif 297 XMEMSET(newStatus, 0, sizeof(CertStatus));298 299 InitOcspResponse(ocspResponse, newStatus, response, responseSz); 315 InitOcspResponse(ocspResponse, newSingle, newStatus, response, responseSz, 316 ocsp->cm->heap); 317 300 318 ret = OcspResponseDecode(ocspResponse, ocsp->cm, ocsp->cm->heap, 0); 301 319 if (ret != 0) { … … 326 344 } 327 345 328 ret = xstat2err(ocspResponse->s tatus->status);346 ret = xstat2err(ocspResponse->single->status->status); 329 347 if (ret == 0) { 330 348 validated = 1; … … 343 361 344 362 /* Replace existing certificate entry with updated */ 345 newS tatus->next = status->next;346 XMEMCPY(status, newS tatus, sizeof(CertStatus));363 newSingle->status->next = status->next; 364 XMEMCPY(status, newSingle->status, sizeof(CertStatus)); 347 365 } 348 366 else { … … 351 369 ocsp->cm->heap, DYNAMIC_TYPE_OCSP_STATUS); 352 370 if (status != NULL) { 353 XMEMCPY(status, newS tatus, sizeof(CertStatus));371 XMEMCPY(status, newSingle->status, sizeof(CertStatus)); 354 372 status->next = entry->status; 355 373 entry->status = status; … … 380 398 381 399 #ifdef WOLFSSL_SMALL_STACK 382 XFREE(newStatus, NULL, DYNAMIC_TYPE_TMP_BUFFER); 383 XFREE(ocspResponse, NULL, DYNAMIC_TYPE_TMP_BUFFER); 400 XFREE(newStatus, NULL, DYNAMIC_TYPE_OCSP_STATUS); 401 XFREE(newSingle, NULL, DYNAMIC_TYPE_OCSP_ENTRY); 402 XFREE(ocspResponse, NULL, DYNAMIC_TYPE_OCSP_REQUEST); 384 403 #endif 385 404 return ret; … … 454 473 else { 455 474 /* cert doesn't have extAuthInfo, assuming CERT_GOOD */ 475 WOLFSSL_MSG("Cert has no OCSP URL, assuming CERT_GOOD"); 456 476 return 0; 457 477 } … … 493 513 494 514 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ 495 defined(WOLFSSL_APACHE_HTTPD) 515 defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY) 496 516 497 517 int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, … … 500 520 WOLFSSL_ASN1_TIME** nextupd) 501 521 { 522 WOLFSSL_OCSP_SINGLERESP* single; 523 502 524 if (bs == NULL || id == NULL) 503 525 return WOLFSSL_FAILURE; 504 526 505 /* Only supporting one certificate status in asn.c. */ 506 if (CompareOcspReqResp(id, bs) != 0) 527 single = bs->single; 528 while (single != NULL) { 529 if ((XMEMCMP(single->status->serial, id->status->serial, single->status->serialSz) == 0) 530 && (XMEMCMP(single->issuerHash, id->issuerHash, OCSP_DIGEST_SIZE) == 0) 531 && (XMEMCMP(single->issuerKeyHash, id->issuerKeyHash, OCSP_DIGEST_SIZE) == 0)) { 532 break; 533 } 534 single = single->next; 535 } 536 537 if (single == NULL) 507 538 return WOLFSSL_FAILURE; 508 539 509 540 if (status != NULL) 510 *status = bs->status->status;541 *status = single->status->status; 511 542 if (thisupd != NULL) 512 *thisupd = & bs->status->thisDateParsed;543 *thisupd = &single->status->thisDateParsed; 513 544 if (nextupd != NULL) 514 *nextupd = & bs->status->nextDateParsed;515 516 /* TODO: Not needed for Nginx .*/545 *nextupd = &single->status->nextDateParsed; 546 547 /* TODO: Not needed for Nginx or httpd */ 517 548 if (reason != NULL) 518 549 *reason = 0; … … 550 581 void wolfSSL_OCSP_CERTID_free(WOLFSSL_OCSP_CERTID* certId) 551 582 { 552 FreeOcsp Request(certId);583 FreeOcspEntry(certId, NULL); 553 584 XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL); 554 585 } … … 559 590 { 560 591 WOLFSSL_OCSP_CERTID* certId; 592 CertStatus* certStatus; 561 593 DecodedCert cert; 562 594 WOLFSSL_CERT_MANAGER* cm; … … 581 613 certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(WOLFSSL_OCSP_CERTID), NULL, 582 614 DYNAMIC_TYPE_OPENSSL); 583 if (certId != NULL) { 584 InitDecodedCert(&cert, subject->derCert->buffer, 585 subject->derCert->length, NULL); 586 if (ParseCertRelative(&cert, CERT_TYPE, VERIFY_OCSP, cm) != 0) { 615 certStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL, 616 DYNAMIC_TYPE_OPENSSL); 617 618 if (certId == NULL || certStatus == NULL) { 619 if (certId) 587 620 XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL); 588 certId = NULL; 589 } 590 else { 591 ret = InitOcspRequest(certId, &cert, 0, NULL); 592 if (ret != 0) { 593 XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL); 594 certId = NULL; 595 } 596 } 597 FreeDecodedCert(&cert); 598 } 621 if (certStatus) 622 XFREE(certStatus, NULL, DYNAMIC_TYPE_OPENSSL); 623 624 return NULL; 625 } 626 627 XMEMSET(certId, 0, sizeof(WOLFSSL_OCSP_CERTID)); 628 XMEMSET(certStatus, 0, sizeof(CertStatus)); 629 630 certId->status = certStatus; 631 632 InitDecodedCert(&cert, subject->derCert->buffer, 633 subject->derCert->length, NULL); 634 if (ParseCertRelative(&cert, CERT_TYPE, VERIFY_OCSP, cm) != 0) { 635 XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL); 636 certId = NULL; 637 } 638 else { 639 XMEMCPY(certId->issuerHash, cert.issuerHash, OCSP_DIGEST_SIZE); 640 XMEMCPY(certId->issuerKeyHash, cert.issuerKeyHash, OCSP_DIGEST_SIZE); 641 XMEMCPY(certId->status->serial, cert.serial, cert.serialSz); 642 certId->status->serialSz = cert.serialSz; 643 } 644 FreeDecodedCert(&cert); 599 645 600 646 wolfSSL_CertManagerFree(cm); … … 636 682 void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response) 637 683 { 638 if (response->status != NULL) 639 XFREE(response->status, NULL, DYNAMIC_TYPE_TMP_BUFFER); 684 if (response == NULL) 685 return; 686 687 if (response->single != NULL) { 688 FreeOcspEntry(response->single, NULL); 689 XFREE(response->single, NULL, DYNAMIC_TYPE_OCSP_ENTRY); 690 } 691 640 692 if (response->source != NULL) 641 693 XFREE(response->source, NULL, DYNAMIC_TYPE_TMP_BUFFER); 642 XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL); 643 } 644 694 695 XFREE(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST); 696 } 697 698 #ifndef NO_BIO 645 699 OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio, 646 700 OcspResponse** response) … … 707 761 return ret; 708 762 } 763 #endif /* !NO_BIO */ 709 764 710 765 OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response, … … 722 777 if (resp == NULL) { 723 778 resp = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL, 724 DYNAMIC_TYPE_O PENSSL);779 DYNAMIC_TYPE_OCSP_REQUEST); 725 780 if (resp == NULL) 726 781 return NULL; … … 730 785 resp->source = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER); 731 786 if (resp->source == NULL) { 732 XFREE(resp, NULL, DYNAMIC_TYPE_O PENSSL);787 XFREE(resp, NULL, DYNAMIC_TYPE_OCSP_REQUEST); 733 788 return NULL; 734 789 } 735 resp->s tatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,736 DYNAMIC_TYPE_TMP_BUFFER);737 if (resp->s tatus== NULL) {790 resp->single = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL, 791 DYNAMIC_TYPE_OCSP_ENTRY); 792 if (resp->single == NULL) { 738 793 XFREE(resp->source, NULL, DYNAMIC_TYPE_TMP_BUFFER); 739 XFREE(resp, NULL, DYNAMIC_TYPE_O PENSSL);794 XFREE(resp, NULL, DYNAMIC_TYPE_OCSP_REQUEST); 740 795 return NULL; 741 796 } 797 XMEMSET(resp->single, 0, sizeof(OcspEntry)); 798 resp->single->status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL, 799 DYNAMIC_TYPE_OCSP_STATUS); 800 if (resp->single->status == NULL) { 801 XFREE(resp->source, NULL, DYNAMIC_TYPE_TMP_BUFFER); 802 XFREE(resp, NULL, DYNAMIC_TYPE_OCSP_REQUEST); 803 XFREE(resp->single, NULL, DYNAMIC_TYPE_OCSP_ENTRY); 804 return NULL; 805 } 806 XMEMSET(resp->single->status, 0, sizeof(CertStatus)); 742 807 743 808 XMEMCPY(resp->source, *data, len); … … 795 860 796 861 bs = (WOLFSSL_OCSP_BASICRESP*)XMALLOC(sizeof(WOLFSSL_OCSP_BASICRESP), NULL, 797 DYNAMIC_TYPE_O PENSSL);862 DYNAMIC_TYPE_OCSP_REQUEST); 798 863 if (bs == NULL) 799 864 return NULL; 800 865 801 866 XMEMCPY(bs, response, sizeof(OcspResponse)); 802 bs->s tatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,803 DYNAMIC_TYPE_TMP_BUFFER);867 bs->single = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL, 868 DYNAMIC_TYPE_OCSP_ENTRY); 804 869 bs->source = (byte*)XMALLOC(bs->maxIdx, NULL, DYNAMIC_TYPE_TMP_BUFFER); 805 if (bs->s tatus== NULL || bs->source == NULL) {806 if (bs->s tatus) XFREE(bs->status, NULL, DYNAMIC_TYPE_TMP_BUFFER);870 if (bs->single == NULL || bs->source == NULL) { 871 if (bs->single) XFREE(bs->single, NULL, DYNAMIC_TYPE_OCSP_ENTRY); 807 872 if (bs->source) XFREE(bs->source, NULL, DYNAMIC_TYPE_TMP_BUFFER); 808 873 wolfSSL_OCSP_RESPONSE_free(bs); … … 810 875 } 811 876 else { 812 XMEMCPY(bs->s tatus, response->status, sizeof(CertStatus));877 XMEMCPY(bs->single, response->single, sizeof(OcspEntry)); 813 878 XMEMCPY(bs->source, response->source, response->maxIdx); 814 879 } … … 851 916 return NULL; 852 917 853 FreeOcspRequest(req); 854 XMEMCPY(req, cid, sizeof(OcspRequest)); 855 856 if (cid->serial != NULL) { 857 req->serial = (byte*)XMALLOC(cid->serialSz, NULL, 858 DYNAMIC_TYPE_OCSP_REQUEST); 859 req->url = (byte*)XMALLOC(cid->urlSz, NULL, DYNAMIC_TYPE_OCSP_REQUEST); 860 if (req->serial == NULL || req->url == NULL) { 861 FreeOcspRequest(req); 862 return NULL; 863 } 864 865 XMEMCPY(req->serial, cid->serial, cid->serialSz); 866 XMEMCPY(req->url, cid->url, cid->urlSz); 867 } 868 869 wolfSSL_OCSP_REQUEST_free(cid); 918 XMEMCPY(req->issuerHash, cid->issuerHash, KEYID_SIZE); 919 XMEMCPY(req->issuerKeyHash, cid->issuerKeyHash, KEYID_SIZE); 920 XMEMCPY(req->serial, cid->status->serial, cid->status->serialSz); 921 req->serialSz = cid->status->serialSz; 870 922 871 923 return req; … … 876 928 WOLFSSL_OCSP_CERTID* certId; 877 929 878 if (id == NULL) {930 if (id == NULL) 879 931 return NULL; 880 }881 932 882 933 certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(WOLFSSL_OCSP_CERTID), 883 id->heap, DYNAMIC_TYPE_OPENSSL);934 NULL, DYNAMIC_TYPE_OPENSSL); 884 935 if (certId) { 885 936 XMEMCPY(certId, id, sizeof(WOLFSSL_OCSP_CERTID)); … … 890 941 891 942 #if defined(OPENSSL_ALL) || defined(APACHE_HTTPD) 943 #ifndef NO_BIO 892 944 int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out, 893 945 WOLFSSL_OCSP_REQUEST *req) … … 923 975 return WOLFSSL_FAILURE; 924 976 } 977 #endif /* !NO_BIO */ 978 979 int wolfSSL_i2d_OCSP_CERTID(WOLFSSL_OCSP_CERTID* id, unsigned char** data) 980 { 981 if (id == NULL || data == NULL) 982 return WOLFSSL_FAILURE; 983 984 if (*data != NULL) { 985 XMEMCPY(*data, id->rawCertId, id->rawCertIdSize); 986 *data = *data + id->rawCertIdSize; 987 } 988 else { 989 *data = (unsigned char*)XMALLOC(id->rawCertIdSize, NULL, DYNAMIC_TYPE_OPENSSL); 990 if (*data == NULL) { 991 return WOLFSSL_FAILURE; 992 } 993 XMEMCPY(*data, id->rawCertId, id->rawCertIdSize); 994 } 995 996 return id->rawCertIdSize; 997 } 998 999 const WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_SINGLERESP_get0_id(const WOLFSSL_OCSP_SINGLERESP *single) 1000 { 1001 return single; 1002 } 1003 1004 int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single, 1005 int *reason, 1006 WOLFSSL_ASN1_TIME **revtime, 1007 WOLFSSL_ASN1_TIME **thisupd, 1008 WOLFSSL_ASN1_TIME **nextupd) 1009 { 1010 if (single == NULL) 1011 return WOLFSSL_FAILURE; 1012 1013 if (thisupd != NULL) 1014 *thisupd = &single->status->thisDateParsed; 1015 if (nextupd != NULL) 1016 *nextupd = &single->status->nextDateParsed; 1017 1018 if (reason != NULL) 1019 *reason = 0; 1020 if (revtime != NULL) 1021 *revtime = NULL; 1022 1023 return single->status->status; 1024 } 1025 1026 int wolfSSL_OCSP_resp_count(WOLFSSL_OCSP_BASICRESP *bs) 1027 { 1028 WOLFSSL_OCSP_SINGLERESP* single; 1029 int count = 0; 1030 1031 if (bs == NULL) 1032 return WOLFSSL_FAILURE; 1033 1034 single = bs->single; 1035 while(single != NULL) 1036 { 1037 ++count; 1038 single = single->next; 1039 } 1040 1041 return count; 1042 } 1043 1044 WOLFSSL_OCSP_SINGLERESP* wolfSSL_OCSP_resp_get0(WOLFSSL_OCSP_BASICRESP *bs, int idx) 1045 { 1046 WOLFSSL_OCSP_SINGLERESP* single; 1047 int currIdx = 0; 1048 1049 if (bs == NULL) 1050 return NULL; 1051 1052 single = bs->single; 1053 while(single != NULL && currIdx != idx) 1054 { 1055 single = single->next; 1056 ++currIdx; 1057 } 1058 1059 return single; 1060 } 1061 925 1062 #endif /* OPENSSL_ALL || APACHE_HTTPD */ 926 1063 … … 980 1117 return 0; 981 1118 982 if (cid->s erialSz > (WOLFSSL_ASN1_INTEGER_MAX - 2)) {1119 if (cid->status->serialSz > (WOLFSSL_ASN1_INTEGER_MAX - 2)) { 983 1120 /* allocate data buffer, +2 for type and length */ 984 ser->data = (unsigned char*)XMALLOC(cid->s erialSz + 2, NULL,1121 ser->data = (unsigned char*)XMALLOC(cid->status->serialSz + 2, NULL, 985 1122 DYNAMIC_TYPE_OPENSSL); 986 1123 if (ser->data == NULL) { … … 988 1125 return 0; 989 1126 } 990 ser->dataMax = cid->s erialSz + 2;1127 ser->dataMax = cid->status->serialSz + 2; 991 1128 ser->isDynamic = 1; 992 1129 } else { … … 998 1135 #ifdef WOLFSSL_QT 999 1136 /* Serial number starts at 0 index of ser->data */ 1000 XMEMCPY(&ser->data[i], cid->s erial, cid->serialSz);1001 ser->length = cid->s erialSz;1137 XMEMCPY(&ser->data[i], cid->status->serial, cid->status->serialSz); 1138 ser->length = cid->status->serialSz; 1002 1139 #else 1003 1140 ser->data[i++] = ASN_INTEGER; 1004 i += SetLength(cid->s erialSz, ser->data + i);1005 XMEMCPY(&ser->data[i], cid->s erial, cid->serialSz);1141 i += SetLength(cid->status->serialSz, ser->data + i); 1142 XMEMCPY(&ser->data[i], cid->status->serial, cid->status->serialSz); 1006 1143 #endif 1007 1144 1008 cid->s erialInt = ser;1009 *serial = cid->serialInt;1145 cid->status->serialInt = ser; 1146 *serial = ser; 1010 1147 } 1011 1148 -
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/sniffer.c
r457 r464 26 26 27 27 #include <wolfssl/wolfcrypt/settings.h> 28 29 #ifndef WOLFCRYPT_ONLY 28 #include <wolfssl/wolfcrypt/wc_port.h> 29 30 /* xctime */ 31 #ifndef XCTIME 32 #define XCTIME ctime 33 #endif 34 35 /* only in this file, to avoid confusing future ports leave 36 * these defines here. Do not move to wc_port.h */ 37 #ifdef USER_CUSTOM_SNIFFX 38 /* To be implemented in user_settings.h */ 39 #elif defined(FUSION_RTOS) 40 #include <fcl_network.h> 41 #define XINET_NTOA FNS_INET_NTOA 42 #define XINET_ATON FNS_INET_ATON 43 #define XINET_PTON(a,b,c,d) FNS_INET_PTON((a),(b),(c),(d),NULL) 44 #define XINET_NTOP(a,b,c,d) FNS_INET_NTOP((a),(b),(c),(d),NULL) 45 #define XINET_ADDR FNS_INET_ADDR 46 #define XHTONS FNS_HTONS 47 #define XNTOHS FNS_NTOHS 48 #define XHTONL FNS_HTONL 49 #define XNTOHL FNS_NTOHL 50 #define XINADDR_NONE FNS_INADDR_NONE 51 #else 52 /* default */ 53 #define XINET_NTOA inet_ntoa 54 #define XINET_ATON inet_aton 55 #define XINET_PTON(a,b,c) inet_pton((a),(b),(c)) 56 #define XINET_NTOP inet_ntop 57 #define XINET_ADDR inet_addr 58 #define XHTONS htons 59 #define XNTOHS ntohs 60 #define XHTONL htonl 61 #define XNTOHL ntohl 62 #define XINADDR_NONE INADDR_NONE 63 #endif 64 65 #if !defined(WOLFCRYPT_ONLY) && !defined(NO_FILESYSTEM) 30 66 #ifdef WOLFSSL_SNIFFER 31 67 … … 33 69 #include <time.h> 34 70 35 #ifndef _WIN32 36 #include <arpa/inet.h> 71 #ifdef FUSION_RTOS 72 #include <fns_inet.h> 73 #ifdef TCP_PROTOCOL 74 #undef TCP_PROTOCOL 75 #endif 37 76 #else 38 #include <WS2tcpip.h> 77 #ifndef _WIN32 78 #include <arpa/inet.h> 79 #else 80 #include <WS2tcpip.h> 81 #endif 39 82 #endif 40 83 … … 45 88 #endif 46 89 47 #include <wolfssl/openssl/ssl.h>48 90 #include <wolfssl/internal.h> 49 91 #include <wolfssl/error-ssl.h> … … 91 133 HASH_SIZE = 499, /* Session Hash Table Rows */ 92 134 PSEUDO_HDR_SZ = 12, /* TCP Pseudo Header size in bytes */ 93 FATAL_ERROR_STATE = 1,/* SnifferSession fatal error state */135 FATAL_ERROR_STATE = 1, /* SnifferSession fatal error state */ 94 136 TICKET_HINT_LEN = 4, /* Session Ticket Hint length */ 95 EXT_TYPE_SZ = 2, /* Extension length */ 137 TICKET_HINT_AGE_LEN= 4, /* Session Ticket Age add length */ 138 EXT_TYPE_SZ = 2, /* Extension type length */ 96 139 MAX_INPUT_SZ = MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA + 97 140 MTU_EXTRA, /* Max input sz of reassembly */ 98 EXT_MASTER_SECRET = 0x17, /* Extended Master Secret Extension ID */ 99 TICKET_EXT_ID = 0x23 /* Session Ticket Extension ID */ 141 142 /* TLS Extensions */ 143 EXT_SERVER_NAME = 0x0000, /* a.k.a. SNI */ 144 EXT_MAX_FRAGMENT_LENGTH = 0x0001, 145 EXT_TRUSTED_CA_KEYS = 0x0003, 146 EXT_TRUNCATED_HMAC = 0x0004, 147 EXT_STATUS_REQUEST = 0x0005, /* a.k.a. OCSP stapling */ 148 EXT_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */ 149 EXT_EC_POINT_FORMATS = 0x000b, 150 EXT_SIGNATURE_ALGORITHMS = 0x000d, 151 EXT_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */ 152 EXT_STATUS_REQUEST_V2 = 0x0011, /* a.k.a. OCSP stapling v2 */ 153 EXT_ENCRYPT_THEN_MAC = 0x0016, /* RFC 7366 */ 154 EXT_MASTER_SECRET = 0x0017, /* Extended Master Secret Extension ID */ 155 EXT_TICKET_ID = 0x0023, /* Session Ticket Extension ID */ 156 EXT_PRE_SHARED_KEY = 0x0029, 157 EXT_EARLY_DATA = 0x002a, 158 EXT_SUPPORTED_VERSIONS = 0x002b, 159 EXT_COOKIE = 0x002c, 160 EXT_PSK_KEY_EXCHANGE_MODES = 0x002d, 161 EXT_POST_HANDSHAKE_AUTH = 0x0031, 162 EXT_SIGNATURE_ALGORITHMS_CERT = 0x0032, 163 EXT_KEY_SHARE = 0x0033, 164 EXT_RENEGOTIATION_INFO = 0xff01 100 165 }; 101 166 … … 139 204 140 205 static WOLFSSL_GLOBAL int TraceOn = 0; /* Trace is off by default */ 141 static WOLFSSL_GLOBAL FILE*TraceFile = 0;206 static WOLFSSL_GLOBAL XFILE TraceFile = 0; 142 207 143 208 … … 276 341 "No data destination Error", 277 342 "Store data callback failed", 278 "Loading chain input" 343 "Loading chain input", 344 "Got encrypted extension", 345 "Got Hello Retry Request", 279 346 }; 280 347 … … 319 386 byte* key; /* DER private key */ 320 387 word32 keySz; /* size of DER private key */ 388 int isEphemeralKey; 321 389 struct NamedKey* next; /* for list */ 322 390 } NamedKey; … … 336 404 /* Sniffer Server holds info for each server/port monitored */ 337 405 typedef struct SnifferServer { 338 SSL_CTX*ctx; /* SSL context */406 WOLFSSL_CTX* ctx; /* SSL context */ 339 407 char address[MAX_SERVER_ADDRESS]; /* passed in server address */ 340 408 IpAddrInfo server; /* network order address */ … … 365 433 byte expectEms; /* expect extended master secret */ 366 434 #endif 435 byte gotFinished; /* processed finished */ 367 436 } Flags; 368 437 369 438 370 439 /* Out of Order FIN capture */ 371 typedef struct FinCap utre {440 typedef struct FinCapture { 372 441 word32 cliFinSeq; /* client relative sequence FIN 0 is no */ 373 442 word32 srvFinSeq; /* server relative sequence FIN, 0 is no */ 374 443 byte cliCounted; /* did we count yet, detects duplicates */ 375 444 byte srvCounted; /* did we count yet, detects duplicates */ 376 } FinCap utre;445 } FinCapture; 377 446 378 447 … … 385 454 wc_Md5 hashMd5; 386 455 #endif 387 #endif 456 #endif /* !NO_OLD_TLS */ 388 457 #ifndef NO_SHA256 389 458 wc_Sha256 hashSha256; … … 393 462 #endif 394 463 } HsHashes; 464 465 typedef struct KeyShareInfo { 466 word16 named_group; 467 int key_len; 468 const byte* key; 469 470 /* additional info */ 471 int dh_key_bits; 472 int curve_id; 473 } KeyShareInfo; 395 474 396 475 … … 398 477 typedef struct SnifferSession { 399 478 SnifferServer* context; /* server context */ 400 SSL*sslServer; /* SSL server side decode */401 SSL*sslClient; /* SSL client side decode */479 WOLFSSL* sslServer; /* SSL server side decode */ 480 WOLFSSL* sslClient; /* SSL client side decode */ 402 481 IpAddrInfo server; /* server address in network byte order */ 403 482 IpAddrInfo client; /* client address in network byte order */ … … 408 487 word32 cliExpected; /* client expected sequence (relative) */ 409 488 word32 srvExpected; /* server expected sequence (relative) */ 410 FinCap utre finCaputre; /* retain out of order FIN s */489 FinCapture finCapture; /* retain out of order FIN s */ 411 490 Flags flags; /* session flags */ 412 time_t lastUsed; 491 time_t lastUsed; /* last used ticks */ 413 492 word32 keySz; /* size of the private key */ 414 493 PacketBuffer* cliReassemblyList; /* client out of order packets */ … … 416 495 word32 cliReassemblyMemory; /* client packet memory used */ 417 496 word32 srvReassemblyMemory; /* server packet memory used */ 418 struct SnifferSession* next; /* for hash table list */ 419 byte* ticketID; /* mac ID of session ticket */ 497 struct SnifferSession* next; /* for hash table list */ 498 byte* ticketID; /* mac ID of session ticket */ 499 #ifdef HAVE_MAX_FRAGMENT 500 byte* tlsFragBuf; 501 word32 tlsFragOffset; 502 word32 tlsFragSize; 503 #endif 420 504 #ifdef HAVE_SNI 421 505 const char* sni; /* server name indication */ 422 506 #endif 423 507 #ifdef HAVE_EXTENDED_MASTER 424 HsHashes* hash; 508 HsHashes* hash; 509 #endif 510 #ifdef WOLFSSL_TLS13 511 byte* cliKeyShare; 512 word32 cliKeyShareSz; 513 KeyShareInfo srvKs; 514 KeyShareInfo cliKs; 425 515 #endif 426 516 } SnifferSession; … … 559 649 wc_FreeMutex(&srv->namedKeysMutex); 560 650 #endif 561 SSL_CTX_free(srv->ctx);651 wolfSSL_CTX_free(srv->ctx); 562 652 } 563 653 XFREE(srv, NULL, DYNAMIC_TYPE_SNIFFER_SERVER); … … 595 685 { 596 686 if (session) { 597 SSL_free(session->sslClient);598 SSL_free(session->sslServer);687 wolfSSL_free(session->sslClient); 688 wolfSSL_free(session->sslServer); 599 689 600 690 FreePacketList(session->cliReassemblyList); … … 604 694 #ifdef HAVE_EXTENDED_MASTER 605 695 XFREE(session->hash, NULL, DYNAMIC_TYPE_HASHES); 696 #endif 697 #ifdef WOLFSSL_TLS13 698 if (session->cliKeyShare) 699 XFREE(session->cliKeyShare, NULL, DYNAMIC_TYPE_TMP_BUFFER); 700 #endif 701 #ifdef HAVE_MAX_FRAGMENT 702 if (session->tlsFragBuf) { 703 XFREE(session->tlsFragBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 704 session->tlsFragBuf = NULL; 705 } 606 706 #endif 607 707 } … … 622 722 wc_LockMutex(&SessionMutex); 623 723 624 srv = ServerList; 625 while (srv) { 626 removeServer = srv; 627 srv = srv->next; 628 FreeSnifferServer(removeServer); 629 } 630 724 /* Free sessions (wolfSSL objects) first */ 631 725 for (i = 0; i < HASH_SIZE; i++) { 632 726 session = SessionTable[i]; … … 637 731 } 638 732 } 733 SessionCount = 0; 734 735 /* Then server (wolfSSL_CTX) */ 736 srv = ServerList; 737 while (srv) { 738 removeServer = srv; 739 srv = srv->next; 740 FreeSnifferServer(removeServer); 741 } 742 ServerList = NULL; 639 743 640 744 wc_UnLockMutex(&SessionMutex); … … 656 760 if (TraceFile) { 657 761 TraceOn = 0; 658 fclose(TraceFile);762 XFCLOSE(TraceFile); 659 763 TraceFile = NULL; 660 764 } … … 678 782 #endif 679 783 #ifndef NO_MD5 680 if (ret == 0) {784 if (ret == 0) 681 785 ret = wc_InitMd5(&hash->hashMd5); 682 } 683 #endif 684 #endif 786 #endif 787 #endif /* !NO_OLD_TLS */ 685 788 #ifndef NO_SHA256 686 789 if (ret == 0) … … 694 797 return ret; 695 798 } 696 697 799 698 800 static int HashUpdate(HsHashes* hash, const byte* input, int sz) … … 709 811 #endif 710 812 #ifndef NO_MD5 711 if (ret == 0) {813 if (ret == 0) 712 814 ret = wc_Md5Update(&hash->hashMd5, input, sz); 713 } 714 #endif 715 #endif 815 #endif 816 #endif /* !NO_OLD_TLS */ 716 817 #ifndef NO_SHA256 717 818 if (ret == 0) … … 726 827 } 727 828 728 729 829 static int HashCopy(HS_Hashes* d, HsHashes* s) 730 830 { 731 831 #ifndef NO_OLD_TLS 732 832 #ifndef NO_SHA 733 833 XMEMCPY(&d->hashSha, &s->hashSha, sizeof(wc_Sha)); 734 834 #endif 735 835 #ifndef NO_MD5 736 XMEMCPY(&d->hashMd5, &s->hashMd5, sizeof(wc_Md5)); 737 #endif 738 #endif 739 836 XMEMCPY(&d->hashMd5, &s->hashMd5, sizeof(wc_Md5)); 837 #endif 838 #endif /* !NO_OLD_TLS */ 740 839 #ifndef NO_SHA256 741 840 XMEMCPY(&d->hashSha256, &s->hashSha256, sizeof(wc_Sha256)); 742 841 #endif 743 842 #ifdef WOLFSSL_SHA384 744 843 XMEMCPY(&d->hashSha384, &s->hashSha384, sizeof(wc_Sha384)); 745 844 #endif 746 845 … … 766 865 767 866 /* Initialize FIN Capture */ 768 static void InitFinCapture(FinCap utre* cap)769 { 770 XMEMSET(cap, 0, sizeof(FinCap utre));867 static void InitFinCapture(FinCapture* cap) 868 { 869 XMEMSET(cap, 0, sizeof(FinCapture)); 771 870 } 772 871 … … 777 876 XMEMSET(session, 0, sizeof(SnifferSession)); 778 877 InitFlags(&session->flags); 779 InitFinCapture(&session->finCap utre);878 InitFinCapture(&session->finCapture); 780 879 } 781 880 … … 900 999 char myBuffer[MAX_ERROR_LEN]; 901 1000 GetError(idx, myBuffer); 902 fprintf(TraceFile, "\t%s\n", myBuffer);1001 XFPRINTF(TraceFile, "\t%s\n", myBuffer); 903 1002 #ifdef DEBUG_SNIFFER 904 fprintf(stderr, "\t%s\n", myBuffer);1003 XFPRINTF(stderr, "\t%s\n", myBuffer); 905 1004 #endif 906 1005 } … … 912 1011 { 913 1012 if (TraceOn) { 914 time_t ticks = time(NULL);915 fprintf(TraceFile, "\n%s", ctime(&ticks));1013 time_t ticks = XTIME(NULL); 1014 XFPRINTF(TraceFile, "\n%s", XCTIME(&ticks)); 916 1015 } 917 1016 } … … 922 1021 { 923 1022 if (TraceOn) { 924 fprintf(TraceFile, "\tTrying to install a new Sniffer Server with\n");925 fprintf(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n", srv, port,1023 XFPRINTF(TraceFile, "\tTrying to install a new Sniffer Server with\n"); 1024 XFPRINTF(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n", srv, port, 926 1025 keyFile); 927 1026 } … … 936 1035 { 937 1036 if (TraceOn) { 938 fprintf(TraceFile, "\tTrying to install a new Sniffer Server with\n"); 939 fprintf(TraceFile, "\tname: %s, server: %s, port: %d, keyFile: %s\n", 940 name, srv, port, keyFile); 1037 XFPRINTF(TraceFile, "\tTrying to install a new Sniffer Server with\n"); 1038 XFPRINTF(TraceFile, "\tname: %s, server: %s, port: %d, keyFile: %s\n", 1039 name ? name : "", 1040 srv ? srv : "", 1041 port, 1042 keyFile ? keyFile : ""); 941 1043 } 942 1044 } … … 950 1052 if (TraceOn) { 951 1053 static word32 packetNumber = 0; 952 fprintf(TraceFile, "\tGot a Packet to decode, packet %u\n",1054 XFPRINTF(TraceFile, "\tGot a Packet to decode, packet %u\n", 953 1055 ++packetNumber); 954 1056 } … … 959 1061 static const char* IpToS(int version, void* src, char* dst) 960 1062 { 961 return inet_ntop(version, src, dst, TRACE_MSG_SZ);1063 return XINET_NTOP(version, src, dst, TRACE_MSG_SZ); 962 1064 } 963 1065 … … 969 1071 char src[TRACE_MSG_SZ]; 970 1072 char dst[TRACE_MSG_SZ]; 971 fprintf(TraceFile, "\tdst:%s src:%s\n",1073 XFPRINTF(TraceFile, "\tdst:%s src:%s\n", 972 1074 IpToS(AF_INET, &iphdr->dst, dst), 973 1075 IpToS(AF_INET, &iphdr->src, src)); … … 982 1084 char src[TRACE_MSG_SZ]; 983 1085 char dst[TRACE_MSG_SZ]; 984 fprintf(TraceFile, "\tdst: %s src: %s\n",1086 XFPRINTF(TraceFile, "\tdst: %s src: %s\n", 985 1087 IpToS(AF_INET6, iphdr->dst, dst), 986 1088 IpToS(AF_INET6, iphdr->src, src)); … … 993 1095 { 994 1096 if (TraceOn) { 995 fprintf(TraceFile, "\tdstPort:%u srcPort:%u\n", ntohs(tcphdr->dstPort),996 ntohs(tcphdr->srcPort));1097 XFPRINTF(TraceFile, "\tdstPort:%u srcPort:%u\n", XNTOHS(tcphdr->dstPort), 1098 XNTOHS(tcphdr->srcPort)); 997 1099 } 998 1100 } … … 1003 1105 { 1004 1106 if (TraceOn) { 1005 fprintf(TraceFile, "\tSequence:%u, payload length:%d\n", seq, len);1107 XFPRINTF(TraceFile, "\tSequence:%u, payload length:%d\n", seq, len); 1006 1108 } 1007 1109 } … … 1012 1114 { 1013 1115 if (TraceOn) { 1014 fprintf(TraceFile, "\tAck:%u Expected:%u\n", ack, expected);1116 XFPRINTF(TraceFile, "\tAck:%u Expected:%u\n", ack, expected); 1015 1117 } 1016 1118 } … … 1021 1123 { 1022 1124 if (TraceOn) { 1023 fprintf(TraceFile, "\tExpected sequence:%u, received sequence:%u\n",1125 XFPRINTF(TraceFile, "\tExpected sequence:%u, received sequence:%u\n", 1024 1126 expected, got); 1025 1127 } … … 1031 1133 { 1032 1134 if (TraceOn) { 1033 fprintf(TraceFile, "\tServer SYN, Sequence Start:%u\n", seq);1135 XFPRINTF(TraceFile, "\tServer SYN, Sequence Start:%u\n", seq); 1034 1136 } 1035 1137 } … … 1040 1142 { 1041 1143 if (TraceOn) { 1042 fprintf(TraceFile, "\tClient SYN, Sequence Start:%u\n", seq);1144 XFPRINTF(TraceFile, "\tClient SYN, Sequence Start:%u\n", seq); 1043 1145 } 1044 1146 } … … 1049 1151 { 1050 1152 if (TraceOn) { 1051 fprintf(TraceFile, "\tClient FIN capture:%u, current SEQ:%u\n",1153 XFPRINTF(TraceFile, "\tClient FIN capture:%u, current SEQ:%u\n", 1052 1154 finSeq, relSeq); 1053 1155 } … … 1059 1161 { 1060 1162 if (TraceOn) { 1061 fprintf(TraceFile, "\tServer FIN capture:%u, current SEQ:%u\n",1163 XFPRINTF(TraceFile, "\tServer FIN capture:%u, current SEQ:%u\n", 1062 1164 finSeq, relSeq); 1063 1165 } … … 1069 1171 { 1070 1172 if (TraceOn) { 1071 fprintf(TraceFile, "\t%d bytes of SSL App data processed\n", bytes);1173 XFPRINTF(TraceFile, "\t%d bytes of SSL App data processed\n", bytes); 1072 1174 } 1073 1175 } … … 1078 1180 { 1079 1181 if (TraceOn) { 1080 fprintf(TraceFile,1182 XFPRINTF(TraceFile, 1081 1183 "\t%d bytes added to %d existing bytes in User Buffer\n", 1082 1184 newBytes, existingBytes); … … 1089 1191 { 1090 1192 if (TraceOn) { 1091 fprintf(TraceFile, "\tFound a stale session\n");1193 XFPRINTF(TraceFile, "\tFound a stale session\n"); 1092 1194 } 1093 1195 } … … 1098 1200 { 1099 1201 if (TraceOn) { 1100 fprintf(TraceFile, "\tTrying to find Stale Sessions\n");1202 XFPRINTF(TraceFile, "\tTrying to find Stale Sessions\n"); 1101 1203 } 1102 1204 } … … 1107 1209 { 1108 1210 if (TraceOn) { 1109 fprintf(TraceFile, "\tRemoved it\n");1211 XFPRINTF(TraceFile, "\tRemoved it\n"); 1110 1212 } 1111 1213 } … … 1117 1219 if (TraceOn) { 1118 1220 if (sslInfo != NULL && sslInfo->isValid) { 1119 fprintf(TraceFile,1221 XFPRINTF(TraceFile, 1120 1222 "\tver:(%u %u) suiteId:(%02x %02x) suiteName:(%s) " 1121 1223 #ifdef HAVE_SNI … … 1143 1245 { 1144 1246 if (TraceOn) { 1145 fprintf(TraceFile, "\tAdding %d to %s\n", add, name);1247 XFPRINTF(TraceFile, "\tAdding %d to %s\n", add, name); 1146 1248 } 1147 1249 } … … 1310 1412 { 1311 1413 SnifferSession* session; 1312 time_t currTime = time(NULL);1414 time_t currTime = XTIME(NULL); 1313 1415 word32 row = SessionHash(ipInfo, tcpInfo); 1314 1416 … … 1358 1460 1359 1461 static int LoadKeyFile(byte** keyBuf, word32* keyBufSz, 1360 const char* keyFile, int typeKey,1462 const char* keyFile, int keySz, int typeKey, 1361 1463 const char* password) 1362 1464 { … … 1364 1466 long fileSz = 0; 1365 1467 XFILE file; 1366 int ret ;1468 int ret = -1; 1367 1469 1368 1470 if (keyBuf == NULL || keyBufSz == NULL || keyFile == NULL) { … … 1370 1472 } 1371 1473 1372 file = XFOPEN(keyFile, "rb"); 1373 if (file == XBADFILE) return -1; 1374 if(XFSEEK(file, 0, XSEEK_END) != 0) { 1474 if (keySz == 0) { 1475 /* load from file */ 1476 file = XFOPEN(keyFile, "rb"); 1477 if (file == XBADFILE) return -1; 1478 if(XFSEEK(file, 0, XSEEK_END) != 0) { 1479 XFCLOSE(file); 1480 return -1; 1481 } 1482 fileSz = XFTELL(file); 1483 if (fileSz > MAX_WOLFSSL_FILE_SIZE || fileSz < 0) { 1484 XFCLOSE(file); 1485 return -1; 1486 } 1487 XREWIND(file); 1488 1489 loadBuf = (byte*)XMALLOC(fileSz, NULL, DYNAMIC_TYPE_FILE); 1490 if (loadBuf == NULL) { 1491 XFCLOSE(file); 1492 return -1; 1493 } 1494 1495 ret = (int)XFREAD(loadBuf, 1, fileSz, file); 1375 1496 XFCLOSE(file); 1376 return -1; 1377 } 1378 fileSz = XFTELL(file); 1379 if (fileSz > MAX_WOLFSSL_FILE_SIZE || fileSz < 0) { 1380 XFCLOSE(file); 1381 return -1; 1382 } 1383 XREWIND(file); 1384 1385 loadBuf = (byte*)XMALLOC(fileSz, NULL, DYNAMIC_TYPE_FILE); 1386 if (loadBuf == NULL) { 1387 XFCLOSE(file); 1388 return -1; 1389 } 1390 1391 ret = (int)XFREAD(loadBuf, 1, fileSz, file); 1392 XFCLOSE(file); 1393 1394 if (ret != fileSz) { 1395 XFREE(loadBuf, NULL, DYNAMIC_TYPE_FILE); 1396 return -1; 1497 1498 if (ret != fileSz) { 1499 XFREE(loadBuf, NULL, DYNAMIC_TYPE_FILE); 1500 return -1; 1501 } 1502 } 1503 else { 1504 /* use buffer directly */ 1505 loadBuf = (byte*)XMALLOC(keySz, NULL, DYNAMIC_TYPE_FILE); 1506 if (loadBuf == NULL) { 1507 return -1; 1508 } 1509 fileSz = keySz; 1510 XMEMCPY(loadBuf, keyFile, fileSz); 1397 1511 } 1398 1512 … … 1450 1564 } 1451 1565 InitSnifferServer(sniffer); 1452 sniffer->ctx = SSL_CTX_new(TLSv1_2_client_method());1566 sniffer->ctx = wolfSSL_CTX_new(SSLv23_client_method()); 1453 1567 if (!sniffer->ctx) { 1454 1568 SetError(MEMORY_STR, error, NULL, 0); … … 1469 1583 1470 1584 static int SetNamedPrivateKey(const char* name, const char* address, int port, 1471 const char* keyFile, int typeKey, const char* password, char* error) 1585 const char* keyFile, int keySz, int typeKey, const char* password, 1586 char* error, int isEphemeralKey) 1472 1587 { 1473 1588 SnifferServer* sniffer; … … 1498 1613 XSTRNCPY(namedKey->name, name, namedKey->nameSz); 1499 1614 namedKey->name[MAX_SERVER_NAME-1] = '\0'; 1500 1615 namedKey->isEphemeralKey = isEphemeralKey; 1501 1616 ret = LoadKeyFile(&namedKey->key, &namedKey->keySz, 1502 keyFile, type, password);1617 keyFile, keySz, type, password); 1503 1618 if (ret < 0) { 1504 1619 SetError(KEY_FILE_STR, error, NULL, 0); … … 1510 1625 1511 1626 serverIp.version = IPV4; 1512 serverIp.ip4 = inet_addr(address); 1513 if (serverIp.ip4 == INADDR_NONE) { 1514 if (inet_pton(AF_INET6, address, serverIp.ip6) == 1) { 1627 serverIp.ip4 = XINET_ADDR(address); 1628 if (serverIp.ip4 == XINADDR_NONE) { 1629 #ifdef FUSION_RTOS 1630 if (XINET_PTON(AF_INET6, address, serverIp.ip6, 1631 sizeof(serverIp.ip4)) == 1) { 1632 #else 1633 if (XINET_PTON(AF_INET6, address, serverIp.ip6) == 1) { 1634 #endif 1515 1635 serverIp.version = IPV6; 1516 1636 } … … 1540 1660 sniffer->port = port; 1541 1661 1542 sniffer->ctx = SSL_CTX_new(TLSv1_2_client_method());1662 sniffer->ctx = wolfSSL_CTX_new(SSLv23_client_method()); 1543 1663 if (!sniffer->ctx) { 1544 1664 SetError(MEMORY_STR, error, NULL, 0); … … 1554 1674 if (password) { 1555 1675 #ifdef WOLFSSL_ENCRYPTED_KEYS 1556 SSL_CTX_set_default_passwd_cb(sniffer->ctx, SetPassword);1557 SSL_CTX_set_default_passwd_cb_userdata(1676 wolfSSL_CTX_set_default_passwd_cb(sniffer->ctx, SetPassword); 1677 wolfSSL_CTX_set_default_passwd_cb_userdata( 1558 1678 sniffer->ctx, (void*)password); 1559 1679 #endif 1560 1680 } 1561 ret = SSL_CTX_use_PrivateKey_file(sniffer->ctx, keyFile, type); 1681 1682 #ifdef WOLFSSL_STATIC_EPHEMERAL 1683 if (isEphemeralKey) { 1684 /* auto detect key type with WC_PK_TYPE_NONE */ 1685 /* keySz == 0 mean load file */ 1686 ret = wolfSSL_CTX_set_ephemeral_key(sniffer->ctx, WC_PK_TYPE_NONE, 1687 keyFile, 0, type); 1688 if (ret == 0) 1689 ret = WOLFSSL_SUCCESS; 1690 } 1691 else 1692 #endif 1693 { 1694 if (keySz == 0) { 1695 ret = wolfSSL_CTX_use_PrivateKey_file(sniffer->ctx, keyFile, type); 1696 } 1697 else { 1698 ret = wolfSSL_CTX_use_PrivateKey_buffer(sniffer->ctx, 1699 (const byte*)keyFile, keySz, type); 1700 } 1701 } 1562 1702 if (ret != WOLFSSL_SUCCESS) { 1563 1703 SetError(KEY_FILE_STR, error, NULL, 0); … … 1589 1729 1590 1730 #ifdef HAVE_SNI 1591 1592 1731 /* Sets the private key for a specific name, server and port */ 1593 1732 /* returns 0 on success, -1 on error */ … … 1603 1742 1604 1743 wc_LockMutex(&ServerListMutex); 1605 ret = SetNamedPrivateKey(name, address, port, keyFile, 1606 typeKey, password, error );1744 ret = SetNamedPrivateKey(name, address, port, keyFile, 0, 1745 typeKey, password, error, 0); 1607 1746 wc_UnLockMutex(&ServerListMutex); 1608 1747 … … 1613 1752 } 1614 1753 1615 #endif 1616 1754 int ssl_SetNamedPrivateKeyBuffer(const char* name, 1755 const char* address, int port, 1756 const char* keyBuf, int keySz, int typeKey, 1757 const char* password, char* error) 1758 { 1759 int ret; 1760 1761 TraceHeader(); 1762 TraceSetNamedServer(name, address, port, NULL); 1763 1764 wc_LockMutex(&ServerListMutex); 1765 ret = SetNamedPrivateKey(name, address, port, keyBuf, keySz, 1766 typeKey, password, error, 0); 1767 wc_UnLockMutex(&ServerListMutex); 1768 1769 if (ret == 0) 1770 Trace(NEW_SERVER_STR); 1771 1772 return ret; 1773 } 1774 #endif /* HAVE_SNI */ 1617 1775 1618 1776 /* Sets the private key for a specific server and port */ 1619 1777 /* returns 0 on success, -1 on error */ 1620 int ssl_SetPrivateKey(const char* address, int port, const char* keyFile, 1621 int typeKey, const char* password, char* error) 1778 int ssl_SetPrivateKey(const char* address, int port, 1779 const char* keyFile, int typeKey, 1780 const char* password, char* error) 1622 1781 { 1623 1782 int ret; … … 1627 1786 1628 1787 wc_LockMutex(&ServerListMutex); 1629 ret = SetNamedPrivateKey(NULL, address, port, keyFile, 1630 typeKey, password, error );1788 ret = SetNamedPrivateKey(NULL, address, port, keyFile, 0, 1789 typeKey, password, error, 0); 1631 1790 wc_UnLockMutex(&ServerListMutex); 1632 1791 … … 1637 1796 } 1638 1797 1798 int ssl_SetPrivateKeyBuffer(const char* address, int port, 1799 const char* keyBuf, int keySz, int typeKey, 1800 const char* password, char* error) 1801 { 1802 int ret; 1803 1804 TraceHeader(); 1805 TraceSetServer(address, port, "from buffer"); 1806 1807 wc_LockMutex(&ServerListMutex); 1808 ret = SetNamedPrivateKey(NULL, address, port, keyBuf, keySz, 1809 typeKey, password, error, 0); 1810 wc_UnLockMutex(&ServerListMutex); 1811 1812 if (ret == 0) 1813 Trace(NEW_SERVER_STR); 1814 1815 return ret; 1816 } 1817 1818 #ifdef WOLFSSL_STATIC_EPHEMERAL 1819 #ifdef HAVE_SNI 1820 /* Sets the ephemeral key for a specific name, server and port */ 1821 /* returns 0 on success, -1 on error */ 1822 int ssl_SetNamedEphemeralKey(const char* name, 1823 const char* address, int port, 1824 const char* keyFile, int typeKey, 1825 const char* password, char* error) 1826 { 1827 int ret; 1828 1829 TraceHeader(); 1830 TraceSetNamedServer(name, address, port, keyFile); 1831 1832 wc_LockMutex(&ServerListMutex); 1833 ret = SetNamedPrivateKey(name, address, port, keyFile, 0, 1834 typeKey, password, error, 1); 1835 wc_UnLockMutex(&ServerListMutex); 1836 1837 if (ret == 0) 1838 Trace(NEW_SERVER_STR); 1839 1840 return ret; 1841 } 1842 1843 int ssl_SetNamedEphemeralKeyBuffer(const char* name, 1844 const char* address, int port, 1845 const char* keyBuf, int keySz, int typeKey, 1846 const char* password, char* error) 1847 { 1848 int ret; 1849 1850 TraceHeader(); 1851 TraceSetNamedServer(name, address, port, NULL); 1852 1853 wc_LockMutex(&ServerListMutex); 1854 ret = SetNamedPrivateKey(name, address, port, keyBuf, keySz, 1855 typeKey, password, error, 1); 1856 wc_UnLockMutex(&ServerListMutex); 1857 1858 if (ret == 0) 1859 Trace(NEW_SERVER_STR); 1860 1861 return ret; 1862 } 1863 #endif /* HAVE_SNI */ 1864 1865 /* Sets the ephemeral key for a specific server and port */ 1866 /* returns 0 on success, -1 on error */ 1867 int ssl_SetEphemeralKey(const char* address, int port, 1868 const char* keyFile, int typeKey, 1869 const char* password, char* error) 1870 { 1871 int ret; 1872 1873 TraceHeader(); 1874 TraceSetServer(address, port, keyFile); 1875 1876 wc_LockMutex(&ServerListMutex); 1877 ret = SetNamedPrivateKey(NULL, address, port, keyFile, 0, 1878 typeKey, password, error, 1); 1879 wc_UnLockMutex(&ServerListMutex); 1880 1881 if (ret == 0) 1882 Trace(NEW_SERVER_STR); 1883 1884 return ret; 1885 } 1886 1887 int ssl_SetEphemeralKeyBuffer(const char* address, int port, 1888 const char* keyBuf, int keySz, int typeKey, 1889 const char* password, char* error) 1890 { 1891 int ret; 1892 1893 TraceHeader(); 1894 TraceSetServer(address, port, "from buffer"); 1895 1896 wc_LockMutex(&ServerListMutex); 1897 ret = SetNamedPrivateKey(NULL, address, port, keyBuf, keySz, 1898 typeKey, password, error, 1); 1899 wc_UnLockMutex(&ServerListMutex); 1900 1901 if (ret == 0) 1902 Trace(NEW_SERVER_STR); 1903 1904 return ret; 1905 } 1906 #endif /* WOLFSSL_STATIC_EPHEMERAL */ 1639 1907 1640 1908 /* Check IP Header for IPV6, TCP, and a registered server address */ … … 1677 1945 1678 1946 info->length = exthdrsz; 1679 info->total = ntohs(iphdr->length) + info->length;1680 1947 info->total = XNTOHS(iphdr->length) + info->length; 1948 /* IPv6 doesn't include its own header size in the length like v4. */ 1681 1949 info->src.version = IPV6; 1682 1950 XMEMCPY(info->src.ip6, iphdr->src, sizeof(info->src.ip6)); … … 1693 1961 static int CheckIpHdr(IpHdr* iphdr, IpInfo* info, int length, char* error) 1694 1962 { 1695 int 1963 int version = IP_V(iphdr); 1696 1964 1697 1965 if (version == IPV6) … … 1719 1987 1720 1988 info->length = IP_HL(iphdr); 1721 info->total = ntohs(iphdr->length);1989 info->total = XNTOHS(iphdr->length); 1722 1990 info->src.version = IPV4; 1723 1991 info->src.ip4 = iphdr->src; … … 1738 2006 TraceTcp(tcphdr); 1739 2007 Trace(TCP_CHECK_STR); 1740 info->srcPort = ntohs(tcphdr->srcPort);1741 info->dstPort = ntohs(tcphdr->dstPort);2008 info->srcPort = XNTOHS(tcphdr->srcPort); 2009 info->dstPort = XNTOHS(tcphdr->dstPort); 1742 2010 info->length = TCP_LEN(tcphdr); 1743 info->sequence = ntohl(tcphdr->sequence);2011 info->sequence = XNTOHL(tcphdr->sequence); 1744 2012 info->fin = tcphdr->flags & TCP_FIN; 1745 2013 info->rst = tcphdr->flags & TCP_RST; … … 1747 2015 info->ack = tcphdr->flags & TCP_ACK; 1748 2016 if (info->ack) 1749 info->ackNumber = ntohl(tcphdr->ack);2017 info->ackNumber = XNTOHL(tcphdr->ack); 1750 2018 1751 2019 #ifndef WOLFSSL_SNIFFER_WATCH … … 1802 2070 } 1803 2071 sslInfo->keySize = session->keySz; 1804 2072 #ifdef HAVE_SNI 1805 2073 if (NULL != session->sni) { 1806 2074 XSTRNCPY((char*)sslInfo->serverNameIndication, … … 1809 2077 [sizeof(sslInfo->serverNameIndication) - 1] = '\0'; 1810 2078 } 1811 2079 #endif 1812 2080 TraceSessionInfo(sslInfo); 1813 2081 } … … 1826 2094 } 1827 2095 1828 1829 /* Process Client Key Exchange, RSA or static ECDH */ 1830 static int ProcessClientKeyExchange(const byte* input, int* sslBytes, 1831 SnifferSession* session, char* error) 2096 #ifdef SHOW_SECRETS 2097 static void PrintSecret(const char* desc, const byte* buf, int sz) 2098 { 2099 int i; 2100 printf("%s: ", desc); 2101 for (i = 0; i < sz; i++) { 2102 printf("%02x", buf[i]); 2103 } 2104 printf("\n"); 2105 } 2106 2107 static void ShowTlsSecrets(SnifferSession* session) 2108 { 2109 PrintSecret("server master secret", session->sslServer->arrays->masterSecret, SECRET_LEN); 2110 PrintSecret("client master secret", session->sslClient->arrays->masterSecret, SECRET_LEN); 2111 printf("server suite = %d\n", session->sslServer->options.cipherSuite); 2112 printf("client suite = %d\n", session->sslClient->options.cipherSuite); 2113 } 2114 #endif /* SHOW_SECRETS */ 2115 2116 2117 /* Process Keys */ 2118 2119 /* contains static ephemeral keys */ 2120 typedef struct { 2121 #ifndef NO_DH 2122 DerBuffer* dhKey; 2123 #endif 2124 #ifdef HAVE_ECC 2125 DerBuffer* ecKey; 2126 #endif 2127 #if !defined(NO_RSA) && defined(WOLFSSL_STATIC_RSA) 2128 DerBuffer* rsaKey; 2129 #endif 2130 } KeyBuffers_t; 2131 2132 static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session, 2133 char* error, KeyShareInfo* ksInfo, KeyBuffers_t* keys) 1832 2134 { 1833 2135 word32 idx = 0; 1834 int tryEcc = 0;1835 2136 int ret; 1836 1837 if (session->sslServer->buffers.key == NULL || 1838 session->sslServer->buffers.key->buffer == NULL ||1839 session->sslServer->buffers.key->length == 0) {1840 1841 SetError(RSA_KEY_MISSING_STR, error, session, FATAL_ERROR_STATE); 1842 return -1; 1843 } 1844 1845 {2137 DerBuffer* keyBuf; 2138 #ifdef HAVE_ECC 2139 int useEccCurveId = ECC_CURVE_DEF; 2140 if (ksInfo && ksInfo->curve_id != 0) 2141 useEccCurveId = ksInfo->curve_id; 2142 #endif 2143 2144 #ifndef NO_RSA 2145 /* Static RSA */ 2146 if (ksInfo == NULL && keys->rsaKey) { 1846 2147 RsaKey key; 1847 2148 int length; 1848 2149 2150 keyBuf = keys->rsaKey; 2151 1849 2152 ret = wc_InitRsaKey(&key, 0); 1850 2153 if (ret == 0) { 1851 ret = wc_RsaPrivateKeyDecode( 1852 session->sslServer->buffers.key->buffer, 1853 &idx, &key, session->sslServer->buffers.key->length); 2154 ret = wc_RsaPrivateKeyDecode(keyBuf->buffer, &idx, &key, keyBuf->length); 1854 2155 if (ret != 0) { 1855 tryEcc = 1; 1856 #ifndef HAVE_ECC 1857 SetError(RSA_DECODE_STR, error, session, FATAL_ERROR_STATE); 1858 #else 1859 /* If we can do ECC, this isn't fatal. Not loading an ECC 1860 * key will be fatal, though. */ 1861 SetError(RSA_DECODE_STR, error, session, 0); 1862 #endif 1863 } 2156 #ifndef HAVE_ECC 2157 SetError(RSA_DECODE_STR, error, session, FATAL_ERROR_STATE); 2158 #else 2159 /* If we can do ECC, this isn't fatal. Not loading an ECC 2160 * key will be fatal, though. */ 2161 SetError(RSA_DECODE_STR, error, session, 0); 2162 if (keys->ecKey == NULL) 2163 keys->ecKey = session->sslServer->buffers.key; /* try ECC */ 2164 #endif 2165 } 2166 #ifdef HAVE_ECC 2167 else { 2168 useEccCurveId = -1; /* don't try loading ECC */ 2169 } 2170 #endif 1864 2171 } 1865 2172 … … 1909 2216 wc_FreeRsaKey(&key); 1910 2217 } 1911 1912 if (tryEcc) { 2218 #endif /* !NO_RSA */ 2219 2220 #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) 2221 /* Static DH Key */ 2222 if (ksInfo && ksInfo->dh_key_bits != 0 && keys->dhKey) { 2223 DhKey dhKey; 2224 const DhParams* params; 2225 word32 privKeySz; 2226 byte privKey[52]; /* max for TLS */ 2227 2228 keyBuf = keys->dhKey; 2229 2230 /* get DH params */ 2231 switch (ksInfo->named_group) { 2232 #ifdef HAVE_FFDHE_2048 2233 case WOLFSSL_FFDHE_2048: 2234 params = wc_Dh_ffdhe2048_Get(); 2235 privKeySz = 29; 2236 break; 2237 #endif 2238 #ifdef HAVE_FFDHE_3072 2239 case WOLFSSL_FFDHE_3072: 2240 params = wc_Dh_ffdhe3072_Get(); 2241 privKeySz = 34; 2242 break; 2243 #endif 2244 #ifdef HAVE_FFDHE_4096 2245 case WOLFSSL_FFDHE_4096: 2246 params = wc_Dh_ffdhe4096_Get(); 2247 privKeySz = 39; 2248 break; 2249 #endif 2250 #ifdef HAVE_FFDHE_6144 2251 case WOLFSSL_FFDHE_6144: 2252 params = wc_Dh_ffdhe6144_Get(); 2253 privKeySz = 46; 2254 break; 2255 #endif 2256 #ifdef HAVE_FFDHE_8192 2257 case WOLFSSL_FFDHE_8192: 2258 params = wc_Dh_ffdhe8192_Get(); 2259 privKeySz = 52; 2260 break; 2261 #endif 2262 default: 2263 return BAD_FUNC_ARG; 2264 } 2265 2266 ret = wc_InitDhKey(&dhKey); 2267 if (ret == 0) { 2268 ret = wc_DhSetKey(&dhKey, 2269 (byte*)params->p, params->p_len, 2270 (byte*)params->g, params->g_len); 2271 if (ret == 0) { 2272 ret = wc_DhKeyDecode(keyBuf->buffer, &idx, &dhKey, 2273 keyBuf->length); 2274 } 2275 if (ret == 0) { 2276 ret = wc_DhExportKeyPair(&dhKey, privKey, &privKeySz, NULL, 2277 NULL); 2278 } 2279 2280 /* Derive secret from private key and peer's public key */ 2281 do { 2282 #ifdef WOLFSSL_ASYNC_CRYPT 2283 ret = wc_AsyncWait(ret, &dhPriv.asyncDev, 2284 WC_ASYNC_FLAG_CALL_AGAIN); 2285 #endif 2286 if (ret >= 0) { 2287 ret = wc_DhAgree(&dhKey, 2288 session->sslServer->arrays->preMasterSecret, 2289 &session->sslServer->arrays->preMasterSz, 2290 privKey, privKeySz, 2291 input, *sslBytes); 2292 } 2293 } while (ret == WC_PENDING_E); 2294 2295 wc_FreeDhKey(&dhKey); 2296 2297 /* left-padded with zeros up to the size of the prime */ 2298 if (params->p_len > session->sslServer->arrays->preMasterSz) { 2299 word32 diff = params->p_len - session->sslServer->arrays->preMasterSz; 2300 XMEMMOVE(session->sslServer->arrays->preMasterSecret + diff, 2301 session->sslServer->arrays->preMasterSecret, 2302 session->sslServer->arrays->preMasterSz); 2303 XMEMSET(session->sslServer->arrays->preMasterSecret, 0, diff); 2304 session->sslServer->arrays->preMasterSz = params->p_len; 2305 } 2306 } 2307 } 2308 #endif /* !NO_DH && WOLFSSL_DH_EXTRA */ 2309 1913 2310 #ifdef HAVE_ECC 2311 /* Static ECC Key */ 2312 if (useEccCurveId >= ECC_CURVE_DEF && keys->ecKey) { 1914 2313 ecc_key key; 1915 2314 ecc_key pubKey; 1916 2315 int length, keyInit = 0, pubKeyInit = 0; 1917 2316 2317 keyBuf = keys->ecKey; 1918 2318 idx = 0; 1919 2319 ret = wc_ecc_init(&key); … … 1922 2322 ret = wc_ecc_init(&pubKey); 1923 2323 } 2324 2325 #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ 2326 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ 2327 !defined(HAVE_SELFTEST) 2328 if (ret == 0) { 2329 ret = wc_ecc_set_rng(&key, session->sslServer->rng); 2330 } 2331 #endif 2332 1924 2333 if (ret == 0) { 1925 2334 pubKeyInit = 1; 1926 ret = wc_EccPrivateKeyDecode( 1927 session->sslServer->buffers.key->buffer, 1928 &idx, &key, session->sslServer->buffers.key->length); 2335 ret = wc_EccPrivateKeyDecode(keyBuf->buffer, &idx, &key, keyBuf->length); 1929 2336 if (ret != 0) { 1930 2337 SetError(ECC_DECODE_STR, error, session, FATAL_ERROR_STATE); … … 1936 2343 /* The length should be 2 times the key size (x and y), plus 1 1937 2344 * for the type byte. */ 1938 if ( IsTLS(session->sslServer)) {2345 if (!IsAtLeastTLSv1_3(session->sslServer->version)) { 1939 2346 input += 1; /* Don't include the TLS length for the key. */ 1940 2347 } 1941 2348 1942 if (length + 1 > *sslBytes) { 1943 SetError(PARTIAL_INPUT_STR, 1944 error, session, FATAL_ERROR_STATE); 2349 if (length > *sslBytes) { 2350 SetError(PARTIAL_INPUT_STR, error, session, FATAL_ERROR_STATE); 1945 2351 ret = -1; 1946 2352 } 2353 2354 /* if curve not provided in key share data, then use private key curve */ 2355 if (useEccCurveId == ECC_CURVE_DEF && key.dp) { 2356 useEccCurveId = key.dp->id; 2357 } 1947 2358 } 1948 2359 1949 2360 if (ret == 0) { 1950 ret = wc_ecc_import_x963_ex(input, length, &pubKey, ECC_CURVE_DEF);2361 ret = wc_ecc_import_x963_ex(input, length, &pubKey, useEccCurveId); 1951 2362 if (ret != 0) { 1952 2363 SetError(ECC_PUB_DECODE_STR, error, session, FATAL_ERROR_STATE); … … 1983 2394 if (pubKeyInit) 1984 2395 wc_ecc_free(&pubKey); 1985 #endif 1986 } 2396 } 2397 #endif /* HAVE_ECC */ 1987 2398 1988 2399 /* store for client side as well */ … … 1993 2404 session->sslServer->arrays->preMasterSz; 1994 2405 1995 #ifdef SHOW_SECRETS 1996 { 1997 word32 i; 1998 printf("pre master secret: "); 1999 for (i = 0; i < session->sslServer->arrays->preMasterSz; i++) 2000 printf("%02x", session->sslServer->arrays->preMasterSecret[i]); 2001 printf("\n"); 2002 } 2003 #endif 2406 #ifdef SHOW_SECRETS 2407 PrintSecret("pre master secret", 2408 session->sslServer->arrays->preMasterSecret, 2409 session->sslServer->arrays->preMasterSz); 2410 #endif 2004 2411 2005 2412 if (SetCipherSpecs(session->sslServer) != 0) { … … 2013 2420 } 2014 2421 2015 ret = MakeMasterSecret(session->sslServer); 2016 ret += MakeMasterSecret(session->sslClient); 2017 ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE); 2018 ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE); 2019 2422 #ifdef WOLFSSL_TLS13 2423 /* TLS v1.3 derive handshake key */ 2424 if (IsAtLeastTLSv1_3(session->sslServer->version)) { 2425 ret = DeriveEarlySecret(session->sslServer); 2426 ret += DeriveEarlySecret(session->sslClient); 2427 ret += DeriveHandshakeSecret(session->sslServer); 2428 ret += DeriveHandshakeSecret(session->sslClient); 2429 ret += DeriveTls13Keys(session->sslServer, handshake_key, ENCRYPT_AND_DECRYPT_SIDE, 1); 2430 ret += DeriveTls13Keys(session->sslClient, handshake_key, ENCRYPT_AND_DECRYPT_SIDE, 1); 2431 #ifdef WOLFSSL_EARLY_DATA 2432 ret += SetKeysSide(session->sslServer, DECRYPT_SIDE_ONLY); 2433 ret += SetKeysSide(session->sslClient, DECRYPT_SIDE_ONLY); 2434 #else 2435 ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE); 2436 ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE); 2437 #endif 2438 } 2439 else 2440 #endif 2441 { 2442 ret = MakeMasterSecret(session->sslServer); 2443 ret += MakeMasterSecret(session->sslClient); 2444 ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE); 2445 ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE); 2446 } 2020 2447 if (ret != 0) { 2021 2448 SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE); … … 2024 2451 2025 2452 #ifdef SHOW_SECRETS 2026 { 2027 int i; 2028 printf("server master secret: "); 2029 for (i = 0; i < SECRET_LEN; i++) 2030 printf("%02x", session->sslServer->arrays->masterSecret[i]); 2031 printf("\n"); 2032 2033 printf("client master secret: "); 2034 for (i = 0; i < SECRET_LEN; i++) 2035 printf("%02x", session->sslClient->arrays->masterSecret[i]); 2036 printf("\n"); 2037 2038 printf("server suite = %d\n", session->sslServer->options.cipherSuite); 2039 printf("client suite = %d\n", session->sslClient->options.cipherSuite); 2040 } 2453 #ifdef WOLFSSL_TLS13 2454 if (!IsAtLeastTLSv1_3(session->sslServer->version)) 2455 #endif 2456 ShowTlsSecrets(session); 2041 2457 #endif 2042 2458 … … 2046 2462 } 2047 2463 2464 /* Process Client Key Exchange, static RSA */ 2465 static int ProcessClientKeyExchange(const byte* input, int* sslBytes, 2466 SnifferSession* session, char* error) 2467 { 2468 KeyBuffers_t keys; 2469 2470 if (session->sslServer->buffers.key == NULL || 2471 session->sslServer->buffers.key->buffer == NULL || 2472 session->sslServer->buffers.key->length == 0) { 2473 2474 SetError(RSA_KEY_MISSING_STR, error, session, FATAL_ERROR_STATE); 2475 return -1; 2476 } 2477 2478 XMEMSET(&keys, 0, sizeof(keys)); 2479 #ifdef WOLFSSL_STATIC_EPHEMERAL 2480 #ifndef NO_DH 2481 keys.dhKey = session->sslServer->staticKE.dhKey; 2482 #endif 2483 #ifdef HAVE_ECC 2484 keys.ecKey = session->sslServer->staticKE.ecKey; 2485 #endif 2486 #endif 2487 keys.rsaKey = session->sslServer->buffers.key; 2488 return SetupKeys(input, sslBytes, session, error, NULL, &keys); 2489 } 2490 2491 #ifdef WOLFSSL_TLS13 2492 static int ProcessKeyShare(KeyShareInfo* info, const byte* input, int len, 2493 word16 filter_group) 2494 { 2495 int index = 0; 2496 while (index < len) { 2497 /* clear info (reset dh_key_bits and curve_id) */ 2498 XMEMSET(info, 0, sizeof(KeyShareInfo)); 2499 2500 /* Named group and public key */ 2501 info->named_group = (word16)((input[index] << 8) | input[index+1]); 2502 index += OPAQUE16_LEN; 2503 info->key_len = 0; 2504 info->key = NULL; 2505 /* If key was provided... (a hello_retry_request will not send a key) */ 2506 if (index + 2 <= len) { 2507 info->key_len = (word16)((input[index] << 8) | input[index+1]); 2508 index += OPAQUE16_LEN; 2509 if (info->key_len == 0 || info->key_len > len - index) { 2510 return -1; 2511 } 2512 info->key = &input[index]; 2513 index += info->key_len; 2514 } 2515 2516 switch (info->named_group) { 2517 #ifndef NO_DH 2518 #ifdef HAVE_FFDHE_2048 2519 case WOLFSSL_FFDHE_2048: 2520 info->dh_key_bits = 2048; 2521 break; 2522 #endif 2523 #ifdef HAVE_FFDHE_3072 2524 case WOLFSSL_FFDHE_3072: 2525 info->dh_key_bits = 3072; 2526 break; 2527 #endif 2528 #ifdef HAVE_FFDHE_4096 2529 case WOLFSSL_FFDHE_4096: 2530 info->dh_key_bits = 4096; 2531 break; 2532 #endif 2533 #ifdef HAVE_FFDHE_6144 2534 case WOLFSSL_FFDHE_6144: 2535 info->dh_key_bits = 6144; 2536 break; 2537 #endif 2538 #ifdef HAVE_FFDHE_8192 2539 case WOLFSSL_FFDHE_8192: 2540 info->dh_key_bits = 8192; 2541 break; 2542 #endif 2543 #endif /* !NO_DH */ 2544 #ifdef HAVE_ECC 2545 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) 2546 #ifndef NO_ECC_SECP 2547 case WOLFSSL_ECC_SECP256R1: 2548 info->curve_id = ECC_SECP256R1; 2549 break; 2550 #endif /* !NO_ECC_SECP */ 2551 #endif 2552 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) 2553 #ifndef NO_ECC_SECP 2554 case WOLFSSL_ECC_SECP384R1: 2555 info->curve_id = ECC_SECP384R1; 2556 break; 2557 #endif /* !NO_ECC_SECP */ 2558 #endif 2559 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) 2560 #ifndef NO_ECC_SECP 2561 case WOLFSSL_ECC_SECP521R1: 2562 info->curve_id = ECC_SECP521R1; 2563 break; 2564 #endif /* !NO_ECC_SECP */ 2565 #endif 2566 #endif /* HAVE_ECC */ 2567 #ifdef HAVE_CURVE25519 2568 case WOLFSSL_ECC_X25519: 2569 info->curve_id = ECC_X25519; 2570 break; 2571 #endif 2572 #ifdef HAVE_X448 2573 case WOLFSSL_ECC_X448: 2574 info->curve_id = ECC_X448; 2575 break; 2576 #endif 2577 default: 2578 /* do not throw error here, keep iterating the client key share */ 2579 break; 2580 } 2581 2582 if (filter_group == 0 || filter_group == info->named_group) { 2583 return 0; 2584 } 2585 } 2586 return NO_PEER_KEY; /* unsupported key type */ 2587 } 2588 2589 static int ProcessServerKeyShare(SnifferSession* session, const byte* input, int len, 2590 char* error) 2591 { 2592 int ret; 2593 2594 if (session->cliKeyShare == NULL || session->cliKeyShareSz == 0) { 2595 /* session->cliKeyShareSz could not be provided yet if the client_hello 2596 did not send a key share to force a hello_retry_request */ 2597 return 0; 2598 } 2599 2600 /* Get server_hello key share (and key) */ 2601 ret = ProcessKeyShare(&session->srvKs, input, len, 0); 2602 if (ret == 0 && session->srvKs.key_len > 0) { 2603 /* Get client_hello key share */ 2604 ret = ProcessKeyShare(&session->cliKs, session->cliKeyShare, 2605 session->cliKeyShareSz, session->srvKs.named_group); 2606 } 2607 if (ret != 0) { 2608 SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE); 2609 return -1; 2610 } 2611 2612 return ret; 2613 } 2614 #endif /* WOLFSSL_TLS13 */ 2048 2615 2049 2616 /* Process Session Ticket */ … … 2053 2620 word16 len; 2054 2621 2055 /* make sure can read through hint and len */ 2056 if (TICKET_HINT_LEN + LENGTH_SZ > *sslBytes) { 2622 #ifdef WOLFSSL_TLS13 2623 WOLFSSL* ssl; 2624 2625 if (session->flags.side == WOLFSSL_SERVER_END) 2626 ssl = session->sslServer; 2627 else 2628 ssl = session->sslClient; 2629 #endif 2630 2631 /* make sure can read through hint len */ 2632 if (TICKET_HINT_LEN > *sslBytes) { 2057 2633 SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE); 2058 2634 return -1; 2059 2635 } 2060 2061 input += TICKET_HINT_LEN; /* skip over hint */ 2636 input += TICKET_HINT_LEN; /* skip over hint len */ 2062 2637 *sslBytes -= TICKET_HINT_LEN; 2063 2638 2064 len = (word16)((input[0] << 8) | input[1]); 2065 input += LENGTH_SZ; 2066 *sslBytes -= LENGTH_SZ; 2067 2068 /* make sure can read through ticket */ 2069 if (len > *sslBytes || len < ID_LEN) { 2639 #ifdef WOLFSSL_TLS13 2640 /* TLS v1.3 has hint age and nonce */ 2641 if (IsAtLeastTLSv1_3(ssl->version)) { 2642 /* make sure can read through hint age and nonce len */ 2643 if (TICKET_HINT_AGE_LEN + 1 > *sslBytes) { 2644 SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE); 2645 return -1; 2646 } 2647 input += TICKET_HINT_AGE_LEN; /* skip over hint age */ 2648 *sslBytes -= TICKET_HINT_AGE_LEN; 2649 2650 /* ticket nonce */ 2651 len = input[0]; 2652 if (len > MAX_TICKET_NONCE_SZ) { 2653 SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE); 2654 return -1; 2655 } 2656 input += OPAQUE8_LEN; 2657 *sslBytes -= OPAQUE8_LEN; 2658 #ifdef HAVE_SESSION_TICKET 2659 /* store nonce in server for DeriveResumptionPSK */ 2660 session->sslServer->session.ticketNonce.len = len; 2661 if (len > 0) 2662 XMEMCPY(&session->sslServer->session.ticketNonce.data, input, len); 2663 #endif 2664 input += len; 2665 *sslBytes -= len; 2666 } 2667 #endif 2668 2669 /* make sure can read through len */ 2670 if (OPAQUE16_LEN > *sslBytes) { 2070 2671 SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE); 2071 2672 return -1; 2072 2673 } 2073 2674 2074 /* store session with macID as sessionID */ 2075 session->sslServer->options.haveSessionId = 1; 2076 XMEMCPY(session->sslServer->arrays->sessionID, input + len - ID_LEN,ID_LEN); 2675 len = (word16)((input[0] << 8) | input[1]); 2676 input += OPAQUE16_LEN; 2677 *sslBytes -= OPAQUE16_LEN; 2678 2679 /* make sure can read through ticket */ 2680 if (len > *sslBytes) { 2681 SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE); 2682 return -1; 2683 } 2684 2685 #ifdef WOLFSSL_TLS13 2686 /* TLS v1.3 has hint age and nonce */ 2687 if (IsAtLeastTLSv1_3(ssl->version)) { 2688 #ifdef HAVE_SESSION_TICKET 2689 if (SetTicket(ssl, input, len) != 0) { 2690 SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE); 2691 return -1; 2692 } 2693 /* set haveSessionId to use the wolfSession cache */ 2694 ssl->options.haveSessionId = 1; 2695 2696 /* Use the wolf Session cache to retain resumption secret */ 2697 if (session->flags.cached == 0) { 2698 WOLFSSL_SESSION* sess = GetSession(ssl, NULL, 0); 2699 if (sess == NULL) { 2700 AddSession(ssl); /* don't re add */ 2701 #ifdef WOLFSSL_SNIFFER_STATS 2702 INC_STAT(SnifferStats.sslResumptionInserts); 2703 #endif 2704 } 2705 session->flags.cached = 1; 2706 } 2707 #endif /* HAVE_SESSION_TICKET */ 2708 } 2709 else 2710 #endif /* WOLFSSL_TLS13 */ 2711 { 2712 /* capture last part of sessionID as macID (32 bytes) */ 2713 if (len < ID_LEN) { 2714 SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE); 2715 return -1; 2716 } 2717 /* store session with macID as sessionID */ 2718 session->sslServer->options.haveSessionId = 1; 2719 XMEMCPY(session->sslServer->arrays->sessionID, 2720 input + len - ID_LEN, ID_LEN); 2721 } 2077 2722 2078 2723 return 0; 2079 2724 } 2080 2725 2726 static int DoResume(SnifferSession* session, char* error) 2727 { 2728 int ret = 0; 2729 WOLFSSL_SESSION* resume; 2730 2731 #ifdef WOLFSSL_TLS13 2732 if (IsAtLeastTLSv1_3(session->sslServer->version)) { 2733 resume = GetSession(session->sslServer, 2734 session->sslServer->session.masterSecret, 0); 2735 } 2736 else 2737 #endif 2738 { 2739 resume = GetSession(session->sslServer, 2740 session->sslServer->arrays->masterSecret, 0); 2741 } 2742 if (resume == NULL) { 2743 /* a session id without resume is okay with hello_retry_request */ 2744 #ifdef WOLFSSL_SNIFFER_STATS 2745 INC_STAT(SnifferStats.sslStandardConns); 2746 #endif 2747 return 0; 2748 } 2749 2750 /* make sure client has master secret too */ 2751 #ifdef WOLFSSL_TLS13 2752 if (IsAtLeastTLSv1_3(session->sslServer->version)) { 2753 XMEMCPY(session->sslClient->session.masterSecret, 2754 session->sslServer->session.masterSecret, SECRET_LEN); 2755 } 2756 else 2757 #endif 2758 { 2759 XMEMCPY(session->sslClient->arrays->masterSecret, 2760 session->sslServer->arrays->masterSecret, SECRET_LEN); 2761 } 2762 session->flags.resuming = 1; 2763 2764 Trace(SERVER_DID_RESUMPTION_STR); 2765 #ifdef WOLFSSL_SNIFFER_STATS 2766 INC_STAT(SnifferStats.sslResumedConns); 2767 INC_STAT(SnifferStats.sslResumptionValid); 2768 #endif 2769 if (SetCipherSpecs(session->sslServer) != 0) { 2770 SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE); 2771 return -1; 2772 } 2773 2774 if (SetCipherSpecs(session->sslClient) != 0) { 2775 SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE); 2776 return -1; 2777 } 2778 2779 #ifdef WOLFSSL_TLS13 2780 if (IsAtLeastTLSv1_3(session->sslServer->version)) { 2781 #ifdef HAVE_SESSION_TICKET 2782 /* Resumption PSK is resumption master secret. */ 2783 session->sslServer->arrays->psk_keySz = session->sslServer->specs.hash_size; 2784 session->sslClient->arrays->psk_keySz = session->sslClient->specs.hash_size; 2785 ret = DeriveResumptionPSK(session->sslServer, session->sslServer->session.ticketNonce.data, 2786 session->sslServer->session.ticketNonce.len, session->sslServer->arrays->psk_key); 2787 /* Copy resumption PSK to client */ 2788 XMEMCPY(session->sslClient->arrays->psk_key, 2789 session->sslServer->arrays->psk_key, 2790 session->sslServer->arrays->psk_keySz); 2791 #endif 2792 /* handshake key setup below and traffic keys done in SetupKeys */ 2793 } 2794 else 2795 #endif 2796 { 2797 if (IsTLS(session->sslServer)) { 2798 ret = DeriveTlsKeys(session->sslServer); 2799 ret += DeriveTlsKeys(session->sslClient); 2800 } 2801 else { 2802 #ifndef NO_OLD_TLS 2803 ret = DeriveKeys(session->sslServer); 2804 ret += DeriveKeys(session->sslClient); 2805 #endif 2806 } 2807 ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE); 2808 ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE); 2809 } 2810 2811 if (ret != 0) { 2812 SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE); 2813 return -1; 2814 } 2815 2816 return ret; 2817 } 2081 2818 2082 2819 /* Process Server Hello */ … … 2084 2821 SnifferSession* session, char* error) 2085 2822 { 2823 int ret = 0; 2086 2824 ProtocolVersion pv; 2087 2825 byte b, b0; 2088 2826 int toRead = VERSION_SZ + RAN_LEN + ENUM_LEN; 2089 int doResume = 0; 2827 int doResume = 0; 2828 const byte* inputHello = input; 2090 2829 int initialBytes = *sslBytes; 2091 2830 2092 2831 (void)msgSz; 2093 (void)initialBytes;2094 2832 2095 2833 /* make sure we didn't miss ClientHello */ 2096 if (session->flags.clientHello == 0 ) {2097 SetError(MISSED_CLIENT_HELLO_STR, error, session, FATAL_ERROR_STATE);2098 return -1;2834 if (session->flags.clientHello == 0 || session->sslClient->arrays == NULL) { 2835 SetError(MISSED_CLIENT_HELLO_STR, error, session, 0); 2836 return 0; /* do not throw error, just ignore packet */ 2099 2837 } 2100 2838 … … 2111 2849 session->sslServer->version = pv; 2112 2850 session->sslClient->version = pv; 2851 if (pv.minor >= TLSv1_MINOR) { 2852 session->sslServer->options.tls = 1; 2853 session->sslClient->options.tls = 1; 2854 } 2113 2855 2114 2856 XMEMCPY(session->sslServer->arrays->serverRandom, input, RAN_LEN); 2115 2857 XMEMCPY(session->sslClient->arrays->serverRandom, input, RAN_LEN); 2116 input += RAN_LEN;2858 input += RAN_LEN; 2117 2859 *sslBytes -= RAN_LEN; 2118 2860 … … 2126 2868 } 2127 2869 if (b) { 2870 #ifdef WOLFSSL_TLS13 2871 XMEMCPY(session->sslServer->session.sessionID, input, ID_LEN); 2872 #endif 2128 2873 XMEMCPY(session->sslServer->arrays->sessionID, input, ID_LEN); 2129 2874 session->sslServer->options.haveSessionId = 1; … … 2169 2914 } 2170 2915 2171 #ifdef HAVE_EXTENDED_MASTER2172 2916 /* extensions */ 2173 2917 if ((initialBytes - *sslBytes) < msgSz) { … … 2190 2934 2191 2935 while (len >= EXT_TYPE_SZ + LENGTH_SZ) { 2192 byte extType[EXT_TYPE_SZ];2936 word16 extType; 2193 2937 word16 extLen; 2194 2938 2195 extType[0] = input[0]; 2196 extType[1] = input[1]; 2939 extType = (word16)((input[0] << 8) | input[1]); 2197 2940 input += EXT_TYPE_SZ; 2198 2941 *sslBytes -= EXT_TYPE_SZ; 2199 2942 2200 extLen = (word16)((input[0] << 8) | input[1]);2943 extLen = (word16)((input[0] << 8) | input[1]); 2201 2944 input += LENGTH_SZ; 2202 2945 *sslBytes -= LENGTH_SZ; … … 2209 2952 } 2210 2953 2211 if (extType[0] == 0x00 && extType[1] == EXT_MASTER_SECRET) { 2954 switch (extType) { 2955 #ifdef WOLFSSL_TLS13 2956 case EXT_KEY_SHARE: 2957 ret = ProcessServerKeyShare(session, input, extLen, error); 2958 if (ret != 0) { 2959 SetError(SERVER_HELLO_INPUT_STR, error, session, 2960 FATAL_ERROR_STATE); 2961 return -1; 2962 } 2963 break; 2964 #endif 2965 #ifdef HAVE_SESSION_TICKET 2966 case EXT_PRE_SHARED_KEY: 2967 /* indicates we want to use resumption */ 2968 session->sslServer->options.resuming = 1; 2969 session->sslClient->options.resuming = 1; 2970 #ifdef WOLFSSL_TLS13 2971 /* default nonce to len = 1, data = 0 */ 2972 session->sslServer->session.ticketNonce.len = 1; 2973 session->sslServer->session.ticketNonce.data[0] = 0; 2974 session->sslClient->session.ticketNonce.len = 1; 2975 session->sslClient->session.ticketNonce.data[0] = 0; 2976 #endif 2977 break; 2978 #endif 2979 #ifdef HAVE_MAX_FRAGMENT 2980 case EXT_MAX_FRAGMENT_LENGTH: 2981 { 2982 word16 max_fragment = MAX_RECORD_SIZE; 2983 switch (input[0]) { 2984 case WOLFSSL_MFL_2_8 : max_fragment = 256; break; 2985 case WOLFSSL_MFL_2_9 : max_fragment = 512; break; 2986 case WOLFSSL_MFL_2_10: max_fragment = 1024; break; 2987 case WOLFSSL_MFL_2_11: max_fragment = 2048; break; 2988 case WOLFSSL_MFL_2_12: max_fragment = 4096; break; 2989 case WOLFSSL_MFL_2_13: max_fragment = 8192; break; 2990 default: break; 2991 } 2992 session->sslServer->max_fragment = max_fragment; 2993 session->sslClient->max_fragment = max_fragment; 2994 break; 2995 } 2996 #endif 2997 case EXT_SUPPORTED_VERSIONS: 2998 session->sslServer->version.major = input[0]; 2999 session->sslServer->version.minor = input[1]; 3000 session->sslClient->version.major = input[0]; 3001 session->sslClient->version.minor = input[1]; 3002 if (IsAtLeastTLSv1_3(session->sslServer->version)) { 3003 /* The server side handshake encryption is on for future packets */ 3004 session->flags.serverCipherOn = 1; 3005 } 3006 break; 3007 case EXT_MASTER_SECRET: 3008 #ifdef HAVE_EXTENDED_MASTER 2212 3009 session->flags.expectEms = 1; 3010 #endif 3011 break; 2213 3012 } 2214 3013 … … 2219 3018 } 2220 3019 3020 #ifdef HAVE_EXTENDED_MASTER 2221 3021 if (!session->flags.expectEms) { 2222 3022 XFREE(session->hash, NULL, DYNAMIC_TYPE_HASHES); … … 2227 3027 if (session->sslServer->options.haveSessionId) { 2228 3028 if (XMEMCMP(session->sslServer->arrays->sessionID, 2229 session->sslClient->arrays->sessionID, ID_LEN) == 0)3029 session->sslClient->arrays->sessionID, ID_LEN) == 0) { 2230 3030 doResume = 1; 2231 } 3031 } 3032 } 2232 3033 else if (session->sslClient->options.haveSessionId == 0 && 2233 3034 session->sslServer->options.haveSessionId == 0 && 2234 session->ticketID) 3035 session->ticketID) { 2235 3036 doResume = 1; 3037 } 2236 3038 2237 3039 if (session->ticketID && doResume) { … … 2242 3044 } 2243 3045 2244 if (doResume ) { 2245 int ret = 0; 2246 SSL_SESSION* resume = GetSession(session->sslServer, 2247 session->sslServer->arrays->masterSecret, 0); 2248 if (resume == NULL) { 2249 #ifdef WOLFSSL_SNIFFER_STATS 2250 INC_STAT(SnifferStats.sslResumeMisses); 2251 #endif 2252 SetError(BAD_SESSION_RESUME_STR, error, session, FATAL_ERROR_STATE); 2253 return -1; 2254 } 2255 /* make sure client has master secret too */ 2256 XMEMCPY(session->sslClient->arrays->masterSecret, 2257 session->sslServer->arrays->masterSecret, SECRET_LEN); 2258 session->flags.resuming = 1; 2259 2260 Trace(SERVER_DID_RESUMPTION_STR); 2261 #ifdef WOLFSSL_SNIFFER_STATS 2262 INC_STAT(SnifferStats.sslResumedConns); 2263 INC_STAT(SnifferStats.sslResumptionValid); 2264 #endif 2265 if (SetCipherSpecs(session->sslServer) != 0) { 2266 SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE); 2267 return -1; 2268 } 2269 2270 if (SetCipherSpecs(session->sslClient) != 0) { 2271 SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE); 2272 return -1; 2273 } 2274 2275 if (session->sslServer->options.tls) { 2276 ret = DeriveTlsKeys(session->sslServer); 2277 ret += DeriveTlsKeys(session->sslClient); 2278 } 2279 else { 2280 ret = DeriveKeys(session->sslServer); 2281 ret += DeriveKeys(session->sslClient); 2282 } 2283 ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE); 2284 ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE); 2285 3046 #ifdef WOLFSSL_TLS13 3047 /* Is TLS v1.3 hello_retry_request? */ 3048 if (IsAtLeastTLSv1_3(session->sslServer->version) && session->srvKs.key_len == 0) { 3049 Trace(GOT_HELLO_RETRY_REQ_STR); 3050 3051 /* do not compute keys yet */ 3052 session->flags.serverCipherOn = 0; 3053 3054 /* make sure the mac and digest size are set */ 3055 SetCipherSpecs(session->sslServer); 3056 SetCipherSpecs(session->sslClient); 3057 3058 /* reset hashes */ 3059 RestartHandshakeHash(session->sslServer); 3060 RestartHandshakeHash(session->sslClient); 3061 3062 doResume = 0; 3063 } 3064 #endif 3065 3066 /* hash server_hello */ 3067 HashRaw(session->sslServer, inputHello - HANDSHAKE_HEADER_SZ, 3068 initialBytes + HANDSHAKE_HEADER_SZ); 3069 HashRaw(session->sslClient, inputHello - HANDSHAKE_HEADER_SZ, 3070 initialBytes + HANDSHAKE_HEADER_SZ); 3071 3072 if (doResume) { 3073 ret = DoResume(session, error); 2286 3074 if (ret != 0) { 2287 SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE); 2288 return -1; 3075 return ret; 2289 3076 } 2290 3077 } … … 2294 3081 #endif 2295 3082 } 3083 2296 3084 #ifdef SHOW_SECRETS 2297 { 2298 int i; 2299 printf("cipher suite = 0x%02x\n", 2300 session->sslServer->options.cipherSuite); 2301 printf("server random: "); 2302 for (i = 0; i < RAN_LEN; i++) 2303 printf("%02x", session->sslServer->arrays->serverRandom[i]); 2304 printf("\n"); 2305 } 2306 #endif 3085 printf("cipher suite = 0x%02x\n", session->sslServer->options.cipherSuite); 3086 PrintSecret("server random", session->sslServer->arrays->serverRandom, RAN_LEN); 3087 #endif 3088 3089 #ifdef WOLFSSL_TLS13 3090 /* Setup handshake keys */ 3091 if (IsAtLeastTLSv1_3(session->sslServer->version) && session->srvKs.key_len > 0) { 3092 KeyBuffers_t keys; 3093 XMEMSET(&keys, 0, sizeof(keys)); 3094 keys.rsaKey = session->sslServer->buffers.key; 3095 #ifdef WOLFSSL_STATIC_EPHEMERAL 3096 #ifndef NO_DH 3097 keys.dhKey = session->sslServer->staticKE.dhKey; 3098 #endif 3099 #ifdef HAVE_ECC 3100 keys.ecKey = session->sslServer->staticKE.ecKey; 3101 #endif 3102 #endif 3103 ret = SetupKeys(session->cliKs.key, &session->cliKs.key_len, 3104 session, error, &session->cliKs, &keys); 3105 if (ret != 0) { 3106 SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE); 3107 return ret; 3108 } 3109 3110 if (session->flags.side == WOLFSSL_SERVER_END) 3111 session->flags.serverCipherOn = 1; 3112 else 3113 session->flags.clientCipherOn = 1; 3114 } 3115 #endif 3116 2307 3117 return 0; 2308 3118 } … … 2313 3123 SnifferSession* session, char* error) 2314 3124 { 3125 int ret = 0; 2315 3126 byte bLen; 2316 3127 word16 len; 2317 3128 int toRead = VERSION_SZ + RAN_LEN + ENUM_LEN; 3129 const byte* inputHello = input; 3130 int inputHelloSz = *sslBytes; 3131 WOLFSSL* ssl = session->sslServer; 3132 int didHash = 0; 2318 3133 2319 3134 #ifdef HAVE_SNI … … 2321 3136 byte name[MAX_SERVER_NAME]; 2322 3137 word32 nameSz = sizeof(name); 2323 int ret;2324 3138 2325 3139 ret = wolfSSL_SNI_GetFromBuffer( … … 2339 3153 if (nameSz == namedKey->nameSz && 2340 3154 XSTRNCMP((char*)name, namedKey->name, nameSz) == 0) { 2341 if (wolfSSL_use_PrivateKey_buffer(session->sslServer, 2342 namedKey->key, namedKey->keySz, 2343 WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) { 3155 #ifdef WOLFSSL_STATIC_EPHEMERAL 3156 if (namedKey->isEphemeralKey) { 3157 /* auto detect key type with WC_PK_TYPE_NONE */ 3158 ret = wolfSSL_set_ephemeral_key(ssl, 3159 WC_PK_TYPE_NONE, (const char*)namedKey->key, 3160 namedKey->keySz, WOLFSSL_FILETYPE_ASN1); 3161 if (ret == 0) 3162 ret = WOLFSSL_SUCCESS; 3163 } 3164 else 3165 #endif 3166 { 3167 ret = wolfSSL_use_PrivateKey_buffer(ssl, 3168 namedKey->key, namedKey->keySz, 3169 WOLFSSL_FILETYPE_ASN1); 3170 } 3171 if (ret != WOLFSSL_SUCCESS) { 2344 3172 wc_UnLockMutex(&session->context->namedKeysMutex); 2345 3173 SetError(CLIENT_HELLO_LATE_KEY_STR, error, session, … … 2355 3183 wc_UnLockMutex(&session->context->namedKeysMutex); 2356 3184 } 3185 /* SSLv3 does not support the SNI TLS Extension and may return SNI_UNSUPPORTED */ 3186 if (ret > 0 || ret == SNI_UNSUPPORTED) { 3187 /* make sure WOLFSSL_SUCCESS is converted to zero error code */ 3188 ret = 0; 3189 } 2357 3190 } 2358 3191 #endif … … 2385 3218 } 2386 3219 Trace(CLIENT_RESUME_TRY_STR); 3220 #ifdef WOLFSSL_TLS13 3221 XMEMCPY(session->sslClient->session.sessionID, input, ID_LEN); 3222 #endif 2387 3223 XMEMCPY(session->sslClient->arrays->sessionID, input, ID_LEN); 2388 3224 session->sslClient->options.haveSessionId = 1; 2389 3225 } 3226 2390 3227 #ifdef SHOW_SECRETS 2391 { 2392 int i; 2393 printf("client random: "); 2394 for (i = 0; i < RAN_LEN; i++) 2395 printf("%02x", session->sslServer->arrays->clientRandom[i]); 2396 printf("\n"); 2397 } 3228 PrintSecret("client random", ssl->arrays->clientRandom, RAN_LEN); 2398 3229 #endif 2399 3230 … … 2450 3281 2451 3282 while (len >= EXT_TYPE_SZ + LENGTH_SZ) { 2452 byte extType[EXT_TYPE_SZ];3283 word16 extType; 2453 3284 word16 extLen; 2454 3285 2455 extType[0] = input[0]; 2456 extType[1] = input[1]; 3286 extType = (word16)((input[0] << 8) | input[1]); 2457 3287 input += EXT_TYPE_SZ; 2458 3288 *sslBytes -= EXT_TYPE_SZ; 2459 3289 2460 extLen = (word16)((input[0] << 8) | input[1]);3290 extLen = (word16)((input[0] << 8) | input[1]); 2461 3291 input += LENGTH_SZ; 2462 3292 *sslBytes -= LENGTH_SZ; … … 2468 3298 } 2469 3299 2470 if (extType[0] == 0x00 && extType[1] == TICKET_EXT_ID) { 2471 3300 switch (extType) { 3301 #ifdef WOLFSSL_TLS13 3302 case EXT_KEY_SHARE: 3303 { 3304 word16 ksLen = (word16)((input[0] << 8) | input[1]); 3305 if (ksLen + OPAQUE16_LEN > extLen) { 3306 SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE); 3307 return -1; 3308 } 3309 /* cache key share data till server_hello */ 3310 session->cliKeyShareSz = ksLen; 3311 session->cliKeyShare = (byte*)XMALLOC(ksLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); 3312 if (session->cliKeyShare == NULL) { 3313 SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE); 3314 break; 3315 } 3316 XMEMCPY(session->cliKeyShare, &input[2], ksLen); 3317 break; 3318 } 3319 #ifdef HAVE_SESSION_TICKET 3320 case EXT_PRE_SHARED_KEY: 3321 { 3322 word16 idsLen, idLen, bindersLen, idx = 0; 3323 word32 ticketAge; 3324 const byte *identity, *binders; 3325 3326 idsLen = (word16)((input[idx] << 8) | input[idx+1]); 3327 if (idsLen + OPAQUE16_LEN + idx > extLen) { 3328 SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE); 3329 return -1; 3330 } 3331 idx += OPAQUE16_LEN; 3332 3333 /* PSK identity */ 3334 idLen = (word16)((input[idx] << 8) | input[idx+1]); 3335 if (idLen + OPAQUE16_LEN + idx > extLen) { 3336 SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE); 3337 return -1; 3338 } 3339 idx += OPAQUE16_LEN; 3340 identity = &input[idx]; 3341 idx += idLen; 3342 3343 /* Obfuscated Ticket Age 32-bits */ 3344 ticketAge = (word32)((input[idx] << 24) | (input[idx+1] << 16) | 3345 (input[idx+2] << 8) | input[idx+3]); 3346 (void)ticketAge; /* not used */ 3347 idx += OPAQUE32_LEN; 3348 3349 /* binders - all binders */ 3350 bindersLen = (word16)((input[idx] << 8) | input[idx+1]); 3351 if (bindersLen + OPAQUE16_LEN + idx > extLen) { 3352 SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE); 3353 return -1; 3354 } 3355 idx += OPAQUE16_LEN; 3356 binders = &input[idx]; 3357 bindersLen += OPAQUE16_LEN; /* includes 2 bytes for total len */ 3358 (void)binders; /* not used */ 3359 3360 /* Hash data up to binders for deriving binders in PSK extension. */ 3361 HashRaw(session->sslServer, inputHello - HANDSHAKE_HEADER_SZ, 3362 inputHelloSz - bindersLen + HANDSHAKE_HEADER_SZ); 3363 HashRaw(session->sslClient, inputHello - HANDSHAKE_HEADER_SZ, 3364 inputHelloSz - bindersLen + HANDSHAKE_HEADER_SZ); 3365 3366 /* call to decrypt session ticket */ 3367 if (DoClientTicket(ssl, identity, idLen) != 0) { 3368 /* we aren't decrypting the resumption, since we know the master secret */ 3369 /* ignore errors */ 3370 } 3371 ssl->options.resuming = 1; 3372 3373 /* Hash the rest of the ClientHello. */ 3374 HashRaw(session->sslServer, inputHello + inputHelloSz - bindersLen, bindersLen); 3375 HashRaw(session->sslClient, inputHello + inputHelloSz - bindersLen, bindersLen); 3376 didHash = 1; 3377 break; 3378 } 3379 #endif /* HAVE_SESSION_TICKET */ 3380 #endif /* WOLFSSL_TLS13 */ 3381 case EXT_SUPPORTED_VERSIONS: 3382 break; 3383 case EXT_TICKET_ID: 2472 3384 /* make sure can read through ticket if there is a non blank one */ 2473 3385 if (extLen && extLen < ID_LEN) { … … 2476 3388 return -1; 2477 3389 } 2478 2479 3390 if (extLen) { 2480 if (session->ticketID == 0) {3391 if (session->ticketID == NULL) { 2481 3392 session->ticketID = (byte*)XMALLOC(ID_LEN, 2482 3393 NULL, DYNAMIC_TYPE_SNIFFER_TICKET_ID); … … 2489 3400 XMEMCPY(session->ticketID, input + extLen - ID_LEN, ID_LEN); 2490 3401 } 3402 break; 2491 3403 } 2492 3404 … … 2496 3408 } 2497 3409 2498 return 0; 3410 if (!didHash) { 3411 HashRaw(session->sslServer, inputHello - HANDSHAKE_HEADER_SZ, 3412 inputHelloSz + HANDSHAKE_HEADER_SZ); 3413 HashRaw(session->sslClient, inputHello - HANDSHAKE_HEADER_SZ, 3414 inputHelloSz + HANDSHAKE_HEADER_SZ); 3415 } 3416 3417 (void)ssl; 3418 3419 return ret; 2499 3420 } 2500 3421 2501 3422 2502 3423 #ifdef WOLFSSL_SNIFFER_WATCH 3424 3425 static int KeyWatchCall(SnifferSession* session, const byte* data, int dataSz, 3426 char* error) 3427 { 3428 int ret; 3429 Sha256 sha; 3430 byte digest[SHA256_DIGEST_SIZE]; 3431 3432 if (WatchCb == NULL) { 3433 SetError(WATCH_CB_MISSING_STR, error, session, FATAL_ERROR_STATE); 3434 return -1; 3435 } 3436 3437 ret = wc_InitSha256(&sha); 3438 if (ret == 0) 3439 ret = wc_Sha256Update(&sha, data, dataSz); 3440 if (ret == 0) 3441 ret = wc_Sha256Final(&sha, digest); 3442 if (ret != 0) { 3443 SetError(WATCH_HASH_STR, error, session, FATAL_ERROR_STATE); 3444 return -1; 3445 } 3446 3447 ret = WatchCb((void*)session, digest, sizeof(digest), 3448 data, dataSz, WatchCbCtx, error); 3449 if (ret != 0) { 3450 #ifdef WOLFSSL_SNIFFER_STATS 3451 INC_STAT(SnifferStats.sslKeysUnmatched); 3452 #endif 3453 SetError(WATCH_FAIL_STR, error, session, FATAL_ERROR_STATE); 3454 ret = -1; 3455 } 3456 else { 3457 #ifdef WOLFSSL_SNIFFER_STATS 3458 INC_STAT(SnifferStats.sslKeyMatches); 3459 #endif 3460 } 3461 return ret; 3462 } 2503 3463 2504 3464 /* Process Certificate */ … … 2506 3466 SnifferSession* session, char* error) 2507 3467 { 2508 Sha256 sha;2509 const byte* certChain;2510 3468 word32 certChainSz; 2511 3469 word32 certSz; 2512 int ret;2513 byte digest[SHA256_DIGEST_SIZE];2514 3470 2515 3471 /* If the receiver is the server, this is the client certificate message, … … 2518 3474 return 0; 2519 3475 2520 if (WatchCb == NULL) {2521 SetError(WATCH_CB_MISSING_STR, error, session, FATAL_ERROR_STATE);2522 return -1;2523 }2524 2525 3476 if (*sslBytes < CERT_HEADER_SZ) { 2526 3477 SetError(BAD_CERT_MSG_STR, error, session, FATAL_ERROR_STATE); 2527 3478 return -1; 2528 3479 } 3480 3481 #ifdef WOLFSSL_TLS13 3482 if (IsAtLeastTLSv1_3(session->sslServer->version)) { 3483 /* skip 1 byte (Request context len) */ 3484 input += OPAQUE8_LEN; 3485 *sslBytes -= OPAQUE8_LEN; 3486 } 3487 #endif 3488 2529 3489 ato24(input, &certChainSz); 2530 3490 *sslBytes -= CERT_HEADER_SZ; … … 2535 3495 return -1; 2536 3496 } 2537 certChain = input;2538 3497 2539 3498 ato24(input, &certSz); … … 2546 3505 *sslBytes -= certChainSz; 2547 3506 2548 ret = wc_InitSha256(&sha); 2549 if (ret == 0) 2550 ret = wc_Sha256Update(&sha, input, certSz); 2551 if (ret == 0) 2552 ret = wc_Sha256Final(&sha, digest); 2553 if (ret != 0) { 2554 SetError(WATCH_HASH_STR, error, session, FATAL_ERROR_STATE); 2555 return -1; 2556 } 2557 2558 ret = WatchCb((void*)session, digest, sizeof(digest), 2559 certChain, certChainSz, WatchCbCtx, error); 2560 if (ret != 0) { 2561 #ifdef WOLFSSL_SNIFFER_STATS 2562 INC_STAT(SnifferStats.sslKeysUnmatched); 2563 #endif 2564 SetError(WATCH_FAIL_STR, error, session, FATAL_ERROR_STATE); 2565 return -1; 2566 } 2567 else { 2568 #ifdef WOLFSSL_SNIFFER_STATS 2569 INC_STAT(SnifferStats.sslKeyMatches); 2570 #endif 2571 } 2572 2573 return 0; 3507 return KeyWatchCall(session, input, certSz, error); 2574 3508 } 2575 3509 … … 2581 3515 SnifferSession* session, char* error) 2582 3516 { 2583 SSL*ssl;3517 WOLFSSL* ssl; 2584 3518 word32 inOutIdx = 0; 2585 3519 int ret; … … 2590 3524 ssl = session->sslClient; 2591 3525 2592 ret = DoFinished(ssl, input, &inOutIdx, (word32) size, (word32) *sslBytes, 2593 SNIFF); 3526 #ifdef WOLFSSL_TLS13 3527 if (IsAtLeastTLSv1_3(ssl->version)) { 3528 ret = DoTls13Finished(ssl, input, &inOutIdx, (word32)size, 3529 (word32)*sslBytes, SNIFF); 3530 3531 ssl->options.handShakeState = HANDSHAKE_DONE; 3532 ssl->options.handShakeDone = 1; 3533 } 3534 else 3535 #endif 3536 { 3537 ret = DoFinished(ssl, input, &inOutIdx, (word32)size, 3538 (word32)*sslBytes, SNIFF); 3539 } 2594 3540 *sslBytes -= (int)inOutIdx; 2595 3541 … … 2612 3558 } 2613 3559 3560 #ifdef WOLFSSL_TLS13 3561 /* Derive TLS v1.3 traffic keys */ 3562 if (IsAtLeastTLSv1_3(ssl->version)) { 3563 if (!session->flags.gotFinished) { 3564 /* When either side gets "finished" derive master secret and keys */ 3565 ret = DeriveMasterSecret(session->sslServer); 3566 ret += DeriveMasterSecret(session->sslClient); 3567 #ifdef WOLFSSL_EARLY_DATA 3568 ret += DeriveTls13Keys(session->sslServer, traffic_key, ENCRYPT_AND_DECRYPT_SIDE, ssl->earlyData == no_early_data); 3569 ret += DeriveTls13Keys(session->sslClient, traffic_key, ENCRYPT_AND_DECRYPT_SIDE, ssl->earlyData == no_early_data); 3570 #else 3571 ret += DeriveTls13Keys(session->sslServer, traffic_key, ENCRYPT_AND_DECRYPT_SIDE, 1); 3572 ret += DeriveTls13Keys(session->sslClient, traffic_key, ENCRYPT_AND_DECRYPT_SIDE, 1); 3573 #endif 3574 3575 if (ret != 0) { 3576 SetError(BAD_FINISHED_MSG, error, session, FATAL_ERROR_STATE); 3577 return -1; 3578 } 3579 3580 session->flags.gotFinished = 1; 3581 #ifdef SHOW_SECRETS 3582 ShowTlsSecrets(session); 3583 #endif 3584 } 3585 3586 if (session->flags.side == WOLFSSL_SERVER_END) { 3587 /* finished from client to server */ 3588 ret = SetKeysSide(session->sslServer, DECRYPT_SIDE_ONLY); 3589 ret += SetKeysSide(session->sslClient, ENCRYPT_SIDE_ONLY); 3590 3591 #ifdef HAVE_SESSION_TICKET 3592 /* derive resumption secret for next session - on finished (from client) */ 3593 ret += DeriveResumptionSecret(session->sslClient, session->sslClient->session.masterSecret); 3594 3595 /* copy resumption secret to server */ 3596 XMEMCPY(session->sslServer->session.masterSecret, 3597 session->sslClient->session.masterSecret, SECRET_LEN); 3598 #ifdef SHOW_SECRETS 3599 PrintSecret("resumption secret", session->sslClient->session.masterSecret, SECRET_LEN); 3600 #endif 3601 #endif 3602 } 3603 else { 3604 /* finished from server to client */ 3605 ret = SetKeysSide(session->sslServer, ENCRYPT_SIDE_ONLY); 3606 ret += SetKeysSide(session->sslClient, DECRYPT_SIDE_ONLY); 3607 } 3608 3609 if (ret != 0) { 3610 SetError(BAD_FINISHED_MSG, error, session, FATAL_ERROR_STATE); 3611 return -1; 3612 } 3613 } 3614 #endif 3615 2614 3616 /* If receiving a finished message from one side, free the resources 2615 3617 * from the other side's tracker. */ … … 2625 3627 /* Process HandShake input */ 2626 3628 static int DoHandShake(const byte* input, int* sslBytes, 2627 SnifferSession* session, char* error )3629 SnifferSession* session, char* error, word16 rhSize) 2628 3630 { 2629 3631 byte type; 2630 3632 int size; 2631 3633 int ret = 0; 2632 int startBytes; 3634 WOLFSSL* ssl; 3635 int startBytes; 3636 3637 (void)rhSize; 3638 3639 #ifdef HAVE_MAX_FRAGMENT 3640 if (session->tlsFragBuf) { 3641 XMEMCPY(session->tlsFragBuf + session->tlsFragOffset, input, rhSize); 3642 session->tlsFragOffset += rhSize; 3643 *sslBytes -= rhSize; 3644 3645 if (session->tlsFragOffset < session->tlsFragSize) { 3646 return 0; 3647 } 3648 3649 /* reassembled complete fragment */ 3650 input = session->tlsFragBuf; 3651 *sslBytes = session->tlsFragSize; 3652 rhSize = session->tlsFragSize; 3653 } 3654 #endif 2633 3655 2634 3656 if (*sslBytes < HANDSHAKE_HEADER_SZ) { … … 2649 3671 } 2650 3672 2651 /* A session's arrays are released when the handshake is completed. */ 2652 if (session->sslServer->arrays == NULL && 2653 session->sslClient->arrays == NULL) { 2654 2655 SetError(NO_SECURE_RENEGOTIATION, error, session, FATAL_ERROR_STATE); 2656 return -1; 2657 } 2658 3673 if (session->flags.side == WOLFSSL_SERVER_END) 3674 ssl = session->sslServer; 3675 else 3676 ssl = session->sslClient; 3677 3678 #ifdef HAVE_SECURE_RENEGOTIATION 3679 if (!IsAtLeastTLSv1_3(ssl->version)) { 3680 /* A session's arrays are released when the handshake is completed. */ 3681 if (session->sslServer->arrays == NULL && 3682 session->sslClient->arrays == NULL) { 3683 3684 SetError(NO_SECURE_RENEGOTIATION, error, session, FATAL_ERROR_STATE); 3685 return -1; 3686 } 3687 } 3688 #endif 3689 3690 #ifdef HAVE_MAX_FRAGMENT 3691 if (rhSize < size) { 3692 /* partial fragment, let's reassemble */ 3693 if (session->tlsFragBuf == NULL) { 3694 session->tlsFragOffset = 0; 3695 session->tlsFragSize = size + HANDSHAKE_HEADER_SZ; 3696 session->tlsFragBuf = (byte*)XMALLOC(session->tlsFragSize, NULL, DYNAMIC_TYPE_TMP_BUFFER); 3697 if (session->tlsFragBuf == NULL) { 3698 SetError(MEMORY_STR, error, NULL, 0); 3699 return 0; 3700 } 3701 3702 /* include the handshake header */ 3703 input -= HANDSHAKE_HEADER_SZ; 3704 *sslBytes += HANDSHAKE_HEADER_SZ; 3705 } 3706 3707 XMEMCPY(session->tlsFragBuf + session->tlsFragOffset, input, rhSize); 3708 session->tlsFragOffset += rhSize; 3709 *sslBytes -= rhSize; 3710 return 0; 3711 } 3712 #endif 3713 3714 #ifdef WOLFSSL_TLS13 3715 if (type != client_hello && type != server_hello) { 3716 /* For resumption the hash is before / after client_hello PSK binder */ 3717 /* hash the packet including header */ 3718 /* TLS v1.3 requires the hash for the handshake and transfer key derivation */ 3719 /* we hash even for non TLS v1.3, since we don't know if its actually 3720 TLS v1.3 till later at EXT_SUPPORTED_VERSIONS in server_hello */ 3721 /* hello retry request restarts hash prior to server_hello hash calc */ 3722 HashRaw(session->sslServer, input - HANDSHAKE_HEADER_SZ, size + HANDSHAKE_HEADER_SZ); 3723 HashRaw(session->sslClient, input - HANDSHAKE_HEADER_SZ, size + HANDSHAKE_HEADER_SZ); 3724 } 3725 #endif 2659 3726 #ifdef HAVE_EXTENDED_MASTER 2660 3727 if (session->hash) { … … 2662 3729 SetError(EXTENDED_MASTER_HASH_STR, error, 2663 3730 session, FATAL_ERROR_STATE); 2664 return -1; 3731 ret = -1; 3732 goto exit; 2665 3733 } 2666 3734 } … … 2694 3762 ret = -1; 2695 3763 break; 3764 case encrypted_extensions: 3765 Trace(GOT_ENC_EXT_STR); 3766 ssl->msgsReceived.got_encrypted_extensions = 1; 3767 break; 2696 3768 case certificate: 2697 3769 Trace(GOT_CERT_STR); … … 2753 3825 default: 2754 3826 SetError(GOT_UNKNOWN_HANDSHAKE_STR, error, session, 0); 2755 return -1; 2756 } 3827 ret = -1; 3828 break; 3829 } 3830 3831 #ifdef HAVE_EXTENDED_MASTER 3832 exit: 3833 #endif 3834 #ifdef HAVE_MAX_FRAGMENT 3835 if (session->tlsFragBuf) { 3836 XFREE(session->tlsFragBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 3837 session->tlsFragBuf = NULL; 3838 } 3839 #endif 2757 3840 2758 3841 *sslBytes = startBytes - size; /* actual bytes of full process */ … … 2763 3846 2764 3847 /* Decrypt input into plain output, 0 on success */ 2765 static int Decrypt( SSL* ssl, byte* output, const byte* input, word32 sz)3848 static int Decrypt(WOLFSSL* ssl, byte* output, const byte* input, word32 sz) 2766 3849 { 2767 3850 int ret = 0; … … 2814 3897 #endif 2815 3898 2816 #if def HAVE_AESGCM3899 #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) 2817 3900 case wolfssl_aes_gcm: 2818 if (sz >= (word32)(AESGCM_EXP_IV_SZ + ssl->specs.aead_mac_size)) 2819 { 2820 /* scratch buffer, sniffer ignores auth tag*/ 3901 case wolfssl_aes_ccm: /* GCM AEAD macros use same size as CCM */ 3902 if (sz >= (word32)(AESGCM_EXP_IV_SZ + ssl->specs.aead_mac_size)) { 3903 /* scratch buffer, sniffer ignores auth tag */ 3904 wc_AesAuthEncryptFunc aes_auth_fn; 2821 3905 byte authTag[WOLFSSL_MIN_AUTH_TAG_SZ]; 2822 2823 3906 byte nonce[AESGCM_NONCE_SZ]; 2824 3907 XMEMCPY(nonce, ssl->keys.aead_dec_imp_IV, AESGCM_IMP_IV_SZ); 2825 3908 XMEMCPY(nonce + AESGCM_IMP_IV_SZ, input, AESGCM_EXP_IV_SZ); 2826 3909 2827 if (wc_AesGcmEncrypt(ssl->decrypt.aes, 3910 /* use encrypt because we don't care about authtag */ 3911 #if defined(BUILD_AESGCM) && defined(HAVE_AESCCM) 3912 aes_auth_fn = (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) 3913 ? wc_AesGcmEncrypt : wc_AesCcmEncrypt; 3914 #elif defined(BUILD_AESGCM) 3915 aes_auth_fn = wc_AesGcmEncrypt; 3916 #else 3917 aes_auth_fn = wc_AesCcmEncrypt; 3918 #endif 3919 if (aes_auth_fn(ssl->decrypt.aes, 2828 3920 output, 2829 3921 input + AESGCM_EXP_IV_SZ, … … 2842 3934 } 2843 3935 break; 2844 3936 #endif 2845 3937 2846 3938 #ifdef HAVE_NULL_CIPHER … … 2861 3953 2862 3954 /* Decrypt input message into output, adjust output steam if needed */ 2863 static const byte* DecryptMessage( SSL* ssl, const byte* input, word32 sz,2864 byte* output, int* error, int* advance)3955 static const byte* DecryptMessage(WOLFSSL* ssl, const byte* input, word32 sz, 3956 byte* output, int* error, int* advance, RecordLayerHeader* rh) 2865 3957 { 2866 3958 int ivExtra = 0; 2867 2868 int ret = Decrypt(ssl, output, input, sz); 3959 int ret; 3960 3961 #ifdef WOLFSSL_TLS13 3962 if (IsAtLeastTLSv1_3(ssl->version)) { 3963 ret = DecryptTls13(ssl, output, input, sz, (byte*)rh, RECORD_HEADER_SZ); 3964 } 3965 else 3966 #endif 3967 { 3968 ret = Decrypt(ssl, output, input, sz); 3969 } 2869 3970 if (ret != 0) { 2870 3971 *error = ret; … … 2873 3974 ssl->keys.encryptSz = sz; 2874 3975 if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) { 2875 output += ssl->specs.block_size; 3976 output += ssl->specs.block_size; /* go past TLSv1.1 IV */ 2876 3977 ivExtra = ssl->specs.block_size; 2877 3978 *advance = ssl->specs.block_size; … … 2887 3988 if (ssl->specs.cipher_type == block) 2888 3989 ssl->keys.padSz += *(output + sz - ivExtra - 1) + 1; 3990 3991 #ifdef WOLFSSL_TLS13 3992 if (IsAtLeastTLSv1_3(ssl->version)) { 3993 word16 i = (word16)(sz - ssl->keys.padSz); 3994 /* Remove padding from end of plain text. */ 3995 for (--i; i > 0; i--) { 3996 if (output[i] != 0) 3997 break; 3998 } 3999 /* Get the real content type from the end of the data. */ 4000 rh->type = output[i]; 4001 ssl->keys.padSz = sz - i; 4002 } 4003 #endif 4004 (void)rh; 2889 4005 2890 4006 return output; … … 2943 4059 while (session) { 2944 4060 SnifferSession* next = session->next; 2945 if ( time(NULL) >= session->lastUsed + WOLFSSL_SNIFFER_TIMEOUT) {4061 if (XTIME(NULL) >= session->lastUsed + WOLFSSL_SNIFFER_TIMEOUT) { 2946 4062 TraceStaleSession(); 2947 4063 RemoveSession(session, NULL, NULL, i); … … 2992 4108 session->cliSeqStart = tcpInfo->sequence; 2993 4109 session->cliExpected = 1; /* relative */ 2994 session->lastUsed= time(NULL);4110 session->lastUsed= XTIME(NULL); 2995 4111 session->keySz = 0; 2996 4112 #ifdef HAVE_SNI … … 3005 4121 } 3006 4122 3007 session->sslServer = SSL_new(session->context->ctx);4123 session->sslServer = wolfSSL_new(session->context->ctx); 3008 4124 if (session->sslServer == NULL) { 3009 4125 SetError(BAD_NEW_SSL_STR, error, session, FATAL_ERROR_STATE); … … 3011 4127 return 0; 3012 4128 } 3013 session->sslClient = SSL_new(session->context->ctx);4129 session->sslClient = wolfSSL_new(session->context->ctx); 3014 4130 if (session->sslClient == NULL) { 3015 SSL_free(session->sslServer);4131 wolfSSL_free(session->sslServer); 3016 4132 session->sslServer = 0; 3017 4133 … … 3152 4268 int length, const byte** sslFrame, int* sslBytes, char* error) 3153 4269 { 4270 IpHdr* iphdr = (IpHdr*)packet; 4271 int version; 4272 3154 4273 TraceHeader(); 3155 4274 TracePacket(); … … 3160 4279 return -1; 3161 4280 } 4281 4282 version = IP_V(iphdr); 4283 if (version != IPV6 && version != IPV4) { 4284 /* Is this VLAN IEEE 802.1Q Frame? TPID = 0x8100 */ 4285 if (packet[2] == 0x81 && packet[3] == 0x00) { 4286 /* trim VLAN header and try again */ 4287 packet += 8; 4288 length -= 8; 4289 } 4290 } 4291 3162 4292 if (CheckIpHdr((IpHdr*)packet, ipInfo, length, error) != 0) 3163 4293 return -1; … … 3177 4307 return -1; 3178 4308 } 4309 3179 4310 /* We only care about the data in the TCP/IP record. There may be extra 3180 4311 * data after the IP record for the FCS for Ethernet. */ … … 3372 4503 { 3373 4504 if (session->flags.side == WOLFSSL_SERVER_END) { 3374 if (session->finCap utre.cliCounted == 0)3375 session->finCap utre.cliFinSeq = sequence;4505 if (session->finCapture.cliCounted == 0) 4506 session->finCapture.cliFinSeq = sequence; 3376 4507 } 3377 4508 else { 3378 if (session->finCap utre.srvCounted == 0)3379 session->finCap utre.srvFinSeq = sequence;4509 if (session->finCapture.srvCounted == 0) 4510 session->finCapture.srvFinSeq = sequence; 3380 4511 } 3381 4512 return 1; … … 3513 4644 &session->cliReassemblyMemory : 3514 4645 &session->srvReassemblyMemory; 3515 SSL*ssl = (session->flags.side == WOLFSSL_SERVER_END) ?4646 WOLFSSL* ssl = (session->flags.side == WOLFSSL_SERVER_END) ? 3516 4647 session->sslServer : 3517 4648 session->sslClient; … … 3589 4720 word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ? 3590 4721 &session->srvExpected : &session->cliExpected; 4722 word32 seqStart = (session->flags.side == WOLFSSL_SERVER_END) ? 4723 session->srvSeqStart : session->cliSeqStart; 3591 4724 PacketBuffer* list = (session->flags.side == WOLFSSL_SERVER_END) ? 3592 4725 session->srvReassemblyList : … … 3596 4729 &session->flags.cliSkipPartial; 3597 4730 4731 if (tcpInfo->ackNumber < seqStart) { 4732 return -1; /* do not fix sequence - could be ack on unseen seq */ 4733 } 3598 4734 *skipPartial = 1; 4735 3599 4736 if (list != NULL) 3600 4737 *expected = list->begin; 3601 else { 3602 word32 seqStart = (session->flags.side == WOLFSSL_SERVER_END) ? 3603 session->srvSeqStart : session->cliSeqStart; 3604 word32 real = tcpInfo->ackNumber - seqStart; 3605 3606 *expected = real; 3607 } 4738 else 4739 *expected = tcpInfo->ackNumber - seqStart; 4740 3608 4741 3609 4742 return 1; … … 3646 4779 &session->flags.srvAckFault; 3647 4780 3648 /* init SEQ from server to client */3649 if (tcpInfo->syn && tcpInfo->ack ) {4781 /* init SEQ from server to client - if not ack fault */ 4782 if (tcpInfo->syn && tcpInfo->ack && !*ackFault) { 3650 4783 session->srvSeqStart = tcpInfo->sequence; 3651 4784 session->srvExpected = 1; … … 3694 4827 { 3695 4828 word32 length; 3696 SSL*ssl = ((*session)->flags.side == WOLFSSL_SERVER_END) ?4829 WOLFSSL* ssl = ((*session)->flags.side == WOLFSSL_SERVER_END) ? 3697 4830 (*session)->sslServer : (*session)->sslClient; 3698 4831 byte skipPartial = ((*session)->flags.side == WOLFSSL_SERVER_END) ? … … 3758 4891 3759 4892 Trace(CHAIN_INPUT_STR); 3760 headerSz = (word32) *sslFrame - (word32)chain[0].iov_base;4893 headerSz = (word32)((const byte*)*sslFrame - (const byte*)chain[0].iov_base); 3761 4894 remainder = *sslBytes; 3762 4895 … … 3833 4966 &session->cliExpected : &session->srvExpected; 3834 4967 /* buffer is on receiving end */ 3835 word32* length = (session->flags.side == WOLFSSL_SERVER_END) ?4968 word32* length = (session->flags.side == WOLFSSL_SERVER_END) ? 3836 4969 &session->sslServer->buffers.inputBuffer.length : 3837 4970 &session->sslClient->buffers.inputBuffer.length; … … 3839 4972 &session->sslServer->buffers.inputBuffer.buffer : 3840 4973 &session->sslClient->buffers.inputBuffer.buffer; 3841 word32* 4974 word32* bufferSize = (session->flags.side == WOLFSSL_SERVER_END) ? 3842 4975 &session->sslServer->buffers.inputBuffer.bufferSize : 3843 4976 &session->sslClient->buffers.inputBuffer.bufferSize; 3844 SSL*ssl = (session->flags.side == WOLFSSL_SERVER_END) ?4977 WOLFSSL* ssl = (session->flags.side == WOLFSSL_SERVER_END) ? 3845 4978 session->sslServer : session->sslClient; 3846 4979 word32* reassemblyMemory = (session->flags.side == WOLFSSL_SERVER_END) ? … … 3904 5037 int notEnough; /* notEnough bytes yet flag */ 3905 5038 int decrypted = 0; /* was current msg decrypted */ 3906 SSL*ssl = (session->flags.side == WOLFSSL_SERVER_END) ?3907 5039 WOLFSSL* ssl = (session->flags.side == WOLFSSL_SERVER_END) ? 5040 session->sslServer : session->sslClient; 3908 5041 doMessage: 3909 5042 notEnough = 0; … … 3951 5084 session->flags.clientCipherOn)) { 3952 5085 int ivAdvance = 0; /* TLSv1.1 advance amount */ 5086 5087 /* change_cipher_spec is not encrypted */ 5088 if (rh.type == change_cipher_spec) { 5089 goto doPart; 5090 } 3953 5091 if (ssl->decrypt.setup != 1) { 3954 5092 SetError(DECRYPT_KEYS_NOT_SETUP, error, session, FATAL_ERROR_STATE); … … 3959 5097 return -1; 3960 5098 } 5099 3961 5100 sslFrame = DecryptMessage(ssl, sslFrame, rhSize, 3962 5101 ssl->buffers.outputBuffer.buffer, &errCode, 3963 &ivAdvance );5102 &ivAdvance, &rh); 3964 5103 recordEnd = sslFrame - ivAdvance + rhSize; /* sslFrame moved so 3965 5104 should recordEnd */ … … 3992 5131 3993 5132 Trace(GOT_HANDSHAKE_STR); 3994 ret = DoHandShake(sslFrame, &sslBytes, session, error );3995 if (ret != 0 ) {5133 ret = DoHandShake(sslFrame, &sslBytes, session, error, rhSize); 5134 if (ret != 0 || sslBytes > startIdx) { 3996 5135 if (session->flags.fatalError == 0) 3997 5136 SetError(BAD_HANDSHAKE_STR, error, session, … … 4008 5147 break; 4009 5148 case change_cipher_spec: 4010 if (session->flags.side == WOLFSSL_SERVER_END) 4011 session->flags.serverCipherOn = 1; 5149 if (session->flags.side == WOLFSSL_SERVER_END) { 5150 #ifdef WOLFSSL_TLS13 5151 if (IsAtLeastTLSv1_3(session->sslServer->version) && session->srvKs.key_len == 0) { 5152 session->flags.serverCipherOn = 0; 5153 } 5154 else 5155 #endif 5156 { 5157 session->flags.serverCipherOn = 1; 5158 } 5159 } 4012 5160 else 4013 5161 session->flags.clientCipherOn = 1; … … 4146 5294 { 4147 5295 int ret = 0; 4148 if (session->finCap utre.cliFinSeq && session->finCaputre.cliFinSeq <=5296 if (session->finCapture.cliFinSeq && session->finCapture.cliFinSeq <= 4149 5297 session->cliExpected) { 4150 if (session->finCap utre.cliCounted == 0) {5298 if (session->finCapture.cliCounted == 0) { 4151 5299 session->flags.finCount += 1; 4152 session->finCap utre.cliCounted = 1;4153 TraceClientFin(session->finCap utre.cliFinSeq, session->cliExpected);4154 } 4155 } 4156 4157 if (session->finCap utre.srvFinSeq && session->finCaputre.srvFinSeq <=5300 session->finCapture.cliCounted = 1; 5301 TraceClientFin(session->finCapture.cliFinSeq, session->cliExpected); 5302 } 5303 } 5304 5305 if (session->finCapture.srvFinSeq && session->finCapture.srvFinSeq <= 4158 5306 session->srvExpected) { 4159 if (session->finCap utre.srvCounted == 0) {5307 if (session->finCapture.srvCounted == 0) { 4160 5308 session->flags.finCount += 1; 4161 session->finCap utre.srvCounted = 1;4162 TraceServerFin(session->finCap utre.srvFinSeq, session->srvExpected);5309 session->finCapture.srvCounted = 1; 5310 TraceServerFin(session->finCapture.srvFinSeq, session->srvExpected); 4163 5311 } 4164 5312 } … … 4581 5729 WOLFSSL_FILETYPE_ASN1; 4582 5730 4583 ret = LoadKeyFile(&keyBuf, &keyBufSz, keyFile, keyType, password);5731 ret = LoadKeyFile(&keyBuf, &keyBufSz, keyFile, 0, keyType, password); 4584 5732 if (ret < 0) { 4585 5733 SetError(KEY_FILE_STR, error, NULL, 0); -
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/ssl.c
r457 r464 35 35 defined(OPENSSL_EXTRA_X509_SMALL) 36 36 37 #ifdef HAVE_ERRNO_H38 #include <errno.h>39 #endif40 41 37 #include <wolfssl/internal.h> 42 38 #include <wolfssl/error-ssl.h> … … 49 45 #endif 50 46 47 #ifdef HAVE_ERRNO_H 48 #include <errno.h> 49 #endif 50 51 51 52 52 #if !defined(WOLFSSL_ALLOW_NO_SUITES) && !defined(WOLFCRYPT_ONLY) 53 53 #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(WOLFSSL_STATIC_RSA) \ 54 54 && !defined(WOLFSSL_STATIC_DH) && !defined(WOLFSSL_STATIC_PSK) \ 55 && !defined(HAVE_ ED25519) && !defined(HAVE_ED448)55 && !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) 56 56 #error "No cipher suites defined because DH disabled, ECC disabled, and no static suites defined. Please see top of README" 57 57 #endif … … 96 96 #include <wolfssl/openssl/rc4.h> 97 97 #include <wolfssl/openssl/stack.h> 98 #include <wolfssl/openssl/x509v3.h>99 98 #include <wolfssl/openssl/x509_vfy.h> 100 99 /* openssl headers end, wolfssl internal headers next */ … … 102 101 #include <wolfssl/wolfcrypt/random.h> 103 102 #include <wolfssl/wolfcrypt/des3.h> 103 #include <wolfssl/wolfcrypt/ecc.h> 104 104 #include <wolfssl/wolfcrypt/md4.h> 105 105 #include <wolfssl/wolfcrypt/md5.h> … … 111 111 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) 112 112 #include <wolfssl/openssl/ocsp.h> 113 #include <wolfssl/openssl/lhash.h> 114 #include <wolfssl/openssl/txt_db.h> 113 115 #endif /* WITH_STUNNEL */ 114 116 #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) … … 126 128 #endif /* OPENSSL_ALL && HAVE_PKCS7 */ 127 129 #endif 130 128 131 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 132 #include <wolfssl/openssl/x509v3.h> 129 133 int SetIndividualInternal(WOLFSSL_BIGNUM* bn, mp_int* mpi); 130 134 int SetIndividualExternal(WOLFSSL_BIGNUM** bn, mp_int* mpi); 131 135 int oid2nid(word32 oid, int grp); 136 word32 nid2oid(int nid, int grp); 132 137 #endif 133 138 … … 143 148 #define WOLFSSL_EVP_INCLUDED 144 149 #include "wolfcrypt/src/evp.c" 150 151 #ifndef WOLFCRYPT_ONLY 145 152 146 153 #ifdef OPENSSL_EXTRA … … 148 155 static WOLFSSL_BIGNUM* bn_one = NULL; 149 156 #endif 150 151 #ifndef WOLFCRYPT_ONLY152 157 153 158 #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) … … 190 195 #ifdef WOLFSSL_SESSION_EXPORT 191 196 #ifdef WOLFSSL_DTLS 192 int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf, unsigned int sz)197 int wolfSSL_dtls_import(WOLFSSL* ssl, const unsigned char* buf, unsigned int sz) 193 198 { 194 199 WOLFSSL_ENTER("wolfSSL_session_import"); … … 402 407 && !defined(NO_SHA256) && !defined(WC_NO_RNG) 403 408 else { 404 ctx->srp = (Srp*) 409 ctx->srp = (Srp*)XMALLOC(sizeof(Srp), heap, DYNAMIC_TYPE_SRP); 405 410 if (ctx->srp == NULL){ 406 411 WOLFSSL_MSG("Init CTX failed"); … … 439 444 { 440 445 int refCount = SSL_CTX_RefCount(ctx, 1); 441 return ((refCount > 1) ? 1 : 0);446 return ((refCount > 1) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE); 442 447 } 443 448 #endif … … 450 455 #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \ 451 456 && !defined(NO_SHA256) && !defined(WC_NO_RNG) 452 if (ctx->srp != NULL) {457 if (ctx->srp != NULL) { 453 458 if (ctx->srp_password != NULL){ 454 459 XFREE(ctx->srp_password, ctx->heap, DYNAMIC_TYPE_SRP); … … 903 908 /* Add each member to the buffer delimited by a : */ 904 909 for (i = 0; i < ciphersSz; i++) { 910 #ifndef NO_CIPHER_SUITE_ALIASES 911 if (ciphers[i].flags & WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS) 912 continue; 913 #endif 905 914 cipherNameSz = (int)XSTRLEN(ciphers[i].name_iana); 906 915 if (cipherNameSz + 1 < len) { … … 1165 1174 #ifdef WOLFSSL_DTLS 1166 1175 static WC_INLINE word32 UpdateHighwaterMark(word32 cur, word32 first, 1167 word32 second, word32 max)1176 word32 second, word32 high) 1168 1177 { 1169 1178 word32 newCur = 0; … … 1173 1182 else if (cur < second) 1174 1183 newCur = second; 1175 else if (cur < max)1176 newCur = max;1184 else if (cur < high) 1185 newCur = high; 1177 1186 1178 1187 return newCur; … … 1500 1509 int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX** ctx, wolfSSL_method_func method, 1501 1510 unsigned char* buf, unsigned int sz, 1502 int flag, int max )1511 int flag, int maxSz) 1503 1512 { 1504 1513 WOLFSSL_HEAP* heap; … … 1559 1568 /* determine what max applies too */ 1560 1569 if (flag & WOLFMEM_IO_POOL || flag & WOLFMEM_IO_POOL_FIXED) { 1561 heap->maxIO = max ;1570 heap->maxIO = maxSz; 1562 1571 } 1563 1572 else { /* general memory used in handshakes */ 1564 heap->maxHa = max ;1573 heap->maxHa = maxSz; 1565 1574 } 1566 1575 1567 1576 heap->flag |= flag; 1568 1577 1569 (void)max ;1578 (void)maxSz; 1570 1579 (void)method; 1571 1580 … … 1648 1657 return INPUT_SIZE_E; 1649 1658 1650 return BuildMessage(ssl, NULL, 0, NULL, inSz, application_data, 0, 1, 0 );1659 return BuildMessage(ssl, NULL, 0, NULL, inSz, application_data, 0, 1, 0, CUR_ORDER); 1651 1660 } 1652 1661 … … 1679 1688 } 1680 1689 1681 #endif /* !NO_RSA*/1690 #endif /* HAVE_ECC */ 1682 1691 1683 1692 #ifndef NO_RSA … … 1985 1994 #ifdef OPENSSL_EXTRA 1986 1995 if (ssl->CBIS != NULL) { 1987 ssl->CBIS(ssl, SSL_CB_WRITE, SSL_SUCCESS);1996 ssl->CBIS(ssl, SSL_CB_WRITE, WOLFSSL_SUCCESS); 1988 1997 ssl->cbmode = SSL_CB_WRITE; 1989 1998 } … … 2025 2034 if (ssl->options.dtlsSctp) 2026 2035 #endif 2027 #if defined(WOL LSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)2036 #if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU) 2028 2037 ssl->dtls_expected_rx = max(ssl->dtls_expected_rx, ssl->dtlsMtuSz); 2029 2038 #endif … … 2077 2086 #ifdef OPENSSL_EXTRA 2078 2087 if (ssl->CBIS != NULL) { 2079 ssl->CBIS(ssl, SSL_CB_READ, SSL_SUCCESS);2088 ssl->CBIS(ssl, SSL_CB_READ, WOLFSSL_SUCCESS); 2080 2089 ssl->cbmode = SSL_CB_READ; 2081 2090 } … … 2368 2377 2369 2378 /* Elliptic Curves */ 2370 #if defined(HAVE_SUPPORTED_CURVES) && !defined(NO_WOLFSSL_CLIENT) 2371 2372 int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name) 2373 { 2374 if (ssl == NULL) 2375 return BAD_FUNC_ARG; 2376 2379 #if defined(HAVE_SUPPORTED_CURVES) 2380 2381 static int isValidCurveGroup(word16 name) 2382 { 2377 2383 switch (name) { 2378 2384 case WOLFSSL_ECC_SECP160K1: … … 2398 2404 case WOLFSSL_FFDHE_6144: 2399 2405 case WOLFSSL_FFDHE_8192: 2400 break;2406 return 1; 2401 2407 2402 2408 default: 2403 return BAD_FUNC_ARG; 2404 } 2409 return 0; 2410 } 2411 } 2412 2413 int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name) 2414 { 2415 if (ssl == NULL || !isValidCurveGroup(name)) 2416 return BAD_FUNC_ARG; 2405 2417 2406 2418 ssl->options.userCurves = 1; … … 2412 2424 int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, word16 name) 2413 2425 { 2414 if (ctx == NULL )2426 if (ctx == NULL || !isValidCurveGroup(name)) 2415 2427 return BAD_FUNC_ARG; 2416 2428 2417 switch (name) {2418 case WOLFSSL_ECC_SECP160K1:2419 case WOLFSSL_ECC_SECP160R1:2420 case WOLFSSL_ECC_SECP160R2:2421 case WOLFSSL_ECC_SECP192K1:2422 case WOLFSSL_ECC_SECP192R1:2423 case WOLFSSL_ECC_SECP224K1:2424 case WOLFSSL_ECC_SECP224R1:2425 case WOLFSSL_ECC_SECP256K1:2426 case WOLFSSL_ECC_SECP256R1:2427 case WOLFSSL_ECC_SECP384R1:2428 case WOLFSSL_ECC_SECP521R1:2429 case WOLFSSL_ECC_BRAINPOOLP256R1:2430 case WOLFSSL_ECC_BRAINPOOLP384R1:2431 case WOLFSSL_ECC_BRAINPOOLP512R1:2432 case WOLFSSL_ECC_X25519:2433 case WOLFSSL_ECC_X448:2434 case WOLFSSL_FFDHE_2048:2435 case WOLFSSL_FFDHE_3072:2436 case WOLFSSL_FFDHE_4096:2437 case WOLFSSL_FFDHE_6144:2438 case WOLFSSL_FFDHE_8192:2439 break;2440 2441 default:2442 return BAD_FUNC_ARG;2443 }2444 2445 2429 ctx->userCurves = 1; 2446 2430 … … 2448 2432 } 2449 2433 2450 #endif /* HAVE_SUPPORTED_CURVES && !NO_WOLFSSL_CLIENT */ 2434 #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_TLS13) 2435 int wolfSSL_CTX_set1_groups(WOLFSSL_CTX* ctx, int* groups, 2436 int count) 2437 { 2438 int i; 2439 int _groups[WOLFSSL_MAX_GROUP_COUNT]; 2440 WOLFSSL_ENTER("wolfSSL_CTX_set1_groups"); 2441 if (count == 0) { 2442 WOLFSSL_MSG("Group count is zero"); 2443 return WOLFSSL_FAILURE; 2444 } 2445 for (i = 0; i < count; i++) { 2446 if (isValidCurveGroup((word16)groups[i])) { 2447 _groups[i] = groups[i]; 2448 } 2449 #ifdef HAVE_ECC 2450 else { 2451 /* groups may be populated with curve NIDs */ 2452 int oid = nid2oid(groups[i], oidCurveType); 2453 int name = (int)GetCurveByOID(oid); 2454 if (name == 0) { 2455 WOLFSSL_MSG("Invalid group name"); 2456 return WOLFSSL_FAILURE; 2457 } 2458 _groups[i] = name; 2459 } 2460 #else 2461 else { 2462 WOLFSSL_MSG("Invalid group name"); 2463 return WOLFSSL_FAILURE; 2464 } 2465 #endif 2466 } 2467 return wolfSSL_CTX_set_groups(ctx, _groups, count) == WOLFSSL_SUCCESS ? 2468 WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 2469 } 2470 2471 int wolfSSL_set1_groups(WOLFSSL* ssl, int* groups, int count) 2472 { 2473 int i; 2474 int _groups[WOLFSSL_MAX_GROUP_COUNT]; 2475 WOLFSSL_ENTER("wolfSSL_CTX_set1_groups"); 2476 if (count == 0) { 2477 WOLFSSL_MSG("Group count is zero"); 2478 return WOLFSSL_FAILURE; 2479 } 2480 for (i = 0; i < count; i++) { 2481 if (isValidCurveGroup((word16)groups[i])) { 2482 _groups[i] = groups[i]; 2483 } 2484 #ifdef HAVE_ECC 2485 else { 2486 /* groups may be populated with curve NIDs */ 2487 int oid = nid2oid(groups[i], oidCurveType); 2488 int name = (int)GetCurveByOID(oid); 2489 if (name == 0) { 2490 WOLFSSL_MSG("Invalid group name"); 2491 return WOLFSSL_FAILURE; 2492 } 2493 _groups[i] = name; 2494 } 2495 #else 2496 else { 2497 WOLFSSL_MSG("Invalid group name"); 2498 return WOLFSSL_FAILURE; 2499 } 2500 #endif 2501 } 2502 return wolfSSL_set_groups(ssl, _groups, count) == WOLFSSL_SUCCESS ? 2503 WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 2504 } 2505 #endif /* OPENSSL_EXTRA && WOLFSSL_TLS13 */ 2506 #endif /* HAVE_SUPPORTED_CURVES */ 2451 2507 2452 2508 /* QSH quantum safe handshake */ … … 2509 2565 word32 protocol_name_listSz, byte options) 2510 2566 { 2511 char *list, *ptr, *token[WOLFSSL_MAX_ALPN_NUMBER ]={NULL};2567 char *list, *ptr, *token[WOLFSSL_MAX_ALPN_NUMBER+1]={NULL}; 2512 2568 word16 len; 2513 2569 int idx = 0; … … 2664 2720 2665 2721 if (ssl->options.handShakeState != HANDSHAKE_DONE) { 2666 WOLFSSL_MSG("Can't renegotiate until previous handshake complete"); 2667 return SECURE_RENEGOTIATION_E; 2722 if (!ssl->options.handShakeDone) { 2723 WOLFSSL_MSG("Can't renegotiate until initial " 2724 "handshake complete"); 2725 return SECURE_RENEGOTIATION_E; 2726 } 2727 else { 2728 WOLFSSL_MSG("Renegotiation already started. " 2729 "Moving it forward."); 2730 ret = wolfSSL_negotiate(ssl); 2731 if (ret == WOLFSSL_SUCCESS) 2732 ssl->secure_rene_count++; 2733 return ret; 2734 } 2668 2735 } 2669 2736 … … 2707 2774 } 2708 2775 ret = wolfSSL_negotiate(ssl); 2709 ssl->secure_rene_count++; 2776 if (ret == WOLFSSL_SUCCESS) 2777 ssl->secure_rene_count++; 2710 2778 return ret; 2711 2779 } … … 2769 2837 #endif /* HAVE_SECURE_RENEGOTIATION */ 2770 2838 2839 #if defined(HAVE_SESSION_TICKET) 2771 2840 /* Session Ticket */ 2772 #if !defined(NO_WOLFSSL_SERVER) && defined(HAVE_SESSION_TICKET) 2841 2842 #if !defined(NO_WOLFSSL_SERVER) 2843 int wolfSSL_CTX_NoTicketTLSv12(WOLFSSL_CTX* ctx) 2844 { 2845 if (ctx == NULL) 2846 return BAD_FUNC_ARG; 2847 2848 ctx->noTicketTls12 = 1; 2849 2850 return WOLFSSL_SUCCESS; 2851 } 2852 2853 int wolfSSL_NoTicketTLSv12(WOLFSSL* ssl) 2854 { 2855 if (ssl == NULL) 2856 return BAD_FUNC_ARG; 2857 2858 ssl->options.noTicketTls12 = 1; 2859 2860 return WOLFSSL_SUCCESS; 2861 } 2862 2773 2863 /* WOLFSSL_SUCCESS on ok */ 2774 2864 int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx, SessionTicketEncCb cb) … … 2804 2894 } 2805 2895 2806 #endif /* !defined(NO_WOLFSSL_CLIENT) && defined(HAVE_SESSION_TICKET) */ 2807 2808 /* Session Ticket */ 2809 #if !defined(NO_WOLFSSL_CLIENT) && defined(HAVE_SESSION_TICKET) 2896 #endif /* !NO_WOLFSSL_SERVER */ 2897 2898 #if !defined(NO_WOLFSSL_CLIENT) 2810 2899 int wolfSSL_UseSessionTicket(WOLFSSL* ssl) 2811 2900 { … … 2888 2977 return WOLFSSL_SUCCESS; 2889 2978 } 2890 #endif 2979 #endif /* !NO_WOLFSSL_CLIENT */ 2980 2981 #endif /* HAVE_SESSION_TICKET */ 2891 2982 2892 2983 … … 3023 3114 } 3024 3115 3025 #if def OPENSSL_EXTRA3116 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 3026 3117 /* reset WOLFSSL structure state for possible re-use */ 3027 3118 if (ret == WOLFSSL_SUCCESS) { … … 3121 3212 char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data) 3122 3213 { 3123 static wcchar msg = "Please supply a buffer for error string";3214 static char tmp[WOLFSSL_MAX_ERROR_SZ] = {0}; 3124 3215 3125 3216 WOLFSSL_ENTER("ERR_error_string"); … … 3128 3219 return data; 3129 3220 } 3130 3131 return (char*)msg; 3221 else { 3222 SetErrorString((int)errNumber, tmp); 3223 return tmp; 3224 } 3132 3225 } 3133 3226 … … 3228 3321 return 0; 3229 3322 } 3323 3324 #ifdef WOLFSSL_DTLS 3325 const byte* wolfSSL_GetDtlsMacSecret(WOLFSSL* ssl, int verify, int epochOrder) 3326 { 3327 #ifndef WOLFSSL_AEAD_ONLY 3328 Keys* keys = NULL; 3329 3330 (void)epochOrder; 3331 3332 if (ssl == NULL) 3333 return NULL; 3334 3335 #ifdef HAVE_SECURE_RENEGOTIATION 3336 switch (epochOrder) { 3337 case PEER_ORDER: 3338 if (IsDtlsMsgSCRKeys(ssl)) 3339 keys = &ssl->secure_renegotiation->tmp_keys; 3340 else 3341 keys = &ssl->keys; 3342 break; 3343 case PREV_ORDER: 3344 keys = &ssl->keys; 3345 break; 3346 case CUR_ORDER: 3347 if (DtlsUseSCRKeys(ssl)) 3348 keys = &ssl->secure_renegotiation->tmp_keys; 3349 else 3350 keys = &ssl->keys; 3351 break; 3352 default: 3353 WOLFSSL_MSG("Unknown epoch order"); 3354 return NULL; 3355 } 3356 #else 3357 keys = &ssl->keys; 3358 #endif 3359 3360 if ( (ssl->options.side == WOLFSSL_CLIENT_END && !verify) || 3361 (ssl->options.side == WOLFSSL_SERVER_END && verify) ) 3362 return keys->client_write_MAC_secret; 3363 else 3364 return keys->server_write_MAC_secret; 3365 #else 3366 (void)ssl; 3367 (void)verify; 3368 (void)epochOrder; 3369 3370 return NULL; 3371 #endif 3372 } 3373 #endif /* WOLFSSL_DTLS */ 3230 3374 3231 3375 const byte* wolfSSL_GetMacSecret(WOLFSSL* ssl, int verify) … … 3527 3671 if (cm) { 3528 3672 XMEMSET(cm, 0, sizeof(WOLFSSL_CERT_MANAGER)); 3673 cm->refCount = 1; 3529 3674 3530 3675 if (wc_InitMutex(&cm->caLock) != 0) { 3676 WOLFSSL_MSG("Bad mutex init"); 3677 wolfSSL_CertManagerFree(cm); 3678 return NULL; 3679 } 3680 if (wc_InitMutex(&cm->refMutex) != 0) { 3531 3681 WOLFSSL_MSG("Bad mutex init"); 3532 3682 wolfSSL_CertManagerFree(cm); … … 3564 3714 void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm) 3565 3715 { 3716 int doFree = 0; 3566 3717 WOLFSSL_ENTER("wolfSSL_CertManagerFree"); 3567 3718 3568 3719 if (cm) { 3569 #ifdef HAVE_CRL 3570 if (cm->crl) 3571 FreeCRL(cm->crl, 1); 3572 #endif 3573 #ifdef HAVE_OCSP 3574 if (cm->ocsp) 3575 FreeOCSP(cm->ocsp, 1); 3576 XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL); 3577 #if !defined(NO_WOLFSSL_SERVER) && \ 3578 (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ 3579 defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)) 3580 if (cm->ocsp_stapling) 3581 FreeOCSP(cm->ocsp_stapling, 1); 3582 #endif 3583 #endif 3584 FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap); 3585 wc_FreeMutex(&cm->caLock); 3586 3587 #ifdef WOLFSSL_TRUST_PEER_CERT 3588 FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap); 3589 wc_FreeMutex(&cm->tpLock); 3590 #endif 3591 3592 XFREE(cm, cm->heap, DYNAMIC_TYPE_CERT_MANAGER); 3593 } 3594 3720 if (wc_LockMutex(&cm->refMutex) != 0) { 3721 WOLFSSL_MSG("Couldn't lock cm mutex"); 3722 } 3723 cm->refCount--; 3724 if (cm->refCount == 0) 3725 doFree = 1; 3726 wc_UnLockMutex(&cm->refMutex); 3727 if (doFree) { 3728 #ifdef HAVE_CRL 3729 if (cm->crl) 3730 FreeCRL(cm->crl, 1); 3731 #endif 3732 #ifdef HAVE_OCSP 3733 if (cm->ocsp) 3734 FreeOCSP(cm->ocsp, 1); 3735 XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL); 3736 #if !defined(NO_WOLFSSL_SERVER) && \ 3737 (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ 3738 defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)) 3739 if (cm->ocsp_stapling) 3740 FreeOCSP(cm->ocsp_stapling, 1); 3741 #endif 3742 #endif 3743 FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap); 3744 wc_FreeMutex(&cm->caLock); 3745 3746 #ifdef WOLFSSL_TRUST_PEER_CERT 3747 FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap); 3748 wc_FreeMutex(&cm->tpLock); 3749 #endif 3750 if (wc_FreeMutex(&cm->refMutex) != 0) { 3751 WOLFSSL_MSG("Couldn't free refMutex mutex"); 3752 } 3753 XFREE(cm, cm->heap, DYNAMIC_TYPE_CERT_MANAGER); 3754 } 3755 } 3756 3757 } 3758 3759 int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm) 3760 { 3761 if (cm) { 3762 if (wc_LockMutex(&cm->refMutex) != 0) { 3763 WOLFSSL_MSG("Failed to lock cm mutex"); 3764 } 3765 cm->refCount++; 3766 wc_UnLockMutex(&cm->refMutex); 3767 3768 return WOLFSSL_SUCCESS; 3769 } 3770 3771 return WOLFSSL_FAILURE; 3595 3772 } 3596 3773 … … 3657 3834 if (CopyDecodedToX509(x509, dCert) == 0) { 3658 3835 3659 if (wolfSSL_sk_X509_push(sk, x509) != SSL_SUCCESS) {3836 if (wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS) { 3660 3837 WOLFSSL_MSG("Unable to load x509 into stack"); 3661 3838 FreeX509(x509); … … 3756 3933 if (CopyDecodedToX509(x509, dCert) == 0) { 3757 3934 3758 if (wolfSSL_sk_X509_push(sk, x509) != SSL_SUCCESS) {3935 if (wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS) { 3759 3936 WOLFSSL_MSG("Unable to load x509 into stack"); 3760 3937 wolfSSL_X509_free(x509); … … 3841 4018 WOLFSSL_ENTER("wolfSSL_ERR_print_errors_fp"); 3842 4019 SetErrorString(err, data); 3843 fprintf(fp, "%s", data);4020 XFPRINTF(fp, "%s", data); 3844 4021 } 3845 4022 … … 3988 4165 3989 4166 /* Function to get version as WOLFSSL_ enum value for wolfSSL_SetVersion */ 3990 int wolfSSL_GetVersion( WOLFSSL* ssl)4167 int wolfSSL_GetVersion(const WOLFSSL* ssl) 3991 4168 { 3992 4169 if (ssl == NULL) … … 4089 4266 { 4090 4267 return ((word32)hashID[0] << 24) | ((word32)hashID[1] << 16) | 4091 (hashID[2] << 8) |hashID[3];4268 ((word32)hashID[2] << 8) | (word32)hashID[3]; 4092 4269 } 4093 4270 … … 4254 4431 Signer* ret = NULL; 4255 4432 Signer* signers; 4256 word32 row = HashSigner(hash);4257 4258 if (cm == NULL )4433 word32 row = 0; 4434 4435 if (cm == NULL || hash == NULL) 4259 4436 return NULL; 4437 4438 row = HashSigner(hash); 4260 4439 4261 4440 if (wc_LockMutex(&cm->caLock) != 0) … … 4374 4553 /* add trusted peer signature */ 4375 4554 peerCert->sigLen = cert->sigLength; 4376 peerCert->sig = XMALLOC(cert->sigLength, cm->heap,4555 peerCert->sig = (byte *)XMALLOC(cert->sigLength, cm->heap, 4377 4556 DYNAMIC_TYPE_SIGNATURE); 4378 4557 if (peerCert->sig == NULL) { … … 4733 4912 #endif /* NO_SESSION_CACHE */ 4734 4913 4914 #if defined(OPENSSL_EXTRA) || \ 4915 (defined(OPENSSL_EXTRA_X509_SMALL) && !defined(NO_RSA)) 4916 static WC_RNG globalRNG; 4917 static int initGlobalRNG = 0; 4918 static wolfSSL_Mutex globalRNGMutex; 4919 #endif 4920 4735 4921 WOLFSSL_ABI 4736 4922 int wolfSSL_Init(void) … … 4744 4930 return WC_INIT_E; 4745 4931 } 4932 4933 #if defined(OPENSSL_EXTRA) || \ 4934 (defined(OPENSSL_EXTRA_X509_SMALL) && !defined(NO_RSA)) 4935 if (wc_InitMutex(&globalRNGMutex) != 0) { 4936 WOLFSSL_MSG("Bad Init Mutex rng"); 4937 return BAD_MUTEX_E; 4938 } 4939 #endif 4746 4940 4747 4941 #ifdef OPENSSL_EXTRA … … 4960 5154 return MEMORY_E; 4961 5155 #endif 4962 5156 4963 5157 ret = wc_InitRsaKey_ex(key, heap, devId); 4964 5158 if (ret == 0) { … … 5341 5535 FreeDer(&ssl->buffers.certificate); 5342 5536 #ifdef KEEP_OUR_CERT 5343 FreeX509(ssl->ourCert); 5344 if (ssl->ourCert) { 5345 XFREE(ssl->ourCert, ssl->heap, DYNAMIC_TYPE_X509); 5346 ssl->ourCert = NULL; 5347 } 5537 wolfSSL_X509_free(ssl->ourCert); 5538 ssl->ourCert = NULL; 5348 5539 #endif 5349 5540 } … … 5358 5549 #ifdef KEEP_OUR_CERT 5359 5550 if (ctx->ourCert) { 5360 if (ctx->ownOurCert) { 5361 FreeX509(ctx->ourCert); 5362 XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509); 5363 } 5551 if (ctx->ownOurCert) 5552 wolfSSL_X509_free(ctx->ourCert); 5364 5553 ctx->ourCert = NULL; 5365 5554 } … … 5448 5637 if (ret != 0) 5449 5638 return ret; 5450 if (keyFormat == 0) 5639 if (keyFormat == 0) { 5640 #ifdef OPENSSL_EXTRA 5641 /* Reaching this point probably means that the 5642 * decryption password is wrong */ 5643 if (info->passwd_cb) 5644 EVPerr(0, EVP_R_BAD_DECRYPT); 5645 #endif 5451 5646 return WOLFSSL_BAD_FILE; 5647 } 5452 5648 5453 5649 (void)devId; … … 5459 5655 DecodedCert cert[1]; 5460 5656 #endif 5461 #if def HAVE_PK_CALLBACKS5657 #if defined(HAVE_PKCS11) || defined(HAVE_PK_CALLBACKS) 5462 5658 int keyType = 0; 5463 5659 #endif … … 5567 5763 #ifndef NO_RSA 5568 5764 case RSAk: 5569 #if def HAVE_PK_CALLBACKS5765 #if defined(HAVE_PKCS11) || defined(HAVE_PK_CALLBACKS) 5570 5766 keyType = rsa_sa_algo; 5571 #endif5572 #ifdef HAVE_PKCS115573 if (ctx) {5574 ctx->privateKeyType = rsa_sa_algo;5575 }5576 else {5577 ssl->buffers.keyType = rsa_sa_algo;5578 }5579 5767 #endif 5580 5768 /* Determine RSA key size by parsing public key */ … … 5603 5791 #ifdef HAVE_ECC 5604 5792 case ECDSAk: 5605 #if def HAVE_PK_CALLBACKS5793 #if defined(HAVE_PKCS11) || defined(HAVE_PK_CALLBACKS) 5606 5794 keyType = ecc_dsa_sa_algo; 5607 #endif5608 #ifdef HAVE_PKCS115609 if (ctx) {5610 ctx->privateKeyType = ecc_dsa_sa_algo;5611 }5612 else {5613 ssl->buffers.keyType = ecc_dsa_sa_algo;5614 }5615 5795 #endif 5616 5796 /* Determine ECC key size based on curve */ … … 5636 5816 #ifdef HAVE_ED25519 5637 5817 case ED25519k: 5638 #if def HAVE_PK_CALLBACKS5818 #if defined(HAVE_PKCS11) || defined(HAVE_PK_CALLBACKS) 5639 5819 keyType = ed25519_sa_algo; 5640 #endif5641 #ifdef HAVE_PKCS115642 if (ctx) {5643 ctx->privateKeyType = ed25519_sa_algo;5644 }5645 else {5646 ssl->buffers.keyType = ed25519_sa_algo;5647 }5648 5820 #endif 5649 5821 /* ED25519 is fixed key size */ … … 5667 5839 #ifdef HAVE_ED448 5668 5840 case ED448k: 5669 #if def HAVE_PK_CALLBACKS5841 #if defined(HAVE_PKCS11) || defined(HAVE_PK_CALLBACKS) 5670 5842 keyType = ed448_sa_algo; 5671 #endif5672 #ifdef HAVE_PKCS115673 if (ctx) {5674 ctx->privateKeyType = ed448_sa_algo;5675 }5676 else {5677 ssl->buffers.keyType = ed448_sa_algo;5678 }5679 5843 #endif 5680 5844 /* ED448 is fixed key size */ … … 5702 5866 } 5703 5867 5704 #ifdef HAVE_PK_CALLBACKS 5705 if (ssl && ssl->buffers.keyType == 0) { 5868 #if defined(HAVE_PKCS11) || defined(HAVE_PK_CALLBACKS) 5869 if (ssl 5870 #ifdef HAVE_PK_CALLBACKS 5871 && ssl->buffers.keyType == 0 5872 #endif 5873 ) { 5706 5874 ssl->buffers.keyType = keyType; 5707 5875 ssl->buffers.keySz = keySz; 5708 5876 } 5709 else if (ctx && ctx->privateKeyType == 0) { 5877 else if (ctx 5878 #ifdef HAVE_PK_CALLBACKS 5879 && ctx->privateKeyType == 0 5880 #endif 5881 ) { 5710 5882 ctx->privateKeyType = keyType; 5711 5883 ctx->privateKeySz = keySz; … … 5724 5896 5725 5897 if (done == 1) { 5726 #ifndef NO_WOLFSSL_CM_VERIFY 5898 #if !defined(NO_WOLFSSL_CM_VERIFY) && (!defined(NO_WOLFSSL_CLIENT) || \ 5899 !defined(WOLFSSL_NO_CLIENT_AUTH)) 5727 5900 if ((type == CA_TYPE) || (type == CERT_TYPE)) { 5728 5901 /* Call to over-ride status */ … … 6013 6186 #endif /* NO_WOLFSSL_CM_VERIFY */ 6014 6187 6188 #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) 6015 6189 /* Verify the certificate, WOLFSSL_SUCCESS for ok, < 0 for error */ 6016 6190 int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const byte* buff, … … 6119 6293 return CM_VerifyBuffer_ex(cm, buff, sz, format, 0); 6120 6294 } 6295 #endif /* !NO_WOLFSSL_CLIENT || !WOLFSSL_NO_CLIENT_AUTH */ 6296 6121 6297 /* turn on OCSP if off and compiled in, set options */ 6122 6298 int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm, int options) … … 6236 6412 } 6237 6413 6414 /* require OCSP stapling response */ 6415 int wolfSSL_CertManagerEnableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm) 6416 { 6417 int ret; 6418 6419 WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPMustStaple"); 6420 6421 if (cm == NULL) 6422 return BAD_FUNC_ARG; 6423 6424 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ 6425 || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) 6426 #ifndef NO_WOLFSSL_CLIENT 6427 cm->ocspMustStaple = 1; 6428 #endif 6429 ret = WOLFSSL_SUCCESS; 6430 #else 6431 ret = NOT_COMPILED_IN; 6432 #endif 6433 6434 return ret; 6435 } 6436 6437 int wolfSSL_CertManagerDisableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm) 6438 { 6439 int ret; 6440 6441 WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSPMustStaple"); 6442 6443 if (cm == NULL) 6444 return BAD_FUNC_ARG; 6445 6446 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ 6447 || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) 6448 #ifndef NO_WOLFSSL_CLIENT 6449 cm->ocspMustStaple = 0; 6450 #endif 6451 ret = WOLFSSL_SUCCESS; 6452 #else 6453 ret = NOT_COMPILED_IN; 6454 #endif 6455 return ret; 6456 } 6457 6238 6458 #ifdef HAVE_OCSP 6239 6459 /* check CRL if enabled, WOLFSSL_SUCCESS */ … … 6256 6476 6257 6477 #ifdef WOLFSSL_SMALL_STACK 6258 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT);6478 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap, DYNAMIC_TYPE_DCERT); 6259 6479 if (cert == NULL) 6260 6480 return MEMORY_E; … … 6272 6492 FreeDecodedCert(cert); 6273 6493 #ifdef WOLFSSL_SMALL_STACK 6274 XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);6494 XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT); 6275 6495 #endif 6276 6496 … … 6453 6673 if (ctx) 6454 6674 return wolfSSL_CertManagerDisableOCSPStapling(ctx->cm); 6675 else 6676 return BAD_FUNC_ARG; 6677 } 6678 6679 int wolfSSL_CTX_EnableOCSPMustStaple(WOLFSSL_CTX* ctx) 6680 { 6681 WOLFSSL_ENTER("wolfSSL_CTX_EnableOCSPMustStaple"); 6682 if (ctx) 6683 return wolfSSL_CertManagerEnableOCSPMustStaple(ctx->cm); 6684 else 6685 return BAD_FUNC_ARG; 6686 } 6687 6688 int wolfSSL_CTX_DisableOCSPMustStaple(WOLFSSL_CTX* ctx) 6689 { 6690 WOLFSSL_ENTER("wolfSSL_CTX_DisableOCSPMustStaple"); 6691 if (ctx) 6692 return wolfSSL_CertManagerDisableOCSPMustStaple(ctx->cm); 6455 6693 else 6456 6694 return BAD_FUNC_ARG; … … 6517 6755 } 6518 6756 6519 if ( (ret = (int)XFREAD(myBuffer, 1, sz, file)) !=sz)6757 if ((size_t)XFREAD(myBuffer, 1, sz, file) != (size_t)sz) 6520 6758 ret = WOLFSSL_BAD_FILE; 6521 6759 else { … … 6693 6931 6694 6932 6933 #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) 6695 6934 /* Verify the certificate, WOLFSSL_SUCCESS for ok, < 0 for error */ 6696 6935 int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname, … … 6734 6973 } 6735 6974 6736 if ( (ret = (int)XFREAD(myBuffer, 1, sz, file)) !=sz)6975 if ((size_t)XFREAD(myBuffer, 1, sz, file) != (size_t)sz) 6737 6976 ret = WOLFSSL_BAD_FILE; 6738 6977 else … … 6745 6984 return ret; 6746 6985 } 6747 6986 #endif 6748 6987 6749 6988 /* like load verify locations, 1 for success, < 0 for error */ … … 6779 7018 return ret; 6780 7019 } 7020 7021 7022 #endif /* NO_FILESYSTEM */ 7023 7024 #ifdef HAVE_CRL 7025 7026 /* check CRL if enabled, WOLFSSL_SUCCESS */ 7027 int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz) 7028 { 7029 int ret = 0; 7030 #ifdef WOLFSSL_SMALL_STACK 7031 DecodedCert* cert = NULL; 7032 #else 7033 DecodedCert cert[1]; 7034 #endif 7035 7036 WOLFSSL_ENTER("wolfSSL_CertManagerCheckCRL"); 7037 7038 if (cm == NULL) 7039 return BAD_FUNC_ARG; 7040 7041 if (cm->crlEnabled == 0) 7042 return WOLFSSL_SUCCESS; 7043 7044 #ifdef WOLFSSL_SMALL_STACK 7045 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT); 7046 if (cert == NULL) 7047 return MEMORY_E; 7048 #endif 7049 7050 InitDecodedCert(cert, der, sz, NULL); 7051 7052 if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_CRL, cm)) != 0) { 7053 WOLFSSL_MSG("ParseCert failed"); 7054 } 7055 else if ((ret = CheckCertCRL(cm->crl, cert)) != 0) { 7056 WOLFSSL_MSG("CheckCertCRL failed"); 7057 } 7058 7059 FreeDecodedCert(cert); 7060 #ifdef WOLFSSL_SMALL_STACK 7061 XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); 7062 #endif 7063 7064 return ret == 0 ? WOLFSSL_SUCCESS : ret; 7065 } 7066 7067 7068 int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm, CbMissingCRL cb) 7069 { 7070 WOLFSSL_ENTER("wolfSSL_CertManagerSetCRL_Cb"); 7071 if (cm == NULL) 7072 return BAD_FUNC_ARG; 7073 7074 cm->cbMissingCRL = cb; 7075 7076 return WOLFSSL_SUCCESS; 7077 } 7078 7079 #ifdef HAVE_CRL_IO 7080 int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm, CbCrlIO cb) 7081 { 7082 if (cm == NULL) 7083 return BAD_FUNC_ARG; 7084 7085 cm->crl->crlIOCb = cb; 7086 7087 return WOLFSSL_SUCCESS; 7088 } 7089 #endif 7090 7091 #ifndef NO_FILESYSTEM 7092 int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path, 7093 int type, int monitor) 7094 { 7095 WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRL"); 7096 if (cm == NULL) 7097 return BAD_FUNC_ARG; 7098 7099 if (cm->crl == NULL) { 7100 if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) { 7101 WOLFSSL_MSG("Enable CRL failed"); 7102 return WOLFSSL_FATAL_ERROR; 7103 } 7104 } 7105 7106 return LoadCRL(cm->crl, path, type, monitor); 7107 } 7108 #endif 7109 7110 int wolfSSL_EnableCRL(WOLFSSL* ssl, int options) 7111 { 7112 WOLFSSL_ENTER("wolfSSL_EnableCRL"); 7113 if (ssl) 7114 return wolfSSL_CertManagerEnableCRL(ssl->ctx->cm, options); 7115 else 7116 return BAD_FUNC_ARG; 7117 } 7118 7119 7120 int wolfSSL_DisableCRL(WOLFSSL* ssl) 7121 { 7122 WOLFSSL_ENTER("wolfSSL_DisableCRL"); 7123 if (ssl) 7124 return wolfSSL_CertManagerDisableCRL(ssl->ctx->cm); 7125 else 7126 return BAD_FUNC_ARG; 7127 } 7128 7129 #ifndef NO_FILESYSTEM 7130 int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor) 7131 { 7132 WOLFSSL_ENTER("wolfSSL_LoadCRL"); 7133 if (ssl) 7134 return wolfSSL_CertManagerLoadCRL(ssl->ctx->cm, path, type, monitor); 7135 else 7136 return BAD_FUNC_ARG; 7137 } 7138 #endif 7139 7140 7141 int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb) 7142 { 7143 WOLFSSL_ENTER("wolfSSL_SetCRL_Cb"); 7144 if (ssl) 7145 return wolfSSL_CertManagerSetCRL_Cb(ssl->ctx->cm, cb); 7146 else 7147 return BAD_FUNC_ARG; 7148 } 7149 7150 #ifdef HAVE_CRL_IO 7151 int wolfSSL_SetCRL_IOCb(WOLFSSL* ssl, CbCrlIO cb) 7152 { 7153 WOLFSSL_ENTER("wolfSSL_SetCRL_Cb"); 7154 if (ssl) 7155 return wolfSSL_CertManagerSetCRL_IOCb(ssl->ctx->cm, cb); 7156 else 7157 return BAD_FUNC_ARG; 7158 } 7159 #endif 7160 7161 int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options) 7162 { 7163 WOLFSSL_ENTER("wolfSSL_CTX_EnableCRL"); 7164 if (ctx) 7165 return wolfSSL_CertManagerEnableCRL(ctx->cm, options); 7166 else 7167 return BAD_FUNC_ARG; 7168 } 7169 7170 7171 int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx) 7172 { 7173 WOLFSSL_ENTER("wolfSSL_CTX_DisableCRL"); 7174 if (ctx) 7175 return wolfSSL_CertManagerDisableCRL(ctx->cm); 7176 else 7177 return BAD_FUNC_ARG; 7178 } 7179 7180 7181 #ifndef NO_FILESYSTEM 7182 int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path, 7183 int type, int monitor) 7184 { 7185 WOLFSSL_ENTER("wolfSSL_CTX_LoadCRL"); 7186 if (ctx) 7187 return wolfSSL_CertManagerLoadCRL(ctx->cm, path, type, monitor); 7188 else 7189 return BAD_FUNC_ARG; 7190 } 7191 #endif 7192 7193 7194 int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb) 7195 { 7196 WOLFSSL_ENTER("wolfSSL_CTX_SetCRL_Cb"); 7197 if (ctx) 7198 return wolfSSL_CertManagerSetCRL_Cb(ctx->cm, cb); 7199 else 7200 return BAD_FUNC_ARG; 7201 } 7202 7203 #ifdef HAVE_CRL_IO 7204 int wolfSSL_CTX_SetCRL_IOCb(WOLFSSL_CTX* ctx, CbCrlIO cb) 7205 { 7206 WOLFSSL_ENTER("wolfSSL_CTX_SetCRL_IOCb"); 7207 if (ctx) 7208 return wolfSSL_CertManagerSetCRL_IOCb(ctx->cm, cb); 7209 else 7210 return BAD_FUNC_ARG; 7211 } 7212 #endif 7213 7214 7215 #endif /* HAVE_CRL */ 7216 7217 7218 #ifndef NO_FILESYSTEM 7219 7220 7221 #ifdef WOLFSSL_DER_LOAD 7222 7223 /* Add format parameter to allow DER load of CA files */ 7224 int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX* ctx, const char* file, 7225 int format) 7226 { 7227 WOLFSSL_ENTER("wolfSSL_CTX_der_load_verify_locations"); 7228 if (ctx == NULL || file == NULL) 7229 return WOLFSSL_FAILURE; 7230 7231 if (ProcessFile(ctx, file, format, CA_TYPE, NULL, 0, NULL, 7232 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) { 7233 return WOLFSSL_SUCCESS; 7234 } 7235 7236 return WOLFSSL_FAILURE; 7237 } 7238 7239 #endif /* WOLFSSL_DER_LOAD */ 7240 7241 7242 7243 WOLFSSL_ABI 7244 int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX* ctx, const char* file, 7245 int format) 7246 { 7247 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_file"); 7248 7249 if (ProcessFile(ctx, file, format, CERT_TYPE, NULL, 0, NULL, 7250 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) { 7251 return WOLFSSL_SUCCESS; 7252 } 7253 7254 return WOLFSSL_FAILURE; 7255 } 7256 7257 7258 WOLFSSL_ABI 7259 int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, 7260 int format) 7261 { 7262 WOLFSSL_ENTER("wolfSSL_CTX_use_PrivateKey_file"); 7263 7264 if (ProcessFile(ctx, file, format, PRIVATEKEY_TYPE, NULL, 0, NULL, 7265 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) { 7266 return WOLFSSL_SUCCESS; 7267 } 7268 7269 return WOLFSSL_FAILURE; 7270 } 7271 7272 7273 #endif /* NO_FILESYSTEM */ 7274 7275 7276 /* Sets the max chain depth when verifying a certificate chain. Default depth 7277 * is set to MAX_CHAIN_DEPTH. 7278 * 7279 * ctx WOLFSSL_CTX structure to set depth in 7280 * depth max depth 7281 */ 7282 void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx, int depth) { 7283 WOLFSSL_ENTER("wolfSSL_CTX_set_verify_depth"); 7284 7285 if (ctx == NULL || depth < 0 || depth > MAX_CHAIN_DEPTH) { 7286 WOLFSSL_MSG("Bad depth argument, too large or less than 0"); 7287 return; 7288 } 7289 7290 ctx->verifyDepth = (byte)depth; 7291 } 7292 7293 7294 /* get cert chaining depth using ssl struct */ 7295 long wolfSSL_get_verify_depth(WOLFSSL* ssl) 7296 { 7297 if(ssl == NULL) { 7298 return BAD_FUNC_ARG; 7299 } 7300 #ifndef OPENSSL_EXTRA 7301 return MAX_CHAIN_DEPTH; 7302 #else 7303 return ssl->options.verifyDepth; 7304 #endif 7305 } 7306 7307 7308 /* get cert chaining depth using ctx struct */ 7309 long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx) 7310 { 7311 if (ctx == NULL) { 7312 return BAD_FUNC_ARG; 7313 } 7314 #ifndef OPENSSL_EXTRA 7315 return MAX_CHAIN_DEPTH; 7316 #else 7317 return ctx->verifyDepth; 7318 #endif 7319 } 7320 7321 7322 #ifndef NO_FILESYSTEM 7323 7324 7325 WOLFSSL_ABI 7326 int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX* ctx, const char* file) 7327 { 7328 /* process up to MAX_CHAIN_DEPTH plus subject cert */ 7329 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_chain_file"); 7330 7331 if (ProcessFile(ctx, file, WOLFSSL_FILETYPE_PEM, CERT_TYPE, NULL, 1, NULL, 7332 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) { 7333 return WOLFSSL_SUCCESS; 7334 } 7335 7336 return WOLFSSL_FAILURE; 7337 } 7338 7339 7340 int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX* ctx, 7341 const char* file, int format) 7342 { 7343 /* process up to MAX_CHAIN_DEPTH plus subject cert */ 7344 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_chain_file_format"); 7345 7346 if (ProcessFile(ctx, file, format, CERT_TYPE, NULL, 1, NULL, 7347 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) { 7348 return WOLFSSL_SUCCESS; 7349 } 7350 7351 return WOLFSSL_FAILURE; 7352 } 7353 7354 7355 #ifndef NO_DH 7356 7357 /* server Diffie-Hellman parameters */ 7358 static int wolfSSL_SetTmpDH_file_wrapper(WOLFSSL_CTX* ctx, WOLFSSL* ssl, 7359 const char* fname, int format) 7360 { 7361 #ifdef WOLFSSL_SMALL_STACK 7362 byte staticBuffer[1]; /* force heap usage */ 7363 #else 7364 byte staticBuffer[FILE_BUFFER_SIZE]; 7365 #endif 7366 byte* myBuffer = staticBuffer; 7367 int dynamic = 0; 7368 int ret; 7369 long sz = 0; 7370 XFILE file; 7371 7372 if (ctx == NULL || fname == NULL) 7373 return BAD_FUNC_ARG; 7374 7375 file = XFOPEN(fname, "rb"); 7376 if (file == XBADFILE) return WOLFSSL_BAD_FILE; 7377 if(XFSEEK(file, 0, XSEEK_END) != 0) { 7378 XFCLOSE(file); 7379 return WOLFSSL_BAD_FILE; 7380 } 7381 sz = XFTELL(file); 7382 XREWIND(file); 7383 7384 if (sz > MAX_WOLFSSL_FILE_SIZE || sz <= 0) { 7385 WOLFSSL_MSG("SetTmpDH file size error"); 7386 XFCLOSE(file); 7387 return WOLFSSL_BAD_FILE; 7388 } 7389 7390 if (sz > (long)sizeof(staticBuffer)) { 7391 WOLFSSL_MSG("Getting dynamic buffer"); 7392 myBuffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE); 7393 if (myBuffer == NULL) { 7394 XFCLOSE(file); 7395 return WOLFSSL_BAD_FILE; 7396 } 7397 dynamic = 1; 7398 } 7399 7400 if ((size_t)XFREAD(myBuffer, 1, sz, file) != (size_t)sz) 7401 ret = WOLFSSL_BAD_FILE; 7402 else { 7403 if (ssl) 7404 ret = wolfSSL_SetTmpDH_buffer(ssl, myBuffer, sz, format); 7405 else 7406 ret = wolfSSL_CTX_SetTmpDH_buffer(ctx, myBuffer, sz, format); 7407 } 7408 7409 XFCLOSE(file); 7410 if (dynamic) 7411 XFREE(myBuffer, ctx->heap, DYNAMIC_TYPE_FILE); 7412 7413 return ret; 7414 } 7415 7416 /* server Diffie-Hellman parameters */ 7417 int wolfSSL_SetTmpDH_file(WOLFSSL* ssl, const char* fname, int format) 7418 { 7419 if (ssl == NULL) 7420 return BAD_FUNC_ARG; 7421 7422 return wolfSSL_SetTmpDH_file_wrapper(ssl->ctx, ssl, fname, format); 7423 } 7424 7425 7426 /* server Diffie-Hellman parameters */ 7427 int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX* ctx, const char* fname, int format) 7428 { 7429 return wolfSSL_SetTmpDH_file_wrapper(ctx, NULL, fname, format); 7430 } 7431 7432 #endif /* NO_DH */ 7433 7434 #endif /* NO_FILESYSTEM */ 6781 7435 6782 7436 #ifndef NO_CHECK_PRIVATE_KEY … … 6799 7453 WOLFSSL_ENTER("wolfSSL_CTX_check_private_key"); 6800 7454 6801 if (ctx == NULL ) {7455 if (ctx == NULL || ctx->certificate == NULL) { 6802 7456 return WOLFSSL_FAILURE; 6803 7457 } … … 6823 7477 size = ctx->privateKey->length; 6824 7478 buff = ctx->privateKey->buffer; 6825 ret = wc_CheckPrivateKey(buff, size, der); 7479 #ifdef WOLF_CRYPTO_CB 7480 if (ctx->privateKeyDevId != INVALID_DEVID) { 7481 int type = 0; 7482 void *pkey = NULL; 7483 7484 if (der->keyOID == RSAk) { 7485 type = DYNAMIC_TYPE_RSA; 7486 } 7487 else if (der->keyOID == ECDSAk) { 7488 type = DYNAMIC_TYPE_ECC; 7489 } 7490 ret = CreateDevPrivateKey(&pkey, buff, size, type, ctx->privateKeyLabel, 7491 ctx->privateKeyId, ctx->heap, 7492 ctx->privateKeyDevId); 7493 if (ret == 0 && der->keyOID == RSAk) { 7494 ret = wc_CryptoCb_RsaCheckPrivKey((RsaKey*)pkey, der->publicKey, 7495 der->pubKeySize); 7496 wc_FreeRsaKey((RsaKey*)pkey); 7497 } 7498 else if (ret == 0 && der->keyOID == ECDSAk) { 7499 ret = wc_CryptoCb_EccCheckPrivKey((ecc_key*)pkey, der->publicKey, 7500 der->pubKeySize); 7501 wc_ecc_free((ecc_key*)pkey); 7502 } 7503 if (pkey != NULL) { 7504 XFREE(pkey, ctx->heap, type); 7505 } 7506 if (ret == 0) { 7507 ret = WOLFSSL_SUCCESS; 7508 } 7509 else { 7510 ret = WOLFSSL_FAILURE; 7511 } 7512 } 7513 else 7514 #endif 7515 { 7516 ret = wc_CheckPrivateKeyCert(buff, size, der); 7517 if (ret == 1) { 7518 ret = WOLFSSL_SUCCESS; 7519 } 7520 else { 7521 ret = WOLFSSL_FAILURE; 7522 } 7523 } 6826 7524 FreeDecodedCert(der); 6827 7525 #ifdef WOLFSSL_SMALL_STACK … … 6829 7527 #endif 6830 7528 6831 if (ret == 1) { 6832 return WOLFSSL_SUCCESS; 6833 } 6834 else { 6835 return WOLFSSL_FAILURE; 6836 } 7529 return ret; 6837 7530 #else 6838 7531 WOLFSSL_MSG("NO_CERTS is defined, can not check private key"); … … 6842 7535 #endif /* !NO_CHECK_PRIVATE_KEY */ 6843 7536 6844 6845 #ifdef HAVE_CRL6846 6847 /* check CRL if enabled, WOLFSSL_SUCCESS */6848 int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)6849 {6850 int ret = 0;6851 #ifdef WOLFSSL_SMALL_STACK6852 DecodedCert* cert = NULL;6853 #else6854 DecodedCert cert[1];6855 #endif6856 6857 WOLFSSL_ENTER("wolfSSL_CertManagerCheckCRL");6858 6859 if (cm == NULL)6860 return BAD_FUNC_ARG;6861 6862 if (cm->crlEnabled == 0)6863 return WOLFSSL_SUCCESS;6864 6865 #ifdef WOLFSSL_SMALL_STACK6866 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT);6867 if (cert == NULL)6868 return MEMORY_E;6869 #endif6870 6871 InitDecodedCert(cert, der, sz, NULL);6872 6873 if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_CRL, cm)) != 0) {6874 WOLFSSL_MSG("ParseCert failed");6875 }6876 else if ((ret = CheckCertCRL(cm->crl, cert)) != 0) {6877 WOLFSSL_MSG("CheckCertCRL failed");6878 }6879 6880 FreeDecodedCert(cert);6881 #ifdef WOLFSSL_SMALL_STACK6882 XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);6883 #endif6884 6885 return ret == 0 ? WOLFSSL_SUCCESS : ret;6886 }6887 6888 6889 int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm, CbMissingCRL cb)6890 {6891 WOLFSSL_ENTER("wolfSSL_CertManagerSetCRL_Cb");6892 if (cm == NULL)6893 return BAD_FUNC_ARG;6894 6895 cm->cbMissingCRL = cb;6896 6897 return WOLFSSL_SUCCESS;6898 }6899 6900 #ifdef HAVE_CRL_IO6901 int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm, CbCrlIO cb)6902 {6903 if (cm == NULL)6904 return BAD_FUNC_ARG;6905 6906 cm->crl->crlIOCb = cb;6907 6908 return WOLFSSL_SUCCESS;6909 }6910 #endif6911 6912 int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path,6913 int type, int monitor)6914 {6915 WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRL");6916 if (cm == NULL)6917 return BAD_FUNC_ARG;6918 6919 if (cm->crl == NULL) {6920 if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) {6921 WOLFSSL_MSG("Enable CRL failed");6922 return WOLFSSL_FATAL_ERROR;6923 }6924 }6925 6926 return LoadCRL(cm->crl, path, type, monitor);6927 }6928 6929 int wolfSSL_EnableCRL(WOLFSSL* ssl, int options)6930 {6931 WOLFSSL_ENTER("wolfSSL_EnableCRL");6932 if (ssl)6933 return wolfSSL_CertManagerEnableCRL(ssl->ctx->cm, options);6934 else6935 return BAD_FUNC_ARG;6936 }6937 6938 6939 int wolfSSL_DisableCRL(WOLFSSL* ssl)6940 {6941 WOLFSSL_ENTER("wolfSSL_DisableCRL");6942 if (ssl)6943 return wolfSSL_CertManagerDisableCRL(ssl->ctx->cm);6944 else6945 return BAD_FUNC_ARG;6946 }6947 6948 int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor)6949 {6950 WOLFSSL_ENTER("wolfSSL_LoadCRL");6951 if (ssl)6952 return wolfSSL_CertManagerLoadCRL(ssl->ctx->cm, path, type, monitor);6953 else6954 return BAD_FUNC_ARG;6955 }6956 6957 6958 int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb)6959 {6960 WOLFSSL_ENTER("wolfSSL_SetCRL_Cb");6961 if (ssl)6962 return wolfSSL_CertManagerSetCRL_Cb(ssl->ctx->cm, cb);6963 else6964 return BAD_FUNC_ARG;6965 }6966 6967 #ifdef HAVE_CRL_IO6968 int wolfSSL_SetCRL_IOCb(WOLFSSL* ssl, CbCrlIO cb)6969 {6970 WOLFSSL_ENTER("wolfSSL_SetCRL_Cb");6971 if (ssl)6972 return wolfSSL_CertManagerSetCRL_IOCb(ssl->ctx->cm, cb);6973 else6974 return BAD_FUNC_ARG;6975 }6976 #endif6977 6978 int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options)6979 {6980 WOLFSSL_ENTER("wolfSSL_CTX_EnableCRL");6981 if (ctx)6982 return wolfSSL_CertManagerEnableCRL(ctx->cm, options);6983 else6984 return BAD_FUNC_ARG;6985 }6986 6987 6988 int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx)6989 {6990 WOLFSSL_ENTER("wolfSSL_CTX_DisableCRL");6991 if (ctx)6992 return wolfSSL_CertManagerDisableCRL(ctx->cm);6993 else6994 return BAD_FUNC_ARG;6995 }6996 6997 6998 int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path,6999 int type, int monitor)7000 {7001 WOLFSSL_ENTER("wolfSSL_CTX_LoadCRL");7002 if (ctx)7003 return wolfSSL_CertManagerLoadCRL(ctx->cm, path, type, monitor);7004 else7005 return BAD_FUNC_ARG;7006 }7007 7008 7009 int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb)7010 {7011 WOLFSSL_ENTER("wolfSSL_CTX_SetCRL_Cb");7012 if (ctx)7013 return wolfSSL_CertManagerSetCRL_Cb(ctx->cm, cb);7014 else7015 return BAD_FUNC_ARG;7016 }7017 7018 #ifdef HAVE_CRL_IO7019 int wolfSSL_CTX_SetCRL_IOCb(WOLFSSL_CTX* ctx, CbCrlIO cb)7020 {7021 WOLFSSL_ENTER("wolfSSL_CTX_SetCRL_IOCb");7022 if (ctx)7023 return wolfSSL_CertManagerSetCRL_IOCb(ctx->cm, cb);7024 else7025 return BAD_FUNC_ARG;7026 }7027 #endif7028 7029 7030 #endif /* HAVE_CRL */7031 7032 7033 #ifdef WOLFSSL_DER_LOAD7034 7035 /* Add format parameter to allow DER load of CA files */7036 int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,7037 int format)7038 {7039 WOLFSSL_ENTER("wolfSSL_CTX_der_load_verify_locations");7040 if (ctx == NULL || file == NULL)7041 return WOLFSSL_FAILURE;7042 7043 if (ProcessFile(ctx, file, format, CA_TYPE, NULL, 0, NULL,7044 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) {7045 return WOLFSSL_SUCCESS;7046 }7047 7048 return WOLFSSL_FAILURE;7049 }7050 7051 #endif /* WOLFSSL_DER_LOAD */7052 7053 7054 7055 WOLFSSL_ABI7056 int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX* ctx, const char* file,7057 int format)7058 {7059 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_file");7060 7061 if (ProcessFile(ctx, file, format, CERT_TYPE, NULL, 0, NULL,7062 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) {7063 return WOLFSSL_SUCCESS;7064 }7065 7066 return WOLFSSL_FAILURE;7067 }7068 7069 7070 WOLFSSL_ABI7071 int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file,7072 int format)7073 {7074 WOLFSSL_ENTER("wolfSSL_CTX_use_PrivateKey_file");7075 7076 if (ProcessFile(ctx, file, format, PRIVATEKEY_TYPE, NULL, 0, NULL,7077 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) {7078 return WOLFSSL_SUCCESS;7079 }7080 7081 return WOLFSSL_FAILURE;7082 }7083 7084 7085 /* Sets the max chain depth when verifying a certificate chain. Default depth7086 * is set to MAX_CHAIN_DEPTH.7087 *7088 * ctx WOLFSSL_CTX structure to set depth in7089 * depth max depth7090 */7091 void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx, int depth) {7092 WOLFSSL_ENTER("wolfSSL_CTX_set_verify_depth");7093 7094 if (ctx == NULL || depth < 0 || depth > MAX_CHAIN_DEPTH) {7095 WOLFSSL_MSG("Bad depth argument, too large or less than 0");7096 return;7097 }7098 7099 ctx->verifyDepth = (byte)depth;7100 }7101 7102 7103 /* get cert chaining depth using ssl struct */7104 long wolfSSL_get_verify_depth(WOLFSSL* ssl)7105 {7106 if(ssl == NULL) {7107 return BAD_FUNC_ARG;7108 }7109 #ifndef OPENSSL_EXTRA7110 return MAX_CHAIN_DEPTH;7111 #else7112 return ssl->options.verifyDepth;7113 #endif7114 }7115 7116 7117 /* get cert chaining depth using ctx struct */7118 long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx)7119 {7120 if (ctx == NULL) {7121 return BAD_FUNC_ARG;7122 }7123 #ifndef OPENSSL_EXTRA7124 return MAX_CHAIN_DEPTH;7125 #else7126 return ctx->verifyDepth;7127 #endif7128 }7129 7130 7131 WOLFSSL_ABI7132 int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX* ctx, const char* file)7133 {7134 /* process up to MAX_CHAIN_DEPTH plus subject cert */7135 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_chain_file");7136 7137 if (ProcessFile(ctx, file, WOLFSSL_FILETYPE_PEM, CERT_TYPE, NULL, 1, NULL,7138 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) {7139 return WOLFSSL_SUCCESS;7140 }7141 7142 return WOLFSSL_FAILURE;7143 }7144 7145 7146 int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX* ctx,7147 const char* file, int format)7148 {7149 /* process up to MAX_CHAIN_DEPTH plus subject cert */7150 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_chain_file_format");7151 7152 if (ProcessFile(ctx, file, format, CERT_TYPE, NULL, 1, NULL,7153 GET_VERIFY_SETTING_CTX(ctx)) == WOLFSSL_SUCCESS) {7154 return WOLFSSL_SUCCESS;7155 }7156 7157 return WOLFSSL_FAILURE;7158 }7159 7160 7161 #ifndef NO_DH7162 7163 /* server Diffie-Hellman parameters */7164 static int wolfSSL_SetTmpDH_file_wrapper(WOLFSSL_CTX* ctx, WOLFSSL* ssl,7165 const char* fname, int format)7166 {7167 #ifdef WOLFSSL_SMALL_STACK7168 byte staticBuffer[1]; /* force heap usage */7169 #else7170 byte staticBuffer[FILE_BUFFER_SIZE];7171 #endif7172 byte* myBuffer = staticBuffer;7173 int dynamic = 0;7174 int ret;7175 long sz = 0;7176 XFILE file;7177 7178 if (ctx == NULL || fname == NULL)7179 return BAD_FUNC_ARG;7180 7181 file = XFOPEN(fname, "rb");7182 if (file == XBADFILE) return WOLFSSL_BAD_FILE;7183 if(XFSEEK(file, 0, XSEEK_END) != 0) {7184 XFCLOSE(file);7185 return WOLFSSL_BAD_FILE;7186 }7187 sz = XFTELL(file);7188 XREWIND(file);7189 7190 if (sz > MAX_WOLFSSL_FILE_SIZE || sz <= 0) {7191 WOLFSSL_MSG("SetTmpDH file size error");7192 XFCLOSE(file);7193 return WOLFSSL_BAD_FILE;7194 }7195 7196 if (sz > (long)sizeof(staticBuffer)) {7197 WOLFSSL_MSG("Getting dynamic buffer");7198 myBuffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE);7199 if (myBuffer == NULL) {7200 XFCLOSE(file);7201 return WOLFSSL_BAD_FILE;7202 }7203 dynamic = 1;7204 }7205 7206 if ( (ret = (int)XFREAD(myBuffer, 1, sz, file)) != sz)7207 ret = WOLFSSL_BAD_FILE;7208 else {7209 if (ssl)7210 ret = wolfSSL_SetTmpDH_buffer(ssl, myBuffer, sz, format);7211 else7212 ret = wolfSSL_CTX_SetTmpDH_buffer(ctx, myBuffer, sz, format);7213 }7214 7215 XFCLOSE(file);7216 if (dynamic)7217 XFREE(myBuffer, ctx->heap, DYNAMIC_TYPE_FILE);7218 7219 return ret;7220 }7221 7222 /* server Diffie-Hellman parameters */7223 int wolfSSL_SetTmpDH_file(WOLFSSL* ssl, const char* fname, int format)7224 {7225 if (ssl == NULL)7226 return BAD_FUNC_ARG;7227 7228 return wolfSSL_SetTmpDH_file_wrapper(ssl->ctx, ssl, fname, format);7229 }7230 7231 7232 /* server Diffie-Hellman parameters */7233 int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX* ctx, const char* fname, int format)7234 {7235 return wolfSSL_SetTmpDH_file_wrapper(ctx, NULL, fname, format);7236 }7237 7238 #endif /* NO_DH */7239 7240 #endif /* NO_FILESYSTEM */7241 7242 7537 #ifdef OPENSSL_EXTRA 7538 7539 #ifndef NO_BIO 7243 7540 /* put SSL type in extra for now, not very common */ 7244 7541 … … 7327 7624 (void)out; 7328 7625 7329 memSz = wolfSSL_BIO_ pending(bio);7626 memSz = wolfSSL_BIO_get_len(bio); 7330 7627 if (memSz <= 0) { 7331 7628 return NULL; … … 7347 7644 return pkey; 7348 7645 } 7646 7647 #endif /* !NO_BIO */ 7349 7648 7350 7649 … … 7414 7713 return pkey; 7415 7714 } 7715 else { 7716 WOLFSSL_MSG("RSA wolfSSL_EVP_PKEY_new error"); 7717 } 7416 7718 } 7417 7719 wc_FreeRsaKey(&rsa); … … 7458 7760 return pkey; 7459 7761 } 7762 else { 7763 WOLFSSL_MSG("ECC wolfSSL_EVP_PKEY_new error"); 7764 } 7460 7765 } 7461 7766 wc_ecc_free(&ecc); … … 7505 7810 return pkey; 7506 7811 } 7812 else { 7813 WOLFSSL_MSG("DSA wolfSSL_EVP_PKEY_new error"); 7814 } 7507 7815 } 7508 7816 wc_FreeDsaKey(&dsa); … … 7511 7819 7512 7820 #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) 7821 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \ 7822 (HAVE_FIPS_VERSION > 2)) 7513 7823 { 7514 7824 DhKey dh; … … 7551 7861 return pkey; 7552 7862 } 7863 else { 7864 WOLFSSL_MSG("DH wolfSSL_EVP_PKEY_new error"); 7865 } 7553 7866 } 7554 7867 wc_FreeDhKey(&dh); 7555 7868 } 7869 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 7556 7870 #endif /* !NO_DH && (WOLFSSL_QT || OPENSSL_ALL) */ 7557 7871 7872 if (pkey == NULL) { 7873 WOLFSSL_MSG("wolfSSL_d2i_PUBKEY couldn't determine key type"); 7874 } 7875 7558 7876 return pkey; 7877 } 7878 7879 /* helper function to get raw pointer to DER buffer from WOLFSSL_EVP_PKEY */ 7880 static int wolfSSL_EVP_PKEY_get_der(const WOLFSSL_EVP_PKEY* key, unsigned char** der) 7881 { 7882 unsigned char* pt; 7883 int sz; 7884 7885 if (!key || !key->pkey_sz) 7886 return WOLFSSL_FATAL_ERROR; 7887 7888 sz = key->pkey_sz; 7889 if (der) { 7890 pt = (unsigned char*)key->pkey.ptr; 7891 if (*der) { 7892 /* since this function signature has no size value passed in it is 7893 * assumed that the user has allocated a large enough buffer */ 7894 XMEMCPY(*der, pt, sz); 7895 *der += sz; 7896 } 7897 else { 7898 *der = (unsigned char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_OPENSSL); 7899 if (*der == NULL) { 7900 return WOLFSSL_FATAL_ERROR; 7901 } 7902 XMEMCPY(*der, pt, sz); 7903 } 7904 } 7905 return sz; 7906 } 7907 7908 int wolfSSL_i2d_PUBKEY(const WOLFSSL_EVP_PKEY *key, unsigned char **der) 7909 { 7910 return wolfSSL_EVP_PKEY_get_der(key, der); 7559 7911 } 7560 7912 … … 7638 7990 if (wolfSSL_RSA_LoadDer_ex(local->rsa, 7639 7991 (const unsigned char*)local->pkey.ptr, local->pkey_sz, 7640 WOLFSSL_RSA_LOAD_PRIVATE) != SSL_SUCCESS) {7992 WOLFSSL_RSA_LOAD_PRIVATE) != WOLFSSL_SUCCESS) { 7641 7993 wolfSSL_EVP_PKEY_free(local); 7642 7994 return NULL; … … 7654 8006 if (wolfSSL_EC_KEY_LoadDer(local->ecc, 7655 8007 (const unsigned char*)local->pkey.ptr, local->pkey_sz) 7656 != SSL_SUCCESS) {8008 != WOLFSSL_SUCCESS) { 7657 8009 wolfSSL_EVP_PKEY_free(local); 7658 8010 return NULL; … … 7660 8012 break; 7661 8013 #endif /* HAVE_ECC */ 7662 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) 8014 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) 7663 8015 #ifndef NO_DSA 7664 8016 case EVP_PKEY_DSA: … … 7671 8023 if (wolfSSL_DSA_LoadDer(local->dsa, 7672 8024 (const unsigned char*)local->pkey.ptr, local->pkey_sz) 7673 != SSL_SUCCESS) {8025 != WOLFSSL_SUCCESS) { 7674 8026 wolfSSL_EVP_PKEY_free(local); 7675 8027 return NULL; … … 7678 8030 #endif /* NO_DSA */ 7679 8031 #ifndef NO_DH 8032 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) 7680 8033 case EVP_PKEY_DH: 7681 8034 local->ownDh = 1; … … 7687 8040 if (wolfSSL_DH_LoadDer(local->dh, 7688 8041 (const unsigned char*)local->pkey.ptr, local->pkey_sz) 7689 != SSL_SUCCESS) {8042 != WOLFSSL_SUCCESS) { 7690 8043 wolfSSL_EVP_PKEY_free(local); 7691 8044 return NULL; 7692 8045 } 7693 8046 break; 8047 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 7694 8048 #endif /* HAVE_DH */ 7695 #endif /* WOLFSSL_QT || OPENSSL_ALL */8049 #endif /* WOLFSSL_QT || OPENSSL_ALL || WOLFSSL_OPENSSH */ 7696 8050 default: 7697 8051 WOLFSSL_MSG("Unsupported key type"); … … 7745 8099 size = ssl->buffers.key->length; 7746 8100 buff = ssl->buffers.key->buffer; 7747 ret = wc_CheckPrivateKey(buff, size, &der); 8101 #ifdef WOLF_CRYPTO_CB 8102 if (ssl->buffers.keyDevId != INVALID_DEVID) { 8103 int type = 0; 8104 void *pkey = NULL; 8105 8106 if (der.keyOID == RSAk) { 8107 type = DYNAMIC_TYPE_RSA; 8108 } 8109 else if (der.keyOID == ECDSAk) { 8110 type = DYNAMIC_TYPE_ECC; 8111 } 8112 ret = CreateDevPrivateKey(&pkey, buff, size, type, 8113 ssl->buffers.keyLabel, 8114 ssl->buffers.keyId, ssl->heap, 8115 ssl->buffers.keyDevId); 8116 if (ret == 0 && der.keyOID == RSAk) { 8117 ret = wc_CryptoCb_RsaCheckPrivKey((RsaKey*)pkey, der.publicKey, 8118 der.pubKeySize); 8119 if (ret == 0) 8120 ret = 1; 8121 wc_FreeRsaKey((RsaKey*)pkey); 8122 } 8123 else if (ret == 0 && der.keyOID == ECDSAk) { 8124 ret = wc_CryptoCb_EccCheckPrivKey((ecc_key*)pkey, der.publicKey, 8125 der.pubKeySize); 8126 if (ret == 0) 8127 ret = 1; 8128 wc_ecc_free((ecc_key*)pkey); 8129 } 8130 if (pkey != NULL) { 8131 XFREE(pkey, ssl->heap, type); 8132 } 8133 } 8134 else 8135 #endif 8136 ret = wc_CheckPrivateKeyCert(buff, size, &der); 7748 8137 FreeDecodedCert(&der); 7749 8138 return ret; … … 7776 8165 InitDecodedCert(&cert, rawCert, (word32)outSz, 0); 7777 8166 7778 if (ParseCert(&cert, CA_TYPE, NO_VERIFY, NULL) < 0) { 8167 if (ParseCert(&cert, 8168 #ifdef WOLFSSL_CERT_REQ 8169 passedCert->isCSR ? CERTREQ_TYPE : 8170 #endif 8171 CA_TYPE, 8172 NO_VERIFY, NULL) < 0) { 7779 8173 WOLFSSL_MSG("\tCertificate parsing failed"); 7780 8174 return WOLFSSL_FAILURE; … … 7790 8184 } 7791 8185 7792 if (input[idx++] != ASN_EXTENSIONS) { 7793 WOLFSSL_MSG("\tfail: should be an EXTENSIONS"); 7794 FreeDecodedCert(&cert); 7795 return WOLFSSL_FAILURE; 7796 } 7797 7798 if (GetLength(input, &idx, &length, sz) < 0) { 7799 WOLFSSL_MSG("\tfail: invalid length"); 7800 FreeDecodedCert(&cert); 7801 return WOLFSSL_FAILURE; 8186 #ifdef WOLFSSL_CERT_REQ 8187 if (!passedCert->isCSR) 8188 #endif 8189 { 8190 if (input[idx++] != ASN_EXTENSIONS) { 8191 WOLFSSL_MSG("\tfail: should be an EXTENSIONS"); 8192 FreeDecodedCert(&cert); 8193 return WOLFSSL_FAILURE; 8194 } 8195 8196 if (GetLength(input, &idx, &length, sz) < 0) { 8197 WOLFSSL_MSG("\tfail: invalid length"); 8198 FreeDecodedCert(&cert); 8199 return WOLFSSL_FAILURE; 8200 } 7802 8201 } 7803 8202 … … 7824 8223 WOLFSSL_X509_EXTENSION* wolfSSL_X509_EXTENSION_new(void) 7825 8224 { 8225 WOLFSSL_X509_EXTENSION* newExt; 8226 7826 8227 WOLFSSL_ENTER("wolfSSL_X509_EXTENSION_new"); 7827 8228 7828 WOLFSSL_X509_EXTENSION* newExt;7829 8229 newExt = (WOLFSSL_X509_EXTENSION*)XMALLOC(sizeof(WOLFSSL_X509_EXTENSION), 7830 8230 NULL, DYNAMIC_TYPE_X509_EXT); … … 7965 8365 7966 8366 return WOLFSSL_SUCCESS; 8367 } 8368 8369 static WOLFSSL_STACK* generateExtStack(const WOLFSSL_X509 *x) 8370 { 8371 int numOfExt, i; 8372 WOLFSSL_X509 *x509 = (WOLFSSL_X509*)x; 8373 WOLFSSL_STACK* ret; 8374 WOLFSSL_STACK* tmp; 8375 8376 if (!x509) { 8377 WOLFSSL_MSG("Bad parameter"); 8378 return NULL; 8379 } 8380 8381 /* Save x509->ext_sk */ 8382 tmp = x509->ext_sk; 8383 x509->ext_sk = NULL; 8384 numOfExt = wolfSSL_X509_get_ext_count(x509); 8385 8386 for (i = 0; i < numOfExt; i++) { 8387 /* Build the extension stack */ 8388 (void)wolfSSL_X509_set_ext(x509, i); 8389 } 8390 8391 /* Restore */ 8392 ret = x509->ext_sk; 8393 x509->ext_sk = tmp; 8394 return ret; 8395 } 8396 8397 /** 8398 * @param x Certificate to extract extensions from 8399 * @return STACK_OF(X509_EXTENSION)* 8400 */ 8401 const WOLFSSL_STACK *wolfSSL_X509_get0_extensions(const WOLFSSL_X509 *x) 8402 { 8403 int numOfExt; 8404 WOLFSSL_X509 *x509 = (WOLFSSL_X509*)x; 8405 WOLFSSL_ENTER("wolfSSL_X509_get0_extensions"); 8406 8407 if (!x509) { 8408 WOLFSSL_MSG("Bad parameter"); 8409 return NULL; 8410 } 8411 8412 numOfExt = wolfSSL_X509_get_ext_count(x509); 8413 8414 if (numOfExt != wolfSSL_sk_num(x509->ext_sk_full)) { 8415 wolfSSL_sk_free(x509->ext_sk_full); 8416 x509->ext_sk_full = generateExtStack(x); 8417 } 8418 8419 return x509->ext_sk_full; 8420 } 8421 8422 /** 8423 * Caller is responsible for freeing the returned stack. 8424 */ 8425 const WOLFSSL_STACK *wolfSSL_X509_REQ_get_extensions(const WOLFSSL_X509 *x) 8426 { 8427 return generateExtStack(x); 7967 8428 } 7968 8429 … … 7991 8452 ext = wolfSSL_X509_set_ext((WOLFSSL_X509*) x509, loc); 7992 8453 return ext; 8454 } 8455 8456 int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x, 8457 const WOLFSSL_ASN1_OBJECT *obj, int lastpos) 8458 { 8459 const WOLF_STACK_OF(WOLFSSL_X509_EXTENSION) *sk; 8460 8461 if (!x || !obj) { 8462 WOLFSSL_MSG("Bad parameter"); 8463 return -1; 8464 } 8465 8466 sk = wolfSSL_X509_get0_extensions(x); 8467 if (!sk) { 8468 WOLFSSL_MSG("No extensions"); 8469 return -1; 8470 } 8471 lastpos++; 8472 if (lastpos < 0) 8473 lastpos = 0; 8474 for (; lastpos < wolfSSL_sk_num(sk); lastpos++) 8475 if (wolfSSL_OBJ_cmp((WOLFSSL_ASN1_OBJECT*)wolfSSL_sk_value(sk, 8476 lastpos), obj) == 0) 8477 return lastpos; 8478 return -1; 7993 8479 } 7994 8480 … … 8037 8523 InitDecodedCert( &cert, rawCert, (word32)outSz, 0); 8038 8524 8039 if (ParseCert(&cert, CA_TYPE, NO_VERIFY, NULL) < 0) { 8525 if (ParseCert(&cert, 8526 #ifdef WOLFSSL_CERT_REQ 8527 x509->isCSR ? CERTREQ_TYPE : 8528 #endif 8529 CA_TYPE, 8530 NO_VERIFY, NULL) < 0) { 8040 8531 WOLFSSL_MSG("\tCertificate parsing failed"); 8041 8532 wolfSSL_X509_EXTENSION_free(ext); … … 8053 8544 } 8054 8545 8055 if (input[idx++] != ASN_EXTENSIONS) { 8056 WOLFSSL_MSG("\tfail: should be an EXTENSIONS"); 8057 wolfSSL_X509_EXTENSION_free(ext); 8058 FreeDecodedCert(&cert); 8059 return NULL; 8060 } 8061 8062 if (GetLength(input, &idx, &length, sz) < 0) { 8063 WOLFSSL_MSG("\tfail: invalid length"); 8064 wolfSSL_X509_EXTENSION_free(ext); 8065 FreeDecodedCert(&cert); 8066 return NULL; 8546 #ifdef WOLFSSL_CERT_REQ 8547 if (!x509->isCSR) 8548 #endif 8549 { 8550 if (input[idx++] != ASN_EXTENSIONS) { 8551 WOLFSSL_MSG("\tfail: should be an EXTENSIONS"); 8552 wolfSSL_X509_EXTENSION_free(ext); 8553 FreeDecodedCert(&cert); 8554 return NULL; 8555 } 8556 8557 if (GetLength(input, &idx, &length, sz) < 0) { 8558 WOLFSSL_MSG("\tfail: invalid length"); 8559 wolfSSL_X509_EXTENSION_free(ext); 8560 FreeDecodedCert(&cert); 8561 return NULL; 8562 } 8067 8563 } 8068 8564 … … 8281 8777 break; 8282 8778 8283 sk = (WOLF _STACK_OF(WOLFSSL_GENERAL_NAME)*)XMALLOC(8284 sizeof(WOLF _STACK_OF(WOLFSSL_GENERAL_NAME)), NULL,8285 8779 sk = (WOLFSSL_GENERAL_NAMES*)XMALLOC( 8780 sizeof(WOLFSSL_GENERAL_NAMES), NULL, 8781 DYNAMIC_TYPE_ASN1); 8286 8782 if (sk == NULL) { 8287 8783 return NULL; 8288 8784 } 8289 XMEMSET(sk, 0, sizeof(WOLF _STACK_OF(WOLFSSL_GENERAL_NAME)));8785 XMEMSET(sk, 0, sizeof(WOLFSSL_GENERAL_NAMES)); 8290 8786 sk->type = STACK_TYPE_GEN_NAME; 8291 8787 … … 8374 8870 wolfSSL_X509_EXTENSION_free(ext); 8375 8871 FreeDecodedCert(&cert); 8872 XFREE(oidBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 8376 8873 return NULL; 8377 8874 } … … 8433 8930 } 8434 8931 8932 /** 8933 * @param str String to copy 8934 * @param buf Output buffer. If this contains a pointer then it is free'd 8935 * with the DYNAMIC_TYPE_X509_EXT hint. 8936 * @param len Output length 8937 * @return WOLFSSL_SUCCESS on sucess and WOLFSSL_FAILURE on error 8938 */ 8939 static int asn1_string_copy_to_buffer(WOLFSSL_ASN1_STRING* str, byte** buf, 8940 word32* len, void* heap) { 8941 if (!str || !buf || !len) { 8942 return WOLFSSL_FAILURE; 8943 } 8944 if (str->data && str->length > 0) { 8945 if (*buf) 8946 XFREE(*buf, heap, DYNAMIC_TYPE_X509_EXT); 8947 *len = 0; 8948 *buf = (byte*)XMALLOC(str->length, heap, 8949 DYNAMIC_TYPE_X509_EXT); 8950 if (!*buf) { 8951 WOLFSSL_MSG("malloc error"); 8952 return WOLFSSL_FAILURE; 8953 } 8954 *len = str->length; 8955 XMEMCPY(*buf, str->data, str->length); 8956 } 8957 8958 (void)heap; 8959 return WOLFSSL_SUCCESS; 8960 } 8961 8962 int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int loc) 8963 { 8964 WOLFSSL_ENTER("wolfSSL_X509_add_ext"); 8965 8966 if (!x509 || !ext || !ext->obj || loc >= 0) { 8967 WOLFSSL_MSG("Bad parameter"); 8968 return WOLFSSL_FAILURE; 8969 } 8970 8971 switch (ext->obj->type) { 8972 case NID_authority_key_identifier: 8973 if (asn1_string_copy_to_buffer(&ext->value, &x509->authKeyId, 8974 &x509->authKeyIdSz, x509->heap) != WOLFSSL_SUCCESS) { 8975 WOLFSSL_MSG("asn1_string_copy_to_buffer error"); 8976 return WOLFSSL_FAILURE; 8977 } 8978 x509->authKeyIdCrit = ext->crit; 8979 break; 8980 case NID_subject_key_identifier: 8981 if (asn1_string_copy_to_buffer(&ext->value, &x509->subjKeyId, 8982 &x509->subjKeyIdSz, x509->heap) != WOLFSSL_SUCCESS) { 8983 WOLFSSL_MSG("asn1_string_copy_to_buffer error"); 8984 return WOLFSSL_FAILURE; 8985 } 8986 x509->subjKeyIdCrit = ext->crit; 8987 break; 8988 case NID_subject_alt_name: 8989 { 8990 WOLFSSL_GENERAL_NAMES* gns = ext->ext_sk; 8991 while (gns) { 8992 WOLFSSL_GENERAL_NAME* gn = gns->data.gn; 8993 if (!gn || !gn->d.ia5 || 8994 wolfSSL_X509_add_altname_ex(x509, gn->d.ia5->data, 8995 gn->d.ia5->length, gn->type) != WOLFSSL_SUCCESS) { 8996 WOLFSSL_MSG("Subject alternative name missing extension"); 8997 return WOLFSSL_FAILURE; 8998 } 8999 gns = gns->next; 9000 } 9001 x509->subjAltNameSet = 1; 9002 x509->subjAltNameCrit = ext->crit; 9003 break; 9004 } 9005 case NID_key_usage: 9006 if (ext && ext->value.data && 9007 ext->value.length == sizeof(word16)) { 9008 x509->keyUsage = *(word16*)ext->value.data; 9009 x509->keyUsageCrit = ext->crit; 9010 x509->keyUsageSet = 1; 9011 } 9012 break; 9013 case NID_basic_constraints: 9014 if (ext->obj) { 9015 x509->isCa = ext->obj->ca; 9016 x509->basicConstCrit = ext->crit; 9017 if (ext->obj->pathlen) 9018 x509->pathLength = ext->obj->pathlen->length; 9019 x509->basicConstSet = 1; 9020 } 9021 break; 9022 default: 9023 WOLFSSL_MSG("Unsupported extension to add"); 9024 return WOLFSSL_FAILURE; 9025 } 9026 9027 return WOLFSSL_SUCCESS; 9028 } 9029 9030 #ifndef NO_BIO 8435 9031 /* Return 0 on success and 1 on failure. Copies ext data to bio, using indent 8436 9032 * to pad the output. flag is ignored. */ … … 8443 9039 const int sz = CTC_NAME_SIZE*2; 8444 9040 int rc = WOLFSSL_FAILURE; 8445 char tmp[CTC_NAME_SIZE*2] ;9041 char tmp[CTC_NAME_SIZE*2] = {0}; 8446 9042 WOLFSSL_ENTER("wolfSSL_X509V3_EXT_print"); 8447 9043 … … 8458 9054 8459 9055 str = wolfSSL_X509_EXTENSION_get_data(ext); 8460 if ( obj== NULL) {9056 if (str == NULL) { 8461 9057 WOLFSSL_MSG("Error getting ASN1_STRING from X509_EXTENSION"); 8462 9058 return rc; … … 8537 9133 return rc; 8538 9134 } 9135 #endif /* !NO_BIO */ 9136 9137 #ifndef NO_WOLFSSL_STUB 9138 int wolfSSL_X509V3_EXT_add_nconf(WOLFSSL_CONF *conf, WOLFSSL_X509V3_CTX *ctx, 9139 const char *section, WOLFSSL_X509 *cert) 9140 { 9141 WOLFSSL_ENTER("wolfSSL_X509V3_EXT_add_nconf"); 9142 WOLFSSL_STUB("wolfSSL_X509V3_EXT_add_nconf"); 9143 (void)conf; 9144 (void)ctx; 9145 (void)section; 9146 (void)cert; 9147 return WOLFSSL_SUCCESS; 9148 } 9149 #endif 8539 9150 8540 9151 /* Returns crit flag in X509_EXTENSION object */ … … 8571 9182 return NULL; 8572 9183 } 8573 /* Initialize all methods to NULL */ 8574 method.d2i = NULL; 8575 method.i2v = NULL; 8576 method.i2s = NULL; 8577 method.i2r = NULL; 9184 /* Initialize method to 0 */ 9185 XMEMSET(&method, 0, sizeof(struct WOLFSSL_v3_ext_method)); 8578 9186 8579 9187 nid = ex->obj->nid; … … 8582 9190 return NULL; 8583 9191 } 8584 9192 XMEMSET(&method, 0, sizeof(WOLFSSL_v3_ext_method)); 8585 9193 switch (nid) { 8586 9194 case NID_basic_constraints: … … 8588 9196 case NID_subject_key_identifier: 8589 9197 method.i2s = (X509V3_EXT_I2S)wolfSSL_i2s_ASN1_STRING; 9198 break; 9199 case NID_subject_alt_name: 9200 WOLFSSL_MSG("i2v function not yet implemented for Subject Alternative Name"); 8590 9201 break; 8591 9202 case NID_key_usage: … … 8666 9277 WOLFSSL_MSG("basicConstraints"); 8667 9278 /* Allocate new BASIC_CONSTRAINTS structure */ 8668 bc = (WOLFSSL_BASIC_CONSTRAINTS*) 8669 XMALLOC(sizeof(WOLFSSL_BASIC_CONSTRAINTS), NULL, 8670 DYNAMIC_TYPE_X509_EXT); 9279 bc = wolfSSL_BASIC_CONSTRAINTS_new(); 8671 9280 if (bc == NULL) { 8672 9281 WOLFSSL_MSG("Failed to malloc basic constraints"); … … 8679 9288 if (bc->pathlen == NULL) { 8680 9289 WOLFSSL_MSG("Failed to duplicate ASN1_INTEGER"); 8681 XFREE(bc, NULL, DYNAMIC_TYPE_X509_EXT);9290 wolfSSL_BASIC_CONSTRAINTS_free(bc); 8682 9291 return NULL; 8683 9292 } … … 8932 9541 InitDecodedCert( &cert, rawCert, (word32)outSz, 0); 8933 9542 8934 if (ParseCert(&cert, CA_TYPE, NO_VERIFY, NULL) < 0) { 9543 if (ParseCert(&cert, 9544 #ifdef WOLFSSL_CERT_REQ 9545 x509->isCSR ? CERTREQ_TYPE : 9546 #endif 9547 CA_TYPE, 9548 NO_VERIFY, NULL) < 0) { 8935 9549 WOLFSSL_MSG("\tCertificate parsing failed"); 8936 9550 return WOLFSSL_FATAL_ERROR; … … 8946 9560 } 8947 9561 8948 if (input[idx++] != ASN_EXTENSIONS) { 8949 WOLFSSL_MSG("\tfail: should be an EXTENSIONS"); 8950 FreeDecodedCert(&cert); 8951 return WOLFSSL_FATAL_ERROR; 8952 } 8953 8954 if (GetLength(input, &idx, &length, sz) < 0) { 8955 WOLFSSL_MSG("\tfail: invalid length"); 8956 FreeDecodedCert(&cert); 8957 return WOLFSSL_FATAL_ERROR; 9562 #ifdef WOLFSSL_CERT_REQ 9563 if (!x509->isCSR) 9564 #endif 9565 { 9566 if (input[idx++] != ASN_EXTENSIONS) { 9567 WOLFSSL_MSG("\tfail: should be an EXTENSIONS"); 9568 FreeDecodedCert(&cert); 9569 return WOLFSSL_FATAL_ERROR; 9570 } 9571 9572 if (GetLength(input, &idx, &length, sz) < 0) { 9573 WOLFSSL_MSG("\tfail: invalid length"); 9574 FreeDecodedCert(&cert); 9575 return WOLFSSL_FATAL_ERROR; 9576 } 8958 9577 } 8959 9578 … … 9003 9622 9004 9623 #endif /* OPENSSL_ALL */ 9624 9625 #endif /* !NO_CERTS */ 9626 #endif /* OPENSSL_EXTRA */ 9627 9628 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 9005 9629 9006 9630 WOLFSSL_ASN1_BIT_STRING* wolfSSL_ASN1_BIT_STRING_new(void) … … 9059 9683 WOLFSSL_ASN1_OBJECT* obj = NULL; 9060 9684 WOLFSSL_GENERAL_NAME* gn = NULL; 9685 WOLFSSL_BASIC_CONSTRAINTS* bc = NULL; 9061 9686 9062 9687 WOLFSSL_ENTER("wolfSSL_X509_get_ext_d2i"); … … 9073 9698 case BASIC_CA_OID: 9074 9699 if (x509->basicConstSet) { 9075 obj = wolfSSL_ASN1_OBJECT_new(); 9076 if (obj == NULL) { 9077 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 9700 WOLFSSL_ASN1_INTEGER* a; 9701 9702 bc = wolfSSL_BASIC_CONSTRAINTS_new(); 9703 if (!bc) { 9704 WOLFSSL_MSG("wolfSSL_BASIC_CONSTRAINTS_new error"); 9078 9705 return NULL; 9079 9706 } 9707 9708 a = wolfSSL_ASN1_INTEGER_new(); 9709 if (!a) { 9710 WOLFSSL_MSG("wolfSSL_ASN1_INTEGER_new error"); 9711 wolfSSL_BASIC_CONSTRAINTS_free(bc); 9712 return NULL; 9713 } 9714 a->length = x509->pathLength; 9715 9716 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \ 9717 defined(WOLFSSL_APACHE_HTTPD) 9718 bc->ca = x509->isCa; 9719 #endif 9720 bc->pathlen = a; 9080 9721 if (c != NULL) { 9081 9722 *c = x509->basicConstCrit; 9082 9723 } 9083 obj->type = BASIC_CA_OID;9084 obj->grp = oidCertExtType;9085 obj->nid = nid;9086 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;9087 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \9088 defined(WOLFSSL_APACHE_HTTPD)9089 obj->ca = x509->isCa;9090 #endif9091 9724 } 9092 9725 else { 9093 9726 WOLFSSL_MSG("No Basic Constraint set"); 9094 9727 } 9095 return obj;9728 return bc; 9096 9729 9097 9730 case ALT_NAMES_OID: … … 9099 9732 DNS_entry* dns = NULL; 9100 9733 /* Malloc GENERAL_NAME stack */ 9101 sk = (WOLF _STACK_OF(WOLFSSL_GENERAL_NAME)*)XMALLOC(9102 sizeof(WOLF _STACK_OF(WOLFSSL_GENERAL_NAME)), NULL,9734 sk = (WOLFSSL_GENERAL_NAMES*)XMALLOC( 9735 sizeof(WOLFSSL_GENERAL_NAMES), NULL, 9103 9736 DYNAMIC_TYPE_ASN1); 9104 9737 if (sk == NULL) { 9105 9738 return NULL; 9106 9739 } 9107 XMEMSET(sk, 0, sizeof(WOLF _STACK_OF(WOLFSSL_GENERAL_NAME)));9740 XMEMSET(sk, 0, sizeof(WOLFSSL_GENERAL_NAMES)); 9108 9741 sk->type = STACK_TYPE_GEN_NAME; 9109 9742 … … 9140 9773 9141 9774 dns = dns->next; 9142 /* last dns in list add at end of function */ 9143 if (dns != NULL) { 9144 if (wolfSSL_sk_GENERAL_NAME_push(sk, gn) != 9145 WOLFSSL_SUCCESS) { 9146 WOLFSSL_MSG("Error pushing ASN1 object onto stack"); 9147 wolfSSL_GENERAL_NAME_free(gn); 9148 wolfSSL_sk_free(sk); 9149 sk = NULL; 9150 } 9775 if (wolfSSL_sk_GENERAL_NAME_push(sk, gn) != 9776 WOLFSSL_SUCCESS) { 9777 WOLFSSL_MSG("Error pushing ASN1 object onto stack"); 9778 wolfSSL_GENERAL_NAME_free(gn); 9779 wolfSSL_sk_free(sk); 9780 sk = NULL; 9151 9781 } 9782 /* null so that it doesn't get pushed again after switch */ 9783 gn = NULL; 9152 9784 } 9153 9785 } … … 9173 9805 obj->obj = x509->CRLInfo; 9174 9806 obj->objSz = x509->CRLInfoSz; 9175 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;9176 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA ;9177 9807 } 9178 9808 else { … … 9195 9825 obj->obj = x509->authInfo; 9196 9826 obj->objSz = x509->authInfoSz; 9197 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;9198 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;9199 9827 } 9200 9828 else { … … 9205 9833 case AUTH_KEY_OID: 9206 9834 if (x509->authKeyIdSet) { 9835 WOLFSSL_AUTHORITY_KEYID* akey = wolfSSL_AUTHORITY_KEYID_new(); 9836 if (!akey) { 9837 WOLFSSL_MSG("Issue creating WOLFSSL_AUTHORITY_KEYID struct"); 9838 return NULL; 9839 } 9840 9207 9841 if (c != NULL) { 9208 9842 *c = x509->authKeyIdCrit; … … 9211 9845 if (obj == NULL) { 9212 9846 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 9847 wolfSSL_AUTHORITY_KEYID_free(akey); 9213 9848 return NULL; 9214 9849 } … … 9217 9852 obj->obj = x509->authKeyId; 9218 9853 obj->objSz = x509->authKeyIdSz; 9219 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;9220 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;9854 akey->issuer = obj; 9855 return akey; 9221 9856 } 9222 9857 else { … … 9239 9874 obj->obj = x509->subjKeyId; 9240 9875 obj->objSz = x509->subjKeyIdSz; 9241 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;9242 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;9243 9876 } 9244 9877 else { … … 9278 9911 obj->obj = (byte*)(x509->certPolicies[i]); 9279 9912 obj->objSz = MAX_CERTPOL_SZ; 9280 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;9281 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;9282 9913 if (wolfSSL_sk_ASN1_OBJECT_push(sk, obj) 9283 9914 != WOLFSSL_SUCCESS) { … … 9298 9929 obj->obj = (byte*)(x509->certPolicies[i]); 9299 9930 obj->objSz = MAX_CERTPOL_SZ; 9300 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;9301 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;9302 9931 } 9303 9932 else { … … 9316 9945 obj->type = CERT_POLICY_OID; 9317 9946 obj->grp = oidCertExtType; 9318 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;9319 9947 } 9320 9948 else { … … 9328 9956 case KEY_USAGE_OID: 9329 9957 { 9330 WOLFSSL_ASN1_ BIT_STRING* bit_str = NULL;9958 WOLFSSL_ASN1_STRING* asn1str = NULL; 9331 9959 if (x509->keyUsageSet) { 9332 9960 if (c != NULL) { … … 9334 9962 } 9335 9963 9336 bit_str = wolfSSL_ASN1_BIT_STRING_new();9337 if ( bit_str == NULL) {9338 WOLFSSL_MSG(" Issue creating WOLFSSL_ASN1_BIT_STRING struct");9964 asn1str = wolfSSL_ASN1_STRING_new(); 9965 if (asn1str == NULL) { 9966 WOLFSSL_MSG("Failed to malloc ASN1_STRING"); 9339 9967 return NULL; 9340 9968 } 9341 9969 9342 bit_str->type = KEY_USAGE_OID; 9343 bit_str->flags = 0; 9344 bit_str->length = sizeof(word16); 9345 bit_str->data = (byte*)XMALLOC(bit_str->length, NULL, DYNAMIC_TYPE_OPENSSL); 9346 if (bit_str->data == NULL) { 9347 wolfSSL_ASN1_BIT_STRING_free(bit_str); 9970 if (wolfSSL_ASN1_STRING_set(asn1str, &x509->keyUsage, 9971 sizeof(word16)) != WOLFSSL_SUCCESS) { 9972 WOLFSSL_MSG("wolfSSL_ASN1_STRING_set error"); 9973 wolfSSL_ASN1_STRING_free(asn1str); 9348 9974 return NULL; 9349 9975 } 9350 XMEMCPY(bit_str->data, &x509->keyUsage, bit_str->length); 9976 9977 asn1str->type = KEY_USAGE_OID; 9351 9978 } 9352 9979 else { … … 9354 9981 } 9355 9982 /* don't add stack of and return bit string directly */ 9356 return bit_str;9983 return asn1str; 9357 9984 } 9358 9985 case INHIBIT_ANY_OID: … … 9379 10006 obj->obj = x509->extKeyUsageSrc; 9380 10007 obj->objSz = x509->extKeyUsageSz; 9381 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;9382 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;9383 10008 } 9384 10009 else { … … 9426 10051 } 9427 10052 } 9428 if (obj && wolfSSL_sk_ASN1_OBJECT_push(sk, obj) == WOLFSSL_SUCCESS) { 9429 /* obj pushed successfully on stack */ 9430 } 9431 else if (gn && wolfSSL_sk_GENERAL_NAME_push(sk, gn) == WOLFSSL_SUCCESS) { 9432 /* gn pushed successfully on stack */ 9433 } 9434 else { 9435 /* Nothing to push or push failed */ 9436 WOLFSSL_MSG("Error pushing ASN1_OBJECT or GENERAL_NAME object onto stack " 9437 "or nothing to push."); 9438 goto err; 9439 } 10053 if (obj) { 10054 if (wolfSSL_sk_ASN1_OBJECT_push(sk, obj) != WOLFSSL_SUCCESS) { 10055 WOLFSSL_MSG("Error pushing ASN1_OBJECT object onto " 10056 "stack."); 10057 goto err; 10058 } 10059 } 10060 else if (gn) { 10061 if (wolfSSL_sk_GENERAL_NAME_push(sk, gn) != WOLFSSL_SUCCESS) { 10062 WOLFSSL_MSG("Error pushing GENERAL_NAME object onto " 10063 "stack."); 10064 goto err; 10065 } 10066 } 10067 9440 10068 ret = sk; 9441 10069 … … 9452 10080 } 9453 10081 if (sk) { 9454 wolfSSL_sk_ ASN1_OBJECT_free(sk);10082 wolfSSL_sk_free(sk); 9455 10083 } 9456 10084 return NULL; 9457 10085 } 9458 9459 9460 int wolfSSL_X509_add_altname(WOLFSSL_X509* x509, const char* name, int type) 10086 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 10087 10088 #ifdef OPENSSL_EXTRA 10089 #ifndef NO_CERTS 10090 int wolfSSL_X509_add_altname_ex(WOLFSSL_X509* x509, const char* name, 10091 word32 nameSz, int type) 9461 10092 { 9462 10093 DNS_entry* newAltName = NULL; 9463 10094 char* nameCopy = NULL; 9464 word32 nameSz;9465 10095 9466 10096 if (x509 == NULL) 9467 10097 return WOLFSSL_FAILURE; 9468 10098 9469 if (name == NULL) 9470 return WOLFSSL_SUCCESS; 9471 9472 nameSz = (word32)XSTRLEN(name); 9473 if (nameSz == 0) 10099 if ((name == NULL) || (nameSz == 0)) 9474 10100 return WOLFSSL_SUCCESS; 9475 10101 … … 9485 10111 } 9486 10112 9487 XMEMCPY(nameCopy, name, nameSz + 1); 10113 XMEMCPY(nameCopy, name, nameSz); 10114 10115 nameCopy[nameSz] = '\0'; 9488 10116 9489 10117 newAltName->next = x509->altNames; … … 9496 10124 } 9497 10125 10126 int wolfSSL_X509_add_altname(WOLFSSL_X509* x509, const char* name, int type) 10127 { 10128 word32 nameSz; 10129 10130 if (name == NULL) 10131 return WOLFSSL_SUCCESS; 10132 10133 nameSz = (word32)XSTRLEN(name); 10134 if (nameSz == 0) 10135 return WOLFSSL_SUCCESS; 10136 10137 if (type == ASN_IP_TYPE) { 10138 WOLFSSL_MSG("Type not supported, use wolfSSL_X509_add_altname_ex"); 10139 return WOLFSSL_FAILURE; 10140 } 10141 10142 return wolfSSL_X509_add_altname_ex(x509, name, nameSz, type); 10143 } 9498 10144 9499 10145 #ifndef NO_WOLFSSL_STUB 9500 int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int loc)9501 { 9502 WOLFSSL_STUB("wolfSSL_X509_ add_ext");10146 WOLFSSL_X509_EXTENSION *wolfSSL_X509_delete_ext(WOLFSSL_X509 *x509, int loc) 10147 { 10148 WOLFSSL_STUB("wolfSSL_X509_delete_ext"); 9503 10149 (void)x509; 9504 (void)ext;9505 10150 (void)loc; 9506 return WOLFSSL_FAILURE;10151 return NULL; 9507 10152 } 9508 10153 … … 9533 10178 #endif /* !NO_WOLFSSL_STUB */ 9534 10179 10180 #if defined(OPENSSL_ALL) 10181 static void wolfSSL_X509V3_EXT_METHOD_populate(WOLFSSL_v3_ext_method *method, 10182 int nid) 10183 { 10184 if (!method) 10185 return; 10186 10187 WOLFSSL_ENTER("wolfSSL_X509V3_EXT_METHOD_populate"); 10188 switch (nid) { 10189 case NID_subject_key_identifier: 10190 method->i2s = (X509V3_EXT_I2S)wolfSSL_i2s_ASN1_STRING; 10191 FALL_THROUGH; 10192 case NID_authority_key_identifier: 10193 case NID_key_usage: 10194 case NID_certificate_policies: 10195 case NID_policy_mappings: 10196 case NID_subject_alt_name: 10197 case NID_issuer_alt_name: 10198 case NID_basic_constraints: 10199 case NID_name_constraints: 10200 case NID_policy_constraints: 10201 case NID_ext_key_usage: 10202 case NID_crl_distribution_points: 10203 case NID_inhibit_any_policy: 10204 case NID_info_access: 10205 WOLFSSL_MSG("Nothing to populate for current NID"); 10206 break; 10207 default: 10208 WOLFSSL_MSG("Unknown or unsupported NID"); 10209 break; 10210 } 10211 10212 return; 10213 } 10214 10215 /** 10216 * @param nid One of the NID_* constants defined in asn.h 10217 * @param crit 10218 * @param data This data is copied to the returned extension. 10219 * @return 10220 */ 10221 WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit, 10222 void *data) 10223 { 10224 WOLFSSL_X509_EXTENSION *ext = NULL; 10225 WOLFSSL_ASN1_STRING* asn1str = NULL; 10226 10227 WOLFSSL_ENTER("wolfSSL_X509V3_EXT_i2d"); 10228 10229 if (!data) { 10230 return NULL; 10231 } 10232 10233 if (!(ext = wolfSSL_X509_EXTENSION_new())) { 10234 return NULL; 10235 } 10236 10237 wolfSSL_X509V3_EXT_METHOD_populate(&ext->ext_method, nid); 10238 10239 switch (nid) { 10240 case NID_subject_key_identifier: 10241 /* WOLFSSL_ASN1_STRING */ 10242 case NID_key_usage: 10243 /* WOLFSSL_ASN1_STRING */ 10244 { 10245 asn1str = (WOLFSSL_ASN1_STRING*)data; 10246 ext->value = *asn1str; 10247 if (asn1str->isDynamic) { 10248 ext->value.data = (char*)XMALLOC(asn1str->length, NULL, 10249 DYNAMIC_TYPE_OPENSSL); 10250 if (!ext->value.data) { 10251 WOLFSSL_MSG("malloc failed"); 10252 /* Zero so that no existing memory is freed */ 10253 XMEMSET(&ext->value, 0, sizeof(WOLFSSL_ASN1_STRING)); 10254 goto err_cleanup; 10255 } 10256 XMEMCPY(ext->value.data, asn1str->data, asn1str->length); 10257 } 10258 else { 10259 ext->value.data = ext->value.strData; 10260 } 10261 break; 10262 } 10263 case NID_subject_alt_name: 10264 /* typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES */ 10265 case NID_issuer_alt_name: 10266 /* typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES */ 10267 case NID_ext_key_usage: 10268 /* typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE */ 10269 case NID_info_access: 10270 /* typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS */ 10271 { 10272 WOLFSSL_STACK* sk = (WOLFSSL_STACK*)data; 10273 10274 if (ext->ext_sk) { 10275 wolfSSL_sk_free(ext->ext_sk); 10276 } 10277 10278 if (!(ext->ext_sk = wolfSSL_sk_dup(sk))) { 10279 WOLFSSL_MSG("wolfSSL_sk_dup failed"); 10280 goto err_cleanup; 10281 } 10282 break; 10283 } 10284 case NID_basic_constraints: 10285 { 10286 /* WOLFSSL_BASIC_CONSTRAINTS */ 10287 WOLFSSL_BASIC_CONSTRAINTS* bc = (WOLFSSL_BASIC_CONSTRAINTS*)data; 10288 10289 if (!(ext->obj = wolfSSL_ASN1_OBJECT_new())) { 10290 WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new failed"); 10291 goto err_cleanup; 10292 } 10293 10294 ext->obj->ca = bc->ca; 10295 if (bc->pathlen) { 10296 ext->obj->pathlen = wolfSSL_ASN1_INTEGER_dup(bc->pathlen); 10297 if (!ext->obj->pathlen) { 10298 WOLFSSL_MSG("wolfSSL_ASN1_INTEGER_dup failed"); 10299 goto err_cleanup; 10300 } 10301 } 10302 break; 10303 } 10304 case NID_authority_key_identifier: 10305 { 10306 /* AUTHORITY_KEYID */ 10307 WOLFSSL_AUTHORITY_KEYID* akey = (WOLFSSL_AUTHORITY_KEYID*)data; 10308 10309 if (akey->keyid) { 10310 if (wolfSSL_ASN1_STRING_set(&ext->value, akey->keyid->data, 10311 akey->keyid->length) != WOLFSSL_SUCCESS) { 10312 WOLFSSL_MSG("wolfSSL_ASN1_STRING_set failed"); 10313 goto err_cleanup; 10314 } 10315 ext->value.type = akey->keyid->type; 10316 } 10317 else if (akey->issuer) { 10318 ext->obj = wolfSSL_ASN1_OBJECT_dup(akey->issuer); 10319 if (!ext->obj) { 10320 WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_dup failed"); 10321 goto err_cleanup; 10322 } 10323 } 10324 else { 10325 WOLFSSL_MSG("NID_authority_key_identifier empty data"); 10326 goto err_cleanup; 10327 } 10328 break; 10329 } 10330 case NID_inhibit_any_policy: 10331 /* ASN1_INTEGER */ 10332 case NID_certificate_policies: 10333 /* STACK_OF(POLICYINFO) */ 10334 case NID_policy_mappings: 10335 /* STACK_OF(POLICY_MAPPING) */ 10336 case NID_name_constraints: 10337 /* NAME_CONSTRAINTS */ 10338 case NID_policy_constraints: 10339 /* POLICY_CONSTRAINTS */ 10340 case NID_crl_distribution_points: 10341 /* typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS */ 10342 default: 10343 WOLFSSL_MSG("Unknown or unsupported NID"); 10344 break; 10345 } 10346 10347 ext->crit = crit; 10348 10349 return ext; 10350 err_cleanup: 10351 if (ext) { 10352 wolfSSL_X509_EXTENSION_free(ext); 10353 } 10354 if (asn1str) { 10355 wolfSSL_ASN1_STRING_free(asn1str); 10356 } 10357 return NULL; 10358 } 10359 9535 10360 /* Returns pointer to ASN1_OBJECT from an X509_EXTENSION object */ 9536 10361 WOLFSSL_ASN1_OBJECT* wolfSSL_X509_EXTENSION_get_object \ … … 9542 10367 return ext->obj; 9543 10368 } 10369 #endif /* OPENSSL_ALL */ 9544 10370 9545 10371 /* Returns pointer to ASN1_STRING in X509_EXTENSION object */ … … 9749 10575 #ifdef HAVE_ECC 9750 10576 9751 /* Set Temp CTX EC-DHE size in octets, should be 20 - 66 for 160 - 521 bit*/10577 /* Set Temp CTX EC-DHE size in octets, can be 14 - 66 (112 - 521 bit) */ 9752 10578 int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX* ctx, word16 sz) 9753 10579 { … … 9755 10581 return BAD_FUNC_ARG; 9756 10582 10583 /* if 0 then get from loaded private key */ 9757 10584 if (sz == 0) { 9758 10585 /* applies only to ECDSA */ … … 9778 10605 9779 10606 9780 /* Set Temp SSL EC-DHE size in octets, should be 20 - 66 for 160 - 521 bit*/10607 /* Set Temp SSL EC-DHE size in octets, can be 14 - 66 (112 - 521 bit) */ 9781 10608 int wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL* ssl, word16 sz) 9782 10609 { 9783 if (ssl == NULL || sz < ECC_MINSIZE || sz > ECC_MAXSIZE) 10610 if (ssl == NULL) 10611 return BAD_FUNC_ARG; 10612 10613 /* check size */ 10614 if (sz < ECC_MINSIZE || sz > ECC_MAXSIZE) 9784 10615 return BAD_FUNC_ARG; 9785 10616 … … 9886 10717 return; 9887 10718 9888 if (mode & WOLFSSL_VERIFY_PEER) {9889 ctx->verifyPeer = 1;9890 ctx->verifyNone = 0; /* in case previously set */9891 }10719 ctx->verifyPeer = 0; 10720 ctx->verifyNone = 0; 10721 ctx->failNoCert = 0; 10722 ctx->failNoCertxPSK = 0; 9892 10723 9893 10724 if (mode == WOLFSSL_VERIFY_NONE) { 9894 10725 ctx->verifyNone = 1; 9895 ctx->verifyPeer = 0; /* in case previously set */ 9896 } 9897 9898 if (mode & WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT) { 9899 ctx->failNoCert = 1; 9900 } 9901 9902 if (mode & WOLFSSL_VERIFY_FAIL_EXCEPT_PSK) { 9903 ctx->failNoCert = 0; /* fail on all is set to fail on PSK */ 9904 ctx->failNoCertxPSK = 1; 10726 } 10727 else { 10728 if (mode & WOLFSSL_VERIFY_PEER) { 10729 ctx->verifyPeer = 1; 10730 } 10731 if (mode & WOLFSSL_VERIFY_FAIL_EXCEPT_PSK) { 10732 ctx->failNoCertxPSK = 1; 10733 } 10734 if (mode & WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT) { 10735 ctx->failNoCert = 1; 10736 } 9905 10737 } 9906 10738 … … 9928 10760 return; 9929 10761 9930 if (mode & WOLFSSL_VERIFY_PEER) {9931 ssl->options.verifyPeer = 1;9932 ssl->options.verifyNone = 0; /* in case previously set */9933 }10762 ssl->options.verifyPeer = 0; 10763 ssl->options.verifyNone = 0; 10764 ssl->options.failNoCert = 0; 10765 ssl->options.failNoCertxPSK = 0; 9934 10766 9935 10767 if (mode == WOLFSSL_VERIFY_NONE) { 9936 10768 ssl->options.verifyNone = 1; 9937 ssl->options.verifyPeer = 0; /* in case previously set */ 9938 } 9939 9940 if (mode & WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT) 9941 ssl->options.failNoCert = 1; 9942 9943 if (mode & WOLFSSL_VERIFY_FAIL_EXCEPT_PSK) { 9944 ssl->options.failNoCert = 0; /* fail on all is set to fail on PSK */ 9945 ssl->options.failNoCertxPSK = 1; 10769 } 10770 else { 10771 if (mode & WOLFSSL_VERIFY_PEER) { 10772 ssl->options.verifyPeer = 1; 10773 } 10774 if (mode & WOLFSSL_VERIFY_FAIL_EXCEPT_PSK) { 10775 ssl->options.failNoCertxPSK = 1; 10776 } 10777 if (mode & WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT) { 10778 ssl->options.failNoCert = 1; 10779 } 9946 10780 } 9947 10781 … … 9964 10798 } 9965 10799 10800 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ 10801 defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) 10802 /* For TLS v1.3 send handshake messages after handshake completes. */ 10803 /* Returns 1=WOLFSSL_SUCCESS or 0=WOLFSSL_FAILURE */ 10804 int wolfSSL_verify_client_post_handshake(WOLFSSL* ssl) 10805 { 10806 int ret = wolfSSL_request_certificate(ssl); 10807 return (ret == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 10808 } 10809 10810 int wolfSSL_CTX_set_post_handshake_auth(WOLFSSL_CTX* ctx, int val) 10811 { 10812 int ret = wolfSSL_CTX_allow_post_handshake_auth(ctx); 10813 if (ret == 0) { 10814 ctx->postHandshakeAuth = (val != 0); 10815 } 10816 return (ret == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 10817 } 10818 int wolfSSL_set_post_handshake_auth(WOLFSSL* ssl, int val) 10819 { 10820 int ret = wolfSSL_allow_post_handshake_auth(ssl); 10821 if (ret == 0) { 10822 ssl->options.postHandshakeAuth = (val != 0); 10823 } 10824 return (ret == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 10825 } 10826 #endif /* OPENSSL_EXTRA && !NO_CERTS && WOLFSSL_TLS13 && WOLFSSL_POST_HANDSHAKE_AUTH */ 10827 9966 10828 /* store user ctx for verify callback */ 9967 10829 void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx) … … 10093 10955 if (SetSession(ssl, session) != WOLFSSL_SUCCESS) { 10094 10956 #ifdef HAVE_EXT_CACHE 10095 wolfSSL_SESSION_free(session);10957 FreeSession(session, 0); 10096 10958 #endif 10097 10959 WOLFSSL_MSG("SetSession failed"); … … 10109 10971 #ifdef HAVE_EXT_CACHE 10110 10972 else 10111 wolfSSL_SESSION_free(session);10973 FreeSession(session, 0); 10112 10974 #endif 10113 10975 … … 11065 11927 } 11066 11928 11929 #ifdef HAVE_KEYING_MATERIAL 11930 11931 #define TLS_PRF_LABEL_CLIENT_FINISHED "client finished" 11932 #define TLS_PRF_LABEL_SERVER_FINISHED "server finished" 11933 #define TLS_PRF_LABEL_MASTER_SECRET "master secret" 11934 #define TLS_PRF_LABEL_EXT_MASTER_SECRET "extended master secret" 11935 #define TLS_PRF_LABEL_KEY_EXPANSION "key expansion" 11936 11937 static const struct ForbiddenLabels { 11938 const char* label; 11939 size_t labelLen; 11940 } forbiddenLabels[] = { 11941 {TLS_PRF_LABEL_CLIENT_FINISHED, XSTR_SIZEOF(TLS_PRF_LABEL_CLIENT_FINISHED)}, 11942 {TLS_PRF_LABEL_SERVER_FINISHED, XSTR_SIZEOF(TLS_PRF_LABEL_SERVER_FINISHED)}, 11943 {TLS_PRF_LABEL_MASTER_SECRET, XSTR_SIZEOF(TLS_PRF_LABEL_MASTER_SECRET)}, 11944 {TLS_PRF_LABEL_EXT_MASTER_SECRET, XSTR_SIZEOF(TLS_PRF_LABEL_EXT_MASTER_SECRET)}, 11945 {TLS_PRF_LABEL_KEY_EXPANSION, XSTR_SIZEOF(TLS_PRF_LABEL_KEY_EXPANSION)}, 11946 {NULL, 0}, 11947 }; 11948 11949 /** 11950 * Implement RFC 5705 11951 * TLS 1.3 uses a different exporter definition (section 7.5 of RFC 8446) 11952 * @return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error 11953 */ 11954 int wolfSSL_export_keying_material(WOLFSSL *ssl, 11955 unsigned char *out, size_t outLen, 11956 const char *label, size_t labelLen, 11957 const unsigned char *context, size_t contextLen, 11958 int use_context) 11959 { 11960 byte* seed = NULL; 11961 word32 seedLen; 11962 const struct ForbiddenLabels* fl; 11963 11964 WOLFSSL_ENTER("wolfSSL_export_keying_material"); 11965 11966 if (ssl == NULL || out == NULL || label == NULL || 11967 (use_context && contextLen && context == NULL)) { 11968 WOLFSSL_MSG("Bad argument"); 11969 return WOLFSSL_FAILURE; 11970 } 11971 11972 /* clientRandom + serverRandom 11973 * OR 11974 * clientRandom + serverRandom + ctx len encoding + ctx */ 11975 seedLen = !use_context ? (word32)SEED_LEN : 11976 (word32)SEED_LEN + 2 + (word32)contextLen; 11977 11978 if (ssl->options.saveArrays == 0 || ssl->arrays == NULL) { 11979 WOLFSSL_MSG("To export keying material wolfSSL needs to keep handshake " 11980 "data. Call wolfSSL_KeepArrays before attempting to " 11981 "export keyig material."); 11982 return WOLFSSL_FAILURE; 11983 } 11984 11985 /* check forbidden labels */ 11986 for (fl = &forbiddenLabels[0]; fl->label != NULL; fl++) { 11987 if (labelLen >= fl->labelLen && 11988 XMEMCMP(label, fl->label, fl->labelLen) == 0) { 11989 WOLFSSL_MSG("Forbidden label"); 11990 return WOLFSSL_FAILURE; 11991 } 11992 } 11993 11994 #ifdef WOLFSSL_TLS13 11995 if (IsAtLeastTLSv1_3(ssl->version)) { 11996 /* Path for TLS 1.3 */ 11997 if (!use_context) { 11998 contextLen = 0; 11999 context = (byte*)""; /* Give valid pointer for 0 length memcpy */ 12000 } 12001 12002 if (Tls13_Exporter(ssl, out, (word32)outLen, label, labelLen, 12003 context, contextLen) != 0) { 12004 WOLFSSL_MSG("Tls13_Exporter error"); 12005 return WOLFSSL_FAILURE; 12006 } 12007 return WOLFSSL_SUCCESS; 12008 } 12009 #endif 12010 12011 /* Path for <=TLS 1.2 */ 12012 seed = (byte*)XMALLOC(seedLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); 12013 if (seed == NULL) { 12014 WOLFSSL_MSG("malloc error"); 12015 return WOLFSSL_FAILURE; 12016 } 12017 12018 XMEMCPY(seed, ssl->arrays->clientRandom, RAN_LEN); 12019 XMEMCPY(seed + RAN_LEN, ssl->arrays->serverRandom, RAN_LEN); 12020 12021 if (use_context) { 12022 /* Encode len in big endian */ 12023 seed[SEED_LEN ] = (contextLen >> 8) & 0xFF; 12024 seed[SEED_LEN + 1] = (contextLen) & 0xFF; 12025 if (contextLen) { 12026 /* 0 length context is allowed */ 12027 XMEMCPY(seed + SEED_LEN + 2, context, contextLen); 12028 } 12029 } 12030 12031 if (wc_PRF_TLS(out, (word32)outLen, ssl->arrays->masterSecret, SECRET_LEN, 12032 (byte*)label, (word32)labelLen, seed, seedLen, IsAtLeastTLSv1_2(ssl), 12033 ssl->specs.mac_algorithm, ssl->heap, ssl->devId) != 0) { 12034 WOLFSSL_MSG("wc_PRF_TLS error"); 12035 XFREE(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER); 12036 return WOLFSSL_FAILURE; 12037 } 12038 12039 XFREE(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER); 12040 return WOLFSSL_SUCCESS; 12041 } 12042 #endif /* HAVE_KEYING_MATERIAL */ 11067 12043 11068 12044 int wolfSSL_dtls_get_using_nonblock(WOLFSSL* ssl) … … 11192 12168 return WOLFSSL_FATAL_ERROR; 11193 12169 11194 if ( !ssl->options.handShakeDone&&12170 if ((IsSCR(ssl) || !ssl->options.handShakeDone) && 11195 12171 (DtlsMsgPoolTimeout(ssl) < 0 || DtlsMsgPoolSend(ssl, 0) < 0)) { 11196 12172 … … 11344 12320 #endif 11345 12321 11346 #if def WOLFSSL_ALLOW_SSLV312322 #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) 11347 12323 WOLFSSL_METHOD* wolfSSLv3_client_method(void) 11348 12324 { … … 11360 12336 return method; 11361 12337 } 11362 #endif /* WOLFSSL_ALLOW_SSLV3 */12338 #endif /* WOLFSSL_ALLOW_SSLV3 && !NO_OLD_TLS */ 11363 12339 11364 12340 … … 11444 12420 #ifdef OPENSSL_EXTRA 11445 12421 if (ssl->CBIS != NULL) { 11446 ssl->CBIS(ssl, SSL_ST_CONNECT, SSL_SUCCESS);12422 ssl->CBIS(ssl, SSL_ST_CONNECT, WOLFSSL_SUCCESS); 11447 12423 ssl->cbmode = SSL_CB_WRITE; 11448 12424 } … … 11473 12449 if (ssl->buffers.outputBuffer.length > 0 11474 12450 #ifdef WOLFSSL_ASYNC_CRYPT 11475 /* do not send buffered or advance state if last error was an 12451 /* do not send buffered or advance state if last error was an 11476 12452 async pending operation */ 11477 12453 && ssl->error != WC_PENDING_E … … 11635 12611 FALL_THROUGH; 11636 12612 12613 #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) 11637 12614 case FIRST_REPLY_SECOND : 11638 12615 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH) … … 11682 12659 11683 12660 case SECOND_REPLY_DONE: 11684 #ifndef NO_HANDSHAKE_DONE_CB12661 #ifndef NO_HANDSHAKE_DONE_CB 11685 12662 if (ssl->hsDoneCb) { 11686 12663 int cbret = ssl->hsDoneCb(ssl, ssl->hsDoneCtx); … … 11691 12668 } 11692 12669 } 11693 #endif /* NO_HANDSHAKE_DONE_CB */12670 #endif /* NO_HANDSHAKE_DONE_CB */ 11694 12671 11695 12672 if (!ssl->options.dtls) { … … 11698 12675 } 11699 12676 } 11700 #ifdef WOLFSSL_DTLS12677 #ifdef WOLFSSL_DTLS 11701 12678 else { 11702 12679 ssl->options.dtlsHsRetain = 1; 11703 12680 } 11704 #endif /* WOLFSSL_DTLS */ 12681 #endif /* WOLFSSL_DTLS */ 12682 12683 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_SECURE_RENEGOTIATION) 12684 /* This may be necessary in async so that we don't try to 12685 * renegotiate again */ 12686 if (ssl->secure_renegotiation && ssl->secure_renegotiation->startScr) { 12687 ssl->secure_renegotiation->startScr = 0; 12688 } 12689 #endif /* WOLFSSL_ASYNC_CRYPT && HAVE_SECURE_RENEGOTIATION */ 11705 12690 11706 12691 WOLFSSL_LEAVE("SSL_connect()", WOLFSSL_SUCCESS); 11707 12692 return WOLFSSL_SUCCESS; 12693 #endif /* !WOLFSSL_NO_TLS12 || !NO_OLD_TLS */ 11708 12694 11709 12695 default: … … 11711 12697 return WOLFSSL_FATAL_ERROR; /* unknown connect state */ 11712 12698 } 11713 #endif /* !WOLFSSL_NO_TLS12 */12699 #endif /* !WOLFSSL_NO_TLS12 || !NO_OLD_TLS || !WOLFSSL_TLS13 */ 11714 12700 } 11715 12701 … … 11728 12714 #endif 11729 12715 11730 #if def WOLFSSL_ALLOW_SSLV312716 #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) 11731 12717 WOLFSSL_METHOD* wolfSSLv3_server_method(void) 11732 12718 { … … 11746 12732 return method; 11747 12733 } 11748 #endif /* WOLFSSL_ALLOW_SSLV3 */12734 #endif /* WOLFSSL_ALLOW_SSLV3 && !NO_OLD_TLS */ 11749 12735 11750 12736 WOLFSSL_METHOD* wolfSSLv23_server_method(void) … … 11785 12771 11786 12772 12773 WOLFSSL_ABI 11787 12774 int wolfSSL_accept(WOLFSSL* ssl) 11788 12775 { … … 11877 12864 if (ssl->buffers.outputBuffer.length > 0 11878 12865 #ifdef WOLFSSL_ASYNC_CRYPT 11879 /* do not send buffered or advance state if last error was an 12866 /* do not send buffered or advance state if last error was an 11880 12867 async pending operation */ 11881 12868 && ssl->error != WC_PENDING_E … … 12020 13007 case ACCEPT_SECOND_REPLY_DONE : 12021 13008 #ifdef HAVE_SESSION_TICKET 12022 if (ssl->options.createTicket ) {13009 if (ssl->options.createTicket && !ssl->options.noTicketTls12) { 12023 13010 if ( (ssl->error = SendTicket(ssl)) != 0) { 12024 13011 WOLFSSL_ERROR(ssl->error); … … 12084 13071 } 12085 13072 #endif /* WOLFSSL_DTLS */ 13073 13074 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_SECURE_RENEGOTIATION) 13075 /* This may be necessary in async so that we don't try to 13076 * renegotiate again */ 13077 if (ssl->secure_renegotiation && ssl->secure_renegotiation->startScr) { 13078 ssl->secure_renegotiation->startScr = 0; 13079 } 13080 #endif /* WOLFSSL_ASYNC_CRYPT && HAVE_SECURE_RENEGOTIATION */ 12086 13081 12087 13082 #ifdef WOLFSSL_SESSION_EXPORT … … 12423 13418 12424 13419 current = &SessionCache[row].Sessions[idx]; 12425 if (XMEMCMP(current->sessionID, id, ID_LEN) == 0) { 13420 if (XMEMCMP(current->sessionID, id, ID_LEN) == 0 && 13421 current->side == ssl->options.side) { 12426 13422 WOLFSSL_MSG("Found a session match"); 12427 13423 if (LowResTimer() < (current->bornOn + current->timeout)) { … … 12508 13504 copyInto->ticketSeen = copyFrom->ticketSeen; 12509 13505 copyInto->ticketAdd = copyFrom->ticketAdd; 12510 #ifndef WOLFSSL_TLS13_DRAFT_18 13506 copyInto->side = copyFrom->side; 12511 13507 XMEMCPY(©Into->ticketNonce, ©From->ticketNonce, 12512 13508 sizeof(TicketNonce)); 12513 #endif12514 13509 #ifdef WOLFSSL_EARLY_DATA 12515 13510 copyInto->maxEarlyDataSz = copyFrom->maxEarlyDataSz; … … 12619 13614 word32 idx = 0; 12620 13615 int error = 0; 13616 const byte* id = NULL; 12621 13617 #ifdef HAVE_SESSION_TICKET 12622 13618 byte* tmpBuff = NULL; … … 12626 13622 int i; 12627 13623 int overwrite = 0; 13624 #ifdef HAVE_EXT_CACHE 13625 int cbRet = 0; 13626 #endif 12628 13627 12629 13628 if (ssl->options.sessionCacheOff) … … 12638 13637 #endif 12639 13638 13639 #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) 13640 if (ssl->options.tls1_3) 13641 id = ssl->session.sessionID; 13642 else 13643 #endif 13644 if (ssl->arrays) 13645 id = ssl->arrays->sessionID; 13646 if (id == NULL) { 13647 return BAD_FUNC_ARG; 13648 } 13649 12640 13650 #ifdef HAVE_SESSION_TICKET 12641 13651 ticLen = ssl->session.ticketLen; 12642 13652 /* Alloc Memory here so if Malloc fails can exit outside of lock */ 12643 if (ticLen > SESSION_TICKET_LEN) {13653 if (ticLen > SESSION_TICKET_LEN) { 12644 13654 tmpBuff = (byte*)XMALLOC(ticLen, ssl->heap, 12645 13655 DYNAMIC_TYPE_SESSION_TICK); … … 12652 13662 if (ssl->options.internalCacheOff) { 12653 13663 /* Create a new session object to be stored. */ 12654 session = (WOLFSSL_SESSION*)XMALLOC(sizeof(WOLFSSL_SESSION), NULL, 12655 DYNAMIC_TYPE_OPENSSL); 13664 session = wolfSSL_SESSION_new(); 12656 13665 if (session == NULL) { 12657 13666 #ifdef HAVE_SESSION_TICKET … … 12660 13669 return MEMORY_E; 12661 13670 } 12662 XMEMSET(session, 0, sizeof(WOLFSSL_SESSION));12663 session->isAlloced = 1;12664 13671 } 12665 13672 else … … 12668 13675 /* Use the session object in the cache for external cache if required. 12669 13676 */ 12670 #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) 12671 if (ssl->options.tls1_3) { 12672 row = HashSession(ssl->session.sessionID, ID_LEN, &error) % 12673 SESSION_ROWS; 12674 } 12675 else 12676 #endif 12677 { 12678 row = HashSession(ssl->arrays->sessionID, ID_LEN, &error) % 12679 SESSION_ROWS; 12680 } 13677 row = HashSession(id, ID_LEN, &error) % SESSION_ROWS; 12681 13678 if (error != 0) { 12682 13679 WOLFSSL_MSG("Hash session failed"); … … 12695 13692 12696 13693 for (i=0; i<SESSIONS_PER_ROW; i++) { 12697 if (ssl->options.tls1_3) { 12698 if (XMEMCMP(ssl->session.sessionID, SessionCache[row].Sessions[i].sessionID, ID_LEN) == 0) { 12699 WOLFSSL_MSG("Session already exists. Overwriting."); 12700 overwrite = 1; 12701 idx = i; 12702 break; 12703 } 12704 } 12705 else { 12706 if (XMEMCMP(ssl->arrays->sessionID, SessionCache[row].Sessions[i].sessionID, ID_LEN) == 0) { 12707 WOLFSSL_MSG("Session already exists. Overwriting."); 12708 overwrite = 1; 12709 idx = i; 12710 break; 12711 } 13694 if (XMEMCMP(id, SessionCache[row].Sessions[i].sessionID, ID_LEN) == 0 && 13695 SessionCache[row].Sessions[i].side == ssl->options.side) { 13696 WOLFSSL_MSG("Session already exists. Overwriting."); 13697 overwrite = 1; 13698 idx = i; 13699 break; 12712 13700 } 12713 13701 } … … 12722 13710 } 12723 13711 12724 if (!ssl->options.tls1_3) 13712 session->side = (byte)ssl->options.side; 13713 13714 #ifdef WOLFSSL_TLS13 13715 if (ssl->options.tls1_3) { 13716 XMEMCPY(session->masterSecret, ssl->session.masterSecret, SECRET_LEN); 13717 session->sessionIDSz = ID_LEN; 13718 } 13719 else 13720 #endif 13721 { 12725 13722 XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN); 12726 else 12727 XMEMCPY(session->masterSecret, ssl->session.masterSecret, SECRET_LEN); 13723 session->sessionIDSz = ssl->arrays->sessionIDSz; 13724 } 13725 XMEMCPY(session->sessionID, id, ID_LEN); 12728 13726 session->haveEMS = ssl->options.haveEMS; 12729 #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)12730 if (ssl->options.tls1_3) {12731 XMEMCPY(session->sessionID, ssl->session.sessionID, ID_LEN);12732 session->sessionIDSz = ID_LEN;12733 }12734 else12735 #endif12736 {12737 XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);12738 session->sessionIDSz = ssl->arrays->sessionIDSz;12739 }12740 13727 12741 13728 #ifdef OPENSSL_EXTRA … … 12758 13745 if (error == 0) { 12759 13746 /* Cleanup cache row's old Dynamic buff if exists */ 12760 if (session->isDynamic) {13747 if (session->isDynamic) { 12761 13748 XFREE(session->ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK); 12762 13749 session->ticket = NULL; … … 12820 13807 session->ticketSeen = ssl->session.ticketSeen; 12821 13808 session->ticketAdd = ssl->session.ticketAdd; 12822 #ifndef WOLFSSL_TLS13_DRAFT_1812823 13809 XMEMCPY(&session->ticketNonce, &ssl->session.ticketNonce, 12824 13810 sizeof(TicketNonce)); 12825 #endif12826 13811 #ifdef WOLFSSL_EARLY_DATA 12827 13812 session->maxEarlyDataSz = ssl->session.maxEarlyDataSz; … … 12906 13891 #ifdef HAVE_EXT_CACHE 12907 13892 if (error == 0 && ssl->ctx->new_sess_cb != NULL) 12908 ssl->ctx->new_sess_cb(ssl, session);12909 if (ssl->options.internalCacheOff )12910 wolfSSL_SESSION_free(session);13893 cbRet = ssl->ctx->new_sess_cb(ssl, session); 13894 if (ssl->options.internalCacheOff && cbRet == 0) 13895 FreeSession(session, 1); 12911 13896 #endif 12912 13897 … … 13453 14438 } 13454 14439 13455 13456 14440 void wolfSSL_set_psk_client_callback(WOLFSSL* ssl,wc_psk_client_callback cb) 13457 14441 { … … 13479 14463 } 13480 14464 13481 13482 14465 void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX* ctx, 13483 14466 wc_psk_server_callback cb) … … 13489 14472 ctx->server_psk_cb = cb; 13490 14473 } 13491 13492 14474 13493 14475 void wolfSSL_set_psk_server_callback(WOLFSSL* ssl,wc_psk_server_callback cb) … … 13515 14497 } 13516 14498 13517 13518 14499 const char* wolfSSL_get_psk_identity_hint(const WOLFSSL* ssl) 13519 14500 { … … 13536 14517 return ssl->arrays->client_identity; 13537 14518 } 13538 13539 14519 13540 14520 int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX* ctx, const char* hint) … … 13554 14534 } 13555 14535 13556 13557 14536 int wolfSSL_use_psk_identity_hint(WOLFSSL* ssl, const char* hint) 13558 14537 { … … 13572 14551 } 13573 14552 14553 void* wolfSSL_get_psk_callback_ctx(WOLFSSL* ssl) 14554 { 14555 return ssl ? ssl->options.psk_ctx : NULL; 14556 } 14557 void* wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX* ctx) 14558 { 14559 return ctx ? ctx->psk_ctx : NULL; 14560 } 14561 int wolfSSL_set_psk_callback_ctx(WOLFSSL* ssl, void* psk_ctx) 14562 { 14563 if (ssl == NULL) 14564 return WOLFSSL_FAILURE; 14565 ssl->options.psk_ctx = psk_ctx; 14566 return WOLFSSL_SUCCESS; 14567 } 14568 int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX* ctx, void* psk_ctx) 14569 { 14570 if (ctx == NULL) 14571 return WOLFSSL_FAILURE; 14572 ctx->psk_ctx = psk_ctx; 14573 return WOLFSSL_SUCCESS; 14574 } 13574 14575 #endif /* NO_PSK */ 13575 14576 … … 13601 14602 { 13602 14603 int verify; 14604 int ret = WOLFSSL_FAILURE; 13603 14605 13604 14606 WOLFSSL_ENTER("wolfSSL_CTX_load_verify_buffer_ex"); … … 13609 14611 13610 14612 if (format == WOLFSSL_FILETYPE_PEM) 13611 ret urnProcessChainBuffer(ctx, in, sz, format, CA_TYPE, NULL,14613 ret = ProcessChainBuffer(ctx, in, sz, format, CA_TYPE, NULL, 13612 14614 verify); 13613 14615 else 13614 ret urnProcessBuffer(ctx, in, sz, format, CA_TYPE, NULL, NULL,14616 ret = ProcessBuffer(ctx, in, sz, format, CA_TYPE, NULL, NULL, 13615 14617 userChain, verify); 14618 WOLFSSL_LEAVE("wolfSSL_CTX_load_verify_buffer_ex", ret); 14619 return ret; 13616 14620 } 13617 14621 … … 13659 14663 const unsigned char* in, long sz, int format) 13660 14664 { 14665 int ret = WOLFSSL_FAILURE; 14666 13661 14667 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_buffer"); 13662 ret urnProcessBuffer(ctx, in, sz, format, CERT_TYPE, NULL, NULL, 0,14668 ret = ProcessBuffer(ctx, in, sz, format, CERT_TYPE, NULL, NULL, 0, 13663 14669 GET_VERIFY_SETTING_CTX(ctx)); 14670 WOLFSSL_LEAVE("wolfSSL_CTX_use_certificate_buffer", ret); 14671 return ret; 13664 14672 } 13665 14673 … … 13668 14676 const unsigned char* in, long sz, int format) 13669 14677 { 14678 int ret = WOLFSSL_FAILURE; 14679 13670 14680 WOLFSSL_ENTER("wolfSSL_CTX_use_PrivateKey_buffer"); 13671 ret urnProcessBuffer(ctx, in, sz, format, PRIVATEKEY_TYPE, NULL, NULL,14681 ret = ProcessBuffer(ctx, in, sz, format, PRIVATEKEY_TYPE, NULL, NULL, 13672 14682 0, GET_VERIFY_SETTING_CTX(ctx)); 14683 WOLFSSL_LEAVE("wolfSSL_CTX_use_PrivateKey_buffer", ret); 14684 return ret; 13673 14685 } 13674 14686 … … 13676 14688 int wolfSSL_CTX_use_PrivateKey_id(WOLFSSL_CTX* ctx, const unsigned char* id, 13677 14689 long sz, int devId, long keySz) 14690 { 14691 int ret = wolfSSL_CTX_use_PrivateKey_Id(ctx, id, sz, devId); 14692 14693 if (ret == WOLFSSL_SUCCESS) 14694 ctx->privateKeySz = (word32)keySz; 14695 14696 return ret; 14697 } 14698 14699 int wolfSSL_CTX_use_PrivateKey_Id(WOLFSSL_CTX* ctx, const unsigned char* id, 14700 long sz, int devId) 13678 14701 { 13679 14702 int ret = WOLFSSL_FAILURE; … … 13684 14707 XMEMCPY(ctx->privateKey->buffer, id, sz); 13685 14708 ctx->privateKeyId = 1; 13686 ctx->privateKeySz = (word32)keySz; 14709 if (devId != INVALID_DEVID) 14710 ctx->privateKeyDevId = devId; 14711 else 14712 ctx->privateKeyDevId = ctx->devId; 14713 14714 ret = WOLFSSL_SUCCESS; 14715 } 14716 14717 return ret; 14718 } 14719 14720 int wolfSSL_CTX_use_PrivateKey_Label(WOLFSSL_CTX* ctx, const char* label, 14721 int devId) 14722 { 14723 int ret = WOLFSSL_FAILURE; 14724 word32 sz = (word32)XSTRLEN(label) + 1; 14725 14726 FreeDer(&ctx->privateKey); 14727 if (AllocDer(&ctx->privateKey, (word32)sz, PRIVATEKEY_TYPE, 14728 ctx->heap) == 0) { 14729 XMEMCPY(ctx->privateKey->buffer, label, sz); 14730 ctx->privateKeyLabel = 1; 13687 14731 if (devId != INVALID_DEVID) 13688 14732 ctx->privateKeyDevId = devId; … … 13839 14883 } 13840 14884 13841 #ifdef HAVE_PKCS1114885 #ifdef WOLF_CRYPTO_CB 13842 14886 int wolfSSL_use_PrivateKey_id(WOLFSSL* ssl, const unsigned char* id, 13843 14887 long sz, int devId, long keySz) 14888 { 14889 int ret = wolfSSL_use_PrivateKey_Id(ssl, id, sz, devId); 14890 14891 if (ret == WOLFSSL_SUCCESS) 14892 ssl->buffers.keySz = (word32)keySz; 14893 14894 return ret; 14895 } 14896 14897 int wolfSSL_use_PrivateKey_Id(WOLFSSL* ssl, const unsigned char* id, 14898 long sz, int devId) 13844 14899 { 13845 14900 int ret = WOLFSSL_FAILURE; … … 13852 14907 ssl->buffers.weOwnKey = 1; 13853 14908 ssl->buffers.keyId = 1; 13854 ssl->buffers.keySz = (word32)keySz; 14909 if (devId != INVALID_DEVID) 14910 ssl->buffers.keyDevId = devId; 14911 else 14912 ssl->buffers.keyDevId = ssl->devId; 14913 14914 ret = WOLFSSL_SUCCESS; 14915 } 14916 14917 return ret; 14918 } 14919 14920 int wolfSSL_use_PrivateKey_Label(WOLFSSL* ssl, const char* label, int devId) 14921 { 14922 int ret = WOLFSSL_FAILURE; 14923 word32 sz = (word32)XSTRLEN(label) + 1; 14924 14925 if (ssl->buffers.weOwnKey) 14926 FreeDer(&ssl->buffers.key); 14927 if (AllocDer(&ssl->buffers.key, (word32)sz, PRIVATEKEY_TYPE, 14928 ssl->heap) == 0) { 14929 XMEMCPY(ssl->buffers.key->buffer, label, sz); 14930 ssl->buffers.weOwnKey = 1; 14931 ssl->buffers.keyLabel = 1; 13855 14932 if (devId != INVALID_DEVID) 13856 14933 ssl->buffers.keyDevId = devId; … … 13897 14974 FreeDer(&ssl->buffers.certificate); 13898 14975 #ifdef KEEP_OUR_CERT 13899 FreeX509(ssl->ourCert); 13900 if (ssl->ourCert) { 13901 XFREE(ssl->ourCert, ssl->heap, DYNAMIC_TYPE_X509); 13902 ssl->ourCert = NULL; 13903 } 14976 wolfSSL_X509_free(ssl->ourCert); 14977 ssl->ourCert = NULL; 13904 14978 #endif 13905 14979 ssl->buffers.weOwnCert = 0; … … 13999 15073 #endif 14000 15074 14001 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) 15075 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 14002 15076 void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX* ctx, int mode) 14003 15077 { … … 14014 15088 ssl->options.quietShutdown = 1; 14015 15089 } 14016 #endif 15090 #endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 14017 15091 14018 15092 #ifdef OPENSSL_EXTRA 15093 #ifndef NO_BIO 14019 15094 void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr) 14020 15095 { … … 14070 15145 } 14071 15146 } 14072 #endif 15147 #endif /* !NO_BIO */ 15148 #endif /* OPENSSL_EXTRA */ 14073 15149 14074 15150 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_WEBSERVER) … … 14167 15243 14168 15244 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 15245 #ifndef NO_BIO 14169 15246 #if !defined(NO_RSA) && !defined(NO_CERTS) 14170 15247 WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char* fname) … … 14184 15261 WOLFSSL_ENTER("wolfSSL_load_client_CA_file"); 14185 15262 14186 bio = wolfSSL_BIO_new_file(fname, "r ");15263 bio = wolfSSL_BIO_new_file(fname, "rb"); 14187 15264 if (bio == NULL) 14188 15265 return NULL; … … 14201 15278 /* Need a persistent copy of the subject name. */ 14202 15279 node->data.name = wolfSSL_X509_NAME_dup(subjectName); 14203 /* 14204 * Original cert will be freed so make sure not to try to access 14205 * it in the future. 14206 */ 14207 node->data.name->x509 = NULL; 15280 if (node->data.name != NULL) { 15281 /* 15282 * Original cert will be freed so make sure not to try to access 15283 * it in the future. 15284 */ 15285 node->data.name->x509 = NULL; 15286 } 14208 15287 14209 15288 /* Put node on the front of the list. */ … … 14237 15316 } 14238 15317 #endif 14239 #endif 15318 #endif /* !NO_BIO */ 15319 #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ 14240 15320 14241 15321 #ifdef OPENSSL_EXTRA … … 14285 15365 node->next = ctx->ca_names; 14286 15366 ctx->ca_names = node; 14287 return SSL_SUCCESS;15367 return WOLFSSL_SUCCESS; 14288 15368 } 14289 15369 #endif … … 14323 15403 int r = 0; 14324 15404 SrpSide srp_side = SRP_CLIENT_SIDE; 14325 WC_RNG rng;14326 15405 byte salt[SRP_SALT_SIZE]; 14327 15406 … … 14339 15418 } 14340 15419 14341 if (wc_SrpInit(ctx->srp, SRP_TYPE_SHA256, srp_side) < 0) {14342 WOLFSSL_MSG("Init CTX failed");15420 if (wc_SrpInit(ctx->srp, SRP_TYPE_SHA256, srp_side) < 0) { 15421 WOLFSSL_MSG("Init SRP CTX failed"); 14343 15422 XFREE(ctx->srp, ctx->heap, DYNAMIC_TYPE_SRP); 14344 wolfSSL_CTX_free(ctx);15423 ctx->srp = NULL; 14345 15424 return SSL_FAILURE; 14346 15425 } … … 14354 15433 /* if wolfSSL_CTX_set_srp_password has already been called, */ 14355 15434 /* execute wc_SrpSetPassword here */ 14356 if (ctx->srp_password != NULL){ 15435 if (ctx->srp_password != NULL) { 15436 WC_RNG rng; 14357 15437 if (wc_InitRng(&rng) < 0){ 14358 15438 WOLFSSL_MSG("wc_InitRng failed"); … … 14360 15440 } 14361 15441 XMEMSET(salt, 0, sizeof(salt)/sizeof(salt[0])); 14362 if (wc_RNG_GenerateBlock(&rng, salt, 14363 sizeof(salt)/sizeof(salt[0])) < 0){ 15442 r = wc_RNG_GenerateBlock(&rng, salt, sizeof(salt)/sizeof(salt[0])); 15443 wc_FreeRng(&rng); 15444 if (r < 0) { 15445 WOLFSSL_MSG("wc_RNG_GenerateBlock failed"); 15446 return SSL_FAILURE; 15447 } 15448 15449 if (wc_SrpSetParams(ctx->srp, srp_N, sizeof(srp_N)/sizeof(srp_N[0]), 15450 srp_g, sizeof(srp_g)/sizeof(srp_g[0]), 15451 salt, sizeof(salt)/sizeof(salt[0])) < 0) { 15452 WOLFSSL_MSG("wc_SrpSetParam failed"); 15453 return SSL_FAILURE; 15454 } 15455 r = wc_SrpSetPassword(ctx->srp, 15456 (const byte*)ctx->srp_password, 15457 (word32)XSTRLEN((char *)ctx->srp_password)); 15458 if (r < 0) { 15459 WOLFSSL_MSG("fail to set srp password."); 15460 return SSL_FAILURE; 15461 } 15462 15463 XFREE(ctx->srp_password, ctx->heap, DYNAMIC_TYPE_SRP); 15464 ctx->srp_password = NULL; 15465 } 15466 15467 return WOLFSSL_SUCCESS; 15468 } 15469 15470 int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX* ctx, char* password) 15471 { 15472 int r; 15473 byte salt[SRP_SALT_SIZE]; 15474 15475 WOLFSSL_ENTER("wolfSSL_CTX_set_srp_password"); 15476 if (ctx == NULL || ctx->srp == NULL || password == NULL) 15477 return SSL_FAILURE; 15478 15479 if (ctx->srp->user != NULL) { 15480 WC_RNG rng; 15481 if (wc_InitRng(&rng) < 0) { 15482 WOLFSSL_MSG("wc_InitRng failed"); 15483 return SSL_FAILURE; 15484 } 15485 XMEMSET(salt, 0, sizeof(salt)/sizeof(salt[0])); 15486 r = wc_RNG_GenerateBlock(&rng, salt, sizeof(salt)/sizeof(salt[0])); 15487 wc_FreeRng(&rng); 15488 if (r < 0) { 14364 15489 WOLFSSL_MSG("wc_RNG_GenerateBlock failed"); 14365 wc_FreeRng(&rng);14366 15490 return SSL_FAILURE; 14367 15491 } … … 14373 15497 return SSL_FAILURE; 14374 15498 } 14375 r = wc_SrpSetPassword(ctx->srp,14376 (const byte*)ctx->srp_password,14377 (word32)XSTRLEN((char *)ctx->srp_password));14378 if (r < 0) {14379 WOLFSSL_MSG("fail to set srp password.");14380 return SSL_FAILURE;14381 }14382 wc_FreeRng(&rng);14383 XFREE(ctx->srp_password, ctx->heap, DYNAMIC_TYPE_SRP);14384 ctx->srp_password = NULL;14385 }14386 14387 return SSL_SUCCESS;14388 }14389 14390 int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX* ctx, char* password)14391 {14392 int r;14393 WC_RNG rng;14394 byte salt[SRP_SALT_SIZE];14395 14396 WOLFSSL_ENTER("wolfSSL_CTX_set_srp_password");14397 if (ctx == NULL || ctx->srp == NULL || password == NULL)14398 return SSL_FAILURE;14399 14400 if (ctx->srp->user != NULL){14401 if (wc_InitRng(&rng) < 0){14402 WOLFSSL_MSG("wc_InitRng failed");14403 return SSL_FAILURE;14404 }14405 XMEMSET(salt, 0, sizeof(salt)/sizeof(salt[0]));14406 if (wc_RNG_GenerateBlock(&rng, salt,14407 sizeof(salt)/sizeof(salt[0])) < 0){14408 WOLFSSL_MSG("wc_RNG_GenerateBlock failed");14409 wc_FreeRng(&rng);14410 return SSL_FAILURE;14411 }14412 if (wc_SrpSetParams(ctx->srp, srp_N, sizeof(srp_N)/sizeof(srp_N[0]),14413 srp_g, sizeof(srp_g)/sizeof(srp_g[0]),14414 salt, sizeof(salt)/sizeof(salt[0])) < 0){14415 WOLFSSL_MSG("wc_SrpSetParam failed");14416 wc_FreeRng(&rng);14417 return SSL_FAILURE;14418 }14419 15499 r = wc_SrpSetPassword(ctx->srp, (const byte*)password, 14420 15500 (word32)XSTRLEN(password)); … … 14443 15523 XMEMCPY(ctx->srp_password, password, XSTRLEN(password) + 1); 14444 15524 } 14445 return SSL_SUCCESS; 15525 return WOLFSSL_SUCCESS; 15526 } 15527 15528 /** 15529 * The modulus passed to wc_SrpSetParams in ssl.c is constant so check 15530 * that the requested strength is less than or equal to the size of the 15531 * static modulus size. 15532 * @param ctx Not used 15533 * @param strength Minimum number of bits for the modulus 15534 * @return 1 if strength is less than or equal to static modulus 15535 * 0 if strength is greater than static modulus 15536 */ 15537 int wolfSSL_CTX_set_srp_strength(WOLFSSL_CTX *ctx, int strength) 15538 { 15539 (void)ctx; 15540 WOLFSSL_ENTER("wolfSSL_CTX_set_srp_strength"); 15541 if (strength > (int)(sizeof(srp_N)*8)) { 15542 WOLFSSL_MSG("Bad Parameter"); 15543 return WOLFSSL_FAILURE; 15544 } 15545 return WOLFSSL_SUCCESS; 15546 } 15547 15548 char* wolfSSL_get_srp_username(WOLFSSL *ssl) 15549 { 15550 if (ssl && ssl->ctx && ssl->ctx->srp) { 15551 return (char*) ssl->ctx->srp->user; 15552 } 15553 return NULL; 14446 15554 } 14447 15555 #endif /* WOLFCRYPT_HAVE_SRP && !NO_SHA256 && !WC_NO_RNG */ … … 14457 15565 } 14458 15566 15567 #endif /* OPENSSL_EXTRA */ 15568 15569 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 14459 15570 14460 15571 /* store keys returns WOLFSSL_SUCCESS or -1 on error */ … … 14477 15588 } 14478 15589 14479 #endif /* OPENSSL_EXTRA */14480 14481 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)14482 15590 void wolfSSL_set_accept_state(WOLFSSL* ssl) 14483 15591 { … … 14515 15623 } 14516 15624 14517 #endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA */15625 #endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 14518 15626 14519 15627 /* return true if connection established */ … … 14564 15672 #endif 14565 15673 14566 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)14567 14568 15674 static long wolf_set_options(long old_op, long op); 14569 15675 long wolfSSL_CTX_set_options(WOLFSSL_CTX* ctx, long opt) … … 14578 15684 return ctx->mask; 14579 15685 } 14580 14581 #endif14582 15686 14583 15687 #ifdef OPENSSL_EXTRA … … 14612 15716 return WOLFSSL_SUCCESS; 14613 15717 } 14614 14615 #ifndef NO_CERTS 14616 15718 #endif /* OPENSSL_EXTRA */ 15719 15720 #if !defined(NO_CERTS) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) 14617 15721 WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx) 14618 15722 { … … 14626 15730 void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str) 14627 15731 { 14628 if (ctx == NULL || str == NULL ) {15732 if (ctx == NULL || str == NULL || ctx->cm == str->cm) { 14629 15733 return; 14630 15734 } 14631 15735 15736 if (wolfSSL_CertManager_up_ref(str->cm) != WOLFSSL_SUCCESS) { 15737 WOLFSSL_MSG("wolfSSL_CertManager_up_ref error"); 15738 return; 15739 } 14632 15740 /* free cert manager if have one */ 14633 15741 if (ctx->cm != NULL) { … … 14635 15743 } 14636 15744 ctx->cm = str->cm; 15745 ctx->x509_store.cm = str->cm; 14637 15746 14638 15747 /* free existing store if it exists */ 14639 if (ctx->x509_store_pt != NULL) {14640 /* cert manager was free'd a little earlier in this function */14641 ctx->x509_store_pt->cm = NULL;14642 }14643 15748 wolfSSL_X509_STORE_free(ctx->x509_store_pt); 14644 15749 ctx->x509_store.cache = str->cache; … … 14674 15779 return WOLFSSL_FATAL_ERROR; 14675 15780 } 14676 15781 #endif /* !NO_CERTS && (OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL) */ 15782 15783 #ifdef OPENSSL_EXTRA 15784 #ifndef NO_CERTS 14677 15785 void wolfSSL_X509_STORE_CTX_set_verify_cb(WOLFSSL_X509_STORE_CTX *ctx, 14678 15786 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb) … … 14693 15801 } 14694 15802 } 14695 #endif 14696 14697 15803 #endif /* WOLFSSL_QT || OPENSSL_ALL */ 14698 15804 #endif /* !NO_CERTS */ 14699 15805 15806 #ifndef NO_BIO 14700 15807 WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_md(void) 14701 15808 { … … 14736 15843 /* wolfSSL has internal buffer, compatibility only */ 14737 15844 WOLFSSL_ENTER("BIO_set_write_buffer_size"); 15845 WOLFSSL_MSG("Buffer resize failed"); 14738 15846 WOLFSSL_STUB("BIO_set_write_buffer_size"); 14739 15847 (void)bio; 14740 return size; 15848 (void) size; 15849 15850 /* Even though this is only a STUB at the moment many user applications 15851 * may attempt to use this. OpenSSL documentation specifies the return 15852 * "return 1 if the buffer was successfully resized or 0 for failure." 15853 * since wolfSSL does not resize the buffer will always return failure 15854 * by default due to memory concerns until this stub is promoted to 15855 * a non-stub function */ 15856 return WOLFSSL_FAILURE; /* 0, no resize happened */ 14741 15857 } 14742 15858 #endif … … 14801 15917 } 14802 15918 15919 /** 15920 * Create new socket BIO object. This is a pure TCP connection with 15921 * no SSL or TLS protection. 15922 * @param str IP address to connect to 15923 * @return New BIO object or NULL on failure 15924 */ 15925 WOLFSSL_BIO *wolfSSL_BIO_new_connect(const char *str) 15926 { 15927 WOLFSSL_BIO *bio; 15928 WOLFSSL_ENTER("wolfSSL_BIO_new_connect"); 15929 bio = wolfSSL_BIO_new(wolfSSL_BIO_s_socket()); 15930 if (bio) { 15931 bio->ip = str; 15932 bio->type = WOLFSSL_BIO_SOCKET; 15933 } 15934 return bio; 15935 } 15936 15937 /** 15938 * Set the port to connect to in the BIO object 15939 * @param b BIO object 15940 * @param port destination port 15941 * @return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure 15942 */ 15943 long wolfSSL_BIO_set_conn_port(WOLFSSL_BIO *b, char* port) 15944 { 15945 int p; 15946 WOLFSSL_ENTER("wolfSSL_BIO_set_conn_port"); 15947 15948 if (!b || !port) { 15949 WOLFSSL_ENTER("Bad parameter"); 15950 return WOLFSSL_FAILURE; 15951 } 15952 15953 p = XATOI(port); 15954 if (!p || p < 0) { 15955 WOLFSSL_ENTER("Port parsing error"); 15956 return WOLFSSL_FAILURE; 15957 } 15958 15959 b->port = (word16)p; 15960 return WOLFSSL_SUCCESS; 15961 } 15962 15963 #ifdef HAVE_HTTP_CLIENT 15964 /** 15965 * Attempt to connect to the destination address and port 15966 * @param b BIO object 15967 * @return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure 15968 */ 15969 long wolfSSL_BIO_do_connect(WOLFSSL_BIO *b) 15970 { 15971 SOCKET_T sfd = SOCKET_INVALID; 15972 WOLFSSL_ENTER("wolfSSL_BIO_do_connect"); 15973 15974 if (!b) { 15975 WOLFSSL_ENTER("Bad parameter"); 15976 return WOLFSSL_FAILURE; 15977 } 15978 15979 while (b && b->type != WOLFSSL_BIO_SOCKET) 15980 b = b->next; 15981 15982 if (!b) { 15983 WOLFSSL_ENTER("No socket BIO in chain"); 15984 return WOLFSSL_FAILURE; 15985 } 15986 15987 if (wolfIO_TcpConnect(&sfd, b->ip, b->port, 0) < 0 ) { 15988 WOLFSSL_ENTER("wolfIO_TcpConnect error"); 15989 return WOLFSSL_FAILURE; 15990 } 15991 15992 b->num = sfd; 15993 b->shutdown = BIO_CLOSE; 15994 return WOLFSSL_SUCCESS; 15995 } 15996 #endif /* HAVE_HTTP_CLIENT */ 14803 15997 14804 15998 int wolfSSL_BIO_eof(WOLFSSL_BIO* b) … … 14868 16062 bio->method = method; 14869 16063 bio->shutdown = BIO_CLOSE; /* default to close things */ 16064 bio->num = -1; /* Default to invalid socket */ 14870 16065 bio->init = 1; 14871 16066 if (method->type != WOLFSSL_BIO_FILE && … … 14903 16098 WOLFSSL_BIO* bio = NULL; 14904 16099 14905 if (buf == NULL || len < 0) {16100 if (buf == NULL) { 14906 16101 return bio; 14907 16102 } … … 14912 16107 } 14913 16108 16109 if (len < 0) { 16110 len = (int)XSTRLEN((const char*)buf); 16111 } 14914 16112 bio->num = bio->wrSz = len; 14915 16113 bio->ptr = (byte*)XMALLOC(len, 0, DYNAMIC_TYPE_OPENSSL); … … 14965 16163 if (bio->type == WOLFSSL_BIO_SOCKET && bio->num) 14966 16164 CloseSocket(bio->num); 14967 #endif16165 #endif 14968 16166 } 14969 16167 … … 14973 16171 XFCLOSE((XFILE)bio->ptr); 14974 16172 } 16173 #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\ 16174 && !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2) 16175 else if (bio->num != -1) { 16176 XCLOSE(bio->num); 16177 } 16178 #endif 14975 16179 } 14976 16180 #endif … … 15031 16235 return top; 15032 16236 } 16237 #endif /* !NO_BIO */ 15033 16238 #endif /* OPENSSL_EXTRA */ 15034 16239 … … 15141 16346 15142 16347 #if (defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)) 16348 #ifndef NO_BIO 15143 16349 /* print out and clear all errors */ 15144 16350 void wolfSSL_ERR_print_errors(WOLFSSL_BIO* bio) … … 15167 16373 } 15168 16374 } while (ret >= 0); 15169 } 16375 wolfSSL_BIO_write(bio, "", 1); 16376 } 16377 #endif /* !NO_BIO */ 15170 16378 #endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */ 15171 16379 15172 16380 #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ 15173 16381 15174 #ifdef OPENSSL_EXTRA 15175 16382 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 15176 16383 #if !defined(NO_WOLFSSL_SERVER) 15177 16384 size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out, … … 15204 16411 return size; 15205 16412 } 15206 15207 16413 #endif /* !NO_WOLFSSL_SERVER */ 16414 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 16415 16416 #ifdef OPENSSL_EXTRA 16417 #if !defined(NO_WOLFSSL_SERVER) 15208 16418 /* Used to get the peer ephemeral public key sent during the connection 15209 16419 * NOTE: currently wolfSSL_KeepHandshakeResources(WOLFSSL* ssl) must be called … … 15261 16471 #endif /* !NO_WOLFSSL_SERVER */ 15262 16472 16473 static int sanityCheckProtoVersion(WOLFSSL_CTX* ctx) 16474 { 16475 if ((ctx->mask & WOLFSSL_OP_NO_SSLv3) && 16476 (ctx->mask & WOLFSSL_OP_NO_TLSv1) && 16477 (ctx->mask & WOLFSSL_OP_NO_TLSv1_1) && 16478 (ctx->mask & WOLFSSL_OP_NO_TLSv1_2) && 16479 (ctx->mask & WOLFSSL_OP_NO_TLSv1_3)) { 16480 WOLFSSL_MSG("All TLS versions disabled"); 16481 return WOLFSSL_FAILURE; 16482 } 16483 return WOLFSSL_SUCCESS; 16484 } 16485 15263 16486 int wolfSSL_CTX_set_min_proto_version(WOLFSSL_CTX* ctx, int version) 15264 16487 { … … 15266 16489 15267 16490 if (ctx == NULL) { 15268 return BAD_FUNC_ARG;16491 return WOLFSSL_FAILURE; 15269 16492 } 15270 16493 … … 15308 16531 #endif 15309 16532 default: 15310 return BAD_FUNC_ARG; 15311 } 15312 15313 return WOLFSSL_SUCCESS; 16533 WOLFSSL_MSG("Unrecognized protocol version or not compiled in"); 16534 return WOLFSSL_FAILURE; 16535 } 16536 16537 switch (version) { 16538 #ifndef NO_TLS 16539 case TLS1_3_VERSION: 16540 wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1_2); 16541 FALL_THROUGH; 16542 case TLS1_2_VERSION: 16543 wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1_1); 16544 FALL_THROUGH; 16545 case TLS1_1_VERSION: 16546 wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1); 16547 FALL_THROUGH; 16548 case TLS1_VERSION: 16549 wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_SSLv3); 16550 break; 16551 #endif 16552 #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) 16553 case SSL3_VERSION: 16554 case SSL2_VERSION: 16555 /* Nothing to do here */ 16556 #endif 16557 break; 16558 #ifdef WOLFSSL_DTLS 16559 #ifndef NO_OLD_TLS 16560 case DTLS1_VERSION: 16561 #endif 16562 case DTLS1_2_VERSION: 16563 break; 16564 #endif 16565 default: 16566 WOLFSSL_MSG("Unrecognized protocol version or not compiled in"); 16567 return WOLFSSL_FAILURE; 16568 } 16569 16570 return sanityCheckProtoVersion(ctx); 15314 16571 } 15315 16572 … … 15318 16575 WOLFSSL_ENTER("wolfSSL_CTX_set_max_proto_version"); 15319 16576 15320 /* supported only at compile-time only */ 15321 (void)ctx; 15322 (void)ver; 15323 return WOLFSSL_SUCCESS; 15324 } 15325 15326 16577 if (!ctx || !ctx->method) { 16578 WOLFSSL_MSG("Bad parameter"); 16579 return WOLFSSL_FAILURE; 16580 } 16581 16582 switch (ver) { 16583 case SSL2_VERSION: 16584 WOLFSSL_MSG("wolfSSL does not support SSLv2"); 16585 return WOLFSSL_FAILURE; 16586 #if (defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)) || !defined(NO_TLS) 16587 case SSL3_VERSION: 16588 wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1); 16589 FALL_THROUGH; 16590 case TLS1_VERSION: 16591 wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1_1); 16592 FALL_THROUGH; 16593 case TLS1_1_VERSION: 16594 wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1_2); 16595 FALL_THROUGH; 16596 case TLS1_2_VERSION: 16597 wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1_3); 16598 FALL_THROUGH; 16599 case TLS1_3_VERSION: 16600 /* Nothing to do here */ 16601 break; 16602 #endif 16603 #ifdef WOLFSSL_DTLS 16604 #ifndef NO_OLD_TLS 16605 case DTLS1_VERSION: 16606 #endif 16607 case DTLS1_2_VERSION: 16608 break; 16609 #endif 16610 default: 16611 WOLFSSL_MSG("Unrecognized protocol version or not compiled in"); 16612 return WOLFSSL_FAILURE; 16613 } 16614 16615 return sanityCheckProtoVersion(ctx); 16616 } 16617 16618 #endif /* OPENSSL_EXTRA */ 16619 16620 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 15327 16621 #if !defined(NO_WOLFSSL_CLIENT) 15328 16622 /* Return the amount of random bytes copied over or error case. … … 15363 16657 } 15364 16658 #endif /* !NO_WOLFSSL_CLIENT */ 15365 15366 16659 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 16660 16661 #ifdef OPENSSL_EXTRA 15367 16662 unsigned long wolfSSLeay(void) 15368 16663 { … … 15775 17070 15776 17071 WOLFSSL_ENTER("SHA3_256_Init"); 15777 ret = wc_InitSha3_256((wc_Sha3*)sha3_256, NULL, 0);17072 ret = wc_InitSha3_256((wc_Sha3*)sha3_256, NULL, INVALID_DEVID); 15778 17073 15779 17074 /* return 1 on success, 0 otherwise */ … … 16465 17760 16466 17761 /* OpenSSL compat, no ret */ 16467 wc_Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc); 17762 if (wc_Des_SetKey(&myDes, (const byte*)schedule, 17763 (const byte*)ivec, !enc) != 0) { 17764 WOLFSSL_MSG("wc_Des_SetKey return error."); 17765 return; 17766 } 17767 16468 17768 lb_sz = length%DES_BLOCK_SIZE; 16469 17769 blk = length/DES_BLOCK_SIZE; … … 16509 17809 } 16510 17810 17811 #endif /* OPENSSL_EXTRA */ 17812 17813 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 16511 17814 int wolfSSL_clear(WOLFSSL* ssl) 16512 17815 { … … 16525 17828 ssl->options.handShakeState = NULL_STATE; 16526 17829 ssl->options.handShakeDone = 0; 16527 /* ssl->options.processReply = doProcessInit;*/17830 ssl->options.processReply = 0; /* doProcessInit */ 16528 17831 16529 17832 ssl->keys.encryptionOn = 0; … … 16590 17893 } 16591 17894 16592 long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t) 16593 { 16594 word32 tmptime; 16595 if (!ses || t < 0) 16596 return BAD_FUNC_ARG; 16597 16598 tmptime = t & 0xFFFFFFFF; 16599 16600 ses->timeout = tmptime; 16601 16602 return WOLFSSL_SUCCESS; 16603 } 16604 16605 #endif 17895 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 16606 17896 16607 17897 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) … … 16672 17962 * sid_ctx_len length of sid_ctx buffer 16673 17963 * 16674 * Returns SSL_SUCCESS in success case and SSL_FAILURE when failing17964 * Returns WOLFSSL_SUCCESS in success case and SSL_FAILURE when failing 16675 17965 */ 16676 17966 int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX* ctx, … … 16687 17977 ctx->sessionCtxSz = (byte)sid_ctx_len; 16688 17978 16689 return SSL_SUCCESS;17979 return WOLFSSL_SUCCESS; 16690 17980 } 16691 17981 … … 16699 17989 * len length of sid_ctx buffer 16700 17990 * 16701 * Returns SSL_SUCCESS in success case and SSL_FAILURE when failing17991 * Returns WOLFSSL_SUCCESS in success case and SSL_FAILURE when failing 16702 17992 */ 16703 17993 int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id, … … 16712 18002 ssl->sessionCtxSz = (byte)len; 16713 18003 16714 return SSL_SUCCESS;18004 return WOLFSSL_SUCCESS; 16715 18005 } 16716 18006 … … 17146 18436 entry = wolfSSL_X509_NAME_get_entry(name, i); 17147 18437 if (entry == NULL) { 17148 WOLFSSL_MSG(" X509_NAME_get_entry failed");18438 WOLFSSL_MSG("wolfSSL_X509_NAME_get_entry failed"); 17149 18439 return NULL; 17150 18440 } … … 17152 18442 sizeof(buf)); 17153 18443 if (nameSz < 0) { 17154 WOLFSSL_MSG(" X509_NAME_get_text_by_NID failed");18444 WOLFSSL_MSG("wolfSSL_X509_NAME_get_text_by_NID failed"); 17155 18445 return NULL; 17156 18446 } … … 17226 18516 { 17227 18517 WOLFSSL_X509* newX509 = NULL; 18518 WOLFSSL_ENTER("wolfSSL_d2i_X509"); 18519 18520 if (in == NULL) { 18521 WOLFSSL_MSG("NULL input for wolfSSL_d2i_X509"); 18522 return NULL; 18523 } 17228 18524 17229 18525 newX509 = wolfSSL_X509_d2i(x509, *in, len); … … 17234 18530 } 17235 18531 17236 17237 WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const byte* in, int len)18532 static WOLFSSL_X509* d2i_X509orX509REQ(WOLFSSL_X509** x509, 18533 const byte* in, int len, int req) 17238 18534 { 17239 18535 WOLFSSL_X509 *newX509 = NULL; 18536 int type = req ? CERTREQ_TYPE : CERT_TYPE; 17240 18537 17241 18538 WOLFSSL_ENTER("wolfSSL_X509_d2i"); 17242 18539 17243 if (in != NULL && len != 0) { 18540 if (in != NULL && len != 0 18541 #ifndef WOLFSSL_CERT_REQ 18542 && req == 0 18543 #else 18544 && (req == 0 || req == 1) 18545 #endif 18546 ) { 17244 18547 #ifdef WOLFSSL_SMALL_STACK 17245 18548 DecodedCert* cert; … … 17256 18559 17257 18560 InitDecodedCert(cert, (byte*)in, len, NULL); 17258 if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0) { 18561 #ifdef WOLFSSL_CERT_REQ 18562 cert->isCSR = req; 18563 #endif 18564 if (ParseCertRelative(cert, type, 0, NULL) == 0) { 17259 18565 newX509 = wolfSSL_X509_new(); 17260 18566 if (newX509 != NULL) { … … 17276 18582 return newX509; 17277 18583 } 18584 18585 int wolfSSL_X509_get_isCA(WOLFSSL_X509* x509) 18586 { 18587 int isCA = 0; 18588 18589 WOLFSSL_ENTER("wolfSSL_X509_get_isCA"); 18590 18591 if (x509 != NULL) 18592 isCA = x509->isCa; 18593 18594 WOLFSSL_LEAVE("wolfSSL_X509_get_isCA", isCA); 18595 18596 return isCA; 18597 } 18598 18599 WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const byte* in, int len) 18600 { 18601 return d2i_X509orX509REQ(x509, in, len, 0); 18602 } 18603 18604 #ifdef WOLFSSL_CERT_REQ 18605 WOLFSSL_X509* wolfSSL_X509_REQ_d2i(WOLFSSL_X509** x509, 18606 const unsigned char* in, int len) 18607 { 18608 return d2i_X509orX509REQ(x509, in, len, 1); 18609 } 18610 #endif 17278 18611 #endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSL_EXTRA || 17279 18612 OPENSSL_EXTRA_X509_SMALL */ 17280 18613 17281 17282 17283 #if defined(OPENSSL_ALL) || defined(KEEP_OUR_CERT) || defined(KEEP_PEER_CERT) || \ 17284 defined(SESSION_CERTS) 17285 /* return the next, if any, altname from the peer cert */ 17286 WOLFSSL_ABI 17287 char* wolfSSL_X509_get_next_altname(WOLFSSL_X509* cert) 17288 { 17289 char* ret = NULL; 17290 WOLFSSL_ENTER("wolfSSL_X509_get_next_altname"); 17291 17292 /* don't have any to work with */ 17293 if (cert == NULL || cert->altNames == NULL) 17294 return NULL; 17295 17296 /* already went through them */ 17297 if (cert->altNamesNext == NULL) 17298 return NULL; 17299 17300 ret = cert->altNamesNext->name; 17301 cert->altNamesNext = cert->altNamesNext->next; 17302 17303 return ret; 17304 } 17305 17306 int wolfSSL_X509_get_isCA(WOLFSSL_X509* x509) 17307 { 17308 int isCA = 0; 17309 17310 WOLFSSL_ENTER("wolfSSL_X509_get_isCA"); 17311 17312 if (x509 != NULL) 17313 isCA = x509->isCa; 17314 17315 WOLFSSL_LEAVE("wolfSSL_X509_get_isCA", isCA); 17316 17317 return isCA; 17318 } 17319 17320 int wolfSSL_X509_get_signature(WOLFSSL_X509* x509, 17321 unsigned char* buf, int* bufSz) 17322 { 17323 WOLFSSL_ENTER("wolfSSL_X509_get_signature"); 17324 if (x509 == NULL || bufSz == NULL || (*bufSz < (int)x509->sig.length && 17325 buf != NULL)) 18614 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 18615 /* returns the number of entries in the WOLFSSL_X509_NAME */ 18616 int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME* name) 18617 { 18618 int count = 0; 18619 18620 WOLFSSL_ENTER("wolfSSL_X509_NAME_entry_count"); 18621 18622 if (name != NULL) 18623 count = name->entrySz; 18624 18625 WOLFSSL_LEAVE("wolfSSL_X509_NAME_entry_count", count); 18626 return count; 18627 } 18628 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 18629 18630 #if defined(OPENSSL_EXTRA) || \ 18631 defined(KEEP_OUR_CERT) || defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) 18632 18633 /* return the next, if any, altname from the peer cert */ 18634 WOLFSSL_ABI 18635 char* wolfSSL_X509_get_next_altname(WOLFSSL_X509* cert) 18636 { 18637 char* ret = NULL; 18638 WOLFSSL_ENTER("wolfSSL_X509_get_next_altname"); 18639 18640 /* don't have any to work with */ 18641 if (cert == NULL || cert->altNames == NULL) 18642 return NULL; 18643 18644 /* already went through them */ 18645 if (cert->altNamesNext == NULL) 18646 return NULL; 18647 18648 ret = cert->altNamesNext->name; 18649 cert->altNamesNext = cert->altNamesNext->next; 18650 18651 return ret; 18652 } 18653 18654 int wolfSSL_X509_get_signature(WOLFSSL_X509* x509, 18655 unsigned char* buf, int* bufSz) 18656 { 18657 WOLFSSL_ENTER("wolfSSL_X509_get_signature"); 18658 if (x509 == NULL || bufSz == NULL || (*bufSz < (int)x509->sig.length && 18659 buf != NULL)) 18660 return WOLFSSL_FATAL_ERROR; 18661 18662 if (buf != NULL) 18663 XMEMCPY(buf, x509->sig.buffer, x509->sig.length); 18664 *bufSz = x509->sig.length; 18665 18666 return WOLFSSL_SUCCESS; 18667 } 18668 18669 18670 /* Getter function that copies over the DER public key buffer to "buf" and 18671 * sets the size in bufSz. If "buf" is NULL then just bufSz is set to needed 18672 * buffer size. "bufSz" passed in should initially be set by the user to be 18673 * the size of "buf". This gets checked to make sure the buffer is large 18674 * enough to hold the public key. 18675 * 18676 * Note: this is the X.509 form of key with "header" info. 18677 * return WOLFSSL_SUCCESS on success 18678 */ 18679 int wolfSSL_X509_get_pubkey_buffer(WOLFSSL_X509* x509, 18680 unsigned char* buf, int* bufSz) 18681 { 18682 #ifdef WOLFSSL_SMALL_STACK 18683 DecodedCert* cert; 18684 #else 18685 DecodedCert cert[1]; 18686 #endif 18687 word32 idx; 18688 const byte* der; 18689 int length = 0; 18690 int ret, derSz = 0; 18691 int badDate = 0; 18692 const byte* pubKeyX509 = NULL; 18693 int pubKeyX509Sz = 0; 18694 18695 WOLFSSL_ENTER("wolfSSL_X509_get_pubkey_buffer"); 18696 if (x509 == NULL || bufSz == NULL) { 18697 WOLFSSL_LEAVE("wolfSSL_X509_get_pubkey_buffer", BAD_FUNC_ARG); 18698 return WOLFSSL_FATAL_ERROR; 18699 } 18700 18701 18702 #ifdef WOLFSSL_SMALL_STACK 18703 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), 18704 x509->heap, DYNAMIC_TYPE_TMP_BUFFER); 18705 if (cert == NULL) { 18706 WOLFSSL_LEAVE("wolfSSL_X509_get_pubkey_buffer", MEMORY_E); 18707 return WOLFSSL_FATAL_ERROR; 18708 } 18709 #endif 18710 18711 der = wolfSSL_X509_get_der(x509, &derSz); 18712 InitDecodedCert(cert, der, derSz, NULL); 18713 ret = wc_GetPubX509(cert, 0, &badDate); 18714 if (ret >= 0) { 18715 idx = cert->srcIdx; 18716 pubKeyX509 = cert->source + cert->srcIdx; 18717 ret = GetSequence(cert->source, &cert->srcIdx, &length, 18718 cert->maxIdx); 18719 pubKeyX509Sz = length + (cert->srcIdx - idx); 18720 } 18721 18722 FreeDecodedCert(cert); 18723 #ifdef WOLFSSL_SMALL_STACK 18724 XFREE(cert, x509->heap, DYNAMIC_TYPE_TMP_BUFFER); 18725 #endif 18726 18727 if (ret < 0) { 18728 WOLFSSL_LEAVE("wolfSSL_X509_get_pubkey_buffer", ret); 18729 return WOLFSSL_FATAL_ERROR; 18730 } 18731 18732 if (buf != NULL) { 18733 if (pubKeyX509Sz > *bufSz) { 18734 WOLFSSL_LEAVE("wolfSSL_X509_get_pubkey_buffer", BUFFER_E); 17326 18735 return WOLFSSL_FATAL_ERROR; 17327 17328 if (buf != NULL) 17329 XMEMCPY(buf, x509->sig.buffer, x509->sig.length); 17330 *bufSz = x509->sig.length; 17331 17332 return WOLFSSL_SUCCESS; 17333 } 17334 17335 17336 /* Getter function that copies over the DER public key buffer to "buf" and 17337 * sets the size in bufSz. If "buf" is NULL then just bufSz is set to needed 17338 * buffer size. "bufSz" passed in should initially be set by the user to be 17339 * the size of "buf". This gets checked to make sure the buffer is large 17340 * enough to hold the public key. 17341 * 17342 * Note: this is the X.509 form of key with "header" info. 17343 * return WOLFSSL_SUCCESS on success 17344 */ 17345 int wolfSSL_X509_get_pubkey_buffer(WOLFSSL_X509* x509, 17346 unsigned char* buf, int* bufSz) 17347 { 17348 #ifdef WOLFSSL_SMALL_STACK 17349 DecodedCert* cert; 17350 #else 17351 DecodedCert cert[1]; 17352 #endif 17353 word32 idx; 17354 const byte* der; 17355 int length = 0; 17356 int ret, derSz = 0; 17357 int badDate = 0; 17358 const byte* pubKeyX509 = NULL; 17359 int pubKeyX509Sz = 0; 17360 17361 WOLFSSL_ENTER("wolfSSL_X509_get_pubkey_buffer"); 17362 if (x509 == NULL || bufSz == NULL) { 17363 WOLFSSL_LEAVE("wolfSSL_X509_get_pubkey_buffer", BAD_FUNC_ARG); 17364 return WOLFSSL_FATAL_ERROR; 17365 } 17366 17367 17368 #ifdef WOLFSSL_SMALL_STACK 17369 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), 17370 x509->heap, DYNAMIC_TYPE_TMP_BUFFER); 17371 if (cert == NULL) { 17372 WOLFSSL_LEAVE("wolfSSL_X509_get_pubkey_buffer", MEMORY_E); 17373 return WOLFSSL_FATAL_ERROR; 17374 } 17375 #endif 17376 17377 der = wolfSSL_X509_get_der(x509, &derSz); 17378 InitDecodedCert(cert, der, derSz, NULL); 17379 ret = wc_GetPubX509(cert, 0, &badDate); 17380 if (ret >= 0) { 17381 idx = cert->srcIdx; 17382 pubKeyX509 = cert->source + cert->srcIdx; 17383 ret = GetSequence(cert->source, &cert->srcIdx, &length, 17384 cert->maxIdx); 17385 pubKeyX509Sz = length + (cert->srcIdx - idx); 17386 } 17387 17388 FreeDecodedCert(cert); 17389 #ifdef WOLFSSL_SMALL_STACK 17390 XFREE(cert, x509->heap, DYNAMIC_TYPE_TMP_BUFFER); 17391 #endif 17392 17393 if (ret < 0) { 17394 WOLFSSL_LEAVE("wolfSSL_X509_get_pubkey_buffer", ret); 17395 return WOLFSSL_FATAL_ERROR; 17396 } 17397 17398 if (buf != NULL) { 17399 if (pubKeyX509Sz > *bufSz) { 17400 WOLFSSL_LEAVE("wolfSSL_X509_get_pubkey_buffer", BUFFER_E); 17401 return WOLFSSL_FATAL_ERROR; 17402 } 17403 XMEMCPY(buf, pubKeyX509, pubKeyX509Sz); 17404 } 17405 *bufSz = pubKeyX509Sz; 17406 17407 return WOLFSSL_SUCCESS; 17408 } 17409 17410 17411 /* Getter function for the public key OID value 17412 * return public key OID stored in WOLFSSL_X509 structure */ 17413 int wolfSSL_X509_get_pubkey_type(WOLFSSL_X509* x509) 17414 { 17415 if (x509 == NULL) 17416 return WOLFSSL_FAILURE; 17417 return x509->pubKeyOID; 17418 } 17419 17420 /* write X509 serial number in unsigned binary to buffer 17421 buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases 17422 return WOLFSSL_SUCCESS on success */ 17423 int wolfSSL_X509_get_serial_number(WOLFSSL_X509* x509, 17424 byte* in, int* inOutSz) 17425 { 17426 WOLFSSL_ENTER("wolfSSL_X509_get_serial_number"); 17427 if (x509 == NULL || in == NULL || 17428 inOutSz == NULL || *inOutSz < x509->serialSz) 17429 return BAD_FUNC_ARG; 17430 18736 } 18737 XMEMCPY(buf, pubKeyX509, pubKeyX509Sz); 18738 } 18739 *bufSz = pubKeyX509Sz; 18740 18741 return WOLFSSL_SUCCESS; 18742 } 18743 18744 18745 /* Getter function for the public key OID value 18746 * return public key OID stored in WOLFSSL_X509 structure */ 18747 int wolfSSL_X509_get_pubkey_type(WOLFSSL_X509* x509) 18748 { 18749 if (x509 == NULL) 18750 return WOLFSSL_FAILURE; 18751 return x509->pubKeyOID; 18752 } 18753 18754 #endif /* OPENSSL_EXTRA || KEEP_OUR_CERT || KEEP_PEER_CERT || SESSION_CERTS */ 18755 18756 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \ 18757 defined(KEEP_OUR_CERT) || defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) 18758 18759 /* write X509 serial number in unsigned binary to buffer 18760 buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases 18761 return WOLFSSL_SUCCESS on success */ 18762 int wolfSSL_X509_get_serial_number(WOLFSSL_X509* x509, 18763 byte* in, int* inOutSz) 18764 { 18765 WOLFSSL_ENTER("wolfSSL_X509_get_serial_number"); 18766 if (x509 == NULL || inOutSz == NULL) { 18767 WOLFSSL_MSG("Null argument passed in"); 18768 return BAD_FUNC_ARG; 18769 } 18770 18771 if (in != NULL) { 18772 if (*inOutSz < x509->serialSz) { 18773 WOLFSSL_MSG("Serial buffer too small"); 18774 return BUFFER_E; 18775 } 17431 18776 XMEMCPY(in, x509->serial, x509->serialSz); 17432 *inOutSz = x509->serialSz; 17433 17434 return WOLFSSL_SUCCESS; 17435 } 17436 17437 /* not an openssl compatibility function - getting for derCert */ 17438 const byte* wolfSSL_X509_get_der(WOLFSSL_X509* x509, int* outSz) 17439 { 17440 WOLFSSL_ENTER("wolfSSL_X509_get_der"); 17441 17442 if (x509 == NULL || x509->derCert == NULL || outSz == NULL) 17443 return NULL; 17444 17445 *outSz = (int)x509->derCert->length; 17446 return x509->derCert->buffer; 17447 } 17448 17449 /* used by JSSE (not a standard compatibility function) */ 17450 /* this is not thread safe */ 17451 WOLFSSL_ABI 17452 const byte* wolfSSL_X509_notBefore(WOLFSSL_X509* x509) 17453 { 17454 static byte notBeforeData[CTC_DATE_SIZE]; /* temp buffer for date */ 17455 WOLFSSL_ENTER("wolfSSL_X509_notBefore"); 17456 17457 if (x509 == NULL) 17458 return NULL; 17459 17460 XMEMSET(notBeforeData, 0, sizeof(notBeforeData)); 17461 notBeforeData[0] = (byte)x509->notBefore.type; 17462 notBeforeData[1] = (byte)x509->notBefore.length; 17463 XMEMCPY(¬BeforeData[2], x509->notBefore.data, x509->notBefore.length); 17464 17465 return notBeforeData; 17466 } 17467 /* used by JSSE (not a standard compatibility function) */ 17468 /* this is not thread safe */ 17469 WOLFSSL_ABI 17470 const byte* wolfSSL_X509_notAfter(WOLFSSL_X509* x509) 17471 { 17472 static byte notAfterData[CTC_DATE_SIZE]; /* temp buffer for date */ 17473 WOLFSSL_ENTER("wolfSSL_X509_notAfter"); 17474 17475 if (x509 == NULL) 17476 return NULL; 17477 17478 XMEMSET(notAfterData, 0, sizeof(notAfterData)); 17479 notAfterData[0] = (byte)x509->notAfter.type; 17480 notAfterData[1] = (byte)x509->notAfter.length; 17481 XMEMCPY(¬AfterData[2], x509->notAfter.data, x509->notAfter.length); 17482 17483 return notAfterData; 17484 } 17485 17486 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB) 17487 WOLFSSL_ASN1_TIME* wolfSSL_X509_gmtime_adj(WOLFSSL_ASN1_TIME *s, long adj) 17488 { 17489 (void) s; 17490 (void) adj; 17491 WOLFSSL_STUB("wolfSSL_X509_gmtime_adj"); 18777 } 18778 *inOutSz = x509->serialSz; 18779 18780 return WOLFSSL_SUCCESS; 18781 } 18782 18783 /* not an openssl compatibility function - getting for derCert */ 18784 const byte* wolfSSL_X509_get_der(WOLFSSL_X509* x509, int* outSz) 18785 { 18786 WOLFSSL_ENTER("wolfSSL_X509_get_der"); 18787 18788 if (x509 == NULL || x509->derCert == NULL || outSz == NULL) 17492 18789 return NULL; 17493 } 17494 #endif 17495 17496 /* get the buffer to be signed (tbs) from the WOLFSSL_X509 certificate 17497 * 17498 * outSz : gets set to the size of the buffer 17499 * returns a pointer to the internal buffer at the location of TBS on 17500 * on success and NULL on failure. 17501 */ 17502 const unsigned char* wolfSSL_X509_get_tbs(WOLFSSL_X509* x509, int* outSz) 17503 { 17504 int sz = 0, len; 17505 unsigned int idx = 0, tmpIdx; 17506 const unsigned char* der = NULL; 17507 const unsigned char* tbs = NULL; 17508 17509 if (x509 == NULL || outSz == NULL) { 17510 return NULL; 17511 } 17512 17513 der = wolfSSL_X509_get_der(x509, &sz); 17514 if (der == NULL) { 17515 return NULL; 17516 } 17517 17518 if (GetSequence(der, &idx, &len, sz) < 0) { 17519 return NULL; 17520 } 17521 tbs = der + idx; 17522 tmpIdx = idx; 17523 if (GetSequence(der, &idx, &len, sz) < 0) { 17524 return NULL; 17525 } 17526 *outSz = len + (idx - tmpIdx); 17527 return tbs; 17528 } 17529 17530 int wolfSSL_X509_version(WOLFSSL_X509* x509) 17531 { 17532 WOLFSSL_ENTER("wolfSSL_X509_version"); 17533 17534 if (x509 == NULL) 17535 return 0; 17536 17537 return x509->version; 17538 } 18790 18791 *outSz = (int)x509->derCert->length; 18792 return x509->derCert->buffer; 18793 } 18794 18795 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL || KEEP_OUR_CERT || KEEP_PEER_CERT || SESSION_CERTS */ 18796 18797 #ifdef OPENSSL_EXTRA 18798 18799 /* used by JSSE (not a standard compatibility function) */ 18800 WOLFSSL_ABI 18801 const byte* wolfSSL_X509_notBefore(WOLFSSL_X509* x509) 18802 { 18803 WOLFSSL_ENTER("wolfSSL_X509_notBefore"); 18804 18805 if (x509 == NULL) 18806 return NULL; 18807 18808 XMEMSET(x509->notBeforeData, 0, sizeof(x509->notBeforeData)); 18809 x509->notBeforeData[0] = (byte)x509->notBefore.type; 18810 x509->notBeforeData[1] = (byte)x509->notBefore.length; 18811 XMEMCPY(&x509->notBeforeData[2], x509->notBefore.data, x509->notBefore.length); 18812 18813 return x509->notBeforeData; 18814 } 18815 18816 /* used by JSSE (not a standard compatibility function) */ 18817 WOLFSSL_ABI 18818 const byte* wolfSSL_X509_notAfter(WOLFSSL_X509* x509) 18819 { 18820 WOLFSSL_ENTER("wolfSSL_X509_notAfter"); 18821 18822 if (x509 == NULL) 18823 return NULL; 18824 18825 XMEMSET(x509->notAfterData, 0, sizeof(x509->notAfterData)); 18826 x509->notAfterData[0] = (byte)x509->notAfter.type; 18827 x509->notAfterData[1] = (byte)x509->notAfter.length; 18828 XMEMCPY(&x509->notAfterData[2], x509->notAfter.data, x509->notAfter.length); 18829 18830 return x509->notAfterData; 18831 } 18832 18833 18834 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB) 18835 WOLFSSL_ASN1_TIME* wolfSSL_X509_gmtime_adj(WOLFSSL_ASN1_TIME *s, long adj) 18836 { 18837 (void) s; 18838 (void) adj; 18839 WOLFSSL_STUB("wolfSSL_X509_gmtime_adj"); 18840 return NULL; 18841 } 18842 #endif 18843 18844 /* get the buffer to be signed (tbs) from the WOLFSSL_X509 certificate 18845 * 18846 * outSz : gets set to the size of the buffer 18847 * returns a pointer to the internal buffer at the location of TBS on 18848 * on success and NULL on failure. 18849 */ 18850 const unsigned char* wolfSSL_X509_get_tbs(WOLFSSL_X509* x509, int* outSz) 18851 { 18852 int sz = 0, len; 18853 unsigned int idx = 0, tmpIdx; 18854 const unsigned char* der = NULL; 18855 const unsigned char* tbs = NULL; 18856 18857 if (x509 == NULL || outSz == NULL) { 18858 return NULL; 18859 } 18860 18861 der = wolfSSL_X509_get_der(x509, &sz); 18862 if (der == NULL) { 18863 return NULL; 18864 } 18865 18866 if (GetSequence(der, &idx, &len, sz) < 0) { 18867 return NULL; 18868 } 18869 tbs = der + idx; 18870 tmpIdx = idx; 18871 if (GetSequence(der, &idx, &len, sz) < 0) { 18872 return NULL; 18873 } 18874 *outSz = len + (idx - tmpIdx); 18875 return tbs; 18876 } 18877 18878 int wolfSSL_X509_version(WOLFSSL_X509* x509) 18879 { 18880 WOLFSSL_ENTER("wolfSSL_X509_version"); 18881 18882 if (x509 == NULL) 18883 return 0; 18884 18885 return x509->version; 18886 } 17539 18887 17540 18888 #ifdef WOLFSSL_SEP … … 17628 18976 17629 18977 #endif /* WOLFSSL_SEP */ 18978 #endif /* OPENSSL_EXTRA */ 17630 18979 17631 18980 /* require OPENSSL_EXTRA since wolfSSL_X509_free is wrapped by OPENSSL_EXTRA */ … … 17657 19006 int wolfSSL_sk_X509_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, WOLFSSL_X509* x509) 17658 19007 { 17659 WOLFSSL_STACK* node;17660 19008 WOLFSSL_ENTER("wolfSSL_sk_X509_push"); 17661 19009 … … 17664 19012 } 17665 19013 17666 /* no previous values in stack */ 17667 if (sk->data.x509 == NULL) { 17668 sk->data.x509 = x509; 17669 sk->num += 1; 17670 return WOLFSSL_SUCCESS; 17671 } 17672 17673 /* stack already has value(s) create a new node and add more */ 17674 node = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK), NULL, 17675 DYNAMIC_TYPE_X509); 17676 if (node == NULL) { 17677 WOLFSSL_MSG("Memory error"); 17678 return WOLFSSL_FAILURE; 17679 } 17680 XMEMSET(node, 0, sizeof(WOLFSSL_STACK)); 17681 17682 /* push new x509 onto head of stack */ 17683 node->data.x509 = sk->data.x509; 17684 node->next = sk->next; 17685 node->type = sk->type; 17686 sk->next = node; 17687 sk->data.x509 = x509; 17688 sk->num += 1; 17689 17690 return WOLFSSL_SUCCESS; 19014 return wolfSSL_sk_push(sk, x509); 17691 19015 } 17692 19016 … … 17753 19077 #endif 17754 19078 17755 19079 #endif /* !NO_CERTS && OPENSSL_EXTRA */ 19080 19081 #if !defined(NO_CERTS) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) 17756 19082 /* Free's all nodes in X509 stack. This is different then wolfSSL_sk_X509_free 17757 19083 * in that it allows for choosing the function to use when freeing an X509s. … … 17804 19130 } 17805 19131 17806 #endif /* NO_CERTS && OPENSSL_EXTRA*/17807 17808 #if defined(OPENSSL_ALL) || defined 19132 #endif /* !NO_CERTS && (OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL) */ 19133 19134 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 17809 19135 /* return 1 on success 0 on fail */ 17810 19136 int wolfSSL_sk_ACCESS_DESCRIPTION_push(WOLF_STACK_OF(ACCESS_DESCRIPTION)* sk, 17811 19137 WOLFSSL_ACCESS_DESCRIPTION* access) 17812 19138 { 17813 WOLFSSL_STACK* node;17814 17815 19139 WOLFSSL_ENTER("wolfSSL_sk_ACCESS_DESCRIPTION_push"); 17816 19140 17817 if (sk == NULL || access == NULL) { 17818 return WOLFSSL_FAILURE; 17819 } 17820 17821 /* no previous values in stack */ 17822 if (sk->data.access == NULL) { 17823 sk->data.access = access; 17824 sk->num += 1; 17825 return WOLFSSL_SUCCESS; 17826 } 17827 17828 /* stack already has value(s) create a new node and add more */ 17829 node = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK), NULL, 17830 DYNAMIC_TYPE_ASN1); 17831 if (node == NULL) { 17832 WOLFSSL_MSG("Memory error"); 17833 return WOLFSSL_FAILURE; 17834 } 17835 XMEMSET(node, 0, sizeof(WOLFSSL_STACK)); 17836 17837 /* push new obj onto head of stack */ 17838 node->data.access = sk->data.access; 17839 node->next = sk->next; 17840 node->type = sk->type; 17841 sk->next = node; 17842 sk->data.access = access; 17843 sk->num += 1; 17844 17845 return WOLFSSL_SUCCESS; 19141 return wolfSSL_sk_push(sk, access); 17846 19142 } 17847 19143 … … 17913 19209 /* access = NULL, don't try to access or double free it */ 17914 19210 } 17915 #endif 17916 17917 #if def OPENSSL_EXTRA19211 #endif /* OPENSSL_ALL || WOLFSSL_QT */ 19212 19213 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 17918 19214 17919 19215 /* create a generic wolfSSL stack node … … 17967 19263 int wolfSSL_sk_push(WOLFSSL_STACK* sk, const void *data) 17968 19264 { 17969 int ret = WOLFSSL_FAILURE; 19265 WOLFSSL_STACK* node; 19266 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 19267 WOLFSSL_CIPHER ciph; 19268 #endif 17970 19269 WOLFSSL_ENTER("wolfSSL_sk_push"); 17971 19270 19271 if (!sk) { 19272 return WOLFSSL_FAILURE; 19273 } 19274 19275 /* Check if empty data */ 17972 19276 switch (sk->type) { 17973 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 17974 case STACK_TYPE_X509: 17975 ret = wolfSSL_sk_X509_push(sk, (WOLFSSL_X509*) data); 19277 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 19278 case STACK_TYPE_CIPHER: 19279 /* check if entire struct is zero */ 19280 XMEMSET(&ciph, 0, sizeof(WOLFSSL_CIPHER)); 19281 if (XMEMCMP(&sk->data.cipher, &ciph, 19282 sizeof(WOLFSSL_CIPHER)) == 0) { 19283 sk->data.cipher = *(WOLFSSL_CIPHER*)data; 19284 sk->num = 1; 19285 if (sk->hash_fn) { 19286 sk->hash = sk->hash_fn(&sk->data.cipher); 19287 } 19288 return WOLFSSL_SUCCESS; 19289 } 17976 19290 break; 17977 #ifndef NO_WOLFSSL_STUB 19291 #endif 19292 default: 19293 /* All other types are pointers */ 19294 if (!sk->data.generic) { 19295 sk->data.generic = (void*)data; 19296 sk->num = 1; 19297 #ifdef OPENSSL_ALL 19298 if (sk->hash_fn) { 19299 sk->hash = sk->hash_fn(sk->data.generic); 19300 } 19301 #endif 19302 return WOLFSSL_SUCCESS; 19303 } 19304 break; 19305 } 19306 19307 /* stack already has value(s) create a new node and add more */ 19308 node = wolfSSL_sk_new_node(sk->heap); 19309 if (!node) { 19310 WOLFSSL_MSG("Memory error"); 19311 return WOLFSSL_FAILURE; 19312 } 19313 19314 /* push new x509 onto head of stack */ 19315 node->next = sk->next; 19316 node->type = sk->type; 19317 sk->next = node; 19318 sk->num += 1; 19319 19320 #ifdef OPENSSL_ALL 19321 node->comp = sk->comp; 19322 node->hash_fn = sk->hash_fn; 19323 node->hash = sk->hash; 19324 sk->hash = 0; 19325 #endif 19326 switch (sk->type) { 19327 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 17978 19328 case STACK_TYPE_CIPHER: 17979 ret = wolfSSL_sk_CIPHER_push(sk, (WOLFSSL_CIPHER*) data); 19329 node->data.cipher = sk->data.cipher; 19330 sk->data.cipher = *(WOLFSSL_CIPHER*)data; 19331 if (sk->hash_fn) { 19332 sk->hash = sk->hash_fn(&sk->data.cipher); 19333 } 17980 19334 break; 17981 #endif 17982 case STACK_TYPE_GEN_NAME: 17983 ret = wolfSSL_sk_ASN1_OBJECT_push(sk, (WOLFSSL_ASN1_OBJECT*) data); 19335 #endif 19336 default: 19337 /* All other types are pointers */ 19338 node->data.generic = sk->data.generic; 19339 sk->data.generic = (void*)data; 19340 #ifdef OPENSSL_ALL 19341 if (sk->hash_fn) { 19342 sk->hash = sk->hash_fn(sk->data.generic); 19343 } 19344 #endif 17984 19345 break; 17985 case STACK_TYPE_ACCESS_DESCRIPTION: 17986 ret = wolfSSL_sk_ACCESS_DESCRIPTION_push(sk, 17987 (WOLFSSL_ACCESS_DESCRIPTION*) data); 17988 break; 17989 case STACK_TYPE_NULL: 17990 ret = wolfSSL_sk_GENERIC_push(sk, (void*) data); 17991 break; 17992 case STACK_TYPE_OBJ: 17993 ret = wolfSSL_sk_ASN1_OBJECT_push(sk, (WOLFSSL_ASN1_OBJECT*) data); 17994 break; 17995 #endif 17996 default: 17997 ret = wolfSSL_sk_ASN1_OBJECT_push(sk, (WOLFSSL_ASN1_OBJECT*) data); 17998 break; 17999 } 18000 18001 return ret; 19346 } 19347 19348 return WOLFSSL_SUCCESS; 18002 19349 } 18003 19350 … … 18024 19371 } 18025 19372 19373 static WOLFSSL_GENERAL_NAME* wolfSSL_GENERAL_NAME_dup(WOLFSSL_GENERAL_NAME* gn) 19374 { 19375 WOLFSSL_GENERAL_NAME* dupl = NULL; 19376 19377 WOLFSSL_ENTER("wolfSSL_GENERAL_NAME_dup"); 19378 19379 if (!gn) { 19380 WOLFSSL_MSG("Bad parameter"); 19381 return NULL; 19382 } 19383 19384 if (!(dupl = wolfSSL_GENERAL_NAME_new())) { 19385 WOLFSSL_MSG("wolfSSL_GENERAL_NAME_new error"); 19386 return NULL; 19387 } 19388 19389 switch (gn->type) { 19390 /* WOLFSSL_ASN1_STRING types */ 19391 case GEN_DNS: 19392 if (!(dupl->d.dNSName = wolfSSL_ASN1_STRING_dup(gn->d.dNSName))) { 19393 WOLFSSL_MSG("wolfSSL_ASN1_STRING_dup error"); 19394 goto error; 19395 } 19396 break; 19397 case GEN_IPADD: 19398 if (!(dupl->d.iPAddress = wolfSSL_ASN1_STRING_dup(gn->d.iPAddress))) { 19399 WOLFSSL_MSG("wolfSSL_ASN1_STRING_dup error"); 19400 goto error; 19401 } 19402 break; 19403 case GEN_EMAIL: 19404 if (!(dupl->d.rfc822Name = wolfSSL_ASN1_STRING_dup(gn->d.rfc822Name))) { 19405 WOLFSSL_MSG("wolfSSL_ASN1_STRING_dup error"); 19406 goto error; 19407 } 19408 break; 19409 case GEN_URI: 19410 if (!(dupl->d.uniformResourceIdentifier = 19411 wolfSSL_ASN1_STRING_dup(gn->d.uniformResourceIdentifier))) { 19412 WOLFSSL_MSG("wolfSSL_ASN1_STRING_dup error"); 19413 goto error; 19414 } 19415 break; 19416 case GEN_OTHERNAME: 19417 case GEN_X400: 19418 case GEN_DIRNAME: 19419 case GEN_EDIPARTY: 19420 case GEN_RID: 19421 default: 19422 WOLFSSL_MSG("Unrecognized or unsupported GENERAL_NAME type"); 19423 goto error; 19424 } 19425 19426 return dupl; 19427 error: 19428 if (dupl) { 19429 wolfSSL_GENERAL_NAME_free(dupl); 19430 } 19431 return NULL; 19432 } 19433 19434 18026 19435 /* return 1 on success 0 on fail */ 18027 int wolfSSL_sk_GENERAL_NAME_push(WOLF _STACK_OF(WOLFSSL_GENERAL_NAME)* sk,18028 19436 int wolfSSL_sk_GENERAL_NAME_push(WOLFSSL_GENERAL_NAMES* sk, 19437 WOLFSSL_GENERAL_NAME* gn) 18029 19438 { 18030 19439 WOLFSSL_STACK* node; … … 18061 19470 return WOLFSSL_SUCCESS; 18062 19471 } 19472 19473 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 19474 19475 #ifdef OPENSSL_EXTRA 18063 19476 18064 19477 /* Returns the general name at index i from the stack … … 18101 19514 } 18102 19515 19516 #endif /* OPENSSL_EXTRA */ 19517 19518 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 19519 18103 19520 /* Frees all nodes in a GENERAL NAME stack 18104 19521 * … … 18146 19563 wolfSSL_sk_GENERAL_NAME_pop_free(sk, NULL); 18147 19564 } 18148 18149 19565 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 19566 19567 #ifdef OPENSSL_EXTRA 18150 19568 /* returns the number of nodes in stack on success and WOLFSSL_FATAL_ERROR 18151 19569 * on fail */ … … 18203 19621 return NULL; 18204 19622 } 18205 19623 #endif /* OPENSSL_EXTRA */ 19624 19625 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 18206 19626 /* Frees GENERAL_NAME objects. 18207 19627 */ … … 18233 19653 } 18234 19654 } 18235 19655 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 19656 19657 #ifdef OPENSSL_EXTRA 18236 19658 void wolfSSL_GENERAL_NAMES_free(WOLFSSL_GENERAL_NAMES *gens) 18237 19659 { 18238 WOLFSSL_STACK* node;18239 18240 19660 WOLFSSL_ENTER("wolfSSL_GENERAL_NAMES_free"); 18241 19661 … … 18244 19664 } 18245 19665 19666 wolfSSL_sk_free(gens); 19667 } 19668 19669 #if defined(OPENSSL_ALL) 19670 19671 void *wolfSSL_lh_retrieve(WOLFSSL_STACK *sk, void *data) 19672 { 19673 unsigned long hash; 19674 19675 WOLFSSL_ENTER("wolfSSL_lh_retrieve"); 19676 19677 if (!sk || !data) { 19678 WOLFSSL_MSG("Bad parameters"); 19679 return NULL; 19680 } 19681 19682 if (!sk->hash_fn) { 19683 WOLFSSL_MSG("No hash function defined"); 19684 return NULL; 19685 } 19686 19687 hash = sk->hash_fn(data); 19688 19689 while (sk) { 19690 /* Calc hash if not done so yet */ 19691 if (!sk->hash) { 19692 switch (sk->type) { 19693 case STACK_TYPE_CIPHER: 19694 sk->hash = sk->hash_fn(&sk->data.cipher); 19695 break; 19696 default: 19697 sk->hash = sk->hash_fn(sk->data.generic); 19698 break; 19699 } 19700 } 19701 if (sk->hash == hash) { 19702 switch (sk->type) { 19703 case STACK_TYPE_CIPHER: 19704 return &sk->data.cipher; 19705 default: 19706 return sk->data.generic; 19707 } 19708 } 19709 sk = sk->next; 19710 } 19711 19712 return NULL; 19713 } 19714 19715 /** 19716 * This is the same hashing algo for WOLFSSL_CONF_VALUE as OpenSSL 19717 */ 19718 static unsigned long wolfSSL_CONF_VALUE_hash(const WOLFSSL_CONF_VALUE *val) 19719 { 19720 if (val) 19721 return (wolfSSL_LH_strhash(val->section) << 2) ^ 19722 wolfSSL_LH_strhash(val->name); 19723 else 19724 return 0; 19725 } 19726 19727 static int wolfssl_conf_value_cmp(const WOLFSSL_CONF_VALUE *a, 19728 const WOLFSSL_CONF_VALUE *b) 19729 { 19730 int cmp_val; 19731 19732 if (!a || !b) { 19733 return WOLFSSL_FATAL_ERROR; 19734 } 19735 19736 if (a->section != b->section) { 19737 if ((cmp_val = XSTRCMP(a->section, b->section)) != 0) { 19738 return cmp_val; 19739 } 19740 } 19741 19742 if (a->name && b->name) { 19743 return XSTRCMP(a->name, b->name); 19744 } 19745 else if (a->name == b->name) { 19746 return 0; 19747 } 19748 else { 19749 return a->name ? 1 : -1; 19750 } 19751 } 19752 19753 /* Use MD5 for hashing as OpenSSL uses a hash algorithm that is 19754 * "not as good as MD5, but still good" so using MD5 should 19755 * be good enough for this application. The produced hashes don't 19756 * need to line up between OpenSSL and wolfSSL. The hashes are for 19757 * internal indexing only */ 19758 unsigned long wolfSSL_LH_strhash(const char *str) 19759 { 19760 unsigned long ret = 0; 19761 int strLen; 19762 byte digest[WC_MD5_DIGEST_SIZE]; 19763 WOLFSSL_ENTER("wolfSSL_LH_strhash"); 19764 19765 if (!str) 19766 return 0; 19767 19768 #ifndef NO_MD5 19769 strLen = (int)XSTRLEN(str); 19770 if (wc_Md5Hash((const byte*)str, strLen, digest) != 0) { 19771 WOLFSSL_MSG("wc_Md5Hash error"); 19772 return 0; 19773 } 19774 /* Take first 4 bytes in small endian as unsigned long */ 19775 ret = (unsigned int)digest[0]; 19776 ret |= ((unsigned int)digest[1] << 8 ); 19777 ret |= ((unsigned int)digest[2] << 16); 19778 ret |= ((unsigned int)digest[3] << 24); 19779 #else 19780 WOLFSSL_MSG("No md5 available for wolfSSL_LH_strhash"); 19781 #endif 19782 return ret; 19783 } 19784 19785 WOLFSSL_CONF_VALUE *wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve( 19786 WOLF_LHASH_OF(WOLFSSL_CONF_VALUE) *sk, WOLFSSL_CONF_VALUE *data) 19787 { 19788 WOLFSSL_ENTER("wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve"); 19789 19790 if (!sk || !data) { 19791 WOLFSSL_MSG("Bad parameter"); 19792 return NULL; 19793 } 19794 19795 return (WOLFSSL_CONF_VALUE*)wolfSSL_lh_retrieve(sk, data); 19796 } 19797 19798 int wolfSSL_CONF_modules_load(const WOLFSSL_CONF *cnf, const char *appname, 19799 unsigned long flags) 19800 { 19801 WOLFSSL_ENTER("wolfSSL_CONF_modules_load"); 19802 WOLFSSL_MSG("All wolfSSL modules are already compiled in. " 19803 "wolfSSL_CONF_modules_load doesn't load anything new."); 19804 (void)cnf; 19805 (void)appname; 19806 (void)flags; 19807 return WOLFSSL_SUCCESS; 19808 } 19809 19810 WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new(void) 19811 { 19812 WOLFSSL_CONF_VALUE* ret; 19813 19814 WOLFSSL_ENTER("wolfSSL_CONF_new"); 19815 19816 ret = (WOLFSSL_CONF_VALUE*)XMALLOC(sizeof(WOLFSSL_CONF_VALUE), 19817 NULL, DYNAMIC_TYPE_OPENSSL); 19818 if (ret) 19819 XMEMSET(ret, 0, sizeof(WOLFSSL_CONF_VALUE)); 19820 return ret; 19821 } 19822 19823 int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf, 19824 WOLFSSL_CONF_VALUE *section, WOLFSSL_CONF_VALUE *value) 19825 { 19826 WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *sk = NULL; 19827 19828 if (!conf || !section || !value) { 19829 WOLFSSL_MSG("Bad parameter"); 19830 return WOLFSSL_FAILURE; 19831 } 19832 19833 sk = (WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *)section->value; 19834 value->section = section->section; 19835 19836 if (wolfSSL_sk_CONF_VALUE_push(sk, value) != WOLFSSL_SUCCESS) { 19837 WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_push error"); 19838 return WOLFSSL_FAILURE; 19839 } 19840 if (wolfSSL_sk_CONF_VALUE_push(conf->data, value) != WOLFSSL_SUCCESS) { 19841 WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_push error"); 19842 return WOLFSSL_FAILURE; 19843 } 19844 19845 return WOLFSSL_SUCCESS; 19846 } 19847 19848 WOLFSSL_CONF_VALUE *wolfSSL_CONF_new_section(WOLFSSL_CONF *conf, 19849 const char *section) 19850 { 19851 WOLFSSL_CONF_VALUE* ret = NULL; 19852 WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *sk = NULL; 19853 int slen; 19854 19855 WOLFSSL_ENTER("wolfSSL_CONF_new_section"); 19856 19857 if (!conf || !section) { 19858 WOLFSSL_MSG("Bad parameter"); 19859 return NULL; 19860 } 19861 19862 slen = (int)XSTRLEN(section); 19863 19864 if (!(ret = wolfSSL_CONF_VALUE_new())) { 19865 WOLFSSL_MSG("wolfSSL_CONF_new error"); 19866 goto error; 19867 } 19868 19869 if (!(ret->section = (char*)XMALLOC(slen+1, NULL, DYNAMIC_TYPE_OPENSSL))) { 19870 WOLFSSL_MSG("section malloc error"); 19871 goto error; 19872 } 19873 XMEMCPY(ret->section, section, slen+1); 19874 19875 if (!(sk = wolfSSL_sk_CONF_VALUE_new(NULL))) { 19876 WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_new error"); 19877 goto error; 19878 } 19879 19880 ret->value = (char*)sk; 19881 19882 if (wolfSSL_sk_CONF_VALUE_push(conf->data, ret) != WOLFSSL_SUCCESS) { 19883 WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_push error"); 19884 goto error; 19885 } 19886 19887 return ret; 19888 error: 19889 if (ret) { 19890 /* NULL so that wolfSSL_X509V3_conf_free doesn't attempt to free it */ 19891 ret->value = NULL; 19892 wolfSSL_X509V3_conf_free(ret); 19893 } 19894 if (sk) { 19895 wolfSSL_sk_CONF_VALUE_free(sk); 19896 } 19897 return NULL; 19898 } 19899 19900 WOLFSSL_CONF_VALUE *wolfSSL_CONF_get_section(WOLFSSL_CONF *conf, 19901 const char *section) 19902 { 19903 WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *sk = NULL; 19904 19905 WOLFSSL_ENTER("wolfSSL_CONF_get_section"); 19906 19907 if (!conf || !section) { 19908 WOLFSSL_MSG("Bad parameter"); 19909 return NULL; 19910 } 19911 19912 sk = conf->data; 19913 19914 while (sk) { 19915 WOLFSSL_CONF_VALUE* val = sk->data.conf; 19916 if (val) { 19917 if (!val->name && XSTRCMP(section, val->section) == 0) { 19918 return val; 19919 } 19920 } 19921 sk = sk->next; 19922 } 19923 19924 return NULL; 19925 } 19926 19927 WOLFSSL_CONF *wolfSSL_NCONF_new(void *meth) 19928 { 19929 WOLFSSL_CONF* ret; 19930 WOLFSSL_ENTER("wolfSSL_NCONF_new"); 19931 19932 if (meth) { 19933 WOLFSSL_MSG("wolfSSL does not support CONF_METHOD"); 19934 } 19935 19936 ret = (WOLFSSL_CONF*)XMALLOC(sizeof(WOLFSSL_CONF), NULL, DYNAMIC_TYPE_OPENSSL); 19937 if (ret) { 19938 XMEMSET(ret, 0, sizeof(WOLFSSL_CONF)); 19939 ret->data = wolfSSL_sk_CONF_VALUE_new(NULL); 19940 if (!ret->data) { 19941 wolfSSL_NCONF_free(ret); 19942 return NULL; 19943 } 19944 } 19945 return ret; 19946 } 19947 19948 char *wolfSSL_NCONF_get_string(const WOLFSSL_CONF *conf, 19949 const char *group, const char *name) 19950 { 19951 WOLFSSL_CONF_VALUE find_val; 19952 WOLFSSL_CONF_VALUE *val; 19953 WOLFSSL_ENTER("wolfSSL_NCONF_get_string"); 19954 19955 if (!conf) { 19956 #ifdef HAVE_SECURE_GETENV 19957 return secure_getenv(name); 19958 #else 19959 WOLFSSL_MSG("Missing secure_getenv"); 19960 return NULL; 19961 #endif 19962 } 19963 19964 find_val.name = (char *)name; 19965 if (group) { 19966 find_val.section = (char *)group; 19967 val = wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve(conf->data, &find_val); 19968 if (val) 19969 return val->value; 19970 if (XSTRCMP(group, "ENV") == 0) { 19971 #ifdef HAVE_SECURE_GETENV 19972 return secure_getenv(name); 19973 #else 19974 WOLFSSL_MSG("Missing secure_getenv"); 19975 return NULL; 19976 #endif 19977 } 19978 } 19979 19980 find_val.section = (char *)"default"; 19981 val = wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve(conf->data, &find_val); 19982 if (val) 19983 return val->value; 19984 else 19985 return NULL; 19986 } 19987 19988 int wolfSSL_NCONF_get_number(const CONF *conf, const char *group, 19989 const char *name, long *result) 19990 { 19991 char *str; 19992 WOLFSSL_ENTER("wolfSSL_NCONF_get_number"); 19993 19994 if (!conf || !name || !result) { 19995 WOLFSSL_MSG("Bad parameter"); 19996 return WOLFSSL_FAILURE; 19997 } 19998 19999 if (!(str = wolfSSL_NCONF_get_string(conf, group, name))) { 20000 WOLFSSL_MSG("wolfSSL_NCONF_get_string error"); 20001 return WOLFSSL_FAILURE; 20002 } 20003 20004 *result = atol(str); 20005 return WOLFSSL_SUCCESS; 20006 } 20007 20008 /** 20009 * The WOLFSSL_CONF->value member is treated as a 20010 * WOLFSSL_STACK_OF(WOLFSSL_CONF_VALUE) which becomes 20011 * the return value. 20012 * @param conf 20013 * @param section 20014 * @return WOLFSSL_STACK_OF(WOLFSSL_CONF_VALUE) 20015 */ 20016 WOLFSSL_STACK *wolfSSL_NCONF_get_section( 20017 const WOLFSSL_CONF *conf, const char *section) 20018 { 20019 WOLFSSL_CONF_VALUE *val; 20020 WOLFSSL_CONF_VALUE find_val; 20021 20022 WOLFSSL_ENTER("wolfSSL_NCONF_get_section"); 20023 20024 if (!conf || !section) { 20025 WOLFSSL_MSG("Bad parameter"); 20026 return NULL; 20027 } 20028 20029 find_val.name = NULL; 20030 find_val.section = (char*)section; 20031 val = wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve(conf->data, &find_val); 20032 if (val) 20033 return (WOLFSSL_STACK*)val->value; 20034 else 20035 return NULL; 20036 } 20037 20038 static WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new_values(char* section, 20039 char* name, char* value) 20040 { 20041 WOLFSSL_CONF_VALUE* ret; 20042 int len; 20043 20044 WOLFSSL_ENTER("wolfSSL_CONF_VALUE_new_values"); 20045 20046 if (!(ret = wolfSSL_CONF_VALUE_new())) { 20047 WOLFSSL_MSG("wolfSSL_CONF_VALUE_new error"); 20048 return NULL; 20049 } 20050 20051 if (section) { 20052 len = (int)XSTRLEN(section); 20053 ret->section = (char*)XMALLOC(len+1, NULL, DYNAMIC_TYPE_OPENSSL); 20054 if (!ret->section) { 20055 WOLFSSL_MSG("malloc error"); 20056 wolfSSL_X509V3_conf_free(ret); 20057 return NULL; 20058 } 20059 XMEMCPY(ret->section, section, len+1); 20060 } 20061 20062 if (name) { 20063 len = (int)XSTRLEN(name); 20064 ret->name = (char*)XMALLOC(len+1, NULL, DYNAMIC_TYPE_OPENSSL); 20065 if (!ret->name) { 20066 WOLFSSL_MSG("malloc error"); 20067 wolfSSL_X509V3_conf_free(ret); 20068 return NULL; 20069 } 20070 XMEMCPY(ret->name, name, len+1); 20071 } 20072 20073 if (value) { 20074 len = (int)XSTRLEN(value); 20075 ret->value = (char*)XMALLOC(len+1, NULL, DYNAMIC_TYPE_OPENSSL); 20076 if (!ret->value) { 20077 WOLFSSL_MSG("malloc error"); 20078 wolfSSL_X509V3_conf_free(ret); 20079 return NULL; 20080 } 20081 XMEMCPY(ret->value, value, len+1); 20082 } 20083 20084 return ret; 20085 } 20086 20087 static char* expandValue(WOLFSSL_CONF *conf, const char* section, 20088 char *str) 20089 { 20090 int strLen = (int)XSTRLEN(str); 20091 char* ret = NULL; 20092 20093 /* Check to see if there is anything to expand */ 20094 if (XSTRNSTR(str, "$", strLen)) { 20095 int idx = 0; 20096 char* strIdx = str; 20097 ret = (char*)XMALLOC(strLen + 1, NULL, DYNAMIC_TYPE_OPENSSL); 20098 if (!ret) { 20099 WOLFSSL_MSG("malloc error"); 20100 return str; 20101 } 20102 20103 while (*strIdx) { 20104 if (*strIdx == '$') { 20105 /* Expand variable */ 20106 char* startIdx = ++strIdx; 20107 char* endIdx; 20108 const char* s = section; 20109 const char* value; 20110 char prevValue; 20111 20112 if (*startIdx == '{') { 20113 /* First read the section. 20114 * format: ${section_name::var_name} */ 20115 s = ++startIdx; 20116 while (*strIdx && *strIdx != ':') strIdx++; 20117 if (!*strIdx || s == strIdx || strIdx[1] != ':') { 20118 WOLFSSL_MSG("invalid section name in " 20119 "variable expansion"); 20120 goto expand_cleanup; 20121 } 20122 *strIdx = '\0'; 20123 strIdx += 2; 20124 startIdx = strIdx; 20125 } 20126 while (*strIdx && (XISALNUM(*strIdx) || *strIdx == '_')) 20127 strIdx++; 20128 endIdx = strIdx; 20129 if (startIdx == endIdx) { 20130 WOLFSSL_MSG("invalid variable name in config"); 20131 goto expand_cleanup; 20132 } 20133 if (s != section) { 20134 /* We are expecting a trailing '}' */ 20135 if (*strIdx != '}') { 20136 WOLFSSL_MSG("Missing '}' in variable"); 20137 goto expand_cleanup; 20138 } 20139 strIdx++; 20140 } 20141 /* Save char value at the end of the name so that we can place 20142 * a null char there. */ 20143 prevValue = *endIdx; 20144 *endIdx = '\0'; 20145 value = wolfSSL_NCONF_get_string(conf, s, startIdx); 20146 *endIdx = prevValue; 20147 /* Skip copy if no value or zero-length value */ 20148 if (value && *value) { 20149 int valueLen = (int)XSTRLEN(value); 20150 char* newRet; 20151 /* This will allocate slightly more memory than necessary 20152 * but better be safe */ 20153 strLen += valueLen; 20154 newRet = (char*)XREALLOC(ret, strLen + 1, NULL, 20155 DYNAMIC_TYPE_OPENSSL); 20156 if (!newRet) { 20157 WOLFSSL_MSG("realloc error"); 20158 goto expand_cleanup; 20159 } 20160 ret = newRet; 20161 XMEMCPY(ret + idx, value, valueLen); 20162 idx += valueLen; 20163 } 20164 } 20165 else { 20166 ret[idx++] = *strIdx++; 20167 } 20168 } 20169 ret[idx] = '\0'; 20170 } 20171 20172 return ret ? ret : str; 20173 20174 expand_cleanup: 20175 if (ret) 20176 XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL); 20177 return NULL; 20178 } 20179 20180 #define SKIP_WHITESPACE(idx, max_idx) \ 20181 while (idx < max_idx && (*idx == ' ' || *idx == '\t')) \ 20182 {idx++;} 20183 int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline) 20184 { 20185 int ret = WOLFSSL_FAILURE; 20186 WOLFSSL_BIO *in = NULL; 20187 char* buf = NULL; 20188 char* idx = NULL; 20189 char* bufEnd = NULL; 20190 CONF_VALUE* section = NULL; 20191 long line = 0; 20192 int bufLen = 0; 20193 20194 if (!conf || !file) { 20195 WOLFSSL_MSG("Bad parameter"); 20196 return WOLFSSL_FAILURE; 20197 } 20198 20199 /* Open file */ 20200 if (!(in = wolfSSL_BIO_new_file(file, "rb"))) { 20201 WOLFSSL_MSG("wolfSSL_BIO_new_file error"); 20202 return WOLFSSL_FAILURE; 20203 } 20204 20205 /* Read file */ 20206 bufLen = wolfSSL_BIO_get_len(in); 20207 if (bufLen <= 0) { 20208 WOLFSSL_MSG("wolfSSL_BIO_get_len error"); 20209 goto cleanup; 20210 } 20211 if (!(buf = (char*)XMALLOC(bufLen + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER))) { 20212 WOLFSSL_MSG("malloc error"); 20213 goto cleanup; 20214 } 20215 if (wolfSSL_BIO_read(in, buf, bufLen) != bufLen) { 20216 WOLFSSL_MSG("wolfSSL_BIO_read error"); 20217 goto cleanup; 20218 } 20219 20220 if (!(section = wolfSSL_CONF_new_section(conf, "default"))) { 20221 WOLFSSL_MSG("wolfSSL_CONF_new_section error"); 20222 goto cleanup; 20223 } 20224 20225 /* LETS START READING SOME CONFIGS */ 20226 idx = buf; 20227 bufEnd = buf + bufLen; 20228 while (idx < bufEnd) { 20229 char* lineEnd = XSTRNSTR(idx, "\n", (unsigned int)(bufEnd - idx)); 20230 char* maxIdx; 20231 if (!lineEnd) 20232 lineEnd = bufEnd; /* Last line in file */ 20233 maxIdx = XSTRNSTR(idx, "#", (unsigned int)(lineEnd - idx)); 20234 if (!maxIdx) 20235 maxIdx = lineEnd; 20236 line++; 20237 SKIP_WHITESPACE(idx, maxIdx); 20238 if (idx == maxIdx) { 20239 /* Empty line */ 20240 idx = lineEnd + 1; 20241 continue; 20242 } 20243 20244 if (*idx == '[') { 20245 /* New section. Spaces not allowed in section name. */ 20246 char* sectionName; 20247 int sectionNameLen; 20248 20249 if (idx < maxIdx) 20250 idx++; 20251 else { 20252 WOLFSSL_MSG("Invalid section definition."); 20253 goto cleanup; 20254 } 20255 20256 SKIP_WHITESPACE(idx, maxIdx); 20257 sectionName = idx; 20258 /* Find end of section name */ 20259 while (idx < maxIdx && *idx != ' ' && *idx != ']') 20260 idx++; 20261 sectionNameLen = (int)(idx - sectionName); 20262 SKIP_WHITESPACE(idx, maxIdx); 20263 20264 if (*idx != ']') { 20265 WOLFSSL_MSG("Section definition error. " 20266 "Closing brace not found."); 20267 goto cleanup; 20268 } 20269 20270 sectionName[sectionNameLen] = '\0'; 20271 if (!(section = wolfSSL_CONF_get_section(conf, sectionName))) 20272 section = wolfSSL_CONF_new_section(conf, sectionName); 20273 } 20274 else { 20275 char* name; 20276 int nameLen; 20277 char* value; 20278 char* exValue; /* expanded value */ 20279 int valueLen; 20280 WOLFSSL_CONF_VALUE* newVal = NULL; 20281 20282 SKIP_WHITESPACE(idx, maxIdx); 20283 name = idx; 20284 /* Find end of name */ 20285 while (idx < maxIdx && *idx != ' ' && *idx != '=') 20286 idx++; 20287 nameLen = (int)(idx - name); 20288 SKIP_WHITESPACE(idx, maxIdx); 20289 if (*idx != '=') { 20290 WOLFSSL_MSG("Missing equals sign"); 20291 goto cleanup; 20292 } 20293 idx++; 20294 SKIP_WHITESPACE(idx, maxIdx); 20295 value = idx; 20296 /* Find end of value */ 20297 idx = maxIdx-1; 20298 while (idx >= value && (*idx == ' ' || *idx == '\t')) 20299 idx--; 20300 valueLen = (int)(idx - value + 1); 20301 20302 /* Sanity checks */ 20303 if (nameLen <= 0 || valueLen <= 0) { 20304 WOLFSSL_MSG("Sanity checks failed"); 20305 goto cleanup; 20306 } 20307 name[nameLen] = '\0'; 20308 value[valueLen] = '\0'; 20309 20310 if (!(exValue = expandValue(conf, section->section, value))) { 20311 WOLFSSL_MSG("Variable expansion failed"); 20312 goto cleanup; 20313 } 20314 20315 if (!(newVal = wolfSSL_CONF_VALUE_new_values(NULL, 20316 name, exValue))) { 20317 WOLFSSL_MSG("wolfSSL_CONF_VALUE_new_values error"); 20318 if (exValue != value) 20319 XFREE(exValue, NULL, DYNAMIC_TYPE_OPENSSL); 20320 goto cleanup; 20321 } 20322 20323 if (exValue != value) 20324 XFREE(exValue, NULL, DYNAMIC_TYPE_OPENSSL); 20325 20326 if (wolfSSL_CONF_add_string(conf, section, newVal) != 20327 WOLFSSL_SUCCESS) { 20328 WOLFSSL_MSG("wolfSSL_CONF_add_string error"); 20329 goto cleanup; 20330 } 20331 } 20332 idx = lineEnd + 1; 20333 } 20334 20335 ret = WOLFSSL_SUCCESS; 20336 cleanup: 20337 if (in) 20338 wolfSSL_BIO_free(in); 20339 if (buf) 20340 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 20341 if (eline) 20342 *eline = line; 20343 return ret; 20344 } 20345 20346 20347 void wolfSSL_NCONF_free(WOLFSSL_CONF *conf) 20348 { 20349 WOLFSSL_ENTER("wolfSSL_NCONF_free"); 20350 if (conf) { 20351 wolfSSL_sk_CONF_VALUE_free(conf->data); 20352 XFREE(conf, NULL, DYNAMIC_TYPE_OPENSSL); 20353 } 20354 } 20355 20356 void wolfSSL_X509V3_conf_free(WOLFSSL_CONF_VALUE *val) 20357 { 20358 WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *sk = NULL; 20359 20360 if (val) { 20361 if (val->name) { 20362 /* Not a section. Don't free section as it is a shared pointer. */ 20363 XFREE(val->name, NULL, DYNAMIC_TYPE_OPENSSL); 20364 if (val->value) 20365 XFREE(val->value, NULL, DYNAMIC_TYPE_OPENSSL); 20366 } 20367 else { 20368 /* Section so val->value is a stack */ 20369 if (val->section) 20370 XFREE(val->section, NULL, DYNAMIC_TYPE_OPENSSL); 20371 /* Only free the stack structures. The contained conf values 20372 * will be freed in wolfSSL_NCONF_free */ 20373 sk = (WOLF_STACK_OF(WOLFSSL_CONF_VALUE)*)val->value; 20374 while (sk) { 20375 WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *tmp = sk->next; 20376 XFREE(sk, NULL, DYNAMIC_TYPE_OPENSSL); 20377 sk = tmp; 20378 } 20379 } 20380 XFREE(val, NULL, DYNAMIC_TYPE_OPENSSL); 20381 } 20382 } 20383 20384 WOLFSSL_STACK *wolfSSL_sk_CONF_VALUE_new(wolf_sk_compare_cb compFunc) 20385 { 20386 WOLFSSL_STACK* ret; 20387 WOLFSSL_ENTER("wolfSSL_sk_CONF_VALUE_new"); 20388 ret = wolfSSL_sk_new_node(NULL); 20389 if (!ret) 20390 return NULL; 20391 ret->comp = compFunc ? compFunc : (wolf_sk_compare_cb)wolfssl_conf_value_cmp; 20392 ret->hash_fn = (wolf_sk_hash_cb)wolfSSL_CONF_VALUE_hash; 20393 ret->type = STACK_TYPE_CONF_VALUE; 20394 return ret; 20395 } 20396 20397 /* Free the structure for WOLFSSL_CONF_VALUE stack 20398 * 20399 * sk stack to free nodes in 20400 */ 20401 void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk) 20402 { 20403 WOLFSSL_STACK* tmp; 20404 WOLFSSL_ENTER("wolfSSL_sk_CONF_VALUE_free"); 20405 20406 if (sk == NULL) 20407 return; 20408 18246 20409 /* parse through stack freeing each node */ 18247 node = gens->next; 18248 while (gens->num > 1) { 18249 WOLFSSL_STACK* tmp = node; 18250 node = node->next; 18251 18252 wolfSSL_ASN1_OBJECT_free(tmp->data.obj); 18253 XFREE(tmp, NULL, DYNAMIC_TYPE_ASN1); 18254 gens->num -= 1; 18255 } 18256 18257 /* free head of stack */ 18258 if (gens->num == 1) { 18259 wolfSSL_ASN1_OBJECT_free(gens->data.obj); 18260 } 18261 XFREE(gens, NULL, DYNAMIC_TYPE_ASN1); 18262 } 18263 18264 #if defined(OPENSSL_ALL) 20410 while (sk) { 20411 tmp = sk->next; 20412 wolfSSL_X509V3_conf_free(sk->data.conf); 20413 XFREE(sk, NULL, DYNAMIC_TYPE_OPENSSL); 20414 sk = tmp; 20415 } 20416 } 20417 20418 int wolfSSL_sk_CONF_VALUE_num(const WOLFSSL_STACK *sk) 20419 { 20420 WOLFSSL_ENTER("wolfSSL_sk_CONF_VALUE_num"); 20421 if (sk) 20422 return wolfSSL_sk_num(sk); 20423 return 0; 20424 } 20425 20426 WOLFSSL_CONF_VALUE *wolfSSL_sk_CONF_VALUE_value(const WOLFSSL_STACK *sk, int i) 20427 { 20428 WOLFSSL_ENTER("wolfSSL_sk_CONF_VALUE_value"); 20429 if (sk) 20430 return (WOLFSSL_CONF_VALUE*)wolfSSL_sk_value(sk, i); 20431 return NULL; 20432 } 20433 20434 /* return 1 on success 0 on fail */ 20435 int wolfSSL_sk_CONF_VALUE_push(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk, 20436 WOLFSSL_CONF_VALUE* val) 20437 { 20438 WOLFSSL_ENTER("wolfSSL_sk_CONF_VALUE_push"); 20439 20440 if (sk == NULL || val == NULL) { 20441 return WOLFSSL_FAILURE; 20442 } 20443 20444 return wolfSSL_sk_push(sk, val); 20445 } 20446 18265 20447 WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* wolfSSL_sk_X509_EXTENSION_new_null(void) 18266 20448 { … … 18507 20689 } 18508 20690 20691 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) 18509 20692 /* Converts DER encoded DH parameters to a WOLFSSL_DH structure. 18510 20693 * … … 18555 20738 return newDH; 18556 20739 } 20740 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 18557 20741 18558 20742 /* Converts internal WOLFSSL_DH structure to DER encoded DH. … … 18605 20789 #endif /* OPENSSL_EXTRA */ 18606 20790 18607 #ifndef NO_FILESYSTEM 18608 18609 #ifndef NO_STDIO_FILESYSTEM 20791 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) 18610 20792 18611 20793 WOLFSSL_X509* wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file) … … 18645 20827 } 18646 20828 18647 #endif /* NO_STDIO_FILESYSTEM */ 18648 20829 #endif /* OPENSSL_EXTRA && !NO_FILESYSTEM && !NO_STDIO_FILESYSTEM */ 20830 20831 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \ 20832 defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) 20833 20834 #ifndef NO_FILESYSTEM 18649 20835 WOLFSSL_ABI 18650 20836 WOLFSSL_X509* wolfSSL_X509_load_certificate_file(const char* fname, int format) … … 18711 20897 return x509; 18712 20898 } 18713 18714 #endif /* NO_FILESYSTEM */ 18715 18716 18717 WOLFSSL_X509* wolfSSL_X509_load_certificate_buffer( 18718 const unsigned char* buf, int sz, int format) 18719 { 20899 #endif /* !NO_FILESYSTEM */ 20900 20901 static WOLFSSL_X509* loadX509orX509REQFromBuffer( 20902 const unsigned char* buf, int sz, int format, int type) 20903 { 20904 18720 20905 int ret; 18721 20906 WOLFSSL_X509* x509 = NULL; … … 18726 20911 if (format == WOLFSSL_FILETYPE_PEM) { 18727 20912 #ifdef WOLFSSL_PEM_TO_DER 18728 if (PemToDer(buf, sz, CERT_TYPE, &der, NULL, NULL, NULL) != 0) {20913 if (PemToDer(buf, sz, type, &der, NULL, NULL, NULL) != 0) { 18729 20914 FreeDer(&der); 18730 20915 } … … 18734 20919 } 18735 20920 else { 18736 ret = AllocDer(&der, (word32)sz, CERT_TYPE, NULL);20921 ret = AllocDer(&der, (word32)sz, type, NULL); 18737 20922 if (ret == 0) { 18738 20923 XMEMCPY(der->buffer, buf, sz); … … 18756 20941 { 18757 20942 InitDecodedCert(cert, der->buffer, der->length, NULL); 18758 if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0) {20943 if (ParseCertRelative(cert, type, 0, NULL) == 0) { 18759 20944 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL, 18760 20945 DYNAMIC_TYPE_X509); … … 18779 20964 return x509; 18780 20965 } 20966 20967 WOLFSSL_X509* wolfSSL_X509_load_certificate_buffer( 20968 const unsigned char* buf, int sz, int format) 20969 { 20970 return loadX509orX509REQFromBuffer(buf, sz, 20971 format, CERT_TYPE); 20972 } 20973 20974 #ifdef WOLFSSL_CERT_REQ 20975 WOLFSSL_X509* wolfSSL_X509_REQ_load_certificate_buffer( 20976 const unsigned char* buf, int sz, int format) 20977 { 20978 return loadX509orX509REQFromBuffer(buf, sz, 20979 format, CERTREQ_TYPE); 20980 } 20981 #endif 18781 20982 18782 20983 #endif /* KEEP_PEER_CERT || SESSION_CERTS */ … … 18826 21027 return NULL; 18827 21028 } 21029 21030 WOLFSSL_X509* wolfSSL_CTX_get0_certificate(WOLFSSL_CTX* ctx) 21031 { 21032 if (ctx) { 21033 if (ctx->ourCert == NULL) { 21034 if (ctx->certificate == NULL) { 21035 WOLFSSL_MSG("Ctx Certificate buffer not set!"); 21036 return NULL; 21037 } 21038 #ifndef WOLFSSL_X509_STORE_CERTS 21039 ctx->ourCert = wolfSSL_X509_d2i(NULL, 21040 ctx->certificate->buffer, 21041 ctx->certificate->length); 21042 #endif 21043 ctx->ownOurCert = 1; 21044 } 21045 return ctx->ourCert; 21046 } 21047 return NULL; 21048 } 18828 21049 #endif /* OPENSSL_EXTRA && KEEP_OUR_CERT */ 18829 21050 #endif /* NO_CERTS */ 18830 21051 18831 21052 18832 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)18833 #ifndef NO_ASN 21053 #if !defined(NO_ASN) && (defined(OPENSSL_EXTRA) || \ 21054 defined(OPENSSL_EXTRA_X509_SMALL)) 18834 21055 void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj) 18835 21056 { … … 18853 21074 } 18854 21075 } 18855 #endif /* NO_ASN */ 18856 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 18857 18858 #ifdef OPENSSL_EXTRA 18859 #ifndef NO_ASN 21076 18860 21077 WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void) 18861 21078 { … … 18877 21094 } 18878 21095 21096 WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj) 21097 { 21098 WOLFSSL_ASN1_OBJECT* dupl = NULL; 21099 21100 WOLFSSL_ENTER("wolfSSL_ASN1_OBJECT_dup"); 21101 21102 if (!obj) { 21103 WOLFSSL_MSG("Bad parameter"); 21104 return NULL; 21105 } 21106 dupl = wolfSSL_ASN1_OBJECT_new(); 21107 if (!dupl) { 21108 WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new error"); 21109 return NULL; 21110 } 21111 /* Copy data */ 21112 XMEMCPY(dupl->sName, obj->sName, WOLFSSL_MAX_SNAME); 21113 dupl->type = obj->type; 21114 dupl->grp = obj->grp; 21115 dupl->nid = obj->nid; 21116 dupl->objSz = obj->objSz; 21117 if (obj->obj) { 21118 dupl->obj = (const unsigned char*)XMALLOC( 21119 obj->objSz, NULL, DYNAMIC_TYPE_ASN1); 21120 if (!dupl->obj) { 21121 WOLFSSL_MSG("ASN1 obj malloc error"); 21122 wolfSSL_ASN1_OBJECT_free(dupl); 21123 return NULL; 21124 } 21125 XMEMCPY((byte*)dupl->obj, obj->obj, obj->objSz); 21126 dupl->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA; 21127 } 21128 return dupl; 21129 } 21130 #endif /* !NO_ASN && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ 21131 21132 #ifndef NO_ASN 21133 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 18879 21134 /* Creates and returns a new WOLFSSL_CIPHER stack. */ 18880 21135 WOLFSSL_STACK* wolfSSL_sk_new_asn1_obj(void) … … 18895 21150 WOLFSSL_ASN1_OBJECT* obj) 18896 21151 { 18897 WOLFSSL_STACK* node;18898 18899 21152 WOLFSSL_ENTER("wolfSSL_sk_ASN1_OBJECT_push"); 18900 21153 … … 18903 21156 } 18904 21157 18905 /* no previous values in stack */ 18906 if (sk->data.obj == NULL) { 18907 sk->data.obj = obj; 18908 sk->num += 1; 18909 return WOLFSSL_SUCCESS; 18910 } 18911 18912 /* stack already has value(s) create a new node and add more */ 18913 node = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK), NULL, 18914 DYNAMIC_TYPE_ASN1); 18915 if (node == NULL) { 18916 WOLFSSL_MSG("Memory error"); 18917 return WOLFSSL_FAILURE; 18918 } 18919 XMEMSET(node, 0, sizeof(WOLFSSL_STACK)); 18920 18921 /* push new obj onto head of stack */ 18922 node->data.obj = sk->data.obj; 18923 node->next = sk->next; 18924 node->type = sk->type; 18925 sk->next = node; 18926 sk->data.obj = obj; 18927 sk->num += 1; 18928 18929 return WOLFSSL_SUCCESS; 21158 return wolfSSL_sk_push(sk, obj); 18930 21159 } 18931 21160 … … 19015 21244 } 19016 21245 21246 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 21247 #endif /* !NO_ASN */ 21248 21249 #ifdef OPENSSL_EXTRA 21250 #ifndef NO_ASN 21251 19017 21252 int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *in) 19018 21253 { … … 19045 21280 } 19046 21281 21282 int wolfSSL_ASN1_UNIVERSALSTRING_to_string(WOLFSSL_ASN1_STRING *s) 21283 { 21284 char *idx; 21285 char *copy; 21286 WOLFSSL_ENTER("wolfSSL_ASN1_UNIVERSALSTRING_to_string"); 21287 21288 if (!s) { 21289 WOLFSSL_MSG("Bad parameter"); 21290 return WOLFSSL_FAILURE; 21291 } 21292 21293 if (s->type != V_ASN1_UNIVERSALSTRING) { 21294 WOLFSSL_MSG("Input is not a universal string"); 21295 return WOLFSSL_FAILURE; 21296 } 21297 21298 if ((s->length % 4) != 0) { 21299 WOLFSSL_MSG("Input string must be divisible by 4"); 21300 return WOLFSSL_FAILURE; 21301 } 21302 21303 for (idx = s->data; idx < s->data + s->length; idx += 4) 21304 if ((idx[0] != '\0') || (idx[1] != '\0') || (idx[2] != '\0')) 21305 break; 21306 21307 if (idx != s->data + s->length) { 21308 WOLFSSL_MSG("Wrong string format"); 21309 return WOLFSSL_FAILURE; 21310 } 21311 21312 for (copy = idx = s->data; idx < s->data + s->length; idx += 4) 21313 *copy++ = idx[3]; 21314 *copy = '\0'; 21315 s->length /= 4; 21316 s->type = V_ASN1_PRINTABLESTRING; 21317 return WOLFSSL_SUCCESS; 21318 } 21319 19047 21320 /* Returns string representation of ASN1_STRING */ 19048 21321 char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method, … … 19089 21362 } 19090 21363 #endif /* NO_ASN */ 19091 21364 #endif /* OPENSSL_EXTRA */ 21365 21366 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 19092 21367 void wolfSSL_set_connect_state(WOLFSSL* ssl) 19093 21368 { … … 19116 21391 } 19117 21392 } 19118 #endif /* OPENSSL_EXTRA */21393 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 19119 21394 19120 21395 … … 19144 21419 19145 21420 #if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE) 21421 21422 /* return a new malloc'd session with default settings on success */ 21423 static WOLFSSL_SESSION* NewSession(void) 21424 { 21425 WOLFSSL_SESSION* ret = NULL; 21426 21427 ret = (WOLFSSL_SESSION*)XMALLOC(sizeof(WOLFSSL_SESSION), NULL, 21428 DYNAMIC_TYPE_OPENSSL); 21429 if (ret != NULL) { 21430 XMEMSET(ret, 0, sizeof(WOLFSSL_SESSION)); 21431 ret->isAlloced = 1; 21432 } 21433 return ret; 21434 } 21435 21436 WOLFSSL_SESSION* wolfSSL_SESSION_new(void) 21437 { 21438 WOLFSSL_SESSION* ret = NewSession(); 21439 21440 #ifdef OPENSSL_EXTRA 21441 if (ret != NULL) { 21442 if (wc_InitMutex(&ret->refMutex) != 0) { 21443 WOLFSSL_MSG("Error setting up session reference mutex"); 21444 XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL); 21445 return NULL; 21446 } 21447 ret->refCount = 1; 21448 } 21449 #endif 21450 21451 return ret; 21452 } 21453 21454 /* add one to session reference count 21455 * return WOFLSSL_SUCCESS on success and WOLFSSL_FAILURE on error */ 21456 int wolfSSL_SESSION_up_ref(WOLFSSL_SESSION* session) 21457 { 21458 if (session == NULL) 21459 return WOLFSSL_FAILURE; 21460 21461 #ifdef OPENSSL_EXTRA 21462 if (wc_LockMutex(&session->refMutex) != 0) { 21463 WOLFSSL_MSG("Failed to lock session mutex"); 21464 } 21465 session->refCount++; 21466 wc_UnLockMutex(&session->refMutex); 21467 #endif 21468 return WOLFSSL_SUCCESS; 21469 } 21470 21471 19146 21472 WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session) 19147 21473 { … … 19160 21486 #endif 19161 21487 19162 copy = (WOLFSSL_SESSION*)XMALLOC(sizeof(WOLFSSL_SESSION), NULL, 19163 DYNAMIC_TYPE_OPENSSL); 21488 copy = NewSession(); 19164 21489 if (copy != NULL) { 19165 21490 XMEMCPY(copy, session, sizeof(WOLFSSL_SESSION)); 19166 21491 copy->isAlloced = 1; 21492 #ifdef OPENSSL_EXTRA 21493 if (wc_InitMutex(©->refMutex) != 0) { 21494 WOLFSSL_MSG("Error setting up session reference mutex"); 21495 XFREE(copy, NULL, DYNAMIC_TYPE_OPENSSL); 21496 return NULL; 21497 } 21498 copy->refCount = 1; 21499 #endif 19167 21500 #ifdef HAVE_SESSION_TICKET 19168 21501 if (session->isDynamic) { … … 19187 21520 } 19188 21521 19189 void wolfSSL_SESSION_free(WOLFSSL_SESSION* session)21522 void FreeSession(WOLFSSL_SESSION* session, int isAlloced) 19190 21523 { 19191 21524 if (session == NULL) … … 19195 21528 if (session->peer) { 19196 21529 wolfSSL_X509_free(session->peer); 19197 } 19198 #endif 19199 19200 #ifdef HAVE_EXT_CACHE 19201 if (session->isAlloced) { 21530 session->peer = NULL; 21531 } 21532 #endif 21533 21534 #ifdef OPENSSL_EXTRA 21535 /* refCount will always be 1 or more if created externally. 21536 * Internal cache sessions don't initialize a refMutex. */ 21537 if (session->refCount > 0) { 21538 if (wc_LockMutex(&session->refMutex) != 0) { 21539 WOLFSSL_MSG("Failed to lock session mutex"); 21540 } 21541 if (session->refCount > 1) { 21542 session->refCount--; 21543 wc_UnLockMutex(&session->refMutex); 21544 return; 21545 } 21546 wc_UnLockMutex(&session->refMutex); 21547 } 21548 #endif 21549 #if defined(HAVE_EXT_CACHE) || defined(OPENSSL_EXTRA) 21550 if (isAlloced) { 19202 21551 #ifdef HAVE_SESSION_TICKET 19203 21552 if (session->isDynamic) … … 19209 21558 /* No need to free since cache is static */ 19210 21559 (void)session; 19211 #endif 19212 } 19213 #endif 21560 (void)isAlloced; 21561 #endif 21562 } 21563 21564 void wolfSSL_SESSION_free(WOLFSSL_SESSION* session) 21565 { 21566 if (session == NULL) 21567 return; 21568 21569 #if defined(HAVE_EXT_CACHE) || defined(OPENSSL_EXTRA) 21570 FreeSession(session, session->isAlloced); 21571 #else 21572 FreeSession(session, 0); 21573 #endif 21574 } 21575 #endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */ 19214 21576 19215 21577 19216 21578 /* helper function that takes in a protocol version struct and returns string */ 19217 static const char* wolfSSL_internal_get_version( ProtocolVersion* version)21579 static const char* wolfSSL_internal_get_version(const ProtocolVersion* version) 19218 21580 { 19219 21581 WOLFSSL_ENTER("wolfSSL_get_version"); … … 19225 21587 if (version->major == SSLv3_MAJOR) { 19226 21588 switch (version->minor) { 19227 #ifndef NO_OLD_TLS19228 #ifdef WOLFSSL_ALLOW_SSLV319229 21589 case SSLv3_MINOR : 19230 21590 return "SSLv3"; 19231 #endif19232 #ifdef WOLFSSL_ALLOW_TLSV1019233 21591 case TLSv1_MINOR : 19234 21592 return "TLSv1"; 19235 #endif19236 21593 case TLSv1_1_MINOR : 19237 21594 return "TLSv1.1"; 19238 #endif19239 21595 case TLSv1_2_MINOR : 19240 21596 return "TLSv1.2"; 19241 #ifdef WOLFSSL_TLS1319242 21597 case TLSv1_3_MINOR : 19243 #ifdef WOLFSSL_TLS13_DRAFT19244 #ifdef WOLFSSL_TLS13_DRAFT_1819245 return "TLSv1.3 (Draft 18)";19246 #elif defined(WOLFSSL_TLS13_DRAFT_22)19247 return "TLSv1.3 (Draft 22)";19248 #elif defined(WOLFSSL_TLS13_DRAFT_23)19249 return "TLSv1.3 (Draft 23)";19250 #elif defined(WOLFSSL_TLS13_DRAFT_26)19251 return "TLSv1.3 (Draft 26)";19252 #else19253 return "TLSv1.3 (Draft 28)";19254 #endif19255 #else19256 21598 return "TLSv1.3"; 19257 #endif19258 #endif19259 21599 default: 19260 21600 return "unknown"; … … 19277 21617 19278 21618 19279 const char* wolfSSL_get_version( WOLFSSL* ssl)21619 const char* wolfSSL_get_version(const WOLFSSL* ssl) 19280 21620 { 19281 21621 if (ssl == NULL) { … … 19293 21633 return LIBWOLFSSL_VERSION_STRING; 19294 21634 } 21635 21636 #ifdef OPENSSL_EXTRA 21637 const char* wolfSSL_OpenSSL_version(void) 21638 { 21639 return "wolfSSL " LIBWOLFSSL_VERSION_STRING; 21640 } 21641 #endif 19295 21642 19296 21643 … … 19394 21741 } 19395 21742 21743 int wolfSSL_get_cipher_suite_from_name(const char* name, byte* cipherSuite0, 21744 byte* cipherSuite, int *flags) { 21745 if ((name == NULL) || 21746 (cipherSuite0 == NULL) || 21747 (cipherSuite == NULL) || 21748 (flags == NULL)) 21749 return BAD_FUNC_ARG; 21750 return GetCipherSuiteFromName(name, cipherSuite0, cipherSuite, flags); 21751 } 21752 19396 21753 19397 21754 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) … … 19410 21767 } 19411 21768 19412 #ifndef NO_WOLFSSL_STUB19413 /* Keep as stubs for now */19414 21769 /* return 1 on success 0 on fail */ 19415 21770 int wolfSSL_sk_CIPHER_push(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk, 19416 21771 WOLFSSL_CIPHER* cipher) 19417 21772 { 19418 WOLFSSL_STUB("wolfSSL_sk_CIPHER_push"); 19419 (void)sk; 19420 (void)cipher; 19421 return 0; 19422 } 19423 19424 21773 return wolfSSL_sk_push(sk, cipher); 21774 } 21775 21776 #ifndef NO_WOLFSSL_STUB 19425 21777 WOLFSSL_CIPHER* wolfSSL_sk_CIPHER_pop(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk) 19426 21778 { … … 19488 21840 /* free head of stack */ 19489 21841 XFREE(sk, NULL, DYNAMIC_TYPE_ASN1); 21842 } 21843 21844 /** 21845 * This function reads a tab delimetered CSV input and returns 21846 * a populated WOLFSSL_TXT_DB structure. 21847 * @param in Tab delimetered CSV input 21848 * @param num Number of fields in each row. 21849 * @return 21850 */ 21851 WOLFSSL_TXT_DB *wolfSSL_TXT_DB_read(WOLFSSL_BIO *in, int num) 21852 { 21853 WOLFSSL_TXT_DB *ret = NULL; 21854 char *buf = NULL; 21855 char *bufEnd = NULL; 21856 char *idx = NULL; 21857 char* lineEnd = NULL; 21858 int bufSz; 21859 int failed = 1; 21860 /* Space in front of str reserved for field pointers + \0 */ 21861 int fieldsSz = (num + 1) * sizeof(char *); 21862 WOLFSSL_ENTER("wolfSSL_TXT_DB_read"); 21863 21864 if (!in || num <= 0 || num > WOLFSSL_TXT_DB_MAX_FIELDS) { 21865 WOLFSSL_MSG("Bad parameter or too many fields"); 21866 return NULL; 21867 } 21868 21869 if (!(ret = (WOLFSSL_TXT_DB*)XMALLOC(sizeof(WOLFSSL_TXT_DB), NULL, 21870 DYNAMIC_TYPE_OPENSSL))) { 21871 WOLFSSL_MSG("malloc error"); 21872 goto error; 21873 } 21874 XMEMSET (ret, 0, sizeof(WOLFSSL_TXT_DB)); 21875 ret->num_fields = num; 21876 21877 if (!(ret->data = wolfSSL_sk_WOLFSSL_STRING_new())) { 21878 WOLFSSL_MSG("wolfSSL_sk_WOLFSSL_STRING_new error"); 21879 goto error; 21880 } 21881 21882 bufSz = wolfSSL_BIO_get_len(in); 21883 if (bufSz <= 0 || 21884 !(buf = (char*)XMALLOC(bufSz+1, NULL, 21885 DYNAMIC_TYPE_TMP_BUFFER))) { 21886 WOLFSSL_MSG("malloc error or no data in BIO"); 21887 goto error; 21888 } 21889 21890 if (wolfSSL_BIO_read(in, buf, bufSz) != bufSz) { 21891 WOLFSSL_MSG("malloc error or no data in BIO"); 21892 goto error; 21893 } 21894 21895 buf[bufSz] = '\0'; 21896 idx = buf; 21897 for (bufEnd = buf + bufSz; idx < bufEnd; idx = lineEnd + 1) { 21898 char* strBuf = NULL; 21899 char** fieldPtr = NULL; 21900 int fieldPtrIdx = 0; 21901 char* fieldCheckIdx = NULL; 21902 lineEnd = XSTRNSTR(idx, "\n", (unsigned int)(bufEnd - idx)); 21903 if (!lineEnd) 21904 lineEnd = bufEnd; 21905 if (idx == lineEnd) /* empty line */ 21906 continue; 21907 if (*idx == '#') 21908 continue; 21909 *lineEnd = '\0'; 21910 strBuf = (char*)XMALLOC(fieldsSz + lineEnd - idx + 1, NULL, 21911 DYNAMIC_TYPE_OPENSSL); 21912 if (!strBuf) { 21913 WOLFSSL_MSG("malloc error"); 21914 goto error; 21915 } 21916 XMEMCPY(strBuf + fieldsSz, idx, lineEnd - idx + 1); /* + 1 for NULL */ 21917 XMEMSET(strBuf, 0, fieldsSz); 21918 /* Check for appropriate number of fields */ 21919 fieldPtr = (char**)strBuf; 21920 fieldCheckIdx = strBuf + fieldsSz; 21921 fieldPtr[fieldPtrIdx++] = fieldCheckIdx; 21922 while (*fieldCheckIdx != '\0') { 21923 /* Handle escaped tabs */ 21924 if (*fieldCheckIdx == '\t' && fieldCheckIdx[-1] != '\\') { 21925 fieldPtr[fieldPtrIdx++] = fieldCheckIdx + 1; 21926 *fieldCheckIdx = '\0'; 21927 if (fieldPtrIdx > num) { 21928 WOLFSSL_MSG("too many fields"); 21929 XFREE(strBuf, NULL, DYNAMIC_TYPE_OPENSSL); 21930 goto error; 21931 } 21932 } 21933 fieldCheckIdx++; 21934 } 21935 if (fieldPtrIdx != num) { 21936 WOLFSSL_MSG("wrong number of fields"); 21937 XFREE(strBuf, NULL, DYNAMIC_TYPE_OPENSSL); 21938 goto error; 21939 } 21940 if (wolfSSL_sk_push(ret->data, strBuf) != WOLFSSL_SUCCESS) { 21941 WOLFSSL_MSG("wolfSSL_sk_push error"); 21942 XFREE(strBuf, NULL, DYNAMIC_TYPE_OPENSSL); 21943 goto error; 21944 } 21945 } 21946 21947 failed = 0; 21948 error: 21949 if (failed && ret) { 21950 XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL); 21951 ret = NULL; 21952 } 21953 if (buf) { 21954 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 21955 } 21956 return ret; 21957 } 21958 21959 long wolfSSL_TXT_DB_write(WOLFSSL_BIO *out, WOLFSSL_TXT_DB *db) 21960 { 21961 const WOLF_STACK_OF(WOLFSSL_STRING)* data; 21962 long totalLen = 0; 21963 char buf[512]; /* Should be more than enough for a single row */ 21964 char* bufEnd = buf + sizeof(buf); 21965 int sz; 21966 int i; 21967 21968 WOLFSSL_ENTER("wolfSSL_TXT_DB_write"); 21969 21970 if (!out || !db || !db->num_fields) { 21971 WOLFSSL_MSG("Bad parameter"); 21972 return WOLFSSL_FAILURE; 21973 } 21974 21975 data = db->data; 21976 while (data) { 21977 char** fields = (char**)data->data.string; 21978 char* idx = buf; 21979 21980 if (!fields) { 21981 WOLFSSL_MSG("Missing row"); 21982 return WOLFSSL_FAILURE; 21983 } 21984 21985 for (i = 0; i < db->num_fields; i++) { 21986 const char* fieldValue = fields[i]; 21987 if (!fieldValue) { 21988 fieldValue = ""; 21989 } 21990 21991 /* Copy over field escaping tabs */ 21992 while (*fieldValue != '\0') { 21993 if (idx+1 < bufEnd) { 21994 if (*fieldValue == '\t') 21995 *idx++ = '\\'; 21996 *idx++ = *fieldValue++; 21997 } 21998 else { 21999 WOLFSSL_MSG("Data row is too big"); 22000 return WOLFSSL_FAILURE; 22001 } 22002 } 22003 if (idx < bufEnd) { 22004 *idx++ = '\t'; 22005 } 22006 else { 22007 WOLFSSL_MSG("Data row is too big"); 22008 return WOLFSSL_FAILURE; 22009 } 22010 } 22011 idx[-1] = '\n'; 22012 sz = (int)(idx - buf); 22013 22014 if (wolfSSL_BIO_write(out, buf, sz) != sz) { 22015 WOLFSSL_MSG("wolfSSL_BIO_write error"); 22016 return WOLFSSL_FAILURE; 22017 } 22018 totalLen += sz; 22019 22020 data = data->next; 22021 } 22022 22023 return totalLen; 22024 } 22025 22026 int wolfSSL_TXT_DB_insert(WOLFSSL_TXT_DB *db, WOLFSSL_STRING *row) 22027 { 22028 WOLFSSL_ENTER("wolfSSL_TXT_DB_insert"); 22029 22030 if (!db || !row || !db->data) { 22031 WOLFSSL_MSG("Bad parameter"); 22032 return WOLFSSL_FAILURE; 22033 } 22034 22035 if (wolfSSL_sk_push(db->data, row) != WOLFSSL_SUCCESS) { 22036 WOLFSSL_MSG("wolfSSL_sk_push error"); 22037 return WOLFSSL_FAILURE; 22038 } 22039 22040 return WOLFSSL_SUCCESS; 22041 } 22042 22043 void wolfSSL_TXT_DB_free(WOLFSSL_TXT_DB *db) 22044 { 22045 WOLFSSL_ENTER("wolfSSL_TXT_DB_free"); 22046 if (db) { 22047 if (db->data) { 22048 wolfSSL_sk_free(db->data); 22049 } 22050 XFREE(db, NULL, DYNAMIC_TYPE_OPENSSL); 22051 } 22052 } 22053 22054 int wolfSSL_TXT_DB_create_index(WOLFSSL_TXT_DB *db, int field, 22055 void* qual, wolf_sk_hash_cb hash, wolf_sk_compare_cb cmp) 22056 { 22057 WOLFSSL_ENTER("wolfSSL_TXT_DB_create_index"); 22058 (void)qual; 22059 22060 if (!db || !hash || !cmp || field >= db->num_fields || field < 0) { 22061 WOLFSSL_MSG("Bad parameter"); 22062 return WOLFSSL_FAILURE; 22063 } 22064 22065 db->hash_fn[field] = hash; 22066 db->comp[field] = cmp; 22067 22068 return WOLFSSL_SUCCESS; 22069 } 22070 22071 WOLFSSL_STRING *wolfSSL_TXT_DB_get_by_index(WOLFSSL_TXT_DB *db, int idx, 22072 WOLFSSL_STRING *value) 22073 { 22074 WOLFSSL_ENTER("wolfSSL_TXT_DB_get_by_index"); 22075 22076 if (!db || !db->data || idx < 0 || idx >= db->num_fields) { 22077 WOLFSSL_MSG("Bad parameter"); 22078 return NULL; 22079 } 22080 22081 if (!db->hash_fn[idx] || !db->comp[idx]) { 22082 WOLFSSL_MSG("Missing hash or cmp functions"); 22083 return NULL; 22084 } 22085 22086 /* If first data struct has correct hash and cmp function then 22087 * assume others do too */ 22088 if (db->data->hash_fn != db->hash_fn[idx] || 22089 db->data->comp != db->comp[idx]) { 22090 /* Set the hash and comp functions */ 22091 WOLF_STACK_OF(WOLFSSL_STRING)* data = db->data; 22092 while (data) { 22093 if (data->comp != db->comp[idx] || 22094 data->hash_fn != db->hash_fn[idx]) { 22095 data->comp = db->comp[idx]; 22096 data->hash_fn = db->hash_fn[idx]; 22097 data->hash = 0; 22098 } 22099 data= data->next; 22100 } 22101 } 22102 return (WOLFSSL_STRING*) wolfSSL_lh_retrieve(db->data, value); 19490 22103 } 19491 22104 #endif … … 19585 22198 { 19586 22199 WOLFSSL_ENTER("wolfSSL_X509_get_subject_name"); 19587 if (cert && cert->subject.sz != 0)22200 if (cert) 19588 22201 return &cert->subject; 19589 22202 return NULL; 19590 22203 } 19591 22204 19592 #if defined(OPENSSL_EXTRA) && !defined(NO_SHA)22205 #if defined(OPENSSL_EXTRA) && (!defined(NO_SHA) || !defined(NO_SHA256)) 19593 22206 /****************************************************************************** 19594 22207 * wolfSSL_X509_subject_name_hash - compute the hash digest of the raw subject name 22208 * This function prefers SHA-1 (if available) for compatibility 19595 22209 * 19596 22210 * RETURNS: … … 19602 22216 unsigned long wolfSSL_X509_subject_name_hash(const WOLFSSL_X509* x509) 19603 22217 { 19604 word32ret = 0;19605 int retHash ;22218 unsigned long ret = 0; 22219 int retHash = NOT_COMPILED_IN; 19606 22220 WOLFSSL_X509_NAME *subjectName = NULL; 19607 19608 #ifdef WOLFSSL_PIC32MZ_HASH 19609 byte digest[PIC32_DIGEST_SIZE]; 19610 #else 19611 byte digest[WC_SHA_DIGEST_SIZE]; 19612 #endif 19613 19614 if (x509 == NULL){ 19615 return WOLFSSL_FAILURE; 22221 byte digest[WC_MAX_DIGEST_SIZE]; 22222 22223 if (x509 == NULL) { 22224 return ret; 19616 22225 } 19617 22226 19618 22227 subjectName = wolfSSL_X509_get_subject_name((WOLFSSL_X509*)x509); 19619 19620 if (subjectName != NULL){22228 if (subjectName != NULL) { 22229 #ifndef NO_SHA 19621 22230 retHash = wc_ShaHash((const byte*)subjectName->name, 19622 22231 (word32)subjectName->sz, digest); 19623 19624 if(retHash != 0){ 19625 WOLFSSL_MSG("Hash of X509 subjectName has failed"); 19626 return WOLFSSL_FAILURE; 19627 } 19628 ret = MakeWordFromHash(digest); 19629 } 19630 19631 return (unsigned long)ret; 19632 } 19633 #endif 22232 #elif !defined(NO_SHA256) 22233 retHash = wc_Sha256Hash((const byte*)subjectName->name, 22234 (word32)subjectName->sz, digest); 22235 #endif 22236 if (retHash == 0) { 22237 ret = (unsigned long)MakeWordFromHash(digest); 22238 } 22239 } 22240 22241 return ret; 22242 } 22243 22244 unsigned long wolfSSL_X509_issuer_name_hash(const WOLFSSL_X509* x509) 22245 { 22246 unsigned long ret = 0; 22247 int retHash = NOT_COMPILED_IN; 22248 WOLFSSL_X509_NAME *issuerName = NULL; 22249 byte digest[WC_MAX_DIGEST_SIZE]; 22250 22251 if (x509 == NULL) { 22252 return ret; 22253 } 22254 22255 issuerName = wolfSSL_X509_get_issuer_name((WOLFSSL_X509*)x509); 22256 if (issuerName != NULL) { 22257 #ifndef NO_SHA 22258 retHash = wc_ShaHash((const byte*)issuerName->name, 22259 (word32)issuerName->sz, digest); 22260 #elif !defined(NO_SHA256) 22261 retHash = wc_Sha256Hash((const byte*)issuerName->name, 22262 (word32)issuerName->sz, digest); 22263 #endif 22264 if (retHash == 0) { 22265 ret = (unsigned long)MakeWordFromHash(digest); 22266 } 22267 } 22268 return ret; 22269 } 22270 #endif /* OPENSSL_EXTRA && (!NO_SHA || !NO_SHA256) */ 19634 22271 19635 22272 WOLFSSL_ABI … … 19657 22294 #if defined(OPENSSL_EXTRA_X509_SMALL) 19658 22295 22296 /* Searches for the first ENTRY of type NID 22297 * idx is the location to start searching from, the value at when the entry was 22298 * found is stored into idx 22299 * returns a pointer to the entry on success and null on fail */ 22300 static WOLFSSL_X509_NAME_ENTRY* GetEntryByNID(WOLFSSL_X509_NAME* name, int nid, 22301 int* idx) 22302 { 22303 int i; 22304 WOLFSSL_X509_NAME_ENTRY* ret = NULL; 22305 22306 /* and index of less than 0 is assumed to be starting from 0 */ 22307 if (*idx < 0) { 22308 *idx = 0; 22309 } 22310 22311 for (i = *idx; i < MAX_NAME_ENTRIES; i++) { 22312 if (name->entry[i].nid == nid) { 22313 ret = &name->entry[i]; 22314 *idx = i; 22315 break; 22316 } 22317 } 22318 return ret; 22319 } 22320 22321 19659 22322 /* Used to get a string from the WOLFSSL_X509_NAME structure that 19660 * corresponds with the NID value passed in. 22323 * corresponds with the NID value passed in. This finds the first entry with 22324 * matching NID value, if searching for the case where there is multiple 22325 * entries with the same NID value than other functions should be used 22326 * (i.e. wolfSSL_X509_NAME_get_index_by_NID, wolfSSL_X509_NAME_get_entry) 19661 22327 * 19662 22328 * name structure to get string from … … 19674 22340 int nid, char* buf, int len) 19675 22341 { 19676 char *text = NULL; 22342 WOLFSSL_X509_NAME_ENTRY* e; 22343 unsigned char *text = NULL; 19677 22344 int textSz = 0; 22345 int idx = 0; 19678 22346 19679 22347 WOLFSSL_ENTER("wolfSSL_X509_NAME_get_text_by_NID"); 19680 22348 19681 switch (nid) { 19682 case ASN_COMMON_NAME: 19683 text = name->fullName.fullName + name->fullName.cnIdx; 19684 textSz = name->fullName.cnLen; 19685 break; 19686 case ASN_SUR_NAME: 19687 text = name->fullName.fullName + name->fullName.snIdx; 19688 textSz = name->fullName.snLen; 19689 break; 19690 case ASN_SERIAL_NUMBER: 19691 text = name->fullName.fullName + name->fullName.serialIdx; 19692 textSz = name->fullName.serialLen; 19693 break; 19694 case ASN_COUNTRY_NAME: 19695 text = name->fullName.fullName + name->fullName.cIdx; 19696 textSz = name->fullName.cLen; 19697 break; 19698 case ASN_LOCALITY_NAME: 19699 text = name->fullName.fullName + name->fullName.lIdx; 19700 textSz = name->fullName.lLen; 19701 break; 19702 case ASN_STATE_NAME: 19703 text = name->fullName.fullName + name->fullName.stIdx; 19704 textSz = name->fullName.stLen; 19705 break; 19706 case ASN_ORG_NAME: 19707 text = name->fullName.fullName + name->fullName.oIdx; 19708 textSz = name->fullName.oLen; 19709 break; 19710 case ASN_ORGUNIT_NAME: 19711 text = name->fullName.fullName + name->fullName.ouIdx; 19712 textSz = name->fullName.ouLen; 19713 break; 19714 case ASN_DOMAIN_COMPONENT: 19715 text = name->fullName.fullName + name->fullName.dcIdx[0]; 19716 textSz = name->fullName.dcLen[0]; 19717 break; 19718 case NID_emailAddress: 19719 text = name->fullName.fullName + name->fullName.emailIdx; 19720 textSz = name->fullName.emailLen; 19721 break; 19722 #ifdef WOLFSSL_CERT_EXT 19723 case ASN_BUS_CAT: 19724 text = name->fullName.fullName + name->fullName.bcIdx; 19725 textSz = name->fullName.bcLen; 19726 break; 19727 #endif 19728 default: 19729 WOLFSSL_MSG("Entry type not found"); 19730 return WOLFSSL_FATAL_ERROR; 22349 if (name == NULL) { 22350 WOLFSSL_MSG("NULL argument passed in"); 22351 return WOLFSSL_FATAL_ERROR; 22352 } 22353 22354 e = GetEntryByNID(name, nid, &idx); 22355 if (e == NULL) { 22356 WOLFSSL_MSG("Entry type not found"); 22357 return WOLFSSL_FATAL_ERROR; 22358 } 22359 text = wolfSSL_ASN1_STRING_data(e->value); 22360 textSz = wolfSSL_ASN1_STRING_length(e->value); 22361 22362 if (text == NULL) { 22363 WOLFSSL_MSG("Unable to get entry text"); 22364 return WOLFSSL_FATAL_ERROR; 19731 22365 } 19732 22366 19733 22367 /* if buf is NULL return size of buffer needed (minus null char) */ 19734 22368 if (buf == NULL) { 22369 WOLFSSL_MSG("Buffer is NULL, returning buffer size only"); 19735 22370 return textSz; 19736 22371 } … … 19795 22430 if (wolfSSL_RSA_LoadDer_ex(key->rsa, 19796 22431 (const unsigned char*)key->pkey.ptr, key->pkey_sz, 19797 WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) {22432 WOLFSSL_RSA_LOAD_PUBLIC) != WOLFSSL_SUCCESS) { 19798 22433 wolfSSL_EVP_PKEY_free(key); 19799 22434 return NULL; … … 19823 22458 } 19824 22459 19825 if (SetECKeyExternal(key->ecc) != SSL_SUCCESS) {22460 if (SetECKeyExternal(key->ecc) != WOLFSSL_SUCCESS) { 19826 22461 WOLFSSL_MSG("SetECKeyExternal failed"); 19827 22462 wolfSSL_EVP_PKEY_free(key); … … 19844 22479 if (wolfSSL_DSA_LoadDer_ex(key->dsa, 19845 22480 (const unsigned char*)key->pkey.ptr, key->pkey_sz, \ 19846 WOLFSSL_DSA_LOAD_PUBLIC) != SSL_SUCCESS) {22481 WOLFSSL_DSA_LOAD_PUBLIC) != WOLFSSL_SUCCESS) { 19847 22482 wolfSSL_DSA_free(key->dsa); 19848 22483 key->dsa = NULL; … … 19861 22496 /* End of smaller subset of X509 compatibility functions. Avoid increasing the 19862 22497 * size of this subset and its memory usage */ 19863 #endif /* OPENSSL_EXTRA_X509_SMALL */22498 #endif /* OPENSSL_EXTRA_X509_SMALL || KEEP_PEER_CERT || SESSION_CERTS */ 19864 22499 19865 22500 #if defined(OPENSSL_ALL) 19866 22501 /* Takes two WOLFSSL_X509* certificates and performs a Sha hash of each, if the 19867 * has values are the same, then it will do an XMEMCMP to confirm they are22502 * hash values are the same, then it will do an XMEMCMP to confirm they are 19868 22503 * identical. Returns a 0 when certificates match, returns a negative number 19869 22504 * when certificates are not a match. … … 19873 22508 const byte* derA; 19874 22509 const byte* derB; 19875 int retHashA;19876 int retHashB;19877 22510 int outSzA = 0; 19878 22511 int outSzB = 0; 19879 22512 19880 #ifdef WOLFSSL_PIC32MZ_HASH19881 byte digestA[PIC32_DIGEST_SIZE];19882 byte digestB[PIC32_DIGEST_SIZE];19883 #else19884 byte digestA[WC_SHA_DIGEST_SIZE];19885 byte digestB[WC_SHA_DIGEST_SIZE];19886 #endif19887 19888 22513 if (a == NULL || b == NULL){ 19889 22514 return BAD_FUNC_ARG; … … 19891 22516 19892 22517 derA = wolfSSL_X509_get_der((WOLFSSL_X509*)a, &outSzA); 19893 if (derA == NULL){22518 if (derA == NULL){ 19894 22519 WOLFSSL_MSG("wolfSSL_X509_get_der - certificate A has failed"); 19895 22520 return WOLFSSL_FATAL_ERROR; 19896 22521 } 19897 22522 derB = wolfSSL_X509_get_der((WOLFSSL_X509*)b, &outSzB); 19898 if (derB == NULL){22523 if (derB == NULL){ 19899 22524 WOLFSSL_MSG("wolfSSL_X509_get_der - certificate B has failed"); 19900 22525 return WOLFSSL_FATAL_ERROR; 19901 22526 } 19902 22527 19903 retHashA = wc_ShaHash(derA, (word32)outSzA, digestA); 19904 if(retHashA != 0){ 19905 WOLFSSL_MSG("Hash of certificate A has failed"); 19906 return WOLFSSL_FATAL_ERROR; 19907 } 19908 retHashB = wc_ShaHash(derB, (word32)outSzB, digestB); 19909 if(retHashB != 0){ 19910 WOLFSSL_MSG("Hash of certificate B has failed"); 19911 return WOLFSSL_FATAL_ERROR; 19912 } 19913 19914 if (outSzA == outSzB){ 19915 #ifdef WOLFSSL_PIC32MZ_HASH 19916 if(XMEMCMP(digestA, digestB, PIC32_DIGEST_SIZE) != 0){ 19917 return WOLFSSL_FATAL_ERROR; 19918 } 19919 #else 19920 if(XMEMCMP(digestA, digestB, WC_SHA_DIGEST_SIZE) != 0){ 19921 return WOLFSSL_FATAL_ERROR; 19922 } 19923 #endif 19924 else{ 19925 WOLFSSL_LEAVE("wolfSSL_X509_cmp", 0); 19926 return 0; 19927 } 19928 } 19929 else{ 22528 if (outSzA != outSzB || XMEMCMP(derA, derB, outSzA) != 0) { 19930 22529 WOLFSSL_LEAVE("wolfSSL_X509_cmp", WOLFSSL_FATAL_ERROR); 19931 22530 return WOLFSSL_FATAL_ERROR; 19932 22531 } 19933 } 19934 #endif 19935 19936 #if defined(OPENSSL_EXTRA) 19937 #if !defined(NO_CERTS) 22532 22533 WOLFSSL_LEAVE("wolfSSL_X509_cmp", 0); 22534 return 0; 22535 } 22536 #endif /* OPENSSL_ALL */ 22537 22538 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) 19938 22539 int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509* x509, int nid) 19939 22540 { … … 20092 22693 return id; 20093 22694 } 20094 20095 20096 int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME* name) 20097 { 20098 int count = 0; 20099 20100 WOLFSSL_ENTER("wolfSSL_X509_NAME_entry_count"); 20101 20102 if (name != NULL) 20103 count = name->fullName.locSz; 20104 20105 WOLFSSL_LEAVE("wolfSSL_X509_NAME_entry_count", count); 20106 return count; 20107 } 20108 20109 20110 22695 #endif /* !NO_CERTS && OPENSSL_EXTRA */ 22696 22697 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \ 22698 defined(OPENSSL_EXTRA_X509_SMALL) 22699 22700 /* Looks up the index of the first entry encountered with matching NID 22701 * The search starts from index 'pos' 22702 * returns a negative value on failure and positive index value on success*/ 20111 22703 int wolfSSL_X509_NAME_get_index_by_NID(WOLFSSL_X509_NAME* name, 20112 22704 int nid, int pos) … … 20116 22708 WOLFSSL_ENTER("wolfSSL_X509_NAME_get_index_by_NID"); 20117 22709 20118 if (name == NULL || pos >= DN_NAMES_MAX + DOMAIN_COMPONENT_MAX) {22710 if (name == NULL) { 20119 22711 return BAD_FUNC_ARG; 20120 }20121 20122 if (value == NID_emailAddress) {20123 value = ASN_EMAIL_NAME;20124 22712 } 20125 22713 … … 20129 22717 } 20130 22718 20131 for (;i < name->fullName.locSz && 20132 i < DN_NAMES_MAX + DOMAIN_COMPONENT_MAX; i++) { 20133 if (name->fullName.loc[i] == value) { 22719 for (;i < name->entrySz && i < MAX_NAME_ENTRIES; i++) { 22720 if (name->entry[i].nid == value) { 20134 22721 return i; 20135 22722 } … … 20169 22756 } 20170 22757 22758 /** 22759 * Used to duplicate a passed in WOLFSSL_ASN1_STRING* 22760 * @param asn1 WOLFSSL_ASN1_STRING* to be duplicated 22761 * @return WOLFSSL_ASN1_STRING* the duplicate struct or NULL on error 22762 */ 22763 WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_dup(WOLFSSL_ASN1_STRING* asn1) 22764 { 22765 WOLFSSL_ASN1_STRING* dupl = NULL; 22766 22767 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_dup"); 22768 if (!asn1) { 22769 WOLFSSL_MSG("Bad parameter"); 22770 return NULL; 22771 } 22772 22773 dupl = wolfSSL_ASN1_STRING_new(); 22774 if (!dupl) { 22775 WOLFSSL_MSG("wolfSSL_ASN1_STRING_new error"); 22776 return NULL; 22777 } 22778 22779 dupl->type = asn1->type; 22780 dupl->flags = asn1->flags; 22781 22782 if (wolfSSL_ASN1_STRING_set(dupl, asn1->data, asn1->length) 22783 != WOLFSSL_SUCCESS) { 22784 WOLFSSL_MSG("wolfSSL_ASN1_STRING_set error"); 22785 wolfSSL_ASN1_STRING_free(dupl); 22786 return NULL; 22787 } 22788 22789 return dupl; 22790 } 22791 20171 22792 20172 22793 /* used to free a WOLFSSL_ASN1_STRING structure */ … … 20183 22804 } 20184 22805 22806 int wolfSSL_ASN1_STRING_cmp(const WOLFSSL_ASN1_STRING *a, const WOLFSSL_ASN1_STRING *b) 22807 { 22808 int i; 22809 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_cmp"); 22810 22811 if (!a || !b) { 22812 return WOLFSSL_FATAL_ERROR; 22813 } 22814 22815 if (a->length != b->length) { 22816 return a->length - b->length; 22817 } 22818 22819 if ((i = XMEMCMP(a->data, b->data, a->length)) != 0) { 22820 return i; 22821 } 22822 22823 return a->type - b->type; 22824 } 22825 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 22826 22827 #if !defined(NO_CERTS) && (defined(OPENSSL_EXTRA) || \ 22828 defined(OPENSSL_EXTRA_X509_SMALL)) 20185 22829 20186 22830 /* Creates a new WOLFSSL_ASN1_STRING structure given the input type. … … 20224 22868 } 20225 22869 22870 #endif /* !NO_CERTS && OPENSSL_EXTRA */ 22871 22872 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \ 22873 defined(OPENSSL_EXTRA_X509_SMALL) 20226 22874 /* if dataSz is negative then use XSTRLEN to find length of data 20227 22875 * return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure */ … … 20239 22887 20240 22888 if (dataSz < 0) { 20241 sz = (int)XSTRLEN((const char*)data) + 1; /* +1 for null */22889 sz = (int)XSTRLEN((const char*)data); 20242 22890 } 20243 22891 else { … … 20255 22903 } 20256 22904 20257 if (sz > CTC_NAME_SIZE) {22905 if (sz + 1 > CTC_NAME_SIZE) { /* account for null char */ 20258 22906 /* create new data buffer and copy over */ 20259 asn1->data = (char*)XMALLOC(sz , NULL, DYNAMIC_TYPE_OPENSSL);22907 asn1->data = (char*)XMALLOC(sz + 1, NULL, DYNAMIC_TYPE_OPENSSL); 20260 22908 if (asn1->data == NULL) { 20261 22909 return WOLFSSL_FAILURE; … … 20276 22924 return WOLFSSL_SUCCESS; 20277 22925 } 20278 22926 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 22927 22928 #ifndef NO_CERTS 22929 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 20279 22930 20280 22931 unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn) … … 20302 22953 } 20303 22954 } 20304 22955 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 22956 22957 #ifdef OPENSSL_EXTRA 20305 22958 #ifndef NO_WOLFSSL_STUB 20306 22959 WOLFSSL_ASN1_STRING* wolfSSL_d2i_DISPLAYTEXT(WOLFSSL_ASN1_STRING **asn, … … 20315 22968 #endif 20316 22969 22970 #ifndef NO_BIO 20317 22971 #ifdef XSNPRINTF /* a snprintf function needs to be available */ 20318 22972 /* Writes the human readable form of x509 to bio. … … 20328 22982 WOLFSSL_ENTER("wolfSSL_X509_print_ex"); 20329 22983 20330 #ifndef NO_WOLFSSL_STUB20331 22984 /* flags currently not supported */ 20332 22985 (void)nmflags; 20333 22986 (void)cflag; 20334 #endif20335 22987 20336 22988 if (bio == NULL || x509 == NULL) { … … 21003 23655 } 21004 23656 23657 #ifndef NO_FILESYSTEM 23658 int wolfSSL_X509_print_fp(XFILE fp, WOLFSSL_X509 *x509) 23659 { 23660 WOLFSSL_BIO* bio; 23661 int ret; 23662 23663 WOLFSSL_ENTER("wolfSSL_X509_print_fp"); 23664 23665 if (!fp || !x509) { 23666 WOLFSSL_MSG("Bad parameter"); 23667 return WOLFSSL_FAILURE; 23668 } 23669 23670 if (!(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file()))) { 23671 WOLFSSL_MSG("wolfSSL_BIO_new wolfSSL_BIO_s_file error"); 23672 return WOLFSSL_FAILURE; 23673 } 23674 23675 if (wolfSSL_BIO_set_fp(bio, fp, BIO_NOCLOSE) != WOLFSSL_SUCCESS) { 23676 WOLFSSL_MSG("wolfSSL_BIO_set_fp error"); 23677 return WOLFSSL_FAILURE; 23678 } 23679 23680 ret = wolfSSL_X509_print(bio, x509); 23681 23682 wolfSSL_BIO_free(bio); 23683 23684 return ret; 23685 } 23686 #endif /* NO_FILESYSTEM */ 23687 21005 23688 #endif /* XSNPRINTF */ 21006 21007 #endif /* NO_CERTS */ 21008 23689 #endif /* !NO_BIO */ 23690 23691 int wolfSSL_X509_signature_print(WOLFSSL_BIO *bp, 23692 const WOLFSSL_X509_ALGOR *sigalg, const WOLFSSL_ASN1_STRING *sig) 23693 { 23694 (void)sig; 23695 23696 WOLFSSL_ENTER("wolfSSL_X509_signature_print"); 23697 23698 if (!bp || !sigalg) { 23699 WOLFSSL_MSG("Bad parameter"); 23700 return WOLFSSL_FAILURE; 23701 } 23702 23703 if (wolfSSL_BIO_puts(bp, " Signature Algorithm: ") <= 0) { 23704 WOLFSSL_MSG("wolfSSL_BIO_puts error"); 23705 return WOLFSSL_FAILURE; 23706 } 23707 23708 if (wolfSSL_i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) { 23709 WOLFSSL_MSG("wolfSSL_i2a_ASN1_OBJECT error"); 23710 return WOLFSSL_FAILURE; 23711 } 23712 23713 return WOLFSSL_SUCCESS; 23714 } 23715 23716 #ifndef NO_WOLFSSL_STUB 23717 void wolfSSL_X509_get0_signature(const WOLFSSL_ASN1_BIT_STRING **psig, 23718 const WOLFSSL_X509_ALGOR **palg, const WOLFSSL_X509 *x509) 23719 { 23720 (void)psig; 23721 (void)palg; 23722 (void)x509; 23723 WOLFSSL_STUB("wolfSSL_X509_get0_signature"); 23724 } 23725 #endif 23726 23727 #endif /* OPENSSL_EXTRA */ 23728 23729 #endif /* !NO_CERTS */ 23730 23731 #ifdef OPENSSL_EXTRA 21009 23732 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 21010 23733 /* Creates cipher->description based on cipher->offset … … 21039 23762 21040 23763 offset = cipher->offset; 23764 if (offset >= (unsigned long)GetCipherNamesSize()) 23765 return WOLFSSL_FAILURE; 21041 23766 pv.major = cipher_names[offset].major; 21042 23767 pv.minor = cipher_names[offset].minor; … … 21126 23851 return WOLFSSL_SUCCESS; 21127 23852 } 21128 #endif 23853 #endif /* OPENSSL_ALL || WOLFSSL_QT */ 21129 23854 21130 23855 char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER* cipher, char* in, … … 21444 24169 21445 24170 24171 #ifndef NO_BIO 24172 21446 24173 /* Removes a WOLFSSL_BIO struct from the WOLFSSL_BIO linked list. 21447 24174 * … … 21526 24253 { 21527 24254 WOLFSSL_ENTER("wolfSSL_BIO_set_ex_data"); 21528 24255 #ifdef HAVE_EX_DATA 21529 24256 if (bio != NULL && idx < MAX_EX_DATA) { 21530 24257 return wolfSSL_CRYPTO_set_ex_data(&bio->ex_data, idx, data); 21531 24258 } 21532 24259 #else 21533 24260 (void)bio; 21534 24261 (void)idx; 21535 24262 (void)data; 21536 24263 #endif 21537 24264 return WOLFSSL_FAILURE; 21538 24265 } … … 21548 24275 { 21549 24276 WOLFSSL_ENTER("wolfSSL_BIO_get_ex_data"); 21550 24277 #ifdef HAVE_EX_DATA 21551 24278 if (bio != NULL && idx < MAX_EX_DATA && idx >= 0) { 21552 24279 return wolfSSL_CRYPTO_get_ex_data(&bio->ex_data, idx); 21553 24280 } 21554 24281 #else 21555 24282 (void)bio; 21556 24283 (void)idx; 21557 24284 #endif 21558 24285 return NULL; 21559 24286 } 24287 24288 #endif /* !NO_BIO */ 21560 24289 21561 24290 #ifndef NO_WOLFSSL_STUB … … 21632 24361 #endif 21633 24362 21634 24363 #endif /* OPENSSL_EXTRA */ 24364 24365 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 21635 24366 const char* wolfSSL_X509_verify_cert_error_string(long err) 21636 24367 { 21637 24368 return wolfSSL_ERR_reason_error_string(err); 21638 24369 } 21639 24370 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 24371 24372 #ifdef OPENSSL_EXTRA 21640 24373 21641 24374 #ifndef NO_WOLFSSL_STUB … … 21669 24402 return BAD_FUNC_ARG; 21670 24403 21671 fp = XFOPEN(file, "r ");24404 fp = XFOPEN(file, "rb"); 21672 24405 if (fp == XBADFILE) 21673 24406 return BAD_FUNC_ARG; … … 21769 24502 21770 24503 24504 int wolfSSL_X509_LOOKUP_ctrl(WOLFSSL_X509_LOOKUP *ctx, int cmd, 24505 const char *argc, long argl, char **ret) 24506 { 24507 /* control commands: 24508 * X509_L_FILE_LOAD, X509_L_ADD_DIR, X509_L_ADD_STORE, X509_L_LOAD_STORE 24509 */ 24510 24511 /* returns -1 if the X509_LOOKUP doesn't have an associated X509_LOOKUP_METHOD */ 24512 24513 24514 24515 if (ctx != NULL) { 24516 switch (cmd) { 24517 case WOLFSSL_X509_L_FILE_LOAD: 24518 case WOLFSSL_X509_L_ADD_DIR: 24519 case WOLFSSL_X509_L_ADD_STORE: 24520 case WOLFSSL_X509_L_LOAD_STORE: 24521 return WOLFSSL_SUCCESS; 24522 24523 default: 24524 break; 24525 } 24526 24527 } 24528 24529 (void)argc; (void)argl; (void)ret; 24530 24531 return WOLFSSL_FAILURE; 24532 } 24533 24534 21771 24535 WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE* store, 21772 24536 WOLFSSL_X509_LOOKUP_METHOD* m) … … 21783 24547 } 21784 24548 24549 #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) 24550 static int wolfssl_x509_make_der(WOLFSSL_X509* x509, int req, 24551 unsigned char* der, int* derSz, int includeSig); 24552 #endif 21785 24553 21786 24554 #ifndef NO_CERTS 24555 #ifdef WOLFSSL_CERT_GEN 24556 #ifndef NO_BIO 24557 /* Converts the X509 to DER format and outputs it into bio. 24558 * 24559 * bio is the structure to hold output DER 24560 * x509 certificate to create DER from 24561 * req if set then a CSR is generated 24562 * 24563 * returns WOLFSSL_SUCCESS on success 24564 */ 24565 static int loadX509orX509REQFromBio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int req) 24566 { 24567 int ret = WOLFSSL_FAILURE; 24568 /* Get large buffer to hold cert der */ 24569 int derSz = X509_BUFFER_SZ; 24570 #ifdef WOLFSSL_SMALL_STACK 24571 byte* der; 24572 #else 24573 byte der[X509_BUFFER_SZ]; 24574 #endif 24575 WOLFSSL_ENTER("wolfSSL_i2d_X509_bio"); 24576 24577 if (bio == NULL || x509 == NULL) { 24578 return WOLFSSL_FAILURE; 24579 } 24580 24581 #ifdef WOLFSSL_SMALL_STACK 24582 der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 24583 if (!der) { 24584 WOLFSSL_MSG("malloc failed"); 24585 return WOLFSSL_FAILURE; 24586 } 24587 #endif 24588 24589 if (wolfssl_x509_make_der(x509, req, der, &derSz, 1) != WOLFSSL_SUCCESS) { 24590 goto cleanup; 24591 } 24592 24593 if (wolfSSL_BIO_write(bio, der, derSz) != derSz) { 24594 goto cleanup; 24595 } 24596 24597 ret = WOLFSSL_SUCCESS; 24598 cleanup: 24599 #ifdef WOLFSSL_SMALL_STACK 24600 XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); 24601 #endif 24602 24603 return ret; 24604 } 24605 #endif /* !NO_BIO */ 24606 21787 24607 /* Converts the X509 to DER format and outputs it into bio. 21788 24608 * … … 21794 24614 int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509) 21795 24615 { 21796 WOLFSSL_ENTER("wolfSSL_i2d_X509_bio"); 21797 21798 if (bio == NULL || x509 == NULL) { 21799 return WOLFSSL_FAILURE; 21800 } 21801 21802 if (x509->derCert != NULL) { 21803 word32 len = x509->derCert->length; 21804 byte* der = x509->derCert->buffer; 21805 21806 if (wolfSSL_BIO_write(bio, der, len) == (int)len) { 21807 return SSL_SUCCESS; 21808 } 21809 } 21810 21811 return WOLFSSL_FAILURE; 21812 } 21813 24616 return loadX509orX509REQFromBio(bio, x509, 0); 24617 } 24618 24619 #ifdef WOLFSSL_CERT_REQ 24620 int wolfSSL_i2d_X509_REQ_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509) 24621 { 24622 return loadX509orX509REQFromBio(bio, x509, 1); 24623 } 24624 #endif /* WOLFSSL_CERT_REQ */ 24625 #endif /* WOLFSSL_CERT_GEN */ 21814 24626 21815 24627 /* Converts an internal structure to a DER buffer … … 21854 24666 } 21855 24667 21856 21857 /* Converts the DER from bio and creates a WOLFSSL_X509 structure from it.21858 * 21859 * bio is the structure holding DER21860 * x509 certificate to create from DER. Can be NULL21861 * 21862 * returnspointer to WOLFSSL_X509 structure on success and NULL on fail24668 #ifndef NO_BIO 24669 /** 24670 * Converts the DER from bio and creates a WOLFSSL_X509 structure from it. 24671 * @param bio is the structure holding DER 24672 * @param x509 certificate to create from DER. Can be NULL 24673 * @param req 1 for a CSR and 0 for a x509 cert 24674 * @return pointer to WOLFSSL_X509 structure on success and NULL on fail 21863 24675 */ 21864 WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509) 24676 static WOLFSSL_X509* d2i_X509orX509REQ_bio(WOLFSSL_BIO* bio, 24677 WOLFSSL_X509** x509, int req) 21865 24678 { 21866 24679 WOLFSSL_X509* localX509 = NULL; 21867 unsigned char* mem = NULL; 21868 int ret; 21869 word32 size; 24680 byte* mem = NULL; 24681 int size; 21870 24682 21871 24683 WOLFSSL_ENTER("wolfSSL_d2i_X509_bio"); … … 21876 24688 } 21877 24689 21878 ret = wolfSSL_BIO_get_mem_data(bio, &mem);21879 if ( mem == NULL || ret <= 0) {21880 WOLFSSL_MSG(" Failed to get data from bio struct");24690 size = wolfSSL_BIO_get_len(bio); 24691 if (size == 0) { 24692 WOLFSSL_MSG("wolfSSL_BIO_get_len error. Possibly no pending data."); 21881 24693 return NULL; 21882 24694 } 21883 size = ret; 21884 21885 localX509 = wolfSSL_X509_d2i(NULL, mem, size); 24695 24696 if (!(mem = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_OPENSSL))) { 24697 WOLFSSL_MSG("malloc error"); 24698 return NULL; 24699 } 24700 24701 if ((size = wolfSSL_BIO_read(bio, mem, size)) == 0) { 24702 WOLFSSL_MSG("wolfSSL_BIO_read error"); 24703 XFREE(mem, NULL, DYNAMIC_TYPE_OPENSSL); 24704 return NULL; 24705 } 24706 24707 if (req) { 24708 #ifdef WOLFSSL_CERT_REQ 24709 localX509 = wolfSSL_X509_REQ_d2i(NULL, mem, size); 24710 #else 24711 WOLFSSL_MSG("CSR not compiled in"); 24712 #endif 24713 } 24714 else { 24715 localX509 = wolfSSL_X509_d2i(NULL, mem, size); 24716 } 21886 24717 if (localX509 == NULL) { 24718 WOLFSSL_MSG("wolfSSL_X509_d2i error"); 24719 XFREE(mem, NULL, DYNAMIC_TYPE_OPENSSL); 21887 24720 return NULL; 21888 24721 } … … 21892 24725 } 21893 24726 24727 XFREE(mem, NULL, DYNAMIC_TYPE_OPENSSL); 21894 24728 return localX509; 21895 24729 } 21896 24730 #endif /* !NO_BIO */ 24731 24732 WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509) 24733 { 24734 return d2i_X509orX509REQ_bio(bio, x509, 0); 24735 } 24736 24737 #ifdef WOLFSSL_CERT_REQ 24738 WOLFSSL_X509* wolfSSL_d2i_X509_REQ_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509) 24739 { 24740 return d2i_X509orX509REQ_bio(bio, x509, 1); 24741 } 24742 #endif 21897 24743 21898 24744 #if !defined(NO_ASN) && !defined(NO_PWDBASED) 24745 #ifndef NO_BIO 21899 24746 WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, WC_PKCS12** pkcs12) 21900 24747 { … … 21965 24812 if ((certSz > 0) && (certDer != NULL)) { 21966 24813 if (wolfSSL_BIO_write(bio, certDer, certSz) == (int)certSz) { 21967 ret = SSL_SUCCESS;24814 ret = WOLFSSL_SUCCESS; 21968 24815 } 21969 24816 } … … 21976 24823 return ret; 21977 24824 } 21978 21979 /* helper function to get raw pointer to DER buffer from WOLFSSL_EVP_PKEY */ 21980 static int wolfSSL_EVP_PKEY_get_der(WOLFSSL_EVP_PKEY* key, unsigned char** der) 21981 { 21982 if (!key) 21983 return WOLFSSL_FAILURE; 21984 if (der) 21985 *der = (unsigned char*)key->pkey.ptr; 21986 return key->pkey_sz; 21987 } 24825 #endif /* !NO_BIO */ 21988 24826 21989 24827 /* Copies unencrypted DER key buffer into "der". If "der" is null then the size 21990 * of buffer needed is returned 24828 * of buffer needed is returned. If *der == NULL then it allocates a buffer. 21991 24829 * NOTE: This also advances the "der" pointer to be at the end of buffer. 21992 24830 * 21993 24831 * Returns size of key buffer on success 21994 24832 */ 21995 int wolfSSL_i2d_PrivateKey(WOLFSSL_EVP_PKEY* key, unsigned char** der) 21996 { 21997 if (key == NULL) { 21998 return WOLFSSL_FATAL_ERROR; 21999 } 22000 22001 if (key->pkey_sz <= 0 || !key->pkey.ptr) { 22002 return WOLFSSL_FATAL_ERROR; 22003 } 22004 22005 if (der != NULL) { 22006 /* since this function signature has no size value passed in it is 22007 * assumed that the user has allocated a large enough buffer */ 22008 XMEMCPY(*der, key->pkey.ptr, key->pkey_sz); 22009 *der += key->pkey_sz; 22010 } 22011 return key->pkey_sz; 24833 int wolfSSL_i2d_PrivateKey(const WOLFSSL_EVP_PKEY* key, unsigned char** der) 24834 { 24835 return wolfSSL_EVP_PKEY_get_der(key, der); 22012 24836 } 22013 24837 … … 22035 24859 WC_DerCertList* list = NULL; 22036 24860 word32 passSz; 22037 byte* keyDer ;24861 byte* keyDer = NULL; 22038 24862 word32 keyDerSz; 22039 24863 byte* certDer; 22040 24864 int certDerSz; 22041 24865 22042 int ret;22043 22044 24866 WOLFSSL_ENTER("wolfSSL_PKCS12_create()"); 22045 24867 … … 22050 24872 passSz = (word32)XSTRLEN(pass); 22051 24873 22052 if ((ret = wolfSSL_EVP_PKEY_get_der(pkey, &keyDer)) < 0) { 22053 WOLFSSL_LEAVE("wolfSSL_PKCS12_create", ret); 22054 return NULL; 22055 } 22056 keyDerSz = ret; 24874 keyDer = (byte*)pkey->pkey.ptr; 24875 keyDerSz = pkey->pkey_sz; 22057 24876 22058 24877 certDer = (byte*)wolfSSL_X509_get_der(cert, &certDerSz); … … 22191 25010 } 22192 25011 else { 22193 if ( (ret = CopyDecodedToX509(x509, &DeCert)) != 0) {25012 if (CopyDecodedToX509(x509, &DeCert) != 0) { 22194 25013 WOLFSSL_MSG("Failed to copy decoded cert"); 22195 25014 FreeDecodedCert(&DeCert); … … 22262 25081 WOLFSSL_MSG("Issue with parsing certificate"); 22263 25082 } 22264 if ( (ret = CopyDecodedToX509(*cert, &DeCert)) != 0) {25083 if (CopyDecodedToX509(*cert, &DeCert) != 0) { 22265 25084 WOLFSSL_MSG("Failed to copy decoded cert"); 22266 25085 FreeDecodedCert(&DeCert); … … 22315 25134 return WOLFSSL_FAILURE; 22316 25135 } 22317 if ( (ret =wolfSSL_RSA_LoadDer_ex((*pkey)->rsa, pk, pkSz,22318 WOLFSSL_RSA_LOAD_PRIVATE) )!= SSL_SUCCESS) {25136 if (wolfSSL_RSA_LoadDer_ex((*pkey)->rsa, pk, pkSz, 25137 WOLFSSL_RSA_LOAD_PRIVATE) != SSL_SUCCESS) { 22319 25138 WOLFSSL_MSG("issue loading RSA key"); 22320 25139 wolfSSL_X509_free(*cert); *cert = NULL; … … 22391 25210 return WOLFSSL_SUCCESS; 22392 25211 } 22393 #endif /* !defined(NO_ASN) && !defined(NO_PWDBASED) */ 25212 25213 int wolfSSL_PKCS12_verify_mac(WC_PKCS12 *pkcs12, const char *psw, 25214 int pswLen) 25215 { 25216 WOLFSSL_ENTER("wolfSSL_PKCS12_verify_mac"); 25217 25218 if (!pkcs12) { 25219 return WOLFSSL_FAILURE; 25220 } 25221 25222 return wc_PKCS12_verify_ex(pkcs12, (const byte*)psw, pswLen) == 0 ? 25223 WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 25224 } 25225 #endif /* !NO_ASN && !NO_PWDBASED */ 22394 25226 22395 25227 … … 22424 25256 22425 25257 XMEMSET(sk, 0, sizeof(WOLFSSL_STACK)); 22426 ctx->chain = sk;22427 25258 22428 25259 for (i = 0; i < c->count && i < MAX_CHAIN_DEPTH; i++) { … … 22435 25266 } 22436 25267 22437 if (wolfSSL_sk_X509_push(sk, x509) != SSL_SUCCESS) {25268 if (wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS) { 22438 25269 WOLFSSL_MSG("Unable to load x509 into stack"); 22439 25270 wolfSSL_sk_X509_free(sk); … … 22455 25286 if (issuer != NULL && wolfSSL_X509_NAME_cmp(&x509->issuer, 22456 25287 &x509->subject) != 0) { 22457 if (wolfSSL_sk_X509_push(sk, issuer) != SSL_SUCCESS) {25288 if (wolfSSL_sk_X509_push(sk, issuer) != WOLFSSL_SUCCESS) { 22458 25289 WOLFSSL_MSG("Unable to load CA x509 into stack"); 22459 25290 wolfSSL_sk_X509_free(sk); … … 22474 25305 } 22475 25306 #endif 22476 25307 ctx->chain = sk; 22477 25308 } 22478 25309 #endif /* SESSION_CERTS */ … … 22480 25311 return ctx->chain; 22481 25312 } 22482 22483 /* make shallow copy of the stack, data pointers are copied by reference */22484 WOLFSSL_STACK* wolfSSL_sk_X509_dup(WOLFSSL_STACK* sk)22485 {22486 unsigned long i;22487 WOLFSSL_STACK* dup = NULL;22488 WOLFSSL_STACK* node = NULL;22489 WOLFSSL_STACK *dIdx = NULL, *sIdx = sk;22490 22491 if (sk == NULL) {22492 return NULL;22493 }22494 22495 for (i = 0; i < sk->num; i++) {22496 22497 node = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK), NULL,22498 DYNAMIC_TYPE_X509);22499 if (node == NULL) {22500 if (i != 0) {22501 wolfSSL_sk_free(dup);22502 }22503 WOLFSSL_MSG("Memory error");22504 return NULL;22505 }22506 XMEMSET(node, 0, sizeof(WOLFSSL_STACK));22507 22508 /* copy sk node to new node, data by reference */22509 node->data.x509 = sIdx->data.x509;22510 node->num = sIdx->num;22511 22512 /* insert node into list, progress idx */22513 if (i == 0) {22514 dup = node;22515 } else {22516 dIdx->next = node;22517 }22518 22519 dIdx = node;22520 sIdx = sIdx->next;22521 }22522 22523 return dup;22524 }22525 22526 25313 22527 25314 /* like X509_STORE_CTX_get_chain(), but return a copy with data reference … … 22529 25316 WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get1_chain(WOLFSSL_X509_STORE_CTX* ctx) 22530 25317 { 22531 unsigned long i;22532 25318 WOLFSSL_STACK* ref; 22533 WOLFSSL_STACK* dup;22534 25319 22535 25320 if (ctx == NULL) { … … 22544 25329 22545 25330 /* create duplicate of ctx chain */ 22546 dup = wolfSSL_sk_X509_dup(ref); 22547 if (dup == NULL) { 22548 return NULL; 22549 } 22550 22551 /* increase ref counts of inner data X509 */ 22552 ref = dup; 22553 for (i = 0; i < dup->num && ref != NULL; i++) { 22554 if (wc_LockMutex(&ref->data.x509->refMutex) != 0) { 22555 WOLFSSL_MSG("Failed to lock x509 mutex"); 22556 } 22557 ref->data.x509->refCount++; 22558 wc_UnLockMutex(&ref->data.x509->refMutex); 22559 ref = ref->next; 22560 } 22561 22562 return dup; 22563 } 22564 25331 return wolfSSL_sk_dup(ref); 25332 } 25333 25334 #ifndef NO_WOLFSSL_STUB 25335 WOLFSSL_X509_STORE_CTX *wolfSSL_X509_STORE_CTX_get0_parent_ctx( 25336 WOLFSSL_X509_STORE_CTX *ctx) 25337 { 25338 (void)ctx; 25339 WOLFSSL_STUB("wolfSSL_X509_STORE_CTX_get0_parent_ctx"); 25340 return NULL; 25341 } 25342 #endif 22565 25343 22566 25344 int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509) … … 22591 25369 return result; 22592 25370 } 22593 25371 #endif /* !NO_CERTS */ 25372 #endif /* OPENSSL_EXTRA */ 25373 25374 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 22594 25375 WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void) 22595 25376 { … … 22608 25389 22609 25390 #ifdef HAVE_CRL 22610 store->crl = NULL; 22611 if ((store->crl = (WOLFSSL_X509_CRL *)XMALLOC(sizeof(WOLFSSL_X509_CRL), 22612 NULL, DYNAMIC_TYPE_TMP_BUFFER)) == NULL) 22613 goto err_exit; 22614 if (InitCRL(store->crl, NULL) < 0) 22615 goto err_exit; 22616 #endif 22617 22618 #ifdef OPENSSL_EXTRA 25391 store->crl = store->cm->crl; 25392 #endif 25393 25394 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 22619 25395 if ((store->param = (WOLFSSL_X509_VERIFY_PARAM*)XMALLOC( 22620 25396 sizeof(WOLFSSL_X509_VERIFY_PARAM), 22621 NULL, DYNAMIC_TYPE_OPENSSL)) == NULL)25397 NULL, DYNAMIC_TYPE_OPENSSL)) == NULL) { 22622 25398 goto err_exit; 25399 } 22623 25400 22624 25401 #endif … … 22635 25412 } 22636 25413 22637 22638 25414 void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store) 22639 25415 { 22640 25416 if (store != NULL && store->isDynamic) { 22641 if (store->cm != NULL) 25417 if (store->cm != NULL) { 22642 25418 wolfSSL_CertManagerFree(store->cm); 22643 #ifdef HAVE_CRL 22644 if (store->crl != NULL) 22645 wolfSSL_X509_CRL_free(store->crl); 22646 #endif 25419 store->cm = NULL; 25420 } 25421 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 25422 if (store->param != NULL) { 25423 XFREE(store->param, NULL, DYNAMIC_TYPE_OPENSSL); 25424 store->param = NULL; 25425 } 25426 #endif 25427 XFREE(store, NULL, DYNAMIC_TYPE_X509_STORE); 25428 } 25429 } 25430 25431 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 25432 22647 25433 #ifdef OPENSSL_EXTRA 22648 if (store->param != NULL) 22649 XFREE(store->param, NULL, DYNAMIC_TYPE_OPENSSL); 22650 #endif 22651 XFREE(store, NULL, DYNAMIC_TYPE_X509_STORE); 22652 } 22653 } 22654 22655 25434 #ifndef NO_CERTS 22656 25435 int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store, unsigned long flag) 22657 25436 { … … 22666 25445 ret = wolfSSL_CertManagerEnableCRL(store->cm, (int)flag); 22667 25446 } 22668 22669 (void)store;22670 (void)flag;22671 25447 22672 25448 return ret; … … 22763 25539 } 22764 25540 #endif 22765 return SSL_SUCCESS;25541 return WOLFSSL_SUCCESS; 22766 25542 } 22767 25543 return WOLFSSL_FATAL_ERROR; … … 22769 25545 22770 25546 25547 /* free's extra data */ 22771 25548 void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX* ctx) 22772 25549 { 22773 25550 WOLFSSL_ENTER("X509_STORE_CTX_free"); 22774 25551 if (ctx != NULL) { 22775 #if !defined(OPENSSL_ALL) && !defined(WOLFSSL_QT) 22776 if (ctx->store != NULL) 22777 wolfSSL_X509_STORE_free(ctx->store); 22778 #ifndef WOLFSSL_KEEP_STORE_CERTS 22779 if (ctx->current_cert != NULL) 22780 wolfSSL_FreeX509(ctx->current_cert); 22781 #endif 22782 #endif /* !OPENSSL_ALL && !WOLFSSL_QT */ 25552 #ifdef OPENSSL_EXTRA 25553 if (ctx->param != NULL){ 25554 XFREE(ctx->param,NULL,DYNAMIC_TYPE_OPENSSL); 25555 ctx->param = NULL; 25556 } 25557 #endif 25558 XFREE(ctx, NULL, DYNAMIC_TYPE_X509_CTX); 25559 } 25560 } 25561 25562 25563 void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX* ctx) 25564 { 25565 if (ctx != NULL) { 22783 25566 #ifdef OPENSSL_EXTRA 22784 25567 if (ctx->param != NULL){ 22785 25568 XFREE(ctx->param,NULL,DYNAMIC_TYPE_OPENSSL); 22786 } 22787 #endif 22788 XFREE(ctx, NULL, DYNAMIC_TYPE_X509_CTX); 22789 } 22790 } 22791 22792 22793 void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX* ctx) 22794 { 22795 (void)ctx; 22796 /* Do nothing */ 22797 } 22798 22799 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 25569 ctx->param = NULL; 25570 } 25571 #endif 25572 wolfSSL_X509_STORE_CTX_init(ctx, NULL, NULL, NULL); 25573 } 25574 } 25575 25576 25577 void wolfSSL_X509_STORE_CTX_trusted_stack(WOLFSSL_X509_STORE_CTX *ctx, WOLF_STACK_OF(WOLFSSL_X509) *sk) 25578 { 25579 if (ctx != NULL) { 25580 ctx->chain = sk; 25581 } 25582 } 25583 25584 22800 25585 /* Returns corresponding X509 error from internal ASN error <e> */ 22801 25586 static int GetX509Error(int e) … … 22823 25608 } 22824 25609 } 22825 #endif22826 25610 22827 25611 /* Verifies certificate chain using WOLFSSL_X509_STORE_CTX … … 22831 25615 { 22832 25616 int ret = 0; 22833 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)22834 25617 int depth = 0; 22835 25618 int error; 22836 25619 byte *afterDate, *beforeDate; 22837 #endif 25620 22838 25621 WOLFSSL_ENTER("wolfSSL_X509_verify_cert"); 22839 25622 … … 22845 25628 WOLFSSL_FILETYPE_ASN1); 22846 25629 22847 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)22848 25630 /* If there was an error, process it and add it to CTX */ 22849 25631 if (ret < 0) { … … 22856 25638 wolfSSL_X509_STORE_CTX_set_error(ctx, error); 22857 25639 wolfSSL_X509_STORE_CTX_set_error_depth(ctx, depth); 22858 ctx->store->verify_cb(0, ctx); 25640 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 25641 if (ctx->store && ctx->store->verify_cb) 25642 ctx->store->verify_cb(0, ctx); 25643 #endif 22859 25644 } 22860 25645 … … 22867 25652 beforeDate = ctx->current_cert->notBefore.data; 22868 25653 22869 if ( ValidateDate(afterDate,ctx->current_cert->notAfter.type,25654 if (XVALIDATE_DATE(afterDate, (byte)ctx->current_cert->notAfter.type, 22870 25655 AFTER) < 1) { 22871 25656 error = X509_V_ERR_CERT_HAS_EXPIRED; 22872 25657 } 22873 else if ( ValidateDate(beforeDate, ctx->current_cert->notBefore.type,22874 25658 else if (XVALIDATE_DATE(beforeDate, 25659 (byte)ctx->current_cert->notBefore.type, BEFORE) < 1) { 22875 25660 error = X509_V_ERR_CERT_NOT_YET_VALID; 22876 25661 } … … 22879 25664 wolfSSL_X509_STORE_CTX_set_error(ctx, error); 22880 25665 wolfSSL_X509_STORE_CTX_set_error_depth(ctx, depth); 25666 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 22881 25667 if (ctx->store && ctx->store->verify_cb) 22882 25668 ctx->store->verify_cb(0, ctx); 22883 } 22884 #endif /* OPENSSL_ALL || WOLFSSL_QT */ 22885 return ret; 25669 #endif 25670 } 25671 25672 /* OpenSSL returns 0 when a chain can't be built */ 25673 if (ret == ASN_NO_SIGNER_E) 25674 return WOLFSSL_FAILURE; 25675 else 25676 return ret; 22886 25677 } 22887 25678 return WOLFSSL_FATAL_ERROR; 22888 25679 } 22889 22890 25680 22891 25681 /* Use the public key to verify the signature. Note: this only verifies 22892 25682 * the certificate signature. 22893 25683 * returns WOLFSSL_SUCCESS on successful signature verification */ 22894 int wolfSSL_X509_verify(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey)25684 static int verifyX509orX509REQ(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey, int req) 22895 25685 { 22896 25686 int ret; … … 22899 25689 int type; 22900 25690 25691 (void)req; 25692 22901 25693 if (x509 == NULL || pkey == NULL) { 22902 25694 return WOLFSSL_FATAL_ERROR; … … 22927 25719 } 22928 25720 22929 ret = CheckCertSignaturePubKey(der, derSz, x509->heap, 22930 (unsigned char*)pkey->pkey.ptr, pkey->pkey_sz, type); 25721 #ifdef WOLFSSL_CERT_REQ 25722 if (req) 25723 ret = CheckCSRSignaturePubKey(der, derSz, x509->heap, 25724 (unsigned char*)pkey->pkey.ptr, pkey->pkey_sz, type); 25725 else 25726 #endif 25727 ret = CheckCertSignaturePubKey(der, derSz, x509->heap, 25728 (unsigned char*)pkey->pkey.ptr, pkey->pkey_sz, type); 22931 25729 if (ret == 0) { 22932 25730 return WOLFSSL_SUCCESS; … … 22934 25732 return WOLFSSL_FAILURE; 22935 25733 } 22936 #endif /* NO_CERTS */ 25734 25735 int wolfSSL_X509_verify(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey) 25736 { 25737 return verifyX509orX509REQ(x509, pkey, 0); 25738 } 25739 25740 #ifdef WOLFSSL_CERT_REQ 25741 int wolfSSL_X509_REQ_verify(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey) 25742 { 25743 return verifyX509orX509REQ(x509, pkey, 1); 25744 } 25745 #endif /* WOLFSSL_CERT_REQ */ 25746 #endif /* !NO_CERTS */ 22937 25747 22938 25748 #if !defined(NO_FILESYSTEM) … … 23051 25861 WOLFSSL_MSG("Bad argument value"); 23052 25862 } else { 23053 newcrl = 23054 DYNAMIC_TYPE_ TMP_BUFFER);25863 newcrl =(WOLFSSL_X509_CRL*)XMALLOC(sizeof(WOLFSSL_X509_CRL), NULL, 25864 DYNAMIC_TYPE_CRL); 23055 25865 if (newcrl == NULL){ 23056 25866 WOLFSSL_MSG("New CRL allocation failed"); … … 23080 25890 return newcrl; 23081 25891 } 23082 25892 #endif /* HAVE_CRL */ 25893 #endif /* OPENSSL_EXTRA */ 25894 25895 #if defined(HAVE_CRL) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) 23083 25896 void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl) 23084 25897 { 23085 25898 WOLFSSL_ENTER("wolfSSL_X509_CRL_free"); 23086 25899 23087 FreeCRL(crl, 1); 23088 return; 23089 } 23090 #endif /* HAVE_CRL */ 23091 25900 if (crl) 25901 FreeCRL(crl, 1); 25902 } 25903 #endif /* HAVE_CRL && (OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL) */ 25904 25905 #ifdef OPENSSL_EXTRA 23092 25906 #ifndef NO_WOLFSSL_STUB 23093 25907 WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl) … … 23180 25994 } 23181 25995 #endif 25996 25997 25998 WOLFSSL_X509_VERIFY_PARAM* wolfSSL_X509_VERIFY_PARAM_new(void) 25999 { 26000 WOLFSSL_X509_VERIFY_PARAM *param = NULL; 26001 param = (WOLFSSL_X509_VERIFY_PARAM*)XMALLOC( 26002 sizeof(WOLFSSL_X509_VERIFY_PARAM), NULL, DYNAMIC_TYPE_OPENSSL); 26003 if (param != NULL) 26004 XMEMSET(param, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM )); 26005 26006 return(param); 26007 } 26008 26009 26010 void wolfSSL_X509_VERIFY_PARAM_free(WOLFSSL_X509_VERIFY_PARAM *param) 26011 { 26012 if (param != NULL) 26013 XFREE(param, NULL, DYNAMIC_TYPE_OPENSSL); 26014 } 26015 26016 26017 /* Sets flags by OR'ing with existing value. */ 26018 int wolfSSL_X509_VERIFY_PARAM_set_flags(WOLFSSL_X509_VERIFY_PARAM *param, 26019 unsigned long flags) 26020 { 26021 int ret = WOLFSSL_FAILURE; 26022 26023 if (param != NULL) { 26024 param->flags |= flags; 26025 ret = WOLFSSL_SUCCESS; 26026 } 26027 26028 return ret; 26029 } 26030 26031 26032 int wolfSSL_X509_VERIFY_PARAM_get_flags(WOLFSSL_X509_VERIFY_PARAM *param) 26033 { 26034 int ret = 0; 26035 26036 if (param != NULL) { 26037 ret = (int)param->flags; 26038 } 26039 26040 return ret; 26041 } 26042 26043 26044 int wolfSSL_X509_VERIFY_PARAM_clear_flags(WOLFSSL_X509_VERIFY_PARAM *param, 26045 unsigned long flags) 26046 { 26047 int ret = WOLFSSL_FAILURE; 26048 26049 if (param != NULL) { 26050 param->flags &= ~flags; 26051 ret = WOLFSSL_SUCCESS; 26052 } 26053 26054 return ret; 26055 } 26056 26057 23182 26058 /****************************************************************************** 23183 26059 * wolfSSL_X509_VERIFY_PARAM_set1_host - sets the DNS hostname to name … … 23369 26245 #endif /* !NO_ASN_TIME */ 23370 26246 23371 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(USER_TIME) && \23372 !defined( TIME_OVERRIDES)26247 #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \ 26248 !defined(NO_ASN_TIME) && !defined(USER_TIME) && !defined(TIME_OVERRIDES) 23373 26249 WOLFSSL_ASN1_TIME *wolfSSL_X509_time_adj_ex(WOLFSSL_ASN1_TIME *asnTime, 23374 26250 int offset_day, long offset_sec, time_t *in_tm) … … 23415 26291 #endif 23416 26292 26293 #endif /* OPENSSL_EXTRA */ 26294 26295 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 23417 26296 /* Used to create a new WOLFSSL_ASN1_INTEGER structure. 23418 26297 * returns a pointer to new structure on success and NULL on failure … … 23454 26333 WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup(const WOLFSSL_ASN1_INTEGER* src) 23455 26334 { 23456 WOLFSSL_ASN1_INTEGER* dup;26335 WOLFSSL_ASN1_INTEGER* copy; 23457 26336 WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_dup"); 23458 26337 if (!src) 23459 26338 return NULL; 23460 26339 23461 dup= wolfSSL_ASN1_INTEGER_new();23462 23463 if ( dup== NULL)26340 copy = wolfSSL_ASN1_INTEGER_new(); 26341 26342 if (copy == NULL) 23464 26343 return NULL; 23465 26344 23466 dup->negative = src->negative;23467 dup->dataMax = src->dataMax;23468 dup->isDynamic = src->isDynamic;26345 copy->negative = src->negative; 26346 copy->dataMax = src->dataMax; 26347 copy->isDynamic = src->isDynamic; 23469 26348 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 23470 dup->length = src->length;23471 #endif 23472 XSTRNCPY((char*) dup->intData,(const char*)src->intData,WOLFSSL_ASN1_INTEGER_MAX);23473 23474 if ( dup->isDynamic && src->data && dup->dataMax) {23475 dup->data = (unsigned char*)26349 copy->length = src->length; 26350 #endif 26351 XSTRNCPY((char*)copy->intData,(const char*)src->intData,WOLFSSL_ASN1_INTEGER_MAX); 26352 26353 if (copy->isDynamic && src->data && copy->dataMax) { 26354 copy->data = (unsigned char*) 23476 26355 XMALLOC(src->dataMax,NULL,DYNAMIC_TYPE_OPENSSL); 23477 if ( dup->data == NULL) {23478 wolfSSL_ASN1_INTEGER_free( dup);26356 if (copy->data == NULL) { 26357 wolfSSL_ASN1_INTEGER_free(copy); 23479 26358 return NULL; 23480 26359 } 23481 XMEMCPY( dup->data,src->data,dup->dataMax);23482 } 23483 return dup;26360 XMEMCPY(copy->data, src->data, copy->dataMax); 26361 } 26362 return copy; 23484 26363 } 23485 26364 … … 23589 26468 } 23590 26469 23591 #endif /* OPENSSL_EXTRA */26470 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 23592 26471 23593 26472 #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \ 23594 26473 defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) 23595 26474 #ifndef NO_ASN_TIME 26475 #ifndef NO_BIO 23596 26476 int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime) 23597 26477 { … … 23609 26489 sizeof(buf)) == NULL) { 23610 26490 XMEMSET(buf, 0, MAX_TIME_STRING_SZ); 23611 X MEMCPY(buf, "Bad time value", 14);26491 XSTRNCPY(buf, "Bad time value", sizeof(buf)-1); 23612 26492 ret = WOLFSSL_FAILURE; 23613 26493 } … … 23620 26500 return ret; 23621 26501 } 26502 #endif /* !NO_BIO */ 23622 26503 23623 26504 char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, char* buf, int len) … … 23668 26549 #endif 23669 26550 26551 #endif /* OPENSSL_EXTRA */ 26552 26553 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 23670 26554 /* get X509_STORE_CTX ex_data, max idx is MAX_EX_DATA */ 23671 26555 void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX* ctx, int idx) 23672 26556 { 23673 26557 WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_get_ex_data"); 23674 26558 #if defined(HAVE_EX_DATA) || defined(FORTRESS) 23675 26559 if (ctx != NULL) { 23676 26560 return wolfSSL_CRYPTO_get_ex_data(&ctx->ex_data, idx); 23677 26561 } 23678 26562 #else 23679 26563 (void)ctx; 23680 26564 (void)idx; 23681 26565 #endif 23682 26566 return NULL; 23683 26567 } 23684 26568 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 26569 26570 #ifdef OPENSSL_EXTRA 23685 26571 23686 26572 /* set X509_STORE_CTX ex_data, max idx is MAX_EX_DATA. Return WOLFSSL_SUCCESS … … 23690 26576 { 23691 26577 WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_set_ex_data"); 23692 26578 #if defined(HAVE_EX_DATA) || defined(FORTRESS) 23693 26579 if (ctx != NULL) 23694 26580 { 23695 26581 return wolfSSL_CRYPTO_set_ex_data(&ctx->ex_data, idx, data); 23696 26582 } 23697 26583 #else 23698 26584 (void)ctx; 23699 26585 (void)idx; 23700 26586 (void)data; 23701 26587 #endif 23702 26588 return WOLFSSL_FAILURE; 23703 26589 } … … 23733 26619 } 23734 26620 23735 26621 #endif /* OPENSSL_EXTRA */ 26622 26623 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 23736 26624 /* Gets an index to store SSL structure at. 23737 26625 * … … 23745 26633 return 0; 23746 26634 } 23747 23748 26635 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 26636 26637 #ifdef OPENSSL_EXTRA 23749 26638 /* Set an error stat in the X509 STORE CTX 23750 26639 * … … 23799 26688 int wolfSSL_ERR_GET_LIB(unsigned long err) 23800 26689 { 23801 switch (err) { 26690 unsigned long value; 26691 26692 value = (err & 0xFFFFFFL); 26693 switch (value) { 23802 26694 case PEM_R_NO_START_LINE: 23803 26695 case PEM_R_PROBLEMS_GETTING_PASSWORD: … … 24523 27415 #endif /* OPENSSL_EXTRA */ 24524 27416 24525 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)24526 27417 static long wolf_set_options(long old_op, long op) 24527 27418 { … … 24546 27437 #endif 24547 27438 24548 if ((op & SSL_OP_NO_TLSv1_2) ==SSL_OP_NO_TLSv1_2) {27439 if ((op & WOLFSSL_OP_NO_TLSv1_2) == WOLFSSL_OP_NO_TLSv1_2) { 24549 27440 WOLFSSL_MSG("\tSSL_OP_NO_TLSv1_2"); 24550 27441 } 24551 27442 24552 if ((op & SSL_OP_NO_TLSv1_1) ==SSL_OP_NO_TLSv1_1) {27443 if ((op & WOLFSSL_OP_NO_TLSv1_1) == WOLFSSL_OP_NO_TLSv1_1) { 24553 27444 WOLFSSL_MSG("\tSSL_OP_NO_TLSv1_1"); 24554 27445 } 24555 27446 24556 if ((op & SSL_OP_NO_TLSv1) ==SSL_OP_NO_TLSv1) {27447 if ((op & WOLFSSL_OP_NO_TLSv1) == WOLFSSL_OP_NO_TLSv1) { 24557 27448 WOLFSSL_MSG("\tSSL_OP_NO_TLSv1"); 24558 27449 } 24559 27450 24560 if ((op & SSL_OP_NO_SSLv3) ==SSL_OP_NO_SSLv3) {27451 if ((op & WOLFSSL_OP_NO_SSLv3) == WOLFSSL_OP_NO_SSLv3) { 24561 27452 WOLFSSL_MSG("\tSSL_OP_NO_SSLv3"); 24562 27453 } … … 24576 27467 return old_op | op; 24577 27468 } 24578 #endif 24579 24580 #ifdef OPENSSL_EXTRA 27469 27470 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 24581 27471 long wolfSSL_set_options(WOLFSSL* ssl, long op) 24582 27472 { … … 24632 27522 #endif 24633 27523 24634 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, 24635 ssl->options.haveDH, ssl->options.haveNTRU, 24636 ssl->options.haveECDSAsig, ssl->options.haveECC, 24637 ssl->options.haveStaticECC, ssl->options.side); 27524 if (ssl->suites != NULL && ssl->options.side != WOLFSSL_NEITHER_END) 27525 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, 27526 ssl->options.haveDH, ssl->options.haveNTRU, 27527 ssl->options.haveECDSAsig, ssl->options.haveECC, 27528 ssl->options.haveStaticECC, ssl->options.side); 24638 27529 24639 27530 return ssl->options.mask; … … 24648 27539 return ssl->options.mask; 24649 27540 } 27541 27542 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 27543 27544 #if defined(HAVE_SECURE_RENEGOTIATION) \ 27545 || defined(HAVE_SERVER_RENEGOTIATION_INFO) 27546 /* clears the counter for number of renegotiations done 27547 * returns the current count before it is cleared */ 27548 long wolfSSL_clear_num_renegotiations(WOLFSSL *s) 27549 { 27550 long total; 27551 27552 WOLFSSL_ENTER("wolfSSL_clear_num_renegotiations"); 27553 if (s == NULL) 27554 return 0; 27555 27556 total = s->secure_rene_count; 27557 s->secure_rene_count = 0; 27558 return total; 27559 } 27560 27561 27562 /* return the number of renegotiations since wolfSSL_new */ 27563 long wolfSSL_total_renegotiations(WOLFSSL *s) 27564 { 27565 WOLFSSL_ENTER("wolfSSL_total_renegotiations"); 27566 return wolfSSL_num_renegotiations(s); 27567 } 27568 27569 27570 /* return the number of renegotiations since wolfSSL_new */ 27571 long wolfSSL_num_renegotiations(WOLFSSL* s) 27572 { 27573 if (s == NULL) { 27574 return 0; 27575 } 27576 27577 return s->secure_rene_count; 27578 } 27579 27580 27581 /* Is there a renegotiation currently in progress? */ 27582 int wolfSSL_SSL_renegotiate_pending(WOLFSSL *s) 27583 { 27584 return s && s->options.handShakeDone && 27585 s->options.handShakeState != HANDSHAKE_DONE ? 1 : 0; 27586 } 27587 #endif /* HAVE_SECURE_RENEGOTIATION || HAVE_SERVER_RENEGOTIATION_INFO */ 27588 27589 #ifdef OPENSSL_EXTRA 24650 27590 24651 27591 long wolfSSL_clear_options(WOLFSSL* ssl, long opt) … … 24659 27599 24660 27600 24661 #if defined(HAVE_SECURE_RENEGOTIATION) \24662 || defined(HAVE_SERVER_RENEGOTIATION_INFO)24663 /* clears the counter for number of renegotiations done24664 * returns the current count before it is cleared */24665 long wolfSSL_clear_num_renegotiations(WOLFSSL *s)24666 {24667 long total;24668 24669 WOLFSSL_ENTER("wolfSSL_clear_num_renegotiations");24670 if (s == NULL)24671 return 0;24672 24673 total = s->secure_rene_count;24674 s->secure_rene_count = 0;24675 return total;24676 }24677 24678 24679 /* return the number of renegotiations since wolfSSL_new */24680 long wolfSSL_total_renegotiations(WOLFSSL *s)24681 {24682 WOLFSSL_ENTER("wolfSSL_total_renegotiations");24683 return wolfSSL_num_renegotiations(s);24684 }24685 24686 24687 /* return the number of renegotiations since wolfSSL_new */24688 long wolfSSL_num_renegotiations(WOLFSSL* s)24689 {24690 if (s == NULL) {24691 return 0;24692 }24693 24694 return s->secure_rene_count;24695 }24696 #endif /* HAVE_SECURE_RENEGOTIATION || HAVE_SERVER_RENEGOTIATION_INFO */24697 24698 27601 #ifndef NO_DH 24699 27602 long wolfSSL_set_tmp_dh(WOLFSSL *ssl, WOLFSSL_DH *dh) … … 24752 27655 24753 27656 #if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) 24754 const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *sess, unsigned int *sid_ctx_length)24755 { 24756 const byte *c = wolfSSL_SESSION_get_id(( SSL_SESSION *)sess, sid_ctx_length);27657 const unsigned char *SSL_SESSION_get0_id_context(const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length) 27658 { 27659 const byte *c = wolfSSL_SESSION_get_id((WOLFSSL_SESSION *)sess, sid_ctx_length); 24757 27660 return c; 24758 27661 } … … 24966 27869 switch (type) { 24967 27870 case V_ASN1_OBJECT: 24968 a->value.object = value;27871 a->value.object = (WOLFSSL_ASN1_OBJECT*)value; 24969 27872 break; 24970 27873 case V_ASN1_UTCTIME: 24971 a->value.utctime = value;27874 a->value.utctime = (WOLFSSL_ASN1_TIME*)value; 24972 27875 break; 24973 27876 case V_ASN1_GENERALIZEDTIME: 24974 a->value.generalizedtime = value;27877 a->value.generalizedtime = (WOLFSSL_ASN1_TIME*)value; 24975 27878 break; 24976 27879 default: … … 25014 27917 wolfSSL_ASN1_TIME_free(at->value.generalizedtime); 25015 27918 break; 27919 case V_ASN1_UTF8STRING: 27920 case V_ASN1_PRINTABLESTRING: 27921 case V_ASN1_T61STRING: 27922 case V_ASN1_IA5STRING: 27923 case V_ASN1_UNIVERSALSTRING: 27924 wolfSSL_ASN1_STRING_free(at->value.asn1_string); 27925 break; 25016 27926 default: 25017 27927 WOLFSSL_MSG("Unknown or unsupported ASN1_TYPE"); … … 25104 28014 *ppkalg = pub->algor->algorithm; 25105 28015 if (pk) 25106 wolfSSL_EVP_PKEY_get_der(pub->pkey, (unsigned char **)pk);28016 *pk = (unsigned char*)pub->pkey->pkey.ptr; 25107 28017 if (ppklen) 25108 *ppklen = wolfSSL_EVP_PKEY_get_der(pub->pkey, NULL);28018 *ppklen = pub->pkey->pkey_sz; 25109 28019 25110 28020 return WOLFSSL_SUCCESS; … … 25115 28025 { 25116 28026 WOLFSSL_ENTER("wolfSSL_X509_PUBKEY_get"); 25117 if (key == NULL || key->pkey == NULL){28027 if (key == NULL || key->pkey == NULL) { 25118 28028 WOLFSSL_LEAVE("wolfSSL_X509_PUBKEY_get", BAD_FUNC_ARG); 28029 return NULL; 28030 } 28031 if (wolfSSL_EVP_PKEY_up_ref(key->pkey) != WOLFSSL_SUCCESS) { 28032 WOLFSSL_LEAVE("wolfSSL_X509_PUBKEY_get", BAD_MUTEX_E); 25119 28033 return NULL; 25120 28034 } … … 25203 28117 #endif 25204 28118 28119 WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a, 28120 const unsigned char **der, 28121 long length) 28122 { 28123 const unsigned char *d; 28124 long len; 28125 int tag, cls; 28126 WOLFSSL_ASN1_OBJECT* ret = NULL; 28127 28128 WOLFSSL_ENTER("wolfSSL_d2i_ASN1_OBJECT"); 28129 28130 if (!der || !*der || length <= 0) { 28131 WOLFSSL_MSG("Bad parameter"); 28132 return NULL; 28133 } 28134 28135 d = *der; 28136 28137 if (wolfSSL_ASN1_get_object(&d, &len, &tag, &cls, length) & 0x80) { 28138 WOLFSSL_MSG("wolfSSL_ASN1_get_object error"); 28139 return NULL; 28140 } 28141 /* d now points to value */ 28142 28143 if (tag != ASN_OBJECT_ID) { 28144 WOLFSSL_MSG("Not an ASN object"); 28145 return NULL; 28146 } 28147 28148 ret = wolfSSL_c2i_ASN1_OBJECT(a, &d, len); 28149 if (ret) 28150 *der = d; 28151 return ret; 28152 } 28153 28154 /** 28155 * Parse an ASN1 encoded input and output information about the parsed object 28156 * @param in ASN1 encoded data. *in is moved to the value of the ASN1 object 28157 * @param len Length of parsed ASN1 object 28158 * @param tag Tag value of parsed ASN1 object 28159 * @param cls Class of parsed ASN1 object 28160 * @param inLen Length of *in buffer 28161 * @return int Depends on which bits are set in the returned int: 28162 * 0x80 an error occurred during parsing 28163 * 0x20 parsed object is constructed 28164 * 0x01 the parsed object length is infinite 28165 */ 28166 int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag, 28167 int *cls, long inLen) 28168 { 28169 word32 inOutIdx = 0; 28170 int l; 28171 byte t; 28172 int ret = 0x80; 28173 28174 WOLFSSL_ENTER("wolfSSL_ASN1_get_object"); 28175 28176 if (!in || !*in || !len || !tag || !cls || inLen == 0) { 28177 WOLFSSL_MSG("Bad parameter"); 28178 return ret; 28179 } 28180 28181 if (GetASNTag(*in, &inOutIdx, &t, (word32)inLen) != 0) { 28182 WOLFSSL_MSG("GetASNTag error"); 28183 return ret; 28184 } 28185 28186 if (GetLength(*in, &inOutIdx, &l, (word32)inLen) < 0) { 28187 WOLFSSL_MSG("GetLength error"); 28188 return ret; 28189 } 28190 28191 *tag = t & 0x1F; /* Tag number is 5 lsb */ 28192 *cls = t & 0xC0; /* Class is 2 msb */ 28193 *len = l; 28194 ret = t & ASN_CONSTRUCTED; 28195 28196 if (l > (int)(inLen - inOutIdx)) { 28197 /* Still return other values but indicate error in msb */ 28198 ret |= 0x80; 28199 } 28200 28201 *in += inOutIdx; 28202 return ret; 28203 } 28204 28205 WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a, 28206 const unsigned char **pp, long len) 28207 { 28208 WOLFSSL_ASN1_OBJECT* ret = NULL; 28209 28210 WOLFSSL_ENTER("wolfSSL_c2i_ASN1_OBJECT"); 28211 28212 if (!pp || !*pp || len <= 0) { 28213 WOLFSSL_MSG("Bad parameter"); 28214 return NULL; 28215 } 28216 28217 if (!(ret = wolfSSL_ASN1_OBJECT_new())) { 28218 WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new error"); 28219 return NULL; 28220 } 28221 28222 ret->obj = (const unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_ASN1); 28223 if (!ret->obj) { 28224 WOLFSSL_MSG("error allocating asn data memory"); 28225 wolfSSL_ASN1_OBJECT_free(ret); 28226 return NULL; 28227 } 28228 28229 XMEMCPY((byte*)ret->obj, *pp, len); 28230 ret->objSz = (unsigned int)len; 28231 ret->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA; 28232 28233 *pp += len; 28234 28235 if (a) 28236 *a = ret; 28237 return ret; 28238 } 28239 28240 #ifndef NO_BIO 25205 28241 /* Return number of bytes written to BIO on success. 0 on failure. */ 25206 28242 WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, … … 25244 28280 return WOLFSSL_FAILURE; 25245 28281 } 28282 #endif /* !NO_BIO */ 28283 28284 /* Returns object data for an ASN1_OBJECT */ 28285 /* If pp is NULL then only the size is returned */ 28286 /* If pp has pointer to pointer then its used directly */ 28287 /* If pp has pointer to pointer that is NULL then new variable is allocated */ 28288 /* Failure returns WOLFSSL_FAILURE (0) */ 28289 int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp) 28290 { 28291 byte *p; 28292 28293 WOLFSSL_ENTER("wolfSSL_i2d_ASN1_OBJECT"); 28294 28295 if (!a || !a->obj) { 28296 WOLFSSL_MSG("Bad parameters"); 28297 return WOLFSSL_FAILURE; 28298 } 28299 28300 if (!pp) 28301 return a->objSz; 28302 28303 if (*pp) 28304 p = *pp; 28305 else { 28306 p = (byte*)XMALLOC(a->objSz, NULL, DYNAMIC_TYPE_OPENSSL); 28307 if (!p) { 28308 WOLFSSL_MSG("Bad malloc"); 28309 return WOLFSSL_FAILURE; 28310 } 28311 } 28312 28313 XMEMCPY(p, a->obj, a->objSz); 28314 *pp = p + a->objSz; 28315 return a->objSz; 28316 } 25246 28317 25247 28318 #if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) 25248 #ifndef NO_WOLFSSL_STUB 25249 /*** TBD ***/ 25250 WOLFSSL_API size_t SSL_get_finished(const WOLFSSL *s, void *buf, size_t count) 25251 { 25252 (void)s; 25253 (void)buf; 25254 (void)count; 25255 WOLFSSL_STUB("SSL_get_finished"); 25256 return WOLFSSL_FAILURE; 25257 } 25258 #endif 25259 25260 #ifndef NO_WOLFSSL_STUB 25261 /*** TBD ***/ 25262 WOLFSSL_API size_t SSL_get_peer_finished(const WOLFSSL *s, void *buf, size_t count) 25263 { 25264 (void)s; 25265 (void)buf; 25266 (void)count; 25267 WOLFSSL_STUB("SSL_get_peer_finished"); 25268 return WOLFSSL_FAILURE; 25269 } 25270 #endif 28319 WOLFSSL_API size_t wolfSSL_get_finished(const WOLFSSL *ssl, void *buf, size_t count) 28320 { 28321 WOLFSSL_ENTER("SSL_get_finished"); 28322 28323 if (!ssl || !buf || count < TLS_FINISHED_SZ) { 28324 WOLFSSL_MSG("Bad parameter"); 28325 return WOLFSSL_FAILURE; 28326 } 28327 28328 if (ssl->options.side == WOLFSSL_SERVER_END) 28329 XMEMCPY(buf, ssl->serverFinished, 28330 TLS_FINISHED_SZ); 28331 else 28332 XMEMCPY(buf, ssl->clientFinished, 28333 TLS_FINISHED_SZ); 28334 return TLS_FINISHED_SZ; 28335 } 28336 28337 WOLFSSL_API size_t wolfSSL_get_peer_finished(const WOLFSSL *ssl, void *buf, size_t count) 28338 { 28339 WOLFSSL_ENTER("SSL_get_peer_finished"); 28340 28341 if (!ssl || !buf || count < TLS_FINISHED_SZ) { 28342 WOLFSSL_MSG("Bad parameter"); 28343 return WOLFSSL_FAILURE; 28344 } 28345 28346 if (ssl->options.side == WOLFSSL_CLIENT_END) 28347 XMEMCPY(buf, ssl->serverFinished, 28348 TLS_FINISHED_SZ); 28349 else 28350 XMEMCPY(buf, ssl->clientFinished, 28351 TLS_FINISHED_SZ); 28352 return TLS_FINISHED_SZ; 28353 } 25271 28354 #endif /* WOLFSSL_HAPROXY */ 25272 28355 … … 25375 28458 if (readCtx == NULL) { 25376 28459 WOLFSSL_MSG("Memory error"); 28460 wolfSSL_CTX_free(ctx); 25377 28461 return WOLFSSL_FAILURE; 25378 28462 } … … 25417 28501 #endif /* !NO_FILESYSTEM && !NO_WOLFSSL_DIR */ 25418 28502 25419 #ifndef NO_WOLFSSL_STUB 25420 /*** TBD ***/ 25421 WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx) 25422 { 25423 (void)ciphers; 25424 (void)idx; 25425 WOLFSSL_STUB("wolfSSL_sk_SSL_CIPHER_value"); 25426 return NULL; 25427 } 25428 #endif 28503 WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(WOLFSSL_STACK* sk, int i) 28504 { 28505 WOLFSSL_ENTER("wolfSSL_sk_SSL_CIPHER_value"); 28506 return (WOLFSSL_CIPHER*)wolfSSL_sk_value(sk, i); 28507 } 25429 28508 25430 28509 WOLFSSL_API void ERR_load_SSL_strings(void) … … 25594 28673 25595 28674 #ifdef WOLFSSL_SESSION_STATS 25596 if (wolfSSL_get_session_stats(NULL, &total, NULL, NULL) != SSL_SUCCESS) {28675 if (wolfSSL_get_session_stats(NULL, &total, NULL, NULL) != WOLFSSL_SUCCESS) { 25597 28676 WOLFSSL_MSG("Error getting session stats"); 25598 28677 } … … 25672 28751 } 25673 28752 c32to24(derSz, chain + idx); 25674 idx += OPAQUE24_LEN ,28753 idx += OPAQUE24_LEN; 25675 28754 XMEMCPY(chain + idx, der, derSz); 25676 28755 idx += derSz; … … 26308 29387 #endif 26309 29388 29389 #ifndef NO_BIO 29390 26310 29391 #if !defined(NO_FILESYSTEM) && defined (OPENSSL_EXTRA) 26311 29392 /* returns amount printed on success, negative in fail case */ … … 26323 29404 return -1; 26324 29405 } 26325 ret = vfprintf((XFILE)bio->ptr, format, args);29406 ret = XVFPRINTF((XFILE)bio->ptr, format, args); 26326 29407 break; 26327 29408 26328 29409 case WOLFSSL_BIO_MEMORY: 26329 #if defined(OPENSSL_EXTRA) && !defined(_WIN32) 29410 /* In Visual Studio versions prior to Visual Studio 2013, the va_* symbols 29411 aren't defined. If using Visual Studio 2013 or later, define 29412 HAVE_VA_COPY. */ 29413 #if defined(OPENSSL_EXTRA) && (!defined(_WIN32) || defined(HAVE_VA_COPY)) 26330 29414 case WOLFSSL_BIO_SSL: 26331 29415 { … … 26334 29418 va_list copy; 26335 29419 26336 va_copy(copy, args); 26337 count = vsnprintf(NULL, 0, format, args); 29420 #ifdef FUSION_RTOS 29421 copy = args; /* hack, depends on internal implementation 29422 * of va_list in VisualDSP++ */ 29423 #else 29424 va_copy(copy, args); 29425 #endif 29426 count = XVSNPRINTF(NULL, 0, format, args); 26338 29427 if (count >= 0) 26339 29428 { … … 26342 29431 if (pt != NULL) 26343 29432 { 26344 count = vsnprintf(pt, count + 1, format, copy);29433 count = XVSNPRINTF(pt, count + 1, format, copy); 26345 29434 if (count >= 0) 26346 29435 { … … 26377 29466 } 26378 29467 26379 #endif /* ! defined(NO_FILESYSTEM) && defined (OPENSSL_EXTRA)*/29468 #endif /* !NO_FILESYSTEM && OPENSSL_EXTRA */ 26380 29469 26381 29470 #if !defined(NO_FILESYSTEM) && defined(__clang__) … … 26398 29487 26399 29488 if (!buf) { 26400 return fputs("\tNULL", (XFILE)bio->ptr);26401 } 26402 26403 sprintf(line, "\t");29489 return XFPUTS("\tNULL", (XFILE)bio->ptr); 29490 } 29491 29492 XSPRINTF(line, "\t"); 26404 29493 for (i = 0; i < LINE_LEN; i++) { 26405 29494 if (i < length) 26406 sprintf(line + 1 + i * 3,"%02x ", buf[i]);29495 XSPRINTF(line + 1 + i * 3,"%02x ", buf[i]); 26407 29496 else 26408 sprintf(line + 1 + i * 3, " ");26409 } 26410 sprintf(line + 1 + LINE_LEN * 3, "| ");29497 XSPRINTF(line + 1 + i * 3, " "); 29498 } 29499 XSPRINTF(line + 1 + LINE_LEN * 3, "| "); 26411 29500 for (i = 0; i < LINE_LEN; i++) { 26412 29501 if (i < length) { 26413 sprintf(line + 3 + LINE_LEN * 3 + i,29502 XSPRINTF(line + 3 + LINE_LEN * 3 + i, 26414 29503 "%c", 31 < buf[i] && buf[i] < 127 ? buf[i] : '.'); 26415 29504 } 26416 29505 } 26417 ret += fputs(line, (XFILE)bio->ptr);29506 ret += XFPUTS(line, (XFILE)bio->ptr); 26418 29507 26419 29508 if (length > LINE_LEN) … … 26442 29531 return wolfSSL_ASN1_TIME_print(bio, a); 26443 29532 } 29533 29534 #endif /* !NO_BIO */ 26444 29535 26445 29536 /* Checks the ASN1 syntax of "a" … … 26472 29563 } 26473 29564 26474 WOLFSSL_A PI WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_t t)29565 WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_t t) 26475 29566 { 26476 29567 WOLFSSL_STUB("wolfSSL_ASN1_TIME_set"); … … 26479 29570 return s; 26480 29571 } 29572 29573 int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *s, const char *str) 29574 { 29575 int slen; 29576 WOLFSSL_ENTER("wolfSSL_ASN1_TIME_set_string"); 29577 29578 if (!str) { 29579 WOLFSSL_MSG("Bad parameter"); 29580 return WOLFSSL_FAILURE; 29581 } 29582 slen = (int)XSTRLEN(str)+1; 29583 if (slen > CTC_DATE_SIZE) { 29584 WOLFSSL_MSG("Date string too long"); 29585 return WOLFSSL_FAILURE; 29586 } 29587 if (s) { 29588 XMEMCPY(s->data, str, slen); 29589 s->length = slen; 29590 s->type = slen == ASN_UTC_TIME_SIZE ? ASN_UTC_TIME : ASN_GENERALIZED_TIME; 29591 } 29592 return WOLFSSL_SUCCESS; 29593 } 26481 29594 #endif /* !NO_WOLFSSL_STUB */ 29595 29596 #ifndef NO_BIO 26482 29597 26483 29598 /* Return the month as a string. … … 26527 29642 return 0; 26528 29643 } 29644 #endif /* !NO_BIO */ 26529 29645 26530 29646 void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_TIME* asn1Time) … … 26536 29652 } 26537 29653 26538 int wolfSSL_sk_num(WOLFSSL_STACK* sk) 29654 #endif /* OPENSSL_EXTRA */ 29655 29656 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 29657 int wolfSSL_sk_num(const WOLFSSL_STACK* sk) 26539 29658 { 26540 29659 WOLFSSL_ENTER("wolfSSL_sk_num"); … … 26544 29663 } 26545 29664 26546 void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i) 26547 { 26548 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 26549 int offset = i; 26550 #endif 29665 void* wolfSSL_sk_value(const WOLFSSL_STACK* sk, int i) 29666 { 26551 29667 WOLFSSL_ENTER("wolfSSL_sk_value"); 26552 29668 … … 26560 29676 return (void*)sk->data.x509; 26561 29677 case STACK_TYPE_CIPHER: 26562 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)26563 sk->data.cipher.offset = offset;26564 #endif26565 29678 return (void*)&sk->data.cipher; 26566 29679 case STACK_TYPE_GEN_NAME: … … 26572 29685 case STACK_TYPE_X509_EXT: 26573 29686 return (void*)sk->data.ext; 29687 #ifdef OPENSSL_EXTRA 26574 29688 case STACK_TYPE_CONF_VALUE: 26575 return (void*)sk->data.conf->value; 29689 return (void*)sk->data.conf; 29690 #endif 26576 29691 case STACK_TYPE_NULL: 26577 29692 default: 26578 29693 return (void*)sk->data.generic; 26579 29694 } 29695 } 29696 29697 /* copies over data of "in" to "out" */ 29698 static void wolfSSL_CIPHER_copy(WOLFSSL_CIPHER* in, WOLFSSL_CIPHER* out) 29699 { 29700 if (in == NULL || out == NULL) 29701 return; 29702 29703 *out = *in; 29704 } 29705 29706 WOLFSSL_STACK* wolfSSL_sk_dup(WOLFSSL_STACK* sk) 29707 { 29708 29709 WOLFSSL_STACK* ret = NULL; 29710 WOLFSSL_STACK* last = NULL; 29711 29712 WOLFSSL_ENTER("wolfSSL_sk_dup"); 29713 29714 while (sk) { 29715 WOLFSSL_STACK* cur = wolfSSL_sk_new_node(sk->heap); 29716 29717 if (!cur) { 29718 WOLFSSL_MSG("wolfSSL_sk_new_node error"); 29719 goto error; 29720 } 29721 29722 if (!ret) { 29723 /* Set first node */ 29724 ret = cur; 29725 } 29726 29727 if (last) { 29728 last->next = cur; 29729 } 29730 29731 XMEMCPY(cur, sk, sizeof(WOLFSSL_STACK)); 29732 29733 /* We will allocate new memory for this */ 29734 XMEMSET(&cur->data, 0, sizeof(cur->data)); 29735 cur->next = NULL; 29736 29737 switch (sk->type) { 29738 case STACK_TYPE_X509: 29739 cur->data.x509 = wolfSSL_X509_dup(sk->data.x509); 29740 if (!cur->data.x509) { 29741 WOLFSSL_MSG("wolfSSL_X509_dup error"); 29742 goto error; 29743 } 29744 break; 29745 case STACK_TYPE_CIPHER: 29746 wolfSSL_CIPHER_copy(&sk->data.cipher, &cur->data.cipher); 29747 break; 29748 case STACK_TYPE_GEN_NAME: 29749 cur->data.gn = wolfSSL_GENERAL_NAME_dup(sk->data.gn); 29750 if (!cur->data.gn) { 29751 WOLFSSL_MSG("wolfSSL_GENERAL_NAME_new error"); 29752 goto error; 29753 } 29754 break; 29755 case STACK_TYPE_OBJ: 29756 cur->data.obj = wolfSSL_ASN1_OBJECT_dup(sk->data.obj); 29757 if (!cur->data.obj) { 29758 WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_dup error"); 29759 goto error; 29760 } 29761 break; 29762 case STACK_TYPE_ACCESS_DESCRIPTION: 29763 case STACK_TYPE_X509_EXT: 29764 case STACK_TYPE_CONF_VALUE: 29765 case STACK_TYPE_NULL: 29766 default: 29767 WOLFSSL_MSG("Unsupported stack type"); 29768 goto error; 29769 } 29770 29771 sk = sk->next; 29772 last = cur; 29773 } 29774 return ret; 29775 29776 error: 29777 if (ret) { 29778 wolfSSL_sk_GENERAL_NAME_free(ret); 29779 } 29780 return NULL; 26580 29781 } 26581 29782 … … 26610 29811 wolfSSL_sk_ASN1_OBJECT_free(sk); 26611 29812 break; 29813 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ 29814 defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) 29815 case STACK_TYPE_STRING: 29816 wolfSSL_sk_WOLFSSL_STRING_free(sk); 29817 break; 29818 #endif 26612 29819 #ifdef OPENSSL_ALL 26613 29820 case STACK_TYPE_X509_INFO: … … 26626 29833 } 26627 29834 } 29835 26628 29836 /* Frees each node in the stack and frees the stack. 26629 29837 * Does not free any internal members of the stack nodes. … … 26657 29865 int wolfSSL_sk_GENERIC_push(WOLFSSL_STACK* sk, void* generic) 26658 29866 { 26659 WOLFSSL_STACK* node;26660 26661 29867 WOLFSSL_ENTER("wolfSSL_sk_GENERIC_push"); 26662 29868 26663 if (sk == NULL || generic == NULL) { 26664 return WOLFSSL_FAILURE; 26665 } 26666 26667 /* no previous values in stack */ 26668 if (sk->data.generic == NULL) { 26669 sk->data.generic = generic; 26670 sk->num += 1; 26671 return WOLFSSL_SUCCESS; 26672 } 26673 26674 /* stack already has value(s) create a new node and add more */ 26675 node = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK),NULL,DYNAMIC_TYPE_SSL); 26676 if (node == NULL) { 26677 WOLFSSL_MSG("Memory error"); 26678 return WOLFSSL_FAILURE; 26679 } 26680 XMEMSET(node, 0, sizeof(WOLFSSL_STACK)); 26681 26682 /* push new node onto head of stack */ 26683 node->type = sk->type; 26684 node->data.generic = sk->data.generic; 26685 node->next = sk->next; 26686 sk->next = node; 26687 sk->data.generic = generic; 26688 sk->num += 1; 26689 26690 return WOLFSSL_SUCCESS; 29869 return wolfSSL_sk_push(sk, generic); 26691 29870 } 26692 29871 void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK* sk) … … 26694 29873 wolfSSL_sk_GENERIC_pop_free(sk, NULL); 26695 29874 } 26696 29875 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 29876 29877 #ifdef OPENSSL_EXTRA 26697 29878 26698 29879 /* Free all nodes in a stack */ … … 26747 29928 } 26748 29929 } 26749 26750 #if defined(OPENSSL_ALL) 26751 /* Free the structure for WOLFSSL_CONF_VALUE stack 26752 * 26753 * sk stack to free nodes in 26754 */ 26755 void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk) 26756 { 26757 WOLFSSL_STACK* node; 26758 WOLFSSL_STACK* tmp; 26759 WOLFSSL_ENTER("wolfSSL_sk_CONF_VALUE_free"); 26760 26761 if (sk == NULL) 26762 return; 26763 26764 /* parse through stack freeing each node */ 26765 node = sk->next; 26766 while (node) { 26767 tmp = node; 26768 node = node->next; 26769 XFREE(tmp, NULL, DYNAMIC_TYPE_OPENSSL); 26770 } 26771 26772 /* free head of stack */ 26773 XFREE(sk, NULL, DYNAMIC_TYPE_ASN1); 26774 } 26775 #endif 26776 29930 #endif /* OPENSSL_EXTRA */ 29931 29932 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 26777 29933 /* Creates and returns a new null stack. */ 26778 29934 WOLFSSL_STACK* wolfSSL_sk_new_null(void) … … 26794 29950 } 26795 29951 29952 WOLFSSL_BASIC_CONSTRAINTS* wolfSSL_BASIC_CONSTRAINTS_new(void) 29953 { 29954 WOLFSSL_BASIC_CONSTRAINTS* bc; 29955 bc = (WOLFSSL_BASIC_CONSTRAINTS*) 29956 XMALLOC(sizeof(WOLFSSL_BASIC_CONSTRAINTS), NULL, 29957 DYNAMIC_TYPE_X509_EXT); 29958 if (bc == NULL) { 29959 WOLFSSL_MSG("Failed to malloc basic constraints"); 29960 return NULL; 29961 } 29962 XMEMSET(bc, 0, sizeof(WOLFSSL_BASIC_CONSTRAINTS)); 29963 return bc; 29964 } 29965 26796 29966 /* frees the wolfSSL_BASIC_CONSTRAINTS object */ 26797 29967 void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc) … … 26808 29978 } 26809 29979 29980 WOLFSSL_AUTHORITY_KEYID* wolfSSL_AUTHORITY_KEYID_new(void) 29981 { 29982 WOLFSSL_AUTHORITY_KEYID* akey = (WOLFSSL_AUTHORITY_KEYID*)XMALLOC( 29983 sizeof(WOLFSSL_AUTHORITY_KEYID), NULL, DYNAMIC_TYPE_OPENSSL); 29984 if (!akey) { 29985 WOLFSSL_MSG("Issue creating WOLFSSL_AUTHORITY_KEYID struct"); 29986 return NULL; 29987 } 29988 XMEMSET(akey, 0, sizeof(WOLFSSL_AUTHORITY_KEYID)); 29989 return akey; 29990 } 29991 26810 29992 /* frees the wolfSSL_AUTHORITY_KEYID object */ 26811 29993 void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id) … … 26835 30017 } 26836 30018 26837 #endif /* OPENSSL_EXTRA */ 26838 26839 #if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE) 30019 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 30020 30021 #if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \ 30022 defined(HAVE_EXT_CACHE)) 26840 30023 /* stunnel 4.28 needs 26841 30024 * … … 26881 30064 #endif 26882 30065 } 26883 #endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */ 26884 26885 #ifdef OPENSSL_EXTRA 30066 26886 30067 26887 30068 /* … … 26906 30087 } 26907 30088 26908 /* bornOn | timeout | sessionID len | sessionID | masterSecret | haveEMS */ 26909 size += OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN + sess->sessionIDSz + 26910 SECRET_LEN + OPAQUE8_LEN; 30089 /* side | bornOn | timeout | sessionID len | sessionID | masterSecret | 30090 * haveEMS */ 30091 size += OPAQUE8_LEN + OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN + 30092 sess->sessionIDSz + SECRET_LEN + OPAQUE8_LEN; 26911 30093 #ifdef SESSION_CERTS 26912 30094 /* Peer chain */ … … 26941 30123 /* ticketSeen | ticketAdd */ 26942 30124 size += OPAQUE32_LEN + OPAQUE32_LEN; 26943 #ifndef WOLFSSL_TLS13_DRAFT_1826944 30125 /* ticketNonce */ 26945 30126 size += OPAQUE8_LEN + sess->ticketNonce.len; 26946 #endif26947 30127 #endif 26948 30128 #ifdef WOLFSSL_EARLY_DATA … … 26962 30142 data = *p; 26963 30143 30144 data[idx++] = sess->side; 26964 30145 c32toa(sess->bornOn, data + idx); idx += OPAQUE32_LEN; 26965 30146 c32toa(sess->timeout, data + idx); idx += OPAQUE32_LEN; … … 27009 30190 c32toa(sess->ticketAdd, data + idx); 27010 30191 idx += OPAQUE32_LEN; 27011 #ifndef WOLFSSL_TLS13_DRAFT_1827012 30192 data[idx++] = sess->ticketNonce.len; 27013 30193 XMEMCPY(data + idx, sess->ticketNonce.data, sess->ticketNonce.len); 27014 30194 idx += sess->ticketNonce.len; 27015 #endif27016 30195 #endif 27017 30196 #ifdef WOLFSSL_EARLY_DATA … … 27071 30250 27072 30251 if (s == NULL) { 27073 s = (WOLFSSL_SESSION*)XMALLOC(sizeof(WOLFSSL_SESSION), NULL, 27074 DYNAMIC_TYPE_OPENSSL); 30252 s = wolfSSL_SESSION_new(); 27075 30253 if (s == NULL) 27076 30254 return NULL; 27077 XMEMSET(s, 0, sizeof(WOLFSSL_SESSION));27078 s->isAlloced = 1;27079 30255 #ifdef HAVE_SESSION_TICKET 27080 30256 s->isDynamic = 0; … … 27085 30261 data = (byte*)*p; 27086 30262 27087 /* bornOn | timeout | sessionID len */27088 if (i < OPAQUE 32_LEN + OPAQUE32_LEN + OPAQUE8_LEN) {30263 /* side | bornOn | timeout | sessionID len */ 30264 if (i < OPAQUE8_LEN + OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN) { 27089 30265 ret = BUFFER_ERROR; 27090 30266 goto end; 27091 30267 } 30268 s->side = data[idx++]; 27092 30269 ato32(data + idx, &s->bornOn); idx += OPAQUE32_LEN; 27093 30270 ato32(data + idx, &s->timeout); idx += OPAQUE32_LEN; … … 27194 30371 ato32(data + idx, &s->ticketAdd); 27195 30372 idx += OPAQUE32_LEN; 27196 #ifndef WOLFSSL_TLS13_DRAFT_1827197 30373 if (i - idx < OPAQUE8_LEN) { 27198 30374 ret = BUFFER_ERROR; … … 27207 30383 XMEMCPY(s->ticketNonce.data, data + idx, s->ticketNonce.len); 27208 30384 idx += s->ticketNonce.len; 27209 #endif27210 30385 #endif 27211 30386 #ifdef WOLFSSL_EARLY_DATA … … 27256 30431 27257 30432 end: 27258 if (ret != 0 && (sess == NULL || *sess != s)) 30433 if (ret != 0 && (sess == NULL || *sess != s)) { 27259 30434 wolfSSL_SESSION_free(s); 30435 s = NULL; 30436 } 27260 30437 #endif 27261 30438 return s; 27262 30439 } 27263 27264 30440 27265 30441 long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION* sess) … … 27282 30458 } 27283 30459 27284 27285 #endif /* OPENSSL_EXTRA */ 30460 long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t) 30461 { 30462 word32 tmptime; 30463 if (!ses || t < 0) 30464 return BAD_FUNC_ARG; 30465 30466 tmptime = t & 0xFFFFFFFF; 30467 30468 ses->timeout = tmptime; 30469 30470 return WOLFSSL_SUCCESS; 30471 } 30472 30473 #endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */ 27286 30474 27287 30475 … … 27367 30555 #endif 27368 30556 #endif /* OPENSSL_EXTRA */ 27369 #endif /* !WOLFCRYPT_ONLY */27370 30557 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 27371 30558 const WOLFSSL_ObjectInfo wolfssl_object_info[] = { … … 27441 30628 { NID_jurisdictionStateOrProvinceName, NID_jurisdictionStateOrProvinceName, 27442 30629 oidCertNameType, "jurisdictionST", "jurisdictionStateOrProvinceName"}, 30630 #ifdef WOLFSSL_CERT_REQ 30631 { NID_pkcs9_challengePassword, CHALLENGE_PASSWORD_OID, 30632 oidCsrAttrType, "challengePassword", "challengePassword"}, 30633 #endif 27443 30634 #endif 27444 30635 #ifdef OPENSSL_EXTRA /* OPENSSL_EXTRA_X509_SMALL only needs the above */ … … 27470 30661 #ifndef NO_SHA 27471 30662 { CTC_SHAwDSA, CTC_SHAwDSA, oidSigType, "DSA-SHA1", "dsaWithSHA1"}, 30663 { CTC_SHA256wDSA, CTC_SHA256wDSA, oidSigType, "dsa_with_SHA256", 30664 "dsa_with_SHA256"}, 27472 30665 #endif 27473 30666 #endif /* NO_DSA */ … … 27540 30733 { NID_dhKeyAgreement, DHk, oidKeyType, "dhKeyAgreement", "dhKeyAgreement"}, 27541 30734 #endif 30735 #ifdef HAVE_ED448 30736 { NID_ED448, ED448k, oidKeyType, "ED448", "ED448"}, 30737 #endif 30738 #ifdef HAVE_ED25519 30739 { NID_ED25519, ED25519k, oidKeyType, "ED25519", "ED25519"}, 30740 #endif 27542 30741 27543 30742 /* oidCurveType */ … … 27676 30875 const size_t wolfssl_object_info_sz = WOLFSSL_OBJECT_INFO_SZ; 27677 30876 #endif 27678 #if defined(OPENSSL_EXTRA) || \27679 (defined(OPENSSL_EXTRA_X509_SMALL) && !defined(NO_RSA))27680 static WC_RNG globalRNG;27681 static int initGlobalRNG = 0;27682 #endif27683 30877 #if defined(OPENSSL_EXTRA) && \ 27684 30878 !defined(NO_RSA) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) … … 27728 30922 } 27729 30923 #endif 27730 #ifndef WOLFCRYPT_ONLY27731 30924 27732 30925 #ifdef OPENSSL_EXTRA 27733 30926 27734 /* Not thread safe! Can be called multiple times. 27735 * Checks if the global RNG has been created. If not then one is created. 30927 /* Checks if the global RNG has been created. If not then one is created. 27736 30928 * 27737 * Returns SSL_SUCCESS when no error is encountered.30929 * Returns WOLFSSL_SUCCESS when no error is encountered. 27738 30930 */ 27739 30931 static int wolfSSL_RAND_Init(void) 27740 30932 { 30933 if (wc_LockMutex(&globalRNGMutex) != 0) { 30934 WOLFSSL_MSG("Bad Lock Mutex rng"); 30935 return 0; 30936 } 27741 30937 if (initGlobalRNG == 0) { 27742 30938 if (wc_InitRng(&globalRNG) < 0) { 27743 30939 WOLFSSL_MSG("wolfSSL Init Global RNG failed"); 30940 wc_UnLockMutex(&globalRNGMutex); 27744 30941 return 0; 27745 30942 } … … 27747 30944 } 27748 30945 27749 return SSL_SUCCESS; 27750 } 27751 27752 27753 /* SSL_SUCCESS on ok */ 30946 wc_UnLockMutex(&globalRNGMutex); 30947 return WOLFSSL_SUCCESS; 30948 } 30949 30950 30951 /* WOLFSSL_SUCCESS on ok */ 27754 30952 int wolfSSL_RAND_seed(const void* seed, int len) 27755 30953 { … … 27860 31058 bytes = 1024; /* default size of buf */ 27861 31059 27862 if (initGlobalRNG == 0 && wolfSSL_RAND_Init() != SSL_SUCCESS) {31060 if (initGlobalRNG == 0 && wolfSSL_RAND_Init() != WOLFSSL_SUCCESS) { 27863 31061 WOLFSSL_MSG("No RNG to use"); 27864 31062 #ifdef WOLFSSL_SMALL_STACK … … 27904 31102 27905 31103 /* This collects entropy from the path nm and seeds the global PRNG with it. 27906 * Makes a call to wolfSSL_RAND_Init which is not thread safe.27907 31104 * 27908 31105 * nm is the file path to the egd server … … 28017 31214 28018 31215 if (bytes > 0 && ret == WOLFSSL_SUCCESS) { 28019 wolfSSL_RAND_Init(); /* call to check global RNG is created */ 28020 if (wc_RNG_DRBG_Reseed(&globalRNG, (const byte*) buf, bytes) 31216 /* call to check global RNG is created */ 31217 if (wolfSSL_RAND_Init() != SSL_SUCCESS) { 31218 WOLFSSL_MSG("Error with initializing global RNG structure"); 31219 ret = WOLFSSL_FATAL_ERROR; 31220 } 31221 else if (wc_RNG_DRBG_Reseed(&globalRNG, (const byte*) buf, bytes) 28021 31222 != 0) { 28022 31223 WOLFSSL_MSG("Error with reseeding DRBG structure"); … … 28024 31225 } 28025 31226 #ifdef SHOW_SECRETS 28026 { /* print out entropy found */31227 else { /* print out entropy found only when no error occured */ 28027 31228 word32 i; 28028 31229 printf("EGD Entropy = "); … … 28062 31263 WOLFSSL_ENTER("wolfSSL_RAND_Cleanup()"); 28063 31264 31265 if (wc_LockMutex(&globalRNGMutex) != 0) { 31266 WOLFSSL_MSG("Bad Lock Mutex rng"); 31267 return; 31268 } 28064 31269 if (initGlobalRNG != 0) { 28065 31270 wc_FreeRng(&globalRNG); 28066 31271 initGlobalRNG = 0; 28067 31272 } 31273 wc_UnLockMutex(&globalRNGMutex); 28068 31274 } 28069 31275 … … 28075 31281 28076 31282 28077 /* SSL_SUCCESS on ok */31283 /* WOLFSSL_SUCCESS on ok */ 28078 31284 int wolfSSL_RAND_bytes(unsigned char* buf, int num) 28079 31285 { … … 28086 31292 WC_RNG tmpRNG[1]; 28087 31293 #endif 31294 int used_global = 0; 31295 int blockCount = 0; 28088 31296 28089 31297 WOLFSSL_ENTER("wolfSSL_RAND_bytes"); … … 28095 31303 #endif 28096 31304 28097 if (initGlobalRNG) 31305 if (initGlobalRNG) { 31306 if (wc_LockMutex(&globalRNGMutex) != 0) { 31307 WOLFSSL_MSG("Bad Lock Mutex rng"); 31308 return ret; 31309 } 31310 28098 31311 rng = &globalRNG; 31312 used_global = 1; 31313 } 28099 31314 else if(wc_InitRng(tmpRNG) == 0) { 28100 31315 rng = tmpRNG; … … 28102 31317 } 28103 31318 if (rng) { 28104 if (wc_RNG_GenerateBlock(rng, buf, num) != 0) 31319 /* handles size grater than RNG_MAX_BLOCK_LEN */ 31320 blockCount = num / RNG_MAX_BLOCK_LEN; 31321 31322 while(blockCount--) { 31323 if((ret = wc_RNG_GenerateBlock(rng, buf, RNG_MAX_BLOCK_LEN) != 0)){ 31324 WOLFSSL_MSG("Bad wc_RNG_GenerateBlock"); 31325 break; 31326 } 31327 num -= RNG_MAX_BLOCK_LEN; 31328 buf += RNG_MAX_BLOCK_LEN; 31329 } 31330 31331 if (ret == 0 && num) 31332 ret = wc_RNG_GenerateBlock(rng, buf, num); 31333 31334 if (ret != 0) 28105 31335 WOLFSSL_MSG("Bad wc_RNG_GenerateBlock"); 28106 31336 else 28107 31337 ret = WOLFSSL_SUCCESS; 31338 } 31339 31340 if (used_global == 1) { 31341 wc_UnLockMutex(&globalRNGMutex); 28108 31342 } 28109 31343 … … 28149 31383 WOLFSSL_ASN1_INTEGER* a; 28150 31384 int len; 31385 const int extraTagSz = MAX_LENGTH_SZ + 1; 31386 byte intTag[MAX_LENGTH_SZ + 1]; 31387 int idx = 0; 28151 31388 WOLFSSL_ENTER("wolfSSL_BN_to_ASN1_INTEGER"); 28152 31389 … … 28173 31410 28174 31411 /* allocate buffer */ 28175 if (len > (int)sizeof(a->intData)) {31412 if (len + extraTagSz > (int)sizeof(a->intData)) { 28176 31413 /* create new data buffer and copy over */ 28177 a->data = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); 31414 a->data = (byte*)XMALLOC(len + extraTagSz, NULL, 31415 DYNAMIC_TYPE_OPENSSL); 28178 31416 if (a->data == NULL) { 28179 31417 if (a != ai) … … 28187 31425 a->data = a->intData; 28188 31426 } 28189 a->length = len;28190 31427 28191 31428 /* populate data */ … … 28197 31434 } 28198 31435 a->length = len; 31436 31437 /* Write ASN tag */ 31438 idx = SetASNInt(a->length, a->data[0], intTag); 31439 XMEMMOVE(a->data + idx, a->data, a->length); 31440 XMEMCPY(a->data, intTag, idx); 31441 a->dataMax = a->length += idx; 28199 31442 } 28200 31443 … … 28203 31446 28204 31447 #ifdef OPENSSL_ALL 28205 void *wolfSSL_ASN1_item_new(const WOLFSSL_ASN1_ITEM *t emplate)31448 void *wolfSSL_ASN1_item_new(const WOLFSSL_ASN1_ITEM *tpl) 28206 31449 { 28207 31450 void *ret = NULL; … … 28209 31452 size_t i; 28210 31453 WOLFSSL_ENTER("wolfSSL_ASN1_item_new"); 28211 if (!t emplate) {31454 if (!tpl) { 28212 31455 return NULL; 28213 31456 } 28214 if (!(ret = XMALLOC(template->size, NULL, DYNAMIC_TYPE_OPENSSL))) {31457 if (!(ret = (void *)XMALLOC(tpl->size, NULL, DYNAMIC_TYPE_OPENSSL))) { 28215 31458 return NULL; 28216 31459 } 28217 XMEMSET(ret, 0, t emplate->size);28218 for (member = t emplate->members, i = 0; i < template->mcount;31460 XMEMSET(ret, 0, tpl->size); 31461 for (member = tpl->members, i = 0; i < tpl->mcount; 28219 31462 member++, i++) { 28220 31463 switch (member->type) { … … 28244 31487 return ret; 28245 31488 error: 28246 wolfSSL_ASN1_item_free(ret, t emplate);31489 wolfSSL_ASN1_item_free(ret, tpl); 28247 31490 return NULL; 28248 31491 } 28249 31492 28250 void wolfSSL_ASN1_item_free(void *val, const WOLFSSL_ASN1_ITEM *t emplate)31493 void wolfSSL_ASN1_item_free(void *val, const WOLFSSL_ASN1_ITEM *tpl) 28251 31494 { 28252 31495 const WOLFSSL_ASN1_TEMPLATE *member = NULL; … … 28254 31497 WOLFSSL_ENTER("wolfSSL_ASN1_item_free"); 28255 31498 if (val) { 28256 for (member = t emplate->members, i = 0; i < template->mcount;31499 for (member = tpl->members, i = 0; i < tpl->mcount; 28257 31500 member++, i++) { 28258 31501 switch (member->type) { … … 28342 31585 28343 31586 int wolfSSL_ASN1_item_i2d(const void *src, byte **dest, 28344 const WOLFSSL_ASN1_ITEM *t emplate)31587 const WOLFSSL_ASN1_ITEM *tpl) 28345 31588 { 28346 31589 int len = 0; … … 28349 31592 WOLFSSL_ENTER("wolfSSL_ASN1_item_i2d"); 28350 31593 28351 if (!src || !t emplate) {31594 if (!src || !tpl) { 28352 31595 WOLFSSL_LEAVE("wolfSSL_ASN1_item_i2d", WOLFSSL_FAILURE); 28353 31596 return WOLFSSL_FAILURE; … … 28355 31598 28356 31599 if (dest && !*dest) { 28357 len = wolfSSL_ASN1_item_i2d(src, NULL, t emplate);31600 len = wolfSSL_ASN1_item_i2d(src, NULL, tpl); 28358 31601 if (!len) { 28359 31602 goto error; … … 28366 31609 } 28367 31610 28368 switch (t emplate->type) {31611 switch (tpl->type) { 28369 31612 case ASN_SEQUENCE: 28370 31613 { 28371 int seq_len = i2dProcessMembers(src, NULL, t emplate->members,28372 t emplate->mcount);31614 int seq_len = i2dProcessMembers(src, NULL, tpl->members, 31615 tpl->mcount); 28373 31616 if (!seq_len) { 28374 31617 goto error; … … 28376 31619 len += SetSequence(seq_len, bufLenOrNull(buf, len)); 28377 31620 if (buf && 28378 i2dProcessMembers(src, bufLenOrNull(buf, len), t emplate->members,28379 t emplate->mcount) != seq_len) {31621 i2dProcessMembers(src, bufLenOrNull(buf, len), tpl->members, 31622 tpl->mcount) != seq_len) { 28380 31623 WOLFSSL_MSG("Inconsistent sequence length"); 28381 31624 goto error; … … 28424 31667 DhKey* key; 28425 31668 28426 WOLFSSL_ MSG("wolfSSL_DH_new");31669 WOLFSSL_ENTER("wolfSSL_DH_new"); 28427 31670 28428 31671 key = (DhKey*) XMALLOC(sizeof(DhKey), NULL, DYNAMIC_TYPE_DH); … … 28448 31691 } 28449 31692 external->internal = key; 31693 external->priv_key = wolfSSL_BN_new(); 31694 external->pub_key = wolfSSL_BN_new(); 28450 31695 28451 31696 return external; 28452 31697 } 28453 31698 28454 28455 31699 void wolfSSL_DH_free(WOLFSSL_DH* dh) 28456 31700 { 28457 WOLFSSL_ MSG("wolfSSL_DH_free");31701 WOLFSSL_ENTER("wolfSSL_DH_free"); 28458 31702 28459 31703 if (dh) { … … 28479 31723 int pSz = 1024; 28480 31724 int gSz = 1024; 28481 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)31725 #ifdef WOLFSSL_DH_EXTRA 28482 31726 int privSz = 256; /* Up to 2048-bit */ 28483 31727 int pubSz = 256; … … 28486 31730 unsigned char* p = NULL; 28487 31731 unsigned char* g = NULL; 28488 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)31732 #ifdef WOLFSSL_DH_EXTRA 28489 31733 unsigned char* priv_key = NULL; 28490 31734 unsigned char* pub_key = NULL; … … 28493 31737 unsigned char p[1024]; 28494 31738 unsigned char g[1024]; 28495 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)31739 #ifdef WOLFSSL_DH_EXTRA 28496 31740 unsigned char priv_key[256]; 28497 31741 unsigned char pub_key[256]; … … 28507 31751 else if (wolfSSL_BN_bn2bin(dh->g, NULL) > gSz) 28508 31752 WOLFSSL_MSG("Bad g internal size"); 28509 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) 31753 #ifdef WOLFSSL_DH_EXTRA 28510 31754 else if (wolfSSL_BN_bn2bin(dh->priv_key, NULL) > privSz) 28511 31755 WOLFSSL_MSG("Bad private key internal size"); 28512 31756 else if (wolfSSL_BN_bn2bin(dh->pub_key, NULL) > privSz) 28513 31757 WOLFSSL_MSG("Bad public key internal size"); 28514 31758 #endif 28515 31759 else { 28516 31760 #ifdef WOLFSSL_SMALL_STACK 28517 31761 p = (unsigned char*)XMALLOC(pSz, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 28518 31762 g = (unsigned char*)XMALLOC(gSz, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 28519 28520 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) 28521 priv_key = (unsigned char*)XMALLOC(privSz,NULL,DYNAMIC_TYPE_PRIVATE_KEY); 28522 pub_key = (unsigned char*)XMALLOC(pubSz,NULL,DYNAMIC_TYPE_PUBLIC_KEY); 28523 #endif 31763 #ifdef WOLFSSL_DH_EXTRA 31764 priv_key = (unsigned char*)XMALLOC(privSz, NULL, 31765 DYNAMIC_TYPE_PRIVATE_KEY); 31766 pub_key = (unsigned char*)XMALLOC(pubSz, NULL, 31767 DYNAMIC_TYPE_PUBLIC_KEY); 31768 #endif 28524 31769 28525 31770 if (p == NULL || g == NULL) { … … 28530 31775 #endif /* WOLFSSL_SMALL_STACK */ 28531 31776 28532 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)31777 #ifdef WOLFSSL_DH_EXTRA 28533 31778 privSz = wolfSSL_BN_bn2bin(dh->priv_key, priv_key); 28534 31779 pubSz = wolfSSL_BN_bn2bin(dh->pub_key, pub_key); … … 28540 31785 } 28541 31786 if (privSz > 0 || pubSz > 0) { 28542 ret = wc_DhSetFullKeys((DhKey*)dh->internal,priv_key,privSz, 28543 pub_key,pubSz); 28544 if (ret == WOLFSSL_FAILURE) { 31787 ret = wc_DhImportKeyPair((DhKey*)dh->internal, priv_key, privSz, 31788 pub_key, pubSz); 31789 if (ret == 0) { 31790 ret = WOLFSSL_SUCCESS; 31791 } 31792 else { 28545 31793 WOLFSSL_MSG("Failed setting private or public key."); 28546 } 28547 } 28548 #endif /* WOLFSSL_QT || OPENSSL_ALL */ 31794 ret = WOLFSSL_FAILURE; 31795 } 31796 } 31797 #endif /* WOLFSSL_DH_EXTRA */ 28549 31798 28550 31799 pSz = wolfSSL_BN_bn2bin(dh->p, p); … … 28563 31812 XFREE(p, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 28564 31813 XFREE(g, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 28565 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)31814 #ifdef WOLFSSL_DH_EXTRA 28566 31815 XFREE(priv_key, NULL, DYNAMIC_TYPE_PRIVATE_KEY); 28567 31816 XFREE(pub_key, NULL, DYNAMIC_TYPE_PUBLIC_KEY); … … 28570 31819 } 28571 31820 28572 28573 31821 return ret; 28574 31822 } 28575 31823 28576 #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)) 31824 #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) \ 31825 || defined(WOLFSSL_OPENSSH)) 31826 31827 #ifdef WOLFSSL_DH_EXTRA 31828 WOLFSSL_DH* wolfSSL_DH_dup(WOLFSSL_DH* dh) 31829 { 31830 WOLFSSL_DH* ret = NULL; 31831 31832 WOLFSSL_ENTER("wolfSSL_DH_dup"); 31833 31834 if (!dh) { 31835 WOLFSSL_MSG("Bad parameter"); 31836 return NULL; 31837 } 31838 31839 if (dh->inSet == 0 && SetDhInternal(dh) != WOLFSSL_SUCCESS){ 31840 WOLFSSL_MSG("Bad DH set internal"); 31841 return NULL; 31842 } 31843 31844 if (!(ret = wolfSSL_DH_new())) { 31845 WOLFSSL_MSG("wolfSSL_DH_new error"); 31846 return NULL; 31847 } 31848 31849 if (wc_DhKeyCopy((DhKey*)dh->internal, (DhKey*)ret->internal) != MP_OKAY) { 31850 WOLFSSL_MSG("wc_DhKeyCopy error"); 31851 wolfSSL_DH_free(ret); 31852 return NULL; 31853 } 31854 ret->inSet = 1; 31855 31856 if (SetDhExternal(ret) != WOLFSSL_SUCCESS) { 31857 WOLFSSL_MSG("SetDhExternal error"); 31858 wolfSSL_DH_free(ret); 31859 return NULL; 31860 } 31861 31862 return ret; 31863 } 31864 #endif /* WOLFSSL_DH_EXTRA */ 31865 28577 31866 /* Set the members of DhKey into WOLFSSL_DH 28578 31867 * DhKey was populated from wc_DhKeyDecode … … 28599 31888 } 28600 31889 31890 #ifdef WOLFSSL_DH_EXTRA 28601 31891 if (SetIndividualExternal(&dh->priv_key, &key->priv) != WOLFSSL_SUCCESS) { 28602 31892 WOLFSSL_MSG("No DH Private Key"); … … 28608 31898 return WOLFSSL_FATAL_ERROR; 28609 31899 } 31900 #endif /* WOLFSSL_DH_EXTRA */ 28610 31901 28611 31902 dh->exSet = 1; … … 28648 31939 WOLFSSL_ENTER("wolfSSL_DH_768_prime"); 28649 31940 28650 if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) {31941 if (wolfSSL_BN_hex2bn(&bn, prm) != WOLFSSL_SUCCESS) { 28651 31942 WOLFSSL_MSG("Error converting DH 768 prime to big number"); 28652 31943 return NULL; … … 28678 31969 WOLFSSL_ENTER("wolfSSL_DH_1024_prime"); 28679 31970 28680 if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) {31971 if (wolfSSL_BN_hex2bn(&bn, prm) != WOLFSSL_SUCCESS) { 28681 31972 WOLFSSL_MSG("Error converting DH 1024 prime to big number"); 28682 31973 return NULL; … … 28712 32003 WOLFSSL_ENTER("wolfSSL_DH_1536_prime"); 28713 32004 28714 if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) {32005 if (wolfSSL_BN_hex2bn(&bn, prm) != WOLFSSL_SUCCESS) { 28715 32006 WOLFSSL_MSG("Error converting DH 1536 prime to big number"); 28716 32007 return NULL; … … 28750 32041 WOLFSSL_ENTER("wolfSSL_DH_2048_prime"); 28751 32042 28752 if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) {32043 if (wolfSSL_BN_hex2bn(&bn, prm) != WOLFSSL_SUCCESS) { 28753 32044 WOLFSSL_MSG("Error converting DH 2048 prime to big number"); 28754 32045 return NULL; … … 28796 32087 WOLFSSL_ENTER("wolfSSL_DH_3072_prime"); 28797 32088 28798 if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) {32089 if (wolfSSL_BN_hex2bn(&bn, prm) != WOLFSSL_SUCCESS) { 28799 32090 WOLFSSL_MSG("Error converting DH 3072 prime to big number"); 28800 32091 return NULL; … … 28850 32141 WOLFSSL_ENTER("wolfSSL_DH_4096_prime"); 28851 32142 28852 if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) {32143 if (wolfSSL_BN_hex2bn(&bn, prm) != WOLFSSL_SUCCESS) { 28853 32144 WOLFSSL_MSG("Error converting DH 4096 prime to big number"); 28854 32145 return NULL; … … 28920 32211 WOLFSSL_ENTER("wolfSSL_DH_6144_prime"); 28921 32212 28922 if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) {32213 if (wolfSSL_BN_hex2bn(&bn, prm) != WOLFSSL_SUCCESS) { 28923 32214 WOLFSSL_MSG("Error converting DH 6144 prime to big number"); 28924 32215 return NULL; … … 29007 32298 WOLFSSL_ENTER("wolfSSL_DH_8192_prime"); 29008 32299 29009 if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) {32300 if (wolfSSL_BN_hex2bn(&bn, prm) != WOLFSSL_SUCCESS) { 29010 32301 WOLFSSL_MSG("Error converting DH 8192 prime to big number"); 29011 32302 return NULL; … … 29015 32306 } 29016 32307 32308 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) 29017 32309 /* return code compliant with OpenSSL : 29018 32310 * 1 if success, 0 if error … … 29066 32358 privSz = pubSz; 29067 32359 } 29068 pub = (unsigned char*)XMALLOC(pubSz, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 29069 priv = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_PRIVATE_KEY); 32360 if (pubSz > 0) { 32361 pub = (unsigned char*)XMALLOC(pubSz, 32362 NULL, DYNAMIC_TYPE_PUBLIC_KEY); 32363 } 32364 if (privSz > 0) { 32365 priv = (unsigned char*)XMALLOC(privSz, 32366 NULL, DYNAMIC_TYPE_PRIVATE_KEY); 32367 } 29070 32368 if (pub == NULL || priv == NULL) { 29071 32369 WOLFSSL_MSG("Unable to malloc memory"); … … 29158 32456 privSz = wolfSSL_BN_bn2bin(dh->priv_key, priv); 29159 32457 pubSz = wolfSSL_BN_bn2bin(otherPub, pub); 29160 if (dh->inSet == 0 && SetDhInternal(dh) != SSL_SUCCESS){29161 32458 if (dh->inSet == 0 && SetDhInternal(dh) != WOLFSSL_SUCCESS){ 32459 WOLFSSL_MSG("Bad DH set internal"); 29162 32460 } 29163 32461 if (privSz <= 0 || pubSz <= 0) … … 29174 32472 XFREE(priv, NULL, DYNAMIC_TYPE_PRIVATE_KEY); 29175 32473 #endif 32474 32475 WOLFSSL_LEAVE("wolfSSL_DH_compute_key", ret); 29176 32476 29177 32477 return ret; … … 29209 32509 wolfSSL_BN_free(dh->q); 29210 32510 wolfSSL_BN_free(dh->g); 29211 wolfSSL_BN_free(dh->pub_key);29212 wolfSSL_BN_free(dh->priv_key);29213 32511 29214 32512 dh->p = p; … … 29229 32527 } 29230 32528 #endif /* v1.1.0 or later */ 32529 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 29231 32530 29232 32531 #endif /* NO_DH */ 29233 29234 29235 #ifndef NO_DSA 32532 #endif /* OPENSSL_EXTRA */ 32533 32534 #if !defined(NO_DSA) && \ 32535 (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 29236 32536 static void InitwolfSSL_DSA(WOLFSSL_DSA* dsa) 29237 32537 { … … 29306 32606 } 29307 32607 29308 #endif /* NO_DSA */29309 #endif /* OPENSSL_EXTRA */29310 29311 #ifdef OPENSSL_EXTRA29312 29313 #ifndef NO_DSA29314 32608 /* wolfSSL -> OpenSSL */ 29315 32609 int SetDsaExternal(WOLFSSL_DSA* dsa) … … 29354 32648 return WOLFSSL_SUCCESS; 29355 32649 } 29356 32650 #endif /* !NO_DSA && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ 32651 32652 32653 #if !defined(NO_DSA) && defined(OPENSSL_EXTRA) 29357 32654 /* Openssl -> WolfSSL */ 29358 32655 int SetDsaInternal(WOLFSSL_DSA* dsa) … … 29410 32707 return WOLFSSL_SUCCESS; 29411 32708 } 29412 #endif /* NO_DSA */ 29413 #endif /* OPENSSL_EXTRA */ 32709 #endif /* !NO_DSA && OPENSSL_EXTRA */ 29414 32710 29415 32711 29416 32712 #ifdef OPENSSL_EXTRA 29417 32713 #if !defined(NO_RSA) 32714 32715 /* return wolfSSL native error codes. */ 32716 static int wolfSSL_RSA_generate_key_native(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* bn, 32717 void* cb) 32718 { 32719 int ret; 32720 32721 (void)cb; 32722 (void)bn; 32723 (void)bits; 32724 32725 WOLFSSL_ENTER("wolfSSL_RSA_generate_key_native"); 32726 32727 if (rsa == NULL || rsa->internal == NULL) { 32728 /* bit size checked during make key call */ 32729 WOLFSSL_MSG("bad arguments"); 32730 return BAD_FUNC_ARG; 32731 } 32732 32733 #ifdef WOLFSSL_KEY_GEN 32734 { 32735 #ifdef WOLFSSL_SMALL_STACK 32736 WC_RNG* rng; 32737 #else 32738 WC_RNG rng[1]; 32739 #endif 32740 32741 #ifdef WOLFSSL_SMALL_STACK 32742 rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 32743 if (rng == NULL) 32744 return MEMORY_E; 32745 #endif 32746 32747 if ((ret = wc_InitRng(rng)) < 0) 32748 WOLFSSL_MSG("RNG init failed"); 32749 else if ((ret = wc_MakeRsaKey((RsaKey*)rsa->internal, bits, 32750 wolfSSL_BN_get_word(bn), rng)) != MP_OKAY) 32751 WOLFSSL_MSG("wc_MakeRsaKey failed"); 32752 else if ((ret = SetRsaExternal(rsa)) != WOLFSSL_SUCCESS) 32753 WOLFSSL_MSG("SetRsaExternal failed"); 32754 else { 32755 rsa->inSet = 1; 32756 ret = WOLFSSL_ERROR_NONE; 32757 } 32758 32759 wc_FreeRng(rng); 32760 #ifdef WOLFSSL_SMALL_STACK 32761 XFREE(rng, NULL, DYNAMIC_TYPE_RNG); 32762 #endif 32763 } 32764 #else 32765 WOLFSSL_MSG("No Key Gen built in"); 32766 ret = NOT_COMPILED_IN; 32767 #endif 32768 return ret; 32769 } 32770 29418 32771 /* Generates a RSA key of length len 29419 32772 * … … 29450 32803 } 29451 32804 29452 if (wolfSSL_BN_set_word(bn, (WOLFSSL_BN_ULONG)e) !=SSL_SUCCESS) {32805 if (wolfSSL_BN_set_word(bn, e) != WOLFSSL_SUCCESS) { 29453 32806 WOLFSSL_MSG("Error using e value"); 29454 32807 wolfSSL_BN_free(bn); … … 29461 32814 } 29462 32815 else { 29463 if (wolfSSL_RSA_generate_key_ex(rsa, len, bn, NULL) != SSL_SUCCESS){ 29464 wolfSSL_RSA_free(rsa); 29465 rsa = NULL; 32816 for (;;) { 32817 int gen_ret = wolfSSL_RSA_generate_key_native(rsa, len, bn, NULL); 32818 if (gen_ret == WOLFSSL_ERROR_NONE) 32819 break; 32820 #ifdef HAVE_FIPS 32821 else if (gen_ret == PRIME_GEN_E) 32822 continue; 32823 #endif 32824 else { 32825 wolfSSL_RSA_free(rsa); 32826 rsa = NULL; 32827 break; 32828 } 29466 32829 } 29467 32830 } … … 29470 32833 return rsa; 29471 32834 } 29472 29473 32835 29474 32836 /* return compliant with OpenSSL … … 29478 32840 void* cb) 29479 32841 { 29480 int ret = WOLFSSL_FAILURE; 29481 29482 (void)cb; 29483 (void)bn; 29484 (void)bits; 29485 29486 WOLFSSL_ENTER("wolfSSL_RSA_generate_key_ex"); 29487 29488 if (rsa == NULL || rsa->internal == NULL) { 29489 /* bit size checked during make key call */ 29490 WOLFSSL_MSG("bad arguments"); 29491 return WOLFSSL_FAILURE; 29492 } 29493 29494 #ifdef WOLFSSL_KEY_GEN 29495 { 29496 #ifdef WOLFSSL_SMALL_STACK 29497 WC_RNG* rng; 29498 #else 29499 WC_RNG rng[1]; 29500 #endif 29501 29502 #ifdef WOLFSSL_SMALL_STACK 29503 rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 29504 if (rng == NULL) 32842 for (;;) { 32843 int gen_ret = wolfSSL_RSA_generate_key_native(rsa, bits, bn, cb); 32844 if (gen_ret == WOLFSSL_ERROR_NONE) 32845 return WOLFSSL_SUCCESS; 32846 #ifdef HAVE_FIPS 32847 else if (gen_ret == PRIME_GEN_E) 32848 continue; 32849 #endif 32850 else 29505 32851 return WOLFSSL_FAILURE; 29506 #endif 29507 29508 if (wc_InitRng(rng) < 0) 29509 WOLFSSL_MSG("RNG init failed"); 29510 else if (wc_MakeRsaKey((RsaKey*)rsa->internal, bits, 29511 wolfSSL_BN_get_word(bn), rng) != MP_OKAY) 29512 WOLFSSL_MSG("wc_MakeRsaKey failed"); 29513 else if (SetRsaExternal(rsa) != WOLFSSL_SUCCESS) 29514 WOLFSSL_MSG("SetRsaExternal failed"); 29515 else { 29516 rsa->inSet = 1; 29517 ret = WOLFSSL_SUCCESS; 29518 } 29519 29520 wc_FreeRng(rng); 29521 #ifdef WOLFSSL_SMALL_STACK 29522 XFREE(rng, NULL, DYNAMIC_TYPE_RNG); 29523 #endif 29524 } 29525 #else 29526 WOLFSSL_MSG("No Key Gen built in"); 29527 #endif 29528 return ret; 32852 } 29529 32853 } 29530 32854 #endif /* NO_RSA */ … … 29622 32946 29623 32947 if (wolfSSL_DSA_generate_parameters_ex(dsa, bits, seed, seedLen, 29624 counterRet, hRet, NULL) != SSL_SUCCESS) {32948 counterRet, hRet, NULL) != WOLFSSL_SUCCESS) { 29625 32949 wolfSSL_DSA_free(dsa); 29626 32950 return NULL; … … 29863 33187 } 29864 33188 33189 33190 int wolfSSL_DSA_bits(const WOLFSSL_DSA *d) 33191 { 33192 if (!d) 33193 return WOLFSSL_FAILURE; 33194 if (!d->exSet && SetDsaExternal((WOLFSSL_DSA*)d) != WOLFSSL_SUCCESS) 33195 return WOLFSSL_FAILURE; 33196 return wolfSSL_BN_num_bits(d->p); 33197 } 33198 29865 33199 #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) 29866 33200 int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest_len, … … 29924 33258 29925 33259 #ifdef DEBUG_SIGN 29926 static void show(const char *title, const unsigned char *out, unsigned int outlen)33260 static void DEBUG_SIGN_msg(const char *title, const unsigned char *out, unsigned int outlen) 29927 33261 { 29928 33262 const unsigned char *pt; … … 29934 33268 } 29935 33269 #else 29936 #define show(a,b,c) 29937 #endif 29938 29939 /* return SSL_SUCCESS on ok, 0 otherwise */ 29940 int wolfSSL_RSA_sign(int type, const unsigned char* m, 29941 unsigned int mLen, unsigned char* sigRet, 29942 unsigned int* sigLen, WOLFSSL_RSA* rsa) 29943 { 29944 return wolfSSL_RSA_sign_ex(type, m, mLen, sigRet, sigLen, rsa, 1); 29945 } 29946 29947 int wolfSSL_RSA_sign_ex(int type, const unsigned char* m, 29948 unsigned int mLen, unsigned char* sigRet, 29949 unsigned int* sigLen, WOLFSSL_RSA* rsa, int flag) 29950 { 29951 word32 outLen; 29952 word32 signSz; 29953 int initTmpRng = 0; 29954 WC_RNG* rng = NULL; 29955 int ret = 0; 29956 #ifdef WOLFSSL_SMALL_STACK 29957 WC_RNG* tmpRNG = NULL; 29958 byte* encodedSig = NULL; 29959 #else 29960 WC_RNG tmpRNG[1]; 29961 byte encodedSig[MAX_ENCODED_SIG_SZ]; 29962 #endif 29963 29964 WOLFSSL_ENTER("wolfSSL_RSA_sign"); 29965 29966 if (m == NULL || sigRet == NULL || sigLen == NULL || rsa == NULL) { 29967 WOLFSSL_MSG("Bad function arguments"); 29968 return 0; 29969 } 29970 show("Message to Sign", m, mLen); 29971 33270 #define DEBUG_SIGN_msg(a,b,c) 33271 #endif 33272 33273 static int nid2HashSum(int type) { 29972 33274 switch (type) { 29973 33275 #ifdef WOLFSSL_MD2 … … 30005 33307 return 0; 30006 33308 } 30007 30008 if (rsa->inSet == 0) 30009 { 33309 return type; 33310 } 33311 33312 /* return WOLFSSL_SUCCESS on ok, 0 otherwise */ 33313 int wolfSSL_RSA_sign(int type, const unsigned char* m, 33314 unsigned int mLen, unsigned char* sigRet, 33315 unsigned int* sigLen, WOLFSSL_RSA* rsa) 33316 { 33317 return wolfSSL_RSA_sign_ex(type, m, mLen, sigRet, sigLen, rsa, 1); 33318 } 33319 33320 int wolfSSL_RSA_sign_ex(int type, const unsigned char* m, 33321 unsigned int mLen, unsigned char* sigRet, 33322 unsigned int* sigLen, WOLFSSL_RSA* rsa, int flag) 33323 { 33324 return wolfSSL_RSA_sign_generic_padding(type, m, mLen, sigRet, sigLen, 33325 rsa, flag, RSA_PKCS1_PADDING); 33326 } 33327 33328 /** 33329 * Sign a message with the chosen message digest, padding, and RSA key. 33330 * @param type Hash NID 33331 * @param m Message to sign. Most likely this will be the digest of 33332 * the message to sign 33333 * @param mLen Length of message to sign 33334 * @param sigRet Output buffer 33335 * @param sigLen On Input: length of sigRet buffer 33336 * On Output: length of data written to sigRet 33337 * @param rsa RSA key used to sign the input 33338 * @param flag 1: Output the signature 33339 * 0: Output the value that the unpadded signature should be 33340 * compared to. Note: for RSA_PKCS1_PSS_PADDING the 33341 * wc_RsaPSS_CheckPadding_ex function should be used to check 33342 * the output of a *Verify* function. 33343 * @param padding Padding to use. Only RSA_PKCS1_PSS_PADDING and 33344 * RSA_PKCS1_PADDING are currently supported for signing. 33345 * @return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error 33346 */ 33347 int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m, 33348 unsigned int mLen, unsigned char* sigRet, 33349 unsigned int* sigLen, WOLFSSL_RSA* rsa, int flag, 33350 int padding) 33351 { 33352 word32 outLen; 33353 word32 signSz; 33354 int initTmpRng = 0; 33355 WC_RNG* rng = NULL; 33356 int ret = 0; 33357 #ifdef WOLFSSL_SMALL_STACK 33358 WC_RNG* tmpRNG = NULL; 33359 byte* encodedSig = NULL; 33360 #else 33361 WC_RNG tmpRNG[1]; 33362 byte encodedSig[MAX_ENCODED_SIG_SZ]; 33363 #endif 33364 33365 WOLFSSL_ENTER("wolfSSL_RSA_sign_generic_padding"); 33366 33367 if (m == NULL || sigRet == NULL || sigLen == NULL || rsa == NULL) { 33368 WOLFSSL_MSG("Bad function arguments"); 33369 return WOLFSSL_FAILURE; 33370 } 33371 DEBUG_SIGN_msg("Message to Sign", m, mLen); 33372 33373 if (rsa->inSet == 0) { 30010 33374 WOLFSSL_MSG("No RSA internal set, do it"); 30011 33375 30012 33376 if (SetRsaInternal(rsa) != WOLFSSL_SUCCESS) { 30013 33377 WOLFSSL_MSG("SetRsaInternal failed"); 30014 return 0; 30015 } 30016 } 33378 return WOLFSSL_FAILURE; 33379 } 33380 } 33381 33382 type = nid2HashSum(type); 30017 33383 30018 33384 outLen = (word32)wolfSSL_BN_num_bytes(rsa->n); … … 30021 33387 tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 30022 33388 if (tmpRNG == NULL) 30023 return 0;33389 return WOLFSSL_FAILURE; 30024 33390 30025 33391 encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL, … … 30027 33393 if (encodedSig == NULL) { 30028 33394 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 30029 return 0;30030 } 30031 #endif 30032 30033 if (outLen == 0) 33395 return WOLFSSL_FAILURE; 33396 } 33397 #endif 33398 33399 if (outLen == 0) { 30034 33400 WOLFSSL_MSG("Bad RSA size"); 33401 } 30035 33402 else if (wc_InitRng(tmpRNG) == 0) { 30036 33403 rng = tmpRNG; … … 30047 33414 30048 33415 if (rng) { 30049 30050 signSz = wc_EncodeSignature(encodedSig, m, mLen, type); 30051 if (signSz == 0) { 30052 WOLFSSL_MSG("Bad Encode Signature"); 30053 } 30054 else { 30055 show("Encoded Message", encodedSig, signSz); 30056 if (flag != 0) { 33416 if (flag != 0) { 33417 switch (padding) { 33418 #ifdef WC_RSA_NO_PADDING 33419 case RSA_NO_PADDING: 33420 WOLFSSL_MSG("RSA_NO_PADDING not supported for signing"); 33421 ret = BAD_FUNC_ARG; 33422 break; 33423 #endif 33424 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && defined(WC_RSA_PSS) 33425 case RSA_PKCS1_PSS_PADDING: 33426 { 33427 enum wc_HashType hType = wc_OidGetHash(type); 33428 #ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER 33429 WOLFSSL_MSG("Using RSA-PSS with hash length salt. " 33430 "OpenSSL uses max length by default."); 33431 #endif 33432 ret = wc_RsaPSS_Sign_ex(m, mLen, sigRet, outLen, 33433 hType, wc_hash2mgf(hType), 33434 #ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER 33435 RSA_PSS_SALT_LEN_DEFAULT, 33436 #else 33437 RSA_PSS_SALT_LEN_DISCOVER, 33438 #endif 33439 (RsaKey*)rsa->internal, rng); 33440 break; 33441 } 33442 #endif 33443 #ifndef WC_NO_RSA_OAEP 33444 case RSA_PKCS1_OAEP_PADDING: 33445 { 33446 WOLFSSL_MSG("RSA_PKCS1_OAEP_PADDING not supported for signing"); 33447 ret = BAD_FUNC_ARG; 33448 break; 33449 } 33450 #endif 33451 case RSA_PKCS1_PADDING: 33452 signSz = wc_EncodeSignature(encodedSig, m, mLen, type); 33453 if (signSz == 0) { 33454 WOLFSSL_MSG("Bad Encode Signature"); 33455 } 33456 DEBUG_SIGN_msg("Encoded Message", encodedSig, signSz); 30057 33457 ret = wc_RsaSSL_Sign(encodedSig, signSz, sigRet, outLen, 30058 33458 (RsaKey*)rsa->internal, rng); 30059 if (ret <= 0) { 30060 WOLFSSL_MSG("Bad Rsa Sign"); 30061 ret = 0; 33459 break; 33460 default: 33461 WOLFSSL_MSG("Unsupported padding"); 33462 ret = BAD_FUNC_ARG; 33463 break; 33464 } 33465 if (ret <= 0) { 33466 WOLFSSL_MSG("Bad Rsa Sign"); 33467 ret = 0; 33468 } 33469 else { 33470 *sigLen = (unsigned int)ret; 33471 ret = WOLFSSL_SUCCESS; 33472 DEBUG_SIGN_msg("Signature", sigRet, *sigLen); 33473 } 33474 } else { 33475 switch (padding) { 33476 case RSA_NO_PADDING: 33477 case RSA_PKCS1_PSS_PADDING: 33478 case RSA_PKCS1_OAEP_PADDING: 33479 ret = WOLFSSL_SUCCESS; 33480 XMEMCPY(sigRet, m, mLen); 33481 *sigLen = mLen; 33482 break; 33483 case RSA_PKCS1_PADDING: 33484 default: 33485 signSz = wc_EncodeSignature(encodedSig, m, mLen, type); 33486 if (signSz == 0) { 33487 WOLFSSL_MSG("Bad Encode Signature"); 30062 33488 } 30063 else { 30064 *sigLen = (unsigned int)ret; 30065 ret = SSL_SUCCESS; 30066 show("Signature", sigRet, *sigLen); 30067 } 30068 } else { 30069 ret = SSL_SUCCESS; 33489 ret = WOLFSSL_SUCCESS; 30070 33490 XMEMCPY(sigRet, encodedSig, signSz); 30071 33491 *sigLen = signSz; 30072 }30073 }30074 33492 break; 33493 } 33494 } 30075 33495 } 30076 33496 … … 30083 33503 #endif 30084 33504 30085 if (ret == WOLFSSL_SUCCESS) 30086 WOLFSSL_MSG("wolfSSL_RSA_sign success"); 33505 if (ret == WOLFSSL_SUCCESS) { 33506 WOLFSSL_MSG("wolfSSL_RSA_sign_generic_padding success"); 33507 } 30087 33508 else { 30088 WOLFSSL_MSG("wolfSSL_RSA_sign failed"); 33509 WOLFSSL_LEAVE("wolfSSL_RSA_sign_generic_padding", ret); 33510 WOLFSSL_MSG("wolfSSL_RSA_sign_generic_padding failed. " 33511 "Returning WOLFSSL_FAILURE."); 33512 ret = WOLFSSL_FAILURE; 30089 33513 } 30090 33514 return ret; 30091 33515 } 30092 30093 33516 30094 33517 /* returns WOLFSSL_SUCCESS on successful verify and WOLFSSL_FAILURE on fail */ … … 30097 33520 unsigned int sigLen, WOLFSSL_RSA* rsa) 30098 33521 { 30099 int ret; 30100 unsigned char *sigRet ; 30101 unsigned char *sigDec ; 30102 unsigned int len; 33522 return wolfSSL_RSA_verify_ex(type, m, mLen, sig, sigLen, rsa, RSA_PKCS1_PADDING); 33523 } 33524 33525 /* returns WOLFSSL_SUCCESS on successful verify and WOLFSSL_FAILURE on fail */ 33526 int wolfSSL_RSA_verify_ex(int type, const unsigned char* m, 33527 unsigned int mLen, const unsigned char* sig, 33528 unsigned int sigLen, WOLFSSL_RSA* rsa, 33529 int padding) { 33530 int ret = WOLFSSL_FAILURE; 33531 unsigned char *sigRet = NULL; 33532 unsigned char *sigDec = NULL; 33533 unsigned int len = 0; 33534 int verLen; 33535 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) 33536 int hSum = nid2HashSum(type); 33537 enum wc_HashType hType; 33538 #endif 30103 33539 30104 33540 WOLFSSL_ENTER("wolfSSL_RSA_verify"); … … 30107 33543 return WOLFSSL_FAILURE; 30108 33544 } 30109 30110 sigRet = (unsigned char *)XMALLOC(sigLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);30111 if (sigRet == NULL) {30112 WOLFSSL_MSG("Memory failure");30113 return WOLFSSL_FAILURE;30114 }30115 33545 sigDec = (unsigned char *)XMALLOC(sigLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30116 33546 if (sigDec == NULL) { 30117 33547 WOLFSSL_MSG("Memory failure"); 33548 goto cleanup; 33549 } 33550 if (padding != RSA_PKCS1_PSS_PADDING) { 33551 sigRet = (unsigned char *)XMALLOC(sigLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); 33552 if (sigRet == NULL) { 33553 WOLFSSL_MSG("Memory failure"); 33554 goto cleanup; 33555 } 33556 /* get non-encrypted signature to be compared with decrypted signature */ 33557 if (wolfSSL_RSA_sign_generic_padding(type, m, mLen, sigRet, &len, rsa, 33558 0, padding) <= 0) { 33559 WOLFSSL_MSG("Message Digest Error"); 33560 goto cleanup; 33561 } 33562 DEBUG_SIGN_msg("Encoded Message", sigRet, len); 33563 } 33564 else { 33565 DEBUG_SIGN_msg("Encoded Message", m, mLen); 33566 } 33567 /* decrypt signature */ 33568 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) 33569 hType = wc_OidGetHash(hSum); 33570 if ((verLen = wc_RsaSSL_Verify_ex2(sig, sigLen, (unsigned char *)sigDec, 33571 sigLen, (RsaKey*)rsa->internal, padding, hType)) <= 0) { 33572 WOLFSSL_MSG("RSA Decrypt error"); 33573 goto cleanup; 33574 } 33575 #else 33576 verLen = wc_RsaSSL_Verify(sig, sigLen, (unsigned char *)sigDec, sigLen, 33577 (RsaKey*)rsa->internal); 33578 #endif 33579 DEBUG_SIGN_msg("Decrypted Signature", sigDec, ret); 33580 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && defined(WC_RSA_PSS) 33581 if (padding == RSA_PKCS1_PSS_PADDING) { 33582 if (wc_RsaPSS_CheckPadding_ex(m, mLen, sigDec, verLen, 33583 hType, 33584 #ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER 33585 RSA_PSS_SALT_LEN_DEFAULT, 33586 #else 33587 RSA_PSS_SALT_LEN_DISCOVER, 33588 #endif 33589 mp_count_bits(&((RsaKey*)rsa->internal)->n)) != 0) { 33590 WOLFSSL_MSG("wc_RsaPSS_CheckPadding_ex error"); 33591 goto cleanup; 33592 } 33593 } 33594 else 33595 #endif /* !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) */ 33596 if ((int)len != verLen || XMEMCMP(sigRet, sigDec, verLen) != 0) { 33597 WOLFSSL_MSG("wolfSSL_RSA_verify_ex failed"); 33598 goto cleanup; 33599 } 33600 33601 WOLFSSL_MSG("wolfSSL_RSA_verify_ex success"); 33602 ret = WOLFSSL_SUCCESS; 33603 cleanup: 33604 if (sigRet) 30118 33605 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30119 return WOLFSSL_FAILURE; 30120 } 30121 /* get non-encrypted signature to be compared with decrypted signature */ 30122 ret = wolfSSL_RSA_sign_ex(type, m, mLen, sigRet, &len, rsa, 0); 30123 if (ret <= 0) { 30124 WOLFSSL_MSG("Message Digest Error"); 30125 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 33606 if (sigDec) 30126 33607 XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30127 return WOLFSSL_FAILURE; 30128 } 30129 show("Encoded Message", sigRet, len); 30130 /* decrypt signature */ 30131 ret = wc_RsaSSL_Verify(sig, sigLen, (unsigned char *)sigDec, sigLen, 30132 (RsaKey*)rsa->internal); 30133 if (ret <= 0) { 30134 WOLFSSL_MSG("RSA Decrypt error"); 30135 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30136 XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30137 return WOLFSSL_FAILURE; 30138 } 30139 show("Decrypted Signature", sigDec, ret); 30140 30141 if ((int)len == ret && XMEMCMP(sigRet, sigDec, ret) == 0) { 30142 WOLFSSL_MSG("wolfSSL_RSA_verify success"); 30143 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30144 XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30145 return WOLFSSL_SUCCESS; 30146 } 30147 else { 30148 WOLFSSL_MSG("wolfSSL_RSA_verify failed"); 30149 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30150 XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30151 return WOLFSSL_FAILURE; 30152 } 33608 return ret; 30153 33609 } 30154 33610 … … 30225 33681 WOLFSSL_HMAC_CTX* wolfSSL_HMAC_CTX_new(void) 30226 33682 { 30227 return (WOLFSSL_HMAC_CTX*)XMALLOC(sizeof(WOLFSSL_HMAC_CTX), NULL, 30228 DYNAMIC_TYPE_OPENSSL); 33683 WOLFSSL_HMAC_CTX* hmac_ctx = (WOLFSSL_HMAC_CTX*)XMALLOC( 33684 sizeof(WOLFSSL_HMAC_CTX), NULL, DYNAMIC_TYPE_OPENSSL); 33685 if (hmac_ctx != NULL) { 33686 XMEMSET(hmac_ctx, 0, sizeof(WOLFSSL_HMAC_CTX)); 33687 } 33688 return hmac_ctx; 30229 33689 } 30230 33690 … … 30258 33718 { 30259 33719 void* heap; 33720 int ret; 30260 33721 30261 33722 #ifndef HAVE_FIPS … … 30272 33733 #ifndef NO_MD5 30273 33734 case WC_MD5: 30274 wc_Md5Copy(&src->hash.md5, &des->hash.md5);33735 ret = wc_Md5Copy(&src->hash.md5, &des->hash.md5); 30275 33736 break; 30276 33737 #endif /* !NO_MD5 */ … … 30278 33739 #ifndef NO_SHA 30279 33740 case WC_SHA: 30280 wc_ShaCopy(&src->hash.sha, &des->hash.sha);33741 ret = wc_ShaCopy(&src->hash.sha, &des->hash.sha); 30281 33742 break; 30282 33743 #endif /* !NO_SHA */ … … 30284 33745 #ifdef WOLFSSL_SHA224 30285 33746 case WC_SHA224: 30286 wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224);33747 ret = wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224); 30287 33748 break; 30288 33749 #endif /* WOLFSSL_SHA224 */ … … 30290 33751 #ifndef NO_SHA256 30291 33752 case WC_SHA256: 30292 wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256);33753 ret = wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256); 30293 33754 break; 30294 33755 #endif /* !NO_SHA256 */ … … 30296 33757 #ifdef WOLFSSL_SHA384 30297 33758 case WC_SHA384: 30298 wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384);33759 ret = wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384); 30299 33760 break; 30300 33761 #endif /* WOLFSSL_SHA384 */ 30301 33762 #ifdef WOLFSSL_SHA512 30302 33763 case WC_SHA512: 30303 wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512);33764 ret = wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512); 30304 33765 break; 30305 33766 #endif /* WOLFSSL_SHA512 */ 33767 #ifdef WOLFSSL_SHA3 33768 #ifndef WOLFSSL_NOSHA3_224 33769 case WC_SHA3_224: 33770 ret = wc_Sha3_224_Copy(&src->hash.sha3, &des->hash.sha3); 33771 break; 33772 #endif /* WOLFSSL_NO_SHA3_224 */ 33773 #ifndef WOLFSSL_NOSHA3_256 33774 case WC_SHA3_256: 33775 ret = wc_Sha3_256_Copy(&src->hash.sha3, &des->hash.sha3); 33776 break; 33777 #endif /* WOLFSSL_NO_SHA3_256 */ 33778 #ifndef WOLFSSL_NOSHA3_384 33779 case WC_SHA3_384: 33780 ret = wc_Sha3_384_Copy(&src->hash.sha3, &des->hash.sha3); 33781 break; 33782 #endif /* WOLFSSL_NO_SHA3_384 */ 33783 #ifndef WOLFSSL_NOSHA3_512 33784 case WC_SHA3_512: 33785 ret = wc_Sha3_512_Copy(&src->hash.sha3, &des->hash.sha3); 33786 break; 33787 #endif /* WOLFSSL_NO_SHA3_512 */ 33788 #endif /* WOLFSSL_SHA3 */ 30306 33789 30307 33790 default: 30308 33791 return WOLFSSL_FAILURE; 30309 33792 } 33793 33794 if (ret != 0) 33795 return WOLFSSL_FAILURE; 30310 33796 30311 33797 XMEMCPY((byte*)des->ipad, (byte*)src->ipad, WC_HMAC_BLOCK_SIZE); … … 30438 33924 int hmac_error = 0; 30439 33925 void* heap = NULL; 33926 int inited; 30440 33927 30441 33928 WOLFSSL_MSG("wolfSSL_HMAC_Init"); … … 30487 33974 } 30488 33975 else 33976 #endif 33977 #ifdef WOLFSSL_SHA3 33978 #ifndef WOLFSSL_NOSHA3_224 33979 if (XSTRNCMP(type, "SHA3_224", 8) == 0) { 33980 WOLFSSL_MSG("sha3_224 hmac"); 33981 ctx->type = WC_SHA3_224; 33982 } 33983 else 33984 #endif 33985 #ifndef WOLFSSL_NOSHA3_256 33986 if (XSTRNCMP(type, "SHA3_256", 8) == 0) { 33987 WOLFSSL_MSG("sha3_256 hmac"); 33988 ctx->type = WC_SHA3_256; 33989 } 33990 else 33991 #endif 33992 if (XSTRNCMP(type, "SHA3_384", 8) == 0) { 33993 WOLFSSL_MSG("sha3_384 hmac"); 33994 ctx->type = WC_SHA3_384; 33995 } 33996 else 33997 #ifndef WOLFSSL_NOSHA3_512 33998 if (XSTRNCMP(type, "SHA3_512", 8) == 0) { 33999 WOLFSSL_MSG("sha3_512 hmac"); 34000 ctx->type = WC_SHA3_512; 34001 } 34002 else 34003 #endif 30489 34004 #endif 30490 34005 … … 30503 34018 } 30504 34019 30505 if (key && keylen) { 34020 /* Check if init has been called before */ 34021 inited = (ctx->hmac.macType != WC_HASH_TYPE_NONE); 34022 /* Free if needed */ 34023 if (inited) { 34024 wc_HmacFree(&ctx->hmac); 34025 } 34026 if (key != NULL) { 30506 34027 WOLFSSL_MSG("keying hmac"); 30507 34028 … … 30519 34040 } 30520 34041 /* OpenSSL compat, no error */ 30521 } else if(ctx->type >= 0) { /* MD5 == 0 */ 34042 } 34043 else if (!inited) { 34044 return WOLFSSL_FAILURE; 34045 } 34046 else if (ctx->type >= 0) { /* MD5 == 0 */ 30522 34047 WOLFSSL_MSG("recover hmac"); 30523 wc_HmacFree(&ctx->hmac);30524 34048 if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) { 30525 34049 ctx->hmac.macType = (byte)ctx->type; … … 30626 34150 #endif 30627 34151 34152 #ifdef WOLFSSL_SHA3 34153 #ifndef WOLFSSL_NOSHA3_224 34154 case WC_SHA3_224: 34155 *len = WC_SHA3_224_DIGEST_SIZE; 34156 break; 34157 #endif 34158 #ifndef WOLFSSL_NOSHA3_256 34159 case WC_SHA3_256: 34160 *len = WC_SHA3_256_DIGEST_SIZE; 34161 break; 34162 #endif 34163 #ifndef WOLFSSL_NOSHA3_384 34164 case WC_SHA3_384: 34165 *len = WC_SHA3_384_DIGEST_SIZE; 34166 break; 34167 #endif 34168 #ifndef WOLFSSL_NOSHA3_512 34169 case WC_SHA3_512: 34170 *len = WC_SHA3_512_DIGEST_SIZE; 34171 break; 34172 #endif 34173 #endif 34174 30628 34175 default: 30629 34176 WOLFSSL_MSG("bad hmac type"); … … 30640 34187 WOLFSSL_MSG("wolfSSL_HMAC_cleanup"); 30641 34188 30642 if (ctx) 34189 if (ctx) { 30643 34190 wc_HmacFree(&ctx->hmac); 30644 30645 return SSL_SUCCESS; 30646 } 30647 34191 } 34192 34193 return WOLFSSL_SUCCESS; 34194 } 34195 34196 void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx) 34197 { 34198 if (ctx) { 34199 wolfSSL_HMAC_cleanup(ctx); 34200 } 34201 } 30648 34202 30649 34203 void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx) 30650 34204 { 30651 if (!ctx) { 30652 return; 30653 } 30654 wolfSSL_HMAC_cleanup(ctx); 30655 XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL); 34205 if (ctx) { 34206 wolfSSL_HMAC_CTX_cleanup(ctx); 34207 XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL); 34208 } 30656 34209 } 30657 34210 … … 30724 34277 void *wolfSSL_OPENSSL_malloc(size_t a) 30725 34278 { 30726 return XMALLOC(a, NULL, DYNAMIC_TYPE_OPENSSL); 34279 return (void *)XMALLOC(a, NULL, DYNAMIC_TYPE_OPENSSL); 34280 } 34281 34282 int wolfSSL_OPENSSL_init_ssl(word64 opts, const OPENSSL_INIT_SETTINGS *settings) 34283 { 34284 (void)opts; 34285 (void)settings; 34286 return wolfSSL_library_init(); 34287 } 34288 34289 int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETTINGS* settings) 34290 { 34291 (void)opts; 34292 (void)settings; 34293 return wolfSSL_library_init(); 30727 34294 } 30728 34295 … … 30730 34297 30731 34298 static int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher, 30732 unsigned char* passwd, int passwdSz, byte **cipherInfo) 34299 unsigned char* passwd, int passwdSz, byte **cipherInfo, 34300 int maxDerSz) 30733 34301 { 30734 34302 int ret, paddingSz; … … 30783 34351 if (paddingSz == 0) 30784 34352 paddingSz = info->ivSz; 34353 if (maxDerSz < *derSz + paddingSz) { 34354 WOLFSSL_MSG("not enough DER buffer allocated"); 34355 #ifdef WOLFSSL_SMALL_STACK 34356 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); 34357 #endif 34358 return WOLFSSL_FAILURE; 34359 } 30785 34360 XMEMSET(der+(*derSz), (byte)paddingSz, paddingSz); 30786 34361 (*derSz) += paddingSz; … … 30898 34473 #endif 30899 34474 30900 #if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)34475 #ifndef NO_BIO 30901 34476 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && !defined(NO_RSA) 30902 30903 34477 /* Takes a WOLFSSL_RSA key and writes it out to a WOLFSSL_BIO 30904 34478 * … … 30946 34520 } 30947 34521 34522 if (derBuf == NULL) { 34523 WOLFSSL_MSG("wolfSSL_RSA_To_Der failed to get buffer"); 34524 return WOLFSSL_FAILURE; 34525 } 34526 30948 34527 pkey->pkey.ptr = (char*)XMALLOC(derSz, bio->heap, 30949 34528 DYNAMIC_TYPE_TMP_BUFFER); … … 31001 34580 } 31002 34581 34582 if (derBuf == NULL) { 34583 WOLFSSL_MSG("wolfSSL_RSA_To_Der failed to get buffer"); 34584 return WOLFSSL_FAILURE; 34585 } 34586 31003 34587 pkey->pkey.ptr = (char*)XMALLOC(derSz, bio->heap, 31004 34588 DYNAMIC_TYPE_TMP_BUFFER); … … 31183 34767 return WOLFSSL_SUCCESS; 31184 34768 } 31185 #endif /* defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)*/34769 #endif /* !NO_BIO */ 31186 34770 31187 34771 #if (defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)) && \ … … 31228 34812 if (passwd != NULL && passwdSz > 0 && cipher != NULL) { 31229 34813 int ret; 34814 int blockSz = wolfSSL_EVP_CIPHER_block_size(cipher); 34815 byte *tmpBuf; 34816 34817 /* Add space for padding */ 34818 if (!(tmpBuf = (byte*)XREALLOC(derBuf, derSz + blockSz, NULL, 34819 DYNAMIC_TYPE_TMP_BUFFER))) { 34820 WOLFSSL_MSG("Extending DER buffer failed"); 34821 XFREE(derBuf, NULL, DYNAMIC_TYPE_DER); 34822 return WOLFSSL_FAILURE; 34823 } 34824 derBuf = tmpBuf; 31230 34825 31231 34826 ret = EncryptDerKey(derBuf, &derSz, cipher, 31232 passwd, passwdSz, &cipherInfo );34827 passwd, passwdSz, &cipherInfo, derSz + blockSz); 31233 34828 if (ret != WOLFSSL_SUCCESS) { 31234 34829 WOLFSSL_MSG("EncryptDerKey failed"); … … 31459 35054 /* set group (OID, nid and idx) */ 31460 35055 eckey->group->curve_oid = ecc_sets[key->idx].oidSum; 31461 eckey->group->curve_nid = ecc_sets[key->idx].id;35056 eckey->group->curve_nid = EccEnumToNID(ecc_sets[key->idx].id); 31462 35057 eckey->group->curve_idx = key->idx; 31463 35058 … … 31627 35222 WOLFSSL_EC_KEY *key; 31628 35223 int x; 31629 int eccEnum ;35224 int eccEnum = NIDToEccEnum(nid); 31630 35225 31631 35226 WOLFSSL_ENTER("wolfSSL_EC_KEY_new_by_curve_name"); 31632 31633 /* If NID passed in is OpenSSL type, convert it to ecc_curve_id enum */31634 eccEnum = NIDToEccEnum(nid);31635 if (eccEnum == -1)31636 eccEnum = nid;31637 35227 31638 35228 key = wolfSSL_EC_KEY_new(); … … 31643 35233 31644 35234 /* set the nid of the curve */ 31645 key->group->curve_nid = eccEnum; 31646 31647 /* search and set the corresponding internal curve idx */ 31648 for (x = 0; ecc_sets[x].size != 0; x++) 31649 if (ecc_sets[x].id == key->group->curve_nid) { 31650 key->group->curve_idx = x; 31651 key->group->curve_oid = ecc_sets[x].oidSum; 31652 break; 31653 } 35235 key->group->curve_nid = nid; 35236 35237 if (eccEnum != -1) { 35238 /* search and set the corresponding internal curve idx */ 35239 for (x = 0; ecc_sets[x].size != 0; x++) 35240 if (ecc_sets[x].id == eccEnum) { 35241 key->group->curve_idx = x; 35242 key->group->curve_oid = ecc_sets[x].oidSum; 35243 break; 35244 } 35245 } 31654 35246 31655 35247 return key; … … 31667 35259 } 31668 35260 31669 #if def WOLFSSL_TLS1335261 #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) 31670 35262 static int populate_groups(int* groups, int max_count, char *list) 31671 35263 { … … 31723 35315 } 31724 35316 31725 return wolfSSL_CTX_set_groups(ctx, groups, count) == WOLFSSL_SUCCESS ? 31726 WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 35317 return wolfSSL_CTX_set1_groups(ctx, groups, count); 31727 35318 } 31728 35319 … … 31741 35332 } 31742 35333 31743 return wolfSSL_set_groups(ssl, groups, count) == WOLFSSL_SUCCESS ? 31744 WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 35334 return wolfSSL_set1_groups(ssl, groups, count); 31745 35335 } 31746 35336 #endif /* WOLFSSL_TLS13 */ … … 31848 35438 { 31849 35439 int initTmpRng = 0; 35440 int eccEnum; 31850 35441 WC_RNG* rng = NULL; 31851 35442 #ifdef WOLFSSL_SMALL_STACK … … 31889 35480 } 31890 35481 31891 if (wc_ecc_make_key_ex(rng, 0, (ecc_key*)key->internal, 31892 key->group->curve_nid) != MP_OKAY) { 35482 /* NIDToEccEnum returns -1 for invalid NID so if key->group->curve_nid 35483 * is 0 then pass ECC_CURVE_DEF as arg */ 35484 eccEnum = key->group->curve_nid ? 35485 NIDToEccEnum(key->group->curve_nid) : ECC_CURVE_DEF; 35486 if (wc_ecc_make_key_ex(rng, 0, (ecc_key*)key->internal, eccEnum) != MP_OKAY) { 31893 35487 WOLFSSL_MSG("wolfSSL_EC_KEY_generate_key wc_ecc_make_key failed"); 31894 35488 #ifdef WOLFSSL_SMALL_STACK … … 32201 35795 } 32202 35796 35797 WOLFSSL_EC_GROUP *wolfSSL_EC_GROUP_dup(const WOLFSSL_EC_GROUP *src) 35798 { 35799 if (!src) 35800 return NULL; 35801 return wolfSSL_EC_GROUP_new_by_curve_name(src->curve_nid); 35802 } 35803 32203 35804 #endif /* HAVE_ECC */ 32204 35805 #endif /* OPENSSL_EXTRA */ … … 32251 35852 /* If NID passed in is OpenSSL type, convert it to ecc_curve_id enum */ 32252 35853 eccEnum = NIDToEccEnum(nid); 32253 if (eccEnum == -1)32254 eccEnum = nid;32255 32256 35854 32257 35855 /* curve group */ … … 32265 35863 32266 35864 /* set the nid of the curve */ 32267 g->curve_nid = eccEnum;32268 32269 if (eccEnum > ECC_CURVE_DEF) {35865 g->curve_nid = nid; 35866 35867 if (eccEnum != -1) { 32270 35868 /* search and set the corresponding internal curve idx */ 32271 35869 for (x = 0; ecc_sets[x].size != 0; x++) 32272 if (ecc_sets[x].id == g->curve_nid) {35870 if (ecc_sets[x].id == eccEnum) { 32273 35871 g->curve_idx = x; 32274 35872 g->curve_oid = ecc_sets[x].oidSum; … … 32518 36116 } 32519 36117 36118 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) 32520 36119 /* return code compliant with OpenSSL : 32521 36120 * 1 if success, 0 if error … … 32621 36220 } 32622 36221 36222 32623 36223 int wolfSSL_EC_POINT_oct2point(const WOLFSSL_EC_GROUP *group, 32624 36224 WOLFSSL_EC_POINT *p, const unsigned char *buf, … … 32648 36248 } 32649 36249 36250 #ifdef HAVE_COMP_KEY 32650 36251 /* Default to compressed form if not set */ 32651 36252 form = in->form == POINT_CONVERSION_UNCOMPRESSED ? 32652 36253 POINT_CONVERSION_UNCOMPRESSED: 32653 36254 POINT_CONVERSION_COMPRESSED; 36255 #else 36256 form = POINT_CONVERSION_UNCOMPRESSED; 36257 #endif 32654 36258 32655 36259 len = wolfSSL_EC_POINT_point2oct(in->group, in->pub_key, form, … … 32684 36288 } 32685 36289 36290 #ifdef HAVE_ECC_KEY_IMPORT 36291 WOLFSSL_EC_KEY *wolfSSL_d2i_ECPrivateKey(WOLFSSL_EC_KEY **key, const unsigned char **in, 36292 long len) 36293 { 36294 WOLFSSL_EC_KEY *eckey = NULL; 36295 WOLFSSL_ENTER("wolfSSL_d2i_ECPrivateKey"); 36296 36297 if (!in || !*in || len <= 0) { 36298 WOLFSSL_MSG("wolfSSL_d2i_ECPrivateKey Bad arguments"); 36299 return NULL; 36300 } 36301 36302 if (!(eckey = wolfSSL_EC_KEY_new())) { 36303 WOLFSSL_MSG("wolfSSL_EC_KEY_new error"); 36304 return NULL; 36305 } 36306 36307 if (wc_ecc_import_private_key(*in, (word32)len, NULL, 0, 36308 (ecc_key*)eckey->internal) != MP_OKAY) { 36309 WOLFSSL_MSG("wc_ecc_import_private_key error"); 36310 goto error; 36311 } 36312 36313 eckey->inSet = 1; 36314 36315 if (SetECKeyExternal(eckey) != WOLFSSL_SUCCESS) { 36316 WOLFSSL_MSG("SetECKeyExternal error"); 36317 goto error; 36318 } 36319 36320 if (key) { 36321 *key = eckey; 36322 } 36323 36324 return eckey; 36325 36326 error: 36327 wolfSSL_EC_KEY_free(eckey); 36328 return NULL; 36329 } 36330 #endif /* HAVE_ECC_KEY_IMPORT */ 36331 36332 int wolfSSL_i2d_ECPrivateKey(const WOLFSSL_EC_KEY *in, unsigned char **out) 36333 { 36334 int len; 36335 byte* buf = NULL; 36336 WOLFSSL_ENTER("wolfSSL_i2d_ECPrivateKey"); 36337 36338 if (!in) { 36339 WOLFSSL_MSG("wolfSSL_i2d_ECPrivateKey Bad arguments"); 36340 return WOLFSSL_FAILURE; 36341 } 36342 36343 if (!in->inSet && SetECKeyInternal((WOLFSSL_EC_KEY*)in) != WOLFSSL_SUCCESS) { 36344 WOLFSSL_MSG("SetECKeyInternal error"); 36345 return WOLFSSL_FAILURE; 36346 } 36347 36348 if ((len = wc_ecc_size((ecc_key*)in->internal)) <= 0) { 36349 WOLFSSL_MSG("wc_ecc_size error"); 36350 return WOLFSSL_FAILURE; 36351 } 36352 36353 if (out) { 36354 if (!(buf = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER))) { 36355 WOLFSSL_MSG("tmp buffer malloc error"); 36356 return WOLFSSL_FAILURE; 36357 } 36358 36359 if (wc_ecc_export_private_only((ecc_key*)in->internal, buf, 36360 (word32*)&len) != MP_OKAY) { 36361 WOLFSSL_MSG("wc_ecc_export_private_only error"); 36362 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 36363 return WOLFSSL_FAILURE; 36364 } 36365 36366 if (*out) { 36367 XMEMCPY(*out, buf, len); 36368 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 36369 } 36370 else { 36371 *out = buf; 36372 } 36373 } 36374 36375 return len; 36376 } 36377 32686 36378 void wolfSSL_EC_KEY_set_conv_form(WOLFSSL_EC_KEY *eckey, char form) 32687 36379 { 32688 if (eckey && (form == POINT_CONVERSION_COMPRESSED || 32689 form == POINT_CONVERSION_UNCOMPRESSED)) { 36380 if (eckey && (form == POINT_CONVERSION_UNCOMPRESSED 36381 #ifdef HAVE_COMP_KEY 36382 || form == POINT_CONVERSION_COMPRESSED 36383 #endif 36384 )) { 32690 36385 eckey->form = form; 36386 } else { 36387 WOLFSSL_MSG("Incorrect form or HAVE_COMP_KEY not compiled in"); 32691 36388 } 32692 36389 } … … 32728 36425 return ret; 32729 36426 } 36427 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 36428 36429 #ifdef USE_ECC_B_PARAM 36430 int wolfSSL_EC_POINT_is_on_curve(const WOLFSSL_EC_GROUP *group, 36431 const WOLFSSL_EC_POINT *point, 36432 WOLFSSL_BN_CTX *ctx) 36433 { 36434 (void)ctx; 36435 WOLFSSL_ENTER("wolfSSL_EC_POINT_is_on_curve"); 36436 36437 if (!group || !point) { 36438 WOLFSSL_MSG("Invalid arguments"); 36439 return WOLFSSL_FAILURE; 36440 } 36441 36442 if (!point->inSet && SetECPointInternal((WOLFSSL_EC_POINT*)point)) { 36443 WOLFSSL_MSG("SetECPointInternal error"); 36444 return WOLFSSL_FAILURE; 36445 } 36446 36447 return wc_ecc_point_is_on_curve((ecc_point*)point->internal, group->curve_idx) 36448 == MP_OKAY ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 36449 } 36450 #endif /* USE_ECC_B_PARAM */ 32730 36451 32731 36452 WOLFSSL_EC_POINT *wolfSSL_EC_POINT_new(const WOLFSSL_EC_GROUP *group) … … 32859 36580 } 32860 36581 32861 #if !defined(WOLFSSL_ATECC508A) && !defined(HAVE_SELFTEST) 36582 #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \ 36583 !defined(HAVE_SELFTEST) 36584 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) 36585 int wolfSSL_EC_POINT_add(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r, 36586 const WOLFSSL_EC_POINT *p1, 36587 const WOLFSSL_EC_POINT *p2, WOLFSSL_BN_CTX *ctx) 36588 { 36589 mp_int a, prime, mu; 36590 mp_digit mp = 0; 36591 ecc_point* montP1 = NULL; 36592 ecc_point* montP2 = NULL; 36593 ecc_point* eccP1; 36594 ecc_point* eccP2; 36595 int ret = WOLFSSL_FAILURE; 36596 36597 (void)ctx; 36598 36599 if (!group || !r || !p1 || !p2) { 36600 WOLFSSL_MSG("wolfSSL_EC_POINT_add error"); 36601 return WOLFSSL_FAILURE; 36602 } 36603 36604 if (setupPoint(r) != WOLFSSL_SUCCESS || 36605 setupPoint(p1) != WOLFSSL_SUCCESS || 36606 setupPoint(p2) != WOLFSSL_SUCCESS) { 36607 WOLFSSL_MSG("setupPoint error"); 36608 return WOLFSSL_FAILURE; 36609 } 36610 36611 /* read the curve prime and a */ 36612 if (mp_init_multi(&prime, &a, &mu, NULL, NULL, NULL) != MP_OKAY) { 36613 WOLFSSL_MSG("mp_init_multi error"); 36614 goto cleanup; 36615 } 36616 36617 if (mp_read_radix(&a, ecc_sets[group->curve_idx].Af, MP_RADIX_HEX) 36618 != MP_OKAY) { 36619 WOLFSSL_MSG("mp_read_radix a error"); 36620 goto cleanup; 36621 } 36622 36623 if (mp_read_radix(&prime, ecc_sets[group->curve_idx].prime, MP_RADIX_HEX) 36624 != MP_OKAY) { 36625 WOLFSSL_MSG("mp_read_radix prime error"); 36626 goto cleanup; 36627 } 36628 36629 if (mp_montgomery_setup(&prime, &mp) != MP_OKAY) { 36630 WOLFSSL_MSG("mp_montgomery_setup nqm error"); 36631 goto cleanup; 36632 } 36633 36634 eccP1 = (ecc_point*)p1->internal; 36635 eccP2 = (ecc_point*)p2->internal; 36636 36637 if (!(montP1 = wc_ecc_new_point_h(NULL)) || 36638 !(montP2 = wc_ecc_new_point_h(NULL))) { 36639 WOLFSSL_MSG("wc_ecc_new_point_h nqm error"); 36640 goto cleanup; 36641 } 36642 36643 if ((mp_montgomery_calc_normalization(&mu, &prime)) != MP_OKAY) { 36644 WOLFSSL_MSG("mp_montgomery_calc_normalization error"); 36645 goto cleanup; 36646 } 36647 36648 /* Convert to Montgomery form */ 36649 if (mp_cmp_d(&mu, 1) == MP_EQ) { 36650 if (wc_ecc_copy_point(eccP1, montP1) != MP_OKAY || 36651 wc_ecc_copy_point(eccP2, montP2) != MP_OKAY) { 36652 WOLFSSL_MSG("wc_ecc_copy_point error"); 36653 goto cleanup; 36654 } 36655 } else { 36656 if (mp_mulmod(eccP1->x, &mu, &prime, montP1->x) != MP_OKAY || 36657 mp_mulmod(eccP1->y, &mu, &prime, montP1->y) != MP_OKAY || 36658 mp_mulmod(eccP1->z, &mu, &prime, montP1->z) != MP_OKAY) { 36659 WOLFSSL_MSG("mp_mulmod error"); 36660 goto cleanup; 36661 } 36662 if (mp_mulmod(eccP2->x, &mu, &prime, montP2->x) != MP_OKAY || 36663 mp_mulmod(eccP2->y, &mu, &prime, montP2->y) != MP_OKAY || 36664 mp_mulmod(eccP2->z, &mu, &prime, montP2->z) != MP_OKAY) { 36665 WOLFSSL_MSG("mp_mulmod error"); 36666 goto cleanup; 36667 } 36668 } 36669 36670 if (ecc_projective_add_point(montP1, montP2, (ecc_point*)r->internal, 36671 &a, &prime, mp) != MP_OKAY) { 36672 WOLFSSL_MSG("ecc_projective_add_point error"); 36673 goto cleanup; 36674 } 36675 36676 if (ecc_map((ecc_point*)r->internal, &prime, mp) != MP_OKAY) { 36677 WOLFSSL_MSG("ecc_map error"); 36678 goto cleanup; 36679 } 36680 36681 ret = WOLFSSL_SUCCESS; 36682 cleanup: 36683 mp_clear(&a); 36684 mp_clear(&prime); 36685 mp_clear(&mu); 36686 wc_ecc_del_point_h(montP1, NULL); 36687 wc_ecc_del_point_h(montP2, NULL); 36688 return ret; 36689 } 36690 32862 36691 /* Calculate the value: generator * n + q * m 32863 36692 * return code compliant with OpenSSL : … … 32940 36769 } 32941 36770 /* r = generator * n */ 32942 if (wc_ecc_mulmod((mp_int*)n->internal, result, result, &a, &prime, 1)36771 if (wc_ecc_mulmod((mp_int*)n->internal, result, result, &a, &prime, 0) 32943 36772 != MP_OKAY) { 32944 36773 WOLFSSL_MSG("wc_ecc_mulmod nqm error"); … … 32947 36776 /* tmp = q * m */ 32948 36777 if (wc_ecc_mulmod((mp_int*)m->internal, (ecc_point*)q->internal, 32949 tmp, &a, &prime, 1) != MP_OKAY) {36778 tmp, &a, &prime, 0) != MP_OKAY) { 32950 36779 WOLFSSL_MSG("wc_ecc_mulmod nqm error"); 32951 36780 goto cleanup; … … 32999 36828 return ret; 33000 36829 } 36830 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 33001 36831 #endif /* !defined(WOLFSSL_ATECC508A) && defined(ECC_SHAMIR) && 33002 36832 * !defined(HAVE_SELFTEST) */ 36833 36834 /* (x, y) -> (x, -y) */ 36835 int wolfSSL_EC_POINT_invert(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *a, 36836 WOLFSSL_BN_CTX *ctx) 36837 { 36838 ecc_point* p; 36839 mp_int prime; 36840 36841 (void)ctx; 36842 36843 WOLFSSL_ENTER("wolfSSL_EC_POINT_invert"); 36844 36845 if (!group || !a || !a->internal || setupPoint(a) != WOLFSSL_SUCCESS) { 36846 return WOLFSSL_FAILURE; 36847 } 36848 36849 p = (ecc_point*)a->internal; 36850 36851 /* read the curve prime and a */ 36852 if (mp_init_multi(&prime, NULL, NULL, NULL, NULL, NULL) != MP_OKAY) { 36853 WOLFSSL_MSG("mp_init_multi error"); 36854 return WOLFSSL_FAILURE; 36855 } 36856 36857 if (mp_sub(&prime, p->y, p->y) != MP_OKAY) { 36858 WOLFSSL_MSG("mp_sub error"); 36859 return WOLFSSL_FAILURE; 36860 } 36861 36862 if (SetECPointExternal(a) != WOLFSSL_SUCCESS) { 36863 WOLFSSL_MSG("SetECPointExternal error"); 36864 return WOLFSSL_FAILURE; 36865 } 36866 36867 return WOLFSSL_SUCCESS; 36868 } 33003 36869 33004 36870 void wolfSSL_EC_POINT_clear_free(WOLFSSL_EC_POINT *p) … … 33122 36988 /* End EC_POINT */ 33123 36989 36990 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) 33124 36991 size_t wolfSSL_EC_get_builtin_curves(WOLFSSL_EC_BUILTIN_CURVE *r, size_t nitems) 33125 36992 { … … 33141 37008 } 33142 37009 33143 return ecc_sets_count; 33144 } 37010 return min_nitems; 37011 } 37012 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 33145 37013 33146 37014 /* Start ECDSA_SIG */ … … 33392 37260 { 33393 37261 word32 len; 33394 (void)KDF; 33395 37262 ecc_key* key; 37263 int ret; 37264 #if defined(ECC_TIMING_RESISTANT) && !defined(HAVE_SELFTEST) \ 37265 && !defined(HAVE_FIPS) 37266 int setGlobalRNG = 0; 37267 #endif 33396 37268 (void)KDF; 33397 37269 … … 33416 37288 33417 37289 len = (word32)outlen; 33418 33419 if (wc_ecc_shared_secret_ssh((ecc_key*)ecdh->internal, 33420 (ecc_point*)pub_key->internal, 33421 (byte *)out, &len) != MP_OKAY) { 37290 key = (ecc_key*)ecdh->internal; 37291 37292 #if defined(ECC_TIMING_RESISTANT) && !defined(HAVE_SELFTEST) \ 37293 && !defined(HAVE_FIPS) 37294 if (key->rng == NULL) { 37295 if (initGlobalRNG == 0 && wolfSSL_RAND_Init() != WOLFSSL_SUCCESS) { 37296 WOLFSSL_MSG("No RNG to use"); 37297 return WOLFSSL_FATAL_ERROR; 37298 } 37299 key->rng = &globalRNG; 37300 setGlobalRNG = 1; 37301 } 37302 #endif 37303 ret = wc_ecc_shared_secret_ssh(key, (ecc_point*)pub_key->internal, 37304 (byte *)out, &len); 37305 #if defined(ECC_TIMING_RESISTANT) && !defined(HAVE_SELFTEST) \ 37306 && !defined(HAVE_FIPS) 37307 if (setGlobalRNG) 37308 key->rng = NULL; 37309 #endif 37310 if (ret != MP_OKAY) { 33422 37311 WOLFSSL_MSG("wc_ecc_shared_secret failed"); 33423 37312 return WOLFSSL_FATAL_ERROR; … … 33443 37332 } 33444 37333 #endif 37334 37335 #ifndef NO_BIO 33445 37336 33446 37337 /* Uses the same format of input as wolfSSL_PEM_read_bio_PrivateKey but expects … … 33512 37403 return local; 33513 37404 } 37405 #endif /* !NO_BIO */ 33514 37406 #endif /* NO_FILESYSTEM */ 33515 37407 33516 37408 #if defined(WOLFSSL_KEY_GEN) 37409 #ifndef NO_BIO 33517 37410 /* Takes a public WOLFSSL_EC_KEY and writes it out to WOLFSSL_BIO 33518 37411 * Returns WOLFSSL_SUCCESS or WOLFSSL_FAILURE … … 33653 37546 } 33654 37547 37548 #endif /* !NO_BIO */ 37549 33655 37550 /* return code compliant with OpenSSL : 33656 37551 * 1 if success, 0 if error … … 33709 37604 33710 37605 ret = EncryptDerKey(derBuf, &derSz, cipher, 33711 passwd, passwdSz, &cipherInfo );37606 passwd, passwdSz, &cipherInfo, der_max_len); 33712 37607 if (ret != WOLFSSL_SUCCESS) { 33713 37608 WOLFSSL_MSG("EncryptDerKey failed"); … … 33823 37718 33824 37719 #if defined(WOLFSSL_KEY_GEN) 37720 #ifndef NO_BIO 33825 37721 33826 37722 /* Takes a DSA Privatekey and writes it out to a WOLFSSL_BIO … … 33962 37858 } 33963 37859 #endif /* HAVE_SELFTEST */ 37860 #endif /* !NO_BIO */ 33964 37861 33965 37862 /* return code compliant with OpenSSL : … … 34019 37916 34020 37917 ret = EncryptDerKey(derBuf, &derSz, cipher, 34021 passwd, passwdSz, &cipherInfo );37918 passwd, passwdSz, &cipherInfo, der_max_len); 34022 37919 if (ret != WOLFSSL_SUCCESS) { 34023 37920 WOLFSSL_MSG("EncryptDerKey failed"); … … 34145 38042 34146 38043 #endif /* #ifndef NO_DSA */ 38044 38045 #ifndef NO_BIO 34147 38046 34148 38047 static int pem_read_bio_key(WOLFSSL_BIO* bio, pem_password_cb* cb, void* pass, … … 34500 38399 #endif /* HAVE_ECC */ 34501 38400 38401 #endif /* !NO_BIO */ 38402 34502 38403 #if !defined(NO_FILESYSTEM) 34503 38404 WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x, … … 34517 38418 #ifndef NO_RSA 34518 38419 38420 #ifndef NO_BIO 34519 38421 #if defined(XSNPRINTF) && !defined(HAVE_FAST_RSA) 34520 38422 /* snprintf() must be available */ … … 34537 38439 int i = 0; 34538 38440 mp_int *rsaElem = NULL; 34539 char rsaStr[][20] = { "Modulus:", 38441 const char *rsaStr[] = { 38442 "Modulus:", 34540 38443 "PublicExponent:", 34541 38444 "PrivateExponent:", … … 34688 38591 34689 38592 #endif /* XSNPRINTF */ 38593 #endif /* !NO_BIO */ 34690 38594 34691 38595 #if !defined(NO_FILESYSTEM) … … 34898 38802 #if defined(WC_RSA_PSS) && (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || \ 34899 38803 defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX)) 34900 static int hash2mgf(enum wc_HashType hType) 34901 { 34902 switch (hType) { 34903 #ifndef NO_SHA 34904 case WC_HASH_TYPE_SHA: 34905 return WC_MGF1SHA1; 34906 #endif 34907 #ifndef NO_SHA256 34908 #ifdef WOLFSSL_SHA224 34909 case WC_HASH_TYPE_SHA224: 34910 return WC_MGF1SHA224; 34911 #endif 34912 case WC_HASH_TYPE_SHA256: 34913 return WC_MGF1SHA256; 34914 #endif 34915 #ifdef WOLFSSL_SHA384 34916 case WC_HASH_TYPE_SHA384: 34917 return WC_MGF1SHA384; 34918 #endif 34919 #ifdef WOLFSSL_SHA512 34920 case WC_HASH_TYPE_SHA512: 34921 return WC_MGF1SHA512; 34922 #endif 34923 case WC_HASH_TYPE_NONE: 34924 case WC_HASH_TYPE_MD2: 34925 case WC_HASH_TYPE_MD4: 34926 case WC_HASH_TYPE_MD5: 34927 case WC_HASH_TYPE_MD5_SHA: 34928 case WC_HASH_TYPE_SHA3_224: 34929 case WC_HASH_TYPE_SHA3_256: 34930 case WC_HASH_TYPE_SHA3_384: 34931 case WC_HASH_TYPE_SHA3_512: 34932 case WC_HASH_TYPE_BLAKE2B: 34933 case WC_HASH_TYPE_BLAKE2S: 34934 default: 34935 WOLFSSL_MSG("Unrecognized or unsupported hash function"); 34936 return WC_MGF1NONE; 34937 } 34938 } 34939 38804 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) 34940 38805 /* 34941 38806 * +-----------+ … … 35003 38868 } 35004 38869 35005 if ((mgf = hash2mgf(hashType)) == WC_MGF1NONE) {35006 WOLFSSL_MSG(" hash2mgf error");38870 if ((mgf = wc_hash2mgf(hashType)) == WC_MGF1NONE) { 38871 WOLFSSL_MSG("wc_hash2mgf error"); 35007 38872 goto cleanup; 35008 38873 } … … 35035 38900 } 35036 38901 35037 if (wc_RsaPad_ex(mHash, wolfSSL_EVP_MD_size(hashAlg), EM, emLen,38902 if (wc_RsaPad_ex(mHash, hashLen, EM, emLen, 35038 38903 RSA_BLOCK_TYPE_1, rng, WC_RSA_PSS_PAD, 35039 wolfSSL_EVP_md2macType(hashAlg), mgf, NULL, 0, saltLen,38904 hashType, mgf, NULL, 0, saltLen, 35040 38905 wolfSSL_BN_num_bits(rsa->n), NULL) != MP_OKAY) { 35041 38906 WOLFSSL_MSG("wc_RsaPad_ex error"); … … 35110 38975 } 35111 38976 35112 if ((mgf = hash2mgf(hashType)) == WC_MGF1NONE) {35113 WOLFSSL_MSG(" hash2mgf error");38977 if ((mgf = wc_hash2mgf(hashType)) == WC_MGF1NONE) { 38978 WOLFSSL_MSG("wc_hash2mgf error"); 35114 38979 return WOLFSSL_FAILURE; 35115 38980 } … … 35147 39012 return WOLFSSL_SUCCESS; 35148 39013 } 35149 #endif 39014 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 39015 #endif /* WC_RSA_PSS && (OPENSSL_ALL || WOLFSSL_ASIO || WOLFSSL_HAPROXY 39016 * || WOLFSSL_NGINX) 39017 */ 35150 39018 35151 39019 #if defined(OPENSSL_EXTRA) … … 35256 39124 if (wolfSSL_RSA_LoadDer_ex(local, 35257 39125 derBuf, derSz, 35258 WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) {39126 WOLFSSL_RSA_LOAD_PUBLIC) != WOLFSSL_SUCCESS) { 35259 39127 wolfSSL_RSA_free(local); 35260 39128 local = NULL; … … 35322 39190 #endif /* NO_RSA */ 35323 39191 35324 #if def OPENSSL_EXTRA35325 #ifndef NO_DSA 39192 #if !defined(NO_DSA) && \ 39193 (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 35326 39194 /* return WOLFSSL_SUCCESS if success, WOLFSSL_FATAL_ERROR if error */ 35327 39195 int wolfSSL_DSA_LoadDer(WOLFSSL_DSA* dsa, const unsigned char* derBuf, int derSz) … … 35393 39261 return WOLFSSL_SUCCESS; 35394 39262 } 35395 #endif /* !NO_DSA */ 35396 39263 #endif /* !NO_DSA && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ 39264 39265 #ifdef OPENSSL_EXTRA 35397 39266 #ifdef HAVE_ECC 35398 39267 /* return WOLFSSL_SUCCESS if success, WOLFSSL_FATAL_ERROR if error */ … … 35448 39317 #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)) 35449 39318 /* return WOLFSSL_SUCCESS if success, WOLFSSL_FATAL_ERROR if error */ 39319 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) 35450 39320 int wolfSSL_DH_LoadDer(WOLFSSL_DH* dh, const unsigned char* derBuf, int derSz) 35451 39321 { … … 35463 39333 return WOLFSSL_FATAL_ERROR; 35464 39334 } 39335 dh->inSet = 1; 35465 39336 35466 39337 if (SetDhExternal(dh) != WOLFSSL_SUCCESS) { … … 35471 39342 return WOLFSSL_SUCCESS; 35472 39343 } 39344 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 35473 39345 #endif /* ! NO_DH && WOLFSSL_QT || OPENSSL_ALL */ 35474 39346 … … 35488 39360 wc_UnLockMutex(&rsa->refMutex); 35489 39361 35490 return 1;35491 } 35492 35493 return 0;39362 return WOLFSSL_SUCCESS; 39363 } 39364 39365 return WOLFSSL_FAILURE; 35494 39366 } 35495 39367 … … 35504 39376 wc_UnLockMutex(&x509->refMutex); 35505 39377 35506 return 1;35507 } 35508 35509 return 0;39378 return WOLFSSL_SUCCESS; 39379 } 39380 39381 return WOLFSSL_FAILURE; 35510 39382 } 35511 39383 … … 36124 39996 #endif 36125 39997 36126 #ifdef OPENSSL_EXTRA 36127 #ifndef NO_CERTS 39998 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ 39999 !defined(WOLFCRYPT_ONLY) 40000 #ifndef NO_CERTS 36128 40001 void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name) 36129 40002 { 36130 40003 WOLFSSL_ENTER("wolfSSL_X509_NAME_free"); 36131 FreeX509Name(name , NULL);40004 FreeX509Name(name); 36132 40005 XFREE(name, NULL, DYNAMIC_TYPE_X509); 36133 40006 } … … 36147 40020 DYNAMIC_TYPE_X509); 36148 40021 if (name != NULL) { 36149 InitX509Name(name, 1 );40022 InitX509Name(name, 1, NULL); 36150 40023 } 36151 40024 return name; … … 36156 40029 WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME *name) 36157 40030 { 36158 WOLFSSL_X509_NAME* dup= NULL;40031 WOLFSSL_X509_NAME* copy = NULL; 36159 40032 36160 40033 WOLFSSL_ENTER("wolfSSL_X509_NAME_dup"); … … 36165 40038 } 36166 40039 36167 if (!( dup= wolfSSL_X509_NAME_new())) {40040 if (!(copy = wolfSSL_X509_NAME_new())) { 36168 40041 return NULL; 36169 40042 } 36170 40043 36171 40044 /* copy contents */ 36172 XMEMCPY(dup, name, sizeof(WOLFSSL_X509_NAME)); 36173 InitX509Name(dup, 1); 36174 dup->sz = name->sz; 36175 36176 /* handle dynamic portions */ 36177 if (name->dynamicName) { 36178 if (!(dup->name = (char*)XMALLOC(name->sz, 0, 36179 DYNAMIC_TYPE_OPENSSL))) { 36180 goto err; 36181 } 36182 } 36183 XMEMCPY(dup->name, name->name, name->sz); 36184 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ 36185 !defined(NO_ASN) 36186 if (!(dup->fullName.fullName = (char*)XMALLOC(name->fullName.fullNameLen, 36187 0, DYNAMIC_TYPE_OPENSSL))) { 36188 goto err; 36189 } 36190 XMEMCPY(dup->fullName.fullName, name->fullName.fullName, 36191 name->fullName.fullNameLen); 36192 #endif 36193 36194 return dup; 36195 36196 err: 36197 if (dup) { 36198 if (dup->dynamicName && dup->name) { 36199 XFREE(dup->name, 0, DYNAMIC_TYPE_OPENSSL); 36200 dup->name = NULL; 36201 } 36202 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ 36203 !defined(NO_ASN) 36204 if (dup->fullName.fullName && 36205 dup->fullName.fullName != name->fullName.fullName) { 36206 XFREE(dup->fullName.fullName, 0, DYNAMIC_TYPE_OPENSSL); 36207 dup->fullName.fullName = NULL; 36208 } 36209 #endif 36210 wolfSSL_X509_NAME_free(dup); 36211 } 36212 return NULL; 36213 } 36214 36215 #if defined(WOLFSSL_CERT_GEN) 36216 /* helper function for CopyX509NameToCertName() 36217 * 36218 * returns WOLFSSL_SUCCESS on success 36219 */ 36220 static int CopyX509NameEntry(char* out, int mx, char* in, int inLen) 40045 InitX509Name(copy, 1, name->heap); 40046 if (wolfSSL_X509_NAME_copy(name, copy) != WOLFSSL_SUCCESS) { 40047 wolfSSL_X509_NAME_free(copy); 40048 return NULL; 40049 } 40050 40051 return copy; 40052 } 40053 40054 #ifdef WOLFSSL_CERT_GEN 40055 40056 #if defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) 40057 /* Helper function to copy cert name from a WOLFSSL_X509_NAME structure to 40058 * a Cert structure. 40059 * 40060 * returns length of DER on success and a negative error value on failure 40061 */ 40062 static int CopyX509NameToCert(WOLFSSL_X509_NAME* n, byte* out) 36221 40063 { 36222 if (inLen > mx) { 36223 WOLFSSL_MSG("Name too long"); 36224 XMEMCPY(out, in, mx); 36225 } 36226 else { 36227 XMEMCPY(out, in, inLen); 36228 out[inLen] = '\0'; 36229 } 36230 36231 /* make sure is null terminated */ 36232 out[mx-1] = '\0'; 36233 36234 return WOLFSSL_SUCCESS; 36235 } 36236 36237 36238 /* Helper function to copy cert name from a WOLFSSL_X509_NAME structure to 36239 * a CertName structure. 36240 * 36241 * returns WOLFSSL_SUCCESS on success and a negative error value on failure 36242 */ 36243 static int CopyX509NameToCertName(WOLFSSL_X509_NAME* n, CertName* cName) 36244 { 36245 DecodedName* dn = NULL; 36246 36247 if (n == NULL || cName == NULL) { 36248 return BAD_FUNC_ARG; 36249 } 36250 36251 dn = &(n->fullName); 36252 36253 /* initialize cert name */ 36254 cName->country[0] = '\0'; 36255 cName->countryEnc = CTC_PRINTABLE; 36256 cName->state[0] = '\0'; 36257 cName->stateEnc = CTC_UTF8; 36258 cName->locality[0] = '\0'; 36259 cName->localityEnc = CTC_UTF8; 36260 cName->sur[0] = '\0'; 36261 cName->surEnc = CTC_UTF8; 36262 cName->org[0] = '\0'; 36263 cName->orgEnc = CTC_UTF8; 36264 cName->unit[0] = '\0'; 36265 cName->unitEnc = CTC_UTF8; 36266 cName->commonName[0] = '\0'; 36267 cName->commonNameEnc = CTC_UTF8; 36268 cName->serialDev[0] = '\0'; 36269 cName->serialDevEnc = CTC_PRINTABLE; 36270 #ifdef WOLFSSL_CERT_EXT 36271 cName->busCat[0] = '\0'; 36272 cName->busCatEnc = CTC_UTF8; 36273 cName->joiC[0] = '\0'; 36274 cName->joiCEnc = CTC_PRINTABLE; 36275 cName->joiSt[0] = '\0'; 36276 cName->joiStEnc = CTC_PRINTABLE; 36277 #endif 36278 cName->email[0] = '\0'; 36279 36280 36281 /* ASN_COUNTRY_NAME */ 36282 WOLFSSL_MSG("Copy Country Name"); 36283 if (CopyX509NameEntry(cName->country, CTC_NAME_SIZE, dn->fullName + dn->cIdx, 36284 dn->cLen) != SSL_SUCCESS) { 36285 return BUFFER_E; 36286 } 36287 36288 /* ASN_ORGUNIT_NAME */ 36289 WOLFSSL_MSG("Copy Org Unit Name"); 36290 if (CopyX509NameEntry(cName->unit, CTC_NAME_SIZE, dn->fullName + dn->ouIdx, 36291 dn->ouLen) != SSL_SUCCESS) { 36292 return BUFFER_E; 36293 } 36294 36295 /* ASN_ORG_NAME */ 36296 WOLFSSL_MSG("Copy Org Name"); 36297 if (CopyX509NameEntry(cName->org, CTC_NAME_SIZE, dn->fullName + dn->oIdx, 36298 dn->oLen) != SSL_SUCCESS) { 36299 return BUFFER_E; 36300 } 36301 36302 /* ASN_STATE_NAME */ 36303 WOLFSSL_MSG("Copy State Name"); 36304 if (CopyX509NameEntry(cName->state, CTC_NAME_SIZE, dn->fullName + dn->stIdx, 36305 dn->stLen) != SSL_SUCCESS) { 36306 return BUFFER_E; 36307 } 36308 36309 /* ASN_LOCALITY_NAME */ 36310 WOLFSSL_MSG("Copy Locality Name"); 36311 if (CopyX509NameEntry(cName->locality, CTC_NAME_SIZE, 36312 dn->fullName + dn->lIdx, dn->lLen) 36313 != SSL_SUCCESS) { 36314 return BUFFER_E; 36315 } 36316 36317 /* ASN_SUR_NAME */ 36318 WOLFSSL_MSG("Copy Sur Name"); 36319 if (CopyX509NameEntry(cName->sur, CTC_NAME_SIZE, dn->fullName + dn->snIdx, 36320 dn->snLen) != SSL_SUCCESS) { 36321 return BUFFER_E; 36322 } 36323 36324 /* ASN_COMMON_NAME */ 36325 WOLFSSL_MSG("Copy Common Name"); 36326 if (CopyX509NameEntry(cName->commonName, CTC_NAME_SIZE, 36327 dn->fullName + dn->cnIdx, dn->cnLen) 36328 != SSL_SUCCESS) { 36329 return BUFFER_E; 36330 } 36331 36332 /* ASN_SERIAL_NUMBER */ 36333 WOLFSSL_MSG("Copy Serial Number of Device"); 36334 if (CopyX509NameEntry(cName->serialDev, CTC_NAME_SIZE, 36335 dn->fullName + dn->serialIdx, dn->serialLen) 36336 != SSL_SUCCESS) { 36337 return BUFFER_E; 36338 } 36339 36340 #ifdef WOLFSSL_CERT_EXT 36341 /* ASN_BUS_CAT */ 36342 WOLFSSL_MSG("Copy Business Category"); 36343 if (CopyX509NameEntry(cName->busCat, CTC_NAME_SIZE, 36344 dn->fullName + dn->bcIdx, dn->bcLen) 36345 != SSL_SUCCESS) { 36346 return BUFFER_E; 36347 } 36348 36349 /* JoI Country */ 36350 WOLFSSL_MSG("Copy Jurisdiction of Incorporation Country"); 36351 if (CopyX509NameEntry(cName->joiC, CTC_NAME_SIZE, 36352 dn->fullName + dn->jcIdx, dn->jcLen) 36353 != SSL_SUCCESS) { 36354 return BUFFER_E; 36355 } 36356 36357 /* JoI State */ 36358 WOLFSSL_MSG("Copy Jurisdiction of Incorporation State"); 36359 if (CopyX509NameEntry(cName->joiSt, CTC_NAME_SIZE, 36360 dn->fullName + dn->jsIdx, dn->jsLen) 36361 != SSL_SUCCESS) { 36362 return BUFFER_E; 36363 } 36364 #endif 36365 36366 WOLFSSL_MSG("Copy Email"); 36367 if (CopyX509NameEntry(cName->email, CTC_NAME_SIZE, 36368 dn->fullName + dn->emailIdx, dn->emailLen) 36369 != SSL_SUCCESS) { 36370 return BUFFER_E; 36371 } 36372 36373 return WOLFSSL_SUCCESS; 36374 } 40064 unsigned char* der = NULL; 40065 int length = BAD_FUNC_ARG, ret; 40066 word32 idx = 0; 40067 40068 ret = wolfSSL_i2d_X509_NAME(n, &der); 40069 if (ret > (int)sizeof(CertName) || ret < 0) { 40070 WOLFSSL_MSG("Name conversion error"); 40071 ret = MEMORY_E; 40072 } 40073 40074 if (ret > 0) { 40075 /* strip off sequence, this gets added on certificate creation */ 40076 ret = GetSequence(der, &idx, &length, ret); 40077 } 40078 40079 if (ret > 0) { 40080 XMEMCPY(out, der + idx, length); 40081 } 40082 40083 if (der != NULL) 40084 XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL); 40085 40086 return length; 40087 } 40088 #endif 36375 40089 36376 40090 #ifdef WOLFSSL_CERT_REQ … … 36382 40096 return WOLFSSL_FAILURE; 36383 40097 36384 ret = CopyX509NameToCertName(&req->subject, &cert->subject); 40098 40099 ret = CopyX509NameToCert(&req->subject, cert->sbjRaw); 40100 if (ret < 0) { 40101 WOLFSSL_MSG("REQ subject conversion error"); 40102 ret = MEMORY_E; 40103 } 40104 else { 40105 ret = WOLFSSL_SUCCESS; 40106 } 40107 36385 40108 if (ret == WOLFSSL_SUCCESS) { 36386 40109 cert->version = req->version; 36387 40110 cert->isCA = req->isCa; 36388 #ifdef WOLFSSL_CERT_EXT40111 #ifdef WOLFSSL_CERT_EXT 36389 40112 if (req->subjKeyIdSz != 0) { 36390 40113 XMEMCPY(cert->skid, req->subjKeyId, req->subjKeyIdSz); … … 36394 40117 cert->keyUsage = req->keyUsage; 36395 40118 /* Extended Key Usage not supported. */ 36396 #endif 40119 #endif 40120 #ifdef WOLFSSL_CERT_REQ 40121 XMEMCPY(cert->challengePw, req->challengePw, CTC_NAME_SIZE); 40122 cert->challengePwPrintableString = req->challengePw[0] != 0; 40123 #endif 40124 #ifdef WOLFSSL_ALT_NAMES 40125 cert->altNamesSz = FlattenAltNames(cert->altNames, 40126 sizeof(cert->altNames), req->altNames); 40127 #endif /* WOLFSSL_ALT_NAMES */ 36397 40128 } 36398 40129 36399 40130 return ret; 36400 40131 } 36401 #endif 40132 #endif /* WOLFSSL_CERT_REQ */ 40133 40134 #ifdef WOLFSSL_ALT_NAMES 40135 /* converts WOLFSSL_AN1_TIME to Cert form, returns positive size on 40136 * success */ 40137 static int CertDateFromX509(byte* out, int outSz, WOLFSSL_ASN1_TIME* t) 40138 { 40139 int sz, i; 40140 40141 if (t->length + 1 >= outSz) { 40142 return BUFFER_E; 40143 } 40144 40145 out[0] = t->type; 40146 sz = SetLength(t->length, out + 1) + 1; /* gen tag */ 40147 for (i = 0; i < t->length; i++) { 40148 out[sz + i] = t->data[i]; 40149 } 40150 return t->length + sz; 40151 } 40152 #endif /* WOLFSSL_ALT_NAMES */ 36402 40153 36403 40154 /* convert a WOLFSSL_X509 to a Cert structure for writing out */ … … 36421 40172 #ifdef WOLFSSL_ALT_NAMES 36422 40173 if (x509->notBefore.length > 0) { 36423 if ((x509->notBefore.length + 2) < CTC_DATE_SIZE) { 36424 cert->beforeDate[0] = x509->notBefore.type; 36425 cert->beforeDate[1] = x509->notBefore.length; 36426 XMEMCPY(&cert->beforeDate[2], x509->notBefore.data, 36427 x509->notBefore.length); 36428 cert->beforeDateSz = x509->notBefore.length + 2; 36429 } 36430 else { 36431 WOLFSSL_MSG("Not before date too large"); 40174 cert->beforeDateSz = CertDateFromX509(cert->beforeDate, 40175 CTC_DATE_SIZE, &x509->notBefore); 40176 if (cert->beforeDateSz <= 0){ 40177 WOLFSSL_MSG("Not before date error"); 36432 40178 return WOLFSSL_FAILURE; 36433 40179 } … … 36436 40182 cert->beforeDateSz = 0; 36437 40183 } 40184 36438 40185 if (x509->notAfter.length > 0) { 36439 if ((x509->notAfter.length + 2) < CTC_DATE_SIZE) { 36440 cert->afterDate[0] = x509->notAfter.type; 36441 cert->afterDate[1] = x509->notAfter.length; 36442 XMEMCPY(&cert->afterDate[2], x509->notAfter.data, 36443 x509->notAfter.length); 36444 cert->afterDateSz = x509->notAfter.length + 2; 36445 } 36446 else { 36447 WOLFSSL_MSG("Not after date too large"); 40186 cert->afterDateSz = CertDateFromX509(cert->afterDate, 40187 CTC_DATE_SIZE, &x509->notAfter); 40188 if (cert->afterDateSz <= 0){ 40189 WOLFSSL_MSG("Not after date error"); 36448 40190 return WOLFSSL_FAILURE; 36449 40191 } … … 36455 40197 cert->altNamesSz = FlattenAltNames(cert->altNames, 36456 40198 sizeof(cert->altNames), x509->altNames); 36457 36458 40199 #endif /* WOLFSSL_ALT_NAMES */ 36459 40200 … … 36502 40243 #endif 36503 40244 36504 if (x509->serialSz <= CTC_SERIAL_SIZE) { 36505 XMEMCPY(cert->serial, x509->serial, x509->serialSz); 36506 } 36507 else { 36508 WOLFSSL_MSG("Serial size error"); 40245 /* set serial number */ 40246 if (x509->serialSz > 0) { 40247 #if defined(OPENSSL_EXTRA) 40248 byte serial[EXTERNAL_SERIAL_SIZE]; 40249 int serialSz = EXTERNAL_SERIAL_SIZE; 40250 40251 ret = wolfSSL_X509_get_serial_number(x509, serial, &serialSz); 40252 if (ret != WOLFSSL_SUCCESS) { 40253 WOLFSSL_MSG("Serial size error"); 40254 return WOLFSSL_FAILURE; 40255 } 40256 XMEMCPY(cert->serial, serial, serialSz); 40257 cert->serialSz = serialSz; 40258 #else 40259 WOLFSSL_MSG("Getting X509 serial number not supported"); 36509 40260 return WOLFSSL_FAILURE; 40261 #endif 36510 40262 } 36511 40263 … … 36513 40265 if (x509->issuerSet) 36514 40266 cert->selfSigned = 0; 36515 if ((ret = CopyX509NameToCertName(&(x509->issuer), &(cert->issuer))) 36516 != WOLFSSL_SUCCESS) { 36517 WOLFSSL_MSG("Error copying over issuer names"); 36518 WOLFSSL_LEAVE("wolfSSL_X509_to_Cert()", ret); 36519 return WOLFSSL_FAILURE; 36520 } 36521 if ((ret = CopyX509NameToCertName(&(x509->subject), &(cert->subject))) 36522 != WOLFSSL_SUCCESS) { 36523 WOLFSSL_MSG("Error copying over subject names"); 36524 WOLFSSL_LEAVE("wolfSSL_X509_to_Cert()", ret); 36525 return WOLFSSL_FAILURE; 36526 } 40267 40268 #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) 40269 ret = CopyX509NameToCert(&x509->subject, cert->sbjRaw); 40270 if (ret < 0) { 40271 WOLFSSL_MSG("Subject conversion error"); 40272 return MEMORY_E; 40273 } 40274 if (cert->selfSigned) { 40275 XMEMCPY(cert->issRaw, cert->sbjRaw, sizeof(CertName)); 40276 } 40277 else { 40278 ret = CopyX509NameToCert(&x509->issuer, cert->issRaw); 40279 if (ret < 0) { 40280 WOLFSSL_MSG("Issuer conversion error"); 40281 return MEMORY_E; 40282 } 40283 } 40284 #endif 36527 40285 36528 40286 cert->heap = x509->heap; 36529 40287 40288 (void)ret; 36530 40289 return WOLFSSL_SUCCESS; 36531 40290 } … … 36540 40299 int sigType = WOLFSSL_FAILURE; 36541 40300 40301 #if !defined(NO_PWDBASED) && defined(OPENSSL_EXTRA) 36542 40302 /* Convert key type and hash algorithm to a signature algorithm */ 36543 if (wolfSSL_EVP_get_hashinfo(md, &hashType, NULL) == WOLFSSL_FAILURE) 40303 if (wolfSSL_EVP_get_hashinfo(md, &hashType, NULL) == WOLFSSL_FAILURE) { 36544 40304 return WOLFSSL_FAILURE; 40305 } 40306 #else 40307 (void)md; 40308 WOLFSSL_MSG("Cannot get hashinfo when NO_PWDBASED is defined"); 40309 return WOLFSSL_FAILURE; 40310 #endif /* !defined(NO_PWDBASED) */ 36545 40311 36546 40312 … … 36599 40365 * return WOLFSSL_SUCCESS on success 36600 40366 */ 36601 static int wolf SSL_X509_make_der(WOLFSSL_X509* x509, int req,36602 unsigned char* der, int* derSz )40367 static int wolfssl_x509_make_der(WOLFSSL_X509* x509, int req, 40368 unsigned char* der, int* derSz, int includeSig) 36603 40369 { 36604 int ret; 40370 int ret = WOLFSSL_FAILURE; 40371 int totalLen; 36605 40372 Cert cert; 36606 40373 void* key = NULL; … … 36611 40378 #ifdef HAVE_ECC 36612 40379 ecc_key ecc; 40380 #endif 40381 #ifndef NO_DSA 40382 DsaKey dsa; 36613 40383 #endif 36614 40384 WC_RNG rng; … … 36669 40439 } 36670 40440 #endif 36671 if (key == NULL) 40441 #ifndef NO_DSA 40442 if (x509->pubKeyOID == DSAk) { 40443 type = DSA_TYPE; 40444 ret = wc_InitDsaKey(&dsa); 40445 if (ret != 0) 40446 return ret; 40447 ret = wc_DsaPublicKeyDecode(x509->pubKey.buffer, &idx, &dsa, 40448 x509->pubKey.length); 40449 if (ret != 0) { 40450 wc_FreeDsaKey(&dsa); 40451 return ret; 40452 } 40453 key = (void*)&dsa; 40454 } 40455 #endif 40456 if (key == NULL) { 40457 WOLFSSL_MSG("No public key found for certificate"); 36672 40458 return WOLFSSL_FAILURE; 40459 } 36673 40460 36674 40461 /* Make the body of the certificate request. */ … … 36687 40474 wc_FreeRng(&rng); 36688 40475 } 36689 if (ret < 0) { 36690 return ret; 36691 } 36692 40476 if (ret <= 0) { 40477 ret = WOLFSSL_FAILURE; 40478 goto cleanup; 40479 } 40480 40481 if ((x509->serialSz == 0) && 40482 (cert.serialSz <= EXTERNAL_SERIAL_SIZE) && 40483 (cert.serialSz > 0)) { 40484 #if defined(OPENSSL_EXTRA) 40485 WOLFSSL_ASN1_INTEGER *i = wolfSSL_ASN1_INTEGER_new(); 40486 40487 if (i == NULL) { 40488 WOLFSSL_MSG("wolfSSL_ASN1_INTEGER_new error"); 40489 ret = WOLFSSL_FAILURE; 40490 goto cleanup; 40491 } 40492 else { 40493 i->length = cert.serialSz + 2; 40494 i->data[0] = ASN_INTEGER; 40495 i->data[1] = cert.serialSz; 40496 XMEMCPY(i->data + 2, cert.serial, cert.serialSz); 40497 if (wolfSSL_X509_set_serialNumber(x509, i) != WOLFSSL_SUCCESS) { 40498 WOLFSSL_MSG("Issue setting generated serial number"); 40499 wolfSSL_ASN1_INTEGER_free(i); 40500 ret = WOLFSSL_FAILURE; 40501 goto cleanup; 40502 } 40503 wolfSSL_ASN1_INTEGER_free(i); 40504 } 40505 #else 40506 WOLFSSL_MSG("ASN1_INTEGER API not in build"); 40507 40508 ret = WOLFSSL_FAILURE; 40509 goto cleanup; 40510 #endif /* OPENSSL_EXTRA */ 40511 } 40512 40513 if (includeSig) { 40514 if (!x509->sig.buffer) { 40515 WOLFSSL_MSG("No signature buffer"); 40516 ret = WOLFSSL_FAILURE; 40517 goto cleanup; 40518 } 40519 totalLen = AddSignature(NULL, ret, NULL, x509->sig.length, 40520 x509->sigOID); 40521 if (totalLen > *derSz) { 40522 WOLFSSL_MSG("Output der buffer too short"); 40523 ret = WOLFSSL_FAILURE; 40524 goto cleanup; 40525 } 40526 ret = AddSignature(der, ret, x509->sig.buffer, 40527 x509->sig.length, x509->sigOID); 40528 } 40529 40530 *derSz = ret; 40531 ret = WOLFSSL_SUCCESS; 40532 cleanup: 36693 40533 /* Dispose of the public key object. */ 36694 40534 #ifndef NO_RSA … … 36700 40540 wc_ecc_free(&ecc); 36701 40541 #endif 36702 *derSz = ret; 36703 36704 return WOLFSSL_SUCCESS; 40542 40543 return ret; 36705 40544 } 36706 40545 … … 36723 40562 WC_RNG rng; 36724 40563 40564 (void)req; 40565 36725 40566 sigType = wolfSSL_sigTypeFromPKEY(md, pkey); 36726 40567 if (sigType == WOLFSSL_FAILURE) … … 36742 40583 #endif 36743 40584 36744 /* Sign the certificate requestbody. */40585 /* Sign the certificate (request) body. */ 36745 40586 ret = wc_InitRng(&rng); 36746 40587 if (ret != 0) … … 36750 40591 if (ret < 0) 36751 40592 return ret; 40593 derSz = ret; 40594 40595 /* Extract signature from buffer */ 40596 { 40597 word32 idx = 0; 40598 int len = 0; 40599 40600 /* Read top level sequence */ 40601 if (GetSequence(der, &idx, &len, derSz) < 0) { 40602 WOLFSSL_MSG("GetSequence error"); 40603 return WOLFSSL_FATAL_ERROR; 40604 } 40605 /* Move idx to signature */ 40606 idx += certBodySz; 40607 /* Read signature algo sequence */ 40608 if (GetSequence(der, &idx, &len, derSz) < 0) { 40609 WOLFSSL_MSG("GetSequence error"); 40610 return WOLFSSL_FATAL_ERROR; 40611 } 40612 idx += len; 40613 /* Read signature bit string */ 40614 if (CheckBitString(der, &idx, &len, derSz, 0, NULL) != 0) { 40615 WOLFSSL_MSG("CheckBitString error"); 40616 return WOLFSSL_FATAL_ERROR; 40617 } 40618 /* Sanity check */ 40619 if (idx + len != (word32)derSz) { 40620 WOLFSSL_MSG("unexpected asn1 structure"); 40621 return WOLFSSL_FATAL_ERROR; 40622 } 40623 x509->sig.length = 0; 40624 if (x509->sig.buffer) 40625 XFREE(x509->sig.buffer, x509->heap, DYNAMIC_TYPE_SIGNATURE); 40626 x509->sig.buffer = (byte*)XMALLOC(len, x509->heap, 40627 DYNAMIC_TYPE_SIGNATURE); 40628 if (!x509->sig.buffer) { 40629 WOLFSSL_MSG("malloc error"); 40630 return WOLFSSL_FATAL_ERROR; 40631 } 40632 XMEMCPY(x509->sig.buffer, der + idx, len); 40633 x509->sig.length = len; 40634 } 36752 40635 36753 40636 /* Put in the new certificate encoding into the x509 object. */ 36754 40637 FreeDer(&x509->derCert); 36755 40638 type = CERT_TYPE; 36756 #ifdef WOLFSSL_ REQ_CERT40639 #ifdef WOLFSSL_CERT_REQ 36757 40640 if (req) { 36758 40641 type = CERTREQ_TYPE; 36759 40642 } 36760 40643 #endif 36761 36762 if (AllocDer(&x509->derCert, ret, type, NULL) != 0) 40644 if (AllocDer(&x509->derCert, derSz, type, NULL) != 0) 36763 40645 return WOLFSSL_FATAL_ERROR; 36764 XMEMCPY(x509->derCert->buffer, der, ret); 36765 x509->derCert->length = ret; 36766 36767 (void)req; 40646 XMEMCPY(x509->derCert->buffer, der, derSz); 40647 x509->derCert->length = derSz; 40648 36768 40649 return ret; 36769 40650 } 36770 40651 40652 40653 #ifndef WC_MAX_X509_GEN 40654 /* able to override max size until dynamic buffer created */ 40655 #define WC_MAX_X509_GEN 4096 40656 #endif 36771 40657 36772 40658 /* returns the size of signature on success */ … … 36775 40661 { 36776 40662 int ret; 36777 byte der[4096]; /* @TODO dynamic set based on expected cert size */ 36778 int derSz = sizeof(der); 40663 /* @TODO dynamic set based on expected cert size */ 40664 byte *der = (byte *)XMALLOC(WC_MAX_X509_GEN, NULL, DYNAMIC_TYPE_TMP_BUFFER); 40665 int derSz = WC_MAX_X509_GEN; 36779 40666 36780 40667 WOLFSSL_ENTER("wolfSSL_X509_sign"); 36781 40668 36782 if (x509 == NULL || pkey == NULL || md == NULL) 36783 return WOLFSSL_FAILURE; 40669 if (x509 == NULL || pkey == NULL || md == NULL) { 40670 ret = WOLFSSL_FAILURE; 40671 goto out; 40672 } 36784 40673 36785 40674 x509->sigOID = wolfSSL_sigTypeFromPKEY((WOLFSSL_EVP_MD*)md, pkey); 36786 if ((ret = wolf SSL_X509_make_der(x509, 0, der, &derSz)) !=40675 if ((ret = wolfssl_x509_make_der(x509, 0, der, &derSz, 0)) != 36787 40676 WOLFSSL_SUCCESS) { 36788 40677 WOLFSSL_MSG("Unable to make DER for X509"); 36789 40678 WOLFSSL_LEAVE("wolfSSL_X509_sign", ret); 36790 return WOLFSSL_FAILURE; 36791 } 36792 36793 ret = wolfSSL_X509_resign_cert(x509, 0, der, sizeof(der), derSz, 40679 (void)ret; 40680 ret = WOLFSSL_FAILURE; 40681 goto out; 40682 } 40683 40684 ret = wolfSSL_X509_resign_cert(x509, 0, der, WC_MAX_X509_GEN, derSz, 36794 40685 (WOLFSSL_EVP_MD*)md, pkey); 36795 40686 if (ret <= 0) { 36796 40687 WOLFSSL_LEAVE("wolfSSL_X509_sign", ret); 40688 ret = WOLFSSL_FAILURE; 40689 goto out; 40690 } 40691 40692 out: 40693 if (der) 40694 XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); 40695 40696 return ret; 40697 } 40698 40699 #if defined(OPENSSL_EXTRA) 40700 int wolfSSL_X509_sign_ctx(WOLFSSL_X509 *x509, WOLFSSL_EVP_MD_CTX *ctx) 40701 { 40702 WOLFSSL_ENTER("wolfSSL_X509_sign_ctx"); 40703 40704 if (!x509 || !ctx || !ctx->pctx || !ctx->pctx->pkey) { 40705 WOLFSSL_MSG("Bad parameter"); 36797 40706 return WOLFSSL_FAILURE; 36798 40707 } 36799 40708 36800 return ret; 36801 } 36802 36803 36804 /* Converts the x509 name structure into DER format. 36805 * 36806 * out pointer to either a pre setup buffer or a pointer to null for 36807 * creating a dynamic buffer. In the case that a pre-existing buffer is 36808 * used out will be incremented the size of the DER buffer on success. 36809 * 36810 * returns the size of the buffer on success, or negative value with failure 36811 */ 36812 int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) 40709 return wolfSSL_X509_sign(x509, ctx->pctx->pkey, wolfSSL_EVP_MD_CTX_md(ctx)); 40710 } 40711 #endif /* OPENSSL_EXTRA */ 40712 #endif /* WOLFSSL_CERT_GEN */ 40713 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) 40714 40715 WOLFSSL_X509_NAME *wolfSSL_d2i_X509_NAME(WOLFSSL_X509_NAME **name, 40716 unsigned char **in, long length) 36813 40717 { 36814 CertName cName; 36815 unsigned char buf[256]; /* ASN_MAX_NAME */ 36816 int sz; 36817 WOLFSSL_ENTER("wolfSSL_i2d_X509_NAME"); 36818 36819 if (out == NULL || name == NULL) { 36820 return BAD_FUNC_ARG; 36821 } 36822 XMEMSET(&cName, 0, sizeof(CertName)); 36823 36824 if (CopyX509NameToCertName(name, &cName) != SSL_SUCCESS) { 36825 WOLFSSL_MSG("Error converting x509 name to internal CertName"); 36826 return SSL_FATAL_ERROR; 36827 } 36828 36829 sz = SetName(buf, sizeof(buf), &cName); 36830 if (sz < 0) { 36831 return sz; 36832 } 36833 36834 /* using buffer passed in */ 36835 if (*out != NULL) { 36836 XMEMCPY(*out, buf, sz); 36837 *out += sz; 36838 } 36839 else { 36840 *out = (unsigned char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_OPENSSL); 36841 if (*out == NULL) { 36842 return MEMORY_E; 36843 } 36844 XMEMCPY(*out, buf, sz); 36845 } 36846 36847 return sz; 36848 } 36849 #endif /* WOLFSSL_CERT_GEN */ 40718 WOLFSSL_X509_NAME* tmp = NULL; 40719 DecodedCert cert; 40720 40721 WOLFSSL_ENTER("wolfSSL_d2i_X509_NAME"); 40722 40723 if (!in || !*in || length <= 0) { 40724 WOLFSSL_MSG("Bad argument"); 40725 return NULL; 40726 } 40727 40728 /* Set the X509_NAME buffer as the input data for cert. 40729 * in is NOT a full certificate. Just the name. */ 40730 InitDecodedCert(&cert, *in, (word32)length, NULL); 40731 40732 /* Parse the X509 subject name */ 40733 if (GetName(&cert, SUBJECT, (int)length) != 0) { 40734 WOLFSSL_MSG("WOLFSSL_X509_NAME parse error"); 40735 goto cleanup; 40736 } 40737 40738 if (!(tmp = wolfSSL_X509_NAME_new())) { 40739 WOLFSSL_MSG("wolfSSL_X509_NAME_new error"); 40740 goto cleanup; 40741 } 40742 40743 if (wolfSSL_X509_NAME_copy((WOLFSSL_X509_NAME*)cert.subjectName, 40744 tmp) != WOLFSSL_SUCCESS) { 40745 wolfSSL_X509_NAME_free(tmp); 40746 tmp = NULL; 40747 goto cleanup; 40748 } 40749 40750 if (name) 40751 *name = tmp; 40752 cleanup: 40753 FreeDecodedCert(&cert); 40754 return tmp; 40755 } 36850 40756 36851 40757 … … 36888 40794 } 36889 40795 36890 36891 WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, 36892 pem_password_cb *cb, void *u) 40796 #ifndef NO_BIO 40797 40798 static WOLFSSL_X509 *loadX509orX509REQFromPemBio(WOLFSSL_BIO *bp, 40799 WOLFSSL_X509 **x, pem_password_cb *cb, void *u, int type) 36893 40800 { 36894 40801 WOLFSSL_X509* x509 = NULL; … … 36896 40803 unsigned char* pem = NULL; 36897 40804 int pemSz; 36898 long i = 0, l ;40805 long i = 0, l, footerSz; 36899 40806 const char* footer = NULL; 36900 40807 36901 WOLFSSL_ENTER(" wolfSSL_PEM_read_bio_X509");36902 36903 if (bp == NULL ) {40808 WOLFSSL_ENTER("loadX509orX509REQFromPemBio"); 40809 40810 if (bp == NULL || (type != CERT_TYPE && type != CERTREQ_TYPE)) { 36904 40811 WOLFSSL_LEAVE("wolfSSL_PEM_read_bio_X509", BAD_FUNC_ARG); 36905 40812 return NULL; … … 36919 40826 36920 40827 i = 0; 36921 if (wc_PemGetHeaderFooter( CERT_TYPE, NULL, &footer) != 0) {40828 if (wc_PemGetHeaderFooter(type, NULL, &footer) != 0) { 36922 40829 XFREE(pem, 0, DYNAMIC_TYPE_PEM); 36923 40830 return NULL; 36924 40831 } 40832 footerSz = (long)XSTRLEN(footer); 36925 40833 36926 40834 /* TODO: Inefficient 36927 * reading in one byte at a time until see "END CERTIFICATE"40835 * reading in one byte at a time until see the footer 36928 40836 */ 36929 40837 while ((l = wolfSSL_BIO_read(bp, (char *)&pem[i], 1)) == 1) { 36930 40838 i++; 36931 if (i > 26 && XMEMCMP((char *)&pem[i-26], footer, 25) == 0) { 36932 if (pem[i-1] == '\r') { 36933 /* found \r , Windows line ending is \r\n so try to read one 36934 * more byte for \n, ignoring return value */ 36935 (void)wolfSSL_BIO_read(bp, (char *)&pem[i++], 1); 40839 if (i > footerSz && XMEMCMP((char *)&pem[i-footerSz], footer, 40840 footerSz) == 0) { 40841 if (wolfSSL_BIO_read(bp, (char *)&pem[i], 1) == 1) { 40842 /* attempt to read newline following footer */ 40843 i++; 40844 if (pem[i-1] == '\r') { 40845 /* found \r , Windows line ending is \r\n so try to read one 40846 * more byte for \n, ignoring return value */ 40847 (void)wolfSSL_BIO_read(bp, (char *)&pem[i++], 1); 40848 } 36936 40849 } 36937 40850 break; … … 36943 40856 #endif 36944 40857 pemSz = (int)i; 36945 x509 = wolfSSL_X509_load_certificate_buffer(pem, pemSz, 36946 WOLFSSL_FILETYPE_PEM); 40858 #ifdef WOLFSSL_CERT_REQ 40859 if (type == CERTREQ_TYPE) 40860 x509 = wolfSSL_X509_REQ_load_certificate_buffer(pem, pemSz, 40861 WOLFSSL_FILETYPE_PEM); 40862 else 40863 #endif 40864 x509 = wolfSSL_X509_load_certificate_buffer(pem, pemSz, 40865 WOLFSSL_FILETYPE_PEM); 36947 40866 36948 40867 if (x != NULL) { … … 36960 40879 return x509; 36961 40880 } 40881 40882 40883 WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, 40884 pem_password_cb *cb, void *u) 40885 { 40886 return loadX509orX509REQFromPemBio(bp, x, cb, u, CERT_TYPE); 40887 } 40888 40889 #ifdef WOLFSSL_CERT_REQ 40890 WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_REQ(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, 40891 pem_password_cb *cb, void *u) 40892 { 40893 return loadX509orX509REQFromPemBio(bp, x, cb, u, CERTREQ_TYPE); 40894 } 40895 #endif 36962 40896 36963 40897 WOLFSSL_X509_CRL *wolfSSL_PEM_read_bio_X509_CRL(WOLFSSL_BIO *bp, … … 37013 40947 #endif 37014 40948 } 40949 40950 #endif /* !NO_BIO */ 37015 40951 37016 40952 #if !defined(NO_FILESYSTEM) … … 37117 41053 #endif 37118 41054 41055 #ifdef WOLFSSL_CERT_GEN 41056 #ifndef NO_BIO 37119 41057 int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509* x) 37120 41058 { … … 37141 41079 return ret; 37142 41080 } 41081 #endif /* !NO_BIO */ 41082 #endif /* WOLFSSL_CERT_GEN */ 37143 41083 #endif /* !NO_FILESYSTEM */ 37144 41084 … … 37152 41092 #define PEM_HDR_FIN_EOL_NULL_TERM "-----\0" 37153 41093 #define PEM_HDR_FIN_EOL_SZ 6 41094 41095 #ifndef NO_BIO 37154 41096 37155 41097 int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header, … … 37439 41381 } 37440 41382 #endif 41383 #endif /* !NO_BIO */ 37441 41384 37442 41385 int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header, EncryptedInfo* cipher) … … 37480 41423 } 37481 41424 41425 #ifndef NO_BIO 37482 41426 /* 37483 41427 * bp : bio to read X509 from … … 37498 41442 return wolfSSL_PEM_read_bio_X509(bp, x, cb, u); 37499 41443 } 37500 37501 41444 #endif /* !NO_BIO */ 41445 41446 41447 #endif /* OPENSSL_EXTRA || OPENSSL_ALL */ 37502 41448 #ifdef OPENSSL_ALL 41449 41450 #ifndef NO_BIO 37503 41451 /* create and return a new WOLFSSL_X509_PKEY structure or NULL on failure */ 37504 41452 static WOLFSSL_X509_PKEY* wolfSSL_X509_PKEY_new(void* heap) … … 37531 41479 return WOLFSSL_SUCCESS; 37532 41480 } 41481 #endif /* !NO_BIO */ 37533 41482 37534 41483 … … 37538 41487 if (xPkey != NULL) { 37539 41488 wolfSSL_EVP_PKEY_free(xPkey->dec_pkey); 37540 } 37541 XFREE(xPkey, xPkey->heap, DYNAMIC_TYPE_KEY); 37542 } 37543 41489 XFREE(xPkey, xPkey->heap, DYNAMIC_TYPE_KEY); 41490 } 41491 } 41492 41493 41494 #ifndef NO_BIO 37544 41495 37545 41496 /* Takes control of x509 on success … … 37581 41532 } 37582 41533 41534 /** 41535 * This read one structure from bio and returns the read structure 41536 * in the appropriate output parameter (x509, crl, x_pkey). The 41537 * output parameters must be set to NULL. 41538 * @param bio Input for reading structures 41539 * @param cb Password callback 41540 * @param x509 Output 41541 * @param crl Output 41542 * @param x_pkey Output 41543 * @return WOLFSSL_SUCCESSS on success and WOLFSSL_FAILURE otherwise 41544 */ 41545 static int wolfSSL_PEM_X509_X509_CRL_X509_PKEY_read_bio( 41546 WOLFSSL_BIO* bio, pem_password_cb* cb, 41547 WOLFSSL_X509** x509, WOLFSSL_X509_CRL** crl, WOLFSSL_X509_PKEY** x_pkey) 41548 { 41549 41550 #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) 41551 char* pem = NULL; 41552 long i = pem_struct_min_sz, l; 41553 const char* header = NULL; 41554 const char* headerEnd = NULL; 41555 const char* footer = NULL; 41556 const char* footerEnd = NULL; 41557 DerBuffer* der = NULL; 41558 41559 (void)cb; 41560 41561 if (!bio || !x509 || *x509 || !crl || *crl || !x_pkey || *x_pkey) { 41562 WOLFSSL_MSG("Bad input parameter or output parameters " 41563 "not set to a NULL value."); 41564 return WOLFSSL_FAILURE; 41565 } 41566 41567 if ((l = wolfSSL_BIO_get_len(bio)) <= 0) { 41568 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 41569 /* No certificate in buffer */ 41570 WOLFSSL_ERROR(ASN_NO_PEM_HEADER); 41571 #endif 41572 return WOLFSSL_FAILURE; 41573 } 41574 41575 pem = (char*)XMALLOC(l, 0, DYNAMIC_TYPE_PEM); 41576 if (pem == NULL) 41577 return WOLFSSL_FAILURE; 41578 41579 if (wolfSSL_BIO_read(bio, &pem[0], pem_struct_min_sz) != 41580 pem_struct_min_sz) { 41581 goto err; 41582 } 41583 41584 /* Read the header and footer */ 41585 while (wolfSSL_BIO_read(bio, &pem[i], 1) == 1) { 41586 i++; 41587 if (!header) 41588 header = XSTRNSTR(pem, "-----BEGIN ", (unsigned int)i); 41589 else if (header) { 41590 if (!headerEnd) { 41591 headerEnd = XSTRNSTR(header + XSTR_SIZEOF("-----BEGIN "), 41592 "-----", 41593 (unsigned int) 41594 (i - (header + XSTR_SIZEOF("-----BEGIN ") - pem))); 41595 if (headerEnd) { 41596 headerEnd += XSTR_SIZEOF("-----"); 41597 /* Read in the newline */ 41598 (void)wolfSSL_BIO_read(bio, &pem[i], 1); 41599 i++; 41600 if (*headerEnd != '\n' && *headerEnd != '\r') { 41601 WOLFSSL_MSG("Missing newline after header"); 41602 goto err; 41603 } 41604 } 41605 } 41606 else if (!footer) { 41607 footer = XSTRNSTR(headerEnd, "-----END ", 41608 (unsigned int)(i - (headerEnd - pem))); 41609 } 41610 else if (!footerEnd) { 41611 footerEnd = XSTRNSTR(footer + XSTR_SIZEOF("-----"), 41612 "-----", (unsigned int)(i - 41613 (footer + XSTR_SIZEOF("-----") - pem))); 41614 if (footerEnd) { 41615 footerEnd += XSTR_SIZEOF("-----"); 41616 /* Now check that footer matches header */ 41617 if (XMEMCMP(header + XSTR_SIZEOF("-----BEGIN "), 41618 footer + XSTR_SIZEOF("-----END "), 41619 headerEnd - (header + XSTR_SIZEOF("-----BEGIN "))) 41620 != 0) { 41621 WOLFSSL_MSG("Header and footer don't match"); 41622 goto err; 41623 } 41624 /* header and footer match */ 41625 break; 41626 } 41627 } 41628 else { 41629 break; 41630 } 41631 } 41632 } 41633 if (!footerEnd) { 41634 /* Only check footerEnd since it is set last */ 41635 WOLFSSL_ERROR(ASN_NO_PEM_HEADER); 41636 goto err; 41637 } 41638 else { 41639 if (headerEnd - header == 41640 XSTR_SIZEOF("-----BEGIN CERTIFICATE-----") && 41641 XMEMCMP(header, "-----BEGIN CERTIFICATE-----", 41642 XSTR_SIZEOF("-----BEGIN CERTIFICATE-----")) == 0) { 41643 /* We have a certificate */ 41644 WOLFSSL_MSG("Parsing x509 cert"); 41645 *x509 = wolfSSL_X509_load_certificate_buffer( 41646 (const unsigned char*) header, 41647 (int)(footerEnd - header), WOLFSSL_FILETYPE_PEM); 41648 if (!*x509) { 41649 WOLFSSL_MSG("wolfSSL_X509_load_certificate_buffer error"); 41650 goto err; 41651 } 41652 } 41653 #ifdef HAVE_CRL 41654 else if (headerEnd - header == 41655 XSTR_SIZEOF("-----BEGIN X509 CRL-----") && 41656 XMEMCMP(header, "-----BEGIN X509 CRL-----", 41657 XSTR_SIZEOF("-----BEGIN X509 CRL-----")) == 0) { 41658 /* We have a crl */ 41659 WOLFSSL_MSG("Parsing crl"); 41660 if((PemToDer((const unsigned char*) header, footerEnd - header, 41661 CRL_TYPE, &der, NULL, NULL, NULL)) < 0) { 41662 WOLFSSL_MSG("PemToDer error"); 41663 goto err; 41664 } 41665 *crl = wolfSSL_d2i_X509_CRL(NULL, der->buffer, der->length); 41666 if (!*crl) { 41667 WOLFSSL_MSG("wolfSSL_d2i_X509_CRL error"); 41668 goto err; 41669 } 41670 } 41671 #endif 41672 else { 41673 /* TODO support WOLFSSL_X509_PKEY as well */ 41674 WOLFSSL_MSG("Unsupported PEM structure"); 41675 goto err; 41676 } 41677 } 41678 41679 XFREE(pem, 0, DYNAMIC_TYPE_PEM); 41680 return WOLFSSL_SUCCESS; 41681 err: 41682 if (pem) 41683 XFREE(pem, 0, DYNAMIC_TYPE_PEM); 41684 if (der) 41685 FreeDer(&der); 41686 return WOLFSSL_FAILURE; 41687 #endif /* WOLFSSL_PEM_TO_DER || WOLFSSL_DER_TO_PEM */ 41688 } 37583 41689 37584 41690 /* … … 37594 41700 pem_password_cb* cb, void* u) 37595 41701 { 37596 WOLF_STACK_OF(WOLFSSL_X509_INFO)* localSk; 37597 WOLFSSL_X509* x509 = NULL; 41702 WOLF_STACK_OF(WOLFSSL_X509_INFO)* localSk = NULL; 37598 41703 int ret = WOLFSSL_SUCCESS; 37599 41704 41705 (void)u; 41706 37600 41707 WOLFSSL_ENTER("wolfSSL_PEM_X509_INFO_read_bio"); 37601 41708 37602 /* attempt to used passed in stack or create a new one */37603 if (sk != NULL) {37604 localSk = sk;37605 }37606 else {37607 localSk = wolfSSL_sk_X509_INFO_new_null();37608 }37609 if (localSk == NULL) {37610 WOLFSSL_LEAVE("wolfSSL_PEM_X509_INFO_read_bio", MEMORY_E);37611 return NULL;37612 }37613 37614 41709 /* parse through BIO and push new info's found onto stack */ 37615 do { 37616 x509 = wolfSSL_PEM_read_bio_X509(bio, NULL, cb, u); 37617 if (x509 != NULL) { 41710 while (1) { 41711 WOLFSSL_X509 *x509 = NULL; 41712 WOLFSSL_X509_CRL *crl = NULL; 41713 WOLFSSL_X509_PKEY *x_pkey = NULL; 41714 41715 if (wolfSSL_PEM_X509_X509_CRL_X509_PKEY_read_bio(bio, cb, 41716 &x509, &crl, &x_pkey) == WOLFSSL_SUCCESS) { 37618 41717 WOLFSSL_X509_INFO* current; 37619 41718 … … 37621 41720 if (current == NULL) { 37622 41721 WOLFSSL_LEAVE("wolfSSL_PEM_X509_INFO_read_bio", MEMORY_E); 41722 wolfSSL_sk_free(localSk); 37623 41723 return NULL; 37624 41724 } 37625 ret = wolfSSL_X509_INFO_set(current, x509); 37626 if (ret != WOLFSSL_SUCCESS) { 37627 wolfSSL_X509_free(x509); 41725 if (x509) { 41726 ret = wolfSSL_X509_INFO_set(current, x509); 41727 } 41728 else if (crl) { 41729 current->crl = crl; 41730 ret = WOLFSSL_SUCCESS; 41731 } 41732 else if (x_pkey) { 41733 current->x_pkey = x_pkey; 41734 ret = WOLFSSL_SUCCESS; 37628 41735 } 37629 41736 else { 41737 WOLFSSL_MSG("No output parameters set"); 41738 WOLFSSL_LEAVE("wolfSSL_PEM_X509_INFO_read_bio", WOLFSSL_FAILURE); 41739 wolfSSL_sk_free(localSk); 41740 wolfSSL_X509_INFO_free(current); 41741 return NULL; 41742 } 41743 if (ret != WOLFSSL_SUCCESS) { 41744 wolfSSL_X509_free(x509); 41745 #ifdef HAVE_CRL 41746 wolfSSL_X509_CRL_free(crl); 41747 #endif 41748 wolfSSL_X509_PKEY_free(x_pkey); 41749 } 41750 else { 41751 if (!localSk) { 41752 /* attempt to used passed in stack 41753 * or create a new one */ 41754 if (sk != NULL) { 41755 localSk = sk; 41756 } 41757 else { 41758 localSk = wolfSSL_sk_X509_INFO_new_null(); 41759 } 41760 if (localSk == NULL) { 41761 WOLFSSL_LEAVE("wolfSSL_PEM_X509_INFO_read_bio", 41762 MEMORY_E); 41763 return NULL; 41764 } 41765 } 37630 41766 wolfSSL_sk_X509_INFO_push(localSk, current); 37631 41767 } 37632 41768 } 37633 } while (x509 != NULL && ret == WOLFSSL_SUCCESS); 41769 else { 41770 break; 41771 } 41772 } 37634 41773 WOLFSSL_LEAVE("wolfSSL_PEM_X509_INFO_read_bio", ret); 37635 41774 return localSk; 37636 41775 } 41776 #endif /* !NO_BIO */ 37637 41777 #endif /* OPENSSL_ALL */ 37638 41778 … … 37641 41781 WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_free"); 37642 41782 if (ne != NULL) { 37643 if (ne->value != NULL && ne->value != &(ne->data)) { 41783 wolfSSL_ASN1_OBJECT_free(ne->object); 41784 if (ne->value != NULL) { 37644 41785 wolfSSL_ASN1_STRING_free(ne->value); 37645 41786 } … … 37657 41798 if (ne != NULL) { 37658 41799 XMEMSET(ne, 0, sizeof(WOLFSSL_X509_NAME_ENTRY)); 37659 ne->value = &(ne->data);37660 41800 } 37661 41801 … … 37696 41836 } 37697 41837 ne->nid = nid; 41838 ne->object = wolfSSL_OBJ_nid2obj_ex(nid, ne->object); 37698 41839 ne->value = wolfSSL_ASN1_STRING_type_new(type); 37699 41840 if (ne->value != NULL) { … … 37707 41848 37708 41849 41850 /* Creates a new entry given the NID, type, and data 41851 * "dataSz" is number of bytes in data, if set to -1 then XSTRLEN is used 41852 * "out" can be used to store the new entry data in an existing structure 41853 * if NULL then a new WOLFSSL_X509_NAME_ENTRY structure is created 41854 * returns a pointer to WOLFSSL_X509_NAME_ENTRY on success and NULL on fail 41855 */ 37709 41856 WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID( 37710 41857 WOLFSSL_X509_NAME_ENTRY** out, int nid, int type, … … 37715 41862 WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_create_by_NID()"); 37716 41863 37717 ne = wolfSSL_X509_NAME_ENTRY_new();37718 if (ne == NULL) {41864 if (!data) { 41865 WOLFSSL_MSG("Bad parameter"); 37719 41866 return NULL; 37720 41867 } 37721 41868 41869 if (out == NULL || *out == NULL) { 41870 ne = wolfSSL_X509_NAME_ENTRY_new(); 41871 if (ne == NULL) { 41872 return NULL; 41873 } 41874 if (out != NULL) { 41875 *out = ne; 41876 } 41877 } 41878 else { 41879 ne = *out; 41880 } 41881 37722 41882 ne->nid = nid; 41883 ne->object = wolfSSL_OBJ_nid2obj_ex(nid, ne->object); 37723 41884 ne->value = wolfSSL_ASN1_STRING_type_new(type); 37724 wolfSSL_ASN1_STRING_set(ne->value, (const void*)data, dataSz); 37725 ne->set = 1; 37726 37727 if (out != NULL) { 37728 *out = ne; 41885 if (ne->value != NULL) { 41886 wolfSSL_ASN1_STRING_set(ne->value, (const void*)data, dataSz); 41887 ne->set = 1; 37729 41888 } 37730 41889 … … 37732 41891 } 37733 41892 37734 static int RebuildFullNameAdd(DecodedName* dName, char* data) 41893 /* add all entry of type "nid" to the buffer "fullName" and advance "idx" 41894 * since number of entries is small, a brute force search is used here 41895 * returns the number of entries added 41896 */ 41897 static int AddAllEntry(WOLFSSL_X509_NAME* name, char* fullName, 41898 int fullNameSz, int* idx) 37735 41899 { 37736 int totalLen = 0;37737 41900 int i; 41901 int ret = 0; 41902 41903 for (i = 0; i < MAX_NAME_ENTRIES; i++) { 41904 if (name->entry[i].set) { 41905 WOLFSSL_X509_NAME_ENTRY* e; 41906 WOLFSSL_ASN1_OBJECT* obj; 41907 41908 int sz; 41909 unsigned char* data; 41910 41911 e = &name->entry[i]; 41912 obj = wolfSSL_X509_NAME_ENTRY_get_object(e); 41913 if (obj == NULL) { 41914 return BAD_FUNC_ARG; 41915 } 41916 41917 XMEMCPY(fullName + *idx, "/", 1); *idx = *idx + 1; 41918 sz = (int)XSTRLEN(obj->sName); 41919 XMEMCPY(fullName + *idx, obj->sName, sz); 41920 *idx += sz; 41921 XMEMCPY(fullName + *idx, "=", 1); *idx = *idx + 1; 41922 41923 data = wolfSSL_ASN1_STRING_data(e->value); 41924 if (data != NULL) { 41925 sz = (int)XSTRLEN((const char*)data); 41926 XMEMCPY(fullName + *idx, data, sz); 41927 *idx += sz; 41928 } 41929 41930 ret++; 41931 } 41932 } 41933 (void)fullNameSz; 41934 return ret; 41935 } 41936 41937 41938 /* Converts a list of entries in WOLFSSL_X509_NAME struct into a string 41939 * returns 0 on success */ 41940 static int RebuildFullName(WOLFSSL_X509_NAME* name) 41941 { 41942 int totalLen = 0, i, idx, entryCount = 0; 37738 41943 char* fullName; 37739 int idx; 37740 37741 if (dName->cnLen != 0) 37742 totalLen += dName->cnLen + 4; 37743 if (dName->snLen != 0) 37744 totalLen += dName->snLen + 4; 37745 if (dName->cLen != 0) 37746 totalLen += dName->cLen + 3; 37747 if (dName->lLen != 0) 37748 totalLen += dName->lLen + 3; 37749 if (dName->stLen != 0) 37750 totalLen += dName->stLen + 4; 37751 if (dName->oLen != 0) 37752 totalLen += dName->oLen + 3; 37753 if (dName->ouLen != 0) 37754 totalLen += dName->ouLen + 4; 37755 if (dName->emailLen != 0) 37756 totalLen += dName->emailLen + 14; 37757 if (dName->uidLen != 0) 37758 totalLen += dName->uidLen + 5; 37759 if (dName->serialLen != 0) 37760 totalLen += dName->serialLen + 14; 37761 if (dName->dcNum != 0) { 37762 for (i = 0; i < dName->dcNum; i++) 37763 totalLen += dName->dcLen[i] + 4; 37764 } 37765 37766 fullName = (char*)XMALLOC(totalLen + 1, NULL, DYNAMIC_TYPE_X509); 41944 41945 if (name == NULL) 41946 return BAD_FUNC_ARG; 41947 41948 for (i = 0; i < MAX_NAME_ENTRIES; i++) { 41949 if (name->entry[i].set) { 41950 WOLFSSL_X509_NAME_ENTRY* e; 41951 WOLFSSL_ASN1_OBJECT* obj; 41952 41953 e = &name->entry[i]; 41954 obj = wolfSSL_X509_NAME_ENTRY_get_object(e); 41955 if (obj == NULL) 41956 return BAD_FUNC_ARG; 41957 41958 totalLen += (int)XSTRLEN(obj->sName) + 2;/*+2 for '/' and '=' */ 41959 totalLen += wolfSSL_ASN1_STRING_length(e->value); 41960 } 41961 } 41962 41963 fullName = (char*)XMALLOC(totalLen + 1, name->heap, DYNAMIC_TYPE_X509); 37767 41964 if (fullName == NULL) 37768 41965 return MEMORY_E; 37769 41966 37770 41967 idx = 0; 37771 dName->entryCount = 0; 37772 if (dName->cnLen != 0) { 37773 dName->entryCount++; 37774 XMEMCPY(fullName + idx, WOLFSSL_COMMON_NAME, 4); 37775 idx += 4; 37776 if (dName->cnIdx == -1) 37777 XMEMCPY(fullName + idx, data, dName->cnLen); 37778 else { 37779 XMEMCPY(fullName + idx, dName->fullName + dName->cnIdx, 37780 dName->cnLen); 37781 } 37782 dName->cnIdx = idx; 37783 idx += dName->cnLen; 37784 } 37785 if (dName->snLen != 0) { 37786 dName->entryCount++; 37787 XMEMCPY(fullName + idx, WOLFSSL_SUR_NAME, 4); 37788 idx += 4; 37789 if (dName->snIdx == -1) 37790 XMEMCPY(fullName + idx, data, dName->snLen); 37791 else { 37792 XMEMCPY(fullName + idx, dName->fullName + dName->snIdx, 37793 dName->snLen); 37794 } 37795 dName->snIdx = idx; 37796 idx += dName->snLen; 37797 } 37798 if (dName->cLen != 0) { 37799 dName->entryCount++; 37800 XMEMCPY(fullName + idx, WOLFSSL_COUNTRY_NAME, 3); 37801 idx += 3; 37802 if (dName->cIdx == -1) 37803 XMEMCPY(fullName + idx, data, dName->cLen); 37804 else { 37805 XMEMCPY(fullName + idx, dName->fullName + dName->cIdx, 37806 dName->cLen); 37807 } 37808 dName->cIdx = idx; 37809 idx += dName->cLen; 37810 } 37811 if (dName->lLen != 0) { 37812 dName->entryCount++; 37813 XMEMCPY(fullName + idx, WOLFSSL_LOCALITY_NAME, 3); 37814 idx += 3; 37815 if (dName->lIdx == -1) 37816 XMEMCPY(fullName + idx, data, dName->lLen); 37817 else { 37818 XMEMCPY(fullName + idx, dName->fullName + dName->lIdx, 37819 dName->lLen); 37820 } 37821 dName->lIdx = idx; 37822 idx += dName->lLen; 37823 } 37824 if (dName->stLen != 0) { 37825 dName->entryCount++; 37826 XMEMCPY(fullName + idx, WOLFSSL_STATE_NAME, 4); 37827 idx += 4; 37828 if (dName->stIdx == -1) 37829 XMEMCPY(fullName + idx, data, dName->stLen); 37830 else { 37831 XMEMCPY(fullName + idx, dName->fullName + dName->stIdx, 37832 dName->stLen); 37833 } 37834 dName->stIdx = idx; 37835 idx += dName->stLen; 37836 } 37837 if (dName->oLen != 0) { 37838 dName->entryCount++; 37839 XMEMCPY(fullName + idx, WOLFSSL_ORG_NAME, 3); 37840 idx += 3; 37841 if (dName->oIdx == -1) 37842 XMEMCPY(fullName + idx, data, dName->oLen); 37843 else { 37844 XMEMCPY(fullName + idx, dName->fullName + dName->oIdx, 37845 dName->oLen); 37846 } 37847 dName->oIdx = idx; 37848 idx += dName->oLen; 37849 } 37850 if (dName->ouLen != 0) { 37851 dName->entryCount++; 37852 XMEMCPY(fullName + idx, WOLFSSL_ORGUNIT_NAME, 4); 37853 idx += 4; 37854 if (dName->ouIdx == -1) 37855 XMEMCPY(fullName + idx, data, dName->ouLen); 37856 else { 37857 XMEMCPY(fullName + idx, dName->fullName + dName->ouIdx, 37858 dName->ouLen); 37859 } 37860 dName->ouIdx = idx; 37861 idx += dName->ouLen; 37862 } 37863 if (dName->emailLen != 0) { 37864 dName->entryCount++; 37865 XMEMCPY(fullName + idx, "/emailAddress=", 14); 37866 idx += 14; 37867 if (dName->emailIdx == -1) 37868 XMEMCPY(fullName + idx, data, dName->emailLen); 37869 else { 37870 XMEMCPY(fullName + idx, dName->fullName + dName->emailIdx, 37871 dName->emailLen); 37872 } 37873 dName->emailIdx = idx; 37874 idx += dName->emailLen; 37875 } 37876 if (dName->dcNum != 0) { 37877 for (i = 0; i < dName->dcNum; i++) { 37878 dName->entryCount++; 37879 XMEMCPY(fullName + idx, WOLFSSL_DOMAIN_COMPONENT, 4); 37880 idx += 4; 37881 XMEMCPY(fullName + idx, dName->fullName + dName->dcIdx[i], 37882 dName->dcLen[i]); 37883 dName->dcIdx[i] = idx; 37884 idx += dName->dcLen[i]; 37885 } 37886 } 37887 if (dName->uidLen != 0) { 37888 dName->entryCount++; 37889 XMEMCPY(fullName + idx, "/UID=", 5); 37890 idx += 5; 37891 if (dName->uidIdx == -1) 37892 XMEMCPY(fullName + idx, data, dName->uidLen); 37893 else { 37894 XMEMCPY(fullName + idx, dName->fullName + dName->uidIdx, 37895 dName->uidLen); 37896 } 37897 dName->uidIdx = idx; 37898 idx += dName->uidLen; 37899 } 37900 if (dName->serialLen != 0) { 37901 dName->entryCount++; 37902 XMEMCPY(fullName + idx, WOLFSSL_SERIAL_NUMBER, 14); 37903 idx += 14; 37904 if (dName->serialIdx == -1) 37905 XMEMCPY(fullName + idx, data, dName->serialLen); 37906 else { 37907 XMEMCPY(fullName + idx, dName->fullName + dName->serialIdx, 37908 dName->serialLen); 37909 } 37910 dName->serialIdx = idx; 37911 idx += dName->serialLen; 37912 } 37913 37914 if (dName->fullName != NULL) 37915 XFREE(dName->fullName, NULL, DYNAMIC_TYPE_X509); 37916 dName->fullName = fullName; 37917 dName->fullNameLen = idx + 1; 41968 entryCount = AddAllEntry(name, fullName, totalLen, &idx); 41969 if (entryCount < 0) { 41970 XFREE(fullName, name->heap, DYNAMIC_TYPE_X509); 41971 return entryCount; 41972 } 41973 41974 if (name->dynamicName) { 41975 XFREE(name->name, name->heap, DYNAMIC_TYPE_X509); 41976 } 41977 fullName[idx] = '\0'; 41978 name->name = fullName; 41979 name->dynamicName = 1; 41980 name->sz = idx + 1; /* size includes null terminator */ 41981 name->entrySz = entryCount; 37918 41982 37919 41983 return 0; … … 37926 41990 WOLFSSL_X509_NAME_ENTRY* entry, int idx, int set) 37927 41991 { 41992 WOLFSSL_X509_NAME_ENTRY* current = NULL; 37928 41993 int i; 37929 int fullName = 1;37930 41994 37931 41995 WOLFSSL_ENTER("wolfSSL_X509_NAME_add_entry()"); 37932 41996 37933 switch (entry->nid) { 37934 case ASN_COMMON_NAME: 37935 name->fullName.cnIdx = -1; 37936 name->fullName.cnLen = entry->value->length; 37937 name->fullName.cnNid = entry->nid; 37938 break; 37939 case ASN_SUR_NAME: 37940 name->fullName.snIdx = -1; 37941 name->fullName.snLen = entry->value->length; 37942 name->fullName.snNid = entry->nid; 37943 break; 37944 case ASN_SERIAL_NUMBER: 37945 name->fullName.serialIdx = -1; 37946 name->fullName.serialLen = entry->value->length; 37947 name->fullName.serialNid = entry->nid; 37948 break; 37949 case ASN_COUNTRY_NAME: 37950 name->fullName.cIdx = -1; 37951 name->fullName.cLen = entry->value->length; 37952 name->fullName.cNid = entry->nid; 37953 break; 37954 case ASN_LOCALITY_NAME: 37955 name->fullName.lIdx = -1; 37956 name->fullName.lLen = entry->value->length; 37957 name->fullName.lNid = entry->nid; 37958 break; 37959 case ASN_STATE_NAME: 37960 name->fullName.stIdx = -1; 37961 name->fullName.stLen = entry->value->length; 37962 name->fullName.stNid = entry->nid; 37963 break; 37964 case ASN_ORG_NAME: 37965 name->fullName.oIdx = -1; 37966 name->fullName.oLen = entry->value->length; 37967 name->fullName.oNid = entry->nid; 37968 break; 37969 case ASN_ORGUNIT_NAME: 37970 name->fullName.ouIdx = -1; 37971 name->fullName.ouLen = entry->value->length; 37972 name->fullName.ouNid = entry->nid; 37973 break; 37974 case NID_emailAddress: 37975 name->fullName.emailIdx = -1; 37976 name->fullName.emailLen = entry->value->length; 37977 name->fullName.emailNid = entry->nid; 37978 break; 37979 case ASN_USER_ID: 37980 name->fullName.uidIdx = -1; 37981 name->fullName.uidLen = entry->value->length; 37982 name->fullName.uidNid = entry->nid; 37983 break; 37984 case ASN_DOMAIN_COMPONENT: 37985 name->fullName.dcIdx[0] = -1; 37986 name->fullName.dcLen[0] = entry->value->length; 37987 break; 37988 default: 37989 fullName = 0; 37990 break; 37991 } 37992 37993 if (fullName) { 37994 int nid = entry->nid; 37995 37996 if (nid == NID_emailAddress) { 37997 nid = (int)ASN_EMAIL_NAME; 37998 } 37999 38000 if (idx >= DN_NAMES_MAX + DOMAIN_COMPONENT_MAX) { 41997 if (name == NULL || entry == NULL || entry->value == NULL) { 41998 WOLFSSL_MSG("NULL argument passed in"); 41999 return WOLFSSL_FAILURE; 42000 } 42001 42002 if (idx >= 0) { 42003 /* place in specific index */ 42004 42005 if (idx >= MAX_NAME_ENTRIES) { 42006 WOLFSSL_MSG("Error index to insert entry is larger than array"); 38001 42007 return WOLFSSL_FAILURE; 38002 42008 } 38003 38004 if (idx >= 0) { 38005 name->fullName.loc[idx] = nid; 38006 if (idx == name->fullName.locSz) { 38007 name->fullName.locSz += 1; 38008 } 38009 } 38010 38011 /* place at end */ 38012 if (idx < 0 && name->fullName.locSz + 1 38013 < DN_NAMES_MAX + DOMAIN_COMPONENT_MAX) { 38014 name->fullName.loc[name->fullName.locSz] = nid; 38015 name->fullName.locSz += 1; 38016 } 38017 38018 if (RebuildFullNameAdd(&name->fullName, entry->value->data) != 0) 38019 return WOLFSSL_FAILURE; 42009 i = idx; 38020 42010 } 38021 42011 else { 42012 /* iterate through and find first open spot */ 38022 42013 for (i = 0; i < MAX_NAME_ENTRIES; i++) { 38023 if (name->extra[i].set != 1) { /* not set so overwritten */ 38024 WOLFSSL_X509_NAME_ENTRY* current = &(name->extra[i]); 38025 WOLFSSL_ASN1_STRING* str; 38026 42014 if (name->entry[i].set != 1) { /* not set so overwritten */ 38027 42015 WOLFSSL_MSG("Found place for name entry"); 38028 38029 XMEMCPY(current, entry, sizeof(WOLFSSL_X509_NAME_ENTRY));38030 str = entry->value;38031 XMEMCPY(&(current->data), str, sizeof(WOLFSSL_ASN1_STRING));38032 current->value = &(current->data);38033 current->data.data = (char*)XMALLOC(str->length,38034 name->x509->heap, DYNAMIC_TYPE_OPENSSL);38035 38036 if (current->data.data == NULL) {38037 return SSL_FAILURE;38038 }38039 XMEMCPY(current->data.data, str->data, str->length);38040 38041 /* make sure is null terminated */38042 current->data.data[str->length - 1] = '\0';38043 38044 current->set = 1; /* make sure now listed as set */38045 42016 break; 38046 42017 } … … 38049 42020 if (i == MAX_NAME_ENTRIES) { 38050 42021 WOLFSSL_MSG("No spot found for name entry"); 38051 return SSL_FAILURE; 38052 } 38053 } 38054 38055 (void)idx; 42022 return WOLFSSL_FAILURE; 42023 } 42024 } 42025 42026 current = &(name->entry[i]); 42027 if (current->set == 0) 42028 name->entrySz++; 42029 if (wolfSSL_X509_NAME_ENTRY_create_by_NID(¤t, 42030 entry->nid, 42031 wolfSSL_ASN1_STRING_type(entry->value), 42032 wolfSSL_ASN1_STRING_data(entry->value), 42033 wolfSSL_ASN1_STRING_length(entry->value)) 42034 == NULL) { 42035 WOLFSSL_MSG("Issue adding the name entry"); 42036 if (current->set == 0) 42037 name->entrySz--; 42038 return WOLFSSL_FAILURE; 42039 } 42040 42041 if (RebuildFullName(name) != 0) 42042 return WOLFSSL_FAILURE; 42043 38056 42044 (void)set; 38057 return SSL_SUCCESS;42045 return WOLFSSL_SUCCESS; 38058 42046 } 38059 42047 … … 38073 42061 return WOLFSSL_FAILURE; 38074 42062 38075 if ((nid = wolfSSL_OBJ_txt2nid(field)) == NID_undef) 42063 if ((nid = wolfSSL_OBJ_txt2nid(field)) == NID_undef) { 42064 WOLFSSL_MSG("Unable convert text to NID"); 38076 42065 return WOLFSSL_FAILURE; 42066 } 38077 42067 38078 42068 entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL, … … 38093 42083 int ret; 38094 42084 WOLFSSL_X509_NAME_ENTRY* entry; 38095 entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len); 42085 WOLFSSL_ENTER("wolfSSL_X509_NAME_add_entry_by_NID"); 42086 entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, 42087 len); 38096 42088 if (entry == NULL) 38097 42089 return WOLFSSL_FAILURE; … … 38100 42092 return ret; 38101 42093 } 38102 #endif /* !NO_CERTS */ 38103 42094 42095 WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry( 42096 WOLFSSL_X509_NAME *name, int loc) 42097 { 42098 WOLFSSL_X509_NAME_ENTRY* ret; 42099 WOLFSSL_ENTER("wolfSSL_X509_NAME_delete_entry"); 42100 42101 if (!name) { 42102 WOLFSSL_MSG("Bad parameter"); 42103 return NULL; 42104 } 42105 42106 ret = wolfSSL_X509_NAME_get_entry(name, loc); 42107 if (!ret) { 42108 WOLFSSL_MSG("loc entry not found"); 42109 return NULL; 42110 } 42111 name->entry[loc].set = 0; 42112 return ret; 42113 } 42114 42115 #endif /* !NO_CERTS */ 38104 42116 38105 42117 /* NID variables are dependent on compatibility header files currently … … 38169 42181 return NULL; 38170 42182 } 38171 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;38172 } else {38173 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC;38174 42183 } 38175 42184 obj->type = id; … … 38185 42194 XMEMCPY(objBuf + objSz, oid, oidSz); 38186 42195 objSz += oidSz; 38187 obj->objSz = objSz; 38188 if(((obj->dynamic & WOLFSSL_ASN1_DYNAMIC_DATA) != 0) || 42196 42197 if (obj->objSz == 0 || objSz != obj->objSz) { 42198 obj->objSz = objSz; 42199 if(((obj->dynamic & WOLFSSL_ASN1_DYNAMIC_DATA) != 0) || 38189 42200 (obj->obj == NULL)) { 38190 obj->obj = (byte*)XREALLOC((byte*)obj->obj, obj->objSz, NULL, 38191 DYNAMIC_TYPE_ASN1); 38192 if (obj->obj == NULL) { 38193 wolfSSL_ASN1_OBJECT_free(obj); 38194 return NULL; 38195 } 38196 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA ; 38197 } else { 38198 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA ; 42201 if (obj->obj != NULL) 42202 XFREE((byte*)obj->obj, NULL, DYNAMIC_TYPE_ASN1); 42203 obj->obj = (byte*)XMALLOC(obj->objSz, NULL, DYNAMIC_TYPE_ASN1); 42204 if (obj->obj == NULL) { 42205 wolfSSL_ASN1_OBJECT_free(obj); 42206 return NULL; 42207 } 42208 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA ; 42209 } 42210 else { 42211 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA ; 42212 } 38199 42213 } 38200 42214 XMEMCPY((byte*)obj->obj, objBuf, obj->objSz); … … 38279 42293 38280 42294 } 38281 else { /* return short name */ 38282 if (XSTRLEN(a->sName) + 1 < (word32)bufLen - 1) { 38283 bufSz = (int)XSTRLEN(a->sName); 42295 else { /* return long name unless using x509small, then return short name */ 42296 #if defined(OPENSSL_EXTRA_X509_SMALL) && !defined(OPENSSL_EXTRA) 42297 const char* name = a->sName; 42298 #else 42299 const char* name = wolfSSL_OBJ_nid2ln(wolfSSL_OBJ_obj2nid(a)); 42300 #endif 42301 42302 if (XSTRLEN(name) + 1 < (word32)bufLen - 1) { 42303 bufSz = (int)XSTRLEN(name); 38284 42304 } 38285 42305 else { … … 38287 42307 } 38288 42308 if (bufSz) { 38289 XMEMCPY(buf, a->sName, bufSz);42309 XMEMCPY(buf, name, bufSz); 38290 42310 } 38291 42311 else if (wolfSSL_OBJ_obj2txt(buf, bufLen, a, 1)) { … … 38311 42331 return bufSz; 38312 42332 } 38313 #endif /* OPENSSL_EXTRA */42333 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 38314 42334 38315 42335 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) 38316 /* DN_Tags to strings */38317 static const struct DN_Tag_Strings {38318 enum DN_Tags tag;38319 const char* str;38320 } dn_tag_strings[] = {38321 { ASN_COMMON_NAME, "CN" },38322 { ASN_SUR_NAME, "SN" },38323 { ASN_SERIAL_NUMBER, "serialNumber" },38324 { ASN_COUNTRY_NAME, "C" },38325 { ASN_LOCALITY_NAME, "L" },38326 { ASN_STATE_NAME, "ST" },38327 { ASN_ORG_NAME, "O"},38328 { ASN_ORGUNIT_NAME, "OU"},38329 { ASN_BUS_CAT, "businessCategory"},38330 { ASN_EMAIL_NAME, "emailAddress"},38331 { ASN_USER_ID, "UID"},38332 { ASN_DOMAIN_COMPONENT, "DC"},38333 { ASN_DN_NULL, NULL }38334 };38335 38336 42336 int wolfSSL_X509_NAME_get_index_by_OBJ(WOLFSSL_X509_NAME *name, 38337 42337 const WOLFSSL_ASN1_OBJECT *obj, 38338 42338 int idx) { 38339 const struct DN_Tag_Strings* dn; 38340 enum DN_Tags tag = ASN_DN_NULL; 38341 38342 if (!name || idx >= name->fullName.locSz || 42339 if (!name || idx >= MAX_NAME_ENTRIES || 38343 42340 !obj || !obj->obj) { 38344 42341 return -1; … … 38346 42343 38347 42344 if (idx < 0) { 38348 idx = 0; 38349 } 38350 for (dn = dn_tag_strings; dn->str != NULL; dn++) { 38351 /* Find the DN_Tags number for the name */ 38352 if (XSTRNCMP((const char*) obj->sName, dn->str, obj->objSz - 1) == 0) { 38353 tag = dn->tag; 38354 break; 38355 } 38356 } 38357 if (!tag) { 38358 /* Unable to identify desired name */ 38359 return -1; 38360 } 38361 for (idx++; idx < name->fullName.locSz; idx++) { 42345 idx = -1; 42346 } 42347 42348 for (idx++; idx < MAX_NAME_ENTRIES; idx++) { 38362 42349 /* Find index of desired name */ 38363 if ((enum DN_Tags)name->fullName.loc[idx] == tag) { 38364 return idx; 42350 if (name->entry[idx].set) { 42351 if (XSTRLEN(obj->sName) == XSTRLEN(name->entry[idx].object->sName) && 42352 XSTRNCMP((const char*) obj->sName, 42353 name->entry[idx].object->sName, obj->objSz - 1) == 0) { 42354 return idx; 42355 } 38365 42356 } 38366 42357 } … … 38368 42359 } 38369 42360 #endif 42361 42362 #endif /* !WOLFCRYPT_ONLY */ 38370 42363 38371 42364 #if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \ … … 38390 42383 { 38391 42384 static byte dig[WC_SHA_DIGEST_SIZE]; 42385 byte* ret = md; 38392 42386 wc_Sha sha; 38393 42387 … … 38404 42398 } 38405 42399 38406 if (wc_ShaFinal(&sha, dig) != 0) { 42400 if (md == NULL) { 42401 WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA1 IS NOT " 42402 "THREAD SAFE WHEN md == NULL"); 42403 ret = dig; 42404 } 42405 if (wc_ShaFinal(&sha, ret) != 0) { 38407 42406 WOLFSSL_MSG("SHA1 Final failed"); 42407 wc_ShaFree(&sha); 38408 42408 return NULL; 38409 42409 } 38410 38411 42410 wc_ShaFree(&sha); 38412 42411 38413 if (md != NULL) { 38414 XMEMCPY(md, dig, WC_SHA_DIGEST_SIZE); 38415 return md; 38416 } 38417 else { 38418 return (unsigned char*)dig; 38419 } 42412 return ret; 38420 42413 } 38421 42414 #endif /* ! NO_SHA */ … … 38437 42430 { 38438 42431 static byte dig[WC_SHA256_DIGEST_SIZE]; 42432 byte* ret = md; 38439 42433 wc_Sha256 sha; 38440 42434 … … 38451 42445 } 38452 42446 38453 if (wc_Sha256Final(&sha, dig) != 0) { 42447 if (md == NULL) { 42448 WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA256 IS NOT " 42449 "THREAD SAFE WHEN md == NULL"); 42450 ret = dig; 42451 } 42452 if (wc_Sha256Final(&sha, ret) != 0) { 38454 42453 WOLFSSL_MSG("SHA256 Final failed"); 42454 wc_Sha256Free(&sha); 38455 42455 return NULL; 38456 42456 } 38457 38458 42457 wc_Sha256Free(&sha); 38459 42458 38460 if (md != NULL) { 38461 XMEMCPY(md, dig, WC_SHA256_DIGEST_SIZE); 38462 return md; 38463 } 38464 else { 38465 return (unsigned char*)dig; 38466 } 42459 return ret; 38467 42460 } 38468 42461 #endif /* ! NO_SHA256 */ … … 38484 42477 { 38485 42478 static byte dig[WC_SHA384_DIGEST_SIZE]; 42479 byte* ret = md; 38486 42480 wc_Sha384 sha; 38487 42481 … … 38498 42492 } 38499 42493 38500 if (wc_Sha384Final(&sha, dig) != 0) { 42494 if (md == NULL) { 42495 WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA384 IS NOT " 42496 "THREAD SAFE WHEN md == NULL"); 42497 ret = dig; 42498 } 42499 if (wc_Sha384Final(&sha, ret) != 0) { 38501 42500 WOLFSSL_MSG("SHA384 Final failed"); 42501 wc_Sha384Free(&sha); 38502 42502 return NULL; 38503 42503 } 38504 38505 42504 wc_Sha384Free(&sha); 38506 42505 38507 if (md != NULL) { 38508 XMEMCPY(md, dig, WC_SHA384_DIGEST_SIZE); 38509 return md; 38510 } 38511 else { 38512 return (unsigned char*)dig; 38513 } 42506 return ret; 38514 42507 } 38515 42508 #endif /* WOLFSSL_SHA384 */ … … 38532 42525 { 38533 42526 static byte dig[WC_SHA512_DIGEST_SIZE]; 42527 byte* ret = md; 38534 42528 wc_Sha512 sha; 38535 42529 … … 38546 42540 } 38547 42541 38548 if (wc_Sha512Final(&sha, dig) != 0) { 42542 if (md == NULL) { 42543 WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA512 IS NOT " 42544 "THREAD SAFE WHEN md == NULL"); 42545 ret = dig; 42546 } 42547 if (wc_Sha512Final(&sha, ret) != 0) { 38549 42548 WOLFSSL_MSG("SHA512 Final failed"); 42549 wc_Sha512Free(&sha); 38550 42550 return NULL; 38551 42551 } 38552 38553 42552 wc_Sha512Free(&sha); 38554 42553 38555 if (md != NULL) { 38556 XMEMCPY(md, dig, WC_SHA512_DIGEST_SIZE); 38557 return md; 38558 } 38559 else { 38560 return (unsigned char*)dig; 38561 } 42554 return ret; 38562 42555 } 38563 #endif /* defined(WOLFSSL_SHA512)*/42556 #endif /* WOLFSSL_SHA512 */ 38564 42557 #endif /* OPENSSL_EXTRA */ 38565 42558 … … 38575 42568 38576 42569 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate"); 42570 if (!ctx || !x || !x->derCert) { 42571 WOLFSSL_MSG("Bad parameter"); 42572 return WOLFSSL_FAILURE; 42573 } 38577 42574 38578 42575 FreeDer(&ctx->certificate); /* Make sure previous is free'd */ … … 38580 42577 ctx->heap); 38581 42578 if (ret != 0) 38582 return 0;42579 return WOLFSSL_FAILURE; 38583 42580 38584 42581 XMEMCPY(ctx->certificate->buffer, x->derCert->buffer, … … 38586 42583 #ifdef KEEP_OUR_CERT 38587 42584 if (ctx->ourCert != NULL && ctx->ownOurCert) { 38588 FreeX509(ctx->ourCert); 38589 XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509); 42585 wolfSSL_X509_free(ctx->ourCert); 38590 42586 } 38591 42587 #ifndef WOLFSSL_X509_STORE_CERTS 38592 42588 ctx->ourCert = x; 42589 if (wolfSSL_X509_up_ref(x) != 1) { 42590 return WOLFSSL_FAILURE; 42591 } 38593 42592 #else 38594 42593 ctx->ourCert = wolfSSL_X509_d2i(NULL, x->derCert->buffer,x->derCert->length); 38595 42594 if(ctx->ourCert == NULL){ 38596 return 0;42595 return WOLFSSL_FAILURE; 38597 42596 } 38598 42597 #endif 38599 42598 38600 ctx->ownOurCert = 0; 42599 /* We own the cert because either we up its reference counter 42600 * or we create our own copy of the cert object. */ 42601 ctx->ownOurCert = 1; 38601 42602 #endif 38602 42603 … … 38636 42637 } 38637 42638 42639 #ifndef NO_BIO 38638 42640 int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name) { 38639 42641 #ifndef NO_FILESYSTEM … … 38647 42649 } 38648 42650 38649 fp = XFOPEN(name, "r ");42651 fp = XFOPEN(name, "rb"); 38650 42652 if (fp == XBADFILE) 38651 42653 return WOLFSSL_BAD_FILE; … … 38664 42666 #endif 38665 42667 } 42668 #endif 38666 42669 38667 42670 /* Return the corresponding short name for the nid <n>. … … 38701 42704 word32 oid = 0; 38702 42705 word32 idx = 0; 42706 int ret; 38703 42707 38704 42708 WOLFSSL_ENTER("wolfSSL_OBJ_obj2nid"); … … 38718 42722 if (o->nid > 0) 38719 42723 return o->nid; 38720 if (GetObjectId(o->obj, &idx, &oid, o->grp, o->objSz) < 0) { 38721 WOLFSSL_MSG("Issue getting OID of object"); 38722 return -1; 42724 if ((ret = GetObjectId(o->obj, &idx, &oid, o->grp, o->objSz)) < 0) { 42725 if (ret == ASN_OBJECT_ID_E) { 42726 /* Put ASN object tag in front and try again */ 42727 int len = SetObjectId(o->objSz, NULL) + o->objSz; 42728 byte* buf = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER); 42729 if (!buf) { 42730 WOLFSSL_MSG("malloc error"); 42731 return -1; 42732 } 42733 idx = SetObjectId(o->objSz, buf); 42734 XMEMCPY(buf + idx, o->obj, o->objSz); 42735 idx = 0; 42736 ret = GetObjectId(buf, &idx, &oid, o->grp, len); 42737 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 42738 if (ret < 0) { 42739 WOLFSSL_MSG("Issue getting OID of object"); 42740 return -1; 42741 } 42742 } 42743 else { 42744 WOLFSSL_MSG("Issue getting OID of object"); 42745 return -1; 42746 } 38723 42747 } 38724 42748 … … 38777 42801 WOLFSSL_ENTER("wolfSSL_OBJ_cmp"); 38778 42802 38779 if (a != NULL && b != NULL && 38780 a->obj != NULL && b->obj != NULL && 38781 a->objSz == b->objSz) { 38782 return XMEMCMP(a->obj, b->obj, a->objSz); 42803 if (a && b && a->obj && b->obj) { 42804 if (a->objSz == b->objSz) { 42805 return XMEMCMP(a->obj, b->obj, a->objSz); 42806 } 42807 else if (a->type == EXT_KEY_USAGE_OID || 42808 b->type == EXT_KEY_USAGE_OID) { 42809 /* Special case for EXT_KEY_USAGE_OID so that 42810 * cmp will be treated as a substring search */ 42811 /* Used in libest to check for id-kp-cmcRA in 42812 * EXT_KEY_USAGE extension */ 42813 unsigned int idx; 42814 const byte* s; /* shorter */ 42815 unsigned int sLen; 42816 const byte* l; /* longer */ 42817 unsigned int lLen; 42818 if (a->objSz > b->objSz) { 42819 s = b->obj; sLen = b->objSz; 42820 l = a->obj; lLen = a->objSz; 42821 } 42822 else { 42823 s = a->obj; sLen = a->objSz; 42824 l = b->obj; lLen = b->objSz; 42825 } 42826 for (idx = 0; idx <= lLen - sLen; idx++) { 42827 if (XMEMCMP(l + idx, s, sLen) == 0) { 42828 /* Found substring */ 42829 return 0; 42830 } 42831 } 42832 } 38783 42833 } 38784 42834 38785 42835 return WOLFSSL_FATAL_ERROR; 38786 42836 } 38787 42837 #endif /* OPENSSL_EXTRA, HAVE_LIGHTY, WOLFSSL_MYSQL_COMPATIBLE, HAVE_STUNNEL, 42838 WOLFSSL_NGINX, HAVE_POCO_LIB, WOLFSSL_HAPROXY */ 42839 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ 42840 defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ 42841 defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ 42842 defined(HAVE_POCO_LIB) || defined(WOLFSSL_HAPROXY) 38788 42843 /* Gets the NID value that is related to the OID string passed in. Example 38789 42844 * string would be "2.5.29.14" for subject key ID. … … 38831 42886 /* try as a short name */ 38832 42887 len = (int)XSTRLEN(s); 38833 if (XSTRNCMP(wolfssl_object_info[i].sName, s, len) == 0) { 42888 if ((int)XSTRLEN(wolfssl_object_info[i].sName) == len && 42889 XSTRNCMP(wolfssl_object_info[i].sName, s, len) == 0) { 38834 42890 return wolfssl_object_info[i].nid; 38835 42891 } 38836 42892 38837 42893 /* try as a long name */ 38838 if (XSTRNCMP(wolfssl_object_info[i].lName, s, len) == 0) { 42894 if ((int)XSTRLEN(wolfssl_object_info[i].lName) == len && 42895 XSTRNCMP(wolfssl_object_info[i].lName, s, len) == 0) { 38839 42896 return wolfssl_object_info[i].nid; 38840 42897 } … … 38843 42900 return NID_undef; 38844 42901 } 42902 #endif 42903 #if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \ 42904 defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \ 42905 defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \ 42906 defined(WOLFSSL_HAPROXY) 38845 42907 38846 42908 /* Creates new ASN1_OBJECT from short name, long name, or text … … 38858 42920 unsigned int outSz = MAX_OID_SZ; 38859 42921 unsigned char out[MAX_OID_SZ]; 38860 unsigned int sum = 0;42922 WOLFSSL_ASN1_OBJECT* obj; 38861 42923 38862 42924 WOLFSSL_ENTER("wolfSSL_OBJ_txt2obj"); … … 38867 42929 /* If s is numerical value, try to sum oid */ 38868 42930 ret = EncodePolicyOID(out, &outSz, s, NULL); 38869 if (ret == 0) { 38870 for (i = 0; i < (int)outSz; i++) { 38871 sum += out[i]; 38872 } 42931 if (ret == 0 && outSz > 0) { 42932 /* If numerical encode succeeded then just 42933 * create object from that because sums are 42934 * not unique and can cause confusion. */ 42935 obj = wolfSSL_ASN1_OBJECT_new(); 42936 if (obj == NULL) { 42937 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 42938 return NULL; 42939 } 42940 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 42941 obj->obj = (byte*)XMALLOC(1 + MAX_LENGTH_SZ + outSz, NULL, 42942 DYNAMIC_TYPE_ASN1); 42943 if (obj->obj == NULL) { 42944 wolfSSL_ASN1_OBJECT_free(obj); 42945 return NULL; 42946 } 42947 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA ; 42948 i = SetObjectId(outSz, (byte*)obj->obj); 42949 XMEMCPY((byte*)obj->obj + i, out, outSz); 42950 obj->objSz = i + outSz; 42951 return obj; 38873 42952 } 38874 42953 … … 38880 42959 /* Short name, long name, and numerical value are interpreted */ 38881 42960 if (no_name == 0 && ((XSTRNCMP(s, wolfssl_object_info[i].sName, len) == 0) || 38882 (XSTRNCMP(s, wolfssl_object_info[i].lName, len) == 0) || 38883 (wolfssl_object_info[i].id == (int)sum))) 38884 nid = wolfssl_object_info[i].nid; 38885 /* Only numerical value is interpreted */ 38886 else if (no_name == 1 && wolfssl_object_info[i].id == (int)sum) 42961 (XSTRNCMP(s, wolfssl_object_info[i].lName, len) == 0))) 38887 42962 nid = wolfssl_object_info[i].nid; 38888 42963 } … … 38916 42991 void wolfSSL_set_verify_depth(WOLFSSL *ssl, int depth) 38917 42992 { 38918 #if !defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_STUB) 38919 (void)ssl; 38920 (void)depth; 38921 WOLFSSL_STUB("wolfSSL_set_verify_depth"); 38922 #else 42993 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 38923 42994 WOLFSSL_ENTER("wolfSSL_set_verify_depth"); 38924 42995 ssl->options.verifyDepth = (byte)depth; … … 38926 42997 } 38927 42998 38928 38929 WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne) { 42999 #endif /* OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || 43000 HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */ 43001 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ 43002 defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ 43003 defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ 43004 defined(HAVE_POCO_LIB) || defined(WOLFSSL_HAPROXY) 43005 WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne) 43006 { 43007 WOLFSSL_ASN1_OBJECT* obj = NULL; 43008 38930 43009 WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_object"); 38931 43010 if (ne == NULL) return NULL; 38932 if (wolfSSL_OBJ_nid2obj_ex(ne->nid, &ne->object) != NULL) { 38933 ne->object.nid = ne->nid; 38934 return &ne->object; 43011 obj = wolfSSL_OBJ_nid2obj_ex(ne->nid, ne->object); 43012 if (obj != NULL) { 43013 obj->nid = ne->nid; 43014 return obj; 38935 43015 } 38936 43016 return NULL; … … 38938 43018 38939 43019 38940 /* looks up the DN given the location "loc". "loc" is the number indicating 38941 * the order that the DN was parsed as, 0 is first DN parsed. 38942 * 38943 * returns the setup WOLFSSL_X509_NAME pointer on success and NULL on fail 38944 */ 38945 static WOLFSSL_X509_NAME* wolfSSL_nameByLoc(WOLFSSL_X509_NAME *name, int loc) 38946 { 38947 char* pt = NULL; 38948 int sz = 0; 38949 38950 switch (name->fullName.loc[loc]) 38951 { 38952 case ASN_COMMON_NAME: 38953 sz = name->fullName.cnLen; 38954 pt = &name->fullName.fullName[name->fullName.cnIdx]; 38955 name->cnEntry.nid = name->fullName.cnNid; 38956 break; 38957 case ASN_COUNTRY_NAME: 38958 sz = name->fullName.cLen; 38959 pt = &name->fullName.fullName[name->fullName.cIdx]; 38960 name->cnEntry.nid = name->fullName.cNid; 38961 break; 38962 case ASN_LOCALITY_NAME: 38963 sz = name->fullName.lLen; 38964 pt = &name->fullName.fullName[name->fullName.lIdx]; 38965 name->cnEntry.nid = name->fullName.lNid; 38966 break; 38967 case ASN_STATE_NAME: 38968 sz = name->fullName.stLen; 38969 pt = &name->fullName.fullName[name->fullName.stIdx]; 38970 name->cnEntry.nid = name->fullName.stNid; 38971 break; 38972 case ASN_ORG_NAME: 38973 sz = name->fullName.oLen; 38974 pt = &name->fullName.fullName[name->fullName.oIdx]; 38975 name->cnEntry.nid = name->fullName.oNid; 38976 break; 38977 case ASN_ORGUNIT_NAME: 38978 sz = name->fullName.ouLen; 38979 pt = &name->fullName.fullName[name->fullName.ouIdx]; 38980 name->cnEntry.nid = name->fullName.ouNid; 38981 break; 38982 case ASN_EMAIL_NAME: 38983 sz = name->fullName.emailLen; 38984 pt = &name->fullName.fullName[name->fullName.emailIdx]; 38985 name->cnEntry.nid = name->fullName.emailNid; 38986 break; 38987 case ASN_SUR_NAME: 38988 sz = name->fullName.snLen; 38989 pt = &name->fullName.fullName[name->fullName.snIdx]; 38990 name->cnEntry.nid = name->fullName.snNid; 38991 break; 38992 case ASN_USER_ID: 38993 sz = name->fullName.uidLen; 38994 pt = &name->fullName.fullName[name->fullName.uidIdx]; 38995 name->cnEntry.nid = name->fullName.uidNid; 38996 break; 38997 case ASN_SERIAL_NUMBER: 38998 sz = name->fullName.serialLen; 38999 pt = &name->fullName.fullName[name->fullName.serialIdx]; 39000 name->cnEntry.nid = name->fullName.serialNid; 39001 break; 39002 #ifdef WOLFSSL_CERT_EXT 39003 case ASN_BUS_CAT: 39004 sz = name->fullName.bcLen; 39005 pt = &name->fullName.fullName[name->fullName.bcIdx]; 39006 break; 39007 #endif 39008 39009 case ASN_DOMAIN_COMPONENT: 39010 /* get index of DC i.e. first or second or ... case */ 39011 { 39012 int idx = 0, i; 39013 for (i = 0; i < loc; i++) { 39014 if (name->fullName.loc[i] == ASN_DOMAIN_COMPONENT) { 39015 idx++; 39016 } 39017 } 39018 39019 /* check that index is not larger than max buffer size or larger 39020 * than the number of domain components parsed */ 39021 if (idx >= DOMAIN_COMPONENT_MAX || idx > name->fullName.dcNum) { 39022 WOLFSSL_MSG("Index was larger then domain buffer"); 39023 return NULL; 39024 } 39025 pt = &name->fullName.fullName[name->fullName.dcIdx[idx]], 39026 sz = name->fullName.dcLen[idx]; 39027 name->cnEntry.nid = ASN_DOMAIN_COMPONENT; 39028 name->cnEntry.data.type = CTC_UTF8; 39029 } 39030 break; 39031 39032 default: 39033 return NULL; 39034 } 39035 39036 /* -1 to leave room for trailing terminator 0 */ 39037 if (sz == 0 || sz >= CTC_NAME_SIZE - 1) 39038 return NULL; 39039 if (wolfSSL_ASN1_STRING_set(name->cnEntry.value, pt, sz) != 39040 WOLFSSL_SUCCESS) { 39041 WOLFSSL_MSG("Error setting local ASN1 string data"); 39042 return NULL; 39043 } 39044 name->cnEntry.value->type = CTC_UTF8; 39045 name->cnEntry.set = 1; 39046 return name; 39047 } 39048 39049 43020 #endif /* OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || 43021 HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */ 43022 43023 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \ 43024 defined(OPENSSL_EXTRA_X509_SMALL) 43025 43026 /* returns a pointer to the internal entry at location 'loc' on success, 43027 * a null pointer is returned in fail cases */ 39050 43028 WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry( 39051 43029 WOLFSSL_X509_NAME *name, int loc) … … 39057 43035 } 39058 43036 39059 if (loc < 0 ) {43037 if (loc < 0 || loc >= MAX_NAME_ENTRIES) { 39060 43038 WOLFSSL_MSG("Bad argument"); 39061 43039 return NULL; 39062 43040 } 39063 43041 39064 if (loc <= DN_NAMES_MAX + name->fullName.dcNum) { 39065 if (wolfSSL_nameByLoc(name, loc) != NULL) 39066 return &name->cnEntry; 39067 } 39068 /* DC component */ 39069 if (name->fullName.dcMode) { 39070 if (name->fullName.fullName != NULL){ 39071 if (loc == name->fullName.dcNum){ 39072 name->cnEntry.data.data 39073 = &name->fullName.fullName[name->fullName.cIdx]; 39074 name->cnEntry.data.length = name->fullName.cLen; 39075 name->cnEntry.nid = ASN_COUNTRY_NAME; 39076 } else { 39077 name->cnEntry.data.data 39078 = &name->fullName.fullName[name->fullName.dcIdx[loc]]; 39079 name->cnEntry.data.length = name->fullName.dcLen[loc]; 39080 name->cnEntry.nid = ASN_DOMAIN_COMPONENT; 39081 } 39082 } 39083 name->cnEntry.data.type = CTC_UTF8; 39084 /* common name index case */ 39085 } else if (loc == name->fullName.cnIdx && name->x509 != NULL) { 39086 /* get CN shortcut from x509 since it has null terminator */ 39087 name->cnEntry.data.data = name->x509->subjectCN; 39088 name->cnEntry.data.length = name->fullName.cnLen; 39089 name->cnEntry.data.type = CTC_UTF8; 39090 name->cnEntry.nid = ASN_COMMON_NAME; 39091 name->cnEntry.set = 1; 39092 } else { 39093 WOLFSSL_MSG("loc passed in is not in range of parsed DN's"); 43042 if (name->entry[loc].set) { 43043 return &name->entry[loc]; 43044 } 43045 else { 39094 43046 return NULL; 39095 43047 } 39096 return &name->cnEntry; 39097 } 39098 39099 #ifndef NO_WOLFSSL_STUB 43048 } 43049 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 43050 43051 #ifdef OPENSSL_EXTRA 43052 39100 43053 int wolfSSL_X509_check_private_key(WOLFSSL_X509 *x509, WOLFSSL_EVP_PKEY *key) 39101 43054 { 39102 (void) x509;39103 (void) key;39104 43055 WOLFSSL_ENTER("wolfSSL_X509_check_private_key"); 39105 WOLFSSL_STUB("X509_check_private_key"); 39106 39107 return WOLFSSL_SUCCESS; 39108 } 39109 39110 WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( 39111 WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk) 39112 { 39113 (void) sk; 39114 WOLFSSL_ENTER("wolfSSL_dup_CA_list"); 39115 WOLFSSL_STUB("SSL_dup_CA_list"); 39116 39117 return NULL; 39118 } 39119 39120 #endif 39121 39122 #endif /* OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || 39123 HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */ 39124 #endif /* OPENSSL_EXTRA */ 39125 39126 #ifndef WOLFCRYPT_ONLY 39127 39128 #ifdef OPENSSL_EXTRA 43056 43057 if (!x509 || !key) { 43058 WOLFSSL_MSG("Bad parameter"); 43059 return WOLFSSL_FAILURE; 43060 } 43061 43062 return wc_CheckPrivateKey((byte*)key->pkey.ptr, key->pkey_sz, 43063 x509->pubKey.buffer, x509->pubKey.length, 43064 (enum Key_Sum)x509->pubKeyOID) == 1 ? 43065 WOLFSSL_SUCCESS : WOLFSSL_FAILURE; 43066 } 39129 43067 39130 43068 /* wolfSSL uses negative values for error states. This function returns an … … 39179 43117 #endif /* !NO_CERTS */ 39180 43118 39181 39182 #if defined(HAVE_EX_DATA) || defined(FORTRESS) 43119 #endif /* OPENSSL_EXTRA */ 43120 43121 #if ((defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && defined(HAVE_EX_DATA)) || \ 43122 defined(FORTRESS) || \ 43123 defined(WOLFSSL_WPAS_SMALL) 39183 43124 void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX* ctx, int idx) 39184 43125 { 39185 43126 WOLFSSL_ENTER("wolfSSL_CTX_get_ex_data"); 39186 43127 #ifdef HAVE_EX_DATA 39187 43128 if(ctx != NULL) { 39188 43129 return wolfSSL_CRYPTO_get_ex_data(&ctx->ex_data, idx); 39189 43130 } 39190 43131 #else 39191 43132 (void)ctx; 39192 43133 (void)idx; 39193 43134 #endif 39194 43135 return NULL; 39195 43136 } … … 39247 43188 return WOLFSSL_FAILURE; 39248 43189 } 39249 #endif 39250 43190 43191 #endif /* ((OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) && HAVE_EX_DATA) || FORTRESS || WOLFSSL_WPAS_SMALL */ 43192 43193 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 39251 43194 39252 43195 /* Returns char* to app data stored in ex[0]. … … 39268 43211 * arg data to be stored 39269 43212 * 39270 * Returns SSL_SUCCESS on success and SSL_FAILURE on failure43213 * Returns WOLFSSL_SUCCESS on success and SSL_FAILURE on failure 39271 43214 */ 39272 43215 int wolfSSL_set_app_data(WOLFSSL *ssl, void* arg) { … … 39276 43219 } 39277 43220 43221 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 43222 43223 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ 43224 defined(WOLFSSL_WPAS_SMALL) 39278 43225 39279 43226 int wolfSSL_set_ex_data(WOLFSSL* ssl, int idx, void* data) … … 39294 43241 } 39295 43242 39296 39297 39298 43243 void* wolfSSL_get_ex_data(const WOLFSSL* ssl, int idx) 39299 43244 { … … 39311 43256 } 39312 43257 43258 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */ 43259 43260 #ifdef OPENSSL_EXTRA 43261 39313 43262 #ifndef NO_DSA 43263 #ifndef NO_BIO 39314 43264 WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x, 39315 43265 pem_password_cb *cb, void *u) … … 39342 43292 } 39343 43293 39344 if ( (ret =PemToDer(buf, (long)bufSz, DSA_PARAM_TYPE, &pDer, NULL, NULL,39345 NULL) )< 0 ) {43294 if (PemToDer(buf, (long)bufSz, DSA_PARAM_TYPE, &pDer, NULL, NULL, 43295 NULL) < 0 ) { 39346 43296 WOLFSSL_MSG("Issue converting from PEM to DER"); 39347 43297 return NULL; 39348 43298 } 39349 43299 39350 if ( (ret = GetSequence(pDer->buffer, &idx, &length, pDer->length)) < 0) {43300 if (GetSequence(pDer->buffer, &idx, &length, pDer->length) < 0) { 39351 43301 WOLFSSL_LEAVE("wolfSSL_PEM_read_bio_DSAparams", ret); 39352 43302 FreeDer(&pDer); … … 39406 43356 return dsa; 39407 43357 } 43358 #endif /* !NO_BIO */ 39408 43359 #endif /* NO_DSA */ 39409 43360 #endif /* OPENSSL_EXTRA */ 39410 #endif /* WOLFCRYPT_ONLY */39411 43361 39412 43362 #if defined(OPENSSL_EXTRA) … … 39481 43431 /* End Functions for openssl/buffer.h */ 39482 43432 43433 size_t wolfSSL_strlcpy(char *dst, const char *src, size_t dstSize) 43434 { 43435 size_t i; 43436 43437 if (!dstSize || !dst || !src) 43438 return 0; 43439 43440 /* Always have to leave a space for NULL */ 43441 for (i = 0; i < (dstSize - 1) && *src != '\0'; i++) { 43442 *dst++ = *src++; 43443 } 43444 *dst = '\0'; 43445 43446 return i; /* return length without NULL */ 43447 } 43448 43449 size_t wolfSSL_strlcat(char *dst, const char *src, size_t dstSize) 43450 { 43451 size_t dstLen; 43452 43453 if (!dstSize) 43454 return 0; 43455 43456 dstLen = XSTRLEN(dst); 43457 43458 if (dstSize < dstLen) 43459 return dstLen + XSTRLEN(src); 43460 43461 return dstLen + wolfSSL_strlcpy(dst + dstLen, src, dstSize - dstLen); 43462 43463 } 39483 43464 #endif /* OPENSSL_EXTRA */ 39484 43465 … … 39487 43468 || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) 39488 43469 43470 #ifndef NO_BIO 39489 43471 WOLFSSL_BIO *wolfSSL_BIO_new_file(const char *filename, const char *mode) 39490 43472 { … … 39541 43523 } 39542 43524 #endif 43525 #endif /* !NO_BIO */ 39543 43526 39544 43527 39545 43528 #ifndef NO_DH 43529 #ifndef NO_BIO 39546 43530 WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bio, WOLFSSL_DH **x, 39547 43531 pem_password_cb *cb, void *u) … … 39673 43657 #endif 39674 43658 } 43659 #endif /* !NO_BIO */ 39675 43660 39676 43661 #ifndef NO_FILESYSTEM … … 39758 43743 } 39759 43744 43745 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) 39760 43746 int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz) 39761 43747 { … … 40023 44009 return WOLFSSL_SUCCESS; 40024 44010 } 44011 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ 40025 44012 #endif /* WOLFSSL_QT || OPENSSL_ALL */ 40026 44013 #endif /* !NO_FILESYSTEM */ 40027 44014 #endif /* !NO_DH */ 44015 44016 #ifndef NO_BIO 40028 44017 40029 44018 #ifdef WOLFSSL_CERT_GEN … … 40126 44115 return WOLFSSL_SUCCESS; 40127 44116 } 40128 #endif /* WOLFSSL_CERT_GEN */40129 44117 40130 44118 int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bio, WOLFSSL_X509 *cert) 40131 44119 { 40132 byte* pem ;44120 byte* pem = NULL; 40133 44121 int pemSz = 0; 40134 const unsigned char* der; 40135 int derSz; 44122 /* Get large buffer to hold cert der */ 44123 int derSz = X509_BUFFER_SZ; 44124 #ifdef WOLFSSL_SMALL_STACK 44125 byte* der; 44126 #else 44127 byte der[X509_BUFFER_SZ]; 44128 #endif 40136 44129 int ret; 40137 44130 … … 40143 44136 } 40144 44137 40145 der = wolfSSL_X509_get_der(cert, &derSz); 40146 if (der == NULL) { 44138 #ifdef WOLFSSL_SMALL_STACK 44139 der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 44140 if (!der) { 44141 WOLFSSL_MSG("malloc failed"); 40147 44142 return WOLFSSL_FAILURE; 44143 } 44144 #endif 44145 44146 if (wolfssl_x509_make_der(cert, 0, der, &derSz, 1) != WOLFSSL_SUCCESS) { 44147 goto error; 40148 44148 } 40149 44149 … … 40151 44151 pemSz = wc_DerToPemEx(der, derSz, NULL, 0, NULL, CERT_TYPE); 40152 44152 if (pemSz < 0) { 40153 return WOLFSSL_FAILURE;44153 goto error; 40154 44154 } 40155 44155 … … 40157 44157 pem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 40158 44158 if (pem == NULL) { 40159 return WOLFSSL_FAILURE;44159 goto error; 40160 44160 } 40161 44161 if (wc_DerToPemEx(der, derSz, pem, pemSz, NULL, CERT_TYPE) < 0) { 40162 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 40163 return WOLFSSL_FAILURE; 44162 goto error; 40164 44163 } 40165 44164 … … 40170 44169 if (ret <= 0) return WOLFSSL_FAILURE; 40171 44170 return WOLFSSL_SUCCESS; 40172 } 40173 44171 44172 error: 44173 #ifdef WOLFSSL_SMALL_STACK 44174 XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); 44175 #endif 44176 if (pem) 44177 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 44178 return WOLFSSL_FAILURE; 44179 } 44180 #endif /* WOLFSSL_CERT_GEN */ 44181 44182 #endif /* !NO_BIO */ 40174 44183 40175 44184 #if defined(OPENSSL_EXTRA) && !defined(NO_DH) … … 40245 44254 switch (cmd) { 40246 44255 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_QT) || defined(OPENSSL_ALL) 44256 #ifdef HAVE_SNI 40247 44257 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 40248 44258 WOLFSSL_MSG("Entering Case: SSL_CTRL_SET_TLSEXT_HOSTNAME."); 40249 #ifdef HAVE_SNI40250 44259 if (pt == NULL) { 40251 44260 WOLFSSL_MSG("Passed in NULL Host Name."); … … 40253 44262 } 40254 44263 return wolfSSL_set_tlsext_host_name(ssl, (const char*) pt); 40255 #else40256 WOLFSSL_MSG("SNI not enabled.");40257 break;40258 44264 #endif /* HAVE_SNI */ 40259 44265 #endif /* WOLFSSL_NGINX || WOLFSSL_QT || OPENSSL_ALL */ … … 40314 44320 wolfSSL_sk_X509_free(ctx->x509Chain); 40315 44321 ctx->x509Chain = sk; 40316 if (sk) { 44322 if (sk && opt == 1) { 44323 /* up all refs when opt == 1 */ 40317 44324 for (i = 0; i < wolfSSL_sk_X509_num(sk); i++) { 40318 44325 x509 = wolfSSL_sk_X509_value(sk, i); 40319 /* On successful setting of new chain up all refs */40320 44326 if (wolfSSL_X509_up_ref(x509) != 1) { 40321 44327 WOLFSSL_MSG("Error increasing reference count"); … … 40428 44434 } 40429 44435 44436 #ifndef NO_BIO 44437 40430 44438 /* Creates a new bio pair. 40431 44439 Returns WOLFSSL_SUCCESS if no error, WOLFSSL_FAILURE otherwise.*/ … … 40455 44463 } 40456 44464 if (ret && writebuf1) { 40457 if (!(ret = wolfSSL_BIO_set_write_buf_size(bio1, writebuf1))) {44465 if (!(ret = wolfSSL_BIO_set_write_buf_size(bio1, (long)writebuf1))) { 40458 44466 WOLFSSL_MSG("wolfSSL_BIO_set_write_buf() failure"); 40459 44467 } 40460 44468 } 40461 44469 if (ret && writebuf2) { 40462 if (!(ret = wolfSSL_BIO_set_write_buf_size(bio2, writebuf2))) {44470 if (!(ret = wolfSSL_BIO_set_write_buf_size(bio2, (long)writebuf2))) { 40463 44471 WOLFSSL_MSG("wolfSSL_BIO_set_write_buf() failure"); 40464 44472 } … … 40490 44498 int bioMemSz = 0; 40491 44499 WOLFSSL_RSA* key = NULL; 40492 unsigned char maxKeyBuf[4096];44500 unsigned char *maxKeyBuf = NULL; 40493 44501 unsigned char* bufPtr = NULL; 40494 44502 unsigned char* extraBioMem = NULL; … … 40505 44513 (void)out; 40506 44514 40507 bioMemSz = wolfSSL_BIO_ pending(bio);44515 bioMemSz = wolfSSL_BIO_get_len(bio); 40508 44516 if (bioMemSz <= 0) { 40509 WOLFSSL_MSG("wolfSSL_BIO_ pending() failure");44517 WOLFSSL_MSG("wolfSSL_BIO_get_len() failure"); 40510 44518 return NULL; 40511 44519 } … … 40517 44525 } 40518 44526 44527 maxKeyBuf = (unsigned char*)XMALLOC(4096, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 44528 if (maxKeyBuf == NULL) { 44529 WOLFSSL_MSG("Malloc failure"); 44530 XFREE((unsigned char*)bioMem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 44531 return NULL; 44532 } 40519 44533 bufPtr = maxKeyBuf; 40520 44534 if (wolfSSL_BIO_read(bio, (unsigned char*)bioMem, (int)bioMemSz) == bioMemSz) { … … 40539 44553 XFREE((unsigned char*)bioMem, bio->heap, 40540 44554 DYNAMIC_TYPE_TMP_BUFFER); 44555 XFREE((unsigned char*)maxKeyBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 40541 44556 return NULL; 40542 44557 } … … 40548 44563 40549 44564 wolfSSL_BIO_write(bio, extraBioMem, extraBioMemSz); 40550 if (wolfSSL_BIO_ pending(bio) <= 0) {44565 if (wolfSSL_BIO_get_len(bio) <= 0) { 40551 44566 WOLFSSL_MSG("Failed to write memory to bio"); 40552 44567 XFREE((unsigned char*)extraBioMem, bio->heap, … … 40554 44569 XFREE((unsigned char*)bioMem, bio->heap, 40555 44570 DYNAMIC_TYPE_TMP_BUFFER); 44571 XFREE((unsigned char*)maxKeyBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 40556 44572 return NULL; 40557 44573 } … … 40565 44581 } 40566 44582 XFREE((unsigned char*)bioMem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 44583 XFREE((unsigned char*)maxKeyBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 40567 44584 return key; 40568 44585 } 40569 44586 #endif 44587 44588 #endif /* !NO_BIO */ 40570 44589 40571 44590 … … 40595 44614 int ret; 40596 44615 int derSize; 40597 unsigned char maxDerBuf[4096];44616 unsigned char *maxDerBuf; 40598 44617 unsigned char* key = NULL; 40599 44618 … … 40603 44622 WOLFSSL_MSG("one or more inputs were NULL"); 40604 44623 return BAD_FUNC_ARG; 44624 } 44625 maxDerBuf = (unsigned char*)XMALLOC(4096, NULL, DYNAMIC_TYPE_TMP_BUFFER); 44626 if (maxDerBuf == NULL) { 44627 WOLFSSL_MSG("Malloc failure"); 44628 return MEMORY_E; 40605 44629 } 40606 44630 key = maxDerBuf; … … 40608 44632 if ((derSize = wolfSSL_i2d_RSAPrivateKey(rsa, &key)) <= 0) { 40609 44633 WOLFSSL_MSG("wolfSSL_i2d_RSAPrivateKey() failure"); 44634 XFREE(maxDerBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 40610 44635 return WOLFSSL_FAILURE; 40611 44636 } … … 40614 44639 if (ret != WOLFSSL_SUCCESS) { 40615 44640 WOLFSSL_MSG("wolfSSL_CTX_USE_PrivateKey_buffer() failure"); 44641 XFREE(maxDerBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 40616 44642 return WOLFSSL_FAILURE; 40617 44643 } 44644 XFREE(maxDerBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 40618 44645 return ret; 40619 44646 } … … 40621 44648 40622 44649 44650 #ifndef NO_BIO 40623 44651 /* Converts EVP_PKEY data from a bio buffer to a WOLFSSL_EVP_PKEY structure. 40624 44652 Returns pointer to private EVP_PKEY struct upon success, NULL if there … … 40642 44670 (void)out; 40643 44671 40644 memSz = wolfSSL_BIO_ pending(bio);44672 memSz = wolfSSL_BIO_get_len(bio); 40645 44673 if (memSz <= 0) { 40646 WOLFSSL_MSG("wolfSSL_BIO_ pending() failure");44674 WOLFSSL_MSG("wolfSSL_BIO_get_len() failure"); 40647 44675 return NULL; 40648 44676 } … … 40682 44710 40683 44711 wolfSSL_BIO_write(bio, extraBioMem, extraBioMemSz); 40684 if (wolfSSL_BIO_ pending(bio) <= 0) {44712 if (wolfSSL_BIO_get_len(bio) <= 0) { 40685 44713 WOLFSSL_MSG("Failed to write memory to bio"); 40686 44714 XFREE((unsigned char*)extraBioMem, bio->heap, … … 40700 44728 return key; 40701 44729 } 44730 #endif /* !NO_BIO */ 40702 44731 40703 44732 … … 40815 44844 (void)fp; 40816 44845 } 40817 #endif 40818 44846 #endif /* !NO_FILESYSTEM */ 44847 44848 #endif /* OPENSSL_ALL || OPENSSL_EXTRA || HAVE_STUNNEL || WOLFSSL_NGINX || 44849 HAVE_LIGHTY || WOLFSSL_HAPROXY || WOLFSSL_OPENSSH */ 44850 44851 44852 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || defined(FORTRESS) 40819 44853 int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION* session, int idx, void* data) 40820 44854 { … … 40831 44865 return WOLFSSL_FAILURE; 40832 44866 } 44867 44868 void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION* session, int idx) 44869 { 44870 WOLFSSL_ENTER("wolfSSL_SESSION_get_ex_data"); 44871 #ifdef HAVE_EX_DATA 44872 if (session != NULL) { 44873 return wolfSSL_CRYPTO_get_ex_data(&session->ex_data, idx); 44874 } 44875 #else 44876 (void)session; 44877 (void)idx; 44878 #endif 44879 return NULL; 44880 } 44881 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL || FORTRESS */ 44882 44883 #if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || \ 44884 defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) || \ 44885 defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_OPENSSH))) 40833 44886 40834 44887 … … 40848 44901 } 40849 44902 return WOLFSSL_FAILURE; 40850 }40851 40852 40853 void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION* session, int idx)40854 {40855 WOLFSSL_ENTER("wolfSSL_SESSION_get_ex_data");40856 #ifdef HAVE_EX_DATA40857 if (session != NULL) {40858 return wolfSSL_CRYPTO_get_ex_data(&session->ex_data, idx);40859 }40860 #else40861 (void)session;40862 (void)idx;40863 #endif40864 return NULL;40865 44903 } 40866 44904 … … 41046 45084 } 41047 45085 41048 41049 /* copies over data of "in" to "out" */41050 static void wolfSSL_CIPHER_copy(WOLFSSL_CIPHER* in, WOLFSSL_CIPHER* out)41051 {41052 if (in == NULL || out == NULL)41053 return;41054 41055 out->cipherSuite = in->cipherSuite;41056 out->cipherSuite0 = in->cipherSuite0;41057 }41058 41059 41060 /* create duplicate of stack and return the new stack41061 * returns null on failure */41062 WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_sk_SSL_CIPHER_dup(41063 WOLF_STACK_OF(WOLFSSL_CIPHER)* in)41064 {41065 WOLFSSL_STACK* current;41066 WOLF_STACK_OF(WOLFSSL_CIPHER)* ret = NULL;41067 int i, sz;41068 41069 sz = wolfSSL_sk_SSL_CIPHER_num(in);41070 current = in;41071 for (i = 0; i < sz && current != NULL; i++) {41072 WOLFSSL_STACK* add = wolfSSL_sk_new_node(in->heap);41073 if (add != NULL) {41074 add->type = STACK_TYPE_CIPHER;41075 wolfSSL_CIPHER_copy(&(current->data.cipher), &(add->data.cipher));41076 add->num = i+1;41077 add->next = ret;41078 ret = add;41079 current = current->next;41080 }41081 }41082 return ret;41083 }41084 41085 45086 /* nothing to do yet */ 41086 45087 static void wolfSSL_CIPHER_free(WOLFSSL_CIPHER* in) … … 41141 45142 sk->data.info = node->data.info; 41142 45143 sk->next = node->next; 41143 XFREE(node, NULL, DYNAMIC_TYPE_OPENSSL);45144 wolfSSL_sk_free_node(node); 41144 45145 } 41145 45146 else { /* last x509 in stack */ … … 41254 45255 return sk; 41255 45256 } 45257 45258 45259 /* Creates a duplicate of WOLF_STACK_OF(WOLFSSL_X509_NAME). 45260 * Returns a new WOLF_STACK_OF(WOLFSSL_X509_NAME) or NULL on failure */ 45261 WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( 45262 WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk) 45263 { 45264 int i; 45265 const int num = wolfSSL_sk_X509_NAME_num(sk); 45266 WOLF_STACK_OF(WOLFSSL_X509_NAME) *copy; 45267 WOLFSSL_X509_NAME *name; 45268 45269 WOLFSSL_ENTER("wolfSSL_dup_CA_list"); 45270 45271 copy = wolfSSL_sk_X509_NAME_new(NULL); 45272 if (copy == NULL) { 45273 WOLFSSL_MSG("Memory error"); 45274 return NULL; 45275 } 45276 45277 for (i = 0; i < num; i++) { 45278 name = wolfSSL_X509_NAME_dup(wolfSSL_sk_X509_NAME_value(sk, i)); 45279 if (name == NULL || 0 != wolfSSL_sk_X509_NAME_push(copy, name)) { 45280 WOLFSSL_MSG("Memory error"); 45281 wolfSSL_sk_X509_NAME_pop_free(copy, wolfSSL_X509_NAME_free); 45282 return NULL; 45283 } 45284 } 45285 45286 return copy; 45287 } 45288 41256 45289 41257 45290 int wolfSSL_sk_X509_NAME_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, … … 41450 45483 XFREE(sk, sk->heap, DYNAMIC_TYPE_OPENSSL); 41451 45484 } 45485 45486 #ifndef NO_BIO 41452 45487 41453 45488 #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) … … 41508 45543 #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 41509 45544 int count = 0, len = 0, totalSz = 0, tmpSz = 0; 41510 char tmp[ASN_NAME_MAX ];45545 char tmp[ASN_NAME_MAX+1]; 41511 45546 char fullName[ASN_NAME_MAX]; 41512 45547 const char *buf = NULL; … … 41550 45585 /* tmpSz+1 for last null char */ 41551 45586 XSNPRINTF(tmp, tmpSz+1, "%s=%s,", buf, str->data); 41552 XSTRNCAT(fullName, tmp, tmpSz );45587 XSTRNCAT(fullName, tmp, tmpSz+1); 41553 45588 } 41554 45589 else { … … 41575 45610 return WOLFSSL_SUCCESS; 41576 45611 } 45612 #endif /* !NO_BIO */ 45613 45614 #ifndef NO_FILESYSTEM 45615 int wolfSSL_X509_NAME_print_ex_fp(XFILE file, WOLFSSL_X509_NAME* name, 45616 int indent, unsigned long flags) 45617 { 45618 WOLFSSL_BIO* bio; 45619 int ret; 45620 45621 WOLFSSL_ENTER("wolfSSL_X509_NAME_print_ex_fp"); 45622 45623 if (!(bio = wolfSSL_BIO_new_fp(file, BIO_NOCLOSE))) { 45624 WOLFSSL_MSG("wolfSSL_BIO_new_fp error"); 45625 return WOLFSSL_FAILURE; 45626 } 45627 45628 ret = wolfSSL_X509_NAME_print_ex(bio, name, indent, flags); 45629 45630 wolfSSL_BIO_free(bio); 45631 45632 return ret; 45633 } 45634 #endif 41577 45635 41578 45636 #ifndef NO_WOLFSSL_STUB … … 41682 45740 41683 45741 45742 #ifdef HAVE_SNI 45743 41684 45744 void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX* ctx, CallbackSniRecv cb) 41685 45745 { … … 41710 45770 } 41711 45771 45772 #endif /* HAVE_SNI */ 45773 45774 45775 #ifndef NO_BIO 41712 45776 void wolfSSL_ERR_load_BIO_strings(void) { 41713 45777 WOLFSSL_ENTER("ERR_load_BIO_strings"); 41714 45778 /* do nothing */ 41715 45779 } 45780 #endif 41716 45781 41717 45782 #ifndef NO_WOLFSSL_STUB … … 41782 45847 #if defined(OPENSSL_EXTRA) 41783 45848 45849 int wolfSSL_CRYPTO_memcmp(const void *a, const void *b, size_t size) 45850 { 45851 if (!a || !b) 45852 return 0; 45853 return ConstantCompare((const byte*)a, (const byte*)b, (int)size); 45854 } 45855 41784 45856 int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s) 41785 45857 { … … 41837 45909 #if (defined(HAVE_SESSION_TICKET) || defined(SESSION_CERTS)) && \ 41838 45910 !defined(NO_FILESYSTEM) 45911 45912 #ifndef NO_BIO 41839 45913 41840 45914 #if defined(SESSION_CERTS) || \ … … 41996 46070 #endif 41997 46071 46072 #if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \ 46073 defined(HAVE_EXT_CACHE)) 41998 46074 if (wolfSSL_BIO_printf(bp, " Start Time: %ld\n", 41999 46075 wolfSSL_SESSION_get_time(x)) <= 0) … … 42003 46079 wolfSSL_SESSION_get_timeout(x)) <= 0) 42004 46080 return WOLFSSL_FAILURE; 46081 #endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */ 42005 46082 42006 46083 /* @TODO verify return code print */ … … 42012 46089 return WOLFSSL_SUCCESS; 42013 46090 } 46091 46092 #endif /* !NO_BIO */ 42014 46093 #endif /* (HAVE_SESSION_TICKET || SESSION_CERTS) && !NO_FILESYSTEM */ 42015 46094 … … 42019 46098 || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) 42020 46099 42021 int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx) 46100 /* TODO: Doesn't currently track SSL_VERIFY_CLIENT_ONCE */ 46101 int wolfSSL_get_verify_mode(const WOLFSSL* ssl) { 46102 int mode = 0; 46103 WOLFSSL_ENTER("wolfSSL_get_verify_mode"); 46104 46105 if (!ssl) { 46106 return WOLFSSL_FAILURE; 46107 } 46108 46109 if (ssl->options.verifyNone) { 46110 mode = WOLFSSL_VERIFY_NONE; 46111 } 46112 else { 46113 if (ssl->options.verifyPeer) { 46114 mode |= WOLFSSL_VERIFY_PEER; 46115 } 46116 if (ssl->options.failNoCert) { 46117 mode |= WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT; 46118 } 46119 if (ssl->options.failNoCertxPSK) { 46120 mode |= WOLFSSL_VERIFY_FAIL_EXCEPT_PSK; 46121 } 46122 } 46123 46124 WOLFSSL_LEAVE("wolfSSL_get_verify_mode", mode); 46125 return mode; 46126 } 46127 46128 int wolfSSL_CTX_get_verify_mode(const WOLFSSL_CTX* ctx) 42022 46129 { 42023 46130 int mode = 0; 42024 46131 WOLFSSL_ENTER("wolfSSL_CTX_get_verify_mode"); 42025 46132 42026 if(!ctx) 42027 return WOLFSSL_FATAL_ERROR; 42028 42029 if (ctx->verifyPeer) 42030 mode |= WOLFSSL_VERIFY_PEER; 42031 else if (ctx->verifyNone) 42032 mode |= WOLFSSL_VERIFY_NONE; 42033 42034 if (ctx->failNoCert) 42035 mode |= WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT; 42036 42037 if (ctx->failNoCertxPSK) 42038 mode |= WOLFSSL_VERIFY_FAIL_EXCEPT_PSK; 46133 if (!ctx) { 46134 return WOLFSSL_FAILURE; 46135 } 46136 46137 if (ctx->verifyNone) { 46138 mode = WOLFSSL_VERIFY_NONE; 46139 } 46140 else { 46141 if (ctx->verifyPeer) { 46142 mode |= WOLFSSL_VERIFY_PEER; 46143 } 46144 if (ctx->failNoCert) { 46145 mode |= WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT; 46146 } 46147 if (ctx->failNoCertxPSK) { 46148 mode |= WOLFSSL_VERIFY_FAIL_EXCEPT_PSK; 46149 } 46150 } 42039 46151 42040 46152 WOLFSSL_LEAVE("wolfSSL_CTX_get_verify_mode", mode); … … 42641 46753 } 42642 46754 42643 if (wc_ed448_sign_msg(msg, msgSz, sig, sigSz, &key ) != MP_OKAY)46755 if (wc_ed448_sign_msg(msg, msgSz, sig, sigSz, &key, NULL, 0) != MP_OKAY) 42644 46756 WOLFSSL_MSG("wc_curve448_shared_secret_ex failed"); 42645 46757 else … … 42693 46805 42694 46806 if ((ret = wc_ed448_verify_msg((byte*)sig, sigSz, msg, msgSz, &check, 42695 &key )) != MP_OKAY) {46807 &key, NULL, 0)) != MP_OKAY) { 42696 46808 WOLFSSL_MSG("wc_ed448_verify_msg failed"); 42697 46809 } … … 42788 46900 42789 46901 while (1) { 42790 if ((ret = wc_PeekErrorNode(-1, file, NULL, line)) < 0) { 46902 ret = wc_PeekErrorNode(-1, file, NULL, line); 46903 if (ret == BAD_MUTEX_E || ret == BAD_FUNC_ARG || ret == BAD_STATE_E) { 42791 46904 WOLFSSL_MSG("Issue peeking at error node in queue"); 42792 46905 return 0; … … 42799 46912 if (ret == -ASN_NO_PEM_HEADER) 42800 46913 return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE; 42801 if (ret != WANT_READ && ret !=WANT_WRITE &&42802 ret != ZERO_RETURN && ret !=WOLFSSL_ERROR_ZERO_RETURN &&42803 ret != SOCKET_PEER_CLOSED_E && ret !=SOCKET_ERROR_E)46914 if (ret != -WANT_READ && ret != -WANT_WRITE && 46915 ret != -ZERO_RETURN && ret != -WOLFSSL_ERROR_ZERO_RETURN && 46916 ret != -SOCKET_PEER_CLOSED_E && ret != -SOCKET_ERROR_E) 42804 46917 break; 42805 46918 … … 42816 46929 42817 46930 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 46931 46932 46933 /* Is the specified cipher suite a fake one used an an extension proxy? */ 46934 static WC_INLINE int SCSV_Check(byte suite0, byte suite) 46935 { 46936 (void)suite0; 46937 (void)suite; 46938 #ifdef HAVE_RENEGOTIATION_INDICATION 46939 if (suite0 == CIPHER_BYTE && suite == TLS_EMPTY_RENEGOTIATION_INFO_SCSV) 46940 return 1; 46941 #endif 46942 #ifdef BUILD_TLS_QSH 46943 /* This isn't defined as a SCSV, but it acts like one. */ 46944 if (suite0 == QSH_BYTE && suite == TLS_QSH) 46945 return 1; 46946 #endif 46947 return 0; 46948 } 46949 46950 static WC_INLINE int sslCipherMinMaxCheck(const WOLFSSL *ssl, byte suite0, 46951 byte suite) 46952 { 46953 const CipherSuiteInfo* cipher_names = GetCipherNames(); 46954 int cipherSz = GetCipherNamesSize(); 46955 int i; 46956 for (i = 0; i < cipherSz; i++) 46957 if (cipher_names[i].cipherSuite0 == suite0 && 46958 cipher_names[i].cipherSuite == suite) 46959 break; 46960 if (i == cipherSz) 46961 return 1; 46962 /* Check min version */ 46963 if (cipher_names[i].minor < ssl->options.minDowngrade) { 46964 if (ssl->options.minDowngrade <= TLSv1_2_MINOR && 46965 cipher_names[i].minor >= TLSv1_MINOR) 46966 /* 1.0 ciphersuites are in general available in 1.1 and 46967 * 1.1 ciphersuites are in general available in 1.2 */ 46968 return 0; 46969 return 1; 46970 } 46971 /* Check max version */ 46972 switch (cipher_names[i].minor) { 46973 case SSLv3_MINOR : 46974 return ssl->options.mask & WOLFSSL_OP_NO_SSLv3; 46975 case TLSv1_MINOR : 46976 return ssl->options.mask & WOLFSSL_OP_NO_TLSv1; 46977 case TLSv1_1_MINOR : 46978 return ssl->options.mask & WOLFSSL_OP_NO_TLSv1_1; 46979 case TLSv1_2_MINOR : 46980 return ssl->options.mask & WOLFSSL_OP_NO_TLSv1_2; 46981 case TLSv1_3_MINOR : 46982 return ssl->options.mask & WOLFSSL_OP_NO_TLSv1_3; 46983 default: 46984 WOLFSSL_MSG("Unrecognized minor version"); 46985 return 1; 46986 } 46987 } 42818 46988 42819 46989 /* returns a pointer to internal cipher suite list. Should not be free'd by … … 42824 46994 WOLF_STACK_OF(WOLFSSL_CIPHER)* ret = NULL; 42825 46995 Suites* suites; 46996 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 46997 const CipherSuiteInfo* cipher_names = GetCipherNames(); 46998 int cipherSz = GetCipherNamesSize(); 46999 #endif 42826 47000 42827 47001 WOLFSSL_ENTER("wolfSSL_get_ciphers_compat"); … … 42831 47005 42832 47006 if (ssl->suites != NULL) { 47007 if (ssl->suites->suiteSz == 0 && 47008 InitSSL_Suites((WOLFSSL*)ssl) != WOLFSSL_SUCCESS) { 47009 WOLFSSL_MSG("Suite initialization failure"); 47010 return NULL; 47011 } 42833 47012 suites = ssl->suites; 42834 47013 } … … 42840 47019 if (suites->stack == NULL) { 42841 47020 int i; 47021 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 47022 int j; 47023 #endif 42842 47024 for (i = 0; i < suites->suiteSz; i+=2) { 42843 WOLFSSL_STACK* add = wolfSSL_sk_new_node(ssl->heap); 47025 WOLFSSL_STACK* add; 47026 47027 /* A couple of suites are placeholders for special options, 47028 * skip those. */ 47029 if (SCSV_Check(suites->suites[i], suites->suites[i+1]) 47030 || sslCipherMinMaxCheck(ssl, suites->suites[i], 47031 suites->suites[i+1])) { 47032 continue; 47033 } 47034 47035 add = wolfSSL_sk_new_node(ssl->heap); 42844 47036 if (add != NULL) { 42845 47037 add->type = STACK_TYPE_CIPHER; 42846 47038 add->data.cipher.cipherSuite0 = suites->suites[i]; 42847 47039 add->data.cipher.cipherSuite = suites->suites[i+1]; 47040 add->data.cipher.ssl = ssl; 47041 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 47042 for (j = 0; j < cipherSz; j++) { 47043 if (cipher_names[j].cipherSuite0 == 47044 add->data.cipher.cipherSuite0 && 47045 cipher_names[j].cipherSuite == 47046 add->data.cipher.cipherSuite) { 47047 add->data.cipher.offset = j; 47048 break; 47049 } 47050 } 47051 #endif 42848 47052 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) 42849 47053 /* in_stack is checked in wolfSSL_CIPHER_description */ 42850 add->data.cipher.in_stack = 1;47054 add->data.cipher.in_stack = 1; 42851 47055 #endif 42852 47056 … … 42877 47081 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ 42878 47082 || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) 47083 42879 47084 int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a, void *b, void *c) 42880 47085 { … … 42890 47095 return x509_idx++; 42891 47096 } 42892 47097 #endif 47098 47099 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ 47100 defined(WOLFSSL_WPAS_SMALL) 42893 47101 #if defined(HAVE_EX_DATA) || defined(FORTRESS) 42894 47102 void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx) … … 42921 47129 return WOLFSSL_FAILURE; 42922 47130 } 42923 #endif /* defined(HAVE_EX_DATA) || defined(FORTRESS)*/47131 #endif /* HAVE_EX_DATA || FORTRESS */ 42924 47132 42925 47133 void *wolfSSL_X509_get_ex_data(X509 *x509, int idx) 42926 47134 { 42927 47135 WOLFSSL_ENTER("wolfSSL_X509_get_ex_data"); 42928 47136 #ifdef HAVE_EX_DATA 42929 47137 if (x509 != NULL) { 42930 47138 return wolfSSL_CRYPTO_get_ex_data(&x509->ex_data, idx); 42931 47139 } 42932 47140 #else 42933 47141 (void)x509; 42934 47142 (void)idx; 42935 47143 #endif 42936 47144 return NULL; 42937 47145 } … … 42940 47148 { 42941 47149 WOLFSSL_ENTER("wolfSSL_X509_set_ex_data"); 42942 47150 #ifdef HAVE_EX_DATA 42943 47151 if (x509 != NULL) 42944 47152 { 42945 47153 return wolfSSL_CRYPTO_set_ex_data(&x509->ex_data, idx, data); 42946 47154 } 42947 47155 #else 42948 47156 (void)x509; 42949 47157 (void)idx; 42950 47158 (void)data; 42951 47159 #endif 42952 47160 return WOLFSSL_FAILURE; 42953 47161 } 47162 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */ 47163 47164 47165 #ifndef NO_ASN 47166 int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk, size_t chklen, 47167 unsigned int flags, char **peername) 47168 { 47169 int ret; 47170 DecodedCert dCert; 47171 47172 WOLFSSL_ENTER("wolfSSL_X509_check_host"); 47173 47174 /* flags and peername not needed for Nginx. */ 47175 (void)flags; 47176 (void)peername; 47177 47178 if ((x == NULL) || (chk == NULL)) { 47179 WOLFSSL_MSG("Invalid parameter"); 47180 return WOLFSSL_FAILURE; 47181 } 47182 47183 if (flags == WOLFSSL_NO_WILDCARDS) { 47184 WOLFSSL_MSG("X509_CHECK_FLAG_NO_WILDCARDS not yet implemented"); 47185 return WOLFSSL_FAILURE; 47186 } 47187 47188 InitDecodedCert(&dCert, x->derCert->buffer, x->derCert->length, NULL); 47189 ret = ParseCertRelative(&dCert, CERT_TYPE, 0, NULL); 47190 if (ret != 0) { 47191 FreeDecodedCert(&dCert); 47192 return WOLFSSL_FAILURE; 47193 } 47194 47195 ret = CheckHostName(&dCert, (char *)chk, chklen); 47196 FreeDecodedCert(&dCert); 47197 if (ret != 0) 47198 return WOLFSSL_FAILURE; 47199 return WOLFSSL_SUCCESS; 47200 } 47201 47202 47203 int wolfSSL_X509_check_ip_asc(WOLFSSL_X509 *x, const char *ipasc, 47204 unsigned int flags) 47205 { 47206 int ret = WOLFSSL_FAILURE; 47207 DecodedCert dCert; 47208 47209 WOLFSSL_ENTER("wolfSSL_X509_check_ip_asc"); 47210 47211 /* flags not yet implemented */ 47212 (void)flags; 47213 47214 if ((x == NULL) || (x->derCert == NULL) || (ipasc == NULL)) { 47215 WOLFSSL_MSG("Invalid parameter"); 47216 } 47217 else { 47218 ret = WOLFSSL_SUCCESS; 47219 } 47220 47221 if (ret == WOLFSSL_SUCCESS) { 47222 InitDecodedCert(&dCert, x->derCert->buffer, x->derCert->length, NULL); 47223 ret = ParseCertRelative(&dCert, CERT_TYPE, 0, NULL); 47224 if (ret != 0) { 47225 ret = WOLFSSL_FAILURE; 47226 } 47227 else { 47228 ret = CheckIPAddr(&dCert, ipasc); 47229 if (ret != 0) { 47230 ret = WOLFSSL_FAILURE; 47231 } 47232 else { 47233 ret = WOLFSSL_SUCCESS; 47234 } 47235 } 47236 FreeDecodedCert(&dCert); 47237 } 47238 47239 return ret; 47240 } 47241 #endif 47242 47243 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ 47244 || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) 42954 47245 42955 47246 int wolfSSL_X509_NAME_digest(const WOLFSSL_X509_NAME *name, … … 42962 47253 42963 47254 #if !defined(NO_FILESYSTEM) && !defined(NO_PWDBASED) 42964 return wolfSSL_EVP_Digest((unsigned char*)name-> fullName.fullName,42965 name-> fullName.fullNameLen, md, len, type, NULL);47255 return wolfSSL_EVP_Digest((unsigned char*)name->name, 47256 name->sz, md, len, type, NULL); 42966 47257 #else 42967 47258 (void)md; … … 43030 47321 } 43031 47322 47323 #ifndef NO_BIO 43032 47324 BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s) 43033 47325 { … … 43130 47422 #endif /* NO_SESSION_CACHE */ 43131 47423 43132 int wolfSSL_X509_check_host(X509 *x, const char *chk, size_t chklen, 43133 unsigned int flags, char **peername) 43134 { 43135 int ret; 43136 DecodedCert dCert; 43137 43138 WOLFSSL_ENTER("wolfSSL_X509_check_host"); 43139 43140 /* flags and peername not needed for Nginx. */ 43141 (void)flags; 43142 (void)peername; 43143 43144 if (flags == WOLFSSL_NO_WILDCARDS) { 43145 WOLFSSL_MSG("X509_CHECK_FLAG_NO_WILDCARDS not yet implemented"); 47424 int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1, 47425 char *buf, int size) 47426 { 47427 int readNextLine; 47428 int lineLen; 47429 int len; 47430 byte isNumCheck; 47431 word32 outLen; 47432 const int extraTagSz = MAX_LENGTH_SZ + 1; 47433 byte intTag[MAX_LENGTH_SZ + 1]; 47434 int idx = 0; 47435 47436 WOLFSSL_ENTER("wolfSSL_a2i_ASN1_INTEGER"); 47437 47438 if (!bio || !asn1 || !buf || size <= 0) { 47439 WOLFSSL_MSG("Bad parameter"); 43146 47440 return WOLFSSL_FAILURE; 43147 47441 } 43148 47442 43149 InitDecodedCert(&dCert, x->derCert->buffer, x->derCert->length, NULL); 43150 ret = ParseCertRelative(&dCert, CERT_TYPE, 0, NULL); 43151 if (ret != 0) { 43152 FreeDecodedCert(&dCert); 43153 return WOLFSSL_FAILURE; 43154 } 43155 43156 ret = CheckHostName(&dCert, (char *)chk, chklen); 43157 FreeDecodedCert(&dCert); 43158 if (ret != 0) 43159 return WOLFSSL_FAILURE; 47443 /* Reset asn1 */ 47444 if (asn1->isDynamic && asn1->data) { 47445 XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL); 47446 asn1->isDynamic = 0; 47447 } 47448 XMEMSET(asn1->intData, 0, sizeof(WOLFSSL_ASN1_INTEGER)); 47449 asn1->data = asn1->intData; 47450 asn1->length = 0; 47451 asn1->negative = 0; 47452 asn1->type = V_ASN1_INTEGER; 47453 47454 lineLen = wolfSSL_BIO_gets(bio, buf, size); 47455 do { 47456 readNextLine = 0; 47457 if (lineLen <= 0) { 47458 WOLFSSL_MSG("wolfSSL_BIO_gets error"); 47459 return WOLFSSL_FAILURE; 47460 } 47461 while (lineLen && (buf[lineLen-1] == '\n' || buf[lineLen-1] == '\r')) 47462 lineLen--; 47463 if (buf[lineLen-1] == '\\') 47464 readNextLine = 1; 47465 /* Ignore none-hex chars at the end of the line */ 47466 outLen = 1; 47467 while (lineLen && Base16_Decode((byte*)buf + lineLen - 1, 1, 47468 &isNumCheck, &outLen) == ASN_INPUT_E) 47469 lineLen--; 47470 if (!lineLen || lineLen % 2) { 47471 WOLFSSL_MSG("Invalid line length"); 47472 return WOLFSSL_FAILURE; 47473 } 47474 len = asn1->length + (lineLen/2); 47475 /* Check if it will fit in static memory and 47476 * save space for the ASN tag in front */ 47477 if (len > (int)(sizeof(asn1->intData) - extraTagSz)) { 47478 /* Allocate mem for data */ 47479 if (asn1->isDynamic) { 47480 byte* tmp = (byte*)XREALLOC(asn1->data, len + extraTagSz, NULL, 47481 DYNAMIC_TYPE_OPENSSL); 47482 if (!tmp) { 47483 WOLFSSL_MSG("realloc error"); 47484 return WOLFSSL_FAILURE; 47485 } 47486 asn1->data = tmp; 47487 } 47488 else { 47489 asn1->data = (byte*)XMALLOC(len + extraTagSz, NULL, 47490 DYNAMIC_TYPE_OPENSSL); 47491 if (!asn1->data) { 47492 WOLFSSL_MSG("malloc error"); 47493 return WOLFSSL_FAILURE; 47494 } 47495 XMEMCPY(asn1->data, asn1->intData, asn1->length); 47496 } 47497 } 47498 len = lineLen/2; 47499 if (Base16_Decode((byte*)buf, lineLen, asn1->data + asn1->length, 47500 (word32*)&len) != 0) { 47501 WOLFSSL_MSG("Base16_Decode error"); 47502 return WOLFSSL_FAILURE; 47503 } 47504 asn1->length += len; 47505 } while (readNextLine); 47506 47507 /* Write ASN tag */ 47508 idx = SetASNInt(asn1->length, asn1->data[0], intTag); 47509 XMEMMOVE(asn1->data + idx, asn1->data, asn1->length); 47510 XMEMCPY(asn1->data, intTag, idx); 47511 asn1->dataMax = asn1->length += idx; 47512 43160 47513 return WOLFSSL_SUCCESS; 43161 47514 } … … 43163 47516 int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) 43164 47517 { 43165 static char num[16] = { '0', '1', '2', '3', '4', '5', '6', '7', 43166 '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; 43167 int i; 43168 word32 j; 43169 word32 len = 0; 47518 word32 idx = 1; 47519 int len = 0; 47520 byte buf[512]; 47521 word32 bufLen = 512; 43170 47522 43171 47523 WOLFSSL_ENTER("wolfSSL_i2a_ASN1_INTEGER"); … … 43175 47527 43176 47528 /* Skip ASN.1 INTEGER (type) byte. */ 43177 i = 1; 43178 /* When indefinite length, can't determine length with data available. */ 43179 if (a->data[i] == 0x80) 47529 if (a->data[idx] == 0x80 || /* Indefinite length, can't determine length */ 47530 GetLength(a->data, &idx, &len, a->length) < 0) { 43180 47531 return 0; 43181 /* One length byte if less than 0x80. */43182 if (a->data[i] < 0x80)43183 len = a->data[i++];43184 /* Multiple length byte if greater than 0x80. */43185 else if (a->data[i] > 0x80) {43186 switch (a->data[i++] - 0x80) {43187 case 4:43188 len |= a->data[i++] << 24;43189 FALL_THROUGH;43190 case 3:43191 len |= a->data[i++] << 16;43192 FALL_THROUGH;43193 case 2:43194 len |= a->data[i++] << 8;43195 FALL_THROUGH;43196 case 1:43197 len |= a->data[i++];43198 break;43199 default:43200 /* Not supporting greater than 4 bytes of length. */43201 return 0;43202 }43203 47532 } 43204 47533 … … 43209 47538 } 43210 47539 43211 /* Don't do negative - just write out every byte. */ 43212 for (j = 0; j < len; i++,j++) { 43213 wolfSSL_BIO_write(bp, &num[a->data[i] >> 4], 1); 43214 wolfSSL_BIO_write(bp, &num[a->data[i] & 0xf], 1); 43215 } 43216 43217 /* Two nibbles written for each byte. */ 43218 return len * 2; 43219 } 47540 if (Base16_Encode(a->data + idx, len, buf, &bufLen) != 0 || 47541 bufLen <= 0) { 47542 return 0; 47543 } 47544 47545 return wolfSSL_BIO_write(bp, buf, bufLen - 1); /* Don't write out NULL char */ 47546 } 47547 #endif /* !NO_BIO */ 43220 47548 43221 47549 … … 43344 47672 return WOLFSSL_SUCCESS; 43345 47673 } 47674 43346 47675 #endif /* HAVE_SESSION_TICKET */ 43347 47676 43348 47677 #endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || 43349 47678 OPENSSL_EXTRA || HAVE_LIGHTY */ 47679 47680 #if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ 47681 !defined(NO_WOLFSSL_SERVER) 47682 /* Serialize the session ticket encryption keys. 47683 * 47684 * @param [in] ctx SSL/TLS context object. 47685 * @param [in] keys Buffer to hold session ticket keys. 47686 * @param [in] keylen Length of buffer. 47687 * @return WOLFSSL_SUCCESS on success. 47688 * @return WOLFSSL_FAILURE when ctx is NULL, keys is NULL or keylen is not the 47689 * correct length. 47690 */ 47691 long wolfSSL_CTX_get_tlsext_ticket_keys(WOLFSSL_CTX *ctx, 47692 unsigned char *keys, int keylen) 47693 { 47694 if (ctx == NULL || keys == NULL) { 47695 return WOLFSSL_FAILURE; 47696 } 47697 if (keylen != WOLFSSL_TICKET_KEYS_SZ) { 47698 return WOLFSSL_FAILURE; 47699 } 47700 47701 XMEMCPY(keys, ctx->ticketKeyCtx.name, WOLFSSL_TICKET_NAME_SZ); 47702 keys += WOLFSSL_TICKET_NAME_SZ; 47703 XMEMCPY(keys, ctx->ticketKeyCtx.key[0], WOLFSSL_TICKET_KEY_SZ); 47704 keys += WOLFSSL_TICKET_KEY_SZ; 47705 XMEMCPY(keys, ctx->ticketKeyCtx.key[1], WOLFSSL_TICKET_KEY_SZ); 47706 keys += WOLFSSL_TICKET_KEY_SZ; 47707 c32toa(ctx->ticketKeyCtx.expirary[0], keys); 47708 keys += OPAQUE32_LEN; 47709 c32toa(ctx->ticketKeyCtx.expirary[1], keys); 47710 47711 return WOLFSSL_SUCCESS; 47712 } 47713 47714 /* Deserialize the session ticket encryption keys. 47715 * 47716 * @param [in] ctx SSL/TLS context object. 47717 * @param [in] keys Session ticket keys. 47718 * @param [in] keylen Length of data. 47719 * @return WOLFSSL_SUCCESS on success. 47720 * @return WOLFSSL_FAILURE when ctx is NULL, keys is NULL or keylen is not the 47721 * correct length. 47722 */ 47723 long wolfSSL_CTX_set_tlsext_ticket_keys(WOLFSSL_CTX *ctx, 47724 unsigned char *keys, int keylen) 47725 { 47726 if (ctx == NULL || keys == NULL) { 47727 return WOLFSSL_FAILURE; 47728 } 47729 if (keylen != WOLFSSL_TICKET_KEYS_SZ) { 47730 return WOLFSSL_FAILURE; 47731 } 47732 47733 XMEMCPY(ctx->ticketKeyCtx.name, keys, WOLFSSL_TICKET_NAME_SZ); 47734 keys += WOLFSSL_TICKET_NAME_SZ; 47735 XMEMCPY(ctx->ticketKeyCtx.key[0], keys, WOLFSSL_TICKET_KEY_SZ); 47736 keys += WOLFSSL_TICKET_KEY_SZ; 47737 XMEMCPY(ctx->ticketKeyCtx.key[1], keys, WOLFSSL_TICKET_KEY_SZ); 47738 keys += WOLFSSL_TICKET_KEY_SZ; 47739 ato32(keys, &ctx->ticketKeyCtx.expirary[0]); 47740 keys += OPAQUE32_LEN; 47741 ato32(keys, &ctx->ticketKeyCtx.expirary[1]); 47742 47743 return WOLFSSL_SUCCESS; 47744 } 47745 #endif 43350 47746 43351 47747 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) … … 43374 47770 } 43375 47771 #endif /* OCSP */ 43376 #endif /* OPENSSL_ALL / WOLFSSL_NGINX / WOLFSSL_HAPROXY */ 47772 #endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 47773 47774 #if defined(HAVE_OCSP) && !defined(NO_ASN_TIME) 47775 int wolfSSL_get_ocsp_producedDate( 47776 WOLFSSL *ssl, 47777 byte *producedDate, 47778 size_t producedDate_space, 47779 int *producedDateFormat) 47780 { 47781 if ((ssl->ocspProducedDateFormat != ASN_UTC_TIME) && 47782 (ssl->ocspProducedDateFormat != ASN_GENERALIZED_TIME)) 47783 return BAD_FUNC_ARG; 47784 47785 if ((producedDate == NULL) || (producedDateFormat == NULL)) 47786 return BAD_FUNC_ARG; 47787 47788 if (XSTRLEN((char *)ssl->ocspProducedDate) >= producedDate_space) 47789 return BUFFER_E; 47790 47791 XSTRNCPY((char *)producedDate, (const char *)ssl->ocspProducedDate, producedDate_space); 47792 *producedDateFormat = ssl->ocspProducedDateFormat; 47793 47794 return 0; 47795 } 47796 47797 int wolfSSL_get_ocsp_producedDate_tm(WOLFSSL *ssl, struct tm *produced_tm) { 47798 int idx = 0; 47799 47800 if ((ssl->ocspProducedDateFormat != ASN_UTC_TIME) && 47801 (ssl->ocspProducedDateFormat != ASN_GENERALIZED_TIME)) 47802 return BAD_FUNC_ARG; 47803 47804 if (produced_tm == NULL) 47805 return BAD_FUNC_ARG; 47806 47807 if (ExtractDate(ssl->ocspProducedDate, ssl->ocspProducedDateFormat, produced_tm, &idx)) 47808 return 0; 47809 else 47810 return ASN_PARSE_E; 47811 } 47812 #endif 47813 43377 47814 43378 47815 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ … … 43595 48032 } 43596 48033 43597 WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x) 43598 { 43599 return wolfSSL_X509_d2i(NULL, x->derCert->buffer, x->derCert->length); 43600 } 43601 43602 char* wolfSSL_sk_WOLFSSL_STRING_value(WOLF_STACK_OF(WOLFSSL_STRING)* strings, 48034 WOLF_STACK_OF(WOLFSSL_STRING)* wolfSSL_sk_WOLFSSL_STRING_new(void) 48035 { 48036 WOLF_STACK_OF(WOLFSSL_STRING)* ret = wolfSSL_sk_new_node(NULL); 48037 48038 if (ret) { 48039 ret->type = STACK_TYPE_STRING; 48040 } 48041 48042 return ret; 48043 } 48044 48045 void wolfSSL_sk_WOLFSSL_STRING_free(WOLF_STACK_OF(WOLFSSL_STRING)* sk) 48046 { 48047 WOLFSSL_STACK* tmp; 48048 WOLFSSL_ENTER("wolfSSL_sk_WOLFSSL_STRING_free"); 48049 48050 if (sk == NULL) 48051 return; 48052 48053 /* parse through stack freeing each node */ 48054 while (sk) { 48055 tmp = sk->next; 48056 XFREE(sk->data.string, NULL, DYNAMIC_TYPE_OPENSSL); 48057 XFREE(sk, NULL, DYNAMIC_TYPE_OPENSSL); 48058 sk = tmp; 48059 } 48060 } 48061 48062 WOLFSSL_STRING wolfSSL_sk_WOLFSSL_STRING_value(WOLF_STACK_OF(WOLFSSL_STRING)* strings, 43603 48063 int idx) 43604 48064 { … … 43609 48069 return strings->data.string; 43610 48070 } 48071 48072 int wolfSSL_sk_WOLFSSL_STRING_num(WOLF_STACK_OF(WOLFSSL_STRING)* strings) 48073 { 48074 if (strings) 48075 return (int)strings->num; 48076 return 0; 48077 } 43611 48078 #endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || OPENSSL_ALL */ 43612 48079 43613 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 48080 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) 48081 WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x) 48082 { 48083 WOLFSSL_ENTER("wolfSSL_X509_dup"); 48084 48085 if (x == NULL) { 48086 WOLFSSL_MSG("Error: NULL certificate passed in"); 48087 return NULL; 48088 } 48089 48090 return wolfSSL_X509_d2i(NULL, x->derCert->buffer, x->derCert->length); 48091 } 48092 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ 48093 48094 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ 48095 defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) 43614 48096 #ifdef HAVE_ALPN 43615 48097 void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, const unsigned char **data, … … 43822 48304 * cb callback to use 43823 48305 * 43824 * return SSL_SUCCESS on success and SSL_FAILURE with error case48306 * return WOLFSSL_SUCCESS on success and SSL_FAILURE with error case 43825 48307 */ 43826 48308 int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb) … … 43837 48319 43838 48320 ssl->protoMsgCb = cb; 43839 return SSL_SUCCESS;48321 return WOLFSSL_SUCCESS; 43840 48322 } 43841 48323 #ifndef NO_WOLFSSL_STUB … … 43873 48355 } 43874 48356 return XMEMCPY(ret, data, siz); 48357 } 48358 48359 void wolfSSL_OPENSSL_cleanse(void *ptr, size_t len) 48360 { 48361 if (ptr) 48362 ForceZero(ptr, (word32)len); 43875 48363 } 43876 48364 … … 43890 48378 ctx->alpn_cli_protos_len = p_len; 43891 48379 43892 return SSL_SUCCESS;48380 return WOLFSSL_SUCCESS; 43893 48381 } 43894 48382 43895 48383 43896 48384 #ifdef HAVE_ALPN 48385 #ifndef NO_BIO 43897 48386 /* Sets the ALPN extension protos 43898 48387 * … … 43952 48441 return WOLFSSL_SUCCESS; 43953 48442 } 48443 #endif /* !NO_BIO */ 43954 48444 #endif /* HAVE_ALPN */ 43955 48445 #endif 43956 48446 43957 #endif /* WOLFCRYPT_ONLY */43958 43959 48447 #if defined(OPENSSL_EXTRA) 43960 48448 48449 #ifndef NO_BIO 43961 48450 #define WOLFSSL_BIO_INCLUDED 43962 48451 #include "src/bio.c" 48452 #endif 48453 48454 word32 nid2oid(int nid, int grp) 48455 { 48456 /* get OID type */ 48457 switch (grp) { 48458 /* oidHashType */ 48459 case oidHashType: 48460 switch (nid) { 48461 #ifdef WOLFSSL_MD2 48462 case NID_md2: 48463 return MD2h; 48464 #endif 48465 #ifndef NO_MD5 48466 case NID_md5: 48467 return MD5h; 48468 #endif 48469 #ifndef NO_SHA 48470 case NID_sha1: 48471 return SHAh; 48472 #endif 48473 case NID_sha224: 48474 return SHA224h; 48475 #ifndef NO_SHA256 48476 case NID_sha256: 48477 return SHA256h; 48478 #endif 48479 #ifdef WOLFSSL_SHA384 48480 case NID_sha384: 48481 return SHA384h; 48482 #endif 48483 #ifdef WOLFSSL_SHA512 48484 case NID_sha512: 48485 return SHA512h; 48486 #endif 48487 } 48488 break; 48489 48490 /* oidSigType */ 48491 case oidSigType: 48492 switch (nid) { 48493 #ifndef NO_DSA 48494 case CTC_SHAwDSA: 48495 return CTC_SHAwDSA; 48496 #endif /* NO_DSA */ 48497 #ifndef NO_RSA 48498 case CTC_MD2wRSA: 48499 return CTC_MD2wRSA; 48500 case CTC_MD5wRSA: 48501 return CTC_MD5wRSA; 48502 case CTC_SHAwRSA: 48503 return CTC_SHAwRSA; 48504 case CTC_SHA224wRSA: 48505 return CTC_SHA224wRSA; 48506 case CTC_SHA256wRSA: 48507 return CTC_SHA256wRSA; 48508 case CTC_SHA384wRSA: 48509 return CTC_SHA384wRSA; 48510 case CTC_SHA512wRSA: 48511 return CTC_SHA512wRSA; 48512 #endif /* NO_RSA */ 48513 #ifdef HAVE_ECC 48514 case CTC_SHAwECDSA: 48515 return CTC_SHAwECDSA; 48516 case CTC_SHA224wECDSA: 48517 return CTC_SHA224wECDSA; 48518 case CTC_SHA256wECDSA: 48519 return CTC_SHA256wECDSA; 48520 case CTC_SHA384wECDSA: 48521 return CTC_SHA384wECDSA; 48522 case CTC_SHA512wECDSA: 48523 return CTC_SHA512wECDSA; 48524 #endif /* HAVE_ECC */ 48525 } 48526 break; 48527 48528 /* oidKeyType */ 48529 case oidKeyType: 48530 switch (nid) { 48531 #ifndef NO_DSA 48532 case DSAk: 48533 return DSAk; 48534 #endif /* NO_DSA */ 48535 #ifndef NO_RSA 48536 case RSAk: 48537 return RSAk; 48538 #endif /* NO_RSA */ 48539 #ifdef HAVE_NTRU 48540 case NTRUk: 48541 return NTRUk; 48542 #endif /* HAVE_NTRU */ 48543 #ifdef HAVE_ECC 48544 case ECDSAk: 48545 return ECDSAk; 48546 #endif /* HAVE_ECC */ 48547 } 48548 break; 48549 48550 48551 #ifdef HAVE_ECC 48552 case oidCurveType: 48553 switch (nid) { 48554 case NID_X9_62_prime192v1: 48555 return ECC_SECP192R1_OID; 48556 case NID_X9_62_prime192v2: 48557 return ECC_PRIME192V2_OID; 48558 case NID_X9_62_prime192v3: 48559 return ECC_PRIME192V3_OID; 48560 case NID_X9_62_prime239v1: 48561 return ECC_PRIME239V1_OID; 48562 case NID_X9_62_prime239v2: 48563 return ECC_PRIME239V2_OID; 48564 case NID_X9_62_prime239v3: 48565 return ECC_PRIME239V3_OID; 48566 case NID_X9_62_prime256v1: 48567 return ECC_SECP256R1_OID; 48568 case NID_secp112r1: 48569 return ECC_SECP112R1_OID; 48570 case NID_secp112r2: 48571 return ECC_SECP112R2_OID; 48572 case NID_secp128r1: 48573 return ECC_SECP128R1_OID; 48574 case NID_secp128r2: 48575 return ECC_SECP128R2_OID; 48576 case NID_secp160r1: 48577 return ECC_SECP160R1_OID; 48578 case NID_secp160r2: 48579 return ECC_SECP160R2_OID; 48580 case NID_secp224r1: 48581 return ECC_SECP224R1_OID; 48582 case NID_secp384r1: 48583 return ECC_SECP384R1_OID; 48584 case NID_secp521r1: 48585 return ECC_SECP521R1_OID; 48586 case NID_secp160k1: 48587 return ECC_SECP160K1_OID; 48588 case NID_secp192k1: 48589 return ECC_SECP192K1_OID; 48590 case NID_secp224k1: 48591 return ECC_SECP224K1_OID; 48592 case NID_secp256k1: 48593 return ECC_SECP256K1_OID; 48594 case NID_brainpoolP160r1: 48595 return ECC_BRAINPOOLP160R1_OID; 48596 case NID_brainpoolP192r1: 48597 return ECC_BRAINPOOLP192R1_OID; 48598 case NID_brainpoolP224r1: 48599 return ECC_BRAINPOOLP224R1_OID; 48600 case NID_brainpoolP256r1: 48601 return ECC_BRAINPOOLP256R1_OID; 48602 case NID_brainpoolP320r1: 48603 return ECC_BRAINPOOLP320R1_OID; 48604 case NID_brainpoolP384r1: 48605 return ECC_BRAINPOOLP384R1_OID; 48606 case NID_brainpoolP512r1: 48607 return ECC_BRAINPOOLP512R1_OID; 48608 } 48609 break; 48610 #endif /* HAVE_ECC */ 48611 48612 /* oidBlkType */ 48613 case oidBlkType: 48614 switch (nid) { 48615 #ifdef WOLFSSL_AES_128 48616 case AES128CBCb: 48617 return AES128CBCb; 48618 #endif 48619 #ifdef WOLFSSL_AES_192 48620 case AES192CBCb: 48621 return AES192CBCb; 48622 #endif 48623 #ifdef WOLFSSL_AES_256 48624 case AES256CBCb: 48625 return AES256CBCb; 48626 #endif 48627 #ifndef NO_DES3 48628 case NID_des: 48629 return DESb; 48630 case NID_des3: 48631 return DES3b; 48632 #endif 48633 } 48634 break; 48635 48636 #ifdef HAVE_OCSP 48637 case oidOcspType: 48638 switch (nid) { 48639 case NID_id_pkix_OCSP_basic: 48640 return OCSP_BASIC_OID; 48641 case OCSP_NONCE_OID: 48642 return OCSP_NONCE_OID; 48643 } 48644 break; 48645 #endif /* HAVE_OCSP */ 48646 48647 /* oidCertExtType */ 48648 case oidCertExtType: 48649 switch (nid) { 48650 case BASIC_CA_OID: 48651 return BASIC_CA_OID; 48652 case ALT_NAMES_OID: 48653 return ALT_NAMES_OID; 48654 case CRL_DIST_OID: 48655 return CRL_DIST_OID; 48656 case AUTH_INFO_OID: 48657 return AUTH_INFO_OID; 48658 case AUTH_KEY_OID: 48659 return AUTH_KEY_OID; 48660 case SUBJ_KEY_OID: 48661 return SUBJ_KEY_OID; 48662 case INHIBIT_ANY_OID: 48663 return INHIBIT_ANY_OID; 48664 case NID_key_usage: 48665 return KEY_USAGE_OID; 48666 case NID_name_constraints: 48667 return NAME_CONS_OID; 48668 case NID_certificate_policies: 48669 return CERT_POLICY_OID; 48670 } 48671 break; 48672 48673 /* oidCertAuthInfoType */ 48674 case oidCertAuthInfoType: 48675 switch (nid) { 48676 case AIA_OCSP_OID: 48677 return AIA_OCSP_OID; 48678 case AIA_CA_ISSUER_OID: 48679 return AIA_CA_ISSUER_OID; 48680 } 48681 break; 48682 48683 /* oidCertPolicyType */ 48684 case oidCertPolicyType: 48685 switch (nid) { 48686 case NID_any_policy: 48687 return CP_ANY_OID; 48688 } 48689 break; 48690 48691 /* oidCertAltNameType */ 48692 case oidCertAltNameType: 48693 switch (nid) { 48694 case NID_hw_name_oid: 48695 return HW_NAME_OID; 48696 } 48697 break; 48698 48699 /* oidCertKeyUseType */ 48700 case oidCertKeyUseType: 48701 switch (nid) { 48702 case NID_anyExtendedKeyUsage: 48703 return EKU_ANY_OID; 48704 case EKU_SERVER_AUTH_OID: 48705 return EKU_SERVER_AUTH_OID; 48706 case EKU_CLIENT_AUTH_OID: 48707 return EKU_CLIENT_AUTH_OID; 48708 case EKU_OCSP_SIGN_OID: 48709 return EKU_OCSP_SIGN_OID; 48710 } 48711 break; 48712 48713 /* oidKdfType */ 48714 case oidKdfType: 48715 switch (nid) { 48716 case PBKDF2_OID: 48717 return PBKDF2_OID; 48718 } 48719 break; 48720 48721 /* oidPBEType */ 48722 case oidPBEType: 48723 switch (nid) { 48724 case PBE_SHA1_RC4_128: 48725 return PBE_SHA1_RC4_128; 48726 case PBE_SHA1_DES: 48727 return PBE_SHA1_DES; 48728 case PBE_SHA1_DES3: 48729 return PBE_SHA1_DES3; 48730 } 48731 break; 48732 48733 /* oidKeyWrapType */ 48734 case oidKeyWrapType: 48735 switch (nid) { 48736 #ifdef WOLFSSL_AES_128 48737 case AES128_WRAP: 48738 return AES128_WRAP; 48739 #endif 48740 #ifdef WOLFSSL_AES_192 48741 case AES192_WRAP: 48742 return AES192_WRAP; 48743 #endif 48744 #ifdef WOLFSSL_AES_256 48745 case AES256_WRAP: 48746 return AES256_WRAP; 48747 #endif 48748 } 48749 break; 48750 48751 /* oidCmsKeyAgreeType */ 48752 case oidCmsKeyAgreeType: 48753 switch (nid) { 48754 #ifndef NO_SHA 48755 case dhSinglePass_stdDH_sha1kdf_scheme: 48756 return dhSinglePass_stdDH_sha1kdf_scheme; 48757 #endif 48758 #ifdef WOLFSSL_SHA224 48759 case dhSinglePass_stdDH_sha224kdf_scheme: 48760 return dhSinglePass_stdDH_sha224kdf_scheme; 48761 #endif 48762 #ifndef NO_SHA256 48763 case dhSinglePass_stdDH_sha256kdf_scheme: 48764 return dhSinglePass_stdDH_sha256kdf_scheme; 48765 #endif 48766 #ifdef WOLFSSL_SHA384 48767 case dhSinglePass_stdDH_sha384kdf_scheme: 48768 return dhSinglePass_stdDH_sha384kdf_scheme; 48769 #endif 48770 #ifdef WOLFSSL_SHA512 48771 case dhSinglePass_stdDH_sha512kdf_scheme: 48772 return dhSinglePass_stdDH_sha512kdf_scheme; 48773 #endif 48774 } 48775 break; 48776 48777 default: 48778 WOLFSSL_MSG("NID not in table"); 48779 /* MSVC warns without the cast */ 48780 return (word32)-1; 48781 } 48782 48783 /* MSVC warns without the cast */ 48784 return (word32)-1; 48785 } 43963 48786 43964 48787 int oid2nid(word32 oid, int grp) 43965 48788 { 48789 size_t i; 43966 48790 /* get OID type */ 43967 48791 switch (grp) { … … 44004 48828 case CTC_SHAwDSA: 44005 48829 return CTC_SHAwDSA; 48830 case CTC_SHA256wDSA: 48831 return CTC_SHA256wDSA; 44006 48832 #endif /* NO_DSA */ 44007 48833 #ifndef NO_RSA … … 44285 49111 break; 44286 49112 49113 #ifdef WOLFSSL_CERT_REQ 49114 case oidCsrAttrType: 49115 switch (oid) { 49116 case CHALLENGE_PASSWORD_OID: 49117 return NID_pkcs9_challengePassword; 49118 case SERIAL_NUMBER_OID: 49119 return NID_serialNumber; 49120 } 49121 break; 49122 #endif 49123 44287 49124 default: 44288 49125 WOLFSSL_MSG("NID not in table"); 44289 return -1; 49126 } 49127 /* If not found in above switch then try the table */ 49128 for (i = 0; i < WOLFSSL_OBJECT_INFO_SZ; i++) { 49129 if (wolfssl_object_info[i].id == (int)oid) { 49130 return wolfssl_object_info[i].nid; 49131 } 44290 49132 } 44291 49133 … … 44307 49149 } 44308 49150 44309 if (mpi == NULL || (mp_init(mpi) != MP_OKAY)) {49151 if (mpi == NULL) { 44310 49152 WOLFSSL_MSG("mpi NULL error"); 44311 49153 return WOLFSSL_FATAL_ERROR; … … 44338 49180 if (ret != 0) { 44339 49181 #ifdef WOLFSSL_QT 44340 mp_init(&mpi); /* must init mpi */ 49182 ret = mp_init(&mpi); /* must init mpi */ 49183 if (ret != MP_OKAY) { 49184 return NULL; 49185 } 44341 49186 /* Serial number in QT starts at index 0 of data */ 44342 49187 if (mp_read_unsigned_bin(&mpi, (byte*)ai->data, ai->length) != 0) { … … 44486 49331 44487 49332 44488 /* SSL_SUCCESS on ok */49333 /* WOLFSSL_SUCCESS on ok */ 44489 49334 #ifndef NO_WOLFSSL_STUB 44490 49335 int wolfSSL_RSA_blinding_on(WOLFSSL_RSA* rsa, WOLFSSL_BN_CTX* bn) … … 44550 49395 if (rsa->inSet == 0) 44551 49396 { 44552 if (SetRsaInternal(rsa) != SSL_SUCCESS) {49397 if (SetRsaInternal(rsa) != WOLFSSL_SUCCESS) { 44553 49398 WOLFSSL_MSG("SetRsaInternal failed"); 44554 49399 return 0; … … 44642 49487 if (rsa->inSet == 0) 44643 49488 { 44644 if (SetRsaInternal(rsa) != SSL_SUCCESS) {49489 if (SetRsaInternal(rsa) != WOLFSSL_SUCCESS) { 44645 49490 WOLFSSL_MSG("SetRsaInternal failed"); 44646 49491 return 0; … … 44676 49521 } 44677 49522 44678 #if !defined(_WIN32) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) 49523 #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ 49524 (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) 44679 49525 int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from, 44680 49526 unsigned char* to, WOLFSSL_RSA* rsa, int padding) … … 44728 49574 return tlen; 44729 49575 } 44730 #endif /* !defined( _WIN32) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) */49576 #endif /* !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) */ 44731 49577 44732 49578 /* RSA private encrypt calls wc_RsaSSL_Sign. Similar function set up as RSA … … 44765 49611 WOLFSSL_MSG("Setting internal RSA structure"); 44766 49612 44767 if (SetRsaInternal(rsa) != SSL_SUCCESS) {49613 if (SetRsaInternal(rsa) != WOLFSSL_SUCCESS) { 44768 49614 WOLFSSL_MSG("SetRsaInternal failed"); 44769 49615 return 0; … … 44921 49767 if ((ret = mp_mulmod((mp_int*)a->internal,(mp_int*)p->internal, 44922 49768 (mp_int*)m->internal, (mp_int*)r->internal)) == MP_OKAY) { 44923 return SSL_SUCCESS;49769 return WOLFSSL_SUCCESS; 44924 49770 } 44925 49771 … … 44930 49776 } 44931 49777 44932 #ifdef OPENSSL_EXTRA44933 49778 const WOLFSSL_BIGNUM* wolfSSL_BN_value_one(void) 44934 49779 { … … 44948 49793 return bn_one; 44949 49794 } 44950 #endif44951 49795 44952 49796 /* return compliant with OpenSSL … … 45031 49875 int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w) 45032 49876 { 45033 WOLFSSL_ ENTER("wolfSSL_BN_is_word");49877 WOLFSSL_MSG("wolfSSL_BN_is_word"); 45034 49878 45035 49879 if (bn == NULL || bn->internal == NULL) { … … 45038 49882 } 45039 49883 45040 if (mp_isword((mp_int*)bn->internal, w) == MP_YES) { 45041 return WOLFSSL_SUCCESS; 49884 if (w <= MP_MASK) { 49885 if (mp_isword((mp_int*)bn->internal, (mp_digit)w) == MP_YES) { 49886 return WOLFSSL_SUCCESS; 49887 } 49888 } else { 49889 int ret; 49890 mp_int w_mp; 49891 if (mp_init(&w_mp) != MP_OKAY) 49892 return WOLFSSL_FAILURE; 49893 if (mp_set_int(&w_mp, w) != MP_OKAY) 49894 return WOLFSSL_FAILURE; 49895 ret = mp_cmp((mp_int *)bn->internal, &w_mp); 49896 mp_free(&w_mp); 49897 if (ret == MP_EQ) 49898 return WOLFSSL_SUCCESS; 45042 49899 } 45043 49900 … … 45473 50330 * 1 if success, 0 else 45474 50331 */ 45475 int wolfSSL_BN_set_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONGw)50332 int wolfSSL_BN_set_word(WOLFSSL_BIGNUM* bn, unsigned long w) 45476 50333 { 45477 50334 WOLFSSL_MSG("wolfSSL_BN_set_word"); … … 45490 50347 } 45491 50348 50349 static WOLFSSL_BN_ULONG wolfSSL_BN_get_word_1(mp_int *mp) { 50350 #if DIGIT_BIT == (SIZEOF_LONG * 8) 50351 return (WOLFSSL_BN_ULONG)mp->dp[0]; 50352 #else 50353 WOLFSSL_BN_ULONG ret = 0UL; 50354 int digit_i; 50355 50356 for (digit_i = 0; digit_i < mp->used; ++digit_i) { 50357 ret <<= (WOLFSSL_BN_ULONG)DIGIT_BIT; 50358 ret |= (WOLFSSL_BN_ULONG)mp->dp[digit_i]; 50359 } 50360 50361 return ret; 50362 #endif 50363 } 45492 50364 45493 50365 /* Returns the big number as an unsigned long if possible. … … 45497 50369 * Returns value or 0xFFFFFFFFL if bigger than unsigned long. 45498 50370 */ 45499 unsigned long wolfSSL_BN_get_word(const WOLFSSL_BIGNUM* bn) 45500 { 45501 mp_int* mp; 45502 50371 WOLFSSL_BN_ULONG wolfSSL_BN_get_word(const WOLFSSL_BIGNUM* bn) 50372 { 45503 50373 WOLFSSL_MSG("wolfSSL_BN_get_word"); 45504 50374 … … 45512 50382 return 0xFFFFFFFFL; 45513 50383 } 45514 mp = (mp_int*)bn->internal; 45515 45516 return (unsigned long)(mp->dp[0]); 50384 50385 return wolfSSL_BN_get_word_1((mp_int*)bn->internal); 45517 50386 } 45518 50387 … … 45627 50496 } 45628 50497 45629 if (mp_add_d((mp_int*)bn->internal, w, (mp_int*)bn->internal) != MP_OKAY) { 45630 WOLFSSL_MSG("mp_add_d error"); 45631 return WOLFSSL_FAILURE; 50498 if (w <= MP_MASK) { 50499 if (mp_add_d((mp_int*)bn->internal, (mp_digit)w, (mp_int*)bn->internal) != MP_OKAY) { 50500 WOLFSSL_MSG("mp_add_d error"); 50501 return WOLFSSL_FAILURE; 50502 } 50503 } else { 50504 int ret; 50505 mp_int w_mp; 50506 if (mp_init(&w_mp) != MP_OKAY) 50507 return WOLFSSL_FAILURE; 50508 if (mp_set_int(&w_mp, w) != MP_OKAY) 50509 return WOLFSSL_FAILURE; 50510 ret = mp_add((mp_int *)bn->internal, &w_mp, (mp_int *)bn->internal); 50511 mp_free(&w_mp); 50512 if (ret != MP_OKAY) { 50513 WOLFSSL_MSG("mp_add error"); 50514 return WOLFSSL_FAILURE; 50515 } 45632 50516 } 45633 50517 … … 45764 50648 } 45765 50649 45766 if (mp_mod_d((mp_int*)bn->internal, w, &ret) != MP_OKAY) { 45767 WOLFSSL_MSG("mp_add_d error"); 45768 return (WOLFSSL_BN_ULONG)WOLFSSL_FATAL_ERROR; 50650 if (w <= MP_MASK) { 50651 mp_digit bn_ret; 50652 if (mp_mod_d((mp_int*)bn->internal, (WOLFSSL_BN_ULONG)w, &bn_ret) != MP_OKAY) { 50653 WOLFSSL_MSG("mp_add_d error"); 50654 return (WOLFSSL_BN_ULONG)WOLFSSL_FATAL_ERROR; 50655 } 50656 ret = (WOLFSSL_BN_ULONG)bn_ret; 50657 } else { 50658 int mp_ret; 50659 mp_int w_mp, r_mp; 50660 if (mp_init(&w_mp) != MP_OKAY) 50661 return (unsigned long)WOLFSSL_FAILURE; 50662 if (mp_init(&r_mp) != MP_OKAY) 50663 return (unsigned long)WOLFSSL_FAILURE; 50664 if (mp_set_int(&w_mp, w) != MP_OKAY) 50665 return (unsigned long)WOLFSSL_FAILURE; 50666 mp_ret = mp_mod((mp_int *)bn->internal, &w_mp, &r_mp); 50667 ret = wolfSSL_BN_get_word_1(&r_mp); 50668 mp_free(&r_mp); 50669 mp_free(&w_mp); 50670 if (mp_ret != MP_OKAY) { 50671 WOLFSSL_MSG("mp_mod error"); 50672 return (WOLFSSL_BN_ULONG)WOLFSSL_FAILURE; 50673 } 45769 50674 } 45770 50675 … … 45789 50694 return NULL; 45790 50695 } 45791 len += 1; /* add one for null terminator */45792 50696 45793 50697 buf = (char*)XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); … … 45826 50730 } 45827 50731 45828 fprintf(fp, "%s", buf);50732 XFPRINTF(fp, "%s", buf); 45829 50733 XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL); 45830 50734 … … 45908 50812 #endif /* OPENSSL_EXTRA */ 45909 50813 #if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_ASN) 50814 #ifndef NO_BIO 45910 50815 static int unprintable_char(char c) 45911 50816 { … … 45940 50845 return str->length; 45941 50846 } 50847 #endif /* !NO_BIO */ 45942 50848 #endif /* (WOLFSSL_QT || OPENSSL_ALL) && !NO_ASN */ 45943 50849 … … 45977 50883 } 45978 50884 50885 #ifndef NO_BIO 45979 50886 static int check_esc_char(char c, char *esc) 45980 50887 { … … 46107 51014 return WOLFSSL_FAILURE; 46108 51015 } 51016 #endif /* !NO_BIO */ 46109 51017 46110 51018 #if !defined(NO_ASN_TIME) && !defined(USER_TIME) && !defined(TIME_OVERRIDES) 46111 WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_new(void) 46112 { 46113 WOLFSSL_ASN1_TIME* ret = (WOLFSSL_ASN1_TIME*) 46114 XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, DYNAMIC_TYPE_OPENSSL); 46115 if (!ret) 46116 return NULL; 46117 XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TIME)); 46118 return ret; 46119 } 46120 46121 void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t) 46122 { 46123 if (t) { 46124 XFREE(t, NULL, DYNAMIC_TYPE_OPENSSL); 46125 } 46126 } 51019 46127 51020 46128 51021 WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME *s, time_t t, … … 46210 51103 46211 51104 #ifndef NO_ASN_TIME 51105 51106 WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_new(void) 51107 { 51108 WOLFSSL_ASN1_TIME* ret = (WOLFSSL_ASN1_TIME*) 51109 XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, DYNAMIC_TYPE_OPENSSL); 51110 if (!ret) 51111 return NULL; 51112 XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TIME)); 51113 return ret; 51114 } 51115 51116 void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t) 51117 { 51118 if (t) { 51119 XFREE(t, NULL, DYNAMIC_TYPE_OPENSSL); 51120 } 51121 } 46212 51122 /* not a compatibility function - length getter for opaque type */ 46213 51123 int wolfSSL_ASN1_TIME_get_length(WOLFSSL_ASN1_TIME *t) … … 46388 51298 } 46389 51299 #endif /* !NO_CERTS */ 46390 51300 #endif /* OPENSSL_EXTRA */ 51301 51302 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 46391 51303 long wolfSSL_X509_get_version(const WOLFSSL_X509 *x509) 46392 51304 { … … 46405 51317 return 0L; 46406 51318 } 46407 46408 51319 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 51320 51321 #if defined(OPENSSL_EXTRA) 46409 51322 int wolfSSL_X509_get_signature_nid(const WOLFSSL_X509 *x) 46410 51323 { … … 46428 51341 if (rsa->inSet == 0) 46429 51342 { 46430 if (SetRsaInternal((WOLFSSL_RSA*)rsa) != SSL_SUCCESS) {51343 if (SetRsaInternal((WOLFSSL_RSA*)rsa) != WOLFSSL_SUCCESS) { 46431 51344 WOLFSSL_MSG("SetRsaInternal failed"); 46432 51345 return 0; … … 46802 51715 } 46803 51716 46804 if (ret != 0 && pkcs7 != NULL) 51717 if (ret != 0 && pkcs7 != NULL) { 46805 51718 XFREE(pkcs7, NULL, DYNAMIC_TYPE_PKCS7); 51719 pkcs7 = NULL; 51720 } 46806 51721 46807 51722 return (PKCS7*)pkcs7; … … 46838 51753 XFREE(p7->data, NULL, DYNAMIC_TYPE_PKCS7); 46839 51754 wc_PKCS7_Free(&p7->pkcs7); 51755 if (p7->certs) 51756 wolfSSL_sk_free(p7->certs); 46840 51757 XFREE(p7, NULL, DYNAMIC_TYPE_PKCS7); 46841 51758 } 46842 51759 } 51760 46843 51761 void wolfSSL_PKCS7_SIGNED_free(PKCS7_SIGNED* p7) 46844 51762 { … … 46846 51764 return; 46847 51765 } 51766 46848 51767 PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in, int len) 51768 { 51769 return wolfSSL_d2i_PKCS7_ex(p7, in, len, NULL, 0); 51770 } 51771 51772 /***************************************************************************** 51773 * wolfSSL_d2i_PKCS7_ex - Converts the given unsigned char buffer of size len 51774 * into a PKCS7 object. Optionally, accepts a byte buffer of content which 51775 * is stored as the PKCS7 object's content, to support detached signatures. 51776 * @param content The content which is signed, in case the signature is 51777 * detached. Ignored if NULL. 51778 * @param contentSz The size of the passed in content. 51779 * 51780 * RETURNS: 51781 * returns pointer to a PKCS7 structure on success, otherwise returns NULL 51782 */ 51783 PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len, 51784 byte* content, word32 contentSz) 46849 51785 { 46850 51786 WOLFSSL_PKCS7* pkcs7 = NULL; 46851 51787 word32 idx = 0; 46852 51788 46853 if (in == NULL) 51789 WOLFSSL_ENTER("wolfSSL_d2i_PKCS7_ex"); 51790 51791 if (in == NULL || *in == NULL) 46854 51792 return NULL; 46855 51793 … … 46869 51807 } 46870 51808 XMEMCPY(pkcs7->data, *in, pkcs7->len); 46871 *in += pkcs7->len; 51809 51810 if (content != NULL) { 51811 pkcs7->pkcs7.content = content; 51812 pkcs7->pkcs7.contentSz = contentSz; 51813 } 51814 if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len) != 0) { 51815 wolfSSL_PKCS7_free((PKCS7*)pkcs7); 51816 return NULL; 51817 } 46872 51818 46873 51819 if (p7 != NULL) 46874 51820 *p7 = (PKCS7*)pkcs7; 51821 *in += pkcs7->len; 46875 51822 return (PKCS7*)pkcs7; 46876 51823 } 46877 51824 51825 #ifndef NO_BIO 51826 46878 51827 PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7) 46879 51828 { 46880 51829 WOLFSSL_PKCS7* pkcs7; 51830 int ret; 51831 51832 WOLFSSL_ENTER("wolfSSL_d2i_PKCS7_bio"); 46881 51833 46882 51834 if (bio == NULL) … … 46886 51838 return NULL; 46887 51839 46888 pkcs7->len = wolfSSL_BIO_ pending(bio);51840 pkcs7->len = wolfSSL_BIO_get_len(bio); 46889 51841 pkcs7->data = (byte*)XMALLOC(pkcs7->len, NULL, DYNAMIC_TYPE_PKCS7); 46890 51842 if (pkcs7->data == NULL) { … … 46893 51845 } 46894 51846 46895 if ( wolfSSL_BIO_read(bio, pkcs7->data, pkcs7->len) != pkcs7->len) {51847 if ((ret = wolfSSL_BIO_read(bio, pkcs7->data, pkcs7->len)) <= 0) { 46896 51848 wolfSSL_PKCS7_free((PKCS7*)pkcs7); 51849 return NULL; 51850 } 51851 /* pkcs7->len may change if using b64 for example */ 51852 pkcs7->len = ret; 51853 51854 if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len) != 0) { 46897 51855 return NULL; 46898 51856 } … … 46901 51859 *p7 = (PKCS7*)pkcs7; 46902 51860 return (PKCS7*)pkcs7; 51861 } 51862 51863 int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7) 51864 { 51865 byte* output = NULL; 51866 int len; 51867 WC_RNG rng; 51868 int ret = WOLFSSL_FAILURE; 51869 WOLFSSL_ENTER("wolfSSL_i2d_PKCS7_bio"); 51870 51871 if (!bio || !p7) { 51872 WOLFSSL_MSG("Bad parameter"); 51873 return WOLFSSL_FAILURE; 51874 } 51875 51876 if (!p7->rng) { 51877 if (wc_InitRng(&rng) != 0) { 51878 WOLFSSL_MSG("wc_InitRng error"); 51879 return WOLFSSL_FAILURE; 51880 } 51881 p7->rng = &rng; 51882 } 51883 51884 if ((len = wc_PKCS7_EncodeSignedData(p7, NULL, 0)) < 0) { 51885 WOLFSSL_MSG("wc_PKCS7_EncodeSignedData error"); 51886 goto cleanup; 51887 } 51888 51889 output = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER); 51890 if (!output) { 51891 WOLFSSL_MSG("malloc error"); 51892 goto cleanup; 51893 } 51894 51895 if ((len = wc_PKCS7_EncodeSignedData(p7, output, len)) < 0) { 51896 WOLFSSL_MSG("wc_PKCS7_EncodeSignedData error"); 51897 goto cleanup; 51898 } 51899 51900 if (wolfSSL_BIO_write(bio, output, len) <= 0) { 51901 WOLFSSL_MSG("wolfSSL_BIO_write error"); 51902 goto cleanup; 51903 } 51904 51905 ret = WOLFSSL_SUCCESS; 51906 cleanup: 51907 if (p7->rng == &rng) { 51908 wc_FreeRng(&rng); 51909 p7->rng = NULL; 51910 } 51911 if (output) { 51912 XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); 51913 } 51914 return ret; 46903 51915 } 46904 51916 … … 46911 51923 int memSz = 0; 46912 51924 WOLFSSL_PKCS7* p7 = (WOLFSSL_PKCS7*)pkcs7; 51925 51926 WOLFSSL_ENTER("wolfSSL_PKCS7_verify"); 46913 51927 46914 51928 if (pkcs7 == NULL) … … 46930 51944 (void)store; 46931 51945 46932 ret = wc_PKCS7_VerifySignedData_ex(&p7->pkcs7, NULL, 0, p7->data, p7->len, 46933 NULL, 0); 51946 ret = wc_PKCS7_VerifySignedData(&p7->pkcs7, p7->data, p7->len); 46934 51947 if (ret != 0) 46935 51948 return WOLFSSL_FAILURE; … … 46944 51957 46945 51958 return WOLFSSL_SUCCESS; 51959 } 51960 51961 /** 51962 * This API was added as a helper function for libest. It 51963 * encodes a stack of certificates to pkcs7 format. 51964 * @param pkcs7 PKCS7 parameter object 51965 * @param certs WOLFSSL_STACK_OF(WOLFSSL_X509)* 51966 * @param out Output bio 51967 * @return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure 51968 */ 51969 int wolfSSL_PKCS7_encode_certs(PKCS7* pkcs7, WOLFSSL_STACK* certs, 51970 WOLFSSL_BIO* out) 51971 { 51972 int ret; 51973 WOLFSSL_PKCS7* p7; 51974 WOLFSSL_ENTER("wolfSSL_PKCS7_encode_certs"); 51975 51976 if (!pkcs7 || !certs || !out) { 51977 WOLFSSL_MSG("Bad parameter"); 51978 return WOLFSSL_FAILURE; 51979 } 51980 51981 p7 = (WOLFSSL_PKCS7*)pkcs7; 51982 51983 /* take ownership of certs */ 51984 p7->certs = certs; 51985 51986 if (pkcs7->certList) { 51987 WOLFSSL_MSG("wolfSSL_PKCS7_encode_certs called multiple times on same " 51988 "struct"); 51989 return WOLFSSL_FAILURE; 51990 } 51991 51992 if (certs) { 51993 /* Save some of the values */ 51994 int hashOID = pkcs7->hashOID; 51995 byte version = pkcs7->version; 51996 51997 if (!certs->data.x509 || !certs->data.x509->derCert) { 51998 WOLFSSL_MSG("Missing cert"); 51999 return WOLFSSL_FAILURE; 52000 } 52001 52002 if (wc_PKCS7_InitWithCert(pkcs7, certs->data.x509->derCert->buffer, 52003 certs->data.x509->derCert->length) != 0) { 52004 WOLFSSL_MSG("wc_PKCS7_InitWithCert error"); 52005 return WOLFSSL_FAILURE; 52006 } 52007 certs = certs->next; 52008 52009 pkcs7->hashOID = hashOID; 52010 pkcs7->version = version; 52011 } 52012 52013 /* Add the certs to the PKCS7 struct */ 52014 while (certs) { 52015 if (!certs->data.x509 || !certs->data.x509->derCert) { 52016 WOLFSSL_MSG("Missing cert"); 52017 return WOLFSSL_FAILURE; 52018 } 52019 if (wc_PKCS7_AddCertificate(pkcs7, certs->data.x509->derCert->buffer, 52020 certs->data.x509->derCert->length) != 0) { 52021 WOLFSSL_MSG("wc_PKCS7_AddCertificate error"); 52022 return WOLFSSL_FAILURE; 52023 } 52024 certs = certs->next; 52025 } 52026 52027 if (wc_PKCS7_SetSignerIdentifierType(pkcs7, DEGENERATE_SID) != 0) { 52028 WOLFSSL_MSG("wc_PKCS7_SetSignerIdentifierType error"); 52029 return WOLFSSL_FAILURE; 52030 } 52031 52032 ret = wolfSSL_i2d_PKCS7_bio(out, pkcs7); 52033 52034 return ret; 52035 } 52036 #endif /* !NO_BIO */ 52037 52038 /** 52039 * This API was added as a helper function for libest. It 52040 * extracts a stack of certificates from the pkcs7 object. 52041 * @param pkcs7 PKCS7 parameter object 52042 * @return WOLFSSL_STACK_OF(WOLFSSL_X509)* 52043 */ 52044 WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7) 52045 { 52046 int i; 52047 WOLFSSL_PKCS7* p7 = (WOLFSSL_PKCS7*)pkcs7; 52048 WOLF_STACK_OF(WOLFSSL_X509)* ret = NULL; 52049 52050 WOLFSSL_ENTER("wolfSSL_PKCS7_to_stack"); 52051 52052 if (!p7) { 52053 WOLFSSL_MSG("Bad parameter"); 52054 return NULL; 52055 } 52056 52057 if (p7->certs) 52058 return p7->certs; 52059 52060 for (i = 0; i < MAX_PKCS7_CERTS && p7->pkcs7.cert[i]; i++) { 52061 WOLFSSL_X509* x509 = wolfSSL_X509_d2i(NULL, p7->pkcs7.cert[i], 52062 p7->pkcs7.certSz[i]); 52063 if (!ret) 52064 ret = wolfSSL_sk_X509_new(); 52065 if (x509) { 52066 if (wolfSSL_sk_X509_push(ret, x509) != WOLFSSL_SUCCESS) { 52067 wolfSSL_X509_free(x509); 52068 WOLFSSL_MSG("wolfSSL_sk_X509_push error"); 52069 goto error; 52070 } 52071 } 52072 else { 52073 WOLFSSL_MSG("wolfSSL_X509_d2i error"); 52074 goto error; 52075 } 52076 } 52077 52078 /* Save stack to free later */ 52079 if (p7->certs) 52080 wolfSSL_sk_free(p7->certs); 52081 p7->certs = ret; 52082 52083 return ret; 52084 error: 52085 if (ret) { 52086 wolfSSL_sk_free(ret); 52087 } 52088 return NULL; 46946 52089 } 46947 52090 … … 46985 52128 } 46986 52129 52130 #ifndef NO_BIO 46987 52131 /****************************************************************************** 46988 52132 * wolfSSL_PEM_write_bio_PKCS7 - writes the PKCS7 data to BIO … … 47107 52251 return WOLFSSL_FAILURE; 47108 52252 } 52253 52254 #ifdef HAVE_SMIME 52255 /***************************************************************************** 52256 * wolfSSL_SMIME_read_PKCS7 - Reads the given S/MIME message and parses it into 52257 * a PKCS7 object. In case of a multipart message, stores the signed data in 52258 * bcont. 52259 * 52260 * RETURNS: 52261 * returns pointer to a PKCS7 structure on success, otherwise returns NULL 52262 */ 52263 WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in, 52264 WOLFSSL_BIO** bcont) 52265 { 52266 MimeHdr* allHdrs = NULL; 52267 MimeHdr* curHdr = NULL; 52268 MimeParam* curParam = NULL; 52269 int inLen = 0; 52270 byte* bcontMem = NULL; 52271 int bcontMemSz = 0; 52272 int sectionLen = 0; 52273 int ret = -1; 52274 char* section = NULL; 52275 PKCS7* pkcs7 = NULL; 52276 word32 outLen = 0; 52277 byte* out = NULL; 52278 byte* outHead = NULL; 52279 52280 int lineLen = 0; 52281 int remainLen = 0; 52282 byte isEnd = 0; 52283 size_t boundLen = 0; 52284 char* boundary = NULL; 52285 52286 static const char* kContType = "Content-Type"; 52287 static const char* kCTE = "Content-Transfer-Encoding"; 52288 static const char* kMultSigned = "multipart/signed"; 52289 static const char* kAppPkcsSign = "application/pkcs7-signature"; 52290 static const char* kAppXPkcsSign = "application/x-pkcs7-signature"; 52291 static const char* kAppPkcs7Mime = "application/pkcs7-mime"; 52292 static const char* kAppXPkcs7Mime = "application/x-pkcs7-mime"; 52293 52294 52295 if (in == NULL || bcont == NULL) { 52296 goto error; 52297 } 52298 inLen = wolfSSL_BIO_get_len(in); 52299 if (inLen <= 0) { 52300 goto error; 52301 } 52302 remainLen = wolfSSL_BIO_get_len(in); 52303 if (remainLen <= 0) { 52304 goto error; 52305 } 52306 52307 section = (char*)XMALLOC((remainLen+1)*sizeof(char), NULL, 52308 DYNAMIC_TYPE_PKCS7); 52309 if (section == NULL) { 52310 goto error; 52311 } 52312 lineLen = wolfSSL_BIO_gets(in, section, remainLen); 52313 if (lineLen <= 0) { 52314 goto error; 52315 } 52316 while(isEnd == 0 && remainLen > 0) { 52317 sectionLen += lineLen; 52318 remainLen -= lineLen; 52319 lineLen = wolfSSL_BIO_gets(in, §ion[sectionLen], remainLen); 52320 if (lineLen <= 0) { 52321 goto error; 52322 } 52323 /* Line with just newline signals end of headers. */ 52324 if ((lineLen==2 && !XSTRNCMP(§ion[sectionLen], 52325 "\r\n", 2)) || 52326 (lineLen==1 && (section[sectionLen] == '\r' || 52327 section[sectionLen] == '\n'))) { 52328 isEnd = 1; 52329 } 52330 } 52331 section[sectionLen] = '\0'; 52332 ret = wc_MIME_parse_headers(section, sectionLen, &allHdrs); 52333 if (ret < 0) { 52334 WOLFSSL_MSG("Parsing MIME headers failed.\n"); 52335 goto error; 52336 } 52337 isEnd = 0; 52338 section[0] = '\0'; 52339 sectionLen = 0; 52340 52341 curHdr = wc_MIME_find_header_name(kContType, allHdrs); 52342 if (curHdr && !XSTRNCMP(curHdr->body, kMultSigned, 52343 XSTR_SIZEOF(kMultSigned))) { 52344 curParam = wc_MIME_find_param_attr("protocol", curHdr->params); 52345 if (curParam && (!XSTRNCMP(curParam->value, kAppPkcsSign, 52346 XSTR_SIZEOF(kAppPkcsSign)) || 52347 !XSTRNCMP(curParam->value, kAppXPkcsSign, 52348 XSTR_SIZEOF(kAppXPkcsSign)))) { 52349 curParam = wc_MIME_find_param_attr("boundary", curHdr->params); 52350 if (curParam == NULL) { 52351 goto error; 52352 } 52353 52354 boundLen = XSTRLEN(curParam->value) + 2; 52355 boundary = (char*)XMALLOC((boundLen+1)*sizeof(char), NULL, 52356 DYNAMIC_TYPE_PKCS7); 52357 if (boundary == NULL) { 52358 goto error; 52359 } 52360 XMEMSET(boundary, 0, (word32)((boundLen+1)*sizeof(char))); 52361 boundary[0] = boundary[1] = '-'; 52362 XSTRNCPY(&boundary[2], curParam->value, boundLen-2); 52363 52364 /* Parse up to first boundary, ignore everything here. */ 52365 lineLen = wolfSSL_BIO_gets(in, section, remainLen); 52366 if (lineLen <= 0) { 52367 goto error; 52368 } 52369 while(XSTRNCMP(§ion[sectionLen], boundary, boundLen) && 52370 remainLen > 0) { 52371 sectionLen += lineLen; 52372 remainLen -= lineLen; 52373 lineLen = wolfSSL_BIO_gets(in, §ion[sectionLen], 52374 remainLen); 52375 if (lineLen <= 0) { 52376 goto error; 52377 } 52378 } 52379 52380 section[0] = '\0'; 52381 sectionLen = 0; 52382 lineLen = wolfSSL_BIO_gets(in, section, remainLen); 52383 while(XSTRNCMP(§ion[sectionLen], boundary, boundLen) && 52384 remainLen > 0) { 52385 sectionLen += lineLen; 52386 remainLen -= lineLen; 52387 lineLen = wolfSSL_BIO_gets(in, §ion[sectionLen], 52388 remainLen); 52389 if (lineLen <= 0) { 52390 goto error; 52391 } 52392 } 52393 sectionLen--; 52394 /* Strip the final trailing newline. Support \r, \n or \r\n. */ 52395 if (section[sectionLen] == '\n') { 52396 sectionLen--; 52397 if (section[sectionLen] == '\r') { 52398 sectionLen--; 52399 } 52400 } 52401 else if (section[sectionLen] == '\r') { 52402 sectionLen--; 52403 } 52404 section[sectionLen+1] = '\0'; 52405 52406 *bcont = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()); 52407 ret = wolfSSL_BIO_write(*bcont, section, (int)XSTRLEN(section)); 52408 if (ret != (int)XSTRLEN(section)) { 52409 goto error; 52410 } 52411 if ((bcontMemSz = wolfSSL_BIO_get_mem_data(*bcont, &bcontMem)) < 0) { 52412 goto error; 52413 } 52414 52415 52416 wc_MIME_free_hdrs(allHdrs); 52417 section[0] = '\0'; 52418 sectionLen = 0; 52419 lineLen = wolfSSL_BIO_gets(in, section, remainLen); 52420 if (lineLen <= 0) { 52421 goto error; 52422 } 52423 while(isEnd == 0 && remainLen > 0) { 52424 sectionLen += lineLen; 52425 remainLen -= lineLen; 52426 lineLen = wolfSSL_BIO_gets(in, §ion[sectionLen], 52427 remainLen); 52428 if (lineLen <= 0) { 52429 goto error; 52430 } 52431 /* Line with just newline signals end of headers. */ 52432 if ((lineLen==2 && !XSTRNCMP(§ion[sectionLen], 52433 "\r\n", 2)) || 52434 (lineLen==1 && (section[sectionLen] == '\r' || 52435 section[sectionLen] == '\n'))) { 52436 isEnd = 1; 52437 } 52438 } 52439 section[sectionLen] = '\0'; 52440 ret = wc_MIME_parse_headers(section, sectionLen, &allHdrs); 52441 if (ret < 0) { 52442 WOLFSSL_MSG("Parsing MIME headers failed.\n"); 52443 goto error; 52444 } 52445 curHdr = wc_MIME_find_header_name(kContType, allHdrs); 52446 if (curHdr == NULL || (XSTRNCMP(curHdr->body, kAppPkcsSign, 52447 XSTR_SIZEOF(kAppPkcsSign)) && 52448 XSTRNCMP(curHdr->body, kAppXPkcsSign, 52449 XSTR_SIZEOF(kAppXPkcsSign)))) { 52450 WOLFSSL_MSG("S/MIME headers not found inside " 52451 "multipart message.\n"); 52452 goto error; 52453 } 52454 52455 section[0] = '\0'; 52456 sectionLen = 0; 52457 lineLen = wolfSSL_BIO_gets(in, section, remainLen); 52458 while(XSTRNCMP(§ion[sectionLen], boundary, boundLen) && 52459 remainLen > 0) { 52460 sectionLen += lineLen; 52461 remainLen -= lineLen; 52462 lineLen = wolfSSL_BIO_gets(in, §ion[sectionLen], 52463 remainLen); 52464 if (lineLen <= 0) { 52465 goto error; 52466 } 52467 } 52468 52469 XFREE(boundary, NULL, DYNAMIC_TYPE_PKCS7); 52470 } 52471 } 52472 else if (curHdr && (!XSTRNCMP(curHdr->body, kAppPkcs7Mime, 52473 XSTR_SIZEOF(kAppPkcs7Mime)) || 52474 !XSTRNCMP(curHdr->body, kAppXPkcs7Mime, 52475 XSTR_SIZEOF(kAppXPkcs7Mime)))) { 52476 sectionLen = wolfSSL_BIO_get_len(in); 52477 if (sectionLen <= 0) { 52478 goto error; 52479 } 52480 ret = wolfSSL_BIO_read(in, section, sectionLen); 52481 if (ret < 0 || ret != sectionLen) { 52482 WOLFSSL_MSG("Error reading input BIO.\n"); 52483 goto error; 52484 } 52485 } 52486 else { 52487 WOLFSSL_MSG("S/MIME headers not found.\n"); 52488 goto error; 52489 } 52490 52491 curHdr = wc_MIME_find_header_name(kCTE, allHdrs); 52492 if (curHdr == NULL) { 52493 WOLFSSL_MSG("Content-Transfer-Encoding header not found, " 52494 "assuming base64 encoding."); 52495 } 52496 else if (XSTRNCMP(curHdr->body, "base64", XSTRLEN("base64"))) { 52497 WOLFSSL_MSG("S/MIME encodings other than base64 are not " 52498 "currently supported.\n"); 52499 goto error; 52500 } 52501 52502 if (section == NULL || sectionLen <= 0) { 52503 goto error; 52504 } 52505 outLen = ((sectionLen*3+3)/4)+1; 52506 out = (byte*)XMALLOC(outLen*sizeof(byte), NULL, DYNAMIC_TYPE_PKCS7); 52507 outHead = out; 52508 if (outHead == NULL) { 52509 goto error; 52510 } 52511 /* Strip trailing newlines. */ 52512 while ((section[sectionLen-1] == '\r' || section[sectionLen-1] == '\n') && 52513 sectionLen > 0) { 52514 sectionLen--; 52515 } 52516 section[sectionLen] = '\0'; 52517 ret = Base64_Decode((const byte*)section, sectionLen, out, &outLen); 52518 if (ret < 0) { 52519 WOLFSSL_MSG("Error base64 decoding S/MIME message.\n"); 52520 goto error; 52521 } 52522 pkcs7 = wolfSSL_d2i_PKCS7_ex(NULL, (const unsigned char**)&out, outLen, 52523 bcontMem, bcontMemSz); 52524 52525 52526 wc_MIME_free_hdrs(allHdrs); 52527 XFREE(outHead, NULL, DYNAMIC_TYPE_PKCS7); 52528 XFREE(section, NULL, DYNAMIC_TYPE_PKCS7); 52529 52530 52531 return pkcs7; 52532 52533 error: 52534 wc_MIME_free_hdrs(allHdrs); 52535 XFREE(boundary, NULL, DYNAMIC_TYPE_PKCS7); 52536 XFREE(outHead, NULL, DYNAMIC_TYPE_PKCS7); 52537 XFREE(section, NULL, DYNAMIC_TYPE_PKCS7); 52538 wolfSSL_BIO_free(*bcont); 52539 52540 return NULL; 52541 } 52542 #endif /* HAVE_SMIME */ 52543 #endif /* !NO_BIO */ 47109 52544 #endif /* OPENSSL_ALL && HAVE_PKCS7 */ 47110 52545 … … 47124 52559 47125 52560 #ifdef OPENSSL_ALL 52561 #ifndef NO_BIO 47126 52562 int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio, 47127 52563 WOLFSSL_EVP_PKEY* pkey, … … 47192 52628 if (ret == 0 && enc == NULL) { 47193 52629 type = PKCS8_PRIVATEKEY_TYPE; 52630 #ifdef HAVE_ECC 47194 52631 if (pkey->type == EVP_PKEY_EC) { 47195 52632 algId = ECDSAk; … … 47197 52634 &oidSz); 47198 52635 } 47199 else { 52636 else 52637 #endif 52638 { 47200 52639 algId = RSAk; 47201 52640 curveOid = NULL; … … 47377 52816 return key; 47378 52817 } 52818 52819 #endif /* !NO_BIO */ 47379 52820 47380 52821 /* Detect which type of key it is before decoding. */ … … 47439 52880 #endif 47440 52881 47441 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ 47442 defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) 47443 int wolfSSL_X509_set_subject_name(WOLFSSL_X509 *cert, WOLFSSL_X509_NAME *name) 52882 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ 52883 !defined(WOLFCRYPT_ONLY) 52884 /* unlike wolfSSL_X509_NAME_dup this does not malloc a duplicate, only deep 52885 * copy. "to" is expected to be a fresh blank name, if not pointers could be 52886 * lost */ 52887 int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to) 47444 52888 { 47445 52889 int i; 47446 52890 WOLFSSL_X509_NAME_ENTRY* ne; 47447 52891 52892 WOLFSSL_ENTER("wolfSSL_X509_NAME_copy"); 52893 52894 if (from == NULL || to == NULL) { 52895 WOLFSSL_MSG("NULL parameter"); 52896 return BAD_FUNC_ARG; 52897 } 52898 52899 if (from->dynamicName) { 52900 to->name = (char*)XMALLOC(from->sz, to->heap, DYNAMIC_TYPE_SUBJECT_CN); 52901 if (to->name == NULL) 52902 return WOLFSSL_FAILURE; 52903 to->dynamicName = 1; 52904 } 52905 XMEMCPY(to->name, from->name, from->sz); 52906 to->sz = from->sz; 52907 52908 for (i = 0; i < MAX_NAME_ENTRIES; i++) { 52909 ne = wolfSSL_X509_NAME_get_entry(from, i); 52910 if (ne != NULL) 52911 wolfSSL_X509_NAME_add_entry(to, ne, i, 1); 52912 } 52913 to->entrySz = from->entrySz; 52914 return WOLFSSL_SUCCESS; 52915 } 52916 52917 52918 /* copies over information from "name" to the "cert" subject name 52919 * returns WOLFSSL_SUCCESS on success */ 52920 int wolfSSL_X509_set_subject_name(WOLFSSL_X509 *cert, WOLFSSL_X509_NAME *name) 52921 { 47448 52922 WOLFSSL_ENTER("X509_set_subject_name"); 47449 52923 if (cert == NULL || name == NULL) 47450 52924 return WOLFSSL_FAILURE; 47451 52925 47452 FreeX509Name(&cert->subject, cert->heap); 47453 InitX509Name(&cert->subject, 0); 47454 if (name->dynamicName) { 47455 cert->subject.name = (char*)XMALLOC(name->sz, cert->heap, 47456 DYNAMIC_TYPE_SUBJECT_CN); 47457 if (cert->subject.name == NULL) 47458 return WOLFSSL_FAILURE; 47459 } 47460 XMEMCPY(cert->subject.name, name->name, name->sz); 47461 cert->subject.sz = name->sz; 47462 47463 for (i = 0; i < 10; i++) { 47464 ne = wolfSSL_X509_NAME_get_entry(name, i); 47465 if (ne != NULL) 47466 wolfSSL_X509_NAME_add_entry(&cert->subject, ne, i, 1); 47467 } 52926 FreeX509Name(&cert->subject); 52927 InitX509Name(&cert->subject, 0, cert->heap); 52928 52929 if (wolfSSL_X509_NAME_copy(name, &cert->subject) != WOLFSSL_SUCCESS) { 52930 FreeX509Name(&cert->subject); 52931 return WOLFSSL_FAILURE; 52932 } 52933 47468 52934 cert->subject.x509 = cert; 47469 cert->subject.name = cert->subject.fullName.fullName;47470 cert->subject.sz = cert->subject.fullName.fullNameLen;47471 47472 52935 return WOLFSSL_SUCCESS; 47473 52936 } 47474 52937 52938 52939 /* copies over information from "name" to the "cert" issuer name 52940 * returns WOLFSSL_SUCCESS on success */ 47475 52941 int wolfSSL_X509_set_issuer_name(WOLFSSL_X509 *cert, WOLFSSL_X509_NAME *name) 47476 52942 { 47477 int i;47478 WOLFSSL_X509_NAME_ENTRY* ne;47479 47480 52943 WOLFSSL_ENTER("X509_set_issuer_name"); 47481 52944 if (cert == NULL || name == NULL) 47482 52945 return WOLFSSL_FAILURE; 47483 52946 47484 FreeX509Name(&cert->issuer, cert->heap); 47485 InitX509Name(&cert->issuer, 0); 47486 if (name->dynamicName) { 47487 cert->issuer.name = (char*)XMALLOC(name->sz, cert->heap, 47488 DYNAMIC_TYPE_SUBJECT_CN); 47489 if (cert->issuer.name == NULL) 47490 return WOLFSSL_FAILURE; 47491 } 47492 XMEMCPY(cert->issuer.name, name->name, name->sz); 47493 cert->issuer.sz = name->sz; 47494 47495 for (i = 0; i < 10; i++) { 47496 ne = wolfSSL_X509_NAME_get_entry(name, i); 47497 if (ne != NULL) 47498 wolfSSL_X509_NAME_add_entry(&cert->issuer, ne, i, 1); 47499 } 52947 FreeX509Name(&cert->issuer); 52948 InitX509Name(&cert->issuer, 0, cert->heap); 52949 52950 if (wolfSSL_X509_NAME_copy(name, &cert->issuer) != WOLFSSL_SUCCESS) { 52951 FreeX509Name(&cert->issuer); 52952 return WOLFSSL_FAILURE; 52953 } 52954 47500 52955 cert->issuer.x509 = cert; 47501 cert->issuer.name = cert->issuer.fullName.fullName;47502 cert->issuer.sz = cert->issuer.fullName.fullNameLen;47503 52956 cert->issuerSet = 1; 47504 52957 47505 52958 return WOLFSSL_SUCCESS; 47506 52959 } 52960 47507 52961 47508 52962 int wolfSSL_X509_set_notAfter(WOLFSSL_X509* x509, const WOLFSSL_ASN1_TIME* t) … … 47512 52966 } 47513 52967 47514 XMEMCPY(&x509->notAfter, t, sizeof(WOLFSSL_ASN1_TIME)); 52968 x509->notAfter.type = t->type; 52969 x509->notAfter.length = t->length; 52970 52971 XMEMCPY(x509->notAfter.data, t->data, CTC_DATE_SIZE); 47515 52972 47516 52973 return WOLFSSL_SUCCESS; … … 47523 52980 } 47524 52981 47525 XMEMCPY(&x509->notBefore, t, sizeof(WOLFSSL_ASN1_TIME)); 52982 x509->notBefore.type = t->type; 52983 x509->notBefore.length = t->length; 52984 52985 XMEMCPY(x509->notBefore.data, t->data, CTC_DATE_SIZE); 47526 52986 47527 52987 return WOLFSSL_SUCCESS; … … 47531 52991 { 47532 52992 WOLFSSL_ENTER("wolfSSL_X509_set_serialNumber"); 47533 if (!x509 || !s || s-> dataMax>= EXTERNAL_SERIAL_SIZE)52993 if (!x509 || !s || s->length >= EXTERNAL_SERIAL_SIZE) 47534 52994 return WOLFSSL_FAILURE; 47535 52995 47536 if (s->isDynamic)47537 XSTRNCPY((char*)x509->serial,(char*)s->data,s->dataMax);47538 else47539 XSTRNCPY((char*)x509->serial,(char*)s->intData,s->dataMax);47540 47541 x509->serial [s->dataMax] = 0;47542 x509->serial Sz = s->dataMax;52996 /* WOLFSSL_ASN1_INTEGER has type | size | data */ 52997 if (s->length < 3) { 52998 return WOLFSSL_FAILURE; 52999 } 53000 XMEMCPY(x509->serial, s->data + 2, s->length - 2); 53001 x509->serialSz = s->length - 2; 53002 x509->serial[s->length] = 0; 47543 53003 47544 53004 return WOLFSSL_SUCCESS; … … 47548 53008 int wolfSSL_X509_set_pubkey(WOLFSSL_X509 *cert, WOLFSSL_EVP_PKEY *pkey) 47549 53009 { 47550 byte* p ;53010 byte* p = NULL; 47551 53011 WOLFSSL_ENTER("wolfSSL_X509_set_pubkey"); 47552 53012 … … 47554 53014 return WOLFSSL_FAILURE; 47555 53015 47556 if (pkey->type == EVP_PKEY_RSA) 47557 cert->pubKeyOID = RSAk; 47558 else if (pkey->type == EVP_PKEY_EC) 53016 if (pkey->type == EVP_PKEY_RSA 53017 #ifndef NO_DSA 53018 || pkey->type == EVP_PKEY_DSA 53019 #endif /* !NO_DSA */ 53020 ) { 53021 p = (byte*)XMALLOC(pkey->pkey_sz, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY); 53022 if (p == NULL) 53023 return WOLFSSL_FAILURE; 53024 53025 if (cert->pubKey.buffer != NULL) 53026 XFREE(cert->pubKey.buffer, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY); 53027 cert->pubKey.buffer = p; 53028 XMEMCPY(cert->pubKey.buffer, pkey->pkey.ptr, pkey->pkey_sz); 53029 cert->pubKey.length = pkey->pkey_sz; 53030 #ifndef NO_DSA 53031 if (pkey->type == EVP_PKEY_DSA) 53032 cert->pubKeyOID = DSAk; 53033 else 53034 #endif /* !NO_DSA */ 53035 cert->pubKeyOID = RSAk; 53036 } 53037 #ifdef HAVE_ECC 53038 else if (pkey->type == EVP_PKEY_EC) { 53039 /* Generate since pkey->pkey.ptr may contain private key */ 53040 ecc_key* ecc; 53041 int derSz; 53042 53043 if (pkey->ecc == NULL || pkey->ecc->internal == NULL) 53044 return WOLFSSL_FAILURE; 53045 53046 ecc = (ecc_key*)pkey->ecc->internal; 53047 derSz = wc_EccPublicKeyDerSize(ecc, 1); 53048 if (derSz <= 0) 53049 return WOLFSSL_FAILURE; 53050 53051 p = (byte*)XMALLOC(derSz, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY); 53052 if (p == NULL) 53053 return WOLFSSL_FAILURE; 53054 53055 if ((derSz = wc_EccPublicKeyToDer(ecc, p, derSz, 1)) <= 0) { 53056 XFREE(p, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY); 53057 return WOLFSSL_FAILURE; 53058 } 53059 cert->pubKey.buffer = p; 53060 cert->pubKey.length = derSz; 47559 53061 cert->pubKeyOID = ECDSAk; 53062 } 53063 #endif /* HAVE_ECC */ 47560 53064 else 47561 53065 return WOLFSSL_FAILURE; 47562 47563 p = (byte*)XMALLOC(pkey->pkey_sz, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);47564 if (p == NULL)47565 return WOLFSSL_FAILURE;47566 47567 if (cert->pubKey.buffer != NULL)47568 XFREE(cert->pubKey.buffer, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);47569 cert->pubKey.buffer = p;47570 XMEMCPY(cert->pubKey.buffer, pkey->pkey.ptr, pkey->pkey_sz);47571 cert->pubKey.length = pkey->pkey_sz;47572 53066 47573 53067 return WOLFSSL_SUCCESS; … … 47585 53079 } 47586 53080 47587 #endif /* OPENSSL_EXTRA && !NO_CERTS && WOLFSSL_CERT_GEN && WOLFSSL_CERT_REQ*/47588 47589 #if defined(OPENSSL_ EXTRA) && !defined(NO_CERTS) && \53081 #endif /* (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) && WOLFSSL_CERT_GEN */ 53082 53083 #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ 47590 53084 defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) 47591 53085 … … 47599 53093 return; 47600 53094 53095 if (!ctx->x509) { 53096 ctx->x509 = wolfSSL_X509_new(); 53097 if (!ctx->x509) 53098 return; 53099 } 53100 47601 53101 /* Set parameters in ctx as long as ret == WOLFSSL_SUCCESS */ 47602 53102 if (issuer) … … 47625 53125 int wolfSSL_i2d_X509_REQ(WOLFSSL_X509* req, unsigned char** out) 47626 53126 { 47627 const unsigned char* der;47628 53127 int derSz = 0; 53128 int ret = WOLFSSL_FAILURE; 53129 WOLFSSL_BIO* bio = NULL; 47629 53130 WOLFSSL_ENTER("wolfSSL_i2d_X509_REQ"); 47630 53131 … … 47633 53134 } 47634 53135 47635 der = wolfSSL_X509_get_der(req, &derSz); 47636 if (der == NULL) { 47637 return MEMORY_E; 47638 } 53136 if (!(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()))) { 53137 return WOLFSSL_FAILURE; 53138 } 53139 53140 if (wolfSSL_i2d_X509_REQ_bio(bio, req) != WOLFSSL_SUCCESS) { 53141 WOLFSSL_MSG("wolfSSL_i2d_X509_REQ_bio error"); 53142 goto cleanup; 53143 } 53144 53145 derSz = wolfSSL_BIO_get_len(bio); 47639 53146 47640 53147 if (*out == NULL) { 47641 53148 *out = (unsigned char*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_OPENSSL); 47642 if (*out == NULL) { 47643 return MEMORY_E; 47644 } 47645 } 47646 47647 XMEMCPY(*out, der, derSz); 47648 47649 return derSz; 53149 if (!*out) { 53150 WOLFSSL_MSG("malloc error"); 53151 ret = MEMORY_E; 53152 goto cleanup; 53153 } 53154 } 53155 53156 if (wolfSSL_BIO_read(bio, *out, derSz) != derSz) { 53157 WOLFSSL_MSG("wolfSSL_BIO_read error"); 53158 goto cleanup; 53159 } 53160 53161 ret = derSz; 53162 cleanup: 53163 wolfSSL_BIO_free(bio); 53164 53165 return ret; 47650 53166 } 47651 53167 … … 47671 53187 /* Create a Cert that has the certificate request fields. */ 47672 53188 req->sigOID = wolfSSL_sigTypeFromPKEY((WOLFSSL_EVP_MD*)md, pkey); 47673 if (wolf SSL_X509_make_der(req, 1, der, &derSz) != WOLFSSL_SUCCESS) {53189 if (wolfssl_x509_make_der(req, 1, der, &derSz, 0) != WOLFSSL_SUCCESS) { 47674 53190 return WOLFSSL_FAILURE; 47675 53191 } … … 47682 53198 } 47683 53199 47684 47685 #ifndef NO_WOLFSSL_STUB 53200 int wolfSSL_X509_REQ_sign_ctx(WOLFSSL_X509 *req, 53201 WOLFSSL_EVP_MD_CTX* md_ctx) 53202 { 53203 if (md_ctx && md_ctx->pctx) 53204 return wolfSSL_X509_REQ_sign(req, md_ctx->pctx->pkey, 53205 wolfSSL_EVP_MD_CTX_md(md_ctx)); 53206 else 53207 return WOLFSSL_FAILURE; 53208 } 53209 53210 static int regenX509REQDerBuffer(WOLFSSL_X509* x509) 53211 { 53212 int derSz = X509_BUFFER_SZ; 53213 int ret = WOLFSSL_FAILURE; 53214 #ifdef WOLFSSL_SMALL_STACK 53215 byte* der; 53216 der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 53217 if (!der) { 53218 WOLFSSL_MSG("malloc failed"); 53219 return WOLFSSL_FAILURE; 53220 } 53221 #else 53222 byte der[X509_BUFFER_SZ]; 53223 #endif 53224 53225 if (wolfssl_x509_make_der(x509, 1, der, &derSz, 0) == WOLFSSL_SUCCESS) { 53226 FreeDer(&x509->derCert); 53227 if (AllocDer(&x509->derCert, derSz, CERT_TYPE, x509->heap) == 0) { 53228 XMEMCPY(x509->derCert->buffer, der, derSz); 53229 ret = WOLFSSL_SUCCESS; 53230 } 53231 else { 53232 WOLFSSL_MSG("Failed to allocate DER buffer for X509"); 53233 } 53234 } 53235 else { 53236 WOLFSSL_MSG("Unable to make DER for X509 REQ"); 53237 } 53238 #ifdef WOLFSSL_SMALL_STACK 53239 XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); 53240 #endif 53241 return ret; 53242 } 53243 47686 53244 int wolfSSL_X509_REQ_add_extensions(WOLFSSL_X509* req, 47687 WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* ext) 47688 { 53245 WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* ext_sk) 53246 { 53247 if (!req || !ext_sk) { 53248 WOLFSSL_MSG("Bad parameter"); 53249 return WOLFSSL_FAILURE; 53250 } 53251 53252 while (ext_sk) { 53253 WOLFSSL_X509_EXTENSION* ext = ext_sk->data.ext; 53254 53255 if (wolfSSL_X509_add_ext(req, ext, -1) != WOLFSSL_SUCCESS) { 53256 WOLFSSL_MSG("wolfSSL_X509_add_ext error"); 53257 return WOLFSSL_FAILURE; 53258 } 53259 53260 ext_sk = ext_sk->next; 53261 } 53262 53263 return regenX509REQDerBuffer(req); 53264 } 53265 53266 int wolfSSL_X509_REQ_add1_attr_by_txt(WOLFSSL_X509 *req, 53267 const char *attrname, int type, 53268 const unsigned char *bytes, int len) 53269 { 53270 WOLFSSL_ENTER("wolfSSL_X509_REQ_add1_attr_by_txt"); 53271 53272 #ifdef HAVE_LIBEST 53273 if (!req || !attrname || !bytes || type != MBSTRING_ASC) { 53274 WOLFSSL_MSG("Bad parameter"); 53275 return WOLFSSL_FAILURE; 53276 } 53277 53278 if (len < 0) { 53279 len = (int)XSTRLEN((char*)bytes); 53280 } 53281 53282 /* For now just pretend that we support this for libest testing */ 53283 if (len == XSTR_SIZEOF("1.3.6.1.1.1.1.22") && 53284 XMEMCMP("1.3.6.1.1.1.1.22", bytes, len) == 0) { 53285 /* MAC Address */ 53286 } 53287 else if (len == XSTR_SIZEOF("1.2.840.10045.2.1") && 53288 XMEMCMP("1.2.840.10045.2.1", bytes, len) == 0) { 53289 /* ecPublicKey */ 53290 } 53291 else if (len == XSTR_SIZEOF("1.2.840.10045.4.3.3") && 53292 XMEMCMP("1.2.840.10045.4.3.3", bytes, len) == 0) { 53293 /* ecdsa-with-SHA384 */ 53294 } 53295 else { 53296 return WOLFSSL_FAILURE; 53297 } 53298 53299 /* return error if not built for libest */ 53300 return WOLFSSL_SUCCESS; 53301 #else 47689 53302 (void)req; 47690 (void)ext; 47691 return WOLFSSL_FATAL_ERROR; 47692 } 47693 #endif 53303 (void)attrname; 53304 (void)type; 53305 (void)bytes; 53306 (void)len; 53307 return WOLFSSL_FAILURE; 53308 #endif 53309 } 53310 53311 int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req, 53312 int nid, int type, 53313 const unsigned char *bytes, 53314 int len) 53315 { 53316 WOLFSSL_ENTER("wolfSSL_X509_REQ_add1_attr_by_NID"); 53317 53318 if (!req || !bytes || type != MBSTRING_ASC) { 53319 WOLFSSL_MSG("Bad parameter"); 53320 return WOLFSSL_FAILURE; 53321 } 53322 53323 switch (nid) { 53324 case NID_pkcs9_challengePassword: 53325 if (len < 0) 53326 len = (int)XSTRLEN((char*)bytes); 53327 if (len < CTC_NAME_SIZE) { 53328 XMEMCPY(req->challengePw, bytes, len); 53329 req->challengePw[len] = '\0'; 53330 } 53331 else { 53332 WOLFSSL_MSG("Challenge password too long"); 53333 return WOLFSSL_FAILURE; 53334 } 53335 if (req->challengePwAttr) { 53336 wolfSSL_X509_ATTRIBUTE_free(req->challengePwAttr); 53337 } 53338 req->challengePwAttr = wolfSSL_X509_ATTRIBUTE_new(); 53339 if (req->challengePwAttr) { 53340 req->challengePwAttr->value->value.asn1_string = 53341 wolfSSL_ASN1_STRING_new(); 53342 if (wolfSSL_ASN1_STRING_set( 53343 req->challengePwAttr->value->value.asn1_string, 53344 bytes, len) != WOLFSSL_SUCCESS) { 53345 WOLFSSL_MSG("wolfSSL_ASN1_STRING_set error"); 53346 return WOLFSSL_FAILURE; 53347 } 53348 req->challengePwAttr->value->type = V_ASN1_PRINTABLESTRING; 53349 } 53350 else { 53351 WOLFSSL_MSG("wolfSSL_X509_ATTRIBUTE_new error"); 53352 return WOLFSSL_FAILURE; 53353 } 53354 break; 53355 case NID_serialNumber: 53356 if (len < 0) 53357 len = (int)XSTRLEN((char*)bytes); 53358 if (len + 1 > EXTERNAL_SERIAL_SIZE) { 53359 WOLFSSL_MSG("SerialNumber too long"); 53360 return WOLFSSL_FAILURE; 53361 } 53362 XMEMCPY(req->serial, bytes, len); 53363 req->serialSz = len; 53364 break; 53365 default: 53366 WOLFSSL_MSG("Unsupported attribute"); 53367 return WOLFSSL_FAILURE; 53368 } 53369 return WOLFSSL_SUCCESS; 53370 } 53371 53372 53373 /* Return NID as the attr index */ 53374 int wolfSSL_X509_REQ_get_attr_by_NID(const WOLFSSL_X509 *req, 53375 int nid, int lastpos) 53376 { 53377 WOLFSSL_ENTER("wolfSSL_X509_REQ_get_attr_by_NID"); 53378 53379 /* Since we only support 1 attr per attr type then a lastpos of >= 0 53380 * indicates that one was already returned */ 53381 if (!req || lastpos >= 0) { 53382 WOLFSSL_MSG("Bad parameter"); 53383 return WOLFSSL_FATAL_ERROR; 53384 } 53385 53386 switch (nid) { 53387 case NID_pkcs9_challengePassword: 53388 return req->challengePwAttr ? nid : WOLFSSL_FATAL_ERROR; 53389 default: 53390 WOLFSSL_MSG("Unsupported attribute"); 53391 return WOLFSSL_FATAL_ERROR; 53392 } 53393 } 53394 53395 /** 53396 * @param req X509_REQ containing attribute 53397 * @param loc NID of the attribute to return 53398 */ 53399 WOLFSSL_X509_ATTRIBUTE *wolfSSL_X509_REQ_get_attr( 53400 const WOLFSSL_X509 *req, int loc) 53401 { 53402 WOLFSSL_ENTER("wolfSSL_X509_REQ_get_attr"); 53403 53404 if (!req) { 53405 WOLFSSL_MSG("Bad parameter"); 53406 return NULL; 53407 } 53408 53409 switch (loc) { 53410 case NID_pkcs9_challengePassword: 53411 return req->challengePwAttr; 53412 default: 53413 WOLFSSL_MSG("Unsupported attribute"); 53414 return NULL; 53415 } 53416 } 53417 53418 WOLFSSL_X509_ATTRIBUTE* wolfSSL_X509_ATTRIBUTE_new(void) 53419 { 53420 WOLFSSL_X509_ATTRIBUTE* ret; 53421 WOLFSSL_ENTER("wolfSSL_X509_ATTRIBUTE_new"); 53422 ret = (WOLFSSL_X509_ATTRIBUTE*)XMALLOC(sizeof(WOLFSSL_X509_ATTRIBUTE), 53423 NULL, DYNAMIC_TYPE_OPENSSL); 53424 if (!ret) { 53425 WOLFSSL_MSG("malloc error"); 53426 return NULL; 53427 } 53428 XMEMSET(ret, 0, sizeof(WOLFSSL_X509_ATTRIBUTE)); 53429 ret->object = wolfSSL_ASN1_OBJECT_new(); 53430 ret->value = wolfSSL_ASN1_TYPE_new(); 53431 /* Don't allocate ret->set since WOLFSSL_ASN1_TYPE 53432 * is not supported as a stack type */ 53433 if (!ret->object || !ret->value) { 53434 WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new or wolfSSL_ASN1_TYPE_new error"); 53435 wolfSSL_X509_ATTRIBUTE_free(ret); 53436 return NULL; 53437 } 53438 return ret; 53439 } 53440 53441 void wolfSSL_X509_ATTRIBUTE_free(WOLFSSL_X509_ATTRIBUTE* attr) 53442 { 53443 WOLFSSL_ENTER("wolfSSL_X509_ATTRIBUTE_free"); 53444 if (attr) { 53445 if (attr->object) { 53446 wolfSSL_ASN1_OBJECT_free(attr->object); 53447 } 53448 if (attr->value) { 53449 wolfSSL_ASN1_TYPE_free(attr->value); 53450 } 53451 if (attr->set) { 53452 wolfSSL_sk_free(attr->set); 53453 } 53454 XFREE(attr, NULL, DYNAMIC_TYPE_OPENSSL); 53455 } 53456 } 53457 53458 WOLFSSL_ASN1_TYPE *wolfSSL_X509_ATTRIBUTE_get0_type( 53459 WOLFSSL_X509_ATTRIBUTE *attr, int idx) 53460 { 53461 WOLFSSL_ENTER("wolfSSL_X509_ATTRIBUTE_get0_type"); 53462 53463 if (!attr || idx != 0) { 53464 WOLFSSL_MSG("Bad parameter"); 53465 return NULL; 53466 } 53467 53468 return attr->value; 53469 } 53470 53471 WOLFSSL_X509 *wolfSSL_X509_to_X509_REQ(WOLFSSL_X509 *x, 53472 WOLFSSL_EVP_PKEY *pkey, const WOLFSSL_EVP_MD *md) 53473 { 53474 WOLFSSL_ENTER("wolfSSL_X509_to_X509_REQ"); 53475 (void)pkey; 53476 (void)md; 53477 return wolfSSL_X509_dup(x); 53478 } 47694 53479 47695 53480 int wolfSSL_X509_REQ_set_subject_name(WOLFSSL_X509 *req, … … 47703 53488 return wolfSSL_X509_set_pubkey(req, pkey); 47704 53489 } 47705 #endif /* OPENSSL_EXTRA && !NO_CERTS && WOLFSSL_CERT_GEN && WOLFSSL_CERT_REQ */ 47706 47707 53490 #endif /* OPENSSL_ALL && !NO_CERTS && WOLFSSL_CERT_GEN && WOLFSSL_CERT_REQ */ 53491 53492 #ifdef WOLFSSL_STATIC_EPHEMERAL 53493 static int SetStaticEphemeralKey(StaticKeyExchangeInfo_t* staticKE, int keyAlgo, 53494 const char* key, unsigned int keySz, int format, void* heap, WOLFSSL_CTX* ctx) 53495 { 53496 int ret = 0; 53497 DerBuffer* der = NULL; 53498 byte* keyBuf = NULL; 53499 #ifndef NO_FILESYSTEM 53500 const char* keyFile = NULL; 53501 #endif 53502 53503 /* allow empty key to free buffer */ 53504 if (staticKE == NULL || (key == NULL && keySz > 0)) { 53505 return BAD_FUNC_ARG; 53506 } 53507 53508 WOLFSSL_ENTER("SetStaticEphemeralKey"); 53509 53510 /* if key is already set free it */ 53511 #ifndef NO_DH 53512 if (keyAlgo == WC_PK_TYPE_DH && staticKE->dhKey && 53513 (ctx == NULL || staticKE->dhKey != ctx->staticKE.dhKey)) 53514 FreeDer(&staticKE->dhKey); 53515 #endif 53516 #ifdef HAVE_ECC 53517 if (keyAlgo == WC_PK_TYPE_ECDH && staticKE->ecKey && 53518 (ctx == NULL || staticKE->ecKey != ctx->staticKE.ecKey)) 53519 FreeDer(&staticKE->ecKey); 53520 #endif 53521 53522 /* check if just free'ing key */ 53523 if (key == NULL && keySz == 0) { 53524 return 0; 53525 } 53526 53527 #ifndef NO_FILESYSTEM 53528 /* load file from filesystem */ 53529 if (key && keySz == 0) { 53530 size_t keyBufSz = 0; 53531 keyFile = (const char*)key; 53532 ret = wc_FileLoad(keyFile, &keyBuf, &keyBufSz, heap); 53533 if (ret != 0) { 53534 return ret; 53535 } 53536 keySz = (unsigned int)keyBufSz; 53537 } 53538 else 53539 #endif 53540 { 53541 /* use as key buffer directly */ 53542 keyBuf = (byte*)key; 53543 } 53544 53545 if (format == WOLFSSL_FILETYPE_PEM) { 53546 #ifdef WOLFSSL_PEM_TO_DER 53547 int keyFormat = 0; 53548 ret = PemToDer(keyBuf, keySz, PRIVATEKEY_TYPE, &der, 53549 heap, NULL, &keyFormat); 53550 /* auto detect key type */ 53551 if (ret == 0 && keyAlgo == 0) { 53552 if (keyFormat == ECDSAk) 53553 keyAlgo = WC_PK_TYPE_ECDH; 53554 else 53555 keyAlgo = WC_PK_TYPE_DH; 53556 } 53557 #else 53558 ret = NOT_COMPILED_IN; 53559 #endif 53560 } 53561 else { 53562 ret = AllocDer(&der, keySz, PRIVATEKEY_TYPE, heap); 53563 if (ret == 0) { 53564 XMEMCPY(der->buffer, keyBuf, keySz); 53565 } 53566 } 53567 53568 switch (keyAlgo) { 53569 #ifndef NO_DH 53570 case WC_PK_TYPE_DH: 53571 staticKE->dhKey = der; 53572 break; 53573 #endif 53574 #ifdef HAVE_ECC 53575 case WC_PK_TYPE_ECDH: 53576 staticKE->ecKey = der; 53577 break; 53578 #endif 53579 default: 53580 /* not supported */ 53581 ret = NOT_COMPILED_IN; 53582 FreeDer(&der); 53583 break; 53584 } 53585 53586 #ifndef NO_FILESYSTEM 53587 if (keyFile && keyBuf) { 53588 XFREE(keyBuf, heap, DYNAMIC_TYPE_TMP_BUFFER); 53589 } 53590 #endif 53591 53592 WOLFSSL_LEAVE("SetStaticEphemeralKey", ret); 53593 53594 return ret; 53595 } 53596 53597 int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, 53598 const char* key, unsigned int keySz, int format) 53599 { 53600 if (ctx == NULL) { 53601 return BAD_FUNC_ARG; 53602 } 53603 53604 return SetStaticEphemeralKey(&ctx->staticKE, keyAlgo, key, keySz, format, 53605 ctx->heap, NULL); 53606 } 53607 53608 int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, 53609 const char* key, unsigned int keySz, int format) 53610 { 53611 if (ssl == NULL) { 53612 return BAD_FUNC_ARG; 53613 } 53614 53615 return SetStaticEphemeralKey(&ssl->staticKE, keyAlgo, key, keySz, format, 53616 ssl->heap, ssl->ctx); 53617 } 53618 53619 #endif /* WOLFSSL_STATIC_EPHEMERAL */ 53620 53621 #endif /* !WOLFCRYPT_ONLY */ -
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/tls.c
r457 r464 60 60 #endif /* HAVE_QSH */ 61 61 62 #if (!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ 63 !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) || \ 64 (defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)) 62 #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) 65 63 static int TLSX_KeyShare_IsSupported(int namedGroup); 66 64 #endif 67 65 68 #if ((!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ 69 !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) || \ 70 (defined(WOLFSSL_TLS13) && !defined(HAVE_ECC) && !defined(HAVE_CURVE25519) \ 71 && !defined(HAVE_CURVE448) && defined(HAVE_SUPPORTED_CURVES)) || \ 72 ((defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ 73 defined(HAVE_CURVE448)) && defined(HAVE_SUPPORTED_CURVES))) && \ 74 defined(HAVE_TLS_EXTENSIONS) 66 #ifdef HAVE_SUPPORTED_CURVES 75 67 static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions); 76 68 #endif … … 135 127 136 128 #ifdef WOLFSSL_RENESAS_TSIP_TLS 129 130 #if (WOLFSSL_RENESAS_TSIP_VER >=109) 131 132 int tsip_generateMasterSecretEx( 133 byte cipherSuiteFirst, 134 byte cipherSuite, 135 const byte* pr, /* pre-master */ 136 const byte* cr, /* client random */ 137 const byte* sr, /* server random */ 138 byte* ms); 139 140 #elif (WOLFSSL_RENESAS_TSIP_VER >=106) 141 142 int tsip_generateMasterSecret( 143 const byte* pre, 144 const byte* cr, 145 const byte* sr, 146 byte* ms); 147 148 #endif 149 137 150 int tsip_useable(const WOLFSSL *ssl); 138 int tsip_generateMasterSecret(const byte *pre,139 const byte *cr,const byte *sr,140 byte *ms/* out */);141 151 int tsip_generateSeesionKey(WOLFSSL *ssl); 142 int tsip_generateVerifyData(const byte *ms, const byte *side, 143 const byte *handshake_hash, 144 byte *hashes /* out */); 145 #endif 152 int tsip_generateVerifyData( 153 const byte* ms, 154 const byte* side, 155 const byte* handshake_hash, 156 byte* hashes); 157 158 #endif /*WOLFSSL_RENESAS_TSIP_TLS*/ 146 159 147 160 int BuildTlsHandshakeHash(WOLFSSL* ssl, byte* hash, word32* hashLen) … … 535 548 !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION) 536 549 if (tsip_useable(ssl)) { 550 551 #if (WOLFSSL_RENESAS_TSIP_VER>=109) 552 553 ret = tsip_generateMasterSecretEx( 554 ssl->options.cipherSuite0, 555 ssl->options.cipherSuite, 556 &ssl->arrays->preMasterSecret[VERSION_SZ], 557 ssl->arrays->clientRandom, 558 ssl->arrays->serverRandom, 559 ssl->arrays->tsip_masterSecret); 560 561 #elif (WOLFSSL_RENESAS_TSIP_VER>=106) 562 537 563 ret = tsip_generateMasterSecret( 538 564 &ssl->arrays->preMasterSecret[VERSION_SZ], … … 540 566 ssl->arrays->serverRandom, 541 567 ssl->arrays->tsip_masterSecret); 568 569 #else 570 571 ret = NOT_COMPILED_IN; 572 573 #endif 542 574 } else 543 575 #endif … … 642 674 return ret; 643 675 } 644 645 646 static WC_INLINE void GetSEQIncrement(WOLFSSL* ssl, int verify, word32 seq[2])647 {648 if (verify) {649 seq[0] = ssl->keys.peer_sequence_number_hi;650 seq[1] = ssl->keys.peer_sequence_number_lo++;651 if (seq[1] > ssl->keys.peer_sequence_number_lo) {652 /* handle rollover */653 ssl->keys.peer_sequence_number_hi++;654 }655 }656 else {657 seq[0] = ssl->keys.sequence_number_hi;658 seq[1] = ssl->keys.sequence_number_lo++;659 if (seq[1] > ssl->keys.sequence_number_lo) {660 /* handle rollover */661 ssl->keys.sequence_number_hi++;662 }663 }664 }665 666 667 #ifdef WOLFSSL_DTLS668 static WC_INLINE void DtlsGetSEQ(WOLFSSL* ssl, int order, word32 seq[2])669 {670 if (order == PREV_ORDER) {671 /* Previous epoch case */672 seq[0] = (((word32)ssl->keys.dtls_epoch - 1) << 16) |673 (ssl->keys.dtls_prev_sequence_number_hi & 0xFFFF);674 seq[1] = ssl->keys.dtls_prev_sequence_number_lo;675 }676 else if (order == PEER_ORDER) {677 seq[0] = ((word32)ssl->keys.curEpoch << 16) |678 (ssl->keys.curSeq_hi & 0xFFFF);679 seq[1] = ssl->keys.curSeq_lo; /* explicit from peer */680 }681 else {682 seq[0] = ((word32)ssl->keys.dtls_epoch << 16) |683 (ssl->keys.dtls_sequence_number_hi & 0xFFFF);684 seq[1] = ssl->keys.dtls_sequence_number_lo;685 }686 }687 #endif /* WOLFSSL_DTLS */688 689 690 static WC_INLINE void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out)691 {692 word32 seq[2] = {0, 0};693 694 if (!ssl->options.dtls) {695 GetSEQIncrement(ssl, verifyOrder, seq);696 }697 else {698 #ifdef WOLFSSL_DTLS699 DtlsGetSEQ(ssl, verifyOrder, seq);700 #endif701 }702 703 c32toa(seq[0], out);704 c32toa(seq[1], out + OPAQUE32_LEN);705 }706 707 708 /*** end copy ***/709 676 710 677 … … 1170 1137 1171 1138 int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz, 1172 int content, int verify )1139 int content, int verify, int epochOrder) 1173 1140 { 1174 1141 Hmac hmac; 1175 1142 byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ]; 1176 1143 int ret = 0; 1144 const byte* macSecret = NULL; 1145 word32 hashSz = 0; 1146 1147 if (ssl == NULL) 1148 return BAD_FUNC_ARG; 1149 1177 1150 #ifdef HAVE_TRUNCATED_HMAC 1178 word32hashSz = ssl->truncated_hmac ? (byte)TRUNCATED_HMAC_SZ1151 hashSz = ssl->truncated_hmac ? (byte)TRUNCATED_HMAC_SZ 1179 1152 : ssl->specs.hash_size; 1180 1153 #else 1181 word32 hashSz = ssl->specs.hash_size; 1182 #endif 1183 1184 if (ssl == NULL) 1185 return BAD_FUNC_ARG; 1154 hashSz = ssl->specs.hash_size; 1155 #endif 1186 1156 1187 1157 #ifdef HAVE_FUZZER … … 1198 1168 #endif 1199 1169 1200 wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify); 1170 if (!ssl->options.dtls) 1171 wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify); 1172 else 1173 wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, epochOrder); 1201 1174 #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ 1202 1175 !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION) … … 1218 1191 return ret; 1219 1192 1193 1194 #ifdef WOLFSSL_DTLS 1195 if (ssl->options.dtls) 1196 macSecret = wolfSSL_GetDtlsMacSecret(ssl, verify, epochOrder); 1197 else 1198 macSecret = wolfSSL_GetMacSecret(ssl, verify); 1199 #else 1200 macSecret = wolfSSL_GetMacSecret(ssl, verify); 1201 #endif 1220 1202 ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl), 1221 wolfSSL_GetMacSecret(ssl, verify),1203 macSecret, 1222 1204 ssl->specs.hash_size); 1205 1223 1206 if (ret == 0) { 1224 1207 /* Constant time verification required. */ … … 1375 1358 } 1376 1359 1360 #ifdef WOLFSSL_TLS13 1361 1362 /** 1363 * Creates a new extension and prepend it to the provided list. 1364 * Checks for duplicate extensions, keeps the newest. 1365 */ 1366 static int TLSX_Prepend(TLSX** list, TLSX_Type type, void* data, void* heap) 1367 { 1368 TLSX* extension = TLSX_New(type, data, heap); 1369 TLSX* curr = *list; 1370 1371 if (extension == NULL) 1372 return MEMORY_E; 1373 1374 /* remove duplicate extensions, there should be only one of each type. */ 1375 while (curr && curr->next) { 1376 if (curr->next->type == type) { 1377 TLSX *next = curr->next; 1378 1379 curr->next = next->next; 1380 next->next = NULL; 1381 1382 TLSX_FreeAll(next, heap); 1383 } 1384 curr = curr->next; 1385 } 1386 1387 if (curr) 1388 curr->next = extension; 1389 else 1390 *list = extension; 1391 1392 return 0; 1393 } 1394 1395 #endif /* WOLFSSL_TLS13 */ 1396 1377 1397 #ifndef NO_WOLFSSL_CLIENT 1378 1398 … … 2961 2981 { 2962 2982 int ret; 2983 #if !defined(NO_WOLFSSL_SERVER) 2984 byte status_type; 2985 word16 size = 0; 2986 #if defined(WOLFSSL_TLS13) 2987 DecodedCert* cert; 2988 #endif 2989 #endif 2990 2991 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) \ 2992 && defined(WOLFSSL_TLS13) 2993 OcspRequest* request; 2994 TLSX* extension; 2995 CertificateStatusRequest* csr; 2996 #endif 2997 2998 #if !defined(NO_WOLFSSL_CLIENT) && defined(WOLFSSL_TLS13) \ 2999 || !defined(NO_WOLFSSL_SERVER) 3000 word32 offset = 0; 3001 #endif 3002 3003 #if !defined(NO_WOLFSSL_CLIENT) && defined(WOLFSSL_TLS13) 3004 word32 resp_length; 3005 #endif 2963 3006 2964 3007 /* shut up compiler warnings */ … … 2967 3010 if (!isRequest) { 2968 3011 #ifndef NO_WOLFSSL_CLIENT 2969 TLSX* extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST); 2970 CertificateStatusRequest* csr = extension ? 2971 (CertificateStatusRequest*)extension->data : NULL; 3012 extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST); 3013 csr = extension ? (CertificateStatusRequest*)extension->data : NULL; 2972 3014 2973 3015 if (!csr) { … … 2990 3032 /* propagate nonce */ 2991 3033 if (csr->request.ocsp.nonceSz) { 2992 OcspRequest* request =2993 3034 request = 3035 (OcspRequest*)TLSX_CSR_GetRequest(ssl->extensions); 2994 3036 2995 3037 if (request) { … … 3007 3049 #ifdef WOLFSSL_TLS13 3008 3050 if (ssl->options.tls1_3) { 3009 word32 resp_length;3010 word32 offset = 0;3011 3012 3051 /* Get the new extension potentially created above. */ 3013 3052 extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST); … … 3027 3066 ret = BUFFER_ERROR; 3028 3067 } 3029 #if !defined(NO_WOLFSSL_SERVER)3030 3068 if (ret == 0) { 3031 3069 csr->response.buffer = input + offset; 3032 3070 csr->response.length = resp_length; 3033 3071 } 3034 #endif3035 3072 3036 3073 return ret; … … 3046 3083 else { 3047 3084 #ifndef NO_WOLFSSL_SERVER 3048 byte status_type;3049 word16 offset = 0;3050 word16 size = 0;3051 3052 3085 if (length == 0) 3053 3086 return 0; 3054 if (length < ENUM_LEN)3055 return BUFFER_ERROR;3056 3087 3057 3088 status_type = input[offset++]; … … 3061 3092 3062 3093 /* skip responder_id_list */ 3063 if ( length - offset< OPAQUE16_LEN)3094 if ((int)(length - offset) < OPAQUE16_LEN) 3064 3095 return BUFFER_ERROR; 3065 3096 … … 3068 3099 3069 3100 /* skip request_extensions */ 3070 if ( length - offset< OPAQUE16_LEN)3101 if ((int)(length - offset) < OPAQUE16_LEN) 3071 3102 return BUFFER_ERROR; 3072 3103 … … 3100 3131 return ret; /* throw error */ 3101 3132 3102 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER)3133 #if defined(WOLFSSL_TLS13) 3103 3134 if (ssl->options.tls1_3) { 3104 OcspRequest* request; 3105 TLSX* extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST); 3106 CertificateStatusRequest* csr = extension ? 3135 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), ssl->heap, 3136 DYNAMIC_TYPE_DCERT); 3137 if (cert == NULL) { 3138 return MEMORY_E; 3139 } 3140 InitDecodedCert(cert, ssl->buffers.certificate->buffer, 3141 ssl->buffers.certificate->length, ssl->heap); 3142 ret = ParseCert(cert, CERT_TYPE, 1, ssl->ctx->cm); 3143 if (ret != 0 ) { 3144 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); 3145 return ret; 3146 } 3147 ret = TLSX_CSR_InitRequest(ssl->extensions, cert, ssl->heap); 3148 if (ret != 0 ) { 3149 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); 3150 return ret; 3151 } 3152 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); 3153 3154 extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST); 3155 csr = extension ? 3107 3156 (CertificateStatusRequest*)extension->data : NULL; 3108 3157 if (csr == NULL) … … 3454 3503 3455 3504 while (length > offset) { 3456 if ( length - offset< ENUM_LEN + OPAQUE16_LEN)3505 if ((int)(length - offset) < ENUM_LEN + OPAQUE16_LEN) 3457 3506 return BUFFER_ERROR; 3458 3507 … … 3469 3518 case WOLFSSL_CSR2_OCSP_MULTI: 3470 3519 /* skip responder_id_list */ 3471 if ( length - offset< OPAQUE16_LEN)3520 if ((int)(length - offset) < OPAQUE16_LEN) 3472 3521 return BUFFER_ERROR; 3473 3522 … … 3478 3527 offset += OPAQUE16_LEN + size; 3479 3528 /* skip request_extensions */ 3480 if ( length - offset< OPAQUE16_LEN)3529 if ((int)(length - offset) < OPAQUE16_LEN) 3481 3530 return BUFFER_ERROR; 3482 3531 … … 3507 3556 #endif 3508 3557 3509 /* accept the first good status_type and return */ 3510 ret = TLSX_UseCertificateStatusRequestV2(&ssl->extensions, 3558 /* TLS 1.3 servers MUST NOT act upon presence or information in 3559 * this extension (RFC 8448 Section 4.4.2.1). 3560 */ 3561 if (!IsAtLeastTLSv1_3(ssl->version)) { 3562 /* accept the first good status_type and return */ 3563 ret = TLSX_UseCertificateStatusRequestV2(&ssl->extensions, 3511 3564 status_type, 0, ssl->heap, ssl->devId); 3512 if (ret != WOLFSSL_SUCCESS) 3513 return ret; /* throw error */ 3514 3515 TLSX_SetResponse(ssl, TLSX_STATUS_REQUEST_V2); 3516 ssl->status_request_v2 = status_type; 3565 if (ret != WOLFSSL_SUCCESS) 3566 return ret; /* throw error */ 3567 3568 TLSX_SetResponse(ssl, TLSX_STATUS_REQUEST_V2); 3569 ssl->status_request_v2 = status_type; 3570 } 3517 3571 3518 3572 return 0; … … 3708 3762 #error Elliptic Curves Extension requires Elliptic Curve Cryptography. \ 3709 3763 Use --enable-ecc in the configure script or define HAVE_ECC. \ 3710 Alternatively use FFDHE for DH cip erhsuites.3764 Alternatively use FFDHE for DH ciphersuites. 3711 3765 #endif 3712 3766 … … 3854 3908 #endif 3855 3909 } 3856 else { 3857 #ifdef HAVE_FFDHE 3858 return; 3859 #endif 3860 } 3861 } 3862 3910 } 3911 #ifdef HAVE_FFDHE 3912 return; 3913 #endif 3863 3914 /* turns semaphore on to avoid sending this extension. */ 3864 3915 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS)); 3865 3916 } 3866 3917 3867 #endif 3918 #endif /* WOLFSSL_TLS13 || !NO_WOLFSSL_CLIENT */ 3868 3919 3869 3920 #ifndef NO_WOLFSSL_SERVER … … 3897 3948 } 3898 3949 3899 #endif 3950 #endif /* !NO_WOLFSSL_SERVER */ 3951 3900 3952 #ifndef NO_WOLFSSL_CLIENT 3901 3953 … … 4056 4108 4057 4109 ext = TLSX_Find(priority, TLSX_SUPPORTED_GROUPS); 4110 if (ext == NULL) { 4111 WOLFSSL_MSG("Could not find supported groups extension"); 4112 return 0; 4113 } 4114 4058 4115 curve = (SupportedCurve*)ext->data; 4059 4116 name = curve->name; … … 4081 4138 } 4082 4139 4083 #endif 4140 #endif /* WOLFSSL_TLS13 && !WOLFSSL_NO_SERVER_GROUPS_EXT */ 4084 4141 4085 4142 #if defined(HAVE_FFDHE) && !defined(WOLFSSL_NO_TLS12) … … 4130 4187 4131 4188 4132 if ((ret = TLSX_PopulateSupportedGroups(ssl, &priority)) != WOLFSSL_SUCCESS) 4189 if ((ret = TLSX_PopulateSupportedGroups(ssl, &priority)) != WOLFSSL_SUCCESS) { 4190 TLSX_FreeAll(priority, ssl->heap); 4133 4191 return ret; 4192 } 4134 4193 ret = 0; 4135 4194 … … 4231 4290 } 4232 4291 4233 #endif 4292 #endif /* HAVE_SUPPORTED_CURVES */ 4234 4293 4235 4294 #ifndef NO_WOLFSSL_SERVER … … 4262 4321 SupportedCurve* curve = NULL; 4263 4322 word32 oid = 0; 4323 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_ED25519) || \ 4324 defined(HAVE_CURVE448) || defined(HAVE_ED448) || \ 4325 (!defined(NO_RSA) && defined(WOLFSSL_STATIC_DH)) 4264 4326 word32 pkOid = 0; 4327 #endif /* HAVE_ECC || HAVE_ED25519 || HAVE_ED448 || (!NO_RSA && STATIC_DH) */ 4265 4328 word32 defOid = 0; 4266 4329 word32 defSz = 80; /* Maximum known curve size is 66. */ … … 4274 4337 4275 4338 (void)oid; 4276 4339 (void)pkOid; 4340 4341 if (first == CHACHA_BYTE) { 4342 switch (second) { 4343 case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: 4344 case TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: 4345 case TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: 4346 case TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256: 4347 return 1; /* no suite restriction */ 4348 case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: 4349 case TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256: 4350 case TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: 4351 break; 4352 } 4353 } 4277 4354 if (first == ECC_BYTE || first == CHACHA_BYTE) 4278 4355 extension = TLSX_Find(ssl->extensions, TLSX_SUPPORTED_GROUPS); … … 4296 4373 switch (curve->name) { 4297 4374 #ifdef HAVE_ECC 4298 #if defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)4375 #if (defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 160 4299 4376 #ifndef NO_ECC_SECP 4300 4377 case WOLFSSL_ECC_SECP160R1: … … 4315 4392 break; 4316 4393 #endif /* HAVE_ECC_KOBLITZ */ 4317 #endif4318 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)4394 #endif 4395 #if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192 4319 4396 #ifndef NO_ECC_SECP 4320 4397 case WOLFSSL_ECC_SECP192R1: … … 4330 4407 #endif /* HAVE_ECC_KOBLITZ */ 4331 4408 #endif 4332 #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)4409 #if (defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224 4333 4410 #ifndef NO_ECC_SECP 4334 4411 case WOLFSSL_ECC_SECP224R1: … … 4344 4421 #endif /* HAVE_ECC_KOBLITZ */ 4345 4422 #endif 4346 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)4423 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 4347 4424 #ifndef NO_ECC_SECP 4348 4425 case WOLFSSL_ECC_SECP256R1: … … 4353 4430 #endif /* !NO_ECC256 || HAVE_ALL_CURVES */ 4354 4431 #endif 4355 #if def HAVE_CURVE255194432 #if (defined(HAVE_CURVE25519) || defined(HAVE_ED25519)) && ECC_MIN_KEY_SZ <= 256 4356 4433 case WOLFSSL_ECC_X25519: 4357 4434 oid = ECC_X25519_OID; … … 4365 4442 #endif /* HAVE_CURVE25519 */ 4366 4443 #ifdef HAVE_ECC 4367 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)4444 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 4368 4445 #ifdef HAVE_ECC_KOBLITZ 4369 4446 case WOLFSSL_ECC_SECP256K1: … … 4379 4456 #endif /* HAVE_ECC_BRAINPOOL */ 4380 4457 #endif 4381 #endif 4382 #ifdef HAVE_CURVE448 4458 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384 4459 #ifndef NO_ECC_SECP 4460 case WOLFSSL_ECC_SECP384R1: 4461 pkOid = oid = ECC_SECP384R1_OID; 4462 octets = 48; 4463 break; 4464 #endif /* !NO_ECC_SECP */ 4465 #ifdef HAVE_ECC_BRAINPOOL 4466 case WOLFSSL_ECC_BRAINPOOLP384R1: 4467 pkOid = oid = ECC_BRAINPOOLP384R1_OID; 4468 octets = 48; 4469 break; 4470 #endif /* HAVE_ECC_BRAINPOOL */ 4471 #endif 4472 #endif 4473 #if (defined(HAVE_CURVE448) || defined(HAVE_ED448)) && ECC_MIN_KEY_SZ <= 448 4383 4474 case WOLFSSL_ECC_X448: 4384 4475 oid = ECC_X448_OID; … … 4392 4483 #endif /* HAVE_CURVE448 */ 4393 4484 #ifdef HAVE_ECC 4394 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) 4395 #ifndef NO_ECC_SECP 4396 case WOLFSSL_ECC_SECP384R1: 4397 pkOid = oid = ECC_SECP384R1_OID; 4398 octets = 48; 4399 break; 4400 #endif /* !NO_ECC_SECP */ 4401 #ifdef HAVE_ECC_BRAINPOOL 4402 case WOLFSSL_ECC_BRAINPOOLP384R1: 4403 pkOid = oid = ECC_BRAINPOOLP384R1_OID; 4404 octets = 48; 4405 break; 4406 #endif /* HAVE_ECC_BRAINPOOL */ 4407 #endif 4408 #if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES) 4485 #if (defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 512 4409 4486 #ifdef HAVE_ECC_BRAINPOOL 4410 4487 case WOLFSSL_ECC_BRAINPOOLP512R1: … … 4414 4491 #endif /* HAVE_ECC_BRAINPOOL */ 4415 4492 #endif 4416 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)4493 #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 4417 4494 #ifndef NO_ECC_SECP 4418 4495 case WOLFSSL_ECC_SECP521R1: … … 4456 4533 if (first == ECC_BYTE) { 4457 4534 switch (second) { 4535 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) 4458 4536 /* ECDHE_ECDSA */ 4459 4537 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: … … 4472 4550 break; 4473 4551 4474 #ifdef WOLFSSL_STATIC_DH4552 #ifdef WOLFSSL_STATIC_DH 4475 4553 /* ECDH_ECDSA */ 4476 4554 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: … … 4493 4571 key |= ssl->pkCurveOID == oid; 4494 4572 break; 4495 #endif /* WOLFSSL_STATIC_DH */ 4573 #endif /* WOLFSSL_STATIC_DH */ 4574 #endif /* HAVE_ECC || HAVE_ED25519 || HAVE_ED448 */ 4496 4575 #ifndef NO_RSA 4497 4576 /* ECDHE_RSA */ … … 4509 4588 break; 4510 4589 4511 #ifdef WOLFSSL_STATIC_DH4590 #ifdef WOLFSSL_STATIC_DH 4512 4591 /* ECDH_RSA */ 4513 4592 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: … … 4530 4609 key |= ssl->pkCurveOID == pkOid; 4531 4610 break; 4532 #endif /* WOLFSSL_STATIC_DH */4611 #endif /* WOLFSSL_STATIC_DH */ 4533 4612 #endif 4534 4613 default: … … 4552 4631 if (first == CHACHA_BYTE) { 4553 4632 switch (second) { 4633 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) 4554 4634 /* ECDHE_ECDSA */ 4555 4635 case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 : … … 4559 4639 ephmSuite = 1; 4560 4640 break; 4641 #endif /* HAVE_ECC || HAVE_ED25519 || HAVE_ED448 */ 4561 4642 #ifndef NO_RSA 4562 4643 /* ECDHE_RSA */ … … 4816 4897 #endif 4817 4898 } 4818 else {4899 else if (ssl->secure_renegotiation != NULL) { 4819 4900 #ifndef NO_WOLFSSL_CLIENT 4820 4901 if (!ssl->secure_renegotiation->enabled) { … … 4982 5063 } 4983 5064 4984 if (length == 0) { 5065 if (length > SESSION_TICKET_LEN) { 5066 ret = BAD_TICKET_MSG_SZ; 5067 } else if (IsAtLeastTLSv1_3(ssl->version)) { 5068 WOLFSSL_MSG("Process client ticket rejected, TLS 1.3 no support"); 5069 ssl->options.rejectTicket = 1; 5070 ret = 0; /* not fatal */ 5071 } else if (ssl->options.noTicketTls12) { 5072 /* ignore ticket request */ 5073 } else if (length == 0) { 4985 5074 /* blank ticket */ 4986 5075 ret = TLSX_UseSessionTicket(&ssl->extensions, NULL, ssl->heap); 4987 5076 if (ret == WOLFSSL_SUCCESS) { 4988 5077 ret = 0; 4989 TLSX_SetResponse(ssl, TLSX_SESSION_TICKET); /* send blank ticket */ 5078 /* send blank ticket */ 5079 TLSX_SetResponse(ssl, TLSX_SESSION_TICKET); 4990 5080 ssl->options.createTicket = 1; /* will send ticket msg */ 4991 5081 ssl->options.useTicket = 1; … … 5015 5105 ssl->options.rejectTicket = 1; 5016 5106 ret = 0; /* not fatal */ 5107 } else if (ret == VERSION_ERROR) { 5108 WOLFSSL_MSG("Process client ticket rejected, bad TLS version"); 5109 ssl->options.rejectTicket = 1; 5110 ret = 0; /* not fatal */ 5017 5111 } else if (ret == WOLFSSL_TICKET_RET_FATAL || ret < 0) { 5018 5112 WOLFSSL_MSG("Process client ticket fatal error, not using"); … … 5876 5970 *pSz += (word16)(OPAQUE8_LEN + cnt * OPAQUE16_LEN); 5877 5971 } 5878 #ifndef WOLFSSL_TLS13_DRAFT_185879 5972 else if (msgType == server_hello || msgType == hello_retry_request) 5880 5973 *pSz += OPAQUE16_LEN; 5881 #endif5882 5974 else 5883 5975 return SANITY_MSG_E; … … 5957 6049 *pSz += (word16)(OPAQUE8_LEN + *cnt); 5958 6050 } 5959 #ifndef WOLFSSL_TLS13_DRAFT_185960 6051 else if (msgType == server_hello || msgType == hello_retry_request) { 5961 #ifdef WOLFSSL_TLS13_DRAFT 5962 if (ssl->version.major == SSLv3_MAJOR && 5963 ssl->version.minor == TLSv1_3_MINOR) { 5964 output[0] = TLS_DRAFT_MAJOR; 5965 output[1] = TLS_DRAFT_MINOR; 5966 } 5967 else 5968 #endif 5969 { 5970 output[0] = ssl->version.major; 5971 output[1] = ssl->version.minor; 5972 } 6052 output[0] = ssl->version.major; 6053 output[1] = ssl->version.minor; 5973 6054 5974 6055 *pSz += OPAQUE16_LEN; 5975 6056 } 5976 #endif5977 6057 else 5978 6058 return SANITY_MSG_E; … … 5998 6078 int newMinor = 0; 5999 6079 int set = 0; 6080 int ret; 6000 6081 6001 6082 if (msgType == client_hello) { … … 6050 6131 if (!ssl->options.tls1_3) { 6051 6132 ssl->options.tls1_3 = 1; 6052 TLSX_Push(&ssl->extensions, TLSX_SUPPORTED_VERSIONS, ssl, 6053 ssl->heap); 6054 #ifndef WOLFSSL_TLS13_DRAFT_18 6133 ret = TLSX_Prepend(&ssl->extensions, 6134 TLSX_SUPPORTED_VERSIONS, ssl, ssl->heap); 6135 if (ret != 0) { 6136 return ret; 6137 } 6055 6138 TLSX_SetResponse(ssl, TLSX_SUPPORTED_VERSIONS); 6056 #endif6057 6139 } 6058 6140 if (minor > newMinor) { … … 6075 6157 } 6076 6158 } 6077 #ifndef WOLFSSL_TLS13_DRAFT_186078 6159 else if (msgType == server_hello || msgType == hello_retry_request) { 6079 6160 /* Must contain one version. */ … … 6084 6165 minor = input[OPAQUE8_LEN]; 6085 6166 6086 #ifdef WOLFSSL_TLS13_DRAFT6087 if (major == TLS_DRAFT_MAJOR && minor == TLS_DRAFT_MINOR) {6088 major = SSLv3_MAJOR;6089 minor = TLSv1_3_MINOR;6090 }6091 #endif6092 6093 6167 if (major != pv.major) 6094 6168 return VERSION_ERROR; … … 6120 6194 } 6121 6195 } 6122 #endif6123 6196 else 6124 6197 return SANITY_MSG_E; … … 6155 6228 #endif /* WOLFSSL_TLS13 */ 6156 6229 6157 #if defined(WOLFSSL_TLS13) 6230 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SEND_HRR_COOKIE) 6158 6231 6159 6232 /******************************************************************************/ … … 6302 6375 XMEMCPY(&cookie->data + len, mac, macSz); 6303 6376 6377 if (extension->data != NULL) 6378 XFREE(extension->data, ssl->heap, DYNAMIC_TYPE_TLSX); 6379 6304 6380 extension->data = (void*)cookie; 6305 6381 extension->resp = (byte)resp; … … 6321 6397 6322 6398 #endif 6323 #if !defined( WOLFSSL_NO_SIGALG)6399 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 6324 6400 /******************************************************************************/ 6325 6401 /* Signature Algorithms */ … … 6418 6494 return BUFFER_ERROR; 6419 6495 6496 /* Sig Algo list size must be even. */ 6497 if (suites->hashSigAlgoSz % 2 != 0) 6498 return BUFFER_ERROR; 6499 6420 6500 /* truncate hashSigAlgo list if too long */ 6421 6501 suites->hashSigAlgoSz = len; … … 6453 6533 /******************************************************************************/ 6454 6534 6455 #ifdef WOLFSSL_TLS13 6456 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) 6535 #if defined(WOLFSSL_TLS13) && !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 6457 6536 /* Return the size of the SignatureAlgorithms extension's data. 6458 6537 * … … 6541 6620 #define SAC_WRITE TLSX_SignatureAlgorithmsCert_Write 6542 6621 #define SAC_PARSE TLSX_SignatureAlgorithmsCert_Parse 6543 #endif /* !WOLFSSL_TLS13_DRAFT_18 && !WOLFSSL_TLS13_DRAFT_22 */6544 6622 #endif /* WOLFSSL_TLS13 */ 6545 6623 … … 6549 6627 /******************************************************************************/ 6550 6628 6551 #if def WOLFSSL_TLS136629 #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) 6552 6630 /* Create a key share entry using named Diffie-Hellman parameters group. 6553 6631 * Generates a key pair. … … 6623 6701 } 6624 6702 6625 /* Allocate space for the public key .*/6703 /* Allocate space for the public key */ 6626 6704 dataSz = params->p_len; 6627 6705 keyData = (byte*)XMALLOC(dataSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); … … 6630 6708 goto end; 6631 6709 } 6632 /* Allocate space for the private key .*/6710 /* Allocate space for the private key */ 6633 6711 key = (byte*)XMALLOC(keySz, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); 6634 6712 if (key == NULL) { … … 6644 6722 goto end; 6645 6723 6646 /* Generate a new key pair. */ 6647 ret = wc_DhGenerateKeyPair(dhKey, ssl->rng, (byte*)key, &keySz, keyData, 6648 &dataSz); 6649 #ifdef WOLFSSL_ASYNC_CRYPT 6650 /* TODO: Make this function non-blocking */ 6651 if (ret == WC_PENDING_E) { 6652 ret = wc_AsyncWait(ret, &dhKey->asyncDev, WC_ASYNC_FLAG_NONE); 6653 } 6654 #endif 6724 #if defined(WOLFSSL_STATIC_EPHEMERAL) && defined(WOLFSSL_DH_EXTRA) 6725 if (ssl->staticKE.dhKey) { 6726 DerBuffer* keyDer = ssl->staticKE.dhKey; 6727 word32 idx = 0; 6728 WOLFSSL_MSG("Using static DH key"); 6729 ret = wc_DhKeyDecode(keyDer->buffer, &idx, dhKey, keyDer->length); 6730 if (ret == 0) { 6731 ret = wc_DhExportKeyPair(dhKey, (byte*)key, &keySz, keyData, &dataSz); 6732 } 6733 } 6734 else 6735 #endif 6736 { 6737 /* Generate a new key pair */ 6738 ret = wc_DhGenerateKeyPair(dhKey, ssl->rng, (byte*)key, &keySz, keyData, 6739 &dataSz); 6740 #ifdef WOLFSSL_ASYNC_CRYPT 6741 /* TODO: Make this function non-blocking */ 6742 if (ret == WC_PENDING_E) { 6743 ret = wc_AsyncWait(ret, &dhKey->asyncDev, WC_ASYNC_FLAG_NONE); 6744 } 6745 #endif 6746 } 6655 6747 if (ret != 0) 6656 6748 goto end; 6657 6749 6658 6750 if (params->p_len != dataSz) { 6659 /* Pad the front of the key data with zeros.*/6751 /* Zero pad the front of the public key to match prime "p" size */ 6660 6752 XMEMMOVE(keyData + params->p_len - dataSz, keyData, dataSz); 6661 6753 XMEMSET(keyData, 0, params->p_len - dataSz); … … 6865 6957 /* Translate named group to a curve id. */ 6866 6958 switch (kse->group) { 6867 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)6959 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 6868 6960 #ifndef NO_ECC_SECP 6869 6961 case WOLFSSL_ECC_SECP256R1: … … 6874 6966 #endif /* !NO_ECC_SECP */ 6875 6967 #endif 6876 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)6968 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384 6877 6969 #ifndef NO_ECC_SECP 6878 6970 case WOLFSSL_ECC_SECP384R1: … … 6883 6975 #endif /* !NO_ECC_SECP */ 6884 6976 #endif 6885 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)6977 #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 6886 6978 #ifndef NO_ECC_SECP 6887 6979 case WOLFSSL_ECC_SECP521R1: … … 6892 6984 #endif /* !NO_ECC_SECP */ 6893 6985 #endif 6894 #if def HAVE_X4486986 #if defined(HAVE_X448) && ECC_MIN_KEY_SZ <= 448 6895 6987 case WOLFSSL_ECC_X448: 6896 6988 curveId = ECC_X448; … … 6915 7007 if (ret != 0) 6916 7008 goto end; 6917 ret = wc_ecc_make_key_ex(ssl->rng, keySize, eccKey, curveId); 6918 #ifdef WOLFSSL_ASYNC_CRYPT 6919 /* TODO: Make this function non-blocking */ 6920 if (ret == WC_PENDING_E) { 6921 ret = wc_AsyncWait(ret, &eccKey->asyncDev, WC_ASYNC_FLAG_NONE); 6922 } 6923 #endif 7009 7010 #ifdef WOLFSSL_STATIC_EPHEMERAL 7011 if (ssl->staticKE.ecKey) { 7012 DerBuffer* keyDer = ssl->staticKE.ecKey; 7013 word32 idx = 0; 7014 WOLFSSL_MSG("Using static ECDH key"); 7015 ret = wc_EccPrivateKeyDecode(keyDer->buffer, &idx, eccKey, keyDer->length); 7016 } 7017 else 7018 #endif 7019 { 7020 /* Generate ephemeral ECC key */ 7021 ret = wc_ecc_make_key_ex(ssl->rng, keySize, eccKey, curveId); 7022 #ifdef WOLFSSL_ASYNC_CRYPT 7023 /* TODO: Make this function non-blocking */ 7024 if (ret == WC_PENDING_E) { 7025 ret = wc_AsyncWait(ret, &eccKey->asyncDev, WC_ASYNC_FLAG_NONE); 7026 } 7027 #endif 7028 } 6924 7029 if (ret != 0) 6925 7030 goto end; … … 7410 7515 /* find supported curve */ 7411 7516 switch (keyShareEntry->group) { 7412 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)7517 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 7413 7518 #ifndef NO_ECC_SECP 7414 7519 case WOLFSSL_ECC_SECP256R1: … … 7417 7522 #endif /* !NO_ECC_SECP */ 7418 7523 #endif 7419 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)7524 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384 7420 7525 #ifndef NO_ECC_SECP 7421 7526 case WOLFSSL_ECC_SECP384R1: … … 7424 7529 #endif /* !NO_ECC_SECP */ 7425 7530 #endif 7426 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)7531 #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 7427 7532 #ifndef NO_ECC_SECP 7428 7533 case WOLFSSL_ECC_SECP521R1: … … 7431 7536 #endif /* !NO_ECC_SECP */ 7432 7537 #endif 7433 #if def HAVE_X4487538 #if defined(HAVE_X448) && ECC_MIN_KEY_SZ <= 448 7434 7539 case WOLFSSL_ECC_X448: 7435 7540 curveId = ECC_X448; … … 7452 7557 } 7453 7558 ssl->ecdhCurveOID = ssl->peerEccKey->dp->oidSum; 7559 7560 #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ 7561 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ 7562 !defined(HAVE_SELFTEST) 7563 ret = wc_ecc_set_rng(keyShareKey, ssl->rng); 7564 if (ret != 0) { 7565 return ret; 7566 } 7567 #endif 7454 7568 7455 7569 do { … … 7897 8011 break; 7898 8012 #endif 7899 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)8013 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 7900 8014 #ifndef NO_ECC_SECP 7901 8015 case WOLFSSL_ECC_SECP256R1: … … 7903 8017 #endif /* !NO_ECC_SECP */ 7904 8018 #endif 7905 #if def HAVE_CURVE255198019 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 7906 8020 case WOLFSSL_ECC_X25519: 7907 8021 break; 7908 8022 #endif 7909 #if def HAVE_CURVE4488023 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 7910 8024 case WOLFSSL_ECC_X448: 7911 8025 break; 7912 8026 #endif 7913 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)8027 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384 7914 8028 #ifndef NO_ECC_SECP 7915 8029 case WOLFSSL_ECC_SECP384R1: … … 7917 8031 #endif /* !NO_ECC_SECP */ 7918 8032 #endif 7919 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)8033 #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 7920 8034 #ifndef NO_ECC_SECP 7921 8035 case WOLFSSL_ECC_SECP521R1: … … 7944 8058 if (ssl->numGroups == 0) { 7945 8059 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) 7946 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)8060 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 7947 8061 #ifndef NO_ECC_SECP 7948 8062 ssl->group[ssl->numGroups++] = WOLFSSL_ECC_SECP256R1; … … 7951 8065 #endif 7952 8066 #ifndef HAVE_FIPS 7953 #if defined(HAVE_CURVE25519) 8067 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 7954 8068 ssl->group[ssl->numGroups++] = WOLFSSL_ECC_X25519; 7955 8069 #endif 7956 8070 #endif 7957 8071 #ifndef HAVE_FIPS 7958 #if defined(HAVE_CURVE448) 8072 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 7959 8073 ssl->group[ssl->numGroups++] = WOLFSSL_ECC_X448; 7960 8074 #endif 7961 8075 #endif 7962 8076 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) 7963 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)8077 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384 7964 8078 #ifndef NO_ECC_SECP 7965 8079 ssl->group[ssl->numGroups++] = WOLFSSL_ECC_SECP384R1; 7966 8080 #endif 7967 8081 #endif 7968 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)8082 #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 7969 8083 #ifndef NO_ECC_SECP 7970 8084 ssl->group[ssl->numGroups++] = WOLFSSL_ECC_SECP521R1; … … 8091 8205 return BAD_KEY_SHARE_DATA; 8092 8206 8093 #ifdef OPENSSL_EXTRA8094 8207 if ((clientKSE->group & NAMED_DH_MASK) == 0) { 8208 /* Check max value supported. */ 8209 if (clientKSE->group > WOLFSSL_ECC_MAX) { 8210 continue; 8211 } 8212 #ifdef OPENSSL_EXTRA 8095 8213 /* Check if server supports group. */ 8096 if (ssl->ctx->disabledCurves & ( 1 << clientKSE->group))8214 if (ssl->ctx->disabledCurves & ((word32)1 << clientKSE->group)) 8097 8215 continue; 8098 }8099 #endif8216 #endif 8217 } 8100 8218 if (!TLSX_KeyShare_IsSupported(clientKSE->group)) 8101 8219 continue; … … 8405 8523 8406 8524 /* Length of identities and of binders. */ 8407 if ( length - idx< OPAQUE16_LEN + OPAQUE16_LEN)8525 if ((int)(length - idx) < OPAQUE16_LEN + OPAQUE16_LEN) 8408 8526 return BUFFER_E; 8409 8527 … … 8955 9073 * In messages: ClientHello, EncryptedExtensions and NewSessionTicket. 8956 9074 * 8957 * max 9075 * maxSz The maximum early data size. 8958 9076 * output The buffer to write into. 8959 9077 * msgType The type of the message this extension is being written into. 8960 9078 * returns the number of bytes written into the buffer. 8961 9079 */ 8962 static int TLSX_EarlyData_Write(word32 max , byte* output, byte msgType,9080 static int TLSX_EarlyData_Write(word32 maxSz, byte* output, byte msgType, 8963 9081 word16* pSz) 8964 9082 { … … 8966 9084 return 0; 8967 9085 else if (msgType == session_ticket) { 8968 c32toa(max , output);9086 c32toa(maxSz, output); 8969 9087 *pSz += OPAQUE32_LEN; 8970 9088 return 0; … … 9023 9141 /* Use the data to create a new Early Data object in the extensions. 9024 9142 * 9025 * ssl The SSL/TLS object.9026 * max The maximum early data size.9143 * ssl The SSL/TLS object. 9144 * maxSz The maximum early data size. 9027 9145 * returns 0 on success and other values indicate failure. 9028 9146 */ 9029 int TLSX_EarlyData_Use(WOLFSSL* ssl, word32 max )9147 int TLSX_EarlyData_Use(WOLFSSL* ssl, word32 maxSz) 9030 9148 { 9031 9149 int ret = 0; … … 9046 9164 9047 9165 extension->resp = 1; 9048 extension->val = max ;9166 extension->val = maxSz; 9049 9167 9050 9168 return 0; … … 9106 9224 switch (extension->type) { 9107 9225 9226 #ifdef HAVE_SNI 9108 9227 case TLSX_SERVER_NAME: 9109 9228 SNI_FREE_ALL((SNI*)extension->data, heap); 9110 9229 break; 9230 #endif 9111 9231 9112 9232 case TLSX_TRUSTED_CA_KEYS: … … 9118 9238 break; 9119 9239 9240 case TLSX_EXTENDED_MASTER_SECRET: 9120 9241 case TLSX_TRUNCATED_HMAC: 9121 9242 /* Nothing to do. */ … … 9154 9275 ALPN_FREE_ALL((ALPN*)extension->data, heap); 9155 9276 break; 9156 #if !defined( WOLFSSL_NO_SIGALG)9277 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 9157 9278 case TLSX_SIGNATURE_ALGORITHMS: 9158 9279 break; … … 9166 9287 break; 9167 9288 9289 #ifdef WOLFSSL_SEND_HRR_COOKIE 9168 9290 case TLSX_COOKIE: 9169 9291 CKE_FREE_ALL((Cookie*)extension->data, heap); 9170 9292 break; 9293 #endif 9171 9294 9172 9295 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) … … 9189 9312 #endif 9190 9313 9191 #if !defined( WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22)9314 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 9192 9315 case TLSX_SIGNATURE_ALGORITHMS_CERT: 9193 9316 break; … … 9235 9358 length += HELLO_EXT_TYPE_SZ + OPAQUE16_LEN; 9236 9359 9237 9238 9360 switch (extension->type) { 9239 9361 9362 #ifdef HAVE_SNI 9240 9363 case TLSX_SERVER_NAME: 9241 9364 /* SNI only sends the name on the request. */ … … 9243 9366 length += SNI_GET_SIZE((SNI*)extension->data); 9244 9367 break; 9368 #endif 9245 9369 9246 9370 case TLSX_TRUSTED_CA_KEYS: … … 9254 9378 break; 9255 9379 9380 case TLSX_EXTENDED_MASTER_SECRET: 9256 9381 case TLSX_TRUNCATED_HMAC: 9257 9382 /* always empty. */ … … 9294 9419 length += ALPN_GET_SIZE((ALPN*)extension->data); 9295 9420 break; 9296 #if !defined( WOLFSSL_NO_SIGALG)9421 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 9297 9422 case TLSX_SIGNATURE_ALGORITHMS: 9298 9423 length += SA_GET_SIZE(extension->data); … … 9309 9434 break; 9310 9435 9436 #ifdef WOLFSSL_SEND_HRR_COOKIE 9311 9437 case TLSX_COOKIE: 9312 9438 ret = CKE_GET_SIZE((Cookie*)extension->data, msgType, &length); 9313 9439 break; 9440 #endif 9314 9441 9315 9442 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) … … 9336 9463 #endif 9337 9464 9338 #if !defined( WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22)9465 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 9339 9466 case TLSX_SIGNATURE_ALGORITHMS_CERT: 9340 9467 length += SAC_GET_SIZE(extension->data); … … 9387 9514 /* extension data should be written internally. */ 9388 9515 switch (extension->type) { 9516 #ifdef HAVE_SNI 9389 9517 case TLSX_SERVER_NAME: 9390 9518 if (isRequest) { … … 9393 9521 } 9394 9522 break; 9523 #endif 9395 9524 9396 9525 case TLSX_TRUSTED_CA_KEYS: … … 9404 9533 WOLFSSL_MSG("Max Fragment Length extension to write"); 9405 9534 offset += MFL_WRITE((byte*)extension->data, output + offset); 9535 break; 9536 9537 case TLSX_EXTENDED_MASTER_SECRET: 9538 WOLFSSL_MSG("Extended Master Secret"); 9539 /* always empty. */ 9406 9540 break; 9407 9541 … … 9461 9595 offset += ALPN_WRITE((ALPN*)extension->data, output + offset); 9462 9596 break; 9463 #if !defined( WOLFSSL_NO_SIGALG)9597 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 9464 9598 case TLSX_SIGNATURE_ALGORITHMS: 9465 9599 WOLFSSL_MSG("Signature Algorithms extension to write"); … … 9479 9613 break; 9480 9614 9615 #ifdef WOLFSSL_SEND_HRR_COOKIE 9481 9616 case TLSX_COOKIE: 9482 9617 WOLFSSL_MSG("Cookie extension to write"); … … 9484 9619 msgType, &offset); 9485 9620 break; 9621 #endif 9486 9622 9487 9623 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) … … 9514 9650 #endif 9515 9651 9516 #if !defined( WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22)9652 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 9517 9653 case TLSX_SIGNATURE_ALGORITHMS_CERT: 9518 9654 WOLFSSL_MSG("Signature Algorithms extension to write"); … … 9733 9869 #endif /* HAVE_QSH */ 9734 9870 9735 #if (!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ 9736 !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) || \ 9737 (defined(WOLFSSL_TLS13) && !defined(HAVE_ECC) && !defined(HAVE_CURVE25519) \ 9738 && !defined(HAVE_CURVE448) && defined(HAVE_SUPPORTED_CURVES)) || \ 9739 ((defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ 9740 defined(HAVE_CURVE448)) && defined(HAVE_SUPPORTED_CURVES)) 9871 #ifdef HAVE_SUPPORTED_CURVES 9741 9872 9742 9873 /* Populates the default supported groups / curves */ … … 9745 9876 int ret = WOLFSSL_SUCCESS; 9746 9877 #ifdef WOLFSSL_TLS13 9747 int i;9748 9749 9878 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 9750 9879 if (ssl->options.resuming && ssl->session.namedGroup != 0) { … … 9755 9884 9756 9885 if (ssl->numGroups != 0) { 9886 int i; 9757 9887 for (i = 0; i < ssl->numGroups; i++) { 9758 9888 ret = TLSX_UseSupportedCurve(extensions, ssl->group[i], ssl->heap); … … 9764 9894 #endif /* WOLFSSL_TLS13 */ 9765 9895 9766 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)9896 #if defined(HAVE_ECC) 9767 9897 /* list in order by strength, since not all servers choose by strength */ 9768 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)9898 #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 9769 9899 #ifndef NO_ECC_SECP 9770 9900 ret = TLSX_UseSupportedCurve(extensions, … … 9773 9903 #endif 9774 9904 #endif 9775 #if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)9905 #if (defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 512 9776 9906 #ifdef HAVE_ECC_BRAINPOOL 9777 9907 ret = TLSX_UseSupportedCurve(extensions, … … 9780 9910 #endif 9781 9911 #endif 9782 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)9912 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384 9783 9913 #ifndef NO_ECC_SECP 9784 9914 ret = TLSX_UseSupportedCurve(extensions, … … 9792 9922 #endif 9793 9923 #endif 9794 #endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES*/9924 #endif /* HAVE_ECC */ 9795 9925 9796 9926 #ifndef HAVE_FIPS 9797 #if defined(HAVE_CURVE448) 9927 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 9798 9928 ret = TLSX_UseSupportedCurve(extensions, 9799 9929 WOLFSSL_ECC_X448, ssl->heap); … … 9803 9933 9804 9934 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) 9805 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)9935 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 9806 9936 #ifndef NO_ECC_SECP 9807 9937 ret = TLSX_UseSupportedCurve(extensions, … … 9820 9950 #endif 9821 9951 #endif 9822 #endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES*/9952 #endif /* HAVE_ECC */ 9823 9953 9824 9954 #ifndef HAVE_FIPS 9825 #if defined(HAVE_CURVE25519) 9955 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 9826 9956 ret = TLSX_UseSupportedCurve(extensions, 9827 9957 WOLFSSL_ECC_X25519, ssl->heap); … … 9831 9961 9832 9962 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) 9833 #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)9963 #if (defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224 9834 9964 #ifndef NO_ECC_SECP 9835 9965 ret = TLSX_UseSupportedCurve(extensions, … … 9845 9975 9846 9976 #ifndef HAVE_FIPS 9847 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)9977 #if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192 9848 9978 #ifndef NO_ECC_SECP 9849 9979 ret = TLSX_UseSupportedCurve(extensions, … … 9857 9987 #endif 9858 9988 #endif 9859 #if defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)9989 #if (defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 160 9860 9990 #ifndef NO_ECC_SECP 9861 9991 ret = TLSX_UseSupportedCurve(extensions, … … 9875 10005 #endif 9876 10006 #endif /* HAVE_FIPS */ 9877 #endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES*/9878 9879 10007 #endif /* HAVE_ECC */ 10008 10009 /* Add FFDHE supported groups. */ 9880 10010 #ifdef HAVE_FFDHE_8192 9881 10011 if (8192/8 >= ssl->options.minDhKeySz && … … 9930 10060 } 9931 10061 9932 #endif 10062 #endif /* HAVE_SUPPORTED_CURVES */ 10063 10064 #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) 10065 10066 static const word16 preferredGroup[] = { 10067 #if defined(HAVE_ECC) && (!defined(NO_ECC256) || \ 10068 defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) && ECC_MIN_KEY_SZ <= 256 10069 WOLFSSL_ECC_SECP256R1, 10070 #endif 10071 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 10072 WOLFSSL_ECC_X25519, 10073 #endif 10074 #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 10075 WOLFSSL_ECC_X448, 10076 #endif 10077 #if defined(HAVE_ECC) && (!defined(NO_ECC384) || \ 10078 defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) && ECC_MIN_KEY_SZ <= 384 10079 WOLFSSL_ECC_SECP384R1, 10080 #endif 10081 #if defined(HAVE_ECC) && (!defined(NO_ECC521) || \ 10082 defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) && ECC_MIN_KEY_SZ <= 521 10083 WOLFSSL_ECC_SECP521R1, 10084 #endif 10085 #if defined(HAVE_FFDHE_2048) 10086 WOLFSSL_FFDHE_2048, 10087 #endif 10088 #if defined(HAVE_FFDHE_3072) 10089 WOLFSSL_FFDHE_3072, 10090 #endif 10091 #if defined(HAVE_FFDHE_4096) 10092 WOLFSSL_FFDHE_4096, 10093 #endif 10094 #if defined(HAVE_FFDHE_6144) 10095 WOLFSSL_FFDHE_6144, 10096 #endif 10097 #if defined(HAVE_FFDHE_8192) 10098 WOLFSSL_FFDHE_8192, 10099 #endif 10100 }; 10101 #define PREFERRED_GROUP_SZ (sizeof(preferredGroup) / sizeof(*preferredGroup)) 10102 10103 #endif /* WOLFSSL_TLS13 && HAVE_SUPPORTED_CURVES */ 9933 10104 9934 10105 int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) … … 10052 10223 } /* is not server */ 10053 10224 10054 #if !defined( WOLFSSL_NO_SIGALG)10225 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 10055 10226 WOLFSSL_MSG("Adding signature algorithms extension"); 10056 10227 if ((ret = TLSX_SetSignatureAlgorithms(&ssl->extensions, ssl, ssl->heap)) … … 10061 10232 ret = 0; 10062 10233 #endif 10063 10234 #ifdef WOLFSSL_TLS13 10064 10235 if (!isServer && IsAtLeastTLSv1_3(ssl->version)) { 10065 10236 /* Add mandatory TLS v1.3 extension: supported version */ … … 10079 10250 ret = 0; 10080 10251 } 10081 #endif /* (HAVE_ECC || CURVE25519 || CURVE448) && HAVE_SUPPORTED_CURVES */10082 10083 #if !defined( WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22)10252 #endif /* !(HAVE_ECC || CURVE25519 || CURVE448) && HAVE_SUPPORTED_CURVES */ 10253 10254 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 10084 10255 if (ssl->certHashSigAlgoSz > 0) { 10085 10256 WOLFSSL_MSG("Adding signature algorithms cert extension"); … … 10089 10260 } 10090 10261 } 10091 #endif /* !WOLFSSL_TLS13_DRAFT_18 && !WOLFSSL_TLS13_DRAFT_22 */ 10092 10262 #endif 10263 10264 #if defined(HAVE_SUPPORTED_CURVES) 10093 10265 if (TLSX_Find(ssl->extensions, TLSX_KEY_SHARE) == NULL) { 10094 10266 word16 namedGroup; 10095 10267 10096 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)10268 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10097 10269 if (ssl->options.resuming && ssl->session.namedGroup != 0) 10098 10270 namedGroup = ssl->session.namedGroup; 10099 10271 else 10100 #endif 10101 { 10102 #if defined(HAVE_ECC) && (!defined(NO_ECC256) || \ 10103 defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) 10104 namedGroup = WOLFSSL_ECC_SECP256R1; 10105 #elif defined(HAVE_CURVE25519) 10106 namedGroup = WOLFSSL_ECC_X25519; 10107 #elif defined(HAVE_CURVE448) 10108 namedGroup = WOLFSSL_ECC_X448; 10109 #elif defined(HAVE_ECC) && (!defined(NO_ECC384) || \ 10110 defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) 10111 namedGroup = WOLFSSL_ECC_SECP384R1; 10112 #elif defined(HAVE_ECC) && (!defined(NO_ECC521) || \ 10113 defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) 10114 namedGroup = WOLFSSL_ECC_SECP521R1; 10115 #elif defined(HAVE_FFDHE_2048) 10116 namedGroup = WOLFSSL_FFDHE_2048; 10117 #elif defined(HAVE_FFDHE_3072) 10118 namedGroup = WOLFSSL_FFDHE_3072; 10119 #elif defined(HAVE_FFDHE_4096) 10120 namedGroup = WOLFSSL_FFDHE_4096; 10121 #elif defined(HAVE_FFDHE_6144) 10122 namedGroup = WOLFSSL_FFDHE_6144; 10123 #elif defined(HAVE_FFDHE_8192) 10124 namedGroup = WOLFSSL_FFDHE_8192; 10125 #else 10272 #endif 10273 if (PREFERRED_GROUP_SZ == 0) { 10274 WOLFSSL_MSG("No groups in preference list"); 10126 10275 return KEY_SHARE_ERROR; 10127 #endif 10276 } 10277 else if (ssl->numGroups > 0) { 10278 int set = 0; 10279 int i, j; 10280 10281 /* Default to first group in supported list. */ 10282 namedGroup = ssl->group[0]; 10283 /* Try to find preferred in supported list. */ 10284 for (i = 0; i < (int)PREFERRED_GROUP_SZ && !set; i++) { 10285 for (j = 0; j < ssl->numGroups; j++) { 10286 if (preferredGroup[i] == ssl->group[j]) { 10287 /* Most preferred that is supported. */ 10288 namedGroup = ssl->group[j]; 10289 set = 1; 10290 break; 10291 } 10292 } 10293 } 10294 } 10295 else { 10296 /* Choose the most preferred group. */ 10297 namedGroup = preferredGroup[0]; 10128 10298 } 10129 10299 ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL); … … 10131 10301 return ret; 10132 10302 } 10303 #endif 10133 10304 10134 10305 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) … … 10171 10342 byte cipherSuite0 = TLS13_BYTE; 10172 10343 byte cipherSuite = WOLFSSL_DEF_PSK_CIPHER; 10344 int cipherSuiteFlags = WOLFSSL_CIPHER_SUITE_FLAG_NONE; 10173 10345 const char* cipherName = NULL; 10174 10346 … … 10179 10351 ssl->arrays->psk_key, MAX_PSK_KEY_LEN, &cipherName); 10180 10352 if (GetCipherSuiteFromName(cipherName, &cipherSuite0, 10181 &cipherSuite) != 0) {10353 &cipherSuite, &cipherSuiteFlags) != 0) { 10182 10354 return PSK_KEY_ERROR; 10183 10355 } … … 10193 10365 } 10194 10366 ssl->arrays->client_identity[MAX_PSK_ID_LEN] = '\0'; 10195 /* TODO: Callback should be able to change ciphersuite. */10196 10367 ssl->options.cipherSuite0 = cipherSuite0; 10197 10368 ssl->options.cipherSuite = cipherSuite; 10369 (void)cipherSuiteFlags; 10198 10370 ret = SetCipherSpecs(ssl); 10199 10371 if (ret != 0) … … 10237 10409 } 10238 10410 10239 10411 #endif 10240 10412 10241 10413 (void)isServer; … … 10264 10436 QSH_VALIDATE_REQUEST(ssl, semaphore); 10265 10437 WOLF_STK_VALIDATE_REQUEST(ssl); 10266 #if !defined( WOLFSSL_NO_SIGALG)10438 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 10267 10439 if (ssl->suites->hashSigAlgoSz == 0) 10268 10440 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); … … 10271 10443 if (!IsAtLeastTLSv1_2(ssl)) 10272 10444 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 10445 #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) 10273 10446 if (!IsAtLeastTLSv1_3(ssl->version)) { 10274 10447 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10275 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)10448 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10276 10449 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 10277 10450 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PSK_KEY_EXCHANGE_MODES)); 10451 #endif 10452 #ifdef WOLFSSL_EARLY_DATA 10453 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EARLY_DATA)); 10454 #endif 10455 #ifdef WOLFSSL_SEND_HRR_COOKIE 10456 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); 10457 #endif 10458 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH 10459 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH)); 10460 #endif 10461 } 10278 10462 #endif 10279 #ifdef WOLFSSL_EARLY_DATA10280 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EARLY_DATA));10281 #endif10282 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_COOKIE));10283 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH10284 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH));10285 #endif10286 }10287 10463 #endif 10288 10464 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ … … 10299 10475 #ifndef NO_CERTS 10300 10476 else if (msgType == certificate_request) { 10477 /* Don't send out any extension except those that are turned off. */ 10301 10478 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 10302 #if !defined( WOLFSSL_NO_SIGALG)10479 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 10303 10480 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); 10304 10481 #endif … … 10353 10530 WOLF_STK_VALIDATE_REQUEST(ssl); 10354 10531 QSH_VALIDATE_REQUEST(ssl, semaphore); 10355 #if !defined( WOLFSSL_NO_SIGALG)10532 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 10356 10533 if (ssl->suites->hashSigAlgoSz == 0) 10357 10534 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); … … 10360 10537 if (!IsAtLeastTLSv1_2(ssl)) 10361 10538 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 10539 #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) 10362 10540 if (!IsAtLeastTLSv1_3(ssl->version)) { 10363 10541 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10364 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)10542 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10365 10543 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PSK_KEY_EXCHANGE_MODES)); 10544 #endif 10545 #ifdef WOLFSSL_EARLY_DATA 10546 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EARLY_DATA)); 10547 #endif 10548 #ifdef WOLFSSL_SEND_HRR_COOKIE 10549 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); 10550 #endif 10551 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH 10552 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH)); 10553 #endif 10554 } 10366 10555 #endif 10367 #ifdef WOLFSSL_EARLY_DATA10368 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EARLY_DATA));10369 #endif10370 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_COOKIE));10371 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH10372 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH));10373 #endif10374 }10375 10556 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10376 10557 /* Must write Pre-shared Key extension at the end in TLS v1.3. … … 10393 10574 #ifndef NO_CERTS 10394 10575 else if (msgType == certificate_request) { 10576 /* Don't send out any extension except those that are turned off. */ 10395 10577 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 10396 #if !defined( WOLFSSL_NO_SIGALG)10578 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 10397 10579 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); 10398 10580 #endif … … 10467 10649 if (IsAtLeastTLSv1_3(ssl->version)) { 10468 10650 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 10469 #ifndef WOLFSSL_TLS13_DRAFT_1810470 10651 TURN_OFF(semaphore, 10471 10652 TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 10472 #endif10653 #ifdef HAVE_SUPPORTED_CURVES 10473 10654 if (!ssl->options.noPskDheKe) 10474 10655 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10656 #endif 10475 10657 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10476 10658 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 10477 10659 #endif 10478 10660 } 10661 #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) 10479 10662 else { 10663 #ifdef HAVE_SUPPORTED_CURVES 10480 10664 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10481 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10665 #endif 10666 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10482 10667 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 10668 #endif 10669 } 10483 10670 #endif 10484 }10485 10671 #endif 10486 10672 break; … … 10489 10675 case hello_retry_request: 10490 10676 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 10491 #ifndef WOLFSSL_TLS13_DRAFT_1810492 10677 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 10493 # endif10678 #ifdef HAVE_SUPPORTED_CURVES 10494 10679 if (!ssl->options.noPskDheKe) 10495 10680 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10681 #endif 10682 #ifdef WOLFSSL_SEND_HRR_COOKIE 10496 10683 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); 10684 #endif 10497 10685 break; 10498 10686 #endif … … 10500 10688 #ifdef WOLFSSL_TLS13 10501 10689 case encrypted_extensions: 10690 /* Send out all extension except those that are turned on. */ 10691 #ifdef HAVE_ECC 10502 10692 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS)); 10693 #endif 10503 10694 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 10695 #ifdef HAVE_SESSION_TICKET 10504 10696 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SESSION_TICKET)); 10697 #endif 10698 #ifdef HAVE_SUPPORTED_CURVES 10505 10699 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10700 #endif 10506 10701 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10507 10702 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); … … 10509 10704 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST 10510 10705 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST)); 10706 #endif 10707 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 10708 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST_V2)); 10511 10709 #endif 10512 10710 #if defined(HAVE_SECURE_RENEGOTIATION) … … 10529 10727 #ifndef NO_CERTS 10530 10728 case certificate: 10729 /* Don't send out any extension except those that are turned off. */ 10531 10730 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 10532 10731 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST)); … … 10587 10786 if (IsAtLeastTLSv1_3(ssl->version)) { 10588 10787 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 10589 #ifndef WOLFSSL_TLS13_DRAFT_1810590 10788 TURN_OFF(semaphore, 10591 10789 TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 10592 #endif10790 #ifdef HAVE_SUPPORTED_CURVES 10593 10791 if (!ssl->options.noPskDheKe) 10594 10792 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10595 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10793 #endif 10794 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10596 10795 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 10796 #endif 10797 } 10798 #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) 10799 else { 10800 #ifdef HAVE_SUPPORTED_CURVES 10801 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10802 #endif 10803 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10804 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 10805 #endif 10806 } 10597 10807 #endif 10598 }10599 else {10600 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE));10601 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)10602 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY));10603 #endif10604 }10605 10808 #endif 10606 10809 break; … … 10609 10812 case hello_retry_request: 10610 10813 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 10611 #ifndef WOLFSSL_TLS13_DRAFT_1810612 10814 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 10613 # endif10815 #ifdef HAVE_SUPPORTED_CURVES 10614 10816 if (!ssl->options.noPskDheKe) 10615 10817 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10818 #endif 10616 10819 /* Cookie is written below as last extension. */ 10617 10820 break; … … 10620 10823 #ifdef WOLFSSL_TLS13 10621 10824 case encrypted_extensions: 10825 /* Send out all extension except those that are turned on. */ 10826 #ifdef HAVE_ECC 10622 10827 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS)); 10828 #endif 10623 10829 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 10830 #ifdef HAVE_SESSION_TICKET 10624 10831 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SESSION_TICKET)); 10832 #endif 10833 #ifdef HAVE_SUPPORTED_CURVES 10625 10834 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 10835 #endif 10626 10836 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10627 10837 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); … … 10630 10840 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST)); 10631 10841 #endif 10842 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 10843 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST_V2)); 10844 #endif 10632 10845 #if defined(HAVE_SECURE_RENEGOTIATION) 10633 10846 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_RENEGOTIATION_INFO)); … … 10649 10862 #ifndef NO_CERTS 10650 10863 case certificate: 10864 /* Don't send out any extension except those that are turned 10865 * off. */ 10651 10866 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 10652 10867 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST)); … … 10666 10881 return ret; 10667 10882 10668 #if def WOLFSSL_TLS1310883 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SEND_HRR_COOKIE) 10669 10884 if (msgType == hello_retry_request) { 10670 10885 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); … … 10785 11000 10786 11001 switch (type) { 11002 #ifdef HAVE_SNI 10787 11003 case TLSX_SERVER_NAME: 10788 11004 WOLFSSL_MSG("SNI extension received"); … … 10791 11007 #endif 10792 11008 10793 #if def WOLFSSL_TLS1311009 #if defined(WOLFSSL_TLS13) && defined(HAVE_SNI) 10794 11010 if (IsAtLeastTLSv1_3(ssl->version) && 10795 11011 msgType != client_hello && … … 10805 11021 ret = SNI_PARSE(ssl, input + offset, size, isRequest); 10806 11022 break; 11023 #endif 10807 11024 10808 11025 case TLSX_TRUSTED_CA_KEYS: … … 10812 11029 #endif 10813 11030 10814 #if def WOLFSSL_TLS1311031 #if defined(WOLFSSL_TLS13) && defined(HAVE_TRUSTED_CA) 10815 11032 if (IsAtLeastTLSv1_3(ssl->version) && 10816 11033 msgType != client_hello && … … 10828 11045 #endif 10829 11046 10830 #if def WOLFSSL_TLS1311047 #if defined(WOLFSSL_TLS13) && defined(HAVE_MAX_FRAGMENT) 10831 11048 if (IsAtLeastTLSv1_3(ssl->version) && 10832 11049 msgType != client_hello && … … 10848 11065 #endif 10849 11066 10850 #if def WOLFSSL_TLS1311067 #if defined(WOLFSSL_TLS13) && defined(HAVE_TRUNCATED_HMAC) 10851 11068 if (IsAtLeastTLSv1_3(ssl->version)) 10852 11069 break; … … 10861 11078 #endif 10862 11079 10863 #if def WOLFSSL_TLS1311080 #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) 10864 11081 if (IsAtLeastTLSv1_3(ssl->version) && 10865 11082 msgType != client_hello && … … 10882 11099 #endif 10883 11100 10884 #if def WOLFSSL_TLS1311101 #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) 10885 11102 if (IsAtLeastTLSv1_3(ssl->version)) 10886 11103 break; … … 10895 11112 #endif 10896 11113 10897 #ifdef WOLFSSL_TLS13 11114 #if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST) 10898 11115 if (IsAtLeastTLSv1_3(ssl->version) && 10899 11116 msgType != client_hello && … … 10912 11129 #endif 10913 11130 10914 #if def WOLFSSL_TLS1311131 #if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) 10915 11132 if (IsAtLeastTLSv1_3(ssl->version) && 10916 11133 msgType != client_hello && … … 10930 11147 #endif 10931 11148 10932 #if def WOLFSSL_TLS1311149 #if defined(WOLFSSL_TLS13) 10933 11150 if (IsAtLeastTLSv1_3(ssl->version)) 10934 11151 break; … … 10951 11168 #endif 10952 11169 10953 #if def WOLFSSL_TLS1311170 #if defined(WOLFSSL_TLS13) && defined(HAVE_SECURE_RENEGOTIATION) 10954 11171 if (IsAtLeastTLSv1_3(ssl->version)) 10955 11172 break; … … 10964 11181 #endif 10965 11182 10966 #if def WOLFSSL_TLS1311183 #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) 10967 11184 if (IsAtLeastTLSv1_3(ssl->version) && 10968 11185 msgType != client_hello) { … … 10979 11196 #endif 10980 11197 10981 #if def WOLFSSL_TLS1311198 #if defined(WOLFSSL_TLS13) && defined(HAVE_QSH) 10982 11199 if (IsAtLeastTLSv1_3(ssl->version)) 10983 11200 break; … … 10993 11210 #endif 10994 11211 10995 #if def WOLFSSL_TLS1311212 #if defined(WOLFSSL_TLS13) && defined(HAVE_ALPN) 10996 11213 if (IsAtLeastTLSv1_3(ssl->version) && 10997 11214 msgType != client_hello && … … 11007 11224 ret = ALPN_PARSE(ssl, input + offset, size, isRequest); 11008 11225 break; 11009 #if !defined( WOLFSSL_NO_SIGALG)11226 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 11010 11227 case TLSX_SIGNATURE_ALGORITHMS: 11011 11228 WOLFSSL_MSG("Signature Algorithms extension received"); … … 11016 11233 if (!IsAtLeastTLSv1_2(ssl)) 11017 11234 break; 11018 #ifdef WOLFSSL_TLS1311235 #ifdef WOLFSSL_TLS13 11019 11236 if (IsAtLeastTLSv1_3(ssl->version) && 11020 11237 msgType != client_hello && … … 11022 11239 return EXT_NOT_ALLOWED; 11023 11240 } 11024 #endif11241 #endif 11025 11242 ret = SA_PARSE(ssl, input + offset, size, isRequest, suites); 11026 11243 break; … … 11048 11265 break; 11049 11266 11267 #ifdef WOLFSSL_SEND_HRR_COOKIE 11050 11268 case TLSX_COOKIE: 11051 11269 WOLFSSL_MSG("Cookie extension received"); … … 11064 11282 ret = CKE_PARSE(ssl, input + offset, size, msgType); 11065 11283 break; 11284 #endif 11066 11285 11067 11286 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) … … 11138 11357 #endif 11139 11358 11140 #if !defined( WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22)11359 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) 11141 11360 case TLSX_SIGNATURE_ALGORITHMS_CERT: 11142 11361 WOLFSSL_MSG("Signature Algorithms extension received"); … … 11167 11386 #endif 11168 11387 11388 #ifdef HAVE_SUPPORTED_CURVES 11169 11389 if (!IsAtLeastTLSv1_3(ssl->version)) 11170 11390 break; … … 11174 11394 return EXT_NOT_ALLOWED; 11175 11395 } 11396 #endif 11397 11176 11398 ret = KS_PARSE(ssl, input + offset, size, msgType); 11177 11399 break; … … 11632 11854 11633 11855 #ifndef WOLFSSL_NO_TLS12 11856 WOLFSSL_ABI 11634 11857 WOLFSSL_METHOD* wolfTLSv1_2_server_method(void) 11635 11858 { … … 11656 11879 * returns the method data for a TLS v1.3 server. 11657 11880 */ 11881 WOLFSSL_ABI 11658 11882 WOLFSSL_METHOD* wolfTLSv1_3_server_method(void) 11659 11883 { -
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/tls13.c
r457 r464 30 30 * NO_PSK 31 31 * Do not enable Pre-Shared Keys. 32 * TLS13_SUPPORTS_EXPORTERS 33 * Guard to compile out any code for exporter keys. 34 * Feature not supported yet. 32 * HAVE_KEYING_MATERIAL 33 * Enables exporting keying material based on section 7.5 of RFC 8446. 35 34 * WOLFSSL_ASYNC_CRYPT 36 35 * Enables the use of asynchronous cryptographic operations. … … 56 55 * WOLFSSL_TLS13 57 56 * Enable TLS 1.3 protocol implementation. 58 * WOLFSSL_TLS13_DRAFT_1859 * Conform with Draft 18 of the TLS v1.3 specification.60 * WOLFSSL_TLS13_DRAFT_2261 * Conform with Draft 22 of the TLS v1.3 specification.62 * WOLFSSL_TLS13_DRAFT_2363 * Conform with Draft 23 of the TLS v1.3 specification.64 57 * WOLFSSL_TLS13_MIDDLEBOX_COMPAT 65 58 * Enable middlebox compatibility in the TLS 1.3 handshake. … … 119 112 120 113 #ifndef HAVE_HKDF 121 #error The build option HAVE_HKDF is required for TLS 1.3 114 #ifndef _MSC_VER 115 #error "The build option HAVE_HKDF is required for TLS 1.3" 116 #else 117 #pragma message("error: The build option HAVE_HKDF is required for TLS 1.3") 118 #endif 122 119 #endif 123 120 … … 264 261 } 265 262 266 #ifdef WOLFSSL_TLS13_DRAFT_18267 /* Size of the TLS v1.3 label use when deriving keys. */268 #define TLS13_PROTOCOL_LABEL_SZ 9269 /* The protocol label for TLS v1.3. */270 static const byte tls13ProtocolLabel[TLS13_PROTOCOL_LABEL_SZ + 1] = "TLS 1.3, ";271 #else272 263 /* Size of the TLS v1.3 label use when deriving keys. */ 273 264 #define TLS13_PROTOCOL_LABEL_SZ 6 274 265 /* The protocol label for TLS v1.3. */ 275 266 static const byte tls13ProtocolLabel[TLS13_PROTOCOL_LABEL_SZ + 1] = "tls13 "; 276 #endif 277 278 #if !defined(WOLFSSL_TLS13_DRAFT_18) || defined(HAVE_SESSION_TICKET) || \ 279 !defined(NO_PSK) 267 280 268 /* Derive a key from a message. 281 269 * … … 370 358 hash, hashSz, digestAlg); 371 359 } 372 #endif373 360 374 361 /* Derive a key. … … 442 429 443 430 #ifndef NO_PSK 444 #ifdef WOLFSSL_TLS13_DRAFT_18445 /* The length of the binder key label. */446 #define BINDER_KEY_LABEL_SZ 23447 /* The binder key label. */448 static const byte binderKeyLabel[BINDER_KEY_LABEL_SZ + 1] =449 "external psk binder key";450 #else451 431 /* The length of the binder key label. */ 452 432 #define BINDER_KEY_LABEL_SZ 10 … … 454 434 static const byte binderKeyLabel[BINDER_KEY_LABEL_SZ + 1] = 455 435 "ext binder"; 456 #endif 436 457 437 /* Derive the binder key. 458 438 * … … 464 444 { 465 445 WOLFSSL_MSG("Derive Binder Key"); 446 if (ssl == NULL || ssl->arrays == NULL) { 447 return BAD_FUNC_ARG; 448 } 466 449 return DeriveKeyMsg(ssl, key, -1, ssl->arrays->secret, 467 450 binderKeyLabel, BINDER_KEY_LABEL_SZ, … … 471 454 472 455 #ifdef HAVE_SESSION_TICKET 473 #ifdef WOLFSSL_TLS13_DRAFT_18 474 /* The length of the binder key resume label. */ 475 #define BINDER_KEY_RESUME_LABEL_SZ 25 476 /* The binder key resume label. */ 477 static const byte binderKeyResumeLabel[BINDER_KEY_RESUME_LABEL_SZ + 1] = 478 "resumption psk binder key"; 479 #else 456 480 457 /* The length of the binder key resume label. */ 481 458 #define BINDER_KEY_RESUME_LABEL_SZ 10 … … 483 460 static const byte binderKeyResumeLabel[BINDER_KEY_RESUME_LABEL_SZ + 1] = 484 461 "res binder"; 485 #endif 462 486 463 /* Derive the binder resumption key. 487 464 * … … 493 470 { 494 471 WOLFSSL_MSG("Derive Binder Key - Resumption"); 472 if (ssl == NULL || ssl->arrays == NULL) { 473 return BAD_FUNC_ARG; 474 } 495 475 return DeriveKeyMsg(ssl, key, -1, ssl->arrays->secret, 496 476 binderKeyResumeLabel, BINDER_KEY_RESUME_LABEL_SZ, … … 500 480 501 481 #ifdef WOLFSSL_EARLY_DATA 502 #ifdef WOLFSSL_TLS13_DRAFT_18 503 /* The length of the early traffic label. */ 504 #define EARLY_TRAFFIC_LABEL_SZ 27 505 /* The early traffic label. */ 506 static const byte earlyTrafficLabel[EARLY_TRAFFIC_LABEL_SZ + 1] = 507 "client early traffic secret"; 508 #else 482 509 483 /* The length of the early traffic label. */ 510 484 #define EARLY_TRAFFIC_LABEL_SZ 11 … … 512 486 static const byte earlyTrafficLabel[EARLY_TRAFFIC_LABEL_SZ + 1] = 513 487 "c e traffic"; 514 #endif 488 515 489 /* Derive the early traffic key. 516 490 * … … 523 497 int ret; 524 498 WOLFSSL_MSG("Derive Early Traffic Secret"); 499 if (ssl == NULL || ssl->arrays == NULL) { 500 return BAD_FUNC_ARG; 501 } 525 502 ret = DeriveKey(ssl, key, -1, ssl->arrays->secret, 526 503 earlyTrafficLabel, EARLY_TRAFFIC_LABEL_SZ, … … 538 515 } 539 516 540 #ifdef TLS13_SUPPORTS_EXPORTERS 541 #ifdef WOLFSSL_TLS13_DRAFT_18 542 /* The length of the early exporter label. */ 543 #define EARLY_EXPORTER_LABEL_SZ 28 544 /* The early exporter label. */ 545 static const byte earlyExporterLabel[EARLY_EXPORTER_LABEL_SZ + 1] = 546 "early exporter master secret"; 547 #else 517 #ifdef HAVE_KEYING_MATERIAL 548 518 /* The length of the early exporter label. */ 549 519 #define EARLY_EXPORTER_LABEL_SZ 12 … … 551 521 static const byte earlyExporterLabel[EARLY_EXPORTER_LABEL_SZ + 1] = 552 522 "e exp master"; 553 #endif 523 554 524 /* Derive the early exporter key. 555 525 * … … 562 532 int ret; 563 533 WOLFSSL_MSG("Derive Early Exporter Secret"); 534 if (ssl == NULL || ssl->arrays == NULL) { 535 return BAD_FUNC_ARG; 536 } 564 537 ret = DeriveKey(ssl, key, -1, ssl->arrays->secret, 565 538 earlyExporterLabel, EARLY_EXPORTER_LABEL_SZ, … … 579 552 #endif 580 553 581 #ifdef WOLFSSL_TLS13_DRAFT_18582 /* The length of the client handshake label. */583 #define CLIENT_HANDSHAKE_LABEL_SZ 31584 /* The client handshake label. */585 static const byte clientHandshakeLabel[CLIENT_HANDSHAKE_LABEL_SZ + 1] =586 "client handshake traffic secret";587 #else588 554 /* The length of the client handshake label. */ 589 555 #define CLIENT_HANDSHAKE_LABEL_SZ 12 … … 591 557 static const byte clientHandshakeLabel[CLIENT_HANDSHAKE_LABEL_SZ + 1] = 592 558 "c hs traffic"; 593 #endif 559 594 560 /* Derive the client handshake key. 595 561 * … … 602 568 int ret; 603 569 WOLFSSL_MSG("Derive Client Handshake Secret"); 570 if (ssl == NULL || ssl->arrays == NULL) { 571 return BAD_FUNC_ARG; 572 } 604 573 ret = DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret, 605 574 clientHandshakeLabel, CLIENT_HANDSHAKE_LABEL_SZ, … … 617 586 } 618 587 619 #ifdef WOLFSSL_TLS13_DRAFT_18620 /* The length of the server handshake label. */621 #define SERVER_HANDSHAKE_LABEL_SZ 31622 /* The server handshake label. */623 static const byte serverHandshakeLabel[SERVER_HANDSHAKE_LABEL_SZ + 1] =624 "server handshake traffic secret";625 #else626 588 /* The length of the server handshake label. */ 627 589 #define SERVER_HANDSHAKE_LABEL_SZ 12 … … 629 591 static const byte serverHandshakeLabel[SERVER_HANDSHAKE_LABEL_SZ + 1] = 630 592 "s hs traffic"; 631 #endif 593 632 594 /* Derive the server handshake key. 633 595 * … … 640 602 int ret; 641 603 WOLFSSL_MSG("Derive Server Handshake Secret"); 604 if (ssl == NULL || ssl->arrays == NULL) { 605 return BAD_FUNC_ARG; 606 } 642 607 ret = DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret, 643 608 serverHandshakeLabel, SERVER_HANDSHAKE_LABEL_SZ, … … 655 620 } 656 621 657 #ifdef WOLFSSL_TLS13_DRAFT_18658 /* The length of the client application traffic label. */659 #define CLIENT_APP_LABEL_SZ 33660 /* The client application traffic label. */661 static const byte clientAppLabel[CLIENT_APP_LABEL_SZ + 1] =662 "client application traffic secret";663 #else664 622 /* The length of the client application traffic label. */ 665 623 #define CLIENT_APP_LABEL_SZ 12 … … 667 625 static const byte clientAppLabel[CLIENT_APP_LABEL_SZ + 1] = 668 626 "c ap traffic"; 669 #endif 627 670 628 /* Derive the client application traffic key. 671 629 * … … 678 636 int ret; 679 637 WOLFSSL_MSG("Derive Client Traffic Secret"); 638 if (ssl == NULL || ssl->arrays == NULL) { 639 return BAD_FUNC_ARG; 640 } 680 641 ret = DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, 681 642 clientAppLabel, CLIENT_APP_LABEL_SZ, … … 693 654 } 694 655 695 #ifdef WOLFSSL_TLS13_DRAFT_18696 /* The length of the server application traffic label. */697 #define SERVER_APP_LABEL_SZ 33698 /* The server application traffic label. */699 static const byte serverAppLabel[SERVER_APP_LABEL_SZ + 1] =700 "server application traffic secret";701 #else702 656 /* The length of the server application traffic label. */ 703 657 #define SERVER_APP_LABEL_SZ 12 … … 705 659 static const byte serverAppLabel[SERVER_APP_LABEL_SZ + 1] = 706 660 "s ap traffic"; 707 #endif 661 708 662 /* Derive the server application traffic key. 709 663 * … … 716 670 int ret; 717 671 WOLFSSL_MSG("Derive Server Traffic Secret"); 672 if (ssl == NULL || ssl->arrays == NULL) { 673 return BAD_FUNC_ARG; 674 } 718 675 ret = DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, 719 676 serverAppLabel, SERVER_APP_LABEL_SZ, … … 731 688 } 732 689 733 #ifdef TLS13_SUPPORTS_EXPORTERS 734 #ifdef WOLFSSL_TLS13_DRAFT_18 735 /* The length of the exporter master secret label. */ 736 #define EXPORTER_MASTER_LABEL_SZ 22 737 /* The exporter master secret label. */ 738 static const byte exporterMasterLabel[EXPORTER_MASTER_LABEL_SZ + 1] = 739 "exporter master secret"; 740 #else 690 #ifdef HAVE_KEYING_MATERIAL 741 691 /* The length of the exporter master secret label. */ 742 692 #define EXPORTER_MASTER_LABEL_SZ 10 … … 744 694 static const byte exporterMasterLabel[EXPORTER_MASTER_LABEL_SZ + 1] = 745 695 "exp master"; 746 #endif 696 747 697 /* Derive the exporter secret. 748 698 * … … 754 704 { 755 705 int ret; 756 WOLFSSL_MSG("Derive Exporter Secret"); 706 WOLFSSL_ENTER("Derive Exporter Secret"); 707 if (ssl == NULL || ssl->arrays == NULL) { 708 return BAD_FUNC_ARG; 709 } 757 710 ret = DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, 758 711 exporterMasterLabel, EXPORTER_MASTER_LABEL_SZ, … … 769 722 return ret; 770 723 } 724 725 /* The length of the exporter label. */ 726 #define EXPORTER_LABEL_SZ 8 727 /* The exporter label. */ 728 static const byte exporterLabel[EXPORTER_LABEL_SZ + 1] = 729 "exporter"; 730 /* Hash("") */ 731 #ifndef NO_SHA256 732 static const byte emptySHA256Hash[] = { 733 0xE3, 0xB0, 0xC4, 0x42, 0x98, 0xFC, 0x1C, 0x14, 0x9A, 0xFB, 0xF4, 0xC8, 734 0x99, 0x6F, 0xB9, 0x24, 0x27, 0xAE, 0x41, 0xE4, 0x64, 0x9B, 0x93, 0x4C, 735 0xA4, 0x95, 0x99, 0x1B, 0x78, 0x52, 0xB8, 0x55 736 }; 737 #endif 738 #ifdef WOLFSSL_SHA384 739 static const byte emptySHA384Hash[] = { 740 0x38, 0xB0, 0x60, 0xA7, 0x51, 0xAC, 0x96, 0x38, 0x4C, 0xD9, 0x32, 0x7E, 741 0xB1, 0xB1, 0xE3, 0x6A, 0x21, 0xFD, 0xB7, 0x11, 0x14, 0xBE, 0x07, 0x43, 742 0x4C, 0x0C, 0xC7, 0xBF, 0x63, 0xF6, 0xE1, 0xDA, 0x27, 0x4E, 0xDE, 0xBF, 743 0xE7, 0x6F, 0x65, 0xFB, 0xD5, 0x1A, 0xD2, 0xF1, 0x48, 0x98, 0xB9, 0x5B 744 }; 745 #endif 746 #ifdef WOLFSSL_TLS13_SHA512 747 static const byte emptySHA512Hash[] = { 748 0xCF, 0x83, 0xE1, 0x35, 0x7E, 0xEF, 0xB8, 0xBD, 0xF1, 0x54, 0x28, 0x50, 749 0xD6, 0x6D, 0x80, 0x07, 0xD6, 0x20, 0xE4, 0x05, 0x0B, 0x57, 0x15, 0xDC, 750 0x83, 0xF4, 0xA9, 0x21, 0xD3, 0x6C, 0xE9, 0xCE, 0x47, 0xD0, 0xD1, 0x3C, 751 0x5D, 0x85, 0xF2, 0xB0, 0xFF, 0x83, 0x18, 0xD2, 0x87, 0x7E, 0xEC, 0x2F, 752 0x63, 0xB9, 0x31, 0xBD, 0x47, 0x41, 0x7A, 0x81, 0xA5, 0x38, 0x32, 0x7A, 753 0xF9, 0x27, 0xDA, 0x3E 754 }; 755 #endif 756 /** 757 * Implement section 7.5 of RFC 8446 758 * @return 0 on success 759 * <0 on failure 760 */ 761 int Tls13_Exporter(WOLFSSL* ssl, unsigned char *out, size_t outLen, 762 const char *label, size_t labelLen, 763 const unsigned char *context, size_t contextLen) 764 { 765 int ret; 766 enum wc_HashType hashType = WC_HASH_TYPE_NONE; 767 int hashLen = 0; 768 byte hashOut[WC_MAX_DIGEST_SIZE]; 769 const byte* emptyHash = NULL; 770 byte firstExpand[WC_MAX_DIGEST_SIZE]; 771 const byte* protocol = tls13ProtocolLabel; 772 word32 protocolLen = TLS13_PROTOCOL_LABEL_SZ; 773 774 if (ssl->version.minor != TLSv1_3_MINOR) 775 return VERSION_ERROR; 776 777 switch (ssl->specs.mac_algorithm) { 778 #ifndef NO_SHA256 779 case sha256_mac: 780 hashType = WC_HASH_TYPE_SHA256; 781 hashLen = WC_SHA256_DIGEST_SIZE; 782 emptyHash = emptySHA256Hash; 783 break; 784 #endif 785 786 #ifdef WOLFSSL_SHA384 787 case sha384_mac: 788 hashType = WC_HASH_TYPE_SHA384; 789 hashLen = WC_SHA384_DIGEST_SIZE; 790 emptyHash = emptySHA384Hash; 791 break; 792 #endif 793 794 #ifdef WOLFSSL_TLS13_SHA512 795 case sha512_mac: 796 hashType = WC_HASH_TYPE_SHA512; 797 hashLen = WC_SHA512_DIGEST_SIZE; 798 emptyHash = emptySHA512Hash; 799 break; 800 #endif 801 } 802 803 /* Derive-Secret(Secret, label, "") */ 804 ret = HKDF_Expand_Label(firstExpand, hashLen, 805 ssl->arrays->exporterSecret, hashLen, 806 protocol, protocolLen, (byte*)label, (word32)labelLen, 807 emptyHash, hashLen, hashType); 808 if (ret != 0) 809 return ret; 810 811 /* Hash(context_value) */ 812 ret = wc_Hash(hashType, context, (word32)contextLen, hashOut, WC_MAX_DIGEST_SIZE); 813 if (ret != 0) 814 return ret; 815 816 ret = HKDF_Expand_Label(out, (word32)outLen, firstExpand, hashLen, 817 protocol, protocolLen, exporterLabel, EXPORTER_LABEL_SZ, 818 hashOut, hashLen, hashType); 819 820 return ret; 821 } 771 822 #endif 772 823 773 824 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 774 #ifdef WOLFSSL_TLS13_DRAFT_18775 /* The length of the resumption master secret label. */776 #define RESUME_MASTER_LABEL_SZ 24777 /* The resumption master secret label. */778 static const byte resumeMasterLabel[RESUME_MASTER_LABEL_SZ + 1] =779 "resumption master secret";780 #else781 825 /* The length of the resumption master secret label. */ 782 826 #define RESUME_MASTER_LABEL_SZ 10 … … 784 828 static const byte resumeMasterLabel[RESUME_MASTER_LABEL_SZ + 1] = 785 829 "res master"; 786 #endif 830 787 831 /* Derive the resumption secret. 788 832 * … … 791 835 * returns 0 on success, otherwise failure. 792 836 */ 793 static int DeriveResumptionSecret(WOLFSSL* ssl, byte* key) 794 { 837 int DeriveResumptionSecret(WOLFSSL* ssl, byte* key) 838 { 839 byte* masterSecret; 840 795 841 WOLFSSL_MSG("Derive Resumption Secret"); 796 return DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, 797 resumeMasterLabel, RESUME_MASTER_LABEL_SZ, 798 ssl->specs.mac_algorithm, 1); 842 if (ssl == NULL) { 843 return BAD_FUNC_ARG; 844 } 845 if (ssl->arrays != NULL) { 846 masterSecret = ssl->arrays->masterSecret; 847 } 848 else { 849 masterSecret = ssl->session.masterSecret; 850 } 851 return DeriveKey(ssl, key, -1, masterSecret, resumeMasterLabel, 852 RESUME_MASTER_LABEL_SZ, ssl->specs.mac_algorithm, 1); 799 853 } 800 854 #endif … … 818 872 } 819 873 820 #ifdef WOLFSSL_TLS13_DRAFT_18821 /* The length of the application traffic label. */822 #define APP_TRAFFIC_LABEL_SZ 26823 /* The application traffic label. */824 static const byte appTrafficLabel[APP_TRAFFIC_LABEL_SZ + 1] =825 "application traffic secret";826 #else827 874 /* The length of the application traffic label. */ 828 875 #define APP_TRAFFIC_LABEL_SZ 11 … … 830 877 static const byte appTrafficLabel[APP_TRAFFIC_LABEL_SZ + 1] = 831 878 "traffic upd"; 832 #endif 879 833 880 /* Update the traffic secret. 834 881 * … … 849 896 * ssl The SSL/TLS object. 850 897 */ 851 staticint DeriveEarlySecret(WOLFSSL* ssl)898 int DeriveEarlySecret(WOLFSSL* ssl) 852 899 { 853 900 WOLFSSL_MSG("Derive Early Secret"); 901 if (ssl == NULL || ssl->arrays == NULL) { 902 return BAD_FUNC_ARG; 903 } 854 904 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 855 905 return Tls13_HKDF_Extract(ssl->arrays->secret, NULL, 0, … … 862 912 } 863 913 864 #ifndef WOLFSSL_TLS13_DRAFT_18865 914 /* The length of the derived label. */ 866 915 #define DERIVED_LABEL_SZ 7 … … 868 917 static const byte derivedLabel[DERIVED_LABEL_SZ + 1] = 869 918 "derived"; 870 #endif 919 871 920 /* Derive the handshake secret using HKDF Extract. 872 921 * 873 922 * ssl The SSL/TLS object. 874 923 */ 875 static int DeriveHandshakeSecret(WOLFSSL* ssl) 876 { 877 #ifdef WOLFSSL_TLS13_DRAFT_18 878 WOLFSSL_MSG("Derive Handshake Secret"); 879 return Tls13_HKDF_Extract(ssl->arrays->preMasterSecret, 880 ssl->arrays->secret, ssl->specs.hash_size, 881 ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz, 882 ssl->specs.mac_algorithm); 883 #else 924 int DeriveHandshakeSecret(WOLFSSL* ssl) 925 { 884 926 byte key[WC_MAX_DIGEST_SIZE]; 885 927 int ret; 886 887 928 WOLFSSL_MSG("Derive Handshake Secret"); 888 929 if (ssl == NULL || ssl->arrays == NULL) { 930 return BAD_FUNC_ARG; 931 } 889 932 ret = DeriveKeyMsg(ssl, key, -1, ssl->arrays->secret, 890 933 derivedLabel, DERIVED_LABEL_SZ, … … 897 940 ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz, 898 941 ssl->specs.mac_algorithm); 899 #endif900 942 } 901 943 … … 904 946 * ssl The SSL/TLS object. 905 947 */ 906 static int DeriveMasterSecret(WOLFSSL* ssl) 907 { 908 #ifdef WOLFSSL_TLS13_DRAFT_18 909 WOLFSSL_MSG("Derive Master Secret"); 910 return Tls13_HKDF_Extract(ssl->arrays->masterSecret, 911 ssl->arrays->preMasterSecret, ssl->specs.hash_size, 912 ssl->arrays->masterSecret, 0, ssl->specs.mac_algorithm); 913 #else 948 int DeriveMasterSecret(WOLFSSL* ssl) 949 { 914 950 byte key[WC_MAX_DIGEST_SIZE]; 915 951 int ret; 916 917 952 WOLFSSL_MSG("Derive Master Secret"); 918 953 if (ssl == NULL || ssl->arrays == NULL) { 954 return BAD_FUNC_ARG; 955 } 919 956 ret = DeriveKeyMsg(ssl, key, -1, ssl->arrays->preMasterSecret, 920 957 derivedLabel, DERIVED_LABEL_SZ, … … 923 960 return ret; 924 961 925 ret urnTls13_HKDF_Extract(ssl->arrays->masterSecret,962 ret = Tls13_HKDF_Extract(ssl->arrays->masterSecret, 926 963 key, ssl->specs.hash_size, 927 964 ssl->arrays->masterSecret, 0, ssl->specs.mac_algorithm); 928 #endif 929 } 930 931 #ifndef WOLFSSL_TLS13_DRAFT_18 965 966 #ifdef HAVE_KEYING_MATERIAL 967 if (ret != 0) 968 return ret; 969 /* Calculate exporter secret only when saving arrays */ 970 if (ssl->options.saveArrays) 971 ret = DeriveExporterSecret(ssl, ssl->arrays->exporterSecret); 972 #endif 973 974 return ret; 975 } 976 932 977 #if defined(HAVE_SESSION_TICKET) 933 978 /* Length of the resumption label. */ … … 943 988 * returns 0 on success, otherwise failure. 944 989 */ 945 static int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, 946 byte* secret) 990 int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret) 947 991 { 948 992 int digestAlg; … … 982 1026 } 983 1027 #endif /* HAVE_SESSION_TICKET */ 984 #endif /* WOLFSSL_TLS13_DRAFT_18 */985 1028 986 1029 … … 999 1042 int hashSz = WC_SHA256_DIGEST_SIZE; 1000 1043 int ret = BAD_FUNC_ARG; 1044 1045 if (ssl == NULL || key == NULL || hash == NULL) { 1046 return BAD_FUNC_ARG; 1047 } 1001 1048 1002 1049 /* Get the hash of the previous handshake messages. */ … … 1071 1118 * returns 0 on success, otherwise failure. 1072 1119 */ 1073 staticint DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)1120 int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store) 1074 1121 { 1075 1122 int ret = BAD_FUNC_ARG; /* Assume failure */ … … 1282 1329 word32 TimeNowInMilliseconds(void) 1283 1330 { 1284 const uint32_tsystemTickTimeInHz = 1000000 / systemTickInMicroseconds();1285 uint32_t*systemTickPtr = systemTickPointer();1331 const word32 systemTickTimeInHz = 1000000 / systemTickInMicroseconds(); 1332 word32 *systemTickPtr = systemTickPointer(); 1286 1333 1287 1334 return (word32) (*systemTickPtr/systemTickTimeInHz) * 1000; … … 1407 1454 return (word32)(uTaskerSystemTick / (TICK_RESOLUTION / 1000)); 1408 1455 } 1456 #elif defined(WOLFSSL_LINUXKM) 1457 /* The time in milliseconds. 1458 * Used for tickets to represent difference between when first seen and when 1459 * sending. 1460 * 1461 * returns the time in milliseconds as a 32-bit value. 1462 */ 1463 word32 TimeNowInMilliseconds(void) 1464 { 1465 #if LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0) 1466 return (word32)(ktime_get_real_ns() / (s64)1000000); 1467 #else 1468 return (word32)(ktime_get_real_ns() / (ktime_t)1000000); 1469 #endif 1470 } 1471 #elif defined(FUSION_RTOS) 1472 /* The time in milliseconds. 1473 * Used for tickets to represent difference between when first seen and when 1474 * sending. 1475 * 1476 * returns the time in milliseconds as a 32-bit value. 1477 */ 1478 word32 TimeNowInMilliseconds(void) 1479 { 1480 struct timeval now; 1481 if (FCL_GETTIMEOFDAY(&now, 0) < 0) 1482 return (word32)GETTIME_ERROR; /* TODO: return 0 for failure */ 1483 1484 /* Convert to milliseconds number. */ 1485 return (word32)(now.tv_sec * 1000 + now.tv_usec / 1000); 1486 } 1487 1409 1488 #else 1410 1489 /* The time in milliseconds. … … 1419 1498 1420 1499 if (gettimeofday(&now, 0) < 0) 1421 return GETTIME_ERROR; 1500 return (word32)GETTIME_ERROR; /* TODO: return 0 for failure */ 1501 1422 1502 /* Convert to milliseconds number. */ 1423 1503 return (word32)(now.tv_sec * 1000 + now.tv_usec / 1000); … … 1426 1506 #endif /* HAVE_SESSION_TICKET || !NO_PSK */ 1427 1507 1428 1429 #if !defined(NO_WOLFSSL_SERVER) && (defined(HAVE_SESSION_TICKET) || \1430 !defined(NO_PSK))1431 /* Add input to all handshake hashes.1432 *1433 * ssl The SSL/TLS object.1434 * input The data to hash.1435 * sz The size of the data to hash.1436 * returns 0 on success, otherwise failure.1437 */1438 static int HashInputRaw(WOLFSSL* ssl, const byte* input, int sz)1439 {1440 int ret = BAD_FUNC_ARG;1441 1442 #ifndef NO_SHA2561443 ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, input, sz);1444 if (ret != 0)1445 return ret;1446 #endif1447 #ifdef WOLFSSL_SHA3841448 ret = wc_Sha384Update(&ssl->hsHashes->hashSha384, input, sz);1449 if (ret != 0)1450 return ret;1451 #endif1452 #ifdef WOLFSSL_TLS13_SHA5121453 ret = wc_Sha512Update(&ssl->hsHashes->hashSha512, input, sz);1454 if (ret != 0)1455 return ret;1456 #endif1457 1458 return ret;1459 }1460 #endif1461 1508 1462 1509 /* Extract the handshake header information. … … 1502 1549 rl->type = type; 1503 1550 rl->pvMajor = ssl->version.major; 1504 #ifdef WOLFSSL_TLS13_DRAFT_181505 rl->pvMinor = TLSv1_MINOR;1506 #else1507 1551 /* NOTE: May be TLSv1_MINOR when sending first ClientHello. */ 1508 1552 rl->pvMinor = TLSv1_2_MINOR; 1509 #endif1510 1553 c16toa((word16)length, rl->length); 1511 1554 } … … 1584 1627 * out The buffer to write into. 1585 1628 */ 1586 static WC_INLINE void WriteSEQ (WOLFSSL* ssl, int verifyOrder, byte* out)1629 static WC_INLINE void WriteSEQTls13(WOLFSSL* ssl, int verifyOrder, byte* out) 1587 1630 { 1588 1631 word32 seq[2] = {0, 0}; … … 1620 1663 1621 1664 /* The nonce is the IV with the sequence XORed into the last bytes. */ 1622 WriteSEQ (ssl, order, nonce + AEAD_NONCE_SZ - SEQ_SZ);1665 WriteSEQTls13(ssl, order, nonce + AEAD_NONCE_SZ - SEQ_SZ); 1623 1666 for (i = 0; i < AEAD_NONCE_SZ - SEQ_SZ; i++) 1624 1667 nonce[i] = iv[i]; … … 1628 1671 1629 1672 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) 1630 /* Encrypt with ChaCha20 and create authen ication tag with Poly1305.1673 /* Encrypt with ChaCha20 and create authentication tag with Poly1305. 1631 1674 * 1632 1675 * ssl The SSL/TLS object. … … 1683 1726 1684 1727 #ifdef HAVE_NULL_CIPHER 1685 /* Create authen ication tag and copy data over input.1728 /* Create authentication tag and copy data over input. 1686 1729 * 1687 1730 * ssl The SSL/TLS object. … … 1765 1808 WOLFSSL_MSG("Data to encrypt"); 1766 1809 WOLFSSL_BUFFER(input, dataSz); 1767 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) && \1768 !defined(WOLFSSL_TLS13_DRAFT_23)1769 1810 WOLFSSL_MSG("Additional Authentication Data"); 1770 1811 WOLFSSL_BUFFER(aad, aadSz); 1771 #endif1772 1812 #endif 1773 1813 … … 1912 1952 1913 1953 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) 1914 /* Decrypt with ChaCha20 and check authen ication tag with Poly1305.1954 /* Decrypt with ChaCha20 and check authentication tag with Poly1305. 1915 1955 * 1916 1956 * ssl The SSL/TLS object. … … 2068 2108 WOLFSSL_MSG("Data to decrypt"); 2069 2109 WOLFSSL_BUFFER(input, dataSz); 2070 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) && \2071 !defined(WOLFSSL_TLS13_DRAFT_23)2072 2110 WOLFSSL_MSG("Additional Authentication Data"); 2073 2111 WOLFSSL_BUFFER(aad, aadSz); 2074 #endif2075 2112 WOLFSSL_MSG("Authentication tag"); 2076 2113 WOLFSSL_BUFFER(input + dataSz, macSz); … … 2351 2388 #endif 2352 2389 { 2353 #if defined(WOLFSSL_TLS13_DRAFT_18) || defined(WOLFSSL_TLS13_DRAFT_22) || \2354 defined(WOLFSSL_TLS13_DRAFT_23)2355 output += args->headerSz;2356 ret = EncryptTls13(ssl, output, output, args->size, NULL, 0,2357 asyncOkay);2358 #else2359 2390 const byte* aad = output; 2360 2391 output += args->headerSz; 2361 2392 ret = EncryptTls13(ssl, output, output, args->size, aad, 2362 2393 RECORD_HEADER_SZ, asyncOkay); 2363 #endif2364 2394 } 2365 2395 break; … … 2415 2445 #endif 2416 2446 2417 #ifndef WOLFSSL_TLS13_DRAFT_182418 2447 #if defined(WOLFSSL_SEND_HRR_COOKIE) && !defined(NO_WOLFSSL_SERVER) 2419 2448 /* Create Cookie extension using the hash of the first ClientHello. … … 2462 2491 * returns 0 on success, otherwise failure. 2463 2492 */ 2464 staticint RestartHandshakeHash(WOLFSSL* ssl)2493 int RestartHandshakeHash(WOLFSSL* ssl) 2465 2494 { 2466 2495 int ret; … … 2526 2555 if (ret != 0) 2527 2556 return ret; 2528 ret = Hash OutputRaw(ssl, header, sizeof(header));2557 ret = HashRaw(ssl, header, sizeof(header)); 2529 2558 if (ret != 0) 2530 2559 return ret; 2531 return Hash OutputRaw(ssl, hash, hashSz);2560 return HashRaw(ssl, hash, hashSz); 2532 2561 } 2533 2562 … … 2541 2570 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C 2542 2571 }; 2543 #endif /* WOLFSSL_TLS13_DRAFT_18 */ 2572 2544 2573 2545 2574 #ifndef NO_WOLFSSL_CLIENT … … 2578 2607 /* Resumption PSK is master secret. */ 2579 2608 ssl->arrays->psk_keySz = ssl->specs.hash_size; 2580 #ifdef WOLFSSL_TLS13_DRAFT_182581 XMEMCPY(ssl->arrays->psk_key, ssl->session.masterSecret,2582 ssl->arrays->psk_keySz);2583 #else2584 2609 if ((ret = DeriveResumptionPSK(ssl, ssl->session.ticketNonce.data, 2585 2610 ssl->session.ticketNonce.len, ssl->arrays->psk_key)) != 0) { 2586 2611 return ret; 2587 2612 } 2588 #endif2589 2613 } 2590 2614 #endif … … 2594 2618 const char* cipherName = NULL; 2595 2619 byte cipherSuite0 = TLS13_BYTE, cipherSuite = WOLFSSL_DEF_PSK_CIPHER; 2620 int cipherSuiteFlags = WOLFSSL_CIPHER_SUITE_FLAG_NONE; 2596 2621 2597 2622 /* Get the pre-shared key. */ … … 2602 2627 &cipherName); 2603 2628 if (GetCipherSuiteFromName(cipherName, &cipherSuite0, 2604 &cipherSuite) != 0) {2629 &cipherSuite, &cipherSuiteFlags) != 0) { 2605 2630 return PSK_KEY_ERROR; 2606 2631 } … … 2620 2645 return PSK_KEY_ERROR; 2621 2646 } 2647 (void)cipherSuiteFlags; 2622 2648 #else 2623 2649 /* PSK information loaded during setting of default TLS extensions. */ … … 2626 2652 #endif 2627 2653 2628 if (ssl->options.noPskDheKe) 2654 if (ssl->options.noPskDheKe) { 2629 2655 ssl->arrays->preMasterSz = 0; 2656 } 2630 2657 2631 2658 /* Derive the early secret using the PSK. */ … … 2707 2734 2708 2735 /* Hash binders to complete the hash of the ClientHello. */ 2709 ret = Hash OutputRaw(ssl, output + idx, len);2736 ret = HashRaw(ssl, output + idx, len); 2710 2737 if (ret < 0) 2711 2738 return ret; … … 2778 2805 length = VERSION_SZ + RAN_LEN + ENUM_LEN + ssl->suites->suiteSz + 2779 2806 SUITE_LEN + COMP_LEN + ENUM_LEN; 2780 #ifndef WOLFSSL_TLS13_DRAFT_182781 2807 #if defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 2782 2808 length += ID_LEN; … … 2785 2811 length += ssl->session.sessionIDSz; 2786 2812 #endif 2787 #endif2788 2813 2789 2814 /* Auto populate extensions supported unless user defined. */ … … 2846 2871 idx += RAN_LEN; 2847 2872 2848 #ifdef WOLFSSL_TLS13_DRAFT_182849 /* TLS v1.3 does not use session id - 0 length. */2850 output[idx++] = 0;2851 #else2852 2873 if (ssl->session.sessionIDSz > 0) { 2853 2874 /* Session resumption for old versions of protocol. */ … … 2866 2887 #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */ 2867 2888 } 2868 #endif /* WOLFSSL_TLS13_DRAFT_18 */2869 2889 2870 2890 /* Cipher suites */ … … 2921 2941 } 2922 2942 2923 #ifdef WOLFSSL_TLS13_DRAFT_182924 /* handle rocessing of TLS 1.3 hello_retry_request (6) */2925 /* Parse and handle a HelloRetryRequest message.2926 * Only a client will receive this message.2927 *2928 * ssl The SSL/TLS object.2929 * input The message buffer.2930 * inOutIdx On entry, the index into the message buffer of2931 * HelloRetryRequest.2932 * On exit, the index of byte after the HelloRetryRequest message.2933 * totalSz The length of the current handshake message.2934 * returns 0 on success and otherwise failure.2935 */2936 static int DoTls13HelloRetryRequest(WOLFSSL* ssl, const byte* input,2937 word32* inOutIdx, word32 totalSz)2938 {2939 int ret;2940 word32 begin = *inOutIdx;2941 word32 i = begin;2942 word16 totalExtSz;2943 ProtocolVersion pv;2944 2945 WOLFSSL_ENTER("DoTls13HelloRetryRequest");2946 2947 #ifdef WOLFSSL_CALLBACKS2948 if (ssl->hsInfoOn) AddPacketName(ssl, "HelloRetryRequest");2949 if (ssl->toInfoOn) AddLateName("HelloRetryRequest", &ssl->timeoutInfo);2950 #endif2951 2952 /* Version info and length field of extension data. */2953 if (totalSz < i - begin + OPAQUE16_LEN + OPAQUE16_LEN + OPAQUE16_LEN)2954 return BUFFER_ERROR;2955 2956 /* Protocol version. */2957 XMEMCPY(&pv, input + i, OPAQUE16_LEN);2958 i += OPAQUE16_LEN;2959 ret = CheckVersion(ssl, pv);2960 if (ret != 0)2961 return ret;2962 2963 /* Length of extension data. */2964 ato16(&input[i], &totalExtSz);2965 i += OPAQUE16_LEN;2966 if (totalExtSz == 0) {2967 WOLFSSL_MSG("HelloRetryRequest must contain extensions");2968 return MISSING_HANDSHAKE_DATA;2969 }2970 2971 /* Extension data. */2972 if (i - begin + totalExtSz > totalSz)2973 return BUFFER_ERROR;2974 if ((ret = TLSX_Parse(ssl, (byte *)(input + i), totalExtSz,2975 hello_retry_request, NULL)) != 0)2976 return ret;2977 /* The KeyShare extension parsing fails when not valid. */2978 2979 /* Move index to byte after message. */2980 *inOutIdx = i + totalExtSz;2981 2982 ssl->options.tls1_3 = 1;2983 ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE;2984 2985 WOLFSSL_LEAVE("DoTls13HelloRetryRequest", ret);2986 2987 return ret;2988 }2989 #endif2990 2991 2992 2943 /* handle processing of TLS 1.3 server_hello (2) and hello_retry_request (6) */ 2993 2944 /* Handle the ServerHello message from the server. … … 3008 2959 word32 begin = i; 3009 2960 int ret; 3010 #ifndef WOLFSSL_TLS13_DRAFT_183011 2961 byte sessIdSz; 3012 2962 const byte* sessId; 3013 2963 byte b; 3014 2964 int foundVersion; 3015 #endif3016 2965 word16 totalExtSz; 3017 2966 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) … … 3023 2972 WOLFSSL_ENTER("DoTls13ServerHello"); 3024 2973 2974 if (ssl->arrays == NULL) 2975 return BAD_FUNC_ARG; 2976 3025 2977 #ifdef WOLFSSL_CALLBACKS 3026 2978 if (ssl->hsInfoOn) AddPacketName(ssl, "ServerHello"); … … 3028 2980 #endif 3029 2981 2982 if (ssl == NULL || ssl->arrays == NULL) 2983 return BAD_FUNC_ARG; 2984 3030 2985 /* Protocol version length check. */ 3031 2986 if (OPAQUE16_LEN > helloSz) … … 3035 2990 XMEMCPY(&pv, input + i, OPAQUE16_LEN); 3036 2991 i += OPAQUE16_LEN; 3037 #ifdef WOLFSSL_TLS13_DRAFT_18 3038 ret = CheckVersion(ssl, pv); 3039 if (ret != 0) 3040 return ret; 3041 if (!IsAtLeastTLSv1_3(pv) && pv.major != TLS_DRAFT_MAJOR) { 3042 #ifndef WOLFSSL_NO_TLS12 3043 if (ssl->options.downgrade) { 3044 ssl->version = pv; 3045 return DoServerHello(ssl, input, inOutIdx, helloSz); 3046 } 3047 #endif 3048 3049 WOLFSSL_MSG("Client using higher version, fatal error"); 3050 return VERSION_ERROR; 3051 } 3052 #else 2992 3053 2993 #ifndef WOLFSSL_NO_TLS12 3054 2994 if (pv.major == ssl->version.major && pv.minor < TLSv1_2_MINOR && … … 3062 3002 if (pv.major != ssl->version.major || pv.minor != TLSv1_2_MINOR) 3063 3003 return VERSION_ERROR; 3064 #endif 3065 3066 #ifdef WOLFSSL_TLS13_DRAFT_18 3067 /* Random length check */ 3068 if ((i - begin) + RAN_LEN > helloSz) 3069 return BUFFER_ERROR; 3070 #else 3004 3071 3005 /* Random and session id length check */ 3072 3006 if ((i - begin) + RAN_LEN + ENUM_LEN > helloSz) 3073 3007 return BUFFER_ERROR; 3074 3008 3075 if (XMEMCMP(input + i, helloRetryRequestRandom, RAN_LEN) == 0) 3009 if (XMEMCMP(input + i, helloRetryRequestRandom, RAN_LEN) == 0) { 3076 3010 *extMsgType = hello_retry_request; 3077 #endif 3011 /* A HelloRetryRequest comes in as an ServerHello for MiddleBox compat. 3012 * Found message to be a HelloRetryRequest. 3013 * Don't allow more than one HelloRetryRequest or ServerHello. 3014 */ 3015 if (ssl->msgsReceived.got_hello_retry_request == 1) { 3016 return DUPLICATE_MSG_E; 3017 } 3018 /* Update counts to reflect change of message type. */ 3019 ssl->msgsReceived.got_hello_retry_request++; 3020 ssl->msgsReceived.got_server_hello--; 3021 } 3078 3022 3079 3023 /* Server random - keep for debugging. */ … … 3081 3025 i += RAN_LEN; 3082 3026 3083 #ifndef WOLFSSL_TLS13_DRAFT_183084 3027 /* Session id */ 3085 3028 sessIdSz = input[i++]; … … 3088 3031 sessId = input + i; 3089 3032 i += sessIdSz; 3090 #endif /* WOLFSSL_TLS13_DRAFT_18 */ 3033 3091 3034 ssl->options.haveSessionId = 1; 3092 3035 3093 #ifdef WOLFSSL_TLS13_DRAFT_183094 /* Ciphersuite check */3095 if ((i - begin) + OPAQUE16_LEN + OPAQUE16_LEN > helloSz)3096 return BUFFER_ERROR;3097 #else3098 3036 /* Ciphersuite and compression check */ 3099 3037 if ((i - begin) + OPAQUE16_LEN + OPAQUE8_LEN > helloSz) 3100 3038 return BUFFER_ERROR; 3101 #endif3102 3039 3103 3040 /* Set the cipher suite from the message. */ … … 3105 3042 ssl->options.cipherSuite = input[i++]; 3106 3043 3107 #ifndef WOLFSSL_TLS13_DRAFT_183108 3044 /* Compression */ 3109 3045 b = input[i++]; … … 3112 3048 return INVALID_PARAMETER; 3113 3049 } 3114 #endif 3115 3116 #ifndef WOLFSSL_TLS13_DRAFT_18 3050 3117 3051 if ((i - begin) + OPAQUE16_LEN > helloSz) { 3118 3052 if (!ssl->options.downgrade) … … 3123 3057 ssl->options.haveEMS = 0; 3124 3058 } 3125 if ((i - begin) < helloSz) 3126 #endif 3127 { 3059 if ((i - begin) < helloSz) { 3128 3060 /* Get extension length and length check. */ 3129 3061 if ((i - begin) + OPAQUE16_LEN > helloSz) … … 3134 3066 return BUFFER_ERROR; 3135 3067 3136 #ifndef WOLFSSL_TLS13_DRAFT_183137 3068 /* Need to negotiate version first. */ 3138 3069 if ((ret = TLSX_ParseVersion(ssl, (byte*)input + i, totalExtSz, … … 3151 3082 ssl->version.minor = pv.minor; 3152 3083 } 3153 #endif3154 3084 3155 3085 /* Parse and handle extensions. */ … … 3176 3106 #endif /* HAVE_SECRET_CALLBACK */ 3177 3107 3178 #ifndef WOLFSSL_TLS13_DRAFT_183179 3108 /* Version only negotiated in extensions for TLS v1.3. 3180 3109 * Only now do we know how to deal with session id. … … 3208 3137 } 3209 3138 3210 3139 #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT 3211 3140 if (sessIdSz == 0) 3212 3141 return INVALID_PARAMETER; … … 3219 3148 else if (XMEMCMP(ssl->arrays->clientRandom, sessId, sessIdSz) != 0) 3220 3149 return INVALID_PARAMETER; 3221 3150 #else 3222 3151 if (sessIdSz != ssl->session.sessionIDSz || (sessIdSz > 0 && 3223 3152 XMEMCMP(ssl->session.sessionID, sessId, sessIdSz) != 0)) { … … 3225 3154 return INVALID_PARAMETER; 3226 3155 } 3227 #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */ 3228 #endif 3156 #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */ 3229 3157 3230 3158 ret = SetCipherSpecs(ssl); … … 3246 3174 3247 3175 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 3248 #ifndef WOLFSSL_TLS13_DRAFT_18 3249 if (*extMsgType == server_hello) 3250 #endif 3251 { 3176 if (*extMsgType == server_hello) { 3252 3177 ext = TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY); 3253 3178 if (ext != NULL) … … 3265 3190 #endif 3266 3191 3267 #ifdef WOLFSSL_TLS13_DRAFT_183268 ssl->keys.encryptionOn = 1;3269 #else3270 3192 if (*extMsgType == server_hello) { 3271 3193 ssl->keys.encryptionOn = 1; … … 3278 3200 ret = RestartHandshakeHash(ssl); 3279 3201 } 3280 #endif3281 3202 3282 3203 WOLFSSL_LEAVE("DoTls13ServerHello", ret); … … 3358 3279 } 3359 3280 3281 #ifndef NO_CERTS 3360 3282 /* handle processing TLS v1.3 certificate_request (13) */ 3361 3283 /* Handle a TLS v1.3 CertificateRequest message. … … 3376 3298 word32 begin = *inOutIdx; 3377 3299 int ret = 0; 3378 #ifndef WOLFSSL_TLS13_DRAFT_183379 3300 Suites peerSuites; 3380 #endif3381 3301 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH 3382 3302 CertReqCtx* certReqCtx; … … 3386 3306 WOLFSSL_ENTER("DoTls13CertificateRequest"); 3387 3307 3388 #ifndef WOLFSSL_TLS13_DRAFT_183389 3308 XMEMSET(&peerSuites, 0, sizeof(Suites)); 3390 #endif 3309 3391 3310 #ifdef WOLFSSL_CALLBACKS 3392 3311 if (ssl->hsInfoOn) AddPacketName(ssl, "CertificateRequest"); … … 3420 3339 *inOutIdx += len; 3421 3340 3422 #ifdef WOLFSSL_TLS13_DRAFT_183423 /* Signature and hash algorithms. */3424 if ((*inOutIdx - begin) + OPAQUE16_LEN > size)3425 return BUFFER_ERROR;3426 ato16(input + *inOutIdx, &len);3427 *inOutIdx += OPAQUE16_LEN;3428 if ((*inOutIdx - begin) + len > size)3429 return BUFFER_ERROR;3430 if (PickHashSigAlgo(ssl, input + *inOutIdx, len) != 0 &&3431 ssl->buffers.certificate && ssl->buffers.certificate->buffer &&3432 ssl->buffers.key && ssl->buffers.key->buffer) {3433 return INVALID_PARAMETER;3434 }3435 *inOutIdx += len;3436 3437 /* Length of certificate authority data. */3438 if ((*inOutIdx - begin) + OPAQUE16_LEN > size)3439 return BUFFER_ERROR;3440 ato16(input + *inOutIdx, &len);3441 *inOutIdx += OPAQUE16_LEN;3442 if ((*inOutIdx - begin) + len > size)3443 return BUFFER_ERROR;3444 3445 /* Certificate authorities. */3446 while (len) {3447 word16 dnSz;3448 3449 if ((*inOutIdx - begin) + OPAQUE16_LEN > size)3450 return BUFFER_ERROR;3451 3452 ato16(input + *inOutIdx, &dnSz);3453 *inOutIdx += OPAQUE16_LEN;3454 3455 if ((*inOutIdx - begin) + dnSz > size)3456 return BUFFER_ERROR;3457 3458 *inOutIdx += dnSz;3459 len -= OPAQUE16_LEN + dnSz;3460 }3461 3462 /* Certificate extensions */3463 if ((*inOutIdx - begin) + OPAQUE16_LEN > size)3464 return BUFFER_ERROR;3465 ato16(input + *inOutIdx, &len);3466 *inOutIdx += OPAQUE16_LEN;3467 if ((*inOutIdx - begin) + len > size)3468 return BUFFER_ERROR;3469 *inOutIdx += len;3470 #else3471 3341 /* TODO: Add support for more extensions: 3472 3342 * signed_certificate_timestamp, certificate_authorities, oid_filters. … … 3486 3356 } 3487 3357 *inOutIdx += len; 3488 #endif3489 3358 3490 3359 if (ssl->buffers.certificate && ssl->buffers.certificate->buffer && … … 3494 3363 #endif 3495 3364 )) { 3496 #ifndef WOLFSSL_TLS13_DRAFT_183497 3365 if (PickHashSigAlgo(ssl, peerSuites.hashSigAlgo, 3498 3366 peerSuites.hashSigAlgoSz) != 0) { 3499 3367 return INVALID_PARAMETER; 3500 3368 } 3501 #endif3502 3369 ssl->options.sendVerify = SEND_CERT; 3503 3370 } 3504 3371 else { 3372 #ifndef WOLFSSL_NO_CLIENT_CERT_ERROR 3505 3373 ssl->options.sendVerify = SEND_BLANK_CERT; 3374 #else 3375 WOLFSSL_MSG("Certificate required but none set on client"); 3376 SendAlert(ssl, alert_fatal, illegal_parameter); 3377 return NO_CERT_ERROR; 3378 #endif 3506 3379 } 3507 3380 … … 3514 3387 return ret; 3515 3388 } 3516 3389 #endif /* !NO_CERTS */ 3517 3390 #endif /* !NO_WOLFSSL_CLIENT */ 3518 3391 … … 3576 3449 byte cipherSuite0 = TLS13_BYTE; 3577 3450 byte cipherSuite = WOLFSSL_DEF_PSK_CIPHER; 3451 int cipherSuiteFlags = WOLFSSL_CIPHER_SUITE_FLAG_NONE; 3578 3452 #endif 3579 3453 … … 3625 3499 #ifdef HAVE_SESSION_TICKET 3626 3500 /* Decode the identity. */ 3627 if ( (ret = DoClientTicket(ssl, current->identity, current->identityLen))3501 if (DoClientTicket(ssl, current->identity, current->identityLen) 3628 3502 == WOLFSSL_TICKET_RET_OK) { 3629 3503 word32 now; … … 3642 3516 /* Invalid difference, fallback to full handshake. */ 3643 3517 ssl->options.resuming = 0; 3644 break; 3518 /* Hash the rest of the ClientHello. */ 3519 return HashRaw(ssl, input + helloSz - bindersLen, bindersLen); 3645 3520 } 3646 3521 … … 3667 3542 /* Resumption PSK is resumption master secret. */ 3668 3543 ssl->arrays->psk_keySz = ssl->specs.hash_size; 3669 #ifdef WOLFSSL_TLS13_DRAFT_183670 XMEMCPY(ssl->arrays->psk_key, ssl->session.masterSecret,3671 ssl->arrays->psk_keySz);3672 #else3673 3544 if ((ret = DeriveResumptionPSK(ssl, ssl->session.ticketNonce.data, 3674 3545 ssl->session.ticketNonce.len, ssl->arrays->psk_key)) != 0) { 3675 3546 return ret; 3676 3547 } 3677 #endif3678 3548 3679 3549 /* Derive the early secret using the PSK. */ … … 3694 3564 MAX_PSK_KEY_LEN, &cipherName)) != 0 && 3695 3565 GetCipherSuiteFromName(cipherName, &cipherSuite0, 3696 &cipherSuite) == 0) ||3566 &cipherSuite, &cipherSuiteFlags) == 0) || 3697 3567 (ssl->options.server_psk_cb != NULL && 3698 3568 (ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl, … … 3705 3575 suite[0] = cipherSuite0; 3706 3576 suite[1] = cipherSuite; 3577 (void)cipherSuiteFlags; 3707 3578 if (!FindSuiteSSL(ssl, suite)) { 3708 3579 current = current->next; … … 3712 3583 /* Default to ciphersuite if cb doesn't specify. */ 3713 3584 ssl->options.resuming = 0; 3585 /* Don't send certificate request when using PSK. */ 3586 ssl->options.verifyPeer = 0; 3714 3587 3715 3588 /* PSK age is always zero. */ … … 3765 3638 3766 3639 /* Hash the rest of the ClientHello. */ 3767 ret = Hash InputRaw(ssl, input + helloSz - bindersLen, bindersLen);3640 ret = HashRaw(ssl, input + helloSz - bindersLen, bindersLen); 3768 3641 if (ret != 0) 3769 3642 return ret; … … 3807 3680 modes = ext->val; 3808 3681 3682 #ifdef HAVE_SUPPORTED_CURVES 3809 3683 ext = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE); 3810 3684 /* Use (EC)DHE for forward-security if possible. */ … … 3826 3700 ext->resp = 1; 3827 3701 } 3828 else { 3702 else 3703 #endif 3704 { 3829 3705 if ((modes & (1 << PSK_KE)) == 0) 3830 3706 return PSK_KEY_ERROR; … … 3841 3717 #endif 3842 3718 3843 #if !defined(WOLFSSL_TLS13_DRAFT_18) &&defined(WOLFSSL_SEND_HRR_COOKIE)3719 #if defined(WOLFSSL_SEND_HRR_COOKIE) 3844 3720 /* Check that the Cookie data's integrity. 3845 3721 * … … 3892 3768 /* Length of the Cookie Extension excluding cookie data */ 3893 3769 #define HRR_COOKIE_HDR_SZ (OPAQUE16_LEN + OPAQUE16_LEN + OPAQUE16_LEN) 3894 #ifdef WOLFSSL_TLS13_DRAFT_183895 /* PV | CipherSuite | Ext Len */3896 #define HRR_BODY_SZ (OPAQUE16_LEN + OPAQUE16_LEN + OPAQUE16_LEN)3897 /* HH | PV | CipherSuite | Ext Len | Key Share | Cookie */3898 #define MAX_HRR_SZ (HANDSHAKE_HEADER_SZ + \3899 HRR_BODY_SZ + \3900 HRR_KEY_SHARE_SZ + \3901 HRR_COOKIE_HDR_SZ)3902 #else3903 3770 /* PV | Random | Session Id | CipherSuite | Compression | Ext Len */ 3904 3771 #define HRR_BODY_SZ (VERSION_SZ + RAN_LEN + ENUM_LEN + ID_LEN + \ … … 3910 3777 HRR_VERSIONS_SZ + \ 3911 3778 HRR_COOKIE_HDR_SZ) 3912 #endif 3779 3913 3780 3914 3781 /* Restart the handshake hash from the cookie value. … … 3942 3809 if ((ret = InitHandshakeHashes(ssl)) != 0) 3943 3810 return ret; 3944 if ((ret = Hash OutputRaw(ssl, header, sizeof(header))) != 0)3945 return ret; 3946 if ((ret = Hash OutputRaw(ssl, cookieData + idx, hashSz)) != 0)3811 if ((ret = HashRaw(ssl, header, sizeof(header))) != 0) 3812 return ret; 3813 if ((ret = HashRaw(ssl, cookieData + idx, hashSz)) != 0) 3947 3814 return ret; 3948 3815 3949 3816 /* Reconstruct the HelloRetryMessage for handshake hash. */ 3950 #ifdef WOLFSSL_TLS13_DRAFT_183951 length = HRR_BODY_SZ + HRR_COOKIE_HDR_SZ + cookie->len;3952 #else3953 3817 length = HRR_BODY_SZ - ID_LEN + ssl->session.sessionIDSz + 3954 3818 HRR_COOKIE_HDR_SZ + cookie->len; 3955 3819 length += HRR_VERSIONS_SZ; 3956 #endif3957 3820 if (cookieDataSz > hashSz + OPAQUE16_LEN) { 3958 3821 keyShareExt = 1; 3959 3822 length += HRR_KEY_SHARE_SZ; 3960 3823 } 3961 #ifdef WOLFSSL_TLS13_DRAFT_18 3962 AddTls13HandShakeHeader(hrr, length, 0, 0, hello_retry_request, ssl); 3963 3964 idx += hashSz; 3965 hrrIdx = HANDSHAKE_HEADER_SZ; 3966 /* The negotiated protocol version. */ 3967 hrr[hrrIdx++] = TLS_DRAFT_MAJOR; 3968 hrr[hrrIdx++] = TLS_DRAFT_MINOR; 3969 /* Cipher Suite */ 3970 hrr[hrrIdx++] = cookieData[idx++]; 3971 hrr[hrrIdx++] = cookieData[idx++]; 3972 3973 /* Extensions' length */ 3974 length -= HRR_BODY_SZ; 3975 c16toa(length, hrr + hrrIdx); 3976 hrrIdx += 2; 3977 #else 3824 3978 3825 AddTls13HandShakeHeader(hrr, length, 0, 0, server_hello, ssl); 3979 3826 … … 4007 3854 hrrIdx += 2; 4008 3855 4009 #endif4010 3856 /* Optional KeyShare Extension */ 4011 3857 if (keyShareExt) { … … 4017 3863 hrr[hrrIdx++] = cookieData[idx++]; 4018 3864 } 4019 #ifndef WOLFSSL_TLS13_DRAFT_184020 3865 c16toa(TLSX_SUPPORTED_VERSIONS, hrr + hrrIdx); 4021 3866 hrrIdx += 2; … … 4029 3874 hrr[hrrIdx++] = ssl->version.minor; 4030 3875 #endif 4031 #endif 3876 4032 3877 /* Mandatory Cookie Extension */ 4033 3878 c16toa(TLSX_COOKIE, hrr + hrrIdx); … … 4045 3890 #endif 4046 3891 4047 if ((ret = Hash OutputRaw(ssl, hrr, hrrIdx)) != 0)4048 return ret; 4049 return Hash OutputRaw(ssl, cookieData, cookie->len);3892 if ((ret = HashRaw(ssl, hrr, hrrIdx)) != 0) 3893 return ret; 3894 return HashRaw(ssl, cookieData, cookie->len); 4050 3895 } 4051 3896 #endif … … 4205 4050 } 4206 4051 4052 /* From here on we are a TLS 1.3 ClientHello. */ 4053 4207 4054 /* Client random */ 4208 4055 XMEMCPY(ssl->arrays->clientRandom, input + i, RAN_LEN); … … 4214 4061 #endif 4215 4062 4216 #ifdef WOLFSSL_TLS13_DRAFT_184217 /* Session id - empty in TLS v1.3 */4218 sessIdSz = input[i++];4219 if (sessIdSz > 0 && !ssl->options.downgrade) {4220 WOLFSSL_MSG("Client sent session id - not supported");4221 return BUFFER_ERROR;4222 }4223 #else4224 4063 sessIdSz = input[i++]; 4225 4064 if (sessIdSz != ID_LEN && sessIdSz != 0) 4226 4065 return INVALID_PARAMETER; 4227 #endif4228 4066 4229 4067 if (sessIdSz + i > helloSz) { … … 4251 4089 clSuites.hashSigAlgoSz = 0; 4252 4090 4253 #ifdef HAVE_SERVER_RENEGOTIATION_INFO4254 ret = FindSuite(&clSuites, 0, TLS_EMPTY_RENEGOTIATION_INFO_SCSV);4255 if (ret == SUITES_ERROR)4256 return BUFFER_ERROR;4257 if (ret >= 0) {4258 TLSX* extension;4259 4260 /* check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite */4261 ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions, ssl->heap);4262 if (ret != WOLFSSL_SUCCESS)4263 return ret;4264 4265 extension = TLSX_Find(ssl->extensions, TLSX_RENEGOTIATION_INFO);4266 if (extension) {4267 ssl->secure_renegotiation = (SecureRenegotiation*)extension->data;4268 ssl->secure_renegotiation->enabled = 1;4269 }4270 }4271 #endif /* HAVE_SERVER_RENEGOTIATION_INFO */4272 4273 4091 /* Compression */ 4274 4092 b = input[i++]; … … 4306 4124 } 4307 4125 4308 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ 4309 defined(WOLFSSL_HAPROXY) 4126 #ifdef HAVE_SNI 4310 4127 if ((ret = SNI_Callback(ssl)) != 0) 4311 4128 return ret; 4312 4129 ssl->options.side = WOLFSSL_SERVER_END; 4313 #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */4130 #endif 4314 4131 4315 4132 i += totalExtSz; … … 4321 4138 ssl->options.haveSessionId = 1; 4322 4139 4323 #if !defined(WOLFSSL_TLS13_DRAFT_18) &&defined(WOLFSSL_SEND_HRR_COOKIE)4140 #if defined(WOLFSSL_SEND_HRR_COOKIE) 4324 4141 if (ssl->options.sendCookie && 4325 4142 ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE) { … … 4340 4157 4341 4158 #if (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)) && \ 4342 defined(HAVE_TLS_EXTENSIONS)4159 defined(HAVE_TLS_EXTENSIONS) 4343 4160 if (TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY) != NULL) { 4344 4161 /* Refine list for PSK processing. */ … … 4362 4179 4363 4180 if (!usingPSK) { 4181 #ifndef NO_CERTS 4364 4182 if (TLSX_Find(ssl->extensions, TLSX_KEY_SHARE) == NULL) { 4365 4183 WOLFSSL_MSG("Client did not send a KeyShare extension"); … … 4379 4197 } 4380 4198 4381 #ifdef HAVE_NULL_CIPHER4199 #ifdef HAVE_NULL_CIPHER 4382 4200 if (ssl->options.cipherSuite0 == ECC_BYTE && 4383 4201 (ssl->options.cipherSuite == TLS_SHA256_SHA256 || … … 4386 4204 } 4387 4205 else 4388 #endif4206 #endif 4389 4207 /* Check that the negotiated ciphersuite matches protocol version. */ 4390 4208 if (ssl->options.cipherSuite0 != TLS13_BYTE) { … … 4395 4213 } 4396 4214 4397 #ifdef HAVE_SESSION_TICKET4215 #ifdef HAVE_SESSION_TICKET 4398 4216 if (ssl->options.resuming) { 4399 4217 ssl->options.resuming = 0; 4400 4218 XMEMSET(ssl->arrays->psk_key, 0, ssl->specs.hash_size); 4401 4219 } 4402 #endif4220 #endif 4403 4221 4404 4222 /* Derive early secret for handshake secret. */ 4405 4223 if ((ret = DeriveEarlySecret(ssl)) != 0) 4406 4224 return ret; 4225 #else 4226 ret = INVALID_PARAMETER; 4227 #endif 4407 4228 } 4408 4229 … … 4413 4234 } 4414 4235 4415 #ifdef WOLFSSL_TLS13_DRAFT_18 4416 /* handle generation of TLS 1.3 hello_retry_request (6) */ 4417 /* Send the HelloRetryRequest message to indicate the negotiated protocol 4418 * version and security parameters the server is willing to use. 4236 /* Send TLS v1.3 ServerHello message to client. 4419 4237 * Only a server will send this message. 4420 4238 * … … 4422 4240 * returns 0 on success, otherwise failure. 4423 4241 */ 4424 int SendTls13HelloRetryRequest(WOLFSSL* ssl)4425 {4426 int ret;4427 byte* output;4428 word32 length;4429 word16 len;4430 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;4431 int sendSz;4432 4433 WOLFSSL_ENTER("SendTls13HelloRetryRequest");4434 4435 /* Get the length of the extensions that will be written. */4436 len = 0;4437 ret = TLSX_GetResponseSize(ssl, hello_retry_request, &len);4438 /* There must be extensions sent to indicate what client needs to do. */4439 if (ret != 0)4440 return MISSING_HANDSHAKE_DATA;4441 4442 /* Protocol version + Extensions */4443 length = OPAQUE16_LEN + len;4444 sendSz = idx + length;4445 4446 /* Check buffers are big enough and grow if needed. */4447 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)4448 return ret;4449 4450 /* Get position in output buffer to write new message to. */4451 output = ssl->buffers.outputBuffer.buffer +4452 ssl->buffers.outputBuffer.length;4453 /* Add record and handshake headers. */4454 AddTls13Headers(output, length, hello_retry_request, ssl);4455 4456 /* The negotiated protocol version. */4457 output[idx++] = TLS_DRAFT_MAJOR;4458 output[idx++] = TLS_DRAFT_MINOR;4459 4460 /* Add TLS extensions. */4461 ret = TLSX_WriteResponse(ssl, output + idx, hello_retry_request, NULL);4462 if (ret != 0)4463 return ret;4464 idx += len;4465 4466 #ifdef WOLFSSL_CALLBACKS4467 if (ssl->hsInfoOn)4468 AddPacketName(ssl, "HelloRetryRequest");4469 if (ssl->toInfoOn) {4470 AddPacketInfo(ssl, "HelloRetryRequest", handshake, output, sendSz,4471 WRITE_PROTO, ssl->heap);4472 }4473 #endif4474 if ((ret = HashOutput(ssl, output, idx, 0)) != 0)4475 return ret;4476 4477 ssl->buffers.outputBuffer.length += sendSz;4478 4479 if (!ssl->options.groupMessages)4480 ret = SendBuffered(ssl);4481 4482 WOLFSSL_LEAVE("SendTls13HelloRetryRequest", ret);4483 4484 return ret;4485 }4486 #endif /* WOLFSSL_TLS13_DRAFT_18 */4487 4488 /* Send TLS v1.3 ServerHello message to client.4489 * Only a server will send this message.4490 *4491 * ssl The SSL/TLS object.4492 * returns 0 on success, otherwise failure.4493 */4494 #ifdef WOLFSSL_TLS13_DRAFT_184495 static4496 #endif4497 4242 /* handle generation of TLS 1.3 server_hello (2) */ 4498 4243 int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType) … … 4507 4252 WOLFSSL_ENTER("SendTls13ServerHello"); 4508 4253 4509 #ifndef WOLFSSL_TLS13_DRAFT_184510 4254 if (extMsgType == hello_retry_request) { 4511 4255 WOLFSSL_MSG("wolfSSL Doing HelloRetryRequest"); … … 4513 4257 return ret; 4514 4258 } 4515 #endif 4516 4517 #ifdef WOLFSSL_TLS13_DRAFT_18 4518 /* Protocol version, server random, cipher suite and extensions. */ 4519 length = VERSION_SZ + RAN_LEN + SUITE_LEN; 4520 ret = TLSX_GetResponseSize(ssl, server_hello, &length); 4521 if (ret != 0) 4522 return ret; 4523 #else 4259 4524 4260 /* Protocol version, server random, session id, cipher suite, compression 4525 4261 * and extensions. … … 4530 4266 if (ret != 0) 4531 4267 return ret; 4532 #endif4533 4268 sendSz = idx + length; 4534 4269 … … 4544 4279 AddTls13Headers(output, length, server_hello, ssl); 4545 4280 4546 #ifdef WOLFSSL_TLS13_DRAFT_184547 /* The negotiated protocol version. */4548 output[idx++] = TLS_DRAFT_MAJOR;4549 output[idx++] = TLS_DRAFT_MINOR;4550 #else4551 4281 /* The protocol version must be TLS v1.2 for middleboxes. */ 4552 4282 output[idx++] = ssl->version.major; 4553 4283 output[idx++] = TLSv1_2_MINOR; 4554 #endif4555 4284 4556 4285 if (extMsgType == server_hello) { … … 4559 4288 return ret; 4560 4289 } 4561 #ifndef WOLFSSL_TLS13_DRAFT_184562 4290 else { 4563 4291 /* HelloRetryRequest message has fixed value for random. */ 4564 4292 XMEMCPY(output + idx, helloRetryRequestRandom, RAN_LEN); 4565 4293 } 4566 #endif 4294 4567 4295 /* Store in SSL for debugging. */ 4568 4296 XMEMCPY(ssl->arrays->serverRandom, output + idx, RAN_LEN); … … 4574 4302 #endif 4575 4303 4576 #ifndef WOLFSSL_TLS13_DRAFT_184577 4304 output[idx++] = ssl->session.sessionIDSz; 4578 4305 if (ssl->session.sessionIDSz > 0) { … … 4580 4307 idx += ssl->session.sessionIDSz; 4581 4308 } 4582 #endif4583 4309 4584 4310 /* Chosen cipher suite */ … … 4586 4312 output[idx++] = ssl->options.cipherSuite; 4587 4313 4588 #ifndef WOLFSSL_TLS13_DRAFT_184589 4314 /* Compression not supported in TLS v1.3. */ 4590 4315 output[idx++] = 0; 4591 #endif4592 4316 4593 4317 /* Extensions */ … … 4610 4334 #endif 4611 4335 4612 #ifdef WOLFSSL_TLS13_DRAFT_184613 ssl->options.serverState = SERVER_HELLO_COMPLETE;4614 #else4615 4336 if (extMsgType == server_hello) 4616 4337 ssl->options.serverState = SERVER_HELLO_COMPLETE; 4617 #endif 4618 4619 #ifdef WOLFSSL_TLS13_DRAFT_18 4620 if (!ssl->options.groupMessages) 4621 #else 4338 4622 4339 if (!ssl->options.groupMessages || extMsgType != server_hello) 4623 #endif 4340 4624 4341 ret = SendBuffered(ssl); 4625 4342 … … 4651 4368 ssl->keys.encryptionOn = 1; 4652 4369 4653 #if ndef WOLFSSL_NO_SERVER_GROUPS_EXT4370 #if defined(HAVE_SUPPORTED_CURVES) && !defined(WOLFSSL_NO_SERVER_GROUPS_EXT) 4654 4371 if ((ret = TLSX_SupportedCurve_CheckPriority(ssl)) != 0) 4655 4372 return ret; … … 4750 4467 word32 i; 4751 4468 word16 reqSz; 4752 #ifndef WOLFSSL_TLS13_DRAFT_184753 4469 TLSX* ext; 4754 #endif4755 4470 4756 4471 WOLFSSL_START(WC_FUNC_CERTIFICATE_REQUEST_SEND); … … 4760 4475 InitSuitesHashSigAlgo(ssl->suites, 1, 1, 0, 1, ssl->buffers.keySz); 4761 4476 4762 #ifdef WOLFSSL_TLS13_DRAFT_184763 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;4764 reqSz = OPAQUE8_LEN + reqCtxLen + REQ_HEADER_SZ + REQ_HEADER_SZ;4765 reqSz += LENGTH_SZ + ssl->suites->hashSigAlgoSz;4766 4767 sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + reqSz;4768 /* Always encrypted and make room for padding. */4769 sendSz += MAX_MSG_EXTRA;4770 4771 /* Check buffers are big enough and grow if needed. */4772 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)4773 return ret;4774 4775 /* Get position in output buffer to write new message to. */4776 output = ssl->buffers.outputBuffer.buffer +4777 ssl->buffers.outputBuffer.length;4778 4779 /* Put the record and handshake headers on. */4780 AddTls13Headers(output, reqSz, certificate_request, ssl);4781 4782 /* Certificate request context. */4783 output[i++] = reqCtxLen;4784 if (reqCtxLen != 0) {4785 XMEMCPY(output + i, reqCtx, reqCtxLen);4786 i += reqCtxLen;4787 }4788 4789 /* supported hash/sig */4790 c16toa(ssl->suites->hashSigAlgoSz, &output[i]);4791 i += LENGTH_SZ;4792 4793 XMEMCPY(&output[i], ssl->suites->hashSigAlgo, ssl->suites->hashSigAlgoSz);4794 i += ssl->suites->hashSigAlgoSz;4795 4796 /* Certificate authorities not supported yet - empty buffer. */4797 c16toa(0, &output[i]);4798 i += REQ_HEADER_SZ;4799 4800 /* Certificate extensions. */4801 c16toa(0, &output[i]); /* auth's */4802 i += REQ_HEADER_SZ;4803 #else4804 4477 ext = TLSX_Find(ssl->extensions, TLSX_SIGNATURE_ALGORITHMS); 4805 4478 if (ext == NULL) … … 4841 4514 return ret; 4842 4515 i += reqSz; 4843 #endif4844 4516 4845 4517 /* Always encrypted. */ … … 5181 4853 #endif /* HAVE_ECC */ 5182 4854 5183 #if ndef NO_RSA4855 #if !defined(NO_RSA) && defined(WC_RSA_PSS) 5184 4856 /* Check that the decrypted signature matches the encoded signature 5185 4857 * based on the digest of the signature data. … … 5224 4896 return ret; 5225 4897 } 5226 #endif /* !NO_RSA */4898 #endif /* !NO_RSA && WC_RSA_PSS */ 5227 4899 #endif /* !NO_RSA || HAVE_ECC */ 5228 4900 … … 5534 5206 } 5535 5207 5208 #if (!defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ 5209 defined(HAVE_ED448)) && \ 5210 (!defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)) 5536 5211 typedef struct Scv13Args { 5537 5212 byte* output; /* not allocated */ … … 5650 5325 } 5651 5326 5652 if (args->length <= 0) {5327 if (args->length == 0) { 5653 5328 ERROR_OUT(NO_PRIVATE_KEY, exit_scv); 5654 5329 } … … 5657 5332 if (ssl->hsType == DYNAMIC_TYPE_RSA) 5658 5333 args->sigAlgo = rsa_pss_sa_algo; 5334 #ifdef HAVE_ECC 5659 5335 else if (ssl->hsType == DYNAMIC_TYPE_ECC) 5660 5336 args->sigAlgo = ecc_dsa_sa_algo; 5337 #endif 5661 5338 #ifdef HAVE_ED25519 5662 5339 else if (ssl->hsType == DYNAMIC_TYPE_ED25519) … … 5667 5344 args->sigAlgo = ed448_sa_algo; 5668 5345 #endif 5346 else { 5347 ERROR_OUT(ALGO_ID_E, exit_scv); 5348 } 5669 5349 EncodeSigAlg(ssl->suites->hashAlgo, args->sigAlgo, args->verify); 5670 5350 … … 5913 5593 return ret; 5914 5594 } 5915 5595 #endif 5596 5597 #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) 5916 5598 /* handle processing TLS v1.3 certificate (11) */ 5917 5599 /* Parse and handle a TLS v1.3 Certificate message. … … 5954 5636 return ret; 5955 5637 } 5638 #endif 5956 5639 5957 5640 #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ … … 6078 5761 if (args->sigAlgo == ed25519_sa_algo && 6079 5762 !ssl->peerEd25519KeyPresent) { 6080 WOLFSSL_MSG("Oops, peer sent ED25519 key but not in verify"); 5763 WOLFSSL_MSG("Peer sent ED22519 sig but not ED22519 cert"); 5764 ret = SIG_VERIFY_E; 5765 goto exit_dcv; 6081 5766 } 6082 5767 #endif 6083 5768 #ifdef HAVE_ED448 6084 5769 if (args->sigAlgo == ed448_sa_algo && !ssl->peerEd448KeyPresent) { 6085 WOLFSSL_MSG("Oops, peer sent ED448 key but not in verify"); 5770 WOLFSSL_MSG("Peer sent ED448 sig but not ED448 cert"); 5771 ret = SIG_VERIFY_E; 5772 goto exit_dcv; 6086 5773 } 6087 5774 #endif … … 6089 5776 if (args->sigAlgo == ecc_dsa_sa_algo && 6090 5777 !ssl->peerEccDsaKeyPresent) { 6091 WOLFSSL_MSG("Oops, peer sent ECC key but not in verify"); 5778 WOLFSSL_MSG("Peer sent ECC sig but not ECC cert"); 5779 ret = SIG_VERIFY_E; 5780 goto exit_dcv; 6092 5781 } 6093 5782 #endif 6094 5783 #ifndef NO_RSA 6095 5784 if (args->sigAlgo == rsa_sa_algo) { 6096 WOLFSSL_MSG(" Oops, peer sent PKCS#1.5 signature");5785 WOLFSSL_MSG("Peer sent PKCS#1.5 algo but not in certificate"); 6097 5786 ERROR_OUT(INVALID_PARAMETER, exit_dcv); 6098 5787 } 6099 5788 if (args->sigAlgo == rsa_pss_sa_algo && 6100 5789 (ssl->peerRsaKey == NULL || !ssl->peerRsaKeyPresent)) { 6101 WOLFSSL_MSG("Oops, peer sent RSA key but not in verify"); 5790 WOLFSSL_MSG("Peer sent RSA sig but not RSA cert"); 5791 ret = SIG_VERIFY_E; 5792 goto exit_dcv; 6102 5793 } 6103 5794 #endif … … 6261 5952 case TLS_ASYNC_VERIFY: 6262 5953 { 6263 #if ndef NO_RSA5954 #if !defined(NO_RSA) && defined(WC_RSA_PSS) 6264 5955 if (ssl->peerRsaKey != NULL && ssl->peerRsaKeyPresent != 0) { 6265 5956 ret = CheckRSASignature(ssl, args->sigAlgo, args->hashAlgo, … … 6271 5962 ssl->peerRsaKeyPresent = 0; 6272 5963 } 6273 #endif /* !NO_RSA */5964 #endif /* !NO_RSA && WC_RSA_PSS */ 6274 5965 6275 5966 /* Advance state and proceed */ … … 6291 5982 /* Advance state and proceed */ 6292 5983 ssl->options.asyncState = TLS_ASYNC_END; 5984 5985 #if !defined(NO_WOLFSSL_CLIENT) 5986 if (ssl->options.side == WOLFSSL_CLIENT_END) 5987 ssl->options.serverState = SERVER_CERT_VERIFY_COMPLETE; 5988 #endif 6293 5989 } /* case TLS_ASYNC_FINALIZE */ 6294 5990 … … 6326 6022 } 6327 6023 #endif /* !NO_RSA || HAVE_ECC */ 6024 #endif /* !NO_CERTS */ 6328 6025 6329 6026 /* Parse and handle a TLS v1.3 Finished message. … … 6338 6035 * returns 0 on success and otherwise failure. 6339 6036 */ 6340 staticint DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,6037 int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, 6341 6038 word32 size, word32 totalSz, int sniff) 6342 6039 { … … 6377 6074 secret = ssl->keys.server_write_MAC_secret; 6378 6075 } 6379 else 6076 else { 6380 6077 secret = ssl->keys.client_write_MAC_secret; 6381 6382 ret = BuildTls13HandshakeHmac(ssl, secret, mac, &finishedSz); 6383 if (ret != 0) 6384 return ret; 6385 if (size != finishedSz) 6386 return BUFFER_ERROR; 6387 6388 #ifdef WOLFSSL_CALLBACKS 6389 if (ssl->hsInfoOn) AddPacketName(ssl, "Finished"); 6390 if (ssl->toInfoOn) AddLateName("Finished", &ssl->timeoutInfo); 6391 #endif 6078 } 6079 6080 if (sniff == NO_SNIFF) { 6081 ret = BuildTls13HandshakeHmac(ssl, secret, mac, &finishedSz); 6082 if (ret != 0) 6083 return ret; 6084 if (size != finishedSz) 6085 return BUFFER_ERROR; 6086 } 6087 6088 #ifdef WOLFSSL_CALLBACKS 6089 if (ssl->hsInfoOn) AddPacketName(ssl, "Finished"); 6090 if (ssl->toInfoOn) AddLateName("Finished", &ssl->timeoutInfo); 6091 #endif 6392 6092 6393 6093 if (sniff == NO_SNIFF) { … … 6433 6133 return 0; 6434 6134 } 6435 #endif /* NO_CERTS */6436 6135 6437 6136 /* Send the TLS v1.3 Finished message. … … 6502 6201 if (sendSz < 0) 6503 6202 return BUILD_MSG_ERROR; 6504 6505 #ifndef NO_SESSION_CACHE6506 if (!ssl->options.resuming && (ssl->options.side == WOLFSSL_SERVER_END ||6507 (ssl->options.side == WOLFSSL_SERVER_END && ssl->arrays != NULL))) {6508 AddSession(ssl); /* just try */6509 }6510 #endif6511 6203 6512 6204 #ifdef WOLFSSL_CALLBACKS … … 6839 6531 word16 length; 6840 6532 word32 now; 6841 #ifndef WOLFSSL_TLS13_DRAFT_18 6842 const byte* nonce; 6843 byte nonceLength; 6844 #endif 6533 const byte* nonce; 6534 byte nonceLength; 6845 6535 6846 6536 WOLFSSL_START(WC_FUNC_NEW_SESSION_TICKET_DO); … … 6861 6551 *inOutIdx += SESSION_ADD_SZ; 6862 6552 6863 #ifndef WOLFSSL_TLS13_DRAFT_186864 6553 /* Ticket nonce. */ 6865 6554 if ((*inOutIdx - begin) + 1 > size) … … 6875 6564 nonce = input + *inOutIdx; 6876 6565 *inOutIdx += nonceLength; 6877 #endif6878 6566 6879 6567 /* Ticket length. */ … … 6902 6590 ssl->session.maxEarlyDataSz = ssl->options.maxEarlyDataSz; 6903 6591 #endif 6904 #ifndef WOLFSSL_TLS13_DRAFT_186905 6592 ssl->session.ticketNonce.len = nonceLength; 6906 6593 if (nonceLength > 0) 6907 6594 XMEMCPY(&ssl->session.ticketNonce.data, nonce, nonceLength); 6908 #endif6909 6595 ssl->session.namedGroup = ssl->namedGroup; 6910 6596 … … 7002 6688 if (ssl->earlyData != no_early_data) { 7003 6689 static byte endOfEarlyData[] = { 0x05, 0x00, 0x00, 0x00 }; 7004 ret = Hash InputRaw(ssl, endOfEarlyData, sizeof(endOfEarlyData));6690 ret = HashRaw(ssl, endOfEarlyData, sizeof(endOfEarlyData)); 7005 6691 if (ret != 0) 7006 6692 return ret; 7007 6693 } 7008 6694 #endif 7009 if ((ret = Hash InputRaw(ssl, header, sizeof(header))) != 0)7010 return ret; 7011 if ((ret = Hash InputRaw(ssl, mac, finishedSz)) != 0)6695 if ((ret = HashRaw(ssl, header, sizeof(header))) != 0) 6696 return ret; 6697 if ((ret = HashRaw(ssl, mac, finishedSz)) != 0) 7012 6698 return ret; 7013 6699 … … 7069 6755 #endif 7070 6756 7071 #ifndef WOLFSSL_TLS13_DRAFT_187072 6757 /* Start ticket nonce at 0 and go up to 255. */ 7073 6758 if (ssl->session.ticketNonce.len == 0) { … … 7077 6762 else 7078 6763 ssl->session.ticketNonce.data[0]++; 7079 #endif7080 6764 7081 6765 if (!ssl->options.noTicketTls13) { … … 7099 6783 length = SESSION_HINT_SZ + SESSION_ADD_SZ + LENGTH_SZ + 7100 6784 ssl->session.ticketLen + extSz; 7101 #ifndef WOLFSSL_TLS13_DRAFT_187102 6785 /* Nonce */ 7103 6786 length += TICKET_NONCE_LEN_SZ + DEF_TICKET_NONCE_SZ; 7104 #endif7105 6787 sendSz = idx + length + MAX_MSG_EXTRA; 7106 6788 … … 7123 6805 idx += SESSION_ADD_SZ; 7124 6806 7125 #ifndef WOLFSSL_TLS13_DRAFT_187126 6807 output[idx++] = ssl->session.ticketNonce.len; 7127 6808 output[idx++] = ssl->session.ticketNonce.data[0]; 7128 #endif7129 6809 7130 6810 /* length */ … … 7161 6841 ssl->buffers.outputBuffer.length += sendSz; 7162 6842 7163 if (!ssl->options.groupMessages) 7164 ret = SendBuffered(ssl); 6843 /* Always send as this is either directly after server's Finished or only 6844 * message after client's Finished. 6845 */ 6846 ret = SendBuffered(ssl); 7165 6847 7166 6848 WOLFSSL_LEAVE("SendTls13NewSessionTicket", 0); … … 7212 6894 } 7213 6895 #endif 7214 #ifdef WOLFSSL_TLS13_DRAFT_18 7215 if (ssl->msgsReceived.got_server_hello) { 6896 if (ssl->msgsReceived.got_server_hello == 1) { 7216 6897 WOLFSSL_MSG("Duplicate ServerHello received"); 7217 6898 return DUPLICATE_MSG_E; 7218 6899 } 7219 ssl->msgsReceived.got_server_hello = 1;7220 #else7221 if (ssl->msgsReceived.got_server_hello == 2) {7222 WOLFSSL_MSG("Duplicate ServerHello received");7223 return DUPLICATE_MSG_E;7224 }7225 6900 ssl->msgsReceived.got_server_hello++; 7226 #endif7227 6901 7228 6902 break; … … 7273 6947 #endif 7274 6948 7275 #ifdef WOLFSSL_TLS13_DRAFT_187276 #ifndef NO_WOLFSSL_CLIENT7277 case hello_retry_request:7278 #ifndef NO_WOLFSSL_SERVER7279 if (ssl->options.side == WOLFSSL_SERVER_END) {7280 WOLFSSL_MSG("HelloRetryRequest received by server");7281 return OUT_OF_ORDER_E;7282 }7283 #endif7284 if (ssl->options.clientState > CLIENT_FINISHED_COMPLETE) {7285 WOLFSSL_MSG("HelloRetryRequest received out of order");7286 return OUT_OF_ORDER_E;7287 }7288 if (ssl->msgsReceived.got_hello_retry_request) {7289 WOLFSSL_MSG("Duplicate HelloRetryRequest received");7290 return DUPLICATE_MSG_E;7291 }7292 ssl->msgsReceived.got_hello_retry_request = 1;7293 7294 break;7295 #endif7296 #endif7297 7298 6949 #ifndef NO_WOLFSSL_CLIENT 7299 6950 case encrypted_extensions: … … 7377 7028 if (ssl->options.serverState == 7378 7029 SERVER_ENCRYPTED_EXTENSIONS_COMPLETE && 7030 ssl->arrays != NULL && 7379 7031 ssl->arrays->psk_keySz != 0) { 7380 7032 WOLFSSL_MSG("CertificateRequset received while using PSK"); … … 7403 7055 /* Server's authenticating with PSK must not send this. */ 7404 7056 if (ssl->options.serverState == SERVER_CERT_COMPLETE && 7057 ssl->arrays != NULL && 7405 7058 ssl->arrays->psk_keySz != 0) { 7406 7059 WOLFSSL_MSG("CertificateVerify received while using PSK"); … … 7441 7094 return OUT_OF_ORDER_E; 7442 7095 } 7443 if (ssl->options.serverState < 7096 /* Must have seen certificate and verify from server except when 7097 * using PSK. */ 7098 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 7099 if (ssl->arrays != NULL && ssl->arrays->psk_keySz != 0) { 7100 if (ssl->options.serverState != 7444 7101 SERVER_ENCRYPTED_EXTENSIONS_COMPLETE) { 7102 WOLFSSL_MSG("Finished received out of order"); 7103 return OUT_OF_ORDER_E; 7104 } 7105 } 7106 else 7107 #endif 7108 if (ssl->options.serverState != SERVER_CERT_VERIFY_COMPLETE) { 7445 7109 WOLFSSL_MSG("Finished received out of order"); 7446 7110 return OUT_OF_ORDER_E; … … 7450 7114 #ifndef NO_WOLFSSL_SERVER 7451 7115 if (ssl->options.side == WOLFSSL_SERVER_END) { 7452 if (ssl->options.serverState <SERVER_FINISHED_COMPLETE) {7116 if (ssl->options.serverState != SERVER_FINISHED_COMPLETE) { 7453 7117 WOLFSSL_MSG("Finished received out of order"); 7454 7118 return OUT_OF_ORDER_E; … … 7531 7195 if (ssl->options.handShakeState == HANDSHAKE_DONE && 7532 7196 type != session_ticket && type != certificate_request && 7533 type != certificate && type != key_update ) {7197 type != certificate && type != key_update && type != finished) { 7534 7198 WOLFSSL_MSG("HandShake message after handshake complete"); 7535 7199 SendAlert(ssl, alert_fatal, unexpected_message); … … 7556 7220 #ifndef NO_WOLFSSL_CLIENT 7557 7221 /* Messages only received by client. */ 7558 #ifdef WOLFSSL_TLS13_DRAFT_187559 case hello_retry_request:7560 WOLFSSL_MSG("processing hello retry request");7561 ret = DoTls13HelloRetryRequest(ssl, input, inOutIdx, size);7562 break;7563 #endif7564 7565 7222 case server_hello: 7566 7223 WOLFSSL_MSG("processing server hello"); … … 7572 7229 IsAtLeastTLSv1_3(ssl->version)) { 7573 7230 ssl->options.cacheMessages = 0; 7574 if ( ssl->hsHashes->messages != NULL) {7231 if ((ssl->hsHashes != NULL) && (ssl->hsHashes->messages != NULL)) { 7575 7232 XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES); 7576 7233 ssl->hsHashes->messages = NULL; … … 7614 7271 7615 7272 /* Messages received by both client and server. */ 7616 #ifndef NO_CERTS 7273 #if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \ 7274 !defined(WOLFSSL_NO_CLIENT_AUTH)) 7617 7275 case certificate: 7618 7276 WOLFSSL_MSG("processing certificate"); … … 7676 7334 7677 7335 if ((ret = DeriveTls13Keys(ssl, handshake_key, 7678 7336 ENCRYPT_AND_DECRYPT_SIDE, 1)) != 0) { 7679 7337 return ret; 7680 7338 } 7681 7339 #ifdef WOLFSSL_EARLY_DATA 7682 if ((ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY)) != 0) 7683 return ret; 7684 #else 7340 if (ssl->earlyData != no_early_data) { 7341 if ((ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY)) != 0) 7342 return ret; 7343 } 7344 else 7345 #endif 7685 7346 if ((ret = SetKeysSide(ssl, ENCRYPT_AND_DECRYPT_SIDE)) != 0) 7686 7347 return ret; 7687 #endif7688 7348 } 7689 7349 … … 7693 7353 #ifdef WOLFSSL_EARLY_DATA 7694 7354 if ((ret = DeriveTls13Keys(ssl, traffic_key, 7695 7696 7355 ENCRYPT_AND_DECRYPT_SIDE, 7356 ssl->earlyData == no_early_data)) != 0) { 7697 7357 return ret; 7698 7358 } 7699 7359 #else 7700 7360 if ((ret = DeriveTls13Keys(ssl, traffic_key, 7701 7361 ENCRYPT_AND_DECRYPT_SIDE, 1)) != 0) { 7702 7362 return ret; 7703 7363 } … … 7711 7371 ssl->options.connectState = FIRST_REPLY_DONE; 7712 7372 ssl->options.handShakeState = CLIENT_HELLO_COMPLETE; 7713 7714 if (wolfSSL_connect_TLSv13(ssl) != SSL_SUCCESS) 7715 ret = POST_HAND_AUTH_ERROR; 7373 ssl->options.processReply = 0; /* doProcessInit */ 7374 7375 if (wolfSSL_connect_TLSv13(ssl) != WOLFSSL_SUCCESS) { 7376 ret = ssl->error; 7377 if (ret != WC_PENDING_E) 7378 ret = POST_HAND_AUTH_ERROR; 7379 } 7716 7380 } 7717 7381 #endif … … 7756 7420 int ret = 0; 7757 7421 word32 inputLength; 7422 byte type; 7423 word32 size = 0; 7758 7424 7759 7425 WOLFSSL_ENTER("DoTls13HandShakeMsg()"); 7760 7426 7761 7427 if (ssl->arrays == NULL) { 7762 byte type; 7763 word32 size; 7428 7764 7429 7765 7430 if (GetHandshakeHeader(ssl, input, inOutIdx, &type, &size, … … 7778 7443 * pending message size will be non-zero. */ 7779 7444 if (ssl->arrays->pendingMsgSz == 0) { 7780 byte type;7781 word32 size;7782 7445 7783 7446 if (GetHandshakeHeader(ssl,input, inOutIdx, &type, &size, totalSz) != 0) … … 7879 7542 if (ssl->buffers.outputBuffer.length > 0 7880 7543 #ifdef WOLFSSL_ASYNC_CRYPT 7881 /* do not send buffered or advance state if last error was an 7544 /* do not send buffered or advance state if last error was an 7882 7545 async pending operation */ 7883 7546 && ssl->error != WC_PENDING_E … … 7917 7580 #ifdef WOLFSSL_EARLY_DATA 7918 7581 if (ssl->earlyData != no_early_data) { 7919 #if !defined(WOLFSSL_TLS13_DRAFT_18) && \ 7920 defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 7582 #if defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 7921 7583 if ((ssl->error = SendChangeCipher(ssl)) != 0) { 7922 7584 WOLFSSL_ERROR(ssl->error); … … 7941 7603 } 7942 7604 7943 ssl->options.connectState = HELLO_AGAIN;7944 WOLFSSL_MSG("connect state: HELLO_AGAIN");7945 FALL_THROUGH;7946 7947 case HELLO_AGAIN:7948 if (ssl->options.certOnly)7949 return WOLFSSL_SUCCESS;7950 7951 7605 if (!ssl->options.tls1_3) { 7952 7606 #ifndef WOLFSSL_NO_TLS12 … … 7954 7608 return wolfSSL_connect(ssl); 7955 7609 #endif 7956 7957 7610 WOLFSSL_MSG("Client using higher version, fatal error"); 7958 7611 return VERSION_ERROR; 7959 7612 } 7960 7613 7614 ssl->options.connectState = HELLO_AGAIN; 7615 WOLFSSL_MSG("connect state: HELLO_AGAIN"); 7616 FALL_THROUGH; 7617 7618 case HELLO_AGAIN: 7619 if (ssl->options.certOnly) 7620 return WOLFSSL_SUCCESS; 7621 7961 7622 if (ssl->options.serverState == 7962 7623 SERVER_HELLO_RETRY_REQUEST_COMPLETE) { 7963 #if !defined(WOLFSSL_TLS13_DRAFT_18) && \ 7964 defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 7624 #if defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 7965 7625 if (!ssl->options.sentChangeCipher) { 7966 7626 if ((ssl->error = SendChangeCipher(ssl)) != 0) { … … 8011 7671 8012 7672 case FIRST_REPLY_FIRST: 8013 #if !defined(WOLFSSL_TLS13_DRAFT_18) && \ 8014 defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 7673 #if defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 8015 7674 if (!ssl->options.sentChangeCipher) { 8016 7675 if ((ssl->error = SendChangeCipher(ssl)) != 0) { … … 8043 7702 8044 7703 case FIRST_REPLY_THIRD: 8045 #ifndef NO_CERTS 7704 #if (!defined(NO_CERTS) && (!defined(NO_RSA) || defined(HAVE_ECC) || \ 7705 defined(HAVE_ED25519) || defined(HAVE_ED448))) && \ 7706 (!defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)) 8046 7707 if (!ssl->options.resuming && ssl->options.sendVerify) { 8047 7708 ssl->error = SendTls13CertificateVerify(ssl); … … 8172 7833 #endif 8173 7834 7835 #ifdef HAVE_SUPPORTED_CURVES 8174 7836 /* Create a key share entry from group. 8175 7837 * Generates a key pair. … … 8213 7875 return WOLFSSL_SUCCESS; 8214 7876 } 7877 #endif 8215 7878 8216 7879 /* Do not send a ticket after TLS v1.3 handshake for resumption. … … 8414 8077 return NOT_READY_ERROR; 8415 8078 8079 #ifdef HAVE_SUPPORTED_CURVES 8416 8080 /* Return supported groups only. */ 8417 8081 return TLSX_SupportedCurve_Preferred(ssl, 1); 8418 8082 #else 8083 return 0; 8084 #endif 8085 #else 8419 8086 return SIDE_ERROR; 8420 8087 #endif … … 8422 8089 #endif 8423 8090 8091 #if defined(HAVE_SUPPORTED_CURVES) 8424 8092 /* Sets the key exchange groups in rank order on a context. 8425 8093 * … … 8432 8100 int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups, int count) 8433 8101 { 8434 int i; 8435 8102 int ret, i; 8103 8104 WOLFSSL_ENTER("wolfSSL_CTX_set_groups"); 8436 8105 if (ctx == NULL || groups == NULL || count > WOLFSSL_MAX_GROUP_COUNT) 8437 8106 return BAD_FUNC_ARG; … … 8439 8108 return BAD_FUNC_ARG; 8440 8109 8441 for (i = 0; i < count; i++) 8442 ctx->group[i] = (word16)groups[i]; 8110 ctx->numGroups = 0; 8111 TLSX_Remove(&ctx->extensions, TLSX_SUPPORTED_GROUPS, ctx->heap); 8112 for (i = 0; i < count; i++) { 8113 /* Call to wolfSSL_CTX_UseSupportedCurve also checks if input groups 8114 * are valid */ 8115 if ((ret = wolfSSL_CTX_UseSupportedCurve(ctx, groups[i])) 8116 != WOLFSSL_SUCCESS) { 8117 TLSX_Remove(&ctx->extensions, TLSX_SUPPORTED_GROUPS, ctx->heap); 8118 return ret; 8119 } 8120 ctx->group[i] = groups[i]; 8121 } 8443 8122 ctx->numGroups = (byte)count; 8444 8123 … … 8456 8135 int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count) 8457 8136 { 8458 int i; 8459 8137 int ret, i; 8138 8139 WOLFSSL_ENTER("wolfSSL_set_groups"); 8460 8140 if (ssl == NULL || groups == NULL || count > WOLFSSL_MAX_GROUP_COUNT) 8461 8141 return BAD_FUNC_ARG; … … 8463 8143 return BAD_FUNC_ARG; 8464 8144 8465 for (i = 0; i < count; i++) 8466 ssl->group[i] = (word16)groups[i]; 8145 ssl->numGroups = 0; 8146 TLSX_Remove(&ssl->extensions, TLSX_SUPPORTED_GROUPS, ssl->heap); 8147 for (i = 0; i < count; i++) { 8148 /* Call to wolfSSL_UseSupportedCurve also checks if input groups 8149 * are valid */ 8150 if ((ret = wolfSSL_UseSupportedCurve(ssl, groups[i])) 8151 != WOLFSSL_SUCCESS) { 8152 TLSX_Remove(&ssl->extensions, TLSX_SUPPORTED_GROUPS, ssl->heap); 8153 return ret; 8154 } 8155 ssl->group[i] = groups[i]; 8156 } 8467 8157 ssl->numGroups = (byte)count; 8468 8158 8469 8159 return WOLFSSL_SUCCESS; 8470 8160 } 8161 #endif /* HAVE_SUPPORTED_CURVES */ 8471 8162 8472 8163 #ifndef NO_PSK … … 8607 8298 if (ssl->buffers.outputBuffer.length > 0 8608 8299 #ifdef WOLFSSL_ASYNC_CRYPT 8609 /* do not send buffered or advance state if last error was an 8300 /* do not send buffered or advance state if last error was an 8610 8301 async pending operation */ 8611 8302 && ssl->error != WC_PENDING_E … … 8653 8344 8654 8345 case TLS13_ACCEPT_CLIENT_HELLO_DONE : 8655 #ifdef WOLFSSL_TLS13_DRAFT_188656 if (ssl->options.serverState ==8657 SERVER_HELLO_RETRY_REQUEST_COMPLETE) {8658 if ((ssl->error = SendTls13HelloRetryRequest(ssl)) != 0) {8659 WOLFSSL_ERROR(ssl->error);8660 return WOLFSSL_FATAL_ERROR;8661 }8662 }8663 8664 ssl->options.acceptState = TLS13_ACCEPT_FIRST_REPLY_DONE;8665 WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE");8666 FALL_THROUGH;8667 8668 case TLS13_ACCEPT_HELLO_RETRY_REQUEST_DONE :8669 #else8670 8346 if (ssl->options.serverState == 8671 8347 SERVER_HELLO_RETRY_REQUEST_COMPLETE) { … … 8696 8372 WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE"); 8697 8373 FALL_THROUGH; 8698 #endif8699 8374 8700 8375 case TLS13_ACCEPT_FIRST_REPLY_DONE : … … 8724 8399 8725 8400 case TLS13_SERVER_HELLO_SENT : 8726 #if !defined(WOLFSSL_TLS13_DRAFT_18) && \ 8727 defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 8401 #if defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 8728 8402 if (!ssl->options.sentChangeCipher) { 8729 8403 if ((ssl->error = SendChangeCipher(ssl)) != 0) { … … 8740 8414 8741 8415 case TLS13_ACCEPT_THIRD_REPLY_DONE : 8416 #ifdef HAVE_SUPPORTED_CURVES 8742 8417 if (!ssl->options.noPskDheKe) { 8743 8418 ssl->error = TLSX_KeyShare_DeriveSecret(ssl); … … 8745 8420 return WOLFSSL_FATAL_ERROR; 8746 8421 } 8422 #endif 8747 8423 8748 8424 if ((ssl->error = SendTls13EncryptedExtensions(ssl)) != 0) { … … 8784 8460 8785 8461 case TLS13_CERT_SENT : 8786 #ifndef NO_CERTS 8462 #if !defined(NO_CERTS) && (!defined(NO_RSA) || defined(HAVE_ECC) || \ 8463 defined(HAVE_ED25519) || defined(HAVE_ED448)) 8787 8464 if (!ssl->options.resuming && ssl->options.sendVerify) { 8788 8465 if ((ssl->error = SendTls13CertificateVerify(ssl)) != 0) { -
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/src/wolfio.c
r457 r464 89 89 } 90 90 91 static WC_INLINE int wolfSSL_LastError(void) 92 { 91 static WC_INLINE int wolfSSL_LastError(int err) 92 { 93 (void)err; /* Suppress unused arg */ 94 93 95 #ifdef USE_WINDOWS_API 94 96 return WSAGetLastError(); 95 97 #elif defined(EBSNET) 96 98 return xn_getlasterror(); 99 #elif defined(WOLFSSL_LINUXKM) 100 return err; /* Return provided error value */ 101 #elif defined(FUSION_RTOS) 102 #include <fclerrno.h> 103 return FCL_GET_ERRNO; 97 104 #else 98 105 return errno; … … 104 111 105 112 #ifdef OPENSSL_EXTRA 113 #ifndef NO_BIO 106 114 /* Use the WOLFSSL read BIO for receiving data. This is set by the function 107 115 * wolfSSL_set_bio and can also be set by wolfSSL_CTX_SetIORecv. … … 182 190 WOLFSSL_MSG("Calling custom biowr"); 183 191 sent = ssl->biowr->method->writeCb(ssl->biowr, buf, sz); 184 if ( sent < 0) {192 if ((sent < 0) && (sent != WOLFSSL_CBIO_ERR_WANT_WRITE)) { 185 193 return WOLFSSL_CBIO_ERR_GENERAL; 186 194 } … … 205 213 return sent; 206 214 } 207 #endif 215 #endif /* !NO_BIO */ 216 #endif /* OPENSSL_EXTRA */ 208 217 209 218 … … 215 224 int EmbedReceive(WOLFSSL *ssl, char *buf, int sz, void *ctx) 216 225 { 226 int recvd; 227 #ifndef WOLFSSL_LINUXKM 217 228 int sd = *(int*)ctx; 218 int recvd; 229 #else 230 struct socket *sd = (struct socket*)ctx; 231 #endif 219 232 220 233 recvd = wolfIO_Recv(sd, buf, sz, ssl->rflags); 221 234 if (recvd < 0) { 222 int err = wolfSSL_LastError( );235 int err = wolfSSL_LastError(recvd); 223 236 WOLFSSL_MSG("Embed Receive error"); 224 237 … … 257 270 int EmbedSend(WOLFSSL* ssl, char *buf, int sz, void *ctx) 258 271 { 272 int sent; 273 #ifndef WOLFSSL_LINUXKM 259 274 int sd = *(int*)ctx; 260 int sent; 275 #else 276 struct socket *sd = (struct socket*)ctx; 277 #endif 261 278 262 279 #ifdef WOLFSSL_MAX_SEND_SZ … … 267 284 sent = wolfIO_Send(sd, buf, sz, ssl->wflags); 268 285 if (sent < 0) { 269 int err = wolfSSL_LastError( );286 int err = wolfSSL_LastError(sent); 270 287 WOLFSSL_MSG("Embed Send error"); 271 288 … … 319 336 WOLFSSL_ENTER("EmbedReceiveFrom()"); 320 337 321 if (ssl->options.handShakeDone) 338 /* Don't use ssl->options.handShakeDone since it is true even if 339 * we are in the process of renegotiation */ 340 if (ssl->options.handShakeState == HANDSHAKE_DONE) 322 341 dtls_timeout = 0; 323 342 … … 335 354 } 336 355 } 356 #ifndef NO_ASN_TIME 357 else if(IsSCR(ssl)) { 358 if (ssl->dtls_start_timeout && 359 LowResTimer() - ssl->dtls_start_timeout > (word32)dtls_timeout) { 360 ssl->dtls_start_timeout = 0; 361 return WOLFSSL_CBIO_ERR_TIMEOUT; 362 } 363 else if (!ssl->dtls_start_timeout) { 364 ssl->dtls_start_timeout = LowResTimer(); 365 } 366 } 367 #endif /* !NO_ASN_TIME */ 337 368 338 369 recvd = (int)RECVFROM_FUNCTION(sd, buf, sz, ssl->rflags, … … 342 373 343 374 if (recvd < 0) { 344 err = wolfSSL_LastError( );375 err = wolfSSL_LastError(recvd); 345 376 WOLFSSL_MSG("Embed Receive From error"); 346 377 … … 380 411 } 381 412 } 413 #ifndef NO_ASN_TIME 414 ssl->dtls_start_timeout = 0; 415 #endif /* !NO_ASN_TIME */ 382 416 383 417 return recvd; … … 404 438 405 439 if (sent < 0) { 406 err = wolfSSL_LastError( );440 err = wolfSSL_LastError(sent); 407 441 WOLFSSL_MSG("Embed Send To error"); 408 442 … … 452 486 453 487 if (recvd < 0) { 454 err = wolfSSL_LastError( );488 err = wolfSSL_LastError(recvd); 455 489 WOLFSSL_MSG("Embed Receive From error"); 456 490 … … 636 670 #endif /* WOLFSSL_SESSION_EXPORT */ 637 671 #endif /* WOLFSSL_DTLS */ 672 673 #ifdef WOLFSSL_LINUXKM 674 static int linuxkm_send(struct socket *socket, void *buf, int size, 675 unsigned int flags) 676 { 677 int ret; 678 struct kvec vec = { .iov_base = buf, .iov_len = size }; 679 struct msghdr msg = { .msg_flags = flags }; 680 ret = kernel_sendmsg(socket, &msg, &vec, 1, size); 681 return ret; 682 } 683 684 static int linuxkm_recv(struct socket *socket, void *buf, int size, 685 unsigned int flags) 686 { 687 int ret; 688 struct kvec vec = { .iov_base = buf, .iov_len = size }; 689 struct msghdr msg = { .msg_flags = flags }; 690 ret = kernel_recvmsg(socket, &msg, &vec, 1, size, msg.msg_flags); 691 return ret; 692 } 693 #endif /* WOLFSSL_LINUXKM */ 638 694 639 695 … … 733 789 } 734 790 } 791 792 WOLFSSL_MSG("Select error"); 735 793 return SOCKET_ERROR_E; 736 794 } … … 780 838 #endif 781 839 840 if (sockfd == NULL || ip == NULL) { 841 return -1; 842 } 843 782 844 XMEMSET(&addr, 0, sizeof(addr)); 783 845 … … 822 884 823 885 *sockfd = (SOCKET_T)socket(addr.ss_family, SOCK_STREAM, 0); 824 825 886 #ifdef USE_WINDOWS_API 826 if (*sockfd == INVALID_SOCKET) { 887 if (*sockfd == SOCKET_INVALID) 888 #else 889 if (*sockfd <= SOCKET_INVALID) 890 #endif 891 { 827 892 WOLFSSL_MSG("bad socket fd, out of fds?"); 828 893 return -1; 829 894 } 830 #else831 if (*sockfd < 0) {832 WOLFSSL_MSG("bad socket fd, out of fds?");833 return -1;834 }835 #endif836 895 837 896 #ifdef HAVE_IO_TIMEOUT … … 858 917 if (ret != 0) { 859 918 WOLFSSL_MSG("Responder tcp connect failed"); 919 CloseSocket(*sockfd); 920 *sockfd = SOCKET_INVALID; 860 921 return -1; 861 922 } … … 1074 1135 } 1075 1136 else { 1137 result = TranslateReturnCode(result, sfd); 1138 result = wolfSSL_LastError(result); 1139 if (result == SOCKET_EWOULDBLOCK || result == SOCKET_EAGAIN) { 1140 return OCSP_WANT_READ; 1141 } 1142 1076 1143 WOLFSSL_MSG("wolfIO_HttpProcessResponse recv http from peer failed"); 1077 1144 return -1; … … 1339 1406 byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf) 1340 1407 { 1341 SOCKET_T sfd = 0;1408 SOCKET_T sfd = SOCKET_INVALID; 1342 1409 word16 port; 1343 1410 int ret = -1; … … 1386 1453 1387 1454 ret = wolfIO_TcpConnect(&sfd, domainName, port, io_timeout_sec); 1388 if ( (ret != 0) || ((int)sfd < 0)) {1455 if (ret != 0) { 1389 1456 WOLFSSL_MSG("OCSP Responder connection failed"); 1390 1457 } … … 1401 1468 HTTP_SCRATCH_BUFFER_SIZE, ctx); 1402 1469 } 1403 1404 CloseSocket(sfd);1470 if (sfd != SOCKET_INVALID) 1471 CloseSocket(sfd); 1405 1472 XFREE(httpBuf, ctx, DYNAMIC_TYPE_OCSP); 1406 1473 } … … 1460 1527 int EmbedCrlLookup(WOLFSSL_CRL* crl, const char* url, int urlSz) 1461 1528 { 1462 SOCKET_T sfd = 0;1529 SOCKET_T sfd = SOCKET_INVALID; 1463 1530 word16 port; 1464 1531 int ret = -1; … … 1492 1559 1493 1560 ret = wolfIO_TcpConnect(&sfd, domainName, port, io_timeout_sec); 1494 if ( (ret != 0) || (sfd < 0)) {1561 if (ret != 0) { 1495 1562 WOLFSSL_MSG("CRL connection failed"); 1496 1563 } … … 1503 1570 HTTP_SCRATCH_BUFFER_SIZE); 1504 1571 } 1505 1506 CloseSocket(sfd);1572 if (sfd != SOCKET_INVALID) 1573 CloseSocket(sfd); 1507 1574 XFREE(httpBuf, crl->heap, DYNAMIC_TYPE_CRL); 1508 1575 } … … 2031 2098 2032 2099 XMEMSET(mynewt_ctx, 0, sizeof(Mynewt_Ctx)); 2033 mynewt_ctx->mnMemBuffer = XMALLOC(mempool_bytes, 0, 0);2100 mynewt_ctx->mnMemBuffer = (void *)XMALLOC(mempool_bytes, 0, 0); 2034 2101 if(!mynewt_ctx->mnMemBuffer) { 2035 2102 mynewt_ctx_clear((void*)mynewt_ctx); … … 2082 2149 struct os_mbuf *m; 2083 2150 int read_sz = 0; 2084 uint16_ttotal;2151 word16 total; 2085 2152 2086 2153 if (mynewt_ctx == NULL || mynewt_ctx->mnSocket == NULL) { … … 2325 2392 sock_udp_ep_t ep; 2326 2393 int ret; 2327 uint32_ttimeout = wolfSSL_dtls_get_current_timeout(ssl) * 1000000;2394 word32 timeout = wolfSSL_dtls_get_current_timeout(ssl) * 1000000; 2328 2395 sock_tls_t *ctx = (sock_tls_t *)_ctx; 2329 2396 if (!ctx)
Note:
See TracChangeset
for help on using the changeset viewer.