OVMS3-idf/components/openssl/library/ssl_x509.c

// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at

//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

#include "ssl_x509.h"
#include "ssl_methods.h"
#include "ssl_dbg.h"
#include "ssl_port.h"

/*
 * sk_X509_NAME_new_null - create a X509 certification object
 *
 * @param none
 *
 * @return X509 certification object point or NULL if failed
 */
X509* X509_new(void)
{
    int ret;
    X509 *x;

    x = ssl_malloc(sizeof(X509));
    if (!x)
        SSL_RET(failed1, "ssl_malloc\n");

    x->method = X509_method();

    ret = x->method->x509_new(x);
    if (ret)
        SSL_RET(failed2, "x509_new\n");

    return x;

failed2:
    ssl_free(x);
failed1:
    return NULL;
}

/*
 * X509_free - free a X509 certification object
 *
 * @param x - X509 certification object point
 *
 * @return none
 */
void X509_free(X509 *x)
{
    X509_METHOD_CALL(free, x);

    ssl_free(x);
};

/*
 * d2i_X509 - load a character certification context into system context. If '*cert' is pointed to the
 *            certification, then load certification into it. Or create a new X509 certification object
 *
 * @param cert   - a point pointed to X509 certification
 * @param buffer - a point pointed to the certification context memory point
 * @param length - certification bytes
 *
 * @return X509 certification object point or NULL if failed
 */
X509* d2i_X509(X509 **cert, const unsigned char *buffer, long len)
{
    int m = 0;
    int ret;
    X509 *x;

    SSL_ASSERT(buffer);
    SSL_ASSERT(len);

    if (cert && *cert) {
        x = *cert;
    } else {
        x = X509_new();
        if (!x)
            SSL_RET(failed1, "X509_new\n");
        m = 1;
    }

    ret = X509_METHOD_CALL(load, x, buffer, len);
    if (ret)
        SSL_RET(failed2, "x509_load\n");

    return x;

failed2:
    if (m)
        X509_free(x);
failed1:
    return NULL;
}

/*
 * SSL_CTX_add_client_CA - set SSL context client CA certification
 *
 * @param ctx - SSL context point
 * @param x   - client CA certification point
 *
 * @return
 *         1 : OK
 *         0 : failed
 */
int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
{
    SSL_ASSERT(ctx);
    SSL_ASSERT(x);

    if (ctx->client_CA)
        X509_free(ctx->client_CA);

    ctx->client_CA = x;

    return 1;
}

/*
 * SSL_add_client_CA - add CA client certification into the SSL
 *
 * @param ssl - SSL point
 * @param x   - CA certification point
 *
 * @return
 *        1 : OK
 *        0 : failed
 */
int SSL_add_client_CA(SSL *ssl, X509 *x)
{
    SSL_ASSERT(ssl);
    SSL_ASSERT(x);

    if (ssl->client_CA)
        X509_free(ssl->client_CA);

    ssl->client_CA = x;

    return 1;
}

/*
 * SSL_CTX_use_certificate - set the SSL context certification
 *
 * @param ctx - SSL context point
 * @param x   - X509 certification point
 *
 * @return
 *         1 : OK
 *         0 : failed
 */
int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
{
    SSL_ASSERT(ctx);
    SSL_ASSERT(x);

    ctx->cert->x509 = x;

    return 1;
}

/*
 * SSL_CTX_use_certificate - set the SSL certification
 *
 * @param ctx - SSL point
 * @param x   - X509 certification point
 *
 * @return
 *         1 : OK
 *         0 : failed
 */
int SSL_use_certificate(SSL *ssl, X509 *x)
{
    SSL_ASSERT(ctx);
    SSL_ASSERT(x);

    ssl->cert->x509 = x;

    return 1;
}

/*
 * SSL_get_certificate - get the SSL certification point
 *
 * @param ssl - SSL point
 *
 * @return SSL certification point
 */
X509 *SSL_get_certificate(const SSL *ssl)
{
    SSL_ASSERT(ssl);

    return ssl->cert->x509;
}

/*
 * SSL_CTX_use_certificate_ASN1 - load certification into the SSL context
 *
 * @param ctx - SSL context point
 * @param len - certification context bytes
 * @param d   - certification context point
 *
 * @return
 *         1 : OK
 *         0 : failed
 */
int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
                                 const unsigned char *d)
{
    int ret;
    X509 *cert;
    const unsigned char *pbuf;

    cert = d2i_X509(&ctx->cert->x509, d, len);
    if (!cert)
        SSL_RET(failed1, "d2i_X509\n");

    ret = SSL_CTX_use_certificate(ctx, cert);
    if (!ret)
        SSL_RET(failed2, "SSL_CTX_use_certificate\n");

    ctx->cert->x509->ref++;

    return 1;

failed2:
    X509_free(cert);
failed1:
    return 0;
}

/*
 * SSL_use_certificate_ASN1 - load certification into the SSL
 *
 * @param ctx - SSL point
 * @param len - certification context bytes
 * @param d   - certification context point
 *
 * @return
 *         1 : OK
 *         0 : failed
 */
int SSL_use_certificate_ASN1(SSL *ssl, int len,
                             const unsigned char *d)
{
    int ret;
    X509 *cert;

    if (ssl->cert->x509->ref)
        SSL_RET(failed1);

    cert = d2i_X509(NULL, d, len);
    if (!cert)
        SSL_RET(failed1, "d2i_X509\n");

    ret = SSL_use_certificate(ssl, cert);
    if (!ret)
        SSL_RET(failed2, "SSL_use_certificate\n");

    ssl->cert->x509->ref++;

    return 1;

failed2:
    X509_free(cert);
failed1:
    return 0;
}

/*
 * SSL_CTX_use_certificate_file - load the certification file into SSL context
 *
 * @param ctx  - SSL context point
 * @param file - certification file name
 * @param type - certification encoding type
 *
 * @return
 *         1 : OK
 *         0 : failed
 */
int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
{
    return 0;
}

/*
 * SSL_use_certificate_file - load the certification file into SSL
 *
 * @param ctx  - SSL point
 * @param file - certification file name
 * @param type - certification encoding type
 *
 * @return
 *         1 : OK
 *         0 : failed
 */
int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
{
    return 0;
}
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD`
			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`

			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

components/openssl: add base function version 2016-09-20 08:58:46 +00:00			`#include "ssl_x509.h"`
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`#include "ssl_methods.h"`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00			`#include "ssl_dbg.h"`
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`#include "ssl_port.h"`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`/*`
			`* sk_X509_NAME_new_null - create a X509 certification object`
			`*`
			`* @param none`
			`*`
			`* @return X509 certification object point or NULL if failed`
			`*/`
component/openssl: add openssl stack function and clear unused variate 1. add openssl 'new' and 'free' function 2. add clear unused variate to void warning to appear when compile 3. add internal function 'X509_new' to take the place of 'sk_X509_NAME_new_null' function whitch is openssl stack function 2016-09-22 06:42:49 +00:00			`X509* X509_new(void)`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00			`{`
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`int ret;`
			`X509 *x;`

			`x = ssl_malloc(sizeof(X509));`
			`if (!x)`
			`SSL_RET(failed1, "ssl_malloc\n");`

			`x->method = X509_method();`

			`ret = x->method->x509_new(x);`
			`if (ret)`
			`SSL_RET(failed2, "x509_new\n");`

			`return x;`

			`failed2:`
			`ssl_free(x);`
			`failed1:`
			`return NULL;`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00			`}`

components/openssl: add license header 2016-09-22 02:28:08 +00:00			`/*`
			`* X509_free - free a X509 certification object`
			`*`
			`* @param x - X509 certification object point`
			`*`
			`* @return none`
			`*/`
			`void X509_free(X509 *x)`
			`{`
			`X509_METHOD_CALL(free, x);`

			`ssl_free(x);`
			`};`

			`/*`
			`* d2i_X509 - load a character certification context into system context. If '*cert' is pointed to the`
			`* certification, then load certification into it. Or create a new X509 certification object`
			`*`
			`* @param cert - a point pointed to X509 certification`
			`* @param buffer - a point pointed to the certification context memory point`
			`* @param length - certification bytes`
			`*`
			`* @return X509 certification object point or NULL if failed`
			`*/`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00			`X509* d2i_X509(X509 *cert, const unsigned char buffer, long len)`
			`{`
component/openssl: add openssl stack function and clear unused variate 1. add openssl 'new' and 'free' function 2. add clear unused variate to void warning to appear when compile 3. add internal function 'X509_new' to take the place of 'sk_X509_NAME_new_null' function whitch is openssl stack function 2016-09-22 06:42:49 +00:00			`int m = 0;`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00			`int ret;`
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`X509 *x;`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00
			`SSL_ASSERT(buffer);`
			`SSL_ASSERT(len);`

components/openssl: add license header 2016-09-22 02:28:08 +00:00			`if (cert && *cert) {`
			`x = *cert;`
			`} else {`
component/openssl: add openssl stack function and clear unused variate 1. add openssl 'new' and 'free' function 2. add clear unused variate to void warning to appear when compile 3. add internal function 'X509_new' to take the place of 'sk_X509_NAME_new_null' function whitch is openssl stack function 2016-09-22 06:42:49 +00:00			`x = X509_new();`
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`if (!x)`
components/openssl: SSL load verify data from itself structure when "new" 2016-09-22 08:41:51 +00:00			`SSL_RET(failed1, "X509_new\n");`
component/openssl: add openssl stack function and clear unused variate 1. add openssl 'new' and 'free' function 2. add clear unused variate to void warning to appear when compile 3. add internal function 'X509_new' to take the place of 'sk_X509_NAME_new_null' function whitch is openssl stack function 2016-09-22 06:42:49 +00:00			`m = 1;`
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`}`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`ret = X509_METHOD_CALL(load, x, buffer, len);`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00			`if (ret)`
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`SSL_RET(failed2, "x509_load\n");`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00
components/openssl: add license header 2016-09-22 02:28:08 +00:00			`return x;`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00
			`failed2:`
component/openssl: add openssl stack function and clear unused variate 1. add openssl 'new' and 'free' function 2. add clear unused variate to void warning to appear when compile 3. add internal function 'X509_new' to take the place of 'sk_X509_NAME_new_null' function whitch is openssl stack function 2016-09-22 06:42:49 +00:00			`if (m)`
			`X509_free(x);`
components/openssl: add base function version 2016-09-20 08:58:46 +00:00			`failed1:`
			`return NULL;`
			`}`
components/openssl: delete ssl_rsa.c & .h file 2016-09-22 03:43:59 +00:00
			`/*`
			`* SSL_CTX_add_client_CA - set SSL context client CA certification`
			`*`
			`* @param ctx - SSL context point`
			`* @param x - client CA certification point`
			`*`
			`* @return`
			`* 1 : OK`
			`* 0 : failed`
			`*/`
			`int SSL_CTX_add_client_CA(SSL_CTX ctx, X509 x)`
			`{`
			`SSL_ASSERT(ctx);`
			`SSL_ASSERT(x);`

component/openssl: add openssl stack function and clear unused variate 1. add openssl 'new' and 'free' function 2. add clear unused variate to void warning to appear when compile 3. add internal function 'X509_new' to take the place of 'sk_X509_NAME_new_null' function whitch is openssl stack function 2016-09-22 06:42:49 +00:00			`if (ctx->client_CA)`
			`X509_free(ctx->client_CA);`

components/openssl: delete ssl_rsa.c & .h file 2016-09-22 03:43:59 +00:00			`ctx->client_CA = x;`

			`return 1;`
			`}`

components/openssl: 1. add stack_st structure and its advanced defination including its derived child defination 2. add SSL_add_client_CA & SSL_get_certificate 2016-09-22 04:57:39 +00:00			`/*`
			`* SSL_add_client_CA - add CA client certification into the SSL`
			`*`
			`* @param ssl - SSL point`
			`* @param x - CA certification point`
			`*`
			`* @return`
			`* 1 : OK`
			`* 0 : failed`
			`*/`
			`int SSL_add_client_CA(SSL ssl, X509 x)`
			`{`
component/openssl: add openssl stack function and clear unused variate 1. add openssl 'new' and 'free' function 2. add clear unused variate to void warning to appear when compile 3. add internal function 'X509_new' to take the place of 'sk_X509_NAME_new_null' function whitch is openssl stack function 2016-09-22 06:42:49 +00:00			`SSL_ASSERT(ssl);`
			`SSL_ASSERT(x);`

			`if (ssl->client_CA)`
			`X509_free(ssl->client_CA);`

			`ssl->client_CA = x;`

			`return 1;`
components/openssl: 1. add stack_st structure and its advanced defination including its derived child defination 2. add SSL_add_client_CA & SSL_get_certificate 2016-09-22 04:57:39 +00:00			`}`

components/openssl: delete ssl_rsa.c & .h file 2016-09-22 03:43:59 +00:00			`/*`
			`* SSL_CTX_use_certificate - set the SSL context certification`
			`*`
			`* @param ctx - SSL context point`
			`* @param x - X509 certification point`
			`*`
			`* @return`
			`* 1 : OK`
			`* 0 : failed`
			`*/`
			`int SSL_CTX_use_certificate(SSL_CTX ctx, X509 x)`
			`{`
			`SSL_ASSERT(ctx);`
			`SSL_ASSERT(x);`

			`ctx->cert->x509 = x;`

			`return 1;`
			`}`

components/openssl: add function load verify data into SSL 1. add function to load private key into SSL 1. add function to load certification into SSL 2016-09-22 07:56:56 +00:00			`/*`
			`* SSL_CTX_use_certificate - set the SSL certification`
			`*`
			`* @param ctx - SSL point`
			`* @param x - X509 certification point`
			`*`
			`* @return`
			`* 1 : OK`
			`* 0 : failed`
			`*/`
			`int SSL_use_certificate(SSL ssl, X509 x)`
			`{`
			`SSL_ASSERT(ctx);`
			`SSL_ASSERT(x);`

			`ssl->cert->x509 = x;`

			`return 1;`
			`}`

components/openssl: 1. add stack_st structure and its advanced defination including its derived child defination 2. add SSL_add_client_CA & SSL_get_certificate 2016-09-22 04:57:39 +00:00			`/*`
			`* SSL_get_certificate - get the SSL certification point`
			`*`
			`* @param ssl - SSL point`
			`*`
			`* @return SSL certification point`
			`*/`
			`X509 SSL_get_certificate(const SSL ssl)`
			`{`
components/openssl: add function load verify data into SSL 1. add function to load private key into SSL 1. add function to load certification into SSL 2016-09-22 07:56:56 +00:00			`SSL_ASSERT(ssl);`

components/openssl: 1. add stack_st structure and its advanced defination including its derived child defination 2. add SSL_add_client_CA & SSL_get_certificate 2016-09-22 04:57:39 +00:00			`return ssl->cert->x509;`
			`}`

components/openssl: delete ssl_rsa.c & .h file 2016-09-22 03:43:59 +00:00			`/*`
			`* SSL_CTX_use_certificate_ASN1 - load certification into the SSL context`
			`*`
			`* @param ctx - SSL context point`
			`* @param len - certification context bytes`
			`* @param d - certification context point`
			`*`
			`* @return`
			`* 1 : OK`
			`* 0 : failed`
			`*/`
			`int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,`
			`const unsigned char *d)`
			`{`
			`int ret;`
			`X509 *cert;`
components/openssl: SSL load verify data from itself structure when "new" 2016-09-22 08:41:51 +00:00			`const unsigned char *pbuf;`
components/openssl: delete ssl_rsa.c & .h file 2016-09-22 03:43:59 +00:00
			`cert = d2i_X509(&ctx->cert->x509, d, len);`
			`if (!cert)`
			`SSL_RET(failed1, "d2i_X509\n");`

			`ret = SSL_CTX_use_certificate(ctx, cert);`
			`if (!ret)`
			`SSL_RET(failed2, "SSL_CTX_use_certificate\n");`

components/openssl: SSL load verify data from itself structure when "new" 2016-09-22 08:41:51 +00:00			`ctx->cert->x509->ref++;`

components/openssl: delete ssl_rsa.c & .h file 2016-09-22 03:43:59 +00:00			`return 1;`

			`failed2:`
			`X509_free(cert);`
			`failed1:`
			`return 0;`
			`}`

components/openssl: add function load verify data into SSL 1. add function to load private key into SSL 1. add function to load certification into SSL 2016-09-22 07:56:56 +00:00			`/*`
			`* SSL_use_certificate_ASN1 - load certification into the SSL`
			`*`
			`* @param ctx - SSL point`
			`* @param len - certification context bytes`
			`* @param d - certification context point`
			`*`
			`* @return`
			`* 1 : OK`
			`* 0 : failed`
			`*/`
			`int SSL_use_certificate_ASN1(SSL *ssl, int len,`
			`const unsigned char *d)`
			`{`
			`int ret;`
			`X509 *cert;`

components/openssl: SSL load verify data from itself structure when "new" 2016-09-22 08:41:51 +00:00			`if (ssl->cert->x509->ref)`
			`SSL_RET(failed1);`

			`cert = d2i_X509(NULL, d, len);`
components/openssl: add function load verify data into SSL 1. add function to load private key into SSL 1. add function to load certification into SSL 2016-09-22 07:56:56 +00:00			`if (!cert)`
			`SSL_RET(failed1, "d2i_X509\n");`

			`ret = SSL_use_certificate(ssl, cert);`
			`if (!ret)`
			`SSL_RET(failed2, "SSL_use_certificate\n");`

components/openssl: SSL load verify data from itself structure when "new" 2016-09-22 08:41:51 +00:00			`ssl->cert->x509->ref++;`

components/openssl: add function load verify data into SSL 1. add function to load private key into SSL 1. add function to load certification into SSL 2016-09-22 07:56:56 +00:00			`return 1;`

			`failed2:`
			`X509_free(cert);`
			`failed1:`
			`return 0;`
			`}`

components/openssl: add empty function to load verify file into SSL context 1. add empty function to load private key into SSL context 2. add empty function to load certification into SSL context 3. add function to load RSA private key 2016-09-22 07:39:28 +00:00			`/*`
			`* SSL_CTX_use_certificate_file - load the certification file into SSL context`
			`*`
			`* @param ctx - SSL context point`
			`* @param file - certification file name`
			`* @param type - certification encoding type`
			`*`
			`* @return`
			`* 1 : OK`
			`* 0 : failed`
			`*/`
			`int SSL_CTX_use_certificate_file(SSL_CTX ctx, const char file, int type)`
			`{`
			`return 0;`
			`}`
components/openssl: add function load verify data into SSL 1. add function to load private key into SSL 1. add function to load certification into SSL 2016-09-22 07:56:56 +00:00
			`/*`
			`* SSL_use_certificate_file - load the certification file into SSL`
			`*`
			`* @param ctx - SSL point`
			`* @param file - certification file name`
			`* @param type - certification encoding type`
			`*`
			`* @return`
			`* 1 : OK`
			`* 0 : failed`
			`*/`
			`int SSL_use_certificate_file(SSL ssl, const char file, int type)`
			`{`
			`return 0;`
			`}`