alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

components/openssl: change low-level certification loading sequence

Browse Source
This commit is contained in:
Dong Heng 2016-09-27 14:28:39 +08:00
parent 3882937427
commit 652ddae44f
1 changed files with 22 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
components/openssl/platform/ssl_pm.c
View File

@ -25,6 +25,12 @@
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/certs.h" #include "mbedtls/certs.h"
#if 0
#define DEBUG_LOAD_BUF_STRING(str) SSL_DEBUG(1, "%s\n", str)
#else
#define DEBUG_LOAD_BUF_STRING(str)
#endif
struct ssl_pm struct ssl_pm
{ {
/* local socket file description */ /* local socket file description */
@ -407,10 +413,13 @@ int x509_pm_load(X509 *x, const unsigned char *buffer, int len)
unsigned char *load_buf; unsigned char *load_buf;
struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm; struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm;
if (x509_pm->x509_crt)
mbedtls_x509_crt_free(x509_pm->x509_crt);
if (!x509_pm->x509_crt) { if (!x509_pm->x509_crt) {
x509_pm->x509_crt = ssl_zalloc(sizeof(mbedtls_x509_crt)); x509_pm->x509_crt = ssl_malloc(sizeof(mbedtls_x509_crt));
if (!x509_pm->x509_crt) if (!x509_pm->x509_crt)
SSL_RET(failed1, "ssl_zalloc\n"); SSL_RET(failed1, "ssl_malloc\n");
} }
load_buf = ssl_malloc(len + 1); load_buf = ssl_malloc(len + 1);
@ -420,12 +429,11 @@ int x509_pm_load(X509 *x, const unsigned char *buffer, int len)
ssl_memcpy(load_buf, buffer, len); ssl_memcpy(load_buf, buffer, len);
load_buf[len] = '\0'; load_buf[len] = '\0';
mbedtls_x509_crt_init(x509_pm->x509_crt); DEBUG_LOAD_BUF_STRING(load_buf);
if (x509_pm->x509_crt) mbedtls_x509_crt_init(x509_pm->x509_crt);
mbedtls_x509_crt_free(x509_pm->x509_crt);
ret = mbedtls_x509_crt_parse(x509_pm->x509_crt, load_buf, len); ret = mbedtls_x509_crt_parse(x509_pm->x509_crt, load_buf, len + 1);
ssl_free(load_buf); ssl_free(load_buf);
if (ret) if (ret)
@ -480,10 +488,13 @@ int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len)
unsigned char *load_buf; unsigned char *load_buf;
struct pkey_pm *pkey_pm = (struct pkey_pm *)pk->pkey_pm; struct pkey_pm *pkey_pm = (struct pkey_pm *)pk->pkey_pm;
if (pkey_pm->pkey)
mbedtls_pk_free(pkey_pm->pkey);
if (!pkey_pm->pkey) { if (!pkey_pm->pkey) {
pkey_pm->pkey = ssl_zalloc(sizeof(mbedtls_pk_context)); pkey_pm->pkey = ssl_malloc(sizeof(mbedtls_pk_context));
if (!pkey_pm->pkey) if (!pkey_pm->pkey)
SSL_RET(failed1, "ssl_zalloc\n"); SSL_RET(failed1, "ssl_malloc\n");
} }
load_buf = ssl_malloc(len + 1); load_buf = ssl_malloc(len + 1);
@ -493,12 +504,11 @@ int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len)
ssl_memcpy(load_buf, buffer, len); ssl_memcpy(load_buf, buffer, len);
load_buf[len] = '\0'; load_buf[len] = '\0';
DEBUG_LOAD_BUF_STRING(load_buf);
mbedtls_pk_init(pkey_pm->pkey); mbedtls_pk_init(pkey_pm->pkey);
if (pkey_pm->pkey) ret = mbedtls_pk_parse_key(pkey_pm->pkey, load_buf, len + 1, NULL, 0);
mbedtls_pk_free(pkey_pm->pkey);
ret = mbedtls_pk_parse_key(pkey_pm->pkey, load_buf, len, NULL, 0);
ssl_free(load_buf); ssl_free(load_buf);
if (ret) if (ret)