From a99f6bd727cea8d8cdee32d2f28b09c6cf4fae99 Mon Sep 17 00:00:00 2001 From: dongheng Date: Thu, 22 Sep 2016 15:56:56 +0800 Subject: [PATCH] components/openssl: add function load verify data into SSL 1. add function to load private key into SSL 1. add function to load certification into SSL --- components/openssl/library/ssl_pkey.c | 70 ++++++++++++++++++++++++++ components/openssl/library/ssl_x509.c | 71 +++++++++++++++++++++++++++ 2 files changed, 141 insertions(+) diff --git a/components/openssl/library/ssl_pkey.c b/components/openssl/library/ssl_pkey.c index 1ab080ac28..a86a257e98 100644 --- a/components/openssl/library/ssl_pkey.c +++ b/components/openssl/library/ssl_pkey.c @@ -131,6 +131,26 @@ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) return 1; } +/* + * SSL_CTX_use_certificate - set the SSL private key + * + * @param ctx - SSL point + * @param x - private key point + * + * @return + * 1 : OK + * 0 : failed + */ +int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) +{ + SSL_ASSERT(ctx); + SSL_ASSERT(pkey); + + ssl->cert->pkey = pkey; + + return 1; +} + /* * SSL_CTX_use_PrivateKey_ASN1 - load private key into the SSL context * @@ -165,6 +185,40 @@ failed1: return 0; } +/* + * SSL_use_PrivateKey_ASN1 - load private key into the SSL + * + * @param type - private key type + * @param ctx - SSL context point + * @param d - private key context point + * @param len - private key context bytes + * + * @return + * 1 : OK + * 0 : failed + */ +int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, + const unsigned char *d, long len) +{ + int ret; + EVP_PKEY *pkey; + + pkey = d2i_PrivateKey(0, &ssl->cert->pkey, &d, len); + if (!pkey) + SSL_RET(failed1, "d2i_PrivateKey\n"); + + ret = SSL_use_PrivateKey(ssl, pkey); + if (!ret) + SSL_RET(failed2, "SSL_CTX_use_PrivateKey\n"); + + return 1; + +failed2: + EVP_PKEY_free(pkey); +failed1: + return 0; +} + /* * SSL_CTX_use_certificate_file - load the private key file into SSL context * @@ -181,6 +235,22 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) return 0; } +/* + * SSL_use_PrivateKey_file - load the private key file into SSL + * + * @param ctx - SSL point + * @param file - private key file name + * @param type - private key encoding type + * + * @return + * 1 : OK + * 0 : failed + */ +int SSL_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) +{ + return 0; +} + /* * SSL_CTX_use_certificate_ASN1 - load the RSA ASN1 private key into SSL context * diff --git a/components/openssl/library/ssl_x509.c b/components/openssl/library/ssl_x509.c index b0ddd42593..ba5c924e75 100644 --- a/components/openssl/library/ssl_x509.c +++ b/components/openssl/library/ssl_x509.c @@ -168,6 +168,26 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) return 1; } +/* + * SSL_CTX_use_certificate - set the SSL certification + * + * @param ctx - SSL point + * @param x - X509 certification point + * + * @return + * 1 : OK + * 0 : failed + */ +int SSL_use_certificate(SSL *ssl, X509 *x) +{ + SSL_ASSERT(ctx); + SSL_ASSERT(x); + + ssl->cert->x509 = x; + + return 1; +} + /* * SSL_get_certificate - get the SSL certification point * @@ -177,6 +197,8 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) */ X509 *SSL_get_certificate(const SSL *ssl) { + SSL_ASSERT(ssl); + return ssl->cert->x509; } @@ -213,6 +235,39 @@ failed1: return 0; } +/* + * SSL_use_certificate_ASN1 - load certification into the SSL + * + * @param ctx - SSL point + * @param len - certification context bytes + * @param d - certification context point + * + * @return + * 1 : OK + * 0 : failed + */ +int SSL_use_certificate_ASN1(SSL *ssl, int len, + const unsigned char *d) +{ + int ret; + X509 *cert; + + cert = d2i_X509(&ssl->cert->x509, d, len); + if (!cert) + SSL_RET(failed1, "d2i_X509\n"); + + ret = SSL_use_certificate(ssl, cert); + if (!ret) + SSL_RET(failed2, "SSL_use_certificate\n"); + + return 1; + +failed2: + X509_free(cert); +failed1: + return 0; +} + /* * SSL_CTX_use_certificate_file - load the certification file into SSL context * @@ -228,3 +283,19 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) { return 0; } + +/* + * SSL_use_certificate_file - load the certification file into SSL + * + * @param ctx - SSL point + * @param file - certification file name + * @param type - certification encoding type + * + * @return + * 1 : OK + * 0 : failed + */ +int SSL_use_certificate_file(SSL *ssl, const char *file, int type) +{ + return 0; +}