source: UsbWattMeter/trunk/wolfssl-3.7.0/wolfssl/internal.h@ 167

Last change on this file since 167 was 167, checked in by coas-nagasima, 8 years ago

MIMEにSJISを設定
  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
  • Property svn:mime-type set to text/x-chdr; charset=SHIFT_JIS
File size: 91.6 KB
Line 
1/* internal.h
2 *
3 * Copyright (C) 2006-2015 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL. (formerly known as wolfSSL)
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
20 */
21
22
23#ifndef WOLFSSL_INT_H
24#define WOLFSSL_INT_H
25
26
27#include <wolfssl/wolfcrypt/types.h>
28#include <wolfssl/ssl.h>
29#ifdef HAVE_CRL
30 #include <wolfssl/crl.h>
31#endif
32#include <wolfssl/wolfcrypt/random.h>
33#ifndef NO_DES3
34 #include <wolfssl/wolfcrypt/des3.h>
35#endif
36#ifndef NO_HC128
37 #include <wolfssl/wolfcrypt/hc128.h>
38#endif
39#ifndef NO_RABBIT
40 #include <wolfssl/wolfcrypt/rabbit.h>
41#endif
42#ifdef HAVE_CHACHA
43 #include <wolfssl/wolfcrypt/chacha.h>
44#endif
45#ifndef NO_ASN
46 #include <wolfssl/wolfcrypt/asn.h>
47#endif
48#ifndef NO_MD5
49 #include <wolfssl/wolfcrypt/md5.h>
50#endif
51#ifndef NO_SHA
52 #include <wolfssl/wolfcrypt/sha.h>
53#endif
54#ifndef NO_AES
55 #include <wolfssl/wolfcrypt/aes.h>
56#endif
57#ifdef HAVE_POLY1305
58 #include <wolfssl/wolfcrypt/poly1305.h>
59#endif
60#ifdef HAVE_CAMELLIA
61 #include <wolfssl/wolfcrypt/camellia.h>
62#endif
63#include <wolfssl/wolfcrypt/logging.h>
64#ifndef NO_HMAC
65 #include <wolfssl/wolfcrypt/hmac.h>
66#endif
67#ifndef NO_RC4
68 #include <wolfssl/wolfcrypt/arc4.h>
69#endif
70#ifdef HAVE_ECC
71 #include <wolfssl/wolfcrypt/ecc.h>
72#endif
73#ifndef NO_SHA256
74 #include <wolfssl/wolfcrypt/sha256.h>
75#endif
76#ifdef HAVE_OCSP
77 #include <wolfssl/ocsp.h>
78#endif
79#ifdef WOLFSSL_SHA512
80 #include <wolfssl/wolfcrypt/sha512.h>
81#endif
82
83#ifdef HAVE_AESGCM
84 #include <wolfssl/wolfcrypt/sha512.h>
85#endif
86
87#ifdef WOLFSSL_RIPEMD
88 #include <wolfssl/wolfcrypt/ripemd.h>
89#endif
90
91#ifdef HAVE_IDEA
92 #include <wolfssl/wolfcrypt/idea.h>
93#endif
94
95#include <wolfssl/wolfcrypt/hash.h>
96
97#ifdef WOLFSSL_CALLBACKS
98 #include <wolfssl/callbacks.h>
99 #include <signal.h>
100#endif
101
102#ifdef USE_WINDOWS_API
103 #ifdef WOLFSSL_GAME_BUILD
104 #include "system/xtl.h"
105 #else
106 #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN)
107 /* On WinCE winsock2.h must be included before windows.h */
108 #include <winsock2.h>
109 #endif
110 #include <windows.h>
111 #endif
112#elif defined(THREADX)
113 #ifndef SINGLE_THREADED
114 #include "tx_api.h"
115 #endif
116#elif defined(MICRIUM)
117 /* do nothing, just don't pick Unix */
118#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS)
119 /* do nothing */
120#elif defined(EBSNET)
121 /* do nothing */
122#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
123 /* do nothing */
124#elif defined(WOLFSSL_uITRON4)
125 /* do nothing */
126#elif defined(WOLFSSL_uTKERNEL2)
127 /* do nothing */
128#elif defined(WOLFSSL_MDK_ARM)
129 #if defined(WOLFSSL_MDK5)
130 #include "cmsis_os.h"
131 #else
132 #include <rtl.h>
133 #endif
134#elif defined(WOLFSSL_CMSIS_RTOS)
135 #include "cmsis_os.h"
136#elif defined(MBED)
137#elif defined(WOLFSSL_TIRTOS)
138 /* do nothing */
139#else
140 #ifndef SINGLE_THREADED
141 #define WOLFSSL_PTHREADS
142 #include <pthread.h>
143 #endif
144 #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
145 #include <unistd.h> /* for close of BIO */
146 #endif
147#endif
148
149
150#ifdef HAVE_LIBZ
151 #include "zlib.h"
152#endif
153
154#ifdef _MSC_VER
155 /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
156 #pragma warning(disable: 4996)
157#endif
158
159#ifdef NO_AES
160 #if !defined (ALIGN16)
161 #define ALIGN16
162 #endif
163#endif
164
165#ifdef NO_SHA
166 #define SHA_DIGEST_SIZE 20
167#endif
168
169#ifdef NO_SHA256
170 #define SHA256_DIGEST_SIZE 32
171#endif
172
173#ifdef NO_MD5
174 #define MD5_DIGEST_SIZE 16
175#endif
176
177
178#ifdef __cplusplus
179 extern "C" {
180#endif
181
182
183#ifdef USE_WINDOWS_API
184 typedef unsigned int SOCKET_T;
185#else
186 typedef int SOCKET_T;
187#endif
188
189
190typedef byte word24[3];
191
192/* Define or comment out the cipher suites you'd like to be compiled in
193 make sure to use at least one BUILD_SSL_xxx or BUILD_TLS_xxx is defined
194
195 When adding cipher suites, add name to cipher_names, idx to cipher_name_idx
196
197 Now that there is a maximum strength crypto build, the following BUILD_XXX
198 flags need to be divided into two groups selected by WOLFSSL_MAX_STRENGTH.
199 Those that do not use Perfect Forward Security and do not use AEAD ciphers
200 need to be switched off. Allowed suites use (EC)DHE, AES-GCM|CCM, or
201 CHACHA-POLY.
202*/
203
204/* Check that if WOLFSSL_MAX_STRENGTH is set that all the required options are
205 * not turned off. */
206#if defined(WOLFSSL_MAX_STRENGTH) && \
207 ((!defined(HAVE_ECC) && (defined(NO_DH) || defined(NO_RSA))) || \
208 (!defined(HAVE_AESGCM) && !defined(HAVE_AESCCM) && \
209 (!defined(HAVE_POLY1305) || !defined(HAVE_CHACHA))) || \
210 (defined(NO_SHA256) && !defined(WOLFSSL_SHA384)) || \
211 !defined(NO_OLD_TLS))
212
213 #error "You are trying to build max strength with requirements disabled."
214#endif
215
216/* Have QSH : Quantum-safe Handshake */
217#if defined(HAVE_QSH)
218 #define BUILD_TLS_QSH
219#endif
220
221#ifndef WOLFSSL_MAX_STRENGTH
222
223 #if !defined(NO_RSA) && !defined(NO_RC4)
224 #if defined(WOLFSSL_STATIC_RSA)
225 #if !defined(NO_SHA)
226 #define BUILD_SSL_RSA_WITH_RC4_128_SHA
227 #endif
228 #if !defined(NO_MD5)
229 #define BUILD_SSL_RSA_WITH_RC4_128_MD5
230 #endif
231 #endif
232 #if !defined(NO_TLS) && defined(HAVE_NTRU) && !defined(NO_SHA)
233 #define BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
234 #endif
235 #endif
236
237 #if !defined(NO_RSA) && !defined(NO_DES3)
238 #if !defined(NO_SHA)
239 #if defined(WOLFSSL_STATIC_RSA)
240 #define BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
241 #endif
242 #if !defined(NO_TLS) && defined(HAVE_NTRU)
243 #define BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
244 #endif
245 #endif
246 #endif
247
248 #if !defined(NO_RSA) && defined(HAVE_IDEA)
249 #if !defined(NO_SHA) && defined(WOLFSSL_STATIC_RSA)
250 #define BUILD_SSL_RSA_WITH_IDEA_CBC_SHA
251 #endif
252 #endif
253
254 #if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS)
255 #if !defined(NO_SHA)
256 #if defined(WOLFSSL_STATIC_RSA)
257 #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
258 #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
259 #endif
260 #if defined(HAVE_NTRU)
261 #define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
262 #define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
263 #endif
264 #endif
265 #if defined(WOLFSSL_STATIC_RSA)
266 #if !defined (NO_SHA256)
267 #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
268 #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
269 #endif
270 #if defined (HAVE_AESGCM)
271 #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
272 #if defined (WOLFSSL_SHA384)
273 #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
274 #endif
275 #endif
276 #if defined (HAVE_AESCCM)
277 #define BUILD_TLS_RSA_WITH_AES_128_CCM_8
278 #define BUILD_TLS_RSA_WITH_AES_256_CCM_8
279 #endif
280 #if defined(HAVE_BLAKE2)
281 #define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
282 #define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
283 #endif
284 #endif
285 #endif
286
287 #if defined(HAVE_CAMELLIA) && !defined(NO_TLS)
288 #ifndef NO_RSA
289 #if defined(WOLFSSL_STATIC_RSA)
290 #if !defined(NO_SHA)
291 #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
292 #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
293 #endif
294 #ifndef NO_SHA256
295 #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
296 #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
297 #endif
298 #endif
299 #if !defined(NO_DH)
300 #if !defined(NO_SHA)
301 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
302 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
303 #endif
304 #ifndef NO_SHA256
305 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
306 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
307 #endif
308 #endif
309 #endif
310 #endif
311
312#if defined(WOLFSSL_STATIC_PSK)
313 #if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS)
314 #if !defined(NO_SHA)
315 #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
316 #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
317 #endif
318 #ifndef NO_SHA256
319 #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
320 #ifdef HAVE_AESGCM
321 #define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
322 #endif
323 #ifdef HAVE_AESCCM
324 #define BUILD_TLS_PSK_WITH_AES_128_CCM_8
325 #define BUILD_TLS_PSK_WITH_AES_256_CCM_8
326 #define BUILD_TLS_PSK_WITH_AES_128_CCM
327 #define BUILD_TLS_PSK_WITH_AES_256_CCM
328 #endif
329 #endif
330 #ifdef WOLFSSL_SHA384
331 #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
332 #ifdef HAVE_AESGCM
333 #define BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
334 #endif
335 #endif
336 #endif
337#endif
338
339 #if !defined(NO_TLS) && defined(HAVE_NULL_CIPHER)
340 #if !defined(NO_RSA)
341 #if defined(WOLFSSL_STATIC_RSA)
342 #if !defined(NO_SHA)
343 #define BUILD_TLS_RSA_WITH_NULL_SHA
344 #endif
345 #ifndef NO_SHA256
346 #define BUILD_TLS_RSA_WITH_NULL_SHA256
347 #endif
348 #endif
349 #endif
350 #if !defined(NO_PSK) && defined(WOLFSSL_STATIC_PSK)
351 #if !defined(NO_SHA)
352 #define BUILD_TLS_PSK_WITH_NULL_SHA
353 #endif
354 #ifndef NO_SHA256
355 #define BUILD_TLS_PSK_WITH_NULL_SHA256
356 #endif
357 #ifdef WOLFSSL_SHA384
358 #define BUILD_TLS_PSK_WITH_NULL_SHA384
359 #endif
360 #endif
361 #endif
362
363#if defined(WOLFSSL_STATIC_RSA)
364 #if !defined(NO_HC128) && !defined(NO_RSA) && !defined(NO_TLS)
365 #ifndef NO_MD5
366 #define BUILD_TLS_RSA_WITH_HC_128_MD5
367 #endif
368 #if !defined(NO_SHA)
369 #define BUILD_TLS_RSA_WITH_HC_128_SHA
370 #endif
371 #if defined(HAVE_BLAKE2)
372 #define BUILD_TLS_RSA_WITH_HC_128_B2B256
373 #endif
374 #endif
375
376 #if !defined(NO_RABBIT) && !defined(NO_TLS) && !defined(NO_RSA)
377 #if !defined(NO_SHA)
378 #define BUILD_TLS_RSA_WITH_RABBIT_SHA
379 #endif
380 #endif
381#endif
382
383 #if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
384 !defined(NO_RSA)
385
386 #if !defined(NO_SHA)
387 #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
388 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
389 #endif
390 #if !defined(NO_SHA256)
391 #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
392 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
393 #endif
394 #endif
395
396 #if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \
397 !defined(NO_AES) && !defined(NO_SHA)
398 #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
399 #endif
400
401 #if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
402 #ifndef NO_SHA256
403 #ifndef NO_AES
404 #define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
405 #endif
406 #ifdef HAVE_NULL_CIPHER
407 #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
408 #endif
409 #endif
410 #ifdef WOLFSSL_SHA384
411 #ifndef NO_AES
412 #define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
413 #endif
414 #ifdef HAVE_NULL_CIPHER
415 #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
416 #endif
417 #endif
418 #endif
419
420 #if defined(HAVE_ECC) && !defined(NO_TLS)
421 #if !defined(NO_AES)
422 #if !defined(NO_SHA)
423 #if !defined(NO_RSA)
424 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
425 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
426 #if defined(WOLFSSL_STATIC_DH)
427 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
428 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
429 #endif
430 #endif
431
432 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
433 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
434
435 #if defined(WOLFSSL_STATIC_DH)
436 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
437 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
438 #endif
439 #endif /* NO_SHA */
440 #ifndef NO_SHA256
441 #if !defined(NO_RSA)
442 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
443 #if defined(WOLFSSL_STATIC_DH)
444 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
445 #endif
446 #endif
447 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
448 #if defined(WOLFSSL_STATIC_DH)
449 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
450 #endif
451 #endif
452
453 #ifdef WOLFSSL_SHA384
454 #if !defined(NO_RSA)
455 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
456 #if defined(WOLFSSL_STATIC_DH)
457 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
458 #endif
459 #endif
460 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
461 #if defined(WOLFSSL_STATIC_DH)
462 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
463 #endif
464 #endif
465
466 #if defined (HAVE_AESGCM)
467 #if !defined(NO_RSA)
468 #if defined(WOLFSSL_STATIC_DH)
469 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
470 #endif
471 #if defined(WOLFSSL_SHA384)
472 #if defined(WOLFSSL_STATIC_DH)
473 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
474 #endif
475 #endif
476 #endif
477
478 #if defined(WOLFSSL_STATIC_DH)
479 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
480 #endif
481
482 #if defined(WOLFSSL_SHA384)
483 #if defined(WOLFSSL_STATIC_DH)
484 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
485 #endif
486 #endif
487 #endif
488 #endif /* NO_AES */
489 #if !defined(NO_RC4)
490 #if !defined(NO_SHA)
491 #if !defined(NO_RSA)
492 #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
493 #if defined(WOLFSSL_STATIC_DH)
494 #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
495 #endif
496 #endif
497
498 #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
499 #if defined(WOLFSSL_STATIC_DH)
500 #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
501 #endif
502 #endif
503 #endif
504 #if !defined(NO_DES3)
505 #ifndef NO_SHA
506 #if !defined(NO_RSA)
507 #define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
508 #if defined(WOLFSSL_STATIC_DH)
509 #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
510 #endif
511 #endif
512
513 #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
514 #if defined(WOLFSSL_STATIC_DH)
515 #define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
516 #endif
517 #endif /* NO_SHA */
518 #endif
519 #endif
520
521#endif /* !WOLFSSL_MAX_STRENGTH */
522
523#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
524 !defined(NO_RSA) && defined(HAVE_AESGCM)
525
526 #ifndef NO_SHA256
527 #define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
528 #endif
529
530 #ifdef WOLFSSL_SHA384
531 #define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
532 #endif
533#endif
534
535#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
536 #ifndef NO_SHA256
537 #ifdef HAVE_AESGCM
538 #define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
539 #endif
540 #ifdef HAVE_AESCCM
541 #define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
542 #define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
543 #endif
544 #endif
545 #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM)
546 #define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
547 #endif
548#endif
549
550#if defined(HAVE_ECC) && !defined(NO_TLS) && !defined(NO_AES)
551 #ifdef HAVE_AESGCM
552 #ifndef NO_SHA256
553 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
554 #ifndef NO_RSA
555 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
556 #endif
557 #endif
558 #ifdef WOLFSSL_SHA384
559 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
560 #ifndef NO_RSA
561 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
562 #endif
563 #endif
564 #endif
565 #if defined(HAVE_AESCCM) && !defined(NO_SHA256)
566 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
567 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
568 #endif
569#endif
570
571#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_SHA256)
572 #ifdef HAVE_ECC
573 #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
574 #ifndef NO_RSA
575 #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
576 #endif
577 #endif
578 #if !defined(NO_DH) && !defined(NO_RSA)
579 #define BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
580 #endif
581#endif
582
583
584#if defined(BUILD_SSL_RSA_WITH_RC4_128_SHA) || \
585 defined(BUILD_SSL_RSA_WITH_RC4_128_MD5)
586 #define BUILD_ARC4
587#endif
588
589#if defined(BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA)
590 #define BUILD_DES3
591#endif
592
593#if defined(BUILD_TLS_RSA_WITH_AES_128_CBC_SHA) || \
594 defined(BUILD_TLS_RSA_WITH_AES_256_CBC_SHA) || \
595 defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256) || \
596 defined(BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256)
597 #undef BUILD_AES
598 #define BUILD_AES
599#endif
600
601#if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) || \
602 defined(BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) || \
603 defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) || \
604 defined(BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256) || \
605 defined(BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256)
606 #define BUILD_AESGCM
607#endif
608
609#if defined(BUILD_TLS_RSA_WITH_HC_128_SHA) || \
610 defined(BUILD_TLS_RSA_WITH_HC_128_MD5) || \
611 defined(BUILD_TLS_RSA_WITH_HC_128_B2B256)
612 #define BUILD_HC128
613#endif
614
615#if defined(BUILD_TLS_RSA_WITH_RABBIT_SHA)
616 #define BUILD_RABBIT
617#endif
618
619#ifdef NO_DES3
620 #define DES_BLOCK_SIZE 8
621#else
622 #undef BUILD_DES3
623 #define BUILD_DES3
624#endif
625
626#ifdef NO_AES
627 #define AES_BLOCK_SIZE 16
628#else
629 #undef BUILD_AES
630 #define BUILD_AES
631#endif
632
633#ifndef NO_RC4
634 #undef BUILD_ARC4
635 #define BUILD_ARC4
636#endif
637
638#ifdef HAVE_CHACHA
639 #define CHACHA20_BLOCK_SIZE 16
640#endif
641
642#if defined(WOLFSSL_MAX_STRENGTH) || \
643 defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
644 (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
645
646 #define HAVE_AEAD
647#endif
648
649#if defined(WOLFSSL_MAX_STRENGTH) || \
650 defined(HAVE_ECC) || !defined(NO_DH)
651
652 #define HAVE_PFS
653#endif
654
655#if defined(BUILD_SSL_RSA_WITH_IDEA_CBC_SHA)
656 #define BUILD_IDEA
657#endif
658
659/* actual cipher values, 2nd byte */
660enum {
661 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x39,
662 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x33,
663 TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x34,
664 TLS_RSA_WITH_AES_256_CBC_SHA = 0x35,
665 TLS_RSA_WITH_AES_128_CBC_SHA = 0x2F,
666 TLS_RSA_WITH_NULL_SHA = 0x02,
667 TLS_PSK_WITH_AES_256_CBC_SHA = 0x8d,
668 TLS_PSK_WITH_AES_128_CBC_SHA256 = 0xae,
669 TLS_PSK_WITH_AES_256_CBC_SHA384 = 0xaf,
670 TLS_PSK_WITH_AES_128_CBC_SHA = 0x8c,
671 TLS_PSK_WITH_NULL_SHA256 = 0xb0,
672 TLS_PSK_WITH_NULL_SHA384 = 0xb1,
673 TLS_PSK_WITH_NULL_SHA = 0x2c,
674 SSL_RSA_WITH_RC4_128_SHA = 0x05,
675 SSL_RSA_WITH_RC4_128_MD5 = 0x04,
676 SSL_RSA_WITH_3DES_EDE_CBC_SHA = 0x0A,
677 SSL_RSA_WITH_IDEA_CBC_SHA = 0x07,
678
679 /* ECC suites, first byte is 0xC0 (ECC_BYTE) */
680 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0x14,
681 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0x13,
682 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0x0A,
683 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0x09,
684 TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0x11,
685 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0x07,
686 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x12,
687 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x08,
688 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0x27,
689 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0x23,
690 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0x28,
691 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0x24,
692
693 /* static ECDH, first byte is 0xC0 (ECC_BYTE) */
694 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0x0F,
695 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0x0E,
696 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0x05,
697 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0x04,
698 TLS_ECDH_RSA_WITH_RC4_128_SHA = 0x0C,
699 TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0x02,
700 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0D,
701 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x03,
702 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0x29,
703 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0x25,
704 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0x2A,
705 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0x26,
706
707 /* wolfSSL extension - eSTREAM */
708 TLS_RSA_WITH_HC_128_MD5 = 0xFB,
709 TLS_RSA_WITH_HC_128_SHA = 0xFC,
710 TLS_RSA_WITH_RABBIT_SHA = 0xFD,
711
712 /* wolfSSL extension - Blake2b 256 */
713 TLS_RSA_WITH_AES_128_CBC_B2B256 = 0xF8,
714 TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9,
715 TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */
716
717 /* wolfSSL extension - NTRU */
718 TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5,
719 TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6,
720 TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0xe7, /* clashes w/official SHA-256 */
721 TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0xe8,
722
723 /* wolfSSL extension - NTRU , Quantum-safe Handshake
724 first byte is 0xD0 (QSH_BYTE) */
725 TLS_QSH = 0x01,
726
727 /* SHA256 */
728 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x6b,
729 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x67,
730 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d,
731 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c,
732 TLS_RSA_WITH_NULL_SHA256 = 0x3b,
733 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0xb2,
734 TLS_DHE_PSK_WITH_NULL_SHA256 = 0xb4,
735
736 /* SHA384 */
737 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0xb3,
738 TLS_DHE_PSK_WITH_NULL_SHA384 = 0xb5,
739
740 /* AES-GCM */
741 TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x9c,
742 TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x9d,
743 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x9e,
744 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f,
745 TLS_PSK_WITH_AES_128_GCM_SHA256 = 0xa8,
746 TLS_PSK_WITH_AES_256_GCM_SHA384 = 0xa9,
747 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0xaa,
748 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0xab,
749
750 /* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */
751 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b,
752 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2c,
753 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2d,
754 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2e,
755 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x2f,
756 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0x30,
757 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0x31,
758 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0x32,
759
760 /* AES-CCM, first byte is 0xC0 but isn't ECC,
761 * also, in some of the other AES-CCM suites
762 * there will be second byte number conflicts
763 * with non-ECC AES-GCM */
764 TLS_RSA_WITH_AES_128_CCM_8 = 0xa0,
765 TLS_RSA_WITH_AES_256_CCM_8 = 0xa1,
766 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xae,
767 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xaf,
768 TLS_PSK_WITH_AES_128_CCM = 0xa4,
769 TLS_PSK_WITH_AES_256_CCM = 0xa5,
770 TLS_PSK_WITH_AES_128_CCM_8 = 0xa8,
771 TLS_PSK_WITH_AES_256_CCM_8 = 0xa9,
772 TLS_DHE_PSK_WITH_AES_128_CCM = 0xa6,
773 TLS_DHE_PSK_WITH_AES_256_CCM = 0xa7,
774
775 /* Camellia */
776 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x41,
777 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x84,
778 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xba,
779 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc0,
780 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45,
781 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88,
782 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe,
783 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4,
784
785 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x13,
786 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0x14,
787 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x15,
788
789 /* Renegotiation Indication Extension Special Suite */
790 TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff
791};
792
793
794#ifndef WOLFSSL_SESSION_TIMEOUT
795 #define WOLFSSL_SESSION_TIMEOUT 500
796 /* default session resumption cache timeout in seconds */
797#endif
798
799
800enum Misc {
801 ECC_BYTE = 0xC0, /* ECC first cipher suite byte */
802 QSH_BYTE = 0xD0, /* Quantum-safe Handshake cipher suite */
803 CHACHA_BYTE = 0xCC, /* ChaCha first cipher suite */
804
805 SEND_CERT = 1,
806 SEND_BLANK_CERT = 2,
807
808 DTLS_MAJOR = 0xfe, /* DTLS major version number */
809 DTLS_MINOR = 0xff, /* DTLS minor version number */
810 DTLSv1_2_MINOR = 0xfd, /* DTLS minor version number */
811 SSLv3_MAJOR = 3, /* SSLv3 and TLSv1+ major version number */
812 SSLv3_MINOR = 0, /* TLSv1 minor version number */
813 TLSv1_MINOR = 1, /* TLSv1 minor version number */
814 TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */
815 TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */
816 OLD_HELLO_ID = 0x01, /* SSLv2 Client Hello Indicator */
817 INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */
818 NO_COMPRESSION = 0,
819 ZLIB_COMPRESSION = 221, /* wolfSSL zlib compression */
820 HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */
821 SECRET_LEN = 48, /* pre RSA and all master */
822 ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */
823 SIZEOF_SENDER = 4, /* clnt or srvr */
824 FINISHED_SZ = 36, /* MD5_DIGEST_SIZE + SHA_DIGEST_SIZE */
825 MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */
826 MAX_MSG_EXTRA = 38 + MAX_DIGEST_SIZE,
827 /* max added to msg, mac + pad from */
828 /* RECORD_HEADER_SZ + BLOCK_SZ (pad) + Max
829 digest sz + BLOC_SZ (iv) + pad byte (1) */
830 MAX_COMP_EXTRA = 1024, /* max compression extra */
831 MAX_MTU = 1500, /* max expected MTU */
832 MAX_UDP_SIZE = 8192 - 100, /* was MAX_MTU - 100 */
833 MAX_DH_SZ = 1036, /* 4096 p, pub, g + 2 byte size for each */
834 MAX_STR_VERSION = 8, /* string rep of protocol version */
835
836 PAD_MD5 = 48, /* pad length for finished */
837 PAD_SHA = 40, /* pad length for finished */
838 MAX_PAD_SIZE = 256, /* maximum length of padding */
839 COMPRESS_DUMMY_SIZE = 64, /* compression dummy round size */
840 COMPRESS_CONSTANT = 13, /* compression calc constant */
841 COMPRESS_UPPER = 55, /* compression calc numerator */
842 COMPRESS_LOWER = 64, /* compression calc denominator */
843
844 PEM_LINE_LEN = 80, /* PEM line max + fudge */
845 LENGTH_SZ = 2, /* length field for HMAC, data only */
846 VERSION_SZ = 2, /* length of proctocol version */
847 SEQ_SZ = 8, /* 64 bit sequence number */
848 BYTE3_LEN = 3, /* up to 24 bit byte lengths */
849 ALERT_SIZE = 2, /* level + description */
850 VERIFY_HEADER = 2, /* always use 2 bytes */
851 EXT_ID_SZ = 2, /* always use 2 bytes */
852 MAX_DH_SIZE = 513, /* 4096 bit plus possible leading 0 */
853 SESSION_HINT_SZ = 4, /* session timeout hint */
854
855 MAX_SUITE_SZ = 200, /* 100 suites for now! */
856 RAN_LEN = 32, /* random length */
857 SEED_LEN = RAN_LEN * 2, /* tls prf seed length */
858 ID_LEN = 32, /* session id length */
859 COOKIE_SECRET_SZ = 14, /* dtls cookie secret size */
860 MAX_COOKIE_LEN = 32, /* max dtls cookie size */
861 COOKIE_SZ = 20, /* use a 20 byte cookie */
862 SUITE_LEN = 2, /* cipher suite sz length */
863 ENUM_LEN = 1, /* always a byte */
864 OPAQUE8_LEN = 1, /* 1 byte */
865 OPAQUE16_LEN = 2, /* 2 bytes */
866 OPAQUE24_LEN = 3, /* 3 bytes */
867 OPAQUE32_LEN = 4, /* 4 bytes */
868 COMP_LEN = 1, /* compression length */
869 CURVE_LEN = 2, /* ecc named curve length */
870 SERVER_ID_LEN = 20, /* server session id length */
871
872 HANDSHAKE_HEADER_SZ = 4, /* type + length(3) */
873 RECORD_HEADER_SZ = 5, /* type + version + len(2) */
874 CERT_HEADER_SZ = 3, /* always 3 bytes */
875 REQ_HEADER_SZ = 2, /* cert request header sz */
876 HINT_LEN_SZ = 2, /* length of hint size field */
877 TRUNCATED_HMAC_SZ = 10, /* length of hmac w/ truncated hmac extension */
878 HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */
879 HELLO_EXT_SZ = 8, /* total length of the lazy hello extensions */
880 HELLO_EXT_LEN = 6, /* length of the lazy hello extensions */
881 HELLO_EXT_SIGALGO_SZ = 2, /* length of signature algo extension */
882 HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */
883
884 DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */
885 DTLS_RECORD_HEADER_SZ = 13, /* normal + epoch(2) + seq_num(6) */
886 DTLS_HANDSHAKE_EXTRA = 8, /* diff from normal */
887 DTLS_RECORD_EXTRA = 8, /* diff from normal */
888 DTLS_HANDSHAKE_SEQ_SZ = 2, /* handshake header sequence number */
889 DTLS_HANDSHAKE_FRAG_SZ = 3, /* fragment offset and length are 24 bit */
890 DTLS_POOL_SZ = 5, /* buffers to hold in the retry pool */
891
892 FINISHED_LABEL_SZ = 15, /* TLS finished label size */
893 TLS_FINISHED_SZ = 12, /* TLS has a shorter size */
894 MASTER_LABEL_SZ = 13, /* TLS master secret label sz */
895 KEY_LABEL_SZ = 13, /* TLS key block expansion sz */
896 MAX_PRF_HALF = 256, /* Maximum half secret len */
897 MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
898 MAX_PRF_DIG = 224, /* Maximum digest len */
899 MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */
900 SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */
901
902 RC4_KEY_SIZE = 16, /* always 128bit */
903 DES_KEY_SIZE = 8, /* des */
904 DES3_KEY_SIZE = 24, /* 3 des ede */
905 DES_IV_SIZE = DES_BLOCK_SIZE,
906 AES_256_KEY_SIZE = 32, /* for 256 bit */
907 AES_192_KEY_SIZE = 24, /* for 192 bit */
908 AES_IV_SIZE = 16, /* always block size */
909 AES_128_KEY_SIZE = 16, /* for 128 bit */
910
911 AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */
912 AEAD_TYPE_OFFSET = 8, /* Auth Data: Type */
913 AEAD_VMAJ_OFFSET = 9, /* Auth Data: Major Version */
914 AEAD_VMIN_OFFSET = 10, /* Auth Data: Minor Version */
915 AEAD_LEN_OFFSET = 11, /* Auth Data: Length */
916 AEAD_AUTH_DATA_SZ = 13, /* Size of the data to authenticate */
917 AEAD_IMP_IV_SZ = 4, /* Size of the implicit IV */
918 AEAD_EXP_IV_SZ = 8, /* Size of the explicit IV */
919 AEAD_NONCE_SZ = AEAD_EXP_IV_SZ + AEAD_IMP_IV_SZ,
920
921 AES_GCM_AUTH_SZ = 16, /* AES-GCM Auth Tag length */
922 AES_CCM_16_AUTH_SZ = 16, /* AES-CCM-16 Auth Tag length */
923 AES_CCM_8_AUTH_SZ = 8, /* AES-CCM-8 Auth Tag Length */
924
925 CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */
926 CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */
927 CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */
928 CAMELLIA_IV_SIZE = 16, /* always block size */
929
930 CHACHA20_256_KEY_SIZE = 32, /* for 256 bit */
931 CHACHA20_128_KEY_SIZE = 16, /* for 128 bit */
932 CHACHA20_IV_SIZE = 8, /* 64 bits for iv */
933
934 POLY1305_AUTH_SZ = 16, /* 128 bits */
935
936 HC_128_KEY_SIZE = 16, /* 128 bits */
937 HC_128_IV_SIZE = 16, /* also 128 bits */
938
939 RABBIT_KEY_SIZE = 16, /* 128 bits */
940 RABBIT_IV_SIZE = 8, /* 64 bits for iv */
941
942 EVP_SALT_SIZE = 8, /* evp salt size 64 bits */
943
944 ECDHE_SIZE = 32, /* ECHDE server size defaults to 256 bit */
945 MAX_EXPORT_ECC_SZ = 256, /* Export ANS X9.62 max future size */
946
947#ifdef HAVE_QSH
948 /* qsh handshake sends 600+ size keys over hello extensions */
949 MAX_HELLO_SZ = 2048, /* max client or server hello */
950#else
951 MAX_HELLO_SZ = 128, /* max client or server hello */
952#endif
953 MAX_CERT_VERIFY_SZ = 1024, /* max */
954 CLIENT_HELLO_FIRST = 35, /* Protocol + RAN_LEN + sizeof(id_len) */
955 MAX_SUITE_NAME = 48, /* maximum length of cipher suite string */
956
957 DTLS_TIMEOUT_INIT = 1, /* default timeout init for DTLS receive */
958 DTLS_TIMEOUT_MAX = 64, /* default max timeout for DTLS receive */
959 DTLS_TIMEOUT_MULTIPLIER = 2, /* default timeout multiplier for DTLS recv */
960
961 MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */
962 MAX_PSK_KEY_LEN = 64, /* max psk key supported */
963
964 MAX_WOLFSSL_FILE_SIZE = 1024 * 1024 * 4, /* 4 mb file size alloc limit */
965
966#if defined(FORTRESS) || defined (HAVE_STUNNEL)
967 MAX_EX_DATA = 3, /* allow for three items of ex_data */
968#endif
969
970 MAX_X509_SIZE = 2048, /* max static x509 buffer size */
971 CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */
972 MAX_FILENAME_SZ = 256, /* max file name length */
973 FILE_BUFFER_SIZE = 1024, /* default static file buffer size for input,
974 will use dynamic buffer if not big enough */
975
976 MAX_NTRU_PUB_KEY_SZ = 1027, /* NTRU max for now */
977 MAX_NTRU_ENCRYPT_SZ = 1027, /* NTRU max for now */
978 MAX_NTRU_BITS = 256, /* max symmetric bit strength */
979 NO_SNIFF = 0, /* not sniffing */
980 SNIFF = 1, /* currently sniffing */
981
982 HASH_SIG_SIZE = 2, /* default SHA1 RSA */
983
984 NO_CAVIUM_DEVICE = -2, /* invalid cavium device id */
985
986 NO_COPY = 0, /* should we copy static buffer for write */
987 COPY = 1 /* should we copy static buffer for write */
988};
989
990
991#ifndef WOLFSSL_MIN_DHKEY_BITS
992 #ifdef WOLFSSL_MAX_STRENGTH
993 #define WOLFSSL_MIN_DHKEY_BITS 2048
994 #else
995 #define WOLFSSL_MIN_DHKEY_BITS 1024
996 #endif
997#endif
998#if (WOLFSSL_MIN_DHKEY_BITS % 8)
999 #error DH minimum bit size must be multiple of 8
1000#endif
1001#if (WOLFSSL_MIN_DHKEY_BITS > 16000)
1002 #error DH minimum bit size must not be greater than 16000
1003#endif
1004#define MIN_DHKEY_SZ (WOLFSSL_MIN_DHKEY_BITS / 8)
1005
1006
1007#ifdef SESSION_INDEX
1008/* Shift values for making a session index */
1009#define SESSIDX_ROW_SHIFT 4
1010#define SESSIDX_IDX_MASK 0x0F
1011#endif
1012
1013
1014/* max cert chain peer depth */
1015#ifndef MAX_CHAIN_DEPTH
1016 #define MAX_CHAIN_DEPTH 9
1017#endif
1018
1019/* max size of a certificate message payload */
1020/* assumes MAX_CHAIN_DEPTH number of certificates at 2kb per certificate */
1021#ifndef MAX_CERTIFICATE_SZ
1022 #define MAX_CERTIFICATE_SZ \
1023 CERT_HEADER_SZ + \
1024 (MAX_X509_SIZE + CERT_HEADER_SZ) * MAX_CHAIN_DEPTH
1025#endif
1026
1027/* max size of a handshake message, currently set to the certificate */
1028#ifndef MAX_HANDSHAKE_SZ
1029 #define MAX_HANDSHAKE_SZ MAX_CERTIFICATE_SZ
1030#endif
1031
1032#ifndef SESSION_TICKET_LEN
1033 #define SESSION_TICKET_LEN 256
1034#endif
1035
1036#ifndef SESSION_TICKET_HINT_DEFAULT
1037 #define SESSION_TICKET_HINT_DEFAULT 300
1038#endif
1039
1040
1041/* don't use extra 3/4k stack space unless need to */
1042#ifdef HAVE_NTRU
1043 #define MAX_ENCRYPT_SZ MAX_NTRU_ENCRYPT_SZ
1044#else
1045 #define MAX_ENCRYPT_SZ ENCRYPT_LEN
1046#endif
1047
1048
1049/* states */
1050enum states {
1051 NULL_STATE = 0,
1052
1053 SERVER_HELLOVERIFYREQUEST_COMPLETE,
1054 SERVER_HELLO_COMPLETE,
1055 SERVER_CERT_COMPLETE,
1056 SERVER_KEYEXCHANGE_COMPLETE,
1057 SERVER_HELLODONE_COMPLETE,
1058 SERVER_FINISHED_COMPLETE,
1059
1060 CLIENT_HELLO_COMPLETE,
1061 CLIENT_KEYEXCHANGE_COMPLETE,
1062 CLIENT_FINISHED_COMPLETE,
1063
1064 HANDSHAKE_DONE
1065};
1066
1067
1068#if defined(__GNUC__)
1069 #define WOLFSSL_PACK __attribute__ ((packed))
1070#else
1071 #define WOLFSSL_PACK
1072#endif
1073
1074/* SSL Version */
1075typedef struct ProtocolVersion {
1076 byte major;
1077 byte minor;
1078} WOLFSSL_PACK ProtocolVersion;
1079
1080
1081WOLFSSL_LOCAL ProtocolVersion MakeSSLv3(void);
1082WOLFSSL_LOCAL ProtocolVersion MakeTLSv1(void);
1083WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_1(void);
1084WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_2(void);
1085
1086#ifdef WOLFSSL_DTLS
1087 WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1(void);
1088 WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1_2(void);
1089#endif
1090
1091
1092enum BIO_TYPE {
1093 BIO_BUFFER = 1,
1094 BIO_SOCKET = 2,
1095 BIO_SSL = 3,
1096 BIO_MEMORY = 4
1097};
1098
1099
1100/* wolfSSL BIO_METHOD type */
1101struct WOLFSSL_BIO_METHOD {
1102 byte type; /* method type */
1103};
1104
1105
1106/* wolfSSL BIO type */
1107struct WOLFSSL_BIO {
1108 byte type; /* method type */
1109 byte close; /* close flag */
1110 byte eof; /* eof flag */
1111 WOLFSSL* ssl; /* possible associated ssl */
1112 byte* mem; /* memory buffer */
1113 int memLen; /* memory buffer length */
1114 int fd; /* possible file descriptor */
1115 WOLFSSL_BIO* prev; /* previous in chain */
1116 WOLFSSL_BIO* next; /* next in chain */
1117};
1118
1119
1120/* wolfSSL method type */
1121struct WOLFSSL_METHOD {
1122 ProtocolVersion version;
1123 byte side; /* connection side, server or client */
1124 byte downgrade; /* whether to downgrade version, default no */
1125};
1126
1127
1128/* defautls to client */
1129WOLFSSL_LOCAL void InitSSL_Method(WOLFSSL_METHOD*, ProtocolVersion);
1130
1131/* for sniffer */
1132WOLFSSL_LOCAL int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
1133 word32 size, word32 totalSz, int sniff);
1134WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx);
1135
1136
1137/* wolfSSL buffer type */
1138typedef struct buffer {
1139 byte* buffer;
1140 word32 length;
1141} buffer;
1142
1143
1144enum {
1145 FORCED_FREE = 1,
1146 NO_FORCED_FREE = 0
1147};
1148
1149
1150/* only use compression extra if using compression */
1151#ifdef HAVE_LIBZ
1152 #define COMP_EXTRA MAX_COMP_EXTRA
1153#else
1154 #define COMP_EXTRA 0
1155#endif
1156
1157/* only the sniffer needs space in the buffer for extra MTU record(s) */
1158#ifdef WOLFSSL_SNIFFER
1159 #define MTU_EXTRA MAX_MTU * 3
1160#else
1161 #define MTU_EXTRA 0
1162#endif
1163
1164
1165/* embedded callbacks require large static buffers, make sure on */
1166#ifdef WOLFSSL_CALLBACKS
1167 #undef LARGE_STATIC_BUFFERS
1168 #define LARGE_STATIC_BUFFERS
1169#endif
1170
1171
1172/* give user option to use 16K static buffers */
1173#if defined(LARGE_STATIC_BUFFERS)
1174 #define RECORD_SIZE MAX_RECORD_SIZE
1175#else
1176 #ifdef WOLFSSL_DTLS
1177 #define RECORD_SIZE MAX_MTU
1178 #else
1179 #define RECORD_SIZE 128
1180 #endif
1181#endif
1182
1183
1184/* user option to turn off 16K output option */
1185/* if using small static buffers (default) and SSL_write tries to write data
1186 larger than the record we have, dynamically get it, unless user says only
1187 write in static buffer chuncks */
1188#ifndef STATIC_CHUNKS_ONLY
1189 #define OUTPUT_RECORD_SIZE MAX_RECORD_SIZE
1190#else
1191 #define OUTPUT_RECORD_SIZE RECORD_SIZE
1192#endif
1193
1194/* wolfSSL input buffer
1195
1196 RFC 2246:
1197
1198 length
1199 The length (in bytes) of the following TLSPlaintext.fragment.
1200 The length should not exceed 2^14.
1201*/
1202#if defined(LARGE_STATIC_BUFFERS)
1203 #define STATIC_BUFFER_LEN RECORD_HEADER_SZ + RECORD_SIZE + COMP_EXTRA + \
1204 MTU_EXTRA + MAX_MSG_EXTRA
1205#else
1206 /* don't fragment memory from the record header */
1207 #define STATIC_BUFFER_LEN RECORD_HEADER_SZ
1208#endif
1209
1210typedef struct {
1211 ALIGN16 byte staticBuffer[STATIC_BUFFER_LEN];
1212 byte* buffer; /* place holder for static or dynamic buffer */
1213 word32 length; /* total buffer length used */
1214 word32 idx; /* idx to part of length already consumed */
1215 word32 bufferSize; /* current buffer size */
1216 byte dynamicFlag; /* dynamic memory currently in use */
1217 byte offset; /* alignment offset attempt */
1218} bufferStatic;
1219
1220/* Cipher Suites holder */
1221typedef struct Suites {
1222 word16 suiteSz; /* suite length in bytes */
1223 word16 hashSigAlgoSz; /* SigAlgo extension length in bytes */
1224 byte suites[MAX_SUITE_SZ];
1225 byte hashSigAlgo[HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */
1226 byte setSuites; /* user set suites from default */
1227 byte hashAlgo; /* selected hash algorithm */
1228 byte sigAlgo; /* selected sig algorithm */
1229} Suites;
1230
1231
1232WOLFSSL_LOCAL
1233void InitSuites(Suites*, ProtocolVersion, word16, word16, word16, word16,
1234 word16, word16, int);
1235WOLFSSL_LOCAL
1236int SetCipherList(Suites*, const char* list);
1237
1238#ifndef PSK_TYPES_DEFINED
1239 typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*,
1240 unsigned int, unsigned char*, unsigned int);
1241 typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*,
1242 unsigned char*, unsigned int);
1243#endif /* PSK_TYPES_DEFINED */
1244
1245
1246#ifdef HAVE_NETX
1247 WOLFSSL_LOCAL int NetX_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx);
1248 WOLFSSL_LOCAL int NetX_Send(WOLFSSL *ssl, char *buf, int sz, void *ctx);
1249#endif /* HAVE_NETX */
1250
1251
1252/* wolfSSL Cipher type just points back to SSL */
1253struct WOLFSSL_CIPHER {
1254 WOLFSSL* ssl;
1255};
1256
1257
1258typedef struct OCSP_Entry OCSP_Entry;
1259
1260#ifdef NO_SHA
1261 #define OCSP_DIGEST_SIZE SHA256_DIGEST_SIZE
1262#else
1263 #define OCSP_DIGEST_SIZE SHA_DIGEST_SIZE
1264#endif
1265
1266#ifdef NO_ASN
1267 /* no_asn won't have */
1268 typedef struct CertStatus CertStatus;
1269#endif
1270
1271struct OCSP_Entry {
1272 OCSP_Entry* next; /* next entry */
1273 byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */
1274 byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */
1275 CertStatus* status; /* OCSP response list */
1276 int totalStatus; /* number on list */
1277};
1278
1279
1280#ifndef HAVE_OCSP
1281 typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
1282#endif
1283
1284/* wolfSSL OCSP controller */
1285struct WOLFSSL_OCSP {
1286 WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */
1287 OCSP_Entry* ocspList; /* OCSP response list */
1288 wolfSSL_Mutex ocspLock; /* OCSP list lock */
1289};
1290
1291#ifndef MAX_DATE_SIZE
1292#define MAX_DATE_SIZE 32
1293#endif
1294
1295typedef struct CRL_Entry CRL_Entry;
1296
1297#ifdef NO_SHA
1298 #define CRL_DIGEST_SIZE SHA256_DIGEST_SIZE
1299#else
1300 #define CRL_DIGEST_SIZE SHA_DIGEST_SIZE
1301#endif
1302
1303#ifdef NO_ASN
1304 typedef struct RevokedCert RevokedCert;
1305#endif
1306
1307/* Complete CRL */
1308struct CRL_Entry {
1309 CRL_Entry* next; /* next entry */
1310 byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */
1311 /* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */
1312 /* restore the hash here if needed for optimized comparisons */
1313 byte lastDate[MAX_DATE_SIZE]; /* last date updated */
1314 byte nextDate[MAX_DATE_SIZE]; /* next update date */
1315 byte lastDateFormat; /* last date format */
1316 byte nextDateFormat; /* next date format */
1317 RevokedCert* certs; /* revoked cert list */
1318 int totalCerts; /* number on list */
1319};
1320
1321
1322typedef struct CRL_Monitor CRL_Monitor;
1323
1324/* CRL directory monitor */
1325struct CRL_Monitor {
1326 char* path; /* full dir path, if valid pointer we're using */
1327 int type; /* PEM or ASN1 type */
1328};
1329
1330
1331#ifndef HAVE_CRL
1332 typedef struct WOLFSSL_CRL WOLFSSL_CRL;
1333#endif
1334
1335#if defined(HAVE_CRL) && defined(NO_FILESYSTEM)
1336 #undef HAVE_CRL_MONITOR
1337#endif
1338
1339/* wolfSSL CRL controller */
1340struct WOLFSSL_CRL {
1341 WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */
1342 CRL_Entry* crlList; /* our CRL list */
1343 wolfSSL_Mutex crlLock; /* CRL list lock */
1344 CRL_Monitor monitors[2]; /* PEM and DER possible */
1345#ifdef HAVE_CRL_MONITOR
1346 pthread_t tid; /* monitoring thread */
1347 int mfd; /* monitor fd, -1 if no init yet */
1348#endif
1349};
1350
1351
1352#ifdef NO_ASN
1353 typedef struct Signer Signer;
1354#endif
1355
1356
1357#ifndef CA_TABLE_SIZE
1358 #define CA_TABLE_SIZE 11
1359#endif
1360
1361/* wolfSSL Certificate Manager */
1362struct WOLFSSL_CERT_MANAGER {
1363 Signer* caTable[CA_TABLE_SIZE]; /* the CA signer table */
1364 void* heap; /* heap helper */
1365 WOLFSSL_CRL* crl; /* CRL checker */
1366 WOLFSSL_OCSP* ocsp; /* OCSP checker */
1367 char* ocspOverrideURL; /* use this responder */
1368 void* ocspIOCtx; /* I/O callback CTX */
1369 CallbackCACache caCacheCallback; /* CA cache addition callback */
1370 CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */
1371 CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */
1372 CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */
1373 wolfSSL_Mutex caLock; /* CA list lock */
1374 byte crlEnabled; /* is CRL on ? */
1375 byte crlCheckAll; /* always leaf, but all ? */
1376 byte ocspEnabled; /* is OCSP on ? */
1377 byte ocspCheckAll; /* always leaf, but all ? */
1378 byte ocspSendNonce; /* send the OCSP nonce ? */
1379 byte ocspUseOverrideURL; /* ignore cert's responder, override */
1380};
1381
1382WOLFSSL_LOCAL int CM_SaveCertCache(WOLFSSL_CERT_MANAGER*, const char*);
1383WOLFSSL_LOCAL int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER*, const char*);
1384WOLFSSL_LOCAL int CM_MemSaveCertCache(WOLFSSL_CERT_MANAGER*, void*, int, int*);
1385WOLFSSL_LOCAL int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER*, const void*, int);
1386WOLFSSL_LOCAL int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER*);
1387
1388/* wolfSSL Sock Addr */
1389struct WOLFSSL_SOCKADDR {
1390 unsigned int sz; /* sockaddr size */
1391 void* sa; /* pointer to the sockaddr_in or sockaddr_in6 */
1392};
1393
1394typedef struct WOLFSSL_DTLS_CTX {
1395 WOLFSSL_SOCKADDR peer;
1396 int fd;
1397} WOLFSSL_DTLS_CTX;
1398
1399
1400#ifdef WOLFSSL_DTLS
1401
1402 #ifdef WORD64_AVAILABLE
1403 typedef word64 DtlsSeq;
1404 #else
1405 typedef word32 DtlsSeq;
1406 #endif
1407 #define DTLS_SEQ_BITS (sizeof(DtlsSeq) * CHAR_BIT)
1408
1409 typedef struct DtlsState {
1410 DtlsSeq window; /* Sliding window for current epoch */
1411 word16 nextEpoch; /* Expected epoch in next record */
1412 word32 nextSeq; /* Expected sequence in next record */
1413
1414 word16 curEpoch; /* Received epoch in current record */
1415 word32 curSeq; /* Received sequence in current record */
1416
1417 DtlsSeq prevWindow; /* Sliding window for old epoch */
1418 word32 prevSeq; /* Next sequence in allowed old epoch */
1419 } DtlsState;
1420
1421#endif /* WOLFSSL_DTLS */
1422
1423
1424/* keys and secrets */
1425typedef struct Keys {
1426 byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */
1427 byte server_write_MAC_secret[MAX_DIGEST_SIZE];
1428 byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */
1429 byte server_write_key[AES_256_KEY_SIZE];
1430 byte client_write_IV[AES_IV_SIZE]; /* max sizes */
1431 byte server_write_IV[AES_IV_SIZE];
1432#ifdef HAVE_AEAD
1433 byte aead_exp_IV[AEAD_EXP_IV_SZ];
1434 byte aead_enc_imp_IV[AEAD_IMP_IV_SZ];
1435 byte aead_dec_imp_IV[AEAD_IMP_IV_SZ];
1436#endif
1437
1438 word32 peer_sequence_number;
1439 word32 sequence_number;
1440
1441#ifdef WOLFSSL_DTLS
1442 DtlsState dtls_state; /* Peer's state */
1443 word16 dtls_peer_handshake_number;
1444 word16 dtls_expected_peer_handshake_number;
1445
1446 word16 dtls_epoch; /* Current tx epoch */
1447 word32 dtls_sequence_number; /* Current tx sequence */
1448 word16 dtls_handshake_number; /* Current tx handshake seq */
1449#endif
1450
1451 word32 encryptSz; /* last size of encrypted data */
1452 word32 padSz; /* how much to advance after decrypt part */
1453 byte encryptionOn; /* true after change cipher spec */
1454 byte decryptedCur; /* only decrypt current record once */
1455} Keys;
1456
1457
1458
1459/* RFC 6066 TLS Extensions */
1460#ifdef HAVE_TLS_EXTENSIONS
1461
1462typedef enum {
1463 SERVER_NAME_INDICATION = 0x0000,
1464 MAX_FRAGMENT_LENGTH = 0x0001,
1465 TRUNCATED_HMAC = 0x0004,
1466 ELLIPTIC_CURVES = 0x000a,
1467 SESSION_TICKET = 0x0023,
1468 SECURE_RENEGOTIATION = 0xff01,
1469 WOLFSSL_QSH = 0x0018, /* Quantum-Safe-Hybrid */
1470 WOLFSSL_ALPN = 0x0010 /* Application-Layer Protocol Name */
1471} TLSX_Type;
1472
1473typedef struct TLSX {
1474 TLSX_Type type; /* Extension Type */
1475 void* data; /* Extension Data */
1476 byte resp; /* IsResponse Flag */
1477 struct TLSX* next; /* List Behavior */
1478} TLSX;
1479
1480WOLFSSL_LOCAL TLSX* TLSX_Find(TLSX* list, TLSX_Type type);
1481WOLFSSL_LOCAL void TLSX_FreeAll(TLSX* list);
1482WOLFSSL_LOCAL int TLSX_SupportExtensions(WOLFSSL* ssl);
1483WOLFSSL_LOCAL int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isRequest);
1484
1485#ifndef NO_WOLFSSL_CLIENT
1486WOLFSSL_LOCAL word16 TLSX_GetRequestSize(WOLFSSL* ssl);
1487WOLFSSL_LOCAL word16 TLSX_WriteRequest(WOLFSSL* ssl, byte* output);
1488#endif
1489
1490#ifndef NO_WOLFSSL_SERVER
1491WOLFSSL_LOCAL word16 TLSX_GetResponseSize(WOLFSSL* ssl);
1492WOLFSSL_LOCAL word16 TLSX_WriteResponse(WOLFSSL* ssl, byte* output);
1493#endif
1494
1495WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length,
1496 byte isRequest, Suites *suites);
1497
1498#elif defined(HAVE_SNI) \
1499 || defined(HAVE_MAX_FRAGMENT) \
1500 || defined(HAVE_TRUNCATED_HMAC) \
1501 || defined(HAVE_SUPPORTED_CURVES) \
1502 || defined(HAVE_SECURE_RENEGOTIATION) \
1503 || defined(HAVE_SESSION_TICKET) \
1504 || defined(HAVE_ALPN)
1505
1506#error Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined.
1507
1508#endif /* HAVE_TLS_EXTENSIONS */
1509
1510/* Server Name Indication */
1511#ifdef HAVE_SNI
1512
1513typedef struct SNI {
1514 byte type; /* SNI Type */
1515 union { char* host_name; } data; /* SNI Data */
1516 struct SNI* next; /* List Behavior */
1517#ifndef NO_WOLFSSL_SERVER
1518 byte options; /* Behaviour options */
1519 byte status; /* Matching result */
1520#endif
1521} SNI;
1522
1523WOLFSSL_LOCAL int TLSX_UseSNI(TLSX** extensions, byte type, const void* data,
1524 word16 size);
1525
1526#ifndef NO_WOLFSSL_SERVER
1527WOLFSSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type,
1528 byte options);
1529WOLFSSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type);
1530WOLFSSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type,
1531 void** data);
1532WOLFSSL_LOCAL int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz,
1533 byte type, byte* sni, word32* inOutSz);
1534#endif
1535
1536#endif /* HAVE_SNI */
1537
1538/* Application-layer Protocol Name */
1539#ifdef HAVE_ALPN
1540typedef struct ALPN {
1541 char* protocol_name; /* ALPN protocol name */
1542 struct ALPN* next; /* List Behavior */
1543 byte options; /* Behaviour options */
1544 byte negociated; /* ALPN protocol negociated or not */
1545} ALPN;
1546
1547WOLFSSL_LOCAL int TLSX_ALPN_GetRequest(TLSX* extensions,
1548 void** data, word16 *dataSz);
1549
1550WOLFSSL_LOCAL int TLSX_UseALPN(TLSX** extensions, const void* data,
1551 word16 size, byte options);
1552
1553WOLFSSL_LOCAL int TLSX_ALPN_SetOptions(TLSX** extensions, const byte option);
1554
1555#endif /* HAVE_ALPN */
1556
1557/* Maximum Fragment Length */
1558#ifdef HAVE_MAX_FRAGMENT
1559
1560WOLFSSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl);
1561
1562#endif /* HAVE_MAX_FRAGMENT */
1563
1564#ifdef HAVE_TRUNCATED_HMAC
1565
1566WOLFSSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions);
1567
1568#endif /* HAVE_TRUNCATED_HMAC */
1569
1570#ifdef HAVE_SUPPORTED_CURVES
1571
1572typedef struct EllipticCurve {
1573 word16 name; /* CurveNames */
1574 struct EllipticCurve* next; /* List Behavior */
1575} EllipticCurve;
1576
1577WOLFSSL_LOCAL int TLSX_UseSupportedCurve(TLSX** extensions, word16 name);
1578
1579#ifndef NO_WOLFSSL_SERVER
1580WOLFSSL_LOCAL int TLSX_ValidateEllipticCurves(WOLFSSL* ssl, byte first,
1581 byte second);
1582#endif
1583
1584#endif /* HAVE_SUPPORTED_CURVES */
1585
1586#ifdef HAVE_SECURE_RENEGOTIATION
1587
1588enum key_cache_state {
1589 SCR_CACHE_NULL = 0, /* empty / begin state */
1590 SCR_CACHE_NEEDED, /* need to cache keys */
1591 SCR_CACHE_COPY, /* we have a cached copy */
1592 SCR_CACHE_PARTIAL, /* partial restore to real keys */
1593 SCR_CACHE_COMPLETE /* complete restore to real keys */
1594};
1595
1596
1597/* Additional Conection State according to rfc5746 section 3.1 */
1598typedef struct SecureRenegotiation {
1599 byte enabled; /* secure_renegotiation flag in rfc */
1600 byte startScr; /* server requested client to start scr */
1601 enum key_cache_state cache_status; /* track key cache state */
1602 byte client_verify_data[TLS_FINISHED_SZ]; /* cached */
1603 byte server_verify_data[TLS_FINISHED_SZ]; /* cached */
1604 byte subject_hash[SHA_DIGEST_SIZE]; /* peer cert hash */
1605 Keys tmp_keys; /* can't overwrite real keys yet */
1606} SecureRenegotiation;
1607
1608WOLFSSL_LOCAL int TLSX_UseSecureRenegotiation(TLSX** extensions);
1609
1610#endif /* HAVE_SECURE_RENEGOTIATION */
1611
1612#ifdef HAVE_SESSION_TICKET
1613
1614typedef struct SessionTicket {
1615 word32 lifetime;
1616 byte* data;
1617 word16 size;
1618} SessionTicket;
1619
1620WOLFSSL_LOCAL int TLSX_UseSessionTicket(TLSX** extensions,
1621 SessionTicket* ticket);
1622WOLFSSL_LOCAL SessionTicket* TLSX_SessionTicket_Create(word32 lifetime,
1623 byte* data, word16 size);
1624WOLFSSL_LOCAL void TLSX_SessionTicket_Free(SessionTicket* ticket);
1625#endif /* HAVE_SESSION_TICKET */
1626
1627#ifdef HAVE_QSH
1628
1629typedef struct QSHScheme {
1630 struct QSHScheme* next; /* List Behavior */
1631 byte* PK;
1632 word16 name; /* QSHScheme Names */
1633 word16 PKLen;
1634} QSHScheme;
1635
1636typedef struct QSHkey {
1637 struct QSHKey* next;
1638 word16 name;
1639 buffer pub;
1640 buffer pri;
1641} QSHKey;
1642
1643typedef struct QSHSecret {
1644 QSHScheme* list;
1645 buffer* SerSi;
1646 buffer* CliSi;
1647} QSHSecret;
1648
1649/* used in key exchange during handshake */
1650WOLFSSL_LOCAL int TLSX_QSHCipher_Parse(WOLFSSL* ssl, const byte* input,
1651 word16 length, byte isServer);
1652WOLFSSL_LOCAL word16 TLSX_QSHPK_Write(QSHScheme* list, byte* output);
1653WOLFSSL_LOCAL word16 TLSX_QSH_GetSize(QSHScheme* list, byte isRequest);
1654
1655/* used by api for setting a specific QSH scheme */
1656WOLFSSL_LOCAL int TLSX_UseQSHScheme(TLSX** extensions, word16 name,
1657 byte* pKey, word16 pKeySz);
1658
1659/* used when parsing in QSHCipher structs */
1660WOLFSSL_LOCAL int QSH_Decrypt(QSHKey* key, byte* in, word32 szIn,
1661 byte* out, word16* szOut);
1662#ifndef NO_WOLFSSL_SERVER
1663WOLFSSL_LOCAL int TLSX_ValidateQSHScheme(TLSX** extensions, word16 name);
1664#endif
1665
1666#endif /* HAVE_QSH */
1667
1668/* wolfSSL context type */
1669struct WOLFSSL_CTX {
1670 WOLFSSL_METHOD* method;
1671 wolfSSL_Mutex countMutex; /* reference count mutex */
1672 int refCount; /* reference count */
1673#ifndef NO_DH
1674 buffer serverDH_P;
1675 buffer serverDH_G;
1676#endif
1677#ifndef NO_CERTS
1678 buffer certificate;
1679 buffer certChain;
1680 /* chain after self, in DER, with leading size for each cert */
1681 buffer privateKey;
1682 WOLFSSL_CERT_MANAGER* cm; /* our cert manager, ctx owns SSL will use */
1683#endif
1684 Suites* suites; /* make dynamic, user may not need/set */
1685 void* heap; /* for user memory overrides */
1686 byte verifyPeer;
1687 byte verifyNone;
1688 byte failNoCert;
1689 byte sessionCacheOff;
1690 byte sessionCacheFlushOff;
1691 byte sendVerify; /* for client side */
1692 byte haveRSA; /* RSA available */
1693 byte haveDH; /* server DH parms set by user */
1694 byte haveNTRU; /* server private NTRU key loaded */
1695 byte haveECDSAsig; /* server cert signed w/ ECDSA */
1696 byte haveStaticECC; /* static server ECC private key */
1697 byte partialWrite; /* only one msg per write call */
1698 byte quietShutdown; /* don't send close notify */
1699 byte groupMessages; /* group handshake messages before sending */
1700 byte minDowngrade; /* minimum downgrade version */
1701#ifndef NO_DH
1702 word16 minDhKeySz; /* minimum DH key size */
1703#endif
1704 CallbackIORecv CBIORecv;
1705 CallbackIOSend CBIOSend;
1706#ifdef WOLFSSL_DTLS
1707 CallbackGenCookie CBIOCookie; /* gen cookie callback */
1708#endif
1709 VerifyCallback verifyCallback; /* cert verification callback */
1710 word32 timeout; /* session timeout */
1711#ifdef HAVE_ECC
1712 word16 eccTempKeySz; /* in octets 20 - 66 */
1713 word32 pkCurveOID; /* curve Ecc_Sum */
1714#endif
1715#ifndef NO_PSK
1716 byte havePSK; /* psk key set by user */
1717 wc_psk_client_callback client_psk_cb; /* client callback */
1718 wc_psk_server_callback server_psk_cb; /* server callback */
1719 char server_hint[MAX_PSK_ID_LEN];
1720#endif /* NO_PSK */
1721#ifdef HAVE_ANON
1722 byte haveAnon; /* User wants to allow Anon suites */
1723#endif /* HAVE_ANON */
1724#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
1725 pem_password_cb passwd_cb;
1726 void* userdata;
1727#endif /* OPENSSL_EXTRA */
1728#ifdef HAVE_STUNNEL
1729 void* ex_data[MAX_EX_DATA];
1730 CallbackSniRecv sniRecvCb;
1731 void* sniRecvCbArg;
1732#endif
1733#ifdef HAVE_OCSP
1734 WOLFSSL_OCSP ocsp;
1735#endif
1736#ifdef HAVE_CAVIUM
1737 int devId; /* cavium device id to use */
1738#endif
1739#ifdef HAVE_TLS_EXTENSIONS
1740 TLSX* extensions; /* RFC 6066 TLS Extensions data */
1741 #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SEVER)
1742 SessionTicketEncCb ticketEncCb; /* enc/dec session ticket Cb */
1743 void* ticketEncCtx; /* session encrypt context */
1744 int ticketHint; /* ticket hint in seconds */
1745 #endif
1746#endif
1747#ifdef ATOMIC_USER
1748 CallbackMacEncrypt MacEncryptCb; /* Atomic User Mac/Encrypt Cb */
1749 CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */
1750#endif
1751#ifdef HAVE_PK_CALLBACKS
1752 #ifdef HAVE_ECC
1753 CallbackEccSign EccSignCb; /* User EccSign Callback handler */
1754 CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */
1755 #endif /* HAVE_ECC */
1756 #ifndef NO_RSA
1757 CallbackRsaSign RsaSignCb; /* User RsaSign Callback handler */
1758 CallbackRsaVerify RsaVerifyCb; /* User RsaVerify Callback handler */
1759 CallbackRsaEnc RsaEncCb; /* User Rsa Public Encrypt handler */
1760 CallbackRsaDec RsaDecCb; /* User Rsa Private Decrypt handler */
1761 #endif /* NO_RSA */
1762#endif /* HAVE_PK_CALLBACKS */
1763};
1764
1765
1766WOLFSSL_LOCAL
1767int InitSSL_Ctx(WOLFSSL_CTX*, WOLFSSL_METHOD*);
1768WOLFSSL_LOCAL
1769void FreeSSL_Ctx(WOLFSSL_CTX*);
1770WOLFSSL_LOCAL
1771void SSL_CtxResourceFree(WOLFSSL_CTX*);
1772
1773WOLFSSL_LOCAL
1774int DeriveTlsKeys(WOLFSSL* ssl);
1775WOLFSSL_LOCAL
1776int ProcessOldClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
1777 word32 inSz, word16 sz);
1778#ifndef NO_CERTS
1779 WOLFSSL_LOCAL
1780 int AddCA(WOLFSSL_CERT_MANAGER* ctx, buffer der, int type, int verify);
1781 WOLFSSL_LOCAL
1782 int AlreadySigner(WOLFSSL_CERT_MANAGER* cm, byte* hash);
1783#endif
1784
1785/* All cipher suite related info */
1786typedef struct CipherSpecs {
1787 word16 key_size;
1788 word16 iv_size;
1789 word16 block_size;
1790 word16 aead_mac_size;
1791 byte bulk_cipher_algorithm;
1792 byte cipher_type; /* block, stream, or aead */
1793 byte mac_algorithm;
1794 byte kea; /* key exchange algo */
1795 byte sig_algo;
1796 byte hash_size;
1797 byte pad_size;
1798 byte static_ecdh;
1799} CipherSpecs;
1800
1801
1802void InitCipherSpecs(CipherSpecs* cs);
1803
1804
1805/* Supported Message Authentication Codes from page 43 */
1806enum MACAlgorithm {
1807 no_mac,
1808 md5_mac,
1809 sha_mac,
1810 sha224_mac,
1811 sha256_mac, /* needs to match external KDF_MacAlgorithm */
1812 sha384_mac,
1813 sha512_mac,
1814 rmd_mac,
1815 blake2b_mac
1816};
1817
1818
1819/* Supported Key Exchange Protocols */
1820enum KeyExchangeAlgorithm {
1821 no_kea,
1822 rsa_kea,
1823 diffie_hellman_kea,
1824 fortezza_kea,
1825 psk_kea,
1826 dhe_psk_kea,
1827 ntru_kea,
1828 ecc_diffie_hellman_kea,
1829 ecc_static_diffie_hellman_kea /* for verify suite only */
1830};
1831
1832
1833/* Supported Authentication Schemes */
1834enum SignatureAlgorithm {
1835 anonymous_sa_algo,
1836 rsa_sa_algo,
1837 dsa_sa_algo,
1838 ecc_dsa_sa_algo
1839};
1840
1841
1842/* Supprted ECC Curve Types */
1843enum EccCurves {
1844 named_curve = 3
1845};
1846
1847
1848/* Valid client certificate request types from page 27 */
1849enum ClientCertificateType {
1850 rsa_sign = 1,
1851 dss_sign = 2,
1852 rsa_fixed_dh = 3,
1853 dss_fixed_dh = 4,
1854 rsa_ephemeral_dh = 5,
1855 dss_ephemeral_dh = 6,
1856 fortezza_kea_cert = 20,
1857 ecdsa_sign = 64,
1858 rsa_fixed_ecdh = 65,
1859 ecdsa_fixed_ecdh = 66
1860};
1861
1862
1863enum CipherType { stream, block, aead };
1864
1865
1866
1867
1868
1869
1870/* cipher for now */
1871typedef struct Ciphers {
1872#ifdef BUILD_ARC4
1873 Arc4* arc4;
1874#endif
1875#ifdef BUILD_DES3
1876 Des3* des3;
1877#endif
1878#if defined(BUILD_AES) || defined(BUILD_AESGCM)
1879 Aes* aes;
1880#endif
1881#ifdef HAVE_CAMELLIA
1882 Camellia* cam;
1883#endif
1884#ifdef HAVE_CHACHA
1885 ChaCha* chacha;
1886#endif
1887#ifdef HAVE_HC128
1888 HC128* hc128;
1889#endif
1890#ifdef BUILD_RABBIT
1891 Rabbit* rabbit;
1892#endif
1893#ifdef HAVE_IDEA
1894 Idea* idea;
1895#endif
1896 byte setup; /* have we set it up flag for detection */
1897} Ciphers;
1898
1899
1900#ifdef HAVE_ONE_TIME_AUTH
1901/* Ciphers for one time authentication such as poly1305 */
1902typedef struct OneTimeAuth {
1903#ifdef HAVE_POLY1305
1904 Poly1305* poly1305;
1905#endif
1906 byte setup; /* flag for if a cipher has been set */
1907
1908} OneTimeAuth;
1909#endif
1910
1911
1912WOLFSSL_LOCAL void InitCiphers(WOLFSSL* ssl);
1913WOLFSSL_LOCAL void FreeCiphers(WOLFSSL* ssl);
1914
1915
1916/* hashes type */
1917typedef struct Hashes {
1918 #ifndef NO_OLD_TLS
1919 byte md5[MD5_DIGEST_SIZE];
1920 #endif
1921 byte sha[SHA_DIGEST_SIZE];
1922 #ifndef NO_SHA256
1923 byte sha256[SHA256_DIGEST_SIZE];
1924 #endif
1925 #ifdef WOLFSSL_SHA384
1926 byte sha384[SHA384_DIGEST_SIZE];
1927 #endif
1928 #ifdef WOLFSSL_SHA512
1929 byte sha512[SHA512_DIGEST_SIZE];
1930 #endif
1931} Hashes;
1932
1933
1934/* Static x509 buffer */
1935typedef struct x509_buffer {
1936 int length; /* actual size */
1937 byte buffer[MAX_X509_SIZE]; /* max static cert size */
1938} x509_buffer;
1939
1940
1941/* wolfSSL X509_CHAIN, for no dynamic memory SESSION_CACHE */
1942struct WOLFSSL_X509_CHAIN {
1943 int count; /* total number in chain */
1944 x509_buffer certs[MAX_CHAIN_DEPTH]; /* only allow max depth 4 for now */
1945};
1946
1947
1948/* wolfSSL session type */
1949struct WOLFSSL_SESSION {
1950 word32 bornOn; /* create time in seconds */
1951 word32 timeout; /* timeout in seconds */
1952 byte sessionID[ID_LEN]; /* id for protocol */
1953 byte sessionIDSz;
1954 byte masterSecret[SECRET_LEN]; /* stored secret */
1955#ifdef SESSION_CERTS
1956 WOLFSSL_X509_CHAIN chain; /* peer cert chain, static */
1957 ProtocolVersion version; /* which version was used */
1958 byte cipherSuite0; /* first byte, normally 0 */
1959 byte cipherSuite; /* 2nd byte, actual suite */
1960#endif
1961#ifndef NO_CLIENT_CACHE
1962 word16 idLen; /* serverID length */
1963 byte serverID[SERVER_ID_LEN]; /* for easier client lookup */
1964#endif
1965#ifdef HAVE_SESSION_TICKET
1966 word16 ticketLen;
1967 byte ticket[SESSION_TICKET_LEN];
1968#endif
1969#ifdef HAVE_STUNNEL
1970 void* ex_data[MAX_EX_DATA];
1971#endif
1972};
1973
1974
1975WOLFSSL_LOCAL
1976WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*);
1977WOLFSSL_LOCAL
1978int SetSession(WOLFSSL*, WOLFSSL_SESSION*);
1979
1980typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int);
1981
1982#ifndef NO_CLIENT_CACHE
1983 WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int);
1984#endif
1985
1986/* client connect state for nonblocking restart */
1987enum ConnectState {
1988 CONNECT_BEGIN = 0,
1989 CLIENT_HELLO_SENT,
1990 HELLO_AGAIN, /* HELLO_AGAIN s for DTLS case */
1991 HELLO_AGAIN_REPLY,
1992 FIRST_REPLY_DONE,
1993 FIRST_REPLY_FIRST,
1994 FIRST_REPLY_SECOND,
1995 FIRST_REPLY_THIRD,
1996 FIRST_REPLY_FOURTH,
1997 FINISHED_DONE,
1998 SECOND_REPLY_DONE
1999};
2000
2001
2002/* server accept state for nonblocking restart */
2003enum AcceptState {
2004 ACCEPT_BEGIN = 0,
2005 ACCEPT_CLIENT_HELLO_DONE,
2006 ACCEPT_FIRST_REPLY_DONE,
2007 SERVER_HELLO_SENT,
2008 CERT_SENT,
2009 KEY_EXCHANGE_SENT,
2010 CERT_REQ_SENT,
2011 SERVER_HELLO_DONE,
2012 ACCEPT_SECOND_REPLY_DONE,
2013 TICKET_SENT,
2014 CHANGE_CIPHER_SENT,
2015 ACCEPT_FINISHED_DONE,
2016 ACCEPT_THIRD_REPLY_DONE
2017};
2018
2019
2020typedef struct Buffers {
2021 bufferStatic inputBuffer;
2022 bufferStatic outputBuffer;
2023 buffer domainName; /* for client check */
2024 buffer clearOutputBuffer;
2025 int prevSent; /* previous plain text bytes sent
2026 when got WANT_WRITE */
2027 int plainSz; /* plain text bytes in buffer to send
2028 when got WANT_WRITE */
2029 byte weOwnCert; /* SSL own cert flag */
2030 byte weOwnCertChain; /* SSL own cert chain flag */
2031 byte weOwnKey; /* SSL own key flag */
2032 byte weOwnDH; /* SSL own dh (p,g) flag */
2033#ifndef NO_DH
2034 buffer serverDH_P; /* WOLFSSL_CTX owns, unless we own */
2035 buffer serverDH_G; /* WOLFSSL_CTX owns, unless we own */
2036 buffer serverDH_Pub;
2037 buffer serverDH_Priv;
2038#endif
2039#ifndef NO_CERTS
2040 buffer certificate; /* WOLFSSL_CTX owns, unless we own */
2041 buffer key; /* WOLFSSL_CTX owns, unless we own */
2042 buffer certChain; /* WOLFSSL_CTX owns, unless we own */
2043 /* chain after self, in DER, with leading size for each cert */
2044#endif
2045#ifdef WOLFSSL_DTLS
2046 WOLFSSL_DTLS_CTX dtlsCtx; /* DTLS connection context */
2047 #ifndef NO_WOLFSSL_SERVER
2048 buffer dtlsCookieSecret; /* DTLS cookie secret */
2049 #endif /* NO_WOLFSSL_SERVER */
2050#endif
2051#ifdef HAVE_PK_CALLBACKS
2052 #ifdef HAVE_ECC
2053 buffer peerEccDsaKey; /* we own for Ecc Verify Callbacks */
2054 #endif /* HAVE_ECC */
2055 #ifndef NO_RSA
2056 buffer peerRsaKey; /* we own for Rsa Verify Callbacks */
2057 #endif /* NO_RSA */
2058#endif /* HAVE_PK_CALLBACKS */
2059} Buffers;
2060
2061typedef struct Options {
2062#ifndef NO_PSK
2063 wc_psk_client_callback client_psk_cb;
2064 wc_psk_server_callback server_psk_cb;
2065 word16 havePSK:1; /* psk key set by user */
2066#endif /* NO_PSK */
2067
2068 /* on/off or small bit flags, optimize layout */
2069 word16 sendVerify:2; /* false = 0, true = 1, sendBlank = 2 */
2070 word16 sessionCacheOff:1;
2071 word16 sessionCacheFlushOff:1;
2072 word16 side:1; /* client or server end */
2073 word16 verifyPeer:1;
2074 word16 verifyNone:1;
2075 word16 failNoCert:1;
2076 word16 downgrade:1; /* allow downgrade of versions */
2077 word16 resuming:1;
2078 word16 haveSessionId:1; /* server may not send */
2079 word16 tls:1; /* using TLS ? */
2080 word16 tls1_1:1; /* using TLSv1.1+ ? */
2081 word16 dtls:1; /* using datagrams ? */
2082 word16 connReset:1; /* has the peer reset */
2083 word16 isClosed:1; /* if we consider conn closed */
2084 word16 closeNotify:1; /* we've recieved a close notify */
2085 word16 sentNotify:1; /* we've sent a close notify */
2086 word16 usingCompression:1; /* are we using compression */
2087 word16 haveRSA:1; /* RSA available */
2088 word16 haveDH:1; /* server DH parms set by user */
2089 word16 haveNTRU:1; /* server NTRU private key loaded */
2090 byte haveQSH:1; /* have QSH ability */
2091 word16 haveECDSAsig:1; /* server ECDSA signed cert */
2092 word16 haveStaticECC:1; /* static server ECC private key */
2093 word16 havePeerCert:1; /* do we have peer's cert */
2094 word16 havePeerVerify:1; /* and peer's cert verify */
2095 word16 usingPSK_cipher:1; /* are using psk as cipher */
2096 word16 usingAnon_cipher:1; /* are we using an anon cipher */
2097 word16 sendAlertState:1; /* nonblocking resume */
2098 word16 partialWrite:1; /* only one msg per write call */
2099 word16 quietShutdown:1; /* don't send close notify */
2100 word16 certOnly:1; /* stop once we get cert */
2101 word16 groupMessages:1; /* group handshake messages */
2102 word16 usingNonblock:1; /* are we using nonblocking socket */
2103 word16 saveArrays:1; /* save array Memory for user get keys
2104 or psk */
2105#ifdef HAVE_POLY1305
2106 word16 oldPoly:1; /* set when to use old rfc way of poly*/
2107#endif
2108#ifdef HAVE_ANON
2109 word16 haveAnon:1; /* User wants to allow Anon suites */
2110#endif
2111#ifdef HAVE_SESSION_TICKET
2112 word16 createTicket:1; /* Server to create new Ticket */
2113 word16 useTicket:1; /* Use Ticket not session cache */
2114#endif
2115
2116 /* need full byte values for this section */
2117 byte processReply; /* nonblocking resume */
2118 byte cipherSuite0; /* first byte, normally 0 */
2119 byte cipherSuite; /* second byte, actual suite */
2120 byte serverState;
2121 byte clientState;
2122 byte handShakeState;
2123 byte handShakeDone; /* at least one handshake complete */
2124 byte minDowngrade; /* minimum downgrade version */
2125 byte connectState; /* nonblocking resume */
2126 byte acceptState; /* nonblocking resume */
2127#ifndef NO_DH
2128 word16 minDhKeySz; /* minimum DH key size */
2129 word16 dhKeySz; /* actual DH key size */
2130#endif
2131
2132} Options;
2133
2134typedef struct Arrays {
2135 byte* pendingMsg; /* defrag buffer */
2136 word32 preMasterSz; /* differs for DH, actual size */
2137 word32 pendingMsgSz; /* defrag buffer size */
2138 word32 pendingMsgOffset; /* current offset into defrag buffer */
2139#ifndef NO_PSK
2140 word32 psk_keySz; /* acutal size */
2141 char client_identity[MAX_PSK_ID_LEN];
2142 char server_hint[MAX_PSK_ID_LEN];
2143 byte psk_key[MAX_PSK_KEY_LEN];
2144#endif
2145 byte clientRandom[RAN_LEN];
2146 byte serverRandom[RAN_LEN];
2147 byte sessionID[ID_LEN];
2148 byte sessionIDSz;
2149 byte preMasterSecret[ENCRYPT_LEN];
2150 byte masterSecret[SECRET_LEN];
2151#ifdef WOLFSSL_DTLS
2152 byte cookie[MAX_COOKIE_LEN];
2153 byte cookieSz;
2154#endif
2155 byte pendingMsgType; /* defrag buffer message type */
2156} Arrays;
2157
2158#ifndef ASN_NAME_MAX
2159#define ASN_NAME_MAX 256
2160#endif
2161
2162#ifndef MAX_DATE_SZ
2163#define MAX_DATE_SZ 32
2164#endif
2165
2166struct WOLFSSL_X509_NAME {
2167 char *name;
2168 char staticName[ASN_NAME_MAX];
2169 int dynamicName;
2170 int sz;
2171#ifdef OPENSSL_EXTRA
2172 DecodedName fullName;
2173#endif /* OPENSSL_EXTRA */
2174};
2175
2176#ifndef EXTERNAL_SERIAL_SIZE
2177 #define EXTERNAL_SERIAL_SIZE 32
2178#endif
2179
2180#ifdef NO_ASN
2181 typedef struct DNS_entry DNS_entry;
2182#endif
2183
2184struct WOLFSSL_X509 {
2185 int version;
2186 WOLFSSL_X509_NAME issuer;
2187 WOLFSSL_X509_NAME subject;
2188 int serialSz;
2189 byte serial[EXTERNAL_SERIAL_SIZE];
2190 char subjectCN[ASN_NAME_MAX]; /* common name short cut */
2191#ifdef WOLFSSL_SEP
2192 int deviceTypeSz;
2193 byte deviceType[EXTERNAL_SERIAL_SIZE];
2194 int hwTypeSz;
2195 byte hwType[EXTERNAL_SERIAL_SIZE];
2196 int hwSerialNumSz;
2197 byte hwSerialNum[EXTERNAL_SERIAL_SIZE];
2198 #ifdef OPENSSL_EXTRA
2199 byte certPolicySet;
2200 byte certPolicyCrit;
2201 #endif /* OPENSSL_EXTRA */
2202#endif
2203 int notBeforeSz;
2204 byte notBefore[MAX_DATE_SZ];
2205 int notAfterSz;
2206 byte notAfter[MAX_DATE_SZ];
2207 int sigOID;
2208 buffer sig;
2209 int pubKeyOID;
2210 buffer pubKey;
2211 #ifdef HAVE_ECC
2212 word32 pkCurveOID;
2213 #endif /* HAVE_ECC */
2214 buffer derCert; /* may need */
2215 DNS_entry* altNames; /* alt names list */
2216 DNS_entry* altNamesNext; /* hint for retrieval */
2217 byte dynamicMemory; /* dynamic memory flag */
2218 byte isCa;
2219#ifdef OPENSSL_EXTRA
2220 word32 pathLength;
2221 word16 keyUsage;
2222 byte basicConstSet;
2223 byte basicConstCrit;
2224 byte basicConstPlSet;
2225 byte subjAltNameSet;
2226 byte subjAltNameCrit;
2227 byte authKeyIdSet;
2228 byte authKeyIdCrit;
2229 byte* authKeyId;
2230 word32 authKeyIdSz;
2231 byte subjKeyIdSet;
2232 byte subjKeyIdCrit;
2233 byte* subjKeyId;
2234 word32 subjKeyIdSz;
2235 byte keyUsageSet;
2236 byte keyUsageCrit;
2237#endif /* OPENSSL_EXTRA */
2238};
2239
2240
2241/* record layer header for PlainText, Compressed, and CipherText */
2242typedef struct RecordLayerHeader {
2243 byte type;
2244 byte pvMajor;
2245 byte pvMinor;
2246 byte length[2];
2247} RecordLayerHeader;
2248
2249
2250/* record layer header for DTLS PlainText, Compressed, and CipherText */
2251typedef struct DtlsRecordLayerHeader {
2252 byte type;
2253 byte pvMajor;
2254 byte pvMinor;
2255 byte epoch[2]; /* increment on cipher state change */
2256 byte sequence_number[6]; /* per record */
2257 byte length[2];
2258} DtlsRecordLayerHeader;
2259
2260
2261typedef struct DtlsPool {
2262 buffer buf[DTLS_POOL_SZ];
2263 int used;
2264} DtlsPool;
2265
2266typedef struct DtlsMsg {
2267 struct DtlsMsg* next;
2268 word32 seq; /* Handshake sequence number */
2269 word32 sz; /* Length of whole mesage */
2270 word32 fragSz; /* Length of fragments received */
2271 byte type;
2272 byte* buf;
2273 byte* msg;
2274} DtlsMsg;
2275
2276
2277#ifdef HAVE_NETX
2278
2279 /* NETX I/O Callback default */
2280 typedef struct NetX_Ctx {
2281 NX_TCP_SOCKET* nxSocket; /* send/recv socket handle */
2282 NX_PACKET* nxPacket; /* incoming packet handle for short reads */
2283 ULONG nxOffset; /* offset already read from nxPacket */
2284 ULONG nxWait; /* wait option flag */
2285 } NetX_Ctx;
2286
2287#endif
2288
2289
2290/* Handshake messages recevied from peer (plus change cipher */
2291typedef struct MsgsReceived {
2292 word16 got_hello_request:1;
2293 word16 got_client_hello:1;
2294 word16 got_server_hello:1;
2295 word16 got_hello_verify_request:1;
2296 word16 got_session_ticket:1;
2297 word16 got_certificate:1;
2298 word16 got_server_key_exchange:1;
2299 word16 got_certificate_request:1;
2300 word16 got_server_hello_done:1;
2301 word16 got_certificate_verify:1;
2302 word16 got_client_key_exchange:1;
2303 word16 got_finished:1;
2304 word16 got_change_cipher:1;
2305} MsgsReceived;
2306
2307
2308/* Handshake hashes */
2309typedef struct HS_Hashes {
2310 Hashes verifyHashes;
2311 Hashes certHashes; /* for cert verify */
2312#ifndef NO_OLD_TLS
2313#ifndef NO_SHA
2314 Sha hashSha; /* sha hash of handshake msgs */
2315#endif
2316#ifndef NO_MD5
2317 Md5 hashMd5; /* md5 hash of handshake msgs */
2318#endif
2319#endif /* NO_OLD_TLS */
2320#ifndef NO_SHA256
2321 Sha256 hashSha256; /* sha256 hash of handshake msgs */
2322#endif
2323#ifdef WOLFSSL_SHA384
2324 Sha384 hashSha384; /* sha384 hash of handshake msgs */
2325#endif
2326#ifdef WOLFSSL_SHA512
2327 Sha512 hashSha512; /* sha512 hash of handshake msgs */
2328#endif
2329} HS_Hashes;
2330
2331
2332/* wolfSSL ssl type */
2333struct WOLFSSL {
2334 WOLFSSL_CTX* ctx;
2335 Suites* suites; /* only need during handshake */
2336 Arrays* arrays;
2337 HS_Hashes* hsHashes;
2338 void* IOCB_ReadCtx;
2339 void* IOCB_WriteCtx;
2340 WC_RNG* rng;
2341 void* verifyCbCtx; /* cert verify callback user ctx*/
2342 VerifyCallback verifyCallback; /* cert verification callback */
2343 void* heap; /* for user overrides */
2344#ifndef NO_HANDSHAKE_DONE_CB
2345 HandShakeDoneCb hsDoneCb; /* notify user handshake done */
2346 void* hsDoneCtx; /* user handshake cb context */
2347#endif
2348 WOLFSSL_CIPHER cipher;
2349 hmacfp hmac;
2350 Ciphers encrypt;
2351 Ciphers decrypt;
2352 Buffers buffers;
2353 WOLFSSL_SESSION session;
2354 WOLFSSL_ALERT_HISTORY alert_history;
2355 int error;
2356 int rfd; /* read file descriptor */
2357 int wfd; /* write file descriptor */
2358 int rflags; /* user read flags */
2359 int wflags; /* user write flags */
2360 word32 timeout; /* session timeout */
2361 word32 fragOffset; /* fragment offset */
2362 word16 curSize;
2363 RecordLayerHeader curRL;
2364 MsgsReceived msgsReceived; /* peer messages received */
2365 ProtocolVersion version; /* negotiated version */
2366 ProtocolVersion chVersion; /* client hello version */
2367 CipherSpecs specs;
2368 Keys keys;
2369 Options options;
2370#ifdef OPENSSL_EXTRA
2371 WOLFSSL_BIO* biord; /* socket bio read to free/close */
2372 WOLFSSL_BIO* biowr; /* socket bio write to free/close */
2373#endif
2374#ifndef NO_RSA
2375 RsaKey* peerRsaKey;
2376 byte peerRsaKeyPresent;
2377#endif
2378#ifdef HAVE_QSH
2379 QSHKey* QSH_Key;
2380 QSHKey* peerQSHKey;
2381 QSHSecret* QSH_secret;
2382 byte isQSH; /* is the handshake a QSH? */
2383 byte sendQSHKeys; /* flag for if the client should sen
2384 public keys */
2385 byte peerQSHKeyPresent;
2386 byte minRequest;
2387 byte maxRequest;
2388 byte user_set_QSHSchemes;
2389#endif
2390#ifdef HAVE_NTRU
2391 word16 peerNtruKeyLen;
2392 byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ];
2393 byte peerNtruKeyPresent;
2394#endif
2395#ifdef HAVE_ECC
2396 ecc_key* peerEccKey; /* peer's ECDHE key */
2397 ecc_key* peerEccDsaKey; /* peer's ECDSA key */
2398 ecc_key* eccTempKey; /* private ECDHE key */
2399 word32 pkCurveOID; /* curve Ecc_Sum */
2400 word16 eccTempKeySz; /* in octets 20 - 66 */
2401 byte peerEccKeyPresent;
2402 byte peerEccDsaKeyPresent;
2403 byte eccTempKeyPresent;
2404#endif
2405#ifdef HAVE_LIBZ
2406 z_stream c_stream; /* compression stream */
2407 z_stream d_stream; /* decompression stream */
2408 byte didStreamInit; /* for stream init and end */
2409#endif
2410#ifdef WOLFSSL_DTLS
2411 int dtls_timeout_init; /* starting timeout vaule */
2412 int dtls_timeout_max; /* maximum timeout value */
2413 int dtls_timeout; /* current timeout value, changes */
2414 DtlsPool* dtls_pool;
2415 DtlsMsg* dtls_msg_list;
2416 void* IOCB_CookieCtx; /* gen cookie ctx */
2417 word32 dtls_expected_rx;
2418#endif
2419#ifdef WOLFSSL_CALLBACKS
2420 HandShakeInfo handShakeInfo; /* info saved during handshake */
2421 TimeoutInfo timeoutInfo; /* info saved during handshake */
2422 byte hsInfoOn; /* track handshake info */
2423 byte toInfoOn; /* track timeout info */
2424#endif
2425#ifdef HAVE_FUZZER
2426 CallbackFuzzer fuzzerCb; /* for testing with using fuzzer */
2427 void* fuzzerCtx; /* user defined pointer */
2428#endif
2429#ifdef KEEP_PEER_CERT
2430 WOLFSSL_X509 peerCert; /* X509 peer cert */
2431#endif
2432#if defined(FORTRESS) || defined(HAVE_STUNNEL)
2433 void* ex_data[MAX_EX_DATA]; /* external data, for Fortress */
2434#endif
2435#ifdef HAVE_CAVIUM
2436 int devId; /* cavium device id to use */
2437#endif
2438#ifdef HAVE_ONE_TIME_AUTH
2439 OneTimeAuth auth;
2440#endif
2441#ifdef HAVE_TLS_EXTENSIONS
2442 TLSX* extensions; /* RFC 6066 TLS Extensions data */
2443 #ifdef HAVE_MAX_FRAGMENT
2444 word16 max_fragment;
2445 #endif
2446 #ifdef HAVE_TRUNCATED_HMAC
2447 byte truncated_hmac;
2448 #endif
2449 #ifdef HAVE_SECURE_RENEGOTIATION
2450 SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */
2451 #endif /* user turned on */
2452 #ifdef HAVE_ALPN
2453 char* alpn_client_list; /* keep the client's list */
2454 #endif /* of accepted protocols */
2455 #if !defined(NO_WOLFSSL_CLIENT) && defined(HAVE_SESSION_TICKET)
2456 CallbackSessionTicket session_ticket_cb;
2457 void* session_ticket_ctx;
2458 byte expect_session_ticket;
2459 #endif
2460#endif /* HAVE_TLS_EXTENSIONS */
2461#ifdef HAVE_NETX
2462 NetX_Ctx nxCtx; /* NetX IO Context */
2463#endif
2464#ifdef SESSION_INDEX
2465 int sessionIndex; /* Session's location in the cache. */
2466#endif
2467#ifdef ATOMIC_USER
2468 void* MacEncryptCtx; /* Atomic User Mac/Encrypt Callback Context */
2469 void* DecryptVerifyCtx; /* Atomic User Decrypt/Verify Callback Context */
2470#endif
2471#ifdef HAVE_PK_CALLBACKS
2472 #ifdef HAVE_ECC
2473 void* EccSignCtx; /* Ecc Sign Callback Context */
2474 void* EccVerifyCtx; /* Ecc Verify Callback Context */
2475 #endif /* HAVE_ECC */
2476 #ifndef NO_RSA
2477 void* RsaSignCtx; /* Rsa Sign Callback Context */
2478 void* RsaVerifyCtx; /* Rsa Verify Callback Context */
2479 void* RsaEncCtx; /* Rsa Public Encrypt Callback Context */
2480 void* RsaDecCtx; /* Rsa Private Decrypt Callback Context */
2481 #endif /* NO_RSA */
2482#endif /* HAVE_PK_CALLBACKS */
2483#ifdef HAVE_SECRET_CALLBACK
2484 SessionSecretCb sessionSecretCb;
2485 void* sessionSecretCtx;
2486#endif /* HAVE_SECRET_CALLBACK */
2487#ifdef WOLFSSL_JNI
2488 void* jObjectRef; /* reference to WolfSSLSession in JNI wrapper */
2489#endif /* WOLFSSL_JNI */
2490};
2491
2492
2493WOLFSSL_LOCAL
2494int SetSSL_CTX(WOLFSSL*, WOLFSSL_CTX*);
2495WOLFSSL_LOCAL
2496int InitSSL(WOLFSSL*, WOLFSSL_CTX*);
2497WOLFSSL_LOCAL
2498void FreeSSL(WOLFSSL*);
2499WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */
2500
2501
2502enum {
2503 IV_SZ = 32, /* max iv sz */
2504 NAME_SZ = 80 /* max one line */
2505};
2506
2507
2508typedef struct EncryptedInfo {
2509 char name[NAME_SZ]; /* encryption name */
2510 byte iv[IV_SZ]; /* encrypted IV */
2511 word32 ivSz; /* encrypted IV size */
2512 long consumed; /* tracks PEM bytes consumed */
2513 byte set; /* if encryption set */
2514 WOLFSSL_CTX* ctx; /* CTX owner */
2515} EncryptedInfo;
2516
2517
2518#ifndef NO_CERTS
2519 WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type,
2520 buffer* der, void* heap, EncryptedInfo* info,
2521 int* eccKey);
2522
2523 WOLFSSL_LOCAL int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format,
2524 int type, WOLFSSL* ssl, int userChain,
2525 WOLFSSL_CRL* crl);
2526#endif
2527
2528
2529#ifdef WOLFSSL_CALLBACKS
2530 WOLFSSL_LOCAL
2531 void InitHandShakeInfo(HandShakeInfo*);
2532 WOLFSSL_LOCAL
2533 void FinishHandShakeInfo(HandShakeInfo*, const WOLFSSL*);
2534 WOLFSSL_LOCAL
2535 void AddPacketName(const char*, HandShakeInfo*);
2536
2537 WOLFSSL_LOCAL
2538 void InitTimeoutInfo(TimeoutInfo*);
2539 WOLFSSL_LOCAL
2540 void FreeTimeoutInfo(TimeoutInfo*, void*);
2541 WOLFSSL_LOCAL
2542 void AddPacketInfo(const char*, TimeoutInfo*, const byte*, int, void*);
2543 WOLFSSL_LOCAL
2544 void AddLateName(const char*, TimeoutInfo*);
2545 WOLFSSL_LOCAL
2546 void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info);
2547#endif
2548
2549
2550/* Record Layer Header identifier from page 12 */
2551enum ContentType {
2552 no_type = 0,
2553 change_cipher_spec = 20,
2554 alert = 21,
2555 handshake = 22,
2556 application_data = 23
2557};
2558
2559
2560/* handshake header, same for each message type, pgs 20/21 */
2561typedef struct HandShakeHeader {
2562 byte type;
2563 word24 length;
2564} HandShakeHeader;
2565
2566
2567/* DTLS handshake header, same for each message type */
2568typedef struct DtlsHandShakeHeader {
2569 byte type;
2570 word24 length;
2571 byte message_seq[2]; /* start at 0, restransmit gets same # */
2572 word24 fragment_offset; /* bytes in previous fragments */
2573 word24 fragment_length; /* length of this fragment */
2574} DtlsHandShakeHeader;
2575
2576
2577enum HandShakeType {
2578 no_shake = -1,
2579 hello_request = 0,
2580 client_hello = 1,
2581 server_hello = 2,
2582 hello_verify_request = 3, /* DTLS addition */
2583 session_ticket = 4,
2584 certificate = 11,
2585 server_key_exchange = 12,
2586 certificate_request = 13,
2587 server_hello_done = 14,
2588 certificate_verify = 15,
2589 client_key_exchange = 16,
2590 finished = 20,
2591 certificate_status = 22,
2592 change_cipher_hs = 55 /* simulate unique handshake type for sanity
2593 checks. record layer change_cipher
2594 conflicts with handshake finished */
2595};
2596
2597
2598static const byte client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 };
2599static const byte server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 };
2600
2601static const byte tls_client[FINISHED_LABEL_SZ + 1] = "client finished";
2602static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished";
2603
2604
2605/* internal functions */
2606WOLFSSL_LOCAL int SendChangeCipher(WOLFSSL*);
2607WOLFSSL_LOCAL int SendTicket(WOLFSSL*);
2608WOLFSSL_LOCAL int DoClientTicket(WOLFSSL*, const byte*, word32);
2609WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int);
2610WOLFSSL_LOCAL int SendCertificate(WOLFSSL*);
2611WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*);
2612WOLFSSL_LOCAL int SendServerKeyExchange(WOLFSSL*);
2613WOLFSSL_LOCAL int SendBuffered(WOLFSSL*);
2614WOLFSSL_LOCAL int ReceiveData(WOLFSSL*, byte*, int, int);
2615WOLFSSL_LOCAL int SendFinished(WOLFSSL*);
2616WOLFSSL_LOCAL int SendAlert(WOLFSSL*, int, int);
2617WOLFSSL_LOCAL int ProcessReply(WOLFSSL*);
2618
2619WOLFSSL_LOCAL int SetCipherSpecs(WOLFSSL*);
2620WOLFSSL_LOCAL int MakeMasterSecret(WOLFSSL*);
2621
2622WOLFSSL_LOCAL int AddSession(WOLFSSL*);
2623WOLFSSL_LOCAL int DeriveKeys(WOLFSSL* ssl);
2624WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData);
2625
2626WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl);
2627WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl);
2628
2629WOLFSSL_LOCAL void FreeHandshakeResources(WOLFSSL* ssl);
2630WOLFSSL_LOCAL void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree);
2631WOLFSSL_LOCAL void ShrinkOutputBuffer(WOLFSSL* ssl);
2632
2633WOLFSSL_LOCAL int VerifyClientSuite(WOLFSSL* ssl);
2634#ifndef NO_CERTS
2635 #ifndef NO_RSA
2636 WOLFSSL_LOCAL int VerifyRsaSign(const byte* sig, word32 sigSz,
2637 const byte* plain, word32 plainSz,
2638 RsaKey* key);
2639 #endif
2640 WOLFSSL_LOCAL Signer* GetCA(void* cm, byte* hash);
2641 #ifndef NO_SKID
2642 WOLFSSL_LOCAL Signer* GetCAByName(void* cm, byte* hash);
2643 #endif
2644#endif
2645WOLFSSL_LOCAL int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes,
2646 const byte* sender);
2647WOLFSSL_LOCAL void FreeArrays(WOLFSSL* ssl, int keep);
2648WOLFSSL_LOCAL int CheckAvailableSize(WOLFSSL *ssl, int size);
2649WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
2650
2651#ifndef NO_TLS
2652 WOLFSSL_LOCAL int MakeTlsMasterSecret(WOLFSSL*);
2653 WOLFSSL_LOCAL int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in,
2654 word32 sz, int content, int verify);
2655#endif
2656
2657#ifndef NO_WOLFSSL_CLIENT
2658 WOLFSSL_LOCAL int SendClientHello(WOLFSSL*);
2659 WOLFSSL_LOCAL int SendClientKeyExchange(WOLFSSL*);
2660 WOLFSSL_LOCAL int SendCertificateVerify(WOLFSSL*);
2661#endif /* NO_WOLFSSL_CLIENT */
2662
2663#ifndef NO_WOLFSSL_SERVER
2664 WOLFSSL_LOCAL int SendServerHello(WOLFSSL*);
2665 WOLFSSL_LOCAL int SendServerHelloDone(WOLFSSL*);
2666#endif /* NO_WOLFSSL_SERVER */
2667
2668#ifdef WOLFSSL_DTLS
2669 WOLFSSL_LOCAL int DtlsPoolInit(WOLFSSL*);
2670 WOLFSSL_LOCAL int DtlsPoolSave(WOLFSSL*, const byte*, int);
2671 WOLFSSL_LOCAL int DtlsPoolTimeout(WOLFSSL*);
2672 WOLFSSL_LOCAL int DtlsPoolSend(WOLFSSL*);
2673 WOLFSSL_LOCAL void DtlsPoolReset(WOLFSSL*);
2674 WOLFSSL_LOCAL void DtlsPoolDelete(WOLFSSL*);
2675
2676 WOLFSSL_LOCAL DtlsMsg* DtlsMsgNew(word32, void*);
2677 WOLFSSL_LOCAL void DtlsMsgDelete(DtlsMsg*, void*);
2678 WOLFSSL_LOCAL void DtlsMsgListDelete(DtlsMsg*, void*);
2679 WOLFSSL_LOCAL void DtlsMsgSet(DtlsMsg*, word32, const byte*, byte,
2680 word32, word32);
2681 WOLFSSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32);
2682 WOLFSSL_LOCAL DtlsMsg* DtlsMsgStore(DtlsMsg*, word32, const byte*, word32,
2683 byte, word32, word32, void*);
2684 WOLFSSL_LOCAL DtlsMsg* DtlsMsgInsert(DtlsMsg*, DtlsMsg*);
2685#endif /* WOLFSSL_DTLS */
2686
2687#ifndef NO_TLS
2688
2689
2690#endif /* NO_TLS */
2691
2692
2693WOLFSSL_LOCAL word32 LowResTimer(void);
2694
2695WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int);
2696WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name);
2697WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int);
2698WOLFSSL_LOCAL void FreeX509(WOLFSSL_X509*);
2699#ifndef NO_CERTS
2700 WOLFSSL_LOCAL int CopyDecodedToX509(WOLFSSL_X509*, DecodedCert*);
2701#endif
2702
2703/* used by ssl.c and wolfssl_int.c */
2704WOLFSSL_LOCAL void c32to24(word32 in, word24 out);
2705
2706WOLFSSL_LOCAL const char* const* GetCipherNames(void);
2707WOLFSSL_LOCAL int GetCipherNamesSize(void);
2708
2709
2710enum encrypt_side {
2711 ENCRYPT_SIDE_ONLY = 1,
2712 DECRYPT_SIDE_ONLY,
2713 ENCRYPT_AND_DECRYPT_SIDE
2714};
2715
2716WOLFSSL_LOCAL int SetKeysSide(WOLFSSL*, enum encrypt_side);
2717
2718
2719#ifdef __cplusplus
2720 } /* extern "C" */
2721#endif
2722
2723#endif /* wolfSSL_INT_H */
2724
Note: See TracBrowser for help on using the repository browser.