source: UsbWattMeter/trunk/wolfssl-3.7.0/wolfssl/ssl.h@ 167

Last change on this file since 167 was 167, checked in by coas-nagasima, 6 years ago

MIMEにSJISを設定

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
  • Property svn:mime-type set to text/x-chdr; charset=SHIFT_JIS
File size: 67.8 KB
Line 
1/* ssl.h
2 *
3 * Copyright (C) 2006-2015 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL. (formerly known as CyaSSL)
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
20 */
21
22
23/* wolfSSL API */
24
25#ifndef WOLFSSL_SSL_H
26#define WOLFSSL_SSL_H
27
28
29/* for users not using preprocessor flags*/
30#include <wolfssl/wolfcrypt/settings.h>
31#include <wolfssl/version.h>
32
33#ifndef NO_FILESYSTEM
34 #if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
35 #if MQX_USE_IO_OLD
36 #include <fio.h>
37 #else
38 #include <nio.h>
39 #endif
40 #else
41 #include <stdio.h> /* ERR_printf */
42 #endif
43#endif
44
45#ifdef WOLFSSL_PREFIX
46 #include "prefix_ssl.h"
47#endif
48
49#ifdef LIBWOLFSSL_VERSION_STRING
50 #define WOLFSSL_VERSION LIBWOLFSSL_VERSION_STRING
51#endif
52
53#ifdef _WIN32
54 /* wincrypt.h clashes */
55 #undef OCSP_REQUEST
56 #undef OCSP_RESPONSE
57#endif
58
59
60
61#ifdef __cplusplus
62 extern "C" {
63#endif
64
65typedef struct WOLFSSL WOLFSSL;
66typedef struct WOLFSSL_SESSION WOLFSSL_SESSION;
67typedef struct WOLFSSL_METHOD WOLFSSL_METHOD;
68typedef struct WOLFSSL_CTX WOLFSSL_CTX;
69
70typedef struct WOLFSSL_X509 WOLFSSL_X509;
71typedef struct WOLFSSL_X509_NAME WOLFSSL_X509_NAME;
72typedef struct WOLFSSL_X509_CHAIN WOLFSSL_X509_CHAIN;
73
74typedef struct WOLFSSL_CERT_MANAGER WOLFSSL_CERT_MANAGER;
75typedef struct WOLFSSL_SOCKADDR WOLFSSL_SOCKADDR;
76
77/* redeclare guard */
78#define WOLFSSL_TYPES_DEFINED
79
80
81#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
82typedef struct WOLFSSL_RSA WOLFSSL_RSA;
83#define WOLFSSL_RSA_TYPE_DEFINED
84#endif
85
86typedef struct WOLFSSL_DSA WOLFSSL_DSA;
87typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY;
88typedef struct WOLFSSL_EC_POINT WOLFSSL_EC_POINT;
89typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_GROUP;
90typedef struct WOLFSSL_ECDSA_SIG WOLFSSL_ECDSA_SIG;
91typedef struct WOLFSSL_CIPHER WOLFSSL_CIPHER;
92typedef struct WOLFSSL_X509_LOOKUP WOLFSSL_X509_LOOKUP;
93typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD;
94typedef struct WOLFSSL_X509_CRL WOLFSSL_X509_CRL;
95typedef struct WOLFSSL_BIO WOLFSSL_BIO;
96typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD;
97typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION;
98typedef struct WOLFSSL_ASN1_TIME WOLFSSL_ASN1_TIME;
99typedef struct WOLFSSL_ASN1_INTEGER WOLFSSL_ASN1_INTEGER;
100typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT;
101
102typedef struct WOLFSSL_ASN1_STRING WOLFSSL_ASN1_STRING;
103typedef struct WOLFSSL_dynlock_value WOLFSSL_dynlock_value;
104typedef struct WOLFSSL_DH WOLFSSL_DH;
105typedef struct WOLFSSL_ASN1_BIT_STRING WOLFSSL_ASN1_BIT_STRING;
106
107#define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME
108
109typedef struct WOLFSSL_EVP_PKEY {
110 int type; /* openssh dereference */
111 int save_type; /* openssh dereference */
112 int pkey_sz;
113 union {
114 char* ptr;
115 } pkey;
116 #ifdef HAVE_ECC
117 int pkey_curve;
118 #endif
119} WOLFSSL_EVP_PKEY;
120
121typedef struct WOLFSSL_MD4_CTX {
122 int buffer[32]; /* big enough to hold, check size in Init */
123} WOLFSSL_MD4_CTX;
124
125
126typedef struct WOLFSSL_COMP_METHOD {
127 int type; /* stunnel dereference */
128} WOLFSSL_COMP_METHOD;
129
130
131typedef struct WOLFSSL_X509_STORE {
132 int cache; /* stunnel dereference */
133 WOLFSSL_CERT_MANAGER* cm;
134} WOLFSSL_X509_STORE;
135
136typedef struct WOLFSSL_ALERT {
137 int code;
138 int level;
139} WOLFSSL_ALERT;
140
141typedef struct WOLFSSL_ALERT_HISTORY {
142 WOLFSSL_ALERT last_rx;
143 WOLFSSL_ALERT last_tx;
144} WOLFSSL_ALERT_HISTORY;
145
146typedef struct WOLFSSL_X509_REVOKED {
147 WOLFSSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */
148} WOLFSSL_X509_REVOKED;
149
150
151typedef struct WOLFSSL_X509_OBJECT {
152 union {
153 char* ptr;
154 WOLFSSL_X509 *x509;
155 WOLFSSL_X509_CRL* crl; /* stunnel dereference */
156 } data;
157} WOLFSSL_X509_OBJECT;
158
159typedef struct WOLFSSL_X509_STORE_CTX {
160 WOLFSSL_X509_STORE* store; /* Store full of a CA cert chain */
161 WOLFSSL_X509* current_cert; /* stunnel dereference */
162 char* domain; /* subject CN domain name */
163 void* ex_data; /* external data, for fortress build */
164 void* userCtx; /* user ctx */
165 int error; /* current error */
166 int error_depth; /* cert depth for this error */
167 int discardSessionCerts; /* so verify callback can flag for discard */
168} WOLFSSL_X509_STORE_CTX;
169
170
171/* Valid Alert types from page 16/17 */
172enum AlertDescription {
173 close_notify = 0,
174 unexpected_message = 10,
175 bad_record_mac = 20,
176 record_overflow = 22,
177 decompression_failure = 30,
178 handshake_failure = 40,
179 no_certificate = 41,
180 bad_certificate = 42,
181 unsupported_certificate = 43,
182 certificate_revoked = 44,
183 certificate_expired = 45,
184 certificate_unknown = 46,
185 illegal_parameter = 47,
186 decrypt_error = 51,
187 #ifdef WOLFSSL_MYSQL_COMPATIBLE
188 /* catch name conflict for enum protocol with MYSQL build */
189 wc_protocol_version = 70,
190 #else
191 protocol_version = 70,
192 #endif
193 no_renegotiation = 100,
194 unrecognized_name = 112,
195 no_application_protocol = 120
196};
197
198
199enum AlertLevel {
200 alert_warning = 1,
201 alert_fatal = 2
202};
203
204
205WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method(void);
206WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method(void);
207WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method(void);
208WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method(void);
209WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
210WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
211WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
212WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
213
214#ifdef WOLFSSL_DTLS
215 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method(void);
216 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method(void);
217 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method(void);
218 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
219#endif
220
221#ifdef HAVE_POLY1305
222 WOLFSSL_API int wolfSSL_use_old_poly(WOLFSSL*, int);
223#endif
224
225#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
226
227WOLFSSL_API int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX*, const char*, int);
228WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, const char*, int);
229WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*,
230 const char*);
231WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *,
232 const char *file);
233WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int);
234
235WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl);
236WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
237WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, int);
238WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*, int);
239WOLFSSL_API int wolfSSL_use_certificate_chain_file(WOLFSSL*, const char *file);
240WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int);
241
242#ifdef WOLFSSL_DER_LOAD
243 WOLFSSL_API int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX*,
244 const char*, int);
245#endif
246
247#ifdef HAVE_NTRU
248 WOLFSSL_API int wolfSSL_CTX_use_NTRUPrivateKey_file(WOLFSSL_CTX*, const char*);
249 /* load NTRU private key blob */
250#endif
251
252#ifndef WOLFSSL_PEMCERT_TODER_DEFINED
253 WOLFSSL_API int wolfSSL_PemCertToDer(const char*, unsigned char*, int);
254 #define WOLFSSL_PEMCERT_TODER_DEFINED
255#endif
256
257#endif /* !NO_FILESYSTEM && !NO_CERTS */
258
259WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
260WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
261WOLFSSL_API int wolfSSL_set_fd (WOLFSSL*, int);
262WOLFSSL_API char* wolfSSL_get_cipher_list(int priority);
263WOLFSSL_API int wolfSSL_get_ciphers(char*, int);
264WOLFSSL_API int wolfSSL_get_fd(const WOLFSSL*);
265WOLFSSL_API void wolfSSL_set_using_nonblock(WOLFSSL*, int);
266WOLFSSL_API int wolfSSL_get_using_nonblock(WOLFSSL*);
267WOLFSSL_API int wolfSSL_connect(WOLFSSL*); /* please see note at top of README
268 if you get an error from connect */
269WOLFSSL_API int wolfSSL_write(WOLFSSL*, const void*, int);
270WOLFSSL_API int wolfSSL_read(WOLFSSL*, void*, int);
271WOLFSSL_API int wolfSSL_peek(WOLFSSL*, void*, int);
272WOLFSSL_API int wolfSSL_accept(WOLFSSL*);
273WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX*);
274WOLFSSL_API void wolfSSL_free(WOLFSSL*);
275WOLFSSL_API int wolfSSL_shutdown(WOLFSSL*);
276WOLFSSL_API int wolfSSL_send(WOLFSSL*, const void*, int sz, int flags);
277WOLFSSL_API int wolfSSL_recv(WOLFSSL*, void*, int sz, int flags);
278
279WOLFSSL_API void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX*, int);
280WOLFSSL_API void wolfSSL_set_quiet_shutdown(WOLFSSL*, int);
281
282WOLFSSL_API int wolfSSL_get_error(WOLFSSL*, int);
283WOLFSSL_API int wolfSSL_get_alert_history(WOLFSSL*, WOLFSSL_ALERT_HISTORY *);
284
285WOLFSSL_API int wolfSSL_set_session(WOLFSSL* ssl,WOLFSSL_SESSION* session);
286WOLFSSL_API long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* session, long t);
287WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);
288WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX *ctx, long tm);
289WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL* ssl, const unsigned char*,
290 int, int);
291
292#ifdef SESSION_INDEX
293WOLFSSL_API int wolfSSL_GetSessionIndex(WOLFSSL* ssl);
294WOLFSSL_API int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
295#endif /* SESSION_INDEX */
296
297#if defined(SESSION_INDEX) && defined(SESSION_CERTS)
298WOLFSSL_API
299 WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session);
300#endif /* SESSION_INDEX && SESSION_CERTS */
301
302typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*);
303typedef int (*pem_password_cb)(char*, int, int, void*);
304
305WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int,
306 VerifyCallback verify_callback);
307WOLFSSL_API void wolfSSL_set_verify(WOLFSSL*, int, VerifyCallback verify_callback);
308WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*);
309
310WOLFSSL_API int wolfSSL_pending(WOLFSSL*);
311
312WOLFSSL_API void wolfSSL_load_error_strings(void);
313WOLFSSL_API int wolfSSL_library_init(void);
314WOLFSSL_API long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX*, long);
315
316#ifdef HAVE_SECRET_CALLBACK
317typedef int (*SessionSecretCb)(WOLFSSL* ssl,
318 void* secret, int* secretSz, void* ctx);
319WOLFSSL_API int wolfSSL_set_session_secret_cb(WOLFSSL*, SessionSecretCb, void*);
320#endif /* HAVE_SECRET_CALLBACK */
321
322/* session cache persistence */
323WOLFSSL_API int wolfSSL_save_session_cache(const char*);
324WOLFSSL_API int wolfSSL_restore_session_cache(const char*);
325WOLFSSL_API int wolfSSL_memsave_session_cache(void*, int);
326WOLFSSL_API int wolfSSL_memrestore_session_cache(const void*, int);
327WOLFSSL_API int wolfSSL_get_session_cache_memsize(void);
328
329/* certificate cache persistence, uses ctx since certs are per ctx */
330WOLFSSL_API int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX*, const char*);
331WOLFSSL_API int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX*, const char*);
332WOLFSSL_API int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX*, void*, int, int*);
333WOLFSSL_API int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX*, const void*, int);
334WOLFSSL_API int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*);
335
336/* only supports full name from cipher_name[] delimited by : */
337WOLFSSL_API int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX*, const char*);
338WOLFSSL_API int wolfSSL_set_cipher_list(WOLFSSL*, const char*);
339
340/* Nonblocking DTLS helper functions */
341WOLFSSL_API int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl);
342WOLFSSL_API int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int);
343WOLFSSL_API int wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int);
344WOLFSSL_API int wolfSSL_dtls_got_timeout(WOLFSSL* ssl);
345WOLFSSL_API int wolfSSL_dtls(WOLFSSL* ssl);
346
347WOLFSSL_API int wolfSSL_dtls_set_peer(WOLFSSL*, void*, unsigned int);
348WOLFSSL_API int wolfSSL_dtls_get_peer(WOLFSSL*, void*, unsigned int*);
349
350WOLFSSL_API int wolfSSL_ERR_GET_REASON(unsigned long err);
351WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*);
352WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
353 unsigned long sz);
354WOLFSSL_API const char* wolfSSL_ERR_reason_error_string(unsigned long);
355
356/* extras */
357
358#define STACK_OF(x) x
359
360WOLFSSL_API int wolfSSL_set_ex_data(WOLFSSL*, int, void*);
361WOLFSSL_API int wolfSSL_get_shutdown(const WOLFSSL*);
362WOLFSSL_API int wolfSSL_set_rfd(WOLFSSL*, int);
363WOLFSSL_API int wolfSSL_set_wfd(WOLFSSL*, int);
364WOLFSSL_API void wolfSSL_set_shutdown(WOLFSSL*, int);
365WOLFSSL_API int wolfSSL_set_session_id_context(WOLFSSL*, const unsigned char*,
366 unsigned int);
367WOLFSSL_API void wolfSSL_set_connect_state(WOLFSSL*);
368WOLFSSL_API void wolfSSL_set_accept_state(WOLFSSL*);
369WOLFSSL_API int wolfSSL_session_reused(WOLFSSL*);
370WOLFSSL_API void wolfSSL_SESSION_free(WOLFSSL_SESSION* session);
371WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL*);
372
373WOLFSSL_API const char* wolfSSL_get_version(WOLFSSL*);
374WOLFSSL_API int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
375WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*);
376WOLFSSL_API char* wolfSSL_CIPHER_description(WOLFSSL_CIPHER*, char*, int);
377WOLFSSL_API const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher);
378WOLFSSL_API const char* wolfSSL_get_cipher(WOLFSSL*);
379WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
380 /* what's ref count */
381
382WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*);
383WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
384
385WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port,
386 char** path, int* ssl);
387
388WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void);
389WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void);
390WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void);
391
392WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX*);
393WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX*, const void*, unsigned long);
394WOLFSSL_API void wolfSSL_MD4_Final(unsigned char*, WOLFSSL_MD4_CTX*);
395
396
397WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*);
398WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*);
399WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*);
400WOLFSSL_API int wolfSSL_BIO_read(WOLFSSL_BIO*, void*, int);
401WOLFSSL_API int wolfSSL_BIO_write(WOLFSSL_BIO*, const void*, int);
402WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO*, WOLFSSL_BIO* append);
403WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO*);
404WOLFSSL_API int wolfSSL_BIO_flush(WOLFSSL_BIO*);
405WOLFSSL_API int wolfSSL_BIO_pending(WOLFSSL_BIO*);
406
407WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void);
408WOLFSSL_API long wolfSSL_BIO_set_write_buffer_size(WOLFSSL_BIO*, long size);
409WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void);
410WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int flag);
411WOLFSSL_API int wolfSSL_BIO_eof(WOLFSSL_BIO*);
412
413WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void);
414WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void);
415WOLFSSL_API void wolfSSL_BIO_set_flags(WOLFSSL_BIO*, int);
416
417WOLFSSL_API int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,const unsigned char** p);
418WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len);
419
420
421WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag);
422WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr);
423
424WOLFSSL_API int wolfSSL_add_all_algorithms(void);
425
426WOLFSSL_API void wolfSSL_RAND_screen(void);
427WOLFSSL_API const char* wolfSSL_RAND_file_name(char*, unsigned long);
428WOLFSSL_API int wolfSSL_RAND_write_file(const char*);
429WOLFSSL_API int wolfSSL_RAND_load_file(const char*, long);
430WOLFSSL_API int wolfSSL_RAND_egd(const char*);
431WOLFSSL_API int wolfSSL_RAND_seed(const void*, int);
432WOLFSSL_API void wolfSSL_RAND_add(const void*, int, double);
433
434WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void);
435WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void);
436WOLFSSL_API int wolfSSL_COMP_add_compression_method(int, void*);
437
438WOLFSSL_API int wolfSSL_get_ex_new_index(long, void*, void*, void*, void*);
439
440WOLFSSL_API void wolfSSL_set_id_callback(unsigned long (*f)(void));
441WOLFSSL_API void wolfSSL_set_locking_callback(void (*f)(int, int, const char*,
442 int));
443WOLFSSL_API void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f)
444 (const char*, int));
445WOLFSSL_API void wolfSSL_set_dynlock_lock_callback(void (*f)(int,
446 WOLFSSL_dynlock_value*, const char*, int));
447WOLFSSL_API void wolfSSL_set_dynlock_destroy_callback(void (*f)
448 (WOLFSSL_dynlock_value*, const char*, int));
449WOLFSSL_API int wolfSSL_num_locks(void);
450
451WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get_current_cert(
452 WOLFSSL_X509_STORE_CTX*);
453WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error(WOLFSSL_X509_STORE_CTX*);
454WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error_depth(WOLFSSL_X509_STORE_CTX*);
455
456WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, char*, int);
457WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
458WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
459WOLFSSL_API int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509*, int);
460WOLFSSL_API int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509*, int);
461WOLFSSL_API int wolfSSL_X509_get_isCA(WOLFSSL_X509*);
462WOLFSSL_API int wolfSSL_X509_get_isSet_pathLength(WOLFSSL_X509*);
463WOLFSSL_API unsigned int wolfSSL_X509_get_pathLength(WOLFSSL_X509*);
464WOLFSSL_API unsigned int wolfSSL_X509_get_keyUsage(WOLFSSL_X509*);
465WOLFSSL_API unsigned char* wolfSSL_X509_get_authorityKeyID(
466 WOLFSSL_X509*, unsigned char*, int*);
467WOLFSSL_API unsigned char* wolfSSL_X509_get_subjectKeyID(
468 WOLFSSL_X509*, unsigned char*, int*);
469WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*);
470WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID(
471 WOLFSSL_X509_NAME*, int, char*, int);
472WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*);
473WOLFSSL_API const char* wolfSSL_X509_verify_cert_error_string(long);
474WOLFSSL_API int wolfSSL_X509_get_signature_type(WOLFSSL_X509*);
475WOLFSSL_API int wolfSSL_X509_get_signature(WOLFSSL_X509*, unsigned char*, int*);
476
477WOLFSSL_API int wolfSSL_X509_LOOKUP_add_dir(WOLFSSL_X509_LOOKUP*,const char*,long);
478WOLFSSL_API int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP*, const char*,
479 long);
480WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_hash_dir(void);
481WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_file(void);
482
483WOLFSSL_API WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE*,
484 WOLFSSL_X509_LOOKUP_METHOD*);
485WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void);
486WOLFSSL_API void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE*);
487WOLFSSL_API int wolfSSL_X509_STORE_add_cert(
488 WOLFSSL_X509_STORE*, WOLFSSL_X509*);
489WOLFSSL_API int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE*);
490WOLFSSL_API int wolfSSL_X509_STORE_get_by_subject(WOLFSSL_X509_STORE_CTX*,
491 int, WOLFSSL_X509_NAME*, WOLFSSL_X509_OBJECT*);
492WOLFSSL_API WOLFSSL_X509_STORE_CTX* wolfSSL_X509_STORE_CTX_new(void);
493WOLFSSL_API int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX*,
494 WOLFSSL_X509_STORE*, WOLFSSL_X509*, STACK_OF(WOLFSSL_X509)*);
495WOLFSSL_API void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX*);
496WOLFSSL_API void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX*);
497
498WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL*);
499WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL*);
500
501WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509*);
502WOLFSSL_API int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKEY*);
503WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX*,
504 int);
505WOLFSSL_API void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT*);
506WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
507WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*);
508WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*);
509
510WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*);
511WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value(
512 WOLFSSL_X509_REVOKED*,int);
513WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509*);
514
515WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO*, const WOLFSSL_ASN1_TIME*);
516
517WOLFSSL_API int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER*,
518 const WOLFSSL_ASN1_INTEGER*);
519WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER*);
520
521WOLFSSL_API STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*);
522
523WOLFSSL_API void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX*,
524 STACK_OF(WOLFSSL_X509_NAME)*);
525WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX*, int);
526WOLFSSL_API int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void);
527WOLFSSL_API void* wolfSSL_get_ex_data(const WOLFSSL*, int);
528
529WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX*,
530 void* userdata);
531WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb(WOLFSSL_CTX*, pem_password_cb);
532
533
534WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX*,
535 void (*)(const WOLFSSL* ssl, int type, int val));
536
537WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void);
538WOLFSSL_API int wolfSSL_GET_REASON(int);
539
540WOLFSSL_API char* wolfSSL_alert_type_string_long(int);
541WOLFSSL_API char* wolfSSL_alert_desc_string_long(int);
542WOLFSSL_API char* wolfSSL_state_string_long(const WOLFSSL*);
543
544WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long,
545 void(*)(int, int, void*), void*);
546WOLFSSL_API void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX*,
547 WOLFSSL_RSA*(*)(WOLFSSL*, int, int));
548
549WOLFSSL_API int wolfSSL_PEM_def_callback(char*, int num, int w, void* key);
550
551WOLFSSL_API long wolfSSL_CTX_sess_accept(WOLFSSL_CTX*);
552WOLFSSL_API long wolfSSL_CTX_sess_connect(WOLFSSL_CTX*);
553WOLFSSL_API long wolfSSL_CTX_sess_accept_good(WOLFSSL_CTX*);
554WOLFSSL_API long wolfSSL_CTX_sess_connect_good(WOLFSSL_CTX*);
555WOLFSSL_API long wolfSSL_CTX_sess_accept_renegotiate(WOLFSSL_CTX*);
556WOLFSSL_API long wolfSSL_CTX_sess_connect_renegotiate(WOLFSSL_CTX*);
557WOLFSSL_API long wolfSSL_CTX_sess_hits(WOLFSSL_CTX*);
558WOLFSSL_API long wolfSSL_CTX_sess_cb_hits(WOLFSSL_CTX*);
559WOLFSSL_API long wolfSSL_CTX_sess_cache_full(WOLFSSL_CTX*);
560WOLFSSL_API long wolfSSL_CTX_sess_misses(WOLFSSL_CTX*);
561WOLFSSL_API long wolfSSL_CTX_sess_timeouts(WOLFSSL_CTX*);
562WOLFSSL_API long wolfSSL_CTX_sess_number(WOLFSSL_CTX*);
563WOLFSSL_API long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX*);
564
565#define WOLFSSL_DEFAULT_CIPHER_LIST "" /* default all */
566#define WOLFSSL_RSA_F4 0x10001L
567
568enum {
569 OCSP_NOCERTS = 1,
570 OCSP_NOINTERN = 2,
571 OCSP_NOSIGS = 4,
572 OCSP_NOCHAIN = 8,
573 OCSP_NOVERIFY = 16,
574 OCSP_NOEXPLICIT = 32,
575 OCSP_NOCASIGN = 64,
576 OCSP_NODELEGATED = 128,
577 OCSP_NOCHECKS = 256,
578 OCSP_TRUSTOTHER = 512,
579 OCSP_RESPID_KEY = 1024,
580 OCSP_NOTIME = 2048,
581
582 OCSP_CERTID = 2,
583 OCSP_REQUEST = 4,
584 OCSP_RESPONSE = 8,
585 OCSP_BASICRESP = 16,
586
587 WOLFSSL_OCSP_URL_OVERRIDE = 1,
588 WOLFSSL_OCSP_NO_NONCE = 2,
589 WOLFSSL_OCSP_CHECKALL = 4,
590
591 WOLFSSL_CRL_CHECKALL = 1,
592
593 ASN1_GENERALIZEDTIME = 4,
594
595 SSL_OP_MICROSOFT_SESS_ID_BUG = 1,
596 SSL_OP_NETSCAPE_CHALLENGE_BUG = 2,
597 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3,
598 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4,
599 SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5,
600 SSL_OP_MSIE_SSLV2_RSA_PADDING = 6,
601 SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7,
602 SSL_OP_TLS_D5_BUG = 8,
603 SSL_OP_TLS_BLOCK_PADDING_BUG = 9,
604 SSL_OP_TLS_ROLLBACK_BUG = 10,
605 SSL_OP_ALL = 11,
606 SSL_OP_EPHEMERAL_RSA = 12,
607 SSL_OP_NO_SSLv3 = 13,
608 SSL_OP_NO_TLSv1 = 14,
609 SSL_OP_PKCS1_CHECK_1 = 15,
610 SSL_OP_PKCS1_CHECK_2 = 16,
611 SSL_OP_NETSCAPE_CA_DN_BUG = 17,
612 SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18,
613 SSL_OP_SINGLE_DH_USE = 19,
614 SSL_OP_NO_TICKET = 20,
615 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21,
616 SSL_OP_NO_QUERY_MTU = 22,
617 SSL_OP_COOKIE_EXCHANGE = 23,
618 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24,
619 SSL_OP_SINGLE_ECDH_USE = 25,
620 SSL_OP_CIPHER_SERVER_PREFERENCE = 26,
621
622 SSL_MAX_SSL_SESSION_ID_LENGTH = 32,
623
624 EVP_R_BAD_DECRYPT = 2,
625
626 SSL_CB_LOOP = 4,
627 SSL_ST_CONNECT = 5,
628 SSL_ST_ACCEPT = 6,
629 SSL_CB_ALERT = 7,
630 SSL_CB_READ = 8,
631 SSL_CB_HANDSHAKE_DONE = 9,
632
633 SSL_MODE_ENABLE_PARTIAL_WRITE = 2,
634
635 BIO_FLAGS_BASE64_NO_NL = 1,
636 BIO_CLOSE = 1,
637 BIO_NOCLOSE = 0,
638
639 NID_undef = 0,
640
641 X509_FILETYPE_PEM = 8,
642 X509_LU_X509 = 9,
643 X509_LU_CRL = 12,
644
645 X509_V_ERR_CRL_SIGNATURE_FAILURE = 13,
646 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14,
647 X509_V_ERR_CRL_HAS_EXPIRED = 15,
648 X509_V_ERR_CERT_REVOKED = 16,
649 X509_V_ERR_CERT_CHAIN_TOO_LONG = 17,
650 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18,
651 X509_V_ERR_CERT_NOT_YET_VALID = 19,
652 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20,
653 X509_V_ERR_CERT_HAS_EXPIRED = 21,
654 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22,
655 X509_V_ERR_CERT_REJECTED = 23,
656 X509_V_OK = 0,
657
658 XN_FLAG_SPC_EQ = (1 << 23),
659 XN_FLAG_ONELINE = 0,
660
661 CRYPTO_LOCK = 1,
662 CRYPTO_NUM_LOCKS = 10,
663
664 ASN1_STRFLGS_ESC_MSB = 4
665};
666
667/* extras end */
668
669#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
670#include <wolfssl/wolfcrypt/wc_port.h>
671/* wolfSSL extension, provide last error from SSL_get_error
672 since not using thread storage error queue */
673WOLFSSL_API void wolfSSL_ERR_print_errors_fp(XFILE fp, int err);
674#endif
675
676enum { /* ssl Constants */
677 SSL_ERROR_NONE = 0, /* for most functions */
678 SSL_FAILURE = 0, /* for some functions */
679 SSL_SUCCESS = 1,
680 SSL_SHUTDOWN_NOT_DONE = 2, /* call wolfSSL_shutdown again to complete */
681
682 SSL_ALPN_NOT_FOUND = -9,
683 SSL_BAD_CERTTYPE = -8,
684 SSL_BAD_STAT = -7,
685 SSL_BAD_PATH = -6,
686 SSL_BAD_FILETYPE = -5,
687 SSL_BAD_FILE = -4,
688 SSL_NOT_IMPLEMENTED = -3,
689 SSL_UNKNOWN = -2,
690 SSL_FATAL_ERROR = -1,
691
692 SSL_FILETYPE_ASN1 = 2,
693 SSL_FILETYPE_PEM = 1,
694 SSL_FILETYPE_DEFAULT = 2, /* ASN1 */
695 SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */
696
697 SSL_VERIFY_NONE = 0,
698 SSL_VERIFY_PEER = 1,
699 SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2,
700 SSL_VERIFY_CLIENT_ONCE = 4,
701
702 SSL_SESS_CACHE_OFF = 30,
703 SSL_SESS_CACHE_CLIENT = 31,
704 SSL_SESS_CACHE_SERVER = 32,
705 SSL_SESS_CACHE_BOTH = 33,
706 SSL_SESS_CACHE_NO_AUTO_CLEAR = 34,
707 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35,
708
709 SSL_ERROR_WANT_READ = 2,
710 SSL_ERROR_WANT_WRITE = 3,
711 SSL_ERROR_WANT_CONNECT = 7,
712 SSL_ERROR_WANT_ACCEPT = 8,
713 SSL_ERROR_SYSCALL = 5,
714 SSL_ERROR_WANT_X509_LOOKUP = 83,
715 SSL_ERROR_ZERO_RETURN = 6,
716 SSL_ERROR_SSL = 85,
717
718 SSL_SENT_SHUTDOWN = 1,
719 SSL_RECEIVED_SHUTDOWN = 2,
720 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4,
721 SSL_OP_NO_SSLv2 = 8,
722
723 SSL_R_SSL_HANDSHAKE_FAILURE = 101,
724 SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102,
725 SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103,
726 SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104,
727
728 PEM_BUFSIZE = 1024
729};
730
731
732#ifndef NO_PSK
733 typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*,
734 unsigned int, unsigned char*, unsigned int);
735 WOLFSSL_API void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX*,
736 wc_psk_client_callback);
737 WOLFSSL_API void wolfSSL_set_psk_client_callback(WOLFSSL*,
738 wc_psk_client_callback);
739
740 WOLFSSL_API const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*);
741 WOLFSSL_API const char* wolfSSL_get_psk_identity(const WOLFSSL*);
742
743 WOLFSSL_API int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX*, const char*);
744 WOLFSSL_API int wolfSSL_use_psk_identity_hint(WOLFSSL*, const char*);
745
746 typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*,
747 unsigned char*, unsigned int);
748 WOLFSSL_API void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX*,
749 wc_psk_server_callback);
750 WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL*,
751 wc_psk_server_callback);
752
753 #define PSK_TYPES_DEFINED
754#endif /* NO_PSK */
755
756
757#ifdef HAVE_ANON
758 WOLFSSL_API int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*);
759#endif /* HAVE_ANON */
760
761
762/* extra begins */
763
764enum { /* ERR Constants */
765 ERR_TXT_STRING = 1
766};
767
768WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line_data(const char**, int*,
769 const char**, int *);
770
771WOLFSSL_API unsigned long wolfSSL_ERR_get_error(void);
772WOLFSSL_API void wolfSSL_ERR_clear_error(void);
773
774
775WOLFSSL_API int wolfSSL_RAND_status(void);
776WOLFSSL_API int wolfSSL_RAND_bytes(unsigned char* buf, int num);
777WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method(void);
778WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long);
779#ifndef NO_CERTS
780 WOLFSSL_API int wolfSSL_CTX_check_private_key(WOLFSSL_CTX*);
781#endif /* !NO_CERTS */
782
783WOLFSSL_API void wolfSSL_ERR_free_strings(void);
784WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long);
785WOLFSSL_API void wolfSSL_EVP_cleanup(void);
786WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl);
787
788WOLFSSL_API void wolfSSL_cleanup_all_ex_data(void);
789WOLFSSL_API long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode);
790WOLFSSL_API long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx);
791WOLFSSL_API void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m);
792WOLFSSL_API long wolfSSL_SSL_get_mode(WOLFSSL* ssl);
793
794WOLFSSL_API long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX*, long);
795
796WOLFSSL_API int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX*);
797WOLFSSL_API int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX*,
798 const unsigned char*, unsigned int);
799WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl);
800
801WOLFSSL_API int wolfSSL_want_read(WOLFSSL*);
802WOLFSSL_API int wolfSSL_want_write(WOLFSSL*);
803
804WOLFSSL_API int wolfSSL_BIO_printf(WOLFSSL_BIO*, const char*, ...);
805WOLFSSL_API int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO*,
806 const WOLFSSL_ASN1_UTCTIME*);
807WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_X509_REVOKED*);
808WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_X509_REVOKED*, int);
809
810/* stunnel 4.28 needs */
811WOLFSSL_API void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX*, int);
812WOLFSSL_API int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX*, int, void*);
813WOLFSSL_API void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX*,
814 WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*));
815WOLFSSL_API void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX*,
816 int (*f)(WOLFSSL*, WOLFSSL_SESSION*));
817WOLFSSL_API void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX*,
818 void (*f)(WOLFSSL_CTX*, WOLFSSL_SESSION*));
819
820WOLFSSL_API int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION*,unsigned char**);
821WOLFSSL_API WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION**,
822 const unsigned char**, long);
823
824WOLFSSL_API long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION*);
825WOLFSSL_API long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION*);
826WOLFSSL_API int wolfSSL_CTX_get_ex_new_index(long, void*, void*, void*, void*);
827
828/* extra ends */
829
830
831/* wolfSSL extensions */
832
833/* call before SSL_connect, if verifying will add name check to
834 date check and signature check */
835WOLFSSL_API int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn);
836
837/* need to call once to load library (session cache) */
838WOLFSSL_API int wolfSSL_Init(void);
839/* call when done to cleanup/free session cache mutex / resources */
840WOLFSSL_API int wolfSSL_Cleanup(void);
841
842/* which library version do we have */
843WOLFSSL_API const char* wolfSSL_lib_version(void);
844/* which library version do we have in hex */
845WOLFSSL_API unsigned int wolfSSL_lib_version_hex(void);
846
847/* turn logging on, only if compiled in */
848WOLFSSL_API int wolfSSL_Debugging_ON(void);
849/* turn logging off */
850WOLFSSL_API void wolfSSL_Debugging_OFF(void);
851
852/* do accept or connect depedning on side */
853WOLFSSL_API int wolfSSL_negotiate(WOLFSSL* ssl);
854/* turn on wolfSSL data compression */
855WOLFSSL_API int wolfSSL_set_compression(WOLFSSL* ssl);
856
857WOLFSSL_API int wolfSSL_set_timeout(WOLFSSL*, unsigned int);
858WOLFSSL_API int wolfSSL_CTX_set_timeout(WOLFSSL_CTX*, unsigned int);
859
860/* get wolfSSL peer X509_CHAIN */
861WOLFSSL_API WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl);
862/* peer chain count */
863WOLFSSL_API int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain);
864/* index cert length */
865WOLFSSL_API int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN*, int idx);
866/* index cert */
867WOLFSSL_API unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN*, int idx);
868/* index cert in X509 */
869WOLFSSL_API WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN*, int idx);
870/* free X509 */
871WOLFSSL_API void wolfSSL_FreeX509(WOLFSSL_X509*);
872/* get index cert in PEM */
873WOLFSSL_API int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN*, int idx,
874 unsigned char* buffer, int inLen, int* outLen);
875WOLFSSL_API const unsigned char* wolfSSL_get_sessionID(const WOLFSSL_SESSION* s);
876WOLFSSL_API int wolfSSL_X509_get_serial_number(WOLFSSL_X509*,unsigned char*,int*);
877WOLFSSL_API char* wolfSSL_X509_get_subjectCN(WOLFSSL_X509*);
878WOLFSSL_API const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509*, int*);
879WOLFSSL_API const unsigned char* wolfSSL_X509_notBefore(WOLFSSL_X509*);
880WOLFSSL_API const unsigned char* wolfSSL_X509_notAfter(WOLFSSL_X509*);
881WOLFSSL_API int wolfSSL_X509_version(WOLFSSL_X509*);
882
883WOLFSSL_API int wolfSSL_cmp_peer_cert_to_file(WOLFSSL*, const char*);
884
885WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
886
887WOLFSSL_API WOLFSSL_X509*
888 wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len);
889#ifndef NO_FILESYSTEM
890 #ifndef NO_STDIO_FILESYSTEM
891 WOLFSSL_API WOLFSSL_X509*
892 wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file);
893 #endif
894WOLFSSL_API WOLFSSL_X509*
895 wolfSSL_X509_load_certificate_file(const char* fname, int format);
896#endif
897
898#ifdef WOLFSSL_SEP
899 WOLFSSL_API unsigned char*
900 wolfSSL_X509_get_device_type(WOLFSSL_X509*, unsigned char*, int*);
901 WOLFSSL_API unsigned char*
902 wolfSSL_X509_get_hw_type(WOLFSSL_X509*, unsigned char*, int*);
903 WOLFSSL_API unsigned char*
904 wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509*, unsigned char*, int*);
905#endif
906
907/* connect enough to get peer cert */
908WOLFSSL_API int wolfSSL_connect_cert(WOLFSSL* ssl);
909
910#ifndef NO_DH
911/* server Diffie-Hellman parameters */
912WOLFSSL_API int wolfSSL_SetTmpDH(WOLFSSL*, const unsigned char* p, int pSz,
913 const unsigned char* g, int gSz);
914WOLFSSL_API int wolfSSL_SetTmpDH_buffer(WOLFSSL*, const unsigned char* b, long sz,
915 int format);
916#ifndef NO_FILESYSTEM
917 WOLFSSL_API int wolfSSL_SetTmpDH_file(WOLFSSL*, const char* f, int format);
918#endif
919
920/* server ctx Diffie-Hellman parameters */
921WOLFSSL_API int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX*, const unsigned char* p,
922 int pSz, const unsigned char* g, int gSz);
923WOLFSSL_API int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX*, const unsigned char* b,
924 long sz, int format);
925
926#ifndef NO_FILESYSTEM
927 WOLFSSL_API int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX*, const char* f,
928 int format);
929#endif
930
931WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, unsigned short);
932WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, unsigned short);
933WOLFSSL_API int wolfSSL_GetDhKey_Sz(WOLFSSL*);
934#endif /* NO_DH */
935
936WOLFSSL_API int wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL*, unsigned short);
937WOLFSSL_API int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX*, unsigned short);
938
939/* keyblock size in bytes or -1 */
940/* need to call wolfSSL_KeepArrays before handshake to save keys */
941WOLFSSL_API int wolfSSL_get_keyblock_size(WOLFSSL*);
942WOLFSSL_API int wolfSSL_get_keys(WOLFSSL*,unsigned char** ms, unsigned int* msLen,
943 unsigned char** sr, unsigned int* srLen,
944 unsigned char** cr, unsigned int* crLen);
945
946/* Computes EAP-TLS and EAP-TTLS keying material from the master_secret. */
947WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len,
948 const char* label);
949
950
951#ifndef _WIN32
952 #ifndef NO_WRITEV
953 #ifdef __PPU
954 #include <sys/types.h>
955 #include <sys/socket.h>
956 #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM) && \
957 !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_ROWLEY_ARM)
958 #include <sys/uio.h>
959 #endif
960 /* allow writev style writing */
961 WOLFSSL_API int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov,
962 int iovcnt);
963 #endif
964#endif
965
966
967#ifndef NO_CERTS
968 /* SSL_CTX versions */
969 WOLFSSL_API int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*);
970 WOLFSSL_API int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX*,
971 const unsigned char*, long, int);
972 WOLFSSL_API int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX*,
973 const unsigned char*, long, int);
974 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX*,
975 const unsigned char*, long, int);
976 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX*,
977 const unsigned char*, long);
978
979 /* SSL versions */
980 WOLFSSL_API int wolfSSL_use_certificate_buffer(WOLFSSL*, const unsigned char*,
981 long, int);
982 WOLFSSL_API int wolfSSL_use_PrivateKey_buffer(WOLFSSL*, const unsigned char*,
983 long, int);
984 WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL*,
985 const unsigned char*, long);
986 WOLFSSL_API int wolfSSL_UnloadCertsKeys(WOLFSSL*);
987#endif
988
989WOLFSSL_API int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*);
990WOLFSSL_API int wolfSSL_set_group_messages(WOLFSSL*);
991
992/* I/O callbacks */
993typedef int (*CallbackIORecv)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
994typedef int (*CallbackIOSend)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
995
996#ifdef HAVE_FUZZER
997enum fuzzer_type {
998 FUZZ_HMAC = 0,
999 FUZZ_ENCRYPT = 1,
1000 FUZZ_SIGNATURE = 2,
1001 FUZZ_HASH = 3,
1002 FUZZ_HEAD = 4
1003};
1004
1005typedef int (*CallbackFuzzer)(WOLFSSL* ssl, const unsigned char* buf, int sz,
1006 int type, void* fuzzCtx);
1007
1008WOLFSSL_API void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx);
1009#endif
1010
1011WOLFSSL_API void wolfSSL_SetIORecv(WOLFSSL_CTX*, CallbackIORecv);
1012WOLFSSL_API void wolfSSL_SetIOSend(WOLFSSL_CTX*, CallbackIOSend);
1013
1014WOLFSSL_API void wolfSSL_SetIOReadCtx( WOLFSSL* ssl, void *ctx);
1015WOLFSSL_API void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *ctx);
1016
1017WOLFSSL_API void* wolfSSL_GetIOReadCtx( WOLFSSL* ssl);
1018WOLFSSL_API void* wolfSSL_GetIOWriteCtx(WOLFSSL* ssl);
1019
1020WOLFSSL_API void wolfSSL_SetIOReadFlags( WOLFSSL* ssl, int flags);
1021WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags);
1022
1023
1024#ifndef WOLFSSL_USER_IO
1025 /* default IO callbacks */
1026 WOLFSSL_API int EmbedReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
1027 WOLFSSL_API int EmbedSend(WOLFSSL* ssl, char* buf, int sz, void* ctx);
1028
1029 #ifdef HAVE_OCSP
1030 WOLFSSL_API int EmbedOcspLookup(void*, const char*, int, unsigned char*,
1031 int, unsigned char**);
1032 WOLFSSL_API void EmbedOcspRespFree(void*, unsigned char*);
1033 #endif
1034
1035 #ifdef WOLFSSL_DTLS
1036 WOLFSSL_API int EmbedReceiveFrom(WOLFSSL* ssl, char* buf, int sz, void*);
1037 WOLFSSL_API int EmbedSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx);
1038 WOLFSSL_API int EmbedGenerateCookie(WOLFSSL* ssl, unsigned char* buf,
1039 int sz, void*);
1040 #endif /* WOLFSSL_DTLS */
1041#endif /* WOLFSSL_USER_IO */
1042
1043
1044#ifdef HAVE_NETX
1045 WOLFSSL_API void wolfSSL_SetIO_NetX(WOLFSSL* ssl, NX_TCP_SOCKET* nxsocket,
1046 ULONG waitoption);
1047#endif
1048
1049typedef int (*CallbackGenCookie)(WOLFSSL* ssl, unsigned char* buf, int sz,
1050 void* ctx);
1051WOLFSSL_API void wolfSSL_CTX_SetGenCookie(WOLFSSL_CTX*, CallbackGenCookie);
1052WOLFSSL_API void wolfSSL_SetCookieCtx(WOLFSSL* ssl, void *ctx);
1053WOLFSSL_API void* wolfSSL_GetCookieCtx(WOLFSSL* ssl);
1054WOLFSSL_API int wolfSSL_DTLS_SetCookieSecret(WOLFSSL*,
1055 const unsigned char*,
1056 unsigned int);
1057
1058
1059/* I/O Callback default errors */
1060enum IOerrors {
1061 WOLFSSL_CBIO_ERR_GENERAL = -1, /* general unexpected err */
1062 WOLFSSL_CBIO_ERR_WANT_READ = -2, /* need to call read again */
1063 WOLFSSL_CBIO_ERR_WANT_WRITE = -2, /* need to call write again */
1064 WOLFSSL_CBIO_ERR_CONN_RST = -3, /* connection reset */
1065 WOLFSSL_CBIO_ERR_ISR = -4, /* interrupt */
1066 WOLFSSL_CBIO_ERR_CONN_CLOSE = -5, /* connection closed or epipe */
1067 WOLFSSL_CBIO_ERR_TIMEOUT = -6 /* socket timeout */
1068};
1069
1070
1071/* CA cache callbacks */
1072enum {
1073 WOLFSSL_SSLV3 = 0,
1074 WOLFSSL_TLSV1 = 1,
1075 WOLFSSL_TLSV1_1 = 2,
1076 WOLFSSL_TLSV1_2 = 3,
1077 WOLFSSL_USER_CA = 1, /* user added as trusted */
1078 WOLFSSL_CHAIN_CA = 2 /* added to cache from trusted chain */
1079};
1080
1081WOLFSSL_API int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX* ctx, int version);
1082WOLFSSL_API int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version);
1083WOLFSSL_API int wolfSSL_GetObjectSize(void); /* object size based on build */
1084WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version);
1085WOLFSSL_API int wolfSSL_KeyPemToDer(const unsigned char*, int,
1086 unsigned char*, int, const char*);
1087WOLFSSL_API int wolfSSL_CertPemToDer(const unsigned char*, int,
1088 unsigned char*, int, int);
1089#ifdef WOLFSSL_CERT_EXT
1090 #ifndef WOLFSSL_PEMPUBKEY_TODER_DEFINED
1091 WOLFSSL_API int wolfSSL_PemPubKeyToDer(const char* fileName,
1092 unsigned char* derBuf, int derSz);
1093 WOLFSSL_API int wolfSSL_PubKeyPemToDer(const unsigned char*, int,
1094 unsigned char*, int);
1095 #define WOLFSSL_PEMPUBKEY_TODER_DEFINED
1096 #endif
1097#endif /* WOLFSSL_CERT_EXT */
1098
1099typedef void (*CallbackCACache)(unsigned char* der, int sz, int type);
1100typedef void (*CbMissingCRL)(const char* url);
1101typedef int (*CbOCSPIO)(void*, const char*, int,
1102 unsigned char*, int, unsigned char**);
1103typedef void (*CbOCSPRespFree)(void*,unsigned char*);
1104
1105/* User Atomic Record Layer CallBacks */
1106typedef int (*CallbackMacEncrypt)(WOLFSSL* ssl, unsigned char* macOut,
1107 const unsigned char* macIn, unsigned int macInSz, int macContent,
1108 int macVerify, unsigned char* encOut, const unsigned char* encIn,
1109 unsigned int encSz, void* ctx);
1110WOLFSSL_API void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX*, CallbackMacEncrypt);
1111WOLFSSL_API void wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx);
1112WOLFSSL_API void* wolfSSL_GetMacEncryptCtx(WOLFSSL* ssl);
1113
1114typedef int (*CallbackDecryptVerify)(WOLFSSL* ssl,
1115 unsigned char* decOut, const unsigned char* decIn,
1116 unsigned int decSz, int content, int verify, unsigned int* padSz,
1117 void* ctx);
1118WOLFSSL_API void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX*,
1119 CallbackDecryptVerify);
1120WOLFSSL_API void wolfSSL_SetDecryptVerifyCtx(WOLFSSL* ssl, void *ctx);
1121WOLFSSL_API void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl);
1122
1123WOLFSSL_API const unsigned char* wolfSSL_GetMacSecret(WOLFSSL*, int);
1124WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*);
1125WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*);
1126WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*);
1127WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*);
1128WOLFSSL_API int wolfSSL_GetKeySize(WOLFSSL*);
1129WOLFSSL_API int wolfSSL_GetIVSize(WOLFSSL*);
1130WOLFSSL_API int wolfSSL_GetSide(WOLFSSL*);
1131WOLFSSL_API int wolfSSL_IsTLSv1_1(WOLFSSL*);
1132WOLFSSL_API int wolfSSL_GetBulkCipher(WOLFSSL*);
1133WOLFSSL_API int wolfSSL_GetCipherBlockSize(WOLFSSL*);
1134WOLFSSL_API int wolfSSL_GetAeadMacSize(WOLFSSL*);
1135WOLFSSL_API int wolfSSL_GetHmacSize(WOLFSSL*);
1136WOLFSSL_API int wolfSSL_GetHmacType(WOLFSSL*);
1137WOLFSSL_API int wolfSSL_GetCipherType(WOLFSSL*);
1138WOLFSSL_API int wolfSSL_SetTlsHmacInner(WOLFSSL*, unsigned char*,
1139 unsigned int, int, int);
1140
1141/* Atomic User Needs */
1142enum {
1143 WOLFSSL_SERVER_END = 0,
1144 WOLFSSL_CLIENT_END = 1,
1145 WOLFSSL_BLOCK_TYPE = 2,
1146 WOLFSSL_STREAM_TYPE = 3,
1147 WOLFSSL_AEAD_TYPE = 4,
1148 WOLFSSL_TLS_HMAC_INNER_SZ = 13 /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */
1149};
1150
1151/* for GetBulkCipher and internal use */
1152enum BulkCipherAlgorithm {
1153 wolfssl_cipher_null,
1154 wolfssl_rc4,
1155 wolfssl_rc2,
1156 wolfssl_des,
1157 wolfssl_triple_des, /* leading 3 (3des) not valid identifier */
1158 wolfssl_des40,
1159 wolfssl_idea,
1160 wolfssl_aes,
1161 wolfssl_aes_gcm,
1162 wolfssl_aes_ccm,
1163 wolfssl_chacha,
1164 wolfssl_camellia,
1165 wolfssl_hc128, /* wolfSSL extensions */
1166 wolfssl_rabbit
1167};
1168
1169
1170/* for KDF TLS 1.2 mac types */
1171enum KDF_MacAlgorithm {
1172 wolfssl_sha256 = 4, /* needs to match internal MACAlgorithm */
1173 wolfssl_sha384,
1174 wolfssl_sha512
1175};
1176
1177
1178/* Public Key Callback support */
1179typedef int (*CallbackEccSign)(WOLFSSL* ssl,
1180 const unsigned char* in, unsigned int inSz,
1181 unsigned char* out, unsigned int* outSz,
1182 const unsigned char* keyDer, unsigned int keySz,
1183 void* ctx);
1184WOLFSSL_API void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX*, CallbackEccSign);
1185WOLFSSL_API void wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx);
1186WOLFSSL_API void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl);
1187
1188typedef int (*CallbackEccVerify)(WOLFSSL* ssl,
1189 const unsigned char* sig, unsigned int sigSz,
1190 const unsigned char* hash, unsigned int hashSz,
1191 const unsigned char* keyDer, unsigned int keySz,
1192 int* result, void* ctx);
1193WOLFSSL_API void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX*, CallbackEccVerify);
1194WOLFSSL_API void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx);
1195WOLFSSL_API void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl);
1196
1197typedef int (*CallbackRsaSign)(WOLFSSL* ssl,
1198 const unsigned char* in, unsigned int inSz,
1199 unsigned char* out, unsigned int* outSz,
1200 const unsigned char* keyDer, unsigned int keySz,
1201 void* ctx);
1202WOLFSSL_API void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX*, CallbackRsaSign);
1203WOLFSSL_API void wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx);
1204WOLFSSL_API void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl);
1205
1206typedef int (*CallbackRsaVerify)(WOLFSSL* ssl,
1207 unsigned char* sig, unsigned int sigSz,
1208 unsigned char** out,
1209 const unsigned char* keyDer, unsigned int keySz,
1210 void* ctx);
1211WOLFSSL_API void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX*, CallbackRsaVerify);
1212WOLFSSL_API void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx);
1213WOLFSSL_API void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl);
1214
1215/* RSA Public Encrypt cb */
1216typedef int (*CallbackRsaEnc)(WOLFSSL* ssl,
1217 const unsigned char* in, unsigned int inSz,
1218 unsigned char* out, unsigned int* outSz,
1219 const unsigned char* keyDer, unsigned int keySz,
1220 void* ctx);
1221WOLFSSL_API void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX*, CallbackRsaEnc);
1222WOLFSSL_API void wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx);
1223WOLFSSL_API void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl);
1224
1225/* RSA Private Decrypt cb */
1226typedef int (*CallbackRsaDec)(WOLFSSL* ssl,
1227 unsigned char* in, unsigned int inSz,
1228 unsigned char** out,
1229 const unsigned char* keyDer, unsigned int keySz,
1230 void* ctx);
1231WOLFSSL_API void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX*, CallbackRsaDec);
1232WOLFSSL_API void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx);
1233WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
1234
1235
1236#ifndef NO_CERTS
1237 WOLFSSL_API void wolfSSL_CTX_SetCACb(WOLFSSL_CTX*, CallbackCACache);
1238
1239 WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void);
1240 WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*);
1241
1242 WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER*, const char* f,
1243 const char* d);
1244 WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER*,
1245 const unsigned char* in, long sz, int format);
1246 WOLFSSL_API int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
1247 WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER*, const char* f,
1248 int format);
1249 WOLFSSL_API int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
1250 const unsigned char* buff, long sz, int format);
1251 WOLFSSL_API int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER*,
1252 unsigned char*, int sz);
1253 WOLFSSL_API int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER*,
1254 int options);
1255 WOLFSSL_API int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER*);
1256 WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER*,
1257 const char*, int, int);
1258 WOLFSSL_API int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER*,
1259 const unsigned char*, long sz, int);
1260 WOLFSSL_API int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER*,
1261 CbMissingCRL);
1262 WOLFSSL_API int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER*,
1263 unsigned char*, int sz);
1264 WOLFSSL_API int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER*,
1265 int options);
1266 WOLFSSL_API int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER*);
1267 WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER*,
1268 const char*);
1269 WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER*,
1270 CbOCSPIO, CbOCSPRespFree, void*);
1271
1272 WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options);
1273 WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl);
1274 WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int);
1275 WOLFSSL_API int wolfSSL_SetCRL_Cb(WOLFSSL*, CbMissingCRL);
1276 WOLFSSL_API int wolfSSL_EnableOCSP(WOLFSSL*, int options);
1277 WOLFSSL_API int wolfSSL_DisableOCSP(WOLFSSL*);
1278 WOLFSSL_API int wolfSSL_SetOCSP_OverrideURL(WOLFSSL*, const char*);
1279 WOLFSSL_API int wolfSSL_SetOCSP_Cb(WOLFSSL*, CbOCSPIO, CbOCSPRespFree, void*);
1280
1281 WOLFSSL_API int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options);
1282 WOLFSSL_API int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx);
1283 WOLFSSL_API int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX*, const char*, int, int);
1284 WOLFSSL_API int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX*, CbMissingCRL);
1285 WOLFSSL_API int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX*, int options);
1286 WOLFSSL_API int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*);
1287 WOLFSSL_API int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX*, const char*);
1288 WOLFSSL_API int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX*,
1289 CbOCSPIO, CbOCSPRespFree, void*);
1290#endif /* !NO_CERTS */
1291
1292/* end of handshake frees temporary arrays, if user needs for get_keys or
1293 psk hints, call KeepArrays before handshake and then FreeArrays when done
1294 if don't want to wait for object free */
1295WOLFSSL_API void wolfSSL_KeepArrays(WOLFSSL*);
1296WOLFSSL_API void wolfSSL_FreeArrays(WOLFSSL*);
1297
1298
1299/* cavium additions */
1300WOLFSSL_API int wolfSSL_UseCavium(WOLFSSL*, int devId);
1301WOLFSSL_API int wolfSSL_CTX_UseCavium(WOLFSSL_CTX*, int devId);
1302
1303/* TLS Extensions */
1304
1305/* Server Name Indication */
1306#ifdef HAVE_SNI
1307
1308/* SNI types */
1309enum {
1310 WOLFSSL_SNI_HOST_NAME = 0
1311};
1312
1313WOLFSSL_API int wolfSSL_UseSNI(WOLFSSL* ssl, unsigned char type,
1314 const void* data, unsigned short size);
1315WOLFSSL_API int wolfSSL_CTX_UseSNI(WOLFSSL_CTX* ctx, unsigned char type,
1316 const void* data, unsigned short size);
1317
1318#ifndef NO_WOLFSSL_SERVER
1319
1320/* SNI options */
1321enum {
1322 /* Do not abort the handshake if the requested SNI didn't match. */
1323 WOLFSSL_SNI_CONTINUE_ON_MISMATCH = 0x01,
1324
1325 /* Behave as if the requested SNI matched in a case of missmatch. */
1326 /* In this case, the status will be set to WOLFSSL_SNI_FAKE_MATCH. */
1327 WOLFSSL_SNI_ANSWER_ON_MISMATCH = 0x02,
1328
1329 /* Abort the handshake if the client didn't send a SNI request. */
1330 WOLFSSL_SNI_ABORT_ON_ABSENCE = 0x04,
1331};
1332
1333WOLFSSL_API void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, unsigned char type,
1334 unsigned char options);
1335WOLFSSL_API void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx,
1336 unsigned char type, unsigned char options);
1337
1338/* SNI status */
1339enum {
1340 WOLFSSL_SNI_NO_MATCH = 0,
1341 WOLFSSL_SNI_FAKE_MATCH = 1, /**< @see WOLFSSL_SNI_ANSWER_ON_MISMATCH */
1342 WOLFSSL_SNI_REAL_MATCH = 2,
1343 WOLFSSL_SNI_FORCE_KEEP = 3 /** Used with -DWOLFSSL_ALWAYS_KEEP_SNI */
1344};
1345
1346WOLFSSL_API unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type);
1347
1348WOLFSSL_API unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl,
1349 unsigned char type, void** data);
1350WOLFSSL_API int wolfSSL_SNI_GetFromBuffer(
1351 const unsigned char* clientHello, unsigned int helloSz,
1352 unsigned char type, unsigned char* sni, unsigned int* inOutSz);
1353
1354#endif
1355#endif
1356
1357/* Application-Layer Protocol Name */
1358#ifdef HAVE_ALPN
1359
1360/* ALPN status code */
1361enum {
1362 WOLFSSL_ALPN_NO_MATCH = 0,
1363 WOLFSSL_ALPN_MATCH = 1,
1364 WOLFSSL_ALPN_CONTINUE_ON_MISMATCH = 2,
1365 WOLFSSL_ALPN_FAILED_ON_MISMATCH = 4,
1366};
1367
1368enum {
1369 WOLFSSL_MAX_ALPN_PROTO_NAME_LEN = 255,
1370 WOLFSSL_MAX_ALPN_NUMBER = 257
1371};
1372
1373WOLFSSL_API int wolfSSL_UseALPN(WOLFSSL* ssl, char *protocol_name_list,
1374 unsigned int protocol_name_listSz,
1375 unsigned char options);
1376
1377WOLFSSL_API int wolfSSL_ALPN_GetProtocol(WOLFSSL* ssl, char **protocol_name,
1378 unsigned short *size);
1379
1380WOLFSSL_API int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL* ssl, char **list,
1381 unsigned short *listSz);
1382#endif /* HAVE_ALPN */
1383
1384/* Maximum Fragment Length */
1385#ifdef HAVE_MAX_FRAGMENT
1386
1387/* Fragment lengths */
1388enum {
1389 WOLFSSL_MFL_2_9 = 1, /* 512 bytes */
1390 WOLFSSL_MFL_2_10 = 2, /* 1024 bytes */
1391 WOLFSSL_MFL_2_11 = 3, /* 2048 bytes */
1392 WOLFSSL_MFL_2_12 = 4, /* 4096 bytes */
1393 WOLFSSL_MFL_2_13 = 5 /* 8192 bytes *//* wolfSSL ONLY!!! */
1394};
1395
1396#ifndef NO_WOLFSSL_CLIENT
1397
1398WOLFSSL_API int wolfSSL_UseMaxFragment(WOLFSSL* ssl, unsigned char mfl);
1399WOLFSSL_API int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX* ctx, unsigned char mfl);
1400
1401#endif
1402#endif
1403
1404/* Truncated HMAC */
1405#ifdef HAVE_TRUNCATED_HMAC
1406#ifndef NO_WOLFSSL_CLIENT
1407
1408WOLFSSL_API int wolfSSL_UseTruncatedHMAC(WOLFSSL* ssl);
1409WOLFSSL_API int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx);
1410
1411#endif
1412#endif
1413
1414/* Elliptic Curves */
1415enum {
1416 WOLFSSL_ECC_SECP160R1 = 0x10,
1417 WOLFSSL_ECC_SECP192R1 = 0x13,
1418 WOLFSSL_ECC_SECP224R1 = 0x15,
1419 WOLFSSL_ECC_SECP256R1 = 0x17,
1420 WOLFSSL_ECC_SECP384R1 = 0x18,
1421 WOLFSSL_ECC_SECP521R1 = 0x19
1422};
1423
1424#ifdef HAVE_SUPPORTED_CURVES
1425#ifndef NO_WOLFSSL_CLIENT
1426
1427WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, unsigned short name);
1428WOLFSSL_API int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx,
1429 unsigned short name);
1430
1431#endif
1432#endif
1433
1434
1435/* Secure Renegotiation */
1436#ifdef HAVE_SECURE_RENEGOTIATION
1437
1438WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl);
1439WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL* ssl);
1440
1441#endif
1442
1443/* Session Ticket */
1444#ifdef HAVE_SESSION_TICKET
1445
1446#ifndef NO_WOLFSSL_CLIENT
1447WOLFSSL_API int wolfSSL_UseSessionTicket(WOLFSSL* ssl);
1448WOLFSSL_API int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx);
1449WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL*, unsigned char*, unsigned int*);
1450WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL*, unsigned char*, unsigned int);
1451typedef int (*CallbackSessionTicket)(WOLFSSL*, const unsigned char*, int, void*);
1452WOLFSSL_API int wolfSSL_set_SessionTicket_cb(WOLFSSL*,
1453 CallbackSessionTicket, void*);
1454#endif /* NO_WOLFSSL_CLIENT */
1455
1456#ifndef NO_WOLFSSL_SERVER
1457
1458#define WOLFSSL_TICKET_NAME_SZ 16
1459#define WOLFSSL_TICKET_IV_SZ 16
1460#define WOLFSSL_TICKET_MAC_SZ 32
1461
1462enum TicketEncRet {
1463 WOLFSSL_TICKET_RET_FATAL = -1, /* fatal error, don't use ticket */
1464 WOLFSSL_TICKET_RET_OK = 0, /* ok, use ticket */
1465 WOLFSSL_TICKET_RET_REJECT, /* don't use ticket, but not fatal */
1466 WOLFSSL_TICKET_RET_CREATE /* existing ticket ok and create new one */
1467};
1468
1469typedef int (*SessionTicketEncCb)(WOLFSSL*,
1470 unsigned char key_name[WOLFSSL_TICKET_NAME_SZ],
1471 unsigned char iv[WOLFSSL_TICKET_IV_SZ],
1472 unsigned char mac[WOLFSSL_TICKET_MAC_SZ],
1473 int enc, unsigned char*, int, int*, void*);
1474WOLFSSL_API int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx,
1475 SessionTicketEncCb);
1476WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int);
1477WOLFSSL_API int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*);
1478
1479#endif /* NO_WOLFSSL_SERVER */
1480
1481#endif /* HAVE_SESSION_TICKET */
1482
1483#ifdef HAVE_QSH
1484/* Quantum-safe Crypto Schemes */
1485enum {
1486 WOLFSSL_NTRU_EESS439 = 0x0101, /* max plaintext length of 65 */
1487 WOLFSSL_NTRU_EESS593 = 0x0102, /* max plaintext length of 86 */
1488 WOLFSSL_NTRU_EESS743 = 0x0103, /* max plaintext length of 106 */
1489 WOLFSSL_LWE_XXX = 0x0201, /* Learning With Error encryption scheme */
1490 WOLFSSL_HFE_XXX = 0x0301, /* Hidden Field Equotion scheme */
1491 WOLFSSL_NULL_QSH = 0xFFFF /* QSHScheme is not used */
1492};
1493
1494
1495/* test if the connection is using a QSH secure connection return 1 if so */
1496WOLFSSL_API int wolfSSL_isQSH(WOLFSSL* ssl);
1497WOLFSSL_API int wolfSSL_UseSupportedQSH(WOLFSSL* ssl, unsigned short name);
1498#ifndef NO_WOLFSSL_CLIENT
1499 /* user control over sending client public key in hello
1500 when flag = 1 will send keys if flag is 0 or function is not called
1501 then will not send keys in the hello extension */
1502 WOLFSSL_API int wolfSSL_UseClientQSHKeys(WOLFSSL* ssl, unsigned char flag);
1503#endif
1504#endif
1505
1506#define WOLFSSL_CRL_MONITOR 0x01 /* monitor this dir flag */
1507#define WOLFSSL_CRL_START_MON 0x02 /* start monitoring flag */
1508
1509
1510/* notify user the hanshake is done */
1511typedef int (*HandShakeDoneCb)(WOLFSSL*, void*);
1512WOLFSSL_API int wolfSSL_SetHsDoneCb(WOLFSSL*, HandShakeDoneCb, void*);
1513
1514
1515WOLFSSL_API int wolfSSL_PrintSessionStats(void);
1516WOLFSSL_API int wolfSSL_get_session_stats(unsigned int* active,
1517 unsigned int* total,
1518 unsigned int* peak,
1519 unsigned int* maxSessions);
1520/* External facing KDF */
1521WOLFSSL_API
1522int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, unsigned int msLen,
1523 const unsigned char* pms, unsigned int pmsLen,
1524 const unsigned char* cr, const unsigned char* sr,
1525 int tls1_2, int hash_type);
1526
1527WOLFSSL_API
1528int wolfSSL_DeriveTlsKeys(unsigned char* key_data, unsigned int keyLen,
1529 const unsigned char* ms, unsigned int msLen,
1530 const unsigned char* sr, const unsigned char* cr,
1531 int tls1_2, int hash_type);
1532
1533#ifdef WOLFSSL_CALLBACKS
1534
1535/* used internally by wolfSSL while OpenSSL types aren't */
1536#include <wolfssl/callbacks.h>
1537
1538typedef int (*HandShakeCallBack)(HandShakeInfo*);
1539typedef int (*TimeoutCallBack)(TimeoutInfo*);
1540
1541/* wolfSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack
1542 for diagnostics */
1543WOLFSSL_API int wolfSSL_connect_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
1544 Timeval);
1545WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
1546 Timeval);
1547
1548#endif /* WOLFSSL_CALLBACKS */
1549
1550
1551#ifdef WOLFSSL_HAVE_WOLFSCEP
1552 WOLFSSL_API void wolfSSL_wolfSCEP(void);
1553#endif /* WOLFSSL_HAVE_WOLFSCEP */
1554
1555#ifdef WOLFSSL_HAVE_CERT_SERVICE
1556 WOLFSSL_API void wolfSSL_cert_service(void);
1557#endif
1558
1559
1560#ifdef OPENSSL_EXTRA /*lighttp compatibility */
1561#ifdef HAVE_LIGHTY
1562
1563typedef struct WOLFSSL_X509_NAME_ENTRY {
1564 WOLFSSL_ASN1_OBJECT* object;
1565 WOLFSSL_ASN1_STRING* value;
1566 int set;
1567 int size;
1568} WOLFSSL_X509_NAME_ENTRY;
1569
1570
1571#include <wolfssl/openssl/dh.h>
1572#include <wolfssl/openssl/asn1.h>
1573
1574WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name);
1575WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x);
1576WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey);
1577WOLFSSL_API int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name);
1578WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_file(void);
1579/* These are to be merged shortly */
1580WOLFSSL_API const char * wolf_OBJ_nid2sn(int n);
1581WOLFSSL_API int wolf_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o);
1582WOLFSSL_API int wolf_OBJ_sn2nid(const char *sn);
1583WOLFSSL_API WOLFSSL_X509 *PEM_read_bio_WOLFSSL_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u);
1584WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth);
1585WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl);
1586WOLFSSL_API void wolfSSL_set_app_data(WOLFSSL *ssl, void *arg);
1587WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne);
1588WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc);
1589WOLFSSL_API void wolfSSL_sk_X509_NAME_pop_free(STACK_OF(WOLFSSL_X509_NAME)* sk, void f (WOLFSSL_X509_NAME*));
1590WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md);
1591WOLFSSL_API int wolfSSL_X509_check_private_key(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*);
1592WOLFSSL_API STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( STACK_OF(WOLFSSL_X509_NAME) *sk );
1593
1594/* end lighttpd*/
1595#endif
1596#endif
1597
1598#if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY)
1599
1600WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode);
1601WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*);
1602WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp,
1603 WOLFSSL_DH **x, pem_password_cb *cb, void *u);
1604WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x);
1605
1606
1607#endif /* HAVE_STUNNEL || HAVE_LIGHTY */
1608
1609
1610#ifdef HAVE_STUNNEL
1611
1612#include <wolfssl/openssl/crypto.h>
1613
1614/* SNI received callback type */
1615typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg);
1616
1617WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
1618 void *(*r) (void *, size_t, const char *, int), void (*f) (void *));
1619
1620WOLFSSL_API WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator,
1621 void (*callback) (int, int, void *), void *cb_arg);
1622
1623WOLFSSL_API void wolfSSL_ERR_load_crypto_strings(void);
1624
1625WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error(void);
1626
1627WOLFSSL_API int wolfSSL_FIPS_mode(void);
1628
1629WOLFSSL_API int wolfSSL_FIPS_mode_set(int r);
1630
1631WOLFSSL_API int wolfSSL_RAND_set_rand_method(const void *meth);
1632
1633WOLFSSL_API int wolfSSL_CIPHER_get_bits(const WOLFSSL_CIPHER *c, int *alg_bits);
1634
1635WOLFSSL_API int wolfSSL_sk_X509_NAME_num(const STACK_OF(WOLFSSL_X509_NAME) *s);
1636
1637WOLFSSL_API int wolfSSL_sk_X509_num(const STACK_OF(WOLFSSL_X509) *s);
1638
1639WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,
1640 unsigned long);
1641
1642WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(
1643 const WOLFSSL_X509*);
1644
1645WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*);
1646
1647WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl);
1648
1649WOLFSSL_API int wolfSSL_version(WOLFSSL*);
1650
1651WOLFSSL_API int wolfSSL_get_state(const WOLFSSL*);
1652
1653WOLFSSL_API void* wolfSSL_sk_X509_NAME_value(STACK_OF(WOLFSSL_X509_NAME)*, int);
1654
1655WOLFSSL_API void* wolfSSL_sk_X509_value(STACK_OF(WOLFSSL_X509)*, int);
1656
1657WOLFSSL_API STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*);
1658
1659WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx);
1660
1661WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int);
1662
1663WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*);
1664
1665WOLFSSL_API int wolfSSL_SESSION_get_ex_new_index(long,void*,void*,void*,
1666 CRYPTO_free_func*);
1667
1668WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*);
1669
1670
1671WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*,
1672 unsigned int*);
1673
1674WOLFSSL_API int wolfSSL_set_tlsext_host_name(WOLFSSL *, const char *);
1675
1676WOLFSSL_API const char* wolfSSL_get_servername(WOLFSSL *, unsigned char);
1677
1678WOLFSSL_API WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL*,WOLFSSL_CTX*);
1679
1680WOLFSSL_API VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX*);
1681
1682WOLFSSL_API int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx);
1683
1684WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *,
1685 CallbackSniRecv);
1686
1687WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*);
1688#endif /* HAVE_STUNNEL */
1689
1690#ifdef WOLFSSL_JNI
1691WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
1692WOLFSSL_API void* wolfSSL_get_jobject(WOLFSSL* ssl);
1693#endif /* WOLFSSL_JNI */
1694
1695#ifdef __cplusplus
1696 } /* extern "C" */
1697#endif
1698
1699
1700#endif /* WOLFSSL_SSL_H */
Note: See TracBrowser for help on using the repository browser.