Changeset 372 for asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src
- Timestamp:
- Feb 7, 2019, 8:36:33 AM (5 years ago)
- Location:
- asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src
- Files:
-
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src/crl.c
r337 r372 50 50 { 51 51 WOLFSSL_ENTER("InitCRL"); 52 52 if(cm != NULL) 53 53 crl->heap = cm->heap; 54 else 55 crl->heap = NULL; 54 56 crl->cm = cm; 55 57 crl->crlList = NULL; … … 154 156 155 157 WOLFSSL_ENTER("FreeCRL"); 156 157 158 if (crl->monitors[0].path) 158 159 XFREE(crl->monitors[0].path, crl->heap, DYNAMIC_TYPE_CRL_MONITOR); … … 248 249 #endif /* NO_SKID */ 249 250 if (ca == NULL) { 251 XFREE(sig, crl->heap, DYNAMIC_TYPE_CRL_ENTRY); 252 XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY); 250 253 WOLFSSL_MSG("Did NOT find CRL issuer CA"); 251 254 return ASN_CRL_NO_SIGNER_E; … … 301 304 if (doNextDate) { 302 305 #ifndef NO_ASN_TIME 303 if (! ValidateDate(crle->nextDate,crle->nextDateFormat, AFTER)) {306 if (!XVALIDATE_DATE(crle->nextDate,crle->nextDateFormat, AFTER)) { 304 307 WOLFSSL_MSG("CRL next date is no longer valid"); 305 308 ret = ASN_AFTER_DATE_E; … … 372 375 WOLFSSL_MSG("Issuing missing CRL callback"); 373 376 url[0] = '\0'; 377 if (cert->extCrlInfo) { 374 378 if (cert->extCrlInfoSz < (int)sizeof(url) -1 ) { 375 379 XMEMCPY(url, cert->extCrlInfo, cert->extCrlInfoSz); … … 378 382 else { 379 383 WOLFSSL_MSG("CRL url too long"); 384 } 380 385 } 381 386 … … 441 446 442 447 if (type == WOLFSSL_FILETYPE_PEM) { 443 int eccKey = 0; /* not used */ 444 EncryptedInfo info; 445 info.ctx = NULL; 446 447 ret = PemToDer(buff, sz, CRL_TYPE, &der, NULL, &info, &eccKey); 448 #ifdef WOLFSSL_PEM_TO_DER 449 ret = PemToDer(buff, sz, CRL_TYPE, &der, NULL, NULL, NULL); 448 450 if (ret == 0) { 449 451 myBuffer = der->buffer; … … 455 457 return -1; 456 458 } 459 #else 460 ret = NOT_COMPILED_IN; 461 #endif 457 462 } 458 463 … … 488 493 } 489 494 495 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) 496 int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newcrl) 497 { 498 CRL_Entry *crle; 499 WOLFSSL_CRL *crl; 500 501 WOLFSSL_ENTER("wolfSSL_X509_STORE_add_crl"); 502 if (store == NULL || newcrl == NULL) 503 return BAD_FUNC_ARG; 504 505 crl = store->crl; 506 crle = newcrl->crlList; 507 508 if (wc_LockMutex(&crl->crlLock) != 0) 509 { 510 WOLFSSL_MSG("wc_LockMutex failed"); 511 return BAD_MUTEX_E; 512 } 513 crle->next = crl->crlList; 514 crl->crlList = crle; 515 newcrl->crlList = NULL; 516 wc_UnLockMutex(&crl->crlLock); 517 518 WOLFSSL_LEAVE("wolfSSL_X509_STORE_add_crl", WOLFSSL_SUCCESS); 519 520 return WOLFSSL_SUCCESS; 521 } 522 #endif 490 523 491 524 #ifdef HAVE_CRL_MONITOR … … 739 772 740 773 #ifndef max 741 static INLINE int max(int a, int b)774 static WC_INLINE int max(int a, int b) 742 775 { 743 776 return a > b ? a : b; … … 1013 1046 pathBuf = (char*)XMALLOC(pathLen+1, crl->heap,DYNAMIC_TYPE_CRL_MONITOR); 1014 1047 if (pathBuf) { 1015 XSTRNCPY(pathBuf, path, pathLen); 1016 pathBuf[pathLen] = '\0'; /* Null Terminate */ 1048 XSTRNCPY(pathBuf, path, pathLen+1); 1017 1049 1018 1050 if (type == WOLFSSL_FILETYPE_PEM) { -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src/internal.c
r364 r372 28 28 #include <wolfssl/wolfcrypt/settings.h> 29 29 30 /* 31 * WOLFSSL_SMALL_CERT_VERIFY: 32 * Verify the certificate signature without using DecodedCert. Doubles up 33 * on some code but allows smaller dynamic memory usage. 34 */ 35 30 36 #ifndef WOLFCRYPT_ONLY 31 37 … … 39 45 #define WOLFSSL_MISC_INCLUDED 40 46 #include <wolfcrypt/src/misc.c> 47 #endif 48 #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA) 49 #include <wolfssl/wolfcrypt/srp.h> 41 50 #endif 42 51 … … 82 91 #error Cannot use both secure-renegotiation and renegotiation-indication 83 92 #endif 93 94 #ifndef WOLFSSL_NO_TLS12 84 95 85 96 #ifndef NO_WOLFSSL_CLIENT … … 101 112 #ifndef NO_WOLFSSL_SERVER 102 113 static int DoClientKeyExchange(WOLFSSL* ssl, byte* input, word32*, word32); 103 #if !defined(NO_RSA) || defined(HAVE_ECC) 114 #if (!defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519)) && \ 115 !defined(WOLFSSL_NO_CLIENT_AUTH) 104 116 static int DoCertificateVerify(WOLFSSL* ssl, byte*, word32*, word32); 105 117 #endif … … 109 121 #endif 110 122 123 #endif /* !WOLFSSL_NO_TLS12 */ 111 124 112 125 #ifdef WOLFSSL_DTLS 113 static INLINE int DtlsCheckWindow(WOLFSSL* ssl);114 static INLINE int DtlsUpdateWindow(WOLFSSL* ssl);126 static WC_INLINE int DtlsCheckWindow(WOLFSSL* ssl); 127 static WC_INLINE int DtlsUpdateWindow(WOLFSSL* ssl); 115 128 #endif 116 129 … … 129 142 130 143 144 #ifndef WOLFSSL_NO_TLS12 145 #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT) 146 131 147 /* Server random bytes for TLS v1.3 described downgrade protection mechanism. */ 132 148 static const byte tls13Downgrade[7] = { … … 135 151 #define TLS13_DOWNGRADE_SZ sizeof(tls13Downgrade) 136 152 137 138 #ifndef NO_OLD_TLS 153 #endif /* !NO_WOLFSSL_SERVER || !NO_WOLFSSL_CLIENT */ 154 155 #if !defined(NO_OLD_TLS) && !defined(WOLFSSL_AEAD_ONLY) 139 156 static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, 140 int content, int verify); 141 142 #endif 157 int padSz, int content, int verify); 158 159 #endif 160 161 #endif /* !WOLFSSL_NO_TLS12 */ 143 162 144 163 #ifdef HAVE_QSH … … 160 179 if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_2_MINOR) 161 180 return 1; 181 #ifdef WOLFSSL_DTLS 162 182 if (ssl->version.major == DTLS_MAJOR && ssl->version.minor <= DTLSv1_2_MINOR) 163 183 return 1; 184 #endif 164 185 165 186 return 0; … … 171 192 } 172 193 173 174 static INLINE int IsEncryptionOn(WOLFSSL* ssl, int isSend) 194 static WC_INLINE int IsEncryptionOn(WOLFSSL* ssl, int isSend) 175 195 { 176 196 (void)isSend; … … 186 206 187 207 208 #if defined(WOLFSSL_DTLS) || !defined(WOLFSSL_NO_TLS12) 188 209 /* If SCTP is not enabled returns the state of the dtls option. 189 210 * If SCTP is enabled returns dtls && !sctp. */ 190 static INLINE int IsDtlsNotSctpMode(WOLFSSL* ssl)211 static WC_INLINE int IsDtlsNotSctpMode(WOLFSSL* ssl) 191 212 { 192 213 int result = ssl->options.dtls; … … 200 221 return result; 201 222 } 223 #endif /* DTLS || !WOLFSSL_NO_TLS12 */ 202 224 203 225 … … 524 546 #endif 525 547 exp[idx++] = sz; 548 #ifndef WOLFSSL_AEAD_ONLY 526 549 XMEMCPY(exp + idx, keys->client_write_MAC_secret, sz); idx += sz; 527 550 XMEMCPY(exp + idx, keys->server_write_MAC_secret, sz); idx += sz; 551 #else 552 XMEMSET(exp + idx, 0, sz); idx += sz; 553 XMEMSET(exp + idx, 0, sz); idx += sz; 554 #endif 528 555 529 556 sz = ssl->specs.key_size; … … 682 709 #endif 683 710 sz = exp[idx++]; 684 if (sz > MAX_DIGEST_SIZE || sz + idx > len) { 711 #ifndef WOLFSSL_AEAD_ONLY 712 if (sz > sizeof(keys->client_write_MAC_secret) || sz + idx > len) { 685 713 return BUFFER_E; 686 714 } 687 715 XMEMCPY(keys->client_write_MAC_secret, exp + idx, sz); idx += sz; 688 716 XMEMCPY(keys->server_write_MAC_secret, exp + idx, sz); idx += sz; 717 #else 718 if (sz + idx > len) { 719 return BUFFER_E; 720 } 721 idx += sz; idx += sz; 722 #endif 689 723 690 724 sz = exp[idx++]; 691 if (sz > AES_256_KEY_SIZE|| sz + idx > len) {725 if (sz > sizeof(keys->client_write_key) || sz + idx > len) { 692 726 return BUFFER_E; 693 727 } … … 696 730 697 731 sz = exp[idx++]; 698 if (sz > MAX_WRITE_IV_SZ|| sz + idx > len) {732 if (sz > sizeof(keys->client_write_IV) || sz + idx > len) { 699 733 return BUFFER_E; 700 734 } … … 705 739 706 740 sz = exp[idx++]; 707 if (sz > AEAD_MAX_IMP_SZ|| sz + idx > len) {741 if (sz > sizeof(keys->aead_enc_imp_IV) || sz + idx > len) { 708 742 return BUFFER_E; 709 743 } … … 741 775 #ifndef NO_DH 742 776 c16toa(options->minDhKeySz, exp + idx); idx += OPAQUE16_LEN; 777 c16toa(options->maxDhKeySz, exp + idx); idx += OPAQUE16_LEN; 743 778 c16toa(options->dhKeySz, exp + idx); idx += OPAQUE16_LEN; 744 779 #else 780 c16toa(zero, exp + idx); idx += OPAQUE16_LEN; 745 781 c16toa(zero, exp + idx); idx += OPAQUE16_LEN; 746 782 c16toa(zero, exp + idx); idx += OPAQUE16_LEN; … … 904 940 #ifndef NO_DH 905 941 ato16(exp + idx, &(options->minDhKeySz)); idx += OPAQUE16_LEN; 942 ato16(exp + idx, &(options->maxDhKeySz)); idx += OPAQUE16_LEN; 906 943 ato16(exp + idx, &(options->dhKeySz)); idx += OPAQUE16_LEN; 907 944 #else 945 idx += OPAQUE16_LEN; 908 946 idx += OPAQUE16_LEN; 909 947 idx += OPAQUE16_LEN; … … 1312 1350 } 1313 1351 1314 /* do not allow stream ciphers with DTLS */ 1315 if (ssl->specs.cipher_type == stream) { 1352 /* do not allow stream ciphers with DTLS, except for NULL cipher */ 1353 if (ssl->specs.cipher_type == stream && 1354 ssl->specs.bulk_cipher_algorithm != wolfssl_cipher_null) { 1316 1355 WOLFSSL_MSG("Can not import stream ciphers for DTLS"); 1317 1356 return SANITY_CIPHER_E; … … 1331 1370 } 1332 1371 1372 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) 1373 int InitSSL_Side(WOLFSSL* ssl, word16 side) 1374 { 1375 if (ssl == NULL) 1376 return BAD_FUNC_ARG; 1377 1378 /* set side */ 1379 ssl->options.side = side; 1380 1381 /* reset options that are side specific */ 1382 #ifdef HAVE_NTRU 1383 if (ssl->options.side == WOLFSSL_CLIENT_END) { 1384 ssl->options.haveNTRU = 1; /* always on client side */ 1385 /* server can turn on by loading key */ 1386 } 1387 #endif 1388 #ifdef HAVE_ECC 1389 if (ssl->options.side == WOLFSSL_CLIENT_END) { 1390 ssl->options.haveECDSAsig = 1; /* always on client side */ 1391 ssl->options.haveECC = 1; /* server turns on with ECC key cert */ 1392 ssl->options.haveStaticECC = 1; /* server can turn on by loading key */ 1393 } 1394 #elif defined(HAVE_ED25519) 1395 if (ssl->options.side == WOLFSSL_CLIENT_END) { 1396 ssl->options.haveECDSAsig = 1; /* always on client side */ 1397 ssl->options.haveECC = 1; /* server turns on with ECC key cert */ 1398 } 1399 #endif 1400 1401 #if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT) 1402 if (ssl->options.side == WOLFSSL_CLIENT_END) { 1403 if ((ssl->ctx->method->version.major == SSLv3_MAJOR) && 1404 (ssl->ctx->method->version.minor >= TLSv1_MINOR)) { 1405 ssl->options.haveEMS = 1; 1406 } 1407 #ifdef WOLFSSL_DTLS 1408 if (ssl->ctx->method->version.major == DTLS_MAJOR) 1409 ssl->options.haveEMS = 1; 1410 #endif /* WOLFSSL_DTLS */ 1411 } 1412 #endif /* HAVE_EXTENDED_MASTER && !NO_WOLFSSL_CLIENT */ 1413 1414 return InitSSL_Suites(ssl); 1415 } 1416 #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ 1333 1417 1334 1418 /* Initialize SSL context, return 0 on success */ … … 1343 1427 ctx->heap = ctx; /* defaults to self */ 1344 1428 ctx->timeout = WOLFSSL_SESSION_TIMEOUT; 1345 ctx->minDowngrade = TLSv1_MINOR; /* current default*/1429 ctx->minDowngrade = WOLFSSL_MIN_DOWNGRADE; /* current default: TLSv1_MINOR */ 1346 1430 1347 1431 if (wc_InitMutex(&ctx->countMutex) < 0) { … … 1353 1437 #ifndef NO_DH 1354 1438 ctx->minDhKeySz = MIN_DHKEY_SZ; 1439 ctx->maxDhKeySz = MAX_DHKEY_SZ; 1355 1440 #endif 1356 1441 #ifndef NO_RSA … … 1363 1448 #ifdef OPENSSL_EXTRA 1364 1449 ctx->verifyDepth = MAX_CHAIN_DEPTH; 1450 ctx->cbioFlag = WOLFSSL_CBIO_NONE; 1365 1451 #endif 1366 1452 … … 1378 1464 #endif 1379 1465 #endif 1466 #elif defined WOLFSSL_UIP 1467 ctx->CBIORecv = uIPReceive; 1468 ctx->CBIOSend = uIPSend; 1469 #ifdef WOLFSSL_DTLS 1470 if (method->version.major == DTLS_MAJOR) { 1471 ctx->CBIOSendTo = uIPSendTo; 1472 ctx->CBIORecvFrom = uIPRecvFrom; 1473 } 1474 #endif 1380 1475 #else 1381 1476 ctx->CBIORecv = EmbedReceive; … … 1397 1492 ctx->CBIORecv = NetX_Receive; 1398 1493 ctx->CBIOSend = NetX_Send; 1494 #elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) 1495 ctx->CBIORecv = Mynewt_Receive; 1496 ctx->CBIOSend = Mynewt_Send; 1399 1497 #endif 1400 1498 1401 1499 #ifdef HAVE_NTRU 1402 1500 if (method->side == WOLFSSL_CLIENT_END) 1403 ctx->haveNTRU = 1; /* always on clie t side */1501 ctx->haveNTRU = 1; /* always on client side */ 1404 1502 /* server can turn on by loading key */ 1405 1503 #endif 1406 1504 #ifdef HAVE_ECC 1407 1505 if (method->side == WOLFSSL_CLIENT_END) { 1408 ctx->haveECDSAsig = 1; /* always on clie t side */1506 ctx->haveECDSAsig = 1; /* always on client side */ 1409 1507 ctx->haveECC = 1; /* server turns on with ECC key cert */ 1410 1508 ctx->haveStaticECC = 1; /* server can turn on by loading key */ 1509 } 1510 #elif defined(HAVE_ED25519) 1511 if (method->side == WOLFSSL_CLIENT_END) { 1512 ctx->haveECDSAsig = 1; /* always on client side */ 1513 ctx->haveECC = 1; /* server turns on with ECC key cert */ 1411 1514 } 1412 1515 #endif … … 1457 1560 1458 1561 ctx->heap = heap; /* wolfSSL_CTX_load_static_memory sets */ 1562 ctx->verifyDepth = MAX_CHAIN_DEPTH; 1459 1563 1460 1564 return ret; … … 1474 1578 1475 1579 XFREE(ctx->method, ctx->heap, DYNAMIC_TYPE_METHOD); 1476 if (ctx->suites) 1580 ctx->method = NULL; 1581 if (ctx->suites) { 1477 1582 XFREE(ctx->suites, ctx->heap, DYNAMIC_TYPE_SUITES); 1583 ctx->suites = NULL; 1584 } 1478 1585 1479 1586 #ifndef NO_DH 1480 1587 XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); 1588 ctx->serverDH_G.buffer = NULL; 1481 1589 XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); 1590 ctx->serverDH_P.buffer = NULL; 1482 1591 #endif /* !NO_DH */ 1483 1592 … … 1486 1595 wc_FreeRng(ctx->rng); 1487 1596 XFREE(ctx->rng, ctx->heap, DYNAMIC_TYPE_RNG); 1597 ctx->rng = NULL; 1488 1598 } 1489 1599 #endif /* SINGLE_THREADED */ … … 1496 1606 FreeX509(ctx->ourCert); 1497 1607 XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509); 1608 ctx->ourCert = NULL; 1498 1609 } 1499 1610 #endif /* KEEP_OUR_CERT */ 1500 1611 FreeDer(&ctx->certChain); 1501 1612 wolfSSL_CertManagerFree(ctx->cm); 1613 ctx->cm = NULL; 1502 1614 #ifdef OPENSSL_EXTRA 1615 /* ctx->cm was free'd so cm of x509 store should now be NULL */ 1616 if (ctx->x509_store_pt != NULL) { 1617 ctx->x509_store_pt->cm = NULL; 1618 } 1619 wolfSSL_X509_STORE_free(ctx->x509_store_pt); 1503 1620 while (ctx->ca_names != NULL) { 1504 1621 WOLFSSL_STACK *next = ctx->ca_names->next; 1505 1622 wolfSSL_X509_NAME_free(ctx->ca_names->data.name); 1506 XFREE(ctx->ca_names->data.name, NULL, DYNAMIC_TYPE_OPENSSL);1507 1623 XFREE(ctx->ca_names, NULL, DYNAMIC_TYPE_OPENSSL); 1508 1624 ctx->ca_names = next; 1509 1625 } 1510 1626 #endif 1511 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)1627 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 1512 1628 while (ctx->x509Chain != NULL) { 1513 1629 WOLFSSL_STACK *next = ctx->x509Chain->next; … … 1536 1652 FreeOcspRequest(ctx->chainOcspRequest[i]); 1537 1653 XFREE(ctx->chainOcspRequest[i], ctx->heap, DYNAMIC_TYPE_OCSP_REQUEST); 1654 ctx->chainOcspRequest[i] = NULL; 1538 1655 } 1539 1656 } … … 1542 1659 1543 1660 #endif /* HAVE_TLS_EXTENSIONS */ 1544 1661 #ifdef OPENSSL_EXTRA 1662 if(ctx->alpn_cli_protos) { 1663 XFREE((void *)ctx->alpn_cli_protos, NULL, DYNAMIC_TYPE_OPENSSL); 1664 ctx->alpn_cli_protos = NULL; 1665 } 1666 #endif 1545 1667 #ifdef WOLFSSL_STATIC_MEMORY 1546 1668 if (ctx->heap != NULL) { … … 1622 1744 ssl->decrypt.chacha = NULL; 1623 1745 #endif 1624 #if def HAVE_POLY13051746 #if defined(HAVE_POLY1305) && defined(HAVE_ONE_TIME_AUTH) 1625 1747 ssl->auth.poly1305 = NULL; 1626 1748 #endif … … 1681 1803 XFREE(ssl->decrypt.chacha, ssl->heap, DYNAMIC_TYPE_CIPHER); 1682 1804 #endif 1683 #if def HAVE_POLY13051805 #if defined(HAVE_POLY1305) && defined(HAVE_ONE_TIME_AUTH) 1684 1806 XFREE(ssl->auth.poly1305, ssl->heap, DYNAMIC_TYPE_CIPHER); 1685 1807 #endif … … 1693 1815 void InitCipherSpecs(CipherSpecs* cs) 1694 1816 { 1817 XMEMSET(cs, 0, sizeof(CipherSpecs)); 1818 1695 1819 cs->bulk_cipher_algorithm = INVALID_BYTE; 1696 1820 cs->cipher_type = INVALID_BYTE; … … 1698 1822 cs->kea = INVALID_BYTE; 1699 1823 cs->sig_algo = INVALID_BYTE; 1700 1701 cs->hash_size = 0;1702 cs->static_ecdh = 0;1703 cs->key_size = 0;1704 cs->iv_size = 0;1705 cs->block_size = 0;1706 1824 } 1707 1825 … … 1714 1832 (void)keySz; 1715 1833 1834 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 1716 1835 if (haveECDSAsig) { 1836 #ifdef HAVE_ECC 1717 1837 #ifdef WOLFSSL_SHA512 1718 1838 suites->hashSigAlgo[idx++] = sha512_mac; … … 1732 1852 suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo; 1733 1853 #endif 1854 #endif 1734 1855 #ifdef HAVE_ED25519 1735 1856 suites->hashSigAlgo[idx++] = ED25519_SA_MAJOR; … … 1737 1858 #endif 1738 1859 } 1860 #endif /* HAVE_ECC || HAVE_ED25519 */ 1739 1861 1740 1862 if (haveRSAsig) { … … 1742 1864 if (tls1_2) { 1743 1865 #ifdef WOLFSSL_SHA512 1744 if (keySz >= MIN_RSA_SHA512_PSS_BITS) {1745 1866 suites->hashSigAlgo[idx++] = rsa_pss_sa_algo; 1746 1867 suites->hashSigAlgo[idx++] = sha512_mac; 1747 }1748 1868 #endif 1749 1869 #ifdef WOLFSSL_SHA384 1750 if (keySz >= MIN_RSA_SHA384_PSS_BITS) {1751 1870 suites->hashSigAlgo[idx++] = rsa_pss_sa_algo; 1752 1871 suites->hashSigAlgo[idx++] = sha384_mac; 1753 }1754 1872 #endif 1755 1873 #ifndef NO_SHA256 … … 1778 1896 } 1779 1897 1898 #ifdef HAVE_ANON 1780 1899 if (haveAnon) { 1781 #ifdef HAVE_ANON1782 1900 suites->hashSigAlgo[idx++] = sha_mac; 1783 1901 suites->hashSigAlgo[idx++] = anonymous_sa_algo; 1784 #endif 1785 } 1786 1902 } 1903 #endif 1904 1905 (void)haveAnon; 1906 (void)haveECDSAsig; 1787 1907 suites->hashSigAlgoSz = (word16)idx; 1788 1908 } … … 1810 1930 (void)haveStaticECC; 1811 1931 (void)haveECC; 1932 (void)side; 1933 (void)haveRSA; /* some builds won't read */ 1934 (void)haveRSAsig; /* non ecc builds won't read */ 1812 1935 1813 1936 if (suites == NULL) { … … 1819 1942 return; /* trust user settings, don't override */ 1820 1943 1944 #ifdef WOLFSSL_TLS13 1945 #ifdef BUILD_TLS_AES_128_GCM_SHA256 1946 if (tls1_3) { 1947 suites->suites[idx++] = TLS13_BYTE; 1948 suites->suites[idx++] = TLS_AES_128_GCM_SHA256; 1949 } 1950 #endif 1951 1952 #ifdef BUILD_TLS_AES_256_GCM_SHA384 1953 if (tls1_3) { 1954 suites->suites[idx++] = TLS13_BYTE; 1955 suites->suites[idx++] = TLS_AES_256_GCM_SHA384; 1956 } 1957 #endif 1958 1959 #ifdef BUILD_TLS_CHACHA20_POLY1305_SHA256 1960 if (tls1_3) { 1961 suites->suites[idx++] = TLS13_BYTE; 1962 suites->suites[idx++] = TLS_CHACHA20_POLY1305_SHA256; 1963 } 1964 #endif 1965 1966 #ifdef BUILD_TLS_AES_128_CCM_SHA256 1967 if (tls1_3) { 1968 suites->suites[idx++] = TLS13_BYTE; 1969 suites->suites[idx++] = TLS_AES_128_CCM_SHA256; 1970 } 1971 #endif 1972 1973 #ifdef BUILD_TLS_AES_128_CCM_8_SHA256 1974 if (tls1_3) { 1975 suites->suites[idx++] = TLS13_BYTE; 1976 suites->suites[idx++] = TLS_AES_128_CCM_8_SHA256; 1977 } 1978 #endif 1979 #endif /* WOLFSSL_TLS13 */ 1980 1981 #ifndef WOLFSSL_NO_TLS12 1982 1983 #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_RSA) 1821 1984 if (side == WOLFSSL_SERVER_END && haveStaticECC) { 1822 1985 haveRSA = 0; /* can't do RSA with ECDSA key */ 1823 (void)haveRSA; /* some builds won't read */1824 1986 } 1825 1987 1826 1988 if (side == WOLFSSL_SERVER_END && haveECDSAsig) { 1827 1989 haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */ 1828 (void)haveRSAsig; /* non ecc builds won't read */1829 } 1990 } 1991 #endif /* !NO_WOLFSSL_SERVER */ 1830 1992 1831 1993 #ifdef WOLFSSL_DTLS … … 1842 2004 #ifdef HAVE_RENEGOTIATION_INDICATION 1843 2005 if (side == WOLFSSL_CLIENT_END) { 1844 suites->suites[idx++] = 0;2006 suites->suites[idx++] = CIPHER_BYTE; 1845 2007 suites->suites[idx++] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV; 1846 2008 } … … 1856 2018 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA 1857 2019 if (tls && haveNTRU && haveRSA) { 1858 suites->suites[idx++] = 0;2020 suites->suites[idx++] = CIPHER_BYTE; 1859 2021 suites->suites[idx++] = TLS_NTRU_RSA_WITH_AES_256_CBC_SHA; 1860 2022 } … … 1863 2025 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA 1864 2026 if (tls && haveNTRU && haveRSA) { 1865 suites->suites[idx++] = 0;2027 suites->suites[idx++] = CIPHER_BYTE; 1866 2028 suites->suites[idx++] = TLS_NTRU_RSA_WITH_AES_128_CBC_SHA; 1867 2029 } … … 1870 2032 #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA 1871 2033 if (!dtls && tls && haveNTRU && haveRSA) { 1872 suites->suites[idx++] = 0;2034 suites->suites[idx++] = CIPHER_BYTE; 1873 2035 suites->suites[idx++] = TLS_NTRU_RSA_WITH_RC4_128_SHA; 1874 2036 } … … 1877 2039 #ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA 1878 2040 if (tls && haveNTRU && haveRSA) { 1879 suites->suites[idx++] = 0;2041 suites->suites[idx++] = CIPHER_BYTE; 1880 2042 suites->suites[idx++] = TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA; 1881 2043 } 1882 2044 #endif 1883 1884 #ifdef WOLFSSL_TLS131885 #ifdef BUILD_TLS_AES_128_GCM_SHA2561886 if (tls1_3) {1887 suites->suites[idx++] = TLS13_BYTE;1888 suites->suites[idx++] = TLS_AES_128_GCM_SHA256;1889 }1890 #endif1891 1892 #ifdef BUILD_TLS_AES_256_GCM_SHA3841893 if (tls1_3) {1894 suites->suites[idx++] = TLS13_BYTE;1895 suites->suites[idx++] = TLS_AES_256_GCM_SHA384;1896 }1897 #endif1898 1899 #ifdef BUILD_TLS_CHACHA20_POLY1305_SHA2561900 if (tls1_3) {1901 suites->suites[idx++] = TLS13_BYTE;1902 suites->suites[idx++] = TLS_CHACHA20_POLY1305_SHA256;1903 }1904 #endif1905 1906 #ifdef BUILD_TLS_AES_128_CCM_SHA2561907 if (tls1_3) {1908 suites->suites[idx++] = TLS13_BYTE;1909 suites->suites[idx++] = TLS_AES_128_CCM_SHA256;1910 }1911 #endif1912 1913 #ifdef BUILD_TLS_AES_128_CCM_8_SHA2561914 if (tls1_3) {1915 suites->suites[idx++] = TLS13_BYTE;1916 suites->suites[idx++] = TLS_AES_128_CCM_8_SHA256;1917 }1918 #endif1919 #endif /* WOLFSSL_TLS13 */1920 2045 1921 2046 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 … … 1949 2074 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 1950 2075 if (tls1_2 && haveDH && haveRSA) { 1951 suites->suites[idx++] = 0;2076 suites->suites[idx++] = CIPHER_BYTE; 1952 2077 suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_GCM_SHA384; 1953 2078 } … … 1956 2081 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 1957 2082 if (tls1_2 && haveDH && haveRSA) { 1958 suites->suites[idx++] = 0;2083 suites->suites[idx++] = CIPHER_BYTE; 1959 2084 suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_GCM_SHA256; 1960 2085 } … … 1963 2088 #ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 1964 2089 if (tls1_2 && haveRSA) { 1965 suites->suites[idx++] = 0;2090 suites->suites[idx++] = CIPHER_BYTE; 1966 2091 suites->suites[idx++] = TLS_RSA_WITH_AES_256_GCM_SHA384; 1967 2092 } … … 1970 2095 #ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 1971 2096 if (tls1_2 && haveRSA) { 1972 suites->suites[idx++] = 0;2097 suites->suites[idx++] = CIPHER_BYTE; 1973 2098 suites->suites[idx++] = TLS_RSA_WITH_AES_128_GCM_SHA256; 1974 2099 } … … 2005 2130 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 2006 2131 if (tls1_2 && haveDH && havePSK) { 2007 suites->suites[idx++] = 0;2132 suites->suites[idx++] = CIPHER_BYTE; 2008 2133 suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_GCM_SHA384; 2134 } 2135 #endif 2136 2137 #ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA 2138 if (tls1_2 && haveDH) { 2139 suites->suites[idx++] = CIPHER_BYTE; 2140 suites->suites[idx++] = TLS_DH_anon_WITH_AES_128_CBC_SHA; 2141 } 2142 #endif 2143 2144 #ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 2145 if (tls1_2 && haveDH) { 2146 suites->suites[idx++] = CIPHER_BYTE; 2147 suites->suites[idx++] = TLS_DH_anon_WITH_AES_256_GCM_SHA384; 2009 2148 } 2010 2149 #endif … … 2012 2151 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 2013 2152 if (tls1_2 && haveDH && havePSK) { 2014 suites->suites[idx++] = 0;2153 suites->suites[idx++] = CIPHER_BYTE; 2015 2154 suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_GCM_SHA256; 2016 2155 } … … 2019 2158 #ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 2020 2159 if (tls1_2 && havePSK) { 2021 suites->suites[idx++] = 0;2160 suites->suites[idx++] = CIPHER_BYTE; 2022 2161 suites->suites[idx++] = TLS_PSK_WITH_AES_256_GCM_SHA384; 2023 2162 } … … 2026 2165 #ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 2027 2166 if (tls1_2 && havePSK) { 2028 suites->suites[idx++] = 0;2167 suites->suites[idx++] = CIPHER_BYTE; 2029 2168 suites->suites[idx++] = TLS_PSK_WITH_AES_128_GCM_SHA256; 2030 2169 } … … 2056 2195 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 2057 2196 if (tls && haveDH && haveRSA) { 2058 suites->suites[idx++] = 0;2197 suites->suites[idx++] = CIPHER_BYTE; 2059 2198 suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA; 2060 2199 } … … 2267 2406 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 2268 2407 if (tls && haveDH && haveRSA) { 2269 suites->suites[idx++] = 0;2408 suites->suites[idx++] = CIPHER_BYTE; 2270 2409 suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA256; 2271 2410 } … … 2274 2413 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 2275 2414 if (tls && haveDH && haveRSA) { 2276 suites->suites[idx++] = 0;2415 suites->suites[idx++] = CIPHER_BYTE; 2277 2416 suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256; 2278 2417 } … … 2283 2422 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 2284 2423 if (tls && haveDH && haveRSA) { 2285 suites->suites[idx++] = 0;2424 suites->suites[idx++] = CIPHER_BYTE; 2286 2425 suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA; 2287 2426 } … … 2291 2430 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 2292 2431 if (tls && haveDH && haveRSA) { 2293 suites->suites[idx++] = 0;2432 suites->suites[idx++] = CIPHER_BYTE; 2294 2433 suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA; 2295 2434 } … … 2298 2437 #ifdef BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 2299 2438 if (tls && haveDH && haveRSA) { 2300 suites->suites[idx++] = 0;2439 suites->suites[idx++] = CIPHER_BYTE; 2301 2440 suites->suites[idx++] = TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA; 2302 2441 } … … 2305 2444 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 2306 2445 if (tls && haveRSA) { 2307 suites->suites[idx++] = 0;2446 suites->suites[idx++] = CIPHER_BYTE; 2308 2447 suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_SHA256; 2309 2448 } … … 2312 2451 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 2313 2452 if (tls && haveRSA) { 2314 suites->suites[idx++] = 0;2453 suites->suites[idx++] = CIPHER_BYTE; 2315 2454 suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_SHA256; 2316 2455 } … … 2319 2458 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA 2320 2459 if (tls && haveRSA) { 2321 suites->suites[idx++] = 0;2460 suites->suites[idx++] = CIPHER_BYTE; 2322 2461 suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_SHA; 2323 2462 } … … 2326 2465 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA 2327 2466 if (tls && haveRSA) { 2328 suites->suites[idx++] = 0;2467 suites->suites[idx++] = CIPHER_BYTE; 2329 2468 suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_SHA; 2330 2469 } … … 2362 2501 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA 2363 2502 if (tls && haveRSA) { 2364 suites->suites[idx++] = 0;2503 suites->suites[idx++] = CIPHER_BYTE; 2365 2504 suites->suites[idx++] = TLS_RSA_WITH_NULL_SHA; 2366 2505 } … … 2369 2508 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA256 2370 2509 if (tls && haveRSA) { 2371 suites->suites[idx++] = 0;2510 suites->suites[idx++] = CIPHER_BYTE; 2372 2511 suites->suites[idx++] = TLS_RSA_WITH_NULL_SHA256; 2373 2512 } … … 2376 2515 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA 2377 2516 if (tls && havePSK) { 2378 suites->suites[idx++] = 0;2517 suites->suites[idx++] = CIPHER_BYTE; 2379 2518 suites->suites[idx++] = TLS_PSK_WITH_AES_256_CBC_SHA; 2380 2519 } … … 2383 2522 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 2384 2523 if (tls && haveDH && havePSK) { 2385 suites->suites[idx++] = 0;2524 suites->suites[idx++] = CIPHER_BYTE; 2386 2525 suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_CBC_SHA384; 2387 2526 } … … 2390 2529 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 2391 2530 if (tls && havePSK) { 2392 suites->suites[idx++] = 0;2531 suites->suites[idx++] = CIPHER_BYTE; 2393 2532 suites->suites[idx++] = TLS_PSK_WITH_AES_256_CBC_SHA384; 2394 2533 } … … 2397 2536 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 2398 2537 if (tls && haveDH && havePSK) { 2399 suites->suites[idx++] = 0;2538 suites->suites[idx++] = CIPHER_BYTE; 2400 2539 suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_CBC_SHA256; 2401 2540 } … … 2404 2543 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 2405 2544 if (tls && havePSK) { 2406 suites->suites[idx++] = 0;2545 suites->suites[idx++] = CIPHER_BYTE; 2407 2546 suites->suites[idx++] = TLS_PSK_WITH_AES_128_CBC_SHA256; 2408 2547 } … … 2411 2550 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA 2412 2551 if (tls && havePSK) { 2413 suites->suites[idx++] = 0;2552 suites->suites[idx++] = CIPHER_BYTE; 2414 2553 suites->suites[idx++] = TLS_PSK_WITH_AES_128_CBC_SHA; 2415 2554 } … … 2488 2627 #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 2489 2628 if (tls && haveDH && havePSK) { 2490 suites->suites[idx++] = 0;2629 suites->suites[idx++] = CIPHER_BYTE; 2491 2630 suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA384; 2492 2631 } … … 2495 2634 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA384 2496 2635 if (tls && havePSK) { 2497 suites->suites[idx++] = 0;2636 suites->suites[idx++] = CIPHER_BYTE; 2498 2637 suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA384; 2499 2638 } … … 2509 2648 #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 2510 2649 if (tls && haveDH && havePSK) { 2511 suites->suites[idx++] = 0;2650 suites->suites[idx++] = CIPHER_BYTE; 2512 2651 suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA256; 2513 2652 } … … 2516 2655 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA256 2517 2656 if (tls && havePSK) { 2518 suites->suites[idx++] = 0;2657 suites->suites[idx++] = CIPHER_BYTE; 2519 2658 suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA256; 2520 2659 } … … 2523 2662 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA 2524 2663 if (tls && havePSK) { 2525 suites->suites[idx++] = 0;2664 suites->suites[idx++] = CIPHER_BYTE; 2526 2665 suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA; 2527 2666 } … … 2530 2669 #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA 2531 2670 if (!dtls && haveRSA) { 2532 suites->suites[idx++] = 0;2671 suites->suites[idx++] = CIPHER_BYTE; 2533 2672 suites->suites[idx++] = SSL_RSA_WITH_RC4_128_SHA; 2534 2673 } … … 2537 2676 #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5 2538 2677 if (!dtls && haveRSA) { 2539 suites->suites[idx++] = 0;2678 suites->suites[idx++] = CIPHER_BYTE; 2540 2679 suites->suites[idx++] = SSL_RSA_WITH_RC4_128_MD5; 2541 2680 } … … 2544 2683 #ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA 2545 2684 if (haveRSA ) { 2546 suites->suites[idx++] = 0;2685 suites->suites[idx++] = CIPHER_BYTE; 2547 2686 suites->suites[idx++] = SSL_RSA_WITH_3DES_EDE_CBC_SHA; 2548 2687 } … … 2551 2690 #ifdef BUILD_TLS_RSA_WITH_HC_128_MD5 2552 2691 if (!dtls && tls && haveRSA) { 2553 suites->suites[idx++] = 0;2692 suites->suites[idx++] = CIPHER_BYTE; 2554 2693 suites->suites[idx++] = TLS_RSA_WITH_HC_128_MD5; 2555 2694 } … … 2558 2697 #ifdef BUILD_TLS_RSA_WITH_HC_128_SHA 2559 2698 if (!dtls && tls && haveRSA) { 2560 suites->suites[idx++] = 0;2699 suites->suites[idx++] = CIPHER_BYTE; 2561 2700 suites->suites[idx++] = TLS_RSA_WITH_HC_128_SHA; 2562 2701 } … … 2565 2704 #ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 2566 2705 if (!dtls && tls && haveRSA) { 2567 suites->suites[idx++] = 0;2706 suites->suites[idx++] = CIPHER_BYTE; 2568 2707 suites->suites[idx++] = TLS_RSA_WITH_HC_128_B2B256; 2569 2708 } … … 2572 2711 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 2573 2712 if (tls && haveRSA) { 2574 suites->suites[idx++] = 0;2713 suites->suites[idx++] = CIPHER_BYTE; 2575 2714 suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_B2B256; 2576 2715 } … … 2579 2718 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 2580 2719 if (tls && haveRSA) { 2581 suites->suites[idx++] = 0;2720 suites->suites[idx++] = CIPHER_BYTE; 2582 2721 suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_B2B256; 2583 2722 } … … 2586 2725 #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA 2587 2726 if (!dtls && tls && haveRSA) { 2588 suites->suites[idx++] = 0;2727 suites->suites[idx++] = CIPHER_BYTE; 2589 2728 suites->suites[idx++] = TLS_RSA_WITH_RABBIT_SHA; 2590 2729 } … … 2593 2732 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 2594 2733 if (tls && haveRSA) { 2595 suites->suites[idx++] = 0;2734 suites->suites[idx++] = CIPHER_BYTE; 2596 2735 suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA; 2597 2736 } … … 2600 2739 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 2601 2740 if (tls && haveDH && haveRSA) { 2602 suites->suites[idx++] = 0;2741 suites->suites[idx++] = CIPHER_BYTE; 2603 2742 suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA; 2604 2743 } … … 2607 2746 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 2608 2747 if (tls && haveRSA) { 2609 suites->suites[idx++] = 0;2748 suites->suites[idx++] = CIPHER_BYTE; 2610 2749 suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA; 2611 2750 } … … 2614 2753 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 2615 2754 if (tls && haveDH && haveRSA) { 2616 suites->suites[idx++] = 0;2755 suites->suites[idx++] = CIPHER_BYTE; 2617 2756 suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA; 2618 2757 } … … 2621 2760 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 2622 2761 if (tls && haveRSA) { 2623 suites->suites[idx++] = 0;2762 suites->suites[idx++] = CIPHER_BYTE; 2624 2763 suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256; 2625 2764 } … … 2628 2767 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2629 2768 if (tls && haveDH && haveRSA) { 2630 suites->suites[idx++] = 0;2769 suites->suites[idx++] = CIPHER_BYTE; 2631 2770 suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256; 2632 2771 } … … 2635 2774 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 2636 2775 if (tls && haveRSA) { 2637 suites->suites[idx++] = 0;2776 suites->suites[idx++] = CIPHER_BYTE; 2638 2777 suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256; 2639 2778 } … … 2642 2781 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 2643 2782 if (tls && haveDH && haveRSA) { 2644 suites->suites[idx++] = 0;2783 suites->suites[idx++] = CIPHER_BYTE; 2645 2784 suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256; 2646 2785 } … … 2649 2788 #ifdef BUILD_SSL_RSA_WITH_IDEA_CBC_SHA 2650 2789 if (haveRSA) { 2651 suites->suites[idx++] = 0;2790 suites->suites[idx++] = CIPHER_BYTE; 2652 2791 suites->suites[idx++] = SSL_RSA_WITH_IDEA_CBC_SHA; 2653 2792 } 2654 2793 #endif 2794 2795 #endif /* !WOLFSSL_NO_TLS12 */ 2655 2796 2656 2797 suites->suiteSz = idx; … … 2668 2809 * hsType The signature type. 2669 2810 */ 2670 static INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsType)2811 static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsType) 2671 2812 { 2672 2813 switch (input[0]) { … … 2697 2838 #endif /* !NO_WOLFSSL_SERVER || !NO_CERTS */ 2698 2839 2699 #if !defined(NO_DH) || defined(HAVE_ECC) 2840 #ifndef WOLFSSL_NO_TLS12 2841 #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT) 2842 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ 2843 (!defined(NO_RSA) && defined(WC_RSA_PSS)) 2700 2844 2701 2845 static enum wc_HashType HashAlgoToType(int hashAlgo) … … 2726 2870 return WC_HASH_TYPE_NONE; 2727 2871 } 2872 #endif /* !NO_DH || HAVE_ECC || (!NO_RSA && WC_RSA_PSS) */ 2873 #endif /* !NO_WOLFSSL_SERVER || !NO_WOLFSSL_CLIENT */ 2874 #endif /* !WOLFSSL_NO_TLS12 */ 2728 2875 2729 2876 #ifndef NO_CERTS 2730 2731 2877 2732 2878 void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag) … … 2737 2883 name->name = name->staticName; 2738 2884 name->dynamicName = 0; 2739 #ifdef OPENSSL_EXTRA 2885 name->sz = 0; 2886 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 2740 2887 XMEMSET(&name->fullName, 0, sizeof(DecodedName)); 2741 2888 XMEMSET(&name->cnEntry, 0, sizeof(WOLFSSL_X509_NAME_ENTRY)); 2889 XMEMSET(&name->extra, 0, sizeof(name->extra)); 2742 2890 name->cnEntry.value = &(name->cnEntry.data); /* point to internal data*/ 2891 name->cnEntry.nid = ASN_COMMON_NAME; 2743 2892 name->x509 = NULL; 2744 2893 #endif /* OPENSSL_EXTRA */ … … 2752 2901 if (name->dynamicName) 2753 2902 XFREE(name->name, heap, DYNAMIC_TYPE_SUBJECT_CN); 2754 #ifdef OPENSSL_EXTRA 2755 if (name->fullName.fullName != NULL) 2903 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 2904 { 2905 int i; 2906 if (name->fullName.fullName != NULL) { 2756 2907 XFREE(name->fullName.fullName, heap, DYNAMIC_TYPE_X509); 2757 #endif /* OPENSSL_EXTRA */ 2908 name->fullName.fullName = NULL; 2909 } 2910 for (i = 0; i < MAX_NAME_ENTRIES; i++) { 2911 /* free ASN1 string data */ 2912 if (name->extra[i].set && name->extra[i].data.data != NULL) { 2913 XFREE(name->extra[i].data.data, heap, DYNAMIC_TYPE_OPENSSL); 2914 } 2915 } 2916 wolfSSL_ASN1_OBJECT_free(&name->cnEntry.object); 2917 } 2918 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 2758 2919 } 2759 2920 (void)heap; … … 2774 2935 InitX509Name(&x509->issuer, 0); 2775 2936 InitX509Name(&x509->subject, 0); 2776 x509->version = 0;2777 x509->pubKey.buffer = NULL;2778 x509->sig.buffer = NULL;2779 x509->derCert = NULL;2780 x509->altNames = NULL;2781 x509->altNamesNext = NULL;2782 2937 x509->dynamicMemory = (byte)dynamicFlag; 2783 x509->isCa = 0;2784 #ifdef HAVE_ECC2785 x509->pkCurveOID = 0;2786 #endif /* HAVE_ECC */2787 #ifdef OPENSSL_EXTRA2788 x509->pathLength = 0;2789 x509->basicConstSet = 0;2790 x509->basicConstCrit = 0;2791 x509->basicConstPlSet = 0;2792 x509->subjAltNameSet = 0;2793 x509->subjAltNameCrit = 0;2794 x509->authKeyIdSet = 0;2795 x509->authKeyIdCrit = 0;2796 x509->authKeyId = NULL;2797 x509->authKeyIdSz = 0;2798 x509->subjKeyIdSet = 0;2799 x509->subjKeyIdCrit = 0;2800 x509->subjKeyId = NULL;2801 x509->subjKeyIdSz = 0;2802 x509->keyUsageSet = 0;2803 x509->keyUsageCrit = 0;2804 x509->keyUsage = 0;2805 #ifdef WOLFSSL_SEP2806 x509->certPolicySet = 0;2807 x509->certPolicyCrit = 0;2808 #endif /* WOLFSSL_SEP */2809 #endif /* OPENSSL_EXTRA */2810 2938 } 2811 2939 … … 2823 2951 FreeDer(&x509->derCert); 2824 2952 XFREE(x509->sig.buffer, x509->heap, DYNAMIC_TYPE_SIGNATURE); 2825 #if def OPENSSL_EXTRA2953 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 2826 2954 XFREE(x509->authKeyId, x509->heap, DYNAMIC_TYPE_X509_EXT); 2827 2955 XFREE(x509->subjKeyId, x509->heap, DYNAMIC_TYPE_X509_EXT); … … 2832 2960 XFREE(x509->extKeyUsageSrc, x509->heap, DYNAMIC_TYPE_X509_EXT); 2833 2961 } 2834 #endif /* OPENSSL_EXTRA */2962 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 2835 2963 if (x509->altNames) 2836 FreeAltNames(x509->altNames, NULL);2964 FreeAltNames(x509->altNames, x509->heap); 2837 2965 } 2838 2966 2839 #endif /* !NO_DH || HAVE_ECC */ 2840 2841 #if !defined( NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519)2967 2968 #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT) 2969 #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_NO_CLIENT_AUTH) 2842 2970 /* Encode the signature algorithm into buffer. 2843 2971 * … … 2846 2974 * output The buffer to encode into. 2847 2975 */ 2848 static INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output)2976 static WC_INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output) 2849 2977 { 2850 2978 switch (hsType) { … … 2877 3005 /* ED448: 0x0808 */ 2878 3006 } 3007 (void)hashAlgo; 3008 (void)output; 2879 3009 } 3010 2880 3011 static void SetDigest(WOLFSSL* ssl, int hashAlgo) 2881 3012 { … … 2907 3038 } /* switch */ 2908 3039 } 2909 #endif 3040 #endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_NO_CLIENT_AUTH */ 3041 #endif /* !NO_WOLFSSL_SERVER || !NO_WOLFSSL_CLIENT */ 3042 #endif /* !NO_CERTS */ 2910 3043 2911 3044 #ifndef NO_RSA 3045 #ifndef WOLFSSL_NO_TLS12 3046 #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT) 2912 3047 static int TypeHash(int hashAlgo) 2913 3048 { … … 2933 3068 return 0; 2934 3069 } 3070 #endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */ 3071 #endif /* !WOLFSSL_NO_TLS12 */ 2935 3072 2936 3073 #if defined(WC_RSA_PSS) … … 2969 3106 int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, 2970 3107 word32* outSz, int sigAlgo, int hashAlgo, RsaKey* key, 2971 const byte* keyBuf, word32 keySz, void* ctx)3108 DerBuffer* keyBufInfo) 2972 3109 { 2973 3110 int ret; 3111 #ifdef HAVE_PK_CALLBACKS 3112 const byte* keyBuf = NULL; 3113 word32 keySz = 0; 3114 3115 if (keyBufInfo) { 3116 keyBuf = keyBufInfo->buffer; 3117 keySz = keyBufInfo->length; 3118 } 3119 #endif 2974 3120 2975 3121 (void)ssl; 2976 (void)keyBuf; 2977 (void)keySz; 2978 (void)ctx; 3122 (void)keyBufInfo; 2979 3123 (void)sigAlgo; 2980 3124 (void)hashAlgo; … … 2983 3127 2984 3128 #ifdef WOLFSSL_ASYNC_CRYPT 2985 /* in tialize event */3129 /* initialize event */ 2986 3130 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 2987 3131 if (ret != 0) … … 3000 3144 #if defined(HAVE_PK_CALLBACKS) 3001 3145 if (ssl->ctx->RsaPssSignCb) { 3146 void* ctx = wolfSSL_GetRsaPssSignCtx(ssl); 3002 3147 ret = ssl->ctx->RsaPssSignCb(ssl, in, inSz, out, outSz, 3003 3148 TypeHash(hashAlgo), mgf, … … 3015 3160 #if defined(HAVE_PK_CALLBACKS) 3016 3161 if (ssl->ctx->RsaSignCb) { 3162 void* ctx = wolfSSL_GetRsaSignCtx(ssl); 3017 3163 ret = ssl->ctx->RsaSignCb(ssl, in, inSz, out, outSz, keyBuf, keySz, 3018 3164 ctx); … … 3041 3187 3042 3188 int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo, 3043 int hashAlgo, RsaKey* key, const byte* keyBuf, word32 keySz, 3044 void* ctx) 3189 int hashAlgo, RsaKey* key, buffer* keyBufInfo) 3045 3190 { 3046 3191 int ret; 3192 #ifdef HAVE_PK_CALLBACKS 3193 const byte* keyBuf = NULL; 3194 word32 keySz = 0; 3195 3196 if (keyBufInfo) { 3197 keyBuf = keyBufInfo->buffer; 3198 keySz = keyBufInfo->length; 3199 } 3200 #endif 3047 3201 3048 3202 (void)ssl; 3049 (void)keyBuf; 3050 (void)keySz; 3051 (void)ctx; 3203 (void)keyBufInfo; 3052 3204 (void)sigAlgo; 3053 3205 (void)hashAlgo; … … 3056 3208 3057 3209 #ifdef WOLFSSL_ASYNC_CRYPT 3058 /* in tialize event */3210 /* initialize event */ 3059 3211 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3060 3212 if (ret != 0) … … 3072 3224 #ifdef HAVE_PK_CALLBACKS 3073 3225 if (ssl->ctx->RsaPssVerifyCb) { 3226 void* ctx = wolfSSL_GetRsaPssVerifyCtx(ssl); 3074 3227 ret = ssl->ctx->RsaPssVerifyCb(ssl, in, inSz, out, 3075 3228 TypeHash(hashAlgo), mgf, … … 3084 3237 #ifdef HAVE_PK_CALLBACKS 3085 3238 if (ssl->ctx->RsaVerifyCb) { 3239 void* ctx = wolfSSL_GetRsaVerifyCtx(ssl); 3086 3240 ret = ssl->ctx->RsaVerifyCb(ssl, in, inSz, out, keyBuf, keySz, ctx); 3087 3241 } … … 3105 3259 3106 3260 /* Verify RSA signature, 0 on success */ 3261 /* This function is used to check the sign result */ 3107 3262 int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz, 3108 const byte* plain, word32 plainSz, int sigAlgo, int hashAlgo, RsaKey* key) 3263 const byte* plain, word32 plainSz, int sigAlgo, int hashAlgo, RsaKey* key, 3264 DerBuffer* keyBufInfo) 3109 3265 { 3110 3266 byte* out = NULL; /* inline result */ 3111 3267 int ret; 3268 #ifdef HAVE_PK_CALLBACKS 3269 const byte* keyBuf = NULL; 3270 word32 keySz = 0; 3271 3272 if (keyBufInfo) { 3273 keyBuf = keyBufInfo->buffer; 3274 keySz = keyBufInfo->length; 3275 } 3276 #endif 3112 3277 3113 3278 (void)ssl; 3279 (void)keyBufInfo; 3114 3280 (void)sigAlgo; 3115 3281 (void)hashAlgo; … … 3117 3283 WOLFSSL_ENTER("VerifyRsaSign"); 3118 3284 3119 if (verifySig == NULL || plain == NULL || key == NULL) {3285 if (verifySig == NULL || plain == NULL) { 3120 3286 return BAD_FUNC_ARG; 3121 3287 } … … 3127 3293 3128 3294 #ifdef WOLFSSL_ASYNC_CRYPT 3129 /* intialize event */ 3295 /* initialize event */ 3296 if (key) { 3130 3297 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3131 3298 if (ret != 0) 3132 3299 return ret; 3300 } 3133 3301 #endif 3134 3302 … … 3141 3309 if (ret != 0) 3142 3310 return ret; 3311 #ifdef HAVE_PK_CALLBACKS 3312 if (ssl->ctx->RsaPssSignCheckCb) { 3313 /* The key buffer includes private/public portion, 3314 but only public is used */ 3315 /* If HSM hardware is checking the signature result you can 3316 optionally skip the sign check and return 0 */ 3317 /* The ctx here is the RsaSignCtx set using wolfSSL_SetRsaSignCtx */ 3318 void* ctx = wolfSSL_GetRsaPssSignCtx(ssl); 3319 ret = ssl->ctx->RsaPssSignCheckCb(ssl, verifySig, sigSz, &out, 3320 TypeHash(hashAlgo), mgf, 3321 keyBuf, keySz, ctx); 3322 } 3323 else 3324 #endif /* HAVE_PK_CALLBACKS */ 3325 { 3143 3326 ret = wc_RsaPSS_VerifyInline(verifySig, sigSz, &out, hashType, mgf, 3144 3327 key); 3328 } 3329 3145 3330 if (ret > 0) { 3146 3331 ret = wc_RsaPSS_CheckPadding(plain, plainSz, out, ret, hashType); … … 3150 3335 } 3151 3336 else 3152 #endif 3337 #endif /* WC_RSA_PSS */ 3338 { 3339 #ifdef HAVE_PK_CALLBACKS 3340 if (ssl->ctx->RsaSignCheckCb) { 3341 /* The key buffer includes private/public portion, 3342 but only public is used */ 3343 /* If HSM hardware is checking the signature result you can 3344 optionally skip the sign check and return 0 */ 3345 /* The ctx here is the RsaSignCtx set using wolfSSL_SetRsaSignCtx */ 3346 void* ctx = wolfSSL_GetRsaSignCtx(ssl); 3347 ret = ssl->ctx->RsaSignCheckCb(ssl, verifySig, sigSz, &out, 3348 keyBuf, keySz, ctx); 3349 } 3350 else 3351 #endif /* HAVE_PK_CALLBACKS */ 3153 3352 { 3154 3353 ret = wc_RsaSSL_VerifyInline(verifySig, sigSz, &out, key); 3354 } 3355 3155 3356 if (ret > 0) { 3156 3357 if (ret != (int)plainSz || !out || … … 3166 3367 /* Handle async pending response */ 3167 3368 #ifdef WOLFSSL_ASYNC_CRYPT 3168 if ( ret == WC_PENDING_E) {3369 if (key && ret == WC_PENDING_E) { 3169 3370 ret = wolfSSL_AsyncPush(ssl, &key->asyncDev); 3170 3371 } … … 3176 3377 } 3177 3378 3379 #ifndef WOLFSSL_NO_TLS12 3380 3178 3381 int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz, 3179 RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx)3382 RsaKey* key, DerBuffer* keyBufInfo) 3180 3383 { 3181 3384 int ret; 3385 #ifdef HAVE_PK_CALLBACKS 3386 const byte* keyBuf = NULL; 3387 word32 keySz = 0; 3388 3389 if (keyBufInfo) { 3390 keyBuf = keyBufInfo->buffer; 3391 keySz = keyBufInfo->length; 3392 } 3393 #endif 3182 3394 3183 3395 (void)ssl; 3184 (void)keyBuf; 3185 (void)keySz; 3186 (void)ctx; 3396 (void)keyBufInfo; 3187 3397 3188 3398 WOLFSSL_ENTER("RsaDec"); 3189 3399 3190 3400 #ifdef WOLFSSL_ASYNC_CRYPT 3191 /* in tialize event */3401 /* initialize event */ 3192 3402 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3193 3403 if (ret != 0) … … 3197 3407 #ifdef HAVE_PK_CALLBACKS 3198 3408 if (ssl->ctx->RsaDecCb) { 3199 ret = ssl->ctx->RsaDecCb(ssl, in, inSz, out, keyBuf, keySz,3200 3409 void* ctx = wolfSSL_GetRsaDecCtx(ssl); 3410 ret = ssl->ctx->RsaDecCb(ssl, in, inSz, out, keyBuf, keySz, ctx); 3201 3411 } 3202 3412 else … … 3230 3440 3231 3441 int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz, 3232 RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx)3442 RsaKey* key, buffer* keyBufInfo) 3233 3443 { 3234 3444 int ret; 3445 #ifdef HAVE_PK_CALLBACKS 3446 const byte* keyBuf = NULL; 3447 word32 keySz = 0; 3448 3449 if (keyBufInfo) { 3450 keyBuf = keyBufInfo->buffer; 3451 keySz = keyBufInfo->length; 3452 } 3453 #endif 3235 3454 3236 3455 (void)ssl; 3237 (void)keyBuf; 3238 (void)keySz; 3239 (void)ctx; 3456 (void)keyBufInfo; 3240 3457 3241 3458 WOLFSSL_ENTER("RsaEnc"); 3242 3459 3243 3460 #ifdef WOLFSSL_ASYNC_CRYPT 3244 /* in tialize event */3461 /* initialize event */ 3245 3462 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3246 3463 if (ret != 0) … … 3250 3467 #ifdef HAVE_PK_CALLBACKS 3251 3468 if (ssl->ctx->RsaEncCb) { 3252 ret = ssl->ctx->RsaEncCb(ssl, in, inSz, out, outSz, keyBuf, keySz,3253 3469 void* ctx = wolfSSL_GetRsaEncCtx(ssl); 3470 ret = ssl->ctx->RsaEncCb(ssl, in, inSz, out, outSz, keyBuf, keySz, ctx); 3254 3471 } 3255 3472 else … … 3277 3494 } 3278 3495 3496 #endif /* !WOLFSSL_NO_TLS12 */ 3497 3279 3498 #endif /* NO_RSA */ 3280 3499 … … 3282 3501 3283 3502 int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, 3284 word32* outSz, ecc_key* key, byte* keyBuf, word32 keySz, void* ctx)3503 word32* outSz, ecc_key* key, DerBuffer* keyBufInfo) 3285 3504 { 3286 3505 int ret; 3506 #ifdef HAVE_PK_CALLBACKS 3507 const byte* keyBuf = NULL; 3508 word32 keySz = 0; 3509 3510 if (keyBufInfo) { 3511 keyBuf = keyBufInfo->buffer; 3512 keySz = keyBufInfo->length; 3513 } 3514 #endif 3287 3515 3288 3516 (void)ssl; 3289 (void)keyBuf; 3290 (void)keySz; 3291 (void)ctx; 3517 (void)keyBufInfo; 3292 3518 3293 3519 WOLFSSL_ENTER("EccSign"); 3294 3520 3295 3521 #ifdef WOLFSSL_ASYNC_CRYPT 3296 /* in tialize event */3522 /* initialize event */ 3297 3523 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3298 3524 if (ret != 0) … … 3302 3528 #if defined(HAVE_PK_CALLBACKS) 3303 3529 if (ssl->ctx->EccSignCb) { 3530 void* ctx = wolfSSL_GetEccSignCtx(ssl); 3304 3531 ret = ssl->ctx->EccSignCb(ssl, in, inSz, out, outSz, keyBuf, 3305 3532 keySz, ctx); … … 3324 3551 3325 3552 int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out, 3326 word32 outSz, ecc_key* key, byte* keyBuf, word32 keySz, 3327 void* ctx) 3553 word32 outSz, ecc_key* key, buffer* keyBufInfo) 3328 3554 { 3329 3555 int ret; 3556 #ifdef HAVE_PK_CALLBACKS 3557 const byte* keyBuf = NULL; 3558 word32 keySz = 0; 3559 3560 if (keyBufInfo) { 3561 keyBuf = keyBufInfo->buffer; 3562 keySz = keyBufInfo->length; 3563 } 3564 #endif 3330 3565 3331 3566 (void)ssl; 3332 (void)keyBuf; 3333 (void)keySz; 3334 (void)ctx; 3567 (void)keyBufInfo; 3335 3568 3336 3569 WOLFSSL_ENTER("EccVerify"); 3337 3570 3338 3571 #ifdef WOLFSSL_ASYNC_CRYPT 3339 /* in tialize event */3572 /* initialize event */ 3340 3573 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3341 3574 if (ret != 0) … … 3345 3578 #ifdef HAVE_PK_CALLBACKS 3346 3579 if (ssl->ctx->EccVerifyCb) { 3580 void* ctx = wolfSSL_GetEccVerifyCtx(ssl); 3347 3581 ret = ssl->ctx->EccVerifyCb(ssl, in, inSz, out, outSz, keyBuf, keySz, 3348 3582 &ssl->eccVerifyRes, ctx); … … 3426 3660 int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key, ecc_key* pub_key, 3427 3661 byte* pubKeyDer, word32* pubKeySz, byte* out, word32* outlen, 3428 int side , void* ctx)3662 int side) 3429 3663 { 3430 3664 int ret; … … 3440 3674 (void)pubKeySz; 3441 3675 (void)side; 3442 (void)ctx;3443 3676 3444 3677 WOLFSSL_ENTER("EccSharedSecret"); … … 3456 3689 3457 3690 #ifdef WOLFSSL_ASYNC_CRYPT 3458 /* in tialize event */3691 /* initialize event */ 3459 3692 ret = wolfSSL_AsyncInit(ssl, asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3460 3693 if (ret != 0) … … 3464 3697 #ifdef HAVE_PK_CALLBACKS 3465 3698 if (ssl->ctx->EccSharedSecretCb) { 3699 void* ctx = wolfSSL_GetEccSharedSecretCtx(ssl); 3466 3700 ret = ssl->ctx->EccSharedSecretCb(ssl, otherKey, pubKeyDer, 3467 3701 pubKeySz, out, outlen, side, ctx); … … 3489 3723 int ret = 0; 3490 3724 int keySz = 0; 3725 int ecc_curve = ECC_CURVE_DEF; 3491 3726 3492 3727 WOLFSSL_ENTER("EccMakeKey"); 3493 3728 3494 3729 #ifdef WOLFSSL_ASYNC_CRYPT 3495 /* in tialize event */3730 /* initialize event */ 3496 3731 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_NONE); 3497 3732 if (ret != 0) … … 3499 3734 #endif 3500 3735 3736 /* get key size */ 3501 3737 if (peer == NULL) { 3502 3738 keySz = ssl->eccTempKeySz; … … 3506 3742 } 3507 3743 3744 /* get curve type */ 3508 3745 if (ssl->ecdhCurveOID > 0) { 3509 ret = wc_ecc_make_key_ex(ssl->rng, keySz, key, 3510 wc_ecc_get_oid(ssl->ecdhCurveOID, NULL, NULL)); 3511 } 3512 else { 3513 ret = wc_ecc_make_key(ssl->rng, keySz, key); 3514 if (ret == 0) 3746 ecc_curve = wc_ecc_get_oid(ssl->ecdhCurveOID, NULL, NULL); 3747 } 3748 3749 #ifdef HAVE_PK_CALLBACKS 3750 if (ssl->ctx->EccKeyGenCb) { 3751 void* ctx = wolfSSL_GetEccKeyGenCtx(ssl); 3752 ret = ssl->ctx->EccKeyGenCb(ssl, key, keySz, ecc_curve, ctx); 3753 } 3754 else 3755 #endif 3756 { 3757 ret = wc_ecc_make_key_ex(ssl->rng, keySz, key, ecc_curve); 3758 } 3759 3760 /* make sure the curve is set for TLS */ 3761 if (ret == 0 && key->dp) { 3515 3762 ssl->ecdhCurveOID = key->dp->oidSum; 3516 3763 } … … 3530 3777 3531 3778 #ifdef HAVE_ED25519 3779 /* Check whether the key contains a public key. 3780 * If not then pull it out of the leaf certificate. 3781 * 3782 * ssl SSL/TLS object. 3783 * returns MEMORY_E when unable to allocate memory, a parsing error, otherwise 3784 * 0 on success. 3785 */ 3786 int Ed25519CheckPubKey(WOLFSSL* ssl) 3787 { 3788 ed25519_key* key = (ed25519_key*)ssl->hsKey; 3789 int ret = 0; 3790 3791 /* Public key required for signing. */ 3792 if (!key->pubKeySet) { 3793 DerBuffer* leaf = ssl->buffers.certificate; 3794 DecodedCert* cert = (DecodedCert*)XMALLOC(sizeof(*cert), 3795 ssl->heap, DYNAMIC_TYPE_DCERT); 3796 if (cert == NULL) 3797 ret = MEMORY_E; 3798 3799 if (ret == 0) { 3800 InitDecodedCert(cert, leaf->buffer, leaf->length, ssl->heap); 3801 ret = DecodeToKey(cert, 0); 3802 } 3803 if (ret == 0) { 3804 ret = wc_ed25519_import_public(cert->publicKey, cert->pubKeySize, 3805 key); 3806 } 3807 if (cert != NULL) { 3808 FreeDecodedCert(cert); 3809 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); 3810 } 3811 } 3812 3813 return ret; 3814 } 3815 3532 3816 /* Sign the data using EdDSA and key using X25519. 3533 3817 * … … 3540 3824 * keySz The length of the private key data in bytes. 3541 3825 * ctx The callback context. 3542 * returns 0 on succes , otherwise the valusis an error.3826 * returns 0 on success, otherwise the value is an error. 3543 3827 */ 3544 3828 int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, 3545 word32* outSz, ed25519_key* key, byte* keyBuf, word32 keySz, 3546 void* ctx) 3829 word32* outSz, ed25519_key* key, DerBuffer* keyBufInfo) 3547 3830 { 3548 3831 int ret; 3832 #ifdef HAVE_PK_CALLBACKS 3833 const byte* keyBuf = NULL; 3834 word32 keySz = 0; 3835 3836 if (keyBufInfo) { 3837 keyBuf = keyBufInfo->buffer; 3838 keySz = keyBufInfo->length; 3839 } 3840 #endif 3549 3841 3550 3842 (void)ssl; 3551 (void)keyBuf; 3552 (void)keySz; 3553 (void)ctx; 3843 (void)keyBufInfo; 3554 3844 3555 3845 WOLFSSL_ENTER("Ed25519Sign"); 3556 3846 3557 3847 #ifdef WOLFSSL_ASYNC_CRYPT 3558 /* in tialize event */3848 /* initialize event */ 3559 3849 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3560 3850 if (ret != 0) … … 3564 3854 #if defined(HAVE_PK_CALLBACKS) 3565 3855 if (ssl->ctx->Ed25519SignCb) { 3856 void* ctx = wolfSSL_GetEd25519SignCtx(ssl); 3566 3857 ret = ssl->ctx->Ed25519SignCb(ssl, in, inSz, out, outSz, keyBuf, 3567 3858 keySz, ctx); … … 3595 3886 * keySz The length of the private key data in bytes. 3596 3887 * ctx The callback context. 3597 * returns 0 on succes , otherwise the valusis an error.3888 * returns 0 on success, otherwise the value is an error. 3598 3889 */ 3599 3890 int Ed25519Verify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* msg, 3600 word32 msgSz, ed25519_key* key, byte* keyBuf, word32 keySz, 3601 void* ctx) 3891 word32 msgSz, ed25519_key* key, buffer* keyBufInfo) 3602 3892 { 3603 3893 int ret; 3894 #ifdef HAVE_PK_CALLBACKS 3895 const byte* keyBuf = NULL; 3896 word32 keySz = 0; 3897 3898 if (keyBufInfo) { 3899 keyBuf = keyBufInfo->buffer; 3900 keySz = keyBufInfo->length; 3901 } 3902 #endif 3604 3903 3605 3904 (void)ssl; 3606 (void)keyBuf; 3607 (void)keySz; 3608 (void)ctx; 3905 (void)keyBufInfo; 3609 3906 3610 3907 WOLFSSL_ENTER("Ed25519Verify"); 3611 3908 3612 3909 #ifdef WOLFSSL_ASYNC_CRYPT 3613 /* in tialize event */3910 /* initialize event */ 3614 3911 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3615 3912 if (ret != 0) … … 3619 3916 #ifdef HAVE_PK_CALLBACKS 3620 3917 if (ssl->ctx->Ed25519VerifyCb) { 3918 void* ctx = wolfSSL_GetEd25519VerifyCtx(ssl); 3621 3919 ret = ssl->ctx->Ed25519VerifyCb(ssl, in, inSz, msg, msgSz, keyBuf, 3622 3920 keySz, &ssl->eccVerifyRes, ctx); … … 3645 3943 } 3646 3944 #endif /* HAVE_ED25519 */ 3945 3946 #ifndef WOLFSSL_NO_TLS12 3647 3947 3648 3948 #ifdef HAVE_CURVE25519 … … 3686 3986 static int X25519SharedSecret(WOLFSSL* ssl, curve25519_key* priv_key, 3687 3987 curve25519_key* pub_key, byte* pubKeyDer, word32* pubKeySz, 3688 byte* out, word32* outlen, int side , void* ctx)3988 byte* out, word32* outlen, int side) 3689 3989 { 3690 3990 int ret; … … 3694 3994 (void)pubKeySz; 3695 3995 (void)side; 3696 (void)ctx;3697 3996 3698 3997 WOLFSSL_ENTER("X25519SharedSecret"); 3699 3998 3700 3999 #ifdef WOLFSSL_ASYNC_CRYPT 3701 /* in tialize event */4000 /* initialize event */ 3702 4001 ret = wolfSSL_AsyncInit(ssl, &priv_key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); 3703 4002 if (ret != 0) … … 3711 4010 ret = X25519GetKey(ssl, &otherKey); 3712 4011 if (ret == 0) { 4012 void* ctx = wolfSSL_GetX25519SharedSecretCtx(ssl); 3713 4013 ret = ssl->ctx->X25519SharedSecretCb(ssl, otherKey, pubKeyDer, 3714 4014 pubKeySz, out, outlen, side, ctx); … … 3744 4044 3745 4045 #ifdef WOLFSSL_ASYNC_CRYPT 3746 /* in tialize event */4046 /* initialize event */ 3747 4047 ret = wolfSSL_AsyncInit(ssl, &key->asyncDev, WC_ASYNC_FLAG_NONE); 3748 4048 if (ret != 0) … … 3750 4050 #endif 3751 4051 4052 #ifdef HAVE_PK_CALLBACKS 4053 if (ssl->ctx->X25519KeyGenCb) { 4054 void* ctx = wolfSSL_GetX25519KeyGenCtx(ssl); 4055 ret = ssl->ctx->X25519KeyGenCb(ssl, key, CURVE25519_KEYSIZE, ctx); 4056 } 4057 else 4058 #endif 4059 { 3752 4060 ret = wc_curve25519_make_key(ssl->rng, CURVE25519_KEYSIZE, key); 3753 if (ret == 0) 4061 } 4062 4063 if (ret == 0) { 3754 4064 ssl->ecdhCurveOID = ECC_X25519_OID; 4065 } 3755 4066 3756 4067 /* Handle async pending response */ … … 3766 4077 } 3767 4078 #endif /* HAVE_CURVE25519 */ 3768 3769 #endif /* !NO_CERTS */3770 4079 3771 4080 #if !defined(NO_CERTS) || !defined(NO_PSK) … … 3781 4090 3782 4091 #ifdef WOLFSSL_ASYNC_CRYPT 3783 /* in tialize event */4092 /* initialize event */ 3784 4093 ret = wolfSSL_AsyncInit(ssl, &dhKey->asyncDev, WC_ASYNC_FLAG_NONE); 3785 4094 if (ret != 0) … … 3813 4122 3814 4123 #ifdef WOLFSSL_ASYNC_CRYPT 3815 /* in tialize event */4124 /* initialize event */ 3816 4125 ret = wolfSSL_AsyncInit(ssl, &dhKey->asyncDev, WC_ASYNC_FLAG_NONE); 3817 4126 if (ret != 0) … … 3819 4128 #endif 3820 4129 3821 ret = wc_DhAgree(dhKey, agree, agreeSz, priv, privSz, otherPub, otherPubSz); 4130 #ifdef HAVE_PK_CALLBACKS 4131 if (ssl->ctx->DhAgreeCb) { 4132 void* ctx = wolfSSL_GetDhAgreeCtx(ssl); 4133 4134 WOLFSSL_MSG("Calling DhAgree Callback Function"); 4135 ret = ssl->ctx->DhAgreeCb(ssl, dhKey, priv, privSz, 4136 otherPub, otherPubSz, agree, agreeSz, ctx); 4137 } 4138 else 4139 #endif 4140 { 4141 ret = wc_DhAgree(dhKey, agree, agreeSz, priv, privSz, otherPub, 4142 otherPubSz); 4143 } 3822 4144 3823 4145 /* Handle async pending response */ … … 3835 4157 #endif /* !NO_CERTS || !NO_PSK */ 3836 4158 4159 #endif /* !WOLFSSL_NO_TLS12 */ 4160 4161 4162 #ifdef HAVE_PK_CALLBACKS 4163 int wolfSSL_CTX_IsPrivatePkSet(WOLFSSL_CTX* ctx) 4164 { 4165 int pkcbset = 0; 4166 (void)ctx; 4167 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || !defined(NO_RSA) 4168 if (0 4169 #ifdef HAVE_ECC 4170 || ctx->EccSignCb != NULL 4171 #endif 4172 #ifdef HAVE_ED25519 4173 || ctx->Ed25519SignCb != NULL 4174 #endif 4175 #ifndef NO_RSA 4176 || ctx->RsaSignCb != NULL 4177 || ctx->RsaDecCb != NULL 4178 #ifdef WC_RSA_PSS 4179 || ctx->RsaPssSignCb != NULL 4180 #endif 4181 #endif 4182 ) { 4183 pkcbset = 1; 4184 } 4185 #endif 4186 return pkcbset; 4187 } 4188 #endif /* HAVE_PK_CALLBACKS */ 4189 4190 4191 int InitSSL_Suites(WOLFSSL* ssl) 4192 { 4193 int keySz = 0; 4194 byte havePSK = 0; 4195 byte haveAnon = 0; 4196 byte haveRSA = 0; 4197 byte haveMcast = 0; 4198 4199 (void)haveAnon; /* Squash unused var warnings */ 4200 (void)haveMcast; 4201 4202 if (!ssl) 4203 return BAD_FUNC_ARG; 4204 4205 #ifndef NO_RSA 4206 haveRSA = 1; 4207 #endif 4208 #ifndef NO_PSK 4209 havePSK = (byte)ssl->options.havePSK; 4210 #endif /* NO_PSK */ 4211 #ifdef HAVE_ANON 4212 haveAnon = ssl->options.haveAnon; 4213 #endif /* HAVE_ANON*/ 4214 #ifdef WOLFSSL_MULTICAST 4215 haveMcast = ssl->options.haveMcast; 4216 #endif /* WOLFSSL_MULTICAST */ 4217 4218 #ifdef WOLFSSL_EARLY_DATA 4219 if (ssl->options.side == WOLFSSL_SERVER_END) 4220 ssl->options.maxEarlyDataSz = ssl->ctx->maxEarlyDataSz; 4221 #endif 4222 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 4223 !defined(NO_ED25519_CLIENT_AUTH) 4224 ssl->options.cacheMessages = ssl->options.side == WOLFSSL_SERVER_END || 4225 ssl->buffers.keyType == ed25519_sa_algo; 4226 #endif 4227 4228 #ifndef NO_CERTS 4229 keySz = ssl->buffers.keySz; 4230 #endif 4231 4232 /* make sure server has DH parms, and add PSK if there, add NTRU too */ 4233 if (ssl->options.side == WOLFSSL_SERVER_END) { 4234 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, 4235 ssl->options.haveDH, ssl->options.haveNTRU, 4236 ssl->options.haveECDSAsig, ssl->options.haveECC, 4237 ssl->options.haveStaticECC, ssl->options.side); 4238 } 4239 else { 4240 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, 4241 TRUE, ssl->options.haveNTRU, 4242 ssl->options.haveECDSAsig, ssl->options.haveECC, 4243 ssl->options.haveStaticECC, ssl->options.side); 4244 } 4245 4246 #if !defined(NO_CERTS) && !defined(WOLFSSL_SESSION_EXPORT) 4247 /* make sure server has cert and key unless using PSK, Anon, or 4248 * Multicast. This should be true even if just switching ssl ctx */ 4249 if (ssl->options.side == WOLFSSL_SERVER_END && 4250 !havePSK && !haveAnon && !haveMcast) { 4251 4252 /* server certificate must be loaded */ 4253 if (!ssl->buffers.certificate || !ssl->buffers.certificate->buffer) { 4254 WOLFSSL_MSG("Server missing certificate"); 4255 return NO_PRIVATE_KEY; 4256 } 4257 4258 /* allow no private key if using PK callbacks and CB is set */ 4259 #ifdef HAVE_PK_CALLBACKS 4260 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) { 4261 WOLFSSL_MSG("Using PK for server private key"); 4262 } 4263 else 4264 #endif 4265 if (!ssl->buffers.key || !ssl->buffers.key->buffer) { 4266 WOLFSSL_MSG("Server missing private key"); 4267 return NO_PRIVATE_KEY; 4268 } 4269 } 4270 #endif 4271 4272 return WOLFSSL_SUCCESS; 4273 } 3837 4274 3838 4275 /* This function inherits a WOLFSSL_CTX's fields into an SSL object. … … 3848 4285 int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) 3849 4286 { 3850 byte havePSK = 0; 3851 byte haveAnon = 0; 4287 int ret = WOLFSSL_SUCCESS; 3852 4288 byte newSSL; 3853 byte haveRSA = 0;3854 byte haveMcast = 0;3855 3856 (void)haveAnon; /* Squash unused var warnings */3857 (void)haveMcast;3858 4289 3859 4290 if (!ssl || !ctx) 3860 4291 return BAD_FUNC_ARG; 3861 4292 4293 #ifndef SINGLE_THREADED 3862 4294 if (ssl->suites == NULL && !writeDup) 3863 4295 return BAD_FUNC_ARG; 4296 #endif 3864 4297 3865 4298 newSSL = ssl->ctx == NULL; /* Assign after null check */ … … 3870 4303 } 3871 4304 #endif 3872 3873 3874 #ifndef NO_RSA3875 haveRSA = 1;3876 #endif3877 #ifndef NO_PSK3878 havePSK = ctx->havePSK;3879 #endif /* NO_PSK */3880 #ifdef HAVE_ANON3881 haveAnon = ctx->haveAnon;3882 #endif /* HAVE_ANON*/3883 #ifdef WOLFSSL_MULTICAST3884 haveMcast = ctx->haveMcast;3885 #endif /* WOLFSSL_MULTICAST */3886 4305 3887 4306 /* decrement previous CTX reference count if exists. … … 3904 4323 #ifdef HAVE_ECC 3905 4324 ssl->eccTempKeySz = ctx->eccTempKeySz; 4325 ssl->ecdhCurveOID = ctx->ecdhCurveOID; 4326 #endif 4327 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 3906 4328 ssl->pkCurveOID = ctx->pkCurveOID; 3907 ssl->ecdhCurveOID = ctx->ecdhCurveOID;3908 4329 #endif 3909 4330 3910 4331 #ifdef OPENSSL_EXTRA 3911 4332 ssl->options.mask = ctx->mask; 4333 ssl->CBIS = ctx->CBIS; 3912 4334 #endif 3913 4335 ssl->timeout = ctx->timeout; … … 3927 4349 ssl->options.client_psk_cb = ctx->client_psk_cb; 3928 4350 ssl->options.server_psk_cb = ctx->server_psk_cb; 4351 #ifdef WOLFSSL_TLS13 4352 ssl->options.client_psk_tls13_cb = ctx->client_psk_tls13_cb; 4353 ssl->options.server_psk_tls13_cb = ctx->server_psk_tls13_cb; 4354 #endif 3929 4355 #endif /* NO_PSK */ 3930 4356 #ifdef WOLFSSL_EARLY_DATA … … 3938 4364 #ifndef NO_DH 3939 4365 ssl->options.minDhKeySz = ctx->minDhKeySz; 4366 ssl->options.maxDhKeySz = ctx->maxDhKeySz; 3940 4367 #endif 3941 4368 #ifndef NO_RSA … … 3966 4393 3967 4394 #ifndef NO_DH 4395 #if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \ 4396 !defined(HAVE_SELFTEST) 4397 ssl->options.dhKeyTested = ctx->dhKeyTested; 4398 #endif 3968 4399 ssl->buffers.serverDH_P = ctx->serverDH_P; 3969 4400 ssl->buffers.serverDH_G = ctx->serverDH_G; … … 3981 4412 ssl->buffers.keySz = ctx->privateKeySz; 3982 4413 #endif 4414 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 4415 !defined(NO_ED25519_CLIENT_AUTH) 4416 ssl->options.cacheMessages = ssl->options.side == WOLFSSL_SERVER_END || 4417 ssl->buffers.keyType == ed25519_sa_algo; 4418 #endif 4419 3983 4420 3984 4421 #ifdef WOLFSSL_ASYNC_CRYPT … … 3987 4424 3988 4425 if (writeDup == 0) { 3989 int keySz = 0;3990 #ifndef NO_CERTS3991 keySz = ssl->buffers.keySz;3992 #endif3993 3994 4426 #ifndef NO_PSK 3995 4427 if (ctx->server_hint[0]) { /* set in CTX */ … … 4000 4432 #endif /* NO_PSK */ 4001 4433 4002 if (ctx->suites) 4434 if (ctx->suites) { 4435 #ifndef SINGLE_THREADED 4003 4436 *ssl->suites = *ctx->suites; 4004 else 4437 #else 4438 ssl->suites = ctx->suites; 4439 #endif 4440 } 4441 else { 4005 4442 XMEMSET(ssl->suites, 0, sizeof(Suites)); 4006 4007 /* make sure server has DH parms, and add PSK if there, add NTRU too */ 4008 if (ssl->options.side == WOLFSSL_SERVER_END) 4009 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, 4010 ssl->options.haveDH, ssl->options.haveNTRU, 4011 ssl->options.haveECDSAsig, ssl->options.haveECC, 4012 ssl->options.haveStaticECC, ssl->options.side); 4013 else 4014 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, 4015 TRUE, ssl->options.haveNTRU, 4016 ssl->options.haveECDSAsig, ssl->options.haveECC, 4017 ssl->options.haveStaticECC, ssl->options.side); 4018 4019 #if !defined(NO_CERTS) && !defined(WOLFSSL_SESSION_EXPORT) 4020 /* make sure server has cert and key unless using PSK, Anon, or 4021 * Multicast. This should be true even if just switching ssl ctx */ 4022 if (ssl->options.side == WOLFSSL_SERVER_END && 4023 !havePSK && !haveAnon && !haveMcast) 4024 if (!ssl->buffers.certificate || !ssl->buffers.certificate->buffer 4025 || !ssl->buffers.key || !ssl->buffers.key->buffer) { 4026 WOLFSSL_MSG("Server missing certificate and/or private key"); 4027 return NO_PRIVATE_KEY; 4028 } 4029 #endif 4030 4443 } 4444 4445 if (ssl->options.side != WOLFSSL_NEITHER_END) { 4446 /* Defer initializing suites until accept or connect */ 4447 ret = InitSSL_Suites(ssl); 4448 } 4031 4449 } /* writeDup check */ 4032 4450 … … 4037 4455 #endif 4038 4456 4457 ssl->CBIORecv = ctx->CBIORecv; 4458 ssl->CBIOSend = ctx->CBIOSend; 4039 4459 #ifdef OPENSSL_EXTRA 4040 4460 ssl->readAhead = ctx->readAhead; 4041 4461 #endif 4042 4043 return WOLFSSL_SUCCESS; 4462 ssl->verifyDepth = ctx->verifyDepth; 4463 4464 return ret; 4044 4465 } 4045 4466 … … 4113 4534 wc_Sha512Free(&ssl->hsHashes->hashSha512); 4114 4535 #endif 4536 #if defined(HAVE_ED25519) && !defined(WOLFSSL_NO_CLIENT_AUTH) 4537 if (ssl->hsHashes->messages != NULL) { 4538 XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES); 4539 ssl->hsHashes->messages = NULL; 4540 } 4541 #endif 4115 4542 4116 4543 XFREE(ssl->hsHashes, ssl->heap, DYNAMIC_TYPE_HASHES); … … 4233 4660 ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN; 4234 4661 4235 #if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)4662 #ifdef KEEP_PEER_CERT 4236 4663 InitX509(&ssl->peerCert, 0, ssl->heap); 4237 4664 #endif … … 4247 4674 ssl->IOCB_ReadCtx = &ssl->nxCtx; /* default NetX IO ctx, same for read */ 4248 4675 ssl->IOCB_WriteCtx = &ssl->nxCtx; /* and write */ 4676 #elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) 4677 ssl->mnCtx = mynewt_ctx_new(); 4678 if(!ssl->mnCtx) { 4679 return MEMORY_E; 4680 } 4681 ssl->IOCB_ReadCtx = ssl->mnCtx; /* default Mynewt IO ctx, same for read */ 4682 ssl->IOCB_WriteCtx = ssl->mnCtx; /* and write */ 4249 4683 #endif 4250 4684 … … 4260 4694 ssl->encrypt.state = CIPHER_STATE_BEGIN; 4261 4695 ssl->decrypt.state = CIPHER_STATE_BEGIN; 4696 #ifndef NO_DH 4697 #if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \ 4698 !defined(HAVE_SELFTEST) 4699 ssl->options.dhDoKeyTest = 1; 4700 #endif 4701 #endif 4262 4702 4263 4703 #ifdef WOLFSSL_DTLS … … 4276 4716 #endif 4277 4717 4718 #ifndef WOLFSSL_AEAD_ONLY 4278 4719 #ifndef NO_OLD_TLS 4279 4720 ssl->hmac = SSL_hmac; /* default to SSLv3 */ 4280 #el se4721 #elif !defined(WOLFSSL_NO_TLS12) 4281 4722 ssl->hmac = TLS_hmac; 4282 4723 #endif 4724 #endif 4283 4725 4284 4726 … … 4298 4740 ssl->options.postHandshakeAuth = ctx->postHandshakeAuth; 4299 4741 #endif 4742 4743 if (ctx->numGroups > 0) { 4744 XMEMCPY(ssl->group, ctx->group, sizeof(*ctx->group) * ctx->numGroups); 4745 ssl->numGroups = ctx->numGroups; 4746 } 4300 4747 #endif 4301 4748 … … 4306 4753 #ifdef HAVE_ALPN 4307 4754 ssl->alpn_client_list = NULL; 4308 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)4755 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 4309 4756 ssl->alpnSelect = ctx->alpnSelect; 4310 4757 ssl->alpnSelectArg = ctx->alpnSelectArg; … … 4321 4768 ssl->alert_history.last_tx.code = -1; 4322 4769 ssl->alert_history.last_tx.level = -1; 4770 4771 #ifdef OPENSSL_EXTRA 4772 /* copy over application session context ID */ 4773 ssl->sessionCtxSz = ctx->sessionCtxSz; 4774 XMEMCPY(ssl->sessionCtx, ctx->sessionCtx, ctx->sessionCtxSz); 4775 ssl->cbioFlag = ctx->cbioFlag; 4776 #endif 4323 4777 4324 4778 InitCiphers(ssl); … … 4336 4790 } 4337 4791 XMEMSET(ssl->arrays, 0, sizeof(Arrays)); 4792 #if defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER) 4338 4793 ssl->arrays->preMasterSecret = (byte*)XMALLOC(ENCRYPT_LEN, ssl->heap, 4339 4794 DYNAMIC_TYPE_SECRET); … … 4342 4797 } 4343 4798 XMEMSET(ssl->arrays->preMasterSecret, 0, ENCRYPT_LEN); 4344 4799 #endif 4800 4801 #ifdef SINGLE_THREADED 4802 if (ctx->suites == NULL) 4803 #endif 4804 { 4345 4805 /* suites */ 4346 4806 ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap, … … 4351 4811 } 4352 4812 } 4813 } 4353 4814 4354 4815 /* Initialize SSL with the appropriate fields from it's ctx */ … … 4387 4848 } 4388 4849 4850 #ifdef HAVE_WRITE_DUP 4389 4851 if (writeDup) { 4390 4852 /* all done */ 4391 4853 return 0; 4392 4854 } 4855 #endif 4393 4856 4394 4857 /* hsHashes */ … … 4434 4897 for (i = 0; i < WOLFSSL_DTLS_PEERSEQ_SZ; i++) 4435 4898 ssl->keys.peerSeq[i].peerId = INVALID_PEER_ID; 4899 } 4900 #endif 4901 4902 #ifdef HAVE_SECURE_RENEGOTIATION 4903 if (ssl->options.side == WOLFSSL_CLIENT_END) { 4904 /* use secure renegotiation by default (not recommend) */ 4905 #ifdef WOLFSSL_SECURE_RENEGOTIATION_ON_BY_DEFAULT 4906 ret = wolfSSL_UseSecureRenegotiation(ssl); 4907 if (ret != WOLFSSL_SUCCESS) 4908 return ret; 4909 #endif 4436 4910 } 4437 4911 #endif … … 4598 5072 } 4599 5073 4600 #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_CURVE25519) 5074 #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ 5075 defined(HAVE_CURVE25519) 4601 5076 static int ReuseKey(WOLFSSL* ssl, int type, void* pKey) 4602 5077 { 4603 5078 int ret = 0; 5079 5080 (void)ssl; 4604 5081 4605 5082 switch (type) { … … 4691 5168 XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); 4692 5169 } 5170 #ifdef SINGLE_THREADED 5171 if (ssl->suites != ssl->ctx->suites) 5172 #endif 4693 5173 XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES); 4694 5174 FreeHandshakeHashes(ssl); … … 4697 5177 /* clear keys struct after session */ 4698 5178 ForceZero(&ssl->keys, sizeof(Keys)); 5179 5180 #ifdef WOLFSSL_TLS13 5181 if (ssl->options.tls1_3) { 5182 ForceZero(&ssl->clientSecret, sizeof(ssl->clientSecret)); 5183 ForceZero(&ssl->serverSecret, sizeof(ssl->serverSecret)); 5184 } 5185 #endif 4699 5186 4700 5187 #ifndef NO_DH … … 4706 5193 XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); 4707 5194 /* parameters (p,g) may be owned by ctx */ 4708 if (ssl->buffers.weOwnDH || ssl->options.side == WOLFSSL_CLIENT_END) {5195 if (ssl->buffers.weOwnDH) { 4709 5196 XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); 4710 5197 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); … … 4741 5228 #endif 4742 5229 #endif /* WOLFSSL_DTLS */ 4743 #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)5230 #ifdef OPENSSL_EXTRA 4744 5231 if (ssl->biord != ssl->biowr) /* only free write if different */ 4745 5232 wolfSSL_BIO_free(ssl->biowr); … … 4754 5241 FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccDsaKey); 4755 5242 ssl->peerEccDsaKeyPresent = 0; 5243 #endif 5244 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 5245 { 5246 int dtype; 5247 #ifdef HAVE_ECC 5248 dtype = DYNAMIC_TYPE_ECC; 5249 #endif 4756 5250 #ifdef HAVE_CURVE25519 4757 if (!ssl->peerX25519KeyPresent && 4758 ssl->eccTempKeyPresent != DYNAMIC_TYPE_CURVE25519) 4759 #endif /* HAVE_CURVE25519 */ 5251 #ifdef HAVE_ECC 5252 if (ssl->peerX25519KeyPresent || 5253 ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE25519) 5254 #endif /* HAVE_ECC */ 4760 5255 { 4761 FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->eccTempKey); 5256 dtype = DYNAMIC_TYPE_CURVE25519; 5257 } 5258 #endif /* HAVE_CURVE25519 */ 5259 FreeKey(ssl, dtype, (void**)&ssl->eccTempKey); 4762 5260 ssl->eccTempKeyPresent = 0; 4763 5261 } 5262 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 4764 5263 #ifdef HAVE_CURVE25519 4765 else {4766 FreeKey(ssl, DYNAMIC_TYPE_CURVE25519, (void**)&ssl->eccTempKey);4767 ssl->eccTempKeyPresent = 0;4768 }4769 5264 FreeKey(ssl, DYNAMIC_TYPE_CURVE25519, (void**)&ssl->peerX25519Key); 4770 5265 ssl->peerX25519KeyPresent = 0; 4771 5266 #endif 4772 #endif /* HAVE_ECC */4773 5267 #ifdef HAVE_ED25519 4774 5268 FreeKey(ssl, DYNAMIC_TYPE_ED25519, (void**)&ssl->peerEd25519Key); … … 4800 5294 #endif 4801 5295 #endif /* HAVE_TLS_EXTENSIONS */ 5296 #if defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) 5297 if (ssl->mnCtx) { 5298 mynewt_ctx_clear(ssl->mnCtx); 5299 ssl->mnCtx = NULL; 5300 } 5301 #endif 4802 5302 #ifdef HAVE_NETX 4803 5303 if (ssl->nxCtx.nxPacket) 4804 5304 nx_packet_release(ssl->nxCtx.nxPacket); 4805 5305 #endif 4806 #if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)5306 #ifdef KEEP_PEER_CERT 4807 5307 FreeX509(&ssl->peerCert); 4808 5308 #endif … … 4842 5342 WOLFSSL_HEAP_HINT* ssl_hint = (WOLFSSL_HEAP_HINT*)ssl->heap; 4843 5343 WOLFSSL_HEAP* ctx_heap; 5344 void* heap = ssl->ctx ? ssl->ctx->heap : ssl->heap; 4844 5345 4845 5346 ctx_heap = ssl_hint->memory; … … 4861 5362 /* check if tracking stats */ 4862 5363 if (ctx_heap->flag & WOLFMEM_TRACK_STATS) { 4863 XFREE(ssl_hint->stats, ssl->ctx->heap, DYNAMIC_TYPE_SSL);4864 } 4865 XFREE(ssl->heap, ssl->ctx->heap, DYNAMIC_TYPE_SSL);5364 XFREE(ssl_hint->stats, heap, DYNAMIC_TYPE_SSL); 5365 } 5366 XFREE(ssl->heap, heap, DYNAMIC_TYPE_SSL); 4866 5367 #ifdef WOLFSSL_HEAP_TEST 4867 5368 } … … 4886 5387 ShrinkInputBuffer(ssl, NO_FORCED_FREE); 4887 5388 5389 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) 5390 if (!ssl->options.tls1_3) 5391 #endif 5392 { 4888 5393 /* suites */ 5394 #ifdef SINGLE_THREADED 5395 if (ssl->suites != ssl->ctx->suites) 5396 #endif 4889 5397 XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES); 4890 5398 ssl->suites = NULL; … … 4892 5400 /* hsHashes */ 4893 5401 FreeHandshakeHashes(ssl); 5402 } 4894 5403 4895 5404 /* RNG */ 4896 if (ssl->specs.cipher_type == stream || ssl->options.tls1_1 == 0) { 5405 if (ssl->options.tls1_1 == 0 5406 #ifndef WOLFSSL_AEAD_ONLY 5407 || ssl->specs.cipher_type == stream 5408 #endif 5409 #if defined(WOLFSSL_TLS13) 5410 #if !defined(WOLFSSL_POST_HANDSHAKE_AUTH) 5411 || ssl->options.tls1_3 5412 #elif !defined(HAVE_SESSION_TICKET) 5413 || (ssl->options.tls1_3 && ssl->options.side == WOLFSSL_SERVER_END) 5414 #endif 5415 #endif 5416 ) { 4897 5417 if (ssl->options.weOwnRng) { 4898 5418 wc_FreeRng(ssl->rng); … … 4913 5433 #endif 4914 5434 5435 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) && \ 5436 defined(HAVE_SESSION_TICKET) 5437 if (!ssl->options.tls1_3) 5438 #endif 4915 5439 /* arrays */ 4916 5440 if (ssl->options.saveArrays == 0) 4917 5441 FreeArrays(ssl, 1); 4918 5442 5443 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) 5444 if (!ssl->options.tls1_3 || ssl->options.side == WOLFSSL_CLIENT_END) 5445 #endif 5446 { 4919 5447 #ifndef NO_RSA 4920 5448 /* peerRsaKey */ … … 4922 5450 ssl->peerRsaKeyPresent = 0; 4923 5451 #endif 5452 #ifdef HAVE_ECC 5453 FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccDsaKey); 5454 ssl->peerEccDsaKeyPresent = 0; 5455 #endif /* HAVE_ECC */ 5456 #ifdef HAVE_ED25519 5457 FreeKey(ssl, DYNAMIC_TYPE_ED25519, (void**)&ssl->peerEd25519Key); 5458 ssl->peerEd25519KeyPresent = 0; 5459 #endif /* HAVE_ED25519 */ 5460 } 4924 5461 4925 5462 #ifdef HAVE_ECC 4926 5463 FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccKey); 4927 5464 ssl->peerEccKeyPresent = 0; 4928 FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccDsaKey); 4929 ssl->peerEccDsaKeyPresent = 0; 5465 #endif 5466 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 5467 { 5468 int dtype; 5469 #ifdef HAVE_ECC 5470 dtype = DYNAMIC_TYPE_ECC; 5471 #endif 4930 5472 #ifdef HAVE_CURVE25519 4931 if (ssl->ecdhCurveOID != ECC_X25519_OID) 4932 #endif /* HAVE_CURVE25519 */ 5473 #ifdef HAVE_ECC 5474 if (ssl->peerX25519KeyPresent || 5475 ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE25519) 5476 #endif /* HAVE_ECC */ 4933 5477 { 4934 FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->eccTempKey); 5478 dtype = DYNAMIC_TYPE_CURVE25519; 5479 } 5480 #endif /* HAVE_CURVE25519 */ 5481 FreeKey(ssl, dtype, (void**)&ssl->eccTempKey); 4935 5482 ssl->eccTempKeyPresent = 0; 4936 5483 } 5484 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 4937 5485 #ifdef HAVE_CURVE25519 4938 else {4939 FreeKey(ssl, DYNAMIC_TYPE_CURVE25519, (void**)&ssl->eccTempKey);4940 ssl->eccTempKeyPresent = 0;4941 }4942 5486 FreeKey(ssl, DYNAMIC_TYPE_CURVE25519, (void**)&ssl->peerX25519Key); 4943 5487 ssl->peerX25519KeyPresent = 0; 4944 #endif /* HAVE_CURVE25519 */4945 #endif /* HAVE_ECC */ 5488 #endif 5489 4946 5490 #ifndef NO_DH 4947 5491 if (ssl->buffers.serverDH_Priv.buffer) { … … 4954 5498 ssl->buffers.serverDH_Pub.buffer = NULL; 4955 5499 /* parameters (p,g) may be owned by ctx */ 4956 if (ssl->buffers.weOwnDH || ssl->options.side == WOLFSSL_CLIENT_END) {5500 if (ssl->buffers.weOwnDH) { 4957 5501 XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); 4958 5502 ssl->buffers.serverDH_G.buffer = NULL; … … 4961 5505 } 4962 5506 #endif /* !NO_DH */ 5507 4963 5508 #ifndef NO_CERTS 4964 5509 wolfSSL_UnloadCertsKeys(ssl); 4965 5510 #endif 4966 5511 #ifdef HAVE_PK_CALLBACKS 5512 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) 5513 if (!ssl->options.tls1_3 || ssl->options.side == WOLFSSL_CLIENT_END) 5514 #endif 5515 { 4967 5516 #ifdef HAVE_ECC 4968 5517 XFREE(ssl->buffers.peerEccDsaKey.buffer, ssl->heap, DYNAMIC_TYPE_ECC); … … 4978 5527 ssl->buffers.peerEd25519Key.buffer = NULL; 4979 5528 #endif 5529 } 4980 5530 #endif /* HAVE_PK_CALLBACKS */ 4981 5531 … … 4991 5541 ssl->session.ticketLen = 0; 4992 5542 } 5543 #endif 5544 5545 #if defined(HAVE_TLS_EXTENSIONS) && !defined(HAVE_SNI) && \ 5546 !defined(HAVE_ALPN) && !defined(WOLFSSL_POST_HANDSHAKE_AUTH) 5547 /* Some extensions need to be kept for post-handshake querying. */ 5548 TLSX_FreeAll(ssl->extensions, ssl->heap); 5549 ssl->extensions = NULL; 4993 5550 #endif 4994 5551 … … 5022 5579 { 5023 5580 if (ssl->ctx) { 5024 FreeSSL_Ctx(ssl->ctx); /* will decrement and free under yling CTX if 0 */5581 FreeSSL_Ctx(ssl->ctx); /* will decrement and free underlying CTX if 0 */ 5025 5582 } 5026 5583 SSL_ResourceFree(ssl); … … 5029 5586 } 5030 5587 5031 5032 #if !defined(NO_OLD_TLS) || defined(HAVE_CHACHA) || defined(HAVE_AESCCM) \ 5033 || defined(HAVE_AESGCM) || defined(WOLFSSL_DTLS) 5034 static INLINE void GetSEQIncrement(WOLFSSL* ssl, int verify, word32 seq[2]) 5588 #if !defined(NO_OLD_TLS) || defined(WOLFSSL_DTLS) || \ 5589 ((defined(HAVE_CHACHA) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM)) \ 5590 && defined(HAVE_AEAD)) 5591 5592 #if defined(WOLFSSL_DTLS) || !defined(WOLFSSL_NO_TLS12) 5593 static WC_INLINE void GetSEQIncrement(WOLFSSL* ssl, int verify, word32 seq[2]) 5035 5594 { 5036 5595 if (verify) { … … 5051 5610 } 5052 5611 } 5612 #endif /* WOLFSSL_DTLS || !WOLFSSL_NO_TLS12 */ 5053 5613 5054 5614 5055 5615 #ifdef WOLFSSL_DTLS 5056 static INLINE void DtlsGetSEQ(WOLFSSL* ssl, int order, word32 seq[2])5616 static WC_INLINE void DtlsGetSEQ(WOLFSSL* ssl, int order, word32 seq[2]) 5057 5617 { 5058 5618 if (order == PREV_ORDER) { … … 5098 5658 } 5099 5659 5100 static INLINE void DtlsSEQIncrement(WOLFSSL* ssl, int order)5660 static WC_INLINE void DtlsSEQIncrement(WOLFSSL* ssl, int order) 5101 5661 { 5102 5662 word32 seq; … … 5126 5686 #endif /* WOLFSSL_DTLS */ 5127 5687 5128 5129 static INLINE void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out)5688 #if defined(WOLFSSL_DTLS) || !defined(WOLFSSL_NO_TLS12) 5689 static WC_INLINE void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out) 5130 5690 { 5131 5691 word32 seq[2] = {0, 0}; … … 5143 5703 c32toa(seq[1], out + OPAQUE32_LEN); 5144 5704 } 5145 #endif 5146 5705 #endif /* WOLFSSL_DTLS || !WOLFSSL_NO_TLS12 */ 5706 #endif /* !NO_OLD_TLS || WOLFSSL_DTLS || 5707 * ((HAVE_CHACHA || HAVE_AESCCM || HAVE_AESGCM) && HAVE_AEAD) */ 5147 5708 5148 5709 #ifdef WOLFSSL_DTLS … … 5254 5815 } 5255 5816 5256 /* if no mes age data, just return */5817 /* if no message data, just return */ 5257 5818 if (fragSz == 0) 5258 5819 return 0; … … 5615 6176 } 5616 6177 6178 #ifndef WOLFSSL_NO_TLS12 6179 5617 6180 ProtocolVersion MakeDTLSv1_2(void) 5618 6181 { … … 5623 6186 return pv; 5624 6187 } 6188 6189 #endif /* !WOLFSSL_NO_TLS12 */ 5625 6190 5626 6191 #endif /* WOLFSSL_DTLS */ … … 5786 6351 } 5787 6352 6353 #elif defined(WOLFSSL_NUCLEUS_1_2) 6354 6355 #define NU_TICKS_PER_SECOND 100 6356 6357 word32 LowResTimer(void) 6358 { 6359 /* returns number of 10ms ticks, so 100 ticks/sec */ 6360 return NU_Retrieve_Clock() / NU_TICKS_PER_SECOND; 6361 } 6362 #elif defined(WOLFSSL_APACHE_MYNEWT) 6363 6364 #include "os/os_time.h" 6365 word32 LowResTimer(void) 6366 { 6367 word32 now; 6368 struct os_timeval tv; 6369 os_gettimeofday(&tv, NULL); 6370 now = (word32)tv.tv_sec; 6371 return now; 6372 } 6373 5788 6374 #else 5789 6375 /* Posix style time */ 6376 #ifndef USER_TIME 5790 6377 #include <time.h> 6378 #endif 5791 6379 5792 6380 word32 LowResTimer(void) 5793 6381 { 5794 return (word32)time(0); 5795 } 5796 5797 5798 #endif 5799 6382 return (word32)XTIME(0); 6383 } 6384 #endif 6385 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 6386 !defined(NO_ED25519_CLIENT_AUTH) 6387 /* Store the message for use with CertificateVerify using Ed25519. 6388 * 6389 * ssl SSL/TLS object. 6390 * data Message to store. 6391 * sz Size of message to store. 6392 * returns MEMORY_E if not able to reallocate, otherwise 0. 6393 */ 6394 static int Ed25519Update(WOLFSSL* ssl, const byte* data, int sz) 6395 { 6396 int ret = 0; 6397 byte* msgs; 6398 6399 if (ssl->options.cacheMessages) { 6400 msgs = (byte*)XREALLOC(ssl->hsHashes->messages, 6401 ssl->hsHashes->length + sz, 6402 ssl->heap, DYNAMIC_TYPE_HASHES); 6403 if (msgs == NULL) 6404 ret = MEMORY_E; 6405 if (ret == 0) { 6406 ssl->hsHashes->messages = msgs; 6407 XMEMCPY(msgs + ssl->hsHashes->length, data, sz); 6408 ssl->hsHashes->prevLen = ssl->hsHashes->length; 6409 ssl->hsHashes->length += sz; 6410 } 6411 } 6412 6413 return ret; 6414 } 6415 #endif /* HAVE_ED25519 && !WOLFSSL_NO_CLIENT_AUTH */ 5800 6416 5801 6417 #ifndef NO_CERTS … … 5839 6455 return ret; 5840 6456 #endif 6457 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 6458 !defined(NO_ED25519_CLIENT_AUTH) 6459 ret = Ed25519Update(ssl, output, sz); 6460 if (ret != 0) 6461 return ret; 6462 #endif 5841 6463 } 5842 6464 … … 5890 6512 return ret; 5891 6513 #endif 6514 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 6515 !defined(NO_ED25519_CLIENT_AUTH) 6516 ret = Ed25519Update(ssl, adj, sz); 6517 if (ret != 0) 6518 return ret; 6519 #endif 5892 6520 } 5893 6521 … … 5943 6571 return ret; 5944 6572 #endif 6573 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 6574 !defined(NO_ED25519_CLIENT_AUTH) 6575 ret = Ed25519Update(ssl, adj, sz); 6576 if (ret != 0) 6577 return ret; 6578 #endif 5945 6579 } 5946 6580 … … 5962 6596 rl->pvMajor = ssl->version.major; /* type and version same in each */ 5963 6597 #ifdef WOLFSSL_TLS13 5964 if (IsAtLeastTLSv1_3(ssl->version)) 6598 if (IsAtLeastTLSv1_3(ssl->version)) { 6599 #ifdef WOLFSSL_TLS13_DRAFT_18 5965 6600 rl->pvMinor = TLSv1_MINOR; 6601 #else 6602 rl->pvMinor = TLSv1_2_MINOR; 6603 #endif 6604 } 5966 6605 else 5967 6606 #endif … … 5993 6632 5994 6633 6634 #if !defined(WOLFSSL_NO_TLS12) || (defined(HAVE_SESSION_TICKET) && \ 6635 !defined(NO_WOLFSSL_SERVER)) 5995 6636 /* add handshake header for message */ 5996 6637 static void AddHandShakeHeader(byte* output, word32 length, … … 6005 6646 /* handshake header */ 6006 6647 hs = (HandShakeHeader*)output; 6648 if (hs == NULL) 6649 return; 6650 6007 6651 hs->type = type; 6008 6652 c32to24(length, hs->length); /* type and length same for each */ … … 6020 6664 } 6021 6665 6022 6023 6666 /* add both headers for handshake message */ 6024 6667 static void AddHeaders(byte* output, word32 length, byte type, WOLFSSL* ssl) … … 6037 6680 AddHandShakeHeader(output + outputAdj, length, 0, length, type, ssl); 6038 6681 } 6039 6040 6682 #endif /* !WOLFSSL_NO_TLS12 || (HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER) */ 6683 6684 6685 #ifndef WOLFSSL_NO_TLS12 6041 6686 #ifndef NO_CERTS 6042 6687 static void AddFragHeaders(byte* output, word32 fragSz, word32 fragOffset, … … 6058 6703 } 6059 6704 #endif /* NO_CERTS */ 6705 #endif /* !WOLFSSL_NO_TLS12 */ 6060 6706 6061 6707 6062 6708 /* return bytes received, -1 on error */ 6063 static int Receive(WOLFSSL* ssl, byte* buf, word32 sz)6709 static int wolfSSLReceive(WOLFSSL* ssl, byte* buf, word32 sz) 6064 6710 { 6065 6711 int recvd; 6066 6712 6067 if (ssl-> ctx->CBIORecv == NULL) {6713 if (ssl->CBIORecv == NULL) { 6068 6714 WOLFSSL_MSG("Your IO Recv callback is null, please set"); 6069 6715 return -1; … … 6071 6717 6072 6718 retry: 6073 recvd = ssl-> ctx->CBIORecv(ssl, (char *)buf, (int)sz, ssl->IOCB_ReadCtx);6719 recvd = ssl->CBIORecv(ssl, (char *)buf, (int)sz, ssl->IOCB_ReadCtx); 6074 6720 if (recvd < 0) 6075 6721 switch (recvd) { … … 6099 6745 XSTRNCPY(ssl->timeoutInfo.timeoutName, 6100 6746 "recv() timeout", MAX_TIMEOUT_NAME_SZ); 6747 ssl->timeoutInfo.timeoutName[ 6748 MAX_TIMEOUT_NAME_SZ] = '\0'; 6749 6101 6750 WOLFSSL_MSG("Got our timeout"); 6102 6751 return WANT_READ; … … 6110 6759 return -1; 6111 6760 6761 #ifdef WOLFSSL_DTLS 6112 6762 case WOLFSSL_CBIO_ERR_TIMEOUT: 6113 #ifdef WOLFSSL_DTLS6114 6763 if (IsDtlsNotSctpMode(ssl) && 6115 6764 !ssl->options.handShakeDone && … … 6119 6768 goto retry; 6120 6769 } 6121 #endif6122 6770 return -1; 6771 #endif 6123 6772 6124 6773 default: … … 6171 6820 int SendBuffered(WOLFSSL* ssl) 6172 6821 { 6173 if (ssl-> ctx->CBIOSend == NULL) {6822 if (ssl->CBIOSend == NULL) { 6174 6823 WOLFSSL_MSG("Your IO Send callback is null, please set"); 6175 6824 return SOCKET_ERROR_E; … … 6185 6834 6186 6835 while (ssl->buffers.outputBuffer.length > 0) { 6187 int sent = ssl-> ctx->CBIOSend(ssl,6836 int sent = ssl->CBIOSend(ssl, 6188 6837 (char*)ssl->buffers.outputBuffer.buffer + 6189 6838 ssl->buffers.outputBuffer.idx, … … 6210 6859 XSTRNCPY(ssl->timeoutInfo.timeoutName, 6211 6860 "send() timeout", MAX_TIMEOUT_NAME_SZ); 6861 ssl->timeoutInfo.timeoutName[ 6862 MAX_TIMEOUT_NAME_SZ] = '\0'; 6863 6212 6864 WOLFSSL_MSG("Got our timeout"); 6213 6865 return WANT_WRITE; … … 6247 6899 6248 6900 /* Grow the output buffer */ 6249 static INLINE int GrowOutputBuffer(WOLFSSL* ssl, int size)6901 static WC_INLINE int GrowOutputBuffer(WOLFSSL* ssl, int size) 6250 6902 { 6251 6903 byte* tmp; … … 6444 7096 if (rh->pvMajor != ssl->version.major || 6445 7097 (rh->pvMinor != ssl->version.minor && 6446 (!IsAtLeastTLSv1_3(ssl->version) || rh->pvMinor != TLSv1_MINOR))) 7098 #ifdef WOLFSSL_TLS13_DRAFT_18 7099 (!IsAtLeastTLSv1_3(ssl->version) || rh->pvMinor != TLSv1_MINOR) 7100 #else 7101 (!IsAtLeastTLSv1_3(ssl->version) || rh->pvMinor != TLSv1_2_MINOR) 7102 #endif 7103 )) 6447 7104 #endif 6448 7105 { … … 6494 7151 } 6495 7152 6496 7153 #ifndef WOLFSSL_NO_TLS12 6497 7154 static int GetHandShakeHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx, 6498 7155 byte *type, word32 *size, word32 totalSz) … … 6510 7167 return 0; 6511 7168 } 6512 7169 #endif 6513 7170 6514 7171 #ifdef WOLFSSL_DTLS … … 6669 7326 #endif 6670 7327 7328 #ifndef WOLFSSL_NO_TLS12 7329 6671 7330 /* Finished doesn't support SHA512, not SHA512 cipher suites yet */ 6672 7331 static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) 6673 7332 { 6674 7333 int ret = 0; 6675 #ifdef WOLFSSL_SHA3846676 #ifdef WOLFSSL_SMALL_STACK6677 wc_Sha384* sha384;6678 #else6679 wc_Sha384 sha384[1];6680 #endif /* WOLFSSL_SMALL_STACK */6681 #endif /* WOLFSSL_SHA384 */6682 7334 6683 7335 if (ssl == NULL) 6684 7336 return BAD_FUNC_ARG; 6685 6686 #ifdef WOLFSSL_SHA3846687 #ifdef WOLFSSL_SMALL_STACK6688 sha384 = (wc_Sha384*)XMALLOC(sizeof(wc_Sha384), ssl->heap, DYNAMIC_TYPE_HASHCTX);6689 if (sha384 == NULL)6690 return MEMORY_E;6691 #endif /* WOLFSSL_SMALL_STACK */6692 #endif /* WOLFSSL_SHA384 */6693 6694 /* store current states, building requires get_digest which resets state */6695 #ifdef WOLFSSL_SHA3846696 sha384[0] = ssl->hsHashes->hashSha384;6697 #endif6698 7337 6699 7338 #ifndef NO_TLS … … 6711 7350 #endif 6712 7351 6713 /* restore */6714 if (IsAtLeastTLSv1_2(ssl)) {6715 #ifdef WOLFSSL_SHA3846716 ssl->hsHashes->hashSha384 = sha384[0];6717 #endif6718 }6719 6720 #ifdef WOLFSSL_SHA3846721 #ifdef WOLFSSL_SMALL_STACK6722 XFREE(sha384, ssl->heap, DYNAMIC_TYPE_HASHCTX);6723 #endif6724 #endif6725 6726 7352 return ret; 6727 7353 } 6728 7354 6729 7355 #endif /* WOLFSSL_NO_TLS12 */ 7356 7357 #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT) 6730 7358 /* cipher requirements */ 6731 7359 enum { … … 6747 7375 { 6748 7376 7377 (void)requirement; 7378 7379 #ifndef WOLFSSL_NO_TLS12 7380 7381 #ifdef HAVE_CHACHA 6749 7382 if (first == CHACHA_BYTE) { 6750 7383 6751 7384 switch (second) { 6752 6753 7385 case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 : 6754 7386 if (requirement == REQUIRES_RSA) … … 6804 7436 } 6805 7437 } 7438 #endif /* HAVE_CHACHA */ 6806 7439 6807 7440 /* ECC extensions */ … … 6809 7442 6810 7443 switch (second) { 6811 7444 #ifdef HAVE_ECC 6812 7445 #ifndef NO_RSA 6813 7446 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : … … 6835 7468 return 1; 6836 7469 break; 6837 #endif 7470 #endif /* !NO_DES3 */ 6838 7471 6839 7472 #ifndef NO_RC4 … … 6849 7482 return 1; 6850 7483 break; 6851 #endif 7484 #endif /* !NO_RC4 */ 6852 7485 #endif /* NO_RSA */ 6853 7486 … … 6862 7495 return 1; 6863 7496 break; 6864 #endif 7497 #endif /* !NO_DES3 */ 6865 7498 #ifndef NO_RC4 6866 7499 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : … … 6873 7506 return 1; 6874 7507 break; 6875 #endif 7508 #endif /* !NO_RC4 */ 6876 7509 #ifndef NO_RSA 6877 7510 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : … … 6886 7519 return 1; 6887 7520 break; 6888 #endif 7521 #endif /* !NO_RSA */ 6889 7522 6890 7523 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : … … 6927 7560 return 1; 6928 7561 break; 7562 #endif /* HAVE_ECC */ 6929 7563 6930 7564 #ifndef NO_RSA 7565 #ifdef HAVE_ECC 6931 7566 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : 6932 7567 if (requirement == REQUIRES_RSA) … … 6952 7587 return 1; 6953 7588 break; 6954 7589 #endif /* HAVE_ECC */ 7590 #ifdef HAVE_AESCCM 6955 7591 case TLS_RSA_WITH_AES_128_CCM_8 : 6956 7592 case TLS_RSA_WITH_AES_256_CCM_8 : … … 6960 7596 return 1; 6961 7597 break; 7598 #endif /* HAVE_AESCCM */ 7599 #ifdef HAVE_ECC 6962 7600 6963 7601 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : … … 6974 7612 return 1; 6975 7613 break; 6976 #endif 6977 7614 #endif /* HAVE_ECC */ 7615 #endif /* !NO_RSA */ 7616 7617 #ifdef HAVE_ECC 6978 7618 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM : 6979 7619 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : … … 6996 7636 return 1; 6997 7637 break; 6998 7638 #endif /* HAVE_ECC */ 7639 7640 #ifndef NO_PSK 6999 7641 case TLS_PSK_WITH_AES_128_CCM: 7000 7642 case TLS_PSK_WITH_AES_256_CCM: … … 7012 7654 return 1; 7013 7655 break; 7014 7656 #endif /* !NO_PSK */ 7657 #ifdef HAVE_ECC 7015 7658 case TLS_ECDHE_ECDSA_WITH_NULL_SHA : 7016 7659 if (requirement == REQUIRES_ECC) … … 7027 7670 return 1; 7028 7671 break; 7029 7672 #endif /* HAVE_ECC */ 7030 7673 default: 7031 7674 WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC"); … … 7033 7676 } /* switch */ 7034 7677 } /* if */ 7678 7679 #endif /* !WOLFSSL_NO_TLS12 */ 7035 7680 7036 7681 /* Distinct TLS v1.3 cipher suites with cipher and digest only. */ … … 7054 7699 } 7055 7700 7701 #ifndef WOLFSSL_NO_TLS12 7702 7056 7703 if (first != ECC_BYTE && first != CHACHA_BYTE && 7057 7704 first != TLS13_BYTE) { /* normal suites */ … … 7059 7706 7060 7707 #ifndef NO_RSA 7708 #ifndef NO_RC4 7061 7709 case SSL_RSA_WITH_RC4_128_SHA : 7062 7710 if (requirement == REQUIRES_RSA) … … 7068 7716 return 1; 7069 7717 break; 7718 #endif /* NO_RC4 */ 7070 7719 7071 7720 case SSL_RSA_WITH_3DES_EDE_CBC_SHA : … … 7074 7723 break; 7075 7724 7725 #ifdef HAVE_NTRU 7076 7726 case TLS_NTRU_RSA_WITH_RC4_128_SHA : 7077 7727 if (requirement == REQUIRES_NTRU) 7078 7728 return 1; 7079 7729 break; 7730 #endif /* HAVE_NTRU */ 7080 7731 7081 7732 case TLS_RSA_WITH_AES_128_CBC_SHA : … … 7089 7740 break; 7090 7741 7742 #ifdef HAVE_NTRU 7091 7743 case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : 7092 7744 if (requirement == REQUIRES_NTRU) 7093 7745 return 1; 7094 7746 break; 7747 #endif /* HAVE_NTRU */ 7095 7748 7096 7749 case TLS_RSA_WITH_AES_256_CBC_SHA : … … 7099 7752 break; 7100 7753 7754 #ifdef HAVE_NTRU 7101 7755 case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : 7102 7756 if (requirement == REQUIRES_NTRU) 7103 7757 return 1; 7104 7758 break; 7759 #endif /* HAVE_NTRU */ 7105 7760 7106 7761 case TLS_RSA_WITH_AES_256_CBC_SHA256 : … … 7115 7770 break; 7116 7771 7772 #ifdef HAVE_NTRU 7117 7773 case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : 7118 7774 if (requirement == REQUIRES_NTRU) 7119 7775 return 1; 7120 7776 break; 7121 7777 #endif /* HAVE_NTRU */ 7778 7779 #ifdef HAVE_IDEA 7122 7780 case SSL_RSA_WITH_IDEA_CBC_SHA : 7123 7781 if (requirement == REQUIRES_RSA) 7124 7782 return 1; 7125 7783 break; 7126 #endif 7127 7784 #endif /* HAVE_IDEA */ 7785 #endif /* !NO_RSA */ 7786 7787 #ifndef NO_PSK 7128 7788 case TLS_PSK_WITH_AES_128_GCM_SHA256 : 7129 7789 case TLS_PSK_WITH_AES_256_GCM_SHA384 : … … 7150 7810 return 1; 7151 7811 break; 7812 #endif /* NO_PSK */ 7152 7813 7153 7814 #ifndef NO_RSA … … 7180 7841 break; 7181 7842 7843 #ifndef NO_HC128 7182 7844 case TLS_RSA_WITH_HC_128_MD5 : 7183 7845 if (requirement == REQUIRES_RSA) … … 7194 7856 return 1; 7195 7857 break; 7196 7858 #endif /* NO_HC128 */ 7859 7860 #ifdef HAVE_BLAKE2 7197 7861 case TLS_RSA_WITH_AES_128_CBC_B2B256: 7198 7862 case TLS_RSA_WITH_AES_256_CBC_B2B256: … … 7200 7864 return 1; 7201 7865 break; 7202 7866 #endif /* HAVE_BLAKE2 */ 7867 7868 #ifndef NO_RABBIT 7203 7869 case TLS_RSA_WITH_RABBIT_SHA : 7204 7870 if (requirement == REQUIRES_RSA) 7205 7871 return 1; 7206 7872 break; 7873 #endif /* !NO_RABBIT */ 7207 7874 7208 7875 case TLS_RSA_WITH_AES_128_GCM_SHA256 : … … 7220 7887 break; 7221 7888 7889 #ifdef HAVE_CAMELLIA 7222 7890 case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : 7223 7891 case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : … … 7239 7907 return 1; 7240 7908 break; 7909 #endif /* HAVE_CAMELLIA */ 7241 7910 7242 7911 case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: … … 7254 7923 return 1; 7255 7924 break; 7925 case TLS_DH_anon_WITH_AES_256_GCM_SHA384: 7926 if (requirement == REQUIRES_DHE) 7927 return 1; 7928 break; 7256 7929 #endif 7257 7930 #ifdef WOLFSSL_MULTICAST … … 7266 7939 } /* if ECC / Normal suites else */ 7267 7940 7941 #endif /* !WOLFSSL_NO_TLS12 */ 7942 7268 7943 return 0; 7269 7944 } 7945 7946 #endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */ 7270 7947 7271 7948 … … 7280 7957 int MatchDomainName(const char* pattern, int len, const char* str) 7281 7958 { 7959 int ret = 0; 7282 7960 char p, s; 7283 7961 … … 7288 7966 7289 7967 p = (char)XTOLOWER((unsigned char)*pattern++); 7290 if (p == 0)7968 if (p == '\0') 7291 7969 break; 7292 7970 … … 7312 7990 } 7313 7991 7314 if (*str != '\0') 7992 7993 if (len > 0) { 7315 7994 str++; 7316 7317 if (len > 0)7318 7995 len--; 7319 7996 } 7320 7321 return *str == '\0'; 7997 } 7998 7999 if (*str == '\0' && len == 0) { 8000 ret = 1; /* success */ 8001 } 8002 8003 return ret; 7322 8004 } 7323 8005 … … 7337 8019 WOLFSSL_MSG("\tindividual AltName check"); 7338 8020 7339 if (MatchDomainName(altName->name, (int)XSTRLEN(altName->name), domain)){8021 if (MatchDomainName(altName->name, altName->len, domain)){ 7340 8022 match = 1; 7341 8023 break; … … 7374 8056 WOLFSSL_MSG("\tindividual AltName check"); 7375 8057 7376 if (MatchDomainName(altName->name, (int)XSTRLEN(altName->name), 7377 domain)) { 8058 if (MatchDomainName(altName->name, altName->len, domain)) { 7378 8059 match = 1; 7379 8060 *checkCN = 0; … … 7437 8118 #endif 7438 8119 7439 #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) 8120 #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \ 8121 defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 7440 8122 /* Copy parts X509 needs from Decoded cert, 0 on success */ 8123 /* The same DecodedCert cannot be copied to WOLFSSL_X509 twice otherwise the 8124 * altNames pointers could be free'd by second x509 still active by first */ 7441 8125 int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert) 7442 8126 { … … 7452 8136 x509->issuer.name[ASN_NAME_MAX - 1] = '\0'; 7453 8137 x509->issuer.sz = (int)XSTRLEN(x509->issuer.name) + 1; 7454 #if def OPENSSL_EXTRA8138 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 7455 8139 if (dCert->issuerName.fullName != NULL) { 7456 8140 XMEMCPY(&x509->issuer.fullName, … … 7464 8148 } 7465 8149 x509->issuer.x509 = x509; 7466 #endif /* OPENSSL_EXTRA */8150 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 7467 8151 7468 8152 XSTRNCPY(x509->subject.name, dCert->subject, ASN_NAME_MAX); 7469 8153 x509->subject.name[ASN_NAME_MAX - 1] = '\0'; 7470 8154 x509->subject.sz = (int)XSTRLEN(x509->subject.name) + 1; 7471 #if def OPENSSL_EXTRA8155 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 7472 8156 if (dCert->subjectName.fullName != NULL) { 7473 8157 XMEMCPY(&x509->subject.fullName, … … 7480 8164 } 7481 8165 x509->subject.x509 = x509; 7482 #endif /* OPENSSL_EXTRA */ 7483 #ifdef WOLFSSL_NGINX 7484 XMEMCPY(x509->subject.raw, dCert->subjectRaw, dCert->subjectRawLen); 7485 x509->subject.rawLen = dCert->subjectRawLen; 8166 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 8167 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 8168 x509->subject.rawLen = min(dCert->subjectRawLen, sizeof(x509->subject.raw)); 8169 XMEMCPY(x509->subject.raw, dCert->subjectRaw, x509->subject.rawLen); 8170 #ifdef WOLFSSL_CERT_EXT 8171 x509->issuer.rawLen = min(dCert->issuerRawLen, sizeof(x509->issuer.raw)); 8172 XMEMCPY(x509->issuer.raw, dCert->issuerRaw, x509->issuer.rawLen); 8173 #endif 7486 8174 #endif 7487 8175 7488 8176 XMEMCPY(x509->serial, dCert->serial, EXTERNAL_SERIAL_SIZE); 7489 8177 x509->serialSz = dCert->serialSz; 7490 if (dCert->subjectCN Len < ASN_NAME_MAX) {8178 if (dCert->subjectCN && dCert->subjectCNLen < ASN_NAME_MAX) { 7491 8179 XMEMCPY(x509->subjectCN, dCert->subjectCN, dCert->subjectCNLen); 7492 8180 x509->subjectCN[dCert->subjectCNLen] = '\0'; … … 7575 8263 x509->altNamesNext = x509->altNames; /* index hint */ 7576 8264 8265 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ 8266 !defined(IGNORE_NAME_CONSTRAINTS) 8267 /* add copies of alternate emails from dCert to X509 */ 8268 if (dCert->altEmailNames != NULL) { 8269 DNS_entry* cur = dCert->altEmailNames; 8270 8271 while (cur != NULL) { 8272 if (cur->type == ASN_RFC822_TYPE) { 8273 DNS_entry* dnsEntry; 8274 int strLen = cur->len; 8275 8276 dnsEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), x509->heap, 8277 DYNAMIC_TYPE_ALTNAME); 8278 if (dnsEntry == NULL) { 8279 WOLFSSL_MSG("\tOut of Memory"); 8280 return MEMORY_E; 8281 } 8282 8283 dnsEntry->type = ASN_RFC822_TYPE; 8284 dnsEntry->name = (char*)XMALLOC(strLen + 1, x509->heap, 8285 DYNAMIC_TYPE_ALTNAME); 8286 if (dnsEntry->name == NULL) { 8287 WOLFSSL_MSG("\tOut of Memory"); 8288 XFREE(dnsEntry, x509->heap, DYNAMIC_TYPE_ALTNAME); 8289 return MEMORY_E; 8290 } 8291 dnsEntry->len = strLen; 8292 XMEMCPY(dnsEntry->name, cur->name, strLen); 8293 dnsEntry->name[strLen] = '\0'; 8294 8295 dnsEntry->next = x509->altNames; 8296 x509->altNames = dnsEntry; 8297 } 8298 cur = cur->next; 8299 } 8300 } 8301 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 8302 7577 8303 x509->isCa = dCert->isCA; 7578 #if def OPENSSL_EXTRA8304 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 7579 8305 x509->pathLength = dCert->pathLength; 7580 8306 x509->keyUsage = dCert->extKeyUsage; … … 7657 8383 } 7658 8384 #endif /* WOLFSSL_CERT_EXT */ 7659 #endif /* OPENSSL_EXTRA */7660 #if def HAVE_ECC8385 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 8386 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 7661 8387 x509->pkCurveOID = dCert->pkCurveOID; 7662 8388 #endif /* HAVE_ECC */ … … 7666 8392 7667 8393 #endif /* KEEP_PEER_CERT || SESSION_CERTS */ 8394 8395 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ 8396 (defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && !defined(WOLFSSL_NO_TLS12)) 8397 static int ProcessCSR(WOLFSSL* ssl, byte* input, word32* inOutIdx, 8398 word32 status_length) 8399 { 8400 int ret = 0; 8401 OcspRequest* request; 8402 8403 #ifdef WOLFSSL_SMALL_STACK 8404 CertStatus* status; 8405 OcspResponse* response; 8406 #else 8407 CertStatus status[1]; 8408 OcspResponse response[1]; 8409 #endif 8410 8411 do { 8412 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST 8413 if (ssl->status_request) { 8414 request = (OcspRequest*)TLSX_CSR_GetRequest(ssl->extensions); 8415 ssl->status_request = 0; 8416 break; 8417 } 8418 #endif 8419 8420 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 8421 if (ssl->status_request_v2) { 8422 request = (OcspRequest*)TLSX_CSR2_GetRequest(ssl->extensions, 8423 WOLFSSL_CSR2_OCSP, 0); 8424 ssl->status_request_v2 = 0; 8425 break; 8426 } 8427 #endif 8428 8429 return BUFFER_ERROR; 8430 } while(0); 8431 8432 if (request == NULL) 8433 return BAD_CERTIFICATE_STATUS_ERROR; /* not expected */ 8434 8435 #ifdef WOLFSSL_SMALL_STACK 8436 status = (CertStatus*)XMALLOC(sizeof(CertStatus), ssl->heap, 8437 DYNAMIC_TYPE_OCSP_STATUS); 8438 response = (OcspResponse*)XMALLOC(sizeof(OcspResponse), ssl->heap, 8439 DYNAMIC_TYPE_OCSP_REQUEST); 8440 8441 if (status == NULL || response == NULL) { 8442 if (status) 8443 XFREE(status, NULL, DYNAMIC_TYPE_OCSP_STATUS); 8444 if (response) 8445 XFREE(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST); 8446 8447 return MEMORY_ERROR; 8448 } 8449 #endif 8450 8451 InitOcspResponse(response, status, input +*inOutIdx, status_length); 8452 8453 if (OcspResponseDecode(response, ssl->ctx->cm, ssl->heap, 0) != 0) 8454 ret = BAD_CERTIFICATE_STATUS_ERROR; 8455 else if (CompareOcspReqResp(request, response) != 0) 8456 ret = BAD_CERTIFICATE_STATUS_ERROR; 8457 else if (response->responseStatus != OCSP_SUCCESSFUL) 8458 ret = BAD_CERTIFICATE_STATUS_ERROR; 8459 else if (response->status->status == CERT_REVOKED) 8460 ret = OCSP_CERT_REVOKED; 8461 else if (response->status->status != CERT_GOOD) 8462 ret = BAD_CERTIFICATE_STATUS_ERROR; 8463 8464 *inOutIdx += status_length; 8465 8466 #ifdef WOLFSSL_SMALL_STACK 8467 XFREE(status, ssl->heap, DYNAMIC_TYPE_OCSP_STATUS); 8468 XFREE(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 8469 #endif 8470 8471 return ret; 8472 } 8473 #endif 8474 8475 8476 8477 #ifdef HAVE_PK_CALLBACKS 8478 8479 #ifdef HAVE_ECC 8480 static int SigPkCbEccVerify(const unsigned char* sig, unsigned int sigSz, 8481 const unsigned char* hash, unsigned int hashSz, 8482 const unsigned char* keyDer, unsigned int keySz, 8483 int* result, void* ctx) 8484 { 8485 int ret = NOT_COMPILED_IN; 8486 WOLFSSL* ssl = (WOLFSSL*)ctx; 8487 8488 if (ssl && ssl->ctx->EccVerifyCb) { 8489 ret = ssl->ctx->EccVerifyCb(ssl, sig, sigSz, hash, hashSz, 8490 keyDer, keySz, result, ssl->EccVerifyCtx); 8491 } 8492 return ret; 8493 } 8494 #endif 8495 #ifndef NO_RSA 8496 static int SigPkCbRsaVerify(unsigned char* sig, unsigned int sigSz, 8497 unsigned char** out, const unsigned char* keyDer, unsigned int keySz, 8498 void* ctx) 8499 { 8500 int ret = NOT_COMPILED_IN; 8501 WOLFSSL* ssl = (WOLFSSL*)ctx; 8502 8503 if (ssl && ssl->ctx->RsaVerifyCb) { 8504 ret = ssl->ctx->RsaVerifyCb(ssl, sig, sigSz, out, keyDer, keySz, 8505 ssl->RsaVerifyCtx); 8506 } 8507 return ret; 8508 } 8509 #endif 8510 8511 int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx) 8512 { 8513 if (ssl == NULL || sigCtx == NULL) 8514 return BAD_FUNC_ARG; 8515 8516 /* only setup the verify callback if a PK is set */ 8517 #ifdef HAVE_ECC 8518 if (ssl->ctx->EccVerifyCb) { 8519 sigCtx->pkCbEcc = SigPkCbEccVerify; 8520 sigCtx->pkCtxEcc = ssl; 8521 } 8522 #endif 8523 #ifndef NO_RSA 8524 /* only setup the verify callback if a PK is set */ 8525 if (ssl->ctx->RsaVerifyCb) { 8526 sigCtx->pkCbRsa = SigPkCbRsaVerify; 8527 sigCtx->pkCtxRsa = ssl; 8528 } 8529 #endif 8530 8531 return 0; 8532 } 8533 8534 #endif /* HAVE_PK_CALLBACKS */ 8535 7668 8536 7669 8537 typedef struct ProcPeerCertArgs { 7670 8538 buffer* certs; 7671 8539 #ifdef WOLFSSL_TLS13 7672 buffer* exts; /* exten tions */8540 buffer* exts; /* extensions */ 7673 8541 #endif 7674 8542 DecodedCert* dCert; 7675 char* domain;7676 8543 word32 idx; 7677 8544 word32 begin; 7678 8545 int totalCerts; /* number of certs in certs buffer */ 7679 8546 int count; 7680 int dCertInit;7681 8547 int certIdx; 7682 int fatal;7683 8548 int lastErr; 7684 8549 #ifdef WOLFSSL_ALT_CERT_CHAINS … … 7688 8553 byte ctxSz; 7689 8554 #endif 8555 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 8556 char untrustedDepth; 8557 #endif 8558 word16 fatal:1; 8559 word16 verifyErr:1; 8560 word16 dCertInit:1; 7690 8561 #ifdef WOLFSSL_TRUST_PEER_CERT 7691 byte haveTrustPeer; /* was cert verified by loaded trusted peer cert */ 7692 #endif 7693 #ifdef OPENSSL_EXTRA 7694 char untrustedDepth; 8562 word16 haveTrustPeer:1; /* was cert verified by loaded trusted peer cert */ 7695 8563 #endif 7696 8564 } ProcPeerCertArgs; 8565 8566 /* WOLFSSL_ALWAYS_VERIFY_CB: Use verify callback for success or failure cases */ 8567 /* WOLFSSL_VERIFY_CB_ALL_CERTS: Issue callback for all intermediate certificates */ 8568 8569 /* Callback is issued for certificate presented in TLS Certificate (11) packet. 8570 * The intermediates are done first then peer leaf cert last. Use the 8571 * store->error_depth member to determine index (0=peer, >1 intermediates) 8572 */ 8573 8574 static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args) 8575 { 8576 int verify_ok = 0, alertWhy = 0, use_cb = 0; 8577 8578 /* Determine return code and alert reason */ 8579 if (ret != 0) { 8580 alertWhy = bad_certificate; 8581 if (ret == ASN_AFTER_DATE_E || 8582 ret == ASN_BEFORE_DATE_E) { 8583 alertWhy = certificate_expired; 8584 } 8585 } 8586 else { 8587 verify_ok = 1; 8588 } 8589 8590 /* Determine if verify callback should be used */ 8591 if (ret != 0) { 8592 if (!ssl->options.verifyNone) { 8593 use_cb = 1; /* always report errors */ 8594 } 8595 } 8596 #ifdef WOLFSSL_ALWAYS_VERIFY_CB 8597 /* always use verify callback on peer leaf cert */ 8598 if (args->certIdx == 0) { 8599 use_cb = 1; 8600 } 8601 #endif 8602 #ifdef WOLFSSL_VERIFY_CB_ALL_CERTS 8603 /* perform verify callback on other intermediate certs (not just peer) */ 8604 if (args->certIdx > 0) { 8605 use_cb = 1; 8606 } 8607 #endif 8608 8609 /* if verify callback has been set */ 8610 if (use_cb && ssl->verifyCallback) { 8611 #ifdef WOLFSSL_SMALL_STACK 8612 WOLFSSL_X509_STORE_CTX* store; 8613 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 8614 WOLFSSL_X509* x509; 8615 #endif 8616 char* domain = NULL; 8617 #else 8618 WOLFSSL_X509_STORE_CTX store[1]; 8619 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 8620 WOLFSSL_X509 x509[1]; 8621 #endif 8622 char domain[ASN_NAME_MAX]; 8623 #endif 8624 8625 #ifdef WOLFSSL_SMALL_STACK 8626 store = (WOLFSSL_X509_STORE_CTX*)XMALLOC( 8627 sizeof(WOLFSSL_X509_STORE_CTX), ssl->heap, DYNAMIC_TYPE_X509_STORE); 8628 if (store == NULL) { 8629 return MEMORY_E; 8630 } 8631 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 8632 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), ssl->heap, 8633 DYNAMIC_TYPE_X509); 8634 if (x509 == NULL) { 8635 XFREE(store, ssl->heap, DYNAMIC_TYPE_X509); 8636 return MEMORY_E; 8637 } 8638 #endif 8639 domain = (char*)XMALLOC(ASN_NAME_MAX, ssl->heap, DYNAMIC_TYPE_STRING); 8640 if (domain == NULL) { 8641 XFREE(store, ssl->heap, DYNAMIC_TYPE_X509); 8642 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 8643 XFREE(x509, ssl->heap, DYNAMIC_TYPE_X509); 8644 #endif 8645 return MEMORY_E; 8646 } 8647 #endif /* WOLFSSL_SMALL_STACK */ 8648 8649 XMEMSET(store, 0, sizeof(WOLFSSL_X509_STORE_CTX)); 8650 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 8651 XMEMSET(x509, 0, sizeof(WOLFSSL_X509)); 8652 #endif 8653 domain[0] = '\0'; 8654 8655 /* build subject CN as string to return in store */ 8656 if (args->dCertInit && args->dCert && args->dCert->subjectCN) { 8657 int subjectCNLen = args->dCert->subjectCNLen; 8658 if (subjectCNLen > ASN_NAME_MAX-1) 8659 subjectCNLen = ASN_NAME_MAX-1; 8660 if (subjectCNLen > 0) { 8661 XMEMCPY(domain, args->dCert->subjectCN, subjectCNLen); 8662 domain[subjectCNLen] = '\0'; 8663 } 8664 } 8665 8666 store->error = ret; 8667 store->error_depth = args->certIdx; 8668 store->discardSessionCerts = 0; 8669 store->domain = domain; 8670 store->userCtx = ssl->verifyCbCtx; 8671 store->certs = args->certs; 8672 store->totalCerts = args->totalCerts; 8673 store->ex_data = ssl; 8674 8675 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 8676 if (ssl->ctx->x509_store_pt != NULL) { 8677 store->store = ssl->ctx->x509_store_pt; 8678 } 8679 else { 8680 store->store = &ssl->ctx->x509_store; 8681 } 8682 #endif 8683 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 8684 #ifdef KEEP_PEER_CERT 8685 if (args->certIdx == 0) { 8686 store->current_cert = &ssl->peerCert; /* use existing X509 */ 8687 } 8688 else 8689 #endif 8690 { 8691 InitX509(x509, 0, ssl->heap); 8692 if (CopyDecodedToX509(x509, args->dCert) == 0) { 8693 store->current_cert = x509; 8694 } 8695 } 8696 #endif 8697 #ifdef SESSION_CERTS 8698 store->sesChain = &ssl->session.chain; 8699 #endif 8700 /* non-zero return code indicates failure override */ 8701 if (ssl->verifyCallback(verify_ok, store)) { 8702 if (ret != 0) { 8703 WOLFSSL_MSG("Verify callback overriding error!"); 8704 ret = 0; 8705 } 8706 } 8707 else { 8708 /* induce error if one not present */ 8709 if (ret == 0) { 8710 ret = VERIFY_CERT_ERROR; 8711 } 8712 8713 /* mark as verify error */ 8714 args->verifyErr = 1; 8715 } 8716 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 8717 if (args->certIdx > 0) 8718 FreeX509(x509); 8719 #endif 8720 #if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA) 8721 wolfSSL_sk_X509_free(store->chain); 8722 store->chain = NULL; 8723 #endif 8724 #ifdef SESSION_CERTS 8725 if (store->discardSessionCerts) { 8726 WOLFSSL_MSG("Verify callback requested discard sess certs"); 8727 ssl->session.chain.count = 0; 8728 #ifdef WOLFSSL_ALT_CERT_CHAINS 8729 ssl->session.altChain.count = 0; 8730 #endif 8731 } 8732 #endif /* SESSION_CERTS */ 8733 #ifdef WOLFSSL_SMALL_STACK 8734 XFREE(domain, ssl->heap, DYNAMIC_TYPE_STRING); 8735 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 8736 XFREE(x509, ssl->heap, DYNAMIC_TYPE_X509); 8737 #endif 8738 XFREE(store, ssl->heap, DYNAMIC_TYPE_X509_STORE); 8739 #endif 8740 } 8741 8742 if (ret != 0) { 8743 if (!ssl->options.verifyNone) { 8744 /* handle failure */ 8745 SendAlert(ssl, alert_fatal, alertWhy); /* try to send */ 8746 ssl->options.isClosed = 1; 8747 } 8748 8749 /* Report SSL error */ 8750 ssl->error = ret; 8751 } 8752 8753 return ret; 8754 } 7697 8755 7698 8756 static void FreeProcPeerCertArgs(WOLFSSL* ssl, void* pArgs) … … 7702 8760 (void)ssl; 7703 8761 7704 if (args->domain) {7705 XFREE(args->domain, ssl->heap, DYNAMIC_TYPE_STRING);7706 args->domain = NULL;7707 }7708 8762 if (args->certs) { 7709 8763 XFREE(args->certs, ssl->heap, DYNAMIC_TYPE_DER); … … 7729 8783 word32 totalSz) 7730 8784 { 7731 int ret = 0 ;8785 int ret = 0, sigRet = 0; 7732 8786 #ifdef WOLFSSL_ASYNC_CRYPT 7733 8787 ProcPeerCertArgs* args = (ProcPeerCertArgs*)ssl->async.args; 7734 8788 typedef char args_test[sizeof(ssl->async.args) >= sizeof(*args) ? 1 : -1]; 7735 8789 (void)sizeof(args_test); 8790 #elif defined(WOLFSSL_NONBLOCK_OCSP) 8791 ProcPeerCertArgs* args = ssl->nonblockarg; 8792 #elif defined(WOLFSSL_SMALL_STACK) 8793 ProcPeerCertArgs* args = NULL; 7736 8794 #else 7737 8795 ProcPeerCertArgs args[1]; … … 7753 8811 } 7754 8812 else 8813 #elif defined(WOLFSSL_NONBLOCK_OCSP) 8814 if (args == NULL) { 8815 args = (ProcPeerCertArgs*)XMALLOC( 8816 sizeof(ProcPeerCertArgs), ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); 8817 if (args == NULL) { 8818 ERROR_OUT(MEMORY_E, exit_ppc); 8819 } 8820 } 8821 if (ssl->nonblockarg == NULL) /* new args */ 8822 #elif defined(WOLFSSL_SMALL_STACK) 8823 args = (ProcPeerCertArgs*)XMALLOC( 8824 sizeof(ProcPeerCertArgs), ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); 8825 if (args == NULL) { 8826 ERROR_OUT(MEMORY_E, exit_ppc); 8827 } 7755 8828 #endif 7756 8829 { … … 7763 8836 #ifdef WOLFSSL_ASYNC_CRYPT 7764 8837 ssl->async.freeArgs = FreeProcPeerCertArgs; 8838 #elif defined(WOLFSSL_NONBLOCK_OCSP) 8839 ssl->nonblockarg = args; 7765 8840 #endif 7766 8841 } … … 7774 8849 #ifdef WOLFSSL_CALLBACKS 7775 8850 if (ssl->hsInfoOn) 7776 AddPacketName( "Certificate", &ssl->handShakeInfo);8851 AddPacketName(ssl, "Certificate"); 7777 8852 if (ssl->toInfoOn) 7778 8853 AddLateName("Certificate", &ssl->timeoutInfo); … … 7842 8917 7843 8918 /* allocate buffer for certs */ 8919 #ifdef OPENSSL_EXTRA 8920 args->certs = (buffer*)XMALLOC(sizeof(buffer) * 8921 (ssl->verifyDepth + 1), ssl->heap, DYNAMIC_TYPE_DER); 8922 if (args->certs == NULL) { 8923 ERROR_OUT(MEMORY_E, exit_ppc); 8924 } 8925 XMEMSET(args->certs, 0, sizeof(buffer) * (ssl->verifyDepth + 1)); 8926 #else 7844 8927 args->certs = (buffer*)XMALLOC(sizeof(buffer) * MAX_CHAIN_DEPTH, 7845 8928 ssl->heap, DYNAMIC_TYPE_DER); … … 7848 8931 } 7849 8932 XMEMSET(args->certs, 0, sizeof(buffer) * MAX_CHAIN_DEPTH); 7850 8933 #endif /* OPENSSL_EXTRA */ 7851 8934 /* Certificate List */ 7852 8935 if ((args->idx - args->begin) + OPAQUE24_LEN > totalSz) { … … 7855 8938 c24to32(input + args->idx, &listSz); 7856 8939 args->idx += OPAQUE24_LEN; 7857 if (listSz > MAX_ RECORD_SIZE) {8940 if (listSz > MAX_CERTIFICATE_SZ) { 7858 8941 ERROR_OUT(BUFFER_ERROR, exit_ppc); 7859 8942 } … … 7868 8951 word32 certSz; 7869 8952 7870 if (args->totalCerts >= MAX_CHAIN_DEPTH) {7871 8953 #ifdef OPENSSL_EXTRA 8954 if (args->totalCerts > ssl->verifyDepth) { 7872 8955 ssl->peerVerifyRet = X509_V_ERR_CERT_CHAIN_TOO_LONG; 7873 #endif7874 8956 ERROR_OUT(MAX_CHAIN_ERROR, exit_ppc); 7875 8957 } 8958 #else 8959 if (args->totalCerts >= ssl->verifyDepth || 8960 args->totalCerts >= MAX_CHAIN_DEPTH) { 8961 ERROR_OUT(MAX_CHAIN_ERROR, exit_ppc); 8962 } 8963 #endif 7876 8964 7877 8965 if ((args->idx - args->begin) + OPAQUE24_LEN > totalSz) { … … 7913 9001 args->idx += extSz; 7914 9002 listSz -= extSz + OPAQUE16_LEN; 9003 ret = TLSX_Parse(ssl, args->exts[args->totalCerts].buffer, 9004 args->exts[args->totalCerts].length, certificate, NULL); 9005 if (ret < 0) 9006 return ret; 7915 9007 } 7916 9008 #endif … … 7924 9016 7925 9017 args->dCertInit = 0; 9018 #ifndef WOLFSSL_SMALL_CERT_VERIFY 7926 9019 args->dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), ssl->heap, 7927 9020 DYNAMIC_TYPE_DCERT); … … 7929 9022 ERROR_OUT(MEMORY_E, exit_ppc); 7930 9023 } 9024 #endif 7931 9025 7932 9026 /* Advance state and proceed */ … … 7947 9041 7948 9042 if (!args->dCertInit) { 9043 #ifdef WOLFSSL_SMALL_CERT_VERIFY 9044 if (args->dCert == NULL) { 9045 args->dCert = (DecodedCert*)XMALLOC( 9046 sizeof(DecodedCert), ssl->heap, 9047 DYNAMIC_TYPE_DCERT); 9048 if (args->dCert == NULL) { 9049 ERROR_OUT(MEMORY_E, exit_ppc); 9050 } 9051 } 9052 #endif 9053 7949 9054 InitDecodedCert(args->dCert, 7950 9055 cert->buffer, cert->length, ssl->heap); … … 7954 9059 #endif 7955 9060 args->dCertInit = 1; 9061 #ifdef HAVE_PK_CALLBACKS 9062 ret = InitSigPkCb(ssl, &args->dCert->sigCtx); 9063 if (ret != 0) 9064 goto exit_ppc; 9065 #endif 7956 9066 } 7957 9067 7958 9068 ret = ParseCertRelative(args->dCert, CERT_TYPE, 0, 7959 9069 ssl->ctx->cm); 7960 if (ret != 0 && ret != WC_PENDING_E)7961 goto exit_ppc;7962 7963 9070 #ifdef WOLFSSL_ASYNC_CRYPT 7964 9071 if (ret == WC_PENDING_E) { … … 7968 9075 } 7969 9076 #endif 9077 if (ret != 0) 9078 goto exit_ppc; 7970 9079 7971 9080 #ifndef NO_SKID … … 8015 9124 8016 9125 if (!args->dCertInit) { 9126 #ifdef WOLFSSL_SMALL_CERT_VERIFY 9127 if (args->dCert == NULL) { 9128 args->dCert = (DecodedCert*)XMALLOC( 9129 sizeof(DecodedCert), ssl->heap, 9130 DYNAMIC_TYPE_DCERT); 9131 if (args->dCert == NULL) { 9132 ERROR_OUT(MEMORY_E, exit_ppc); 9133 } 9134 } 9135 #endif 9136 8017 9137 InitDecodedCert(args->dCert, 8018 9138 cert->buffer, cert->length, ssl->heap); … … 8022 9142 #endif 8023 9143 args->dCertInit = 1; 9144 #ifdef HAVE_PK_CALLBACKS 9145 ret = InitSigPkCb(ssl, &args->dCert->sigCtx); 9146 if (ret != 0) 9147 goto exit_ppc; 9148 #endif 8024 9149 } 8025 9150 8026 9151 ret = ParseCertRelative(args->dCert, CERT_TYPE, 0, 8027 9152 ssl->ctx->cm); 8028 if (ret != 0 && ret != WC_PENDING_E) {8029 goto exit_ppc;8030 }8031 9153 #ifdef WOLFSSL_ASYNC_CRYPT 8032 9154 if (ret == WC_PENDING_E) { … … 8036 9158 } 8037 9159 #endif 9160 if (ret != 0) { 9161 goto exit_ppc; 9162 } 8038 9163 8039 9164 #ifndef NO_SKID … … 8044 9169 if (!AlreadySigner(ssl->ctx->cm, subjectHash)) 8045 9170 args->untrustedDepth = 1; 9171 8046 9172 FreeDecodedCert(args->dCert); 8047 9173 args->dCertInit = 0; … … 8061 9187 cert = &args->certs[args->certIdx]; 8062 9188 9189 #ifdef WOLFSSL_SMALL_CERT_VERIFY 9190 sigRet = 0; 9191 9192 if (!ssl->options.verifyNone) { 9193 if (args->dCert != NULL) { 9194 if (args->dCertInit) { 9195 FreeDecodedCert(args->dCert); 9196 args->dCertInit = 0; 9197 } 9198 XFREE(args->dCert, ssl->heap, DYNAMIC_TYPE_DCERT); 9199 args->dCert = NULL; 9200 } 9201 sigRet = CheckCertSignature(cert->buffer, cert->length, 9202 ssl->heap, ssl->ctx->cm); 9203 } 9204 #endif 8063 9205 if (!args->dCertInit) { 9206 #ifdef WOLFSSL_SMALL_CERT_VERIFY 9207 if (args->dCert == NULL) { 9208 args->dCert = (DecodedCert*)XMALLOC( 9209 sizeof(DecodedCert), ssl->heap, 9210 DYNAMIC_TYPE_DCERT); 9211 if (args->dCert == NULL) { 9212 ERROR_OUT(MEMORY_E, exit_ppc); 9213 } 9214 } 9215 #endif 9216 8064 9217 InitDecodedCert(args->dCert, 8065 9218 cert->buffer, cert->length, ssl->heap); … … 8069 9222 #endif 8070 9223 args->dCertInit = 1; 9224 #ifdef HAVE_PK_CALLBACKS 9225 ret = InitSigPkCb(ssl, &args->dCert->sigCtx); 9226 if (ret != 0) 9227 goto exit_ppc; 9228 #endif 8071 9229 } 8072 9230 9231 /* check if returning from non-blocking OCSP */ 9232 #ifdef WOLFSSL_NONBLOCK_OCSP 9233 if (args->lastErr != OCSP_WANT_READ) 9234 { 9235 #endif 9236 9237 #ifndef WOLFSSL_SMALL_CERT_VERIFY 9238 sigRet = ParseCertRelative(args->dCert, CERT_TYPE, 9239 !ssl->options.verifyNone, ssl->ctx->cm); 9240 #else 8073 9241 ret = ParseCertRelative(args->dCert, CERT_TYPE, 8074 !ssl->options.verifyNone, ssl->ctx->cm); 9242 !ssl->options.verifyNone ? VERIFY_NAME : NO_VERIFY, 9243 ssl->ctx->cm); 9244 if (ret != 0) { 9245 sigRet = ret; 9246 ret = 0; 9247 } 9248 #endif 8075 9249 #ifdef WOLFSSL_ASYNC_CRYPT 8076 if ( ret == WC_PENDING_E) {9250 if (sigRet == WC_PENDING_E) { 8077 9251 ret = wolfSSL_AsyncPush(ssl, 8078 9252 args->dCert->sigCtx.asyncDev); … … 8098 9272 WOLFSSL_MSG( 8099 9273 "RSA key size in cert chain error"); 8100 ret = RSA_KEY_SIZE_E;9274 sigRet = RSA_KEY_SIZE_E; 8101 9275 } 8102 9276 break; … … 8109 9283 WOLFSSL_MSG( 8110 9284 "ECC key size in cert chain error"); 8111 ret = ECC_KEY_SIZE_E;9285 sigRet = ECC_KEY_SIZE_E; 8112 9286 } 8113 9287 break; … … 8120 9294 WOLFSSL_MSG( 8121 9295 "ECC key size in cert chain error"); 8122 ret = ECC_KEY_SIZE_E;9296 sigRet = ECC_KEY_SIZE_E; 8123 9297 } 8124 9298 break; … … 8132 9306 } /* if (!ssl->options.verifyNone) */ 8133 9307 8134 if ( ret == 0 && args->dCert->isCA == 0) {9308 if (sigRet == 0 && args->dCert->isCA == 0) { 8135 9309 WOLFSSL_MSG("Chain cert is not a CA, not adding as one"); 8136 9310 } 8137 else if ( ret == 0 && ssl->options.verifyNone) {9311 else if (sigRet == 0 && ssl->options.verifyNone) { 8138 9312 WOLFSSL_MSG("Chain cert not verified by option, not adding as CA"); 8139 9313 } 8140 else if ( ret == 0 && !AlreadySigner(ssl->ctx->cm, subjectHash)) {9314 else if (sigRet == 0 && !AlreadySigner(ssl->ctx->cm, subjectHash)) { 8141 9315 DerBuffer* add = NULL; 8142 9316 ret = AllocDer(&add, cert->length, CA_TYPE, ssl->heap); … … 8148 9322 XMEMCPY(add->buffer, cert->buffer, cert->length); 8149 9323 8150 #if def WOLFSSL_NGINX9324 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 8151 9325 if (args->certIdx > args->untrustedDepth) 8152 args->untrustedDepth = args->certIdx + 1;9326 args->untrustedDepth = (char)args->certIdx + 1; 8153 9327 #endif 8154 9328 … … 8166 9340 8167 9341 /* clear last CA fail since CA cert was validated */ 9342 if (!args->verifyErr) 8168 9343 args->lastCaErr = 0; 8169 9344 … … 8175 9350 #endif 8176 9351 } 8177 else if ( ret != 0) {9352 else if (sigRet != 0) { 8178 9353 WOLFSSL_MSG("Failed to verify CA from chain"); 8179 #ifdef WOLFSSL_ALT_CERT_CHAINS8180 if (args->lastCaErr == 0) {8181 /* store CA error and proceed to next cert */8182 args->lastCaErr = ret;8183 ret = 0;8184 }8185 else {8186 args->lastErr = args->lastCaErr;8187 }8188 #endif8189 9354 #ifdef OPENSSL_EXTRA 8190 9355 ssl->peerVerifyRet = X509_V_ERR_INVALID_CA; … … 8195 9360 } 8196 9361 9362 #ifdef WOLFSSL_NONBLOCK_OCSP 9363 } 9364 else { 9365 args->lastErr = 0; /* clear last error */ 9366 } 9367 #endif 9368 8197 9369 #if defined(HAVE_OCSP) || defined(HAVE_CRL) 8198 if (ret == 0 ) {9370 if (ret == 0 && sigRet == 0) { 8199 9371 int doCrlLookup = 1; 8200 9372 #ifdef HAVE_OCSP … … 8211 9383 ret = CheckCertOCSP_ex(ssl->ctx->cm->ocsp, 8212 9384 args->dCert, NULL, ssl); 8213 #ifdef WOLFSSL_ ASYNC_CRYPT8214 /* non-blocking socket re-entry requires async */8215 if (ret == WANT_READ) {9385 #ifdef WOLFSSL_NONBLOCK_OCSP 9386 if (ret == OCSP_WANT_READ) { 9387 args->lastErr = ret; 8216 9388 goto exit_ppc; 8217 9389 } … … 8231 9403 WOLFSSL_MSG("Doing Non Leaf CRL check"); 8232 9404 ret = CheckCertCRL(ssl->ctx->cm->crl, args->dCert); 8233 #ifdef WOLFSSL_ ASYNC_CRYPT8234 /* non-blocking socket re-entry requires async */8235 if (ret == WANT_READ) {9405 #ifdef WOLFSSL_NONBLOCK_OCSP 9406 if (ret == OCSP_WANT_READ) { 9407 args->lastErr = ret; 8236 9408 goto exit_ppc; 8237 9409 } … … 8243 9415 #endif /* HAVE_CRL */ 8244 9416 (void)doCrlLookup; 9417 9418 if (ret != 0) 9419 sigRet = ret; 8245 9420 } 8246 9421 #endif /* HAVE_OCSP || HAVE_CRL */ 8247 9422 8248 if (ret != 0 && args->lastErr == 0) { 8249 args->lastErr = ret; /* save error from last time */ 8250 ret = 0; /* reset error */ 9423 /* Do verify callback */ 9424 sigRet = DoVerifyCallback(ssl, sigRet, args); 9425 9426 /* Handle error codes */ 9427 #ifdef WOLFSSL_ALT_CERT_CHAINS 9428 if (args->lastCaErr == 0) { 9429 /* capture CA error and proceed to next cert */ 9430 args->lastCaErr = sigRet; 9431 sigRet = 0; 9432 } 9433 else { 9434 args->lastErr = args->lastCaErr; 9435 } 9436 #endif 9437 if (sigRet != 0 && args->lastErr == 0) { 9438 args->lastErr = sigRet; /* save error from last time */ 9439 sigRet = 0; /* reset error */ 8251 9440 } 8252 9441 … … 8257 9446 } /* if (count > 0) */ 8258 9447 9448 if (sigRet != 0) 9449 ret = sigRet; 8259 9450 /* Check for error */ 8260 9451 if (ret != 0) { … … 8276 9467 cert = &args->certs[args->certIdx]; 8277 9468 9469 #ifdef WOLFSSL_SMALL_CERT_VERIFY 9470 sigRet = 0; 9471 9472 if (!ssl->options.verifyNone) { 9473 if (args->dCert != NULL) { 9474 if (args->dCertInit) { 9475 FreeDecodedCert(args->dCert); 9476 args->dCertInit = 0; 9477 } 9478 XFREE(args->dCert, ssl->heap, DYNAMIC_TYPE_DCERT); 9479 args->dCert = NULL; 9480 } 9481 sigRet = CheckCertSignature(cert->buffer, cert->length, 9482 ssl->heap, ssl->ctx->cm); 9483 } 9484 #endif 8278 9485 if (!args->dCertInit) { 9486 if (args->dCert == NULL) { 9487 args->dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), 9488 ssl->heap, DYNAMIC_TYPE_DCERT); 9489 if (args->dCert == NULL) { 9490 ERROR_OUT(MEMORY_E, exit_ppc); 9491 } 9492 } 9493 8279 9494 InitDecodedCert(args->dCert, 8280 9495 cert->buffer, cert->length, ssl->heap); … … 8284 9499 #endif 8285 9500 args->dCertInit = 1; 9501 #ifdef HAVE_PK_CALLBACKS 9502 ret = InitSigPkCb(ssl, &args->dCert->sigCtx); 9503 if (ret != 0) 9504 goto exit_ppc; 9505 #endif 8286 9506 } 8287 9507 … … 8291 9511 { 8292 9512 /* only parse if not already present in dCert from above */ 9513 #ifndef WOLFSSL_SMALL_CERT_VERIFY 9514 sigRet = ParseCertRelative(args->dCert, CERT_TYPE, 9515 !ssl->options.verifyNone, ssl->ctx->cm); 9516 #else 8293 9517 ret = ParseCertRelative(args->dCert, CERT_TYPE, 8294 !ssl->options.verifyNone, ssl->ctx->cm); 9518 !ssl->options.verifyNone ? VERIFY_NAME : NO_VERIFY, 9519 ssl->ctx->cm); 9520 if (ret != 0) { 9521 sigRet = ret; 9522 ret = 0; 9523 } 9524 #endif 8295 9525 #ifdef WOLFSSL_ASYNC_CRYPT 8296 if ( ret == WC_PENDING_E) {9526 if (sigRet == WC_PENDING_E) { 8297 9527 ret = wolfSSL_AsyncPush(ssl, 8298 9528 args->dCert->sigCtx.asyncDev); … … 8302 9532 } 8303 9533 8304 if ( ret == 0) {9534 if (sigRet == 0) { 8305 9535 WOLFSSL_MSG("Verified Peer's cert"); 8306 9536 #ifdef OPENSSL_EXTRA … … 8313 9543 } 8314 9544 #endif /* SESSION_CERTS && WOLFSSL_ALT_CERT_CHAINS */ 9545 9546 /* check if fatal error */ 9547 if (args->verifyErr) { 9548 args->fatal = 1; 9549 if (sigRet == 0) { 9550 sigRet = args->lastErr; 9551 } 9552 #ifdef WOLFSSL_ALT_CERT_CHAINS 9553 if (sigRet == 0) { 9554 sigRet = args->lastCaErr; 9555 } 9556 #endif 9557 } 9558 else { 8315 9559 args->fatal = 0; 8316 9560 } 8317 else if (ret == ASN_PARSE_E || ret == BUFFER_E) { 9561 } 9562 else if (sigRet == ASN_PARSE_E || sigRet == BUFFER_E) { 8318 9563 WOLFSSL_MSG("Got Peer cert ASN PARSE or BUFFER ERROR"); 8319 9564 #ifdef OPENSSL_EXTRA 9565 SendAlert(ssl, alert_fatal, bad_certificate); 8320 9566 ssl->peerVerifyRet = X509_V_ERR_CERT_REJECTED; 8321 9567 #endif … … 8330 9576 WOLFSSL_MSG( 8331 9577 "\tCallback override available, will continue"); 8332 args->fatal = 0; 9578 /* check if fatal error */ 9579 args->fatal = (args->verifyErr) ? 1 : 0; 8333 9580 } 8334 9581 else { 8335 9582 WOLFSSL_MSG("\tNo callback override available, fatal"); 8336 9583 args->fatal = 1; 9584 #ifdef OPENSSL_EXTRA 9585 SendAlert(ssl, alert_fatal, bad_certificate); 9586 #endif 8337 9587 } 8338 9588 } … … 8350 9600 "Peer sent different cert during scr, fatal"); 8351 9601 args->fatal = 1; 8352 ret = SCR_DIFFERENT_CERT_E;9602 sigRet = SCR_DIFFERENT_CERT_E; 8353 9603 } 8354 9604 } … … 8361 9611 } 8362 9612 #endif /* HAVE_SECURE_RENEGOTIATION */ 8363 9613 } /* if (count > 0) */ 9614 9615 if (sigRet != 0) 9616 ret = sigRet; 9617 /* Check for error */ 9618 if (args->fatal && ret != 0) { 9619 goto exit_ppc; 9620 } 9621 9622 /* Advance state and proceed */ 9623 ssl->options.asyncState = TLS_ASYNC_VERIFY; 9624 } /* case TLS_ASYNC_DO */ 9625 FALL_THROUGH; 9626 9627 case TLS_ASYNC_VERIFY: 9628 { 9629 if (args->count > 0) { 8364 9630 #if defined(HAVE_OCSP) || defined(HAVE_CRL) 8365 9631 if (args->fatal == 0) { … … 8372 9638 args->dCert, ssl->heap); 8373 9639 doLookup = 0; 9640 #ifdef WOLFSSL_TLS13 9641 if (ssl->options.tls1_3) { 9642 TLSX* ext = TLSX_Find(ssl->extensions, 9643 TLSX_STATUS_REQUEST); 9644 if (ext != NULL) { 9645 word32 idx = 0; 9646 CertificateStatusRequest* csr = 9647 (CertificateStatusRequest*)ext->data; 9648 ret = ProcessCSR(ssl, csr->response.buffer, 9649 &idx, csr->response.length); 9650 if (ret < 0) 9651 goto exit_ppc; 9652 } 9653 } 9654 #endif 8374 9655 } 8375 9656 #endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ … … 8388 9669 ret = CheckCertOCSP_ex(ssl->ctx->cm->ocsp, 8389 9670 args->dCert, NULL, ssl); 8390 #ifdef WOLFSSL_ASYNC_CRYPT 8391 /* non-blocking socket re-entry requires async */ 8392 if (ret == WANT_READ) { 9671 #ifdef WOLFSSL_NONBLOCK_OCSP 9672 if (ret == OCSP_WANT_READ) { 8393 9673 goto exit_ppc; 8394 9674 } … … 8409 9689 WOLFSSL_MSG("Doing Leaf CRL check"); 8410 9690 ret = CheckCertCRL(ssl->ctx->cm->crl, args->dCert); 8411 #ifdef WOLFSSL_ASYNC_CRYPT 8412 /* non-blocking socket re-entry requires async */ 8413 if (ret == WANT_READ) { 9691 #ifdef WOLFSSL_NONBLOCK_OCSP 9692 if (ret == OCSP_WANT_READ) { 8414 9693 goto exit_ppc; 8415 9694 } … … 8433 9712 int copyRet = CopyDecodedToX509(&ssl->peerCert, 8434 9713 args->dCert); 8435 if (copyRet == MEMORY_E) 9714 if (copyRet == MEMORY_E) { 8436 9715 args->fatal = 1; 8437 9716 } 9717 } 8438 9718 #endif /* KEEP_PEER_CERT */ 8439 9719 8440 9720 #ifndef IGNORE_KEY_EXTENSIONS 9721 #if defined(OPENSSL_EXTRA) 9722 /* when compatibility layer is turned on and no verify is 9723 * set then ignore the certificate key extension */ 9724 if (args->dCert->extKeyUsageSet && 9725 args->dCert->extKeyUsageCrit == 0 && 9726 ssl->options.verifyNone) { 9727 WOLFSSL_MSG("Not verifying certificate key usage"); 9728 } 9729 else 9730 #endif 8441 9731 if (args->dCert->extKeyUsageSet) { 8442 9732 if ((ssl->specs.kea == rsa_kea) && … … 8454 9744 } 8455 9745 9746 #if defined(OPENSSL_EXTRA) 9747 /* when compatibility layer is turned on and no verify is 9748 * set then ignore the certificate key extension */ 9749 if (args->dCert->extExtKeyUsageSet && 9750 args->dCert->extExtKeyUsageCrit == 0 && 9751 ssl->options.verifyNone) { 9752 WOLFSSL_MSG("Not verifying certificate ext key usage"); 9753 } 9754 else 9755 #endif 8456 9756 if (args->dCert->extExtKeyUsageSet) { 8457 9757 if (ssl->options.side == WOLFSSL_CLIENT_END) { … … 8475 9775 ssl->error = ret; 8476 9776 #ifdef OPENSSL_EXTRA 9777 SendAlert(ssl, alert_fatal, bad_certificate); 8477 9778 ssl->peerVerifyRet = X509_V_ERR_CERT_REJECTED; 8478 9779 #endif … … 8481 9782 8482 9783 ssl->options.havePeerCert = 1; 8483 } /* if (count > 0) */ 8484 8485 /* Check for error */ 8486 if (args->fatal && ret != 0) { 8487 goto exit_ppc; 8488 } 8489 8490 /* Advance state and proceed */ 8491 ssl->options.asyncState = TLS_ASYNC_VERIFY; 8492 } /* case TLS_ASYNC_DO */ 8493 FALL_THROUGH; 8494 8495 case TLS_ASYNC_VERIFY: 8496 { 8497 if (args->count > 0) { 8498 args->domain = (char*)XMALLOC(ASN_NAME_MAX, ssl->heap, 8499 DYNAMIC_TYPE_STRING); 8500 if (args->domain == NULL) { 8501 ERROR_OUT(MEMORY_E, exit_ppc); 9784 9785 if (!ssl->options.verifyNone && ssl->buffers.domainName.buffer) { 9786 #ifndef WOLFSSL_ALLOW_NO_CN_IN_SAN 9787 /* Per RFC 5280 section 4.2.1.6, "Whenever such identities 9788 * are to be bound into a certificate, the subject 9789 * alternative name extension MUST be used." */ 9790 if (args->dCert->altNames) { 9791 if (CheckAltNames(args->dCert, 9792 (char*)ssl->buffers.domainName.buffer) == 0 ) { 9793 WOLFSSL_MSG("DomainName match on alt names failed"); 9794 /* try to get peer key still */ 9795 ret = DOMAIN_NAME_MISMATCH; 8502 9796 } 8503 8504 /* store for callback use */8505 if (args->dCert->subjectCNLen < ASN_NAME_MAX) {8506 XMEMCPY(args->domain, args->dCert->subjectCN, args->dCert->subjectCNLen);8507 args->domain[args->dCert->subjectCNLen] = '\0';8508 9797 } 8509 9798 else { 8510 args->domain[0] = '\0'; 9799 if (MatchDomainName( 9800 args->dCert->subjectCN, 9801 args->dCert->subjectCNLen, 9802 (char*)ssl->buffers.domainName.buffer) == 0) { 9803 WOLFSSL_MSG("DomainName match on common name failed"); 9804 ret = DOMAIN_NAME_MISMATCH; 8511 9805 } 8512 8513 if (!ssl->options.verifyNone && ssl->buffers.domainName.buffer) { 9806 } 9807 #else /* WOLFSSL_ALL_NO_CN_IN_SAN */ 9808 /* Old behavior. */ 8514 9809 if (MatchDomainName(args->dCert->subjectCN, 8515 9810 args->dCert->subjectCNLen, … … 8524 9819 } 8525 9820 } 9821 #endif /* WOLFSSL_ALL_NO_CN_IN_SAN */ 8526 9822 } 8527 9823 … … 8599 9895 case ECDSAk: 8600 9896 { 8601 int curveId;8602 9897 int keyRet = 0; 9898 word32 idx = 0; 9899 8603 9900 if (ssl->peerEccDsaKey == NULL) { 8604 9901 /* alloc/init on demand */ … … 8611 9908 } 8612 9909 8613 curveId = wc_ecc_get_oid(args->dCert->keyOID, NULL, NULL);8614 9910 if (keyRet != 0 || 8615 wc_ ecc_import_x963_ex(args->dCert->publicKey,8616 args->dCert->pubKeySize,ssl->peerEccDsaKey,8617 curveId) != 0) {9911 wc_EccPublicKeyDecode(args->dCert->publicKey, &idx, 9912 ssl->peerEccDsaKey, 9913 args->dCert->pubKeySize) != 0) { 8618 9914 ret = PEER_KEY_ERROR; 8619 9915 } … … 8697 9993 break; 8698 9994 } 8699 #endif /* HAVE_E CC*/9995 #endif /* HAVE_ED25519 */ 8700 9996 default: 8701 9997 break; 8702 9998 } 8703 9999 8704 FreeDecodedCert(args->dCert); 8705 args->dCertInit = 0; 8706 8707 /* release since we don't need it anymore */ 8708 if (args->dCert) { 8709 XFREE(args->dCert, ssl->heap, DYNAMIC_TYPE_DCERT); 8710 args->dCert = NULL; 8711 } 10000 /* args->dCert free'd in function cleanup after callback */ 8712 10001 } /* if (count > 0) */ 8713 10002 … … 8724 10013 case TLS_ASYNC_FINALIZE: 8725 10014 { 8726 #ifdef WOLFSSL_SMALL_STACK8727 WOLFSSL_X509_STORE_CTX* store = (WOLFSSL_X509_STORE_CTX*)XMALLOC(8728 sizeof(WOLFSSL_X509_STORE_CTX), ssl->heap,8729 DYNAMIC_TYPE_X509_STORE);8730 if (store == NULL) {8731 ERROR_OUT(MEMORY_E, exit_ppc);8732 }8733 #else8734 WOLFSSL_X509_STORE_CTX store[1];8735 #endif8736 8737 XMEMSET(store, 0, sizeof(WOLFSSL_X509_STORE_CTX));8738 8739 10015 /* load last error */ 8740 10016 if (args->lastErr != 0 && ret == 0) { … … 8748 10024 } 8749 10025 #endif 8750 if (ret != 0) { 8751 if (!ssl->options.verifyNone) { 8752 int why = bad_certificate; 8753 8754 if (ret == ASN_AFTER_DATE_E || ret == ASN_BEFORE_DATE_E) { 8755 why = certificate_expired; 8756 } 8757 if (ssl->verifyCallback) { 8758 int ok; 8759 8760 store->error = ret; 8761 store->error_depth = args->totalCerts; 8762 store->discardSessionCerts = 0; 8763 store->domain = args->domain; 8764 store->userCtx = ssl->verifyCbCtx; 8765 store->certs = args->certs; 8766 store->totalCerts = args->totalCerts; 8767 #ifdef KEEP_PEER_CERT 8768 if (ssl->peerCert.subject.sz > 0) 8769 store->current_cert = &ssl->peerCert; 8770 else 8771 store->current_cert = NULL; 8772 #else 8773 store->current_cert = NULL; 8774 #endif /* KEEP_PEER_CERT */ 8775 #if defined(HAVE_EX_DATA) || defined(HAVE_FORTRESS) 8776 store->ex_data = ssl; 8777 #endif 8778 ok = ssl->verifyCallback(0, store); 8779 if (ok) { 8780 WOLFSSL_MSG("Verify callback overriding error!"); 8781 ret = 0; 8782 } 8783 #ifdef SESSION_CERTS 8784 if (store->discardSessionCerts) { 8785 WOLFSSL_MSG("Verify callback requested discard sess certs"); 8786 ssl->session.chain.count = 0; 8787 #ifdef WOLFSSL_ALT_CERT_CHAINS 8788 ssl->session.altChain.count = 0; 8789 #endif 8790 } 8791 #endif /* SESSION_CERTS */ 8792 } 8793 if (ret != 0) { 8794 SendAlert(ssl, alert_fatal, why); /* try to send */ 8795 ssl->options.isClosed = 1; 8796 } 8797 } 8798 ssl->error = ret; 8799 } 8800 #ifdef WOLFSSL_ALWAYS_VERIFY_CB 8801 else { 8802 if (ssl->verifyCallback) { 8803 int ok; 8804 8805 store->error = ret; 8806 #ifdef WOLFSSL_WPAS 8807 store->error_depth = 0; 8808 #else 8809 store->error_depth = args->totalCerts; 8810 #endif 8811 store->discardSessionCerts = 0; 8812 store->domain = args->domain; 8813 store->userCtx = ssl->verifyCbCtx; 8814 store->certs = args->certs; 8815 store->totalCerts = args->totalCerts; 8816 #ifdef KEEP_PEER_CERT 8817 if (ssl->peerCert.subject.sz > 0) 8818 store->current_cert = &ssl->peerCert; 8819 else 8820 store->current_cert = NULL; 8821 #endif 8822 store->ex_data = ssl; 8823 8824 ok = ssl->verifyCallback(1, store); 8825 if (!ok) { 8826 WOLFSSL_MSG("Verify callback overriding valid certificate!"); 8827 ret = -1; 8828 SendAlert(ssl, alert_fatal, bad_certificate); 8829 ssl->options.isClosed = 1; 8830 } 8831 #ifdef SESSION_CERTS 8832 if (store->discardSessionCerts) { 8833 WOLFSSL_MSG("Verify callback requested discard sess certs"); 8834 ssl->session.chain.count = 0; 8835 #ifdef WOLFSSL_ALT_CERT_CHAINS 8836 ssl->session.altChain.count = 0; 8837 #endif 8838 } 8839 #endif /* SESSION_CERTS */ 8840 } 8841 } 8842 #endif /* WOLFSSL_ALWAYS_VERIFY_CB */ 10026 10027 /* Do verify callback */ 10028 ret = DoVerifyCallback(ssl, ret, args); 8843 10029 8844 10030 if (ssl->options.verifyNone && … … 8856 10042 } 8857 10043 8858 #ifdef WOLFSSL_SMALL_STACK8859 XFREE(store, ssl->heap, DYNAMIC_TYPE_X509_STORE);8860 #endif8861 10044 /* Advance state and proceed */ 8862 10045 ssl->options.asyncState = TLS_ASYNC_END; … … 8880 10063 WOLFSSL_LEAVE("ProcessPeerCerts", ret); 8881 10064 8882 #ifdef WOLFSSL_ASYNC_CRYPT 8883 if (ret == WC_PENDING_E || ret == WANT_READ) { 8884 /* Mark message as not recevied so it can process again */ 10065 10066 #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP) 10067 if (ret == WC_PENDING_E || ret == OCSP_WANT_READ) { 10068 /* Mark message as not received so it can process again */ 8885 10069 ssl->msgsReceived.got_certificate = 0; 8886 10070 8887 10071 return ret; 8888 10072 } 8889 #endif /* WOLFSSL_ASYNC_CRYPT */10073 #endif /* WOLFSSL_ASYNC_CRYPT || WOLFSSL_NONBLOCK_OCSP */ 8890 10074 8891 10075 FreeProcPeerCertArgs(ssl, args); 10076 10077 #if defined(WOLFSSL_ASYNC_CRYPT) 10078 #elif defined(WOLFSSL_NONBLOCK_OCSP) 10079 XFREE(args, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); 10080 ssl->nonblockarg = NULL; 10081 #elif defined(WOLFSSL_SMALL_STACK) 10082 XFREE(args, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); 10083 #endif 10084 8892 10085 FreeKeyExchange(ssl); 8893 10086 … … 8895 10088 } 8896 10089 10090 #ifndef WOLFSSL_NO_TLS12 10091 10092 /* handle processing of certificate (11) */ 8897 10093 static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx, 8898 10094 word32 size) 8899 10095 { 8900 return ProcessPeerCerts(ssl, input, inOutIdx, size); 10096 int ret; 10097 10098 WOLFSSL_START(WC_FUNC_CERTIFICATE_DO); 10099 WOLFSSL_ENTER("DoCertificate"); 10100 10101 #ifdef SESSION_CERTS 10102 /* Reset the session cert chain count in case the session resume failed. */ 10103 ssl->session.chain.count = 0; 10104 #ifdef WOLFSSL_ALT_CERT_CHAINS 10105 ssl->session.altChain.count = 0; 10106 #endif 10107 #endif /* SESSION_CERTS */ 10108 10109 ret = ProcessPeerCerts(ssl, input, inOutIdx, size); 10110 10111 #ifdef OPENSSL_EXTRA 10112 ssl->options.serverState = SERVER_CERT_COMPLETE; 10113 #endif 10114 10115 WOLFSSL_LEAVE("DoCertificate", ret); 10116 WOLFSSL_END(WC_FUNC_CERTIFICATE_DO); 10117 10118 return ret; 8901 10119 } 8902 10120 10121 /* handle processing of certificate_status (22) */ 8903 10122 static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx, 8904 10123 word32 size) … … 8908 10127 word32 status_length; 8909 10128 10129 WOLFSSL_START(WC_FUNC_CERTIFICATE_STATUS_DO); 10130 WOLFSSL_ENTER("DoCertificateStatus"); 10131 8910 10132 if (size < ENUM_LEN + OPAQUE24_LEN) 8911 10133 return BUFFER_ERROR; … … 8925 10147 8926 10148 /* WOLFSSL_CSR_OCSP overlaps with WOLFSSL_CSR2_OCSP */ 8927 case WOLFSSL_CSR2_OCSP: { 10149 case WOLFSSL_CSR2_OCSP: 10150 ret = ProcessCSR(ssl, input, inOutIdx, status_length); 10151 break; 10152 10153 #endif 10154 10155 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) 10156 10157 case WOLFSSL_CSR2_OCSP_MULTI: { 8928 10158 OcspRequest* request; 10159 word32 list_length = status_length; 10160 byte idx = 0; 8929 10161 8930 10162 #ifdef WOLFSSL_SMALL_STACK … … 8937 10169 8938 10170 do { 8939 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST8940 if (ssl->status_request) {8941 request = (OcspRequest*)TLSX_CSR_GetRequest(8942 ssl->extensions);8943 ssl->status_request = 0;8944 break;8945 }8946 #endif8947 8948 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V28949 if (ssl->status_request_v2) {8950 request = (OcspRequest*)TLSX_CSR2_GetRequest(8951 ssl->extensions, status_type, 0);8952 ssl->status_request_v2 = 0;8953 break;8954 }8955 #endif8956 8957 return BUFFER_ERROR;8958 } while(0);8959 8960 if (request == NULL)8961 return BAD_CERTIFICATE_STATUS_ERROR; /* not expected */8962 8963 #ifdef WOLFSSL_SMALL_STACK8964 status = (CertStatus*)XMALLOC(sizeof(CertStatus), ssl->heap,8965 DYNAMIC_TYPE_OCSP_STATUS);8966 response = (OcspResponse*)XMALLOC(sizeof(OcspResponse), ssl->heap,8967 DYNAMIC_TYPE_OCSP_REQUEST);8968 8969 if (status == NULL || response == NULL) {8970 if (status)8971 XFREE(status, NULL, DYNAMIC_TYPE_OCSP_STATUS);8972 if (response)8973 XFREE(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST);8974 8975 return MEMORY_ERROR;8976 }8977 #endif8978 8979 InitOcspResponse(response, status, input +*inOutIdx, status_length);8980 8981 if (OcspResponseDecode(response, ssl->ctx->cm, ssl->heap, 0) != 0)8982 ret = BAD_CERTIFICATE_STATUS_ERROR;8983 else if (CompareOcspReqResp(request, response) != 0)8984 ret = BAD_CERTIFICATE_STATUS_ERROR;8985 else if (response->responseStatus != OCSP_SUCCESSFUL)8986 ret = BAD_CERTIFICATE_STATUS_ERROR;8987 else if (response->status->status == CERT_REVOKED)8988 ret = OCSP_CERT_REVOKED;8989 else if (response->status->status != CERT_GOOD)8990 ret = BAD_CERTIFICATE_STATUS_ERROR;8991 8992 *inOutIdx += status_length;8993 8994 #ifdef WOLFSSL_SMALL_STACK8995 XFREE(status, ssl->heap, DYNAMIC_TYPE_OCSP_STATUS);8996 XFREE(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);8997 #endif8998 8999 }9000 break;9001 9002 #endif9003 9004 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)9005 9006 case WOLFSSL_CSR2_OCSP_MULTI: {9007 OcspRequest* request;9008 word32 list_length = status_length;9009 byte idx = 0;9010 9011 #ifdef WOLFSSL_SMALL_STACK9012 CertStatus* status;9013 OcspResponse* response;9014 #else9015 CertStatus status[1];9016 OcspResponse response[1];9017 #endif9018 9019 do {9020 10171 if (ssl->status_request_v2) { 9021 10172 ssl->status_request_v2 = 0; … … 9105 10256 SendAlert(ssl, alert_fatal, bad_certificate_status_response); 9106 10257 10258 if (IsEncryptionOn(ssl, 0)) { 10259 if (*inOutIdx + ssl->keys.padSz > size) 10260 return BUFFER_E; 10261 *inOutIdx += ssl->keys.padSz; 10262 } 10263 10264 WOLFSSL_LEAVE("DoCertificateStatus", ret); 10265 WOLFSSL_END(WC_FUNC_CERTIFICATE_STATUS_DO); 10266 9107 10267 return ret; 9108 10268 } 9109 10269 10270 #endif /* !WOLFSSL_NO_TLS12 */ 10271 9110 10272 #endif /* !NO_CERTS */ 9111 10273 10274 #ifndef WOLFSSL_NO_TLS12 9112 10275 9113 10276 static int DoHelloRequest(WOLFSSL* ssl, const byte* input, word32* inOutIdx, … … 9116 10279 (void)input; 9117 10280 10281 WOLFSSL_START(WC_FUNC_HELLO_REQUEST_DO); 10282 WOLFSSL_ENTER("DoHelloRequest"); 10283 9118 10284 if (size) /* must be 0 */ 9119 10285 return BUFFER_ERROR; … … 9134 10300 else if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled) { 9135 10301 ssl->secure_renegotiation->startScr = 1; 10302 WOLFSSL_LEAVE("DoHelloRequest", 0); 10303 WOLFSSL_END(WC_FUNC_HELLO_REQUEST_DO); 9136 10304 return 0; 9137 10305 } … … 9148 10316 word32 finishedSz = (ssl->options.tls ? TLS_FINISHED_SZ : FINISHED_SZ); 9149 10317 10318 WOLFSSL_START(WC_FUNC_FINISHED_DO); 10319 WOLFSSL_ENTER("DoFinished"); 10320 9150 10321 if (finishedSz != size) 9151 10322 return BUFFER_ERROR; … … 9156 10327 9157 10328 #ifdef WOLFSSL_CALLBACKS 9158 if (ssl->hsInfoOn) AddPacketName( "Finished", &ssl->handShakeInfo);10329 if (ssl->hsInfoOn) AddPacketName(ssl, "Finished"); 9159 10330 if (ssl->toInfoOn) AddLateName("Finished", &ssl->timeoutInfo); 9160 10331 #endif … … 9176 10347 XMEMCPY(ssl->secure_renegotiation->client_verify_data, 9177 10348 input + *inOutIdx, TLS_FINISHED_SZ); 10349 ssl->secure_renegotiation->verifySet = 1; 9178 10350 } 9179 10351 #endif … … 9184 10356 if (ssl->options.side == WOLFSSL_CLIENT_END) { 9185 10357 ssl->options.serverState = SERVER_FINISHED_COMPLETE; 10358 #ifdef OPENSSL_EXTRA 10359 ssl->cbmode = SSL_CB_MODE_WRITE; 10360 ssl->options.clientState = CLIENT_FINISHED_COMPLETE; 10361 #endif 9186 10362 if (!ssl->options.resuming) { 10363 #ifdef OPENSSL_EXTRA 10364 if (ssl->CBIS != NULL) { 10365 ssl->CBIS(ssl, SSL_CB_CONNECT_LOOP, SSL_SUCCESS); 10366 } 10367 #endif 9187 10368 ssl->options.handShakeState = HANDSHAKE_DONE; 9188 10369 ssl->options.handShakeDone = 1; … … 9191 10372 else { 9192 10373 ssl->options.clientState = CLIENT_FINISHED_COMPLETE; 10374 #ifdef OPENSSL_EXTRA 10375 ssl->cbmode = SSL_CB_MODE_READ; 10376 ssl->options.serverState = SERVER_FINISHED_COMPLETE; 10377 #endif 9193 10378 if (ssl->options.resuming) { 10379 #ifdef OPENSSL_EXTRA 10380 if (ssl->CBIS != NULL) { 10381 ssl->CBIS(ssl, SSL_CB_ACCEPT_LOOP, SSL_SUCCESS); 10382 } 10383 #endif 9194 10384 ssl->options.handShakeState = HANDSHAKE_DONE; 9195 10385 ssl->options.handShakeDone = 1; 9196 10386 } 9197 10387 } 10388 10389 WOLFSSL_LEAVE("DoFinished", 0); 10390 WOLFSSL_END(WC_FUNC_FINISHED_DO); 9198 10391 9199 10392 return 0; … … 9524 10717 (ssl->keys.encryptionOn ? ssl->keys.padSz : 0); 9525 10718 10719 #if !defined(WOLFSSL_NO_SERVER) && \ 10720 defined(HAVE_SECURE_RENEGOTIATION) && \ 10721 defined(HAVE_SERVER_RENEGOTIATION_INFO) 10722 if (ssl->options.handShakeDone && type == client_hello && 10723 ssl->secure_renegotiation && 10724 ssl->secure_renegotiation->enabled) 10725 { 10726 WOLFSSL_MSG("Reset handshake state"); 10727 XMEMSET(&ssl->msgsReceived, 0, sizeof(MsgsReceived)); 10728 ssl->options.serverState = NULL_STATE; 10729 ssl->options.clientState = NULL_STATE; 10730 ssl->options.connectState = CONNECT_BEGIN; 10731 ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE; 10732 ssl->options.handShakeState = NULL_STATE; 10733 ssl->secure_renegotiation->cache_status = SCR_CACHE_NEEDED; 10734 10735 ret = InitHandshakeHashes(ssl); 10736 if (ret != 0) 10737 return ret; 10738 } 10739 #endif 10740 9526 10741 /* sanity check msg received */ 9527 10742 if ( (ret = SanityCheckMsgReceived(ssl, type)) != 0) { … … 9530 10745 } 9531 10746 9532 #if def WOLFSSL_CALLBACKS10747 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 9533 10748 /* add name later, add on record and handshake header part back on */ 9534 10749 if (ssl->toInfoOn) { 9535 10750 int add = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 9536 AddPacketInfo(0, &ssl->timeoutInfo, input + *inOutIdx - add, 9537 size + add, ssl->heap); 10751 AddPacketInfo(ssl, 0, handshake, input + *inOutIdx - add, 10752 size + add, READ_PROTO, ssl->heap); 10753 #ifdef WOLFSSL_CALLBACKS 9538 10754 AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo); 10755 #endif 9539 10756 } 9540 10757 #endif … … 9573 10790 * hashed later if the DTLS cookie is correct. */ 9574 10791 if (type != hello_request && 9575 !(IsDtlsNotSctpMode(ssl) && type == client_hello) && 9576 ssl->error != WC_PENDING_E) { 10792 !(IsDtlsNotSctpMode(ssl) && type == client_hello) 10793 #ifdef WOLFSSL_ASYNC_CRYPT 10794 && ssl->error != WC_PENDING_E 10795 #endif 10796 #ifdef WOLFSSL_NONBLOCK_OCSP 10797 && ssl->error != OCSP_WANT_READ 10798 #endif 10799 ) { 9577 10800 ret = HashInput(ssl, input + *inOutIdx, size); 9578 10801 if (ret != 0) return ret; 9579 10802 } 10803 10804 #ifdef OPENSSL_EXTRA 10805 if (ssl->CBIS != NULL){ 10806 ssl->cbmode = SSL_CB_MODE_READ; 10807 ssl->cbtype = type; 10808 ssl->CBIS(ssl, SSL_CB_ACCEPT_LOOP, SSL_SUCCESS); 10809 } 10810 #endif 9580 10811 9581 10812 switch (type) { … … 9595 10826 WOLFSSL_MSG("processing server hello"); 9596 10827 ret = DoServerHello(ssl, input, inOutIdx, size); 10828 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 10829 !defined(NO_ED25519_CLIENT_AUTH) 10830 if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) || 10831 IsAtLeastTLSv1_3(ssl->version)) { 10832 10833 #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP) 10834 if (ret != WC_PENDING_E && ret != OCSP_WANT_READ) 10835 #endif 10836 { 10837 ssl->options.cacheMessages = 0; 10838 if (ssl->hsHashes->messages != NULL) { 10839 XFREE(ssl->hsHashes->messages, ssl->heap, 10840 DYNAMIC_TYPE_HASHES); 10841 ssl->hsHashes->messages = NULL; 10842 } 10843 } 10844 } 10845 #endif 9597 10846 break; 9598 10847 … … 9633 10882 #ifdef WOLFSSL_CALLBACKS 9634 10883 if (ssl->hsInfoOn) 9635 AddPacketName( "ServerHelloDone", &ssl->handShakeInfo);10884 AddPacketName(ssl, "ServerHelloDone"); 9636 10885 if (ssl->toInfoOn) 9637 10886 AddLateName("ServerHelloDone", &ssl->timeoutInfo); … … 9656 10905 WOLFSSL_MSG("processing client hello"); 9657 10906 ret = DoClientHello(ssl, input, inOutIdx, size); 10907 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 10908 !defined(NO_ED25519_CLIENT_AUTH) 10909 if (ssl->options.resuming || !ssl->options.verifyPeer || \ 10910 !IsAtLeastTLSv1_2(ssl) || IsAtLeastTLSv1_3(ssl->version)) { 10911 #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP) 10912 if (ret != WC_PENDING_E && ret != OCSP_WANT_READ) 10913 #endif 10914 { 10915 ssl->options.cacheMessages = 0; 10916 if (ssl->hsHashes->messages != NULL) { 10917 XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES); 10918 ssl->hsHashes->messages = NULL; 10919 } 10920 } 10921 } 10922 #endif 10923 if (IsEncryptionOn(ssl, 0)) { 10924 /* access beyond input + size should be checked against totalSz */ 10925 if (*inOutIdx + ssl->keys.padSz > totalSz) 10926 return BUFFER_E; 10927 10928 *inOutIdx += ssl->keys.padSz; 10929 } 9658 10930 break; 9659 10931 … … 9663 10935 break; 9664 10936 9665 #if !defined(NO_RSA) || defined(HAVE_ECC) 10937 #if (!defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519)) && \ 10938 !defined(WOLFSSL_NO_CLIENT_AUTH) 9666 10939 case certificate_verify: 9667 10940 WOLFSSL_MSG("processing certificate verify"); 9668 10941 ret = DoCertificateVerify(ssl, input, inOutIdx, size); 9669 10942 break; 9670 #endif /* !NO_RSA || HAVE_ECC*/10943 #endif /* (!NO_RSA || HAVE_ECC || HAVE_ED25519) && !WOLFSSL_NO_CLIENT_AUTH */ 9671 10944 9672 10945 #endif /* !NO_WOLFSSL_SERVER */ … … 9677 10950 break; 9678 10951 } 9679 9680 10952 if (ret == 0 && expectedIdx != *inOutIdx) { 9681 10953 WOLFSSL_MSG("Extra data in handshake message"); … … 9684 10956 ret = DECODE_E; 9685 10957 } 9686 9687 #ifdef WOLFSSL_ASYNC_CRYPT 10958 if (ret == 0 && ssl->buffers.inputBuffer.dynamicFlag) { 10959 ShrinkInputBuffer(ssl, NO_FORCED_FREE); 10960 } 10961 10962 #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP) 9688 10963 /* if async, offset index so this msg will be processed again */ 9689 if ( ret == WC_PENDING_E&& *inOutIdx > 0) {10964 if ((ret == WC_PENDING_E || ret == OCSP_WANT_READ) && *inOutIdx > 0) { 9690 10965 *inOutIdx -= HANDSHAKE_HEADER_SZ; 9691 10966 #ifdef WOLFSSL_DTLS … … 9695 10970 #endif 9696 10971 } 9697 #endif 10972 10973 /* make sure async error is cleared */ 10974 if (ret == 0 && (ssl->error == WC_PENDING_E || ssl->error == OCSP_WANT_READ)) { 10975 ssl->error = 0; 10976 } 10977 #endif /* WOLFSSL_ASYNC_CRYPT || WOLFSSL_NONBLOCK_OCSP */ 9698 10978 9699 10979 WOLFSSL_LEAVE("DoHandShakeMsgType()", ret); … … 9716 10996 if (GetHandShakeHeader(ssl,input,inOutIdx,&type, &size, totalSz) != 0) 9717 10997 return PARSE_ERROR; 10998 10999 ssl->options.handShakeState = type; 9718 11000 9719 11001 return DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz); … … 9800 11082 } 9801 11083 11084 #endif /* !WOLFSSL_NO_TLS12 */ 11085 9802 11086 #ifdef WOLFSSL_DTLS 9803 11087 9804 static INLINE int DtlsCheckWindow(WOLFSSL* ssl)11088 static WC_INLINE int DtlsCheckWindow(WOLFSSL* ssl) 9805 11089 { 9806 11090 word32* window; … … 9903 11187 9904 11188 #ifdef WOLFSSL_MULTICAST 9905 static INLINE word32 UpdateHighwaterMark(word32 cur, word32 first,11189 static WC_INLINE word32 UpdateHighwaterMark(word32 cur, word32 first, 9906 11190 word32 second, word32 max) 9907 11191 { … … 9920 11204 9921 11205 9922 static INLINE int DtlsUpdateWindow(WOLFSSL* ssl)11206 static WC_INLINE int DtlsUpdateWindow(WOLFSSL* ssl) 9923 11207 { 9924 11208 word32* window; … … 10042 11326 /* While there is an item in the store list, and it is the expected 10043 11327 * message, and it is complete, and there hasn't been an error in the 10044 * last mess ge... */11328 * last message... */ 10045 11329 while (item != NULL && 10046 11330 ssl->keys.dtls_expected_peer_handshake_number == item->seq && … … 10051 11335 ret = DoHandShakeMsgType(ssl, item->msg, 10052 11336 &idx, item->type, item->sz, item->sz); 11337 #ifdef WOLFSSL_ASYNC_CRYPT 10053 11338 if (ret == WC_PENDING_E) { 10054 11339 ssl->keys.dtls_expected_peer_handshake_number--; 10055 11340 break; 10056 11341 } 11342 #endif 10057 11343 ssl->dtls_rx_msg_list = item->next; 10058 11344 DtlsMsgDelete(item, ssl->heap); … … 10180 11466 #endif 10181 11467 11468 #ifndef WOLFSSL_NO_TLS12 10182 11469 10183 11470 #ifdef HAVE_AEAD 10184 static INLINE void AeadIncrementExpIV(WOLFSSL* ssl)11471 static WC_INLINE void AeadIncrementExpIV(WOLFSSL* ssl) 10185 11472 { 10186 11473 int i; … … 10246 11533 10247 11534 /* When the flag oldPoly is not set this follows RFC7905. When oldPoly is set 10248 * the impl mentation follows an older draft for creating the nonce and MAC.10249 * The flag oldPoly gets set automatic lly depending on what cipher suite was11535 * the implementation follows an older draft for creating the nonce and MAC. 11536 * The flag oldPoly gets set automatically depending on what cipher suite was 10250 11537 * negotiated in the handshake. This is able to be done because the IDs for the 10251 11538 * cipher suites was updated in RFC7905 giving unique values for the older 10252 * draft in comparis ion to the more recent RFC.11539 * draft in comparison to the more recent RFC. 10253 11540 * 10254 11541 * ssl WOLFSSL structure to get cipher and TLS state from … … 10397 11684 10398 11685 /* When the flag oldPoly is not set this follows RFC7905. When oldPoly is set 10399 * the impl mentation follows an older draft for creating the nonce and MAC.10400 * The flag oldPoly gets set automatic lly depending on what cipher suite was11686 * the implementation follows an older draft for creating the nonce and MAC. 11687 * The flag oldPoly gets set automatically depending on what cipher suite was 10401 11688 * negotiated in the handshake. This is able to be done because the IDs for the 10402 11689 * cipher suites was updated in RFC7905 giving unique values for the older 10403 * draft in comparis ion to the more recent RFC.11690 * draft in comparison to the more recent RFC. 10404 11691 * 10405 11692 * ssl WOLFSSL structure to get cipher and TLS state from … … 10538 11825 10539 11826 10540 static INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,11827 static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input, 10541 11828 word16 sz, int asyncOkay) 10542 11829 { … … 10563 11850 case wolfssl_triple_des: 10564 11851 #ifdef WOLFSSL_ASYNC_CRYPT 10565 /* in tialize event */11852 /* initialize event */ 10566 11853 asyncDev = &ssl->encrypt.des3->asyncDev; 10567 11854 ret = wolfSSL_AsyncInit(ssl, asyncDev, event_flags); … … 10579 11866 #endif 10580 11867 10581 #if def BUILD_AES11868 #if defined(BUILD_AES) && defined(HAVE_AES_CBC) 10582 11869 case wolfssl_aes: 10583 11870 #ifdef WOLFSSL_ASYNC_CRYPT 10584 /* in tialize event */11871 /* initialize event */ 10585 11872 asyncDev = &ssl->encrypt.aes->asyncDev; 10586 11873 ret = wolfSSL_AsyncInit(ssl, asyncDev, event_flags); … … 10606 11893 10607 11894 #ifdef WOLFSSL_ASYNC_CRYPT 10608 /* in tialize event */11895 /* initialize event */ 10609 11896 asyncDev = &ssl->encrypt.aes->asyncDev; 10610 11897 ret = wolfSSL_AsyncInit(ssl, asyncDev, event_flags); … … 10715 12002 } 10716 12003 10717 static INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input, word16 sz,12004 static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input, word16 sz, 10718 12005 int asyncOkay) 10719 12006 { … … 10807 12094 } 10808 12095 10809 static INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,12096 static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input, 10810 12097 word16 sz) 10811 12098 { … … 10827 12114 case wolfssl_triple_des: 10828 12115 #ifdef WOLFSSL_ASYNC_CRYPT 10829 /* in tialize event */12116 /* initialize event */ 10830 12117 ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.des3->asyncDev, 10831 12118 WC_ASYNC_FLAG_CALL_AGAIN); … … 10843 12130 #endif 10844 12131 10845 #if def BUILD_AES12132 #if defined(BUILD_AES) && defined(HAVE_AES_CBC) 10846 12133 case wolfssl_aes: 10847 12134 #ifdef WOLFSSL_ASYNC_CRYPT 10848 /* in tialize event */12135 /* initialize event */ 10849 12136 ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.aes->asyncDev, 10850 12137 WC_ASYNC_FLAG_CALL_AGAIN); … … 10869 12156 10870 12157 #ifdef WOLFSSL_ASYNC_CRYPT 10871 /* in tialize event */12158 /* initialize event */ 10872 12159 ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.aes->asyncDev, 10873 12160 WC_ASYNC_FLAG_CALL_AGAIN); … … 10964 12251 } 10965 12252 10966 static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input,12253 static WC_INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input, 10967 12254 word16 sz) 10968 12255 { … … 11067 12354 } 11068 12355 12356 #endif /* !WOLFSSL_NO_TLS12 */ 12357 11069 12358 /* Check conditions for a cipher to have an explicit IV. 11070 12359 * … … 11072 12361 * returns 1 if the cipher in use has an explicit IV and 0 otherwise. 11073 12362 */ 11074 static INLINE int CipherHasExpIV(WOLFSSL *ssl)12363 static WC_INLINE int CipherHasExpIV(WOLFSSL *ssl) 11075 12364 { 11076 12365 #ifdef WOLFSSL_TLS13 … … 11092 12381 #endif 11093 12382 12383 #ifndef WOLFSSL_AEAD_ONLY 11094 12384 if (ssl->specs.cipher_type == block) { 11095 12385 if (encryptSz % ssl->specs.block_size) { … … 11106 12396 minLength += ssl->specs.block_size; /* explicit IV */ 11107 12397 } 11108 else if (ssl->specs.cipher_type == aead) { 12398 else 12399 #endif 12400 if (ssl->specs.cipher_type == aead) { 11109 12401 minLength = ssl->specs.aead_mac_size; /* authTag size */ 11110 12402 if (CipherHasExpIV(ssl)) … … 11121 12413 11122 12414 11123 #ifndef NO_OLD_TLS 11124 11125 static INLINE void Md5Rounds(int rounds, const byte* data, int sz) 11126 { 11127 wc_Md5 md5; 11128 int i; 11129 11130 wc_InitMd5(&md5); /* no error check on purpose, dummy round */ 11131 11132 for (i = 0; i < rounds; i++) 11133 wc_Md5Update(&md5, data, sz); 11134 wc_Md5Free(&md5); /* in case needed to release resources */ 11135 } 11136 11137 11138 11139 /* do a dummy sha round */ 11140 static INLINE void ShaRounds(int rounds, const byte* data, int sz) 11141 { 11142 wc_Sha sha; 11143 int i; 11144 11145 wc_InitSha(&sha); /* no error check on purpose, dummy round */ 11146 11147 for (i = 0; i < rounds; i++) 11148 wc_ShaUpdate(&sha, data, sz); 11149 wc_ShaFree(&sha); /* in case needed to release resources */ 11150 } 11151 #endif 11152 11153 11154 #ifndef NO_SHA256 11155 11156 static INLINE void Sha256Rounds(int rounds, const byte* data, int sz) 11157 { 11158 wc_Sha256 sha256; 11159 int i; 11160 11161 wc_InitSha256(&sha256); /* no error check on purpose, dummy round */ 11162 11163 for (i = 0; i < rounds; i++) { 11164 wc_Sha256Update(&sha256, data, sz); 11165 /* no error check on purpose, dummy round */ 11166 } 11167 wc_Sha256Free(&sha256); /* in case needed to release resources */ 11168 } 11169 11170 #endif 11171 11172 11173 #ifdef WOLFSSL_SHA384 11174 11175 static INLINE void Sha384Rounds(int rounds, const byte* data, int sz) 11176 { 11177 wc_Sha384 sha384; 11178 int i; 11179 11180 wc_InitSha384(&sha384); /* no error check on purpose, dummy round */ 11181 11182 for (i = 0; i < rounds; i++) { 11183 wc_Sha384Update(&sha384, data, sz); 11184 /* no error check on purpose, dummy round */ 11185 } 11186 wc_Sha384Free(&sha384); /* in case needed to release resources */ 11187 } 11188 11189 #endif 11190 11191 11192 #ifdef WOLFSSL_SHA512 11193 11194 static INLINE void Sha512Rounds(int rounds, const byte* data, int sz) 11195 { 11196 wc_Sha512 sha512; 11197 int i; 11198 11199 wc_InitSha512(&sha512); /* no error check on purpose, dummy round */ 11200 11201 for (i = 0; i < rounds; i++) { 11202 wc_Sha512Update(&sha512, data, sz); 11203 /* no error check on purpose, dummy round */ 11204 } 11205 wc_Sha512Free(&sha512); /* in case needed to release resources */ 11206 } 11207 11208 #endif 11209 11210 11211 #ifdef WOLFSSL_RIPEMD 11212 11213 static INLINE void RmdRounds(int rounds, const byte* data, int sz) 11214 { 11215 RipeMd ripemd; 11216 int i; 11217 11218 wc_InitRipeMd(&ripemd); 11219 11220 for (i = 0; i < rounds; i++) 11221 wc_RipeMdUpdate(&ripemd, data, sz); 11222 } 11223 11224 #endif 11225 11226 11227 /* Do dummy rounds */ 11228 static INLINE void DoRounds(int type, int rounds, const byte* data, int sz) 11229 { 11230 (void)rounds; 11231 (void)data; 11232 (void)sz; 11233 11234 switch (type) { 11235 case no_mac : 11236 break; 11237 11238 #ifndef NO_OLD_TLS 11239 #ifndef NO_MD5 11240 case md5_mac : 11241 Md5Rounds(rounds, data, sz); 11242 break; 11243 #endif 11244 11245 #ifndef NO_SHA 11246 case sha_mac : 11247 ShaRounds(rounds, data, sz); 11248 break; 11249 #endif 11250 #endif 11251 11252 #ifndef NO_SHA256 11253 case sha256_mac : 11254 Sha256Rounds(rounds, data, sz); 11255 break; 11256 #endif 11257 11258 #ifdef WOLFSSL_SHA384 11259 case sha384_mac : 11260 Sha384Rounds(rounds, data, sz); 11261 break; 11262 #endif 11263 11264 #ifdef WOLFSSL_SHA512 11265 case sha512_mac : 11266 Sha512Rounds(rounds, data, sz); 11267 break; 11268 #endif 11269 11270 #ifdef WOLFSSL_RIPEMD 11271 case rmd_mac : 11272 RmdRounds(rounds, data, sz); 11273 break; 11274 #endif 11275 11276 default: 11277 WOLFSSL_MSG("Bad round type"); 11278 break; 11279 } 11280 } 11281 11282 11283 /* do number of compression rounds on dummy data */ 11284 static INLINE void CompressRounds(WOLFSSL* ssl, int rounds, const byte* dummy) 11285 { 11286 if (rounds) 11287 DoRounds(ssl->specs.mac_algorithm, rounds, dummy, COMPRESS_LOWER); 11288 } 11289 11290 12415 #ifndef WOLFSSL_AEAD_ONLY 11291 12416 /* check all length bytes for the pad value, return 0 on success */ 11292 12417 static int PadCheck(const byte* a, byte pad, int length) … … 11297 12422 for (i = 0; i < length; i++) { 11298 12423 compareSum |= a[i] ^ pad; 11299 12424 } 11300 12425 11301 12426 return compareSum; … … 11303 12428 11304 12429 11305 /* get compression extra rounds */ 11306 static INLINE int GetRounds(int pLen, int padLen, int t) 12430 /* Mask the padding bytes with the expected values. 12431 * Constant time implementation - does maximum pad size possible. 12432 * 12433 * data Message data. 12434 * sz Size of the message including MAC and padding and padding length. 12435 * macSz Size of the MAC. 12436 * returns 0 on success, otherwise failure. 12437 */ 12438 static byte MaskPadding(const byte* data, int sz, int macSz) 11307 12439 { 11308 int roundL1 = 1; /* round up flags */ 11309 int roundL2 = 1; 11310 11311 int L1 = COMPRESS_CONSTANT + pLen - t; 11312 int L2 = COMPRESS_CONSTANT + pLen - padLen - 1 - t; 11313 11314 L1 -= COMPRESS_UPPER; 11315 L2 -= COMPRESS_UPPER; 11316 11317 if ( (L1 % COMPRESS_LOWER) == 0) 11318 roundL1 = 0; 11319 if ( (L2 % COMPRESS_LOWER) == 0) 11320 roundL2 = 0; 11321 11322 L1 /= COMPRESS_LOWER; 11323 L2 /= COMPRESS_LOWER; 11324 11325 L1 += roundL1; 11326 L2 += roundL2; 11327 11328 return L1 - L2; 12440 int i; 12441 int checkSz = sz - 1; 12442 byte paddingSz = data[sz - 1]; 12443 byte mask; 12444 byte good = ctMaskGT(paddingSz, sz - 1 - macSz); 12445 12446 if (checkSz > TLS_MAX_PAD_SZ) 12447 checkSz = TLS_MAX_PAD_SZ; 12448 12449 for (i = 0; i < checkSz; i++) { 12450 mask = ctMaskLTE(i, paddingSz); 12451 good |= mask & (data[sz - 1 - i] ^ paddingSz); 11329 12452 } 11330 12453 12454 return good; 12455 } 12456 12457 /* Mask the MAC in the message with the MAC calculated. 12458 * Constant time implementation - starts looking for MAC where maximum padding 12459 * size has it. 12460 * 12461 * data Message data. 12462 * sz Size of the message including MAC and padding and padding length. 12463 * macSz Size of the MAC data. 12464 * expMac Expected MAC value. 12465 * returns 0 on success, otherwise failure. 12466 */ 12467 static byte MaskMac(const byte* data, int sz, int macSz, byte* expMac) 12468 { 12469 int i, j; 12470 unsigned char mac[WC_MAX_DIGEST_SIZE]; 12471 int scanStart = sz - 1 - TLS_MAX_PAD_SZ - macSz; 12472 int macEnd = sz - 1 - data[sz - 1]; 12473 int macStart = macEnd - macSz; 12474 int r = 0; 12475 unsigned char started, notEnded; 12476 unsigned char good = 0; 12477 12478 scanStart &= (~scanStart) >> (sizeof(int) * 8 - 1); 12479 macStart &= (~macStart) >> (sizeof(int) * 8 - 1); 12480 12481 /* Div on Intel has different speeds depending on value. 12482 * Use a bitwise AND or mod a specific value (converted to mul). */ 12483 if ((macSz & (macSz - 1)) == 0) 12484 r = (macSz - (scanStart - macStart)) & (macSz - 1); 12485 #ifndef NO_SHA 12486 else if (macSz == WC_SHA_DIGEST_SIZE) 12487 r = (macSz - (scanStart - macStart)) % WC_SHA_DIGEST_SIZE; 12488 #endif 12489 #ifdef WOLFSSL_SHA384 12490 else if (macSz == WC_SHA384_DIGEST_SIZE) 12491 r = (macSz - (scanStart - macStart)) % WC_SHA384_DIGEST_SIZE; 12492 #endif 12493 12494 XMEMSET(mac, 0, macSz); 12495 for (i = scanStart; i < sz; i += macSz) { 12496 for (j = 0; j < macSz && j + i < sz; j++) { 12497 started = ctMaskGTE(i + j, macStart); 12498 notEnded = ctMaskLT(i + j, macEnd); 12499 mac[j] |= started & notEnded & data[i + j]; 12500 } 12501 } 12502 12503 if ((macSz & (macSz - 1)) == 0) { 12504 for (i = 0; i < macSz; i++) 12505 good |= expMac[i] ^ mac[(i + r) & (macSz - 1)]; 12506 } 12507 #ifndef NO_SHA 12508 else if (macSz == WC_SHA_DIGEST_SIZE) { 12509 for (i = 0; i < macSz; i++) 12510 good |= expMac[i] ^ mac[(i + r) % WC_SHA_DIGEST_SIZE]; 12511 } 12512 #endif 12513 #ifdef WOLFSSL_SHA384 12514 else if (macSz == WC_SHA384_DIGEST_SIZE) { 12515 for (i = 0; i < macSz; i++) 12516 good |= expMac[i] ^ mac[(i + r) % WC_SHA384_DIGEST_SIZE]; 12517 } 12518 #endif 12519 12520 return good; 12521 } 11331 12522 11332 12523 /* timing resistant pad/verify check, return 0 on success */ 11333 static int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int t,11334 12524 int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int macSz, 12525 int pLen, int content) 11335 12526 { 11336 byte verify[MAX_DIGEST_SIZE]; 11337 byte dmy[sizeof(WOLFSSL) >= MAX_PAD_SIZE ? 1 : MAX_PAD_SIZE] = {0}; 11338 byte* dummy = sizeof(dmy) < MAX_PAD_SIZE ? (byte*) ssl : dmy; 12527 byte verify[WC_MAX_DIGEST_SIZE]; 12528 byte good; 11339 12529 int ret = 0; 11340 12530 11341 (void)dmy; 11342 11343 if ( (t + padLen + 1) > pLen) { 11344 WOLFSSL_MSG("Plain Len not long enough for pad/mac"); 11345 PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE); 11346 ssl->hmac(ssl, verify, input, pLen - t, content, 1); /* still compare */ 11347 ConstantCompare(verify, input + pLen - t, t); 11348 11349 return VERIFY_MAC_ERROR; 11350 } 11351 11352 if (PadCheck(input + pLen - (padLen + 1), (byte)padLen, padLen + 1) != 0) { 11353 WOLFSSL_MSG("PadCheck failed"); 11354 PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); 11355 ssl->hmac(ssl, verify, input, pLen - t, content, 1); /* still compare */ 11356 ConstantCompare(verify, input + pLen - t, t); 11357 11358 return VERIFY_MAC_ERROR; 11359 } 11360 11361 PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); 11362 ret = ssl->hmac(ssl, verify, input, pLen - padLen - 1 - t, content, 1); 11363 11364 CompressRounds(ssl, GetRounds(pLen, padLen, t), dummy); 11365 11366 if (ConstantCompare(verify, input + (pLen - padLen - 1 - t), t) != 0) { 11367 WOLFSSL_MSG("Verify MAC compare failed"); 11368 return VERIFY_MAC_ERROR; 11369 } 11370 11371 /* treat any faulure as verify MAC error */ 12531 good = MaskPadding(input, pLen, macSz); 12532 /* 4th argument has potential to underflow, ssl->hmac function should 12533 * either increment the size by (macSz + padLen + 1) before use or check on 12534 * the size to make sure is valid. */ 12535 ret = ssl->hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen, 12536 content, 1); 12537 good |= MaskMac(input, pLen, ssl->specs.hash_size, verify); 12538 12539 /* Non-zero on failure. */ 12540 good = (byte)~(word32)good; 12541 good &= good >> 4; 12542 good &= good >> 2; 12543 good &= good >> 1; 12544 /* Make ret negative on masking failure. */ 12545 ret -= 1 - good; 12546 12547 /* Treat any faulure as verify MAC error. */ 11372 12548 if (ret != 0) 11373 12549 ret = VERIFY_MAC_ERROR; … … 11375 12551 return ret; 11376 12552 } 12553 #endif 11377 12554 11378 12555 … … 11389 12566 11390 12567 #ifdef WOLFSSL_EARLY_DATA 11391 if (ssl->earlyData ) {12568 if (ssl->earlyData != no_early_data) { 11392 12569 } 11393 12570 else … … 11399 12576 } 11400 12577 12578 #ifndef WOLFSSL_AEAD_ONLY 11401 12579 if (ssl->specs.cipher_type == block) { 11402 12580 if (ssl->options.tls1_1) 11403 12581 ivExtra = ssl->specs.block_size; 11404 12582 } 11405 else if (ssl->specs.cipher_type == aead) { 12583 else 12584 #endif 12585 if (ssl->specs.cipher_type == aead) { 11406 12586 if (CipherHasExpIV(ssl)) 11407 12587 ivExtra = AESGCM_EXP_IV_SZ; … … 11414 12594 } 11415 12595 #ifdef WOLFSSL_EARLY_DATA 11416 if (ssl->earlyData ) {12596 if (ssl->earlyData != no_early_data) { 11417 12597 if (ssl->earlyDataSz + dataSz > ssl->options.maxEarlyDataSz) { 11418 12598 SendAlert(ssl, alert_fatal, unexpected_message); … … 11459 12639 byte code; 11460 12640 11461 #if def WOLFSSL_CALLBACKS12641 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 11462 12642 if (ssl->hsInfoOn) 11463 AddPacketName( "Alert", &ssl->handShakeInfo);12643 AddPacketName(ssl, "Alert"); 11464 12644 if (ssl->toInfoOn) 11465 12645 /* add record header back on to info + alert bytes level/code */ 11466 AddPacketInfo( "Alert", &ssl->timeoutInfo, input + *inOutIdx -12646 AddPacketInfo(ssl, "Alert", alert, input + *inOutIdx - 11467 12647 RECORD_HEADER_SZ, RECORD_HEADER_SZ + ALERT_SIZE, 11468 ssl->heap);12648 READ_PROTO, ssl->heap); 11469 12649 #endif 11470 12650 … … 11554 12734 /* read data from network */ 11555 12735 do { 11556 in = Receive(ssl,12736 in = wolfSSLReceive(ssl, 11557 12737 ssl->buffers.inputBuffer.buffer + 11558 12738 ssl->buffers.inputBuffer.length, … … 11584 12764 11585 12765 11586 static INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz,12766 static WC_INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz, 11587 12767 int content, word32* padSz) 11588 12768 { 12769 #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) 11589 12770 int ivExtra = 0; 11590 12771 int ret; … … 11597 12778 word32 digestSz = ssl->specs.hash_size; 11598 12779 #endif 11599 byte verify[MAX_DIGEST_SIZE]; 12780 byte verify[WC_MAX_DIGEST_SIZE]; 12781 11600 12782 11601 12783 if (ssl->specs.cipher_type == block) { … … 11625 12807 } 11626 12808 PadCheck(dummy, (byte)pad, MAX_PAD_SIZE); /* timing only */ 11627 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz - pad - 1, 12809 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz - pad - 1, pad, 11628 12810 content, 1); 11629 12811 if (ConstantCompare(verify, input + msgSz - digestSz - pad - 1, … … 11635 12817 } 11636 12818 else if (ssl->specs.cipher_type == stream) { 11637 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, content, 1);12819 ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1); 11638 12820 if (ConstantCompare(verify, input + msgSz - digestSz, digestSz) != 0){ 11639 12821 return VERIFY_MAC_ERROR; … … 11642 12824 return VERIFY_MAC_ERROR; 11643 12825 } 12826 #endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_AEAD_ONLY */ 11644 12827 11645 12828 if (ssl->specs.cipher_type == aead) { 11646 12829 *padSz = ssl->specs.aead_mac_size; 11647 12830 } 12831 #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) 11648 12832 else { 11649 12833 *padSz = digestSz + pad + padByte; 11650 12834 } 12835 #endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_AEAD_ONLY */ 12836 12837 (void)input; 12838 (void)msgSz; 12839 (void)content; 11651 12840 11652 12841 return 0; … … 11670 12859 #endif 11671 12860 11672 if (ssl->error != 0 && ssl->error != WANT_READ && 11673 ssl->error != WANT_WRITE && ssl->error != WC_PENDING_E) { 12861 if (ssl->error != 0 && ssl->error != WANT_READ && ssl->error != WANT_WRITE 12862 #ifdef WOLFSSL_ASYNC_CRYPT 12863 && ssl->error != WC_PENDING_E 12864 #endif 12865 #ifdef WOLFSSL_NONBLOCK_OCSP 12866 && ssl->error != OCSP_WANT_READ 12867 #endif 12868 ) { 11674 12869 WOLFSSL_MSG("ProcessReply retry in error state, not allowed"); 11675 12870 return ssl->error; … … 11836 13031 case decryptMessage: 11837 13032 11838 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0) { 13033 #if !defined(WOLFSSL_TLS13) || defined(WOLFSSL_TLS13_DRAFT_18) 13034 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0) 13035 #else 13036 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0 && 13037 (!IsAtLeastTLSv1_3(ssl->version) || 13038 ssl->curRL.type != change_cipher_spec)) 13039 #endif 13040 { 11839 13041 bufferStatic* in = &ssl->buffers.inputBuffer; 11840 13042 … … 11854 13056 else { 11855 13057 if (!ssl->options.tls1_3) { 13058 #ifndef WOLFSSL_NO_TLS12 11856 13059 ret = Decrypt(ssl, 11857 13060 in->buffer + in->idx, 11858 13061 in->buffer + in->idx, 11859 13062 ssl->curSize); 13063 #else 13064 ret = DECRYPT_ERROR; 13065 #endif 11860 13066 } 11861 else { 13067 else 13068 { 11862 13069 #ifdef WOLFSSL_TLS13 13070 #if defined(WOLFSSL_TLS13_DRAFT_18) || \ 13071 defined(WOLFSSL_TLS13_DRAFT_22) || \ 13072 defined(WOLFSSL_TLS13_DRAFT_23) 11863 13073 ret = DecryptTls13(ssl, 11864 13074 in->buffer + in->idx, 11865 13075 in->buffer + in->idx, 11866 ssl->curSize); 13076 ssl->curSize, NULL, 0); 13077 #else 13078 ret = DecryptTls13(ssl, 13079 in->buffer + in->idx, 13080 in->buffer + in->idx, 13081 ssl->curSize, 13082 (byte*)&ssl->curRL, RECORD_HEADER_SZ); 13083 #endif 11867 13084 #else 11868 13085 ret = DECRYPT_ERROR; … … 11877 13094 11878 13095 if (ret >= 0) { 13096 #ifndef WOLFSSL_NO_TLS12 11879 13097 /* handle success */ 13098 #ifndef WOLFSSL_AEAD_ONLY 11880 13099 if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) 11881 13100 ssl->buffers.inputBuffer.idx += ssl->specs.block_size; 13101 #endif 11882 13102 /* go past TLSv1.1 IV */ 11883 13103 if (CipherHasExpIV(ssl)) 11884 13104 ssl->buffers.inputBuffer.idx += AESGCM_EXP_IV_SZ; 13105 #endif 11885 13106 } 11886 13107 else { … … 11923 13144 case verifyMessage: 11924 13145 11925 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0) { 13146 #if !defined(WOLFSSL_TLS13) || defined(WOLFSSL_TLS13_DRAFT_18) 13147 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0) 13148 #else 13149 if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0 && 13150 (!IsAtLeastTLSv1_3(ssl->version) || 13151 ssl->curRL.type != change_cipher_spec)) 13152 #endif 13153 { 11926 13154 if (!atomicUser) { 11927 13155 ret = VerifyMac(ssl, ssl->buffers.inputBuffer.buffer + … … 11956 13184 #ifdef WOLFSSL_TLS13 11957 13185 if (ssl->options.tls1_3) { 13186 word16 i = (word16)(ssl->buffers.inputBuffer.length - 13187 ssl->keys.padSz); 13188 /* Remove padding from end of plain text. */ 13189 for (--i; i > ssl->buffers.inputBuffer.idx; i--) { 13190 if (ssl->buffers.inputBuffer.buffer[i] != 0) 13191 break; 13192 } 11958 13193 /* Get the real content type from the end of the data. */ 11959 ssl->keys.padSz++; 11960 ssl->curRL.type = ssl->buffers.inputBuffer.buffer[ 11961 ssl->buffers.inputBuffer.length - ssl->keys.padSz]; 13194 ssl->curRL.type = ssl->buffers.inputBuffer.buffer[i]; 13195 ssl->keys.padSz = ssl->buffers.inputBuffer.length - i; 11962 13196 } 11963 13197 #endif … … 11990 13224 } 11991 13225 else if (!IsAtLeastTLSv1_3(ssl->version)) { 13226 #ifndef WOLFSSL_NO_TLS12 11992 13227 ret = DoHandShakeMsg(ssl, 11993 13228 ssl->buffers.inputBuffer.buffer, 11994 13229 &ssl->buffers.inputBuffer.idx, 11995 13230 ssl->buffers.inputBuffer.length); 13231 #else 13232 ret = BUFFER_ERROR; 13233 #endif 11996 13234 } 11997 13235 else { … … 12007 13245 ssl->earlyData && 12008 13246 ssl->options.handShakeState == HANDSHAKE_DONE) { 12009 ssl->earlyData = 0;13247 ssl->earlyData = no_early_data; 12010 13248 ssl->options.processReply = doProcessInit; 12011 13249 return ZERO_RETURN; … … 12022 13260 case change_cipher_spec: 12023 13261 WOLFSSL_MSG("got CHANGE CIPHER SPEC"); 12024 #if def WOLFSSL_CALLBACKS13262 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 12025 13263 if (ssl->hsInfoOn) 12026 AddPacketName( "ChangeCipher", &ssl->handShakeInfo);13264 AddPacketName(ssl, "ChangeCipher"); 12027 13265 /* add record header back on info */ 12028 13266 if (ssl->toInfoOn) { 12029 AddPacketInfo("ChangeCipher", &ssl->timeoutInfo, 13267 AddPacketInfo(ssl, "ChangeCipher", 13268 change_cipher_spec, 12030 13269 ssl->buffers.inputBuffer.buffer + 12031 13270 ssl->buffers.inputBuffer.idx - RECORD_HEADER_SZ, 12032 1 + RECORD_HEADER_SZ, ssl->heap); 13271 1 + RECORD_HEADER_SZ, READ_PROTO, ssl->heap); 13272 #ifdef WOLFSSL_CALLBACKS 12033 13273 AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo); 13274 #endif 12034 13275 } 12035 13276 #endif 12036 13277 13278 #ifdef WOLFSSL_TLS13 13279 #ifdef WOLFSSL_TLS13_DRAFT_18 13280 if (IsAtLeastTLSv1_3(ssl->version)) { 13281 SendAlert(ssl, alert_fatal, illegal_parameter); 13282 return UNKNOWN_RECORD_TYPE; 13283 } 13284 #else 13285 if (IsAtLeastTLSv1_3(ssl->version)) { 13286 word32 i = ssl->buffers.inputBuffer.idx; 13287 if (ssl->curSize != 1 || 13288 ssl->buffers.inputBuffer.buffer[i] != 1) { 13289 SendAlert(ssl, alert_fatal, illegal_parameter); 13290 return UNKNOWN_RECORD_TYPE; 13291 } 13292 ssl->buffers.inputBuffer.idx++; 13293 break; 13294 } 13295 #endif 13296 #endif 13297 13298 #ifndef WOLFSSL_NO_TLS12 12037 13299 ret = SanityCheckMsgReceived(ssl, change_cipher_hs); 12038 13300 if (ret != 0) { … … 12119 13381 if (ret != 0) 12120 13382 return ret; 13383 #endif /* !WOLFSSL_NO_TLS12 */ 12121 13384 break; 12122 13385 … … 12214 13477 int ret; 12215 13478 13479 #ifdef OPENSSL_EXTRA 13480 ssl->cbmode = SSL_CB_MODE_WRITE; 13481 if (ssl->options.side == WOLFSSL_SERVER_END){ 13482 ssl->options.serverState = SERVER_CHANGECIPHERSPEC_COMPLETE; 13483 if (ssl->CBIS != NULL) 13484 ssl->CBIS(ssl, SSL_CB_ACCEPT_LOOP, SSL_SUCCESS); 13485 } 13486 else{ 13487 ssl->options.clientState = 13488 CLIENT_CHANGECIPHERSPEC_COMPLETE; 13489 if (ssl->CBIS != NULL) 13490 ssl->CBIS(ssl, SSL_CB_CONNECT_LOOP, SSL_SUCCESS); 13491 } 13492 #endif 13493 12216 13494 #ifdef WOLFSSL_DTLS 12217 13495 if (ssl->options.dtls) { … … 12226 13504 } 12227 13505 12228 /* check for ava laible size */13506 /* check for available size */ 12229 13507 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) 12230 13508 return ret; … … 12256 13534 } 12257 13535 #endif 12258 #if def WOLFSSL_CALLBACKS12259 if (ssl->hsInfoOn) AddPacketName( "ChangeCipher", &ssl->handShakeInfo);13536 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 13537 if (ssl->hsInfoOn) AddPacketName(ssl, "ChangeCipher"); 12260 13538 if (ssl->toInfoOn) 12261 AddPacketInfo( "ChangeCipher", &ssl->timeoutInfo, output, sendSz,12262 13539 AddPacketInfo(ssl, "ChangeCipher", change_cipher_spec, output, 13540 sendSz, WRITE_PROTO, ssl->heap); 12263 13541 #endif 12264 13542 ssl->buffers.outputBuffer.length += sendSz; … … 12278 13556 12279 13557 12280 #if ndef NO_OLD_TLS13558 #if !defined(NO_OLD_TLS) && !defined(WOLFSSL_AEAD_ONLY) 12281 13559 static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, 12282 int content, int verify)13560 int padLen, int content, int verify) 12283 13561 { 12284 byte result[ MAX_DIGEST_SIZE];13562 byte result[WC_MAX_DIGEST_SIZE]; 12285 13563 word32 digestSz = ssl->specs.hash_size; /* actual sizes */ 12286 13564 word32 padSz = ssl->specs.pad_size; … … 12294 13572 byte conLen[ENUM_LEN + LENGTH_SZ]; /* content & length */ 12295 13573 const byte* macSecret = wolfSSL_GetMacSecret(ssl, verify); 13574 13575 (void)padLen; 12296 13576 12297 13577 #ifdef HAVE_FUZZER … … 12391 13671 return 0; 12392 13672 } 12393 #endif /* NO_OLD_TLS*/13673 #endif /* !NO_OLD_TLS && !WOLFSSL_AEAD_ONLY */ 12394 13674 12395 13675 … … 12538 13818 } 12539 13819 12540 #endif /* WOLFSSL_LEANPSK */ 12541 13820 #endif /* !NO_CERTS */ 13821 13822 #ifndef WOLFSSL_NO_TLS12 12542 13823 /* Persistable BuildMessage arguments */ 12543 13824 typedef struct BuildMsgArgs { … … 12549 13830 word16 size; 12550 13831 word32 ivSz; /* TLSv1.1 IV */ 12551 byte iv[AES_BLOCK_SIZE]; /* max size */13832 byte* iv; 12552 13833 } BuildMsgArgs; 12553 13834 … … 12559 13840 (void)args; 12560 13841 12561 /* no allocations in BuildMessage */ 13842 if (args->iv) { 13843 XFREE(args->iv, ssl->heap, DYNAMIC_TYPE_SALT); 13844 args->iv = NULL; 12562 13845 } 13846 } 13847 #endif 12563 13848 12564 13849 /* Build SSL Message, encrypted */ … … 12566 13851 int inSz, int type, int hashOutput, int sizeOnly, int asyncOkay) 12567 13852 { 13853 #ifndef WOLFSSL_NO_TLS12 12568 13854 int ret = 0; 12569 13855 BuildMsgArgs* args; … … 12574 13860 (void)sizeof(args_test); 12575 13861 #endif 13862 #endif 12576 13863 12577 13864 WOLFSSL_ENTER("BuildMessage"); … … 12581 13868 } 12582 13869 13870 #ifdef WOLFSSL_NO_TLS12 13871 return BuildTls13Message(ssl, output, outSz, input, inSz, type, 13872 hashOutput, sizeOnly, asyncOkay); 13873 #else 12583 13874 #ifdef WOLFSSL_TLS13 12584 13875 if (ssl->options.tls1_3) { … … 12623 13914 /* catch mistaken sizeOnly parameter */ 12624 13915 if (!sizeOnly && (output == NULL || input == NULL) ) { 12625 return BAD_FUNC_ARG;13916 ERROR_OUT(BAD_FUNC_ARG, exit_buildmsg); 12626 13917 } 12627 13918 if (sizeOnly && (output || input) ) { 12628 13919 WOLFSSL_MSG("BuildMessage w/sizeOnly doesn't need input/output"); 12629 return BAD_FUNC_ARG;13920 ERROR_OUT(BAD_FUNC_ARG, exit_buildmsg); 12630 13921 } 12631 13922 … … 12650 13941 #endif 12651 13942 13943 #ifndef WOLFSSL_AEAD_ONLY 12652 13944 if (ssl->specs.cipher_type == block) { 12653 13945 word32 blockSz = ssl->specs.block_size; … … 12656 13948 args->sz += args->ivSz; 12657 13949 12658 if (args->ivSz > (word32)sizeof(args->iv))13950 if (args->ivSz > MAX_IV_SZ) 12659 13951 ERROR_OUT(BUFFER_E, exit_buildmsg); 12660 13952 } 12661 13953 args->sz += 1; /* pad byte */ 12662 13954 args->pad = (args->sz - args->headerSz) % blockSz; 13955 #ifdef OPENSSL_EXTRA 13956 if(args->pad != 0) 13957 #endif 12663 13958 args->pad = blockSz - args->pad; 12664 13959 args->sz += args->pad; 12665 13960 } 13961 #endif /* WOLFSSL_AEAD_ONLY */ 12666 13962 12667 13963 #ifdef HAVE_AEAD … … 12684 13980 12685 13981 if (args->ivSz > 0) { 13982 args->iv = (byte*)XMALLOC(args->ivSz, ssl->heap, DYNAMIC_TYPE_SALT); 13983 if (args->iv == NULL) 13984 ERROR_OUT(MEMORY_E, exit_buildmsg); 13985 12686 13986 ret = wc_RNG_GenerateBlock(ssl->rng, args->iv, args->ivSz); 12687 13987 if (ret != 0) … … 12701 14001 12702 14002 /* write to output */ 12703 if (args->ivSz ) {14003 if (args->ivSz > 0) { 12704 14004 XMEMCPY(output + args->idx, args->iv, 12705 min(args->ivSz, sizeof(args->iv)));14005 min(args->ivSz, MAX_IV_SZ)); 12706 14006 args->idx += args->ivSz; 12707 14007 } … … 12714 14014 case BUILD_MSG_HASH: 12715 14015 { 12716 word32 i;12717 12718 14016 if (type == handshake && hashOutput) { 12719 14017 ret = HashOutput(ssl, output, args->headerSz + inSz, args->ivSz); … … 12721 14019 goto exit_buildmsg; 12722 14020 } 14021 #ifndef WOLFSSL_AEAD_ONLY 12723 14022 if (ssl->specs.cipher_type == block) { 12724 14023 word32 tmpIdx = args->idx + args->digestSz; 14024 word32 i; 12725 14025 12726 14026 for (i = 0; i <= args->pad; i++) 12727 14027 output[tmpIdx++] = (byte)args->pad; /* pad byte gets pad value */ 12728 14028 } 14029 #endif 12729 14030 12730 14031 ssl->options.buildMsgState = BUILD_MSG_VERIFY_MAC; … … 12744 14045 #endif 12745 14046 14047 #ifndef WOLFSSL_AEAD_ONLY 12746 14048 if (ssl->specs.cipher_type != aead) { 12747 14049 #ifdef HAVE_TRUNCATED_HMAC 12748 if (ssl->truncated_hmac && ssl->specs.hash_size > args->digestSz) { 14050 if (ssl->truncated_hmac && 14051 ssl->specs.hash_size > args->digestSz) { 12749 14052 #ifdef WOLFSSL_SMALL_STACK 12750 14053 byte* hmac = NULL; 12751 14054 #else 12752 byte hmac[MAX_DIGEST_SIZE];14055 byte hmac[WC_MAX_DIGEST_SIZE]; 12753 14056 #endif 12754 14057 12755 14058 #ifdef WOLFSSL_SMALL_STACK 12756 hmac = (byte*)XMALLOC(MAX_DIGEST_SIZE, ssl->heap,14059 hmac = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, ssl->heap, 12757 14060 DYNAMIC_TYPE_DIGEST); 12758 14061 if (hmac == NULL) … … 12760 14063 #endif 12761 14064 12762 ret = ssl->hmac(ssl, hmac, output + args->headerSz + args->ivSz, inSz, 12763 type, 0); 14065 ret = ssl->hmac(ssl, hmac, 14066 output + args->headerSz + args->ivSz, inSz, 14067 -1, type, 0); 12764 14068 XMEMCPY(output + args->idx, hmac, args->digestSz); 12765 14069 … … 12770 14074 else 12771 14075 #endif 12772 ret = ssl->hmac(ssl, output + args->idx, output + args->headerSz + args->ivSz, 12773 inSz, type, 0); 12774 #ifdef WOLFSSL_DTLS 12775 if (ssl->options.dtls) 12776 DtlsSEQIncrement(ssl, CUR_ORDER); 12777 #endif 12778 } 14076 { 14077 ret = ssl->hmac(ssl, output + args->idx, output + 14078 args->headerSz + args->ivSz, inSz, -1, type, 0); 14079 } 14080 } 14081 #endif /* WOLFSSL_AEAD_ONLY */ 12779 14082 if (ret != 0) 12780 14083 goto exit_buildmsg; … … 12804 14107 ssl->options.buildMsgState = BUILD_MSG_BEGIN; 12805 14108 14109 #ifdef WOLFSSL_DTLS 14110 if (ret == 0 && ssl->options.dtls) 14111 DtlsSEQIncrement(ssl, CUR_ORDER); 14112 #endif 14113 12806 14114 /* return sz on success */ 12807 14115 if (ret == 0) … … 12810 14118 /* Final cleanup */ 12811 14119 FreeBuildMsgArgs(ssl, args); 14120 #ifdef WOLFSSL_ASYNC_CRYPT 14121 ssl->async.freeArgs = NULL; 14122 #endif 12812 14123 12813 14124 return ret; 14125 #endif /* !WOLFSSL_NO_TLS12 */ 12814 14126 } 12815 14127 14128 #ifndef WOLFSSL_NO_TLS12 12816 14129 12817 14130 int SendFinished(WOLFSSL* ssl) … … 12827 14140 int outputSz; 12828 14141 14142 WOLFSSL_START(WC_FUNC_FINISHED_SEND); 14143 WOLFSSL_ENTER("SendFinished"); 14144 12829 14145 /* setup encrypt keys */ 12830 14146 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) != 0) … … 12889 14205 #endif 12890 14206 if (ssl->options.side == WOLFSSL_SERVER_END) { 14207 #ifdef OPENSSL_EXTRA 14208 ssl->options.serverState = SERVER_FINISHED_COMPLETE; 14209 ssl->cbmode = SSL_CB_MODE_WRITE; 14210 if (ssl->CBIS != NULL) 14211 ssl->CBIS(ssl, SSL_CB_HANDSHAKE_DONE, SSL_SUCCESS); 14212 #endif 12891 14213 ssl->options.handShakeState = HANDSHAKE_DONE; 12892 14214 ssl->options.handShakeDone = 1; … … 12895 14217 else { 12896 14218 if (ssl->options.side == WOLFSSL_CLIENT_END) { 14219 #ifdef OPENSSL_EXTRA 14220 ssl->options.clientState = CLIENT_FINISHED_COMPLETE; 14221 ssl->cbmode = SSL_CB_MODE_WRITE; 14222 if (ssl->CBIS != NULL) 14223 ssl->CBIS(ssl, SSL_CB_HANDSHAKE_DONE, SSL_SUCCESS); 14224 #endif 12897 14225 ssl->options.handShakeState = HANDSHAKE_DONE; 12898 14226 ssl->options.handShakeDone = 1; … … 12900 14228 } 12901 14229 12902 #if def WOLFSSL_CALLBACKS12903 if (ssl->hsInfoOn) AddPacketName( "Finished", &ssl->handShakeInfo);14230 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 14231 if (ssl->hsInfoOn) AddPacketName(ssl, "Finished"); 12904 14232 if (ssl->toInfoOn) 12905 AddPacketInfo( "Finished", &ssl->timeoutInfo, output, sendSz,12906 ssl->heap);14233 AddPacketInfo(ssl, "Finished", handshake, output, sendSz, 14234 WRITE_PROTO, ssl->heap); 12907 14235 #endif 12908 14236 12909 14237 ssl->buffers.outputBuffer.length += sendSz; 12910 14238 12911 return SendBuffered(ssl); 14239 ret = SendBuffered(ssl); 14240 14241 WOLFSSL_LEAVE("SendFinished", ret); 14242 WOLFSSL_END(WC_FUNC_FINISHED_SEND); 14243 14244 return ret; 12912 14245 } 12913 14246 #endif /* WOLFSSL_NO_TLS12 */ 14247 14248 #ifndef NO_WOLFSSL_SERVER 14249 #if (!defined(WOLFSSL_NO_TLS12) && \ 14250 (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ 14251 defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))) || \ 14252 (defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST)) 14253 static int CreateOcspRequest(WOLFSSL* ssl, OcspRequest* request, 14254 DecodedCert* cert, byte* certData, word32 length) 14255 { 14256 int ret; 14257 14258 InitDecodedCert(cert, certData, length, ssl->heap); 14259 /* TODO: Setup async support here */ 14260 ret = ParseCertRelative(cert, CERT_TYPE, VERIFY, ssl->ctx->cm); 14261 if (ret != 0) { 14262 WOLFSSL_MSG("ParseCert failed"); 14263 } 14264 if (ret == 0) 14265 ret = InitOcspRequest(request, cert, 0, ssl->heap); 14266 if (ret == 0) { 14267 /* make sure ctx OCSP request is updated */ 14268 if (!ssl->buffers.weOwnCert) { 14269 wolfSSL_Mutex* ocspLock = &ssl->ctx->cm->ocsp_stapling->ocspLock; 14270 if (wc_LockMutex(ocspLock) == 0) { 14271 if (ssl->ctx->certOcspRequest == NULL) 14272 ssl->ctx->certOcspRequest = request; 14273 wc_UnLockMutex(ocspLock); 14274 } 14275 } 14276 } 14277 14278 FreeDecodedCert(cert); 14279 14280 return ret; 14281 } 14282 14283 14284 int CreateOcspResponse(WOLFSSL* ssl, OcspRequest** ocspRequest, 14285 buffer* response) 14286 { 14287 int ret = 0; 14288 OcspRequest* request; 14289 14290 if (ssl == NULL || ocspRequest == NULL || response == NULL) 14291 return BAD_FUNC_ARG; 14292 14293 request = *ocspRequest; 14294 14295 XMEMSET(response, 0, sizeof(*response)); 14296 14297 /* unable to fetch status. skip. */ 14298 if (ssl->ctx->cm == NULL || ssl->ctx->cm->ocspStaplingEnabled == 0) 14299 return 0; 14300 14301 if (request == NULL || ssl->buffers.weOwnCert) { 14302 DerBuffer* der = ssl->buffers.certificate; 14303 #ifdef WOLFSSL_SMALL_STACK 14304 DecodedCert* cert = NULL; 14305 #else 14306 DecodedCert cert[1]; 14307 #endif 14308 14309 /* unable to fetch status. skip. */ 14310 if (der->buffer == NULL || der->length == 0) 14311 return 0; 14312 14313 #ifdef WOLFSSL_SMALL_STACK 14314 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), ssl->heap, 14315 DYNAMIC_TYPE_DCERT); 14316 if (cert == NULL) 14317 return MEMORY_E; 14318 #endif 14319 request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), ssl->heap, 14320 DYNAMIC_TYPE_OCSP_REQUEST); 14321 if (request == NULL) 14322 ret = MEMORY_E; 14323 14324 if (ret == 0) { 14325 ret = CreateOcspRequest(ssl, request, cert, der->buffer, 14326 der->length); 14327 } 14328 14329 if (request != NULL && ret != 0) { 14330 FreeOcspRequest(request); 14331 XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 14332 request = NULL; 14333 } 14334 #ifdef WOLFSSL_SMALL_STACK 14335 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); 14336 #endif 14337 } 14338 14339 if (ret == 0) { 14340 request->ssl = ssl; 14341 ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, request, response); 14342 14343 /* Suppressing, not critical */ 14344 if (ret == OCSP_CERT_REVOKED || 14345 ret == OCSP_CERT_UNKNOWN || 14346 ret == OCSP_LOOKUP_FAIL) { 14347 ret = 0; 14348 } 14349 } 14350 14351 *ocspRequest = request; 14352 14353 return ret; 14354 } 14355 #endif 14356 #endif /* !NO_WOLFSSL_SERVER */ 14357 14358 #ifndef WOLFSSL_NO_TLS12 12914 14359 12915 14360 #ifndef NO_CERTS 14361 #if !defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH) 14362 /* handle generation of certificate (11) */ 12916 14363 int SendCertificate(WOLFSSL* ssl) 12917 14364 { … … 12920 14367 word32 length, maxFragment; 12921 14368 14369 WOLFSSL_START(WC_FUNC_CERTIFICATE_SEND); 14370 WOLFSSL_ENTER("SendCertificate"); 14371 12922 14372 if (ssl->options.usingPSK_cipher || ssl->options.usingAnon_cipher) 12923 14373 return 0; /* not needed */ 12924 14374 12925 14375 if (ssl->options.sendVerify == SEND_BLANK_CERT) { 14376 #ifdef OPENSSL_EXTRA 14377 if (ssl->version.major == SSLv3_MAJOR 14378 && ssl->version.minor == SSLv3_MINOR){ 14379 SendAlert(ssl, alert_warning, no_certificate); 14380 return 0; 14381 } else { 14382 #endif 12926 14383 certSz = 0; 12927 14384 certChainSz = 0; … … 12929 14386 length = CERT_HEADER_SZ; 12930 14387 listSz = 0; 14388 #ifdef OPENSSL_EXTRA 14389 } 14390 #endif 12931 14391 } 12932 14392 else { … … 12957 14417 12958 14418 maxFragment = MAX_RECORD_SIZE; 14419 12959 14420 if (ssl->options.dtls) { 12960 14421 #ifdef WOLFSSL_DTLS 14422 /* The 100 bytes is used to account for the UDP and IP headers. 14423 It can also include the record padding and MAC if the 14424 SendCertificate is called for a secure renegotiation. */ 12961 14425 maxFragment = MAX_MTU - DTLS_RECORD_HEADER_SZ 12962 14426 - DTLS_HANDSHAKE_HEADER_SZ - 100; … … 12964 14428 } 12965 14429 12966 #ifdef HAVE_MAX_FRAGMENT 12967 if (ssl->max_fragment != 0 && maxFragment >= ssl->max_fragment) 12968 maxFragment = ssl->max_fragment; 12969 #endif /* HAVE_MAX_FRAGMENT */ 14430 maxFragment = wolfSSL_GetMaxRecordSize(ssl, maxFragment); 12970 14431 12971 14432 while (length > 0 && ret == 0) { … … 13132 14593 #endif 13133 14594 13134 #if def WOLFSSL_CALLBACKS14595 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 13135 14596 if (ssl->hsInfoOn) 13136 AddPacketName( "Certificate", &ssl->handShakeInfo);14597 AddPacketName(ssl, "Certificate"); 13137 14598 if (ssl->toInfoOn) 13138 AddPacketInfo( "Certificate", &ssl->timeoutInfo, output, sendSz,13139 ssl->heap);14599 AddPacketInfo(ssl, "Certificate", handshake, output, sendSz, 14600 WRITE_PROTO, ssl->heap); 13140 14601 #endif 13141 14602 … … 13152 14613 ssl->keys.dtls_handshake_number++; 13153 14614 #endif 13154 if (ssl->options.side == WOLFSSL_SERVER_END) 14615 if (ssl->options.side == WOLFSSL_SERVER_END){ 13155 14616 ssl->options.serverState = SERVER_CERT_COMPLETE; 13156 14617 } 14618 } 14619 14620 WOLFSSL_LEAVE("SendCertificate", ret); 14621 WOLFSSL_END(WC_FUNC_CERTIFICATE_SEND); 13157 14622 13158 14623 return ret; 13159 14624 } 13160 13161 14625 #endif /* !NO_WOLFSSL_SERVER || !WOLFSSL_NO_CLIENT_AUTH */ 14626 14627 /* handle generation of certificate_request (13) */ 13162 14628 int SendCertificateRequest(WOLFSSL* ssl) 13163 14629 { … … 13167 14633 word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 13168 14634 word32 dnLen = 0; 13169 #if def WOLFSSL_NGINX14635 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 13170 14636 WOLF_STACK_OF(WOLFSSL_X509_NAME)* names; 13171 14637 #endif … … 13174 14640 int reqSz = ENUM_LEN + typeTotal + REQ_HEADER_SZ; /* add auth later */ 13175 14641 14642 WOLFSSL_START(WC_FUNC_CERTIFICATE_REQUEST_SEND); 14643 WOLFSSL_ENTER("SendCertificateRequest"); 14644 13176 14645 if (IsAtLeastTLSv1_2(ssl)) 13177 14646 reqSz += LENGTH_SZ + ssl->suites->hashSigAlgoSz; 13178 14647 13179 #if def WOLFSSL_NGINX14648 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 13180 14649 /* Certificate Authorities */ 13181 14650 names = ssl->ctx->ca_names; … … 13196 14665 sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + reqSz; 13197 14666 14667 if (!ssl->options.dtls) { 14668 if (IsEncryptionOn(ssl, 1)) 14669 sendSz += MAX_MSG_EXTRA; 14670 } 14671 else { 13198 14672 #ifdef WOLFSSL_DTLS 13199 if (ssl->options.dtls) {13200 14673 sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; 13201 14674 i += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; 13202 }13203 14675 #endif 14676 } 13204 14677 /* check for available size */ 13205 14678 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) … … 13228 14701 if (IsAtLeastTLSv1_2(ssl)) { 13229 14702 c16toa(ssl->suites->hashSigAlgoSz, &output[i]); 13230 i += LENGTH_SZ;14703 i += OPAQUE16_LEN; 13231 14704 13232 14705 XMEMCPY(&output[i], … … 13238 14711 c16toa((word16)dnLen, &output[i]); /* auth's */ 13239 14712 i += REQ_HEADER_SZ; 13240 #if def WOLFSSL_NGINX14713 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 13241 14714 names = ssl->ctx->ca_names; 13242 14715 while (names != NULL) { 13243 14716 byte seq[MAX_SEQ_SZ]; 13244 14717 13245 c16toa( names->data.name->rawLen +14718 c16toa((word16)names->data.name->rawLen + 13246 14719 SetSequence(names->data.name->rawLen, seq), &output[i]); 13247 14720 i += OPAQUE16_LEN; … … 13254 14727 (void)i; 13255 14728 14729 if (IsEncryptionOn(ssl, 1)) { 14730 byte* input; 14731 int inputSz = i - RECORD_HEADER_SZ; /* build msg adds rec hdr */ 14732 14733 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 14734 if (input == NULL) 14735 return MEMORY_E; 14736 14737 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 14738 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 14739 handshake, 1, 0, 0); 14740 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 14741 14742 if (sendSz < 0) 14743 return sendSz; 14744 } else { 13256 14745 #ifdef WOLFSSL_DTLS 14746 if (ssl->options.dtls) 14747 DtlsSEQIncrement(ssl, CUR_ORDER); 13257 14748 if (IsDtlsNotSctpMode(ssl)) { 13258 14749 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0) 13259 14750 return ret; 13260 14751 } 13261 if (ssl->options.dtls)13262 DtlsSEQIncrement(ssl, CUR_ORDER);13263 14752 #endif 13264 13265 14753 ret = HashOutput(ssl, output, sendSz, 0); 13266 14754 if (ret != 0) 13267 14755 return ret; 13268 13269 #ifdef WOLFSSL_CALLBACKS 14756 } 14757 14758 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 13270 14759 if (ssl->hsInfoOn) 13271 AddPacketName( "CertificateRequest", &ssl->handShakeInfo);14760 AddPacketName(ssl, "CertificateRequest"); 13272 14761 if (ssl->toInfoOn) 13273 AddPacketInfo( "CertificateRequest", &ssl->timeoutInfo, output,13274 sendSz, ssl->heap);14762 AddPacketInfo(ssl, "CertificateRequest", handshake, output, sendSz, 14763 WRITE_PROTO, ssl->heap); 13275 14764 #endif 13276 14765 ssl->buffers.outputBuffer.length += sendSz; 13277 14766 if (ssl->options.groupMessages) 13278 ret urn0;14767 ret = 0; 13279 14768 else 13280 return SendBuffered(ssl); 14769 ret = SendBuffered(ssl); 14770 14771 WOLFSSL_LEAVE("SendCertificateRequest", ret); 14772 WOLFSSL_END(WC_FUNC_CERTIFICATE_REQUEST_SEND); 14773 14774 return ret; 13281 14775 } 13282 14776 … … 13365 14859 #endif 13366 14860 13367 #if def WOLFSSL_CALLBACKS14861 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 13368 14862 if (ret == 0 && ssl->hsInfoOn) 13369 AddPacketName( "CertificateStatus", &ssl->handShakeInfo);14863 AddPacketName(ssl, "CertificateStatus"); 13370 14864 if (ret == 0 && ssl->toInfoOn) 13371 AddPacketInfo( "CertificateStatus", &ssl->timeoutInfo, output,13372 sendSz, ssl->heap);14865 AddPacketInfo(ssl, "CertificateStatus", handshake, output, sendSz, 14866 WRITE_PROTO, ssl->heap); 13373 14867 #endif 13374 14868 … … 13386 14880 #endif /* NO_WOLFSSL_SERVER */ 13387 14881 13388 14882 /* handle generation of certificate_status (22) */ 13389 14883 int SendCertificateStatus(WOLFSSL* ssl) 13390 14884 { … … 13392 14886 byte status_type = 0; 13393 14887 14888 WOLFSSL_START(WC_FUNC_CERTIFICATE_STATUS_SEND); 13394 14889 WOLFSSL_ENTER("SendCertificateStatus"); 13395 14890 … … 13415 14910 buffer response; 13416 14911 13417 XMEMSET(&response, 0, sizeof(response)); 13418 13419 /* unable to fetch status. skip. */ 13420 if (ssl->ctx->cm == NULL || ssl->ctx->cm->ocspStaplingEnabled == 0) 13421 return 0; 13422 13423 if (request == NULL || ssl->buffers.weOwnCert) { 13424 DerBuffer* der = ssl->buffers.certificate; 14912 ret = CreateOcspResponse(ssl, &request, &response); 14913 if (ret == 0 && response.buffer) { 14914 ret = BuildCertificateStatus(ssl, status_type, &response, 1); 14915 14916 XFREE(response.buffer, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 14917 response.buffer = NULL; 14918 } 14919 14920 break; 14921 } 14922 14923 #endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ 14924 /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */ 14925 14926 #if defined HAVE_CERTIFICATE_STATUS_REQUEST_V2 14927 case WOLFSSL_CSR2_OCSP_MULTI: 14928 { 14929 OcspRequest* request = ssl->ctx->certOcspRequest; 14930 buffer responses[1 + MAX_CHAIN_DEPTH]; 14931 int i = 0; 14932 14933 XMEMSET(responses, 0, sizeof(responses)); 14934 14935 ret = CreateOcspResponse(ssl, &request, &responses[0]); 14936 if (ret == 0 && (!ssl->ctx->chainOcspRequest[0] 14937 || ssl->buffers.weOwnCertChain)) { 14938 buffer der; 14939 word32 idx = 0; 13425 14940 #ifdef WOLFSSL_SMALL_STACK 13426 14941 DecodedCert* cert = NULL; … … 13428 14943 DecodedCert cert[1]; 13429 14944 #endif 13430 13431 /* unable to fetch status. skip. */13432 if (der->buffer == NULL || der->length == 0)13433 return 0;13434 14945 13435 14946 #ifdef WOLFSSL_SMALL_STACK … … 13439 14950 return MEMORY_E; 13440 14951 #endif 13441 13442 InitDecodedCert(cert, der->buffer, der->length, ssl->heap); 13443 /* TODO: Setup async support here */ 13444 if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY, 13445 ssl->ctx->cm)) != 0) { 13446 WOLFSSL_MSG("ParseCert failed"); 13447 } 13448 else { 13449 request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), 13450 ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 13451 if (request) { 13452 ret = InitOcspRequest(request, cert, 0, ssl->heap); 13453 if (ret == 0) { 13454 /* make sure ctx OCSP request is updated */ 13455 if (!ssl->buffers.weOwnCert) { 13456 wolfSSL_Mutex* ocspLock = 13457 &ssl->ctx->cm->ocsp_stapling->ocspLock; 13458 if (wc_LockMutex(ocspLock) == 0) { 13459 if (ssl->ctx->certOcspRequest == NULL) 13460 ssl->ctx->certOcspRequest = request; 13461 wc_UnLockMutex(ocspLock); 13462 } 13463 } 13464 } 13465 else { 13466 XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 13467 request = NULL; 13468 } 13469 } 13470 else { 13471 ret = MEMORY_E; 13472 } 13473 } 13474 13475 FreeDecodedCert(cert); 13476 14952 request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), ssl->heap, 14953 DYNAMIC_TYPE_OCSP_REQUEST); 14954 if (request == NULL) { 13477 14955 #ifdef WOLFSSL_SMALL_STACK 13478 14956 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); 13479 14957 #endif 13480 } 13481 14958 return MEMORY_E; 14959 } 14960 14961 while (idx + OPAQUE24_LEN < ssl->buffers.certChain->length) { 14962 c24to32(ssl->buffers.certChain->buffer + idx, &der.length); 14963 idx += OPAQUE24_LEN; 14964 14965 der.buffer = ssl->buffers.certChain->buffer + idx; 14966 idx += der.length; 14967 14968 if (idx > ssl->buffers.certChain->length) 14969 break; 14970 14971 ret = CreateOcspRequest(ssl, request, cert, der.buffer, 14972 der.length); 13482 14973 if (ret == 0) { 13483 14974 request->ssl = ssl; 13484 ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, request,13485 &response);14975 ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, 14976 request, &responses[i + 1]); 13486 14977 13487 14978 /* Suppressing, not critical */ … … 13492 14983 } 13493 14984 13494 if (response.buffer) { 13495 if (ret == 0) 13496 ret = BuildCertificateStatus(ssl, status_type, 13497 &response, 1); 13498 13499 XFREE(response.buffer, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 13500 response.buffer = NULL; 14985 14986 i++; 14987 FreeOcspRequest(request); 13501 14988 } 13502 13503 } 13504 13505 if (request != ssl->ctx->certOcspRequest) 14989 } 14990 13506 14991 XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 13507 13508 break;13509 }13510 13511 #endif /* HAVE_CERTIFICATE_STATUS_REQUEST */13512 /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */13513 13514 #if defined HAVE_CERTIFICATE_STATUS_REQUEST_V213515 case WOLFSSL_CSR2_OCSP_MULTI:13516 {13517 OcspRequest* request = ssl->ctx->certOcspRequest;13518 buffer responses[1 + MAX_CHAIN_DEPTH];13519 int i = 0;13520 13521 XMEMSET(responses, 0, sizeof(responses));13522 13523 /* unable to fetch status. skip. */13524 if (ssl->ctx->cm == NULL || ssl->ctx->cm->ocspStaplingEnabled == 0)13525 return 0;13526 13527 if (!request || ssl->buffers.weOwnCert) {13528 DerBuffer* der = ssl->buffers.certificate;13529 #ifdef WOLFSSL_SMALL_STACK13530 DecodedCert* cert = NULL;13531 #else13532 DecodedCert cert[1];13533 #endif13534 13535 /* unable to fetch status. skip. */13536 if (der->buffer == NULL || der->length == 0)13537 return 0;13538 13539 #ifdef WOLFSSL_SMALL_STACK13540 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), ssl->heap,13541 DYNAMIC_TYPE_DCERT);13542 if (cert == NULL)13543 return MEMORY_E;13544 #endif13545 13546 InitDecodedCert(cert, der->buffer, der->length, ssl->heap);13547 /* TODO: Setup async support here */13548 if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,13549 ssl->ctx->cm)) != 0) {13550 WOLFSSL_MSG("ParseCert failed");13551 }13552 else {13553 request = (OcspRequest*)XMALLOC(sizeof(OcspRequest),13554 ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);13555 if (request) {13556 ret = InitOcspRequest(request, cert, 0, ssl->heap);13557 if (ret == 0) {13558 /* make sure ctx OCSP request is updated */13559 if (!ssl->buffers.weOwnCert) {13560 wolfSSL_Mutex* ocspLock =13561 &ssl->ctx->cm->ocsp_stapling->ocspLock;13562 if (wc_LockMutex(ocspLock) == 0) {13563 if (ssl->ctx->certOcspRequest == NULL)13564 ssl->ctx->certOcspRequest = request;13565 wc_UnLockMutex(ocspLock);13566 }13567 }13568 }13569 else {13570 XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);13571 request = NULL;13572 }13573 }13574 else {13575 ret = MEMORY_E;13576 }13577 }13578 13579 FreeDecodedCert(cert);13580 13581 14992 #ifdef WOLFSSL_SMALL_STACK 13582 14993 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); 13583 14994 #endif 13584 } 13585 13586 if (ret == 0) { 13587 request->ssl = ssl; 13588 ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, request, 13589 &responses[0]); 14995 } 14996 else { 14997 while (ret == 0 && 14998 NULL != (request = ssl->ctx->chainOcspRequest[i])) { 14999 request->ssl = ssl; 15000 ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, 15001 request, &responses[++i]); 13590 15002 13591 15003 /* Suppressing, not critical */ … … 13596 15008 } 13597 15009 } 13598 13599 if (request != ssl->ctx->certOcspRequest)13600 XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);13601 13602 if (ret == 0 && (!ssl->ctx->chainOcspRequest[0]13603 || ssl->buffers.weOwnCertChain)) {13604 buffer der;13605 word32 idx = 0;13606 #ifdef WOLFSSL_SMALL_STACK13607 DecodedCert* cert = NULL;13608 #else13609 DecodedCert cert[1];13610 #endif13611 13612 XMEMSET(&der, 0, sizeof(buffer));13613 13614 #ifdef WOLFSSL_SMALL_STACK13615 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), ssl->heap,13616 DYNAMIC_TYPE_DCERT);13617 if (cert == NULL)13618 return MEMORY_E;13619 #endif13620 13621 while (idx + OPAQUE24_LEN < ssl->buffers.certChain->length) {13622 c24to32(ssl->buffers.certChain->buffer + idx, &der.length);13623 idx += OPAQUE24_LEN;13624 13625 der.buffer = ssl->buffers.certChain->buffer + idx;13626 idx += der.length;13627 13628 if (idx > ssl->buffers.certChain->length)13629 break;13630 13631 InitDecodedCert(cert, der.buffer, der.length, ssl->heap);13632 /* TODO: Setup async support here */13633 if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,13634 ssl->ctx->cm)) != 0) {13635 WOLFSSL_MSG("ParseCert failed");13636 break;13637 }13638 else {13639 request = (OcspRequest*)XMALLOC(sizeof(OcspRequest),13640 ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);13641 if (request == NULL) {13642 FreeDecodedCert(cert);13643 13644 ret = MEMORY_E;13645 break;13646 15010 } 13647 15011 13648 ret = InitOcspRequest(request, cert, 0, ssl->heap);15012 if (responses[0].buffer) { 13649 15013 if (ret == 0) { 13650 /* make sure ctx OCSP request is updated */ 13651 if (!ssl->buffers.weOwnCertChain) { 13652 wolfSSL_Mutex* ocspLock = 13653 &ssl->ctx->cm->ocsp_stapling->ocspLock; 13654 if (wc_LockMutex(ocspLock) == 0) { 13655 if (ssl->ctx->chainOcspRequest[i] == NULL) 13656 ssl->ctx->chainOcspRequest[i] = request; 13657 wc_UnLockMutex(ocspLock); 13658 } 13659 } 13660 } 13661 else { 13662 FreeDecodedCert(cert); 13663 XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 13664 request = NULL; 13665 break; 13666 } 13667 13668 request->ssl = ssl; 13669 ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, 13670 request, &responses[i + 1]); 13671 13672 /* Suppressing, not critical */ 13673 if (ret == OCSP_CERT_REVOKED || 13674 ret == OCSP_CERT_UNKNOWN || 13675 ret == OCSP_LOOKUP_FAIL) { 13676 ret = 0; 13677 } 13678 13679 if (request != ssl->ctx->chainOcspRequest[i]) 13680 XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); 13681 13682 i++; 13683 } 13684 13685 FreeDecodedCert(cert); 13686 } 13687 13688 #ifdef WOLFSSL_SMALL_STACK 13689 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); 13690 #endif 13691 } 13692 else { 13693 while (ret == 0 && 13694 NULL != (request = ssl->ctx->chainOcspRequest[i])) { 13695 request->ssl = ssl; 13696 ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, 13697 request, &responses[++i]); 13698 13699 /* Suppressing, not critical */ 13700 if (ret == OCSP_CERT_REVOKED || 13701 ret == OCSP_CERT_UNKNOWN || 13702 ret == OCSP_LOOKUP_FAIL) { 13703 ret = 0; 13704 } 13705 } 13706 } 13707 13708 if (responses[0].buffer) { 13709 if (ret == 0) 13710 ret = BuildCertificateStatus(ssl, status_type, 13711 responses, (byte)i + 1); 13712 13713 for (i = 0; i < 1 + MAX_CHAIN_DEPTH; i++) 13714 if (responses[i].buffer) 15014 ret = BuildCertificateStatus(ssl, status_type, responses, 15015 (byte)i + 1); 15016 } 15017 15018 for (i = 0; i < 1 + MAX_CHAIN_DEPTH; i++) { 15019 if (responses[i].buffer) { 13715 15020 XFREE(responses[i].buffer, ssl->heap, 13716 15021 DYNAMIC_TYPE_OCSP_REQUEST); 13717 15022 } 15023 } 15024 } 13718 15025 13719 15026 break; … … 13726 15033 } 13727 15034 15035 WOLFSSL_LEAVE("SendCertificateStatus", ret); 15036 WOLFSSL_END(WC_FUNC_CERTIFICATE_STATUS_SEND); 15037 13728 15038 return ret; 13729 15039 } … … 13731 15041 #endif /* !NO_CERTS */ 13732 15042 15043 #endif /* WOLFSSL_NO_TLS12 */ 13733 15044 13734 15045 int SendData(WOLFSSL* ssl, const void* data, int sz) … … 13738 15049 ret, 13739 15050 dtlsExtra = 0; 13740 13741 if (ssl->error == WANT_WRITE || ssl->error == WC_PENDING_E) 15051 int groupMsgs = 0; 15052 15053 if (ssl->error == WANT_WRITE 15054 #ifdef WOLFSSL_ASYNC_CRYPT 15055 || ssl->error == WC_PENDING_E 15056 #endif 15057 ) { 13742 15058 ssl->error = 0; 15059 } 13743 15060 13744 15061 #ifdef WOLFSSL_DTLS … … 13752 15069 13753 15070 #ifdef WOLFSSL_EARLY_DATA 13754 if (ssl->earlyData ) {15071 if (ssl->earlyData != no_early_data) { 13755 15072 if (ssl->options.handShakeState == HANDSHAKE_DONE) { 13756 15073 WOLFSSL_MSG("handshake complete, trying to send early data"); 13757 15074 return BUILD_MSG_ERROR; 13758 15075 } 15076 #ifdef WOLFSSL_EARLY_DATA_GROUP 15077 groupMsgs = 1; 15078 #endif 13759 15079 } 13760 15080 else … … 13764 15084 WOLFSSL_MSG("handshake not complete, trying to finish"); 13765 15085 if ( (err = wolfSSL_negotiate(ssl)) != WOLFSSL_SUCCESS) { 15086 #ifdef WOLFSSL_ASYNC_CRYPT 13766 15087 /* if async would block return WANT_WRITE */ 13767 15088 if (ssl->error == WC_PENDING_E) { 13768 15089 return WOLFSSL_CBIO_ERR_WANT_WRITE; 13769 15090 } 15091 #endif 13770 15092 return err; 13771 15093 } … … 13773 15095 13774 15096 /* last time system socket output buffer was full, try again to send */ 13775 if ( ssl->buffers.outputBuffer.length > 0) {15097 if (!groupMsgs && ssl->buffers.outputBuffer.length > 0) { 13776 15098 WOLFSSL_MSG("output buffer was full, trying to send again"); 13777 15099 if ( (ssl->error = SendBuffered(ssl)) < 0) { 13778 15100 WOLFSSL_ERROR(ssl->error); 13779 if (ssl->error == SOCKET_ERROR_E && ssl->options.connReset) 13780 return 0; /* peer reset */ 15101 if (ssl->error == SOCKET_ERROR_E && (ssl->options.connReset || 15102 ssl->options.isClosed)) { 15103 ssl->error = SOCKET_PEER_CLOSED_E; 15104 WOLFSSL_ERROR(ssl->error); 15105 return 0; /* peer reset or closed */ 15106 } 13781 15107 return ssl->error; 13782 15108 } … … 13811 15137 if (sent == sz) break; 13812 15138 13813 len = min(sz - sent, OUTPUT_RECORD_SIZE); 13814 #ifdef HAVE_MAX_FRAGMENT 13815 len = min(len, ssl->max_fragment); 13816 #endif 15139 len = wolfSSL_GetMaxRecordSize(ssl, sz - sent); 13817 15140 13818 15141 #ifdef WOLFSSL_DTLS … … 13863 15186 ssl->buffers.outputBuffer.length += sendSz; 13864 15187 13865 if ( ( ret= SendBuffered(ssl)) < 0) {13866 WOLFSSL_ERROR( ret);15188 if ( (ssl->error = SendBuffered(ssl)) < 0) { 15189 WOLFSSL_ERROR(ssl->error); 13867 15190 /* store for next call if WANT_WRITE or user embedSend() that 13868 15191 doesn't present like WANT_WRITE */ 13869 15192 ssl->buffers.plainSz = len; 13870 15193 ssl->buffers.prevSent = sent; 13871 if (ret == SOCKET_ERROR_E && ssl->options.connReset) 13872 return 0; /* peer reset */ 13873 return ssl->error = ret; 15194 if (ssl->error == SOCKET_ERROR_E && (ssl->options.connReset || 15195 ssl->options.isClosed)) { 15196 ssl->error = SOCKET_PEER_CLOSED_E; 15197 WOLFSSL_ERROR(ssl->error); 15198 return 0; /* peer reset or closed */ 15199 } 15200 return ssl->error; 13874 15201 } 13875 15202 … … 13878 15205 /* only one message per attempt */ 13879 15206 if (ssl->options.partialWrite == 1) { 13880 WOLFSSL_MSG("Par itial Write on, only sending one record");15207 WOLFSSL_MSG("Partial Write on, only sending one record"); 13881 15208 break; 13882 15209 } … … 13894 15221 13895 15222 /* reset error state */ 13896 if (ssl->error == WANT_READ || ssl->error == WC_PENDING_E) { 15223 if (ssl->error == WANT_READ 15224 #ifdef WOLFSSL_ASYNC_CRYPT 15225 || ssl->error == WC_PENDING_E 15226 #endif 15227 ) { 13897 15228 ssl->error = 0; 13898 15229 } … … 13913 15244 13914 15245 #ifdef WOLFSSL_EARLY_DATA 13915 if (ssl->earlyData ) {15246 if (ssl->earlyData != no_early_data) { 13916 15247 } 13917 15248 else … … 13935 15266 if (ssl->secure_renegotiation && ssl->secure_renegotiation->startScr) { 13936 15267 int err; 13937 ssl->secure_renegotiation->startScr = 0; /* only start once */13938 15268 WOLFSSL_MSG("Need to start scr, server requested"); 13939 15269 if ( (err = wolfSSL_Rehandshake(ssl)) != WOLFSSL_SUCCESS) 13940 15270 return err; 15271 ssl->secure_renegotiation->startScr = 0; /* only start once */ 13941 15272 } 13942 15273 #endif … … 14026 15357 } 14027 15358 15359 #ifdef OPENSSL_EXTRA 15360 if (ssl->CBIS != NULL) { 15361 ssl->CBIS(ssl, SSL_CB_ALERT, type); 15362 } 15363 #endif 14028 15364 #ifdef WOLFSSL_DTLS 14029 15365 if (ssl->options.dtls) … … 14035 15371 if ((ret = CheckAvailableSize(ssl, outputSz)) != 0) 14036 15372 return ret; 15373 15374 /* Check output buffer */ 15375 if (ssl->buffers.outputBuffer.buffer == NULL) 15376 return BUFFER_E; 14037 15377 14038 15378 /* get output buffer */ … … 14072 15412 return BUILD_MSG_ERROR; 14073 15413 14074 #if def WOLFSSL_CALLBACKS15414 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 14075 15415 if (ssl->hsInfoOn) 14076 AddPacketName( "Alert", &ssl->handShakeInfo);15416 AddPacketName(ssl, "Alert"); 14077 15417 if (ssl->toInfoOn) 14078 AddPacketInfo("Alert", &ssl->timeoutInfo, output, sendSz,ssl->heap); 15418 AddPacketInfo(ssl, "Alert", alert, output, sendSz, WRITE_PROTO, 15419 ssl->heap); 14079 15420 #endif 14080 15421 … … 14103 15444 switch (error) { 14104 15445 15446 #ifdef WOLFSSL_WPAS 15447 case 0 : 15448 return "ok"; 15449 #endif 15450 14105 15451 case UNSUPPORTED_SUITE : 14106 15452 return "unsupported cipher suite"; … … 14191 15537 return "handshake layer not ready yet, complete first"; 14192 15538 14193 case PMS_VERSION_ERROR :14194 return "premaster secret version mismatch error";14195 14196 15539 case VERSION_ERROR : 14197 15540 return "record layer version error"; … … 14231 15574 return "NTRU decrypt error"; 14232 15575 14233 case ZLIB_INIT_ERROR:14234 return "zlib init error";14235 14236 case ZLIB_COMPRESS_ERROR:14237 return "zlib compress error";14238 14239 case ZLIB_DECOMPRESS_ERROR:14240 return "zlib decompress error";14241 14242 15576 case GETTIME_ERROR: 14243 15577 return "gettimeofday() error"; … … 14325 15659 return "Suites Pointer Error"; 14326 15660 14327 case SSL_NO_PEM_HEADER:14328 return "No PEM Header Error";14329 14330 15661 case OUT_OF_ORDER_E: 14331 15662 return "Out of order message, fatal"; … … 14430 15761 return "Invalid OCSP Status Error"; 14431 15762 15763 case OCSP_WANT_READ: 15764 return "OCSP nonblock wants read"; 15765 14432 15766 case RSA_KEY_SIZE_E: 14433 15767 return "RSA key too small"; … … 14464 15798 14465 15799 case BAD_KEY_SHARE_DATA: 14466 return "The Key Share data contains group that was in Client Hello";15800 return "The Key Share data contains group that wasn't in Client Hello"; 14467 15801 14468 15802 case MISSING_HANDSHAKE_DATA: … … 14477 15811 case INVALID_PARAMETER: 14478 15812 return "The security parameter is invalid"; 15813 15814 case UNSUPPORTED_EXTENSION: 15815 return "TLS Extension not requested by the client"; 14479 15816 14480 15817 case KEY_SHARE_ERROR: … … 14508 15845 } 14509 15846 14510 14511 /* be sure to add to cipher_name_idx too !!!! */ 14512 static const char* const cipher_names[] = 15847 #ifndef NO_ERROR_STRINGS 15848 #define SUITE_INFO(x,y,z,w) {(x),(y),(z),(w)} 15849 #else 15850 #define SUITE_INFO(x,y,z,w) {(x),(z),(w)} 15851 #endif 15852 15853 static const CipherSuiteInfo cipher_names[] = 14513 15854 { 15855 #ifndef WOLFSSL_NO_TLS12 15856 14514 15857 #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA 14515 "RC4-SHA",15858 SUITE_INFO("RC4-SHA","SSL_RSA_WITH_RC4_128_SHA",CIPHER_BYTE,SSL_RSA_WITH_RC4_128_SHA), 14516 15859 #endif 14517 15860 14518 15861 #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5 14519 "RC4-MD5",15862 SUITE_INFO("RC4-MD5","SSL_RSA_WITH_RC4_128_MD5",CIPHER_BYTE,SSL_RSA_WITH_RC4_128_MD5), 14520 15863 #endif 14521 15864 14522 15865 #ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA 14523 "DES-CBC3-SHA",15866 SUITE_INFO("DES-CBC3-SHA","SSL_RSA_WITH_3DES_EDE_CBC_SHA",CIPHER_BYTE,SSL_RSA_WITH_3DES_EDE_CBC_SHA), 14524 15867 #endif 14525 15868 14526 15869 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA 14527 "AES128-SHA",15870 SUITE_INFO("AES128-SHA","TLS_RSA_WITH_AES_128_CBC_SHA",CIPHER_BYTE,TLS_RSA_WITH_AES_128_CBC_SHA), 14528 15871 #endif 14529 15872 14530 15873 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA 14531 "AES256-SHA",15874 SUITE_INFO("AES256-SHA","TLS_RSA_WITH_AES_256_CBC_SHA",CIPHER_BYTE,TLS_RSA_WITH_AES_256_CBC_SHA), 14532 15875 #endif 14533 15876 14534 15877 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA 14535 "NULL-SHA",15878 SUITE_INFO("NULL-SHA","TLS_RSA_WITH_NULL_SHA",CIPHER_BYTE,TLS_RSA_WITH_NULL_SHA), 14536 15879 #endif 14537 15880 14538 15881 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA256 14539 "NULL-SHA256",15882 SUITE_INFO("NULL-SHA256","TLS_RSA_WITH_NULL_SHA256",CIPHER_BYTE,TLS_RSA_WITH_NULL_SHA256), 14540 15883 #endif 14541 15884 14542 15885 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 14543 "DHE-RSA-AES128-SHA",15886 SUITE_INFO("DHE-RSA-AES128-SHA","TLS_DHE_RSA_WITH_AES_128_CBC_SHA",CIPHER_BYTE,TLS_DHE_RSA_WITH_AES_128_CBC_SHA), 14544 15887 #endif 14545 15888 14546 15889 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 14547 "DHE-RSA-AES256-SHA",15890 SUITE_INFO("DHE-RSA-AES256-SHA","TLS_DHE_RSA_WITH_AES_256_CBC_SHA",CIPHER_BYTE,TLS_DHE_RSA_WITH_AES_256_CBC_SHA), 14548 15891 #endif 14549 15892 14550 15893 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 14551 "DHE-PSK-AES256-GCM-SHA384",15894 SUITE_INFO("DHE-PSK-AES256-GCM-SHA384","TLS_DHE_PSK_WITH_AES_256_GCM_SHA384",CIPHER_BYTE,TLS_DHE_PSK_WITH_AES_256_GCM_SHA384), 14552 15895 #endif 14553 15896 14554 15897 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 14555 "DHE-PSK-AES128-GCM-SHA256",15898 SUITE_INFO("DHE-PSK-AES128-GCM-SHA256","TLS_DHE_PSK_WITH_AES_128_GCM_SHA256",CIPHER_BYTE,TLS_DHE_PSK_WITH_AES_128_GCM_SHA256), 14556 15899 #endif 14557 15900 14558 15901 #ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 14559 "PSK-AES256-GCM-SHA384",15902 SUITE_INFO("PSK-AES256-GCM-SHA384","TLS_PSK_WITH_AES_256_GCM_SHA384",CIPHER_BYTE,TLS_PSK_WITH_AES_256_GCM_SHA384), 14560 15903 #endif 14561 15904 14562 15905 #ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 14563 "PSK-AES128-GCM-SHA256",15906 SUITE_INFO("PSK-AES128-GCM-SHA256","TLS_PSK_WITH_AES_128_GCM_SHA256",CIPHER_BYTE,TLS_PSK_WITH_AES_128_GCM_SHA256), 14564 15907 #endif 14565 15908 14566 15909 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 14567 "DHE-PSK-AES256-CBC-SHA384",15910 SUITE_INFO("DHE-PSK-AES256-CBC-SHA384","TLS_DHE_PSK_WITH_AES_256_CBC_SHA384",CIPHER_BYTE,TLS_DHE_PSK_WITH_AES_256_CBC_SHA384), 14568 15911 #endif 14569 15912 14570 15913 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 14571 "DHE-PSK-AES128-CBC-SHA256",15914 SUITE_INFO("DHE-PSK-AES128-CBC-SHA256","TLS_DHE_PSK_WITH_AES_128_CBC_SHA256",CIPHER_BYTE,TLS_DHE_PSK_WITH_AES_128_CBC_SHA256), 14572 15915 #endif 14573 15916 14574 15917 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 14575 "PSK-AES256-CBC-SHA384",15918 SUITE_INFO("PSK-AES256-CBC-SHA384","TLS_PSK_WITH_AES_256_CBC_SHA384",CIPHER_BYTE,TLS_PSK_WITH_AES_256_CBC_SHA384), 14576 15919 #endif 14577 15920 14578 15921 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 14579 "PSK-AES128-CBC-SHA256",15922 SUITE_INFO("PSK-AES128-CBC-SHA256","TLS_PSK_WITH_AES_128_CBC_SHA256",CIPHER_BYTE,TLS_PSK_WITH_AES_128_CBC_SHA256), 14580 15923 #endif 14581 15924 14582 15925 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA 14583 "PSK-AES128-CBC-SHA",15926 SUITE_INFO("PSK-AES128-CBC-SHA","TLS_PSK_WITH_AES_128_CBC_SHA",CIPHER_BYTE,TLS_PSK_WITH_AES_128_CBC_SHA), 14584 15927 #endif 14585 15928 14586 15929 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA 14587 "PSK-AES256-CBC-SHA",15930 SUITE_INFO("PSK-AES256-CBC-SHA","TLS_PSK_WITH_AES_256_CBC_SHA",CIPHER_BYTE,TLS_PSK_WITH_AES_256_CBC_SHA), 14588 15931 #endif 14589 15932 14590 15933 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM 14591 "DHE-PSK-AES128-CCM",15934 SUITE_INFO("DHE-PSK-AES128-CCM","TLS_DHE_PSK_WITH_AES_128_CCM",ECC_BYTE,TLS_DHE_PSK_WITH_AES_128_CCM), 14592 15935 #endif 14593 15936 14594 15937 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM 14595 "DHE-PSK-AES256-CCM",15938 SUITE_INFO("DHE-PSK-AES256-CCM","TLS_DHE_PSK_WITH_AES_256_CCM",ECC_BYTE,TLS_DHE_PSK_WITH_AES_256_CCM), 14596 15939 #endif 14597 15940 14598 15941 #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM 14599 "PSK-AES128-CCM",15942 SUITE_INFO("PSK-AES128-CCM","TLS_PSK_WITH_AES_128_CCM",ECC_BYTE,TLS_PSK_WITH_AES_128_CCM), 14600 15943 #endif 14601 15944 14602 15945 #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM 14603 "PSK-AES256-CCM",15946 SUITE_INFO("PSK-AES256-CCM","TLS_PSK_WITH_AES_256_CCM",ECC_BYTE,TLS_PSK_WITH_AES_256_CCM), 14604 15947 #endif 14605 15948 14606 15949 #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8 14607 "PSK-AES128-CCM-8",15950 SUITE_INFO("PSK-AES128-CCM-8","TLS_PSK_WITH_AES_128_CCM_8",ECC_BYTE,TLS_PSK_WITH_AES_128_CCM_8), 14608 15951 #endif 14609 15952 14610 15953 #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8 14611 "PSK-AES256-CCM-8",15954 SUITE_INFO("PSK-AES256-CCM-8","TLS_PSK_WITH_AES_256_CCM_8",ECC_BYTE,TLS_PSK_WITH_AES_256_CCM_8), 14612 15955 #endif 14613 15956 14614 15957 #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 14615 "DHE-PSK-NULL-SHA384",15958 SUITE_INFO("DHE-PSK-NULL-SHA384","TLS_DHE_PSK_WITH_NULL_SHA384",CIPHER_BYTE,TLS_DHE_PSK_WITH_NULL_SHA384), 14616 15959 #endif 14617 15960 14618 15961 #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 14619 "DHE-PSK-NULL-SHA256",15962 SUITE_INFO("DHE-PSK-NULL-SHA256","TLS_DHE_PSK_WITH_NULL_SHA256",CIPHER_BYTE,TLS_DHE_PSK_WITH_NULL_SHA256), 14620 15963 #endif 14621 15964 14622 15965 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA384 14623 "PSK-NULL-SHA384",15966 SUITE_INFO("PSK-NULL-SHA384","TLS_PSK_WITH_NULL_SHA384",CIPHER_BYTE,TLS_PSK_WITH_NULL_SHA384), 14624 15967 #endif 14625 15968 14626 15969 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA256 14627 "PSK-NULL-SHA256",15970 SUITE_INFO("PSK-NULL-SHA256","TLS_PSK_WITH_NULL_SHA256",CIPHER_BYTE,TLS_PSK_WITH_NULL_SHA256), 14628 15971 #endif 14629 15972 14630 15973 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA 14631 "PSK-NULL-SHA",15974 SUITE_INFO("PSK-NULL-SHA","TLS_PSK_WITH_NULL_SHA",CIPHER_BYTE,TLS_PSK_WITH_NULL_SHA), 14632 15975 #endif 14633 15976 14634 15977 #ifdef BUILD_TLS_RSA_WITH_HC_128_MD5 14635 "HC128-MD5",15978 SUITE_INFO("HC128-MD5","TLS_RSA_WITH_HC_128_MD5",CIPHER_BYTE,TLS_RSA_WITH_HC_128_MD5), 14636 15979 #endif 14637 15980 14638 15981 #ifdef BUILD_TLS_RSA_WITH_HC_128_SHA 14639 "HC128-SHA",15982 SUITE_INFO("HC128-SHA","TLS_RSA_WITH_HC_128_SHA",CIPHER_BYTE,TLS_RSA_WITH_HC_128_SHA), 14640 15983 #endif 14641 15984 14642 15985 #ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 14643 "HC128-B2B256",15986 SUITE_INFO("HC128-B2B256","TLS_RSA_WITH_HC_128_B2B256",CIPHER_BYTE,TLS_RSA_WITH_HC_128_B2B256), 14644 15987 #endif 14645 15988 14646 15989 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 14647 "AES128-B2B256",15990 SUITE_INFO("AES128-B2B256","TLS_RSA_WITH_AES_128_CBC_B2B256",CIPHER_BYTE,TLS_RSA_WITH_AES_128_CBC_B2B256), 14648 15991 #endif 14649 15992 14650 15993 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 14651 "AES256-B2B256",15994 SUITE_INFO("AES256-B2B256","TLS_RSA_WITH_AES_256_CBC_B2B256",CIPHER_BYTE,TLS_RSA_WITH_AES_256_CBC_B2B256), 14652 15995 #endif 14653 15996 14654 15997 #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA 14655 "RABBIT-SHA",15998 SUITE_INFO("RABBIT-SHA","TLS_RSA_WITH_RABBIT_SHA",CIPHER_BYTE,TLS_RSA_WITH_RABBIT_SHA), 14656 15999 #endif 14657 16000 14658 16001 #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA 14659 "NTRU-RC4-SHA",16002 SUITE_INFO("NTRU-RC4-SHA","TLS_NTRU_RSA_WITH_RC4_128_SHA",CIPHER_BYTE,TLS_NTRU_RSA_WITH_RC4_128_SHA), 14660 16003 #endif 14661 16004 14662 16005 #ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA 14663 "NTRU-DES-CBC3-SHA",16006 SUITE_INFO("NTRU-DES-CBC3-SHA","TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA",CIPHER_BYTE,TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA), 14664 16007 #endif 14665 16008 14666 16009 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA 14667 "NTRU-AES128-SHA",16010 SUITE_INFO("NTRU-AES128-SHA","TLS_NTRU_RSA_WITH_AES_128_CBC_SHA",CIPHER_BYTE,TLS_NTRU_RSA_WITH_AES_128_CBC_SHA), 14668 16011 #endif 14669 16012 14670 16013 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA 14671 "NTRU-AES256-SHA",16014 SUITE_INFO("NTRU-AES256-SHA","TLS_NTRU_RSA_WITH_AES_256_CBC_SHA",CIPHER_BYTE,TLS_NTRU_RSA_WITH_AES_256_CBC_SHA), 14672 16015 #endif 14673 16016 14674 16017 #ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8 14675 "AES128-CCM-8",16018 SUITE_INFO("AES128-CCM-8","TLS_RSA_WITH_AES_128_CCM_8",ECC_BYTE,TLS_RSA_WITH_AES_128_CCM_8), 14676 16019 #endif 14677 16020 14678 16021 #ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8 14679 "AES256-CCM-8",16022 SUITE_INFO("AES256-CCM-8","TLS_RSA_WITH_AES_256_CCM_8",ECC_BYTE,TLS_RSA_WITH_AES_256_CCM_8), 14680 16023 #endif 14681 16024 14682 16025 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 14683 "ECDHE-ECDSA-AES128-CCM",16026 SUITE_INFO("ECDHE-ECDSA-AES128-CCM","TLS_ECDHE_ECDSA_WITH_AES_128_CCM",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_128_CCM), 14684 16027 #endif 14685 16028 14686 16029 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 14687 "ECDHE-ECDSA-AES128-CCM-8",16030 SUITE_INFO("ECDHE-ECDSA-AES128-CCM-8","TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8), 14688 16031 #endif 14689 16032 14690 16033 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 14691 "ECDHE-ECDSA-AES256-CCM-8",16034 SUITE_INFO("ECDHE-ECDSA-AES256-CCM-8","TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8), 14692 16035 #endif 14693 16036 14694 16037 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 14695 "ECDHE-RSA-AES128-SHA",16038 SUITE_INFO("ECDHE-RSA-AES128-SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",ECC_BYTE,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA), 14696 16039 #endif 14697 16040 14698 16041 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 14699 "ECDHE-RSA-AES256-SHA",16042 SUITE_INFO("ECDHE-RSA-AES256-SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",ECC_BYTE,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA), 14700 16043 #endif 14701 16044 14702 16045 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 14703 "ECDHE-ECDSA-AES128-SHA",16046 SUITE_INFO("ECDHE-ECDSA-AES128-SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA), 14704 16047 #endif 14705 16048 14706 16049 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 14707 "ECDHE-ECDSA-AES256-SHA",16050 SUITE_INFO("ECDHE-ECDSA-AES256-SHA","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA), 14708 16051 #endif 14709 16052 14710 16053 #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA 14711 "ECDHE-RSA-RC4-SHA",16054 SUITE_INFO("ECDHE-RSA-RC4-SHA","TLS_ECDHE_RSA_WITH_RC4_128_SHA",ECC_BYTE,TLS_ECDHE_RSA_WITH_RC4_128_SHA), 14712 16055 #endif 14713 16056 14714 16057 #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 14715 "ECDHE-RSA-DES-CBC3-SHA",16058 SUITE_INFO("ECDHE-RSA-DES-CBC3-SHA","TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",ECC_BYTE,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA), 14716 16059 #endif 14717 16060 14718 16061 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 14719 "ECDHE-ECDSA-RC4-SHA",16062 SUITE_INFO("ECDHE-ECDSA-RC4-SHA","TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA), 14720 16063 #endif 14721 16064 14722 16065 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 14723 "ECDHE-ECDSA-DES-CBC3-SHA",16066 SUITE_INFO("ECDHE-ECDSA-DES-CBC3-SHA","TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA), 14724 16067 #endif 14725 16068 14726 16069 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 14727 "AES128-SHA256",16070 SUITE_INFO("AES128-SHA256","TLS_RSA_WITH_AES_128_CBC_SHA256",CIPHER_BYTE,TLS_RSA_WITH_AES_128_CBC_SHA256), 14728 16071 #endif 14729 16072 14730 16073 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 14731 "AES256-SHA256",16074 SUITE_INFO("AES256-SHA256","TLS_RSA_WITH_AES_256_CBC_SHA256",CIPHER_BYTE,TLS_RSA_WITH_AES_256_CBC_SHA256), 14732 16075 #endif 14733 16076 14734 16077 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 14735 "DHE-RSA-AES128-SHA256",16078 SUITE_INFO("DHE-RSA-AES128-SHA256","TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",CIPHER_BYTE,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256), 14736 16079 #endif 14737 16080 14738 16081 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 14739 "DHE-RSA-AES256-SHA256",16082 SUITE_INFO("DHE-RSA-AES256-SHA256","TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",CIPHER_BYTE,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256), 14740 16083 #endif 14741 16084 14742 16085 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 14743 "ECDH-RSA-AES128-SHA",16086 SUITE_INFO("ECDH-RSA-AES128-SHA","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",ECC_BYTE,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA), 14744 16087 #endif 14745 16088 14746 16089 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 14747 "ECDH-RSA-AES256-SHA",16090 SUITE_INFO("ECDH-RSA-AES256-SHA","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",ECC_BYTE,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA), 14748 16091 #endif 14749 16092 14750 16093 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 14751 "ECDH-ECDSA-AES128-SHA",16094 SUITE_INFO("ECDH-ECDSA-AES128-SHA","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",ECC_BYTE,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA), 14752 16095 #endif 14753 16096 14754 16097 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 14755 "ECDH-ECDSA-AES256-SHA",16098 SUITE_INFO("ECDH-ECDSA-AES256-SHA","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",ECC_BYTE,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA), 14756 16099 #endif 14757 16100 14758 16101 #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA 14759 "ECDH-RSA-RC4-SHA",16102 SUITE_INFO("ECDH-RSA-RC4-SHA","TLS_ECDH_RSA_WITH_RC4_128_SHA",ECC_BYTE,TLS_ECDH_RSA_WITH_RC4_128_SHA), 14760 16103 #endif 14761 16104 14762 16105 #ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 14763 "ECDH-RSA-DES-CBC3-SHA",16106 SUITE_INFO("ECDH-RSA-DES-CBC3-SHA","TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",ECC_BYTE,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA), 14764 16107 #endif 14765 16108 14766 16109 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 14767 "ECDH-ECDSA-RC4-SHA",16110 SUITE_INFO("ECDH-ECDSA-RC4-SHA","TLS_ECDH_ECDSA_WITH_RC4_128_SHA",ECC_BYTE,TLS_ECDH_ECDSA_WITH_RC4_128_SHA), 14768 16111 #endif 14769 16112 14770 16113 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 14771 "ECDH-ECDSA-DES-CBC3-SHA",16114 SUITE_INFO("ECDH-ECDSA-DES-CBC3-SHA","TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",ECC_BYTE,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA), 14772 16115 #endif 14773 16116 14774 16117 #ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 14775 "AES128-GCM-SHA256",16118 SUITE_INFO("AES128-GCM-SHA256","TLS_RSA_WITH_AES_128_GCM_SHA256",CIPHER_BYTE,TLS_RSA_WITH_AES_128_GCM_SHA256), 14776 16119 #endif 14777 16120 14778 16121 #ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 14779 "AES256-GCM-SHA384",16122 SUITE_INFO("AES256-GCM-SHA384","TLS_RSA_WITH_AES_256_GCM_SHA384",CIPHER_BYTE,TLS_RSA_WITH_AES_256_GCM_SHA384), 14780 16123 #endif 14781 16124 14782 16125 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 14783 "DHE-RSA-AES128-GCM-SHA256",16126 SUITE_INFO("DHE-RSA-AES128-GCM-SHA256","TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",CIPHER_BYTE,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256), 14784 16127 #endif 14785 16128 14786 16129 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 14787 "DHE-RSA-AES256-GCM-SHA384",16130 SUITE_INFO("DHE-RSA-AES256-GCM-SHA384","TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",CIPHER_BYTE,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384), 14788 16131 #endif 14789 16132 14790 16133 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 14791 "ECDHE-RSA-AES128-GCM-SHA256",16134 SUITE_INFO("ECDHE-RSA-AES128-GCM-SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",ECC_BYTE,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256), 14792 16135 #endif 14793 16136 14794 16137 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 14795 "ECDHE-RSA-AES256-GCM-SHA384",16138 SUITE_INFO("ECDHE-RSA-AES256-GCM-SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",ECC_BYTE,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384), 14796 16139 #endif 14797 16140 14798 16141 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 14799 "ECDHE-ECDSA-AES128-GCM-SHA256",16142 SUITE_INFO("ECDHE-ECDSA-AES128-GCM-SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), 14800 16143 #endif 14801 16144 14802 16145 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 14803 "ECDHE-ECDSA-AES256-GCM-SHA384",16146 SUITE_INFO("ECDHE-ECDSA-AES256-GCM-SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384), 14804 16147 #endif 14805 16148 14806 16149 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 14807 "ECDH-RSA-AES128-GCM-SHA256",16150 SUITE_INFO("ECDH-RSA-AES128-GCM-SHA256","TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",ECC_BYTE,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256), 14808 16151 #endif 14809 16152 14810 16153 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 14811 "ECDH-RSA-AES256-GCM-SHA384",16154 SUITE_INFO("ECDH-RSA-AES256-GCM-SHA384","TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",ECC_BYTE,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384), 14812 16155 #endif 14813 16156 14814 16157 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 14815 "ECDH-ECDSA-AES128-GCM-SHA256",16158 SUITE_INFO("ECDH-ECDSA-AES128-GCM-SHA256","TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",ECC_BYTE,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256), 14816 16159 #endif 14817 16160 14818 16161 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 14819 "ECDH-ECDSA-AES256-GCM-SHA384",16162 SUITE_INFO("ECDH-ECDSA-AES256-GCM-SHA384","TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",ECC_BYTE,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384), 14820 16163 #endif 14821 16164 14822 16165 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 14823 "CAMELLIA128-SHA",16166 SUITE_INFO("CAMELLIA128-SHA","TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",CIPHER_BYTE,TLS_RSA_WITH_CAMELLIA_128_CBC_SHA), 14824 16167 #endif 14825 16168 14826 16169 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 14827 "DHE-RSA-CAMELLIA128-SHA",16170 SUITE_INFO("DHE-RSA-CAMELLIA128-SHA","TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",CIPHER_BYTE,TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA), 14828 16171 #endif 14829 16172 14830 16173 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 14831 "CAMELLIA256-SHA",16174 SUITE_INFO("CAMELLIA256-SHA","TLS_RSA_WITH_CAMELLIA_256_CBC_SHA",CIPHER_BYTE,TLS_RSA_WITH_CAMELLIA_256_CBC_SHA), 14832 16175 #endif 14833 16176 14834 16177 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 14835 "DHE-RSA-CAMELLIA256-SHA",16178 SUITE_INFO("DHE-RSA-CAMELLIA256-SHA","TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",CIPHER_BYTE,TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA), 14836 16179 #endif 14837 16180 14838 16181 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 14839 "CAMELLIA128-SHA256",16182 SUITE_INFO("CAMELLIA128-SHA256","TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256",CIPHER_BYTE,TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256), 14840 16183 #endif 14841 16184 14842 16185 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 14843 "DHE-RSA-CAMELLIA128-SHA256",16186 SUITE_INFO("DHE-RSA-CAMELLIA128-SHA256","TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",CIPHER_BYTE,TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256), 14844 16187 #endif 14845 16188 14846 16189 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 14847 "CAMELLIA256-SHA256",16190 SUITE_INFO("CAMELLIA256-SHA256","TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256",CIPHER_BYTE,TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256), 14848 16191 #endif 14849 16192 14850 16193 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 14851 "DHE-RSA-CAMELLIA256-SHA256",16194 SUITE_INFO("DHE-RSA-CAMELLIA256-SHA256","TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256",CIPHER_BYTE,TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256), 14852 16195 #endif 14853 16196 14854 16197 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 14855 "ECDHE-RSA-AES128-SHA256",16198 SUITE_INFO("ECDHE-RSA-AES128-SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",ECC_BYTE,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256), 14856 16199 #endif 14857 16200 14858 16201 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 14859 "ECDHE-ECDSA-AES128-SHA256",16202 SUITE_INFO("ECDHE-ECDSA-AES128-SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256), 14860 16203 #endif 14861 16204 14862 16205 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 14863 "ECDH-RSA-AES128-SHA256",16206 SUITE_INFO("ECDH-RSA-AES128-SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",ECC_BYTE,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256), 14864 16207 #endif 14865 16208 14866 16209 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 14867 "ECDH-ECDSA-AES128-SHA256",16210 SUITE_INFO("ECDH-ECDSA-AES128-SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",ECC_BYTE,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256), 14868 16211 #endif 14869 16212 14870 16213 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 14871 "ECDHE-RSA-AES256-SHA384",16214 SUITE_INFO("ECDHE-RSA-AES256-SHA384","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",ECC_BYTE,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384), 14872 16215 #endif 14873 16216 14874 16217 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 14875 "ECDHE-ECDSA-AES256-SHA384",16218 SUITE_INFO("ECDHE-ECDSA-AES256-SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384), 14876 16219 #endif 14877 16220 14878 16221 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 14879 "ECDH-RSA-AES256-SHA384",16222 SUITE_INFO("ECDH-RSA-AES256-SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",ECC_BYTE,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384), 14880 16223 #endif 14881 16224 14882 16225 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 14883 "ECDH-ECDSA-AES256-SHA384",16226 SUITE_INFO("ECDH-ECDSA-AES256-SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",ECC_BYTE,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384), 14884 16227 #endif 14885 16228 14886 16229 #ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 14887 "ECDHE-RSA-CHACHA20-POLY1305",16230 SUITE_INFO("ECDHE-RSA-CHACHA20-POLY1305","TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",CHACHA_BYTE,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256), 14888 16231 #endif 14889 16232 14890 16233 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 14891 "ECDHE-ECDSA-CHACHA20-POLY1305",16234 SUITE_INFO("ECDHE-ECDSA-CHACHA20-POLY1305","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",CHACHA_BYTE,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256), 14892 16235 #endif 14893 16236 14894 16237 #ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 14895 "DHE-RSA-CHACHA20-POLY1305",16238 SUITE_INFO("DHE-RSA-CHACHA20-POLY1305","TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",CHACHA_BYTE,TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256), 14896 16239 #endif 14897 16240 14898 16241 #ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 14899 "ECDHE-RSA-CHACHA20-POLY1305-OLD",16242 SUITE_INFO("ECDHE-RSA-CHACHA20-POLY1305-OLD","TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256",CHACHA_BYTE,TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256), 14900 16243 #endif 14901 16244 14902 16245 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256 14903 "ECDHE-ECDSA-CHACHA20-POLY1305-OLD",16246 SUITE_INFO("ECDHE-ECDSA-CHACHA20-POLY1305-OLD","TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256",CHACHA_BYTE,TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256), 14904 16247 #endif 14905 16248 14906 16249 #ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 14907 "DHE-RSA-CHACHA20-POLY1305-OLD",16250 SUITE_INFO("DHE-RSA-CHACHA20-POLY1305-OLD","TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256",CHACHA_BYTE,TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256), 14908 16251 #endif 14909 16252 14910 16253 #ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA 14911 "ADH-AES128-SHA", 16254 SUITE_INFO("ADH-AES128-SHA","TLS_DH_anon_WITH_AES_128_CBC_SHA",CIPHER_BYTE,TLS_DH_anon_WITH_AES_128_CBC_SHA), 16255 #endif 16256 16257 #ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 16258 SUITE_INFO("ADH-AES256-GCM-SHA384","TLS_DH_anon_WITH_AES_256_GCM_SHA384",CIPHER_BYTE,TLS_DH_anon_WITH_AES_256_GCM_SHA384), 14912 16259 #endif 14913 16260 14914 16261 #ifdef BUILD_TLS_QSH 14915 "QSH",16262 SUITE_INFO("QSH","TLS_QSH",QSH_BYTE,TLS_QSH), 14916 16263 #endif 14917 16264 14918 16265 #ifdef HAVE_RENEGOTIATION_INDICATION 14919 "RENEGOTIATION-INFO",16266 SUITE_INFO("RENEGOTIATION-INFO","TLS_EMPTY_RENEGOTIATION_INFO_SCSV",CIPHER_BYTE,TLS_EMPTY_RENEGOTIATION_INFO_SCSV), 14920 16267 #endif 14921 16268 14922 16269 #ifdef BUILD_SSL_RSA_WITH_IDEA_CBC_SHA 14923 "IDEA-CBC-SHA",16270 SUITE_INFO("IDEA-CBC-SHA","SSL_RSA_WITH_IDEA_CBC_SHA",CIPHER_BYTE,SSL_RSA_WITH_IDEA_CBC_SHA), 14924 16271 #endif 14925 16272 14926 16273 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_NULL_SHA 14927 "ECDHE-ECDSA-NULL-SHA",16274 SUITE_INFO("ECDHE-ECDSA-NULL-SHA","TLS_ECDHE_ECDSA_WITH_NULL_SHA",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_NULL_SHA), 14928 16275 #endif 14929 16276 14930 16277 #ifdef BUILD_TLS_ECDHE_PSK_WITH_NULL_SHA256 14931 "ECDHE-PSK-NULL-SHA256",16278 SUITE_INFO("ECDHE-PSK-NULL-SHA256","TLS_ECDHE_PSK_WITH_NULL_SHA256",ECC_BYTE,TLS_ECDHE_PSK_WITH_NULL_SHA256), 14932 16279 #endif 14933 16280 14934 16281 #ifdef BUILD_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 14935 "ECDHE-PSK-AES128-CBC-SHA256",16282 SUITE_INFO("ECDHE-PSK-AES128-CBC-SHA256","TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256",ECC_BYTE,TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256), 14936 16283 #endif 14937 16284 14938 16285 #ifdef BUILD_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 14939 "PSK-CHACHA20-POLY1305",16286 SUITE_INFO("PSK-CHACHA20-POLY1305","TLS_PSK_WITH_CHACHA20_POLY1305_SHA256",CHACHA_BYTE,TLS_PSK_WITH_CHACHA20_POLY1305_SHA256), 14940 16287 #endif 14941 16288 14942 16289 #ifdef BUILD_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 14943 "ECDHE-PSK-CHACHA20-POLY1305",16290 SUITE_INFO("ECDHE-PSK-CHACHA20-POLY1305","TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",CHACHA_BYTE,TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256), 14944 16291 #endif 14945 16292 14946 16293 #ifdef BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 14947 "DHE-PSK-CHACHA20-POLY1305",16294 SUITE_INFO("DHE-PSK-CHACHA20-POLY1305","TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",CHACHA_BYTE,TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256), 14948 16295 #endif 14949 16296 14950 16297 #ifdef BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 14951 "EDH-RSA-DES-CBC3-SHA", 14952 #endif 16298 SUITE_INFO("EDH-RSA-DES-CBC3-SHA","TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",CIPHER_BYTE,TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA), 16299 #endif 16300 16301 #ifdef BUILD_WDM_WITH_NULL_SHA256 16302 SUITE_INFO("WDM-NULL-SHA256","WDM_WITH_NULL_SHA256",CIPHER_BYTE,WDM_WITH_NULL_SHA256), 16303 #endif 16304 16305 #endif /* WOLFSSL_NO_TLS12 */ 14953 16306 14954 16307 #ifdef BUILD_TLS_AES_128_GCM_SHA256 14955 "TLS13-AES128-GCM-SHA256",16308 SUITE_INFO("TLS13-AES128-GCM-SHA256","TLS_AES_128_GCM_SHA256",TLS13_BYTE,TLS_AES_128_GCM_SHA256), 14956 16309 #endif 14957 16310 14958 16311 #ifdef BUILD_TLS_AES_256_GCM_SHA384 14959 "TLS13-AES256-GCM-SHA384",16312 SUITE_INFO("TLS13-AES256-GCM-SHA384","TLS_AES_256_GCM_SHA384",TLS13_BYTE,TLS_AES_256_GCM_SHA384), 14960 16313 #endif 14961 16314 14962 16315 #ifdef BUILD_TLS_CHACHA20_POLY1305_SHA256 14963 "TLS13-CHACHA20-POLY1305-SHA256",16316 SUITE_INFO("TLS13-CHACHA20-POLY1305-SHA256","TLS_CHACHA20_POLY1305_SHA256",TLS13_BYTE,TLS_CHACHA20_POLY1305_SHA256), 14964 16317 #endif 14965 16318 14966 16319 #ifdef BUILD_TLS_AES_128_CCM_SHA256 14967 "TLS13-AES128-CCM-SHA256",16320 SUITE_INFO("TLS13-AES128-CCM-SHA256","TLS_AES_128_CCM_SHA256",TLS13_BYTE,TLS_AES_128_CCM_SHA256), 14968 16321 #endif 14969 16322 14970 16323 #ifdef BUILD_TLS_AES_128_CCM_8_SHA256 14971 "TLS13-AES128-CCM-8-SHA256", 14972 #endif 14973 14974 #ifdef BUILD_WDM_WITH_NULL_SHA256 14975 "WDM-NULL-SHA256", 16324 SUITE_INFO("TLS13-AES128-CCM-8-SHA256","TLS_AES_128_CCM_8_SHA256",TLS13_BYTE,TLS_AES_128_CCM_8_SHA256), 14976 16325 #endif 14977 16326 }; 14978 16327 14979 16328 14980 /* cipher suite number that matches above name table */14981 static int cipher_name_idx[] =14982 {14983 14984 #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA14985 SSL_RSA_WITH_RC4_128_SHA,14986 #endif14987 14988 #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD514989 SSL_RSA_WITH_RC4_128_MD5,14990 #endif14991 14992 #ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA14993 SSL_RSA_WITH_3DES_EDE_CBC_SHA,14994 #endif14995 14996 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA14997 TLS_RSA_WITH_AES_128_CBC_SHA,14998 #endif14999 15000 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA15001 TLS_RSA_WITH_AES_256_CBC_SHA,15002 #endif15003 15004 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA15005 TLS_RSA_WITH_NULL_SHA,15006 #endif15007 15008 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA25615009 TLS_RSA_WITH_NULL_SHA256,15010 #endif15011 15012 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA15013 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,15014 #endif15015 15016 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA15017 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,15018 #endif15019 15020 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA38415021 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,15022 #endif15023 15024 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA25615025 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,15026 #endif15027 15028 #ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA38415029 TLS_PSK_WITH_AES_256_GCM_SHA384,15030 #endif15031 15032 #ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA25615033 TLS_PSK_WITH_AES_128_GCM_SHA256,15034 #endif15035 15036 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA38415037 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,15038 #endif15039 15040 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA25615041 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,15042 #endif15043 15044 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA38415045 TLS_PSK_WITH_AES_256_CBC_SHA384,15046 #endif15047 15048 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA25615049 TLS_PSK_WITH_AES_128_CBC_SHA256,15050 #endif15051 15052 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA15053 TLS_PSK_WITH_AES_128_CBC_SHA,15054 #endif15055 15056 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA15057 TLS_PSK_WITH_AES_256_CBC_SHA,15058 #endif15059 15060 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM15061 TLS_DHE_PSK_WITH_AES_128_CCM,15062 #endif15063 15064 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM15065 TLS_DHE_PSK_WITH_AES_256_CCM,15066 #endif15067 15068 #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM15069 TLS_PSK_WITH_AES_128_CCM,15070 #endif15071 15072 #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM15073 TLS_PSK_WITH_AES_256_CCM,15074 #endif15075 15076 #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_815077 TLS_PSK_WITH_AES_128_CCM_8,15078 #endif15079 15080 #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_815081 TLS_PSK_WITH_AES_256_CCM_8,15082 #endif15083 15084 #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA38415085 TLS_DHE_PSK_WITH_NULL_SHA384,15086 #endif15087 15088 #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA25615089 TLS_DHE_PSK_WITH_NULL_SHA256,15090 #endif15091 15092 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA38415093 TLS_PSK_WITH_NULL_SHA384,15094 #endif15095 15096 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA25615097 TLS_PSK_WITH_NULL_SHA256,15098 #endif15099 15100 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA15101 TLS_PSK_WITH_NULL_SHA,15102 #endif15103 15104 #ifdef BUILD_TLS_RSA_WITH_HC_128_MD515105 TLS_RSA_WITH_HC_128_MD5,15106 #endif15107 15108 #ifdef BUILD_TLS_RSA_WITH_HC_128_SHA15109 TLS_RSA_WITH_HC_128_SHA,15110 #endif15111 15112 #ifdef BUILD_TLS_RSA_WITH_HC_128_B2B25615113 TLS_RSA_WITH_HC_128_B2B256,15114 #endif15115 15116 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B25615117 TLS_RSA_WITH_AES_128_CBC_B2B256,15118 #endif15119 15120 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B25615121 TLS_RSA_WITH_AES_256_CBC_B2B256,15122 #endif15123 15124 #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA15125 TLS_RSA_WITH_RABBIT_SHA,15126 #endif15127 15128 #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA15129 TLS_NTRU_RSA_WITH_RC4_128_SHA,15130 #endif15131 15132 #ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA15133 TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA,15134 #endif15135 15136 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA15137 TLS_NTRU_RSA_WITH_AES_128_CBC_SHA,15138 #endif15139 15140 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA15141 TLS_NTRU_RSA_WITH_AES_256_CBC_SHA,15142 #endif15143 15144 #ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_815145 TLS_RSA_WITH_AES_128_CCM_8,15146 #endif15147 15148 #ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_815149 TLS_RSA_WITH_AES_256_CCM_8,15150 #endif15151 15152 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM15153 TLS_ECDHE_ECDSA_WITH_AES_128_CCM,15154 #endif15155 15156 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_815157 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,15158 #endif15159 15160 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_815161 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,15162 #endif15163 15164 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA15165 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,15166 #endif15167 15168 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA15169 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,15170 #endif15171 15172 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA15173 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,15174 #endif15175 15176 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA15177 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,15178 #endif15179 15180 #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA15181 TLS_ECDHE_RSA_WITH_RC4_128_SHA,15182 #endif15183 15184 #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA15185 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,15186 #endif15187 15188 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA15189 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,15190 #endif15191 15192 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA15193 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,15194 #endif15195 15196 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA25615197 TLS_RSA_WITH_AES_128_CBC_SHA256,15198 #endif15199 15200 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA25615201 TLS_RSA_WITH_AES_256_CBC_SHA256,15202 #endif15203 15204 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA25615205 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,15206 #endif15207 15208 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA25615209 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,15210 #endif15211 15212 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA15213 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,15214 #endif15215 15216 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA15217 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,15218 #endif15219 15220 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA15221 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,15222 #endif15223 15224 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA15225 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,15226 #endif15227 15228 #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA15229 TLS_ECDH_RSA_WITH_RC4_128_SHA,15230 #endif15231 15232 #ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA15233 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,15234 #endif15235 15236 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA15237 TLS_ECDH_ECDSA_WITH_RC4_128_SHA,15238 #endif15239 15240 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA15241 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,15242 #endif15243 15244 #ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA25615245 TLS_RSA_WITH_AES_128_GCM_SHA256,15246 #endif15247 15248 #ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA38415249 TLS_RSA_WITH_AES_256_GCM_SHA384,15250 #endif15251 15252 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA25615253 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,15254 #endif15255 15256 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA38415257 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,15258 #endif15259 15260 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA25615261 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,15262 #endif15263 15264 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA38415265 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,15266 #endif15267 15268 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA25615269 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,15270 #endif15271 15272 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38415273 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,15274 #endif15275 15276 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA25615277 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,15278 #endif15279 15280 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA38415281 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,15282 #endif15283 15284 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA25615285 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,15286 #endif15287 15288 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA38415289 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,15290 #endif15291 15292 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA15293 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,15294 #endif15295 15296 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA15297 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,15298 #endif15299 15300 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA15301 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,15302 #endif15303 15304 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA15305 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,15306 #endif15307 15308 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA25615309 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,15310 #endif15311 15312 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA25615313 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,15314 #endif15315 15316 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA25615317 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,15318 #endif15319 15320 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA25615321 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,15322 #endif15323 15324 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA25615325 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,15326 #endif15327 15328 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA25615329 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,15330 #endif15331 15332 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA25615333 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,15334 #endif15335 15336 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA25615337 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,15338 #endif15339 15340 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA38415341 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,15342 #endif15343 15344 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA38415345 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,15346 #endif15347 15348 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA38415349 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,15350 #endif15351 15352 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA38415353 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,15354 #endif15355 15356 #ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA25615357 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,15358 #endif15359 15360 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA25615361 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,15362 #endif15363 15364 #ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA25615365 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,15366 #endif15367 15368 #ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA25615369 TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256,15370 #endif15371 15372 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA25615373 TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256,15374 #endif15375 15376 #ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA25615377 TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256,15378 #endif15379 15380 #ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA15381 TLS_DH_anon_WITH_AES_128_CBC_SHA,15382 #endif15383 15384 #ifdef BUILD_TLS_QSH15385 TLS_QSH,15386 #endif15387 15388 #ifdef HAVE_RENEGOTIATION_INDICATION15389 TLS_EMPTY_RENEGOTIATION_INFO_SCSV,15390 #endif15391 15392 #ifdef BUILD_SSL_RSA_WITH_IDEA_CBC_SHA15393 SSL_RSA_WITH_IDEA_CBC_SHA,15394 #endif15395 15396 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_NULL_SHA15397 TLS_ECDHE_ECDSA_WITH_NULL_SHA,15398 #endif15399 15400 #ifdef BUILD_TLS_ECDHE_PSK_WITH_NULL_SHA25615401 TLS_ECDHE_PSK_WITH_NULL_SHA256,15402 #endif15403 15404 #ifdef BUILD_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA25615405 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,15406 #endif15407 15408 #ifdef BUILD_TLS_PSK_WITH_CHACHA20_POLY1305_SHA25615409 TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,15410 #endif15411 15412 #ifdef BUILD_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA25615413 TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,15414 #endif15415 15416 #ifdef BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA25615417 TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,15418 #endif15419 15420 #ifdef BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA15421 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,15422 #endif15423 15424 #ifdef BUILD_TLS_AES_128_GCM_SHA25615425 TLS_AES_128_GCM_SHA256,15426 #endif15427 15428 #ifdef BUILD_TLS_AES_256_GCM_SHA38415429 TLS_AES_256_GCM_SHA384,15430 #endif15431 15432 #ifdef BUILD_TLS_CHACHA20_POLY1305_SHA25615433 TLS_CHACHA20_POLY1305_SHA256,15434 #endif15435 15436 #ifdef BUILD_TLS_AES_128_CCM_SHA25615437 TLS_AES_128_CCM_SHA256,15438 #endif15439 15440 #ifdef BUILD_TLS_AES_128_CCM_8_SHA25615441 TLS_AES_128_CCM_8_SHA256,15442 #endif15443 15444 #ifdef BUILD_WDM_WITH_NULL_SHA25615445 WDM_WITH_NULL_SHA256,15446 #endif15447 };15448 15449 15450 16329 /* returns the cipher_names array */ 15451 const char* const* GetCipherNames(void)16330 const CipherSuiteInfo* GetCipherNames(void) 15452 16331 { 15453 16332 return cipher_names; … … 15455 16334 15456 16335 15457 /* returns the size ofthe cipher_names array */16336 /* returns the number of elements in the cipher_names array */ 15458 16337 int GetCipherNamesSize(void) 15459 16338 { 15460 return (int)(sizeof(cipher_names) / sizeof( char*));16339 return (int)(sizeof(cipher_names) / sizeof(CipherSuiteInfo)); 15461 16340 } 15462 16341 15463 /* gets cipher name in the format DHE-RSA-... rather then TLS_DHE... */ 15464 const char* GetCipherNameInternal(const char* cipherName, intcipherSuite)16342 16343 const char* GetCipherNameInternal(const byte cipherSuite0, const byte cipherSuite) 15465 16344 { 15466 const char* result = NULL;15467 const char* first;15468 16345 int i; 15469 15470 if (cipherName == NULL) { 15471 WOLFSSL_MSG("Bad argument"); 15472 return NULL; 15473 } 15474 15475 first = (XSTRSTR(cipherName, "CHACHA")) ? "CHACHA" 15476 : (XSTRSTR(cipherName, "EC")) ? "EC" 15477 : (XSTRSTR(cipherName, "CCM")) ? "CCM" 15478 : NULL; /* normal */ 15479 15480 for (i = 0; i < (int)(sizeof(cipher_name_idx)/sizeof(int)); i++) { 15481 if (cipher_name_idx[i] == cipherSuite) { 15482 const char* nameFound = cipher_names[i]; 15483 15484 /* extra sanity check on returned cipher name */ 15485 if (nameFound == NULL) { 15486 continue; 15487 } 15488 15489 /* if first is null then not any */ 15490 if (first == NULL) { 15491 if ( !XSTRSTR(nameFound, "CHACHA") && 15492 !XSTRSTR(nameFound, "EC") && 15493 !XSTRSTR(nameFound, "CCM")) { 15494 result = nameFound; 15495 break; 15496 } 15497 } 15498 else if (XSTRSTR(nameFound, first)) { 15499 result = nameFound; 15500 break; 15501 } 15502 } 15503 } 15504 15505 return result; 16346 const char* nameInternal = NULL; 16347 16348 for (i = 0; i < GetCipherNamesSize(); i++) { 16349 if ((cipher_names[i].cipherSuite0 == cipherSuite0) && 16350 (cipher_names[i].cipherSuite == cipherSuite)) { 16351 nameInternal = cipher_names[i].name; 16352 break; 16353 } 16354 } 16355 return nameInternal; 16356 } 16357 16358 const char* GetCipherNameIana(const byte cipherSuite0, const byte cipherSuite) 16359 { 16360 #ifndef NO_ERROR_STRINGS 16361 int i; 16362 const char* nameIana = "NONE"; 16363 16364 for (i = 0; i < GetCipherNamesSize(); i++) { 16365 if ((cipher_names[i].cipherSuite0 == cipherSuite0) && 16366 (cipher_names[i].cipherSuite == cipherSuite)) { 16367 nameIana = cipher_names[i].name_iana; 16368 break; 16369 } 16370 } 16371 return nameIana; 16372 #else 16373 (void)cipherSuite0; 16374 (void)cipherSuite; 16375 return NULL; 16376 #endif 15506 16377 } 15507 16378 … … 15509 16380 { 15510 16381 if (ssl == NULL) { 15511 WOLFSSL_MSG("Bad argument");15512 16382 return NULL; 15513 16383 } 15514 16384 15515 return GetCipherNameInternal( 15516 wolfSSL_CIPHER_get_name(&ssl->cipher), 15517 ssl->options.cipherSuite); 16385 return GetCipherNameInternal(ssl->options.cipherSuite0, ssl->options.cipherSuite); 15518 16386 } 15519 16387 15520 15521 const char* wolfSSL_get_cipher_name_from_suite(const unsigned char cipherSuite, 15522 const unsigned char cipherSuite0) 16388 const char* wolfSSL_get_cipher_name_iana(WOLFSSL* ssl) 15523 16389 { 15524 15525 WOLFSSL_ENTER("wolfSSL_get_cipher_name_from_suite"); 15526 15527 (void)cipherSuite; 15528 (void)cipherSuite0; 15529 15530 #ifndef NO_ERROR_STRINGS 15531 15532 #if defined(HAVE_CHACHA) 15533 if (cipherSuite0 == CHACHA_BYTE) { 15534 /* ChaCha suites */ 15535 switch (cipherSuite) { 15536 #ifdef HAVE_POLY1305 15537 #ifndef NO_RSA 15538 case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 : 15539 return "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"; 15540 15541 case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 : 15542 return "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"; 15543 15544 case TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 : 15545 return "TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256"; 15546 15547 case TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 : 15548 return "TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256"; 15549 #endif 15550 case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 : 15551 return "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"; 15552 15553 case TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256 : 15554 return "TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256"; 15555 #ifndef NO_PSK 15556 case TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 : 15557 return "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"; 15558 case TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 : 15559 return "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"; 15560 case TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 : 15561 return "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"; 15562 #endif /* NO_PSK */ 15563 #endif /* HAVE_POLY1305 */ 15564 } /* switch */ 15565 } /* chacha */ 15566 #endif /* HAVE_CHACHA */ 15567 15568 #if defined(HAVE_ECC) || defined(HAVE_AESCCM) 15569 /* Awkwardly, the ECC cipher suites use the ECC_BYTE as expected, 15570 * but the AES-CCM cipher suites also use it, even the ones that 15571 * aren't ECC. */ 15572 if (cipherSuite0 == ECC_BYTE) { 15573 /* ECC suites */ 15574 switch (cipherSuite) { 15575 #ifdef HAVE_ECC 15576 #ifndef NO_RSA 15577 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : 15578 return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"; 15579 #endif /* !NO_RSA */ 15580 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 : 15581 return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"; 15582 #ifndef NO_RSA 15583 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 : 15584 return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"; 15585 #endif /* !NO_RSA */ 15586 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 : 15587 return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"; 15588 #ifndef NO_RSA 15589 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : 15590 return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"; 15591 #endif /* !NO_RSA */ 15592 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 : 15593 return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"; 15594 #ifndef NO_RSA 15595 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 : 15596 return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"; 15597 #endif /* !NO_RSA */ 15598 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 : 15599 return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"; 15600 #ifndef NO_SHA 15601 #ifndef NO_RSA 15602 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : 15603 return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"; 15604 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : 15605 return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"; 15606 #endif /* !NO_RSA */ 15607 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : 15608 return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"; 15609 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : 15610 return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"; 15611 #ifndef NO_RC4 15612 #ifndef NO_RSA 15613 case TLS_ECDHE_RSA_WITH_RC4_128_SHA : 15614 return "TLS_ECDHE_RSA_WITH_RC4_128_SHA"; 15615 #endif /* !NO_RSA */ 15616 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : 15617 return "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"; 15618 #endif /* !NO_RC4 */ 15619 #ifndef NO_DES3 15620 #ifndef NO_RSA 15621 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : 15622 return "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"; 15623 #endif /* !NO_RSA */ 15624 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : 15625 return "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"; 15626 #endif /* !NO_DES3 */ 15627 15628 #ifndef NO_RSA 15629 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA : 15630 return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"; 15631 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : 15632 return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"; 15633 #endif /* !NO_RSA */ 15634 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : 15635 return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"; 15636 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : 15637 return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"; 15638 #ifndef NO_RC4 15639 #ifndef NO_RSA 15640 case TLS_ECDH_RSA_WITH_RC4_128_SHA : 15641 return "TLS_ECDH_RSA_WITH_RC4_128_SHA"; 15642 #endif /* !NO_RSA */ 15643 case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : 15644 return "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"; 15645 #endif /* !NO_RC4 */ 15646 #ifndef NO_DES3 15647 #ifndef NO_RSA 15648 case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA : 15649 return "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"; 15650 #endif /* !NO_RSA */ 15651 case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : 15652 return "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"; 15653 #endif /* !NO_DES3 */ 15654 #endif /* HAVE_ECC */ 15655 15656 #ifdef HAVE_AESGCM 15657 #ifndef NO_RSA 15658 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : 15659 return "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"; 15660 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 : 15661 return "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"; 15662 #endif /* !NO_RSA */ 15663 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 : 15664 return "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"; 15665 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 : 15666 return "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"; 15667 #ifndef NO_RSA 15668 case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 : 15669 return "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"; 15670 case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 : 15671 return "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"; 15672 #endif /* !NO_RSA */ 15673 case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 : 15674 return "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"; 15675 case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 : 15676 return "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"; 15677 #endif /* HAVE_AESGCM */ 15678 15679 case TLS_ECDHE_ECDSA_WITH_NULL_SHA : 15680 return "TLS_ECDHE_ECDSA_WITH_NULL_SHA"; 15681 #ifndef NO_PSK 15682 case TLS_ECDHE_PSK_WITH_NULL_SHA256 : 15683 return "TLS_ECDHE_PSK_WITH_NULL_SHA256"; 15684 case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 : 15685 return "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"; 15686 #endif /* !NO_PSK */ 15687 #ifndef NO_RSA 15688 case TLS_RSA_WITH_AES_128_CCM_8 : 15689 return "TLS_RSA_WITH_AES_128_CCM_8"; 15690 case TLS_RSA_WITH_AES_256_CCM_8 : 15691 return "TLS_RSA_WITH_AES_256_CCM_8"; 15692 #endif /* !NO_RSA */ 15693 #ifndef NO_PSK 15694 case TLS_PSK_WITH_AES_128_CCM_8 : 15695 return "TLS_PSK_WITH_AES_128_CCM_8"; 15696 case TLS_PSK_WITH_AES_256_CCM_8 : 15697 return "TLS_PSK_WITH_AES_256_CCM_8"; 15698 case TLS_PSK_WITH_AES_128_CCM : 15699 return "TLS_PSK_WITH_AES_128_CCM"; 15700 case TLS_PSK_WITH_AES_256_CCM : 15701 return "TLS_PSK_WITH_AES_256_CCM"; 15702 case TLS_DHE_PSK_WITH_AES_128_CCM : 15703 return "TLS_DHE_PSK_WITH_AES_128_CCM"; 15704 case TLS_DHE_PSK_WITH_AES_256_CCM : 15705 return "TLS_DHE_PSK_WITH_AES_256_CCM"; 15706 #endif /* !NO_PSK */ 15707 #ifdef HAVE_ECC 15708 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM: 15709 return "TLS_ECDHE_ECDSA_WITH_AES_128_CCM"; 15710 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: 15711 return "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"; 15712 case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : 15713 return "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"; 15714 #endif /* HAVE_ECC */ 15715 #endif /* HAVE_AESGCM */ 15716 15717 default: 15718 return "NONE"; 15719 } /* switch */ 15720 } /* ECC and AES CCM/GCM */ 15721 #endif /* HAVE_ECC || HAVE_AESCCM*/ 15722 15723 if (cipherSuite0 == TLS13_BYTE) { 15724 /* TLS v1.3 suites */ 15725 switch (cipherSuite) { 15726 #ifdef WOLFSSL_TLS13 15727 #ifdef HAVE_AESGCM 15728 case TLS_AES_128_GCM_SHA256 : 15729 return "TLS_AES_128_GCM_SHA256"; 15730 case TLS_AES_256_GCM_SHA384 : 15731 return "TLS_AES_256_GCM_SHA384"; 15732 #endif 15733 15734 #ifdef HAVE_CHACHA 15735 case TLS_CHACHA20_POLY1305_SHA256 : 15736 return "TLS_CHACHA20_POLY1305_SHA256"; 15737 #endif 15738 15739 #ifdef HAVE_AESCCM 15740 case TLS_AES_128_CCM_SHA256 : 15741 return "TLS_AES_128_CCM_SHA256"; 15742 case TLS_AES_128_CCM_8_SHA256 : 15743 return "TLS_AES_256_CCM_8_SHA256"; 15744 #endif 15745 #endif 15746 15747 default: 15748 return "NONE"; 15749 } 15750 } 15751 15752 if (cipherSuite0 != ECC_BYTE && 15753 cipherSuite0 != CHACHA_BYTE && 15754 cipherSuite0 != TLS13_BYTE) { 15755 15756 /* normal suites */ 15757 switch (cipherSuite) { 15758 #ifndef NO_RSA 15759 #ifndef NO_RC4 15760 #ifndef NO_SHA 15761 case SSL_RSA_WITH_RC4_128_SHA : 15762 return "SSL_RSA_WITH_RC4_128_SHA"; 15763 #endif /* !NO_SHA */ 15764 #ifndef NO_MD5 15765 case SSL_RSA_WITH_RC4_128_MD5 : 15766 return "SSL_RSA_WITH_RC4_128_MD5"; 15767 #endif /* !NO_MD5 */ 15768 #endif /* !NO_RC4 */ 15769 #ifndef NO_SHA 15770 #ifndef NO_DES3 15771 case SSL_RSA_WITH_3DES_EDE_CBC_SHA : 15772 return "SSL_RSA_WITH_3DES_EDE_CBC_SHA"; 15773 #endif /* !NO_DES3 */ 15774 #ifdef HAVE_IDEA 15775 case SSL_RSA_WITH_IDEA_CBC_SHA : 15776 return "SSL_RSA_WITH_IDEA_CBC_SHA"; 15777 #endif /* HAVE_IDEA */ 15778 15779 case TLS_RSA_WITH_AES_128_CBC_SHA : 15780 return "TLS_RSA_WITH_AES_128_CBC_SHA"; 15781 case TLS_RSA_WITH_AES_256_CBC_SHA : 15782 return "TLS_RSA_WITH_AES_256_CBC_SHA"; 15783 #endif /* !NO_SHA */ 15784 case TLS_RSA_WITH_AES_128_CBC_SHA256 : 15785 return "TLS_RSA_WITH_AES_128_CBC_SHA256"; 15786 case TLS_RSA_WITH_AES_256_CBC_SHA256 : 15787 return "TLS_RSA_WITH_AES_256_CBC_SHA256"; 15788 #ifdef HAVE_BLAKE2 15789 case TLS_RSA_WITH_AES_128_CBC_B2B256: 15790 return "TLS_RSA_WITH_AES_128_CBC_B2B256"; 15791 case TLS_RSA_WITH_AES_256_CBC_B2B256: 15792 return "TLS_RSA_WITH_AES_256_CBC_B2B256"; 15793 #endif /* HAVE_BLAKE2 */ 15794 #ifndef NO_SHA 15795 case TLS_RSA_WITH_NULL_SHA : 15796 return "TLS_RSA_WITH_NULL_SHA"; 15797 #endif /* !NO_SHA */ 15798 case TLS_RSA_WITH_NULL_SHA256 : 15799 return "TLS_RSA_WITH_NULL_SHA256"; 15800 #endif /* NO_RSA */ 15801 15802 #ifndef NO_PSK 15803 #ifndef NO_SHA 15804 case TLS_PSK_WITH_AES_128_CBC_SHA : 15805 return "TLS_PSK_WITH_AES_128_CBC_SHA"; 15806 case TLS_PSK_WITH_AES_256_CBC_SHA : 15807 return "TLS_PSK_WITH_AES_256_CBC_SHA"; 15808 #endif /* !NO_SHA */ 15809 #ifndef NO_SHA256 15810 case TLS_PSK_WITH_AES_128_CBC_SHA256 : 15811 return "TLS_PSK_WITH_AES_128_CBC_SHA256"; 15812 case TLS_PSK_WITH_NULL_SHA256 : 15813 return "TLS_PSK_WITH_NULL_SHA256"; 15814 case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 : 15815 return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"; 15816 case TLS_DHE_PSK_WITH_NULL_SHA256 : 15817 return "TLS_DHE_PSK_WITH_NULL_SHA256"; 15818 #ifdef HAVE_AESGCM 15819 case TLS_PSK_WITH_AES_128_GCM_SHA256 : 15820 return "TLS_PSK_WITH_AES_128_GCM_SHA256"; 15821 case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 : 15822 return "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"; 15823 #endif /* HAVE_AESGCM */ 15824 #endif /* !NO_SHA256 */ 15825 #ifdef WOLFSSL_SHA384 15826 case TLS_PSK_WITH_AES_256_CBC_SHA384 : 15827 return "TLS_PSK_WITH_AES_256_CBC_SHA384"; 15828 case TLS_PSK_WITH_NULL_SHA384 : 15829 return "TLS_PSK_WITH_NULL_SHA384"; 15830 case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 : 15831 return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"; 15832 case TLS_DHE_PSK_WITH_NULL_SHA384 : 15833 return "TLS_DHE_PSK_WITH_NULL_SHA384"; 15834 #ifdef HAVE_AESGCM 15835 case TLS_PSK_WITH_AES_256_GCM_SHA384 : 15836 return "TLS_PSK_WITH_AES_256_GCM_SHA384"; 15837 case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 : 15838 return "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"; 15839 #endif /* HAVE_AESGCM */ 15840 #endif /* WOLFSSL_SHA384 */ 15841 #ifndef NO_SHA 15842 case TLS_PSK_WITH_NULL_SHA : 15843 return "TLS_PSK_WITH_NULL_SHA"; 15844 #endif /* !NO_SHA */ 15845 #endif /* NO_PSK */ 15846 15847 #ifndef NO_RSA 15848 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : 15849 return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"; 15850 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 : 15851 return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"; 15852 #ifndef NO_SHA 15853 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA : 15854 return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"; 15855 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA : 15856 return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"; 15857 #ifndef NO_DES3 15858 case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: 15859 return "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"; 15860 #endif 15861 #endif /* !NO_RSA */ 15862 #ifndef NO_HC128 15863 #ifndef NO_MD5 15864 case TLS_RSA_WITH_HC_128_MD5 : 15865 return "TLS_RSA_WITH_HC_128_MD5"; 15866 #endif /* !NO_MD5 */ 15867 #ifndef NO_SHA 15868 case TLS_RSA_WITH_HC_128_SHA : 15869 return "TLS_RSA_WITH_HC_128_SHA"; 15870 #endif /* !NO_SHA */ 15871 #ifdef HAVE_BLAKE2 15872 case TLS_RSA_WITH_HC_128_B2B256: 15873 return "TLS_RSA_WITH_HC_128_B2B256"; 15874 #endif /* HAVE_BLAKE2 */ 15875 #endif /* !NO_HC128 */ 15876 #ifndef NO_SHA 15877 #ifndef NO_RABBIT 15878 case TLS_RSA_WITH_RABBIT_SHA : 15879 return "TLS_RSA_WITH_RABBIT_SHA"; 15880 #endif /* !NO_RABBIT */ 15881 #ifdef HAVE_NTRU 15882 #ifndef NO_RC4 15883 case TLS_NTRU_RSA_WITH_RC4_128_SHA : 15884 return "TLS_NTRU_RSA_WITH_RC4_128_SHA"; 15885 #endif /* !NO_RC4 */ 15886 #ifndef NO_DES3 15887 case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : 15888 return "TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA"; 15889 #endif /* !NO_DES3 */ 15890 case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : 15891 return "TLS_NTRU_RSA_WITH_AES_128_CBC_SHA"; 15892 case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : 15893 return "TLS_NTRU_RSA_WITH_AES_256_CBC_SHA"; 15894 #endif /* HAVE_NTRU */ 15895 15896 #ifdef HAVE_QSH 15897 case TLS_QSH : 15898 return "TLS_QSH"; 15899 #endif /* HAVE_QSH */ 15900 #endif /* !NO_SHA */ 15901 15902 case TLS_RSA_WITH_AES_128_GCM_SHA256 : 15903 return "TLS_RSA_WITH_AES_128_GCM_SHA256"; 15904 case TLS_RSA_WITH_AES_256_GCM_SHA384 : 15905 return "TLS_RSA_WITH_AES_256_GCM_SHA384"; 15906 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 : 15907 return "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"; 15908 case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 : 15909 return "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"; 15910 #ifndef NO_SHA 15911 case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : 15912 return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"; 15913 case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : 15914 return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"; 15915 #endif /* !NO_SHA */ 15916 case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : 15917 return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"; 15918 case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 : 15919 return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"; 15920 #ifndef NO_SHA 15921 case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : 15922 return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"; 15923 case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : 15924 return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"; 15925 #endif /* !NO_SHA */ 15926 case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 : 15927 return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"; 15928 case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 : 15929 return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"; 15930 #endif /* !NO_PSK */ 15931 15932 #ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA 15933 case TLS_DH_anon_WITH_AES_128_CBC_SHA : 15934 return "TLS_DH_anon_WITH_AES_128_CBC_SHA"; 15935 #endif 15936 #ifdef BUILD_WDM_WITH_NULL_SHA256 15937 case WDM_WITH_NULL_SHA256 : 15938 return "WDM_WITH_NULL_SHA256"; 15939 #endif 15940 default: 15941 return "NONE"; 15942 } /* switch */ 15943 } /* normal / PSK */ 15944 #endif /* NO_ERROR_STRINGS */ 15945 15946 return "NONE"; 16390 if (ssl == NULL) { 16391 return NULL; 16392 } 16393 16394 return GetCipherNameIana(ssl->options.cipherSuite0, ssl->options.cipherSuite); 15947 16395 } 15948 16396 16397 int GetCipherSuiteFromName(const char* name, byte* cipherSuite0, 16398 byte* cipherSuite) 16399 { 16400 int ret = BAD_FUNC_ARG; 16401 int i; 16402 unsigned long len = (unsigned long)XSTRLEN(name); 16403 16404 for (i = 0; i < GetCipherNamesSize(); i++) { 16405 if (XSTRNCMP(name, cipher_names[i].name, len) == 0) { 16406 *cipherSuite0 = cipher_names[i].cipherSuite0; 16407 *cipherSuite = cipher_names[i].cipherSuite; 16408 ret = 0; 16409 break; 16410 } 16411 } 16412 16413 return ret; 16414 } 15949 16415 15950 16416 /** … … 15974 16440 if (next[0] == 0 || XSTRNCMP(next, "ALL", 3) == 0 || 15975 16441 XSTRNCMP(next, "DEFAULT", 7) == 0) 15976 return 1; /* wolfSSL def ualt */16442 return 1; /* wolfSSL default */ 15977 16443 15978 16444 do { … … 15990 16456 15991 16457 for (i = 0; i < suiteSz; i++) { 15992 if (XSTRNCMP(name, cipher_names[i] , sizeof(name)) == 0) {16458 if (XSTRNCMP(name, cipher_names[i].name, sizeof(name)) == 0) { 15993 16459 #ifdef WOLFSSL_DTLS 15994 16460 /* don't allow stream ciphers with DTLS */ … … 16010 16476 } 16011 16477 16012 suites->suites[idx++] = (XSTRSTR(name, "TLS13")) ? TLS13_BYTE 16013 : (XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE 16014 : (XSTRSTR(name, "QSH")) ? QSH_BYTE 16015 : (XSTRSTR(name, "EC")) ? ECC_BYTE 16016 : (XSTRSTR(name, "CCM")) ? ECC_BYTE 16017 : 0x00; /* normal */ 16018 suites->suites[idx++] = (byte)cipher_name_idx[i]; 16019 16478 suites->suites[idx++] = 16479 #ifdef WOLFSSL_TLS13 16480 (XSTRSTR(name, "TLS13")) ? TLS13_BYTE : 16481 #endif 16482 #ifdef HAVE_CHACHA 16483 (XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE : 16484 #endif 16485 #ifdef HAVE_QSH 16486 (XSTRSTR(name, "QSH")) ? QSH_BYTE : 16487 #endif 16488 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 16489 (XSTRSTR(name, "EC")) ? ECC_BYTE : 16490 #endif 16491 #ifdef HAVE_AESCCM 16492 (XSTRSTR(name, "CCM")) ? ECC_BYTE : 16493 #endif 16494 CIPHER_BYTE; /* normal */ 16495 16496 suites->suites[idx++] = cipher_names[i].cipherSuite; 16020 16497 /* The suites are either ECDSA, RSA, PSK, or Anon. The RSA 16021 16498 * suites don't necessarily have RSA in the name. */ 16499 #ifdef WOLFSSL_TLS13 16022 16500 if (XSTRSTR(name, "TLS13")) { 16501 #ifndef NO_RSA 16023 16502 haveRSAsig = 1; 16503 #endif 16504 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 16024 16505 haveECDSAsig = 1; 16506 #endif 16025 16507 } 16026 else if ((haveECDSAsig == 0) && XSTRSTR(name, "ECDSA")) 16508 else 16509 #endif 16510 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 16511 if ((haveECDSAsig == 0) && XSTRSTR(name, "ECDSA")) 16027 16512 haveECDSAsig = 1; 16028 else if (XSTRSTR(name, "ADH")) 16513 else 16514 #endif 16515 #ifdef HAVE_ANON 16516 if (XSTRSTR(name, "ADH")) 16029 16517 haveAnon = 1; 16030 else if ((haveRSAsig == 0) && (XSTRSTR(name, "PSK") == NULL)) 16518 else 16519 #endif 16520 if (haveRSAsig == 0 16521 #ifndef NO_PSK 16522 && (XSTRSTR(name, "PSK") == NULL) 16523 #endif 16524 ) { 16031 16525 haveRSAsig = 1; 16526 } 16032 16527 16033 16528 ret = 1; /* found at least one */ … … 16054 16549 } 16055 16550 16551 16056 16552 #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_CERTS) 16057 16553 void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, … … 16069 16565 #endif 16070 16566 } 16567 #ifndef WOLFSSL_NO_TLS12 16071 16568 else if (IsAtLeastTLSv1_2(ssl)) { 16072 16569 #ifdef WOLFSSL_ALLOW_TLS_SHA1 … … 16079 16576 ssl->suites->hashAlgo = sha_mac; 16080 16577 } 16578 #endif 16081 16579 16082 16580 /* i+1 since peek a byte ahead for type */ … … 16085 16583 16086 16584 DecodeSigAlg(&hashSigAlgo[i], &hashAlgo, &sigAlgo); 16087 #ifdef HAVE_E CC16585 #ifdef HAVE_ED25519 16088 16586 if (ssl->pkCurveOID == ECC_ED25519_OID && sigAlgo != ed25519_sa_algo) 16089 16587 continue; … … 16096 16594 } 16097 16595 #endif 16596 /* For ECDSA the `USE_ECDSA_KEYSZ_HASH_ALGO` build option will choose a hash 16597 * algorithm that matches the ephemeral ECDHE key size or the next higest 16598 * available. This workaround resolves issue with some peer's that do not 16599 * properly support scenarios such as a P-256 key hashed with SHA512. 16600 */ 16601 #if defined(HAVE_ECC) && defined(USE_ECDSA_KEYSZ_HASH_ALGO) 16602 if (sigAlgo == ssl->suites->sigAlgo && sigAlgo == ecc_dsa_sa_algo) { 16603 word32 digestSz = 0; 16604 switch (hashAlgo) { 16605 #ifndef NO_SHA 16606 case sha_mac: 16607 digestSz = WC_SHA_DIGEST_SIZE; 16608 break; 16609 #endif 16610 #ifndef NO_SHA256 16611 case sha256_mac: 16612 digestSz = WC_SHA256_DIGEST_SIZE; 16613 break; 16614 #endif 16615 #ifdef WOLFSSL_SHA384 16616 case sha384_mac: 16617 digestSz = WC_SHA384_DIGEST_SIZE; 16618 break; 16619 #endif 16620 #ifdef WOLFSSL_SHA512 16621 case sha512_mac: 16622 digestSz = WC_SHA512_DIGEST_SIZE; 16623 break; 16624 #endif 16625 default: 16626 continue; 16627 } 16628 16629 /* For ecc_dsa_sa_algo, pick hash algo that is curve size unless 16630 algorithm in not compiled in, then choose next highest */ 16631 if (digestSz == ssl->eccTempKeySz) { 16632 ssl->suites->hashAlgo = hashAlgo; 16633 ssl->suites->sigAlgo = sigAlgo; 16634 return; /* done selected sig/hash algorithms */ 16635 } 16636 /* not strong enough, so keep checking hashSigAlso list */ 16637 if (digestSz < ssl->eccTempKeySz) 16638 continue; 16639 16640 /* mark as highest and check remainder of hashSigAlgo list */ 16641 ssl->suites->hashAlgo = hashAlgo; 16642 ssl->suites->sigAlgo = sigAlgo; 16643 } 16644 else 16645 #endif 16098 16646 if (sigAlgo == ssl->suites->sigAlgo || (sigAlgo == rsa_pss_sa_algo && 16099 16647 ssl->suites->sigAlgo == rsa_sa_algo)) { 16100 if (hashAlgo == sha_mac) { 16648 /* pick highest available between both server and client */ 16649 switch (hashAlgo) { 16650 case sha_mac: 16651 #ifndef NO_SHA256 16652 case sha256_mac: 16653 #endif 16654 #ifdef WOLFSSL_SHA384 16655 case sha384_mac: 16656 #endif 16657 #ifdef WOLFSSL_SHA512 16658 case sha512_mac: 16659 #endif 16660 /* not strong enough, so keep checking hashSigAlso list */ 16661 if (hashAlgo < ssl->suites->hashAlgo) 16662 continue; 16663 /* mark as highest and check remainder of hashSigAlgo list */ 16664 ssl->suites->hashAlgo = hashAlgo; 16101 16665 ssl->suites->sigAlgo = sigAlgo; 16102 16666 break; 16103 } 16104 #ifndef NO_SHA256 16105 else if (hashAlgo == sha256_mac) { 16106 ssl->suites->hashAlgo = sha256_mac; 16107 ssl->suites->sigAlgo = sigAlgo; 16108 break; 16109 } 16110 #endif 16111 #ifdef WOLFSSL_SHA384 16112 else if (hashAlgo == sha384_mac) { 16113 ssl->suites->hashAlgo = sha384_mac; 16114 ssl->suites->sigAlgo = sigAlgo; 16115 break; 16116 } 16117 #endif 16118 #ifdef WOLFSSL_SHA512 16119 else if (hashAlgo == sha512_mac) { 16120 ssl->suites->hashAlgo = sha512_mac; 16121 ssl->suites->sigAlgo = sigAlgo; 16122 break; 16123 } 16124 #endif 16667 default: 16668 continue; 16669 } 16670 break; 16125 16671 } 16126 16672 else if (ssl->specs.sig_algo == 0) { … … 16128 16674 } 16129 16675 } 16130 16131 16676 } 16132 16677 #endif /* !defined(NO_WOLFSSL_SERVER) || !defined(NO_CERTS) */ 16133 16678 16134 #if def WOLFSSL_CALLBACKS16135 16136 /* Initiali sze HandShakeInfo */16679 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 16680 16681 /* Initialize HandShakeInfo */ 16137 16682 void InitHandShakeInfo(HandShakeInfo* info, WOLFSSL* ssl) 16138 16683 { … … 16151 16696 { 16152 16697 int i; 16153 int sz = sizeof(cipher_name_idx)/sizeof(int);16698 int sz = GetCipherNamesSize(); 16154 16699 16155 16700 for (i = 0; i < sz; i++) 16156 if (info->ssl->options.cipherSuite == (byte)cipher_name_idx[i]) { 16701 if (info->ssl->options.cipherSuite == 16702 (byte)cipher_names[i].cipherSuite) { 16157 16703 if (info->ssl->options.cipherSuite0 == ECC_BYTE) 16158 16704 continue; /* ECC suites at end */ 16159 XSTRNCPY(info->cipherName, cipher_names[i], MAX_CIPHERNAME_SZ); 16705 XSTRNCPY(info->cipherName, cipher_names[i].name, MAX_CIPHERNAME_SZ); 16706 info->cipherName[MAX_CIPHERNAME_SZ] = '\0'; 16160 16707 break; 16161 16708 } … … 16168 16715 16169 16716 /* Add name to info packet names, increase packet name count */ 16170 void AddPacketName( const char* name, HandShakeInfo* info)16717 void AddPacketName(WOLFSSL* ssl, const char* name) 16171 16718 { 16719 #ifdef WOLFSSL_CALLBACKS 16720 HandShakeInfo* info = &ssl->handShakeInfo; 16172 16721 if (info->numberPackets < MAX_PACKETS_HANDSHAKE) { 16173 XSTRNCPY(info->packetNames[info->numberPackets++], name, 16174 MAX_PACKETNAME_SZ); 16175 } 16176 } 16177 16178 16179 /* Initialisze TimeoutInfo */ 16722 char* packetName = info->packetNames[info->numberPackets]; 16723 XSTRNCPY(packetName, name, MAX_PACKETNAME_SZ); 16724 packetName[MAX_PACKETNAME_SZ] = '\0'; 16725 info->numberPackets++; 16726 } 16727 #endif 16728 (void)ssl; 16729 (void)name; 16730 } 16731 16732 16733 #ifdef WOLFSSL_CALLBACKS 16734 /* Initialize TimeoutInfo */ 16180 16735 void InitTimeoutInfo(TimeoutInfo* info) 16181 16736 { … … 16211 16766 } 16212 16767 16213 16214 /* Add PacketInfo to TimeoutInfo */ 16215 void AddPacketInfo(const char* name, TimeoutInfo* info, const byte* data, 16216 int sz, void* heap) 16768 /* Add packet name to previsouly added packet info */ 16769 void AddLateName(const char* name, TimeoutInfo* info) 16217 16770 { 16771 /* make sure we have a valid previous one */ 16772 if (info->numberPackets > 0 && info->numberPackets < 16773 MAX_PACKETS_HANDSHAKE) { 16774 char* packetName = info->packets[info->numberPackets-1].packetName; 16775 XSTRNCPY(packetName, name, MAX_PACKETNAME_SZ); 16776 packetName[MAX_PACKETNAME_SZ] = '\0'; 16777 } 16778 } 16779 16780 /* Add record header to previsouly added packet info */ 16781 void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info) 16782 { 16783 /* make sure we have a valid previous one */ 16784 if (info->numberPackets > 0 && info->numberPackets < 16785 MAX_PACKETS_HANDSHAKE) { 16786 if (info->packets[info->numberPackets - 1].bufferValue) 16787 XMEMCPY(info->packets[info->numberPackets - 1].bufferValue, rl, 16788 RECORD_HEADER_SZ); 16789 else 16790 XMEMCPY(info->packets[info->numberPackets - 1].value, rl, 16791 RECORD_HEADER_SZ); 16792 } 16793 } 16794 16795 #endif /* WOLFSSL_CALLBACKS */ 16796 16797 16798 /* Add PacketInfo to TimeoutInfo 16799 * 16800 * ssl WOLFSSL structure sending or receiving packet 16801 * name name of packet being sent 16802 * type type of packet being sent 16803 * data data bing sent with packet 16804 * sz size of data buffer 16805 * written 1 if this packet is being written to wire, 0 if being read 16806 * heap custom heap to use for mallocs/frees 16807 */ 16808 void AddPacketInfo(WOLFSSL* ssl, const char* name, int type, 16809 const byte* data, int sz, int written, void* heap) 16810 { 16811 #ifdef WOLFSSL_CALLBACKS 16812 TimeoutInfo* info = &ssl->timeoutInfo; 16813 16218 16814 if (info->numberPackets < (MAX_PACKETS_HANDSHAKE - 1)) { 16219 16815 Timeval currTime; 16220 16816 16221 16817 /* may add name after */ 16222 if (name) 16223 XSTRNCPY(info->packets[info->numberPackets].packetName, name, 16224 MAX_PACKETNAME_SZ); 16818 if (name) { 16819 char* packetName = info->packets[info->numberPackets].packetName; 16820 XSTRNCPY(packetName, name, MAX_PACKETNAME_SZ); 16821 packetName[MAX_PACKETNAME_SZ] = '\0'; 16822 } 16225 16823 16226 16824 /* add data, put in buffer if bigger than static buffer */ … … 16245 16843 info->numberPackets++; 16246 16844 } 16247 } 16248 16249 16250 /* Add packet name to previsouly added packet info */ 16251 void AddLateName(const char* name, TimeoutInfo* info) 16252 { 16253 /* make sure we have a valid previous one */ 16254 if (info->numberPackets > 0 && info->numberPackets < 16255 MAX_PACKETS_HANDSHAKE) { 16256 XSTRNCPY(info->packets[info->numberPackets - 1].packetName, name, 16257 MAX_PACKETNAME_SZ); 16258 } 16259 } 16260 16261 /* Add record header to previsouly added packet info */ 16262 void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info) 16263 { 16264 /* make sure we have a valid previous one */ 16265 if (info->numberPackets > 0 && info->numberPackets < 16266 MAX_PACKETS_HANDSHAKE) { 16267 if (info->packets[info->numberPackets - 1].bufferValue) 16268 XMEMCPY(info->packets[info->numberPackets - 1].bufferValue, rl, 16269 RECORD_HEADER_SZ); 16270 else 16271 XMEMCPY(info->packets[info->numberPackets - 1].value, rl, 16272 RECORD_HEADER_SZ); 16273 } 16845 #endif /* WOLFSSL_CALLBACKS */ 16846 #ifdef OPENSSL_EXTRA 16847 if (ssl->protoMsgCb != NULL && sz > RECORD_HEADER_SZ) { 16848 /* version from hex to dec 16 is 16^1, 256 from 16^2 and 16849 4096 from 16^3 */ 16850 int version = (ssl->version.minor & 0X0F) + 16851 (ssl->version.minor & 0xF0) * 16 + 16852 (ssl->version.major & 0X0F) * 256 + 16853 (ssl->version.major & 0xF0) * 4096; 16854 16855 ssl->protoMsgCb(written, version, type, 16856 (const void *)(data + RECORD_HEADER_SZ), 16857 (size_t)(sz - RECORD_HEADER_SZ), 16858 ssl, ssl->protoMsgCtx); 16859 } 16860 #endif /* OPENSSL_EXTRA */ 16861 (void)written; 16862 (void)name; 16863 (void)heap; 16864 (void)type; 16865 (void)ssl; 16274 16866 } 16275 16867 16276 16868 #endif /* WOLFSSL_CALLBACKS */ 16277 16869 16278 16870 #if !defined(NO_CERTS) && (defined(WOLFSSL_TLS13) || \ 16871 !defined(NO_WOLFSSL_CLIENT)) 16872 16873 /* Decode the private key - RSA, ECC, or Ed25519 - and creates a key object. 16874 * The signature type is set as well. 16875 * The maximum length of a signature is returned. 16876 * 16877 * ssl The SSL/TLS object. 16878 * length The length of a signature. 16879 * returns 0 on success, otherwise failure. 16880 */ 16881 int DecodePrivateKey(WOLFSSL *ssl, word16* length) 16882 { 16883 int ret = BAD_FUNC_ARG; 16884 int keySz; 16885 word32 idx; 16886 16887 /* make sure private key exists */ 16888 if (ssl->buffers.key == NULL || ssl->buffers.key->buffer == NULL) { 16889 WOLFSSL_MSG("Private key missing!"); 16890 ERROR_OUT(NO_PRIVATE_KEY, exit_dpk); 16891 } 16892 16893 #ifndef NO_RSA 16894 if (ssl->buffers.keyType == rsa_sa_algo || ssl->buffers.keyType == 0) { 16895 ssl->hsType = DYNAMIC_TYPE_RSA; 16896 ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); 16897 if (ret != 0) { 16898 goto exit_dpk; 16899 } 16900 16901 WOLFSSL_MSG("Trying RSA private key"); 16902 16903 /* Set start of data to beginning of buffer. */ 16904 idx = 0; 16905 /* Decode the key assuming it is an RSA private key. */ 16906 ret = wc_RsaPrivateKeyDecode(ssl->buffers.key->buffer, &idx, 16907 (RsaKey*)ssl->hsKey, ssl->buffers.key->length); 16908 if (ret == 0) { 16909 WOLFSSL_MSG("Using RSA private key"); 16910 16911 /* It worked so check it meets minimum key size requirements. */ 16912 keySz = wc_RsaEncryptSize((RsaKey*)ssl->hsKey); 16913 if (keySz < 0) { /* check if keySz has error case */ 16914 ERROR_OUT(keySz, exit_dpk); 16915 } 16916 16917 if (keySz < ssl->options.minRsaKeySz) { 16918 WOLFSSL_MSG("RSA key size too small"); 16919 ERROR_OUT(RSA_KEY_SIZE_E, exit_dpk); 16920 } 16921 16922 /* Return the maximum signature length. */ 16923 *length = (word16)keySz; 16924 16925 goto exit_dpk; 16926 } 16927 } 16928 #endif /* !NO_RSA */ 16929 16930 #ifdef HAVE_ECC 16931 #ifndef NO_RSA 16932 FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey); 16933 #endif /* !NO_RSA */ 16934 16935 if (ssl->buffers.keyType == ecc_dsa_sa_algo || ssl->buffers.keyType == 0) { 16936 ssl->hsType = DYNAMIC_TYPE_ECC; 16937 ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); 16938 if (ret != 0) { 16939 goto exit_dpk; 16940 } 16941 16942 #ifndef NO_RSA 16943 WOLFSSL_MSG("Trying ECC private key, RSA didn't work"); 16944 #else 16945 WOLFSSL_MSG("Trying ECC private key"); 16946 #endif 16947 16948 /* Set start of data to beginning of buffer. */ 16949 idx = 0; 16950 /* Decode the key assuming it is an ECC private key. */ 16951 ret = wc_EccPrivateKeyDecode(ssl->buffers.key->buffer, &idx, 16952 (ecc_key*)ssl->hsKey, 16953 ssl->buffers.key->length); 16954 if (ret == 0) { 16955 WOLFSSL_MSG("Using ECC private key"); 16956 16957 /* Check it meets the minimum ECC key size requirements. */ 16958 keySz = wc_ecc_size((ecc_key*)ssl->hsKey); 16959 if (keySz < ssl->options.minEccKeySz) { 16960 WOLFSSL_MSG("ECC key size too small"); 16961 ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk); 16962 } 16963 16964 /* Return the maximum signature length. */ 16965 *length = (word16)wc_ecc_sig_size((ecc_key*)ssl->hsKey); 16966 16967 goto exit_dpk; 16968 } 16969 } 16970 #endif 16971 #ifdef HAVE_ED25519 16972 #if !defined(NO_RSA) || defined(HAVE_ECC) 16973 FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey); 16974 #endif 16975 16976 if (ssl->buffers.keyType == ed25519_sa_algo || ssl->buffers.keyType == 0) { 16977 ssl->hsType = DYNAMIC_TYPE_ED25519; 16978 ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); 16979 if (ret != 0) { 16980 goto exit_dpk; 16981 } 16982 16983 #ifdef HAVE_ECC 16984 WOLFSSL_MSG("Trying ED25519 private key, ECC didn't work"); 16985 #elif !defined(NO_RSA) 16986 WOLFSSL_MSG("Trying ED25519 private key, RSA didn't work"); 16987 #else 16988 WOLFSSL_MSG("Trying ED25519 private key"); 16989 #endif 16990 16991 /* Set start of data to beginning of buffer. */ 16992 idx = 0; 16993 /* Decode the key assuming it is an ED25519 private key. */ 16994 ret = wc_Ed25519PrivateKeyDecode(ssl->buffers.key->buffer, &idx, 16995 (ed25519_key*)ssl->hsKey, 16996 ssl->buffers.key->length); 16997 if (ret == 0) { 16998 WOLFSSL_MSG("Using ED25519 private key"); 16999 17000 /* Check it meets the minimum ECC key size requirements. */ 17001 if (ED25519_KEY_SIZE < ssl->options.minEccKeySz) { 17002 WOLFSSL_MSG("ED25519 key size too small"); 17003 ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk); 17004 } 17005 17006 /* Return the maximum signature length. */ 17007 *length = ED25519_SIG_SIZE; 17008 17009 goto exit_dpk; 17010 } 17011 } 17012 #endif /* HAVE_ED25519 */ 17013 17014 (void)idx; 17015 (void)keySz; 17016 (void)length; 17017 exit_dpk: 17018 return ret; 17019 } 17020 17021 #endif /* WOLFSSL_TLS13 || !NO_WOLFSSL_CLIENT */ 16279 17022 16280 17023 /* client only parts */ 16281 17024 #ifndef NO_WOLFSSL_CLIENT 16282 17025 17026 #ifndef WOLFSSL_NO_TLS12 17027 17028 /* handle generation of client_hello (1) */ 16283 17029 int SendClientHello(WOLFSSL* ssl) 16284 17030 { … … 16292 17038 word16 extSz = 0; 16293 17039 16294 16295 17040 #ifdef WOLFSSL_TLS13 16296 17041 if (IsAtLeastTLSv1_3(ssl->version)) … … 16298 17043 #endif 16299 17044 17045 WOLFSSL_START(WC_FUNC_CLIENT_HELLO_SEND); 17046 WOLFSSL_ENTER("SendClientHello"); 17047 16300 17048 if (ssl->suites == NULL) { 16301 17049 WOLFSSL_MSG("Bad suites pointer in SendClientHello"); … … 16312 17060 16313 17061 ret = TLSX_UseSessionTicket(&ssl->extensions, ticket, ssl->heap); 16314 if (ret != WOLFSSL_SUCCESS) return ret; 17062 if (ret != WOLFSSL_SUCCESS) { 17063 TLSX_SessionTicket_Free(ticket, ssl->heap); 17064 return ret; 17065 } 16315 17066 16316 17067 idSz = 0; … … 16330 17081 return MEMORY_E; 16331 17082 #endif 16332 extSz = TLSX_GetRequestSize(ssl, client_hello); 16333 if (extSz != 0) 17083 extSz = 0; 17084 ret = TLSX_GetRequestSize(ssl, client_hello, &extSz); 17085 if (ret != 0) 17086 return ret; 16334 17087 length += extSz; 16335 17088 #else … … 16427 17180 16428 17181 #ifdef HAVE_TLS_EXTENSIONS 16429 idx += TLSX_WriteRequest(ssl, output + idx, client_hello); 17182 extSz = 0; 17183 ret = TLSX_WriteRequest(ssl, output + idx, client_hello, &extSz); 17184 if (ret != 0) 17185 return ret; 17186 idx += extSz; 16430 17187 16431 17188 (void)idx; /* suppress analyzer warning, keep idx current */ … … 16481 17238 } else { 16482 17239 #ifdef WOLFSSL_DTLS 17240 if (IsDtlsNotSctpMode(ssl)) { 17241 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0) 17242 return ret; 17243 } 16483 17244 if (ssl->options.dtls) 16484 17245 DtlsSEQIncrement(ssl, CUR_ORDER); … … 16489 17250 } 16490 17251 16491 #ifdef WOLFSSL_DTLS16492 if (IsDtlsNotSctpMode(ssl)) {16493 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0)16494 return ret;16495 }16496 #endif16497 16498 17252 ssl->options.clientState = CLIENT_HELLO_COMPLETE; 16499 16500 #ifdef WOLFSSL_CALLBACKS 16501 if (ssl->hsInfoOn) AddPacketName("ClientHello", &ssl->handShakeInfo); 17253 #ifdef OPENSSL_EXTRA 17254 ssl->cbmode = SSL_CB_MODE_WRITE; 17255 if (ssl->CBIS != NULL) 17256 ssl->CBIS(ssl, SSL_CB_CONNECT_LOOP, SSL_SUCCESS); 17257 #endif 17258 17259 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 17260 if (ssl->hsInfoOn) AddPacketName(ssl, "ClientHello"); 16502 17261 if (ssl->toInfoOn) 16503 AddPacketInfo( "ClientHello", &ssl->timeoutInfo, output, sendSz,16504 ssl->heap);17262 AddPacketInfo(ssl, "ClientHello", handshake, output, sendSz, 17263 WRITE_PROTO, ssl->heap); 16505 17264 #endif 16506 17265 16507 17266 ssl->buffers.outputBuffer.length += sendSz; 16508 17267 16509 return SendBuffered(ssl); 16510 } 16511 16512 17268 ret = SendBuffered(ssl); 17269 17270 WOLFSSL_LEAVE("SendClientHello", ret); 17271 WOLFSSL_END(WC_FUNC_CLIENT_HELLO_SEND); 17272 17273 return ret; 17274 } 17275 17276 17277 /* handle processing of DTLS hello_verify_request (3) */ 16513 17278 static int DoHelloVerifyRequest(WOLFSSL* ssl, const byte* input, 16514 17279 word32* inOutIdx, word32 size) … … 16519 17284 16520 17285 #ifdef WOLFSSL_CALLBACKS 16521 if (ssl->hsInfoOn) AddPacketName("HelloVerifyRequest", 16522 &ssl->handShakeInfo); 17286 if (ssl->hsInfoOn) AddPacketName(ssl, "HelloVerifyRequest"); 16523 17287 if (ssl->toInfoOn) AddLateName("HelloVerifyRequest", &ssl->timeoutInfo); 16524 17288 #endif … … 16560 17324 16561 17325 16562 static INLINE int DSH_CheckSessionId(WOLFSSL* ssl)17326 static WC_INLINE int DSH_CheckSessionId(WOLFSSL* ssl) 16563 17327 { 16564 17328 int ret = 0; … … 16592 17356 int CheckVersion(WOLFSSL *ssl, ProtocolVersion pv) 16593 17357 { 16594 #ifdef WOLFSSL_TLS13 16595 /* TODO: [TLS13] Remove this. 16596 * Translate the draft TLS v1.3 version to final version. 16597 */ 17358 #ifdef WOLFSSL_TLS13_DRAFT 16598 17359 if (pv.major == TLS_DRAFT_MAJOR) { 16599 17360 pv.major = SSLv3_MAJOR; … … 16602 17363 #endif 16603 17364 16604 /* Check for upgrade attack. */ 17365 #ifdef OPENSSL_EXTRA 17366 if (ssl->CBIS != NULL) { 17367 ssl->CBIS(ssl, SSL_CB_HANDSHAKE_START, SSL_SUCCESS); 17368 } 17369 #endif 17370 16605 17371 if (pv.minor > ssl->version.minor) { 16606 17372 WOLFSSL_MSG("Server using higher version, fatal error"); … … 16692 17458 } 16693 17459 17460 /* handle processing of server_hello (2) */ 16694 17461 int DoServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, 16695 17462 word32 helloSz) … … 16703 17470 int ret; 16704 17471 17472 WOLFSSL_START(WC_FUNC_SERVER_HELLO_DO); 17473 WOLFSSL_ENTER("DoServerHello"); 17474 16705 17475 #ifdef WOLFSSL_CALLBACKS 16706 if (ssl->hsInfoOn) AddPacketName( "ServerHello", &ssl->handShakeInfo);17476 if (ssl->hsInfoOn) AddPacketName(ssl, "ServerHello"); 16707 17477 if (ssl->toInfoOn) AddLateName("ServerHello", &ssl->timeoutInfo); 16708 17478 #endif … … 16721 17491 16722 17492 #ifdef WOLFSSL_TLS13 16723 if (IsAtLeastTLSv1_3(pv)) 16724 return DoTls13ServerHello(ssl, input, inOutIdx, helloSz); 17493 if (IsAtLeastTLSv1_3(pv)) { 17494 byte type = server_hello; 17495 return DoTls13ServerHello(ssl, input, inOutIdx, helloSz, &type); 17496 } 16725 17497 #endif 16726 17498 … … 16728 17500 XMEMCPY(ssl->arrays->serverRandom, input + i, RAN_LEN); 16729 17501 i += RAN_LEN; 16730 16731 #ifdef WOLFSSL_TLS1316732 if (IsAtLeastTLSv1_3(ssl->ctx->method->version)) {16733 /* TLS v1.3 capable client not allowed to downgrade when connecting16734 * to TLS v1.3 capable server.16735 */16736 if (XMEMCMP(input + i - (TLS13_DOWNGRADE_SZ + 1),16737 tls13Downgrade, TLS13_DOWNGRADE_SZ) == 0 &&16738 (*(input + i - 1) == 0 || *(input + i - 1) == 1)) {16739 SendAlert(ssl, alert_fatal, illegal_parameter);16740 return VERSION_ERROR;16741 }16742 }16743 else16744 #endif16745 if (ssl->ctx->method->version.major == SSLv3_MAJOR &&16746 ssl->ctx->method->version.minor == TLSv1_2_MINOR) {16747 /* TLS v1.2 capable client not allowed to downgrade when connecting16748 * to TLS v1.2 capable server.16749 */16750 if (XMEMCMP(input + i - (TLS13_DOWNGRADE_SZ + 1),16751 tls13Downgrade, TLS13_DOWNGRADE_SZ) == 0 &&16752 *(input + i - 1) == 0) {16753 SendAlert(ssl, alert_fatal, illegal_parameter);16754 return VERSION_ERROR;16755 }16756 }16757 17502 16758 17503 /* session id */ … … 16823 17568 return BUFFER_ERROR; 16824 17569 16825 if ((ret = TLSX_Parse(ssl, (byte *) input + i, 16826 totalExtSz, 0, NULL)))17570 if ((ret = TLSX_Parse(ssl, (byte *) input + i, totalExtSz, 17571 server_hello, NULL))) 16827 17572 return ret; 16828 17573 … … 16912 17657 #endif /* HAVE_SECRET_CALLBACK */ 16913 17658 16914 if (ssl->options.resuming) { 17659 ret = CompleteServerHello(ssl); 17660 17661 WOLFSSL_LEAVE("DoServerHello", ret); 17662 WOLFSSL_END(WC_FUNC_SERVER_HELLO_DO); 17663 17664 return ret; 17665 } 17666 17667 int CompleteServerHello(WOLFSSL* ssl) 17668 { 17669 int ret; 17670 17671 if (!ssl->options.resuming) { 17672 byte* down = ssl->arrays->serverRandom + RAN_LEN - 17673 TLS13_DOWNGRADE_SZ - 1; 17674 byte vers = ssl->arrays->serverRandom[RAN_LEN - 1]; 17675 #ifdef WOLFSSL_TLS13 17676 if (IsAtLeastTLSv1_3(ssl->ctx->method->version)) { 17677 /* TLS v1.3 capable client not allowed to downgrade when 17678 * connecting to TLS v1.3 capable server unless cipher suite 17679 * demands it. 17680 */ 17681 if (XMEMCMP(down, tls13Downgrade, TLS13_DOWNGRADE_SZ) == 0 && 17682 (vers == 0 || vers == 1)) { 17683 SendAlert(ssl, alert_fatal, illegal_parameter); 17684 return VERSION_ERROR; 17685 } 17686 } 17687 else 17688 #endif 17689 if (ssl->ctx->method->version.major == SSLv3_MAJOR && 17690 ssl->ctx->method->version.minor == TLSv1_2_MINOR) { 17691 /* TLS v1.2 capable client not allowed to downgrade when 17692 * connecting to TLS v1.2 capable server. 17693 */ 17694 if (XMEMCMP(down, tls13Downgrade, TLS13_DOWNGRADE_SZ) == 0 && 17695 vers == 0) { 17696 SendAlert(ssl, alert_fatal, illegal_parameter); 17697 return VERSION_ERROR; 17698 } 17699 } 17700 } 17701 else { 16915 17702 if (DSH_CheckSessionId(ssl)) { 16916 17703 if (SetCipherSpecs(ssl) == 0) { … … 16952 17739 } 16953 17740 17741 #endif /* WOLFSSL_NO_TLS12 */ 17742 16954 17743 16955 17744 /* Make sure client setup is valid for this suite, true on success */ … … 16977 17766 } 16978 17767 17768 #ifndef WOLFSSL_NO_TLS12 16979 17769 16980 17770 #ifndef NO_CERTS 16981 /* just read in and ignore for now TODO:*/17771 /* handle processing of certificate_request (13) */ 16982 17772 static int DoCertificateRequest(WOLFSSL* ssl, const byte* input, word32* 16983 17773 inOutIdx, word32 size) … … 16986 17776 word32 begin = *inOutIdx; 16987 17777 17778 WOLFSSL_START(WC_FUNC_CERTIFICATE_REQUEST_DO); 17779 WOLFSSL_ENTER("DoCertificateRequest"); 17780 16988 17781 #ifdef WOLFSSL_CALLBACKS 16989 17782 if (ssl->hsInfoOn) 16990 AddPacketName( "CertificateRequest", &ssl->handShakeInfo);17783 AddPacketName(ssl, "CertificateRequest"); 16991 17784 if (ssl->toInfoOn) 16992 17785 AddLateName("CertificateRequest", &ssl->timeoutInfo); … … 17052 17845 /* don't send client cert or cert verify if user hasn't provided 17053 17846 cert and private key */ 17054 if (ssl->buffers.certificate && ssl->buffers.certificate->buffer && 17055 ssl->buffers.key && ssl->buffers.key->buffer) 17847 if (ssl->buffers.certificate && ssl->buffers.certificate->buffer) { 17848 #ifdef HAVE_PK_CALLBACKS 17849 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) { 17850 WOLFSSL_MSG("Using PK for client private key"); 17851 ssl->options.sendVerify = SEND_CERT; 17852 } 17853 #endif 17854 if (ssl->buffers.key && ssl->buffers.key->buffer) { 17056 17855 ssl->options.sendVerify = SEND_CERT; 17856 } 17857 } 17858 #ifdef OPENSSL_EXTRA 17859 else 17860 #else 17057 17861 else if (IsTLS(ssl)) 17862 #endif 17863 { 17058 17864 ssl->options.sendVerify = SEND_BLANK_CERT; 17865 } 17059 17866 17060 17867 if (IsEncryptionOn(ssl, 0)) 17061 17868 *inOutIdx += ssl->keys.padSz; 17062 17869 17870 WOLFSSL_LEAVE("DoCertificateRequest", 0); 17871 WOLFSSL_END(WC_FUNC_CERTIFICATE_REQUEST_DO); 17872 17063 17873 return 0; 17064 17874 } … … 17066 17876 17067 17877 17068 #if def HAVE_ECC17878 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 17069 17879 17070 17880 static int CheckCurveId(int tlsCurveId) … … 17143 17953 typedef struct DskeArgs { 17144 17954 byte* output; /* not allocated */ 17145 #if !defined(NO_DH) || defined(HAVE_ECC) 17955 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_ED25519) 17146 17956 byte* verifySig; 17147 17957 #endif 17148 17958 word32 idx; 17149 17959 word32 begin; 17150 #if !defined(NO_DH) || defined(HAVE_ECC) 17960 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_ED25519) 17151 17961 word16 verifySigSz; 17152 17962 #endif … … 17163 17973 (void)args; 17164 17974 17165 #if !defined(NO_DH) || defined(HAVE_ECC) 17975 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_ED25519) 17166 17976 if (args->verifySig) { 17167 17977 XFREE(args->verifySig, ssl->heap, DYNAMIC_TYPE_SIGNATURE); … … 17171 17981 } 17172 17982 17983 /* handle processing of server_key_exchange (12) */ 17173 17984 static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, 17174 17985 word32* inOutIdx, word32 size) … … 17183 17994 #endif 17184 17995 17996 (void)input; 17997 (void)size; 17998 17999 WOLFSSL_START(WC_FUNC_SERVER_KEY_EXCHANGE_DO); 17185 18000 WOLFSSL_ENTER("DoServerKeyExchange"); 17186 18001 … … 17214 18029 #ifdef WOLFSSL_CALLBACKS 17215 18030 if (ssl->hsInfoOn) 17216 AddPacketName( "ServerKeyExchange", &ssl->handShakeInfo);18031 AddPacketName(ssl, "ServerKeyExchange"); 17217 18032 if (ssl->toInfoOn) 17218 18033 AddLateName("ServerKeyExchange", &ssl->timeoutInfo); … … 17269 18084 ERROR_OUT(DH_KEY_SIZE_E, exit_dske); 17270 18085 } 18086 if (length > ssl->options.maxDhKeySz) { 18087 WOLFSSL_MSG("Server using a DH key that is too big"); 18088 SendAlert(ssl, alert_fatal, handshake_failure); 18089 ERROR_OUT(DH_KEY_SIZE_E, exit_dske); 18090 } 17271 18091 17272 18092 ssl->buffers.serverDH_P.buffer = … … 17310 18130 args->idx += length; 17311 18131 18132 ssl->buffers.weOwnDH = 1; 18133 17312 18134 /* pub */ 17313 18135 if ((args->idx - args->begin) + OPAQUE16_LEN > size) { … … 17337 18159 } 17338 18160 #endif /* !NO_DH */ 17339 #if def HAVE_ECC18161 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 17340 18162 case ecc_diffie_hellman_kea: 17341 18163 { 17342 18164 byte b; 17343 int curveId, curveOid; 18165 #ifdef HAVE_ECC 18166 int curveId; 18167 #endif 18168 int curveOid; 17344 18169 word16 length; 17345 18170 … … 17374 18199 goto exit_dske; 17375 18200 } 17376 } else if (ssl->peer EccKeyPresent) {18201 } else if (ssl->peerX25519KeyPresent) { 17377 18202 ret = ReuseKey(ssl, DYNAMIC_TYPE_CURVE25519, 17378 18203 ssl->peerX25519Key); … … 17394 18219 } 17395 18220 #endif 18221 #ifdef HAVE_ECC 17396 18222 if (ssl->peerEccKey == NULL) { 17397 18223 ret = AllocKey(ssl, DYNAMIC_TYPE_ECC, … … 17417 18243 ssl->peerEccKeyPresent = 1; 17418 18244 break; 18245 #endif 17419 18246 } 17420 #endif /* HAVE_ECC */18247 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 17421 18248 #if !defined(NO_DH) && !defined(NO_PSK) 17422 18249 case dhe_psk_kea: … … 17457 18284 if (length < ssl->options.minDhKeySz) { 17458 18285 WOLFSSL_MSG("Server using a DH key that is too small"); 18286 SendAlert(ssl, alert_fatal, handshake_failure); 18287 ERROR_OUT(DH_KEY_SIZE_E, exit_dske); 18288 } 18289 if (length > ssl->options.maxDhKeySz) { 18290 WOLFSSL_MSG("Server using a DH key that is too big"); 17459 18291 SendAlert(ssl, alert_fatal, handshake_failure); 17460 18292 ERROR_OUT(DH_KEY_SIZE_E, exit_dske); … … 17501 18333 args->idx += length; 17502 18334 18335 ssl->buffers.weOwnDH = 1; 18336 17503 18337 /* pub */ 17504 18338 if ((args->idx - args->begin) + OPAQUE16_LEN > size) { … … 17528 18362 } 17529 18363 #endif /* !NO_DH || !NO_PSK */ 17530 #if defined(HAVE_ECC) && !defined(NO_PSK) 18364 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 18365 !defined(NO_PSK) 17531 18366 case ecdhe_psk_kea: 17532 18367 { … … 17607 18442 17608 18443 if (ssl->peerEccKey == NULL) { 17609 AllocKey(ssl, DYNAMIC_TYPE_ECC,18444 ret = AllocKey(ssl, DYNAMIC_TYPE_ECC, 17610 18445 (void**)&ssl->peerEccKey); 17611 18446 if (ret != 0) { … … 17630 18465 break; 17631 18466 } 17632 #endif /* HAVE_ECC ||!NO_PSK */18467 #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ 17633 18468 default: 17634 18469 ret = BAD_KEA_TYPE_E; … … 17660 18495 case ecc_diffie_hellman_kea: 17661 18496 { 17662 #if defined(NO_DH) && !defined(HAVE_ECC) 18497 #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) 17663 18498 ERROR_OUT(NOT_COMPILED_IN, exit_dske); 17664 18499 #else … … 17729 18564 17730 18565 if (args->sigAlgo != ed25519_sa_algo) { 18566 int digest_sz = wc_HashGetDigestSize(hashType); 18567 if (digest_sz <= 0) { 18568 ERROR_OUT(BUFFER_ERROR, exit_dske); 18569 } 18570 ssl->buffers.digest.length = (unsigned int)digest_sz; 18571 17731 18572 /* buffer for hash */ 17732 ssl->buffers.digest.length =17733 wc_HashGetDigestSize(hashType);17734 18573 ssl->buffers.digest.buffer = (byte*)XMALLOC( 17735 18574 ssl->buffers.digest.length, ssl->heap, … … 17773 18612 } 17774 18613 #endif /* HAVE_ECC */ 17775 #if def HAVE_ED2551918614 #if defined(HAVE_ED25519) 17776 18615 case ed25519_sa_algo: 17777 18616 { … … 17781 18620 break; 17782 18621 } 17783 #endif /* HAVE_E CC*/18622 #endif /* HAVE_ED25519 */ 17784 18623 17785 18624 default: … … 17787 18626 } /* switch (args->sigAlgo) */ 17788 18627 17789 #endif /* NO_DH && !HAVE_ECC */18628 #endif /* NO_DH && !HAVE_ECC && !HAVE_ED25519 */ 17790 18629 break; 17791 18630 } … … 17819 18658 case ecc_diffie_hellman_kea: 17820 18659 { 17821 #if defined(NO_DH) && !defined(HAVE_ECC) 18660 #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) 17822 18661 ERROR_OUT(NOT_COMPILED_IN, exit_dske); 17823 18662 #else … … 17850 18689 ssl->peerRsaKey, 17851 18690 #ifdef HAVE_PK_CALLBACKS 17852 ssl->buffers.peerRsaKey.buffer, 17853 ssl->buffers.peerRsaKey.length, 17854 ssl->RsaVerifyCtx 18691 &ssl->buffers.peerRsaKey 17855 18692 #else 17856 NULL , 0, NULL18693 NULL 17857 18694 #endif 17858 18695 ); … … 17861 18698 args->sigSz = (word16)ret; 17862 18699 ret = 0; 18700 } 18701 #ifdef WOLFSSL_ASYNC_CRYPT 18702 if (ret != WC_PENDING_E) 18703 #endif 18704 { 18705 /* peerRsaKey */ 18706 FreeKey(ssl, DYNAMIC_TYPE_RSA, 18707 (void**)&ssl->peerRsaKey); 18708 ssl->peerRsaKeyPresent = 0; 17863 18709 } 17864 18710 break; … … 17874 18720 ssl->peerEccDsaKey, 17875 18721 #ifdef HAVE_PK_CALLBACKS 17876 ssl->buffers.peerEccDsaKey.buffer, 17877 ssl->buffers.peerEccDsaKey.length, 17878 ssl->EccVerifyCtx 18722 &ssl->buffers.peerEccDsaKey 17879 18723 #else 17880 NULL , 0, NULL18724 NULL 17881 18725 #endif 17882 18726 ); 17883 18727 18728 #ifdef WOLFSSL_ASYNC_CRYPT 18729 if (ret != WC_PENDING_E) 18730 #endif 18731 { 18732 /* peerEccDsaKey */ 18733 FreeKey(ssl, DYNAMIC_TYPE_ECC, 18734 (void**)&ssl->peerEccDsaKey); 18735 ssl->peerEccDsaKeyPresent = 0; 18736 } 17884 18737 break; 17885 18738 } 17886 18739 #endif /* HAVE_ECC */ 17887 #if def HAVE_ED2551918740 #if defined(HAVE_ED25519) 17888 18741 case ed25519_sa_algo: 17889 18742 { … … 17894 18747 ssl->peerEd25519Key, 17895 18748 #ifdef HAVE_PK_CALLBACKS 17896 ssl->buffers.peerEccDsaKey.buffer, 17897 ssl->buffers.peerEccDsaKey.length, 17898 ssl->Ed25519VerifyCtx 18749 &ssl->buffers.peerEd25519Key 17899 18750 #else 17900 NULL , 0, NULL18751 NULL 17901 18752 #endif 17902 18753 ); 17903 18754 18755 #ifdef WOLFSSL_ASYNC_CRYPT 18756 if (ret != WC_PENDING_E) 18757 #endif 18758 { 18759 /* peerEccDsaKey */ 18760 FreeKey(ssl, DYNAMIC_TYPE_ED25519, 18761 (void**)&ssl->peerEd25519Key); 18762 ssl->peerEd25519KeyPresent = 0; 18763 } 17904 18764 break; 17905 18765 } 17906 #endif /* HAVE_E CC*/18766 #endif /* HAVE_ED25519 */ 17907 18767 17908 18768 default: 17909 18769 ret = ALGO_ID_E; 17910 18770 } /* switch (sigAlgo) */ 17911 #endif /* NO_DH && !HAVE_ECC */18771 #endif /* NO_DH && !HAVE_ECC && !HAVE_ED25519 */ 17912 18772 break; 17913 18773 } … … 17941 18801 case ecc_diffie_hellman_kea: 17942 18802 { 17943 #if defined(NO_DH) && !defined(HAVE_ECC) 18803 #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) 17944 18804 ERROR_OUT(NOT_COMPILED_IN, exit_dske); 17945 18805 #else … … 18014 18874 break; 18015 18875 #endif /* HAVE_ECC */ 18016 #if def HAVE_ED2551918876 #if defined(HAVE_ED25519) 18017 18877 case ed25519_sa_algo: 18018 18878 /* Nothing to do in this algo */ 18019 18879 break; 18020 #endif /* HAVE_E CC*/18880 #endif /* HAVE_ED25519 */ 18021 18881 default: 18022 18882 ret = ALGO_ID_E; 18023 18883 } /* switch (sigAlgo) */ 18024 #endif /* NO_DH && !HAVE_ECC */18884 #endif /* NO_DH && !HAVE_ECC && !HAVE_ED25519 */ 18025 18885 break; 18026 18886 } … … 18091 18951 18092 18952 WOLFSSL_LEAVE("DoServerKeyExchange", ret); 18953 WOLFSSL_END(WC_FUNC_SERVER_KEY_EXCHANGE_DO); 18093 18954 18094 18955 #ifdef WOLFSSL_ASYNC_CRYPT 18095 18956 /* Handle async operation */ 18096 18957 if (ret == WC_PENDING_E) { 18097 /* Mark message as not rece vied so it can process again */18958 /* Mark message as not received so it can process again */ 18098 18959 ssl->msgsReceived.got_server_key_exchange = 0; 18099 18960 … … 18518 19379 } 18519 19380 19381 /* handle generation client_key_exchange (16) */ 18520 19382 int SendClientKeyExchange(WOLFSSL* ssl) 18521 19383 { … … 18529 19391 #endif 18530 19392 19393 WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND); 18531 19394 WOLFSSL_ENTER("SendClientKeyExchange"); 19395 19396 #ifdef OPENSSL_EXTRA 19397 ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; 19398 ssl->cbmode = SSL_CB_MODE_WRITE; 19399 if (ssl->CBIS != NULL) 19400 ssl->CBIS(ssl, SSL_CB_CONNECT_LOOP, SSL_SUCCESS); 19401 #endif 18532 19402 18533 19403 #ifdef WOLFSSL_ASYNC_CRYPT … … 18596 19466 break; 18597 19467 #endif /* !NO_DH && !NO_PSK */ 18598 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) 19468 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 19469 !defined(NO_PSK) 18599 19470 case ecdhe_psk_kea: 18600 19471 /* sanity check that PSK client callback has been set */ … … 18643 19514 #endif 18644 19515 18645 /* create private key */19516 /* create ephemeral private key */ 18646 19517 ssl->hsType = DYNAMIC_TYPE_ECC; 18647 19518 ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); … … 18702 19573 #ifdef HAVE_ECC 18703 19574 if (ssl->specs.static_ecdh) { 18704 /* TODO: EccDsa is really fixed Ecc change naming */ 18705 if (!ssl->peerEccDsaKey || 18706 !ssl->peerEccDsaKeyPresent || 19575 /* Note: EccDsa is really fixed Ecc key here */ 19576 if (!ssl->peerEccDsaKey || !ssl->peerEccDsaKeyPresent || 18707 19577 !ssl->peerEccDsaKey->dp) { 18708 19578 ERROR_OUT(NO_PEER_KEY, exit_scke); … … 18721 19591 } 18722 19592 18723 /* create private key */19593 /* create ephemeral private key */ 18724 19594 ssl->hsType = DYNAMIC_TYPE_ECC; 18725 19595 ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); … … 18757 19627 ERROR_OUT(MEMORY_E, exit_scke); 18758 19628 } 19629 if (ssl->arrays->preMasterSecret == NULL) { 19630 ssl->arrays->preMasterSecret = (byte*)XMALLOC(ENCRYPT_LEN, 19631 ssl->heap, DYNAMIC_TYPE_SECRET); 19632 if (ssl->arrays->preMasterSecret == NULL) { 19633 ERROR_OUT(MEMORY_E, exit_scke); 19634 } 19635 XMEMSET(ssl->arrays->preMasterSecret, 0, ENCRYPT_LEN); 19636 } 18759 19637 18760 19638 switch(ssl->specs.kea) … … 18763 19641 case rsa_kea: 18764 19642 { 19643 /* build PreMasterSecret with RNG data */ 18765 19644 ret = wc_RNG_GenerateBlock(ssl->rng, 18766 ssl->arrays->preMasterSecret, SECRET_LEN); 19645 &ssl->arrays->preMasterSecret[VERSION_SZ], 19646 SECRET_LEN - VERSION_SZ); 18767 19647 if (ret != 0) { 18768 19648 goto exit_scke; … … 18791 19671 } 18792 19672 19673 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ 19674 !defined(WOLFSSL_OLD_PRIME_CHECK) 19675 if (ssl->options.dhDoKeyTest && 19676 !ssl->options.dhKeyTested) 19677 { 19678 ret = wc_DhSetCheckKey(ssl->buffers.serverDH_Key, 19679 ssl->buffers.serverDH_P.buffer, 19680 ssl->buffers.serverDH_P.length, 19681 ssl->buffers.serverDH_G.buffer, 19682 ssl->buffers.serverDH_G.length, 19683 NULL, 0, 0, ssl->rng); 19684 if (ret != 0) { 19685 goto exit_scke; 19686 } 19687 ssl->options.dhKeyTested = 1; 19688 } 19689 else 19690 #endif 19691 { 18793 19692 ret = wc_DhSetKey(ssl->buffers.serverDH_Key, 18794 19693 ssl->buffers.serverDH_P.buffer, … … 18798 19697 if (ret != 0) { 18799 19698 goto exit_scke; 19699 } 18800 19700 } 18801 19701 … … 18886 19786 } 18887 19787 19788 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ 19789 !defined(WOLFSSL_OLD_PRIME_CHECK) 19790 if (ssl->options.dhDoKeyTest && 19791 !ssl->options.dhKeyTested) 19792 { 19793 ret = wc_DhSetCheckKey(ssl->buffers.serverDH_Key, 19794 ssl->buffers.serverDH_P.buffer, 19795 ssl->buffers.serverDH_P.length, 19796 ssl->buffers.serverDH_G.buffer, 19797 ssl->buffers.serverDH_G.length, 19798 NULL, 0, 0, ssl->rng); 19799 if (ret != 0) { 19800 goto exit_scke; 19801 } 19802 ssl->options.dhKeyTested = 1; 19803 } 19804 else 19805 #endif 19806 { 18888 19807 ret = wc_DhSetKey(ssl->buffers.serverDH_Key, 18889 19808 ssl->buffers.serverDH_P.buffer, … … 18894 19813 goto exit_scke; 18895 19814 } 19815 } 18896 19816 18897 19817 /* for DH, encSecret is Yc, agree is pre-master */ … … 18902 19822 } 18903 19823 #endif /* !NO_DH && !NO_PSK */ 18904 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) 19824 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 19825 !defined(NO_PSK) 18905 19826 case ecdhe_psk_kea: 18906 19827 { … … 18972 19893 break; 18973 19894 } 18974 #endif /* HAVE_ECC&& !NO_PSK */19895 #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ 18975 19896 #ifdef HAVE_NTRU 18976 19897 case ntru_kea: … … 19012 19933 } 19013 19934 #endif 19014 #if def HAVE_ECC19935 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) 19015 19936 #ifdef HAVE_PK_CALLBACKS 19016 19937 /* if callback then use it for shared secret */ … … 19057 19978 ssl->peerRsaKey, 19058 19979 #if defined(HAVE_PK_CALLBACKS) 19059 ssl->buffers.peerRsaKey.buffer, 19060 ssl->buffers.peerRsaKey.length, 19061 ssl->RsaEncCtx 19980 &ssl->buffers.peerRsaKey 19062 19981 #else 19063 NULL , 0, NULL19982 NULL 19064 19983 #endif 19065 19984 ); … … 19098 20017 } 19099 20018 #endif /* !NO_DH && !NO_PSK */ 19100 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) 20019 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 20020 !defined(NO_PSK) 19101 20021 case ecdhe_psk_kea: 19102 20022 { … … 19108 20028 ssl->arrays->preMasterSecret + OPAQUE16_LEN, 19109 20029 &ssl->arrays->preMasterSz, 19110 WOLFSSL_CLIENT_END ,19111 #ifdef HAVE_PK_CALLBACKS19112 ssl->EccSharedSecretCtx19113 # else19114 NULL20030 WOLFSSL_CLIENT_END 20031 ); 20032 if (!ssl->specs.static_ecdh 20033 #ifdef WOLFSSL_ASYNC_CRYPT 20034 && ret != WC_PENDING_E 19115 20035 #endif 19116 ); 20036 ) { 20037 FreeKey(ssl, DYNAMIC_TYPE_CURVE25519, 20038 (void**)&ssl->peerX25519Key); 20039 ssl->peerX25519KeyPresent = 0; 20040 } 19117 20041 break; 19118 20042 } … … 19123 20047 ssl->arrays->preMasterSecret + OPAQUE16_LEN, 19124 20048 &ssl->arrays->preMasterSz, 19125 WOLFSSL_CLIENT_END, 19126 #ifdef HAVE_PK_CALLBACKS 19127 ssl->EccSharedSecretCtx 19128 #else 19129 NULL 19130 #endif 20049 WOLFSSL_CLIENT_END 19131 20050 ); 20051 #ifdef WOLFSSL_ASYNC_CRYPT 20052 if (ret != WC_PENDING_E) 20053 #endif 20054 { 20055 FreeKey(ssl, DYNAMIC_TYPE_ECC, 20056 (void**)&ssl->peerEccKey); 20057 ssl->peerEccKeyPresent = 0; 20058 } 19132 20059 break; 19133 20060 } … … 19173 20100 ssl->arrays->preMasterSecret, 19174 20101 &ssl->arrays->preMasterSz, 19175 WOLFSSL_CLIENT_END ,19176 #ifdef HAVE_PK_CALLBACKS19177 ssl->EccSharedSecretCtx19178 # else19179 NULL20102 WOLFSSL_CLIENT_END 20103 ); 20104 if (!ssl->specs.static_ecdh 20105 #ifdef WOLFSSL_ASYNC_CRYPT 20106 && ret != WC_PENDING_E 19180 20107 #endif 19181 ); 20108 ) { 20109 FreeKey(ssl, DYNAMIC_TYPE_CURVE25519, 20110 (void**)&ssl->peerX25519Key); 20111 ssl->peerX25519KeyPresent = 0; 20112 } 19182 20113 break; 19183 20114 } … … 19192 20123 ssl->arrays->preMasterSecret, 19193 20124 &ssl->arrays->preMasterSz, 19194 WOLFSSL_CLIENT_END, 19195 #ifdef HAVE_PK_CALLBACKS 19196 ssl->EccSharedSecretCtx 19197 #else 19198 NULL 19199 #endif 20125 WOLFSSL_CLIENT_END 19200 20126 ); 20127 if (!ssl->specs.static_ecdh 20128 #ifdef WOLFSSL_ASYNC_CRYPT 20129 && ret != WC_PENDING_E 20130 #endif 20131 ) { 20132 FreeKey(ssl, DYNAMIC_TYPE_ECC, 20133 (void**)&ssl->peerEccKey); 20134 ssl->peerEccKeyPresent = 0; 20135 } 19201 20136 #endif 19202 20137 … … 19269 20204 } 19270 20205 #endif /* !NO_DH && !NO_PSK */ 19271 #if defined(HAVE_ECC) && !defined(NO_PSK) 20206 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 20207 !defined(NO_PSK) 19272 20208 case ecdhe_psk_kea: 19273 20209 { … … 19283 20219 args->encSz += args->length + OPAQUE8_LEN; 19284 20220 19285 /* Create pre master secret is the concat ination of20221 /* Create pre master secret is the concatenation of 19286 20222 eccSize + eccSharedKey + pskSize + pskKey */ 19287 20223 c16toa((word16)ssl->arrays->preMasterSz, pms); … … 19299 20235 break; 19300 20236 } 19301 #endif /* HAVE_ECC&& !NO_PSK */20237 #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ 19302 20238 #ifdef HAVE_NTRU 19303 20239 case ntru_kea: … … 19306 20242 } 19307 20243 #endif /* HAVE_NTRU */ 19308 #if def HAVE_ECC20244 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 19309 20245 case ecc_diffie_hellman_kea: 19310 20246 { … … 19314 20250 break; 19315 20251 } 19316 #endif /* HAVE_ECC */20252 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 19317 20253 19318 20254 default: … … 19467 20403 #endif 19468 20404 19469 #if def WOLFSSL_CALLBACKS20405 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 19470 20406 if (ssl->hsInfoOn) 19471 AddPacketName( "ClientKeyExchange", &ssl->handShakeInfo);20407 AddPacketName(ssl, "ClientKeyExchange"); 19472 20408 if (ssl->toInfoOn) 19473 AddPacketInfo( "ClientKeyExchange", &ssl->timeoutInfo,19474 args->output, args->sendSz, ssl->heap);20409 AddPacketInfo(ssl, "ClientKeyExchange", handshake, 20410 args->output, args->sendSz, WRITE_PROTO, ssl->heap); 19475 20411 #endif 19476 20412 … … 19496 20432 19497 20433 WOLFSSL_LEAVE("SendClientKeyExchange", ret); 20434 WOLFSSL_END(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND); 19498 20435 19499 20436 #ifdef WOLFSSL_ASYNC_CRYPT … … 19504 20441 19505 20442 /* No further need for PMS */ 20443 if (ssl->arrays->preMasterSecret != NULL) { 19506 20444 ForceZero(ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz); 20445 } 19507 20446 ssl->arrays->preMasterSz = 0; 19508 20447 … … 19514 20453 } 19515 20454 20455 #endif /* !WOLFSSL_NO_TLS12 */ 19516 20456 19517 20457 #ifndef NO_CERTS 19518 /* Decode the private key - RSA, ECC, or Ed25519 - and creates a key object. 19519 * The signature type is set as well. 19520 * The maximum length of a signature is returned. 19521 * 19522 * ssl The SSL/TLS object. 19523 * length The length of a signature. 19524 * returns 0 on success, otherwise failure. 19525 */ 19526 int DecodePrivateKey(WOLFSSL *ssl, word16* length) 19527 { 19528 int ret; 19529 int keySz; 19530 word32 idx; 19531 19532 /* make sure private key exists */ 19533 if (ssl->buffers.key == NULL || ssl->buffers.key->buffer == NULL) { 19534 WOLFSSL_MSG("Private key missing!"); 19535 ERROR_OUT(NO_PRIVATE_KEY, exit_dpk); 19536 } 19537 20458 20459 #ifdef HAVE_PK_CALLBACKS 20460 int GetPrivateKeySigSize(WOLFSSL* ssl) 20461 { 20462 int sigSz = 0; 20463 20464 if (ssl == NULL) 20465 return 0; 20466 20467 switch (ssl->buffers.keyType) { 19538 20468 #ifndef NO_RSA 19539 ssl->hsType = DYNAMIC_TYPE_RSA; 19540 ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); 19541 if (ret != 0) { 19542 goto exit_dpk; 19543 } 19544 19545 WOLFSSL_MSG("Trying RSA private key"); 19546 19547 /* Set start of data to beginning of buffer. */ 19548 idx = 0; 19549 /* Decode the key assuming it is an RSA private key. */ 19550 ret = wc_RsaPrivateKeyDecode(ssl->buffers.key->buffer, &idx, 19551 (RsaKey*)ssl->hsKey, ssl->buffers.key->length); 19552 if (ret == 0) { 19553 WOLFSSL_MSG("Using RSA private key"); 19554 19555 /* It worked so check it meets minimum key size requirements. */ 19556 keySz = wc_RsaEncryptSize((RsaKey*)ssl->hsKey); 19557 if (keySz < 0) { /* check if keySz has error case */ 19558 ERROR_OUT(keySz, exit_dpk); 19559 } 19560 19561 if (keySz < ssl->options.minRsaKeySz) { 19562 WOLFSSL_MSG("RSA key size too small"); 19563 ERROR_OUT(RSA_KEY_SIZE_E, exit_dpk); 19564 } 19565 19566 /* Return the maximum signature length. */ 19567 *length = (word16)keySz; 19568 19569 goto exit_dpk; 19570 } 19571 #endif /* !NO_RSA */ 19572 19573 #ifdef HAVE_ECC 19574 #ifndef NO_RSA 19575 FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey); 19576 #endif /* !NO_RSA */ 19577 19578 ssl->hsType = DYNAMIC_TYPE_ECC; 19579 ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); 19580 if (ret != 0) { 19581 goto exit_dpk; 19582 } 19583 19584 #ifndef NO_RSA 19585 WOLFSSL_MSG("Trying ECC private key, RSA didn't work"); 19586 #else 19587 WOLFSSL_MSG("Trying ECC private key"); 19588 #endif 19589 19590 /* Set start of data to beginning of buffer. */ 19591 idx = 0; 19592 /* Decode the key assuming it is an ECC private key. */ 19593 ret = wc_EccPrivateKeyDecode(ssl->buffers.key->buffer, &idx, 19594 (ecc_key*)ssl->hsKey, 19595 ssl->buffers.key->length); 19596 if (ret == 0) { 19597 WOLFSSL_MSG("Using ECC private key"); 19598 19599 /* Check it meets the minimum ECC key size requirements. */ 19600 keySz = wc_ecc_size((ecc_key*)ssl->hsKey); 19601 if (keySz < ssl->options.minEccKeySz) { 19602 WOLFSSL_MSG("ECC key size too small"); 19603 ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk); 19604 } 19605 19606 /* Return the maximum signature length. */ 19607 *length = (word16)wc_ecc_sig_size((ecc_key*)ssl->hsKey); 19608 19609 goto exit_dpk; 19610 } 19611 #endif 19612 #ifdef HAVE_ED25519 19613 #if !defined(NO_RSA) || defined(HAVE_ECC) 19614 FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey); 19615 #endif 19616 19617 ssl->hsType = DYNAMIC_TYPE_ED25519; 19618 ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); 19619 if (ret != 0) { 19620 goto exit_dpk; 19621 } 19622 19623 #ifdef HAVE_ECC 19624 WOLFSSL_MSG("Trying ED25519 private key, ECC didn't work"); 19625 #elif !defined(NO_RSA) 19626 WOLFSSL_MSG("Trying ED25519 private key, RSA didn't work"); 19627 #else 19628 WOLFSSL_MSG("Trying ED25519 private key"); 19629 #endif 19630 19631 /* Set start of data to beginning of buffer. */ 19632 idx = 0; 19633 /* Decode the key assuming it is an ED25519 private key. */ 19634 ret = wc_Ed25519PrivateKeyDecode(ssl->buffers.key->buffer, &idx, 19635 (ed25519_key*)ssl->hsKey, 19636 ssl->buffers.key->length); 19637 if (ret == 0) { 19638 WOLFSSL_MSG("Using ED25519 private key"); 19639 19640 /* Check it meets the minimum ECC key size requirements. */ 19641 (void)keySz; 19642 if (ED25519_KEY_SIZE < ssl->options.minEccKeySz) { 19643 WOLFSSL_MSG("ED25519 key size too small"); 19644 ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk); 19645 } 19646 19647 /* Return the maximum signature length. */ 19648 *length = ED25519_SIG_SIZE; 19649 19650 goto exit_dpk; 19651 } 19652 #endif 19653 19654 exit_dpk: 19655 return ret; 20469 #ifdef WC_RSA_PSS 20470 case rsa_pss_sa_algo: 20471 #endif 20472 case rsa_sa_algo: 20473 sigSz = ssl->buffers.keySz; 20474 ssl->hsType = DYNAMIC_TYPE_RSA; 20475 break; 20476 #endif 20477 #ifdef HAVE_ECC 20478 case ecc_dsa_sa_algo: 20479 sigSz = wc_ecc_sig_size_calc(ssl->buffers.keySz); 20480 ssl->hsType = DYNAMIC_TYPE_ECC; 20481 break; 20482 #endif 20483 #ifdef HAVE_ED25519 20484 case ed25519_sa_algo: 20485 sigSz = ED25519_SIG_SIZE; /* fixed known value */ 20486 ssl->hsType = DYNAMIC_TYPE_ED25519; 20487 break; 20488 #endif 20489 default: 20490 break; 19656 20491 } 19657 19658 20492 return sigSz; 20493 } 20494 #endif /* HAVE_PK_CALLBACKS */ 20495 20496 #ifndef WOLFSSL_NO_TLS12 20497 20498 #ifndef WOLFSSL_NO_CLIENT_AUTH 19659 20499 typedef struct ScvArgs { 19660 20500 byte* output; /* not allocated */ … … 19691 20531 } 19692 20532 20533 /* handle generation of certificate_verify (15) */ 19693 20534 int SendCertificateVerify(WOLFSSL* ssl) 19694 20535 { … … 19702 20543 #endif 19703 20544 20545 WOLFSSL_START(WC_FUNC_CERTIFICATE_VERIFY_SEND); 19704 20546 WOLFSSL_ENTER("SendCertificateVerify"); 19705 20547 … … 19731 20573 } 19732 20574 19733 args->sendSz = MAX_CERT_VERIFY_SZ ;20575 args->sendSz = MAX_CERT_VERIFY_SZ + MAX_MSG_EXTRA; 19734 20576 if (IsEncryptionOn(ssl, 1)) { 19735 20577 args->sendSz += MAX_MSG_EXTRA; … … 19757 20599 } 19758 20600 20601 if (ssl->buffers.key == NULL) { 20602 #ifdef HAVE_PK_CALLBACKS 20603 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) 20604 args->length = GetPrivateKeySigSize(ssl); 20605 else 20606 #endif 20607 ERROR_OUT(NO_PRIVATE_KEY, exit_scv); 20608 } 20609 else { 19759 20610 /* Decode private key. */ 19760 20611 ret = DecodePrivateKey(ssl, &args->length); 19761 20612 if (ret != 0) { 19762 20613 goto exit_scv; 20614 } 20615 } 20616 20617 if (args->length <= 0) { 20618 ERROR_OUT(NO_PRIVATE_KEY, exit_scv); 19763 20619 } 19764 20620 … … 19849 20705 } 19850 20706 #endif /* !NO_RSA */ 20707 #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH) 20708 if (args->sigAlgo == ed25519_sa_algo) { 20709 ret = Ed25519CheckPubKey(ssl); 20710 if (ret != 0) 20711 goto exit_scv; 20712 } 20713 #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */ 19851 20714 19852 20715 /* Advance state and proceed */ … … 19865 20728 ssl->buffers.sig.buffer, &ssl->buffers.sig.length, 19866 20729 key, 19867 #if defined(HAVE_PK_CALLBACKS) 19868 ssl->buffers.key->buffer, 19869 ssl->buffers.key->length, 19870 ssl->EccSignCtx 20730 #ifdef HAVE_PK_CALLBACKS 20731 ssl->buffers.key 19871 20732 #else 19872 NULL , 0, NULL20733 NULL 19873 20734 #endif 19874 20735 ); 19875 20736 } 19876 20737 #endif /* HAVE_ECC */ 19877 #if def HAVE_ED2551920738 #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH) 19878 20739 if (ssl->hsType == DYNAMIC_TYPE_ED25519) { 19879 20740 ed25519_key* key = (ed25519_key*)ssl->hsKey; 19880 20741 19881 20742 ret = Ed25519Sign(ssl, 19882 ssl-> buffers.digest.buffer, ssl->buffers.digest.length,20743 ssl->hsHashes->messages, ssl->hsHashes->length, 19883 20744 ssl->buffers.sig.buffer, &ssl->buffers.sig.length, 19884 20745 key, 19885 #if defined(HAVE_PK_CALLBACKS) 19886 ssl->buffers.key->buffer, 19887 ssl->buffers.key->length, 19888 ssl->Ed25519SignCtx 20746 #ifdef HAVE_PK_CALLBACKS 20747 ssl->buffers.key 19889 20748 #else 19890 NULL , 0, NULL20749 NULL 19891 20750 #endif 19892 20751 ); 19893 20752 } 19894 #endif /* HAVE_E CC*/20753 #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */ 19895 20754 #ifndef NO_RSA 19896 20755 if (ssl->hsType == DYNAMIC_TYPE_RSA) { … … 19904 20763 args->verify + args->extraSz + VERIFY_HEADER, &args->sigSz, 19905 20764 args->sigAlgo, ssl->suites->hashAlgo, key, 19906 ssl->buffers.key->buffer, ssl->buffers.key->length, 19907 #ifdef HAVE_PK_CALLBACKS 19908 ssl->RsaSignCtx 19909 #else 19910 NULL 19911 #endif 20765 ssl->buffers.key 19912 20766 ); 19913 20767 } … … 19938 20792 } 19939 20793 #endif /* HAVE_ECC */ 19940 #ifdef HAVE_E CC20794 #ifdef HAVE_ED25519 19941 20795 if (ssl->hsType == DYNAMIC_TYPE_ED25519) { 19942 20796 args->length = (word16)ssl->buffers.sig.length; … … 19946 20800 ssl->buffers.sig.buffer, ssl->buffers.sig.length); 19947 20801 } 19948 #endif /* HAVE_E CC*/20802 #endif /* HAVE_ED25519 */ 19949 20803 #ifndef NO_RSA 19950 20804 if (ssl->hsType == DYNAMIC_TYPE_RSA) { … … 19965 20819 args->verifySig, args->sigSz, 19966 20820 ssl->buffers.sig.buffer, ssl->buffers.sig.length, 19967 args->sigAlgo, ssl->suites->hashAlgo, key 20821 args->sigAlgo, ssl->suites->hashAlgo, key, 20822 ssl->buffers.key 19968 20823 ); 19969 20824 } … … 20054 20909 20055 20910 20056 #if def WOLFSSL_CALLBACKS20911 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 20057 20912 if (ssl->hsInfoOn) 20058 AddPacketName( "CertificateVerify", &ssl->handShakeInfo);20913 AddPacketName(ssl, "CertificateVerify"); 20059 20914 if (ssl->toInfoOn) 20060 AddPacketInfo( "CertificateVerify", &ssl->timeoutInfo,20061 args->output, args->sendSz, ssl->heap);20915 AddPacketInfo(ssl, "CertificateVerify", handshake, 20916 args->output, args->sendSz, WRITE_PROTO, ssl->heap); 20062 20917 #endif 20063 20918 … … 20076 20931 20077 20932 WOLFSSL_LEAVE("SendCertificateVerify", ret); 20933 WOLFSSL_END(WC_FUNC_CERTIFICATE_VERIFY_SEND); 20078 20934 20079 20935 #ifdef WOLFSSL_ASYNC_CRYPT … … 20094 20950 return ret; 20095 20951 } 20952 #endif /* WOLFSSL_NO_CLIENT_AUTH */ 20953 20954 #endif /* WOLFSSL_NO_TLS12 */ 20096 20955 20097 20956 #endif /* NO_CERTS */ … … 20116 20975 ssl->session.isDynamic = 1; 20117 20976 } 20118 ssl->session.ticketLen = length;20977 ssl->session.ticketLen = (word16)length; 20119 20978 20120 20979 if (length > 0) { … … 20128 20987 * supercede the existing session cache info. */ 20129 20988 ssl->options.haveSessionId = 1; 20989 #ifdef WOLFSSL_TLS13 20990 if (ssl->options.tls1_3) { 20991 XMEMCPY(ssl->session.sessionID, 20992 ssl->session.ticket + length - ID_LEN, ID_LEN); 20993 } 20994 else 20995 #endif 20130 20996 XMEMCPY(ssl->arrays->sessionID, 20131 20997 ssl->session.ticket + length - ID_LEN, ID_LEN); … … 20135 21001 } 20136 21002 21003 #ifndef WOLFSSL_NO_TLS12 21004 21005 /* handle processing of session_ticket (4) */ 20137 21006 static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, 20138 21007 word32 size) … … 20181 21050 return 0; 20182 21051 } 21052 21053 #endif /* !WOLFSSL_NO_TLS12 */ 21054 20183 21055 #endif /* HAVE_SESSION_TICKET */ 20184 21056 … … 20187 21059 #ifndef NO_WOLFSSL_SERVER 20188 21060 21061 #ifndef WOLFSSL_NO_TLS12 21062 21063 /* handle generation of server_hello (2) */ 20189 21064 int SendServerHello(WOLFSSL* ssl) 20190 21065 { 21066 int ret; 20191 21067 byte *output; 20192 word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 21068 word16 length; 21069 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 20193 21070 int sendSz; 20194 int ret;20195 21071 byte sessIdSz = ID_LEN; 20196 21072 byte echoId = 0; /* ticket echo id flag */ 20197 21073 byte cacheOff = 0; /* session cache off flag */ 21074 21075 WOLFSSL_START(WC_FUNC_SERVER_HELLO_SEND); 21076 WOLFSSL_ENTER("SendServerHello"); 20198 21077 20199 21078 length = VERSION_SZ + RAN_LEN … … 20203 21082 20204 21083 #ifdef HAVE_TLS_EXTENSIONS 20205 length += TLSX_GetResponseSize(ssl, server_hello); 21084 ret = TLSX_GetResponseSize(ssl, server_hello, &length); 21085 if (ret != 0) 21086 return ret; 20206 21087 #ifdef HAVE_SESSION_TICKET 20207 21088 if (ssl->options.useTicket) { … … 20223 21104 #endif 20224 21105 20225 /* is the session ca hce off at build or runtime */21106 /* is the session cache off at build or runtime */ 20226 21107 #ifdef NO_SESSION_CACHE 20227 21108 cacheOff = 1; … … 20238 21119 sessIdSz = 0; 20239 21120 } 20240 20241 /* check for avalaible size */20242 if ((ret = CheckAvailableSize(ssl, MAX_HELLO_SZ)) != 0)20243 return ret;20244 20245 /* get output buffer */20246 output = ssl->buffers.outputBuffer.buffer +20247 ssl->buffers.outputBuffer.length;20248 21121 20249 21122 sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; … … 20258 21131 } 20259 21132 #endif /* WOLFSSL_DTLS */ 21133 21134 if (IsEncryptionOn(ssl, 1)) 21135 sendSz += MAX_MSG_EXTRA; 21136 21137 /* check for available size */ 21138 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) 21139 return ret; 21140 21141 /* get output buffer */ 21142 output = ssl->buffers.outputBuffer.buffer + 21143 ssl->buffers.outputBuffer.length; 21144 20260 21145 AddHeaders(output, length, server_hello, ssl); 20261 21146 20262 21147 /* now write to output */ 20263 21148 /* first version */ 20264 output[idx++] = ssl->version.major;20265 output[idx++] = ssl->version.minor;21149 output[idx++] = (byte)ssl->version.major; 21150 output[idx++] = (byte)ssl->version.minor; 20266 21151 20267 21152 /* then random and session id */ … … 20278 21163 XMEMCPY(output + idx + RAN_LEN - (TLS13_DOWNGRADE_SZ + 1), 20279 21164 tls13Downgrade, TLS13_DOWNGRADE_SZ); 20280 output[idx + RAN_LEN - 1] = IsAtLeastTLSv1_2(ssl);21165 output[idx + RAN_LEN - 1] = (byte)IsAtLeastTLSv1_2(ssl); 20281 21166 } 20282 21167 else … … 20329 21214 /* last, extensions */ 20330 21215 #ifdef HAVE_TLS_EXTENSIONS 20331 TLSX_WriteResponse(ssl, output + idx, server_hello); 21216 { 21217 word16 offset = 0; 21218 ret = TLSX_WriteResponse(ssl, output + idx, server_hello, &offset); 21219 if (ret != 0) 21220 return ret; 21221 idx += offset; 21222 } 20332 21223 #else 20333 21224 #ifdef HAVE_EXTENDED_MASTER … … 20341 21232 /*idx += HELLO_EXT_SZ_SZ;*/ 20342 21233 /* idx is not used after this point. uncomment the line above 20343 * if adding any more extentions in the future. */ 20344 } 20345 #endif 20346 #endif 20347 20348 ssl->buffers.outputBuffer.length += sendSz; 20349 #ifdef WOLFSSL_DTLS 20350 if (IsDtlsNotSctpMode(ssl)) { 20351 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0) 20352 return ret; 20353 } 20354 20355 if (ssl->options.dtls) { 21234 * if adding any more extensions in the future. */ 21235 } 21236 #endif 21237 #endif 21238 21239 if (IsEncryptionOn(ssl, 1)) { 21240 byte* input; 21241 int inputSz = idx - RECORD_HEADER_SZ; /* build msg adds rec hdr */ 21242 21243 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 21244 if (input == NULL) 21245 return MEMORY_E; 21246 21247 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 21248 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 21249 handshake, 1, 0, 0); 21250 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 21251 21252 if (sendSz < 0) 21253 return sendSz; 21254 } else { 21255 #ifdef WOLFSSL_DTLS 21256 if (ssl->options.dtls) 20356 21257 DtlsSEQIncrement(ssl, CUR_ORDER); 20357 }20358 21258 #endif 20359 20360 21259 ret = HashOutput(ssl, output, sendSz, 0); 20361 21260 if (ret != 0) 20362 21261 return ret; 20363 20364 20365 #if def WOLFSSL_CALLBACKS21262 } 21263 21264 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 20366 21265 if (ssl->hsInfoOn) 20367 AddPacketName( "ServerHello", &ssl->handShakeInfo);21266 AddPacketName(ssl, "ServerHello"); 20368 21267 if (ssl->toInfoOn) 20369 AddPacketInfo( "ServerHello", &ssl->timeoutInfo, output, sendSz,20370 ssl->heap);21268 AddPacketInfo(ssl, "ServerHello", handshake, output, sendSz, 21269 WRITE_PROTO, ssl->heap); 20371 21270 #endif 20372 21271 20373 21272 ssl->options.serverState = SERVER_HELLO_COMPLETE; 21273 ssl->buffers.outputBuffer.length += sendSz; 21274 21275 #ifdef WOLFSSL_DTLS 21276 if (IsDtlsNotSctpMode(ssl)) { 21277 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0) 21278 return ret; 21279 } 21280 21281 if (ssl->options.dtls) { 21282 DtlsSEQIncrement(ssl, CUR_ORDER); 21283 } 21284 #endif 20374 21285 20375 21286 if (ssl->options.groupMessages) 20376 ret urn0;21287 ret = 0; 20377 21288 else 20378 return SendBuffered(ssl); 20379 } 20380 20381 20382 #ifdef HAVE_ECC 21289 ret = SendBuffered(ssl); 21290 21291 WOLFSSL_LEAVE("SendServerHello", ret); 21292 WOLFSSL_END(WC_FUNC_SERVER_HELLO_SEND); 21293 21294 return ret; 21295 } 21296 21297 21298 #if defined(HAVE_ECC) 20383 21299 20384 21300 static byte SetCurveId(ecc_key* key) … … 20439 21355 #endif 20440 21356 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) 20441 #ifdef HAVE_CURVE2551920442 case ECC_X25519_OID:20443 return WOLFSSL_ECC_X25519;20444 #endif20445 21357 #ifndef NO_ECC_SECP 20446 21358 case ECC_SECP384R1_OID: … … 20469 21381 } 20470 21382 20471 #endif /* HAVE_ECC */21383 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 20472 21384 20473 21385 typedef struct SskeArgs { 20474 21386 byte* output; /* not allocated */ 20475 #if defined(HAVE_ECC) || (!defined(NO_DH) && !defined(NO_RSA)) 21387 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || \ 21388 (!defined(NO_DH) && !defined(NO_RSA)) 20476 21389 byte* sigDataBuf; 20477 21390 #endif 20478 #if defined(HAVE_ECC) 21391 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 20479 21392 byte* exportBuf; 20480 21393 #endif … … 20482 21395 byte* verifySig; 20483 21396 #endif 21397 byte* input; 20484 21398 word32 idx; 20485 21399 word32 tmpSigSz; 20486 21400 word32 length; 20487 21401 word32 sigSz; 20488 #if defined(HAVE_ECC) || (!defined(NO_DH) && !defined(NO_RSA)) 21402 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || \ 21403 (!defined(NO_DH) && !defined(NO_RSA)) 20489 21404 word32 sigDataSz; 20490 21405 #endif 20491 #if defined(HAVE_ECC) 21406 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 20492 21407 word32 exportSz; 20493 21408 #endif … … 20496 21411 #endif 20497 21412 int sendSz; 21413 int inputSz; 20498 21414 } SskeArgs; 20499 21415 … … 20504 21420 (void)ssl; 20505 21421 20506 #if defined(HAVE_ECC) 21422 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 20507 21423 if (args->exportBuf) { 20508 21424 XFREE(args->exportBuf, ssl->heap, DYNAMIC_TYPE_DER); … … 20510 21426 } 20511 21427 #endif 20512 #if defined(HAVE_ECC) || (!defined(NO_DH) && !defined(NO_RSA)) 21428 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || \ 21429 (!defined(NO_DH) && !defined(NO_RSA)) 20513 21430 if (args->sigDataBuf) { 20514 21431 XFREE(args->sigDataBuf, ssl->heap, DYNAMIC_TYPE_SIGNATURE); … … 20525 21442 } 20526 21443 21444 /* handle generation of server_key_exchange (12) */ 20527 21445 int SendServerKeyExchange(WOLFSSL* ssl) 20528 21446 { … … 20536 21454 #endif 20537 21455 21456 WOLFSSL_START(WC_FUNC_SERVER_KEY_EXCHANGE_SEND); 20538 21457 WOLFSSL_ENTER("SendServerKeyExchange"); 20539 21458 … … 20570 21489 switch(ssl->specs.kea) 20571 21490 { 20572 #if defined(HAVE_ECC) && !defined(NO_PSK) 21491 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 21492 !defined(NO_PSK) 20573 21493 case ecdhe_psk_kea: 20574 21494 { … … 20576 21496 break; 20577 21497 } 20578 #endif /* HAVE_ECC&& !NO_PSK */20579 #if def HAVE_ECC21498 #endif /* (HAVE_ECC || CURVE25519) && !NO_PSK */ 21499 #if defined(HAVE_ECC) 20580 21500 case ecc_diffie_hellman_kea: 20581 21501 { … … 20583 21503 WOLFSSL_MSG("Using Static ECDH, not sending ServerKeyExchange"); 20584 21504 ERROR_OUT(0, exit_sske); 20585 }20586 20587 /* make sure private key exists */20588 if (ssl->buffers.key == NULL ||20589 ssl->buffers.key->buffer == NULL) {20590 ERROR_OUT(NO_PRIVATE_KEY, exit_sske);20591 21505 } 20592 21506 … … 20650 21564 } 20651 21565 21566 #if !defined(WOLFSSL_OLD_PRIME_CHECK) && \ 21567 !defined(HAVE_FIPS) && \ 21568 !defined(HAVE_SELFTEST) 21569 if (ssl->options.dhDoKeyTest && 21570 !ssl->options.dhKeyTested) 21571 { 21572 ret = wc_DhSetCheckKey( 21573 ssl->buffers.serverDH_Key, 21574 ssl->buffers.serverDH_P.buffer, 21575 ssl->buffers.serverDH_P.length, 21576 ssl->buffers.serverDH_G.buffer, 21577 ssl->buffers.serverDH_G.length, 21578 NULL, 0, 0, ssl->rng); 21579 if (ret != 0) { 21580 goto exit_sske; 21581 } 21582 ssl->options.dhKeyTested = 1; 21583 } 21584 else 21585 #endif 21586 { 20652 21587 ret = wc_DhSetKey(ssl->buffers.serverDH_Key, 20653 21588 ssl->buffers.serverDH_P.buffer, … … 20658 21593 goto exit_sske; 20659 21594 } 21595 } 20660 21596 20661 21597 ret = DhGenKeyPair(ssl, ssl->buffers.serverDH_Key, … … 20667 21603 } 20668 21604 #endif /* !NO_DH && (!NO_PSK || !NO_RSA) */ 20669 #if defined(HAVE_ECC) && !defined(NO_PSK) 21605 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 21606 !defined(NO_PSK) 20670 21607 case ecdhe_psk_kea: 20671 21608 /* Fall through to create temp ECC key */ 20672 #endif /* HAVE_ECC&& !NO_PSK */21609 #endif /* (HAVE_ECC || CURVE25519) && !NO_PSK */ 20673 21610 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 20674 21611 case ecc_diffie_hellman_kea: … … 20709 21646 20710 21647 if (ssl->eccTempKeyPresent == 0) { 20711 /* TODO: Need to first do wc_EccPrivateKeyDecode,20712 then we know curve dp */20713 21648 ret = EccMakeKey(ssl, ssl->eccTempKey, NULL); 20714 21649 if (ret == 0 || ret == WC_PENDING_E) { … … 20737 21672 case TLS_ASYNC_BUILD: 20738 21673 { 20739 #if (!defined(NO_DH) && !defined(NO_RSA)) || defined(HAVE_ECC) 21674 #if (!defined(NO_DH) && !defined(NO_RSA)) || (defined(HAVE_ECC) || \ 21675 defined(HAVE_CURVE25519)) 20740 21676 word32 preSigSz, preSigIdx; 20741 21677 #endif … … 20773 21709 } 20774 21710 #endif 21711 21712 if (IsEncryptionOn(ssl, 1)) { 21713 args->sendSz += MAX_MSG_EXTRA; 21714 } 21715 20775 21716 /* check for available size */ 20776 21717 if ((ret = CheckAvailableSize(ssl, args->sendSz)) != 0) { … … 20831 21772 } 20832 21773 #endif 21774 21775 if (IsEncryptionOn(ssl, 1)) { 21776 args->sendSz += MAX_MSG_EXTRA; 21777 } 20833 21778 20834 21779 /* check for available size */ … … 20881 21826 } 20882 21827 #endif /* !defined(NO_DH) && !defined(NO_PSK) */ 20883 #if defined(HAVE_ECC) && !defined(NO_PSK) 21828 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 21829 !defined(NO_PSK) 20884 21830 case ecdhe_psk_kea: 20885 21831 { … … 20933 21879 } 20934 21880 #endif 21881 21882 if (IsEncryptionOn(ssl, 1)) { 21883 args->sendSz += MAX_MSG_EXTRA; 21884 } 21885 20935 21886 /* check for available size */ 20936 21887 if ((ret = CheckAvailableSize(ssl, args->sendSz)) != 0) { … … 20958 21909 #endif 20959 21910 { 21911 #ifdef HAVE_ECC 20960 21912 args->output[args->idx++] = 20961 21913 SetCurveId(ssl->eccTempKey); 21914 #endif 20962 21915 } 20963 21916 args->output[args->idx++] = (byte)args->exportSz; … … 20966 21919 break; 20967 21920 } 20968 #endif /* HAVE_ECC&& !NO_PSK */20969 #if def HAVE_ECC21921 #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ 21922 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 20970 21923 case ecc_diffie_hellman_kea: 20971 21924 { … … 20995 21948 #endif 20996 21949 { 21950 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) 20997 21951 if (wc_ecc_export_x963(ssl->eccTempKey, 20998 21952 args->exportBuf, &args->exportSz) != 0) { 20999 21953 ERROR_OUT(ECC_EXPORT_ERROR, exit_sske); 21000 21954 } 21955 #endif 21001 21956 } 21002 21957 args->length += args->exportSz; … … 21005 21960 preSigIdx = args->idx; 21006 21961 21007 switch(ssl->suites->sigAlgo) 21008 { 21962 if (ssl->buffers.key == NULL) { 21963 #ifdef HAVE_PK_CALLBACKS 21964 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) { 21965 args->tmpSigSz = GetPrivateKeySigSize(ssl); 21966 if (args->tmpSigSz <= 0) { 21967 ERROR_OUT(NO_PRIVATE_KEY, exit_sske); 21968 } 21969 } 21970 else 21971 #endif 21972 ERROR_OUT(NO_PRIVATE_KEY, exit_sske); 21973 } 21974 else { 21975 switch(ssl->suites->sigAlgo) { 21009 21976 #ifndef NO_RSA 21010 21977 #ifdef WC_RSA_PSS … … 21043 22010 } 21044 22011 #endif /* !NO_RSA */ 22012 #ifdef HAVE_ECC 21045 22013 case ecc_dsa_sa_algo: 21046 22014 { … … 21069 22037 ssl->options.minEccKeySz) { 21070 22038 WOLFSSL_MSG("ECC key size too small"); 21071 ret = ECC_KEY_SIZE_E; 21072 goto exit_sske; 22039 ERROR_OUT(ECC_KEY_SIZE_E, exit_sske); 21073 22040 } 21074 22041 break; 21075 22042 } 22043 #endif 21076 22044 #ifdef HAVE_ED25519 21077 22045 case ed25519_sa_algo: … … 21093 22061 goto exit_sske; 21094 22062 } 22063 21095 22064 /* worst case estimate */ 21096 22065 args->tmpSigSz = ED25519_SIG_SIZE; … … 21100 22069 ssl->options.minEccKeySz) { 21101 22070 WOLFSSL_MSG("Ed25519 key size too small"); 21102 ret = ECC_KEY_SIZE_E; 21103 goto exit_sske; 22071 ERROR_OUT(ECC_KEY_SIZE_E, exit_sske); 21104 22072 } 21105 22073 break; 21106 22074 } 21107 #endif 22075 #endif /* HAVE_ED25519 */ 21108 22076 default: 21109 22077 ERROR_OUT(ALGO_ID_E, exit_sske); /* unsupported type */ 21110 22078 } /* switch(ssl->specs.sig_algo) */ 22079 } 21111 22080 21112 22081 /* sig length */ … … 21131 22100 } 21132 22101 #endif 22102 if (IsEncryptionOn(ssl, 1)) { 22103 args->sendSz += MAX_MSG_EXTRA; 22104 } 22105 21133 22106 /* check for available size */ 21134 22107 if ((ret = CheckAvailableSize(ssl, args->sendSz)) != 0) { … … 21152 22125 #endif 21153 22126 { 22127 #ifdef HAVE_ECC 21154 22128 args->output[args->idx++] = 21155 22129 SetCurveId(ssl->eccTempKey); 22130 #endif 21156 22131 } 21157 22132 args->output[args->idx++] = (byte)args->exportSz; … … 21270 22245 #endif 21271 22246 #endif /* !NO_RSA */ 21272 #ifdef HAVE_ED2551921273 case ed25519_sa_algo:21274 #endif21275 22247 case ecc_dsa_sa_algo: 21276 22248 { 21277 22249 break; 21278 22250 } 22251 #ifdef HAVE_ED25519 22252 case ed25519_sa_algo: 22253 ret = Ed25519CheckPubKey(ssl); 22254 if (ret != 0) 22255 goto exit_sske; 22256 break; 22257 #endif /* HAVE_ED25519 */ 21279 22258 } /* switch(ssl->specs.sig_algo) */ 21280 22259 break; 21281 22260 } 21282 #endif /* HAVE_ECC */22261 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 21283 22262 #if !defined(NO_DH) && !defined(NO_RSA) 21284 22263 case diffie_hellman_kea: … … 21296 22275 21297 22276 if (!ssl->options.usingAnon_cipher) { 21298 word32 i = 0;21299 22277 int keySz; 21300 22278 21301 /* make sure private key exists */ 21302 if (ssl->buffers.key == NULL || 21303 ssl->buffers.key->buffer == NULL) { 22279 /* sig length */ 22280 args->length += LENGTH_SZ; 22281 22282 if (ssl->buffers.key == NULL) { 22283 #ifdef HAVE_PK_CALLBACKS 22284 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) 22285 keySz = (word32)GetPrivateKeySigSize(ssl); 22286 else 22287 #endif 21304 22288 ERROR_OUT(NO_PRIVATE_KEY, exit_sske); 21305 22289 } 22290 else 22291 { 22292 word32 i = 0; 21306 22293 21307 22294 ssl->hsType = DYNAMIC_TYPE_RSA; … … 21311 22298 } 21312 22299 21313 /* sig length */21314 args->length += LENGTH_SZ;21315 21316 22300 ret = wc_RsaPrivateKeyDecode( 21317 22301 ssl->buffers.key->buffer, &i, 21318 (RsaKey*)ssl->hsKey, ssl->buffers.key->length); 22302 (RsaKey*)ssl->hsKey, 22303 ssl->buffers.key->length); 21319 22304 if (ret != 0) { 21320 22305 goto exit_sske; 21321 22306 } 21322 22307 keySz = wc_RsaEncryptSize((RsaKey*)ssl->hsKey); 21323 if (keySz < 0) { /* test if keySz has error */ 22308 } 22309 22310 if (keySz <= 0) { /* test if keySz has error */ 21324 22311 ERROR_OUT(keySz, exit_sske); 21325 22312 } 22313 21326 22314 args->tmpSigSz = (word32)keySz; 21327 22315 args->length += args->tmpSigSz; … … 21351 22339 } 21352 22340 #endif 22341 22342 if (IsEncryptionOn(ssl, 1)) { 22343 args->sendSz += MAX_MSG_EXTRA; 22344 } 21353 22345 21354 22346 /* check for available size */ … … 21526 22518 } 21527 22519 #endif /* !defined(NO_DH) && !defined(NO_PSK) */ 21528 #if defined(HAVE_ECC) && !defined(NO_PSK) 22520 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 22521 !defined(NO_PSK) 21529 22522 case ecdhe_psk_kea: 21530 22523 { 21531 22524 break; 21532 22525 } 21533 #endif /* HAVE_ECC&& !NO_PSK */21534 #if def HAVE_ECC22526 #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ 22527 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 21535 22528 case ecc_diffie_hellman_kea: 21536 22529 { … … 21553 22546 ssl->suites->sigAlgo, ssl->suites->hashAlgo, 21554 22547 key, 21555 ssl->buffers.key->buffer, 21556 ssl->buffers.key->length, 22548 ssl->buffers.key 22549 ); 22550 break; 22551 } 22552 #endif /* !NO_RSA */ 22553 #ifdef HAVE_ECC 22554 case ecc_dsa_sa_algo: 22555 { 22556 ecc_key* key = (ecc_key*)ssl->hsKey; 22557 22558 ret = EccSign(ssl, 22559 ssl->buffers.sig.buffer, 22560 ssl->buffers.sig.length, 22561 args->output + LENGTH_SZ + args->idx, 22562 &args->sigSz, 22563 key, 21557 22564 #ifdef HAVE_PK_CALLBACKS 21558 ssl-> RsaSignCtx22565 ssl->buffers.key 21559 22566 #else 21560 22567 NULL … … 21563 22570 break; 21564 22571 } 21565 #endif /* !NO_RSA */ 21566 case ecc_dsa_sa_algo: 21567 { 21568 ecc_key* key = (ecc_key*)ssl->hsKey; 21569 21570 ret = EccSign(ssl, 21571 ssl->buffers.sig.buffer, 21572 ssl->buffers.sig.length, 21573 args->output + LENGTH_SZ + args->idx, 21574 &args->sigSz, 21575 key, 21576 #if defined(HAVE_PK_CALLBACKS) 21577 ssl->buffers.key->buffer, 21578 ssl->buffers.key->length, 21579 ssl->EccSignCtx 21580 #else 21581 NULL, 0, NULL 21582 #endif 21583 ); 21584 break; 21585 } 22572 #endif /* HAVE_ECC */ 21586 22573 #ifdef HAVE_ED25519 21587 22574 case ed25519_sa_algo: … … 21594 22581 &args->sigSz, 21595 22582 key, 21596 #if defined(HAVE_PK_CALLBACKS) 21597 ssl->buffers.key->buffer, 21598 ssl->buffers.key->length, 21599 ssl->Ed25519SignCtx 22583 #ifdef HAVE_PK_CALLBACKS 22584 ssl->buffers.key 21600 22585 #else 21601 NULL , 0, NULL22586 NULL 21602 22587 #endif 21603 22588 ); … … 21608 22593 break; 21609 22594 } 21610 #endif /* HAVE_ECC */22595 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 21611 22596 #if !defined(NO_DH) && !defined(NO_RSA) 21612 22597 case diffie_hellman_kea: … … 21634 22619 ssl->suites->sigAlgo, ssl->suites->hashAlgo, 21635 22620 key, 21636 ssl->buffers.key->buffer, 21637 ssl->buffers.key->length, 21638 #ifdef HAVE_PK_CALLBACKS 21639 ssl->RsaSignCtx 21640 #else 21641 NULL 21642 #endif 22621 ssl->buffers.key 21643 22622 ); 21644 22623 break; … … 21680 22659 } 21681 22660 #endif /* !defined(NO_DH) && !defined(NO_PSK) */ 21682 #if defined(HAVE_ECC) && !defined(NO_PSK) 22661 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 22662 !defined(NO_PSK) 21683 22663 case ecdhe_psk_kea: 21684 22664 { … … 21686 22666 break; 21687 22667 } 21688 #endif /* HAVE_ECC&& !NO_PSK */21689 #if def HAVE_ECC22668 #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ 22669 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 21690 22670 case ecc_diffie_hellman_kea: 21691 22671 { … … 21720 22700 ssl->buffers.sig.length, 21721 22701 ssl->suites->sigAlgo, ssl->suites->hashAlgo, 21722 key 22702 key, ssl->buffers.key 21723 22703 ); 21724 22704 break; … … 21726 22706 #endif 21727 22707 case ecc_dsa_sa_algo: 22708 #ifdef HAVE_ED25519 22709 case ed25519_sa_algo: 22710 #endif 21728 22711 { 21729 22712 /* Now that we know the real sig size, write it. */ … … 21736 22719 break; 21737 22720 } 21738 #ifdef HAVE_ED2551921739 case ed25519_sa_algo:21740 {21741 /* Now that we know the real sig size, write it. */21742 c16toa((word16)args->sigSz,21743 args->output + args->idx);21744 21745 /* And adjust length and sendSz from estimates */21746 args->length += args->sigSz - args->tmpSigSz;21747 args->sendSz += args->sigSz - args->tmpSigSz;21748 break;21749 }21750 #endif21751 22721 default: 21752 22722 ERROR_OUT(ALGO_ID_E, exit_sske); /* unsupported type */ … … 21754 22724 break; 21755 22725 } 21756 #endif /* HAVE_ECC */22726 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 21757 22727 #if !defined(NO_DH) && !defined(NO_RSA) 21758 22728 case diffie_hellman_kea: … … 21792 22762 ssl->buffers.sig.length, 21793 22763 ssl->suites->sigAlgo, ssl->suites->hashAlgo, 21794 key 22764 key, ssl->buffers.key 21795 22765 ); 21796 22766 break; … … 21838 22808 #endif 21839 22809 21840 #if defined(HAVE_ECC) 22810 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 21841 22811 if (ssl->specs.kea == ecdhe_psk_kea || 21842 22812 ssl->specs.kea == ecc_diffie_hellman_kea) { … … 21850 22820 } 21851 22821 } 21852 #endif /* HAVE_ECC */ 21853 22822 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 22823 22824 if (IsEncryptionOn(ssl, 1)) { 22825 args->inputSz = args->length + HANDSHAKE_HEADER_SZ; 22826 /* buildmsg adds rechdr */ 22827 args->input = (byte*)XMALLOC(args->inputSz, ssl->heap, 22828 DYNAMIC_TYPE_IN_BUFFER); 22829 if (args->input == NULL) { 22830 ERROR_OUT(MEMORY_E, exit_sske); 22831 } 22832 22833 XMEMCPY(args->input, args->output + RECORD_HEADER_SZ, 22834 args->inputSz); 22835 ret = BuildMessage(ssl, args->output, args->sendSz, 22836 args->input, args->inputSz, handshake, 1, 0, 0); 22837 XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 22838 args->input = NULL; 22839 /* make sure its not double free'd on cleanup */ 22840 22841 if (ret >= 0) { 22842 args->sendSz = ret; 22843 ret = 0; 22844 } 22845 } 22846 else { 21854 22847 #ifdef WOLFSSL_DTLS 21855 22848 if (IsDtlsNotSctpMode(ssl)) { 21856 if ((ret = DtlsMsgPoolSave(ssl, args->output, args->sendSz)) != 0) { 22849 if ((ret = DtlsMsgPoolSave(ssl, 22850 args->output, args->sendSz)) != 0) { 21857 22851 goto exit_sske; 21858 22852 } … … 21867 22861 goto exit_sske; 21868 22862 } 21869 21870 #ifdef WOLFSSL_CALLBACKS 22863 } 22864 22865 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 21871 22866 if (ssl->hsInfoOn) { 21872 AddPacketName( "ServerKeyExchange", &ssl->handShakeInfo);22867 AddPacketName(ssl, "ServerKeyExchange"); 21873 22868 } 21874 22869 if (ssl->toInfoOn) { 21875 AddPacketInfo( "ServerKeyExchange", &ssl->timeoutInfo,21876 args->output, args->sendSz, ssl->heap);22870 AddPacketInfo(ssl, "ServerKeyExchange", handshake, 22871 args->output, args->sendSz, WRITE_PROTO, ssl->heap); 21877 22872 } 21878 22873 #endif … … 21900 22895 21901 22896 WOLFSSL_LEAVE("SendServerKeyExchange", ret); 22897 WOLFSSL_END(WC_FUNC_SERVER_KEY_EXCHANGE_SEND); 21902 22898 21903 22899 #ifdef WOLFSSL_ASYNC_CRYPT … … 21936 22932 21937 22933 #endif 22934 22935 #endif /* !WOLFSSL_NO_TLS12 */ 21938 22936 21939 22937 /* Make sure server cert/key are valid for this suite, true on success */ … … 22019 23017 } 22020 23018 22021 #ifdef HAVE_SUPPORTED_CURVES 23019 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 23020 defined(HAVE_SUPPORTED_CURVES) 22022 23021 if (!TLSX_ValidateSupportedCurves(ssl, first, second)) { 22023 23022 WOLFSSL_MSG("Don't have matching curves"); … … 22035 23034 } 22036 23035 else { 22037 WOLFSSL_MSG("Version of SSL connection does not support TLS_QSH"); 23036 WOLFSSL_MSG("Version of SSL connection does not support " 23037 "TLS_QSH"); 22038 23038 } 22039 23039 return 0; … … 22047 23047 int ret = TLSX_KeyShare_Establish(ssl); 22048 23048 if (ret == KEY_SHARE_ERROR) 22049 ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST ;23049 ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE; 22050 23050 else if (ret != 0) 22051 23051 return 0; 23052 } 23053 else if (first == TLS13_BYTE) { 23054 /* Can't negotiate TLS 1.3 cipher suites with lower protocol 23055 * version. */ 23056 return 0; 22052 23057 } 22053 23058 #endif … … 22133 23138 ProtocolVersion pv; 22134 23139 Suites clSuites; 23140 int ret = -1; 22135 23141 22136 23142 (void)inSz; … … 22138 23144 #ifdef WOLFSSL_CALLBACKS 22139 23145 if (ssl->hsInfoOn) 22140 AddPacketName( "ClientHello", &ssl->handShakeInfo);23146 AddPacketName(ssl, "ClientHello"); 22141 23147 if (ssl->toInfoOn) 22142 23148 AddLateName("ClientHello", &ssl->timeoutInfo); … … 22172 23178 byte haveRSA = 0; 22173 23179 byte havePSK = 0; 23180 int keySz = 0; 23181 22174 23182 if (!ssl->options.downgrade) { 22175 23183 WOLFSSL_MSG("Client trying to connect with lesser version"); … … 22207 23215 havePSK = ssl->options.havePSK; 22208 23216 #endif 22209 22210 InitSuites(ssl->suites, ssl->version, ssl->keySz, haveRSA, havePSK, 23217 #ifndef NO_CERTS 23218 keySz = ssl->buffers.keySz; 23219 #endif 23220 23221 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, 22211 23222 ssl->options.haveDH, ssl->options.haveNTRU, 22212 23223 ssl->options.haveECDSAsig, ssl->options.haveECC, … … 22266 23277 22267 23278 ssl->options.clientState = CLIENT_HELLO_COMPLETE; 23279 ssl->cbmode = SSL_CB_MODE_WRITE; 22268 23280 *inOutIdx = idx; 22269 23281 … … 22271 23283 /* DoClientHello uses same resume code */ 22272 23284 if (ssl->options.resuming) { /* let's try */ 22273 int ret = -1;22274 23285 WOLFSSL_SESSION* session = GetSession(ssl, 22275 23286 ssl->arrays->masterSecret, 1); … … 22313 23324 } 22314 23325 22315 return MatchSuite(ssl, &clSuites); 23326 ret = MatchSuite(ssl, &clSuites); 23327 if (ret != 0)return ret; 23328 return SanityCheckMsgReceived(ssl, client_hello); 22316 23329 } 22317 23330 22318 23331 #endif /* OLD_HELLO_ALLOWED */ 22319 23332 22320 23333 #ifndef WOLFSSL_NO_TLS12 23334 23335 int HandleTlsResumption(WOLFSSL* ssl, int bogusID, Suites* clSuites) 23336 { 23337 int ret = 0; 23338 WOLFSSL_SESSION* session = GetSession(ssl, 23339 ssl->arrays->masterSecret, 1); 23340 23341 (void)bogusID; 23342 23343 #ifdef HAVE_SESSION_TICKET 23344 if (ssl->options.useTicket == 1) { 23345 session = &ssl->session; 23346 } else if (bogusID == 1 && ssl->options.rejectTicket == 0) { 23347 WOLFSSL_MSG("Bogus session ID without session ticket"); 23348 return BUFFER_ERROR; 23349 } 23350 #endif 23351 23352 if (!session) { 23353 WOLFSSL_MSG("Session lookup for resume failed"); 23354 ssl->options.resuming = 0; 23355 } 23356 else if (session->haveEMS != ssl->options.haveEMS) { 23357 /* RFC 7627, 5.3, server-side */ 23358 /* if old sess didn't have EMS, but new does, full handshake */ 23359 if (!session->haveEMS && ssl->options.haveEMS) { 23360 WOLFSSL_MSG("Attempting to resume a session that didn't " 23361 "use EMS with a new session with EMS. Do full " 23362 "handshake."); 23363 ssl->options.resuming = 0; 23364 } 23365 /* if old sess used EMS, but new doesn't, MUST abort */ 23366 else if (session->haveEMS && !ssl->options.haveEMS) { 23367 WOLFSSL_MSG("Trying to resume a session with EMS without " 23368 "using EMS"); 23369 return EXT_MASTER_SECRET_NEEDED_E; 23370 } 23371 #ifdef HAVE_EXT_CACHE 23372 wolfSSL_SESSION_free(session); 23373 #endif 23374 } 23375 else { 23376 #ifdef HAVE_EXT_CACHE 23377 wolfSSL_SESSION_free(session); 23378 #endif 23379 if (MatchSuite(ssl, clSuites) < 0) { 23380 WOLFSSL_MSG("Unsupported cipher suite, ClientHello"); 23381 return UNSUPPORTED_SUITE; 23382 } 23383 23384 ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, 23385 RAN_LEN); 23386 if (ret != 0) 23387 return ret; 23388 23389 #ifdef NO_OLD_TLS 23390 ret = DeriveTlsKeys(ssl); 23391 #else 23392 #ifndef NO_TLS 23393 if (ssl->options.tls) 23394 ret = DeriveTlsKeys(ssl); 23395 #endif 23396 if (!ssl->options.tls) 23397 ret = DeriveKeys(ssl); 23398 #endif 23399 ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; 23400 } 23401 23402 return ret; 23403 } 23404 23405 23406 /* handle processing of client_hello (1) */ 22321 23407 int DoClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, 22322 23408 word32 helloSz) … … 22328 23414 word32 i = *inOutIdx; 22329 23415 word32 begin = i; 23416 int ret = 0; 22330 23417 #ifdef WOLFSSL_DTLS 22331 23418 Hmac cookieHmac; … … 22338 23425 #endif /* WOLFSSL_DTLS */ 22339 23426 23427 WOLFSSL_START(WC_FUNC_CLIENT_HELLO_DO); 23428 WOLFSSL_ENTER("DoClientHello"); 23429 22340 23430 #ifdef WOLFSSL_CALLBACKS 22341 if (ssl->hsInfoOn) AddPacketName( "ClientHello", &ssl->handShakeInfo);23431 if (ssl->hsInfoOn) AddPacketName(ssl, "ClientHello"); 22342 23432 if (ssl->toInfoOn) AddLateName("ClientHello", &ssl->timeoutInfo); 22343 23433 #endif 22344 22345 23434 /* protocol version, random and session id length check */ 22346 23435 if ((i - begin) + OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz) … … 22352 23441 #ifdef WOLFSSL_DTLS 22353 23442 if (IsDtlsNotSctpMode(ssl)) { 22354 int ret;22355 23443 #if defined(NO_SHA) && defined(NO_SHA256) 22356 23444 #error "DTLS needs either SHA or SHA-256" … … 22379 23467 i += OPAQUE16_LEN; 22380 23468 23469 /* Legacy protocol version cannot negotiate TLS 1.3 or higher. */ 23470 if (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR) 23471 pv.minor = TLSv1_2_MINOR; 23472 22381 23473 if ((!ssl->options.dtls && ssl->version.minor > pv.minor) || 22382 23474 (ssl->options.dtls && ssl->version.minor != DTLS_MINOR … … 22499 23591 #ifdef WOLFSSL_DTLS 22500 23592 if (IsDtlsNotSctpMode(ssl)) { 22501 intret = wc_HmacUpdate(&cookieHmac, input + i, RAN_LEN);23593 ret = wc_HmacUpdate(&cookieHmac, input + i, RAN_LEN); 22502 23594 if (ret != 0) return ret; 22503 23595 } … … 22532 23624 #ifdef WOLFSSL_DTLS 22533 23625 if (IsDtlsNotSctpMode(ssl)) { 22534 intret = wc_HmacUpdate(&cookieHmac, input + i - 1, b + 1);23626 ret = wc_HmacUpdate(&cookieHmac, input + i - 1, b + 1); 22535 23627 if (ret != 0) return ret; 22536 23628 } … … 22588 23680 /* check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite */ 22589 23681 if (FindSuite(&clSuites, 0, TLS_EMPTY_RENEGOTIATION_INFO_SCSV) >= 0) { 22590 int ret = 0; 22591 22592 ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions, ssl->heap); 23682 ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions); 22593 23683 if (ret != WOLFSSL_SUCCESS) 22594 23684 return ret; 23685 ssl->secure_renegotiation->enabled = 1; 22595 23686 } 22596 23687 #endif /* HAVE_SERVER_RENEGOTIATION_INFO */ … … 22598 23689 #ifdef WOLFSSL_DTLS 22599 23690 if (IsDtlsNotSctpMode(ssl)) { 22600 intret = wc_HmacUpdate(&cookieHmac,23691 ret = wc_HmacUpdate(&cookieHmac, 22601 23692 input + i - OPAQUE16_LEN, 22602 23693 clSuites.suiteSz + OPAQUE16_LEN); … … 22621 23712 if (IsDtlsNotSctpMode(ssl)) { 22622 23713 byte newCookie[MAX_COOKIE_LEN]; 22623 int ret;22624 23714 22625 23715 ret = wc_HmacUpdate(&cookieHmac, input + i - 1, b + 1); … … 22658 23748 22659 23749 { 22660 /* co pmression match types */23750 /* compression match types */ 22661 23751 int matchNo = 0; 22662 23752 int matchZlib = 0; … … 22694 23784 QSH_Init(ssl); 22695 23785 #endif 22696 if (TLSX_SupportExtensions(ssl)) { 22697 int ret = 0; 23786 if (TLSX_SupportExtensions(ssl)) 22698 23787 #else 22699 if (IsAtLeastTLSv1_2(ssl)) { 22700 #endif 23788 if (IsAtLeastTLSv1_2(ssl)) 23789 #endif 23790 { 22701 23791 /* Process the hello extension. Skip unsupported. */ 22702 23792 word16 totalExtSz; … … 22730 23820 } 22731 23821 #endif 22732 #ifdefined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)23822 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 22733 23823 if((ret=SNI_Callback(ssl))) 22734 23824 return ret; 22735 23825 ssl->options.side = WOLFSSL_SERVER_END; 22736 #endif /*HAVE_STUNNEL*/ 23826 #endif 22737 23827 22738 23828 i += totalExtSz; … … 22753 23843 22754 23844 if (extId == HELLO_EXT_SIG_ALGO) { 22755 ato16(&input[i], &clSuites.hashSigAlgoSz); 23845 word16 hashSigAlgoSz; 23846 23847 ato16(&input[i], &hashSigAlgoSz); 22756 23848 i += OPAQUE16_LEN; 22757 23849 22758 if (OPAQUE16_LEN + clSuites.hashSigAlgoSz > extSz)23850 if (OPAQUE16_LEN + hashSigAlgoSz > extSz) 22759 23851 return BUFFER_ERROR; 22760 23852 23853 clSuites.hashSigAlgoSz = hashSigAlgoSz; 23854 if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) { 23855 WOLFSSL_MSG("ClientHello SigAlgo list exceeds max, " 23856 "truncating"); 23857 clSuites.hashSigAlgoSz = WOLFSSL_MAX_SIGALGO; 23858 } 23859 22761 23860 XMEMCPY(clSuites.hashSigAlgo, &input[i], 22762 min(clSuites.hashSigAlgoSz, HELLO_EXT_SIGALGO_MAX)); 22763 i += clSuites.hashSigAlgoSz; 22764 22765 if (clSuites.hashSigAlgoSz > HELLO_EXT_SIGALGO_MAX) 22766 clSuites.hashSigAlgoSz = HELLO_EXT_SIGALGO_MAX; 23861 clSuites.hashSigAlgoSz); 23862 23863 i += hashSigAlgoSz; 22767 23864 } 22768 23865 #ifdef HAVE_EXTENDED_MASTER … … 22787 23884 /* ProcessOld uses same resume code */ 22788 23885 if (ssl->options.resuming) { 22789 int ret = -1;22790 WOLFSSL_SESSION* session = GetSession(ssl,22791 ssl->arrays->masterSecret, 1);22792 #ifdef HAVE_SESSION_TICKET22793 if (ssl->options.useTicket == 1) {22794 session = &ssl->session;22795 } else if (bogusID == 1 && ssl->options.rejectTicket == 0) { 22796 WOLFSSL_MSG("Bogus session ID without session ticket");22797 return BUFFER_ERROR;23886 ret = HandleTlsResumption(ssl, bogusID, &clSuites); 23887 if (ret != 0) 23888 return ret; 23889 if (ssl->options.clientState == CLIENT_KEYEXCHANGE_COMPLETE) { 23890 WOLFSSL_LEAVE("DoClientHello", ret); 23891 WOLFSSL_END(WC_FUNC_CLIENT_HELLO_DO); 23892 23893 return ret; 23894 } 22798 23895 } 22799 #endif 22800 22801 if (!session) { 22802 WOLFSSL_MSG("Session lookup for resume failed"); 22803 ssl->options.resuming = 0; 22804 } 22805 else if (session->haveEMS != ssl->options.haveEMS) { 22806 /* RFC 7627, 5.3, server-side */ 22807 /* if old sess didn't have EMS, but new does, full handshake */ 22808 if (!session->haveEMS && ssl->options.haveEMS) { 22809 WOLFSSL_MSG("Attempting to resume a session that didn't " 22810 "use EMS with a new session with EMS. Do full " 22811 "handshake."); 22812 ssl->options.resuming = 0; 22813 } 22814 /* if old sess used EMS, but new doesn't, MUST abort */ 22815 else if (session->haveEMS && !ssl->options.haveEMS) { 22816 WOLFSSL_MSG("Trying to resume a session with EMS without " 22817 "using EMS"); 22818 return EXT_MASTER_SECRET_NEEDED_E; 22819 } 22820 #ifdef HAVE_EXT_CACHE 22821 wolfSSL_SESSION_free(session); 22822 #endif 22823 } 22824 else { 22825 #ifdef HAVE_EXT_CACHE 22826 wolfSSL_SESSION_free(session); 22827 #endif 22828 if (MatchSuite(ssl, &clSuites) < 0) { 22829 WOLFSSL_MSG("Unsupported cipher suite, ClientHello"); 22830 return UNSUPPORTED_SUITE; 22831 } 22832 22833 ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, 22834 RAN_LEN); 22835 if (ret != 0) 22836 return ret; 22837 22838 #ifdef NO_OLD_TLS 22839 ret = DeriveTlsKeys(ssl); 22840 #else 22841 #ifndef NO_TLS 22842 if (ssl->options.tls) 22843 ret = DeriveTlsKeys(ssl); 22844 #endif 22845 if (!ssl->options.tls) 22846 ret = DeriveKeys(ssl); 23896 ret = MatchSuite(ssl, &clSuites); 23897 23898 #ifdef HAVE_SECURE_RENEGOTIATION 23899 if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled && 23900 IsEncryptionOn(ssl, 0)) { 23901 ssl->secure_renegotiation->startScr = 1; 23902 } 22847 23903 #endif 22848 ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; 23904 WOLFSSL_LEAVE("DoClientHello", ret); 23905 WOLFSSL_END(WC_FUNC_CLIENT_HELLO_DO); 22849 23906 22850 23907 return ret; 22851 23908 } 22852 } 22853 return MatchSuite(ssl, &clSuites); 22854 } 22855 22856 22857 #if !defined(NO_RSA) || defined(HAVE_ECC) 23909 23910 23911 #if (!defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519)) && \ 23912 !defined(WOLFSSL_NO_CLIENT_AUTH) 22858 23913 22859 23914 typedef struct DcvArgs { … … 22876 23931 } 22877 23932 23933 /* handle processing of certificate_verify (15) */ 22878 23934 static int DoCertificateVerify(WOLFSSL* ssl, byte* input, 22879 23935 word32* inOutIdx, word32 size) … … 22888 23944 #endif 22889 23945 23946 WOLFSSL_START(WC_FUNC_CERTIFICATE_VERIFY_DO); 22890 23947 WOLFSSL_ENTER("DoCertificateVerify"); 22891 23948 … … 22919 23976 #ifdef WOLFSSL_CALLBACKS 22920 23977 if (ssl->hsInfoOn) 22921 AddPacketName( "CertificateVerify", &ssl->handShakeInfo);23978 AddPacketName(ssl, "CertificateVerify"); 22922 23979 if (ssl->toInfoOn) 22923 23980 AddLateName("CertificateVerify", &ssl->timeoutInfo); … … 22948 24005 args->sigAlgo = ecc_dsa_sa_algo; 22949 24006 #endif 22950 #if def HAVE_ED2551924007 #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH) 22951 24008 else if (ssl->peerEd25519KeyPresent) 22952 24009 args->sigAlgo = ed25519_sa_algo; 22953 #endif 24010 #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */ 22954 24011 22955 24012 if ((args->idx - args->begin) + OPAQUE16_LEN > size) { … … 22992 24049 } 22993 24050 #endif /* HAVE_ECC */ 22994 #if def HAVE_ED2551924051 #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH) 22995 24052 if (ssl->peerEd25519KeyPresent) { 22996 24053 WOLFSSL_MSG("Doing ED25519 peer cert verify"); … … 23001 24058 } 23002 24059 } 23003 #endif /* HAVE_ED25519 */24060 #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */ 23004 24061 23005 24062 /* Advance state and proceed */ … … 23021 24078 ssl->peerRsaKey, 23022 24079 #ifdef HAVE_PK_CALLBACKS 23023 ssl->buffers.peerRsaKey.buffer, 23024 ssl->buffers.peerRsaKey.length, 23025 ssl->RsaVerifyCtx 24080 &ssl->buffers.peerRsaKey 23026 24081 #else 23027 NULL , 0, NULL24082 NULL 23028 24083 #endif 23029 24084 ); … … 23048 24103 ssl->peerEccDsaKey, 23049 24104 #ifdef HAVE_PK_CALLBACKS 23050 ssl->buffers.peerEccDsaKey.buffer, 23051 ssl->buffers.peerEccDsaKey.length, 23052 ssl->EccVerifyCtx 24105 &ssl->buffers.peerEccDsaKey 23053 24106 #else 23054 NULL , 0, NULL24107 NULL 23055 24108 #endif 23056 24109 ); 23057 24110 } 23058 24111 #endif /* HAVE_ECC */ 24112 #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH) 24113 if (ssl->peerEd25519KeyPresent) { 24114 WOLFSSL_MSG("Doing Ed25519 peer cert verify"); 24115 24116 ret = Ed25519Verify(ssl, 24117 input + args->idx, args->sz, 24118 ssl->hsHashes->messages, ssl->hsHashes->prevLen, 24119 ssl->peerEd25519Key, 24120 #ifdef HAVE_PK_CALLBACKS 24121 &ssl->buffers.peerEd25519Key 24122 #else 24123 NULL 24124 #endif 24125 ); 24126 } 24127 #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */ 23059 24128 23060 24129 /* Check for error */ … … 23083 24152 HashAlgoToType(args->hashAlgo)); 23084 24153 if (ret != 0) 23085 return ret;24154 goto exit_dcv; 23086 24155 } 23087 24156 else … … 23141 24210 case TLS_ASYNC_FINALIZE: 23142 24211 { 24212 if (IsEncryptionOn(ssl, 0)) { 24213 args->idx += ssl->keys.padSz; 24214 } 24215 23143 24216 ssl->options.havePeerVerify = 1; 23144 24217 … … 23162 24235 23163 24236 WOLFSSL_LEAVE("DoCertificateVerify", ret); 24237 WOLFSSL_END(WC_FUNC_CERTIFICATE_VERIFY_DO); 23164 24238 23165 24239 #ifdef WOLFSSL_ASYNC_CRYPT 23166 24240 /* Handle async operation */ 23167 24241 if (ret == WC_PENDING_E) { 23168 /* Mark message as not rece vied so it can process again */24242 /* Mark message as not received so it can process again */ 23169 24243 ssl->msgsReceived.got_certificate_verify = 0; 23170 24244 … … 23172 24246 } 23173 24247 #endif /* WOLFSSL_ASYNC_CRYPT */ 23174 24248 #ifdef OPENSSL_EXTRA 24249 if (ret != 0){ 24250 SendAlert(ssl, alert_fatal, bad_certificate); 24251 } 24252 #endif 23175 24253 /* Digest is not allocated, so do this to prevent free */ 23176 24254 ssl->buffers.digest.buffer = NULL; … … 23184 24262 } 23185 24263 23186 #endif /* !NO_RSA || HAVE_ECC */ 23187 24264 #endif /* (!NO_RSA || HAVE_ECC || HAVE_ED25519) && !WOLFSSL_NO_CLIENT_AUTH */ 24265 24266 /* handle generation of server_hello_done (14) */ 23188 24267 int SendServerHelloDone(WOLFSSL* ssl) 23189 24268 { … … 23192 24271 int ret; 23193 24272 24273 WOLFSSL_START(WC_FUNC_SERVER_HELLO_DONE_SEND); 24274 WOLFSSL_ENTER("SendServerHelloDone"); 24275 23194 24276 #ifdef WOLFSSL_DTLS 23195 24277 if (ssl->options.dtls) … … 23197 24279 #endif 23198 24280 24281 if (IsEncryptionOn(ssl, 1)) 24282 sendSz += MAX_MSG_EXTRA; 24283 23199 24284 /* check for available size */ 23200 24285 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) … … 23207 24292 AddHeaders(output, 0, server_hello_done, ssl); 23208 24293 24294 if (IsEncryptionOn(ssl, 1)) { 24295 byte* input; 24296 int inputSz = HANDSHAKE_HEADER_SZ; /* build msg adds rec hdr */ 24297 24298 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 24299 if (input == NULL) 24300 return MEMORY_E; 24301 24302 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 24303 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 24304 handshake, 1, 0, 0); 24305 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 24306 24307 if (sendSz < 0) 24308 return sendSz; 24309 } else { 23209 24310 #ifdef WOLFSSL_DTLS 23210 24311 if (IsDtlsNotSctpMode(ssl)) { 23211 24312 if ((ret = DtlsMsgPoolSave(ssl, output, sendSz)) != 0) 23212 return 0; 23213 } 23214 24313 return ret; 24314 } 23215 24315 if (ssl->options.dtls) 23216 24316 DtlsSEQIncrement(ssl, CUR_ORDER); 23217 24317 #endif 23218 23219 24318 ret = HashOutput(ssl, output, sendSz, 0); 23220 24319 if (ret != 0) 23221 24320 return ret; 23222 23223 #ifdef WOLFSSL_CALLBACKS 24321 } 24322 24323 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 23224 24324 if (ssl->hsInfoOn) 23225 AddPacketName( "ServerHelloDone", &ssl->handShakeInfo);24325 AddPacketName(ssl, "ServerHelloDone"); 23226 24326 if (ssl->toInfoOn) 23227 AddPacketInfo( "ServerHelloDone", &ssl->timeoutInfo, output, sendSz,23228 24327 AddPacketInfo(ssl, "ServerHelloDone", handshake, output, sendSz, 24328 WRITE_PROTO, ssl->heap); 23229 24329 #endif 23230 24330 ssl->options.serverState = SERVER_HELLODONE_COMPLETE; … … 23232 24332 ssl->buffers.outputBuffer.length += sendSz; 23233 24333 23234 return SendBuffered(ssl); 23235 } 23236 24334 ret = SendBuffered(ssl); 24335 24336 WOLFSSL_LEAVE("SendServerHelloDone", ret); 24337 WOLFSSL_END(WC_FUNC_SERVER_HELLO_DONE_SEND); 24338 24339 return ret; 24340 } 24341 24342 #endif /* !WOLFSSL_NO_TLS12 */ 23237 24343 23238 24344 #ifdef HAVE_SESSION_TICKET … … 23251 24357 #ifdef WOLFSSL_TLS13 23252 24358 word32 ageAdd; /* Obfuscation of age */ 23253 byte namedGroup; /* Named group used */ 24359 word16 namedGroup; /* Named group used */ 24360 #ifndef WOLFSSL_TLS13_DRAFT_18 24361 TicketNonce ticketNonce; /* Ticket nonce */ 24362 #endif 23254 24363 #ifdef WOLFSSL_EARLY_DATA 23255 24364 word32 maxEarlyDataSz; /* Max size of early data */ … … 23307 24416 /* Resumption master secret. */ 23308 24417 XMEMCPY(it.msecret, ssl->session.masterSecret, SECRET_LEN); 24418 #ifndef WOLFSSL_TLS13_DRAFT_18 24419 XMEMCPY(&it.ticketNonce, &ssl->session.ticketNonce, 24420 sizeof(TicketNonce)); 24421 #endif 23309 24422 #endif 23310 24423 } … … 23375 24488 word16 inLen; 23376 24489 24490 WOLFSSL_START(WC_FUNC_TICKET_DO); 24491 WOLFSSL_ENTER("DoClientTicket"); 24492 23377 24493 if (len > SESSION_TICKET_LEN || 23378 24494 len < (word32)(sizeof(InternalTicket) + WOLFSSL_TICKET_FIXED_SZ)) { … … 23401 24517 /* get master secret */ 23402 24518 if (ret == WOLFSSL_TICKET_RET_OK || ret == WOLFSSL_TICKET_RET_CREATE) { 24519 if (ssl->version.minor < it->pv.minor) { 24520 WOLFSSL_MSG("Ticket has greater version"); 24521 return VERSION_ERROR; 24522 } 24523 else if (ssl->version.minor > it->pv.minor) { 24524 if (!ssl->options.downgrade) { 24525 WOLFSSL_MSG("Ticket has lesser version"); 24526 return VERSION_ERROR; 24527 } 24528 24529 WOLFSSL_MSG("Downgrading protocol due to ticket"); 24530 24531 if (it->pv.minor < ssl->options.minDowngrade) 24532 return VERSION_ERROR; 24533 ssl->version.minor = it->pv.minor; 24534 } 24535 23403 24536 if (!IsAtLeastTLSv1_3(ssl->version)) { 23404 24537 XMEMCPY(ssl->arrays->masterSecret, it->msecret, SECRET_LEN); … … 23419 24552 /* Resumption master secret. */ 23420 24553 XMEMCPY(ssl->session.masterSecret, it->msecret, SECRET_LEN); 24554 #ifndef WOLFSSL_TLS13_DRAFT_18 24555 XMEMCPY(&ssl->session.ticketNonce, &it->ticketNonce, 24556 sizeof(TicketNonce)); 24557 #endif 23421 24558 ssl->session.namedGroup = it->namedGroup; 23422 24559 #endif 23423 24560 } 23424 24561 } 24562 24563 WOLFSSL_LEAVE("DoClientTicket", ret); 24564 WOLFSSL_END(WC_FUNC_TICKET_DO); 23425 24565 23426 24566 return ret; … … 23437 24577 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 23438 24578 24579 WOLFSSL_START(WC_FUNC_TICKET_SEND); 24580 WOLFSSL_ENTER("SendTicket"); 24581 23439 24582 if (ssl->options.createTicket) { 23440 24583 ret = CreateTicket(ssl); … … 23445 24588 sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; 23446 24589 24590 if (!ssl->options.dtls) { 24591 if (IsEncryptionOn(ssl, 1) && ssl->options.handShakeDone) 24592 sendSz += MAX_MSG_EXTRA; 24593 } 24594 else { 23447 24595 #ifdef WOLFSSL_DTLS 23448 if (ssl->options.dtls) {23449 24596 sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; 23450 24597 idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; 23451 }23452 24598 #endif 24599 } 23453 24600 /* check for available size */ 23454 24601 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) … … 23471 24618 /* ticket */ 23472 24619 XMEMCPY(output + idx, ssl->session.ticket, ssl->session.ticketLen); 23473 /* idx += ssl->session.ticketLen; */ 23474 24620 idx += ssl->session.ticketLen; 24621 24622 if (IsEncryptionOn(ssl, 1) && ssl->options.handShakeDone) { 24623 byte* input; 24624 int inputSz = idx - RECORD_HEADER_SZ; /* build msg adds rec hdr */ 24625 24626 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 24627 if (input == NULL) 24628 return MEMORY_E; 24629 24630 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 24631 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 24632 handshake, 1, 0, 0); 24633 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 24634 24635 if (sendSz < 0) 24636 return sendSz; 24637 } 24638 else { 23475 24639 #ifdef WOLFSSL_DTLS 23476 24640 if (ssl->options.dtls) { … … 23481 24645 } 23482 24646 #endif 23483 23484 24647 ret = HashOutput(ssl, output, sendSz, 0); 23485 if (ret != 0) return ret; 24648 if (ret != 0) 24649 return ret; 24650 } 24651 23486 24652 ssl->buffers.outputBuffer.length += sendSz; 23487 24653 23488 return SendBuffered(ssl); 24654 ret = SendBuffered(ssl); 24655 24656 WOLFSSL_LEAVE("SendTicket", ret); 24657 WOLFSSL_END(WC_FUNC_TICKET_SEND); 24658 24659 return ret; 23489 24660 } 23490 24661 23491 24662 #endif /* HAVE_SESSION_TICKET */ 23492 24663 24664 #ifndef WOLFSSL_NO_TLS12 24665 24666 #if defined(HAVE_SECURE_RENEGOTIATION) && \ 24667 defined(HAVE_SERVER_RENEGOTIATION_INFO) && \ 24668 !defined(WOLFSSL_NO_SERVER) 24669 24670 /* handle generation of server's hello_request (0) */ 24671 int SendHelloRequest(WOLFSSL* ssl) 24672 { 24673 byte* output; 24674 int sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 24675 int ret; 24676 24677 WOLFSSL_START(WC_FUNC_HELLO_REQUEST_SEND); 24678 WOLFSSL_ENTER("SendHelloRequest"); 24679 24680 if (IsEncryptionOn(ssl, 1)) 24681 sendSz += MAX_MSG_EXTRA; 24682 24683 /* check for available size */ 24684 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) 24685 return ret; 24686 24687 /* get output buffer */ 24688 output = ssl->buffers.outputBuffer.buffer + 24689 ssl->buffers.outputBuffer.length; 24690 24691 AddHeaders(output, 0, hello_request, ssl); 24692 24693 if (IsEncryptionOn(ssl, 1)) { 24694 byte* input; 24695 int inputSz = HANDSHAKE_HEADER_SZ; /* build msg adds rec hdr */ 24696 24697 input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 24698 if (input == NULL) 24699 return MEMORY_E; 24700 24701 XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz); 24702 sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, 24703 handshake, 0, 0, 0); 24704 XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); 24705 24706 if (sendSz < 0) 24707 return sendSz; 24708 } 24709 24710 ssl->buffers.outputBuffer.length += sendSz; 24711 24712 ret = SendBuffered(ssl); 24713 24714 WOLFSSL_LEAVE("SendHelloRequest", ret); 24715 WOLFSSL_END(WC_FUNC_HELLO_REQUEST_SEND); 24716 24717 return ret; 24718 } 24719 24720 #endif /* HAVE_SECURE_RENEGOTIATION && HAVE_SERVER_RENEGOTIATION_INFO */ 23493 24721 23494 24722 #ifdef WOLFSSL_DTLS 24723 /* handle generation of DTLS hello_verify_request (3) */ 23495 24724 static int SendHelloVerifyRequest(WOLFSSL* ssl, 23496 24725 const byte* cookie, byte cookieSz) … … 23530 24759 XMEMCPY(output + idx, cookie, cookieSz); 23531 24760 23532 #if def WOLFSSL_CALLBACKS24761 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 23533 24762 if (ssl->hsInfoOn) 23534 AddPacketName( "HelloVerifyRequest", &ssl->handShakeInfo);24763 AddPacketName(ssl, "HelloVerifyRequest"); 23535 24764 if (ssl->toInfoOn) 23536 AddPacketInfo( "HelloVerifyRequest", &ssl->timeoutInfo, output,23537 sendSz, ssl->heap);24765 AddPacketInfo(ssl, "HelloVerifyRequest", handshake, output, 24766 sendSz, WRITE_PROTO, ssl->heap); 23538 24767 #endif 23539 24768 … … 23550 24779 word32 begin; 23551 24780 word32 sigSz; 24781 #ifndef NO_RSA 24782 int lastErr; 24783 #endif 23552 24784 } DckeArgs; 23553 24785 … … 23560 24792 } 23561 24793 24794 /* handle processing client_key_exchange (16) */ 23562 24795 static int DoClientKeyExchange(WOLFSSL* ssl, byte* input, word32* inOutIdx, 23563 24796 word32 size) … … 23572 24805 #endif 23573 24806 24807 (void)size; 24808 (void)input; 24809 24810 WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_DO); 23574 24811 WOLFSSL_ENTER("DoClientKeyExchange"); 23575 24812 … … 23630 24867 #endif /* !NO_CERTS */ 23631 24868 23632 #if def WOLFSSL_CALLBACKS24869 #if defined(WOLFSSL_CALLBACKS) 23633 24870 if (ssl->hsInfoOn) { 23634 AddPacketName( "ClientKeyExchange", &ssl->handShakeInfo);24871 AddPacketName(ssl, "ClientKeyExchange"); 23635 24872 } 23636 24873 if (ssl->toInfoOn) { … … 23639 24876 #endif 23640 24877 24878 if (ssl->arrays->preMasterSecret == NULL) { 24879 ssl->arrays->preMasterSecret = (byte*)XMALLOC(ENCRYPT_LEN, 24880 ssl->heap, DYNAMIC_TYPE_SECRET); 24881 if (ssl->arrays->preMasterSecret == NULL) { 24882 ERROR_OUT(MEMORY_E, exit_dcke); 24883 } 24884 XMEMSET(ssl->arrays->preMasterSecret, 0, ENCRYPT_LEN); 24885 } 24886 23641 24887 switch (ssl->specs.kea) { 23642 24888 #ifndef NO_RSA 23643 24889 case rsa_kea: 23644 24890 { 23645 /* make sure private key exists */23646 if (ssl->buffers.key == NULL ||23647 ssl->buffers.key->buffer == NULL) {23648 ERROR_OUT(NO_PRIVATE_KEY, exit_dcke);23649 }23650 24891 break; 23651 24892 } /* rsa_kea */ … … 23673 24914 } 23674 24915 #endif /* HAVE_NTRU */ 23675 #if def HAVE_ECC24916 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 23676 24917 case ecc_diffie_hellman_kea: 23677 24918 { 23678 24919 break; 23679 24920 } 23680 #endif /* HAVE_ECC */24921 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 23681 24922 #ifndef NO_DH 23682 24923 case diffie_hellman_kea: … … 23696 24937 } 23697 24938 #endif /* !NO_DH && !NO_PSK */ 23698 #if defined(HAVE_ECC) && !defined(NO_PSK) 24939 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 24940 !defined(NO_PSK) 23699 24941 case ecdhe_psk_kea: 23700 24942 { … … 23706 24948 break; 23707 24949 } 23708 #endif /* HAVE_ECC&& !NO_PSK */24950 #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ 23709 24951 default: 23710 24952 WOLFSSL_MSG("Bad kea type"); … … 23773 25015 WOLFSSL_MSG("RSA message too big"); 23774 25016 ERROR_OUT(BUFFER_ERROR, exit_dcke); 25017 } 25018 25019 /* pre-load PreMasterSecret with RNG data */ 25020 ret = wc_RNG_GenerateBlock(ssl->rng, 25021 &ssl->arrays->preMasterSecret[VERSION_SZ], 25022 SECRET_LEN - VERSION_SZ); 25023 if (ret != 0) { 25024 goto exit_dcke; 23775 25025 } 23776 25026 … … 24087 25337 } 24088 25338 #endif /* !NO_DH && !NO_PSK */ 24089 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) 25339 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 25340 !defined(NO_PSK) 24090 25341 case ecdhe_psk_kea: 24091 25342 { … … 24225 25476 { 24226 25477 RsaKey* key = (RsaKey*)ssl->hsKey; 25478 24227 25479 ret = RsaDec(ssl, 24228 25480 input + args->idx, … … 24231 25483 &args->sigSz, 24232 25484 key, 24233 #if defined(HAVE_PK_CALLBACKS) 24234 ssl->buffers.key->buffer, 24235 ssl->buffers.key->length, 24236 ssl->RsaDecCtx 25485 #ifdef HAVE_PK_CALLBACKS 25486 ssl->buffers.key 24237 25487 #else 24238 NULL , 0, NULL25488 NULL 24239 25489 #endif 24240 25490 ); 25491 25492 /* Errors that can occur here that should be 25493 * indistinguishable: 25494 * RSA_BUFFER_E, RSA_PAD_E and RSA_PRIVATE_ERROR 25495 */ 25496 if (ret < 0 && ret != BAD_FUNC_ARG) { 25497 #ifdef WOLFSSL_ASYNC_CRYPT 25498 if (ret == WC_PENDING_E) 25499 goto exit_dcke; 25500 #endif 25501 /* store error code for handling below */ 25502 args->lastErr = ret; 25503 ret = 0; 25504 } 24241 25505 break; 24242 25506 } /* rsa_kea */ … … 24258 25522 { 24259 25523 void* private_key = ssl->eccTempKey; 25524 (void)private_key; 24260 25525 24261 25526 #ifdef HAVE_CURVE25519 … … 24267 25532 ssl->arrays->preMasterSecret, 24268 25533 &ssl->arrays->preMasterSz, 24269 WOLFSSL_SERVER_END, 24270 #ifdef HAVE_PK_CALLBACKS 24271 ssl->EccSharedSecretCtx 24272 #else 24273 NULL 24274 #endif 25534 WOLFSSL_SERVER_END 24275 25535 ); 24276 25536 break; … … 24288 25548 ssl->arrays->preMasterSecret, 24289 25549 &ssl->arrays->preMasterSz, 24290 WOLFSSL_SERVER_END, 24291 #ifdef HAVE_PK_CALLBACKS 24292 ssl->EccSharedSecretCtx 24293 #else 24294 NULL 24295 #endif 25550 WOLFSSL_SERVER_END 24296 25551 ); 25552 #ifdef WOLFSSL_ASYNC_CRYPT 25553 if (ret != WC_PENDING_E) 25554 #endif 25555 { 25556 FreeKey(ssl, DYNAMIC_TYPE_ECC, 25557 (void**)&ssl->peerEccKey); 25558 ssl->peerEccKeyPresent = 0; 25559 } 24297 25560 #endif 24298 25561 break; … … 24325 25588 } 24326 25589 #endif /* !NO_DH && !NO_PSK */ 24327 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) 25590 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 25591 !defined(NO_PSK) 24328 25592 case ecdhe_psk_kea: 24329 25593 { … … 24336 25600 ssl->arrays->preMasterSecret + OPAQUE16_LEN, 24337 25601 &args->sigSz, 24338 WOLFSSL_SERVER_END, 24339 #ifdef HAVE_PK_CALLBACKS 24340 ssl->EccSharedSecretCtx 24341 #else 24342 NULL 24343 #endif 25602 WOLFSSL_SERVER_END 24344 25603 ); 25604 #ifdef WOLFSSL_ASYNC_CRYPT 25605 if (ret != WC_PENDING_E) 25606 #endif 25607 { 25608 FreeKey(ssl, DYNAMIC_TYPE_CURVE25519, 25609 (void**)&ssl->peerX25519Key); 25610 ssl->peerX25519KeyPresent = 0; 25611 } 24345 25612 break; 24346 25613 } … … 24352 25619 ssl->arrays->preMasterSecret + OPAQUE16_LEN, 24353 25620 &args->sigSz, 24354 WOLFSSL_SERVER_END, 24355 #ifdef HAVE_PK_CALLBACKS 24356 ssl->EccSharedSecretCtx 24357 #else 24358 NULL 24359 #endif 25621 WOLFSSL_SERVER_END 24360 25622 ); 25623 if (!ssl->specs.static_ecdh 25624 #ifdef WOLFSSL_ASYNC_CRYPT 25625 && ret != WC_PENDING_E 25626 #endif 25627 ) { 25628 FreeKey(ssl, DYNAMIC_TYPE_ECC, 25629 (void**)&ssl->peerEccKey); 25630 ssl->peerEccKeyPresent = 0; 25631 } 24361 25632 break; 24362 25633 } … … 24385 25656 args->idx += args->length; 24386 25657 24387 if (args->sigSz == SECRET_LEN && args->output != NULL) {24388 XMEMCPY(ssl->arrays->preMasterSecret, args->output, SECRET_LEN);24389 if (ssl->arrays->preMasterSecret[0] != ssl->chVersion.major ||24390 ssl->arrays->preMasterSecret[1] != ssl->chVersion.minor) {24391 ERROR_OUT(PMS_VERSION_ERROR, exit_dcke);24392 }25658 #ifdef DEBUG_WOLFSSL 25659 /* check version (debug warning message only) */ 25660 if (args->output != NULL) { 25661 if (args->output[0] != ssl->chVersion.major || 25662 args->output[1] != ssl->chVersion.minor) { 25663 WOLFSSL_MSG("preMasterSecret version mismatch"); 24393 25664 } 24394 else {24395 ERROR_OUT(RSA_PRIVATE_ERROR, exit_dcke);24396 25665 } 25666 #endif 25667 25668 /* RFC5246 7.4.7.1: 25669 * Treat incorrectly formatted message blocks and/or 25670 * mismatched version numbers in a manner 25671 * indistinguishable from correctly formatted RSA blocks 25672 */ 25673 25674 args->lastErr = 0; /* reset */ 25675 25676 /* build PreMasterSecret */ 25677 ssl->arrays->preMasterSecret[0] = ssl->chVersion.major; 25678 ssl->arrays->preMasterSecret[1] = ssl->chVersion.minor; 25679 if (args->output != NULL) { 25680 XMEMCPY(&ssl->arrays->preMasterSecret[VERSION_SZ], 25681 &args->output[VERSION_SZ], 25682 SECRET_LEN - VERSION_SZ); 25683 } 25684 /* preMasterSecret has RNG and version set 25685 * return proper length and ignore error 25686 * error will be caught as decryption error 25687 */ 25688 args->sigSz = SECRET_LEN; 25689 ret = 0; 24397 25690 break; 24398 25691 } /* rsa_kea */ … … 24410 25703 } 24411 25704 #endif /* HAVE_NTRU */ 24412 #if def HAVE_ECC25705 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 24413 25706 case ecc_diffie_hellman_kea: 24414 25707 { … … 24417 25710 break; 24418 25711 } 24419 #endif /* HAVE_ECC */25712 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 24420 25713 #ifndef NO_DH 24421 25714 case diffie_hellman_kea: … … 24457 25750 } 24458 25751 #endif /* !NO_DH && !NO_PSK */ 24459 #if defined(HAVE_ECC) && !defined(NO_PSK) 25752 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 25753 !defined(NO_PSK) 24460 25754 case ecdhe_psk_kea: 24461 25755 { … … 24490 25784 break; 24491 25785 } 24492 #endif /* HAVE_ECC&& !NO_PSK */25786 #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ 24493 25787 default: 24494 25788 ret = BAD_KEA_TYPE_E; … … 24507 25801 case TLS_ASYNC_FINALIZE: 24508 25802 { 25803 if (IsEncryptionOn(ssl, 0)) { 25804 args->idx += ssl->keys.padSz; 25805 } 25806 24509 25807 #ifdef HAVE_QSH 24510 25808 word16 name; … … 24564 25862 24565 25863 WOLFSSL_LEAVE("DoClientKeyExchange", ret); 25864 WOLFSSL_END(WC_FUNC_CLIENT_KEY_EXCHANGE_DO); 24566 25865 24567 25866 #ifdef WOLFSSL_ASYNC_CRYPT 24568 25867 /* Handle async operation */ 24569 25868 if (ret == WC_PENDING_E) { 24570 /* Mark message as not rece vied so it can process again */25869 /* Mark message as not received so it can process again */ 24571 25870 ssl->msgsReceived.got_client_key_exchange = 0; 24572 25871 … … 24576 25875 24577 25876 /* Cleanup PMS */ 25877 if (ssl->arrays->preMasterSecret != NULL) { 24578 25878 ForceZero(ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz); 25879 } 24579 25880 ssl->arrays->preMasterSz = 0; 24580 25881 … … 24586 25887 } 24587 25888 24588 24589 #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 25889 #endif /* !WOLFSSL_NO_TLS12 */ 25890 25891 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ 25892 defined(WOLFSSL_HAPROXY) 24590 25893 int SNI_Callback(WOLFSSL* ssl) 24591 25894 { … … 24603 25906 return 0; 24604 25907 } 24605 #endif /* HAVE_STUNNEL || WOLGSSL_NGINX */ 25908 #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 25909 24606 25910 #endif /* NO_WOLFSSL_SERVER */ 24607 25911 … … 24699 26003 24700 26004 26005 /* return the max record size */ 26006 int wolfSSL_GetMaxRecordSize(WOLFSSL* ssl, int maxFragment) 26007 { 26008 (void) ssl; /* Avoid compiler warnings */ 26009 26010 if (maxFragment > MAX_RECORD_SIZE) { 26011 maxFragment = MAX_RECORD_SIZE; 26012 } 26013 26014 #ifdef HAVE_MAX_FRAGMENT 26015 if ((ssl->max_fragment != 0) && (maxFragment > ssl->max_fragment)) { 26016 maxFragment = ssl->max_fragment; 26017 } 26018 #endif /* HAVE_MAX_FRAGMENT */ 26019 #ifdef WOLFSSL_DTLS 26020 if ((ssl->options.dtls) && (maxFragment > MAX_UDP_SIZE)) { 26021 maxFragment = MAX_UDP_SIZE; 26022 } 26023 #endif 26024 26025 return maxFragment; 26026 } 26027 26028 24701 26029 #undef ERROR_OUT 24702 26030 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src/keys.c
r337 r372 245 245 switch (ssl->options.cipherSuite) { 246 246 247 #if def HAVE_ECC247 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 248 248 249 249 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 … … 260 260 ssl->specs.iv_size = AES_IV_SIZE; 261 261 ssl->specs.block_size = AES_BLOCK_SIZE; 262 262 263 break; 263 264 #endif 265 266 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 267 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : 268 ssl->specs.bulk_cipher_algorithm = wolfssl_aes; 269 ssl->specs.cipher_type = block; 270 ssl->specs.mac_algorithm = sha384_mac; 271 ssl->specs.kea = ecc_diffie_hellman_kea; 272 ssl->specs.sig_algo = rsa_sa_algo; 273 ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE; 274 ssl->specs.pad_size = PAD_SHA; 275 ssl->specs.static_ecdh = 0; 276 ssl->specs.key_size = AES_256_KEY_SIZE; 277 ssl->specs.iv_size = AES_IV_SIZE; 278 ssl->specs.block_size = AES_BLOCK_SIZE; 279 280 break; 281 #endif 282 283 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 284 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : 285 ssl->specs.bulk_cipher_algorithm = wolfssl_aes; 286 ssl->specs.cipher_type = block; 287 ssl->specs.mac_algorithm = sha_mac; 288 ssl->specs.kea = ecc_diffie_hellman_kea; 289 ssl->specs.sig_algo = rsa_sa_algo; 290 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE; 291 ssl->specs.pad_size = PAD_SHA; 292 ssl->specs.static_ecdh = 0; 293 ssl->specs.key_size = AES_128_KEY_SIZE; 294 ssl->specs.block_size = AES_BLOCK_SIZE; 295 ssl->specs.iv_size = AES_IV_SIZE; 296 297 break; 298 #endif 299 300 #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 301 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : 302 ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des; 303 ssl->specs.cipher_type = block; 304 ssl->specs.mac_algorithm = sha_mac; 305 ssl->specs.kea = ecc_diffie_hellman_kea; 306 ssl->specs.sig_algo = rsa_sa_algo; 307 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE; 308 ssl->specs.pad_size = PAD_SHA; 309 ssl->specs.static_ecdh = 0; 310 ssl->specs.key_size = DES3_KEY_SIZE; 311 ssl->specs.block_size = DES_BLOCK_SIZE; 312 ssl->specs.iv_size = DES_IV_SIZE; 313 314 break; 315 #endif 316 317 #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA 318 case TLS_ECDHE_RSA_WITH_RC4_128_SHA : 319 ssl->specs.bulk_cipher_algorithm = wolfssl_rc4; 320 ssl->specs.cipher_type = stream; 321 ssl->specs.mac_algorithm = sha_mac; 322 ssl->specs.kea = ecc_diffie_hellman_kea; 323 ssl->specs.sig_algo = rsa_sa_algo; 324 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE; 325 ssl->specs.pad_size = PAD_SHA; 326 ssl->specs.static_ecdh = 0; 327 ssl->specs.key_size = RC4_KEY_SIZE; 328 ssl->specs.iv_size = 0; 329 ssl->specs.block_size = 0; 330 331 break; 332 #endif 333 334 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 335 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : 336 ssl->specs.bulk_cipher_algorithm = wolfssl_aes; 337 ssl->specs.cipher_type = block; 338 ssl->specs.mac_algorithm = sha_mac; 339 ssl->specs.kea = ecc_diffie_hellman_kea; 340 ssl->specs.sig_algo = rsa_sa_algo; 341 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE; 342 ssl->specs.pad_size = PAD_SHA; 343 ssl->specs.static_ecdh = 0; 344 ssl->specs.key_size = AES_256_KEY_SIZE; 345 ssl->specs.block_size = AES_BLOCK_SIZE; 346 ssl->specs.iv_size = AES_IV_SIZE; 347 348 break; 349 #endif 350 351 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 352 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : 353 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm; 354 ssl->specs.cipher_type = aead; 355 ssl->specs.mac_algorithm = sha256_mac; 356 ssl->specs.kea = ecc_diffie_hellman_kea; 357 ssl->specs.sig_algo = rsa_sa_algo; 358 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE; 359 ssl->specs.pad_size = PAD_SHA; 360 ssl->specs.static_ecdh = 0; 361 ssl->specs.key_size = AES_128_KEY_SIZE; 362 ssl->specs.block_size = AES_BLOCK_SIZE; 363 ssl->specs.iv_size = AESGCM_IMP_IV_SZ; 364 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 365 366 break; 367 #endif 368 369 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 370 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 : 371 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm; 372 ssl->specs.cipher_type = aead; 373 ssl->specs.mac_algorithm = sha384_mac; 374 ssl->specs.kea = ecc_diffie_hellman_kea; 375 ssl->specs.sig_algo = rsa_sa_algo; 376 ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE; 377 ssl->specs.pad_size = PAD_SHA; 378 ssl->specs.static_ecdh = 0; 379 ssl->specs.key_size = AES_256_KEY_SIZE; 380 ssl->specs.block_size = AES_BLOCK_SIZE; 381 ssl->specs.iv_size = AESGCM_IMP_IV_SZ; 382 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 383 384 break; 385 #endif 386 387 #ifdef BUILD_TLS_ECDHE_PSK_WITH_NULL_SHA256 388 case TLS_ECDHE_PSK_WITH_NULL_SHA256 : 389 ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null; 390 ssl->specs.cipher_type = stream; 391 ssl->specs.mac_algorithm = sha256_mac; 392 ssl->specs.kea = ecdhe_psk_kea; 393 ssl->specs.sig_algo = anonymous_sa_algo; 394 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE; 395 ssl->specs.pad_size = PAD_SHA; 396 ssl->specs.static_ecdh = 0; 397 ssl->specs.key_size = 0; 398 ssl->specs.block_size = 0; 399 ssl->specs.iv_size = 0; 400 401 ssl->options.usingPSK_cipher = 1; 402 break; 403 #endif 404 405 #ifdef BUILD_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 406 case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 : 407 ssl->specs.bulk_cipher_algorithm = wolfssl_aes; 408 ssl->specs.cipher_type = block; 409 ssl->specs.mac_algorithm = sha256_mac; 410 ssl->specs.kea = ecdhe_psk_kea; 411 ssl->specs.sig_algo = anonymous_sa_algo; 412 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE; 413 ssl->specs.pad_size = PAD_SHA; 414 ssl->specs.static_ecdh = 0; 415 ssl->specs.key_size = AES_128_KEY_SIZE; 416 ssl->specs.block_size = AES_BLOCK_SIZE; 417 ssl->specs.iv_size = AES_IV_SIZE; 418 419 ssl->options.usingPSK_cipher = 1; 420 break; 421 #endif 422 423 #endif /* HAVE_ECC || HAVE_CURVE25519 */ 424 425 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) 264 426 265 427 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 … … 276 438 ssl->specs.iv_size = AES_IV_SIZE; 277 439 ssl->specs.block_size = AES_BLOCK_SIZE; 278 break; 279 #endif 440 441 break; 442 #endif 443 444 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 445 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 : 446 ssl->specs.bulk_cipher_algorithm = wolfssl_aes; 447 ssl->specs.cipher_type = block; 448 ssl->specs.mac_algorithm = sha384_mac; 449 ssl->specs.kea = ecc_diffie_hellman_kea; 450 ssl->specs.sig_algo = ecc_dsa_sa_algo; 451 ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE; 452 ssl->specs.pad_size = PAD_SHA; 453 ssl->specs.static_ecdh = 0; 454 ssl->specs.key_size = AES_256_KEY_SIZE; 455 ssl->specs.iv_size = AES_IV_SIZE; 456 ssl->specs.block_size = AES_BLOCK_SIZE; 457 458 break; 459 #endif 460 461 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 462 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : 463 ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des; 464 ssl->specs.cipher_type = block; 465 ssl->specs.mac_algorithm = sha_mac; 466 ssl->specs.kea = ecc_diffie_hellman_kea; 467 ssl->specs.sig_algo = ecc_dsa_sa_algo; 468 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE; 469 ssl->specs.pad_size = PAD_SHA; 470 ssl->specs.static_ecdh = 0; 471 ssl->specs.key_size = DES3_KEY_SIZE; 472 ssl->specs.block_size = DES_BLOCK_SIZE; 473 ssl->specs.iv_size = DES_IV_SIZE; 474 475 break; 476 #endif 477 478 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 479 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : 480 ssl->specs.bulk_cipher_algorithm = wolfssl_rc4; 481 ssl->specs.cipher_type = stream; 482 ssl->specs.mac_algorithm = sha_mac; 483 ssl->specs.kea = ecc_diffie_hellman_kea; 484 ssl->specs.sig_algo = ecc_dsa_sa_algo; 485 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE; 486 ssl->specs.pad_size = PAD_SHA; 487 ssl->specs.static_ecdh = 0; 488 ssl->specs.key_size = RC4_KEY_SIZE; 489 ssl->specs.iv_size = 0; 490 ssl->specs.block_size = 0; 491 492 break; 493 #endif 494 495 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 496 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : 497 ssl->specs.bulk_cipher_algorithm = wolfssl_aes; 498 ssl->specs.cipher_type = block; 499 ssl->specs.mac_algorithm = sha_mac; 500 ssl->specs.kea = ecc_diffie_hellman_kea; 501 ssl->specs.sig_algo = ecc_dsa_sa_algo; 502 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE; 503 ssl->specs.pad_size = PAD_SHA; 504 ssl->specs.static_ecdh = 0; 505 ssl->specs.key_size = AES_128_KEY_SIZE; 506 ssl->specs.block_size = AES_BLOCK_SIZE; 507 ssl->specs.iv_size = AES_IV_SIZE; 508 509 break; 510 #endif 511 512 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 513 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : 514 ssl->specs.bulk_cipher_algorithm = wolfssl_aes; 515 ssl->specs.cipher_type = block; 516 ssl->specs.mac_algorithm = sha_mac; 517 ssl->specs.kea = ecc_diffie_hellman_kea; 518 ssl->specs.sig_algo = ecc_dsa_sa_algo; 519 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE; 520 ssl->specs.pad_size = PAD_SHA; 521 ssl->specs.static_ecdh = 0; 522 ssl->specs.key_size = AES_256_KEY_SIZE; 523 ssl->specs.block_size = AES_BLOCK_SIZE; 524 ssl->specs.iv_size = AES_IV_SIZE; 525 526 break; 527 #endif 528 529 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 530 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 : 531 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm; 532 ssl->specs.cipher_type = aead; 533 ssl->specs.mac_algorithm = sha256_mac; 534 ssl->specs.kea = ecc_diffie_hellman_kea; 535 ssl->specs.sig_algo = ecc_dsa_sa_algo; 536 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE; 537 ssl->specs.pad_size = PAD_SHA; 538 ssl->specs.static_ecdh = 0; 539 ssl->specs.key_size = AES_128_KEY_SIZE; 540 ssl->specs.block_size = AES_BLOCK_SIZE; 541 ssl->specs.iv_size = AESGCM_IMP_IV_SZ; 542 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 543 544 break; 545 #endif 546 547 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 548 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 : 549 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm; 550 ssl->specs.cipher_type = aead; 551 ssl->specs.mac_algorithm = sha384_mac; 552 ssl->specs.kea = ecc_diffie_hellman_kea; 553 ssl->specs.sig_algo = ecc_dsa_sa_algo; 554 ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE; 555 ssl->specs.pad_size = PAD_SHA; 556 ssl->specs.static_ecdh = 0; 557 ssl->specs.key_size = AES_256_KEY_SIZE; 558 ssl->specs.block_size = AES_BLOCK_SIZE; 559 ssl->specs.iv_size = AESGCM_IMP_IV_SZ; 560 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 561 562 break; 563 #endif 564 565 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 566 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM : 567 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm; 568 ssl->specs.cipher_type = aead; 569 ssl->specs.mac_algorithm = sha256_mac; 570 ssl->specs.kea = ecc_diffie_hellman_kea; 571 ssl->specs.sig_algo = ecc_dsa_sa_algo; 572 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE; 573 ssl->specs.pad_size = PAD_SHA; 574 ssl->specs.static_ecdh = 0; 575 ssl->specs.key_size = AES_128_KEY_SIZE; 576 ssl->specs.block_size = AES_BLOCK_SIZE; 577 ssl->specs.iv_size = AESGCM_IMP_IV_SZ; 578 ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; 579 580 break; 581 #endif 582 583 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 584 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : 585 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm; 586 ssl->specs.cipher_type = aead; 587 ssl->specs.mac_algorithm = sha256_mac; 588 ssl->specs.kea = ecc_diffie_hellman_kea; 589 ssl->specs.sig_algo = ecc_dsa_sa_algo; 590 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE; 591 ssl->specs.pad_size = PAD_SHA; 592 ssl->specs.static_ecdh = 0; 593 ssl->specs.key_size = AES_128_KEY_SIZE; 594 ssl->specs.block_size = AES_BLOCK_SIZE; 595 ssl->specs.iv_size = AESGCM_IMP_IV_SZ; 596 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 597 598 break; 599 #endif 600 601 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 602 case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : 603 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm; 604 ssl->specs.cipher_type = aead; 605 ssl->specs.mac_algorithm = sha256_mac; 606 ssl->specs.kea = ecc_diffie_hellman_kea; 607 ssl->specs.sig_algo = ecc_dsa_sa_algo; 608 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE; 609 ssl->specs.pad_size = PAD_SHA; 610 ssl->specs.static_ecdh = 0; 611 ssl->specs.key_size = AES_256_KEY_SIZE; 612 ssl->specs.block_size = AES_BLOCK_SIZE; 613 ssl->specs.iv_size = AESGCM_IMP_IV_SZ; 614 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 615 616 break; 617 #endif 618 619 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_NULL_SHA 620 case TLS_ECDHE_ECDSA_WITH_NULL_SHA : 621 ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null; 622 ssl->specs.cipher_type = stream; 623 ssl->specs.mac_algorithm = sha_mac; 624 ssl->specs.kea = ecc_diffie_hellman_kea; 625 ssl->specs.sig_algo = ecc_dsa_sa_algo; 626 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE; 627 ssl->specs.pad_size = PAD_SHA; 628 ssl->specs.static_ecdh = 0; 629 ssl->specs.key_size = 0; 630 ssl->specs.block_size = 0; 631 ssl->specs.iv_size = 0; 632 633 break; 634 #endif 635 636 #endif /* HAVE_ECC || (HAVE_CURVE25519 && HAVE_ED25519) */ 637 638 #if defined(HAVE_ECC) 280 639 281 640 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 … … 292 651 ssl->specs.iv_size = AES_IV_SIZE; 293 652 ssl->specs.block_size = AES_BLOCK_SIZE; 294 break; 653 654 break; 295 655 #endif 296 656 … … 308 668 ssl->specs.iv_size = AES_IV_SIZE; 309 669 ssl->specs.block_size = AES_BLOCK_SIZE; 310 break; 311 #endif 312 313 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 314 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : 315 ssl->specs.bulk_cipher_algorithm = wolfssl_aes; 316 ssl->specs.cipher_type = block; 317 ssl->specs.mac_algorithm = sha384_mac; 318 ssl->specs.kea = ecc_diffie_hellman_kea; 319 ssl->specs.sig_algo = rsa_sa_algo; 320 ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE; 321 ssl->specs.pad_size = PAD_SHA; 322 ssl->specs.static_ecdh = 0; 323 ssl->specs.key_size = AES_256_KEY_SIZE; 324 ssl->specs.iv_size = AES_IV_SIZE; 325 ssl->specs.block_size = AES_BLOCK_SIZE; 326 break; 327 #endif 328 329 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 330 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 : 331 ssl->specs.bulk_cipher_algorithm = wolfssl_aes; 332 ssl->specs.cipher_type = block; 333 ssl->specs.mac_algorithm = sha384_mac; 334 ssl->specs.kea = ecc_diffie_hellman_kea; 335 ssl->specs.sig_algo = ecc_dsa_sa_algo; 336 ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE; 337 ssl->specs.pad_size = PAD_SHA; 338 ssl->specs.static_ecdh = 0; 339 ssl->specs.key_size = AES_256_KEY_SIZE; 340 ssl->specs.iv_size = AES_IV_SIZE; 341 ssl->specs.block_size = AES_BLOCK_SIZE; 342 break; 670 671 break; 343 672 #endif 344 673 … … 356 685 ssl->specs.iv_size = AES_IV_SIZE; 357 686 ssl->specs.block_size = AES_BLOCK_SIZE; 358 break; 687 688 break; 359 689 #endif 360 690 … … 372 702 ssl->specs.iv_size = AES_IV_SIZE; 373 703 ssl->specs.block_size = AES_BLOCK_SIZE; 374 break;375 #endif376 377 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA378 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :379 ssl->specs.bulk_cipher_algorithm = wolfssl_aes;380 ssl->specs.cipher_type = block;381 ssl->specs.mac_algorithm = sha_mac;382 ssl->specs.kea = ecc_diffie_hellman_kea;383 ssl->specs.sig_algo = rsa_sa_algo;384 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE;385 ssl->specs.pad_size = PAD_SHA;386 ssl->specs.static_ecdh = 0;387 ssl->specs.key_size = AES_128_KEY_SIZE;388 ssl->specs.block_size = AES_BLOCK_SIZE;389 ssl->specs.iv_size = AES_IV_SIZE;390 704 391 705 break; … … 405 719 ssl->specs.block_size = AES_BLOCK_SIZE; 406 720 ssl->specs.iv_size = AES_IV_SIZE; 407 408 break;409 #endif410 411 #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA412 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :413 ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des;414 ssl->specs.cipher_type = block;415 ssl->specs.mac_algorithm = sha_mac;416 ssl->specs.kea = ecc_diffie_hellman_kea;417 ssl->specs.sig_algo = rsa_sa_algo;418 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE;419 ssl->specs.pad_size = PAD_SHA;420 ssl->specs.static_ecdh = 0;421 ssl->specs.key_size = DES3_KEY_SIZE;422 ssl->specs.block_size = DES_BLOCK_SIZE;423 ssl->specs.iv_size = DES_IV_SIZE;424 721 425 722 break; … … 443 740 #endif 444 741 445 #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA446 case TLS_ECDHE_RSA_WITH_RC4_128_SHA :447 ssl->specs.bulk_cipher_algorithm = wolfssl_rc4;448 ssl->specs.cipher_type = stream;449 ssl->specs.mac_algorithm = sha_mac;450 ssl->specs.kea = ecc_diffie_hellman_kea;451 ssl->specs.sig_algo = rsa_sa_algo;452 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE;453 ssl->specs.pad_size = PAD_SHA;454 ssl->specs.static_ecdh = 0;455 ssl->specs.key_size = RC4_KEY_SIZE;456 ssl->specs.iv_size = 0;457 ssl->specs.block_size = 0;458 459 break;460 #endif461 462 742 #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA 463 743 case TLS_ECDH_RSA_WITH_RC4_128_SHA : … … 477 757 #endif 478 758 479 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA480 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :481 ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des;482 ssl->specs.cipher_type = block;483 ssl->specs.mac_algorithm = sha_mac;484 ssl->specs.kea = ecc_diffie_hellman_kea;485 ssl->specs.sig_algo = ecc_dsa_sa_algo;486 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE;487 ssl->specs.pad_size = PAD_SHA;488 ssl->specs.static_ecdh = 0;489 ssl->specs.key_size = DES3_KEY_SIZE;490 ssl->specs.block_size = DES_BLOCK_SIZE;491 ssl->specs.iv_size = DES_IV_SIZE;492 493 break;494 #endif495 496 759 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 497 760 case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : … … 511 774 #endif 512 775 513 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA514 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :515 ssl->specs.bulk_cipher_algorithm = wolfssl_rc4;516 ssl->specs.cipher_type = stream;517 ssl->specs.mac_algorithm = sha_mac;518 ssl->specs.kea = ecc_diffie_hellman_kea;519 ssl->specs.sig_algo = ecc_dsa_sa_algo;520 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE;521 ssl->specs.pad_size = PAD_SHA;522 ssl->specs.static_ecdh = 0;523 ssl->specs.key_size = RC4_KEY_SIZE;524 ssl->specs.iv_size = 0;525 ssl->specs.block_size = 0;526 527 break;528 #endif529 530 776 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 531 777 case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : … … 545 791 #endif 546 792 547 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA548 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :549 ssl->specs.bulk_cipher_algorithm = wolfssl_aes;550 ssl->specs.cipher_type = block;551 ssl->specs.mac_algorithm = sha_mac;552 ssl->specs.kea = ecc_diffie_hellman_kea;553 ssl->specs.sig_algo = rsa_sa_algo;554 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE;555 ssl->specs.pad_size = PAD_SHA;556 ssl->specs.static_ecdh = 0;557 ssl->specs.key_size = AES_256_KEY_SIZE;558 ssl->specs.block_size = AES_BLOCK_SIZE;559 ssl->specs.iv_size = AES_IV_SIZE;560 561 break;562 #endif563 564 793 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 565 794 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : … … 579 808 #endif 580 809 581 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA582 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :583 ssl->specs.bulk_cipher_algorithm = wolfssl_aes;584 ssl->specs.cipher_type = block;585 ssl->specs.mac_algorithm = sha_mac;586 ssl->specs.kea = ecc_diffie_hellman_kea;587 ssl->specs.sig_algo = ecc_dsa_sa_algo;588 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE;589 ssl->specs.pad_size = PAD_SHA;590 ssl->specs.static_ecdh = 0;591 ssl->specs.key_size = AES_128_KEY_SIZE;592 ssl->specs.block_size = AES_BLOCK_SIZE;593 ssl->specs.iv_size = AES_IV_SIZE;594 595 break;596 #endif597 598 810 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 599 811 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : … … 613 825 #endif 614 826 615 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA616 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :617 ssl->specs.bulk_cipher_algorithm = wolfssl_aes;618 ssl->specs.cipher_type = block;619 ssl->specs.mac_algorithm = sha_mac;620 ssl->specs.kea = ecc_diffie_hellman_kea;621 ssl->specs.sig_algo = ecc_dsa_sa_algo;622 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE;623 ssl->specs.pad_size = PAD_SHA;624 ssl->specs.static_ecdh = 0;625 ssl->specs.key_size = AES_256_KEY_SIZE;626 ssl->specs.block_size = AES_BLOCK_SIZE;627 ssl->specs.iv_size = AES_IV_SIZE;628 629 break;630 #endif631 632 827 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 633 828 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : … … 647 842 #endif 648 843 649 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256650 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :651 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;652 ssl->specs.cipher_type = aead;653 ssl->specs.mac_algorithm = sha256_mac;654 ssl->specs.kea = ecc_diffie_hellman_kea;655 ssl->specs.sig_algo = rsa_sa_algo;656 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE;657 ssl->specs.pad_size = PAD_SHA;658 ssl->specs.static_ecdh = 0;659 ssl->specs.key_size = AES_128_KEY_SIZE;660 ssl->specs.block_size = AES_BLOCK_SIZE;661 ssl->specs.iv_size = AESGCM_IMP_IV_SZ;662 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;663 664 break;665 #endif666 667 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384668 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :669 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;670 ssl->specs.cipher_type = aead;671 ssl->specs.mac_algorithm = sha384_mac;672 ssl->specs.kea = ecc_diffie_hellman_kea;673 ssl->specs.sig_algo = rsa_sa_algo;674 ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE;675 ssl->specs.pad_size = PAD_SHA;676 ssl->specs.static_ecdh = 0;677 ssl->specs.key_size = AES_256_KEY_SIZE;678 ssl->specs.block_size = AES_BLOCK_SIZE;679 ssl->specs.iv_size = AESGCM_IMP_IV_SZ;680 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;681 682 break;683 #endif684 685 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256686 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :687 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;688 ssl->specs.cipher_type = aead;689 ssl->specs.mac_algorithm = sha256_mac;690 ssl->specs.kea = ecc_diffie_hellman_kea;691 ssl->specs.sig_algo = ecc_dsa_sa_algo;692 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE;693 ssl->specs.pad_size = PAD_SHA;694 ssl->specs.static_ecdh = 0;695 ssl->specs.key_size = AES_128_KEY_SIZE;696 ssl->specs.block_size = AES_BLOCK_SIZE;697 ssl->specs.iv_size = AESGCM_IMP_IV_SZ;698 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;699 700 break;701 #endif702 703 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384704 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :705 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;706 ssl->specs.cipher_type = aead;707 ssl->specs.mac_algorithm = sha384_mac;708 ssl->specs.kea = ecc_diffie_hellman_kea;709 ssl->specs.sig_algo = ecc_dsa_sa_algo;710 ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE;711 ssl->specs.pad_size = PAD_SHA;712 ssl->specs.static_ecdh = 0;713 ssl->specs.key_size = AES_256_KEY_SIZE;714 ssl->specs.block_size = AES_BLOCK_SIZE;715 ssl->specs.iv_size = AESGCM_IMP_IV_SZ;716 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;717 718 break;719 #endif720 721 844 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 722 845 case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 : … … 791 914 #endif 792 915 793 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM794 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM :795 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;796 ssl->specs.cipher_type = aead;797 ssl->specs.mac_algorithm = sha256_mac;798 ssl->specs.kea = ecc_diffie_hellman_kea;799 ssl->specs.sig_algo = ecc_dsa_sa_algo;800 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE;801 ssl->specs.pad_size = PAD_SHA;802 ssl->specs.static_ecdh = 0;803 ssl->specs.key_size = AES_128_KEY_SIZE;804 ssl->specs.block_size = AES_BLOCK_SIZE;805 ssl->specs.iv_size = AESGCM_IMP_IV_SZ;806 ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;807 808 break;809 #endif810 811 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8812 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :813 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;814 ssl->specs.cipher_type = aead;815 ssl->specs.mac_algorithm = sha256_mac;816 ssl->specs.kea = ecc_diffie_hellman_kea;817 ssl->specs.sig_algo = ecc_dsa_sa_algo;818 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE;819 ssl->specs.pad_size = PAD_SHA;820 ssl->specs.static_ecdh = 0;821 ssl->specs.key_size = AES_128_KEY_SIZE;822 ssl->specs.block_size = AES_BLOCK_SIZE;823 ssl->specs.iv_size = AESGCM_IMP_IV_SZ;824 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;825 826 break;827 #endif828 829 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8830 case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :831 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;832 ssl->specs.cipher_type = aead;833 ssl->specs.mac_algorithm = sha256_mac;834 ssl->specs.kea = ecc_diffie_hellman_kea;835 ssl->specs.sig_algo = ecc_dsa_sa_algo;836 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE;837 ssl->specs.pad_size = PAD_SHA;838 ssl->specs.static_ecdh = 0;839 ssl->specs.key_size = AES_256_KEY_SIZE;840 ssl->specs.block_size = AES_BLOCK_SIZE;841 ssl->specs.iv_size = AESGCM_IMP_IV_SZ;842 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;843 844 break;845 #endif846 847 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_NULL_SHA848 case TLS_ECDHE_ECDSA_WITH_NULL_SHA :849 ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null;850 ssl->specs.cipher_type = stream;851 ssl->specs.mac_algorithm = sha_mac;852 ssl->specs.kea = ecc_diffie_hellman_kea;853 ssl->specs.sig_algo = ecc_dsa_sa_algo;854 ssl->specs.hash_size = WC_SHA_DIGEST_SIZE;855 ssl->specs.pad_size = PAD_SHA;856 ssl->specs.static_ecdh = 0;857 ssl->specs.key_size = 0;858 ssl->specs.block_size = 0;859 ssl->specs.iv_size = 0;860 861 break;862 #endif863 864 #ifdef BUILD_TLS_ECDHE_PSK_WITH_NULL_SHA256865 case TLS_ECDHE_PSK_WITH_NULL_SHA256 :866 ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null;867 ssl->specs.cipher_type = stream;868 ssl->specs.mac_algorithm = sha256_mac;869 ssl->specs.kea = ecdhe_psk_kea;870 ssl->specs.sig_algo = anonymous_sa_algo;871 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE;872 ssl->specs.pad_size = PAD_SHA;873 ssl->specs.static_ecdh = 0;874 ssl->specs.key_size = 0;875 ssl->specs.block_size = 0;876 ssl->specs.iv_size = 0;877 878 ssl->options.usingPSK_cipher = 1;879 break;880 #endif881 882 #ifdef BUILD_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256883 case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 :884 ssl->specs.bulk_cipher_algorithm = wolfssl_aes;885 ssl->specs.cipher_type = block;886 ssl->specs.mac_algorithm = sha256_mac;887 ssl->specs.kea = ecdhe_psk_kea;888 ssl->specs.sig_algo = anonymous_sa_algo;889 ssl->specs.hash_size = WC_SHA256_DIGEST_SIZE;890 ssl->specs.pad_size = PAD_SHA;891 ssl->specs.static_ecdh = 0;892 ssl->specs.key_size = AES_128_KEY_SIZE;893 ssl->specs.block_size = AES_BLOCK_SIZE;894 ssl->specs.iv_size = AES_IV_SIZE;895 896 ssl->options.usingPSK_cipher = 1;897 break;898 #endif899 916 #endif /* HAVE_ECC */ 900 917 … … 1418 1435 #endif 1419 1436 1437 #ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 1438 case TLS_DH_anon_WITH_AES_256_GCM_SHA384: 1439 ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm; 1440 ssl->specs.cipher_type = aead; 1441 ssl->specs.mac_algorithm = sha384_mac; 1442 ssl->specs.kea = diffie_hellman_kea; 1443 ssl->specs.sig_algo = anonymous_sa_algo; 1444 ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE; 1445 ssl->specs.pad_size = PAD_SHA; 1446 ssl->specs.static_ecdh = 0; 1447 ssl->specs.key_size = AES_256_KEY_SIZE; 1448 ssl->specs.block_size = AES_BLOCK_SIZE; 1449 ssl->specs.iv_size = AESGCM_IMP_IV_SZ; 1450 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 1451 1452 ssl->options.usingAnon_cipher = 1; 1453 break; 1454 #endif 1455 1420 1456 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 1421 1457 case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 : … … 2107 2143 #ifndef NO_TLS 2108 2144 ssl->options.tls = 1; 2145 #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) 2109 2146 ssl->hmac = TLS_hmac; 2147 #endif 2110 2148 if (ssl->version.minor >= 2) { 2111 2149 ssl->options.tls1_1 = 1; … … 2116 2154 } 2117 2155 2118 #if def WOLFSSL_DTLS2156 #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_AEAD_ONLY) 2119 2157 if (ssl->options.dtls) 2120 2158 ssl->hmac = TLS_hmac; … … 2985 3023 2986 3024 if (clientCopy) { 3025 #ifndef WOLFSSL_AEAD_ONLY 2987 3026 XMEMCPY(ssl->keys.client_write_MAC_secret, 2988 keys->client_write_MAC_secret, MAX_DIGEST_SIZE); 3027 keys->client_write_MAC_secret, WC_MAX_DIGEST_SIZE); 3028 #endif 2989 3029 XMEMCPY(ssl->keys.client_write_key, 2990 3030 keys->client_write_key, AES_256_KEY_SIZE); … … 2992 3032 keys->client_write_IV, MAX_WRITE_IV_SZ); 2993 3033 } else { 3034 #ifndef WOLFSSL_AEAD_ONLY 2994 3035 XMEMCPY(ssl->keys.server_write_MAC_secret, 2995 keys->server_write_MAC_secret, MAX_DIGEST_SIZE); 3036 keys->server_write_MAC_secret, WC_MAX_DIGEST_SIZE); 3037 #endif 2996 3038 XMEMCPY(ssl->keys.server_write_key, 2997 3039 keys->server_write_key, AES_256_KEY_SIZE); … … 3062 3104 if (ssl->specs.cipher_type != aead) { 3063 3105 sz = ssl->specs.hash_size; 3106 #ifndef WOLFSSL_AEAD_ONLY 3064 3107 XMEMCPY(keys->client_write_MAC_secret,&keyData[i], sz); 3065 3108 XMEMCPY(keys->server_write_MAC_secret,&keyData[i], sz); 3109 #endif 3066 3110 i += sz; 3067 3111 } … … 3089 3133 sz = ssl->specs.hash_size; 3090 3134 if (side & PROVISION_CLIENT) { 3135 #ifndef WOLFSSL_AEAD_ONLY 3091 3136 XMEMCPY(keys->client_write_MAC_secret,&keyData[i], sz); 3137 #endif 3092 3138 i += sz; 3093 3139 } 3094 3140 if (side & PROVISION_SERVER) { 3141 #ifndef WOLFSSL_AEAD_ONLY 3095 3142 XMEMCPY(keys->server_write_MAC_secret,&keyData[i], sz); 3143 #endif 3096 3144 i += sz; 3097 3145 } … … 3244 3292 ssl->arrays->preMasterSecret[i] = 0; 3245 3293 3294 XFREE(ssl->arrays->preMasterSecret, ssl->heap, DYNAMIC_TYPE_SECRET); 3295 ssl->arrays->preMasterSecret = NULL; 3296 3246 3297 return 0; 3247 3298 } … … 3422 3473 #endif 3423 3474 3424 #ifdef NO_OLD_TLS 3475 #ifndef NO_OLD_TLS 3476 if (ssl->options.tls) return MakeTlsMasterSecret(ssl); 3477 return MakeSslMasterSecret(ssl); 3478 #elif !defined(WOLFSSL_NO_TLS12) 3425 3479 return MakeTlsMasterSecret(ssl); 3426 #elif !defined(NO_TLS) 3427 if (ssl->options.tls) return MakeTlsMasterSecret(ssl); 3428 #endif 3429 3430 #ifndef NO_OLD_TLS 3431 return MakeSslMasterSecret(ssl); 3480 #else 3481 (void)ssl; 3482 return 0; 3432 3483 #endif 3433 3484 } -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src/ocsp.c
r337 r372 225 225 else if (*status) { 226 226 #ifndef NO_ASN_TIME 227 if (ValidateDate((*status)->thisDate, (*status)->thisDateFormat, BEFORE) 227 if (XVALIDATE_DATE((*status)->thisDate, 228 (*status)->thisDateFormat, BEFORE) 228 229 && ((*status)->nextDate[0] != 0) 229 && ValidateDate((*status)->nextDate, (*status)->nextDateFormat, AFTER)) 230 && XVALIDATE_DATE((*status)->nextDate, 231 (*status)->nextDateFormat, AFTER)) 230 232 #endif 231 233 { … … 417 419 ssl->ocspIOCtx : ocsp->cm->ocspIOCtx; 418 420 419 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)421 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 420 422 if (ocsp->statusCb != NULL && ssl != NULL) { 421 423 ret = ocsp->statusCb(ssl, ioCtx); … … 460 462 } 461 463 if (responseSz == WOLFSSL_CBIO_ERR_WANT_READ) { 462 ret = WANT_READ;464 ret = OCSP_WANT_READ; 463 465 } 464 466 … … 477 479 } 478 480 479 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)481 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 480 482 481 483 int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, … … 605 607 return WOLFSSL_SUCCESS; 606 608 609 #ifdef OPENSSL_EXTRA 610 if (bs->verifyError != OCSP_VERIFY_ERROR_NONE) 611 return WOLFSSL_FAILURE; 612 #endif 613 607 614 InitDecodedCert(&cert, bs->cert, bs->certSz, NULL); 608 615 if (ParseCertRelative(&cert, CERT_TYPE, VERIFY, st->cm) < 0) … … 634 641 return NULL; 635 642 636 if (bio->type == BIO_MEMORY) {643 if (bio->type == WOLFSSL_BIO_MEMORY) { 637 644 len = wolfSSL_BIO_get_mem_data(bio, &data); 638 645 if (len <= 0 || data == NULL) { … … 640 647 } 641 648 } 642 else if (bio->type == BIO_FILE) { 649 #ifndef NO_FILESYSTEM 650 else if (bio->type == WOLFSSL_BIO_FILE) { 643 651 long i; 644 652 long l; … … 647 655 if (i < 0) 648 656 return NULL; 649 XFSEEK(bio->file, 0, SEEK_END); 657 if(XFSEEK(bio->file, 0, SEEK_END) != 0) 658 return NULL; 650 659 l = XFTELL(bio->file); 651 660 if (l < 0) 652 661 return NULL; 653 XFSEEK(bio->file, i, SEEK_SET); 654 655 /* check calulated length */ 662 if (XFSEEK(bio->file, i, SEEK_SET) != 0) 663 return NULL; 664 665 /* check calculated length */ 656 666 if (l - i <= 0) 657 667 return NULL; … … 664 674 len = wolfSSL_BIO_read(bio, (char *)data, (int)l); 665 675 } 676 #endif 666 677 else 667 678 return NULL; -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src/sniffer.c
r337 r372 246 246 /* 81 */ 247 247 "Bad Decrypt Size", 248 "Extended Master Secret Hash Error" 248 "Extended Master Secret Hash Error", 249 "Handshake Message Split Across TLS Records" 249 250 }; 250 251 … … 253 254 static void GetError(int idx, char* str) 254 255 { 255 XSTRNCPY(str, msgTable[idx - 1], MAX_ERROR_LEN); 256 XSTRNCPY(str, msgTable[idx - 1], MAX_ERROR_LEN-1); 257 str[MAX_ERROR_LEN-1] = '\0'; 256 258 } 257 259 … … 1016 1018 1017 1019 1020 /* Show SSLInfo if provided and is valid. */ 1021 static void TraceSessionInfo(SSLInfo* sslInfo) 1022 { 1023 if (TraceOn) { 1024 if (sslInfo != NULL && sslInfo->isValid) { 1025 fprintf(TraceFile, 1026 "\tver:(%u %u) suiteId:(%02x %02x) suiteName:(%s)\n", 1027 sslInfo->protocolVersionMajor, 1028 sslInfo->protocolVersionMinor, 1029 sslInfo->serverCipherSuite0, 1030 sslInfo->serverCipherSuite, 1031 sslInfo->serverCipherSuiteName); 1032 } 1033 } 1034 } 1035 1036 1018 1037 /* Set user error string */ 1019 1038 static void SetError(int idx, char* error, SnifferSession* session, int fatal) … … 1166 1185 file = XFOPEN(keyFile, "rb"); 1167 1186 if (file == XBADFILE) return -1; 1168 XFSEEK(file, 0, XSEEK_END);1187 if(XFSEEK(file, 0, XSEEK_END) != 0) return -1; 1169 1188 fileSz = XFTELL(file); 1170 1189 XREWIND(file); … … 1190 1209 ret = -1; 1191 1210 if (saveBuf != NULL) { 1192 saveBufSz = w olfSSL_KeyPemToDer(loadBuf, (int)fileSz,1211 saveBufSz = wc_KeyPemToDer(loadBuf, (int)fileSz, 1193 1212 saveBuf, (int)fileSz, password); 1194 1213 if (saveBufSz < 0) { … … 1249 1268 1250 1269 namedKey->nameSz = (word32)XSTRLEN(name); 1251 XSTRNCPY(namedKey->name, name, sizeof(namedKey->name)); 1252 if (namedKey->nameSz >= sizeof(namedKey->name)) { 1270 if (namedKey->nameSz > sizeof(namedKey->name)-1) 1253 1271 namedKey->nameSz = sizeof(namedKey->name) - 1; 1254 namedKey->name[namedKey->nameSz] = '\0';1255 }1272 XSTRNCPY(namedKey->name, name, namedKey->nameSz); 1273 namedKey->name[MAX_SERVER_NAME-1] = '\0'; 1256 1274 1257 1275 ret = LoadKeyFile(&namedKey->key, &namedKey->keySz, … … 1289 1307 sniffer->port = port; 1290 1308 1291 sniffer->ctx = SSL_CTX_new(TLSv1_ client_method());1309 sniffer->ctx = SSL_CTX_new(TLSv1_2_client_method()); 1292 1310 if (!sniffer->ctx) { 1293 1311 SetError(MEMORY_STR, error, NULL, 0); … … 1302 1320 if (name == NULL) { 1303 1321 if (password) { 1322 #ifdef WOLFSSL_ENCRYPTED_KEYS 1304 1323 SSL_CTX_set_default_passwd_cb(sniffer->ctx, SetPassword); 1305 1324 SSL_CTX_set_default_passwd_cb_userdata( 1306 1325 sniffer->ctx, (void*)password); 1326 #endif 1307 1327 } 1308 1328 ret = SSL_CTX_use_PrivateKey_file(sniffer->ctx, keyFile, type); … … 1829 1849 NamedKey* namedKey; 1830 1850 1831 if (nameSz > = sizeof(name))1851 if (nameSz > sizeof(name) - 1) 1832 1852 nameSz = sizeof(name) - 1; 1833 1853 name[nameSz] = 0; … … 2059 2079 2060 2080 if (*sslBytes < size) { 2061 SetError(HANDSHAKE_INPUT_STR, error, session, FATAL_ERROR_STATE); 2062 return -1; 2081 Trace(SPLIT_HANDSHAKE_MSG_STR); 2082 *sslBytes = 0; 2083 return ret; 2063 2084 } 2064 2085 … … 3462 3483 3463 3484 3485 /* Copies the session's infomation to the provided sslInfo. Skip copy if 3486 * SSLInfo is not provided. */ 3487 static void CopySessionInfo(SnifferSession* session, SSLInfo* sslInfo) 3488 { 3489 if (NULL != sslInfo) { 3490 XMEMSET(sslInfo, 0, sizeof(SSLInfo)); 3491 3492 /* Pass back Session Info after we have processed the Server Hello. */ 3493 if (0 != session->sslServer->options.cipherSuite) { 3494 const char* pCipher; 3495 3496 sslInfo->isValid = 1; 3497 sslInfo->protocolVersionMajor = session->sslServer->version.major; 3498 sslInfo->protocolVersionMinor = session->sslServer->version.minor; 3499 sslInfo->serverCipherSuite0 = 3500 session->sslServer->options.cipherSuite0; 3501 sslInfo->serverCipherSuite = 3502 session->sslServer->options.cipherSuite; 3503 3504 pCipher = wolfSSL_get_cipher(session->sslServer); 3505 if (NULL != pCipher) { 3506 XSTRNCPY((char*)sslInfo->serverCipherSuiteName, pCipher, 3507 sizeof(sslInfo->serverCipherSuiteName)); 3508 sslInfo->serverCipherSuiteName 3509 [sizeof(sslInfo->serverCipherSuiteName) - 1] = '\0'; 3510 } 3511 TraceSessionInfo(sslInfo); 3512 } 3513 } 3514 } 3515 3516 3464 3517 /* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */ 3465 3518 /* returns Number of bytes on success, 0 for no data yet, and -1 on error */ 3466 int ssl_DecodePacket(const byte* packet, int length, byte** data, char* error) 3519 static int ssl_DecodePacketInternal(const byte* packet, int length, 3520 byte** data, SSLInfo* sslInfo, char* error) 3467 3521 { 3468 3522 TcpInfo tcpInfo; … … 3497 3551 if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1; 3498 3552 CheckFinCapture(&ipInfo, &tcpInfo, session); 3553 3554 CopySessionInfo(session, sslInfo); 3555 3499 3556 return ret; 3557 } 3558 3559 3560 /* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */ 3561 /* returns Number of bytes on success, 0 for no data yet, and -1 on error */ 3562 /* Also returns Session Info if available */ 3563 int ssl_DecodePacketWithSessionInfo(const unsigned char* packet, int length, 3564 unsigned char** data, SSLInfo* sslInfo, char* error) 3565 { 3566 return ssl_DecodePacketInternal(packet, length, data, sslInfo, error); 3567 } 3568 3569 3570 /* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */ 3571 /* returns Number of bytes on success, 0 for no data yet, and -1 on error */ 3572 int ssl_DecodePacket(const byte* packet, int length, byte** data, char* error) 3573 { 3574 return ssl_DecodePacketInternal(packet, length, data, NULL, error); 3500 3575 } 3501 3576 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src/ssl.c
r337 r372 46 46 #ifndef WOLFSSL_ALLOW_NO_SUITES 47 47 #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(WOLFSSL_STATIC_RSA) \ 48 && !defined(WOLFSSL_STATIC_DH) && !defined(WOLFSSL_STATIC_PSK) 48 && !defined(WOLFSSL_STATIC_DH) && !defined(WOLFSSL_STATIC_PSK) \ 49 && !defined(HAVE_ED25519) 49 50 #error "No cipher suites defined because DH disabled, ECC disabled, and no static suites defined. Please see top of README" 50 51 #endif 51 52 #endif 52 53 53 #if defined(OPENSSL_EXTRA) || defined( HAVE_WEBSERVER) || \54 54 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ 55 defined(HAVE_WEBSERVER) || defined(WOLFSSL_KEY_GEN) 55 56 #include <wolfssl/openssl/evp.h> 56 57 /* openssl headers end, wolfssl internal headers next */ 57 #include <wolfssl/wolfcrypt/wc_encrypt.h> 58 #endif 58 #endif 59 60 #include <wolfssl/wolfcrypt/wc_encrypt.h> 59 61 60 62 #ifdef OPENSSL_EXTRA 61 63 /* openssl headers begin */ 64 #include <wolfssl/openssl/aes.h> 62 65 #include <wolfssl/openssl/hmac.h> 63 66 #include <wolfssl/openssl/crypto.h> 64 67 #include <wolfssl/openssl/des.h> 65 68 #include <wolfssl/openssl/bn.h> 69 #include <wolfssl/openssl/buffer.h> 66 70 #include <wolfssl/openssl/dh.h> 67 71 #include <wolfssl/openssl/rsa.h> … … 72 76 #include <wolfssl/openssl/ecdsa.h> 73 77 #include <wolfssl/openssl/ecdh.h> 78 #include <wolfssl/openssl/rc4.h> 74 79 /* openssl headers end, wolfssl internal headers next */ 75 80 #include <wolfssl/wolfcrypt/hmac.h> … … 82 87 #include <wolfssl/wolfcrypt/curve25519.h> 83 88 #include <wolfssl/wolfcrypt/ed25519.h> 84 #if def HAVE_STUNNEL89 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) 85 90 #include <wolfssl/openssl/ocsp.h> 86 91 #endif /* WITH_STUNNEL */ 87 #if def WOLFSSL_SHA51292 #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) 88 93 #include <wolfssl/wolfcrypt/sha512.h> 89 94 #endif 95 #if defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256) \ 96 && !defined(WC_NO_RNG) 97 #include <wolfssl/wolfcrypt/srp.h> 98 #endif 99 #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) 100 #include <wolfssl/openssl/pkcs7.h> 101 #endif /* OPENSSL_ALL && HAVE_PKCS7 */ 90 102 #endif 91 103 … … 94 106 #endif 95 107 96 97 #ifndef WOLFSSL_LEANPSK98 char* mystrnstr(const char* s1, const char* s2, unsigned int n)99 {100 unsigned int s2_len = (unsigned int)XSTRLEN(s2);101 102 if (s2_len == 0)103 return (char*)s1;104 105 while (n >= s2_len && s1[0]) {106 if (s1[0] == s2[0])107 if (XMEMCMP(s1, s2, s2_len) == 0)108 return (char*)s1;109 s1++;110 n--;111 }112 113 return NULL;114 }115 #endif116 108 117 109 #ifdef WOLFSSL_SESSION_EXPORT … … 250 242 static wolfSSL_Mutex count_mutex; /* init ref count mutex */ 251 243 252 253 244 /* Create a new WOLFSSL_CTX struct and return the pointer to created struct. 254 245 WOLFSSL_METHOD pointer passed in is given to ctx to manage. … … 260 251 WOLFSSL_CTX* ctx = NULL; 261 252 262 WOLFSSL_ENTER(" WOLFSSL_CTX_new_ex");253 WOLFSSL_ENTER("wolfSSL_CTX_new_ex"); 263 254 264 255 if (initRefCount == 0) { … … 285 276 ctx = NULL; 286 277 } 278 #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \ 279 && !defined(NO_SHA256) && !defined(WC_NO_RNG) 280 else { 281 ctx->srp = (Srp*) XMALLOC(sizeof(Srp), heap, DYNAMIC_TYPE_SRP); 282 if (ctx->srp == NULL){ 283 WOLFSSL_MSG("Init CTX failed"); 284 wolfSSL_CTX_free(ctx); 285 return NULL; 286 } 287 XMEMSET(ctx->srp, 0, sizeof(Srp)); 288 } 289 #endif 287 290 } 288 291 else { … … 290 293 XFREE(method, heap, DYNAMIC_TYPE_METHOD); 291 294 } 295 292 296 293 297 WOLFSSL_LEAVE("WOLFSSL_CTX_new", 0); … … 310 314 { 311 315 WOLFSSL_ENTER("SSL_CTX_free"); 312 if (ctx) 316 if (ctx) { 317 #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \ 318 && !defined(NO_SHA256) && !defined(WC_NO_RNG) 319 if (ctx->srp != NULL){ 320 if (ctx->srp_password != NULL){ 321 XFREE(ctx->srp_password, ctx->heap, DYNAMIC_TYPE_SRP); 322 ctx->srp_password = NULL; 323 } 324 wc_SrpTerm(ctx->srp); 325 XFREE(ctx->srp, ctx->heap, DYNAMIC_TYPE_SRP); 326 ctx->srp = NULL; 327 } 328 #endif 313 329 FreeSSL_Ctx(ctx); 330 } 331 314 332 WOLFSSL_LEAVE("SSL_CTX_free", 0); 315 333 } … … 552 570 int wolfSSL_use_old_poly(WOLFSSL* ssl, int value) 553 571 { 572 (void)ssl; 573 (void)value; 574 575 #ifndef WOLFSSL_NO_TLS12 554 576 WOLFSSL_ENTER("SSL_use_old_poly"); 555 577 WOLFSSL_MSG("Warning SSL connection auto detects old/new and this function" … … 557 579 ssl->options.oldPoly = (word16)value; 558 580 WOLFSSL_LEAVE("SSL_use_old_poly", 0); 581 #endif 559 582 return 0; 560 583 } … … 632 655 char* wolfSSL_get_cipher_list(int priority) 633 656 { 634 const char* const* ciphers = GetCipherNames();657 const CipherSuiteInfo* ciphers = GetCipherNames(); 635 658 636 659 if (priority >= GetCipherNamesSize() || priority < 0) { … … 638 661 } 639 662 640 return (char*)ciphers[priority] ;663 return (char*)ciphers[priority].name; 641 664 } 642 665 … … 671 694 int wolfSSL_get_ciphers(char* buf, int len) 672 695 { 673 const char* const* ciphers = GetCipherNames(); 674 int totalInc = 0; 675 int step = 0; 676 char delim = ':'; 677 int size = GetCipherNamesSize(); 696 const CipherSuiteInfo* ciphers = GetCipherNames(); 697 int ciphersSz = GetCipherNamesSize(); 678 698 int i; 699 int cipherNameSz; 679 700 680 701 if (buf == NULL || len <= 0) … … 682 703 683 704 /* Add each member to the buffer delimited by a : */ 684 for (i = 0; i < size; i++) { 685 step = (int)(XSTRLEN(ciphers[i]) + 1); /* delimiter */ 686 totalInc += step; 687 688 /* Check to make sure buf is large enough and will not overflow */ 689 if (totalInc < len) { 690 XSTRNCPY(buf, ciphers[i], XSTRLEN(ciphers[i])); 691 buf += XSTRLEN(ciphers[i]); 692 693 if (i < size - 1) 694 *buf++ = delim; 695 else 696 *buf++ = '\0'; 705 for (i = 0; i < ciphersSz; i++) { 706 cipherNameSz = (int)XSTRLEN(ciphers[i].name); 707 if (cipherNameSz + 1 < len) { 708 XSTRNCPY(buf, ciphers[i].name, len); 709 buf += cipherNameSz; 710 711 if (i < ciphersSz - 1) 712 *buf++ = ':'; 713 *buf = 0; 714 715 len -= cipherNameSz + 1; 697 716 } 698 717 else … … 709 728 return NULL; 710 729 711 cipher = wolfSSL_get_cipher_name_from_suite(ssl->options.cipherSuite, 712 ssl->options.cipherSuite0); 730 cipher = wolfSSL_get_cipher_name_iana(ssl); 713 731 len = min(len, (int)(XSTRLEN(cipher) + 1)); 714 732 XMEMCPY(buf, cipher, len); … … 718 736 int wolfSSL_get_fd(const WOLFSSL* ssl) 719 737 { 738 int fd = -1; 720 739 WOLFSSL_ENTER("SSL_get_fd"); 721 WOLFSSL_LEAVE("SSL_get_fd", ssl->rfd); 722 return ssl->rfd; 723 } 724 725 726 int wolfSSL_get_using_nonblock(WOLFSSL* ssl) 727 { 728 WOLFSSL_ENTER("wolfSSL_get_using_nonblock"); 729 WOLFSSL_LEAVE("wolfSSL_get_using_nonblock", ssl->options.usingNonblock); 730 return ssl->options.usingNonblock; 740 if (ssl) { 741 fd = ssl->rfd; 742 } 743 WOLFSSL_LEAVE("SSL_get_fd", fd); 744 return fd; 731 745 } 732 746 … … 734 748 int wolfSSL_dtls(WOLFSSL* ssl) 735 749 { 736 return ssl->options.dtls; 750 int dtlsOpt = 0; 751 if (ssl) 752 dtlsOpt = ssl->options.dtls; 753 return dtlsOpt; 737 754 } 738 755 739 756 740 757 #ifndef WOLFSSL_LEANPSK 741 void wolfSSL_set_using_nonblock(WOLFSSL* ssl, int nonblock)742 {743 WOLFSSL_ENTER("wolfSSL_set_using_nonblock");744 ssl->options.usingNonblock = (nonblock != 0);745 }746 747 748 758 int wolfSSL_dtls_set_peer(WOLFSSL* ssl, void* peer, unsigned int peerSz) 749 759 { 750 760 #ifdef WOLFSSL_DTLS 751 void* sa = (void*)XMALLOC(peerSz, ssl->heap, DYNAMIC_TYPE_SOCKADDR); 761 void* sa; 762 763 if (ssl == NULL) 764 return WOLFSSL_FAILURE; 765 766 sa = (void*)XMALLOC(peerSz, ssl->heap, DYNAMIC_TYPE_SOCKADDR); 752 767 if (sa != NULL) { 753 if (ssl->buffers.dtlsCtx.peer.sa != NULL) 768 if (ssl->buffers.dtlsCtx.peer.sa != NULL) { 754 769 XFREE(ssl->buffers.dtlsCtx.peer.sa,ssl->heap,DYNAMIC_TYPE_SOCKADDR); 770 ssl->buffers.dtlsCtx.peer.sa = NULL; 771 } 755 772 XMEMCPY(sa, peer, peerSz); 756 773 ssl->buffers.dtlsCtx.peer.sa = sa; … … 903 920 904 921 #ifdef WOLFSSL_DTLS 905 static INLINE word32 UpdateHighwaterMark(word32 cur, word32 first,922 static WC_INLINE word32 UpdateHighwaterMark(word32 cur, word32 first, 906 923 word32 second, word32 max) 907 924 { … … 1145 1162 #endif 1146 1163 1164 (void)ssl; 1165 1147 1166 WOLFSSL_LEAVE("wolfSSL_negotiate", err); 1148 1167 … … 1354 1373 int wolfSSL_GetMaxOutputSize(WOLFSSL* ssl) 1355 1374 { 1356 int maxSize = OUTPUT_RECORD_SIZE;1357 1358 1375 WOLFSSL_ENTER("wolfSSL_GetMaxOutputSize"); 1359 1376 … … 1366 1383 } 1367 1384 1368 #ifdef HAVE_MAX_FRAGMENT 1369 maxSize = min(maxSize, ssl->max_fragment); 1370 #endif 1371 1372 #ifdef WOLFSSL_DTLS 1373 if (ssl->options.dtls) { 1374 maxSize = min(maxSize, MAX_UDP_SIZE); 1375 } 1376 #endif 1377 1378 return maxSize; 1385 return wolfSSL_GetMaxRecordSize(ssl, OUTPUT_RECORD_SIZE); 1379 1386 } 1380 1387 … … 1460 1467 const unsigned char* g, int gSz) 1461 1468 { 1462 word16 havePSK = 0;1463 word16 haveRSA = 1;1464 int keySz = 0;1465 1466 1469 WOLFSSL_ENTER("wolfSSL_SetTmpDH"); 1467 if (ssl == NULL || p == NULL || g == NULL) return BAD_FUNC_ARG; 1470 1471 if (ssl == NULL || p == NULL || g == NULL) 1472 return BAD_FUNC_ARG; 1468 1473 1469 1474 if (pSz < ssl->options.minDhKeySz) 1470 1475 return DH_KEY_SIZE_E; 1471 1472 if (ssl->options.side != WOLFSSL_SERVER_END) 1476 if (pSz > ssl->options.maxDhKeySz) 1477 return DH_KEY_SIZE_E; 1478 1479 /* this function is for server only */ 1480 if (ssl->options.side == WOLFSSL_CLIENT_END) 1473 1481 return SIDE_ERROR; 1482 1483 #if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \ 1484 !defined(HAVE_SELFTEST) 1485 ssl->options.dhKeyTested = 0; 1486 ssl->options.dhDoKeyTest = 1; 1487 #endif 1474 1488 1475 1489 if (ssl->buffers.serverDH_P.buffer && ssl->buffers.weOwnDH) { … … 1503 1517 1504 1518 ssl->options.haveDH = 1; 1519 1520 if (ssl->options.side != WOLFSSL_NEITHER_END) { 1521 word16 havePSK = 0; 1522 word16 haveRSA = 1; 1523 int keySz = 0; 1524 1505 1525 #ifndef NO_PSK 1506 1526 havePSK = ssl->options.havePSK; … … 1516 1536 ssl->options.haveECDSAsig, ssl->options.haveECC, 1517 1537 ssl->options.haveStaticECC, ssl->options.side); 1538 } 1518 1539 1519 1540 WOLFSSL_LEAVE("wolfSSL_SetTmpDH", 0); 1541 1520 1542 return WOLFSSL_SUCCESS; 1521 1543 } 1544 1545 1546 #if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \ 1547 !defined(HAVE_SELFTEST) 1548 /* Enables or disables the session's DH key prime test. */ 1549 int wolfSSL_SetEnableDhKeyTest(WOLFSSL* ssl, int enable) 1550 { 1551 WOLFSSL_ENTER("wolfSSL_SetEnableDhKeyTest"); 1552 1553 if (ssl == NULL) 1554 return BAD_FUNC_ARG; 1555 1556 if (!enable) 1557 ssl->options.dhDoKeyTest = 0; 1558 else 1559 ssl->options.dhDoKeyTest = 1; 1560 1561 WOLFSSL_LEAVE("wolfSSL_SetEnableDhKeyTest", WOLFSSL_SUCCESS); 1562 return WOLFSSL_SUCCESS; 1563 } 1564 #endif 1565 1522 1566 1523 1567 /* server ctx Diffie-Hellman parameters, WOLFSSL_SUCCESS on ok */ … … 1530 1574 if (pSz < ctx->minDhKeySz) 1531 1575 return DH_KEY_SIZE_E; 1576 if (pSz > ctx->maxDhKeySz) 1577 return DH_KEY_SIZE_E; 1578 1579 #if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \ 1580 !defined(HAVE_SELFTEST) 1581 { 1582 DhKey checkKey; 1583 WC_RNG rng; 1584 int error, freeKey = 0; 1585 1586 error = wc_InitRng(&rng); 1587 if (!error) 1588 error = wc_InitDhKey(&checkKey); 1589 if (!error) { 1590 freeKey = 1; 1591 error = wc_DhSetCheckKey(&checkKey, 1592 p, pSz, g, gSz, NULL, 0, 0, &rng); 1593 } 1594 if (freeKey) 1595 wc_FreeDhKey(&checkKey); 1596 wc_FreeRng(&rng); 1597 if (error) 1598 return error; 1599 1600 ctx->dhKeyTested = 1; 1601 } 1602 #endif 1532 1603 1533 1604 XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); 1605 ctx->serverDH_P.buffer = NULL; 1534 1606 XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); 1607 ctx->serverDH_G.buffer = NULL; 1535 1608 1536 1609 ctx->serverDH_P.buffer = (byte*)XMALLOC(pSz, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); … … 1541 1614 if (ctx->serverDH_G.buffer == NULL) { 1542 1615 XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); 1616 ctx->serverDH_P.buffer = NULL; 1543 1617 return MEMORY_E; 1544 1618 } … … 1577 1651 1578 1652 1653 int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX* ctx, word16 keySz) 1654 { 1655 if (ctx == NULL || keySz > 16000 || keySz % 8 != 0) 1656 return BAD_FUNC_ARG; 1657 1658 ctx->maxDhKeySz = keySz / 8; 1659 return WOLFSSL_SUCCESS; 1660 } 1661 1662 1663 int wolfSSL_SetMaxDhKey_Sz(WOLFSSL* ssl, word16 keySz) 1664 { 1665 if (ssl == NULL || keySz > 16000 || keySz % 8 != 0) 1666 return BAD_FUNC_ARG; 1667 1668 ssl->options.maxDhKeySz = keySz / 8; 1669 return WOLFSSL_SUCCESS; 1670 } 1671 1672 1579 1673 int wolfSSL_GetDhKey_Sz(WOLFSSL* ssl) 1580 1674 { … … 1598 1692 1599 1693 #ifdef WOLFSSL_EARLY_DATA 1600 if (ssl->earlyData && (ret = wolfSSL_negotiate(ssl)) < 0) {1694 if (ssl->earlyData != no_early_data && (ret = wolfSSL_negotiate(ssl)) < 0) { 1601 1695 ssl->error = ret; 1602 1696 return WOLFSSL_FATAL_ERROR; 1603 1697 } 1604 ssl->earlyData = 0;1698 ssl->earlyData = no_early_data; 1605 1699 #endif 1606 1700 … … 1639 1733 #endif 1640 1734 1735 #ifdef OPENSSL_EXTRA 1736 if (ssl->CBIS != NULL) { 1737 ssl->CBIS(ssl, SSL_CB_WRITE, SSL_SUCCESS); 1738 ssl->cbmode = SSL_CB_WRITE; 1739 } 1740 #endif 1641 1741 ret = SendData(ssl, data, sz); 1642 1742 … … 1679 1779 #endif 1680 1780 1681 sz = min(sz, OUTPUT_RECORD_SIZE); 1682 #ifdef HAVE_MAX_FRAGMENT 1683 sz = min(sz, ssl->max_fragment); 1684 #endif 1781 sz = wolfSSL_GetMaxRecordSize(ssl, sz); 1782 1685 1783 ret = ReceiveData(ssl, (byte*)data, sz, peek); 1686 1784 1687 1785 #ifdef HAVE_WRITE_DUP 1688 1786 if (ssl->dupWrite) { 1689 if (ssl->error != 0 && ssl->error != WANT_READ && 1690 ssl->error != WC_PENDING_E) { 1787 if (ssl->error != 0 && ssl->error != WANT_READ 1788 #ifdef WOLFSSL_ASYNC_CRYPT 1789 && ssl->error != WC_PENDING_E 1790 #endif 1791 ) { 1691 1792 int notifyErr; 1692 1793 … … 1721 1822 WOLFSSL_ENTER("wolfSSL_read()"); 1722 1823 1824 #ifdef OPENSSL_EXTRA 1825 if (ssl->CBIS != NULL) { 1826 ssl->CBIS(ssl, SSL_CB_READ, SSL_SUCCESS); 1827 ssl->cbmode = SSL_CB_READ; 1828 } 1829 #endif 1723 1830 return wolfSSL_read_internal(ssl, data, sz, FALSE); 1724 1831 } … … 1744 1851 #endif /* WOLFSSL_MULTICAST */ 1745 1852 1746 #ifdef WOLFSSL_ASYNC_CRYPT 1747 1748 /* let's use async hardware, WOLFSSL_SUCCESS on ok */ 1749 int wolfSSL_UseAsync(WOLFSSL* ssl, int devId) 1853 1854 /* helpers to set the device id, WOLFSSL_SUCCESS on ok */ 1855 int wolfSSL_SetDevId(WOLFSSL* ssl, int devId) 1750 1856 { 1751 1857 if (ssl == NULL) … … 1756 1862 return WOLFSSL_SUCCESS; 1757 1863 } 1758 1759 1760 /* let's use async hardware, WOLFSSL_SUCCESS on ok */ 1761 int wolfSSL_CTX_UseAsync(WOLFSSL_CTX* ctx, int devId) 1864 int wolfSSL_CTX_SetDevId(WOLFSSL_CTX* ctx, int devId) 1762 1865 { 1763 1866 if (ctx == NULL) … … 1768 1871 return WOLFSSL_SUCCESS; 1769 1872 } 1770 1771 #endif /* WOLFSSL_ASYNC_CRYPT */1772 1873 1773 1874 /* helpers to get device id and heap */ … … 1868 1969 return BAD_FUNC_ARG; 1869 1970 1971 #ifdef WOLFSSL_ALLOW_MAX_FRAGMENT_ADJUST 1972 /* The following is a non-standard way to reconfigure the max packet size 1973 post-handshake for wolfSSL_write/woflSSL_read */ 1974 if (ssl->options.handShakeState == HANDSHAKE_DONE) { 1975 switch (mfl) { 1976 case WOLFSSL_MFL_2_8 : ssl->max_fragment = 256; break; 1977 case WOLFSSL_MFL_2_9 : ssl->max_fragment = 512; break; 1978 case WOLFSSL_MFL_2_10: ssl->max_fragment = 1024; break; 1979 case WOLFSSL_MFL_2_11: ssl->max_fragment = 2048; break; 1980 case WOLFSSL_MFL_2_12: ssl->max_fragment = 4096; break; 1981 case WOLFSSL_MFL_2_13: ssl->max_fragment = 8192; break; 1982 default: ssl->max_fragment = MAX_RECORD_SIZE; break; 1983 } 1984 return WOLFSSL_SUCCESS; 1985 } 1986 #endif /* WOLFSSL_MAX_FRAGMENT_ADJUST */ 1987 1988 /* This call sets the max fragment TLS extension, which gets sent to server. 1989 The server_hello response is what sets the `ssl->max_fragment` in 1990 TLSX_MFL_Parse */ 1870 1991 return TLSX_UseMaxFragment(&ssl->extensions, mfl, ssl->heap); 1871 1992 } … … 1914 2035 1915 2036 return TLSX_UseCertificateStatusRequest(&ssl->extensions, status_type, 1916 options, ssl->heap, ssl->devId);2037 options, NULL, ssl->heap, ssl->devId); 1917 2038 } 1918 2039 … … 1925 2046 1926 2047 return TLSX_UseCertificateStatusRequest(&ctx->extensions, status_type, 1927 options, ctx->heap, ctx->devId);2048 options, NULL, ctx->heap, ctx->devId); 1928 2049 } 1929 2050 … … 1942 2063 1943 2064 1944 int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx, 1945 byte status_type,byte options)2065 int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx, byte status_type, 2066 byte options) 1946 2067 { 1947 2068 if (ctx == NULL || ctx->method->side != WOLFSSL_CLIENT_END) … … 2135 2256 } 2136 2257 2137 XMEMSET(list, 0, protocol_name_listSz+1);2138 2258 XSTRNCPY(list, protocol_name_list, protocol_name_listSz); 2259 list[protocol_name_listSz] = '\0'; 2139 2260 2140 2261 /* read all protocol name from the list */ … … 2243 2364 return SECURE_RENEGOTIATION_E; 2244 2365 } 2366 2367 /* If the client started the renegotiation, the server will already 2368 * have processed the client's hello. */ 2369 if (ssl->options.side != WOLFSSL_SERVER_END || 2370 ssl->options.acceptState != ACCEPT_FIRST_REPLY_DONE) { 2245 2371 2246 2372 if (ssl->options.handShakeState != HANDSHAKE_DONE) { … … 2270 2396 ssl->secure_renegotiation->cache_status = SCR_CACHE_NEEDED; 2271 2397 2272 ret = InitHandshakeHashes(ssl); 2398 #if !defined(NO_WOLFSSL_SERVER) && defined(HAVE_SERVER_RENEGOTIATION_INFO) 2399 if (ssl->options.side == WOLFSSL_SERVER_END) { 2400 ret = SendHelloRequest(ssl); 2273 2401 if (ret !=0) 2274 2402 return ret; 2275 2403 } 2404 #endif /* NO_WOLFSSL_SERVER && HAVE_SERVER_RENEGOTIATION_INFO */ 2405 2406 ret = InitHandshakeHashes(ssl); 2407 if (ret !=0) 2408 return ret; 2409 } 2276 2410 ret = wolfSSL_negotiate(ssl); 2277 2411 return ret; … … 2519 2653 ssl->error = WOLFSSL_ERROR_SYSCALL; /* simulate OpenSSL behavior */ 2520 2654 ret = WOLFSSL_SUCCESS; 2655 } else if ((ssl->error == WOLFSSL_ERROR_NONE) && 2656 (ret < WOLFSSL_SUCCESS)) { 2657 ret = WOLFSSL_SHUTDOWN_NOT_DONE; 2521 2658 } 2522 2659 } … … 2606 2743 char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data) 2607 2744 { 2608 static const char* msg = "Please supply a buffer for error string";2745 static const char* const msg = "Please supply a buffer for error string"; 2609 2746 2610 2747 WOLFSSL_ENTER("ERR_error_string"); … … 2716 2853 const byte* wolfSSL_GetMacSecret(WOLFSSL* ssl, int verify) 2717 2854 { 2855 #ifndef WOLFSSL_AEAD_ONLY 2718 2856 if (ssl == NULL) 2719 2857 return NULL; … … 2724 2862 else 2725 2863 return ssl->keys.server_write_MAC_secret; 2864 #else 2865 (void)ssl; 2866 (void)verify; 2867 2868 return NULL; 2869 #endif 2726 2870 } 2727 2871 … … 2904 3048 2905 3049 #ifndef NO_CERTS 2906 int AllocDer(DerBuffer** pDer, word32 length, int type, void* heap)2907 {2908 int ret = BAD_FUNC_ARG;2909 if (pDer) {2910 int dynType = 0;2911 DerBuffer* der;2912 2913 /* Determine dynamic type */2914 switch (type) {2915 case CA_TYPE: dynType = DYNAMIC_TYPE_CA; break;2916 case CERT_TYPE: dynType = DYNAMIC_TYPE_CERT; break;2917 case CRL_TYPE: dynType = DYNAMIC_TYPE_CRL; break;2918 case DSA_TYPE: dynType = DYNAMIC_TYPE_DSA; break;2919 case ECC_TYPE: dynType = DYNAMIC_TYPE_ECC; break;2920 case RSA_TYPE: dynType = DYNAMIC_TYPE_RSA; break;2921 default: dynType = DYNAMIC_TYPE_KEY; break;2922 }2923 2924 /* Setup new buffer */2925 *pDer = (DerBuffer*)XMALLOC(sizeof(DerBuffer) + length, heap, dynType);2926 if (*pDer == NULL) {2927 return MEMORY_ERROR;2928 }2929 XMEMSET(*pDer, 0, sizeof(DerBuffer) + length);2930 2931 der = *pDer;2932 der->type = type;2933 der->dynType = dynType; /* Cache this for FreeDer */2934 der->heap = heap;2935 der->buffer = (byte*)der + sizeof(DerBuffer);2936 der->length = length;2937 ret = 0; /* Success */2938 }2939 return ret;2940 }2941 2942 void FreeDer(DerBuffer** pDer)2943 {2944 if (pDer && *pDer)2945 {2946 DerBuffer* der = (DerBuffer*)*pDer;2947 2948 /* ForceZero private keys */2949 if (der->type == PRIVATEKEY_TYPE) {2950 ForceZero(der->buffer, der->length);2951 }2952 der->buffer = NULL;2953 der->length = 0;2954 XFREE(der, der->heap, der->dynType);2955 2956 *pDer = NULL;2957 }2958 }2959 3050 2960 3051 WOLFSSL_CERT_MANAGER* wolfSSL_CTX_GetCertManager(WOLFSSL_CTX* ctx) … … 3024 3115 FreeOCSP(cm->ocsp, 1); 3025 3116 XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL); 3026 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST)\3027 || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)\3028 || defined(WOLFSSL_HAPROXY)3117 #if !defined(NO_WOLFSSL_SERVER) && \ 3118 (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ 3119 defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)) 3029 3120 if (cm->ocsp_stapling) 3030 3121 FreeOCSP(cm->ocsp_stapling, 1); … … 3056 3147 return BAD_MUTEX_E; 3057 3148 3058 FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL);3149 FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap); 3059 3150 3060 3151 wc_UnLockMutex(&cm->caLock); … … 3076 3167 return BAD_MUTEX_E; 3077 3168 3078 FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, NULL);3169 FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap); 3079 3170 3080 3171 wc_UnLockMutex(&cm->tpLock); … … 3085 3176 #endif /* WOLFSSL_TRUST_PEER_CERT */ 3086 3177 3087 3088 /* Return bytes written to buff or < 0 for error */3089 int wolfSSL_CertPemToDer(const unsigned char* pem, int pemSz,3090 unsigned char* buff, int buffSz, int type)3091 {3092 int eccKey = 0;3093 int ret;3094 DerBuffer* der = NULL;3095 #ifdef WOLFSSL_SMALL_STACK3096 EncryptedInfo* info = NULL;3097 #else3098 EncryptedInfo info[1];3099 #endif3100 3101 WOLFSSL_ENTER("wolfSSL_CertPemToDer");3102 3103 if (pem == NULL || buff == NULL || buffSz <= 0) {3104 WOLFSSL_MSG("Bad pem der args");3105 return BAD_FUNC_ARG;3106 }3107 3108 if (type != CERT_TYPE && type != CA_TYPE && type != CERTREQ_TYPE) {3109 WOLFSSL_MSG("Bad cert type");3110 return BAD_FUNC_ARG;3111 }3112 3113 #ifdef WOLFSSL_SMALL_STACK3114 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,3115 DYNAMIC_TYPE_ENCRYPTEDINFO);3116 if (info == NULL)3117 return MEMORY_E;3118 #endif3119 3120 info->set = 0;3121 info->ctx = NULL;3122 info->consumed = 0;3123 3124 ret = PemToDer(pem, pemSz, type, &der, NULL, info, &eccKey);3125 3126 #ifdef WOLFSSL_SMALL_STACK3127 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO);3128 #endif3129 3130 if (ret < 0) {3131 WOLFSSL_MSG("Bad Pem To Der");3132 }3133 else {3134 if (der->length <= (word32)buffSz) {3135 XMEMCPY(buff, der->buffer, der->length);3136 ret = der->length;3137 }3138 else {3139 WOLFSSL_MSG("Bad der length");3140 ret = BAD_FUNC_ARG;3141 }3142 }3143 3144 FreeDer(&der);3145 return ret;3146 }3147 3148 3178 #endif /* NO_CERTS */ 3149 3179 3150 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 3151 3152 static struct cipher{ 3180 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ 3181 defined(HAVE_WEBSERVER) 3182 3183 static const struct cipher{ 3153 3184 unsigned char type; 3154 3185 const char *name; … … 3156 3187 3157 3188 #ifndef NO_AES 3189 #ifdef WOLFSSL_AES_128 3158 3190 {AES_128_CBC_TYPE, "AES-128-CBC"}, 3191 #endif 3192 #ifdef WOLFSSL_AES_192 3159 3193 {AES_192_CBC_TYPE, "AES-192-CBC"}, 3194 #endif 3195 #ifdef WOLFSSL_AES_256 3160 3196 {AES_256_CBC_TYPE, "AES-256-CBC"}, 3197 #endif 3161 3198 #if defined(OPENSSL_EXTRA) 3199 #ifdef WOLFSSL_AES_128 3162 3200 {AES_128_CTR_TYPE, "AES-128-CTR"}, 3201 #endif 3202 #ifdef WOLFSSL_AES_192 3163 3203 {AES_192_CTR_TYPE, "AES-192-CTR"}, 3204 #endif 3205 #ifdef WOLFSSL_AES_256 3164 3206 {AES_256_CTR_TYPE, "AES-256-CTR"}, 3165 3207 #endif 3208 3209 #ifdef WOLFSSL_AES_128 3166 3210 {AES_128_ECB_TYPE, "AES-128-ECB"}, 3211 #endif 3212 #ifdef WOLFSSL_AES_192 3167 3213 {AES_192_ECB_TYPE, "AES-192-ECB"}, 3214 #endif 3215 #ifdef WOLFSSL_AES_256 3168 3216 {AES_256_ECB_TYPE, "AES-256-ECB"}, 3217 #endif 3169 3218 #endif 3170 3219 … … 3177 3226 {DES_EDE3_CBC_TYPE, "DES-EDE3-CBC"}, 3178 3227 {DES_EDE3_ECB_TYPE, "DES-EDE3-ECB"}, 3228 #endif 3229 3230 #ifndef NO_RC4 3231 {ARC4_TYPE, "ARC4"}, 3179 3232 #endif 3180 3233 … … 3193 3246 } alias_tbl[] = 3194 3247 { 3248 #ifndef NO_DES3 3195 3249 {"DES-CBC", "DES"}, 3196 3250 {"DES-CBC", "des"}, 3251 {"DES-ECB", "DES-ECB"}, 3252 {"DES-ECB", "des-ecb"}, 3197 3253 {"DES-EDE3-CBC", "DES3"}, 3198 3254 {"DES-EDE3-CBC", "des3"}, 3255 {"DES-EDE3-ECB", "DES-EDE3"}, 3256 {"DES-EDE3-ECB", "des-ede3"}, 3199 3257 {"DES-EDE3-ECB", "des-ede3-ecb"}, 3258 #endif 3259 #ifdef HAVE_IDEA 3200 3260 {"IDEA-CBC", "IDEA"}, 3201 3261 {"IDEA-CBC", "idea"}, 3202 {"AES-128-CBC", "AES128"}, 3203 {"AES-128-CBC", "aes128"}, 3204 {"AES-192-CBC", "AES192"}, 3205 {"AES-192-CBC", "aes192"}, 3206 {"AES-256-CBC", "AES256"}, 3207 {"AES-256-CBC", "aes256"}, 3262 #endif 3263 #ifndef NO_AES 3264 #ifdef HAVE_AES_CBC 3265 #ifdef WOLFSSL_AES_128 3266 {"AES-128-CBC", "AES128-CBC"}, 3267 {"AES-128-CBC", "aes128-cbc"}, 3268 #endif 3269 #ifdef WOLFSSL_AES_192 3270 {"AES-192-CBC", "AES192-CBC"}, 3271 {"AES-192-CBC", "aes192-cbc"}, 3272 #endif 3273 #ifdef WOLFSSL_AES_256 3274 {"AES-256-CBC", "AES256-CBC"}, 3275 {"AES-256-CBC", "aes256-cbc"}, 3276 #endif 3277 #endif 3278 #ifdef WOLFSSL_AES_128 3279 {"AES-128-ECB", "AES128-ECB"}, 3280 {"AES-128-ECB", "aes128-ecb"}, 3281 #endif 3282 #ifdef WOLFSSL_AES_192 3283 {"AES-192-ECB", "AES192-ECB"}, 3284 {"AES-192-ECB", "aes192-ecb"}, 3285 #endif 3286 #ifdef WOLFSSL_AES_256 3287 {"AES-256-ECB", "AES256-ECB"}, 3288 {"AES-256-EBC", "aes256-ecb"}, 3289 #endif 3290 #endif 3291 #ifndef NO_RC4 3292 {"ARC4", "RC4"}, 3293 #endif 3208 3294 { NULL, NULL} 3209 3295 }; … … 3243 3329 #if defined(OPENSSL_EXTRA) 3244 3330 #ifndef NO_AES 3331 #ifdef HAVE_AES_CBC 3332 #ifdef WOLFSSL_AES_128 3245 3333 case NID_aes_128_cbc: 3246 3334 return wolfSSL_EVP_aes_128_cbc(); 3335 #endif 3336 #ifdef WOLFSSL_AES_192 3247 3337 case NID_aes_192_cbc: 3248 3338 return wolfSSL_EVP_aes_192_cbc(); 3339 #endif 3340 #ifdef WOLFSSL_AES_256 3249 3341 case NID_aes_256_cbc: 3250 3342 return wolfSSL_EVP_aes_256_cbc(); 3343 #endif 3344 #endif 3345 #ifdef WOLFSSL_AES_COUNTER 3346 #ifdef WOLFSSL_AES_128 3251 3347 case NID_aes_128_ctr: 3252 3348 return wolfSSL_EVP_aes_128_ctr(); 3349 #endif 3350 #ifdef WOLFSSL_AES_192 3253 3351 case NID_aes_192_ctr: 3254 3352 return wolfSSL_EVP_aes_192_ctr(); 3353 #endif 3354 #ifdef WOLFSSL_AES_256 3255 3355 case NID_aes_256_ctr: 3256 3356 return wolfSSL_EVP_aes_256_ctr(); 3357 #endif 3358 #endif /* WOLFSSL_AES_COUNTER */ 3359 #ifdef HAVE_AES_ECB 3360 #ifdef WOLFSSL_AES_128 3257 3361 case NID_aes_128_ecb: 3258 3362 return wolfSSL_EVP_aes_128_ecb(); 3363 #endif 3364 #ifdef WOLFSSL_AES_192 3259 3365 case NID_aes_192_ecb: 3260 3366 return wolfSSL_EVP_aes_192_ecb(); 3367 #endif 3368 #ifdef WOLFSSL_AES_256 3261 3369 case NID_aes_256_ecb: 3262 3370 return wolfSSL_EVP_aes_256_ecb(); 3371 #endif 3372 #endif /* HAVE_AES_ECB */ 3263 3373 #endif 3264 3374 … … 3292 3402 3293 3403 #ifndef NO_AES 3404 #ifdef HAVE_AES_CBC 3405 #ifdef WOLFSSL_AES_128 3294 3406 static char *EVP_AES_128_CBC; 3407 #endif 3408 #ifdef WOLFSSL_AES_192 3295 3409 static char *EVP_AES_192_CBC; 3410 #endif 3411 #ifdef WOLFSSL_AES_256 3296 3412 static char *EVP_AES_256_CBC; 3413 #endif 3414 #endif /* HAVE_AES_CBC */ 3297 3415 #if defined(OPENSSL_EXTRA) 3416 #ifdef WOLFSSL_AES_128 3298 3417 static char *EVP_AES_128_CTR; 3418 #endif 3419 #ifdef WOLFSSL_AES_192 3299 3420 static char *EVP_AES_192_CTR; 3421 #endif 3422 #ifdef WOLFSSL_AES_256 3300 3423 static char *EVP_AES_256_CTR; 3301 3424 #endif 3425 3426 #ifdef WOLFSSL_AES_128 3302 3427 static char *EVP_AES_128_ECB; 3428 #endif 3429 #ifdef WOLFSSL_AES_192 3303 3430 static char *EVP_AES_192_ECB; 3431 #endif 3432 #ifdef WOLFSSL_AES_256 3304 3433 static char *EVP_AES_256_ECB; 3305 3434 #endif 3306 3435 static const int EVP_AES_SIZE = 11; 3436 #endif 3307 3437 #endif 3308 3438 … … 3310 3440 static char *EVP_DES_CBC; 3311 3441 static char *EVP_DES_ECB; 3312 static const int EVP_DES_SIZE = 7;3313 3442 3314 3443 static char *EVP_DES_EDE3_CBC; 3315 3444 static char *EVP_DES_EDE3_ECB; 3445 3446 #ifdef OPENSSL_EXTRA 3447 static const int EVP_DES_SIZE = 7; 3316 3448 static const int EVP_DES_EDE3_SIZE = 12; 3449 #endif 3450 3317 3451 #endif 3318 3452 … … 3327 3461 { 3328 3462 #ifndef NO_AES 3463 #ifdef HAVE_AES_CBC 3464 #ifdef WOLFSSL_AES_128 3329 3465 EVP_AES_128_CBC = (char *)EVP_get_cipherbyname("AES-128-CBC"); 3466 #endif 3467 #ifdef WOLFSSL_AES_192 3330 3468 EVP_AES_192_CBC = (char *)EVP_get_cipherbyname("AES-192-CBC"); 3469 #endif 3470 #ifdef WOLFSSL_AES_256 3331 3471 EVP_AES_256_CBC = (char *)EVP_get_cipherbyname("AES-256-CBC"); 3472 #endif 3473 #endif /* HAVE_AES_CBC */ 3332 3474 3333 3475 #if defined(OPENSSL_EXTRA) 3476 #ifdef WOLFSSL_AES_128 3334 3477 EVP_AES_128_CTR = (char *)EVP_get_cipherbyname("AES-128-CTR"); 3478 #endif 3479 #ifdef WOLFSSL_AES_192 3335 3480 EVP_AES_192_CTR = (char *)EVP_get_cipherbyname("AES-192-CTR"); 3481 #endif 3482 #ifdef WOLFSSL_AES_256 3336 3483 EVP_AES_256_CTR = (char *)EVP_get_cipherbyname("AES-256-CTR"); 3337 3484 #endif 3485 3486 #ifdef WOLFSSL_AES_128 3338 3487 EVP_AES_128_ECB = (char *)EVP_get_cipherbyname("AES-128-ECB"); 3488 #endif 3489 #ifdef WOLFSSL_AES_192 3339 3490 EVP_AES_192_ECB = (char *)EVP_get_cipherbyname("AES-192-ECB"); 3491 #endif 3492 #ifdef WOLFSSL_AES_256 3340 3493 EVP_AES_256_ECB = (char *)EVP_get_cipherbyname("AES-256-ECB"); 3494 #endif 3341 3495 #endif 3342 3496 #endif … … 3355 3509 } 3356 3510 3357 /* our KeyPemToDer password callback, password in userData */ 3358 static INLINE int OurPasswordCb(char* passwd, int sz, int rw, void* userdata) 3359 { 3360 (void)rw; 3361 3362 if (userdata == NULL) 3363 return 0; 3364 3365 XSTRNCPY(passwd, (char*)userdata, sz); 3366 return min((word32)sz, (word32)XSTRLEN((char*)userdata)); 3367 } 3368 3369 #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ 3370 3371 #ifndef NO_CERTS 3372 3373 /* Return bytes written to buff or < 0 for error */ 3374 int wolfSSL_KeyPemToDer(const unsigned char* pem, int pemSz, 3375 unsigned char* buff, int buffSz, const char* pass) 3376 { 3377 int eccKey = 0; 3378 int ret; 3379 DerBuffer* der = NULL; 3380 #ifdef WOLFSSL_SMALL_STACK 3381 EncryptedInfo* info = NULL; 3382 #else 3383 EncryptedInfo info[1]; 3384 #endif 3385 3386 WOLFSSL_ENTER("wolfSSL_KeyPemToDer"); 3387 3388 if (pem == NULL || buff == NULL || buffSz <= 0) { 3389 WOLFSSL_MSG("Bad pem der args"); 3390 return BAD_FUNC_ARG; 3391 } 3392 3393 #ifdef WOLFSSL_SMALL_STACK 3394 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL, 3395 DYNAMIC_TYPE_ENCRYPTEDINFO); 3396 if (info == NULL) 3397 return MEMORY_E; 3398 #endif 3399 3400 info->set = 0; 3401 info->ctx = NULL; 3402 info->consumed = 0; 3403 3404 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 3405 if (pass) { 3406 info->ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); 3407 if (info->ctx == NULL) { 3408 #ifdef WOLFSSL_SMALL_STACK 3409 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); 3410 #endif 3411 return MEMORY_E; 3412 } 3413 3414 wolfSSL_CTX_set_default_passwd_cb(info->ctx, OurPasswordCb); 3415 wolfSSL_CTX_set_default_passwd_cb_userdata(info->ctx, (void*)pass); 3416 } 3417 #else 3418 (void)pass; 3419 #endif 3420 3421 ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, info, &eccKey); 3422 3423 if (info->ctx) 3424 wolfSSL_CTX_free(info->ctx); 3425 3426 #ifdef WOLFSSL_SMALL_STACK 3427 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); 3428 #endif 3429 3430 if (ret < 0) { 3431 WOLFSSL_MSG("Bad Pem To Der"); 3432 } 3433 else { 3434 if (der->length <= (word32)buffSz) { 3435 XMEMCPY(buff, der->buffer, der->length); 3436 ret = der->length; 3437 } 3438 else { 3439 WOLFSSL_MSG("Bad der length"); 3440 ret = BAD_FUNC_ARG; 3441 } 3442 } 3443 3444 FreeDer(&der); 3445 return ret; 3446 } 3447 3448 #endif /* !NO_CERTS */ 3449 3511 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || HAVE_WEBSERVER */ 3450 3512 3451 3513 3452 3514 #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) 3453 3515 3454 void wolfSSL_ERR_print_errors_fp( FILE*fp, int err)3516 void wolfSSL_ERR_print_errors_fp(XFILE fp, int err) 3455 3517 { 3456 3518 char data[WOLFSSL_MAX_ERROR_SZ + 1]; … … 3462 3524 3463 3525 #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) 3464 void wolfSSL_ERR_dump_errors_fp( FILE*fp)3526 void wolfSSL_ERR_dump_errors_fp(XFILE fp) 3465 3527 { 3466 3528 wc_ERR_print_errors_fp(fp); … … 3546 3608 break; 3547 3609 #endif 3610 #ifndef WOLFSSL_NO_TLS12 3548 3611 case WOLFSSL_TLSV1_2: 3549 3612 *minVersion = TLSv1_2_MINOR; 3550 3613 break; 3551 3614 #endif 3615 #endif 3616 #ifdef WOLFSSL_TLS13 3617 case WOLFSSL_TLSV1_3: 3618 *minVersion = TLSv1_3_MINOR; 3619 break; 3620 #endif 3552 3621 3553 3622 default: … … 3587 3656 } 3588 3657 3658 3659 /* Function to get version as WOLFSSL_ enum value for wolfSSL_SetVersion */ 3660 int wolfSSL_GetVersion(WOLFSSL* ssl) 3661 { 3662 if (ssl == NULL) 3663 return BAD_FUNC_ARG; 3664 3665 if (ssl->version.major == SSLv3_MAJOR) { 3666 switch (ssl->version.minor) { 3667 case SSLv3_MINOR : 3668 return WOLFSSL_SSLV3; 3669 case TLSv1_MINOR : 3670 return WOLFSSL_TLSV1; 3671 case TLSv1_1_MINOR : 3672 return WOLFSSL_TLSV1_1; 3673 case TLSv1_2_MINOR : 3674 return WOLFSSL_TLSV1_2; 3675 case TLSv1_3_MINOR : 3676 return WOLFSSL_TLSV1_3; 3677 default: 3678 break; 3679 } 3680 } 3681 3682 return VERSION_ERROR; 3683 } 3589 3684 3590 3685 int wolfSSL_SetVersion(WOLFSSL* ssl, int version) … … 3610 3705 #ifndef NO_TLS 3611 3706 #ifndef NO_OLD_TLS 3707 #ifdef WOLFSSL_ALLOW_TLSV10 3612 3708 case WOLFSSL_TLSV1: 3613 3709 ssl->version = MakeTLSv1(); 3614 3710 break; 3711 #endif 3615 3712 3616 3713 case WOLFSSL_TLSV1_1: … … 3618 3715 break; 3619 3716 #endif 3717 #ifndef WOLFSSL_NO_TLS12 3620 3718 case WOLFSSL_TLSV1_2: 3621 3719 ssl->version = MakeTLSv1_2(); 3622 3720 break; 3721 #endif 3722 #endif 3723 #ifdef WOLFSSL_TLS13 3724 case WOLFSSL_TLSV1_3: 3725 ssl->version = MakeTLSv1_3(); 3726 break; 3727 3623 3728 #endif 3624 3729 … … 3651 3756 3652 3757 /* Make a work from the front of random hash */ 3653 static INLINE word32 MakeWordFromHash(const byte* hashID)3654 { 3655 return ( hashID[0] << 24) | (hashID[1] << 16) | (hashID[2] << 8) |3656 3758 static WC_INLINE word32 MakeWordFromHash(const byte* hashID) 3759 { 3760 return ((word32)hashID[0] << 24) | (hashID[1] << 16) | 3761 (hashID[2] << 8) | hashID[3]; 3657 3762 } 3658 3763 … … 3663 3768 3664 3769 /* hash is the SHA digest of name, just use first 32 bits as hash */ 3665 static INLINE word32 HashSigner(const byte* hash)3770 static WC_INLINE word32 HashSigner(const byte* hash) 3666 3771 { 3667 3772 return MakeWordFromHash(hash) % CA_TABLE_SIZE; … … 3709 3814 #ifdef WOLFSSL_TRUST_PEER_CERT 3710 3815 /* hash is the SHA digest of name, just use first 32 bits as hash */ 3711 static INLINE word32 TrustedPeerHashSigner(const byte* hash)3816 static WC_INLINE word32 TrustedPeerHashSigner(const byte* hash) 3712 3817 { 3713 3818 return MakeWordFromHash(hash) % TP_TABLE_SIZE; … … 4013 4118 { 4014 4119 int ret; 4015 Signer* signer = 0;4120 Signer* signer = NULL; 4016 4121 word32 row; 4017 4122 byte* subjectHash; … … 4024 4129 4025 4130 WOLFSSL_MSG("Adding a CA"); 4131 4132 if (cm == NULL) 4133 return BAD_FUNC_ARG; 4026 4134 4027 4135 #ifdef WOLFSSL_SMALL_STACK … … 4101 4209 if (!signer) 4102 4210 ret = MEMORY_ERROR; 4103 else { 4211 } 4212 if (ret == 0 && signer != NULL) { 4213 #ifdef WOLFSSL_SIGNER_DER_CERT 4214 ret = AllocDer(&signer->derCert, der->length, der->type, NULL); 4215 } 4216 if (ret == 0 && signer != NULL) { 4217 XMEMCPY(signer->derCert->buffer, der->buffer, der->length); 4218 #endif 4104 4219 signer->keyOID = cert->keyOID; 4105 4220 if (cert->pubKeyStored) { … … 4152 4267 } 4153 4268 } 4154 }4155 4269 4156 4270 WOLFSSL_MSG("\tFreeing Parsed CA"); … … 4275 4389 4276 4390 4277 #if (defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)) && !defined(NO_CERTS)4278 4279 /* WOLFSSL_SUCCESS if ok, <= 0 else */4280 static int wolfssl_decrypt_buffer_key(DerBuffer* der, byte* password,4281 int passwordSz, EncryptedInfo* info)4282 {4283 int ret = WOLFSSL_BAD_FILE;4284 4285 #ifdef WOLFSSL_SMALL_STACK4286 byte* key = NULL;4287 #else4288 byte key[AES_256_KEY_SIZE];4289 #endif4290 4291 (void)passwordSz;4292 (void)key;4293 4294 WOLFSSL_ENTER("wolfssl_decrypt_buffer_key");4295 4296 if (der == NULL || password == NULL || info == NULL) {4297 WOLFSSL_MSG("bad arguments");4298 return WOLFSSL_FATAL_ERROR;4299 }4300 4301 /* use file's salt for key derivation, hex decode first */4302 if (Base16_Decode(info->iv, info->ivSz, info->iv, &info->ivSz) != 0) {4303 WOLFSSL_MSG("base16 decode failed");4304 return WOLFSSL_FATAL_ERROR;4305 }4306 4307 #ifndef NO_MD54308 4309 #ifdef WOLFSSL_SMALL_STACK4310 key = (byte*)XMALLOC(AES_256_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMETRIC_KEY);4311 if (key == NULL) {4312 WOLFSSL_MSG("memory failure");4313 return WOLFSSL_FATAL_ERROR;4314 }4315 #endif /* WOLFSSL_SMALL_STACK */4316 4317 if ((ret = wolfSSL_EVP_BytesToKey(info->name, "MD5", info->iv,4318 password, passwordSz, 1, key, NULL)) <= 0) {4319 WOLFSSL_MSG("bytes to key failure");4320 #ifdef WOLFSSL_SMALL_STACK4321 XFREE(key, NULL, DYNAMIC_TYPE_SYMETRIC_KEY);4322 #endif4323 return WOLFSSL_FATAL_ERROR;4324 }4325 4326 #endif /* NO_MD5 */4327 4328 #ifndef NO_DES34329 if (XSTRNCMP(info->name, EVP_DES_CBC, EVP_DES_SIZE) == 0)4330 ret = wc_Des_CbcDecryptWithKey(der->buffer, der->buffer, der->length,4331 key, info->iv);4332 else if (XSTRNCMP(info->name, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)4333 ret = wc_Des3_CbcDecryptWithKey(der->buffer, der->buffer, der->length,4334 key, info->iv);4335 #endif /* NO_DES3 */4336 #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)4337 if (XSTRNCMP(info->name, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)4338 ret = wc_AesCbcDecryptWithKey(der->buffer, der->buffer, der->length,4339 key, AES_128_KEY_SIZE, info->iv);4340 else if (XSTRNCMP(info->name, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)4341 ret = wc_AesCbcDecryptWithKey(der->buffer, der->buffer, der->length,4342 key, AES_192_KEY_SIZE, info->iv);4343 else if (XSTRNCMP(info->name, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)4344 ret = wc_AesCbcDecryptWithKey(der->buffer, der->buffer, der->length,4345 key, AES_256_KEY_SIZE, info->iv);4346 #endif /* !NO_AES && HAVE_AES_CBC && HAVE_AES_DECRYPT */4347 4348 #ifdef WOLFSSL_SMALL_STACK4349 XFREE(key, NULL, DYNAMIC_TYPE_SYMETRIC_KEY);4350 #endif4351 4352 if (ret == MP_OKAY)4353 return WOLFSSL_SUCCESS;4354 else if (ret == WOLFSSL_BAD_FILE)4355 return WOLFSSL_BAD_FILE;4356 4357 return WOLFSSL_FATAL_ERROR;4358 }4359 #endif /* defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) */4360 4361 4362 #if defined(WOLFSSL_KEY_GEN) && defined(OPENSSL_EXTRA)4363 static int wolfssl_encrypt_buffer_key(byte* der, word32 derSz, byte* password,4364 int passwordSz, EncryptedInfo* info)4365 {4366 int ret = WOLFSSL_BAD_FILE;4367 4368 #ifdef WOLFSSL_SMALL_STACK4369 byte* key = NULL;4370 #else4371 byte key[AES_256_KEY_SIZE];4372 #endif4373 4374 (void)derSz;4375 (void)passwordSz;4376 (void)key;4377 4378 WOLFSSL_ENTER("wolfssl_encrypt_buffer_key");4379 4380 if (der == NULL || password == NULL || info == NULL || info->ivSz == 0) {4381 WOLFSSL_MSG("bad arguments");4382 return WOLFSSL_FATAL_ERROR;4383 }4384 4385 #ifndef NO_MD54386 4387 #ifdef WOLFSSL_SMALL_STACK4388 key = (byte*)XMALLOC(AES_256_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMETRIC_KEY);4389 if (key == NULL) {4390 WOLFSSL_MSG("memory failure");4391 return WOLFSSL_FATAL_ERROR;4392 }4393 #endif /* WOLFSSL_SMALL_STACK */4394 4395 if ((ret = wolfSSL_EVP_BytesToKey(info->name, "MD5", info->iv,4396 password, passwordSz, 1, key, NULL)) <= 0) {4397 WOLFSSL_MSG("bytes to key failure");4398 #ifdef WOLFSSL_SMALL_STACK4399 XFREE(key, NULL, DYNAMIC_TYPE_SYMETRIC_KEY);4400 #endif4401 return WOLFSSL_FATAL_ERROR;4402 }4403 4404 #endif /* NO_MD5 */4405 4406 if (ret > 0) {4407 ret = WOLFSSL_BAD_FILE; /* Reset error return */4408 #ifndef NO_DES34409 if (XSTRNCMP(info->name, EVP_DES_CBC, EVP_DES_SIZE) == 0)4410 ret = wc_Des_CbcEncryptWithKey(der, der, derSz, key, info->iv);4411 else if (XSTRNCMP(info->name, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)4412 ret = wc_Des3_CbcEncryptWithKey(der, der, derSz, key, info->iv);4413 #endif /* NO_DES3 */4414 #ifndef NO_AES4415 if (XSTRNCMP(info->name, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)4416 ret = wc_AesCbcEncryptWithKey(der, der, derSz,4417 key, AES_128_KEY_SIZE, info->iv);4418 else if (XSTRNCMP(info->name, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)4419 ret = wc_AesCbcEncryptWithKey(der, der, derSz,4420 key, AES_192_KEY_SIZE, info->iv);4421 else if (XSTRNCMP(info->name, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)4422 ret = wc_AesCbcEncryptWithKey(der, der, derSz,4423 key, AES_256_KEY_SIZE, info->iv);4424 #endif /* NO_AES */4425 }4426 4427 #ifdef WOLFSSL_SMALL_STACK4428 XFREE(key, NULL, DYNAMIC_TYPE_SYMETRIC_KEY);4429 #endif4430 4431 if (ret == MP_OKAY)4432 return WOLFSSL_SUCCESS;4433 else if (ret == WOLFSSL_BAD_FILE)4434 return WOLFSSL_BAD_FILE;4435 4436 return WOLFSSL_FATAL_ERROR;4437 }4438 #endif /* defined(WOLFSSL_KEY_GEN) */4439 4440 4391 4441 4392 #ifndef NO_CERTS 4442 4443 /* Remove PEM header/footer, convert to ASN1, store any encrypted data4444 info->consumed tracks of PEM bytes consumed in case multiple parts */4445 int PemToDer(const unsigned char* buff, long longSz, int type,4446 DerBuffer** pDer, void* heap, EncryptedInfo* info, int* eccKey)4447 {4448 const char* header = NULL;4449 const char* footer = NULL;4450 char* headerEnd;4451 char* footerEnd;4452 char* consumedEnd;4453 char* bufferEnd = (char*)(buff + longSz);4454 long neededSz;4455 int ret = 0;4456 int sz = (int)longSz;4457 int encrypted_key = 0;4458 DerBuffer* der;4459 4460 WOLFSSL_ENTER("PemToDer");4461 4462 switch (type) {4463 case CA_TYPE: /* same as below */4464 case TRUSTED_PEER_TYPE:4465 case CERT_TYPE: header=BEGIN_CERT; footer=END_CERT;4466 break;4467 case CRL_TYPE: header=BEGIN_X509_CRL; footer=END_X509_CRL;4468 break;4469 case DH_PARAM_TYPE: header=BEGIN_DH_PARAM; footer=END_DH_PARAM;4470 break;4471 case DSA_PARAM_TYPE: header=BEGIN_DSA_PARAM; footer=END_DSA_PARAM;4472 break;4473 case CERTREQ_TYPE: header=BEGIN_CERT_REQ; footer=END_CERT_REQ;4474 break;4475 case DSA_TYPE: header=BEGIN_DSA_PRIV; footer=END_DSA_PRIV;4476 break;4477 case ECC_TYPE: header=BEGIN_EC_PRIV; footer=END_EC_PRIV;4478 break;4479 case RSA_TYPE: header=BEGIN_RSA_PRIV; footer=END_RSA_PRIV;4480 break;4481 case ED25519_TYPE: header=BEGIN_EDDSA_PRIV; footer=END_EDDSA_PRIV;4482 break;4483 case PUBLICKEY_TYPE: header=BEGIN_PUB_KEY; footer=END_PUB_KEY;4484 break;4485 default: header=BEGIN_RSA_PRIV; footer=END_RSA_PRIV;4486 break;4487 }4488 4489 /* find header */4490 for (;;) {4491 headerEnd = XSTRNSTR((char*)buff, header, sz);4492 4493 if (headerEnd || type != PRIVATEKEY_TYPE) {4494 break;4495 } else if (header == BEGIN_RSA_PRIV) {4496 header = BEGIN_PRIV_KEY; footer = END_PRIV_KEY;4497 } else if (header == BEGIN_PRIV_KEY) {4498 header = BEGIN_ENC_PRIV_KEY; footer = END_ENC_PRIV_KEY;4499 } else if (header == BEGIN_ENC_PRIV_KEY) {4500 header = BEGIN_EC_PRIV; footer = END_EC_PRIV;4501 } else if (header == BEGIN_EC_PRIV) {4502 header = BEGIN_DSA_PRIV; footer = END_DSA_PRIV;4503 } else if (header == BEGIN_DSA_PRIV) {4504 header = BEGIN_EDDSA_PRIV; footer = END_EDDSA_PRIV;4505 } else4506 break;4507 }4508 4509 if (!headerEnd) {4510 WOLFSSL_MSG("Couldn't find PEM header");4511 return SSL_NO_PEM_HEADER;4512 }4513 4514 headerEnd += XSTRLEN(header);4515 4516 if ((headerEnd + 1) >= bufferEnd)4517 return WOLFSSL_BAD_FILE;4518 4519 /* eat end of line */4520 if (headerEnd[0] == '\n')4521 headerEnd++;4522 else if (headerEnd[1] == '\n')4523 headerEnd += 2;4524 else {4525 if (info)4526 info->consumed = (long)(headerEnd+2 - (char*)buff);4527 return WOLFSSL_BAD_FILE;4528 }4529 4530 if (type == PRIVATEKEY_TYPE) {4531 if (eccKey)4532 *eccKey = header == BEGIN_EC_PRIV;4533 }4534 4535 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)4536 {4537 /* remove encrypted header if there */4538 char encHeader[] = "Proc-Type";4539 word32 headerEndSz = (word32)(bufferEnd - headerEnd);4540 char* line = XSTRNSTR(headerEnd, encHeader, min(headerEndSz,4541 PEM_LINE_LEN));4542 if (line != NULL) {4543 word32 lineSz;4544 char* finish;4545 word32 finishSz;4546 char* start;4547 word32 startSz;4548 char* newline;4549 4550 if (line >= bufferEnd) {4551 return WOLFSSL_BAD_FILE;4552 }4553 4554 lineSz = (word32)(bufferEnd - line);4555 start = XSTRNSTR(line, "DES", min(lineSz, PEM_LINE_LEN));4556 4557 if (start == NULL) {4558 start = XSTRNSTR(line, "AES", min(lineSz, PEM_LINE_LEN));4559 }4560 4561 if (start == NULL) return WOLFSSL_BAD_FILE;4562 if (info == NULL) return WOLFSSL_BAD_FILE;4563 4564 if (start >= bufferEnd) {4565 return WOLFSSL_BAD_FILE;4566 }4567 4568 startSz = (word32)(bufferEnd - start);4569 finish = XSTRNSTR(start, ",", min(startSz, PEM_LINE_LEN));4570 4571 if ((start != NULL) && (finish != NULL) && (start < finish)) {4572 if (finish >= bufferEnd) {4573 return WOLFSSL_BAD_FILE;4574 }4575 4576 finishSz = (word32)(bufferEnd - finish);4577 newline = XSTRNSTR(finish, "\r", min(finishSz, PEM_LINE_LEN));4578 4579 if (NAME_SZ < (finish - start)) /* buffer size of info->name*/4580 return BUFFER_E;4581 if (XMEMCPY(info->name, start, finish - start) == NULL)4582 return WOLFSSL_FATAL_ERROR;4583 info->name[finish - start] = 0;4584 if (finishSz < sizeof(info->iv) + 1)4585 return BUFFER_E;4586 if (XMEMCPY(info->iv, finish + 1, sizeof(info->iv)) == NULL)4587 return WOLFSSL_FATAL_ERROR;4588 4589 if (newline == NULL)4590 newline = XSTRNSTR(finish, "\n", min(finishSz,4591 PEM_LINE_LEN));4592 if ((newline != NULL) && (newline > finish)) {4593 info->ivSz = (word32)(newline - (finish + 1));4594 info->set = 1;4595 }4596 else4597 return WOLFSSL_BAD_FILE;4598 }4599 else4600 return WOLFSSL_BAD_FILE;4601 4602 /* eat blank line */4603 while (*newline == '\r' || *newline == '\n')4604 newline++;4605 headerEnd = newline;4606 4607 encrypted_key = 1;4608 }4609 }4610 #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */4611 4612 /* find footer */4613 footerEnd = XSTRNSTR((char*)buff, footer, sz);4614 if (!footerEnd) {4615 if (info)4616 info->consumed = longSz; /* No more certs if no footer */4617 return WOLFSSL_BAD_FILE;4618 }4619 4620 consumedEnd = footerEnd + XSTRLEN(footer);4621 4622 if (consumedEnd < bufferEnd) { /* handle no end of line on last line */4623 /* eat end of line */4624 if (consumedEnd[0] == '\n')4625 consumedEnd++;4626 else if ((consumedEnd + 1 < bufferEnd) && consumedEnd[1] == '\n')4627 consumedEnd += 2;4628 else {4629 if (info)4630 info->consumed = (long)(consumedEnd+2 - (char*)buff);4631 return WOLFSSL_BAD_FILE;4632 }4633 }4634 4635 if (info)4636 info->consumed = (long)(consumedEnd - (char*)buff);4637 4638 /* set up der buffer */4639 neededSz = (long)(footerEnd - headerEnd);4640 if (neededSz > sz || neededSz <= 0)4641 return WOLFSSL_BAD_FILE;4642 4643 ret = AllocDer(pDer, (word32)neededSz, type, heap);4644 if (ret < 0) {4645 return ret;4646 }4647 der = *pDer;4648 4649 if (Base64_Decode((byte*)headerEnd, (word32)neededSz,4650 der->buffer, &der->length) < 0)4651 return WOLFSSL_BAD_FILE;4652 4653 if (header == BEGIN_PRIV_KEY && !encrypted_key) {4654 /* pkcs8 key, convert and adjust length */4655 if ((ret = ToTraditional(der->buffer, der->length)) < 0)4656 return ret;4657 4658 der->length = ret;4659 return 0;4660 }4661 4662 #if (defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)) && !defined(NO_PWDBASED)4663 if (encrypted_key || header == BEGIN_ENC_PRIV_KEY) {4664 int passwordSz;4665 #ifdef WOLFSSL_SMALL_STACK4666 char* password = NULL;4667 #else4668 char password[80];4669 #endif4670 4671 if (!info || !info->ctx || !info->ctx->passwd_cb)4672 return WOLFSSL_BAD_FILE; /* no callback error */4673 4674 #ifdef WOLFSSL_SMALL_STACK4675 password = (char*)XMALLOC(80, heap, DYNAMIC_TYPE_STRING);4676 if (password == NULL)4677 return MEMORY_E;4678 #endif4679 passwordSz = info->ctx->passwd_cb(password, sizeof(password), 0,4680 info->ctx->userdata);4681 /* convert and adjust length */4682 if (header == BEGIN_ENC_PRIV_KEY) {4683 ret = ToTraditionalEnc(der->buffer, der->length,4684 password, passwordSz);4685 #ifdef WOLFSSL_SMALL_STACK4686 XFREE(password, NULL, DYNAMIC_TYPE_STRING);4687 #endif4688 if (ret < 0) {4689 return ret;4690 }4691 4692 der->length = ret;4693 }4694 /* decrypt the key */4695 else {4696 ret = wolfssl_decrypt_buffer_key(der, (byte*)password,4697 passwordSz, info);4698 #ifdef WOLFSSL_SMALL_STACK4699 XFREE(password, heap, DYNAMIC_TYPE_STRING);4700 #endif4701 if (ret != WOLFSSL_SUCCESS) {4702 return ret;4703 }4704 }4705 }4706 #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER || NO_PWDBASED */4707 4708 return 0;4709 }4710 4711 4712 4393 4713 4394 /* process user cert chain to pass during the handshake */ … … 4722 4403 #endif 4723 4404 4405 if ((type == CA_TYPE) && (ctx == NULL)) { 4406 WOLFSSL_MSG("Need context for CA load"); 4407 return BAD_FUNC_ARG; 4408 } 4409 4724 4410 /* we may have a user cert chain, try to consume */ 4725 if ( type == CERT_TYPE && info->consumed < sz) {4726 4411 if ((type == CERT_TYPE || type == CA_TYPE) && (info->consumed < sz)) { 4412 #ifdef WOLFSSL_SMALL_STACK 4727 4413 byte staticBuffer[1]; /* force heap usage */ 4728 4414 #else 4729 4415 byte staticBuffer[FILE_BUFFER_SIZE]; /* tmp chain buffer */ 4730 4416 #endif 4731 4417 byte* chainBuffer = staticBuffer; 4732 4418 int dynamicBuffer = 0; 4733 word32 bufferSz = sizeof(staticBuffer);4419 word32 bufferSz; 4734 4420 long consumed = info->consumed; 4735 4421 word32 idx = 0; 4736 4422 int gotOne = 0; 4737 4423 4738 if ( (sz - consumed) > (int)bufferSz) { 4424 /* Calculate max possible size, including max headers */ 4425 bufferSz = (word32)(sz - consumed) + (CERT_HEADER_SZ * MAX_CHAIN_DEPTH); 4426 if (bufferSz > sizeof(staticBuffer)) { 4739 4427 WOLFSSL_MSG("Growing Tmp Chain Buffer"); 4740 bufferSz = (word32)(sz - consumed); 4741 /* will shrink to actual size */ 4428 /* will shrink to actual size */ 4742 4429 chainBuffer = (byte*)XMALLOC(bufferSz, heap, DYNAMIC_TYPE_FILE); 4743 4430 if (chainBuffer == NULL) { 4744 4431 return MEMORY_E; 4745 4432 } 4746 4433 dynamicBuffer = 1; 4747 4434 } 4748 4435 4749 4436 WOLFSSL_MSG("Processing Cert Chain"); 4750 4437 while (consumed < sz) { 4751 int eccKey = 0;4752 4438 DerBuffer* part = NULL; 4753 4439 word32 remain = (word32)(sz - consumed); … … 4755 4441 4756 4442 if (format == WOLFSSL_FILETYPE_PEM) { 4443 #ifdef WOLFSSL_PEM_TO_DER 4757 4444 ret = PemToDer(buff + consumed, remain, type, &part, 4758 heap, info, &eccKey); 4759 } 4445 heap, info, NULL); 4446 #else 4447 ret = NOT_COMPILED_IN; 4448 #endif 4449 } 4760 4450 else { 4761 4451 int length = remain; … … 4763 4453 /* get length of der (read sequence) */ 4764 4454 word32 inOutIdx = 0; 4765 if (GetSequence(buff + consumed, &inOutIdx, &length, remain) < 0) { 4766 ret = SSL_NO_PEM_HEADER; 4455 if (GetSequence(buff + consumed, &inOutIdx, &length, 4456 remain) < 0) { 4457 ret = ASN_NO_PEM_HEADER; 4767 4458 } 4768 length += inOutIdx; /* include leading s quence */4459 length += inOutIdx; /* include leading sequence */ 4769 4460 } 4770 4461 info->consumed = length; … … 4781 4472 cnt++; 4782 4473 #endif 4783 if ((idx + part->length ) > bufferSz) {4474 if ((idx + part->length + CERT_HEADER_SZ) > bufferSz) { 4784 4475 WOLFSSL_MSG(" Cert Chain bigger than buffer"); 4785 4476 ret = BUFFER_E; … … 4793 4484 if (used) 4794 4485 *used += info->consumed; 4486 } 4487 4488 /* add CA's to certificate manager */ 4489 if (type == CA_TYPE) { 4490 /* verify CA unless user set to no verify */ 4491 ret = AddCA(ctx->cm, &part, WOLFSSL_USER_CA, 4492 !ctx->verifyNone); 4493 gotOne = 0; /* don't exit loop for CA type */ 4795 4494 } 4796 4495 } 4496 4797 4497 FreeDer(&part); 4798 4498 4799 if (ret == SSL_NO_PEM_HEADER && gotOne) {4499 if (ret == ASN_NO_PEM_HEADER && gotOne) { 4800 4500 WOLFSSL_MSG("We got one good cert, so stuff at end ok"); 4801 4501 break; 4802 4502 } 4803 4503 4804 4504 if (ret < 0) { … … 4818 4518 if (ssl->buffers.weOwnCertChain) { 4819 4519 FreeDer(&ssl->buffers.certChain); 4820 4520 } 4821 4521 ret = AllocDer(&ssl->buffers.certChain, idx, type, heap); 4822 4522 if (ret == 0) { 4823 XMEMCPY(ssl->buffers.certChain->buffer, chainBuffer, idx); 4523 XMEMCPY(ssl->buffers.certChain->buffer, chainBuffer, 4524 idx); 4824 4525 ssl->buffers.weOwnCertChain = 1; 4825 4826 #ifdef WOLFSSL_TLS134526 } 4527 #ifdef WOLFSSL_TLS13 4827 4528 ssl->buffers.certChainCnt = cnt; 4828 4529 #endif … … 4833 4534 XMEMCPY(ctx->certChain->buffer, chainBuffer, idx); 4834 4535 } 4835 #ifdef WOLFSSL_TLS134536 #ifdef WOLFSSL_TLS13 4836 4537 ctx->certChainCnt = cnt; 4837 #endif4838 } 4839 4538 #endif 4539 } 4540 } 4840 4541 4841 4542 if (dynamicBuffer) … … 4860 4561 void* heap = wolfSSL_CTX_GetHeap(ctx, ssl); 4861 4562 int devId = wolfSSL_CTX_GetDevId(ctx, ssl); 4563 word32 idx; 4564 int keySz = 0; 4862 4565 #ifdef WOLFSSL_SMALL_STACK 4863 4566 EncryptedInfo* info = NULL; … … 4867 4570 4868 4571 (void)rsaKey; 4572 (void)devId; 4573 (void)idx; 4574 (void)keySz; 4869 4575 4870 4576 if (used) … … 4887 4593 4888 4594 XMEMSET(info, 0, sizeof(EncryptedInfo)); 4889 info->set = 0; 4890 info->ctx = ctx; 4891 info->consumed = 0; 4595 #ifdef WOLFSSL_ENCRYPTED_KEYS 4596 if (ctx) { 4597 info->passwd_cb = ctx->passwd_cb; 4598 info->passwd_userdata = ctx->passwd_userdata; 4599 } 4600 #endif 4892 4601 4893 4602 if (format == WOLFSSL_FILETYPE_PEM) { 4603 #ifdef WOLFSSL_PEM_TO_DER 4894 4604 ret = PemToDer(buff, sz, type, &der, heap, info, &eccKey); 4895 } 4896 else { /* ASN1 (DER) or RAW (NTRU) */ 4605 #else 4606 ret = NOT_COMPILED_IN; 4607 #endif 4608 } 4609 else { 4610 /* ASN1 (DER) or RAW (NTRU) */ 4897 4611 int length = (int)sz; 4898 4612 if (format == WOLFSSL_FILETYPE_ASN1) { … … 4901 4615 if (GetSequence(buff, &inOutIdx, &length, (word32)sz) < 0) { 4902 4616 ret = ASN_PARSE_E; 4903 } 4904 length += inOutIdx; /* include leading squence */ 4905 } 4617 } 4618 length += inOutIdx; /* include leading sequence */ 4619 } 4620 4906 4621 info->consumed = length; 4622 4907 4623 if (ret == 0) { 4908 4624 ret = AllocDer(&der, (word32)length, type, heap); … … 4910 4626 XMEMCPY(der->buffer, buff, length); 4911 4627 } 4912 }4913 }4628 } 4629 } 4914 4630 4915 4631 if (used) { 4916 4632 *used = info->consumed; 4917 }4633 } 4918 4634 4919 4635 /* process user chain */ 4920 4636 if (ret >= 0) { 4637 /* Chain should have server cert first, then intermediates, then root. 4638 * First certificate in chain is processed below after ProcessUserChain 4639 * and is loaded into ssl->buffers.certificate. 4640 * Remainder are processed using ProcessUserChain and are loaded into 4641 * ssl->buffers.certChain. */ 4921 4642 if (userChain) { 4922 4643 ret = ProcessUserChain(ctx, buff, sz, format, type, ssl, used, info); 4923 } 4924 } 4925 4926 /* check for error */ 4927 if (ret < 0) { 4928 #ifdef WOLFSSL_SMALL_STACK 4929 XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO); 4930 #endif 4931 FreeDer(&der); 4932 return ret; 4933 } 4934 4935 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 4644 } 4645 } 4646 4647 #ifdef WOLFSSL_ENCRYPTED_KEYS 4936 4648 /* for WOLFSSL_FILETYPE_PEM, PemToDer manage the decryption if required */ 4937 if ( info->set && (format != WOLFSSL_FILETYPE_PEM)) {4649 if (ret >= 0 && info->set && format != WOLFSSL_FILETYPE_PEM) { 4938 4650 /* decrypt */ 4939 int passwordSz ;4651 int passwordSz = NAME_SZ; 4940 4652 #ifdef WOLFSSL_SMALL_STACK 4941 4653 char* password = NULL; 4942 4654 #else 4943 char password[ 80];4655 char password[NAME_SZ]; 4944 4656 #endif 4945 4657 4946 4658 #ifdef WOLFSSL_SMALL_STACK 4947 password = (char*)XMALLOC( 80, heap, DYNAMIC_TYPE_STRING);4659 password = (char*)XMALLOC(passwordSz, heap, DYNAMIC_TYPE_STRING); 4948 4660 if (password == NULL) 4949 4661 ret = MEMORY_E; 4950 4662 else 4951 4663 #endif 4952 if (!ctx || !ctx->passwd_cb) { 4664 if (info->passwd_cb == NULL) { 4665 WOLFSSL_MSG("No password callback set"); 4953 4666 ret = NO_PASSWORD; 4954 4667 } 4955 4668 else { 4956 passwordSz = ctx->passwd_cb(password, sizeof(password), 4957 0, ctx->userdata); 4958 4959 /* decrypt the key */ 4960 ret = wolfssl_decrypt_buffer_key(der, (byte*)password, 4961 passwordSz, info); 4962 } 4669 ret = info->passwd_cb(password, passwordSz, PEM_PASS_READ, 4670 info->passwd_userdata); 4671 if (ret >= 0) { 4672 passwordSz = ret; 4673 4674 /* decrypt the key */ 4675 ret = wc_BufferKeyDecrypt(info, der->buffer, der->length, 4676 (byte*)password, passwordSz, WC_MD5); 4677 4678 ForceZero(password, passwordSz); 4679 } 4680 } 4963 4681 4964 4682 #ifdef WOLFSSL_SMALL_STACK 4965 4683 XFREE(password, heap, DYNAMIC_TYPE_STRING); 4966 4684 #endif 4967 4968 if (ret != WOLFSSL_SUCCESS) { 4969 #ifdef WOLFSSL_SMALL_STACK 4970 XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO); 4971 #endif 4972 FreeDer(&der); 4973 return ret; 4974 } 4975 } 4976 #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ 4977 4978 #ifdef WOLFSSL_SMALL_STACK 4685 } 4686 #endif /* WOLFSSL_ENCRYPTED_KEYS */ 4687 4688 #ifdef WOLFSSL_SMALL_STACK 4979 4689 XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO); 4980 #endif 4690 #endif 4691 4692 /* check for error */ 4693 if (ret < 0) { 4694 FreeDer(&der); 4695 return ret; 4696 } 4981 4697 4982 4698 /* Handle DER owner */ … … 4989 4705 /* verify CA unless user set to no verify */ 4990 4706 return AddCA(ctx->cm, &der, WOLFSSL_USER_CA, !ctx->verifyNone); 4991 }4707 } 4992 4708 #ifdef WOLFSSL_TRUST_PEER_CERT 4993 4709 else if (type == TRUSTED_PEER_TYPE) { … … 5006 4722 if (ssl->buffers.weOwnCert) { 5007 4723 FreeDer(&ssl->buffers.certificate); 5008 5009 5010 5011 5012 5013 5014 4724 #ifdef KEEP_OUR_CERT 4725 FreeX509(ssl->ourCert); 4726 if (ssl->ourCert) { 4727 XFREE(ssl->ourCert, ssl->heap, DYNAMIC_TYPE_X509); 4728 ssl->ourCert = NULL; 4729 } 4730 #endif 5015 4731 } 5016 4732 ssl->buffers.certificate = der; 5017 5018 5019 4733 #ifdef KEEP_OUR_CERT 4734 ssl->keepCert = 1; /* hold cert for ssl lifetime */ 4735 #endif 5020 4736 ssl->buffers.weOwnCert = 1; 5021 }4737 } 5022 4738 else if (ctx) { 5023 4739 FreeDer(&ctx->certificate); /* Make sure previous is free'd */ … … 5027 4743 FreeX509(ctx->ourCert); 5028 4744 XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509); 5029 4745 } 5030 4746 ctx->ourCert = NULL; 5031 4747 } 5032 4748 #endif 5033 4749 ctx->certificate = der; 5034 }5035 }4750 } 4751 } 5036 4752 else if (type == PRIVATEKEY_TYPE) { 5037 4753 if (ssl) { … … 5039 4755 if (ssl->buffers.weOwnKey) { 5040 4756 FreeDer(&ssl->buffers.key); 5041 }4757 } 5042 4758 ssl->buffers.key = der; 5043 4759 ssl->buffers.weOwnKey = 1; 5044 }4760 } 5045 4761 else if (ctx) { 5046 4762 FreeDer(&ctx->privateKey); 5047 4763 ctx->privateKey = der; 5048 }5049 }5050 else {4764 } 4765 } 4766 else { 5051 4767 FreeDer(&der); 5052 4768 return WOLFSSL_BAD_CERTTYPE; 5053 }4769 } 5054 4770 5055 4771 if (type == PRIVATEKEY_TYPE && format != WOLFSSL_FILETYPE_RAW) { … … 5057 4773 if (!eccKey && !ed25519Key) { 5058 4774 /* make sure RSA key can be used */ 5059 word32 idx = 0;5060 4775 #ifdef WOLFSSL_SMALL_STACK 5061 4776 RsaKey* key = NULL; … … 5072 4787 ret = wc_InitRsaKey_ex(key, heap, devId); 5073 4788 if (ret == 0) { 4789 idx = 0; 5074 4790 if (wc_RsaPrivateKeyDecode(der->buffer, &idx, key, der->length) 5075 4791 != 0) { 5076 4792 #ifdef HAVE_ECC 5077 4793 /* could have DER ECC (or pkcs8 ecc), no easy way to tell */ 5078 eccKey = 1; /* so try it out */ 4794 eccKey = 1; /* try it next */ 4795 #elif defined(HAVE_ED25519) 4796 ed25519Key = 1; /* try it next */ 5079 4797 #else 5080 4798 WOLFSSL_MSG("RSA decode failed and ECC not enabled to try"); 5081 4799 ret = WOLFSSL_BAD_FILE; 5082 4800 #endif 5083 } else { 4801 } 4802 else { 5084 4803 /* check that the size of the RSA key is enough */ 5085 int rsaSz = wc_RsaEncryptSize((RsaKey*)key); 5086 5087 if (ssl) { 5088 if (rsaSz < ssl->options.minRsaKeySz) { 5089 ret = RSA_KEY_SIZE_E; 5090 WOLFSSL_MSG("Private Key size too small"); 5091 } 4804 int minRsaSz = ssl ? ssl->options.minRsaKeySz : 4805 ctx->minRsaKeySz; 4806 keySz = wc_RsaEncryptSize((RsaKey*)key); 4807 if (keySz < minRsaSz) { 4808 ret = RSA_KEY_SIZE_E; 4809 WOLFSSL_MSG("Private Key size too small"); 4810 } 4811 4812 if (ssl) { 5092 4813 ssl->buffers.keyType = rsa_sa_algo; 5093 #ifdef WC_RSA_PSS 5094 ssl->buffers.keySz = rsaSz; 5095 #endif 5096 } 4814 ssl->buffers.keySz = keySz; 4815 } 5097 4816 else if(ctx) { 5098 if (rsaSz < ctx->minRsaKeySz) {5099 ret = RSA_KEY_SIZE_E;5100 WOLFSSL_MSG("Private Key size too small");5101 }5102 4817 ctx->privateKeyType = rsa_sa_algo; 5103 #ifdef WC_RSA_PSS 5104 ctx->privateKeySz = rsaSz; 5105 #endif 5106 } 4818 ctx->privateKeySz = keySz; 4819 } 4820 5107 4821 rsaKey = 1; 5108 4822 (void)rsaKey; /* for no ecc builds */ … … 5111 4825 ssl->options.haveStaticECC = 0; 5112 4826 resetSuites = 1; 5113 5114 4827 } 4828 } 5115 4829 5116 4830 wc_FreeRsaKey(key); 5117 4831 } 5118 4832 5119 4833 #ifdef WOLFSSL_SMALL_STACK … … 5122 4836 5123 4837 if (ret != 0) 5124 5125 4838 return ret; 4839 } 5126 4840 #endif 5127 4841 #ifdef HAVE_ECC 5128 4842 if (!rsaKey && !ed25519Key) { 5129 4843 /* make sure ECC key can be used */ 5130 word32 idx = 0; 5131 ecc_key key; 5132 5133 if (wc_ecc_init_ex(&key, heap, devId) == 0) { 5134 if (wc_EccPrivateKeyDecode(der->buffer, &idx, &key, 4844 #ifdef WOLFSSL_SMALL_STACK 4845 ecc_key* key = NULL; 4846 #else 4847 ecc_key key[1]; 4848 #endif 4849 4850 #ifdef WOLFSSL_SMALL_STACK 4851 key = (ecc_key*)XMALLOC(sizeof(ecc_key), heap, DYNAMIC_TYPE_ECC); 4852 if (key == NULL) 4853 return MEMORY_E; 4854 #endif 4855 4856 if (wc_ecc_init_ex(key, heap, devId) == 0) { 4857 idx = 0; 4858 if (wc_EccPrivateKeyDecode(der->buffer, &idx, key, 5135 4859 der->length) == 0) { 5136 5137 4860 /* check for minimum ECC key size and then free */ 5138 if (ssl) { 5139 if (wc_ecc_size(&key) < ssl->options.minEccKeySz) { 5140 wc_ecc_free(&key); 5141 WOLFSSL_MSG("ECC private key too small"); 5142 return ECC_KEY_SIZE_E; 5143 } 5144 } 5145 else if (ctx) { 5146 if (wc_ecc_size(&key) < ctx->minEccKeySz) { 5147 wc_ecc_free(&key); 5148 WOLFSSL_MSG("ECC private key too small"); 5149 return ECC_KEY_SIZE_E; 5150 } 5151 } 4861 int minKeySz = ssl ? ssl->options.minEccKeySz : 4862 ctx->minEccKeySz; 4863 keySz = wc_ecc_size(key); 4864 if (keySz < minKeySz) { 4865 WOLFSSL_MSG("ECC private key too small"); 4866 ret = ECC_KEY_SIZE_E; 4867 } 5152 4868 5153 4869 eccKey = 1; … … 5155 4871 ssl->options.haveStaticECC = 1; 5156 4872 ssl->buffers.keyType = ecc_dsa_sa_algo; 5157 } 4873 ssl->buffers.keySz = keySz; 4874 } 5158 4875 else if (ctx) { 5159 4876 ctx->haveStaticECC = 1; 5160 4877 ctx->privateKeyType = ecc_dsa_sa_algo; 4878 ctx->privateKeySz = keySz; 4879 } 4880 4881 if (ssl && ssl->options.side == WOLFSSL_SERVER_END) { 4882 resetSuites = 1; 4883 } 4884 } 4885 else 4886 eccKey = 0; 4887 4888 wc_ecc_free(key); 4889 } 4890 4891 #ifdef WOLFSSL_SMALL_STACK 4892 XFREE(key, heap, DYNAMIC_TYPE_ECC); 4893 #endif 4894 4895 if (ret != 0) 4896 return ret; 4897 } 4898 #endif /* HAVE_ECC */ 4899 #ifdef HAVE_ED25519 4900 if (!rsaKey && !eccKey) { 4901 /* make sure Ed25519 key can be used */ 4902 #ifdef WOLFSSL_SMALL_STACK 4903 ed25519_key* key = NULL; 4904 #else 4905 ed25519_key key[1]; 4906 #endif 4907 4908 #ifdef WOLFSSL_SMALL_STACK 4909 key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap, 4910 DYNAMIC_TYPE_ED25519); 4911 if (key == NULL) 4912 return MEMORY_E; 4913 #endif 4914 4915 ret = wc_ed25519_init(key); 4916 if (ret == 0) { 4917 idx = 0; 4918 if (wc_Ed25519PrivateKeyDecode(der->buffer, &idx, key, 4919 der->length) != 0) { 4920 ret = WOLFSSL_BAD_FILE; 4921 } 4922 4923 if (ret == 0) { 4924 /* check for minimum key size and then free */ 4925 int minKeySz = ssl ? ssl->options.minEccKeySz : 4926 ctx->minEccKeySz; 4927 keySz = ED25519_KEY_SIZE; 4928 if (keySz < minKeySz) { 4929 WOLFSSL_MSG("ED25519 private key too small"); 4930 ret = ECC_KEY_SIZE_E; 4931 } 5161 4932 } 5162 4933 if (ret == 0) { 4934 if (ssl) { 4935 ssl->buffers.keyType = ed25519_sa_algo; 4936 ssl->buffers.keySz = keySz; 4937 } 4938 else if (ctx) { 4939 ctx->privateKeyType = ed25519_sa_algo; 4940 ctx->privateKeySz = keySz; 4941 } 4942 4943 ed25519Key = 1; 5163 4944 if (ssl && ssl->options.side == WOLFSSL_SERVER_END) { 5164 4945 resetSuites = 1; 5165 4946 } 5166 4947 } 5167 else 5168 eccKey = 0; 5169 5170 wc_ecc_free(&key); 5171 } 5172 } 5173 #endif /* HAVE_ECC */ 5174 #ifdef HAVE_ED25519 5175 if (!rsaKey && !eccKey) { 5176 /* make sure Ed25519 key can be used */ 5177 word32 idx = 0; 5178 ed25519_key key; 5179 5180 ret = wc_ed25519_init(&key); 5181 if (ret != 0) { 4948 4949 wc_ed25519_free(key); 4950 } 4951 4952 #ifdef WOLFSSL_SMALL_STACK 4953 XFREE(key, heap, DYNAMIC_TYPE_ED25519); 4954 #endif 4955 if (ret != 0) 5182 4956 return ret; 5183 4957 } 5184 5185 if (wc_Ed25519PrivateKeyDecode(der->buffer, &idx, &key, 5186 der->length) != 0) { 5187 wc_ed25519_free(&key); 5188 return WOLFSSL_BAD_FILE; 5189 } 5190 5191 /* check for minimum key size and then free */ 5192 if (ssl) { 5193 if (ED25519_KEY_SIZE < ssl->options.minEccKeySz) { 5194 wc_ed25519_free(&key); 5195 WOLFSSL_MSG("ED25519 private key too small"); 5196 return ECC_KEY_SIZE_E; 5197 } 5198 ssl->buffers.keyType = ed25519_sa_algo; 5199 } 5200 else if (ctx) { 5201 if (ED25519_KEY_SIZE < ctx->minEccKeySz) { 5202 wc_ed25519_free(&key); 5203 WOLFSSL_MSG("ED25519 private key too small"); 5204 return ECC_KEY_SIZE_E; 5205 } 5206 ctx->privateKeyType = ed25519_sa_algo; 5207 } 5208 5209 wc_ed25519_free(&key); 5210 ed25519Key = 1; 5211 5212 if (ssl && ssl->options.side == WOLFSSL_SERVER_END) { 5213 resetSuites = 1; 5214 } 5215 } 5216 #endif 5217 4958 #else 5218 4959 if (!rsaKey && !eccKey && !ed25519Key) 5219 4960 return WOLFSSL_BAD_FILE; 5220 4961 #endif 5221 4962 (void)ed25519Key; 5222 4963 (void)devId; … … 5227 4968 #else 5228 4969 DecodedCert cert[1]; 4970 #endif 4971 #ifdef HAVE_PK_CALLBACKS 4972 int keyType = 0; 5229 4973 #endif 5230 4974 … … 5279 5023 } 5280 5024 5281 #if def HAVE_ECC5025 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 5282 5026 if (ssl) { 5283 5027 ssl->pkCurveOID = cert->pkCurveOID; … … 5316 5060 #ifndef NO_RSA 5317 5061 case RSAk: 5062 #ifdef HAVE_PK_CALLBACKS 5063 keyType = rsa_sa_algo; 5064 #endif 5065 /* Determine RSA key size by parsing public key */ 5066 idx = 0; 5067 ret = wc_RsaPublicKeyDecode_ex(cert->publicKey, &idx, 5068 cert->pubKeySize, NULL, (word32*)&keySz, NULL, NULL); 5069 if (ret < 0) 5070 break; 5071 5318 5072 if (ssl && !ssl->options.verifyNone) { 5319 5073 if (ssl->options.minRsaKeySz < 0 || 5320 cert->pubKeySize < (word16)ssl->options.minRsaKeySz) {5074 keySz < (int)ssl->options.minRsaKeySz) { 5321 5075 ret = RSA_KEY_SIZE_E; 5322 5076 WOLFSSL_MSG("Certificate RSA key size too small"); … … 5325 5079 else if (ctx && !ctx->verifyNone) { 5326 5080 if (ctx->minRsaKeySz < 0 || 5327 cert->pubKeySize < (word16)ctx->minRsaKeySz) {5081 keySz < (int)ctx->minRsaKeySz) { 5328 5082 ret = RSA_KEY_SIZE_E; 5329 5083 WOLFSSL_MSG("Certificate RSA key size too small"); … … 5334 5088 #ifdef HAVE_ECC 5335 5089 case ECDSAk: 5090 #ifdef HAVE_PK_CALLBACKS 5091 keyType = ecc_dsa_sa_algo; 5092 #endif 5093 /* Determine ECC key size based on curve */ 5094 keySz = wc_ecc_get_curve_size_from_id( 5095 wc_ecc_get_oid(cert->pkCurveOID, NULL, NULL)); 5096 5336 5097 if (ssl && !ssl->options.verifyNone) { 5337 5098 if (ssl->options.minEccKeySz < 0 || 5338 cert->pubKeySize < (word16)ssl->options.minEccKeySz) {5099 keySz < (int)ssl->options.minEccKeySz) { 5339 5100 ret = ECC_KEY_SIZE_E; 5340 5101 WOLFSSL_MSG("Certificate ECC key size error"); … … 5343 5104 else if (ctx && !ctx->verifyNone) { 5344 5105 if (ctx->minEccKeySz < 0 || 5345 cert->pubKeySize < (word16)ctx->minEccKeySz) {5106 keySz < (int)ctx->minEccKeySz) { 5346 5107 ret = ECC_KEY_SIZE_E; 5347 5108 WOLFSSL_MSG("Certificate ECC key size error"); … … 5352 5113 #ifdef HAVE_ED25519 5353 5114 case ED25519k: 5115 #ifdef HAVE_PK_CALLBACKS 5116 keyType = ed25519_sa_algo; 5117 #endif 5118 /* ED25519 is fixed key size */ 5119 keySz = ED25519_KEY_SIZE; 5354 5120 if (ssl && !ssl->options.verifyNone) { 5355 5121 if (ssl->options.minEccKeySz < 0 || 5356 ED25519_KEY_SIZE < (word16)ssl->options.minEccKeySz) {5122 keySz < (int)ssl->options.minEccKeySz) { 5357 5123 ret = ECC_KEY_SIZE_E; 5358 5124 WOLFSSL_MSG("Certificate Ed key size error"); … … 5361 5127 else if (ctx && !ctx->verifyNone) { 5362 5128 if (ctx->minEccKeySz < 0 || 5363 ED25519_KEY_SIZE < (word16)ctx->minEccKeySz) {5129 keySz < (int)ctx->minEccKeySz) { 5364 5130 ret = ECC_KEY_SIZE_E; 5365 5131 WOLFSSL_MSG("Certificate ECC key size error"); … … 5374 5140 } 5375 5141 5142 #ifdef HAVE_PK_CALLBACKS 5143 if (ssl && ssl->buffers.keyType == 0) { 5144 ssl->buffers.keyType = keyType; 5145 ssl->buffers.keySz = keySz; 5146 } 5147 else if (ctx && ctx->privateKeyType == 0) { 5148 ctx->privateKeyType = keyType; 5149 ctx->privateKeySz = keySz; 5150 } 5151 #endif 5152 5376 5153 FreeDecodedCert(cert); 5377 5154 #ifdef WOLFSSL_SMALL_STACK … … 5396 5173 haveRSA = 1; 5397 5174 #endif 5175 #ifndef NO_CERTS 5176 keySz = ssl->buffers.keySz; 5177 #endif 5398 5178 5399 5179 /* let's reset suites */ 5400 InitSuites(ssl->suites, ssl->version, ssl->buffers.keySz, haveRSA,5180 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, 5401 5181 havePSK, ssl->options.haveDH, ssl->options.haveNTRU, 5402 5182 ssl->options.haveECDSAsig, ssl->options.haveECC, … … 5432 5212 if (PemToDer(buff + used, sz - used, CRL_TYPE, &der, NULL, &info, 5433 5213 NULL) == 0) { 5434 WOLFSSL_MSG(" Proc cessed a CRL");5214 WOLFSSL_MSG(" Processed a CRL"); 5435 5215 wolfSSL_CertManagerLoadCRLBuffer(ctx->cm, der->buffer, 5436 5216 der->length, WOLFSSL_FILETYPE_ASN1); … … 5442 5222 #endif 5443 5223 #endif 5444 if (ret < 0) 5445 { 5224 if (ret < 0) { 5446 5225 if(consumed > 0) { /* Made progress in file */ 5447 5226 WOLFSSL_ERROR(ret); 5448 5227 WOLFSSL_MSG("CA Parse failed, with progress in file."); 5449 5228 WOLFSSL_MSG("Search for other certs in file"); 5450 } else { 5229 } 5230 else { 5451 5231 WOLFSSL_MSG("CA Parse failed, no progress in file."); 5452 5232 WOLFSSL_MSG("Do not continue search for other certs in file"); 5453 5233 break; 5454 5234 } 5455 } else { 5235 } 5236 else { 5456 5237 WOLFSSL_MSG(" Processed a CA"); 5457 5238 gotOne = 1; … … 5460 5241 } 5461 5242 5462 if(gotOne) 5463 { 5243 if (gotOne) { 5464 5244 WOLFSSL_MSG("Processed at least one valid CA. Other stuff OK"); 5465 5245 return WOLFSSL_SUCCESS; … … 5469 5249 5470 5250 5471 static INLINE WOLFSSL_METHOD* cm_pick_method(void)5251 static WC_INLINE WOLFSSL_METHOD* cm_pick_method(void) 5472 5252 { 5473 5253 #ifndef NO_WOLFSSL_CLIENT 5474 #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)5254 #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3) 5475 5255 return wolfSSLv3_client_method(); 5256 #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10) 5257 return wolfTLSv1_client_method(); 5258 #elif !defined(NO_OLD_TLS) 5259 return wolfTLSv1_1_client_method(); 5260 #elif !defined(WOLFSSL_NO_TLS12) 5261 return wolfTLSv1_2_client_method(); 5262 #elif defined(WOLFSSL_TLS13) 5263 return wolfTLSv1_3_client_method(); 5476 5264 #else 5477 return wolfTLSv1_2_client_method();5265 return NULL; 5478 5266 #endif 5479 5267 #elif !defined(NO_WOLFSSL_SERVER) 5480 #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)5268 #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3) 5481 5269 return wolfSSLv3_server_method(); 5270 #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10) 5271 return wolfTLSv1_server_method(); 5272 #elif !defined(NO_OLD_TLS) 5273 return wolfTLSv1_1_server_method(); 5274 #elif !defined(WOLFSSL_NO_TLS12) 5275 return wolfTLSv1_2_server_method(); 5276 #elif defined(WOLFSSL_TLS13) 5277 return wolfTLSv1_3_server_method(); 5482 5278 #else 5483 return wolfTLSv1_2_server_method();5279 return NULL; 5484 5280 #endif 5485 5281 #else … … 5641 5437 5642 5438 if (format == WOLFSSL_FILETYPE_PEM) { 5643 int eccKey = 0; /* not used */ 5644 #ifdef WOLFSSL_SMALL_STACK 5645 EncryptedInfo* info = NULL; 5646 #else 5647 EncryptedInfo info[1]; 5648 #endif 5649 5650 #ifdef WOLFSSL_SMALL_STACK 5651 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), cm->heap, 5652 DYNAMIC_TYPE_ENCRYPTEDINFO); 5653 if (info == NULL) { 5654 XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT); 5655 return MEMORY_E; 5656 } 5657 #endif 5658 5659 info->set = 0; 5660 info->ctx = NULL; 5661 info->consumed = 0; 5662 5663 ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, info, &eccKey); 5439 #ifdef WOLFSSL_PEM_TO_DER 5440 ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, NULL, NULL); 5664 5441 if (ret != 0) { 5665 5442 FreeDer(&der); 5666 5443 #ifdef WOLFSSL_SMALL_STACK 5667 5444 XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT); 5668 XFREE(info, cm->heap, DYNAMIC_TYPE_ENCRYPTEDINFO);5669 5445 #endif 5670 5446 return ret; 5671 5447 } 5672 5448 InitDecodedCert(cert, der->buffer, der->length, cm->heap); 5673 5674 #ifdef WOLFSSL_SMALL_STACK 5675 XFREE(info, cm->heap, DYNAMIC_TYPE_ENCRYPTEDINFO); 5449 #else 5450 ret = NOT_COMPILED_IN; 5676 5451 #endif 5677 5452 } 5678 else 5453 else { 5679 5454 InitDecodedCert(cert, (byte*)buff, (word32)sz, cm->heap); 5455 } 5680 5456 5681 5457 if (ret == 0) … … 5767 5543 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ 5768 5544 || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) 5545 #ifndef NO_WOLFSSL_SERVER 5769 5546 if (cm->ocsp_stapling == NULL) { 5770 5547 cm->ocsp_stapling = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP), … … 5780 5557 } 5781 5558 } 5782 cm->ocspStaplingEnabled = 1;5783 5559 5784 5560 #ifndef WOLFSSL_USER_IO … … 5787 5563 cm->ocspIOCtx = cm->heap; 5788 5564 #endif /* WOLFSSL_USER_IO */ 5565 #endif /* NO_WOLFSSL_SERVER */ 5566 cm->ocspStaplingEnabled = 1; 5789 5567 #else 5790 5568 ret = NOT_COMPILED_IN; … … 5811 5589 return ret; 5812 5590 } 5813 5814 5591 #if defined(SESSION_CERTS) 5592 WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL* ssl) 5593 { 5594 WOLFSSL_ENTER("wolfSSL_get_peer_cert_chain"); 5595 if ((ssl == NULL) || (ssl->session.chain.count == 0)) 5596 return NULL; 5597 else 5598 return (WOLF_STACK_OF(WOLFSSL_X509)* )&ssl->session.chain; 5599 } 5600 #endif 5815 5601 #ifdef HAVE_OCSP 5816 5817 5602 5818 5603 /* check CRL if enabled, WOLFSSL_SUCCESS */ … … 6049 5834 file = XFOPEN(fname, "rb"); 6050 5835 if (file == XBADFILE) return WOLFSSL_BAD_FILE; 6051 XFSEEK(file, 0, XSEEK_END); 5836 if (XFSEEK(file, 0, XSEEK_END) != 0) { 5837 XFCLOSE(file); 5838 return WOLFSSL_BAD_FILE; 5839 } 6052 5840 sz = XFTELL(file); 6053 5841 XREWIND(file); … … 6089 5877 } 6090 5878 6091 6092 5879 /* loads file then loads each file in path, no c_rehash */ 6093 int wolfSSL_CTX_load_verify_locations (WOLFSSL_CTX* ctx, const char* file,6094 const char* path )5880 int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file, 5881 const char* path, word32 flags) 6095 5882 { 6096 5883 int ret = WOLFSSL_SUCCESS; 6097 5884 #ifndef NO_WOLFSSL_DIR 6098 5885 int fileRet; 6099 #endif 6100 6101 WOLFSSL_ENTER("wolfSSL_CTX_load_verify_locations"); 5886 int successCount = 0; 5887 int failCount = 0; 5888 #endif 5889 5890 WOLFSSL_MSG("wolfSSL_CTX_load_verify_locations_ex"); 6102 5891 6103 5892 if (ctx == NULL || (file == NULL && path == NULL) ) … … 6123 5912 fileRet = wc_ReadDirFirst(readCtx, path, &name); 6124 5913 while (fileRet == 0 && name) { 5914 WOLFSSL_MSG(name); /* log file name */ 6125 5915 ret = ProcessFile(ctx, name, WOLFSSL_FILETYPE_PEM, CA_TYPE, 6126 5916 NULL, 0, NULL); 6127 if (ret != WOLFSSL_SUCCESS) 6128 break; 5917 if (ret != WOLFSSL_SUCCESS) { 5918 /* handle flags for ignoring errors, skipping expired certs or 5919 by PEM certificate header error */ 5920 if ( (flags & WOLFSSL_LOAD_FLAG_IGNORE_ERR) || 5921 ((flags & WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) && 5922 (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E)) || 5923 ((flags & WOLFSSL_LOAD_FLAG_PEM_CA_ONLY) && 5924 (ret == ASN_NO_PEM_HEADER))) { 5925 /* Do not fail here if a certificate fails to load, 5926 continue to next file */ 5927 ret = WOLFSSL_SUCCESS; 5928 } 5929 else { 5930 WOLFSSL_ERROR(ret); 5931 WOLFSSL_MSG("Load CA file failed, continuing"); 5932 failCount++; 5933 } 5934 } 5935 else { 5936 successCount++; 5937 } 6129 5938 fileRet = wc_ReadDirNext(readCtx, path, &name); 6130 5939 } … … 6132 5941 6133 5942 /* pass directory read failure to response code */ 6134 if ( ret == WOLFSSL_SUCCESS && fileRet != -1) {5943 if (fileRet != WC_READDIR_NOFILE) { 6135 5944 ret = fileRet; 5945 } 5946 /* report failure if no files were loaded or there were failures */ 5947 else if (successCount == 0 || failCount > 0) { 5948 /* use existing error code if exists */ 5949 if (ret == WOLFSSL_SUCCESS) 5950 ret = WOLFSSL_FAILURE; 5951 } 5952 else { 5953 ret = WOLFSSL_SUCCESS; 6136 5954 } 6137 5955 … … 6141 5959 #else 6142 5960 ret = NOT_COMPILED_IN; 5961 (void)flags; 6143 5962 #endif 6144 5963 } 6145 5964 6146 5965 return ret; 5966 } 5967 5968 #ifndef WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS 5969 #define WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS WOLFSSL_LOAD_FLAG_NONE 5970 #endif 5971 int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file, 5972 const char* path) 5973 { 5974 return wolfSSL_CTX_load_verify_locations_ex(ctx, file, path, 5975 WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS); 6147 5976 } 6148 5977 … … 6185 6014 6186 6015 if (file == XBADFILE) return WOLFSSL_BAD_FILE; 6187 XFSEEK(file, 0, XSEEK_END); 6016 if(XFSEEK(file, 0, XSEEK_END) != 0) { 6017 XFCLOSE(file); 6018 return WOLFSSL_BAD_FILE; 6019 } 6188 6020 sz = XFTELL(file); 6189 6021 XREWIND(file); … … 6252 6084 6253 6085 6254 6255 6256 int wolfSSL_CTX_check_private_key(WOLFSSL_CTX* ctx) 6257 { 6258 /* TODO: check private against public for RSA match */ 6259 (void)ctx; 6260 WOLFSSL_ENTER("SSL_CTX_check_private_key"); 6261 return WOLFSSL_SUCCESS; 6262 } 6263 6086 /* Check private against public in certificate for match 6087 * 6088 * ctx WOLFSSL_CTX structure to check private key in 6089 * 6090 * Returns SSL_SUCCESS on good private key and SSL_FAILURE if miss matched. */ 6091 int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX* ctx) 6092 { 6093 #ifdef WOLFSSL_SMALL_STACK 6094 DecodedCert* der = NULL; 6095 #else 6096 DecodedCert der[1]; 6097 #endif 6098 word32 size; 6099 byte* buff; 6100 int ret; 6101 6102 WOLFSSL_ENTER("wolfSSL_CTX_check_private_key"); 6103 6104 if (ctx == NULL) { 6105 return WOLFSSL_FAILURE; 6106 } 6107 6108 #ifndef NO_CERTS 6109 #ifdef WOLFSSL_SMALL_STACK 6110 der = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT); 6111 if (der == NULL) 6112 return MEMORY_E; 6113 #endif 6114 6115 size = ctx->certificate->length; 6116 buff = ctx->certificate->buffer; 6117 InitDecodedCert(der, buff, size, ctx->heap); 6118 if (ParseCertRelative(der, CERT_TYPE, NO_VERIFY, NULL) != 0) { 6119 FreeDecodedCert(der); 6120 #ifdef WOLFSSL_SMALL_STACK 6121 XFREE(der, NULL, DYNAMIC_TYPE_DCERT); 6122 #endif 6123 return WOLFSSL_FAILURE; 6124 } 6125 6126 size = ctx->privateKey->length; 6127 buff = ctx->privateKey->buffer; 6128 ret = wc_CheckPrivateKey(buff, size, der); 6129 FreeDecodedCert(der); 6130 #ifdef WOLFSSL_SMALL_STACK 6131 XFREE(der, NULL, DYNAMIC_TYPE_DCERT); 6132 #endif 6133 6134 if (ret == 1) { 6135 return WOLFSSL_SUCCESS; 6136 } 6137 else { 6138 return WOLFSSL_FAILURE; 6139 } 6140 #else 6141 WOLFSSL_MSG("NO_CERTS is defined, can not check private key"); 6142 return WOLFSSL_FAILURE; 6143 #endif 6144 } 6264 6145 6265 6146 #ifdef HAVE_CRL … … 6473 6354 6474 6355 6475 #ifdef WOLFSSL_CERT_GEN6476 6477 /* load pem cert from file into der buffer, return der size or error */6478 int wolfSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)6479 {6480 #ifdef WOLFSSL_SMALL_STACK6481 EncryptedInfo* info = NULL;6482 byte staticBuffer[1]; /* force XMALLOC */6483 #else6484 EncryptedInfo info[1];6485 byte staticBuffer[FILE_BUFFER_SIZE];6486 #endif6487 byte* fileBuf = staticBuffer;6488 int dynamic = 0;6489 int ret = 0;6490 int ecc = 0;6491 long sz = 0;6492 XFILE file = XFOPEN(fileName, "rb");6493 DerBuffer* converted = NULL;6494 6495 WOLFSSL_ENTER("wolfSSL_PemCertToDer");6496 6497 if (file == XBADFILE) {6498 ret = WOLFSSL_BAD_FILE;6499 }6500 else {6501 XFSEEK(file, 0, XSEEK_END);6502 sz = XFTELL(file);6503 XREWIND(file);6504 6505 if (sz <= 0) {6506 ret = WOLFSSL_BAD_FILE;6507 }6508 else if (sz > (long)sizeof(staticBuffer)) {6509 #ifdef WOLFSSL_STATIC_MEMORY6510 WOLFSSL_MSG("File was larger then static buffer");6511 return MEMORY_E;6512 #endif6513 fileBuf = (byte*)XMALLOC(sz, 0, DYNAMIC_TYPE_FILE);6514 if (fileBuf == NULL)6515 ret = MEMORY_E;6516 else6517 dynamic = 1;6518 }6519 6520 if (ret == 0) {6521 if ( (ret = (int)XFREAD(fileBuf, 1, sz, file)) != sz) {6522 ret = WOLFSSL_BAD_FILE;6523 }6524 else {6525 #ifdef WOLFSSL_SMALL_STACK6526 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,6527 DYNAMIC_TYPE_ENCRYPTEDINFO);6528 if (info == NULL)6529 ret = MEMORY_E;6530 else6531 #endif6532 {6533 ret = PemToDer(fileBuf, sz, CA_TYPE, &converted,6534 0, info, &ecc);6535 #ifdef WOLFSSL_SMALL_STACK6536 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO);6537 #endif6538 }6539 }6540 6541 if (ret == 0) {6542 if (converted->length < (word32)derSz) {6543 XMEMCPY(derBuf, converted->buffer, converted->length);6544 ret = converted->length;6545 }6546 else6547 ret = BUFFER_E;6548 }6549 6550 FreeDer(&converted);6551 }6552 6553 XFCLOSE(file);6554 if (dynamic)6555 XFREE(fileBuf, 0, DYNAMIC_TYPE_FILE);6556 }6557 6558 return ret;6559 }6560 6561 #endif /* WOLFSSL_CERT_GEN */6562 6563 #ifdef WOLFSSL_CERT_EXT6564 #ifndef NO_FILESYSTEM6565 /* load pem public key from file into der buffer, return der size or error */6566 int wolfSSL_PemPubKeyToDer(const char* fileName,6567 unsigned char* derBuf, int derSz)6568 {6569 #ifdef WOLFSSL_SMALL_STACK6570 byte staticBuffer[1]; /* force XMALLOC */6571 #else6572 byte staticBuffer[FILE_BUFFER_SIZE];6573 #endif6574 byte* fileBuf = staticBuffer;6575 int dynamic = 0;6576 int ret = 0;6577 long sz = 0;6578 XFILE file = XFOPEN(fileName, "rb");6579 DerBuffer* converted = NULL;6580 6581 WOLFSSL_ENTER("wolfSSL_PemPubKeyToDer");6582 6583 if (file == XBADFILE) {6584 ret = WOLFSSL_BAD_FILE;6585 }6586 else {6587 XFSEEK(file, 0, XSEEK_END);6588 sz = XFTELL(file);6589 XREWIND(file);6590 6591 if (sz <= 0) {6592 ret = WOLFSSL_BAD_FILE;6593 }6594 else if (sz > (long)sizeof(staticBuffer)) {6595 #ifdef WOLFSSL_STATIC_MEMORY6596 WOLFSSL_MSG("File was larger then static buffer");6597 return MEMORY_E;6598 #endif6599 fileBuf = (byte*)XMALLOC(sz, 0, DYNAMIC_TYPE_FILE);6600 if (fileBuf == NULL)6601 ret = MEMORY_E;6602 else6603 dynamic = 1;6604 }6605 if (ret == 0) {6606 if ( (ret = (int)XFREAD(fileBuf, 1, sz, file)) != sz)6607 ret = WOLFSSL_BAD_FILE;6608 else6609 ret = PemToDer(fileBuf, sz, PUBLICKEY_TYPE, &converted,6610 0, NULL, NULL);6611 6612 if (ret == 0) {6613 if (converted->length < (word32)derSz) {6614 XMEMCPY(derBuf, converted->buffer, converted->length);6615 ret = converted->length;6616 }6617 else6618 ret = BUFFER_E;6619 }6620 6621 FreeDer(&converted);6622 }6623 6624 XFCLOSE(file);6625 if (dynamic)6626 XFREE(fileBuf, 0, DYNAMIC_TYPE_FILE);6627 }6628 6629 return ret;6630 }6631 #endif /* NO_FILESYSTEM */6632 6633 /* Return bytes written to buff or < 0 for error */6634 int wolfSSL_PubKeyPemToDer(const unsigned char* pem, int pemSz,6635 unsigned char* buff, int buffSz)6636 {6637 int ret;6638 DerBuffer* der = NULL;6639 6640 WOLFSSL_ENTER("wolfSSL_PubKeyPemToDer");6641 6642 if (pem == NULL || buff == NULL || buffSz <= 0) {6643 WOLFSSL_MSG("Bad pem der args");6644 return BAD_FUNC_ARG;6645 }6646 6647 ret = PemToDer(pem, pemSz, PUBLICKEY_TYPE, &der, NULL, NULL, NULL);6648 if (ret < 0) {6649 WOLFSSL_MSG("Bad Pem To Der");6650 }6651 else {6652 if (der->length <= (word32)buffSz) {6653 XMEMCPY(buff, der->buffer, der->length);6654 ret = der->length;6655 }6656 else {6657 WOLFSSL_MSG("Bad der length");6658 ret = BAD_FUNC_ARG;6659 }6660 }6661 6662 FreeDer(&der);6663 return ret;6664 }6665 6666 #endif /* WOLFSSL_CERT_EXT */6667 6356 6668 6357 int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX* ctx, const char* file, … … 6674 6363 6675 6364 return WOLFSSL_FAILURE; 6676 }6365 } 6677 6366 6678 6367 6679 6368 int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, 6680 6369 int format) 6681 {6370 { 6682 6371 WOLFSSL_ENTER("wolfSSL_CTX_use_PrivateKey_file"); 6683 6372 if (ProcessFile(ctx, file, format, PRIVATEKEY_TYPE, NULL, 0, NULL) … … 6686 6375 6687 6376 return WOLFSSL_FAILURE; 6377 } 6378 6379 6380 /* Sets the max chain depth when verifying a certificate chain. Default depth 6381 * is set to MAX_CHAIN_DEPTH. 6382 * 6383 * ctx WOLFSSL_CTX structure to set depth in 6384 * depth max depth 6385 */ 6386 void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx, int depth) { 6387 WOLFSSL_ENTER("wolfSSL_CTX_set_verify_depth"); 6388 6389 if (ctx == NULL || depth < 0 || depth > MAX_CHAIN_DEPTH) { 6390 WOLFSSL_MSG("Bad depth argument, too large or less than 0"); 6391 return; 6392 } 6393 6394 ctx->verifyDepth = (byte)depth; 6688 6395 } 6689 6396 … … 6700 6407 return ssl->options.verifyDepth; 6701 6408 #endif 6702 }6409 } 6703 6410 6704 6411 … … 6708 6415 if(ctx == NULL) { 6709 6416 return BAD_FUNC_ARG; 6710 }6417 } 6711 6418 #ifndef OPENSSL_EXTRA 6712 6419 return MAX_CHAIN_DEPTH; 6713 6420 #else 6714 6421 return ctx->verifyDepth; 6715 #endif6716 }6422 #endif 6423 } 6717 6424 6718 6425 … … 6722 6429 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_chain_file"); 6723 6430 if (ProcessFile(ctx, file, WOLFSSL_FILETYPE_PEM,CERT_TYPE,NULL,1, NULL) 6431 == WOLFSSL_SUCCESS) 6432 return WOLFSSL_SUCCESS; 6433 6434 return WOLFSSL_FAILURE; 6435 } 6436 6437 6438 int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX* ctx, 6439 const char* file, int format) 6440 { 6441 /* process up to MAX_CHAIN_DEPTH plus subject cert */ 6442 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_chain_file_format"); 6443 if (ProcessFile(ctx, file, format, CERT_TYPE, NULL, 1, NULL) 6724 6444 == WOLFSSL_SUCCESS) 6725 6445 return WOLFSSL_SUCCESS; … … 6751 6471 file = XFOPEN(fname, "rb"); 6752 6472 if (file == XBADFILE) return WOLFSSL_BAD_FILE; 6753 XFSEEK(file, 0, XSEEK_END); 6473 if(XFSEEK(file, 0, XSEEK_END) != 0) { 6474 XFCLOSE(file); 6475 return WOLFSSL_BAD_FILE; 6476 } 6754 6477 sz = XFTELL(file); 6755 6478 XREWIND(file); … … 6803 6526 #endif /* NO_DH */ 6804 6527 6528 #endif /* NO_FILESYSTEM */ 6529 6530 6531 #if defined(OPENSSL_EXTRA) || !defined(NO_PWDBASED) && \ 6532 (defined(OPENSSL_EXTRA_X509_SMALL) || defined(HAVE_WEBSERVER)) 6533 6534 static int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp, 6535 int* pHash, int* pHashSz) 6536 { 6537 enum wc_HashType hash = WC_HASH_TYPE_NONE; 6538 int hashSz; 6539 6540 if (XSTRLEN(evp) < 3) { 6541 /* do not try comparing strings if size is too small */ 6542 return WOLFSSL_FAILURE; 6543 } 6544 6545 if (XSTRNCMP("SHA", evp, 3) == 0) { 6546 if (XSTRLEN(evp) > 3) { 6547 #ifndef NO_SHA256 6548 if (XSTRNCMP("SHA256", evp, 6) == 0) { 6549 hash = WC_HASH_TYPE_SHA256; 6550 } 6551 else 6552 #endif 6553 #ifdef WOLFSSL_SHA384 6554 if (XSTRNCMP("SHA384", evp, 6) == 0) { 6555 hash = WC_HASH_TYPE_SHA384; 6556 } 6557 else 6558 #endif 6559 #ifdef WOLFSSL_SHA512 6560 if (XSTRNCMP("SHA512", evp, 6) == 0) { 6561 hash = WC_HASH_TYPE_SHA512; 6562 } 6563 else 6564 #endif 6565 { 6566 WOLFSSL_MSG("Unknown SHA hash"); 6567 } 6568 } 6569 else { 6570 hash = WC_HASH_TYPE_SHA; 6571 } 6572 } 6573 #ifdef WOLFSSL_MD2 6574 else if (XSTRNCMP("MD2", evp, 3) == 0) { 6575 hash = WC_HASH_TYPE_MD2; 6576 } 6577 #endif 6578 #ifndef NO_MD4 6579 else if (XSTRNCMP("MD4", evp, 3) == 0) { 6580 hash = WC_HASH_TYPE_MD4; 6581 } 6582 #endif 6583 #ifndef NO_MD5 6584 else if (XSTRNCMP("MD5", evp, 3) == 0) { 6585 hash = WC_HASH_TYPE_MD5; 6586 } 6587 #endif 6588 6589 if (pHash) 6590 *pHash = hash; 6591 6592 hashSz = wc_HashGetDigestSize(hash); 6593 if (pHashSz) 6594 *pHashSz = hashSz; 6595 6596 if (hashSz < 0) { 6597 return WOLFSSL_FAILURE; 6598 } 6599 6600 return WOLFSSL_SUCCESS; 6601 } 6602 6603 #endif 6604 6805 6605 6806 6606 #ifdef OPENSSL_EXTRA 6807 6607 /* put SSL type in extra for now, not very common */ 6808 6608 6809 WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, WOLFSSL_EVP_PKEY** out, 6810 const unsigned char **in, long inSz) 6811 { 6812 WOLFSSL_EVP_PKEY* local; 6813 6814 WOLFSSL_ENTER("wolfSSL_d2i_PrivateKey"); 6609 /* Converts a DER format key read from "bio" to a PKCS8 structure. 6610 * 6611 * bio input bio to read DER from 6612 * pkey If not NULL then this pointer will be overwritten with a new PKCS8 6613 * structure. 6614 * 6615 * returns a WOLFSSL_PKCS8_PRIV_KEY_INFO pointer on success and NULL in fail 6616 * case. 6617 */ 6618 WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_d2i_PKCS8_PKEY_bio(WOLFSSL_BIO* bio, 6619 WOLFSSL_PKCS8_PRIV_KEY_INFO** pkey) 6620 { 6621 WOLFSSL_PKCS8_PRIV_KEY_INFO* pkcs8 = NULL; 6622 #ifdef WOLFSSL_PEM_TO_DER 6623 unsigned char* mem; 6624 int memSz; 6625 int keySz; 6626 word32 algId; 6627 6628 WOLFSSL_MSG("wolfSSL_d2i_PKCS8_PKEY_bio()"); 6629 6630 if (bio == NULL) { 6631 return NULL; 6632 } 6633 6634 if ((memSz = wolfSSL_BIO_get_mem_data(bio, &mem)) < 0) { 6635 return NULL; 6636 } 6637 6638 if ((keySz = wc_KeyPemToDer(mem, memSz, mem, memSz, NULL)) < 0) { 6639 WOLFSSL_MSG("Not PEM format"); 6640 keySz = memSz; 6641 if ((keySz = ToTraditional_ex((byte*)mem, (word32)keySz, &algId)) < 0) { 6642 return NULL; 6643 } 6644 } 6645 6646 pkcs8 = wolfSSL_PKEY_new(); 6647 if (pkcs8 == NULL) { 6648 return NULL; 6649 } 6650 6651 pkcs8->pkey.ptr = (char*)XMALLOC(keySz, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 6652 if (pkcs8->pkey.ptr == NULL) { 6653 wolfSSL_EVP_PKEY_free(pkcs8); 6654 return NULL; 6655 } 6656 XMEMCPY(pkcs8->pkey.ptr, mem, keySz); 6657 pkcs8->pkey_sz = keySz; 6658 6659 if (pkey != NULL) { 6660 *pkey = pkcs8; 6661 } 6662 #else 6663 (void)bio; 6664 (void)pkey; 6665 #endif /* WOLFSSL_PEM_TO_DER */ 6666 6667 return pkcs8; 6668 } 6669 6670 6671 /* expecting DER format public key 6672 * 6673 * bio input bio to read DER from 6674 * out If not NULL then this pointer will be overwritten with a new 6675 * WOLFSSL_EVP_PKEY pointer 6676 * 6677 * returns a WOLFSSL_EVP_PKEY pointer on success and NULL in fail case. 6678 */ 6679 WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio, 6680 WOLFSSL_EVP_PKEY** out) 6681 { 6682 unsigned char* mem; 6683 long memSz; 6684 WOLFSSL_EVP_PKEY* pkey = NULL; 6685 6686 WOLFSSL_ENTER("wolfSSL_d2i_PUBKEY_bio()"); 6687 6688 if (bio == NULL) { 6689 return NULL; 6690 } 6691 (void)out; 6692 6693 memSz = wolfSSL_BIO_pending(bio); 6694 if (memSz <= 0) { 6695 return NULL; 6696 } 6697 6698 mem = (unsigned char*)XMALLOC(memSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 6699 if (mem == NULL) { 6700 return NULL; 6701 } 6702 6703 if (wolfSSL_BIO_read(bio, mem, (int)memSz) == memSz) { 6704 pkey = wolfSSL_d2i_PUBKEY(NULL, &mem, memSz); 6705 if (out != NULL && pkey != NULL) { 6706 *out = pkey; 6707 } 6708 } 6709 6710 XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 6711 return pkey; 6712 } 6713 6714 6715 6716 /* Converts a DER encoded public key to a WOLFSSL_EVP_PKEY structure. 6717 * 6718 * out pointer to new WOLFSSL_EVP_PKEY structure. Can be NULL 6719 * in DER buffer to convert 6720 * inSz size of in buffer 6721 * 6722 * returns a pointer to a new WOLFSSL_EVP_PKEY structure on success and NULL 6723 * on fail 6724 */ 6725 WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** out, unsigned char** in, 6726 long inSz) 6727 { 6728 WOLFSSL_EVP_PKEY* pkey = NULL; 6729 const unsigned char* mem; 6730 long memSz = inSz; 6731 6732 WOLFSSL_ENTER("wolfSSL_d2i_PUBKEY"); 6815 6733 6816 6734 if (in == NULL || inSz < 0) { 6817 6735 WOLFSSL_MSG("Bad argument"); 6818 6736 return NULL; 6819 } 6820 6737 } 6738 mem = *in; 6739 6740 #if !defined(NO_RSA) 6741 { 6742 RsaKey rsa; 6743 word32 keyIdx = 0; 6744 6745 /* test if RSA key */ 6746 if (wc_InitRsaKey(&rsa, NULL) == 0 && 6747 wc_RsaPublicKeyDecode(mem, &keyIdx, &rsa, (word32)memSz) == 0) { 6748 wc_FreeRsaKey(&rsa); 6749 pkey = wolfSSL_PKEY_new(); 6750 if (pkey != NULL) { 6751 pkey->pkey_sz = keyIdx; 6752 pkey->pkey.ptr = (char*)XMALLOC(memSz, NULL, 6753 DYNAMIC_TYPE_PUBLIC_KEY); 6754 if (pkey->pkey.ptr == NULL) { 6755 wolfSSL_EVP_PKEY_free(pkey); 6756 return NULL; 6757 } 6758 XMEMCPY(pkey->pkey.ptr, mem, keyIdx); 6759 pkey->type = EVP_PKEY_RSA; 6760 if (out != NULL) { 6761 *out = pkey; 6762 } 6763 6764 pkey->ownRsa = 1; 6765 pkey->rsa = wolfSSL_RSA_new(); 6766 if (pkey->rsa == NULL) { 6767 wolfSSL_EVP_PKEY_free(pkey); 6768 return NULL; 6769 } 6770 6771 if (wolfSSL_RSA_LoadDer_ex(pkey->rsa, 6772 (const unsigned char*)pkey->pkey.ptr, 6773 pkey->pkey_sz, WOLFSSL_RSA_LOAD_PUBLIC) != 1) { 6774 wolfSSL_EVP_PKEY_free(pkey); 6775 return NULL; 6776 } 6777 6778 return pkey; 6779 } 6780 } 6781 wc_FreeRsaKey(&rsa); 6782 } 6783 #endif /* NO_RSA */ 6784 6785 #ifdef HAVE_ECC 6786 { 6787 word32 keyIdx = 0; 6788 ecc_key ecc; 6789 6790 if (wc_ecc_init(&ecc) == 0 && 6791 wc_EccPublicKeyDecode(mem, &keyIdx, &ecc, (word32)memSz) == 0) { 6792 wc_ecc_free(&ecc); 6793 pkey = wolfSSL_PKEY_new(); 6794 if (pkey != NULL) { 6795 pkey->pkey_sz = keyIdx; 6796 pkey->pkey.ptr = (char*)XMALLOC(keyIdx, NULL, 6797 DYNAMIC_TYPE_PUBLIC_KEY); 6798 if (pkey->pkey.ptr == NULL) { 6799 wolfSSL_EVP_PKEY_free(pkey); 6800 return NULL; 6801 } 6802 XMEMCPY(pkey->pkey.ptr, mem, keyIdx); 6803 pkey->type = EVP_PKEY_EC; 6804 if (out != NULL) { 6805 *out = pkey; 6806 } 6807 6808 pkey->ownEcc = 1; 6809 pkey->ecc = wolfSSL_EC_KEY_new(); 6810 if (pkey->ecc == NULL) { 6811 wolfSSL_EVP_PKEY_free(pkey); 6812 return NULL; 6813 } 6814 6815 if (wolfSSL_EC_KEY_LoadDer_ex(pkey->ecc, 6816 (const unsigned char*)pkey->pkey.ptr, 6817 pkey->pkey_sz, WOLFSSL_EC_KEY_LOAD_PUBLIC) != 1) { 6818 wolfSSL_EVP_PKEY_free(pkey); 6819 return NULL; 6820 } 6821 6822 return pkey; 6823 } 6824 } 6825 wc_ecc_free(&ecc); 6826 } 6827 #endif /* HAVE_ECC */ 6828 6829 return pkey; 6830 6831 } 6832 6833 6834 /* Reads in a DER format key. If PKCS8 headers are found they are stripped off. 6835 * 6836 * type type of key 6837 * out newly created WOLFSSL_EVP_PKEY structure 6838 * in pointer to input key DER 6839 * inSz size of in buffer 6840 * 6841 * On success a non null pointer is returned and the pointer in is advanced the 6842 * same number of bytes read. 6843 */ 6844 WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, WOLFSSL_EVP_PKEY** out, 6845 const unsigned char **in, long inSz) 6846 { 6847 WOLFSSL_EVP_PKEY* local; 6848 word32 idx = 0; 6849 int ret; 6850 word32 algId; 6851 6852 WOLFSSL_ENTER("wolfSSL_d2i_PrivateKey"); 6853 6854 if (in == NULL || inSz < 0) { 6855 WOLFSSL_MSG("Bad argument"); 6856 return NULL; 6857 } 6858 6859 /* Check if input buffer has PKCS8 header. In the case that it does not 6860 * have a PKCS8 header then do not error out. */ 6861 if ((ret = ToTraditionalInline_ex((const byte*)(*in), &idx, (word32)inSz, 6862 &algId)) > 0) { 6863 WOLFSSL_MSG("Found and removed PKCS8 header"); 6864 } 6865 else { 6866 if (ret != ASN_PARSE_E) { 6867 WOLFSSL_MSG("Unexpected error with trying to remove PKCS8 header"); 6868 return NULL; 6869 } 6870 } 6871 6872 if (out != NULL && *out != NULL) { 6873 wolfSSL_EVP_PKEY_free(*out); 6874 *out = NULL; 6875 } 6821 6876 local = wolfSSL_PKEY_new(); 6822 6877 if (local == NULL) { 6823 6878 return NULL; 6824 } 6879 } 6880 6881 /* sanity check on idx before use */ 6882 if ((int)idx > inSz) { 6883 WOLFSSL_MSG("Issue with index pointer"); 6884 wolfSSL_EVP_PKEY_free(local); 6885 local = NULL; 6886 return NULL; 6887 } 6825 6888 6826 6889 local->type = type; 6827 local->pkey_sz = (int)inSz ;6828 local->pkey.ptr = (char*)XMALLOC(inSz , NULL, DYNAMIC_TYPE_PUBLIC_KEY);6890 local->pkey_sz = (int)inSz - idx; 6891 local->pkey.ptr = (char*)XMALLOC(inSz - idx, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 6829 6892 if (local->pkey.ptr == NULL) { 6830 6893 wolfSSL_EVP_PKEY_free(local); 6831 6894 local = NULL; 6832 } 6833 else { 6834 XMEMCPY(local->pkey.ptr, *in, inSz); 6835 } 6836 6837 if (out != NULL) { 6838 *out = local; 6839 } 6895 return NULL; 6896 } 6897 else { 6898 XMEMCPY(local->pkey.ptr, *in + idx, inSz - idx); 6899 } 6900 6901 switch (type) { 6902 #ifndef NO_RSA 6903 case EVP_PKEY_RSA: 6904 local->ownRsa = 1; 6905 local->rsa = wolfSSL_RSA_new(); 6906 if (local->rsa == NULL) { 6907 wolfSSL_EVP_PKEY_free(local); 6908 return NULL; 6909 } 6910 if (wolfSSL_RSA_LoadDer_ex(local->rsa, 6911 (const unsigned char*)local->pkey.ptr, local->pkey_sz, 6912 WOLFSSL_RSA_LOAD_PRIVATE) != SSL_SUCCESS) { 6913 wolfSSL_EVP_PKEY_free(local); 6914 return NULL; 6915 } 6916 break; 6917 #endif /* NO_RSA */ 6918 #ifdef HAVE_ECC 6919 case EVP_PKEY_EC: 6920 local->ownEcc = 1; 6921 local->ecc = wolfSSL_EC_KEY_new(); 6922 if (local->ecc == NULL) { 6923 wolfSSL_EVP_PKEY_free(local); 6924 return NULL; 6925 } 6926 if (wolfSSL_EC_KEY_LoadDer(local->ecc, 6927 (const unsigned char*)local->pkey.ptr, local->pkey_sz) 6928 != SSL_SUCCESS) { 6929 wolfSSL_EVP_PKEY_free(local); 6930 return NULL; 6931 } 6932 break; 6933 #endif /* HAVE_ECC */ 6934 6935 default: 6936 WOLFSSL_MSG("Unsupported key type"); 6937 wolfSSL_EVP_PKEY_free(local); 6938 return NULL; 6939 } 6940 6941 /* advance pointer with success */ 6942 if (local != NULL) { 6943 if ((idx + local->pkey_sz) <= (word32)inSz) { 6944 *in = *in + idx + local->pkey_sz; 6945 } 6946 6947 if (out != NULL) { 6948 *out = local; 6949 } 6950 } 6840 6951 6841 6952 return local; 6842 }6843 6844 6953 } 6954 6955 #ifndef NO_WOLFSSL_STUB 6845 6956 long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt) 6846 6957 { 6847 WOLFSSL_STUB(" wolfSSL_ctrl");6958 WOLFSSL_STUB("SSL_ctrl"); 6848 6959 (void)ssl; 6849 6960 (void)cmd; … … 6852 6963 return WOLFSSL_FAILURE; 6853 6964 } 6854 6855 6965 #endif 6966 6967 #ifndef NO_WOLFSSL_STUB 6856 6968 long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt, void* pt) 6857 6969 { 6858 WOLFSSL_STUB(" wolfSSL_CTX_ctrl");6970 WOLFSSL_STUB("SSL_CTX_ctrl"); 6859 6971 (void)ctx; 6860 6972 (void)cmd; … … 6863 6975 return WOLFSSL_FAILURE; 6864 6976 } 6977 #endif 6865 6978 6866 6979 #ifndef NO_CERTS 6980 6867 6981 int wolfSSL_check_private_key(const WOLFSSL* ssl) 6868 6982 { … … 6879 6993 buff = ssl->buffers.certificate->buffer; 6880 6994 InitDecodedCert(&der, buff, size, ssl->heap); 6995 #ifdef HAVE_PK_CALLBACKS 6996 ret = InitSigPkCb((WOLFSSL*)ssl, &der.sigCtx); 6997 if (ret != 0) { 6998 FreeDecodedCert(&der); 6999 return ret; 7000 } 7001 #endif 7002 6881 7003 if (ParseCertRelative(&der, CERT_TYPE, NO_VERIFY, NULL) != 0) { 6882 7004 FreeDecodedCert(&der); … … 6920 7042 if (c != NULL) { 6921 7043 *c = -1; /* default to not found */ 6922 }7044 } 6923 7045 6924 7046 sk = (WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)*)XMALLOC( … … 6926 7048 if (sk == NULL) { 6927 7049 return NULL; 6928 }7050 } 6929 7051 XMEMSET(sk, 0, sizeof(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT))); 6930 7052 … … 6933 7055 if (x509->basicConstSet) { 6934 7056 obj = wolfSSL_ASN1_OBJECT_new(); 7057 if (obj == NULL) { 7058 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7059 wolfSSL_sk_ASN1_OBJECT_free(sk); 7060 return NULL; 7061 } 6935 7062 if (c != NULL) { 6936 7063 *c = x509->basicConstCrit; 6937 7064 } 6938 7065 obj->type = BASIC_CA_OID; 6939 } 6940 else { 7066 obj->grp = oidCertExtType; 7067 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7068 } 7069 else { 6941 7070 WOLFSSL_MSG("No Basic Constraint set"); 6942 7071 } 6943 7072 break; 6944 7073 6945 7074 case ALT_NAMES_OID: 6946 7075 { 6947 DNS_entry* dns ;7076 DNS_entry* dns = NULL; 6948 7077 6949 7078 if (x509->subjAltNameSet && x509->altNames != NULL) { … … 6952 7081 if (x509->altNames->next != NULL) { 6953 7082 *c = -2; /* more then one found */ 6954 6955 7083 } 7084 else { 6956 7085 *c = x509->subjAltNameCrit; 6957 6958 7086 } 7087 } 6959 7088 6960 7089 dns = x509->altNames; 6961 7090 while (dns != NULL) { 6962 7091 obj = wolfSSL_ASN1_OBJECT_new(); 6963 obj->type = ALT_NAMES_OID; 7092 if (obj == NULL) { 7093 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7094 wolfSSL_sk_ASN1_OBJECT_free(sk); 7095 return NULL; 7096 } 7097 obj->type = dns->type; 7098 obj->grp = oidCertExtType; 6964 7099 obj->obj = (byte*)dns->name; 7100 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7101 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA ; 7102 7103 /* set app derefrenced pointers */ 7104 obj->d.ia5_internal.data = dns->name; 7105 obj->d.ia5_internal.length = (int)XSTRLEN(dns->name); 6965 7106 dns = dns->next; 6966 7107 /* last dns in list add at end of function */ … … 6972 7113 wolfSSL_sk_ASN1_OBJECT_free(sk); 6973 7114 sk = NULL; 6974 6975 6976 6977 7115 } 7116 } 7117 } 7118 } 6978 7119 else { 6979 7120 WOLFSSL_MSG("No Alt Names set"); 6980 6981 7121 } 7122 } 6982 7123 break; 6983 7124 … … 6986 7127 if (c != NULL) { 6987 7128 *c = x509->CRLdistCrit; 6988 7129 } 6989 7130 obj = wolfSSL_ASN1_OBJECT_new(); 7131 if (obj == NULL) { 7132 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7133 wolfSSL_sk_ASN1_OBJECT_free(sk); 7134 return NULL; 7135 } 6990 7136 obj->type = CRL_DIST_OID; 7137 obj->grp = oidCertExtType; 6991 7138 obj->obj = x509->CRLInfo; 6992 7139 obj->objSz = x509->CRLInfoSz; 6993 } 7140 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7141 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA ; 7142 } 6994 7143 else { 6995 7144 WOLFSSL_MSG("No CRL dist set"); 6996 7145 } 6997 7146 break; 6998 7147 … … 7003 7152 } 7004 7153 obj = wolfSSL_ASN1_OBJECT_new(); 7154 if (obj == NULL) { 7155 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7156 wolfSSL_sk_ASN1_OBJECT_free(sk); 7157 return NULL; 7158 } 7005 7159 obj->type = AUTH_INFO_OID; 7160 obj->grp = oidCertExtType; 7006 7161 obj->obj = x509->authInfo; 7007 7162 obj->objSz = x509->authInfoSz; 7163 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7164 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA; 7008 7165 } 7009 7166 else { … … 7018 7175 } 7019 7176 obj = wolfSSL_ASN1_OBJECT_new(); 7177 if (obj == NULL) { 7178 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7179 wolfSSL_sk_ASN1_OBJECT_free(sk); 7180 return NULL; 7181 } 7020 7182 obj->type = AUTH_KEY_OID; 7183 obj->grp = oidCertExtType; 7021 7184 obj->obj = x509->authKeyId; 7022 7185 obj->objSz = x509->authKeyIdSz; 7186 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7187 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA; 7023 7188 } 7024 7189 else { … … 7033 7198 } 7034 7199 obj = wolfSSL_ASN1_OBJECT_new(); 7200 if (obj == NULL) { 7201 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7202 wolfSSL_sk_ASN1_OBJECT_free(sk); 7203 return NULL; 7204 } 7035 7205 obj->type = SUBJ_KEY_OID; 7206 obj->grp = oidCertExtType; 7036 7207 obj->obj = x509->subjKeyId; 7037 7208 obj->objSz = x509->subjKeyIdSz; 7209 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7210 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA; 7038 7211 } 7039 7212 else { … … 7044 7217 case CERT_POLICY_OID: 7045 7218 #ifdef WOLFSSL_CERT_EXT 7046 7219 { 7047 7220 int i; 7048 7221 … … 7055 7228 *c = 0; 7056 7229 } 7057 7230 } 7058 7231 7059 7232 for (i = 0; i < x509->certPoliciesNb - 1; i++) { 7060 7233 obj = wolfSSL_ASN1_OBJECT_new(); 7234 if (obj == NULL) { 7235 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7236 wolfSSL_sk_ASN1_OBJECT_free(sk); 7237 return NULL; 7238 } 7061 7239 obj->type = CERT_POLICY_OID; 7240 obj->grp = oidCertExtType; 7062 7241 obj->obj = (byte*)(x509->certPolicies[i]); 7063 7242 obj->objSz = MAX_CERTPOL_SZ; 7243 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7244 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA; 7064 7245 if (wolfSSL_sk_ASN1_OBJECT_push(sk, obj) 7065 7246 != WOLFSSL_SUCCESS) { … … 7071 7252 } 7072 7253 obj = wolfSSL_ASN1_OBJECT_new(); 7254 if (obj == NULL) { 7255 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7256 wolfSSL_sk_ASN1_OBJECT_free(sk); 7257 return NULL; 7258 } 7073 7259 obj->type = CERT_POLICY_OID; 7260 obj->grp = oidCertExtType; 7074 7261 obj->obj = (byte*)(x509->certPolicies[i]); 7075 7262 obj->objSz = MAX_CERTPOL_SZ; 7263 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7264 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA; 7076 7265 } 7077 7266 else { … … 7086 7275 } 7087 7276 obj = wolfSSL_ASN1_OBJECT_new(); 7277 if (obj == NULL) { 7278 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7279 wolfSSL_sk_ASN1_OBJECT_free(sk); 7280 return NULL; 7281 } 7088 7282 obj->type = CERT_POLICY_OID; 7283 obj->grp = oidCertExtType; 7284 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7089 7285 } 7090 7286 else { … … 7103 7299 } 7104 7300 obj = wolfSSL_ASN1_OBJECT_new(); 7301 if (obj == NULL) { 7302 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7303 wolfSSL_sk_ASN1_OBJECT_free(sk); 7304 return NULL; 7305 } 7105 7306 obj->type = KEY_USAGE_OID; 7307 obj->grp = oidCertExtType; 7106 7308 obj->obj = (byte*)&(x509->keyUsage); 7107 7309 obj->objSz = sizeof(word16); 7310 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7311 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA; 7108 7312 } 7109 7313 else { … … 7127 7331 } 7128 7332 obj = wolfSSL_ASN1_OBJECT_new(); 7333 if (obj == NULL) { 7334 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 7335 wolfSSL_sk_ASN1_OBJECT_free(sk); 7336 return NULL; 7337 } 7129 7338 obj->type = EXT_KEY_USAGE_OID; 7339 obj->grp = oidCertExtType; 7130 7340 obj->obj = x509->extKeyUsageSrc; 7131 7341 obj->objSz = x509->extKeyUsageSz; 7342 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 7343 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA; 7132 7344 } 7133 7345 else { 7134 7346 WOLFSSL_MSG("No Extended Key Usage set"); 7135 7347 } 7136 7348 break; 7137 7349 … … 7166 7378 default: 7167 7379 WOLFSSL_MSG("Unsupported/Unknown extension OID"); 7168 7380 } 7169 7381 7170 7382 if (obj != NULL) { … … 7192 7404 WOLFSSL_ENGINE* eng) 7193 7405 { 7194 enum wc_HashType hash = WC_HASH_TYPE_NONE; 7195 int hashSz; 7196 7197 if (XSTRLEN(evp) < 3) { 7198 /* do not try comparing strings if size is too small */ 7406 int err; 7407 int hashType = WC_HASH_TYPE_NONE; 7408 int hashSz; 7409 7410 (void)eng; 7411 7412 err = wolfSSL_EVP_get_hashinfo(evp, &hashType, &hashSz); 7413 if (err != WOLFSSL_SUCCESS) 7414 return err; 7415 7416 *outSz = hashSz; 7417 7418 if (wc_Hash((enum wc_HashType)hashType, in, inSz, out, *outSz) != 0) { 7199 7419 return WOLFSSL_FAILURE; 7200 } 7201 7202 if (XSTRNCMP("SHA", evp, 3) == 0) { 7203 if (XSTRLEN(evp) > 3) { 7204 if (XSTRNCMP("SHA256", evp, 6) == 0) { 7205 hash = WC_HASH_TYPE_SHA256; 7206 } 7207 else if (XSTRNCMP("SHA384", evp, 6) == 0) { 7208 hash = WC_HASH_TYPE_SHA384; 7209 } 7210 else if (XSTRNCMP("SHA512", evp, 6) == 0) { 7211 hash = WC_HASH_TYPE_SHA512; 7212 } 7213 else { 7214 WOLFSSL_MSG("Unknown SHA hash"); 7215 } 7216 } 7217 else { 7218 hash = WC_HASH_TYPE_SHA; 7219 } 7220 } 7221 else if (XSTRNCMP("MD2", evp, 3) == 0) { 7222 hash = WC_HASH_TYPE_MD2; 7223 } 7224 else if (XSTRNCMP("MD4", evp, 3) == 0) { 7225 hash = WC_HASH_TYPE_MD4; 7226 } 7227 else if (XSTRNCMP("MD5", evp, 3) == 0) { 7228 hash = WC_HASH_TYPE_MD5; 7229 } 7230 7231 hashSz = wc_HashGetDigestSize(hash); 7232 if (hashSz < 0) { 7233 WOLFSSL_LEAVE("wolfSSL_EVP_Digest", hashSz); 7234 return WOLFSSL_FAILURE; 7235 } 7236 *outSz = hashSz; 7237 7238 (void)eng; 7239 if (wc_Hash(hash, in, inSz, out, *outSz) == 0) { 7240 return WOLFSSL_SUCCESS; 7241 } 7242 else { 7243 return WOLFSSL_FAILURE; 7244 } 7420 } 7421 7422 return WOLFSSL_SUCCESS; 7245 7423 } 7246 7424 … … 7297 7475 #endif 7298 7476 7299 int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der, int derSz)7300 {7301 long idx;7302 7303 WOLFSSL_ENTER("wolfSSL_use_certificate_ASN1");7304 if (der != NULL && ssl != NULL) {7305 if (ProcessBuffer(NULL, der, derSz, WOLFSSL_FILETYPE_ASN1, CERT_TYPE, ssl,7306 &idx, 0) == WOLFSSL_SUCCESS)7307 return WOLFSSL_SUCCESS;7308 }7309 7310 (void)idx;7311 return WOLFSSL_FAILURE;7312 }7313 7314 7315 7477 int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509) 7316 7478 { … … 7320 7482 if (x509 != NULL && ssl != NULL && x509->derCert != NULL) { 7321 7483 if (ProcessBuffer(NULL, x509->derCert->buffer, x509->derCert->length, 7322 WOLFSSL_FILETYPE_ASN1, CERT_TYPE, ssl, &idx, 0) == WOLFSSL_SUCCESS)7484 WOLFSSL_FILETYPE_ASN1, CERT_TYPE, ssl, &idx, 0) == WOLFSSL_SUCCESS) { 7323 7485 return WOLFSSL_SUCCESS; 7486 } 7324 7487 } 7325 7488 … … 7327 7490 return WOLFSSL_FAILURE; 7328 7491 } 7492 7329 7493 #endif /* NO_CERTS */ 7330 7494 7495 #endif /* OPENSSL_EXTRA */ 7496 7497 #ifndef NO_CERTS 7498 int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der, int derSz) 7499 { 7500 long idx; 7501 7502 WOLFSSL_ENTER("wolfSSL_use_certificate_ASN1"); 7503 if (der != NULL && ssl != NULL) { 7504 if (ProcessBuffer(NULL, der, derSz, WOLFSSL_FILETYPE_ASN1, CERT_TYPE, 7505 ssl, &idx, 0) == WOLFSSL_SUCCESS) { 7506 return WOLFSSL_SUCCESS; 7507 } 7508 } 7509 7510 (void)idx; 7511 return WOLFSSL_FAILURE; 7512 } 7513 7514 #ifndef NO_FILESYSTEM 7331 7515 7332 7516 int wolfSSL_use_certificate_file(WOLFSSL* ssl, const char* file, int format) … … 7363 7547 } 7364 7548 7549 int wolfSSL_use_certificate_chain_file_format(WOLFSSL* ssl, const char* file, 7550 int format) 7551 { 7552 /* process up to MAX_CHAIN_DEPTH plus subject cert */ 7553 WOLFSSL_ENTER("wolfSSL_use_certificate_chain_file_format"); 7554 if (ProcessFile(ssl->ctx, file, format, CERT_TYPE, ssl, 1, 7555 NULL) == WOLFSSL_SUCCESS) 7556 return WOLFSSL_SUCCESS; 7557 7558 return WOLFSSL_FAILURE; 7559 } 7560 7561 #endif /* !NO_FILESYSTEM */ 7562 #endif /* !NO_CERTS */ 7365 7563 7366 7564 #ifdef HAVE_ECC … … 7369 7567 int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX* ctx, word16 sz) 7370 7568 { 7371 if (ctx == NULL || sz < ECC_MINSIZE || sz > ECC_MAXSIZE) 7569 if (ctx == NULL) 7570 return BAD_FUNC_ARG; 7571 7572 if (sz == 0) { 7573 /* applies only to ECDSA */ 7574 if (ctx->privateKeyType != ecc_dsa_sa_algo) 7575 return WOLFSSL_SUCCESS; 7576 7577 if (ctx->privateKeySz == 0) { 7578 WOLFSSL_MSG("Must set private key/cert first"); 7579 return BAD_FUNC_ARG; 7580 } 7581 7582 sz = (word16)ctx->privateKeySz; 7583 } 7584 7585 /* check size */ 7586 if (sz < ECC_MINSIZE || sz > ECC_MAXSIZE) 7372 7587 return BAD_FUNC_ARG; 7373 7588 … … 7392 7607 7393 7608 7394 7395 7609 #ifdef OPENSSL_EXTRA 7610 7611 #ifndef NO_FILESYSTEM 7396 7612 int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX* ctx,const char* file, 7397 7613 int format) … … 7409 7625 return wolfSSL_use_PrivateKey_file(ssl, file, format); 7410 7626 } 7627 #endif /* NO_FILESYSTEM */ 7411 7628 7412 7629 … … 7453 7670 #endif /* OPENSSL_EXTRA */ 7454 7671 7672 #ifndef NO_FILESYSTEM 7455 7673 #ifdef HAVE_NTRU 7456 7674 … … 7479 7697 { 7480 7698 WOLFSSL_ENTER("wolfSSL_CTX_set_verify"); 7699 if (ctx == NULL) 7700 return; 7701 7481 7702 if (mode & WOLFSSL_VERIFY_PEER) { 7482 7703 ctx->verifyPeer = 1; … … 7504 7725 { 7505 7726 WOLFSSL_ENTER("wolfSSL_set_verify"); 7727 if (ssl == NULL) 7728 return; 7729 7506 7730 if (mode & WOLFSSL_VERIFY_PEER) { 7507 7731 ssl->options.verifyPeer = 1; … … 8036 8260 8037 8261 /* Return memory needed to persist this signer, have lock */ 8038 static INLINE int GetSignerMemory(Signer* signer)8262 static WC_INLINE int GetSignerMemory(Signer* signer) 8039 8263 { 8040 8264 int sz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID) … … 8054 8278 8055 8279 /* Return memory needed to persist this row, have lock */ 8056 static INLINE int GetCertCacheRowMemory(Signer* row)8280 static WC_INLINE int GetCertCacheRowMemory(Signer* row) 8057 8281 { 8058 8282 int sz = 0; … … 8068 8292 8069 8293 /* get the size of persist cert cache, have lock */ 8070 static INLINE int GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)8294 static WC_INLINE int GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm) 8071 8295 { 8072 8296 int sz; … … 8083 8307 8084 8308 /* Store cert cache header columns with number of items per list, have lock */ 8085 static INLINE void SetCertHeaderColumns(WOLFSSL_CERT_MANAGER* cm, int* columns)8309 static WC_INLINE void SetCertHeaderColumns(WOLFSSL_CERT_MANAGER* cm, int* columns) 8086 8310 { 8087 8311 int i; … … 8103 8327 /* Restore whole cert row from memory, have lock, return bytes consumed, 8104 8328 < 0 on error, have lock */ 8105 static INLINE int RestoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current,8329 static WC_INLINE int RestoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current, 8106 8330 int row, int listSz, const byte* end) 8107 8331 { … … 8115 8339 while (listSz) { 8116 8340 Signer* signer; 8341 byte* publicKey; 8117 8342 byte* start = current + idx; /* for end checks on this signer */ 8118 8343 int minSz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID) + … … 8144 8369 return BUFFER_E; 8145 8370 } 8146 signer->publicKey = (byte*)XMALLOC(signer->pubKeySize, cm->heap,8371 publicKey = (byte*)XMALLOC(signer->pubKeySize, cm->heap, 8147 8372 DYNAMIC_TYPE_KEY); 8148 if ( signer->publicKey == NULL) {8373 if (publicKey == NULL) { 8149 8374 FreeSigner(signer, cm->heap); 8150 8375 return MEMORY_E; 8151 8376 } 8152 8377 8153 XMEMCPY(signer->publicKey, current + idx, signer->pubKeySize); 8378 XMEMCPY(publicKey, current + idx, signer->pubKeySize); 8379 signer->publicKey = publicKey; 8154 8380 idx += signer->pubKeySize; 8155 8381 … … 8195 8421 8196 8422 /* Store whole cert row into memory, have lock, return bytes added */ 8197 static INLINE int StoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current, int row)8423 static WC_INLINE int StoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current, int row) 8198 8424 { 8199 8425 int added = 0; … … 8232 8458 8233 8459 /* Persist cert cache to memory, have lock */ 8234 static INLINE int DoMemSaveCertCache(WOLFSSL_CERT_MANAGER* cm,8460 static WC_INLINE int DoMemSaveCertCache(WOLFSSL_CERT_MANAGER* cm, 8235 8461 void* mem, int sz) 8236 8462 { … … 8331 8557 } 8332 8558 8333 XFSEEK(file, 0, XSEEK_END); 8559 if(XFSEEK(file, 0, XSEEK_END) != 0) { 8560 XFCLOSE(file); 8561 return WOLFSSL_BAD_FILE; 8562 } 8334 8563 memSz = (int)XFTELL(file); 8335 8564 XREWIND(file); … … 8464 8693 WOLFSSL_ENTER("wolfSSL_CTX_set_cipher_list"); 8465 8694 8695 if (ctx == NULL) 8696 return WOLFSSL_FAILURE; 8697 8466 8698 /* alloc/init on demand only */ 8467 8699 if (ctx->suites == NULL) { … … 8486 8718 8487 8719 8720 int wolfSSL_dtls_get_using_nonblock(WOLFSSL* ssl) 8721 { 8722 int useNb = 0; 8723 8724 if (ssl == NULL) 8725 return WOLFSSL_FAILURE; 8726 8727 WOLFSSL_ENTER("wolfSSL_dtls_get_using_nonblock"); 8728 if (ssl->options.dtls) { 8729 #ifdef WOLFSSL_DTLS 8730 useNb = ssl->options.dtlsUseNonblock; 8731 #endif 8732 } 8733 else { 8734 WOLFSSL_MSG("wolfSSL_dtls_get_using_nonblock() is " 8735 "DEPRECATED for non-DTLS use."); 8736 } 8737 return useNb; 8738 } 8739 8740 8488 8741 #ifndef WOLFSSL_LEANPSK 8742 8743 void wolfSSL_dtls_set_using_nonblock(WOLFSSL* ssl, int nonblock) 8744 { 8745 (void)nonblock; 8746 8747 WOLFSSL_ENTER("wolfSSL_dtls_set_using_nonblock"); 8748 8749 if (ssl == NULL) 8750 return; 8751 8752 if (ssl->options.dtls) { 8489 8753 #ifdef WOLFSSL_DTLS 8754 ssl->options.dtlsUseNonblock = (nonblock != 0); 8755 #endif 8756 } 8757 else { 8758 WOLFSSL_MSG("wolfSSL_dtls_set_using_nonblock() is " 8759 "DEPRECATED for non-DTLS use."); 8760 } 8761 } 8762 8763 8764 #ifdef WOLFSSL_DTLS 8490 8765 8491 8766 int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl) 8492 8767 { 8493 (void)ssl; 8494 8495 return ssl->dtls_timeout; 8768 int timeout = 0; 8769 if (ssl) 8770 timeout = ssl->dtls_timeout; 8771 return timeout; 8496 8772 } 8497 8773 … … 8535 8811 { 8536 8812 int result = WOLFSSL_SUCCESS; 8813 8814 if (ssl == NULL) 8815 return WOLFSSL_FATAL_ERROR; 8537 8816 8538 8817 if (!ssl->options.handShakeDone && … … 8608 8887 #endif /* WOLFSSL_DTLS && !NO_WOLFSSL_SERVER */ 8609 8888 8610 #ifdef OPENSSL_EXTRA 8611 WOLFSSL_METHOD* wolfSSLv23_method(void) { 8612 WOLFSSL_METHOD* m; 8613 WOLFSSL_ENTER("wolfSSLv23_method"); 8614 #ifndef NO_WOLFSSL_CLIENT 8615 m = wolfSSLv23_client_method(); 8616 #else 8617 m = wolfSSLv23_server_method(); 8889 8890 /* EITHER SIDE METHODS */ 8891 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) 8892 WOLFSSL_METHOD* wolfSSLv23_method(void) 8893 { 8894 return wolfSSLv23_method_ex(NULL); 8895 } 8896 WOLFSSL_METHOD* wolfSSLv23_method_ex(void* heap) 8897 { 8898 WOLFSSL_METHOD* m = NULL; 8899 WOLFSSL_ENTER("SSLv23_method"); 8900 #if !defined(NO_WOLFSSL_CLIENT) 8901 m = wolfSSLv23_client_method_ex(heap); 8902 #elif !defined(NO_WOLFSSL_SERVER) 8903 m = wolfSSLv23_server_method_ex(heap); 8618 8904 #endif 8619 8905 if (m != NULL) { … … 8623 8909 return m; 8624 8910 } 8625 #endif /* OPENSSL_EXTRA */8911 #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ 8626 8912 8627 8913 /* client only parts */ 8628 8914 #ifndef NO_WOLFSSL_CLIENT 8629 8915 8630 #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) 8916 #ifdef OPENSSL_EXTRA 8917 WOLFSSL_METHOD* wolfSSLv2_client_method(void) 8918 { 8919 WOLFSSL_STUB("wolfSSLv2_client_method"); 8920 return NULL; 8921 } 8922 #endif 8923 8924 #ifdef WOLFSSL_ALLOW_SSLV3 8631 8925 WOLFSSL_METHOD* wolfSSLv3_client_method(void) 8632 { 8633 WOLFSSL_ENTER("SSLv3_client_method"); 8926 { 8634 8927 return wolfSSLv3_client_method_ex(NULL); 8635 } 8636 #endif 8637 8638 #ifdef WOLFSSL_DTLS 8639 8640 #ifndef NO_OLD_TLS 8641 WOLFSSL_METHOD* wolfDTLSv1_client_method(void) 8642 { 8643 WOLFSSL_ENTER("DTLSv1_client_method"); 8644 return wolfDTLSv1_client_method_ex(NULL); 8645 } 8646 #endif /* NO_OLD_TLS */ 8647 8648 WOLFSSL_METHOD* wolfDTLSv1_2_client_method(void) 8649 { 8650 WOLFSSL_ENTER("DTLSv1_2_client_method"); 8651 return wolfDTLSv1_2_client_method_ex(NULL); 8652 } 8653 #endif 8654 8655 #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) 8928 } 8656 8929 WOLFSSL_METHOD* wolfSSLv3_client_method_ex(void* heap) 8657 8930 { … … 8659 8932 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 8660 8933 heap, DYNAMIC_TYPE_METHOD); 8934 (void)heap; 8661 8935 WOLFSSL_ENTER("SSLv3_client_method_ex"); 8662 8936 if (method) … … 8664 8938 return method; 8665 8939 } 8666 #endif 8667 8668 #ifdef WOLFSSL_DTLS 8669 8670 #ifndef NO_OLD_TLS 8671 WOLFSSL_METHOD* wolfDTLSv1_client_method_ex(void* heap) 8940 #endif /* WOLFSSL_ALLOW_SSLV3 */ 8941 8942 8943 WOLFSSL_METHOD* wolfSSLv23_client_method(void) 8944 { 8945 return wolfSSLv23_client_method_ex(NULL); 8946 } 8947 WOLFSSL_METHOD* wolfSSLv23_client_method_ex(void* heap) 8672 8948 { 8673 8949 WOLFSSL_METHOD* method = 8674 8950 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 8675 8951 heap, DYNAMIC_TYPE_METHOD); 8676 WOLFSSL_ENTER("DTLSv1_client_method_ex"); 8677 if (method) 8678 InitSSL_Method(method, MakeDTLSv1()); 8952 (void)heap; 8953 WOLFSSL_ENTER("SSLv23_client_method_ex"); 8954 if (method) { 8955 #if !defined(NO_SHA256) || defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) 8956 #if defined(WOLFSSL_TLS13) 8957 InitSSL_Method(method, MakeTLSv1_3()); 8958 #elif !defined(WOLFSSL_NO_TLS12) 8959 InitSSL_Method(method, MakeTLSv1_2()); 8960 #elif !defined(NO_OLD_TLS) 8961 InitSSL_Method(method, MakeTLSv1_1()); 8962 #endif 8963 #else 8964 #ifndef NO_OLD_TLS 8965 InitSSL_Method(method, MakeTLSv1_1()); 8966 #endif 8967 #endif 8968 #if !defined(NO_OLD_TLS) || defined(WOLFSSL_TLS13) 8969 method->downgrade = 1; 8970 #endif 8971 } 8679 8972 return method; 8680 8973 } 8681 #endif /* NO_OLD_TLS */ 8682 8683 WOLFSSL_METHOD* wolfDTLSv1_2_client_method_ex(void* heap) 8684 { 8685 WOLFSSL_METHOD* method = 8686 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 8687 heap, DYNAMIC_TYPE_METHOD); 8688 WOLFSSL_ENTER("DTLSv1_2_client_method_ex"); 8689 if (method) 8690 InitSSL_Method(method, MakeDTLSv1_2()); 8691 (void)heap; 8692 return method; 8693 } 8694 #endif 8695 8974 8975 8976 #if defined(WOLFSSL_DTLS) || !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) || \ 8977 defined(WOLFSSL_ALLOW_SSLV3) 8696 8978 /* If SCTP is not enabled returns the state of the dtls option. 8697 8979 * If SCTP is enabled returns dtls && !sctp. */ 8698 static INLINE int IsDtlsNotSctpMode(WOLFSSL* ssl)8980 static WC_INLINE int IsDtlsNotSctpMode(WOLFSSL* ssl) 8699 8981 { 8700 8982 int result = ssl->options.dtls; … … 8708 8990 return result; 8709 8991 } 8992 #endif /* WOLFSSL_DTLS || !WOLFSSL_NO_TLS12 || !NO_OLD_TLS */ 8710 8993 8711 8994 … … 8713 8996 int wolfSSL_connect(WOLFSSL* ssl) 8714 8997 { 8998 #if !(defined(WOLFSSL_NO_TLS12) && defined(NO_OLD_TLS) && defined(WOLFSSL_TLS13)) 8715 8999 int neededState; 9000 #endif 8716 9001 8717 9002 WOLFSSL_ENTER("SSL_connect()"); … … 8724 9009 return BAD_FUNC_ARG; 8725 9010 8726 if (ssl->options.side != WOLFSSL_CLIENT_END) { 8727 WOLFSSL_ERROR(ssl->error = SIDE_ERROR); 9011 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) 9012 if (ssl->options.side == WOLFSSL_NEITHER_END) { 9013 ssl->error = InitSSL_Side(ssl, WOLFSSL_CLIENT_END); 9014 if (ssl->error != WOLFSSL_SUCCESS) { 9015 WOLFSSL_ERROR(ssl->error); 8728 9016 return WOLFSSL_FATAL_ERROR; 8729 9017 } 8730 9018 ssl->error = 0; /* expected to be zero here */ 9019 } 9020 9021 #ifdef OPENSSL_EXTRA 9022 if (ssl->CBIS != NULL) { 9023 ssl->CBIS(ssl, SSL_ST_CONNECT, SSL_SUCCESS); 9024 ssl->cbmode = SSL_CB_WRITE; 9025 } 9026 #endif 9027 #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ 9028 9029 #if defined(WOLFSSL_NO_TLS12) && defined(NO_OLD_TLS) && defined(WOLFSSL_TLS13) 9030 return wolfSSL_connect_TLSv13(ssl); 9031 #else 8731 9032 #ifdef WOLFSSL_TLS13 8732 9033 if (ssl->options.tls1_3) 8733 9034 return wolfSSL_connect_TLSv13(ssl); 8734 9035 #endif 9036 9037 if (ssl->options.side != WOLFSSL_CLIENT_END) { 9038 WOLFSSL_ERROR(ssl->error = SIDE_ERROR); 9039 return WOLFSSL_FATAL_ERROR; 9040 } 8735 9041 8736 9042 #ifdef WOLFSSL_DTLS … … 8763 9069 } 8764 9070 8765 #ifdef WOLFSSL_TLS138766 if (ssl->options.tls1_3)8767 return wolfSSL_connect_TLSv13(ssl);8768 #endif8769 8770 9071 switch (ssl->options.connectState) { 8771 9072 … … 8792 9093 /* get response */ 8793 9094 while (ssl->options.serverState < neededState) { 9095 #ifdef WOLFSSL_TLS13 9096 if (ssl->options.tls1_3) 9097 return wolfSSL_connect_TLSv13(ssl); 9098 #endif 8794 9099 if ( (ssl->error = ProcessReply(ssl)) < 0) { 8795 9100 WOLFSSL_ERROR(ssl->error); … … 8850 9155 } 8851 9156 /* if resumption failed, reset needed state */ 8852 else if (neededState == SERVER_FINISHED_COMPLETE)9157 if (neededState == SERVER_FINISHED_COMPLETE) { 8853 9158 if (!ssl->options.resuming) 8854 9159 neededState = SERVER_HELLODONE_COMPLETE; 8855 9160 } 8856 9161 } 9162 } 8857 9163 #endif 8858 9164 … … 8862 9168 8863 9169 case FIRST_REPLY_DONE : 9170 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH) 8864 9171 #ifdef WOLFSSL_TLS13 8865 9172 if (ssl->options.tls1_3) 8866 9173 return wolfSSL_connect_TLSv13(ssl); 8867 9174 #endif 8868 #ifndef NO_CERTS8869 9175 if (ssl->options.sendVerify) { 8870 9176 if ( (ssl->error = SendCertificate(ssl)) != 0) { … … 8898 9204 8899 9205 case FIRST_REPLY_SECOND : 8900 #if ndef NO_CERTS9206 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH) 8901 9207 if (ssl->options.sendVerify) { 8902 9208 if ( (ssl->error = SendCertificateVerify(ssl)) != 0) { … … 8906 9212 WOLFSSL_MSG("sent: certificate verify"); 8907 9213 } 8908 #endif 9214 #endif /* !NO_CERTS && !WOLFSSL_NO_CLIENT_AUTH */ 8909 9215 ssl->options.connectState = FIRST_REPLY_THIRD; 8910 9216 WOLFSSL_MSG("connect state: FIRST_REPLY_THIRD"); … … 8973 9279 return WOLFSSL_FATAL_ERROR; /* unknown connect state */ 8974 9280 } 9281 #endif /* !WOLFSSL_NO_TLS12 */ 8975 9282 } 8976 9283 … … 8981 9288 #ifndef NO_WOLFSSL_SERVER 8982 9289 8983 #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) 9290 #ifdef OPENSSL_EXTRA 9291 WOLFSSL_METHOD* wolfSSLv2_server_method(void) 9292 { 9293 WOLFSSL_STUB("wolfSSLv2_server_method"); 9294 return 0; 9295 } 9296 #endif 9297 9298 #ifdef WOLFSSL_ALLOW_SSLV3 8984 9299 WOLFSSL_METHOD* wolfSSLv3_server_method(void) 8985 { 8986 WOLFSSL_ENTER("SSLv3_server_method"); 9300 { 8987 9301 return wolfSSLv3_server_method_ex(NULL); 8988 } 8989 #endif 8990 8991 8992 #ifdef WOLFSSL_DTLS 8993 8994 #ifndef NO_OLD_TLS 8995 WOLFSSL_METHOD* wolfDTLSv1_server_method(void) 8996 { 8997 WOLFSSL_ENTER("DTLSv1_server_method"); 8998 return wolfDTLSv1_server_method_ex(NULL); 8999 } 9000 #endif /* NO_OLD_TLS */ 9001 9002 WOLFSSL_METHOD* wolfDTLSv1_2_server_method(void) 9003 { 9004 WOLFSSL_ENTER("DTLSv1_2_server_method"); 9005 return wolfDTLSv1_2_server_method_ex(NULL); 9006 } 9007 #endif 9008 9009 #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) 9302 } 9010 9303 WOLFSSL_METHOD* wolfSSLv3_server_method_ex(void* heap) 9011 9304 { … … 9013 9306 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 9014 9307 heap, DYNAMIC_TYPE_METHOD); 9308 (void)heap; 9015 9309 WOLFSSL_ENTER("SSLv3_server_method_ex"); 9016 9310 if (method) { … … 9020 9314 return method; 9021 9315 } 9022 #endif 9023 9024 9025 #ifdef WOLFSSL_DTLS 9026 9027 #ifndef NO_OLD_TLS 9028 WOLFSSL_METHOD* wolfDTLSv1_server_method_ex(void* heap) 9316 #endif /* WOLFSSL_ALLOW_SSLV3 */ 9317 9318 WOLFSSL_METHOD* wolfSSLv23_server_method(void) 9319 { 9320 return wolfSSLv23_server_method_ex(NULL); 9321 } 9322 9323 WOLFSSL_METHOD* wolfSSLv23_server_method_ex(void* heap) 9029 9324 { 9030 9325 WOLFSSL_METHOD* method = 9031 9326 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 9032 9327 heap, DYNAMIC_TYPE_METHOD); 9033 WOLFSSL_ENTER("DTLSv1_server_method_ex"); 9328 (void)heap; 9329 WOLFSSL_ENTER("SSLv23_server_method_ex"); 9034 9330 if (method) { 9035 InitSSL_Method(method, MakeDTLSv1()); 9331 #if !defined(NO_SHA256) || defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) 9332 #ifdef WOLFSSL_TLS13 9333 InitSSL_Method(method, MakeTLSv1_3()); 9334 #elif !defined(WOLFSSL_NO_TLS12) 9335 InitSSL_Method(method, MakeTLSv1_2()); 9336 #elif !defined(NO_OLD_TLS) 9337 InitSSL_Method(method, MakeTLSv1_1()); 9338 #endif 9339 #else 9340 #ifndef NO_OLD_TLS 9341 InitSSL_Method(method, MakeTLSv1_1()); 9342 #else 9343 #error Must have SHA256, SHA384 or SHA512 enabled for TLS 1.2 9344 #endif 9345 #endif 9346 #if !defined(NO_OLD_TLS) || defined(WOLFSSL_TLS13) 9347 method->downgrade = 1; 9348 #endif 9036 9349 method->side = WOLFSSL_SERVER_END; 9037 9350 } 9038 9351 return method; 9039 9352 } 9040 #endif /* NO_OLD_TLS */9041 9042 WOLFSSL_METHOD* wolfDTLSv1_2_server_method_ex(void* heap)9043 {9044 WOLFSSL_METHOD* method =9045 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),9046 heap, DYNAMIC_TYPE_METHOD);9047 WOLFSSL_ENTER("DTLSv1_2_server_method_ex");9048 if (method) {9049 InitSSL_Method(method, MakeDTLSv1_2());9050 method->side = WOLFSSL_SERVER_END;9051 }9052 (void)heap;9053 return method;9054 }9055 #endif9056 9353 9057 9354 9058 9355 int wolfSSL_accept(WOLFSSL* ssl) 9059 9356 { 9357 #if !(defined(WOLFSSL_NO_TLS12) && defined(NO_OLD_TLS) && defined(WOLFSSL_TLS13)) 9060 9358 word16 havePSK = 0; 9061 9359 word16 haveAnon = 0; 9062 9360 word16 haveMcast = 0; 9063 9361 #endif 9362 9363 if (ssl == NULL) 9364 return WOLFSSL_FATAL_ERROR; 9365 9366 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) 9367 if (ssl->options.side == WOLFSSL_NEITHER_END) { 9368 ssl->error = InitSSL_Side(ssl, WOLFSSL_SERVER_END); 9369 if (ssl->error != WOLFSSL_SUCCESS) { 9370 WOLFSSL_ERROR(ssl->error); 9371 return WOLFSSL_FATAL_ERROR; 9372 } 9373 ssl->error = 0; /* expected to be zero here */ 9374 } 9375 #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ 9376 9377 #if defined(WOLFSSL_NO_TLS12) && defined(NO_OLD_TLS) && defined(WOLFSSL_TLS13) 9378 return wolfSSL_accept_TLSv13(ssl); 9379 #else 9064 9380 #ifdef WOLFSSL_TLS13 9065 9381 if (ssl->options.tls1_3) … … 9094 9410 #ifndef NO_CERTS 9095 9411 /* in case used set_accept_state after init */ 9096 if (!havePSK && !haveAnon && !haveMcast && 9097 (!ssl->buffers.certificate || 9098 !ssl->buffers.certificate->buffer || 9099 !ssl->buffers.key || 9100 !ssl->buffers.key->buffer)) { 9101 WOLFSSL_MSG("accept error: don't have server cert and key"); 9102 ssl->error = NO_PRIVATE_KEY; 9103 WOLFSSL_ERROR(ssl->error); 9412 /* allow no private key if using PK callbacks and CB is set */ 9413 if (!havePSK && !haveAnon && !haveMcast) { 9414 if (!ssl->buffers.certificate || 9415 !ssl->buffers.certificate->buffer) { 9416 9417 WOLFSSL_MSG("accept error: server cert required"); 9418 WOLFSSL_ERROR(ssl->error = NO_PRIVATE_KEY); 9104 9419 return WOLFSSL_FATAL_ERROR; 9105 9420 } 9421 9422 #ifdef HAVE_PK_CALLBACKS 9423 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) { 9424 WOLFSSL_MSG("Using PK for server private key"); 9425 } 9426 else 9427 #endif 9428 if (!ssl->buffers.key || !ssl->buffers.key->buffer) { 9429 WOLFSSL_MSG("accept error: server key required"); 9430 WOLFSSL_ERROR(ssl->error = NO_PRIVATE_KEY); 9431 return WOLFSSL_FATAL_ERROR; 9432 } 9433 } 9106 9434 #endif 9107 9435 … … 9150 9478 9151 9479 case ACCEPT_CLIENT_HELLO_DONE : 9152 if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) { 9153 if ((ssl->error = SendTls13HelloRetryRequest(ssl)) != 0) { 9154 WOLFSSL_ERROR(ssl->error); 9155 return WOLFSSL_FATAL_ERROR; 9156 } 9157 } 9158 ssl->options.acceptState = ACCEPT_HELLO_RETRY_REQUEST_DONE; 9159 WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE"); 9160 FALL_THROUGH; 9161 9162 case ACCEPT_HELLO_RETRY_REQUEST_DONE : 9163 if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) { 9164 if ( (ssl->error = ProcessReply(ssl)) < 0) { 9165 WOLFSSL_ERROR(ssl->error); 9166 return WOLFSSL_FATAL_ERROR; 9167 } 9480 if (ssl->options.tls1_3) { 9481 return wolfSSL_accept_TLSv13(ssl); 9168 9482 } 9169 9483 #endif … … 9173 9487 9174 9488 case ACCEPT_FIRST_REPLY_DONE : 9175 #ifdef WOLFSSL_TLS139176 if (ssl->options.tls1_3) {9177 return wolfSSL_accept_TLSv13(ssl);9178 }9179 #endif9180 9489 if ( (ssl->error = SendServerHello(ssl)) != 0) { 9181 9490 WOLFSSL_ERROR(ssl->error); … … 9351 9660 return WOLFSSL_FATAL_ERROR; 9352 9661 } 9662 #endif /* !WOLFSSL_NO_TLS12 */ 9353 9663 } 9354 9664 … … 9418 9728 9419 9729 /* some session IDs aren't random after all, let's make them random */ 9420 static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error)9421 { 9422 byte digest[ MAX_DIGEST_SIZE];9730 static WC_INLINE word32 HashSession(const byte* sessionID, word32 len, int* error) 9731 { 9732 byte digest[WC_MAX_DIGEST_SIZE]; 9423 9733 9424 9734 #ifndef NO_MD5 … … 9562 9872 * restoreSessionCerts Restoring session certificates is required. 9563 9873 */ 9564 static INLINE void RestoreSession(WOLFSSL* ssl, WOLFSSL_SESSION* session,9874 static WC_INLINE void RestoreSession(WOLFSSL* ssl, WOLFSSL_SESSION* session, 9565 9875 byte* masterSecret, byte restoreSessionCerts) 9566 9876 { … … 9605 9915 #endif 9606 9916 9607 if ( ssl->arrays)9917 if (!ssl->options.tls1_3 && ssl->arrays != NULL) 9608 9918 id = ssl->arrays->sessionID; 9609 9919 else … … 9727 10037 copyInto->ticketSeen = copyFrom->ticketSeen; 9728 10038 copyInto->ticketAdd = copyFrom->ticketAdd; 10039 #ifndef WOLFSSL_TLS13_DRAFT_18 10040 XMEMCPY(©Into->ticketNonce, ©From->ticketNonce, 10041 sizeof(TicketNonce)); 10042 #endif 9729 10043 #ifdef WOLFSSL_EARLY_DATA 9730 10044 copyInto->maxEarlyDataSz = copyFrom->maxEarlyDataSz; … … 9790 10104 if (ssl->options.sessionCacheOff) 9791 10105 return WOLFSSL_FAILURE; 10106 10107 #ifdef OPENSSL_EXTRA 10108 /* check for application context id */ 10109 if (ssl->sessionCtxSz > 0) { 10110 if (XMEMCMP(ssl->sessionCtx, session->sessionCtx, ssl->sessionCtxSz)) { 10111 /* context id did not match! */ 10112 WOLFSSL_MSG("Session context did not match"); 10113 return SSL_FAILURE; 10114 } 10115 } 10116 #endif /* OPENSSL_EXTRA */ 9792 10117 9793 10118 if (LowResTimer() < (session->bornOn + session->timeout)) { … … 9867 10192 /* Use the session object in the cache for external cache if required. 9868 10193 */ 10194 #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) 10195 if (ssl->options.tls1_3) { 10196 row = HashSession(ssl->session.sessionID, ID_LEN, &error) % 10197 SESSION_ROWS; 10198 } 10199 else 10200 #endif 10201 { 9869 10202 row = HashSession(ssl->arrays->sessionID, ID_LEN, &error) % 9870 10203 SESSION_ROWS; 10204 } 9871 10205 if (error != 0) { 9872 10206 WOLFSSL_MSG("Hash session failed"); … … 9896 10230 XMEMCPY(session->masterSecret, ssl->session.masterSecret, SECRET_LEN); 9897 10231 session->haveEMS = ssl->options.haveEMS; 10232 #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) 10233 if (ssl->options.tls1_3) { 10234 XMEMCPY(session->sessionID, ssl->session.sessionID, ID_LEN); 10235 session->sessionIDSz = ID_LEN; 10236 } 10237 else 10238 #endif 10239 { 9898 10240 XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN); 9899 10241 session->sessionIDSz = ssl->arrays->sessionIDSz; 10242 } 10243 10244 #ifdef OPENSSL_EXTRA 10245 /* If using compatibilty layer then check for and copy over session context 10246 * id. */ 10247 if (ssl->sessionCtxSz > 0 && ssl->sessionCtxSz < ID_LEN) { 10248 XMEMCPY(session->sessionCtx, ssl->sessionCtx, ssl->sessionCtxSz); 10249 } 10250 #endif 9900 10251 9901 10252 session->timeout = ssl->timeout; … … 9926 10277 9927 10278 if (error == 0) { 9928 session->ticketLen = ticLen;10279 session->ticketLen = (word16)ticLen; 9929 10280 XMEMCPY(session->ticket, ssl->session.ticket, ticLen); 9930 10281 } else { /* cleanup, reset state */ … … 9954 10305 } 9955 10306 #endif /* SESSION_CERTS || (WOLFSSL_TLS13 & HAVE_SESSION_TICKET) */ 10307 #if defined(WOLFSSL_TLS13) 10308 if (error == 0) { 10309 session->namedGroup = ssl->session.namedGroup; 10310 } 10311 #endif 9956 10312 #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) 9957 10313 if (error == 0) { 9958 session->namedGroup = ssl->session.namedGroup;9959 10314 session->ticketSeen = ssl->session.ticketSeen; 9960 10315 session->ticketAdd = ssl->session.ticketAdd; 10316 #ifndef WOLFSSL_TLS13_DRAFT_18 10317 XMEMCPY(&session->ticketNonce, &ssl->session.ticketNonce, 10318 sizeof(TicketNonce)); 10319 #endif 9961 10320 #ifdef WOLFSSL_EARLY_DATA 9962 10321 session->maxEarlyDataSz = ssl->session.maxEarlyDataSz; … … 10285 10644 XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN); 10286 10645 10287 ssl->buffers.domainName.length = (word32)XSTRLEN(dn) + 1;10646 ssl->buffers.domainName.length = (word32)XSTRLEN(dn); 10288 10647 ssl->buffers.domainName.buffer = (byte*) XMALLOC( 10289 ssl->buffers.domainName.length, ssl->heap, DYNAMIC_TYPE_DOMAIN);10648 ssl->buffers.domainName.length + 1, ssl->heap, DYNAMIC_TYPE_DOMAIN); 10290 10649 10291 10650 if (ssl->buffers.domainName.buffer) { 10292 XSTRNCPY((char*)ssl->buffers.domainName.buffer, dn, 10293 ssl->buffers.domainName.length); 10651 unsigned char* domainName = ssl->buffers.domainName.buffer; 10652 XMEMCPY(domainName, dn, ssl->buffers.domainName.length); 10653 domainName[ssl->buffers.domainName.length] = '\0'; 10294 10654 return WOLFSSL_SUCCESS; 10295 10655 } … … 10552 10912 { 10553 10913 WOLFSSL_ENTER("SSL_CTX_set_psk_client_callback"); 10914 10915 if (ctx == NULL) 10916 return; 10917 10554 10918 ctx->havePSK = 1; 10555 10919 ctx->client_psk_cb = cb; … … 10563 10927 10564 10928 WOLFSSL_ENTER("SSL_set_psk_client_callback"); 10929 10930 if (ssl == NULL) 10931 return; 10932 10565 10933 ssl->options.havePSK = 1; 10566 10934 ssl->options.client_psk_cb = cb; … … 10583 10951 { 10584 10952 WOLFSSL_ENTER("SSL_CTX_set_psk_server_callback"); 10953 if (ctx == NULL) 10954 return; 10585 10955 ctx->havePSK = 1; 10586 10956 ctx->server_psk_cb = cb; … … 10594 10964 10595 10965 WOLFSSL_ENTER("SSL_set_psk_server_callback"); 10966 if (ssl == NULL) 10967 return; 10968 10596 10969 ssl->options.havePSK = 1; 10597 10970 ssl->options.server_psk_cb = cb; … … 10636 11009 WOLFSSL_ENTER("SSL_CTX_use_psk_identity_hint"); 10637 11010 if (hint == 0) 10638 ctx->server_hint[0] = 0;11011 ctx->server_hint[0] = '\0'; 10639 11012 else { 10640 11013 XSTRNCPY(ctx->server_hint, hint, sizeof(ctx->server_hint)); … … 10656 11029 else { 10657 11030 XSTRNCPY(ssl->arrays->server_hint, hint, 10658 sizeof(ssl->arrays->server_hint) );10659 ssl->arrays->server_hint[ MAX_PSK_ID_LEN] = '\0'; /* null term */11031 sizeof(ssl->arrays->server_hint)-1); 11032 ssl->arrays->server_hint[sizeof(ssl->arrays->server_hint)-1] = '\0'; 10660 11033 } 10661 11034 return WOLFSSL_SUCCESS; … … 10695 11068 else 10696 11069 return ProcessBuffer(ctx, in, sz, format, CA_TYPE, NULL,NULL,0); 11070 } 11071 11072 11073 int wolfSSL_CTX_load_verify_chain_buffer_format(WOLFSSL_CTX* ctx, 11074 const unsigned char* in, 11075 long sz, int format) 11076 { 11077 WOLFSSL_ENTER("wolfSSL_CTX_load_verify_chain_buffer_format"); 11078 if (format == WOLFSSL_FILETYPE_PEM) 11079 return ProcessChainBuffer(ctx, in, sz, format, CA_TYPE, NULL); 11080 else 11081 return ProcessBuffer(ctx, in, sz, format, CA_TYPE, NULL,NULL,1); 10697 11082 } 10698 11083 … … 10795 11180 else { 10796 11181 if (format == WOLFSSL_FILETYPE_PEM) { 11182 #ifdef WOLFSSL_PEM_TO_DER 10797 11183 FreeDer(&der); 10798 11184 ret = PemToDer(buf, sz, DH_PARAM_TYPE, &der, ctx->heap, … … 10805 11191 } 10806 11192 #endif 10807 #endif 11193 #endif /* WOLFSSL_WPAS */ 11194 #else 11195 ret = NOT_COMPILED_IN; 11196 #endif /* WOLFSSL_PEM_TO_DER */ 10808 11197 } 10809 11198 … … 10946 11335 10947 11336 10948 #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) 10949 11337 #ifdef OPENSSL_EXTRA 10950 11338 10951 11339 int wolfSSL_add_all_algorithms(void) … … 10958 11346 } 10959 11347 11348 int wolfSSL_OpenSSL_add_all_algorithms_noconf(void) 11349 { 11350 WOLFSSL_ENTER("wolfSSL_OpenSSL_add_all_algorithms_noconf"); 11351 11352 if (wolfSSL_add_all_algorithms() == WOLFSSL_FATAL_ERROR) 11353 return WOLFSSL_FATAL_ERROR; 11354 11355 return WOLFSSL_SUCCESS; 11356 } 10960 11357 10961 11358 /* returns previous set cache size which stays constant */ … … 10973 11370 } 10974 11371 10975 11372 #endif 11373 11374 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) 10976 11375 void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX* ctx, int mode) 10977 11376 { … … 10988 11387 ssl->options.quietShutdown = 1; 10989 11388 } 10990 10991 11389 #endif 11390 11391 #ifdef OPENSSL_EXTRA 10992 11392 void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr) 10993 11393 { 10994 WOLFSSL_ENTER("SSL_set_bio"); 11394 WOLFSSL_ENTER("wolfSSL_set_bio"); 11395 11396 if (ssl == NULL) { 11397 WOLFSSL_MSG("Bad argument, ssl was NULL"); 11398 return; 11399 } 11400 11401 /* if WOLFSSL_BIO is socket type then set WOLFSSL socket to use */ 11402 if (rd != NULL && rd->type == WOLFSSL_BIO_SOCKET) { 10995 11403 wolfSSL_set_rfd(ssl, rd->fd); 11404 } 11405 if (wr != NULL && wr->type == WOLFSSL_BIO_SOCKET) { 10996 11406 wolfSSL_set_wfd(ssl, wr->fd); 11407 } 11408 11409 /* free any existing WOLFSSL_BIOs in use */ 11410 if (ssl->biord != NULL) { 11411 if (ssl->biord != ssl->biowr) { 11412 if (ssl->biowr != NULL) { 11413 wolfSSL_BIO_free(ssl->biowr); 11414 ssl->biowr = NULL; 11415 } 11416 } 11417 wolfSSL_BIO_free(ssl->biord); 11418 ssl->biord = NULL; 11419 } 11420 10997 11421 10998 11422 ssl->biord = rd; 10999 11423 ssl->biowr = wr; 11000 } 11001 11002 11424 11425 /* set SSL to use BIO callbacks instead */ 11426 if (((ssl->cbioFlag & WOLFSSL_CBIO_RECV) == 0) && 11427 (rd != NULL && rd->type != WOLFSSL_BIO_SOCKET)) { 11428 ssl->CBIORecv = BioReceive; 11429 } 11430 if (((ssl->cbioFlag & WOLFSSL_CBIO_SEND) == 0) && 11431 (wr != NULL && wr->type != WOLFSSL_BIO_SOCKET)) { 11432 ssl->CBIOSend = BioSend; 11433 } 11434 } 11435 #endif 11436 11437 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_WEBSERVER) 11003 11438 void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX* ctx, 11004 11439 WOLF_STACK_OF(WOLFSSL_X509_NAME)* names) 11005 11440 { 11006 11441 WOLFSSL_ENTER("wolfSSL_SSL_CTX_set_client_CA_list"); 11007 11442 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) 11008 11443 if (ctx != NULL) 11009 11444 ctx->ca_names = names; 11010 } 11011 11445 #else 11446 (void)ctx; 11447 (void)names; 11448 #endif 11449 } 11450 #endif 11451 11452 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) 11012 11453 WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list( 11013 11454 const WOLFSSL_CTX *s) … … 11020 11461 return s->ca_names; 11021 11462 } 11022 11463 #endif 11464 11465 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 11466 #if !defined(NO_RSA) && !defined(NO_CERTS) 11023 11467 WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char* fname) 11024 11468 { 11469 /* The webserver build is using this to load a CA into the server 11470 * for client authentication as an option. Have this return NULL in 11471 * that case. If OPENSSL_EXTRA is enabled, go ahead and include 11472 * the function. */ 11473 #ifdef OPENSSL_EXTRA 11025 11474 WOLFSSL_STACK *list = NULL; 11026 11475 WOLFSSL_STACK *node; … … 11069 11518 wolfSSL_BIO_free(bio); 11070 11519 return list; 11071 } 11072 11073 11520 #else 11521 (void)fname; 11522 return NULL; 11523 #endif 11524 } 11525 #endif 11526 #endif 11527 11528 #ifdef OPENSSL_EXTRA 11529 #if !defined(NO_RSA) && !defined(NO_CERTS) 11530 int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509) 11531 { 11532 WOLFSSL_STACK *node = NULL; 11533 WOLFSSL_X509_NAME *subjectName = NULL; 11534 11535 WOLFSSL_ENTER("wolfSSL_CTX_add_client_CA"); 11536 11537 if (ctx == NULL || x509 == NULL){ 11538 WOLFSSL_MSG("Bad argument"); 11539 return SSL_FAILURE; 11540 } 11541 11542 subjectName = wolfSSL_X509_get_subject_name(x509); 11543 if (subjectName == NULL){ 11544 WOLFSSL_MSG("invalid x509 data"); 11545 return SSL_FAILURE; 11546 } 11547 11548 /* Alloc stack struct */ 11549 node = (WOLF_STACK_OF(WOLFSSL_X509_NAME)*)XMALLOC( 11550 sizeof(WOLF_STACK_OF(WOLFSSL_X509_NAME)), 11551 NULL, DYNAMIC_TYPE_OPENSSL); 11552 if (node == NULL){ 11553 WOLFSSL_MSG("memory allocation error"); 11554 return SSL_FAILURE; 11555 } 11556 XMEMSET(node, 0, sizeof(WOLF_STACK_OF(WOLFSSL_X509_NAME))); 11557 11558 /* Alloc and copy WOLFSSL_X509_NAME */ 11559 node->data.name = (WOLFSSL_X509_NAME*)XMALLOC( 11560 sizeof(WOLFSSL_X509_NAME), 11561 NULL, DYNAMIC_TYPE_OPENSSL); 11562 if (node->data.name == NULL) { 11563 XFREE(node, NULL, DYNAMIC_TYPE_OPENSSL); 11564 WOLFSSL_MSG("memory allocation error"); 11565 return SSL_FAILURE; 11566 } 11567 XMEMCPY(node->data.name, subjectName, sizeof(WOLFSSL_X509_NAME)); 11568 XMEMSET(subjectName, 0, sizeof(WOLFSSL_X509_NAME)); 11569 11570 /* push new node onto head of stack */ 11571 node->num = (ctx->ca_names == NULL) ? 1 : ctx->ca_names->num + 1; 11572 node->next = ctx->ca_names; 11573 ctx->ca_names = node; 11574 return SSL_SUCCESS; 11575 } 11576 #endif 11577 11578 #ifndef NO_WOLFSSL_STUB 11074 11579 int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX* ctx) 11075 11580 { 11076 11581 /* TODO:, not needed in goahead */ 11077 11582 (void)ctx; 11078 return WOLFSSL_NOT_IMPLEMENTED; 11079 } 11080 11583 WOLFSSL_STUB("SSL_CTX_set_default_verify_paths"); 11584 return SSL_NOT_IMPLEMENTED; 11585 } 11586 #endif 11587 11588 #if defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256) \ 11589 && !defined(WC_NO_RNG) 11590 static const byte srp_N[] = { 11591 0xEE, 0xAF, 0x0A, 0xB9, 0xAD, 0xB3, 0x8D, 0xD6, 0x9C, 0x33, 0xF8, 11592 0x0A, 0xFA, 0x8F, 0xC5, 0xE8, 0x60, 0x72, 0x61, 0x87, 0x75, 0xFF, 11593 0x3C, 0x0B, 0x9E, 0xA2, 0x31, 0x4C, 0x9C, 0x25, 0x65, 0x76, 0xD6, 11594 0x74, 0xDF, 0x74, 0x96, 0xEA, 0x81, 0xD3, 0x38, 0x3B, 0x48, 0x13, 11595 0xD6, 0x92, 0xC6, 0xE0, 0xE0, 0xD5, 0xD8, 0xE2, 0x50, 0xB9, 0x8B, 11596 0xE4, 0x8E, 0x49, 0x5C, 0x1D, 0x60, 0x89, 0xDA, 0xD1, 0x5D, 0xC7, 11597 0xD7, 0xB4, 0x61, 0x54, 0xD6, 0xB6, 0xCE, 0x8E, 0xF4, 0xAD, 0x69, 11598 0xB1, 0x5D, 0x49, 0x82, 0x55, 0x9B, 0x29, 0x7B, 0xCF, 0x18, 0x85, 11599 0xC5, 0x29, 0xF5, 0x66, 0x66, 0x0E, 0x57, 0xEC, 0x68, 0xED, 0xBC, 11600 0x3C, 0x05, 0x72, 0x6C, 0xC0, 0x2F, 0xD4, 0xCB, 0xF4, 0x97, 0x6E, 11601 0xAA, 0x9A, 0xFD, 0x51, 0x38, 0xFE, 0x83, 0x76, 0x43, 0x5B, 0x9F, 11602 0xC6, 0x1D, 0x2F, 0xC0, 0xEB, 0x06, 0xE3 11603 }; 11604 static const byte srp_g[] = { 11605 0x02 11606 }; 11607 11608 int wolfSSL_CTX_set_srp_username(WOLFSSL_CTX* ctx, char* username) 11609 { 11610 int r = 0; 11611 SrpSide srp_side = SRP_CLIENT_SIDE; 11612 WC_RNG rng; 11613 byte salt[SRP_SALT_SIZE]; 11614 11615 WOLFSSL_ENTER("wolfSSL_CTX_set_srp_username"); 11616 if (ctx == NULL || ctx->srp == NULL || username==NULL) 11617 return SSL_FAILURE; 11618 11619 if (ctx->method->side == WOLFSSL_SERVER_END){ 11620 srp_side = SRP_SERVER_SIDE; 11621 } else if (ctx->method->side == WOLFSSL_CLIENT_END){ 11622 srp_side = SRP_CLIENT_SIDE; 11623 } else { 11624 WOLFSSL_MSG("Init CTX failed"); 11625 return SSL_FAILURE; 11626 } 11627 11628 if (wc_SrpInit(ctx->srp, SRP_TYPE_SHA256, srp_side) < 0){ 11629 WOLFSSL_MSG("Init CTX failed"); 11630 XFREE(ctx->srp, ctx->heap, DYNAMIC_TYPE_SRP); 11631 wolfSSL_CTX_free(ctx); 11632 return SSL_FAILURE; 11633 } 11634 r = wc_SrpSetUsername(ctx->srp, (const byte*)username, 11635 (word32)XSTRLEN(username)); 11636 if (r < 0) { 11637 WOLFSSL_MSG("fail to set srp username."); 11638 return SSL_FAILURE; 11639 } 11640 11641 /* if wolfSSL_CTX_set_srp_password has already been called, */ 11642 /* execute wc_SrpSetPassword here */ 11643 if (ctx->srp_password != NULL){ 11644 if (wc_InitRng(&rng) < 0){ 11645 WOLFSSL_MSG("wc_InitRng failed"); 11646 return SSL_FAILURE; 11647 } 11648 XMEMSET(salt, 0, sizeof(salt)/sizeof(salt[0])); 11649 if (wc_RNG_GenerateBlock(&rng, salt, 11650 sizeof(salt)/sizeof(salt[0])) < 0){ 11651 WOLFSSL_MSG("wc_RNG_GenerateBlock failed"); 11652 wc_FreeRng(&rng); 11653 return SSL_FAILURE; 11654 } 11655 if (wc_SrpSetParams(ctx->srp, srp_N, sizeof(srp_N)/sizeof(srp_N[0]), 11656 srp_g, sizeof(srp_g)/sizeof(srp_g[0]), 11657 salt, sizeof(salt)/sizeof(salt[0])) < 0){ 11658 WOLFSSL_MSG("wc_SrpSetParam failed"); 11659 wc_FreeRng(&rng); 11660 return SSL_FAILURE; 11661 } 11662 r = wc_SrpSetPassword(ctx->srp, 11663 (const byte*)ctx->srp_password, 11664 (word32)XSTRLEN((char *)ctx->srp_password)); 11665 if (r < 0) { 11666 WOLFSSL_MSG("fail to set srp password."); 11667 return SSL_FAILURE; 11668 } 11669 wc_FreeRng(&rng); 11670 XFREE(ctx->srp_password, ctx->heap, DYNAMIC_TYPE_SRP); 11671 ctx->srp_password = NULL; 11672 } 11673 11674 return SSL_SUCCESS; 11675 } 11676 11677 int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX* ctx, char* password) 11678 { 11679 int r; 11680 WC_RNG rng; 11681 byte salt[SRP_SALT_SIZE]; 11682 11683 WOLFSSL_ENTER("wolfSSL_CTX_set_srp_password"); 11684 if (ctx == NULL || ctx->srp == NULL || password == NULL) 11685 return SSL_FAILURE; 11686 11687 if (ctx->srp->user != NULL){ 11688 if (wc_InitRng(&rng) < 0){ 11689 WOLFSSL_MSG("wc_InitRng failed"); 11690 return SSL_FAILURE; 11691 } 11692 XMEMSET(salt, 0, sizeof(salt)/sizeof(salt[0])); 11693 if (wc_RNG_GenerateBlock(&rng, salt, 11694 sizeof(salt)/sizeof(salt[0])) < 0){ 11695 WOLFSSL_MSG("wc_RNG_GenerateBlock failed"); 11696 wc_FreeRng(&rng); 11697 return SSL_FAILURE; 11698 } 11699 if (wc_SrpSetParams(ctx->srp, srp_N, sizeof(srp_N)/sizeof(srp_N[0]), 11700 srp_g, sizeof(srp_g)/sizeof(srp_g[0]), 11701 salt, sizeof(salt)/sizeof(salt[0])) < 0){ 11702 WOLFSSL_MSG("wc_SrpSetParam failed"); 11703 wc_FreeRng(&rng); 11704 return SSL_FAILURE; 11705 } 11706 r = wc_SrpSetPassword(ctx->srp, (const byte*)password, 11707 (word32)XSTRLEN(password)); 11708 if (r < 0) { 11709 WOLFSSL_MSG("wc_SrpSetPassword failed."); 11710 wc_FreeRng(&rng); 11711 return SSL_FAILURE; 11712 } 11713 if (ctx->srp_password != NULL){ 11714 XFREE(ctx->srp_password,NULL, 11715 DYNAMIC_TYPE_SRP); 11716 ctx->srp_password = NULL; 11717 } 11718 wc_FreeRng(&rng); 11719 } else { 11720 /* save password for wolfSSL_set_srp_username */ 11721 if (ctx->srp_password != NULL) 11722 XFREE(ctx->srp_password,ctx->heap, DYNAMIC_TYPE_SRP); 11723 11724 ctx->srp_password = (byte*)XMALLOC(XSTRLEN(password) + 1, ctx->heap, 11725 DYNAMIC_TYPE_SRP); 11726 if (ctx->srp_password == NULL){ 11727 WOLFSSL_MSG("memory allocation error"); 11728 return SSL_FAILURE; 11729 } 11730 XMEMCPY(ctx->srp_password, password, XSTRLEN(password) + 1); 11731 } 11732 return SSL_SUCCESS; 11733 } 11734 #endif /* WOLFCRYPT_HAVE_SRP && !NO_SHA256 && !WC_NO_RNG */ 11081 11735 11082 11736 /* keyblock size in bytes or -1 */ … … 11110 11764 } 11111 11765 11112 11766 #endif /* OPENSSL_EXTRA */ 11767 11768 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) 11113 11769 void wolfSSL_set_accept_state(WOLFSSL* ssl) 11114 11770 { 11115 word16 haveRSA = 1; 11116 word16 havePSK = 0; 11117 11118 WOLFSSL_ENTER("SSL_set_accept_state"); 11771 WOLFSSL_ENTER("wolfSSL_set_accept_state"); 11119 11772 if (ssl->options.side == WOLFSSL_CLIENT_END) { 11120 11773 #ifdef HAVE_ECC … … 11142 11795 #endif 11143 11796 } 11144 ssl->options.side = WOLFSSL_SERVER_END; 11145 /* reset suites in case user switched */ 11146 11147 #ifdef NO_RSA 11148 haveRSA = 0; 11149 #endif 11150 #ifndef NO_PSK 11151 havePSK = ssl->options.havePSK; 11152 #endif 11153 InitSuites(ssl->suites, ssl->version, ssl->buffers.keySz, haveRSA, 11154 havePSK, ssl->options.haveDH, ssl->options.haveNTRU, 11155 ssl->options.haveECDSAsig, ssl->options.haveECC, 11156 ssl->options.haveStaticECC, ssl->options.side); 11157 } 11158 #endif 11797 11798 if (InitSSL_Side(ssl, WOLFSSL_SERVER_END) != WOLFSSL_SUCCESS) { 11799 WOLFSSL_MSG("Error initializing server side"); 11800 } 11801 } 11802 11803 #endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA */ 11159 11804 11160 11805 /* return true if connection established */ … … 11170 11815 } 11171 11816 11172 #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) 11817 #ifdef OPENSSL_EXTRA 11818 11173 11819 void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX* ctx, 11174 11820 WOLFSSL_RSA*(*f)(WOLFSSL*, int, int)) … … 11195 11841 long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx) 11196 11842 { 11197 (void)ctx;11198 11843 WOLFSSL_ENTER("wolfSSL_CTX_get_options"); 11199 11844 WOLFSSL_MSG("wolfSSL options are set through API calls and macros"); 11200 11201 return 0; 11202 } 11203 11204 11845 if(ctx == NULL) 11846 return BAD_FUNC_ARG; 11847 return ctx->mask; 11848 } 11849 11850 #endif 11851 11852 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 11853 11854 static long wolf_set_options(long old_op, long op); 11205 11855 long wolfSSL_CTX_set_options(WOLFSSL_CTX* ctx, long opt) 11206 11856 { 11207 11857 WOLFSSL_ENTER("SSL_CTX_set_options"); 11208 ctx->mask |= opt; 11209 return opt; 11210 } 11211 11858 11859 if (ctx == NULL) 11860 return BAD_FUNC_ARG; 11861 11862 ctx->mask = wolf_set_options(ctx->mask, opt); 11863 11864 return ctx->mask; 11865 } 11866 11867 #endif 11868 11869 #ifdef OPENSSL_EXTRA 11870 11871 long wolfSSL_CTX_clear_options(WOLFSSL_CTX* ctx, long opt) 11872 { 11873 WOLFSSL_ENTER("SSL_CTX_clear_options"); 11874 if(ctx == NULL) 11875 return BAD_FUNC_ARG; 11876 ctx->mask &= ~opt; 11877 return ctx->mask; 11878 } 11212 11879 11213 11880 int wolfSSL_set_rfd(WOLFSSL* ssl, int rfd) … … 11233 11900 11234 11901 11235 WOLFSSL_RSA* wolfSSL_RSA_generate_key(int len, unsigned long bits, 11236 void(*f)(int, int, void*), void* data) 11237 { 11238 /* no tmp key needed, actual generation not supported */ 11239 WOLFSSL_ENTER("RSA_generate_key"); 11240 (void)len; 11241 (void)bits; 11242 (void)f; 11243 (void)data; 11244 return NULL; 11245 } 11246 11247 11902 11903 11904 #ifndef NO_CERTS 11248 11905 WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx) 11249 11906 { … … 11252 11909 } 11253 11910 11254 return &(ctx->x509_store); 11255 } 11256 11257 11258 #ifndef NO_CERTS 11911 return &ctx->x509_store; 11912 } 11913 11914 11259 11915 void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str) 11260 11916 { … … 11269 11925 ctx->cm = str->cm; 11270 11926 ctx->x509_store.cache = str->cache; 11927 ctx->x509_store_pt = str; /* take ownership of store and free it 11928 with CTX free */ 11271 11929 } 11272 11930 … … 11298 11956 return WOLFSSL_FATAL_ERROR; 11299 11957 } 11300 #endif 11301 11958 11959 void wolfSSL_X509_STORE_CTX_set_verify_cb(WOLFSSL_X509_STORE_CTX *ctx, 11960 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb) 11961 { 11962 WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_set_verify_cb"); 11963 if(ctx == NULL) 11964 return; 11965 ctx->verify_cb = verify_cb; 11966 } 11967 #endif /* !NO_CERTS */ 11302 11968 11303 11969 WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void) … … 11306 11972 11307 11973 WOLFSSL_ENTER("BIO_f_buffer"); 11308 meth.type = BIO_BUFFER;11974 meth.type = WOLFSSL_BIO_BUFFER; 11309 11975 11310 11976 return &meth; 11311 11977 } 11312 11978 11313 11979 #ifndef NO_WOLFSSL_STUB 11314 11980 long wolfSSL_BIO_set_write_buffer_size(WOLFSSL_BIO* bio, long size) 11315 11981 { 11316 11982 /* wolfSSL has internal buffer, compatibility only */ 11317 11983 WOLFSSL_ENTER("BIO_set_write_buffer_size"); 11984 WOLFSSL_STUB("BIO_set_write_buffer_size"); 11318 11985 (void)bio; 11319 11986 return size; 11320 11987 } 11321 11988 #endif 11322 11989 11323 11990 WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_bio(void) … … 11326 11993 11327 11994 WOLFSSL_ENTER("wolfSSL_BIO_f_bio"); 11328 bio_meth.type = BIO_BIO;11995 bio_meth.type = WOLFSSL_BIO_BIO; 11329 11996 11330 11997 return &bio_meth; … … 11338 12005 11339 12006 WOLFSSL_ENTER("wolfSSL_BIO_f_file"); 11340 file_meth.type = BIO_FILE;12007 file_meth.type = WOLFSSL_BIO_FILE; 11341 12008 11342 12009 return &file_meth; … … 11350 12017 11351 12018 WOLFSSL_ENTER("BIO_f_ssl"); 11352 meth.type = BIO_SSL;12019 meth.type = WOLFSSL_BIO_SSL; 11353 12020 11354 12021 return &meth; … … 11361 12028 11362 12029 WOLFSSL_ENTER("BIO_s_socket"); 11363 meth.type = BIO_SOCKET;12030 meth.type = WOLFSSL_BIO_SOCKET; 11364 12031 11365 12032 return &meth; … … 11369 12036 WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int closeF) 11370 12037 { 11371 WOLFSSL_BIO* bio = (WOLFSSL_BIO*) XMALLOC(sizeof(WOLFSSL_BIO), 0, 11372 DYNAMIC_TYPE_OPENSSL); 12038 WOLFSSL_BIO* bio = wolfSSL_BIO_new(wolfSSL_BIO_s_socket()); 11373 12039 11374 12040 WOLFSSL_ENTER("BIO_new_socket"); 11375 12041 if (bio) { 11376 XMEMSET(bio, 0, sizeof(WOLFSSL_BIO)); 11377 bio->type = BIO_SOCKET; 12042 bio->type = WOLFSSL_BIO_SOCKET; 11378 12043 bio->close = (byte)closeF; 11379 12044 bio->fd = sfd; 11380 bio->mem = NULL;11381 12045 } 11382 12046 return bio; … … 11425 12089 WOLFSSL_BIO* bio = (WOLFSSL_BIO*) XMALLOC(sizeof(WOLFSSL_BIO), 0, 11426 12090 DYNAMIC_TYPE_OPENSSL); 11427 WOLFSSL_ENTER(" BIO_new");12091 WOLFSSL_ENTER("wolfSSL_BIO_new"); 11428 12092 if (bio) { 11429 12093 XMEMSET(bio, 0, sizeof(WOLFSSL_BIO)); 11430 12094 bio->type = method->type; 11431 bio->ssl = NULL; 11432 bio->mem = NULL; 11433 bio->prev = NULL; 11434 bio->next = NULL; 12095 bio->close = BIO_CLOSE; /* default to close things */ 12096 if (method->type != WOLFSSL_BIO_FILE && 12097 method->type != WOLFSSL_BIO_SOCKET) { 12098 bio->mem_buf =(WOLFSSL_BUF_MEM*)XMALLOC(sizeof(WOLFSSL_BUF_MEM), 12099 0, DYNAMIC_TYPE_OPENSSL); 12100 if (bio->mem_buf == NULL) { 12101 WOLFSSL_MSG("Memory error"); 12102 wolfSSL_BIO_free(bio); 12103 return NULL; 12104 } 12105 bio->mem_buf->data = (char*)bio->mem; 12106 } 11435 12107 } 11436 12108 return bio; … … 11454 12126 { 11455 12127 WOLFSSL_BIO* bio = NULL; 11456 if (buf == NULL) 12128 12129 if (buf == NULL || len < 0) { 11457 12130 return bio; 12131 } 11458 12132 11459 12133 bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()); 11460 if (bio == NULL) 12134 if (bio == NULL) { 11461 12135 return bio; 11462 11463 bio->memLen = len; 12136 } 12137 12138 bio->memLen = bio->wrSz = len; 11464 12139 bio->mem = (byte*)XMALLOC(len, 0, DYNAMIC_TYPE_OPENSSL); 11465 12140 if (bio->mem == NULL) { 11466 XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL);12141 wolfSSL_BIO_free(bio); 11467 12142 return NULL; 11468 12143 } 12144 if (bio->mem_buf != NULL) { 12145 bio->mem_buf->data = (char*)bio->mem; 12146 bio->mem_buf->length = bio->memLen; 12147 } 11469 12148 11470 12149 XMEMCPY(bio->mem, buf, len); … … 11473 12152 } 11474 12153 11475 11476 #ifdef USE_WINDOWS_API 11477 #define CloseSocket(s) closesocket(s) 11478 #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) 11479 #define CloseSocket(s) closesocket(s) 11480 extern int closesocket(int); 11481 #else 11482 #define CloseSocket(s) close(s) 11483 #endif 11484 12154 /* 12155 * Note : If the flag BIO_NOCLOSE is set then freeing memory buffers is up 12156 * to the application. 12157 */ 11485 12158 int wolfSSL_BIO_free(WOLFSSL_BIO* bio) 11486 12159 { … … 11501 12174 11502 12175 #ifndef NO_FILESYSTEM 11503 if (bio->type == BIO_FILE && bio->close == BIO_CLOSE) {12176 if (bio->type == WOLFSSL_BIO_FILE && bio->close == BIO_CLOSE) { 11504 12177 if (bio->file) { 11505 12178 XFCLOSE(bio->file); … … 11508 12181 #endif 11509 12182 11510 if (bio->mem) 12183 if (bio->close != BIO_NOCLOSE) { 12184 if (bio->mem != NULL) { 12185 if (bio->mem_buf != NULL) { 12186 if (bio->mem_buf->data != (char*)bio->mem) { 12187 XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL); 12188 bio->mem = NULL; 12189 } 12190 } 12191 else { 11511 12192 XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL); 11512 XFREE(bio, bio->heap, DYNAMIC_TYPE_OPENSSL); 12193 bio->mem = NULL; 12194 } 12195 } 12196 if (bio->mem_buf != NULL) { 12197 wolfSSL_BUF_MEM_free(bio->mem_buf); 12198 bio->mem_buf = NULL; 12199 } 12200 } 12201 12202 XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL); 11513 12203 } 11514 12204 return 0; … … 11528 12218 11529 12219 11530 static int wolfSSL_BIO_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)11531 {11532 int sz;11533 char* pt;11534 11535 sz = wolfSSL_BIO_nread(bio, &pt, len);11536 11537 if (sz > 0) {11538 XMEMCPY(buf, pt, sz);11539 }11540 11541 return sz;11542 }11543 11544 /* Handles reading from a memory type BIO and advancing the state.11545 *11546 * bio WOLFSSL_BIO to read from11547 * buf buffer to put data from bio in11548 * len amount of data to be read11549 *11550 * returns size read on success11551 */11552 static int wolfSSL_BIO_MEMORY_read(WOLFSSL_BIO* bio, void* buf, int len)11553 {11554 int sz;11555 11556 sz = (int)wolfSSL_BIO_ctrl_pending(bio);11557 if (sz > 0) {11558 byte* pt = NULL;11559 int memSz;11560 11561 if (sz > len) {11562 sz = len;11563 }11564 memSz = wolfSSL_BIO_get_mem_data(bio, (void*)&pt);11565 if (memSz >= sz && pt != NULL) {11566 byte* tmp;11567 11568 XMEMCPY(buf, pt, sz);11569 if (memSz - sz > 0) {11570 tmp = (byte*)XMALLOC(memSz-sz, bio->heap,11571 DYNAMIC_TYPE_OPENSSL);11572 if (tmp == NULL) {11573 WOLFSSL_MSG("Memory error");11574 return WOLFSSL_BIO_ERROR;11575 }11576 XMEMCPY(tmp, pt + sz, memSz - sz);11577 11578 /* reset internal bio->mem, tmp gets free'd with11579 * wolfSSL_BIO_free */11580 XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL);11581 bio->mem = tmp;11582 }11583 bio->wrSz -= sz;11584 bio->memLen = memSz - sz;11585 }11586 else {11587 WOLFSSL_MSG("Issue with getting bio mem pointer");11588 return 0;11589 }11590 }11591 else {11592 return WOLFSSL_BIO_ERROR;11593 }11594 11595 return sz;11596 }11597 11598 11599 int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)11600 {11601 int ret;11602 WOLFSSL* ssl = 0;11603 WOLFSSL_BIO* front = bio;11604 11605 WOLFSSL_ENTER("wolfSSL_BIO_read");11606 11607 if (bio && bio->type == BIO_BIO) {11608 return wolfSSL_BIO_BIO_read(bio, buf, len);11609 }11610 11611 #ifndef NO_FILESYSTEM11612 if (bio && bio->type == BIO_FILE) {11613 return (int)XFREAD(buf, 1, len, bio->file);11614 }11615 #endif11616 if (bio && bio->type == BIO_MEMORY) {11617 return wolfSSL_BIO_MEMORY_read(bio, buf, len);11618 }11619 11620 /* already got eof, again is error */11621 if (bio && front->eof)11622 return WOLFSSL_FATAL_ERROR;11623 11624 while(bio && ((ssl = bio->ssl) == 0) )11625 bio = bio->next;11626 11627 if (ssl == 0) return BAD_FUNC_ARG;11628 11629 ret = wolfSSL_read(ssl, buf, len);11630 if (ret == 0)11631 front->eof = 1;11632 else if (ret < 0) {11633 int err = wolfSSL_get_error(ssl, 0);11634 if ( !(err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_WANT_WRITE) )11635 front->eof = 1;11636 }11637 return ret;11638 }11639 11640 11641 static int wolfSSL_BIO_BIO_write(WOLFSSL_BIO* bio, const void* data,11642 int len)11643 {11644 /* internal function where arguments have already been sanity checked */11645 int sz;11646 char* buf;11647 11648 sz = wolfSSL_BIO_nwrite(bio, &buf, len);11649 11650 /* test space for write */11651 if (sz <= 0) {11652 WOLFSSL_MSG("No room left to write");11653 return sz;11654 }11655 11656 XMEMCPY(buf, data, sz);11657 11658 return sz;11659 }11660 11661 11662 int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)11663 {11664 int ret;11665 WOLFSSL* ssl = 0;11666 WOLFSSL_BIO* front = bio;11667 byte* p;11668 11669 WOLFSSL_ENTER("wolfSSL_BIO_write");11670 11671 if (bio && bio->type == BIO_BIO) {11672 return wolfSSL_BIO_BIO_write(bio, data, len);11673 }11674 11675 #ifndef NO_FILESYSTEM11676 if (bio && bio->type == BIO_FILE) {11677 return (int)XFWRITE(data, 1, len, bio->file);11678 }11679 #endif11680 11681 if (bio && bio->type == BIO_MEMORY) {11682 /* Make buffer big enough to hold new data. */11683 if (bio->mem == NULL) {11684 bio->mem = (byte*)XMALLOC(len, bio->heap, DYNAMIC_TYPE_OPENSSL);11685 if (bio->mem == NULL)11686 return -1;11687 p = bio->mem;11688 }11689 else {11690 p = (byte*)XMALLOC(len + bio->memLen, bio->heap,11691 DYNAMIC_TYPE_OPENSSL);11692 if (p == NULL)11693 return -1;11694 XMEMCPY(p, bio->mem, bio->memLen);11695 XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL);11696 bio->mem = p;11697 p += bio->memLen;11698 }11699 11700 /* Put data on the end of the buffer. */11701 XMEMCPY(p, data, len);11702 bio->memLen += len;11703 11704 return len;11705 }11706 11707 /* already got eof, again is error */11708 if (bio && front->eof)11709 return WOLFSSL_FATAL_ERROR;11710 11711 while(bio && ((ssl = bio->ssl) == 0) )11712 bio = bio->next;11713 11714 if (ssl == 0) return BAD_FUNC_ARG;11715 11716 ret = wolfSSL_write(ssl, data, len);11717 if (ret == 0)11718 front->eof = 1;11719 else if (ret < 0) {11720 int err = wolfSSL_get_error(ssl, 0);11721 if ( !(err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_WANT_WRITE) )11722 front->eof = 1;11723 }11724 11725 return ret;11726 }11727 11728 11729 12220 WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO* top, WOLFSSL_BIO* append) 11730 12221 { … … 11734 12225 11735 12226 return top; 11736 }12227 } 11737 12228 11738 12229 … … 11744 12235 return 1; 11745 12236 } 11746 11747 11748 #endif /* OPENSSL_EXTRA || GOAHEAD_WS */ 11749 11750 11751 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 12237 #endif /* OPENSSL_EXTRA */ 12238 12239 #ifdef WOLFSSL_ENCRYPTED_KEYS 11752 12240 11753 12241 void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX* ctx, … … 11755 12243 { 11756 12244 WOLFSSL_ENTER("SSL_CTX_set_default_passwd_cb_userdata"); 11757 ctx->userdata = userdata; 11758 } 12245 if (ctx) 12246 ctx->passwd_userdata = userdata; 12247 } 11759 12248 11760 12249 … … 11762 12251 { 11763 12252 WOLFSSL_ENTER("SSL_CTX_set_default_passwd_cb"); 11764 if (ctx != NULL) {12253 if (ctx) 11765 12254 ctx->passwd_cb = cb; 11766 } 11767 } 11768 12255 } 12256 12257 pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX *ctx) 12258 { 12259 if (ctx == NULL || ctx->passwd_cb == NULL) { 12260 return NULL; 12261 } 12262 12263 return ctx->passwd_cb; 12264 } 12265 12266 12267 void* wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx) 12268 { 12269 if (ctx == NULL) { 12270 return NULL; 12271 } 12272 12273 return ctx->passwd_userdata; 12274 } 12275 12276 #if !defined(NO_PWDBASED) && (defined(OPENSSL_EXTRA) || \ 12277 defined(OPENSSL_EXTRA_X509_SMALL) || defined(HAVE_WEBSERVER)) 12278 12279 int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER* type, 12280 const WOLFSSL_EVP_MD* md, const byte* salt, 12281 const byte* data, int sz, int count, byte* key, byte* iv) 12282 { 12283 int ret; 12284 int hashType = WC_HASH_TYPE_NONE; 12285 #ifdef WOLFSSL_SMALL_STACK 12286 EncryptedInfo* info = NULL; 12287 #else 12288 EncryptedInfo info[1]; 12289 #endif 12290 12291 #ifdef WOLFSSL_SMALL_STACK 12292 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL, 12293 DYNAMIC_TYPE_ENCRYPTEDINFO); 12294 if (info == NULL) { 12295 WOLFSSL_MSG("malloc failed"); 12296 return WOLFSSL_FAILURE; 12297 } 12298 #endif 12299 12300 XMEMSET(info, 0, sizeof(EncryptedInfo)); 12301 info->ivSz = EVP_SALT_SIZE; 12302 12303 ret = wolfSSL_EVP_get_hashinfo(md, &hashType, NULL); 12304 if (ret == 0) 12305 ret = wc_EncryptedInfoGet(info, type); 12306 if (ret == 0) 12307 ret = wc_PBKDF1_ex(key, info->keySz, iv, info->ivSz, data, sz, salt, 12308 EVP_SALT_SIZE, count, hashType, NULL); 12309 12310 #ifdef WOLFSSL_SMALL_STACK 12311 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); 12312 #endif 12313 12314 if (ret <= 0) 12315 return 0; /* failure - for compatibility */ 12316 12317 return ret; 12318 } 12319 12320 #endif /* !NO_PWDBASED && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || HAVE_WEBSERVER) */ 12321 #endif /* WOLFSSL_ENCRYPTED_KEYS */ 12322 12323 12324 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 11769 12325 int wolfSSL_num_locks(void) 11770 12326 { 11771 12327 return 0; 11772 }12328 } 11773 12329 11774 12330 void wolfSSL_set_locking_callback(void (*f)(int, int, const char*, int)) 11775 12331 { 11776 (void)f; 11777 } 12332 WOLFSSL_ENTER("wolfSSL_set_locking_callback"); 12333 12334 if (wc_SetMutexCb(f) != 0) { 12335 WOLFSSL_MSG("Error when setting mutex call back"); 12336 } 12337 } 12338 12339 12340 typedef unsigned long (idCb)(void); 12341 static idCb* inner_idCb = NULL; 12342 12343 unsigned long wolfSSL_thread_id(void) 12344 { 12345 if (inner_idCb != NULL) { 12346 return inner_idCb(); 12347 } 12348 else { 12349 return 0; 12350 } 12351 } 12352 11778 12353 11779 12354 void wolfSSL_set_id_callback(unsigned long (*f)(void)) 11780 12355 { 11781 (void)f;12356 inner_idCb = f; 11782 12357 } 11783 12358 … … 11786 12361 WOLFSSL_ENTER("wolfSSL_ERR_get_error"); 11787 12362 11788 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)12363 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 11789 12364 { 11790 12365 unsigned long ret = wolfSSL_ERR_peek_error_line_data(NULL, NULL, … … 11793 12368 return ret; 11794 12369 } 12370 #elif (defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)) 12371 { 12372 int ret = wc_PullErrorNode(NULL, NULL, NULL); 12373 12374 if (ret < 0) { 12375 if (ret == BAD_STATE_E) return 0; /* no errors in queue */ 12376 WOLFSSL_MSG("Error with pulling error node!"); 12377 WOLFSSL_LEAVE("wolfSSL_ERR_get_error", ret); 12378 ret = 0 - ret; /* return absolute value of error */ 12379 12380 /* panic and try to clear out nodes */ 12381 wc_ClearErrorNodes(); 12382 } 12383 12384 return (unsigned long)ret; 12385 } 11795 12386 #else 11796 12387 return (unsigned long)(0 - NOT_COMPILED_IN); 11797 #endif11798 }11799 11800 #ifndef NO_MD511801 11802 int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER* type,11803 const WOLFSSL_EVP_MD* md, const byte* salt,11804 const byte* data, int sz, int count, byte* key, byte* iv)11805 {11806 int keyLen = 0;11807 int ivLen = 0;11808 int j;11809 int keyLeft;11810 int ivLeft;11811 int keyOutput = 0;11812 byte digest[WC_MD5_DIGEST_SIZE];11813 #ifdef WOLFSSL_SMALL_STACK11814 wc_Md5* md5 = NULL;11815 #else11816 wc_Md5 md5[1];11817 12388 #endif 11818 11819 #ifdef WOLFSSL_SMALL_STACK 11820 md5 = (wc_Md5*)XMALLOC(sizeof(wc_Md5), NULL, DYNAMIC_TYPE_HASHCTX); 11821 if (md5 == NULL) 11822 return 0; 11823 #endif 11824 11825 (void)type; 11826 11827 WOLFSSL_ENTER("wolfSSL_EVP_BytesToKey"); 11828 11829 if (wc_InitMd5(md5) != 0) { 11830 #ifdef WOLFSSL_SMALL_STACK 11831 XFREE(md5, NULL, DYNAMIC_TYPE_HASHCTX); 11832 #endif 11833 return 0; 11834 } 11835 11836 /* only support MD5 for now */ 11837 if (XSTRNCMP(md, "MD5", 3) != 0) { 11838 #ifdef WOLFSSL_SMALL_STACK 11839 XFREE(md5, NULL, DYNAMIC_TYPE_HASHCTX); 11840 #endif 11841 return 0; 11842 } 11843 11844 /* only support CBC DES and AES for now */ 11845 #ifndef NO_DES3 11846 if (XSTRNCMP(type, EVP_DES_CBC, EVP_DES_SIZE) == 0) { 11847 keyLen = DES_KEY_SIZE; 11848 ivLen = DES_IV_SIZE; 11849 } 11850 else if (XSTRNCMP(type, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0) { 11851 keyLen = DES3_KEY_SIZE; 11852 ivLen = DES_IV_SIZE; 11853 } 11854 else 11855 #endif /* NO_DES3 */ 11856 #ifndef NO_AES 11857 if (XSTRNCMP(type, EVP_AES_128_CBC, EVP_AES_SIZE) == 0) { 11858 keyLen = AES_128_KEY_SIZE; 11859 ivLen = AES_IV_SIZE; 11860 } 11861 else if (XSTRNCMP(type, EVP_AES_192_CBC, EVP_AES_SIZE) == 0) { 11862 keyLen = AES_192_KEY_SIZE; 11863 ivLen = AES_IV_SIZE; 11864 } 11865 else if (XSTRNCMP(type, EVP_AES_256_CBC, EVP_AES_SIZE) == 0) { 11866 keyLen = AES_256_KEY_SIZE; 11867 ivLen = AES_IV_SIZE; 11868 } 11869 else 11870 #endif /* NO_AES */ 11871 { 11872 #ifdef WOLFSSL_SMALL_STACK 11873 XFREE(md5, NULL, DYNAMIC_TYPE_HASHCTX); 11874 #endif 11875 return 0; 11876 } 11877 11878 keyLeft = keyLen; 11879 ivLeft = ivLen; 11880 11881 while (keyOutput < (keyLen + ivLen)) { 11882 int digestLeft = WC_MD5_DIGEST_SIZE; 11883 /* D_(i - 1) */ 11884 if (keyOutput) /* first time D_0 is empty */ 11885 wc_Md5Update(md5, digest, WC_MD5_DIGEST_SIZE); 11886 /* data */ 11887 wc_Md5Update(md5, data, sz); 11888 /* salt */ 11889 if (salt) 11890 wc_Md5Update(md5, salt, EVP_SALT_SIZE); 11891 wc_Md5Final(md5, digest); 11892 /* count */ 11893 for (j = 1; j < count; j++) { 11894 wc_Md5Update(md5, digest, WC_MD5_DIGEST_SIZE); 11895 wc_Md5Final(md5, digest); 11896 } 11897 11898 if (keyLeft) { 11899 int store = min(keyLeft, WC_MD5_DIGEST_SIZE); 11900 XMEMCPY(&key[keyLen - keyLeft], digest, store); 11901 11902 keyOutput += store; 11903 keyLeft -= store; 11904 digestLeft -= store; 11905 } 11906 11907 if (ivLeft && digestLeft) { 11908 int store = min(ivLeft, digestLeft); 11909 if (iv != NULL) 11910 XMEMCPY(&iv[ivLen - ivLeft], 11911 &digest[WC_MD5_DIGEST_SIZE - digestLeft], store); 11912 keyOutput += store; 11913 ivLeft -= store; 11914 } 11915 } 11916 11917 #ifdef WOLFSSL_SMALL_STACK 11918 XFREE(md5, NULL, DYNAMIC_TYPE_HASHCTX); 11919 #endif 11920 11921 return keyOutput == (keyLen + ivLen) ? keyOutput : 0; 11922 } 11923 11924 #endif /* NO_MD5 */ 12389 } 11925 12390 11926 12391 #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ … … 11999 12464 return size; 12000 12465 } 12001 #endif /* ! defined(NO_WOLFSSL_CLIENT)*/12466 #endif /* !NO_WOLFSSL_CLIENT */ 12002 12467 12003 12468 … … 12063 12528 return 0; 12064 12529 } 12065 #endif /* NO_MD5 */12530 #endif /* !NO_MD5 */ 12066 12531 12067 12532 … … 12136 12601 return SHA_Final(input, sha); 12137 12602 } 12138 #endif /* NO_SHA */12603 #endif /* !NO_SHA */ 12139 12604 12140 12605 #ifdef WOLFSSL_SHA224 … … 12349 12814 const char *name; 12350 12815 } md_tbl[] = { 12816 #ifndef NO_MD4 12817 {WC_HASH_TYPE_MD4, "MD4"}, 12818 #endif /* NO_MD4 */ 12819 12351 12820 #ifndef NO_MD5 12352 {WC_ MD5, "MD5"},12821 {WC_HASH_TYPE_MD5, "MD5"}, 12353 12822 #endif /* NO_MD5 */ 12354 12823 12355 12824 #ifndef NO_SHA 12356 {WC_ SHA, "SHA"},12825 {WC_HASH_TYPE_SHA, "SHA"}, 12357 12826 #endif /* NO_SHA */ 12358 12827 12359 12828 #ifdef WOLFSSL_SHA224 12360 {WC_ SHA224, "SHA224"},12829 {WC_HASH_TYPE_SHA224, "SHA224"}, 12361 12830 #endif /* WOLFSSL_SHA224 */ 12362 12831 #ifndef NO_SHA256 12363 {WC_ SHA256, "SHA256"},12832 {WC_HASH_TYPE_SHA256, "SHA256"}, 12364 12833 #endif 12365 12834 12366 12835 #ifdef WOLFSSL_SHA384 12367 {WC_ SHA384, "SHA384"},12836 {WC_HASH_TYPE_SHA384, "SHA384"}, 12368 12837 #endif /* WOLFSSL_SHA384 */ 12369 12838 #ifdef WOLFSSL_SHA512 12370 {WC_ SHA512, "SHA512"},12839 {WC_HASH_TYPE_SHA512, "SHA512"}, 12371 12840 #endif /* WOLFSSL_SHA512 */ 12372 12841 {0, NULL} … … 12378 12847 const char *name; 12379 12848 const char *alias; 12380 } alias_tbl[] = { 12849 } alias_tbl[] = 12850 { 12851 {"MD4", "ssl3-md4"}, 12381 12852 {"MD5", "ssl3-md5"}, 12382 12853 {"SHA", "ssl3-sha1"}, … … 12404 12875 { 12405 12876 const struct s_ent *ent; 12406 for( ent = md_tbl; ent->macType != 0; ent++) 12877 WOLFSSL_ENTER("EVP_get_md"); 12878 for( ent = md_tbl; ent->name != NULL; ent++){ 12407 12879 if(type == ent->macType) { 12408 12880 return (WOLFSSL_EVP_MD *)ent->name; 12409 12881 } 12410 return 0; 12882 } 12883 return (WOLFSSL_EVP_MD *)""; 12411 12884 } 12412 12885 … … 12414 12887 { 12415 12888 const struct s_ent *ent; 12416 for( ent = md_tbl; ent->name != NULL; ent++) 12889 WOLFSSL_ENTER("EVP_MD_type"); 12890 for( ent = md_tbl; ent->name != NULL; ent++){ 12417 12891 if(XSTRNCMP((const char *)md, ent->name, XSTRLEN(ent->name)+1) == 0) { 12418 12892 return ent->macType; 12419 12893 } 12894 } 12420 12895 return 0; 12421 12896 } 12897 12898 12899 #ifndef NO_MD4 12900 12901 /* return a pointer to MD4 EVP type */ 12902 const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void) 12903 { 12904 WOLFSSL_ENTER("wolfSSL_EVP_md4"); 12905 return EVP_get_digestbyname("MD4"); 12906 } 12907 12908 #endif /* !NO_MD4 */ 12422 12909 12423 12910 … … 12426 12913 const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void) 12427 12914 { 12428 const char* type = EVP_get_digestbyname("MD5");12429 12915 WOLFSSL_ENTER("EVP_md5"); 12430 return type;12431 } 12432 12433 #endif /*NO_MD5 */12916 return EVP_get_digestbyname("MD5"); 12917 } 12918 12919 #endif /* !NO_MD5 */ 12434 12920 12435 12921 … … 12437 12923 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void) 12438 12924 { 12439 const char* type = EVP_get_digestbyname("SHA");12440 12925 WOLFSSL_ENTER("EVP_sha1"); 12441 return type;12926 return EVP_get_digestbyname("SHA"); 12442 12927 } 12443 12928 #endif /* NO_SHA */ … … 12447 12932 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void) 12448 12933 { 12449 const char* type = EVP_get_digestbyname("SHA224");12450 12934 WOLFSSL_ENTER("EVP_sha224"); 12451 return type;12935 return EVP_get_digestbyname("SHA224"); 12452 12936 } 12453 12937 … … 12457 12941 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void) 12458 12942 { 12459 const char* type = EVP_get_digestbyname("SHA256");12460 12943 WOLFSSL_ENTER("EVP_sha256"); 12461 return type;12944 return EVP_get_digestbyname("SHA256"); 12462 12945 } 12463 12946 … … 12466 12949 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void) 12467 12950 { 12468 const char* type = EVP_get_digestbyname("SHA384");12469 12951 WOLFSSL_ENTER("EVP_sha384"); 12470 return type;12952 return EVP_get_digestbyname("SHA384"); 12471 12953 } 12472 12954 … … 12477 12959 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void) 12478 12960 { 12479 const char* type = EVP_get_digestbyname("SHA512");12480 12961 WOLFSSL_ENTER("EVP_sha512"); 12481 return type;12962 return EVP_get_digestbyname("SHA512"); 12482 12963 } 12483 12964 12484 12965 #endif /* WOLFSSL_SHA512 */ 12966 12485 12967 12486 12968 WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new(void) … … 12505 12987 } 12506 12988 12989 12990 /* returns the type of message digest used by the ctx */ 12991 int wolfSSL_EVP_MD_CTX_type(const WOLFSSL_EVP_MD_CTX *ctx) { 12992 WOLFSSL_ENTER("EVP_MD_CTX_type"); 12993 return ctx->macType; 12994 } 12995 12996 12997 /* returns WOLFSSL_SUCCESS on success */ 12998 int wolfSSL_EVP_MD_CTX_copy(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in) 12999 { 13000 return wolfSSL_EVP_MD_CTX_copy_ex(out, in); 13001 } 13002 13003 13004 /* Deep copy of EVP_MD hasher 13005 * return WOLFSSL_SUCCESS on success */ 13006 static int wolfSSL_EVP_MD_Copy_Hasher(WOLFSSL_EVP_MD_CTX* des, 13007 const WOLFSSL_EVP_MD_CTX* src) 13008 { 13009 if (src->macType == (NID_hmac & 0xFF)) { 13010 wolfSSL_HmacCopy(&des->hash.hmac, (Hmac*)&src->hash.hmac); 13011 } 13012 else { 13013 switch (src->macType) { 13014 #ifndef NO_MD5 13015 case WC_HASH_TYPE_MD5: 13016 wc_Md5Copy((wc_Md5*)&src->hash.digest, 13017 (wc_Md5*)&des->hash.digest); 13018 break; 13019 #endif /* !NO_MD5 */ 13020 13021 #ifndef NO_SHA 13022 case WC_HASH_TYPE_SHA: 13023 wc_ShaCopy((wc_Sha*)&src->hash.digest, 13024 (wc_Sha*)&des->hash.digest); 13025 break; 13026 #endif /* !NO_SHA */ 13027 13028 #ifdef WOLFSSL_SHA224 13029 case WC_HASH_TYPE_SHA224: 13030 wc_Sha224Copy((wc_Sha224*)&src->hash.digest, 13031 (wc_Sha224*)&des->hash.digest); 13032 break; 13033 #endif /* WOLFSSL_SHA224 */ 13034 13035 #ifndef NO_SHA256 13036 case WC_HASH_TYPE_SHA256: 13037 wc_Sha256Copy((wc_Sha256*)&src->hash.digest, 13038 (wc_Sha256*)&des->hash.digest); 13039 break; 13040 #endif /* !NO_SHA256 */ 13041 13042 #ifdef WOLFSSL_SHA384 13043 case WC_HASH_TYPE_SHA384: 13044 wc_Sha384Copy((wc_Sha384*)&src->hash.digest, 13045 (wc_Sha384*)&des->hash.digest); 13046 break; 13047 #endif /* WOLFSSL_SHA384 */ 13048 #ifdef WOLFSSL_SHA512 13049 case WC_HASH_TYPE_SHA512: 13050 wc_Sha512Copy((wc_Sha512*)&src->hash.digest, 13051 (wc_Sha512*)&des->hash.digest); 13052 break; 13053 #endif /* WOLFSSL_SHA512 */ 13054 13055 default: 13056 return WOLFSSL_FAILURE; 13057 } 13058 } 13059 return WOLFSSL_SUCCESS; 13060 } 13061 13062 13063 /* copies structure in to the structure out 13064 * 13065 * returns WOLFSSL_SUCCESS on success */ 13066 int wolfSSL_EVP_MD_CTX_copy_ex(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in) 13067 { 13068 if ((out == NULL) || (in == NULL)) return WOLFSSL_FAILURE; 13069 WOLFSSL_ENTER("EVP_CIPHER_MD_CTX_copy_ex"); 13070 XMEMCPY(out, in, sizeof(WOLFSSL_EVP_MD_CTX)); 13071 if (in->pctx != NULL) { 13072 out->pctx = wolfSSL_EVP_PKEY_CTX_new(in->pctx->pkey, NULL); 13073 if (out->pctx == NULL) 13074 return WOLFSSL_FAILURE; 13075 } 13076 return wolfSSL_EVP_MD_Copy_Hasher(out, (WOLFSSL_EVP_MD_CTX*)in); 13077 } 13078 12507 13079 void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx) 12508 13080 { … … 12513 13085 const WOLFSSL_EVP_MD *wolfSSL_EVP_MD_CTX_md(const WOLFSSL_EVP_MD_CTX *ctx) 12514 13086 { 12515 if ( !ctx)13087 if (ctx == NULL) 12516 13088 return NULL; 13089 WOLFSSL_ENTER("EVP_MD_CTX_md"); 12517 13090 return (const WOLFSSL_EVP_MD *)wolfSSL_EVP_get_md(ctx->macType); 12518 13091 } … … 12520 13093 #ifndef NO_AES 12521 13094 13095 #ifdef HAVE_AES_CBC 13096 #ifdef WOLFSSL_AES_128 12522 13097 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void) 12523 13098 { 12524 13099 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cbc"); 13100 if (EVP_AES_128_CBC == NULL) 13101 wolfSSL_EVP_init(); 12525 13102 return EVP_AES_128_CBC; 12526 13103 } 12527 12528 13104 #endif /* WOLFSSL_AES_128 */ 13105 13106 13107 #ifdef WOLFSSL_AES_192 12529 13108 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void) 12530 13109 { 12531 13110 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cbc"); 13111 if (EVP_AES_192_CBC == NULL) 13112 wolfSSL_EVP_init(); 12532 13113 return EVP_AES_192_CBC; 12533 13114 } 12534 12535 13115 #endif /* WOLFSSL_AES_192 */ 13116 13117 13118 #ifdef WOLFSSL_AES_256 12536 13119 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void) 12537 13120 { 12538 13121 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cbc"); 13122 if (EVP_AES_256_CBC == NULL) 13123 wolfSSL_EVP_init(); 12539 13124 return EVP_AES_256_CBC; 12540 13125 } 12541 12542 13126 #endif /* WOLFSSL_AES_256 */ 13127 #endif /* HAVE_AES_CBC */ 13128 13129 13130 #ifdef WOLFSSL_AES_128 12543 13131 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void) 12544 13132 { 12545 13133 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_ctr"); 13134 if (EVP_AES_128_CTR == NULL) 13135 wolfSSL_EVP_init(); 12546 13136 return EVP_AES_128_CTR; 12547 13137 } 12548 12549 13138 #endif /* WOLFSSL_AES_2128 */ 13139 13140 13141 #ifdef WOLFSSL_AES_192 12550 13142 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void) 12551 13143 { 12552 13144 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_ctr"); 13145 if (EVP_AES_192_CTR == NULL) 13146 wolfSSL_EVP_init(); 12553 13147 return EVP_AES_192_CTR; 12554 13148 } 12555 12556 13149 #endif /* WOLFSSL_AES_192 */ 13150 13151 13152 #ifdef WOLFSSL_AES_256 12557 13153 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void) 12558 13154 { 12559 13155 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_ctr"); 13156 if (EVP_AES_256_CTR == NULL) 13157 wolfSSL_EVP_init(); 12560 13158 return EVP_AES_256_CTR; 12561 13159 } 12562 13160 #endif /* WOLFSSL_AES_256 */ 13161 13162 #ifdef WOLFSSL_AES_128 12563 13163 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void) 12564 13164 { 12565 13165 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_ecb"); 13166 if (EVP_AES_128_ECB == NULL) 13167 wolfSSL_EVP_init(); 12566 13168 return EVP_AES_128_ECB; 12567 13169 } 12568 12569 13170 #endif /* WOLFSSL_AES_128 */ 13171 13172 13173 #ifdef WOLFSSL_AES_192 12570 13174 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void) 12571 13175 { 12572 13176 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_ecb"); 13177 if (EVP_AES_192_ECB == NULL) 13178 wolfSSL_EVP_init(); 12573 13179 return EVP_AES_192_ECB; 12574 13180 } 12575 12576 13181 #endif /* WOLFSSL_AES_192*/ 13182 13183 13184 #ifdef WOLFSSL_AES_256 12577 13185 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void) 12578 13186 { 12579 13187 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_ecb"); 13188 if (EVP_AES_256_ECB == NULL) 13189 wolfSSL_EVP_init(); 12580 13190 return EVP_AES_256_ECB; 12581 13191 } 13192 #endif /* WOLFSSL_AES_256 */ 12582 13193 #endif /* NO_AES */ 12583 13194 … … 12586 13197 { 12587 13198 WOLFSSL_ENTER("wolfSSL_EVP_des_cbc"); 13199 if (EVP_DES_CBC == NULL) 13200 wolfSSL_EVP_init(); 12588 13201 return EVP_DES_CBC; 12589 13202 } … … 12592 13205 { 12593 13206 WOLFSSL_ENTER("wolfSSL_EVP_des_ecb"); 13207 if (EVP_DES_ECB == NULL) 13208 wolfSSL_EVP_init(); 12594 13209 return EVP_DES_ECB; 12595 13210 } … … 12598 13213 { 12599 13214 WOLFSSL_ENTER("wolfSSL_EVP_des_ede3_cbc"); 13215 if (EVP_DES_EDE3_CBC == NULL) 13216 wolfSSL_EVP_init(); 12600 13217 return EVP_DES_EDE3_CBC; 12601 13218 } … … 12604 13221 { 12605 13222 WOLFSSL_ENTER("wolfSSL_EVP_des_ede3_ecb"); 13223 if (EVP_DES_EDE3_ECB == NULL) 13224 wolfSSL_EVP_init(); 12606 13225 return EVP_DES_EDE3_ECB; 12607 13226 } … … 12609 13228 #endif /* NO_DES3 */ 12610 13229 13230 #ifndef NO_RC4 12611 13231 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void) 12612 13232 { … … 12615 13235 return type; 12616 13236 } 13237 #endif 12617 13238 12618 13239 #ifdef HAVE_IDEA … … 12620 13241 { 12621 13242 WOLFSSL_ENTER("wolfSSL_EVP_idea_cbc"); 13243 if (EVP_IDEA_CBC == NULL) 13244 wolfSSL_EVP_init(); 12622 13245 return EVP_IDEA_CBC; 12623 13246 } … … 12634 13257 { 12635 13258 WOLFSSL_ENTER("EVP_MD_CTX_cleanup"); 13259 if (ctx->pctx != NULL) 13260 wolfSSL_EVP_PKEY_CTX_free(ctx->pctx); 13261 13262 if (ctx->macType == (NID_hmac & 0xFF)) { 13263 wc_HmacFree(&ctx->hash.hmac); 13264 } 13265 else { 13266 switch (ctx->macType) { 13267 #ifndef NO_MD5 13268 case WC_HASH_TYPE_MD5: 13269 wc_Md5Free((wc_Md5*)&ctx->hash.digest); 13270 break; 13271 #endif /* !NO_MD5 */ 13272 13273 #ifndef NO_SHA 13274 case WC_HASH_TYPE_SHA: 13275 wc_ShaFree((wc_Sha*)&ctx->hash.digest); 13276 break; 13277 #endif /* !NO_SHA */ 13278 13279 #ifdef WOLFSSL_SHA224 13280 case WC_HASH_TYPE_SHA224: 13281 wc_Sha224Free((wc_Sha224*)&ctx->hash.digest); 13282 break; 13283 #endif /* WOLFSSL_SHA224 */ 13284 13285 #ifndef NO_SHA256 13286 case WC_HASH_TYPE_SHA256: 13287 wc_Sha256Free((wc_Sha256*)&ctx->hash.digest); 13288 break; 13289 #endif /* !NO_SHA256 */ 13290 13291 #ifdef WOLFSSL_SHA384 13292 case WC_HASH_TYPE_SHA384: 13293 wc_Sha384Free((wc_Sha384*)&ctx->hash.digest); 13294 break; 13295 #endif /* WOLFSSL_SHA384 */ 13296 #ifdef WOLFSSL_SHA512 13297 case WC_HASH_TYPE_SHA512: 13298 wc_Sha512Free((wc_Sha512*)&ctx->hash.digest); 13299 break; 13300 #endif /* WOLFSSL_SHA512 */ 13301 13302 default: 13303 return WOLFSSL_FAILURE; 13304 } 13305 } 12636 13306 ForceZero(ctx, sizeof(*ctx)); 12637 13307 ctx->macType = 0xFF; … … 12667 13337 /* return WOLFSSL_SUCCESS on ok, 0 on failure to match API compatibility */ 12668 13338 int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx, 12669 const WOLFSSL_EVP_CIPHER* type, byte* key,12670 byte* iv, int enc)13339 const WOLFSSL_EVP_CIPHER* type, const byte* key, 13340 const byte* iv, int enc) 12671 13341 { 12672 int ret = -1; /* failure local, during function 0 means success 12673 because internal functions work that way */ 13342 int ret = 0; 12674 13343 (void)key; 12675 13344 (void)iv; … … 12682 13351 } 12683 13352 12684 if (type == NULL && ctx->cipherType == 0xff) {13353 if (type == NULL && ctx->cipherType == WOLFSSL_EVP_CIPH_TYPE_INIT) { 12685 13354 WOLFSSL_MSG("no type set"); 12686 13355 return 0; /* failure */ 12687 13356 } 13357 if (ctx->cipherType == WOLFSSL_EVP_CIPH_TYPE_INIT){ 12688 13358 ctx->bufUsed = 0; 12689 13359 ctx->lastUsed = 0; 12690 13360 ctx->flags = 0; 13361 } 13362 13363 XMEMSET(&ctx->cipher, 0, sizeof(ctx->cipher)); 12691 13364 12692 13365 #ifndef NO_AES 12693 /* printf("cipherType=%d\n", ctx->cipherType); */ 13366 #ifdef HAVE_AES_CBC 13367 #ifdef WOLFSSL_AES_128 12694 13368 if (ctx->cipherType == AES_128_CBC_TYPE || 12695 13369 (type && XSTRNCMP(type, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)) { 12696 13370 WOLFSSL_MSG("EVP_AES_128_CBC"); 12697 13371 ctx->cipherType = AES_128_CBC_TYPE; 12698 ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE; 13372 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13373 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; 12699 13374 ctx->keyLen = 16; 12700 13375 ctx->block_size = AES_BLOCK_SIZE; … … 12713 13388 } 12714 13389 } 12715 else if (ctx->cipherType == AES_192_CBC_TYPE || 13390 #endif /* WOLFSSL_AES_128 */ 13391 #ifdef WOLFSSL_AES_192 13392 if (ctx->cipherType == AES_192_CBC_TYPE || 12716 13393 (type && XSTRNCMP(type, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)) { 12717 13394 WOLFSSL_MSG("EVP_AES_192_CBC"); 12718 13395 ctx->cipherType = AES_192_CBC_TYPE; 12719 ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE; 13396 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13397 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; 12720 13398 ctx->keyLen = 24; 12721 13399 ctx->block_size = AES_BLOCK_SIZE; … … 12734 13412 } 12735 13413 } 12736 else if (ctx->cipherType == AES_256_CBC_TYPE || 13414 #endif /* WOLFSSL_AES_192 */ 13415 #ifdef WOLFSSL_AES_256 13416 if (ctx->cipherType == AES_256_CBC_TYPE || 12737 13417 (type && XSTRNCMP(type, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)) { 12738 13418 WOLFSSL_MSG("EVP_AES_256_CBC"); 12739 13419 ctx->cipherType = AES_256_CBC_TYPE; 12740 ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE; 13420 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13421 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; 12741 13422 ctx->keyLen = 32; 12742 13423 ctx->block_size = AES_BLOCK_SIZE; … … 12746 13427 ret = wc_AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, 12747 13428 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); 12748 if (ret != 0) 13429 if (ret != 0){ 13430 WOLFSSL_MSG("wc_AesSetKey() failed"); 12749 13431 return ret; 13432 } 12750 13433 } 12751 13434 if (iv && key == NULL) { 12752 13435 ret = wc_AesSetIV(&ctx->cipher.aes, iv); 12753 if (ret != 0) 13436 if (ret != 0){ 13437 WOLFSSL_MSG("wc_AesSetIV() failed"); 12754 13438 return ret; 12755 13439 } 12756 13440 } 13441 } 13442 #endif /* WOLFSSL_AES_256 */ 13443 #endif /* HAVE_AES_CBC */ 12757 13444 #ifdef WOLFSSL_AES_COUNTER 12758 else if (ctx->cipherType == AES_128_CTR_TYPE || 13445 #ifdef WOLFSSL_AES_128 13446 if (ctx->cipherType == AES_128_CTR_TYPE || 12759 13447 (type && XSTRNCMP(type, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)) { 12760 13448 WOLFSSL_MSG("EVP_AES_128_CTR"); 13449 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 12761 13450 ctx->cipherType = AES_128_CTR_TYPE; 12762 ctx->flags 13451 ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE; 12763 13452 ctx->keyLen = 16; 12764 13453 ctx->block_size = AES_BLOCK_SIZE; … … 12777 13466 } 12778 13467 } 12779 else if (ctx->cipherType == AES_192_CTR_TYPE || 13468 #endif /* WOLFSSL_AES_128 */ 13469 #ifdef WOLFSSL_AES_192 13470 if (ctx->cipherType == AES_192_CTR_TYPE || 12780 13471 (type && XSTRNCMP(type, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)) { 12781 13472 WOLFSSL_MSG("EVP_AES_192_CTR"); 12782 13473 ctx->cipherType = AES_192_CTR_TYPE; 12783 ctx->flags = WOLFSSL_EVP_CIPH_CTR_MODE; 13474 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13475 ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE; 12784 13476 ctx->keyLen = 24; 12785 13477 ctx->block_size = AES_BLOCK_SIZE; … … 12798 13490 } 12799 13491 } 12800 else if (ctx->cipherType == AES_256_CTR_TYPE || 13492 #endif /* WOLFSSL_AES_192 */ 13493 #ifdef WOLFSSL_AES_256 13494 if (ctx->cipherType == AES_256_CTR_TYPE || 12801 13495 (type && XSTRNCMP(type, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)) { 12802 13496 WOLFSSL_MSG("EVP_AES_256_CTR"); 12803 13497 ctx->cipherType = AES_256_CTR_TYPE; 12804 ctx->flags = WOLFSSL_EVP_CIPH_CTR_MODE; 13498 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13499 ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE; 12805 13500 ctx->keyLen = 32; 12806 13501 ctx->block_size = AES_BLOCK_SIZE; … … 12819 13514 } 12820 13515 } 12821 #endif /* WOLFSSL_AES_CTR */ 12822 else if (ctx->cipherType == AES_128_ECB_TYPE || 13516 #endif /* WOLFSSL_AES_256 */ 13517 #endif /* WOLFSSL_AES_COUNTER */ 13518 #ifdef WOLFSSL_AES_128 13519 if (ctx->cipherType == AES_128_ECB_TYPE || 12823 13520 (type && XSTRNCMP(type, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)) { 12824 13521 WOLFSSL_MSG("EVP_AES_128_ECB"); 12825 13522 ctx->cipherType = AES_128_ECB_TYPE; 12826 ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE; 13523 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13524 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; 12827 13525 ctx->keyLen = 16; 12828 13526 ctx->block_size = AES_BLOCK_SIZE; … … 12836 13534 return ret; 12837 13535 } 12838 else if (ctx->cipherType == AES_192_ECB_TYPE || 13536 #endif /* WOLFSSL_AES_128 */ 13537 #ifdef WOLFSSL_AES_192 13538 if (ctx->cipherType == AES_192_ECB_TYPE || 12839 13539 (type && XSTRNCMP(type, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)) { 12840 13540 WOLFSSL_MSG("EVP_AES_192_ECB"); 12841 13541 ctx->cipherType = AES_192_ECB_TYPE; 12842 ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE; 13542 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13543 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; 12843 13544 ctx->keyLen = 24; 12844 13545 ctx->block_size = AES_BLOCK_SIZE; … … 12846 13547 ctx->enc = enc ? 1 : 0; 12847 13548 if (key) { 12848 if(ctx->enc)12849 13549 ret = wc_AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, NULL, 12850 13550 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); … … 12853 13553 return ret; 12854 13554 } 12855 else if (ctx->cipherType == AES_256_ECB_TYPE || 13555 #endif /* WOLFSSL_AES_192 */ 13556 #ifdef WOLFSSL_AES_256 13557 if (ctx->cipherType == AES_256_ECB_TYPE || 12856 13558 (type && XSTRNCMP(type, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)) { 12857 13559 WOLFSSL_MSG("EVP_AES_256_ECB"); 12858 13560 ctx->cipherType = AES_256_ECB_TYPE; 12859 ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE; 13561 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13562 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; 12860 13563 ctx->keyLen = 32; 12861 13564 ctx->block_size = AES_BLOCK_SIZE; … … 12869 13572 return ret; 12870 13573 } 13574 #endif /* WOLFSSL_AES_256 */ 12871 13575 #endif /* NO_AES */ 12872 13576 … … 12876 13580 WOLFSSL_MSG("EVP_DES_CBC"); 12877 13581 ctx->cipherType = DES_CBC_TYPE; 12878 ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE; 13582 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13583 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; 12879 13584 ctx->keyLen = 8; 12880 13585 ctx->block_size = DES_BLOCK_SIZE; … … 12896 13601 WOLFSSL_MSG("EVP_DES_ECB"); 12897 13602 ctx->cipherType = DES_ECB_TYPE; 12898 ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE; 13603 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13604 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; 12899 13605 ctx->keyLen = 8; 12900 13606 ctx->block_size = DES_BLOCK_SIZE; … … 12902 13608 ctx->enc = enc ? 1 : 0; 12903 13609 if (key) { 13610 WOLFSSL_MSG("Des_SetKey"); 12904 13611 ret = wc_Des_SetKey(&ctx->cipher.des, key, NULL, 12905 13612 ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION); … … 12914 13621 WOLFSSL_MSG("EVP_DES_EDE3_CBC"); 12915 13622 ctx->cipherType = DES_EDE3_CBC_TYPE; 12916 ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE; 13623 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13624 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; 12917 13625 ctx->keyLen = 24; 12918 13626 ctx->block_size = DES_BLOCK_SIZE; … … 12937 13645 WOLFSSL_MSG("EVP_DES_EDE3_ECB"); 12938 13646 ctx->cipherType = DES_EDE3_ECB_TYPE; 12939 ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE; 13647 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13648 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; 12940 13649 ctx->keyLen = 24; 12941 13650 ctx->block_size = DES_BLOCK_SIZE; … … 12955 13664 WOLFSSL_MSG("ARC4"); 12956 13665 ctx->cipherType = ARC4_TYPE; 12957 ctx->flags = WOLFSSL_EVP_CIPH_STREAM_CIPHER; 13666 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13667 ctx->flags |= WOLFSSL_EVP_CIPH_STREAM_CIPHER; 13668 ctx->block_size = 1; 12958 13669 if (ctx->keyLen == 0) /* user may have already set */ 12959 13670 ctx->keyLen = 16; /* default to 128 */ 12960 13671 if (key) 12961 13672 wc_Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen); 12962 ret = 0; /* success */12963 13673 } 12964 13674 #endif /* NO_RC4 */ … … 12968 13678 WOLFSSL_MSG("EVP_IDEA_CBC"); 12969 13679 ctx->cipherType = IDEA_CBC_TYPE; 12970 ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE; 13680 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; 13681 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; 12971 13682 ctx->keyLen = IDEA_KEY_SIZE; 13683 ctx->block_size = 8; 12972 13684 if (enc == 0 || enc == 1) 12973 13685 ctx->enc = enc ? 1 : 0; … … 12989 13701 ctx->cipherType = NULL_CIPHER_TYPE; 12990 13702 ctx->keyLen = 0; 12991 ret = 0; /* success */ 12992 } 12993 12994 if (ret == 0) 13703 ctx->block_size = 16; 13704 } 13705 (void)ret; /* remove warning. If execution reaches this point, ret=0 */ 12995 13706 return WOLFSSL_SUCCESS; 12996 else12997 return 0; /* overall failure */12998 13707 } 12999 13708 … … 13071 13780 case AES_256_CTR_TYPE : 13072 13781 WOLFSSL_MSG("AES CTR"); 13073 wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len);13782 ret = wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len); 13074 13783 break; 13075 13784 #endif /* WOLFSSL_AES_COUNTER */ … … 13290 13999 13291 14000 if (XSTRNCMP(type, "SHA256", 6) == 0) { 13292 ctx->macType = WC_ SHA256;14001 ctx->macType = WC_HASH_TYPE_SHA256; 13293 14002 ret = wolfSSL_SHA256_Init(&(ctx->hash.digest.sha256)); 13294 14003 } 13295 14004 #ifdef WOLFSSL_SHA224 13296 14005 else if (XSTRNCMP(type, "SHA224", 6) == 0) { 13297 ctx->macType = WC_ SHA224;14006 ctx->macType = WC_HASH_TYPE_SHA224; 13298 14007 ret = wolfSSL_SHA224_Init(&(ctx->hash.digest.sha224)); 13299 14008 } … … 13301 14010 #ifdef WOLFSSL_SHA384 13302 14011 else if (XSTRNCMP(type, "SHA384", 6) == 0) { 13303 ctx->macType = WC_ SHA384;14012 ctx->macType = WC_HASH_TYPE_SHA384; 13304 14013 ret = wolfSSL_SHA384_Init(&(ctx->hash.digest.sha384)); 13305 14014 } … … 13307 14016 #ifdef WOLFSSL_SHA512 13308 14017 else if (XSTRNCMP(type, "SHA512", 6) == 0) { 13309 ctx->macType = WC_ SHA512;14018 ctx->macType = WC_HASH_TYPE_SHA512; 13310 14019 ret = wolfSSL_SHA512_Init(&(ctx->hash.digest.sha512)); 14020 } 14021 #endif 14022 #ifndef NO_MD4 14023 else if (XSTRNCMP(type, "MD4", 3) == 0) { 14024 ctx->macType = WC_HASH_TYPE_MD4; 14025 wolfSSL_MD4_Init(&(ctx->hash.digest.md4)); 13311 14026 } 13312 14027 #endif 13313 14028 #ifndef NO_MD5 13314 14029 else if (XSTRNCMP(type, "MD5", 3) == 0) { 13315 ctx->macType = WC_ MD5;14030 ctx->macType = WC_HASH_TYPE_MD5; 13316 14031 ret = wolfSSL_MD5_Init(&(ctx->hash.digest.md5)); 13317 14032 } … … 13320 14035 /* has to be last since would pick or 224, 256, 384, or 512 too */ 13321 14036 else if (XSTRNCMP(type, "SHA", 3) == 0) { 13322 ctx->macType = WC_ SHA;14037 ctx->macType = WC_HASH_TYPE_SHA; 13323 14038 ret = wolfSSL_SHA_Init(&(ctx->hash.digest.sha)); 13324 14039 } … … 13331 14046 13332 14047 13333 /* WOLFSSL_SUCCESS on ok */14048 /* WOLFSSL_SUCCESS on ok, WOLFSSL_FAILURE on failure */ 13334 14049 int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data, 13335 unsigned longsz)14050 size_t sz) 13336 14051 { 13337 14052 WOLFSSL_ENTER("EVP_DigestUpdate"); 13338 14053 13339 14054 switch (ctx->macType) { 14055 #ifndef NO_MD4 14056 case WC_HASH_TYPE_MD4: 14057 wolfSSL_MD4_Update((MD4_CTX*)&ctx->hash, data, 14058 (unsigned long)sz); 14059 break; 14060 #endif 13340 14061 #ifndef NO_MD5 13341 case WC_ MD5:14062 case WC_HASH_TYPE_MD5: 13342 14063 wolfSSL_MD5_Update((MD5_CTX*)&ctx->hash, data, 13343 14064 (unsigned long)sz); … … 13345 14066 #endif 13346 14067 #ifndef NO_SHA 13347 case WC_ SHA:14068 case WC_HASH_TYPE_SHA: 13348 14069 wolfSSL_SHA_Update((SHA_CTX*)&ctx->hash, data, 13349 14070 (unsigned long)sz); … … 13351 14072 #endif 13352 14073 #ifdef WOLFSSL_SHA224 13353 case WC_ SHA224:14074 case WC_HASH_TYPE_SHA224: 13354 14075 wolfSSL_SHA224_Update((SHA224_CTX*)&ctx->hash, data, 13355 14076 (unsigned long)sz); … … 13357 14078 #endif 13358 14079 #ifndef NO_SHA256 13359 case WC_ SHA256:14080 case WC_HASH_TYPE_SHA256: 13360 14081 wolfSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data, 13361 14082 (unsigned long)sz); … … 13363 14084 #endif /* !NO_SHA256 */ 13364 14085 #ifdef WOLFSSL_SHA384 13365 case WC_ SHA384:14086 case WC_HASH_TYPE_SHA384: 13366 14087 wolfSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data, 13367 14088 (unsigned long)sz); … … 13369 14090 #endif 13370 14091 #ifdef WOLFSSL_SHA512 13371 case WC_ SHA512:14092 case WC_HASH_TYPE_SHA512: 13372 14093 wolfSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data, 13373 14094 (unsigned long)sz); … … 13375 14096 #endif /* WOLFSSL_SHA512 */ 13376 14097 default: 13377 return BAD_FUNC_ARG;14098 return WOLFSSL_FAILURE; 13378 14099 } 13379 14100 … … 13388 14109 WOLFSSL_ENTER("EVP_DigestFinal"); 13389 14110 switch (ctx->macType) { 14111 #ifndef NO_MD4 14112 case WC_HASH_TYPE_MD4: 14113 wolfSSL_MD4_Final(md, (MD4_CTX*)&ctx->hash); 14114 if (s) *s = MD4_DIGEST_SIZE; 14115 break; 14116 #endif 13390 14117 #ifndef NO_MD5 13391 case WC_ MD5:14118 case WC_HASH_TYPE_MD5: 13392 14119 wolfSSL_MD5_Final(md, (MD5_CTX*)&ctx->hash); 13393 14120 if (s) *s = WC_MD5_DIGEST_SIZE; … … 13395 14122 #endif 13396 14123 #ifndef NO_SHA 13397 case WC_ SHA:14124 case WC_HASH_TYPE_SHA: 13398 14125 wolfSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash); 13399 14126 if (s) *s = WC_SHA_DIGEST_SIZE; … … 13401 14128 #endif 13402 14129 #ifdef WOLFSSL_SHA224 13403 case WC_ SHA224:14130 case WC_HASH_TYPE_SHA224: 13404 14131 wolfSSL_SHA224_Final(md, (SHA224_CTX*)&ctx->hash); 13405 14132 if (s) *s = WC_SHA224_DIGEST_SIZE; … … 13407 14134 #endif 13408 14135 #ifndef NO_SHA256 13409 case WC_ SHA256:14136 case WC_HASH_TYPE_SHA256: 13410 14137 wolfSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash); 13411 14138 if (s) *s = WC_SHA256_DIGEST_SIZE; … … 13413 14140 #endif /* !NO_SHA256 */ 13414 14141 #ifdef WOLFSSL_SHA384 13415 case WC_ SHA384:14142 case WC_HASH_TYPE_SHA384: 13416 14143 wolfSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash); 13417 14144 if (s) *s = WC_SHA384_DIGEST_SIZE; … … 13419 14146 #endif 13420 14147 #ifdef WOLFSSL_SHA512 13421 case WC_ SHA512:14148 case WC_HASH_TYPE_SHA512: 13422 14149 wolfSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash); 13423 14150 if (s) *s = WC_SHA512_DIGEST_SIZE; … … 13425 14152 #endif /* WOLFSSL_SHA512 */ 13426 14153 default: 13427 return BAD_FUNC_ARG;14154 return WOLFSSL_FAILURE; 13428 14155 } 13429 14156 … … 13446 14173 { 13447 14174 int type; 14175 int mdlen; 13448 14176 unsigned char* ret = NULL; 13449 14177 #ifdef WOLFSSL_SMALL_STACK … … 13454 14182 void* heap = NULL; 13455 14183 13456 WOLFSSL_ENTER("HMAC"); 13457 if (!md) 14184 WOLFSSL_ENTER("wolfSSL_HMAC"); 14185 if (!md) { 14186 WOLFSSL_MSG("Static buffer not supported, pass in md buffer"); 13458 14187 return NULL; /* no static buffer support */ 13459 13460 if (XSTRNCMP(evp_md, "MD5", 3) == 0) 14188 } 14189 14190 #ifndef NO_MD5 14191 if (XSTRNCMP(evp_md, "MD5", 3) == 0) { 13461 14192 type = WC_MD5; 13462 else if (XSTRNCMP(evp_md, "SHA", 3) == 0) 14193 mdlen = WC_MD5_DIGEST_SIZE; 14194 } else 14195 #endif 14196 #ifdef WOLFSSL_SHA224 14197 if (XSTRNCMP(evp_md, "SHA224", 6) == 0) { 14198 type = WC_SHA224; 14199 mdlen = WC_SHA224_DIGEST_SIZE; 14200 } else 14201 #endif 14202 #ifndef NO_SHA256 14203 if (XSTRNCMP(evp_md, "SHA256", 6) == 0) { 14204 type = WC_SHA256; 14205 mdlen = WC_SHA256_DIGEST_SIZE; 14206 } else 14207 #endif 14208 #ifdef WOLFSSL_SHA384 14209 if (XSTRNCMP(evp_md, "SHA384", 6) == 0) { 14210 type = WC_SHA384; 14211 mdlen = WC_SHA384_DIGEST_SIZE; 14212 } else 14213 #endif 14214 #ifdef WOLFSSL_SHA512 14215 if (XSTRNCMP(evp_md, "SHA512", 6) == 0) { 14216 type = WC_SHA512; 14217 mdlen = WC_SHA512_DIGEST_SIZE; 14218 } else 14219 #endif 14220 #ifndef NO_SHA 14221 if (XSTRNCMP(evp_md, "SHA", 3) == 0) { 13463 14222 type = WC_SHA; 13464 else 14223 mdlen = WC_SHA_DIGEST_SIZE; 14224 } else 14225 #endif 14226 { 13465 14227 return NULL; 14228 } 13466 14229 13467 14230 #ifdef WOLFSSL_SMALL_STACK … … 13476 14239 if (wc_HmacFinal(hmac, md) == 0) { 13477 14240 if (md_len) 13478 *md_len = (type == WC_MD5) ? (int)WC_MD5_DIGEST_SIZE 13479 : (int)WC_SHA_DIGEST_SIZE; 14241 *md_len = mdlen; 13480 14242 ret = md; 13481 14243 } … … 13489 14251 #endif 13490 14252 14253 (void)evp_md; 13491 14254 return ret; 13492 14255 } … … 13496 14259 WOLFSSL_ENTER("wolfSSL_ERR_clear_error"); 13497 14260 13498 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)14261 #if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_NGINX) 13499 14262 wc_ClearErrorNodes(); 13500 14263 #endif 14264 } 14265 14266 14267 /* frees all nodes in the current threads error queue 14268 * 14269 * id thread id. ERR_remove_state is depriciated and id is ignored. The 14270 * current threads queue will be free'd. 14271 */ 14272 void wolfSSL_ERR_remove_state(unsigned long id) 14273 { 14274 WOLFSSL_ENTER("wolfSSL_ERR_remove_state"); 14275 (void)id; 14276 if (wc_ERR_remove_state() != 0) { 14277 WOLFSSL_MSG("Error with removing the state"); 14278 } 13501 14279 } 13502 14280 … … 13508 14286 13509 14287 13510 14288 #ifndef NO_WOLFSSL_STUB 13511 14289 void wolfSSL_RAND_add(const void* add, int len, double entropy) 13512 14290 { … … 13514 14292 (void)len; 13515 14293 (void)entropy; 13516 14294 WOLFSSL_STUB("RAND_add"); 13517 14295 /* wolfSSL seeds/adds internally, use explicit RNG if you want 13518 14296 to take control */ 13519 14297 } 13520 14298 #endif 13521 14299 13522 14300 #ifndef NO_DES3 13523 /* WOLFSSL_SUCCESSon ok */14301 /* 0 on ok */ 13524 14302 int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key, 13525 14303 WOLFSSL_DES_key_schedule* schedule) 13526 14304 { 13527 WOLFSSL_ENTER("DES_key_sched"); 13528 XMEMCPY(schedule, key, sizeof(const_DES_cblock)); 13529 return WOLFSSL_SUCCESS; 14305 WOLFSSL_ENTER("wolfSSL_DES_key_sched"); 14306 14307 if (key == NULL || schedule == NULL) { 14308 WOLFSSL_MSG("Null argument passed in"); 14309 } 14310 else { 14311 XMEMCPY(schedule, key, sizeof(WOLFSSL_const_DES_cblock)); 14312 } 14313 14314 return 0; 14315 } 14316 14317 14318 /* intended to behave similar to Kerberos mit_des_cbc_cksum 14319 * return the last 4 bytes of cipher text */ 14320 WOLFSSL_DES_LONG wolfSSL_DES_cbc_cksum(const unsigned char* in, 14321 WOLFSSL_DES_cblock* out, long length, WOLFSSL_DES_key_schedule* sc, 14322 WOLFSSL_const_DES_cblock* iv) 14323 { 14324 WOLFSSL_DES_LONG ret; 14325 unsigned char* tmp; 14326 unsigned char* data = (unsigned char*)in; 14327 long dataSz = length; 14328 byte dynamicFlag = 0; /* when padding the buffer created needs free'd */ 14329 14330 WOLFSSL_ENTER("wolfSSL_DES_cbc_cksum"); 14331 14332 if (in == NULL || out == NULL || sc == NULL || iv == NULL) { 14333 WOLFSSL_MSG("Bad argument passed in"); 14334 return 0; 14335 } 14336 14337 /* if input length is not a multiple of DES_BLOCK_SIZE pad with 0s */ 14338 if (dataSz % DES_BLOCK_SIZE) { 14339 dataSz += DES_BLOCK_SIZE - (dataSz % DES_BLOCK_SIZE); 14340 data = (unsigned char*)XMALLOC(dataSz, NULL, 14341 DYNAMIC_TYPE_TMP_BUFFER); 14342 if (data == NULL) { 14343 WOLFSSL_MSG("Issue creating temporary buffer"); 14344 return 0; 14345 } 14346 dynamicFlag = 1; /* set to free buffer at end */ 14347 XMEMCPY(data, in, length); 14348 XMEMSET(data + length, 0, dataSz - length); /* padding */ 14349 } 14350 14351 tmp = (unsigned char*)XMALLOC(dataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 14352 if (tmp == NULL) { 14353 WOLFSSL_MSG("Issue creating temporary buffer"); 14354 if (dynamicFlag == 1) { 14355 XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER); 14356 } 14357 return 0; 14358 } 14359 14360 wolfSSL_DES_cbc_encrypt(data, tmp, dataSz, sc, 14361 (WOLFSSL_DES_cblock*)iv, 1); 14362 XMEMCPY((unsigned char*)out, tmp + (dataSz - DES_BLOCK_SIZE), 14363 DES_BLOCK_SIZE); 14364 14365 ret = (((*((unsigned char*)out + 4) & 0xFF) << 24)| 14366 ((*((unsigned char*)out + 5) & 0xFF) << 16)| 14367 ((*((unsigned char*)out + 6) & 0xFF) << 8) | 14368 (*((unsigned char*)out + 7) & 0xFF)); 14369 14370 XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); 14371 if (dynamicFlag == 1) { 14372 XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER); 14373 } 14374 14375 return ret; 13530 14376 } 13531 14377 … … 13537 14383 { 13538 14384 Des myDes; 14385 byte lastblock[DES_BLOCK_SIZE]; 14386 int lb_sz; 14387 long blk; 13539 14388 13540 14389 WOLFSSL_ENTER("DES_cbc_encrypt"); … … 13542 14391 /* OpenSSL compat, no ret */ 13543 14392 wc_Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc); 13544 13545 if (enc) 13546 wc_Des_CbcEncrypt(&myDes, output, input, (word32)length); 13547 else 13548 wc_Des_CbcDecrypt(&myDes, output, input, (word32)length); 14393 lb_sz = length%DES_BLOCK_SIZE; 14394 blk = length/DES_BLOCK_SIZE; 14395 14396 if (enc){ 14397 wc_Des_CbcEncrypt(&myDes, output, input, (word32)blk*DES_BLOCK_SIZE); 14398 if(lb_sz){ 14399 XMEMSET(lastblock, 0, DES_BLOCK_SIZE); 14400 XMEMCPY(lastblock, input+length-lb_sz, lb_sz); 14401 wc_Des_CbcEncrypt(&myDes, output+blk*DES_BLOCK_SIZE, 14402 lastblock, (word32)DES_BLOCK_SIZE); 14403 } 14404 } 14405 else { 14406 wc_Des_CbcDecrypt(&myDes, output, input, (word32)blk*DES_BLOCK_SIZE); 14407 if(lb_sz){ 14408 wc_Des_CbcDecrypt(&myDes, lastblock, input+length-lb_sz, (word32)DES_BLOCK_SIZE); 14409 XMEMCPY(output+length-lb_sz, lastblock, lb_sz); 14410 } 14411 } 13549 14412 } 13550 14413 … … 13560 14423 Des3 des; 13561 14424 byte key[24];/* EDE uses 24 size key */ 14425 byte lastblock[DES_BLOCK_SIZE]; 14426 int lb_sz; 14427 long blk; 13562 14428 13563 14429 WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt"); … … 13567 14433 XMEMCPY(&key[DES_BLOCK_SIZE], *ks2, DES_BLOCK_SIZE); 13568 14434 XMEMCPY(&key[DES_BLOCK_SIZE * 2], *ks3, DES_BLOCK_SIZE); 14435 lb_sz = sz%DES_BLOCK_SIZE; 14436 blk = sz/DES_BLOCK_SIZE; 14437 14438 /* OpenSSL compat, no ret */ 14439 wc_Des3Init(&des, NULL, INVALID_DEVID); 13569 14440 13570 14441 if (enc) { 13571 14442 wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_ENCRYPTION); 13572 wc_Des3_CbcEncrypt(&des, output, input, (word32)sz); 14443 wc_Des3_CbcEncrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE); 14444 if(lb_sz){ 14445 XMEMSET(lastblock, 0, DES_BLOCK_SIZE); 14446 XMEMCPY(lastblock, input+sz-lb_sz, lb_sz); 14447 wc_Des3_CbcEncrypt(&des, output+blk*DES_BLOCK_SIZE, 14448 lastblock, (word32)DES_BLOCK_SIZE); 14449 } 13573 14450 } 13574 14451 else { 13575 14452 wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_DECRYPTION); 13576 wc_Des3_CbcDecrypt(&des, output, input, (word32)sz); 13577 } 14453 wc_Des3_CbcDecrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE); 14454 if(lb_sz){ 14455 wc_Des3_CbcDecrypt(&des, lastblock, input+sz-lb_sz, (word32)DES_BLOCK_SIZE); 14456 XMEMCPY(output+sz-lb_sz, lastblock, lb_sz); 14457 } 14458 } 14459 wc_Des3Free(&des); 13578 14460 } 13579 14461 … … 13586 14468 { 13587 14469 Des myDes; 14470 byte lastblock[DES_BLOCK_SIZE]; 14471 int lb_sz; 14472 long idx = length; 14473 long blk; 13588 14474 13589 14475 WOLFSSL_ENTER("DES_ncbc_encrypt"); … … 13591 14477 /* OpenSSL compat, no ret */ 13592 14478 wc_Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc); 13593 13594 if (enc) 13595 wc_Des_CbcEncrypt(&myDes, output, input, (word32)length); 13596 else 13597 wc_Des_CbcDecrypt(&myDes, output, input, (word32)length); 13598 13599 XMEMCPY(ivec, output + length - sizeof(DES_cblock), sizeof(DES_cblock)); 14479 lb_sz = length%DES_BLOCK_SIZE; 14480 blk = length/DES_BLOCK_SIZE; 14481 idx -= sizeof(DES_cblock); 14482 if (lb_sz) { 14483 idx += DES_BLOCK_SIZE - lb_sz; 14484 } 14485 if (enc){ 14486 wc_Des_CbcEncrypt(&myDes, output, input, 14487 (word32)blk * DES_BLOCK_SIZE); 14488 if (lb_sz){ 14489 XMEMSET(lastblock, 0, DES_BLOCK_SIZE); 14490 XMEMCPY(lastblock, input+length-lb_sz, lb_sz); 14491 wc_Des_CbcEncrypt(&myDes, output + blk * DES_BLOCK_SIZE, 14492 lastblock, (word32)DES_BLOCK_SIZE); 14493 } 14494 XMEMCPY(ivec, output + idx, sizeof(DES_cblock)); 14495 } else { 14496 WOLFSSL_DES_cblock tmp; 14497 XMEMCPY(tmp, input + idx, sizeof(DES_cblock)); 14498 wc_Des_CbcDecrypt(&myDes, output, input, 14499 (word32)blk * DES_BLOCK_SIZE); 14500 if (lb_sz){ 14501 wc_Des_CbcDecrypt(&myDes, lastblock, input + length - lb_sz, 14502 (word32)DES_BLOCK_SIZE); 14503 XMEMCPY(output+length-lb_sz, lastblock, lb_sz); 14504 } 14505 XMEMCPY(ivec, tmp, sizeof(WOLFSSL_DES_cblock)); 14506 } 14507 13600 14508 } 13601 14509 … … 13609 14517 13610 14518 13611 void wolfSSL_ERR_remove_state(unsigned long state)13612 {13613 /* TODO: GetErrors().Remove(); */13614 (void)state;13615 }13616 13617 13618 14519 void wolfSSL_EVP_cleanup(void) 13619 14520 { … … 13626 14527 /* nothing to do here */ 13627 14528 } 13628 13629 14529 13630 14530 int wolfSSL_clear(WOLFSSL* ssl) … … 13672 14572 #endif 13673 14573 } 13674 14574 #ifdef SESSION_CERTS 14575 ssl->session.chain.count = 0; 14576 #endif 13675 14577 #ifdef KEEP_PEER_CERT 13676 14578 FreeX509(&ssl->peerCert); … … 13680 14582 return WOLFSSL_SUCCESS; 13681 14583 } 13682 13683 14584 13684 14585 long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t) … … 13695 14596 } 13696 14597 13697 14598 #endif 14599 14600 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 13698 14601 long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode) 13699 14602 { … … 13706 14609 return mode; 13707 14610 } 13708 13709 14611 #endif 14612 14613 #ifdef OPENSSL_EXTRA 14614 14615 #ifndef NO_WOLFSSL_STUB 13710 14616 long wolfSSL_SSL_get_mode(WOLFSSL* ssl) 13711 14617 { 13712 14618 /* TODO: */ 13713 14619 (void)ssl; 14620 WOLFSSL_STUB("SSL_get_mode"); 13714 14621 return 0; 13715 14622 } 13716 13717 14623 #endif 14624 14625 #ifndef NO_WOLFSSL_STUB 13718 14626 long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx) 13719 14627 { 13720 14628 /* TODO: */ 13721 14629 (void)ctx; 14630 WOLFSSL_STUB("SSL_CTX_get_mode"); 13722 14631 return 0; 13723 14632 } 13724 13725 14633 #endif 14634 14635 #ifndef NO_WOLFSSL_STUB 13726 14636 void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m) 13727 14637 { … … 13729 14639 (void)ctx; 13730 14640 (void)m; 13731 } 13732 13733 14641 WOLFSSL_STUB("SSL_CTX_set_default_read_ahead"); 14642 } 14643 #endif 14644 14645 14646 /* Storing app session context id, this value is inherited by WOLFSSL 14647 * objects created from WOLFSSL_CTX. Any session that is imported with a 14648 * different session context id will be rejected. 14649 * 14650 * ctx structure to set context in 14651 * sid_ctx value of context to set 14652 * sid_ctx_len length of sid_ctx buffer 14653 * 14654 * Returns SSL_SUCCESS in success case and SSL_FAILURE when failing 14655 */ 13734 14656 int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX* ctx, 13735 14657 const unsigned char* sid_ctx, 13736 14658 unsigned int sid_ctx_len) 13737 14659 { 14660 WOLFSSL_ENTER("SSL_CTX_set_session_id_context"); 14661 13738 14662 /* No application specific context needed for wolfSSL */ 13739 (void)ctx; 13740 (void)sid_ctx; 13741 (void)sid_ctx_len; 13742 return WOLFSSL_SUCCESS; 14663 if (sid_ctx_len > ID_LEN || ctx == NULL || sid_ctx == NULL) { 14664 return SSL_FAILURE; 14665 } 14666 XMEMCPY(ctx->sessionCtx, sid_ctx, sid_ctx_len); 14667 ctx->sessionCtxSz = (byte)sid_ctx_len; 14668 14669 return SSL_SUCCESS; 14670 } 14671 14672 14673 14674 /* Storing app session context id. Any session that is imported with a 14675 * different session context id will be rejected. 14676 * 14677 * ssl structure to set context in 14678 * id value of context to set 14679 * len length of sid_ctx buffer 14680 * 14681 * Returns SSL_SUCCESS in success case and SSL_FAILURE when failing 14682 */ 14683 int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id, 14684 unsigned int len) 14685 { 14686 WOLFSSL_STUB("wolfSSL_set_session_id_context"); 14687 14688 if (len > ID_LEN || ssl == NULL || id == NULL) { 14689 return SSL_FAILURE; 14690 } 14691 XMEMCPY(ssl->sessionCtx, id, len); 14692 ssl->sessionCtxSz = (byte)len; 14693 14694 return SSL_SUCCESS; 13743 14695 } 13744 14696 … … 13754 14706 } 13755 14707 14708 14709 /* returns the unsigned error value and increments the pointer into the 14710 * error queue. 14711 * 14712 * file pointer to file name 14713 * line gets set to line number of error when not NULL 14714 */ 14715 unsigned long wolfSSL_ERR_get_error_line(const char** file, int* line) 14716 { 14717 #ifdef DEBUG_WOLFSSL 14718 int ret = wc_PullErrorNode(file, NULL, line); 14719 if (ret < 0) { 14720 if (ret == BAD_STATE_E) return 0; /* no errors in queue */ 14721 WOLFSSL_MSG("Issue getting error node"); 14722 WOLFSSL_LEAVE("wolfSSL_ERR_get_error_line", ret); 14723 ret = 0 - ret; /* return absolute value of error */ 14724 14725 /* panic and try to clear out nodes */ 14726 wc_ClearErrorNodes(); 14727 } 14728 return (unsigned long)ret; 14729 #else 14730 (void)file; 14731 (void)line; 14732 14733 return 0; 14734 #endif 14735 } 14736 14737 14738 #ifdef DEBUG_WOLFSSL 14739 static const char WOLFSSL_SYS_ACCEPT_T[] = "accept"; 14740 static const char WOLFSSL_SYS_BIND_T[] = "bind"; 14741 static const char WOLFSSL_SYS_CONNECT_T[] = "connect"; 14742 static const char WOLFSSL_SYS_FOPEN_T[] = "fopen"; 14743 static const char WOLFSSL_SYS_FREAD_T[] = "fread"; 14744 static const char WOLFSSL_SYS_GETADDRINFO_T[] = "getaddrinfo"; 14745 static const char WOLFSSL_SYS_GETSOCKOPT_T[] = "getsockopt"; 14746 static const char WOLFSSL_SYS_GETSOCKNAME_T[] = "getsockname"; 14747 static const char WOLFSSL_SYS_GETHOSTBYNAME_T[] = "gethostbyname"; 14748 static const char WOLFSSL_SYS_GETNAMEINFO_T[] = "getnameinfo"; 14749 static const char WOLFSSL_SYS_GETSERVBYNAME_T[] = "getservbyname"; 14750 static const char WOLFSSL_SYS_IOCTLSOCKET_T[] = "ioctlsocket"; 14751 static const char WOLFSSL_SYS_LISTEN_T[] = "listen"; 14752 static const char WOLFSSL_SYS_OPENDIR_T[] = "opendir"; 14753 static const char WOLFSSL_SYS_SETSOCKOPT_T[] = "setsockopt"; 14754 static const char WOLFSSL_SYS_SOCKET_T[] = "socket"; 14755 14756 /* switch with int mapped to function name for compatibility */ 14757 static const char* wolfSSL_ERR_sys_func(int fun) 14758 { 14759 switch (fun) { 14760 case WOLFSSL_SYS_ACCEPT: return WOLFSSL_SYS_ACCEPT_T; 14761 case WOLFSSL_SYS_BIND: return WOLFSSL_SYS_BIND_T; 14762 case WOLFSSL_SYS_CONNECT: return WOLFSSL_SYS_CONNECT_T; 14763 case WOLFSSL_SYS_FOPEN: return WOLFSSL_SYS_FOPEN_T; 14764 case WOLFSSL_SYS_FREAD: return WOLFSSL_SYS_FREAD_T; 14765 case WOLFSSL_SYS_GETADDRINFO: return WOLFSSL_SYS_GETADDRINFO_T; 14766 case WOLFSSL_SYS_GETSOCKOPT: return WOLFSSL_SYS_GETSOCKOPT_T; 14767 case WOLFSSL_SYS_GETSOCKNAME: return WOLFSSL_SYS_GETSOCKNAME_T; 14768 case WOLFSSL_SYS_GETHOSTBYNAME: return WOLFSSL_SYS_GETHOSTBYNAME_T; 14769 case WOLFSSL_SYS_GETNAMEINFO: return WOLFSSL_SYS_GETNAMEINFO_T; 14770 case WOLFSSL_SYS_GETSERVBYNAME: return WOLFSSL_SYS_GETSERVBYNAME_T; 14771 case WOLFSSL_SYS_IOCTLSOCKET: return WOLFSSL_SYS_IOCTLSOCKET_T; 14772 case WOLFSSL_SYS_LISTEN: return WOLFSSL_SYS_LISTEN_T; 14773 case WOLFSSL_SYS_OPENDIR: return WOLFSSL_SYS_OPENDIR_T; 14774 case WOLFSSL_SYS_SETSOCKOPT: return WOLFSSL_SYS_SETSOCKOPT_T; 14775 case WOLFSSL_SYS_SOCKET: return WOLFSSL_SYS_SOCKET_T; 14776 default: 14777 return "NULL"; 14778 } 14779 } 14780 #endif /* DEBUG_WOLFSSL */ 14781 14782 14783 /* @TODO when having an error queue this needs to push to the queue */ 14784 void wolfSSL_ERR_put_error(int lib, int fun, int err, const char* file, 14785 int line) 14786 { 14787 WOLFSSL_ENTER("wolfSSL_ERR_put_error"); 14788 14789 #ifndef DEBUG_WOLFSSL 14790 (void)fun; 14791 (void)err; 14792 (void)file; 14793 (void)line; 14794 WOLFSSL_MSG("Not compiled in debug mode"); 14795 #else 14796 WOLFSSL_ERROR_LINE(err, wolfSSL_ERR_sys_func(fun), (unsigned int)line, 14797 file, NULL); 14798 #endif 14799 (void)lib; 14800 } 14801 14802 14803 /* Similar to wolfSSL_ERR_get_error_line but takes in a flags argument for 14804 * more flexability. 14805 * 14806 * file output pointer to file where error happened 14807 * line output to line number of error 14808 * data output data. Is a string if ERR_TXT_STRING flag is used 14809 * flags bit flag to adjust data output 14810 * 14811 * Returns the error value or 0 if no errors are in the queue 14812 */ 13756 14813 unsigned long wolfSSL_ERR_get_error_line_data(const char** file, int* line, 13757 14814 const char** data, int *flags) 13758 14815 { 13759 /* Not implemented */ 13760 (void)file; 13761 (void)line; 13762 (void)data; 13763 (void)flags; 13764 return 0; 13765 } 13766 13767 WOLFSSL_API pem_password_cb* wolfSSL_CTX_get_default_passwd_cb( 13768 WOLFSSL_CTX *ctx) 13769 { 13770 if (ctx == NULL || ctx->passwd_cb == NULL) { 13771 return NULL; 13772 } 13773 13774 return ctx->passwd_cb; 13775 } 13776 13777 13778 WOLFSSL_API void *wolfSSL_CTX_get_default_passwd_cb_userdata( 13779 WOLFSSL_CTX *ctx) 13780 { 13781 if (ctx == NULL) { 13782 return NULL; 13783 } 13784 13785 return ctx->userdata; 14816 int ret; 14817 14818 WOLFSSL_STUB("wolfSSL_ERR_get_error_line_data"); 14819 14820 if (flags != NULL) { 14821 if ((*flags & ERR_TXT_STRING) == ERR_TXT_STRING) { 14822 ret = wc_PullErrorNode(file, data, line); 14823 if (ret < 0) { 14824 if (ret == BAD_STATE_E) return 0; /* no errors in queue */ 14825 WOLFSSL_MSG("Error with pulling error node!"); 14826 WOLFSSL_LEAVE("wolfSSL_ERR_get_error_line_data", ret); 14827 ret = 0 - ret; /* return absolute value of error */ 14828 14829 /* panic and try to clear out nodes */ 14830 wc_ClearErrorNodes(); 14831 } 14832 14833 return (unsigned long)ret; 14834 } 14835 } 14836 14837 ret = wc_PullErrorNode(file, NULL, line); 14838 if (ret < 0) { 14839 if (ret == BAD_STATE_E) return 0; /* no errors in queue */ 14840 WOLFSSL_MSG("Error with pulling error node!"); 14841 WOLFSSL_LEAVE("wolfSSL_ERR_get_error_line_data", ret); 14842 ret = 0 - ret; /* return absolute value of error */ 14843 14844 /* panic and try to clear out nodes */ 14845 wc_ClearErrorNodes(); 14846 } 14847 14848 return (unsigned long)ret; 13786 14849 } 13787 14850 … … 13789 14852 13790 14853 13791 #if defined(KEEP_PEER_CERT)13792 #ifdef SESSION_CERTS14854 #if (defined(KEEP_PEER_CERT) && defined(SESSION_CERTS)) || \ 14855 (defined(OPENSSL_ALL) && defined(HAVE_PKCS7)) 13793 14856 /* Decode the X509 DER encoded certificate into a WOLFSSL_X509 object. 13794 14857 * … … 13828 14891 return ret; 13829 14892 } 13830 #endif 13831 13832 14893 #endif /* (KEEP_PEER_CERT && SESSION_CERTS) || (OPENSSL_ALL && HAVE_PKCS7) */ 14894 14895 14896 #ifdef KEEP_PEER_CERT 13833 14897 WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl) 13834 14898 { 13835 14899 WOLFSSL_ENTER("SSL_get_peer_certificate"); 14900 if (ssl == NULL) 14901 return NULL; 14902 13836 14903 if (ssl->peerCert.issuer.sz) 13837 14904 return &ssl->peerCert; … … 13851 14918 13852 14919 #ifndef NO_CERTS 13853 #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || defined(OPENSSL_EXTRA) 14920 #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \ 14921 defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 13854 14922 13855 14923 /* user externally called free X509, if dynamic go ahead with free, otherwise … … 13868 14936 } 13869 14937 13870 #endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSSL_EXTRA */ 13871 13872 #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) 13873 13874 void wolfSSL_FreeX509(WOLFSSL_X509* x509) 14938 /* Frees an external WOLFSSL_X509 structure */ 14939 void wolfSSL_X509_free(WOLFSSL_X509* x509) 13875 14940 { 13876 14941 WOLFSSL_ENTER("wolfSSL_FreeX509"); … … 13878 14943 } 13879 14944 14945 14946 /* copy name into in buffer, at most sz bytes, if buffer is null will 14947 malloc buffer, call responsible for freeing */ 14948 char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz) 14949 { 14950 int copySz; 14951 14952 if (name == NULL) { 14953 WOLFSSL_MSG("WOLFSSL_X509_NAME pointer was NULL"); 14954 return NULL; 14955 } 14956 14957 copySz = min(sz, name->sz); 14958 14959 WOLFSSL_ENTER("wolfSSL_X509_NAME_oneline"); 14960 if (!name->sz) return in; 14961 14962 if (!in) { 14963 #ifdef WOLFSSL_STATIC_MEMORY 14964 WOLFSSL_MSG("Using static memory -- please pass in a buffer"); 14965 return NULL; 14966 #else 14967 in = (char*)XMALLOC(name->sz, NULL, DYNAMIC_TYPE_OPENSSL); 14968 if (!in ) return in; 14969 copySz = name->sz; 14970 #endif 14971 } 14972 14973 if (copySz <= 0) 14974 return in; 14975 14976 XMEMCPY(in, name->name, copySz - 1); 14977 in[copySz - 1] = 0; 14978 14979 return in; 14980 } 14981 14982 14983 /* Wraps wolfSSL_X509_d2i 14984 * 14985 * returns a WOLFSSL_X509 structure pointer on success and NULL on fail 14986 */ 14987 WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509, const unsigned char** in, 14988 int len) 14989 { 14990 return wolfSSL_X509_d2i(x509, *in, len); 14991 } 14992 14993 14994 WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const byte* in, int len) 14995 { 14996 WOLFSSL_X509 *newX509 = NULL; 14997 14998 WOLFSSL_ENTER("wolfSSL_X509_d2i"); 14999 15000 if (in != NULL && len != 0) { 15001 #ifdef WOLFSSL_SMALL_STACK 15002 DecodedCert* cert = NULL; 15003 #else 15004 DecodedCert cert[1]; 15005 #endif 15006 15007 #ifdef WOLFSSL_SMALL_STACK 15008 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, 15009 DYNAMIC_TYPE_DCERT); 15010 if (cert == NULL) 15011 return NULL; 15012 #endif 15013 15014 InitDecodedCert(cert, (byte*)in, len, NULL); 15015 if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0) { 15016 newX509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL, 15017 DYNAMIC_TYPE_X509); 15018 if (newX509 != NULL) { 15019 InitX509(newX509, 1, NULL); 15020 if (CopyDecodedToX509(newX509, cert) != 0) { 15021 wolfSSL_X509_free(newX509); 15022 newX509 = NULL; 15023 } 15024 } 15025 } 15026 FreeDecodedCert(cert); 15027 #ifdef WOLFSSL_SMALL_STACK 15028 XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); 15029 #endif 15030 } 15031 15032 if (x509 != NULL) 15033 *x509 = newX509; 15034 15035 return newX509; 15036 } 15037 #endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSL_EXTRA || 15038 OPENSSL_EXTRA_X509_SMALL */ 15039 15040 #if defined(OPENSSL_ALL) || defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) 13880 15041 /* return the next, if any, altname from the peer cert */ 13881 15042 char* wolfSSL_X509_get_next_altname(WOLFSSL_X509* cert) … … 13899 15060 13900 15061 13901 WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert)13902 {13903 WOLFSSL_ENTER("X509_get_issuer_name");13904 if (cert && cert->issuer.sz != 0)13905 return &cert->issuer;13906 return NULL;13907 }13908 13909 13910 WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert)13911 {13912 WOLFSSL_ENTER("wolfSSL_X509_get_subject_name");13913 if (cert && cert->subject.sz != 0)13914 return &cert->subject;13915 return NULL;13916 }13917 13918 13919 15062 int wolfSSL_X509_get_isCA(WOLFSSL_X509* x509) 13920 15063 { … … 13930 15073 return isCA; 13931 15074 } 13932 13933 13934 #ifdef OPENSSL_EXTRA13935 int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509* x509, int nid)13936 {13937 int isSet = 0;13938 13939 WOLFSSL_ENTER("wolfSSL_X509_ext_isSet_by_NID");13940 13941 if (x509 != NULL) {13942 switch (nid) {13943 case BASIC_CA_OID: isSet = x509->basicConstSet; break;13944 case ALT_NAMES_OID: isSet = x509->subjAltNameSet; break;13945 case AUTH_KEY_OID: isSet = x509->authKeyIdSet; break;13946 case SUBJ_KEY_OID: isSet = x509->subjKeyIdSet; break;13947 case KEY_USAGE_OID: isSet = x509->keyUsageSet; break;13948 #ifdef WOLFSSL_SEP13949 case CERT_POLICY_OID: isSet = x509->certPolicySet; break;13950 #endif /* WOLFSSL_SEP */13951 }13952 }13953 13954 WOLFSSL_LEAVE("wolfSSL_X509_ext_isSet_by_NID", isSet);13955 13956 return isSet;13957 }13958 13959 13960 int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509* x509, int nid)13961 {13962 int crit = 0;13963 13964 WOLFSSL_ENTER("wolfSSL_X509_ext_get_critical_by_NID");13965 13966 if (x509 != NULL) {13967 switch (nid) {13968 case BASIC_CA_OID: crit = x509->basicConstCrit; break;13969 case ALT_NAMES_OID: crit = x509->subjAltNameCrit; break;13970 case AUTH_KEY_OID: crit = x509->authKeyIdCrit; break;13971 case SUBJ_KEY_OID: crit = x509->subjKeyIdCrit; break;13972 case KEY_USAGE_OID: crit = x509->keyUsageCrit; break;13973 #ifdef WOLFSSL_SEP13974 case CERT_POLICY_OID: crit = x509->certPolicyCrit; break;13975 #endif /* WOLFSSL_SEP */13976 }13977 }13978 13979 WOLFSSL_LEAVE("wolfSSL_X509_ext_get_critical_by_NID", crit);13980 13981 return crit;13982 }13983 13984 13985 int wolfSSL_X509_get_isSet_pathLength(WOLFSSL_X509* x509)13986 {13987 int isSet = 0;13988 13989 WOLFSSL_ENTER("wolfSSL_X509_get_isSet_pathLength");13990 13991 if (x509 != NULL)13992 isSet = x509->basicConstPlSet;13993 13994 WOLFSSL_LEAVE("wolfSSL_X509_get_isSet_pathLength", isSet);13995 13996 return isSet;13997 }13998 13999 14000 word32 wolfSSL_X509_get_pathLength(WOLFSSL_X509* x509)14001 {14002 word32 pathLength = 0;14003 14004 WOLFSSL_ENTER("wolfSSL_X509_get_pathLength");14005 14006 if (x509 != NULL)14007 pathLength = x509->pathLength;14008 14009 WOLFSSL_LEAVE("wolfSSL_X509_get_pathLength", pathLength);14010 14011 return pathLength;14012 }14013 14014 14015 unsigned int wolfSSL_X509_get_keyUsage(WOLFSSL_X509* x509)14016 {14017 word16 usage = 0;14018 14019 WOLFSSL_ENTER("wolfSSL_X509_get_keyUsage");14020 14021 if (x509 != NULL)14022 usage = x509->keyUsage;14023 14024 WOLFSSL_LEAVE("wolfSSL_X509_get_keyUsage", usage);14025 14026 return usage;14027 }14028 14029 14030 byte* wolfSSL_X509_get_authorityKeyID(WOLFSSL_X509* x509,14031 byte* dst, int* dstLen)14032 {14033 byte *id = NULL;14034 int copySz = 0;14035 14036 WOLFSSL_ENTER("wolfSSL_X509_get_authorityKeyID");14037 14038 if (x509 != NULL) {14039 if (x509->authKeyIdSet) {14040 copySz = min(dstLen != NULL ? *dstLen : 0,14041 (int)x509->authKeyIdSz);14042 id = x509->authKeyId;14043 }14044 14045 if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) {14046 XMEMCPY(dst, id, copySz);14047 id = dst;14048 *dstLen = copySz;14049 }14050 }14051 14052 WOLFSSL_LEAVE("wolfSSL_X509_get_authorityKeyID", copySz);14053 14054 return id;14055 }14056 14057 14058 byte* wolfSSL_X509_get_subjectKeyID(WOLFSSL_X509* x509,14059 byte* dst, int* dstLen)14060 {14061 byte *id = NULL;14062 int copySz = 0;14063 14064 WOLFSSL_ENTER("wolfSSL_X509_get_subjectKeyID");14065 14066 if (x509 != NULL) {14067 if (x509->subjKeyIdSet) {14068 copySz = min(dstLen != NULL ? *dstLen : 0,14069 (int)x509->subjKeyIdSz);14070 id = x509->subjKeyId;14071 }14072 14073 if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) {14074 XMEMCPY(dst, id, copySz);14075 id = dst;14076 *dstLen = copySz;14077 }14078 }14079 14080 WOLFSSL_LEAVE("wolfSSL_X509_get_subjectKeyID", copySz);14081 14082 return id;14083 }14084 14085 14086 int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME* name)14087 {14088 int count = 0;14089 14090 WOLFSSL_ENTER("wolfSSL_X509_NAME_entry_count");14091 14092 if (name != NULL)14093 count = name->fullName.entryCount;14094 14095 WOLFSSL_LEAVE("wolfSSL_X509_NAME_entry_count", count);14096 return count;14097 }14098 14099 14100 /* Used to get a string from the WOLFSSL_X509_NAME structure that14101 * corresponds with the NID value passed in.14102 *14103 * name structure to get string from14104 * nid NID value to search for14105 * buf [out] buffer to hold results. If NULL then the buffer size minus the14106 * null char is returned.14107 * len size of "buf" passed in14108 *14109 * returns the length of string found, not including the NULL terminator.14110 * It's possible the function could return a negative value in the14111 * case that len is less than or equal to 0. A negative value is14112 * considered an error case.14113 */14114 int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name,14115 int nid, char* buf, int len)14116 {14117 char *text = NULL;14118 int textSz = 0;14119 14120 WOLFSSL_ENTER("wolfSSL_X509_NAME_get_text_by_NID");14121 14122 switch (nid) {14123 case ASN_COMMON_NAME:14124 text = name->fullName.fullName + name->fullName.cnIdx;14125 textSz = name->fullName.cnLen;14126 break;14127 case ASN_SUR_NAME:14128 text = name->fullName.fullName + name->fullName.snIdx;14129 textSz = name->fullName.snLen;14130 break;14131 case ASN_SERIAL_NUMBER:14132 text = name->fullName.fullName + name->fullName.serialIdx;14133 textSz = name->fullName.serialLen;14134 break;14135 case ASN_COUNTRY_NAME:14136 text = name->fullName.fullName + name->fullName.cIdx;14137 textSz = name->fullName.cLen;14138 break;14139 case ASN_LOCALITY_NAME:14140 text = name->fullName.fullName + name->fullName.lIdx;14141 textSz = name->fullName.lLen;14142 break;14143 case ASN_STATE_NAME:14144 text = name->fullName.fullName + name->fullName.stIdx;14145 textSz = name->fullName.stLen;14146 break;14147 case ASN_ORG_NAME:14148 text = name->fullName.fullName + name->fullName.oIdx;14149 textSz = name->fullName.oLen;14150 break;14151 case ASN_ORGUNIT_NAME:14152 text = name->fullName.fullName + name->fullName.ouIdx;14153 textSz = name->fullName.ouLen;14154 break;14155 default:14156 WOLFSSL_MSG("Unknown NID value");14157 return -1;14158 }14159 14160 /* if buf is NULL return size of buffer needed (minus null char) */14161 if (buf == NULL) {14162 return textSz;14163 }14164 14165 if (buf != NULL && text != NULL) {14166 textSz = min(textSz + 1, len); /* + 1 to account for null char */14167 if (textSz > 0) {14168 XMEMCPY(buf, text, textSz - 1);14169 buf[textSz - 1] = '\0';14170 }14171 }14172 14173 WOLFSSL_LEAVE("wolfSSL_X509_NAME_get_text_by_NID", textSz);14174 return (textSz - 1); /* do not include null character in size */14175 }14176 14177 int wolfSSL_X509_NAME_get_index_by_NID(WOLFSSL_X509_NAME* name,14178 int nid, int pos)14179 {14180 int ret = -1;14181 14182 WOLFSSL_ENTER("wolfSSL_X509_NAME_get_index_by_NID");14183 14184 if (name == NULL) {14185 return BAD_FUNC_ARG;14186 }14187 14188 /* these index values are already stored in DecodedName14189 use those when available */14190 if (name->fullName.fullName && name->fullName.fullNameLen > 0) {14191 switch (nid) {14192 case ASN_COMMON_NAME:14193 if (pos != name->fullName.cnIdx)14194 ret = name->fullName.cnIdx;14195 break;14196 default:14197 WOLFSSL_MSG("NID not yet implemented");14198 break;14199 }14200 }14201 14202 WOLFSSL_LEAVE("wolfSSL_X509_NAME_get_index_by_NID", ret);14203 14204 (void)pos;14205 (void)nid;14206 14207 return ret;14208 }14209 14210 14211 WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(14212 WOLFSSL_X509_NAME_ENTRY* in)14213 {14214 WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_data");14215 return in->value;14216 }14217 14218 14219 char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn)14220 {14221 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data");14222 14223 if (asn) {14224 return asn->data;14225 }14226 else {14227 return NULL;14228 }14229 }14230 14231 14232 int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING* asn)14233 {14234 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_length");14235 14236 if (asn) {14237 return asn->length;14238 }14239 else {14240 return 0;14241 }14242 }14243 #endif14244 14245 14246 /* copy name into in buffer, at most sz bytes, if buffer is null will14247 malloc buffer, call responsible for freeing */14248 char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz)14249 {14250 int copySz;14251 14252 if (name == NULL) {14253 WOLFSSL_MSG("WOLFSSL_X509_NAME pointer was NULL");14254 return NULL;14255 }14256 14257 copySz = min(sz, name->sz);14258 14259 WOLFSSL_ENTER("wolfSSL_X509_NAME_oneline");14260 if (!name->sz) return in;14261 14262 if (!in) {14263 #ifdef WOLFSSL_STATIC_MEMORY14264 WOLFSSL_MSG("Using static memory -- please pass in a buffer");14265 return NULL;14266 #else14267 in = (char*)XMALLOC(name->sz, NULL, DYNAMIC_TYPE_OPENSSL);14268 if (!in ) return in;14269 copySz = name->sz;14270 #endif14271 }14272 14273 if (copySz <= 0)14274 return in;14275 14276 XMEMCPY(in, name->name, copySz - 1);14277 in[copySz - 1] = 0;14278 14279 return in;14280 }14281 14282 14283 int wolfSSL_X509_get_signature_type(WOLFSSL_X509* x509)14284 {14285 int type = 0;14286 14287 WOLFSSL_ENTER("wolfSSL_X509_get_signature_type");14288 14289 if (x509 != NULL)14290 type = x509->sigOID;14291 14292 return type;14293 }14294 14295 15075 14296 15076 int wolfSSL_X509_get_signature(WOLFSSL_X509* x509, … … 14331 15111 WOLFSSL_ENTER("wolfSSL_X509_get_der"); 14332 15112 14333 if (x509 == NULL || outSz == NULL)15113 if (x509 == NULL || x509->derCert == NULL || outSz == NULL) 14334 15114 return NULL; 14335 15115 … … 14358 15138 14359 15139 return x509->notBefore; 14360 }15140 } 14361 15141 14362 15142 … … 14378 15158 *inOutSz. Requires inOutSz be non-null */ 14379 15159 byte* wolfSSL_X509_get_device_type(WOLFSSL_X509* x509, byte* in, int *inOutSz) 14380 {15160 { 14381 15161 int copySz; 14382 15162 … … 14396 15176 copySz = x509->deviceTypeSz; 14397 15177 #endif 14398 }15178 } 14399 15179 14400 15180 XMEMCPY(in, x509->deviceType, copySz); … … 14402 15182 14403 15183 return in; 14404 }15184 } 14405 15185 14406 15186 14407 15187 byte* wolfSSL_X509_get_hw_type(WOLFSSL_X509* x509, byte* in, int* inOutSz) 14408 {15188 { 14409 15189 int copySz; 14410 15190 … … 14435 15215 byte* wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509* x509,byte* in, 14436 15216 int* inOutSz) 14437 {15217 { 14438 15218 int copySz; 14439 15219 … … 14453 15233 copySz = x509->hwSerialNumSz; 14454 15234 #endif 14455 }15235 } 14456 15236 14457 15237 XMEMCPY(in, x509->hwSerialNum, copySz); … … 14459 15239 14460 15240 return in; 14461 }15241 } 14462 15242 14463 15243 #endif /* WOLFSSL_SEP */ … … 14472 15252 if (sk == NULL || x509 == NULL) { 14473 15253 return WOLFSSL_FAILURE; 14474 }15254 } 14475 15255 14476 15256 /* no previous values in stack */ … … 14479 15259 sk->num += 1; 14480 15260 return WOLFSSL_SUCCESS; 14481 }15261 } 14482 15262 14483 15263 /* stack already has value(s) create a new node and add more */ … … 14498 15278 14499 15279 return WOLFSSL_SUCCESS; 14500 }15280 } 14501 15281 14502 15282 … … 14506 15286 14507 15287 if (sk == NULL) { 14508 return NULL;14509 }15288 return NULL; 15289 } 14510 15290 14511 15291 node = sk->next; … … 14516 15296 sk->next = node->next; 14517 15297 XFREE(node, NULL, DYNAMIC_TYPE_X509); 14518 }15298 } 14519 15299 else { /* last x509 in stack */ 14520 15300 sk->data.x509 = NULL; 14521 }15301 } 14522 15302 14523 15303 if (sk->num > 0) { … … 14526 15306 14527 15307 return x509; 14528 } 14529 14530 14531 /* free structure for x509 stack */ 14532 void wolfSSL_sk_X509_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk) { 15308 } 15309 15310 15311 /* Getter function for WOLFSSL_X509_NAME pointer 15312 * 15313 * sk is the stack to retrieve pointer from 15314 * i is the index value in stack 15315 * 15316 * returns a pointer to a WOLFSSL_X509_NAME structure on success and NULL on 15317 * fail 15318 */ 15319 void* wolfSSL_sk_X509_NAME_value(const STACK_OF(WOLFSSL_X509_NAME)* sk, int i) 15320 { 15321 WOLFSSL_ENTER("wolfSSL_sk_X509_NAME_value"); 15322 15323 for (; sk != NULL && i > 0; i--) 15324 sk = sk->next; 15325 15326 if (i != 0 || sk == NULL) 15327 return NULL; 15328 return sk->data.name; 15329 } 15330 15331 15332 /* Getter function for WOLFSSL_X509 pointer 15333 * 15334 * sk is the stack to retrieve pointer from 15335 * i is the index value in stack 15336 * 15337 * returns a pointer to a WOLFSSL_X509 structure on success and NULL on 15338 * fail 15339 */ 15340 void* wolfSSL_sk_X509_value(STACK_OF(WOLFSSL_X509)* sk, int i) 15341 { 15342 WOLFSSL_ENTER("wolfSSL_sk_X509_value"); 15343 15344 for (; sk != NULL && i > 0; i--) 15345 sk = sk->next; 15346 15347 if (i != 0 || sk == NULL) 15348 return NULL; 15349 return sk->data.x509; 15350 } 15351 15352 15353 /* Free's all nodes in X509 stack. This is different then wolfSSL_sk_X509_free 15354 * in that it allows for choosing the function to use when freeing an X509s. 15355 * 15356 * sk stack to free nodes in 15357 * f X509 free function 15358 */ 15359 void wolfSSL_sk_X509_pop_free(STACK_OF(WOLFSSL_X509)* sk, void f (WOLFSSL_X509*)){ 14533 15360 WOLFSSL_STACK* node; 15361 15362 WOLFSSL_ENTER("wolfSSL_sk_X509_pop_free"); 14534 15363 14535 15364 if (sk == NULL) { … … 14543 15372 node = node->next; 14544 15373 14545 wolfSSL_X509_free(tmp->data.x509);15374 f(tmp->data.x509); 14546 15375 XFREE(tmp, NULL, DYNAMIC_TYPE_X509); 14547 15376 sk->num -= 1; … … 14550 15379 /* free head of stack */ 14551 15380 if (sk->num == 1) { 14552 wolfSSL_X509_free(sk->data.x509);15381 f(sk->data.x509); 14553 15382 } 14554 15383 XFREE(sk, NULL, DYNAMIC_TYPE_X509); 14555 } 15384 } 15385 15386 15387 /* free structure for x509 stack */ 15388 void wolfSSL_sk_X509_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk) { 15389 WOLFSSL_STACK* node; 15390 15391 if (sk == NULL) { 15392 return; 15393 } 15394 15395 /* parse through stack freeing each node */ 15396 node = sk->next; 15397 while (sk->num > 1) { 15398 WOLFSSL_STACK* tmp = node; 15399 node = node->next; 15400 15401 wolfSSL_X509_free(tmp->data.x509); 15402 tmp->data.x509 = NULL; 15403 XFREE(tmp, NULL, DYNAMIC_TYPE_X509); 15404 sk->num -= 1; 15405 } 15406 15407 /* free head of stack */ 15408 if (sk->num == 1) { 15409 wolfSSL_X509_free(sk->data.x509); 15410 sk->data.x509 = NULL; 15411 } 15412 XFREE(sk, NULL, DYNAMIC_TYPE_X509); 15413 } 15414 14556 15415 #endif /* NO_CERTS && OPENSSL_EXTRA */ 14557 15416 14558 WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const byte* in, int len) 14559 { 14560 WOLFSSL_X509 *newX509 = NULL; 14561 14562 WOLFSSL_ENTER("wolfSSL_X509_d2i"); 14563 14564 if (in != NULL && len != 0) { 14565 #ifdef WOLFSSL_SMALL_STACK 14566 DecodedCert* cert = NULL; 14567 #else 14568 DecodedCert cert[1]; 14569 #endif 14570 14571 #ifdef WOLFSSL_SMALL_STACK 14572 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, 14573 DYNAMIC_TYPE_DCERT); 14574 if (cert == NULL) 15417 #ifdef OPENSSL_EXTRA 15418 15419 /* Returns the general name at index i from the stack 15420 * 15421 * sk stack to get general name from 15422 * i index to get 15423 * 15424 * return a pointer to the internal node of the stack 15425 */ 15426 WOLFSSL_ASN1_OBJECT* wolfSSL_sk_GENERAL_NAME_value(WOLFSSL_STACK* sk, int i) 15427 { 15428 WOLFSSL_STACK* cur; 15429 int j; 15430 15431 WOLFSSL_ENTER("wolfSSL_sk_GENERAL_NAME_value"); 15432 15433 if (i < 0 || sk == NULL) { 15434 return NULL; 15435 } 15436 15437 cur = sk; 15438 for (j = 0; j < i && cur != NULL; j++) { 15439 cur = cur->next; 15440 } 15441 15442 if (cur == NULL) { 14575 15443 return NULL; 14576 #endif 14577 14578 InitDecodedCert(cert, (byte*)in, len, NULL); 14579 if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0) { 14580 newX509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL, 14581 DYNAMIC_TYPE_X509); 14582 if (newX509 != NULL) { 14583 InitX509(newX509, 1, NULL); 14584 if (CopyDecodedToX509(newX509, cert) != 0) { 14585 XFREE(newX509, NULL, DYNAMIC_TYPE_X509); 14586 newX509 = NULL; 14587 } 14588 } 14589 } 14590 FreeDecodedCert(cert); 14591 #ifdef WOLFSSL_SMALL_STACK 14592 XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); 14593 #endif 14594 } 14595 14596 if (x509 != NULL) 14597 *x509 = newX509; 14598 14599 return newX509; 14600 } 14601 15444 } 15445 15446 return cur->data.obj; 15447 } 15448 15449 15450 /* Gets the number of nodes in the stack 15451 * 15452 * sk stack to get the number of nodes from 15453 * 15454 * returns the number of nodes, -1 if no nodes 15455 */ 15456 int wolfSSL_sk_GENERAL_NAME_num(WOLFSSL_STACK* sk) 15457 { 15458 WOLFSSL_ENTER("wolfSSL_sk_GENERAL_NAME_num"); 15459 15460 if (sk == NULL) { 15461 return -1; 15462 } 15463 15464 return (int)sk->num; 15465 } 15466 15467 /* Frees all nodes in a GENERAL NAME stack 15468 * 15469 * sk stack of nodes to free 15470 * f free function to use, not called with wolfSSL 15471 */ 15472 void wolfSSL_sk_GENERAL_NAME_pop_free(WOLFSSL_STACK* sk, 15473 void f (WOLFSSL_ASN1_OBJECT*)) 15474 { 15475 WOLFSSL_STACK* node; 15476 15477 WOLFSSL_ENTER("wolfSSL_sk_GENERAL_NAME_pop_free"); 15478 15479 (void)f; 15480 if (sk == NULL) { 15481 return; 15482 } 15483 15484 /* parse through stack freeing each node */ 15485 node = sk->next; 15486 while (sk->num > 1) { 15487 WOLFSSL_STACK* tmp = node; 15488 node = node->next; 15489 15490 wolfSSL_ASN1_OBJECT_free(tmp->data.obj); 15491 XFREE(tmp, NULL, DYNAMIC_TYPE_ASN1); 15492 sk->num -= 1; 15493 } 15494 15495 /* free head of stack */ 15496 if (sk->num == 1) { 15497 wolfSSL_ASN1_OBJECT_free(sk->data.obj); 15498 } 15499 XFREE(sk, NULL, DYNAMIC_TYPE_ASN1); 15500 15501 15502 } 15503 #endif /* OPENSSL_EXTRA */ 14602 15504 14603 15505 #ifndef NO_FILESYSTEM … … 14615 15517 long sz = 0; 14616 15518 14617 XFSEEK(file, 0, XSEEK_END); 15519 if(XFSEEK(file, 0, XSEEK_END) != 0) 15520 return NULL; 14618 15521 sz = XFTELL(file); 14619 15522 XREWIND(file); … … 14621 15524 if (sz < 0) { 14622 15525 WOLFSSL_MSG("Bad tell on FILE"); 14623 14624 15526 return NULL; 15527 } 14625 15528 14626 15529 fileBuffer = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE); … … 14666 15569 return NULL; 14667 15570 14668 XFSEEK(file, 0, XSEEK_END); 15571 if(XFSEEK(file, 0, XSEEK_END) != 0){ 15572 XFCLOSE(file); 15573 return NULL; 15574 } 14669 15575 sz = XFTELL(file); 14670 15576 XREWIND(file); … … 14681 15587 XFCLOSE(file); 14682 15588 return NULL; 14683 15589 } 14684 15590 14685 15591 ret = (int)XFREAD(fileBuffer, 1, sz, file); … … 14699 15605 14700 15606 return x509; 14701 }15607 } 14702 15608 14703 15609 #endif /* NO_FILESYSTEM */ … … 14714 15620 14715 15621 if (format == WOLFSSL_FILETYPE_PEM) { 14716 int ecc = 0; 14717 #ifdef WOLFSSL_SMALL_STACK 14718 EncryptedInfo* info = NULL; 15622 #ifdef WOLFSSL_PEM_TO_DER 15623 if (PemToDer(buf, sz, CERT_TYPE, &der, NULL, NULL, NULL) != 0) { 15624 FreeDer(&der); 15625 } 14719 15626 #else 14720 EncryptedInfo info[1]; 14721 #endif 14722 14723 #ifdef WOLFSSL_SMALL_STACK 14724 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL, 14725 DYNAMIC_TYPE_ENCRYPTEDINFO); 14726 if (info == NULL) { 14727 return NULL; 14728 } 14729 #endif 14730 14731 info->set = 0; 14732 info->ctx = NULL; 14733 info->consumed = 0; 14734 14735 if (PemToDer(buf, sz, CERT_TYPE, &der, NULL, info, &ecc) != 0) { 14736 FreeDer(&der); 14737 } 14738 14739 #ifdef WOLFSSL_SMALL_STACK 14740 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); 15627 ret = NOT_COMPILED_IN; 14741 15628 #endif 14742 15629 } … … 14770 15657 InitX509(x509, 1, NULL); 14771 15658 if (CopyDecodedToX509(x509, cert) != 0) { 14772 XFREE(x509, NULL, DYNAMIC_TYPE_X509);15659 wolfSSL_X509_free(x509); 14773 15660 x509 = NULL; 14774 15661 } … … 14805 15692 return NULL; 14806 15693 } 15694 #ifndef WOLFSSL_X509_STORE_CERTS 14807 15695 ssl->ourCert = wolfSSL_X509_d2i(NULL, 14808 15696 ssl->buffers.certificate->buffer, 14809 15697 ssl->buffers.certificate->length); 15698 #endif 14810 15699 } 14811 15700 return ssl->ourCert; … … 14818 15707 return NULL; 14819 15708 } 15709 #ifndef WOLFSSL_X509_STORE_CERTS 14820 15710 ssl->ctx->ourCert = wolfSSL_X509_d2i(NULL, 14821 15711 ssl->ctx->certificate->buffer, 14822 15712 ssl->ctx->certificate->length); 15713 #endif 14823 15714 ssl->ctx->ownOurCert = 1; 14824 15715 } … … 14833 15724 14834 15725 15726 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 15727 #ifndef NO_ASN 15728 void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj) 15729 { 15730 if (obj == NULL) { 15731 return; 15732 } 15733 15734 if ((obj->obj != NULL) && ((obj->dynamic & WOLFSSL_ASN1_DYNAMIC_DATA) != 0)) { 15735 WOLFSSL_MSG("Freeing ASN1 data"); 15736 XFREE((void*)obj->obj, obj->heap, DYNAMIC_TYPE_ASN1); 15737 obj->obj = NULL; 15738 15739 } 15740 if ((obj->dynamic & WOLFSSL_ASN1_DYNAMIC) != 0) { 15741 WOLFSSL_MSG("Freeing ASN1 OBJECT"); 15742 XFREE(obj, NULL, DYNAMIC_TYPE_ASN1); 15743 } 15744 } 15745 #endif /* NO_ASN */ 15746 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 15747 14835 15748 #ifdef OPENSSL_EXTRA 15749 #ifndef NO_ASN 15750 WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void) 15751 { 15752 WOLFSSL_ASN1_OBJECT* obj; 15753 15754 obj = (WOLFSSL_ASN1_OBJECT*)XMALLOC(sizeof(WOLFSSL_ASN1_OBJECT), NULL, 15755 DYNAMIC_TYPE_ASN1); 15756 if (obj == NULL) { 15757 return NULL; 15758 } 15759 15760 XMEMSET(obj, 0, sizeof(WOLFSSL_ASN1_OBJECT)); 15761 obj->d.ia5 = &(obj->d.ia5_internal); 15762 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 15763 return obj; 15764 } 15765 #endif /* NO_ASN */ 15766 15767 14836 15768 /* return 1 on success 0 on fail */ 14837 15769 int wolfSSL_sk_ASN1_OBJECT_push(WOLF_STACK_OF(WOLFSSL_ASN1_OBJEXT)* sk, … … 14902 15834 14903 15835 #ifndef NO_ASN 14904 WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void)14905 {14906 WOLFSSL_ASN1_OBJECT* obj;14907 14908 obj = (WOLFSSL_ASN1_OBJECT*)XMALLOC(sizeof(WOLFSSL_ASN1_OBJECT), NULL,14909 DYNAMIC_TYPE_ASN1);14910 if (obj == NULL) {14911 return NULL;14912 }14913 14914 XMEMSET(obj, 0, sizeof(WOLFSSL_ASN1_OBJECT));14915 return obj;14916 }14917 14918 14919 void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj)14920 {14921 if (obj == NULL) {14922 return;14923 }14924 14925 if (obj->dynamic == 1) {14926 if (obj->obj != NULL) {14927 WOLFSSL_MSG("Freeing ASN1 OBJECT data");14928 XFREE(obj->obj, obj->heap, DYNAMIC_TYPE_ASN1);14929 }14930 }14931 14932 XFREE(obj, NULL, DYNAMIC_TYPE_ASN1);14933 }14934 14935 14936 15836 /* free structure for x509 stack */ 14937 15837 void wolfSSL_sk_ASN1_OBJECT_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk) … … 14956 15856 /* free head of stack */ 14957 15857 if (sk->num == 1) { 14958 15858 wolfSSL_ASN1_OBJECT_free(sk->data.obj); 14959 15859 } 14960 15860 XFREE(sk, NULL, DYNAMIC_TYPE_ASN1); … … 14976 15876 #endif /* NO_ASN */ 14977 15877 14978 14979 int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id,14980 unsigned int len)14981 {14982 (void)ssl;14983 (void)id;14984 (void)len;14985 return 0;14986 }14987 14988 14989 15878 void wolfSSL_set_connect_state(WOLFSSL* ssl) 14990 15879 { 14991 word16 haveRSA = 1; 14992 word16 havePSK = 0; 14993 14994 if (ssl->options.side == WOLFSSL_SERVER_END) { 14995 ssl->options.side = WOLFSSL_CLIENT_END; 14996 14997 #ifdef NO_RSA 14998 haveRSA = 0; 14999 #endif 15000 #ifndef NO_PSK 15001 havePSK = ssl->options.havePSK; 15002 #endif 15003 InitSuites(ssl->suites, ssl->version, ssl->buffers.keySz, haveRSA, 15004 havePSK, ssl->options.haveDH, ssl->options.haveNTRU, 15005 ssl->options.haveECDSAsig, ssl->options.haveECC, 15006 ssl->options.haveStaticECC, ssl->options.side); 15007 } 15008 } 15009 #endif 15880 if (ssl == NULL) { 15881 WOLFSSL_MSG("WOLFSSL struct pointer passed in was null"); 15882 return; 15883 } 15884 15885 #ifndef NO_DH 15886 /* client creates its own DH parameters on handshake */ 15887 if (ssl->buffers.serverDH_P.buffer && ssl->buffers.weOwnDH) { 15888 XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, 15889 DYNAMIC_TYPE_PUBLIC_KEY); 15890 } 15891 ssl->buffers.serverDH_P.buffer = NULL; 15892 if (ssl->buffers.serverDH_G.buffer && ssl->buffers.weOwnDH) { 15893 XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, 15894 DYNAMIC_TYPE_PUBLIC_KEY); 15895 } 15896 ssl->buffers.serverDH_G.buffer = NULL; 15897 #endif 15898 15899 if (InitSSL_Side(ssl, WOLFSSL_CLIENT_END) != WOLFSSL_SUCCESS) { 15900 WOLFSSL_MSG("Error initializing client side"); 15901 } 15902 } 15903 #endif /* OPENSSL_EXTRA */ 15904 15010 15905 15011 15906 int wolfSSL_get_shutdown(const WOLFSSL* ssl) 15012 15907 { 15908 int isShutdown = 0; 15909 15013 15910 WOLFSSL_ENTER("wolfSSL_get_shutdown"); 15014 /* in OpenSSL, WOLFSSL_SENT_SHUTDOWN = 1, when closeNotifySent * 15015 * WOLFSSL_RECEIVED_SHUTDOWN = 2, from close notify or fatal err */ 15016 return ((ssl->options.closeNotify||ssl->options.connReset) << 1) 15017 | (ssl->options.sentNotify); 15018 } 15911 15912 if (ssl) { 15913 /* in OpenSSL, WOLFSSL_SENT_SHUTDOWN = 1, when closeNotifySent * 15914 * WOLFSSL_RECEIVED_SHUTDOWN = 2, from close notify or fatal err */ 15915 isShutdown = ((ssl->options.closeNotify||ssl->options.connReset) << 1) 15916 | (ssl->options.sentNotify); 15917 } 15918 return isShutdown; 15919 } 15019 15920 15020 15921 15021 15922 int wolfSSL_session_reused(WOLFSSL* ssl) 15022 15923 { 15023 return ssl->options.resuming; 15024 } 15025 15026 #ifdef OPENSSL_EXTRA 15924 int resuming = 0; 15925 if (ssl) 15926 resuming = ssl->options.resuming; 15927 return resuming; 15928 } 15929 15930 #if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE) 15027 15931 void wolfSSL_SESSION_free(WOLFSSL_SESSION* session) 15028 15932 { … … 15050 15954 if (ssl->version.major == SSLv3_MAJOR) { 15051 15955 switch (ssl->version.minor) { 15956 #ifndef NO_OLD_TLS 15957 #ifdef WOLFSSL_ALLOW_SSLV3 15052 15958 case SSLv3_MINOR : 15053 15959 return "SSLv3"; 15960 #endif 15961 #ifdef WOLFSSL_ALLOW_TLSV10 15054 15962 case TLSv1_MINOR : 15055 15963 return "TLSv1"; 15964 #endif 15056 15965 case TLSv1_1_MINOR : 15057 15966 return "TLSv1.1"; 15967 #endif 15058 15968 case TLSv1_2_MINOR : 15059 15969 return "TLSv1.2"; 15970 #ifdef WOLFSSL_TLS13 15060 15971 case TLSv1_3_MINOR : 15972 #ifdef WOLFSSL_TLS13_DRAFT 15973 #ifdef WOLFSSL_TLS13_DRAFT_18 15974 return "TLSv1.3 (Draft 18)"; 15975 #elif defined(WOLFSSL_TLS13_DRAFT_22) 15976 return "TLSv1.3 (Draft 22)"; 15977 #elif defined(WOLFSSL_TLS13_DRAFT_23) 15978 return "TLSv1.3 (Draft 23)"; 15979 #elif defined(WOLFSSL_TLS13_DRAFT_26) 15980 return "TLSv1.3 (Draft 26)"; 15981 #else 15982 return "TLSv1.3 (Draft 28)"; 15983 #endif 15984 #else 15061 15985 return "TLSv1.3"; 15986 #endif 15987 #endif 15062 15988 default: 15063 15989 return "unknown"; 15064 15990 } 15065 15991 } 15992 #ifdef WOLFSSL_DTLS 15066 15993 else if (ssl->version.major == DTLS_MAJOR) { 15067 15994 switch (ssl->version.minor) { … … 15074 16001 } 15075 16002 } 16003 #endif /* WOLFSSL_DTLS */ 15076 16004 return "unknown"; 15077 }16005 } 15078 16006 15079 16007 … … 15082 16010 { 15083 16011 return LIBWOLFSSL_VERSION_STRING; 15084 }16012 } 15085 16013 15086 16014 … … 15118 16046 } 15119 16047 15120 return wolfSSL_get_cipher_name_from_suite(cipher->ssl->options.cipherSuite, 15121 cipher->ssl->options.cipherSuite0); 16048 #ifndef WOLFSSL_CIPHER_INTERNALNAME 16049 return wolfSSL_get_cipher_name_iana(cipher->ssl); 16050 #else 16051 return wolfSSL_get_cipher_name_internal(cipher->ssl); 16052 #endif 15122 16053 } 15123 16054 … … 15125 16056 { 15126 16057 if (session == NULL) { 15127 return NULL;15128 }16058 return NULL; 16059 } 15129 16060 15130 16061 #ifdef SESSION_CERTS 15131 return wolfSSL_get_cipher_name_from_suite(session->cipherSuite, 15132 session->cipherSuite0); 16062 #ifndef WOLFSSL_CIPHER_INTERNALNAME 16063 return GetCipherNameIana(session->cipherSuite0, session->cipherSuite); 16064 #else 16065 if return GetCipherNameInternal(ession->cipherSuite0, session->cipherSuite); 16066 #endif 15133 16067 #else 15134 16068 return NULL; 15135 16069 #endif 15136 }16070 } 15137 16071 15138 16072 const char* wolfSSL_get_cipher(WOLFSSL* ssl) … … 15140 16074 WOLFSSL_ENTER("wolfSSL_get_cipher"); 15141 16075 return wolfSSL_CIPHER_get_name(wolfSSL_get_current_cipher(ssl)); 15142 }16076 } 15143 16077 15144 16078 /* gets cipher name in the format DHE-RSA-... rather then TLS_DHE... */ … … 15147 16081 /* get access to cipher_name_idx in internal.c */ 15148 16082 return wolfSSL_get_cipher_name_internal(ssl); 15149 } 16083 } 16084 16085 const char* wolfSSL_get_cipher_name_from_suite(const byte cipherSuite0, 16086 const byte cipherSuite) 16087 { 16088 return GetCipherNameInternal(cipherSuite0, cipherSuite); 16089 } 16090 15150 16091 15151 16092 #ifdef HAVE_ECC … … 15168 16109 return wc_ecc_get_name(wc_ecc_get_oid(ssl->ecdhCurveOID, NULL, NULL)); 15169 16110 } 15170 #endif 15171 15172 #ifdef OPENSSL_EXTRA 16111 #endif 16112 16113 16114 #if defined(OPENSSL_EXTRA_X509_SMALL) || defined(KEEP_PEER_CERT) || \ 16115 defined(SESSION_CERTS) 16116 /* Smaller subset of X509 compatibility functions. Avoid increasing the size of 16117 * this subset and its memory usage */ 16118 16119 #if !defined(NO_CERTS) 16120 /* returns a pointer to a new WOLFSSL_X509 structure on success and NULL on 16121 * fail 16122 */ 16123 WOLFSSL_X509* wolfSSL_X509_new(void) 16124 { 16125 WOLFSSL_X509* x509; 16126 16127 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL, 16128 DYNAMIC_TYPE_X509); 16129 if (x509 != NULL) { 16130 InitX509(x509, 1, NULL); 16131 } 16132 16133 return x509; 16134 } 16135 16136 WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert) 16137 { 16138 WOLFSSL_ENTER("wolfSSL_X509_get_subject_name"); 16139 if (cert && cert->subject.sz != 0) 16140 return &cert->subject; 16141 return NULL; 16142 } 16143 16144 16145 16146 WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert) 16147 { 16148 WOLFSSL_ENTER("X509_get_issuer_name"); 16149 if (cert && cert->issuer.sz != 0) 16150 return &cert->issuer; 16151 return NULL; 16152 } 16153 16154 16155 int wolfSSL_X509_get_signature_type(WOLFSSL_X509* x509) 16156 { 16157 int type = 0; 16158 16159 WOLFSSL_ENTER("wolfSSL_X509_get_signature_type"); 16160 16161 if (x509 != NULL) 16162 type = x509->sigOID; 16163 16164 return type; 16165 } 16166 16167 #if defined(OPENSSL_EXTRA_X509_SMALL) 16168 #ifdef HAVE_ECC 16169 static int SetECKeyExternal(WOLFSSL_EC_KEY* eckey); 16170 #endif 16171 16172 /* Used to get a string from the WOLFSSL_X509_NAME structure that 16173 * corresponds with the NID value passed in. 16174 * 16175 * name structure to get string from 16176 * nid NID value to search for 16177 * buf [out] buffer to hold results. If NULL then the buffer size minus the 16178 * null char is returned. 16179 * len size of "buf" passed in 16180 * 16181 * returns the length of string found, not including the NULL terminator. 16182 * It's possible the function could return a negative value in the 16183 * case that len is less than or equal to 0. A negative value is 16184 * considered an error case. 16185 */ 16186 int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, 16187 int nid, char* buf, int len) 16188 { 16189 char *text = NULL; 16190 int textSz = 0; 16191 16192 WOLFSSL_ENTER("wolfSSL_X509_NAME_get_text_by_NID"); 16193 16194 switch (nid) { 16195 case ASN_COMMON_NAME: 16196 text = name->fullName.fullName + name->fullName.cnIdx; 16197 textSz = name->fullName.cnLen; 16198 break; 16199 case ASN_SUR_NAME: 16200 text = name->fullName.fullName + name->fullName.snIdx; 16201 textSz = name->fullName.snLen; 16202 break; 16203 case ASN_SERIAL_NUMBER: 16204 text = name->fullName.fullName + name->fullName.serialIdx; 16205 textSz = name->fullName.serialLen; 16206 break; 16207 case ASN_COUNTRY_NAME: 16208 text = name->fullName.fullName + name->fullName.cIdx; 16209 textSz = name->fullName.cLen; 16210 break; 16211 case ASN_LOCALITY_NAME: 16212 text = name->fullName.fullName + name->fullName.lIdx; 16213 textSz = name->fullName.lLen; 16214 break; 16215 case ASN_STATE_NAME: 16216 text = name->fullName.fullName + name->fullName.stIdx; 16217 textSz = name->fullName.stLen; 16218 break; 16219 case ASN_ORG_NAME: 16220 text = name->fullName.fullName + name->fullName.oIdx; 16221 textSz = name->fullName.oLen; 16222 break; 16223 case ASN_ORGUNIT_NAME: 16224 text = name->fullName.fullName + name->fullName.ouIdx; 16225 textSz = name->fullName.ouLen; 16226 break; 16227 case ASN_DOMAIN_COMPONENT: 16228 text = name->fullName.fullName + name->fullName.dcIdx[0]; 16229 textSz = name->fullName.dcLen[0]; 16230 break; 16231 #ifdef WOLFSSL_CERT_EXT 16232 case ASN_BUS_CAT: 16233 text = name->fullName.fullName + name->fullName.bcIdx; 16234 textSz = name->fullName.bcLen; 16235 break; 16236 #endif 16237 default: 16238 WOLFSSL_MSG("Entry type not found"); 16239 return SSL_FATAL_ERROR; 16240 } 16241 16242 /* if buf is NULL return size of buffer needed (minus null char) */ 16243 if (buf == NULL) { 16244 return textSz; 16245 } 16246 16247 if (buf != NULL && text != NULL) { 16248 textSz = min(textSz + 1, len); /* + 1 to account for null char */ 16249 if (textSz > 0) { 16250 XMEMCPY(buf, text, textSz - 1); 16251 buf[textSz - 1] = '\0'; 16252 } 16253 } 16254 16255 WOLFSSL_LEAVE("wolfSSL_X509_NAME_get_text_by_NID", textSz); 16256 return (textSz - 1); /* do not include null character in size */ 16257 } 16258 16259 16260 /* Creates a new WOLFSSL_EVP_PKEY structure that has the public key from x509 16261 * 16262 * returns a pointer to the created WOLFSSL_EVP_PKEY on success and NULL on fail 16263 */ 16264 WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509) 16265 { 16266 WOLFSSL_EVP_PKEY* key = NULL; 16267 WOLFSSL_ENTER("X509_get_pubkey"); 16268 if (x509 != NULL) { 16269 key = (WOLFSSL_EVP_PKEY*)XMALLOC( 16270 sizeof(WOLFSSL_EVP_PKEY), x509->heap, 16271 DYNAMIC_TYPE_PUBLIC_KEY); 16272 if (key != NULL) { 16273 XMEMSET(key, 0, sizeof(WOLFSSL_EVP_PKEY)); 16274 if (x509->pubKeyOID == RSAk) { 16275 key->type = EVP_PKEY_RSA; 16276 } 16277 else { 16278 key->type = EVP_PKEY_EC; 16279 } 16280 key->save_type = 0; 16281 key->pkey.ptr = (char*)XMALLOC( 16282 x509->pubKey.length, x509->heap, 16283 DYNAMIC_TYPE_PUBLIC_KEY); 16284 if (key->pkey.ptr == NULL) { 16285 XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY); 16286 return NULL; 16287 } 16288 XMEMCPY(key->pkey.ptr, x509->pubKey.buffer, x509->pubKey.length); 16289 key->pkey_sz = x509->pubKey.length; 16290 16291 #ifdef HAVE_ECC 16292 key->pkey_curve = (int)x509->pkCurveOID; 16293 #endif /* HAVE_ECC */ 16294 16295 /* decode RSA key */ 16296 #ifndef NO_RSA 16297 if (key->type == EVP_PKEY_RSA) { 16298 key->ownRsa = 1; 16299 key->rsa = wolfSSL_RSA_new(); 16300 if (key->rsa == NULL) { 16301 XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY); 16302 return NULL; 16303 } 16304 16305 if (wolfSSL_RSA_LoadDer_ex(key->rsa, 16306 (const unsigned char*)key->pkey.ptr, key->pkey_sz, 16307 WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) { 16308 wolfSSL_RSA_free(key->rsa); 16309 key->rsa = NULL; 16310 XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY); 16311 return NULL; 16312 } 16313 } 16314 #endif /* NO_RSA */ 16315 16316 /* decode ECC key */ 16317 #ifdef HAVE_ECC 16318 if (key->type == EVP_PKEY_EC) { 16319 word32 idx = 0; 16320 16321 key->ownEcc = 1; 16322 key->ecc = wolfSSL_EC_KEY_new(); 16323 if (key->ecc == NULL || key->ecc->internal == NULL) { 16324 XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY); 16325 return NULL; 16326 } 16327 16328 /* not using wolfSSL_EC_KEY_LoadDer because public key in x509 16329 * is in the format of x963 (no sequence at start of buffer) */ 16330 if (wc_EccPublicKeyDecode((const unsigned char*)key->pkey.ptr, 16331 &idx, (ecc_key*)key->ecc->internal, key->pkey_sz) < 0) { 16332 WOLFSSL_MSG("wc_EccPublicKeyDecode failed"); 16333 XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY); 16334 wolfSSL_EC_KEY_free(key->ecc); 16335 key->ecc = NULL; 16336 return NULL; 16337 } 16338 16339 if (SetECKeyExternal(key->ecc) != SSL_SUCCESS) { 16340 WOLFSSL_MSG("SetECKeyExternal failed"); 16341 XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY); 16342 wolfSSL_EC_KEY_free(key->ecc); 16343 key->ecc = NULL; 16344 return NULL; 16345 } 16346 16347 key->ecc->inSet = 1; 16348 } 16349 #endif /* HAVE_ECC */ 16350 } 16351 } 16352 return key; 16353 } 16354 #endif /* OPENSSL_EXTRA_X509_SMALL */ 16355 #endif /* !NO_CERTS */ 16356 16357 /* End of smaller subset of X509 compatibility functions. Avoid increasing the 16358 * size of this subset and its memory usage */ 16359 #endif /* OPENSSL_EXTRA_X509_SMALL */ 16360 16361 #if defined(OPENSSL_EXTRA) 16362 #if !defined(NO_CERTS) 16363 int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509* x509, int nid) 16364 { 16365 int isSet = 0; 16366 16367 WOLFSSL_ENTER("wolfSSL_X509_ext_isSet_by_NID"); 16368 16369 if (x509 != NULL) { 16370 switch (nid) { 16371 case BASIC_CA_OID: isSet = x509->basicConstSet; break; 16372 case ALT_NAMES_OID: isSet = x509->subjAltNameSet; break; 16373 case AUTH_KEY_OID: isSet = x509->authKeyIdSet; break; 16374 case SUBJ_KEY_OID: isSet = x509->subjKeyIdSet; break; 16375 case KEY_USAGE_OID: isSet = x509->keyUsageSet; break; 16376 #ifdef WOLFSSL_SEP 16377 case CERT_POLICY_OID: isSet = x509->certPolicySet; break; 16378 #endif /* WOLFSSL_SEP */ 16379 } 16380 } 16381 16382 WOLFSSL_LEAVE("wolfSSL_X509_ext_isSet_by_NID", isSet); 16383 16384 return isSet; 16385 } 16386 16387 16388 int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509* x509, int nid) 16389 { 16390 int crit = 0; 16391 16392 WOLFSSL_ENTER("wolfSSL_X509_ext_get_critical_by_NID"); 16393 16394 if (x509 != NULL) { 16395 switch (nid) { 16396 case BASIC_CA_OID: crit = x509->basicConstCrit; break; 16397 case ALT_NAMES_OID: crit = x509->subjAltNameCrit; break; 16398 case AUTH_KEY_OID: crit = x509->authKeyIdCrit; break; 16399 case SUBJ_KEY_OID: crit = x509->subjKeyIdCrit; break; 16400 case KEY_USAGE_OID: crit = x509->keyUsageCrit; break; 16401 #ifdef WOLFSSL_SEP 16402 case CERT_POLICY_OID: crit = x509->certPolicyCrit; break; 16403 #endif /* WOLFSSL_SEP */ 16404 } 16405 } 16406 16407 WOLFSSL_LEAVE("wolfSSL_X509_ext_get_critical_by_NID", crit); 16408 16409 return crit; 16410 } 16411 16412 16413 int wolfSSL_X509_get_isSet_pathLength(WOLFSSL_X509* x509) 16414 { 16415 int isSet = 0; 16416 16417 WOLFSSL_ENTER("wolfSSL_X509_get_isSet_pathLength"); 16418 16419 if (x509 != NULL) 16420 isSet = x509->basicConstPlSet; 16421 16422 WOLFSSL_LEAVE("wolfSSL_X509_get_isSet_pathLength", isSet); 16423 16424 return isSet; 16425 } 16426 16427 16428 word32 wolfSSL_X509_get_pathLength(WOLFSSL_X509* x509) 16429 { 16430 word32 pathLength = 0; 16431 16432 WOLFSSL_ENTER("wolfSSL_X509_get_pathLength"); 16433 16434 if (x509 != NULL) 16435 pathLength = x509->pathLength; 16436 16437 WOLFSSL_LEAVE("wolfSSL_X509_get_pathLength", pathLength); 16438 16439 return pathLength; 16440 } 16441 16442 16443 unsigned int wolfSSL_X509_get_keyUsage(WOLFSSL_X509* x509) 16444 { 16445 word16 usage = 0; 16446 16447 WOLFSSL_ENTER("wolfSSL_X509_get_keyUsage"); 16448 16449 if (x509 != NULL) 16450 usage = x509->keyUsage; 16451 16452 WOLFSSL_LEAVE("wolfSSL_X509_get_keyUsage", usage); 16453 16454 return usage; 16455 } 16456 16457 16458 byte* wolfSSL_X509_get_authorityKeyID(WOLFSSL_X509* x509, 16459 byte* dst, int* dstLen) 16460 { 16461 byte *id = NULL; 16462 int copySz = 0; 16463 16464 WOLFSSL_ENTER("wolfSSL_X509_get_authorityKeyID"); 16465 16466 if (x509 != NULL) { 16467 if (x509->authKeyIdSet) { 16468 copySz = min(dstLen != NULL ? *dstLen : 0, 16469 (int)x509->authKeyIdSz); 16470 id = x509->authKeyId; 16471 } 16472 16473 if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) { 16474 XMEMCPY(dst, id, copySz); 16475 id = dst; 16476 *dstLen = copySz; 16477 } 16478 } 16479 16480 WOLFSSL_LEAVE("wolfSSL_X509_get_authorityKeyID", copySz); 16481 16482 return id; 16483 } 16484 16485 16486 byte* wolfSSL_X509_get_subjectKeyID(WOLFSSL_X509* x509, 16487 byte* dst, int* dstLen) 16488 { 16489 byte *id = NULL; 16490 int copySz = 0; 16491 16492 WOLFSSL_ENTER("wolfSSL_X509_get_subjectKeyID"); 16493 16494 if (x509 != NULL) { 16495 if (x509->subjKeyIdSet) { 16496 copySz = min(dstLen != NULL ? *dstLen : 0, 16497 (int)x509->subjKeyIdSz); 16498 id = x509->subjKeyId; 16499 } 16500 16501 if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) { 16502 XMEMCPY(dst, id, copySz); 16503 id = dst; 16504 *dstLen = copySz; 16505 } 16506 } 16507 16508 WOLFSSL_LEAVE("wolfSSL_X509_get_subjectKeyID", copySz); 16509 16510 return id; 16511 } 16512 16513 16514 int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME* name) 16515 { 16516 int count = 0; 16517 16518 WOLFSSL_ENTER("wolfSSL_X509_NAME_entry_count"); 16519 16520 if (name != NULL) 16521 count = name->fullName.entryCount; 16522 16523 WOLFSSL_LEAVE("wolfSSL_X509_NAME_entry_count", count); 16524 return count; 16525 } 16526 16527 16528 16529 int wolfSSL_X509_NAME_get_index_by_NID(WOLFSSL_X509_NAME* name, 16530 int nid, int pos) 16531 { 16532 int ret = -1; 16533 16534 WOLFSSL_ENTER("wolfSSL_X509_NAME_get_index_by_NID"); 16535 16536 if (name == NULL) { 16537 return BAD_FUNC_ARG; 16538 } 16539 16540 /* these index values are already stored in DecodedName 16541 use those when available */ 16542 if (name->fullName.fullName && name->fullName.fullNameLen > 0) { 16543 name->fullName.dcMode = 0; 16544 switch (nid) { 16545 case ASN_COMMON_NAME: 16546 if (pos != name->fullName.cnIdx) 16547 ret = name->fullName.cnIdx; 16548 break; 16549 case ASN_DOMAIN_COMPONENT: 16550 name->fullName.dcMode = 1; 16551 if (pos < name->fullName.dcNum - 1){ 16552 ret = pos + 1; 16553 } else { 16554 ret = -1; 16555 } 16556 break; 16557 default: 16558 WOLFSSL_MSG("NID not yet implemented"); 16559 break; 16560 } 16561 } 16562 16563 WOLFSSL_LEAVE("wolfSSL_X509_NAME_get_index_by_NID", ret); 16564 16565 (void)pos; 16566 (void)nid; 16567 16568 return ret; 16569 } 16570 16571 16572 WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data( 16573 WOLFSSL_X509_NAME_ENTRY* in) 16574 { 16575 WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_data"); 16576 if (in == NULL) 16577 return NULL; 16578 16579 return in->value; 16580 } 16581 16582 16583 /* Creates a new WOLFSSL_ASN1_STRING structure. 16584 * 16585 * returns a pointer to the new structure created on success or NULL if fail 16586 */ 16587 WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void) 16588 { 16589 WOLFSSL_ASN1_STRING* asn1; 16590 16591 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_new"); 16592 16593 asn1 = (WOLFSSL_ASN1_STRING*)XMALLOC(sizeof(WOLFSSL_ASN1_STRING), NULL, 16594 DYNAMIC_TYPE_OPENSSL); 16595 if (asn1 != NULL) { 16596 XMEMSET(asn1, 0, sizeof(WOLFSSL_ASN1_STRING)); 16597 } 16598 16599 return asn1; /* no check for null because error case is returning null*/ 16600 } 16601 16602 16603 /* used to free a WOLFSSL_ASN1_STRING structure */ 16604 void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1) 16605 { 16606 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_free"); 16607 16608 if (asn1 != NULL) { 16609 if (asn1->length > 0 && asn1->data != NULL) { 16610 XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL); 16611 } 16612 XFREE(asn1, NULL, DYNAMIC_TYPE_OPENSSL); 16613 } 16614 } 16615 16616 16617 /* Creates a new WOLFSSL_ASN1_STRING structure given the input type. 16618 * 16619 * type is the type of set when WOLFSSL_ASN1_STRING is created 16620 * 16621 * returns a pointer to the new structure created on success or NULL if fail 16622 */ 16623 WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type) 16624 { 16625 WOLFSSL_ASN1_STRING* asn1; 16626 16627 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_type_new"); 16628 16629 asn1 = wolfSSL_ASN1_STRING_new(); 16630 if (asn1 == NULL) { 16631 return NULL; 16632 } 16633 asn1->type = type; 16634 16635 return asn1; 16636 } 16637 16638 16639 /* if dataSz is negative then use XSTRLEN to find length of data 16640 * return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure */ 16641 int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, 16642 int dataSz) 16643 { 16644 int sz; 16645 16646 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_set"); 16647 16648 if (data == NULL || asn1 == NULL) { 16649 return WOLFSSL_FAILURE; 16650 } 16651 16652 if (dataSz < 0) { 16653 sz = (int)XSTRLEN((const char*)data) + 1; /* +1 for null */ 16654 } 16655 else { 16656 sz = dataSz; 16657 } 16658 16659 if (sz < 0) { 16660 return WOLFSSL_FAILURE; 16661 } 16662 16663 /* free any existing data before copying */ 16664 if (asn1->data != NULL) { 16665 XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL); 16666 } 16667 16668 /* create new data buffer and copy over */ 16669 asn1->data = (char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_OPENSSL); 16670 if (asn1->data == NULL) { 16671 return WOLFSSL_FAILURE; 16672 } 16673 XMEMCPY(asn1->data, data, sz); 16674 asn1->length = sz; 16675 16676 return WOLFSSL_SUCCESS; 16677 } 16678 16679 16680 unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn) 16681 { 16682 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data"); 16683 16684 if (asn) { 16685 return (unsigned char*)asn->data; 16686 } 16687 else { 16688 return NULL; 16689 } 16690 } 16691 16692 16693 int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING* asn) 16694 { 16695 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_length"); 16696 16697 if (asn) { 16698 return asn->length; 16699 } 16700 else { 16701 return 0; 16702 } 16703 } 16704 16705 16706 #ifdef XSNPRINTF /* a snprintf function needs to be available */ 16707 /* Writes the human readable form of x509 to bio. 16708 * 16709 * bio WOLFSSL_BIO to write to. 16710 * x509 Certificate to write. 16711 * 16712 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure 16713 */ 16714 int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509) 16715 { 16716 WOLFSSL_ENTER("wolfSSL_X509_print"); 16717 16718 if (bio == NULL || x509 == NULL) { 16719 return WOLFSSL_FAILURE; 16720 } 16721 16722 if (wolfSSL_BIO_write(bio, "Certificate:\n", 16723 sizeof("Certificate:\n")) <= 0) { 16724 return WOLFSSL_FAILURE; 16725 } 16726 16727 if (wolfSSL_BIO_write(bio, " Data:\n", 16728 sizeof(" Data:\n")) <= 0) { 16729 return WOLFSSL_FAILURE; 16730 } 16731 16732 /* print version of cert */ 16733 { 16734 int version; 16735 char tmp[17]; 16736 16737 if ((version = wolfSSL_X509_version(x509)) <= 0) { 16738 WOLFSSL_MSG("Error getting X509 version"); 16739 return WOLFSSL_FAILURE; 16740 } 16741 if (wolfSSL_BIO_write(bio, " Version: ", 16742 sizeof(" Version: ")) <= 0) { 16743 return WOLFSSL_FAILURE; 16744 } 16745 XSNPRINTF(tmp, sizeof(tmp), "%d\n", version); 16746 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 16747 return WOLFSSL_FAILURE; 16748 } 16749 } 16750 16751 /* print serial number out */ 16752 { 16753 unsigned char serial[32]; 16754 int sz = sizeof(serial); 16755 16756 XMEMSET(serial, 0, sz); 16757 if (wolfSSL_X509_get_serial_number(x509, serial, &sz) 16758 != WOLFSSL_SUCCESS) { 16759 WOLFSSL_MSG("Error getting x509 serial number"); 16760 return WOLFSSL_FAILURE; 16761 } 16762 if (wolfSSL_BIO_write(bio, " Serial Number: ", 16763 sizeof(" Serial Number: ")) <= 0) { 16764 return WOLFSSL_FAILURE; 16765 } 16766 16767 /* if serial can fit into byte than print on the same line */ 16768 if (sz <= (int)sizeof(byte)) { 16769 char tmp[17]; 16770 XSNPRINTF(tmp, sizeof(tmp), "%d (0x%x)\n", serial[0],serial[0]); 16771 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 16772 return WOLFSSL_FAILURE; 16773 } 16774 } 16775 else { 16776 int i; 16777 char tmp[100]; 16778 int tmpSz = 100; 16779 char val[5]; 16780 int valSz = 5; 16781 16782 /* serial is larger than int size so print off hex values */ 16783 if (wolfSSL_BIO_write(bio, "\n ", 16784 sizeof("\n ")) <= 0) { 16785 return WOLFSSL_FAILURE; 16786 } 16787 tmp[0] = '\0'; 16788 for (i = 0; i < sz - 1 && (3 * i) < tmpSz - valSz; i++) { 16789 XSNPRINTF(val, sizeof(val) - 1, "%02x:", serial[i]); 16790 val[3] = '\0'; /* make sure is null terminated */ 16791 XSTRNCAT(tmp, val, valSz); 16792 } 16793 XSNPRINTF(val, sizeof(val) - 1, "%02x\n", serial[i]); 16794 val[3] = '\0'; /* make sure is null terminated */ 16795 XSTRNCAT(tmp, val, valSz); 16796 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 16797 return WOLFSSL_FAILURE; 16798 } 16799 } 16800 } 16801 16802 /* print signature algo */ 16803 { 16804 int oid; 16805 char* sig; 16806 16807 if ((oid = wolfSSL_X509_get_signature_type(x509)) <= 0) { 16808 WOLFSSL_MSG("Error getting x509 signature type"); 16809 return WOLFSSL_FAILURE; 16810 } 16811 if (wolfSSL_BIO_write(bio, " Signature Algorithm: ", 16812 sizeof(" Signature Algorithm: ")) <= 0) { 16813 return WOLFSSL_FAILURE; 16814 } 16815 sig = GetSigName(oid); 16816 if (wolfSSL_BIO_write(bio, sig, (int)XSTRLEN(sig)) <= 0) { 16817 return WOLFSSL_FAILURE; 16818 } 16819 if (wolfSSL_BIO_write(bio, "\n", sizeof("\n")) <= 0) { 16820 return WOLFSSL_FAILURE; 16821 } 16822 } 16823 16824 /* print issuer */ 16825 { 16826 char* issuer; 16827 #ifdef WOLFSSL_SMALL_STACK 16828 char* buff = NULL; 16829 int issSz = 0; 16830 #else 16831 char buff[256]; 16832 int issSz = 256; 16833 #endif 16834 16835 issuer = wolfSSL_X509_NAME_oneline( 16836 wolfSSL_X509_get_issuer_name(x509), buff, issSz); 16837 16838 if (wolfSSL_BIO_write(bio, " Issuer: ", 16839 sizeof(" Issuer: ")) <= 0) { 16840 #ifdef WOLFSSL_SMALL_STACK 16841 XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL); 16842 #endif 16843 return WOLFSSL_FAILURE; 16844 } 16845 if (issuer != NULL) { 16846 if (wolfSSL_BIO_write(bio, issuer, (int)XSTRLEN(issuer)) <= 0) { 16847 #ifdef WOLFSSL_SMALL_STACK 16848 XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL); 16849 #endif 16850 return WOLFSSL_FAILURE; 16851 } 16852 } 16853 #ifdef WOLFSSL_SMALL_STACK 16854 XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL); 16855 #endif 16856 if (wolfSSL_BIO_write(bio, "\n", sizeof("\n")) <= 0) { 16857 return WOLFSSL_FAILURE; 16858 } 16859 } 16860 16861 /* print validity */ 16862 { 16863 char tmp[80]; 16864 16865 if (wolfSSL_BIO_write(bio, " Validity\n", 16866 sizeof(" Validity\n")) <= 0) { 16867 return WOLFSSL_FAILURE; 16868 } 16869 if (wolfSSL_BIO_write(bio, " Not Before: ", 16870 sizeof(" Not Before: ")) <= 0) { 16871 return WOLFSSL_FAILURE; 16872 } 16873 if (GetTimeString(x509->notBefore + 2, ASN_UTC_TIME, 16874 tmp, sizeof(tmp)) != WOLFSSL_SUCCESS) { 16875 if (GetTimeString(x509->notBefore + 2, ASN_GENERALIZED_TIME, 16876 tmp, sizeof(tmp)) != WOLFSSL_SUCCESS) { 16877 WOLFSSL_MSG("Error getting not before date"); 16878 return WOLFSSL_FAILURE; 16879 } 16880 } 16881 tmp[sizeof(tmp) - 1] = '\0'; /* make sure null terminated */ 16882 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 16883 return WOLFSSL_FAILURE; 16884 } 16885 if (wolfSSL_BIO_write(bio, "\n Not After : ", 16886 sizeof("\n Not After : ")) <= 0) { 16887 return WOLFSSL_FAILURE; 16888 } 16889 if (GetTimeString(x509->notAfter + 2,ASN_UTC_TIME, 16890 tmp, sizeof(tmp)) != WOLFSSL_SUCCESS) { 16891 if (GetTimeString(x509->notAfter + 2,ASN_GENERALIZED_TIME, 16892 tmp, sizeof(tmp)) != WOLFSSL_SUCCESS) { 16893 WOLFSSL_MSG("Error getting not before date"); 16894 return WOLFSSL_FAILURE; 16895 } 16896 } 16897 tmp[sizeof(tmp) - 1] = '\0'; /* make sure null terminated */ 16898 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 16899 return WOLFSSL_FAILURE; 16900 } 16901 } 16902 16903 /* print subject */ 16904 { 16905 char* subject; 16906 #ifdef WOLFSSL_SMALL_STACK 16907 char* buff = NULL; 16908 int subSz = 0; 16909 #else 16910 char buff[256]; 16911 int subSz = 256; 16912 #endif 16913 16914 subject = wolfSSL_X509_NAME_oneline( 16915 wolfSSL_X509_get_subject_name(x509), buff, subSz); 16916 16917 if (wolfSSL_BIO_write(bio, "\n Subject: ", 16918 sizeof("\n Subject: ")) <= 0) { 16919 #ifdef WOLFSSL_SMALL_STACK 16920 XFREE(subject, NULL, DYNAMIC_TYPE_OPENSSL); 16921 #endif 16922 return WOLFSSL_FAILURE; 16923 } 16924 if (subject != NULL) { 16925 if (wolfSSL_BIO_write(bio, subject, (int)XSTRLEN(subject)) <= 0) { 16926 #ifdef WOLFSSL_SMALL_STACK 16927 XFREE(subject, NULL, DYNAMIC_TYPE_OPENSSL); 16928 #endif 16929 return WOLFSSL_FAILURE; 16930 } 16931 } 16932 #ifdef WOLFSSL_SMALL_STACK 16933 XFREE(subject, NULL, DYNAMIC_TYPE_OPENSSL); 16934 #endif 16935 } 16936 16937 /* get and print public key */ 16938 if (wolfSSL_BIO_write(bio, "\n Subject Public Key Info:\n", 16939 sizeof("\n Subject Public Key Info:\n")) <= 0) { 16940 return WOLFSSL_FAILURE; 16941 } 16942 { 16943 char tmp[100]; 16944 16945 switch (x509->pubKeyOID) { 16946 #ifndef NO_RSA 16947 case RSAk: 16948 if (wolfSSL_BIO_write(bio, 16949 " Public Key Algorithm: RSA\n", 16950 sizeof(" Public Key Algorithm: RSA\n")) <= 0) { 16951 return WOLFSSL_FAILURE; 16952 } 16953 #ifdef HAVE_USER_RSA 16954 if (wolfSSL_BIO_write(bio, 16955 " Build without user RSA to print key\n", 16956 sizeof(" Build without user RSA to print key\n")) 16957 <= 0) { 16958 return WOLFSSL_FAILURE; 16959 } 16960 #else 16961 { 16962 RsaKey rsa; 16963 word32 idx = 0; 16964 int sz; 16965 byte lbit = 0; 16966 int rawLen; 16967 unsigned char* rawKey; 16968 16969 if (wc_InitRsaKey(&rsa, NULL) != 0) { 16970 WOLFSSL_MSG("wc_InitRsaKey failure"); 16971 return WOLFSSL_FAILURE; 16972 } 16973 if (wc_RsaPublicKeyDecode(x509->pubKey.buffer, 16974 &idx, &rsa, x509->pubKey.length) != 0) { 16975 WOLFSSL_MSG("Error decoding RSA key"); 16976 wc_FreeRsaKey(&rsa); 16977 return WOLFSSL_FAILURE; 16978 } 16979 if ((sz = wc_RsaEncryptSize(&rsa)) < 0) { 16980 WOLFSSL_MSG("Error getting RSA key size"); 16981 wc_FreeRsaKey(&rsa); 16982 return WOLFSSL_FAILURE; 16983 } 16984 XSNPRINTF(tmp, sizeof(tmp) - 1, "%s%s: (%d bit)\n%s\n", 16985 " ", "Public-Key", 8 * sz, 16986 " Modulus:"); 16987 tmp[sizeof(tmp) - 1] = '\0'; 16988 if (wolfSSL_BIO_write(bio, tmp, 16989 (int)XSTRLEN(tmp)) <= 0) { 16990 wc_FreeRsaKey(&rsa); 16991 return WOLFSSL_FAILURE; 16992 } 16993 16994 /* print out modulus */ 16995 XSNPRINTF(tmp, sizeof(tmp) - 1," "); 16996 tmp[sizeof(tmp) - 1] = '\0'; 16997 if (mp_leading_bit(&rsa.n)) { 16998 lbit = 1; 16999 XSTRNCAT(tmp, "00", 3); 17000 } 17001 17002 rawLen = mp_unsigned_bin_size(&rsa.n); 17003 rawKey = (unsigned char*)XMALLOC(rawLen, NULL, 17004 DYNAMIC_TYPE_TMP_BUFFER); 17005 if (rawKey == NULL) { 17006 WOLFSSL_MSG("Memory error"); 17007 wc_FreeRsaKey(&rsa); 17008 return WOLFSSL_FAILURE; 17009 } 17010 mp_to_unsigned_bin(&rsa.n, rawKey); 17011 for (idx = 0; idx < (word32)rawLen; idx++) { 17012 char val[5]; 17013 int valSz = 5; 17014 17015 if ((idx == 0) && !lbit) { 17016 XSNPRINTF(val, valSz - 1, "%02x", rawKey[idx]); 17017 } 17018 else if ((idx != 0) && (((idx + lbit) % 15) == 0)) { 17019 tmp[sizeof(tmp) - 1] = '\0'; 17020 if (wolfSSL_BIO_write(bio, tmp, 17021 (int)XSTRLEN(tmp)) <= 0) { 17022 XFREE(rawKey, NULL, 17023 DYNAMIC_TYPE_TMP_BUFFER); 17024 wc_FreeRsaKey(&rsa); 17025 return WOLFSSL_FAILURE; 17026 } 17027 XSNPRINTF(tmp, sizeof(tmp) - 1, 17028 ":\n "); 17029 XSNPRINTF(val, valSz - 1, "%02x", rawKey[idx]); 17030 } 17031 else { 17032 XSNPRINTF(val, valSz - 1, ":%02x", rawKey[idx]); 17033 } 17034 XSTRNCAT(tmp, val, valSz); 17035 } 17036 XFREE(rawKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); 17037 17038 /* print out remaning modulus values */ 17039 if ((idx > 0) && (((idx - 1 + lbit) % 15) != 0)) { 17040 tmp[sizeof(tmp) - 1] = '\0'; 17041 if (wolfSSL_BIO_write(bio, tmp, 17042 (int)XSTRLEN(tmp)) <= 0) { 17043 return WOLFSSL_FAILURE; 17044 } 17045 } 17046 17047 /* print out exponent values */ 17048 rawLen = mp_unsigned_bin_size(&rsa.e); 17049 if (rawLen < 0) { 17050 WOLFSSL_MSG("Error getting exponent size"); 17051 wc_FreeRsaKey(&rsa); 17052 return WOLFSSL_FAILURE; 17053 } 17054 17055 if ((word32)rawLen < sizeof(word32)) { 17056 rawLen = sizeof(word32); 17057 } 17058 rawKey = (unsigned char*)XMALLOC(rawLen, NULL, 17059 DYNAMIC_TYPE_TMP_BUFFER); 17060 if (rawKey == NULL) { 17061 WOLFSSL_MSG("Memory error"); 17062 wc_FreeRsaKey(&rsa); 17063 return WOLFSSL_FAILURE; 17064 } 17065 XMEMSET(rawKey, 0, rawLen); 17066 mp_to_unsigned_bin(&rsa.e, rawKey); 17067 if ((word32)rawLen <= sizeof(word32)) { 17068 idx = *(word32*)rawKey; 17069 } 17070 XSNPRINTF(tmp, sizeof(tmp) - 1, 17071 "\n Exponent: %d\n", idx); 17072 if (wolfSSL_BIO_write(bio, tmp, 17073 (int)XSTRLEN(tmp)) <= 0) { 17074 XFREE(rawKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); 17075 wc_FreeRsaKey(&rsa); 17076 return WOLFSSL_FAILURE; 17077 } 17078 XFREE(rawKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); 17079 wc_FreeRsaKey(&rsa); 17080 } 17081 #endif /* HAVE_USER_RSA */ 17082 break; 17083 #endif /* NO_RSA */ 17084 17085 #ifdef HAVE_ECC 17086 case ECDSAk: 17087 { 17088 word32 i; 17089 ecc_key ecc; 17090 17091 if (wolfSSL_BIO_write(bio, 17092 " Public Key Algorithm: EC\n", 17093 sizeof(" Public Key Algorithm: EC\n")) <= 0) { 17094 return WOLFSSL_FAILURE; 17095 } 17096 if (wc_ecc_init_ex(&ecc, x509->heap, INVALID_DEVID) 17097 != 0) { 17098 return WOLFSSL_FAILURE; 17099 } 17100 17101 i = 0; 17102 if (wc_EccPublicKeyDecode(x509->pubKey.buffer, &i, 17103 &ecc, x509->pubKey.length) != 0) { 17104 wc_ecc_free(&ecc); 17105 return WOLFSSL_FAILURE; 17106 } 17107 XSNPRINTF(tmp, sizeof(tmp) - 1, "%s%s: (%d bit)\n%s\n", 17108 " ", "Public-Key", 17109 8 * wc_ecc_size(&ecc), 17110 " pub:"); 17111 tmp[sizeof(tmp) - 1] = '\0'; 17112 if (wolfSSL_BIO_write(bio, tmp, 17113 (int)XSTRLEN(tmp)) <= 0) { 17114 wc_ecc_free(&ecc); 17115 return WOLFSSL_FAILURE; 17116 } 17117 XSNPRINTF(tmp, sizeof(tmp) - 1," "); 17118 { 17119 word32 derSz; 17120 byte* der; 17121 17122 derSz = wc_ecc_size(&ecc) * WOLFSSL_BIT_SIZE; 17123 der = (byte*)XMALLOC(derSz, x509->heap, 17124 DYNAMIC_TYPE_TMP_BUFFER); 17125 if (der == NULL) { 17126 wc_ecc_free(&ecc); 17127 return WOLFSSL_FAILURE; 17128 } 17129 17130 if (wc_ecc_export_x963(&ecc, der, &derSz) != 0) { 17131 wc_ecc_free(&ecc); 17132 XFREE(der, x509->heap, DYNAMIC_TYPE_TMP_BUFFER); 17133 return WOLFSSL_FAILURE; 17134 } 17135 for (i = 0; i < derSz; i++) { 17136 char val[5]; 17137 int valSz = 5; 17138 17139 if (i == 0) { 17140 XSNPRINTF(val, valSz - 1, "%02x", der[i]); 17141 } 17142 else if ((i % 15) == 0) { 17143 tmp[sizeof(tmp) - 1] = '\0'; 17144 if (wolfSSL_BIO_write(bio, tmp, 17145 (int)XSTRLEN(tmp)) <= 0) { 17146 wc_ecc_free(&ecc); 17147 XFREE(der, x509->heap, 17148 DYNAMIC_TYPE_TMP_BUFFER); 17149 return WOLFSSL_FAILURE; 17150 } 17151 XSNPRINTF(tmp, sizeof(tmp) - 1, 17152 ":\n "); 17153 XSNPRINTF(val, valSz - 1, "%02x", der[i]); 17154 } 17155 else { 17156 XSNPRINTF(val, valSz - 1, ":%02x", der[i]); 17157 } 17158 XSTRNCAT(tmp, val, valSz); 17159 } 17160 17161 /* print out remaning modulus values */ 17162 if ((i > 0) && (((i - 1) % 15) != 0)) { 17163 tmp[sizeof(tmp) - 1] = '\0'; 17164 if (wolfSSL_BIO_write(bio, tmp, 17165 (int)XSTRLEN(tmp)) <= 0) { 17166 wc_ecc_free(&ecc); 17167 XFREE(der, x509->heap, 17168 DYNAMIC_TYPE_TMP_BUFFER); 17169 return WOLFSSL_FAILURE; 17170 } 17171 } 17172 17173 XFREE(der, x509->heap, DYNAMIC_TYPE_TMP_BUFFER); 17174 } 17175 XSNPRINTF(tmp, sizeof(tmp) - 1, "\n%s%s: %s\n", 17176 " ", "ASN1 OID", 17177 ecc.dp->name); 17178 if (wolfSSL_BIO_write(bio, tmp, 17179 (int)XSTRLEN(tmp)) <= 0) { 17180 wc_ecc_free(&ecc); 17181 return WOLFSSL_FAILURE; 17182 } 17183 wc_ecc_free(&ecc); 17184 } 17185 break; 17186 #endif /* HAVE_ECC */ 17187 default: 17188 WOLFSSL_MSG("Unknown key type"); 17189 return WOLFSSL_FAILURE; 17190 } 17191 } 17192 17193 /* print out extensions */ 17194 if (wolfSSL_BIO_write(bio, " X509v3 extensions:\n", 17195 sizeof(" X509v3 extensions:\n")) <= 0) { 17196 return WOLFSSL_FAILURE; 17197 } 17198 17199 /* print subject key id */ 17200 if (x509->subjKeyIdSet && x509->subjKeyId != NULL && 17201 x509->subjKeyIdSz > 0) { 17202 char tmp[100]; 17203 word32 i; 17204 char val[5]; 17205 int valSz = 5; 17206 17207 17208 if (wolfSSL_BIO_write(bio, 17209 " X509v3 Subject Key Identifier:\n", 17210 sizeof(" X509v3 Subject Key Identifier:\n")) 17211 <= 0) { 17212 return WOLFSSL_FAILURE; 17213 } 17214 17215 XSNPRINTF(tmp, sizeof(tmp) - 1, " "); 17216 for (i = 0; i < sizeof(tmp) && i < (x509->subjKeyIdSz - 1); i++) { 17217 XSNPRINTF(val, valSz - 1, "%02X:", x509->subjKeyId[i]); 17218 XSTRNCAT(tmp, val, valSz); 17219 } 17220 XSNPRINTF(val, valSz - 1, "%02X\n", x509->subjKeyId[i]); 17221 XSTRNCAT(tmp, val, valSz); 17222 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 17223 return WOLFSSL_FAILURE; 17224 } 17225 } 17226 17227 /* printf out authority key id */ 17228 if (x509->authKeyIdSet && x509->authKeyId != NULL && 17229 x509->authKeyIdSz > 0) { 17230 char tmp[100]; 17231 word32 i; 17232 char val[5]; 17233 int valSz = 5; 17234 17235 if (wolfSSL_BIO_write(bio, 17236 " X509v3 Authority Key Identifier:\n", 17237 sizeof(" X509v3 Authority Key Identifier:\n")) 17238 <= 0) { 17239 return WOLFSSL_FAILURE; 17240 } 17241 17242 XSNPRINTF(tmp, sizeof(tmp) - 1, " keyid"); 17243 for (i = 0; i < x509->authKeyIdSz; i++) { 17244 /* check if buffer is almost full */ 17245 if (XSTRLEN(tmp) >= sizeof(tmp) - valSz) { 17246 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 17247 return WOLFSSL_FAILURE; 17248 } 17249 tmp[0] = '\0'; 17250 } 17251 XSNPRINTF(val, valSz - 1, ":%02X", x509->authKeyId[i]); 17252 XSTRNCAT(tmp, val, valSz); 17253 } 17254 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 17255 return WOLFSSL_FAILURE; 17256 } 17257 17258 /* print issuer */ 17259 { 17260 char* issuer; 17261 #ifdef WOLFSSL_SMALL_STACK 17262 char* buff = NULL; 17263 int issSz = 0; 17264 #else 17265 char buff[256]; 17266 int issSz = 256; 17267 #endif 17268 17269 issuer = wolfSSL_X509_NAME_oneline( 17270 wolfSSL_X509_get_issuer_name(x509), buff, issSz); 17271 17272 if (wolfSSL_BIO_write(bio, "\n DirName:", 17273 sizeof("\n DirName:")) <= 0) { 17274 #ifdef WOLFSSL_SMALL_STACK 17275 XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL); 17276 #endif 17277 return WOLFSSL_FAILURE; 17278 } 17279 if (issuer != NULL) { 17280 if (wolfSSL_BIO_write(bio, issuer, (int)XSTRLEN(issuer)) <= 0) { 17281 #ifdef WOLFSSL_SMALL_STACK 17282 XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL); 17283 #endif 17284 return WOLFSSL_FAILURE; 17285 } 17286 } 17287 #ifdef WOLFSSL_SMALL_STACK 17288 XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL); 17289 #endif 17290 if (wolfSSL_BIO_write(bio, "\n", sizeof("\n")) <= 0) { 17291 return WOLFSSL_FAILURE; 17292 } 17293 } 17294 } 17295 17296 /* print basic constraint */ 17297 if (x509->basicConstSet) { 17298 char tmp[100]; 17299 17300 if (wolfSSL_BIO_write(bio, 17301 "\n X509v3 Basic Constraints:\n", 17302 sizeof("\n X509v3 Basic Constraints:\n")) 17303 <= 0) { 17304 return WOLFSSL_FAILURE; 17305 } 17306 XSNPRINTF(tmp, sizeof(tmp), 17307 " CA:%s\n", 17308 (x509->isCa)? "TRUE": "FALSE"); 17309 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 17310 return WOLFSSL_FAILURE; 17311 } 17312 } 17313 17314 /* print out signature */ 17315 { 17316 unsigned char* sig; 17317 int sigSz; 17318 int i; 17319 char tmp[100]; 17320 int sigOid = wolfSSL_X509_get_signature_type(x509); 17321 17322 if (wolfSSL_BIO_write(bio, 17323 " Signature Algorithm: ", 17324 sizeof(" Signature Algorithm: ")) <= 0) { 17325 return WOLFSSL_FAILURE; 17326 } 17327 XSNPRINTF(tmp, sizeof(tmp) - 1,"%s\n", GetSigName(sigOid)); 17328 tmp[sizeof(tmp) - 1] = '\0'; 17329 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) { 17330 return WOLFSSL_FAILURE; 17331 } 17332 17333 sigSz = (int)x509->sig.length; 17334 if (sigSz <= 0) { 17335 /* if sigSz invalid return here to avoid overhead of malloc */ 17336 return WOLFSSL_FAILURE; 17337 } 17338 17339 sig = (unsigned char*)XMALLOC(sigSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 17340 if (sig == NULL) { 17341 return WOLFSSL_FAILURE; 17342 } 17343 17344 if (wolfSSL_X509_get_signature(x509, sig, &sigSz) <= 0) { 17345 XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER); 17346 return WOLFSSL_FAILURE; 17347 } 17348 XSNPRINTF(tmp, sizeof(tmp) - 1," "); 17349 tmp[sizeof(tmp) - 1] = '\0'; 17350 for (i = 0; i < sigSz; i++) { 17351 char val[5]; 17352 int valSz = 5; 17353 17354 if (i == 0) { 17355 XSNPRINTF(val, valSz - 1, "%02x", sig[i]); 17356 } 17357 else if (((i % 18) == 0)) { 17358 tmp[sizeof(tmp) - 1] = '\0'; 17359 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) 17360 <= 0) { 17361 XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER); 17362 return WOLFSSL_FAILURE; 17363 } 17364 XSNPRINTF(tmp, sizeof(tmp) - 1, 17365 ":\n "); 17366 XSNPRINTF(val, valSz - 1, "%02x", sig[i]); 17367 } 17368 else { 17369 XSNPRINTF(val, valSz - 1, ":%02x", sig[i]); 17370 } 17371 XSTRNCAT(tmp, val, valSz); 17372 } 17373 XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER); 17374 17375 /* print out remaning sig values */ 17376 if ((i > 0) && (((i - 1) % 18) != 0)) { 17377 tmp[sizeof(tmp) - 1] = '\0'; 17378 if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) 17379 <= 0) { 17380 return WOLFSSL_FAILURE; 17381 } 17382 } 17383 } 17384 17385 /* done with print out */ 17386 if (wolfSSL_BIO_write(bio, "\n", sizeof("\n")) <= 0) { 17387 return WOLFSSL_FAILURE; 17388 } 17389 17390 return WOLFSSL_SUCCESS; 17391 } 17392 #endif /* XSNPRINTF */ 17393 17394 #endif /* NO_CERTS */ 15173 17395 15174 17396 char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER* cipher, char* in, … … 15426 17648 #endif /* NO_SESSION_CACHE */ 15427 17649 15428 #ifndef NO_CERTS 15429 void wolfSSL_X509_free(WOLFSSL_X509* x509) 15430 { 15431 WOLFSSL_ENTER("wolfSSL_X509_free"); 15432 ExternalFreeX509(x509); 15433 } 15434 #endif /* NO_CERTS */ 15435 15436 17650 17651 17652 /* was do nothing */ 17653 /* 17654 void OPENSSL_free(void* buf) 17655 { 17656 (void)buf; 17657 } 17658 */ 17659 17660 #ifndef NO_WOLFSSL_STUB 15437 17661 int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, char** path, 15438 17662 int* ssl) … … 15443 17667 (void)path; 15444 17668 (void)ssl; 17669 WOLFSSL_STUB("OCSP_parse_url"); 15445 17670 return 0; 15446 17671 } 15447 15448 15449 WOLFSSL_METHOD* wolfSSLv2_client_method(void) 15450 { 15451 return 0; 15452 } 15453 15454 15455 WOLFSSL_METHOD* wolfSSLv2_server_method(void) 15456 { 15457 return 0; 15458 } 15459 17672 #endif 15460 17673 15461 17674 #ifndef NO_MD4 … … 15489 17702 15490 17703 15491 WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO* top) 15492 { 15493 (void)top; 15494 return 0; 17704 /* Removes a WOLFSSL_BIO struct from the WOLFSSL_BIO linked list. 17705 * 17706 * bio is the WOLFSSL_BIO struct in the list and removed. 17707 * 17708 * The return WOLFSSL_BIO struct is the next WOLFSSL_BIO in the list or NULL if 17709 * there is none. 17710 */ 17711 WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO* bio) 17712 { 17713 if (bio == NULL) { 17714 WOLFSSL_MSG("Bad argument passed in"); 17715 return NULL; 17716 } 17717 17718 if (bio->prev != NULL) { 17719 bio->prev->next = bio->next; 17720 } 17721 17722 if (bio->next != NULL) { 17723 bio->next->prev = bio->prev; 17724 } 17725 17726 return bio->next; 15495 17727 } 15496 17728 … … 15498 17730 int wolfSSL_BIO_pending(WOLFSSL_BIO* bio) 15499 17731 { 15500 if (bio && bio->type == BIO_MEMORY) 15501 return bio->memLen; 15502 return 0; 17732 return (int)wolfSSL_BIO_ctrl_pending(bio); 15503 17733 } 15504 17734 … … 15510 17740 15511 17741 WOLFSSL_ENTER("BIO_s_mem"); 15512 meth.type = BIO_MEMORY;17742 meth.type = WOLFSSL_BIO_MEMORY; 15513 17743 15514 17744 return &meth; … … 15518 17748 WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void) 15519 17749 { 15520 return 0; 15521 } 15522 15523 17750 static WOLFSSL_BIO_METHOD meth; 17751 17752 WOLFSSL_ENTER("wolfSSL_BIO_f_base64"); 17753 meth.type = WOLFSSL_BIO_BASE64; 17754 17755 return &meth; 17756 } 17757 17758 17759 /* Set the flag for the bio. 17760 * 17761 * bio the structre to set the flag in 17762 * flags the flag to use 17763 */ 15524 17764 void wolfSSL_BIO_set_flags(WOLFSSL_BIO* bio, int flags) 15525 17765 { 15526 (void)bio; 15527 (void)flags; 15528 } 15529 15530 15531 17766 WOLFSSL_ENTER("wolfSSL_BIO_set_flags"); 17767 17768 if (bio != NULL) { 17769 bio->flags |= flags; 17770 } 17771 } 17772 17773 17774 #ifndef NO_WOLFSSL_STUB 15532 17775 void wolfSSL_RAND_screen(void) 15533 17776 { 15534 15535 } 15536 15537 15538 const char* wolfSSL_RAND_file_name(char* fname, unsigned long len) 15539 { 15540 (void)fname; 15541 (void)len; 15542 return 0; 15543 } 15544 15545 15546 int wolfSSL_RAND_write_file(const char* fname) 15547 { 15548 (void)fname; 15549 return 0; 15550 } 17777 WOLFSSL_STUB("RAND_screen"); 17778 } 17779 #endif 17780 15551 17781 15552 17782 … … 15562 17792 15563 17793 15564 int wolfSSL_RAND_egd(const char* path) 15565 { 15566 (void)path; 17794 #ifndef NO_WOLFSSL_STUB 17795 WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void) 17796 { 17797 WOLFSSL_STUB("COMP_zlib"); 15567 17798 return 0; 15568 17799 } 15569 15570 15571 15572 WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void) 15573 { 17800 #endif 17801 17802 #ifndef NO_WOLFSSL_STUB 17803 WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void) 17804 { 17805 WOLFSSL_STUB("COMP_rle"); 15574 17806 return 0; 15575 17807 } 15576 15577 15578 WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void) 15579 { 15580 return 0; 15581 } 15582 17808 #endif 17809 17810 #ifndef NO_WOLFSSL_STUB 15583 17811 int wolfSSL_COMP_add_compression_method(int method, void* data) 15584 17812 { 15585 17813 (void)method; 15586 17814 (void)data; 17815 WOLFSSL_STUB("COMP_add_compression_method"); 15587 17816 return 0; 15588 17817 } 15589 15590 17818 #endif 17819 17820 #ifndef NO_WOLFSSL_STUB 15591 17821 void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f)( 15592 17822 const char*, int)) 15593 17823 { 17824 WOLFSSL_STUB("CRYPTO_set_dynlock_create_callback"); 15594 17825 (void)f; 15595 17826 } 15596 15597 17827 #endif 17828 17829 #ifndef NO_WOLFSSL_STUB 15598 17830 void wolfSSL_set_dynlock_lock_callback( 15599 17831 void (*f)(int, WOLFSSL_dynlock_value*, const char*, int)) 15600 17832 { 17833 WOLFSSL_STUB("CRYPTO_set_set_dynlock_lock_callback"); 15601 17834 (void)f; 15602 17835 } 15603 15604 17836 #endif 17837 17838 #ifndef NO_WOLFSSL_STUB 15605 17839 void wolfSSL_set_dynlock_destroy_callback( 15606 17840 void (*f)(WOLFSSL_dynlock_value*, const char*, int)) 15607 17841 { 17842 WOLFSSL_STUB("CRYPTO_set_set_dynlock_destroy_callback"); 15608 17843 (void)f; 15609 17844 } 15610 17845 #endif 15611 17846 15612 17847 … … 15617 17852 15618 17853 15619 17854 #ifndef NO_WOLFSSL_STUB 15620 17855 int wolfSSL_X509_LOOKUP_add_dir(WOLFSSL_X509_LOOKUP* lookup, const char* dir, 15621 17856 long len) … … 15624 17859 (void)dir; 15625 17860 (void)len; 17861 WOLFSSL_STUB("X509_LOOKUP_add_dir"); 15626 17862 return 0; 15627 17863 } 15628 17864 #endif 15629 17865 15630 17866 int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup, 15631 17867 const char* file, long type) 15632 17868 { 15633 #ifndef NO_FILESYSTEM 17869 #if !defined(NO_FILESYSTEM) && \ 17870 (defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)) 15634 17871 int ret = WOLFSSL_FAILURE; 15635 17872 XFILE fp; … … 15639 17876 byte* prev = NULL; 15640 17877 WOLFSSL_X509* x509; 17878 const char* header = NULL; 17879 const char* footer = NULL; 15641 17880 15642 17881 if (type != X509_FILETYPE_PEM) … … 15644 17883 15645 17884 fp = XFOPEN(file, "r"); 15646 if (fp == NULL)17885 if (fp == XBADFILE) 15647 17886 return BAD_FUNC_ARG; 15648 17887 15649 XFSEEK(fp, 0, XSEEK_END); 17888 if(XFSEEK(fp, 0, XSEEK_END) != 0) { 17889 XFCLOSE(fp); 17890 return WOLFSSL_BAD_FILE; 17891 } 15650 17892 sz = XFTELL(fp); 15651 17893 XREWIND(fp); … … 15666 17908 prev = curr = pem; 15667 17909 do { 15668 if (XSTRNSTR((char*)curr, BEGIN_X509_CRL, (unsigned int)sz) != NULL) { 17910 /* get PEM header and footer based on type */ 17911 if (wc_PemGetHeaderFooter(CRL_TYPE, &header, &footer) == 0 && 17912 XSTRNSTR((char*)curr, header, (unsigned int)sz) != NULL) { 15669 17913 #ifdef HAVE_CRL 15670 17914 WOLFSSL_CERT_MANAGER* cm = lookup->store->cm; … … 15681 17925 goto end; 15682 17926 #endif 15683 curr = (byte*)XSTRNSTR((char*)curr, END_X509_CRL, (unsigned int)sz); 15684 } 15685 else if (XSTRNSTR((char*)curr, BEGIN_CERT, (unsigned int)sz) != NULL) { 17927 curr = (byte*)XSTRNSTR((char*)curr, footer, (unsigned int)sz); 17928 } 17929 else if (wc_PemGetHeaderFooter(CERT_TYPE, &header, &footer) == 0 && 17930 XSTRNSTR((char*)curr, header, (unsigned int)sz) != NULL) { 15686 17931 x509 = wolfSSL_X509_load_certificate_buffer(curr, (int)sz, 15687 17932 WOLFSSL_FILETYPE_PEM); … … 15692 17937 if (ret != WOLFSSL_SUCCESS) 15693 17938 goto end; 15694 curr = (byte*)XSTRNSTR((char*)curr, END_CERT, (unsigned int)sz);17939 curr = (byte*)XSTRNSTR((char*)curr, footer, (unsigned int)sz); 15695 17940 } 15696 17941 else … … 15719 17964 } 15720 17965 15721 15722 17966 WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_hash_dir(void) 15723 17967 { … … 15738 17982 WOLFSSL_X509_LOOKUP_METHOD* m) 15739 17983 { 17984 if (store == NULL) 17985 return NULL; 17986 15740 17987 /* Method is a dummy value and is not needed. */ 15741 17988 (void)m; … … 15747 17994 15748 17995 #ifndef NO_CERTS 17996 /* Converts the X509 to DER format and outputs it into bio. 17997 * 17998 * bio is the structure to hold output DER 17999 * x509 certificate to create DER from 18000 * 18001 * returns WOLFSSL_SUCCESS on success 18002 */ 18003 int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509) 18004 { 18005 WOLFSSL_ENTER("wolfSSL_i2d_X509_bio"); 18006 18007 if (bio == NULL || x509 == NULL) { 18008 return WOLFSSL_FAILURE; 18009 } 18010 18011 if (x509->derCert != NULL) { 18012 word32 len = x509->derCert->length; 18013 byte* der = x509->derCert->buffer; 18014 18015 if (wolfSSL_BIO_write(bio, der, len) == (int)len) { 18016 return SSL_SUCCESS; 18017 } 18018 } 18019 18020 return WOLFSSL_FAILURE; 18021 } 18022 18023 18024 /* Converts an internal structure to a DER buffer 18025 * 18026 * x509 structure to get DER buffer from 18027 * out buffer to hold result. If NULL then *out is NULL then a new buffer is 18028 * created. 18029 * 18030 * returns the size of the DER result on success 18031 */ 18032 int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out) 18033 { 18034 const unsigned char* der; 18035 int derSz = 0; 18036 18037 if (x509 == NULL || out == NULL) { 18038 return BAD_FUNC_ARG; 18039 } 18040 18041 der = wolfSSL_X509_get_der(x509, &derSz); 18042 if (der == NULL) { 18043 return MEMORY_E; 18044 } 18045 18046 if (*out == NULL) { 18047 *out = (unsigned char*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_OPENSSL); 18048 if (*out == NULL) { 18049 return MEMORY_E; 18050 } 18051 } 18052 18053 XMEMCPY(*out, der, derSz); 18054 18055 return derSz; 18056 } 18057 18058 18059 /* Converts the DER from bio and creates a WOLFSSL_X509 structure from it. 18060 * 18061 * bio is the structure holding DER 18062 * x509 certificate to create from DER. Can be NULL 18063 * 18064 * returns pointer to WOLFSSL_X509 structure on success and NULL on fail 18065 */ 15749 18066 WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509) 15750 18067 { … … 15831 18148 15832 18149 15833 /* return 1 on success, 0 on failure */ 18150 /* helper function to get DER buffer from WOLFSSL_EVP_PKEY */ 18151 static int wolfSSL_i2d_PrivateKey(WOLFSSL_EVP_PKEY* key, unsigned char** der) 18152 { 18153 *der = (unsigned char*)key->pkey.ptr; 18154 18155 return key->pkey_sz; 18156 } 18157 18158 18159 18160 /* Creates a new WC_PKCS12 structure 18161 * 18162 * pass password to use 18163 * name friendlyName to use 18164 * pkey private key to go into PKCS12 bundle 18165 * cert certificate to go into PKCS12 bundle 18166 * ca extra certificates that can be added to bundle. Can be NULL 18167 * keyNID type of encryption to use on the key (-1 means no encryption) 18168 * certNID type of ecnryption to use on the certificate 18169 * itt number of iterations with encryption 18170 * macItt number of iterations with mac creation 18171 * keyType flag for signature and/or encryption key 18172 * 18173 * returns a pointer to a new WC_PKCS12 structure on success and NULL on fail 18174 */ 18175 WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name, 18176 WOLFSSL_EVP_PKEY* pkey, WOLFSSL_X509* cert, 18177 WOLF_STACK_OF(WOLFSSL_X509)* ca, 18178 int keyNID, int certNID, int itt, int macItt, int keyType) 18179 { 18180 WC_PKCS12* pkcs12; 18181 WC_DerCertList* list = NULL; 18182 word32 passSz; 18183 byte* keyDer; 18184 word32 keyDerSz; 18185 byte* certDer; 18186 int certDerSz; 18187 18188 int ret; 18189 18190 WOLFSSL_ENTER("wolfSSL_PKCS12_create()"); 18191 18192 if (pass == NULL || pkey == NULL || cert == NULL) { 18193 WOLFSSL_LEAVE("wolfSSL_PKCS12_create()", BAD_FUNC_ARG); 18194 return NULL; 18195 } 18196 passSz = (word32)XSTRLEN(pass); 18197 18198 if ((ret = wolfSSL_i2d_PrivateKey(pkey, &keyDer)) < 0) { 18199 WOLFSSL_LEAVE("wolfSSL_PKCS12_create", ret); 18200 return NULL; 18201 } 18202 keyDerSz = ret; 18203 18204 certDer = (byte*)wolfSSL_X509_get_der(cert, &certDerSz); 18205 if (certDer == NULL) { 18206 return NULL; 18207 } 18208 18209 if (ca != NULL) { 18210 WC_DerCertList* cur; 18211 unsigned long numCerts = ca->num; 18212 byte* curDer; 18213 int curDerSz = 0; 18214 WOLFSSL_STACK* sk = ca; 18215 18216 while (numCerts > 0 && sk != NULL) { 18217 cur = (WC_DerCertList*)XMALLOC(sizeof(WC_DerCertList), NULL, 18218 DYNAMIC_TYPE_PKCS); 18219 if (cur == NULL) { 18220 wc_FreeCertList(list, NULL); 18221 return NULL; 18222 } 18223 18224 curDer = (byte*)wolfSSL_X509_get_der(sk->data.x509, &curDerSz); 18225 if (curDer == NULL || curDerSz < 0) { 18226 XFREE(cur, NULL, DYNAMIC_TYPE_PKCS); 18227 wc_FreeCertList(list, NULL); 18228 return NULL; 18229 } 18230 18231 cur->buffer = (byte*)XMALLOC(curDerSz, NULL, DYNAMIC_TYPE_PKCS); 18232 if (cur->buffer == NULL) { 18233 XFREE(cur, NULL, DYNAMIC_TYPE_PKCS); 18234 wc_FreeCertList(list, NULL); 18235 return NULL; 18236 } 18237 XMEMCPY(cur->buffer, curDer, curDerSz); 18238 cur->bufferSz = curDerSz; 18239 cur->next = list; 18240 list = cur; 18241 18242 sk = sk->next; 18243 numCerts--; 18244 } 18245 } 18246 18247 pkcs12 = wc_PKCS12_create(pass, passSz, name, keyDer, keyDerSz, 18248 certDer, certDerSz, list, keyNID, certNID, itt, macItt, 18249 keyType, NULL); 18250 18251 if (ca != NULL) { 18252 wc_FreeCertList(list, NULL); 18253 } 18254 18255 return pkcs12; 18256 } 18257 18258 18259 /* return WOLFSSL_SUCCESS on success, WOLFSSL_FAILURE on failure */ 15834 18260 int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, 15835 18261 WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, WOLF_STACK_OF(WOLFSSL_X509)** ca) … … 15846 18272 WOLFSSL_ENTER("wolfSSL_PKCS12_parse"); 15847 18273 18274 /* make sure we init return args */ 18275 if (pkey) *pkey = NULL; 18276 if (cert) *cert = NULL; 18277 if (ca) *ca = NULL; 18278 15848 18279 if (pkcs12 == NULL || psw == NULL || pkey == NULL || cert == NULL) { 15849 18280 WOLFSSL_MSG("Bad argument value"); 15850 return 0;18281 return WOLFSSL_FAILURE; 15851 18282 } 15852 18283 15853 18284 heap = wc_PKCS12_GetHeap(pkcs12); 15854 *pkey = NULL;15855 *cert = NULL;15856 18285 15857 18286 if (ca == NULL) { … … 15860 18289 } 15861 18290 else { 15862 *ca = NULL;15863 18291 ret = wc_PKCS12_parse(pkcs12, psw, &pk, &pkSz, &certData, &certDataSz, 15864 18292 &certList); … … 15866 18294 if (ret < 0) { 15867 18295 WOLFSSL_LEAVE("wolfSSL_PKCS12_parse", ret); 15868 return 0;18296 return WOLFSSL_FAILURE; 15869 18297 } 15870 18298 … … 15890 18318 current = next; 15891 18319 } 15892 return 0;18320 return WOLFSSL_FAILURE; 15893 18321 } 15894 18322 XMEMSET(*ca, 0, sizeof(WOLF_STACK_OF(WOLFSSL_X509))); … … 15928 18356 current = next; 15929 18357 } 15930 return 0;18358 return WOLFSSL_FAILURE; 15931 18359 } 15932 18360 FreeDecodedCert(&DeCert); … … 15951 18379 current = next; 15952 18380 } 15953 return 0;18381 return WOLFSSL_FAILURE; 15954 18382 } 15955 18383 } … … 15973 18401 } 15974 18402 XFREE(certData, heap, DYNAMIC_TYPE_PKCS); 15975 return 0;18403 return WOLFSSL_FAILURE; 15976 18404 } 15977 18405 InitX509(*cert, 1, heap); … … 15990 18418 } 15991 18419 wolfSSL_X509_free(*cert); *cert = NULL; 15992 return 0;18420 return WOLFSSL_FAILURE; 15993 18421 } 15994 18422 FreeDecodedCert(&DeCert); … … 16000 18428 ret = BAD_STATE_E; 16001 18429 if (pk != NULL) { /* decode key if present */ 16002 /* using dynamic type public key because of wolfSSL_EVP_PKEY_free */ 16003 *pkey = (WOLFSSL_EVP_PKEY*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY), 16004 heap, DYNAMIC_TYPE_PUBLIC_KEY); 18430 *pkey = wolfSSL_PKEY_new_ex(heap); 16005 18431 if (*pkey == NULL) { 16006 18432 wolfSSL_X509_free(*cert); *cert = NULL; … … 16009 18435 } 16010 18436 XFREE(pk, heap, DYNAMIC_TYPE_PUBLIC_KEY); 16011 return 0;18437 return WOLFSSL_FAILURE; 16012 18438 } 16013 18439 #ifndef NO_RSA … … 16022 18448 if ((ret = wc_RsaPrivateKeyDecode(pk, &keyIdx, &key, pkSz)) 16023 18449 == 0) { 16024 (*pkey)->type = RSAk; 18450 (*pkey)->type = EVP_PKEY_RSA; 18451 (*pkey)->rsa = wolfSSL_RSA_new(); 18452 (*pkey)->ownRsa = 1; /* we own RSA */ 18453 if ((*pkey)->rsa == NULL) { 18454 WOLFSSL_MSG("issue creating EVP RSA key"); 18455 wolfSSL_X509_free(*cert); *cert = NULL; 18456 if (ca != NULL) { 18457 wolfSSL_sk_X509_free(*ca); *ca = NULL; 18458 } 18459 wolfSSL_EVP_PKEY_free(*pkey); *pkey = NULL; 18460 XFREE(pk, heap, DYNAMIC_TYPE_PKCS); 18461 return WOLFSSL_FAILURE; 18462 } 18463 if ((ret = wolfSSL_RSA_LoadDer_ex((*pkey)->rsa, pk, pkSz, 18464 WOLFSSL_RSA_LOAD_PRIVATE)) != SSL_SUCCESS) { 18465 WOLFSSL_MSG("issue loading RSA key"); 18466 wolfSSL_X509_free(*cert); *cert = NULL; 18467 if (ca != NULL) { 18468 wolfSSL_sk_X509_free(*ca); *ca = NULL; 18469 } 18470 wolfSSL_EVP_PKEY_free(*pkey); *pkey = NULL; 18471 XFREE(pk, heap, DYNAMIC_TYPE_PKCS); 18472 return WOLFSSL_FAILURE; 18473 } 18474 16025 18475 WOLFSSL_MSG("Found PKCS12 RSA key"); 18476 ret = 0; /* set in success state for upcoming ECC check */ 16026 18477 } 16027 18478 wc_FreeRsaKey(&key); … … 16041 18492 wolfSSL_sk_X509_free(*ca); *ca = NULL; 16042 18493 } 16043 XFREE(*pkey, heap, DYNAMIC_TYPE_PUBLIC_KEY); *pkey = NULL;16044 XFREE(pk, heap, DYNAMIC_TYPE_P UBLIC_KEY);16045 return 0;18494 wolfSSL_EVP_PKEY_free(*pkey); *pkey = NULL; 18495 XFREE(pk, heap, DYNAMIC_TYPE_PKCS); 18496 return WOLFSSL_FAILURE; 16046 18497 } 16047 18498 … … 16052 18503 wolfSSL_sk_X509_free(*ca); *ca = NULL; 16053 18504 } 16054 XFREE(*pkey, heap, DYNAMIC_TYPE_PUBLIC_KEY); *pkey = NULL;16055 XFREE(pk, heap, DYNAMIC_TYPE_P UBLIC_KEY);18505 wolfSSL_EVP_PKEY_free(*pkey); *pkey = NULL; 18506 XFREE(pk, heap, DYNAMIC_TYPE_PKCS); 16056 18507 WOLFSSL_MSG("Bad PKCS12 key format"); 16057 return 0;18508 return WOLFSSL_FAILURE; 16058 18509 } 16059 (*pkey)->type = E CDSAk;18510 (*pkey)->type = EVP_PKEY_EC; 16060 18511 (*pkey)->pkey_curve = key.dp->oidSum; 16061 18512 wc_ecc_free(&key); … … 16069 18520 wolfSSL_sk_X509_free(*ca); *ca = NULL; 16070 18521 } 16071 XFREE(*pkey, heap, DYNAMIC_TYPE_PUBLIC_KEY); *pkey = NULL;16072 XFREE(pk, heap, DYNAMIC_TYPE_P UBLIC_KEY);18522 wolfSSL_EVP_PKEY_free(*pkey); *pkey = NULL; 18523 XFREE(pk, heap, DYNAMIC_TYPE_PKCS); 16073 18524 WOLFSSL_MSG("Bad PKCS12 key format"); 16074 return 0;18525 return WOLFSSL_FAILURE; 16075 18526 } 16076 18527 #endif /* HAVE_ECC */ … … 16084 18535 (void)ca; 16085 18536 16086 return 1;18537 return WOLFSSL_SUCCESS; 16087 18538 } 16088 18539 #endif /* !defined(NO_ASN) && !defined(NO_PWDBASED) */ … … 16100 18551 WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get_chain(WOLFSSL_X509_STORE_CTX* ctx) 16101 18552 { 18553 WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_get_chain"); 18554 16102 18555 if (ctx == NULL) { 16103 18556 return NULL; 16104 18557 } 18558 18559 #ifdef SESSION_CERTS 18560 /* if chain is null but sesChain is available then populate stack */ 18561 if (ctx->chain == NULL && ctx->sesChain != NULL) { 18562 int i; 18563 WOLFSSL_X509_CHAIN* c = ctx->sesChain; 18564 WOLFSSL_STACK* sk = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK), 18565 NULL, DYNAMIC_TYPE_X509); 18566 18567 if (sk == NULL) { 18568 return NULL; 18569 } 18570 18571 XMEMSET(sk, 0, sizeof(WOLFSSL_STACK)); 18572 ctx->chain = sk; 18573 18574 for (i = 0; i < c->count && i < MAX_CHAIN_DEPTH; i++) { 18575 WOLFSSL_X509* x509 = wolfSSL_get_chain_X509(c, i); 18576 18577 if (x509 == NULL) { 18578 WOLFSSL_MSG("Unable to get x509 from chain"); 18579 wolfSSL_sk_X509_free(sk); 18580 return NULL; 18581 } 18582 18583 if (wolfSSL_sk_X509_push(sk, x509) != SSL_SUCCESS) { 18584 WOLFSSL_MSG("Unable to load x509 into stack"); 18585 wolfSSL_sk_X509_free(sk); 18586 wolfSSL_X509_free(x509); 18587 return NULL; 18588 } 18589 } 18590 18591 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) 18592 /* add CA used to verify top of chain to the list */ 18593 if (c->count > 0) { 18594 WOLFSSL_X509* x509 = wolfSSL_get_chain_X509(c, c->count - 1); 18595 if (x509 != NULL) { 18596 WOLFSSL_X509* issuer = NULL; 18597 if (wolfSSL_X509_STORE_CTX_get1_issuer(&issuer, ctx, x509) 18598 == WOLFSSL_SUCCESS) { 18599 /* check that the certificate being looked up is not self 18600 * signed and that a issuer was found */ 18601 if (issuer != NULL && wolfSSL_X509_NAME_cmp(&x509->issuer, 18602 &x509->subject) != 0) { 18603 if (wolfSSL_sk_X509_push(sk, issuer) != SSL_SUCCESS) { 18604 WOLFSSL_MSG("Unable to load CA x509 into stack"); 18605 wolfSSL_sk_X509_free(sk); 18606 wolfSSL_X509_free(issuer); 18607 return NULL; 18608 } 18609 } 18610 else { 18611 WOLFSSL_MSG("Certificate is self signed"); 18612 } 18613 } 18614 else { 18615 WOLFSSL_MSG("Could not find CA for certificate"); 18616 } 18617 } 18618 } 18619 #endif 18620 18621 } 18622 #endif /* SESSION_CERTS */ 16105 18623 16106 18624 return ctx->chain; … … 16136 18654 } 16137 18655 16138 16139 18656 WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void) 16140 18657 { 16141 18658 WOLFSSL_X509_STORE* store = NULL; 16142 18659 16143 store = (WOLFSSL_X509_STORE*)XMALLOC(sizeof(WOLFSSL_X509_STORE), NULL, 16144 DYNAMIC_TYPE_X509_STORE); 16145 if (store != NULL) { 16146 store->cm = wolfSSL_CertManagerNew(); 16147 if (store->cm == NULL) { 16148 XFREE(store, NULL, DYNAMIC_TYPE_X509_STORE); 16149 store = NULL; 16150 } 16151 else 16152 store->isDynamic = 1; 16153 } 18660 if((store = (WOLFSSL_X509_STORE*)XMALLOC(sizeof(WOLFSSL_X509_STORE), NULL, 18661 DYNAMIC_TYPE_X509_STORE)) == NULL) 18662 goto err_exit; 18663 18664 if((store->cm = wolfSSL_CertManagerNew()) == NULL) 18665 goto err_exit; 18666 18667 store->isDynamic = 1; 18668 18669 #ifdef HAVE_CRL 18670 store->crl = NULL; 18671 if((store->crl = (WOLFSSL_X509_CRL *)XMALLOC(sizeof(WOLFSSL_X509_CRL), 18672 NULL, DYNAMIC_TYPE_TMP_BUFFER)) == NULL) 18673 goto err_exit; 18674 if(InitCRL(store->crl, NULL) < 0) 18675 goto err_exit; 18676 #endif 16154 18677 16155 18678 return store; 18679 18680 err_exit: 18681 if(store == NULL) 18682 return NULL; 18683 if(store->cm != NULL) 18684 wolfSSL_CertManagerFree(store->cm); 18685 #ifdef HAVE_CRL 18686 if(store->crl != NULL) 18687 wolfSSL_X509_CRL_free(store->crl); 18688 #endif 18689 wolfSSL_X509_STORE_free(store); 18690 18691 return NULL; 16156 18692 } 16157 18693 … … 16161 18697 if (store != NULL && store->isDynamic) { 16162 18698 if (store->cm != NULL) 16163 wolfSSL_CertManagerFree(store->cm); 18699 wolfSSL_CertManagerFree(store->cm); 18700 #ifdef HAVE_CRL 18701 if (store->crl != NULL) 18702 wolfSSL_X509_CRL_free(store->crl); 18703 #endif 16164 18704 XFREE(store, NULL, DYNAMIC_TYPE_X509_STORE); 16165 18705 } … … 16172 18712 16173 18713 WOLFSSL_ENTER("wolfSSL_X509_STORE_set_flags"); 18714 18715 if (store == NULL) 18716 return WOLFSSL_FAILURE; 16174 18717 16175 18718 if ((flag & WOLFSSL_CRL_CHECKALL) || (flag & WOLFSSL_CRL_CHECK)) { … … 16190 18733 } 16191 18734 16192 18735 #ifndef NO_WOLFSSL_STUB 16193 18736 int wolfSSL_X509_STORE_get_by_subject(WOLFSSL_X509_STORE_CTX* ctx, int idx, 16194 18737 WOLFSSL_X509_NAME* name, WOLFSSL_X509_OBJECT* obj) … … 16198 18741 (void)name; 16199 18742 (void)obj; 18743 WOLFSSL_STUB("X509_STORE_get_by_subject"); 16200 18744 return 0; 16201 18745 } 16202 18746 #endif 16203 18747 16204 18748 WOLFSSL_X509_STORE_CTX* wolfSSL_X509_STORE_CTX_new(void) … … 16207 18751 sizeof(WOLFSSL_X509_STORE_CTX), NULL, 16208 18752 DYNAMIC_TYPE_X509_CTX); 16209 if (ctx != NULL) 18753 if (ctx != NULL) { 18754 ctx->param = NULL; 16210 18755 wolfSSL_X509_STORE_CTX_init(ctx, NULL, NULL, NULL); 18756 } 16211 18757 16212 18758 return ctx; … … 16221 18767 if (ctx != NULL) { 16222 18768 ctx->store = store; 18769 #ifndef WOLFSSL_X509_STORE_CERTS 16223 18770 ctx->current_cert = x509; 18771 #else 18772 if(x509 != NULL){ 18773 ctx->current_cert = wolfSSL_X509_d2i(NULL, x509->derCert->buffer,x509->derCert->length); 18774 if(ctx->current_cert == NULL) 18775 return WOLFSSL_FATAL_ERROR; 18776 } else 18777 ctx->current_cert = NULL; 18778 #endif 18779 16224 18780 ctx->chain = sk; 16225 18781 ctx->domain = NULL; … … 16231 18787 ctx->error_depth = 0; 16232 18788 ctx->discardSessionCerts = 0; 16233 return WOLFSSL_SUCCESS; 18789 #ifdef OPENSSL_EXTRA 18790 if (ctx->param == NULL) { 18791 ctx->param = (WOLFSSL_X509_VERIFY_PARAM*)XMALLOC( 18792 sizeof(WOLFSSL_X509_VERIFY_PARAM), 18793 NULL,DYNAMIC_TYPE_OPENSSL); 18794 if (ctx->param == NULL){ 18795 WOLFSSL_MSG("wolfSSL_X509_STORE_CTX_init failed"); 18796 return SSL_FATAL_ERROR; 18797 } 18798 } 18799 #endif 18800 return SSL_SUCCESS; 16234 18801 } 16235 18802 return WOLFSSL_FATAL_ERROR; … … 16242 18809 if (ctx->store != NULL) 16243 18810 wolfSSL_X509_STORE_free(ctx->store); 18811 #ifndef WOLFSSL_KEEP_STORE_CERTS 16244 18812 if (ctx->current_cert != NULL) 16245 18813 wolfSSL_FreeX509(ctx->current_cert); 18814 #endif 16246 18815 if (ctx->chain != NULL) 16247 18816 wolfSSL_sk_X509_free(ctx->chain); 18817 #ifdef OPENSSL_EXTRA 18818 if (ctx->param != NULL){ 18819 XFREE(ctx->param,NULL,DYNAMIC_TYPE_OPENSSL); 18820 } 18821 #endif 16248 18822 XFREE(ctx, NULL, DYNAMIC_TYPE_X509_CTX); 16249 18823 } … … 16254 18828 { 16255 18829 (void)ctx; 18830 /* Do nothing */ 16256 18831 } 16257 18832 … … 16270 18845 #endif /* NO_CERTS */ 16271 18846 16272 18847 #if !defined(NO_FILESYSTEM) 18848 static void *wolfSSL_d2i_X509_fp_ex(XFILE file, void **x509, int type) 18849 { 18850 void *newx509 = NULL; 18851 DerBuffer* der = NULL; 18852 byte *fileBuffer = NULL; 18853 18854 if (file != XBADFILE) 18855 { 18856 long sz = 0; 18857 18858 if(XFSEEK(file, 0, XSEEK_END) != 0) 18859 return NULL; 18860 sz = XFTELL(file); 18861 XREWIND(file); 18862 18863 if (sz < 0) 18864 { 18865 WOLFSSL_MSG("Bad tell on FILE"); 18866 return NULL; 18867 } 18868 18869 fileBuffer = (byte *)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE); 18870 if (fileBuffer != NULL) 18871 { 18872 if((long)XFREAD(fileBuffer, 1, sz, file) != sz) 18873 { 18874 WOLFSSL_MSG("File read failed"); 18875 goto err_exit; 18876 } 18877 if(type == CERT_TYPE) 18878 newx509 = (void *)wolfSSL_X509_d2i(NULL, fileBuffer, (int)sz); 18879 #ifdef HAVE_CRL 18880 else if(type == CRL_TYPE) 18881 newx509 = (void *)wolfSSL_d2i_X509_CRL(NULL, fileBuffer, (int)sz); 18882 #endif 18883 #if !defined(NO_ASN) && !defined(NO_PWDBASED) 18884 else if(type == PKCS12_TYPE){ 18885 if((newx509 = wc_PKCS12_new()) == NULL) 18886 goto err_exit; 18887 if(wc_d2i_PKCS12(fileBuffer, (int)sz, (WC_PKCS12*)newx509) < 0) 18888 goto err_exit; 18889 } 18890 #endif 18891 else goto err_exit; 18892 if(newx509 == NULL) 18893 { 18894 WOLFSSL_MSG("X509 failed"); 18895 goto err_exit; 18896 } 18897 } 18898 } 18899 if (x509 != NULL) 18900 *x509 = newx509; 18901 18902 goto _exit; 18903 18904 err_exit: 18905 if(newx509 != NULL){ 18906 if(type == CERT_TYPE) 18907 wolfSSL_X509_free((WOLFSSL_X509*)newx509); 18908 #ifdef HAVE_CRL 18909 else { 18910 if(type == CRL_TYPE) 18911 wolfSSL_X509_CRL_free((WOLFSSL_X509_CRL*)newx509); 18912 } 18913 #endif 18914 } 18915 _exit: 18916 if(der != NULL) 18917 FreeDer(&der); 18918 if(fileBuffer != NULL) 18919 XFREE(fileBuffer, NULL, DYNAMIC_TYPE_FILE); 18920 return newx509; 18921 } 18922 18923 WOLFSSL_X509_PKCS12 *wolfSSL_d2i_PKCS12_fp(XFILE fp, WOLFSSL_X509_PKCS12 **pkcs12) 18924 { 18925 WOLFSSL_ENTER("wolfSSL_d2i_PKCS12_fp"); 18926 return (WOLFSSL_X509_PKCS12 *)wolfSSL_d2i_X509_fp_ex(fp, (void **)pkcs12, PKCS12_TYPE); 18927 } 18928 18929 WOLFSSL_X509 *wolfSSL_d2i_X509_fp(XFILE fp, WOLFSSL_X509 **x509) 18930 { 18931 WOLFSSL_ENTER("wolfSSL_d2i_X509_fp"); 18932 return (WOLFSSL_X509 *)wolfSSL_d2i_X509_fp_ex(fp, (void **)x509, CERT_TYPE); 18933 } 18934 #endif /* !NO_FILESYSTEM */ 18935 18936 18937 #ifdef HAVE_CRL 18938 #ifndef NO_FILESYSTEM 18939 WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE fp, WOLFSSL_X509_CRL **crl) 18940 { 18941 WOLFSSL_ENTER("wolfSSL_d2i_X509_CRL_fp"); 18942 return (WOLFSSL_X509_CRL *)wolfSSL_d2i_X509_fp_ex(fp, (void **)crl, CRL_TYPE); 18943 } 18944 #endif /* !NO_FILESYSTEM */ 18945 18946 18947 WOLFSSL_X509_CRL* wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL** crl, const unsigned char* in, int len) 18948 { 18949 WOLFSSL_X509_CRL *newcrl = NULL; 18950 int ret ; 18951 18952 WOLFSSL_ENTER("wolfSSL_d2i_X509_CRL"); 18953 18954 if(in == NULL){ 18955 WOLFSSL_MSG("Bad argument value"); 18956 return NULL; 18957 } 18958 18959 newcrl = (WOLFSSL_X509_CRL*)XMALLOC(sizeof(WOLFSSL_X509_CRL), NULL, DYNAMIC_TYPE_TMP_BUFFER); 18960 if (newcrl == NULL){ 18961 WOLFSSL_MSG("New CRL allocation failed"); 18962 return NULL; 18963 } 18964 if (InitCRL(newcrl, NULL) < 0) { 18965 WOLFSSL_MSG("Init tmp CRL failed"); 18966 goto err_exit; 18967 } 18968 ret = BufferLoadCRL(newcrl, in, len, WOLFSSL_FILETYPE_ASN1, 1); 18969 if (ret != WOLFSSL_SUCCESS){ 18970 WOLFSSL_MSG("Buffer Load CRL failed"); 18971 goto err_exit; 18972 } 18973 if(crl){ 18974 *crl = newcrl; 18975 } 18976 goto _exit; 18977 18978 err_exit: 18979 if(newcrl != NULL) 18980 wolfSSL_X509_CRL_free(newcrl); 18981 newcrl = NULL; 18982 _exit: 18983 return newcrl; 18984 } 18985 18986 void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl) 18987 { 18988 WOLFSSL_ENTER("wolfSSL_X509_CRL_free"); 18989 18990 FreeCRL(crl, 1); 18991 return; 18992 } 18993 #endif /* HAVE_CRL */ 18994 18995 #ifndef NO_WOLFSSL_STUB 16273 18996 WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl) 16274 18997 { 16275 18998 (void)crl; 18999 WOLFSSL_STUB("X509_CRL_get_lastUpdate"); 16276 19000 return 0; 16277 19001 } 16278 16279 19002 #endif 19003 #ifndef NO_WOLFSSL_STUB 16280 19004 WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL* crl) 16281 19005 { 16282 19006 (void)crl; 19007 WOLFSSL_STUB("X509_CRL_get_nextUpdate"); 16283 19008 return 0; 16284 19009 } 16285 16286 16287 16288 WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509) 16289 { 16290 WOLFSSL_EVP_PKEY* key = NULL; 16291 if (x509 != NULL) { 16292 key = (WOLFSSL_EVP_PKEY*)XMALLOC( 16293 sizeof(WOLFSSL_EVP_PKEY), x509->heap, 16294 DYNAMIC_TYPE_PUBLIC_KEY); 16295 if (key != NULL) { 16296 key->type = x509->pubKeyOID; 16297 key->save_type = 0; 16298 key->pkey.ptr = (char*)XMALLOC( 16299 x509->pubKey.length, x509->heap, 16300 DYNAMIC_TYPE_PUBLIC_KEY); 16301 if (key->pkey.ptr == NULL) { 16302 XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY); 16303 return NULL; 16304 } 16305 XMEMCPY(key->pkey.ptr, 16306 x509->pubKey.buffer, x509->pubKey.length); 16307 key->pkey_sz = x509->pubKey.length; 16308 #ifdef HAVE_ECC 16309 key->pkey_curve = (int)x509->pkCurveOID; 16310 #endif /* HAVE_ECC */ 16311 } 16312 } 16313 return key; 16314 } 16315 16316 19010 #endif 19011 19012 19013 #ifndef NO_WOLFSSL_STUB 16317 19014 int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL* crl, WOLFSSL_EVP_PKEY* key) 16318 19015 { 16319 19016 (void)crl; 16320 19017 (void)key; 19018 WOLFSSL_STUB("X509_CRL_verify"); 16321 19019 return 0; 16322 19020 } 16323 16324 16325 void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX* ctx, int err) 16326 { 16327 (void)ctx; 16328 (void)err; 16329 } 16330 16331 16332 void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT* obj) 16333 { 16334 (void)obj; 16335 } 16336 16337 16338 WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new() 19021 #endif 19022 #endif /* OPENSSL_EXTRA */ 19023 19024 #if defined(OPENSSL_EXTRA_X509_SMALL) 19025 /* Subset of OPENSSL_EXTRA for PKEY operations PKEY free is needed by the 19026 * subset of X509 API */ 19027 19028 WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new(void){ 19029 return wolfSSL_PKEY_new_ex(NULL); 19030 } 19031 19032 19033 WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new_ex(void* heap) 16339 19034 { 16340 19035 WOLFSSL_EVP_PKEY* pkey; 16341 16342 pkey = (WOLFSSL_EVP_PKEY*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY), NULL, 19036 int ret; 19037 WOLFSSL_ENTER("wolfSSL_PKEY_new"); 19038 pkey = (WOLFSSL_EVP_PKEY*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY), heap, 16343 19039 DYNAMIC_TYPE_PUBLIC_KEY); 16344 19040 if (pkey != NULL) { 16345 19041 XMEMSET(pkey, 0, sizeof(WOLFSSL_EVP_PKEY)); 19042 pkey->heap = heap; 19043 pkey->type = WOLFSSL_EVP_PKEY_DEFAULT; 19044 #ifndef HAVE_FIPS 19045 ret = wc_InitRng_ex(&pkey->rng, heap, INVALID_DEVID); 19046 #else 19047 ret = wc_InitRng(&pkey->rng); 19048 #endif 19049 if (ret != 0){ 19050 wolfSSL_EVP_PKEY_free(pkey); 19051 WOLFSSL_MSG("memory falure"); 19052 return NULL; 19053 } 19054 } 19055 else { 19056 WOLFSSL_MSG("memory failure"); 16346 19057 } 16347 19058 … … 16352 19063 void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) 16353 19064 { 19065 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_free"); 16354 19066 if (key != NULL) { 16355 if (key->pkey.ptr != NULL) 16356 XFREE(key->pkey.ptr, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 16357 XFREE(key, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 16358 } 16359 } 16360 16361 19067 wc_FreeRng(&key->rng); 19068 19069 if (key->pkey.ptr != NULL) { 19070 XFREE(key->pkey.ptr, key->heap, DYNAMIC_TYPE_PUBLIC_KEY); 19071 key->pkey.ptr = NULL; 19072 } 19073 switch(key->type) 19074 { 19075 #ifndef NO_RSA 19076 case EVP_PKEY_RSA: 19077 if (key->rsa != NULL && key->ownRsa == 1) { 19078 wolfSSL_RSA_free(key->rsa); 19079 key->rsa = NULL; 19080 } 19081 break; 19082 #endif /* NO_RSA */ 19083 19084 #ifdef HAVE_ECC 19085 case EVP_PKEY_EC: 19086 if (key->ecc != NULL && key->ownEcc == 1) { 19087 wolfSSL_EC_KEY_free(key->ecc); 19088 key->ecc = NULL; 19089 } 19090 break; 19091 #endif /* HAVE_ECC */ 19092 19093 default: 19094 break; 19095 } 19096 XFREE(key, key->heap, DYNAMIC_TYPE_PUBLIC_KEY); 19097 } 19098 } 19099 #endif /* OPENSSL_EXTRA_X509_SMALL */ 19100 19101 19102 #ifdef OPENSSL_EXTRA 19103 19104 void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX* ctx, 19105 unsigned long flags, 19106 time_t t) 19107 { 19108 (void)flags; 19109 19110 if (ctx == NULL || ctx->param == NULL) 19111 return; 19112 19113 ctx->param->check_time = t; 19114 ctx->param->flags |= WOLFSSL_USE_CHECK_TIME; 19115 } 19116 19117 #ifndef NO_WOLFSSL_STUB 19118 void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT* obj) 19119 { 19120 (void)obj; 19121 WOLFSSL_STUB("X509_OBJECT_free_contents"); 19122 } 19123 #endif 19124 19125 #ifndef NO_WOLFSSL_STUB 16362 19126 int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME* asnTime) 16363 19127 { 16364 19128 (void)asnTime; 19129 WOLFSSL_STUB("X509_cmp_current_time"); 16365 19130 return 0; 16366 19131 } 16367 16368 19132 #endif 19133 19134 #ifndef NO_WOLFSSL_STUB 16369 19135 int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED* revoked) 16370 19136 { 16371 19137 (void)revoked; 19138 WOLFSSL_STUB("sk_X509_REVOKED_num"); 16372 19139 return 0; 16373 19140 } 16374 16375 16376 19141 #endif 19142 19143 #ifndef NO_WOLFSSL_STUB 16377 19144 WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL* crl) 16378 19145 { 16379 19146 (void)crl; 19147 WOLFSSL_STUB("X509_CRL_get_REVOKED"); 16380 19148 return 0; 16381 19149 } 16382 16383 19150 #endif 19151 19152 #ifndef NO_WOLFSSL_STUB 16384 19153 WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value( 16385 19154 WOLFSSL_X509_REVOKED* revoked, int value) … … 16387 19156 (void)revoked; 16388 19157 (void)value; 19158 WOLFSSL_STUB("sk_X509_REVOKED_value"); 16389 19159 return 0; 16390 19160 } 16391 19161 #endif 19162 19163 /* Used to create a new WOLFSSL_ASN1_INTEGER structure. 19164 * returns a pointer to new structure on success and NULL on failure 19165 */ 19166 WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_new(void) 19167 { 19168 WOLFSSL_ASN1_INTEGER* a; 19169 19170 a = (WOLFSSL_ASN1_INTEGER*)XMALLOC(sizeof(WOLFSSL_ASN1_INTEGER), NULL, 19171 DYNAMIC_TYPE_OPENSSL); 19172 if (a == NULL) { 19173 return NULL; 19174 } 19175 19176 XMEMSET(a, 0, sizeof(WOLFSSL_ASN1_INTEGER)); 19177 a->data = a->intData; 19178 a->dataMax = WOLFSSL_ASN1_INTEGER_MAX; 19179 return a; 19180 } 19181 19182 19183 /* free's internal elements of WOLFSSL_ASN1_INTEGER and free's "in" itself */ 19184 void wolfSSL_ASN1_INTEGER_free(WOLFSSL_ASN1_INTEGER* in) 19185 { 19186 if (in != NULL) { 19187 if (in->isDynamic) { 19188 XFREE(in->data, NULL, DYNAMIC_TYPE_OPENSSL); 19189 } 19190 XFREE(in, NULL, DYNAMIC_TYPE_OPENSSL); 19191 } 19192 } 16392 19193 16393 19194 … … 16399 19200 WOLFSSL_ENTER("wolfSSL_X509_get_serialNumber"); 16400 19201 16401 a = (WOLFSSL_ASN1_INTEGER*)XMALLOC(sizeof(WOLFSSL_ASN1_INTEGER), NULL, 16402 DYNAMIC_TYPE_OPENSSL); 19202 a = wolfSSL_ASN1_INTEGER_new(); 16403 19203 if (a == NULL) 16404 19204 return NULL; 16405 19205 16406 19206 /* Make sure there is space for the data, ASN.1 type and length. */ 16407 if (x509->serialSz > (int)(sizeof(WOLFSSL_ASN1_INTEGER) - 2)) { 16408 XFREE(a, NULL, DYNAMIC_TYPE_OPENSSL); 16409 return NULL; 19207 if (x509->serialSz > (WOLFSSL_ASN1_INTEGER_MAX - 2)) { 19208 /* dynamicly create data buffer, +2 for type and length */ 19209 a->data = (unsigned char*)XMALLOC(x509->serialSz + 2, NULL, 19210 DYNAMIC_TYPE_OPENSSL); 19211 if (a->data == NULL) { 19212 wolfSSL_ASN1_INTEGER_free(a); 19213 return NULL; 19214 } 19215 a->dataMax = x509->serialSz + 2; 19216 a->isDynamic = 1; 16410 19217 } 16411 19218 16412 19219 a->data[i++] = ASN_INTEGER; 16413 a->data[i++] = (unsigned char)x509->serialSz;19220 i += SetLength(x509->serialSz, a->data + i); 16414 19221 XMEMCPY(&a->data[i], x509->serial, x509->serialSz); 16415 19222 … … 16417 19224 } 16418 19225 19226 #endif /* OPENSSL_EXTRA */ 16419 19227 16420 19228 #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \ 16421 defined(WOLFSSL_HAPROXY) 19229 defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) 16422 19230 int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime) 16423 19231 { … … 16474 19282 return buf; 16475 19283 } 16476 #endif /* WOLFSSL_MYSQL_COMPATIBLE */ 16477 16478 19284 #endif /* WOLFSSL_MYSQL_COMPATIBLE || WOLFSSL_NGINX || WOLFSSL_HAPROXY || 19285 OPENSSL_EXTRA*/ 19286 19287 19288 #ifdef OPENSSL_EXTRA 19289 19290 #if !defined(NO_ASN_TIME) && !defined(USER_TIME) && \ 19291 !defined(TIME_OVERRIDES) && !defined(NO_FILESYSTEM) 19292 19293 WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME *s, time_t t, 19294 int offset_day, long offset_sec) 19295 { 19296 const time_t sec_per_day = 24*60*60; 19297 struct tm* ts = NULL; 19298 struct tm* tmpTime = NULL; 19299 time_t t_adj = 0; 19300 time_t offset_day_sec = 0; 19301 19302 #if defined(NEED_TMP_TIME) 19303 struct tm tmpTimeStorage; 19304 tmpTime = &tmpTimeStorage; 19305 #else 19306 (void)tmpTime; 19307 #endif 19308 19309 WOLFSSL_ENTER("wolfSSL_ASN1_TIME_adj"); 19310 19311 if (s == NULL){ 19312 s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, 19313 DYNAMIC_TYPE_OPENSSL); 19314 if (s == NULL){ 19315 return NULL; 19316 } 19317 } 19318 19319 /* compute GMT time with offset */ 19320 offset_day_sec = offset_day * sec_per_day; 19321 t_adj = t + offset_day_sec + offset_sec; 19322 ts = (struct tm *)XGMTIME(&t_adj, tmpTime); 19323 if (ts == NULL){ 19324 WOLFSSL_MSG("failed to get time data."); 19325 XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL); 19326 return NULL; 19327 } 19328 19329 /* create ASN1 time notation */ 19330 /* UTC Time */ 19331 if (ts->tm_year >= 50 && ts->tm_year < 150){ 19332 char utc_str[ASN_UTC_TIME_SIZE]; 19333 int utc_year = 0,utc_mon,utc_day,utc_hour,utc_min,utc_sec; 19334 byte *data_ptr = NULL; 19335 19336 if (ts->tm_year >= 50 && ts->tm_year < 100){ 19337 utc_year = ts->tm_year; 19338 } else if (ts->tm_year >= 100 && ts->tm_year < 150){ 19339 utc_year = ts->tm_year - 100; 19340 } 19341 utc_mon = ts->tm_mon + 1; 19342 utc_day = ts->tm_mday; 19343 utc_hour = ts->tm_hour; 19344 utc_min = ts->tm_min; 19345 utc_sec = ts->tm_sec; 19346 XSNPRINTF((char *)utc_str, ASN_UTC_TIME_SIZE, 19347 "%02d%02d%02d%02d%02d%02dZ", 19348 utc_year, utc_mon, utc_day, utc_hour, utc_min, utc_sec); 19349 data_ptr = s->data; 19350 *data_ptr = (byte) ASN_UTC_TIME; data_ptr++; 19351 *data_ptr = (byte) ASN_UTC_TIME_SIZE; data_ptr++; 19352 XMEMCPY(data_ptr,(byte *)utc_str, ASN_UTC_TIME_SIZE); 19353 /* GeneralizedTime */ 19354 } else { 19355 char gt_str[ASN_GENERALIZED_TIME_MAX]; 19356 int gt_year,gt_mon,gt_day,gt_hour,gt_min,gt_sec; 19357 byte *data_ptr = NULL; 19358 19359 gt_year = ts->tm_year + 1900; 19360 gt_mon = ts->tm_mon + 1; 19361 gt_day = ts->tm_mday; 19362 gt_hour = ts->tm_hour; 19363 gt_min = ts->tm_min; 19364 gt_sec = ts->tm_sec; 19365 XSNPRINTF((char *)gt_str, ASN_GENERALIZED_TIME_MAX, 19366 "%4d%02d%02d%02d%02d%02dZ", 19367 gt_year, gt_mon, gt_day, gt_hour, gt_min,gt_sec); 19368 data_ptr = s->data; 19369 *data_ptr = (byte) ASN_GENERALIZED_TIME; data_ptr++; 19370 *data_ptr = (byte) ASN_GENERALIZED_TIME_SIZE; data_ptr++; 19371 XMEMCPY(data_ptr,(byte *)gt_str, ASN_GENERALIZED_TIME_SIZE); 19372 } 19373 19374 return s; 19375 } 19376 #endif /* !NO_ASN_TIME && !USER_TIME && !TIME_OVERRIDES && !NO_FILESYSTEM */ 19377 19378 #ifndef NO_WOLFSSL_STUB 16479 19379 int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a, 16480 19380 const WOLFSSL_ASN1_INTEGER* b) … … 16482 19382 (void)a; 16483 19383 (void)b; 19384 WOLFSSL_STUB("ASN1_INTEGER_cmp"); 16484 19385 return 0; 16485 19386 } 16486 16487 19387 #endif 19388 19389 #ifndef NO_WOLFSSL_STUB 16488 19390 long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* i) 16489 19391 { 16490 19392 (void)i; 19393 WOLFSSL_STUB("ASN1_INTEGER_get"); 16491 19394 return 0; 16492 19395 } 19396 #endif 16493 19397 16494 19398 … … 16507 19411 16508 19412 19413 /* Gets an index to store SSL structure at. 19414 * 19415 * Returns positive index on success and negative values on failure 19416 */ 16509 19417 int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void) 16510 19418 { 16511 19419 WOLFSSL_ENTER("wolfSSL_get_ex_data_X509_STORE_CTX_idx"); 19420 19421 /* store SSL at index 0 */ 16512 19422 return 0; 16513 19423 } 16514 19424 16515 19425 19426 /* Set an error stat in the X509 STORE CTX 19427 * 19428 */ 19429 void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX* ctx, int er) 19430 { 19431 WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_set_error"); 19432 19433 if (ctx != NULL) { 19434 ctx->error = er; 19435 } 19436 } 19437 19438 19439 /* Sets a function callback that will send information about the state of all 19440 * WOLFSSL objects that have been created by the WOLFSSL_CTX structure passed 19441 * in. 19442 * 19443 * ctx WOLFSSL_CTX structre to set callback function in 19444 * f callback function to use 19445 */ 16516 19446 void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx, 16517 19447 void (*f)(const WOLFSSL* ssl, int type, int val)) 16518 19448 { 16519 (void)ctx; 16520 (void)f; 19449 WOLFSSL_ENTER("wolfSSL_CTX_set_info_callback"); 19450 if (ctx == NULL) { 19451 WOLFSSL_MSG("Bad function argument"); 19452 } 19453 else { 19454 ctx->CBIS = f; 19455 } 16521 19456 } 16522 19457 … … 16526 19461 WOLFSSL_ENTER("wolfSSL_ERR_peek_error"); 16527 19462 16528 #ifdef OPENSSL_EXTRA16529 19463 return wolfSSL_ERR_peek_error_line_data(NULL, NULL, NULL, NULL); 16530 #else 16531 return 0; 16532 #endif 16533 } 16534 16535 19464 } 19465 19466 19467 /* This function is to find global error values that are the same through out 19468 * all library version. With wolfSSL having only one set of error codes the 19469 * return value is pretty straight forward. The only thing needed is all wolfSSL 19470 * error values are typically negative. 19471 * 19472 * Returns the error reason 19473 */ 16536 19474 int wolfSSL_ERR_GET_REASON(unsigned long err) 16537 19475 { 16538 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 19476 int ret = (int)err; 19477 19478 WOLFSSL_ENTER("wolfSSL_ERR_GET_REASON"); 19479 19480 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 16539 19481 /* Nginx looks for this error to know to stop parsing certificates. */ 16540 19482 if (err == ((ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE)) 16541 19483 return PEM_R_NO_START_LINE; 16542 19484 #endif 16543 (void)err; 16544 return 0; 16545 } 16546 16547 16548 char* wolfSSL_alert_type_string_long(int alertID) 16549 { 16550 (void)alertID; 16551 return 0; 16552 } 16553 16554 16555 char* wolfSSL_alert_desc_string_long(int alertID) 16556 { 16557 (void)alertID; 16558 return 0; 16559 } 16560 16561 16562 char* wolfSSL_state_string_long(const WOLFSSL* ssl) 16563 { 16564 (void)ssl; 16565 return 0; 16566 } 16567 16568 19485 19486 /* check if error value is in range of wolfSSL errors */ 19487 ret = 0 - ret; /* setting as negative value */ 19488 /* wolfCrypt range is less than MAX (-100) 19489 wolfSSL range is MIN (-300) and lower */ 19490 if (ret < MAX_CODE_E) { 19491 return ret; 19492 } 19493 else { 19494 WOLFSSL_MSG("Not in range of typical error values"); 19495 ret = (int)err; 19496 } 19497 19498 return ret; 19499 } 19500 19501 19502 /* returns a string that describes the alert 19503 * 19504 * alertID the alert value to look up 19505 */ 19506 const char* wolfSSL_alert_type_string_long(int alertID) 19507 { 19508 WOLFSSL_ENTER("wolfSSL_aalert_type_string_long"); 19509 19510 switch (alertID) { 19511 case close_notify: 19512 { 19513 static const char close_notify_str[] = 19514 "close_notify"; 19515 return close_notify_str; 19516 } 19517 19518 case unexpected_message: 19519 { 19520 static const char unexpected_message_str[] = 19521 "unexpected_message"; 19522 return unexpected_message_str; 19523 } 19524 19525 case bad_record_mac: 19526 { 19527 static const char bad_record_mac_str[] = 19528 "bad_record_mac"; 19529 return bad_record_mac_str; 19530 } 19531 19532 case record_overflow: 19533 { 19534 static const char record_overflow_str[] = 19535 "record_overflow"; 19536 return record_overflow_str; 19537 } 19538 19539 case decompression_failure: 19540 { 19541 static const char decompression_failure_str[] = 19542 "decompression_failure"; 19543 return decompression_failure_str; 19544 } 19545 19546 case handshake_failure: 19547 { 19548 static const char handshake_failure_str[] = 19549 "handshake_failure"; 19550 return handshake_failure_str; 19551 } 19552 19553 case no_certificate: 19554 { 19555 static const char no_certificate_str[] = 19556 "no_certificate"; 19557 return no_certificate_str; 19558 } 19559 19560 case bad_certificate: 19561 { 19562 static const char bad_certificate_str[] = 19563 "bad_certificate"; 19564 return bad_certificate_str; 19565 } 19566 19567 case unsupported_certificate: 19568 { 19569 static const char unsupported_certificate_str[] = 19570 "unsupported_certificate"; 19571 return unsupported_certificate_str; 19572 } 19573 19574 case certificate_revoked: 19575 { 19576 static const char certificate_revoked_str[] = 19577 "certificate_revoked"; 19578 return certificate_revoked_str; 19579 } 19580 19581 case certificate_expired: 19582 { 19583 static const char certificate_expired_str[] = 19584 "certificate_expired"; 19585 return certificate_expired_str; 19586 } 19587 19588 case certificate_unknown: 19589 { 19590 static const char certificate_unknown_str[] = 19591 "certificate_unknown"; 19592 return certificate_unknown_str; 19593 } 19594 19595 case illegal_parameter: 19596 { 19597 static const char illegal_parameter_str[] = 19598 "illegal_parameter"; 19599 return illegal_parameter_str; 19600 } 19601 19602 case decode_error: 19603 { 19604 static const char decode_error_str[] = 19605 "decode_error"; 19606 return decode_error_str; 19607 } 19608 19609 case decrypt_error: 19610 { 19611 static const char decrypt_error_str[] = 19612 "decrypt_error"; 19613 return decrypt_error_str; 19614 } 19615 19616 #ifdef WOLFSSL_MYSQL_COMPATIBLE 19617 /* catch name conflict for enum protocol with MYSQL build */ 19618 case wc_protocol_version: 19619 { 19620 static const char wc_protocol_version_str[] = 19621 "wc_protocol_version"; 19622 return wc_protocol_version_str; 19623 } 19624 19625 #else 19626 case protocol_version: 19627 { 19628 static const char protocol_version_str[] = 19629 "protocol_version"; 19630 return protocol_version_str; 19631 } 19632 19633 #endif 19634 case no_renegotiation: 19635 { 19636 static const char no_renegotiation_str[] = 19637 "no_renegotiation"; 19638 return no_renegotiation_str; 19639 } 19640 19641 case unrecognized_name: 19642 { 19643 static const char unrecognized_name_str[] = 19644 "unrecognized_name"; 19645 return unrecognized_name_str; 19646 } 19647 19648 case bad_certificate_status_response: 19649 { 19650 static const char bad_certificate_status_response_str[] = 19651 "bad_certificate_status_response"; 19652 return bad_certificate_status_response_str; 19653 } 19654 19655 case no_application_protocol: 19656 { 19657 static const char no_application_protocol_str[] = 19658 "no_application_protocol"; 19659 return no_application_protocol_str; 19660 } 19661 19662 default: 19663 WOLFSSL_MSG("Unknown Alert"); 19664 return NULL; 19665 } 19666 } 19667 19668 19669 const char* wolfSSL_alert_desc_string_long(int alertID) 19670 { 19671 WOLFSSL_ENTER("wolfSSL_alert_desc_string_long"); 19672 return wolfSSL_alert_type_string_long(alertID); 19673 } 19674 19675 19676 /* Gets the current state of the WOLFSSL structure 19677 * 19678 * ssl WOLFSSL structure to get state of 19679 * 19680 * Returns a human readable string of the WOLFSSL structure state 19681 */ 19682 const char* wolfSSL_state_string_long(const WOLFSSL* ssl) 19683 { 19684 19685 static const char* OUTPUT_STR[14][6][3] = { 19686 { 19687 {"SSLv3 Initialization","SSLv3 Initialization","SSLv3 Initialization"}, 19688 {"TLSv1 Initialization","TLSv2 Initialization","TLSv2 Initialization"}, 19689 {"TLSv1_1 Initialization","TLSv1_1 Initialization","TLSv1_1 Initialization"}, 19690 {"TLSv1_2 Initialization","TLSv1_2 Initialization","TLSv1_2 Initialization"}, 19691 {"DTLSv1 Initialization","DTLSv1 Initialization","DTLSv1 Initialization"}, 19692 {"DTLSv1_2 Initialization","DTLSv1_2 Initialization","DTLSv1_2 Initialization"}, 19693 }, 19694 { 19695 {"SSLv3 read Server Hello Verify Request", 19696 "SSLv3 write Server Hello Verify Request", 19697 "SSLv3 Server Hello Verify Request"}, 19698 {"TLSv1 read Server Hello Verify Request", 19699 "TLSv1 write Server Hello Verify Request", 19700 "TLSv1 Server Hello Verify Request"}, 19701 {"TLSv1_1 read Server Hello Verify Request", 19702 "TLSv1_1 write Server Hello Verify Request", 19703 "TLSv1_1 Server Hello Verify Request"}, 19704 {"TLSv1_2 read Server Hello Verify Request", 19705 "TLSv1_2 write Server Hello Verify Request", 19706 "TLSv1_2 Server Hello Verify Request"}, 19707 {"DTLSv1 read Server Hello Verify Request", 19708 "DTLSv1 write Server Hello Verify Request", 19709 "DTLSv1 Server Hello Verify Request"}, 19710 {"DTLSv1_2 read Server Hello Verify Request", 19711 "DTLSv1_2 write Server Hello Verify Request", 19712 "DTLSv1_2 Server Hello Verify Request"}, 19713 }, 19714 { 19715 {"SSLv3 read Server Hello", 19716 "SSLv3 write Server Hello", 19717 "SSLv3 Server Hello"}, 19718 {"TLSv1 read Server Hello", 19719 "TLSv1 write Server Hello", 19720 "TLSv1 Server Hello"}, 19721 {"TLSv1_1 read Server Hello", 19722 "TLSv1_1 write Server Hello", 19723 "TLSv1_1 Server Hello"}, 19724 {"TLSv1_2 read Server Hello", 19725 "TLSv1_2 write Server Hello", 19726 "TLSv1_2 Server Hello"}, 19727 {"DTLSv1 read Server Hello", 19728 "DTLSv1 write Server Hello", 19729 "DTLSv1 Server Hello"}, 19730 {"DTLSv1_2 read Server Hello" 19731 "DTLSv1_2 write Server Hello", 19732 "DTLSv1_2 Server Hello", 19733 }, 19734 }, 19735 { 19736 {"SSLv3 read Server Session Ticket", 19737 "SSLv3 write Server Session Ticket", 19738 "SSLv3 Server Session Ticket"}, 19739 {"TLSv1 read Server Session Ticket", 19740 "TLSv1 write Server Session Ticket", 19741 "TLSv1 Server Session Ticket"}, 19742 {"TLSv1_1 read Server Session Ticket", 19743 "TLSv1_1 write Server Session Ticket", 19744 "TLSv1_1 Server Session Ticket"}, 19745 {"TLSv1_2 read Server Session Ticket", 19746 "TLSv1_2 write Server Session Ticket", 19747 "TLSv1_2 Server Session Ticket"}, 19748 {"DTLSv1 read Server Session Ticket", 19749 "DTLSv1 write Server Session Ticket", 19750 "DTLSv1 Server Session Ticket"}, 19751 {"DTLSv1_2 read Server Session Ticket", 19752 "DTLSv1_2 write Server Session Ticket", 19753 "DTLSv1_2 Server Session Ticket"}, 19754 }, 19755 { 19756 {"SSLv3 read Server Cert", 19757 "SSLv3 write Server Cert", 19758 "SSLv3 Server Cert"}, 19759 {"TLSv1 read Server Cert", 19760 "TLSv1 write Server Cert", 19761 "TLSv1 Server Cert"}, 19762 {"TLSv1_1 read Server Cert", 19763 "TLSv1_1 write Server Cert", 19764 "TLSv1_1 Server Cert"}, 19765 {"TLSv1_2 read Server Cert", 19766 "TLSv1_2 write Server Cert", 19767 "TLSv1_2 Server Cert"}, 19768 {"DTLSv1 read Server Cert", 19769 "DTLSv1 write Server Cert", 19770 "DTLSv1 Server Cert"}, 19771 {"DTLSv1_2 read Server Cert", 19772 "DTLSv1_2 write Server Cert", 19773 "DTLSv1_2 Server Cert"}, 19774 }, 19775 { 19776 {"SSLv3 read Server Key Exchange", 19777 "SSLv3 write Server Key Exchange", 19778 "SSLv3 Server Key Exchange"}, 19779 {"TLSv1 read Server Key Exchange", 19780 "TLSv1 write Server Key Exchange", 19781 "TLSv1 Server Key Exchange"}, 19782 {"TLSv1_1 read Server Key Exchange", 19783 "TLSv1_1 write Server Key Exchange", 19784 "TLSv1_1 Server Key Exchange"}, 19785 {"TLSv1_2 read Server Key Exchange", 19786 "TLSv1_2 write Server Key Exchange", 19787 "TLSv1_2 Server Key Exchange"}, 19788 {"DTLSv1 read Server Key Exchange", 19789 "DTLSv1 write Server Key Exchange", 19790 "DTLSv1 Server Key Exchange"}, 19791 {"DTLSv1_2 read Server Key Exchange", 19792 "DTLSv1_2 write Server Key Exchange", 19793 "DTLSv1_2 Server Key Exchange"}, 19794 }, 19795 { 19796 {"SSLv3 read Server Hello Done", 19797 "SSLv3 write Server Hello Done", 19798 "SSLv3 Server Hello Done"}, 19799 {"TLSv1 read Server Hello Done", 19800 "TLSv1 write Server Hello Done", 19801 "TLSv1 Server Hello Done"}, 19802 {"TLSv1_1 read Server Hello Done", 19803 "TLSv1_1 write Server Hello Done", 19804 "TLSv1_1 Server Hello Done"}, 19805 {"TLSv1_2 read Server Hello Done", 19806 "TLSv1_2 write Server Hello Done", 19807 "TLSv1_2 Server Hello Done"}, 19808 {"DTLSv1 read Server Hello Done", 19809 "DTLSv1 write Server Hello Done", 19810 "DTLSv1 Server Hello Done"}, 19811 {"DTLSv1_2 read Server Hello Done", 19812 "DTLSv1_2 write Server Hello Done", 19813 "DTLSv1_2 Server Hello Done"}, 19814 }, 19815 { 19816 {"SSLv3 read Server Change CipherSpec", 19817 "SSLv3 write Server Change CipherSpec", 19818 "SSLv3 Server Change CipherSpec"}, 19819 {"TLSv1 read Server Change CipherSpec", 19820 "TLSv1 write Server Change CipherSpec", 19821 "TLSv1 Server Change CipherSpec"}, 19822 {"TLSv1_1 read Server Change CipherSpec", 19823 "TLSv1_1 write Server Change CipherSpec", 19824 "TLSv1_1 Server Change CipherSpec"}, 19825 {"TLSv1_2 read Server Change CipherSpec", 19826 "TLSv1_2 write Server Change CipherSpec", 19827 "TLSv1_2 Server Change CipherSpec"}, 19828 {"DTLSv1 read Server Change CipherSpec", 19829 "DTLSv1 write Server Change CipherSpec", 19830 "DTLSv1 Server Change CipherSpec"}, 19831 {"DTLSv1_2 read Server Change CipherSpec", 19832 "DTLSv1_2 write Server Change CipherSpec", 19833 "DTLSv1_2 Server Change CipherSpec"}, 19834 }, 19835 { 19836 {"SSLv3 read Server Finished", 19837 "SSLv3 write Server Finished", 19838 "SSLv3 Server Finished"}, 19839 {"TLSv1 read Server Finished", 19840 "TLSv1 write Server Finished", 19841 "TLSv1 Server Finished"}, 19842 {"TLSv1_1 read Server Finished", 19843 "TLSv1_1 write Server Finished", 19844 "TLSv1_1 Server Finished"}, 19845 {"TLSv1_2 read Server Finished", 19846 "TLSv1_2 write Server Finished", 19847 "TLSv1_2 Server Finished"}, 19848 {"DTLSv1 read Server Finished", 19849 "DTLSv1 write Server Finished", 19850 "DTLSv1 Server Finished"}, 19851 {"DTLSv1_2 read Server Finished", 19852 "DTLSv1_2 write Server Finished", 19853 "DTLSv1_2 Server Finished"}, 19854 }, 19855 { 19856 {"SSLv3 read Client Hello", 19857 "SSLv3 write Client Hello", 19858 "SSLv3 Client Hello"}, 19859 {"TLSv1 read Client Hello", 19860 "TLSv1 write Client Hello", 19861 "TLSv1 Client Hello"}, 19862 {"TLSv1_1 read Client Hello", 19863 "TLSv1_1 write Client Hello", 19864 "TLSv1_1 Client Hello"}, 19865 {"TLSv1_2 read Client Hello", 19866 "TLSv1_2 write Client Hello", 19867 "TLSv1_2 Client Hello"}, 19868 {"DTLSv1 read Client Hello", 19869 "DTLSv1 write Client Hello", 19870 "DTLSv1 Client Hello"}, 19871 {"DTLSv1_2 read Client Hello", 19872 "DTLSv1_2 write Client Hello", 19873 "DTLSv1_2 Client Hello"}, 19874 }, 19875 { 19876 {"SSLv3 read Client Key Exchange", 19877 "SSLv3 write Client Key Exchange", 19878 "SSLv3 Client Key Exchange"}, 19879 {"TLSv1 read Client Key Exchange", 19880 "TLSv1 write Client Key Exchange", 19881 "TLSv1 Client Key Exchange"}, 19882 {"TLSv1_1 read Client Key Exchange", 19883 "TLSv1_1 write Client Key Exchange", 19884 "TLSv1_1 Client Key Exchange"}, 19885 {"TLSv1_2 read Client Key Exchange", 19886 "TLSv1_2 write Client Key Exchange", 19887 "TLSv1_2 Client Key Exchange"}, 19888 {"DTLSv1 read Client Key Exchange", 19889 "DTLSv1 write Client Key Exchange", 19890 "DTLSv1 Client Key Exchange"}, 19891 {"DTLSv1_2 read Client Key Exchange", 19892 "DTLSv1_2 write Client Key Exchange", 19893 "DTLSv1_2 Client Key Exchange"}, 19894 }, 19895 { 19896 {"SSLv3 read Client Change CipherSpec", 19897 "SSLv3 write Client Change CipherSpec", 19898 "SSLv3 Client Change CipherSpec"}, 19899 {"TLSv1 read Client Change CipherSpec", 19900 "TLSv1 write Client Change CipherSpec", 19901 "TLSv1 Client Change CipherSpec"}, 19902 {"TLSv1_1 read Client Change CipherSpec", 19903 "TLSv1_1 write Client Change CipherSpec", 19904 "TLSv1_1 Client Change CipherSpec"}, 19905 {"TLSv1_2 read Client Change CipherSpec", 19906 "TLSv1_2 write Client Change CipherSpec", 19907 "TLSv1_2 Client Change CipherSpec"}, 19908 {"DTLSv1 read Client Change CipherSpec", 19909 "DTLSv1 write Client Change CipherSpec", 19910 "DTLSv1 Client Change CipherSpec"}, 19911 {"DTLSv1_2 read Client Change CipherSpec", 19912 "DTLSv1_2 write Client Change CipherSpec", 19913 "DTLSv1_2 Client Change CipherSpec"}, 19914 }, 19915 { 19916 {"SSLv3 read Client Finished", 19917 "SSLv3 write Client Finished", 19918 "SSLv3 Client Finished"}, 19919 {"TLSv1 read Client Finished", 19920 "TLSv1 write Client Finished", 19921 "TLSv1 Client Finished"}, 19922 {"TLSv1_1 read Client Finished", 19923 "TLSv1_1 write Client Finished", 19924 "TLSv1_1 Client Finished"}, 19925 {"TLSv1_2 read Client Finished", 19926 "TLSv1_2 write Client Finished", 19927 "TLSv1_2 Client Finished"}, 19928 {"DTLSv1 read Client Finished", 19929 "DTLSv1 write Client Finished", 19930 "DTLSv1 Client Finished"}, 19931 {"DTLSv1_2 read Client Finished", 19932 "DTLSv1_2 write Client Finished", 19933 "DTLSv1_2 Client Finished"}, 19934 }, 19935 { 19936 {"SSLv3 Handshake Done", 19937 "SSLv3 Handshake Done", 19938 "SSLv3 Handshake Done"}, 19939 {"TLSv1 Handshake Done", 19940 "TLSv1 Handshake Done", 19941 "TLSv1 Handshake Done"}, 19942 {"TLSv1_1 Handshake Done", 19943 "TLSv1_1 Handshake Done", 19944 "TLSv1_1 Handshake Done"}, 19945 {"TLSv1_2 Handshake Done", 19946 "TLSv1_2 Handshake Done", 19947 "TLSv1_2 Handshake Done"}, 19948 {"DTLSv1 Handshake Done", 19949 "DTLSv1 Handshake Done", 19950 "DTLSv1 Handshake Done"}, 19951 {"DTLSv1_2 Handshake Done" 19952 "DTLSv1_2 Handshake Done" 19953 "DTLSv1_2 Handshake Done"} 19954 } 19955 }; 19956 enum ProtocolVer { 19957 SSL_V3 = 0, 19958 TLS_V1, 19959 TLS_V1_1, 19960 TLS_V1_2, 19961 DTLS_V1, 19962 DTLS_V1_2, 19963 UNKNOWN = 100 19964 }; 19965 19966 enum IOMode { 19967 SS_READ = 0, 19968 SS_WRITE, 19969 SS_NEITHER 19970 }; 19971 19972 enum SslState { 19973 ss_null_state = 0, 19974 ss_server_helloverify, 19975 ss_server_hello, 19976 ss_sessionticket, 19977 ss_server_cert, 19978 ss_server_keyexchange, 19979 ss_server_hellodone, 19980 ss_server_changecipherspec, 19981 ss_server_finished, 19982 ss_client_hello, 19983 ss_client_keyexchange, 19984 ss_client_changecipherspec, 19985 ss_client_finished, 19986 ss_handshake_done 19987 }; 19988 19989 int protocol = 0; 19990 int cbmode = 0; 19991 int state = 0; 19992 19993 WOLFSSL_ENTER("wolfSSL_state_string_long"); 19994 if (ssl == NULL) { 19995 WOLFSSL_MSG("Null argument passed in"); 19996 return NULL; 19997 } 19998 19999 /* Get state of callback */ 20000 if (ssl->cbmode == SSL_CB_MODE_WRITE){ 20001 cbmode = SS_WRITE; 20002 } else if (ssl->cbmode == SSL_CB_MODE_READ){ 20003 cbmode = SS_READ; 20004 } else { 20005 cbmode = SS_NEITHER; 20006 } 20007 20008 /* Get protocol version */ 20009 switch (ssl->version.major){ 20010 case SSLv3_MAJOR: 20011 switch (ssl->version.minor){ 20012 case TLSv1_MINOR: 20013 protocol = TLS_V1; 20014 break; 20015 case TLSv1_1_MINOR: 20016 protocol = TLS_V1_1; 20017 break; 20018 case TLSv1_2_MINOR: 20019 protocol = TLS_V1_2; 20020 break; 20021 case SSLv3_MINOR: 20022 protocol = SSL_V3; 20023 break; 20024 default: 20025 protocol = UNKNOWN; 20026 } 20027 break; 20028 case DTLS_MAJOR: 20029 switch (ssl->version.minor){ 20030 case DTLS_MINOR: 20031 protocol = DTLS_V1; 20032 break; 20033 case DTLSv1_2_MINOR: 20034 protocol = DTLS_V1_2; 20035 break; 20036 default: 20037 protocol = UNKNOWN; 20038 } 20039 break; 20040 default: 20041 protocol = UNKNOWN; 20042 } 20043 20044 /* accept process */ 20045 if (ssl->cbmode == SSL_CB_MODE_READ){ 20046 state = ssl->cbtype; 20047 switch (state) { 20048 case hello_verify_request: 20049 state = ss_server_helloverify; 20050 break; 20051 case session_ticket: 20052 state = ss_sessionticket; 20053 break; 20054 case server_hello: 20055 state = ss_server_hello; 20056 break; 20057 case server_hello_done: 20058 state = ss_server_hellodone; 20059 break; 20060 case certificate: 20061 state = ss_server_cert; 20062 break; 20063 case server_key_exchange: 20064 state = ss_server_keyexchange; 20065 break; 20066 case client_hello: 20067 state = ss_client_hello; 20068 break; 20069 case client_key_exchange: 20070 state = ss_client_keyexchange; 20071 break; 20072 case finished: 20073 if (ssl->options.side == WOLFSSL_SERVER_END) 20074 state = ss_client_finished; 20075 else if (ssl->options.side == WOLFSSL_CLIENT_END) 20076 state = ss_server_finished; 20077 break; 20078 default: 20079 WOLFSSL_MSG("Unknown State"); 20080 state = ss_null_state; 20081 } 20082 } else { 20083 /* Send process */ 20084 if (ssl->options.side == WOLFSSL_SERVER_END) 20085 state = ssl->options.serverState; 20086 else 20087 state = ssl->options.clientState; 20088 20089 switch(state){ 20090 case SERVER_HELLOVERIFYREQUEST_COMPLETE: 20091 state = ss_server_helloverify; 20092 break; 20093 case SERVER_HELLO_COMPLETE: 20094 state = ss_server_hello; 20095 break; 20096 case SERVER_CERT_COMPLETE: 20097 state = ss_server_cert; 20098 break; 20099 case SERVER_KEYEXCHANGE_COMPLETE: 20100 state = ss_server_keyexchange; 20101 break; 20102 case SERVER_HELLODONE_COMPLETE: 20103 state = ss_server_hellodone; 20104 break; 20105 case SERVER_CHANGECIPHERSPEC_COMPLETE: 20106 state = ss_server_changecipherspec; 20107 break; 20108 case SERVER_FINISHED_COMPLETE: 20109 state = ss_server_finished; 20110 break; 20111 case CLIENT_HELLO_COMPLETE: 20112 state = ss_client_hello; 20113 break; 20114 case CLIENT_KEYEXCHANGE_COMPLETE: 20115 state = ss_client_keyexchange; 20116 break; 20117 case CLIENT_CHANGECIPHERSPEC_COMPLETE: 20118 state = ss_client_changecipherspec; 20119 break; 20120 case CLIENT_FINISHED_COMPLETE: 20121 state = ss_client_finished; 20122 break; 20123 case HANDSHAKE_DONE: 20124 state = ss_handshake_done; 20125 break; 20126 default: 20127 WOLFSSL_MSG("Unknown State"); 20128 state = ss_null_state; 20129 } 20130 } 20131 20132 if (protocol == UNKNOWN) 20133 return NULL; 20134 else 20135 return OUTPUT_STR[state][protocol][cbmode]; 20136 } 20137 20138 #ifndef NO_WOLFSSL_STUB 16569 20139 int wolfSSL_PEM_def_callback(char* name, int num, int w, void* key) 16570 20140 { … … 16573 20143 (void)w; 16574 20144 (void)key; 20145 WOLFSSL_STUB("PEM_def_callback"); 16575 20146 return 0; 16576 20147 } 16577 16578 16579 unsigned long wolfSSL_set_options(WOLFSSL* ssl, unsigned long op) 16580 { 16581 word16 haveRSA = 1; 16582 word16 havePSK = 0; 16583 int keySz = 0; 16584 16585 WOLFSSL_ENTER("wolfSSL_set_options"); 16586 16587 if (ssl == NULL) { 16588 return 0; 16589 } 16590 16591 /* if SSL_OP_ALL then turn all bug workarounds one */ 20148 #endif 20149 20150 #endif 20151 20152 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 20153 static long wolf_set_options(long old_op, long op) 20154 { 20155 /* if SSL_OP_ALL then turn all bug workarounds on */ 16592 20156 if ((op & SSL_OP_ALL) == SSL_OP_ALL) { 16593 20157 WOLFSSL_MSG("\tSSL_OP_ALL"); … … 16606 20170 } 16607 20171 16608 ssl->options.mask |= op;16609 16610 20172 /* by default cookie exchange is on with DTLS */ 16611 if (( ssl->options.mask& SSL_OP_COOKIE_EXCHANGE) == SSL_OP_COOKIE_EXCHANGE) {20173 if ((op & SSL_OP_COOKIE_EXCHANGE) == SSL_OP_COOKIE_EXCHANGE) { 16612 20174 WOLFSSL_MSG("\tSSL_OP_COOKIE_EXCHANGE : on by default"); 16613 20175 } 16614 20176 16615 if (( ssl->options.mask& WOLFSSL_OP_NO_SSLv2) == WOLFSSL_OP_NO_SSLv2) {20177 if ((op & WOLFSSL_OP_NO_SSLv2) == WOLFSSL_OP_NO_SSLv2) { 16616 20178 WOLFSSL_MSG("\tWOLFSSL_OP_NO_SSLv2 : wolfSSL does not support SSLv2"); 16617 20179 } 16618 20180 16619 if (( ssl->options.mask& SSL_OP_NO_TLSv1_3) == SSL_OP_NO_TLSv1_3) {20181 if ((op & SSL_OP_NO_TLSv1_3) == SSL_OP_NO_TLSv1_3) { 16620 20182 WOLFSSL_MSG("\tSSL_OP_NO_TLSv1_3"); 16621 if (ssl->version.minor == TLSv1_3_MINOR) 16622 ssl->version.minor = TLSv1_2_MINOR; 16623 } 16624 16625 if ((ssl->options.mask & SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2) { 20183 } 20184 20185 if ((op & SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2) { 16626 20186 WOLFSSL_MSG("\tSSL_OP_NO_TLSv1_2"); 16627 if (ssl->version.minor == TLSv1_2_MINOR) 16628 ssl->version.minor = TLSv1_1_MINOR; 16629 } 16630 16631 if ((ssl->options.mask & SSL_OP_NO_TLSv1_1) == SSL_OP_NO_TLSv1_1) { 20187 } 20188 20189 if ((op & SSL_OP_NO_TLSv1_1) == SSL_OP_NO_TLSv1_1) { 16632 20190 WOLFSSL_MSG("\tSSL_OP_NO_TLSv1_1"); 16633 if (ssl->version.minor == TLSv1_1_MINOR) 16634 ssl->version.minor = TLSv1_MINOR; 16635 } 16636 16637 if ((ssl->options.mask & SSL_OP_NO_TLSv1) == SSL_OP_NO_TLSv1) { 20191 } 20192 20193 if ((op & SSL_OP_NO_TLSv1) == SSL_OP_NO_TLSv1) { 16638 20194 WOLFSSL_MSG("\tSSL_OP_NO_TLSv1"); 16639 if (ssl->version.minor == TLSv1_MINOR) 16640 ssl->version.minor = SSLv3_MINOR; 16641 } 16642 16643 if ((ssl->options.mask & SSL_OP_NO_SSLv3) == SSL_OP_NO_SSLv3) { 20195 } 20196 20197 if ((op & SSL_OP_NO_SSLv3) == SSL_OP_NO_SSLv3) { 16644 20198 WOLFSSL_MSG("\tSSL_OP_NO_SSLv3"); 16645 20199 } 16646 20200 16647 if (( ssl->options.mask& SSL_OP_NO_COMPRESSION) == SSL_OP_NO_COMPRESSION) {20201 if ((op & SSL_OP_NO_COMPRESSION) == SSL_OP_NO_COMPRESSION) { 16648 20202 #ifdef HAVE_LIBZ 16649 20203 WOLFSSL_MSG("SSL_OP_NO_COMPRESSION"); 16650 ssl->options.usingCompression = 0;16651 20204 #else 16652 20205 WOLFSSL_MSG("SSL_OP_NO_COMPRESSION: compression not compiled in"); … … 16654 20207 } 16655 20208 20209 return old_op | op; 20210 } 20211 #endif 20212 20213 #ifdef OPENSSL_EXTRA 20214 long wolfSSL_set_options(WOLFSSL* ssl, long op) 20215 { 20216 word16 haveRSA = 1; 20217 word16 havePSK = 0; 20218 int keySz = 0; 20219 20220 WOLFSSL_ENTER("wolfSSL_set_options"); 20221 20222 if (ssl == NULL) { 20223 return 0; 20224 } 20225 20226 ssl->options.mask = wolf_set_options(ssl->options.mask, op); 20227 20228 if ((ssl->options.mask & SSL_OP_NO_TLSv1_3) == SSL_OP_NO_TLSv1_3) { 20229 if (ssl->version.minor == TLSv1_3_MINOR) 20230 ssl->version.minor = TLSv1_2_MINOR; 20231 } 20232 20233 if ((ssl->options.mask & SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2) { 20234 if (ssl->version.minor == TLSv1_2_MINOR) 20235 ssl->version.minor = TLSv1_1_MINOR; 20236 } 20237 20238 if ((ssl->options.mask & SSL_OP_NO_TLSv1_1) == SSL_OP_NO_TLSv1_1) { 20239 if (ssl->version.minor == TLSv1_1_MINOR) 20240 ssl->version.minor = TLSv1_MINOR; 20241 } 20242 20243 if ((ssl->options.mask & SSL_OP_NO_TLSv1) == SSL_OP_NO_TLSv1) { 20244 if (ssl->version.minor == TLSv1_MINOR) 20245 ssl->version.minor = SSLv3_MINOR; 20246 } 20247 20248 if ((ssl->options.mask & SSL_OP_NO_COMPRESSION) == SSL_OP_NO_COMPRESSION) { 20249 #ifdef HAVE_LIBZ 20250 ssl->options.usingCompression = 0; 20251 #endif 20252 } 20253 16656 20254 /* in the case of a version change the cipher suites should be reset */ 16657 #ifndef NO_PSK 16658 havePSK = ssl->options.havePSK; 16659 #endif 16660 #ifdef NO_RSA 16661 haveRSA = 0; 16662 #endif 16663 #ifndef NO_CERTS 16664 keySz = ssl->buffers.keySz; 16665 #endif 20255 #ifndef NO_PSK 20256 havePSK = ssl->options.havePSK; 20257 #endif 20258 #ifdef NO_RSA 20259 haveRSA = 0; 20260 #endif 20261 #ifndef NO_CERTS 20262 keySz = ssl->buffers.keySz; 20263 #endif 20264 16666 20265 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, 16667 20266 ssl->options.haveDH, ssl->options.haveNTRU, … … 16673 20272 16674 20273 16675 unsignedlong wolfSSL_get_options(const WOLFSSL* ssl)20274 long wolfSSL_get_options(const WOLFSSL* ssl) 16676 20275 { 16677 20276 WOLFSSL_ENTER("wolfSSL_get_options"); 16678 20277 if(ssl == NULL) 20278 return WOLFSSL_FAILURE; 16679 20279 return ssl->options.mask; 16680 20280 } 16681 20281 20282 long wolfSSL_clear_options(WOLFSSL* ssl, long opt) 20283 { 20284 WOLFSSL_ENTER("SSL_clear_options"); 20285 if(ssl == NULL) 20286 return WOLFSSL_FAILURE; 20287 ssl->options.mask &= ~opt; 20288 return ssl->options.mask; 20289 } 20290 16682 20291 /*** TBD ***/ 20292 #ifndef NO_WOLFSSL_STUB 16683 20293 WOLFSSL_API long wolfSSL_clear_num_renegotiations(WOLFSSL *s) 16684 20294 { 16685 20295 (void)s; 20296 WOLFSSL_STUB("SSL_clear_num_renegotiations"); 16686 20297 return 0; 16687 20298 } 20299 #endif 16688 20300 16689 20301 /*** TBD ***/ 20302 #ifndef NO_WOLFSSL_STUB 16690 20303 WOLFSSL_API long wolfSSL_total_renegotiations(WOLFSSL *s) 16691 20304 { 16692 20305 (void)s; 20306 WOLFSSL_STUB("SSL_total_renegotiations"); 16693 20307 return 0; 16694 20308 } 16695 20309 #endif 16696 20310 16697 20311 #ifndef NO_DH … … 16750 20364 #endif /* HAVE_PK_CALLBACKS */ 16751 20365 16752 #if def WOLFSSL_HAPROXY20366 #if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) 16753 20367 const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *sess, unsigned int *sid_ctx_length) 16754 20368 { … … 16759 20373 16760 20374 /*** TBD ***/ 20375 #ifndef NO_WOLFSSL_STUB 16761 20376 WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st) 16762 20377 { 16763 20378 (void)st; 16764 20379 WOLFSSL_STUB("wolfSSL_sk_SSL_COMP_zero"); 16765 / /wolfSSL_set_options(ssl, SSL_OP_NO_COMPRESSION);20380 /* wolfSSL_set_options(ssl, SSL_OP_NO_COMPRESSION); */ 16766 20381 return WOLFSSL_FAILURE; 16767 20382 } 16768 16769 16770 /*** TBD ***/ 16771 WOLFSSL_API long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type) 16772 { 16773 (void)s; 16774 (void)type; 16775 WOLFSSL_STUB("wolfSSL_set_tlsext_status_type"); 16776 return WOLFSSL_FAILURE; 16777 } 16778 16779 /*** TBD ***/ 20383 #endif 20384 20385 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST 20386 long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type) 20387 { 20388 WOLFSSL_ENTER("wolfSSL_set_tlsext_status_type"); 20389 20390 if (s == NULL){ 20391 return BAD_FUNC_ARG; 20392 } 20393 20394 if (type == TLSEXT_STATUSTYPE_ocsp){ 20395 int r = 0; 20396 r = TLSX_UseCertificateStatusRequest(&s->extensions, type, 0, s, 20397 s->heap, s->devId); 20398 return (long)r; 20399 } else { 20400 WOLFSSL_MSG( 20401 "SSL_set_tlsext_status_type only supports TLSEXT_STATUSTYPE_ocsp type."); 20402 return SSL_FAILURE; 20403 } 20404 20405 } 20406 #endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ 20407 20408 #ifndef NO_WOLFSSL_STUB 16780 20409 WOLFSSL_API long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg) 16781 20410 { … … 16785 20414 return WOLFSSL_FAILURE; 16786 20415 } 20416 #endif 16787 20417 16788 20418 /*** TBD ***/ 20419 #ifndef NO_WOLFSSL_STUB 16789 20420 WOLFSSL_API long wolfSSL_set_tlsext_status_exts(WOLFSSL *s, void *arg) 16790 20421 { … … 16794 20425 return WOLFSSL_FAILURE; 16795 20426 } 20427 #endif 16796 20428 16797 20429 /*** TBD ***/ 20430 #ifndef NO_WOLFSSL_STUB 16798 20431 WOLFSSL_API long wolfSSL_get_tlsext_status_ids(WOLFSSL *s, void *arg) 16799 20432 { … … 16803 20436 return WOLFSSL_FAILURE; 16804 20437 } 20438 #endif 16805 20439 16806 20440 /*** TBD ***/ 20441 #ifndef NO_WOLFSSL_STUB 16807 20442 WOLFSSL_API long wolfSSL_set_tlsext_status_ids(WOLFSSL *s, void *arg) 16808 20443 { … … 16812 20447 return WOLFSSL_FAILURE; 16813 20448 } 20449 #endif 16814 20450 16815 20451 /*** TBD ***/ 20452 #ifndef NO_WOLFSSL_STUB 16816 20453 WOLFSSL_API int SSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid, unsigned int sid_len) 16817 20454 { … … 16822 20459 return WOLFSSL_FAILURE; 16823 20460 } 16824 20461 #endif 20462 20463 #ifndef NO_WOLFSSL_STUB 16825 20464 /*** TBD ***/ 16826 20465 WOLFSSL_API int SSL_SESSION_set1_id_context(WOLFSSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len) … … 16832 20471 return WOLFSSL_FAILURE; 16833 20472 } 16834 20473 #endif 20474 20475 #ifndef NO_WOLFSSL_STUB 16835 20476 /*** TBD ***/ 16836 20477 WOLFSSL_API void *X509_get0_tbs_sigalg(const WOLFSSL_X509 *x) … … 16840 20481 return NULL; 16841 20482 } 16842 20483 #endif 20484 20485 #ifndef NO_WOLFSSL_STUB 16843 20486 /*** TBD ***/ 16844 20487 WOLFSSL_API void X509_ALGOR_get0(WOLFSSL_ASN1_OBJECT **paobj, int *pptype, const void **ppval, const void *algor) … … 16850 20493 WOLFSSL_STUB("X509_ALGOR_get0"); 16851 20494 } 16852 20495 #endif 20496 20497 #ifndef NO_WOLFSSL_STUB 16853 20498 /*** TBD ***/ 16854 20499 WOLFSSL_API void *X509_get_X509_PUBKEY(void * x) … … 16858 20503 return NULL; 16859 20504 } 16860 20505 #endif 20506 20507 #ifndef NO_WOLFSSL_STUB 16861 20508 /*** TBD ***/ 16862 20509 WOLFSSL_API int X509_PUBKEY_get0_param(WOLFSSL_ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, void **pa, WOLFSSL_EVP_PKEY *pub) … … 16870 20517 return WOLFSSL_FAILURE; 16871 20518 } 16872 20519 #endif 20520 20521 #ifndef NO_WOLFSSL_STUB 16873 20522 /*** TBD ***/ 16874 20523 WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_get_privatekey(const WOLFSSL *ssl) … … 16878 20527 return NULL; 16879 20528 } 16880 16881 /*** TBD ***/ 16882 WOLFSSL_API int EVP_PKEY_bits(WOLFSSL_EVP_PKEY *pkey) 16883 { 16884 (void)pkey; 16885 WOLFSSL_STUB("EVP_PKEY_bits"); 16886 return WOLFSSL_FAILURE; 16887 } 16888 16889 /*** TBD ***/ 16890 WOLFSSL_API int i2d_X509(WOLFSSL_X509 *x, unsigned char **out) 16891 { 16892 (void)x; 16893 (void)out; 16894 WOLFSSL_STUB("i2d_X509"); 16895 return -1; 16896 } 16897 20529 #endif 20530 20531 #ifndef NO_WOLFSSL_STUB 16898 20532 /*** TBD ***/ 16899 20533 WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a) … … 16905 20539 return -1; 16906 20540 } 16907 16908 #ifdef WOLFSSL_HAPROXY 20541 #endif 20542 20543 #if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) 20544 #ifndef NO_WOLFSSL_STUB 16909 20545 /*** TBD ***/ 16910 20546 WOLFSSL_API size_t SSL_get_finished(const WOLFSSL *s, void *buf, size_t count) … … 16916 20552 return WOLFSSL_FAILURE; 16917 20553 } 16918 20554 #endif 20555 20556 #ifndef NO_WOLFSSL_STUB 16919 20557 /*** TBD ***/ 16920 20558 WOLFSSL_API size_t SSL_get_peer_finished(const WOLFSSL *s, void *buf, size_t count) … … 16926 20564 return WOLFSSL_FAILURE; 16927 20565 } 20566 #endif 16928 20567 #endif /* WOLFSSL_HAPROXY */ 16929 20568 20569 #ifndef NO_WOLFSSL_STUB 16930 20570 /*** TBD ***/ 16931 20571 WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength)) … … 16935 20575 WOLFSSL_STUB("SSL_CTX_set_tmp_dh_callback"); 16936 20576 } 16937 20577 #endif 20578 20579 #ifndef NO_WOLFSSL_STUB 16938 20580 /*** TBD ***/ 16939 20581 WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) … … 16942 20584 return NULL; 16943 20585 } 16944 20586 #endif 20587 20588 #ifndef NO_WOLFSSL_STUB 16945 20589 /*** TBD ***/ 16946 20590 WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const void * p) … … 16950 20594 return -1; 16951 20595 } 20596 #endif 16952 20597 16953 20598 #if !defined(NO_FILESYSTEM) 20599 #ifndef NO_WOLFSSL_STUB 16954 20600 /*** TBD ***/ 16955 WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_X509(FILE *fp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u) 16956 { 16957 (void)fp; 16958 (void)x; 16959 (void)cb; 16960 (void)u; 16961 WOLFSSL_STUB("PEM_read_X509"); 16962 return NULL; 16963 } 16964 16965 /*** TBD ***/ 16966 WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey(FILE *fp, WOLFSSL_EVP_PKEY **x, pem_password_cb *cb, void *u) 20601 WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey(XFILE fp, WOLFSSL_EVP_PKEY **x, pem_password_cb *cb, void *u) 16967 20602 { 16968 20603 (void)fp; … … 16974 20609 } 16975 20610 #endif 16976 20611 #endif 20612 20613 #ifndef NO_WOLFSSL_STUB 16977 20614 /*** TBD ***/ 16978 20615 WOLFSSL_API int X509_STORE_load_locations(WOLFSSL_X509_STORE *ctx, const char *file, const char *dir) … … 16984 20621 return WOLFSSL_FAILURE; 16985 20622 } 16986 20623 #endif 20624 20625 #ifndef NO_WOLFSSL_STUB 16987 20626 /*** TBD ***/ 16988 20627 WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx) … … 16993 20632 return NULL; 16994 20633 } 20634 #endif 16995 20635 16996 20636 WOLFSSL_API void ERR_load_SSL_strings(void) … … 17009 20649 } 17010 20650 17011 WOLFSSL_API long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, 17012 unsigned char *resp, int len) 20651 WOLFSSL_API long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *resp, int len) 17013 20652 { 17014 20653 if (s == NULL) … … 17020 20659 return WOLFSSL_SUCCESS; 17021 20660 } 17022 #endif 20661 #endif /* HAVE_OCSP */ 17023 20662 17024 20663 long wolfSSL_get_verify_result(const WOLFSSL *ssl) … … 17032 20671 17033 20672 20673 #ifndef NO_WOLFSSL_STUB 20674 /* shows the number of accepts attempted by CTX in it's lifetime */ 17034 20675 long wolfSSL_CTX_sess_accept(WOLFSSL_CTX* ctx) 17035 20676 { 20677 WOLFSSL_STUB("wolfSSL_CTX_sess_accept"); 17036 20678 (void)ctx; 17037 20679 return 0; 17038 20680 } 17039 20681 #endif 20682 20683 #ifndef NO_WOLFSSL_STUB 20684 /* shows the number of connects attempted CTX in it's lifetime */ 17040 20685 long wolfSSL_CTX_sess_connect(WOLFSSL_CTX* ctx) 17041 20686 { 20687 WOLFSSL_STUB("wolfSSL_CTX_sess_connect"); 17042 20688 (void)ctx; 17043 20689 return 0; 17044 20690 } 17045 17046 20691 #endif 20692 20693 20694 #ifndef NO_WOLFSSL_STUB 20695 /* shows the number of accepts completed by CTX in it's lifetime */ 17047 20696 long wolfSSL_CTX_sess_accept_good(WOLFSSL_CTX* ctx) 17048 20697 { 20698 WOLFSSL_STUB("wolfSSL_CTX_sess_accept_good"); 17049 20699 (void)ctx; 17050 20700 return 0; 17051 20701 } 17052 17053 20702 #endif 20703 20704 20705 #ifndef NO_WOLFSSL_STUB 20706 /* shows the number of connects completed by CTX in it's lifetime */ 17054 20707 long wolfSSL_CTX_sess_connect_good(WOLFSSL_CTX* ctx) 17055 20708 { 20709 WOLFSSL_STUB("wolfSSL_CTX_sess_connect_good"); 17056 20710 (void)ctx; 17057 20711 return 0; 17058 20712 } 17059 17060 20713 #endif 20714 20715 20716 #ifndef NO_WOLFSSL_STUB 20717 /* shows the number of renegotiation accepts attempted by CTX */ 17061 20718 long wolfSSL_CTX_sess_accept_renegotiate(WOLFSSL_CTX* ctx) 17062 20719 { 20720 WOLFSSL_STUB("wolfSSL_CTX_sess_accept_renegotiate"); 17063 20721 (void)ctx; 17064 20722 return 0; 17065 20723 } 17066 17067 20724 #endif 20725 20726 20727 #ifndef NO_WOLFSSL_STUB 20728 /* shows the number of renegotiation accepts attempted by CTX */ 17068 20729 long wolfSSL_CTX_sess_connect_renegotiate(WOLFSSL_CTX* ctx) 17069 20730 { 20731 WOLFSSL_STUB("wolfSSL_CTX_sess_connect_renegotiate"); 17070 20732 (void)ctx; 17071 20733 return 0; 17072 20734 } 17073 17074 20735 #endif 20736 20737 20738 #ifndef NO_WOLFSSL_STUB 17075 20739 long wolfSSL_CTX_sess_hits(WOLFSSL_CTX* ctx) 17076 20740 { 20741 WOLFSSL_STUB("wolfSSL_CTX_sess_hits"); 17077 20742 (void)ctx; 17078 20743 return 0; 17079 20744 } 17080 17081 20745 #endif 20746 20747 20748 #ifndef NO_WOLFSSL_STUB 17082 20749 long wolfSSL_CTX_sess_cb_hits(WOLFSSL_CTX* ctx) 17083 20750 { 20751 WOLFSSL_STUB("wolfSSL_CTX_sess_cb_hits"); 17084 20752 (void)ctx; 17085 20753 return 0; 17086 20754 } 17087 17088 20755 #endif 20756 20757 20758 #ifndef NO_WOLFSSL_STUB 17089 20759 long wolfSSL_CTX_sess_cache_full(WOLFSSL_CTX* ctx) 17090 20760 { 20761 WOLFSSL_STUB("wolfSSL_CTX_sess_cache_full"); 17091 20762 (void)ctx; 17092 20763 return 0; 17093 20764 } 17094 17095 20765 #endif 20766 20767 20768 #ifndef NO_WOLFSSL_STUB 17096 20769 long wolfSSL_CTX_sess_misses(WOLFSSL_CTX* ctx) 17097 20770 { 20771 WOLFSSL_STUB("wolfSSL_CTX_sess_misses"); 17098 20772 (void)ctx; 17099 20773 return 0; 17100 20774 } 17101 17102 20775 #endif 20776 20777 20778 #ifndef NO_WOLFSSL_STUB 17103 20779 long wolfSSL_CTX_sess_timeouts(WOLFSSL_CTX* ctx) 17104 20780 { 20781 WOLFSSL_STUB("wolfSSL_CTX_sess_timeouts"); 17105 20782 (void)ctx; 17106 20783 return 0; 17107 20784 } 17108 17109 20785 #endif 20786 20787 20788 /* Return the total number of sessions */ 17110 20789 long wolfSSL_CTX_sess_number(WOLFSSL_CTX* ctx) 17111 20790 { 20791 word32 total = 0; 20792 20793 WOLFSSL_ENTER("wolfSSL_CTX_sess_number"); 17112 20794 (void)ctx; 17113 return 0; 20795 20796 #ifdef WOLFSSL_SESSION_STATS 20797 if (wolfSSL_get_session_stats(NULL, &total, NULL, NULL) != SSL_SUCCESS) { 20798 WOLFSSL_MSG("Error getting session stats"); 20799 } 20800 #else 20801 WOLFSSL_MSG("Please use macro WOLFSSL_SESSION_STATS for session stats"); 20802 #endif 20803 20804 return (long)total; 17114 20805 } 17115 20806 … … 17215 20906 17216 20907 17217 /*** TBC ***/ 20908 /* Get the session cache mode for CTX 20909 * 20910 * ctx WOLFSSL_CTX struct to get cache mode from 20911 * 20912 * Returns a bit mask that has the session cache mode */ 17218 20913 WOLFSSL_API long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX* ctx) 17219 20914 { 17220 (void)ctx; 17221 return 0; 20915 long m = 0; 20916 20917 WOLFSSL_ENTER("SSL_CTX_set_session_cache_mode"); 20918 20919 if (ctx == NULL) { 20920 return m; 20921 } 20922 20923 if (ctx->sessionCacheOff != 1) { 20924 m |= SSL_SESS_CACHE_SERVER; 20925 } 20926 20927 if (ctx->sessionCacheFlushOff == 1) { 20928 m |= SSL_SESS_CACHE_NO_AUTO_CLEAR; 20929 } 20930 20931 #ifdef HAVE_EXT_CACHE 20932 if (ctx->internalCacheOff == 1) { 20933 m |= SSL_SESS_CACHE_NO_INTERNAL_STORE; 20934 } 20935 #endif 20936 20937 return m; 17222 20938 } 17223 20939 … … 17294 21010 } 17295 21011 else { 17296 word32 i , mask, mask2;21012 word32 i; 17297 21013 word32 sz = sizeof(WOLFSSL_DES_key_schedule); 17298 21014 … … 17305 21021 /* check odd parity */ 17306 21022 for (i = 0; i < sz; i++) { 17307 unsigned char c = *((unsigned char*) key+ i);21023 unsigned char c = *((unsigned char*)myDes + i); 17308 21024 if (((c & 0x01) ^ 17309 21025 ((c >> 1) & 0x01) ^ … … 17319 21035 } 17320 21036 17321 /* check is not weak. Weak key list from Nist 17322 "Recommendation for the Triple 17323 Data Encryption Algorithm 17324 (TDEA) Block Cipher" */ 17325 mask = 0x01010101; mask2 = 0x01010101; 17326 if (DES_check(mask, mask2, *key)) { 21037 if (wolfSSL_DES_is_weak_key(myDes) == 1) { 17327 21038 WOLFSSL_MSG("Weak key found"); 17328 21039 return -2; 17329 21040 } 17330 21041 17331 mask = 0xFEFEFEFE; mask2 = 0xFEFEFEFE;17332 if (DES_check(mask, mask2, *key)) {17333 WOLFSSL_MSG("Weak key found");17334 return -2;17335 }17336 17337 mask = 0xE0E0E0E0; mask2 = 0xF1F1F1F1;17338 if (DES_check(mask, mask2, *key)) {17339 WOLFSSL_MSG("Weak key found");17340 return -2;17341 }17342 17343 mask = 0x1F1F1F1F; mask2 = 0x0E0E0E0E;17344 if (DES_check(mask, mask2, *key)) {17345 WOLFSSL_MSG("Weak key found");17346 return -2;17347 }17348 17349 /* semi-weak *key check (list from same Nist paper) */17350 mask = 0x011F011F; mask2 = 0x010E010E;17351 if (DES_check(mask, mask2, *key) ||17352 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {17353 WOLFSSL_MSG("Weak key found");17354 return -2;17355 }17356 17357 mask = 0x01E001E0; mask2 = 0x01F101F1;17358 if (DES_check(mask, mask2, *key) ||17359 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {17360 WOLFSSL_MSG("Weak key found");17361 return -2;17362 }17363 17364 mask = 0x01FE01FE; mask2 = 0x01FE01FE;17365 if (DES_check(mask, mask2, *key) ||17366 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {17367 WOLFSSL_MSG("Weak key found");17368 return -2;17369 }17370 17371 mask = 0x1FE01FE0; mask2 = 0x0EF10EF1;17372 if (DES_check(mask, mask2, *key) ||17373 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {17374 WOLFSSL_MSG("Weak key found");17375 return -2;17376 }17377 17378 mask = 0x1FFE1FFE; mask2 = 0x0EFE0EFE;17379 if (DES_check(mask, mask2, *key) ||17380 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {17381 WOLFSSL_MSG("Weak key found");17382 return -2;17383 }17384 17385 21042 /* passed tests, now copy over key */ 17386 21043 XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock)); … … 17391 21048 17392 21049 21050 /* check is not weak. Weak key list from Nist "Recommendation for the Triple 21051 * Data Encryption Algorithm (TDEA) Block Cipher" 21052 * 21053 * returns 1 if is weak 0 if not 21054 */ 21055 int wolfSSL_DES_is_weak_key(WOLFSSL_const_DES_cblock* key) 21056 { 21057 word32 mask, mask2; 21058 21059 WOLFSSL_ENTER("wolfSSL_DES_is_weak_key"); 21060 21061 if (key == NULL) { 21062 WOLFSSL_MSG("NULL key passed in"); 21063 return 1; 21064 } 21065 21066 mask = 0x01010101; mask2 = 0x01010101; 21067 if (DES_check(mask, mask2, *key)) { 21068 WOLFSSL_MSG("Weak key found"); 21069 return 1; 21070 } 21071 21072 mask = 0xFEFEFEFE; mask2 = 0xFEFEFEFE; 21073 if (DES_check(mask, mask2, *key)) { 21074 WOLFSSL_MSG("Weak key found"); 21075 return 1; 21076 } 21077 21078 mask = 0xE0E0E0E0; mask2 = 0xF1F1F1F1; 21079 if (DES_check(mask, mask2, *key)) { 21080 WOLFSSL_MSG("Weak key found"); 21081 return 1; 21082 } 21083 21084 mask = 0x1F1F1F1F; mask2 = 0x0E0E0E0E; 21085 if (DES_check(mask, mask2, *key)) { 21086 WOLFSSL_MSG("Weak key found"); 21087 return 1; 21088 } 21089 21090 /* semi-weak *key check (list from same Nist paper) */ 21091 mask = 0x011F011F; mask2 = 0x010E010E; 21092 if (DES_check(mask, mask2, *key) || 21093 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { 21094 WOLFSSL_MSG("Weak key found"); 21095 return 1; 21096 } 21097 21098 mask = 0x01E001E0; mask2 = 0x01F101F1; 21099 if (DES_check(mask, mask2, *key) || 21100 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { 21101 WOLFSSL_MSG("Weak key found"); 21102 return 1; 21103 } 21104 21105 mask = 0x01FE01FE; mask2 = 0x01FE01FE; 21106 if (DES_check(mask, mask2, *key) || 21107 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { 21108 WOLFSSL_MSG("Weak key found"); 21109 return 1; 21110 } 21111 21112 mask = 0x1FE01FE0; mask2 = 0x0EF10EF1; 21113 if (DES_check(mask, mask2, *key) || 21114 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { 21115 WOLFSSL_MSG("Weak key found"); 21116 return 1; 21117 } 21118 21119 mask = 0x1FFE1FFE; mask2 = 0x0EFE0EFE; 21120 if (DES_check(mask, mask2, *key) || 21121 DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { 21122 WOLFSSL_MSG("Weak key found"); 21123 return 1; 21124 } 21125 21126 return 0; 21127 } 21128 21129 17393 21130 void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes, 17394 21131 WOLFSSL_DES_key_schedule* key) … … 17400 21137 17401 21138 21139 /* Sets the parity of the DES key for use */ 17402 21140 void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes) 17403 21141 { 17404 (void)myDes; 17405 WOLFSSL_STUB("wolfSSL_DES_set_odd_parity"); 21142 word32 i; 21143 word32 sz = sizeof(WOLFSSL_DES_cblock); 21144 21145 WOLFSSL_ENTER("wolfSSL_DES_set_odd_parity"); 21146 21147 for (i = 0; i < sz; i++) { 21148 unsigned char c = *((unsigned char*)myDes + i); 21149 if (( 21150 ((c >> 1) & 0x01) ^ 21151 ((c >> 2) & 0x01) ^ 21152 ((c >> 3) & 0x01) ^ 21153 ((c >> 4) & 0x01) ^ 21154 ((c >> 5) & 0x01) ^ 21155 ((c >> 6) & 0x01) ^ 21156 ((c >> 7) & 0x01)) != 1) { 21157 WOLFSSL_MSG("Setting odd parity bit"); 21158 *((unsigned char*)myDes + i) = *((unsigned char*)myDes + i) | 0x01; 21159 } 21160 } 17406 21161 } 17407 21162 … … 17428 21183 return; 17429 21184 } 17430 if (wc_Des_EcbEncrypt(&myDes, (byte*) desb, 17431 (const byte*)desa, sizeof(WOLFSSL_DES_cblock)) != 0){ 17432 WOLFSSL_MSG("wc_Des_EcbEncrypt return error."); 21185 if (enc){ 21186 if (wc_Des_EcbEncrypt(&myDes, (byte*) desb, (const byte*) desa, 21187 sizeof(WOLFSSL_DES_cblock)) != 0){ 21188 WOLFSSL_MSG("wc_Des_EcbEncrpyt return error."); 21189 } 21190 } else { 21191 if (wc_Des_EcbDecrypt(&myDes, (byte*) desb, (const byte*) desa, 21192 sizeof(WOLFSSL_DES_cblock)) != 0){ 21193 WOLFSSL_MSG("wc_Des_EcbDecrpyt return error."); 21194 } 17433 21195 } 17434 21196 } … … 17438 21200 #endif /* NO_DES3 */ 17439 21201 21202 #ifndef NO_RC4 21203 /* Set the key state for Arc4 structure. 21204 * 21205 * key Arc4 structure to use 21206 * len length of data buffer 21207 * data initial state to set Arc4 structure 21208 */ 21209 void wolfSSL_RC4_set_key(WOLFSSL_RC4_KEY* key, int len, 21210 const unsigned char* data) 21211 { 21212 typedef char rc4_test[sizeof(WOLFSSL_RC4_KEY) >= sizeof(Arc4) ? 1 : -1]; 21213 (void)sizeof(rc4_test); 21214 21215 WOLFSSL_ENTER("wolfSSL_RC4_set_key"); 21216 21217 if (key == NULL || len < 0) { 21218 WOLFSSL_MSG("bad argument passed in"); 21219 return; 21220 } 21221 21222 XMEMSET(key, 0, sizeof(WOLFSSL_RC4_KEY)); 21223 wc_Arc4SetKey((Arc4*)key, data, (word32)len); 21224 } 21225 21226 21227 /* Encrypt/decrypt with Arc4 structure. 21228 * 21229 * len length of buffer to encrypt/decrypt (in/out) 21230 * in buffer to encrypt/decrypt 21231 * out results of encryption/decryption 21232 */ 21233 void wolfSSL_RC4(WOLFSSL_RC4_KEY* key, size_t len, 21234 const unsigned char* in, unsigned char* out) 21235 { 21236 WOLFSSL_ENTER("wolfSSL_RC4"); 21237 21238 if (key == NULL || in == NULL || out == NULL) { 21239 WOLFSSL_MSG("Bad argument passed in"); 21240 return; 21241 } 21242 21243 wc_Arc4Process((Arc4*)key, out, in, (word32)len); 21244 } 21245 #endif /* NO_RC4 */ 21246 21247 #ifndef NO_AES 21248 21249 #ifdef WOLFSSL_AES_DIRECT 21250 /* AES encrypt direct, it is expected to be blocks of AES_BLOCK_SIZE for input. 21251 * 21252 * input Data to encrypt 21253 * output Encrypted data after done 21254 * key AES key to use for encryption 21255 */ 21256 void wolfSSL_AES_encrypt(const unsigned char* input, unsigned char* output, 21257 AES_KEY *key) 21258 { 21259 WOLFSSL_ENTER("wolfSSL_AES_encrypt"); 21260 21261 if (input == NULL || output == NULL || key == NULL) { 21262 WOLFSSL_MSG("Null argument passed in"); 21263 return; 21264 } 21265 21266 wc_AesEncryptDirect((Aes*)key, output, input); 21267 } 21268 21269 21270 /* AES decrypt direct, it is expected to be blocks of AES_BLOCK_SIZE for input. 21271 * 21272 * input Data to decrypt 21273 * output Decrypted data after done 21274 * key AES key to use for encryption 21275 */ 21276 void wolfSSL_AES_decrypt(const unsigned char* input, unsigned char* output, 21277 AES_KEY *key) 21278 { 21279 WOLFSSL_ENTER("wolfSSL_AES_decrypt"); 21280 21281 if (input == NULL || output == NULL || key == NULL) { 21282 WOLFSSL_MSG("Null argument passed in"); 21283 return; 21284 } 21285 21286 wc_AesDecryptDirect((Aes*)key, output, input); 21287 } 21288 #endif /* WOLFSSL_AES_DIRECT */ 21289 21290 /* Setup of an AES key to use for encryption. 21291 * 21292 * key key in bytes to use for encryption 21293 * bits size of key in bits 21294 * aes AES structure to initialize 21295 */ 21296 int wolfSSL_AES_set_encrypt_key(const unsigned char *key, const int bits, 21297 AES_KEY *aes) 21298 { 21299 typedef char aes_test[sizeof(AES_KEY) >= sizeof(Aes) ? 1 : -1]; 21300 (void)sizeof(aes_test); 21301 21302 WOLFSSL_ENTER("wolfSSL_AES_set_encrypt_key"); 21303 21304 if (key == NULL || aes == NULL) { 21305 WOLFSSL_MSG("Null argument passed in"); 21306 return -1; 21307 } 21308 21309 XMEMSET(aes, 0, sizeof(AES_KEY)); 21310 if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, AES_ENCRYPTION) != 0) { 21311 WOLFSSL_MSG("Error in setting AES key"); 21312 return -1; 21313 } 21314 return 0; 21315 } 21316 21317 21318 /* Setup of an AES key to use for decryption. 21319 * 21320 * key key in bytes to use for decryption 21321 * bits size of key in bits 21322 * aes AES structure to initialize 21323 */ 21324 int wolfSSL_AES_set_decrypt_key(const unsigned char *key, const int bits, 21325 AES_KEY *aes) 21326 { 21327 typedef char aes_test[sizeof(AES_KEY) >= sizeof(Aes) ? 1 : -1]; 21328 (void)sizeof(aes_test); 21329 21330 WOLFSSL_ENTER("wolfSSL_AES_set_decrypt_key"); 21331 21332 if (key == NULL || aes == NULL) { 21333 WOLFSSL_MSG("Null argument passed in"); 21334 return -1; 21335 } 21336 21337 XMEMSET(aes, 0, sizeof(AES_KEY)); 21338 if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, AES_DECRYPTION) != 0) { 21339 WOLFSSL_MSG("Error in setting AES key"); 21340 return -1; 21341 } 21342 return 0; 21343 } 21344 21345 21346 #ifdef HAVE_AES_ECB 21347 /* Encrypt/decrypt a 16 byte block of data using the key passed in. 21348 * 21349 * in buffer to encrypt/decyrpt 21350 * out buffer to hold result of encryption/decryption 21351 * key AES structure to use with encryption/decryption 21352 * enc AES_ENCRPT for encryption and AES_DECRYPT for decryption 21353 */ 21354 void wolfSSL_AES_ecb_encrypt(const unsigned char *in, unsigned char* out, 21355 AES_KEY *key, const int enc) 21356 { 21357 Aes* aes; 21358 21359 WOLFSSL_ENTER("wolfSSL_AES_ecb_encrypt"); 21360 21361 if (key == NULL || in == NULL || out == NULL) { 21362 WOLFSSL_MSG("Error, Null argument passed in"); 21363 return; 21364 } 21365 21366 aes = (Aes*)key; 21367 if (enc == AES_ENCRYPT) { 21368 if (wc_AesEcbEncrypt(aes, out, in, AES_BLOCK_SIZE) != 0) { 21369 WOLFSSL_MSG("Error with AES CBC encrypt"); 21370 } 21371 } 21372 else { 21373 #ifdef HAVE_AES_DECRYPT 21374 if (wc_AesEcbDecrypt(aes, out, in, AES_BLOCK_SIZE) != 0) { 21375 WOLFSSL_MSG("Error with AES CBC decrypt"); 21376 } 21377 #else 21378 WOLFSSL_MSG("AES decryption not compiled in"); 21379 #endif 21380 } 21381 } 21382 #endif /* HAVE_AES_ECB */ 21383 21384 #ifdef HAVE_AES_CBC 21385 /* Encrypt data using key and iv passed in. iv gets updated to most recent iv 21386 * state after encryptiond/decryption. 21387 * 21388 * in buffer to encrypt/decyrpt 21389 * out buffer to hold result of encryption/decryption 21390 * len length of input buffer 21391 * key AES structure to use with encryption/decryption 21392 * iv iv to use with operation 21393 * enc AES_ENCRPT for encryption and AES_DECRYPT for decryption 21394 */ 21395 void wolfSSL_AES_cbc_encrypt(const unsigned char *in, unsigned char* out, 21396 size_t len, AES_KEY *key, unsigned char* iv, const int enc) 21397 { 21398 Aes* aes; 21399 21400 WOLFSSL_ENTER("wolfSSL_AES_cbc_encrypt"); 21401 21402 if (key == NULL || in == NULL || out == NULL || iv == NULL || len == 0) { 21403 WOLFSSL_MSG("Error, Null argument passed in"); 21404 return; 21405 } 21406 21407 aes = (Aes*)key; 21408 if (wc_AesSetIV(aes, (const byte*)iv) != 0) { 21409 WOLFSSL_MSG("Error with setting iv"); 21410 return; 21411 } 21412 21413 if (enc == AES_ENCRYPT) { 21414 if (wc_AesCbcEncrypt(aes, out, in, (word32)len) != 0) { 21415 WOLFSSL_MSG("Error with AES CBC encrypt"); 21416 } 21417 } 21418 else { 21419 if (wc_AesCbcDecrypt(aes, out, in, (word32)len) != 0) { 21420 WOLFSSL_MSG("Error with AES CBC decrypt"); 21421 } 21422 } 21423 21424 /* to be compatible copy iv to iv buffer after completing operation */ 21425 XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE); 21426 } 21427 #endif /* HAVE_AES_CBC */ 21428 21429 21430 /* Encrypt data using CFB mode with key and iv passed in. iv gets updated to 21431 * most recent iv state after encryptiond/decryption. 21432 * 21433 * in buffer to encrypt/decyrpt 21434 * out buffer to hold result of encryption/decryption 21435 * len length of input buffer 21436 * key AES structure to use with encryption/decryption 21437 * iv iv to use with operation 21438 * num contains the amount of block used 21439 * enc AES_ENCRPT for encryption and AES_DECRYPT for decryption 21440 */ 21441 void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out, 21442 size_t len, AES_KEY *key, unsigned char* iv, int* num, 21443 const int enc) 21444 { 21445 #ifndef WOLFSSL_AES_CFB 21446 WOLFSSL_MSG("CFB mode not enabled please use macro WOLFSSL_AES_CFB"); 21447 (void)in; 21448 (void)out; 21449 (void)len; 21450 (void)key; 21451 (void)iv; 21452 (void)num; 21453 (void)enc; 21454 21455 return; 21456 #else 21457 Aes* aes; 21458 21459 WOLFSSL_ENTER("wolfSSL_AES_cbc_encrypt"); 21460 if (key == NULL || in == NULL || out == NULL || iv == NULL) { 21461 WOLFSSL_MSG("Error, Null argument passed in"); 21462 return; 21463 } 21464 21465 aes = (Aes*)key; 21466 if (wc_AesSetIV(aes, (const byte*)iv) != 0) { 21467 WOLFSSL_MSG("Error with setting iv"); 21468 return; 21469 } 21470 21471 if (enc == AES_ENCRYPT) { 21472 if (wc_AesCfbEncrypt(aes, out, in, (word32)len) != 0) { 21473 WOLFSSL_MSG("Error with AES CBC encrypt"); 21474 } 21475 } 21476 else { 21477 if (wc_AesCfbDecrypt(aes, out, in, (word32)len) != 0) { 21478 WOLFSSL_MSG("Error with AES CBC decrypt"); 21479 } 21480 } 21481 21482 /* to be compatible copy iv to iv buffer after completing operation */ 21483 XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE); 21484 21485 /* store number of left over bytes to num */ 21486 *num = (aes->left)? AES_BLOCK_SIZE - aes->left : 0; 21487 #endif /* WOLFSSL_AES_CFB */ 21488 } 21489 #endif /* NO_AES */ 21490 21491 #ifndef NO_WOLFSSL_STUB 17440 21492 int wolfSSL_BIO_printf(WOLFSSL_BIO* bio, const char* format, ...) 17441 21493 { 17442 21494 (void)bio; 17443 21495 (void)format; 21496 WOLFSSL_STUB("BIO_printf"); 17444 21497 return 0; 17445 21498 } 17446 17447 21499 #endif 21500 21501 #ifndef NO_WOLFSSL_STUB 17448 21502 int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a) 17449 21503 { 17450 21504 (void)bio; 17451 21505 (void)a; 21506 WOLFSSL_STUB("ASN1_UTCTIME_print"); 17452 21507 return 0; 17453 21508 } 21509 #endif 17454 21510 17455 21511 /* Return the month as a string. … … 17458 21514 * returns the month as a string. 17459 21515 */ 17460 static INLINE const char* MonthStr(const char* n)21516 static WC_INLINE const char* MonthStr(const char* n) 17461 21517 { 17462 21518 static const char monthStr[12][4] = { … … 17495 21551 } 17496 21552 17497 int wolfSSL_sk_num(WOLFSSL_X509_REVOKED* rev) 17498 { 17499 (void)rev; 17500 return 0; 17501 } 17502 17503 17504 void* wolfSSL_sk_value(WOLFSSL_X509_REVOKED* rev, int i) 17505 { 17506 (void)rev; 17507 (void)i; 17508 return 0; 17509 } 17510 17511 21553 void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_TIME* asn1Time) 21554 { 21555 WOLFSSL_ENTER("wolfSSL_ASN1_GENERALIZEDTIME_free"); 21556 if (asn1Time == NULL) 21557 return; 21558 XMEMSET(asn1Time->data, 0, sizeof(asn1Time->data)); 21559 } 21560 21561 int wolfSSL_sk_num(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk) 21562 { 21563 if (sk == NULL) 21564 return 0; 21565 return (int)sk->num; 21566 } 21567 21568 void* wolfSSL_sk_value(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk, int i) 21569 { 21570 for (; sk != NULL && i > 0; i--) 21571 sk = sk->next; 21572 if (sk == NULL) 21573 return NULL; 21574 return (void*)sk->data.obj; 21575 } 21576 21577 #endif /* OPENSSL_EXTRA */ 21578 21579 #if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE) 17512 21580 /* stunnel 4.28 needs */ 17513 21581 void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX* ctx, 17514 21582 WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*)) 17515 21583 { 21584 if (ctx == NULL) 21585 return; 21586 17516 21587 #ifdef HAVE_EXT_CACHE 17517 21588 ctx->get_sess_cb = f; 17518 21589 #else 17519 (void)ctx;17520 21590 (void)f; 17521 21591 #endif 17522 21592 } 17523 17524 21593 17525 21594 void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX* ctx, 17526 21595 int (*f)(WOLFSSL*, WOLFSSL_SESSION*)) 17527 21596 { 21597 if (ctx == NULL) 21598 return; 21599 17528 21600 #ifdef HAVE_EXT_CACHE 17529 21601 ctx->new_sess_cb = f; 17530 21602 #else 17531 (void)ctx;17532 21603 (void)f; 17533 21604 #endif 17534 21605 } 17535 17536 21606 17537 21607 void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX* ctx, void (*f)(WOLFSSL_CTX*, 17538 21608 WOLFSSL_SESSION*)) 17539 21609 { 21610 if (ctx == NULL) 21611 return; 21612 17540 21613 #ifdef HAVE_EXT_CACHE 17541 21614 ctx->rem_sess_cb = f; 17542 21615 #else 17543 (void)ctx;17544 21616 (void)f; 17545 21617 #endif 17546 21618 } 17547 21619 #endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */ 21620 21621 #ifdef OPENSSL_EXTRA 21622 21623 /* 21624 * 21625 * Note: It is expected that the importing and exporting function have been 21626 * built with the same settings. For example if session tickets was 21627 * enabled with the wolfSSL library exporting a session then it is 21628 * expected to be turned on with the wolfSSL library importing the session. 21629 */ 17548 21630 int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p) 17549 21631 { … … 17555 21637 #endif 17556 21638 unsigned char *data; 21639 21640 if (sess == NULL) { 21641 return BAD_FUNC_ARG; 21642 } 17557 21643 17558 21644 /* bornOn | timeout | sessionID len | sessionID | masterSecret | haveEMS */ … … 17575 21661 size += OPAQUE16_LEN + sess->ticketLen; 17576 21662 #endif 21663 #ifdef OPENSSL_EXTRA 21664 /* session context ID len | session context ID */ 21665 size += OPAQUE8_LEN + sess->sessionCtxSz; 21666 #endif 17577 21667 17578 21668 if (p != NULL) { … … 17589 21679 idx += sess->sessionIDSz; 17590 21680 XMEMCPY(data + idx, sess->masterSecret, SECRET_LEN); idx += SECRET_LEN; 17591 data[idx++] = sess->haveEMS;21681 data[idx++] = (byte)sess->haveEMS; 17592 21682 #ifdef SESSION_CERTS 17593 data[idx++] = sess->chain.count;21683 data[idx++] = (byte)sess->chain.count; 17594 21684 for (i = 0; i < sess->chain.count; i++) { 17595 c16toa( sess->chain.certs[i].length, data + idx);21685 c16toa((word16)sess->chain.certs[i].length, data + idx); 17596 21686 idx += OPAQUE16_LEN; 17597 21687 XMEMCPY(data + idx, sess->chain.certs[i].buffer, … … 17614 21704 idx += sess->ticketLen; 17615 21705 #endif 21706 #ifdef OPENSSL_EXTRA 21707 data[idx++] = sess->sessionCtxSz; 21708 XMEMCPY(data + idx, sess->sessionCtx, sess->sessionCtxSz); 21709 idx += sess->sessionCtxSz; 21710 #endif 17616 21711 } 17617 21712 #endif … … 17626 21721 } 17627 21722 17628 /* TODO: no function to free new session. */ 21723 21724 /* TODO: no function to free new session. 21725 * 21726 * Note: It is expected that the importing and exporting function have been 21727 * built with the same settings. For example if session tickets was 21728 * enabled with the wolfSSL library exporting a session then it is 21729 * expected to be turned on with the wolfSSL library importing the session. 21730 */ 17629 21731 WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess, 17630 21732 const unsigned char** p, long i) … … 17657 21759 if (s == NULL) 17658 21760 return NULL; 21761 XMEMSET(s, 0, sizeof(WOLFSSL_SESSION)); 17659 21762 s->isAlloced = 1; 21763 #ifdef HAVE_SESSION_TICKET 17660 21764 s->isDynamic = 0; 21765 #endif 17661 21766 } 17662 21767 … … 17760 21865 XMEMCPY(s->ticket, data + idx, s->ticketLen); idx += s->ticketLen; 17761 21866 #endif 21867 #ifdef OPENSSL_EXTRA 21868 /* byte for length of session context ID */ 21869 if (i - idx < OPAQUE8_LEN) { 21870 ret = BUFFER_ERROR; 21871 goto end; 21872 } 21873 s->sessionCtxSz = data[idx++]; 21874 21875 /* app session context ID */ 21876 if (i - idx < s->sessionCtxSz) { 21877 ret = BUFFER_ERROR; 21878 goto end; 21879 } 21880 XMEMCPY(s->sessionCtx, data + idx, s->sessionCtxSz); idx += s->sessionCtxSz; 21881 #endif 17762 21882 (void)idx; 17763 21883 … … 17777 21897 long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION* sess) 17778 21898 { 21899 long timeout = 0; 17779 21900 WOLFSSL_ENTER("wolfSSL_SESSION_get_timeout"); 17780 return sess->timeout; 21901 if (sess) 21902 timeout = sess->timeout; 21903 return timeout; 17781 21904 } 17782 21905 … … 17784 21907 long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess) 17785 21908 { 21909 long bornOn = 0; 17786 21910 WOLFSSL_ENTER("wolfSSL_SESSION_get_time"); 17787 return sess->bornOn; 21911 if (sess) 21912 bornOn = sess->bornOn; 21913 return bornOn; 17788 21914 } 17789 21915 … … 17804 21930 #ifdef OPENSSL_EXTRA 17805 21931 17806 #if def FORTRESS21932 #if defined(FORTRESS) && !defined(NO_FILESYSTEM) 17807 21933 int wolfSSL_cmp_peer_cert_to_file(WOLFSSL* ssl, const char *fname) 17808 21934 { … … 17813 21939 { 17814 21940 #ifdef WOLFSSL_SMALL_STACK 17815 EncryptedInfo* info = NULL;17816 21941 byte staticBuffer[1]; /* force heap usage */ 17817 21942 #else 17818 EncryptedInfo info[1];17819 21943 byte staticBuffer[FILE_BUFFER_SIZE]; 17820 21944 #endif … … 17823 21947 XFILE file = XBADFILE; 17824 21948 size_t sz = 0; 17825 int eccKey = 0;17826 21949 WOLFSSL_CTX* ctx = ssl->ctx; 17827 21950 WOLFSSL_X509* peer_cert = &ssl->peerCert; … … 17832 21955 return WOLFSSL_BAD_FILE; 17833 21956 17834 XFSEEK(file, 0, XSEEK_END); 21957 if(XFSEEK(file, 0, XSEEK_END) != 0) { 21958 XFCLOSE(file); 21959 return WOLFSSL_BAD_FILE; 21960 } 17835 21961 sz = XFTELL(file); 17836 21962 XREWIND(file); … … 17842 21968 } 17843 21969 17844 #ifdef WOLFSSL_SMALL_STACK 17845 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL, 17846 DYNAMIC_TYPE_ENCRYPTEDINFO); 17847 if (info == NULL) 17848 ret = MEMORY_E; 17849 else 17850 #endif 21970 21971 if ((myBuffer != NULL) && 21972 (sz > 0) && 21973 (XFREAD(myBuffer, 1, sz, file) == sz) && 21974 (PemToDer(myBuffer, (long)sz, CERT_TYPE, 21975 &fileDer, ctx->heap, NULL, NULL) == 0) && 21976 (fileDer->length != 0) && 21977 (fileDer->length == peer_cert->derCert->length) && 21978 (XMEMCMP(peer_cert->derCert->buffer, fileDer->buffer, 21979 fileDer->length) == 0)) 17851 21980 { 17852 info->set = 0; 17853 info->ctx = ctx; 17854 info->consumed = 0; 17855 17856 if ((myBuffer != NULL) && 17857 (sz > 0) && 17858 (XFREAD(myBuffer, 1, sz, file) == sz) && 17859 (PemToDer(myBuffer, sz, CERT_TYPE, 17860 &fileDer, ctx->heap, info, &eccKey) == 0) && 17861 (fileDer->length != 0) && 17862 (fileDer->length == peer_cert->derCert->length) && 17863 (XMEMCMP(peer_cert->derCert->buffer, fileDer->buffer, 17864 fileDer->length) == 0)) 17865 { 17866 ret = 0; 17867 } 17868 17869 #ifdef WOLFSSL_SMALL_STACK 17870 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); 17871 #endif 21981 ret = 0; 17872 21982 } 17873 21983 … … 17883 21993 } 17884 21994 #endif 17885 17886 21995 #endif /* OPENSSL_EXTRA */ 21996 21997 #if defined(OPENSSL_EXTRA) || \ 21998 (defined(OPENSSL_EXTRA_X509_SMALL) && !defined(NO_RSA)) 17887 21999 static WC_RNG globalRNG; 17888 22000 static int initGlobalRNG = 0; 17889 17890 /* WOLFSSL_SUCCESS on ok */ 17891 int wolfSSL_RAND_seed(const void* seed, int len) 17892 { 17893 17894 WOLFSSL_MSG("wolfSSL_RAND_seed"); 17895 17896 (void)seed; 17897 (void)len; 17898 22001 #endif 22002 22003 #ifdef OPENSSL_EXTRA 22004 22005 /* Not thread safe! Can be called multiple times. 22006 * Checks if the global RNG has been created. If not then one is created. 22007 * 22008 * Returns SSL_SUCCESS when no error is encountered. 22009 */ 22010 static int wolfSSL_RAND_Init(void) 22011 { 17899 22012 if (initGlobalRNG == 0) { 17900 22013 if (wc_InitRng(&globalRNG) < 0) { … … 17905 22018 } 17906 22019 17907 return WOLFSSL_SUCCESS; 17908 } 17909 17910 17911 /* WOLFSSL_SUCCESS on ok */ 22020 return SSL_SUCCESS; 22021 } 22022 22023 22024 /* SSL_SUCCESS on ok */ 22025 int wolfSSL_RAND_seed(const void* seed, int len) 22026 { 22027 22028 WOLFSSL_MSG("wolfSSL_RAND_seed"); 22029 22030 (void)seed; 22031 (void)len; 22032 22033 return wolfSSL_RAND_Init(); 22034 } 22035 22036 22037 /* Returns the path for reading seed data from. 22038 * Uses the env variable $RANDFILE first if set, if not then used $HOME/.rnd 22039 * 22040 * Note uses stdlib by default unless XGETENV macro is overwritten 22041 * 22042 * fname buffer to hold path 22043 * len length of fname buffer 22044 * 22045 * Returns a pointer to fname on success and NULL on failure 22046 */ 22047 const char* wolfSSL_RAND_file_name(char* fname, unsigned long len) 22048 { 22049 #ifndef NO_FILESYSTEM 22050 char* rt; 22051 char ap[] = "/.rnd"; 22052 22053 WOLFSSL_ENTER("wolfSSL_RAND_file_name"); 22054 22055 if (fname == NULL) { 22056 return NULL; 22057 } 22058 22059 XMEMSET(fname, 0, len); 22060 /* if access to stdlib.h */ 22061 if ((rt = XGETENV("RANDFILE")) != NULL) { 22062 if (len > XSTRLEN(rt)) { 22063 XMEMCPY(fname, rt, XSTRLEN(rt)); 22064 } 22065 else { 22066 WOLFSSL_MSG("RANDFILE too large for buffer"); 22067 rt = NULL; 22068 } 22069 } 22070 22071 /* $RANDFILE was not set or is too large, check $HOME */ 22072 if (rt == NULL) { 22073 WOLFSSL_MSG("Environment variable RANDFILE not set"); 22074 if ((rt = XGETENV("HOME")) == NULL) { 22075 WOLFSSL_MSG("Environment variable HOME not set"); 22076 return NULL; 22077 } 22078 22079 if (len > XSTRLEN(rt) + XSTRLEN(ap)) { 22080 fname[0] = '\0'; 22081 XSTRNCAT(fname, rt, len); 22082 XSTRNCAT(fname, ap, len - XSTRLEN(rt)); 22083 return fname; 22084 } 22085 else { 22086 WOLFSSL_MSG("HOME too large for buffer"); 22087 return NULL; 22088 } 22089 } 22090 22091 return fname; 22092 #else 22093 /* no filesystem defined */ 22094 WOLFSSL_ENTER("wolfSSL_RAND_file_name"); 22095 WOLFSSL_MSG("No filesystem feature enabled, not compiled in"); 22096 (void)fname; 22097 (void)len; 22098 return NULL; 22099 #endif 22100 } 22101 22102 22103 /* Writes 1024 bytes from the RNG to the given file name. 22104 * 22105 * fname name of file to write to 22106 * 22107 * Returns the number of bytes writen 22108 */ 22109 int wolfSSL_RAND_write_file(const char* fname) 22110 { 22111 int bytes = 0; 22112 22113 WOLFSSL_ENTER("RAND_write_file"); 22114 22115 if (fname == NULL) { 22116 return SSL_FAILURE; 22117 } 22118 22119 #ifndef NO_FILESYSTEM 22120 { 22121 #ifndef WOLFSSL_SMALL_STACK 22122 unsigned char buf[1024]; 22123 #else 22124 unsigned char* buf = (unsigned char *)XMALLOC(1024, NULL, 22125 DYNAMIC_TYPE_TMP_BUFFER); 22126 if (buf == NULL) { 22127 WOLFSSL_MSG("malloc failed"); 22128 return SSL_FAILURE; 22129 } 22130 #endif 22131 bytes = 1024; /* default size of buf */ 22132 22133 if (initGlobalRNG == 0 && wolfSSL_RAND_Init() != SSL_SUCCESS) { 22134 WOLFSSL_MSG("No RNG to use"); 22135 #ifdef WOLFSSL_SMALL_STACK 22136 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22137 #endif 22138 return 0; 22139 } 22140 22141 if (wc_RNG_GenerateBlock(&globalRNG, buf, bytes) != 0) { 22142 WOLFSSL_MSG("Error generating random buffer"); 22143 bytes = 0; 22144 } 22145 else { 22146 XFILE f; 22147 22148 f = XFOPEN(fname, "wb"); 22149 if (f == XBADFILE) { 22150 WOLFSSL_MSG("Error opening the file"); 22151 bytes = 0; 22152 } 22153 else { 22154 XFWRITE(buf, 1, bytes, f); 22155 XFCLOSE(f); 22156 } 22157 } 22158 ForceZero(buf, bytes); 22159 #ifdef WOLFSSL_SMALL_STACK 22160 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22161 #endif 22162 } 22163 #endif 22164 22165 return bytes; 22166 } 22167 22168 #ifndef FREERTOS_TCP 22169 22170 /* These constant values are protocol values made by egd */ 22171 #if defined(USE_WOLFSSL_IO) && !defined(USE_WINDOWS_API) 22172 #define WOLFSSL_EGD_NBLOCK 0x01 22173 #include <sys/un.h> 22174 #endif 22175 22176 /* This collects entropy from the path nm and seeds the global PRNG with it. 22177 * Makes a call to wolfSSL_RAND_Init which is not thread safe. 22178 * 22179 * nm is the file path to the egd server 22180 * 22181 * Returns the number of bytes read. 22182 */ 22183 int wolfSSL_RAND_egd(const char* nm) 22184 { 22185 #if defined(USE_WOLFSSL_IO) && !defined(USE_WINDOWS_API) && !defined(HAVE_FIPS) && \ 22186 defined(HAVE_HASHDRBG) 22187 struct sockaddr_un rem; 22188 int fd; 22189 int ret = WOLFSSL_SUCCESS; 22190 word32 bytes = 0; 22191 word32 idx = 0; 22192 #ifndef WOLFSSL_SMALL_STACK 22193 unsigned char buf[256]; 22194 #else 22195 unsigned char* buf; 22196 buf = (unsigned char*)XMALLOC(256, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22197 if (buf == NULL) { 22198 WOLFSSL_MSG("Not enough memory"); 22199 return WOLFSSL_FATAL_ERROR; 22200 } 22201 #endif 22202 22203 if (nm == NULL) { 22204 #ifdef WOLFSSL_SMALL_STACK 22205 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22206 #endif 22207 return WOLFSSL_FATAL_ERROR; 22208 } 22209 22210 fd = socket(AF_UNIX, SOCK_STREAM, 0); 22211 if (fd < 0) { 22212 WOLFSSL_MSG("Error creating socket"); 22213 #ifdef WOLFSSL_SMALL_STACK 22214 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22215 #endif 22216 return WOLFSSL_FATAL_ERROR; 22217 } 22218 if (ret == WOLFSSL_SUCCESS) { 22219 rem.sun_family = AF_UNIX; 22220 XSTRNCPY(rem.sun_path, nm, sizeof(rem.sun_path)); 22221 rem.sun_path[sizeof(rem.sun_path)-1] = '\0'; 22222 } 22223 22224 /* connect to egd server */ 22225 if (ret == WOLFSSL_SUCCESS) { 22226 if (connect(fd, (struct sockaddr*)&rem, sizeof(struct sockaddr_un)) 22227 == -1) { 22228 WOLFSSL_MSG("error connecting to egd server"); 22229 ret = WOLFSSL_FATAL_ERROR; 22230 } 22231 } 22232 22233 while (ret == WOLFSSL_SUCCESS && bytes < 255 && idx + 2 < 256) { 22234 if (ret == WOLFSSL_SUCCESS) { 22235 buf[idx] = WOLFSSL_EGD_NBLOCK; 22236 buf[idx + 1] = 255 - bytes; /* request 255 bytes from server */ 22237 ret = (int)write(fd, buf + idx, 2); 22238 if (ret <= 0 || ret != 2) { 22239 if (errno == EAGAIN) { 22240 ret = WOLFSSL_SUCCESS; 22241 continue; 22242 } 22243 WOLFSSL_MSG("error requesting entropy from egd server"); 22244 ret = WOLFSSL_FATAL_ERROR; 22245 break; 22246 } 22247 } 22248 22249 /* attempting to read */ 22250 buf[idx] = 0; 22251 ret = (int)read(fd, buf + idx, 256 - bytes); 22252 if (ret == 0) { 22253 WOLFSSL_MSG("error reading entropy from egd server"); 22254 ret = WOLFSSL_FATAL_ERROR; 22255 break; 22256 } 22257 if (ret > 0 && buf[idx] > 0) { 22258 bytes += buf[idx]; /* egd stores amount sent in first byte */ 22259 if (bytes + idx > 255 || buf[idx] > ret) { 22260 WOLFSSL_MSG("Buffer error"); 22261 ret = WOLFSSL_FATAL_ERROR; 22262 break; 22263 } 22264 XMEMMOVE(buf + idx, buf + idx + 1, buf[idx]); 22265 idx = bytes; 22266 ret = WOLFSSL_SUCCESS; 22267 if (bytes >= 255) { 22268 break; 22269 } 22270 } 22271 else { 22272 if (errno == EAGAIN || errno == EINTR) { 22273 WOLFSSL_MSG("EGD would read"); 22274 ret = WOLFSSL_SUCCESS; /* try again */ 22275 } 22276 else if (buf[idx] == 0) { 22277 /* if egd returned 0 then there is no more entropy to be had. 22278 Do not try more reads. */ 22279 ret = WOLFSSL_SUCCESS; 22280 break; 22281 } 22282 else { 22283 WOLFSSL_MSG("Error with read"); 22284 ret = WOLFSSL_FATAL_ERROR; 22285 } 22286 } 22287 } 22288 22289 if (bytes > 0 && ret == WOLFSSL_SUCCESS) { 22290 wolfSSL_RAND_Init(); /* call to check global RNG is created */ 22291 if (wc_RNG_DRBG_Reseed(&globalRNG, (const byte*) buf, bytes) 22292 != 0) { 22293 WOLFSSL_MSG("Error with reseeding DRBG structure"); 22294 ret = WOLFSSL_FATAL_ERROR; 22295 } 22296 #ifdef SHOW_SECRETS 22297 { /* print out entropy found */ 22298 word32 i; 22299 printf("EGD Entropy = "); 22300 for (i = 0; i < bytes; i++) { 22301 printf("%02X", buf[i]); 22302 } 22303 printf("\n"); 22304 } 22305 #endif 22306 } 22307 22308 ForceZero(buf, bytes); 22309 #ifdef WOLFSSL_SMALL_STACK 22310 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22311 #endif 22312 close(fd); 22313 22314 if (ret == WOLFSSL_SUCCESS) { 22315 return bytes; 22316 } 22317 else { 22318 return ret; 22319 } 22320 #else 22321 WOLFSSL_MSG("Type of socket needed is not available"); 22322 WOLFSSL_MSG("\tor using mode where DRBG API is not available"); 22323 (void)nm; 22324 22325 return WOLFSSL_FATAL_ERROR; 22326 #endif /* USE_WOLFSSL_IO && !USE_WINDOWS_API && !HAVE_FIPS && HAVE_HASHDRBG */ 22327 } 22328 22329 #endif /* !FREERTOS_TCP */ 22330 22331 void wolfSSL_RAND_Cleanup(void) 22332 { 22333 WOLFSSL_ENTER("wolfSSL_RAND_Cleanup()"); 22334 22335 if (initGlobalRNG != 0) { 22336 wc_FreeRng(&globalRNG); 22337 initGlobalRNG = 0; 22338 } 22339 } 22340 22341 22342 int wolfSSL_RAND_pseudo_bytes(unsigned char* buf, int num) 22343 { 22344 return wolfSSL_RAND_bytes(buf, num); 22345 } 22346 22347 22348 /* SSL_SUCCESS on ok */ 17912 22349 int wolfSSL_RAND_bytes(unsigned char* buf, int num) 17913 22350 { … … 17953 22390 } 17954 22391 22392 22393 int wolfSSL_RAND_poll(void) 22394 { 22395 byte entropy[16]; 22396 int ret = 0; 22397 word32 entropy_sz = 16; 22398 22399 WOLFSSL_ENTER("wolfSSL_RAND_poll"); 22400 if (initGlobalRNG == 0){ 22401 WOLFSSL_MSG("Global RNG no Init"); 22402 return WOLFSSL_FAILURE; 22403 } 22404 ret = wc_GenerateSeed(&globalRNG.seed, entropy, entropy_sz); 22405 if (ret != 0){ 22406 WOLFSSL_MSG("Bad wc_RNG_GenerateBlock"); 22407 ret = WOLFSSL_FAILURE; 22408 }else 22409 ret = WOLFSSL_SUCCESS; 22410 22411 return ret; 22412 } 22413 17955 22414 WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void) 17956 22415 { … … 17958 22417 17959 22418 WOLFSSL_MSG("wolfSSL_BN_CTX_new"); 17960 17961 22419 return (WOLFSSL_BN_CTX*)&ctx; 22420 17962 22421 } 17963 22422 … … 17973 22432 (void)ctx; 17974 22433 WOLFSSL_MSG("wolfSSL_BN_CTX_free"); 17975 17976 22434 /* do free since static ctx that does nothing */ 17977 22435 } 17978 17979 22436 #endif /* OPENSSL_EXTRA */ 22437 22438 22439 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 17980 22440 static void InitwolfSSL_BigNum(WOLFSSL_BIGNUM* bn) 17981 22441 { 17982 WOLFSSL_MSG("InitwolfSSL_BigNum");17983 22442 if (bn) { 22443 XMEMSET(bn, 0, sizeof(WOLFSSL_BIGNUM)); 17984 22444 bn->neg = 0; 17985 22445 bn->internal = NULL; 17986 22446 } 17987 22447 } 17988 17989 22448 17990 22449 WOLFSSL_BIGNUM* wolfSSL_BN_new(void) … … 18010 22469 18011 22470 InitwolfSSL_BigNum(external); 18012 external->internal = mpi;18013 22471 if (mp_init(mpi) != MP_OKAY) { 18014 22472 wolfSSL_BN_free(external); 18015 22473 return NULL; 18016 22474 } 22475 external->internal = mpi; 18017 22476 18018 22477 return external; … … 18025 22484 if (bn) { 18026 22485 if (bn->internal) { 18027 mp_forcezero((mp_int*)bn->internal); 22486 mp_int* bni = (mp_int*)bn->internal; 22487 mp_forcezero(bni); 22488 mp_free(bni); 18028 22489 XFREE(bn->internal, NULL, DYNAMIC_TYPE_BIGINT); 18029 22490 bn->internal = NULL; … … 18033 22494 } 18034 22495 } 18035 22496 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 22497 22498 #ifdef OPENSSL_EXTRA 18036 22499 18037 22500 void wolfSSL_BN_clear_free(WOLFSSL_BIGNUM* bn) … … 18096 22559 (mp_int*)m->internal, (mp_int*)r->internal)) == MP_OKAY) { 18097 22560 return WOLFSSL_SUCCESS; 18098 22561 } 18099 22562 18100 22563 WOLFSSL_LEAVE("wolfSSL_BN_mod_exp", ret); … … 18102 22565 18103 22566 return WOLFSSL_FAILURE; 22567 } 22568 22569 /* r = (a * p) % m */ 22570 int wolfSSL_BN_mod_mul(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a, 22571 const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx) 22572 { 22573 int ret; 22574 22575 WOLFSSL_ENTER("wolfSSL_BN_mod_mul"); 22576 22577 (void) ctx; 22578 if (r == NULL || a == NULL || p == NULL || m == NULL) { 22579 WOLFSSL_MSG("Bad Argument"); 22580 return SSL_FAILURE; 22581 } 22582 22583 if ((ret = mp_mulmod((mp_int*)a->internal,(mp_int*)p->internal, 22584 (mp_int*)m->internal, (mp_int*)r->internal)) == MP_OKAY) { 22585 return SSL_SUCCESS; 22586 } 22587 22588 WOLFSSL_LEAVE("wolfSSL_BN_mod_mul", ret); 22589 (void)ret; 22590 22591 return SSL_FAILURE; 18104 22592 } 18105 22593 … … 18119 22607 } 18120 22608 } 18121 22609 } 18122 22610 18123 22611 return bn_one; … … 18128 22616 int wolfSSL_BN_num_bytes(const WOLFSSL_BIGNUM* bn) 18129 22617 { 18130 WOLFSSL_ MSG("wolfSSL_BN_num_bytes");22618 WOLFSSL_ENTER("wolfSSL_BN_num_bytes"); 18131 22619 18132 22620 if (bn == NULL || bn->internal == NULL) … … 18140 22628 int wolfSSL_BN_num_bits(const WOLFSSL_BIGNUM* bn) 18141 22629 { 18142 WOLFSSL_ MSG("wolfSSL_BN_num_bits");22630 WOLFSSL_ENTER("wolfSSL_BN_num_bits"); 18143 22631 18144 22632 if (bn == NULL || bn->internal == NULL) … … 18219 22707 WOLFSSL_MSG("NULL bn error"); 18220 22708 return WOLFSSL_FATAL_ERROR; 18221 22709 } 18222 22710 18223 22711 if (r == NULL) … … 18227 22715 WOLFSSL_MSG("mp_to_unsigned_bin error"); 18228 22716 return WOLFSSL_FATAL_ERROR; 18229 22717 } 18230 22718 18231 22719 return mp_unsigned_bin_size((mp_int*)bn->internal); … … 18246 22734 if (ret == NULL) 18247 22735 return NULL; 18248 22736 } 18249 22737 18250 22738 /* check ret and ret->internal then read in value */ … … 18256 22744 return NULL; 18257 22745 } 18258 22746 } 18259 22747 18260 22748 return ret; … … 18263 22751 /* return compliant with OpenSSL 18264 22752 * 1 if success, 0 if error */ 22753 #ifndef NO_WOLFSSL_STUB 18265 22754 int wolfSSL_mask_bits(WOLFSSL_BIGNUM* bn, int n) 18266 22755 { 18267 22756 (void)bn; 18268 22757 (void)n; 18269 WOLFSSL_MSG("wolfSSL_BN_mask_bits"); 18270 18271 return WOLFSSL_FAILURE; 18272 } 22758 WOLFSSL_ENTER("wolfSSL_BN_mask_bits"); 22759 WOLFSSL_STUB("BN_mask_bits"); 22760 return SSL_FAILURE; 22761 } 22762 #endif 18273 22763 18274 22764 … … 18302 22792 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 18303 22793 return ret; 18304 22794 } 18305 22795 #endif 18306 22796 … … 18310 22800 rng = tmpRNG; 18311 22801 initTmpRng = 1; 18312 22802 } 18313 22803 else if (initGlobalRNG) 18314 22804 rng = &globalRNG; … … 18323 22813 if (mp_read_unsigned_bin((mp_int*)bn->internal,buff,len) != MP_OKAY) 18324 22814 WOLFSSL_MSG("mp read bin failed"); 18325 22815 else 18326 22816 ret = WOLFSSL_SUCCESS; 18327 18328 22817 } 22818 } 18329 22819 18330 22820 if (initTmpRng) … … 18334 22824 XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER); 18335 22825 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 22826 #endif 22827 22828 return ret; 22829 } 22830 22831 22832 /* WOLFSSL_SUCCESS on ok 22833 * code is same as wolfSSL_BN_rand except for how top and bottom is handled. 22834 * top -1 then leave most sig bit alone 22835 * top 0 then most sig is set to 1 22836 * top is 1 then first two most sig bits are 1 22837 * 22838 * bottom is hot then odd number */ 22839 int wolfSSL_BN_pseudo_rand(WOLFSSL_BIGNUM* bn, int bits, int top, int bottom) 22840 { 22841 int ret = 0; 22842 int len = bits / 8; 22843 int initTmpRng = 0; 22844 WC_RNG* rng = NULL; 22845 #ifdef WOLFSSL_SMALL_STACK 22846 WC_RNG* tmpRNG = NULL; 22847 byte* buff = NULL; 22848 #else 22849 WC_RNG tmpRNG[1]; 22850 byte buff[1024]; 22851 #endif 22852 22853 WOLFSSL_MSG("wolfSSL_BN_rand"); 22854 22855 if (bits % 8) 22856 len++; 22857 22858 #ifdef WOLFSSL_SMALL_STACK 22859 buff = (byte*)XMALLOC(1024, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22860 tmpRNG = (WC_RNG*) XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER); 22861 if (buff == NULL || tmpRNG == NULL) { 22862 XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22863 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22864 return ret; 22865 } 22866 #endif 22867 22868 if (bn == NULL || bn->internal == NULL) 22869 WOLFSSL_MSG("Bad function arguments"); 22870 else if (wc_InitRng(tmpRNG) == 0) { 22871 rng = tmpRNG; 22872 initTmpRng = 1; 22873 } 22874 else if (initGlobalRNG) 22875 rng = &globalRNG; 22876 22877 if (rng) { 22878 if (wc_RNG_GenerateBlock(rng, buff, len) != 0) 22879 WOLFSSL_MSG("Bad wc_RNG_GenerateBlock"); 22880 else { 22881 switch (top) { 22882 case -1: 22883 break; 22884 22885 case 0: 22886 buff[0] |= 0x80; 22887 break; 22888 22889 case 1: 22890 buff[0] |= 0x80 | 0x40; 22891 break; 22892 } 22893 22894 if (bottom == 1) { 22895 buff[len-1] |= 0x01; 22896 } 22897 22898 if (mp_read_unsigned_bin((mp_int*)bn->internal,buff,len) != MP_OKAY) 22899 WOLFSSL_MSG("mp read bin failed"); 22900 else 22901 ret = WOLFSSL_SUCCESS; 22902 } 22903 } 22904 22905 if (initTmpRng) 22906 wc_FreeRng(tmpRNG); 22907 22908 #ifdef WOLFSSL_SMALL_STACK 22909 XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER); 22910 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER); 18336 22911 #endif 18337 22912 … … 18392 22967 byte decoded[1024]; 18393 22968 #endif 22969 int weOwn = 0; 18394 22970 18395 22971 WOLFSSL_MSG("wolfSSL_BN_hex2bn"); … … 18408 22984 ret = decSz; 18409 22985 else { 18410 if (*bn == NULL) 22986 if (*bn == NULL) { 18411 22987 *bn = wolfSSL_BN_new(); 22988 if (*bn != NULL) { 22989 weOwn = 1; 22990 } 22991 } 18412 22992 18413 22993 if (*bn == NULL) 18414 22994 WOLFSSL_MSG("BN new failed"); 18415 else if (wolfSSL_BN_bin2bn(decoded, decSz, *bn) == NULL) 22995 else if (wolfSSL_BN_bin2bn(decoded, decSz, *bn) == NULL) { 18416 22996 WOLFSSL_MSG("Bad bin2bn error"); 22997 if (weOwn == 1) { 22998 wolfSSL_BN_free(*bn); /* Free new BN */ 22999 } 23000 } 18417 23001 else 18418 23002 ret = WOLFSSL_SUCCESS; … … 18436 23020 WOLFSSL_MSG("bn NULL error"); 18437 23021 return NULL; 18438 23022 } 18439 23023 18440 23024 ret = wolfSSL_BN_new(); … … 18448 23032 wolfSSL_BN_free(ret); 18449 23033 return NULL; 18450 23034 } 18451 23035 18452 23036 ret->neg = bn->neg; … … 18459 23043 { 18460 23044 WOLFSSL_MSG("wolfSSL_BN_copy"); 23045 23046 if (r == NULL || bn == NULL) { 23047 WOLFSSL_MSG("r or bn NULL error"); 23048 return NULL; 23049 } 18461 23050 18462 23051 if (mp_copy((mp_int*)bn->internal, (mp_int*)r->internal) != MP_OKAY) { … … 18468 23057 18469 23058 return r; 18470 }23059 } 18471 23060 18472 23061 /* return code compliant with OpenSSL : … … 18477 23066 WOLFSSL_MSG("wolfSSL_BN_set_word"); 18478 23067 23068 if (bn == NULL) { 23069 WOLFSSL_MSG("bn NULL error"); 23070 return WOLFSSL_FAILURE; 23071 } 23072 18479 23073 if (mp_set_int((mp_int*)bn->internal, w) != MP_OKAY) { 18480 23074 WOLFSSL_MSG("mp_init_set_int error"); … … 18485 23079 } 18486 23080 23081 23082 /* Returns the big number as an unsigned long if possible. 23083 * 23084 * bn big number structure to get value from 23085 * 23086 * Returns value or 0xFFFFFFFFL if bigger than unsigned long. 23087 */ 23088 unsigned long wolfSSL_BN_get_word(const WOLFSSL_BIGNUM* bn) 23089 { 23090 mp_int* mp; 23091 23092 WOLFSSL_MSG("wolfSSL_BN_get_word"); 23093 23094 if (bn == NULL) { 23095 WOLFSSL_MSG("Invalid argument"); 23096 return 0; 23097 } 23098 23099 if (wolfSSL_BN_num_bytes(bn) > (int)sizeof(unsigned long)) { 23100 WOLFSSL_MSG("bignum is larger than unsigned long"); 23101 return 0xFFFFFFFFL; 23102 } 23103 mp = (mp_int*)bn->internal; 23104 23105 return (unsigned long)(mp->dp[0]); 23106 } 23107 18487 23108 /* return code compliant with OpenSSL : 18488 23109 * number length in decimal if success, 0 if error 18489 23110 */ 23111 #ifndef NO_WOLFSSL_STUB 18490 23112 int wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM** bn, const char* str) 18491 23113 { … … 18494 23116 18495 23117 WOLFSSL_MSG("wolfSSL_BN_dec2bn"); 18496 18497 return WOLFSSL_FAILURE;18498 }18499 23118 WOLFSSL_STUB("BN_dec2bn"); 23119 return SSL_FAILURE; 23120 } 23121 #endif 18500 23122 18501 23123 #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) … … 18510 23132 WOLFSSL_MSG("bn NULL error"); 18511 23133 return NULL; 18512 }18513 18514 if (mp_radix_size((mp_int*)bn->internal, 10, &len) != MP_OKAY) {23134 } 23135 23136 if (mp_radix_size((mp_int*)bn->internal, MP_RADIX_DEC, &len) != MP_OKAY) { 18515 23137 WOLFSSL_MSG("mp_radix_size failure"); 18516 23138 return NULL; 18517 23139 } 18518 23140 18519 buf = (char*) XMALLOC(len, NULL, DYNAMIC_TYPE_ ECC);23141 buf = (char*) XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); 18520 23142 if (buf == NULL) { 18521 WOLFSSL_MSG(" wolfSSL_BN_bn2hexmalloc buffer failure");23143 WOLFSSL_MSG("BN_bn2dec malloc buffer failure"); 18522 23144 return NULL; 18523 18524 18525 if (mp_to radix((mp_int*)bn->internal, buf, 10) != MP_OKAY) {23145 } 23146 23147 if (mp_todecimal((mp_int*)bn->internal, buf) != MP_OKAY) { 18526 23148 XFREE(buf, NULL, DYNAMIC_TYPE_ECC); 18527 23149 return NULL; … … 18538 23160 18539 23161 return NULL; 18540 }23162 } 18541 23163 #endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */ 18542 23164 … … 18559 23181 18560 23182 return WOLFSSL_SUCCESS; 18561 }23183 } 18562 23184 18563 23185 /* return code compliant with OpenSSL : … … 18571 23193 WOLFSSL_MSG("bn NULL error"); 18572 23194 return WOLFSSL_FAILURE; 18573 }23195 } 18574 23196 18575 23197 if (mp_div_2d((mp_int*)bn->internal, n, … … 18577 23199 WOLFSSL_MSG("mp_mul_2d error"); 18578 23200 return WOLFSSL_FAILURE; 18579 }23201 } 18580 23202 18581 23203 return WOLFSSL_SUCCESS; 18582 }23204 } 18583 23205 18584 23206 /* return code compliant with OpenSSL : … … 18592 23214 WOLFSSL_MSG("bn NULL error"); 18593 23215 return WOLFSSL_FAILURE; 18594 }23216 } 18595 23217 18596 23218 if (mp_add_d((mp_int*)bn->internal, w, (mp_int*)bn->internal) != MP_OKAY) { 18597 23219 WOLFSSL_MSG("mp_add_d error"); 18598 23220 return WOLFSSL_FAILURE; 18599 }23221 } 18600 23222 18601 23223 return WOLFSSL_SUCCESS; 18602 }23224 } 18603 23225 18604 23226 /* return code compliant with OpenSSL : … … 18613 23235 WOLFSSL_MSG("bn NULL error"); 18614 23236 return WOLFSSL_FAILURE; 18615 }23237 } 18616 23238 18617 23239 if (mp_add((mp_int*)a->internal, (mp_int*)b->internal, … … 18619 23241 WOLFSSL_MSG("mp_add_d error"); 18620 23242 return WOLFSSL_FAILURE; 18621 }23243 } 18622 23244 18623 23245 return WOLFSSL_SUCCESS; 18624 }23246 } 18625 23247 18626 23248 #ifdef WOLFSSL_KEY_GEN … … 18632 23254 WOLFSSL_BN_CTX *ctx, WOLFSSL_BN_GENCB *cb) 18633 23255 { 18634 int res; 23256 WC_RNG* rng = NULL; 23257 #ifdef WOLFSSL_SMALL_STACK 23258 WC_RNG* tmpRNG = NULL; 23259 #else 23260 WC_RNG tmpRNG[1]; 23261 #endif 23262 int initTmpRng = 0; 23263 int res = MP_NO; 18635 23264 18636 23265 (void)ctx; … … 18642 23271 WOLFSSL_MSG("bn NULL error"); 18643 23272 return WOLFSSL_FATAL_ERROR; 18644 } 18645 18646 if (mp_prime_is_prime((mp_int*)bn->internal, nbchecks, &res) != MP_OKAY) { 18647 WOLFSSL_MSG("mp_prime_is_prime error"); 18648 return WOLFSSL_FATAL_ERROR; 18649 } 23273 } 23274 23275 #ifdef WOLFSSL_SMALL_STACK 23276 tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 23277 if (tmpRNG == NULL) 23278 return WOLFSSL_FAILURE; 23279 #endif 23280 if (wc_InitRng(tmpRNG) == 0) { 23281 rng = tmpRNG; 23282 initTmpRng = 1; 23283 } 23284 else { 23285 WOLFSSL_MSG("Bad RNG Init, trying global"); 23286 if (initGlobalRNG == 0) { 23287 WOLFSSL_MSG("Global RNG no Init"); 23288 } 23289 else 23290 rng = &globalRNG; 23291 } 23292 23293 if (rng) { 23294 if (mp_prime_is_prime_ex((mp_int*)bn->internal, 23295 nbchecks, &res, rng) != MP_OKAY) { 23296 WOLFSSL_MSG("mp_prime_is_prime_ex error"); 23297 res = MP_NO; 23298 } 23299 } 23300 23301 if (initTmpRng) 23302 wc_FreeRng(tmpRNG); 23303 #ifdef WOLFSSL_SMALL_STACK 23304 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 23305 #endif 18650 23306 18651 23307 if (res != MP_YES) { 18652 WOLFSSL_MSG("mp_prime_is_prime not prime");23308 WOLFSSL_MSG("mp_prime_is_prime_ex not prime"); 18653 23309 return WOLFSSL_FAILURE; 18654 }23310 } 18655 23311 18656 23312 return WOLFSSL_SUCCESS; 18657 }23313 } 18658 23314 18659 23315 /* return code compliant with OpenSSL : … … 18670 23326 WOLFSSL_MSG("bn NULL error"); 18671 23327 return (WOLFSSL_BN_ULONG)WOLFSSL_FATAL_ERROR; 18672 }23328 } 18673 23329 18674 23330 if (mp_mod_d((mp_int*)bn->internal, w, &ret) != MP_OKAY) { 18675 23331 WOLFSSL_MSG("mp_add_d error"); 18676 23332 return (WOLFSSL_BN_ULONG)WOLFSSL_FATAL_ERROR; 18677 }23333 } 18678 23334 18679 23335 return ret; 18680 }23336 } 18681 23337 #endif /* #ifdef WOLFSSL_KEY_GEN */ 18682 23338 18683 #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)18684 23339 char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM *bn) 18685 23340 { … … 18687 23342 char *buf; 18688 23343 18689 WOLFSSL_ MSG("wolfSSL_BN_bn2hex");23344 WOLFSSL_ENTER("wolfSSL_BN_bn2hex"); 18690 23345 18691 23346 if (bn == NULL || bn->internal == NULL) { 18692 23347 WOLFSSL_MSG("bn NULL error"); 18693 23348 return NULL; 18694 }18695 18696 if (mp_radix_size((mp_int*)bn->internal, 16, &len) != MP_OKAY) {23349 } 23350 23351 if (mp_radix_size((mp_int*)bn->internal, MP_RADIX_HEX, &len) != MP_OKAY) { 18697 23352 WOLFSSL_MSG("mp_radix_size failure"); 18698 23353 return NULL; 18699 23354 } 18700 18701 buf = (char*) XMALLOC(len, NULL, DYNAMIC_TYPE_ECC); 23355 len += 1; /* add one for null terminator */ 23356 23357 buf = (char*)XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); 18702 23358 if (buf == NULL) { 18703 WOLFSSL_MSG(" wolfSSL_BN_bn2hex malloc buffer failure");23359 WOLFSSL_MSG("BN_bn2hex malloc buffer failure"); 18704 23360 return NULL; 18705 23361 } 18706 23362 18707 if (mp_to radix((mp_int*)bn->internal, buf, 16) != MP_OKAY) {18708 XFREE(buf, NULL, DYNAMIC_TYPE_ ECC);23363 if (mp_tohex((mp_int*)bn->internal, buf) != MP_OKAY) { 23364 XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL); 18709 23365 return NULL; 18710 }23366 } 18711 23367 18712 23368 return buf; 18713 }23369 } 18714 23370 18715 23371 #ifndef NO_FILESYSTEM … … 18717 23373 * 1 if success, 0 if error 18718 23374 */ 18719 int wolfSSL_BN_print_fp( FILE *fp, const WOLFSSL_BIGNUM *bn)18720 {23375 int wolfSSL_BN_print_fp(XFILE fp, const WOLFSSL_BIGNUM *bn) 23376 { 18721 23377 char *buf; 18722 23378 18723 WOLFSSL_ MSG("wolfSSL_BN_print_fp");18724 18725 if (fp == NULL|| bn == NULL || bn->internal == NULL) {23379 WOLFSSL_ENTER("wolfSSL_BN_print_fp"); 23380 23381 if (fp == XBADFILE || bn == NULL || bn->internal == NULL) { 18726 23382 WOLFSSL_MSG("bn NULL error"); 18727 23383 return WOLFSSL_FAILURE; 18728 }23384 } 18729 23385 18730 23386 buf = wolfSSL_BN_bn2hex(bn); … … 18732 23388 WOLFSSL_MSG("wolfSSL_BN_bn2hex failure"); 18733 23389 return WOLFSSL_FAILURE; 18734 }23390 } 18735 23391 18736 23392 fprintf(fp, "%s", buf); 18737 XFREE(buf, NULL, DYNAMIC_TYPE_ ECC);23393 XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL); 18738 23394 18739 23395 return WOLFSSL_SUCCESS; 18740 } 18741 #endif /* !defined(NO_FILESYSTEM) */ 18742 18743 #else /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */ 18744 18745 char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM *bn) 18746 { 18747 (void)bn; 18748 18749 WOLFSSL_MSG("wolfSSL_BN_bn2hex need WOLFSSL_KEY_GEN or HAVE_COMP_KEY"); 18750 18751 return (char*)""; 18752 } 18753 18754 #ifndef NO_FILESYSTEM 18755 /* return code compliant with OpenSSL : 18756 * 1 if success, 0 if error 18757 */ 18758 int wolfSSL_BN_print_fp(FILE *fp, const WOLFSSL_BIGNUM *bn) 18759 { 18760 (void)fp; 18761 (void)bn; 18762 18763 WOLFSSL_MSG("wolfSSL_BN_print_fp not implemented"); 18764 18765 return WOLFSSL_SUCCESS; 18766 } 18767 #endif /* !defined(NO_FILESYSTEM) */ 18768 18769 #endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */ 23396 } 23397 #endif /* !NO_FILESYSTEM */ 23398 18770 23399 18771 23400 WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx) … … 18777 23406 18778 23407 return wolfSSL_BN_new(); 18779 } 18780 23408 } 23409 23410 #ifndef NO_WOLFSSL_STUB 18781 23411 void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx) 18782 {23412 { 18783 23413 (void)ctx; 18784 23414 18785 23415 WOLFSSL_ENTER("wolfSSL_BN_CTX_start"); 23416 WOLFSSL_STUB("BN_CTX_start"); 18786 23417 WOLFSSL_MSG("wolfSSL_BN_CTX_start TBD"); 18787 } 23418 } 23419 #endif 23420 23421 23422 WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(WOLFSSL_BIGNUM *r, 23423 WOLFSSL_BIGNUM *a, 23424 const WOLFSSL_BIGNUM *n, 23425 WOLFSSL_BN_CTX *ctx) 23426 { 23427 int dynamic = 0; 23428 23429 /* ctx is not used */ 23430 (void)ctx; 23431 23432 WOLFSSL_ENTER("wolfSSL_BN_mod_inverse"); 23433 23434 /* check parameter */ 23435 if (r == NULL) { 23436 r = wolfSSL_BN_new(); 23437 if (r == NULL){ 23438 WOLFSSL_MSG("WolfSSL_BN_new() failed"); 23439 return NULL; 23440 } 23441 dynamic = 1; 23442 } 23443 23444 if (a == NULL) { 23445 WOLFSSL_MSG("a NULL error"); 23446 if (dynamic == 1) { 23447 wolfSSL_BN_free(r); 23448 } 23449 return NULL; 23450 } 23451 23452 if (n == NULL) { 23453 WOLFSSL_MSG("n NULL error"); 23454 if (dynamic == 1) { 23455 wolfSSL_BN_free(r); 23456 } 23457 return NULL; 23458 } 23459 23460 /* Compute inverse of a modulo n and return r */ 23461 if (mp_invmod((mp_int *)a->internal,(mp_int *)n->internal, 23462 (mp_int*)r->internal) == MP_VAL){ 23463 WOLFSSL_MSG("mp_invmod() error"); 23464 if (dynamic == 1) { 23465 wolfSSL_BN_free(r); 23466 } 23467 return NULL; 23468 } 23469 23470 return r; 23471 } 18788 23472 18789 23473 #ifndef NO_DH … … 18831 23515 XFREE(external, NULL, DYNAMIC_TYPE_DH); 18832 23516 return NULL; 18833 23517 } 18834 23518 external->internal = key; 18835 23519 … … 18847 23531 XFREE(dh->internal, NULL, DYNAMIC_TYPE_DH); 18848 23532 dh->internal = NULL; 18849 23533 } 18850 23534 wolfSSL_BN_free(dh->priv_key); 18851 23535 wolfSSL_BN_free(dh->pub_key); … … 18903 23587 dh->inSet = 1; 18904 23588 ret = WOLFSSL_SUCCESS; 18905 23589 } 18906 23590 18907 23591 #ifdef WOLFSSL_SMALL_STACK … … 18909 23593 XFREE(g, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 18910 23594 #endif 18911 23595 } 18912 23596 18913 23597 … … 18926 23610 18927 23611 return wolfSSL_BN_num_bytes(dh->p); 23612 } 23613 23614 23615 /* This sets a big number with the 1536-bit prime from RFC 3526. 23616 * 23617 * bn if not NULL then the big number structure is used. If NULL then a new 23618 * big number structure is created. 23619 * 23620 * Returns a WOLFSSL_BIGNUM structure on success and NULL with failure. 23621 */ 23622 WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn) 23623 { 23624 const char prm[] = { 23625 "FFFFFFFFFFFFFFFFC90FDAA22168C234" 23626 "C4C6628B80DC1CD129024E088A67CC74" 23627 "020BBEA63B139B22514A08798E3404DD" 23628 "EF9519B3CD3A431B302B0A6DF25F1437" 23629 "4FE1356D6D51C245E485B576625E7EC6" 23630 "F44C42E9A637ED6B0BFF5CB6F406B7ED" 23631 "EE386BFB5A899FA5AE9F24117C4B1FE6" 23632 "49286651ECE45B3DC2007CB8A163BF05" 23633 "98DA48361C55D39A69163FA8FD24CF5F" 23634 "83655D23DCA3AD961C62F356208552BB" 23635 "9ED529077096966D670C354E4ABC9804" 23636 "F1746C08CA237327FFFFFFFFFFFFFFFF" 23637 }; 23638 23639 WOLFSSL_ENTER("wolfSSL_DH_1536_prime"); 23640 23641 if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) { 23642 WOLFSSL_MSG("Error converting DH 1536 prime to big number"); 23643 return NULL; 23644 } 23645 23646 return bn; 18928 23647 } 18929 23648 … … 18935 23654 { 18936 23655 int ret = WOLFSSL_FAILURE; 18937 word32 pubSz = 768;18938 word32 privSz = 768;23656 word32 pubSz = 0; 23657 word32 privSz = 0; 18939 23658 int initTmpRng = 0; 18940 23659 WC_RNG* rng = NULL; 18941 23660 #ifdef WOLFSSL_SMALL_STACK 23661 WC_RNG* tmpRNG = NULL; 23662 #else 23663 WC_RNG tmpRNG[1]; 23664 #endif 18942 23665 unsigned char* pub = NULL; 18943 23666 unsigned char* priv = NULL; 18944 WC_RNG* tmpRNG = NULL;18945 #else18946 unsigned char pub [768];18947 unsigned char priv[768];18948 WC_RNG tmpRNG[1];18949 #endif18950 23667 18951 23668 WOLFSSL_MSG("wolfSSL_DH_generate_key"); … … 18953 23670 #ifdef WOLFSSL_SMALL_STACK 18954 23671 tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 18955 pub = (unsigned char*)XMALLOC(pubSz, NULL, DYNAMIC_TYPE_PUBLIC_KEY);18956 priv = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_PRIVATE_KEY);18957 23672 18958 23673 if (tmpRNG == NULL || pub == NULL || priv == NULL) { 18959 23674 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 18960 XFREE(pub, NULL, DYNAMIC_TYPE_PUBLIC_KEY);18961 XFREE(priv, NULL, DYNAMIC_TYPE_PRIVATE_KEY);18962 23675 return ret; 18963 23676 } … … 18978 23691 else 18979 23692 rng = &globalRNG; 18980 23693 } 18981 23694 18982 23695 if (rng) { 18983 if (wc_DhGenerateKeyPair((DhKey*)dh->internal, rng, priv, &privSz, 23696 pubSz = privSz = wolfSSL_BN_num_bytes(dh->p); 23697 pub = (unsigned char*)XMALLOC(pubSz, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 23698 priv = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_PRIVATE_KEY); 23699 if (pub == NULL || priv == NULL) { 23700 WOLFSSL_MSG("Unable to malloc memory"); 23701 } 23702 else if (wc_DhGenerateKeyPair((DhKey*)dh->internal, rng, priv, &privSz, 18984 23703 pub, &pubSz) < 0) 18985 23704 WOLFSSL_MSG("Bad wc_DhGenerateKeyPair"); 18986 else {23705 else { 18987 23706 if (dh->pub_key) 18988 23707 wolfSSL_BN_free(dh->pub_key); … … 18991 23710 if (dh->pub_key == NULL) { 18992 23711 WOLFSSL_MSG("Bad DH new pub"); 18993 23712 } 18994 23713 if (dh->priv_key) 18995 23714 wolfSSL_BN_free(dh->priv_key); … … 18999 23718 if (dh->priv_key == NULL) { 19000 23719 WOLFSSL_MSG("Bad DH new priv"); 19001 23720 } 19002 23721 19003 23722 if (dh->pub_key && dh->priv_key) { … … 19009 23728 ret = WOLFSSL_SUCCESS; 19010 23729 } 19011 19012 23730 } 23731 } 19013 23732 19014 23733 if (initTmpRng) … … 19017 23736 #ifdef WOLFSSL_SMALL_STACK 19018 23737 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 23738 #endif 19019 23739 XFREE(pub, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 19020 23740 XFREE(priv, NULL, DYNAMIC_TYPE_PRIVATE_KEY); 19021 #endif19022 23741 19023 23742 return ret; … … 19054 23773 XFREE(pub, NULL, DYNAMIC_TYPE_PUBLIC_KEY); 19055 23774 return ret; 19056 }23775 } 19057 23776 #endif 19058 23777 … … 19068 23787 privSz = wolfSSL_BN_bn2bin(dh->priv_key, priv); 19069 23788 pubSz = wolfSSL_BN_bn2bin(otherPub, pub); 19070 23789 if (dh->inSet == 0 && SetDhInternal(dh) != SSL_SUCCESS){ 23790 WOLFSSL_MSG("Bad DH set internal"); 23791 } 19071 23792 if (privSz <= 0 || pubSz <= 0) 19072 23793 WOLFSSL_MSG("Bad BN2bin set"); … … 19076 23797 else 19077 23798 ret = (int)keySz; 19078 23799 } 19079 23800 19080 23801 #ifdef WOLFSSL_SMALL_STACK … … 19100 23821 dsa->inSet = 0; 19101 23822 dsa->exSet = 0; 19102 23823 } 19103 23824 } 19104 23825 … … 19115 23836 WOLFSSL_MSG("wolfSSL_DSA_new malloc DsaKey failure"); 19116 23837 return NULL; 19117 23838 } 19118 23839 19119 23840 external = (WOLFSSL_DSA*) XMALLOC(sizeof(WOLFSSL_DSA), NULL, … … 19123 23844 XFREE(key, NULL, DYNAMIC_TYPE_DSA); 19124 23845 return NULL; 19125 23846 } 19126 23847 19127 23848 InitwolfSSL_DSA(external); … … 19131 23852 wolfSSL_DSA_free(external); 19132 23853 return NULL; 19133 23854 } 19134 23855 external->internal = key; 19135 23856 … … 19147 23868 XFREE(dsa->internal, NULL, DYNAMIC_TYPE_DSA); 19148 23869 dsa->internal = NULL; 19149 23870 } 19150 23871 wolfSSL_BN_free(dsa->priv_key); 19151 23872 wolfSSL_BN_free(dsa->pub_key); … … 19162 23883 #endif /* NO_DSA */ 19163 23884 19164 #ifndef NO_RSA 23885 #endif /* OPENSSL_EXTRA */ 23886 #if !defined(NO_RSA) && defined(OPENSSL_EXTRA_X509_SMALL) 19165 23887 static void InitwolfSSL_Rsa(WOLFSSL_RSA* rsa) 19166 23888 { 19167 23889 if (rsa) { 19168 rsa->n = NULL; 19169 rsa->e = NULL; 19170 rsa->d = NULL; 19171 rsa->p = NULL; 19172 rsa->q = NULL; 19173 rsa->dmp1 = NULL; 19174 rsa->dmq1 = NULL; 19175 rsa->iqmp = NULL; 19176 rsa->internal = NULL; 19177 rsa->inSet = 0; 19178 rsa->exSet = 0; 19179 } 19180 } 19181 19182 19183 WOLFSSL_RSA* wolfSSL_RSA_new(void) 19184 { 19185 WOLFSSL_RSA* external; 19186 RsaKey* key; 19187 19188 WOLFSSL_MSG("wolfSSL_RSA_new"); 19189 19190 key = (RsaKey*) XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA); 19191 if (key == NULL) { 19192 WOLFSSL_MSG("wolfSSL_RSA_new malloc RsaKey failure"); 19193 return NULL; 19194 } 19195 19196 external = (WOLFSSL_RSA*) XMALLOC(sizeof(WOLFSSL_RSA), NULL, 19197 DYNAMIC_TYPE_RSA); 19198 if (external == NULL) { 19199 WOLFSSL_MSG("wolfSSL_RSA_new malloc WOLFSSL_RSA failure"); 19200 XFREE(key, NULL, DYNAMIC_TYPE_RSA); 19201 return NULL; 19202 } 19203 19204 InitwolfSSL_Rsa(external); 19205 if (wc_InitRsaKey(key, NULL) != 0) { 19206 WOLFSSL_MSG("InitRsaKey WOLFSSL_RSA failure"); 19207 XFREE(external, NULL, DYNAMIC_TYPE_RSA); 19208 XFREE(key, NULL, DYNAMIC_TYPE_RSA); 19209 return NULL; 19210 } 19211 19212 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && \ 19213 !defined(HAVE_FAST_RSA) && defined(WC_RSA_BLINDING) 19214 { 19215 WC_RNG* rng = NULL; 19216 19217 rng = (WC_RNG*) XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 19218 if (rng != NULL && wc_InitRng(rng) != 0) { 19219 WOLFSSL_MSG("InitRng failure, attempting to use global RNG"); 19220 XFREE(rng, NULL, DYNAMIC_TYPE_RNG); 19221 rng = NULL; 19222 } 19223 19224 if (initGlobalRNG) 19225 rng = &globalRNG; 19226 19227 if (rng == NULL) { 19228 WOLFSSL_MSG("wolfSSL_RSA_new no WC_RNG for blinding"); 19229 XFREE(external, NULL, DYNAMIC_TYPE_RSA); 19230 XFREE(key, NULL, DYNAMIC_TYPE_RSA); 19231 return NULL; 19232 } 19233 19234 wc_RsaSetRNG(key, rng); 19235 } 19236 #endif /* WC_RSA_BLINDING */ 19237 19238 external->internal = key; 19239 19240 return external; 19241 } 19242 23890 XMEMSET(rsa, 0, sizeof(WOLFSSL_RSA)); 23891 } 23892 } 19243 23893 19244 23894 void wolfSSL_RSA_free(WOLFSSL_RSA* rsa) 19245 23895 { 19246 WOLFSSL_ MSG("wolfSSL_RSA_free");23896 WOLFSSL_ENTER("wolfSSL_RSA_free"); 19247 23897 19248 23898 if (rsa) { … … 19250 23900 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && \ 19251 23901 !defined(HAVE_FAST_RSA) && defined(WC_RSA_BLINDING) 19252 WC_RNG* rng = ((RsaKey*)rsa->internal)->rng; 19253 if (rng != NULL && rng != &globalRNG) { 19254 wc_FreeRng(rng); 19255 XFREE(rng, NULL, DYNAMIC_TYPE_RNG); 19256 } 23902 WC_RNG* rng; 23903 23904 /* check if RNG is owned before freeing it */ 23905 if (rsa->ownRng) { 23906 rng = ((RsaKey*)rsa->internal)->rng; 23907 if (rng != NULL && rng != &globalRNG) { 23908 wc_FreeRng(rng); 23909 XFREE(rng, NULL, DYNAMIC_TYPE_RNG); 23910 } 23911 } 19257 23912 #endif /* WC_RSA_BLINDING */ 19258 23913 wc_FreeRsaKey((RsaKey*)rsa->internal); 19259 23914 XFREE(rsa->internal, NULL, DYNAMIC_TYPE_RSA); 19260 23915 rsa->internal = NULL; 19261 23916 } 19262 23917 wolfSSL_BN_free(rsa->iqmp); 19263 23918 wolfSSL_BN_free(rsa->dmq1); … … 19268 23923 wolfSSL_BN_free(rsa->e); 19269 23924 wolfSSL_BN_free(rsa->n); 23925 23926 #ifdef WC_RSA_BLINDING 23927 if (wc_FreeRng(rsa->rng) != 0) { 23928 WOLFSSL_MSG("Issue freeing rng"); 23929 } 23930 XFREE(rsa->rng, NULL, DYNAMIC_TYPE_RNG); 23931 #endif 23932 19270 23933 InitwolfSSL_Rsa(rsa); /* set back to NULLs for safety */ 19271 23934 … … 19274 23937 } 19275 23938 } 19276 #endif /* NO_RSA */ 19277 23939 23940 WOLFSSL_RSA* wolfSSL_RSA_new(void) 23941 { 23942 WOLFSSL_RSA* external; 23943 RsaKey* key; 23944 23945 WOLFSSL_ENTER("wolfSSL_RSA_new"); 23946 23947 key = (RsaKey*) XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA); 23948 if (key == NULL) { 23949 WOLFSSL_MSG("wolfSSL_RSA_new malloc RsaKey failure"); 23950 return NULL; 23951 } 23952 23953 external = (WOLFSSL_RSA*) XMALLOC(sizeof(WOLFSSL_RSA), NULL, 23954 DYNAMIC_TYPE_RSA); 23955 if (external == NULL) { 23956 WOLFSSL_MSG("wolfSSL_RSA_new malloc WOLFSSL_RSA failure"); 23957 XFREE(key, NULL, DYNAMIC_TYPE_RSA); 23958 return NULL; 23959 } 23960 23961 InitwolfSSL_Rsa(external); 23962 if (wc_InitRsaKey(key, NULL) != 0) { 23963 WOLFSSL_MSG("InitRsaKey WOLFSSL_RSA failure"); 23964 XFREE(external, NULL, DYNAMIC_TYPE_RSA); 23965 XFREE(key, NULL, DYNAMIC_TYPE_RSA); 23966 return NULL; 23967 } 23968 23969 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && \ 23970 !defined(HAVE_FAST_RSA) && defined(WC_RSA_BLINDING) 23971 { 23972 WC_RNG* rng = NULL; 23973 23974 rng = (WC_RNG*) XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 23975 if (rng != NULL && wc_InitRng(rng) != 0) { 23976 WOLFSSL_MSG("InitRng failure, attempting to use global RNG"); 23977 XFREE(rng, NULL, DYNAMIC_TYPE_RNG); 23978 rng = NULL; 23979 } 23980 23981 external->ownRng = 1; 23982 if (rng == NULL && initGlobalRNG) { 23983 external->ownRng = 0; 23984 rng = &globalRNG; 23985 } 23986 23987 if (rng == NULL) { 23988 WOLFSSL_MSG("wolfSSL_RSA_new no WC_RNG for blinding"); 23989 XFREE(external, NULL, DYNAMIC_TYPE_RSA); 23990 XFREE(key, NULL, DYNAMIC_TYPE_RSA); 23991 return NULL; 23992 } 23993 23994 wc_RsaSetRNG(key, rng); 23995 } 23996 #endif /* WC_RSA_BLINDING */ 23997 23998 external->internal = key; 23999 external->inSet = 0; 24000 return external; 24001 } 24002 #endif /* !NO_RSA && OPENSSL_EXTRA_X509_SMALL */ 19278 24003 19279 24004 /* these defines are to make sure the functions SetIndividualExternal is not … … 19281 24006 #if !defined(NO_ASN) || !defined(NO_DSA) || defined(HAVE_ECC) || \ 19282 24007 (!defined(NO_RSA) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA)) 24008 24009 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 19283 24010 /* when calling SetIndividualExternal, mpi should be cleared by caller if no 19284 * longer used. ie mp_ clear(mpi). This is to free data when fastmath is24011 * longer used. ie mp_free(mpi). This is to free data when fastmath is 19285 24012 * disabled since a copy of mpi is made by this function and placed into bn. 19286 24013 */ … … 19294 24021 WOLFSSL_MSG("mpi NULL error"); 19295 24022 return WOLFSSL_FATAL_ERROR; 19296 24023 } 19297 24024 19298 24025 if (*bn == NULL) { … … 19311 24038 } 19312 24039 return WOLFSSL_FATAL_ERROR; 19313 24040 } 19314 24041 19315 24042 return WOLFSSL_SUCCESS; 19316 24043 } 19317 24044 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 24045 24046 #ifdef OPENSSL_EXTRA /* only without X509_SMALL */ 24047 /* when calling SetIndividualInternal, mpi should be cleared by caller if no 24048 * longer used. ie mp_free(mpi). This is to free data when fastmath is 24049 * disabled since a copy of mpi is made by this function and placed into bn. 24050 */ 19318 24051 static int SetIndividualInternal(WOLFSSL_BIGNUM* bn, mp_int* mpi) 19319 24052 { … … 19323 24056 WOLFSSL_MSG("bn NULL error"); 19324 24057 return WOLFSSL_FATAL_ERROR; 19325 24058 } 19326 24059 19327 24060 if (mpi == NULL || (mp_init(mpi) != MP_OKAY)) { … … 19333 24066 WOLFSSL_MSG("mp_copy error"); 19334 24067 return WOLFSSL_FATAL_ERROR; 19335 24068 } 19336 24069 19337 24070 return WOLFSSL_SUCCESS; 19338 24071 } 19339 19340 24072 19341 24073 #ifndef NO_ASN … … 19353 24085 } 19354 24086 19355 if ((ret = GetInt(&mpi, ai->data, &idx, sizeof(ai->data))) != 0) {24087 if ((ret = GetInt(&mpi, ai->data, &idx, ai->dataMax)) != 0) { 19356 24088 /* expecting ASN1 format for INTEGER */ 19357 24089 WOLFSSL_LEAVE("wolfSSL_ASN1_INTEGER_to_BN", ret); … … 19368 24100 } 19369 24101 return bn; 19370 }24102 } 19371 24103 #endif /* !NO_ASN */ 19372 24104 … … 19406 24138 wolfSSL_DH_free(dh); 19407 24139 return NULL; 19408 24140 } 19409 24141 if (SetIndividualExternal(&dh->g, &key->g) != WOLFSSL_SUCCESS) { 19410 24142 WOLFSSL_MSG("dsa g key error"); 19411 24143 wolfSSL_DH_free(dh); 19412 24144 return NULL; 19413 24145 } 19414 24146 19415 24147 return dh; … … 19417 24149 #endif /* !defined(NO_DSA) && !defined(NO_DH) */ 19418 24150 24151 #endif /* OPENSSL_EXTRA */ 19419 24152 #endif /* !NO_RSA && !NO_DSA */ 19420 24153 24154 #ifdef OPENSSL_EXTRA 19421 24155 19422 24156 #ifndef NO_DSA … … 19473 24207 WOLFSSL_MSG("dsa key NULL error"); 19474 24208 return WOLFSSL_FATAL_ERROR; 19475 24209 } 19476 24210 19477 24211 key = (DsaKey*)dsa->internal; … … 19487 24221 WOLFSSL_MSG("rsa q key error"); 19488 24222 return WOLFSSL_FATAL_ERROR; 19489 24223 } 19490 24224 19491 24225 if (dsa->g != NULL && … … 19493 24227 WOLFSSL_MSG("rsa g key error"); 19494 24228 return WOLFSSL_FATAL_ERROR; 19495 24229 } 19496 24230 19497 24231 if (dsa->pub_key != NULL) { … … 19499 24233 WOLFSSL_MSG("rsa pub_key error"); 19500 24234 return WOLFSSL_FATAL_ERROR; 19501 24235 } 19502 24236 19503 24237 /* public key */ 19504 24238 key->type = DSA_PUBLIC; 19505 24239 } 19506 24240 19507 24241 if (dsa->priv_key != NULL) { … … 19509 24243 WOLFSSL_MSG("rsa priv_key error"); 19510 24244 return WOLFSSL_FATAL_ERROR; 19511 24245 } 19512 24246 19513 24247 /* private key */ 19514 24248 key->type = DSA_PRIVATE; 19515 24249 } 19516 24250 19517 24251 dsa->inSet = 1; … … 19520 24254 } 19521 24255 #endif /* NO_DSA */ 19522 19523 19524 #if !defined( NO_RSA)19525 #if !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA)24256 #endif /* OPENSSL_EXTRA */ 24257 24258 #if !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) && \ 24259 !defined(NO_RSA) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 19526 24260 /* WolfSSL -> OpenSSL */ 19527 24261 static int SetRsaExternal(WOLFSSL_RSA* rsa) … … 19533 24267 WOLFSSL_MSG("rsa key NULL error"); 19534 24268 return WOLFSSL_FATAL_ERROR; 19535 24269 } 19536 24270 19537 24271 key = (RsaKey*)rsa->internal; … … 19540 24274 WOLFSSL_MSG("rsa n key error"); 19541 24275 return WOLFSSL_FATAL_ERROR; 19542 24276 } 19543 24277 19544 24278 if (SetIndividualExternal(&rsa->e, &key->e) != WOLFSSL_SUCCESS) { 19545 24279 WOLFSSL_MSG("rsa e key error"); 19546 24280 return WOLFSSL_FATAL_ERROR; 19547 } 19548 19549 if (SetIndividualExternal(&rsa->d, &key->d) != WOLFSSL_SUCCESS) { 19550 WOLFSSL_MSG("rsa d key error"); 19551 return WOLFSSL_FATAL_ERROR; 19552 } 19553 19554 if (SetIndividualExternal(&rsa->p, &key->p) != WOLFSSL_SUCCESS) { 19555 WOLFSSL_MSG("rsa p key error"); 19556 return WOLFSSL_FATAL_ERROR; 19557 } 19558 19559 if (SetIndividualExternal(&rsa->q, &key->q) != WOLFSSL_SUCCESS) { 19560 WOLFSSL_MSG("rsa q key error"); 19561 return WOLFSSL_FATAL_ERROR; 19562 } 19563 19564 if (SetIndividualExternal(&rsa->dmp1, &key->dP) != WOLFSSL_SUCCESS) { 19565 WOLFSSL_MSG("rsa dP key error"); 19566 return WOLFSSL_FATAL_ERROR; 19567 } 19568 19569 if (SetIndividualExternal(&rsa->dmq1, &key->dQ) != WOLFSSL_SUCCESS) { 19570 WOLFSSL_MSG("rsa dQ key error"); 19571 return WOLFSSL_FATAL_ERROR; 19572 } 19573 19574 if (SetIndividualExternal(&rsa->iqmp, &key->u) != WOLFSSL_SUCCESS) { 19575 WOLFSSL_MSG("rsa u key error"); 19576 return WOLFSSL_FATAL_ERROR; 19577 } 19578 24281 } 24282 24283 if (key->type == RSA_PRIVATE) { 24284 if (SetIndividualExternal(&rsa->d, &key->d) != WOLFSSL_SUCCESS) { 24285 WOLFSSL_MSG("rsa d key error"); 24286 return WOLFSSL_FATAL_ERROR; 24287 } 24288 24289 if (SetIndividualExternal(&rsa->p, &key->p) != WOLFSSL_SUCCESS) { 24290 WOLFSSL_MSG("rsa p key error"); 24291 return WOLFSSL_FATAL_ERROR; 24292 } 24293 24294 if (SetIndividualExternal(&rsa->q, &key->q) != WOLFSSL_SUCCESS) { 24295 WOLFSSL_MSG("rsa q key error"); 24296 return WOLFSSL_FATAL_ERROR; 24297 } 24298 24299 #ifndef RSA_LOW_MEM 24300 if (SetIndividualExternal(&rsa->dmp1, &key->dP) != WOLFSSL_SUCCESS) { 24301 WOLFSSL_MSG("rsa dP key error"); 24302 return WOLFSSL_FATAL_ERROR; 24303 } 24304 24305 if (SetIndividualExternal(&rsa->dmq1, &key->dQ) != WOLFSSL_SUCCESS) { 24306 WOLFSSL_MSG("rsa dQ key error"); 24307 return WOLFSSL_FATAL_ERROR; 24308 } 24309 24310 if (SetIndividualExternal(&rsa->iqmp, &key->u) != WOLFSSL_SUCCESS) { 24311 WOLFSSL_MSG("rsa u key error"); 24312 return WOLFSSL_FATAL_ERROR; 24313 } 24314 #endif /* !RSA_LOW_MEM */ 24315 } 19579 24316 rsa->exSet = 1; 19580 24317 19581 24318 return WOLFSSL_SUCCESS; 19582 24319 } 19583 24320 #endif 24321 24322 #ifdef OPENSSL_EXTRA 24323 #if !defined(NO_RSA) 24324 #if !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) 19584 24325 /* Openssl -> WolfSSL */ 19585 24326 static int SetRsaInternal(WOLFSSL_RSA* rsa) … … 19591 24332 WOLFSSL_MSG("rsa key NULL error"); 19592 24333 return WOLFSSL_FATAL_ERROR; 19593 24334 } 19594 24335 19595 24336 key = (RsaKey*)rsa->internal; … … 19598 24339 WOLFSSL_MSG("rsa n key error"); 19599 24340 return WOLFSSL_FATAL_ERROR; 19600 24341 } 19601 24342 19602 24343 if (SetIndividualInternal(rsa->e, &key->e) != WOLFSSL_SUCCESS) { 19603 24344 WOLFSSL_MSG("rsa e key error"); 19604 24345 return WOLFSSL_FATAL_ERROR; 19605 24346 } 19606 24347 19607 24348 /* public key */ … … 19612 24353 WOLFSSL_MSG("rsa d key error"); 19613 24354 return WOLFSSL_FATAL_ERROR; 19614 24355 } 19615 24356 19616 24357 /* private key */ 19617 24358 key->type = RSA_PRIVATE; 19618 24359 } 19619 24360 19620 24361 if (rsa->p != NULL && … … 19622 24363 WOLFSSL_MSG("rsa p key error"); 19623 24364 return WOLFSSL_FATAL_ERROR; 19624 24365 } 19625 24366 19626 24367 if (rsa->q != NULL && … … 19628 24369 WOLFSSL_MSG("rsa q key error"); 19629 24370 return WOLFSSL_FATAL_ERROR; 19630 } 19631 24371 } 24372 24373 #ifndef RSA_LOW_MEM 19632 24374 if (rsa->dmp1 != NULL && 19633 24375 SetIndividualInternal(rsa->dmp1, &key->dP) != WOLFSSL_SUCCESS) { 19634 24376 WOLFSSL_MSG("rsa dP key error"); 19635 24377 return WOLFSSL_FATAL_ERROR; 19636 24378 } 19637 24379 19638 24380 if (rsa->dmq1 != NULL && … … 19640 24382 WOLFSSL_MSG("rsa dQ key error"); 19641 24383 return WOLFSSL_FATAL_ERROR; 19642 24384 } 19643 24385 19644 24386 if (rsa->iqmp != NULL && … … 19646 24388 WOLFSSL_MSG("rsa u key error"); 19647 24389 return WOLFSSL_FATAL_ERROR; 19648 } 24390 } 24391 #endif /* !RSA_LOW_MEM */ 19649 24392 19650 24393 rsa->inSet = 1; … … 19652 24395 return WOLFSSL_SUCCESS; 19653 24396 } 19654 #endif /* HAVE_USER_RSA */ 19655 19656 /* return compliant with OpenSSL 19657 * 1 if success, 0 if error 19658 */ 19659 int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* bn, 19660 void* cb) 19661 { 19662 int ret = WOLFSSL_FAILURE; 19663 19664 (void)cb; 19665 (void)bn; 19666 (void)bits; 19667 19668 WOLFSSL_ENTER("wolfSSL_RSA_generate_key_ex"); 19669 19670 if (rsa == NULL || rsa->internal == NULL) { 19671 /* bit size checked during make key call */ 19672 WOLFSSL_MSG("bad arguments"); 19673 return WOLFSSL_FAILURE; 19674 } 19675 19676 #ifdef WOLFSSL_KEY_GEN 19677 { 19678 #ifdef WOLFSSL_SMALL_STACK 19679 WC_RNG* rng = NULL; 19680 #else 19681 WC_RNG rng[1]; 19682 #endif 19683 19684 #ifdef WOLFSSL_SMALL_STACK 19685 rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 19686 if (rng == NULL) 19687 return WOLFSSL_FAILURE; 19688 #endif 19689 19690 if (wc_InitRng(rng) < 0) 19691 WOLFSSL_MSG("RNG init failed"); 19692 else if (wc_MakeRsaKey((RsaKey*)rsa->internal, 19693 bits, 65537, rng) != MP_OKAY) 19694 WOLFSSL_MSG("wc_MakeRsaKey failed"); 19695 else if (SetRsaExternal(rsa) != WOLFSSL_SUCCESS) 19696 WOLFSSL_MSG("SetRsaExternal failed"); 19697 else { 19698 rsa->inSet = 1; 19699 ret = WOLFSSL_SUCCESS; 19700 } 19701 19702 wc_FreeRng(rng); 19703 #ifdef WOLFSSL_SMALL_STACK 19704 XFREE(rng, NULL, DYNAMIC_TYPE_RNG); 19705 #endif 19706 } 19707 #else 19708 WOLFSSL_MSG("No Key Gen built in"); 19709 #endif 19710 return ret; 19711 } 19712 19713 19714 /* WOLFSSL_SUCCESS on ok */ 24397 24398 24399 /* SSL_SUCCESS on ok */ 24400 #ifndef NO_WOLFSSL_STUB 19715 24401 int wolfSSL_RSA_blinding_on(WOLFSSL_RSA* rsa, WOLFSSL_BN_CTX* bn) 19716 24402 { 19717 24403 (void)rsa; 19718 24404 (void)bn; 19719 24405 WOLFSSL_STUB("RSA_blinding_on"); 19720 24406 WOLFSSL_MSG("wolfSSL_RSA_blinding_on"); 19721 24407 19722 24408 return WOLFSSL_SUCCESS; /* on by default */ 19723 24409 } 24410 #endif 19724 24411 19725 24412 /* return compliant with OpenSSL … … 19729 24416 unsigned char* to, WOLFSSL_RSA* rsa, int padding) 19730 24417 { 19731 int tlen = 0; 19732 int initTmpRng = 0; 19733 WC_RNG* rng = NULL; 24418 int initTmpRng = 0; 24419 WC_RNG *rng = NULL; 24420 int outLen; 24421 int ret = 0; 19734 24422 #ifdef WOLFSSL_SMALL_STACK 19735 24423 WC_RNG* tmpRNG = NULL; … … 19738 24426 #endif 19739 24427 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) 19740 int mgf = WC_MGF1NONE;24428 int mgf = WC_MGF1NONE; 19741 24429 enum wc_HashType hash = WC_HASH_TYPE_NONE; 19742 24430 #endif 19743 24431 19744 24432 WOLFSSL_MSG("wolfSSL_RSA_public_encrypt"); 19745 19746 if (rsa == NULL || rsa->internal == NULL || fr == NULL) {19747 WOLFSSL_MSG("Bad function arguments");19748 return 0;19749 }19750 24433 19751 24434 /* Check and remap the padding to internal values, if needed. */ … … 19757 24440 hash = WC_HASH_TYPE_SHA; 19758 24441 mgf = WC_MGF1SHA1; 19759 24442 } 19760 24443 #else 19761 24444 if (padding == RSA_PKCS1_PADDING) … … 19768 24451 19769 24452 if (rsa->inSet == 0) 19770 { 19771 WOLFSSL_MSG("No RSA internal set, do it"); 19772 19773 if (SetRsaInternal(rsa) != WOLFSSL_SUCCESS) { 24453 { 24454 if (SetRsaInternal(rsa) != SSL_SUCCESS) { 19774 24455 WOLFSSL_MSG("SetRsaInternal failed"); 19775 24456 return 0; 19776 } 19777 } 24457 } 24458 } 24459 24460 outLen = wolfSSL_RSA_size(rsa); 19778 24461 19779 24462 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && \ … … 19783 24466 if (rng == NULL) { 19784 24467 #ifdef WOLFSSL_SMALL_STACK 19785 tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_ RNG);24468 tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER); 19786 24469 if (tmpRNG == NULL) 19787 return WOLFSSL_FATAL_ERROR;24470 return 0; 19788 24471 #endif 19789 24472 … … 19799 24482 rng = &globalRNG; 19800 24483 } 19801 } 19802 19803 /* size of 'to' buffer must be size of RSA key */ 24484 } 24485 24486 if (outLen == 0) { 24487 WOLFSSL_MSG("Bad RSA size"); 24488 } 24489 19804 24490 if (rng) { 19805 24491 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) 19806 tlen = wc_RsaPublicEncrypt_ex(fr, len, to, wolfSSL_RSA_size(rsa),24492 ret = wc_RsaPublicEncrypt_ex(fr, len, to, outLen, 19807 24493 (RsaKey*)rsa->internal, rng, padding, 19808 24494 hash, mgf, NULL, 0); 19809 24495 #else 19810 tlen = wc_RsaPublicEncrypt(fr, len, to, wolfSSL_RSA_size(rsa),24496 ret = wc_RsaPublicEncrypt(fr, len, to, outLen, 19811 24497 (RsaKey*)rsa->internal, rng); 19812 24498 #endif 19813 if (tlen <= 0) { 19814 WOLFSSL_MSG("wolfSSL_RSA_public_encrypt failed"); 19815 } 19816 else { 19817 WOLFSSL_MSG("wolfSSL_RSA_public_encrypt success"); 19818 } 19819 } 24499 if (ret <= 0) { 24500 WOLFSSL_MSG("Bad Rsa Encrypt"); 24501 } 24502 if (len <= 0) { 24503 WOLFSSL_MSG("Bad Rsa Encrypt"); 24504 } 24505 } 24506 19820 24507 if (initTmpRng) 19821 24508 wc_FreeRng(tmpRNG); 19822 24509 19823 24510 #ifdef WOLFSSL_SMALL_STACK 19824 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 19825 #endif 19826 return tlen; 24511 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER); 24512 #endif 24513 24514 if (ret >= 0) 24515 WOLFSSL_MSG("wolfSSL_RSA_public_encrypt success"); 24516 else { 24517 WOLFSSL_MSG("wolfSSL_RSA_public_encrypt failed"); 24518 ret = WOLFSSL_FATAL_ERROR; /* return -1 on error case */ 24519 } 24520 return ret; 19827 24521 } 19828 24522 … … 19833 24527 unsigned char* to, WOLFSSL_RSA* rsa, int padding) 19834 24528 { 19835 int tlen = 0; 19836 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) 24529 int outLen; 24530 int ret = 0; 24531 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) 19837 24532 int mgf = WC_MGF1NONE; 19838 24533 enum wc_HashType hash = WC_HASH_TYPE_NONE; 19839 #endif24534 #endif 19840 24535 19841 24536 WOLFSSL_MSG("wolfSSL_RSA_private_decrypt"); 19842 24537 19843 if (rsa == NULL || rsa->internal == NULL || fr == NULL) {19844 WOLFSSL_MSG("Bad function arguments");19845 return 0;19846 }19847 19848 /* Check and remap the padding to internal values, if needed. */19849 24538 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) 19850 24539 if (padding == RSA_PKCS1_PADDING) … … 19861 24550 else { 19862 24551 WOLFSSL_MSG("wolfSSL_RSA_private_decrypt unsupported padding"); 19863 19864 24552 return 0; 24553 } 19865 24554 19866 24555 if (rsa->inSet == 0) 19867 { 19868 WOLFSSL_MSG("No RSA internal set, do it"); 19869 19870 if (SetRsaInternal(rsa) != WOLFSSL_SUCCESS) { 24556 { 24557 if (SetRsaInternal(rsa) != SSL_SUCCESS) { 19871 24558 WOLFSSL_MSG("SetRsaInternal failed"); 19872 return 0; 19873 } 24559 return 0; 24560 } 24561 } 24562 24563 outLen = wolfSSL_RSA_size(rsa); 24564 if (outLen == 0) { 24565 WOLFSSL_MSG("Bad RSA size"); 19874 24566 } 19875 24567 19876 24568 /* size of 'to' buffer must be size of RSA key */ 19877 24569 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) 19878 tlen = wc_RsaPrivateDecrypt_ex(fr, len, to, wolfSSL_RSA_size(rsa),24570 ret = wc_RsaPrivateDecrypt_ex(fr, len, to, outLen, 19879 24571 (RsaKey*)rsa->internal, padding, 19880 24572 hash, mgf, NULL, 0); 19881 24573 #else 19882 tlen = wc_RsaPrivateDecrypt(fr, len, to, wolfSSL_RSA_size(rsa),24574 ret = wc_RsaPrivateDecrypt(fr, len, to, outLen, 19883 24575 (RsaKey*)rsa->internal); 19884 24576 #endif 19885 if (tlen <= 0) { 24577 24578 if (len <= 0) { 24579 WOLFSSL_MSG("Bad Rsa Decrypt"); 24580 } 24581 24582 if (ret > 0) 24583 WOLFSSL_MSG("wolfSSL_RSA_private_decrypt success"); 24584 else { 19886 24585 WOLFSSL_MSG("wolfSSL_RSA_private_decrypt failed"); 19887 } 19888 else { 19889 WOLFSSL_MSG("wolfSSL_RSA_private_decrypt success"); 19890 } 19891 return tlen; 19892 } 24586 ret = WOLFSSL_FATAL_ERROR; 24587 } 24588 return ret; 24589 } 24590 24591 24592 /* RSA private encrypt calls wc_RsaSSL_Sign. Similar function set up as RSA 24593 * public decrypt. 24594 * 24595 * len Length of input buffer 24596 * in Input buffer to sign 24597 * out Output buffer (expected to be greater than or equal to RSA key size) 24598 * rsa Key to use for encryption 24599 * padding Type of RSA padding to use. 24600 */ 24601 int wolfSSL_RSA_private_encrypt(int len, unsigned char* in, 24602 unsigned char* out, WOLFSSL_RSA* rsa, int padding) 24603 { 24604 int sz = 0; 24605 WC_RNG* rng = NULL; 24606 RsaKey* key; 24607 24608 WOLFSSL_MSG("wolfSSL_RSA_private_encrypt"); 24609 24610 if (len < 0 || rsa == NULL || rsa->internal == NULL || in == NULL) { 24611 WOLFSSL_MSG("Bad function arguments"); 24612 return 0; 24613 } 24614 24615 if (padding != RSA_PKCS1_PADDING) { 24616 WOLFSSL_MSG("wolfSSL_RSA_private_encrypt unsupported padding"); 24617 return 0; 24618 } 24619 24620 if (rsa->inSet == 0) 24621 { 24622 WOLFSSL_MSG("Setting internal RSA structure"); 24623 24624 if (SetRsaInternal(rsa) != SSL_SUCCESS) { 24625 WOLFSSL_MSG("SetRsaInternal failed"); 24626 return 0; 24627 } 24628 } 24629 24630 key = (RsaKey*)rsa->internal; 24631 #if defined(WC_RSA_BLINDING) && !defined(HAVE_USER_RSA) 24632 rng = key->rng; 24633 #else 24634 #ifndef HAVE_FIPS 24635 if (wc_InitRng_ex(rng, key->heap, INVALID_DEVID) != 0) { 24636 #else 24637 if (wc_InitRng(rng) != 0) { 24638 #endif 24639 WOLFSSL_MSG("Error with random number"); 24640 return SSL_FATAL_ERROR; 24641 } 24642 #endif 24643 24644 /* size of output buffer must be size of RSA key */ 24645 sz = wc_RsaSSL_Sign(in, (word32)len, out, wolfSSL_RSA_size(rsa), key, rng); 24646 #if !defined(WC_RSA_BLINDING) || defined(HAVE_USER_RSA) 24647 if (wc_FreeRng(rng) != 0) { 24648 WOLFSSL_MSG("Error freeing random number generator"); 24649 return SSL_FATAL_ERROR; 24650 } 24651 #endif 24652 if (sz <= 0) { 24653 WOLFSSL_LEAVE("wolfSSL_RSA_private_encrypt", sz); 24654 return 0; 24655 } 24656 24657 return sz; 24658 } 24659 #endif /* HAVE_USER_RSA */ 19893 24660 19894 24661 /* return compliant with OpenSSL … … 19897 24664 int wolfSSL_RSA_size(const WOLFSSL_RSA* rsa) 19898 24665 { 19899 WOLFSSL_ MSG("wolfSSL_RSA_size");24666 WOLFSSL_ENTER("wolfSSL_RSA_size"); 19900 24667 19901 24668 if (rsa == NULL) 19902 24669 return WOLFSSL_FATAL_ERROR; 19903 19904 return wolfSSL_BN_num_bytes(rsa->n); 24670 if (rsa->inSet == 0) 24671 { 24672 if (SetRsaInternal((WOLFSSL_RSA*)rsa) != SSL_SUCCESS) { 24673 WOLFSSL_MSG("SetRsaInternal failed"); 24674 return 0; 24675 } 24676 } 24677 return wc_RsaEncryptSize((RsaKey*)rsa->internal); 24678 } 24679 24680 24681 /* Generates a RSA key of length len 24682 * 24683 * len length of RSA key i.e. 2048 24684 * e e to use when generating RSA key 24685 * f callback function for generation details 24686 * data user callback argument 24687 * 24688 * Note: Because of wc_MakeRsaKey an RSA key size generated can be slightly 24689 * rounded down. For example generating a key of size 2999 with e = 24690 * 65537 will make a key of size 374 instead of 375. 24691 * Returns a new RSA key on success and NULL on failure 24692 */ 24693 WOLFSSL_RSA* wolfSSL_RSA_generate_key(int len, unsigned long e, 24694 void(*f)(int, int, void*), void* data) 24695 { 24696 WOLFSSL_RSA* rsa = NULL; 24697 WOLFSSL_BIGNUM* bn = NULL; 24698 24699 WOLFSSL_ENTER("wolfSSL_RSA_generate_key"); 24700 24701 (void)f; 24702 (void)data; 24703 24704 if (len < 0) { 24705 WOLFSSL_MSG("Bad argument: length was less than 0"); 24706 return NULL; 24707 } 24708 24709 bn = wolfSSL_BN_new(); 24710 if (bn == NULL) { 24711 WOLFSSL_MSG("Error creating big number"); 24712 return NULL; 24713 } 24714 24715 if (wolfSSL_BN_set_word(bn, (WOLFSSL_BN_ULONG)e) != SSL_SUCCESS) { 24716 WOLFSSL_MSG("Error using e value"); 24717 wolfSSL_BN_free(bn); 24718 return NULL; 24719 } 24720 24721 rsa = wolfSSL_RSA_new(); 24722 if (rsa == NULL) { 24723 WOLFSSL_MSG("memory error"); 24724 } 24725 else { 24726 if (wolfSSL_RSA_generate_key_ex(rsa, len, bn, NULL) != SSL_SUCCESS){ 24727 wolfSSL_RSA_free(rsa); 24728 rsa = NULL; 24729 } 24730 } 24731 wolfSSL_BN_free(bn); 24732 24733 return rsa; 24734 } 24735 24736 24737 /* return compliant with OpenSSL 24738 * 1 if success, 0 if error 24739 */ 24740 int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* bn, 24741 void* cb) 24742 { 24743 int ret = WOLFSSL_FAILURE; 24744 24745 (void)cb; 24746 (void)bn; 24747 (void)bits; 24748 24749 WOLFSSL_ENTER("wolfSSL_RSA_generate_key_ex"); 24750 24751 if (rsa == NULL || rsa->internal == NULL) { 24752 /* bit size checked during make key call */ 24753 WOLFSSL_MSG("bad arguments"); 24754 return WOLFSSL_FAILURE; 24755 } 24756 24757 #ifdef WOLFSSL_KEY_GEN 24758 { 24759 #ifdef WOLFSSL_SMALL_STACK 24760 WC_RNG* rng = NULL; 24761 #else 24762 WC_RNG rng[1]; 24763 #endif 24764 24765 #ifdef WOLFSSL_SMALL_STACK 24766 rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 24767 if (rng == NULL) 24768 return WOLFSSL_FAILURE; 24769 #endif 24770 24771 if (wc_InitRng(rng) < 0) 24772 WOLFSSL_MSG("RNG init failed"); 24773 else if (wc_MakeRsaKey((RsaKey*)rsa->internal, bits, 24774 wolfSSL_BN_get_word(bn), rng) != MP_OKAY) 24775 WOLFSSL_MSG("wc_MakeRsaKey failed"); 24776 else if (SetRsaExternal(rsa) != WOLFSSL_SUCCESS) 24777 WOLFSSL_MSG("SetRsaExternal failed"); 24778 else { 24779 rsa->inSet = 1; 24780 ret = WOLFSSL_SUCCESS; 24781 } 24782 24783 wc_FreeRng(rng); 24784 #ifdef WOLFSSL_SMALL_STACK 24785 XFREE(rng, NULL, DYNAMIC_TYPE_RNG); 24786 #endif 24787 } 24788 #else 24789 WOLFSSL_MSG("No Key Gen built in"); 24790 #endif 24791 return ret; 19905 24792 } 19906 24793 #endif /* NO_RSA */ … … 19928 24815 return ret; 19929 24816 } 19930 24817 } 19931 24818 19932 24819 #ifdef WOLFSSL_KEY_GEN … … 19964 24851 else 19965 24852 ret = WOLFSSL_SUCCESS; 19966 24853 } 19967 24854 19968 24855 if (initTmpRng) … … 19978 24865 return ret; 19979 24866 } 24867 24868 24869 /* Returns a pointer to a new WOLFSSL_DSA structure on success and NULL on fail 24870 */ 24871 WOLFSSL_DSA* wolfSSL_DSA_generate_parameters(int bits, unsigned char* seed, 24872 int seedLen, int* counterRet, unsigned long* hRet, 24873 WOLFSSL_BN_CB cb, void* CBArg) 24874 { 24875 WOLFSSL_DSA* dsa; 24876 24877 WOLFSSL_ENTER("wolfSSL_DSA_generate_parameters()"); 24878 24879 (void)cb; 24880 (void)CBArg; 24881 dsa = wolfSSL_DSA_new(); 24882 if (dsa == NULL) { 24883 return NULL; 24884 } 24885 24886 if (wolfSSL_DSA_generate_parameters_ex(dsa, bits, seed, seedLen, 24887 counterRet, hRet, NULL) != SSL_SUCCESS) { 24888 wolfSSL_DSA_free(dsa); 24889 return NULL; 24890 } 24891 24892 return dsa; 24893 } 24894 19980 24895 19981 24896 /* return code compliant with OpenSSL : … … 20001 24916 WOLFSSL_MSG("Bad arguments"); 20002 24917 return WOLFSSL_FAILURE; 20003 24918 } 20004 24919 20005 24920 #ifdef WOLFSSL_KEY_GEN 20006 24921 { 20007 24922 int initTmpRng = 0; 20008 24923 WC_RNG *rng = NULL; … … 20021 24936 rng = tmpRNG; 20022 24937 initTmpRng = 1; 20023 20024 24938 } 24939 else { 20025 24940 WOLFSSL_MSG("Bad RNG Init, trying global"); 20026 24941 if (initGlobalRNG == 0) … … 20046 24961 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 20047 24962 #endif 20048 }24963 } 20049 24964 #else /* WOLFSSL_KEY_GEN */ 20050 24965 WOLFSSL_MSG("No Key Gen built in"); … … 20052 24967 20053 24968 return ret; 20054 }24969 } 20055 24970 20056 24971 /* return WOLFSSL_SUCCESS on success, < 0 otherwise */ … … 20072 24987 WOLFSSL_MSG("Bad function arguments"); 20073 24988 return ret; 20074 }24989 } 20075 24990 20076 24991 if (dsa->inSet == 0) … … 20082 24997 return ret; 20083 24998 } 20084 }24999 } 20085 25000 20086 25001 #ifdef WOLFSSL_SMALL_STACK … … 20100 25015 else 20101 25016 rng = &globalRNG; 20102 25017 } 20103 25018 20104 25019 if (rng) { … … 20107 25022 else 20108 25023 ret = WOLFSSL_SUCCESS; 20109 25024 } 20110 25025 20111 25026 if (initTmpRng) … … 20129 25044 WOLFSSL_MSG("Bad function arguments"); 20130 25045 return WOLFSSL_FATAL_ERROR; 20131 }25046 } 20132 25047 if (dsa->inSet == 0) 20133 25048 { … … 20137 25052 WOLFSSL_MSG("SetDsaInternal failed"); 20138 25053 return WOLFSSL_FATAL_ERROR; 20139 20140 25054 } 25055 } 20141 25056 20142 25057 ret = DsaVerify(d, sig, (DsaKey*)dsa->internal, dsacheck); … … 20151 25066 20152 25067 20153 #ifndef NO_RSA 25068 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA) 25069 25070 #ifdef DEBUG_SIGN 25071 static void show(const char *title, const unsigned char *out, unsigned int outlen) 25072 { 25073 const unsigned char *pt; 25074 printf("%s[%d] = \n", title, (int)outlen); 25075 outlen = outlen>100?100:outlen; 25076 for (pt = out; pt < out + outlen; 25077 printf("%c", ((*pt)&0x6f)>='A'?((*pt)&0x6f):'.'), pt++); 25078 printf("\n"); 25079 } 25080 #else 25081 #define show(a,b,c) 25082 #endif 25083 20154 25084 /* return SSL_SUCCES on ok, 0 otherwise */ 20155 25085 int wolfSSL_RSA_sign(int type, const unsigned char* m, 20156 25086 unsigned int mLen, unsigned char* sigRet, 20157 25087 unsigned int* sigLen, WOLFSSL_RSA* rsa) 25088 { 25089 return wolfSSL_RSA_sign_ex(type, m, mLen, sigRet, sigLen, rsa, 1); 25090 } 25091 25092 int wolfSSL_RSA_sign_ex(int type, const unsigned char* m, 25093 unsigned int mLen, unsigned char* sigRet, 25094 unsigned int* sigLen, WOLFSSL_RSA* rsa, int flag) 20158 25095 { 20159 25096 word32 outLen; … … 20170 25107 #endif 20171 25108 20172 WOLFSSL_ MSG("wolfSSL_RSA_sign");25109 WOLFSSL_ENTER("wolfSSL_RSA_sign"); 20173 25110 20174 25111 if (m == NULL || sigRet == NULL || sigLen == NULL || rsa == NULL) { … … 20176 25113 return 0; 20177 25114 } 25115 show("Message to Sign", m, mLen); 20178 25116 20179 25117 switch (type) { … … 20198 25136 default: 20199 25137 WOLFSSL_MSG("This NID (md type) not configured or not implemented"); 20200 20201 25138 return 0; 25139 } 20202 25140 20203 25141 if (rsa->inSet == 0) 20204 25142 { 20205 25143 WOLFSSL_MSG("No RSA internal set, do it"); 20206 25144 20207 25145 if (SetRsaInternal(rsa) != WOLFSSL_SUCCESS) { 20208 25146 WOLFSSL_MSG("SetRsaInternal failed"); 20209 20210 25147 return 0; 25148 } 20211 25149 } 20212 25150 … … 20222 25160 if (encodedSig == NULL) { 20223 25161 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 20224 20225 25162 return 0; 25163 } 20226 25164 #endif 20227 25165 … … 20239 25177 else 20240 25178 rng = &globalRNG; 20241 25179 } 20242 25180 20243 25181 if (rng) { … … 20248 25186 } 20249 25187 else { 20250 ret = wc_RsaSSL_Sign(encodedSig, signSz, sigRet, outLen, 20251 (RsaKey*)rsa->internal, rng); 20252 if (ret <= 0) { 20253 WOLFSSL_MSG("Bad Rsa Sign"); 20254 ret = 0; 20255 } 20256 else { 20257 ret = WOLFSSL_SUCCESS; 20258 *sigLen = ret; 20259 } 20260 } 20261 20262 } 25188 show("Encoded Message", encodedSig, signSz); 25189 if (flag != 0) { 25190 ret = wc_RsaSSL_Sign(encodedSig, signSz, sigRet, outLen, 25191 (RsaKey*)rsa->internal, rng); 25192 if (ret <= 0) { 25193 WOLFSSL_MSG("Bad Rsa Sign"); 25194 ret = 0; 25195 } 25196 else { 25197 *sigLen = (unsigned int)ret; 25198 ret = SSL_SUCCESS; 25199 show("Signature", sigRet, *sigLen); 25200 } 25201 } else { 25202 ret = SSL_SUCCESS; 25203 XMEMCPY(sigRet, encodedSig, signSz); 25204 *sigLen = signSz; 25205 } 25206 } 25207 25208 } 20263 25209 20264 25210 if (initTmpRng) … … 20274 25220 else { 20275 25221 WOLFSSL_MSG("wolfSSL_RSA_sign failed"); 20276 }25222 } 20277 25223 return ret; 20278 25224 } 20279 25225 25226 25227 /* returns WOLFSSL_SUCCESS on successful verify and WOLFSSL_FAILURE on fail */ 25228 int wolfSSL_RSA_verify(int type, const unsigned char* m, 25229 unsigned int mLen, const unsigned char* sig, 25230 unsigned int sigLen, WOLFSSL_RSA* rsa) 25231 { 25232 int ret; 25233 unsigned char *sigRet ; 25234 unsigned char *sigDec ; 25235 unsigned int len; 25236 25237 WOLFSSL_ENTER("wolfSSL_RSA_verify"); 25238 if ((m == NULL) || (sig == NULL)) { 25239 WOLFSSL_MSG("Bad function arguments"); 25240 return WOLFSSL_FAILURE; 25241 } 25242 25243 sigRet = (unsigned char *)XMALLOC(sigLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25244 if (sigRet == NULL) { 25245 WOLFSSL_MSG("Memory failure"); 25246 return WOLFSSL_FAILURE; 25247 } 25248 sigDec = (unsigned char *)XMALLOC(sigLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25249 if (sigDec == NULL) { 25250 WOLFSSL_MSG("Memory failure"); 25251 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25252 return WOLFSSL_FAILURE; 25253 } 25254 /* get non-encrypted signature to be compared with decrypted sugnature*/ 25255 ret = wolfSSL_RSA_sign_ex(type, m, mLen, sigRet, &len, rsa, 0); 25256 if (ret <= 0) { 25257 WOLFSSL_MSG("Message Digest Error"); 25258 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25259 XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25260 return WOLFSSL_FAILURE; 25261 } 25262 show("Encoded Message", sigRet, len); 25263 /* decrypt signature */ 25264 ret = wc_RsaSSL_Verify(sig, sigLen, (unsigned char *)sigDec, sigLen, 25265 (RsaKey*)rsa->internal); 25266 if (ret <= 0) { 25267 WOLFSSL_MSG("RSA Decrypt error"); 25268 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25269 XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25270 return WOLFSSL_FAILURE; 25271 } 25272 show("Decrypted Signature", sigDec, ret); 25273 25274 if ((int)len == ret && XMEMCMP(sigRet, sigDec, ret) == 0) { 25275 WOLFSSL_MSG("wolfSSL_RSA_verify success"); 25276 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25277 XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25278 return WOLFSSL_SUCCESS; 25279 } 25280 else { 25281 WOLFSSL_MSG("wolfSSL_RSA_verify failed"); 25282 XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25283 XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25284 return WOLFSSL_FAILURE; 25285 } 25286 } 20280 25287 20281 25288 int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from, … … 20284 25291 int tlen = 0; 20285 25292 20286 WOLFSSL_ MSG("wolfSSL_RSA_public_decrypt");25293 WOLFSSL_ENTER("wolfSSL_RSA_public_decrypt"); 20287 25294 20288 25295 if (rsa == NULL || rsa->internal == NULL || from == NULL) { … … 20347 25354 if (err != MP_OKAY) { 20348 25355 WOLFSSL_MSG("mp_mod error"); 20349 }25356 } 20350 25357 else 20351 25358 err = mp_sub_d((mp_int*)rsa->q->internal, 1, &tmp); 20352 25359 if (err != MP_OKAY) { 20353 25360 WOLFSSL_MSG("mp_sub_d error"); 20354 }25361 } 20355 25362 else 20356 25363 err = mp_mod((mp_int*)rsa->d->internal, &tmp, … … 20363 25370 else 20364 25371 return WOLFSSL_FATAL_ERROR; 20365 }25372 } 20366 25373 #endif /* NO_RSA */ 20367 25374 20368 20369 void wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, 25375 int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx) 25376 { 25377 WOLFSSL_MSG("wolfSSL_HMAC_CTX_Init"); 25378 25379 if (ctx != NULL) { 25380 /* wc_HmacSetKey sets up ctx->hmac */ 25381 XMEMSET(ctx, 0, sizeof(WOLFSSL_HMAC_CTX)); 25382 } 25383 25384 return WOLFSSL_SUCCESS; 25385 } 25386 25387 25388 int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, 25389 int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e) 25390 { 25391 WOLFSSL_ENTER("wolfSSL_HMAC_Init_ex"); 25392 25393 /* WOLFSSL_ENGINE not used, call wolfSSL_HMAC_Init */ 25394 (void)e; 25395 return wolfSSL_HMAC_Init(ctx, key, keylen, type); 25396 } 25397 25398 25399 /* helper function for Deep copy of internal wolfSSL hmac structure 25400 * returns WOLFSSL_SUCCESS on success */ 25401 int wolfSSL_HmacCopy(Hmac* des, Hmac* src) 25402 { 25403 int ret = 0; 25404 void* heap = NULL; 25405 25406 #ifndef HAVE_FIPS 25407 heap = src->heap; 25408 #endif 25409 if ((ret = wc_HmacInit(des, heap, 0)) != 0) { 25410 return WOLFSSL_FAILURE; 25411 } 25412 25413 /* requires that hash structures have no dynamic parts to them */ 25414 switch (src->macType) { 25415 #ifndef NO_MD5 25416 case WC_MD5: 25417 wc_Md5Copy(&src->hash.md5, &des->hash.md5); 25418 break; 25419 #endif /* !NO_MD5 */ 25420 25421 #ifndef NO_SHA 25422 case WC_SHA: 25423 wc_ShaCopy(&src->hash.sha, &des->hash.sha); 25424 break; 25425 #endif /* !NO_SHA */ 25426 25427 #ifdef WOLFSSL_SHA224 25428 case WC_SHA224: 25429 wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224); 25430 break; 25431 #endif /* WOLFSSL_SHA224 */ 25432 25433 #ifndef NO_SHA256 25434 case WC_SHA256: 25435 wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256); 25436 break; 25437 #endif /* !NO_SHA256 */ 25438 25439 #ifdef WOLFSSL_SHA384 25440 case WC_SHA384: 25441 wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384); 25442 break; 25443 #endif /* WOLFSSL_SHA384 */ 25444 #ifdef WOLFSSL_SHA512 25445 case WC_SHA512: 25446 wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512); 25447 break; 25448 #endif /* WOLFSSL_SHA512 */ 25449 25450 default: 25451 return WOLFSSL_FAILURE; 25452 } 25453 25454 XMEMCPY((byte*)des->ipad, (byte*)src->ipad, WC_HMAC_BLOCK_SIZE); 25455 XMEMCPY((byte*)des->opad, (byte*)src->opad, WC_HMAC_BLOCK_SIZE); 25456 XMEMCPY((byte*)des->innerHash, (byte*)src->innerHash, WC_MAX_DIGEST_SIZE); 25457 #ifndef HAVE_FIPS 25458 des->heap = heap; 25459 #endif 25460 des->macType = src->macType; 25461 des->innerHashKeyed = src->innerHashKeyed; 25462 25463 #ifdef WOLFSSL_ASYNC_CRYPT 25464 XMEMCPY(&des->asyncDev, &src->asyncDev, sizeof(WC_ASYNC_DEV)); 25465 des->keyLen = src->keyLen; 25466 #ifdef HAVE_CAVIUM 25467 des->data = (byte*)XMALLOC(src->dataLen, des->heap, 25468 DYNAMIC_TYPE_HMAC); 25469 if (des->data == NULL) { 25470 return BUFFER_E; 25471 } 25472 XMEMCPY(des->data, src->data, src->dataLen); 25473 des->dataLen = src->dataLen; 25474 #endif /* HAVE_CAVIUM */ 25475 #endif /* WOLFSSL_ASYNC_CRYPT */ 25476 return WOLFSSL_SUCCESS; 25477 } 25478 25479 25480 /* Deep copy of information from src to des structure 25481 * 25482 * des destination to copy information to 25483 * src structure to get infromation from 25484 * 25485 * Returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error 25486 */ 25487 int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src) 25488 { 25489 WOLFSSL_ENTER("wolfSSL_HMAC_CTX_copy"); 25490 25491 if (des == NULL || src == NULL) { 25492 return WOLFSSL_FAILURE; 25493 } 25494 25495 des->type = src->type; 25496 XMEMCPY((byte *)&des->save_ipad, (byte *)&src->hmac.ipad, 25497 WC_HMAC_BLOCK_SIZE); 25498 XMEMCPY((byte *)&des->save_opad, (byte *)&src->hmac.opad, 25499 WC_HMAC_BLOCK_SIZE); 25500 25501 return wolfSSL_HmacCopy(&des->hmac, &src->hmac); 25502 } 25503 25504 25505 #if defined(HAVE_FIPS) && \ 25506 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 25507 25508 static int _HMAC_Init(Hmac* hmac, int type, void* heap) 25509 { 25510 int ret = 0; 25511 25512 switch (type) { 25513 #ifndef NO_MD5 25514 case WC_MD5: 25515 ret = wc_InitMd5(&hmac->hash.md5); 25516 break; 25517 #endif /* !NO_MD5 */ 25518 25519 #ifndef NO_SHA 25520 case WC_SHA: 25521 ret = wc_InitSha(&hmac->hash.sha); 25522 break; 25523 #endif /* !NO_SHA */ 25524 25525 #ifdef WOLFSSL_SHA224 25526 case WC_SHA224: 25527 ret = wc_InitSha224(&hmac->hash.sha224); 25528 break; 25529 #endif /* WOLFSSL_SHA224 */ 25530 25531 #ifndef NO_SHA256 25532 case WC_SHA256: 25533 ret = wc_InitSha256(&hmac->hash.sha256); 25534 break; 25535 #endif /* !NO_SHA256 */ 25536 25537 #ifdef WOLFSSL_SHA384 25538 case WC_SHA384: 25539 ret = wc_InitSha384(&hmac->hash.sha384); 25540 break; 25541 #endif /* WOLFSSL_SHA384 */ 25542 #ifdef WOLFSSL_SHA512 25543 case WC_SHA512: 25544 ret = wc_InitSha512(&hmac->hash.sha512); 25545 break; 25546 #endif /* WOLFSSL_SHA512 */ 25547 25548 #ifdef HAVE_BLAKE2 25549 case BLAKE2B_ID: 25550 ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256); 25551 break; 25552 #endif /* HAVE_BLAKE2 */ 25553 25554 #ifdef WOLFSSL_SHA3 25555 case WC_SHA3_224: 25556 ret = wc_InitSha3_224(&hmac->hash.sha3, heap, INVALID_DEVID); 25557 break; 25558 case WC_SHA3_256: 25559 ret = wc_InitSha3_256(&hmac->hash.sha3, heap, INVALID_DEVID); 25560 break; 25561 case WC_SHA3_384: 25562 ret = wc_InitSha3_384(&hmac->hash.sha3, heap, INVALID_DEVID); 25563 break; 25564 case WC_SHA3_512: 25565 ret = wc_InitSha3_512(&hmac->hash.sha3, heap, INVALID_DEVID); 25566 break; 25567 #endif 25568 25569 default: 25570 ret = BAD_FUNC_ARG; 25571 break; 25572 } 25573 25574 (void)heap; 25575 25576 return ret; 25577 } 25578 25579 #else 25580 #define _HMAC_Init _InitHmac 25581 #endif 25582 25583 25584 int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, 20370 25585 const EVP_MD* type) 20371 25586 { 25587 int hmac_error = 0; 25588 void* heap = NULL; 25589 20372 25590 WOLFSSL_MSG("wolfSSL_HMAC_Init"); 20373 25591 20374 25592 if (ctx == NULL) { 20375 25593 WOLFSSL_MSG("no ctx on init"); 20376 return; 20377 } 25594 return WOLFSSL_FAILURE; 25595 } 25596 25597 #ifndef HAVE_FIPS 25598 heap = ctx->hmac.heap; 25599 #endif 20378 25600 20379 25601 if (type) { 20380 25602 WOLFSSL_MSG("init has type"); 20381 25603 25604 #ifndef NO_MD5 20382 25605 if (XSTRNCMP(type, "MD5", 3) == 0) { 20383 25606 WOLFSSL_MSG("md5 hmac"); 20384 25607 ctx->type = WC_MD5; 20385 25608 } 20386 else if (XSTRNCMP(type, "SHA256", 6) == 0) { 25609 else 25610 #endif 25611 #ifdef WOLFSSL_SHA224 25612 if (XSTRNCMP(type, "SHA224", 6) == 0) { 25613 WOLFSSL_MSG("sha224 hmac"); 25614 ctx->type = WC_SHA224; 25615 } 25616 else 25617 #endif 25618 #ifndef NO_SHA256 25619 if (XSTRNCMP(type, "SHA256", 6) == 0) { 20387 25620 WOLFSSL_MSG("sha256 hmac"); 20388 25621 ctx->type = WC_SHA256; 20389 25622 } 20390 25623 else 25624 #endif 25625 #ifdef WOLFSSL_SHA384 25626 if (XSTRNCMP(type, "SHA384", 6) == 0) { 25627 WOLFSSL_MSG("sha384 hmac"); 25628 ctx->type = WC_SHA384; 25629 } 25630 else 25631 #endif 25632 #ifdef WOLFSSL_SHA512 25633 if (XSTRNCMP(type, "SHA512", 6) == 0) { 25634 WOLFSSL_MSG("sha512 hmac"); 25635 ctx->type = WC_SHA512; 25636 } 25637 else 25638 #endif 25639 25640 #ifndef NO_SHA 20391 25641 /* has to be last since would pick or 256, 384, or 512 too */ 20392 elseif (XSTRNCMP(type, "SHA", 3) == 0) {25642 if (XSTRNCMP(type, "SHA", 3) == 0) { 20393 25643 WOLFSSL_MSG("sha hmac"); 20394 25644 ctx->type = WC_SHA; 20395 25645 } 20396 else { 25646 else 25647 #endif 25648 { 20397 25649 WOLFSSL_MSG("bad init type"); 25650 return WOLFSSL_FAILURE; 20398 25651 } 20399 25652 } … … 20403 25656 20404 25657 if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) { 20405 wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key, 20406 (word32)keylen); 25658 hmac_error = wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key, 25659 (word32)keylen); 25660 if (hmac_error < 0){ 25661 wc_HmacFree(&ctx->hmac); 25662 return WOLFSSL_FAILURE; 25663 } 25664 XMEMCPY((byte *)&ctx->save_ipad, (byte *)&ctx->hmac.ipad, 25665 WC_HMAC_BLOCK_SIZE); 25666 XMEMCPY((byte *)&ctx->save_opad, (byte *)&ctx->hmac.opad, 25667 WC_HMAC_BLOCK_SIZE); 20407 25668 } 20408 25669 /* OpenSSL compat, no error */ 20409 } 20410 } 20411 20412 int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, int len, 20413 const EVP_MD* md, void* impl) 20414 { 20415 (void)impl; 20416 wolfSSL_HMAC_Init(ctx, key, len, md); 20417 return 1; 20418 } 20419 20420 20421 void wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, const unsigned char* data, 25670 } else if(ctx->type >= 0) { /* MD5 == 0 */ 25671 WOLFSSL_MSG("recover hmac"); 25672 wc_HmacFree(&ctx->hmac); 25673 if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) { 25674 ctx->hmac.macType = (byte)ctx->type; 25675 ctx->hmac.innerHashKeyed = 0; 25676 XMEMCPY((byte *)&ctx->hmac.ipad, (byte *)&ctx->save_ipad, 25677 WC_HMAC_BLOCK_SIZE); 25678 XMEMCPY((byte *)&ctx->hmac.opad, (byte *)&ctx->save_opad, 25679 WC_HMAC_BLOCK_SIZE); 25680 if ((hmac_error = _HMAC_Init(&ctx->hmac, ctx->hmac.macType, heap)) 25681 !=0) { 25682 return hmac_error; 25683 } 25684 } 25685 } 25686 25687 (void)hmac_error; 25688 25689 return WOLFSSL_SUCCESS; 25690 } 25691 25692 25693 int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, const unsigned char* data, 20422 25694 int len) 20423 { 25695 { 25696 int hmac_error = 0; 25697 20424 25698 WOLFSSL_MSG("wolfSSL_HMAC_Update"); 20425 25699 20426 if (ctx && data) { 25700 if (ctx == NULL) { 25701 WOLFSSL_MSG("no ctx"); 25702 return WOLFSSL_FAILURE; 25703 } 25704 25705 if (data) { 20427 25706 WOLFSSL_MSG("updating hmac"); 20428 wc_HmacUpdate(&ctx->hmac, data, (word32)len); 20429 /* OpenSSL compat, no error */ 20430 } 20431 } 20432 20433 20434 void wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash, 25707 hmac_error = wc_HmacUpdate(&ctx->hmac, data, (word32)len); 25708 if (hmac_error < 0){ 25709 WOLFSSL_MSG("hmac update error"); 25710 return WOLFSSL_FAILURE; 25711 } 25712 } 25713 25714 return WOLFSSL_SUCCESS; 25715 } 25716 25717 25718 int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash, 20435 25719 unsigned int* len) 20436 25720 { 25721 int hmac_error; 25722 20437 25723 WOLFSSL_MSG("wolfSSL_HMAC_Final"); 20438 25724 20439 if (ctx && hash) { 20440 WOLFSSL_MSG("final hmac"); 20441 wc_HmacFinal(&ctx->hmac, hash); 20442 /* OpenSSL compat, no error */ 20443 20444 if (len) { 20445 WOLFSSL_MSG("setting output len"); 20446 switch (ctx->type) { 20447 case WC_MD5: 20448 *len = WC_MD5_DIGEST_SIZE; 20449 break; 20450 20451 case WC_SHA: 20452 *len = WC_SHA_DIGEST_SIZE; 20453 break; 20454 20455 case WC_SHA256: 20456 *len = WC_SHA256_DIGEST_SIZE; 20457 break; 20458 20459 default: 20460 WOLFSSL_MSG("bad hmac type"); 20461 } 20462 } 20463 } 20464 } 20465 20466 20467 void wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx) 25725 /* "len" parameter is optional. */ 25726 if (ctx == NULL || hash == NULL) { 25727 WOLFSSL_MSG("invalid parameter"); 25728 return WOLFSSL_FAILURE; 25729 } 25730 25731 WOLFSSL_MSG("final hmac"); 25732 hmac_error = wc_HmacFinal(&ctx->hmac, hash); 25733 if (hmac_error < 0){ 25734 WOLFSSL_MSG("final hmac error"); 25735 return WOLFSSL_FAILURE; 25736 } 25737 25738 if (len) { 25739 WOLFSSL_MSG("setting output len"); 25740 switch (ctx->type) { 25741 #ifndef NO_MD5 25742 case WC_MD5: 25743 *len = WC_MD5_DIGEST_SIZE; 25744 break; 25745 #endif 25746 25747 #ifndef NO_SHA 25748 case WC_SHA: 25749 *len = WC_SHA_DIGEST_SIZE; 25750 break; 25751 #endif 25752 25753 #ifdef WOLFSSL_SHA224 25754 case WC_SHA224: 25755 *len = WC_SHA224_DIGEST_SIZE; 25756 break; 25757 #endif 25758 25759 #ifndef NO_SHA256 25760 case WC_SHA256: 25761 *len = WC_SHA256_DIGEST_SIZE; 25762 break; 25763 #endif 25764 25765 #ifdef WOLFSSL_SHA384 25766 case WC_SHA384: 25767 *len = WC_SHA384_DIGEST_SIZE; 25768 break; 25769 #endif 25770 25771 #ifdef WOLFSSL_SHA512 25772 case WC_SHA512: 25773 *len = WC_SHA512_DIGEST_SIZE; 25774 break; 25775 #endif 25776 25777 default: 25778 WOLFSSL_MSG("bad hmac type"); 25779 return WOLFSSL_FAILURE; 25780 } 25781 } 25782 25783 return WOLFSSL_SUCCESS; 25784 } 25785 25786 25787 int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx) 20468 25788 { 20469 25789 WOLFSSL_MSG("wolfSSL_HMAC_cleanup"); … … 20471 25791 if (ctx) 20472 25792 wc_HmacFree(&ctx->hmac); 20473 } 25793 25794 return SSL_SUCCESS; 25795 } 20474 25796 20475 25797 … … 20495 25817 20496 25818 25819 #ifndef NO_RSA 20497 25820 WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY* key) 20498 25821 { 20499 (void)key; 20500 WOLFSSL_MSG("wolfSSL_EVP_PKEY_get1_RSA not implemented"); 20501 20502 return NULL; 20503 } 20504 20505 25822 WOLFSSL_RSA* local; 25823 25824 WOLFSSL_MSG("wolfSSL_EVP_PKEY_get1_RSA"); 25825 25826 if (key == NULL) { 25827 return NULL; 25828 } 25829 25830 local = wolfSSL_RSA_new(); 25831 if (local == NULL) { 25832 WOLFSSL_MSG("Error creating a new WOLFSSL_RSA structure"); 25833 return NULL; 25834 } 25835 25836 if (key->type == EVP_PKEY_RSA) { 25837 if (wolfSSL_RSA_LoadDer(local, (const unsigned char*)key->pkey.ptr, 25838 key->pkey_sz) != SSL_SUCCESS) { 25839 /* now try public key */ 25840 if (wolfSSL_RSA_LoadDer_ex(local, 25841 (const unsigned char*)key->pkey.ptr, key->pkey_sz, 25842 WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) { 25843 wolfSSL_RSA_free(local); 25844 local = NULL; 25845 } 25846 } 25847 } 25848 else { 25849 WOLFSSL_MSG("WOLFSSL_EVP_PKEY does not hold an RSA key"); 25850 wolfSSL_RSA_free(local); 25851 local = NULL; 25852 } 25853 return local; 25854 } 25855 25856 25857 /* with set1 functions the pkey struct does not own the RSA structure 25858 * 25859 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure 25860 */ 25861 int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *key) 25862 { 25863 if((pkey == NULL) || (key ==NULL))return WOLFSSL_FAILURE; 25864 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_RSA"); 25865 if (pkey->rsa != NULL && pkey->ownRsa == 1) { 25866 wolfSSL_RSA_free(pkey->rsa); 25867 } 25868 pkey->rsa = key; 25869 pkey->ownRsa = 0; /* pkey does not own RSA */ 25870 pkey->type = EVP_PKEY_RSA; 25871 #ifdef WC_RSA_BLINDING 25872 if (key->ownRng == 0) { 25873 if (wc_RsaSetRNG((RsaKey*)(pkey->rsa->internal), &(pkey->rng)) != 0) { 25874 WOLFSSL_MSG("Error setting RSA rng"); 25875 return SSL_FAILURE; 25876 } 25877 } 25878 #endif 25879 return WOLFSSL_SUCCESS; 25880 } 25881 #endif /* NO_RSA */ 25882 25883 #ifndef NO_WOLFSSL_STUB 20506 25884 WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY* key) 20507 25885 { 20508 25886 (void)key; 20509 25887 WOLFSSL_MSG("wolfSSL_EVP_PKEY_get1_DSA not implemented"); 20510 20511 return NULL; 20512 } 20513 20514 25888 WOLFSSL_STUB("EVP_PKEY_get1_DSA"); 25889 return NULL; 25890 } 25891 #endif 25892 25893 #ifndef NO_WOLFSSL_STUB 20515 25894 WOLFSSL_EC_KEY* wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY* key) 20516 25895 { 20517 25896 (void)key; 25897 WOLFSSL_STUB("EVP_PKEY_get1_EC_KEY"); 20518 25898 WOLFSSL_MSG("wolfSSL_EVP_PKEY_get1_EC_KEY not implemented"); 20519 25899 20520 return NULL;20521 }20522 25900 return NULL; 25901 } 25902 #endif 20523 25903 20524 25904 void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx) … … 20600 25980 20601 25981 if (doset) 20602 25982 (void)wc_AesSetIV(&ctx->cipher.aes, iv); /* OpenSSL compat, no ret */ 20603 25983 else 20604 25984 XMEMCPY(iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE); … … 20607 25987 #endif /* NO_AES */ 20608 25988 20609 25989 #ifndef NO_WOLFSSL_STUB 20610 25990 const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void) 20611 25991 { 20612 25992 WOLFSSL_MSG("wolfSSL_ripemd160"); 20613 25993 WOLFSSL_STUB("EVP_ripemd160"); 20614 25994 return NULL; 20615 25995 } 20616 25996 #endif 20617 25997 20618 25998 int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type) … … 20665 26045 switch (ctx->cipherType) { 20666 26046 26047 #ifdef HAVE_AES_CBC 20667 26048 case AES_128_CBC_TYPE : 20668 26049 case AES_192_CBC_TYPE : … … 20670 26051 WOLFSSL_MSG("AES CBC"); 20671 26052 return AES_BLOCK_SIZE; 20672 26053 #endif 20673 26054 #ifdef WOLFSSL_AES_COUNTER 20674 26055 case AES_128_CTR_TYPE : … … 20678 26059 return AES_BLOCK_SIZE; 20679 26060 #endif 20680 26061 #ifndef NO_DES3 20681 26062 case DES_CBC_TYPE : 20682 26063 WOLFSSL_MSG("DES CBC"); … … 20686 26067 WOLFSSL_MSG("DES EDE3 CBC"); 20687 26068 return DES_BLOCK_SIZE; 26069 #endif 20688 26070 #ifdef HAVE_IDEA 20689 26071 case IDEA_CBC_TYPE : … … 20691 26073 return IDEA_BLOCK_SIZE; 20692 26074 #endif 26075 #ifndef NO_RC4 20693 26076 case ARC4_TYPE : 20694 26077 WOLFSSL_MSG("ARC4"); 20695 26078 return 0; 26079 #endif 20696 26080 20697 26081 case NULL_CIPHER_TYPE : … … 20712 26096 20713 26097 #ifndef NO_AES 20714 if ((XSTRNCMP(name, EVP_AES_128_CBC, XSTRLEN(EVP_AES_128_CBC)) == 0) || 20715 (XSTRNCMP(name, EVP_AES_192_CBC, XSTRLEN(EVP_AES_192_CBC)) == 0) ||20716 (XSTRNCMP(name, EVP_AES_256_CBC, XSTRLEN(EVP_AES_256_CBC)) == 0)) {26098 #ifdef HAVE_AES_CBC 26099 #ifdef WOLFSSL_AES_128 26100 if (XSTRNCMP(name, EVP_AES_128_CBC, XSTRLEN(EVP_AES_128_CBC)) == 0) 20717 26101 return AES_BLOCK_SIZE; 20718 } 26102 #endif 26103 #ifdef WOLFSSL_AES_192 26104 if (XSTRNCMP(name, EVP_AES_192_CBC, XSTRLEN(EVP_AES_192_CBC)) == 0) 26105 return AES_BLOCK_SIZE; 26106 #endif 26107 #ifdef WOLFSSL_AES_256 26108 if (XSTRNCMP(name, EVP_AES_256_CBC, XSTRLEN(EVP_AES_256_CBC)) == 0) 26109 return AES_BLOCK_SIZE; 26110 #endif 26111 #endif /* HAVE_AES_CBC */ 20719 26112 #ifdef WOLFSSL_AES_COUNTER 20720 if ((XSTRNCMP(name, EVP_AES_128_CTR, XSTRLEN(EVP_AES_128_CTR)) == 0) || 20721 (XSTRNCMP(name, EVP_AES_192_CTR, XSTRLEN(EVP_AES_192_CTR)) == 0) || 20722 (XSTRNCMP(name, EVP_AES_256_CTR, XSTRLEN(EVP_AES_256_CTR)) == 0)) { 26113 #ifdef WOLFSSL_AES_128 26114 if (XSTRNCMP(name, EVP_AES_128_CTR, XSTRLEN(EVP_AES_128_CTR)) == 0) 20723 26115 return AES_BLOCK_SIZE; 20724 } 26116 #endif 26117 #ifdef WOLFSSL_AES_192 26118 if (XSTRNCMP(name, EVP_AES_192_CTR, XSTRLEN(EVP_AES_192_CTR)) == 0) 26119 return AES_BLOCK_SIZE; 26120 #endif 26121 #ifdef WOLFSSL_AES_256 26122 if (XSTRNCMP(name, EVP_AES_256_CTR, XSTRLEN(EVP_AES_256_CTR)) == 0) 26123 return AES_BLOCK_SIZE; 26124 #endif 20725 26125 #endif 20726 26126 #endif … … 20730 26130 (XSTRNCMP(name, EVP_DES_EDE3_CBC, XSTRLEN(EVP_DES_EDE3_CBC)) == 0)) { 20731 26131 return DES_BLOCK_SIZE; 20732 26132 } 20733 26133 #endif 20734 26134 … … 20754 26154 } 20755 26155 20756 #if defined(WOLFSSL_KEY_GEN) 26156 void *wolfSSL_OPENSSL_malloc(size_t a) 26157 { 26158 return XMALLOC(a, NULL, DYNAMIC_TYPE_OPENSSL); 26159 } 26160 26161 #if defined(WOLFSSL_KEY_GEN) && defined(WOLFSSL_PEM_TO_DER) 20757 26162 20758 26163 static int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher, … … 20778 26183 if (info == NULL) { 20779 26184 WOLFSSL_MSG("malloc failed"); 26185 return WOLFSSL_FAILURE; 26186 } 26187 #endif 26188 26189 XMEMSET(info, 0, sizeof(EncryptedInfo)); 26190 26191 /* set the cipher name on info */ 26192 XSTRNCPY(info->name, cipher, NAME_SZ-1); 26193 info->name[NAME_SZ-1] = '\0'; /* null term */ 26194 26195 ret = wc_EncryptedInfoGet(info, info->name); 26196 if (ret != 0) { 26197 WOLFSSL_MSG("unsupported cipher"); 26198 #ifdef WOLFSSL_SMALL_STACK 26199 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); 26200 #endif 20780 26201 return WOLFSSL_FAILURE; 20781 26202 } 20782 #endif20783 info->set = 0;20784 info->ctx = NULL;20785 info->consumed = 0;20786 20787 /* set iv size */20788 if (XSTRNCMP(cipher, "DES", 3) == 0)20789 info->ivSz = DES_IV_SIZE;20790 else if (XSTRNCMP(cipher, "AES", 3) == 0)20791 info->ivSz = AES_IV_SIZE;20792 else {20793 WOLFSSL_MSG("unsupported cipher");20794 #ifdef WOLFSSL_SMALL_STACK20795 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO);20796 #endif20797 return WOLFSSL_FAILURE;20798 }20799 20800 /* set the cipher name on info */20801 XSTRNCPY(info->name, cipher, NAME_SZ);20802 info->name[NAME_SZ-1] = '\0'; /* null term */20803 26203 20804 26204 /* Generate a random salt */ … … 20809 26209 #endif 20810 26210 return WOLFSSL_FAILURE; 20811 26211 } 20812 26212 20813 26213 /* add the padding before encryption */ … … 20819 26219 20820 26220 /* encrypt buffer */ 20821 if (wolfssl_encrypt_buffer_key(der, *derSz, 20822 passwd, passwdSz, info) != WOLFSSL_SUCCESS) { 26221 if (wc_BufferKeyEncrypt(info, der, *derSz, passwd, passwdSz, WC_MD5) != 0) { 20823 26222 WOLFSSL_MSG("encrypt key failed"); 20824 26223 #ifdef WOLFSSL_SMALL_STACK … … 20840 26239 } 20841 26240 XSTRNCPY((char*)*cipherInfo, info->name, cipherInfoSz); 20842 XSTRNCAT((char*)*cipherInfo, ",", 1);26241 XSTRNCAT((char*)*cipherInfo, ",", 2); 20843 26242 20844 26243 idx = (word32)XSTRLEN((char*)*cipherInfo); … … 20853 26252 XFREE(*cipherInfo, NULL, DYNAMIC_TYPE_STRING); 20854 26253 return WOLFSSL_FAILURE; 20855 26254 } 20856 26255 20857 26256 return WOLFSSL_SUCCESS; 20858 26257 } 20859 #endif /* defined(WOLFSSL_KEY_GEN)*/26258 #endif /* WOLFSSL_KEY_GEN || WOLFSSL_PEM_TO_DER */ 20860 26259 20861 26260 #if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) 26261 /* Takes a WOLFSSL_RSA key and writes it out to a WOLFSSL_BIO 26262 * 26263 * bio the WOLFSSL_BIO to write to 26264 * key the WOLFSSL_RSA key to write out 26265 * cipher cipher used 26266 * passwd password string if used 26267 * len length of password string 26268 * cb password callback to use 26269 * arg null terminated string for passphrase 26270 */ 26271 int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* key, 26272 const WOLFSSL_EVP_CIPHER* cipher, 26273 unsigned char* passwd, int len, 26274 pem_password_cb* cb, void* arg) 26275 { 26276 int ret; 26277 WOLFSSL_EVP_PKEY* pkey; 26278 26279 WOLFSSL_ENTER("wolfSSL_PEM_write_bio_RSAPrivateKey"); 26280 26281 26282 pkey = wolfSSL_PKEY_new_ex(bio->heap); 26283 if (pkey == NULL) { 26284 WOLFSSL_MSG("wolfSSL_PKEY_new_ex failed"); 26285 return SSL_FAILURE; 26286 } 26287 26288 pkey->type = EVP_PKEY_RSA; 26289 pkey->rsa = key; 26290 pkey->ownRsa = 0; 26291 #ifdef WOLFSSL_KEY_GEN 26292 /* similar to how wolfSSL_PEM_write_mem_RSAPrivateKey finds DER of key */ 26293 { 26294 int derMax; 26295 int derSz; 26296 byte* derBuf; 26297 26298 /* 5 > size of n, d, p, q, d%(p-1), d(q-1), 1/q%p, e + ASN.1 additional 26299 * informations 26300 */ 26301 derMax = 5 * wolfSSL_RSA_size(key) + AES_BLOCK_SIZE; 26302 26303 derBuf = (byte*)XMALLOC(derMax, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 26304 if (derBuf == NULL) { 26305 WOLFSSL_MSG("malloc failed"); 26306 wolfSSL_EVP_PKEY_free(pkey); 26307 return SSL_FAILURE; 26308 } 26309 26310 /* Key to DER */ 26311 derSz = wc_RsaKeyToDer((RsaKey*)key->internal, derBuf, derMax); 26312 if (derSz < 0) { 26313 WOLFSSL_MSG("wc_RsaKeyToDer failed"); 26314 XFREE(derBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 26315 wolfSSL_EVP_PKEY_free(pkey); 26316 return SSL_FAILURE; 26317 } 26318 26319 pkey->pkey.ptr = (char*)XMALLOC(derSz, bio->heap, 26320 DYNAMIC_TYPE_TMP_BUFFER); 26321 if (pkey->pkey.ptr == NULL) { 26322 WOLFSSL_MSG("key malloc failed"); 26323 XFREE(derBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 26324 wolfSSL_EVP_PKEY_free(pkey); 26325 return SSL_FAILURE; 26326 } 26327 pkey->pkey_sz = derSz; 26328 XMEMCPY(pkey->pkey.ptr, derBuf, derSz); 26329 XFREE(derBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 26330 } 26331 #endif 26332 26333 ret = wolfSSL_PEM_write_bio_PrivateKey(bio, pkey, cipher, passwd, len, 26334 cb, arg); 26335 26336 wolfSSL_EVP_PKEY_free(pkey); 26337 26338 return ret; 26339 } 26340 20862 26341 20863 26342 int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key, … … 20870 26349 int type; 20871 26350 int ret; 26351 byte* tmp; 20872 26352 20873 26353 (void)cipher; … … 20910 26390 return WOLFSSL_FAILURE; 20911 26391 } 20912 if (bio->mem != NULL) { 20913 XFREE(bio->mem, NULL, DYNAMIC_TYPE_OPENSSL); 20914 } 20915 bio->mem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_OPENSSL); 20916 bio->memLen = pemSz; 20917 20918 ret = wc_DerToPemEx(keyDer, key->pkey_sz, bio->mem, bio->memLen, 26392 tmp = (byte*)XMALLOC(pemSz, bio->heap, DYNAMIC_TYPE_OPENSSL); 26393 if (tmp == NULL) { 26394 return MEMORY_E; 26395 } 26396 26397 ret = wc_DerToPemEx(keyDer, key->pkey_sz, tmp, pemSz, 20919 26398 NULL, type); 20920 26399 if (ret < 0) { 20921 26400 WOLFSSL_LEAVE("wolfSSL_PEM_write_bio_PrivateKey", ret); 20922 return WOLFSSL_FAILURE; 20923 } 20924 20925 return WOLFSSL_SUCCESS; 26401 XFREE(tmp, bio->heap, DYNAMIC_TYPE_OPENSSL); 26402 return SSL_FAILURE; 26403 } 26404 26405 ret = wolfSSL_BIO_write(bio, tmp, pemSz); 26406 XFREE(tmp, bio->heap, DYNAMIC_TYPE_OPENSSL); 26407 if (ret != pemSz) { 26408 WOLFSSL_MSG("Unable to write full PEM to BIO"); 26409 return SSL_FAILURE; 26410 } 26411 26412 return SSL_SUCCESS; 20926 26413 } 20927 26414 #endif /* defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) */ 20928 26415 20929 #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) 26416 #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \ 26417 (defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)) 20930 26418 20931 26419 /* return code compliant with OpenSSL : … … 20938 26426 byte *derBuf, *tmp, *cipherInfo = NULL; 20939 26427 int der_max_len = 0, derSz = 0; 26428 const int type = PRIVATEKEY_TYPE; 26429 const char* header = NULL; 26430 const char* footer = NULL; 20940 26431 20941 26432 WOLFSSL_ENTER("wolfSSL_PEM_write_mem_RSAPrivateKey"); … … 20944 26435 WOLFSSL_MSG("Bad function arguments"); 20945 26436 return WOLFSSL_FAILURE; 20946 } 26437 } 26438 26439 if (wc_PemGetHeaderFooter(type, &header, &footer) != 0) 26440 return WOLFSSL_FAILURE; 20947 26441 20948 26442 if (rsa->inSet == 0) { … … 20983 26477 WOLFSSL_MSG("EncryptDerKey failed"); 20984 26478 XFREE(derBuf, NULL, DYNAMIC_TYPE_DER); 20985 20986 26479 return ret; 26480 } 20987 26481 20988 26482 /* tmp buffer with a max size */ 20989 *plen = (derSz * 2) + sizeof(BEGIN_RSA_PRIV) + 20990 sizeof(END_RSA_PRIV) + HEADER_ENCRYPTED_KEY_SIZE; 20991 } 20992 else /* tmp buffer with a max size */ 20993 *plen = (derSz * 2) + sizeof(BEGIN_RSA_PRIV) + sizeof(END_RSA_PRIV); 26483 *plen = (derSz * 2) + (int)XSTRLEN(header) + 1 + 26484 (int)XSTRLEN(footer) + 1 + HEADER_ENCRYPTED_KEY_SIZE; 26485 } 26486 else { 26487 /* tmp buffer with a max size */ 26488 *plen = (derSz * 2) + (int)XSTRLEN(header) + 1 + 26489 (int)XSTRLEN(footer) + 1; 26490 } 20994 26491 20995 26492 tmp = (byte*)XMALLOC(*plen, NULL, DYNAMIC_TYPE_PEM); … … 21003 26500 21004 26501 /* DER to PEM */ 21005 *plen = wc_DerToPemEx(derBuf, derSz, tmp, *plen, cipherInfo, PRIVATEKEY_TYPE);26502 *plen = wc_DerToPemEx(derBuf, derSz, tmp, *plen, cipherInfo, type); 21006 26503 if (*plen <= 0) { 21007 26504 WOLFSSL_MSG("wc_DerToPemEx failed"); … … 21011 26508 XFREE(cipherInfo, NULL, DYNAMIC_TYPE_STRING); 21012 26509 return WOLFSSL_FAILURE; 21013 26510 } 21014 26511 XFREE(derBuf, NULL, DYNAMIC_TYPE_DER); 21015 26512 if (cipherInfo != NULL) … … 21040 26537 * 1 if success, 0 if error 21041 26538 */ 21042 int wolfSSL_PEM_write_RSAPrivateKey( FILE *fp, WOLFSSL_RSA *rsa,26539 int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa, 21043 26540 const EVP_CIPHER *enc, 21044 26541 unsigned char *kstr, int klen, … … 21053 26550 WOLFSSL_MSG("wolfSSL_PEM_write_RSAPrivateKey"); 21054 26551 21055 if (fp == NULL || rsa == NULL || rsa->internal == NULL) { 26552 if (fp == XBADFILE || rsa == NULL || rsa->internal == NULL) 26553 { 21056 26554 WOLFSSL_MSG("Bad function arguments"); 21057 21058 26555 return WOLFSSL_FAILURE; 26556 } 21059 26557 21060 26558 ret = wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, enc, kstr, klen, &pem, &plen); … … 21074 26572 } 21075 26573 #endif /* NO_FILESYSTEM */ 21076 21077 int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, RSA* rsa, 21078 const EVP_CIPHER* cipher, 21079 unsigned char* passwd, int len, 21080 pem_password_cb* cb, void* arg) 21081 { 21082 (void)bio; 21083 (void)rsa; 21084 (void)cipher; 21085 (void)passwd; 21086 (void)len; 21087 (void)cb; 21088 (void)arg; 21089 21090 WOLFSSL_MSG("wolfSSL_PEM_write_bio_RSAPrivateKey not implemented"); 21091 21092 return WOLFSSL_FAILURE; 21093 } 21094 #endif /* defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) */ 26574 #endif /* WOLFSSL_KEY_GEN && !NO_RSA && !HAVE_USER_RSA && WOLFSSL_PEM_TO_DER */ 26575 21095 26576 21096 26577 #ifdef HAVE_ECC 26578 26579 #ifdef ALT_ECC_SIZE 26580 static int SetIndividualInternalEcc(WOLFSSL_BIGNUM* bn, mp_int* mpi) 26581 { 26582 WOLFSSL_MSG("Entering SetIndividualInternal"); 26583 26584 if (bn == NULL || bn->internal == NULL) { 26585 WOLFSSL_MSG("bn NULL error"); 26586 return WOLFSSL_FATAL_ERROR; 26587 } 26588 26589 if (mpi == NULL) { 26590 WOLFSSL_MSG("mpi NULL error"); 26591 return WOLFSSL_FATAL_ERROR; 26592 } 26593 26594 if (mp_copy((mp_int*)bn->internal, mpi) != MP_OKAY) { 26595 WOLFSSL_MSG("mp_copy error"); 26596 return WOLFSSL_FATAL_ERROR; 26597 } 26598 26599 return WOLFSSL_SUCCESS; 26600 } 26601 #endif /* ALT_ECC_SIZE */ 21097 26602 21098 26603 /* EC_POINT Openssl -> WolfSSL */ … … 21105 26610 WOLFSSL_MSG("ECPoint NULL error"); 21106 26611 return WOLFSSL_FATAL_ERROR; 21107 26612 } 21108 26613 21109 26614 point = (ecc_point*)p->internal; 21110 26615 26616 #ifndef ALT_ECC_SIZE 21111 26617 if (p->X != NULL && SetIndividualInternal(p->X, point->x) != WOLFSSL_SUCCESS) { 21112 26618 WOLFSSL_MSG("ecc point X error"); … … 21123 26629 return WOLFSSL_FATAL_ERROR; 21124 26630 } 26631 #else 26632 if (p->X != NULL && SetIndividualInternalEcc(p->X, point->x) != WOLFSSL_SUCCESS) { 26633 WOLFSSL_MSG("ecc point X error"); 26634 return WOLFSSL_FATAL_ERROR; 26635 } 26636 26637 if (p->Y != NULL && SetIndividualInternalEcc(p->Y, point->y) != WOLFSSL_SUCCESS) { 26638 WOLFSSL_MSG("ecc point Y error"); 26639 return WOLFSSL_FATAL_ERROR; 26640 } 26641 26642 if (p->Z != NULL && SetIndividualInternalEcc(p->Z, point->z) != WOLFSSL_SUCCESS) { 26643 WOLFSSL_MSG("ecc point Z error"); 26644 return WOLFSSL_FATAL_ERROR; 26645 } 26646 #endif 21125 26647 21126 26648 p->inSet = 1; … … 21128 26650 return WOLFSSL_SUCCESS; 21129 26651 } 26652 #endif /* HAVE_ECC */ 26653 #endif /* OPENSSL_EXTRA */ 26654 26655 #if defined(HAVE_ECC) && defined(OPENSSL_EXTRA_X509_SMALL) 21130 26656 21131 26657 /* EC_POINT WolfSSL -> OpenSSL */ … … 21162 26688 return WOLFSSL_SUCCESS; 21163 26689 } 26690 21164 26691 21165 26692 /* EC_KEY wolfSSL -> OpenSSL */ … … 21187 26714 (ecc_point*)eckey->pub_key->internal) != MP_OKAY) { 21188 26715 WOLFSSL_MSG("SetECKeyExternal ecc_copy_point failed"); 21189 21190 26716 return WOLFSSL_FATAL_ERROR; 26717 } 21191 26718 21192 26719 /* set the external pubkey (point) */ 21193 26720 if (SetECPointExternal(eckey->pub_key) != WOLFSSL_SUCCESS) { 21194 26721 WOLFSSL_MSG("SetECKeyExternal SetECPointExternal failed"); 21195 21196 26722 return WOLFSSL_FATAL_ERROR; 26723 } 21197 26724 } 21198 26725 … … 21209 26736 return WOLFSSL_SUCCESS; 21210 26737 } 21211 26738 #endif /* HAVE_ECC && OPENSSL_EXTRA_X509_SMALL */ 26739 26740 #ifdef OPENSSL_EXTRA 26741 #ifdef HAVE_ECC 21212 26742 /* EC_KEY Openssl -> WolfSSL */ 21213 26743 static int SetECKeyInternal(WOLFSSL_EC_KEY* eckey) … … 21240 26770 WOLFSSL_MSG("ec key pub error"); 21241 26771 return WOLFSSL_FATAL_ERROR; 21242 26772 } 21243 26773 21244 26774 /* public key */ … … 21260 26790 21261 26791 return WOLFSSL_SUCCESS; 21262 }26792 } 21263 26793 21264 26794 WOLFSSL_EC_POINT *wolfSSL_EC_KEY_get0_public_key(const WOLFSSL_EC_KEY *key) … … 21272 26802 21273 26803 return key->pub_key; 21274 }26804 } 21275 26805 21276 26806 const WOLFSSL_EC_GROUP *wolfSSL_EC_KEY_get0_group(const WOLFSSL_EC_KEY *key) … … 21343 26873 WOLFSSL_MSG("wolfSSL_EC_KEY_new failure"); 21344 26874 return NULL; 21345 26875 } 21346 26876 21347 26877 /* set the nid of the curve */ … … 21359 26889 } 21360 26890 26891 #endif /* HAVE_ECC */ 26892 #endif /* OPENSSL_EXTRA */ 26893 26894 #if defined(HAVE_ECC) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 21361 26895 static void InitwolfSSL_ECKey(WOLFSSL_EC_KEY* key) 21362 26896 { … … 21383 26917 WOLFSSL_MSG("wolfSSL_EC_KEY_new malloc WOLFSSL_EC_KEY failure"); 21384 26918 return NULL; 21385 26919 } 21386 26920 XMEMSET(external, 0, sizeof(WOLFSSL_EC_KEY)); 21387 26921 … … 21394 26928 wolfSSL_EC_KEY_free(external); 21395 26929 return NULL; 21396 26930 } 21397 26931 XMEMSET(external->internal, 0, sizeof(ecc_key)); 21398 26932 … … 21410 26944 21411 26945 key = (ecc_key*)external->internal; 21412 external->pub_key->internal = (ecc_point*)&key->pubkey; 26946 external->pub_key->internal = wc_ecc_new_point(); 26947 if (wc_ecc_copy_point((ecc_point*)&key->pubkey, 26948 (ecc_point*)external->pub_key->internal) != MP_OKAY) { 26949 WOLFSSL_MSG("wc_ecc_copy_point failure"); 26950 wolfSSL_EC_KEY_free(external); 26951 return NULL; 26952 } 21413 26953 21414 26954 /* curve group */ … … 21451 26991 } 21452 26992 } 21453 26993 #endif /* HAVE_ECC && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ 26994 26995 #ifdef OPENSSL_EXTRA 26996 #ifdef HAVE_ECC 26997 26998 #ifndef NO_WOLFSSL_STUB 21454 26999 int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group) 21455 27000 { … … 21458 27003 21459 27004 WOLFSSL_ENTER("wolfSSL_EC_KEY_set_group"); 21460 WOLFSSL_ MSG("wolfSSL_EC_KEY_set_group TBD");27005 WOLFSSL_STUB("EC_KEY_set_group"); 21461 27006 21462 27007 return -1; 21463 27008 } 27009 #endif 21464 27010 21465 27011 int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key) … … 21481 27027 } 21482 27028 21483 #ifdef WOLFSSL_SMALL_STACK27029 #ifdef WOLFSSL_SMALL_STACK 21484 27030 tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); 21485 27031 if (tmpRNG == NULL) … … 21497 27043 else 21498 27044 rng = &globalRNG; 21499 }27045 } 21500 27046 21501 27047 if (rng == NULL) { … … 21514 27060 #endif 21515 27061 return 0; 21516 }27062 } 21517 27063 21518 27064 if (initTmpRng) 21519 27065 wc_FreeRng(tmpRNG); 21520 #ifdef WOLFSSL_SMALL_STACK27066 #ifdef WOLFSSL_SMALL_STACK 21521 27067 XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); 21522 #endif27068 #endif 21523 27069 21524 27070 if (SetECKeyExternal(key) != WOLFSSL_SUCCESS) { … … 21530 27076 } 21531 27077 27078 #ifndef NO_WOLFSSL_STUB 21532 27079 void wolfSSL_EC_KEY_set_asn1_flag(WOLFSSL_EC_KEY *key, int asn1_flag) 21533 27080 { … … 21536 27083 21537 27084 WOLFSSL_ENTER("wolfSSL_EC_KEY_set_asn1_flag"); 21538 WOLFSSL_MSG("wolfSSL_EC_KEY_set_asn1_flag TBD"); 21539 } 27085 WOLFSSL_STUB("EC_KEY_set_asn1_flag"); 27086 } 27087 #endif 21540 27088 21541 27089 /* return code compliant with OpenSSL : … … 21553 27101 WOLFSSL_MSG("wolfSSL_EC_GROUP_get_order Bad arguments"); 21554 27102 return WOLFSSL_FAILURE; 21555 27103 } 21556 27104 21557 27105 if (key->inSet == 0) { … … 21591 27139 } 21592 27140 21593 #if defined(DEBUG_WOLFSSL) && !defined(NO_FILESYSTEM) 21594 wolfssl_EC_POINT_dump("pub", pub); 21595 wolfssl_EC_POINT_dump("key->pub_key", key->pub_key); 21596 #endif 27141 wolfSSL_EC_POINT_dump("pub", pub); 27142 wolfSSL_EC_POINT_dump("key->pub_key", key->pub_key); 27143 21597 27144 return WOLFSSL_SUCCESS; 21598 27145 } 21599 27146 /* End EC_KEY */ 21600 27147 21601 #if defined(DEBUG_WOLFSSL) && !defined(NO_FILESYSTEM) 21602 void wolfssl_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p) 21603 { 27148 27149 #ifndef HAVE_SELFTEST 27150 /* ECC point compression types were not included in selftest ecc.h */ 27151 27152 char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, 27153 const WOLFSSL_EC_POINT* point, int form, 27154 WOLFSSL_BN_CTX* ctx) 27155 { 27156 static const char* hexDigit = "0123456789ABCDEF"; 27157 char* hex = NULL; 27158 int id = wc_ecc_get_curve_id(group->curve_idx); 27159 int i, sz, len; 27160 27161 (void)ctx; 27162 27163 if (group == NULL || point == NULL) 27164 return NULL; 27165 27166 if ((sz = wc_ecc_get_curve_size_from_id(id)) < 0) 27167 return NULL; 27168 27169 len = sz + 1; 27170 if (form == POINT_CONVERSION_UNCOMPRESSED) 27171 len += sz; 27172 27173 hex = (char*)XMALLOC(2 * len + 1, NULL, DYNAMIC_TYPE_ECC); 27174 if (hex == NULL) 27175 return NULL; 27176 XMEMSET(hex, 0, 2 * len + 1); 27177 27178 /* Put in x-ordinate after format byte. */ 27179 i = sz - mp_unsigned_bin_size((mp_int*)point->X->internal) + 1; 27180 if (mp_to_unsigned_bin((mp_int*)point->X->internal, (byte*)(hex + i)) < 0) { 27181 XFREE(hex, NULL, DYNAMIC_TYPE_ECC); 27182 return NULL; 27183 } 27184 27185 if (form == POINT_CONVERSION_COMPRESSED) { 27186 hex[0] = mp_isodd((mp_int*)point->Y->internal) ? ECC_POINT_COMP_ODD : 27187 ECC_POINT_COMP_EVEN; 27188 } 27189 else { 27190 hex[0] = ECC_POINT_UNCOMP; 27191 /* Put in y-ordinate after x-ordinate */ 27192 i = 1 + 2 * sz - mp_unsigned_bin_size((mp_int*)point->Y->internal); 27193 if (mp_to_unsigned_bin((mp_int*)point->Y->internal, 27194 (byte*)(hex + i)) < 0) { 27195 XFREE(hex, NULL, DYNAMIC_TYPE_ECC); 27196 return NULL; 27197 } 27198 } 27199 27200 for (i = len-1; i >= 0; i--) { 27201 byte b = hex[i]; 27202 hex[i * 2 + 1] = hexDigit[b & 0xf]; 27203 hex[i * 2 ] = hexDigit[b >> 4]; 27204 } 27205 27206 return hex; 27207 } 27208 27209 #endif /* HAVE_SELFTEST */ 27210 27211 void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p) 27212 { 27213 #if defined(DEBUG_WOLFSSL) 21604 27214 char *num; 21605 27215 21606 WOLFSSL_ENTER("wolf ssl_EC_POINT_dump");27216 WOLFSSL_ENTER("wolfSSL_EC_POINT_dump"); 21607 27217 21608 27218 if (p == NULL) { 21609 fprintf(stderr,"%s = NULL", msg);27219 printf("%s = NULL", msg); 21610 27220 return; 21611 27221 } 21612 27222 21613 fprintf(stderr,"%s:\n\tinSet=%d, exSet=%d\n", msg, p->inSet, p->exSet);27223 printf("%s:\n\tinSet=%d, exSet=%d\n", msg, p->inSet, p->exSet); 21614 27224 num = wolfSSL_BN_bn2hex(p->X); 21615 fprintf(stderr,"\tX = %s\n", num);27225 printf("\tX = %s\n", num); 21616 27226 XFREE(num, NULL, DYNAMIC_TYPE_ECC); 21617 27227 num = wolfSSL_BN_bn2hex(p->Y); 21618 fprintf(stderr,"\tY = %s\n", num);27228 printf("\tY = %s\n", num); 21619 27229 XFREE(num, NULL, DYNAMIC_TYPE_ECC); 21620 } 21621 #endif 27230 num = wolfSSL_BN_bn2hex(p->Z); 27231 printf("\tZ = %s\n", num); 27232 XFREE(num, NULL, DYNAMIC_TYPE_ECC); 27233 #else 27234 (void)msg; 27235 (void)p; 27236 #endif 27237 } 21622 27238 21623 27239 /* Start EC_GROUP */ … … 21644 27260 /* ko */ 21645 27261 return 1; 21646 } 21647 27262 } 27263 27264 #endif /* HAVE_ECC */ 27265 #endif /* OPENSSL_EXTRA */ 27266 27267 #if defined(HAVE_ECC) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 21648 27268 void wolfSSL_EC_GROUP_free(WOLFSSL_EC_GROUP *group) 21649 27269 { … … 21653 27273 group = NULL; 21654 27274 } 21655 27275 #endif 27276 27277 #ifdef OPENSSL_EXTRA 27278 #ifdef HAVE_ECC 27279 #ifndef NO_WOLFSSL_STUB 21656 27280 void wolfSSL_EC_GROUP_set_asn1_flag(WOLFSSL_EC_GROUP *group, int flag) 21657 27281 { … … 21660 27284 21661 27285 WOLFSSL_ENTER("wolfSSL_EC_GROUP_set_asn1_flag"); 21662 WOLFSSL_MSG("wolfSSL_EC_GROUP_set_asn1_flag TBD"); 21663 } 27286 WOLFSSL_STUB("EC_GROUP_set_asn1_flag"); 27287 } 27288 #endif 21664 27289 21665 27290 WOLFSSL_EC_GROUP *wolfSSL_EC_GROUP_new_by_curve_name(int nid) … … 21688 27313 g->curve_oid = ecc_sets[x].oidSum; 21689 27314 break; 21690 27315 } 21691 27316 21692 27317 return g; … … 21703 27328 WOLFSSL_MSG("wolfSSL_EC_GROUP_get_curve_name Bad arguments"); 21704 27329 return WOLFSSL_FAILURE; 21705 }27330 } 21706 27331 21707 27332 return group->curve_nid; … … 21776 27401 21777 27402 if (mp_read_radix((mp_int*)order->internal, 21778 ecc_sets[group->curve_idx].order, 16) != MP_OKAY) {27403 ecc_sets[group->curve_idx].order, MP_RADIX_HEX) != MP_OKAY) { 21779 27404 WOLFSSL_MSG("wolfSSL_EC_GROUP_get_order mp_read order failure"); 21780 27405 mp_clear((mp_int*)order->internal); … … 21783 27408 21784 27409 return WOLFSSL_SUCCESS; 21785 }27410 } 21786 27411 /* End EC_GROUP */ 21787 27412 … … 21802 27427 WOLFSSL_MSG("wolfSSL_ECPoint_i2d NULL error"); 21803 27428 return WOLFSSL_FAILURE; 21804 27429 } 21805 27430 21806 27431 if (p->inSet == 0) { … … 21810 27435 WOLFSSL_MSG("SetECPointInternal SetECPointInternal failed"); 21811 27436 return WOLFSSL_FAILURE; 21812 } 21813 } 21814 21815 #if defined(DEBUG_WOLFSSL) && !defined(NO_FILESYSTEM) 27437 } 27438 } 27439 21816 27440 if (out != NULL) { 21817 wolf ssl_EC_POINT_dump("i2d p", p);21818 } 21819 #endif 27441 wolfSSL_EC_POINT_dump("i2d p", p); 27442 } 27443 21820 27444 err = wc_ecc_export_point_der(group->curve_idx, (ecc_point*)p->internal, 21821 27445 out, len); … … 21823 27447 WOLFSSL_MSG("wolfSSL_ECPoint_i2d wc_ecc_export_point_der failed"); 21824 27448 return WOLFSSL_FAILURE; 21825 27449 } 21826 27450 21827 27451 return WOLFSSL_SUCCESS; … … 21856 27480 } 21857 27481 21858 #if defined(DEBUG_WOLFSSL) && !defined(NO_FILESYSTEM) 21859 wolfssl_EC_POINT_dump("d2i p", p); 21860 #endif 27482 wolfSSL_EC_POINT_dump("d2i p", p); 27483 21861 27484 return WOLFSSL_SUCCESS; 21862 27485 } … … 21886 27509 XFREE(p, NULL, DYNAMIC_TYPE_ECC); 21887 27510 return NULL; 21888 27511 } 21889 27512 21890 27513 return p; … … 21925 27548 } 21926 27549 27550 #ifndef WOLFSSL_ATECC508A 21927 27551 /* return code compliant with OpenSSL : 21928 27552 * 1 if success, 0 if error … … 21952 27576 WOLFSSL_MSG("SetECPointInternal q failed"); 21953 27577 return WOLFSSL_FAILURE; 21954 27578 } 21955 27579 } 21956 27580 … … 21960 27584 } 21961 27585 21962 ret = mp_read_radix(&prime, ecc_sets[group->curve_idx].prime, 16); 21963 if (ret == MP_OKAY) 21964 ret = mp_read_radix(&a, ecc_sets[group->curve_idx].Af, 16); 27586 ret = mp_read_radix(&prime, ecc_sets[group->curve_idx].prime, MP_RADIX_HEX); 27587 if (ret == MP_OKAY) { 27588 ret = mp_read_radix(&a, ecc_sets[group->curve_idx].Af, MP_RADIX_HEX); 27589 } 21965 27590 21966 27591 /* r = q * m % prime */ 21967 if (ret == MP_OKAY) 27592 if (ret == MP_OKAY) { 21968 27593 ret = wc_ecc_mulmod((mp_int*)m->internal, (ecc_point*)q->internal, 21969 27594 (ecc_point*)r->internal, &a, &prime, 1); 27595 } 21970 27596 21971 27597 mp_clear(&a); … … 21973 27599 21974 27600 if (ret == MP_OKAY) { 27601 r->inSet = 1; /* mark internal set */ 27602 21975 27603 /* set the external value for the computed point */ 21976 ret = SetECPoint Internal(r);27604 ret = SetECPointExternal(r); 21977 27605 if (ret != WOLFSSL_SUCCESS) { 21978 27606 WOLFSSL_MSG("SetECPointInternal r failed"); … … 21984 27612 21985 27613 return ret; 21986 } 27614 } 27615 #endif 21987 27616 21988 27617 void wolfSSL_EC_POINT_clear_free(WOLFSSL_EC_POINT *p) … … 21991 27620 21992 27621 wolfSSL_EC_POINT_free(p); 21993 }27622 } 21994 27623 21995 27624 /* return code compliant with OpenSSL : … … 22002 27631 int ret; 22003 27632 22004 27633 (void)ctx; 22005 27634 22006 27635 WOLFSSL_ENTER("wolfSSL_EC_POINT_cmp"); … … 22020 27649 return WOLFSSL_FATAL_ERROR; 22021 27650 } 22022 27651 #endif /* HAVE_ECC */ 27652 #endif /* OPENSSL_EXTRA */ 27653 27654 #if defined(HAVE_ECC) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 22023 27655 void wolfSSL_EC_POINT_free(WOLFSSL_EC_POINT *p) 22024 27656 { … … 22026 27658 22027 27659 if (p != NULL) { 22028 if (p->internal == NULL) {27660 if (p->internal != NULL) { 22029 27661 wc_ecc_del_point((ecc_point*)p->internal); 22030 XFREE(p->internal, NULL, DYNAMIC_TYPE_ECC);22031 27662 p->internal = NULL; 22032 27663 } 22033 27664 22034 27665 wolfSSL_BN_free(p->X); … … 22043 27674 p = NULL; 22044 27675 } 22045 } 22046 27676 } 27677 #endif 27678 27679 #ifdef OPENSSL_EXTRA 27680 #ifdef HAVE_ECC 22047 27681 /* return code compliant with OpenSSL : 22048 27682 * 1 if point at infinity, 0 else … … 22090 27724 XFREE(sig, NULL, DYNAMIC_TYPE_ECC); 22091 27725 } 22092 }27726 } 22093 27727 22094 27728 WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_SIG_new(void) … … 22151 27785 WOLFSSL_MSG("wolfSSL_ECDSA_do_sign SetECKeyInternal failed"); 22152 27786 return NULL; 22153 27787 } 22154 27788 } 22155 27789 … … 22163 27797 rng = tmpRNG; 22164 27798 initTmpRng = 1; 22165 }27799 } 22166 27800 else { 22167 27801 WOLFSSL_MSG("wolfSSL_ECDSA_do_sign Bad RNG Init, trying global"); … … 22179 27813 &sig_r, &sig_s) != MP_OKAY) { 22180 27814 WOLFSSL_MSG("wc_ecc_sign_hash_ex failed"); 22181 27815 } 22182 27816 else { 22183 27817 /* put signature blob in ECDSA structure */ … … 22189 27823 wolfSSL_ECDSA_SIG_free(sig); 22190 27824 sig = NULL; 22191 27825 } 22192 27826 else if (SetIndividualExternal(&(sig->s), &sig_s)!=WOLFSSL_SUCCESS){ 22193 27827 WOLFSSL_MSG("ecdsa s key error"); 22194 27828 wolfSSL_ECDSA_SIG_free(sig); 22195 27829 sig = NULL; 22196 27830 } 22197 27831 22198 27832 } … … 22235 27869 return WOLFSSL_FATAL_ERROR; 22236 27870 } 22237 }27871 } 22238 27872 22239 27873 if (wc_ecc_verify_hash_ex((mp_int*)sig->r->internal, … … 22246 27880 WOLFSSL_MSG("wc_ecc_verify_hash incorrect signature detected"); 22247 27881 return WOLFSSL_FAILURE; 22248 27882 } 22249 27883 22250 27884 return WOLFSSL_SUCCESS; 27885 } 27886 27887 WOLFSSL_ECDSA_SIG *wolfSSL_d2i_ECDSA_SIG(WOLFSSL_ECDSA_SIG **sig, 27888 const unsigned char **pp, long len) 27889 { 27890 WOLFSSL_ECDSA_SIG *s = NULL; 27891 27892 if (pp == NULL) 27893 return NULL; 27894 27895 if (sig != NULL) 27896 s = *sig; 27897 if (s == NULL) { 27898 s = wolfSSL_ECDSA_SIG_new(); 27899 if (s == NULL) 27900 return NULL; 27901 } 27902 27903 /* DecodeECC_DSA_Sig calls mp_init, so free these */ 27904 mp_free((mp_int*)s->r->internal); 27905 mp_free((mp_int*)s->s->internal); 27906 27907 if (DecodeECC_DSA_Sig(*pp, (word32)len, (mp_int*)s->r->internal, 27908 (mp_int*)s->s->internal) != MP_OKAY) { 27909 if (sig == NULL || *sig == NULL) 27910 wolfSSL_ECDSA_SIG_free(s); 27911 return NULL; 27912 } 27913 27914 *pp += len; 27915 if (sig != NULL) 27916 *sig = s; 27917 return s; 27918 } 27919 27920 int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig, unsigned char **pp) 27921 { 27922 word32 len; 27923 27924 if (sig == NULL) 27925 return 0; 27926 27927 /* ASN.1: SEQ + INT + INT 27928 * ASN.1 Integer must be a positive value - prepend zero if number has 27929 * top bit set. 27930 */ 27931 len = 2 + mp_leading_bit((mp_int*)sig->r->internal) + 27932 mp_unsigned_bin_size((mp_int*)sig->r->internal) + 27933 2 + mp_leading_bit((mp_int*)sig->s->internal) + 27934 mp_unsigned_bin_size((mp_int*)sig->s->internal); 27935 /* Two bytes required for length if ASN.1 SEQ data greater than 127 bytes 27936 * and less than 256 bytes. 27937 */ 27938 len = 1 + ((len > 127) ? 2 : 1) + len; 27939 if (pp != NULL && *pp != NULL) { 27940 if (StoreECC_DSA_Sig(*pp, &len, (mp_int*)sig->r->internal, 27941 (mp_int*)sig->s->internal) != MP_OKAY) { 27942 len = 0; 27943 } 27944 else 27945 *pp += len; 27946 } 27947 27948 return (int)len; 22251 27949 } 22252 27950 /* End ECDSA_SIG */ … … 22267 27965 (void)KDF; 22268 27966 22269 27967 WOLFSSL_ENTER("wolfSSL_ECDH_compute_key"); 22270 27968 22271 27969 if (out == NULL || pub_key == NULL || pub_key->internal == NULL || … … 22273 27971 WOLFSSL_MSG("Bad function arguments"); 22274 27972 return WOLFSSL_FATAL_ERROR; 22275 }27973 } 22276 27974 22277 27975 /* set internal key if not done */ … … 22293 27991 WOLFSSL_MSG("wc_ecc_shared_secret failed"); 22294 27992 return WOLFSSL_FATAL_ERROR; 22295 }27993 } 22296 27994 22297 27995 return len; 22298 }27996 } 22299 27997 /* End ECDH */ 22300 27998 … … 22303 28001 * 1 if success, 0 if error 22304 28002 */ 22305 int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *x) 28003 #ifndef NO_WOLFSSL_STUB 28004 int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY *x) 22306 28005 { 22307 28006 (void)fp; 22308 28007 (void)x; 22309 28008 WOLFSSL_STUB("PEM_write_EC_PUBKEY"); 22310 28009 WOLFSSL_MSG("wolfSSL_PEM_write_EC_PUBKEY not implemented"); 22311 28010 22312 28011 return WOLFSSL_FAILURE; 22313 28012 } 28013 #endif 28014 22314 28015 #endif /* NO_FILESYSTEM */ 22315 28016 … … 22319 28020 * 1 if success, 0 if error 22320 28021 */ 28022 #ifndef NO_WOLFSSL_STUB 22321 28023 int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ecc, 22322 28024 const EVP_CIPHER* cipher, … … 22331 28033 (void)cb; 22332 28034 (void)arg; 22333 28035 WOLFSSL_STUB("PEM_write_bio_ECPrivateKey"); 22334 28036 WOLFSSL_MSG("wolfSSL_PEM_write_bio_ECPrivateKey not implemented"); 22335 28037 22336 28038 return WOLFSSL_FAILURE; 22337 28039 } 28040 #endif 22338 28041 22339 28042 /* return code compliant with OpenSSL : … … 22345 28048 unsigned char **pem, int *plen) 22346 28049 { 28050 #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) 22347 28051 byte *derBuf, *tmp, *cipherInfo = NULL; 22348 28052 int der_max_len = 0, derSz = 0; 28053 const int type = ECC_PRIVATEKEY_TYPE; 28054 const char* header = NULL; 28055 const char* footer = NULL; 22349 28056 22350 28057 WOLFSSL_MSG("wolfSSL_PEM_write_mem_ECPrivateKey"); … … 22355 28062 } 22356 28063 28064 if (wc_PemGetHeaderFooter(type, &header, &footer) != 0) 28065 return WOLFSSL_FAILURE; 28066 22357 28067 if (ecc->inSet == 0) { 22358 28068 WOLFSSL_MSG("No ECC internal set, do it"); … … 22361 28071 WOLFSSL_MSG("SetDsaInternal failed"); 22362 28072 return WOLFSSL_FAILURE; 22363 28073 } 22364 28074 } 22365 28075 … … 22380 28090 XFREE(derBuf, NULL, DYNAMIC_TYPE_DER); 22381 28091 return WOLFSSL_FAILURE; 22382 }28092 } 22383 28093 22384 28094 /* encrypt DER buffer if required */ … … 22392 28102 XFREE(derBuf, NULL, DYNAMIC_TYPE_DER); 22393 28103 return ret; 22394 28104 } 22395 28105 22396 28106 /* tmp buffer with a max size */ 22397 *plen = (derSz * 2) + sizeof(BEGIN_EC_PRIV) + 22398 sizeof(END_EC_PRIV) + HEADER_ENCRYPTED_KEY_SIZE; 22399 } 22400 else /* tmp buffer with a max size */ 22401 *plen = (derSz * 2) + sizeof(BEGIN_EC_PRIV) + sizeof(END_EC_PRIV); 28107 *plen = (derSz * 2) + (int)XSTRLEN(header) + 1 + 28108 (int)XSTRLEN(footer) + 1 + HEADER_ENCRYPTED_KEY_SIZE; 28109 } 28110 else { /* tmp buffer with a max size */ 28111 *plen = (derSz * 2) + (int)XSTRLEN(header) + 1 + 28112 (int)XSTRLEN(footer) + 1; 28113 } 22402 28114 22403 28115 tmp = (byte*)XMALLOC(*plen, NULL, DYNAMIC_TYPE_PEM); … … 22408 28120 XFREE(cipherInfo, NULL, DYNAMIC_TYPE_STRING); 22409 28121 return WOLFSSL_FAILURE; 22410 28122 } 22411 28123 22412 28124 /* DER to PEM */ 22413 *plen = wc_DerToPemEx(derBuf, derSz, tmp, *plen, cipherInfo, ECC_PRIVATEKEY_TYPE);28125 *plen = wc_DerToPemEx(derBuf, derSz, tmp, *plen, cipherInfo, type); 22414 28126 if (*plen <= 0) { 22415 28127 WOLFSSL_MSG("wc_DerToPemEx failed"); … … 22441 28153 22442 28154 return WOLFSSL_SUCCESS; 28155 #else 28156 (void)ecc; 28157 (void)cipher; 28158 (void)passwd; 28159 (void)passwdSz; 28160 (void)pem; 28161 (void)plen; 28162 return WOLFSSL_FAILURE; 28163 #endif /* WOLFSSL_PEM_TO_DER || WOLFSSL_DER_TO_PEM */ 22443 28164 } 22444 28165 … … 22447 28168 * 1 if success, 0 if error 22448 28169 */ 22449 int wolfSSL_PEM_write_ECPrivateKey( FILE *fp, WOLFSSL_EC_KEY *ecc,28170 int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *ecc, 22450 28171 const EVP_CIPHER *enc, 22451 28172 unsigned char *kstr, int klen, … … 22460 28181 WOLFSSL_MSG("wolfSSL_PEM_write_ECPrivateKey"); 22461 28182 22462 if (fp == NULL|| ecc == NULL || ecc->internal == NULL) {28183 if (fp == XBADFILE || ecc == NULL || ecc->internal == NULL) { 22463 28184 WOLFSSL_MSG("Bad function arguments"); 22464 28185 return WOLFSSL_FAILURE; … … 22475 28196 WOLFSSL_MSG("ECC private key file write failed"); 22476 28197 return WOLFSSL_FAILURE; 22477 }28198 } 22478 28199 22479 28200 XFREE(pem, NULL, DYNAMIC_TYPE_KEY); 22480 28201 return WOLFSSL_SUCCESS; 22481 }28202 } 22482 28203 22483 28204 #endif /* NO_FILESYSTEM */ … … 22509 28230 WOLFSSL_MSG("wolfSSL_PEM_write_bio_DSAPrivateKey not implemented"); 22510 28231 22511 return WOLFSSL_FAILURE;22512 }28232 return WOLFSSL_FAILURE; 28233 } 22513 28234 22514 28235 /* return code compliant with OpenSSL : … … 22519 28240 unsigned char* passwd, int passwdSz, 22520 28241 unsigned char **pem, int *plen) 22521 { 28242 { 28243 #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) 22522 28244 byte *derBuf, *tmp, *cipherInfo = NULL; 22523 28245 int der_max_len = 0, derSz = 0; 28246 const int type = DSA_PRIVATEKEY_TYPE; 28247 const char* header = NULL; 28248 const char* footer = NULL; 22524 28249 22525 28250 WOLFSSL_MSG("wolfSSL_PEM_write_mem_DSAPrivateKey"); … … 22528 28253 WOLFSSL_MSG("Bad function arguments"); 22529 28254 return WOLFSSL_FAILURE; 22530 } 28255 } 28256 28257 if (wc_PemGetHeaderFooter(type, &header, &footer) != 0) 28258 return WOLFSSL_FAILURE; 22531 28259 22532 28260 if (dsa->inSet == 0) { … … 22537 28265 return WOLFSSL_FAILURE; 22538 28266 } 22539 28267 } 22540 28268 22541 28269 /* 4 > size of pub, priv, p, q, g + ASN.1 additional informations … … 22570 28298 22571 28299 /* tmp buffer with a max size */ 22572 *plen = (derSz * 2) + sizeof(BEGIN_DSA_PRIV) + 22573 sizeof(END_DSA_PRIV) + HEADER_ENCRYPTED_KEY_SIZE; 22574 } 22575 else /* tmp buffer with a max size */ 22576 *plen = (derSz * 2) + sizeof(BEGIN_DSA_PRIV) + sizeof(END_DSA_PRIV); 28300 *plen = (derSz * 2) + (int)XSTRLEN(header) + 1 + 28301 (int)XSTRLEN(footer) + 1 + HEADER_ENCRYPTED_KEY_SIZE; 28302 } 28303 else { /* tmp buffer with a max size */ 28304 *plen = (derSz * 2) + (int)XSTRLEN(header) + 1 + 28305 (int)XSTRLEN(footer) + 1; 28306 } 22577 28307 22578 28308 tmp = (byte*)XMALLOC(*plen, NULL, DYNAMIC_TYPE_PEM); … … 22586 28316 22587 28317 /* DER to PEM */ 22588 *plen = wc_DerToPemEx(derBuf, derSz, tmp, *plen, cipherInfo, DSA_PRIVATEKEY_TYPE);28318 *plen = wc_DerToPemEx(derBuf, derSz, tmp, *plen, cipherInfo, type); 22589 28319 if (*plen <= 0) { 22590 28320 WOLFSSL_MSG("wc_DerToPemEx failed"); … … 22612 28342 XFREE(tmp, NULL, DYNAMIC_TYPE_PEM); 22613 28343 return WOLFSSL_FAILURE; 22614 28344 } 22615 28345 XFREE(tmp, NULL, DYNAMIC_TYPE_PEM); 22616 28346 22617 28347 return WOLFSSL_SUCCESS; 28348 #else 28349 (void)dsa; 28350 (void)cipher; 28351 (void)passwd; 28352 (void)passwdSz; 28353 (void)pem; 28354 (void)plen; 28355 return WOLFSSL_FAILURE; 28356 #endif /* WOLFSSL_PEM_TO_DER || WOLFSSL_DER_TO_PEM */ 22618 28357 } 22619 28358 … … 22622 28361 * 1 if success, 0 if error 22623 28362 */ 22624 int wolfSSL_PEM_write_DSAPrivateKey( FILE *fp, WOLFSSL_DSA *dsa,28363 int wolfSSL_PEM_write_DSAPrivateKey(XFILE fp, WOLFSSL_DSA *dsa, 22625 28364 const EVP_CIPHER *enc, 22626 28365 unsigned char *kstr, int klen, … … 22635 28374 WOLFSSL_MSG("wolfSSL_PEM_write_DSAPrivateKey"); 22636 28375 22637 if (fp == NULL|| dsa == NULL || dsa->internal == NULL) {28376 if (fp == XBADFILE || dsa == NULL || dsa->internal == NULL) { 22638 28377 WOLFSSL_MSG("Bad function arguments"); 22639 28378 return WOLFSSL_FAILURE; … … 22663 28402 * 1 if success, 0 if error 22664 28403 */ 22665 int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x) 28404 #ifndef NO_WOLFSSL_STUB 28405 int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x) 22666 28406 { 22667 28407 (void)fp; 22668 28408 (void)x; 22669 28409 WOLFSSL_STUB("PEM_write_DSA_PUBKEY"); 22670 28410 WOLFSSL_MSG("wolfSSL_PEM_write_DSA_PUBKEY not implemented"); 22671 28411 22672 28412 return WOLFSSL_FAILURE; 22673 } 28413 } 28414 #endif 22674 28415 #endif /* NO_FILESYSTEM */ 22675 28416 22676 28417 #endif /* #ifndef NO_DSA */ 22677 28418 28419 static int pem_read_bio_key(WOLFSSL_BIO* bio, pem_password_cb* cb, void* pass, 28420 int keyType, int* eccFlag, DerBuffer** der) 28421 { 28422 #ifdef WOLFSSL_SMALL_STACK 28423 EncryptedInfo* info = NULL; 28424 #else 28425 EncryptedInfo info[1]; 28426 #endif /* WOLFSSL_SMALL_STACK */ 28427 pem_password_cb* localCb = cb; 28428 28429 char* mem = NULL; 28430 int memSz; 28431 int ret; 28432 28433 if ((ret = wolfSSL_BIO_pending(bio)) > 0) { 28434 memSz = ret; 28435 mem = (char*)XMALLOC(memSz, bio->heap, DYNAMIC_TYPE_OPENSSL); 28436 if (mem == NULL) { 28437 WOLFSSL_MSG("Memory error"); 28438 ret = MEMORY_E; 28439 } 28440 if (ret >= 0) { 28441 if ((ret = wolfSSL_BIO_read(bio, mem, memSz)) <= 0) { 28442 XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); 28443 ret = MEMORY_E; 28444 } 28445 } 28446 } 28447 else if (bio->type == WOLFSSL_BIO_FILE) { 28448 int sz = 100; /* read from file by 100 byte chuncks */ 28449 int idx = 0; 28450 char* tmp = (char*)XMALLOC(sz, bio->heap, DYNAMIC_TYPE_OPENSSL); 28451 28452 memSz = 0; 28453 if (tmp == NULL) { 28454 WOLFSSL_MSG("Memory error"); 28455 ret = MEMORY_E; 28456 } 28457 28458 while (ret >= 0 && (sz = wolfSSL_BIO_read(bio, tmp, sz)) > 0) { 28459 if (memSz + sz < 0) { 28460 /* sanity check */ 28461 break; 28462 } 28463 mem = (char*)XREALLOC(mem, memSz + sz, bio->heap, 28464 DYNAMIC_TYPE_OPENSSL); 28465 if (mem == NULL) { 28466 WOLFSSL_MSG("Memory error"); 28467 XFREE(tmp, bio->heap, DYNAMIC_TYPE_OPENSSL); 28468 tmp = NULL; 28469 ret = MEMORY_E; 28470 break; 28471 } 28472 XMEMCPY(mem + idx, tmp, sz); 28473 memSz += sz; 28474 idx += sz; 28475 sz = 100; /* read another 100 byte chunck from file */ 28476 } 28477 XFREE(tmp, bio->heap, DYNAMIC_TYPE_OPENSSL); 28478 if (memSz <= 0) { 28479 WOLFSSL_MSG("No data to read from bio"); 28480 if (mem != NULL) { 28481 XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); 28482 mem = NULL; 28483 } 28484 ret = BUFFER_E; 28485 } 28486 } 28487 else { 28488 WOLFSSL_MSG("No data to read from bio"); 28489 ret = NOT_COMPILED_IN; 28490 } 28491 28492 #ifdef WOLFSSL_SMALL_STACK 28493 if (ret >= 0) { 28494 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL, 28495 DYNAMIC_TYPE_TMP_BUFFER); 28496 if (info == NULL) { 28497 WOLFSSL_MSG("Error getting memory for EncryptedInfo structure"); 28498 XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); 28499 mem = NULL; 28500 ret = MEMORY_E; 28501 } 28502 } 28503 #endif 28504 28505 if (ret >= 0) { 28506 XMEMSET(info, 0, sizeof(EncryptedInfo)); 28507 info->passwd_cb = localCb; 28508 info->passwd_userdata = pass; 28509 ret = PemToDer((const unsigned char*)mem, memSz, keyType, der, 28510 NULL, info, eccFlag); 28511 28512 if (ret < 0) { 28513 WOLFSSL_MSG("Bad Pem To Der"); 28514 } 28515 else { 28516 /* write left over data back to bio */ 28517 if ((memSz - (int)info->consumed) > 0 && 28518 bio->type != WOLFSSL_BIO_FILE) { 28519 if (wolfSSL_BIO_write(bio, mem + (int)info->consumed, 28520 memSz - (int)info->consumed) <= 0) { 28521 WOLFSSL_MSG("Unable to advance bio read pointer"); 28522 } 28523 } 28524 } 28525 } 28526 28527 #ifdef WOLFSSL_SMALL_STACK 28528 XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER); 28529 #endif 28530 XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); 28531 28532 return ret; 28533 } 28534 22678 28535 WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio, 22679 WOLFSSL_EVP_PKEY** key, pem_password_cb* cb, void* arg) 22680 { 22681 (void)bio; 22682 (void)key; 22683 (void)cb; 22684 (void)arg; 22685 22686 WOLFSSL_MSG("wolfSSL_PEM_read_bio_PrivateKey not implemented"); 22687 22688 return NULL; 22689 } 22690 22691 28536 WOLFSSL_EVP_PKEY** key, 28537 pem_password_cb* cb, 28538 void* pass) 28539 { 28540 WOLFSSL_EVP_PKEY* pkey = NULL; 28541 DerBuffer* der = NULL; 28542 int eccFlag = 0; 28543 28544 WOLFSSL_ENTER("wolfSSL_PEM_read_bio_PrivateKey"); 28545 28546 if (bio == NULL) 28547 return pkey; 28548 28549 if (pem_read_bio_key(bio, cb, pass, PRIVATEKEY_TYPE, &eccFlag, &der) >= 0) { 28550 int type; 28551 const unsigned char* ptr = der->buffer; 28552 28553 if (eccFlag) 28554 type = EVP_PKEY_EC; 28555 else 28556 type = EVP_PKEY_RSA; 28557 28558 /* handle case where reuse is attempted */ 28559 if (key != NULL && *key != NULL) 28560 pkey = *key; 28561 28562 wolfSSL_d2i_PrivateKey(type, &pkey, &ptr, der->length); 28563 if (pkey == NULL) { 28564 WOLFSSL_MSG("Error loading DER buffer into WOLFSSL_EVP_PKEY"); 28565 } 28566 } 28567 28568 FreeDer(&der); 28569 28570 if (key != NULL && pkey != NULL) 28571 *key = pkey; 28572 28573 WOLFSSL_LEAVE("wolfSSL_PEM_read_bio_PrivateKey", 0); 28574 28575 return pkey; 28576 } 28577 28578 WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_bio_PUBKEY(WOLFSSL_BIO* bio, 28579 WOLFSSL_EVP_PKEY **key, 28580 pem_password_cb *cb, void *pass) 28581 { 28582 WOLFSSL_EVP_PKEY* pkey = NULL; 28583 DerBuffer* der = NULL; 28584 int eccFlag = 0; 28585 28586 WOLFSSL_ENTER("wolfSSL_PEM_read_bio_PUBKEY"); 28587 28588 if (bio == NULL) 28589 return pkey; 28590 28591 if (pem_read_bio_key(bio, cb, pass, PUBLICKEY_TYPE, &eccFlag, &der) >= 0) { 28592 unsigned char* ptr = der->buffer; 28593 28594 /* handle case where reuse is attempted */ 28595 if (key != NULL && *key != NULL) 28596 pkey = *key; 28597 28598 wolfSSL_d2i_PUBKEY(&pkey, &ptr, der->length); 28599 if (pkey == NULL) { 28600 WOLFSSL_MSG("Error loading DER buffer into WOLFSSL_EVP_PKEY"); 28601 } 28602 } 28603 28604 FreeDer(&der); 28605 28606 if (key != NULL && pkey != NULL) 28607 *key = pkey; 28608 28609 WOLFSSL_LEAVE("wolfSSL_PEM_read_bio_PrivateKey", 0); 28610 28611 return pkey; 28612 } 28613 28614 28615 #ifndef NO_RSA 28616 /* Uses the same format of input as wolfSSL_PEM_read_bio_PrivateKey but expects 28617 * the results to be an RSA key. 28618 * 28619 * bio structure to read RSA private key from 28620 * rsa if not null is then set to the result 28621 * cb password callback for reading PEM 28622 * pass password string 28623 * 28624 * returns a pointer to a new WOLFSSL_RSA structure on success and NULL on fail 28625 */ 28626 WOLFSSL_RSA* wolfSSL_PEM_read_bio_RSAPrivateKey(WOLFSSL_BIO* bio, 28627 WOLFSSL_RSA** rsa, pem_password_cb* cb, void* pass) 28628 { 28629 WOLFSSL_EVP_PKEY* pkey; 28630 WOLFSSL_RSA* local; 28631 28632 pkey = wolfSSL_PEM_read_bio_PrivateKey(bio, NULL, cb, pass); 28633 if (pkey == NULL) { 28634 return NULL; 28635 } 28636 28637 /* Since the WOLFSSL_RSA structure is being taken from WOLFSSL_EVP_PEKY the 28638 * flag indicating that the WOLFSSL_RSA structure is owned should be FALSE 28639 * to avoid having it free'd */ 28640 pkey->ownRsa = 0; 28641 local = pkey->rsa; 28642 if (rsa != NULL) { 28643 *rsa = local; 28644 } 28645 28646 wolfSSL_EVP_PKEY_free(pkey); 28647 return local; 28648 } 28649 #endif /* !NO_RSA */ 28650 28651 28652 /* return of pkey->type which will be EVP_PKEY_RSA for example. 28653 * 28654 * type type of EVP_PKEY 28655 * 28656 * returns type or if type is not found then NID_undef 28657 */ 22692 28658 int wolfSSL_EVP_PKEY_type(int type) 22693 28659 { 22694 (void) type; 22695 WOLFSSL_MSG("wolfSSL_EVP_PKEY_type always returns EVP_PKEY_RSA"); 22696 return EVP_PKEY_RSA; 22697 } 28660 WOLFSSL_MSG("wolfSSL_EVP_PKEY_type"); 28661 28662 switch (type) { 28663 #ifdef OPENSSL_EXTRA 28664 case EVP_PKEY_RSA: 28665 return EVP_PKEY_RSA; 28666 case EVP_PKEY_DSA: 28667 return EVP_PKEY_DSA; 28668 case EVP_PKEY_EC: 28669 return EVP_PKEY_EC; 28670 #endif 28671 default: 28672 return NID_undef; 28673 } 28674 } 28675 28676 28677 int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey) 28678 { 28679 if (pkey != NULL) 28680 return pkey->type; 28681 return 0; 28682 } 28683 22698 28684 22699 28685 int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey) 22700 28686 { 22701 return EVP_PKEY_type(pkey->type); 28687 if (pkey == NULL) 28688 return NID_undef; 28689 return wolfSSL_EVP_PKEY_type(pkey->type); 22702 28690 } 22703 28691 22704 28692 22705 28693 #if !defined(NO_FILESYSTEM) 22706 WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY( FILE *fp, EVP_PKEY **x,28694 WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x, 22707 28695 pem_password_cb *cb, void *u) 22708 28696 { … … 22721 28709 22722 28710 #if !defined(NO_FILESYSTEM) 22723 WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(FILE *fp, WOLFSSL_RSA **x, 28711 #ifndef NO_WOLFSSL_STUB 28712 WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(XFILE fp, WOLFSSL_RSA **x, 22724 28713 pem_password_cb *cb, void *u) 22725 28714 { … … 22728 28717 (void)cb; 22729 28718 (void)u; 22730 28719 WOLFSSL_STUB("PEM_read_RSAPublicKey"); 22731 28720 WOLFSSL_MSG("wolfSSL_PEM_read_RSAPublicKey not implemented"); 22732 28721 22733 28722 return NULL; 22734 28723 } 22735 28724 #endif 22736 28725 /* return code compliant with OpenSSL : 22737 28726 * 1 if success, 0 if error 22738 28727 */ 22739 int wolfSSL_PEM_write_RSAPublicKey(FILE *fp, WOLFSSL_RSA *x) 28728 #ifndef NO_WOLFSSL_STUB 28729 int wolfSSL_PEM_write_RSAPublicKey(XFILE fp, WOLFSSL_RSA *x) 22740 28730 { 22741 28731 (void)fp; 22742 28732 (void)x; 22743 28733 WOLFSSL_STUB("PEM_write_RSAPublicKey"); 22744 28734 WOLFSSL_MSG("wolfSSL_PEM_write_RSAPublicKey not implemented"); 22745 28735 22746 28736 return WOLFSSL_FAILURE; 22747 } 28737 } 28738 #endif 22748 28739 22749 28740 /* return code compliant with OpenSSL : 22750 28741 * 1 if success, 0 if error 22751 28742 */ 22752 int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x) 28743 #ifndef NO_WOLFSSL_STUB 28744 int wolfSSL_PEM_write_RSA_PUBKEY(XFILE fp, WOLFSSL_RSA *x) 22753 28745 { 22754 28746 (void)fp; 22755 28747 (void)x; 22756 28748 WOLFSSL_STUB("PEM_write_RSA_PUBKEY"); 22757 28749 WOLFSSL_MSG("wolfSSL_PEM_write_RSA_PUBKEY not implemented"); 22758 28750 22759 28751 return WOLFSSL_FAILURE; 22760 28752 } 28753 #endif 28754 22761 28755 #endif /* NO_FILESYSTEM */ 22762 28756 28757 WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r, const unsigned char **pp, 28758 long len) 28759 { 28760 WOLFSSL_RSA *rsa = NULL; 28761 28762 WOLFSSL_ENTER("d2i_RSAPublicKey"); 28763 28764 if (pp == NULL) { 28765 WOLFSSL_MSG("Bad argument"); 28766 return NULL; 28767 } 28768 if ((rsa = wolfSSL_RSA_new()) == NULL) { 28769 WOLFSSL_MSG("RSA_new failed"); 28770 return NULL; 28771 } 28772 28773 if (wolfSSL_RSA_LoadDer_ex(rsa, *pp, (int)len, WOLFSSL_RSA_LOAD_PUBLIC) 28774 != WOLFSSL_SUCCESS) { 28775 WOLFSSL_MSG("RSA_LoadDer failed"); 28776 wolfSSL_RSA_free(rsa); 28777 rsa = NULL; 28778 } 28779 if (r != NULL) 28780 *r = rsa; 28781 28782 return rsa; 28783 } 28784 28785 /* Converts an RSA private key from DER format to an RSA structure. 28786 Returns pointer to the RSA structure on success and NULL if error. */ 28787 WOLFSSL_RSA *wolfSSL_d2i_RSAPrivateKey(WOLFSSL_RSA **r, 28788 const unsigned char **derBuf, long derSz) 28789 { 28790 WOLFSSL_RSA *rsa = NULL; 28791 28792 WOLFSSL_ENTER("wolfSSL_d2i_RSAPrivateKey"); 28793 28794 /* check for bad functions arguments */ 28795 if (derBuf == NULL) { 28796 WOLFSSL_MSG("Bad argument"); 28797 return NULL; 28798 } 28799 if ((rsa = wolfSSL_RSA_new()) == NULL) { 28800 WOLFSSL_MSG("RSA_new failed"); 28801 return NULL; 28802 } 28803 28804 if (wolfSSL_RSA_LoadDer_ex(rsa, *derBuf, (int)derSz, 28805 WOLFSSL_RSA_LOAD_PRIVATE) != WOLFSSL_SUCCESS) { 28806 WOLFSSL_MSG("RSA_LoadDer failed"); 28807 wolfSSL_RSA_free(rsa); 28808 rsa = NULL; 28809 } 28810 if (r != NULL) 28811 *r = rsa; 28812 28813 return rsa; 28814 } 28815 28816 #if !defined(HAVE_FAST_RSA) 28817 /* Converts an internal RSA structure to DER format. 28818 Returns size of DER on success and WOLFSSL_FAILURE if error */ 28819 int wolfSSL_i2d_RSAPrivateKey(WOLFSSL_RSA *rsa, unsigned char **pp) 28820 { 28821 #if defined(WOLFSSL_KEY_GEN) 28822 byte* der = NULL; 28823 int derMax; 28824 int ret; 28825 int i; 28826 28827 WOLFSSL_ENTER("wolfSSL_i2d_RSAPrivateKey"); 28828 28829 /* check for bad functions arguments */ 28830 if ((rsa == NULL) || (pp == NULL)) { 28831 WOLFSSL_MSG("Bad Function Arguments"); 28832 return BAD_FUNC_ARG; 28833 } 28834 28835 if (rsa->inSet == 0) { 28836 if ((ret = SetRsaInternal(rsa)) != WOLFSSL_SUCCESS) { 28837 WOLFSSL_MSG("SetRsaInternal() Failed"); 28838 return ret; 28839 } 28840 } 28841 28842 /* 5 > size of n, d, p, q, d%(p-1), d(q-1), 1/q%p, e + ASN.1 additional 28843 * informations 28844 */ 28845 derMax = 5 * wolfSSL_RSA_size(rsa) + AES_BLOCK_SIZE; 28846 28847 der = (byte*)XMALLOC(derMax, NULL, DYNAMIC_TYPE_TMP_BUFFER); 28848 if (der == NULL) { 28849 WOLFSSL_MSG("Malloc failed"); 28850 return WOLFSSL_FAILURE; 28851 } 28852 28853 /* RSA key to DER */ 28854 if ((ret = wc_RsaKeyToDer((RsaKey *)rsa->internal, der, derMax)) < 0) { 28855 WOLFSSL_MSG("wc_RsaKeyToDer() failed"); 28856 XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); 28857 der = NULL; 28858 return ret; 28859 } 28860 28861 /* ret is the size of the DER buffer */ 28862 for (i = 0; i < ret; i++) { 28863 *(*pp + i) = *(der + i); 28864 } 28865 *pp += ret; 28866 28867 XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); 28868 return ret; /* returns size of DER if successful */ 28869 #else 28870 (void)rsa; 28871 (void)pp; 28872 WOLFSSL_MSG("Error, WOLFSSL_KEY_GEN not defined"); 28873 return WOLFSSL_FAILURE; 28874 #endif /* WOLFSSL_KEY_GEN */ 28875 } 28876 28877 28878 int wolfSSL_i2d_RSAPublicKey(WOLFSSL_RSA *rsa, const unsigned char **pp) 28879 { 28880 byte *der; 28881 int derLen; 28882 int ret; 28883 28884 WOLFSSL_ENTER("i2d_RSAPublicKey"); 28885 if (rsa == NULL) 28886 return WOLFSSL_FATAL_ERROR; 28887 28888 if (rsa->inSet == 0) { 28889 if ((ret = SetRsaInternal(rsa)) != WOLFSSL_SUCCESS) { 28890 WOLFSSL_MSG("SetRsaInternal Failed"); 28891 return ret; 28892 } 28893 } 28894 if ((derLen = RsaPublicKeyDerSize((RsaKey *)rsa->internal, 1)) < 0) 28895 return WOLFSSL_FATAL_ERROR; 28896 der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); 28897 if (der == NULL) { 28898 return WOLFSSL_FATAL_ERROR; 28899 } 28900 if ((ret = wc_RsaKeyToPublicDer((RsaKey *)rsa->internal, der, derLen)) < 0){ 28901 WOLFSSL_MSG("RsaKeyToPublicDer failed"); 28902 if(der != NULL) 28903 XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); 28904 return ret; 28905 } 28906 if ((pp != NULL) && (ret >= 0)) 28907 *pp = der; 28908 else 28909 XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); 28910 28911 return ret; 28912 } 28913 #endif /* #if !defined(HAVE_FAST_RSA) */ 28914 28915 #endif /* !NO_RSA */ 28916 #endif /* OPENSSL_EXTRA */ 28917 28918 #if !defined(NO_RSA) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 22763 28919 /* return WOLFSSL_SUCCESS if success, WOLFSSL_FATAL_ERROR if error */ 22764 28920 int wolfSSL_RSA_LoadDer(WOLFSSL_RSA* rsa, const unsigned char* derBuf, int derSz) 22765 28921 { 28922 return wolfSSL_RSA_LoadDer_ex(rsa, derBuf, derSz, WOLFSSL_RSA_LOAD_PRIVATE); 28923 } 28924 28925 28926 int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA* rsa, const unsigned char* derBuf, 28927 int derSz, int opt) 28928 { 28929 22766 28930 word32 idx = 0; 22767 28931 int ret; … … 22774 28938 } 22775 28939 22776 ret = wc_RsaPrivateKeyDecode(derBuf, &idx, (RsaKey*)rsa->internal, derSz); 28940 if (opt == WOLFSSL_RSA_LOAD_PRIVATE) { 28941 ret = wc_RsaPrivateKeyDecode(derBuf, &idx, (RsaKey*)rsa->internal, derSz); 28942 } 28943 else { 28944 ret = wc_RsaPublicKeyDecode(derBuf, &idx, (RsaKey*)rsa->internal, derSz); 28945 } 28946 22777 28947 if (ret < 0) { 22778 WOLFSSL_MSG("RsaPrivateKeyDecode failed"); 22779 return WOLFSSL_FATAL_ERROR; 28948 if (opt == WOLFSSL_RSA_LOAD_PRIVATE) { 28949 WOLFSSL_MSG("RsaPrivateKeyDecode failed"); 28950 } 28951 else { 28952 WOLFSSL_MSG("RsaPublicKeyDecode failed"); 28953 } 28954 return SSL_FATAL_ERROR; 22780 28955 } 22781 28956 … … 22791 28966 #endif /* NO_RSA */ 22792 28967 22793 28968 #ifdef OPENSSL_EXTRA 22794 28969 #ifndef NO_DSA 22795 28970 /* return WOLFSSL_SUCCESS if success, WOLFSSL_FATAL_ERROR if error */ … … 22810 28985 WOLFSSL_MSG("DsaPrivateKeyDecode failed"); 22811 28986 return WOLFSSL_FATAL_ERROR; 22812 28987 } 22813 28988 22814 28989 if (SetDsaExternal(dsa) != WOLFSSL_SUCCESS) { … … 22825 29000 #ifdef HAVE_ECC 22826 29001 /* return WOLFSSL_SUCCESS if success, WOLFSSL_FATAL_ERROR if error */ 22827 int wolfSSL_EC_KEY_LoadDer(WOLFSSL_EC_KEY* key, 22828 const unsigned char* derBuf, int derSz) 29002 int wolfSSL_EC_KEY_LoadDer(WOLFSSL_EC_KEY* key, const unsigned char* derBuf, 29003 int derSz) 29004 { 29005 return wolfSSL_EC_KEY_LoadDer_ex(key, derBuf, derSz, 29006 WOLFSSL_EC_KEY_LOAD_PRIVATE); 29007 } 29008 29009 int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key, const unsigned char* derBuf, 29010 int derSz, int opt) 22829 29011 { 22830 29012 word32 idx = 0; … … 22838 29020 } 22839 29021 22840 ret = wc_EccPrivateKeyDecode(derBuf, &idx, (ecc_key*)key->internal, derSz); 29022 if (opt == WOLFSSL_EC_KEY_LOAD_PRIVATE) { 29023 ret = wc_EccPrivateKeyDecode(derBuf, &idx, (ecc_key*)key->internal, 29024 derSz); 29025 } 29026 else { 29027 ret = wc_EccPublicKeyDecode(derBuf, &idx, (ecc_key*)key->internal, 29028 derSz); 29029 } 22841 29030 if (ret < 0) { 22842 WOLFSSL_MSG("wc_EccPrivateKeyDecode failed"); 29031 if (opt == WOLFSSL_RSA_LOAD_PRIVATE) { 29032 WOLFSSL_MSG("wc_EccPrivateKeyDecode failed"); 29033 } 29034 else { 29035 WOLFSSL_MSG("wc_EccPublicKeyDecode failed"); 29036 } 22843 29037 return WOLFSSL_FATAL_ERROR; 22844 29038 } … … 22847 29041 WOLFSSL_MSG("SetECKeyExternal failed"); 22848 29042 return WOLFSSL_FATAL_ERROR; 22849 29043 } 22850 29044 22851 29045 key->inSet = 1; … … 22854 29048 } 22855 29049 #endif /* HAVE_ECC */ 29050 22856 29051 22857 29052 #endif /* OPENSSL_EXTRA */ … … 22892 29087 22893 29088 return 0; 22894 }29089 } 22895 29090 22896 29091 … … 22903 29098 22904 29099 return 0; 22905 }29100 } 22906 29101 22907 29102 … … 22941 29136 WOLFSSL_ENTER("wolfSSL_get_chain_X509"); 22942 29137 if (chain != NULL) { 22943 29138 #ifdef WOLFSSL_SMALL_STACK 22944 29139 cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, 22945 29140 DYNAMIC_TYPE_DCERT); 22946 29141 if (cert != NULL) 22947 29142 #endif 22948 29143 { 22949 29144 InitDecodedCert(cert, chain->certs[idx].buffer, … … 22953 29148 WOLFSSL_MSG("Failed to parse cert"); 22954 29149 } 22955 29150 else { 22956 29151 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL, 22957 29152 DYNAMIC_TYPE_X509); 22958 29153 if (x509 == NULL) { 22959 29154 WOLFSSL_MSG("Failed alloc X509"); 22960 29155 } 22961 29156 else { 22962 29157 InitX509(x509, 1, NULL); … … 22964 29159 if ((ret = CopyDecodedToX509(x509, cert)) != 0) { 22965 29160 WOLFSSL_MSG("Failed to copy decoded"); 22966 XFREE(x509, NULL, DYNAMIC_TYPE_X509);29161 wolfSSL_X509_free(x509); 22967 29162 x509 = NULL; 22968 22969 22970 29163 } 29164 } 29165 } 22971 29166 22972 29167 FreeDecodedCert(cert); 22973 29168 #ifdef WOLFSSL_SMALL_STACK 22974 29169 XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); 22975 22976 29170 #endif 29171 } 22977 29172 } 22978 29173 (void)ret; … … 22988 29183 unsigned char* buf, int inLen, int* outLen) 22989 29184 { 22990 const char header[] = "-----BEGIN CERTIFICATE-----\n"; 22991 const char footer[] = "-----END CERTIFICATE-----\n";22992 22993 int headerLen = sizeof(header) - 1;22994 int footerLen = sizeof(footer) - 1;29185 #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) 29186 const char* header = NULL; 29187 const char* footer = NULL; 29188 int headerLen; 29189 int footerLen; 22995 29190 int i; 22996 29191 int err; … … 23000 29195 if (!chain || !outLen || idx < 0 || idx >= wolfSSL_get_chain_count(chain)) 23001 29196 return BAD_FUNC_ARG; 29197 29198 err = wc_PemGetHeaderFooter(CERT_TYPE, &header, &footer); 29199 if (err != 0) 29200 return err; 29201 29202 headerLen = (int)XSTRLEN(header); 29203 footerLen = (int)XSTRLEN(footer); 23002 29204 23003 29205 /* Null output buffer return size needed in outLen */ … … 23005 29207 if(Base64_Encode(chain->certs[idx].buffer, chain->certs[idx].length, 23006 29208 NULL, &szNeeded) != LENGTH_ONLY_E) 23007 29209 return WOLFSSL_FAILURE; 23008 29210 *outLen = szNeeded + headerLen + footerLen; 23009 29211 return LENGTH_ONLY_E; … … 23035 29237 23036 29238 return WOLFSSL_SUCCESS; 29239 #else 29240 (void)chain; 29241 (void)idx; 29242 (void)buf; 29243 (void)inLen; 29244 (void)outLen; 29245 return WOLFSSL_FAILURE; 29246 #endif /* WOLFSSL_PEM_TO_DER || WOLFSSL_DER_TO_PEM */ 23037 29247 } 23038 29248 … … 23046 29256 23047 29257 return NULL; 23048 }29258 } 23049 29259 23050 29260 … … 23057 29267 ssl->fuzzerCb = cbf; 23058 29268 ssl->fuzzerCtx = fCtx; 23059 }23060 }29269 } 29270 } 23061 29271 #endif 23062 29272 … … 23065 29275 23066 29276 #ifdef HAVE_ECC 29277 void wolfSSL_CTX_SetEccKeyGenCb(WOLFSSL_CTX* ctx, CallbackEccKeyGen cb) 29278 { 29279 if (ctx) 29280 ctx->EccKeyGenCb = cb; 29281 } 29282 void wolfSSL_SetEccKeyGenCtx(WOLFSSL* ssl, void *ctx) 29283 { 29284 if (ssl) 29285 ssl->EccKeyGenCtx = ctx; 29286 } 29287 void* wolfSSL_GetEccKeyGenCtx(WOLFSSL* ssl) 29288 { 29289 if (ssl) 29290 return ssl->EccKeyGenCtx; 29291 29292 return NULL; 29293 } 23067 29294 23068 29295 void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb) … … 23070 29297 if (ctx) 23071 29298 ctx->EccSignCb = cb; 23072 } 23073 23074 29299 } 23075 29300 void wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx) 23076 29301 { 23077 29302 if (ssl) 23078 29303 ssl->EccSignCtx = ctx; 23079 } 23080 23081 29304 } 23082 29305 void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl) 23083 29306 { … … 23086 29309 23087 29310 return NULL; 23088 } 23089 29311 } 23090 29312 23091 29313 void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX* ctx, CallbackEccVerify cb) … … 23093 29315 if (ctx) 23094 29316 ctx->EccVerifyCb = cb; 23095 } 23096 23097 29317 } 23098 29318 void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx) 23099 29319 { 23100 29320 if (ssl) 23101 29321 ssl->EccVerifyCtx = ctx; 23102 } 23103 23104 29322 } 23105 29323 void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl) 23106 29324 { … … 23115 29333 if (ctx) 23116 29334 ctx->EccSharedSecretCb = cb; 23117 } 23118 29335 } 23119 29336 void wolfSSL_SetEccSharedSecretCtx(WOLFSSL* ssl, void *ctx) 23120 29337 { 23121 29338 if (ssl) 23122 29339 ssl->EccSharedSecretCtx = ctx; 23123 } 23124 23125 29340 } 23126 29341 void* wolfSSL_GetEccSharedSecretCtx(WOLFSSL* ssl) 23127 29342 { … … 23130 29345 23131 29346 return NULL; 23132 }29347 } 23133 29348 #endif /* HAVE_ECC */ 23134 29349 … … 23139 29354 ctx->Ed25519SignCb = cb; 23140 29355 } 23141 23142 23143 29356 void wolfSSL_SetEd25519SignCtx(WOLFSSL* ssl, void *ctx) 23144 29357 { … … 23146 29359 ssl->Ed25519SignCtx = ctx; 23147 29360 } 23148 23149 23150 29361 void* wolfSSL_GetEd25519SignCtx(WOLFSSL* ssl) 23151 29362 { … … 23154 29365 23155 29366 return NULL; 23156 } 23157 29367 } 23158 29368 23159 29369 void wolfSSL_CTX_SetEd25519VerifyCb(WOLFSSL_CTX* ctx, CallbackEd25519Verify cb) … … 23161 29371 if (ctx) 23162 29372 ctx->Ed25519VerifyCb = cb; 23163 } 23164 23165 29373 } 23166 29374 void wolfSSL_SetEd25519VerifyCtx(WOLFSSL* ssl, void *ctx) 23167 29375 { 23168 29376 if (ssl) 23169 29377 ssl->Ed25519VerifyCtx = ctx; 23170 } 23171 23172 29378 } 23173 29379 void* wolfSSL_GetEd25519VerifyCtx(WOLFSSL* ssl) 23174 29380 { … … 23177 29383 23178 29384 return NULL; 23179 }23180 #endif 29385 } 29386 #endif /* HAVE_ED25519 */ 23181 29387 23182 29388 #ifdef HAVE_CURVE25519 29389 void wolfSSL_CTX_SetX25519KeyGenCb(WOLFSSL_CTX* ctx, 29390 CallbackX25519KeyGen cb) 29391 { 29392 if (ctx) 29393 ctx->X25519KeyGenCb = cb; 29394 } 29395 void wolfSSL_SetX25519KeyGenCtx(WOLFSSL* ssl, void *ctx) 29396 { 29397 if (ssl) 29398 ssl->X25519KeyGenCtx = ctx; 29399 } 29400 void* wolfSSL_GetX25519KeyGenCtx(WOLFSSL* ssl) 29401 { 29402 if (ssl) 29403 return ssl->X25519KeyGenCtx; 29404 29405 return NULL; 29406 } 29407 23183 29408 void wolfSSL_CTX_SetX25519SharedSecretCb(WOLFSSL_CTX* ctx, 23184 29409 CallbackX25519SharedSecret cb) … … 23187 29412 ctx->X25519SharedSecretCb = cb; 23188 29413 } 23189 23190 29414 void wolfSSL_SetX25519SharedSecretCtx(WOLFSSL* ssl, void *ctx) 23191 29415 { … … 23193 29417 ssl->X25519SharedSecretCtx = ctx; 23194 29418 } 23195 23196 23197 29419 void* wolfSSL_GetX25519SharedSecretCtx(WOLFSSL* ssl) 23198 29420 { … … 23201 29423 23202 29424 return NULL; 23203 }23204 #endif 29425 } 29426 #endif /* HAVE_CURVE25519 */ 23205 29427 23206 29428 #ifndef NO_RSA 23207 23208 29429 void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX* ctx, CallbackRsaSign cb) 23209 29430 { … … 23211 29432 ctx->RsaSignCb = cb; 23212 29433 } 23213 23214 29434 void wolfSSL_CTX_SetRsaSignCheckCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb) 29435 { 29436 if (ctx) 29437 ctx->RsaSignCheckCb = cb; 29438 } 23215 29439 void wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx) 23216 29440 { 23217 29441 if (ssl) 23218 29442 ssl->RsaSignCtx = ctx; 23219 } 23220 23221 29443 } 23222 29444 void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl) 23223 29445 { … … 23226 29448 23227 29449 return NULL; 23228 }29450 } 23229 29451 23230 29452 … … 23234 29456 ctx->RsaVerifyCb = cb; 23235 29457 } 23236 23237 23238 29458 void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx) 23239 29459 { 23240 29460 if (ssl) 23241 29461 ssl->RsaVerifyCtx = ctx; 23242 } 23243 23244 29462 } 23245 29463 void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl) 23246 29464 { … … 23249 29467 23250 29468 return NULL; 23251 }29469 } 23252 29470 23253 29471 #ifdef WC_RSA_PSS … … 23256 29474 if (ctx) 23257 29475 ctx->RsaPssSignCb = cb; 23258 } 23259 23260 29476 } 29477 void wolfSSL_CTX_SetRsaPssSignCheckCb(WOLFSSL_CTX* ctx, CallbackRsaPssVerify cb) 29478 { 29479 if (ctx) 29480 ctx->RsaPssSignCheckCb = cb; 29481 } 23261 29482 void wolfSSL_SetRsaPssSignCtx(WOLFSSL* ssl, void *ctx) 23262 29483 { 23263 29484 if (ssl) 23264 29485 ssl->RsaPssSignCtx = ctx; 23265 } 23266 23267 29486 } 23268 29487 void* wolfSSL_GetRsaPssSignCtx(WOLFSSL* ssl) 23269 29488 { … … 23274 29493 } 23275 29494 23276 23277 29495 void wolfSSL_CTX_SetRsaPssVerifyCb(WOLFSSL_CTX* ctx, CallbackRsaPssVerify cb) 23278 29496 { 23279 29497 if (ctx) 23280 29498 ctx->RsaPssVerifyCb = cb; 23281 } 23282 23283 29499 } 23284 29500 void wolfSSL_SetRsaPssVerifyCtx(WOLFSSL* ssl, void *ctx) 23285 29501 { 23286 29502 if (ssl) 23287 29503 ssl->RsaPssVerifyCtx = ctx; 23288 } 23289 23290 29504 } 23291 29505 void* wolfSSL_GetRsaPssVerifyCtx(WOLFSSL* ssl) 23292 29506 { … … 23295 29509 23296 29510 return NULL; 23297 }23298 #endif 29511 } 29512 #endif /* WC_RSA_PSS */ 23299 29513 23300 29514 void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX* ctx, CallbackRsaEnc cb) … … 23302 29516 if (ctx) 23303 29517 ctx->RsaEncCb = cb; 23304 } 23305 23306 29518 } 23307 29519 void wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx) 23308 29520 { 23309 29521 if (ssl) 23310 29522 ssl->RsaEncCtx = ctx; 23311 } 23312 23313 29523 } 23314 29524 void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl) 23315 29525 { … … 23318 29528 23319 29529 return NULL; 23320 }29530 } 23321 29531 23322 29532 void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX* ctx, CallbackRsaDec cb) … … 23325 29535 ctx->RsaDecCb = cb; 23326 29536 } 23327 23328 23329 29537 void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx) 23330 29538 { … … 23332 29540 ssl->RsaDecCtx = ctx; 23333 29541 } 23334 23335 23336 29542 void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl) 23337 29543 { … … 23339 29545 return ssl->RsaDecCtx; 23340 29546 23341 return NULL; 23342 } 23343 23344 29547 return NULL; 29548 } 23345 29549 #endif /* NO_RSA */ 23346 29550 23347 29551 #endif /* HAVE_PK_CALLBACKS */ 23348 29552 #endif /* NO_CERTS */ 29553 29554 #if defined(HAVE_PK_CALLBACKS) && !defined(NO_DH) 29555 void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX* ctx, CallbackDhAgree cb) 29556 { 29557 if (ctx) 29558 ctx->DhAgreeCb = cb; 29559 } 29560 void wolfSSL_SetDhAgreeCtx(WOLFSSL* ssl, void *ctx) 29561 { 29562 if (ssl) 29563 ssl->DhAgreeCtx = ctx; 29564 } 29565 void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl) 29566 { 29567 if (ssl) 29568 return ssl->DhAgreeCtx; 29569 29570 return NULL; 29571 } 29572 #endif /* HAVE_PK_CALLBACKS && !NO_DH */ 23349 29573 23350 29574 … … 23364 29588 23365 29589 #ifndef NO_CERTS 29590 void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name){ 29591 WOLFSSL_ENTER("wolfSSL_X509_NAME_free"); 29592 FreeX509Name(name, NULL); 29593 XFREE(name, NULL, DYNAMIC_TYPE_X509); 29594 } 29595 29596 29597 /* Malloc's a new WOLFSSL_X509_NAME structure 29598 * 29599 * returns NULL on failure, otherwise returns a new structure. 29600 */ 29601 WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void) 29602 { 29603 WOLFSSL_X509_NAME* name; 29604 29605 WOLFSSL_ENTER("wolfSSL_X509_NAME_new"); 29606 29607 name = (WOLFSSL_X509_NAME*)XMALLOC(sizeof(WOLFSSL_X509_NAME), NULL, 29608 DYNAMIC_TYPE_X509); 29609 if (name != NULL) { 29610 InitX509Name(name, 1); 29611 } 29612 return name; 29613 } 29614 29615 29616 #if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) 29617 /* needed SetName function from asn.c is wrapped by NO_RSA */ 29618 /* helper function for CopyX509NameToCertName() 29619 * 29620 * returns WOLFSSL_SUCCESS on success 29621 */ 29622 static int CopyX509NameEntry(char* out, int mx, char* in, int inLen) 29623 { 29624 if (inLen > mx) { 29625 WOLFSSL_MSG("Name too long"); 29626 XMEMCPY(out, in, mx); 29627 } 29628 else { 29629 XMEMCPY(out, in, inLen); 29630 out[inLen] = '\0'; 29631 } 29632 29633 /* make sure is null terminated */ 29634 out[mx-1] = '\0'; 29635 29636 return WOLFSSL_SUCCESS; 29637 } 29638 29639 29640 /* Helper function to copy cert name from a WOLFSSL_X509_NAME structure to 29641 * a CertName structure. 29642 * 29643 * returns WOLFSSL_SUCCESS on success and a negative error value on failure 29644 */ 29645 static int CopyX509NameToCertName(WOLFSSL_X509_NAME* n, CertName* cName) 29646 { 29647 DecodedName* dn = NULL; 29648 29649 if (n == NULL || cName == NULL) { 29650 return BAD_FUNC_ARG; 29651 } 29652 29653 dn = &(n->fullName); 29654 29655 /* initialize cert name */ 29656 cName->country[0] = '\0'; 29657 cName->countryEnc = CTC_PRINTABLE; 29658 cName->state[0] = '\0'; 29659 cName->stateEnc = CTC_UTF8; 29660 cName->locality[0] = '\0'; 29661 cName->localityEnc = CTC_UTF8; 29662 cName->sur[0] = '\0'; 29663 cName->surEnc = CTC_UTF8; 29664 cName->org[0] = '\0'; 29665 cName->orgEnc = CTC_UTF8; 29666 cName->unit[0] = '\0'; 29667 cName->unitEnc = CTC_UTF8; 29668 cName->commonName[0] = '\0'; 29669 cName->commonNameEnc = CTC_UTF8; 29670 cName->serialDev[0] = '\0'; 29671 cName->serialDevEnc = CTC_PRINTABLE; 29672 #ifdef WOLFSSL_CERT_EXT 29673 cName->busCat[0] = '\0'; 29674 cName->busCatEnc = CTC_UTF8; 29675 cName->serialDev[0] = '\0'; 29676 cName->serialDevEnc = CTC_PRINTABLE; 29677 cName->joiC[0] = '\0'; 29678 cName->joiCEnc = CTC_PRINTABLE; 29679 cName->joiSt[0] = '\0'; 29680 cName->joiStEnc = CTC_PRINTABLE; 29681 #endif 29682 cName->email[0] = '\0'; 29683 29684 29685 /* ASN_COUNTRY_NAME */ 29686 WOLFSSL_MSG("Copy Country Name"); 29687 if (CopyX509NameEntry(cName->country, CTC_NAME_SIZE, dn->fullName + dn->cIdx, 29688 dn->cLen) != SSL_SUCCESS) { 29689 return BUFFER_E; 29690 } 29691 29692 /* ASN_ORGUNIT_NAME */ 29693 WOLFSSL_MSG("Copy Org Unit Name"); 29694 if (CopyX509NameEntry(cName->unit, CTC_NAME_SIZE, dn->fullName + dn->ouIdx, 29695 dn->ouLen) != SSL_SUCCESS) { 29696 return BUFFER_E; 29697 } 29698 29699 /* ASN_ORG_NAME */ 29700 WOLFSSL_MSG("Copy Org Name"); 29701 if (CopyX509NameEntry(cName->org, CTC_NAME_SIZE, dn->fullName + dn->oIdx, 29702 dn->oLen) != SSL_SUCCESS) { 29703 return BUFFER_E; 29704 } 29705 29706 /* ASN_STATE_NAME */ 29707 WOLFSSL_MSG("Copy State Name"); 29708 if (CopyX509NameEntry(cName->state, CTC_NAME_SIZE, dn->fullName + dn->stIdx, 29709 dn->stLen) != SSL_SUCCESS) { 29710 return BUFFER_E; 29711 } 29712 29713 /* ASN_LOCALITY_NAME */ 29714 WOLFSSL_MSG("Copy Locality Name"); 29715 if (CopyX509NameEntry(cName->locality, CTC_NAME_SIZE, 29716 dn->fullName + dn->lIdx, dn->lLen) 29717 != SSL_SUCCESS) { 29718 return BUFFER_E; 29719 } 29720 29721 /* ASN_SUR_NAME */ 29722 WOLFSSL_MSG("Copy Sur Name"); 29723 if (CopyX509NameEntry(cName->sur, CTC_NAME_SIZE, dn->fullName + dn->snIdx, 29724 dn->snLen) != SSL_SUCCESS) { 29725 return BUFFER_E; 29726 } 29727 29728 /* ASN_COMMON_NAME */ 29729 WOLFSSL_MSG("Copy Common Name"); 29730 if (CopyX509NameEntry(cName->commonName, CTC_NAME_SIZE, 29731 dn->fullName + dn->cnIdx, dn->cnLen) 29732 != SSL_SUCCESS) { 29733 return BUFFER_E; 29734 } 29735 29736 /* ASN_SERIAL_NUMBER */ 29737 WOLFSSL_MSG("Copy Serial Number of Device"); 29738 if (CopyX509NameEntry(cName->serialDev, CTC_NAME_SIZE, 29739 dn->fullName + dn->serialIdx, dn->serialLen) 29740 != SSL_SUCCESS) { 29741 return BUFFER_E; 29742 } 29743 29744 #ifdef WOLFSSL_CERT_EXT 29745 /* ASN_BUS_CAT */ 29746 WOLFSSL_MSG("Copy Business Category"); 29747 if (CopyX509NameEntry(cName->busCat, CTC_NAME_SIZE, 29748 dn->fullName + dn->bcIdx, dn->bcLen) 29749 != SSL_SUCCESS) { 29750 return BUFFER_E; 29751 } 29752 29753 /* JoI Country */ 29754 WOLFSSL_MSG("Copy Jurisdiction of Incorporation Country"); 29755 if (CopyX509NameEntry(cName->joiC, CTC_NAME_SIZE, 29756 dn->fullName + dn->jcIdx, dn->jcLen) 29757 != SSL_SUCCESS) { 29758 return BUFFER_E; 29759 } 29760 29761 /* JoI State */ 29762 WOLFSSL_MSG("Copy Jurisdiction of Incorporation State"); 29763 if (CopyX509NameEntry(cName->joiSt, CTC_NAME_SIZE, 29764 dn->fullName + dn->jsIdx, dn->jsLen) 29765 != SSL_SUCCESS) { 29766 return BUFFER_E; 29767 } 29768 #endif 29769 29770 WOLFSSL_MSG("Copy Email"); 29771 if (CopyX509NameEntry(cName->email, CTC_NAME_SIZE, 29772 dn->fullName + dn->emailIdx, dn->emailLen) 29773 != SSL_SUCCESS) { 29774 return BUFFER_E; 29775 } 29776 29777 return WOLFSSL_SUCCESS; 29778 } 29779 29780 29781 /* Converts the x509 name structure into DER format. 29782 * 29783 * out pointer to either a pre setup buffer or a pointer to null for 29784 * creating a dynamic buffer. In the case that a pre-existing buffer is 29785 * used out will be incremented the size of the DER buffer on success. 29786 * 29787 * returns the size of the buffer on success, or negative value with failure 29788 */ 29789 int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) 29790 { 29791 CertName cName; 29792 unsigned char buf[256]; /* ASN_MAX_NAME */ 29793 int sz; 29794 29795 if (out == NULL || name == NULL) { 29796 return BAD_FUNC_ARG; 29797 } 29798 29799 if (CopyX509NameToCertName(name, &cName) != SSL_SUCCESS) { 29800 WOLFSSL_MSG("Error converting x509 name to internal CertName"); 29801 return SSL_FATAL_ERROR; 29802 } 29803 29804 sz = SetName(buf, sizeof(buf), &cName); 29805 if (sz < 0) { 29806 return sz; 29807 } 29808 29809 /* using buffer passed in */ 29810 if (*out != NULL) { 29811 XMEMCPY(*out, buf, sz); 29812 *out += sz; 29813 } 29814 else { 29815 *out = (unsigned char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_OPENSSL); 29816 if (*out == NULL) { 29817 return MEMORY_E; 29818 } 29819 XMEMCPY(*out, buf, sz); 29820 } 29821 29822 return sz; 29823 } 29824 #endif /* WOLFSSL_CERT_GEN */ 29825 29826 29827 /* Compares the two X509 names. If the size of x is larger then y then a 29828 * positive value is returned if x is smaller a negative value is returned. 29829 * In the case that the sizes are equal a the value of memcmp between the 29830 * two names is returned. 29831 * 29832 * x First name for comparison 29833 * y Second name to compare with x 29834 */ 29835 int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x, 29836 const WOLFSSL_X509_NAME* y) 29837 { 29838 WOLFSSL_STUB("wolfSSL_X509_NAME_cmp"); 29839 29840 if (x == NULL || y == NULL) { 29841 WOLFSSL_MSG("Bad argument passed in"); 29842 return -2; 29843 } 29844 29845 if ((x->sz - y->sz) != 0) { 29846 return x->sz - y->sz; 29847 } 29848 else { 29849 return XMEMCMP(x->name, y->name, x->sz); /* y sz is the same */ 29850 } 29851 } 29852 29853 23366 29854 WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, 23367 29855 pem_password_cb *cb, void *u) 23368 29856 { 23369 29857 WOLFSSL_X509* x509 = NULL; 29858 #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) 23370 29859 unsigned char* pem = NULL; 23371 29860 int pemSz; 23372 29861 long i = 0, l; 29862 const char* footer = NULL; 23373 29863 23374 29864 WOLFSSL_ENTER("wolfSSL_PEM_read_bio_X509"); … … 23377 29867 WOLFSSL_LEAVE("wolfSSL_PEM_read_bio_X509", BAD_FUNC_ARG); 23378 29868 return NULL; 23379 23380 23381 if (bp->type == BIO_MEMORY) {29869 } 29870 29871 if (bp->type == WOLFSSL_BIO_MEMORY) { 23382 29872 l = (long)wolfSSL_BIO_ctrl_pending(bp); 23383 29873 if (l <= 0) { … … 23385 29875 return NULL; 23386 29876 } 23387 23388 else if (bp->type == BIO_FILE) {29877 } 29878 else if (bp->type == WOLFSSL_BIO_FILE) { 23389 29879 #ifndef NO_FILESYSTEM 23390 29880 /* Read in next certificate from file but no more. */ … … 23392 29882 if (i < 0) 23393 29883 return NULL; 23394 XFSEEK(bp->file, 0, SEEK_END); 29884 if (XFSEEK(bp->file, 0, XSEEK_END) != 0) 29885 return NULL; 23395 29886 l = XFTELL(bp->file); 23396 29887 if (l < 0) 23397 29888 return NULL; 23398 XFSEEK(bp->file, i, SEEK_SET); 29889 if (XFSEEK(bp->file, i, SEEK_SET) != 0) 29890 return NULL; 29891 29892 /* check calculated length */ 29893 if (l - i < 0) 29894 return NULL; 29895 29896 l -= i; 23399 29897 #else 23400 29898 WOLFSSL_MSG("Unable to read file with NO_FILESYSTEM defined"); 23401 29899 return NULL; 23402 #endif 23403 29900 #endif /* !NO_FILESYSTEM */ 29901 } 23404 29902 else 23405 29903 return NULL; 23406 29904 23407 /* check calulated length */ 23408 if (l - i < 0) 23409 return NULL; 23410 pem = (unsigned char*)XMALLOC(l - i, 0, DYNAMIC_TYPE_PEM); 29905 pem = (unsigned char*)XMALLOC(l, 0, DYNAMIC_TYPE_PEM); 23411 29906 if (pem == NULL) 23412 29907 return NULL; 23413 29908 23414 29909 i = 0; 29910 if (wc_PemGetHeaderFooter(CERT_TYPE, NULL, &footer) != 0) { 29911 XFREE(pem, 0, DYNAMIC_TYPE_PEM); 29912 return NULL; 29913 } 29914 23415 29915 /* TODO: Inefficient 23416 * reading in one byte at a time until see END_CERT29916 * reading in one byte at a time until see "END CERTIFICATE" 23417 29917 */ 23418 29918 while ((l = wolfSSL_BIO_read(bp, (char *)&pem[i], 1)) == 1) { 23419 29919 i++; 23420 if (i > 26 && XMEMCMP((char *)&pem[i-26], END_CERT, 25) == 0) {29920 if (i > 26 && XMEMCMP((char *)&pem[i-26], footer, 25) == 0) { 23421 29921 if (pem[i-1] == '\r') { 23422 29922 /* found \r , Windows line ending is \r\n so try to read one 23423 * more byte for \n */23424 wolfSSL_BIO_read(bp, (char *)&pem[i++], 1);29923 * more byte for \n, ignoring return value */ 29924 (void)wolfSSL_BIO_read(bp, (char *)&pem[i++], 1); 23425 29925 } 23426 29926 break; 23427 29927 } 23428 23429 #if def WOLFSSL_NGINX29928 } 29929 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 23430 29930 if (l == 0) 23431 WOLFSSL_ERROR( SSL_NO_PEM_HEADER);29931 WOLFSSL_ERROR(ASN_NO_PEM_HEADER); 23432 29932 #endif 23433 29933 pemSz = (int)i; … … 23441 29941 XFREE(pem, NULL, DYNAMIC_TYPE_PEM); 23442 29942 29943 #endif /* WOLFSSL_PEM_TO_DER || WOLFSSL_DER_TO_PEM */ 29944 (void)bp; 29945 (void)x; 23443 29946 (void)cb; 23444 29947 (void)u; … … 23447 29950 } 23448 29951 29952 #if defined(HAVE_CRL) && !defined(NO_FILESYSTEM) 29953 static void* wolfSSL_PEM_read_X509_ex(XFILE fp, void **x, 29954 pem_password_cb *cb, void *u, int type) 29955 { 29956 unsigned char* pem = NULL; 29957 int pemSz; 29958 long i = 0, l; 29959 void *newx509; 29960 29961 WOLFSSL_ENTER("wolfSSL_PEM_read_X509"); 29962 29963 if (fp == XBADFILE) { 29964 WOLFSSL_LEAVE("wolfSSL_PEM_read_X509", BAD_FUNC_ARG); 29965 return NULL; 29966 } 29967 /* Read cert from file */ 29968 i = XFTELL(fp); 29969 if (i < 0) { 29970 WOLFSSL_LEAVE("wolfSSL_PEM_read_X509", BAD_FUNC_ARG); 29971 return NULL; 29972 } 29973 29974 if (XFSEEK(fp, 0, XSEEK_END) != 0) 29975 return NULL; 29976 l = XFTELL(fp); 29977 if (l < 0) 29978 return NULL; 29979 if (XFSEEK(fp, i, SEEK_SET) != 0) 29980 return NULL; 29981 pemSz = (int)(l - i); 29982 /* check calculated length */ 29983 if (pemSz < 0) 29984 return NULL; 29985 if((pem = (unsigned char*)XMALLOC(pemSz, 0, DYNAMIC_TYPE_PEM)) == NULL) 29986 return NULL; 29987 29988 if((int)XFREAD((char *)pem, 1, pemSz, fp) != pemSz) 29989 goto err_exit; 29990 29991 switch(type){ 29992 case CERT_TYPE: 29993 newx509 = (void *)wolfSSL_X509_load_certificate_buffer(pem, pemSz, 29994 WOLFSSL_FILETYPE_PEM); 29995 break; 29996 #ifdef HAVE_CRL 29997 case CRL_TYPE: 29998 { 29999 int derSz; 30000 DerBuffer* der = NULL; 30001 if((PemToDer(pem, pemSz, CRL_TYPE, &der, NULL, NULL, NULL)) < 0) 30002 goto err_exit; 30003 derSz = der->length; 30004 if((newx509 = (void *)wolfSSL_d2i_X509_CRL( 30005 (WOLFSSL_X509_CRL **)x, (const unsigned char *)der->buffer, derSz)) == NULL) 30006 goto err_exit; 30007 FreeDer(&der); 30008 break; 30009 } 30010 #endif 30011 30012 default: 30013 goto err_exit; 30014 } 30015 if (x != NULL) { 30016 *x = newx509; 30017 } 30018 XFREE(pem, 0, DYNAMIC_TYPE_PEM); 30019 return newx509; 30020 30021 err_exit: 30022 if(pem != NULL) 30023 XFREE(pem, 0, DYNAMIC_TYPE_PEM); 30024 return NULL; 30025 30026 (void)cb; 30027 (void)u; 30028 30029 } 30030 30031 WOLFSSL_API WOLFSSL_X509* wolfSSL_PEM_read_X509(XFILE fp, WOLFSSL_X509 **x, 30032 pem_password_cb *cb, void *u) 30033 { 30034 return (WOLFSSL_X509* )wolfSSL_PEM_read_X509_ex(fp, (void **)x, cb, u, CERT_TYPE); 30035 } 30036 30037 #if defined(HAVE_CRL) 30038 WOLFSSL_API WOLFSSL_X509_CRL* wolfSSL_PEM_read_X509_CRL(XFILE fp, WOLFSSL_X509_CRL **crl, 30039 pem_password_cb *cb, void *u) 30040 { 30041 return (WOLFSSL_X509_CRL* )wolfSSL_PEM_read_X509_ex(fp, (void **)crl, cb, u, CRL_TYPE); 30042 } 30043 #endif 30044 30045 int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509* x) 30046 { 30047 int ret; 30048 WOLFSSL_BIO* bio; 30049 30050 if (x == NULL) 30051 return 0; 30052 30053 bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file()); 30054 if (bio == NULL) 30055 return 0; 30056 30057 if (wolfSSL_BIO_set_fp(bio, fp, BIO_NOCLOSE) != WOLFSSL_SUCCESS) { 30058 wolfSSL_BIO_free(bio); 30059 bio = NULL; 30060 } 30061 30062 ret = wolfSSL_PEM_write_bio_X509(bio, x); 30063 30064 if (bio != NULL) 30065 wolfSSL_BIO_free(bio); 30066 30067 return ret; 30068 } 30069 #endif 30070 30071 #define PEM_BEGIN "-----BEGIN " 30072 #define PEM_BEGIN_SZ 11 30073 #define PEM_END "-----END " 30074 #define PEM_END_SZ 9 30075 #define PEM_HDR_FIN "-----" 30076 #define PEM_HDR_FIN_SZ 5 30077 #define PEM_HDR_FIN_EOL "-----\n" 30078 #define PEM_HDR_FIN_EOL_SZ 6 30079 30080 int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header, 30081 unsigned char **data, long *len) 30082 { 30083 int ret = WOLFSSL_SUCCESS; 30084 char pem[256]; 30085 int pemLen; 30086 char* p; 30087 char* nameStr = NULL; 30088 int nameLen = 0; 30089 char* headerStr = NULL; 30090 int headerLen; 30091 int headerFound = 0; 30092 unsigned char* der = NULL; 30093 word32 derLen; 30094 30095 if (bio == NULL || name == NULL || header == NULL || data == NULL || 30096 len == NULL) { 30097 return WOLFSSL_FAILURE; 30098 } 30099 30100 /* Find header line. */ 30101 pem[sizeof(pem) - 1] = '\0'; 30102 while ((pemLen = wolfSSL_BIO_gets(bio, pem, sizeof(pem) - 1)) > 0) { 30103 if (XSTRNCMP(pem, PEM_BEGIN, PEM_BEGIN_SZ) == 0) 30104 break; 30105 } 30106 if (pemLen <= 0) 30107 ret = WOLFSSL_FAILURE; 30108 /* Have a header line. */ 30109 if (ret == WOLFSSL_SUCCESS) { 30110 while (pem[pemLen - 1] == '\r' || pem[pemLen - 1] == '\n') 30111 pemLen--; 30112 pem[pemLen] = '\0'; 30113 if (XSTRNCMP(pem + pemLen - PEM_HDR_FIN_SZ, PEM_HDR_FIN, 30114 PEM_HDR_FIN_SZ) != 0) { 30115 ret = WOLFSSL_FAILURE; 30116 } 30117 } 30118 30119 /* Get out name. */ 30120 if (ret == WOLFSSL_SUCCESS) { 30121 nameLen = pemLen - PEM_BEGIN_SZ - PEM_HDR_FIN_SZ; 30122 nameStr = (char*)XMALLOC(nameLen + 1, NULL, 30123 DYNAMIC_TYPE_TMP_BUFFER); 30124 if (nameStr == NULL) 30125 ret = WOLFSSL_FAILURE; 30126 } 30127 if (ret == WOLFSSL_SUCCESS) { 30128 XSTRNCPY(nameStr, pem + PEM_BEGIN_SZ, nameLen); 30129 nameStr[nameLen] = '\0'; 30130 } 30131 30132 /* Get header of PEM - encryption header. */ 30133 if (ret == WOLFSSL_SUCCESS) { 30134 headerLen = 0; 30135 while ((pemLen = wolfSSL_BIO_gets(bio, pem, sizeof(pem) - 1)) > 0) { 30136 while (pemLen > 0 && (pem[pemLen - 1] == '\r' || 30137 pem[pemLen - 1] == '\n')) { 30138 pemLen--; 30139 } 30140 pem[pemLen++] = '\n'; 30141 pem[pemLen] = '\0'; 30142 30143 /* Header separator is a blank line. */ 30144 if (pem[0] == '\n') { 30145 headerFound = 1; 30146 break; 30147 } 30148 30149 /* Didn't find a blank line - no header. */ 30150 if (XSTRNCMP(pem, PEM_END, PEM_END_SZ) == 0) { 30151 der = (unsigned char*)headerStr; 30152 derLen = headerLen; 30153 /* Empty header - empty string. */ 30154 headerStr = (char*)XMALLOC(1, NULL, 30155 DYNAMIC_TYPE_TMP_BUFFER); 30156 if (headerStr == NULL) 30157 ret = WOLFSSL_FAILURE; 30158 else 30159 headerStr[0] = '\0'; 30160 break; 30161 } 30162 30163 p = (char*)XREALLOC(headerStr, headerLen + pemLen + 1, NULL, 30164 DYNAMIC_TYPE_TMP_BUFFER); 30165 if (p == NULL) { 30166 ret = WOLFSSL_FAILURE; 30167 break; 30168 } 30169 30170 headerStr = p; 30171 XMEMCPY(headerStr + headerLen, pem, pemLen + 1); 30172 headerLen += pemLen; 30173 } 30174 if (pemLen <= 0) 30175 ret = WOLFSSL_FAILURE; 30176 } 30177 30178 /* Get body of PEM - if there was a header */ 30179 if (ret == WOLFSSL_SUCCESS && headerFound) { 30180 derLen = 0; 30181 while ((pemLen = wolfSSL_BIO_gets(bio, pem, sizeof(pem) - 1)) > 0) { 30182 while (pemLen > 0 && (pem[pemLen - 1] == '\r' || 30183 pem[pemLen - 1] == '\n')) { 30184 pemLen--; 30185 } 30186 pem[pemLen++] = '\n'; 30187 pem[pemLen] = '\0'; 30188 30189 if (XSTRNCMP(pem, PEM_END, PEM_END_SZ) == 0) 30190 break; 30191 30192 p = (char*)XREALLOC(der, derLen + pemLen + 1, NULL, 30193 DYNAMIC_TYPE_TMP_BUFFER); 30194 if (p == NULL) { 30195 ret = WOLFSSL_FAILURE; 30196 break; 30197 } 30198 30199 der = (unsigned char*)p; 30200 XMEMCPY(der + derLen, pem, pemLen + 1); 30201 derLen += pemLen; 30202 } 30203 if (pemLen <= 0) 30204 ret = WOLFSSL_FAILURE; 30205 } 30206 30207 /* Check trailer. */ 30208 if (ret == WOLFSSL_SUCCESS) { 30209 if (XSTRNCMP(pem + PEM_END_SZ, nameStr, nameLen) != 0) 30210 ret = WOLFSSL_FAILURE; 30211 } 30212 if (ret == WOLFSSL_SUCCESS) { 30213 if (XSTRNCMP(pem + PEM_END_SZ + nameLen, PEM_HDR_FIN_EOL, 30214 PEM_HDR_FIN_EOL_SZ) != 0) { 30215 ret = WOLFSSL_FAILURE; 30216 } 30217 } 30218 30219 /* Base64 decode body. */ 30220 if (ret == WOLFSSL_SUCCESS) { 30221 if (Base64_Decode(der, derLen, der, &derLen) != 0) 30222 ret = WOLFSSL_FAILURE; 30223 } 30224 30225 if (ret == WOLFSSL_SUCCESS) { 30226 *name = nameStr; 30227 *header = headerStr; 30228 *data = der; 30229 *len = derLen; 30230 nameStr = NULL; 30231 headerStr = NULL; 30232 der = NULL; 30233 } 30234 30235 if (nameStr != NULL) 30236 XFREE(nameStr, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30237 if (headerStr != NULL) 30238 XFREE(headerStr, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30239 if (der != NULL) 30240 XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30241 30242 return ret; 30243 } 30244 30245 int wolfSSL_PEM_write_bio(WOLFSSL_BIO* bio, const char *name, 30246 const char *header, const unsigned char *data, 30247 long len) 30248 { 30249 int err = 0; 30250 int outSz = 0; 30251 int nameLen; 30252 int headerLen; 30253 byte* pem = NULL; 30254 word32 pemLen; 30255 word32 derLen = (word32)len; 30256 30257 if (bio == NULL || name == NULL || header == NULL || data == NULL) 30258 return 0; 30259 30260 nameLen = (int)XSTRLEN(name); 30261 headerLen = (int)XSTRLEN(header); 30262 30263 pemLen = (derLen + 2) / 3 * 4; 30264 pemLen += (pemLen + 63) / 64; 30265 30266 pem = (byte*)XMALLOC(pemLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30267 err = pem == NULL; 30268 if (!err) 30269 err = Base64_Encode(data, derLen, pem, &pemLen) != 0; 30270 30271 if (!err) { 30272 err = wolfSSL_BIO_write(bio, PEM_BEGIN, PEM_BEGIN_SZ) != 30273 (int)PEM_BEGIN_SZ; 30274 } 30275 if (!err) 30276 err = wolfSSL_BIO_write(bio, name, nameLen) != nameLen; 30277 if (!err) { 30278 err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL, PEM_HDR_FIN_EOL_SZ) != 30279 (int)PEM_HDR_FIN_EOL_SZ; 30280 } 30281 if (!err && headerLen > 0) { 30282 err = wolfSSL_BIO_write(bio, header, headerLen) != headerLen; 30283 /* Blank line after a header and before body. */ 30284 if (!err) 30285 err = wolfSSL_BIO_write(bio, "\n", 1) != 1; 30286 headerLen++; 30287 } 30288 if (!err) 30289 err = wolfSSL_BIO_write(bio, pem, pemLen) != (int)pemLen; 30290 if (!err) 30291 err = wolfSSL_BIO_write(bio, PEM_END, PEM_END_SZ) != 30292 (int)PEM_END_SZ; 30293 if (!err) 30294 err = wolfSSL_BIO_write(bio, name, nameLen) != nameLen; 30295 if (!err) { 30296 err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL, PEM_HDR_FIN_EOL_SZ) != 30297 (int)PEM_HDR_FIN_EOL_SZ; 30298 } 30299 30300 if (!err) { 30301 outSz = PEM_BEGIN_SZ + nameLen + PEM_HDR_FIN_EOL_SZ + headerLen + 30302 pemLen + PEM_END_SZ + nameLen + PEM_HDR_FIN_EOL_SZ; 30303 } 30304 30305 if (pem != NULL) 30306 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 30307 30308 return outSz; 30309 } 30310 30311 #if !defined(NO_FILESYSTEM) 30312 int wolfSSL_PEM_read(XFILE fp, char **name, char **header, 30313 unsigned char **data, long *len) 30314 { 30315 int ret; 30316 WOLFSSL_BIO* bio; 30317 30318 if (name == NULL || header == NULL || data == NULL || len == NULL) 30319 return WOLFSSL_FAILURE; 30320 30321 bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file()); 30322 if (bio == NULL) 30323 return 0; 30324 30325 if (wolfSSL_BIO_set_fp(bio, fp, BIO_NOCLOSE) != WOLFSSL_SUCCESS) { 30326 wolfSSL_BIO_free(bio); 30327 bio = NULL; 30328 } 30329 30330 ret = wolfSSL_PEM_read_bio(bio, name, header, data, len); 30331 30332 if (bio != NULL) 30333 wolfSSL_BIO_free(bio); 30334 30335 return ret; 30336 } 30337 30338 int wolfSSL_PEM_write(XFILE fp, const char *name, const char *header, 30339 const unsigned char *data, long len) 30340 { 30341 int ret; 30342 WOLFSSL_BIO* bio; 30343 30344 if (name == NULL || header == NULL || data == NULL) 30345 return 0; 30346 30347 bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file()); 30348 if (bio == NULL) 30349 return 0; 30350 30351 if (wolfSSL_BIO_set_fp(bio, fp, BIO_NOCLOSE) != WOLFSSL_SUCCESS) { 30352 wolfSSL_BIO_free(bio); 30353 bio = NULL; 30354 } 30355 30356 ret = wolfSSL_PEM_write_bio(bio, name, header, data, len); 30357 30358 if (bio != NULL) 30359 wolfSSL_BIO_free(bio); 30360 30361 return ret; 30362 } 30363 #endif 30364 30365 int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header, EncryptedInfo* cipher) 30366 { 30367 if (header == NULL || cipher == NULL) 30368 return WOLFSSL_FAILURE; 30369 30370 XMEMSET(cipher, 0, sizeof(*cipher)); 30371 30372 if (wc_EncryptedInfoParse(cipher, &header, XSTRLEN(header)) != 0) 30373 return WOLFSSL_FAILURE; 30374 30375 return WOLFSSL_SUCCESS; 30376 } 30377 30378 int wolfSSL_PEM_do_header(EncryptedInfo* cipher, unsigned char* data, 30379 long* len, pem_password_cb* callback, void* ctx) 30380 { 30381 int ret = WOLFSSL_SUCCESS; 30382 char password[NAME_SZ]; 30383 int passwordSz; 30384 30385 if (cipher == NULL || data == NULL || len == NULL || callback == NULL) 30386 return WOLFSSL_FAILURE; 30387 30388 passwordSz = callback(password, sizeof(password), PEM_PASS_READ, ctx); 30389 if (passwordSz < 0) 30390 ret = WOLFSSL_FAILURE; 30391 30392 if (ret == WOLFSSL_SUCCESS) { 30393 if (wc_BufferKeyDecrypt(cipher, data, (word32)*len, (byte*)password, 30394 passwordSz, WC_MD5) != 0) { 30395 ret = WOLFSSL_FAILURE; 30396 } 30397 } 30398 30399 if (passwordSz > 0) 30400 XMEMSET(password, 0, passwordSz); 30401 30402 return ret; 30403 } 23449 30404 23450 30405 /* … … 23454 30409 * u : password 23455 30410 * _AUX is for working with a trusted X509 certificate 23456 30411 */ 23457 30412 WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX(WOLFSSL_BIO *bp, 23458 30413 WOLFSSL_X509 **x, pem_password_cb *cb, void *u) { … … 23466 30421 return wolfSSL_PEM_read_bio_X509(bp, x, cb, u); 23467 30422 } 30423 30424 void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne) 30425 { 30426 if (ne != NULL) { 30427 if (ne->value != NULL && ne->value != &(ne->data)) { 30428 wolfSSL_ASN1_STRING_free(ne->value); 30429 } 30430 XFREE(ne, NULL, DYNAMIC_TYPE_NAME_ENTRY); 30431 } 30432 } 30433 30434 30435 WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void) 30436 { 30437 WOLFSSL_X509_NAME_ENTRY* ne = NULL; 30438 30439 ne = (WOLFSSL_X509_NAME_ENTRY*)XMALLOC(sizeof(WOLFSSL_X509_NAME_ENTRY), 30440 NULL, DYNAMIC_TYPE_NAME_ENTRY); 30441 if (ne != NULL) { 30442 XMEMSET(ne, 0, sizeof(WOLFSSL_X509_NAME_ENTRY)); 30443 ne->value = &(ne->data); 30444 } 30445 30446 return ne; 30447 } 30448 30449 30450 WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID( 30451 WOLFSSL_X509_NAME_ENTRY** out, int nid, int type, 30452 unsigned char* data, int dataSz) 30453 { 30454 WOLFSSL_X509_NAME_ENTRY* ne = NULL; 30455 30456 WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_create_by_NID()"); 30457 30458 ne = wolfSSL_X509_NAME_ENTRY_new(); 30459 if (ne == NULL) { 30460 return NULL; 30461 } 30462 30463 ne->nid = nid; 30464 ne->value = wolfSSL_ASN1_STRING_type_new(type); 30465 wolfSSL_ASN1_STRING_set(ne->value, (const void*)data, dataSz); 30466 ne->set = 1; 30467 30468 if (out != NULL) { 30469 *out = ne; 30470 } 30471 30472 return ne; 30473 } 30474 30475 static int RebuildFullNameAdd(DecodedName* dName, char* data) 30476 { 30477 int totalLen = 0; 30478 int i; 30479 char* fullName; 30480 int idx; 30481 30482 if (dName->cnLen != 0) 30483 totalLen += dName->cnLen + 4; 30484 if (dName->snLen != 0) 30485 totalLen += dName->snLen + 4; 30486 if (dName->cLen != 0) 30487 totalLen += dName->cLen + 3; 30488 if (dName->lLen != 0) 30489 totalLen += dName->lLen + 3; 30490 if (dName->stLen != 0) 30491 totalLen += dName->stLen + 4; 30492 if (dName->oLen != 0) 30493 totalLen += dName->oLen + 3; 30494 if (dName->ouLen != 0) 30495 totalLen += dName->ouLen + 4; 30496 if (dName->emailLen != 0) 30497 totalLen += dName->emailLen + 14; 30498 if (dName->uidLen != 0) 30499 totalLen += dName->uidLen + 5; 30500 if (dName->serialLen != 0) 30501 totalLen += dName->serialLen + 14; 30502 if (dName->dcNum != 0) { 30503 for (i = 0; i < dName->dcNum; i++) 30504 totalLen += dName->dcLen[i] + 4; 30505 } 30506 30507 fullName = (char*)XMALLOC(totalLen + 1, NULL, DYNAMIC_TYPE_X509); 30508 if (fullName == NULL) 30509 return MEMORY_E; 30510 30511 idx = 0; 30512 dName->entryCount = 0; 30513 if (dName->cnLen != 0) { 30514 dName->entryCount++; 30515 XMEMCPY(fullName + idx, WOLFSSL_COMMON_NAME, 4); 30516 idx += 4; 30517 if (dName->cnIdx == -1) 30518 XMEMCPY(fullName + idx, data, dName->cnLen); 30519 else { 30520 XMEMCPY(fullName + idx, dName->fullName + dName->cnIdx, 30521 dName->cnLen); 30522 } 30523 dName->cnIdx = idx; 30524 idx += dName->cnLen; 30525 } 30526 if (dName->snLen != 0) { 30527 dName->entryCount++; 30528 XMEMCPY(fullName + idx, WOLFSSL_SUR_NAME, 4); 30529 idx += 4; 30530 if (dName->snIdx == -1) 30531 XMEMCPY(fullName + idx, data, dName->snLen); 30532 else { 30533 XMEMCPY(fullName + idx, dName->fullName + dName->snIdx, 30534 dName->snLen); 30535 } 30536 dName->snIdx = idx; 30537 idx += dName->snLen; 30538 } 30539 if (dName->cLen != 0) { 30540 dName->entryCount++; 30541 XMEMCPY(fullName + idx, WOLFSSL_COUNTRY_NAME, 3); 30542 idx += 3; 30543 if (dName->cIdx == -1) 30544 XMEMCPY(fullName + idx, data, dName->cLen); 30545 else { 30546 XMEMCPY(fullName + idx, dName->fullName + dName->cIdx, 30547 dName->cLen); 30548 } 30549 dName->cIdx = idx; 30550 idx += dName->cLen; 30551 } 30552 if (dName->lLen != 0) { 30553 dName->entryCount++; 30554 XMEMCPY(fullName + idx, WOLFSSL_LOCALITY_NAME, 3); 30555 idx += 3; 30556 if (dName->lIdx == -1) 30557 XMEMCPY(fullName + idx, data, dName->lLen); 30558 else { 30559 XMEMCPY(fullName + idx, dName->fullName + dName->lIdx, 30560 dName->lLen); 30561 } 30562 dName->lIdx = idx; 30563 idx += dName->lLen; 30564 } 30565 if (dName->stLen != 0) { 30566 dName->entryCount++; 30567 XMEMCPY(fullName + idx, WOLFSSL_STATE_NAME, 4); 30568 idx += 4; 30569 if (dName->stIdx == -1) 30570 XMEMCPY(fullName + idx, data, dName->stLen); 30571 else { 30572 XMEMCPY(fullName + idx, dName->fullName + dName->stIdx, 30573 dName->stLen); 30574 } 30575 dName->stIdx = idx; 30576 idx += dName->stLen; 30577 } 30578 if (dName->oLen != 0) { 30579 dName->entryCount++; 30580 XMEMCPY(fullName + idx, WOLFSSL_ORG_NAME, 3); 30581 idx += 3; 30582 if (dName->oIdx == -1) 30583 XMEMCPY(fullName + idx, data, dName->oLen); 30584 else { 30585 XMEMCPY(fullName + idx, dName->fullName + dName->oIdx, 30586 dName->oLen); 30587 } 30588 dName->oIdx = idx; 30589 idx += dName->oLen; 30590 } 30591 if (dName->ouLen != 0) { 30592 dName->entryCount++; 30593 XMEMCPY(fullName + idx, WOLFSSL_ORGUNIT_NAME, 4); 30594 idx += 4; 30595 if (dName->ouIdx == -1) 30596 XMEMCPY(fullName + idx, data, dName->ouLen); 30597 else { 30598 XMEMCPY(fullName + idx, dName->fullName + dName->ouIdx, 30599 dName->ouLen); 30600 } 30601 dName->ouIdx = idx; 30602 idx += dName->ouLen; 30603 } 30604 if (dName->emailLen != 0) { 30605 dName->entryCount++; 30606 XMEMCPY(fullName + idx, "/emailAddress=", 14); 30607 idx += 14; 30608 if (dName->emailIdx == -1) 30609 XMEMCPY(fullName + idx, data, dName->emailLen); 30610 else { 30611 XMEMCPY(fullName + idx, dName->fullName + dName->emailIdx, 30612 dName->emailLen); 30613 } 30614 dName->emailIdx = idx; 30615 idx += dName->emailLen; 30616 } 30617 if (dName->dcNum != 0) { 30618 for (i = 0; i < dName->dcNum; i++) { 30619 dName->entryCount++; 30620 XMEMCPY(fullName + idx, WOLFSSL_DOMAIN_COMPONENT, 4); 30621 idx += 4; 30622 XMEMCPY(fullName + idx, dName->fullName + dName->dcIdx[i], 30623 dName->dcLen[i]); 30624 dName->dcIdx[i] = idx; 30625 idx += dName->dcLen[i]; 30626 } 30627 } 30628 if (dName->uidLen != 0) { 30629 dName->entryCount++; 30630 XMEMCPY(fullName + idx, "/UID=", 5); 30631 idx += 5; 30632 if (dName->uidIdx == -1) 30633 XMEMCPY(fullName + idx, data, dName->uidLen); 30634 else { 30635 XMEMCPY(fullName + idx, dName->fullName + dName->uidIdx, 30636 dName->uidLen); 30637 } 30638 dName->uidIdx = idx; 30639 idx += dName->uidLen; 30640 } 30641 if (dName->serialLen != 0) { 30642 dName->entryCount++; 30643 XMEMCPY(fullName + idx, WOLFSSL_SERIAL_NUMBER, 14); 30644 idx += 14; 30645 if (dName->serialIdx == -1) 30646 XMEMCPY(fullName + idx, data, dName->serialLen); 30647 else { 30648 XMEMCPY(fullName + idx, dName->fullName + dName->serialIdx, 30649 dName->serialLen); 30650 } 30651 dName->serialIdx = idx; 30652 idx += dName->serialLen; 30653 } 30654 30655 if (dName->fullName != NULL) 30656 XFREE(dName->fullName, NULL, DYNAMIC_TYPE_X509); 30657 dName->fullName = fullName; 30658 dName->fullNameLen = idx; 30659 30660 return 0; 30661 } 30662 30663 /* Copies entry into name. With it being copied freeing entry becomes the 30664 * callers responsibility. 30665 * returns 1 for success and 0 for error */ 30666 int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name, 30667 WOLFSSL_X509_NAME_ENTRY* entry, int idx, int set) 30668 { 30669 int i; 30670 int fullName = 1; 30671 30672 WOLFSSL_ENTER("wolfSSL_X509_NAME_add_entry()"); 30673 30674 switch (entry->nid) { 30675 case ASN_COMMON_NAME: 30676 name->fullName.cnIdx = -1; 30677 name->fullName.cnLen = entry->value->length; 30678 name->fullName.cnNid = entry->nid; 30679 break; 30680 case ASN_SUR_NAME: 30681 name->fullName.snIdx = -1; 30682 name->fullName.snLen = entry->value->length; 30683 name->fullName.snNid = entry->nid; 30684 break; 30685 case ASN_SERIAL_NUMBER: 30686 name->fullName.serialIdx = -1; 30687 name->fullName.serialLen = entry->value->length; 30688 name->fullName.serialNid = entry->nid; 30689 break; 30690 case ASN_COUNTRY_NAME: 30691 name->fullName.cIdx = -1; 30692 name->fullName.cLen = entry->value->length; 30693 name->fullName.cNid = entry->nid; 30694 break; 30695 case ASN_LOCALITY_NAME: 30696 name->fullName.lIdx = -1; 30697 name->fullName.lLen = entry->value->length; 30698 name->fullName.lNid = entry->nid; 30699 break; 30700 case ASN_STATE_NAME: 30701 name->fullName.stIdx = -1; 30702 name->fullName.stLen = entry->value->length; 30703 name->fullName.stNid = entry->nid; 30704 break; 30705 case ASN_ORG_NAME: 30706 name->fullName.oIdx = -1; 30707 name->fullName.oLen = entry->value->length; 30708 name->fullName.oNid = entry->nid; 30709 break; 30710 case ASN_ORGUNIT_NAME: 30711 name->fullName.ouIdx = -1; 30712 name->fullName.ouLen = entry->value->length; 30713 name->fullName.ouNid = entry->nid; 30714 break; 30715 case NID_emailAddress: 30716 name->fullName.emailIdx = -1; 30717 name->fullName.emailLen = entry->value->length; 30718 name->fullName.emailNid = entry->nid; 30719 break; 30720 case ASN_USER_ID: 30721 name->fullName.uidIdx = -1; 30722 name->fullName.uidLen = entry->value->length; 30723 name->fullName.uidNid = entry->nid; 30724 break; 30725 case ASN_DOMAIN_COMPONENT: 30726 name->fullName.dcIdx[0] = -1; 30727 name->fullName.dcLen[0] = entry->value->length; 30728 break; 30729 default: 30730 fullName = 0; 30731 break; 30732 } 30733 30734 if (fullName) { 30735 if (RebuildFullNameAdd(&name->fullName, entry->value->data) != 0) 30736 return WOLFSSL_FAILURE; 30737 } 30738 else { 30739 for (i = 0; i < MAX_NAME_ENTRIES; i++) { 30740 if (name->extra[i].set != 1) { /* not set so overwrited */ 30741 WOLFSSL_X509_NAME_ENTRY* current = &(name->extra[i]); 30742 WOLFSSL_ASN1_STRING* str; 30743 30744 WOLFSSL_MSG("Found place for name entry"); 30745 30746 XMEMCPY(current, entry, sizeof(WOLFSSL_X509_NAME_ENTRY)); 30747 str = entry->value; 30748 XMEMCPY(&(current->data), str, sizeof(WOLFSSL_ASN1_STRING)); 30749 current->value = &(current->data); 30750 current->data.data = (char*)XMALLOC(str->length, 30751 name->x509->heap, DYNAMIC_TYPE_OPENSSL); 30752 30753 if (current->data.data == NULL) { 30754 return SSL_FAILURE; 30755 } 30756 XMEMCPY(current->data.data, str->data, str->length); 30757 30758 /* make sure is null terminated */ 30759 current->data.data[str->length - 1] = '\0'; 30760 30761 current->set = 1; /* make sure now listed as set */ 30762 break; 30763 } 30764 } 30765 30766 if (i == MAX_NAME_ENTRIES) { 30767 WOLFSSL_MSG("No spot found for name entry"); 30768 return SSL_FAILURE; 30769 } 30770 } 30771 30772 (void)idx; 30773 (void)set; 30774 return SSL_SUCCESS; 30775 } 30776 30777 typedef struct WOLFSSL_ObjectInfo { 30778 int nid; 30779 int id; 30780 word32 type; 30781 const char* sName; 30782 } WOLFSSL_ObjectInfo; 30783 30784 static WOLFSSL_ObjectInfo wolfssl_object_info[] = { 30785 /* oidHashType */ 30786 #ifdef WOLFSSL_MD2 30787 { NID_md2, MD2h, oidHashType, "md2" }, 30788 #endif 30789 #ifdef WOLFSSL_MD5 30790 { NID_md5, MD5h, oidHashType, "md5" }, 30791 #endif 30792 #ifndef NO_SHA 30793 { NID_sha1, SHAh, oidHashType, "sha" }, 30794 #endif 30795 #ifdef WOLFSSL_SHA224 30796 { NID_sha224, SHA224h, oidHashType, "sha224" }, 30797 #endif 30798 #ifndef NO_SHA256 30799 { NID_sha256, SHA256h, oidHashType, "sha256" }, 30800 #endif 30801 #ifdef WOLFSSL_SHA384 30802 { NID_sha384, SHA384h, oidHashType, "sha384" }, 30803 #endif 30804 #ifdef WOLFSSL_SHA512 30805 { NID_sha512, SHA512h, oidHashType, "sha512" }, 30806 #endif 30807 30808 /* oidSigType */ 30809 #ifndef NO_DSA 30810 #ifndef NO_SHA 30811 { CTC_SHAwDSA, CTC_SHAwDSA, oidSigType, "shaWithDSA" }, 30812 #endif 30813 #endif /* NO_DSA */ 30814 #ifndef NO_RSA 30815 #ifdef WOLFSSL_MD2 30816 { CTC_MD2wRSA, CTC_MD2wRSA, oidSigType, "md2WithRSA" }, 30817 #endif 30818 #ifndef NO_MD5 30819 { CTC_MD5wRSA, CTC_MD5wRSA, oidSigType, "md5WithRSA" }, 30820 #endif 30821 #ifndef NO_SHA 30822 { CTC_SHAwRSA, CTC_SHAwRSA, oidSigType, "shaWithRSA" }, 30823 #endif 30824 #ifdef WOLFSSL_SHA224 30825 { CTC_SHA224wRSA, CTC_SHA224wRSA, oidSigType, "sha224WithRSA" }, 30826 #endif 30827 #ifndef NO_SHA256 30828 { CTC_SHA256wRSA, CTC_SHA256wRSA, oidSigType, "sha256WithRSA" }, 30829 #endif 30830 #ifdef WOLFSSL_SHA384 30831 { CTC_SHA384wRSA, CTC_SHA384wRSA, oidSigType, "sha384WithRSA" }, 30832 #endif 30833 #ifdef WOLFSSL_SHA512 30834 { CTC_SHA512wRSA, CTC_SHA512wRSA, oidSigType, "sha512WithRSA" }, 30835 #endif 30836 #endif /* NO_RSA */ 30837 #ifdef HAVE_ECC 30838 #ifndef NO_SHA 30839 { CTC_SHAwECDSA, CTC_SHAwECDSA, oidSigType, "shaWithECDSA" }, 30840 #endif 30841 #ifdef WOLFSSL_SHA224 30842 { CTC_SHA224wECDSA, CTC_SHA224wECDSA, oidSigType, "sha224WithECDSA" }, 30843 #endif 30844 #ifndef NO_SHA256 30845 { CTC_SHA256wECDSA, CTC_SHA256wECDSA, oidSigType, "sha256WithECDSA" }, 30846 #endif 30847 #ifdef WOLFSSL_SHA384 30848 { CTC_SHA384wECDSA, CTC_SHA384wECDSA, oidSigType, "sha384WithECDSA" }, 30849 #endif 30850 #ifdef WOLFSSL_SHA512 30851 { CTC_SHA512wECDSA, CTC_SHA512wECDSA, oidSigType, "sha512WithECDSA" }, 30852 #endif 30853 #endif /* HAVE_ECC */ 30854 30855 /* oidKeyType */ 30856 #ifndef NO_DSA 30857 { DSAk, DSAk, oidKeyType, "DSA key" }, 30858 #endif /* NO_DSA */ 30859 #ifndef NO_RSA 30860 { RSAk, RSAk, oidKeyType, "RSA key" }, 30861 #endif /* NO_RSA */ 30862 #ifdef HAVE_NTRU 30863 { NTRUk, NTRUk, oidKeyType, "NTRU key" }, 30864 #endif /* HAVE_NTRU */ 30865 #ifdef HAVE_ECC 30866 { ECDSAk, ECDSAk, oidKeyType, "ECDSA key" }, 30867 #endif /* HAVE_ECC */ 30868 30869 /* oidBlkType */ 30870 #ifdef WOLFSSL_AES_128 30871 { AES128CBCb, AES128CBCb, oidBlkType, "AES-128-CBC" }, 30872 #endif 30873 #ifdef WOLFSSL_AES_192 30874 { AES192CBCb, AES192CBCb, oidBlkType, "AES-192-CBC" }, 30875 #endif 30876 #ifdef WOLFSSL_AES_256 30877 { AES256CBCb, AES256CBCb, oidBlkType, "AES-256-CBC" }, 30878 #endif 30879 #ifndef NO_DES3 30880 { NID_des, DESb, oidBlkType, "DES-CBC" }, 30881 { NID_des3, DES3b, oidBlkType, "DES3-CBC" }, 30882 #endif /* !NO_DES3 */ 30883 30884 /* oidOcspType */ 30885 #ifdef HAVE_OCSP 30886 { NID_id_pkix_OCSP_basic, OCSP_BASIC_OID, oidOcspType, "OCSP_basic" }, 30887 { OCSP_NONCE_OID, OCSP_NONCE_OID, oidOcspType, "OCSP_nonce" }, 30888 #endif /* HAVE_OCSP */ 30889 30890 #ifndef NO_CERT 30891 /* oidCertExtType */ 30892 { BASIC_CA_OID, BASIC_CA_OID, oidCertExtType, "X509 basic ca" }, 30893 { ALT_NAMES_OID, ALT_NAMES_OID, oidCertExtType, "X509 alt names" }, 30894 { CRL_DIST_OID, CRL_DIST_OID, oidCertExtType, "X509 crl" }, 30895 { AUTH_INFO_OID, AUTH_INFO_OID, oidCertExtType, "X509 auth info" }, 30896 { AUTH_KEY_OID, AUTH_KEY_OID, oidCertExtType, "X509 auth key" }, 30897 { SUBJ_KEY_OID, SUBJ_KEY_OID, oidCertExtType, "X509 subject key" }, 30898 { KEY_USAGE_OID, KEY_USAGE_OID, oidCertExtType, "X509 key usage" }, 30899 { INHIBIT_ANY_OID, INHIBIT_ANY_OID, oidCertExtType, 30900 "X509 inhibit any" }, 30901 { NID_ext_key_usage, KEY_USAGE_OID, oidCertExtType, 30902 "X509 ext key usage" }, 30903 { NID_name_constraints, NAME_CONS_OID, oidCertExtType, 30904 "X509 name constraints" }, 30905 { NID_certificate_policies, CERT_POLICY_OID, oidCertExtType, 30906 "X509 certificate policies" }, 30907 30908 /* oidCertAuthInfoType */ 30909 { AIA_OCSP_OID, AIA_OCSP_OID, oidCertAuthInfoType, "Cert Auth OCSP" }, 30910 { AIA_CA_ISSUER_OID, AIA_CA_ISSUER_OID, oidCertAuthInfoType, 30911 "Cert Auth CA Issuer" }, 30912 30913 /* oidCertPolicyType */ 30914 { NID_any_policy, CP_ANY_OID, oidCertPolicyType, "Cert any policy" }, 30915 30916 /* oidCertAltNameType */ 30917 { NID_hw_name_oid, HW_NAME_OID, oidCertAltNameType, "Hardware name" }, 30918 30919 /* oidCertKeyUseType */ 30920 { NID_anyExtendedKeyUsage, EKU_ANY_OID, oidCertKeyUseType, 30921 "Cert any extended key" }, 30922 { EKU_SERVER_AUTH_OID, EKU_SERVER_AUTH_OID, oidCertKeyUseType, 30923 "Cert server auth key" }, 30924 { EKU_CLIENT_AUTH_OID, EKU_CLIENT_AUTH_OID, oidCertKeyUseType, 30925 "Cert client auth key" }, 30926 { EKU_OCSP_SIGN_OID, EKU_OCSP_SIGN_OID, oidCertKeyUseType, 30927 "Cert OCSP sign key" }, 30928 30929 /* oidCertNameType */ 30930 { NID_commonName, NID_commonName, oidCertNameType, "commonName" }, 30931 { NID_surname, NID_surname, oidCertNameType, "surname" }, 30932 { NID_serialNumber, NID_serialNumber, oidCertNameType, "serialNumber" }, 30933 { NID_countryName, NID_countryName, oidCertNameType, "countryName" }, 30934 { NID_localityName, NID_localityName, oidCertNameType, "localityName" }, 30935 { NID_stateOrProvinceName, NID_stateOrProvinceName, oidCertNameType, 30936 "stateOrProvinceName" }, 30937 { NID_organizationName, NID_organizationName, oidCertNameType, 30938 "organizationName" }, 30939 { NID_organizationalUnitName, NID_organizationalUnitName, 30940 oidCertNameType, "organizationalUnitName" }, 30941 { NID_emailAddress, NID_emailAddress, oidCertNameType, "emailAddress" }, 30942 #endif 30943 30944 #ifndef NO_PWDBASED 30945 /* oidKdfType */ 30946 { PBKDF2_OID, PBKDF2_OID, oidKdfType, "PBKDFv2" }, 30947 30948 /* oidPBEType */ 30949 { PBE_SHA1_RC4_128, PBE_SHA1_RC4_128, oidPBEType, 30950 "PBE shaWithRC4-128" }, 30951 { PBE_SHA1_DES, PBE_SHA1_DES, oidPBEType, "PBE shaWithDES" }, 30952 { PBE_SHA1_DES3, PBE_SHA1_DES3, oidPBEType, "PBE shaWithDES3" }, 30953 #endif 30954 30955 /* oidKeyWrapType */ 30956 #ifdef WOLFSSL_AES_128 30957 { AES128_WRAP, AES128_WRAP, oidKeyWrapType, "AES-128 wrap" }, 30958 #endif 30959 #ifdef WOLFSSL_AES_192 30960 { AES192_WRAP, AES192_WRAP, oidKeyWrapType, "AES-192 wrap" }, 30961 #endif 30962 #ifdef WOLFSSL_AES_256 30963 { AES256_WRAP, AES256_WRAP, oidKeyWrapType, "AES-256 wrap" }, 30964 #endif 30965 30966 #ifndef NO_PKCS7 30967 #ifndef NO_DH 30968 /* oidCmsKeyAgreeType */ 30969 #ifndef NO_SHA 30970 { dhSinglePass_stdDH_sha1kdf_scheme, dhSinglePass_stdDH_sha1kdf_scheme, 30971 oidCmsKeyAgreeType, "DH-SHA kdf" }, 30972 #endif 30973 #ifdef WOLFSSL_SHA224 30974 { dhSinglePass_stdDH_sha224kdf_scheme, 30975 dhSinglePass_stdDH_sha224kdf_scheme, oidCmsKeyAgreeType, 30976 "DH-SHA224 kdf" }, 30977 #endif 30978 #ifndef NO_SHA256 30979 { dhSinglePass_stdDH_sha256kdf_scheme, 30980 dhSinglePass_stdDH_sha256kdf_scheme, oidCmsKeyAgreeType, 30981 "DH-SHA256 kdf" }, 30982 #endif 30983 #ifdef WOLFSSL_SHA384 30984 { dhSinglePass_stdDH_sha384kdf_scheme, 30985 dhSinglePass_stdDH_sha384kdf_scheme, oidCmsKeyAgreeType, 30986 "DH-SHA384 kdf" }, 30987 #endif 30988 #ifdef WOLFSSL_SHA512 30989 { dhSinglePass_stdDH_sha512kdf_scheme, 30990 dhSinglePass_stdDH_sha512kdf_scheme, oidCmsKeyAgreeType, 30991 "DH-SHA512 kdf" }, 30992 #endif 30993 #endif 30994 #endif 30995 }; 30996 30997 #define WOLFSSL_OBJECT_INFO_SZ \ 30998 (sizeof(wolfssl_object_info) / sizeof(*wolfssl_object_info)) 30999 31000 int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name, 31001 const char *field, int type, 31002 const unsigned char *bytes, int len, 31003 int loc, int set) 31004 { 31005 int ret; 31006 int i; 31007 WOLFSSL_X509_NAME_ENTRY* entry; 31008 size_t fieldSz; 31009 31010 (void)type; 31011 31012 if (name == NULL || field == NULL) 31013 return WOLFSSL_FAILURE; 31014 31015 fieldSz = XSTRLEN(field); 31016 for (i = 0; i < (int)WOLFSSL_OBJECT_INFO_SZ; i++) { 31017 if (XSTRNCMP(field, wolfssl_object_info[i].sName, fieldSz) == 0) 31018 break; 31019 } 31020 31021 if (i == WOLFSSL_OBJECT_INFO_SZ) 31022 return WOLFSSL_FAILURE; 31023 31024 entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL, 31025 wolfssl_object_info[i].nid, type, (unsigned char*)bytes, len); 31026 if (entry == NULL) 31027 return WOLFSSL_FAILURE; 31028 31029 ret = wolfSSL_X509_NAME_add_entry(name, entry, loc, set); 31030 wolfSSL_X509_NAME_ENTRY_free(entry); 31031 return ret; 31032 } 23468 31033 #endif /* ifndef NO_CERTS */ 23469 31034 23470 #ifndef NO_CERTS 23471 void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name){ 23472 FreeX509Name(name, NULL); 23473 WOLFSSL_ENTER("wolfSSL_X509_NAME_free"); 23474 } 23475 #endif /* NO_CERTS */ 23476 23477 #if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ 23478 defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ 23479 defined(HAVE_POCO_LIB) || defined (WOLFSSL_HAPROXY) 23480 23481 unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md) 31035 31036 /* NID variables are dependent on compatibility header files currently 31037 * 31038 * returns a pointer to a new WOLFSSL_ASN1_OBJECT struct on success and NULL 31039 * on fail 31040 */ 31041 31042 WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj(int id) 23482 31043 { 23483 (void) *d; (void) n; (void) *md; 31044 return wolfSSL_OBJ_nid2obj_ex(id, NULL); 31045 } 31046 31047 31048 WOLFSSL_LOCAL WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj_ex(int id, 31049 WOLFSSL_ASN1_OBJECT* arg_obj) 31050 { 31051 word32 oidSz = 0; 31052 const byte* oid; 31053 word32 type = 0; 31054 WOLFSSL_ASN1_OBJECT* obj = arg_obj; 31055 byte objBuf[MAX_OID_SZ + MAX_LENGTH_SZ + 1]; /* +1 for object tag */ 31056 word32 objSz = 0; 31057 const char* sName = NULL; 31058 int i; 31059 31060 WOLFSSL_ENTER("wolfSSL_OBJ_nid2obj()"); 31061 31062 for (i = 0; i < (int)WOLFSSL_OBJECT_INFO_SZ; i++) { 31063 if (wolfssl_object_info[i].nid == id) { 31064 id = wolfssl_object_info[i].id; 31065 sName = wolfssl_object_info[i].sName; 31066 type = wolfssl_object_info[i].type; 31067 break; 31068 } 31069 } 31070 if (i == (int)WOLFSSL_OBJECT_INFO_SZ) { 31071 WOLFSSL_MSG("NID not in table"); 31072 return NULL; 31073 } 31074 31075 #ifdef HAVE_ECC 31076 if (type == 0 && wc_ecc_get_oid(id, &oid, &oidSz) > 0) { 31077 type = oidCurveType; 31078 } 31079 #endif /* HAVE_ECC */ 31080 31081 if (sName != NULL) { 31082 if (XSTRLEN(sName) > WOLFSSL_MAX_SNAME - 1) { 31083 WOLFSSL_MSG("Attempted short name is too large"); 31084 return NULL; 31085 } 31086 } 31087 31088 oid = OidFromId(id, type, &oidSz); 31089 31090 /* set object ID to buffer */ 31091 if (obj == NULL){ 31092 obj = wolfSSL_ASN1_OBJECT_new(); 31093 if (obj == NULL) { 31094 WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); 31095 return NULL; 31096 } 31097 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC; 31098 } else { 31099 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC; 31100 } 31101 obj->type = id; 31102 obj->grp = type; 31103 31104 obj->sName[0] = '\0'; 31105 if (sName != NULL) { 31106 XMEMCPY(obj->sName, (char*)sName, XSTRLEN((char*)sName)); 31107 } 31108 31109 objBuf[0] = ASN_OBJECT_ID; objSz++; 31110 objSz += SetLength(oidSz, objBuf + 1); 31111 XMEMCPY(objBuf + objSz, oid, oidSz); 31112 objSz += oidSz; 31113 obj->objSz = objSz; 31114 if(((obj->dynamic & WOLFSSL_ASN1_DYNAMIC_DATA) != 0) || 31115 (((obj->dynamic & WOLFSSL_ASN1_DYNAMIC_DATA) == 0) && 31116 (obj->obj == NULL))) { 31117 obj->obj = (byte*)XREALLOC((byte*)obj->obj, obj->objSz, NULL, 31118 DYNAMIC_TYPE_ASN1); 31119 if (obj->obj == NULL) { 31120 wolfSSL_ASN1_OBJECT_free(obj); 31121 return NULL; 31122 } 31123 obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA ; 31124 } else { 31125 obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA ; 31126 } 31127 XMEMCPY((byte*)obj->obj, objBuf, obj->objSz); 31128 31129 (void)type; 31130 31131 return obj; 31132 } 31133 31134 31135 /* if no_name is one than use numerical form otherwise can be short name. 31136 * 31137 * returns the buffer size on success 31138 */ 31139 int wolfSSL_OBJ_obj2txt(char *buf, int bufLen, WOLFSSL_ASN1_OBJECT *a, int no_name) 31140 { 31141 int bufSz; 31142 31143 WOLFSSL_ENTER("wolfSSL_OBJ_obj2txt()"); 31144 31145 if (buf == NULL || bufLen <= 1 || a == NULL) { 31146 WOLFSSL_MSG("Bad input argument"); 31147 return WOLFSSL_FAILURE; 31148 } 31149 31150 if (no_name == 1) { 31151 int length; 31152 word32 idx = 0; 31153 31154 if (a->obj[idx++] != ASN_OBJECT_ID) { 31155 WOLFSSL_MSG("Bad ASN1 Object"); 31156 return WOLFSSL_FAILURE; 31157 } 31158 31159 if (GetLength((const byte*)a->obj, &idx, &length, 31160 a->objSz) < 0 || length < 0) { 31161 return ASN_PARSE_E; 31162 } 31163 31164 if (bufLen < MAX_OID_STRING_SZ) { 31165 bufSz = bufLen - 1; 31166 } 31167 else { 31168 bufSz = MAX_OID_STRING_SZ; 31169 } 31170 31171 if ((bufSz = DecodePolicyOID(buf, (word32)bufSz, a->obj + idx, 31172 (word32)length)) <= 0) { 31173 WOLFSSL_MSG("Error decoding OID"); 31174 return WOLFSSL_FAILURE; 31175 } 31176 31177 } 31178 else { /* return short name */ 31179 if (XSTRLEN(a->sName) + 1 < (word32)bufLen - 1) { 31180 bufSz = (int)XSTRLEN(a->sName); 31181 } 31182 else { 31183 bufSz = bufLen - 1; 31184 } 31185 XMEMCPY(buf, a->sName, bufSz); 31186 } 31187 31188 buf[bufSz] = '\0'; 31189 return bufSz; 31190 } 31191 31192 #if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \ 31193 defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \ 31194 defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \ 31195 defined(WOLFSSL_HAPROXY) 31196 31197 #ifndef NO_SHA 31198 /* One shot SHA1 hash of message. 31199 * 31200 * d message to hash 31201 * n size of d buffer 31202 * md buffer to hold digest. Should be SHA_DIGEST_SIZE. 31203 * 31204 * Note: if md is null then a static buffer of SHA_DIGEST_SIZE is used. 31205 * When the static buffer is used this function is not thread safe. 31206 * 31207 * Returns a pointer to the message digest on success and NULL on failure. 31208 */ 31209 unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, 31210 unsigned char *md) 31211 { 31212 static byte dig[WC_SHA_DIGEST_SIZE]; 31213 wc_Sha sha; 31214 23484 31215 WOLFSSL_ENTER("wolfSSL_SHA1"); 23485 WOLFSSL_STUB("wolfssl_SHA1"); 23486 23487 return NULL; 23488 } 31216 31217 if (wc_InitSha_ex(&sha, NULL, 0) != 0) { 31218 WOLFSSL_MSG("SHA1 Init failed"); 31219 return NULL; 31220 } 31221 31222 if (wc_ShaUpdate(&sha, (const byte*)d, (word32)n) != 0) { 31223 WOLFSSL_MSG("SHA1 Update failed"); 31224 return NULL; 31225 } 31226 31227 if (wc_ShaFinal(&sha, dig) != 0) { 31228 WOLFSSL_MSG("SHA1 Final failed"); 31229 return NULL; 31230 } 31231 31232 wc_ShaFree(&sha); 31233 31234 if (md != NULL) { 31235 XMEMCPY(md, dig, WC_SHA_DIGEST_SIZE); 31236 return md; 31237 } 31238 else { 31239 return (unsigned char*)dig; 31240 } 31241 } 31242 #endif /* ! NO_SHA */ 31243 31244 #ifndef NO_SHA256 31245 /* One shot SHA256 hash of message. 31246 * 31247 * d message to hash 31248 * n size of d buffer 31249 * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE. 31250 * 31251 * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used. 31252 * When the static buffer is used this function is not thread safe. 31253 * 31254 * Returns a pointer to the message digest on success and NULL on failure. 31255 */ 31256 unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, 31257 unsigned char *md) 31258 { 31259 static byte dig[WC_SHA256_DIGEST_SIZE]; 31260 wc_Sha256 sha; 31261 31262 WOLFSSL_ENTER("wolfSSL_SHA256"); 31263 31264 if (wc_InitSha256_ex(&sha, NULL, 0) != 0) { 31265 WOLFSSL_MSG("SHA256 Init failed"); 31266 return NULL; 31267 } 31268 31269 if (wc_Sha256Update(&sha, (const byte*)d, (word32)n) != 0) { 31270 WOLFSSL_MSG("SHA256 Update failed"); 31271 return NULL; 31272 } 31273 31274 if (wc_Sha256Final(&sha, dig) != 0) { 31275 WOLFSSL_MSG("SHA256 Final failed"); 31276 return NULL; 31277 } 31278 31279 wc_Sha256Free(&sha); 31280 31281 if (md != NULL) { 31282 XMEMCPY(md, dig, WC_SHA256_DIGEST_SIZE); 31283 return md; 31284 } 31285 else { 31286 return (unsigned char*)dig; 31287 } 31288 } 31289 #endif /* ! NO_SHA256 */ 31290 31291 #ifdef WOLFSSL_SHA384 31292 /* One shot SHA384 hash of message. 31293 * 31294 * d message to hash 31295 * n size of d buffer 31296 * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE. 31297 * 31298 * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used. 31299 * When the static buffer is used this function is not thread safe. 31300 * 31301 * Returns a pointer to the message digest on success and NULL on failure. 31302 */ 31303 unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n, 31304 unsigned char *md) 31305 { 31306 static byte dig[WC_SHA384_DIGEST_SIZE]; 31307 wc_Sha384 sha; 31308 31309 WOLFSSL_ENTER("wolfSSL_SHA384"); 31310 31311 if (wc_InitSha384_ex(&sha, NULL, 0) != 0) { 31312 WOLFSSL_MSG("SHA384 Init failed"); 31313 return NULL; 31314 } 31315 31316 if (wc_Sha384Update(&sha, (const byte*)d, (word32)n) != 0) { 31317 WOLFSSL_MSG("SHA384 Update failed"); 31318 return NULL; 31319 } 31320 31321 if (wc_Sha384Final(&sha, dig) != 0) { 31322 WOLFSSL_MSG("SHA384 Final failed"); 31323 return NULL; 31324 } 31325 31326 wc_Sha384Free(&sha); 31327 31328 if (md != NULL) { 31329 XMEMCPY(md, dig, WC_SHA384_DIGEST_SIZE); 31330 return md; 31331 } 31332 else { 31333 return (unsigned char*)dig; 31334 } 31335 } 31336 #endif /* WOLFSSL_SHA384 */ 31337 31338 31339 #if defined(WOLFSSL_SHA512) 31340 /* One shot SHA512 hash of message. 31341 * 31342 * d message to hash 31343 * n size of d buffer 31344 * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE. 31345 * 31346 * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used. 31347 * When the static buffer is used this function is not thread safe. 31348 * 31349 * Returns a pointer to the message digest on success and NULL on failure. 31350 */ 31351 unsigned char *wolfSSL_SHA512(const unsigned char *d, size_t n, 31352 unsigned char *md) 31353 { 31354 static byte dig[WC_SHA512_DIGEST_SIZE]; 31355 wc_Sha512 sha; 31356 31357 WOLFSSL_ENTER("wolfSSL_SHA512"); 31358 31359 if (wc_InitSha512_ex(&sha, NULL, 0) != 0) { 31360 WOLFSSL_MSG("SHA512 Init failed"); 31361 return NULL; 31362 } 31363 31364 if (wc_Sha512Update(&sha, (const byte*)d, (word32)n) != 0) { 31365 WOLFSSL_MSG("SHA512 Update failed"); 31366 return NULL; 31367 } 31368 31369 if (wc_Sha512Final(&sha, dig) != 0) { 31370 WOLFSSL_MSG("SHA512 Final failed"); 31371 return NULL; 31372 } 31373 31374 wc_Sha512Free(&sha); 31375 31376 if (md != NULL) { 31377 XMEMCPY(md, dig, WC_SHA512_DIGEST_SIZE); 31378 return md; 31379 } 31380 else { 31381 return (unsigned char*)dig; 31382 } 31383 } 31384 #endif /* defined(WOLFSSL_SHA512) */ 23489 31385 23490 31386 char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x) 23491 31387 { 23492 31388 int ret; 23493 31389 … … 23506 31402 FreeX509(ctx->ourCert); 23507 31403 XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509); 23508 } 31404 } 31405 #ifndef WOLFSSL_X509_STORE_CERTS 23509 31406 ctx->ourCert = x; 31407 #else 31408 ctx->ourCert = wolfSSL_X509_d2i(NULL, x->derCert->buffer,x->derCert->length); 31409 if(ctx->ourCert == NULL){ 31410 return 0; 31411 } 31412 #endif 31413 23510 31414 ctx->ownOurCert = 0; 23511 31415 #endif … … 23521 31425 case ECDSAk: 23522 31426 ctx->haveECC = 1; 23523 #if def HAVE_ECC31427 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 23524 31428 ctx->pkCurveOID = x->pkCurveOID; 23525 31429 #endif 23526 31430 break; 23527 } 23528 23529 return WOLFSSL_SUCCESS; 23530 } 23531 31431 } 31432 31433 return WOLFSSL_SUCCESS; 31434 } 31435 31436 #ifndef NO_WOLFSSL_STUB 23532 31437 int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name) { 23533 31438 #ifndef NO_FILESYSTEM … … 23536 31441 WOLFSSL_ENTER("wolfSSL_BIO_new_file"); 23537 31442 23538 if ((wolfSSL_BIO_get_fp(b, &fp) == WOLFSSL_SUCCESS) && (fp != NULL))23539 31443 if ((wolfSSL_BIO_get_fp(b, &fp) == WOLFSSL_SUCCESS) && (fp != XBADFILE)) 31444 { 23540 31445 XFCLOSE(fp); 23541 31446 } 23542 31447 23543 31448 fp = XFOPEN(name, "r"); 23544 if (fp == NULL)31449 if (fp == XBADFILE) 23545 31450 return WOLFSSL_BAD_FILE; 23546 31451 … … 23558 31463 #endif 23559 31464 } 31465 #endif 23560 31466 23561 31467 #ifdef HAVE_ECC … … 23568 31474 if (n == ecc_sets[i].id) { 23569 31475 return ecc_sets[i].name; 23570 23571 31476 } 31477 } 23572 31478 return NULL; 23573 31479 } 23574 31480 23575 int wolfSSL_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o) { 23576 (void)o; 31481 #endif /* HAVE_ECC */ 31482 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 31483 int wolfSSL_OBJ_sn2nid(const char *sn) { 31484 31485 WOLFSSL_ENTER("wolfSSL_OBJ_sn2nid"); 31486 return OBJ_sn2nid(sn); 31487 } 31488 #endif 31489 31490 static int oid2nid(word32 oid, int grp) 31491 { 31492 /* get OID type */ 31493 switch (grp) { 31494 /* oidHashType */ 31495 case oidHashType: 31496 switch (oid) { 31497 #ifdef WOLFSSL_MD2 31498 case MD2h: 31499 return NID_md2; 31500 #endif 31501 #ifndef NO_MD5 31502 case MD5h: 31503 return NID_md5; 31504 #endif 31505 #ifndef NO_SHA 31506 case SHAh: 31507 return NID_sha1; 31508 #endif 31509 case SHA224h: 31510 return NID_sha224; 31511 #ifndef NO_SHA256 31512 case SHA256h: 31513 return NID_sha256; 31514 #endif 31515 #ifdef WOLFSSL_SHA384 31516 case SHA384h: 31517 return NID_sha384; 31518 #endif 31519 #ifdef WOLFSSL_SHA512 31520 case SHA512h: 31521 return NID_sha512; 31522 #endif 31523 } 31524 break; 31525 31526 /* oidSigType */ 31527 case oidSigType: 31528 switch (oid) { 31529 #ifndef NO_DSA 31530 case CTC_SHAwDSA: 31531 return CTC_SHAwDSA; 31532 #endif /* NO_DSA */ 31533 #ifndef NO_RSA 31534 case CTC_MD2wRSA: 31535 return CTC_MD2wRSA; 31536 case CTC_MD5wRSA: 31537 return CTC_MD5wRSA; 31538 case CTC_SHAwRSA: 31539 return CTC_SHAwRSA; 31540 case CTC_SHA224wRSA: 31541 return CTC_SHA224wRSA; 31542 case CTC_SHA256wRSA: 31543 return CTC_SHA256wRSA; 31544 case CTC_SHA384wRSA: 31545 return CTC_SHA384wRSA; 31546 case CTC_SHA512wRSA: 31547 return CTC_SHA512wRSA; 31548 #endif /* NO_RSA */ 31549 #ifdef HAVE_ECC 31550 case CTC_SHAwECDSA: 31551 return CTC_SHAwECDSA; 31552 case CTC_SHA224wECDSA: 31553 return CTC_SHA224wECDSA; 31554 case CTC_SHA256wECDSA: 31555 return CTC_SHA256wECDSA; 31556 case CTC_SHA384wECDSA: 31557 return CTC_SHA384wECDSA; 31558 case CTC_SHA512wECDSA: 31559 return CTC_SHA512wECDSA; 31560 #endif /* HAVE_ECC */ 31561 } 31562 break; 31563 31564 /* oidKeyType */ 31565 case oidKeyType: 31566 switch (oid) { 31567 #ifndef NO_DSA 31568 case DSAk: 31569 return DSAk; 31570 #endif /* NO_DSA */ 31571 #ifndef NO_RSA 31572 case RSAk: 31573 return RSAk; 31574 #endif /* NO_RSA */ 31575 #ifdef HAVE_NTRU 31576 case NTRUk: 31577 return NTRUk; 31578 #endif /* HAVE_NTRU */ 31579 #ifdef HAVE_ECC 31580 case ECDSAk: 31581 return ECDSAk; 31582 #endif /* HAVE_ECC */ 31583 } 31584 break; 31585 31586 /* oidBlkType */ 31587 case oidBlkType: 31588 switch (oid) { 31589 #ifdef WOLFSSL_AES_128 31590 case AES128CBCb: 31591 return AES128CBCb; 31592 #endif 31593 #ifdef WOLFSSL_AES_192 31594 case AES192CBCb: 31595 return AES192CBCb; 31596 #endif 31597 #ifdef WOLFSSL_AES_256 31598 case AES256CBCb: 31599 return AES256CBCb; 31600 #endif 31601 #ifndef NO_DES3 31602 case DESb: 31603 return NID_des; 31604 case DES3b: 31605 return NID_des3; 31606 #endif 31607 } 31608 break; 31609 31610 #ifdef HAVE_OCSP 31611 case oidOcspType: 31612 switch (oid) { 31613 case OCSP_BASIC_OID: 31614 return NID_id_pkix_OCSP_basic; 31615 case OCSP_NONCE_OID: 31616 return OCSP_NONCE_OID; 31617 } 31618 break; 31619 #endif /* HAVE_OCSP */ 31620 31621 /* oidCertExtType */ 31622 case oidCertExtType: 31623 switch (oid) { 31624 case BASIC_CA_OID: 31625 return BASIC_CA_OID; 31626 case ALT_NAMES_OID: 31627 return ALT_NAMES_OID; 31628 case CRL_DIST_OID: 31629 return CRL_DIST_OID; 31630 case AUTH_INFO_OID: 31631 return AUTH_INFO_OID; 31632 case AUTH_KEY_OID: 31633 return AUTH_KEY_OID; 31634 case SUBJ_KEY_OID: 31635 return SUBJ_KEY_OID; 31636 case INHIBIT_ANY_OID: 31637 return INHIBIT_ANY_OID; 31638 case KEY_USAGE_OID: 31639 return NID_ext_key_usage; 31640 case NAME_CONS_OID: 31641 return NID_name_constraints; 31642 case CERT_POLICY_OID: 31643 return NID_certificate_policies; 31644 } 31645 break; 31646 31647 /* oidCertAuthInfoType */ 31648 case oidCertAuthInfoType: 31649 switch (oid) { 31650 case AIA_OCSP_OID: 31651 return AIA_OCSP_OID; 31652 case AIA_CA_ISSUER_OID: 31653 return AIA_CA_ISSUER_OID; 31654 } 31655 break; 31656 31657 /* oidCertPolicyType */ 31658 case oidCertPolicyType: 31659 switch (oid) { 31660 case CP_ANY_OID: 31661 return NID_any_policy; 31662 } 31663 break; 31664 31665 /* oidCertAltNameType */ 31666 case oidCertAltNameType: 31667 switch (oid) { 31668 case HW_NAME_OID: 31669 return NID_hw_name_oid; 31670 } 31671 break; 31672 31673 /* oidCertKeyUseType */ 31674 case oidCertKeyUseType: 31675 switch (oid) { 31676 case EKU_ANY_OID: 31677 return NID_anyExtendedKeyUsage; 31678 case EKU_SERVER_AUTH_OID: 31679 return EKU_SERVER_AUTH_OID; 31680 case EKU_CLIENT_AUTH_OID: 31681 return EKU_CLIENT_AUTH_OID; 31682 case EKU_OCSP_SIGN_OID: 31683 return EKU_OCSP_SIGN_OID; 31684 } 31685 break; 31686 31687 /* oidKdfType */ 31688 case oidKdfType: 31689 switch (oid) { 31690 case PBKDF2_OID: 31691 return PBKDF2_OID; 31692 } 31693 break; 31694 31695 /* oidPBEType */ 31696 case oidPBEType: 31697 switch (oid) { 31698 case PBE_SHA1_RC4_128: 31699 return PBE_SHA1_RC4_128; 31700 case PBE_SHA1_DES: 31701 return PBE_SHA1_DES; 31702 case PBE_SHA1_DES3: 31703 return PBE_SHA1_DES3; 31704 } 31705 break; 31706 31707 /* oidKeyWrapType */ 31708 case oidKeyWrapType: 31709 switch (oid) { 31710 #ifdef WOLFSSL_AES_128 31711 case AES128_WRAP: 31712 return AES128_WRAP; 31713 #endif 31714 #ifdef WOLFSSL_AES_192 31715 case AES192_WRAP: 31716 return AES192_WRAP; 31717 #endif 31718 #ifdef WOLFSSL_AES_256 31719 case AES256_WRAP: 31720 return AES256_WRAP; 31721 #endif 31722 } 31723 break; 31724 31725 /* oidCmsKeyAgreeType */ 31726 case oidCmsKeyAgreeType: 31727 switch (oid) { 31728 #ifndef NO_SHA 31729 case dhSinglePass_stdDH_sha1kdf_scheme: 31730 return dhSinglePass_stdDH_sha1kdf_scheme; 31731 #endif 31732 #ifdef WOLFSSL_SHA224 31733 case dhSinglePass_stdDH_sha224kdf_scheme: 31734 return dhSinglePass_stdDH_sha224kdf_scheme; 31735 #endif 31736 #ifndef NO_SHA256 31737 case dhSinglePass_stdDH_sha256kdf_scheme: 31738 return dhSinglePass_stdDH_sha256kdf_scheme; 31739 #endif 31740 #ifdef WOLFSSL_SHA384 31741 case dhSinglePass_stdDH_sha384kdf_scheme: 31742 return dhSinglePass_stdDH_sha384kdf_scheme; 31743 #endif 31744 #ifdef WOLFSSL_SHA512 31745 case dhSinglePass_stdDH_sha512kdf_scheme: 31746 return dhSinglePass_stdDH_sha512kdf_scheme; 31747 #endif 31748 } 31749 break; 31750 31751 default: 31752 WOLFSSL_MSG("NID not in table"); 31753 return -1; 31754 } 31755 31756 return -1; 31757 } 31758 31759 /* Gets the NID value that corresponds with the ASN1 object. 31760 * 31761 * o ASN1 object to get NID of 31762 * 31763 * Return NID on success and a negative value on failure 31764 */ 31765 int wolfSSL_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o) 31766 { 31767 word32 oid = 0; 31768 word32 idx = 0; 31769 int id; 31770 23577 31771 WOLFSSL_ENTER("wolfSSL_OBJ_obj2nid"); 23578 WOLFSSL_STUB("wolfSSL_OBJ_obj2nid"); 31772 31773 if (o == NULL) { 31774 return -1; 31775 } 31776 if (o->nid > 0) 31777 return o->nid; 31778 if ((id = GetObjectId(o->obj, &idx, &oid, o->grp, o->objSz)) < 0) { 31779 WOLFSSL_MSG("Issue getting OID of object"); 31780 return -1; 31781 } 31782 31783 return oid2nid(oid, o->grp); 31784 } 31785 31786 #ifndef NO_WOLFSSL_STUB 31787 char * wolfSSL_OBJ_nid2ln(int n) 31788 { 31789 (void)n; 31790 WOLFSSL_ENTER("wolfSSL_OBJ_nid2ln"); 31791 WOLFSSL_STUB("OBJ_nid2ln"); 31792 31793 return NULL; 31794 } 31795 #endif 31796 31797 #ifndef NO_WOLFSSL_STUB 31798 int wolfSSL_OBJ_txt2nid(const char* s) 31799 { 31800 (void)s; 31801 WOLFSSL_STUB("OBJ_txt2nid"); 23579 31802 23580 31803 return 0; 23581 } 23582 23583 int wolfSSL_OBJ_sn2nid(const char *sn) { 23584 int i; 23585 WOLFSSL_ENTER("wolfSSL_OBJ_osn2nid"); 23586 23587 /* Nginx uses this OpenSSL string. */ 23588 if (XSTRNCMP(sn, "prime256v1", 10) == 0) 23589 sn = "SECP256R1"; 23590 if (XSTRNCMP(sn, "secp384r1", 10) == 0) 23591 sn = "SECP384R1"; 23592 /* find based on name and return NID */ 23593 for (i = 0; i < ecc_sets[i].size; i++) { 23594 if (XSTRNCMP(sn, ecc_sets[i].name, ECC_MAXNAME) == 0) { 23595 return ecc_sets[i].id; 23596 } 23597 } 23598 return -1; 23599 } 23600 #endif /* HAVE_ECC */ 23601 23602 23603 void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx, int depth) { 23604 WOLFSSL_ENTER("wolfSSL_CTX_set_verify_depth"); 23605 #ifndef OPENSSL_EXTRA 23606 (void)ctx; 23607 (void)depth; 23608 WOLFSSL_STUB("wolfSSL_CTX_set_verify_depth"); 23609 #else 23610 ctx->verifyDepth = depth; 23611 #endif 23612 } 23613 31804 } 31805 #endif 31806 31807 /* compatibility function. It's intended use is to remove OID's from an 31808 * internal table that have been added with OBJ_create. wolfSSL manages it's 31809 * own interenal OID values and does not currently support OBJ_create. */ 31810 void wolfSSL_OBJ_cleanup(void) 31811 { 31812 WOLFSSL_ENTER("wolfSSL_OBJ_cleanup()"); 31813 } 31814 31815 31816 #ifndef NO_WOLFSSL_STUB 23614 31817 void wolfSSL_set_verify_depth(WOLFSSL *ssl, int depth) { 23615 31818 WOLFSSL_ENTER("wolfSSL_set_verify_depth"); … … 23619 31822 WOLFSSL_STUB("wolfSSL_set_verify_depth"); 23620 31823 #else 23621 ssl->options.verifyDepth = depth; 23622 #endif 23623 } 23624 23625 void* wolfSSL_get_app_data( const WOLFSSL *ssl) { 23626 /* checkout exdata stuff... */ 23627 return wolfSSL_get_ex_data(ssl,0); 23628 } 23629 23630 int wolfSSL_set_app_data(WOLFSSL *ssl, void *arg) { 23631 return wolfSSL_set_ex_data(ssl,0,(char *)arg); 23632 } 31824 ssl->options.verifyDepth = (byte)depth; 31825 #endif 31826 } 31827 #endif 31828 23633 31829 23634 31830 WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne) { 23635 (void)ne;23636 31831 WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_object"); 23637 WOLFSSL_STUB("wolfSSL_X509_NAME_ENTRY_get_object"); 23638 23639 return NULL; 23640 } 31832 if (ne == NULL) return NULL; 31833 wolfSSL_OBJ_nid2obj_ex(ne->nid, &ne->object); 31834 ne->object.nid = ne->nid; 31835 return &ne->object; 31836 } 31837 31838 static WOLFSSL_X509_NAME *get_nameByLoc( WOLFSSL_X509_NAME *name, int loc) 31839 { 31840 switch (loc) 31841 { 31842 case 0: 31843 name->cnEntry.value->length = name->fullName.cnLen; 31844 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.cnIdx]; 31845 name->cnEntry.nid = name->fullName.cnNid; 31846 break; 31847 case 1: 31848 name->cnEntry.value->length = name->fullName.cLen; 31849 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.cIdx]; 31850 name->cnEntry.nid = name->fullName.cNid; 31851 break; 31852 case 2: 31853 name->cnEntry.value->length = name->fullName.lLen; 31854 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.lIdx]; 31855 name->cnEntry.nid = name->fullName.lNid; 31856 break; 31857 case 3: 31858 name->cnEntry.value->length = name->fullName.stLen; 31859 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.stIdx]; 31860 name->cnEntry.nid = name->fullName.stNid; 31861 break; 31862 case 4: 31863 name->cnEntry.value->length = name->fullName.oLen; 31864 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.oIdx]; 31865 name->cnEntry.nid = name->fullName.oNid; 31866 break; 31867 case 5: 31868 name->cnEntry.value->length = name->fullName.ouLen; 31869 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.ouIdx]; 31870 name->cnEntry.nid = name->fullName.ouNid; 31871 break; 31872 case 6: 31873 name->cnEntry.value->length = name->fullName.emailLen; 31874 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.emailIdx]; 31875 name->cnEntry.nid = name->fullName.emailNid; 31876 break; 31877 case 7: 31878 name->cnEntry.value->length = name->fullName.snLen; 31879 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.snIdx]; 31880 name->cnEntry.nid = name->fullName.snNid; 31881 break; 31882 case 8: 31883 name->cnEntry.value->length = name->fullName.uidLen; 31884 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.uidIdx]; 31885 name->cnEntry.nid = name->fullName.uidNid; 31886 break; 31887 case 9: 31888 name->cnEntry.value->length = name->fullName.serialLen; 31889 name->cnEntry.value->data = &name->fullName.fullName[name->fullName.serialIdx]; 31890 name->cnEntry.nid = name->fullName.serialNid; 31891 break; 31892 default: 31893 return NULL; 31894 } 31895 if (name->cnEntry.value->length == 0) 31896 return NULL; 31897 name->cnEntry.value->type = CTC_UTF8; 31898 return name; 31899 } 31900 23641 31901 23642 31902 WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry( 23643 WOLFSSL_X509_NAME *name, int loc) { 23644 23645 int maxLoc = name->fullName.fullNameLen; 23646 31903 WOLFSSL_X509_NAME *name, int loc) 31904 { 23647 31905 WOLFSSL_ENTER("wolfSSL_X509_NAME_get_entry"); 23648 31906 23649 if (loc < 0 || loc > maxLoc) { 31907 if (name == NULL) { 31908 return NULL; 31909 } 31910 31911 if (loc < 0 || loc > 9 + name->fullName.dcNum) { 23650 31912 WOLFSSL_MSG("Bad argument"); 23651 31913 return NULL; 23652 31914 } 23653 31915 23654 /* common name index case */ 23655 if (loc == name->fullName.cnIdx) { 31916 if (loc >= 0 && loc <= 9){ 31917 if (get_nameByLoc(name, loc) != NULL) 31918 return &name->cnEntry; 31919 } 31920 31921 /* DC component */ 31922 if (name->fullName.dcMode){ 31923 if (name->fullName.fullName != NULL){ 31924 if (loc == name->fullName.dcNum){ 31925 name->cnEntry.data.data = &name->fullName.fullName[name->fullName.cIdx]; 31926 name->cnEntry.data.length = name->fullName.cLen; 31927 name->cnEntry.nid = ASN_COUNTRY_NAME; 31928 } else { 31929 name->cnEntry.data.data = &name->fullName.fullName[name->fullName.dcIdx[loc]]; 31930 name->cnEntry.data.length = name->fullName.dcLen[loc]; 31931 name->cnEntry.nid = ASN_DOMAIN_COMPONENT; 31932 } 31933 } 31934 name->cnEntry.data.type = CTC_UTF8; 31935 name->cnEntry.set = 1; 31936 31937 /* common name index case */ 31938 } else if (loc == name->fullName.cnIdx && name->x509 != NULL) { 23656 31939 /* get CN shortcut from x509 since it has null terminator */ 23657 31940 name->cnEntry.data.data = name->x509->subjectCN; 23658 31941 name->cnEntry.data.length = name->fullName.cnLen; 23659 name->cnEntry.data.type = ASN_COMMON_NAME; 23660 name->cnEntry.set = 1; 23661 return &(name->cnEntry); 23662 } 23663 23664 /* additionall cases to check for go here */ 23665 23666 WOLFSSL_MSG("Entry not found or implemented"); 23667 (void)name; 23668 (void)loc; 23669 23670 return NULL; 23671 } 23672 31942 name->cnEntry.data.type = CTC_UTF8; 31943 name->cnEntry.nid = ASN_COMMON_NAME; 31944 name->cnEntry.set = 1; 31945 } 31946 else 31947 return NULL; 31948 31949 return &name->cnEntry; 31950 } 31951 31952 #ifndef NO_WOLFSSL_STUB 23673 31953 void wolfSSL_sk_X509_NAME_pop_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, void f (WOLFSSL_X509_NAME*)){ 23674 31954 (void) sk; 23675 31955 (void) f; 23676 31956 WOLFSSL_ENTER("wolfSSL_sk_X509_NAME_pop_free"); 23677 WOLFSSL_STUB("wolfSSL_sk_X509_NAME_pop_free"); 23678 } 23679 31957 WOLFSSL_STUB("sk_X509_NAME_pop_free"); 31958 } 31959 #endif 31960 #ifndef NO_WOLFSSL_STUB 23680 31961 int wolfSSL_X509_check_private_key(WOLFSSL_X509 *x509, WOLFSSL_EVP_PKEY *key){ 23681 31962 (void) x509; 23682 31963 (void) key; 23683 31964 WOLFSSL_ENTER("wolfSSL_X509_check_private_key"); 23684 WOLFSSL_STUB(" wolfSSL_X509_check_private_key");31965 WOLFSSL_STUB("X509_check_private_key"); 23685 31966 23686 31967 return WOLFSSL_SUCCESS; … … 23690 31971 (void) sk; 23691 31972 WOLFSSL_ENTER("wolfSSL_dup_CA_list"); 23692 WOLFSSL_STUB(" wolfSSL_dup_CA_list");31973 WOLFSSL_STUB("SSL_dup_CA_list"); 23693 31974 23694 31975 return NULL; 23695 } 23696 23697 #endif /* HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */ 31976 } 31977 #endif 31978 31979 #endif /* OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */ 23698 31980 #endif /* OPENSSL_EXTRA */ 23699 23700 31981 23701 31982 #ifdef OPENSSL_EXTRA … … 23710 31991 (void)line; 23711 31992 (void)file; 23712 #if defined( WOLFSSL_NGINX) || defined(DEBUG_WOLFSSL) || defined(WOLFSSL_HAPROXY)31993 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(DEBUG_WOLFSSL) || defined(WOLFSSL_HAPROXY) 23713 31994 { 23714 31995 int ret; … … 23717 31998 WOLFSSL_MSG("Issue peeking at error node in queue"); 23718 31999 return 0; 23719 23720 #if def WOLFSSL_NGINX23721 if (ret == - SSL_NO_PEM_HEADER)32000 } 32001 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 32002 if (ret == -ASN_NO_PEM_HEADER) 23722 32003 return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE; 23723 32004 #endif … … 23727 32008 return (unsigned long)(0 - NOT_COMPILED_IN); 23728 32009 #endif 23729 }32010 } 23730 32011 23731 32012 … … 23739 32020 } 23740 32021 23741 return wolfSSL_CTX_use_PrivateKey_buffer(ctx, 32022 if (pkey->pkey.ptr != NULL) { 32023 /* ptr for WOLFSSL_EVP_PKEY struct is expected to be DER format */ 32024 return wolfSSL_CTX_use_PrivateKey_buffer(ctx, 23742 32025 (const unsigned char*)pkey->pkey.ptr, 23743 pkey->pkey_sz, PRIVATEKEY_TYPE); 23744 } 32026 pkey->pkey_sz, SSL_FILETYPE_ASN1); 32027 } 32028 32029 WOLFSSL_MSG("wolfSSL private key not set"); 32030 return BAD_FUNC_ARG; 32031 } 23745 32032 #endif /* !NO_CERTS */ 23746 32033 … … 23752 32039 if(ctx != NULL && idx < MAX_EX_DATA && idx >= 0) { 23753 32040 return ctx->ex_data[idx]; 23754 32041 } 23755 32042 #else 23756 32043 (void)ctx; … … 23776 32063 23777 32064 32065 /* Return the index that can be used for the WOLFSSL structure to store 32066 * application data. 32067 * 32068 */ 32069 int wolfSSL_get_ex_new_index(long argValue, void* arg, 32070 WOLFSSL_CRYPTO_EX_new* cb1, WOLFSSL_CRYPTO_EX_dup* cb2, 32071 WOLFSSL_CRYPTO_EX_free* cb3) 32072 { 32073 static int ssl_idx = 0; 32074 32075 WOLFSSL_ENTER("wolfSSL_get_ex_new_index"); 32076 32077 (void)argValue; 32078 (void)arg; 32079 (void)cb1; 32080 (void)cb2; 32081 (void)cb3; 32082 32083 return ssl_idx++; 32084 } 32085 32086 23778 32087 int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX* ctx, int idx, void* data) 23779 32088 { … … 23794 32103 23795 32104 32105 /* Returns char* to app data stored in ex[0]. 32106 * 32107 * ssl WOLFSSL structure to get app data from 32108 */ 32109 void* wolfSSL_get_app_data(const WOLFSSL *ssl) 32110 { 32111 /* checkout exdata stuff... */ 32112 WOLFSSL_ENTER("wolfSSL_get_app_data"); 32113 32114 return wolfSSL_get_ex_data(ssl, 0); 32115 } 32116 32117 32118 /* Set ex array 0 to have app data 32119 * 32120 * ssl WOLFSSL struct to set app data in 32121 * arg data to be stored 32122 * 32123 * Returns SSL_SUCCESS on sucess and SSL_FAILURE on failure 32124 */ 32125 int wolfSSL_set_app_data(WOLFSSL *ssl, void* arg) { 32126 WOLFSSL_ENTER("wolfSSL_set_app_data"); 32127 32128 return wolfSSL_set_ex_data(ssl, 0, arg); 32129 } 32130 32131 23796 32132 int wolfSSL_set_ex_data(WOLFSSL* ssl, int idx, void* data) 23797 32133 { … … 23804 32140 } 23805 32141 #else 32142 WOLFSSL_MSG("HAVE_EX_DATA macro is not defined"); 23806 32143 (void)ssl; 23807 32144 (void)idx; … … 23811 32148 } 23812 32149 23813 23814 int wolfSSL_get_ex_new_index(long idx, void* data, void* cb1, void* cb2,23815 void* cb3)23816 {23817 static int ssl_idx = 0;23818 23819 WOLFSSL_ENTER("wolfSSL_get_ex_new_index");23820 (void)idx;23821 (void)data;23822 (void)cb1;23823 (void)cb2;23824 (void)cb3;23825 23826 return ssl_idx++;23827 }23828 32150 23829 32151 … … 23835 32157 return ssl->ex_data[idx]; 23836 32158 #else 32159 WOLFSSL_MSG("HAVE_EX_DATA macro is not defined"); 23837 32160 (void)ssl; 23838 32161 (void)idx; … … 23844 32167 WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x, 23845 32168 pem_password_cb *cb, void *u) 23846 {32169 { 23847 32170 WOLFSSL_DSA* dsa; 23848 32171 DsaKey* key; … … 23860 32183 WOLFSSL_LEAVE("wolfSSL_PEM_read_bio_DSAparams", ret); 23861 32184 return NULL; 23862 }32185 } 23863 32186 23864 32187 bufSz = (word32)ret; … … 23870 32193 */ 23871 32194 WOLFSSL_MSG("Not yet supporting call back or password for encrypted PEM"); 23872 32195 } 23873 32196 23874 32197 if ((ret = PemToDer(buf, (long)bufSz, DSA_PARAM_TYPE, &pDer, NULL, NULL, … … 23906 32229 wolfSSL_DSA_free(dsa); 23907 32230 return NULL; 23908 32231 } 23909 32232 23910 32233 if (SetIndividualExternal(&dsa->p, &key->p) != WOLFSSL_SUCCESS) { … … 23926 32249 FreeDer(&pDer); 23927 32250 wolfSSL_DSA_free(dsa); 23928 23929 32251 return NULL; 32252 } 23930 32253 23931 32254 if (x != NULL) { … … 23941 32264 #include "src/bio.c" 23942 32265 32266 /* Begin functions for openssl/buffer.h */ 32267 WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void) 32268 { 32269 WOLFSSL_BUF_MEM* buf; 32270 buf = (WOLFSSL_BUF_MEM*)XMALLOC(sizeof(WOLFSSL_BUF_MEM), NULL, 32271 DYNAMIC_TYPE_OPENSSL); 32272 if (buf) { 32273 XMEMSET(buf, 0, sizeof(WOLFSSL_BUF_MEM)); 32274 } 32275 return buf; 32276 } 32277 32278 32279 /* returns length of buffer on success */ 32280 int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len) 32281 { 32282 int len_int = (int)len; 32283 int mx; 32284 32285 /* verify provided arguments */ 32286 if (buf == NULL || len_int < 0) { 32287 return 0; /* BAD_FUNC_ARG; */ 32288 } 32289 32290 /* check to see if fits in existing length */ 32291 if (buf->length > len) { 32292 buf->length = len; 32293 return len_int; 32294 } 32295 32296 /* check to see if fits in max buffer */ 32297 if (buf->max >= len) { 32298 if (buf->data != NULL) { 32299 XMEMSET(&buf->data[buf->length], 0, len - buf->length); 32300 } 32301 buf->length = len; 32302 return len_int; 32303 } 32304 32305 /* expand size, to handle growth */ 32306 mx = (len_int + 3) / 3 * 4; 32307 32308 /* use realloc */ 32309 buf->data = (char*)XREALLOC(buf->data, mx, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32310 if (buf->data == NULL) { 32311 return 0; /* ERR_R_MALLOC_FAILURE; */ 32312 } 32313 32314 buf->max = mx; 32315 XMEMSET(&buf->data[buf->length], 0, len - buf->length); 32316 buf->length = len; 32317 32318 return len_int; 32319 } 32320 32321 void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf) 32322 { 32323 if (buf) { 32324 if (buf->data) { 32325 XFREE(buf->data, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32326 buf->data = NULL; 32327 } 32328 buf->max = 0; 32329 buf->length = 0; 32330 XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL); 32331 } 32332 } 32333 /* End Functions for openssl/buffer.h */ 32334 23943 32335 #endif /* OPENSSL_EXTRA */ 23944 32336 23945 32337 23946 32338 #if defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) \ 23947 || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_HAPROXY) 23948 char * wolfSSL_OBJ_nid2ln(int n) { 23949 (void)n; 23950 WOLFSSL_ENTER("wolfSSL_OBJ_nid2ln"); 23951 WOLFSSL_STUB("wolfSSL_OBJ_nid2ln"); 23952 23953 return NULL; 23954 } 23955 23956 int wolfSSL_OBJ_txt2nid(const char* s) { 23957 (void)s; 23958 WOLFSSL_ENTER("wolfSSL_OBJ_txt2nid"); 23959 WOLFSSL_STUB("wolfSSL_OBJ_txt2nid"); 23960 23961 return 0; 23962 } 23963 32339 || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) 23964 32340 23965 32341 WOLFSSL_BIO *wolfSSL_BIO_new_file(const char *filename, const char *mode) … … 23972 32348 23973 32349 fp = XFOPEN(filename, mode); 23974 if (fp == NULL)23975 32350 if (fp == XBADFILE) 32351 return NULL; 23976 32352 23977 32353 bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file()); … … 23979 32355 XFCLOSE(fp); 23980 32356 return bio; 23981 32357 } 23982 32358 23983 32359 if (wolfSSL_BIO_set_fp(bio, fp, BIO_CLOSE) != WOLFSSL_SUCCESS) { … … 23985 32361 wolfSSL_BIO_free(bio); 23986 32362 bio = NULL; 23987 32363 } 23988 32364 23989 32365 /* file is closed when BIO is free'd */ … … 23993 32369 (void)mode; 23994 32370 return NULL; 23995 #endif 32371 #endif /* NO_FILESYSTEM */ 23996 32372 } 23997 32373 … … 24020 32396 if (bio == NULL) { 24021 32397 WOLFSSL_MSG("Bad Function Argument bio is NULL"); 24022 24023 24024 24025 if (bio->type == BIO_MEMORY) {32398 return NULL; 32399 } 32400 32401 if (bio->type == WOLFSSL_BIO_MEMORY) { 24026 32402 /* Use the buffer directly. */ 24027 32403 ret = wolfSSL_BIO_get_mem_data(bio, &mem); … … 24032 32408 size = ret; 24033 32409 } 24034 else if (bio->type == BIO_FILE) {32410 else if (bio->type == WOLFSSL_BIO_FILE) { 24035 32411 /* Read whole file into a new buffer. */ 24036 XFSEEK(bio->file, 0, SEEK_END); 32412 if(XFSEEK(bio->file, 0, SEEK_END) != 0) 32413 goto end; 24037 32414 sz = XFTELL(bio->file); 24038 XFSEEK(bio->file, 0, SEEK_SET); 32415 if(XFSEEK(bio->file, 0, SEEK_SET) != 0) 32416 goto end; 24039 32417 if (sz <= 0L) 24040 32418 goto end; … … 24051 32429 WOLFSSL_MSG("BIO type not supported for reading DH parameters"); 24052 32430 goto end; 24053 32431 } 24054 32432 24055 32433 ret = PemToDer(mem, size, DH_PARAM_TYPE, &der, NULL, NULL, NULL); … … 24066 32444 goto end; 24067 32445 XMEMSET(localDh, 0, sizeof(WOLFSSL_DH)); 24068 32446 } 24069 32447 24070 32448 /* Load data in manually */ … … 24119 32497 #endif 24120 32498 32499 #ifdef WOLFSSL_CERT_GEN 32500 32501 #ifdef WOLFSSL_CERT_REQ 32502 /* writes the x509 from x to the WOLFSSL_BIO bp 32503 * 32504 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on fail 32505 */ 32506 int wolfSSL_PEM_write_bio_X509_REQ(WOLFSSL_BIO *bp, WOLFSSL_X509 *x) 32507 { 32508 byte* pem; 32509 int pemSz = 0; 32510 const unsigned char* der; 32511 int derSz; 32512 int ret; 32513 32514 WOLFSSL_ENTER("wolfSSL_PEM_write_bio_X509_REQ()"); 32515 32516 if (x == NULL || bp == NULL) { 32517 return WOLFSSL_FAILURE; 32518 } 32519 32520 der = wolfSSL_X509_get_der(x, &derSz); 32521 if (der == NULL) { 32522 return WOLFSSL_FAILURE; 32523 } 32524 32525 /* get PEM size */ 32526 pemSz = wc_DerToPemEx(der, derSz, NULL, 0, NULL, CERTREQ_TYPE); 32527 if (pemSz < 0) { 32528 return WOLFSSL_FAILURE; 32529 } 32530 32531 /* create PEM buffer and convert from DER */ 32532 pem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32533 if (pem == NULL) { 32534 return WOLFSSL_FAILURE; 32535 } 32536 if (wc_DerToPemEx(der, derSz, pem, pemSz, NULL, CERTREQ_TYPE) < 0) { 32537 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32538 return WOLFSSL_FAILURE; 32539 } 32540 32541 /* write the PEM to BIO */ 32542 ret = wolfSSL_BIO_write(bp, pem, pemSz); 32543 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32544 32545 if (ret <= 0) return WOLFSSL_FAILURE; 32546 return WOLFSSL_SUCCESS; 32547 } 32548 #endif /* WOLFSSL_CERT_REQ */ 32549 32550 32551 /* writes the x509 from x to the WOLFSSL_BIO bp 32552 * 32553 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on fail 32554 */ 32555 int wolfSSL_PEM_write_bio_X509_AUX(WOLFSSL_BIO *bp, WOLFSSL_X509 *x) 32556 { 32557 byte* pem; 32558 int pemSz = 0; 32559 const unsigned char* der; 32560 int derSz; 32561 int ret; 32562 32563 WOLFSSL_ENTER("wolfSSL_PEM_write_bio_X509_AUX()"); 32564 32565 if (bp == NULL || x == NULL) { 32566 WOLFSSL_MSG("NULL argument passed in"); 32567 return WOLFSSL_FAILURE; 32568 } 32569 32570 der = wolfSSL_X509_get_der(x, &derSz); 32571 if (der == NULL) { 32572 return WOLFSSL_FAILURE; 32573 } 32574 32575 /* get PEM size */ 32576 pemSz = wc_DerToPemEx(der, derSz, NULL, 0, NULL, CERT_TYPE); 32577 if (pemSz < 0) { 32578 return WOLFSSL_FAILURE; 32579 } 32580 32581 /* create PEM buffer and convert from DER */ 32582 pem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32583 if (pem == NULL) { 32584 return WOLFSSL_FAILURE; 32585 } 32586 if (wc_DerToPemEx(der, derSz, pem, pemSz, NULL, CERT_TYPE) < 0) { 32587 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32588 return WOLFSSL_FAILURE; 32589 } 32590 32591 /* write the PEM to BIO */ 32592 ret = wolfSSL_BIO_write(bp, pem, pemSz); 32593 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32594 32595 if (ret <= 0) return WOLFSSL_FAILURE; 32596 return WOLFSSL_SUCCESS; 32597 } 32598 #endif /* WOLFSSL_CERT_GEN */ 24121 32599 24122 32600 int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bio, WOLFSSL_X509 *cert) 24123 32601 { 24124 byte* certDer; 32602 byte* pem; 32603 int pemSz = 0; 32604 const unsigned char* der; 24125 32605 int derSz; 24126 int pemSz;24127 32606 int ret; 24128 32607 24129 WOLFSSL_ENTER("wolfSSL_PEM_write_bio_X509 ");32608 WOLFSSL_ENTER("wolfSSL_PEM_write_bio_X509_AUX()"); 24130 32609 24131 32610 if (bio == NULL || cert == NULL) { 32611 WOLFSSL_MSG("NULL argument passed in"); 24132 32612 return WOLFSSL_FAILURE; 24133 24134 24135 if (bio->type != BIO_MEMORY) {24136 WOLFSSL_MSG("BIO type not supported for writing X509 as PEM");32613 } 32614 32615 der = wolfSSL_X509_get_der(cert, &derSz); 32616 if (der == NULL) { 24137 32617 return WOLFSSL_FAILURE; 24138 32618 } 24139 32619 24140 certDer = cert->derCert->buffer; 24141 derSz = cert->derCert->length; 24142 24143 /* Get PEM encoded length and allocate memory for it. */ 24144 pemSz = wc_DerToPem(certDer, derSz, NULL, 0, CERT_TYPE); 32620 /* get PEM size */ 32621 pemSz = wc_DerToPemEx(der, derSz, NULL, 0, NULL, CERT_TYPE); 24145 32622 if (pemSz < 0) { 24146 WOLFSSL_LEAVE("wolfSSL_PEM_write_bio_X509", pemSz);24147 32623 return WOLFSSL_FAILURE; 24148 32624 } 24149 if (bio->mem != NULL) { 24150 XFREE(bio->mem, NULL, DYNAMIC_TYPE_OPENSSL); 24151 } 24152 bio->mem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_OPENSSL); 24153 if (bio->mem == NULL) { 32625 32626 /* create PEM buffer and convert from DER */ 32627 pem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32628 if (pem == NULL) { 24154 32629 return WOLFSSL_FAILURE; 24155 32630 } 24156 bio->memLen = pemSz; 24157 24158 ret = wc_DerToPemEx(certDer, derSz, bio->mem, bio->memLen, NULL, CERT_TYPE); 24159 if (ret < 0) { 24160 WOLFSSL_LEAVE("wolfSSL_PEM_write_bio_X509", ret); 32631 if (wc_DerToPemEx(der, derSz, pem, pemSz, NULL, CERT_TYPE) < 0) { 32632 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 24161 32633 return WOLFSSL_FAILURE; 24162 } 24163 32634 } 32635 32636 /* write the PEM to BIO */ 32637 ret = wolfSSL_BIO_write(bio, pem, pemSz); 32638 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 32639 32640 if (ret <= 0) return WOLFSSL_FAILURE; 24164 32641 return WOLFSSL_SUCCESS; 24165 32642 } … … 24194 32671 XFREE(p, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); 24195 32672 return MEMORY_E; 24196 32673 } 24197 32674 24198 32675 pSz = wolfSSL_BN_bn2bin(dh->p, p); … … 24208 32685 } 24209 32686 #endif /* OPENSSL_EXTRA && !NO_DH */ 24210 #endif /* HAVE_LIGHTY || HAVE_STUNNEL || WOLFSSL_MYSQL_COMPATIBLE || WOLFSSL_HAPROXY */ 32687 32688 32689 /* returns the enum value associated with handshake state 32690 * 32691 * ssl the WOLFSSL structure to get state of 32692 */ 32693 int wolfSSL_get_state(const WOLFSSL* ssl) 32694 { 32695 WOLFSSL_ENTER("wolfSSL_get_state"); 32696 32697 if (ssl == NULL) { 32698 WOLFSSL_MSG("Null argument passed in"); 32699 return SSL_FAILURE; 32700 } 32701 32702 return ssl->options.handShakeState; 32703 } 32704 #endif /* HAVE_LIGHTY || HAVE_STUNNEL || WOLFSSL_MYSQL_COMPATIBLE */ 32705 32706 #if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) 32707 32708 /* Returns the verifyCallback from the ssl structure if successful. 32709 Returns NULL otherwise. */ 32710 VerifyCallback wolfSSL_get_verify_callback(WOLFSSL* ssl) 32711 { 32712 WOLFSSL_ENTER("wolfSSL_get_verify_callback()"); 32713 if (ssl) { 32714 return ssl->verifyCallback; 32715 } 32716 return NULL; 32717 } 32718 32719 /* Creates a new bio pair. 32720 Returns WOLFSSL_SUCCESS if no error, WOLFSSL_FAILURE otherwise.*/ 32721 int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO **bio1_p, size_t writebuf1, 32722 WOLFSSL_BIO **bio2_p, size_t writebuf2) 32723 { 32724 WOLFSSL_BIO *bio1 = NULL, *bio2 = NULL; 32725 int ret = 1; 32726 32727 WOLFSSL_ENTER("wolfSSL_BIO_new_bio_pair()"); 32728 32729 if (bio1_p == NULL || bio2_p == NULL) { 32730 WOLFSSL_MSG("Bad Function Argument"); 32731 return BAD_FUNC_ARG; 32732 } 32733 32734 /* set up the new bio structures and write buf sizes */ 32735 if ((bio1 = wolfSSL_BIO_new(wolfSSL_BIO_s_bio())) == NULL) { 32736 WOLFSSL_MSG("Bio allocation failed"); 32737 ret = WOLFSSL_FAILURE; 32738 } 32739 if (ret) { 32740 if ((bio2 = wolfSSL_BIO_new(wolfSSL_BIO_s_bio())) == NULL) { 32741 WOLFSSL_MSG("Bio allocation failed"); 32742 ret = WOLFSSL_FAILURE; 32743 } 32744 } 32745 if (ret && writebuf1) { 32746 if (!(ret = wolfSSL_BIO_set_write_buf_size(bio1, writebuf1))) { 32747 WOLFSSL_MSG("wolfSSL_BIO_set_write_buf() failure"); 32748 } 32749 } 32750 if (ret && writebuf2) { 32751 if (!(ret = wolfSSL_BIO_set_write_buf_size(bio2, writebuf2))) { 32752 WOLFSSL_MSG("wolfSSL_BIO_set_write_buf() failure"); 32753 } 32754 } 32755 32756 if (ret) { 32757 if ((ret = wolfSSL_BIO_make_bio_pair(bio1, bio2))) { 32758 *bio1_p = bio1; 32759 *bio2_p = bio2; 32760 } 32761 } 32762 if (!ret) { 32763 wolfSSL_BIO_free(bio1); 32764 bio1 = NULL; 32765 wolfSSL_BIO_free(bio2); 32766 bio2 = NULL; 32767 } 32768 return ret; 32769 } 32770 32771 32772 #if !defined(NO_RSA) 32773 /* Converts an rsa key from a bio buffer into an internal rsa structure. 32774 Returns a pointer to the new WOLFSSL_RSA structure. */ 32775 WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO *bio, WOLFSSL_RSA **out) 32776 { 32777 const unsigned char* bioMem = NULL; 32778 int bioMemSz = 0; 32779 WOLFSSL_RSA* key = NULL; 32780 unsigned char maxKeyBuf[4096]; 32781 unsigned char* bufPtr = NULL; 32782 unsigned char* extraBioMem = NULL; 32783 int extraBioMemSz = 0; 32784 int derLength = 0; 32785 int j = 0, i = 0; 32786 32787 WOLFSSL_ENTER("wolfSSL_d2i_RSAPrivateKey_bio()"); 32788 32789 if (bio == NULL) { 32790 WOLFSSL_MSG("Bad Function Argument"); 32791 return NULL; 32792 } 32793 (void)out; 32794 32795 bioMemSz = wolfSSL_BIO_pending(bio); 32796 if (bioMemSz <= 0) { 32797 WOLFSSL_MSG("wolfSSL_BIO_pending() failure"); 32798 return NULL; 32799 } 32800 32801 bioMem = (unsigned char*)XMALLOC(bioMemSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 32802 if (bioMem == NULL) { 32803 WOLFSSL_MSG("Malloc failure"); 32804 return NULL; 32805 } 32806 32807 bufPtr = maxKeyBuf; 32808 if (wolfSSL_BIO_read(bio, (unsigned char*)bioMem, (int)bioMemSz) == bioMemSz) { 32809 const byte* bioMemPt = bioMem; /* leave bioMem pointer unaltered */ 32810 if ((key = wolfSSL_d2i_RSAPrivateKey(NULL, &bioMemPt, bioMemSz)) == NULL) { 32811 XFREE((unsigned char*)bioMem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 32812 return NULL; 32813 } 32814 32815 /* This function is used to get the total length of the rsa key. */ 32816 derLength = wolfSSL_i2d_RSAPrivateKey(key, &bufPtr); 32817 32818 /* Write extra data back into bio object if necessary. */ 32819 extraBioMemSz = (bioMemSz - derLength); 32820 if (extraBioMemSz > 0) { 32821 extraBioMem = (unsigned char *)XMALLOC(extraBioMemSz, NULL, 32822 DYNAMIC_TYPE_TMP_BUFFER); 32823 if (extraBioMem == NULL) { 32824 WOLFSSL_MSG("Malloc failure"); 32825 XFREE((unsigned char*)extraBioMem, bio->heap, 32826 DYNAMIC_TYPE_TMP_BUFFER); 32827 XFREE((unsigned char*)bioMem, bio->heap, 32828 DYNAMIC_TYPE_TMP_BUFFER); 32829 return NULL; 32830 } 32831 32832 for (i = derLength; i < bioMemSz; i++) { 32833 *(extraBioMem + j) = *(bioMem + i); 32834 j++; 32835 } 32836 32837 wolfSSL_BIO_write(bio, extraBioMem, extraBioMemSz); 32838 if (wolfSSL_BIO_pending(bio) <= 0) { 32839 WOLFSSL_MSG("Failed to write memory to bio"); 32840 XFREE((unsigned char*)extraBioMem, bio->heap, 32841 DYNAMIC_TYPE_TMP_BUFFER); 32842 XFREE((unsigned char*)bioMem, bio->heap, 32843 DYNAMIC_TYPE_TMP_BUFFER); 32844 return NULL; 32845 } 32846 XFREE((unsigned char*)extraBioMem, bio->heap, 32847 DYNAMIC_TYPE_TMP_BUFFER); 32848 } 32849 32850 if (out != NULL && key != NULL) { 32851 *out = key; 32852 } 32853 } 32854 XFREE((unsigned char*)bioMem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 32855 return key; 32856 } 32857 #endif 32858 32859 32860 /* Adds the ASN1 certificate to the user ctx. 32861 Returns WOLFSSL_SUCCESS if no error, returns WOLFSSL_FAILURE otherwise.*/ 32862 int wolfSSL_CTX_use_certificate_ASN1(WOLFSSL_CTX *ctx, int derSz, 32863 const unsigned char *der) 32864 { 32865 WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_ASN1()"); 32866 if (der != NULL && ctx != NULL) { 32867 if (wolfSSL_CTX_use_certificate_buffer(ctx, der, derSz, 32868 WOLFSSL_FILETYPE_ASN1) == WOLFSSL_SUCCESS) { 32869 return WOLFSSL_SUCCESS; 32870 } 32871 32872 } 32873 return WOLFSSL_FAILURE; 32874 } 32875 32876 32877 #if !defined(NO_RSA) && !defined(HAVE_FAST_RSA) 32878 /* Adds the rsa private key to the user ctx. 32879 Returns WOLFSSL_SUCCESS if no error, returns WOLFSSL_FAILURE otherwise.*/ 32880 int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL_RSA* rsa) 32881 { 32882 int ret; 32883 int derSize; 32884 unsigned char maxDerBuf[4096]; 32885 unsigned char* key = NULL; 32886 32887 WOLFSSL_ENTER("wolfSSL_CTX_use_RSAPrivateKey()"); 32888 32889 if (ctx == NULL || rsa == NULL) { 32890 WOLFSSL_MSG("one or more inputs were NULL"); 32891 return BAD_FUNC_ARG; 32892 } 32893 key = maxDerBuf; 32894 /* convert RSA struct to der encoded buffer and get the size */ 32895 if ((derSize = wolfSSL_i2d_RSAPrivateKey(rsa, &key)) <= 0) { 32896 WOLFSSL_MSG("wolfSSL_i2d_RSAPrivateKey() failure"); 32897 return WOLFSSL_FAILURE; 32898 } 32899 ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, (const unsigned char*)maxDerBuf, 32900 derSize, SSL_FILETYPE_ASN1); 32901 if (ret != WOLFSSL_SUCCESS) { 32902 WOLFSSL_MSG("wolfSSL_CTX_USE_PrivateKey_buffer() failure"); 32903 return WOLFSSL_FAILURE; 32904 } 32905 return ret; 32906 } 32907 #endif /* NO_RSA && !HAVE_FAST_RSA */ 32908 32909 32910 /* Converts EVP_PKEY data from a bio buffer to a WOLFSSL_EVP_PKEY structure. 32911 Returns pointer to private EVP_PKEY struct upon success, NULL if there 32912 is a failure.*/ 32913 WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO* bio, 32914 WOLFSSL_EVP_PKEY** out) 32915 { 32916 unsigned char* mem = NULL; 32917 int memSz = 0; 32918 WOLFSSL_EVP_PKEY* key = NULL; 32919 int i = 0, j = 0; 32920 unsigned char* extraBioMem = NULL; 32921 int extraBioMemSz = 0; 32922 int derLength = 0; 32923 32924 WOLFSSL_ENTER("wolfSSL_d2i_PrivateKey_bio()"); 32925 32926 if (bio == NULL) { 32927 return NULL; 32928 } 32929 (void)out; 32930 32931 memSz = wolfSSL_BIO_pending(bio); 32932 if (memSz <= 0) { 32933 WOLFSSL_MSG("wolfSSL_BIO_pending() failure"); 32934 return NULL; 32935 } 32936 32937 mem = (unsigned char*)XMALLOC(memSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 32938 if (mem == NULL) { 32939 WOLFSSL_MSG("Malloc failure"); 32940 return NULL; 32941 } 32942 32943 if (wolfSSL_BIO_read(bio, (unsigned char*)mem, memSz) == memSz) { 32944 /* Determines key type and returns the new private EVP_PKEY object */ 32945 if ((key = wolfSSL_d2i_PrivateKey_EVP(NULL, &mem, (long)memSz)) == NULL) { 32946 WOLFSSL_MSG("wolfSSL_d2i_PrivateKey_EVP() failure"); 32947 XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 32948 return NULL; 32949 } 32950 32951 /* Write extra data back into bio object if necessary. */ 32952 derLength = key->pkey_sz; 32953 extraBioMemSz = (memSz - derLength); 32954 if (extraBioMemSz > 0) { 32955 extraBioMem = (unsigned char *)XMALLOC(extraBioMemSz, NULL, 32956 DYNAMIC_TYPE_TMP_BUFFER); 32957 if (extraBioMem == NULL) { 32958 WOLFSSL_MSG("Malloc failure"); 32959 XFREE((unsigned char*)extraBioMem, bio->heap, 32960 DYNAMIC_TYPE_TMP_BUFFER); 32961 XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 32962 return NULL; 32963 } 32964 32965 for (i = derLength; i < memSz; i++) { 32966 *(extraBioMem + j) = *(mem + i); 32967 j++; 32968 } 32969 32970 wolfSSL_BIO_write(bio, extraBioMem, extraBioMemSz); 32971 if (wolfSSL_BIO_pending(bio) <= 0) { 32972 WOLFSSL_MSG("Failed to write memory to bio"); 32973 XFREE((unsigned char*)extraBioMem, bio->heap, 32974 DYNAMIC_TYPE_TMP_BUFFER); 32975 XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 32976 return NULL; 32977 } 32978 XFREE((unsigned char*)extraBioMem, bio->heap, 32979 DYNAMIC_TYPE_TMP_BUFFER); 32980 } 32981 32982 if (out != NULL && key != NULL) { 32983 *out = key; 32984 } 32985 } 32986 XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); 32987 return key; 32988 } 32989 32990 32991 /* Converts a DER encoded private key to a WOLFSSL_EVP_PKEY structure. 32992 * returns a pointer to a new WOLFSSL_EVP_PKEY structure on success and NULL 32993 * on fail */ 32994 WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** out, 32995 unsigned char** in, long inSz) 32996 { 32997 WOLFSSL_EVP_PKEY* pkey = NULL; 32998 const unsigned char* mem; 32999 long memSz = inSz; 33000 33001 WOLFSSL_ENTER("wolfSSL_d2i_PrivateKey_EVP()"); 33002 33003 if (in == NULL || *in == NULL || inSz < 0) { 33004 WOLFSSL_MSG("Bad argument"); 33005 return NULL; 33006 } 33007 mem = *in; 33008 33009 #if !defined(NO_RSA) 33010 { 33011 RsaKey rsa; 33012 word32 keyIdx = 0; 33013 33014 /* test if RSA key */ 33015 if (wc_InitRsaKey(&rsa, NULL) == 0 && 33016 wc_RsaPrivateKeyDecode(mem, &keyIdx, &rsa, (word32)memSz) == 0) { 33017 wc_FreeRsaKey(&rsa); 33018 pkey = wolfSSL_PKEY_new(); 33019 if (pkey != NULL) { 33020 pkey->pkey_sz = keyIdx; 33021 pkey->pkey.ptr = (char*)XMALLOC(memSz, NULL, 33022 DYNAMIC_TYPE_PRIVATE_KEY); 33023 if (pkey->pkey.ptr == NULL) { 33024 wolfSSL_EVP_PKEY_free(pkey); 33025 return NULL; 33026 } 33027 XMEMCPY(pkey->pkey.ptr, mem, keyIdx); 33028 pkey->type = EVP_PKEY_RSA; 33029 if (out != NULL) { 33030 *out = pkey; 33031 } 33032 33033 pkey->ownRsa = 1; 33034 pkey->rsa = wolfSSL_RSA_new(); 33035 if (pkey->rsa == NULL) { 33036 wolfSSL_EVP_PKEY_free(pkey); 33037 return NULL; 33038 } 33039 33040 if (wolfSSL_RSA_LoadDer_ex(pkey->rsa, 33041 (const unsigned char*)pkey->pkey.ptr, 33042 pkey->pkey_sz, WOLFSSL_RSA_LOAD_PRIVATE) != 1) { 33043 wolfSSL_EVP_PKEY_free(pkey); 33044 return NULL; 33045 } 33046 33047 return pkey; 33048 } 33049 } 33050 wc_FreeRsaKey(&rsa); 33051 } 33052 #endif /* NO_RSA */ 33053 33054 #ifdef HAVE_ECC 33055 { 33056 word32 keyIdx = 0; 33057 ecc_key ecc; 33058 33059 /* test if ecc key */ 33060 if (wc_ecc_init(&ecc) == 0 && 33061 wc_EccPrivateKeyDecode(mem, &keyIdx, &ecc, (word32)memSz) == 0) { 33062 wc_ecc_free(&ecc); 33063 pkey = wolfSSL_PKEY_new(); 33064 if (pkey != NULL) { 33065 pkey->pkey_sz = keyIdx; 33066 pkey->pkey.ptr = (char*)XMALLOC(keyIdx, NULL, 33067 DYNAMIC_TYPE_PRIVATE_KEY); 33068 if (pkey->pkey.ptr == NULL) { 33069 wolfSSL_EVP_PKEY_free(pkey); 33070 return NULL; 33071 } 33072 XMEMCPY(pkey->pkey.ptr, mem, keyIdx); 33073 pkey->type = EVP_PKEY_EC; 33074 if (out != NULL) { 33075 *out = pkey; 33076 } 33077 return pkey; 33078 } 33079 } 33080 wc_ecc_free(&ecc); 33081 } 33082 #endif /* HAVE_ECC */ 33083 return pkey; 33084 } 33085 #endif /* OPENSSL_ALL || WOLFSSL_ASIO */ 24211 33086 24212 33087 24213 33088 /* stunnel compatibility functions*/ 24214 #if defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX)) 24215 void WOLFSSL_ERR_remove_thread_state(void* pid) 24216 { 33089 #if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || \ 33090 defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) || \ 33091 defined(WOLFSSL_HAPROXY))) 33092 void wolfSSL_ERR_remove_thread_state(void* pid) 33093 { 24217 33094 (void) pid; 24218 33095 return; 24219 } 24220 33096 } 33097 33098 #ifndef NO_FILESYSTEM 24221 33099 /***TBD ***/ 24222 void wolfSSL_print_all_errors_fp(XFILE *fp)33100 void wolfSSL_print_all_errors_fp(XFILE fp) 24223 33101 { 24224 33102 (void)fp; 24225 } 33103 } 33104 #endif 24226 33105 24227 33106 int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION* session, int idx, void* data) … … 24233 33112 return WOLFSSL_SUCCESS; 24234 33113 } 24235 #endif 33114 #else 33115 (void)session; 33116 (void)idx; 33117 (void)data; 33118 #endif 24236 33119 return WOLFSSL_FAILURE; 24237 }33120 } 24238 33121 24239 33122 … … 24246 33129 (void)cb2; 24247 33130 (void)cb3; 24248 if (XSTRNCMP((const char*)data, "redirect index", 14) == 0) {33131 if (XSTRNCMP((const char*)data, "redirect index", 14) == 0) { 24249 33132 return 0; 24250 }24251 else if (XSTRNCMP((const char*)data, "addr index", 10) == 0) {33133 } 33134 else if (XSTRNCMP((const char*)data, "addr index", 10) == 0) { 24252 33135 return 1; 24253 }33136 } 24254 33137 return WOLFSSL_FAILURE; 24255 }33138 } 24256 33139 24257 33140 … … 24262 33145 if (session != NULL && idx < MAX_EX_DATA && idx >= 0) 24263 33146 return session->ex_data[idx]; 33147 #else 33148 (void)session; 33149 (void)idx; 24264 33150 #endif 24265 33151 return NULL; 24266 }24267 24268 33152 } 33153 33154 #ifndef NO_WOLFSSL_STUB 24269 33155 int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), 24270 33156 void *(*r) (void *, size_t, const char *, … … 24275 33161 (void) f; 24276 33162 WOLFSSL_ENTER("wolfSSL_CRYPTO_set_mem_ex_functions"); 24277 WOLFSSL_STUB(" wolfSSL_CRYPTO_set_mem_ex_functions");33163 WOLFSSL_STUB("CRYPTO_set_mem_ex_functions"); 24278 33164 24279 33165 return WOLFSSL_FAILURE; 24280 } 24281 24282 33166 } 33167 #endif 33168 33169 33170 void wolfSSL_CRYPTO_cleanup_all_ex_data(void){ 33171 WOLFSSL_ENTER("CRYPTO_cleanup_all_ex_data"); 33172 } 33173 33174 33175 #ifndef NO_WOLFSSL_STUB 24283 33176 WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator, 24284 33177 void (*callback) (int, int, void *), void *cb_arg) … … 24289 33182 (void)cb_arg; 24290 33183 WOLFSSL_ENTER("wolfSSL_DH_generate_parameters"); 24291 WOLFSSL_STUB(" wolfSSL_DH_generate_parameters");33184 WOLFSSL_STUB("DH_generate_parameters"); 24292 33185 24293 33186 return NULL; 24294 } 24295 33187 } 33188 #endif 33189 33190 #ifndef NO_WOLFSSL_STUB 24296 33191 int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH* dh, int prime_len, int generator, 24297 33192 void (*callback) (int, int, void *)) … … 24302 33197 (void)dh; 24303 33198 WOLFSSL_ENTER("wolfSSL_DH_generate_parameters_ex"); 24304 WOLFSSL_STUB(" wolfSSL_DH_generate_parameters_ex");33199 WOLFSSL_STUB("DH_generate_parameters_ex"); 24305 33200 24306 33201 return -1; 24307 }24308 33202 } 33203 #endif 24309 33204 24310 33205 void wolfSSL_ERR_load_crypto_strings(void) 24311 33206 { 24312 33207 WOLFSSL_ENTER("wolfSSL_ERR_load_crypto_strings"); 24313 WOLFSSL_ENTER("wolfSSL_ERR_load_crypto_strings");33208 /* Do nothing */ 24314 33209 return; 24315 } 24316 24317 24318 unsigned long wolfSSL_ERR_peek_last_error(void) 24319 { 24320 WOLFSSL_ENTER("wolfSSL_ERR_peek_last_error"); 24321 24322 #ifdef WOLFSSL_NGINX 24323 { 24324 int ret; 24325 24326 if ((ret = wc_PeekErrorNode(-1, NULL, NULL, NULL)) < 0) { 24327 WOLFSSL_MSG("Issue peeking at error node in queue"); 24328 return 0; 24329 } 24330 if (ret == -SSL_NO_PEM_HEADER) 24331 return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE; 24332 return (unsigned long)ret; 24333 } 24334 #else 24335 return (unsigned long)(0 - NOT_COMPILED_IN); 24336 #endif 24337 } 24338 24339 33210 } 33211 33212 #ifndef NO_WOLFSSL_STUB 24340 33213 int wolfSSL_FIPS_mode(void) 24341 33214 { 24342 33215 WOLFSSL_ENTER("wolfSSL_FIPS_mode"); 24343 WOLFSSL_STUB(" wolfSSL_FIPS_mode");33216 WOLFSSL_STUB("FIPS_mode"); 24344 33217 24345 33218 return WOLFSSL_FAILURE; 24346 } 24347 33219 } 33220 #endif 33221 33222 #ifndef NO_WOLFSSL_STUB 24348 33223 int wolfSSL_FIPS_mode_set(int r) 24349 33224 { 24350 33225 (void)r; 24351 33226 WOLFSSL_ENTER("wolfSSL_FIPS_mode_set"); 24352 WOLFSSL_STUB(" wolfSSL_FIPS_mode_set");33227 WOLFSSL_STUB("FIPS_mode_set"); 24353 33228 24354 33229 return WOLFSSL_FAILURE; 24355 33230 } 24356 24357 33231 #endif 33232 33233 #ifndef NO_WOLFSSL_STUB 24358 33234 int wolfSSL_RAND_set_rand_method(const void *meth) 24359 33235 { 24360 33236 (void) meth; 24361 33237 WOLFSSL_ENTER("wolfSSL_RAND_set_rand_method"); 24362 WOLFSSL_STUB("wolfSSL_RAND_set_rand_method"); 24363 24364 return WOLFSSL_FAILURE; 24365 } 24366 33238 WOLFSSL_STUB("RAND_set_rand_method"); 33239 33240 /* if implemented RAND_bytes and RAND_pseudo_bytes need updated 33241 * those two functions will call the respective functions from meth */ 33242 return SSL_FAILURE; 33243 } 33244 #endif 24367 33245 24368 33246 int wolfSSL_CIPHER_get_bits(const WOLFSSL_CIPHER *c, int *alg_bits) … … 24377 33255 } 24378 33256 return ret; 24379 } 24380 33257 } 24381 33258 24382 33259 int wolfSSL_sk_X509_NAME_num(const WOLF_STACK_OF(WOLFSSL_X509_NAME) *s) … … 24389 33266 } 24390 33267 24391 24392 33268 int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s) 24393 33269 { … … 24397 33273 return -1; 24398 33274 return (int)s->num; 24399 } 24400 33275 } 24401 33276 24402 33277 int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, … … 24420 33295 return WOLFSSL_FAILURE; 24421 33296 24422 return WOLFSSL_SUCCESS;24423 }24424 24425 33297 return WOLFSSL_SUCCESS; 33298 } 33299 33300 #ifndef NO_WOLFSSL_STUB 24426 33301 WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(const WOLFSSL_X509* x) 24427 33302 { 24428 33303 (void)x; 24429 33304 WOLFSSL_ENTER("wolfSSL_X509_get0_pubkey_bitstr"); 24430 WOLFSSL_STUB("wolfSSL_X509_get0_pubkey_bitstr"); 24431 24432 return NULL; 24433 } 24434 24435 33305 WOLFSSL_STUB("X509_get0_pubkey_bitstr"); 33306 33307 return NULL; 33308 } 33309 #endif 33310 33311 #ifndef NO_WOLFSSL_STUB 24436 33312 int wolfSSL_CTX_add_session(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session) 24437 33313 { … … 24439 33315 (void)session; 24440 33316 WOLFSSL_ENTER("wolfSSL_CTX_add_session"); 24441 WOLFSSL_STUB(" wolfSSL_CTX_add_session");33317 WOLFSSL_STUB("SSL_CTX_add_session"); 24442 33318 24443 33319 return WOLFSSL_SUCCESS; 24444 33320 } 24445 24446 24447 int wolfSSL_get_state(const WOLFSSL* ssl) 24448 { 24449 (void)ssl; 24450 WOLFSSL_ENTER("wolfSSL_get_state"); 24451 WOLFSSL_STUB("wolfSSL_get_state"); 24452 24453 return WOLFSSL_FAILURE; 24454 } 24455 24456 24457 void* wolfSSL_sk_X509_NAME_value(const WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, int i) 24458 { 24459 WOLFSSL_ENTER("wolfSSL_sk_X509_NAME_value"); 24460 24461 for (; sk != NULL && i > 0; i--) 24462 sk = sk->next; 24463 24464 if (i != 0 || sk == NULL) 24465 return NULL; 24466 return sk->data.name; 24467 } 24468 24469 24470 void* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)* sk, int i) 24471 { 24472 WOLFSSL_ENTER("wolfSSL_sk_X509_value"); 24473 24474 for (; sk != NULL && i > 0; i--) 24475 sk = sk->next; 24476 24477 if (i != 0 || sk == NULL) 24478 return NULL; 24479 return sk->data.x509; 24480 } 33321 #endif 24481 33322 24482 33323 24483 33324 int wolfSSL_version(WOLFSSL* ssl) 24484 {33325 { 24485 33326 WOLFSSL_ENTER("wolfSSL_version"); 24486 33327 if (ssl->version.major == SSLv3_MAJOR) { … … 24510 33351 24511 33352 24512 WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL* ssl)24513 {24514 (void)ssl;24515 WOLFSSL_ENTER("wolfSSL_get_peer_cert_chain");24516 WOLFSSL_STUB("wolfSSL_get_peer_cert_chain");24517 24518 return NULL;24519 }24520 24521 24522 WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl)24523 {24524 WOLFSSL_ENTER("wolfSSL_get_SSL_CTX");24525 return ssl->ctx;24526 }24527 24528 33353 int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME* name) 24529 33354 { … … 24532 33357 return -1; 24533 33358 return name->sz; 24534 } 24535 33359 } 24536 33360 24537 33361 #ifdef HAVE_SNI … … 24541 33365 WOLFSSL_ENTER("wolfSSL_set_tlsext_host_name"); 24542 33366 ret = wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, 24543 host_name, XSTRLEN(host_name));33367 host_name, (word16)XSTRLEN(host_name)); 24544 33368 WOLFSSL_LEAVE("wolfSSL_set_tlsext_host_name", ret); 24545 33369 return ret; … … 24552 33376 void * serverName = NULL; 24553 33377 if (ssl == NULL) 24554 33378 return NULL; 24555 33379 TLSX_SNI_GetRequest(ssl->extensions, type, &serverName); 24556 33380 return (const char *)serverName; … … 24585 33409 int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX* ctx, 24586 33410 CallbackSniRecv cb) 24587 {33411 { 24588 33412 WOLFSSL_ENTER("wolfSSL_CTX_set_tlsext_servername_callback"); 24589 33413 if (ctx) { … … 24601 33425 } 24602 33426 24603 24604 long wolfSSL_CTX_clear_options(WOLFSSL_CTX* ctx, long opt) 24605 { 24606 WOLFSSL_ENTER("SSL_CTX_clear_options"); 24607 WOLFSSL_STUB("SSL_CTX_clear_options"); 24608 (void)ctx; 24609 (void)opt; 24610 return opt; 24611 } 24612 33427 void wolfSSL_ERR_load_BIO_strings(void) { 33428 WOLFSSL_ENTER("ERR_load_BIO_strings"); 33429 /* do nothing */ 33430 } 33431 33432 #ifndef NO_WOLFSSL_STUB 24613 33433 void wolfSSL_THREADID_set_callback(void(*threadid_func)(void*)) 24614 {33434 { 24615 33435 WOLFSSL_ENTER("wolfSSL_THREADID_set_callback"); 24616 WOLFSSL_STUB(" wolfSSL_THREADID_set_callback");33436 WOLFSSL_STUB("CRYPTO_THREADID_set_callback"); 24617 33437 (void)threadid_func; 24618 33438 return; 24619 } 24620 33439 } 33440 #endif 33441 33442 #ifndef NO_WOLFSSL_STUB 24621 33443 void wolfSSL_THREADID_set_numeric(void* id, unsigned long val) 24622 33444 { 24623 33445 WOLFSSL_ENTER("wolfSSL_THREADID_set_numeric"); 24624 WOLFSSL_STUB(" wolfSSL_THREADID_set_numeric");33446 WOLFSSL_STUB("CRYPTO_THREADID_set_numeric"); 24625 33447 (void)id; 24626 33448 (void)val; 24627 33449 return; 24628 33450 } 24629 24630 33451 #endif 33452 33453 33454 #ifndef NO_WOLFSSL_STUB 24631 33455 WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs(WOLFSSL_X509_STORE_CTX* ctx, 24632 33456 WOLFSSL_X509_NAME* name) 24633 33457 { 24634 33458 WOLFSSL_ENTER("wolfSSL_X509_STORE_get1_certs"); 24635 WOLFSSL_STUB(" wolfSSL_X509_STORE_get1_certs");33459 WOLFSSL_STUB("X509_STORE_get1_certs"); 24636 33460 (void)ctx; 24637 33461 (void)name; 24638 33462 return NULL; 24639 33463 } 24640 24641 void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void f (WOLFSSL_X509*)){ 24642 (void) sk; 24643 (void) f; 24644 WOLFSSL_ENTER("wolfSSL_sk_X509_pop_free"); 24645 WOLFSSL_STUB("wolfSSL_sk_X509_pop_free"); 24646 } 24647 24648 #endif /* OPENSSL_EXTRA and HAVE_STUNNEL */ 24649 #if defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX))\ 24650 || defined(WOLFSSL_HAPROXY) 24651 33464 #endif 33465 33466 #endif /* OPENSSL_ALL || (OPENSSL_EXTRA && (HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_LIGHTY)) */ 33467 33468 33469 #if defined(OPENSSL_EXTRA) 33470 unsigned long wolfSSL_ERR_peek_last_error(void) 33471 { 33472 WOLFSSL_ENTER("wolfSSL_ERR_peek_last_error"); 33473 33474 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) 33475 { 33476 int ret; 33477 33478 if ((ret = wc_PeekErrorNode(-1, NULL, NULL, NULL)) < 0) { 33479 WOLFSSL_MSG("Issue peeking at error node in queue"); 33480 return 0; 33481 } 33482 if (ret == -ASN_NO_PEM_HEADER) 33483 return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE; 33484 return (unsigned long)ret; 33485 } 33486 #else 33487 return (unsigned long)(0 - NOT_COMPILED_IN); 33488 #endif 33489 } 33490 33491 #endif /* OPENSSL_EXTRA */ 33492 33493 WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl) 33494 { 33495 WOLFSSL_ENTER("wolfSSL_get_SSL_CTX"); 33496 return ssl->ctx; 33497 } 33498 33499 #if defined(OPENSSL_ALL) || \ 33500 (defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || \ 33501 defined(WOLFSSL_NGINX)) || defined(WOLFSSL_HAPROXY)) 24652 33502 24653 33503 const byte* wolfSSL_SESSION_get_id(WOLFSSL_SESSION* sess, unsigned int* idLen) … … 24663 33513 #endif 24664 33514 24665 #if (defined(OPENSSL_EXTRA) && defined(HAVE_STUNNEL)) \33515 #if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && defined(HAVE_STUNNEL)) \ 24666 33516 || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) 33517 24667 33518 int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx) 24668 33519 { … … 24686 33537 WOLFSSL_LEAVE("wolfSSL_CTX_get_verify_mode", mode); 24687 33538 return mode; 24688 }33539 } 24689 33540 #endif 24690 33541 … … 24736 33587 else 24737 33588 rng = &globalRNG; 24738 33589 } 24739 33590 24740 33591 if (rng) { … … 24754 33605 24755 33606 wc_curve25519_free(&key); 24756 33607 } 24757 33608 24758 33609 if (initTmpRng) … … 24806 33657 wc_curve25519_free(&privkey); 24807 33658 return ret; 24808 33659 } 24809 33660 24810 33661 /* import public key */ … … 24834 33685 return ret; 24835 33686 #endif /* WOLFSSL_KEY_GEN */ 24836 }33687 } 24837 33688 #endif /* OPENSSL_EXTRA && HAVE_CURVE25519 */ 24838 33689 … … 24911 33762 return ret; 24912 33763 #endif /* WOLFSSL_KEY_GEN */ 24913 }33764 } 24914 33765 24915 33766 /* return 1 if success, 0 if error … … 24940 33791 WOLFSSL_MSG("Bad arguments"); 24941 33792 return WOLFSSL_FAILURE; 24942 33793 } 24943 33794 24944 33795 /* import key */ … … 24964 33815 return ret; 24965 33816 #endif /* WOLFSSL_KEY_GEN */ 24966 }33817 } 24967 33818 24968 33819 /* return 1 if success, 0 if error … … 24982 33833 (void) sig; 24983 33834 (void) sigSz; 24984 return WOLFSSL_FAILURE;33835 return WOLFSSL_FAILURE; 24985 33836 #else /* WOLFSSL_KEY_GEN */ 24986 33837 ed25519_key key; … … 25057 33908 return wolfAsync_EventQueuePoll(&ctx->event_queue, NULL, 25058 33909 events, maxEvents, flags, eventCount); 25059 }33910 } 25060 33911 25061 33912 int wolfSSL_AsyncPoll(WOLFSSL* ssl, WOLF_EVENT_FLAG flags) … … 25094 33945 if (flags != NULL) { 25095 33946 *flags = 0; 25096 25097 25098 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \25099 defined(WOLFSSL_ MYSQL_COMPATIBLE)25100 33947 } 33948 33949 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ 33950 defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_MYSQL_COMPATIBLE) 33951 { 25101 33952 int ret = 0; 25102 33953 … … 25104 33955 if ((ret = wc_PeekErrorNode(-1, file, NULL, line)) < 0) { 25105 33956 WOLFSSL_MSG("Issue peeking at error node in queue"); 25106 25107 33957 return 0; 33958 } 25108 33959 ret = -ret; 25109 33960 25110 if (ret == SSL_NO_PEM_HEADER)33961 if (ret == ASN_NO_PEM_HEADER) 25111 33962 return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE; 25112 33963 if (ret != WANT_READ && ret != WANT_WRITE && … … 25116 33967 25117 33968 wc_RemoveErrorNode(-1); 25118 33969 } 25119 33970 25120 33971 return (unsigned long)ret; … … 25126 33977 #endif 25127 33978 25128 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 25129 33979 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 33980 33981 #ifndef NO_WOLFSSL_STUB 25130 33982 WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl) 25131 33983 { … … 25134 33986 return NULL; 25135 33987 } 25136 33988 #endif 33989 33990 #ifndef NO_WOLFSSL_STUB 25137 33991 void wolfSSL_OPENSSL_config(char *config_name) 25138 33992 { 25139 WOLFSSL_STUB("wolfSSL_OPENSSL_config");25140 33993 (void)config_name; 25141 } 25142 33994 WOLFSSL_STUB("OPENSSL_config"); 33995 } 33996 #endif 33997 #endif 33998 33999 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ 34000 || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) 25143 34001 int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a, void *b, void *c) 25144 34002 { … … 25156 34014 25157 34015 void *wolfSSL_X509_get_ex_data(X509 *x509, int idx) 25158 {34016 { 25159 34017 WOLFSSL_ENTER("wolfSSL_X509_get_ex_data"); 25160 34018 #ifdef HAVE_EX_DATA 25161 34019 if (x509 != NULL && idx < MAX_EX_DATA && idx >= 0) { 25162 34020 return x509->ex_data[idx]; 25163 }34021 } 25164 34022 #else 25165 34023 (void)x509; … … 25177 34035 return WOLFSSL_SUCCESS; 25178 34036 } 25179 34037 #else 25180 34038 (void)x509; 25181 34039 (void)idx; 25182 34040 (void)data; 25183 34041 #endif 25184 34042 return WOLFSSL_FAILURE; 25185 34043 } … … 25190 34048 25191 34049 if (name == NULL || type == NULL) 25192 return WOLFSSL_FAILURE; 25193 34050 return WOLFSSL_FAILURE; 34051 34052 #ifndef NO_FILESYSTEM 25194 34053 return wolfSSL_EVP_Digest((unsigned char*)name->fullName.fullName, 25195 34054 name->fullName.fullNameLen, md, len, type, NULL); 34055 #else 34056 (void)md; 34057 (void)len; 34058 return NOT_COMPILED_IN; 34059 #endif 25196 34060 } 25197 34061 … … 25234 34098 /* Don't remove session just timeout session. */ 25235 34099 s->timeout = 0; 25236 34100 } 25237 34101 25238 34102 #ifdef HAVE_EXT_CACHE … … 25247 34111 { 25248 34112 WOLFSSL_ENTER("wolfSSL_SSL_get_rbio"); 25249 (void)s;25250 34113 /* Nginx sets the buffer size if the read BIO is different to write BIO. 25251 34114 * The setting buffer size doesn't do anything so return NULL for both. 25252 34115 */ 25253 return NULL; 34116 if (s == NULL) 34117 return NULL; 34118 34119 return s->biord; 25254 34120 } 25255 34121 BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s) … … 25260 34126 * The setting buffer size doesn't do anything so return NULL for both. 25261 34127 */ 25262 return NULL; 34128 if (s == NULL) 34129 return NULL; 34130 34131 return s->biowr; 25263 34132 } 25264 34133 … … 25270 34139 return WOLFSSL_FAILURE; 25271 34140 25272 if (s->options.side == WOLFSSL_CLIENT_END) 34141 if (s->options.side == WOLFSSL_CLIENT_END) { 34142 #ifndef NO_WOLFSSL_CLIENT 25273 34143 return wolfSSL_connect(s); 34144 #else 34145 WOLFSSL_MSG("Client not compiled in"); 34146 return WOLFSSL_FAILURE; 34147 #endif 34148 } 34149 34150 #ifndef NO_WOLFSSL_SERVER 25274 34151 return wolfSSL_accept(s); 25275 } 34152 #else 34153 WOLFSSL_MSG("Server not compiled in"); 34154 return WOLFSSL_FAILURE; 34155 #endif 34156 } 25276 34157 25277 34158 int wolfSSL_SSL_in_init(WOLFSSL *s) … … 25296 34177 25297 34178 if (ssl == NULL) { 25298 25299 34179 return NULL; 34180 } 25300 34181 25301 34182 session = wolfSSL_get_session((WOLFSSL*)ssl); … … 25321 34202 (void)flags; 25322 34203 (void)peername; 34204 34205 if (flags == WOLFSSL_NO_WILDCARDS) { 34206 WOLFSSL_MSG("X509_CHECK_FLAG_NO_WILDCARDS not yet implemented"); 34207 return WOLFSSL_FAILURE; 34208 } 25323 34209 25324 34210 InitDecodedCert(&dCert, x->derCert->buffer, x->derCert->length, NULL); … … 25380 34266 wolfSSL_BIO_write(bp, "00", 2); 25381 34267 return 2; 25382 }34268 } 25383 34269 25384 34270 /* Don't do negative - just write out every byte. */ … … 25393 34279 25394 34280 25395 #if def HAVE_SESSION_TICKET34281 #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) 25396 34282 /* Expected return values from implementations of OpenSSL ticket key callback. 25397 34283 */ … … 25428 34314 int encTicketLen, int* encLen, void* ctx) 25429 34315 { 25430 byte digest[ MAX_DIGEST_SIZE];34316 byte digest[WC_MAX_DIGEST_SIZE]; 25431 34317 WOLFSSL_EVP_CIPHER_CTX evpCtx; 25432 34318 WOLFSSL_HMAC_CTX hmacCtx; … … 25448 34334 25449 34335 if (enc) 25450 34336 { 25451 34337 /* Encrypt in place. */ 25452 34338 if (!wolfSSL_EVP_CipherUpdate(&evpCtx, encTicket, &len, … … 25461 34347 25462 34348 /* HMAC the encrypted data into the parameter 'mac'. */ 25463 wolfSSL_HMAC_Update(&hmacCtx, encTicket, encTicketLen); 25464 wolfSSL_HMAC_Final(&hmacCtx, mac, &mdSz); 25465 } 34349 if (!wolfSSL_HMAC_Update(&hmacCtx, encTicket, encTicketLen)) 34350 goto end; 34351 #ifdef WOLFSSL_SHA512 34352 /* Check for SHA512, which would overrun the mac buffer */ 34353 if (hmacCtx.hmac.macType == WC_SHA512) 34354 goto end; 34355 #endif 34356 if (!wolfSSL_HMAC_Final(&hmacCtx, mac, &mdSz)) 34357 goto end; 34358 } 25466 34359 else 25467 34360 { 25468 34361 /* HMAC the encrypted data and compare it to the passed in data. */ 25469 wolfSSL_HMAC_Update(&hmacCtx, encTicket, encTicketLen); 25470 wolfSSL_HMAC_Final(&hmacCtx, digest, &mdSz); 34362 if (!wolfSSL_HMAC_Update(&hmacCtx, encTicket, encTicketLen)) 34363 goto end; 34364 if (!wolfSSL_HMAC_Final(&hmacCtx, digest, &mdSz)) 34365 goto end; 25471 34366 if (XMEMCMP(mac, digest, mdSz) != 0) 25472 34367 goto end; … … 25510 34405 #endif /* HAVE_SESSION_TICKET */ 25511 34406 34407 #endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || 34408 OPENSSL_EXTRA || HAVE_LIGHTY */ 34409 34410 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 25512 34411 #ifdef HAVE_OCSP 25513 34412 /* Not an OpenSSL API. */ … … 25533 34432 return WOLFSSL_SUCCESS; 25534 34433 } 25535 34434 #endif /* OCSP */ 34435 #endif /* OPENSSL_ALL / WOLFSSL_NGINX / WOLFSSL_HAPROXY */ 34436 34437 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ 34438 defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) 25536 34439 int wolfSSL_CTX_get_extra_chain_certs(WOLFSSL_CTX* ctx, WOLF_STACK_OF(X509)** chain) 25537 34440 { … … 25548 34451 *chain = ctx->x509Chain; 25549 34452 return WOLFSSL_SUCCESS; 25550 34453 } 25551 34454 25552 34455 /* If there are no chains then success! */ … … 25554 34457 if (ctx->certChain == NULL || ctx->certChain->length == 0) { 25555 34458 return WOLFSSL_SUCCESS; 25556 34459 } 25557 34460 25558 34461 /* Create a new stack of WOLFSSL_X509 object from chain buffer. */ … … 25576 34479 ctx->x509Chain = *chain; 25577 34480 return WOLFSSL_FAILURE; 25578 34481 } 25579 34482 idx += length; 25580 34483 … … 25587 34490 (*chain)->num++; 25588 34491 last->next = node; 25589 34492 } 25590 34493 25591 34494 last = node; … … 25603 34506 return WOLFSSL_FAILURE; 25604 34507 34508 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ 34509 || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) 25605 34510 /* Ensure stapling is on for callback to be used. */ 25606 34511 wolfSSL_CTX_EnableOCSPStapling(ctx); … … 25610 34515 25611 34516 ctx->cm->ocsp_stapling->statusCb = cb; 34517 #else 34518 (void)cb; 34519 #endif 34520 25612 34521 return WOLFSSL_SUCCESS; 25613 34522 } … … 25632 34541 *issuer = x; 25633 34542 return WOLFSSL_SUCCESS; 25634 25635 34543 } 34544 } 25636 34545 } 25637 34546 … … 25654 34563 ca = GetCA(ctx->store->cm, cert->issuerHash); 25655 34564 #endif /* NO SKID */ 25656 34565 } 25657 34566 FreeDecodedCert(cert); 25658 34567 #ifdef WOLFSSL_SMALL_STACK … … 25661 34570 25662 34571 if (ca == NULL) 25663 34572 return WOLFSSL_FAILURE; 25664 34573 25665 34574 *issuer = (WOLFSSL_X509 *)XMALLOC(sizeof(WOLFSSL_X509), 0, … … 25670 34579 /* Create an empty certificate as CA doesn't have a certificate. */ 25671 34580 XMEMSET(*issuer, 0, sizeof(WOLFSSL_X509)); 25672 /* TODO: store the full certificate and dup when required. */ 34581 (*issuer)->dynamicMemory = 1; 34582 #ifdef WOLFSSL_SIGNER_DER_CERT 34583 if (AllocDer(&(*issuer)->derCert, ca->derCert->length, ca->derCert->type, 34584 NULL) == 0) { 34585 XMEMCPY((*issuer)->derCert->buffer, ca->derCert->buffer, 34586 ca->derCert->length); 34587 } 34588 else { 34589 XFREE(*issuer, 0, DYNAMIC_TYPE_OPENSSL); 34590 return WOLFSSL_FAILURE; 34591 } 34592 #endif 25673 34593 25674 34594 /* Result is ignored when passed to wolfSSL_OCSP_cert_to_id(). */ 25675 34595 25676 34596 return WOLFSSL_SUCCESS; 25677 }34597 } 25678 34598 25679 34599 void wolfSSL_X509_email_free(WOLF_STACK_OF(WOLFSSL_STRING) *sk) … … 25687 34607 XFREE(curr, NULL, DYNAMIC_TYPE_OPENSSL); 25688 34608 } 25689 }34609 } 25690 34610 25691 34611 WOLF_STACK_OF(WOLFSSL_STRING) *wolfSSL_X509_get1_ocsp(WOLFSSL_X509 *x) 25692 34612 { 25693 WOLFSSL_STACK *list = NULL; 34613 WOLFSSL_STACK* list = NULL; 34614 char* url; 25694 34615 25695 34616 if (x->authInfoSz == 0) 25696 34617 return NULL; 25697 34618 25698 list = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK) , NULL,25699 DYNAMIC_TYPE_OPENSSL);34619 list = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK) + x->authInfoSz + 1, 34620 NULL, DYNAMIC_TYPE_OPENSSL); 25700 34621 if (list == NULL) 25701 34622 return NULL; 25702 34623 25703 list->data.string = (char*)x->authInfo; 34624 url = (char*)list; 34625 url += sizeof(WOLFSSL_STACK); 34626 XMEMCPY(url, x->authInfo, x->authInfoSz); 34627 url[x->authInfoSz] = '\0'; 34628 34629 list->data.string = url; 25704 34630 list->next = NULL; 25705 34631 … … 25726 34652 issuer->subjKeyIdSz) != 0) { 25727 34653 return X509_V_ERR_SUBJECT_ISSUER_MISMATCH; 25728 34654 } 25729 34655 } 25730 34656 … … 25735 34661 { 25736 34662 return wolfSSL_X509_d2i(NULL, x->derCert->buffer, x->derCert->length); 25737 }34663 } 25738 34664 25739 34665 char* wolfSSL_sk_WOLFSSL_STRING_value(WOLF_STACK_OF(WOLFSSL_STRING)* strings, … … 25746 34672 return strings->data.string; 25747 34673 } 25748 #endif /* HAVE_OCSP */ 25749 34674 #endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || OPENSSL_ALL */ 34675 34676 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 25750 34677 #ifdef HAVE_ALPN 25751 34678 void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, const unsigned char **data, … … 25804 34731 ctx->alpnSelectArg = arg; 25805 34732 } 25806 }34733 } 25807 34734 25808 34735 void wolfSSL_CTX_set_next_protos_advertised_cb(WOLFSSL_CTX *s, … … 25860 34787 len = idx - 1 - start; 25861 34788 if (len > MAX_CURVE_NAME_SZ - 1) 25862 34789 return WOLFSSL_FAILURE; 25863 34790 25864 34791 XMEMCPY(name, names + start, len); … … 25869 34796 (XSTRNCMP(name, "P-256", len) == 0)) { 25870 34797 curve = WOLFSSL_ECC_SECP256R1; 25871 34798 } 25872 34799 else if ((XSTRNCMP(name, "secp384r1", len) == 0) || 25873 34800 (XSTRNCMP(name, "P-384", len) == 0)) { 25874 34801 curve = WOLFSSL_ECC_SECP384R1; 25875 34802 } 25876 34803 else if ((XSTRNCMP(name, "secp521r1", len) == 0) || 25877 34804 (XSTRNCMP(name, "P-521", len) == 0)) { 25878 34805 curve = WOLFSSL_ECC_SECP521R1; 25879 34806 } 25880 34807 else if (XSTRNCMP(name, "X25519", len) == 0) 25881 34808 curve = WOLFSSL_ECC_X25519; … … 25886 34813 ctx->disabledCurves &= ~(1 << curve); 25887 34814 start = idx + 1; 25888 25889 25890 return WOLFSSL_SUCCESS;25891 }34815 } 34816 34817 return WOLFSSL_SUCCESS; 34818 } 25892 34819 #endif 25893 34820 25894 34821 #ifdef OPENSSL_EXTRA 34822 #ifndef NO_WOLFSSL_STUB 25895 34823 int wolfSSL_CTX_set_msg_callback(WOLFSSL_CTX *ctx, SSL_Msg_Cb cb) 25896 34824 { … … 25900 34828 return WOLFSSL_FAILURE; 25901 34829 } 34830 #endif 34831 34832 34833 /* Sets a callback for when sending and receiving protocol messages. 34834 * 34835 * ssl WOLFSSL structure to set callback in 34836 * cb callback to use 34837 * 34838 * return SSL_SUCCESS on success and SSL_FAILURE with error case 34839 */ 25902 34840 int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb) 25903 34841 { 25904 WOLFSSL_STUB("SSL_set_msg_callback"); 25905 (void)ssl; 25906 (void)cb; 25907 return WOLFSSL_FAILURE; 25908 } 34842 WOLFSSL_ENTER("wolfSSL_set_msg_callback"); 34843 34844 if (ssl == NULL) { 34845 return SSL_FAILURE; 34846 } 34847 34848 if (cb != NULL) { 34849 ssl->toInfoOn = 1; 34850 } 34851 34852 ssl->protoMsgCb = cb; 34853 return SSL_SUCCESS; 34854 } 34855 #ifndef NO_WOLFSSL_STUB 25909 34856 int wolfSSL_CTX_set_msg_callback_arg(WOLFSSL_CTX *ctx, void* arg) 25910 34857 { … … 25913 34860 (void)arg; 25914 34861 return WOLFSSL_FAILURE; 25915 } 34862 } 34863 #endif 34864 25916 34865 int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg) 25917 34866 { 25918 WOLFSSL_STUB("SSL_set_msg_callback_arg"); 25919 (void)ssl; 25920 (void)arg; 34867 WOLFSSL_ENTER("wolfSSL_set_msg_callback_arg"); 34868 if (ssl == NULL) 34869 return WOLFSSL_FAILURE; 34870 34871 ssl->protoMsgCtx = arg; 34872 return WOLFSSL_SUCCESS; 34873 } 34874 34875 void *wolfSSL_OPENSSL_memdup(const void *data, size_t siz, const char* file, int line) 34876 { 34877 void *ret; 34878 (void)file; 34879 (void)line; 34880 34881 if (data == NULL || siz >= INT_MAX) 34882 return NULL; 34883 34884 ret = OPENSSL_malloc(siz); 34885 if (ret == NULL) { 34886 return NULL; 34887 } 34888 return XMEMCPY(ret, data, siz); 34889 } 34890 34891 int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p, 34892 unsigned int p_len) 34893 { 34894 WOLFSSL_ENTER("wolfSSL_CTX_set_alpn_protos"); 34895 if(ctx == NULL) 34896 return BAD_FUNC_ARG; 34897 if((void *)ctx->alpn_cli_protos != NULL) 34898 wolfSSL_OPENSSL_free((void *)ctx->alpn_cli_protos); 34899 ctx->alpn_cli_protos = 34900 (const unsigned char *)wolfSSL_OPENSSL_memdup(p, p_len, NULL, 0); 34901 if (ctx->alpn_cli_protos == NULL) { 34902 return SSL_FAILURE; 34903 } 34904 ctx->alpn_cli_protos_len = p_len; 34905 34906 return SSL_SUCCESS; 34907 } 34908 34909 #endif 34910 34911 #endif /* WOLFCRYPT_ONLY */ 34912 34913 #if defined(OPENSSL_EXTRA) 34914 int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509) 34915 { 34916 WOLFSSL_ENTER("X509_check_ca"); 34917 34918 if (x509 == NULL) 34919 return WOLFSSL_FAILURE; 34920 if (x509->isCa) 34921 return 1; 34922 if (x509->extKeyUsageCrit) 34923 return 4; 34924 34925 return 0; 34926 } 34927 34928 34929 const char *wolfSSL_ASN1_tag2str(int tag) 34930 { 34931 static const char *const tag_label[31] = { 34932 "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", "NULL", 34933 "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", "ENUMERATED", 34934 "<ASN1 11>", "UTF8STRING", "<ASN1 13>", "<ASN1 14>", "<ASN1 15>", 34935 "SEQUENCE", "SET", "NUMERICSTRING", "PRINTABLESTRING", "T61STRING", 34936 "VIDEOTEXTSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME", 34937 "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING", "UNIVERSALSTRING", 34938 "<ASN1 29>", "BMPSTRING" 34939 }; 34940 34941 if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED)) 34942 tag &= ~0x100; 34943 if (tag < 0 || tag > 30) 34944 return "(unknown)"; 34945 return tag_label[tag]; 34946 } 34947 34948 static int check_esc_char(char c, char *esc) 34949 { 34950 char *ptr = NULL; 34951 34952 ptr = esc; 34953 while(*ptr != 0){ 34954 if (c == *ptr) 34955 return 1; 34956 ptr++; 34957 } 34958 return 0; 34959 } 34960 34961 int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, 34962 unsigned long flags) 34963 { 34964 size_t str_len = 0, type_len = 0; 34965 unsigned char *typebuf = NULL; 34966 const char *hash="#"; 34967 34968 WOLFSSL_ENTER("wolfSSL_ASN1_STRING_PRINT_ex"); 34969 if (out == NULL || str == NULL) 34970 return WOLFSSL_FAILURE; 34971 34972 /* add ASN1 type tag */ 34973 if (flags & ASN1_STRFLGS_SHOW_TYPE){ 34974 const char *tag = wolfSSL_ASN1_tag2str(str->type); 34975 /* colon len + tag len + null*/ 34976 type_len = XSTRLEN(tag) + 2; 34977 typebuf = (unsigned char *)XMALLOC(type_len , NULL, DYNAMIC_TYPE_TMP_BUFFER); 34978 if (typebuf == NULL){ 34979 WOLFSSL_MSG("memory alloc failed."); 34980 return WOLFSSL_FAILURE; 34981 } 34982 XMEMSET(typebuf, 0, type_len); 34983 XSNPRINTF((char*)typebuf, (size_t)type_len , "%s:", tag); 34984 type_len--; 34985 } 34986 34987 /* dump hex */ 34988 if (flags & ASN1_STRFLGS_DUMP_ALL){ 34989 static const char hex_char[] = { '0', '1', '2', '3', '4', '5', '6', 34990 '7','8', '9', 'A', 'B', 'C', 'D', 34991 'E', 'F' }; 34992 char hex_tmp[4]; 34993 char *str_ptr, *str_end; 34994 34995 if (type_len > 0){ 34996 if (wolfSSL_BIO_write(out, typebuf, (int)type_len) != (int)type_len){ 34997 XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 34998 return WOLFSSL_FAILURE; 34999 } 35000 str_len += type_len; 35001 } 35002 if (wolfSSL_BIO_write(out, hash, 1) != 1){ 35003 goto err_exit; 35004 } 35005 str_len++; 35006 if (flags & ASN1_STRFLGS_DUMP_DER){ 35007 hex_tmp[0] = hex_char[str->type >> 4]; 35008 hex_tmp[1] = hex_char[str->type & 0xf]; 35009 hex_tmp[2] = hex_char[str->length >> 4]; 35010 hex_tmp[3] = hex_char[str->length & 0xf]; 35011 if (wolfSSL_BIO_write(out, hex_tmp, 4) != 4){ 35012 goto err_exit; 35013 } 35014 str_len += 4; 35015 XMEMSET(hex_tmp, 0, 4); 35016 } 35017 35018 str_ptr = str->data; 35019 str_end = str->data + str->length; 35020 while (str_ptr < str_end){ 35021 hex_tmp[0] = hex_char[*str_ptr >> 4]; 35022 hex_tmp[1] = hex_char[*str_ptr & 0xf]; 35023 if (wolfSSL_BIO_write(out, hex_tmp, 2) != 2){ 35024 goto err_exit; 35025 } 35026 str_ptr++; 35027 str_len += 2; 35028 } 35029 if (type_len > 0) 35030 XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 35031 35032 return (int)str_len; 35033 } 35034 35035 if (type_len > 0){ 35036 if (wolfSSL_BIO_write(out, typebuf, (int)type_len) != (int)type_len){ 35037 XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 35038 return WOLFSSL_FAILURE; 35039 } 35040 str_len += type_len; 35041 } 35042 35043 if (flags & ASN1_STRFLGS_ESC_2253){ 35044 char esc_ch[] = "+;<>\\"; 35045 char* esc_ptr = NULL; 35046 35047 esc_ptr = str->data; 35048 while (*esc_ptr != 0){ 35049 if (check_esc_char(*esc_ptr, esc_ch)){ 35050 if (wolfSSL_BIO_write(out,"\\", 1) != 1) 35051 goto err_exit; 35052 str_len++; 35053 } 35054 if (wolfSSL_BIO_write(out, esc_ptr, 1) != 1) 35055 goto err_exit; 35056 str_len++; 35057 esc_ptr++; 35058 } 35059 if (type_len > 0) 35060 XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 35061 return (int)str_len; 35062 } 35063 35064 if (wolfSSL_BIO_write(out, str->data, str->length) != str->length){ 35065 goto err_exit; 35066 } 35067 str_len += str->length; 35068 if (type_len > 0) 35069 XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 35070 35071 return (int)str_len; 35072 35073 err_exit: 35074 if (type_len > 0) 35075 XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); 25921 35076 return WOLFSSL_FAILURE; 25922 } 25923 #endif 25924 25925 25926 #endif /* WOLFCRYPT_ONLY */ 35077 } 35078 35079 #ifndef NO_ASN_TIME 35080 int wolfSSL_ASN1_TIME_get_length(WOLFSSL_ASN1_TIME *t) 35081 { 35082 WOLFSSL_ENTER("wolfSSL_ASN1_TIME_get_length"); 35083 if (t == NULL) 35084 return WOLFSSL_FAILURE; 35085 35086 return (int)t->data[1]; 35087 } 35088 35089 unsigned char* wolfSSL_ASN1_TIME_get_data(WOLFSSL_ASN1_TIME *t) 35090 { 35091 unsigned char *dptr = NULL; 35092 35093 WOLFSSL_ENTER("wolfSSL_ASN1_TIME_get_data"); 35094 if (t == NULL) 35095 return NULL; 35096 35097 dptr = t->data + 2; 35098 return dptr; 35099 } 35100 35101 WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, 35102 WOLFSSL_ASN1_TIME **out) 35103 { 35104 unsigned char time_type; 35105 WOLFSSL_ASN1_TIME *ret = NULL; 35106 unsigned char *data_ptr = NULL; 35107 35108 WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_generalizedtime"); 35109 if (t == NULL) 35110 return NULL; 35111 35112 time_type = t->data[0]; 35113 if (time_type != ASN_UTC_TIME && time_type != ASN_GENERALIZED_TIME){ 35114 WOLFSSL_MSG("Invalid ASN_TIME type."); 35115 return NULL; 35116 } 35117 if (out == NULL || *out == NULL){ 35118 ret = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, 35119 DYNAMIC_TYPE_TMP_BUFFER); 35120 if (ret == NULL){ 35121 WOLFSSL_MSG("memory alloc failed."); 35122 return NULL; 35123 } 35124 XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TIME)); 35125 } else 35126 ret = *out; 35127 35128 if (time_type == ASN_GENERALIZED_TIME){ 35129 XMEMCPY(ret->data, t->data, ASN_GENERALIZED_TIME_SIZE); 35130 return ret; 35131 } else if (time_type == ASN_UTC_TIME){ 35132 ret->data[0] = ASN_GENERALIZED_TIME; 35133 ret->data[1] = ASN_GENERALIZED_TIME_SIZE; 35134 data_ptr = ret->data + 2; 35135 if (t->data[2] >= '5') 35136 XSNPRINTF((char*)data_ptr, ASN_UTC_TIME_SIZE + 2, "19%s", t->data + 2); 35137 else 35138 XSNPRINTF((char*)data_ptr, ASN_UTC_TIME_SIZE + 2, "20%s", t->data + 2); 35139 35140 return ret; 35141 } 35142 35143 WOLFSSL_MSG("Invalid ASN_TIME value"); 35144 return NULL; 35145 } 35146 #endif /* !NO_ASN_TIME */ 35147 35148 35149 #ifndef NO_ASN 35150 int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp) 35151 { 35152 unsigned char *pptr = NULL; 35153 char pad = 0 ; 35154 unsigned char pad_val = 0; 35155 int ret_size = 0; 35156 unsigned char data1 = 0; 35157 unsigned char neg = 0; 35158 int i = 0; 35159 35160 WOLFSSL_ENTER("wolfSSL_i2c_ASN1_INTEGER"); 35161 if (a == NULL) 35162 return WOLFSSL_FAILURE; 35163 35164 ret_size = a->intData[1]; 35165 if (ret_size == 0) 35166 ret_size = 1; 35167 else{ 35168 ret_size = (int)a->intData[1]; 35169 neg = a->negative; 35170 data1 = a->intData[2]; 35171 if (ret_size == 1 && data1 == 0) 35172 neg = 0; 35173 /* 0x80 or greater positive number in first byte */ 35174 if (!neg && (data1 > 127)){ 35175 pad = 1; 35176 pad_val = 0; 35177 } else if (neg){ 35178 /* negative number */ 35179 if (data1 > 128){ 35180 pad = 1; 35181 pad_val = 0xff; 35182 } else if (data1 == 128){ 35183 for (i = 3; i < a->intData[1] + 2; i++){ 35184 if (a->intData[i]){ 35185 pad = 1; 35186 pad_val = 0xff; 35187 break; 35188 } 35189 } 35190 } 35191 } 35192 ret_size += (int)pad; 35193 } 35194 if (pp == NULL) 35195 return ret_size; 35196 35197 pptr = *pp; 35198 if (pad) 35199 *(pptr++) = pad_val; 35200 if (a->intData[1] == 0) 35201 *(pptr++) = 0; 35202 else if (!neg){ 35203 /* positive number */ 35204 for (i=0; i < a->intData[1]; i++){ 35205 *pptr = a->intData[i+2]; 35206 pptr++; 35207 } 35208 } else { 35209 /* negative number */ 35210 int str_len = 0; 35211 35212 /* 0 padding from end of buffer */ 35213 str_len = (int)a->intData[1]; 35214 pptr += a->intData[1] - 1; 35215 while (!a->intData[str_len + 2] && str_len > 1){ 35216 *(pptr--) = 0; 35217 str_len--; 35218 } 35219 /* 2's complement next octet */ 35220 *(pptr--) = ((a->intData[str_len + 1]) ^ 0xff) + 1; 35221 str_len--; 35222 /* Complement any octets left */ 35223 while (str_len > 0){ 35224 *(pptr--) = a->intData[str_len + 1] ^ 0xff; 35225 str_len--; 35226 } 35227 } 35228 *pp += ret_size; 35229 return ret_size; 35230 } 35231 #endif /* !NO_ASN */ 35232 35233 #ifndef NO_CERTS 35234 int wolfSSL_X509_CA_num(WOLFSSL_X509_STORE* store) 35235 { 35236 int i = 0; 35237 int cnt_ret = 0; 35238 Signer **table; 35239 35240 WOLFSSL_ENTER("wolfSSL_X509_CA_num"); 35241 if (store == NULL || store->cm == NULL){ 35242 WOLFSSL_MSG("invalid parameter"); 35243 return WOLFSSL_FAILURE; 35244 } 35245 35246 table = store->cm->caTable; 35247 if (table){ 35248 if (wc_LockMutex(&store->cm->caLock) == 0){ 35249 for (i = 0; i < CA_TABLE_SIZE; i++) { 35250 Signer* signer = table[i]; 35251 while (signer) { 35252 Signer* next = signer->next; 35253 cnt_ret++; 35254 signer = next; 35255 } 35256 } 35257 wc_UnLockMutex(&store->cm->caLock); 35258 } 35259 } 35260 35261 return cnt_ret; 35262 } 35263 #endif /* !NO_CERTS */ 35264 35265 long wolfSSL_X509_get_version(const WOLFSSL_X509 *x509) 35266 { 35267 int version = 0; 35268 35269 WOLFSSL_ENTER("wolfSSL_X509_get_version"); 35270 35271 if (x509 == NULL){ 35272 WOLFSSL_MSG("invalid parameter"); 35273 return 0L; 35274 } 35275 version = x509->version; 35276 if (version != 0) 35277 return (long)version - 1L; 35278 35279 return 0L; 35280 } 35281 35282 int wolfSSL_X509_get_signature_nid(const WOLFSSL_X509 *x) 35283 { 35284 if (x == NULL) 35285 return 0; 35286 35287 return oid2nid(x->sigOID, oidSigType); 35288 } 35289 #endif /* OPENSSL_EXTRA */ 35290 35291 #if defined(OPENSSL_ALL) 35292 int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key) 35293 { 35294 if (pkey == NULL || key == NULL) 35295 return WOLFSSL_FAILURE; 35296 35297 pkey->type = EVP_PKEY_RSA; 35298 pkey->rsa = key; 35299 pkey->ownRsa = 1; 35300 35301 return WOLFSSL_SUCCESS; 35302 } 35303 35304 int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key) 35305 { 35306 if (pkey == NULL || key == NULL) 35307 return WOLFSSL_FAILURE; 35308 35309 pkey->type = EVP_PKEY_EC; 35310 pkey->ecc = key; 35311 pkey->ownEcc = 1; 35312 35313 return WOLFSSL_SUCCESS; 35314 } 35315 #endif 35316 35317 #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) 35318 PKCS7* wolfSSL_PKCS7_new(void) 35319 { 35320 WOLFSSL_PKCS7* pkcs7; 35321 int ret = 0; 35322 35323 pkcs7 = (WOLFSSL_PKCS7*)XMALLOC(sizeof(*pkcs7), NULL, DYNAMIC_TYPE_PKCS7); 35324 if (pkcs7 != NULL) { 35325 XMEMSET(pkcs7, 0, sizeof(*pkcs7)); 35326 ret = wc_PKCS7_Init(&pkcs7->pkcs7, NULL, INVALID_DEVID); 35327 } 35328 35329 if (ret != 0 && pkcs7 != NULL) 35330 XFREE(pkcs7, NULL, DYNAMIC_TYPE_PKCS7); 35331 35332 return (PKCS7*)pkcs7; 35333 } 35334 35335 void wolfSSL_PKCS7_free(PKCS7* pkcs7) 35336 { 35337 WOLFSSL_PKCS7* p7 = (WOLFSSL_PKCS7*)pkcs7; 35338 35339 if (p7 != NULL) { 35340 if (p7->data != NULL) 35341 XFREE(p7->data, NULL, DYNAMIC_TYPE_PKCS7); 35342 wc_PKCS7_Free(&p7->pkcs7); 35343 XFREE(p7, NULL, DYNAMIC_TYPE_PKCS7); 35344 } 35345 } 35346 35347 PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in, int len) 35348 { 35349 WOLFSSL_PKCS7* pkcs7 = NULL; 35350 word32 idx = 0; 35351 35352 if (in == NULL) 35353 return NULL; 35354 35355 if ((pkcs7 = (WOLFSSL_PKCS7*)wolfSSL_PKCS7_new()) == NULL) 35356 return NULL; 35357 35358 if (GetSequence(*in, &idx, &pkcs7->len, len) < 0) { 35359 wolfSSL_PKCS7_free((PKCS7*)pkcs7); 35360 return NULL; 35361 } 35362 pkcs7->len += idx; 35363 35364 pkcs7->data = (byte*)XMALLOC(pkcs7->len, NULL, DYNAMIC_TYPE_PKCS7); 35365 if (pkcs7->data == NULL) { 35366 wolfSSL_PKCS7_free((PKCS7*)pkcs7); 35367 return NULL; 35368 } 35369 XMEMCPY(pkcs7->data, *in, pkcs7->len); 35370 *in += pkcs7->len; 35371 35372 if (p7 != NULL) 35373 *p7 = (PKCS7*)pkcs7; 35374 return (PKCS7*)pkcs7; 35375 } 35376 35377 PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7) 35378 { 35379 WOLFSSL_PKCS7* pkcs7; 35380 35381 if (bio == NULL) 35382 return NULL; 35383 35384 if ((pkcs7 = (WOLFSSL_PKCS7*)wolfSSL_PKCS7_new()) == NULL) 35385 return NULL; 35386 35387 pkcs7->len = wolfSSL_BIO_pending(bio); 35388 pkcs7->data = (byte*)XMALLOC(pkcs7->len, NULL, DYNAMIC_TYPE_PKCS7); 35389 if (pkcs7->data == NULL) { 35390 wolfSSL_PKCS7_free((PKCS7*)pkcs7); 35391 return NULL; 35392 } 35393 35394 if (wolfSSL_BIO_read(bio, pkcs7->data, pkcs7->len) != pkcs7->len) { 35395 wolfSSL_PKCS7_free((PKCS7*)pkcs7); 35396 return NULL; 35397 } 35398 35399 if (p7 != NULL) 35400 *p7 = (PKCS7*)pkcs7; 35401 return (PKCS7*)pkcs7; 35402 } 35403 35404 int wolfSSL_PKCS7_verify(PKCS7* pkcs7, WOLFSSL_STACK* certs, 35405 WOLFSSL_X509_STORE* store, WOLFSSL_BIO* in, 35406 WOLFSSL_BIO* out, int flags) 35407 { 35408 int ret = 0; 35409 unsigned char* mem = NULL; 35410 int memSz = 0; 35411 WOLFSSL_PKCS7* p7 = (WOLFSSL_PKCS7*)pkcs7; 35412 35413 if (pkcs7 == NULL) 35414 return WOLFSSL_FAILURE; 35415 35416 if (in != NULL) { 35417 if ((memSz = wolfSSL_BIO_get_mem_data(in, &mem)) < 0) 35418 return WOLFSSL_FAILURE; 35419 35420 p7->pkcs7.content = mem; 35421 p7->pkcs7.contentSz = memSz; 35422 } 35423 if (ret != 0) 35424 return WOLFSSL_FAILURE; 35425 35426 /* certs is the list of certificates to find the cert with issuer/serial. */ 35427 (void)certs; 35428 /* store is the certificate store to use to verify signer certificate 35429 * associated with the signers. 35430 */ 35431 (void)store; 35432 35433 ret = wc_PKCS7_VerifySignedData_ex(&p7->pkcs7, NULL, 0, p7->data, p7->len, 35434 NULL, 0); 35435 if (ret != 0) 35436 return WOLFSSL_FAILURE; 35437 35438 if ((flags & PKCS7_NOVERIFY) != PKCS7_NOVERIFY) { 35439 /* All signer certificates are verified. */ 35440 return WOLFSSL_FAILURE; 35441 } 35442 35443 if (out != NULL) 35444 wolfSSL_BIO_write(out, p7->pkcs7.content, p7->pkcs7.contentSz); 35445 35446 return WOLFSSL_SUCCESS; 35447 } 35448 35449 WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* pkcs7, WOLFSSL_STACK* certs, 35450 int flags) 35451 { 35452 WOLFSSL_STACK* signers = NULL; 35453 WOLFSSL_PKCS7* p7 = (WOLFSSL_PKCS7*)pkcs7; 35454 35455 if (p7 == NULL) 35456 return NULL; 35457 /* Only PKCS#7 messages with a single cert that is the verifying certificate 35458 * is supported. 35459 */ 35460 if ((flags | PKCS7_NOINTERN) == PKCS7_NOINTERN) 35461 return NULL; 35462 35463 signers = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK), NULL, 35464 DYNAMIC_TYPE_X509); 35465 if (signers == NULL) 35466 return NULL; 35467 35468 signers->num = 1; 35469 signers->data.x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL, 35470 DYNAMIC_TYPE_X509); 35471 if (signers->data.x509 == NULL) { 35472 XFREE(signers, NULL, DYNAMIC_TYPE_X509); 35473 return NULL; 35474 } 35475 35476 if (DecodeToX509(signers->data.x509, p7->pkcs7.singleCert, 35477 p7->pkcs7.singleCertSz) != 0) { 35478 XFREE(signers->data.x509, NULL, DYNAMIC_TYPE_X509); 35479 XFREE(signers, NULL, DYNAMIC_TYPE_X509); 35480 return NULL; 35481 } 35482 35483 (void)certs; 35484 35485 return signers; 35486 } 35487 #endif 35488 35489 #ifdef OPENSSL_ALL 35490 WOLFSSL_STACK* wolfSSL_sk_X509_new(void) 35491 { 35492 WOLFSSL_STACK* s = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK), NULL, 35493 DYNAMIC_TYPE_X509); 35494 if (s != NULL) 35495 XMEMSET(s, 0, sizeof(*s)); 35496 35497 return s; 35498 } 35499 #endif 35500 35501 #ifdef OPENSSL_ALL 35502 int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio, 35503 WOLFSSL_EVP_PKEY* pkey, 35504 const WOLFSSL_EVP_CIPHER* enc, 35505 char* passwd, int passwdSz, 35506 pem_password_cb* cb, void* ctx) 35507 { 35508 int ret = 0; 35509 char password[NAME_SZ]; 35510 byte* key = NULL; 35511 word32 keySz; 35512 byte* pem = NULL; 35513 int pemSz; 35514 int type = PKCS8_PRIVATEKEY_TYPE; 35515 int algId; 35516 const byte* curveOid; 35517 word32 oidSz; 35518 int encAlgId; 35519 35520 if (bio == NULL || pkey == NULL) 35521 return -1; 35522 35523 keySz = pkey->pkey_sz + 128; 35524 key = (byte*)XMALLOC(keySz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 35525 if (key == NULL) 35526 ret = MEMORY_E; 35527 35528 if (ret == 0 && enc != NULL && passwd == NULL) { 35529 passwdSz = cb(password, sizeof(password), 1, ctx); 35530 if (passwdSz < 0) 35531 ret = WOLFSSL_FAILURE; 35532 passwd = password; 35533 } 35534 35535 if (ret == 0 && enc != NULL) { 35536 WC_RNG rng; 35537 ret = wc_InitRng(&rng); 35538 if (ret == 0) { 35539 #ifndef NO_DES3 35540 if (enc == EVP_DES_CBC) 35541 encAlgId = DESb; 35542 else if (enc == EVP_DES_EDE3_CBC) 35543 encAlgId = DES3b; 35544 else 35545 #endif 35546 #if !defined(NO_AES) && defined(HAVE_AES_CBC) 35547 #ifdef WOLFSSL_AES_256 35548 if (enc == EVP_AES_256_CBC) 35549 encAlgId = AES256CBCb; 35550 else 35551 #endif 35552 #endif 35553 ret = -1; 35554 if (ret == 0) { 35555 ret = TraditionalEnc((byte*)pkey->pkey.ptr, pkey->pkey_sz, key, 35556 &keySz, passwd, passwdSz, PKCS5, PBES2, 35557 encAlgId, NULL, 0, WC_PKCS12_ITT_DEFAULT, 35558 &rng, NULL); 35559 if (ret > 0) { 35560 keySz = ret; 35561 ret = 0; 35562 } 35563 } 35564 wc_FreeRng(&rng); 35565 } 35566 type = PKCS8_ENC_PRIVATEKEY_TYPE; 35567 } 35568 if (ret == 0 && enc == NULL) { 35569 type = PKCS8_PRIVATEKEY_TYPE; 35570 if (pkey->type == EVP_PKEY_EC) { 35571 algId = ECDSAk; 35572 ret = wc_ecc_get_oid(pkey->ecc->group->curve_oid, &curveOid, 35573 &oidSz); 35574 } 35575 else { 35576 algId = RSAk; 35577 curveOid = NULL; 35578 oidSz = 0; 35579 } 35580 35581 if (ret >= 0) { 35582 ret = wc_CreatePKCS8Key(key, &keySz, (byte*)pkey->pkey.ptr, 35583 pkey->pkey_sz, algId, curveOid, oidSz); 35584 keySz = ret; 35585 } 35586 } 35587 35588 if (password == passwd) 35589 XMEMSET(password, 0, passwdSz); 35590 35591 if (ret >= 0) { 35592 pemSz = 2 * keySz + 2 * 64; 35593 pem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 35594 if (pem == NULL) 35595 ret = MEMORY_E; 35596 } 35597 35598 if (ret >= 0) 35599 ret = wc_DerToPemEx(key, keySz, pem, pemSz, NULL, type); 35600 35601 if (key != NULL) 35602 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); 35603 35604 if (ret >= 0) { 35605 if (wolfSSL_BIO_write(bio, pem, ret) != ret) 35606 ret = -1; 35607 } 35608 35609 if (pem != NULL) 35610 XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); 35611 35612 return ret < 0 ? 0 : ret; 35613 35614 } 35615 35616 static int bio_get_data(WOLFSSL_BIO* bio, byte** data) 35617 { 35618 int ret = 0; 35619 byte* mem = NULL; 35620 #ifndef NO_FILESYSTEM 35621 long memSz; 35622 XFILE file; 35623 long curr; 35624 #endif 35625 35626 if ((ret = wolfSSL_BIO_pending(bio)) > 0) { 35627 } 35628 #ifndef NO_FILESYSTEM 35629 else if (bio->type == WOLFSSL_BIO_FILE) { 35630 if (wolfSSL_BIO_get_fp(bio, &file) != WOLFSSL_SUCCESS) 35631 ret = BAD_FUNC_ARG; 35632 if (ret == 0) { 35633 curr = XFTELL(file); 35634 if (XFSEEK(file, 0, XSEEK_END) != 0) 35635 ret = WOLFSSL_BAD_FILE; 35636 } 35637 if (ret == 0) { 35638 memSz = XFTELL(file) - curr; 35639 ret = (int)memSz; 35640 if (XFSEEK(file, curr, SEEK_SET) != 0) 35641 ret = WOLFSSL_BAD_FILE; 35642 } 35643 } 35644 #endif 35645 35646 if (ret > 0) { 35647 mem = (byte*)XMALLOC(ret, bio->heap, DYNAMIC_TYPE_OPENSSL); 35648 if (mem == NULL) { 35649 WOLFSSL_MSG("Memory error"); 35650 ret = MEMORY_E; 35651 } 35652 if (ret >= 0) { 35653 if ((ret = wolfSSL_BIO_read(bio, mem, ret)) <= 0) { 35654 XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); 35655 ret = MEMORY_E; 35656 } 35657 } 35658 } 35659 35660 *data = mem; 35661 return ret; 35662 } 35663 35664 /* DER data is PKCS#8 encrypted. */ 35665 WOLFSSL_EVP_PKEY* wolfSSL_d2i_PKCS8PrivateKey_bio(WOLFSSL_BIO* bio, 35666 WOLFSSL_EVP_PKEY** pkey, 35667 pem_password_cb* cb, 35668 void* ctx) 35669 { 35670 int ret; 35671 byte* der; 35672 int len; 35673 byte* p; 35674 char password[NAME_SZ]; 35675 int passwordSz; 35676 word32 algId; 35677 WOLFSSL_EVP_PKEY* key; 35678 35679 if ((len = bio_get_data(bio, &der)) < 0) 35680 return NULL; 35681 35682 if (cb != NULL) { 35683 passwordSz = cb(password, sizeof(password), PEM_PASS_READ, ctx); 35684 if (passwordSz < 0) 35685 return NULL; 35686 35687 ret = ToTraditionalEnc(der, len, password, passwordSz, &algId); 35688 if (ret < 0) 35689 return NULL; 35690 XMEMSET(password, 0, passwordSz); 35691 } 35692 35693 p = der; 35694 key = wolfSSL_d2i_PrivateKey_EVP(pkey, &p, len); 35695 XFREE(der, bio->heap, DYNAMIC_TYPE_OPENSSL); 35696 return key; 35697 } 35698 35699 /* Detect which type of key it is before decoding. */ 35700 WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(WOLFSSL_EVP_PKEY** pkey, 35701 const unsigned char** pp, 35702 long length) 35703 { 35704 int ret; 35705 WOLFSSL_EVP_PKEY* key = NULL; 35706 const byte* der = *pp; 35707 word32 idx = 0; 35708 int len = 0; 35709 word32 end = 0; 35710 int cnt = 0; 35711 int type; 35712 word32 algId; 35713 word32 keyLen = (word32)length; 35714 35715 /* Take off PKCS#8 wrapper if found. */ 35716 if ((len = ToTraditionalInline_ex(der, &idx, keyLen, &algId)) >= 0) { 35717 der += idx; 35718 keyLen = len; 35719 } 35720 idx = 0; 35721 len = 0; 35722 35723 /* Use the number of elements in the outer sequence to determine key type. 35724 */ 35725 ret = GetSequence(der, &idx, &len, keyLen); 35726 if (ret >= 0) { 35727 end = idx + len; 35728 while (ret >= 0 && idx < end) { 35729 /* Skip type */ 35730 idx++; 35731 /* Get length and skip over - keeping count */ 35732 len = 0; 35733 ret = GetLength(der, &idx, &len, keyLen); 35734 if (ret >= 0) { 35735 if (idx + len > end) 35736 ret = ASN_PARSE_E; 35737 else { 35738 idx += len; 35739 cnt++; 35740 } 35741 } 35742 } 35743 } 35744 35745 if (ret >= 0) { 35746 /* ECC includes version, private[, curve][, public key] */ 35747 if (cnt >= 2 && cnt <= 4) 35748 type = EVP_PKEY_EC; 35749 else 35750 type = EVP_PKEY_RSA; 35751 35752 key = wolfSSL_d2i_PrivateKey(type, pkey, &der, keyLen); 35753 *pp = der; 35754 } 35755 35756 return key; 35757 } 35758 #endif 35759 35760 #if defined(OPENSSL_ALL) && !defined(NO_CERT) && defined(WOLFSSL_CERT_GEN) && \ 35761 defined(WOLFSSL_CERT_REQ) 35762 int wolfSSL_i2d_X509_REQ(WOLFSSL_X509* req, unsigned char** out) 35763 { 35764 const unsigned char* der; 35765 int derSz = 0; 35766 35767 if (req == NULL || out == NULL) { 35768 return BAD_FUNC_ARG; 35769 } 35770 35771 der = wolfSSL_X509_get_der(req, &derSz); 35772 if (der == NULL) { 35773 return MEMORY_E; 35774 } 35775 35776 if (*out == NULL) { 35777 *out = (unsigned char*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_OPENSSL); 35778 if (*out == NULL) { 35779 return MEMORY_E; 35780 } 35781 } 35782 35783 XMEMCPY(*out, der, derSz); 35784 35785 return derSz; 35786 } 35787 35788 int wolfSSL_X509_set_subject_name(WOLFSSL_X509 *cert, WOLFSSL_X509_NAME *name) 35789 { 35790 int i; 35791 WOLFSSL_X509_NAME_ENTRY* ne; 35792 35793 if (cert == NULL || name == NULL) 35794 return WOLFSSL_FAILURE; 35795 35796 FreeX509Name(&cert->subject, cert->heap); 35797 InitX509Name(&cert->subject, 0); 35798 if (name->dynamicName) { 35799 cert->subject.name = (char*)XMALLOC(name->sz, cert->heap, 35800 DYNAMIC_TYPE_SUBJECT_CN); 35801 if (cert->subject.name == NULL) 35802 return WOLFSSL_FAILURE; 35803 } 35804 XMEMCPY(cert->subject.name, name->name, name->sz); 35805 cert->subject.sz = name->sz; 35806 35807 for (i = 0; i < 10; i++) { 35808 ne = wolfSSL_X509_NAME_get_entry(name, i); 35809 if (ne != NULL) 35810 wolfSSL_X509_NAME_add_entry(&cert->subject, ne, i, 1); 35811 } 35812 cert->subject.x509 = cert; 35813 35814 return WOLFSSL_SUCCESS; 35815 } 35816 35817 int wolfSSL_X509_set_pubkey(WOLFSSL_X509 *cert, WOLFSSL_EVP_PKEY *pkey) 35818 { 35819 byte* p; 35820 35821 if (cert == NULL || pkey == NULL) 35822 return WOLFSSL_FAILURE; 35823 35824 if (pkey->type == EVP_PKEY_RSA) 35825 cert->pubKeyOID = RSAk; 35826 else if (pkey->type == EVP_PKEY_EC) 35827 cert->pubKeyOID = ECDSAk; 35828 else 35829 return WOLFSSL_FAILURE; 35830 35831 p = (byte*)XMALLOC(pkey->pkey_sz, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY); 35832 if (p == NULL) 35833 return WOLFSSL_FAILURE; 35834 35835 if (cert->pubKey.buffer != NULL) 35836 XFREE(cert->pubKey.buffer, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY); 35837 cert->pubKey.buffer = p; 35838 XMEMCPY(cert->pubKey.buffer, pkey->pkey.ptr, pkey->pkey_sz); 35839 cert->pubKey.length = pkey->pkey_sz; 35840 35841 return WOLFSSL_SUCCESS; 35842 } 35843 35844 35845 WOLFSSL_X509* wolfSSL_X509_REQ_new(void) 35846 { 35847 return wolfSSL_X509_new(); 35848 } 35849 35850 void wolfSSL_X509_REQ_free(WOLFSSL_X509* req) 35851 { 35852 wolfSSL_X509_free(req); 35853 } 35854 35855 35856 static int ReqCertFromX509(Cert* cert, WOLFSSL_X509* req) 35857 { 35858 int ret; 35859 35860 ret = CopyX509NameToCertName(&req->subject, &cert->subject); 35861 if (ret == WOLFSSL_SUCCESS) { 35862 cert->version = req->version; 35863 cert->isCA = req->isCa; 35864 if (req->subjKeyIdSz != 0) { 35865 XMEMCPY(cert->skid, req->subjKeyId, req->subjKeyIdSz); 35866 cert->skidSz = req->subjKeyIdSz; 35867 } 35868 if (req->keyUsageSet) 35869 cert->keyUsage = req->keyUsage; 35870 /* Extended Key Usage not supported. */ 35871 } 35872 35873 return ret; 35874 } 35875 35876 int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey, 35877 const WOLFSSL_EVP_MD *md) 35878 { 35879 int ret; 35880 Cert cert; 35881 byte der[2048]; 35882 int derSz = sizeof(der); 35883 void* key; 35884 int type; 35885 int sigType; 35886 int hashType; 35887 RsaKey rsa; 35888 ecc_key ecc; 35889 WC_RNG rng; 35890 word32 idx = 0; 35891 35892 if (req == NULL || pkey == NULL || md == NULL) 35893 return WOLFSSL_FAILURE; 35894 35895 /* Create a Cert that has the certificate request fields. */ 35896 if (wc_InitCert(&cert) != 0) 35897 return WOLFSSL_FAILURE; 35898 if (ReqCertFromX509(&cert, req) != WOLFSSL_SUCCESS) 35899 return WOLFSSL_FAILURE; 35900 35901 /* Convert key type and hash algorithm to a signature algorithm */ 35902 if (wolfSSL_EVP_get_hashinfo(md, &hashType, NULL) == WOLFSSL_FAILURE) 35903 return WOLFSSL_FAILURE; 35904 35905 if (pkey->type == EVP_PKEY_RSA) { 35906 switch (hashType) { 35907 case WC_HASH_TYPE_SHA: 35908 sigType = CTC_SHAwRSA; 35909 break; 35910 case WC_HASH_TYPE_SHA224: 35911 sigType = CTC_SHA224wRSA; 35912 break; 35913 case WC_HASH_TYPE_SHA256: 35914 sigType = CTC_SHA256wRSA; 35915 break; 35916 case WC_HASH_TYPE_SHA384: 35917 sigType = CTC_SHA384wRSA; 35918 break; 35919 case WC_HASH_TYPE_SHA512: 35920 sigType = CTC_SHA512wRSA; 35921 break; 35922 default: 35923 return WOLFSSL_FAILURE; 35924 } 35925 } 35926 else if (pkey->type == EVP_PKEY_EC) { 35927 switch (hashType) { 35928 case WC_HASH_TYPE_SHA: 35929 sigType = CTC_SHAwECDSA; 35930 break; 35931 case WC_HASH_TYPE_SHA224: 35932 sigType = CTC_SHA224wECDSA; 35933 break; 35934 case WC_HASH_TYPE_SHA256: 35935 sigType = CTC_SHA256wECDSA; 35936 break; 35937 case WC_HASH_TYPE_SHA384: 35938 sigType = CTC_SHA384wECDSA; 35939 break; 35940 case WC_HASH_TYPE_SHA512: 35941 sigType = CTC_SHA512wECDSA; 35942 break; 35943 default: 35944 return WOLFSSL_FAILURE; 35945 } 35946 } 35947 else 35948 return WOLFSSL_FAILURE; 35949 35950 /* Create a public key object from requests public key. */ 35951 if (req->pubKeyOID == RSAk) { 35952 type = RSA_TYPE; 35953 ret = wc_InitRsaKey(&rsa, req->heap); 35954 if (ret != 0) 35955 return WOLFSSL_FAILURE; 35956 ret = wc_RsaPublicKeyDecode(req->pubKey.buffer, &idx, &rsa, 35957 req->pubKey.length); 35958 if (ret != 0) { 35959 wc_FreeRsaKey(&rsa); 35960 return WOLFSSL_FAILURE; 35961 } 35962 key = (void*)&rsa; 35963 } 35964 else { 35965 type = ECC_TYPE; 35966 ret = wc_ecc_init(&ecc); 35967 if (ret != 0) 35968 return WOLFSSL_FAILURE; 35969 ret = wc_EccPublicKeyDecode(req->pubKey.buffer, &idx, &ecc, 35970 req->pubKey.length); 35971 if (ret != 0) { 35972 wc_ecc_free(&ecc); 35973 return WOLFSSL_FAILURE; 35974 } 35975 key = (void*)&ecc; 35976 } 35977 35978 /* Make the body of the certificate request. */ 35979 ret = wc_MakeCertReq_ex(&cert, der, derSz, type, key); 35980 if (ret < 0) 35981 return WOLFSSL_FAILURE; 35982 35983 /* Dispose of the public key object. */ 35984 if (req->pubKeyOID == RSAk) 35985 wc_FreeRsaKey(&rsa); 35986 else 35987 wc_ecc_free(&ecc); 35988 35989 idx = 0; 35990 /* Get the private key object and type from pkey. */ 35991 if (pkey->type == EVP_PKEY_RSA) { 35992 type = RSA_TYPE; 35993 key = pkey->rsa->internal; 35994 } 35995 else { 35996 type = ECC_TYPE; 35997 key = pkey->ecc->internal; 35998 } 35999 36000 /* Sign the certificate request body. */ 36001 ret = wc_InitRng(&rng); 36002 if (ret != 0) 36003 return WOLFSSL_FAILURE; 36004 ret = wc_SignCert_ex(cert.bodySz, sigType, der, sizeof(der), type, key, 36005 &rng); 36006 wc_FreeRng(&rng); 36007 if (ret < 0) 36008 return WOLFSSL_FAILURE; 36009 36010 /* Put in the new certificate request encoding into the request object. */ 36011 FreeDer(&req->derCert); 36012 if (AllocDer(&req->derCert, ret, CERTREQ_TYPE, NULL) != 0) 36013 return WOLFSSL_FAILURE; 36014 XMEMCPY(req->derCert->buffer, der, ret); 36015 req->derCert->length = ret; 36016 36017 return WOLFSSL_SUCCESS; 36018 } 36019 36020 int wolfSSL_X509_REQ_set_subject_name(WOLFSSL_X509 *req, 36021 WOLFSSL_X509_NAME *name) 36022 { 36023 return wolfSSL_X509_set_subject_name(req, name); 36024 } 36025 36026 int wolfSSL_X509_REQ_set_pubkey(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey) 36027 { 36028 return wolfSSL_X509_set_pubkey(req, pkey); 36029 } 36030 #endif 36031 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src/tls.c
r337 r372 49 49 #include <wolfssl/wolfcrypt/random.h> 50 50 #endif 51 51 52 #ifdef HAVE_QSH 52 53 static int TLSX_AddQSHKey(QSHKey** list, QSHKey* key); … … 57 58 #endif /* HAVE_QSH */ 58 59 60 #if (!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ 61 !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) || \ 62 (defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)) 63 static int TLSX_KeyShare_IsSupported(int namedGroup); 64 #endif 65 66 #if (!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ 67 !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) || \ 68 (defined(WOLFSSL_TLS13) && !defined(HAVE_ECC) && \ 69 !defined(HAVE_CURVE25519) && defined(HAVE_SUPPORTED_CURVES)) || \ 70 ((defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 71 defined(HAVE_SUPPORTED_CURVES)) 72 static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions); 73 #endif 74 59 75 60 76 #ifndef NO_TLS … … 72 88 #endif 73 89 90 #ifdef WOLFSSL_TLS13 91 #if !defined(NO_DH) && \ 92 !defined(HAVE_FFDHE_2048) && !defined(HAVE_FFDHE_3072) && \ 93 !defined(HAVE_FFDHE_4096) && !defined(HAVE_FFDHE_6144) && \ 94 !defined(HAVE_FFDHE_8192) 95 #error Please configure your TLS 1.3 DH key size using either: HAVE_FFDHE_2048, HAVE_FFDHE_3072, HAVE_FFDHE_4096, HAVE_FFDHE_6144 or HAVE_FFDHE_8192 96 #endif 97 #if !defined(NO_RSA) && !defined(WC_RSA_PSS) 98 #error The build option WC_RSA_PSS is required for TLS 1.3 with RSA 99 #endif 100 #endif 101 102 /* Optional Pre-Master-Secret logging for Wireshark */ 103 #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_SSLKEYLOGFILE) 104 #ifndef WOLFSSL_SSLKEYLOGFILE_OUTPUT 105 #define WOLFSSL_SSLKEYLOGFILE_OUTPUT "sslkeylog.log" 106 #endif 107 #endif 108 109 #ifndef WOLFSSL_NO_TLS12 74 110 75 111 #ifdef WOLFSSL_SHA384 … … 78 114 #define P_HASH_MAX_SIZE WC_SHA256_DIGEST_SIZE 79 115 #endif 80 81 116 82 117 /* compute p_hash for MD5, SHA-1, SHA-256, or SHA-384 for TLSv1 PRF */ … … 207 242 #undef P_HASH_MAX_SIZE 208 243 244 #endif /* !WOLFSSL_NO_TLS12 */ 245 209 246 210 247 #ifndef NO_OLD_TLS 211 248 212 249 /* calculate XOR for TLSv1 PRF */ 213 static INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha)250 static WC_INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha) 214 251 { 215 252 word32 i; … … 231 268 byte* md5_half; 232 269 byte* sha_half; 233 byte* labelSeed;234 270 byte* md5_result; 235 271 byte* sha_result; … … 237 273 byte md5_half[MAX_PRF_HALF]; /* half is real size */ 238 274 byte sha_half[MAX_PRF_HALF]; /* half is real size */ 239 byte labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */240 275 byte md5_result[MAX_PRF_DIG]; /* digLen is real size */ 241 276 byte sha_result[MAX_PRF_DIG]; /* digLen is real size */ 242 277 #endif 243 244 if (half > MAX_PRF_HALF) 278 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 279 DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap); 280 if (labelSeed == NULL) 281 return MEMORY_E; 282 #else 283 byte labelSeed[MAX_PRF_LABSEED]; 284 #endif 285 286 if (half > MAX_PRF_HALF || 287 labLen + seedLen > MAX_PRF_LABSEED || 288 digLen > MAX_PRF_DIG) 289 { 290 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 291 FREE_VAR(labelSeed, heap); 292 #endif 245 293 return BUFFER_E; 246 if (labLen + seedLen > MAX_PRF_LABSEED) 247 return BUFFER_E; 248 if (digLen > MAX_PRF_DIG) 249 return BUFFER_E; 294 } 250 295 251 296 #ifdef WOLFSSL_SMALL_STACK 252 297 md5_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST); 253 298 sha_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST); 254 labelSeed = (byte*)XMALLOC(MAX_PRF_LABSEED, heap, DYNAMIC_TYPE_SEED);255 299 md5_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST); 256 300 sha_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST); 257 301 258 if (md5_half == NULL || sha_half == NULL || labelSeed== NULL ||259 md5_result == NULL ||sha_result == NULL) {302 if (md5_half == NULL || sha_half == NULL || md5_result == NULL || 303 sha_result == NULL) { 260 304 if (md5_half) XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST); 261 305 if (sha_half) XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST); 262 if (labelSeed) XFREE(labelSeed, heap, DYNAMIC_TYPE_SEED);263 306 if (md5_result) XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST); 264 307 if (sha_result) XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST); 308 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 309 FREE_VAR(labelSeed, heap); 310 #endif 265 311 266 312 return MEMORY_E; … … 288 334 XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST); 289 335 XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST); 290 XFREE(labelSeed, heap, DYNAMIC_TYPE_SEED);291 336 XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST); 292 337 XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST); 293 338 #endif 294 339 340 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 341 FREE_VAR(labelSeed, heap); 342 #endif 343 295 344 return ret; 296 345 } … … 298 347 #endif 299 348 349 350 #ifndef WOLFSSL_NO_TLS12 300 351 301 352 /* Wrapper to call straight thru to p_hash in TSL 1.2 cases to remove stack … … 308 359 309 360 if (useAtLeastSha256) { 310 #ifdef WOLFSSL_SMALL_STACK 311 byte* labelSeed; 361 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 362 DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap); 363 if (labelSeed == NULL) 364 return MEMORY_E; 312 365 #else 313 byte labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */366 byte labelSeed[MAX_PRF_LABSEED]; 314 367 #endif 315 368 316 369 if (labLen + seedLen > MAX_PRF_LABSEED) 317 370 return BUFFER_E; 318 319 #ifdef WOLFSSL_SMALL_STACK320 labelSeed = (byte*)XMALLOC(MAX_PRF_LABSEED, heap, DYNAMIC_TYPE_SEED);321 if (labelSeed == NULL)322 return MEMORY_E;323 #endif324 371 325 372 XMEMCPY(labelSeed, label, labLen); … … 333 380 labLen + seedLen, hash_type, heap, devId); 334 381 335 #ifdef WOLFSSL_SMALL_STACK 336 XFREE(labelSeed, heap, DYNAMIC_TYPE_SEED);382 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 383 FREE_VAR(labelSeed, heap); 337 384 #endif 338 385 } … … 356 403 int BuildTlsHandshakeHash(WOLFSSL* ssl, byte* hash, word32* hashLen) 357 404 { 405 int ret = 0; 358 406 word32 hashSz = FINISHED_SZ; 359 407 … … 361 409 return BAD_FUNC_ARG; 362 410 411 /* for constant timing perform these even if error */ 363 412 #ifndef NO_OLD_TLS 364 wc_Md5GetHash(&ssl->hsHashes->hashMd5, hash);365 wc_ShaGetHash(&ssl->hsHashes->hashSha, &hash[WC_MD5_DIGEST_SIZE]);413 ret |= wc_Md5GetHash(&ssl->hsHashes->hashMd5, hash); 414 ret |= wc_ShaGetHash(&ssl->hsHashes->hashSha, &hash[WC_MD5_DIGEST_SIZE]); 366 415 #endif 367 416 … … 370 419 if (ssl->specs.mac_algorithm <= sha256_mac || 371 420 ssl->specs.mac_algorithm == blake2b_mac) { 372 int ret = wc_Sha256GetHash(&ssl->hsHashes->hashSha256, hash); 373 374 if (ret != 0) 375 return ret; 376 421 ret |= wc_Sha256GetHash(&ssl->hsHashes->hashSha256, hash); 377 422 hashSz = WC_SHA256_DIGEST_SIZE; 378 423 } … … 380 425 #ifdef WOLFSSL_SHA384 381 426 if (ssl->specs.mac_algorithm == sha384_mac) { 382 int ret = wc_Sha384GetHash(&ssl->hsHashes->hashSha384, hash); 383 384 if (ret != 0) 385 return ret; 386 427 ret |= wc_Sha384GetHash(&ssl->hsHashes->hashSha384, hash); 387 428 hashSz = WC_SHA384_DIGEST_SIZE; 388 429 } … … 392 433 *hashLen = hashSz; 393 434 394 return 0; 435 if (ret != 0) 436 ret = BUILD_MSG_ERROR; 437 438 return ret; 395 439 } 396 440 … … 400 444 int ret; 401 445 const byte* side; 402 byte* handshake_hash;403 446 word32 hashSz = HSHASH_SZ; 404 405 /* using allocate here to allow async hardware to use buffer directly */ 406 handshake_hash = (byte*)XMALLOC(hashSz, ssl->heap, DYNAMIC_TYPE_DIGEST); 447 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 448 DECLARE_VAR(handshake_hash, byte, HSHASH_SZ, ssl->heap); 407 449 if (handshake_hash == NULL) 408 450 return MEMORY_E; 451 #else 452 byte handshake_hash[HSHASH_SZ]; 453 #endif 409 454 410 455 ret = BuildTlsHandshakeHash(ssl, handshake_hash, &hashSz); … … 421 466 } 422 467 423 XFREE(handshake_hash, ssl->heap, DYNAMIC_TYPE_DIGEST); 468 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 469 FREE_VAR(handshake_hash, ssl->heap); 470 #endif 424 471 425 472 return ret; 426 473 } 427 474 475 #endif /* !WOLFSSL_NO_TLS12 */ 428 476 429 477 #ifndef NO_OLD_TLS 430 478 479 #ifdef WOLFSSL_ALLOW_TLSV10 431 480 ProtocolVersion MakeTLSv1(void) 432 481 { … … 437 486 return pv; 438 487 } 488 #endif /* WOLFSSL_ALLOW_TLSV10 */ 439 489 440 490 … … 448 498 } 449 499 450 #endif 451 500 #endif /* !NO_OLD_TLS */ 501 502 503 #ifndef WOLFSSL_NO_TLS12 452 504 453 505 ProtocolVersion MakeTLSv1_2(void) … … 459 511 return pv; 460 512 } 513 514 #endif /* !WOLFSSL_NO_TLS12 */ 461 515 462 516 #ifdef WOLFSSL_TLS13 … … 475 529 #endif 476 530 531 #ifndef WOLFSSL_NO_TLS12 477 532 478 533 #ifdef HAVE_EXTENDED_MASTER … … 489 544 void* heap, int devId) 490 545 { 546 int ret; 547 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 548 DECLARE_VAR(seed, byte, SEED_LEN, heap); 549 if (seed == NULL) 550 return MEMORY_E; 551 #else 491 552 byte seed[SEED_LEN]; 553 #endif 492 554 493 555 XMEMCPY(seed, sr, RAN_LEN); 494 556 XMEMCPY(seed + RAN_LEN, cr, RAN_LEN); 495 557 496 ret urnPRF(key_dig, key_dig_len, ms, msLen, key_label, KEY_LABEL_SZ,558 ret = PRF(key_dig, key_dig_len, ms, msLen, key_label, KEY_LABEL_SZ, 497 559 seed, SEED_LEN, tls1_2, hash_type, heap, devId); 560 561 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 562 FREE_VAR(seed, heap); 563 #endif 564 565 return ret; 498 566 } 499 567 … … 549 617 void* heap, int devId) 550 618 { 619 int ret; 620 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 621 DECLARE_VAR(seed, byte, SEED_LEN, heap); 622 if (seed == NULL) 623 return MEMORY_E; 624 #else 551 625 byte seed[SEED_LEN]; 626 #endif 552 627 553 628 XMEMCPY(seed, cr, RAN_LEN); 554 629 XMEMCPY(seed + RAN_LEN, sr, RAN_LEN); 555 630 556 ret urnPRF(ms, msLen, pms, pmsLen, master_label, MASTER_LABEL_SZ,631 ret = PRF(ms, msLen, pms, pmsLen, master_label, MASTER_LABEL_SZ, 557 632 seed, SEED_LEN, tls1_2, hash_type, heap, devId); 633 634 #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) 635 FREE_VAR(seed, heap); 636 #endif 637 638 return ret; 558 639 } 559 640 … … 597 678 { 598 679 int ret; 680 599 681 #ifdef HAVE_EXTENDED_MASTER 600 682 if (ssl->options.haveEMS) { 601 byte* handshake_hash;602 683 word32 hashSz = HSHASH_SZ; 603 604 handshake_hash = (byte*)XMALLOC(HSHASH_SZ, ssl->heap,684 #ifdef WOLFSSL_SMALL_STACK 685 byte* handshake_hash = (byte*)XMALLOC(HSHASH_SZ, ssl->heap, 605 686 DYNAMIC_TYPE_DIGEST); 606 687 if (handshake_hash == NULL) 607 688 return MEMORY_E; 689 #else 690 byte handshake_hash[HSHASH_SZ]; 691 #endif 608 692 609 693 ret = BuildTlsHandshakeHash(ssl, handshake_hash, &hashSz); 610 if (ret < 0) { 611 XFREE(handshake_hash, ssl->heap, DYNAMIC_TYPE_DIGEST); 612 return ret; 613 } 614 694 if (ret == 0) { 615 695 ret = _MakeTlsExtendedMasterSecret( 616 696 ssl->arrays->masterSecret, SECRET_LEN, … … 619 699 IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm, 620 700 ssl->heap, ssl->devId); 621 701 } 702 703 #ifdef WOLFSSL_SMALL_STACK 622 704 XFREE(handshake_hash, ssl->heap, DYNAMIC_TYPE_DIGEST); 623 } else 624 #endif 705 #endif 706 } 707 else 708 #endif /* HAVE_EXTENDED_MASTER */ 709 { 625 710 ret = _MakeTlsMasterSecret(ssl->arrays->masterSecret, SECRET_LEN, 626 711 ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz, … … 628 713 IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm, 629 714 ssl->heap, ssl->devId); 630 715 } 631 716 if (ret == 0) { 632 717 #ifdef SHOW_SECRETS 633 int i; 634 635 printf("master secret: "); 636 for (i = 0; i < SECRET_LEN; i++) 637 printf("%02x", ssl->arrays->masterSecret[i]); 638 printf("\n"); 639 #endif 718 /* Wireshark Pre-Master-Secret Format: 719 * CLIENT_RANDOM <clientrandom> <mastersecret> 720 */ 721 const char* CLIENT_RANDOM_LABEL = "CLIENT_RANDOM"; 722 int i, pmsPos = 0; 723 char pmsBuf[13 + 1 + 64 + 1 + 96 + 1 + 1]; 724 725 XSNPRINTF(&pmsBuf[pmsPos], sizeof(pmsBuf) - pmsPos, "%s ", 726 CLIENT_RANDOM_LABEL); 727 pmsPos += XSTRLEN(CLIENT_RANDOM_LABEL) + 1; 728 for (i = 0; i < RAN_LEN; i++) { 729 XSNPRINTF(&pmsBuf[pmsPos], sizeof(pmsBuf) - pmsPos, "%02x", 730 ssl->arrays->clientRandom[i]); 731 pmsPos += 2; 732 } 733 XSNPRINTF(&pmsBuf[pmsPos], sizeof(pmsBuf) - pmsPos, " "); 734 pmsPos += 1; 735 for (i = 0; i < SECRET_LEN; i++) { 736 XSNPRINTF(&pmsBuf[pmsPos], sizeof(pmsBuf) - pmsPos, "%02x", 737 ssl->arrays->masterSecret[i]); 738 pmsPos += 2; 739 } 740 XSNPRINTF(&pmsBuf[pmsPos], sizeof(pmsBuf) - pmsPos, "\n"); 741 pmsPos += 1; 742 743 /* print master secret */ 744 puts(pmsBuf); 745 746 #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_SSLKEYLOGFILE) 747 { 748 FILE* f = XFOPEN(WOLFSSL_SSLKEYLOGFILE_OUTPUT, "a"); 749 if (f != XBADFILE) { 750 XFWRITE(pmsBuf, 1, pmsPos, f); 751 XFCLOSE(f); 752 } 753 } 754 #endif 755 #endif /* SHOW_SECRETS */ 640 756 641 757 ret = DeriveTlsKeys(ssl); … … 684 800 685 801 686 static INLINE void GetSEQIncrement(WOLFSSL* ssl, int verify, word32 seq[2])802 static WC_INLINE void GetSEQIncrement(WOLFSSL* ssl, int verify, word32 seq[2]) 687 803 { 688 804 if (verify) { … … 706 822 707 823 #ifdef WOLFSSL_DTLS 708 static INLINE void DtlsGetSEQ(WOLFSSL* ssl, int order, word32 seq[2])824 static WC_INLINE void DtlsGetSEQ(WOLFSSL* ssl, int order, word32 seq[2]) 709 825 { 710 826 if (order == PREV_ORDER) { … … 728 844 729 845 730 static INLINE void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out)846 static WC_INLINE void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out) 731 847 { 732 848 word32 seq[2] = {0, 0}; … … 813 929 814 930 815 /* TLS type HMAC */ 816 int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, 817 int content, int verify) 818 { 819 Hmac hmac; 820 int ret = 0; 821 byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ]; 931 #ifndef WOLFSSL_AEAD_ONLY 932 #if !defined(WOLFSSL_NO_HASH_RAW) && !defined(HAVE_FIPS) && \ 933 !defined(HAVE_SELFTEST) 934 935 /* Update the hash in the HMAC. 936 * 937 * hmac HMAC object. 938 * data Data to be hashed. 939 * sz Size of data to hash. 940 * returns 0 on success, otherwise failure. 941 */ 942 static int Hmac_HashUpdate(Hmac* hmac, const byte* data, word32 sz) 943 { 944 int ret = BAD_FUNC_ARG; 945 946 switch (hmac->macType) { 947 #ifndef NO_SHA 948 case WC_SHA: 949 ret = wc_ShaUpdate(&hmac->hash.sha, data, sz); 950 break; 951 #endif /* !NO_SHA */ 952 953 #ifndef NO_SHA256 954 case WC_SHA256: 955 ret = wc_Sha256Update(&hmac->hash.sha256, data, sz); 956 break; 957 #endif /* !NO_SHA256 */ 958 959 #ifdef WOLFSSL_SHA384 960 case WC_SHA384: 961 ret = wc_Sha384Update(&hmac->hash.sha384, data, sz); 962 break; 963 #endif /* WOLFSSL_SHA384 */ 964 965 #ifdef WOLFSSL_SHA512 966 case WC_SHA512: 967 ret = wc_Sha512Update(&hmac->hash.sha512, data, sz); 968 break; 969 #endif /* WOLFSSL_SHA512 */ 970 } 971 972 return ret; 973 } 974 975 /* Finalize the hash but don't put the EOC, padding or length in. 976 * 977 * hmac HMAC object. 978 * hash Hash result. 979 * returns 0 on success, otherwise failure. 980 */ 981 static int Hmac_HashFinalRaw(Hmac* hmac, unsigned char* hash) 982 { 983 int ret = BAD_FUNC_ARG; 984 985 switch (hmac->macType) { 986 #ifndef NO_SHA 987 case WC_SHA: 988 ret = wc_ShaFinalRaw(&hmac->hash.sha, hash); 989 break; 990 #endif /* !NO_SHA */ 991 992 #ifndef NO_SHA256 993 case WC_SHA256: 994 ret = wc_Sha256FinalRaw(&hmac->hash.sha256, hash); 995 break; 996 #endif /* !NO_SHA256 */ 997 998 #ifdef WOLFSSL_SHA384 999 case WC_SHA384: 1000 ret = wc_Sha384FinalRaw(&hmac->hash.sha384, hash); 1001 break; 1002 #endif /* WOLFSSL_SHA384 */ 1003 1004 #ifdef WOLFSSL_SHA512 1005 case WC_SHA512: 1006 ret = wc_Sha512FinalRaw(&hmac->hash.sha512, hash); 1007 break; 1008 #endif /* WOLFSSL_SHA512 */ 1009 } 1010 1011 return ret; 1012 } 1013 1014 /* Finalize the HMAC by performing outer hash. 1015 * 1016 * hmac HMAC object. 1017 * mac MAC result. 1018 * returns 0 on success, otherwise failure. 1019 */ 1020 static int Hmac_OuterHash(Hmac* hmac, unsigned char* mac) 1021 { 1022 int ret = BAD_FUNC_ARG; 1023 wc_HashAlg hash; 1024 enum wc_HashType hashType = (enum wc_HashType)hmac->macType; 1025 int digestSz = wc_HashGetDigestSize(hashType); 1026 int blockSz = wc_HashGetBlockSize(hashType); 1027 1028 ret = wc_HashInit(&hash, hashType); 1029 if (ret == 0) { 1030 ret = wc_HashUpdate(&hash, hashType, (byte*)hmac->opad, 1031 blockSz); 1032 if (ret == 0) 1033 ret = wc_HashUpdate(&hash, hashType, (byte*)hmac->innerHash, 1034 digestSz); 1035 if (ret == 0) 1036 ret = wc_HashFinal(&hash, hashType, mac); 1037 wc_HashFree(&hash, hashType); 1038 } 1039 1040 return ret; 1041 } 1042 1043 /* Calculate the HMAC of the header + message data. 1044 * Constant time implementation using wc_Sha*FinalRaw(). 1045 * 1046 * hmac HMAC object. 1047 * digest MAC result. 1048 * in Message data. 1049 * sz Size of the message data. 1050 * header Constructed record header with length of handshake data. 1051 * returns 0 on success, otherwise failure. 1052 */ 1053 static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in, 1054 word32 sz, byte* header) 1055 { 1056 byte lenBytes[8]; 1057 int i, j, k; 1058 int blockBits, blockMask; 1059 int realLen, lastBlockLen, macLen, extraLen, eocIndex; 1060 int blocks, safeBlocks, lenBlock, eocBlock; 1061 int maxLen; 1062 int blockSz, padSz; 1063 int ret; 1064 byte extraBlock; 1065 1066 switch (hmac->macType) { 1067 #ifndef NO_SHA 1068 case WC_SHA: 1069 blockSz = WC_SHA_BLOCK_SIZE; 1070 blockBits = 6; 1071 macLen = WC_SHA_DIGEST_SIZE; 1072 padSz = WC_SHA_BLOCK_SIZE - WC_SHA_PAD_SIZE + 1; 1073 break; 1074 #endif /* !NO_SHA */ 1075 1076 #ifndef NO_SHA256 1077 case WC_SHA256: 1078 blockSz = WC_SHA256_BLOCK_SIZE; 1079 blockBits = 6; 1080 macLen = WC_SHA256_DIGEST_SIZE; 1081 padSz = WC_SHA256_BLOCK_SIZE - WC_SHA256_PAD_SIZE + 1; 1082 break; 1083 #endif /* !NO_SHA256 */ 1084 1085 #ifdef WOLFSSL_SHA384 1086 case WC_SHA384: 1087 blockSz = WC_SHA384_BLOCK_SIZE; 1088 blockBits = 7; 1089 macLen = WC_SHA384_DIGEST_SIZE; 1090 padSz = WC_SHA384_BLOCK_SIZE - WC_SHA384_PAD_SIZE + 1; 1091 break; 1092 #endif /* WOLFSSL_SHA384 */ 1093 1094 #ifdef WOLFSSL_SHA512 1095 case WC_SHA512: 1096 blockSz = WC_SHA512_BLOCK_SIZE; 1097 blockBits = 7; 1098 macLen = WC_SHA512_DIGEST_SIZE; 1099 padSz = WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE + 1; 1100 break; 1101 #endif /* WOLFSSL_SHA512 */ 1102 1103 default: 1104 return BAD_FUNC_ARG; 1105 } 1106 blockMask = blockSz - 1; 1107 1108 /* Size of data to HMAC if padding length byte is zero. */ 1109 maxLen = WOLFSSL_TLS_HMAC_INNER_SZ + sz - 1 - macLen; 1110 /* Complete data (including padding) has block for EOC and/or length. */ 1111 extraBlock = ctSetLTE((maxLen + padSz) & blockMask, padSz); 1112 /* Total number of blocks for data including padding. */ 1113 blocks = ((maxLen + blockSz - 1) >> blockBits) + extraBlock; 1114 /* Up to last 6 blocks can be hashed safely. */ 1115 safeBlocks = blocks - 6; 1116 1117 /* Length of message data. */ 1118 realLen = maxLen - in[sz - 1]; 1119 /* Number of message bytes in last block. */ 1120 lastBlockLen = realLen & blockMask; 1121 /* Number of padding bytes in last block. */ 1122 extraLen = ((blockSz * 2 - padSz - lastBlockLen) & blockMask) + 1; 1123 /* Number of blocks to create for hash. */ 1124 lenBlock = (realLen + extraLen) >> blockBits; 1125 /* Block containing EOC byte. */ 1126 eocBlock = realLen >> blockBits; 1127 /* Index of EOC byte in block. */ 1128 eocIndex = realLen & blockMask; 1129 1130 /* Add length of hmac's ipad to total length. */ 1131 realLen += blockSz; 1132 /* Length as bits - 8 bytes bigendian. */ 1133 c32toa(realLen >> ((sizeof(word32) * 8) - 3), lenBytes); 1134 c32toa(realLen << 3, lenBytes + sizeof(word32)); 1135 1136 ret = Hmac_HashUpdate(hmac, (unsigned char*)hmac->ipad, blockSz); 1137 if (ret != 0) 1138 return ret; 1139 1140 XMEMSET(hmac->innerHash, 0, macLen); 1141 1142 if (safeBlocks > 0) { 1143 ret = Hmac_HashUpdate(hmac, header, WOLFSSL_TLS_HMAC_INNER_SZ); 1144 if (ret != 0) 1145 return ret; 1146 ret = Hmac_HashUpdate(hmac, in, safeBlocks * blockSz - 1147 WOLFSSL_TLS_HMAC_INNER_SZ); 1148 if (ret != 0) 1149 return ret; 1150 } 1151 else 1152 safeBlocks = 0; 1153 1154 XMEMSET(digest, 0, macLen); 1155 k = safeBlocks * blockSz; 1156 for (i = safeBlocks; i < blocks; i++) { 1157 unsigned char hashBlock[WC_MAX_BLOCK_SIZE]; 1158 unsigned char isEocBlock = ctMaskEq(i, eocBlock); 1159 unsigned char isOutBlock = ctMaskEq(i, lenBlock); 1160 1161 for (j = 0; j < blockSz; j++, k++) { 1162 unsigned char atEoc = ctMaskEq(j, eocIndex) & isEocBlock; 1163 unsigned char pastEoc = ctMaskGT(j, eocIndex) & isEocBlock; 1164 unsigned char b = 0; 1165 1166 if (k < WOLFSSL_TLS_HMAC_INNER_SZ) 1167 b = header[k]; 1168 else if (k < maxLen) 1169 b = in[k - WOLFSSL_TLS_HMAC_INNER_SZ]; 1170 1171 b = ctMaskSel(atEoc, 0x80, b); 1172 b &= (unsigned char)~(word32)pastEoc; 1173 b &= ((unsigned char)~(word32)isOutBlock) | isEocBlock; 1174 1175 if (j >= blockSz - 8) { 1176 b = ctMaskSel(isOutBlock, lenBytes[j - (blockSz - 8)], b); 1177 } 1178 1179 hashBlock[j] = b; 1180 } 1181 1182 ret = Hmac_HashUpdate(hmac, hashBlock, blockSz); 1183 if (ret != 0) 1184 return ret; 1185 ret = Hmac_HashFinalRaw(hmac, hashBlock); 1186 if (ret != 0) 1187 return ret; 1188 for (j = 0; j < macLen; j++) 1189 ((unsigned char*)hmac->innerHash)[j] |= hashBlock[j] & isOutBlock; 1190 } 1191 1192 ret = Hmac_OuterHash(hmac, digest); 1193 1194 return ret; 1195 } 1196 1197 #endif 1198 1199 #if defined(WOLFSSL_NO_HASH_RAW) || defined(HAVE_FIPS) || \ 1200 defined(HAVE_SELFTEST) || defined(HAVE_BLAKE2) 1201 1202 /* Calculate the HMAC of the header + message data. 1203 * Constant time implementation using normal hashing operations. 1204 * Update-Final need to be constant time. 1205 * 1206 * hmac HMAC object. 1207 * digest MAC result. 1208 * in Message data. 1209 * sz Size of the message data. 1210 * header Constructed record header with length of handshake data. 1211 * returns 0 on success, otherwise failure. 1212 */ 1213 static int Hmac_UpdateFinal(Hmac* hmac, byte* digest, const byte* in, 1214 word32 sz, byte* header) 1215 { 1216 byte dummy[WC_MAX_BLOCK_SIZE] = {0}; 1217 int ret; 1218 word32 msgSz, blockSz, macSz, padSz, maxSz, realSz; 1219 word32 currSz, offset; 1220 int msgBlocks, blocks, blockBits; 1221 int i; 1222 1223 switch (hmac->macType) { 1224 #ifndef NO_SHA 1225 case WC_SHA: 1226 blockSz = WC_SHA_BLOCK_SIZE; 1227 blockBits = 6; 1228 macSz = WC_SHA_DIGEST_SIZE; 1229 padSz = WC_SHA_BLOCK_SIZE - WC_SHA_PAD_SIZE + 1; 1230 break; 1231 #endif /* !NO_SHA */ 1232 1233 #ifndef NO_SHA256 1234 case WC_SHA256: 1235 blockSz = WC_SHA256_BLOCK_SIZE; 1236 blockBits = 6; 1237 macSz = WC_SHA256_DIGEST_SIZE; 1238 padSz = WC_SHA256_BLOCK_SIZE - WC_SHA256_PAD_SIZE + 1; 1239 break; 1240 #endif /* !NO_SHA256 */ 1241 1242 #ifdef WOLFSSL_SHA384 1243 case WC_SHA384: 1244 blockSz = WC_SHA384_BLOCK_SIZE; 1245 blockBits = 7; 1246 macSz = WC_SHA384_DIGEST_SIZE; 1247 padSz = WC_SHA384_BLOCK_SIZE - WC_SHA384_PAD_SIZE + 1; 1248 break; 1249 #endif /* WOLFSSL_SHA384 */ 1250 1251 #ifdef WOLFSSL_SHA512 1252 case WC_SHA512: 1253 blockSz = WC_SHA512_BLOCK_SIZE; 1254 blockBits = 7; 1255 macSz = WC_SHA512_DIGEST_SIZE; 1256 padSz = WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE + 1; 1257 break; 1258 #endif /* WOLFSSL_SHA512 */ 1259 1260 #ifdef HAVE_BLAKE2 1261 case WC_HASH_TYPE_BLAKE2B: 1262 blockSz = BLAKE2B_BLOCKBYTES; 1263 blockBits = 7; 1264 macSz = BLAKE2B_256; 1265 padSz = 0; 1266 break; 1267 #endif /* HAVE_BLAK2 */ 1268 1269 default: 1270 return BAD_FUNC_ARG; 1271 } 1272 1273 msgSz = sz - (1 + in[sz - 1] + macSz); 1274 /* Make negative result 0 */ 1275 msgSz &= ~(0 - (msgSz >> 31)); 1276 realSz = WOLFSSL_TLS_HMAC_INNER_SZ + msgSz; 1277 maxSz = WOLFSSL_TLS_HMAC_INNER_SZ + (sz - 1) - macSz; 1278 1279 /* Calculate #blocks processed in HMAC for max and real data. */ 1280 blocks = maxSz >> blockBits; 1281 blocks += ((maxSz + padSz) % blockSz) < padSz; 1282 msgBlocks = realSz >> blockBits; 1283 /* #Extra blocks to process. */ 1284 blocks -= msgBlocks + (((realSz + padSz) % blockSz) < padSz); 1285 /* Calculate whole blocks. */ 1286 msgBlocks--; 1287 1288 ret = wc_HmacUpdate(hmac, header, WOLFSSL_TLS_HMAC_INNER_SZ); 1289 if (ret == 0) { 1290 /* Fill the rest of the block with any available data. */ 1291 currSz = ctMaskLT(msgSz, blockSz) & msgSz; 1292 currSz |= ctMaskGTE(msgSz, blockSz) & blockSz; 1293 currSz -= WOLFSSL_TLS_HMAC_INNER_SZ; 1294 currSz &= ~(0 - (currSz >> 31)); 1295 ret = wc_HmacUpdate(hmac, in, currSz); 1296 offset = currSz; 1297 } 1298 if (ret == 0) { 1299 /* Do the hash operations on a block basis. */ 1300 for (i = 0; i < msgBlocks; i++, offset += blockSz) { 1301 ret = wc_HmacUpdate(hmac, in + offset, blockSz); 1302 if (ret != 0) 1303 break; 1304 } 1305 } 1306 if (ret == 0) 1307 ret = wc_HmacUpdate(hmac, in + offset, msgSz - offset); 1308 if (ret == 0) 1309 ret = wc_HmacFinal(hmac, digest); 1310 if (ret == 0) { 1311 /* Do the dummy hash operations. Do at least one. */ 1312 for (i = 0; i < blocks + 1; i++) { 1313 ret = wc_HmacUpdate(hmac, dummy, blockSz); 1314 if (ret != 0) 1315 break; 1316 } 1317 } 1318 1319 return ret; 1320 } 1321 1322 #endif 1323 1324 int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz, 1325 int content, int verify) 1326 { 1327 Hmac hmac; 1328 byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ]; 1329 int ret = 0; 822 1330 823 1331 if (ssl == NULL) … … 825 1333 826 1334 #ifdef HAVE_FUZZER 827 if (ssl->fuzzerCb) 828 ssl->fuzzerCb(ssl, in, sz, FUZZ_HMAC, ssl->fuzzerCtx); 1335 /* Fuzz "in" buffer with sz to be used in HMAC algorithm */ 1336 if (ssl->fuzzerCb) { 1337 if (verify && padSz >= 0) { 1338 ssl->fuzzerCb(ssl, in, sz + ssl->specs.hash_size + padSz + 1, 1339 FUZZ_HMAC, ssl->fuzzerCtx); 1340 } 1341 else { 1342 ssl->fuzzerCb(ssl, in, sz, FUZZ_HMAC, ssl->fuzzerCtx); 1343 } 1344 } 829 1345 #endif 830 1346 … … 836 1352 837 1353 ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl), 838 wolfSSL_GetMacSecret(ssl, verify), ssl->specs.hash_size); 1354 wolfSSL_GetMacSecret(ssl, verify), 1355 ssl->specs.hash_size); 839 1356 if (ret == 0) { 840 ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner)); 841 if (ret == 0) 842 ret = wc_HmacUpdate(&hmac, in, sz); /* content */ 843 if (ret == 0) 844 ret = wc_HmacFinal(&hmac, digest); 845 } 1357 /* Constant time verification required. */ 1358 if (verify && padSz >= 0) { 1359 #if !defined(WOLFSSL_NO_HASH_RAW) && !defined(HAVE_FIPS) && \ 1360 !defined(HAVE_SELFTEST) 1361 #ifdef HAVE_BLAKE2 1362 if (wolfSSL_GetHmacType(ssl) == WC_HASH_TYPE_BLAKE2B) { 1363 ret = Hmac_UpdateFinal(&hmac, digest, in, sz + 1364 ssl->specs.hash_size + padSz + 1, 1365 myInner); 1366 } 1367 else 1368 #endif 1369 { 1370 ret = Hmac_UpdateFinal_CT(&hmac, digest, in, sz + 1371 ssl->specs.hash_size + padSz + 1, 1372 myInner); 1373 } 1374 #else 1375 ret = Hmac_UpdateFinal(&hmac, digest, in, sz + 1376 ssl->specs.hash_size + padSz + 1, 1377 myInner); 1378 #endif 1379 } 1380 else { 1381 ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner)); 1382 if (ret == 0) 1383 ret = wc_HmacUpdate(&hmac, in, sz); /* content */ 1384 if (ret == 0) 1385 ret = wc_HmacFinal(&hmac, digest); 1386 } 1387 } 1388 846 1389 wc_HmacFree(&hmac); 847 1390 848 1391 return ret; 849 1392 } 1393 #endif /* WOLFSSL_AEAD_ONLY */ 1394 1395 #endif /* !WOLFSSL_NO_TLS12 */ 850 1396 851 1397 #ifdef HAVE_TLS_EXTENSIONS … … 878 1424 * 'remapped' extension type. 879 1425 */ 880 static INLINE word16 TLSX_ToSemaphore(word16 type)1426 static WC_INLINE word16 TLSX_ToSemaphore(word16 type) 881 1427 { 882 1428 switch (type) { … … 918 1464 TLSX* extension = (TLSX*)XMALLOC(sizeof(TLSX), heap, DYNAMIC_TYPE_TLSX); 919 1465 1466 (void)heap; 1467 920 1468 if (extension) { 921 1469 extension->type = type; … … 953 1501 TLSX_FreeAll(next, heap); 954 1502 955 /* there is no way to occur more than */ 956 /* two extensions of the same type. */ 1503 /* there is no way to occur more than 1504 * two extensions of the same type. 1505 */ 957 1506 break; 958 1507 } … … 962 1511 } 963 1512 964 #ifndef NO_WOLFSSL_SERVER 1513 #ifndef NO_WOLFSSL_CLIENT 1514 1515 int TLSX_CheckUnsupportedExtension(WOLFSSL* ssl, TLSX_Type type); 1516 1517 int TLSX_CheckUnsupportedExtension(WOLFSSL* ssl, TLSX_Type type) 1518 { 1519 TLSX *extension = TLSX_Find(ssl->extensions, type); 1520 1521 if (!extension) 1522 extension = TLSX_Find(ssl->ctx->extensions, type); 1523 1524 return extension == NULL; 1525 } 1526 1527 int TLSX_HandleUnsupportedExtension(WOLFSSL* ssl); 1528 1529 int TLSX_HandleUnsupportedExtension(WOLFSSL* ssl) 1530 { 1531 SendAlert(ssl, alert_fatal, unsupported_extension); 1532 return UNSUPPORTED_EXTENSION; 1533 } 1534 1535 #else 1536 1537 #define TLSX_CheckUnsupportedExtension(ssl, type) 0 1538 #define TLSX_HandleUnsupportedExtension(ssl) 0 1539 1540 #endif 965 1541 966 1542 /** Mark an extension to be sent back to the client. */ … … 969 1545 void TLSX_SetResponse(WOLFSSL* ssl, TLSX_Type type) 970 1546 { 971 TLSX *ext = TLSX_Find(ssl->extensions, type); 972 973 if (ext) 974 ext->resp = 1; 975 } 976 977 #endif 1547 TLSX *extension = TLSX_Find(ssl->extensions, type); 1548 1549 if (extension) 1550 extension->resp = 1; 1551 } 978 1552 979 1553 /******************************************************************************/ … … 1153 1727 TLSX_APPLICATION_LAYER_PROTOCOL); 1154 1728 1155 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)1729 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 1156 1730 if (ssl->alpnSelect != NULL) { 1157 1731 const byte* out; … … 1173 1747 1174 1748 if (extension == NULL || extension->data == NULL) { 1175 WOLFSSL_MSG("No ALPN extensions not used or bad"); 1176 return isRequest ? 0 /* not using ALPN */ 1177 : BUFFER_ERROR; /* unexpected ALPN response */ 1749 return isRequest ? 0 1750 : TLSX_HandleUnsupportedExtension(ssl); 1178 1751 } 1179 1752 … … 1382 1955 if (sni->data.host_name) { 1383 1956 XSTRNCPY(sni->data.host_name, (const char*)data, size); 1384 sni->data.host_name[size] = 0;1957 sni->data.host_name[size] = '\0'; 1385 1958 } else { 1386 1959 XFREE(sni, heap, DYNAMIC_TYPE_TLSX); … … 1476 2049 } 1477 2050 1478 #ifndef NO_WOLFSSL_SERVER1479 1480 2051 /** Finds a SNI object in the provided list. */ 1481 2052 static SNI* TLSX_SNI_Find(SNI *list, byte type) … … 1489 2060 } 1490 2061 1491 1492 2062 /** Sets the status of a SNI object. */ 1493 2063 static void TLSX_SNI_SetStatus(TLSX* extensions, byte type, byte status) … … 1511 2081 return 0; 1512 2082 } 1513 1514 #endif /* NO_WOLFSSL_SERVER */1515 2083 1516 2084 /** Parses a buffer of SNI extensions. */ … … 1529 2097 extension = TLSX_Find(ssl->ctx->extensions, TLSX_SERVER_NAME); 1530 2098 1531 (void)isRequest; 1532 (void)input; 1533 2099 if (!isRequest) { 2100 #ifndef NO_WOLFSSL_CLIENT 2101 if (!extension || !extension->data) 2102 return TLSX_HandleUnsupportedExtension(ssl); 2103 2104 if (length > 0) 2105 return BUFFER_ERROR; /* SNI response MUST be empty. */ 2106 2107 /* This call enables wolfSSL_SNI_GetRequest() to be called in the 2108 * client side to fetch the used SNI. It will only work if the SNI 2109 * was set at the SSL object level. Right now we only support one 2110 * name type, WOLFSSL_SNI_HOST_NAME, but in the future, the 2111 * inclusion of other name types will turn this method inaccurate, 2112 * as the extension response doesn't contains information of which 2113 * name was accepted. 2114 */ 2115 TLSX_SNI_SetStatus(ssl->extensions, WOLFSSL_SNI_HOST_NAME, 2116 WOLFSSL_SNI_REAL_MATCH); 2117 2118 return 0; 2119 #endif 2120 } 2121 2122 #ifndef NO_WOLFSSL_SERVER 1534 2123 if (!extension || !extension->data) { 1535 2124 #if defined(WOLFSSL_ALWAYS_KEEP_SNI) && !defined(NO_WOLFSSL_SERVER) 1536 2125 /* This will keep SNI even though TLSX_UseSNI has not been called. 1537 2126 * Enable it so that the received sni is available to functions 1538 * that use a custom callback when SNI is received */ 2127 * that use a custom callback when SNI is received. 2128 */ 2129 1539 2130 cacheOnly = 1; 1540 2131 WOLFSSL_MSG("Forcing SSL object to store SNI parameter"); 1541 2132 #else 1542 return isRequest ? 0 /* not using SNI. */ 1543 : BUFFER_ERROR; /* unexpected SNI response. */ 1544 #endif 1545 } 1546 1547 if (!isRequest) 1548 return length ? BUFFER_ERROR /* SNI response MUST be empty. */ 1549 : 0; /* nothing else to do. */ 1550 1551 #ifndef NO_WOLFSSL_SERVER 2133 /* Skipping, SNI not enabled at server side. */ 2134 return 0; 2135 #endif 2136 } 1552 2137 1553 2138 if (OPAQUE16_LEN > length) … … 1580 2165 case WOLFSSL_SNI_HOST_NAME: { 1581 2166 int matchStat; 2167 byte matched; 2168 1582 2169 #ifdef WOLFSSL_TLS13 1583 2170 /* Don't process the second ClientHello SNI extension if there … … 1587 2174 break; 1588 2175 #endif 1589 bytematched = cacheOnly ||1590 ((XSTRLEN(sni->data.host_name) == size)1591 &&(XSTRNCMP(sni->data.host_name,2176 matched = cacheOnly || 2177 ((XSTRLEN(sni->data.host_name) == size) && 2178 (XSTRNCMP(sni->data.host_name, 1592 2179 (const char*)input + offset, size) == 0)); 1593 2180 … … 1610 2197 } 1611 2198 1612 TLSX_SNI_SetStatus(ssl->extensions, type, matchStat);2199 TLSX_SNI_SetStatus(ssl->extensions, type, (byte)matchStat); 1613 2200 1614 2201 if(!cacheOnly) … … 1624 2211 } 1625 2212 } 1626 2213 #else 2214 (void)input; 1627 2215 #endif 1628 2216 … … 1690 2278 if (!extension) { 1691 2279 int ret = TLSX_Push(extensions, TLSX_SERVER_NAME, (void*)sni, heap); 2280 1692 2281 if (ret != 0) { 1693 2282 TLSX_SNI_Free(sni, heap); … … 1708 2297 TLSX_SNI_Free(next, heap); 1709 2298 1710 /* there is no way to occur more than */ 1711 /* two SNIs of the same type. */ 2299 /* there is no way to occur more than 2300 * two SNIs of the same type. 2301 */ 1712 2302 break; 1713 2303 } … … 1934 2524 byte isRequest) 1935 2525 { 1936 (void)isRequest;1937 1938 2526 if (length != ENUM_LEN) 1939 2527 return BUFFER_ERROR; 1940 2528 2529 #ifdef WOLFSSL_OLD_UNSUPPORTED_EXTENSION 2530 (void) isRequest; 2531 #else 2532 if (!isRequest) 2533 if (TLSX_CheckUnsupportedExtension(ssl, TLSX_MAX_FRAGMENT_LENGTH)) 2534 return TLSX_HandleUnsupportedExtension(ssl); 2535 #endif 2536 1941 2537 switch (*input) { 2538 case WOLFSSL_MFL_2_8 : ssl->max_fragment = 256; break; 1942 2539 case WOLFSSL_MFL_2_9 : ssl->max_fragment = 512; break; 1943 2540 case WOLFSSL_MFL_2_10: ssl->max_fragment = 1024; break; … … 1954 2551 #ifndef NO_WOLFSSL_SERVER 1955 2552 if (isRequest) { 1956 int r = TLSX_UseMaxFragment(&ssl->extensions, *input, ssl->heap); 1957 1958 if (r != WOLFSSL_SUCCESS) return r; /* throw error */ 2553 int ret = TLSX_UseMaxFragment(&ssl->extensions, *input, ssl->heap); 2554 2555 if (ret != WOLFSSL_SUCCESS) 2556 return ret; /* throw error */ 1959 2557 1960 2558 TLSX_SetResponse(ssl, TLSX_MAX_FRAGMENT_LENGTH); … … 1970 2568 int ret = 0; 1971 2569 1972 if (extensions == NULL )2570 if (extensions == NULL || mfl < WOLFSSL_MFL_MIN || mfl > WOLFSSL_MFL_MAX) 1973 2571 return BAD_FUNC_ARG; 1974 2572 1975 if (mfl < WOLFSSL_MFL_2_9 || WOLFSSL_MFL_2_13 < mfl) 1976 return BAD_FUNC_ARG; 1977 1978 if ((data = (byte*)XMALLOC(ENUM_LEN, heap, DYNAMIC_TYPE_TLSX)) == NULL) 2573 data = (byte*)XMALLOC(ENUM_LEN, heap, DYNAMIC_TYPE_TLSX); 2574 if (data == NULL) 1979 2575 return MEMORY_E; 1980 2576 1981 2577 data[0] = mfl; 1982 2578 1983 /* push new MFL extension. */ 1984 if ((ret = TLSX_Push(extensions, TLSX_MAX_FRAGMENT_LENGTH, data, heap)) 1985 != 0) { 2579 ret = TLSX_Push(extensions, TLSX_MAX_FRAGMENT_LENGTH, data, heap); 2580 if (ret != 0) { 1986 2581 XFREE(data, heap, DYNAMIC_TYPE_TLSX); 1987 2582 return ret; … … 2015 2610 byte isRequest) 2016 2611 { 2017 (void)isRequest;2018 2019 2612 if (length != 0 || input == NULL) 2020 2613 return BUFFER_ERROR; 2021 2614 2615 if (!isRequest) { 2616 #ifndef WOLFSSL_OLD_UNSUPPORTED_EXTENSION 2617 if (TLSX_CheckUnsupportedExtension(ssl, TLSX_TRUNCATED_HMAC)) 2618 return TLSX_HandleUnsupportedExtension(ssl); 2619 #endif 2620 } 2621 else { 2022 2622 #ifndef NO_WOLFSSL_SERVER 2023 if (isRequest) { 2024 int r = TLSX_UseTruncatedHMAC(&ssl->extensions, ssl->heap); 2025 2026 if (r != WOLFSSL_SUCCESS) 2027 return r; /* throw error */ 2623 int ret = TLSX_UseTruncatedHMAC(&ssl->extensions, ssl->heap); 2624 2625 if (ret != WOLFSSL_SUCCESS) 2626 return ret; /* throw error */ 2028 2627 2029 2628 TLSX_SetResponse(ssl, TLSX_TRUNCATED_HMAC); 2030 } 2031 #endif 2629 #endif 2630 } 2032 2631 2033 2632 ssl->truncated_hmac = 1; … … 2043 2642 return BAD_FUNC_ARG; 2044 2643 2045 if ((ret = TLSX_Push(extensions, TLSX_TRUNCATED_HMAC, NULL, heap)) != 0) 2644 ret = TLSX_Push(extensions, TLSX_TRUNCATED_HMAC, NULL, heap); 2645 if (ret != 0) 2046 2646 return ret; 2047 2647 … … 2092 2692 break; 2093 2693 } 2694 } 2695 #endif 2696 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER) 2697 if (!isRequest && csr->ssl->options.tls1_3) { 2698 if (csr->response.buffer == NULL) { 2699 OcspRequest* request = &csr->request.ocsp; 2700 int ret = CreateOcspResponse(csr->ssl, &request, &csr->response); 2701 if (ret < 0) 2702 return ret; 2703 } 2704 return OPAQUE8_LEN + OPAQUE24_LEN + csr->response.length; 2094 2705 } 2095 2706 #endif … … 2134 2745 } 2135 2746 #endif 2747 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER) 2748 if (!isRequest && csr->ssl->options.tls1_3) { 2749 word16 offset = 0; 2750 output[offset++] = csr->status_type; 2751 c32to24(csr->response.length, output + offset); 2752 offset += OPAQUE24_LEN; 2753 XMEMCPY(output + offset, csr->response.buffer, csr->response.length); 2754 offset += csr->response.length; 2755 return offset; 2756 } 2757 #endif 2136 2758 2137 2759 return 0; … … 2157 2779 csr = extension ? (CertificateStatusRequest*)extension->data : NULL; 2158 2780 2159 if (!csr) 2160 return BUFFER_ERROR; /* unexpected extension */2781 if (!csr) /* unexpected extension */ 2782 return TLSX_HandleUnsupportedExtension(ssl); 2161 2783 2162 2784 /* enable extension at ssl level */ 2163 2785 ret = TLSX_UseCertificateStatusRequest(&ssl->extensions, 2164 csr->status_type, csr->options, ssl ->heap,2165 ssl-> devId);2786 csr->status_type, csr->options, ssl, 2787 ssl->heap, ssl->devId); 2166 2788 if (ret != WOLFSSL_SUCCESS) 2167 2789 return ret; … … 2186 2808 ssl->status_request = 1; 2187 2809 2188 return length ? BUFFER_ERROR : 0; /* extension_data MUST be empty. */ 2810 #ifdef WOLFSSL_TLS13 2811 if (ssl->options.tls1_3) { 2812 word32 resp_length; 2813 word32 offset = 0; 2814 ret = 0; 2815 if (OPAQUE8_LEN + OPAQUE24_LEN > length) 2816 ret = BUFFER_ERROR; 2817 if (ret == 0 && input[offset++] != WOLFSSL_CSR_OCSP) 2818 ret = BAD_CERTIFICATE_STATUS_ERROR; 2819 if (ret == 0) { 2820 c24to32(input + offset, &resp_length); 2821 offset += OPAQUE24_LEN; 2822 if (offset + resp_length != length) 2823 ret = BUFFER_ERROR; 2824 } 2825 if (ret == 0) { 2826 csr->response.buffer = input + offset; 2827 csr->response.length = resp_length; 2828 } 2829 2830 return ret; 2831 } 2832 else 2833 #endif 2834 { 2835 /* extension_data MUST be empty. */ 2836 return length ? BUFFER_ERROR : 0; 2837 } 2189 2838 #endif 2190 2839 } … … 2239 2888 /* accept the first good status_type and return */ 2240 2889 ret = TLSX_UseCertificateStatusRequest(&ssl->extensions, status_type, 2241 0, ssl->heap, ssl->devId);2890 0, ssl, ssl->heap, ssl->devId); 2242 2891 if (ret != WOLFSSL_SUCCESS) 2243 2892 return ret; /* throw error */ … … 2245 2894 TLSX_SetResponse(ssl, TLSX_STATUS_REQUEST); 2246 2895 ssl->status_request = status_type; 2247 2248 2896 #endif 2249 2897 } … … 2323 2971 2324 2972 int TLSX_UseCertificateStatusRequest(TLSX** extensions, byte status_type, 2325 byte options, void* heap, int devId) 2973 byte options, WOLFSSL* ssl, void* heap, 2974 int devId) 2326 2975 { 2327 2976 CertificateStatusRequest* csr = NULL; … … 2340 2989 csr->status_type = status_type; 2341 2990 csr->options = options; 2991 csr->ssl = ssl; 2342 2992 2343 2993 switch (csr->status_type) { … … 2519 3169 (CertificateStatusRequestItemV2*)extension->data : NULL; 2520 3170 2521 if (!csr2) 2522 return BUFFER_ERROR; /* unexpected extension */3171 if (!csr2) /* unexpected extension */ 3172 return TLSX_HandleUnsupportedExtension(ssl); 2523 3173 2524 3174 /* enable extension at ssl level */ 2525 3175 for (; csr2; csr2 = csr2->next) { 2526 3176 ret = TLSX_UseCertificateStatusRequestV2(&ssl->extensions, 2527 csr2->status_type, csr2->options, ssl->heap, ssl->devId); 3177 csr2->status_type, csr2->options, ssl->heap, 3178 ssl->devId); 2528 3179 if (ret != WOLFSSL_SUCCESS) 2529 3180 return ret; … … 2566 3217 2567 3218 /* list size */ 3219 if (offset + OPAQUE16_LEN >= length) { 3220 return BUFFER_E; 3221 } 3222 2568 3223 ato16(input + offset, &request_length); 2569 3224 offset += OPAQUE16_LEN; … … 2819 3474 #ifdef HAVE_SUPPORTED_CURVES 2820 3475 2821 #if ndef HAVE_ECC3476 #if !defined(HAVE_ECC) && !defined(HAVE_CURVE25519) && !defined(WOLFSSL_TLS13) 2822 3477 #error Elliptic Curves Extension requires Elliptic Curve Cryptography. \ 2823 3478 Use --enable-ecc in the configure script or define HAVE_ECC. … … 2829 3484 if (curve == NULL) 2830 3485 return BAD_FUNC_ARG; 3486 3487 (void)heap; 2831 3488 2832 3489 *curve = (SupportedCurve*)XMALLOC(sizeof(SupportedCurve), heap, … … 2846 3503 return BAD_FUNC_ARG; 2847 3504 3505 (void)heap; 3506 2848 3507 *point = (PointFormat*)XMALLOC(sizeof(PointFormat), heap, 2849 3508 DYNAMIC_TYPE_TLSX); … … 2882 3541 void* heap) 2883 3542 { 2884 if (list == NULL) 2885 return BAD_FUNC_ARG; 2886 2887 while (1) { 2888 if (list->name == name) 2889 return 0; /* curve alreay in use */ 2890 2891 if (list->next == NULL) 2892 return TLSX_SupportedCurve_New(&list->next, name, heap); 3543 int ret = BAD_FUNC_ARG; 3544 3545 while (list) { 3546 if (list->name == name) { 3547 ret = 0; /* curve alreay in use */ 3548 break; 3549 } 3550 3551 if (list->next == NULL) { 3552 ret = TLSX_SupportedCurve_New(&list->next, name, heap); 3553 break; 3554 } 2893 3555 2894 3556 list = list->next; 2895 3557 } 2896 3558 2897 return 0;3559 return ret; 2898 3560 } 2899 3561 2900 3562 static int TLSX_PointFormat_Append(PointFormat* list, byte format, void* heap) 2901 3563 { 2902 if (list == NULL) 2903 return BAD_FUNC_ARG; 2904 2905 while (1) { 2906 if (list->format == format) 2907 return 0; /* format already in use */ 2908 2909 if (list->next == NULL) 2910 return TLSX_PointFormat_New(&list->next, format, heap); 3564 int ret = BAD_FUNC_ARG; 3565 3566 while (list) { 3567 if (list->format == format) { 3568 ret = 0; /* format already in use */ 3569 break; 3570 } 3571 3572 if (list->next == NULL) { 3573 ret = TLSX_PointFormat_New(&list->next, format, heap); 3574 break; 3575 } 2911 3576 2912 3577 list = list->next; 2913 3578 } 2914 3579 2915 return 0;2916 } 2917 2918 #if ndef NO_WOLFSSL_CLIENT3580 return ret; 3581 } 3582 3583 #if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_CLIENT) 2919 3584 2920 3585 static void TLSX_SupportedCurve_ValidateRequest(WOLFSSL* ssl, byte* semaphore) … … 2947 3612 2948 3613 #endif 3614 2949 3615 #ifndef NO_WOLFSSL_SERVER 2950 3616 … … 3019 3685 } 3020 3686 3021 output[0] = offset - ENUM_LEN;3687 output[0] = (byte)(offset - ENUM_LEN); 3022 3688 3023 3689 return offset; 3024 3690 } 3025 3691 3026 #ifndef NO_WOLFSSL_SERVER 3692 #if !defined(NO_WOLFSSL_SERVER) || (defined(WOLFSSL_TLS13) && \ 3693 !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) 3027 3694 3028 3695 static int TLSX_SupportedCurve_Parse(WOLFSSL* ssl, byte* input, word16 length, … … 3033 3700 int ret; 3034 3701 3035 (void) isRequest; /* shut up compiler! */ 3702 if(!isRequest && !IsAtLeastTLSv1_3(ssl->version)) { 3703 #ifdef WOLFSSL_ALLOW_SERVER_SC_EXT 3704 return 0; 3705 #else 3706 return BUFFER_ERROR; /* servers doesn't send this extension. */ 3707 #endif 3708 } 3036 3709 3037 3710 if (OPAQUE16_LEN > length || length % OPAQUE16_LEN) … … 3044 3717 return BUFFER_ERROR; 3045 3718 3046 for (offset = OPAQUE16_LEN; offset < length; offset += OPAQUE16_LEN) { 3719 offset = OPAQUE16_LEN; 3720 if (offset == length) 3721 return 0; 3722 3723 #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_SERVER_GROUPS_EXT) 3724 if (!isRequest) { 3725 TLSX* extension; 3726 SupportedCurve* curve; 3727 3728 extension = TLSX_Find(ssl->extensions, TLSX_SUPPORTED_GROUPS); 3729 if (extension != NULL) { 3730 /* Replace client list with server list of supported groups. */ 3731 curve = (SupportedCurve*)extension->data; 3732 extension->data = NULL; 3733 TLSX_SupportedCurve_FreeAll(curve, ssl->heap); 3734 3047 3735 ato16(input + offset, &name); 3736 offset += OPAQUE16_LEN; 3737 3738 ret = TLSX_SupportedCurve_New(&curve, name, ssl->heap); 3739 if (ret != 0) 3740 return ret; /* throw error */ 3741 extension->data = (void*)curve; 3742 } 3743 } 3744 #endif 3745 3746 for (; offset < length; offset += OPAQUE16_LEN) { 3747 ato16(input + offset, &name); 3048 3748 3049 3749 ret = TLSX_UseSupportedCurve(&ssl->extensions, name, ssl->heap); 3050 3051 3750 if (ret != WOLFSSL_SUCCESS) 3052 3751 return ret; /* throw error */ … … 3055 3754 return 0; 3056 3755 } 3756 3757 #endif 3758 3759 #if !defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ 3760 !defined(WOLFSSL_NO_SERVER_GROUPS_EXT) 3761 3762 /* Checks the priority of the groups on the server and set the supported groups 3763 * response if there is a group not advertised by the client that is preferred. 3764 * 3765 * ssl SSL/TLS object. 3766 * returns 0 on success, otherwise an error. 3767 */ 3768 int TLSX_SupportedCurve_CheckPriority(WOLFSSL* ssl) 3769 { 3770 int ret; 3771 TLSX* extension; 3772 TLSX* priority = NULL; 3773 TLSX* ext = NULL; 3774 word16 name; 3775 SupportedCurve* curve; 3776 3777 extension = TLSX_Find(ssl->extensions, TLSX_SUPPORTED_GROUPS); 3778 /* May be doing PSK with no key exchange. */ 3779 if (extension == NULL) 3780 return 0; 3781 3782 if ((ret = TLSX_PopulateSupportedGroups(ssl, &priority)) != WOLFSSL_SUCCESS) 3783 return ret; 3784 3785 ext = TLSX_Find(priority, TLSX_SUPPORTED_GROUPS); 3786 curve = (SupportedCurve*)ext->data; 3787 name = curve->name; 3788 3789 curve = (SupportedCurve*)extension->data; 3790 while (curve != NULL) { 3791 if (curve->name == name) 3792 break; 3793 curve = curve->next; 3794 } 3795 3796 if (curve == NULL) { 3797 /* Couldn't find the preferred group in client list. */ 3798 extension->resp = 1; 3799 3800 /* Send server list back and free client list. */ 3801 curve = (SupportedCurve*)extension->data; 3802 extension->data = ext->data; 3803 ext->data = curve; 3804 } 3805 3806 TLSX_FreeAll(priority, ssl->heap); 3807 3808 return 0; 3809 } 3810 3811 #endif 3812 3813 #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_SERVER_GROUPS_EXT) 3814 /* Return the preferred group. 3815 * 3816 * ssl SSL/TLS object. 3817 * checkSupported Whether to check for the first supported group. 3818 * returns BAD_FUNC_ARG if no group found, otherwise the group. 3819 */ 3820 int TLSX_SupportedCurve_Preferred(WOLFSSL* ssl, int checkSupported) 3821 { 3822 TLSX* extension; 3823 SupportedCurve* curve; 3824 3825 extension = TLSX_Find(ssl->extensions, TLSX_SUPPORTED_GROUPS); 3826 if (extension == NULL) 3827 return BAD_FUNC_ARG; 3828 3829 curve = (SupportedCurve*)extension->data; 3830 while (curve != NULL) { 3831 if (!checkSupported || TLSX_KeyShare_IsSupported(curve->name)) 3832 return curve->name; 3833 curve = curve->next; 3834 } 3835 3836 return BAD_FUNC_ARG; 3837 } 3838 3839 #endif 3840 3841 #ifndef NO_WOLFSSL_SERVER 3057 3842 3058 3843 static int TLSX_PointFormat_Parse(WOLFSSL* ssl, byte* input, word16 length, … … 3078 3863 } 3079 3864 3865 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 3080 3866 int TLSX_ValidateSupportedCurves(WOLFSSL* ssl, byte first, byte second) { 3081 3867 TLSX* extension = (first == ECC_BYTE || first == CHACHA_BYTE) … … 3111 3897 /* find supported curve */ 3112 3898 switch (curve->name) { 3899 #ifdef HAVE_ECC 3113 3900 #if defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES) 3114 3901 #ifndef NO_ECC_SECP … … 3166 3953 break; 3167 3954 #endif /* !NO_ECC_SECP */ 3955 #endif /* !NO_ECC256 || HAVE_ALL_CURVES */ 3956 #endif 3168 3957 #ifdef HAVE_CURVE25519 3169 3958 case WOLFSSL_ECC_X25519: … … 3177 3966 break; 3178 3967 #endif /* HAVE_CURVE25519 */ 3968 #ifdef HAVE_ECC 3969 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) 3179 3970 #ifdef HAVE_ECC_KOBLITZ 3180 3971 case WOLFSSL_ECC_SECP256K1: … … 3220 4011 #endif /* !NO_ECC_SECP */ 3221 4012 #endif 4013 #endif 3222 4014 default: continue; /* unsupported curve */ 3223 4015 } 3224 4016 4017 #ifdef HAVE_ECC 3225 4018 /* Set default Oid */ 3226 4019 if (defOid == 0 && ssl->eccTempKeySz <= octets && defSz > octets) { … … 3229 4022 } 3230 4023 4024 /* The eccTempKeySz is the preferred ephemeral key size */ 3231 4025 if (currOid == 0 && ssl->eccTempKeySz == octets) 3232 4026 currOid = oid; … … 3235 4029 nextSz = octets; 3236 4030 } 4031 #else 4032 if (defOid == 0 && defSz > octets) { 4033 defOid = oid; 4034 defSz = octets; 4035 } 4036 4037 if (currOid == 0) 4038 currOid = oid; 4039 if (nextOid == 0 || nextSz > octets) { 4040 nextOid = oid; 4041 nextSz = octets; 4042 } 4043 #endif 3237 4044 3238 4045 if (first == ECC_BYTE) { … … 3346 4153 3347 4154 /* Choose the default if it is at the required strength. */ 3348 if (ssl->ecdhCurveOID == 0 && defSz == ssl->eccTempKeySz) { 4155 #ifdef HAVE_ECC 4156 if (ssl->ecdhCurveOID == 0 && defSz == ssl->eccTempKeySz) 4157 #else 4158 if (ssl->ecdhCurveOID == 0) 4159 #endif 4160 { 3349 4161 key = 1; 3350 4162 ssl->ecdhCurveOID = defOid; … … 3367 4179 return sig && key; 3368 4180 } 4181 #endif 3369 4182 3370 4183 #endif /* NO_WOLFSSL_SERVER */ … … 3374 4187 TLSX* extension = NULL; 3375 4188 SupportedCurve* curve = NULL; 3376 int ret = 0;4189 int ret; 3377 4190 3378 4191 if (extensions == NULL) … … 3399 4212 } 3400 4213 3401 return (TLSX_Find(*extensions, TLSX_EC_POINT_FORMATS) == NULL) 3402 ? TLSX_UsePointFormat(extensions, WOLFSSL_EC_PF_UNCOMPRESSED, heap) 3403 : WOLFSSL_SUCCESS; 4214 return WOLFSSL_SUCCESS; 3404 4215 } 3405 4216 … … 3447 4258 #endif 3448 4259 3449 #ifndef NO_WOLFSSL_SERVER 4260 #if !defined(NO_WOLFSSL_SERVER) || (defined(WOLFSSL_TLS13) && \ 4261 !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) 3450 4262 #define EC_PARSE TLSX_SupportedCurve_Parse 3451 4263 #else … … 3496 4308 3497 4309 /* data will be NULL for HAVE_SERVER_RENEGOTIATION_INFO only */ 3498 if (data && data->enabled ) {4310 if (data && data->enabled && data->verifySet) { 3499 4311 /* client sends client_verify_data only */ 3500 4312 length += TLS_FINISHED_SZ; … … 3512 4324 { 3513 4325 word16 offset = OPAQUE8_LEN; /* RenegotiationInfo length */ 3514 3515 if (data && data->enabled) { 4326 if (data && data->enabled && data->verifySet) { 3516 4327 /* client sends client_verify_data only */ 3517 4328 XMEMCPY(output + offset, data->client_verify_data, TLS_FINISHED_SZ); … … 3536 4347 3537 4348 if (length >= OPAQUE8_LEN) { 3538 if ( ssl->secure_renegotiation == NULL) {4349 if (isRequest) { 3539 4350 #ifndef NO_WOLFSSL_SERVER 3540 if (isRequest && *input == 0) { 3541 #ifdef HAVE_SERVER_RENEGOTIATION_INFO 3542 if (length == OPAQUE8_LEN) { 3543 if (TLSX_Find(ssl->extensions, 3544 TLSX_RENEGOTIATION_INFO) == NULL) { 3545 ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions, 3546 ssl->heap); 3547 if (ret == WOLFSSL_SUCCESS) 3548 ret = 0; 3549 3550 } else { 4351 if (ssl->secure_renegotiation == NULL) { 4352 /* already in error state */ 4353 WOLFSSL_MSG("server SCR not available"); 4354 } 4355 else if (!ssl->secure_renegotiation->enabled) { 4356 if (*input == 0) { 4357 input++; /* get past size */ 4358 4359 ssl->secure_renegotiation->enabled = 1; 4360 TLSX_SetResponse(ssl, TLSX_RENEGOTIATION_INFO); 3551 4361 ret = 0; 3552 4362 } 4363 else { 4364 /* already in error state */ 4365 WOLFSSL_MSG("SCR client verify data present"); 3553 4366 } 3554 #else3555 ret = 0; /* don't reply, user didn't enable */3556 #endif /* HAVE_SERVER_RENEGOTIATION_INFO */3557 4367 } 3558 #ifdef HAVE_SERVER_RENEGOTIATION_INFO 3559 else if (!isRequest) { 3560 /* don't do anything on client side */ 3561 ret = 0; 3562 } 3563 #endif 3564 #endif 3565 } 3566 else if (isRequest) { 3567 #ifndef NO_WOLFSSL_SERVER 3568 if (*input == TLS_FINISHED_SZ) { 3569 /* TODO compare client_verify_data */ 3570 ret = 0; 4368 else if (*input == TLS_FINISHED_SZ) { 4369 input++; /* get past size */ 4370 4371 /* validate client verify data */ 4372 if (XMEMCMP(input, 4373 ssl->secure_renegotiation->client_verify_data, 4374 TLS_FINISHED_SZ) == 0) { 4375 WOLFSSL_MSG("SCR client verify data match"); 4376 TLSX_SetResponse(ssl, TLSX_RENEGOTIATION_INFO); 4377 ret = 0; /* verified */ 4378 } else { 4379 /* already in error state */ 4380 WOLFSSL_MSG("SCR client verify data Failure"); 4381 } 3571 4382 } 3572 4383 #endif … … 3632 4443 #ifdef HAVE_SERVER_RENEGOTIATION_INFO 3633 4444 3634 int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions, void* heap) 3635 { 3636 int ret; 3637 3638 ret = TLSX_Push(extensions, TLSX_RENEGOTIATION_INFO, NULL, heap); 3639 if (ret != 0) 3640 return ret; 3641 4445 int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions) 4446 { 3642 4447 /* send empty renegotiation_info extension */ 3643 4448 TLSX* ext = TLSX_Find(*extensions, TLSX_RENEGOTIATION_INFO); … … 3671 4476 #ifdef HAVE_SESSION_TICKET 3672 4477 3673 #if ndef NO_WOLFSSL_CLIENT4478 #if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_CLIENT) 3674 4479 static void TLSX_SessionTicket_ValidateRequest(WOLFSSL* ssl) 3675 4480 { … … 3686 4491 } 3687 4492 } 3688 #endif /* NO_WOLFSSL_CLIENT */4493 #endif /* WLFSSL_TLS13 || !NO_WOLFSSL_CLIENT */ 3689 4494 3690 4495 … … 3717 4522 3718 4523 if (!isRequest) { 3719 /* client side */ 4524 if (TLSX_CheckUnsupportedExtension(ssl, TLSX_SESSION_TICKET)) 4525 return TLSX_HandleUnsupportedExtension(ssl); 4526 3720 4527 if (length != 0) 3721 4528 return BUFFER_ERROR; … … 4441 5248 * 4442 5249 * data The SSL/TLS object. 5250 * msgType The type of the message this extension is being written into. 4443 5251 * returns the length of data that will be in the extension. 4444 5252 */ 4445 static word16 TLSX_SupportedVersions_GetSize(void* data)5253 static int TLSX_SupportedVersions_GetSize(void* data, byte msgType, word16* pSz) 4446 5254 { 4447 5255 WOLFSSL* ssl = (WOLFSSL*)data; 4448 5256 5257 if (msgType == client_hello) { 4449 5258 /* TLS v1.2 and TLS v1.3 */ 4450 5259 int cnt = 2; 4451 5260 4452 5261 #ifndef NO_OLD_TLS 4453 /* TLS v1 and TLS v1.1 */ 4454 cnt += 2; 5262 /* TLS v1.1 */ 5263 cnt++; 5264 #ifdef WOLFSSL_ALLOW_TLSV10 5265 /* TLS v1.0 */ 5266 cnt++; 5267 #endif 4455 5268 #endif 4456 5269 … … 4458 5271 cnt = 1; 4459 5272 4460 return OPAQUE8_LEN + cnt * OPAQUE16_LEN; 5273 *pSz += (word16)(OPAQUE8_LEN + cnt * OPAQUE16_LEN); 5274 } 5275 #ifndef WOLFSSL_TLS13_DRAFT_18 5276 else if (msgType == server_hello || msgType == hello_retry_request) 5277 *pSz += OPAQUE16_LEN; 5278 #endif 5279 else 5280 return SANITY_MSG_E; 5281 5282 return 0; 4461 5283 } 4462 5284 … … 4465 5287 * data The SSL/TLS object. 4466 5288 * output The buffer to write the extension into. 5289 * msgType The type of the message this extension is being written into. 4467 5290 * returns the length of data that was written. 4468 5291 */ 4469 static word16 TLSX_SupportedVersions_Write(void* data, byte* output) 5292 static int TLSX_SupportedVersions_Write(void* data, byte* output, 5293 byte msgType, word16* pSz) 4470 5294 { 4471 5295 WOLFSSL* ssl = (WOLFSSL*)data; 4472 ProtocolVersion pv = ssl->ctx->method->version;5296 ProtocolVersion pv; 4473 5297 int i; 5298 int cnt; 5299 5300 if (msgType == client_hello) { 5301 pv = ssl->ctx->method->version; 4474 5302 /* TLS v1.2 and TLS v1.3 */ 4475 intcnt = 2;5303 cnt = 2; 4476 5304 4477 5305 #ifndef NO_OLD_TLS 4478 /* TLS v1 and TLS v1.1 */ 4479 cnt += 2; 5306 /* TLS v1.1 */ 5307 cnt++; 5308 #ifdef WOLFSSL_ALLOW_TLSV10 5309 /* TLS v1.0 */ 5310 cnt++; 5311 #endif 4480 5312 #endif 4481 5313 … … 4483 5315 cnt = 1; 4484 5316 4485 *(output++) = cnt * OPAQUE16_LEN;5317 *(output++) = (byte)(cnt * OPAQUE16_LEN); 4486 5318 for (i = 0; i < cnt; i++) { 4487 /* TODO: [TLS13] Remove code when TLS v1.3 becomes an RFC. */ 5319 #ifdef WOLFSSL_TLS13_DRAFT 4488 5320 if (pv.minor - i == TLSv1_3_MINOR) { 4489 5321 /* The TLS draft major number. */ … … 4493 5325 continue; 4494 5326 } 5327 #endif 4495 5328 4496 5329 *(output++) = pv.major; 4497 *(output++) = pv.minor - i; 4498 } 4499 4500 return OPAQUE8_LEN + cnt * OPAQUE16_LEN; 5330 *(output++) = (byte)(pv.minor - i); 5331 } 5332 5333 *pSz += (word16)(OPAQUE8_LEN + cnt * OPAQUE16_LEN); 5334 } 5335 #ifndef WOLFSSL_TLS13_DRAFT_18 5336 else if (msgType == server_hello || msgType == hello_retry_request) { 5337 #ifdef WOLFSSL_TLS13_DRAFT 5338 if (ssl->version.major == SSLv3_MAJOR && 5339 ssl->version.minor == TLSv1_3_MINOR) { 5340 output[0] = TLS_DRAFT_MAJOR; 5341 output[1] = TLS_DRAFT_MINOR; 5342 } 5343 else 5344 #endif 5345 { 5346 output[0] = ssl->version.major; 5347 output[1] = ssl->version.minor; 5348 } 5349 5350 *pSz += OPAQUE16_LEN; 5351 } 5352 #endif 5353 else 5354 return SANITY_MSG_E; 5355 5356 return 0; 4501 5357 } 4502 5358 … … 4506 5362 * input The buffer with the extension data. 4507 5363 * length The length of the extension data. 5364 * msgType The type of the message this extension is being parsed from. 4508 5365 * returns 0 on success, otherwise failure. 4509 5366 */ 4510 5367 static int TLSX_SupportedVersions_Parse(WOLFSSL *ssl, byte* input, 4511 word16 length )5368 word16 length, byte msgType) 4512 5369 { 4513 5370 ProtocolVersion pv = ssl->ctx->method->version; 4514 5371 int i; 4515 int ret = VERSION_ERROR;4516 5372 int len; 4517 5373 byte major, minor; 4518 5374 int newMinor = 0; 5375 5376 if (msgType == client_hello) { 4519 5377 /* Must contain a length and at least one version. */ 4520 5378 if (length < OPAQUE8_LEN + OPAQUE16_LEN || (length & 1) != 1) … … 4534 5392 minor = input[i + OPAQUE8_LEN]; 4535 5393 4536 /* TODO: [TLS13] Remove code when TLS v1.3 becomes an RFC. */ 5394 #ifdef WOLFSSL_TLS13_DRAFT 4537 5395 if (major == TLS_DRAFT_MAJOR && minor == TLS_DRAFT_MINOR) { 4538 5396 major = SSLv3_MAJOR; 4539 5397 minor = TLSv1_3_MINOR; 4540 5398 } 5399 #endif 4541 5400 4542 5401 if (major != pv.major) … … 4544 5403 4545 5404 /* No upgrade allowed. */ 4546 if (ssl->version.minor >minor)5405 if (minor > ssl->version.minor) 4547 5406 continue; 4548 5407 /* Check downgrade. */ 4549 if (ssl->version.minor <minor) {5408 if (minor < ssl->version.minor) { 4550 5409 if (!ssl->options.downgrade) 4551 5410 continue; 4552 5411 4553 #ifdef NO_OLD_TLS 4554 if (minor < TLSv1_2_MINOR) 5412 if (minor < ssl->options.minDowngrade) 4555 5413 continue; 4556 #endif 5414 5415 if (newMinor == 0 && minor > ssl->options.oldMinor) { 4557 5416 /* Downgrade the version. */ 4558 5417 ssl->version.minor = minor; 4559 5418 } 5419 } 4560 5420 4561 5421 if (minor >= TLSv1_3_MINOR) { 5422 if (!ssl->options.tls1_3) { 4562 5423 ssl->options.tls1_3 = 1; 4563 TLSX_Push(&ssl->extensions, TLSX_SUPPORTED_VERSIONS, input,5424 TLSX_Push(&ssl->extensions, TLSX_SUPPORTED_VERSIONS, ssl, 4564 5425 ssl->heap); 4565 } 4566 ret = 0; 4567 break; 4568 } 4569 4570 return ret; 5426 #ifndef WOLFSSL_TLS13_DRAFT_18 5427 TLSX_SetResponse(ssl, TLSX_SUPPORTED_VERSIONS); 5428 #endif 5429 } 5430 if (minor > newMinor) { 5431 ssl->version.minor = minor; 5432 newMinor = minor; 5433 } 5434 } 5435 else if (minor > ssl->options.oldMinor) 5436 ssl->options.oldMinor = minor; 5437 } 5438 } 5439 #ifndef WOLFSSL_TLS13_DRAFT_18 5440 else if (msgType == server_hello || msgType == hello_retry_request) { 5441 /* Must contain one version. */ 5442 if (length != OPAQUE16_LEN) 5443 return BUFFER_ERROR; 5444 5445 major = input[0]; 5446 minor = input[OPAQUE8_LEN]; 5447 5448 #ifdef WOLFSSL_TLS13_DRAFT 5449 if (major == TLS_DRAFT_MAJOR && minor == TLS_DRAFT_MINOR) { 5450 major = SSLv3_MAJOR; 5451 minor = TLSv1_3_MINOR; 5452 } 5453 #endif 5454 5455 if (major != pv.major) 5456 return VERSION_ERROR; 5457 5458 /* Can't downgrade with this extension below TLS v1.3. */ 5459 if (minor < TLSv1_3_MINOR) 5460 return VERSION_ERROR; 5461 5462 /* Version is TLS v1.2 to handle downgrading from TLS v1.3+. */ 5463 if (ssl->options.downgrade && ssl->version.minor == TLSv1_2_MINOR) { 5464 /* Set minor version back to TLS v1.3+ */ 5465 ssl->version.minor = ssl->ctx->method->version.minor; 5466 } 5467 5468 /* No upgrade allowed. */ 5469 if (ssl->version.minor < minor) 5470 return VERSION_ERROR; 5471 5472 /* Check downgrade. */ 5473 if (ssl->version.minor > minor) { 5474 if (!ssl->options.downgrade) 5475 return VERSION_ERROR; 5476 5477 if (minor < ssl->options.minDowngrade) 5478 return VERSION_ERROR; 5479 5480 /* Downgrade the version. */ 5481 ssl->version.minor = minor; 5482 } 5483 } 5484 #endif 5485 else 5486 return SANITY_MSG_E; 5487 5488 return 0; 4571 5489 } 4572 5490 … … 4593 5511 #else 4594 5512 4595 #define SV_GET_SIZE(a )04596 #define SV_WRITE(a, b )04597 #define SV_PARSE(a, b, c )05513 #define SV_GET_SIZE(a, b, c) 0 5514 #define SV_WRITE(a, b, c, d) 0 5515 #define SV_PARSE(a, b, c, d) 0 4598 5516 4599 5517 #endif /* WOLFSSL_TLS13 */ … … 4625 5543 * returns the number of bytes of the encoded Cookie extension. 4626 5544 */ 4627 static word16 TLSX_Cookie_GetSize(Cookie* cookie, byte msgType)5545 static int TLSX_Cookie_GetSize(Cookie* cookie, byte msgType, word16* pSz) 4628 5546 { 4629 5547 if (msgType == client_hello || msgType == hello_retry_request) 4630 returnOPAQUE16_LEN + cookie->len;4631 5548 *pSz += OPAQUE16_LEN + cookie->len; 5549 else 4632 5550 return SANITY_MSG_E; 5551 return 0; 4633 5552 } 4634 5553 … … 4642 5561 * returns the number of bytes written into the buffer. 4643 5562 */ 4644 static word16 TLSX_Cookie_Write(Cookie* cookie, byte* output, byte msgType)5563 static int TLSX_Cookie_Write(Cookie* cookie, byte* output, byte msgType, word16* pSz) 4645 5564 { 4646 5565 if (msgType == client_hello || msgType == hello_retry_request) { … … 4648 5567 output += OPAQUE16_LEN; 4649 5568 XMEMCPY(output, &cookie->data, cookie->len); 4650 returnOPAQUE16_LEN + cookie->len;4651 } 4652 5569 *pSz += OPAQUE16_LEN + cookie->len; 5570 } 5571 else 4653 5572 return SANITY_MSG_E; 5573 return 0; 4654 5574 } 4655 5575 … … 4744 5664 4745 5665 extension->data = (void*)cookie; 4746 extension->resp = resp;5666 extension->resp = (byte)resp; 4747 5667 4748 5668 return 0; … … 4757 5677 4758 5678 #define CKE_FREE_ALL(a, b) 0 4759 #define CKE_GET_SIZE(a, b )04760 #define CKE_WRITE(a, b, c )05679 #define CKE_GET_SIZE(a, b, c) 0 5680 #define CKE_WRITE(a, b, c, d) 0 4761 5681 #define CKE_PARSE(a, b, c, d) 0 4762 5682 … … 4764 5684 4765 5685 /******************************************************************************/ 4766 /* S ugnature Algorithms */5686 /* Signature Algorithms */ 4767 5687 /******************************************************************************/ 4768 5688 … … 4790 5710 */ 4791 5711 static int TLSX_SignatureAlgorithms_MapPss(WOLFSSL *ssl, byte* input, 4792 word16 length)5712 word16 length) 4793 5713 { 4794 5714 word16 i; … … 4834 5754 */ 4835 5755 static int TLSX_SignatureAlgorithms_Parse(WOLFSSL *ssl, byte* input, 4836 word16 length, Suites* suites)5756 word16 length, byte isRequest, Suites* suites) 4837 5757 { 4838 5758 word16 len; 4839 5759 4840 (void)ssl; 5760 if (!isRequest) 5761 return BUFFER_ERROR; 4841 5762 4842 5763 /* Must contain a length and at least algorithm. */ … … 4851 5772 return BUFFER_ERROR; 4852 5773 4853 XMEMCPY(suites->hashSigAlgo, input, len);5774 /* truncate hashSigAlgo list if too long */ 4854 5775 suites->hashSigAlgoSz = len; 5776 if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) { 5777 WOLFSSL_MSG("TLSX SigAlgo list exceeds max, truncating"); 5778 suites->hashSigAlgoSz = WOLFSSL_MAX_SIGALGO; 5779 } 5780 XMEMCPY(suites->hashSigAlgo, input, suites->hashSigAlgoSz); 4855 5781 4856 5782 return TLSX_SignatureAlgorithms_MapPss(ssl, input, len); 4857 5783 } 4858 5784 4859 /* Sets a new S upportedVersions extension into the extension list.5785 /* Sets a new SignatureAlgorithms extension into the extension list. 4860 5786 * 4861 5787 * extensions The list of extensions. … … 4877 5803 #define SA_PARSE TLSX_SignatureAlgorithms_Parse 4878 5804 5805 /******************************************************************************/ 5806 /* Signature Algorithms Certificate */ 5807 /******************************************************************************/ 5808 5809 #ifdef WOLFSSL_TLS13 5810 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) 5811 /* Return the size of the SignatureAlgorithms extension's data. 5812 * 5813 * data Unused 5814 * returns the length of data that will be in the extension. 5815 */ 5816 static word16 TLSX_SignatureAlgorithmsCert_GetSize(void* data) 5817 { 5818 WOLFSSL* ssl = (WOLFSSL*)data; 5819 5820 return OPAQUE16_LEN + ssl->certHashSigAlgoSz; 5821 } 5822 5823 /* Writes the SignatureAlgorithmsCert extension into the buffer. 5824 * 5825 * data Unused 5826 * output The buffer to write the extension into. 5827 * returns the length of data that was written. 5828 */ 5829 static word16 TLSX_SignatureAlgorithmsCert_Write(void* data, byte* output) 5830 { 5831 WOLFSSL* ssl = (WOLFSSL*)data; 5832 5833 c16toa(ssl->certHashSigAlgoSz, output); 5834 XMEMCPY(output + OPAQUE16_LEN, ssl->certHashSigAlgo, 5835 ssl->certHashSigAlgoSz); 5836 5837 return OPAQUE16_LEN + ssl->certHashSigAlgoSz; 5838 } 5839 5840 /* Parse the SignatureAlgorithmsCert extension. 5841 * 5842 * ssl The SSL/TLS object. 5843 * input The buffer with the extension data. 5844 * length The length of the extension data. 5845 * returns 0 on success, otherwise failure. 5846 */ 5847 static int TLSX_SignatureAlgorithmsCert_Parse(WOLFSSL *ssl, byte* input, 5848 word16 length, byte isRequest) 5849 { 5850 word16 len; 5851 5852 if (!isRequest) 5853 return BUFFER_ERROR; 5854 5855 /* Must contain a length and at least algorithm. */ 5856 if (length < OPAQUE16_LEN + OPAQUE16_LEN || (length & 1) != 0) 5857 return BUFFER_ERROR; 5858 5859 ato16(input, &len); 5860 input += OPAQUE16_LEN; 5861 5862 /* Algorithm array must fill rest of data. */ 5863 if (length != OPAQUE16_LEN + len) 5864 return BUFFER_ERROR; 5865 5866 /* truncate hashSigAlgo list if too long */ 5867 ssl->certHashSigAlgoSz = len; 5868 if (ssl->certHashSigAlgoSz > WOLFSSL_MAX_SIGALGO) { 5869 WOLFSSL_MSG("TLSX SigAlgo list exceeds max, truncating"); 5870 ssl->certHashSigAlgoSz = WOLFSSL_MAX_SIGALGO; 5871 } 5872 XMEMCPY(ssl->certHashSigAlgo, input, ssl->certHashSigAlgoSz); 5873 5874 return 0; 5875 } 5876 5877 /* Sets a new SignatureAlgorithmsCert extension into the extension list. 5878 * 5879 * extensions The list of extensions. 5880 * data The extensions specific data. 5881 * heap The heap used for allocation. 5882 * returns 0 on success, otherwise failure. 5883 */ 5884 static int TLSX_SetSignatureAlgorithmsCert(TLSX** extensions, const void* data, 5885 void* heap) 5886 { 5887 if (extensions == NULL) 5888 return BAD_FUNC_ARG; 5889 5890 return TLSX_Push(extensions, TLSX_SIGNATURE_ALGORITHMS_CERT, (void *)data, 5891 heap); 5892 } 5893 5894 #define SAC_GET_SIZE TLSX_SignatureAlgorithmsCert_GetSize 5895 #define SAC_WRITE TLSX_SignatureAlgorithmsCert_Write 5896 #define SAC_PARSE TLSX_SignatureAlgorithmsCert_Parse 5897 #endif /* !WOLFSSL_TLS13_DRAFT_18 && !WOLFSSL_TLS13_DRAFT_22 */ 5898 #endif /* WOLFSSL_TLS13 */ 5899 4879 5900 4880 5901 /******************************************************************************/ … … 4883 5904 4884 5905 #ifdef WOLFSSL_TLS13 4885 #ifndef NO_DH4886 5906 /* Create a key share entry using named Diffie-Hellman parameters group. 4887 5907 * Generates a key pair. … … 4894 5914 { 4895 5915 int ret; 5916 #ifndef NO_DH 4896 5917 byte* keyData; 4897 5918 void* key = NULL; … … 4899 5920 word32 dataSz; 4900 5921 const DhParams* params; 4901 DhKey dhKey; 5922 #ifdef WOLFSSL_SMALL_STACK 5923 DhKey* dhKey = NULL; 5924 #else 5925 DhKey dhKey[1]; 5926 #endif 4902 5927 4903 5928 /* TODO: [TLS13] The key size should come from wolfcrypt. */ … … 4938 5963 } 4939 5964 4940 ret = wc_InitDhKey_ex(&dhKey, ssl->heap, ssl->devId); 4941 if (ret != 0) 5965 #ifdef WOLFSSL_SMALL_STACK 5966 dhKey = (DhKey*)XMALLOC(sizeof(DhKey), ssl->heap, DYNAMIC_TYPE_DH); 5967 if (dhKey == NULL) 5968 return MEMORY_E; 5969 #endif 5970 5971 ret = wc_InitDhKey_ex(dhKey, ssl->heap, ssl->devId); 5972 if (ret != 0) { 5973 #ifdef WOLFSSL_SMALL_STACK 5974 XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH); 5975 #endif 4942 5976 return ret; 5977 } 4943 5978 4944 5979 /* Allocate space for the public key. */ … … 4957 5992 4958 5993 /* Set key */ 4959 ret = wc_DhSetKey( &dhKey,5994 ret = wc_DhSetKey(dhKey, 4960 5995 (byte*)params->p, params->p_len, 4961 5996 (byte*)params->g, params->g_len); … … 4964 5999 4965 6000 /* Generate a new key pair. */ 4966 ret = wc_DhGenerateKeyPair( &dhKey, ssl->rng, (byte*)key, &keySz, keyData,6001 ret = wc_DhGenerateKeyPair(dhKey, ssl->rng, (byte*)key, &keySz, keyData, 4967 6002 &dataSz); 4968 6003 #ifdef WOLFSSL_ASYNC_CRYPT 4969 6004 /* TODO: Make this function non-blocking */ 4970 6005 if (ret == WC_PENDING_E) { 4971 ret = wc_AsyncWait(ret, &dhKey .asyncDev, WC_ASYNC_FLAG_NONE);6006 ret = wc_AsyncWait(ret, &dhKey->asyncDev, WC_ASYNC_FLAG_NONE); 4972 6007 } 4973 6008 #endif … … 4981 6016 } 4982 6017 4983 kse-> ke= keyData;4984 kse-> keLen = params->p_len;6018 kse->pubKey = keyData; 6019 kse->pubKeyLen = params->p_len; 4985 6020 kse->key = key; 4986 6021 kse->keyLen = keySz; … … 4993 6028 end: 4994 6029 4995 wc_FreeDhKey(&dhKey); 6030 wc_FreeDhKey(dhKey); 6031 #ifdef WOLFSSL_SMALL_STACK 6032 XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH); 6033 #endif 4996 6034 4997 6035 if (ret != 0) { … … 5002 6040 XFREE(key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); 5003 6041 } 6042 #else 6043 (void)ssl; 6044 (void)kse; 6045 6046 ret = NOT_COMPILED_IN; 6047 #endif 5004 6048 5005 6049 return ret; 5006 6050 } 5007 #endif 5008 5009 #ifdef HAVE_ECC 6051 6052 /* Create a key share entry using X25519 parameters group. 6053 * Generates a key pair. 6054 * 6055 * ssl The SSL/TLS object. 6056 * kse The key share entry object. 6057 * returns 0 on success, otherwise failure. 6058 */ 6059 static int TLSX_KeyShare_GenX25519Key(WOLFSSL *ssl, KeyShareEntry* kse) 6060 { 6061 int ret; 6062 #ifdef HAVE_CURVE25519 6063 byte* keyData = NULL; 6064 word32 dataSize = CURVE25519_KEYSIZE; 6065 curve25519_key* key; 6066 6067 /* Allocate an ECC key to hold private key. */ 6068 key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), 6069 ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); 6070 if (key == NULL) { 6071 WOLFSSL_MSG("EccTempKey Memory error"); 6072 return MEMORY_E; 6073 } 6074 6075 /* Make an ECC key. */ 6076 ret = wc_curve25519_init(key); 6077 if (ret != 0) 6078 goto end; 6079 ret = wc_curve25519_make_key(ssl->rng, CURVE25519_KEYSIZE, key); 6080 if (ret != 0) 6081 goto end; 6082 6083 /* Allocate space for the public key. */ 6084 keyData = (byte*)XMALLOC(CURVE25519_KEYSIZE, ssl->heap, 6085 DYNAMIC_TYPE_PUBLIC_KEY); 6086 if (keyData == NULL) { 6087 WOLFSSL_MSG("Key data Memory error"); 6088 ret = MEMORY_E; 6089 goto end; 6090 } 6091 6092 /* Export public key. */ 6093 if (wc_curve25519_export_public_ex(key, keyData, &dataSize, 6094 EC25519_LITTLE_ENDIAN) != 0) { 6095 ret = ECC_EXPORT_ERROR; 6096 goto end; 6097 } 6098 6099 kse->pubKey = keyData; 6100 kse->pubKeyLen = CURVE25519_KEYSIZE; 6101 kse->key = key; 6102 6103 #ifdef WOLFSSL_DEBUG_TLS 6104 WOLFSSL_MSG("Public Curve25519 Key"); 6105 WOLFSSL_BUFFER(keyData, dataSize); 6106 #endif 6107 6108 end: 6109 if (ret != 0) { 6110 /* Data owned by key share entry otherwise. */ 6111 if (keyData != NULL) 6112 XFREE(keyData, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); 6113 wc_curve25519_free(key); 6114 XFREE(key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); 6115 } 6116 #else 6117 (void)ssl; 6118 (void)kse; 6119 6120 ret = NOT_COMPILED_IN; 6121 #endif /* HAVE_CURVE25519 */ 6122 6123 return ret; 6124 } 6125 5010 6126 /* Create a key share entry using named elliptic curve parameters group. 5011 6127 * Generates a key pair. … … 5018 6134 { 5019 6135 int ret; 6136 #ifdef HAVE_ECC 5020 6137 byte* keyData = NULL; 5021 6138 word32 dataSize; 6139 byte* keyPtr = NULL; 5022 6140 word32 keySize; 5023 ecc_key* eccKey = NULL;6141 ecc_key* eccKey; 5024 6142 word16 curveId; 5025 6143 … … 5054 6172 #endif /* !NO_ECC_SECP */ 5055 6173 #endif 5056 #ifdef HAVE_CURVE255195057 case WOLFSSL_ECC_X25519:5058 {5059 curve25519_key* key;5060 /* Allocate an ECC key to hold private key. */5061 key = (curve25519_key*)XMALLOC(sizeof(curve25519_key),5062 ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);5063 if (key == NULL) {5064 WOLFSSL_MSG("EccTempKey Memory error");5065 return MEMORY_E;5066 }5067 5068 dataSize = keySize = 32;5069 5070 /* Make an ECC key. */5071 ret = wc_curve25519_init(key);5072 if (ret != 0)5073 goto end;5074 ret = wc_curve25519_make_key(ssl->rng, keySize, key);5075 if (ret != 0)5076 goto end;5077 5078 /* Allocate space for the public key. */5079 keyData = (byte*)XMALLOC(dataSize, ssl->heap,5080 DYNAMIC_TYPE_PUBLIC_KEY);5081 if (keyData == NULL) {5082 WOLFSSL_MSG("Key data Memory error");5083 ret = MEMORY_E;5084 goto end;5085 }5086 5087 /* Export public key. */5088 if (wc_curve25519_export_public_ex(key, keyData, &dataSize,5089 EC25519_LITTLE_ENDIAN) != 0) {5090 ret = ECC_EXPORT_ERROR;5091 goto end;5092 }5093 5094 kse->ke = keyData;5095 kse->keLen = dataSize;5096 kse->key = key;5097 5098 #ifdef WOLFSSL_DEBUG_TLS5099 WOLFSSL_MSG("Public Curve25519 Key");5100 WOLFSSL_BUFFER(keyData, dataSize);5101 #endif5102 5103 goto end;5104 }5105 #endif5106 6174 #ifdef HAVE_X448 5107 6175 case WOLFSSL_ECC_X448: … … 5115 6183 5116 6184 /* Allocate an ECC key to hold private key. */ 5117 eccKey = (ecc_key*)XMALLOC(sizeof(ecc_key), ssl->heap,6185 keyPtr = (byte*)XMALLOC(sizeof(ecc_key), ssl->heap, 5118 6186 DYNAMIC_TYPE_PRIVATE_KEY); 5119 if ( eccKey== NULL) {6187 if (keyPtr == NULL) { 5120 6188 WOLFSSL_MSG("EccTempKey Memory error"); 5121 6189 return MEMORY_E; 5122 6190 } 6191 eccKey = (ecc_key*)keyPtr; 5123 6192 5124 6193 /* Make an ECC key. */ … … 5150 6219 } 5151 6220 5152 kse-> ke= keyData;5153 kse-> keLen = dataSize;5154 kse->key = eccKey;6221 kse->pubKey = keyData; 6222 kse->pubKeyLen = dataSize; 6223 kse->key = keyPtr; 5155 6224 5156 6225 #ifdef WOLFSSL_DEBUG_TLS … … 5162 6231 if (ret != 0) { 5163 6232 /* Data owned by key share entry otherwise. */ 5164 if ( eccKey!= NULL)5165 XFREE( eccKey, ssl->heap, DYNAMIC_TYPE_TLSX);6233 if (keyPtr != NULL) 6234 XFREE(keyPtr, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); 5166 6235 if (keyData != NULL) 5167 XFREE(keyData, ssl->heap, DYNAMIC_TYPE_TLSX); 5168 } 6236 XFREE(keyData, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); 6237 } 6238 #else 6239 (void)ssl; 6240 (void)kse; 6241 6242 ret = NOT_COMPILED_IN; 6243 #endif /* HAVE_ECC */ 6244 5169 6245 return ret; 5170 6246 } 5171 #endif /* HAVE_ECC */5172 6247 5173 6248 /* Generate a secret/key using the key share entry. … … 5178 6253 static int TLSX_KeyShare_GenKey(WOLFSSL *ssl, KeyShareEntry *kse) 5179 6254 { 5180 #ifndef NO_DH5181 6255 /* Named FFHE groups have a bit set to identify them. */ 5182 6256 if ((kse->group & NAMED_DH_MASK) == NAMED_DH_MASK) 5183 6257 return TLSX_KeyShare_GenDhKey(ssl, kse); 5184 #endif 5185 #ifdef HAVE_ECC 6258 if (kse->group == WOLFSSL_ECC_X25519) 6259 return TLSX_KeyShare_GenX25519Key(ssl, kse); 5186 6260 return TLSX_KeyShare_GenEccKey(ssl, kse); 5187 #else5188 return NOT_COMPILED_IN;5189 #endif5190 6261 } 5191 6262 … … 5204 6275 if (current->group == WOLFSSL_ECC_X25519) { 5205 6276 #ifdef HAVE_CURVE25519 5206 6277 wc_curve25519_free((curve25519_key*)current->key); 5207 6278 #endif 5208 6279 } … … 5213 6284 } 5214 6285 } 6286 if (current->key != NULL) 5215 6287 XFREE(current->key, heap, DYNAMIC_TYPE_PRIVATE_KEY); 6288 XFREE(current->pubKey, heap, DYNAMIC_TYPE_PUBLIC_KEY); 5216 6289 XFREE(current->ke, heap, DYNAMIC_TYPE_PUBLIC_KEY); 5217 6290 XFREE(current, heap, DYNAMIC_TYPE_TLSX); … … 5246 6319 continue; 5247 6320 5248 len += OPAQUE16_LEN + OPAQUE16_LEN + current->keLen;5249 } 5250 5251 return len;6321 len += (int)(KE_GROUP_LEN + OPAQUE16_LEN + current->pubKeyLen); 6322 } 6323 6324 return (word16)len; 5252 6325 } 5253 6326 … … 5285 6358 c16toa(current->group, &output[i]); 5286 6359 i += KE_GROUP_LEN; 5287 c16toa( current->keLen, &output[i]);6360 c16toa((word16)(current->pubKeyLen), &output[i]); 5288 6361 i += OPAQUE16_LEN; 5289 XMEMCPY(&output[i], current-> ke, current->keLen);5290 i += current->keLen;6362 XMEMCPY(&output[i], current->pubKey, current->pubKeyLen); 6363 i += (word16)current->pubKeyLen; 5291 6364 } 5292 6365 /* Write the length of the list if required. */ … … 5308 6381 int ret; 5309 6382 const DhParams* params; 5310 word16 i; 5311 byte b; 5312 DhKey dhKey; 6383 #ifdef WOLFSSL_SMALL_STACK 6384 DhKey* dhKey = NULL; 6385 #else 6386 DhKey dhKey[1]; 6387 #endif 5313 6388 5314 6389 switch (keyShareEntry->group) { … … 5347 6422 #endif 5348 6423 5349 if (params->p_len != keyShareEntry->keLen) 5350 return BUFFER_ERROR; 5351 ssl->options.dhKeySz = params->p_len; 5352 5353 /* TODO: [TLS13] move this check down into wolfcrypt. */ 5354 /* Check that public DH key is not 0 or 1. */ 5355 b = 0; 5356 for (i = 0; i < params->p_len - 1; i++) 5357 b |= keyShareEntry->ke[i]; 5358 if (b == 0 && (keyShareEntry->ke[i] == 0x00 || 5359 keyShareEntry->ke[i] == 0x01)) { 6424 #ifdef WOLFSSL_SMALL_STACK 6425 dhKey = (DhKey*)XMALLOC(sizeof(DhKey), ssl->heap, DYNAMIC_TYPE_DH); 6426 if (dhKey == NULL) 6427 return MEMORY_E; 6428 #endif 6429 6430 ret = wc_InitDhKey_ex(dhKey, ssl->heap, ssl->devId); 6431 if (ret != 0) { 6432 #ifdef WOLFSSL_SMALL_STACK 6433 XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH); 6434 #endif 6435 return ret; 6436 } 6437 6438 /* Set key */ 6439 ret = wc_DhSetKey(dhKey, (byte*)params->p, params->p_len, (byte*)params->g, 6440 params->g_len); 6441 if (ret != 0) { 6442 wc_FreeDhKey(dhKey); 6443 #ifdef WOLFSSL_SMALL_STACK 6444 XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH); 6445 #endif 6446 return ret; 6447 } 6448 6449 ret = wc_DhCheckPubKey(dhKey, keyShareEntry->ke, keyShareEntry->keLen); 6450 if (ret != 0) { 6451 wc_FreeDhKey(dhKey); 6452 #ifdef WOLFSSL_SMALL_STACK 6453 XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH); 6454 #endif 5360 6455 return PEER_KEY_ERROR; 5361 6456 } 5362 /* Check that public DH key is not mod, mod + 1 or mod - 1. */5363 b = 0;5364 for (i = 0; i < params->p_len - 1; i++)5365 b |= params->p[i] ^ keyShareEntry->ke[i];5366 if (b == 0 && (params->p[i] == keyShareEntry->ke[i] ||5367 params->p[i] - 1 == keyShareEntry->ke[i] ||5368 params->p[i] + 1 == keyShareEntry->ke[i])) {5369 return PEER_KEY_ERROR;5370 }5371 5372 ret = wc_InitDhKey_ex(&dhKey, ssl->heap, ssl->devId);5373 if (ret != 0)5374 return ret;5375 5376 /* Set key */5377 ret = wc_DhSetKey(&dhKey,5378 (byte*)params->p, params->p_len,5379 (byte*)params->g, params->g_len);5380 if (ret != 0) {5381 wc_FreeDhKey(&dhKey);5382 return ret;5383 }5384 6457 5385 6458 /* Derive secret from private key and peer's public key. */ 5386 ret = wc_DhAgree( &dhKey,6459 ret = wc_DhAgree(dhKey, 5387 6460 ssl->arrays->preMasterSecret, &ssl->arrays->preMasterSz, 5388 6461 (const byte*)keyShareEntry->key, keyShareEntry->keyLen, … … 5391 6464 /* TODO: Make this function non-blocking */ 5392 6465 if (ret == WC_PENDING_E) { 5393 ret = wc_AsyncWait(ret, &dhKey.asyncDev, WC_ASYNC_FLAG_NONE); 5394 } 5395 #endif 5396 5397 wc_FreeDhKey(&dhKey); 6466 ret = wc_AsyncWait(ret, &dhKey->asyncDev, WC_ASYNC_FLAG_NONE); 6467 } 6468 #endif 6469 /* RFC 8446 Section 7.4.1: 6470 * ... left-padded with zeros up to the size of the prime. ... 6471 */ 6472 if (params->p_len > ssl->arrays->preMasterSz) { 6473 word32 diff = params->p_len - ssl->arrays->preMasterSz; 6474 XMEMMOVE(ssl->arrays->preMasterSecret + diff, 6475 ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz); 6476 XMEMSET(ssl->arrays->preMasterSecret, 0, diff); 6477 ssl->arrays->preMasterSz = params->p_len; 6478 } 6479 6480 wc_FreeDhKey(dhKey); 6481 #ifdef WOLFSSL_SMALL_STACK 6482 XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH); 6483 #endif 6484 if (keyShareEntry->key != NULL) { 6485 XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); 6486 keyShareEntry->key = NULL; 6487 } 6488 XFREE(keyShareEntry->pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); 6489 keyShareEntry->pubKey = NULL; 6490 XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); 6491 keyShareEntry->ke = NULL; 5398 6492 5399 6493 return ret; … … 5403 6497 return PEER_KEY_ERROR; 5404 6498 #endif 6499 } 6500 6501 /* Process the X25519 key share extension on the client side. 6502 * 6503 * ssl The SSL/TLS object. 6504 * keyShareEntry The key share entry object to use to calculate shared secret. 6505 * returns 0 on success and other values indicate failure. 6506 */ 6507 static int TLSX_KeyShare_ProcessX25519(WOLFSSL* ssl, 6508 KeyShareEntry* keyShareEntry) 6509 { 6510 int ret; 6511 6512 #ifdef HAVE_CURVE25519 6513 curve25519_key* key = (curve25519_key*)keyShareEntry->key; 6514 curve25519_key* peerX25519Key; 6515 6516 #ifdef HAVE_ECC 6517 if (ssl->peerEccKey != NULL) { 6518 wc_ecc_free(ssl->peerEccKey); 6519 ssl->peerEccKey = NULL; 6520 } 6521 #endif 6522 6523 peerX25519Key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), ssl->heap, 6524 DYNAMIC_TYPE_TLSX); 6525 if (peerX25519Key == NULL) { 6526 WOLFSSL_MSG("PeerEccKey Memory error"); 6527 return MEMORY_ERROR; 6528 } 6529 ret = wc_curve25519_init(peerX25519Key); 6530 if (ret != 0) { 6531 XFREE(peerX25519Key, ssl->heap, DYNAMIC_TYPE_TLSX); 6532 return ret; 6533 } 6534 #ifdef WOLFSSL_DEBUG_TLS 6535 WOLFSSL_MSG("Peer Curve25519 Key"); 6536 WOLFSSL_BUFFER(keyShareEntry->ke, keyShareEntry->keLen); 6537 #endif 6538 6539 /* Point is validated by import function. */ 6540 if (wc_curve25519_import_public_ex(keyShareEntry->ke, keyShareEntry->keLen, 6541 peerX25519Key, 6542 EC25519_LITTLE_ENDIAN) != 0) { 6543 ret = ECC_PEERKEY_ERROR; 6544 } 6545 6546 if (ret == 0) { 6547 ssl->arrays->preMasterSz = ENCRYPT_LEN; 6548 ssl->ecdhCurveOID = ECC_X25519_OID; 6549 6550 ret = wc_curve25519_shared_secret_ex(key, peerX25519Key, 6551 ssl->arrays->preMasterSecret, 6552 &ssl->arrays->preMasterSz, 6553 EC25519_LITTLE_ENDIAN); 6554 } 6555 6556 wc_curve25519_free(peerX25519Key); 6557 XFREE(peerX25519Key, ssl->heap, DYNAMIC_TYPE_TLSX); 6558 wc_curve25519_free((curve25519_key*)keyShareEntry->key); 6559 if (keyShareEntry->key != NULL) { 6560 XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); 6561 keyShareEntry->key = NULL; 6562 } 6563 #else 6564 (void)ssl; 6565 (void)keyShareEntry; 6566 6567 ret = PEER_KEY_ERROR; 6568 #endif /* HAVE_CURVE25519 */ 6569 6570 return ret; 5405 6571 } 5406 6572 … … 5455 6621 #endif /* !NO_ECC_SECP */ 5456 6622 #endif 5457 #ifdef HAVE_CURVE255195458 case WOLFSSL_ECC_X25519:5459 {5460 curve25519_key* key = (curve25519_key*)keyShareEntry->key;5461 curve25519_key* peerEccKey;5462 5463 if (ssl->peerEccKey != NULL)5464 wc_ecc_free(ssl->peerEccKey);5465 5466 peerEccKey = (curve25519_key*)XMALLOC(sizeof(curve25519_key),5467 ssl->heap, DYNAMIC_TYPE_TLSX);5468 if (peerEccKey == NULL) {5469 WOLFSSL_MSG("PeerEccKey Memory error");5470 return MEMORY_ERROR;5471 }5472 ret = wc_curve25519_init(peerEccKey);5473 if (ret != 0)5474 return ret;5475 #ifdef WOLFSSL_DEBUG_TLS5476 WOLFSSL_MSG("Peer Curve25519 Key");5477 WOLFSSL_BUFFER(keyShareEntry->ke, keyShareEntry->keLen);5478 #endif5479 5480 /* Point is validated by import function. */5481 if (wc_curve25519_import_public_ex(keyShareEntry->ke,5482 keyShareEntry->keLen, peerEccKey,5483 EC25519_LITTLE_ENDIAN) != 0) {5484 return ECC_PEERKEY_ERROR;5485 }5486 5487 ssl->arrays->preMasterSz = ENCRYPT_LEN;5488 ret = wc_curve25519_shared_secret_ex(key, peerEccKey,5489 ssl->arrays->preMasterSecret, &ssl->arrays->preMasterSz,5490 EC25519_LITTLE_ENDIAN);5491 wc_curve25519_free(peerEccKey);5492 XFREE(peerEccKey, ssl->heap, DYNAMIC_TYPE_TLSX);5493 ssl->ecdhCurveOID = ECC_X25519_OID;5494 return ret;5495 }5496 #endif5497 6623 #ifdef HAVE_X448 5498 6624 case WOLFSSL_ECC_X448: … … 5532 6658 keyShareEntry->ke, &keyShareEntry->keLen, 5533 6659 ssl->arrays->preMasterSecret, &ssl->arrays->preMasterSz, 5534 ssl->options.side, 5535 #ifdef HAVE_PK_CALLBACKS 5536 ssl->EccSharedSecretCtx 5537 #else 5538 NULL 5539 #endif 6660 ssl->options.side 5540 6661 ); 5541 6662 #endif 5542 6663 6664 wc_ecc_free(ssl->peerEccKey); 6665 XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC); 6666 ssl->peerEccKey = NULL; 6667 wc_ecc_free((ecc_key*)(keyShareEntry->key)); 6668 if (keyShareEntry->key != NULL) { 6669 XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); 6670 keyShareEntry->key = NULL; 6671 } 5543 6672 5544 6673 #else … … 5563 6692 5564 6693 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 5565 ssl->session.namedGroup = keyShareEntry->group;6694 ssl->session.namedGroup = (byte)keyShareEntry->group; 5566 6695 #endif 5567 6696 /* Use Key Share Data from server. */ 5568 6697 if (keyShareEntry->group & NAMED_DH_MASK) 5569 6698 ret = TLSX_KeyShare_ProcessDh(ssl, keyShareEntry); 6699 else if (keyShareEntry->group == WOLFSSL_ECC_X25519) 6700 ret = TLSX_KeyShare_ProcessX25519(ssl, keyShareEntry); 5570 6701 else 5571 6702 ret = TLSX_KeyShare_ProcessEcc(ssl, keyShareEntry); … … 5627 6758 /* Searches the groups sent for the specified named group. 5628 6759 * 5629 * ssl TheSSL/TLS object.5630 * name The group name to match.6760 * ssl SSL/TLS object. 6761 * name Group name to match. 5631 6762 * returns 1 when the extension has the group name and 0 otherwise. 5632 6763 */ … … 5637 6768 5638 6769 extension = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE); 6770 if (extension == NULL) { 6771 extension = TLSX_Find(ssl->ctx->extensions, TLSX_KEY_SHARE); 5639 6772 if (extension == NULL) 5640 6773 return 0; 6774 } 5641 6775 5642 6776 list = (KeyShareEntry*)extension->data; 5643 6777 while (list != NULL) { 5644 if (list->group == group) {6778 if (list->group == group) 5645 6779 return 1; 5646 }5647 6780 list = list->next; 5648 6781 } … … 5664 6797 SupportedCurve* curve = NULL; 5665 6798 5666 if ((extension = TLSX_Find(ssl->extensions, TLSX_SUPPORTED_GROUPS)) == NULL) 6799 if ((extension = TLSX_Find(ssl->extensions, 6800 TLSX_SUPPORTED_GROUPS)) == NULL) { 6801 if ((extension = TLSX_Find(ssl->ctx->extensions, 6802 TLSX_SUPPORTED_GROUPS)) == NULL) { 5667 6803 return 0; 6804 } 6805 } 5668 6806 5669 6807 for (curve = (SupportedCurve*)extension->data; curve; curve = curve->next) { … … 5693 6831 { 5694 6832 int ret; 5695 KeyShareEntry *keyShareEntry; 6833 KeyShareEntry *keyShareEntry = NULL; 6834 word16 group; 5696 6835 5697 6836 if (msgType == client_hello) { 5698 6837 int offset = 0; 5699 6838 word16 len; 6839 TLSX* extension; 6840 6841 /* Add a KeyShare extension if it doesn't exist. */ 6842 extension = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE); 6843 if (extension == NULL) { 6844 /* Push new KeyShare extension. */ 6845 ret = TLSX_Push(&ssl->extensions, TLSX_KEY_SHARE, NULL, ssl->heap); 6846 if (ret != 0) 6847 return ret; 6848 } 5700 6849 5701 6850 if (length < OPAQUE16_LEN) … … 5722 6871 int len; 5723 6872 6873 if (length < OPAQUE16_LEN) 6874 return BUFFER_ERROR; 6875 6876 /* The data is the named group the server wants to use. */ 6877 ato16(input, &group); 6878 6879 /* Check the selected group was supported by ClientHello extensions. */ 6880 if (!TLSX_SupportedGroups_Find(ssl, group)) 6881 return BAD_KEY_SHARE_DATA; 6882 6883 /* Check if the group was sent. */ 6884 if (!TLSX_KeyShare_Find(ssl, group)) 6885 return BAD_KEY_SHARE_DATA; 6886 5724 6887 /* ServerHello contains one key share entry. */ 5725 6888 len = TLSX_KeyShareEntry_Parse(ssl, input, length, &keyShareEntry); … … 5728 6891 5729 6892 /* Not in list sent if there isn't a private key. */ 5730 if (keyShareEntry ->key == NULL)6893 if (keyShareEntry == NULL || keyShareEntry->key == NULL) 5731 6894 return BAD_KEY_SHARE_DATA; 5732 6895 5733 6896 /* Process the entry to calculate the secret. */ 5734 6897 ret = TLSX_KeyShare_Process(ssl, keyShareEntry); 6898 if (ret == 0) 6899 ssl->session.namedGroup = ssl->namedGroup = group; 5735 6900 } 5736 6901 else if (msgType == hello_retry_request) { 5737 word16 group;5738 5739 6902 if (length != OPAQUE16_LEN) 5740 6903 return BUFFER_ERROR; … … 5750 6913 if (TLSX_KeyShare_Find(ssl, group)) 5751 6914 return BAD_KEY_SHARE_DATA; 6915 6916 /* Clear out unusable key shares. */ 6917 ret = TLSX_KeyShare_Empty(ssl); 6918 if (ret != 0) 6919 return ret; 5752 6920 5753 6921 /* Try to use the server's group. */ … … 5781 6949 5782 6950 XMEMSET(kse, 0, sizeof(*kse)); 5783 kse->group = group;6951 kse->group = (word16)group; 5784 6952 5785 6953 /* Add it to the back and maintain the links. */ … … 5788 6956 *list = kse; 5789 6957 *keyShareEntry = kse; 6958 6959 (void)heap; 5790 6960 5791 6961 return 0; … … 5839 7009 5840 7010 if (data != NULL) { 5841 /* Keep the public key data and free when finished. */5842 if (keyShareEntry->ke != NULL)5843 XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);5844 7011 keyShareEntry->ke = data; 5845 7012 keyShareEntry->keLen = len; … … 5941 7108 5942 7109 return 1; 7110 } 7111 7112 /* Examines the application specified group ranking and returns the rank of the 7113 * group. 7114 * If no group ranking set then all groups are rank 0 (highest). 7115 * 7116 * ssl The SSL/TLS object. 7117 * group The group to check ranking for. 7118 * returns ranking from 0 to MAX_GROUP_COUNT-1 or -1 when group not in list. 7119 */ 7120 static int TLSX_KeyShare_GroupRank(WOLFSSL* ssl, int group) 7121 { 7122 byte i; 7123 7124 if (ssl->numGroups == 0) { 7125 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) 7126 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) 7127 #ifndef NO_ECC_SECP 7128 ssl->group[ssl->numGroups++] = WOLFSSL_ECC_SECP256R1; 7129 #endif 7130 #endif 7131 #endif 7132 #ifndef HAVE_FIPS 7133 #if defined(HAVE_CURVE25519) 7134 ssl->group[ssl->numGroups++] = WOLFSSL_ECC_X25519; 7135 #endif 7136 #endif 7137 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) 7138 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) 7139 #ifndef NO_ECC_SECP 7140 ssl->group[ssl->numGroups++] = WOLFSSL_ECC_SECP384R1; 7141 #endif 7142 #endif 7143 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) 7144 #ifndef NO_ECC_SECP 7145 ssl->group[ssl->numGroups++] = WOLFSSL_ECC_SECP521R1; 7146 #endif 7147 #endif 7148 #endif 7149 /* Add FFDHE supported groups. */ 7150 #ifdef HAVE_FFDHE_2048 7151 ssl->group[ssl->numGroups++] = WOLFSSL_FFDHE_2048; 7152 #endif 7153 #ifdef HAVE_FFDHE_3072 7154 ssl->group[ssl->numGroups++] = WOLFSSL_FFDHE_3072; 7155 #endif 7156 #ifdef HAVE_FFDHE_4096 7157 ssl->group[ssl->numGroups++] = WOLFSSL_FFDHE_4096; 7158 #endif 7159 #ifdef HAVE_FFDHE_6144 7160 ssl->group[ssl->numGroups++] = WOLFSSL_FFDHE_6144; 7161 #endif 7162 #ifdef HAVE_FFDHE_8192 7163 ssl->group[ssl->numGroups++] = WOLFSSL_FFDHE_8192; 7164 #endif 7165 } 7166 7167 for (i = 0; i < ssl->numGroups; i++) 7168 if (ssl->group[i] == group) 7169 return i; 7170 7171 return -1; 5943 7172 } 5944 7173 … … 5955 7184 TLSX* extension; 5956 7185 SupportedCurve* curve = NULL; 5957 5958 /* Use SupportedGroup's order. */ 7186 SupportedCurve* preferredCurve = NULL; 7187 int preferredRank = WOLFSSL_MAX_GROUP_COUNT; 7188 int rank; 7189 5959 7190 extension = TLSX_Find(ssl->extensions, TLSX_SUPPORTED_GROUPS); 5960 7191 if (extension != NULL) 5961 7192 curve = (SupportedCurve*)extension->data; 7193 /* Use server's preference order. */ 5962 7194 for (; curve != NULL; curve = curve->next) { 5963 if (TLSX_KeyShare_IsSupported(curve->name) && 5964 !TLSX_KeyShare_Find(ssl, curve->name)) { 5965 break; 5966 } 5967 } 7195 if (!TLSX_KeyShare_IsSupported(curve->name)) 7196 continue; 7197 7198 rank = TLSX_KeyShare_GroupRank(ssl, curve->name); 7199 if (rank == -1) 7200 continue; 7201 if (rank < preferredRank) { 7202 preferredCurve = curve; 7203 preferredRank = rank; 7204 } 7205 } 7206 curve = preferredCurve; 7207 5968 7208 if (curve == NULL) 5969 7209 return BAD_KEY_SHARE_DATA; … … 5993 7233 } 5994 7234 5995 /* E stablish the secret based on the key shares received from the client.7235 /* Ensure there is a key pair that can be used for key exchange. 5996 7236 * 5997 7237 * ssl The SSL/TLS object. … … 6005 7245 KeyShareEntry* serverKSE; 6006 7246 KeyShareEntry* list = NULL; 6007 byte* ke; 6008 word16 keLen; 7247 KeyShareEntry* preferredKSE = NULL; 7248 int preferredRank = WOLFSSL_MAX_GROUP_COUNT; 7249 int rank; 6009 7250 6010 7251 /* Find the KeyShare extension if it exists. */ … … 6016 7257 return 0; 6017 7258 6018 /* TODO: [TLS13] Server's preference and sending back SupportedGroups */ 6019 /* Use client's preference. */ 7259 /* Use server's preference order. */ 6020 7260 for (clientKSE = list; clientKSE != NULL; clientKSE = clientKSE->next) { 7261 if (clientKSE->ke == NULL) 7262 continue; 7263 6021 7264 /* Check consistency now - extensions in any order. */ 6022 7265 if (!TLSX_SupportedGroups_Find(ssl, clientKSE->group)) … … 6024 7267 6025 7268 #ifdef OPENSSL_EXTRA 7269 if ((clientKSE->group & NAMED_DH_MASK) == 0) { 6026 7270 /* Check if server supports group. */ 6027 7271 if (ssl->ctx->disabledCurves & (1 << clientKSE->group)) 6028 7272 continue; 6029 #endif 6030 if (TLSX_KeyShare_IsSupported(clientKSE->group)) 6031 break; 6032 } 7273 } 7274 #endif 7275 if (!TLSX_KeyShare_IsSupported(clientKSE->group)) 7276 continue; 7277 7278 rank = TLSX_KeyShare_GroupRank(ssl, clientKSE->group); 7279 if (rank == -1) 7280 continue; 7281 if (rank < preferredRank) { 7282 preferredKSE = clientKSE; 7283 preferredRank = rank; 7284 } 7285 } 7286 clientKSE = preferredKSE; 7287 6033 7288 /* No supported group found - send HelloRetryRequest. */ 6034 7289 if (clientKSE == NULL) { … … 6045 7300 if (ret != 0) 6046 7301 return ret; 6047 ret = TLSX_KeyShare_GenKey(ssl, serverKSE); 7302 7303 if (clientKSE->key == NULL) { 7304 ret = TLSX_KeyShare_GenKey(ssl, serverKSE); 6048 7305 if (ret != 0) 6049 7306 return ret; 6050 6051 /* Move private key to client entry. */ 6052 if (clientKSE->key != NULL) 6053 XFREE(clientKSE->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); 6054 clientKSE->key = serverKSE->key; 6055 serverKSE->key = NULL; 6056 clientKSE->keyLen = serverKSE->keyLen; 7307 } 7308 else { 7309 serverKSE->key = clientKSE->key; 7310 serverKSE->keyLen = clientKSE->keyLen; 7311 serverKSE->pubKey = clientKSE->pubKey; 7312 serverKSE->pubKeyLen = clientKSE->pubKeyLen; 7313 clientKSE->key = NULL; 7314 clientKSE->pubKey = NULL; 7315 } 7316 serverKSE->ke = clientKSE->ke; 7317 serverKSE->keLen = clientKSE->keLen; 7318 clientKSE->ke = NULL; 7319 clientKSE->keLen = 0; 7320 7321 TLSX_KeyShare_FreeAll((KeyShareEntry*)extension->data, ssl->heap); 7322 extension->data = (void *)serverKSE; 7323 7324 extension->resp = 1; 7325 7326 return 0; 7327 } 7328 7329 /* Derive the shared secret of the key exchange. 7330 * 7331 * ssl The SSL/TLS object. 7332 * returns 0 on success and other values indicate failure. 7333 */ 7334 int TLSX_KeyShare_DeriveSecret(WOLFSSL *ssl) 7335 { 7336 int ret; 7337 TLSX* extension; 7338 KeyShareEntry* list = NULL; 7339 7340 /* Find the KeyShare extension if it exists. */ 7341 extension = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE); 7342 if (extension != NULL) 7343 list = (KeyShareEntry*)extension->data; 7344 7345 if (list == NULL) 7346 return KEY_SHARE_ERROR; 6057 7347 6058 7348 /* Calculate secret. */ 6059 ret = TLSX_KeyShare_Process(ssl, clientKSE);7349 ret = TLSX_KeyShare_Process(ssl, list); 6060 7350 if (ret != 0) 6061 7351 return ret; 6062 7352 6063 /* Swap public keys for sending to client. */ 6064 ke = serverKSE->ke; 6065 keLen = serverKSE->keLen; 6066 serverKSE->ke = clientKSE->ke; 6067 serverKSE->keLen = clientKSE->keLen; 6068 clientKSE->ke = ke; 6069 clientKSE->keLen = keLen; 6070 6071 extension->resp = 1; 6072 6073 /* Dispose of temporary server extension. */ 6074 TLSX_KeyShare_FreeAll(list, ssl->heap); 6075 6076 return 0; 7353 return ret; 6077 7354 } 6078 7355 … … 6291 7568 word16 idx = 0; 6292 7569 7570 TLSX_Remove(&ssl->extensions, TLSX_PRE_SHARED_KEY, ssl->heap); 7571 6293 7572 /* Length of identities and of binders. */ 6294 7573 if (length - idx < OPAQUE16_LEN + OPAQUE16_LEN) … … 6348 7627 list->binderLen = input[idx++]; 6349 7628 if (list->binderLen < WC_SHA256_DIGEST_SIZE || 6350 list->binderLen > MAX_DIGEST_SIZE)7629 list->binderLen > WC_MAX_DIGEST_SIZE) 6351 7630 return BUFFER_E; 6352 7631 if (len < OPAQUE8_LEN + list->binderLen) … … 6376 7655 return BUFFER_E; 6377 7656 ato16(input, &idx); 7657 7658 #ifdef WOLFSSL_EARLY_DATA 7659 ssl->options.pskIdIndex = idx + 1; 7660 #endif 6378 7661 6379 7662 /* Find the list of identities sent to server. */ … … 6395 7678 if (ssl->options.cipherSuite0 != ssl->session.cipherSuite0 || 6396 7679 ssl->options.cipherSuite != ssl->session.cipherSuite || 6397 ssl->session.version.major != ssl-> version.major||6398 ssl->session.version.minor != ssl-> version.minor) {7680 ssl->session.version.major != ssl->ctx->method->version.major || 7681 ssl->session.version.minor != ssl->ctx->method->version.minor) { 6399 7682 return PSK_KEY_ERROR; 6400 7683 } 6401 7684 } 6402 7685 #endif 6403 /* TODO: [TLS13] More checks of consistency.6404 * the "key_share", and "signature_algorithms" extensions are6405 * consistent with the indicated ke_modes and auth_modes values6406 */6407 7686 6408 7687 return 0; … … 6450 7729 } 6451 7730 6452 static INLINE byte GetHmacLength(int hmac)7731 static WC_INLINE byte GetHmacLength(int hmac) 6453 7732 { 6454 7733 switch (hmac) { … … 6457 7736 return WC_SHA256_DIGEST_SIZE; 6458 7737 #endif 6459 #if ndef NO_SHA3847738 #ifdef WOLFSSL_SHA384 6460 7739 case sha384_mac: 6461 7740 return WC_SHA384_DIGEST_SIZE; 6462 7741 #endif 6463 #if ndef NO_SHA5127742 #ifdef WOLFSSL_SHA512 6464 7743 case sha512_mac: 6465 7744 return WC_SHA512_DIGEST_SIZE; … … 6713 7992 { 6714 7993 if (msgType == client_hello) 6715 return OPAQUE8_LEN;7994 return 0; 6716 7995 6717 7996 return SANITY_MSG_E; … … 6728 8007 static word16 TLSX_PostHandAuth_Write(byte* output, byte msgType) 6729 8008 { 6730 if (msgType == client_hello) {6731 *output = 0; 6732 return OPAQUE8_LEN;6733 }8009 (void)output; 8010 8011 if (msgType == client_hello) 8012 return 0; 6734 8013 6735 8014 return SANITY_MSG_E; … … 6748 8027 byte msgType) 6749 8028 { 6750 byte len;8029 (void)input; 6751 8030 6752 8031 if (msgType == client_hello) { 6753 /* Ensure length byte exists. */ 6754 if (length < OPAQUE8_LEN) 6755 return BUFFER_E; 6756 6757 len = input[0]; 6758 if (length - OPAQUE8_LEN != len || len != 0) 8032 /* Ensure extension is empty. */ 8033 if (length != 0) 6759 8034 return BUFFER_E; 6760 8035 … … 6866 8141 return BUFFER_E; 6867 8142 8143 /* Ensure the index of PSK identity chosen by server is 0. 8144 * Index is plus one to handle 'not set' value of 0. 8145 */ 8146 if (ssl->options.pskIdIndex != 1) 8147 return PSK_KEY_ERROR; 8148 6868 8149 return TLSX_EarlyData_Use(ssl, 1); 6869 8150 } … … 6939 8220 } 6940 8221 8222 /** Remove an extension. */ 8223 void TLSX_Remove(TLSX** list, TLSX_Type type, void* heap) 8224 { 8225 TLSX* extension = *list; 8226 TLSX** next = list; 8227 8228 while (extension && extension->type != type) { 8229 next = &extension->next; 8230 extension = extension->next; 8231 } 8232 8233 if (extension) { 8234 *next = extension->next; 8235 extension->next = NULL; 8236 TLSX_FreeAll(extension, heap); 8237 } 8238 } 8239 6941 8240 /** Releases all extensions in the provided list. */ 6942 8241 void TLSX_FreeAll(TLSX* list, void* heap) … … 7005 8304 break; 7006 8305 7007 case TLSX_KEY_SHARE:7008 KS_FREE_ALL((KeyShareEntry*)extension->data, heap);7009 break;7010 7011 8306 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 7012 8307 case TLSX_PRE_SHARED_KEY: … … 7027 8322 break; 7028 8323 #endif 8324 8325 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) 8326 case TLSX_SIGNATURE_ALGORITHMS_CERT: 8327 break; 8328 #endif 8329 8330 case TLSX_KEY_SHARE: 8331 KS_FREE_ALL((KeyShareEntry*)extension->data, heap); 8332 break; 7029 8333 #endif 7030 8334 } … … 7042 8346 7043 8347 /** Tells the buffered size of the extensions in a list. */ 7044 static word16 TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType) 7045 { 8348 static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType, word16* pLength) 8349 { 8350 int ret = 0; 7046 8351 TLSX* extension; 7047 8352 word16 length = 0; … … 7123 8428 #ifdef WOLFSSL_TLS13 7124 8429 case TLSX_SUPPORTED_VERSIONS: 7125 length += SV_GET_SIZE(extension->data);8430 ret = SV_GET_SIZE(extension->data, msgType, &length); 7126 8431 break; 7127 8432 7128 8433 case TLSX_COOKIE: 7129 length += CKE_GET_SIZE((Cookie*)extension->data, msgType); 7130 break; 7131 7132 case TLSX_KEY_SHARE: 7133 length += KS_GET_SIZE((KeyShareEntry*)extension->data, msgType); 8434 ret = CKE_GET_SIZE((Cookie*)extension->data, msgType, &length); 7134 8435 break; 7135 8436 … … 7155 8456 break; 7156 8457 #endif 8458 8459 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) 8460 case TLSX_SIGNATURE_ALGORITHMS_CERT: 8461 length += SAC_GET_SIZE(extension->data); 8462 break; 8463 #endif 8464 8465 case TLSX_KEY_SHARE: 8466 length += KS_GET_SIZE((KeyShareEntry*)extension->data, msgType); 8467 break; 7157 8468 #endif 7158 8469 } … … 7163 8474 } 7164 8475 7165 return length; 8476 *pLength += length; 8477 8478 return ret; 7166 8479 } 7167 8480 7168 8481 /** Writes the extensions of a list in a buffer. */ 7169 static word16 TLSX_Write(TLSX* list, byte* output, byte* semaphore, 7170 byte msgType) 7171 { 8482 static int TLSX_Write(TLSX* list, byte* output, byte* semaphore, 8483 byte msgType, word16* pOffset) 8484 { 8485 int ret = 0; 7172 8486 TLSX* extension; 7173 8487 word16 offset = 0; … … 7212 8526 7213 8527 case TLSX_SUPPORTED_GROUPS: 7214 WOLFSSL_MSG(" Elliptic Curves extension to write");8528 WOLFSSL_MSG("Supported Groups extension to write"); 7215 8529 offset += EC_WRITE((SupportedCurve*)extension->data, 7216 8530 output + offset); … … 7270 8584 case TLSX_SUPPORTED_VERSIONS: 7271 8585 WOLFSSL_MSG("Supported Versions extension to write"); 7272 offset += SV_WRITE(extension->data, output +offset);8586 ret = SV_WRITE(extension->data, output + offset, msgType, &offset); 7273 8587 break; 7274 8588 7275 8589 case TLSX_COOKIE: 7276 8590 WOLFSSL_MSG("Cookie extension to write"); 7277 offset += CKE_WRITE((Cookie*)extension->data, output + offset, 7278 msgType); 7279 break; 7280 7281 case TLSX_KEY_SHARE: 7282 WOLFSSL_MSG("Key Share extension to write"); 7283 offset += KS_WRITE((KeyShareEntry*)extension->data, 7284 output + offset, msgType); 8591 ret = CKE_WRITE((Cookie*)extension->data, output + offset, 8592 msgType, &offset); 7285 8593 break; 7286 8594 … … 7311 8619 break; 7312 8620 #endif 8621 8622 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) 8623 case TLSX_SIGNATURE_ALGORITHMS_CERT: 8624 WOLFSSL_MSG("Signature Algorithms extension to write"); 8625 offset += SAC_WRITE(extension->data, output + offset); 8626 break; 8627 #endif 8628 8629 case TLSX_KEY_SHARE: 8630 WOLFSSL_MSG("Key Share extension to write"); 8631 offset += KS_WRITE((KeyShareEntry*)extension->data, 8632 output + offset, msgType); 8633 break; 7313 8634 #endif 7314 8635 } … … 7322 8643 } 7323 8644 7324 return offset; 8645 *pOffset += offset; 8646 8647 return ret; 7325 8648 } 7326 8649 … … 7516 8839 #endif /* HAVE_QSH */ 7517 8840 8841 #if (!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ 8842 !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) || \ 8843 (defined(WOLFSSL_TLS13) && !defined(HAVE_ECC) && \ 8844 !defined(HAVE_CURVE25519) && defined(HAVE_SUPPORTED_CURVES)) || \ 8845 ((defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 8846 defined(HAVE_SUPPORTED_CURVES)) 8847 8848 /* Populates the default supported groups / curves */ 8849 static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) 8850 { 8851 int ret = WOLFSSL_SUCCESS; 8852 #ifdef WOLFSSL_TLS13 8853 int i; 8854 8855 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 8856 if (ssl->options.resuming && ssl->session.namedGroup != 0) { 8857 return TLSX_UseSupportedCurve(extensions, ssl->session.namedGroup, 8858 ssl->heap); 8859 } 8860 #endif 8861 8862 if (ssl->numGroups != 0) { 8863 for (i = 0; i < ssl->numGroups; i++) { 8864 ret = TLSX_UseSupportedCurve(extensions, ssl->group[i], ssl->heap); 8865 if (ret != WOLFSSL_SUCCESS) 8866 return ret; 8867 } 8868 return WOLFSSL_SUCCESS; 8869 } 8870 #endif /* WOLFSSL_TLS13 */ 8871 8872 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) 8873 /* list in order by strength, since not all servers choose by strength */ 8874 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) 8875 #ifndef NO_ECC_SECP 8876 ret = TLSX_UseSupportedCurve(extensions, 8877 WOLFSSL_ECC_SECP521R1, ssl->heap); 8878 if (ret != WOLFSSL_SUCCESS) return ret; 8879 #endif 8880 #endif 8881 #if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES) 8882 #ifdef HAVE_ECC_BRAINPOOL 8883 ret = TLSX_UseSupportedCurve(extensions, 8884 WOLFSSL_ECC_BRAINPOOLP512R1, ssl->heap); 8885 if (ret != WOLFSSL_SUCCESS) return ret; 8886 #endif 8887 #endif 8888 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) 8889 #ifndef NO_ECC_SECP 8890 ret = TLSX_UseSupportedCurve(extensions, 8891 WOLFSSL_ECC_SECP384R1, ssl->heap); 8892 if (ret != WOLFSSL_SUCCESS) return ret; 8893 #endif 8894 #ifdef HAVE_ECC_BRAINPOOL 8895 ret = TLSX_UseSupportedCurve(extensions, 8896 WOLFSSL_ECC_BRAINPOOLP384R1, ssl->heap); 8897 if (ret != WOLFSSL_SUCCESS) return ret; 8898 #endif 8899 #endif 8900 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) 8901 #ifndef NO_ECC_SECP 8902 ret = TLSX_UseSupportedCurve(extensions, 8903 WOLFSSL_ECC_SECP256R1, ssl->heap); 8904 if (ret != WOLFSSL_SUCCESS) return ret; 8905 #endif 8906 #ifdef HAVE_ECC_KOBLITZ 8907 ret = TLSX_UseSupportedCurve(extensions, 8908 WOLFSSL_ECC_SECP256K1, ssl->heap); 8909 if (ret != WOLFSSL_SUCCESS) return ret; 8910 #endif 8911 #ifdef HAVE_ECC_BRAINPOOL 8912 ret = TLSX_UseSupportedCurve(extensions, 8913 WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap); 8914 if (ret != WOLFSSL_SUCCESS) return ret; 8915 #endif 8916 #endif 8917 #endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */ 8918 8919 #ifndef HAVE_FIPS 8920 #if defined(HAVE_CURVE25519) 8921 ret = TLSX_UseSupportedCurve(extensions, 8922 WOLFSSL_ECC_X25519, ssl->heap); 8923 if (ret != WOLFSSL_SUCCESS) return ret; 8924 #endif 8925 #endif /* HAVE_FIPS */ 8926 8927 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) 8928 #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES) 8929 #ifndef NO_ECC_SECP 8930 ret = TLSX_UseSupportedCurve(extensions, 8931 WOLFSSL_ECC_SECP224R1, ssl->heap); 8932 if (ret != WOLFSSL_SUCCESS) return ret; 8933 #endif 8934 #ifdef HAVE_ECC_KOBLITZ 8935 ret = TLSX_UseSupportedCurve(extensions, 8936 WOLFSSL_ECC_SECP224K1, ssl->heap); 8937 if (ret != WOLFSSL_SUCCESS) return ret; 8938 #endif 8939 #endif 8940 8941 #ifndef HAVE_FIPS 8942 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES) 8943 #ifndef NO_ECC_SECP 8944 ret = TLSX_UseSupportedCurve(extensions, 8945 WOLFSSL_ECC_SECP192R1, ssl->heap); 8946 if (ret != WOLFSSL_SUCCESS) return ret; 8947 #endif 8948 #ifdef HAVE_ECC_KOBLITZ 8949 ret = TLSX_UseSupportedCurve(extensions, 8950 WOLFSSL_ECC_SECP192K1, ssl->heap); 8951 if (ret != WOLFSSL_SUCCESS) return ret; 8952 #endif 8953 #endif 8954 #if defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES) 8955 #ifndef NO_ECC_SECP 8956 ret = TLSX_UseSupportedCurve(extensions, 8957 WOLFSSL_ECC_SECP160R1, ssl->heap); 8958 if (ret != WOLFSSL_SUCCESS) return ret; 8959 #endif 8960 #ifdef HAVE_ECC_SECPR2 8961 ret = TLSX_UseSupportedCurve(extensions, 8962 WOLFSSL_ECC_SECP160R2, ssl->heap); 8963 if (ret != WOLFSSL_SUCCESS) return ret; 8964 #endif 8965 #ifdef HAVE_ECC_KOBLITZ 8966 ret = TLSX_UseSupportedCurve(extensions, 8967 WOLFSSL_ECC_SECP160K1, ssl->heap); 8968 if (ret != WOLFSSL_SUCCESS) return ret; 8969 #endif 8970 #endif 8971 #endif /* HAVE_FIPS */ 8972 #endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */ 8973 8974 #ifdef WOLFSSL_TLS13 8975 if (IsAtLeastTLSv1_3(ssl->version)) { 8976 /* Add FFDHE supported groups. */ 8977 #ifdef HAVE_FFDHE_8192 8978 ret = TLSX_UseSupportedCurve(extensions, 8979 WOLFSSL_FFDHE_8192, ssl->heap); 8980 if (ret != WOLFSSL_SUCCESS) 8981 return ret; 8982 #endif 8983 #ifdef HAVE_FFDHE_6144 8984 ret = TLSX_UseSupportedCurve(extensions, 8985 WOLFSSL_FFDHE_6144, ssl->heap); 8986 if (ret != WOLFSSL_SUCCESS) 8987 return ret; 8988 #endif 8989 #ifdef HAVE_FFDHE_4096 8990 ret = TLSX_UseSupportedCurve(extensions, 8991 WOLFSSL_FFDHE_4096, ssl->heap); 8992 if (ret != WOLFSSL_SUCCESS) 8993 return ret; 8994 #endif 8995 #ifdef HAVE_FFDHE_3072 8996 ret = TLSX_UseSupportedCurve(extensions, 8997 WOLFSSL_FFDHE_3072, ssl->heap); 8998 if (ret != WOLFSSL_SUCCESS) 8999 return ret; 9000 #endif 9001 #ifdef HAVE_FFDHE_2048 9002 ret = TLSX_UseSupportedCurve(extensions, 9003 WOLFSSL_FFDHE_2048, ssl->heap); 9004 if (ret != WOLFSSL_SUCCESS) 9005 return ret; 9006 #endif 9007 } 9008 #endif /* WOLFSSL_TLS13 */ 9009 9010 (void)ssl; 9011 (void)extensions; 9012 9013 return ret; 9014 } 9015 9016 #endif 9017 7518 9018 int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) 7519 9019 { … … 7531 9031 /* add supported QSHSchemes */ 7532 9032 WOLFSSL_MSG("Adding supported QSH Schemes"); 7533 #endif9033 #endif 7534 9034 7535 9035 /* server will add extension depending on whats parsed from client */ … … 7605 9105 } 7606 9106 } 7607 #endif7608 7609 #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)7610 if (!ssl->options.userCurves && !ssl->ctx->userCurves &&7611 TLSX_Find(ssl->ctx->extensions, TLSX_SUPPORTED_GROUPS) == NULL) {7612 7613 #ifndef HAVE_FIPS7614 #if defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)7615 #ifndef NO_ECC_SECP7616 ret = TLSX_UseSupportedCurve(&ssl->extensions,7617 WOLFSSL_ECC_SECP160R1, ssl->heap);7618 if (ret != WOLFSSL_SUCCESS) return ret;7619 #endif7620 #ifdef HAVE_ECC_SECPR27621 ret = TLSX_UseSupportedCurve(&ssl->extensions,7622 WOLFSSL_ECC_SECP160R2, ssl->heap);7623 if (ret != WOLFSSL_SUCCESS) return ret;7624 #endif7625 #ifdef HAVE_ECC_KOBLITZ7626 ret = TLSX_UseSupportedCurve(&ssl->extensions,7627 WOLFSSL_ECC_SECP160K1, ssl->heap);7628 if (ret != WOLFSSL_SUCCESS) return ret;7629 #endif7630 9107 #endif 7631 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES) 7632 #ifndef NO_ECC_SECP 7633 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7634 WOLFSSL_ECC_SECP192R1, ssl->heap); 7635 if (ret != WOLFSSL_SUCCESS) return ret; 7636 #endif 7637 #ifdef HAVE_ECC_KOBLITZ 7638 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7639 WOLFSSL_ECC_SECP192K1, ssl->heap); 7640 if (ret != WOLFSSL_SUCCESS) return ret; 7641 #endif 7642 #endif 7643 #endif 7644 #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES) 7645 #ifndef NO_ECC_SECP 7646 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7647 WOLFSSL_ECC_SECP224R1, ssl->heap); 7648 if (ret != WOLFSSL_SUCCESS) return ret; 7649 #endif 7650 #ifdef HAVE_ECC_KOBLITZ 7651 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7652 WOLFSSL_ECC_SECP224K1, ssl->heap); 7653 if (ret != WOLFSSL_SUCCESS) return ret; 7654 #endif 7655 #endif 7656 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) 7657 #ifndef NO_ECC_SECP 7658 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7659 WOLFSSL_ECC_SECP256R1, ssl->heap); 7660 if (ret != WOLFSSL_SUCCESS) return ret; 7661 #endif 7662 #if defined(HAVE_CURVE25519) 7663 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7664 WOLFSSL_ECC_X25519, ssl->heap); 7665 if (ret != WOLFSSL_SUCCESS) return ret; 7666 #endif 7667 #ifdef HAVE_ECC_KOBLITZ 7668 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7669 WOLFSSL_ECC_SECP256K1, ssl->heap); 7670 if (ret != WOLFSSL_SUCCESS) return ret; 7671 #endif 7672 #ifdef HAVE_ECC_BRAINPOOL 7673 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7674 WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap); 7675 if (ret != WOLFSSL_SUCCESS) return ret; 7676 #endif 7677 #endif 7678 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) 7679 #ifndef NO_ECC_SECP 7680 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7681 WOLFSSL_ECC_SECP384R1, ssl->heap); 7682 if (ret != WOLFSSL_SUCCESS) return ret; 7683 #endif 7684 #ifdef HAVE_ECC_BRAINPOOL 7685 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7686 WOLFSSL_ECC_BRAINPOOLP384R1, ssl->heap); 7687 if (ret != WOLFSSL_SUCCESS) return ret; 7688 #endif 7689 #endif 7690 #if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES) 7691 #ifdef HAVE_ECC_BRAINPOOL 7692 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7693 WOLFSSL_ECC_BRAINPOOLP512R1, ssl->heap); 7694 if (ret != WOLFSSL_SUCCESS) return ret; 7695 #endif 7696 #endif 7697 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) 7698 #ifndef NO_ECC_SECP 7699 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7700 WOLFSSL_ECC_SECP521R1, ssl->heap); 7701 if (ret != WOLFSSL_SUCCESS) return ret; 7702 #endif 7703 #endif 7704 } 7705 #endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */ 9108 9109 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ 9110 defined(HAVE_SUPPORTED_CURVES) 9111 if (!ssl->options.userCurves && !ssl->ctx->userCurves) { 9112 if (TLSX_Find(ssl->ctx->extensions, 9113 TLSX_SUPPORTED_GROUPS) == NULL) { 9114 ret = TLSX_PopulateSupportedGroups(ssl, &ssl->extensions); 9115 if (ret != WOLFSSL_SUCCESS) 9116 return ret; 9117 } 9118 } 9119 if ((!IsAtLeastTLSv1_3(ssl->version) || ssl->options.downgrade) && 9120 TLSX_Find(ssl->ctx->extensions, TLSX_EC_POINT_FORMATS) == NULL && 9121 TLSX_Find(ssl->extensions, TLSX_EC_POINT_FORMATS) == NULL) { 9122 ret = TLSX_UsePointFormat(&ssl->extensions, 9123 WOLFSSL_EC_PF_UNCOMPRESSED, ssl->heap); 9124 if (ret != WOLFSSL_SUCCESS) 9125 return ret; 9126 } 9127 #endif /* (HAVE_ECC || HAVE_CURVE25519) && HAVE_SUPPORTED_CURVES */ 7706 9128 } /* is not server */ 7707 9129 … … 7717 9139 WOLFSSL_MSG("Adding supported versions extension"); 7718 9140 if ((ret = TLSX_SetSupportedVersions(&ssl->extensions, ssl, 7719 ssl->heap)) != 0)9141 ssl->heap)) != 0) { 7720 9142 return ret; 7721 7722 #ifdef HAVE_SUPPORTED_CURVES 7723 if (!ssl->options.userCurves && !ssl->ctx->userCurves && 7724 TLSX_Find(ssl->ctx->extensions, TLSX_SUPPORTED_GROUPS) 7725 == NULL) { 7726 /* Add FFDHE supported groups. */ 7727 #ifdef HAVE_FFDHE_2048 7728 ret = TLSX_UseSupportedCurve(&ssl->extensions, 7729 WOLFSSL_FFDHE_2048, ssl->heap); 9143 } 9144 9145 #if !defined(HAVE_ECC) && !defined(HAVE_CURVE25519) && \ 9146 defined(HAVE_SUPPORTED_CURVES) 9147 if (TLSX_Find(ssl->ctx->extensions, TLSX_SUPPORTED_GROUPS) == NULL) { 9148 /* Put in DH groups for TLS 1.3 only. */ 9149 ret = TLSX_PopulateSupportedGroups(ssl, &ssl->extensions); 7730 9150 if (ret != WOLFSSL_SUCCESS) 7731 9151 return ret; 7732 #endif7733 #ifdef HAVE_FFDHE_30727734 ret = TLSX_UseSupportedCurve(&ssl->extensions,7735 WOLFSSL_FFDHE_3072, ssl->heap);7736 if (ret != WOLFSSL_SUCCESS)7737 return ret;7738 #endif7739 #ifdef HAVE_FFDHE_40967740 ret = TLSX_UseSupportedCurve(&ssl->extensions,7741 WOLFSSL_FFDHE_4096, ssl->heap);7742 if (ret != WOLFSSL_SUCCESS)7743 return ret;7744 #endif7745 #ifdef HAVE_FFDHE_61447746 ret = TLSX_UseSupportedCurve(&ssl->extensions,7747 WOLFSSL_FFDHE_6144, ssl->heap);7748 if (ret != WOLFSSL_SUCCESS)7749 return ret;7750 #endif7751 #ifdef HAVE_FFDHE_81927752 ret = TLSX_UseSupportedCurve(&ssl->extensions,7753 WOLFSSL_FFDHE_8192, ssl->heap);7754 if (ret != WOLFSSL_SUCCESS)7755 return ret;7756 #endif7757 9152 ret = 0; 7758 9153 } 7759 #endif 9154 #endif /* !HAVE_ECC && !HAVE_CURVE25519 && HAVE_SUPPORTED_CURVES */ 9155 9156 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) 9157 if (ssl->certHashSigAlgoSz > 0) { 9158 WOLFSSL_MSG("Adding signature algorithms cert extension"); 9159 if ((ret = TLSX_SetSignatureAlgorithmsCert(&ssl->extensions, 9160 ssl, ssl->heap)) != 0) { 9161 return ret; 9162 } 9163 } 9164 #endif /* !WOLFSSL_TLS13_DRAFT_18 && !WOLFSSL_TLS13_DRAFT_22 */ 7760 9165 7761 9166 if (TLSX_Find(ssl->extensions, TLSX_KEY_SHARE) == NULL) { 7762 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \ 7763 !defined(NO_ECC_SECP) 7764 ret = TLSX_KeyShare_Use(ssl, WOLFSSL_ECC_SECP256R1, 0, NULL, 7765 NULL); 9167 word16 namedGroup; 9168 9169 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 9170 if (ssl->options.resuming && ssl->session.namedGroup != 0) 9171 namedGroup = ssl->session.namedGroup; 9172 else 9173 #endif 9174 { 9175 #if defined(HAVE_ECC) && (!defined(NO_ECC256) || \ 9176 defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) 9177 namedGroup = WOLFSSL_ECC_SECP256R1; 7766 9178 #elif defined(HAVE_CURVE25519) 7767 ret = TLSX_KeyShare_Use(ssl, WOLFSSL_ECC_X25519, 0, NULL, NULL); 7768 #elif (!defined(NO_ECC384) || defined(HAVE_ALL_CURVES)) && \ 7769 !defined(NO_ECC_SECP) 7770 ret = TLSX_KeyShare_Use(ssl, WOLFSSL_ECC_SECP384R1, 0, NULL, 7771 NULL); 7772 #elif (!defined(NO_ECC521) || defined(HAVE_ALL_CURVES)) && \ 7773 !defined(NO_ECC_SECP) 7774 ret = TLSX_KeyShare_Use(ssl, WOLFSSL_ECC_SECP521R1, 0, NULL, 7775 NULL); 9179 namedGroup = WOLFSSL_ECC_X25519; 9180 #elif defined(HAVE_ECC) && (!defined(NO_ECC384) || \ 9181 defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) 9182 namedGroup = WOLFSSL_ECC_SECP384R1; 9183 #elif defined(HAVE_ECC) && (!defined(NO_ECC521) || \ 9184 defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) 9185 namedGroup = WOLFSSL_ECC_SECP521R1; 7776 9186 #elif defined(HAVE_FFDHE_2048) 7777 ret = TLSX_KeyShare_Use(ssl, WOLFSSL_FFDHE_2048, 0, NULL, NULL);9187 namedGroup = WOLFSSL_FFDHE_2048; 7778 9188 #elif defined(HAVE_FFDHE_3072) 7779 ret = TLSX_KeyShare_Use(ssl, WOLFSSL_FFDHE_3072, 0, NULL, NULL);9189 namedGroup = WOLFSSL_FFDHE_3072; 7780 9190 #elif defined(HAVE_FFDHE_4096) 7781 ret = TLSX_KeyShare_Use(ssl, WOLFSSL_FFDHE_4096, 0, NULL, NULL);9191 namedGroup = WOLFSSL_FFDHE_4096; 7782 9192 #elif defined(HAVE_FFDHE_6144) 7783 ret = TLSX_KeyShare_Use(ssl, WOLFSSL_FFDHE_6144, 0, NULL, NULL);9193 namedGroup = WOLFSSL_FFDHE_6144; 7784 9194 #elif defined(HAVE_FFDHE_8192) 7785 ret = TLSX_KeyShare_Use(ssl, WOLFSSL_FFDHE_8192, 0, NULL, NULL);9195 namedGroup = WOLFSSL_FFDHE_8192; 7786 9196 #else 7787 ret =KEY_SHARE_ERROR;9197 return KEY_SHARE_ERROR; 7788 9198 #endif 9199 } 9200 ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL); 7789 9201 if (ret != 0) 7790 9202 return ret; 7791 9203 } 7792 9204 9205 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 9206 TLSX_Remove(&ssl->extensions, TLSX_PRE_SHARED_KEY, ssl->heap); 9207 #endif 7793 9208 #if defined(HAVE_SESSION_TICKET) 7794 if (ssl->options.resuming ) {9209 if (ssl->options.resuming && ssl->session.ticketLen > 0) { 7795 9210 WOLFSSL_SESSION* sess = &ssl->session; 7796 9211 word32 milli; … … 7839 9254 ret = TLSX_PreSharedKey_Use(ssl, 7840 9255 (byte*)ssl->arrays->client_identity, 7841 9256 (word16)XSTRLEN(ssl->arrays->client_identity), 7842 9257 0, ssl->specs.mac_algorithm, 7843 9258 cipherSuite0, cipherSuite, 0, … … 7855 9270 /* Pre-shared key modes: mandatory extension for resumption. */ 7856 9271 modes = 1 << PSK_KE; 7857 #if !defined(NO_DH) || defined(HAVE_ECC) 9272 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_CURVE25519) 7858 9273 if (!ssl->options.noPskDheKe) 7859 9274 modes |= 1 << PSK_DHE_KE; … … 7880 9295 (void)ssl; 7881 9296 7882 if (ret == WOLFSSL_SUCCESS)7883 ret = 0;7884 7885 9297 return ret; 7886 9298 } 7887 9299 7888 9300 7889 #if ndef NO_WOLFSSL_CLIENT9301 #if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_CLIENT) 7890 9302 7891 9303 /** Tells the buffered size of extensions to be sent into the client hello. */ 7892 word16 TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType) 7893 { 9304 int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength) 9305 { 9306 int ret = 0; 7894 9307 word16 length = 0; 7895 9308 byte semaphore[SEMAPHORE_SIZE] = {0}; … … 7921 9334 #endif 7922 9335 } 9336 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 9337 if (IsAtLeastTLSv1_3(ssl->version) && ssl->options.noPskDheKe) { 9338 #if !defined(NO_PSK) 9339 if (ssl->options.havePSK) 9340 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 9341 #endif 9342 #if defined(HAVE_SESSION_TICKET) 9343 if (ssl->options.resuming) 9344 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 9345 #endif 9346 } 9347 #endif 7923 9348 #endif 7924 9349 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ … … 7936 9361 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 7937 9362 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); 7938 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST));7939 9363 /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP, 7940 9364 * TLSX_CERTIFICATE_AUTHORITIES, OID_FILTERS 9365 * TLSX_STATUS_REQUEST 7941 9366 */ 7942 9367 } … … 7945 9370 7946 9371 if (ssl->extensions) 7947 length += TLSX_GetSize(ssl->extensions, semaphore, msgType);9372 ret = TLSX_GetSize(ssl->extensions, semaphore, msgType, &length); 7948 9373 if (ssl->ctx && ssl->ctx->extensions) 7949 length += TLSX_GetSize(ssl->ctx->extensions, semaphore, msgType);9374 ret = TLSX_GetSize(ssl->ctx->extensions, semaphore, msgType, &length); 7950 9375 7951 9376 #ifdef HAVE_EXTENDED_MASTER 7952 9377 if (msgType == client_hello && ssl->options.haveEMS && 7953 !IsAtLeastTLSv1_3(ssl->version)) {9378 (!IsAtLeastTLSv1_3(ssl->version) || ssl->options.downgrade)) { 7954 9379 length += HELLO_EXT_SZ; 7955 9380 } … … 7959 9384 length += OPAQUE16_LEN; /* for total length storage. */ 7960 9385 7961 return length; 9386 *pLength += length; 9387 9388 return ret; 7962 9389 } 7963 9390 7964 9391 /** Writes the extensions to be sent into the client hello. */ 7965 word16 TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType) 7966 { 9392 int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset) 9393 { 9394 int ret = 0; 7967 9395 word16 offset = 0; 7968 9396 byte semaphore[SEMAPHORE_SIZE] = {0}; … … 7997 9425 } 7998 9426 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 9427 if (IsAtLeastTLSv1_3(ssl->version) && ssl->options.noPskDheKe) { 9428 #if !defined(NO_PSK) 9429 if (ssl->options.havePSK) 9430 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 9431 #endif 9432 #if defined(HAVE_SESSION_TICKET) 9433 if (ssl->options.resuming) 9434 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 9435 #endif 9436 } 9437 #endif 9438 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 7999 9439 /* Must write Pre-shared Key extension at the end in TLS v1.3. 8000 9440 * Must not write out Pre-shared Key extension in earlier versions of … … 8018 9458 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 8019 9459 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); 8020 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST));8021 9460 /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP, 8022 9461 * TLSX_CERTIFICATE_AUTHORITIES, TLSX_OID_FILTERS 9462 * TLSX_STATUS_REQUEST 8023 9463 */ 8024 9464 } … … 8027 9467 8028 9468 if (ssl->extensions) { 8029 offset += TLSX_Write(ssl->extensions, output + offset, semaphore,8030 msgType);9469 ret = TLSX_Write(ssl->extensions, output + offset, semaphore, 9470 msgType, &offset); 8031 9471 } 8032 9472 if (ssl->ctx && ssl->ctx->extensions) { 8033 offset += TLSX_Write(ssl->ctx->extensions, output + offset, semaphore,8034 msgType);9473 ret = TLSX_Write(ssl->ctx->extensions, output + offset, semaphore, 9474 msgType, &offset); 8035 9475 } 8036 9476 8037 9477 #ifdef HAVE_EXTENDED_MASTER 8038 9478 if (msgType == client_hello && ssl->options.haveEMS && 8039 !IsAtLeastTLSv1_3(ssl->version)) { 9479 (!IsAtLeastTLSv1_3(ssl->version) || ssl->options.downgrade)) { 9480 WOLFSSL_MSG("EMS extension to write"); 8040 9481 c16toa(HELLO_EXT_EXTMS, output + offset); 8041 9482 offset += HELLO_EXT_TYPE_SZ; … … 8050 9491 /* Write out what we can of Pre-shared key extension. */ 8051 9492 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 8052 offset += TLSX_Write(ssl->extensions, output + offset, semaphore,8053 client_hello);9493 ret = TLSX_Write(ssl->extensions, output + offset, semaphore, 9494 client_hello, &offset); 8054 9495 } 8055 9496 #endif … … 8059 9500 c16toa(offset - OPAQUE16_LEN, output); /* extensions length */ 8060 9501 8061 return offset; 8062 } 8063 8064 #endif /* NO_WOLFSSL_CLIENT */ 8065 8066 #ifndef NO_WOLFSSL_SERVER 9502 *pOffset += offset; 9503 9504 return ret; 9505 } 9506 9507 #endif /* WOLFSSL_TLS13 || !NO_WOLFSSL_CLIENT */ 9508 9509 #if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_SERVER) 8067 9510 8068 9511 /** Tells the buffered size of extensions to be sent into the server hello. */ 8069 word16 TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType) 8070 { 9512 int TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType, word16* pLength) 9513 { 9514 int ret = 0; 8071 9515 word16 length = 0; 8072 9516 byte semaphore[SEMAPHORE_SIZE] = {0}; 8073 9517 8074 9518 switch (msgType) { 9519 #ifndef NO_WOLFSSL_SERVER 8075 9520 case server_hello: 8076 9521 PF_VALIDATE_RESPONSE(ssl, semaphore); … … 8078 9523 if (ssl->options.tls1_3) { 8079 9524 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 9525 #ifndef WOLFSSL_TLS13_DRAFT_18 9526 TURN_OFF(semaphore, 9527 TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 9528 #endif 9529 if (!ssl->options.noPskDheKe) 8080 9530 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 8081 9531 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) … … 8083 9533 #endif 8084 9534 } 9535 else { 9536 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 9537 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 9538 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 9539 #endif 9540 } 8085 9541 #endif 8086 9542 break; 9543 8087 9544 #ifdef WOLFSSL_TLS13 8088 9545 case hello_retry_request: 8089 9546 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 9547 #ifndef WOLFSSL_TLS13_DRAFT_18 9548 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 9549 #endif 9550 if (!ssl->options.noPskDheKe) 8090 9551 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 8091 9552 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); 8092 #endif8093 9553 break; 9554 #endif 9555 8094 9556 #ifdef WOLFSSL_TLS13 8095 9557 case encrypted_extensions: 9558 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS)); 9559 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 8096 9560 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SESSION_TICKET)); 8097 9561 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); … … 8099 9563 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 8100 9564 #endif 9565 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST 9566 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST)); 9567 #endif 8101 9568 break; 9569 8102 9570 #ifdef WOLFSSL_EARLY_DATA 8103 9571 case session_ticket: … … 8108 9576 break; 8109 9577 #endif 9578 #endif 9579 #endif 9580 9581 #ifdef WOLFSSL_TLS13 8110 9582 #ifndef NO_CERT 8111 9583 case certificate: … … 8130 9602 8131 9603 #ifdef HAVE_EXTENDED_MASTER 8132 if (ssl->options.haveEMS && msgType == server_hello) 9604 if (ssl->options.haveEMS && msgType == server_hello && 9605 !IsAtLeastTLSv1_3(ssl->version)) { 8133 9606 length += HELLO_EXT_SZ; 9607 } 8134 9608 #endif 8135 9609 8136 9610 if (TLSX_SupportExtensions(ssl)) 8137 length += TLSX_GetSize(ssl->extensions, semaphore, msgType);9611 ret = TLSX_GetSize(ssl->extensions, semaphore, msgType, &length); 8138 9612 8139 9613 /* All the response data is set at the ssl object only, so no ctx here. */ … … 8142 9616 length += OPAQUE16_LEN; /* for total length storage. */ 8143 9617 8144 return length; 9618 *pLength += length; 9619 9620 return ret; 8145 9621 } 8146 9622 8147 9623 /** Writes the server hello extensions into a buffer. */ 8148 word16 TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType) 8149 { 9624 int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType, word16* pOffset) 9625 { 9626 int ret = 0; 8150 9627 word16 offset = 0; 8151 9628 … … 8154 9631 8155 9632 switch (msgType) { 9633 #ifndef NO_WOLFSSL_SERVER 8156 9634 case server_hello: 8157 9635 PF_VALIDATE_RESPONSE(ssl, semaphore); … … 8159 9637 if (ssl->options.tls1_3) { 8160 9638 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 9639 #ifndef WOLFSSL_TLS13_DRAFT_18 9640 TURN_OFF(semaphore, 9641 TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 9642 #endif 9643 if (!ssl->options.noPskDheKe) 8161 9644 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 8162 9645 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) … … 8164 9647 #endif 8165 9648 } 8166 #endif 8167 break; 9649 else { 9650 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 9651 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 9652 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 9653 #endif 9654 } 9655 #endif 9656 break; 9657 8168 9658 #ifdef WOLFSSL_TLS13 8169 9659 case hello_retry_request: 8170 9660 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 8171 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 8172 #endif 8173 break; 9661 #ifndef WOLFSSL_TLS13_DRAFT_18 9662 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 9663 #endif 9664 if (!ssl->options.noPskDheKe) 9665 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); 9666 /* Cookie is written below as last extension. */ 9667 break; 9668 #endif 9669 8174 9670 #ifdef WOLFSSL_TLS13 8175 9671 case encrypted_extensions: 9672 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS)); 9673 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); 8176 9674 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SESSION_TICKET)); 8177 9675 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); … … 8179 9677 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); 8180 9678 #endif 8181 break; 9679 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST 9680 TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST)); 9681 #endif 9682 break; 9683 9684 #ifdef WOLFSSL_EARLY_DATA 9685 case session_ticket: 9686 if (ssl->options.tls1_3) { 9687 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 9688 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_EARLY_DATA)); 9689 } 9690 break; 9691 #endif 9692 #endif 9693 #endif 9694 9695 #ifdef WOLFSSL_TLS13 8182 9696 #ifndef NO_CERTS 8183 9697 case certificate: … … 8189 9703 break; 8190 9704 #endif 8191 #ifdef WOLFSSL_EARLY_DATA8192 case session_ticket:8193 if (ssl->options.tls1_3) {8194 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE);8195 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_EARLY_DATA));8196 }8197 break;8198 #endif8199 9705 #endif 8200 9706 } … … 8202 9708 offset += OPAQUE16_LEN; /* extensions length */ 8203 9709 8204 offset += TLSX_Write(ssl->extensions, output + offset, semaphore,8205 msgType);9710 ret = TLSX_Write(ssl->extensions, output + offset, semaphore, 9711 msgType, &offset); 8206 9712 8207 9713 #ifdef WOLFSSL_TLS13 … … 8209 9715 XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); 8210 9716 TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); 8211 offset += TLSX_Write(ssl->extensions, output + offset, semaphore,8212 msgType);9717 ret = TLSX_Write(ssl->extensions, output + offset, semaphore, 9718 msgType, &offset); 8213 9719 } 8214 9720 #endif 8215 9721 8216 9722 #ifdef HAVE_EXTENDED_MASTER 8217 if (ssl->options.haveEMS && msgType == server_hello) { 9723 if (ssl->options.haveEMS && msgType == server_hello && 9724 !IsAtLeastTLSv1_3(ssl->version)) { 9725 WOLFSSL_MSG("EMS extension to write"); 8218 9726 c16toa(HELLO_EXT_EXTMS, output + offset); 8219 9727 offset += HELLO_EXT_TYPE_SZ; … … 8227 9735 } 8228 9736 8229 return offset; 8230 } 8231 8232 #endif /* NO_WOLFSSL_SERVER */ 9737 if (pOffset) 9738 *pOffset += offset; 9739 9740 return ret; 9741 } 9742 9743 #endif /* WOLFSSL_TLS13 || !NO_WOLFSSL_SERVER */ 8233 9744 8234 9745 /** Parses a buffer of TLS extensions. */ … … 8240 9751 byte isRequest = (msgType == client_hello || 8241 9752 msgType == certificate_request); 9753 8242 9754 #ifdef HAVE_EXTENDED_MASTER 8243 9755 byte pendingEMS = 0; 9756 #endif 9757 #if defined(WOLFSSL_TLS13) && (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)) 9758 int pskDone = 0; 8244 9759 #endif 8245 9760 … … 8251 9766 word16 size; 8252 9767 9768 #if defined(WOLFSSL_TLS13) && (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)) 9769 if (msgType == client_hello && pskDone) 9770 return PSK_KEY_ERROR; 9771 #endif 9772 8253 9773 if (length - offset < HELLO_EXT_TYPE_SZ + OPAQUE16_LEN) 8254 9774 return BUFFER_ERROR; … … 8268 9788 8269 9789 #ifdef WOLFSSL_TLS13 8270 if (IsAtLeastTLSv1_3(ssl-> version) &&9790 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 8271 9791 msgType != client_hello && 8272 9792 msgType != encrypted_extensions) { 8273 9793 return EXT_NOT_ALLOWED; 8274 9794 } 9795 else if (!IsAtLeastTLSv1_3(ssl->version) && 9796 msgType == encrypted_extensions) { 9797 return EXT_NOT_ALLOWED; 9798 } 8275 9799 #endif 8276 9800 ret = SNI_PARSE(ssl, input + offset, size, isRequest); … … 8281 9805 8282 9806 #ifdef WOLFSSL_TLS13 8283 if (IsAtLeastTLSv1_3(ssl-> version) &&9807 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 8284 9808 msgType != client_hello && 8285 9809 msgType != encrypted_extensions) { 8286 9810 return EXT_NOT_ALLOWED; 8287 9811 } 9812 else if (!IsAtLeastTLSv1_3(ssl->version) && 9813 msgType == encrypted_extensions) { 9814 return EXT_NOT_ALLOWED; 9815 } 8288 9816 #endif 8289 9817 ret = MFL_PARSE(ssl, input + offset, size, isRequest); … … 8294 9822 8295 9823 #ifdef WOLFSSL_TLS13 8296 if (IsAtLeastTLSv1_3(ssl->version)) 8297 return EXT_NOT_ALLOWED; 9824 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 9825 !ssl->options.downgrade) { 9826 break; 9827 } 8298 9828 #endif 8299 9829 ret = THM_PARSE(ssl, input + offset, size, isRequest); … … 8301 9831 8302 9832 case TLSX_SUPPORTED_GROUPS: 8303 WOLFSSL_MSG(" Elliptic Curves extension received");9833 WOLFSSL_MSG("Supported Groups extension received"); 8304 9834 8305 9835 #ifdef WOLFSSL_TLS13 8306 if (IsAtLeastTLSv1_3(ssl-> version) &&9836 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 8307 9837 msgType != client_hello && 8308 9838 msgType != encrypted_extensions) { 8309 9839 return EXT_NOT_ALLOWED; 8310 9840 } 9841 else if (!IsAtLeastTLSv1_3(ssl->version) && 9842 msgType == encrypted_extensions) { 9843 return EXT_NOT_ALLOWED; 9844 } 8311 9845 #endif 8312 9846 ret = EC_PARSE(ssl, input + offset, size, isRequest); … … 8317 9851 8318 9852 #ifdef WOLFSSL_TLS13 8319 if (IsAtLeastTLSv1_3(ssl->version) && 8320 msgType != client_hello && 8321 msgType != encrypted_extensions) { 8322 return EXT_NOT_ALLOWED; 9853 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 9854 !ssl->options.downgrade) { 9855 break; 8323 9856 } 8324 9857 #endif … … 8330 9863 8331 9864 #ifdef WOLFSSL_TLS13 8332 if (IsAtLeastTLSv1_3(ssl->version) && 8333 msgType != client_hello && 8334 msgType != encrypted_extensions) { 8335 return EXT_NOT_ALLOWED; 9865 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 9866 !ssl->options.downgrade) { 9867 break; 8336 9868 } 8337 9869 #endif … … 8343 9875 8344 9876 #ifdef WOLFSSL_TLS13 8345 if (IsAtLeastTLSv1_3(ssl-> version) &&9877 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 8346 9878 msgType != client_hello && 8347 msgType != encrypted_extensions) { 9879 msgType != certificate_request && 9880 msgType != certificate) { 8348 9881 return EXT_NOT_ALLOWED; 8349 9882 } … … 8355 9888 case HELLO_EXT_EXTMS: 8356 9889 WOLFSSL_MSG("Extended Master Secret extension received"); 9890 9891 #ifdef WOLFSSL_TLS13 9892 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 9893 !ssl->options.downgrade) { 9894 break; 9895 } 9896 #endif 9897 #ifndef NO_WOLFSSL_SERVER 9898 if (isRequest) 9899 ssl->options.haveEMS = 1; 9900 #endif 9901 pendingEMS = 1; 9902 break; 9903 #endif 9904 9905 case TLSX_RENEGOTIATION_INFO: 9906 WOLFSSL_MSG("Secure Renegotiation extension received"); 9907 9908 #ifdef WOLFSSL_TLS13 9909 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 9910 !ssl->options.downgrade) { 9911 break; 9912 } 9913 #endif 9914 ret = SCR_PARSE(ssl, input + offset, size, isRequest); 9915 break; 9916 9917 case TLSX_SESSION_TICKET: 9918 WOLFSSL_MSG("Session Ticket extension received"); 8357 9919 8358 9920 #ifdef WOLFSSL_TLS13 … … 8362 9924 } 8363 9925 #endif 8364 #ifndef NO_WOLFSSL_SERVER8365 if (isRequest && !IsAtLeastTLSv1_3(ssl->version))8366 ssl->options.haveEMS = 1;8367 #endif8368 pendingEMS = 1;8369 break;8370 #endif8371 8372 case TLSX_RENEGOTIATION_INFO:8373 WOLFSSL_MSG("Secure Renegotiation extension received");8374 8375 ret = SCR_PARSE(ssl, input + offset, size, isRequest);8376 break;8377 8378 case TLSX_SESSION_TICKET:8379 WOLFSSL_MSG("Session Ticket extension received");8380 8381 #ifdef WOLFSSL_TLS138382 if (IsAtLeastTLSv1_3(ssl->version) &&8383 msgType != client_hello) {8384 return EXT_NOT_ALLOWED;8385 }8386 #endif8387 9926 ret = WOLF_STK_PARSE(ssl, input + offset, size, isRequest); 8388 9927 break; … … 8392 9931 8393 9932 #ifdef WOLFSSL_TLS13 8394 if (IsAtLeastTLSv1_3(ssl->version)) 8395 return EXT_NOT_ALLOWED; 9933 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 9934 !ssl->options.downgrade) { 9935 break; 9936 } 8396 9937 #endif 8397 9938 ret = QSH_PARSE(ssl, input + offset, size, isRequest); … … 8402 9943 8403 9944 #ifdef WOLFSSL_TLS13 8404 if (IsAtLeastTLSv1_3(ssl-> version) &&9945 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 8405 9946 msgType != client_hello && 9947 msgType != server_hello && 8406 9948 msgType != encrypted_extensions) { 8407 9949 return EXT_NOT_ALLOWED; 8408 9950 } 9951 else if (!IsAtLeastTLSv1_3(ssl->version) && 9952 msgType == encrypted_extensions) { 9953 return EXT_NOT_ALLOWED; 9954 } 8409 9955 #endif 8410 9956 ret = ALPN_PARSE(ssl, input + offset, size, isRequest); … … 8417 9963 break; 8418 9964 8419 if (IsAtLeastTLSv1_3(ssl->version) && 9965 #ifdef WOLFSSL_TLS13 9966 if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && 8420 9967 msgType != client_hello && 8421 9968 msgType != certificate_request) { 8422 9969 return EXT_NOT_ALLOWED; 8423 9970 } 8424 ret = SA_PARSE(ssl, input + offset, size, suites); 9971 #endif 9972 ret = SA_PARSE(ssl, input + offset, size, isRequest, suites); 8425 9973 break; 8426 9974 … … 8429 9977 WOLFSSL_MSG("Supported Versions extension received"); 8430 9978 8431 if (IsAtLeastTLSv1_3(ssl->version) && 8432 msgType != client_hello) { 9979 if (!IsAtLeastTLSv1_3(ssl->ctx->method->version)) 9980 break; 9981 9982 if ( 9983 #ifdef WOLFSSL_TLS13_DRAFT_18 9984 msgType != client_hello 9985 #else 9986 msgType != client_hello && 9987 msgType != server_hello && 9988 msgType != hello_retry_request 9989 #endif 9990 ) { 8433 9991 return EXT_NOT_ALLOWED; 8434 9992 } 8435 ret = SV_PARSE(ssl, input + offset, size );9993 ret = SV_PARSE(ssl, input + offset, size, msgType); 8436 9994 break; 8437 9995 … … 8439 9997 WOLFSSL_MSG("Cookie extension received"); 8440 9998 8441 if (!IsAtLeastTLSv1_3(ssl-> version))9999 if (!IsAtLeastTLSv1_3(ssl->ctx->method->version)) 8442 10000 break; 8443 10001 8444 if (IsAtLeastTLSv1_3(ssl->version) && 8445 msgType != client_hello && 10002 if (msgType != client_hello && 8446 10003 msgType != hello_retry_request) { 8447 10004 return EXT_NOT_ALLOWED; 8448 10005 } 10006 8449 10007 ret = CKE_PARSE(ssl, input + offset, size, msgType); 8450 10008 break; 10009 10010 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 10011 case TLSX_PRE_SHARED_KEY: 10012 WOLFSSL_MSG("Pre-Shared Key extension received"); 10013 10014 if (!IsAtLeastTLSv1_3(ssl->ctx->method->version)) 10015 break; 10016 10017 if (msgType != client_hello && msgType != server_hello) 10018 return EXT_NOT_ALLOWED; 10019 10020 ret = PSK_PARSE(ssl, input + offset, size, msgType); 10021 pskDone = 1; 10022 break; 10023 10024 case TLSX_PSK_KEY_EXCHANGE_MODES: 10025 WOLFSSL_MSG("PSK Key Exchange Modes extension received"); 10026 10027 if (!IsAtLeastTLSv1_3(ssl->ctx->method->version)) 10028 break; 10029 10030 if (msgType != client_hello) 10031 return EXT_NOT_ALLOWED; 10032 10033 ret = PKM_PARSE(ssl, input + offset, size, msgType); 10034 break; 10035 #endif 10036 10037 #ifdef WOLFSSL_EARLY_DATA 10038 case TLSX_EARLY_DATA: 10039 WOLFSSL_MSG("Early Data extension received"); 10040 10041 if (!IsAtLeastTLSv1_3(ssl->ctx->method->version)) 10042 break; 10043 10044 if (msgType != client_hello && msgType != session_ticket && 10045 msgType != encrypted_extensions) { 10046 return EXT_NOT_ALLOWED; 10047 } 10048 if (!IsAtLeastTLSv1_3(ssl->version) && 10049 (msgType == session_ticket || 10050 msgType == encrypted_extensions)) { 10051 return EXT_NOT_ALLOWED; 10052 } 10053 ret = EDI_PARSE(ssl, input + offset, size, msgType); 10054 break; 10055 #endif 10056 10057 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH 10058 case TLSX_POST_HANDSHAKE_AUTH: 10059 WOLFSSL_MSG("Post Handshake Authentication extension received"); 10060 10061 if (!IsAtLeastTLSv1_3(ssl->ctx->method->version)) 10062 break; 10063 10064 if (msgType != client_hello) 10065 return EXT_NOT_ALLOWED; 10066 10067 ret = PHA_PARSE(ssl, input + offset, size, msgType); 10068 break; 10069 #endif 10070 10071 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) 10072 case TLSX_SIGNATURE_ALGORITHMS_CERT: 10073 WOLFSSL_MSG("Signature Algorithms extension received"); 10074 10075 if (!IsAtLeastTLSv1_3(ssl->ctx->method->version)) 10076 break; 10077 10078 if (msgType != client_hello && 10079 msgType != certificate_request) { 10080 return EXT_NOT_ALLOWED; 10081 } 10082 if (!IsAtLeastTLSv1_3(ssl->version) && 10083 msgType == certificate_request) { 10084 return EXT_NOT_ALLOWED; 10085 } 10086 10087 ret = SAC_PARSE(ssl, input + offset, size, isRequest); 10088 break; 10089 #endif 8451 10090 8452 10091 case TLSX_KEY_SHARE: 8453 10092 WOLFSSL_MSG("Key Share extension received"); 8454 10093 8455 if (!IsAtLeastTLSv1_3(ssl-> version))10094 if (!IsAtLeastTLSv1_3(ssl->ctx->method->version)) 8456 10095 break; 8457 10096 8458 if (IsAtLeastTLSv1_3(ssl->version) && 8459 msgType != client_hello && msgType != server_hello && 10097 if (msgType != client_hello && msgType != server_hello && 8460 10098 msgType != hello_retry_request) { 8461 10099 return EXT_NOT_ALLOWED; … … 8463 10101 ret = KS_PARSE(ssl, input + offset, size, msgType); 8464 10102 break; 8465 8466 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)8467 case TLSX_PRE_SHARED_KEY:8468 WOLFSSL_MSG("Pre-Shared Key extension received");8469 8470 if (!IsAtLeastTLSv1_3(ssl->version))8471 break;8472 8473 if (IsAtLeastTLSv1_3(ssl->version) &&8474 msgType != client_hello && msgType != server_hello) {8475 return EXT_NOT_ALLOWED;8476 }8477 ret = PSK_PARSE(ssl, input + offset, size, msgType);8478 break;8479 8480 case TLSX_PSK_KEY_EXCHANGE_MODES:8481 WOLFSSL_MSG("PSK Key Exchange Modes extension received");8482 8483 if (!IsAtLeastTLSv1_3(ssl->version))8484 break;8485 8486 if (IsAtLeastTLSv1_3(ssl->version) &&8487 msgType != client_hello) {8488 return EXT_NOT_ALLOWED;8489 }8490 ret = PKM_PARSE(ssl, input + offset, size, msgType);8491 break;8492 #endif8493 8494 #ifdef WOLFSSL_EARLY_DATA8495 case TLSX_EARLY_DATA:8496 WOLFSSL_MSG("Early Data extension received");8497 8498 if (!IsAtLeastTLSv1_3(ssl->version))8499 break;8500 8501 if (IsAtLeastTLSv1_3(ssl->version) &&8502 msgType != client_hello && msgType != session_ticket &&8503 msgType != encrypted_extensions) {8504 return EXT_NOT_ALLOWED;8505 }8506 ret = EDI_PARSE(ssl, input + offset, size, msgType);8507 break;8508 #endif8509 8510 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH8511 case TLSX_POST_HANDSHAKE_AUTH:8512 WOLFSSL_MSG("PSK Key Exchange Modes extension received");8513 8514 if (!IsAtLeastTLSv1_3(ssl->version))8515 break;8516 8517 if (IsAtLeastTLSv1_3(ssl->version) &&8518 msgType != client_hello) {8519 return EXT_NOT_ALLOWED;8520 }8521 ret = PHA_PARSE(ssl, input + offset, size, msgType);8522 break;8523 #endif8524 10103 #endif 8525 10104 } … … 8550 10129 8551 10130 #ifndef NO_OLD_TLS 8552 10131 #ifdef WOLFSSL_ALLOW_TLSV10 8553 10132 WOLFSSL_METHOD* wolfTLSv1_client_method(void) 8554 10133 { 8555 10134 return wolfTLSv1_client_method_ex(NULL); 8556 10135 } 8557 8558 8559 WOLFSSL_METHOD* wolfTLSv1_1_client_method(void)8560 {8561 return wolfTLSv1_1_client_method_ex(NULL);8562 }8563 8564 10136 WOLFSSL_METHOD* wolfTLSv1_client_method_ex(void* heap) 8565 10137 { … … 8567 10139 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 8568 10140 heap, DYNAMIC_TYPE_METHOD); 10141 (void)heap; 10142 WOLFSSL_ENTER("TLSv1_client_method_ex"); 8569 10143 if (method) 8570 10144 InitSSL_Method(method, MakeTLSv1()); 8571 10145 return method; 8572 10146 } 8573 8574 10147 #endif /* WOLFSSL_ALLOW_TLSV10 */ 10148 10149 WOLFSSL_METHOD* wolfTLSv1_1_client_method(void) 10150 { 10151 return wolfTLSv1_1_client_method_ex(NULL); 10152 } 8575 10153 WOLFSSL_METHOD* wolfTLSv1_1_client_method_ex(void* heap) 8576 10154 { … … 8578 10156 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 8579 10157 heap, DYNAMIC_TYPE_METHOD); 10158 (void)heap; 10159 WOLFSSL_ENTER("TLSv1_1_client_method_ex"); 8580 10160 if (method) 8581 10161 InitSSL_Method(method, MakeTLSv1_1()); 8582 10162 return method; 8583 10163 } 8584 8585 10164 #endif /* !NO_OLD_TLS */ 8586 10165 8587 10166 #ifndef WOLFSSL_NO_TLS12 8588 10167 WOLFSSL_METHOD* wolfTLSv1_2_client_method(void) 8589 10168 { 8590 10169 return wolfTLSv1_2_client_method_ex(NULL); 8591 10170 } 8592 8593 10171 WOLFSSL_METHOD* wolfTLSv1_2_client_method_ex(void* heap) 8594 10172 { … … 8597 10175 heap, DYNAMIC_TYPE_METHOD); 8598 10176 (void)heap; 10177 WOLFSSL_ENTER("TLSv1_2_client_method_ex"); 8599 10178 if (method) 8600 10179 InitSSL_Method(method, MakeTLSv1_2()); 8601 10180 return method; 8602 10181 } 10182 #endif /* WOLFSSL_NO_TLS12 */ 8603 10183 8604 10184 #ifdef WOLFSSL_TLS13 … … 8623 10203 DYNAMIC_TYPE_METHOD); 8624 10204 (void)heap; 10205 WOLFSSL_ENTER("TLSv1_3_client_method_ex"); 8625 10206 if (method) 8626 10207 InitSSL_Method(method, MakeTLSv1_3()); … … 8629 10210 #endif /* WOLFSSL_TLS13 */ 8630 10211 8631 8632 WOLFSSL_METHOD* wolfSSLv23_client_method(void) 10212 #ifdef WOLFSSL_DTLS 10213 10214 WOLFSSL_METHOD* wolfDTLS_client_method(void) 8633 10215 { 8634 return wolfSSLv23_client_method_ex(NULL); 8635 } 8636 8637 8638 WOLFSSL_METHOD* wolfSSLv23_client_method_ex(void* heap) 10216 return wolfDTLS_client_method_ex(NULL); 10217 } 10218 WOLFSSL_METHOD* wolfDTLS_client_method_ex(void* heap) 8639 10219 { 8640 10220 WOLFSSL_METHOD* method = … … 8642 10222 heap, DYNAMIC_TYPE_METHOD); 8643 10223 (void)heap; 10224 WOLFSSL_ENTER("DTLS_client_method_ex"); 8644 10225 if (method) { 8645 #if !defined(NO_SHA256) || defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) 8646 #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NGINX) 8647 InitSSL_Method(method, MakeTLSv1_3()); 10226 #if !defined(WOLFSSL_NO_TLS12) 10227 InitSSL_Method(method, MakeDTLSv1_2()); 10228 #elif !defined(NO_OLD_TLS) 10229 InitSSL_Method(method, MakeDTLSv1()); 8648 10230 #else 8649 InitSSL_Method(method, MakeTLSv1_2()); 8650 #endif 8651 #else 10231 #error No DTLS version enabled! 10232 #endif 10233 10234 method->downgrade = 1; 10235 method->side = WOLFSSL_CLIENT_END; 10236 } 10237 return method; 10238 } 10239 8652 10240 #ifndef NO_OLD_TLS 8653 InitSSL_Method(method, MakeTLSv1_1()); 8654 #endif 8655 #endif 10241 WOLFSSL_METHOD* wolfDTLSv1_client_method(void) 10242 { 10243 return wolfDTLSv1_client_method_ex(NULL); 10244 } 10245 WOLFSSL_METHOD* wolfDTLSv1_client_method_ex(void* heap) 10246 { 10247 WOLFSSL_METHOD* method = 10248 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 10249 heap, DYNAMIC_TYPE_METHOD); 10250 (void)heap; 10251 WOLFSSL_ENTER("DTLSv1_client_method_ex"); 10252 if (method) 10253 InitSSL_Method(method, MakeDTLSv1()); 10254 return method; 10255 } 10256 #endif /* NO_OLD_TLS */ 10257 10258 #ifndef WOLFSSL_NO_TLS12 10259 WOLFSSL_METHOD* wolfDTLSv1_2_client_method(void) 10260 { 10261 return wolfDTLSv1_2_client_method_ex(NULL); 10262 } 10263 WOLFSSL_METHOD* wolfDTLSv1_2_client_method_ex(void* heap) 10264 { 10265 WOLFSSL_METHOD* method = 10266 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 10267 heap, DYNAMIC_TYPE_METHOD); 10268 (void)heap; 10269 WOLFSSL_ENTER("DTLSv1_2_client_method_ex"); 10270 if (method) 10271 InitSSL_Method(method, MakeDTLSv1_2()); 10272 (void)heap; 10273 return method; 10274 } 10275 #endif /* !WOLFSSL_NO_TLS12 */ 10276 #endif /* WOLFSSL_DTLS */ 10277 10278 #endif /* NO_WOLFSSL_CLIENT */ 10279 10280 10281 /* EITHER SIDE METHODS */ 10282 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) 8656 10283 #ifndef NO_OLD_TLS 8657 method->downgrade = 1; 8658 #endif 8659 } 8660 return method; 8661 } 8662 8663 #endif /* NO_WOLFSSL_CLIENT */ 8664 10284 #ifdef WOLFSSL_ALLOW_TLSV10 10285 /* Gets a WOLFSL_METHOD type that is not set as client or server 10286 * 10287 * Returns a pointer to a WOLFSSL_METHOD struct 10288 */ 10289 WOLFSSL_METHOD* wolfTLSv1_method(void) 10290 { 10291 return wolfTLSv1_method_ex(NULL); 10292 } 10293 WOLFSSL_METHOD* wolfTLSv1_method_ex(void* heap) 10294 { 10295 WOLFSSL_METHOD* m; 10296 WOLFSSL_ENTER("TLSv1_method"); 10297 #ifndef NO_WOLFSSL_CLIENT 10298 m = wolfTLSv1_client_method_ex(heap); 10299 #else 10300 m = wolfTLSv1_server_method_ex(heap); 10301 #endif 10302 if (m != NULL) { 10303 m->side = WOLFSSL_NEITHER_END; 10304 } 10305 10306 return m; 10307 } 10308 #endif /* WOLFSSL_ALLOW_TLSV10 */ 10309 10310 /* Gets a WOLFSL_METHOD type that is not set as client or server 10311 * 10312 * Returns a pointer to a WOLFSSL_METHOD struct 10313 */ 10314 WOLFSSL_METHOD* wolfTLSv1_1_method(void) 10315 { 10316 return wolfTLSv1_1_method_ex(NULL); 10317 } 10318 WOLFSSL_METHOD* wolfTLSv1_1_method_ex(void* heap) 10319 { 10320 WOLFSSL_METHOD* m; 10321 WOLFSSL_ENTER("TLSv1_1_method"); 10322 #ifndef NO_WOLFSSL_CLIENT 10323 m = wolfTLSv1_1_client_method_ex(heap); 10324 #else 10325 m = wolfTLSv1_1_server_method_ex(heap); 10326 #endif 10327 if (m != NULL) { 10328 m->side = WOLFSSL_NEITHER_END; 10329 } 10330 return m; 10331 } 10332 #endif /* !NO_OLD_TLS */ 10333 10334 #ifndef WOLFSSL_NO_TLS12 10335 /* Gets a WOLFSL_METHOD type that is not set as client or server 10336 * 10337 * Returns a pointer to a WOLFSSL_METHOD struct 10338 */ 10339 WOLFSSL_METHOD* wolfTLSv1_2_method(void) 10340 { 10341 return wolfTLSv1_2_method_ex(NULL); 10342 } 10343 WOLFSSL_METHOD* wolfTLSv1_2_method_ex(void* heap) 10344 { 10345 WOLFSSL_METHOD* m; 10346 WOLFSSL_ENTER("TLSv1_2_method"); 10347 #ifndef NO_WOLFSSL_CLIENT 10348 m = wolfTLSv1_2_client_method_ex(heap); 10349 #else 10350 m = wolfTLSv1_2_server_method_ex(heap); 10351 #endif 10352 if (m != NULL) { 10353 m->side = WOLFSSL_NEITHER_END; 10354 } 10355 return m; 10356 } 10357 #endif /* !WOLFSSL_NO_TLS12 */ 10358 10359 #ifdef WOLFSSL_DTLS 10360 WOLFSSL_METHOD* wolfDTLS_method(void) 10361 { 10362 return wolfDTLS_method_ex(NULL); 10363 } 10364 WOLFSSL_METHOD* wolfDTLS_method_ex(void* heap) 10365 { 10366 WOLFSSL_METHOD* m; 10367 WOLFSSL_ENTER("DTLS_method_ex"); 10368 #ifndef NO_WOLFSSL_CLIENT 10369 m = wolfDTLS_client_method_ex(heap); 10370 #else 10371 m = wolfDTLS_server_method_ex(heap); 10372 #endif 10373 if (m != NULL) { 10374 m->side = WOLFSSL_NEITHER_END; 10375 } 10376 return m; 10377 } 10378 10379 #ifndef NO_OLD_TLS 10380 WOLFSSL_METHOD* wolfDTLSv1_method(void) 10381 { 10382 return wolfDTLSv1_method_ex(NULL); 10383 } 10384 WOLFSSL_METHOD* wolfDTLSv1_method_ex(void* heap) 10385 { 10386 WOLFSSL_METHOD* m; 10387 WOLFSSL_ENTER("DTLSv1_method_ex"); 10388 #ifndef NO_WOLFSSL_CLIENT 10389 m = wolfDTLSv1_client_method_ex(heap); 10390 #else 10391 m = wolfDTLSv1_server_method_ex(heap); 10392 #endif 10393 if (m != NULL) { 10394 m->side = WOLFSSL_NEITHER_END; 10395 } 10396 return m; 10397 } 10398 #endif /* !NO_OLD_TLS */ 10399 #ifndef WOLFSSL_NO_TLS12 10400 WOLFSSL_METHOD* wolfDTLSv1_2_method(void) 10401 { 10402 return wolfDTLSv1_2_method_ex(NULL); 10403 } 10404 WOLFSSL_METHOD* wolfDTLSv1_2_method_ex(void* heap) 10405 { 10406 WOLFSSL_METHOD* m; 10407 WOLFSSL_ENTER("DTLSv1_2_method"); 10408 #ifndef NO_WOLFSSL_CLIENT 10409 m = wolfDTLSv1_2_client_method_ex(heap); 10410 #else 10411 m = wolfDTLSv1_2_server_method_ex(heap); 10412 #endif 10413 if (m != NULL) { 10414 m->side = WOLFSSL_NEITHER_END; 10415 } 10416 return m; 10417 } 10418 #endif /* !WOLFSSL_NO_TLS12 */ 10419 #endif /* WOLFSSL_DTLS */ 10420 #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ 8665 10421 8666 10422 … … 8668 10424 8669 10425 #ifndef NO_OLD_TLS 8670 10426 #ifdef WOLFSSL_ALLOW_TLSV10 8671 10427 WOLFSSL_METHOD* wolfTLSv1_server_method(void) 8672 10428 { 8673 10429 return wolfTLSv1_server_method_ex(NULL); 8674 10430 } 8675 8676 8677 WOLFSSL_METHOD* wolfTLSv1_1_server_method(void)8678 {8679 return wolfTLSv1_1_server_method_ex(NULL);8680 }8681 8682 10431 WOLFSSL_METHOD* wolfTLSv1_server_method_ex(void* heap) 8683 10432 { … … 8685 10434 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 8686 10435 heap, DYNAMIC_TYPE_METHOD); 10436 (void)heap; 10437 WOLFSSL_ENTER("TLSv1_server_method_ex"); 8687 10438 if (method) { 8688 10439 InitSSL_Method(method, MakeTLSv1()); … … 8691 10442 return method; 8692 10443 } 8693 8694 10444 #endif /* WOLFSSL_ALLOW_TLSV10 */ 10445 10446 WOLFSSL_METHOD* wolfTLSv1_1_server_method(void) 10447 { 10448 return wolfTLSv1_1_server_method_ex(NULL); 10449 } 8695 10450 WOLFSSL_METHOD* wolfTLSv1_1_server_method_ex(void* heap) 8696 10451 { … … 8698 10453 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 8699 10454 heap, DYNAMIC_TYPE_METHOD); 10455 (void)heap; 10456 WOLFSSL_ENTER("TLSv1_1_server_method_ex"); 8700 10457 if (method) { 8701 10458 InitSSL_Method(method, MakeTLSv1_1()); … … 8707 10464 8708 10465 10466 #ifndef WOLFSSL_NO_TLS12 8709 10467 WOLFSSL_METHOD* wolfTLSv1_2_server_method(void) 8710 10468 { 8711 10469 return wolfTLSv1_2_server_method_ex(NULL); 8712 10470 } 8713 8714 10471 WOLFSSL_METHOD* wolfTLSv1_2_server_method_ex(void* heap) 8715 10472 { … … 8718 10475 heap, DYNAMIC_TYPE_METHOD); 8719 10476 (void)heap; 10477 WOLFSSL_ENTER("TLSv1_2_server_method_ex"); 8720 10478 if (method) { 8721 10479 InitSSL_Method(method, MakeTLSv1_2()); … … 8724 10482 return method; 8725 10483 } 10484 #endif /* !WOLFSSL_NO_TLS12 */ 8726 10485 8727 10486 #ifdef WOLFSSL_TLS13 … … 8746 10505 heap, DYNAMIC_TYPE_METHOD); 8747 10506 (void)heap; 10507 WOLFSSL_ENTER("TLSv1_3_server_method_ex"); 8748 10508 if (method) { 8749 10509 InitSSL_Method(method, MakeTLSv1_3()); … … 8754 10514 #endif /* WOLFSSL_TLS13 */ 8755 10515 8756 WOLFSSL_METHOD* wolfSSLv23_server_method(void) 10516 #ifdef WOLFSSL_DTLS 10517 WOLFSSL_METHOD* wolfDTLS_server_method(void) 8757 10518 { 8758 return wolfSSLv23_server_method_ex(NULL); 8759 } 8760 8761 WOLFSSL_METHOD* wolfSSLv23_server_method_ex(void* heap) 10519 return wolfDTLS_server_method_ex(NULL); 10520 } 10521 WOLFSSL_METHOD* wolfDTLS_server_method_ex(void* heap) 8762 10522 { 8763 10523 WOLFSSL_METHOD* method = … … 8765 10525 heap, DYNAMIC_TYPE_METHOD); 8766 10526 (void)heap; 10527 WOLFSSL_ENTER("DTLS_server_method_ex"); 8767 10528 if (method) { 8768 #if !defined(NO_SHA256) || defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) 8769 #ifdef WOLFSSL_TLS13 8770 InitSSL_Method(method, MakeTLSv1_3()); 8771 #else 8772 InitSSL_Method(method, MakeTLSv1_2()); 8773 #endif 8774 #else 10529 #if !defined(WOLFSSL_NO_TLS12) 10530 InitSSL_Method(method, MakeDTLSv1_2()); 10531 #elif !defined(NO_OLD_TLS) 10532 InitSSL_Method(method, MakeDTLSv1()); 10533 #else 10534 #error No DTLS version enabled! 10535 #endif 10536 10537 method->downgrade = 1; 10538 method->side = WOLFSSL_SERVER_END; 10539 } 10540 return method; 10541 } 10542 8775 10543 #ifndef NO_OLD_TLS 8776 InitSSL_Method(method, MakeTLSv1_1()); 8777 #else 8778 #error Must have SHA256, SHA384 or SHA512 enabled for TLS 1.2 8779 #endif 8780 #endif 8781 #ifndef NO_OLD_TLS 8782 method->downgrade = 1; 8783 #endif 8784 method->side = WOLFSSL_SERVER_END; 10544 WOLFSSL_METHOD* wolfDTLSv1_server_method(void) 10545 { 10546 return wolfDTLSv1_server_method_ex(NULL); 10547 } 10548 WOLFSSL_METHOD* wolfDTLSv1_server_method_ex(void* heap) 10549 { 10550 WOLFSSL_METHOD* method = 10551 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 10552 heap, DYNAMIC_TYPE_METHOD); 10553 (void)heap; 10554 WOLFSSL_ENTER("DTLSv1_server_method_ex"); 10555 if (method) { 10556 InitSSL_Method(method, MakeDTLSv1()); 10557 method->side = WOLFSSL_SERVER_END; 8785 10558 } 8786 10559 return method; 8787 10560 } 8788 10561 #endif /* !NO_OLD_TLS */ 10562 10563 #ifndef WOLFSSL_NO_TLS12 10564 WOLFSSL_METHOD* wolfDTLSv1_2_server_method(void) 10565 { 10566 return wolfDTLSv1_2_server_method_ex(NULL); 10567 } 10568 WOLFSSL_METHOD* wolfDTLSv1_2_server_method_ex(void* heap) 10569 { 10570 WOLFSSL_METHOD* method = 10571 (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 10572 heap, DYNAMIC_TYPE_METHOD); 10573 WOLFSSL_ENTER("DTLSv1_2_server_method_ex"); 10574 (void)heap; 10575 if (method) { 10576 InitSSL_Method(method, MakeDTLSv1_2()); 10577 method->side = WOLFSSL_SERVER_END; 10578 } 10579 (void)heap; 10580 return method; 10581 } 10582 #endif /* !WOLFSSL_NO_TLS12 */ 10583 #endif /* WOLFSSL_DTLS */ 8789 10584 8790 10585 #endif /* NO_WOLFSSL_SERVER */ 10586 8791 10587 #endif /* NO_TLS */ 8792 10588 #endif /* WOLFCRYPT_ONLY */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src/tls13.c
r337 r372 22 22 23 23 /* 24 * WOLFSSL_TLS13_DRAFT_18 25 * Conform with Draft 18 of the TLS v1.3 specification. 24 * BUILD_GCM 25 * Enables AES-GCM ciphersuites. 26 * HAVE_AESCCM 27 * Enables AES-CCM ciphersuites. 28 * HAVE_SESSION_TICKET 29 * Enables session tickets - required for TLS 1.3 resumption. 30 * NO_PSK 31 * Do not enable Pre-Shared Keys. 32 * TLS13_SUPPORTS_EXPORTERS 33 * Gaurd to compile out any code for exporter keys. 34 * Feature not supported yet. 35 * WOLFSSL_ASYNC_CRYPT 36 * Enables the use of asynchornous cryptographic operations. 37 * This is available for ciphers and certificates. 38 * HAVE_CHACHA && HAVE_POLY1305 39 * Enables use of CHACHA20-POLY1305 ciphersuites. 40 * WOLFSSL_DEBUG_TLS 41 * Writes out details of TLS 1.3 protocol including hanshake message buffers 42 * and key generation input and output. 26 43 * WOLFSSL_EARLY_DATA 27 44 * Allow 0-RTT Handshake using Early Data extensions and handshake message 45 * WOLFSSL_EARLY_DATA_GROUP 46 * Group EarlyData message with ClientHello when sending 47 * WOLFSSL_NO_SERVER_GROUPS_EXT 48 * Do not send the server's groups in an extension when the server's top 49 * preference is not in client's list. 28 50 * WOLFSSL_POST_HANDSHAKE_AUTH 29 51 * Allow TLS v1.3 code to perform post-handshake authentication of the 30 52 * client. 53 * WOLFSSL_SEND_HRR_COOKIE 54 * Send a cookie in hello_retry_request message to enable stateless tracking 55 * of ClientHello replies. 56 * WOLFSSL_TLS13 57 * Enable TLS 1.3 protocol implementation. 58 * WOLFSSL_TLS13_DRAFT_18 59 * Conform with Draft 18 of the TLS v1.3 specification. 60 * WOLFSSL_TLS13_DRAFT_22 61 * Conform with Draft 22 of the TLS v1.3 specification. 62 * WOLFSSL_TLS13_DRAFT_23 63 * Conform with Draft 23 of the TLS v1.3 specification. 64 * WOLFSSL_TLS13_MIDDLEBOX_COMPAT 65 * Enable middlebox compatability in the TLS 1.3 handshake. 66 * This includes sending ChangeCipherSpec before encrypted messages and 67 * including a session id. 68 * WOLFSSL_TLS13_SHA512 69 * Allow generation of SHA-512 digests in handshake - no ciphersuite 70 * requires SHA-512 at this time. 31 71 * WOLFSSL_TLS13_TICKET_BEFORE_FINISHED 32 72 * Allow a NewSessionTicket message to be sent by server before Client's 33 73 * Finished message. 34 * See TLS v.13 specification, Section 4.6.1, Paragraph 4 (Note). 35 * TLS13_SUPPORTS_EXPORTERS 36 * Gaurd to compile out any code for exporter keys. 37 * Feature not supported yet. 74 * See TLS v1.3 specification, Section 4.6.1, Paragraph 4 (Note). 38 75 */ 39 76 … … 46 83 #ifdef WOLFSSL_TLS13 47 84 #ifdef HAVE_SESSION_TICKET 48 #include < sys/time.h>85 #include <wolfssl/wolfcrypt/wc_port.h> 49 86 #endif 50 87 … … 94 131 #endif 95 132 133 #ifndef HAVE_HKDF 134 #error The build option HAVE_HKDF is required for TLS 1.3 135 #endif 136 137 96 138 /* Set ret to error value and jump to label. 97 139 * … … 135 177 #endif 136 178 137 #ifdef WOLFSSL_TLS13_ TLS13_SHA512179 #ifdef WOLFSSL_TLS13_SHA512 138 180 case sha512_mac: 139 181 hash = WC_SHA512; … … 170 212 * 171 213 * okm The generated pseudorandom key - output key material. 214 * okmLen The length of generated pseudorandom key - output key material. 172 215 * prk The salt - pseudo-random key. 173 216 * prkLen The length of the salt - pseudo-random key. … … 191 234 192 235 /* Output length. */ 193 data[idx++] = okmLen >> 8;194 data[idx++] = okmLen;236 data[idx++] = (byte)(okmLen >> 8); 237 data[idx++] = (byte)okmLen; 195 238 /* Length of protocol | label. */ 196 data[idx++] = protocolLen + labelLen;239 data[idx++] = (byte)(protocolLen + labelLen); 197 240 /* Protocol */ 198 241 XMEMCPY(&data[idx], protocol, protocolLen); … … 202 245 idx += labelLen; 203 246 /* Length of hash of messages */ 204 data[idx++] = infoLen;247 data[idx++] = (byte)infoLen; 205 248 /* Hash of messages */ 206 249 XMEMCPY(&data[idx], info, infoLen); … … 257 300 byte* msg, int msgLen, int hashAlgo) 258 301 { 259 byte hash[ MAX_DIGEST_SIZE];302 byte hash[WC_MAX_DIGEST_SIZE]; 260 303 Digest digest; 261 304 word32 hashSz = 0; 262 305 const byte* protocol; 263 306 word32 protocolLen; 264 int digestAlg ;307 int digestAlg = -1; 265 308 int ret = BAD_FUNC_ARG; 266 309 … … 305 348 break; 306 349 #endif 307 } 350 default: 351 digestAlg = -1; 352 break; 353 } 354 355 if (digestAlg < 0) 356 return HASH_TYPE_E; 308 357 309 358 if (ret != 0) … … 345 394 { 346 395 int ret = 0; 347 byte hash[ MAX_DIGEST_SIZE];396 byte hash[WC_MAX_DIGEST_SIZE]; 348 397 word32 hashSz = 0; 349 398 word32 hashOutSz = 0; … … 808 857 #endif 809 858 } 859 860 #ifndef WOLFSSL_TLS13_DRAFT_18 861 #if defined(HAVE_SESSION_TICKET) 862 /* Length of the resumption label. */ 863 #define RESUMPTION_LABEL_SZ 10 864 /* Resumption label for generating PSK assocated with the ticket. */ 865 static const byte resumptionLabel[RESUMPTION_LABEL_SZ+1] = "resumption"; 866 /* Derive the PSK assocated with the ticket. 867 * 868 * ssl The SSL/TLS object. 869 * nonce The nonce to derive with. 870 * nonceLen The length of the nonce to derive with. 871 * secret The derived secret. 872 * returns 0 on success, otherwise failure. 873 */ 874 static int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, 875 byte* secret) 876 { 877 int digestAlg; 878 /* Only one protocol version defined at this time. */ 879 const byte* protocol = tls13ProtocolLabel; 880 word32 protocolLen = TLS13_PROTOCOL_LABEL_SZ; 881 882 WOLFSSL_MSG("Derive Resumption PSK"); 883 884 switch (ssl->specs.mac_algorithm) { 885 #ifndef NO_SHA256 886 case sha256_mac: 887 digestAlg = WC_SHA256; 888 break; 889 #endif 890 891 #ifdef WOLFSSL_SHA384 892 case sha384_mac: 893 digestAlg = WC_SHA384; 894 break; 895 #endif 896 897 #ifdef WOLFSSL_TLS13_SHA512 898 case sha512_mac: 899 digestAlg = WC_SHA512; 900 break; 901 #endif 902 903 default: 904 return BAD_FUNC_ARG; 905 } 906 907 return HKDF_Expand_Label(secret, ssl->specs.hash_size, 908 ssl->session.masterSecret, ssl->specs.hash_size, 909 protocol, protocolLen, resumptionLabel, 910 RESUMPTION_LABEL_SZ, nonce, nonceLen, digestAlg); 911 } 912 #endif /* HAVE_SESSION_TICKET */ 913 #endif /* WOLFSSL_TLS13_DRAFT_18 */ 914 810 915 811 916 /* Calculate the HMAC of message data to this point. … … 897 1002 static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store) 898 1003 { 899 int ret ;1004 int ret = BAD_FUNC_ARG; /* Assume failure */ 900 1005 int i = 0; 901 1006 #ifdef WOLFSSL_SMALL_STACK … … 925 1030 #ifdef WOLFSSL_EARLY_DATA 926 1031 case early_data_key: 927 ret = DeriveEarlyTrafficSecret(ssl, ssl-> arrays->clientSecret);1032 ret = DeriveEarlyTrafficSecret(ssl, ssl->clientSecret); 928 1033 if (ret != 0) 929 1034 goto end; … … 934 1039 if (provision & PROVISION_CLIENT) { 935 1040 ret = DeriveClientHandshakeSecret(ssl, 936 ssl-> arrays->clientSecret);1041 ssl->clientSecret); 937 1042 if (ret != 0) 938 1043 goto end; … … 940 1045 if (provision & PROVISION_SERVER) { 941 1046 ret = DeriveServerHandshakeSecret(ssl, 942 ssl-> arrays->serverSecret);1047 ssl->serverSecret); 943 1048 if (ret != 0) 944 1049 goto end; … … 948 1053 case traffic_key: 949 1054 if (provision & PROVISION_CLIENT) { 950 ret = DeriveClientTrafficSecret(ssl, ssl-> arrays->clientSecret);1055 ret = DeriveClientTrafficSecret(ssl, ssl->clientSecret); 951 1056 if (ret != 0) 952 1057 goto end; 953 1058 } 954 1059 if (provision & PROVISION_SERVER) { 955 ret = DeriveServerTrafficSecret(ssl, ssl-> arrays->serverSecret);1060 ret = DeriveServerTrafficSecret(ssl, ssl->serverSecret); 956 1061 if (ret != 0) 957 1062 goto end; … … 961 1066 case update_traffic_key: 962 1067 if (provision & PROVISION_CLIENT) { 963 ret = DeriveTrafficSecret(ssl, ssl-> arrays->clientSecret);1068 ret = DeriveTrafficSecret(ssl, ssl->clientSecret); 964 1069 if (ret != 0) 965 1070 goto end; 966 1071 } 967 1072 if (provision & PROVISION_SERVER) { 968 ret = DeriveTrafficSecret(ssl, ssl-> arrays->serverSecret);1073 ret = DeriveTrafficSecret(ssl, ssl->serverSecret); 969 1074 if (ret != 0) 970 1075 goto end; … … 982 1087 WOLFSSL_MSG("Derive Client Key"); 983 1088 ret = DeriveKey(ssl, &key_dig[i], ssl->specs.key_size, 984 ssl-> arrays->clientSecret, writeKeyLabel,1089 ssl->clientSecret, writeKeyLabel, 985 1090 WRITE_KEY_LABEL_SZ, ssl->specs.mac_algorithm, 0); 986 1091 if (ret != 0) … … 993 1098 WOLFSSL_MSG("Derive Server Key"); 994 1099 ret = DeriveKey(ssl, &key_dig[i], ssl->specs.key_size, 995 ssl-> arrays->serverSecret, writeKeyLabel,1100 ssl->serverSecret, writeKeyLabel, 996 1101 WRITE_KEY_LABEL_SZ, ssl->specs.mac_algorithm, 0); 997 1102 if (ret != 0) … … 1004 1109 WOLFSSL_MSG("Derive Client IV"); 1005 1110 ret = DeriveKey(ssl, &key_dig[i], ssl->specs.iv_size, 1006 ssl-> arrays->clientSecret, writeIVLabel,1111 ssl->clientSecret, writeIVLabel, 1007 1112 WRITE_IV_LABEL_SZ, ssl->specs.mac_algorithm, 0); 1008 1113 if (ret != 0) … … 1015 1120 WOLFSSL_MSG("Derive Server IV"); 1016 1121 ret = DeriveKey(ssl, &key_dig[i], ssl->specs.iv_size, 1017 ssl-> arrays->serverSecret, writeIVLabel,1122 ssl->serverSecret, writeIVLabel, 1018 1123 WRITE_IV_LABEL_SZ, ssl->specs.mac_algorithm, 0); 1019 1124 if (ret != 0) … … 1311 1416 rl->type = type; 1312 1417 rl->pvMajor = ssl->version.major; 1418 #ifdef WOLFSSL_TLS13_DRAFT_18 1313 1419 rl->pvMinor = TLSv1_MINOR; 1420 #else 1421 /* NOTE: May be TLSv1_MINOR when sending first ClientHello. */ 1422 rl->pvMinor = TLSv1_2_MINOR; 1423 #endif 1314 1424 c16toa((word16)length, rl->length); 1315 1425 } … … 1388 1498 * out The buffer to write into. 1389 1499 */ 1390 static INLINE void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out)1500 static WC_INLINE void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out) 1391 1501 { 1392 1502 word32 seq[2] = {0, 0}; … … 1418 1528 * order The side on which the message is to be or was sent. 1419 1529 */ 1420 static INLINE void BuildTls13Nonce(WOLFSSL* ssl, byte* nonce, const byte* iv,1530 static WC_INLINE void BuildTls13Nonce(WOLFSSL* ssl, byte* nonce, const byte* iv, 1421 1531 int order) 1422 1532 { … … 1431 1541 } 1432 1542 1433 #if def HAVE_CHACHA1543 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) 1434 1544 /* Encrypt with ChaCha20 and create authenication tag with Poly1305. 1435 1545 * … … 1440 1550 * sz The number of bytes to encrypt. 1441 1551 * nonce The nonce to use with ChaCha20. 1552 * aad The additional authentication data. 1553 * aadSz The size of the addition authentication data. 1442 1554 * tag The authentication tag buffer. 1443 1555 * returns 0 on success, otherwise failure. … … 1445 1557 static int ChaCha20Poly1305_Encrypt(WOLFSSL* ssl, byte* output, 1446 1558 const byte* input, word16 sz, byte* nonce, 1447 byte* tag)1559 const byte* aad, word16 aadSz, byte* tag) 1448 1560 { 1449 1561 int ret = 0; … … 1474 1586 return ret; 1475 1587 /* Add authentication code of encrypted data to end. */ 1476 ret = wc_Poly1305_MAC(ssl->auth.poly1305, NULL, 0, output, sz, tag,1477 POLY1305_AUTH_SZ);1588 ret = wc_Poly1305_MAC(ssl->auth.poly1305, (byte*)aad, aadSz, output, sz, 1589 tag, POLY1305_AUTH_SZ); 1478 1590 1479 1591 return ret; … … 1486 1598 * output The buffer to write encrypted data and authentication tag into. 1487 1599 * May be the same pointer as input. 1488 * input The data to encrypt.1600 * input The record header and data to encrypt. 1489 1601 * sz The number of bytes to encrypt. 1602 * aad The additional authentication data. 1603 * aadSz The size of the addition authentication data. 1490 1604 * asyncOkay If non-zero can return WC_PENDING_E, otherwise blocks on crypto 1491 1605 * returns 0 on success, otherwise failure. 1492 1606 */ 1493 1607 static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input, 1494 word16 sz, int asyncOkay)1608 word16 sz, const byte* aad, word16 aadSz, int asyncOkay) 1495 1609 { 1496 1610 int ret = 0; … … 1525 1639 WOLFSSL_MSG("Data to encrypt"); 1526 1640 WOLFSSL_BUFFER(input, dataSz); 1641 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) && \ 1642 !defined(WOLFSSL_TLS13_DRAFT_23) 1643 WOLFSSL_MSG("Additional Authentication Data"); 1644 WOLFSSL_BUFFER(aad, aadSz); 1645 #endif 1527 1646 #endif 1528 1647 … … 1547 1666 case wolfssl_aes_gcm: 1548 1667 #ifdef WOLFSSL_ASYNC_CRYPT 1549 /* in tialize event */1668 /* initialize event */ 1550 1669 asyncDev = &ssl->encrypt.aes->asyncDev; 1551 1670 ret = wolfSSL_AsyncInit(ssl, asyncDev, event_flags); … … 1557 1676 ret = wc_AesGcmEncrypt(ssl->encrypt.aes, output, input, 1558 1677 dataSz, ssl->encrypt.nonce, nonceSz, 1559 output + dataSz, macSz, NULL, 0);1678 output + dataSz, macSz, aad, aadSz); 1560 1679 break; 1561 1680 #endif … … 1564 1683 case wolfssl_aes_ccm: 1565 1684 #ifdef WOLFSSL_ASYNC_CRYPT 1566 /* in tialize event */1685 /* initialize event */ 1567 1686 asyncDev = &ssl->encrypt.aes->asyncDev; 1568 1687 ret = wolfSSL_AsyncInit(ssl, asyncDev, event_flags); … … 1574 1693 ret = wc_AesCcmEncrypt(ssl->encrypt.aes, output, input, 1575 1694 dataSz, ssl->encrypt.nonce, nonceSz, 1576 output + dataSz, macSz, NULL, 0);1695 output + dataSz, macSz, aad, aadSz); 1577 1696 break; 1578 1697 #endif … … 1581 1700 case wolfssl_chacha: 1582 1701 ret = ChaCha20Poly1305_Encrypt(ssl, output, input, dataSz, 1583 ssl->encrypt.nonce, output + dataSz);1702 ssl->encrypt.nonce, aad, aadSz, output + dataSz); 1584 1703 break; 1585 1704 #endif … … 1631 1750 } 1632 1751 1633 #if def HAVE_CHACHA1752 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) 1634 1753 /* Decrypt with ChaCha20 and check authenication tag with Poly1305. 1635 1754 * … … 1640 1759 * sz The number of bytes to decrypt. 1641 1760 * nonce The nonce to use with ChaCha20. 1761 * aad The additional authentication data. 1762 * aadSz The size of the addition authentication data. 1642 1763 * tagIn The authentication tag data from packet. 1643 1764 * returns 0 on success, otherwise failure. … … 1645 1766 static int ChaCha20Poly1305_Decrypt(WOLFSSL* ssl, byte* output, 1646 1767 const byte* input, word16 sz, byte* nonce, 1768 const byte* aad, word16 aadSz, 1647 1769 const byte* tagIn) 1648 1770 { … … 1669 1791 return ret; 1670 1792 /* Generate authentication tag for encrypted data. */ 1671 if ((ret = wc_Poly1305_MAC(ssl->auth.poly1305, NULL, 0, (byte*)input, sz,1672 tag, sizeof(tag))) != 0) {1793 if ((ret = wc_Poly1305_MAC(ssl->auth.poly1305, (byte*)aad, aadSz, 1794 (byte*)input, sz, tag, sizeof(tag))) != 0) { 1673 1795 return ret; 1674 1796 } … … 1692 1814 * output The buffer to write decrypted data into. 1693 1815 * May be the same pointer as input. 1694 * input The data to encrypt and authentication tag.1816 * input The data to decrypt and authentication tag. 1695 1817 * sz The length of the encrypted data plus authentication tag. 1818 * aad The additional authentication data. 1819 * aadSz The size of the addition authentication data. 1696 1820 * returns 0 on success, otherwise failure. 1697 1821 */ 1698 int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz) 1822 int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz, 1823 const byte* aad, word16 aadSz) 1699 1824 { 1700 1825 int ret = 0; … … 1737 1862 WOLFSSL_MSG("Data to decrypt"); 1738 1863 WOLFSSL_BUFFER(input, dataSz); 1864 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) && \ 1865 !defined(WOLFSSL_TLS13_DRAFT_23) 1866 WOLFSSL_MSG("Additional Authentication Data"); 1867 WOLFSSL_BUFFER(aad, aadSz); 1868 #endif 1739 1869 WOLFSSL_MSG("Authentication tag"); 1740 1870 WOLFSSL_BUFFER(input + dataSz, macSz); … … 1761 1891 case wolfssl_aes_gcm: 1762 1892 #ifdef WOLFSSL_ASYNC_CRYPT 1763 /* in tialize event */1893 /* initialize event */ 1764 1894 ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.aes->asyncDev, 1765 1895 WC_ASYNC_FLAG_CALL_AGAIN); … … 1771 1901 ret = wc_AesGcmDecrypt(ssl->decrypt.aes, output, input, 1772 1902 dataSz, ssl->decrypt.nonce, nonceSz, 1773 input + dataSz, macSz, NULL, 0);1903 input + dataSz, macSz, aad, aadSz); 1774 1904 #ifdef WOLFSSL_ASYNC_CRYPT 1775 1905 if (ret == WC_PENDING_E) { … … 1784 1914 case wolfssl_aes_ccm: 1785 1915 #ifdef WOLFSSL_ASYNC_CRYPT 1786 /* in tialize event */1916 /* initialize event */ 1787 1917 ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.aes->asyncDev, 1788 1918 WC_ASYNC_FLAG_CALL_AGAIN); … … 1794 1924 ret = wc_AesCcmDecrypt(ssl->decrypt.aes, output, input, 1795 1925 dataSz, ssl->decrypt.nonce, nonceSz, 1796 input + dataSz, macSz, NULL, 0);1926 input + dataSz, macSz, aad, aadSz); 1797 1927 #ifdef WOLFSSL_ASYNC_CRYPT 1798 1928 if (ret == WC_PENDING_E) { … … 1807 1937 case wolfssl_chacha: 1808 1938 ret = ChaCha20Poly1305_Decrypt(ssl, output, input, dataSz, 1809 ssl->decrypt.nonce, input + dataSz);1939 ssl->decrypt.nonce, aad, aadSz, input + dataSz); 1810 1940 break; 1811 1941 #endif … … 1932 2062 case BUILD_MSG_BEGIN: 1933 2063 { 1934 if (output == NULL || input == NULL)1935 return BAD_FUNC_ARG;1936 2064 /* catch mistaken sizeOnly parameter */ 1937 if (sizeOnly && (output || input)) { 1938 WOLFSSL_MSG("BuildTls13Message with sizeOnly doesn't need " 1939 "input or output"); 2065 if (sizeOnly) { 2066 if (output || input) { 2067 WOLFSSL_MSG("BuildTls13Message with sizeOnly " 2068 "doesn't need input or output"); 2069 return BAD_FUNC_ARG; 2070 } 2071 } 2072 else if (output == NULL || input == NULL) { 1940 2073 return BAD_FUNC_ARG; 1941 2074 } … … 1986 2119 { 1987 2120 /* The real record content type goes at the end of the data. */ 1988 output[args->idx++] = type;2121 output[args->idx++] = (byte)type; 1989 2122 1990 2123 #ifdef ATOMIC_USER … … 2000 2133 #endif 2001 2134 { 2135 #if defined(WOLFSSL_TLS13_DRAFT_18) || defined(WOLFSSL_TLS13_DRAFT_22) || \ 2136 defined(WOLFSSL_TLS13_DRAFT_23) 2002 2137 output += args->headerSz; 2003 ret = EncryptTls13(ssl, output, output, args->size, asyncOkay); 2138 ret = EncryptTls13(ssl, output, output, args->size, NULL, 0, 2139 asyncOkay); 2140 #else 2141 const byte* aad = output; 2142 output += args->headerSz; 2143 ret = EncryptTls13(ssl, output, output, args->size, aad, 2144 RECORD_HEADER_SZ, asyncOkay); 2145 #endif 2004 2146 } 2005 2147 break; … … 2030 2172 } 2031 2173 2032 #ifndef NO_WOLFSSL_CLIENT2033 2174 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 2034 /* Setup pre-shared key based on the details in the extension data. 2035 * 2036 * ssl SSL/TLS object. 2037 * psk Pre-shared key extension data. 2038 * returns 0 on success, PSK_KEY_ERROR when the client PSK callback fails and 2039 * other negative value on failure. 2040 */ 2041 static int SetupPskKey(WOLFSSL* ssl, PreSharedKey* psk) 2042 { 2043 int ret; 2044 2045 ssl->options.cipherSuite0 = psk->cipherSuite0; 2046 ssl->options.cipherSuite = psk->cipherSuite; 2047 if ((ret = SetCipherSpecs(ssl)) != 0) 2048 return ret; 2049 2050 #ifdef HAVE_SESSION_TICKET 2051 if (psk->resumption) { 2052 #ifdef WOLFSSL_EARLY_DATA 2053 if (ssl->session.maxEarlyDataSz == 0) 2054 ssl->earlyData = 0; 2055 #endif 2056 /* Resumption PSK is master secret. */ 2057 ssl->arrays->psk_keySz = ssl->specs.hash_size; 2058 XMEMCPY(ssl->arrays->psk_key, ssl->session.masterSecret, 2059 ssl->arrays->psk_keySz); 2060 } 2061 #endif 2062 #ifndef NO_PSK 2063 if (!psk->resumption) { 2064 /* Get the pre-shared key. */ 2065 ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl, 2066 (char *)psk->identity, ssl->arrays->client_identity, 2067 MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN); 2068 if (ssl->arrays->psk_keySz == 0 || 2069 ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) { 2070 return PSK_KEY_ERROR; 2175 /* Find the cipher suite in the suites set in the SSL. 2176 * 2177 * ssl SSL/TLS object. 2178 * suite Cipher suite to look for. 2179 * returns 1 when suite is found in SSL/TLS object's list and 0 otherwise. 2180 */ 2181 static int FindSuite(WOLFSSL* ssl, byte* suite) 2182 { 2183 int i; 2184 2185 for (i = 0; i < ssl->suites->suiteSz; i += 2) { 2186 if (ssl->suites->suites[i+0] == suite[0] && 2187 ssl->suites->suites[i+1] == suite[1]) { 2188 return 1; 2071 2189 } 2072 2190 } 2073 #endif 2074 2075 /* Derive the early secret using the PSK. */ 2076 return DeriveEarlySecret(ssl); 2077 } 2078 2079 /* Derive and write the binders into the ClientHello in space left when 2080 * writing the Pre-Shared Key extension. 2081 * 2082 * ssl The SSL/TLS object. 2083 * output The buffer containing the ClientHello. 2084 * idx The index at the end of the completed ClientHello. 2085 * returns 0 on success and otherwise failure. 2086 */ 2087 static int WritePSKBinders(WOLFSSL* ssl, byte* output, word32 idx) 2088 { 2089 int ret; 2090 TLSX* ext; 2091 PreSharedKey* current; 2092 byte binderKey[MAX_DIGEST_SIZE]; 2093 word16 len; 2094 2095 ext = TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY); 2096 if (ext == NULL) 2097 return SANITY_MSG_E; 2098 2099 /* Get the size of the binders to determine where to write binders. */ 2100 idx -= TLSX_PreSharedKey_GetSizeBinders((PreSharedKey*)ext->data, 2101 client_hello); 2102 2103 /* Hash truncated ClientHello - up to binders. */ 2104 ret = HashOutput(ssl, output, idx, 0); 2105 if (ret != 0) 2106 return ret; 2107 2108 current = (PreSharedKey*)ext->data; 2109 /* Calculate the binder for each identity based on previous handshake data. 2110 */ 2111 while (current != NULL) { 2112 if ((ret = SetupPskKey(ssl, current)) != 0) 2113 return ret; 2114 2115 #ifdef HAVE_SESSION_TICKET 2116 if (current->resumption) 2117 ret = DeriveBinderKeyResume(ssl, binderKey); 2118 #endif 2119 #ifndef NO_PSK 2120 if (!current->resumption) 2121 ret = DeriveBinderKey(ssl, binderKey); 2122 #endif 2123 if (ret != 0) 2124 return ret; 2125 2126 /* Derive the Finished message secret. */ 2127 ret = DeriveFinishedSecret(ssl, binderKey, 2128 ssl->keys.client_write_MAC_secret); 2129 if (ret != 0) 2130 return ret; 2131 2132 /* Build the HMAC of the handshake message data = binder. */ 2133 ret = BuildTls13HandshakeHmac(ssl, ssl->keys.client_write_MAC_secret, 2134 current->binder, ¤t->binderLen); 2135 if (ret != 0) 2136 return ret; 2137 2138 current = current->next; 2139 } 2140 2141 /* Data entered into extension, now write to message. */ 2142 len = TLSX_PreSharedKey_WriteBinders((PreSharedKey*)ext->data, output + idx, 2143 client_hello); 2144 2145 /* Hash binders to complete the hash of the ClientHello. */ 2146 ret = HashOutputRaw(ssl, output + idx, len); 2147 if (ret < 0) 2148 return ret; 2149 2150 #ifdef WOLFSSL_EARLY_DATA 2151 if (ssl->earlyData) { 2152 if ((ret = SetupPskKey(ssl, (PreSharedKey*)ext->data)) != 0) 2153 return ret; 2154 2155 /* Derive early data encryption key. */ 2156 ret = DeriveTls13Keys(ssl, early_data_key, ENCRYPT_SIDE_ONLY, 1); 2157 if (ret != 0) 2158 return ret; 2159 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) != 0) 2160 return ret; 2161 } 2162 #endif 2163 return ret; 2164 } 2165 #endif 2166 2167 /* Send a ClientHello message to the server. 2168 * Include the information required to start a handshake with servers using 2169 * protocol versions less than TLS v1.3. 2170 * Only a client will send this message. 2171 * 2172 * ssl The SSL/TLS object. 2173 * returns 0 on success and otherwise failure. 2174 */ 2175 int SendTls13ClientHello(WOLFSSL* ssl) 2176 { 2177 byte* output; 2178 word32 length; 2179 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 2180 int sendSz; 2181 int ret; 2182 2183 WOLFSSL_ENTER("SendTls13ClientHello"); 2184 2185 #ifdef HAVE_SESSION_TICKET 2186 if (ssl->options.resuming && 2187 (ssl->session.version.major != ssl->version.major || 2188 ssl->session.version.minor != ssl->version.minor)) { 2189 /* Cannot resume with a different protocol version - new handshake. */ 2190 ssl->options.resuming = 0; 2191 ssl->version.major = ssl->session.version.major; 2192 ssl->version.minor = ssl->session.version.minor; 2193 return SendClientHello(ssl); 2194 } 2195 #endif 2196 2197 if (ssl->suites == NULL) { 2198 WOLFSSL_MSG("Bad suites pointer in SendTls13ClientHello"); 2199 return SUITES_ERROR; 2200 } 2201 2202 /* Version | Random | Session Id | Cipher Suites | Compression | Ext */ 2203 length = VERSION_SZ + RAN_LEN + ENUM_LEN + ssl->suites->suiteSz + 2204 SUITE_LEN + COMP_LEN + ENUM_LEN; 2205 2206 /* Auto populate extensions supported unless user defined. */ 2207 if ((ret = TLSX_PopulateExtensions(ssl, 0)) != 0) 2208 return ret; 2209 #ifdef WOLFSSL_EARLY_DATA 2210 #ifndef NO_PSK 2211 if (!ssl->options.resuming && ssl->options.client_psk_cb == NULL) 2212 #else 2213 if (!ssl->options.resuming) 2214 #endif 2215 ssl->earlyData = 0; 2216 if (ssl->earlyData && (ret = TLSX_EarlyData_Use(ssl, 0)) < 0) 2217 return ret; 2218 #endif 2219 #ifdef HAVE_QSH 2220 if (QSH_Init(ssl) != 0) 2221 return MEMORY_E; 2222 #endif 2223 /* Include length of TLS extensions. */ 2224 length += TLSX_GetRequestSize(ssl, client_hello); 2225 2226 /* Total message size. */ 2227 sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; 2228 2229 /* Check buffers are big enough and grow if needed. */ 2230 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) 2231 return ret; 2232 2233 /* Get position in output buffer to write new message to. */ 2234 output = ssl->buffers.outputBuffer.buffer + 2235 ssl->buffers.outputBuffer.length; 2236 2237 /* Put the record and handshake headers on. */ 2238 AddTls13Headers(output, length, client_hello, ssl); 2239 2240 /* Protocol version. */ 2241 output[idx++] = SSLv3_MAJOR; 2242 output[idx++] = TLSv1_2_MINOR; 2243 ssl->chVersion = ssl->version; 2244 2245 /* Client Random */ 2246 if (ssl->options.connectState == CONNECT_BEGIN) { 2247 ret = wc_RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN); 2248 if (ret != 0) 2249 return ret; 2250 2251 /* Store random for possible second ClientHello. */ 2252 XMEMCPY(ssl->arrays->clientRandom, output + idx, RAN_LEN); 2253 } 2254 else 2255 XMEMCPY(output + idx, ssl->arrays->clientRandom, RAN_LEN); 2256 idx += RAN_LEN; 2257 2258 /* TLS v1.3 does not use session id - 0 length. */ 2259 output[idx++] = 0; 2260 2261 /* Cipher suites */ 2262 c16toa(ssl->suites->suiteSz, output + idx); 2263 idx += OPAQUE16_LEN; 2264 XMEMCPY(output + idx, &ssl->suites->suites, ssl->suites->suiteSz); 2265 idx += ssl->suites->suiteSz; 2266 2267 /* Compression not supported in TLS v1.3. */ 2268 output[idx++] = COMP_LEN; 2269 output[idx++] = NO_COMPRESSION; 2270 2271 /* Write out extensions for a request. */ 2272 idx += TLSX_WriteRequest(ssl, output + idx, client_hello); 2273 2274 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 2275 /* Resumption has a specific set of extensions and binder is calculated 2276 * for each identity. 2277 */ 2278 if (TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY)) 2279 ret = WritePSKBinders(ssl, output, idx); 2280 else 2281 #endif 2282 ret = HashOutput(ssl, output, idx, 0); 2283 if (ret != 0) 2284 return ret; 2285 2286 ssl->options.clientState = CLIENT_HELLO_COMPLETE; 2287 2288 #ifdef WOLFSSL_CALLBACKS 2289 if (ssl->hsInfoOn) AddPacketName("ClientHello", &ssl->handShakeInfo); 2290 if (ssl->toInfoOn) { 2291 AddPacketInfo("ClientHello", &ssl->timeoutInfo, output, sendSz, 2292 ssl->heap); 2293 } 2294 #endif 2295 2296 ssl->buffers.outputBuffer.length += sendSz; 2297 2298 ret = SendBuffered(ssl); 2299 2300 WOLFSSL_LEAVE("SendTls13ClientHello", ret); 2301 2302 return ret; 2303 } 2191 2192 return 0; 2193 } 2194 #endif 2304 2195 2305 2196 #ifndef WOLFSSL_TLS13_DRAFT_18 2306 #if def WOLFSSL_SEND_HRR_COOKIE2197 #if defined(WOLFSSL_SEND_HRR_COOKIE) && !defined(NO_WOLFSSL_SERVER) 2307 2198 /* Create Cookie extension using the hash of the first ClientHello. 2308 2199 * … … 2315 2206 { 2316 2207 int ret; 2317 byte mac[ MAX_DIGEST_SIZE];2208 byte mac[WC_MAX_DIGEST_SIZE]; 2318 2209 Hmac cookieHmac; 2319 2210 byte cookieType; … … 2383 2274 WOLFSSL_BUFFER(hash, hashSz); 2384 2275 2385 #if def WOLFSSL_SEND_HRR_COOKIE2276 #if defined(WOLFSSL_SEND_HRR_COOKIE) && !defined(NO_WOLFSSL_SERVER) 2386 2277 if (ssl->options.sendCookie) { 2387 byte cookie[OPAQUE8_LEN + MAX_DIGEST_SIZE + OPAQUE16_LEN * 2];2278 byte cookie[OPAQUE8_LEN + WC_MAX_DIGEST_SIZE + OPAQUE16_LEN * 2]; 2388 2279 TLSX* ext; 2389 2280 word32 idx = 0; … … 2412 2303 return HashOutputRaw(ssl, hash, hashSz); 2413 2304 } 2414 #endif 2415 2305 2306 /* The value in the random field of a ServerHello to indicate 2307 * HelloRetryRequest. 2308 */ 2309 static byte helloRetryRequestRandom[] = { 2310 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 2311 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 2312 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 2313 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C 2314 }; 2315 #endif /* WOLFSSL_TLS13_DRAFT_18 */ 2316 2317 #ifndef NO_WOLFSSL_CLIENT 2318 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 2319 /* Setup pre-shared key based on the details in the extension data. 2320 * 2321 * ssl SSL/TLS object. 2322 * psk Pre-shared key extension data. 2323 * returns 0 on success, PSK_KEY_ERROR when the client PSK callback fails and 2324 * other negative value on failure. 2325 */ 2326 static int SetupPskKey(WOLFSSL* ssl, PreSharedKey* psk) 2327 { 2328 int ret; 2329 byte suite[2]; 2330 2331 if (ssl->options.noPskDheKe && ssl->arrays->preMasterSz != 0) 2332 return PSK_KEY_ERROR; 2333 2334 suite[0] = psk->cipherSuite0; 2335 suite[1] = psk->cipherSuite; 2336 if (!FindSuite(ssl, suite)) 2337 return PSK_KEY_ERROR; 2338 2339 ssl->options.cipherSuite0 = psk->cipherSuite0; 2340 ssl->options.cipherSuite = psk->cipherSuite; 2341 if ((ret = SetCipherSpecs(ssl)) != 0) 2342 return ret; 2343 2344 #ifdef HAVE_SESSION_TICKET 2345 if (psk->resumption) { 2346 #ifdef WOLFSSL_EARLY_DATA 2347 if (ssl->session.maxEarlyDataSz == 0) 2348 ssl->earlyData = no_early_data; 2349 #endif 2350 /* Resumption PSK is master secret. */ 2351 ssl->arrays->psk_keySz = ssl->specs.hash_size; 2352 #ifdef WOLFSSL_TLS13_DRAFT_18 2353 XMEMCPY(ssl->arrays->psk_key, ssl->session.masterSecret, 2354 ssl->arrays->psk_keySz); 2355 #else 2356 if ((ret = DeriveResumptionPSK(ssl, ssl->session.ticketNonce.data, 2357 ssl->session.ticketNonce.len, ssl->arrays->psk_key)) != 0) { 2358 return ret; 2359 } 2360 #endif 2361 } 2362 #endif 2363 #ifndef NO_PSK 2364 if (!psk->resumption) { 2365 const char* cipherName = NULL; 2366 byte cipherSuite0 = TLS13_BYTE, cipherSuite = WOLFSSL_DEF_PSK_CIPHER; 2367 2368 /* Get the pre-shared key. */ 2369 if (ssl->options.client_psk_tls13_cb != NULL) { 2370 ssl->arrays->psk_keySz = ssl->options.client_psk_tls13_cb(ssl, 2371 (char *)psk->identity, ssl->arrays->client_identity, 2372 MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN, 2373 &cipherName); 2374 if (GetCipherSuiteFromName(cipherName, &cipherSuite0, 2375 &cipherSuite) != 0) { 2376 return PSK_KEY_ERROR; 2377 } 2378 } 2379 else { 2380 ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl, 2381 (char *)psk->identity, ssl->arrays->client_identity, 2382 MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN); 2383 } 2384 if (ssl->arrays->psk_keySz == 0 || 2385 ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) { 2386 return PSK_KEY_ERROR; 2387 } 2388 2389 if (psk->cipherSuite0 != cipherSuite0 || 2390 psk->cipherSuite != cipherSuite) { 2391 return PSK_KEY_ERROR; 2392 } 2393 } 2394 #endif 2395 2396 /* Derive the early secret using the PSK. */ 2397 return DeriveEarlySecret(ssl); 2398 } 2399 2400 /* Derive and write the binders into the ClientHello in space left when 2401 * writing the Pre-Shared Key extension. 2402 * 2403 * ssl The SSL/TLS object. 2404 * output The buffer containing the ClientHello. 2405 * idx The index at the end of the completed ClientHello. 2406 * returns 0 on success and otherwise failure. 2407 */ 2408 static int WritePSKBinders(WOLFSSL* ssl, byte* output, word32 idx) 2409 { 2410 int ret; 2411 TLSX* ext; 2412 PreSharedKey* current; 2413 byte binderKey[WC_MAX_DIGEST_SIZE]; 2414 word16 len; 2415 2416 WOLFSSL_ENTER("WritePSKBinders"); 2417 2418 ext = TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY); 2419 if (ext == NULL) 2420 return SANITY_MSG_E; 2421 2422 /* Get the size of the binders to determine where to write binders. */ 2423 idx -= TLSX_PreSharedKey_GetSizeBinders((PreSharedKey*)ext->data, 2424 client_hello); 2425 2426 /* Hash truncated ClientHello - up to binders. */ 2427 ret = HashOutput(ssl, output, idx, 0); 2428 if (ret != 0) 2429 return ret; 2430 2431 current = (PreSharedKey*)ext->data; 2432 /* Calculate the binder for each identity based on previous handshake data. 2433 */ 2434 while (current != NULL) { 2435 if ((ret = SetupPskKey(ssl, current)) != 0) 2436 return ret; 2437 2438 #ifdef HAVE_SESSION_TICKET 2439 if (current->resumption) 2440 ret = DeriveBinderKeyResume(ssl, binderKey); 2441 #endif 2442 #ifndef NO_PSK 2443 if (!current->resumption) 2444 ret = DeriveBinderKey(ssl, binderKey); 2445 #endif 2446 if (ret != 0) 2447 return ret; 2448 2449 /* Derive the Finished message secret. */ 2450 ret = DeriveFinishedSecret(ssl, binderKey, 2451 ssl->keys.client_write_MAC_secret); 2452 if (ret != 0) 2453 return ret; 2454 2455 /* Build the HMAC of the handshake message data = binder. */ 2456 ret = BuildTls13HandshakeHmac(ssl, ssl->keys.client_write_MAC_secret, 2457 current->binder, ¤t->binderLen); 2458 if (ret != 0) 2459 return ret; 2460 2461 current = current->next; 2462 } 2463 2464 /* Data entered into extension, now write to message. */ 2465 len = TLSX_PreSharedKey_WriteBinders((PreSharedKey*)ext->data, output + idx, 2466 client_hello); 2467 2468 /* Hash binders to complete the hash of the ClientHello. */ 2469 ret = HashOutputRaw(ssl, output + idx, len); 2470 if (ret < 0) 2471 return ret; 2472 2473 #ifdef WOLFSSL_EARLY_DATA 2474 if (ssl->earlyData != no_early_data) { 2475 if ((ret = SetupPskKey(ssl, (PreSharedKey*)ext->data)) != 0) 2476 return ret; 2477 2478 /* Derive early data encryption key. */ 2479 ret = DeriveTls13Keys(ssl, early_data_key, ENCRYPT_SIDE_ONLY, 1); 2480 if (ret != 0) 2481 return ret; 2482 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) != 0) 2483 return ret; 2484 } 2485 #endif 2486 2487 WOLFSSL_LEAVE("WritePSKBinders", ret); 2488 2489 return ret; 2490 } 2491 #endif 2492 2493 /* handle generation of TLS 1.3 client_hello (1) */ 2494 /* Send a ClientHello message to the server. 2495 * Include the information required to start a handshake with servers using 2496 * protocol versions less than TLS v1.3. 2497 * Only a client will send this message. 2498 * 2499 * ssl The SSL/TLS object. 2500 * returns 0 on success and otherwise failure. 2501 */ 2502 int SendTls13ClientHello(WOLFSSL* ssl) 2503 { 2504 byte* output; 2505 word16 length; 2506 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 2507 int sendSz; 2508 int ret; 2509 2510 WOLFSSL_START(WC_FUNC_CLIENT_HELLO_SEND); 2511 WOLFSSL_ENTER("SendTls13ClientHello"); 2512 2513 #ifdef HAVE_SESSION_TICKET 2514 if (ssl->options.resuming && 2515 (ssl->session.version.major != ssl->version.major || 2516 ssl->session.version.minor != ssl->version.minor)) { 2517 #ifndef WOLFSSL_NO_TLS12 2518 if (ssl->session.version.major == ssl->version.major && 2519 ssl->session.version.minor < ssl->version.minor) { 2520 /* Cannot resume with a different protocol version. */ 2521 ssl->options.resuming = 0; 2522 ssl->version.major = ssl->session.version.major; 2523 ssl->version.minor = ssl->session.version.minor; 2524 return SendClientHello(ssl); 2525 } 2526 else 2527 #endif 2528 return VERSION_ERROR; 2529 } 2530 #endif 2531 2532 if (ssl->suites == NULL) { 2533 WOLFSSL_MSG("Bad suites pointer in SendTls13ClientHello"); 2534 return SUITES_ERROR; 2535 } 2536 2537 /* Version | Random | Session Id | Cipher Suites | Compression */ 2538 length = VERSION_SZ + RAN_LEN + ENUM_LEN + ssl->suites->suiteSz + 2539 SUITE_LEN + COMP_LEN + ENUM_LEN; 2540 #ifndef WOLFSSL_TLS13_DRAFT_18 2541 #if defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 2542 length += ID_LEN; 2543 #else 2544 if (ssl->session.sessionIDSz > 0) 2545 length += ssl->session.sessionIDSz; 2546 #endif 2547 #endif 2548 2549 /* Auto populate extensions supported unless user defined. */ 2550 if ((ret = TLSX_PopulateExtensions(ssl, 0)) != 0) 2551 return ret; 2552 #ifdef WOLFSSL_EARLY_DATA 2553 #ifndef NO_PSK 2554 if (!ssl->options.resuming && 2555 ssl->options.client_psk_tls13_cb == NULL && 2556 ssl->options.client_psk_cb == NULL) 2557 #else 2558 if (!ssl->options.resuming) 2559 #endif 2560 ssl->earlyData = no_early_data; 2561 if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE) 2562 ssl->earlyData = no_early_data; 2563 if (ssl->earlyData == no_early_data) 2564 TLSX_Remove(&ssl->extensions, TLSX_EARLY_DATA, ssl->heap); 2565 if (ssl->earlyData != no_early_data && 2566 (ret = TLSX_EarlyData_Use(ssl, 0)) < 0) { 2567 return ret; 2568 } 2569 #endif 2570 #ifdef HAVE_QSH 2571 if (QSH_Init(ssl) != 0) 2572 return MEMORY_E; 2573 #endif 2574 /* Include length of TLS extensions. */ 2575 ret = TLSX_GetRequestSize(ssl, client_hello, &length); 2576 if (ret != 0) 2577 return ret; 2578 2579 /* Total message size. */ 2580 sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; 2581 2582 /* Check buffers are big enough and grow if needed. */ 2583 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) 2584 return ret; 2585 2586 /* Get position in output buffer to write new message to. */ 2587 output = ssl->buffers.outputBuffer.buffer + 2588 ssl->buffers.outputBuffer.length; 2589 2590 /* Put the record and handshake headers on. */ 2591 AddTls13Headers(output, length, client_hello, ssl); 2592 2593 /* Protocol version - negotiation now in extension: supported_versions. */ 2594 output[idx++] = SSLv3_MAJOR; 2595 output[idx++] = TLSv1_2_MINOR; 2596 /* Keep for downgrade. */ 2597 ssl->chVersion = ssl->version; 2598 2599 /* Client Random */ 2600 if (ssl->options.connectState == CONNECT_BEGIN) { 2601 ret = wc_RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN); 2602 if (ret != 0) 2603 return ret; 2604 2605 /* Store random for possible second ClientHello. */ 2606 XMEMCPY(ssl->arrays->clientRandom, output + idx, RAN_LEN); 2607 } 2608 else 2609 XMEMCPY(output + idx, ssl->arrays->clientRandom, RAN_LEN); 2610 idx += RAN_LEN; 2611 2612 #ifdef WOLFSSL_TLS13_DRAFT_18 2613 /* TLS v1.3 does not use session id - 0 length. */ 2614 output[idx++] = 0; 2615 #else 2616 if (ssl->session.sessionIDSz > 0) { 2617 /* Session resumption for old versions of protocol. */ 2618 output[idx++] = ID_LEN; 2619 XMEMCPY(output + idx, ssl->session.sessionID, ssl->session.sessionIDSz); 2620 idx += ID_LEN; 2621 } 2622 else { 2623 #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT 2624 output[idx++] = ID_LEN; 2625 XMEMCPY(output + idx, ssl->arrays->clientRandom, ID_LEN); 2626 idx += ID_LEN; 2627 #else 2628 /* TLS v1.3 does not use session id - 0 length. */ 2629 output[idx++] = 0; 2630 #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */ 2631 } 2632 #endif /* WOLFSSL_TLS13_DRAFT_18 */ 2633 2634 /* Cipher suites */ 2635 c16toa(ssl->suites->suiteSz, output + idx); 2636 idx += OPAQUE16_LEN; 2637 XMEMCPY(output + idx, &ssl->suites->suites, ssl->suites->suiteSz); 2638 idx += ssl->suites->suiteSz; 2639 2640 /* Compression not supported in TLS v1.3. */ 2641 output[idx++] = COMP_LEN; 2642 output[idx++] = NO_COMPRESSION; 2643 2644 /* Write out extensions for a request. */ 2645 length = 0; 2646 ret = TLSX_WriteRequest(ssl, output + idx, client_hello, &length); 2647 if (ret != 0) 2648 return ret; 2649 idx += length; 2650 2651 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 2652 /* Resumption has a specific set of extensions and binder is calculated 2653 * for each identity. 2654 */ 2655 if (TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY)) 2656 ret = WritePSKBinders(ssl, output, idx); 2657 else 2658 #endif 2659 ret = HashOutput(ssl, output, idx, 0); 2660 if (ret != 0) 2661 return ret; 2662 2663 ssl->options.clientState = CLIENT_HELLO_COMPLETE; 2664 2665 #ifdef WOLFSSL_CALLBACKS 2666 if (ssl->hsInfoOn) AddPacketName(ssl, "ClientHello"); 2667 if (ssl->toInfoOn) { 2668 AddPacketInfo(ssl, "ClientHello", handshake, output, sendSz, 2669 WRITE_PROTO, ssl->heap); 2670 } 2671 #endif 2672 2673 ssl->buffers.outputBuffer.length += sendSz; 2674 2675 #ifdef WOLFSSL_EARLY_DATA_GROUP 2676 if (ssl->earlyData == no_early_data) 2677 #endif 2678 ret = SendBuffered(ssl); 2679 2680 2681 WOLFSSL_LEAVE("SendTls13ClientHello", ret); 2682 WOLFSSL_END(WC_FUNC_CLIENT_HELLO_SEND); 2683 2684 return ret; 2685 } 2686 2687 #ifdef WOLFSSL_TLS13_DRAFT_18 2688 /* handle rocessing of TLS 1.3 hello_retry_request (6) */ 2416 2689 /* Parse and handle a HelloRetryRequest message. 2417 2690 * Only a client will receive this message. … … 2437 2710 2438 2711 #ifdef WOLFSSL_CALLBACKS 2439 if (ssl->hsInfoOn) AddPacketName( "HelloRetryRequest", &ssl->handShakeInfo);2712 if (ssl->hsInfoOn) AddPacketName(ssl, "HelloRetryRequest"); 2440 2713 if (ssl->toInfoOn) AddLateName("HelloRetryRequest", &ssl->timeoutInfo); 2441 2714 #endif … … 2451 2724 if (ret != 0) 2452 2725 return ret; 2453 2454 #ifndef WOLFSSL_TLS13_DRAFT_182455 /* Set the cipher suite from the message. */2456 ssl->options.cipherSuite0 = input[i++];2457 ssl->options.cipherSuite = input[i++];2458 2459 ret = SetCipherSpecs(ssl);2460 if (ret != 0)2461 return ret;2462 #endif2463 2726 2464 2727 /* Length of extension data. */ … … 2482 2745 2483 2746 ssl->options.tls1_3 = 1; 2484 ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST; 2485 2486 #ifndef WOLFSSL_TLS13_DRAFT_18 2487 ret = RestartHandshakeHash(ssl); 2488 #endif 2747 ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE; 2489 2748 2490 2749 WOLFSSL_LEAVE("DoTls13HelloRetryRequest", ret); … … 2492 2751 return ret; 2493 2752 } 2494 2753 #endif 2754 2755 2756 /* handle processing of TLS 1.3 server_hello (2) and hello_retry_request (6) */ 2495 2757 /* Handle the ServerHello message from the server. 2496 2758 * Only a client will receive this message. … … 2504 2766 */ 2505 2767 int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, 2506 word32 helloSz )2768 word32 helloSz, byte* extMsgType) 2507 2769 { 2508 2770 ProtocolVersion pv; … … 2510 2772 word32 begin = i; 2511 2773 int ret; 2774 #ifndef WOLFSSL_TLS13_DRAFT_18 2775 byte sessIdSz; 2776 const byte* sessId; 2777 byte b; 2778 #endif 2512 2779 word16 totalExtSz; 2513 2780 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) … … 2516 2783 #endif 2517 2784 2785 WOLFSSL_START(WC_FUNC_SERVER_HELLO_DO); 2518 2786 WOLFSSL_ENTER("DoTls13ServerHello"); 2519 2787 2520 2788 #ifdef WOLFSSL_CALLBACKS 2521 if (ssl->hsInfoOn) AddPacketName( "ServerHello", &ssl->handShakeInfo);2789 if (ssl->hsInfoOn) AddPacketName(ssl, "ServerHello"); 2522 2790 if (ssl->toInfoOn) AddLateName("ServerHello", &ssl->timeoutInfo); 2523 2791 #endif … … 2530 2798 XMEMCPY(&pv, input + i, OPAQUE16_LEN); 2531 2799 i += OPAQUE16_LEN; 2800 #ifdef WOLFSSL_TLS13_DRAFT_18 2532 2801 ret = CheckVersion(ssl, pv); 2533 2802 if (ret != 0) 2534 2803 return ret; 2535 2804 if (!IsAtLeastTLSv1_3(pv) && pv.major != TLS_DRAFT_MAJOR) { 2805 #ifndef WOLFSSL_NO_TLS12 2536 2806 if (ssl->options.downgrade) { 2537 2807 ssl->version = pv; 2538 2808 return DoServerHello(ssl, input, inOutIdx, helloSz); 2539 2809 } 2540 2541 WOLFSSL_MSG("CLient using higher version, fatal error"); 2810 #endif 2811 2812 WOLFSSL_MSG("Client using higher version, fatal error"); 2542 2813 return VERSION_ERROR; 2543 2814 } 2544 2545 /* Random, cipher suite and extensions length check. */ 2546 if ((i - begin) + RAN_LEN + OPAQUE16_LEN + OPAQUE16_LEN > helloSz) 2815 #else 2816 #ifndef WOLFSSL_NO_TLS12 2817 if (pv.major == ssl->version.major && pv.minor < TLSv1_2_MINOR && 2818 ssl->options.downgrade) { 2819 /* Force client hello version 1.2 to work for static RSA. */ 2820 ssl->chVersion.minor = TLSv1_2_MINOR; 2821 ssl->version.minor = TLSv1_2_MINOR; 2822 return DoServerHello(ssl, input, inOutIdx, helloSz); 2823 } 2824 #endif 2825 if (pv.major != ssl->version.major || pv.minor != TLSv1_2_MINOR) 2826 return VERSION_ERROR; 2827 #endif 2828 2829 #ifdef WOLFSSL_TLS13_DRAFT_18 2830 /* Random length check */ 2831 if ((i - begin) + RAN_LEN > helloSz) 2547 2832 return BUFFER_ERROR; 2833 #else 2834 /* Random and session id length check */ 2835 if ((i - begin) + RAN_LEN + ENUM_LEN > helloSz) 2836 return BUFFER_ERROR; 2837 2838 if (XMEMCMP(input + i, helloRetryRequestRandom, RAN_LEN) == 0) 2839 *extMsgType = hello_retry_request; 2840 #endif 2548 2841 2549 2842 /* Server random - keep for debugging. */ … … 2551 2844 i += RAN_LEN; 2552 2845 2846 #ifndef WOLFSSL_TLS13_DRAFT_18 2847 /* Session id */ 2848 sessIdSz = input[i++]; 2849 if ((i - begin) + sessIdSz > helloSz) 2850 return BUFFER_ERROR; 2851 sessId = input + i; 2852 i += sessIdSz; 2853 #endif /* WOLFSSL_TLS13_DRAFT_18 */ 2854 ssl->options.haveSessionId = 1; 2855 2856 #ifdef WOLFSSL_TLS13_DRAFT_18 2857 /* Ciphersuite check */ 2858 if ((i - begin) + OPAQUE16_LEN + OPAQUE16_LEN > helloSz) 2859 return BUFFER_ERROR; 2860 #else 2861 /* Ciphersuite and compression check */ 2862 if ((i - begin) + OPAQUE16_LEN + OPAQUE8_LEN > helloSz) 2863 return BUFFER_ERROR; 2864 #endif 2865 2553 2866 /* Set the cipher suite from the message. */ 2554 2867 ssl->options.cipherSuite0 = input[i++]; 2555 2868 ssl->options.cipherSuite = input[i++]; 2556 2869 2870 #ifndef WOLFSSL_TLS13_DRAFT_18 2871 /* Compression */ 2872 b = input[i++]; 2873 if (b != 0) { 2874 WOLFSSL_MSG("Must be no compression types in list"); 2875 return INVALID_PARAMETER; 2876 } 2877 #endif 2878 2879 #ifndef WOLFSSL_TLS13_DRAFT_18 2880 if ((i - begin) + OPAQUE16_LEN > helloSz) { 2881 if (!ssl->options.downgrade) 2882 return BUFFER_ERROR; 2883 #ifndef WOLFSSL_NO_TLS12 2884 ssl->version.minor = TLSv1_2_MINOR; 2885 #endif 2886 ssl->options.haveEMS = 0; 2887 } 2888 if ((i - begin) < helloSz) 2889 #endif 2890 { 2557 2891 /* Get extension length and length check. */ 2892 if ((i - begin) + OPAQUE16_LEN > helloSz) 2893 return BUFFER_ERROR; 2558 2894 ato16(&input[i], &totalExtSz); 2559 2895 i += OPAQUE16_LEN; … … 2561 2897 return BUFFER_ERROR; 2562 2898 2899 #ifndef WOLFSSL_TLS13_DRAFT_18 2900 if (ssl->options.downgrade) 2901 ssl->version.minor = TLSv1_2_MINOR; 2902 #endif 2563 2903 /* Parse and handle extensions. */ 2564 ret = TLSX_Parse(ssl, (byte *) input + i, totalExtSz, server_hello, NULL); 2904 ret = TLSX_Parse(ssl, (byte *) input + i, totalExtSz, *extMsgType, 2905 NULL); 2565 2906 if (ret != 0) 2566 2907 return ret; 2567 2908 2568 2909 i += totalExtSz; 2910 } 2569 2911 *inOutIdx = i; 2570 2912 … … 2581 2923 #endif /* HAVE_SECRET_CALLBACK */ 2582 2924 2925 #ifndef WOLFSSL_TLS13_DRAFT_18 2926 /* Version only negotiated in extensions for TLS v1.3. 2927 * Only now do we know how to deal with session id. 2928 */ 2929 if (!IsAtLeastTLSv1_3(ssl->version)) { 2930 #ifndef WOLFSSL_NO_TLS12 2931 ssl->arrays->sessionIDSz = sessIdSz; 2932 2933 if (ssl->arrays->sessionIDSz > ID_LEN) { 2934 WOLFSSL_MSG("Invalid session ID size"); 2935 ssl->arrays->sessionIDSz = 0; 2936 return BUFFER_ERROR; 2937 } 2938 else if (ssl->arrays->sessionIDSz) { 2939 XMEMCPY(ssl->arrays->sessionID, sessId, ssl->arrays->sessionIDSz); 2940 ssl->options.haveSessionId = 1; 2941 } 2942 2943 /* Force client hello version 1.2 to work for static RSA. */ 2944 ssl->chVersion.minor = TLSv1_2_MINOR; 2945 /* Complete TLS v1.2 processing of ServerHello. */ 2946 ret = CompleteServerHello(ssl); 2947 #else 2948 WOLFSSL_MSG("Client using higher version, fatal error"); 2949 ret = VERSION_ERROR; 2950 #endif 2951 2952 WOLFSSL_LEAVE("DoTls13ServerHello", ret); 2953 2954 return ret; 2955 } 2956 2957 #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT 2958 if (sessIdSz == 0) 2959 return INVALID_PARAMETER; 2960 if (ssl->session.sessionIDSz != 0) { 2961 if (ssl->session.sessionIDSz != sessIdSz || 2962 XMEMCMP(ssl->session.sessionID, sessId, sessIdSz) != 0) { 2963 return INVALID_PARAMETER; 2964 } 2965 } 2966 else if (XMEMCMP(ssl->arrays->clientRandom, sessId, sessIdSz) != 0) 2967 return INVALID_PARAMETER; 2968 #else 2969 if (sessIdSz != ssl->session.sessionIDSz || (sessIdSz > 0 && 2970 XMEMCMP(ssl->session.sessionID, sessId, sessIdSz) != 0)) { 2971 WOLFSSL_MSG("Server sent different session id"); 2972 return INVALID_PARAMETER; 2973 } 2974 #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */ 2975 #endif 2976 2583 2977 ret = SetCipherSpecs(ssl); 2584 2978 if (ret != 0) … … 2586 2980 2587 2981 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 2982 #ifndef WOLFSSL_TLS13_DRAFT_18 2983 if (*extMsgType == server_hello) 2984 #endif 2985 { 2588 2986 ext = TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY); 2589 2987 if (ext != NULL) … … 2598 2996 else if ((ret = SetupPskKey(ssl, psk)) != 0) 2599 2997 return ret; 2600 #endif 2601 2998 } 2999 #endif 3000 3001 #ifdef WOLFSSL_TLS13_DRAFT_18 2602 3002 ssl->keys.encryptionOn = 1; 3003 #else 3004 if (*extMsgType == server_hello) { 3005 ssl->keys.encryptionOn = 1; 3006 ssl->options.serverState = SERVER_HELLO_COMPLETE; 3007 } 3008 else { 3009 ssl->options.tls1_3 = 1; 3010 ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE; 3011 3012 ret = RestartHandshakeHash(ssl); 3013 } 3014 #endif 2603 3015 2604 3016 WOLFSSL_LEAVE("DoTls13ServerHello", ret); 3017 WOLFSSL_END(WC_FUNC_SERVER_HELLO_DO); 2605 3018 2606 3019 return ret; 2607 3020 } 2608 3021 3022 /* handle processing TLS 1.3 encrypted_extensions (8) */ 2609 3023 /* Parse and handle an EncryptedExtensions message. 2610 3024 * Only a client will receive this message. … … 2627 3041 word16 totalExtSz; 2628 3042 3043 WOLFSSL_START(WC_FUNC_ENCRYPTED_EXTENSIONS_DO); 2629 3044 WOLFSSL_ENTER("DoTls13EncryptedExtensions"); 2630 3045 2631 3046 #ifdef WOLFSSL_CALLBACKS 2632 if (ssl->hsInfoOn) AddPacketName("EncryptedExtensions", 2633 &ssl->handShakeInfo); 3047 if (ssl->hsInfoOn) AddPacketName(ssl, "EncryptedExtensions"); 2634 3048 if (ssl->toInfoOn) AddLateName("EncryptedExtensions", &ssl->timeoutInfo); 2635 3049 #endif … … 2655 3069 2656 3070 #ifdef WOLFSSL_EARLY_DATA 2657 if (ssl->earlyData ) {3071 if (ssl->earlyData != no_early_data) { 2658 3072 TLSX* ext = TLSX_Find(ssl->extensions, TLSX_EARLY_DATA); 2659 3073 if (ext == NULL || !ext->val) 2660 ssl->earlyData = 0; 2661 } 2662 #endif 3074 ssl->earlyData = no_early_data; 3075 } 3076 #endif 3077 3078 #ifdef WOLFSSL_EARLY_DATA 3079 if (ssl->earlyData == no_early_data) { 3080 ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY); 3081 if (ret != 0) 3082 return ret; 3083 } 3084 #endif 3085 3086 ssl->options.serverState = SERVER_ENCRYPTED_EXTENSIONS_COMPLETE; 2663 3087 2664 3088 WOLFSSL_LEAVE("DoTls13EncryptedExtensions", ret); 3089 WOLFSSL_END(WC_FUNC_ENCRYPTED_EXTENSIONS_DO); 2665 3090 2666 3091 return ret; 2667 3092 } 2668 3093 3094 /* handle processing TLS v1.3 certificate_request (13) */ 2669 3095 /* Handle a TLS v1.3 CertificateRequest message. 2670 3096 * This message is always encrypted. … … 2691 3117 #endif 2692 3118 3119 WOLFSSL_START(WC_FUNC_CERTIFICATE_REQUEST_DO); 2693 3120 WOLFSSL_ENTER("DoTls13CertificateRequest"); 2694 3121 2695 3122 #ifdef WOLFSSL_CALLBACKS 2696 if (ssl->hsInfoOn) AddPacketName( "CertificateRequest", &ssl->handShakeInfo);3123 if (ssl->hsInfoOn) AddPacketName(ssl, "CertificateRequest"); 2697 3124 if (ssl->toInfoOn) AddLateName("CertificateRequest", &ssl->timeoutInfo); 2698 3125 #endif … … 2799 3226 *inOutIdx += ssl->keys.padSz; 2800 3227 2801 #if !defined(NO_WOLFSSL_CLIENT) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)2802 if (ssl->options.side == WOLFSSL_CLIENT_END &&2803 ssl->options.handShakeState == HANDSHAKE_DONE) {2804 /* reset handshake states */2805 ssl->options.clientState = CLIENT_HELLO_COMPLETE;2806 ssl->options.connectState = FIRST_REPLY_DONE;2807 ssl->options.handShakeState = CLIENT_HELLO_COMPLETE;2808 }2809 #endif2810 2811 3228 WOLFSSL_LEAVE("DoTls13CertificateRequest", ret); 3229 WOLFSSL_END(WC_FUNC_CERTIFICATE_REQUEST_DO); 2812 3230 2813 3231 return ret; … … 2818 3236 #ifndef NO_WOLFSSL_SERVER 2819 3237 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 3238 /* Refine list of supported cipher suites to those common to server and client. 3239 * 3240 * ssl SSL/TLS object. 3241 * peerSuites The peer's advertised list of supported cipher suites. 3242 */ 3243 static void RefineSuites(WOLFSSL* ssl, Suites* peerSuites) 3244 { 3245 byte suites[WOLFSSL_MAX_SUITE_SZ]; 3246 int suiteSz = 0; 3247 int i, j; 3248 3249 for (i = 0; i < ssl->suites->suiteSz; i += 2) { 3250 for (j = 0; j < peerSuites->suiteSz; j += 2) { 3251 if (ssl->suites->suites[i+0] == peerSuites->suites[j+0] && 3252 ssl->suites->suites[i+1] == peerSuites->suites[j+1]) { 3253 suites[suiteSz++] = peerSuites->suites[j+0]; 3254 suites[suiteSz++] = peerSuites->suites[j+1]; 3255 } 3256 } 3257 } 3258 3259 ssl->suites->suiteSz = suiteSz; 3260 XMEMCPY(ssl->suites->suites, &suites, sizeof(suites)); 3261 } 3262 2820 3263 /* Handle any Pre-Shared Key (PSK) extension. 2821 3264 * Must do this in ClientHello as it requires a hash of the truncated message. … … 2835 3278 word16 bindersLen; 2836 3279 PreSharedKey* current; 2837 byte binderKey[ MAX_DIGEST_SIZE];2838 byte binder[ MAX_DIGEST_SIZE];3280 byte binderKey[WC_MAX_DIGEST_SIZE]; 3281 byte binder[WC_MAX_DIGEST_SIZE]; 2839 3282 word32 binderLen; 2840 3283 word16 modes; 3284 byte suite[2]; 2841 3285 #ifdef WOLFSSL_EARLY_DATA 2842 3286 int pskCnt = 0; 2843 3287 TLSX* extEarlyData; 2844 3288 #endif 3289 #ifndef NO_PSK 3290 const char* cipherName = NULL; 3291 byte cipherSuite0 = TLS13_BYTE; 3292 byte cipherSuite = WOLFSSL_DEF_PSK_CIPHER; 3293 #endif 3294 3295 WOLFSSL_ENTER("DoPreSharedKeys"); 2845 3296 2846 3297 ext = TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY); 2847 3298 if (ext == NULL) { 2848 3299 #ifdef WOLFSSL_EARLY_DATA 2849 ssl->earlyData = 0;3300 ssl->earlyData = no_early_data; 2850 3301 #endif 2851 3302 return 0; … … 2905 3356 } 2906 3357 3358 /* Check whether resumption is possible based on suites in SSL and 3359 * ciphersuite in ticket. 3360 */ 3361 suite[0] = ssl->session.cipherSuite0; 3362 suite[1] = ssl->session.cipherSuite; 3363 if (!FindSuite(ssl, suite)) { 3364 current = current->next; 3365 continue; 3366 } 3367 2907 3368 #ifdef WOLFSSL_EARLY_DATA 2908 3369 ssl->options.maxEarlyDataSz = ssl->session.maxEarlyDataSz; … … 2917 3378 /* Resumption PSK is resumption master secret. */ 2918 3379 ssl->arrays->psk_keySz = ssl->specs.hash_size; 3380 #ifdef WOLFSSL_TLS13_DRAFT_18 2919 3381 XMEMCPY(ssl->arrays->psk_key, ssl->session.masterSecret, 2920 ssl->specs.hash_size); 3382 ssl->arrays->psk_keySz); 3383 #else 3384 if ((ret = DeriveResumptionPSK(ssl, ssl->session.ticketNonce.data, 3385 ssl->session.ticketNonce.len, ssl->arrays->psk_key)) != 0) { 3386 return ret; 3387 } 3388 #endif 2921 3389 2922 3390 /* Derive the early secret using the PSK. */ … … 2932 3400 #endif 2933 3401 #ifndef NO_PSK 2934 if (ssl->options.server_psk_cb != NULL && 3402 if ((ssl->options.server_psk_tls13_cb != NULL && 3403 (ssl->arrays->psk_keySz = ssl->options.server_psk_tls13_cb(ssl, 3404 ssl->arrays->client_identity, ssl->arrays->psk_key, 3405 MAX_PSK_KEY_LEN, &cipherName)) != 0 && 3406 GetCipherSuiteFromName(cipherName, &cipherSuite0, 3407 &cipherSuite) == 0) || 3408 (ssl->options.server_psk_cb != NULL && 2935 3409 (ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl, 2936 3410 ssl->arrays->client_identity, ssl->arrays->psk_key, 2937 MAX_PSK_KEY_LEN)) != 0) {3411 MAX_PSK_KEY_LEN)) != 0)) { 2938 3412 if (ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) 2939 3413 return PSK_KEY_ERROR; 2940 3414 3415 /* Check whether PSK ciphersuite is in SSL. */ 3416 suite[0] = cipherSuite0; 3417 suite[1] = cipherSuite; 3418 if (!FindSuite(ssl, suite)) { 3419 current = current->next; 3420 continue; 3421 } 3422 3423 /* Default to ciphersuite if cb doesn't specify. */ 2941 3424 ssl->options.resuming = 0; 2942 3425 … … 2945 3428 return PSK_KEY_ERROR; 2946 3429 2947 /* TODO: Callback should be able to change ciphersuite. */ 2948 /* Default to ciphersuite if cb doesn't specify. */ 2949 ssl->options.cipherSuite0 = TLS13_BYTE; 2950 ssl->options.cipherSuite = WOLFSSL_DEF_PSK_CIPHER; 3430 /* Set PSK ciphersuite into SSL. */ 3431 ssl->options.cipherSuite0 = cipherSuite0; 3432 ssl->options.cipherSuite = cipherSuite; 2951 3433 ret = SetCipherSpecs(ssl); 2952 3434 if (ret != 0) … … 2993 3475 } 2994 3476 3477 if (current == NULL) { 3478 #ifdef WOLFSSL_PSK_ID_PROTECTION 3479 #ifndef NO_CERTS 3480 if (ssl->buffers.certChainCnt != 0) 3481 return 0; 3482 #endif 3483 return BAD_BINDER; 3484 #else 3485 return 0; 3486 #endif 3487 } 3488 2995 3489 /* Hash the rest of the ClientHello. */ 2996 3490 ret = HashInputRaw(ssl, input + helloSz - bindersLen, bindersLen); … … 3001 3495 extEarlyData = TLSX_Find(ssl->extensions, TLSX_EARLY_DATA); 3002 3496 if (extEarlyData != NULL) { 3003 if (ssl->earlyData && current == ext->data) {3497 if (ssl->earlyData != no_early_data && current == ext->data) { 3004 3498 extEarlyData->resp = 1; 3005 3499 … … 3011 3505 return ret; 3012 3506 3013 ssl->earlyData = 2;3507 ssl->earlyData = process_early_data; 3014 3508 } 3015 3509 else … … 3031 3525 ssl->namedGroup = ssl->session.namedGroup; 3032 3526 3033 /* Try to establish a new secret. */3527 /* Pick key share and Generate a new key if not present. */ 3034 3528 ret = TLSX_KeyShare_Establish(ssl); 3035 if (ret == KEY_SHARE_ERROR) 3036 return PSK_KEY_ERROR; 3529 if (ret == KEY_SHARE_ERROR) { 3530 ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE; 3531 ret = 0; 3532 } 3037 3533 else if (ret < 0) 3038 3534 return ret; … … 3041 3537 ext->resp = 1; 3042 3538 } 3043 else if ((modes & (1 << PSK_KE)) == 0) 3539 else { 3540 if ((modes & (1 << PSK_KE)) == 0) 3044 3541 return PSK_KEY_ERROR; 3542 ssl->options.noPskDheKe = 1; 3543 } 3045 3544 3046 3545 *usingPSK = 1; 3546 3547 WOLFSSL_LEAVE("DoPreSharedKeys", ret); 3047 3548 3048 3549 return ret; … … 3061 3562 { 3062 3563 int ret; 3063 byte mac[ MAX_DIGEST_SIZE];3564 byte mac[WC_MAX_DIGEST_SIZE]; 3064 3565 Hmac cookieHmac; 3065 3566 byte cookieType; … … 3096 3597 /* Length of the KeyShare Extension */ 3097 3598 #define HRR_KEY_SHARE_SZ (OPAQUE16_LEN + OPAQUE16_LEN + OPAQUE16_LEN) 3599 /* Length of the Supported Vresions Extension */ 3600 #define HRR_VERSIONS_SZ (OPAQUE16_LEN + OPAQUE16_LEN + OPAQUE16_LEN) 3098 3601 /* Length of the Cookie Extension excluding cookie data */ 3099 3602 #define HRR_COOKIE_HDR_SZ (OPAQUE16_LEN + OPAQUE16_LEN + OPAQUE16_LEN) 3603 #ifdef WOLFSSL_TLS13_DRAFT_18 3100 3604 /* PV | CipherSuite | Ext Len */ 3101 3605 #define HRR_BODY_SZ (OPAQUE16_LEN + OPAQUE16_LEN + OPAQUE16_LEN) … … 3105 3609 HRR_KEY_SHARE_SZ + \ 3106 3610 HRR_COOKIE_HDR_SZ) 3611 #else 3612 /* PV | Random | Session Id | CipherSuite | Compression | Ext Len */ 3613 #define HRR_BODY_SZ (VERSION_SZ + RAN_LEN + ENUM_LEN + ID_LEN + \ 3614 SUITE_LEN + COMP_LEN + OPAQUE16_LEN) 3615 /* HH | PV | CipherSuite | Ext Len | Key Share | Supported Version | Cookie */ 3616 #define MAX_HRR_SZ (HANDSHAKE_HEADER_SZ + \ 3617 HRR_BODY_SZ + \ 3618 HRR_KEY_SHARE_SZ + \ 3619 HRR_VERSIONS_SZ + \ 3620 HRR_COOKIE_HDR_SZ) 3621 #endif 3622 3107 3623 /* Restart the Hanshake hash from the cookie value. 3108 3624 * … … 3141 3657 3142 3658 /* Reconstruct the HelloRetryMessage for handshake hash. */ 3659 #ifdef WOLFSSL_TLS13_DRAFT_18 3143 3660 length = HRR_BODY_SZ + HRR_COOKIE_HDR_SZ + cookie->len; 3661 #else 3662 length = HRR_BODY_SZ - ID_LEN + ssl->session.sessionIDSz + 3663 HRR_COOKIE_HDR_SZ + cookie->len; 3664 length += HRR_VERSIONS_SZ; 3665 #endif 3144 3666 if (cookieDataSz > hashSz + OPAQUE16_LEN) { 3145 3667 keyShareExt = 1; 3146 3668 length += HRR_KEY_SHARE_SZ; 3147 3669 } 3670 #ifdef WOLFSSL_TLS13_DRAFT_18 3148 3671 AddTls13HandShakeHeader(hrr, length, 0, 0, hello_retry_request, ssl); 3149 3672 3150 3673 idx += hashSz; 3151 3674 hrrIdx = HANDSHAKE_HEADER_SZ; 3152 /* TODO: [TLS13] Replace existing code with code in comment.3153 * Use the TLS v1.3 draft version for now.3154 *3155 * Change to:3156 * hrr[hrrIdx++] = ssl->version.major;3157 * hrr[hrrIdx++] = ssl->version.minor;3158 */3159 3675 /* The negotiated protocol version. */ 3160 3676 hrr[hrrIdx++] = TLS_DRAFT_MAJOR; … … 3168 3684 c16toa(length, hrr + hrrIdx); 3169 3685 hrrIdx += 2; 3686 #else 3687 AddTls13HandShakeHeader(hrr, length, 0, 0, server_hello, ssl); 3688 3689 idx += hashSz; 3690 hrrIdx = HANDSHAKE_HEADER_SZ; 3691 3692 /* The negotiated protocol version. */ 3693 hrr[hrrIdx++] = ssl->version.major; 3694 hrr[hrrIdx++] = TLSv1_2_MINOR; 3695 3696 /* HelloRetryRequest message has fixed value for random. */ 3697 XMEMCPY(hrr + hrrIdx, helloRetryRequestRandom, RAN_LEN); 3698 hrrIdx += RAN_LEN; 3699 3700 hrr[hrrIdx++] = ssl->session.sessionIDSz; 3701 if (ssl->session.sessionIDSz > 0) { 3702 XMEMCPY(hrr + hrrIdx, ssl->session.sessionID, ssl->session.sessionIDSz); 3703 hrrIdx += ssl->session.sessionIDSz; 3704 } 3705 3706 /* Cipher Suite */ 3707 hrr[hrrIdx++] = cookieData[idx++]; 3708 hrr[hrrIdx++] = cookieData[idx++]; 3709 3710 /* Compression not supported in TLS v1.3. */ 3711 hrr[hrrIdx++] = 0; 3712 3713 /* Extensions' length */ 3714 length -= HRR_BODY_SZ - ID_LEN + ssl->session.sessionIDSz; 3715 c16toa(length, hrr + hrrIdx); 3716 hrrIdx += 2; 3717 3718 #endif 3170 3719 /* Optional KeyShare Extension */ 3171 3720 if (keyShareExt) { … … 3177 3726 hrr[hrrIdx++] = cookieData[idx++]; 3178 3727 } 3728 #ifndef WOLFSSL_TLS13_DRAFT_18 3729 c16toa(TLSX_SUPPORTED_VERSIONS, hrr + hrrIdx); 3730 hrrIdx += 2; 3731 c16toa(OPAQUE16_LEN, hrr + hrrIdx); 3732 hrrIdx += 2; 3733 #ifdef WOLFSSL_TLS13_DRAFT 3734 hrr[hrrIdx++] = TLS_DRAFT_MAJOR; 3735 hrr[hrrIdx++] = TLS_DRAFT_MINOR; 3736 #else 3737 hrr[hrrIdx++] = ssl->version.major; 3738 hrr[hrrIdx++] = ssl->version.minor; 3739 #endif 3740 #endif 3179 3741 /* Mandatory Cookie Extension */ 3180 3742 c16toa(TLSX_COOKIE, hrr + hrrIdx); … … 3214 3776 word32 helloSz) 3215 3777 { 3216 int ret ;3778 int ret = VERSION_ERROR; 3217 3779 byte b; 3218 3780 ProtocolVersion pv; … … 3220 3782 word32 i = *inOutIdx; 3221 3783 word32 begin = i; 3222 word16 totalExtSz ;3784 word16 totalExtSz = 0; 3223 3785 int usingPSK = 0; 3224 3786 byte sessIdSz; 3225 3787 #ifndef WOLFSSL_NO_TLS12 3788 int bogusID = 0; 3789 #endif 3790 3791 WOLFSSL_START(WC_FUNC_CLIENT_HELLO_DO); 3226 3792 WOLFSSL_ENTER("DoTls13ClientHello"); 3227 3793 3228 3794 #ifdef WOLFSSL_CALLBACKS 3229 if (ssl->hsInfoOn) AddPacketName( "ClientHello", &ssl->handShakeInfo);3795 if (ssl->hsInfoOn) AddPacketName(ssl, "ClientHello"); 3230 3796 if (ssl->toInfoOn) AddLateName("ClientHello", &ssl->timeoutInfo); 3231 3797 #endif … … 3239 3805 ssl->chVersion = pv; /* store */ 3240 3806 i += OPAQUE16_LEN; 3241 3807 /* Legacy protocol version cannot negotiate TLS 1.3 or higher. */ 3808 if (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR) 3809 pv.minor = TLSv1_2_MINOR; 3810 3811 #ifndef WOLFSSL_NO_TLS12 3242 3812 if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor < TLSv1_3_MINOR) 3243 3813 return DoClientHello(ssl, input, inOutIdx, helloSz); 3814 #endif 3815 3816 #ifdef HAVE_SESSION_TICKET 3817 if (ssl->options.downgrade) { 3818 if ((ret = HashInput(ssl, input + begin, helloSz)) != 0) 3819 return ret; 3820 } 3821 #endif 3244 3822 3245 3823 /* Client random */ … … 3252 3830 #endif 3253 3831 3832 #ifdef WOLFSSL_TLS13_DRAFT_18 3254 3833 /* Session id - empty in TLS v1.3 */ 3255 3834 sessIdSz = input[i++]; 3256 if (sessIdSz > 0 ) {3835 if (sessIdSz > 0 && !ssl->options.downgrade) { 3257 3836 WOLFSSL_MSG("Client sent session id - not supported"); 3258 3837 return BUFFER_ERROR; 3259 3838 } 3839 #else 3840 sessIdSz = input[i++]; 3841 if (sessIdSz != ID_LEN && sessIdSz != 0) 3842 return INVALID_PARAMETER; 3843 #endif 3844 ssl->session.sessionIDSz = sessIdSz; 3845 if (sessIdSz == ID_LEN) { 3846 XMEMCPY(ssl->session.sessionID, input + i, sessIdSz); 3847 i += ID_LEN; 3848 } 3849 #ifndef WOLFSSL_NO_TLS12 3850 #ifdef HAVE_SESSION_TICKET 3851 if (sessIdSz > 0 && sessIdSz < ID_LEN) 3852 bogusID = 1; 3853 #endif 3854 #endif 3260 3855 3261 3856 /* Cipher suites */ … … 3287 3882 } 3288 3883 3289 /* TLS v1.3 ClientHello messages will have extensions. */ 3290 if ((i - begin) >= helloSz) { 3291 WOLFSSL_MSG("ClientHello must have extensions in TLS v1.3"); 3292 return BUFFER_ERROR; 3293 } 3884 if ((i - begin) < helloSz) { 3294 3885 if ((i - begin) + OPAQUE16_LEN > helloSz) 3295 3886 return BUFFER_ERROR; … … 3313 3904 } 3314 3905 3315 #ifdef HAVE_STUNNEL 3906 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ 3907 defined(WOLFSSL_HAPROXY) 3316 3908 if ((ret = SNI_Callback(ssl)) != 0) 3317 3909 return ret; 3318 #endif /*HAVE_STUNNEL*/ 3910 ssl->options.side = WOLFSSL_SERVER_END; 3911 #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 3912 } 3913 3914 i += totalExtSz; 3915 *inOutIdx = i; 3319 3916 3320 3917 if (TLSX_Find(ssl->extensions, TLSX_SUPPORTED_VERSIONS) == NULL) { 3321 3918 if (!ssl->options.downgrade) { 3322 WOLFSSL_MSG("Client trying to connect with lesser version"); 3919 WOLFSSL_MSG("Client trying to connect with lesser version than " 3920 "TLS v1.3"); 3323 3921 return VERSION_ERROR; 3324 3922 } 3923 3924 if (pv.minor < ssl->options.minDowngrade) 3925 return VERSION_ERROR; 3325 3926 ssl->version.minor = pv.minor; 3326 3927 } 3327 3928 3328 #ifdef WOLFSSL_SEND_HRR_COOKIE 3929 ssl->options.sendVerify = SEND_CERT; 3930 3931 ssl->options.clientState = CLIENT_HELLO_COMPLETE; 3932 ssl->options.haveSessionId = 1; 3933 3934 if (IsAtLeastTLSv1_3(ssl->version)) { 3935 #if !defined(WOLFSSL_TLS13_DRAFT_18) && defined(WOLFSSL_SEND_HRR_COOKIE) 3329 3936 if (ssl->options.sendCookie && 3330 ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) {3937 ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE) { 3331 3938 TLSX* ext; 3332 3939 3333 3940 if ((ext = TLSX_Find(ssl->extensions, TLSX_COOKIE)) == NULL) 3334 3941 return HRR_COOKIE_ERROR; 3335 /* Ensure the cookie came from client and isn't the one in the response3336 *- HelloRetryRequest.3942 /* Ensure the cookie came from client and isn't the one in the 3943 * response - HelloRetryRequest. 3337 3944 */ 3338 3945 if (ext->resp == 1) … … 3344 3951 #endif 3345 3952 3346 ssl->options.sendVerify = SEND_CERT;3347 3348 3953 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 3954 if (ssl->options.downgrade) { 3955 if ((ret = InitHandshakeHashes(ssl)) != 0) 3956 return ret; 3957 } 3958 3959 /* Refine list for PSK processing. */ 3960 RefineSuites(ssl, &clSuites); 3961 3349 3962 /* Process the Pre-Shared Key extension if present. */ 3350 3963 ret = DoPreSharedKeys(ssl, input + begin, helloSz, &usingPSK); 3351 3964 if (ret != 0) 3352 3965 return ret; 3966 #endif 3967 } 3968 #ifndef WOLFSSL_NO_TLS12 3969 else if (ssl->options.resuming) { 3970 ret = HandleTlsResumption(ssl, bogusID, &clSuites); 3971 if (ret != 0) 3972 return ret; 3973 /* Check wheter resuming has been chosen */ 3974 if (ssl->options.clientState == CLIENT_KEYEXCHANGE_COMPLETE) { 3975 WOLFSSL_LEAVE("DoTls13ClientHello", ret); 3976 WOLFSSL_END(WC_FUNC_CLIENT_HELLO_DO); 3977 3978 return ret; 3979 } 3980 } 3981 #else 3982 else { 3983 WOLFSSL_MSG("Negotiated lesser version than TLS v1.3"); 3984 return VERSION_ERROR; 3985 } 3353 3986 #endif 3354 3987 … … 3358 3991 return ret; 3359 3992 } 3993 3994 /* Check that the negotiated ciphersuite matches protocol version. */ 3995 if (IsAtLeastTLSv1_3(ssl->version)) { 3996 if (ssl->options.cipherSuite0 != TLS13_BYTE) { 3997 WOLFSSL_MSG("Negotiated ciphersuite from lesser version than " 3998 "TLS v1.3"); 3999 return VERSION_ERROR; 4000 } 4001 } 4002 /* VerifyServerSuite handles when version is less than 1.3 */ 3360 4003 3361 4004 #ifdef HAVE_SESSION_TICKET … … 3369 4012 #endif 3370 4013 4014 #ifdef HAVE_SESSION_TICKET 4015 if (IsAtLeastTLSv1_3(ssl->version) || !ssl->options.downgrade) 4016 #endif 4017 { 3371 4018 if ((ret = HashInput(ssl, input + begin, helloSz)) != 0) 3372 4019 return ret; 3373 4020 } 4021 4022 if (IsAtLeastTLSv1_3(ssl->version)) { 3374 4023 /* Derive early secret for handshake secret. */ 3375 4024 if ((ret = DeriveEarlySecret(ssl)) != 0) 3376 4025 return ret; 3377 4026 } 3378 3379 i += totalExtSz; 3380 *inOutIdx = i; 3381 3382 ssl->options.clientState = CLIENT_HELLO_COMPLETE; 4027 } 3383 4028 3384 4029 WOLFSSL_LEAVE("DoTls13ClientHello", ret); 4030 WOLFSSL_END(WC_FUNC_CLIENT_HELLO_DO); 3385 4031 3386 4032 return ret; 3387 4033 } 3388 4034 4035 #ifdef WOLFSSL_TLS13_DRAFT_18 4036 /* handle generation of TLS 1.3 hello_retry_request (6) */ 3389 4037 /* Send the HelloRetryRequest message to indicate the negotiated protocol 3390 4038 * version and security parameters the server is willing to use. … … 3399 4047 byte* output; 3400 4048 word32 length; 3401 word 32len;4049 word16 len; 3402 4050 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 3403 4051 int sendSz; … … 3405 4053 WOLFSSL_ENTER("SendTls13HelloRetryRequest"); 3406 4054 3407 #ifndef WOLFSSL_TLS13_DRAFT_183408 if ((ret = RestartHandshakeHash(ssl)) < 0)3409 return ret;3410 #endif3411 3412 4055 /* Get the length of the extensions that will be written. */ 3413 len = TLSX_GetResponseSize(ssl, hello_retry_request); 4056 len = 0; 4057 ret = TLSX_GetResponseSize(ssl, hello_retry_request, &len); 3414 4058 /* There must be extensions sent to indicate what client needs to do. */ 3415 if ( len == 0)4059 if (ret != 0) 3416 4060 return MISSING_HANDSHAKE_DATA; 3417 4061 3418 #ifndef WOLFSSL_TLS13_DRAFT_183419 /* Protocol version + CipherSuite + Extensions */3420 length = OPAQUE16_LEN + OPAQUE16_LEN + len;3421 #else3422 4062 /* Protocol version + Extensions */ 3423 4063 length = OPAQUE16_LEN + len; 3424 #endif3425 4064 sendSz = idx + length; 3426 4065 … … 3435 4074 AddTls13Headers(output, length, hello_retry_request, ssl); 3436 4075 3437 /* TODO: [TLS13] Replace existing code with code in comment.3438 * Use the TLS v1.3 draft version for now.3439 *3440 * Change to:3441 * output[idx++] = ssl->version.major;3442 * output[idx++] = ssl->version.minor;3443 */3444 4076 /* The negotiated protocol version. */ 3445 4077 output[idx++] = TLS_DRAFT_MAJOR; 3446 4078 output[idx++] = TLS_DRAFT_MINOR; 3447 4079 4080 /* Add TLS extensions. */ 4081 ret = TLSX_WriteResponse(ssl, output + idx, hello_retry_request, NULL); 4082 if (ret != 0) 4083 return ret; 4084 idx += len; 4085 4086 #ifdef WOLFSSL_CALLBACKS 4087 if (ssl->hsInfoOn) 4088 AddPacketName(ssl, "HelloRetryRequest"); 4089 if (ssl->toInfoOn) { 4090 AddPacketInfo(ssl, "HelloRetryRequest", handshake, output, sendSz, 4091 WRITE_PROTO, ssl->heap); 4092 } 4093 #endif 4094 if ((ret = HashOutput(ssl, output, idx, 0)) != 0) 4095 return ret; 4096 4097 ssl->buffers.outputBuffer.length += sendSz; 4098 4099 if (!ssl->options.groupMessages) 4100 ret = SendBuffered(ssl); 4101 4102 WOLFSSL_LEAVE("SendTls13HelloRetryRequest", ret); 4103 4104 return ret; 4105 } 4106 #endif /* WOLFSSL_TLS13_DRAFT_18 */ 4107 4108 /* Send TLS v1.3 ServerHello message to client. 4109 * Only a server will send this message. 4110 * 4111 * ssl The SSL/TLS object. 4112 * returns 0 on success, otherwise failure. 4113 */ 4114 #ifdef WOLFSSL_TLS13_DRAFT_18 4115 static 4116 #endif 4117 /* handle generation of TLS 1.3 server_hello (2) */ 4118 int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType) 4119 { 4120 int ret; 4121 byte* output; 4122 word16 length; 4123 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 4124 int sendSz; 4125 4126 WOLFSSL_START(WC_FUNC_SERVER_HELLO_SEND); 4127 WOLFSSL_ENTER("SendTls13ServerHello"); 4128 3448 4129 #ifndef WOLFSSL_TLS13_DRAFT_18 4130 if (extMsgType == hello_retry_request) { 4131 if ((ret = RestartHandshakeHash(ssl)) < 0) 4132 return ret; 4133 } 4134 #endif 4135 4136 #ifdef WOLFSSL_TLS13_DRAFT_18 4137 /* Protocol version, server random, cipher suite and extensions. */ 4138 length = VERSION_SZ + RAN_LEN + SUITE_LEN; 4139 ret = TLSX_GetResponseSize(ssl, server_hello, &length); 4140 if (ret != 0) 4141 return ret; 4142 #else 4143 /* Protocol version, server random, session id, cipher suite, compression 4144 * and extensions. 4145 */ 4146 length = VERSION_SZ + RAN_LEN + ENUM_LEN + ssl->session.sessionIDSz + 4147 SUITE_LEN + COMP_LEN; 4148 ret = TLSX_GetResponseSize(ssl, extMsgType, &length); 4149 if (ret != 0) 4150 return ret; 4151 #endif 4152 sendSz = idx + length; 4153 4154 /* Check buffers are big enough and grow if needed. */ 4155 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) 4156 return ret; 4157 4158 /* Get position in output buffer to write new message to. */ 4159 output = ssl->buffers.outputBuffer.buffer + 4160 ssl->buffers.outputBuffer.length; 4161 4162 /* Put the record and handshake headers on. */ 4163 AddTls13Headers(output, length, server_hello, ssl); 4164 4165 #ifdef WOLFSSL_TLS13_DRAFT_18 4166 /* The negotiated protocol version. */ 4167 output[idx++] = TLS_DRAFT_MAJOR; 4168 output[idx++] = TLS_DRAFT_MINOR; 4169 #else 4170 /* The protocol version must be TLS v1.2 for middleboxes. */ 4171 output[idx++] = ssl->version.major; 4172 output[idx++] = TLSv1_2_MINOR; 4173 #endif 4174 4175 if (extMsgType == server_hello) { 4176 /* Generate server random. */ 4177 if ((ret = wc_RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN)) != 0) 4178 return ret; 4179 } 4180 #ifndef WOLFSSL_TLS13_DRAFT_18 4181 else { 4182 /* HelloRetryRequest message has fixed value for random. */ 4183 XMEMCPY(output + idx, helloRetryRequestRandom, RAN_LEN); 4184 } 4185 #endif 4186 /* Store in SSL for debugging. */ 4187 XMEMCPY(ssl->arrays->serverRandom, output + idx, RAN_LEN); 4188 idx += RAN_LEN; 4189 4190 #ifdef WOLFSSL_DEBUG_TLS 4191 WOLFSSL_MSG("Server random"); 4192 WOLFSSL_BUFFER(ssl->arrays->serverRandom, RAN_LEN); 4193 #endif 4194 4195 #ifndef WOLFSSL_TLS13_DRAFT_18 4196 output[idx++] = ssl->session.sessionIDSz; 4197 if (ssl->session.sessionIDSz > 0) { 4198 XMEMCPY(output + idx, ssl->session.sessionID, ssl->session.sessionIDSz); 4199 idx += ssl->session.sessionIDSz; 4200 } 4201 #endif 4202 3449 4203 /* Chosen cipher suite */ 3450 4204 output[idx++] = ssl->options.cipherSuite0; 3451 4205 output[idx++] = ssl->options.cipherSuite; 3452 #endif 3453 3454 /* Add TLS extensions. */ 3455 TLSX_WriteResponse(ssl, output + idx, hello_retry_request); 3456 idx += len; 3457 3458 #ifdef WOLFSSL_CALLBACKS 3459 if (ssl->hsInfoOn) 3460 AddPacketName("HelloRetryRequest", &ssl->handShakeInfo); 3461 if (ssl->toInfoOn) { 3462 AddPacketInfo("HelloRetryRequest", &ssl->timeoutInfo, output, sendSz, 3463 ssl->heap); 3464 } 3465 #endif 3466 3467 if ((ret = HashOutput(ssl, output, idx, 0)) != 0) 3468 return ret; 3469 3470 ssl->buffers.outputBuffer.length += sendSz; 3471 3472 if (!ssl->options.groupMessages) 3473 ret = SendBuffered(ssl); 3474 3475 WOLFSSL_LEAVE("SendTls13HelloRetryRequest", ret); 3476 3477 return ret; 3478 } 3479 3480 /* Send TLS v1.3 ServerHello message to client. 3481 * Only a server will send this message. 3482 * 3483 * ssl The SSL/TLS object. 3484 * returns 0 on success, otherwise failure. 3485 */ 3486 static int SendTls13ServerHello(WOLFSSL* ssl) 3487 { 3488 byte* output; 3489 word32 length; 3490 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 3491 int sendSz; 3492 int ret; 3493 3494 WOLFSSL_ENTER("SendTls13ServerHello"); 3495 3496 /* Protocol version, server random, cipher suite and extensions. */ 3497 length = VERSION_SZ + RAN_LEN + SUITE_LEN + 3498 TLSX_GetResponseSize(ssl, server_hello); 3499 sendSz = idx + length; 3500 3501 /* Check buffers are big enough and grow if needed. */ 3502 if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) 3503 return ret; 3504 3505 /* Get position in output buffer to write new message to. */ 3506 output = ssl->buffers.outputBuffer.buffer + 3507 ssl->buffers.outputBuffer.length; 3508 3509 /* Put the record and handshake headers on. */ 3510 AddTls13Headers(output, length, server_hello, ssl); 3511 3512 /* TODO: [TLS13] Replace existing code with code in comment. 3513 * Use the TLS v1.3 draft version for now. 3514 * 3515 * Change to: 3516 * output[idx++] = ssl->version.major; 3517 * output[idx++] = ssl->version.minor; 3518 */ 3519 /* The negotiated protocol version. */ 3520 output[idx++] = TLS_DRAFT_MAJOR; 3521 output[idx++] = TLS_DRAFT_MINOR; 3522 3523 /* Generate server random. */ 3524 if ((ret = wc_RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN)) != 0) 3525 return ret; 3526 /* Store in SSL for debugging. */ 3527 XMEMCPY(ssl->arrays->serverRandom, output + idx, RAN_LEN); 3528 idx += RAN_LEN; 3529 3530 #ifdef WOLFSSL_DEBUG_TLS 3531 WOLFSSL_MSG("Server random"); 3532 WOLFSSL_BUFFER(ssl->arrays->serverRandom, RAN_LEN); 3533 #endif 3534 3535 /* Chosen cipher suite */ 3536 output[idx++] = ssl->options.cipherSuite0; 3537 output[idx++] = ssl->options.cipherSuite; 4206 4207 #ifndef WOLFSSL_TLS13_DRAFT_18 4208 /* Compression not supported in TLS v1.3. */ 4209 output[idx++] = 0; 4210 #endif 3538 4211 3539 4212 /* Extensions */ 3540 TLSX_WriteResponse(ssl, output + idx, server_hello); 4213 ret = TLSX_WriteResponse(ssl, output + idx, extMsgType, NULL); 4214 if (ret != 0) 4215 return ret; 3541 4216 3542 4217 ssl->buffers.outputBuffer.length += sendSz; … … 3547 4222 #ifdef WOLFSSL_CALLBACKS 3548 4223 if (ssl->hsInfoOn) 3549 AddPacketName( "ServerHello", &ssl->handShakeInfo);4224 AddPacketName(ssl, "ServerHello"); 3550 4225 if (ssl->toInfoOn) { 3551 AddPacketInfo( "ServerHello", &ssl->timeoutInfo, output, sendSz,3552 ssl->heap);4226 AddPacketInfo(ssl, "ServerHello", handshake, output, sendSz, 4227 WRITE_PROTO, ssl->heap); 3553 4228 } 3554 4229 #endif 3555 4230 4231 #ifdef WOLFSSL_TLS13_DRAFT_18 3556 4232 ssl->options.serverState = SERVER_HELLO_COMPLETE; 3557 4233 #else 4234 if (extMsgType == server_hello) 4235 ssl->options.serverState = SERVER_HELLO_COMPLETE; 4236 #endif 4237 4238 #ifdef WOLFSSL_TLS13_DRAFT_18 3558 4239 if (!ssl->options.groupMessages) 4240 #else 4241 if (!ssl->options.groupMessages || extMsgType != server_hello) 4242 #endif 3559 4243 ret = SendBuffered(ssl); 3560 4244 3561 4245 WOLFSSL_LEAVE("SendTls13ServerHello", ret); 4246 WOLFSSL_END(WC_FUNC_SERVER_HELLO_SEND); 3562 4247 3563 4248 return ret; 3564 4249 } 3565 4250 4251 /* handle generation of TLS 1.3 encrypted_extensions (8) */ 3566 4252 /* Send the rest of the extensions encrypted under the handshake key. 3567 4253 * This message is always encrypted in TLS v1.3. … … 3575 4261 int ret; 3576 4262 byte* output; 3577 word 32 length;4263 word16 length = 0; 3578 4264 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 3579 4265 int sendSz; 3580 4266 4267 WOLFSSL_START(WC_FUNC_ENCRYPTED_EXTENSIONS_SEND); 3581 4268 WOLFSSL_ENTER("SendTls13EncryptedExtensions"); 3582 4269 3583 4270 ssl->keys.encryptionOn = 1; 4271 4272 #ifndef WOLFSSL_NO_SERVER_GROUPS_EXT 4273 if ((ret = TLSX_SupportedCurve_CheckPriority(ssl)) != 0) 4274 return ret; 4275 #endif 3584 4276 3585 4277 /* Derive the handshake secret now that we are at first message to be … … 3596 4288 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) != 0) 3597 4289 return ret; 3598 if (ssl->earlyData != 2) {4290 if (ssl->earlyData != process_early_data) { 3599 4291 if ((ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY)) != 0) 3600 4292 return ret; … … 3605 4297 #endif 3606 4298 3607 length = TLSX_GetResponseSize(ssl, encrypted_extensions); 4299 ret = TLSX_GetResponseSize(ssl, encrypted_extensions, &length); 4300 if (ret != 0) 4301 return ret; 4302 3608 4303 sendSz = idx + length; 3609 4304 /* Encryption always on. */ … … 3622 4317 AddTls13Headers(output, length, encrypted_extensions, ssl); 3623 4318 3624 TLSX_WriteResponse(ssl, output + idx, encrypted_extensions); 4319 ret = TLSX_WriteResponse(ssl, output + idx, encrypted_extensions, NULL); 4320 if (ret != 0) 4321 return ret; 3625 4322 idx += length; 3626 4323 3627 4324 #ifdef WOLFSSL_CALLBACKS 3628 4325 if (ssl->hsInfoOn) 3629 AddPacketName( "EncryptedExtensions", &ssl->handShakeInfo);4326 AddPacketName(ssl, "EncryptedExtensions"); 3630 4327 if (ssl->toInfoOn) { 3631 AddPacketInfo( "EncryptedExtensions", &ssl->timeoutInfo, output,3632 sendSz, ssl->heap);4328 AddPacketInfo(ssl, "EncryptedExtensions", handshake, output, 4329 sendSz, WRITE_PROTO, ssl->heap); 3633 4330 } 3634 4331 #endif … … 3648 4345 3649 4346 WOLFSSL_LEAVE("SendTls13EncryptedExtensions", ret); 4347 WOLFSSL_END(WC_FUNC_ENCRYPTED_EXTENSIONS_SEND); 3650 4348 3651 4349 return ret; … … 3653 4351 3654 4352 #ifndef NO_CERTS 4353 /* handle generation TLS v1.3 certificate_request (13) */ 3655 4354 /* Send the TLS v1.3 CertificateRequest message. 3656 4355 * This message is always encrypted in TLS v1.3. … … 3669 4368 int sendSz; 3670 4369 word32 i; 3671 intreqSz;4370 word16 reqSz; 3672 4371 #ifndef WOLFSSL_TLS13_DRAFT_18 3673 4372 TLSX* ext; 3674 4373 #endif 3675 4374 4375 WOLFSSL_START(WC_FUNC_CERTIFICATE_REQUEST_SEND); 3676 4376 WOLFSSL_ENTER("SendTls13CertificateRequest"); 3677 4377 … … 3727 4427 3728 4428 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 3729 reqSz = OPAQUE8_LEN + reqCtxLen + 3730 TLSX_GetRequestSize(ssl, certificate_request); 4429 reqSz = (word16)(OPAQUE8_LEN + reqCtxLen); 4430 ret = TLSX_GetRequestSize(ssl, certificate_request, &reqSz); 4431 if (ret != 0) 4432 return ret; 3731 4433 3732 4434 sendSz = i + reqSz; … … 3746 4448 3747 4449 /* Certificate request context. */ 3748 output[i++] = reqCtxLen;4450 output[i++] = (byte)reqCtxLen; 3749 4451 if (reqCtxLen != 0) { 3750 4452 XMEMCPY(output + i, reqCtx, reqCtxLen); … … 3753 4455 3754 4456 /* Certificate extensions. */ 3755 i += TLSX_WriteRequest(ssl, output + i, certificate_request); 4457 reqSz = 0; 4458 ret = TLSX_WriteRequest(ssl, output + i, certificate_request, &reqSz); 4459 if (ret != 0) 4460 return ret; 4461 i += reqSz; 3756 4462 #endif 3757 4463 … … 3764 4470 #ifdef WOLFSSL_CALLBACKS 3765 4471 if (ssl->hsInfoOn) 3766 AddPacketName( "CertificateRequest", &ssl->handShakeInfo);4472 AddPacketName(ssl, "CertificateRequest"); 3767 4473 if (ssl->toInfoOn) { 3768 AddPacketInfo( "CertificateRequest", &ssl->timeoutInfo, output,3769 sendSz, ssl->heap);4474 AddPacketInfo(ssl, "CertificateRequest", handshake, output, 4475 sendSz, WRITE_PROTO, ssl->heap); 3770 4476 } 3771 4477 #endif … … 3776 4482 3777 4483 WOLFSSL_LEAVE("SendTls13CertificateRequest", ret); 4484 WOLFSSL_END(WC_FUNC_CERTIFICATE_REQUEST_SEND); 3778 4485 3779 4486 return ret; … … 3790 4497 * output The buffer to encode into. 3791 4498 */ 3792 static INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output)4499 static WC_INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output) 3793 4500 { 3794 4501 switch (hsType) { … … 3824 4531 * hsType The signature type. 3825 4532 */ 3826 static INLINE void DecodeSigAlg(byte* input, byte* hashAlgo, byte* hsType)4533 static WC_INLINE void DecodeSigAlg(byte* input, byte* hashAlgo, byte* hsType) 3827 4534 { 3828 4535 switch (input[0]) { … … 3856 4563 * returns the length of the hash. 3857 4564 */ 3858 static INLINE int GetMsgHash(WOLFSSL* ssl, byte* hash)4565 static WC_INLINE int GetMsgHash(WOLFSSL* ssl, byte* hash) 3859 4566 { 3860 4567 int ret = 0; … … 3901 4608 #define MAX_SIG_DATA_SZ (SIGNING_DATA_PREFIX_SZ + \ 3902 4609 CERT_VFY_LABEL_SZ + \ 3903 MAX_DIGEST_SIZE)4610 WC_MAX_DIGEST_SIZE) 3904 4611 3905 4612 /* Create the signature data for TLS v1.3 certificate verification. … … 3935 4642 return ret; 3936 4643 3937 *sigDataSz = idx + ret;4644 *sigDataSz = (word16)(idx + ret); 3938 4645 ret = 0; 3939 4646 … … 4075 4782 * 4076 4783 * ssl The SSL/TLS object. 4077 * hashAlgoThe signature algorithm used to generate signature.4784 * sigAlgo The signature algorithm used to generate signature. 4078 4785 * hashAlgo The hash algorithm used to generate signature. 4079 4786 * decSig The decrypted signature. … … 4100 4807 return ret; 4101 4808 4102 /* PSS signature can be done in-p ace */4809 /* PSS signature can be done in-place */ 4103 4810 ret = CreateRSAEncodedSig(sigData, sigData, sigDataSz, 4104 4811 sigAlgo, hashAlgo); … … 4147 4854 /* Add certificate data and empty extension to output up to the fragment size. 4148 4855 * 4856 * ssl SSL/TLS object. 4149 4857 * cert The certificate data to write out. 4150 4858 * len The length of the certificate data. 4859 * extSz Length of the extension data with the certificate. 4151 4860 * idx The start of the certificate data to write out. 4152 4861 * fragSz The maximum size of this fragment. … … 4154 4863 * returns the number of bytes written. 4155 4864 */ 4156 static word32 AddCertExt( byte* cert, word32 len, word32 idx, word32 fragSz,4157 byte* output)4865 static word32 AddCertExt(WOLFSSL* ssl, byte* cert, word32 len, word16 extSz, 4866 word32 idx, word32 fragSz, byte* output) 4158 4867 { 4159 4868 word32 i = 0; … … 4163 4872 XMEMCPY(output, cert + idx, copySz); 4164 4873 i = copySz; 4165 } 4166 4167 if (copySz + OPAQUE16_LEN <= fragSz) { 4874 if (copySz == fragSz) 4875 return i; 4876 } 4877 copySz = len + extSz - idx - i; 4878 4879 if (extSz == OPAQUE16_LEN) { 4880 if (copySz <= fragSz) { 4168 4881 /* Empty extension */ 4169 4882 output[i++] = 0; 4170 4883 output[i++] = 0; 4171 4884 } 4885 } 4886 else { 4887 byte* certExts = ssl->buffers.certExts->buffer + idx + i - len; 4888 /* Put out as much of the extensions' data as will fit in fragment. */ 4889 if (copySz > fragSz - i) 4890 copySz = fragSz - i; 4891 XMEMCPY(output + i, certExts, copySz); 4892 i += copySz; 4893 } 4172 4894 4173 4895 return i; 4174 4896 } 4175 4897 4898 /* handle generation TLS v1.3 certificate (11) */ 4176 4899 /* Send the certificate for this end and any CAs that help with validation. 4177 4900 * This message is always encrypted in TLS v1.3. … … 4184 4907 int ret = 0; 4185 4908 word32 certSz, certChainSz, headerSz, listSz, payloadSz; 4909 word16 extSz = 0; 4186 4910 word32 length, maxFragment; 4187 4911 word32 len = 0; … … 4192 4916 byte* certReqCtx = NULL; 4193 4917 4918 WOLFSSL_START(WC_FUNC_CERTIFICATE_SEND); 4194 4919 WOLFSSL_ENTER("SendTls13Certificate"); 4195 4920 … … 4218 4943 headerSz = OPAQUE8_LEN + certReqCtxLen + CERT_HEADER_SZ + 4219 4944 CERT_HEADER_SZ; 4220 /* Length of message data with one certificate and empty extensions. */ 4221 length = headerSz + certSz + OPAQUE16_LEN; 4222 /* Length of list data with one certificate and empty extensions. */ 4223 listSz = CERT_HEADER_SZ + certSz + OPAQUE16_LEN; 4945 4946 ret = TLSX_GetResponseSize(ssl, certificate, &extSz); 4947 if (ret < 0) 4948 return ret; 4949 4950 /* Create extensions' data if none already present. */ 4951 if (extSz > OPAQUE16_LEN && ssl->buffers.certExts == NULL) { 4952 ret = AllocDer(&ssl->buffers.certExts, extSz, CERT_TYPE, ssl->heap); 4953 if (ret < 0) 4954 return ret; 4955 4956 ret = TLSX_WriteResponse(ssl, ssl->buffers.certExts->buffer, 4957 certificate, &extSz); 4958 if (ret < 0) 4959 return ret; 4960 } 4961 4962 /* Length of message data with one certificate and extensions. */ 4963 length = headerSz + certSz + extSz; 4964 /* Length of list data with one certificate and extensions. */ 4965 listSz = CERT_HEADER_SZ + certSz + extSz; 4224 4966 4225 4967 /* Send rest of chain if sending cert (chain has leading size/s). */ 4226 4968 if (certSz > 0 && ssl->buffers.certChainCnt > 0) { 4227 /* The pointer to the current spot in the cert chain buffer. */4228 4969 p = ssl->buffers.certChain->buffer; 4229 4970 /* Chain length including extensions. */ … … 4242 4983 length -= (ssl->fragOffset + headerSz); 4243 4984 4244 maxFragment = MAX_RECORD_SIZE; 4245 4246 #ifdef HAVE_MAX_FRAGMENT 4247 if (ssl->max_fragment != 0 && maxFragment >= ssl->max_fragment) 4248 maxFragment = ssl->max_fragment; 4249 #endif /* HAVE_MAX_FRAGMENT */ 4985 maxFragment = wolfSSL_GetMaxRecordSize(ssl, MAX_RECORD_SIZE); 4250 4986 4251 4987 while (length > 0 && ret == 0) { … … 4256 4992 4257 4993 if (ssl->fragOffset == 0) { 4258 if (headerSz + certSz + OPAQUE16_LEN+ certChainSz <=4994 if (headerSz + certSz + extSz + certChainSz <= 4259 4995 maxFragment - HANDSHAKE_HEADER_SZ) { 4260 4261 fragSz = headerSz + certSz + OPAQUE16_LEN + certChainSz; 4262 } 4263 else { 4996 fragSz = headerSz + certSz + extSz + certChainSz; 4997 } 4998 else 4264 4999 fragSz = maxFragment - HANDSHAKE_HEADER_SZ; 4265 } 5000 4266 5001 sendSz += fragSz + HANDSHAKE_HEADER_SZ; 4267 5002 i += HANDSHAKE_HEADER_SZ; … … 4309 5044 AddTls13RecordHeader(output, fragSz, handshake, ssl); 4310 5045 4311 if (certSz > 0 && ssl->fragOffset < certSz + OPAQUE16_LEN) { 4312 /* Put in the leaf certificate and empty extension. */ 4313 word32 copySz = AddCertExt(ssl->buffers.certificate->buffer, certSz, 4314 ssl->fragOffset, fragSz, output + i); 4315 5046 if (certSz > 0 && ssl->fragOffset < certSz + extSz) { 5047 /* Put in the leaf certificate with extensions. */ 5048 word32 copySz = AddCertExt(ssl, ssl->buffers.certificate->buffer, 5049 certSz, extSz, ssl->fragOffset, fragSz, output + i); 4316 5050 i += copySz; 4317 5051 ssl->fragOffset += copySz; 4318 5052 length -= copySz; 4319 5053 fragSz -= copySz; 5054 if (ssl->fragOffset == certSz + extSz) 5055 FreeDer(&ssl->buffers.certExts); 4320 5056 } 4321 5057 if (certChainSz > 0 && fragSz > 0) { … … 4327 5063 /* Find next CA certificate to write out. */ 4328 5064 offset = 0; 5065 /* Point to the start of current cert in chain buffer. */ 5066 p = ssl->buffers.certChain->buffer + idx; 4329 5067 len = NextCert(ssl->buffers.certChain->buffer, 4330 5068 ssl->buffers.certChain->length, &idx); … … 4334 5072 4335 5073 /* Write out certificate and empty extension. */ 4336 l = AddCertExt(p, len, offset, fragSz, output + i); 5074 l = AddCertExt(ssl, p, len, OPAQUE16_LEN, offset, fragSz, 5075 output + i); 4337 5076 i += l; 4338 5077 ssl->fragOffset += l; … … 4357 5096 #ifdef WOLFSSL_CALLBACKS 4358 5097 if (ssl->hsInfoOn) 4359 AddPacketName( "Certificate", &ssl->handShakeInfo);5098 AddPacketName(ssl, "Certificate"); 4360 5099 if (ssl->toInfoOn) { 4361 AddPacketInfo( "Certificate", &ssl->timeoutInfo, output, sendSz,4362 5100 AddPacketInfo(ssl, "Certificate", handshake, output, 5101 sendSz, WRITE_PROTO, ssl->heap); 4363 5102 } 4364 5103 #endif … … 4385 5124 4386 5125 WOLFSSL_LEAVE("SendTls13Certificate", ret); 5126 WOLFSSL_END(WC_FUNC_CERTIFICATE_SEND); 4387 5127 4388 5128 return ret; … … 4391 5131 typedef struct Scv13Args { 4392 5132 byte* output; /* not allocated */ 4393 #ifndef NO_RSA4394 byte* verifySig;4395 #endif4396 5133 byte* verify; /* not allocated */ 4397 5134 word32 idx; … … 4411 5148 (void)ssl; 4412 5149 4413 #ifndef NO_RSA4414 if (args->verifySig) {4415 XFREE(args->verifySig, ssl->heap, DYNAMIC_TYPE_SIGNATURE);4416 args->verifySig = NULL;4417 }4418 #endif4419 5150 if (args->sigData) { 4420 5151 XFREE(args->sigData, ssl->heap, DYNAMIC_TYPE_SIGNATURE); … … 4423 5154 } 4424 5155 5156 /* handle generation TLS v1.3 certificate_verify (15) */ 4425 5157 /* Send the TLS v1.3 CertificateVerify message. 4426 5158 * A hash of all the message so far is used. … … 4444 5176 #endif 4445 5177 5178 WOLFSSL_START(WC_FUNC_CERTIFICATE_VERIFY_SEND); 4446 5179 WOLFSSL_ENTER("SendTls13CertificateVerify"); 4447 5180 … … 4473 5206 } 4474 5207 4475 args->sendSz = MAX_CERT_VERIFY_SZ ;5208 args->sendSz = MAX_CERT_VERIFY_SZ + MAX_MSG_EXTRA; 4476 5209 /* Always encrypted. */ 4477 5210 args->sendSz += MAX_MSG_EXTRA; … … 4498 5231 &args->output[RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ]; 4499 5232 5233 if (ssl->buffers.key == NULL) { 5234 #ifdef HAVE_PK_CALLBACKS 5235 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) 5236 args->length = GetPrivateKeySigSize(ssl); 5237 else 5238 #endif 5239 ERROR_OUT(NO_PRIVATE_KEY, exit_scv); 5240 } 5241 else { 4500 5242 ret = DecodePrivateKey(ssl, &args->length); 4501 5243 if (ret != 0) 4502 5244 goto exit_scv; 5245 } 5246 5247 if (args->length <= 0) { 5248 ERROR_OUT(NO_PRIVATE_KEY, exit_scv); 5249 } 4503 5250 4504 5251 /* Add signature algorithm. */ … … 4513 5260 EncodeSigAlg(ssl->suites->hashAlgo, args->sigAlgo, args->verify); 4514 5261 4515 /* Create the data to be signed. */ 5262 if (ssl->hsType == DYNAMIC_TYPE_RSA) { 5263 int sigLen = MAX_SIG_DATA_SZ; 5264 if (args->length > MAX_SIG_DATA_SZ) 5265 sigLen = args->length; 5266 args->sigData = (byte*)XMALLOC(sigLen, ssl->heap, 5267 DYNAMIC_TYPE_SIGNATURE); 5268 } 5269 else { 4516 5270 args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap, 4517 5271 DYNAMIC_TYPE_SIGNATURE); 5272 } 4518 5273 if (args->sigData == NULL) { 4519 5274 ERROR_OUT(MEMORY_E, exit_scv); 4520 5275 } 4521 5276 5277 /* Create the data to be signed. */ 4522 5278 ret = CreateSigData(ssl, args->sigData, &args->sigDataSz, 0); 4523 5279 if (ret != 0) … … 4527 5283 if (ssl->hsType == DYNAMIC_TYPE_RSA) { 4528 5284 /* build encoded signature buffer */ 4529 sig->length = MAX_ENCODED_SIG_SZ;5285 sig->length = WC_MAX_DIGEST_SIZE; 4530 5286 sig->buffer = (byte*)XMALLOC(sig->length, ssl->heap, 4531 5287 DYNAMIC_TYPE_SIGNATURE); … … 4553 5309 if (ret < 0) 4554 5310 goto exit_scv; 4555 args->sigDataSz = ret;5311 args->sigDataSz = (word16)ret; 4556 5312 ret = 0; 4557 5313 } … … 4559 5315 #ifdef HAVE_ED25519 4560 5316 if (ssl->hsType == DYNAMIC_TYPE_ED25519) { 4561 /* Nothing to do */ 5317 ret = Ed25519CheckPubKey(ssl); 5318 if (ret < 0) { 5319 ERROR_OUT(ret, exit_scv); 5320 } 4562 5321 sig->length = ED25519_SIG_SIZE; 4563 5322 } … … 4576 5335 args->verify + HASH_SIG_SIZE + VERIFY_HEADER, 4577 5336 &sig->length, (ecc_key*)ssl->hsKey, 4578 #if defined(HAVE_PK_CALLBACKS) 4579 ssl->buffers.key->buffer, ssl->buffers.key->length, 4580 ssl->EccSignCtx 5337 #ifdef HAVE_PK_CALLBACKS 5338 ssl->buffers.key 4581 5339 #else 4582 NULL , 0, NULL5340 NULL 4583 5341 #endif 4584 5342 ); 4585 args->length = sig->length;5343 args->length = (word16)sig->length; 4586 5344 } 4587 5345 #endif /* HAVE_ECC */ … … 4591 5349 args->verify + HASH_SIG_SIZE + VERIFY_HEADER, 4592 5350 &sig->length, (ed25519_key*)ssl->hsKey, 4593 #if defined(HAVE_PK_CALLBACKS) 4594 ssl->buffers.key->buffer, ssl->buffers.key->length, 4595 ssl->Ed25519SignCtx 5351 #ifdef HAVE_PK_CALLBACKS 5352 ssl->buffers.key 4596 5353 #else 4597 NULL , 0, NULL5354 NULL 4598 5355 #endif 4599 5356 ); … … 4608 5365 args->sigAlgo, ssl->suites->hashAlgo, 4609 5366 (RsaKey*)ssl->hsKey, 4610 ssl->buffers.key->buffer, ssl->buffers.key->length, 4611 #ifdef HAVE_PK_CALLBACKS 4612 ssl->RsaSignCtx 4613 #else 4614 NULL 4615 #endif 5367 ssl->buffers.key 4616 5368 ); 4617 args->length = args->sigLen; 5369 if (ret == 0) { 5370 args->length = (word16)args->sigLen; 5371 5372 XMEMCPY(args->sigData, 5373 args->verify + HASH_SIG_SIZE + VERIFY_HEADER, 5374 args->sigLen); 5375 } 4618 5376 } 4619 5377 #endif /* !NO_RSA */ … … 4636 5394 #ifndef NO_RSA 4637 5395 if (ssl->hsType == DYNAMIC_TYPE_RSA) { 4638 if (args->verifySig == NULL) {4639 args->verifySig = (byte*)XMALLOC(args->sigLen, ssl->heap,4640 DYNAMIC_TYPE_SIGNATURE);4641 if (args->verifySig == NULL) {4642 ERROR_OUT(MEMORY_E, exit_scv);4643 }4644 XMEMCPY(args->verifySig,4645 args->verify + HASH_SIG_SIZE + VERIFY_HEADER,4646 args->sigLen);4647 }4648 4649 5396 /* check for signature faults */ 4650 ret = VerifyRsaSign(ssl, args-> verifySig, args->sigLen,5397 ret = VerifyRsaSign(ssl, args->sigData, args->sigLen, 4651 5398 sig->buffer, sig->length, args->sigAlgo, 4652 ssl->suites->hashAlgo, (RsaKey*)ssl->hsKey); 5399 ssl->suites->hashAlgo, (RsaKey*)ssl->hsKey, 5400 ssl->buffers.key 5401 ); 4653 5402 } 4654 5403 #endif /* !NO_RSA */ … … 4697 5446 #ifdef WOLFSSL_CALLBACKS 4698 5447 if (ssl->hsInfoOn) 4699 AddPacketName( "CertificateVerify", &ssl->handShakeInfo);5448 AddPacketName(ssl, "CertificateVerify"); 4700 5449 if (ssl->toInfoOn) { 4701 AddPacketInfo( "CertificateVerify", &ssl->timeoutInfo,4702 args->output, args->sendSz, ssl->heap);5450 AddPacketInfo(ssl, "CertificateVerify", handshake, 5451 args->output, args->sendSz, WRITE_PROTO, ssl->heap); 4703 5452 } 4704 5453 #endif … … 4717 5466 4718 5467 WOLFSSL_LEAVE("SendTls13CertificateVerify", ret); 5468 WOLFSSL_END(WC_FUNC_CERTIFICATE_VERIFY_SEND); 4719 5469 4720 5470 #ifdef WOLFSSL_ASYNC_CRYPT … … 4732 5482 } 4733 5483 4734 5484 /* handle processing TLS v1.3 certificate (11) */ 4735 5485 /* Parse and handle a TLS v1.3 Certificate message. 4736 5486 * … … 4747 5497 int ret; 4748 5498 5499 WOLFSSL_START(WC_FUNC_CERTIFICATE_DO); 4749 5500 WOLFSSL_ENTER("DoTls13Certificate"); 4750 5501 4751 5502 ret = ProcessPeerCerts(ssl, input, inOutIdx, totalSz); 4752 5503 if (ret == 0) { 5504 #if !defined(NO_WOLFSSL_CLIENT) 5505 if (ssl->options.side == WOLFSSL_CLIENT_END) 5506 ssl->options.serverState = SERVER_CERT_COMPLETE; 5507 #endif 4753 5508 #if !defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) 4754 if (ret == 0 &&ssl->options.side == WOLFSSL_SERVER_END &&5509 if (ssl->options.side == WOLFSSL_SERVER_END && 4755 5510 ssl->options.handShakeState == HANDSHAKE_DONE) { 4756 5511 /* reset handshake states */ … … 4760 5515 } 4761 5516 #endif 5517 } 4762 5518 4763 5519 WOLFSSL_LEAVE("DoTls13Certificate", ret); 5520 WOLFSSL_END(WC_FUNC_CERTIFICATE_DO); 4764 5521 4765 5522 return ret; … … 4794 5551 } 4795 5552 5553 /* handle processing TLS v1.3 certificate_verify (15) */ 4796 5554 /* Parse and handle a TLS v1.3 CertificateVerify message. 4797 5555 * … … 4817 5575 #endif 4818 5576 5577 WOLFSSL_START(WC_FUNC_CERTIFICATE_VERIFY_DO); 4819 5578 WOLFSSL_ENTER("DoTls13CertificateVerify"); 4820 5579 … … 4847 5606 { 4848 5607 #ifdef WOLFSSL_CALLBACKS 4849 if (ssl->hsInfoOn) AddPacketName("CertificateVerify", 4850 &ssl->handShakeInfo); 5608 if (ssl->hsInfoOn) AddPacketName(ssl, "CertificateVerify"); 4851 5609 if (ssl->toInfoOn) AddLateName("CertificateVerify", 4852 5610 &ssl->timeoutInfo); … … 4926 5684 if (ret < 0) 4927 5685 goto exit_dcv; 4928 args->sigDataSz = ret;5686 args->sigDataSz = (word16)ret; 4929 5687 ret = 0; 4930 5688 } … … 4953 5711 { 4954 5712 #ifndef NO_RSA 4955 if (args->sigAlgo == rsa_sa_algo || 4956 args->sigAlgo == rsa_pss_sa_algo) { 5713 if (ssl->peerRsaKey != NULL && ssl->peerRsaKeyPresent != 0) { 4957 5714 WOLFSSL_MSG("Doing RSA peer cert verify"); 4958 5715 … … 4960 5717 args->sigAlgo, args->hashAlgo, ssl->peerRsaKey, 4961 5718 #ifdef HAVE_PK_CALLBACKS 4962 ssl->buffers.peerRsaKey.buffer, 4963 ssl->buffers.peerRsaKey.length, 4964 ssl->RsaVerifyCtx 5719 &ssl->buffers.peerRsaKey 4965 5720 #else 4966 NULL , 0, NULL5721 NULL 4967 5722 #endif 4968 5723 ); … … 4970 5725 args->sendSz = ret; 4971 5726 ret = 0; 5727 5728 FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey); 5729 ssl->peerRsaKeyPresent = 0; 4972 5730 } 4973 5731 } … … 4981 5739 ssl->peerEccDsaKey, 4982 5740 #ifdef HAVE_PK_CALLBACKS 4983 ssl->buffers.peerEccDsaKey.buffer, 4984 ssl->buffers.peerEccDsaKey.length, 4985 ssl->EccVerifyCtx 5741 &ssl->buffers.peerEccDsaKey 4986 5742 #else 4987 NULL , 0, NULL5743 NULL 4988 5744 #endif 4989 5745 ); 5746 5747 if (ret >= 0) { 5748 FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccDsaKey); 5749 ssl->peerEccDsaKeyPresent = 0; 5750 } 4990 5751 } 4991 5752 #endif /* HAVE_ECC */ … … 4998 5759 ssl->peerEd25519Key, 4999 5760 #ifdef HAVE_PK_CALLBACKS 5000 ssl->buffers.peerEd25519Key.buffer, 5001 ssl->buffers.peerEd25519Key.length, 5002 ssl->Ed25519VerifyCtx 5761 &ssl->buffers.peerEd25519Key 5003 5762 #else 5004 NULL , 0, NULL5763 NULL 5005 5764 #endif 5006 5765 ); 5766 5767 if (ret >= 0) { 5768 FreeKey(ssl, DYNAMIC_TYPE_ED25519, 5769 (void**)&ssl->peerEd25519Key); 5770 ssl->peerEd25519KeyPresent = 0; 5771 } 5007 5772 } 5008 5773 #endif … … 5060 5825 5061 5826 WOLFSSL_LEAVE("DoTls13CertificateVerify", ret); 5827 WOLFSSL_END(WC_FUNC_CERTIFICATE_VERIFY_DO); 5062 5828 5063 5829 #ifdef WOLFSSL_ASYNC_CRYPT 5064 5830 /* Handle async operation */ 5065 5831 if (ret == WC_PENDING_E) { 5066 /* Mark message as not rece vied so it can process again */5832 /* Mark message as not received so it can process again */ 5067 5833 ssl->msgsReceived.got_certificate_verify = 0; 5068 5834 5069 5835 return ret; 5070 5836 } 5837 else 5071 5838 #endif /* WOLFSSL_ASYNC_CRYPT */ 5839 if (ret != 0) 5840 SendAlert(ssl, alert_fatal, decrypt_error); 5072 5841 5073 5842 /* Final cleanup */ … … 5096 5865 word32 finishedSz = 0; 5097 5866 byte* secret; 5098 byte mac[MAX_DIGEST_SIZE]; 5099 5867 byte mac[WC_MAX_DIGEST_SIZE]; 5868 5869 WOLFSSL_START(WC_FUNC_FINISHED_DO); 5100 5870 WOLFSSL_ENTER("DoTls13Finished"); 5101 5871 … … 5104 5874 return BUFFER_E; 5105 5875 5106 if (ssl->options.side == WOLFSSL_CLIENT_END) { 5876 if (ssl->options.handShakeDone) { 5877 ret = DeriveFinishedSecret(ssl, ssl->clientSecret, 5878 ssl->keys.client_write_MAC_secret); 5879 if (ret != 0) 5880 return ret; 5881 5882 secret = ssl->keys.client_write_MAC_secret; 5883 } 5884 else if (ssl->options.side == WOLFSSL_CLIENT_END) { 5107 5885 /* All the handshake messages have been received to calculate 5108 5886 * client and server finished keys. 5109 5887 */ 5110 ret = DeriveFinishedSecret(ssl, ssl-> arrays->clientSecret,5888 ret = DeriveFinishedSecret(ssl, ssl->clientSecret, 5111 5889 ssl->keys.client_write_MAC_secret); 5112 5890 if (ret != 0) 5113 5891 return ret; 5114 5892 5115 ret = DeriveFinishedSecret(ssl, ssl-> arrays->serverSecret,5893 ret = DeriveFinishedSecret(ssl, ssl->serverSecret, 5116 5894 ssl->keys.server_write_MAC_secret); 5117 5895 if (ret != 0) … … 5130 5908 5131 5909 #ifdef WOLFSSL_CALLBACKS 5132 if (ssl->hsInfoOn) AddPacketName( "Finished", &ssl->handShakeInfo);5910 if (ssl->hsInfoOn) AddPacketName(ssl, "Finished"); 5133 5911 if (ssl->toInfoOn) AddLateName("Finished", &ssl->timeoutInfo); 5134 5912 #endif … … 5138 5916 if (XMEMCMP(input + *inOutIdx, mac, size) != 0){ 5139 5917 WOLFSSL_MSG("Verify finished error on hashes"); 5918 SendAlert(ssl, alert_fatal, decrypt_error); 5140 5919 return VERIFY_FINISHED_ERROR; 5141 5920 } … … 5148 5927 !ssl->options.handShakeDone) { 5149 5928 #ifdef WOLFSSL_EARLY_DATA 5150 if (ssl->earlyData ) {5929 if (ssl->earlyData != no_early_data) { 5151 5930 if ((ret = DeriveTls13Keys(ssl, no_key, DECRYPT_SIDE_ONLY, 1)) != 0) 5152 5931 return ret; … … 5171 5950 5172 5951 WOLFSSL_LEAVE("DoTls13Finished", 0); 5952 WOLFSSL_END(WC_FUNC_FINISHED_DO); 5173 5953 5174 5954 return 0; … … 5192 5972 byte* secret; 5193 5973 5974 WOLFSSL_START(WC_FUNC_FINISHED_SEND); 5194 5975 WOLFSSL_ENTER("SendTls13Finished"); 5195 5976 5196 outputSz = MAX_DIGEST_SIZE + DTLS_HANDSHAKE_HEADER_SZ + MAX_MSG_EXTRA;5977 outputSz = WC_MAX_DIGEST_SIZE + DTLS_HANDSHAKE_HEADER_SZ + MAX_MSG_EXTRA; 5197 5978 /* Check buffers are big enough and grow if needed. */ 5198 5979 if ((ret = CheckAvailableSize(ssl, outputSz)) != 0) … … 5207 5988 5208 5989 /* make finished hashes */ 5209 if (ssl->options.side == WOLFSSL_CLIENT_END) 5990 if (ssl->options.handShakeDone) { 5991 ret = DeriveFinishedSecret(ssl, ssl->clientSecret, 5992 ssl->keys.client_write_MAC_secret); 5993 if (ret != 0) 5994 return ret; 5995 5996 secret = ssl->keys.client_write_MAC_secret; 5997 } 5998 else if (ssl->options.side == WOLFSSL_CLIENT_END) 5210 5999 secret = ssl->keys.client_write_MAC_secret; 5211 6000 else { … … 5213 6002 * server finished keys. 5214 6003 */ 5215 ret = DeriveFinishedSecret(ssl, ssl-> arrays->clientSecret,6004 ret = DeriveFinishedSecret(ssl, ssl->clientSecret, 5216 6005 ssl->keys.client_write_MAC_secret); 5217 6006 if (ret != 0) 5218 6007 return ret; 5219 6008 5220 ret = DeriveFinishedSecret(ssl, ssl-> arrays->serverSecret,6009 ret = DeriveFinishedSecret(ssl, ssl->serverSecret, 5221 6010 ssl->keys.server_write_MAC_secret); 5222 6011 if (ret != 0) … … 5235 6024 return BUILD_MSG_ERROR; 5236 6025 5237 if (!ssl->options.resuming ) {6026 if (!ssl->options.resuming && ssl->options.side == WOLFSSL_SERVER_END) { 5238 6027 #ifndef NO_SESSION_CACHE 5239 6028 AddSession(ssl); /* just try */ … … 5242 6031 5243 6032 #ifdef WOLFSSL_CALLBACKS 5244 if (ssl->hsInfoOn) AddPacketName( "Finished", &ssl->handShakeInfo);6033 if (ssl->hsInfoOn) AddPacketName(ssl, "Finished"); 5245 6034 if (ssl->toInfoOn) { 5246 AddPacketInfo( "Finished", &ssl->timeoutInfo, output, sendSz,5247 ssl->heap);6035 AddPacketInfo(ssl, "Finished", handshake, output, sendSz, 6036 WRITE_PROTO, ssl->heap); 5248 6037 } 5249 6038 #endif 5250 6039 5251 6040 ssl->buffers.outputBuffer.length += sendSz; 5252 5253 if ((ret = SendBuffered(ssl)) != 0)5254 return ret;5255 6041 5256 6042 if (ssl->options.side == WOLFSSL_SERVER_END) { … … 5264 6050 } 5265 6051 if ((ret = DeriveTls13Keys(ssl, traffic_key, DECRYPT_SIDE_ONLY, 5266 !ssl->earlyData)) != 0) {6052 ssl->earlyData == no_early_data)) != 0) { 5267 6053 return ret; 5268 6054 } … … 5280 6066 !ssl->options.handShakeDone) { 5281 6067 #ifdef WOLFSSL_EARLY_DATA 5282 if (ssl->earlyData ) {6068 if (ssl->earlyData != no_early_data) { 5283 6069 if ((ret = DeriveTls13Keys(ssl, no_key, ENCRYPT_AND_DECRYPT_SIDE, 5284 6070 1)) != 0) { … … 5293 6079 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 5294 6080 ret = DeriveResumptionSecret(ssl, ssl->session.masterSecret); 5295 #endif 5296 } 5297 5298 if (ssl->options.resuming) { 5299 if (ssl->options.side == WOLFSSL_CLIENT_END) { 6081 if (ret != 0) 6082 return ret; 6083 #endif 6084 } 6085 6086 #ifndef NO_WOLFSSL_CLIENT 6087 if (ssl->options.side == WOLFSSL_CLIENT_END) { 6088 ssl->options.clientState = CLIENT_FINISHED_COMPLETE; 5300 6089 ssl->options.handShakeState = HANDSHAKE_DONE; 5301 6090 ssl->options.handShakeDone = 1; 5302 6091 } 5303 } 5304 #ifndef NO_WOLFSSL_ CLIENT5305 if (ssl->options.side == WOLFSSL_ CLIENT_END) {5306 if (!ssl->options.resuming) {5307 ssl->options.handShakeState = HANDSHAKE_DONE;5308 ssl->options.handShakeDone = 1; 5309 } 5310 }5311 #endif 6092 #endif 6093 #ifndef NO_WOLFSSL_SERVER 6094 if (ssl->options.side == WOLFSSL_SERVER_END) { 6095 ssl->options.serverState = SERVER_FINISHED_COMPLETE; 6096 } 6097 #endif 6098 6099 if ((ret = SendBuffered(ssl)) != 0) 6100 return ret; 5312 6101 5313 6102 WOLFSSL_LEAVE("SendTls13Finished", ret); 6103 WOLFSSL_END(WC_FUNC_FINISHED_SEND); 5314 6104 5315 6105 return ret; 5316 6106 } 5317 6107 6108 /* handle generation TLS v1.3 key_update (24) */ 5318 6109 /* Send the TLS v1.3 KeyUpdate message. 5319 6110 * … … 5331 6122 word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 5332 6123 6124 WOLFSSL_START(WC_FUNC_KEY_UPDATE_SEND); 5333 6125 WOLFSSL_ENTER("SendTls13KeyUpdate"); 5334 6126 … … 5362 6154 5363 6155 #ifdef WOLFSSL_CALLBACKS 5364 if (ssl->hsInfoOn) AddPacketName( "KeyUpdate", &ssl->handShakeInfo);6156 if (ssl->hsInfoOn) AddPacketName(ssl, "KeyUpdate"); 5365 6157 if (ssl->toInfoOn) { 5366 AddPacketInfo( "KeyUpdate", &ssl->timeoutInfo, output, sendSz,5367 ssl->heap);6158 AddPacketInfo(ssl, "KeyUpdate", handshake, output, sendSz, 6159 WRITE_PROTO, ssl->heap); 5368 6160 } 5369 6161 #endif … … 5383 6175 5384 6176 WOLFSSL_LEAVE("SendTls13KeyUpdate", ret); 6177 WOLFSSL_END(WC_FUNC_KEY_UPDATE_SEND); 5385 6178 5386 6179 return ret; 5387 6180 } 5388 6181 6182 /* handle processing TLS v1.3 key_update (24) */ 5389 6183 /* Parse and handle a TLS v1.3 KeyUpdate message. 5390 6184 * … … 5402 6196 word32 i = *inOutIdx; 5403 6197 6198 WOLFSSL_START(WC_FUNC_KEY_UPDATE_DO); 5404 6199 WOLFSSL_ENTER("DoTls13KeyUpdate"); 5405 6200 … … 5440 6235 5441 6236 WOLFSSL_LEAVE("DoTls13KeyUpdate", ret); 6237 WOLFSSL_END(WC_FUNC_KEY_UPDATE_DO); 5442 6238 5443 6239 return 0; … … 5461 6257 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 5462 6258 6259 WOLFSSL_START(WC_FUNC_END_OF_EARLY_DATA_SEND); 5463 6260 WOLFSSL_ENTER("SendTls13EndOfEarlyData"); 5464 6261 … … 5492 6289 5493 6290 WOLFSSL_LEAVE("SendTls13EndOfEarlyData", ret); 6291 WOLFSSL_END(WC_FUNC_END_OF_EARLY_DATA_SEND); 5494 6292 5495 6293 return ret; … … 5498 6296 5499 6297 #ifndef NO_WOLFSSL_SERVER 6298 /* handle processing of TLS 1.3 end_of_early_data (5) */ 5500 6299 /* Parse the TLS v1.3 EndOfEarlyData message that indicates that there will be 5501 6300 * no more early application data. … … 5513 6312 (void)input; 5514 6313 6314 WOLFSSL_START(WC_FUNC_END_OF_EARLY_DATA_DO); 5515 6315 WOLFSSL_ENTER("DoTls13EndOfEarlyData"); 5516 6316 … … 5518 6318 return BUFFER_ERROR; 5519 6319 6320 if (ssl->earlyData == no_early_data) { 6321 WOLFSSL_MSG("EndOfEarlyData recieved unexpectedly"); 6322 SendAlert(ssl, alert_fatal, unexpected_message); 6323 return OUT_OF_ORDER_E; 6324 } 6325 6326 ssl->earlyData = done_early_data; 6327 5520 6328 /* Always encrypted. */ 5521 6329 *inOutIdx += ssl->keys.padSz; … … 5523 6331 ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY); 5524 6332 5525 WOLFSSL_LEAVE("SendTls13EndOfEarlyData", ret); 6333 WOLFSSL_LEAVE("DoTls13EndOfEarlyData", ret); 6334 WOLFSSL_END(WC_FUNC_END_OF_EARLY_DATA_DO); 5526 6335 5527 6336 return ret; … … 5551 6360 word16 length; 5552 6361 word32 now; 5553 6362 #ifndef WOLFSSL_TLS13_DRAFT_18 6363 const byte* nonce; 6364 byte nonceLength; 6365 #endif 6366 6367 WOLFSSL_START(WC_FUNC_NEW_SESSION_TICKET_DO); 5554 6368 WOLFSSL_ENTER("DoTls13NewSessionTicket"); 5555 6369 … … 5567 6381 ato32(input + *inOutIdx, &ageAdd); 5568 6382 *inOutIdx += SESSION_ADD_SZ; 6383 6384 #ifndef WOLFSSL_TLS13_DRAFT_18 6385 /* Ticket nonce. */ 6386 if ((*inOutIdx - begin) + 1 > size) 6387 return BUFFER_ERROR; 6388 nonceLength = input[*inOutIdx]; 6389 if (nonceLength > MAX_TICKET_NONCE_SZ) { 6390 WOLFSSL_MSG("Nonce length not supported"); 6391 return INVALID_PARAMETER; 6392 } 6393 *inOutIdx += 1; 6394 if ((*inOutIdx - begin) + nonceLength > size) 6395 return BUFFER_ERROR; 6396 nonce = input + *inOutIdx; 6397 *inOutIdx += nonceLength; 6398 #endif 5569 6399 5570 6400 /* Ticket length. */ … … 5593 6423 ssl->session.maxEarlyDataSz = ssl->options.maxEarlyDataSz; 5594 6424 #endif 6425 #ifndef WOLFSSL_TLS13_DRAFT_18 6426 ssl->session.ticketNonce.len = nonceLength; 6427 if (nonceLength > 0) 6428 XMEMCPY(&ssl->session.ticketNonce.data, nonce, nonceLength); 6429 #endif 6430 ssl->session.namedGroup = ssl->namedGroup; 5595 6431 5596 6432 if ((*inOutIdx - begin) + EXTS_SZ > size) … … 5626 6462 5627 6463 WOLFSSL_LEAVE("DoTls13NewSessionTicket", 0); 6464 WOLFSSL_END(WC_FUNC_NEW_SESSION_TICKET_DO); 5628 6465 5629 6466 return 0; … … 5648 6485 int ret; 5649 6486 word32 finishedSz = 0; 5650 byte mac[ MAX_DIGEST_SIZE];6487 byte mac[WC_MAX_DIGEST_SIZE]; 5651 6488 Digest digest; 5652 6489 static byte header[] = { 0x14, 0x00, 0x00, 0x00 }; … … 5684 6521 header[FINISHED_MSG_SIZE_OFFSET] = finishedSz; 5685 6522 #ifdef WOLFSSL_EARLY_DATA 5686 if (ssl->earlyData ) {6523 if (ssl->earlyData != no_early_data) { 5687 6524 static byte endOfEarlyData[] = { 0x05, 0x00, 0x00, 0x00 }; 5688 6525 ret = HashInputRaw(ssl, endOfEarlyData, sizeof(endOfEarlyData)); … … 5739 6576 int ret; 5740 6577 int sendSz; 5741 word 32extSz;6578 word16 extSz; 5742 6579 word32 length; 5743 6580 word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 5744 6581 6582 WOLFSSL_START(WC_FUNC_NEW_SESSION_TICKET_SEND); 5745 6583 WOLFSSL_ENTER("SendTls13NewSessionTicket"); 5746 6584 … … 5752 6590 #endif 5753 6591 6592 #ifndef WOLFSSL_TLS13_DRAFT_18 6593 /* Start ticket nonce at 0 and go up to 255. */ 6594 if (ssl->session.ticketNonce.len == 0) { 6595 ssl->session.ticketNonce.len = DEF_TICKET_NONCE_SZ; 6596 ssl->session.ticketNonce.data[0] = 0; 6597 } 6598 else 6599 ssl->session.ticketNonce.data[0]++; 6600 #endif 6601 5754 6602 if (!ssl->options.noTicketTls13) { 5755 6603 if ((ret = CreateTicket(ssl)) != 0) … … 5761 6609 if (ssl->session.maxEarlyDataSz > 0) 5762 6610 TLSX_EarlyData_Use(ssl, ssl->session.maxEarlyDataSz); 5763 extSz = TLSX_GetResponseSize(ssl, session_ticket); 6611 extSz = 0; 6612 ret = TLSX_GetResponseSize(ssl, session_ticket, &extSz); 6613 if (ret != 0) 6614 return ret; 5764 6615 #else 5765 6616 extSz = EXTS_SZ; … … 5769 6620 length = SESSION_HINT_SZ + SESSION_ADD_SZ + LENGTH_SZ + 5770 6621 ssl->session.ticketLen + extSz; 6622 #ifndef WOLFSSL_TLS13_DRAFT_18 6623 /* Nonce */ 6624 length += TICKET_NONCE_LEN_SZ + DEF_TICKET_NONCE_SZ; 6625 #endif 5771 6626 sendSz = idx + length + MAX_MSG_EXTRA; 5772 6627 … … 5789 6644 idx += SESSION_ADD_SZ; 5790 6645 6646 #ifndef WOLFSSL_TLS13_DRAFT_18 6647 output[idx++] = ssl->session.ticketNonce.len; 6648 output[idx++] = ssl->session.ticketNonce.data[0]; 6649 #endif 6650 5791 6651 /* length */ 5792 6652 c16toa(ssl->session.ticketLen, output + idx); … … 5797 6657 5798 6658 #ifdef WOLFSSL_EARLY_DATA 5799 idx += TLSX_WriteResponse(ssl, output + idx, session_ticket); 6659 extSz = 0; 6660 ret = TLSX_WriteResponse(ssl, output + idx, session_ticket, &extSz); 6661 if (ret != 0) 6662 return ret; 6663 idx += extSz; 5800 6664 #else 5801 6665 /* No extension support - empty extensions. */ … … 5822 6686 5823 6687 WOLFSSL_LEAVE("SendTls13NewSessionTicket", 0); 6688 WOLFSSL_END(WC_FUNC_NEW_SESSION_TICKET_SEND); 5824 6689 5825 6690 return ret; … … 5841 6706 #ifndef NO_WOLFSSL_SERVER 5842 6707 case client_hello: 6708 #ifndef NO_WOLFSSL_CLIENT 6709 if (ssl->options.side == WOLFSSL_CLIENT_END) { 6710 WOLFSSL_MSG("ClientHello received by client"); 6711 return OUT_OF_ORDER_E; 6712 } 6713 #endif 6714 if (ssl->options.clientState >= CLIENT_HELLO_COMPLETE) { 6715 WOLFSSL_MSG("ClientHello received out of order"); 6716 return OUT_OF_ORDER_E; 6717 } 5843 6718 if (ssl->msgsReceived.got_client_hello == 2) { 5844 6719 WOLFSSL_MSG("Too many ClientHello received"); … … 5852 6727 #ifndef NO_WOLFSSL_CLIENT 5853 6728 case server_hello: 6729 #ifndef NO_WOLFSSL_SERVER 6730 if (ssl->options.side == WOLFSSL_SERVER_END) { 6731 WOLFSSL_MSG("ServerHello received by server"); 6732 return OUT_OF_ORDER_E; 6733 } 6734 #endif 6735 #ifdef WOLFSSL_TLS13_DRAFT_18 5854 6736 if (ssl->msgsReceived.got_server_hello) { 5855 6737 WOLFSSL_MSG("Duplicate ServerHello received"); … … 5857 6739 } 5858 6740 ssl->msgsReceived.got_server_hello = 1; 6741 #else 6742 if (ssl->msgsReceived.got_server_hello == 2) { 6743 WOLFSSL_MSG("Duplicate ServerHello received"); 6744 return DUPLICATE_MSG_E; 6745 } 6746 ssl->msgsReceived.got_server_hello++; 6747 #endif 5859 6748 5860 6749 break; … … 5863 6752 #ifndef NO_WOLFSSL_CLIENT 5864 6753 case session_ticket: 5865 if (ssl->msgsReceived.got_session_ticket) { 5866 WOLFSSL_MSG("Duplicate SessionTicket received"); 5867 return DUPLICATE_MSG_E; 6754 #ifndef NO_WOLFSSL_SERVER 6755 if (ssl->options.side == WOLFSSL_SERVER_END) { 6756 WOLFSSL_MSG("NewSessionTicket received by server"); 6757 return OUT_OF_ORDER_E; 6758 } 6759 #endif 6760 if (ssl->options.clientState < CLIENT_FINISHED_COMPLETE) { 6761 WOLFSSL_MSG("NewSessionTicket received out of order"); 6762 return OUT_OF_ORDER_E; 5868 6763 } 5869 6764 ssl->msgsReceived.got_session_ticket = 1; … … 5875 6770 #ifdef WOLFSSL_EARLY_DATA 5876 6771 case end_of_early_data: 6772 #ifndef NO_WOLFSSL_CLIENT 6773 if (ssl->options.side == WOLFSSL_CLIENT_END) { 6774 WOLFSSL_MSG("EndOfEarlyData received by client"); 6775 return OUT_OF_ORDER_E; 6776 } 6777 #endif 6778 if (ssl->options.serverState < SERVER_FINISHED_COMPLETE) { 6779 WOLFSSL_MSG("EndOfEarlyData received out of order"); 6780 return OUT_OF_ORDER_E; 6781 } 6782 if (ssl->options.clientState >= CLIENT_FINISHED_COMPLETE) { 6783 WOLFSSL_MSG("EndOfEarlyData received out of order"); 6784 return OUT_OF_ORDER_E; 6785 } 5877 6786 if (ssl->msgsReceived.got_end_of_early_data == 1) { 5878 6787 WOLFSSL_MSG("Too many EndOfEarlyData received"); … … 5885 6794 #endif 5886 6795 6796 #ifdef WOLFSSL_TLS13_DRAFT_18 5887 6797 #ifndef NO_WOLFSSL_CLIENT 5888 6798 case hello_retry_request: 6799 #ifndef NO_WOLFSSL_SERVER 6800 if (ssl->options.side == WOLFSSL_SERVER_END) { 6801 WOLFSSL_MSG("HelloRetryRequest received by server"); 6802 return OUT_OF_ORDER_E; 6803 } 6804 #endif 6805 if (ssl->options.clientState > CLIENT_FINISHED_COMPLETE) { 6806 WOLFSSL_MSG("HelloRetryRequest received out of order"); 6807 return OUT_OF_ORDER_E; 6808 } 5889 6809 if (ssl->msgsReceived.got_hello_retry_request) { 5890 6810 WOLFSSL_MSG("Duplicate HelloRetryRequest received"); … … 5895 6815 break; 5896 6816 #endif 6817 #endif 5897 6818 5898 6819 #ifndef NO_WOLFSSL_CLIENT 5899 6820 case encrypted_extensions: 6821 #ifndef NO_WOLFSSL_SERVER 6822 if (ssl->options.side == WOLFSSL_SERVER_END) { 6823 WOLFSSL_MSG("EncryptedExtensions received by server"); 6824 return OUT_OF_ORDER_E; 6825 } 6826 #endif 6827 if (ssl->options.serverState != SERVER_HELLO_COMPLETE) { 6828 WOLFSSL_MSG("EncryptedExtensions received out of order"); 6829 return OUT_OF_ORDER_E; 6830 } 5900 6831 if (ssl->msgsReceived.got_encrypted_extensions) { 5901 6832 WOLFSSL_MSG("Duplicate EncryptedExtensions received"); … … 5908 6839 5909 6840 case certificate: 6841 #ifndef NO_WOLFSSL_CLIENT 6842 if (ssl->options.side == WOLFSSL_CLIENT_END && 6843 ssl->options.serverState != 6844 SERVER_ENCRYPTED_EXTENSIONS_COMPLETE) { 6845 WOLFSSL_MSG("Certificate received out of order - Client"); 6846 return OUT_OF_ORDER_E; 6847 } 6848 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 6849 /* Server's authenticating with PSK must not send this. */ 6850 if (ssl->options.side == WOLFSSL_CLIENT_END && 6851 ssl->options.serverState == SERVER_CERT_COMPLETE && 6852 ssl->arrays->psk_keySz != 0) { 6853 WOLFSSL_MSG("Certificate received while using PSK"); 6854 return SANITY_MSG_E; 6855 } 6856 #endif 6857 #endif 6858 #ifndef NO_WOLFSSL_SERVER 6859 if (ssl->options.side == WOLFSSL_SERVER_END && 6860 ssl->options.serverState < SERVER_FINISHED_COMPLETE) { 6861 WOLFSSL_MSG("Certificate received out of order - Server"); 6862 return OUT_OF_ORDER_E; 6863 } 6864 #endif 5910 6865 if (ssl->msgsReceived.got_certificate) { 5911 6866 WOLFSSL_MSG("Duplicate Certificate received"); … … 5914 6869 ssl->msgsReceived.got_certificate = 1; 5915 6870 6871 break; 6872 5916 6873 #ifndef NO_WOLFSSL_CLIENT 5917 if (ssl->options.side == WOLFSSL_CLIENT_END) { 5918 if ( ssl->msgsReceived.got_server_hello == 0) { 5919 WOLFSSL_MSG("No ServerHello before Cert"); 6874 case certificate_request: 6875 #ifndef NO_WOLFSSL_SERVER 6876 if (ssl->options.side == WOLFSSL_SERVER_END) { 6877 WOLFSSL_MSG("CertificateRequest received by server"); 5920 6878 return OUT_OF_ORDER_E; 5921 6879 } 5922 } 5923 #endif 5924 #ifndef NO_WOLFSSL_SERVER 5925 if (ssl->options.side == WOLFSSL_SERVER_END) { 5926 if ( ssl->msgsReceived.got_client_hello == 0) { 5927 WOLFSSL_MSG("No ClientHello before Cert"); 6880 #endif 6881 #ifndef WOLFSSL_POST_HANDSHAKE_AUTH 6882 if (ssl->options.serverState != 6883 SERVER_ENCRYPTED_EXTENSIONS_COMPLETE) { 6884 WOLFSSL_MSG("CertificateRequest received out of order"); 5928 6885 return OUT_OF_ORDER_E; 5929 6886 } 5930 } 5931 #endif 5932 break; 5933 5934 #ifndef NO_WOLFSSL_CLIENT 5935 case certificate_request: 5936 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH 5937 if (ssl->msgsReceived.got_finished) 5938 ; 5939 else 6887 #else 6888 if (ssl->options.serverState != 6889 SERVER_ENCRYPTED_EXTENSIONS_COMPLETE && 6890 (ssl->options.serverState != SERVER_FINISHED_COMPLETE || 6891 ssl->options.clientState != CLIENT_FINISHED_COMPLETE)) { 6892 WOLFSSL_MSG("CertificateRequest received out of order"); 6893 return OUT_OF_ORDER_E; 6894 } 6895 #endif 6896 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 6897 /* Server's authenticating with PSK must not send this. */ 6898 if (ssl->options.serverState == 6899 SERVER_ENCRYPTED_EXTENSIONS_COMPLETE && 6900 ssl->arrays->psk_keySz != 0) { 6901 WOLFSSL_MSG("CertificateRequset received while using PSK"); 6902 return SANITY_MSG_E; 6903 } 5940 6904 #endif 6905 #ifndef WOLFSSL_POST_HANDSHAKE_AUTH 5941 6906 if (ssl->msgsReceived.got_certificate_request) { 5942 6907 WOLFSSL_MSG("Duplicate CertificateRequest received"); 5943 6908 return DUPLICATE_MSG_E; 5944 6909 } 6910 #endif 5945 6911 ssl->msgsReceived.got_certificate_request = 1; 5946 6912 … … 5949 6915 5950 6916 case certificate_verify: 6917 #ifndef NO_WOLFSSL_CLIENT 6918 if (ssl->options.side == WOLFSSL_CLIENT_END) { 6919 if (ssl->options.serverState != SERVER_CERT_COMPLETE) { 6920 WOLFSSL_MSG("No Cert before CertVerify"); 6921 return OUT_OF_ORDER_E; 6922 } 6923 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 6924 /* Server's authenticating with PSK must not send this. */ 6925 if (ssl->options.serverState == SERVER_CERT_COMPLETE && 6926 ssl->arrays->psk_keySz != 0) { 6927 WOLFSSL_MSG("CertificateVerify received while using PSK"); 6928 return SANITY_MSG_E; 6929 } 6930 #endif 6931 } 6932 #endif 6933 #ifndef NO_WOLFSSL_SERVER 6934 if (ssl->options.side == WOLFSSL_SERVER_END) { 6935 if (ssl->options.serverState < SERVER_FINISHED_COMPLETE) { 6936 WOLFSSL_MSG("CertificateVerify received out of order"); 6937 return OUT_OF_ORDER_E; 6938 } 6939 if (ssl->options.clientState < CLIENT_HELLO_COMPLETE) { 6940 WOLFSSL_MSG("CertificateVerify before ClientHello done"); 6941 return OUT_OF_ORDER_E; 6942 } 6943 if (!ssl->msgsReceived.got_certificate) { 6944 WOLFSSL_MSG("No Cert before CertificateVerify"); 6945 return OUT_OF_ORDER_E; 6946 } 6947 } 6948 #endif 5951 6949 if (ssl->msgsReceived.got_certificate_verify) { 5952 6950 WOLFSSL_MSG("Duplicate CertificateVerify received"); … … 5955 6953 ssl->msgsReceived.got_certificate_verify = 1; 5956 6954 5957 if (ssl->msgsReceived.got_certificate == 0) {5958 WOLFSSL_MSG("No Cert before CertVerify");5959 return OUT_OF_ORDER_E;5960 }5961 6955 break; 5962 6956 5963 6957 case finished: 5964 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH 5965 if (1) { 5966 } 5967 else 6958 #ifndef NO_WOLFSSL_CLIENT 6959 if (ssl->options.side == WOLFSSL_CLIENT_END) { 6960 if (ssl->options.clientState < CLIENT_HELLO_COMPLETE) { 6961 WOLFSSL_MSG("Finished received out of order"); 6962 return OUT_OF_ORDER_E; 6963 } 6964 if (ssl->options.serverState < 6965 SERVER_ENCRYPTED_EXTENSIONS_COMPLETE) { 6966 WOLFSSL_MSG("Finished received out of order"); 6967 return OUT_OF_ORDER_E; 6968 } 6969 } 6970 #endif 6971 #ifndef NO_WOLFSSL_SERVER 6972 if (ssl->options.side == WOLFSSL_SERVER_END) { 6973 if (ssl->options.serverState < SERVER_FINISHED_COMPLETE) { 6974 WOLFSSL_MSG("Finished received out of order"); 6975 return OUT_OF_ORDER_E; 6976 } 6977 if (ssl->options.clientState < CLIENT_HELLO_COMPLETE) { 6978 WOLFSSL_MSG("Finished received out of order"); 6979 return OUT_OF_ORDER_E; 6980 } 6981 #ifdef WOLFSSL_EARLY_DATA 6982 if (ssl->earlyData == process_early_data) { 6983 return OUT_OF_ORDER_E; 6984 } 6985 #endif 6986 } 5968 6987 #endif 5969 6988 if (ssl->msgsReceived.got_finished) { … … 6004 7023 { 6005 7024 int ret = 0; 7025 word32 inIdx = *inOutIdx; 7026 6006 7027 (void)totalSz; 6007 word32 inIdx = *inOutIdx;6008 7028 6009 7029 WOLFSSL_ENTER("DoTls13HandShakeMsgType"); … … 6016 7036 if ( (ret = SanityCheckTls13MsgReceived(ssl, type)) != 0) { 6017 7037 WOLFSSL_MSG("Sanity Check on handshake message type received failed"); 7038 SendAlert(ssl, alert_fatal, unexpected_message); 6018 7039 return ret; 6019 7040 } … … 6023 7044 if (ssl->toInfoOn) { 6024 7045 int add = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; 6025 AddPacketInfo( 0, &ssl->timeoutInfo, input + *inOutIdx - add,6026 size + add, ssl->heap);7046 AddPacketInfo(ssl, 0, handshake, input + *inOutIdx - add, 7047 size + add, READ_PROTO, ssl->heap); 6027 7048 AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo); 6028 7049 } … … 6054 7075 /* above checks handshake state */ 6055 7076 switch (type) { 6056 6057 7077 #ifndef NO_WOLFSSL_CLIENT 7078 /* Messages only recieved by client. */ 7079 #ifdef WOLFSSL_TLS13_DRAFT_18 6058 7080 case hello_retry_request: 6059 7081 WOLFSSL_MSG("processing hello rety request"); 6060 7082 ret = DoTls13HelloRetryRequest(ssl, input, inOutIdx, size); 6061 7083 break; 7084 #endif 6062 7085 6063 7086 case server_hello: 6064 7087 WOLFSSL_MSG("processing server hello"); 6065 ret = DoTls13ServerHello(ssl, input, inOutIdx, size); 7088 ret = DoTls13ServerHello(ssl, input, inOutIdx, size, &type); 7089 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 7090 !defined(NO_ED25519_CLIENT_AUTH) 7091 if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) || 7092 IsAtLeastTLSv1_3(ssl->version)) { 7093 ssl->options.cacheMessages = 0; 7094 if (ssl->hsHashes->messages != NULL) { 7095 XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES); 7096 ssl->hsHashes->messages = NULL; 7097 } 7098 } 7099 #endif 7100 break; 7101 7102 case encrypted_extensions: 7103 WOLFSSL_MSG("processing encrypted extensions"); 7104 ret = DoTls13EncryptedExtensions(ssl, input, inOutIdx, size); 6066 7105 break; 6067 7106 … … 6077 7116 ret = DoTls13NewSessionTicket(ssl, input, inOutIdx, size); 6078 7117 break; 6079 6080 case encrypted_extensions: 6081 WOLFSSL_MSG("processing encrypted extensions"); 6082 ret = DoTls13EncryptedExtensions(ssl, input, inOutIdx, size); 7118 #endif /* !NO_WOLFSSL_CLIENT */ 7119 7120 #ifndef NO_WOLFSSL_SERVER 7121 /* Messages only recieved by server. */ 7122 case client_hello: 7123 WOLFSSL_MSG("processing client hello"); 7124 ret = DoTls13ClientHello(ssl, input, inOutIdx, size); 6083 7125 break; 6084 #endif /* !NO_WOLFSSL_CLIENT */ 6085 7126 7127 #ifdef WOLFSSL_EARLY_DATA 7128 case end_of_early_data: 7129 WOLFSSL_MSG("processing end of early data"); 7130 ret = DoTls13EndOfEarlyData(ssl, input, inOutIdx, size); 7131 break; 7132 #endif 7133 #endif /* !NO_WOLFSSL_SERVER */ 7134 7135 /* Messages recieved by both client and server. */ 6086 7136 #ifndef NO_CERTS 6087 7137 case certificate: … … 6098 7148 #endif /* !NO_RSA || HAVE_ECC */ 6099 7149 6100 #ifdef WOLFSSL_EARLY_DATA6101 #ifndef NO_WOLFSSL_SERVER6102 case end_of_early_data:6103 WOLFSSL_MSG("processing end of early data");6104 ret = DoTls13EndOfEarlyData(ssl, input, inOutIdx, size);6105 break;6106 #endif6107 #endif6108 6109 7150 case finished: 6110 7151 WOLFSSL_MSG("processing finished"); … … 6117 7158 break; 6118 7159 6119 #ifndef NO_WOLFSSL_SERVER6120 case client_hello:6121 WOLFSSL_MSG("processing client hello");6122 ret = DoTls13ClientHello(ssl, input, inOutIdx, size);6123 break;6124 #endif /* !NO_WOLFSSL_SERVER */6125 6126 7160 default: 6127 7161 WOLFSSL_MSG("Unknown handshake message type"); … … 6134 7168 ssl->error = 0; 6135 7169 6136 6137 7170 if (ret == 0 && type != client_hello && type != session_ticket && 6138 type != key_update && ssl->error != WC_PENDING_E) {7171 type != key_update) { 6139 7172 ret = HashInput(ssl, input + inIdx, size); 7173 } 7174 if (ret == 0 && ssl->buffers.inputBuffer.dynamicFlag) { 7175 ShrinkInputBuffer(ssl, NO_FORCED_FREE); 6140 7176 } 6141 7177 6142 7178 if (ret == BUFFER_ERROR || ret == MISSING_HANDSHAKE_DATA) 6143 7179 SendAlert(ssl, alert_fatal, decode_error); 6144 6145 if (ret == EXT_NOT_ALLOWED || ret == PEER_KEY_ERROR || 7180 else if (ret == EXT_NOT_ALLOWED || ret == PEER_KEY_ERROR || 6146 7181 ret == ECC_PEERKEY_ERROR || ret == BAD_KEY_SHARE_DATA || 6147 7182 ret == PSK_KEY_ERROR || ret == INVALID_PARAMETER) { … … 6150 7185 6151 7186 if (ssl->options.tls1_3) { 6152 if (type == server_hello && ssl->options.side == WOLFSSL_CLIENT_END) { 7187 /* Need to hash input message before deriving secrets. */ 7188 #ifndef NO_WOLFSSL_CLIENT 7189 if (ssl->options.side == WOLFSSL_CLIENT_END) { 7190 if (type == server_hello) { 6153 7191 if ((ret = DeriveEarlySecret(ssl)) != 0) 6154 7192 return ret; … … 6168 7206 #endif 6169 7207 } 6170 #ifdef WOLFSSL_EARLY_DATA 6171 if (type == encrypted_extensions && 6172 ssl->options.side == WOLFSSL_CLIENT_END) { 6173 if (!ssl->earlyData) 6174 { 6175 if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) != 0) 6176 return ret; 6177 } 6178 } 6179 #endif 6180 6181 if (type == finished && ssl->options.side == WOLFSSL_CLIENT_END) { 7208 7209 if (type == finished) { 6182 7210 if ((ret = DeriveMasterSecret(ssl)) != 0) 6183 7211 return ret; 6184 7212 #ifdef WOLFSSL_EARLY_DATA 6185 7213 if ((ret = DeriveTls13Keys(ssl, traffic_key, 6186 ENCRYPT_AND_DECRYPT_SIDE, !ssl->earlyData)) != 0) { 7214 ENCRYPT_AND_DECRYPT_SIDE, 7215 ssl->earlyData == no_early_data)) != 0) { 6187 7216 return ret; 6188 7217 } … … 6194 7223 #endif 6195 7224 } 6196 7225 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH 7226 if (type == certificate_request && 7227 ssl->options.handShakeState == HANDSHAKE_DONE) { 7228 /* reset handshake states */ 7229 ssl->options.clientState = CLIENT_HELLO_COMPLETE; 7230 ssl->options.connectState = FIRST_REPLY_DONE; 7231 ssl->options.handShakeState = CLIENT_HELLO_COMPLETE; 7232 7233 if (wolfSSL_connect_TLSv13(ssl) != SSL_SUCCESS) 7234 ret = POST_HAND_AUTH_ERROR; 7235 } 7236 #endif 7237 } 7238 #endif /* NO_WOLFSSL_CLIENT */ 7239 7240 #ifndef NO_WOLFSSL_SERVER 6197 7241 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 6198 if ( type == finished && ssl->options.side == WOLFSSL_SERVER_END) {7242 if (ssl->options.side == WOLFSSL_SERVER_END && type == finished) { 6199 7243 ret = DeriveResumptionSecret(ssl, ssl->session.masterSecret); 6200 7244 if (ret != 0) … … 6202 7246 } 6203 7247 #endif 7248 #endif /* NO_WOLFSSL_SERVER */ 6204 7249 } 6205 7250 … … 6286 7331 if (inputLength + ssl->arrays->pendingMsgOffset > 6287 7332 ssl->arrays->pendingMsgSz) { 6288 return BUFFER_ERROR; 7333 inputLength = ssl->arrays->pendingMsgSz - 7334 ssl->arrays->pendingMsgOffset; 6289 7335 } 6290 6291 7336 XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset, 6292 7337 input + *inOutIdx, inputLength); … … 6322 7367 } 6323 7368 7369 #ifndef NO_WOLFSSL_CLIENT 6324 7370 6325 7371 /* The client connecting to the server. … … 6336 7382 int wolfSSL_connect_TLSv13(WOLFSSL* ssl) 6337 7383 { 6338 int neededState;6339 6340 7384 WOLFSSL_ENTER("wolfSSL_connect_TLSv13()"); 6341 7385 … … 6382 7426 WOLFSSL_MSG("connect state: CLIENT_HELLO_SENT"); 6383 7427 #ifdef WOLFSSL_EARLY_DATA 6384 if (ssl->earlyData) { 7428 if (ssl->earlyData != no_early_data) { 7429 #if !defined(WOLFSSL_TLS13_DRAFT_18) && \ 7430 defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 7431 if ((ssl->error = SendChangeCipher(ssl)) != 0) { 7432 WOLFSSL_ERROR(ssl->error); 7433 return WOLFSSL_FATAL_ERROR; 7434 } 7435 ssl->options.sentChangeCipher = 1; 7436 #endif 6385 7437 ssl->options.handShakeState = CLIENT_HELLO_COMPLETE; 6386 7438 return WOLFSSL_SUCCESS; … … 6390 7442 6391 7443 case CLIENT_HELLO_SENT: 6392 neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE :6393 SERVER_HELLODONE_COMPLETE;6394 7444 /* Get the response/s from the server. */ 6395 while (ssl->options.serverState < neededState) { 7445 while (ssl->options.serverState < 7446 SERVER_HELLO_RETRY_REQUEST_COMPLETE) { 6396 7447 if ((ssl->error = ProcessReply(ssl)) < 0) { 6397 7448 WOLFSSL_ERROR(ssl->error); 6398 7449 return WOLFSSL_FATAL_ERROR; 6399 7450 } 6400 /* if resumption failed, reset needed state. */6401 if (neededState == SERVER_FINISHED_COMPLETE &&6402 !ssl->options.resuming) {6403 neededState = SERVER_HELLODONE_COMPLETE;6404 }6405 7451 } 6406 7452 … … 6414 7460 6415 7461 if (!ssl->options.tls1_3) { 7462 #ifndef WOLFSSL_NO_TLS12 6416 7463 if (ssl->options.downgrade) 6417 7464 return wolfSSL_connect(ssl); 7465 #endif 6418 7466 6419 7467 WOLFSSL_MSG("Client using higher version, fatal error"); … … 6421 7469 } 6422 7470 6423 if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) { 6424 ssl->options.serverState = NULL_STATE; 7471 if (ssl->options.serverState == 7472 SERVER_HELLO_RETRY_REQUEST_COMPLETE) { 7473 #if !defined(WOLFSSL_TLS13_DRAFT_18) && \ 7474 defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 7475 if (!ssl->options.sentChangeCipher) { 7476 if ((ssl->error = SendChangeCipher(ssl)) != 0) { 7477 WOLFSSL_ERROR(ssl->error); 7478 return WOLFSSL_FATAL_ERROR; 7479 } 7480 ssl->options.sentChangeCipher = 1; 7481 } 7482 #endif 6425 7483 /* Try again with different security parameters. */ 6426 7484 if ((ssl->error = SendTls13ClientHello(ssl)) != 0) { … … 6435 7493 6436 7494 case HELLO_AGAIN_REPLY: 6437 if (ssl->options.serverState == NULL_STATE ||6438 ssl->error == WC_PENDING_E) {6439 neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE :6440 SERVER_HELLODONE_COMPLETE;6441 6442 7495 /* Get the response/s from the server. */ 6443 while (ssl->options.serverState < neededState) {7496 while (ssl->options.serverState < SERVER_FINISHED_COMPLETE) { 6444 7497 if ((ssl->error = ProcessReply(ssl)) < 0) { 6445 7498 WOLFSSL_ERROR(ssl->error); 6446 7499 return WOLFSSL_FATAL_ERROR; 6447 7500 } 6448 /* if resumption failed, reset needed state */6449 else if (neededState == SERVER_FINISHED_COMPLETE) {6450 if (!ssl->options.resuming)6451 neededState = SERVER_HELLODONE_COMPLETE;6452 }6453 }6454 7501 } 6455 7502 … … 6460 7507 case FIRST_REPLY_DONE: 6461 7508 #ifdef WOLFSSL_EARLY_DATA 6462 if (ssl->earlyData ) {7509 if (ssl->earlyData != no_early_data) { 6463 7510 if ((ssl->error = SendTls13EndOfEarlyData(ssl)) != 0) { 6464 7511 WOLFSSL_ERROR(ssl->error); … … 6474 7521 6475 7522 case FIRST_REPLY_FIRST: 7523 #if !defined(WOLFSSL_TLS13_DRAFT_18) && \ 7524 defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 7525 if (!ssl->options.sentChangeCipher) { 7526 if ((ssl->error = SendChangeCipher(ssl)) != 0) { 7527 WOLFSSL_ERROR(ssl->error); 7528 return WOLFSSL_FATAL_ERROR; 7529 } 7530 ssl->options.sentChangeCipher = 1; 7531 } 7532 #endif 7533 7534 ssl->options.connectState = FIRST_REPLY_SECOND; 7535 WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND"); 7536 FALL_THROUGH; 7537 7538 case FIRST_REPLY_SECOND: 6476 7539 #ifndef NO_CERTS 6477 7540 if (!ssl->options.resuming && ssl->options.sendVerify) { … … 6485 7548 #endif 6486 7549 6487 ssl->options.connectState = FIRST_REPLY_ SECOND;6488 WOLFSSL_MSG("connect state: FIRST_REPLY_ SECOND");7550 ssl->options.connectState = FIRST_REPLY_THIRD; 7551 WOLFSSL_MSG("connect state: FIRST_REPLY_THIRD"); 6489 7552 FALL_THROUGH; 6490 7553 6491 case FIRST_REPLY_SECOND: 6492 7554 case FIRST_REPLY_THIRD: 6493 7555 #ifndef NO_CERTS 6494 7556 if (!ssl->options.resuming && ssl->options.sendVerify) { … … 6502 7564 #endif 6503 7565 6504 ssl->options.connectState = FIRST_REPLY_ THIRD;6505 WOLFSSL_MSG("connect state: FIRST_REPLY_ THIRD");7566 ssl->options.connectState = FIRST_REPLY_FOURTH; 7567 WOLFSSL_MSG("connect state: FIRST_REPLY_FOURTH"); 6506 7568 FALL_THROUGH; 6507 7569 6508 case FIRST_REPLY_ THIRD:7570 case FIRST_REPLY_FOURTH: 6509 7571 if ((ssl->error = SendTls13Finished(ssl)) != 0) { 6510 7572 WOLFSSL_ERROR(ssl->error); … … 6529 7591 #endif /* NO_HANDSHAKE_DONE_CB */ 6530 7592 7593 if (!ssl->options.keepResources) { 7594 FreeHandshakeResources(ssl); 7595 } 7596 6531 7597 WOLFSSL_LEAVE("wolfSSL_connect_TLSv13()", WOLFSSL_SUCCESS); 6532 7598 return WOLFSSL_SUCCESS; … … 6537 7603 } 6538 7604 } 6539 6540 #if defined(WOLFSSL_SEND_HRR_COOKIE) && !defined(NO_WOLFSSL_SERVER) 7605 #endif 7606 7607 #if defined(WOLFSSL_SEND_HRR_COOKIE) 6541 7608 /* Send a cookie with the HelloRetryRequest to avoid storing state. 6542 7609 * … … 6556 7623 if (ssl == NULL || !IsAtLeastTLSv1_3(ssl->version)) 6557 7624 return BAD_FUNC_ARG; 7625 #ifndef NO_WOLFSSL_SERVER 6558 7626 if (ssl->options.side == WOLFSSL_CLIENT_END) 6559 7627 return SIDE_ERROR; … … 6602 7670 ssl->options.sendCookie = 1; 6603 7671 6604 return WOLFSSL_SUCCESS; 7672 ret = WOLFSSL_SUCCESS; 7673 #else 7674 (void)secret; 7675 (void)secretSz; 7676 7677 ret = SIDE_ERROR; 7678 #endif 7679 7680 return ret; 6605 7681 } 6606 7682 #endif … … 6619 7695 if (ssl == NULL) 6620 7696 return BAD_FUNC_ARG; 6621 if (ssl->options.side == WOLFSSL_SERVER_END)6622 return SIDE_ERROR;6623 7697 6624 7698 ret = TLSX_KeyShare_Use(ssl, group, 0, NULL, NULL); … … 6748 7822 * 6749 7823 * ctx The SSL/TLS CTX object. 6750 * returns BAD_FUNC_ARG when ctx is NULL, SIDE_ERROR when not a serverand7824 * returns BAD_FUNC_ARG when ctx is NULL, SIDE_ERROR when not a client and 6751 7825 * 0 on success. 6752 7826 */ … … 6767 7841 * ssl The SSL/TLS object. 6768 7842 * returns BAD_FUNC_ARG when ssl is NULL, or not using TLS v1.3, 6769 * SIDE_ERROR when not a serverand 0 on success.7843 * SIDE_ERROR when not a client and 0 on success. 6770 7844 */ 6771 7845 int wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl) … … 6790 7864 { 6791 7865 int ret; 7866 #ifndef NO_WOLFSSL_SERVER 6792 7867 CertReqCtx* certReqCtx; 7868 #endif 6793 7869 6794 7870 if (ssl == NULL || !IsAtLeastTLSv1_3(ssl->version)) 6795 7871 return BAD_FUNC_ARG; 7872 #ifndef NO_WOLFSSL_SERVER 6796 7873 if (ssl->options.side == WOLFSSL_CLIENT_END) 6797 7874 return SIDE_ERROR; … … 6812 7889 ssl->certReqCtx = certReqCtx; 6813 7890 7891 ssl->msgsReceived.got_certificate = 0; 7892 ssl->msgsReceived.got_certificate_verify = 0; 7893 ssl->msgsReceived.got_finished = 0; 7894 6814 7895 ret = SendTls13CertificateRequest(ssl, &certReqCtx->ctx, certReqCtx->len); 6815 7896 if (ret == WANT_WRITE) … … 6817 7898 else if (ret == 0) 6818 7899 ret = WOLFSSL_SUCCESS; 7900 #else 7901 ret = SIDE_ERROR; 7902 #endif 7903 6819 7904 return ret; 6820 7905 } 6821 7906 #endif /* !NO_CERTS && WOLFSSL_POST_HANDSHAKE_AUTH */ 7907 7908 #if !defined(WOLFSSL_NO_SERVER_GROUPS_EXT) 7909 /* Get the preferred key exchange group. 7910 * 7911 * ssl The SSL/TLS object. 7912 * returns BAD_FUNC_ARG when ssl is NULL or not using TLS v1.3, 7913 * SIDE_ERROR when not a client, NOT_READY_ERROR when handshake not complete 7914 * and group number on success. 7915 */ 7916 int wolfSSL_preferred_group(WOLFSSL* ssl) 7917 { 7918 if (ssl == NULL || !IsAtLeastTLSv1_3(ssl->version)) 7919 return BAD_FUNC_ARG; 7920 #ifndef NO_WOLFSSL_CLIENT 7921 if (ssl->options.side == WOLFSSL_SERVER_END) 7922 return SIDE_ERROR; 7923 if (ssl->options.handShakeState != HANDSHAKE_DONE) 7924 return NOT_READY_ERROR; 7925 7926 /* Return supported groups only. */ 7927 return TLSX_SupportedCurve_Preferred(ssl, 1); 7928 #else 7929 return SIDE_ERROR; 7930 #endif 7931 } 7932 #endif 7933 7934 /* Sets the key exchange groups in rank order on a context. 7935 * 7936 * ctx SSL/TLS context object. 7937 * groups Array of groups. 7938 * count Number of groups in array. 7939 * returns BAD_FUNC_ARG when ctx or groups is NULL, not using TLS v1.3 or 7940 * count is greater than WOLFSSL_MAX_GROUP_COUNT and WOLFSSL_SUCCESS on success. 7941 */ 7942 int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups, int count) 7943 { 7944 int i; 7945 7946 if (ctx == NULL || groups == NULL || count > WOLFSSL_MAX_GROUP_COUNT) 7947 return BAD_FUNC_ARG; 7948 if (!IsAtLeastTLSv1_3(ctx->method->version)) 7949 return BAD_FUNC_ARG; 7950 7951 for (i = 0; i < count; i++) 7952 ctx->group[i] = (word16)groups[i]; 7953 ctx->numGroups = (byte)count; 7954 7955 return WOLFSSL_SUCCESS; 7956 } 7957 7958 /* Sets the key exchange groups in rank order. 7959 * 7960 * ssl SSL/TLS object. 7961 * groups Array of groups. 7962 * count Number of groups in array. 7963 * returns BAD_FUNC_ARG when ssl or groups is NULL, not using TLS v1.3 or 7964 * count is greater than WOLFSSL_MAX_GROUP_COUNT and WOLFSSL_SUCCESS on success. 7965 */ 7966 int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count) 7967 { 7968 int i; 7969 7970 if (ssl == NULL || groups == NULL || count > WOLFSSL_MAX_GROUP_COUNT) 7971 return BAD_FUNC_ARG; 7972 if (!IsAtLeastTLSv1_3(ssl->version)) 7973 return BAD_FUNC_ARG; 7974 7975 for (i = 0; i < count; i++) 7976 ssl->group[i] = (word16)groups[i]; 7977 ssl->numGroups = (byte)count; 7978 7979 return WOLFSSL_SUCCESS; 7980 } 7981 7982 #ifndef NO_PSK 7983 void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX* ctx, 7984 wc_psk_client_tls13_callback cb) 7985 { 7986 WOLFSSL_ENTER("SSL_CTX_set_psk_client_tls13_callback"); 7987 7988 if (ctx == NULL) 7989 return; 7990 7991 ctx->havePSK = 1; 7992 ctx->client_psk_tls13_cb = cb; 7993 } 7994 7995 7996 void wolfSSL_set_psk_client_tls13_callback(WOLFSSL* ssl, 7997 wc_psk_client_tls13_callback cb) 7998 { 7999 byte haveRSA = 1; 8000 int keySz = 0; 8001 8002 WOLFSSL_ENTER("SSL_set_psk_client_tls13_callback"); 8003 8004 if (ssl == NULL) 8005 return; 8006 8007 ssl->options.havePSK = 1; 8008 ssl->options.client_psk_tls13_cb = cb; 8009 8010 #ifdef NO_RSA 8011 haveRSA = 0; 8012 #endif 8013 #ifndef NO_CERTS 8014 keySz = ssl->buffers.keySz; 8015 #endif 8016 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE, 8017 ssl->options.haveDH, ssl->options.haveNTRU, 8018 ssl->options.haveECDSAsig, ssl->options.haveECC, 8019 ssl->options.haveStaticECC, ssl->options.side); 8020 } 8021 8022 8023 void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX* ctx, 8024 wc_psk_server_tls13_callback cb) 8025 { 8026 WOLFSSL_ENTER("SSL_CTX_set_psk_server_tls13_callback"); 8027 if (ctx == NULL) 8028 return; 8029 ctx->havePSK = 1; 8030 ctx->server_psk_tls13_cb = cb; 8031 } 8032 8033 8034 void wolfSSL_set_psk_server_tls13_callback(WOLFSSL* ssl, 8035 wc_psk_server_tls13_callback cb) 8036 { 8037 byte haveRSA = 1; 8038 int keySz = 0; 8039 8040 WOLFSSL_ENTER("SSL_set_psk_server_tls13_callback"); 8041 if (ssl == NULL) 8042 return; 8043 8044 ssl->options.havePSK = 1; 8045 ssl->options.server_psk_tls13_cb = cb; 8046 8047 #ifdef NO_RSA 8048 haveRSA = 0; 8049 #endif 8050 #ifndef NO_CERTS 8051 keySz = ssl->buffers.keySz; 8052 #endif 8053 InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE, 8054 ssl->options.haveDH, ssl->options.haveNTRU, 8055 ssl->options.haveECDSAsig, ssl->options.haveECC, 8056 ssl->options.haveStaticECC, ssl->options.side); 8057 } 8058 #endif 8059 6822 8060 6823 8061 #ifndef NO_WOLFSSL_SERVER … … 6836 8074 { 6837 8075 word16 havePSK = 0; 6838 word16 haveAnon = 0;6839 8076 WOLFSSL_ENTER("SSL_accept_TLSv13()"); 6840 8077 … … 6847 8084 #endif 6848 8085 (void)havePSK; 6849 6850 #ifdef HAVE_ANON6851 haveAnon = ssl->options.haveAnon;6852 #endif6853 (void)haveAnon;6854 8086 6855 8087 if (ssl->options.side != WOLFSSL_SERVER_END) { … … 6859 8091 6860 8092 #ifndef NO_CERTS 6861 /* in case used set_accept_state after init */ 6862 if (!havePSK && !haveAnon && 6863 (!ssl->buffers.certificate || 6864 !ssl->buffers.certificate->buffer || 6865 !ssl->buffers.key || 6866 !ssl->buffers.key->buffer)) { 6867 WOLFSSL_MSG("accept error: don't have server cert and key"); 6868 ssl->error = NO_PRIVATE_KEY; 6869 WOLFSSL_ERROR(ssl->error); 8093 /* allow no private key if using PK callbacks and CB is set */ 8094 if (!havePSK) { 8095 if (!ssl->buffers.certificate || 8096 !ssl->buffers.certificate->buffer) { 8097 8098 WOLFSSL_MSG("accept error: server cert required"); 8099 WOLFSSL_ERROR(ssl->error = NO_PRIVATE_KEY); 6870 8100 return WOLFSSL_FATAL_ERROR; 8101 } 8102 8103 #ifdef HAVE_PK_CALLBACKS 8104 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) { 8105 WOLFSSL_MSG("Using PK for server private key"); 8106 } 8107 else 8108 #endif 8109 if (!ssl->buffers.key || !ssl->buffers.key->buffer) { 8110 WOLFSSL_MSG("accept error: server key required"); 8111 WOLFSSL_ERROR(ssl->error = NO_PRIVATE_KEY); 8112 return WOLFSSL_FATAL_ERROR; 8113 } 6871 8114 } 6872 8115 #endif … … 6895 8138 switch (ssl->options.acceptState) { 6896 8139 6897 case ACCEPT_BEGIN :6898 /* get response*/6899 while (ssl->options.clientState < CLIENT_HELLO_COMPLETE) 8140 case TLS13_ACCEPT_BEGIN : 8141 /* get client_hello */ 8142 while (ssl->options.clientState < CLIENT_HELLO_COMPLETE) { 6900 8143 if ((ssl->error = ProcessReply(ssl)) < 0) { 6901 8144 WOLFSSL_ERROR(ssl->error); 6902 8145 return WOLFSSL_FATAL_ERROR; 6903 8146 } 6904 6905 ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE; 8147 } 8148 8149 ssl->options.acceptState = TLS13_ACCEPT_CLIENT_HELLO_DONE; 6906 8150 WOLFSSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE"); 6907 8151 FALL_THROUGH; 6908 8152 6909 case ACCEPT_CLIENT_HELLO_DONE : 6910 if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) { 8153 case TLS13_ACCEPT_CLIENT_HELLO_DONE : 8154 #ifdef WOLFSSL_TLS13_DRAFT_18 8155 if (ssl->options.serverState == 8156 SERVER_HELLO_RETRY_REQUEST_COMPLETE) { 6911 8157 if ((ssl->error = SendTls13HelloRetryRequest(ssl)) != 0) { 6912 8158 WOLFSSL_ERROR(ssl->error); … … 6914 8160 } 6915 8161 } 6916 ssl->options.acceptState = ACCEPT_HELLO_RETRY_REQUEST_DONE; 6917 WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE"); 8162 8163 ssl->options.acceptState = TLS13_ACCEPT_FIRST_REPLY_DONE; 8164 WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE"); 6918 8165 FALL_THROUGH; 6919 8166 6920 case ACCEPT_HELLO_RETRY_REQUEST_DONE : 6921 if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) { 6922 if ( (ssl->error = ProcessReply(ssl)) < 0) { 8167 case TLS13_ACCEPT_HELLO_RETRY_REQUEST_DONE : 8168 #else 8169 if (ssl->options.serverState == 8170 SERVER_HELLO_RETRY_REQUEST_COMPLETE) { 8171 if ((ssl->error = SendTls13ServerHello(ssl, 8172 hello_retry_request)) != 0) { 6923 8173 WOLFSSL_ERROR(ssl->error); 6924 8174 return WOLFSSL_FATAL_ERROR; 6925 8175 } 6926 8176 } 6927 ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE; 8177 8178 ssl->options.acceptState = TLS13_ACCEPT_HELLO_RETRY_REQUEST_DONE; 8179 WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE"); 8180 FALL_THROUGH; 8181 8182 case TLS13_ACCEPT_HELLO_RETRY_REQUEST_DONE : 8183 #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT 8184 if (ssl->options.serverState == 8185 SERVER_HELLO_RETRY_REQUEST_COMPLETE) { 8186 if ((ssl->error = SendChangeCipher(ssl)) != 0) { 8187 WOLFSSL_ERROR(ssl->error); 8188 return WOLFSSL_FATAL_ERROR; 8189 } 8190 ssl->options.sentChangeCipher = 1; 8191 } 8192 #endif 8193 ssl->options.acceptState = TLS13_ACCEPT_FIRST_REPLY_DONE; 6928 8194 WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE"); 6929 8195 FALL_THROUGH; 6930 6931 case ACCEPT_FIRST_REPLY_DONE : 6932 if ((ssl->error = SendTls13ServerHello(ssl)) != 0) { 8196 #endif 8197 8198 case TLS13_ACCEPT_FIRST_REPLY_DONE : 8199 if (ssl->options.serverState == 8200 SERVER_HELLO_RETRY_REQUEST_COMPLETE) { 8201 ssl->options.clientState = CLIENT_HELLO_RETRY; 8202 while (ssl->options.clientState < CLIENT_HELLO_COMPLETE) { 8203 if ((ssl->error = ProcessReply(ssl)) < 0) { 8204 WOLFSSL_ERROR(ssl->error); 8205 return WOLFSSL_FATAL_ERROR; 8206 } 8207 } 8208 } 8209 8210 ssl->options.acceptState = TLS13_ACCEPT_SECOND_REPLY_DONE; 8211 WOLFSSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE"); 8212 FALL_THROUGH; 8213 8214 case TLS13_ACCEPT_SECOND_REPLY_DONE : 8215 if ((ssl->error = SendTls13ServerHello(ssl, server_hello)) != 0) { 6933 8216 WOLFSSL_ERROR(ssl->error); 6934 8217 return WOLFSSL_FATAL_ERROR; 6935 8218 } 6936 ssl->options.acceptState = SERVER_HELLO_SENT;8219 ssl->options.acceptState = TLS13_SERVER_HELLO_SENT; 6937 8220 WOLFSSL_MSG("accept state SERVER_HELLO_SENT"); 6938 8221 FALL_THROUGH; 6939 8222 6940 case SERVER_HELLO_SENT : 8223 case TLS13_SERVER_HELLO_SENT : 8224 #if !defined(WOLFSSL_TLS13_DRAFT_18) && \ 8225 defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 8226 if (!ssl->options.sentChangeCipher) { 8227 if ((ssl->error = SendChangeCipher(ssl)) != 0) { 8228 WOLFSSL_ERROR(ssl->error); 8229 return WOLFSSL_FATAL_ERROR; 8230 } 8231 ssl->options.sentChangeCipher = 1; 8232 } 8233 #endif 8234 8235 ssl->options.acceptState = TLS13_ACCEPT_THIRD_REPLY_DONE; 8236 WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE"); 8237 FALL_THROUGH; 8238 8239 case TLS13_ACCEPT_THIRD_REPLY_DONE : 8240 if (!ssl->options.noPskDheKe) { 8241 ssl->error = TLSX_KeyShare_DeriveSecret(ssl); 8242 if (ssl->error != 0) 8243 return WOLFSSL_FATAL_ERROR; 8244 } 8245 6941 8246 if ((ssl->error = SendTls13EncryptedExtensions(ssl)) != 0) { 6942 8247 WOLFSSL_ERROR(ssl->error); 6943 8248 return WOLFSSL_FATAL_ERROR; 6944 8249 } 6945 ssl->options.acceptState = SERVER_EXTENSIONS_SENT;8250 ssl->options.acceptState = TLS13_SERVER_EXTENSIONS_SENT; 6946 8251 WOLFSSL_MSG("accept state SERVER_EXTENSIONS_SENT"); 6947 8252 FALL_THROUGH; 6948 8253 6949 case SERVER_EXTENSIONS_SENT :8254 case TLS13_SERVER_EXTENSIONS_SENT : 6950 8255 #ifndef NO_CERTS 6951 8256 if (!ssl->options.resuming) { … … 6959 8264 } 6960 8265 #endif 6961 ssl->options.acceptState = CERT_REQ_SENT;8266 ssl->options.acceptState = TLS13_CERT_REQ_SENT; 6962 8267 WOLFSSL_MSG("accept state CERT_REQ_SENT"); 6963 8268 FALL_THROUGH; 6964 8269 6965 case CERT_REQ_SENT : 6966 ssl->options.acceptState = KEY_EXCHANGE_SENT; 8270 case TLS13_CERT_REQ_SENT : 6967 8271 #ifndef NO_CERTS 6968 8272 if (!ssl->options.resuming && ssl->options.sendVerify) { … … 6973 8277 } 6974 8278 #endif 6975 ssl->options.acceptState = CERT_SENT;8279 ssl->options.acceptState = TLS13_CERT_SENT; 6976 8280 WOLFSSL_MSG("accept state CERT_SENT"); 6977 8281 FALL_THROUGH; 6978 8282 6979 case CERT_SENT :8283 case TLS13_CERT_SENT : 6980 8284 #ifndef NO_CERTS 6981 8285 if (!ssl->options.resuming && ssl->options.sendVerify) { … … 6986 8290 } 6987 8291 #endif 6988 ssl->options.acceptState = CERT_STATUS_SENT;6989 WOLFSSL_MSG("accept state CERT_ STATUS_SENT");8292 ssl->options.acceptState = TLS13_CERT_VERIFY_SENT; 8293 WOLFSSL_MSG("accept state CERT_VERIFY_SENT"); 6990 8294 FALL_THROUGH; 6991 8295 6992 case CERT_VERIFY_SENT :8296 case TLS13_CERT_VERIFY_SENT : 6993 8297 if ((ssl->error = SendTls13Finished(ssl)) != 0) { 6994 8298 WOLFSSL_ERROR(ssl->error); … … 6996 8300 } 6997 8301 6998 ssl->options.acceptState = ACCEPT_FINISHED_DONE;6999 WOLFSSL_MSG("accept state ACCEPT_FINISHED_ DONE");8302 ssl->options.acceptState = TLS13_ACCEPT_FINISHED_SENT; 8303 WOLFSSL_MSG("accept state ACCEPT_FINISHED_SENT"); 7000 8304 #ifdef WOLFSSL_EARLY_DATA 7001 if (ssl->earlyData ) {8305 if (ssl->earlyData != no_early_data) { 7002 8306 ssl->options.handShakeState = SERVER_FINISHED_COMPLETE; 7003 8307 return WOLFSSL_SUCCESS; … … 7006 8310 FALL_THROUGH; 7007 8311 7008 case ACCEPT_FINISHED_DONE:8312 case TLS13_ACCEPT_FINISHED_SENT : 7009 8313 #ifdef HAVE_SESSION_TICKET 7010 8314 #ifdef WOLFSSL_TLS13_TICKET_BEFORE_FINISHED … … 7018 8322 #endif 7019 8323 #endif /* HAVE_SESSION_TICKET */ 7020 ssl->options.acceptState = T ICKET_SENT;8324 ssl->options.acceptState = TLS13_PRE_TICKET_SENT; 7021 8325 WOLFSSL_MSG("accept state TICKET_SENT"); 7022 8326 FALL_THROUGH; 7023 8327 7024 case T ICKET_SENT:8328 case TLS13_PRE_TICKET_SENT : 7025 8329 while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE) 7026 8330 if ( (ssl->error = ProcessReply(ssl)) < 0) { … … 7029 8333 } 7030 8334 7031 ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE;7032 WOLFSSL_MSG("accept state ACCEPT_ SECOND_REPLY_DONE");8335 ssl->options.acceptState = TLS13_ACCEPT_FINISHED_DONE; 8336 WOLFSSL_MSG("accept state ACCEPT_FINISHED_DONE"); 7033 8337 FALL_THROUGH; 7034 8338 7035 case ACCEPT_SECOND_REPLY_DONE :8339 case TLS13_ACCEPT_FINISHED_DONE : 7036 8340 #ifdef HAVE_SESSION_TICKET 7037 8341 #ifdef WOLFSSL_TLS13_TICKET_BEFORE_FINISHED … … 7048 8352 } 7049 8353 #endif /* HAVE_SESSION_TICKET */ 7050 ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE;7051 WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE");8354 ssl->options.acceptState = TLS13_TICKET_SENT; 8355 WOLFSSL_MSG("accept state TICKET_SENT"); 7052 8356 FALL_THROUGH; 7053 8357 7054 case ACCEPT_THIRD_REPLY_DONE:8358 case TLS13_TICKET_SENT : 7055 8359 #ifndef NO_HANDSHAKE_DONE_CB 7056 8360 if (ssl->hsDoneCb) { … … 7064 8368 #endif /* NO_HANDSHAKE_DONE_CB */ 7065 8369 8370 if (!ssl->options.keepResources) { 8371 FreeHandshakeResources(ssl); 8372 } 8373 7066 8374 WOLFSSL_LEAVE("SSL_accept()", WOLFSSL_SUCCESS); 7067 8375 return WOLFSSL_SUCCESS; … … 7140 8448 return BAD_FUNC_ARG; 7141 8449 8450 #ifndef NO_WOLFSSL_CLIENT 7142 8451 if (ssl->options.side == WOLFSSL_SERVER_END) 7143 8452 return SIDE_ERROR; 7144 8453 7145 8454 if (ssl->options.handShakeState == NULL_STATE) { 7146 ssl->earlyData = 1;8455 ssl->earlyData = expecting_early_data; 7147 8456 ret = wolfSSL_connect_TLSv13(ssl); 7148 if (ret <= 0)8457 if (ret != WOLFSSL_SUCCESS) 7149 8458 return WOLFSSL_FATAL_ERROR; 7150 8459 } … … 7154 8463 *outSz = ret; 7155 8464 } 8465 #else 8466 return SIDE_ERROR; 8467 #endif 7156 8468 7157 8469 WOLFSSL_LEAVE("SSL_write_early_data()", ret); … … 7174 8486 int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz, int* outSz) 7175 8487 { 7176 int ret ;8488 int ret = 0; 7177 8489 7178 8490 WOLFSSL_ENTER("wolfSSL_read_early_data()"); … … 7184 8496 return BAD_FUNC_ARG; 7185 8497 8498 #ifndef NO_WOLFSSL_SERVER 7186 8499 if (ssl->options.side == WOLFSSL_CLIENT_END) 7187 8500 return SIDE_ERROR; 7188 8501 7189 8502 if (ssl->options.handShakeState == NULL_STATE) { 7190 ssl->earlyData = 1;8503 ssl->earlyData = expecting_early_data; 7191 8504 ret = wolfSSL_accept_TLSv13(ssl); 7192 8505 if (ret <= 0) … … 7202 8515 else 7203 8516 ret = 0; 8517 #else 8518 return SIDE_ERROR; 8519 #endif 7204 8520 7205 8521 WOLFSSL_LEAVE("wolfSSL_read_early_data()", ret); -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/src/wolfio.c
r337 r372 47 47 * WOLFSSL_USER_IO: Disables default Embed* callbacks and default: off 48 48 allows user to define their own using 49 wolfSSL_ SetIORecv and wolfSSL_SetIOSend49 wolfSSL_CTX_SetIORecv and wolfSSL_CTX_SetIOSend 50 50 * USE_WOLFSSL_IO: Enables the wolfSSL IO functions default: off 51 51 * HAVE_HTTP_CLIENT: Enables HTTP client API's default: off … … 65 65 * send() and recv() if need be. 66 66 */ 67 static INLINE int TranslateReturnCode(int old, int sd)67 static WC_INLINE int TranslateReturnCode(int old, int sd) 68 68 { 69 69 (void)sd; … … 89 89 } 90 90 91 static INLINE intLastError(void)91 static WC_INLINE int wolfSSL_LastError(void) 92 92 { 93 93 #ifdef USE_WINDOWS_API … … 103 103 104 104 105 #ifdef OPENSSL_EXTRA 106 /* Use the WOLFSSL read BIO for receiving data. This is set by the function 107 * wolfSSL_set_bio and can also be set by wolfSSL_CTX_SetIORecv. 108 * 109 * ssl WOLFSSL struct passed in that has this function set as the receive 110 * callback. 111 * buf buffer to fill with data read 112 * sz size of buf buffer 113 * ctx a user set context 114 * 115 * returns the amount of data read or want read. See WOLFSSL_CBIO_ERR_* values. 116 */ 117 int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx) 118 { 119 int recvd = WOLFSSL_CBIO_ERR_GENERAL; 120 121 WOLFSSL_ENTER("BioReceive"); 122 123 if (ssl->biord == NULL) { 124 WOLFSSL_MSG("WOLFSSL biord not set"); 125 return WOLFSSL_CBIO_ERR_GENERAL; 126 } 127 128 switch (ssl->biord->type) { 129 case WOLFSSL_BIO_MEMORY: 130 case WOLFSSL_BIO_BIO: 131 if (wolfSSL_BIO_ctrl_pending(ssl->biord) == 0) { 132 return WOLFSSL_CBIO_ERR_WANT_READ; 133 } 134 recvd = wolfSSL_BIO_read(ssl->biord, buf, sz); 135 if (recvd <= 0) { 136 return WOLFSSL_CBIO_ERR_GENERAL; 137 } 138 break; 139 140 default: 141 WOLFSSL_MSG("This BIO type is unknown / unsupported"); 142 return WOLFSSL_CBIO_ERR_GENERAL; 143 } 144 145 (void)ctx; 146 return recvd; 147 } 148 149 150 /* Use the WOLFSSL write BIO for sending data. This is set by the function 151 * wolfSSL_set_bio and can also be set by wolfSSL_CTX_SetIOSend. 152 * 153 * ssl WOLFSSL struct passed in that has this function set as the send callback. 154 * buf buffer with data to write out 155 * sz size of buf buffer 156 * ctx a user set context 157 * 158 * returns the amount of data sent or want send. See WOLFSSL_CBIO_ERR_* values. 159 */ 160 int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx) 161 { 162 int sent = WOLFSSL_CBIO_ERR_GENERAL; 163 164 if (ssl->biowr == NULL) { 165 WOLFSSL_MSG("WOLFSSL biowr not set\n"); 166 return WOLFSSL_CBIO_ERR_GENERAL; 167 } 168 169 switch (ssl->biowr->type) { 170 case WOLFSSL_BIO_MEMORY: 171 case WOLFSSL_BIO_BIO: 172 sent = wolfSSL_BIO_write(ssl->biowr, buf, sz); 173 if (sent < 0) { 174 return WOLFSSL_CBIO_ERR_GENERAL; 175 } 176 break; 177 178 default: 179 WOLFSSL_MSG("This BIO type is unknown / unsupported"); 180 return WOLFSSL_CBIO_ERR_GENERAL; 181 } 182 (void)ctx; 183 184 return sent; 185 } 186 #endif 187 188 105 189 #ifdef USE_WOLFSSL_IO 106 190 … … 113 197 int recvd; 114 198 115 #ifdef WOLFSSL_DTLS116 {117 int dtls_timeout = wolfSSL_dtls_get_current_timeout(ssl);118 if (wolfSSL_dtls(ssl)119 && !wolfSSL_get_using_nonblock(ssl)120 && dtls_timeout != 0) {121 #ifdef USE_WINDOWS_API122 DWORD timeout = dtls_timeout * 1000;123 #else124 struct timeval timeout;125 XMEMSET(&timeout, 0, sizeof(timeout));126 timeout.tv_sec = dtls_timeout;127 #endif128 if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout,129 sizeof(timeout)) != 0) {130 WOLFSSL_MSG("setsockopt rcvtimeo failed");131 }132 }133 }134 #endif135 136 199 recvd = wolfIO_Recv(sd, buf, sz, ssl->rflags); 137 200 if (recvd < 0) { 138 int err = LastError();201 int err = wolfSSL_LastError(); 139 202 WOLFSSL_MSG("Embed Receive error"); 140 203 141 204 if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) { 142 if (!wolfSSL_dtls(ssl) || wolfSSL_get_using_nonblock(ssl)) {143 205 WOLFSSL_MSG("\tWould block"); 144 206 return WOLFSSL_CBIO_ERR_WANT_READ; 145 207 } 146 else {147 WOLFSSL_MSG("\tSocket timeout");148 return WOLFSSL_CBIO_ERR_TIMEOUT;149 }150 }151 208 else if (err == SOCKET_ECONNRESET) { 152 209 WOLFSSL_MSG("\tConnection reset"); … … 157 214 return WOLFSSL_CBIO_ERR_ISR; 158 215 } 159 else if (err == SOCKET_ECONNREFUSED) {160 WOLFSSL_MSG("\tConnection refused");161 return WOLFSSL_CBIO_ERR_WANT_READ;162 }163 216 else if (err == SOCKET_ECONNABORTED) { 164 217 WOLFSSL_MSG("\tConnection aborted"); … … 188 241 sent = wolfIO_Send(sd, buf, sz, ssl->wflags); 189 242 if (sent < 0) { 190 int err = LastError();243 int err = wolfSSL_LastError(); 191 244 WOLFSSL_MSG("Embed Send error"); 192 245 … … 263 316 264 317 if (recvd < 0) { 265 err = LastError();318 err = wolfSSL_LastError(); 266 319 WOLFSSL_MSG("Embed Receive From error"); 267 320 268 321 if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) { 269 if (wolfSSL_ get_using_nonblock(ssl)) {322 if (wolfSSL_dtls_get_using_nonblock(ssl)) { 270 323 WOLFSSL_MSG("\tWould block"); 271 324 return WOLFSSL_CBIO_ERR_WANT_READ; … … 326 379 327 380 if (sent < 0) { 328 err = LastError();381 err = wolfSSL_LastError(); 329 382 WOLFSSL_MSG("Embed Send To error"); 330 383 … … 374 427 375 428 if (recvd < 0) { 376 err = LastError();429 err = wolfSSL_LastError(); 377 430 WOLFSSL_MSG("Embed Receive From error"); 378 431 379 432 if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) { 380 if (wolfSSL_ get_using_nonblock(ssl)) {433 if (wolfSSL_dtls_get_using_nonblock(ssl)) { 381 434 WOLFSSL_MSG("\tWould block"); 382 435 return WOLFSSL_CBIO_ERR_WANT_READ; … … 626 679 } 627 680 628 #ifdef _MSC_VER629 /* 4204: non-constant aggregate initializer (nfds = sockfd + 1) */630 #pragma warning(disable: 4204)631 #endif632 681 int wolfIO_Select(SOCKET_T sockfd, int to_sec) 633 682 { 634 fd_set fds;635 SOCKET_T nfds = sockfd + 1;683 fd_set rfds, wfds; 684 int nfds = 0; 636 685 struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0}; 637 686 int ret; 638 687 639 FD_ZERO(&fds); 640 FD_SET(sockfd, &fds); 641 642 ret = select(nfds, &fds, &fds, NULL, &timeout); 688 #ifndef USE_WINDOWS_API 689 nfds = (int)sockfd + 1; 690 #endif 691 692 FD_ZERO(&rfds); 693 FD_SET(sockfd, &rfds); 694 wfds = rfds; 695 696 ret = select(nfds, &rfds, &wfds, NULL, &timeout); 643 697 if (ret == 0) { 644 698 #ifdef DEBUG_HTTP … … 648 702 } 649 703 else if (ret > 0) { 650 if (FD_ISSET(sockfd, &fds)) 704 if (FD_ISSET(sockfd, &wfds)) { 705 if (!FD_ISSET(sockfd, &rfds)) { 651 706 return 0; 707 } 708 } 652 709 } 653 710 return SOCKET_ERROR_E; … … 934 991 } 935 992 936 int wolfIO_HttpProcessResponse(int sfd, const char* appStr,993 int wolfIO_HttpProcessResponse(int sfd, const char** appStrList, 937 994 byte** respBuf, byte* httpBuf, int httpBufSz, int dynType, void* heap) 938 995 { … … 1017 1074 case phr_have_type: 1018 1075 if (XSTRNCASECMP(start, "Content-Type:", 13) == 0) { 1076 int i; 1077 1019 1078 start += 13; 1020 1079 while (*start == ' ' && *start != '\0') start++; 1021 if (XSTRNCASECMP(start, appStr, XSTRLEN(appStr)) != 0) { 1080 1081 /* try and match against appStrList */ 1082 i = 0; 1083 while (appStrList[i] != NULL) { 1084 if (XSTRNCASECMP(start, appStrList[i], 1085 XSTRLEN(appStrList[i])) == 0) { 1086 break; 1087 } 1088 i++; 1089 } 1090 if (appStrList[i] == NULL) { 1022 1091 WOLFSSL_MSG("wolfIO_HttpProcessResponse appstr mismatch"); 1023 1092 return -1; … … 1117 1186 return 0; 1118 1187 1119 XSTRNCPY((char*)buf, reqType, reqTypeLen);1120 buf += reqTypeLen; 1121 XSTRNCPY((char*)buf, blankStr, b lankStrLen+1);1122 buf += blankStrLen; 1123 XSTRNCPY((char*)buf, path, pathLen);1124 buf += pathLen; 1125 XSTRNCPY((char*)buf, http11Str, http11StrLen+1);1126 buf += http11StrLen; 1188 XSTRNCPY((char*)buf, reqType, bufSize); 1189 buf += reqTypeLen; bufSize -= reqTypeLen; 1190 XSTRNCPY((char*)buf, blankStr, bufSize); 1191 buf += blankStrLen; bufSize -= blankStrLen; 1192 XSTRNCPY((char*)buf, path, bufSize); 1193 buf += pathLen; bufSize -= pathLen; 1194 XSTRNCPY((char*)buf, http11Str, bufSize); 1195 buf += http11StrLen; bufSize -= http11StrLen; 1127 1196 if (domainNameLen > 0) { 1128 XSTRNCPY((char*)buf, hostStr, hostStrLen+1);1129 buf += hostStrLen; 1130 XSTRNCPY((char*)buf, domainName, domainNameLen);1131 buf += domainNameLen; 1197 XSTRNCPY((char*)buf, hostStr, bufSize); 1198 buf += hostStrLen; bufSize -= hostStrLen; 1199 XSTRNCPY((char*)buf, domainName, bufSize); 1200 buf += domainNameLen; bufSize -= domainNameLen; 1132 1201 } 1133 1202 if (reqSz > 0 && reqSzStrLen > 0) { 1134 XSTRNCPY((char*)buf, contentLenStr, contentLenStrLen+1);1135 buf += contentLenStrLen; 1136 XSTRNCPY((char*)buf, reqSzStr, reqSzStrLen);1137 buf += reqSzStrLen; 1203 XSTRNCPY((char*)buf, contentLenStr, bufSize); 1204 buf += contentLenStrLen; bufSize -= contentLenStrLen; 1205 XSTRNCPY((char*)buf, reqSzStr, bufSize); 1206 buf += reqSzStrLen; bufSize -= reqSzStrLen; 1138 1207 } 1139 1208 if (contentTypeLen > 0) { 1140 XSTRNCPY((char*)buf, contentTypeStr, contentTypeStrLen+1);1141 buf += contentTypeStrLen; 1142 XSTRNCPY((char*)buf, contentType, contentTypeLen);1143 buf += contentTypeLen; 1144 } 1145 XSTRNCPY((char*)buf, doubleCrLfStr, doubleCrLfStrLen+1);1209 XSTRNCPY((char*)buf, contentTypeStr, bufSize); 1210 buf += contentTypeStrLen; bufSize -= contentTypeStrLen; 1211 XSTRNCPY((char*)buf, contentType, bufSize); 1212 buf += contentTypeLen; bufSize -= contentTypeLen; 1213 } 1214 XSTRNCPY((char*)buf, doubleCrLfStr, bufSize); 1146 1215 buf += doubleCrLfStrLen; 1147 1216 … … 1169 1238 byte* httpBuf, int httpBufSz, void* heap) 1170 1239 { 1171 return wolfIO_HttpProcessResponse(sfd, "application/ocsp-response", 1240 const char* appStrList[] = { 1241 "application/ocsp-response", 1242 NULL 1243 }; 1244 1245 return wolfIO_HttpProcessResponse(sfd, appStrList, 1172 1246 respBuf, httpBuf, httpBufSz, DYNAMIC_TYPE_OCSP, heap); 1173 1247 } … … 1223 1297 1224 1298 ret = wolfIO_TcpConnect(&sfd, domainName, port, io_timeout_sec); 1225 if ((ret != 0) || ( sfd < 0)) {1299 if ((ret != 0) || ((int)sfd < 0)) { 1226 1300 WOLFSSL_MSG("OCSP Responder connection failed"); 1227 1301 } … … 1239 1313 } 1240 1314 1241 close(sfd);1315 CloseSocket(sfd); 1242 1316 XFREE(httpBuf, ctx, DYNAMIC_TYPE_OCSP); 1243 1317 } … … 1278 1352 byte *respBuf = NULL; 1279 1353 1280 result = wolfIO_HttpProcessResponse(sfd, "application/pkix-crl", 1354 const char* appStrList[] = { 1355 "application/pkix-crl", 1356 "application/x-pkcs7-crl", 1357 NULL 1358 }; 1359 1360 result = wolfIO_HttpProcessResponse(sfd, appStrList, 1281 1361 &respBuf, httpBuf, httpBufSz, DYNAMIC_TYPE_CRL, crl->heap); 1282 1362 if (result >= 0) { … … 1334 1414 } 1335 1415 1336 close(sfd);1416 CloseSocket(sfd); 1337 1417 XFREE(httpBuf, crl->heap, DYNAMIC_TYPE_CRL); 1338 1418 } … … 1351 1431 1352 1432 1353 WOLFSSL_API void wolfSSL_SetIORecv(WOLFSSL_CTX *ctx, CallbackIORecv CBIORecv) 1354 { 1433 WOLFSSL_API void wolfSSL_CTX_SetIORecv(WOLFSSL_CTX *ctx, CallbackIORecv CBIORecv) 1434 { 1435 if (ctx != NULL) { 1355 1436 ctx->CBIORecv = CBIORecv; 1356 } 1357 1358 1359 WOLFSSL_API void wolfSSL_SetIOSend(WOLFSSL_CTX *ctx, CallbackIOSend CBIOSend) 1360 { 1437 #ifdef OPENSSL_EXTRA 1438 ctx->cbioFlag |= WOLFSSL_CBIO_RECV; 1439 #endif 1440 } 1441 } 1442 1443 1444 WOLFSSL_API void wolfSSL_CTX_SetIOSend(WOLFSSL_CTX *ctx, CallbackIOSend CBIOSend) 1445 { 1446 if (ctx != NULL) { 1361 1447 ctx->CBIOSend = CBIOSend; 1448 #ifdef OPENSSL_EXTRA 1449 ctx->cbioFlag |= WOLFSSL_CBIO_SEND; 1450 #endif 1451 } 1362 1452 } 1363 1453 … … 1611 1701 int dtls_timeout = wolfSSL_dtls_get_current_timeout(ssl); 1612 1702 if (wolfSSL_dtls(ssl) 1613 && !wolfSSL_ get_using_nonblock(ssl)1703 && !wolfSSL_dtls_get_using_nonblock(ssl) 1614 1704 && dtls_timeout != 0) { 1615 1705 /* needs timeout in milliseconds */ … … 1628 1718 if (err == NET_ERR_RX || err == NET_SOCK_ERR_RX_Q_EMPTY || 1629 1719 err == NET_ERR_FAULT_LOCK_ACQUIRE) { 1630 if (!wolfSSL_dtls(ssl) || wolfSSL_ get_using_nonblock(ssl)) {1720 if (!wolfSSL_dtls(ssl) || wolfSSL_dtls_get_using_nonblock(ssl)) { 1631 1721 WOLFSSL_MSG("\tWould block"); 1632 1722 return WOLFSSL_CBIO_ERR_WANT_READ; … … 1668 1758 dtls_timeout = 0; 1669 1759 1670 if (!wolfSSL_ get_using_nonblock(ssl)) {1760 if (!wolfSSL_dtls_get_using_nonblock(ssl)) { 1671 1761 /* needs timeout in milliseconds */ 1672 1762 NetSock_CfgTimeoutRxQ_Set(sd, dtls_timeout * 1000, &err); … … 1683 1773 if (err == NET_ERR_RX || err == NET_SOCK_ERR_RX_Q_EMPTY || 1684 1774 err == NET_ERR_FAULT_LOCK_ACQUIRE) { 1685 if (wolfSSL_ get_using_nonblock(ssl)) {1775 if (wolfSSL_dtls_get_using_nonblock(ssl)) { 1686 1776 WOLFSSL_MSG("\tWould block"); 1687 1777 return WOLFSSL_CBIO_ERR_WANT_READ; … … 1773 1863 #endif /* MICRIUM */ 1774 1864 1865 #if defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) 1866 1867 #include <os/os_error.h> 1868 #include <os/os_mbuf.h> 1869 #include <os/os_mempool.h> 1870 1871 #define MB_NAME "wolfssl_mb" 1872 1873 typedef struct Mynewt_Ctx { 1874 struct mn_socket *mnSocket; /* send/recv socket handler */ 1875 struct mn_sockaddr_in mnSockAddrIn; /* socket address */ 1876 struct os_mbuf *mnPacket; /* incoming packet handle 1877 for short reads */ 1878 int reading; /* reading flag */ 1879 1880 /* private */ 1881 void *mnMemBuffer; /* memory buffer for mempool */ 1882 struct os_mempool mnMempool; /* mempool */ 1883 struct os_mbuf_pool mnMbufpool; /* mbuf pool */ 1884 } Mynewt_Ctx; 1885 1886 void mynewt_ctx_clear(void *ctx) { 1887 Mynewt_Ctx *mynewt_ctx = (Mynewt_Ctx*)ctx; 1888 if(!mynewt_ctx) return; 1889 1890 if(mynewt_ctx->mnPacket) { 1891 os_mbuf_free_chain(mynewt_ctx->mnPacket); 1892 mynewt_ctx->mnPacket = NULL; 1893 } 1894 os_mempool_clear(&mynewt_ctx->mnMempool); 1895 XFREE(mynewt_ctx->mnMemBuffer, 0, 0); 1896 XFREE(mynewt_ctx, 0, 0); 1897 } 1898 1899 /* return Mynewt_Ctx instance */ 1900 void* mynewt_ctx_new() { 1901 int rc = 0; 1902 Mynewt_Ctx *mynewt_ctx = NULL; 1903 int mem_buf_count = MYNEWT_VAL(WOLFSSL_MNSOCK_MEM_BUF_COUNT); 1904 int mem_buf_size = MYNEWT_VAL(WOLFSSL_MNSOCK_MEM_BUF_SIZE); 1905 int mempool_bytes = OS_MEMPOOL_BYTES(mem_buf_count, mem_buf_size); 1906 1907 mynewt_ctx = (Mynewt_Ctx *)XMALLOC(sizeof(struct Mynewt_Ctx), 1908 NULL, DYNAMIC_TYPE_TMP_BUFFER); 1909 if(!mynewt_ctx) return NULL; 1910 1911 XMEMSET(mynewt_ctx, 0, sizeof(Mynewt_Ctx)); 1912 mynewt_ctx->mnMemBuffer = XMALLOC(mempool_bytes, 0, 0); 1913 if(!mynewt_ctx->mnMemBuffer) { 1914 mynewt_ctx_clear((void*)mynewt_ctx); 1915 return NULL; 1916 } 1917 1918 rc = os_mempool_init(&mynewt_ctx->mnMempool, 1919 mem_buf_count, mem_buf_size, 1920 mynewt_ctx->mnMemBuffer, MB_NAME); 1921 if(rc != 0) { 1922 mynewt_ctx_clear((void*)mynewt_ctx); 1923 return NULL; 1924 } 1925 rc = os_mbuf_pool_init(&mynewt_ctx->mnMbufpool, &mynewt_ctx->mnMempool, 1926 mem_buf_count, mem_buf_size); 1927 if(rc != 0) { 1928 mynewt_ctx_clear((void*)mynewt_ctx); 1929 return NULL; 1930 } 1931 1932 return mynewt_ctx; 1933 } 1934 1935 static void mynewt_sock_writable(void *arg, int err); 1936 static void mynewt_sock_readable(void *arg, int err); 1937 static const union mn_socket_cb mynewt_sock_cbs = { 1938 .socket.writable = mynewt_sock_writable, 1939 .socket.readable = mynewt_sock_readable, 1940 }; 1941 static void mynewt_sock_writable(void *arg, int err) 1942 { 1943 /* do nothing */ 1944 } 1945 static void mynewt_sock_readable(void *arg, int err) 1946 { 1947 Mynewt_Ctx *mynewt_ctx = (Mynewt_Ctx *)arg; 1948 if (err && mynewt_ctx->reading) { 1949 mynewt_ctx->reading = 0; 1950 } 1951 } 1952 1953 /* The Mynewt receive callback 1954 * return : bytes read, or error 1955 */ 1956 int Mynewt_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx) 1957 { 1958 Mynewt_Ctx *mynewt_ctx = (Mynewt_Ctx*)ctx; 1959 int rc = 0; 1960 struct mn_sockaddr_in from; 1961 struct os_mbuf *m; 1962 int read_sz = 0; 1963 uint16_t total; 1964 1965 if (mynewt_ctx == NULL || mynewt_ctx->mnSocket == NULL) { 1966 WOLFSSL_MSG("Mynewt Recv NULL parameters"); 1967 return WOLFSSL_CBIO_ERR_GENERAL; 1968 } 1969 1970 if(mynewt_ctx->mnPacket == NULL) { 1971 mynewt_ctx->mnPacket = os_mbuf_get_pkthdr(&mynewt_ctx->mnMbufpool, 0); 1972 if(mynewt_ctx->mnPacket == NULL) { 1973 return MEMORY_E; 1974 } 1975 1976 mynewt_ctx->reading = 1; 1977 while(mynewt_ctx->reading && rc == 0) { 1978 rc = mn_recvfrom(mynewt_ctx->mnSocket, &m, (struct mn_sockaddr *) &from); 1979 if(rc == MN_ECONNABORTED) { 1980 rc = 0; 1981 mynewt_ctx->reading = 0; 1982 break; 1983 } 1984 if (!(rc == 0 || rc == MN_EAGAIN)) { 1985 WOLFSSL_MSG("Mynewt Recv receive error"); 1986 mynewt_ctx->reading = 0; 1987 break; 1988 } 1989 if(rc == 0) { 1990 int len = OS_MBUF_PKTLEN(m); 1991 if(len == 0) { 1992 break; 1993 } 1994 rc = os_mbuf_appendfrom(mynewt_ctx->mnPacket, m, 0, len); 1995 if(rc != 0) { 1996 WOLFSSL_MSG("Mynewt Recv os_mbuf_appendfrom error"); 1997 break; 1998 } 1999 os_mbuf_free_chain(m); 2000 m = NULL; 2001 } else if(rc == MN_EAGAIN) { 2002 /* continue to until reading all of packet data. */ 2003 rc = 0; 2004 break; 2005 } 2006 } 2007 if(rc != 0) { 2008 mynewt_ctx->reading = 0; 2009 os_mbuf_free_chain(mynewt_ctx->mnPacket); 2010 mynewt_ctx->mnPacket = NULL; 2011 return rc; 2012 } 2013 } 2014 2015 if(mynewt_ctx->mnPacket) { 2016 total = OS_MBUF_PKTLEN(mynewt_ctx->mnPacket); 2017 read_sz = (total >= sz)? sz : total; 2018 2019 os_mbuf_copydata(mynewt_ctx->mnPacket, 0, read_sz, (void*)buf); 2020 os_mbuf_adj(mynewt_ctx->mnPacket, read_sz); 2021 2022 if (read_sz == total) { 2023 WOLFSSL_MSG("Mynewt Recv Drained packet"); 2024 os_mbuf_free_chain(mynewt_ctx->mnPacket); 2025 mynewt_ctx->mnPacket = NULL; 2026 } 2027 } 2028 2029 return read_sz; 2030 } 2031 2032 /* The Mynewt send callback 2033 * return : bytes sent, or error 2034 */ 2035 int Mynewt_Send(WOLFSSL* ssl, char *buf, int sz, void *ctx) 2036 { 2037 Mynewt_Ctx *mynewt_ctx = (Mynewt_Ctx*)ctx; 2038 int rc = 0; 2039 struct os_mbuf *m = NULL; 2040 int write_sz = 0; 2041 m = os_msys_get_pkthdr(sz, 0); 2042 if (!m) { 2043 WOLFSSL_MSG("Mynewt Send os_msys_get_pkthdr error"); 2044 return WOLFSSL_CBIO_ERR_GENERAL; 2045 } 2046 rc = os_mbuf_copyinto(m, 0, buf, sz); 2047 if (rc != 0) { 2048 WOLFSSL_MSG("Mynewt Send os_mbuf_copyinto error"); 2049 os_mbuf_free_chain(m); 2050 return rc; 2051 } 2052 rc = mn_sendto(mynewt_ctx->mnSocket, m, (struct mn_sockaddr *)&mynewt_ctx->mnSockAddrIn); 2053 if(rc != 0) { 2054 WOLFSSL_MSG("Mynewt Send mn_sendto error"); 2055 os_mbuf_free_chain(m); 2056 return rc; 2057 } 2058 write_sz = sz; 2059 return write_sz; 2060 } 2061 2062 /* like set_fd, but for default NetX context */ 2063 void wolfSSL_SetIO_Mynewt(WOLFSSL* ssl, struct mn_socket* mnSocket, struct mn_sockaddr_in* mnSockAddrIn) 2064 { 2065 if (ssl && ssl->mnCtx) { 2066 Mynewt_Ctx *mynewt_ctx = (Mynewt_Ctx *)ssl->mnCtx; 2067 mynewt_ctx->mnSocket = mnSocket; 2068 memcpy(&mynewt_ctx->mnSockAddrIn, mnSockAddrIn, sizeof(struct mn_sockaddr_in)); 2069 mn_socket_set_cbs(mynewt_ctx->mnSocket, mnSocket, &mynewt_sock_cbs); 2070 } 2071 } 2072 2073 #endif /* defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) */ 2074 2075 #ifdef WOLFSSL_UIP 2076 #include <uip.h> 2077 #include <stdio.h> 2078 2079 /* uIP TCP/IP port, using the native tcp/udp socket api. 2080 * TCP and UDP are currently supported with the callbacks below. 2081 * 2082 */ 2083 /* The uIP tcp send callback 2084 * return : bytes sent, or error 2085 */ 2086 int uIPSend(WOLFSSL* ssl, char* buf, int sz, void* _ctx) 2087 { 2088 uip_wolfssl_ctx *ctx = (struct uip_wolfssl_ctx *)_ctx; 2089 int ret; 2090 unsigned int max_sendlen; 2091 int total_written = 0; 2092 (void)ssl; 2093 do { 2094 unsigned int bytes_left = sz - total_written; 2095 max_sendlen = tcp_socket_max_sendlen(&ctx->conn.tcp); 2096 if (bytes_left > max_sendlen) { 2097 printf("Send limited by buffer\r\n"); 2098 bytes_left = max_sendlen; 2099 } 2100 if (bytes_left == 0) { 2101 printf("Buffer full!\r\n"); 2102 break; 2103 } 2104 ret = tcp_socket_send(&ctx->conn.tcp, (unsigned char *)buf + total_written, bytes_left); 2105 if (ret <= 0) 2106 break; 2107 total_written += ret; 2108 } while(total_written < sz); 2109 return total_written; 2110 } 2111 2112 int uIPSendTo(WOLFSSL* ssl, char* buf, int sz, void* _ctx) 2113 { 2114 uip_wolfssl_ctx *ctx = (struct uip_wolfssl_ctx *)_ctx; 2115 int ret = 0; 2116 (void)ssl; 2117 ret = udp_socket_sendto(&ctx->conn.udp, (unsigned char *)buf, sz, &ctx->peer_addr, ctx->peer_port ); 2118 if (ret <= 0) 2119 return 0; 2120 return ret; 2121 } 2122 2123 /* The uIP uTCP/IP receive callback 2124 * return : nb bytes read, or error 2125 */ 2126 int uIPReceive(WOLFSSL *ssl, char *buf, int sz, void *_ctx) 2127 { 2128 uip_wolfssl_ctx *ctx = (uip_wolfssl_ctx *)_ctx; 2129 if (!ctx || !ctx->ssl_rx_databuf) 2130 return -1; 2131 (void)ssl; 2132 if (ctx->ssl_rb_len > 0) { 2133 if (sz > ctx->ssl_rb_len - ctx->ssl_rb_off) 2134 sz = ctx->ssl_rb_len - ctx->ssl_rb_off; 2135 XMEMCPY(buf, ctx->ssl_rx_databuf + ctx->ssl_rb_off, sz); 2136 ctx->ssl_rb_off += sz; 2137 if (ctx->ssl_rb_off >= ctx->ssl_rb_len) { 2138 ctx->ssl_rb_len = 0; 2139 ctx->ssl_rb_off = 0; 2140 } 2141 return sz; 2142 } else { 2143 return WOLFSSL_CBIO_ERR_WANT_READ; 2144 } 2145 } 2146 2147 /* uIP DTLS Generate Cookie callback 2148 * return : number of bytes copied into buf, or error 2149 */ 2150 int uIPGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *_ctx) 2151 { 2152 uip_wolfssl_ctx *ctx = (uip_wolfssl_ctx *)ctx; 2153 byte token[32]; 2154 byte digest[WC_SHA_DIGEST_SIZE]; 2155 int ret = 0; 2156 XMEMSET(token, 0, sizeof(token)); 2157 XMEMCPY(token, &ctx->peer_addr, sizeof(uip_ipaddr_t)); 2158 XMEMCPY(token + sizeof(uip_ipaddr_t), &ctx->peer_port, sizeof(word16)); 2159 ret = wc_ShaHash(token, sizeof(uip_ipaddr_t) + sizeof(word16), digest); 2160 if (ret != 0) 2161 return ret; 2162 if (sz > WC_SHA_DIGEST_SIZE) 2163 sz = WC_SHA_DIGEST_SIZE; 2164 XMEMCPY(buf, digest, sz); 2165 return sz; 2166 } 2167 2168 #endif /* WOLFSSL_UIP */ 2169 1775 2170 #endif /* WOLFCRYPT_ONLY */
Note:
See TracChangeset
for help on using the changeset viewer.