Changeset 372 for asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl
- Timestamp:
- Feb 7, 2019, 8:36:33 AM (5 years ago)
- Location:
- asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl
- Files:
-
- 2 added
- 67 edited
Legend:
- Unmodified
- Added
- Removed
-
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/error-ssl.h
r337 r372 58 58 WANT_READ = -323, /* want read, call again */ 59 59 NOT_READY_ERROR = -324, /* handshake layer not ready */ 60 PMS_VERSION_ERROR = -325, /* pre m secret version error */ 60 61 61 VERSION_ERROR = -326, /* record layer version error */ 62 62 WANT_WRITE = -327, /* want write, call again */ … … 67 67 SERVER_HINT_ERROR = -332, /* psk server hint error */ 68 68 PSK_KEY_ERROR = -333, /* psk key error */ 69 ZLIB_INIT_ERROR = -334, /* zlib init error */70 ZLIB_COMPRESS_ERROR = -335, /* zlib compression error */71 ZLIB_DECOMPRESS_ERROR = -336, /* zlib decompression error */72 69 73 70 GETTIME_ERROR = -337, /* gettimeofday failed ??? */ … … 105 102 SEQUENCE_ERROR = -370, /* dtls sequence error */ 106 103 SUITES_ERROR = -371, /* suites pointer error */ 107 SSL_NO_PEM_HEADER = -372, /* no PEM header found */ 104 108 105 OUT_OF_ORDER_E = -373, /* out of order message */ 109 106 BAD_KEA_TYPE_E = -374, /* bad KEA type found */ … … 143 140 BAD_CERTIFICATE_STATUS_ERROR = -406, /* Bad certificate status message */ 144 141 OCSP_INVALID_STATUS = -407, /* Invalid OCSP Status */ 145 142 OCSP_WANT_READ = -408, /* OCSP callback response WOLFSSL_CBIO_ERR_WANT_READ */ 146 143 RSA_KEY_SIZE_E = -409, /* RSA key too small */ 147 144 ECC_KEY_SIZE_E = -410, /* ECC key too small */ … … 165 162 ALERT_COUNT_E = -427, /* Alert Count exceeded err */ 166 163 EXT_MISSING = -428, /* Required extension not found */ 164 UNSUPPORTED_EXTENSION = -429, /* TLSX not requested by client */ 167 165 /* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */ 168 166 … … 181 179 182 180 183 #if def WOLFSSL_CALLBACKS181 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 184 182 enum { 185 183 MIN_PARAM_ERR = UNSUPPORTED_SUITE, -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/internal.h
r337 r372 70 70 #include <wolfssl/wolfcrypt/arc4.h> 71 71 #endif 72 #ifndef NO_SHA256 73 #include <wolfssl/wolfcrypt/sha256.h> 74 #endif 75 #ifdef HAVE_OCSP 76 #include <wolfssl/ocsp.h> 77 #endif 78 #ifdef WOLFSSL_SHA384 79 #include <wolfssl/wolfcrypt/sha512.h> 80 #endif 81 #ifdef WOLFSSL_SHA512 82 #include <wolfssl/wolfcrypt/sha512.h> 83 #endif 84 #ifdef HAVE_AESGCM 85 #include <wolfssl/wolfcrypt/sha512.h> 86 #endif 87 #ifdef WOLFSSL_RIPEMD 88 #include <wolfssl/wolfcrypt/ripemd.h> 89 #endif 90 #ifdef HAVE_IDEA 91 #include <wolfssl/wolfcrypt/idea.h> 92 #endif 93 #ifndef NO_RSA 94 #include <wolfssl/wolfcrypt/rsa.h> 95 #endif 72 96 #ifdef HAVE_ECC 73 97 #include <wolfssl/wolfcrypt/ecc.h> 74 98 #endif 99 #ifndef NO_DH 100 #include <wolfssl/wolfcrypt/dh.h> 101 #endif 75 102 #ifdef HAVE_ED25519 76 103 #include <wolfssl/wolfcrypt/ed25519.h> … … 79 106 #include <wolfssl/wolfcrypt/curve25519.h> 80 107 #endif 81 #ifndef NO_SHA256 82 #include <wolfssl/wolfcrypt/sha256.h> 83 #endif 84 #ifdef HAVE_OCSP 85 #include <wolfssl/ocsp.h> 86 #endif 87 #ifdef WOLFSSL_SHA512 88 #include <wolfssl/wolfcrypt/sha512.h> 89 #endif 90 #ifdef HAVE_AESGCM 91 #include <wolfssl/wolfcrypt/sha512.h> 92 #endif 93 #ifdef WOLFSSL_RIPEMD 94 #include <wolfssl/wolfcrypt/ripemd.h> 95 #endif 96 #ifdef HAVE_IDEA 97 #include <wolfssl/wolfcrypt/idea.h> 98 #endif 99 #ifndef NO_RSA 100 #include <wolfssl/wolfcrypt/rsa.h> 101 #endif 102 #ifdef HAVE_ECC 103 #include <wolfssl/wolfcrypt/ecc.h> 104 #endif 105 #ifndef NO_DH 106 #include <wolfssl/wolfcrypt/dh.h> 107 #endif 108 108 109 #include <wolfssl/wolfcrypt/wc_encrypt.h> 109 110 #include <wolfssl/wolfcrypt/hash.h> 110 111 112 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 113 #include <wolfssl/callbacks.h> 114 #endif 111 115 #ifdef WOLFSSL_CALLBACKS 112 #include <wolfssl/callbacks.h>113 116 #include <signal.h> 114 117 #endif … … 142 145 #elif defined(WOLFSSL_uTKERNEL2) 143 146 /* do nothing */ 147 #elif defined(WOLFSSL_CMSIS_RTOS) 148 #include "cmsis_os.h" 144 149 #elif defined(WOLFSSL_MDK_ARM) 145 150 #if defined(WOLFSSL_MDK5) … … 155 160 #elif defined(INTIME_RTOS) 156 161 #include <rt.h> 162 #elif defined(WOLFSSL_NUCLEUS_1_2) 163 /* do nothing */ 164 #elif defined(WOLFSSL_APACHE_MYNEWT) 165 #if !defined(WOLFSSL_LWIP) 166 void mynewt_ctx_clear(void *ctx); 167 void* mynewt_ctx_new(); 168 #endif 157 169 #else 158 170 #ifndef SINGLE_THREADED … … 160 172 #include <pthread.h> 161 173 #endif 162 #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)174 #ifdef OPENSSL_EXTRA 163 175 #include <unistd.h> /* for close of BIO */ 164 176 #endif … … 177 189 #ifdef WOLFSSL_ASYNC_CRYPT 178 190 #include <wolfssl/wolfcrypt/async.h> 191 #endif 192 193 #ifdef OPENSSL_EXTRA 194 #ifdef WOLFCRYPT_HAVE_SRP 195 #include <wolfssl/wolfcrypt/srp.h> 196 #endif 179 197 #endif 180 198 … … 232 250 #ifndef WOLFSSL_MAX_STRENGTH 233 251 252 #ifdef WOLFSSL_AEAD_ONLY 253 /* AES CBC ciphers are not allowed in AEAD only mode */ 254 #undef HAVE_AES_CBC 255 #endif 256 257 #ifndef WOLFSSL_AEAD_ONLY 234 258 #if !defined(NO_RSA) && !defined(NO_RC4) 235 259 #if defined(WOLFSSL_STATIC_RSA) … … 264 288 #endif 265 289 #endif 290 #endif /* !WOLFSSL_AEAD_ONLY */ 266 291 267 292 #if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS) 268 #if !defined(NO_SHA) 293 #if !defined(NO_SHA) && defined(HAVE_AES_CBC) 269 294 #if defined(WOLFSSL_STATIC_RSA) 295 #ifdef WOLFSSL_AES_128 270 296 #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA 297 #endif 298 #ifdef WOLFSSL_AES_256 271 299 #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA 272 300 #endif 301 #endif 273 302 #if defined(HAVE_NTRU) && defined(WOLFSSL_STATIC_RSA) 303 #ifdef WOLFSSL_AES_128 274 304 #define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA 305 #endif 306 #ifdef WOLFSSL_AES_256 275 307 #define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA 276 308 #endif 277 309 #endif 310 #endif 278 311 #if defined(WOLFSSL_STATIC_RSA) 279 #if !defined (NO_SHA256) 312 #if !defined (NO_SHA256) && defined(HAVE_AES_CBC) 313 #ifdef WOLFSSL_AES_128 280 314 #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 315 #endif 316 #ifdef WOLFSSL_AES_256 281 317 #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 282 318 #endif 319 #endif 283 320 #if defined (HAVE_AESGCM) 321 #ifdef WOLFSSL_AES_128 284 322 #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 285 #if defined (WOLFSSL_SHA384) 323 #endif 324 #if defined (WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) 286 325 #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 287 326 #endif 288 327 #endif 289 328 #if defined (HAVE_AESCCM) 329 #ifdef WOLFSSL_AES_128 290 330 #define BUILD_TLS_RSA_WITH_AES_128_CCM_8 331 #endif 332 #ifdef WOLFSSL_AES_256 291 333 #define BUILD_TLS_RSA_WITH_AES_256_CCM_8 292 334 #endif 293 #if defined(HAVE_BLAKE2) 335 #endif 336 #if defined(HAVE_BLAKE2) && defined(HAVE_AES_CBC) 337 #ifdef WOLFSSL_AES_128 294 338 #define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 339 #endif 340 #ifdef WOLFSSL_AES_256 295 341 #define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 296 342 #endif 297 343 #endif 298 344 #endif 299 300 #if defined(HAVE_CAMELLIA) && !defined(NO_TLS) 345 #endif 346 347 #if defined(HAVE_CAMELLIA) && !defined(NO_TLS) && !defined(NO_CAMELLIA_CBC) 301 348 #ifndef NO_RSA 302 349 #if defined(WOLFSSL_STATIC_RSA) … … 326 373 #if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS) 327 374 #if !defined(NO_SHA) 375 #ifdef WOLFSSL_AES_128 328 376 #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA 377 #endif 378 #ifdef WOLFSSL_AES_256 329 379 #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA 330 380 #endif 381 #endif 331 382 #ifndef NO_SHA256 383 #ifdef WOLFSSL_AES_128 384 #ifdef HAVE_AES_CBC 332 385 #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 386 #endif 333 387 #ifdef HAVE_AESGCM 334 388 #define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 335 389 #endif 390 #endif /* WOLFSSL_AES_128 */ 336 391 #ifdef HAVE_AESCCM 392 #ifdef WOLFSSL_AES_128 337 393 #define BUILD_TLS_PSK_WITH_AES_128_CCM_8 338 #define BUILD_TLS_PSK_WITH_AES_256_CCM_8339 394 #define BUILD_TLS_PSK_WITH_AES_128_CCM 395 #endif 396 #ifdef WOLFSSL_AES_256 397 #define BUILD_TLS_PSK_WITH_AES_256_CCM_8 340 398 #define BUILD_TLS_PSK_WITH_AES_256_CCM 341 399 #endif 342 400 #endif 343 #ifdef WOLFSSL_SHA384 401 #endif 402 #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) 403 #ifdef HAVE_AES_CBC 344 404 #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 405 #endif 345 406 #ifdef HAVE_AESGCM 346 407 #define BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 … … 398 459 399 460 #if !defined(NO_SHA) 461 #if defined(WOLFSSL_AES_128) && defined(HAVE_AES_CBC) 400 462 #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 463 #endif 464 #if defined(WOLFSSL_AES_256) && defined(HAVE_AES_CBC) 401 465 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 466 #endif 402 467 #if !defined(NO_DES3) 403 468 #define BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 404 469 #endif 405 470 #endif 406 #if !defined(NO_SHA256) 471 #if !defined(NO_SHA256) && defined(HAVE_AES_CBC) 472 #ifdef WOLFSSL_AES_128 407 473 #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 474 #endif 475 #ifdef WOLFSSL_AES_256 408 476 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 409 477 #endif 410 478 #endif 479 #endif 411 480 412 481 #if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \ 413 !defined(NO_AES) && !defined(NO_SHA) 482 !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128) 483 #ifdef HAVE_AES_CBC 414 484 #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA 485 #endif 486 487 #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM) 488 #define BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 489 #endif 415 490 #endif 416 491 417 492 #if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS) 418 493 #ifndef NO_SHA256 419 #ifndef NO_AES 494 #if !defined(NO_AES) && defined(WOLFSSL_AES_128) && \ 495 defined(HAVE_AES_CBC) 420 496 #define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 421 497 #endif … … 425 501 #endif 426 502 #ifdef WOLFSSL_SHA384 427 #ifndef NO_AES 503 #if !defined(NO_AES) && defined(WOLFSSL_AES_256) && \ 504 defined(HAVE_AES_CBC) 428 505 #define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 429 506 #endif … … 434 511 #endif 435 512 436 #if defined(HAVE_ECC) && !defined(NO_TLS)513 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_TLS) 437 514 #if !defined(NO_AES) 438 #if !defined(NO_SHA) 515 #if !defined(NO_SHA) && defined(HAVE_AES_CBC) 439 516 #if !defined(NO_RSA) 517 #ifdef WOLFSSL_AES_128 440 518 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 519 #endif 520 #ifdef WOLFSSL_AES_256 441 521 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 442 #if defined(WOLFSSL_STATIC_DH) 522 #endif 523 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 524 #ifdef WOLFSSL_AES_128 443 525 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 526 #endif 527 #ifdef WOLFSSL_AES_256 444 528 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 445 529 #endif 446 530 #endif 447 531 #endif 532 533 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 534 defined(HAVE_ED25519)) 535 #ifdef WOLFSSL_AES_128 448 536 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 537 #endif 538 #ifdef WOLFSSL_AES_256 449 539 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 450 451 #if defined(WOLFSSL_STATIC_DH) 540 #endif 541 #endif 542 543 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 544 #ifdef WOLFSSL_AES_128 452 545 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 546 #endif 547 #ifdef WOLFSSL_AES_256 453 548 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 454 549 #endif 550 #endif 455 551 #endif /* NO_SHA */ 456 #ifndef NO_SHA256 552 #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \ 553 defined(HAVE_AES_CBC) 457 554 #if !defined(NO_RSA) 458 555 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 459 #if defined(WOLFSSL_STATIC_DH) 556 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 460 557 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 461 558 #endif 462 559 #endif 560 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 561 defined(HAVE_ED25519)) 463 562 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 464 #if defined(WOLFSSL_STATIC_DH) 563 #endif 564 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 465 565 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 466 566 #endif 467 567 #endif 468 568 469 #ifdef WOLFSSL_SHA384 569 #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \ 570 defined(HAVE_AES_CBC) 470 571 #if !defined(NO_RSA) 471 572 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 472 #if defined(WOLFSSL_STATIC_DH) 573 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 473 574 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 474 575 #endif 475 576 #endif 577 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 578 defined(HAVE_ED25519)) 476 579 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 477 #if defined(WOLFSSL_STATIC_DH) 580 #endif 581 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 478 582 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 479 583 #endif … … 482 586 #if defined (HAVE_AESGCM) 483 587 #if !defined(NO_RSA) 484 #if defined(WOLFSSL_STATIC_DH) 588 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 589 #ifdef WOLFSSL_AES_128 485 590 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 486 591 #endif 592 #endif 487 593 #if defined(WOLFSSL_SHA384) 488 #if defined(WOLFSSL_STATIC_DH) 594 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 595 #ifdef WOLFSSL_AES_256 489 596 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 490 597 #endif 491 598 #endif 492 599 #endif 493 494 #if defined(WOLFSSL_STATIC_DH) 600 #endif 601 602 #if defined(WOLFSSL_STATIC_DH) && defined(WOLFSSL_AES_128) && \ 603 defined(HAVE_ECC) 495 604 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 496 605 #endif 497 606 498 607 #if defined(WOLFSSL_SHA384) 499 #if defined(WOLFSSL_STATIC_DH) 608 #if defined(WOLFSSL_STATIC_DH) && \ 609 defined(WOLFSSL_AES_256) && defined(HAVE_ECC) 500 610 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 501 611 #endif … … 507 617 #if !defined(NO_RSA) 508 618 #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA 509 #if defined(WOLFSSL_STATIC_DH) 619 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 510 620 #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA 511 621 #endif 512 622 #endif 513 623 624 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 625 defined(HAVE_ED25519)) 514 626 #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 515 #if defined(WOLFSSL_STATIC_DH) 627 #endif 628 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 516 629 #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 517 630 #endif … … 522 635 #if !defined(NO_RSA) 523 636 #define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 524 #if defined(WOLFSSL_STATIC_DH) 637 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 525 638 #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 526 639 #endif 527 640 #endif 528 641 642 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 643 defined(HAVE_ED25519)) 529 644 #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 530 #if defined(WOLFSSL_STATIC_DH) 645 #endif 646 #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC) 531 647 #define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 532 648 #endif … … 535 651 #if defined(HAVE_NULL_CIPHER) 536 652 #if !defined(NO_SHA) 653 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 654 defined(HAVE_ED25519)) 537 655 #define BUILD_TLS_ECDHE_ECDSA_WITH_NULL_SHA 656 #endif 538 657 #endif 539 658 #if !defined(NO_PSK) && !defined(NO_SHA256) … … 541 660 #endif 542 661 #endif 543 #if !defined(NO_PSK) && !defined(NO_SHA256) && !defined(NO_AES) 662 #if !defined(NO_PSK) && !defined(NO_SHA256) && !defined(NO_AES) && \ 663 defined(WOLFSSL_AES_128) && defined(HAVE_AES_CBC) 544 664 #define BUILD_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 545 665 #endif … … 547 667 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_SHA256) 548 668 #if !defined(NO_OLD_POLY1305) 549 #ifdef HAVE_ECC 669 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 670 defined(HAVE_ED25519)) 550 671 #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256 551 # ifndef NO_RSA552 #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256553 # endif672 #endif 673 #if !defined(NO_RSA) && defined(HAVE_ECC) 674 #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 554 675 #endif 555 676 #if !defined(NO_DH) && !defined(NO_RSA) … … 559 680 #if !defined(NO_PSK) 560 681 #define BUILD_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 561 #if def HAVE_ECC682 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 562 683 #define BUILD_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 563 684 #endif … … 573 694 !defined(NO_RSA) && defined(HAVE_AESGCM) 574 695 575 #if ndef NO_SHA256696 #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) 576 697 #define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 577 698 #endif 578 699 579 #if def WOLFSSL_SHA384700 #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) 580 701 #define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 581 702 #endif … … 584 705 #if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS) 585 706 #ifndef NO_SHA256 586 #if def HAVE_AESGCM707 #if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128) 587 708 #define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 588 709 #endif 589 710 #ifdef HAVE_AESCCM 711 #ifdef WOLFSSL_AES_128 590 712 #define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM 713 #endif 714 #ifdef WOLFSSL_AES_256 591 715 #define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM 592 716 #endif 593 717 #endif 594 #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM) 718 #endif 719 #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM) && \ 720 defined(WOLFSSL_AES_256) 595 721 #define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 596 722 #endif 597 723 #endif 598 724 599 #if defined(HAVE_ECC) && !defined(NO_TLS) && !defined(NO_AES) 725 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_TLS) && \ 726 !defined(NO_AES) 600 727 #ifdef HAVE_AESGCM 601 #ifndef NO_SHA256 728 #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) 729 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 730 defined(HAVE_ED25519)) 602 731 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 732 #endif 603 733 #ifndef NO_RSA 604 734 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 605 735 #endif 606 736 #endif 607 #ifdef WOLFSSL_SHA384 737 #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) 738 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 739 defined(HAVE_ED25519)) 608 740 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 741 #endif 609 742 #ifndef NO_RSA 610 743 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 … … 613 746 #endif 614 747 #if defined(HAVE_AESCCM) && !defined(NO_SHA256) 748 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 749 defined(HAVE_ED25519)) 750 #ifdef WOLFSSL_AES_128 615 751 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 616 752 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 753 #endif 754 #ifdef WOLFSSL_AES_256 617 755 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 618 756 #endif 619 757 #endif 758 #endif 759 #endif 620 760 621 761 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_SHA256) 622 #ifdef HAVE_ECC 762 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) 763 #if defined(HAVE_ECC) || (defined(HAVE_CURVE25519) && \ 764 defined(HAVE_ED25519)) 623 765 #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 766 #endif 624 767 #ifndef NO_RSA 625 768 #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 … … 633 776 #if defined(WOLFSSL_TLS13) 634 777 #ifdef HAVE_AESGCM 635 #if ndef NO_SHA256778 #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) 636 779 #define BUILD_TLS_AES_128_GCM_SHA256 637 780 #endif 638 #if def WOLFSSL_SHA384781 #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) 639 782 #define BUILD_TLS_AES_256_GCM_SHA384 640 783 #endif 641 784 #endif 642 785 643 #if def HAVE_CHACHA786 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) 644 787 #ifndef NO_SHA256 645 788 #define BUILD_TLS_CHACHA20_POLY1305_SHA256 … … 648 791 649 792 #ifdef HAVE_AESCCM 650 #if ndef NO_SHA256793 #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) 651 794 #define BUILD_TLS_AES_128_CCM_SHA256 652 795 #define BUILD_TLS_AES_128_CCM_8_SHA256 … … 689 832 defined(BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384) 690 833 #define BUILD_AESGCM 834 #else 835 /* No AES-GCM cipher suites available with build */ 836 #define NO_AESGCM_AEAD 837 #endif 838 839 #if defined(BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) || \ 840 defined(BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256) || \ 841 defined(BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256) || \ 842 defined(BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256) || \ 843 defined(BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256) || \ 844 defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) || \ 845 defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256) || \ 846 defined(BUILD_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256) || \ 847 defined(BUILD_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256) || \ 848 defined(BUILD_TLS_CHACHA20_POLY1305_SHA256) 849 /* Have an available ChaCha Poly cipher suite */ 850 #else 851 /* No ChaCha Poly cipher suites available with build */ 852 #define NO_CHAPOL_AEAD 691 853 #endif 692 854 … … 726 888 727 889 #if defined(WOLFSSL_MAX_STRENGTH) || \ 728 defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \ 729 (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) 890 (defined(HAVE_AESGCM) && !defined(NO_AESGCM_AEAD)) || \ 891 defined(HAVE_AESCCM) || \ 892 (defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_CHAPOL_AEAD)) 730 893 731 894 #define HAVE_AEAD … … 833 996 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x9e, 834 997 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f, 998 TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0xa7, 835 999 TLS_PSK_WITH_AES_128_GCM_SHA256 = 0xa8, 836 1000 TLS_PSK_WITH_AES_256_GCM_SHA384 = 0xa9, … … 927 1091 928 1092 1093 /* set minimum DH key size allowed */ 1094 #ifndef WOLFSSL_MIN_DHKEY_BITS 1095 #ifdef WOLFSSL_MAX_STRENGTH 1096 #define WOLFSSL_MIN_DHKEY_BITS 2048 1097 #else 1098 #define WOLFSSL_MIN_DHKEY_BITS 1024 1099 #endif 1100 #endif 1101 #if (WOLFSSL_MIN_DHKEY_BITS % 8) 1102 #error DH minimum bit size must be multiple of 8 1103 #endif 1104 #if (WOLFSSL_MIN_DHKEY_BITS > 16000) 1105 #error DH minimum bit size must not be greater than 16000 1106 #endif 1107 #define MIN_DHKEY_SZ (WOLFSSL_MIN_DHKEY_BITS / 8) 1108 /* set maximum DH key size allowed */ 1109 #ifndef WOLFSSL_MAX_DHKEY_BITS 1110 #define WOLFSSL_MAX_DHKEY_BITS 4096 1111 #endif 1112 #if (WOLFSSL_MAX_DHKEY_BITS % 8) 1113 #error DH maximum bit size must be multiple of 8 1114 #endif 1115 #if (WOLFSSL_MAX_DHKEY_BITS > 16000) 1116 #error DH maximum bit size must not be greater than 16000 1117 #endif 1118 #define MAX_DHKEY_SZ (WOLFSSL_MAX_DHKEY_BITS / 8) 1119 1120 929 1121 930 1122 enum Misc { 1123 CIPHER_BYTE = 0x00, /* Default ciphers */ 931 1124 ECC_BYTE = 0xC0, /* ECC first cipher suite byte */ 932 1125 QSH_BYTE = 0xD0, /* Quantum-safe Handshake cipher suite */ … … 946 1139 TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */ 947 1140 TLSv1_3_MINOR = 4, /* TLSv1_3 minor version number */ 1141 #ifdef WOLFSSL_TLS13_DRAFT 948 1142 TLS_DRAFT_MAJOR = 0x7f, /* Draft TLS major version number */ 949 1143 #ifdef WOLFSSL_TLS13_DRAFT_18 950 1144 TLS_DRAFT_MINOR = 0x12, /* Minor version number of TLS draft */ 1145 #elif defined(WOLFSSL_TLS13_DRAFT_22) 1146 TLS_DRAFT_MINOR = 0x16, /* Minor version number of TLS draft */ 1147 #elif defined(WOLFSSL_TLS13_DRAFT_23) 1148 TLS_DRAFT_MINOR = 0x17, /* Minor version number of TLS draft */ 1149 #elif defined(WOLFSSL_TLS13_DRAFT_26) 1150 TLS_DRAFT_MINOR = 0x1a, /* Minor version number of TLS draft */ 951 1151 #else 952 TLS_DRAFT_MINOR = 0x14, /* Minor version number of TLS draft */ 1152 TLS_DRAFT_MINOR = 0x1c, /* Minor version number of TLS draft */ 1153 #endif 953 1154 #endif 954 1155 OLD_HELLO_ID = 0x01, /* SSLv2 Client Hello Indicator */ … … 968 1169 FINISHED_SZ = 36, /* WC_MD5_DIGEST_SIZE + WC_SHA_DIGEST_SIZE */ 969 1170 MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */ 970 MAX_MSG_EXTRA = 38 + MAX_DIGEST_SIZE,1171 MAX_MSG_EXTRA = 38 + WC_MAX_DIGEST_SIZE, 971 1172 /* max added to msg, mac + pad from */ 972 1173 /* RECORD_HEADER_SZ + BLOCK_SZ (pad) + Max … … 975 1176 MAX_MTU = WOLFSSL_MAX_MTU, /* max expected MTU */ 976 1177 MAX_UDP_SIZE = 8192 - 100, /* was MAX_MTU - 100 */ 977 MAX_DH_SZ = 1036, /* 4096 p, pub, g + 2 byte size for each */ 1178 MAX_DH_SZ = (MAX_DHKEY_SZ * 3) + 12, /* DH_P, DH_G and DH_Pub */ 1179 /* 4096 p, pub, g + 2 byte size for each */ 978 1180 MAX_STR_VERSION = 8, /* string rep of protocol version */ 979 1181 … … 981 1183 PAD_SHA = 40, /* pad length for finished */ 982 1184 MAX_PAD_SIZE = 256, /* maximum length of padding */ 983 COMPRESS_DUMMY_SIZE = 64, /* compression dummy round size */ 984 COMPRESS_CONSTANT = 13, /* compression calc constant */ 985 COMPRESS_UPPER = 55, /* compression calc numerator */ 986 COMPRESS_LOWER = 64, /* compression calc denominator */ 987 988 PEM_LINE_LEN = 80, /* PEM line max + fudge */ 1185 989 1186 LENGTH_SZ = 2, /* length field for HMAC, data only */ 990 1187 VERSION_SZ = 2, /* length of proctocol version */ … … 994 1191 EXTS_SZ = 2, /* always use 2 bytes */ 995 1192 EXT_ID_SZ = 2, /* always use 2 bytes */ 996 MAX_DH_SIZE = 513, /* 4096 bit plus possible leading 0 */ 1193 MAX_DH_SIZE = MAX_DHKEY_SZ+1, 1194 /* Max size plus possible leading 0 */ 997 1195 NAMED_DH_MASK = 0x100, /* Named group mask for DH parameters */ 998 1196 SESSION_HINT_SZ = 4, /* session timeout hint */ 999 1197 SESSION_ADD_SZ = 4, /* session age add */ 1198 TICKET_NONCE_LEN_SZ = 1, /* Ticket nonce length size */ 1199 DEF_TICKET_NONCE_SZ = 1, /* Default ticket nonce size */ 1200 MAX_TICKET_NONCE_SZ = 8, /* maximum ticket nonce size */ 1000 1201 MAX_LIFETIME = 604800, /* maximum ticket lifetime */ 1001 1202 MAX_EARLY_DATA_SZ = 4096, /* maximum early data size */ … … 1029 1230 HELLO_EXT_SZ_SZ = 2, /* length of a hello extension size */ 1030 1231 HELLO_EXT_SIGALGO_SZ = 2, /* length of number of items in sigalgo list */ 1031 HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */1032 1232 1033 1233 DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */ … … 1040 1240 DTLS_EXPORT_PRO = 165,/* wolfSSL protocol for serialized session */ 1041 1241 DTLS_EXPORT_VERSION = 4, /* wolfSSL version for serialized session */ 1042 DTLS_EXPORT_OPT_SZ = 58, /* amount of bytes used from Options */1242 DTLS_EXPORT_OPT_SZ = 60, /* amount of bytes used from Options */ 1043 1243 DTLS_EXPORT_VERSION_3 = 3, /* wolfSSL version before TLS 1.3 addition */ 1044 DTLS_EXPORT_OPT_SZ_3 = 5 7, /* amount of bytes used from Options */1244 DTLS_EXPORT_OPT_SZ_3 = 59, /* amount of bytes used from Options */ 1045 1245 DTLS_EXPORT_KEY_SZ = 325 + (DTLS_SEQ_SZ * 2), 1046 1246 /* max amount of bytes used from Keys */ … … 1063 1263 MAX_HKDF_LABEL_SZ = OPAQUE16_LEN + 1064 1264 OPAQUE8_LEN + PROTOCOL_LABEL_SZ + MAX_LABEL_SZ + 1065 OPAQUE8_LEN + MAX_DIGEST_SIZE,1265 OPAQUE8_LEN + WC_MAX_DIGEST_SIZE, 1066 1266 MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */ 1067 1267 SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */ 1068 1069 RC4_KEY_SIZE = 16, /* always 128bit */ 1070 DES_KEY_SIZE = 8, /* des */ 1071 DES3_KEY_SIZE = 24, /* 3 des ede */ 1072 DES_IV_SIZE = DES_BLOCK_SIZE, 1073 AES_256_KEY_SIZE = 32, /* for 256 bit */ 1074 AES_192_KEY_SIZE = 24, /* for 192 bit */ 1075 AES_IV_SIZE = 16, /* always block size */ 1076 AES_128_KEY_SIZE = 16, /* for 128 bit */ 1268 TLS_MAX_PAD_SZ = 255, /* Max padding in TLS */ 1269 1270 #if defined(HAVE_FIPS) && \ 1271 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 1272 MAX_SYM_KEY_SIZE = AES_256_KEY_SIZE, 1273 #else 1274 MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE, 1275 #endif 1276 1277 #ifdef HAVE_SELFTEST 1278 #define WOLFSSL_AES_KEY_SIZE_ENUM 1279 AES_IV_SIZE = 16, 1280 AES_128_KEY_SIZE = 16, 1281 AES_192_KEY_SIZE = 24, 1282 AES_256_KEY_SIZE = 32, 1283 #endif 1284 1285 MAX_IV_SZ = AES_BLOCK_SIZE, 1077 1286 1078 1287 AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */ … … 1117 1326 EVP_SALT_SIZE = 8, /* evp salt size 64 bits */ 1118 1327 1328 #ifndef ECDHE_SIZE /* allow this to be overriden at compile-time */ 1119 1329 ECDHE_SIZE = 32, /* ECHDE server size defaults to 256 bit */ 1330 #endif 1120 1331 MAX_EXPORT_ECC_SZ = 256, /* Export ANS X9.62 max future size */ 1121 1332 MAX_CURVE_NAME_SZ = 16, /* Maximum size of curve name string */ … … 1130 1341 MIN_RSA_SHA384_PSS_BITS = 384 * 2 + 8 * 8, /* Min key size */ 1131 1342 1132 #ifdef HAVE_QSH 1133 /* qsh handshake sends 600+ size keys over hello extensions */ 1134 MAX_HELLO_SZ = 2048, /* max client or server hello */ 1343 #ifndef NO_RSA 1344 MAX_CERT_VERIFY_SZ = 4096 / 8, /* max RSA - default 4096-bits */ 1345 #elif defined(HAVE_ECC) 1346 MAX_CERT_VERIFY_SZ = ECC_MAX_SIG_SIZE, /* max ECC */ 1347 #elif defined(HAVE_ED25519) 1348 MAX_CERT_VERIFY_SZ = ED25519_SIG_SIZE, /* max Ed25519 */ 1135 1349 #else 1136 MAX_HELLO_SZ = 128, /* max client or server hello */ 1137 #endif 1138 MAX_CERT_VERIFY_SZ = 1024, /* max */ 1350 MAX_CERT_VERIFY_SZ = 1024, /* max default */ 1351 #endif 1139 1352 CLIENT_HELLO_FIRST = 35, /* Protocol + RAN_LEN + sizeof(id_len) */ 1140 1353 MAX_SUITE_NAME = 48, /* maximum length of cipher suite string */ … … 1159 1372 MAX_X509_SIZE = 2048, /* max static x509 buffer size */ 1160 1373 CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */ 1161 FILE_BUFFER_SIZE = 1024, /* default static file buffer size for input,1162 will use dynamic buffer if not big enough */1163 1374 1164 1375 MAX_NTRU_PUB_KEY_SZ = 1027, /* NTRU max for now */ … … 1177 1388 PREV_ORDER = -1, /* Sequence number is in previous epoch. */ 1178 1389 PEER_ORDER = 1, /* Peer sequence number for verify. */ 1179 CUR_ORDER = 0 /* Current sequence number. */ 1180 }; 1181 1390 CUR_ORDER = 0, /* Current sequence number. */ 1391 WRITE_PROTO = 1, /* writing a protocol message */ 1392 READ_PROTO = 0 /* reading a protocol message */ 1393 }; 1394 1395 /* minimum Downgrade Minor version */ 1396 #ifndef WOLFSSL_MIN_DOWNGRADE 1397 #ifndef NO_OLD_TLS 1398 #define WOLFSSL_MIN_DOWNGRADE TLSv1_MINOR 1399 #else 1400 #define WOLFSSL_MIN_DOWNGRADE TLSv1_2_MINOR 1401 #endif 1402 #endif 1182 1403 1183 1404 /* Set max implicit IV size for AEAD cipher suites */ … … 1192 1413 /* 150 suites for now! */ 1193 1414 #endif 1415 1416 /* number of items in the signature algo list */ 1417 #ifndef WOLFSSL_MAX_SIGALGO 1418 #define WOLFSSL_MAX_SIGALGO 32 1419 #endif 1420 1194 1421 1195 1422 /* set minimum ECC key size allowed */ … … 1226 1453 #define MIN_RSAKEY_SZ (WOLFSSL_MIN_RSA_BITS / 8) 1227 1454 1228 /* set minimum DH key size allowed */1229 #ifndef WOLFSSL_MIN_DHKEY_BITS1230 #ifdef WOLFSSL_MAX_STRENGTH1231 #define WOLFSSL_MIN_DHKEY_BITS 20481232 #else1233 #define WOLFSSL_MIN_DHKEY_BITS 10241234 #endif1235 #endif1236 #if (WOLFSSL_MIN_DHKEY_BITS % 8)1237 #error DH minimum bit size must be multiple of 81238 #endif1239 #if (WOLFSSL_MIN_DHKEY_BITS > 16000)1240 #error DH minimum bit size must not be greater than 160001241 #endif1242 #define MIN_DHKEY_SZ (WOLFSSL_MIN_DHKEY_BITS / 8)1243 1244 1245 1455 #ifdef SESSION_INDEX 1246 1456 /* Shift values for making a session index */ … … 1290 1500 1291 1501 SERVER_HELLOVERIFYREQUEST_COMPLETE, 1502 SERVER_HELLO_RETRY_REQUEST_COMPLETE, 1292 1503 SERVER_HELLO_COMPLETE, 1293 1504 SERVER_ENCRYPTED_EXTENSIONS_COMPLETE, … … 1295 1506 SERVER_KEYEXCHANGE_COMPLETE, 1296 1507 SERVER_HELLODONE_COMPLETE, 1508 SERVER_CHANGECIPHERSPEC_COMPLETE, 1297 1509 SERVER_FINISHED_COMPLETE, 1298 SERVER_HELLO_RETRY_REQUEST, 1299 1510 1511 CLIENT_HELLO_RETRY, 1300 1512 CLIENT_HELLO_COMPLETE, 1301 1513 CLIENT_KEYEXCHANGE_COMPLETE, 1514 CLIENT_CHANGECIPHERSPEC_COMPLETE, 1302 1515 CLIENT_FINISHED_COMPLETE, 1303 1516 1304 1517 HANDSHAKE_DONE 1305 1518 }; 1306 1307 1308 #if defined(__GNUC__)1309 #define WOLFSSL_PACK __attribute__ ((packed))1310 #else1311 #define WOLFSSL_PACK1312 #endif1313 1519 1314 1520 /* SSL Version */ … … 1339 1545 1340 1546 1341 enum BIO_TYPE {1342 BIO_BUFFER = 1,1343 BIO_SOCKET = 2,1344 BIO_SSL = 3,1345 BIO_MEMORY = 4,1346 BIO_BIO = 5,1347 BIO_FILE = 61348 };1349 1350 1351 1547 /* wolfSSL BIO_METHOD type */ 1352 1548 struct WOLFSSL_BIO_METHOD { … … 1357 1553 /* wolfSSL BIO type */ 1358 1554 struct WOLFSSL_BIO { 1555 WOLFSSL_BUF_MEM* mem_buf; 1359 1556 WOLFSSL* ssl; /* possible associated ssl */ 1360 1557 #ifndef NO_FILESYSTEM … … 1373 1570 int fd; /* possible file descriptor */ 1374 1571 int eof; /* eof flag */ 1572 int flags; 1375 1573 byte type; /* method type */ 1376 1574 byte close; /* close flag */ … … 1388 1586 typedef WOLFSSL_BUFFER_INFO buffer; 1389 1587 1588 typedef struct Suites Suites; 1589 1390 1590 1391 1591 /* defaults to client */ 1392 1592 WOLFSSL_LOCAL void InitSSL_Method(WOLFSSL_METHOD*, ProtocolVersion); 1593 1594 WOLFSSL_LOCAL int InitSSL_Suites(WOLFSSL* ssl); 1595 WOLFSSL_LOCAL int InitSSL_Side(WOLFSSL* ssl, word16 side); 1393 1596 1394 1597 /* for sniffer */ … … 1397 1600 WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx); 1398 1601 /* TLS v1.3 needs these */ 1602 WOLFSSL_LOCAL int HandleTlsResumption(WOLFSSL* ssl, int bogusID, 1603 Suites* clSuites); 1399 1604 WOLFSSL_LOCAL int DoClientHello(WOLFSSL* ssl, const byte* input, word32*, 1400 1605 word32); … … 1405 1610 WOLFSSL_LOCAL int DoServerHello(WOLFSSL* ssl, const byte* input, word32*, 1406 1611 word32); 1612 WOLFSSL_LOCAL int CompleteServerHello(WOLFSSL *ssl); 1407 1613 WOLFSSL_LOCAL int CheckVersion(WOLFSSL *ssl, ProtocolVersion pv); 1408 1614 WOLFSSL_LOCAL void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, 1409 1615 word32 hashSigAlgoSz); 1410 1616 WOLFSSL_LOCAL int DecodePrivateKey(WOLFSSL *ssl, word16* length); 1617 #ifdef HAVE_PK_CALLBACKS 1618 WOLFSSL_LOCAL int GetPrivateKeySigSize(WOLFSSL* ssl); 1619 #ifndef NO_ASN 1620 WOLFSSL_LOCAL int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx); 1621 #endif 1622 #endif 1411 1623 WOLFSSL_LOCAL void FreeKeyExchange(WOLFSSL* ssl); 1412 1624 WOLFSSL_LOCAL int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 size); … … 1420 1632 int ivSz); 1421 1633 WOLFSSL_LOCAL int HashInput(WOLFSSL* ssl, const byte* input, int sz); 1422 #if defined( HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)1634 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 1423 1635 WOLFSSL_LOCAL int SNI_Callback(WOLFSSL* ssl); 1424 1636 #endif 1425 1637 #ifdef WOLFSSL_TLS13 1426 1638 WOLFSSL_LOCAL int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, 1427 word16 sz );1639 word16 sz, const byte* aad, word16 aadSz); 1428 1640 WOLFSSL_LOCAL int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, 1429 1641 word32* inOutIdx, byte type, … … 1432 1644 word32* inOutIdx, word32 totalSz); 1433 1645 WOLFSSL_LOCAL int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, 1434 word32* inOutIdx, word32 helloSz); 1435 #endif 1436 1437 #ifndef NO_CERTS 1438 /* wolfSSL DER buffer */ 1439 typedef struct DerBuffer { 1440 byte* buffer; 1441 void* heap; 1442 word32 length; 1443 int type; /* enum CertType */ 1444 int dynType; /* DYNAMIC_TYPE_* */ 1445 } DerBuffer; 1446 #endif /* !NO_CERTS */ 1646 word32* inOutIdx, word32 helloSz, 1647 byte* extMsgType); 1648 #endif 1649 int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int t, 1650 int pLen, int content); 1447 1651 1448 1652 … … 1524 1728 1525 1729 /* Cipher Suites holder */ 1526 typedefstruct Suites {1730 struct Suites { 1527 1731 word16 suiteSz; /* suite length in bytes */ 1528 1732 word16 hashSigAlgoSz; /* SigAlgo extension length in bytes */ 1529 1733 byte suites[WOLFSSL_MAX_SUITE_SZ]; 1530 byte hashSigAlgo[ HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */1734 byte hashSigAlgo[WOLFSSL_MAX_SIGALGO]; /* sig/algo to offer */ 1531 1735 byte setSuites; /* user set suites from default */ 1532 1736 byte hashAlgo; /* selected hash algorithm */ 1533 1737 byte sigAlgo; /* selected sig algorithm */ 1534 } Suites;1738 }; 1535 1739 1536 1740 … … 1548 1752 typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*, 1549 1753 unsigned char*, unsigned int); 1754 #ifdef WOLFSSL_TLS13 1755 typedef unsigned int (*wc_psk_client_tls13_callback)(WOLFSSL*, const char*, 1756 char*, unsigned int, unsigned char*, unsigned int, 1757 const char**); 1758 typedef unsigned int (*wc_psk_server_tls13_callback)(WOLFSSL*, const char*, 1759 unsigned char*, unsigned int, const char**); 1760 #endif 1550 1761 #endif /* PSK_TYPES_DEFINED */ 1551 #ifdef WOLFSSL_DTLS 1762 #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \ 1763 !defined(WOLFSSL_DTLS_EXPORT_TYPES) 1552 1764 typedef int (*wc_dtls_export)(WOLFSSL* ssl, 1553 1765 unsigned char* exportBuffer, unsigned int sz, void* userCtx); 1554 #endif 1766 #define WOLFSSL_DTLS_EXPORT_TYPES 1767 #endif /* WOLFSSL_DTLS_EXPORT_TYPES */ 1555 1768 1556 1769 … … 1592 1805 OcspEntry* ocspList; /* OCSP response list */ 1593 1806 wolfSSL_Mutex ocspLock; /* OCSP list lock */ 1594 #if defined(WOLFSSL_NGINX) || defined (WOLFSSL_HAPROXY) 1807 #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ 1808 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 1595 1809 int(*statusCb)(WOLFSSL*, void*); 1596 1810 #endif … … 1765 1979 * keep as a constant size (no additional ifdefs) for session export */ 1766 1980 typedef struct Keys { 1767 byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */ 1768 byte server_write_MAC_secret[MAX_DIGEST_SIZE]; 1769 byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */ 1770 byte server_write_key[AES_256_KEY_SIZE]; 1981 #if !defined(WOLFSSL_AEAD_ONLY) || defined(WOLFSSL_TLS13) 1982 byte client_write_MAC_secret[WC_MAX_DIGEST_SIZE]; /* max sizes */ 1983 byte server_write_MAC_secret[WC_MAX_DIGEST_SIZE]; 1984 #endif 1985 byte client_write_key[MAX_SYM_KEY_SIZE]; /* max sizes */ 1986 byte server_write_key[MAX_SYM_KEY_SIZE]; 1771 1987 byte client_write_IV[MAX_WRITE_IV_SZ]; /* max sizes */ 1772 1988 byte server_write_IV[MAX_WRITE_IV_SZ]; … … 1830 2046 TLSX_SESSION_TICKET = 0x0023, 1831 2047 #ifdef WOLFSSL_TLS13 1832 TLSX_KEY_SHARE = 0x0028,1833 2048 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 1834 2049 TLSX_PRE_SHARED_KEY = 0x0029, … … 1844 2059 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH 1845 2060 TLSX_POST_HANDSHAKE_AUTH = 0x0031, 2061 #endif 2062 #if defined(WOLFSSL_TLS13_DRAFT_18) || defined(WOLFSSL_TLS13_DRAFT_22) 2063 TLSX_KEY_SHARE = 0x0028, 2064 #else 2065 TLSX_SIGNATURE_ALGORITHMS_CERT = 0x0032, 2066 TLSX_KEY_SHARE = 0x0033, 1846 2067 #endif 1847 2068 #endif … … 1858 2079 1859 2080 WOLFSSL_LOCAL TLSX* TLSX_Find(TLSX* list, TLSX_Type type); 2081 WOLFSSL_LOCAL void TLSX_Remove(TLSX** list, TLSX_Type type, void* heap); 1860 2082 WOLFSSL_LOCAL void TLSX_FreeAll(TLSX* list, void* heap); 1861 2083 WOLFSSL_LOCAL int TLSX_SupportExtensions(WOLFSSL* ssl); 1862 2084 WOLFSSL_LOCAL int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isRequest); 1863 2085 1864 #ifndef NO_WOLFSSL_CLIENT 1865 WOLFSSL_LOCAL word16 TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType); 1866 WOLFSSL_LOCAL word16 TLSX_WriteRequest(WOLFSSL* ssl, byte* output, 1867 byte msgType); 1868 #endif 1869 1870 #ifndef NO_WOLFSSL_SERVER 1871 WOLFSSL_LOCAL word16 TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType); 1872 WOLFSSL_LOCAL word16 TLSX_WriteResponse(WOLFSSL* ssl, byte* output, 1873 byte msgType); 2086 #if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_CLIENT) 2087 WOLFSSL_LOCAL int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, 2088 word16* pLength); 2089 WOLFSSL_LOCAL int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, 2090 byte msgType, word16* pOffset); 2091 #endif 2092 2093 #if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_SERVER) 2094 /* TLS 1.3 Certificate messages have extensions. */ 2095 WOLFSSL_LOCAL int TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType, 2096 word16* pLength); 2097 WOLFSSL_LOCAL int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType, 2098 word16* pOffset); 1874 2099 #endif 1875 2100 … … 1900 2125 union { char* host_name; } data; /* SNI Data */ 1901 2126 struct SNI* next; /* List Behavior */ 2127 byte status; /* Matching result */ 1902 2128 #ifndef NO_WOLFSSL_SERVER 1903 2129 byte options; /* Behavior options */ 1904 byte status; /* Matching result */1905 2130 #endif 1906 2131 } SNI; … … 1908 2133 WOLFSSL_LOCAL int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, 1909 2134 word16 size, void* heap); 2135 WOLFSSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type); 2136 WOLFSSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type, 2137 void** data); 1910 2138 1911 2139 #ifndef NO_WOLFSSL_SERVER 1912 2140 WOLFSSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type, 1913 2141 byte options); 1914 WOLFSSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type);1915 WOLFSSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type,1916 void** data);1917 2142 WOLFSSL_LOCAL int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, 1918 2143 byte type, byte* sni, word32* inOutSz); … … 1960 2185 byte status_type; 1961 2186 byte options; 2187 WOLFSSL* ssl; 1962 2188 union { 1963 2189 OcspRequest ocsp; 1964 2190 } request; 2191 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER) 2192 buffer response; 2193 #endif 1965 2194 } CertificateStatusRequest; 1966 2195 1967 2196 WOLFSSL_LOCAL int TLSX_UseCertificateStatusRequest(TLSX** extensions, 1968 byte status_type, byte options, void* heap, int devId);2197 byte status_type, byte options, WOLFSSL* ssl, void* heap, int devId); 1969 2198 #ifndef NO_CERTS 1970 2199 WOLFSSL_LOCAL int TLSX_CSR_InitRequest(TLSX* extensions, DecodedCert* cert, … … 2023 2252 WOLFSSL_LOCAL int TLSX_ValidateSupportedCurves(WOLFSSL* ssl, byte first, 2024 2253 byte second); 2025 #endif 2254 WOLFSSL_LOCAL int TLSX_SupportedCurve_CheckPriority(WOLFSSL* ssl); 2255 #endif 2256 WOLFSSL_LOCAL int TLSX_SupportedCurve_Preferred(WOLFSSL* ssl, 2257 int checkSupported); 2026 2258 2027 2259 #endif /* HAVE_SUPPORTED_CURVES */ … … 2042 2274 typedef struct SecureRenegotiation { 2043 2275 byte enabled; /* secure_renegotiation flag in rfc */ 2276 byte verifySet; 2044 2277 byte startScr; /* server requested client to start scr */ 2045 2278 enum key_cache_state cache_status; /* track key cache state */ … … 2053 2286 2054 2287 #ifdef HAVE_SERVER_RENEGOTIATION_INFO 2055 WOLFSSL_LOCAL int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions , void* heap);2288 WOLFSSL_LOCAL int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions); 2056 2289 #endif 2057 2290 … … 2141 2374 void* key; /* Private key */ 2142 2375 word32 keyLen; /* Private key length */ 2376 byte* pubKey; /* Public key */ 2377 word32 pubKeyLen; /* Public key length */ 2143 2378 struct KeyShareEntry* next; /* List pointer */ 2144 2379 } KeyShareEntry; … … 2148 2383 WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl); 2149 2384 WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl); 2385 WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* ssl); 2150 2386 2151 2387 2152 2388 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 2389 #ifndef WOLFSSL_TLS13_DRAFT_18 2390 /* Ticket nonce - for deriving PSK. 2391 * Length allowed to be: 1..255. Only support 4 bytes. 2392 */ 2393 typedef struct TicketNonce { 2394 byte len; 2395 byte data[MAX_TICKET_NONCE_SZ]; 2396 } TicketNonce; 2397 #endif 2398 2153 2399 /* The PreSharedKey extension information - entry in a linked list. */ 2154 2400 typedef struct PreSharedKey { … … 2159 2405 byte cipherSuite; /* Cipher Suite */ 2160 2406 word32 binderLen; /* Length of HMAC */ 2161 byte binder[ MAX_DIGEST_SIZE]; /* HMAC of hanshake */2407 byte binder[WC_MAX_DIGEST_SIZE]; /* HMAC of hanshake */ 2162 2408 byte hmac; /* HMAC algorithm */ 2163 2409 byte resumption:1; /* Resumption PSK */ … … 2212 2458 2213 2459 2460 #ifdef OPENSSL_EXTRA 2461 enum SetCBIO { 2462 WOLFSSL_CBIO_NONE = 0, 2463 WOLFSSL_CBIO_RECV = 0x1, 2464 WOLFSSL_CBIO_SEND = 0x2, 2465 }; 2466 #endif 2467 2214 2468 /* wolfSSL context type */ 2215 2469 struct WOLFSSL_CTX { … … 2232 2486 WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names; 2233 2487 #endif 2234 #if defined(WOLFSSL_NGINX) || defined (WOLFSSL_HAPROXY) 2488 #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ 2489 defined(WOLFSSL_NGINX) || defined (WOLFSSL_HAPROXY) 2235 2490 WOLF_STACK_OF(WOLFSSL_X509)* x509Chain; 2236 2491 #endif … … 2249 2504 Suites* suites; /* make dynamic, user may not need/set */ 2250 2505 void* heap; /* for user memory overrides */ 2251 byte verifyPeer; 2252 byte verifyNone; 2253 byte failNoCert; 2254 byte failNoCertxPSK; /* fail if no cert with the exception of PSK*/ 2255 byte sessionCacheOff; 2256 byte sessionCacheFlushOff; 2506 byte verifyDepth; 2507 byte verifyPeer:1; 2508 byte verifyNone:1; 2509 byte failNoCert:1; 2510 byte failNoCertxPSK:1; /* fail if no cert with the exception of PSK*/ 2511 byte sessionCacheOff:1; 2512 byte sessionCacheFlushOff:1; 2257 2513 #ifdef HAVE_EXT_CACHE 2258 byte internalCacheOff ;2259 #endif 2260 byte sendVerify ; /* for client side*/2261 byte haveRSA ;/* RSA available */2262 byte haveECC ;/* ECC available */2263 byte haveDH ;/* server DH parms set by user */2264 byte haveNTRU ;/* server private NTRU key loaded */2265 byte haveECDSAsig ;/* server cert signed w/ ECDSA */2266 byte haveStaticECC ;/* static server ECC private key */2267 byte partialWrite ;/* only one msg per write call */2268 byte quietShutdown ;/* don't send close notify */2269 byte groupMessages ;/* group handshake messages before sending */2514 byte internalCacheOff:1; 2515 #endif 2516 byte sendVerify:2; /* for client side (can not be single bit) */ 2517 byte haveRSA:1; /* RSA available */ 2518 byte haveECC:1; /* ECC available */ 2519 byte haveDH:1; /* server DH parms set by user */ 2520 byte haveNTRU:1; /* server private NTRU key loaded */ 2521 byte haveECDSAsig:1; /* server cert signed w/ ECDSA */ 2522 byte haveStaticECC:1; /* static server ECC private key */ 2523 byte partialWrite:1; /* only one msg per write call */ 2524 byte quietShutdown:1; /* don't send close notify */ 2525 byte groupMessages:1; /* group handshake messages before sending */ 2270 2526 byte minDowngrade; /* minimum downgrade version */ 2271 byte haveEMS ;/* have extended master secret extension */2527 byte haveEMS:1; /* have extended master secret extension */ 2272 2528 byte useClientOrder:1; /* Use client's cipher preference order */ 2273 2529 #ifdef WOLFSSL_TLS13 … … 2278 2534 byte postHandshakeAuth:1; /* Post-handshake auth supported. */ 2279 2535 #endif 2536 #ifndef NO_DH 2537 #if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \ 2538 !defined(HAVE_SELFTEST) 2539 byte dhKeyTested:1; /* Set when key has been tested. */ 2540 #endif 2541 #endif 2280 2542 #ifdef WOLFSSL_MULTICAST 2281 2543 byte haveMcast; /* multicast requested */ … … 2288 2550 #ifndef NO_DH 2289 2551 word16 minDhKeySz; /* minimum DH key size */ 2552 word16 maxDhKeySz; /* maximum DH key size */ 2290 2553 #endif 2291 2554 #ifndef NO_RSA … … 2295 2558 short minEccKeySz; /* minimum ECC key size */ 2296 2559 #endif 2560 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 2561 unsigned long mask; /* store SSL_OP_ flags */ 2562 #endif 2297 2563 #ifdef OPENSSL_EXTRA 2564 byte sessionCtx[ID_LEN]; /* app session context ID */ 2298 2565 word32 disabledCurves; /* curves disabled by user */ 2299 byte verifyDepth; /* maximum verification depth */ 2300 unsigned long mask; /* store SSL_OP_ flags */ 2566 const unsigned char *alpn_cli_protos;/* ALPN client protocol list */ 2567 unsigned int alpn_cli_protos_len; 2568 byte sessionCtxSz; 2569 byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */ 2570 CallbackInfoState* CBIS; /* used to get info about SSL state */ 2301 2571 #endif 2302 2572 CallbackIORecv CBIORecv; … … 2304 2574 #ifdef WOLFSSL_DTLS 2305 2575 CallbackGenCookie CBIOCookie; /* gen cookie callback */ 2306 wc_dtls_export dtls_export; /* export function for DTLS session */2307 2576 #ifdef WOLFSSL_SESSION_EXPORT 2577 wc_dtls_export dtls_export; /* export function for DTLS session */ 2308 2578 CallbackGetPeer CBGetPeer; 2309 2579 CallbackSetPeer CBSetPeer; … … 2317 2587 #ifdef HAVE_ECC 2318 2588 word16 eccTempKeySz; /* in octets 20 - 66 */ 2589 #endif 2590 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 2319 2591 word32 pkCurveOID; /* curve Ecc_Sum */ 2320 2592 #endif … … 2323 2595 wc_psk_client_callback client_psk_cb; /* client callback */ 2324 2596 wc_psk_server_callback server_psk_cb; /* server callback */ 2597 #ifdef WOLFSSL_TLS13 2598 wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */ 2599 wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */ 2600 #endif 2325 2601 char server_hint[MAX_PSK_ID_LEN + NULL_TERM_LEN]; 2326 2602 #endif /* HAVE_SESSION_TICKET || !NO_PSK */ 2603 #ifdef WOLFSSL_TLS13 2604 word16 group[WOLFSSL_MAX_GROUP_COUNT]; 2605 byte numGroups; 2606 #endif 2327 2607 #ifdef WOLFSSL_EARLY_DATA 2328 2608 word32 maxEarlyDataSz; … … 2331 2611 byte haveAnon; /* User wants to allow Anon suites */ 2332 2612 #endif /* HAVE_ANON */ 2613 #ifdef WOLFSSL_ENCRYPTED_KEYS 2614 pem_password_cb* passwd_cb; 2615 void* passwd_userdata; 2616 #endif 2333 2617 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 2334 pem_password_cb* passwd_cb;2335 void* userdata;2336 2618 WOLFSSL_X509_STORE x509_store; /* points to ctx->cm */ 2619 WOLFSSL_X509_STORE* x509_store_pt; /* take ownership of external store */ 2337 2620 byte readAhead; 2338 2621 void* userPRFArg; /* passed to prf callback */ 2339 #endif /* OPENSSL_EXTRA */2622 #endif 2340 2623 #ifdef HAVE_EX_DATA 2341 2624 void* ex_data[MAX_EX_DATA]; 2342 2625 #endif 2343 #if defined(HAVE_ALPN) && (defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY))2626 #if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) 2344 2627 CallbackALPNSelect alpnSelect; 2345 2628 void* alpnSelectArg; 2346 2629 #endif 2347 #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2630 #if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || \ 2631 defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) || \ 2632 defined(WOLFSSL_HAPROXY))) 2348 2633 CallbackSniRecv sniRecvCb; 2349 2634 void* sniRecvCbArg; … … 2385 2670 #ifdef HAVE_PK_CALLBACKS 2386 2671 #ifdef HAVE_ECC 2672 CallbackEccKeyGen EccKeyGenCb; /* User EccKeyGen Callback Handler */ 2387 2673 CallbackEccSign EccSignCb; /* User EccSign Callback handler */ 2388 2674 CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */ … … 2395 2681 #endif 2396 2682 #ifdef HAVE_CURVE25519 2397 /* User EccSharedSecret Callback handler */ 2683 /* User X25519 KeyGen Callback Handler */ 2684 CallbackX25519KeyGen X25519KeyGenCb; 2685 /* User X25519 SharedSecret Callback handler */ 2398 2686 CallbackX25519SharedSecret X25519SharedSecretCb; 2399 2687 #endif 2400 2688 #endif /* HAVE_ECC */ 2689 #ifndef NO_DH 2690 CallbackDhAgree DhAgreeCb; /* User DH Agree Callback handler */ 2691 #endif 2401 2692 #ifndef NO_RSA 2402 CallbackRsaSign RsaSignCb; /* User RsaSign Callback handler */ 2403 CallbackRsaVerify RsaVerifyCb; /* User RsaVerify Callback handler */ 2693 CallbackRsaSign RsaSignCb; /* User RsaSign Callback handler (priv key) */ 2694 CallbackRsaVerify RsaVerifyCb; /* User RsaVerify Callback handler (pub key) */ 2695 CallbackRsaVerify RsaSignCheckCb; /* User VerifyRsaSign Callback handler (priv key) */ 2404 2696 #ifdef WC_RSA_PSS 2405 CallbackRsaPssSign RsaPssSignCb; /* User RsaPssSign */ 2406 CallbackRsaPssVerify RsaPssVerifyCb; /* User RsaPssVerify */ 2697 CallbackRsaPssSign RsaPssSignCb; /* User RsaSign (priv key) */ 2698 CallbackRsaPssVerify RsaPssVerifyCb; /* User RsaVerify (pub key) */ 2699 CallbackRsaPssVerify RsaPssSignCheckCb; /* User VerifyRsaSign (priv key) */ 2407 2700 #endif 2408 2701 CallbackRsaEnc RsaEncCb; /* User Rsa Public Encrypt handler */ … … 2418 2711 void (*rem_sess_cb)(WOLFSSL_CTX*, WOLFSSL_SESSION*); 2419 2712 #endif 2420 }; 2421 2713 #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256) 2714 Srp* srp; /* TLS Secure Remote Password Protocol*/ 2715 byte* srp_password; 2716 #endif 2717 }; 2422 2718 2423 2719 WOLFSSL_LOCAL … … 2531 2827 2532 2828 2829 #ifndef WOLFSSL_AEAD_ONLY 2533 2830 enum CipherType { stream, block, aead }; 2831 #else 2832 enum CipherType { aead }; 2833 #endif 2534 2834 2535 2835 … … 2662 2962 byte serverID[SERVER_ID_LEN]; /* for easier client lookup */ 2663 2963 #endif 2964 #ifdef OPENSSL_EXTRA 2965 byte sessionCtxSz; /* sessionCtx length */ 2966 byte sessionCtx[ID_LEN]; /* app specific context id */ 2967 #endif 2968 #ifdef WOLFSSL_TLS13 2969 word16 namedGroup; 2970 #endif 2664 2971 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) 2665 2972 #ifdef WOLFSSL_TLS13 2666 byte namedGroup;2667 2973 word32 ticketSeen; /* Time ticket seen (ms) */ 2668 2974 word32 ticketAdd; /* Added by client */ 2975 #ifndef WOLFSSL_TLS13_DRAFT_18 2976 TicketNonce ticketNonce; /* Nonce used to derive PSK */ 2977 #endif 2669 2978 #endif 2670 2979 #ifdef WOLFSSL_EARLY_DATA 2671 2980 word32 maxEarlyDataSz; 2672 2981 #endif 2982 #endif 2983 #ifdef HAVE_SESSION_TICKET 2673 2984 byte* ticket; 2674 2985 word16 ticketLen; … … 2690 3001 int SetSession(WOLFSSL*, WOLFSSL_SESSION*); 2691 3002 2692 typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int );3003 typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int); 2693 3004 2694 3005 #ifndef NO_CLIENT_CACHE … … 2731 3042 ACCEPT_FINISHED_DONE, 2732 3043 ACCEPT_THIRD_REPLY_DONE 3044 }; 3045 3046 /* TLS 1.3 server accept state for nonblocking restart */ 3047 enum AcceptStateTls13 { 3048 TLS13_ACCEPT_BEGIN = 0, 3049 TLS13_ACCEPT_CLIENT_HELLO_DONE, 3050 TLS13_ACCEPT_HELLO_RETRY_REQUEST_DONE, 3051 TLS13_ACCEPT_FIRST_REPLY_DONE, 3052 TLS13_ACCEPT_SECOND_REPLY_DONE, 3053 TLS13_SERVER_HELLO_SENT, 3054 TLS13_ACCEPT_THIRD_REPLY_DONE, 3055 TLS13_SERVER_EXTENSIONS_SENT, 3056 TLS13_CERT_REQ_SENT, 3057 TLS13_CERT_SENT, 3058 TLS13_CERT_VERIFY_SENT, 3059 TLS13_ACCEPT_FINISHED_SENT, 3060 TLS13_PRE_TICKET_SENT, 3061 TLS13_ACCEPT_FINISHED_DONE, 3062 TLS13_TICKET_SENT 2733 3063 }; 2734 3064 … … 2765 3095 #ifdef WOLFSSL_TLS13 2766 3096 int certChainCnt; 3097 DerBuffer* certExts; 2767 3098 #endif 2768 3099 #endif … … 2819 3150 wc_psk_client_callback client_psk_cb; 2820 3151 wc_psk_server_callback server_psk_cb; 3152 #ifdef WOLFSSL_TLS13 3153 wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */ 3154 wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */ 3155 #endif 2821 3156 #endif /* NO_PSK */ 2822 3157 #ifdef OPENSSL_EXTRA … … 2834 3169 word16 internalCacheOff:1; 2835 3170 #endif 2836 word16 side: 1; /* client or server end */3171 word16 side:2; /* client, server or neither end */ 2837 3172 word16 verifyPeer:1; 2838 3173 word16 verifyNone:1; … … 2868 3203 word16 certOnly:1; /* stop once we get cert */ 2869 3204 word16 groupMessages:1; /* group handshake messages */ 2870 word16 usingNonblock:1; /* are we using nonblocking socket */2871 3205 word16 saveArrays:1; /* save array Memory for user get keys 2872 3206 or psk */ … … 2888 3222 #endif 2889 3223 #ifdef WOLFSSL_DTLS 3224 word16 dtlsUseNonblock:1; /* are we using nonblocking socket */ 2890 3225 word16 dtlsHsRetain:1; /* DTLS retaining HS data */ 2891 3226 word16 haveMcast:1; /* using multicast ? */ … … 2909 3244 word16 usingAltCertChain:1;/* Alternate cert chain was used */ 2910 3245 #endif 2911 3246 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) 3247 word16 sentChangeCipher:1; /* Change Cipher Spec sent */ 3248 #endif 3249 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \ 3250 !defined(NO_ED25519_CLIENT_AUTH) 3251 word16 cacheMessages:1; /* Cache messages for sign/verify */ 3252 #endif 3253 #ifndef NO_DH 3254 #if !defined(WOLFSSL_OLD_PRIME_CHECK) && \ 3255 !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) 3256 word16 dhDoKeyTest:1; /* Need to do the DH Key prime test */ 3257 word16 dhKeyTested:1; /* Set when key has been tested. */ 3258 #endif 3259 #endif 2912 3260 /* need full byte values for this section */ 2913 3261 byte processReply; /* nonblocking resume */ … … 2929 3277 #ifndef NO_DH 2930 3278 word16 minDhKeySz; /* minimum DH key size */ 3279 word16 maxDhKeySz; /* minimum DH key size */ 2931 3280 word16 dhKeySz; /* actual DH key size */ 2932 3281 #endif … … 2941 3290 #endif 2942 3291 #ifdef WOLFSSL_EARLY_DATA 3292 word16 pskIdIndex; 2943 3293 word32 maxEarlyDataSz; 2944 3294 #endif 2945 3295 #ifdef WOLFSSL_TLS13 3296 byte oldMinor; /* client preferred version < TLS 1.3 */ 3297 #endif 2946 3298 } Options; 2947 3299 … … 2963 3315 byte sessionIDSz; 2964 3316 #ifdef WOLFSSL_TLS13 2965 byte clientSecret[SECRET_LEN];2966 byte serverSecret[SECRET_LEN];2967 3317 byte secret[SECRET_LEN]; 2968 3318 #endif … … 2999 3349 struct WOLFSSL_X509_NAME { 3000 3350 char *name; 3001 char staticName[ASN_NAME_MAX];3002 3351 int dynamicName; 3003 3352 int sz; 3004 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) 3353 char staticName[ASN_NAME_MAX]; 3354 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ 3355 !defined(NO_ASN) 3005 3356 DecodedName fullName; 3006 3357 WOLFSSL_X509_NAME_ENTRY cnEntry; 3358 WOLFSSL_X509_NAME_ENTRY extra[MAX_NAME_ENTRIES]; /* extra entries added */ 3007 3359 WOLFSSL_X509* x509; /* x509 that struct belongs to */ 3008 3360 #endif /* OPENSSL_EXTRA */ 3009 #if def WOLFSSL_NGINX3361 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) 3010 3362 byte raw[ASN_NAME_MAX]; 3011 3363 int rawLen; … … 3023 3375 struct WOLFSSL_X509 { 3024 3376 int version; 3025 WOLFSSL_X509_NAME issuer;3026 WOLFSSL_X509_NAME subject;3027 3377 int serialSz; 3028 byte serial[EXTERNAL_SERIAL_SIZE];3029 char subjectCN[ASN_NAME_MAX]; /* common name short cut */3030 3378 #ifdef WOLFSSL_SEP 3031 3379 int deviceTypeSz; 3380 int hwTypeSz; 3032 3381 byte deviceType[EXTERNAL_SERIAL_SIZE]; 3033 int hwTypeSz;3034 3382 byte hwType[EXTERNAL_SERIAL_SIZE]; 3035 3383 int hwSerialNumSz; 3036 3384 byte hwSerialNum[EXTERNAL_SERIAL_SIZE]; 3037 #if def OPENSSL_EXTRA3385 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 3038 3386 byte certPolicySet; 3039 3387 byte certPolicyCrit; … … 3041 3389 #endif 3042 3390 int notBeforeSz; 3391 int notAfterSz; 3043 3392 byte notBefore[MAX_DATE_SZ]; 3044 int notAfterSz;3045 3393 byte notAfter[MAX_DATE_SZ]; 3394 buffer sig; 3046 3395 int sigOID; 3047 buffer sig; 3396 DNS_entry* altNames; /* alt names list */ 3397 buffer pubKey; 3048 3398 int pubKeyOID; 3049 buffer pubKey;3050 #if def HAVE_ECC3399 DNS_entry* altNamesNext; /* hint for retrieval */ 3400 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 3051 3401 word32 pkCurveOID; 3052 3402 #endif /* HAVE_ECC */ … … 3054 3404 DerBuffer* derCert; /* may need */ 3055 3405 #endif 3056 DNS_entry* altNames; /* alt names list */3057 DNS_entry* altNamesNext; /* hint for retrieval */3058 3406 void* heap; /* heap hint */ 3059 3407 byte dynamicMemory; /* dynamic memory flag */ 3060 byte isCa ;3408 byte isCa:1; 3061 3409 #ifdef WOLFSSL_CERT_EXT 3062 3410 char certPolicies[MAX_CERTPOL_NB][MAX_CERTPOL_SZ]; 3063 3411 int certPoliciesNb; 3064 3412 #endif /* WOLFSSL_CERT_EXT */ 3065 #if def OPENSSL_EXTRA3413 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 3066 3414 #ifdef HAVE_EX_DATA 3067 3415 void* ex_data[MAX_EX_DATA]; 3068 3416 #endif 3417 byte* authKeyId; 3418 byte* subjKeyId; 3419 byte* extKeyUsageSrc; 3420 const byte* CRLInfo; 3421 byte* authInfo; 3069 3422 word32 pathLength; 3070 3423 word16 keyUsage; 3071 byte CRLdistSet;3072 byte CRLdistCrit;3073 byte* CRLInfo;3074 3424 int CRLInfoSz; 3075 byte authInfoSet;3076 byte authInfoCrit;3077 byte* authInfo;3078 3425 int authInfoSz; 3079 byte basicConstSet;3080 byte basicConstCrit;3081 byte basicConstPlSet;3082 byte subjAltNameSet;3083 byte subjAltNameCrit;3084 byte authKeyIdSet;3085 byte authKeyIdCrit;3086 byte* authKeyId;3087 3426 word32 authKeyIdSz; 3088 byte subjKeyIdSet;3089 byte subjKeyIdCrit;3090 byte* subjKeyId;3091 3427 word32 subjKeyIdSz; 3092 byte keyUsageSet;3093 byte keyUsageCrit;3094 byte extKeyUsageCrit;3095 byte* extKeyUsageSrc;3096 3428 word32 extKeyUsageSz; 3097 3429 word32 extKeyUsageCount; 3098 #endif /* OPENSSL_EXTRA */ 3430 3431 byte CRLdistSet:1; 3432 byte CRLdistCrit:1; 3433 byte authInfoSet:1; 3434 byte authInfoCrit:1; 3435 byte keyUsageSet:1; 3436 byte keyUsageCrit:1; 3437 byte extKeyUsageCrit:1; 3438 byte subjKeyIdSet:1; 3439 3440 byte subjKeyIdCrit:1; 3441 byte basicConstSet:1; 3442 byte basicConstCrit:1; 3443 byte basicConstPlSet:1; 3444 byte subjAltNameSet:1; 3445 byte subjAltNameCrit:1; 3446 byte authKeyIdSet:1; 3447 byte authKeyIdCrit:1; 3448 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 3449 byte serial[EXTERNAL_SERIAL_SIZE]; 3450 char subjectCN[ASN_NAME_MAX]; /* common name short cut */ 3451 #ifdef WOLFSSL_CERT_REQ 3452 char challengePw[CTC_NAME_SIZE]; /* for REQ certs */ 3453 #endif 3454 WOLFSSL_X509_NAME issuer; 3455 WOLFSSL_X509_NAME subject; 3099 3456 }; 3100 3457 … … 3133 3490 word32 fragSz; /* Length of fragments received */ 3134 3491 word32 seq; /* Handshake sequence number */ 3135 word32 sz; /* Length of whole mes age*/3492 word32 sz; /* Length of whole message */ 3136 3493 byte type; 3137 3494 } DtlsMsg; … … 3150 3507 #endif 3151 3508 3152 3153 3509 /* Handshake messages received from peer (plus change cipher */ 3154 3510 typedef struct MsgsReceived { 3155 3511 word16 got_hello_request:1; 3156 3512 word16 got_client_hello:2; 3157 word16 got_server_hello: 1;3513 word16 got_server_hello:2; 3158 3514 word16 got_hello_verify_request:1; 3159 3515 word16 got_session_ticket:1; … … 3193 3549 wc_Sha512 hashSha512; /* sha512 hash of handshake msgs */ 3194 3550 #endif 3551 #if defined(HAVE_ED25519) && !defined(WOLFSSL_NO_CLIENT_AUTH) 3552 byte* messages; /* handshake messages */ 3553 int length; /* length of handshake messages' data */ 3554 int prevLen; /* length of messages but last */ 3555 #endif 3195 3556 } HS_Hashes; 3196 3557 … … 3232 3593 #endif 3233 3594 3595 #ifdef WOLFSSL_EARLY_DATA 3596 typedef enum EarlyDataState { 3597 no_early_data, 3598 expecting_early_data, 3599 process_early_data, 3600 done_early_data 3601 } EarlyDataState; 3602 #endif 3603 3234 3604 /* wolfSSL ssl type */ 3235 3605 struct WOLFSSL { … … 3237 3607 Suites* suites; /* only need during handshake */ 3238 3608 Arrays* arrays; 3609 #ifdef WOLFSSL_TLS13 3610 byte clientSecret[SECRET_LEN]; 3611 byte serverSecret[SECRET_LEN]; 3612 #endif 3239 3613 HS_Hashes* hsHashes; 3240 3614 void* IOCB_ReadCtx; … … 3249 3623 byte dupSide; /* write side or read side */ 3250 3624 #endif 3625 #ifdef OPENSSL_EXTRA 3626 byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */ 3627 #endif 3628 CallbackIORecv CBIORecv; 3629 CallbackIOSend CBIOSend; 3251 3630 #ifdef WOLFSSL_STATIC_MEMORY 3252 3631 WOLFSSL_HEAP_HINT heap_hint; … … 3258 3637 #ifdef WOLFSSL_ASYNC_CRYPT 3259 3638 struct WOLFSSL_ASYNC async; 3639 #elif defined(WOLFSSL_NONBLOCK_OCSP) 3640 void* nonblockarg; /* dynamic arg for handling non-block resume */ 3260 3641 #endif 3261 3642 void* hsKey; /* Handshake key (RsaKey or ecc_key) allocated from heap */ 3262 3643 word32 hsType; /* Type of Handshake key (hsKey) */ 3263 3644 WOLFSSL_CIPHER cipher; 3645 #ifndef WOLFSSL_AEAD_ONLY 3264 3646 hmacfp hmac; 3647 #endif 3265 3648 Ciphers encrypt; 3266 3649 Ciphers decrypt; … … 3279 3662 word32 fragOffset; /* fragment offset */ 3280 3663 word16 curSize; 3664 byte verifyDepth; 3281 3665 RecordLayerHeader curRL; 3282 3666 MsgsReceived msgsReceived; /* peer messages received */ … … 3287 3671 Options options; 3288 3672 #ifdef OPENSSL_EXTRA 3673 CallbackInfoState* CBIS; /* used to get info about SSL state */ 3674 int cbmode; /* read or write on info callback */ 3675 int cbtype; /* event type in info callback */ 3289 3676 WOLFSSL_BIO* biord; /* socket bio read to free/close */ 3290 3677 WOLFSSL_BIO* biowr; /* socket bio write to free/close */ 3678 byte sessionCtx[ID_LEN]; /* app session context ID */ 3291 3679 unsigned long peerVerifyRet; 3292 3680 byte readAhead; 3681 byte sessionCtxSz; /* size of sessionCtx stored */ 3293 3682 #ifdef HAVE_PK_CALLBACKS 3294 3683 void* loggingCtx; /* logging callback argument */ 3295 3684 #endif 3296 #endif 3685 #endif /* OPENSSL_EXTRA */ 3297 3686 #ifndef NO_RSA 3298 3687 RsaKey* peerRsaKey; … … 3313 3702 #ifdef WOLFSSL_TLS13 3314 3703 word16 namedGroup; 3704 word16 group[WOLFSSL_MAX_GROUP_COUNT]; 3705 byte numGroups; 3315 3706 #endif 3316 3707 byte pssAlgo; 3708 #ifdef WOLFSSL_TLS13 3709 #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) 3710 word16 certHashSigAlgoSz; /* SigAlgoCert ext length in bytes */ 3711 byte certHashSigAlgo[WOLFSSL_MAX_SIGALGO]; /* cert sig/algo to 3712 * offer */ 3713 #endif /* !WOLFSSL_TLS13_DRAFT_18 && !WOLFSSL_TLS13_DRAFT_22 */ 3714 #endif 3317 3715 #ifdef HAVE_NTRU 3318 3716 word16 peerNtruKeyLen; … … 3332 3730 ecc_key* peerEccKey; /* peer's ECDHE key */ 3333 3731 ecc_key* peerEccDsaKey; /* peer's ECDSA key */ 3334 word32 pkCurveOID; /* curve Ecc_Sum */3335 3732 word16 eccTempKeySz; /* in octets 20 - 66 */ 3336 3733 byte peerEccDsaKeyPresent; 3734 #endif 3735 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 3736 word32 pkCurveOID; /* curve Ecc_Sum */ 3337 3737 #endif 3338 3738 #ifdef HAVE_ED25519 … … 3359 3759 void* IOCB_CookieCtx; /* gen cookie ctx */ 3360 3760 word32 dtls_expected_rx; 3761 #ifdef WOLFSSL_SESSION_EXPORT 3361 3762 wc_dtls_export dtls_export; /* export function for session */ 3763 #endif 3362 3764 #ifdef WOLFSSL_SCTP 3363 3765 word16 dtlsMtuSz; … … 3372 3774 #endif /* WOLFSSL_DTLS */ 3373 3775 #ifdef WOLFSSL_CALLBACKS 3776 TimeoutInfo timeoutInfo; /* info saved during handshake */ 3374 3777 HandShakeInfo handShakeInfo; /* info saved during handshake */ 3375 TimeoutInfo timeoutInfo; /* info saved during handshake */ 3778 #endif 3779 #ifdef OPENSSL_EXTRA 3780 SSL_Msg_Cb protoMsgCb; /* inspect protocol message callback */ 3781 void* protoMsgCtx; /* user set context with msg callback */ 3782 #endif 3783 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 3376 3784 byte hsInfoOn; /* track handshake info */ 3377 3785 byte toInfoOn; /* track timeout info */ … … 3420 3828 #ifdef HAVE_ALPN 3421 3829 char* alpn_client_list; /* keep the client's list */ 3422 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)3830 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 3423 3831 CallbackALPNSelect alpnSelect; 3424 3832 void* alpnSelectArg; … … 3436 3844 byte* ocspResp; 3437 3845 int ocspRespSz; 3438 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)3846 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 3439 3847 char* url; 3440 3848 #endif … … 3444 3852 NetX_Ctx nxCtx; /* NetX IO Context */ 3445 3853 #endif 3854 #if defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) 3855 void* mnCtx; /* mynewt mn_socket IO Context */ 3856 #endif /* defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) */ 3446 3857 #ifdef SESSION_INDEX 3447 3858 int sessionIndex; /* Session's location in the cache. */ … … 3453 3864 #ifdef HAVE_PK_CALLBACKS 3454 3865 #ifdef HAVE_ECC 3866 void* EccKeyGenCtx; /* EccKeyGen Callback Context */ 3455 3867 void* EccSignCtx; /* Ecc Sign Callback Context */ 3456 3868 void* EccVerifyCtx; /* Ecc Verify Callback Context */ … … 3461 3873 #endif 3462 3874 #ifdef HAVE_CURVE25519 3875 void* X25519KeyGenCtx; /* X25519 KeyGen Callback Context */ 3463 3876 void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */ 3464 3877 #endif 3465 3878 #endif /* HAVE_ECC */ 3879 #ifndef NO_DH 3880 void* DhAgreeCtx; /* DH Pms Callback Context */ 3881 #endif /* !NO_DH */ 3466 3882 #ifndef NO_RSA 3467 3883 void* RsaSignCtx; /* Rsa Sign Callback Context */ … … 3483 3899 #endif /* WOLFSSL_JNI */ 3484 3900 #ifdef WOLFSSL_EARLY_DATA 3485 intearlyData;3901 EarlyDataState earlyData; 3486 3902 word32 earlyDataSz; 3487 3903 #endif … … 3498 3914 3499 3915 3500 enum {3501 IV_SZ = 32, /* max iv sz */3502 NAME_SZ = 80 /* max one line */3503 };3504 3505 3506 typedef struct EncryptedInfo {3507 char name[NAME_SZ]; /* encryption name */3508 byte iv[IV_SZ]; /* encrypted IV */3509 word32 ivSz; /* encrypted IV size */3510 long consumed; /* tracks PEM bytes consumed */3511 byte set; /* if encryption set */3512 WOLFSSL_CTX* ctx; /* CTX owner */3513 } EncryptedInfo;3514 3515 3916 3516 3917 #ifndef NO_CERTS 3517 3518 WOLFSSL_LOCAL int AllocDer(DerBuffer** der, word32 length, int type, void* heap);3519 WOLFSSL_LOCAL void FreeDer(DerBuffer** der);3520 3521 WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type,3522 DerBuffer** pDer, void* heap, EncryptedInfo* info,3523 int* eccKey);3524 3918 3525 3919 WOLFSSL_LOCAL int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, … … 3537 3931 3538 3932 3539 #if def WOLFSSL_CALLBACKS3933 #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) 3540 3934 WOLFSSL_LOCAL 3541 3935 void InitHandShakeInfo(HandShakeInfo*, WOLFSSL*); … … 3543 3937 void FinishHandShakeInfo(HandShakeInfo*); 3544 3938 WOLFSSL_LOCAL 3545 void AddPacketName( const char*, HandShakeInfo*);3939 void AddPacketName(WOLFSSL* ssl, const char* name); 3546 3940 3547 3941 WOLFSSL_LOCAL … … 3550 3944 void FreeTimeoutInfo(TimeoutInfo*, void*); 3551 3945 WOLFSSL_LOCAL 3552 void AddPacketInfo(const char*, TimeoutInfo*, const byte*, int, void*); 3946 void AddPacketInfo(WOLFSSL* ssl, const char* name, int type, 3947 const byte* data, int sz, int write, void* heap); 3553 3948 WOLFSSL_LOCAL 3554 3949 void AddLateName(const char*, TimeoutInfo*); … … 3630 4025 WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int); 3631 4026 #ifdef WOLFSSL_TLS13 4027 #ifdef WOLFSSL_TLS13_DRAFT_18 3632 4028 WOLFSSL_LOCAL int SendTls13HelloRetryRequest(WOLFSSL*); 4029 #else 4030 WOLFSSL_LOCAL int SendTls13ServerHello(WOLFSSL*, byte); 4031 #endif 3633 4032 #endif 3634 4033 WOLFSSL_LOCAL int SendCertificate(WOLFSSL*); 3635 4034 WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*); 4035 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ 4036 || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) 4037 WOLFSSL_LOCAL int CreateOcspResponse(WOLFSSL*, OcspRequest**, buffer*); 4038 #endif 4039 #if defined(HAVE_SECURE_RENEGOTIATION) && \ 4040 defined(HAVE_SERVER_RENEGOTIATION_INFO) 4041 WOLFSSL_LOCAL int SendHelloRequest(WOLFSSL*); 4042 #endif 3636 4043 WOLFSSL_LOCAL int SendCertificateStatus(WOLFSSL*); 3637 4044 WOLFSSL_LOCAL int SendServerKeyExchange(WOLFSSL*); … … 3660 4067 3661 4068 WOLFSSL_LOCAL int SetTicket(WOLFSSL*, const byte*, word32); 4069 WOLFSSL_LOCAL int wolfSSL_GetMaxRecordSize(WOLFSSL* ssl, int maxFragment); 3662 4070 3663 4071 #ifndef NO_CERTS … … 3665 4073 #ifdef WC_RSA_PSS 3666 4074 WOLFSSL_LOCAL int CheckRsaPssPadding(const byte* plain, word32 plainSz, 3667 byte* out, word32 sigSz, 3668 enum wc_HashType hashType); 3669 WOLFSSL_LOCAL int ConvertHashPss(int hashAlgo, enum wc_HashType* hashType, int* mgf); 3670 #endif 3671 WOLFSSL_LOCAL int VerifyRsaSign(WOLFSSL* ssl, 3672 byte* verifySig, word32 sigSz, 3673 const byte* plain, word32 plainSz, 3674 int sigAlgo, int hashAlgo, 3675 RsaKey* key); 4075 byte* out, word32 sigSz, enum wc_HashType hashType); 4076 WOLFSSL_LOCAL int ConvertHashPss(int hashAlgo, 4077 enum wc_HashType* hashType, int* mgf); 4078 #endif 4079 WOLFSSL_LOCAL int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, 4080 word32 sigSz, const byte* plain, word32 plainSz, int sigAlgo, 4081 int hashAlgo, RsaKey* key, DerBuffer* keyBufInfo); 3676 4082 WOLFSSL_LOCAL int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, 3677 4083 byte* out, word32* outSz, int sigAlgo, int hashAlgo, RsaKey* key, 3678 const byte* keyBuf, word32 keySz, void* ctx);4084 DerBuffer* keyBufInfo); 3679 4085 WOLFSSL_LOCAL int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, 3680 4086 byte** out, int sigAlgo, int hashAlgo, RsaKey* key, 3681 const byte* keyBuf, word32 keySz, void* ctx);4087 buffer* keyBufInfo); 3682 4088 WOLFSSL_LOCAL int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, 3683 word32* outSz, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx);4089 word32* outSz, RsaKey* key, DerBuffer* keyBufInfo); 3684 4090 WOLFSSL_LOCAL int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, 3685 word32* outSz, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx);4091 word32* outSz, RsaKey* key, buffer* keyBufInfo); 3686 4092 #endif /* !NO_RSA */ 3687 4093 3688 4094 #ifdef HAVE_ECC 3689 4095 WOLFSSL_LOCAL int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz, 3690 byte* out, word32* outSz, ecc_key* key, byte* keyBuf, word32 keySz, 3691 void* ctx); 4096 byte* out, word32* outSz, ecc_key* key, DerBuffer* keyBufInfo); 3692 4097 WOLFSSL_LOCAL int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, 3693 const byte* out, word32 outSz, ecc_key* key, byte* keyBuf, word32 keySz, 3694 void* ctx); 4098 const byte* out, word32 outSz, ecc_key* key, buffer* keyBufInfo); 3695 4099 WOLFSSL_LOCAL int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key, 3696 4100 ecc_key* pub_key, byte* pubKeyDer, word32* pubKeySz, byte* out, 3697 word32* outlen, int side , void* ctx);4101 word32* outlen, int side); 3698 4102 #endif /* HAVE_ECC */ 3699 4103 #ifdef HAVE_ED25519 4104 WOLFSSL_LOCAL int Ed25519CheckPubKey(WOLFSSL* ssl); 3700 4105 WOLFSSL_LOCAL int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, 3701 byte* out, word32* outSz, ed25519_key* key, byte* keyBuf, 3702 word32 keySz, void* ctx); 4106 byte* out, word32* outSz, ed25519_key* key, DerBuffer* keyBufInfo); 3703 4107 WOLFSSL_LOCAL int Ed25519Verify(WOLFSSL* ssl, const byte* in, 3704 4108 word32 inSz, const byte* msg, word32 msgSz, ed25519_key* key, 3705 b yte* keyBuf, word32 keySz, void* ctx);4109 buffer* keyBufInfo); 3706 4110 #endif /* HAVE_ED25519 */ 3707 4111 … … 3734 4138 #ifndef NO_TLS 3735 4139 WOLFSSL_LOCAL int MakeTlsMasterSecret(WOLFSSL*); 4140 #ifndef WOLFSSL_AEAD_ONLY 3736 4141 WOLFSSL_LOCAL int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, 3737 word32 sz, int content, int verify); 4142 word32 sz, int padSz, int content, int verify); 4143 #endif 3738 4144 #endif 3739 4145 … … 3788 4194 #endif 3789 4195 3790 WOLFSSL_LOCAL const char* const* GetCipherNames(void); 4196 typedef struct CipherSuiteInfo { 4197 const char* name; 4198 #ifndef NO_ERROR_STRINGS 4199 const char* name_iana; 4200 #endif 4201 byte cipherSuite0; 4202 byte cipherSuite; 4203 } CipherSuiteInfo; 4204 4205 WOLFSSL_LOCAL const CipherSuiteInfo* GetCipherNames(void); 3791 4206 WOLFSSL_LOCAL int GetCipherNamesSize(void); 3792 WOLFSSL_LOCAL const char* GetCipherNameInternal(const char* cipherName, int cipherSuite); 4207 WOLFSSL_LOCAL const char* GetCipherNameInternal(const byte cipherSuite0, const byte cipherSuite); 4208 WOLFSSL_LOCAL const char* GetCipherNameIana(const byte cipherSuite0, const byte cipherSuite); 3793 4209 WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl); 3794 WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_from_suite( 3795 const unsigned char cipherSuite, const unsigned char cipherSuite0); 4210 WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_iana(WOLFSSL* ssl); 4211 WOLFSSL_LOCAL int GetCipherSuiteFromName(const char* name, byte* cipherSuite0, 4212 byte* cipherSuite); 3796 4213 3797 4214 enum encrypt_side { -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/bio.h
r337 r372 1 /* bio.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* bio.h for openssl */ 2 23 … … 12 33 #endif 13 34 35 #define BIO_FLAG_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL 36 #define BIO_FLAG_READ WOLFSSL_BIO_FLAG_READ 37 #define BIO_FLAG_WRITE WOLFSSL_BIO_FLAG_WRITE 38 #define BIO_FLAG_IO_SPECIAL WOLFSSL_BIO_FLAG_IO_SPECIAL 39 #define BIO_FLAG_RETRY WOLFSSL_BIO_FLAG_RETRY 14 40 41 #define BIO_find_type wolfSSL_BIO_find_type 42 #define BIO_next wolfSSL_BIO_next 43 #define BIO_gets wolfSSL_BIO_gets 44 45 46 #define BIO_TYPE_FILE WOLFSSL_BIO_FILE 47 #define BIO_TYPE_BIO WOLFSSL_BIO_BIO 48 #define BIO_TYPE_MEM WOLFSSL_BIO_MEMORY 49 #define BIO_TYPE_BASE64 WOLFSSL_BIO_BASE64 15 50 16 51 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/bn.h
r337 r372 1 /* bn.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* bn.h for openssl */ 23 24 /*! 25 \file wolfssl/openssl/bn.h 26 \brief bn.h for openssl 27 */ 2 28 3 29 … … 38 64 WOLFSSL_API int wolfSSL_BN_mod_exp(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a, 39 65 const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx); 66 WOLFSSL_API int wolfSSL_BN_mod_mul(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a, 67 const WOLFSSL_BIGNUM *b, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx); 40 68 WOLFSSL_API const WOLFSSL_BIGNUM* wolfSSL_BN_value_one(void); 41 69 … … 56 84 WOLFSSL_API int wolfSSL_mask_bits(WOLFSSL_BIGNUM*, int n); 57 85 86 WOLFSSL_API int wolfSSL_BN_pseudo_rand(WOLFSSL_BIGNUM*, int bits, int top, 87 int bottom); 58 88 WOLFSSL_API int wolfSSL_BN_rand(WOLFSSL_BIGNUM*, int bits, int top, int bottom); 59 89 WOLFSSL_API int wolfSSL_BN_is_bit_set(const WOLFSSL_BIGNUM*, int n); … … 71 101 WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM*, int); 72 102 WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG); 103 WOLFSSL_API unsigned long wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*); 73 104 74 105 WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, … … 80 111 WOLFSSL_BN_ULONG); 81 112 #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) 82 WOLFSSL_API int wolfSSL_BN_print_fp( FILE*, const WOLFSSL_BIGNUM*);113 WOLFSSL_API int wolfSSL_BN_print_fp(XFILE, const WOLFSSL_BIGNUM*); 83 114 #endif 84 115 WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int); 85 116 WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx); 86 117 WOLFSSL_API void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx); 87 118 WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, 119 const WOLFSSL_BIGNUM*, WOLFSSL_BN_CTX *ctx); 88 120 typedef WOLFSSL_BIGNUM BIGNUM; 89 121 typedef WOLFSSL_BN_CTX BN_CTX; … … 112 144 #define BN_mod wolfSSL_BN_mod 113 145 #define BN_mod_exp wolfSSL_BN_mod_exp 146 #define BN_mod_mul wolfSSL_BN_mod_mul 114 147 #define BN_sub wolfSSL_BN_sub 115 148 #define BN_value_one wolfSSL_BN_value_one … … 117 150 #define BN_mask_bits wolfSSL_mask_bits 118 151 152 #define BN_pseudo_rand wolfSSL_BN_pseudo_rand 119 153 #define BN_rand wolfSSL_BN_rand 120 154 #define BN_is_bit_set wolfSSL_BN_is_bit_set … … 124 158 #define BN_copy wolfSSL_BN_copy 125 159 160 #define BN_get_word wolfSSL_BN_get_word 126 161 #define BN_set_word wolfSSL_BN_set_word 127 162 … … 145 180 #define BN_CTX_start wolfSSL_BN_CTX_start 146 181 182 #define BN_mod_inverse wolfSSL_BN_mod_inverse 183 147 184 #ifdef __cplusplus 148 185 } /* extern "C" */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/crypto.h
r337 r372 1 /* crypto.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* crypto.h for openSSL */ 2 23 … … 16 37 WOLFSSL_API unsigned long wolfSSLeay(void); 17 38 39 #ifdef OPENSSL_EXTRA 40 WOLFSSL_API void wolfSSL_OPENSSL_free(void*); 41 WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a); 42 #endif 43 18 44 #define CRYPTO_THREADID void 19 45 … … 24 50 #define SSLEAY_VERSION 0x0090600fL 25 51 #define SSLEAY_VERSION_NUMBER SSLEAY_VERSION 52 #define CRYPTO_lock wc_LockMutex_ex 26 53 27 #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 54 /* this function was used to set the default malloc, free, and realloc */ 55 #define CRYPTO_malloc_init() /* CRYPTO_malloc_init is not needed */ 56 57 #define OPENSSL_free wolfSSL_OPENSSL_free 58 #define OPENSSL_malloc wolfSSL_OPENSSL_malloc 59 60 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ 61 defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) 28 62 #define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions 29 63 #define FIPS_mode wolfSSL_FIPS_mode … … 35 69 #define CRYPTO_THREADID_set_numeric wolfSSL_THREADID_set_numeric 36 70 37 #define CRYPTO_lock wc_LockMutex 38 #define CRYPTO_r_lock wc_LockMutex 39 #define CRYPTO_unlock wc_UnLockMutex 71 #define CRYPTO_r_lock wc_LockMutex_ex 72 #define CRYPTO_unlock wc_LockMutex_ex 40 73 41 74 #define CRYPTO_THREAD_lock wc_LockMutex … … 43 76 #define CRYPTO_THREAD_unlock wc_UnLockMutex 44 77 45 #define OPENSSL_malloc(a) XMALLOC(a, NULL, DYNAMIC_TYPE_OPENSSL) 46 47 #endif /* HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 78 #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 48 79 49 80 #endif /* header */ 50 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/des.h
r337 r372 46 46 typedef /* const */ WOLFSSL_DES_cblock WOLFSSL_const_DES_cblock; 47 47 typedef WOLFSSL_DES_cblock WOLFSSL_DES_key_schedule; 48 typedef unsigned int WOLFSSL_DES_LONG; 48 49 49 50 … … 54 55 55 56 57 WOLFSSL_API int wolfSSL_DES_is_weak_key(WOLFSSL_const_DES_cblock* key); 58 WOLFSSL_API WOLFSSL_DES_LONG wolfSSL_DES_cbc_cksum(const unsigned char* in, 59 WOLFSSL_DES_cblock* out, long length, WOLFSSL_DES_key_schedule* sc, 60 WOLFSSL_const_DES_cblock* iv); 56 61 WOLFSSL_API int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes, 57 62 WOLFSSL_DES_key_schedule* key); … … 85 90 typedef WOLFSSL_const_DES_cblock const_DES_cblock; 86 91 typedef WOLFSSL_DES_key_schedule DES_key_schedule; 92 typedef WOLFSSL_DES_LONG DES_LONG; 87 93 88 94 #define DES_check_key(x) /* Define WOLFSSL_CHECK_DESKEY to check key */ 95 #define DES_is_weak_key wolfSSL_DES_is_weak_key 89 96 #define DES_set_key wolfSSL_DES_set_key 90 97 #define DES_set_key_checked wolfSSL_DES_set_key_checked … … 96 103 #define DES_ecb_encrypt wolfSSL_DES_ecb_encrypt 97 104 #define DES_ede3_cbc_encrypt wolfSSL_DES_ede3_cbc_encrypt 105 #define DES_cbc_cksum wolfSSL_DES_cbc_cksum 98 106 99 107 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/dh.h
r337 r372 1 /* dh.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* dh.h for openSSL */ 2 23 … … 44 65 #define DH_generate_key wolfSSL_DH_generate_key 45 66 #define DH_compute_key wolfSSL_DH_compute_key 67 #define get_rfc3526_prime_1536 wolfSSL_DH_1536_prime 46 68 47 69 … … 50 72 #endif 51 73 52 #if def HAVE_STUNNEL74 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) 53 75 #define DH_generate_parameters wolfSSL_DH_generate_parameters 54 76 #define DH_generate_parameters_ex wolfSSL_DH_generate_parameters_ex 55 #endif /* HAVE_STUNNEL */ 56 #endif /* header */ 77 #endif /* OPENSSL_ALL || HAVE_STUNNEL */ 78 79 #endif /* WOLFSSL_DH_H_ */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/dsa.h
r337 r372 1 /* dsa.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* dsa.h for openSSL */ 2 23 … … 34 55 35 56 WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA*); 57 58 typedef void (*WOLFSSL_BN_CB)(int i, int j, void* exArg); 59 WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_generate_parameters(int bits, 60 unsigned char* seed, int seedLen, int* counterRet, 61 unsigned long* hRet, WOLFSSL_BN_CB cb, void* CBArg); 36 62 WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits, 37 63 unsigned char* seed, int seedLen, int* counterRet, … … 51 77 52 78 #define DSA_generate_key wolfSSL_DSA_generate_key 79 #define DSA_generate_parameters wolfSSL_DSA_generate_parameters 53 80 #define DSA_generate_parameters_ex wolfSSL_DSA_generate_parameters_ex 54 81 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/ec.h
r337 r372 1 /* ec.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* ec.h for openssl */ 2 23 … … 13 34 /* Map OpenSSL NID value */ 14 35 enum { 36 POINT_CONVERSION_COMPRESSED = 2, 15 37 POINT_CONVERSION_UNCOMPRESSED = 4, 16 38 … … 81 103 }; 82 104 105 106 #define WOLFSSL_EC_KEY_LOAD_PRIVATE 1 107 #define WOLFSSL_EC_KEY_LOAD_PUBLIC 2 108 83 109 WOLFSSL_API 84 110 int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *curve, … … 92 118 const unsigned char* der, int derSz); 93 119 WOLFSSL_API 120 int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key, 121 const unsigned char* der, int derSz, int opt); 122 WOLFSSL_API 94 123 void wolfSSL_EC_KEY_free(WOLFSSL_EC_KEY *key); 95 124 WOLFSSL_API … … 131 160 WOLFSSL_API 132 161 void wolfSSL_EC_GROUP_free(WOLFSSL_EC_GROUP *group); 133 #if defined(DEBUG_WOLFSSL) && !defined(NO_FILESYSTEM)134 WOLFSSL_API135 void wolfssl_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p);136 #endif137 162 WOLFSSL_API 138 163 WOLFSSL_EC_POINT *wolfSSL_EC_POINT_new(const WOLFSSL_EC_GROUP *group); … … 160 185 const WOLFSSL_EC_POINT *a); 161 186 187 #ifndef HAVE_SELFTEST 188 WOLFSSL_API 189 char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, 190 const WOLFSSL_EC_POINT* point, int form, 191 WOLFSSL_BN_CTX* ctx); 192 #endif 193 194 #define EC_KEY_new wolfSSL_EC_KEY_new 162 195 #define EC_KEY_free wolfSSL_EC_KEY_free 163 196 #define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key … … 170 203 #define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag 171 204 #define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key 172 #define EC_KEY_new wolfSSL_EC_KEY_new 173 205 206 #define EC_GROUP_free wolfSSL_EC_GROUP_free 174 207 #define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag 175 208 #define EC_GROUP_new_by_curve_name wolfSSL_EC_GROUP_new_by_curve_name … … 178 211 #define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree 179 212 #define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order 180 #define EC_GROUP_free wolfSSL_EC_GROUP_free181 213 182 214 #define EC_POINT_new wolfSSL_EC_POINT_new 215 #define EC_POINT_free wolfSSL_EC_POINT_free 183 216 #define EC_POINT_get_affine_coordinates_GFp \ 184 217 wolfSSL_EC_POINT_get_affine_coordinates_GFp … … 186 219 #define EC_POINT_clear_free wolfSSL_EC_POINT_clear_free 187 220 #define EC_POINT_cmp wolfSSL_EC_POINT_cmp 188 #define EC_POINT_free wolfSSL_EC_POINT_free189 221 #define EC_POINT_is_at_infinity wolfSSL_EC_POINT_is_at_infinity 222 223 #ifndef HAVE_SELFTEST 224 #define EC_POINT_point2hex wolfSSL_EC_POINT_point2hex 225 #endif 226 227 #define EC_POINT_dump wolfSSL_EC_POINT_dump 190 228 191 229 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/ec25519.h
r337 r372 1 /* ec25519.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* ec25519.h */ 2 23 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/ecdh.h
r337 r372 1 /* ecdh.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* ecdh.h for openssl */ 2 23 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/ecdsa.h
r337 r372 1 /* ecdsa.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* ecdsa.h for openssl */ 2 23 … … 33 54 WOLFSSL_EC_KEY *eckey); 34 55 56 WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_d2i_ECDSA_SIG(WOLFSSL_ECDSA_SIG **sig, 57 const unsigned char **pp, 58 long len); 59 WOLFSSL_API int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig, 60 unsigned char **pp); 61 35 62 #define ECDSA_SIG_free wolfSSL_ECDSA_SIG_free 36 63 #define ECDSA_SIG_new wolfSSL_ECDSA_SIG_new 37 64 #define ECDSA_do_sign wolfSSL_ECDSA_do_sign 38 65 #define ECDSA_do_verify wolfSSL_ECDSA_do_verify 66 #define d2i_ECDSA_SIG wolfSSL_d2i_ECDSA_SIG 67 #define i2d_ECDSA_SIG wolfSSL_i2d_ECDSA_SIG 39 68 40 69 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/ed25519.h
r337 r372 1 /* ed25519.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* ed25519.h */ 2 23 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/err.h
r337 r372 1 /* err.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 22 #ifndef WOLFSSL_OPENSSL_ERR_ 23 #define WOLFSSL_OPENSSL_ERR_ 24 25 #include <wolfssl/openssl/ssl.h> 26 1 27 /* err.h for openssl */ 2 28 #define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings 3 29 #define ERR_peek_last_error wolfSSL_ERR_peek_last_error 30 31 #endif /* WOLFSSL_OPENSSL_ERR_ */ 32 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/evp.h
r337 r372 22 22 23 23 24 /* evp.h defines mini evp openssl compatibility layer 25 * 24 /*! 25 \file wolfssl/openssl/evp.h 26 \brief evp.h defines mini evp openssl compatibility layer 26 27 */ 27 28 … … 36 37 #endif 37 38 39 #ifndef NO_MD4 40 #include <wolfssl/openssl/md4.h> 41 #endif 38 42 #ifndef NO_MD5 39 43 #include <wolfssl/openssl/md5.h> … … 52 56 #include <wolfssl/wolfcrypt/idea.h> 53 57 #endif 58 #include <wolfssl/wolfcrypt/pwdbased.h> 54 59 55 60 #ifdef __cplusplus … … 57 62 #endif 58 63 64 59 65 typedef char WOLFSSL_EVP_CIPHER; 66 #ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */ 60 67 typedef char WOLFSSL_EVP_MD; 61 68 typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY; 69 #define WOLFSSL_EVP_TYPE_DEFINED 70 #endif 71 72 typedef WOLFSSL_EVP_PKEY EVP_PKEY; 73 typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO; 74 75 #ifndef NO_MD4 76 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void); 77 #endif 62 78 #ifndef NO_MD5 63 79 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void); … … 74 90 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void); 75 91 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void); 92 #if !defined(NO_AES) && defined(HAVE_AES_CBC) 76 93 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void); 77 94 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void); 95 #endif 78 96 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void); 79 97 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void); … … 89 107 90 108 typedef union { 109 #ifndef NO_MD4 110 WOLFSSL_MD4_CTX md4; 111 #endif 91 112 #ifndef NO_MD5 92 113 WOLFSSL_MD5_CTX md5; … … 108 129 } WOLFSSL_Hasher; 109 130 131 typedef struct WOLFSSL_EVP_PKEY_CTX WOLFSSL_EVP_PKEY_CTX; 110 132 111 133 typedef struct WOLFSSL_EVP_MD_CTX { … … 115 137 } hash; 116 138 unsigned char macType; 139 WOLFSSL_EVP_PKEY_CTX *pctx; 117 140 } WOLFSSL_EVP_MD_CTX; 118 141 … … 152 175 EVP_PKEY_DSA = 17, 153 176 EVP_PKEY_EC = 18, 177 #ifdef HAVE_IDEA 154 178 IDEA_CBC_TYPE = 19, 179 #endif 155 180 NID_sha1 = 64, 156 NID_md2 = 3, 181 NID_sha224 = 65, 182 NID_md2 = 77, 157 183 NID_md5 = 4, 158 184 NID_hmac = 855, … … 198 224 } WOLFSSL_EVP_CIPHER_CTX; 199 225 200 201 #ifndef WOLFSSL_EVP_PKEY_TYPE_DEFINED /* guard on redeclaration */ 202 typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY; 203 #define WOLFSSL_EVP_PKEY_TYPE_DEFINED 204 #endif 205 206 struct WOLFSSL_EVP_PKEY { 207 int type; /* openssh dereference */ 208 int save_type; /* openssh dereference */ 209 int pkey_sz; 210 union { 211 char* ptr; /* der format of key / or raw for NTRU */ 212 } pkey; 213 #ifdef HAVE_ECC 214 int pkey_curve; 215 #endif 226 struct WOLFSSL_EVP_PKEY_CTX { 227 WOLFSSL_EVP_PKEY *pkey; 228 int op; /* operation */ 229 int padding; 216 230 }; 217 231 218 232 typedef int WOLFSSL_ENGINE ; 219 233 typedef WOLFSSL_ENGINE ENGINE; 220 typedef int WOLFSSL_EVP_PKEY_CTX;221 234 typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX; 235 236 #define EVP_PKEY_OP_ENCRYPT (1 << 6) 237 #define EVP_PKEY_OP_DECRYPT (1 << 7) 222 238 223 239 WOLFSSL_API void wolfSSL_EVP_init(void); … … 229 245 WOLFSSL_API void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx); 230 246 WOLFSSL_API int wolfSSL_EVP_MD_CTX_cleanup(WOLFSSL_EVP_MD_CTX* ctx); 247 WOLFSSL_API int wolfSSL_EVP_MD_CTX_copy(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in); 248 WOLFSSL_API int wolfSSL_EVP_MD_CTX_copy_ex(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in); 249 WOLFSSL_API int wolfSSL_EVP_MD_CTX_type(const WOLFSSL_EVP_MD_CTX *ctx); 231 250 WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_MD_CTX_md(const WOLFSSL_EVP_MD_CTX *ctx); 232 251 WOLFSSL_API const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name); … … 239 258 WOLFSSL_ENGINE *impl); 240 259 WOLFSSL_API int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data, 241 unsigned longsz);260 size_t sz); 242 261 WOLFSSL_API int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md, 243 262 unsigned int* s); … … 255 274 unsigned char *sig, size_t *siglen); 256 275 257 #ifndef NO_MD5 276 WOLFSSL_API int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx, 277 WOLFSSL_EVP_PKEY_CTX **pctx, 278 const WOLFSSL_EVP_MD *type, 279 WOLFSSL_ENGINE *e, 280 WOLFSSL_EVP_PKEY *pkey); 281 WOLFSSL_API int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, 282 const void *d, size_t cnt); 283 WOLFSSL_API int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, 284 const unsigned char *sig, 285 size_t siglen); 286 287 258 288 WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER*, 259 289 const WOLFSSL_EVP_MD*, const unsigned char*, 260 290 const unsigned char*, int, int, unsigned char*, 261 291 unsigned char*); 262 #endif263 292 264 293 WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx); … … 267 296 WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX*); 268 297 WOLFSSL_API int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER*); 298 WOLFSSL_API int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c); 269 299 270 300 271 301 WOLFSSL_API int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx, 272 302 const WOLFSSL_EVP_CIPHER* type, 273 unsigned char* key, unsigned char* iv, 303 const unsigned char* key, 304 const unsigned char* iv, 274 305 int enc); 275 306 WOLFSSL_API int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx, 276 307 const WOLFSSL_EVP_CIPHER* type, 277 308 WOLFSSL_ENGINE *impl, 278 unsigned char* key, unsigned char* iv, 309 const unsigned char* key, 310 const unsigned char* iv, 279 311 int enc); 280 312 WOLFSSL_API int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx, 281 313 const WOLFSSL_EVP_CIPHER* type, 282 unsigned char* key, unsigned char* iv); 314 const unsigned char* key, 315 const unsigned char* iv); 283 316 WOLFSSL_API int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx, 284 317 const WOLFSSL_EVP_CIPHER* type, 285 318 WOLFSSL_ENGINE *impl, 286 unsigned char* key, unsigned char* iv); 319 const unsigned char* key, 320 const unsigned char* iv); 287 321 WOLFSSL_API int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx, 288 322 const WOLFSSL_EVP_CIPHER* type, 289 unsigned char* key, unsigned char* iv); 323 const unsigned char* key, 324 const unsigned char* iv); 290 325 WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx, 291 326 const WOLFSSL_EVP_CIPHER* type, 292 327 WOLFSSL_ENGINE *impl, 293 unsigned char* key, unsigned char* iv); 328 const unsigned char* key, 329 const unsigned char* iv); 294 330 WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx, 295 331 unsigned char *out, int *outl, … … 320 356 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int); 321 357 358 WOLFSSL_API int wolfSSL_EVP_PKEY_assign_RSA(WOLFSSL_EVP_PKEY* pkey, 359 WOLFSSL_RSA* key); 360 WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey, 361 WOLFSSL_EC_KEY* key); 322 362 WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*); 323 363 WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*); 324 364 WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key); 365 WOLFSSL_API int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *key); 325 366 326 367 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, ENGINE* e, … … 328 369 WOLFSSL_API const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey, 329 370 size_t* len); 371 WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey); 372 WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); 373 WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e); 374 WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding); 375 WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx, 376 unsigned char *out, size_t *outlen, 377 const unsigned char *in, size_t inlen); 378 WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx); 379 WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx, 380 unsigned char *out, size_t *outlen, 381 const unsigned char *in, size_t inlen); 382 WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx); 383 WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void); 384 WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*); 385 WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey); 386 WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type); 387 WOLFSSL_API int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey); 388 WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey); 389 WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret, 390 unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey); 391 WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type); 392 WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len); 393 WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, 394 unsigned char* sig, unsigned int sig_len, WOLFSSL_EVP_PKEY *pkey); 395 WOLFSSL_API int wolfSSL_EVP_VerifyInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type); 396 WOLFSSL_API int wolfSSL_EVP_VerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len); 397 330 398 331 399 /* these next ones don't need real OpenSSL type, for OpenSSH compat only */ … … 347 415 WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher); 348 416 WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags); 417 WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags); 349 418 WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx); 350 419 WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad); 351 420 WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest); 352 421 WOLFSSL_API int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher); 422 WOLFSSL_API void wolfSSL_EVP_cleanup(void); 423 WOLFSSL_API int wolfSSL_add_all_algorithms(void); 424 WOLFSSL_API int wolfSSL_OpenSSL_add_all_algorithms_noconf(void); 425 426 WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char * pass, int passlen, 427 const unsigned char * salt, 428 int saltlen, int iter, 429 int keylen, unsigned char *out); 353 430 354 431 #define EVP_CIPH_STREAM_CIPHER WOLFSSL_EVP_CIPH_STREAM_CIPHER … … 371 448 #define WOLFSSL_EVP_CIPH_CCM_MODE 0x7 372 449 #define WOLFSSL_EVP_CIPH_NO_PADDING 0x100 450 #define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff 373 451 374 452 /* end OpenSSH compat */ … … 379 457 typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; 380 458 459 #ifndef NO_MD4 460 #define EVP_md4 wolfSSL_EVP_md4 461 #endif 381 462 #ifndef NO_MD5 382 463 #define EVP_md5 wolfSSL_EVP_md5 383 464 #endif 384 465 #define EVP_sha1 wolfSSL_EVP_sha1 466 #define EVP_dds1 wolfSSL_EVP_sha1 385 467 #define EVP_sha224 wolfSSL_EVP_sha224 386 468 #define EVP_sha256 wolfSSL_EVP_sha256 … … 414 496 #define EVP_MD_CTX_cleanup wolfSSL_EVP_MD_CTX_cleanup 415 497 #define EVP_MD_CTX_md wolfSSL_EVP_MD_CTX_md 416 #define EVP_MD_CTX_type wolfSSL_EVP_MD_ type498 #define EVP_MD_CTX_type wolfSSL_EVP_MD_CTX_type 417 499 #define EVP_MD_type wolfSSL_EVP_MD_type 418 500 … … 425 507 #define EVP_DigestSignUpdate wolfSSL_EVP_DigestSignUpdate 426 508 #define EVP_DigestSignFinal wolfSSL_EVP_DigestSignFinal 509 #define EVP_DigestVerifyInit wolfSSL_EVP_DigestVerifyInit 510 #define EVP_DigestVerifyUpdate wolfSSL_EVP_DigestVerifyUpdate 511 #define EVP_DigestVerifyFinal wolfSSL_EVP_DigestVerifyFinal 427 512 #define EVP_BytesToKey wolfSSL_EVP_BytesToKey 428 513 … … 438 523 439 524 #define EVP_CIPHER_iv_length wolfSSL_EVP_CIPHER_iv_length 525 #define EVP_CIPHER_key_length wolfSSL_EVP_Cipher_key_length 440 526 441 527 #define EVP_CipherInit wolfSSL_EVP_CipherInit … … 465 551 #define EVP_get_digestbyname wolfSSL_EVP_get_digestbyname 466 552 553 #define EVP_PKEY_asign_RSA wolfSSL_EVP_PKEY_assign_RSA 554 #define EVP_PKEY_asign_EC_KEY wolfSSL_EVP_PKEY_assign_EC_KEY 555 #define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA 467 556 #define EVP_PKEY_get1_RSA wolfSSL_EVP_PKEY_get1_RSA 468 557 #define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA 558 #define EVP_PKEY_set1_RSA wolfSSL_EVP_PKEY_set1_RSA 469 559 #define EVP_PKEY_get1_EC_KEY wolfSSL_EVP_PKEY_get1_EC_KEY 470 560 #define EVP_PKEY_get0_hmac wolfSSL_EVP_PKEY_get0_hmac 471 561 #define EVP_PKEY_new_mac_key wolfSSL_EVP_PKEY_new_mac_key 562 #define EVP_MD_CTX_copy wolfSSL_EVP_MD_CTX_copy 563 #define EVP_MD_CTX_copy_ex wolfSSL_EVP_MD_CTX_copy_ex 564 #define EVP_PKEY_bits wolfSSL_EVP_PKEY_bits 565 #define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free 566 #define EVP_PKEY_CTX_new wolfSSL_EVP_PKEY_CTX_new 567 #define EVP_PKEY_CTX_set_rsa_padding wolfSSL_EVP_PKEY_CTX_set_rsa_padding 568 #define EVP_PKEY_decrypt wolfSSL_EVP_PKEY_decrypt 569 #define EVP_PKEY_decrypt_init wolfSSL_EVP_PKEY_decrypt_init 570 #define EVP_PKEY_encrypt wolfSSL_EVP_PKEY_encrypt 571 #define EVP_PKEY_encrypt_init wolfSSL_EVP_PKEY_encrypt_init 572 #define EVP_PKEY_new wolfSSL_PKEY_new 573 #define EVP_PKEY_free wolfSSL_EVP_PKEY_free 574 #define EVP_PKEY_size wolfSSL_EVP_PKEY_size 575 #define EVP_PKEY_type wolfSSL_EVP_PKEY_type 576 #define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id 577 #define EVP_PKEY_id wolfSSL_EVP_PKEY_id 578 #define EVP_SignFinal wolfSSL_EVP_SignFinal 579 #define EVP_SignInit wolfSSL_EVP_SignInit 580 #define EVP_SignUpdate wolfSSL_EVP_SignUpdate 581 #define EVP_VerifyFinal wolfSSL_EVP_VerifyFinal 582 #define EVP_VerifyInit wolfSSL_EVP_VerifyInit 583 #define EVP_VerifyUpdate wolfSSL_EVP_VerifyUpdate 472 584 473 585 #define EVP_CIPHER_CTX_block_size wolfSSL_EVP_CIPHER_CTX_block_size … … 475 587 #define EVP_CIPHER_flags wolfSSL_EVP_CIPHER_flags 476 588 #define EVP_CIPHER_CTX_set_flags wolfSSL_EVP_CIPHER_CTX_set_flags 589 #define EVP_CIPHER_CTX_clear_flags wolfSSL_EVP_CIPHER_CTX_clear_flags 477 590 #define EVP_CIPHER_CTX_set_padding wolfSSL_EVP_CIPHER_CTX_set_padding 478 591 #define EVP_CIPHER_CTX_flags wolfSSL_EVP_CIPHER_CTX_flags 479 592 #define EVP_add_digest wolfSSL_EVP_add_digest 480 593 #define EVP_add_cipher wolfSSL_EVP_add_cipher 594 #define EVP_cleanup wolfSSL_EVP_cleanup 595 596 #define OpenSSL_add_all_digests() wolfCrypt_Init() 597 #define OpenSSL_add_all_ciphers() wolfCrypt_Init() 598 #define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms 599 #define OpenSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf 600 #define wolfSSL_OPENSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf 601 602 #define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1 481 603 482 604 #ifndef EVP_MAX_MD_SIZE … … 489 611 #endif 490 612 613 WOLFSSL_API void printPKEY(WOLFSSL_EVP_PKEY *k); 614 491 615 #ifdef __cplusplus 492 616 } /* extern "C" */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/hmac.h
r337 r372 37 37 38 38 #include <wolfssl/openssl/evp.h> 39 #include <wolfssl/openssl/opensslv.h> 39 40 #include <wolfssl/wolfcrypt/hmac.h> 40 41 … … 53 54 Hmac hmac; 54 55 int type; 56 word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ 57 word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; 55 58 } WOLFSSL_HMAC_CTX; 56 59 57 60 58 WOLFSSL_API void wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, 61 WOLFSSL_API int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx); 62 WOLFSSL_API int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, 63 WOLFSSL_HMAC_CTX* src); 64 WOLFSSL_LOCAL int wolfSSL_HmacCopy(Hmac* des, Hmac* src); 65 WOLFSSL_API int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, 59 66 int keylen, const EVP_MD* type); 60 67 WOLFSSL_API int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, 61 int len, const EVP_MD* md, void* impl);62 WOLFSSL_API voidwolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,68 int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e); 69 WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, 63 70 const unsigned char* data, int len); 64 WOLFSSL_API voidwolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,71 WOLFSSL_API int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash, 65 72 unsigned int* len); 66 WOLFSSL_API void wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx); 67 73 WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx); 68 74 69 75 typedef struct WOLFSSL_HMAC_CTX HMAC_CTX; … … 71 77 #define HMAC(a,b,c,d,e,f,g) wolfSSL_HMAC((a),(b),(c),(d),(e),(f),(g)) 72 78 73 #define HMAC_Init wolfSSL_HMAC_Init 79 #define HMAC_CTX_init wolfSSL_HMAC_CTX_Init 80 #define HMAC_CTX_copy wolfSSL_HMAC_CTX_copy 74 81 #define HMAC_Init_ex wolfSSL_HMAC_Init_ex 82 #define HMAC_Init wolfSSL_HMAC_Init 75 83 #define HMAC_Update wolfSSL_HMAC_Update 76 84 #define HMAC_Final wolfSSL_HMAC_Final -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/md5.h
r337 r372 1 /* md5.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* md5.h for openssl */ 2 23 … … 21 42 22 43 typedef struct WOLFSSL_MD5_CTX { 23 int holder[28 + (WC_ASYNC_DEV_SIZE / sizeof(int))]; /* big enough to hold wolfcrypt md5, but check on init */44 void* holder[(112 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; /* big enough to hold wolfcrypt md5, but check on init */ 24 45 } WOLFSSL_MD5_CTX; 25 46 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/ocsp.h
r337 r372 1 /* ocsp.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* ocsp.h for libcurl */ 2 23 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/opensslv.h
r337 r372 1 /* opensslv.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* opensslv.h compatibility */ 2 23 … … 6 27 7 28 /* api version compatibility */ 8 #if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 29 #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \ 30 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 9 31 /* version number can be increased for Lighty after compatibility for ECDH 10 32 is added */ … … 18 40 19 41 #endif /* header */ 20 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/pem.h
r337 r372 1 /* pem.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* pem.h for openssl */ 23 24 /*! 25 \file wolfssl/openssl/pem.h 26 */ 2 27 3 28 … … 14 39 #endif 15 40 16 #define PEM_write_bio_PrivateKey wolfSSL_PEM_write_bio_PrivateKey17 18 41 /* RSA */ 19 42 WOLFSSL_API … … 23 46 pem_password_cb* cb, void* arg); 24 47 WOLFSSL_API 48 WOLFSSL_RSA* wolfSSL_PEM_read_bio_RSAPrivateKey(WOLFSSL_BIO* bio, 49 WOLFSSL_RSA**, 50 pem_password_cb* cb, 51 void* arg); 52 WOLFSSL_API 25 53 int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher, 26 54 unsigned char* passwd, int len, … … 28 56 #if !defined(NO_FILESYSTEM) 29 57 WOLFSSL_API 30 int wolfSSL_PEM_write_RSAPrivateKey( FILE *fp, WOLFSSL_RSA *rsa,58 int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa, 31 59 const EVP_CIPHER *enc, 32 60 unsigned char *kstr, int klen, 33 61 pem_password_cb *cb, void *u); 34 62 WOLFSSL_API 35 WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey( FILE *fp, WOLFSSL_RSA **x,63 WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(XFILE fp, WOLFSSL_RSA **x, 36 64 pem_password_cb *cb, void *u); 37 65 WOLFSSL_API 38 int wolfSSL_PEM_write_RSAPublicKey( FILE *fp, WOLFSSL_RSA *x);66 int wolfSSL_PEM_write_RSAPublicKey(XFILE fp, WOLFSSL_RSA *x); 39 67 40 68 WOLFSSL_API 41 int wolfSSL_PEM_write_RSA_PUBKEY( FILE *fp, WOLFSSL_RSA *x);69 int wolfSSL_PEM_write_RSA_PUBKEY(XFILE fp, WOLFSSL_RSA *x); 42 70 #endif /* NO_FILESYSTEM */ 43 71 … … 56 84 #if !defined(NO_FILESYSTEM) 57 85 WOLFSSL_API 58 int wolfSSL_PEM_write_DSAPrivateKey( FILE *fp, WOLFSSL_DSA *dsa,86 int wolfSSL_PEM_write_DSAPrivateKey(XFILE fp, WOLFSSL_DSA *dsa, 59 87 const EVP_CIPHER *enc, 60 88 unsigned char *kstr, int klen, 61 89 pem_password_cb *cb, void *u); 62 90 WOLFSSL_API 63 int wolfSSL_PEM_write_DSA_PUBKEY( FILE *fp, WOLFSSL_DSA *x);91 int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x); 64 92 #endif /* NO_FILESYSTEM */ 65 93 … … 77 105 #if !defined(NO_FILESYSTEM) 78 106 WOLFSSL_API 79 int wolfSSL_PEM_write_ECPrivateKey( FILE *fp, WOLFSSL_EC_KEY *key,107 int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *key, 80 108 const EVP_CIPHER *enc, 81 109 unsigned char *kstr, int klen, 82 110 pem_password_cb *cb, void *u); 83 111 WOLFSSL_API 84 int wolfSSL_PEM_write_EC_PUBKEY( FILE *fp, WOLFSSL_EC_KEY *key);112 int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY *key); 85 113 #endif /* NO_FILESYSTEM */ 86 114 … … 92 120 void* arg); 93 121 WOLFSSL_API 122 WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_bio_PUBKEY(WOLFSSL_BIO* bio, 123 WOLFSSL_EVP_PKEY **key, 124 pem_password_cb *cb, void *pass); 125 WOLFSSL_API 94 126 int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key, 95 127 const WOLFSSL_EVP_CIPHER* cipher, … … 97 129 pem_password_cb* cb, void* arg); 98 130 99 WOLFSSL_API100 int wolfSSL_EVP_PKEY_type(int type);101 131 102 132 WOLFSSL_API 103 int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey); 133 int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header, 134 unsigned char **data, long *len); 135 WOLFSSL_API 136 int wolfSSL_PEM_write_bio(WOLFSSL_BIO *bio, const char *name, 137 const char *header, const unsigned char *data, 138 long len); 139 #if !defined(NO_FILESYSTEM) 140 WOLFSSL_API 141 int wolfSSL_PEM_read(XFILE fp, char **name, char **header, unsigned char **data, 142 long *len); 143 WOLFSSL_API 144 int wolfSSL_PEM_write(XFILE fp, const char *name, const char *header, 145 const unsigned char *data, long len); 146 #endif 104 147 105 148 #if !defined(NO_FILESYSTEM) 106 149 WOLFSSL_API 107 WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY( FILE *fp, EVP_PKEY **x,150 WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x, 108 151 pem_password_cb *cb, void *u); 109 152 WOLFSSL_API 110 WOLFSSL_X509 *wolfSSL_PEM_read_X509( FILE *fp, WOLFSSL_X509 **x,153 WOLFSSL_X509 *wolfSSL_PEM_read_X509(XFILE fp, WOLFSSL_X509 **x, 111 154 pem_password_cb *cb, void *u); 112 155 WOLFSSL_API 113 WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey( FILE *fp, WOLFSSL_EVP_PKEY **x,156 WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey(XFILE fp, WOLFSSL_EVP_PKEY **x, 114 157 pem_password_cb *cb, void *u); 158 159 WOLFSSL_API 160 int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509 *x); 115 161 #endif /* NO_FILESYSTEM */ 162 163 #define PEM_read wolfSSL_PEM_read 164 #define PEM_read_bio wolfSSL_PEM_read_bio 165 #define PEM_write wolfSSL_PEM_write 166 #define PEM_write_bio wolfSSL_PEM_write_bio 116 167 117 168 #define PEM_read_X509 wolfSSL_PEM_read_X509 118 169 #define PEM_read_PrivateKey wolfSSL_PEM_read_PrivateKey 170 #define PEM_write_X509 wolfSSL_PEM_write_X509 119 171 #define PEM_write_bio_PrivateKey wolfSSL_PEM_write_bio_PrivateKey 172 #define PEM_write_bio_PKCS8PrivateKey wolfSSL_PEM_write_bio_PKCS8PrivateKey 120 173 /* RSA */ 121 174 #define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey 175 #define PEM_read_bio_RSAPrivateKey wolfSSL_PEM_read_bio_RSAPrivateKey 122 176 #define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey 123 177 #define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY … … 135 189 #define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey 136 190 #define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY 137 #define EVP_PKEY_type wolfSSL_EVP_PKEY_type191 #define PEM_read_bio_PUBKEY wolfSSL_PEM_read_bio_PUBKEY 138 192 139 193 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/rand.h
r337 r372 1 /* rand.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* rand.h for openSSL */ 2 23 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/ripemd.h
r337 r372 1 /* ripemd.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* ripemd.h for openssl */ 2 23 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/rsa.h
r337 r372 1 /* rsa.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* rsa.h for openSSL */ 2 23 … … 12 33 #endif 13 34 14 15 enum { 16 RSA_PKCS1_PADDING = 1, 17 RSA_PKCS1_OAEP_PADDING = 4 18 }; 19 20 /* rsaTypes */ 21 enum { 22 NID_sha256 = 672, 23 NID_sha384 = 673, 24 NID_sha512 = 674 25 }; 35 /* Padding types */ 36 #define RSA_PKCS1_PADDING 0 37 #define RSA_PKCS1_OAEP_PADDING 1 26 38 27 39 #ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */ … … 33 45 34 46 struct WOLFSSL_RSA { 47 #ifdef WC_RSA_BLINDING 48 WC_RNG* rng; /* for PrivateDecrypt blinding */ 49 #endif 35 50 WOLFSSL_BIGNUM* n; 36 51 WOLFSSL_BIGNUM* e; … … 41 56 WOLFSSL_BIGNUM* dmq1; /* dQ */ 42 57 WOLFSSL_BIGNUM* iqmp; /* u */ 58 void* heap; 43 59 void* internal; /* our RSA */ 44 60 char inSet; /* internal set from external ? */ 45 61 char exSet; /* external set from internal ? */ 62 char ownRng; /* flag for if the rng should be free'd */ 46 63 }; 47 64 … … 58 75 WOLFSSL_API int wolfSSL_RSA_private_decrypt(int len, const unsigned char* fr, 59 76 unsigned char* to, WOLFSSL_RSA*, int padding); 77 WOLFSSL_API int wolfSSL_RSA_private_encrypt(int len, unsigned char* in, 78 unsigned char* out, WOLFSSL_RSA* rsa, int padding); 60 79 61 80 WOLFSSL_API int wolfSSL_RSA_size(const WOLFSSL_RSA*); … … 63 82 unsigned int mLen, unsigned char* sigRet, 64 83 unsigned int* sigLen, WOLFSSL_RSA*); 84 WOLFSSL_API int wolfSSL_RSA_sign_ex(int type, const unsigned char* m, 85 unsigned int mLen, unsigned char* sigRet, 86 unsigned int* sigLen, WOLFSSL_RSA*, int); 87 WOLFSSL_API int wolfSSL_RSA_verify(int type, const unsigned char* m, 88 unsigned int mLen, const unsigned char* sig, 89 unsigned int sigLen, WOLFSSL_RSA*); 65 90 WOLFSSL_API int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from, 66 91 unsigned char* to, WOLFSSL_RSA*, int padding); 67 92 WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA*); 68 93 WOLFSSL_API int wolfSSL_RSA_LoadDer(WOLFSSL_RSA*, const unsigned char*, int sz); 94 WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int sz, int opt); 69 95 96 #define WOLFSSL_RSA_LOAD_PRIVATE 1 97 #define WOLFSSL_RSA_LOAD_PUBLIC 2 98 #define WOLFSSL_RSA_F4 0x10001L 70 99 71 100 #define RSA_new wolfSSL_RSA_new … … 77 106 #define RSA_public_encrypt wolfSSL_RSA_public_encrypt 78 107 #define RSA_private_decrypt wolfSSL_RSA_private_decrypt 108 #define RSA_private_encrypt wolfSSL_RSA_private_encrypt 79 109 80 110 #define RSA_size wolfSSL_RSA_size 81 111 #define RSA_sign wolfSSL_RSA_sign 112 #define RSA_verify wolfSSL_RSA_verify 82 113 #define RSA_public_decrypt wolfSSL_RSA_public_decrypt 83 114 115 #define RSA_F4 WOLFSSL_RSA_F4 84 116 85 117 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/sha.h
r337 r372 1 /* sha.h 2 * 3 * Copyright (C) 2006-2017 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 1 22 /* sha.h for openssl */ 2 23 … … 19 40 typedef struct WOLFSSL_SHA_CTX { 20 41 /* big enough to hold wolfcrypt Sha, but check on init */ 21 int holder[28 + (WC_ASYNC_DEV_SIZE / sizeof(int))];42 void* holder[(112 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; 22 43 } WOLFSSL_SHA_CTX; 23 44 … … 54 75 typedef struct WOLFSSL_SHA224_CTX { 55 76 /* big enough to hold wolfcrypt Sha224, but check on init */ 56 ALIGN16 int holder[34 + (WC_ASYNC_DEV_SIZE / sizeof(int))];77 ALIGN16 void* holder[(272 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; 57 78 } WOLFSSL_SHA224_CTX; 58 79 … … 81 102 typedef struct WOLFSSL_SHA256_CTX { 82 103 /* big enough to hold wolfcrypt Sha256, but check on init */ 83 ALIGN16 int holder[34 + (WC_ASYNC_DEV_SIZE / sizeof(int))];104 ALIGN16 void* holder[(272 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; 84 105 } WOLFSSL_SHA256_CTX; 85 106 … … 99 120 #define SHA256_Update wolfSSL_SHA256_Update 100 121 #define SHA256_Final wolfSSL_SHA256_Final 122 #if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) 123 /* SHA256 is only available in non-fips mode because of SHA256 enum in FIPS 124 * build. */ 125 #define SHA256 wolfSSL_SHA256 126 #endif 101 127 102 128 … … 105 131 typedef struct WOLFSSL_SHA384_CTX { 106 132 /* big enough to hold wolfCrypt Sha384, but check on init */ 107 long long holder[32 + (WC_ASYNC_DEV_SIZE / sizeof(long long))];133 void* holder[(256 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; 108 134 } WOLFSSL_SHA384_CTX; 109 135 … … 123 149 #define SHA384_Update wolfSSL_SHA384_Update 124 150 #define SHA384_Final wolfSSL_SHA384_Final 125 151 #if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) 152 /* SHA384 is only available in non-fips mode because of SHA384 enum in FIPS 153 * build. */ 154 #define SHA384 wolfSSL_SHA384 155 #endif 126 156 #endif /* WOLFSSL_SHA384 */ 127 157 … … 130 160 typedef struct WOLFSSL_SHA512_CTX { 131 161 /* big enough to hold wolfCrypt Sha384, but check on init */ 132 long long holder[36 + (WC_ASYNC_DEV_SIZE / sizeof(long long))];162 void* holder[(288 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; 133 163 } WOLFSSL_SHA512_CTX; 134 164 … … 148 178 #define SHA512_Update wolfSSL_SHA512_Update 149 179 #define SHA512_Final wolfSSL_SHA512_Final 150 180 #if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) 181 /* SHA512 is only available in non-fips mode because of SHA512 enum in FIPS 182 * build. */ 183 #define SHA512 wolfSSL_SHA512 184 #endif 151 185 #endif /* WOLFSSL_SHA512 */ 152 186 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/openssl/ssl.h
r337 r372 31 31 32 32 /* wolfssl_openssl compatibility layer */ 33 #ifndef OPENSSL_EXTRA_SSL_GUARD 34 #define OPENSSL_EXTRA_SSL_GUARD 33 35 #include <wolfssl/ssl.h> 36 #endif /* OPENSSL_EXTRA_SSL_GUARD */ 34 37 35 38 #include <wolfssl/openssl/evp.h> 39 #ifdef OPENSSL_EXTRA 40 #include <wolfssl/openssl/crypto.h> 41 #endif 42 43 #if defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) 44 #include <wolfssl/wolfcrypt/asn.h> 45 #endif 36 46 37 47 #ifdef __cplusplus … … 56 66 57 67 typedef WOLFSSL_X509 X509; 68 typedef WOLFSSL_X509 X509_REQ; 58 69 typedef WOLFSSL_X509_NAME X509_NAME; 59 70 typedef WOLFSSL_X509_CHAIN X509_CHAIN; 60 71 72 typedef WOLFSSL_STACK EXTENDED_KEY_USAGE; 73 61 74 62 75 /* redeclare guard */ 63 76 #define WOLFSSL_TYPES_DEFINED 64 77 65 66 typedef WOLFSSL_EVP_PKEY EVP_PKEY;67 78 typedef WOLFSSL_BIO BIO; 68 79 typedef WOLFSSL_BIO_METHOD BIO_METHOD; … … 87 98 #define ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME 88 99 89 typedef WOLFSSL_MD4_CTX MD4_CTX;90 100 typedef WOLFSSL_COMP_METHOD COMP_METHOD; 91 101 typedef WOLFSSL_X509_REVOKED X509_REVOKED; … … 94 104 typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX; 95 105 106 #define EVP_CIPHER_INFO EncryptedInfo 107 108 #define STACK_OF(x) WOLFSSL_STACK 109 96 110 #define CRYPTO_free XFREE 97 111 #define CRYPTO_malloc XMALLOC 112 #define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new 113 #define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup 114 #define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free 115 116 /* depreciated */ 117 #define CRYPTO_thread_id wolfSSL_thread_id 118 #define CRYPTO_set_id_callback wolfSSL_set_id_callback 119 120 #define CRYPTO_LOCK 0x01 121 #define CRYPTO_UNLOCK 0x02 122 #define CRYPTO_READ 0x04 123 #define CRYPTO_WRITE 0x08 124 125 #define CRYPTO_set_locking_callback wolfSSL_set_locking_callback 126 #define CRYPTO_set_dynlock_create_callback wolfSSL_set_dynlock_create_callback 127 #define CRYPTO_set_dynlock_lock_callback wolfSSL_set_dynlock_lock_callback 128 #define CRYPTO_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback 129 #define CRYPTO_num_locks wolfSSL_num_locks 130 #define CRYPTO_dynlock_value WOLFSSL_dynlock_value 131 132 #define CRYPTO_cleanup_all_ex_data wolfSSL_cleanup_all_ex_data 133 134 /* this function was used to set the default malloc, free, and realloc */ 135 #define CRYPTO_malloc_init() /* CRYPTO_malloc_init is not needed */ 98 136 99 137 #define SSL_get_client_random(ssl,out,outSz) \ … … 103 141 #define SSL_get_shared_ciphers(ctx,buf,len) \ 104 142 wolfSSL_get_shared_ciphers((ctx),(buf),(len)) 105 106 #define ERR_print_errors_fp(file) wolfSSL_ERR_dump_errors_fp((file))107 143 108 144 /* at the moment only returns ok */ … … 115 151 #define SSL_use_certificate wolfSSL_use_certificate 116 152 #define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1 117 153 #define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio 154 #define d2i_PKCS8PrivateKey_bio wolfSSL_d2i_PKCS8PrivateKey_bio 155 #define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free 156 #define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp 157 158 #define d2i_PUBKEY wolfSSL_d2i_PUBKEY 159 #define d2i_PUBKEY_bio wolfSSL_d2i_PUBKEY_bio 160 #define d2i_PrivateKey wolfSSL_d2i_PrivateKey 161 #define d2i_AutoPrivateKey wolfSSL_d2i_AutoPrivateKey 118 162 #define SSL_use_PrivateKey wolfSSL_use_PrivateKey 119 163 #define SSL_use_PrivateKey_ASN1 wolfSSL_use_PrivateKey_ASN1 … … 122 166 123 167 #define SSLv23_method wolfSSLv23_method 168 #define SSLv23_client_method wolfSSLv23_client_method 169 #define SSLv2_client_method wolfSSLv2_client_method 170 #define SSLv2_server_method wolfSSLv2_server_method 124 171 #define SSLv3_server_method wolfSSLv3_server_method 125 172 #define SSLv3_client_method wolfSSLv3_client_method 173 #define TLSv1_method wolfTLSv1_method 126 174 #define TLSv1_server_method wolfTLSv1_server_method 127 175 #define TLSv1_client_method wolfTLSv1_client_method 176 #define TLSv1_1_method wolfTLSv1_1_method 128 177 #define TLSv1_1_server_method wolfTLSv1_1_server_method 129 178 #define TLSv1_1_client_method wolfTLSv1_1_client_method 179 #define TLSv1_2_method wolfTLSv1_2_method 130 180 #define TLSv1_2_server_method wolfTLSv1_2_server_method 131 181 #define TLSv1_2_client_method wolfTLSv1_2_client_method 182 #define TLSv1_3_method wolfTLSv1_3_method 183 #define TLSv1_3_server_method wolfTLSv1_3_server_method 184 #define TLSv1_3_client_method wolfTLSv1_3_client_method 185 186 #define X509_FILETYPE_ASN1 SSL_FILETYPE_ASN1 132 187 133 188 #ifdef WOLFSSL_DTLS … … 185 240 #define SSL_CTX_set_cipher_list wolfSSL_CTX_set_cipher_list 186 241 #define SSL_set_cipher_list wolfSSL_set_cipher_list 187 188 #define ERR_error_string wolfSSL_ERR_error_string189 #define ERR_error_string_n wolfSSL_ERR_error_string_n190 #define ERR_reason_error_string wolfSSL_ERR_reason_error_string191 242 192 243 #define SSL_set_ex_data wolfSSL_set_ex_data … … 216 267 #define SSL_SESSION_get_master_key_length wolfSSL_SESSION_get_master_key_length 217 268 218 #define X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID 219 #define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i 220 #define X509_digest wolfSSL_X509_digest 269 #define DSA_dup_DH wolfSSL_DSA_dup_DH 270 271 #define i2d_X509_bio wolfSSL_i2d_X509_bio 272 #define d2i_X509_bio wolfSSL_d2i_X509_bio 273 #define d2i_X509_fp wolfSSL_d2i_X509_fp 274 #define i2d_X509 wolfSSL_i2d_X509 275 #define d2i_X509 wolfSSL_d2i_X509 276 #define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509 277 #define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX 278 #define PEM_read_X509 wolfSSL_PEM_read_X509 279 #define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509 280 #define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX 281 282 #define i2d_X509_REQ wolfSSL_i2d_X509_REQ 283 #define X509_REQ_new wolfSSL_X509_REQ_new 284 #define X509_REQ_free wolfSSL_X509_REQ_free 285 #define X509_REQ_sign wolfSSL_X509_REQ_sign 286 #define X509_REQ_set_subject_name wolfSSL_X509_REQ_set_subject_name 287 #define X509_REQ_set_pubkey wolfSSL_X509_REQ_set_pubkey 288 #define PEM_write_bio_X509_REQ wolfSSL_PEM_write_bio_X509_REQ 289 290 #define X509_new wolfSSL_X509_new 221 291 #define X509_free wolfSSL_X509_free 222 #define OPENSSL_free wolfSSL_OPENSSL_free 292 #define X509_load_certificate_file wolfSSL_X509_load_certificate_file 293 #define X509_digest wolfSSL_X509_digest 294 #define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i 295 #define X509_get_issuer_name wolfSSL_X509_get_issuer_name 296 #define X509_get_subject_name wolfSSL_X509_get_subject_name 297 #define X509_get_pubkey wolfSSL_X509_get_pubkey 298 #define X509_get_notBefore(cert) (ASN1_TIME*)wolfSSL_X509_notBefore((cert)) 299 #define X509_get_notAfter(cert) (ASN1_TIME*)wolfSSL_X509_notAfter((cert)) 300 #define X509_get_serialNumber wolfSSL_X509_get_serialNumber 301 #define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr 302 #define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index 303 #define X509_get_ex_data wolfSSL_X509_get_ex_data 304 #define X509_set_ex_data wolfSSL_X509_set_ex_data 305 #define X509_get1_ocsp wolfSSL_X509_get1_ocsp 306 #ifndef WOLFSSL_HAPROXY 307 #define X509_get_version wolfSSL_X509_get_version 308 #endif 309 #define X509_get_signature_nid wolfSSL_X509_get_signature_nid 310 #define X509_set_subject_name wolfSSL_X509_set_subject_name 311 #define X509_set_pubkey wolfSSL_X509_set_pubkey 312 #define X509_print wolfSSL_X509_print 313 #define X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string 314 #define X509_verify_cert wolfSSL_X509_verify_cert 315 #define X509_check_private_key wolfSSL_X509_check_private_key 316 #define X509_check_ca wolfSSL_X509_check_ca 317 #define X509_check_host wolfSSL_X509_check_host 318 #define X509_email_free wolfSSL_X509_email_free 319 #define X509_check_issued wolfSSL_X509_check_issued 320 #define X509_dup wolfSSL_X509_dup 321 322 #define sk_X509_new wolfSSL_sk_X509_new 323 #define sk_X509_num wolfSSL_sk_X509_num 324 #define sk_X509_value wolfSSL_sk_X509_value 325 #define sk_X509_push wolfSSL_sk_X509_push 326 #define sk_X509_pop wolfSSL_sk_X509_pop 327 #define sk_X509_pop_free wolfSSL_sk_X509_pop_free 328 #define sk_X509_free wolfSSL_sk_X509_free 329 330 #define i2d_X509_NAME wolfSSL_i2d_X509_NAME 331 #define X509_NAME_new wolfSSL_X509_NAME_new 332 #define X509_NAME_free wolfSSL_X509_NAME_free 333 #define X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID 334 #define X509_NAME_cmp wolfSSL_X509_NAME_cmp 335 #define X509_NAME_ENTRY_free wolfSSL_X509_NAME_ENTRY_free 336 #define X509_NAME_ENTRY_create_by_NID wolfSSL_X509_NAME_ENTRY_create_by_NID 337 #define X509_NAME_add_entry wolfSSL_X509_NAME_add_entry 338 #define X509_NAME_add_entry_by_txt wolfSSL_X509_NAME_add_entry_by_txt 339 #define X509_NAME_oneline wolfSSL_X509_NAME_oneline 340 #define X509_NAME_get_index_by_NID wolfSSL_X509_NAME_get_index_by_NID 341 #define X509_NAME_print_ex wolfSSL_X509_NAME_print_ex 342 #define X509_NAME_digest wolfSSL_X509_NAME_digest 343 #define X509_cmp_current_time wolfSSL_X509_cmp_current_time 344 345 #define sk_X509_NAME_pop_free wolfSSL_sk_X509_NAME_pop_free 346 #define sk_X509_NAME_num wolfSSL_sk_X509_NAME_num 347 #define sk_X509_NAME_value wolfSSL_sk_X509_NAME_value 348 349 typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; 350 351 #define X509_NAME_entry_count wolfSSL_X509_NAME_entry_count 352 #define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object 353 #define X509_NAME_get_entry wolfSSL_X509_NAME_get_entry 354 #define X509_NAME_ENTRY_get_data wolfSSL_X509_NAME_ENTRY_get_data 355 #define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object 356 357 #define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK 358 #define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL 359 360 #define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME 361 #define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME 362 #define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS 363 364 #define X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert 365 #define X509_STORE_CTX_set_verify_cb wolfSSL_X509_STORE_CTX_set_verify_cb 366 #define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new 367 #define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free 368 #define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain 369 #define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error 370 #define X509_STORE_CTX_get_error_depth wolfSSL_X509_STORE_CTX_get_error_depth 371 #define X509_STORE_CTX_init wolfSSL_X509_STORE_CTX_init 372 #define X509_STORE_CTX_cleanup wolfSSL_X509_STORE_CTX_cleanup 373 #define X509_STORE_CTX_set_error wolfSSL_X509_STORE_CTX_set_error 374 #define X509_STORE_CTX_get_ex_data wolfSSL_X509_STORE_CTX_get_ex_data 375 376 #define X509_STORE_new wolfSSL_X509_STORE_new 377 #define X509_STORE_free wolfSSL_X509_STORE_free 378 #define X509_STORE_add_lookup wolfSSL_X509_STORE_add_lookup 379 #define X509_STORE_add_cert wolfSSL_X509_STORE_add_cert 380 #define X509_STORE_add_crl wolfSSL_X509_STORE_add_crl 381 #define X509_STORE_set_flags wolfSSL_X509_STORE_set_flags 382 #define X509_STORE_get1_certs wolfSSL_X509_STORE_get1_certs 383 #define X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject 384 #define X509_STORE_CTX_get1_issuer wolfSSL_X509_STORE_CTX_get1_issuer 385 #define X509_STORE_CTX_set_time wolfSSL_X509_STORE_CTX_set_time 386 387 #define X509_LOOKUP_add_dir wolfSSL_X509_LOOKUP_add_dir 388 #define X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file 389 #define X509_LOOKUP_hash_dir wolfSSL_X509_LOOKUP_hash_dir 390 #define X509_LOOKUP_file wolfSSL_X509_LOOKUP_file 391 392 #define d2i_X509_CRL wolfSSL_d2i_X509_CRL 393 #define d2i_X509_CRL_fp wolfSSL_d2i_X509_CRL_fp 394 #define PEM_read_X509_CRL wolfSSL_PEM_read_X509_CRL 395 396 #define X509_CRL_free wolfSSL_X509_CRL_free 397 #define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate 398 #define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate 399 #define X509_CRL_verify wolfSSL_X509_CRL_verify 400 #define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED 401 402 #define sk_X509_REVOKED_num wolfSSL_sk_X509_REVOKED_num 403 #define sk_X509_REVOKED_value wolfSSL_sk_X509_REVOKED_value 404 405 #define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents 223 406 224 407 #define OCSP_parse_url wolfSSL_OCSP_parse_url 225 #define SSLv23_client_method wolfSSLv23_client_method226 #define SSLv2_client_method wolfSSLv2_client_method227 #define SSLv2_server_method wolfSSLv2_server_method228 408 229 409 #define MD4_Init wolfSSL_MD4_Init … … 260 440 #define BIO_set_flags wolfSSL_BIO_set_flags 261 441 262 #define OpenSSL_add_all_digests()263 #define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms264 442 #define SSLeay_add_ssl_algorithms wolfSSL_add_all_algorithms 265 443 #define SSLeay_add_all_algorithms wolfSSL_add_all_algorithms … … 271 449 #define RAND_egd wolfSSL_RAND_egd 272 450 #define RAND_seed wolfSSL_RAND_seed 451 #define RAND_cleanup wolfSSL_RAND_Cleanup 273 452 #define RAND_add wolfSSL_RAND_add 453 #define RAND_poll wolfSSL_RAND_poll 454 #define RAND_status wolfSSL_RAND_status 455 #define RAND_bytes wolfSSL_RAND_bytes 456 #define RAND_pseudo_bytes wolfSSL_RAND_pseudo_bytes 274 457 275 458 #define COMP_zlib wolfSSL_COMP_zlib … … 279 462 #define SSL_get_ex_new_index wolfSSL_get_ex_new_index 280 463 281 #define CRYPTO_set_id_callback wolfSSL_set_id_callback 282 #define CRYPTO_set_locking_callback wolfSSL_set_locking_callback 283 #define CRYPTO_set_dynlock_create_callback wolfSSL_set_dynlock_create_callback 284 #define CRYPTO_set_dynlock_lock_callback wolfSSL_set_dynlock_lock_callback 285 #define CRYPTO_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback 286 #define CRYPTO_num_locks wolfSSL_num_locks 287 288 289 #define CRYPTO_LOCK 1 290 #define CRYPTO_UNLOCK 2 291 #define CRYPTO_READ 4 292 #define CRYPTO_WRITE 8 293 294 #define X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert 295 #define X509_STORE_add_cert wolfSSL_X509_STORE_add_cert 296 #define X509_STORE_set_flags wolfSSL_X509_STORE_set_flags 297 #define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain 298 #define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error 299 #define X509_STORE_CTX_get_error_depth wolfSSL_X509_STORE_CTX_get_error_depth 300 301 #define X509_NAME_oneline wolfSSL_X509_NAME_oneline 302 #define X509_get_issuer_name wolfSSL_X509_get_issuer_name 303 #define X509_get_subject_name wolfSSL_X509_get_subject_name 304 #define X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string 305 306 #define X509_LOOKUP_add_dir wolfSSL_X509_LOOKUP_add_dir 307 #define X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file 308 #define X509_LOOKUP_hash_dir wolfSSL_X509_LOOKUP_hash_dir 309 #define X509_LOOKUP_file wolfSSL_X509_LOOKUP_file 310 311 #define X509_STORE_add_lookup wolfSSL_X509_STORE_add_lookup 312 #define X509_STORE_new wolfSSL_X509_STORE_new 313 #define X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject 314 #define X509_STORE_CTX_init wolfSSL_X509_STORE_CTX_init 315 #define X509_STORE_CTX_cleanup wolfSSL_X509_STORE_CTX_cleanup 316 317 #define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate 318 #define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate 319 320 #define X509_get_pubkey wolfSSL_X509_get_pubkey 321 #define X509_CRL_verify wolfSSL_X509_CRL_verify 322 #define X509_STORE_CTX_set_error wolfSSL_X509_STORE_CTX_set_error 323 #define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents 324 #define EVP_PKEY_new wolfSSL_PKEY_new 325 #define EVP_PKEY_free wolfSSL_EVP_PKEY_free 326 #define EVP_PKEY_type wolfSSL_EVP_PKEY_type 327 #define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id 328 #define X509_cmp_current_time wolfSSL_X509_cmp_current_time 329 #define sk_X509_REVOKED_num wolfSSL_sk_X509_REVOKED_num 330 #define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED 331 #define sk_X509_REVOKED_value wolfSSL_sk_X509_REVOKED_value 332 #define X509_get_notBefore(cert) (ASN1_TIME*)wolfSSL_X509_notBefore((cert)) 333 #define X509_get_notAfter(cert) (ASN1_TIME*)wolfSSL_X509_notAfter((cert)) 334 335 336 #define X509_get_serialNumber wolfSSL_X509_get_serialNumber 337 464 465 typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING; 466 467 #define ASN1_TIME_adj wolfSSL_ASN1_TIME_adj 338 468 #define ASN1_TIME_print wolfSSL_ASN1_TIME_print 469 #define ASN1_TIME_to_generalizedtime wolfSSL_ASN1_TIME_to_generalizedtime 339 470 #define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print 340 471 #define ASN1_GENERALIZEDTIME_free wolfSSL_ASN1_GENERALIZEDTIME_free 472 473 #define ASN1_tag2str wolfSSL_ASN1_tag2str 474 475 #define i2a_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER 476 #define i2c_ASN1_INTEGER wolfSSL_i2c_ASN1_INTEGER 477 #define ASN1_INTEGER_new wolfSSL_ASN1_INTEGER_new 478 #define ASN1_INTEGER_free wolfSSL_ASN1_INTEGER_free 341 479 #define ASN1_INTEGER_cmp wolfSSL_ASN1_INTEGER_cmp 342 480 #define ASN1_INTEGER_get wolfSSL_ASN1_INTEGER_get 343 481 #define ASN1_INTEGER_to_BN wolfSSL_ASN1_INTEGER_to_BN 482 483 #define ASN1_STRING_data wolfSSL_ASN1_STRING_data 484 #define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data 485 #define ASN1_STRING_length wolfSSL_ASN1_STRING_length 344 486 #define ASN1_STRING_to_UTF8 wolfSSL_ASN1_STRING_to_UTF8 487 #define ASN1_STRING_print_ex wolfSSL_ASN1_STRING_print_ex 488 489 #define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr 490 491 #define ASN1_IA5STRING WOLFSSL_ASN1_STRING 492 493 #define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING 345 494 346 495 #define SSL_load_client_CA_file wolfSSL_load_client_CA_file … … 350 499 #define SSL_CTX_set_cert_store wolfSSL_CTX_set_cert_store 351 500 #define SSL_CTX_get_cert_store wolfSSL_CTX_get_cert_store 352 #define X509_STORE_CTX_get_ex_data wolfSSL_X509_STORE_CTX_get_ex_data353 501 #define SSL_get_ex_data_X509_STORE_CTX_idx wolfSSL_get_ex_data_X509_STORE_CTX_idx 354 502 #define SSL_get_ex_data wolfSSL_get_ex_data … … 357 505 #define SSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb 358 506 359 #define SSL_CTX_set_timeout(ctx, to) wolfSSL_CTX_set_timeout(ctx, (unsigned int) to) 507 #define SSL_CTX_set_timeout(ctx, to) \ 508 wolfSSL_CTX_set_timeout(ctx, (unsigned int) to) 360 509 #define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback 361 362 #define ERR_peek_error wolfSSL_ERR_peek_error 363 #define ERR_peek_last_error_line wolfSSL_ERR_peek_last_error_line 364 #define ERR_peek_errors_fp wolfSSL_ERR_peek_errors_fp 365 #define ERR_GET_REASON wolfSSL_ERR_GET_REASON 510 #define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos 366 511 367 512 #define SSL_alert_type_string wolfSSL_alert_type_string … … 391 536 392 537 #define SSL_DEFAULT_CIPHER_LIST WOLFSSL_DEFAULT_CIPHER_LIST 393 #define RSA_F4 WOLFSSL_RSA_F4394 538 395 539 #define SSL_CTX_set_psk_client_callback wolfSSL_CTX_set_psk_client_callback … … 405 549 #define SSL_set_psk_server_callback wolfSSL_set_psk_server_callback 406 550 407 #define ERR_get_error_line_data wolfSSL_ERR_get_error_line_data 408 551 /* system file ints for ERR_put_error */ 552 #define SYS_F_ACCEPT WOLFSSL_SYS_ACCEPT 553 #define SYS_F_BIND WOLFSSL_SYS_BIND 554 #define SYS_F_CONNECT WOLFSSL_SYS_CONNECT 555 #define SYS_F_FOPEN WOLFSSL_SYS_FOPEN 556 #define SYS_F_FREAD WOLFSSL_SYS_FREAD 557 #define SYS_F_GETADDRINFO WOLFSSL_SYS_GETADDRINFO 558 #define SYS_F_GETSOCKOPT WOLFSSL_SYS_GETSOCKOPT 559 #define SYS_F_GETSOCKNAME WOLFSSL_SYS_GETSOCKNAME 560 #define SYS_F_OPENDIR WOLFSSL_SYS_OPENDIR 561 #define SYS_F_SETSOCKOPT WOLFSSL_SYS_SETSOCKOPT 562 #define SYS_F_SOCKET WOLFSSL_SYS_SOCKET 563 #define SYS_F_GETHOSTBYNAME WOLFSSL_SYS_GETHOSTBYNAME 564 #define SYS_F_GETNAMEINFO WOLFSSL_SYS_GETNAMEINFO 565 #define SYS_F_GETSERVBYNAME WOLFSSL_SYS_GETSERVBYNAME 566 #define SYS_F_IOCTLSOCKET WOLFSSL_SYS_IOCTLSOCKET 567 #define SYS_F_LISTEN WOLFSSL_SYS_LISTEN 568 569 #define ERR_GET_REASON wolfSSL_ERR_GET_REASON 570 571 #define ERR_put_error wolfSSL_ERR_put_error 572 #define ERR_peek_error wolfSSL_ERR_peek_error 573 #define ERR_peek_errors_fp wolfSSL_ERR_peek_errors_fp 574 #define ERR_peek_error_line_data wolfSSL_ERR_peek_error_line_data 575 #define ERR_peek_last_error wolfSSL_ERR_peek_last_error 576 #define ERR_peek_last_error_line wolfSSL_ERR_peek_last_error_line 577 #define ERR_get_error_line wolfSSL_ERR_get_error_line 578 #define ERR_get_error_line_data wolfSSL_ERR_get_error_line_data 409 579 #define ERR_get_error wolfSSL_ERR_get_error 580 #define ERR_print_errors_fp(file) wolfSSL_ERR_dump_errors_fp((file)) 410 581 #define ERR_clear_error wolfSSL_ERR_clear_error 411 412 #define RAND_status wolfSSL_RAND_status 413 #define RAND_bytes wolfSSL_RAND_bytes 582 #define ERR_free_strings wolfSSL_ERR_free_strings 583 #define ERR_remove_state wolfSSL_ERR_remove_state 584 #define ERR_remove_thread_state wolfSSL_ERR_remove_thread_state 585 #define ERR_error_string wolfSSL_ERR_error_string 586 #define ERR_error_string_n wolfSSL_ERR_error_string_n 587 #define ERR_reason_error_string wolfSSL_ERR_reason_error_string 588 #define ERR_load_BIO_strings wolfSSL_ERR_load_BIO_strings 589 414 590 #define SSLv23_server_method wolfSSLv23_server_method 415 591 #define SSL_CTX_set_options wolfSSL_CTX_set_options 416 #define SSL_CTX_check_private_key wolfSSL_CTX_check_private_key 417 418 #define ERR_free_strings wolfSSL_ERR_free_strings 419 #define ERR_remove_state wolfSSL_ERR_remove_state 420 #define EVP_cleanup wolfSSL_EVP_cleanup 421 422 #define CRYPTO_cleanup_all_ex_data wolfSSL_cleanup_all_ex_data 592 #define SSL_CTX_get_options wolfSSL_CTX_get_options 593 #define SSL_CTX_clear_options wolfSSL_CTX_clear_options 594 595 #define SSL_CTX_check_private_key wolfSSL_CTX_check_private_key 596 #define SSL_check_private_key wolfSSL_check_private_key 597 423 598 #define SSL_CTX_set_mode wolfSSL_CTX_set_mode 424 599 #define SSL_CTX_get_mode wolfSSL_CTX_get_mode … … 430 605 #define SSL_CTX_set_session_id_context wolfSSL_CTX_set_session_id_context 431 606 #define SSL_get_peer_certificate wolfSSL_get_peer_certificate 607 #define SSL_get_peer_cert_chain wolfSSL_get_peer_cert_chain 432 608 433 609 #define SSL_want_read wolfSSL_want_read … … 435 611 436 612 #define BIO_prf wolfSSL_BIO_prf 437 #define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr438 613 439 614 #define sk_num wolfSSL_sk_num 440 615 #define sk_value wolfSSL_sk_value 441 #define sk_X509_pop wolfSSL_sk_X509_pop 442 #define sk_X509_free wolfSSL_sk_X509_free 443 #define d2i_X509_bio wolfSSL_d2i_X509_bio 616 617 #define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio 618 #define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp 619 620 #define d2i_RSAPublicKey wolfSSL_d2i_RSAPublicKey 621 #define d2i_RSAPrivateKey wolfSSL_d2i_RSAPrivateKey 622 #define i2d_RSAPrivateKey wolfSSL_i2d_RSAPrivateKey 623 #define i2d_RSAPublicKey wolfSSL_i2d_RSAPublicKey 444 624 445 625 #define SSL_CTX_get_ex_data wolfSSL_CTX_get_ex_data … … 455 635 #define SSL_SESSION_get_time wolfSSL_SESSION_get_time 456 636 #define SSL_CTX_get_ex_new_index wolfSSL_CTX_get_ex_new_index 457 #define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509 458 #define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX 637 #define PEM_read wolfSSL_PEM_read 638 #define PEM_write wolfSSL_PEM_write 639 #define PEM_get_EVP_CIPHER_INFO wolfSSL_PEM_get_EVP_CIPHER_INFO 640 #define PEM_do_header wolfSSL_PEM_do_header 459 641 460 642 /*#if OPENSSL_API_COMPAT < 0x10100000L*/ … … 467 649 #define SSL_set_tmp_rsa(ssl,rsa) 1 468 650 /*#endif*/ 651 469 652 #define CONF_modules_unload(a) 470 653 … … 474 657 #define SSL_get_default_timeout(ctx) 500 475 658 476 /* Lighthttp compatibility */477 478 #if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \479 defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \480 defined(HAVE_POCO_LIB) || defined(WOLFSSL_HAPROXY)481 typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;482 483 #define X509_NAME_free wolfSSL_X509_NAME_free484 659 #define SSL_CTX_use_certificate wolfSSL_CTX_use_certificate 485 660 #define SSL_CTX_use_PrivateKey wolfSSL_CTX_use_PrivateKey 486 661 #define BIO_read_filename wolfSSL_BIO_read_filename 487 662 #define BIO_s_file wolfSSL_BIO_s_file 488 #define OBJ_nid2sn wolfSSL_OBJ_nid2sn489 #define OBJ_obj2nid wolfSSL_OBJ_obj2nid490 #define OBJ_sn2nid wolfSSL_OBJ_sn2nid491 663 #define SSL_CTX_set_verify_depth wolfSSL_CTX_set_verify_depth 492 664 #define SSL_set_verify_depth wolfSSL_set_verify_depth 493 665 #define SSL_get_app_data wolfSSL_get_app_data 494 666 #define SSL_set_app_data wolfSSL_set_app_data 495 #define X509_NAME_entry_count wolfSSL_X509_NAME_entry_count496 #define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object497 #define X509_NAME_get_entry wolfSSL_X509_NAME_get_entry498 #define ASN1_STRING_data wolfSSL_ASN1_STRING_data499 #define ASN1_STRING_length wolfSSL_ASN1_STRING_length500 #define X509_NAME_get_index_by_NID wolfSSL_X509_NAME_get_index_by_NID501 #define X509_NAME_ENTRY_get_data wolfSSL_X509_NAME_ENTRY_get_data502 #define sk_X509_NAME_pop_free wolfSSL_sk_X509_NAME_pop_free503 667 #define SHA1 wolfSSL_SHA1 504 #define X509_check_private_key wolfSSL_X509_check_private_key 668 505 669 #define SSL_dup_CA_list wolfSSL_dup_CA_list 506 670 507 #define NID_commonName 0x03 /* matchs ASN_COMMON_NAME in asn.h */ 508 509 #define OBJ_nid2ln wolfSSL_OBJ_nid2ln 510 #define OBJ_txt2nid wolfSSL_OBJ_txt2nid 671 enum { 672 GEN_DNS = 0x02, /* ASN_DNS_TYPE */ 673 GEN_EMAIL = 0x01, /* ASN_RFC822_TYPE */ 674 GEN_URI = 0x06 /* ASN_URI_TYPE */ 675 }; 676 511 677 #define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams 512 678 #define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams 513 #define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509 514 515 516 #ifdef WOLFSSL_HAPROXY 679 680 #if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) 517 681 #define SSL_get_rbio wolfSSL_SSL_get_rbio 518 682 #define SSL_get_wbio wolfSSL_SSL_get_wbio … … 520 684 #define SSL_get_ciphers(x) wolfSSL_get_ciphers_compat(x) 521 685 #define SSL_SESSION_get_id wolfSSL_SESSION_get_id 522 #define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data523 #define SSL_get_cipher_bits(s,np)wolfSSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)686 #define SSL_get_cipher_bits(s,np) \ 687 wolfSSL_CIPHER_get_bits(SSL_get_current_cipher(s),np) 524 688 #define sk_SSL_CIPHER_num wolfSSL_sk_SSL_CIPHER_num 525 689 #define sk_SSL_COMP_zero wolfSSL_sk_SSL_COMP_zero 526 690 #define sk_SSL_CIPHER_value wolfSSL_sk_SSL_CIPHER_value 527 #endif /* WOLFSSL_HAPROXY */ 528 #endif /* HAVE_STUNNEL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */ 691 #endif /* OPENSSL_ALL || WOLFSSL_HAPROXY */ 692 693 #if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) 694 #include <wolfssl/openssl/pem.h> 695 696 typedef STACK_OF(WOLFSSL_ASN1_OBJECT) GENERAL_NAMES; 697 #define SSL_CTRL_CHAIN 88 698 #define BIO_CTRL_WPENDING 13 699 #define GEN_IPADD 7 700 #define ERR_LIB_SSL 20 701 #define SSL_R_SHORT_READ 10 702 #define ERR_R_PEM_LIB 9 703 #define V_ASN1_IA5STRING 22 704 #define SSL_CTRL_MODE 33 705 706 #define SSL_CTX_clear_chain_certs(ctx) SSL_CTX_set0_chain(ctx,NULL) 707 #define d2i_RSAPrivateKey_bio wolfSSL_d2i_RSAPrivateKey_bio 708 #define SSL_CTX_use_RSAPrivateKey wolfSSL_CTX_use_RSAPrivateKey 709 #define d2i_PrivateKey_bio wolfSSL_d2i_PrivateKey_bio 710 #define BIO_new_bio_pair wolfSSL_BIO_new_bio_pair 711 #define SSL_get_verify_callback wolfSSL_get_verify_callback 712 #define GENERAL_NAMES_free(GENERAL_NAMES)NULL 713 714 #define SSL_set_mode(ssl,op) wolfSSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL) 715 716 #define SSL_CTX_use_certificate_ASN1 wolfSSL_CTX_use_certificate_ASN1 717 #define SSL_CTX_set0_chain(ctx,sk) \ 718 wolfSSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)(sk)) 719 #define SSL_CTX_get_app_data(ctx) wolfSSL_CTX_get_ex_data(ctx,0) 720 #define SSL_CTX_set_app_data(ctx,arg) wolfSSL_CTX_set_ex_data(ctx,0, \ 721 (char *)(arg)) 722 #endif /* OPENSSL_ALL || WOLFSSL_ASIO */ 529 723 530 724 #define SSL_CTX_set_tmp_dh wolfSSL_CTX_set_tmp_dh … … 533 727 #define BIO_ctrl wolfSSL_BIO_ctrl 534 728 #define BIO_ctrl_pending wolfSSL_BIO_ctrl_pending 729 #define BIO_wpending wolfSSL_BIO_wpending 535 730 #define BIO_get_mem_ptr wolfSSL_BIO_get_mem_ptr 536 731 #define BIO_int_ctrl wolfSSL_BIO_int_ctrl … … 551 746 #define BIO_set_mem_eof_return wolfSSL_BIO_set_mem_eof_return 552 747 748 #define TLSEXT_STATUSTYPE_ocsp 1 749 553 750 #define SSL_set_options wolfSSL_set_options 554 751 #define SSL_get_options wolfSSL_get_options 752 #define SSL_clear_options wolfSSL_clear_options 555 753 #define SSL_set_tmp_dh wolfSSL_set_tmp_dh 556 754 #define SSL_clear_num_renegotiations wolfSSL_clear_num_renegotiations … … 561 759 #define SSL_get_tlsext_status_ids wolfSSL_get_tlsext_status_ids 562 760 #define SSL_set_tlsext_status_ids wolfSSL_set_tlsext_status_ids 563 #define SSL_get_tlsext_status_ocsp_resp wolfSSL_get_tlsext_status_ocsp_resp 761 #define SSL_get_tlsext_status_ocsp_res wolfSSL_get_tlsext_status_ocsp_resp 762 #define SSL_set_tlsext_status_ocsp_res wolfSSL_set_tlsext_status_ocsp_resp 564 763 #define SSL_set_tlsext_status_ocsp_resp wolfSSL_set_tlsext_status_ocsp_resp 764 #define SSL_get_tlsext_status_ocsp_resp wolfSSL_get_tlsext_status_ocsp_resp 565 765 566 766 #define SSL_CTX_add_extra_chain_cert wolfSSL_CTX_add_extra_chain_cert … … 615 815 #define SSL_CTX_ctrl wolfSSL_CTX_ctrl 616 816 617 #define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK 618 #define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL 619 620 #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) 817 #define SSL3_RANDOM_SIZE 32 /* same as RAN_LEN in internal.h */ 818 #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \ 819 || defined(OPENSSL_ALL) 621 820 #include <wolfssl/openssl/asn1.h> 622 821 … … 628 827 #define SSL3_ST_SR_CLNT_HELLO_A (0x110|0x2000) 629 828 #define ASN1_STRFLGS_ESC_MSB 4 630 #define X509_V_ERR_CERT_REJECTED 28631 829 632 830 #define SSL_MAX_MASTER_KEY_LENGTH WOLFSSL_MAX_MASTER_KEY_LENGTH … … 635 833 #define SSL_alert_type_string_long wolfSSL_alert_type_string_long 636 834 #define SSL_CIPHER_get_bits wolfSSL_CIPHER_get_bits 637 #define sk_X509_NAME_num wolfSSL_sk_X509_NAME_num 638 #define sk_X509_num wolfSSL_sk_X509_num 639 #define X509_NAME_print_ex wolfSSL_X509_NAME_print_ex 640 #define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr 835 #define sk_GENERAL_NAME_num wolfSSL_sk_GENERAL_NAME_num 641 836 #define SSL_CTX_get_options wolfSSL_CTX_get_options 642 837 643 838 #define SSL_CTX_flush_sessions wolfSSL_flush_sessions 644 839 #define SSL_CTX_add_session wolfSSL_CTX_add_session 645 #define SSL_get_SSL_CTX wolfSSL_get_SSL_CTX646 840 #define SSL_version wolfSSL_version 647 841 #define SSL_get_state wolfSSL_get_state 648 842 #define SSL_state_string_long wolfSSL_state_string_long 649 #define SSL_get_peer_cert_chain wolfSSL_get_peer_cert_chain 650 #define sk_X509_NAME_value wolfSSL_sk_X509_NAME_value 651 #define sk_X509_value wolfSSL_sk_X509_value 843 844 #define sk_GENERAL_NAME_value wolfSSL_sk_GENERAL_NAME_value 652 845 #define SSL_SESSION_get_ex_data wolfSSL_SESSION_get_ex_data 653 846 #define SSL_SESSION_set_ex_data wolfSSL_SESSION_set_ex_data 654 847 #define SSL_SESSION_get_ex_new_index wolfSSL_SESSION_get_ex_new_index 655 848 #define SSL_SESSION_get_id wolfSSL_SESSION_get_id 656 #define CRYPTO_dynlock_value WOLFSSL_dynlock_value 657 typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING; 658 #define X509_STORE_get1_certs wolfSSL_X509_STORE_get1_certs 659 #define sk_X509_pop_free wolfSSL_sk_X509_pop_free 660 849 #define sk_GENERAL_NAME_pop_free wolfSSL_sk_GENERAL_NAME_pop_free 850 #define GENERAL_NAME_free NULL 851 852 #define SSL3_AL_FATAL 2 661 853 #define SSL_TLSEXT_ERR_OK 0 662 854 #define SSL_TLSEXT_ERR_ALERT_FATAL alert_fatal … … 673 865 #define PSK_MAX_PSK_LEN 256 674 866 #define PSK_MAX_IDENTITY_LEN 128 675 #define ERR_remove_thread_state WOLFSSL_ERR_remove_thread_state676 867 #define SSL_CTX_clear_options wolfSSL_CTX_clear_options 677 868 … … 680 871 #define SSL_CTX_get_default_passwd_cb wolfSSL_CTX_get_default_passwd_cb 681 872 #define SSL_CTX_get_default_passwd_cb_userdata wolfSSL_CTX_get_default_passwd_cb_userdata 682 683 /* certificate extension NIDs */684 #define NID_basic_constraints 133685 #define NID_key_usage 129 /* 2.5.29.15 */686 #define NID_ext_key_usage 151 /* 2.5.29.37 */687 #define NID_subject_key_identifier 128688 #define NID_authority_key_identifier 149689 #define NID_private_key_usage_period 130 /* 2.5.29.16 */690 #define NID_subject_alt_name 131691 #define NID_issuer_alt_name 132692 #define NID_info_access 69693 #define NID_sinfo_access 79 /* id-pe 11 */694 #define NID_name_constraints 144 /* 2.5.29.30 */695 #define NID_certificate_policies 146696 #define NID_policy_mappings 147697 #define NID_policy_constraints 150698 #define NID_inhibit_any_policy 168 /* 2.5.29.54 */699 #define NID_tlsfeature 92 /* id-pe 24 */700 701 873 702 874 #define SSL_CTX_set_msg_callback wolfSSL_CTX_set_msg_callback … … 705 877 #define SSL_set_msg_callback_arg wolfSSL_set_msg_callback_arg 706 878 707 /* certificate extension NIDs */ 708 #define NID_basic_constraints 133 709 #define NID_key_usage 129 /* 2.5.29.15 */ 710 #define NID_ext_key_usage 151 /* 2.5.29.37 */ 711 #define NID_subject_key_identifier 128 712 #define NID_authority_key_identifier 149 713 #define NID_private_key_usage_period 130 /* 2.5.29.16 */ 714 #define NID_subject_alt_name 131 715 #define NID_issuer_alt_name 132 716 #define NID_info_access 69 717 #define NID_sinfo_access 79 /* id-pe 11 */ 718 #define NID_name_constraints 144 /* 2.5.29.30 */ 719 #define NID_certificate_policies 146 720 #define NID_policy_mappings 147 721 #define NID_policy_constraints 150 722 #define NID_inhibit_any_policy 168 /* 2.5.29.54 */ 723 #define NID_tlsfeature 92 /* id-pe 24 */ 724 879 880 /* Nginx uses this to determine if reached end of certs in file. 881 * PEM_read_bio_X509 is called and the return error is lost. 882 * The error that needs to be detected is: SSL_NO_PEM_HEADER. 883 */ 884 #define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL) 885 #define PEM_R_NO_START_LINE 108 886 #define ERR_LIB_PEM 9 887 #define ERR_LIB_X509 10 725 888 726 889 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ 727 defined(WOLFSSL_MYSQL_COMPATIBLE) 890 defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_ALL) || \ 891 defined(HAVE_LIGHTY) 728 892 729 893 #include <wolfssl/error-ssl.h> … … 754 918 #define SSL_R_WRONG_VERSION_NUMBER VERSION_ERROR 755 919 #define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC ENCRYPT_ERROR 756 757 /* Nginx uses this to determine if reached end of certs in file. 758 * PEM_read_bio_X509 is called and the return error is lost. 759 * The error that needs to be detected is: SSL_NO_PEM_HEADER. 760 */ 761 #define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL) 762 #define PEM_R_NO_START_LINE 108 763 #define ERR_LIB_PEM 9 920 #define SSL_R_HTTPS_PROXY_REQUEST PARSE_ERROR 921 #define SSL_R_HTTP_REQUEST PARSE_ERROR 922 #define SSL_R_UNSUPPORTED_PROTOCOL VERSION_ERROR 923 764 924 765 925 #ifdef HAVE_SESSION_TICKET … … 769 929 770 930 #define OPENSSL_config wolfSSL_OPENSSL_config 771 #define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index 772 #define X509_get_ex_data wolfSSL_X509_get_ex_data 773 #define X509_set_ex_data wolfSSL_X509_set_ex_data 774 #define X509_NAME_digest wolfSSL_X509_NAME_digest 931 #define OPENSSL_memdup wolfSSL_OPENSSL_memdup 775 932 #define SSL_CTX_get_timeout wolfSSL_SSL_CTX_get_timeout 776 933 #define SSL_CTX_set_tmp_ecdh wolfSSL_SSL_CTX_set_tmp_ecdh … … 781 938 #define SSL_in_init wolfSSL_SSL_in_init 782 939 #define SSL_get0_session wolfSSL_SSL_get0_session 783 #define X509_check_host wolfSSL_X509_check_host784 #define i2a_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER785 #define ERR_peek_error_line_data wolfSSL_ERR_peek_error_line_data786 940 #define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb 787 #define X509_email_free wolfSSL_X509_email_free788 #define X509_get1_ocsp wolfSSL_X509_get1_ocsp789 941 #define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb 790 #define X509_check_issued wolfSSL_X509_check_issued791 #define X509_dup wolfSSL_X509_dup792 #define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new793 #define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free794 942 #define SSL_CTX_get_extra_chain_certs wolfSSL_CTX_get_extra_chain_certs 795 #define X509_STORE_CTX_get1_issuer wolfSSL_X509_STORE_CTX_get1_issuer796 943 #define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value 797 944 #define SSL_get0_alpn_selected wolfSSL_get0_alpn_selected … … 804 951 #define SSL_CTX_set1_curves_list wolfSSL_CTX_set1_curves_list 805 952 806 #endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 953 #endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || WOLFSSL_MYSQL_COMPATIBLE || 954 OPENSSL_ALL || HAVE_LIGHTY */ 955 956 #ifdef OPENSSL_EXTRA 957 #define SSL_CTX_add_client_CA wolfSSL_CTX_add_client_CA 958 #define SSL_CTX_set_srp_password wolfSSL_CTX_set_srp_password 959 #define SSL_CTX_set_srp_username wolfSSL_CTX_set_srp_username 960 #define SSL_get_SSL_CTX wolfSSL_get_SSL_CTX 961 962 #define ERR_NUM_ERRORS 16 963 #define EVP_PKEY_RSA 6 964 #define EVP_PKEY_RSA2 19 965 #define SN_pkcs9_emailAddress "Email" 966 #define LN_pkcs9_emailAddress "emailAddress" 967 #define NID_pkcs9_emailAddress 48 968 #define OBJ_pkcs9_emailAddress 1L,2L,840L,113539L,1L,9L,1L 969 970 #define SSL_get_rbio wolfSSL_SSL_get_rbio 971 #define SSL_get_wbio wolfSSL_SSL_get_wbio 972 #define SSL_do_handshake wolfSSL_SSL_do_handshake 973 #endif /* OPENSSL_EXTRA */ 807 974 808 975 #ifdef __cplusplus … … 810 977 #endif 811 978 812 813 979 #endif /* wolfSSL_openssl_h__ */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/ssl.h
r337 r372 19 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 20 */ 21 22 21 /*! 22 \file ../wolfssl/ssl.h 23 \brief Header file containing key wolfSSL API 24 */ 23 25 24 26 /* wolfSSL API */ … … 31 33 #include <wolfssl/wolfcrypt/settings.h> 32 34 #include <wolfssl/version.h> 35 #include <wolfssl/wolfcrypt/logging.h> 36 #include <wolfssl/wolfcrypt/asn_public.h> 33 37 34 38 #ifdef HAVE_WOLF_EVENT … … 84 88 #endif 85 89 86 #elif defined(OPENSSL_EXTRA)90 #elif (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 87 91 #include <wolfssl/openssl/bn.h> 88 92 #include <wolfssl/openssl/hmac.h> … … 118 122 typedef struct WOLFSSL_X509_NAME_ENTRY WOLFSSL_X509_NAME_ENTRY; 119 123 typedef struct WOLFSSL_X509_CHAIN WOLFSSL_X509_CHAIN; 124 typedef struct WC_PKCS12 WOLFSSL_X509_PKCS12; 120 125 121 126 typedef struct WOLFSSL_CERT_MANAGER WOLFSSL_CERT_MANAGER; 122 127 typedef struct WOLFSSL_SOCKADDR WOLFSSL_SOCKADDR; 123 128 typedef struct WOLFSSL_CRL WOLFSSL_CRL; 129 130 typedef void *WOLFSSL_X509_STORE_CTX_verify_cb; /* verify callback */ 124 131 125 132 /* redeclare guard */ … … 159 166 typedef struct WOLFSSL_X509_LOOKUP WOLFSSL_X509_LOOKUP; 160 167 typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD; 161 typedef struct WOLFSSL_ X509_CRLWOLFSSL_X509_CRL;168 typedef struct WOLFSSL_CRL WOLFSSL_X509_CRL; 162 169 typedef struct WOLFSSL_X509_STORE WOLFSSL_X509_STORE; 170 typedef struct WOLFSSL_X509_VERIFY_PARAM WOLFSSL_X509_VERIFY_PARAM; 163 171 typedef struct WOLFSSL_BIO WOLFSSL_BIO; 164 172 typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD; … … 172 180 typedef struct WOLFSSL_DH WOLFSSL_DH; 173 181 typedef struct WOLFSSL_ASN1_BIT_STRING WOLFSSL_ASN1_BIT_STRING; 174 typedef unsigned char* WOLFSSL_BUF_MEM;175 182 176 183 #define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME 177 184 #define WOLFSSL_ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME 178 185 186 #define WOLFSSL_ASN1_INTEGER_MAX 20 179 187 struct WOLFSSL_ASN1_INTEGER { 180 188 /* size can be increased set at 20 for tag, length then to hold at least 16 181 189 * byte type */ 182 unsigned char data[20];190 unsigned char intData[WOLFSSL_ASN1_INTEGER_MAX]; 183 191 /* ASN_INTEGER | LENGTH | hex of number */ 192 unsigned char negative; /* negative number flag */ 193 194 unsigned char* data; 195 unsigned int dataMax; /* max size of data buffer */ 196 unsigned int isDynamic:1; /* flag for if data pointer dynamic (1 is yes 0 is no) */ 184 197 }; 185 198 … … 190 203 }; 191 204 192 #ifndef WOLFSSL_EVP_PKEY_TYPE_DEFINED /* guard on redeclaration */ 205 struct WOLFSSL_ASN1_STRING { 206 int length; 207 int type; /* type of string i.e. CTC_UTF8 */ 208 char* data; 209 long flags; 210 }; 211 212 #define WOLFSSL_MAX_SNAME 40 213 struct WOLFSSL_ASN1_OBJECT { 214 void* heap; 215 const unsigned char* obj; 216 /* sName is short name i.e sha256 rather than oid (null terminated) */ 217 char sName[WOLFSSL_MAX_SNAME]; 218 int type; /* oid */ 219 int grp; /* type of OID, i.e. oidCertPolicyType */ 220 int nid; 221 unsigned int objSz; 222 unsigned char dynamic; /* if 1 then obj was dynamiclly created, 0 otherwise */ 223 #define WOLFSSL_ASN1_DYNAMIC 0x1 224 #define WOLFSSL_ASN1_DYNAMIC_DATA 0x2 225 struct d { /* derefrenced */ 226 WOLFSSL_ASN1_STRING ia5_internal; 227 WOLFSSL_ASN1_STRING* ia5; /* points to ia5_internal */ 228 WOLFSSL_ASN1_STRING* dNSName; 229 WOLFSSL_ASN1_STRING* iPAddress; 230 } d; 231 }; 232 233 struct WOLFSSL_EVP_PKEY { 234 void* heap; 235 int type; /* openssh dereference */ 236 int save_type; /* openssh dereference */ 237 int pkey_sz; 238 union { 239 char* ptr; /* der format of key / or raw for NTRU */ 240 } pkey; 241 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 242 #ifndef NO_RSA 243 WOLFSSL_RSA* rsa; 244 byte ownRsa; /* if struct owns RSA and should free it */ 245 #endif 246 #ifdef HAVE_ECC 247 WOLFSSL_EC_KEY* ecc; 248 byte ownEcc; /* if struct owns ECC and should free it */ 249 #endif 250 WC_RNG rng; 251 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 252 #ifdef HAVE_ECC 253 int pkey_curve; 254 #endif 255 }; 256 typedef struct WOLFSSL_EVP_PKEY WOLFSSL_PKCS8_PRIV_KEY_INFO; 257 258 #ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */ 193 259 typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY; 194 #define WOLFSSL_EVP_PKEY_TYPE_DEFINED 195 #endif 196 197 typedef struct WOLFSSL_MD4_CTX { 198 int buffer[32]; /* big enough to hold, check size in Init */ 199 } WOLFSSL_MD4_CTX; 200 260 typedef char WOLFSSL_EVP_MD; 261 #define WOLFSSL_EVP_TYPE_DEFINED 262 #endif 263 264 #define WOLFSSL_EVP_PKEY_DEFAULT EVP_PKEY_RSA /* default key type */ 265 266 267 enum BIO_TYPE { 268 WOLFSSL_BIO_BUFFER = 1, 269 WOLFSSL_BIO_SOCKET = 2, 270 WOLFSSL_BIO_SSL = 3, 271 WOLFSSL_BIO_MEMORY = 4, 272 WOLFSSL_BIO_BIO = 5, 273 WOLFSSL_BIO_FILE = 6, 274 WOLFSSL_BIO_BASE64 = 7 275 }; 276 277 enum BIO_FLAGS { 278 WOLFSSL_BIO_FLAG_BASE64_NO_NL = 0x01, 279 WOLFSSL_BIO_FLAG_READ = 0x02, 280 WOLFSSL_BIO_FLAG_WRITE = 0x04, 281 WOLFSSL_BIO_FLAG_IO_SPECIAL = 0x08, 282 WOLFSSL_BIO_FLAG_RETRY = 0x10 283 }; 284 285 typedef struct WOLFSSL_BUF_MEM { 286 char* data; /* dereferenced */ 287 size_t length; /* current length */ 288 size_t max; /* maximum length */ 289 } WOLFSSL_BUF_MEM; 201 290 202 291 typedef struct WOLFSSL_COMP_METHOD { … … 219 308 int isDynamic; 220 309 #endif 221 }; 310 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) 311 WOLFSSL_X509_CRL *crl; 312 #endif 313 }; 314 315 #ifdef OPENSSL_EXTRA 316 #define WOLFSSL_USE_CHECK_TIME 0x2 317 #define WOLFSSL_NO_CHECK_TIME 0x200000 318 #define WOLFSSL_NO_WILDCARDS 0x4 319 struct WOLFSSL_X509_VERIFY_PARAM { 320 time_t check_time; 321 unsigned long flags; 322 }; 323 #endif 222 324 223 325 typedef struct WOLFSSL_ALERT { … … 251 353 typedef struct WOLFSSL_X509_STORE_CTX { 252 354 WOLFSSL_X509_STORE* store; /* Store full of a CA cert chain */ 253 WOLFSSL_X509* current_cert; /* stunnel dereference */ 355 WOLFSSL_X509* current_cert; /* current X509 (OPENSSL_EXTRA) */ 356 #ifdef WOLFSSL_ASIO 357 WOLFSSL_X509* current_issuer; /* asio dereference */ 358 #endif 359 WOLFSSL_X509_CHAIN* sesChain; /* pointer to WOLFSSL_SESSION peer chain */ 254 360 WOLFSSL_STACK* chain; 361 #ifdef OPENSSL_EXTRA 362 WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */ 363 #endif 255 364 char* domain; /* subject CN domain name */ 256 365 void* ex_data; /* external data, for fortress build */ 257 366 void* userCtx; /* user ctx */ 258 367 int error; /* current error */ 259 int error_depth; /* cert depth for this error */368 int error_depth; /* index of cert depth for this error */ 260 369 int discardSessionCerts; /* so verify callback can flag for discard */ 261 370 int totalCerts; /* number of peer cert buffers */ 262 371 WOLFSSL_BUFFER_INFO* certs; /* peer certs */ 372 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb; /* verify callback */ 263 373 } WOLFSSL_X509_STORE_CTX; 264 374 265 375 typedef char* WOLFSSL_STRING; 266 376 267 /* Valid Alert types from page 16/17 */ 377 /* Valid Alert types from page 16/17 378 * Add alert string to the function wolfSSL_alert_type_string_long in src/ssl.c 379 */ 268 380 enum AlertDescription { 269 381 close_notify = 0, … … 289 401 #endif 290 402 no_renegotiation = 100, 403 unsupported_extension = 110, /**< RFC 5246, section 7.2.2 */ 291 404 unrecognized_name = 112, /**< RFC 6066, section 3 */ 292 405 bad_certificate_status_response = 113, /**< RFC 6066, section 8 */ 406 unknown_psk_identity = 115, /**< RFC 4279, section 2 */ 293 407 no_application_protocol = 120 294 408 }; … … 302 416 /* Maximum master key length (SECRET_LEN) */ 303 417 #define WOLFSSL_MAX_MASTER_KEY_LENGTH 48 418 /* Maximum number of groups that can be set */ 419 #define WOLFSSL_MAX_GROUP_COUNT 10 304 420 305 421 typedef WOLFSSL_METHOD* (*wolfSSL_method_func)(void* heap); 422 423 /* CTX Method EX Constructor Functions */ 306 424 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method_ex(void* heap); 307 425 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method_ex(void* heap); 426 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_method_ex(void* heap); 308 427 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method_ex(void* heap); 309 428 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method_ex(void* heap); 429 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_method_ex(void* heap); 310 430 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method_ex(void* heap); 311 431 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method_ex(void* heap); 432 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_method_ex(void* heap); 312 433 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method_ex(void* heap); 313 434 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method_ex(void* heap); 314 435 #ifdef WOLFSSL_TLS13 436 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_method_ex(void* heap); 315 437 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_server_method_ex(void* heap); 316 438 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_client_method_ex(void* heap); 317 439 #endif 440 441 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_method_ex(void* heap); 318 442 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method_ex(void* heap); 319 443 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_client_method_ex(void* heap); 320 444 321 445 #ifdef WOLFSSL_DTLS 446 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_method_ex(void* heap); 447 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_client_method_ex(void* heap); 448 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_server_method_ex(void* heap); 449 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_method_ex(void* heap); 322 450 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method_ex(void* heap); 323 451 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method_ex(void* heap); 452 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_method_ex(void* heap); 324 453 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method_ex(void* heap); 325 454 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method_ex(void* heap); 326 455 #endif 456 457 /* CTX Method Constructor Functions */ 327 458 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_method(void); 328 459 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method(void); 329 460 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method(void); 461 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_method(void); 330 462 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method(void); 331 463 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method(void); 464 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_method(void); 332 465 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void); 333 466 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method(void); 467 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_method(void); 334 468 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void); 335 469 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void); … … 340 474 341 475 #ifdef WOLFSSL_DTLS 476 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_method(void); 477 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_server_method(void); 478 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_client_method(void); 479 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_method(void); 342 480 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method(void); 343 481 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method(void); 482 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_method(void); 344 483 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method(void); 345 484 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void); … … 352 491 #ifdef WOLFSSL_SESSION_EXPORT 353 492 #ifdef WOLFSSL_DTLS 493 494 #ifndef WOLFSSL_DTLS_EXPORT_TYPES 354 495 typedef int (*wc_dtls_export)(WOLFSSL* ssl, 355 496 unsigned char* exportBuffer, unsigned int sz, void* userCtx); 497 #define WOLFSSL_DTLS_EXPORT_TYPES 498 #endif /* WOLFSSL_DTLS_EXPORT_TYPES */ 499 356 500 WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf, 357 501 unsigned int sz); … … 384 528 WOLFSSL_API int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX*, const char*, int); 385 529 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, const char*, int); 530 531 #define WOLFSSL_LOAD_FLAG_NONE 0x00000000 532 #define WOLFSSL_LOAD_FLAG_IGNORE_ERR 0x00000001 533 #define WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY 0x00000002 534 #define WOLFSSL_LOAD_FLAG_PEM_CA_ONLY 0x00000004 535 WOLFSSL_API int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX*, const char*, 536 const char*, unsigned int); 386 537 WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*, 387 538 const char*); … … 391 542 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *, 392 543 const char *file); 544 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX *, 545 const char *file, int format); 393 546 WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int); 394 547 395 548 WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl); 396 549 WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx); 550 WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); 397 551 WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, int); 398 552 WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*, int); 399 553 WOLFSSL_API int wolfSSL_use_certificate_chain_file(WOLFSSL*, const char *file); 554 WOLFSSL_API int wolfSSL_use_certificate_chain_file_format(WOLFSSL*, 555 const char *file, int format); 400 556 WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int); 401 557 … … 410 566 #endif 411 567 412 #ifndef WOLFSSL_PEMCERT_TODER_DEFINED413 WOLFSSL_API int wolfSSL_PemCertToDer(const char*, unsigned char*, int);414 #define WOLFSSL_PEMCERT_TODER_DEFINED415 #endif416 417 568 #endif /* !NO_FILESYSTEM && !NO_CERTS */ 418 569 419 570 WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*); 420 571 WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); 572 WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl); 421 573 WOLFSSL_API int wolfSSL_is_server(WOLFSSL*); 422 574 WOLFSSL_API WOLFSSL* wolfSSL_write_dup(WOLFSSL*); … … 428 580 WOLFSSL_API int wolfSSL_get_ciphers(char*, int); 429 581 WOLFSSL_API const char* wolfSSL_get_cipher_name(WOLFSSL* ssl); 582 WOLFSSL_API const char* wolfSSL_get_cipher_name_from_suite(const unsigned char, 583 const unsigned char); 430 584 WOLFSSL_API const char* wolfSSL_get_shared_ciphers(WOLFSSL* ssl, char* buf, 431 585 int len); 432 586 WOLFSSL_API const char* wolfSSL_get_curve_name(WOLFSSL* ssl); 433 587 WOLFSSL_API int wolfSSL_get_fd(const WOLFSSL*); 434 WOLFSSL_API void wolfSSL_set_using_nonblock(WOLFSSL*, int);435 WOLFSSL_API int wolfSSL_get_using_nonblock(WOLFSSL*);436 588 /* please see note at top of README if you get an error from connect */ 437 589 WOLFSSL_API int wolfSSL_connect(WOLFSSL*); … … 452 604 WOLFSSL_API int wolfSSL_request_certificate(WOLFSSL* ssl); 453 605 606 WOLFSSL_API int wolfSSL_preferred_group(WOLFSSL* ssl); 607 WOLFSSL_API int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups, 608 int count); 609 WOLFSSL_API int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count); 610 454 611 WOLFSSL_API int wolfSSL_connect_TLSv13(WOLFSSL*); 455 612 WOLFSSL_API int wolfSSL_accept_TLSv13(WOLFSSL*); … … 475 632 WOLFSSL_API int wolfSSL_get_alert_history(WOLFSSL*, WOLFSSL_ALERT_HISTORY *); 476 633 477 WOLFSSL_API int wolfSSL_set_session(WOLFSSL* ssl,WOLFSSL_SESSION* session); 478 WOLFSSL_API long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* session, long t); 479 WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl); 480 WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX *ctx, long tm); 481 WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL* ssl, const unsigned char*, 482 int, int); 634 WOLFSSL_API int wolfSSL_set_session(WOLFSSL*, WOLFSSL_SESSION*); 635 WOLFSSL_API long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION*, long); 636 WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL*); 637 WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX*, long); 638 WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL*, const unsigned char*, int, int); 639 640 #if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) 641 WOLFSSL_API int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO**, size_t, 642 WOLFSSL_BIO**, size_t); 643 644 WOLFSSL_API WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO*, WOLFSSL_RSA**); 645 WOLFSSL_API int wolfSSL_CTX_use_certificate_ASN1(WOLFSSL_CTX*, 646 int, const unsigned char*); 647 WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX*, WOLFSSL_RSA*); 648 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO*, WOLFSSL_EVP_PKEY**); 649 #endif /* OPENSSL_ALL || WOLFSSL_ASIO */ 483 650 484 651 #ifdef SESSION_INDEX … … 493 660 494 661 typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*); 495 typedef int (pem_password_cb)(char*, int, int, void*); 662 #ifdef OPENSSL_EXTRA 663 typedef void (CallbackInfoState)(const WOLFSSL*, int, int); 664 665 typedef struct WOLFSSL_CRYPTO_EX_DATA { 666 WOLFSSL_STACK* data; 667 } WOLFSSL_CRYPTO_EX_DATA; 668 669 typedef int (WOLFSSL_CRYPTO_EX_new)(void* p, void* ptr, 670 WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); 671 typedef int (WOLFSSL_CRYPTO_EX_dup)(WOLFSSL_CRYPTO_EX_DATA* out, 672 WOLFSSL_CRYPTO_EX_DATA* in, void* inPtr, int idx, long argV, void* arg); 673 typedef void (WOLFSSL_CRYPTO_EX_free)(void* p, void* ptr, 674 WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); 675 676 WOLFSSL_API int wolfSSL_get_ex_new_index(long argValue, void* arg, 677 WOLFSSL_CRYPTO_EX_new* a, WOLFSSL_CRYPTO_EX_dup* b, 678 WOLFSSL_CRYPTO_EX_free* c); 679 #endif 496 680 497 681 WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int, … … 531 715 532 716 /* Nonblocking DTLS helper functions */ 717 WOLFSSL_API void wolfSSL_dtls_set_using_nonblock(WOLFSSL*, int); 718 WOLFSSL_API int wolfSSL_dtls_get_using_nonblock(WOLFSSL*); 719 #define wolfSSL_set_using_nonblock wolfSSL_dtls_set_using_nonblock 720 #define wolfSSL_get_using_nonblock wolfSSL_dtls_get_using_nonblock 721 /* The old names are deprecated. */ 533 722 WOLFSSL_API int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl); 534 723 WOLFSSL_API int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int); … … 585 774 WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_pop(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk); 586 775 WOLFSSL_API void wolfSSL_sk_X509_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk); 776 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_sk_GENERAL_NAME_value( 777 WOLFSSL_STACK* sk, int i); 778 WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_num(WOLFSSL_STACK* sk); 779 WOLFSSL_API void wolfSSL_sk_GENERAL_NAME_pop_free(WOLFSSL_STACK* sk, 780 void f (WOLFSSL_ASN1_OBJECT*)); 587 781 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void); 588 782 WOLFSSL_API void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj); … … 617 811 /* what's ref count */ 618 812 619 WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*); 620 WOLFSSL_API void wolfSSL_OPENSSL_free(void*); 813 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_new(void); 621 814 622 815 WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, … … 627 820 WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); 628 821 629 WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX*);630 WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX*, const void*, unsigned long);631 WOLFSSL_API void wolfSSL_MD4_Final(unsigned char*, WOLFSSL_MD4_CTX*);632 633 634 822 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); 635 823 WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*); 636 824 WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*); 825 WOLFSSL_API int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz); 826 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_next(WOLFSSL_BIO* bio); 827 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_find_type(WOLFSSL_BIO* bio, int type); 637 828 WOLFSSL_API int wolfSSL_BIO_read(WOLFSSL_BIO*, void*, int); 638 829 WOLFSSL_API int wolfSSL_BIO_write(WOLFSSL_BIO*, const void*, int); … … 659 850 WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag); 660 851 WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr); 661 WOLFSSL_API int wolfSSL_add_all_algorithms(void);662 852 663 853 #ifndef NO_FILESYSTEM … … 690 880 WOLFSSL_API int wolfSSL_RAND_egd(const char*); 691 881 WOLFSSL_API int wolfSSL_RAND_seed(const void*, int); 882 WOLFSSL_API void wolfSSL_RAND_Cleanup(void); 692 883 WOLFSSL_API void wolfSSL_RAND_add(const void*, int, double); 884 WOLFSSL_API int wolfSSL_RAND_poll(void); 693 885 694 886 WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void); … … 696 888 WOLFSSL_API int wolfSSL_COMP_add_compression_method(int, void*); 697 889 698 WOLFSSL_API int wolfSSL_get_ex_new_index(long, void*, void*, void*, void*); 699 890 WOLFSSL_API unsigned long wolfSSL_thread_id(void); 700 891 WOLFSSL_API void wolfSSL_set_id_callback(unsigned long (*f)(void)); 701 892 WOLFSSL_API void wolfSSL_set_locking_callback(void (*f)(int, int, const char*, … … 714 905 WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error_depth(WOLFSSL_X509_STORE_CTX*); 715 906 907 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_verify_cb(WOLFSSL_X509_STORE_CTX *ctx, 908 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb); 909 WOLFSSL_API int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* n, 910 unsigned char** out); 911 WOLFSSL_API int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); 716 912 WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, char*, int); 717 913 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*); … … 727 923 WOLFSSL_API unsigned char* wolfSSL_X509_get_subjectKeyID( 728 924 WOLFSSL_X509*, unsigned char*, int*); 925 926 WOLFSSL_API int wolfSSL_X509_set_subject_name(WOLFSSL_X509*, 927 WOLFSSL_X509_NAME*); 928 WOLFSSL_API int wolfSSL_X509_set_pubkey(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*); 929 729 930 WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*); 730 931 WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID( … … 733 934 WOLFSSL_X509_NAME*, int, int); 734 935 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY*); 735 WOLFSSL_API char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); 936 937 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void); 938 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type); 939 WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); 940 WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, 941 const void* data, int dataSz); 942 WOLFSSL_API unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); 736 943 WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); 737 944 WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*); … … 770 977 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509*); 771 978 WOLFSSL_API int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKEY*); 772 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX*,773 int);774 979 WOLFSSL_API void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT*); 980 WOLFSSL_API WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_d2i_PKCS8_PKEY_bio( 981 WOLFSSL_BIO* bio, WOLFSSL_PKCS8_PRIV_KEY_INFO** pkey); 982 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio, 983 WOLFSSL_EVP_PKEY** out); 984 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** key, 985 unsigned char** in, long inSz); 775 986 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, 776 987 WOLFSSL_EVP_PKEY** out, const unsigned char **in, long inSz); 988 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** key, 989 unsigned char** in, long inSz); 990 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new_ex(void* heap); 777 991 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new(void); 778 WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);779 992 WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*); 780 993 WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*); 781 994 #ifdef OPENSSL_EXTRA 995 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX*, 996 unsigned long flags, 997 time_t t); 998 #endif 782 999 WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*); 783 1000 WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value( 784 1001 WOLFSSL_X509_REVOKED*,int); 785 1002 WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509*); 1003 WOLFSSL_API void wolfSSL_ASN1_INTEGER_free(WOLFSSL_ASN1_INTEGER*); 1004 WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_new(void); 786 1005 787 1006 WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO*, const WOLFSSL_ASN1_TIME*); 788 1007 1008 WOLFSSL_API char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, 1009 char* buf, int len); 789 1010 WOLFSSL_API int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER*, 790 1011 const WOLFSSL_ASN1_INTEGER*); … … 794 1015 WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai, 795 1016 WOLFSSL_BIGNUM *bn); 1017 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME*, time_t, 1018 int, long); 1019 #endif 1020 796 1021 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*); 797 #endif798 799 1022 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list( 800 1023 const WOLFSSL_CTX *s); … … 803 1026 WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX*, int); 804 1027 WOLFSSL_API int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void); 1028 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error( 1029 WOLFSSL_X509_STORE_CTX* ctx, int er); 805 1030 WOLFSSL_API void* wolfSSL_get_ex_data(const WOLFSSL*, int); 806 1031 … … 809 1034 WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb(WOLFSSL_CTX*, 810 1035 pem_password_cb*); 811 1036 WOLFSSL_API pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX *ctx); 1037 WOLFSSL_API void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx); 812 1038 813 1039 WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX*, … … 817 1043 WOLFSSL_API int wolfSSL_GET_REASON(int); 818 1044 819 WOLFSSL_API c har* wolfSSL_alert_type_string_long(int);820 WOLFSSL_API c har* wolfSSL_alert_desc_string_long(int);821 WOLFSSL_API c har* wolfSSL_state_string_long(const WOLFSSL*);1045 WOLFSSL_API const char* wolfSSL_alert_type_string_long(int); 1046 WOLFSSL_API const char* wolfSSL_alert_desc_string_long(int); 1047 WOLFSSL_API const char* wolfSSL_state_string_long(const WOLFSSL*); 822 1048 823 1049 WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long, 824 1050 void(*)(int, int, void*), void*); 1051 WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r, 1052 const unsigned char **pp, long len); 1053 WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPrivateKey(WOLFSSL_RSA**, 1054 const unsigned char**, long); 1055 WOLFSSL_API int wolfSSL_i2d_RSAPublicKey(WOLFSSL_RSA *r, const unsigned char **pp); 1056 WOLFSSL_API int wolfSSL_i2d_RSAPrivateKey(WOLFSSL_RSA *r, unsigned char **pp); 825 1057 WOLFSSL_API void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX*, 826 1058 WOLFSSL_RSA*(*)(WOLFSSL*, int, int)); … … 851 1083 WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg( 852 1084 WOLFSSL_CTX*, void* arg); 853 854 WOLFSSL_API unsigned long wolfSSL_set_options(WOLFSSL *s, unsigned long op); 855 WOLFSSL_API unsigned long wolfSSL_get_options(const WOLFSSL *s); 1085 WOLFSSL_API int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX*, WOLFSSL_X509*); 1086 WOLFSSL_API int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX*, char*); 1087 WOLFSSL_API int wolfSSL_CTX_set_srp_username(WOLFSSL_CTX*, char*); 1088 1089 WOLFSSL_API long wolfSSL_set_options(WOLFSSL *s, long op); 1090 WOLFSSL_API long wolfSSL_get_options(const WOLFSSL *s); 1091 WOLFSSL_API long wolfSSL_clear_options(WOLFSSL *s, long op); 856 1092 WOLFSSL_API long wolfSSL_clear_num_renegotiations(WOLFSSL *s); 857 1093 WOLFSSL_API long wolfSSL_total_renegotiations(WOLFSSL *s); … … 870 1106 871 1107 #define WOLFSSL_DEFAULT_CIPHER_LIST "" /* default all */ 872 #define WOLFSSL_RSA_F4 0x10001L873 1108 874 1109 enum { … … 881 1116 }; 882 1117 883 #if def OPENSSL_EXTRA1118 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 884 1119 /* seperated out from other enums because of size */ 885 1120 enum { … … 946 1181 SSL_ST_CONNECT = 0x1000, 947 1182 SSL_ST_ACCEPT = 0x2000, 1183 SSL_ST_MASK = 0x0FFF, 948 1184 949 1185 SSL_CB_LOOP = 0x01, … … 960 1196 SSL_CB_CONNECT_LOOP = (SSL_ST_CONNECT | SSL_CB_LOOP), 961 1197 SSL_CB_CONNECT_EXIT = (SSL_ST_CONNECT | SSL_CB_EXIT), 1198 SSL_CB_MODE_READ = 1, 1199 SSL_CB_MODE_WRITE = 2, 962 1200 963 1201 SSL_MODE_ENABLE_PARTIAL_WRITE = 2, … … 966 1204 BIO_CLOSE = 1, 967 1205 BIO_NOCLOSE = 0, 968 969 NID_undef = 0,970 1206 971 1207 X509_FILETYPE_PEM = 8, … … 1020 1256 X509_V_ERR_UNNESTED_RESOURCE, 1021 1257 1258 X509_R_CERT_ALREADY_IN_HASH_TABLE, 1259 1022 1260 XN_FLAG_SPC_EQ = (1 << 23), 1023 1261 XN_FLAG_ONELINE = 0, … … 1037 1275 since not using thread storage error queue */ 1038 1276 #include <stdio.h> 1039 WOLFSSL_API void wolfSSL_ERR_print_errors_fp( FILE*, int err);1277 WOLFSSL_API void wolfSSL_ERR_print_errors_fp(XFILE, int err); 1040 1278 #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) 1041 WOLFSSL_API void wolfSSL_ERR_dump_errors_fp( FILE*fp);1279 WOLFSSL_API void wolfSSL_ERR_dump_errors_fp(XFILE fp); 1042 1280 #endif 1043 1281 #endif … … 1167 1405 WOLFSSL_API void wolfSSL_set_psk_client_callback(WOLFSSL*, 1168 1406 wc_psk_client_callback); 1407 #ifdef WOLFSSL_TLS13 1408 typedef unsigned int (*wc_psk_client_tls13_callback)(WOLFSSL*, const char*, 1409 char*, unsigned int, unsigned char*, unsigned int, const char**); 1410 WOLFSSL_API void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX*, 1411 wc_psk_client_tls13_callback); 1412 WOLFSSL_API void wolfSSL_set_psk_client_tls13_callback(WOLFSSL*, 1413 wc_psk_client_tls13_callback); 1414 #endif 1169 1415 1170 1416 WOLFSSL_API const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*); … … 1180 1426 WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL*, 1181 1427 wc_psk_server_callback); 1428 #ifdef WOLFSSL_TLS13 1429 typedef unsigned int (*wc_psk_server_tls13_callback)(WOLFSSL*, const char*, 1430 unsigned char*, unsigned int, const char**); 1431 WOLFSSL_API void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX*, 1432 wc_psk_server_tls13_callback); 1433 WOLFSSL_API void wolfSSL_set_psk_server_tls13_callback(WOLFSSL*, 1434 wc_psk_server_tls13_callback); 1435 #endif 1182 1436 1183 1437 #define PSK_TYPES_DEFINED … … 1202 1456 WOLFSSL_BIO_SIZE = 17000 /* default BIO write size if not set */ 1203 1457 }; 1204 1205 #endif 1206 1458 #endif 1459 1460 WOLFSSL_API void wolfSSL_ERR_put_error(int lib, int fun, int err, 1461 const char* file, int line); 1462 WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line(const char**, int*); 1207 1463 WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line_data(const char**, int*, 1208 1464 const char**, int *); … … 1213 1469 1214 1470 WOLFSSL_API int wolfSSL_RAND_status(void); 1471 WOLFSSL_API int wolfSSL_RAND_pseudo_bytes(unsigned char* buf, int num); 1215 1472 WOLFSSL_API int wolfSSL_RAND_bytes(unsigned char* buf, int num); 1216 1473 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method(void); 1217 1474 WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long); 1475 WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx); 1476 WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long); 1477 1218 1478 #ifndef NO_CERTS 1219 WOLFSSL_API int wolfSSL_CTX_check_private_key( WOLFSSL_CTX*);1479 WOLFSSL_API int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX*); 1220 1480 #endif /* !NO_CERTS */ 1221 1481 1222 1482 WOLFSSL_API void wolfSSL_ERR_free_strings(void); 1223 1483 WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long); 1224 WOLFSSL_API void wolfSSL_EVP_cleanup(void);1225 1484 WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl); 1226 1485 WOLFSSL_API int wolfSSL_state(WOLFSSL* ssl); … … 1237 1496 const unsigned char*, unsigned int); 1238 1497 WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl); 1498 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*); 1239 1499 1240 1500 WOLFSSL_API int wolfSSL_want_read(WOLFSSL*); … … 1246 1506 WOLFSSL_API int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO*, 1247 1507 const WOLFSSL_ASN1_GENERALIZEDTIME*); 1248 WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_X509_REVOKED*); 1249 WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_X509_REVOKED*, int); 1508 WOLFSSL_API void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_GENERALIZEDTIME*); 1509 WOLFSSL_API int wolfSSL_sk_num(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)*); 1510 WOLFSSL_API void* wolfSSL_sk_value(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)*, int); 1250 1511 1251 1512 /* stunnel 4.28 needs */ … … 1286 1547 WOLFSSL_API unsigned int wolfSSL_lib_version_hex(void); 1287 1548 1288 /* turn logging on, only if compiled in */1289 WOLFSSL_API int wolfSSL_Debugging_ON(void);1290 /* turn logging off */1291 WOLFSSL_API void wolfSSL_Debugging_OFF(void);1292 1293 1549 /* do accept or connect depedning on side */ 1294 1550 WOLFSSL_API int wolfSSL_negotiate(WOLFSSL* ssl); … … 1315 1571 WOLFSSL_API WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN*, int idx); 1316 1572 /* free X509 */ 1317 WOLFSSL_API void wolfSSL_FreeX509(WOLFSSL_X509*); 1573 #define wolfSSL_FreeX509(x509) wolfSSL_X509_free((x509)) 1574 WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*); 1318 1575 /* get index cert in PEM */ 1319 1576 WOLFSSL_API int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN*, int idx, … … 1331 1588 WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*); 1332 1589 1590 WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509, 1591 const unsigned char** in, int len); 1333 1592 WOLFSSL_API WOLFSSL_X509* 1334 1593 wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len); 1594 WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out); 1595 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl, 1596 const unsigned char *in, int len); 1597 #ifndef NO_FILESYSTEM 1598 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE file, WOLFSSL_X509_CRL **crl); 1599 #endif 1600 WOLFSSL_API void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl); 1601 1335 1602 #ifndef NO_FILESYSTEM 1336 1603 #ifndef NO_STDIO_FILESYSTEM 1337 1604 WOLFSSL_API WOLFSSL_X509* 1338 wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, FILE*file);1605 wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file); 1339 1606 #endif 1340 1607 WOLFSSL_API WOLFSSL_X509* … … 1362 1629 WOLFSSL_API WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, 1363 1630 WC_PKCS12** pkcs12); 1631 #ifndef NO_FILESYSTEM 1632 WOLFSSL_API WOLFSSL_X509_PKCS12* wolfSSL_d2i_PKCS12_fp(XFILE fp, 1633 WOLFSSL_X509_PKCS12** pkcs12); 1634 #endif 1364 1635 WOLFSSL_API int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, 1365 WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, WOLF_STACK_OF(WOLFSSL_X509)** ca); 1636 WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, 1637 WOLF_STACK_OF(WOLFSSL_X509)** ca); 1638 WOLFSSL_API WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name, 1639 WOLFSSL_EVP_PKEY* pkey, WOLFSSL_X509* cert, 1640 WOLF_STACK_OF(WOLFSSL_X509)* ca, 1641 int keyNID, int certNID, int itt, int macItt, int keytype); 1366 1642 WOLFSSL_API void wolfSSL_PKCS12_PBE_add(void); 1367 1643 … … 1374 1650 WOLFSSL_API int wolfSSL_SetTmpDH_buffer(WOLFSSL*, const unsigned char* b, long sz, 1375 1651 int format); 1652 WOLFSSL_API int wolfSSL_SetEnableDhKeyTest(WOLFSSL*, int); 1376 1653 #ifndef NO_FILESYSTEM 1377 1654 WOLFSSL_API int wolfSSL_SetTmpDH_file(WOLFSSL*, const char* f, int format); … … 1391 1668 WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, unsigned short); 1392 1669 WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, unsigned short); 1670 WOLFSSL_API int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX*, unsigned short); 1671 WOLFSSL_API int wolfSSL_SetMaxDhKey_Sz(WOLFSSL*, unsigned short); 1393 1672 WOLFSSL_API int wolfSSL_GetDhKey_Sz(WOLFSSL*); 1394 1673 #endif /* NO_DH */ … … 1426 1705 #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM) && \ 1427 1706 !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_ROWLEY_ARM) && \ 1428 !defined(WOLFSSL_EMBOS) && !defined(WOLFSSL_FROSTED) 1707 !defined(WOLFSSL_EMBOS) && !defined(WOLFSSL_FROSTED) && \ 1708 !defined(WOLFSSL_CHIBIOS) && !defined(WOLFSSL_CONTIKI) 1429 1709 #include <sys/uio.h> 1430 1710 #endif … … 1445 1725 #endif 1446 1726 WOLFSSL_API int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX*, 1727 const unsigned char*, long, int); 1728 WOLFSSL_API int wolfSSL_CTX_load_verify_chain_buffer_format(WOLFSSL_CTX*, 1447 1729 const unsigned char*, long, int); 1448 1730 WOLFSSL_API int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX*, … … 1458 1740 WOLFSSL_API int wolfSSL_use_certificate_buffer(WOLFSSL*, const unsigned char*, 1459 1741 long, int); 1742 WOLFSSL_API int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der, 1743 int derSz); 1460 1744 WOLFSSL_API int wolfSSL_use_PrivateKey_buffer(WOLFSSL*, const unsigned char*, 1461 1745 long, int); … … 1514 1798 WOLFSSL_TLSV1_1 = 2, 1515 1799 WOLFSSL_TLSV1_2 = 3, 1800 WOLFSSL_TLSV1_3 = 4, 1516 1801 WOLFSSL_USER_CA = 1, /* user added as trusted */ 1517 1802 WOLFSSL_CHAIN_CA = 2 /* added to cache from trusted chain */ … … 1527 1812 WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int); 1528 1813 WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*); 1814 WOLFSSL_API int wolfSSL_GetVersion(WOLFSSL* ssl); 1529 1815 WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version); 1530 WOLFSSL_API int wolfSSL_KeyPemToDer(const unsigned char*, int, 1531 unsigned char*, int, const char*); 1532 WOLFSSL_API int wolfSSL_CertPemToDer(const unsigned char*, int, 1533 unsigned char*, int, int); 1534 #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER) 1535 #ifndef WOLFSSL_PEMPUBKEY_TODER_DEFINED 1536 #ifndef NO_FILESYSTEM 1537 WOLFSSL_API int wolfSSL_PemPubKeyToDer(const char* fileName, 1538 unsigned char* derBuf, int derSz); 1539 #endif 1540 WOLFSSL_API int wolfSSL_PubKeyPemToDer(const unsigned char*, int, 1541 unsigned char*, int); 1542 #define WOLFSSL_PEMPUBKEY_TODER_DEFINED 1543 #endif /* WOLFSSL_PEMPUBKEY_TODER_DEFINED */ 1544 #endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER*/ 1816 1817 /* moved to asn.c, old names kept for backwards compatability */ 1818 #define wolfSSL_KeyPemToDer wc_KeyPemToDer 1819 #define wolfSSL_CertPemToDer wc_CertPemToDer 1820 #define wolfSSL_PemPubKeyToDer wc_PemPubKeyToDer 1821 #define wolfSSL_PubKeyPemToDer wc_PubKeyPemToDer 1822 #define wolfSSL_PemCertToDer wc_PemCertToDer 1823 1545 1824 1546 1825 typedef void (*CallbackCACache)(unsigned char* der, int sz, int type); … … 1609 1888 wolfssl_triple_des, /* leading 3 (3des) not valid identifier */ 1610 1889 wolfssl_des40, 1890 #ifdef HAVE_IDEA 1611 1891 wolfssl_idea, 1892 #endif 1612 1893 wolfssl_aes, 1613 1894 wolfssl_aes_gcm, … … 1629 1910 1630 1911 /* Public Key Callback support */ 1912 #ifdef HAVE_PK_CALLBACKS 1913 #ifdef HAVE_ECC 1914 1915 struct ecc_key; 1916 1917 typedef int (*CallbackEccKeyGen)(WOLFSSL* ssl, struct ecc_key* key, 1918 unsigned int keySz, int ecc_curve, void* ctx); 1919 WOLFSSL_API void wolfSSL_CTX_SetEccKeyGenCb(WOLFSSL_CTX*, CallbackEccKeyGen); 1920 WOLFSSL_API void wolfSSL_SetEccKeyGenCtx(WOLFSSL* ssl, void *ctx); 1921 WOLFSSL_API void* wolfSSL_GetEccKeyGenCtx(WOLFSSL* ssl); 1922 1631 1923 typedef int (*CallbackEccSign)(WOLFSSL* ssl, 1632 1924 const unsigned char* in, unsigned int inSz, … … 1647 1939 WOLFSSL_API void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl); 1648 1940 1649 struct ecc_key;1650 1941 typedef int (*CallbackEccSharedSecret)(WOLFSSL* ssl, struct ecc_key* otherKey, 1651 1942 unsigned char* pubKeyDer, unsigned int* pubKeySz, … … 1655 1946 WOLFSSL_API void wolfSSL_SetEccSharedSecretCtx(WOLFSSL* ssl, void *ctx); 1656 1947 WOLFSSL_API void* wolfSSL_GetEccSharedSecretCtx(WOLFSSL* ssl); 1657 1948 #endif 1949 1950 #ifndef NO_DH 1951 /* Public DH Key Callback support */ 1952 struct DhKey; 1953 typedef int (*CallbackDhAgree)(WOLFSSL* ssl, struct DhKey* key, 1954 const unsigned char* priv, unsigned int privSz, 1955 const unsigned char* otherPubKeyDer, unsigned int otherPubKeySz, 1956 unsigned char* out, unsigned int* outlen, 1957 void* ctx); 1958 WOLFSSL_API void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX*, CallbackDhAgree); 1959 WOLFSSL_API void wolfSSL_SetDhAgreeCtx(WOLFSSL* ssl, void *ctx); 1960 WOLFSSL_API void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl); 1961 #endif /* !NO_DH */ 1962 1963 #ifdef HAVE_ED25519 1658 1964 struct ed25519_key; 1659 1965 typedef int (*CallbackEd25519Sign)(WOLFSSL* ssl, … … 1676 1982 WOLFSSL_API void wolfSSL_SetEd25519VerifyCtx(WOLFSSL* ssl, void *ctx); 1677 1983 WOLFSSL_API void* wolfSSL_GetEd25519VerifyCtx(WOLFSSL* ssl); 1678 1984 #endif 1985 1986 #ifdef HAVE_CURVE25519 1679 1987 struct curve25519_key; 1988 1989 typedef int (*CallbackX25519KeyGen)(WOLFSSL* ssl, struct curve25519_key* key, 1990 unsigned int keySz, void* ctx); 1991 WOLFSSL_API void wolfSSL_CTX_SetX25519KeyGenCb(WOLFSSL_CTX*, CallbackX25519KeyGen); 1992 WOLFSSL_API void wolfSSL_SetX25519KeyGenCtx(WOLFSSL* ssl, void *ctx); 1993 WOLFSSL_API void* wolfSSL_GetX25519KeyGenCtx(WOLFSSL* ssl); 1994 1680 1995 typedef int (*CallbackX25519SharedSecret)(WOLFSSL* ssl, 1681 1996 struct curve25519_key* otherKey, … … 1688 2003 WOLFSSL_API void wolfSSL_SetX25519SharedSecretCtx(WOLFSSL* ssl, void *ctx); 1689 2004 WOLFSSL_API void* wolfSSL_GetX25519SharedSecretCtx(WOLFSSL* ssl); 1690 2005 #endif 2006 2007 #ifndef NO_RSA 1691 2008 typedef int (*CallbackRsaSign)(WOLFSSL* ssl, 1692 2009 const unsigned char* in, unsigned int inSz, … … 1704 2021 void* ctx); 1705 2022 WOLFSSL_API void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX*, CallbackRsaVerify); 2023 WOLFSSL_API void wolfSSL_CTX_SetRsaSignCheckCb(WOLFSSL_CTX*, CallbackRsaVerify); 1706 2024 WOLFSSL_API void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx); 1707 2025 WOLFSSL_API void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl); … … 1726 2044 WOLFSSL_API void wolfSSL_CTX_SetRsaPssVerifyCb(WOLFSSL_CTX*, 1727 2045 CallbackRsaPssVerify); 2046 WOLFSSL_API void wolfSSL_CTX_SetRsaPssSignCheckCb(WOLFSSL_CTX*, 2047 CallbackRsaPssVerify); 1728 2048 WOLFSSL_API void wolfSSL_SetRsaPssVerifyCtx(WOLFSSL* ssl, void *ctx); 1729 2049 WOLFSSL_API void* wolfSSL_GetRsaPssVerifyCtx(WOLFSSL* ssl); … … 1749 2069 WOLFSSL_API void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx); 1750 2070 WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl); 1751 2071 #endif 2072 #endif /* HAVE_PK_CALLBACKS */ 1752 2073 1753 2074 #ifndef NO_CERTS … … 1855 2176 1856 2177 /* async additions */ 1857 WOLFSSL_API int wolfSSL_UseAsync(WOLFSSL*, int devId); 1858 WOLFSSL_API int wolfSSL_CTX_UseAsync(WOLFSSL_CTX*, int devId); 2178 #define wolfSSL_UseAsync wolfSSL_SetDevId 2179 #define wolfSSL_CTX_UseAsync wolfSSL_CTX_SetDevId 2180 WOLFSSL_API int wolfSSL_SetDevId(WOLFSSL*, int devId); 2181 WOLFSSL_API int wolfSSL_CTX_SetDevId(WOLFSSL_CTX*, int devId); 1859 2182 1860 2183 /* helpers to get device id and heap */ … … 1896 2219 WOLFSSL_API void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx, 1897 2220 unsigned char type, unsigned char options); 2221 WOLFSSL_API int wolfSSL_SNI_GetFromBuffer( 2222 const unsigned char* clientHello, unsigned int helloSz, 2223 unsigned char type, unsigned char* sni, unsigned int* inOutSz); 2224 2225 #endif /* NO_WOLFSSL_SERVER */ 1898 2226 1899 2227 /* SNI status */ … … 1909 2237 WOLFSSL_API unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl, 1910 2238 unsigned char type, void** data); 1911 WOLFSSL_API int wolfSSL_SNI_GetFromBuffer( 1912 const unsigned char* clientHello, unsigned int helloSz, 1913 unsigned char type, unsigned char* sni, unsigned int* inOutSz); 1914 1915 #endif 1916 #endif 2239 2240 #endif /* HAVE_SNI */ 1917 2241 1918 2242 /* Application-Layer Protocol Negotiation */ … … 1932 2256 }; 1933 2257 1934 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)2258 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 1935 2259 typedef int (*CallbackALPNSelect)(WOLFSSL* ssl, const unsigned char** out, 1936 2260 unsigned char* outLen, const unsigned char* in, unsigned int inLen, … … 1959 2283 WOLFSSL_MFL_2_11 = 3, /* 2048 bytes */ 1960 2284 WOLFSSL_MFL_2_12 = 4, /* 4096 bytes */ 1961 WOLFSSL_MFL_2_13 = 5 /* 8192 bytes *//* wolfSSL ONLY!!! */ 2285 WOLFSSL_MFL_2_13 = 5, /* 8192 bytes *//* wolfSSL ONLY!!! */ 2286 WOLFSSL_MFL_2_8 = 6, /* 256 bytes *//* wolfSSL ONLY!!! */ 2287 WOLFSSL_MFL_MIN = WOLFSSL_MFL_2_9, 2288 WOLFSSL_MFL_MAX = WOLFSSL_MFL_2_8, 1962 2289 }; 1963 2290 … … 1968 2295 1969 2296 #endif 1970 #endif 2297 #endif /* HAVE_MAX_FRAGMENT */ 1971 2298 1972 2299 /* Truncated HMAC */ … … 2117 2444 #endif /* NO_WOLFSSL_CLIENT */ 2118 2445 2119 #ifndef NO_WOLFSSL_SERVER2120 2446 2121 2447 #define WOLFSSL_TICKET_NAME_SZ 16 … … 2129 2455 WOLFSSL_TICKET_RET_CREATE /* existing ticket ok and create new one */ 2130 2456 }; 2457 2458 #ifndef NO_WOLFSSL_SERVER 2131 2459 2132 2460 typedef int (*SessionTicketEncCb)(WOLFSSL*, … … 2232 2560 #endif 2233 2561 2234 #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2235 WOLFSSL_API char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* time, 2236 char* buf, int len); 2237 #endif /* WOLFSSL_MYSQL_COMPATIBLE */ 2238 2239 #ifdef OPENSSL_EXTRA 2240 2241 #ifndef NO_FILESYSTEM 2242 WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c); 2243 WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp); 2244 #endif 2562 #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 2563 /* Smaller subset of X509 compatibility functions. Avoid increasing the size of 2564 * this subset and its memory usage */ 2565 2566 #include <wolfssl/openssl/asn1.h> 2567 struct WOLFSSL_X509_NAME_ENTRY { 2568 WOLFSSL_ASN1_OBJECT object; /* static object just for keeping grp, type */ 2569 WOLFSSL_ASN1_STRING data; 2570 WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ 2571 int nid; /* i.e. ASN_COMMON_NAME */ 2572 int set; 2573 int size; 2574 }; 2575 #endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 2576 2577 2578 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) 2579 2580 enum { 2581 WOLFSSL_SYS_ACCEPT = 0, 2582 WOLFSSL_SYS_BIND, 2583 WOLFSSL_SYS_CONNECT, 2584 WOLFSSL_SYS_FOPEN, 2585 WOLFSSL_SYS_FREAD, 2586 WOLFSSL_SYS_GETADDRINFO, 2587 WOLFSSL_SYS_GETSOCKOPT, 2588 WOLFSSL_SYS_GETSOCKNAME, 2589 WOLFSSL_SYS_GETHOSTBYNAME, 2590 WOLFSSL_SYS_GETNAMEINFO, 2591 WOLFSSL_SYS_GETSERVBYNAME, 2592 WOLFSSL_SYS_IOCTLSOCKET, 2593 WOLFSSL_SYS_LISTEN, 2594 WOLFSSL_SYS_OPENDIR, 2595 WOLFSSL_SYS_SETSOCKOPT, 2596 WOLFSSL_SYS_SOCKET 2597 }; 2598 2599 /* Object functions */ 2600 WOLFSSL_API const char * wolfSSL_OBJ_nid2sn(int n); 2601 WOLFSSL_API int wolfSSL_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o); 2602 WOLFSSL_API int wolfSSL_OBJ_sn2nid(const char *sn); 2603 2604 WOLFSSL_API char* wolfSSL_OBJ_nid2ln(int n); 2605 WOLFSSL_API int wolfSSL_OBJ_txt2nid(const char *sn); 2606 2607 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj(int n); 2608 WOLFSSL_LOCAL WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj_ex(int n, WOLFSSL_ASN1_OBJECT *arg_obj); 2609 WOLFSSL_API int wolfSSL_OBJ_obj2txt(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a, int no_name); 2610 2611 WOLFSSL_API void wolfSSL_OBJ_cleanup(void); 2612 /* end of object functions */ 2245 2613 2246 2614 WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error_line(const char **file, int *line); … … 2249 2617 2250 2618 #ifndef NO_CERTS 2619 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID( 2620 WOLFSSL_X509_NAME_ENTRY** out, int nid, int type, 2621 unsigned char* data, int dataSz); 2622 WOLFSSL_API int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name, 2623 WOLFSSL_X509_NAME_ENTRY* entry, int idx, int set); 2624 WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name, 2625 const char *field, int type, const unsigned char *bytes, int len, int loc, 2626 int set); 2627 WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x, 2628 const WOLFSSL_X509_NAME* y); 2629 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void); 2251 2630 WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl); 2252 2631 WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, … … 2255 2634 const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len); 2256 2635 WOLFSSL_API int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509); 2257 WOLFSSL_API int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der,2258 int derSz);2259 2636 WOLFSSL_API int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey); 2260 2637 WOLFSSL_API int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl, … … 2275 2652 WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, 2276 2653 WOLFSSL_X509_STORE* str); 2277 WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509); 2654 WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); 2655 #if !defined(NO_FILESYSTEM) 2656 WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(XFILE fp, 2657 WOLFSSL_X509** x509); 2658 #endif 2659 WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, 2660 WOLFSSL_X509** x509); 2278 2661 WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx); 2279 2662 2663 WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio); 2280 2664 WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b); 2281 2665 WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl, … … 2283 2667 WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl, 2284 2668 unsigned char* out, size_t outSz); 2285 WOLFSSL_API pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX *ctx);2286 WOLFSSL_API void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx);2287 2669 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey); 2288 2670 WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); 2289 2671 WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX 2290 2672 (WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); 2673 #ifndef NO_FILESYSTEM 2674 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_X509_CRL(XFILE fp, 2675 WOLFSSL_X509_CRL **x, pem_password_cb *cb, void *u); 2676 #endif 2677 WOLFSSL_API int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header, 2678 EncryptedInfo* cipher); 2679 WOLFSSL_API int wolfSSL_PEM_do_header(EncryptedInfo* cipher, 2680 unsigned char* data, long* len, 2681 pem_password_cb* callback, void* ctx); 2291 2682 2292 2683 /*lighttp compatibility */ 2293 2684 2294 #include <wolfssl/openssl/asn1.h> 2295 struct WOLFSSL_X509_NAME_ENTRY { 2296 WOLFSSL_ASN1_OBJECT* object; /* not defined yet */ 2297 WOLFSSL_ASN1_STRING data; 2298 WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ 2299 int set; 2300 int size; 2301 }; 2302 2303 #if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) \ 2685 struct WOLFSSL_ASN1_BIT_STRING { 2686 int length; 2687 int type; 2688 char* data; 2689 long flags; 2690 }; 2691 2692 2693 #if defined(OPENSSL_EXTRA) \ 2694 || defined(OPENSSL_ALL) \ 2695 || defined(HAVE_LIGHTY) \ 2696 || defined(WOLFSSL_MYSQL_COMPATIBLE) \ 2304 2697 || defined(HAVE_STUNNEL) \ 2305 2698 || defined(WOLFSSL_NGINX) \ 2306 || defined(WOLFSSL_HAPROXY) \ 2307 || defined(OPENSSL_EXTRA) 2699 || defined(WOLFSSL_HAPROXY) 2700 WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne); 2701 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void); 2308 2702 WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name); 2309 2703 WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x); 2310 2704 WOLFSSL_API int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name); 2311 2705 /* These are to be merged shortly */ 2312 WOLFSSL_API const char * wolfSSL_OBJ_nid2sn(int n);2313 WOLFSSL_API int wolfSSL_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o);2314 WOLFSSL_API int wolfSSL_OBJ_sn2nid(const char *sn);2315 WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth);2316 2706 WOLFSSL_API void wolfSSL_set_verify_depth(WOLFSSL *ssl,int depth); 2317 2707 WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl); … … 2321 2711 WOLFSSL_API void wolfSSL_sk_X509_NAME_pop_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, void f (WOLFSSL_X509_NAME*)); 2322 2712 WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md); 2713 WOLFSSL_API unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, unsigned char *md); 2714 WOLFSSL_API unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n, unsigned char *md); 2715 WOLFSSL_API unsigned char *wolfSSL_SHA512(const unsigned char *d, size_t n, unsigned char *md); 2323 2716 WOLFSSL_API int wolfSSL_X509_check_private_key(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*); 2324 2717 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk ); 2325 2326 /* end lighttpd*/ 2327 #endif 2328 #endif 2329 2330 #if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) \ 2718 WOLFSSL_API int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509); 2719 2720 #ifndef NO_FILESYSTEM 2721 WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c); 2722 WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp); 2723 #endif 2724 2725 #endif /* OPENSSL_EXTRA || OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 2726 2727 #endif /* OPENSSL_EXTRA || OPENSSL_ALL */ 2728 2729 2730 #if defined(OPENSSL_ALL) \ 2731 || defined(HAVE_STUNNEL) \ 2732 || defined(HAVE_LIGHTY) \ 2331 2733 || defined(WOLFSSL_MYSQL_COMPATIBLE) \ 2332 2734 || defined(WOLFSSL_HAPROXY) \ 2333 2735 || defined(OPENSSL_EXTRA) 2334 2736 2335 WOLFSSL_API char* wolfSSL_OBJ_nid2ln(int n);2336 WOLFSSL_API int wolfSSL_OBJ_txt2nid(const char *sn);2337 2737 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode); 2338 2738 WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*); … … 2341 2741 WOLFSSL_API WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, 2342 2742 WOLFSSL_DSA **x, pem_password_cb *cb, void *u); 2743 WOLFSSL_API int wolfSSL_PEM_write_bio_X509_REQ(WOLFSSL_BIO *bp,WOLFSSL_X509 *x); 2744 WOLFSSL_API int wolfSSL_PEM_write_bio_X509_AUX(WOLFSSL_BIO *bp,WOLFSSL_X509 *x); 2343 2745 WOLFSSL_API int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x); 2344 WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx);2345 2346 2347 2746 2348 2747 #endif /* HAVE_STUNNEL || HAVE_LIGHTY */ 2349 2748 2350 2351 #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2749 #ifdef OPENSSL_ALL 2750 WOLFSSL_API int wolfSSL_i2d_X509_REQ(WOLFSSL_X509* req, unsigned char** out); 2751 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_REQ_new(void); 2752 WOLFSSL_API void wolfSSL_X509_REQ_free(WOLFSSL_X509* req); 2753 WOLFSSL_API int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey, 2754 const WOLFSSL_EVP_MD *md); 2755 WOLFSSL_API int wolfSSL_X509_REQ_set_subject_name(WOLFSSL_X509 *req, 2756 WOLFSSL_X509_NAME *name); 2757 WOLFSSL_API int wolfSSL_X509_REQ_set_pubkey(WOLFSSL_X509 *req, 2758 WOLFSSL_EVP_PKEY *pkey); 2759 #endif 2760 2761 2762 #if defined(OPENSSL_ALL) \ 2763 || defined(HAVE_STUNNEL) \ 2764 || defined(WOLFSSL_NGINX) \ 2765 || defined(WOLFSSL_HAPROXY) \ 2766 || defined(OPENSSL_EXTRA) \ 2767 || defined(HAVE_LIGHTY) 2352 2768 2353 2769 #include <wolfssl/openssl/crypto.h> … … 2359 2775 void *(*r) (void *, size_t, const char *, int), void (*f) (void *)); 2360 2776 2777 WOLFSSL_API void wolfSSL_CRYPTO_cleanup_all_ex_data(void); 2778 2779 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn); 2361 2780 WOLFSSL_API WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator, 2362 2781 void (*callback) (int, int, void *), void *cb_arg); … … 2379 2798 WOLFSSL_API int wolfSSL_sk_X509_NAME_num(const WOLF_STACK_OF(WOLFSSL_X509_NAME) *s); 2380 2799 2800 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_new(void); 2381 2801 WOLFSSL_API int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s); 2382 2802 … … 2389 2809 WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*); 2390 2810 2391 WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl);2392 2393 2811 WOLFSSL_API int wolfSSL_version(WOLFSSL*); 2394 2812 … … 2398 2816 2399 2817 WOLFSSL_API void* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)*, int); 2400 2401 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*);2402 2818 2403 2819 WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int); … … 2421 2837 2422 2838 WOLFSSL_API VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX*); 2839 2840 WOLFSSL_API VerifyCallback wolfSSL_get_verify_callback(WOLFSSL*); 2423 2841 2424 2842 WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *, … … 2429 2847 WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*); 2430 2848 2431 WOLFSSL_API void WOLFSSL_ERR_remove_thread_state(void*); 2849 WOLFSSL_API void wolfSSL_ERR_remove_thread_state(void*); 2850 2851 /* support for depricated old name */ 2852 #define WOLFSSL_ERR_remove_thread_state wolfSSL_ERR_remove_thread_state 2432 2853 2433 2854 #ifndef NO_FILESYSTEM 2434 WOLFSSL_API void wolfSSL_print_all_errors_fp(XFILE *fp); 2435 #endif 2436 2437 WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long); 2855 WOLFSSL_API void wolfSSL_print_all_errors_fp(XFILE fp); 2856 #endif 2438 2857 2439 2858 WOLFSSL_API void wolfSSL_THREADID_set_callback(void (*threadid_func)(void*)); … … 2445 2864 2446 2865 WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void f (WOLFSSL_X509*)); 2447 #endif /* HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 2448 2449 #if defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) \ 2450 || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2866 #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */ 2867 2868 #if defined(OPENSSL_ALL) || \ 2869 defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ 2870 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2451 2871 2452 2872 WOLFSSL_API int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx); … … 2476 2896 WOLFSSL_API int wolfSSL_CTX_set_msg_callback_arg(WOLFSSL_CTX *ctx, void* arg); 2477 2897 WOLFSSL_API int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg); 2478 #endif2479 2480 #ifdef OPENSSL_EXTRA2481 2898 WOLFSSL_API unsigned long wolfSSL_ERR_peek_error_line_data(const char **file, 2482 2899 int *line, const char **data, int *flags); 2483 #endif 2484 2485 #if defined WOLFSSL_NGINX || defined WOLFSSL_HAPROXY 2900 WOLFSSL_API int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, 2901 const unsigned char *protos, unsigned int protos_len); 2902 WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data, 2903 size_t siz, const char* file, int line); 2904 WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); 2905 #endif 2906 2907 #if defined(OPENSSL_ALL) \ 2908 || defined(WOLFSSL_NGINX) \ 2909 || defined(WOLFSSL_HAPROXY) \ 2910 || defined(OPENSSL_EXTRA) 2911 WOLFSSL_API void wolfSSL_OPENSSL_config(char *config_name); 2912 #endif 2913 2914 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2486 2915 /* Not an OpenSSL API. */ 2487 2916 WOLFSSL_LOCAL int wolfSSL_get_ocsp_response(WOLFSSL* ssl, byte** response); … … 2490 2919 /* Not an OpenSSL API. */ 2491 2920 WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url); 2492 2921 #endif 2922 2923 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ 2924 || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) 2493 2925 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl); 2494 WOLFSSL_API void wolfSSL_OPENSSL_config(char *config_name);2495 2926 WOLFSSL_API int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a, 2496 2927 void *b, void *c); … … 2527 2958 #endif 2528 2959 2529 #ifdef HAVE_OCSP 2960 #if defined(HAVE_OCSP) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) || \ 2961 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2530 2962 WOLFSSL_API int wolfSSL_CTX_get_extra_chain_certs(WOLFSSL_CTX* ctx, 2531 2963 WOLF_STACK_OF(X509)** chain); … … 2551 2983 WOLFSSL_X509 *cert); 2552 2984 2553 #endif /* WOLFSSL_NGINX */ 2985 #endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || 2986 OPENSSL_EXTRA || HAVE_LIGHTY*/ 2554 2987 2555 2988 WOLFSSL_API void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, … … 2584 3017 2585 3018 #ifdef OPENSSL_EXTRA 2586 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)3019 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2587 3020 WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context( 2588 3021 const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length); … … 2597 3030 WOLFSSL_API void *X509_get_X509_PUBKEY(void * x); 2598 3031 WOLFSSL_API int X509_PUBKEY_get0_param(WOLFSSL_ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, void **pa, WOLFSSL_EVP_PKEY *pub); 2599 WOLFSSL_API int EVP_PKEY_bits(WOLFSSL_EVP_PKEY *pkey);2600 WOLFSSL_API int i2d_X509(WOLFSSL_X509 *x, unsigned char **out);2601 3032 WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a); 2602 3033 WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength)); 2603 3034 WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); 2604 3035 WOLFSSL_API int X509_STORE_load_locations(WOLFSSL_X509_STORE *ctx, const char *file, const char *dir); 3036 WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509_CRL *x); 2605 3037 WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const void * p); 2606 3038 WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st); 2607 3039 WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx); 2608 3040 WOLFSSL_API void ERR_load_SSL_strings(void); 3041 WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p); 3042 3043 WOLFSSL_API const char *wolfSSL_ASN1_tag2str(int tag); 3044 WOLFSSL_API int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, unsigned long flags); 3045 WOLFSSL_API int wolfSSL_ASN1_TIME_get_length(WOLFSSL_ASN1_TIME *t); 3046 WOLFSSL_API unsigned char* wolfSSL_ASN1_TIME_get_data(WOLFSSL_ASN1_TIME *t); 3047 WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, 3048 WOLFSSL_ASN1_TIME **out); 3049 WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp); 3050 WOLFSSL_API int wolfSSL_X509_CA_num(WOLFSSL_X509_STORE *store); 3051 WOLFSSL_API long wolfSSL_X509_get_version(const WOLFSSL_X509 *x); 3052 WOLFSSL_API int wolfSSL_X509_get_signature_nid(const WOLFSSL_X509* x); 3053 3054 WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio, 3055 WOLFSSL_EVP_PKEY* pkey, const WOLFSSL_EVP_CIPHER* enc, char* passwd, 3056 int passwdSz, pem_password_cb* cb, void* ctx); 3057 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PKCS8PrivateKey_bio(WOLFSSL_BIO* bio, 3058 WOLFSSL_EVP_PKEY** pkey, pem_password_cb* cb, void* u); 3059 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey( 3060 WOLFSSL_EVP_PKEY** pkey, const unsigned char** data, long length); 3061 2609 3062 #endif /* OPENSSL_EXTRA */ 3063 3064 #ifdef HAVE_PK_CALLBACKS 3065 WOLFSSL_API int wolfSSL_CTX_IsPrivatePkSet(WOLFSSL_CTX* ctx); 3066 #endif 2610 3067 2611 3068 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/test.h
r337 r372 11 11 #include <wolfssl/wolfcrypt/error-crypt.h> 12 12 #include <wolfssl/wolfcrypt/random.h> 13 #include <wolfssl/wolfcrypt/mem_track.h> 14 #if defined(OPENSSL_EXTRA) && defined(SHOW_CERTS) 15 #include <wolfssl/wolfcrypt/asn.h> /* for domain component NID value */ 16 #endif 13 17 14 18 #ifdef ATOMIC_USER … … 25 29 #include <wolfssl/wolfcrypt/ecc.h> 26 30 #endif /* HAVE_ECC */ 31 #ifndef NO_DH 32 #include <wolfssl/wolfcrypt/dh.h> 33 #endif /* !NO_DH */ 27 34 #ifdef HAVE_ED25519 28 35 #include <wolfssl/wolfcrypt/ed25519.h> … … 59 66 #define sleep(t) osDelay(t/1000+1) ; 60 67 #endif 61 62 static int wolfssl_tcp_select(int sd, int timeout)63 { return 0 ; }64 #define tcp_select(sd,t) wolfssl_tcp_select(sd, t) /* avoid conflicting Keil TCP tcp_select */65 68 #elif defined(WOLFSSL_TIRTOS) 66 69 #include <string.h> … … 122 125 #include <wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h> 123 126 #endif 124 125 127 #ifdef _MSC_VER 126 128 /* disable conversion warning */ … … 136 138 #ifndef WOLFSSL_HAVE_MIN 137 139 #define WOLFSSL_HAVE_MIN 138 static INLINE word32 min(word32 a, word32 b)140 static WC_INLINE word32 min(word32 a, word32 b) 139 141 { 140 142 return a > b ? b : a; … … 181 183 #endif 182 184 183 184 #ifdef USE_WINDOWS_API185 #define CloseSocket(s) closesocket(s)186 #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }187 #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)188 #define CloseSocket(s) closesocket(s)189 #define StartTCP()190 #else191 #define CloseSocket(s) close(s)192 #define StartTCP()193 #endif194 185 195 186 … … 230 221 231 222 223 #ifndef WOLFSSL_NO_TLS12 232 224 #define SERVER_DEFAULT_VERSION 3 225 #else 226 #define SERVER_DEFAULT_VERSION 4 227 #endif 233 228 #define SERVER_DTLS_DEFAULT_VERSION (-2) 234 229 #define SERVER_INVALID_VERSION (-99) 230 #define SERVER_DOWNGRADE_VERSION (-98) 231 #ifndef WOLFSSL_NO_TLS12 235 232 #define CLIENT_DEFAULT_VERSION 3 233 #else 234 #define CLIENT_DEFAULT_VERSION 4 235 #endif 236 236 #define CLIENT_DTLS_DEFAULT_VERSION (-2) 237 237 #define CLIENT_INVALID_VERSION (-99) 238 #define CLIENT_DOWNGRADE_VERSION (-98) 239 #define EITHER_DOWNGRADE_VERSION (-97) 238 240 #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH) 239 241 #define DEFAULT_MIN_DHKEY_BITS 2048 242 #define DEFAULT_MAX_DHKEY_BITS 3072 240 243 #else 241 244 #define DEFAULT_MIN_DHKEY_BITS 1024 245 #define DEFAULT_MAX_DHKEY_BITS 2048 242 246 #endif 243 247 #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH) … … 257 261 #define eccCertFile "certs/server-ecc.pem" 258 262 #define eccKeyFile "certs/ecc-key.pem" 263 #define eccRsaCertFile "certs/server-ecc-rsa.pem" 259 264 #define svrCertFile "certs/server-cert.pem" 260 265 #define svrKeyFile "certs/server-key.pem" 261 266 #define cliCertFile "certs/client-cert.pem" 267 #define cliCertDerFile "certs/client-cert.der" 262 268 #define cliKeyFile "certs/client-key.pem" 263 269 #define ntruCertFile "certs/ntru-cert.pem" … … 268 274 #define caEccCertFile "certs/ca-ecc-cert/pem" 269 275 #define crlPemDir "certs/crl" 276 #define edCertFile "certs/ed25519/server-ed25519-cert.pem" 277 #define edKeyFile "certs/ed25519/server-ed25519-priv.pem" 278 #define cliEdCertFile "certs/ed25519/client-ed25519.pem" 279 #define cliEdKeyFile "certs/ed25519/client-ed25519-priv.pem" 280 #define caEdCertFile "certs/ed25519/ca-ed25519.pem" 270 281 #ifdef HAVE_WNR 271 282 /* Whitewood netRandom default config file */ … … 276 287 #define eccCertFile "./certs/server-ecc.pem" 277 288 #define eccKeyFile "./certs/ecc-key.pem" 289 #define eccRsaCertFile "./certs/server-ecc-rsa.pem" 278 290 #define svrCertFile "./certs/server-cert.pem" 279 291 #define svrKeyFile "./certs/server-key.pem" 280 292 #define cliCertFile "./certs/client-cert.pem" 293 #define cliCertDerFile "./certs/client-cert.der" 281 294 #define cliKeyFile "./certs/client-key.pem" 282 295 #define ntruCertFile "./certs/ntru-cert.pem" … … 287 300 #define caEccCertFile "./certs/ca-ecc-cert.pem" 288 301 #define crlPemDir "./certs/crl" 302 #define edCertFile "./certs/ed25519/server-ed25519.pem" 303 #define edKeyFile "./certs/ed25519/server-ed25519-priv.pem" 304 #define cliEdCertFile "./certs/ed25519/client-ed25519.pem" 305 #define cliEdKeyFile "./certs/ed25519/client-ed25519-priv.pem" 306 #define caEdCertFile "./certs/ed25519/root-ed25519.pem" 289 307 #ifdef HAVE_WNR 290 308 /* Whitewood netRandom default config file */ … … 304 322 305 323 306 static INLINE void InitTcpReady(tcp_ready* ready)324 static WC_INLINE void InitTcpReady(tcp_ready* ready) 307 325 { 308 326 ready->ready = 0; … … 317 335 318 336 319 static INLINE void FreeTcpReady(tcp_ready* ready)337 static WC_INLINE void FreeTcpReady(tcp_ready* ready) 320 338 { 321 339 #ifdef SINGLE_THREADED … … 338 356 ssl_callback ssl_ready; 339 357 ssl_callback on_result; 358 WOLFSSL_CTX* ctx; 340 359 } callback_functions; 341 360 … … 367 386 368 387 369 #if defined(__GNUC__) 370 #define WC_NORETURN __attribute__((noreturn)) 388 389 #ifndef MY_EX_USAGE 390 #define MY_EX_USAGE 2 391 #endif 392 393 #ifndef EXIT_FAILURE 394 #define EXIT_FAILURE 1 395 #endif 396 397 #ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST 398 #define XEXIT(rc) return rc 399 #define XEXIT_T(rc) return (THREAD_RETURN)rc 371 400 #else 372 #define WC_NORETURN 373 #endif 374 375 static INLINE WC_NORETURN void err_sys(const char* msg) 401 #define XEXIT(rc) exit((int)(rc)) 402 #define XEXIT_T(rc) exit((int)(rc)) 403 #endif 404 405 406 static WC_INLINE 407 #ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST 408 THREAD_RETURN 409 #else 410 WC_NORETURN void 411 #endif 412 err_sys(const char* msg) 376 413 { 377 414 printf("wolfSSL error: %s\n", msg); … … 387 424 #endif 388 425 { 389 exit(EXIT_FAILURE); 390 } 391 } 392 393 394 #define MY_EX_USAGE 2 426 XEXIT_T(EXIT_FAILURE); 427 } 428 } 429 395 430 396 431 extern int myoptind; 397 432 extern char* myoptarg; 398 433 399 static INLINE int mygetopt(int argc, char** argv, const char* optstring)434 static WC_INLINE int mygetopt(int argc, char** argv, const char* optstring) 400 435 { 401 436 static char* next = NULL; … … 461 496 462 497 463 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)464 465 static INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)498 #ifdef WOLFSSL_ENCRYPTED_KEYS 499 500 static WC_INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata) 466 501 { 467 502 (void)rw; 468 503 (void)userdata; 504 if (userdata != NULL) { 505 strncpy(passwd, (char*)userdata, sz); 506 return (int)XSTRLEN((char*)userdata); 507 } 508 else { 469 509 strncpy(passwd, "yassl123", sz); 470 510 return 8; 471 511 } 472 473 #endif 474 512 } 513 514 #endif 515 516 static const char* client_showpeer_msg[][8] = { 517 /* English */ 518 { 519 "SSL version is", 520 "SSL cipher suite is", 521 "SSL curve name is", 522 "SSL DH size is", 523 "SSL reused session", 524 "Alternate cert chain used", 525 "peer's cert info:", 526 NULL 527 }, 528 /* Japanese */ 529 { 530 "SSL バージョンは", 531 "SSL 暗号スイートは", 532 "SSL 曲線名は", 533 "SSL DH サイズは", 534 "SSL 再利用セッション", 535 "代替証明チェーンを使用", 536 "相手方証明書情報", 537 NULL 538 } 539 }; 475 540 476 541 #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) 477 478 static INLINE void ShowX509(WOLFSSL_X509* x509, const char* hdr) 542 static const char* client_showx509_msg[][5] = { 543 /* English */ 544 { 545 "issuer", 546 "subject", 547 "altname", 548 "serial number", 549 NULL 550 }, 551 /* Japanese */ 552 { 553 "発行者", 554 "サブジェクト", 555 "代替名", 556 "シリアル番号", 557 NULL 558 }, 559 }; 560 561 /* lng_index is to specify the language for displaying message. */ 562 /* 0:English, 1:Japanese */ 563 static WC_INLINE void ShowX509Ex(WOLFSSL_X509* x509, const char* hdr, 564 int lng_index) 479 565 { 480 566 char* altName; … … 484 570 int ret; 485 571 int sz = sizeof(serial); 572 const char** words = client_showx509_msg[lng_index]; 486 573 487 574 if (x509 == NULL) { … … 495 582 wolfSSL_X509_get_subject_name(x509), 0, 0); 496 583 497 printf("%s\n issuer : %s\n subject: %s\n", hdr, issuer, subject);584 printf("%s\n %s : %s\n %s: %s\n", hdr, words[0], issuer, words[1], subject); 498 585 499 586 while ( (altName = wolfSSL_X509_get_next_altname(x509)) != NULL) 500 printf(" altname = %s\n", altName);587 printf(" %s = %s\n", words[2], altName); 501 588 502 589 ret = wolfSSL_X509_get_serial_number(x509, serial, &sz); … … 508 595 /* testsuite has multiple threads writing to stdout, get output 509 596 message ready to write once */ 510 strLen = sprintf(serialMsg, " serial number");597 strLen = sprintf(serialMsg, " %s", words[3]); 511 598 for (i = 0; i < sz; i++) 512 599 sprintf(serialMsg + strLen + (i*3), ":%02x ", serial[i]); … … 516 603 XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL); 517 604 XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL); 605 606 #if defined(OPENSSL_EXTRA) && defined(SHOW_CERTS) 607 { 608 WOLFSSL_BIO* bio; 609 char buf[256]; /* should be size of ASN_NAME_MAX */ 610 int textSz; 611 612 613 /* print out domain component if certificate has it */ 614 textSz = wolfSSL_X509_NAME_get_text_by_NID( 615 wolfSSL_X509_get_subject_name(x509), NID_domainComponent, 616 buf, sizeof(buf)); 617 if (textSz > 0) { 618 printf("Domain Component = %s\n", buf); 619 } 620 621 bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file()); 622 if (bio != NULL) { 623 wolfSSL_BIO_set_fp(bio, stdout, BIO_NOCLOSE); 624 wolfSSL_X509_print(bio, x509); 625 wolfSSL_BIO_free(bio); 626 } 627 } 628 #endif 629 } 630 /* original ShowX509 to maintain compatibility */ 631 static WC_INLINE void ShowX509(WOLFSSL_X509* x509, const char* hdr) 632 { 633 ShowX509Ex(x509, hdr, 0); 518 634 } 519 635 … … 521 637 522 638 #if defined(SESSION_CERTS) && defined(SHOW_CERTS) 523 static INLINE void ShowX509Chain(WOLFSSL_X509_CHAIN* chain, int count,639 static WC_INLINE void ShowX509Chain(WOLFSSL_X509_CHAIN* chain, int count, 524 640 const char* hdr) 525 641 { … … 544 660 #endif 545 661 546 static INLINE void showPeer(WOLFSSL* ssl) 662 /* lng_index is to specify the language for displaying message. */ 663 /* 0:English, 1:Japanese */ 664 static WC_INLINE void showPeerEx(WOLFSSL* ssl, int lng_index) 547 665 { 548 666 WOLFSSL_CIPHER* cipher; 667 const char** words = client_showpeer_msg[lng_index]; 668 549 669 #ifdef HAVE_ECC 550 670 const char *name; … … 556 676 WOLFSSL_X509* peer = wolfSSL_get_peer_certificate(ssl); 557 677 if (peer) 558 ShowX509 (peer, "peer's cert info:");678 ShowX509Ex(peer, words[6], lng_index); 559 679 else 560 680 printf("peer has no cert!\n"); … … 565 685 printf("Peer verify result = %lu\n", wolfSSL_get_verify_result(ssl)); 566 686 #endif /* SHOW_CERTS */ 567 printf(" SSL version is %s\n", wolfSSL_get_version(ssl));687 printf("%s %s\n", words[0], wolfSSL_get_version(ssl)); 568 688 569 689 cipher = wolfSSL_get_current_cipher(ssl); 570 690 #ifdef HAVE_QSH 571 printf(" SSL cipher suite is %s%s\n", (wolfSSL_isQSH(ssl))? "QSH:": "",691 printf("%s %s%s\n", words[1], (wolfSSL_isQSH(ssl))? "QSH:": "", 572 692 wolfSSL_CIPHER_get_name(cipher)); 573 693 #else 574 printf(" SSL cipher suite is %s\n", wolfSSL_CIPHER_get_name(cipher));694 printf("%s %s\n", words[1], wolfSSL_CIPHER_get_name(cipher)); 575 695 #endif 576 696 #ifdef HAVE_ECC 577 697 if ((name = wolfSSL_get_curve_name(ssl)) != NULL) 578 printf(" SSL curve name is %s\n", name);698 printf("%s %s\n", words[2], name); 579 699 #endif 580 700 #ifndef NO_DH 581 701 if ((bits = wolfSSL_GetDhKey_Sz(ssl)) > 0) 582 printf(" SSL DH size is %d bits\n", bits);702 printf("%s %d bits\n", words[3], bits); 583 703 #endif 584 704 if (wolfSSL_session_reused(ssl)) 585 printf(" SSL reused session\n");705 printf("%s\n", words[4]); 586 706 #ifdef WOLFSSL_ALT_CERT_CHAINS 587 707 if (wolfSSL_is_peer_alt_cert_chain(ssl)) 588 printf(" Alternate cert chain used\n");708 printf("%s\n", words[5]); 589 709 #endif 590 710 … … 606 726 (void)ssl; 607 727 } 608 609 610 static INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer, 728 /* original showPeer to maintain compatibility */ 729 static WC_INLINE void showPeer(WOLFSSL* ssl) 730 { 731 showPeerEx(ssl, 0); 732 } 733 734 static WC_INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer, 611 735 word16 port, int udp, int sctp) 612 736 { … … 619 743 err_sys("invalid argument to build_addr, addr is NULL"); 620 744 621 memset(addr, 0, sizeof(SOCKADDR_IN_T));745 XMEMSET(addr, 0, sizeof(SOCKADDR_IN_T)); 622 746 623 747 #ifndef TEST_IPV6 … … 662 786 addr->sin6_family = AF_INET_V; 663 787 addr->sin6_port = XHTONS(port); 664 if ( peer == INADDR_ANY)788 if ((size_t)peer == INADDR_ANY) { 665 789 addr->sin6_addr = in6addr_any; 790 } 666 791 else { 667 792 #ifdef HAVE_GETADDRINFO … … 671 796 char strPort[80]; 672 797 673 memset(&hints, 0, sizeof(hints));798 XMEMSET(&hints, 0, sizeof(hints)); 674 799 675 800 hints.ai_family = AF_INET_V; … … 707 832 708 833 709 static INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp)834 static WC_INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp) 710 835 { 711 836 (void)sctp; … … 753 878 } 754 879 755 static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port,880 static WC_INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port, 756 881 int udp, int sctp, WOLFSSL* ssl) 757 882 { … … 770 895 771 896 772 static INLINE void udp_connect(SOCKET_T* sockfd, void* addr, int addrSz)897 static WC_INLINE void udp_connect(SOCKET_T* sockfd, void* addr, int addrSz) 773 898 { 774 899 if (connect(*sockfd, (const struct sockaddr*)addr, addrSz) != 0) … … 787 912 #if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_TCP_NET) && \ 788 913 !defined(WOLFSSL_TIRTOS) 789 static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)914 static WC_INLINE int tcp_select(SOCKET_T socketfd, int to_sec) 790 915 { 791 916 fd_set recvfds, errfds; 792 917 SOCKET_T nfds = socketfd + 1; 918 #if !defined(__INTEGRITY) 793 919 struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0}; 920 #else 921 struct timeval timeout; 922 #endif 794 923 int result; 795 924 … … 799 928 FD_SET(socketfd, &errfds); 800 929 930 #if defined(__INTEGRITY) 931 timeout.tv_sec = (long long)(to_sec > 0) ? to_sec : 0, 0; 932 #endif 801 933 result = select(nfds, &recvfds, NULL, &errfds, &timeout); 802 934 … … 812 944 return TEST_SELECT_FAIL; 813 945 } 814 #elif defined(WOLFSSL_TIRTOS) 815 static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)946 #elif defined(WOLFSSL_TIRTOS) || defined(WOLFSSL_KEIL_TCP_NET) 947 static WC_INLINE int tcp_select(SOCKET_T socketfd, int to_sec) 816 948 { 817 949 return TEST_RECV_READY; … … 820 952 821 953 822 static INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr,954 static WC_INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr, 823 955 int udp, int sctp) 824 956 { … … 844 976 err_sys("tcp bind failed"); 845 977 if (!udp) { 846 if (listen(*sockfd, 5) != 0) 978 #ifdef WOLFSSL_KEIL_TCP_NET 979 #define SOCK_LISTEN_MAX_QUEUE 1 980 #else 981 #define SOCK_LISTEN_MAX_QUEUE 5 982 #endif 983 if (listen(*sockfd, SOCK_LISTEN_MAX_QUEUE) != 0) 847 984 err_sys("tcp listen failed"); 848 985 } … … 863 1000 864 1001 #if 0 865 static INLINE int udp_read_connect(SOCKET_T sockfd)1002 static WC_INLINE int udp_read_connect(SOCKET_T sockfd) 866 1003 { 867 1004 SOCKADDR_IN_T cliaddr; … … 884 1021 #endif 885 1022 886 static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,1023 static WC_INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, 887 1024 int useAnyAddr, word16 port, func_args* args) 888 1025 { … … 941 1078 } 942 1079 943 static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,1080 static WC_INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, 944 1081 func_args* args, word16 port, int useAnyAddr, 945 1082 int udp, int sctp, int ready_file, int do_listen) … … 982 1119 if (ready_file) { 983 1120 #if !defined(NO_FILESYSTEM) || defined(FORCE_BUFFER_TEST) 984 FILE*srf = NULL;1121 XFILE srf = NULL; 985 1122 if (args) 986 1123 ready = args->signal; … … 1011 1148 1012 1149 1013 static INLINE void tcp_set_nonblocking(SOCKET_T* sockfd)1150 static WC_INLINE void tcp_set_nonblocking(SOCKET_T* sockfd) 1014 1151 { 1015 1152 #ifdef USE_WINDOWS_API … … 1037 1174 static const char* kIdentityStr = "Client_identity"; 1038 1175 1039 static INLINE unsigned int my_psk_client_cb(WOLFSSL* ssl, const char* hint,1176 static WC_INLINE unsigned int my_psk_client_cb(WOLFSSL* ssl, const char* hint, 1040 1177 char* identity, unsigned int id_max_len, unsigned char* key, 1041 1178 unsigned int key_max_len) … … 1048 1185 strncpy(identity, kIdentityStr, id_max_len); 1049 1186 1187 if (wolfSSL_GetVersion(ssl) < WOLFSSL_TLSV1_3) { 1050 1188 /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using 1051 1189 unsigned binary */ 1052 key[0] = 26; 1053 key[1] = 43; 1054 key[2] = 60; 1055 key[3] = 77; 1190 key[0] = 0x1a; 1191 key[1] = 0x2b; 1192 key[2] = 0x3c; 1193 key[3] = 0x4d; 1194 1056 1195 1057 1196 return 4; /* length of key in octets or 0 for error */ 1058 1197 } 1059 1060 1061 static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, 1198 else { 1199 int i; 1200 int b = 0x01; 1201 1202 for (i = 0; i < 32; i++, b += 0x22) { 1203 if (b >= 0x100) 1204 b = 0x01; 1205 key[i] = b; 1206 } 1207 1208 return 32; /* length of key in octets or 0 for error */ 1209 } 1210 } 1211 1212 1213 static WC_INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, 1062 1214 unsigned char* key, unsigned int key_max_len) 1063 1215 { … … 1069 1221 return 0; 1070 1222 1223 if (wolfSSL_GetVersion(ssl) < WOLFSSL_TLSV1_3) { 1071 1224 /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using 1072 1225 unsigned binary */ 1073 key[0] = 26; 1074 key[1] = 43; 1075 key[2] = 60; 1076 key[3] = 77; 1226 key[0] = 0x1a; 1227 key[1] = 0x2b; 1228 key[2] = 0x3c; 1229 key[3] = 0x4d; 1230 1077 1231 1078 1232 return 4; /* length of key in octets or 0 for error */ 1233 } 1234 else { 1235 int i; 1236 int b = 0x01; 1237 1238 for (i = 0; i < 32; i++, b += 0x22) { 1239 if (b >= 0x100) 1240 b = 0x01; 1241 key[i] = b; 1242 } 1243 1244 return 32; /* length of key in octets or 0 for error */ 1245 } 1246 } 1247 1248 1249 static WC_INLINE unsigned int my_psk_client_tls13_cb(WOLFSSL* ssl, 1250 const char* hint, char* identity, unsigned int id_max_len, 1251 unsigned char* key, unsigned int key_max_len, const char** ciphersuite) 1252 { 1253 int i; 1254 int b = 0x01; 1255 1256 (void)ssl; 1257 (void)hint; 1258 (void)key_max_len; 1259 1260 /* see internal.h MAX_PSK_ID_LEN for PSK identity limit */ 1261 strncpy(identity, kIdentityStr, id_max_len); 1262 1263 for (i = 0; i < 32; i++, b += 0x22) { 1264 if (b >= 0x100) 1265 b = 0x01; 1266 key[i] = b; 1267 } 1268 1269 *ciphersuite = "TLS13-AES128-GCM-SHA256"; 1270 1271 return 32; /* length of key in octets or 0 for error */ 1272 } 1273 1274 1275 static WC_INLINE unsigned int my_psk_server_tls13_cb(WOLFSSL* ssl, 1276 const char* identity, unsigned char* key, unsigned int key_max_len, 1277 const char** ciphersuite) 1278 { 1279 int i; 1280 int b = 0x01; 1281 1282 (void)ssl; 1283 (void)key_max_len; 1284 1285 /* see internal.h MAX_PSK_ID_LEN for PSK identity limit */ 1286 if (strncmp(identity, kIdentityStr, strlen(kIdentityStr)) != 0) 1287 return 0; 1288 1289 for (i = 0; i < 32; i++, b += 0x22) { 1290 if (b >= 0x100) 1291 b = 0x01; 1292 key[i] = b; 1293 } 1294 1295 *ciphersuite = "TLS13-AES128-GCM-SHA256"; 1296 1297 return 32; /* length of key in octets or 0 for error */ 1079 1298 } 1080 1299 … … 1090 1309 #include <windows.h> 1091 1310 1092 static INLINE double current_time(int reset)1311 static WC_INLINE double current_time(int reset) 1093 1312 { 1094 1313 static int init = 0; … … 1112 1331 #else 1113 1332 1114 #if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_TCP_NET) 1333 #if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_TCP_NET) && !defined(WOLFSSL_CHIBIOS) 1115 1334 #include <sys/time.h> 1116 1335 1117 static INLINE double current_time(int reset)1336 static WC_INLINE double current_time(int reset) 1118 1337 { 1119 1338 struct timeval tv; … … 1129 1348 1130 1349 1350 #if defined(HAVE_OCSP) && defined(WOLFSSL_NONBLOCK_OCSP) 1351 static WC_INLINE int OCSPIOCb(void* ioCtx, const char* url, int urlSz, 1352 unsigned char* request, int requestSz, unsigned char** response) 1353 { 1354 #ifdef TEST_NONBLOCK_CERTS 1355 static int ioCbCnt = 0; 1356 #endif 1357 1358 (void)ioCtx; 1359 (void)url; 1360 (void)urlSz; 1361 (void)request; 1362 (void)requestSz; 1363 (void)response; 1364 1365 #ifdef TEST_NONBLOCK_CERTS 1366 if (ioCbCnt) { 1367 ioCbCnt = 0; 1368 return EmbedOcspLookup(ioCtx, url, urlSz, request, requestSz, response); 1369 } 1370 else { 1371 ioCbCnt = 1; 1372 return WOLFSSL_CBIO_ERR_WANT_READ; 1373 } 1374 #else 1375 return EmbedOcspLookup(ioCtx, url, urlSz, request, requestSz, response); 1376 #endif 1377 } 1378 1379 static WC_INLINE void OCSPRespFreeCb(void* ioCtx, unsigned char* response) 1380 { 1381 (void)ioCtx; 1382 (void)response; 1383 } 1384 #endif 1385 1131 1386 #if !defined(NO_CERTS) 1132 1387 #if !defined(NO_FILESYSTEM) || \ … … 1134 1389 1135 1390 /* reads file size, allocates buffer, reads into buffer, returns buffer */ 1136 static INLINE int load_file(const char* fname, byte** buf, size_t* bufLen)1391 static WC_INLINE int load_file(const char* fname, byte** buf, size_t* bufLen) 1137 1392 { 1138 1393 int ret; 1139 1394 long int fileSz; 1140 FILE*file;1395 XFILE file; 1141 1396 1142 1397 if (fname == NULL || buf == NULL || bufLen == NULL) … … 1186 1441 }; 1187 1442 1188 static INLINE void load_buffer(WOLFSSL_CTX* ctx, const char* fname, int type)1443 static WC_INLINE void load_buffer(WOLFSSL_CTX* ctx, const char* fname, int type) 1189 1444 { 1190 1445 int format = WOLFSSL_FILETYPE_PEM; … … 1225 1480 free(buff); 1226 1481 } 1482 1483 static WC_INLINE void load_ssl_buffer(WOLFSSL* ssl, const char* fname, int type) 1484 { 1485 int format = WOLFSSL_FILETYPE_PEM; 1486 byte* buff = NULL; 1487 size_t sz = 0; 1488 1489 if (load_file(fname, &buff, &sz) != 0) { 1490 err_sys("can't open file for buffer load " 1491 "Please run from wolfSSL home directory if not"); 1492 } 1493 1494 /* determine format */ 1495 if (strstr(fname, ".der")) 1496 format = WOLFSSL_FILETYPE_ASN1; 1497 1498 if (type == WOLFSSL_CA) { 1499 /* verify certs (CA's) use the shared ctx->cm (WOLFSSL_CERT_MANAGER) */ 1500 WOLFSSL_CTX* ctx = wolfSSL_get_SSL_CTX(ssl); 1501 if (wolfSSL_CTX_load_verify_buffer(ctx, buff, (long)sz, format) 1502 != WOLFSSL_SUCCESS) 1503 err_sys("can't load buffer ca file"); 1504 } 1505 else if (type == WOLFSSL_CERT) { 1506 if (wolfSSL_use_certificate_buffer(ssl, buff, (long)sz, 1507 format) != WOLFSSL_SUCCESS) 1508 err_sys("can't load buffer cert file"); 1509 } 1510 else if (type == WOLFSSL_KEY) { 1511 if (wolfSSL_use_PrivateKey_buffer(ssl, buff, (long)sz, 1512 format) != WOLFSSL_SUCCESS) 1513 err_sys("can't load buffer key file"); 1514 } 1515 else if (type == WOLFSSL_CERT_CHAIN) { 1516 if (wolfSSL_use_certificate_chain_buffer_format(ssl, buff, 1517 (long)sz, format) != WOLFSSL_SUCCESS) 1518 err_sys("can't load cert chain buffer"); 1519 } 1520 1521 if (buff) 1522 free(buff); 1523 } 1524 1525 #ifdef TEST_PK_PRIVKEY 1526 static WC_INLINE int load_key_file(const char* fname, byte** derBuf, word32* derLen) 1527 { 1528 int ret; 1529 byte* buf = NULL; 1530 size_t bufLen; 1531 1532 ret = load_file(fname, &buf, &bufLen); 1533 if (ret != 0) 1534 return ret; 1535 1536 *derBuf = (byte*)malloc(bufLen); 1537 if (*derBuf == NULL) { 1538 free(buf); 1539 return MEMORY_E; 1540 } 1541 1542 ret = wc_KeyPemToDer(buf, (word32)bufLen, *derBuf, (word32)bufLen, NULL); 1543 if (ret < 0) { 1544 free(buf); 1545 free(*derBuf); 1546 return ret; 1547 } 1548 *derLen = ret; 1549 free(buf); 1550 1551 return 0; 1552 } 1553 #endif /* TEST_PK_PRIVKEY */ 1554 1227 1555 #endif /* !NO_FILESYSTEM || (NO_FILESYSTEM && FORCE_BUFFER_TEST) */ 1228 1556 #endif /* !NO_CERTS */ 1229 1557 1230 static INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store) 1558 static int myVerifyFail = 0; 1559 static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store) 1231 1560 { 1232 1561 char buffer[WOLFSSL_MAX_ERROR_SZ]; 1233 #if def OPENSSL_EXTRA1562 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 1234 1563 WOLFSSL_X509* peer; 1235 1564 #endif 1236 1565 (void)preverify; 1566 1567 /* Verify Callback Arguments: 1568 * preverify: 1=Verify Okay, 0=Failure 1569 * store->error: Failure error code (0 indicates no failure) 1570 * store->current_cert: Current WOLFSSL_X509 object (only with OPENSSL_EXTRA) 1571 * store->error_depth: Current Index 1572 * store->domain: Subject CN as string (null term) 1573 * store->totalCerts: Number of certs presented by peer 1574 * store->certs[i]: A `WOLFSSL_BUFFER_INFO` with plain DER for each cert 1575 * store->store: WOLFSSL_X509_STORE with CA cert chain 1576 * store->store->cm: WOLFSSL_CERT_MANAGER 1577 * store->ex_data: The WOLFSSL object pointer 1578 * store->discardSessionCerts: When set to non-zero value session certs 1579 will be discarded (only with SESSION_CERTS) 1580 */ 1237 1581 1238 1582 printf("In verification callback, error = %d, %s\n", store->error, 1239 1583 wolfSSL_ERR_error_string(store->error, buffer)); 1240 #if def OPENSSL_EXTRA1584 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 1241 1585 peer = store->current_cert; 1242 1586 if (peer) { … … 1264 1608 #endif 1265 1609 1266 printf("\tSubject's domain name is %s\n", store->domain); 1267 1268 printf("\tAllowing to continue anyway (shouldn't do this, EVER!!!)\n"); 1610 printf("\tSubject's domain name at %d is %s\n", store->error_depth, store->domain); 1611 1612 /* Testing forced fail case by return zero */ 1613 if (myVerifyFail) { 1614 return 0; /* test failure case */ 1615 } 1616 1617 /* If error indicate we are overriding it for testing purposes */ 1618 if (store->error != 0) { 1619 printf("\tAllowing failed certificate check, testing only " 1620 "(shouldn't do this in production)\n"); 1621 } 1622 1623 /* A non-zero return code indicates failure override */ 1269 1624 return 1; 1270 1625 } 1271 1626 1272 1627 1273 static INLINE int myDateCb(int preverify, WOLFSSL_X509_STORE_CTX* store)1628 static WC_INLINE int myDateCb(int preverify, WOLFSSL_X509_STORE_CTX* store) 1274 1629 { 1275 1630 char buffer[WOLFSSL_MAX_ERROR_SZ]; … … 1290 1645 1291 1646 1647 #ifdef HAVE_EXT_CACHE 1648 1649 static WC_INLINE WOLFSSL_SESSION* mySessGetCb(WOLFSSL* ssl, unsigned char* id, 1650 int id_len, int* copy) 1651 { 1652 (void)ssl; 1653 (void)id; 1654 (void)id_len; 1655 (void)copy; 1656 1657 /* using internal cache, this is for testing only */ 1658 return NULL; 1659 } 1660 1661 static WC_INLINE int mySessNewCb(WOLFSSL* ssl, WOLFSSL_SESSION* session) 1662 { 1663 (void)ssl; 1664 (void)session; 1665 1666 /* using internal cache, this is for testing only */ 1667 return 0; 1668 } 1669 1670 static WC_INLINE void mySessRemCb(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session) 1671 { 1672 (void)ctx; 1673 (void)session; 1674 1675 /* using internal cache, this is for testing only */ 1676 } 1677 1678 #endif /* HAVE_EXT_CACHE */ 1679 1680 1292 1681 #ifdef HAVE_CRL 1293 1682 1294 static INLINE void CRL_CallBack(const char* url)1683 static WC_INLINE void CRL_CallBack(const char* url) 1295 1684 { 1296 1685 printf("CRL callback url = %s\n", url); … … 1300 1689 1301 1690 #ifndef NO_DH 1302 static INLINE void SetDH(WOLFSSL* ssl)1691 static WC_INLINE void SetDH(WOLFSSL* ssl) 1303 1692 { 1304 1693 /* dh1024 p */ 1305 static unsigned char p[] =1694 static const unsigned char p[] = 1306 1695 { 1307 1696 0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3, … … 1319 1708 1320 1709 /* dh1024 g */ 1321 static unsigned char g[] =1710 static const unsigned char g[] = 1322 1711 { 1323 1712 0x02, … … 1327 1716 } 1328 1717 1329 static INLINE void SetDHCtx(WOLFSSL_CTX* ctx)1718 static WC_INLINE void SetDHCtx(WOLFSSL_CTX* ctx) 1330 1719 { 1331 1720 /* dh1024 p */ 1332 static unsigned char p[] =1721 static const unsigned char p[] = 1333 1722 { 1334 1723 0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3, … … 1346 1735 1347 1736 /* dh1024 g */ 1348 static unsigned char g[] =1737 static const unsigned char g[] = 1349 1738 { 1350 1739 0x02, … … 1357 1746 #ifndef NO_CERTS 1358 1747 1359 static INLINE void CaCb(unsigned char* der, int sz, int type)1748 static WC_INLINE void CaCb(unsigned char* der, int sz, int type) 1360 1749 { 1361 1750 (void)der; … … 1372 1761 #define MAX_WOLF_ROOT_DEPTH 5 1373 1762 1374 static INLINE int ChangeToWolfRoot(void)1763 static WC_INLINE int ChangeToWolfRoot(void) 1375 1764 { 1376 1765 #if !defined(NO_FILESYSTEM) || defined(FORCE_BUFFER_TEST) 1377 1766 int depth, res; 1378 FILE*file;1767 XFILE file; 1379 1768 for(depth = 0; depth <= MAX_WOLF_ROOT_DEPTH; depth++) { 1380 1769 file = fopen(ntruKeyFile, "rb"); … … 1407 1796 #define STACK_CHECK_VAL 0x01 1408 1797 1409 static INLINE int StackSizeCheck(func_args* args, thread_func tf)1798 static WC_INLINE int StackSizeCheck(func_args* args, thread_func tf) 1410 1799 { 1411 1800 int ret, i, used; … … 1476 1865 #endif /* HAVE_STACK_SIZE */ 1477 1866 1478 static INLINE void StackTrap(void)1867 static WC_INLINE void StackTrap(void) 1479 1868 { 1480 1869 struct rlimit rl; … … 1491 1880 #else /* STACK_TRAP */ 1492 1881 1493 static INLINE void StackTrap(void)1882 static WC_INLINE void StackTrap(void) 1494 1883 { 1495 1884 } … … 1514 1903 1515 1904 1516 static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,1905 static WC_INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut, 1517 1906 const unsigned char* macIn, unsigned int macInSz, int macContent, 1518 1907 int macVerify, unsigned char* encOut, const unsigned char* encIn, … … 1582 1971 1583 1972 1584 static INLINE int myDecryptVerifyCb(WOLFSSL* ssl,1973 static WC_INLINE int myDecryptVerifyCb(WOLFSSL* ssl, 1585 1974 unsigned char* decOut, const unsigned char* decIn, 1586 1975 unsigned int decSz, int macContent, int macVerify, … … 1596 1985 Hmac hmac; 1597 1986 byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ]; 1598 byte verify[ MAX_DIGEST_SIZE];1987 byte verify[WC_MAX_DIGEST_SIZE]; 1599 1988 const char* tlsStr = "TLS"; 1600 1989 … … 1680 2069 1681 2070 1682 static INLINE void SetupAtomicUser(WOLFSSL_CTX* ctx, WOLFSSL* ssl)2071 static WC_INLINE void SetupAtomicUser(WOLFSSL_CTX* ctx, WOLFSSL* ssl) 1683 2072 { 1684 2073 AtomicEncCtx* encCtx; … … 1688 2077 if (encCtx == NULL) 1689 2078 err_sys("AtomicEncCtx malloc failed"); 1690 memset(encCtx, 0, sizeof(AtomicEncCtx));2079 XMEMSET(encCtx, 0, sizeof(AtomicEncCtx)); 1691 2080 1692 2081 decCtx = (AtomicDecCtx*)malloc(sizeof(AtomicDecCtx)); … … 1695 2084 err_sys("AtomicDecCtx malloc failed"); 1696 2085 } 1697 memset(decCtx, 0, sizeof(AtomicDecCtx));2086 XMEMSET(decCtx, 0, sizeof(AtomicDecCtx)); 1698 2087 1699 2088 wolfSSL_CTX_SetMacEncryptCb(ctx, myMacEncryptCb); … … 1705 2094 1706 2095 1707 static INLINE void FreeAtomicUser(WOLFSSL* ssl)2096 static WC_INLINE void FreeAtomicUser(WOLFSSL* ssl) 1708 2097 { 1709 2098 AtomicEncCtx* encCtx = (AtomicEncCtx*)wolfSSL_GetMacEncryptCtx(ssl); … … 1717 2106 1718 2107 #ifdef WOLFSSL_STATIC_MEMORY 1719 static INLINE int wolfSSL_PrintStats(WOLFSSL_MEM_STATS* stats)2108 static WC_INLINE int wolfSSL_PrintStats(WOLFSSL_MEM_STATS* stats) 1720 2109 { 1721 2110 word16 i; … … 1744 2133 #ifdef HAVE_PK_CALLBACKS 1745 2134 2135 typedef struct PkCbInfo { 2136 const char* ourKey; 2137 #ifdef TEST_PK_PRIVKEY 2138 union { 1746 2139 #ifdef HAVE_ECC 1747 1748 static INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz, 1749 byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx) 1750 { 2140 ecc_key ecc; 2141 #endif 2142 #ifdef HAVE_CURVE25519 2143 curve25519_key curve; 2144 #endif 2145 } keyGen; 2146 #endif 2147 } PkCbInfo; 2148 2149 #if defined(DEBUG_PK_CB) || defined(TEST_PK_PRIVKEY) 2150 #define WOLFSSL_PKMSG(_f_, ...) printf(_f_, ##__VA_ARGS__) 2151 #else 2152 #define WOLFSSL_PKMSG(_f_, ...) 2153 #endif 2154 2155 #ifdef HAVE_ECC 2156 2157 static WC_INLINE int myEccKeyGen(WOLFSSL* ssl, ecc_key* key, word32 keySz, 2158 int ecc_curve, void* ctx) 2159 { 2160 int ret; 1751 2161 WC_RNG rng; 1752 int ret; 1753 word32 idx = 0; 1754 ecc_key myKey; 2162 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2163 ecc_key* new_key = key; 2164 #ifdef TEST_PK_PRIVKEY 2165 byte qx[MAX_ECC_BYTES], qy[MAX_ECC_BYTES]; 2166 word32 qxLen = sizeof(qx), qyLen = sizeof(qy); 2167 new_key = &cbInfo->keyGen.ecc; 2168 #endif 1755 2169 1756 2170 (void)ssl; 1757 (void)ctx; 2171 (void)cbInfo; 2172 2173 WOLFSSL_PKMSG("PK ECC KeyGen: keySz %d, Curve ID %d\n", keySz, ecc_curve); 1758 2174 1759 2175 ret = wc_InitRng(&rng); … … 1761 2177 return ret; 1762 2178 2179 ret = wc_ecc_init(new_key); 2180 if (ret == 0) { 2181 /* create new key */ 2182 ret = wc_ecc_make_key_ex(&rng, keySz, new_key, ecc_curve); 2183 2184 #ifdef TEST_PK_PRIVKEY 2185 if (ret == 0) { 2186 /* extract public portion from new key into `key` arg */ 2187 ret = wc_ecc_export_public_raw(new_key, qx, &qxLen, qy, &qyLen); 2188 if (ret == 0) { 2189 /* load public portion only into key */ 2190 ret = wc_ecc_import_unsigned(key, qx, qy, NULL, ecc_curve); 2191 } 2192 (void)qxLen; 2193 (void)qyLen; 2194 } 2195 #endif 2196 } 2197 2198 WOLFSSL_PKMSG("PK ECC KeyGen: ret %d\n", ret); 2199 2200 wc_FreeRng(&rng); 2201 2202 return ret; 2203 } 2204 2205 static WC_INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz, 2206 byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx) 2207 { 2208 int ret; 2209 WC_RNG rng; 2210 word32 idx = 0; 2211 ecc_key myKey; 2212 byte* keyBuf = (byte*)key; 2213 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2214 2215 (void)ssl; 2216 (void)cbInfo; 2217 2218 WOLFSSL_PKMSG("PK ECC Sign: inSz %d, keySz %d\n", inSz, keySz); 2219 2220 #ifdef TEST_PK_PRIVKEY 2221 ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); 2222 if (ret != 0) 2223 return ret; 2224 #endif 2225 2226 ret = wc_InitRng(&rng); 2227 if (ret != 0) 2228 return ret; 2229 1763 2230 ret = wc_ecc_init(&myKey); 1764 2231 if (ret == 0) { 1765 ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz); 1766 if (ret == 0) 2232 ret = wc_EccPrivateKeyDecode(keyBuf, &idx, &myKey, keySz); 2233 if (ret == 0) { 2234 WOLFSSL_PKMSG("PK ECC Sign: Curve ID %d\n", myKey.dp->id); 1767 2235 ret = wc_ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey); 2236 } 1768 2237 wc_ecc_free(&myKey); 1769 2238 } 1770 2239 wc_FreeRng(&rng); 1771 2240 2241 #ifdef TEST_PK_PRIVKEY 2242 free(keyBuf); 2243 #endif 2244 2245 WOLFSSL_PKMSG("PK ECC Sign: ret %d outSz %d\n", ret, *outSz); 2246 1772 2247 return ret; 1773 2248 } 1774 2249 1775 2250 1776 static INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz,2251 static WC_INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz, 1777 2252 const byte* hash, word32 hashSz, const byte* key, word32 keySz, 1778 2253 int* result, void* ctx) 1779 2254 { 1780 2255 int ret; 2256 word32 idx = 0; 1781 2257 ecc_key myKey; 2258 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 1782 2259 1783 2260 (void)ssl; 1784 (void)ctx; 2261 (void)cbInfo; 2262 2263 WOLFSSL_PKMSG("PK ECC Verify: sigSz %d, hashSz %d, keySz %d\n", sigSz, hashSz, keySz); 1785 2264 1786 2265 ret = wc_ecc_init(&myKey); 1787 2266 if (ret == 0) { 1788 ret = wc_ ecc_import_x963(key, keySz, &myKey);2267 ret = wc_EccPublicKeyDecode(key, &idx, &myKey, keySz); 1789 2268 if (ret == 0) 1790 2269 ret = wc_ecc_verify_hash(sig, sigSz, hash, hashSz, result, &myKey); … … 1792 2271 } 1793 2272 2273 WOLFSSL_PKMSG("PK ECC Verify: ret %d, result %d\n", ret, *result); 2274 1794 2275 return ret; 1795 2276 } 1796 2277 1797 static INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,2278 static WC_INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey, 1798 2279 unsigned char* pubKeyDer, unsigned int* pubKeySz, 1799 2280 unsigned char* out, unsigned int* outlen, … … 1804 2285 ecc_key* pubKey = NULL; 1805 2286 ecc_key tmpKey; 2287 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 1806 2288 1807 2289 (void)ssl; 1808 (void)ctx; 2290 (void)cbInfo; 2291 2292 WOLFSSL_PKMSG("PK ECC PMS: Side %s, Peer Curve %d\n", 2293 side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id); 1809 2294 1810 2295 ret = wc_ecc_init(&tmpKey); … … 1836 2321 /* for server: import public key */ 1837 2322 else if (side == WOLFSSL_SERVER_END) { 2323 #ifdef TEST_PK_PRIVKEY 2324 privKey = &cbInfo->keyGen.ecc; 2325 #else 1838 2326 privKey = otherKey; 2327 #endif 1839 2328 pubKey = &tmpKey; 1840 2329 … … 1857 2346 } 1858 2347 2348 #ifdef TEST_PK_PRIVKEY 2349 if (side == WOLFSSL_SERVER_END) { 2350 wc_ecc_free(&cbInfo->keyGen.ecc); 2351 } 2352 #endif 2353 1859 2354 wc_ecc_free(&tmpKey); 1860 2355 2356 WOLFSSL_PKMSG("PK ECC PMS: ret %d, PubKeySz %d, OutLen %d\n", ret, *pubKeySz, *outlen); 2357 1861 2358 return ret; 1862 2359 } 1863 2360 1864 2361 #ifdef HAVE_ED25519 1865 static INLINE int myEd25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz,2362 static WC_INLINE int myEd25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, 1866 2363 byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx) 1867 2364 { … … 1869 2366 word32 idx = 0; 1870 2367 ed25519_key myKey; 2368 byte* keyBuf = (byte*)key; 2369 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 1871 2370 1872 2371 (void)ssl; 1873 (void)ctx; 2372 (void)cbInfo; 2373 2374 WOLFSSL_PKMSG("PK 25519 Sign: inSz %d, keySz %d\n", inSz, keySz); 2375 2376 #ifdef TEST_PK_PRIVKEY 2377 ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); 2378 if (ret != 0) 2379 return ret; 2380 #endif 1874 2381 1875 2382 ret = wc_ed25519_init(&myKey); 1876 2383 if (ret == 0) { 1877 ret = wc_Ed25519PrivateKeyDecode(key , &idx, &myKey, keySz);2384 ret = wc_Ed25519PrivateKeyDecode(keyBuf, &idx, &myKey, keySz); 1878 2385 if (ret == 0) 1879 2386 ret = wc_ed25519_sign_msg(in, inSz, out, outSz, &myKey); … … 1881 2388 } 1882 2389 2390 #ifdef TEST_PK_PRIVKEY 2391 free(keyBuf); 2392 #endif 2393 2394 WOLFSSL_PKMSG("PK 25519 Sign: ret %d, outSz %d\n", ret, *outSz); 2395 1883 2396 return ret; 1884 2397 } 1885 2398 1886 2399 1887 static INLINE int myEd25519Verify(WOLFSSL* ssl, const byte* sig, word32 sigSz,2400 static WC_INLINE int myEd25519Verify(WOLFSSL* ssl, const byte* sig, word32 sigSz, 1888 2401 const byte* msg, word32 msgSz, const byte* key, word32 keySz, 1889 2402 int* result, void* ctx) … … 1891 2404 int ret; 1892 2405 ed25519_key myKey; 2406 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 1893 2407 1894 2408 (void)ssl; 1895 (void)ctx; 2409 (void)cbInfo; 2410 2411 WOLFSSL_PKMSG("PK 25519 Verify: sigSz %d, msgSz %d, keySz %d\n", sigSz, msgSz, keySz); 1896 2412 1897 2413 ret = wc_ed25519_init(&myKey); … … 1904 2420 } 1905 2421 2422 WOLFSSL_PKMSG("PK 25519 Verify: ret %d, result %d\n", ret, *result); 2423 1906 2424 return ret; 1907 2425 } … … 1909 2427 1910 2428 #ifdef HAVE_CURVE25519 1911 static INLINE int myX25519SharedSecret(WOLFSSL* ssl, curve25519_key* otherKey, 2429 static WC_INLINE int myX25519KeyGen(WOLFSSL* ssl, curve25519_key* key, 2430 unsigned int keySz, void* ctx) 2431 { 2432 int ret; 2433 WC_RNG rng; 2434 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2435 2436 (void)ssl; 2437 (void)cbInfo; 2438 2439 WOLFSSL_PKMSG("PK 25519 KeyGen: keySz %d\n", keySz); 2440 2441 ret = wc_InitRng(&rng); 2442 if (ret != 0) 2443 return ret; 2444 2445 ret = wc_curve25519_make_key(&rng, keySz, key); 2446 2447 wc_FreeRng(&rng); 2448 2449 WOLFSSL_PKMSG("PK 25519 KeyGen: ret %d\n", ret); 2450 2451 return ret; 2452 } 2453 2454 static WC_INLINE int myX25519SharedSecret(WOLFSSL* ssl, curve25519_key* otherKey, 1912 2455 unsigned char* pubKeyDer, unsigned int* pubKeySz, 1913 2456 unsigned char* out, unsigned int* outlen, … … 1918 2461 curve25519_key* pubKey = NULL; 1919 2462 curve25519_key tmpKey; 2463 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 1920 2464 1921 2465 (void)ssl; 1922 (void)ctx; 2466 (void)cbInfo; 2467 2468 WOLFSSL_PKMSG("PK 25519 PMS: side %s\n", 2469 side == WOLFSSL_CLIENT_END ? "client" : "server"); 1923 2470 1924 2471 ret = wc_curve25519_init(&tmpKey); … … 1965 2512 wc_curve25519_free(&tmpKey); 1966 2513 2514 WOLFSSL_PKMSG("PK 25519 PMS: ret %d, pubKeySz %d, outLen %d\n", 2515 ret, *pubKeySz, *outlen); 2516 1967 2517 return ret; 1968 2518 } … … 1971 2521 #endif /* HAVE_ECC */ 1972 2522 2523 #ifndef NO_DH 2524 static WC_INLINE int myDhCallback(WOLFSSL* ssl, struct DhKey* key, 2525 const unsigned char* priv, unsigned int privSz, 2526 const unsigned char* pubKeyDer, unsigned int pubKeySz, 2527 unsigned char* out, unsigned int* outlen, 2528 void* ctx) 2529 { 2530 int ret; 2531 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2532 2533 (void)ssl; 2534 (void)cbInfo; 2535 2536 /* return 0 on success */ 2537 ret = wc_DhAgree(key, out, outlen, priv, privSz, pubKeyDer, pubKeySz); 2538 2539 WOLFSSL_PKMSG("PK ED Agree: ret %d, privSz %d, pubKeySz %d, outlen %d\n", 2540 ret, privSz, pubKeySz, *outlen); 2541 2542 return ret; 2543 }; 2544 2545 #endif /* !NO_DH */ 2546 1973 2547 #ifndef NO_RSA 1974 2548 1975 static INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,2549 static WC_INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, 1976 2550 byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx) 1977 2551 { … … 1980 2554 word32 idx = 0; 1981 2555 RsaKey myKey; 2556 byte* keyBuf = (byte*)key; 2557 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 1982 2558 1983 2559 (void)ssl; 1984 (void)ctx; 2560 (void)cbInfo; 2561 2562 WOLFSSL_PKMSG("PK RSA Sign: inSz %d, keySz %d\n", inSz, keySz); 2563 2564 #ifdef TEST_PK_PRIVKEY 2565 ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); 2566 if (ret != 0) 2567 return ret; 2568 #endif 1985 2569 1986 2570 ret = wc_InitRng(&rng); … … 1990 2574 ret = wc_InitRsaKey(&myKey, NULL); 1991 2575 if (ret == 0) { 1992 ret = wc_RsaPrivateKeyDecode(key , &idx, &myKey, keySz);2576 ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, keySz); 1993 2577 if (ret == 0) 1994 2578 ret = wc_RsaSSL_Sign(in, inSz, out, *outSz, &myKey, &rng); … … 2001 2585 wc_FreeRng(&rng); 2002 2586 2587 #ifdef TEST_PK_PRIVKEY 2588 free(keyBuf); 2589 #endif 2590 2591 WOLFSSL_PKMSG("PK RSA Sign: ret %d, outSz %d\n", ret, *outSz); 2592 2003 2593 return ret; 2004 2594 } 2005 2595 2006 2596 2007 static INLINE int myRsaVerify(WOLFSSL* ssl, byte* sig, word32 sigSz, 2008 byte** out, 2009 const byte* key, word32 keySz, 2010 void* ctx) 2597 static WC_INLINE int myRsaVerify(WOLFSSL* ssl, byte* sig, word32 sigSz, 2598 byte** out, const byte* key, word32 keySz, void* ctx) 2011 2599 { 2012 2600 int ret; 2013 2601 word32 idx = 0; 2014 2602 RsaKey myKey; 2603 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2015 2604 2016 2605 (void)ssl; 2017 (void)ctx; 2606 (void)cbInfo; 2607 2608 WOLFSSL_PKMSG("PK RSA Verify: sigSz %d, keySz %d\n", sigSz, keySz); 2018 2609 2019 2610 ret = wc_InitRsaKey(&myKey, NULL); … … 2025 2616 } 2026 2617 2618 WOLFSSL_PKMSG("PK RSA Verify: ret %d\n", ret); 2619 2027 2620 return ret; 2028 2621 } 2029 2622 2623 static WC_INLINE int myRsaSignCheck(WOLFSSL* ssl, byte* sig, word32 sigSz, 2624 byte** out, const byte* key, word32 keySz, void* ctx) 2625 { 2626 int ret; 2627 word32 idx = 0; 2628 RsaKey myKey; 2629 byte* keyBuf = (byte*)key; 2630 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2631 2632 (void)ssl; 2633 (void)cbInfo; 2634 2635 WOLFSSL_PKMSG("PK RSA SignCheck: sigSz %d, keySz %d\n", sigSz, keySz); 2636 2637 #ifdef TEST_PK_PRIVKEY 2638 ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); 2639 if (ret != 0) 2640 return ret; 2641 #endif 2642 2643 ret = wc_InitRsaKey(&myKey, NULL); 2644 if (ret == 0) { 2645 ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, keySz); 2646 if (ret == 0) 2647 ret = wc_RsaSSL_VerifyInline(sig, sigSz, out, &myKey); 2648 wc_FreeRsaKey(&myKey); 2649 } 2650 #ifdef TEST_PK_PRIVKEY 2651 free(keyBuf); 2652 #endif 2653 2654 WOLFSSL_PKMSG("PK RSA SignCheck: ret %d\n", ret); 2655 2656 return ret; 2657 } 2658 2030 2659 #ifdef WC_RSA_PSS 2031 static INLINE int myRsaPssSign(WOLFSSL* ssl, const byte* in, word32 inSz,2660 static WC_INLINE int myRsaPssSign(WOLFSSL* ssl, const byte* in, word32 inSz, 2032 2661 byte* out, word32* outSz, int hash, int mgf, const byte* key, 2033 2662 word32 keySz, void* ctx) … … 2038 2667 word32 idx = 0; 2039 2668 RsaKey myKey; 2669 byte* keyBuf = (byte*)key; 2670 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2040 2671 2041 2672 (void)ssl; 2042 (void)ctx; 2673 (void)cbInfo; 2674 2675 WOLFSSL_PKMSG("PK RSA PSS Sign: inSz %d, hash %d, mgf %d, keySz %d\n", 2676 inSz, hash, mgf, keySz); 2677 2678 #ifdef TEST_PK_PRIVKEY 2679 ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); 2680 if (ret != 0) 2681 return ret; 2682 #endif 2043 2683 2044 2684 switch (hash) { … … 2066 2706 ret = wc_InitRsaKey(&myKey, NULL); 2067 2707 if (ret == 0) { 2068 ret = wc_RsaPrivateKeyDecode(key , &idx, &myKey, keySz);2708 ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, keySz); 2069 2709 if (ret == 0) { 2070 2710 ret = wc_RsaPSS_Sign(in, inSz, out, *outSz, hashType, mgf, &myKey, … … 2079 2719 wc_FreeRng(&rng); 2080 2720 2721 #ifdef TEST_PK_PRIVKEY 2722 free(keyBuf); 2723 #endif 2724 2725 WOLFSSL_PKMSG("PK RSA PSS Sign: ret %d, outSz %d\n", ret, *outSz); 2726 2081 2727 return ret; 2082 2728 } 2083 2729 2084 2730 2085 static INLINE int myRsaPssVerify(WOLFSSL* ssl, byte* sig, word32 sigSz,2731 static WC_INLINE int myRsaPssVerify(WOLFSSL* ssl, byte* sig, word32 sigSz, 2086 2732 byte** out, int hash, int mgf, const byte* key, word32 keySz, void* ctx) 2087 2733 { 2088 enum wc_HashType hashType = WC_HASH_TYPE_NONE;2089 2734 int ret; 2090 2735 word32 idx = 0; 2091 2736 RsaKey myKey; 2737 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2738 enum wc_HashType hashType = WC_HASH_TYPE_NONE; 2092 2739 2093 2740 (void)ssl; 2094 (void)ctx; 2741 (void)cbInfo; 2742 2743 WOLFSSL_PKMSG("PK RSA PSS Verify: sigSz %d, hash %d, mgf %d, keySz %d\n", 2744 sigSz, hash, mgf, keySz); 2095 2745 2096 2746 switch (hash) { … … 2122 2772 } 2123 2773 2774 WOLFSSL_PKMSG("PK RSA PSS Verify: ret %d\n", ret); 2775 2124 2776 return ret; 2125 2777 } 2126 #endif 2127 2128 2129 static INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, 2778 2779 static WC_INLINE int myRsaPssSignCheck(WOLFSSL* ssl, byte* sig, word32 sigSz, 2780 byte** out, int hash, int mgf, const byte* key, word32 keySz, void* ctx) 2781 { 2782 int ret; 2783 word32 idx = 0; 2784 RsaKey myKey; 2785 byte* keyBuf = (byte*)key; 2786 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2787 enum wc_HashType hashType = WC_HASH_TYPE_NONE; 2788 2789 (void)ssl; 2790 (void)cbInfo; 2791 2792 WOLFSSL_PKMSG("PK RSA PSS SignCheck: sigSz %d, hash %d, mgf %d, keySz %d\n", 2793 sigSz, hash, mgf, keySz); 2794 2795 #ifdef TEST_PK_PRIVKEY 2796 ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); 2797 if (ret != 0) 2798 return ret; 2799 #endif 2800 2801 switch (hash) { 2802 #ifndef NO_SHA256 2803 case SHA256h: 2804 hashType = WC_HASH_TYPE_SHA256; 2805 break; 2806 #endif 2807 #ifdef WOLFSSL_SHA384 2808 case SHA384h: 2809 hashType = WC_HASH_TYPE_SHA384; 2810 break; 2811 #endif 2812 #ifdef WOLFSSL_SHA512 2813 case SHA512h: 2814 hashType = WC_HASH_TYPE_SHA512; 2815 break; 2816 #endif 2817 } 2818 2819 ret = wc_InitRsaKey(&myKey, NULL); 2820 if (ret == 0) { 2821 ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, keySz); 2822 if (ret == 0) { 2823 ret = wc_RsaPSS_VerifyInline(sig, sigSz, out, hashType, mgf, 2824 &myKey); 2825 } 2826 wc_FreeRsaKey(&myKey); 2827 } 2828 2829 #ifdef TEST_PK_PRIVKEY 2830 free(keyBuf); 2831 #endif 2832 2833 WOLFSSL_PKMSG("PK RSA PSS SignCheck: ret %d\n", ret); 2834 2835 return ret; 2836 } 2837 #endif 2838 2839 2840 static WC_INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, 2130 2841 byte* out, word32* outSz, const byte* key, 2131 2842 word32 keySz, void* ctx) … … 2135 2846 RsaKey myKey; 2136 2847 WC_RNG rng; 2848 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2137 2849 2138 2850 (void)ssl; 2139 (void)ctx; 2851 (void)cbInfo; 2852 2853 WOLFSSL_PKMSG("PK RSA Enc: inSz %d, keySz %d\n", inSz, keySz); 2140 2854 2141 2855 ret = wc_InitRng(&rng); … … 2157 2871 wc_FreeRng(&rng); 2158 2872 2873 WOLFSSL_PKMSG("PK RSA Enc: ret %d, outSz %d\n", ret, *outSz); 2874 2159 2875 return ret; 2160 2876 } 2161 2877 2162 static INLINE int myRsaDec(WOLFSSL* ssl, byte* in, word32 inSz,2878 static WC_INLINE int myRsaDec(WOLFSSL* ssl, byte* in, word32 inSz, 2163 2879 byte** out, 2164 2880 const byte* key, word32 keySz, void* ctx) … … 2167 2883 word32 idx = 0; 2168 2884 RsaKey myKey; 2885 byte* keyBuf = (byte*)key; 2886 PkCbInfo* cbInfo = (PkCbInfo*)ctx; 2169 2887 2170 2888 (void)ssl; 2171 (void)ctx; 2889 (void)cbInfo; 2890 2891 WOLFSSL_PKMSG("PK RSA Dec: inSz %d, keySz %d\n", inSz, keySz); 2892 2893 #ifdef TEST_PK_PRIVKEY 2894 ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); 2895 if (ret != 0) 2896 return ret; 2897 #endif 2172 2898 2173 2899 ret = wc_InitRsaKey(&myKey, NULL); 2174 2900 if (ret == 0) { 2175 ret = wc_RsaPrivateKeyDecode(key , &idx, &myKey, keySz);2901 ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, keySz); 2176 2902 if (ret == 0) { 2177 2903 #ifdef WC_RSA_BLINDING … … 2187 2913 } 2188 2914 2915 #ifdef TEST_PK_PRIVKEY 2916 free(keyBuf); 2917 #endif 2918 2919 WOLFSSL_PKMSG("PK RSA Dec: ret %d\n", ret); 2920 2189 2921 return ret; 2190 2922 } … … 2192 2924 #endif /* NO_RSA */ 2193 2925 2194 static INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx, WOLFSSL* ssl)2926 static WC_INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx) 2195 2927 { 2196 2928 (void)ctx; 2197 (void)ssl;2198 2929 2199 2930 #ifdef HAVE_ECC 2931 wolfSSL_CTX_SetEccKeyGenCb(ctx, myEccKeyGen); 2200 2932 wolfSSL_CTX_SetEccSignCb(ctx, myEccSign); 2201 2933 wolfSSL_CTX_SetEccVerifyCb(ctx, myEccVerify); 2202 2934 wolfSSL_CTX_SetEccSharedSecretCb(ctx, myEccSharedSecret); 2203 2935 #endif /* HAVE_ECC */ 2936 #ifndef NO_DH 2937 wolfSSL_CTX_SetDhAgreeCb(ctx, myDhCallback); 2938 #endif 2204 2939 #ifdef HAVE_ED25519 2205 2940 wolfSSL_CTX_SetEd25519SignCb(ctx, myEd25519Sign); … … 2207 2942 #endif 2208 2943 #ifdef HAVE_CURVE25519 2944 wolfSSL_CTX_SetX25519KeyGenCb(ctx, myX25519KeyGen); 2209 2945 wolfSSL_CTX_SetX25519SharedSecretCb(ctx, myX25519SharedSecret); 2210 2946 #endif … … 2212 2948 wolfSSL_CTX_SetRsaSignCb(ctx, myRsaSign); 2213 2949 wolfSSL_CTX_SetRsaVerifyCb(ctx, myRsaVerify); 2950 wolfSSL_CTX_SetRsaSignCheckCb(ctx, myRsaSignCheck); 2214 2951 #ifdef WC_RSA_PSS 2215 2952 wolfSSL_CTX_SetRsaPssSignCb(ctx, myRsaPssSign); 2216 2953 wolfSSL_CTX_SetRsaPssVerifyCb(ctx, myRsaPssVerify); 2954 wolfSSL_CTX_SetRsaPssSignCheckCb(ctx, myRsaPssSignCheck); 2217 2955 #endif 2218 2956 wolfSSL_CTX_SetRsaEncCb(ctx, myRsaEnc); … … 2221 2959 } 2222 2960 2961 static WC_INLINE void SetupPkCallbackContexts(WOLFSSL* ssl, void* myCtx) 2962 { 2963 #ifdef HAVE_ECC 2964 wolfSSL_SetEccKeyGenCtx(ssl, myCtx); 2965 wolfSSL_SetEccSignCtx(ssl, myCtx); 2966 wolfSSL_SetEccVerifyCtx(ssl, myCtx); 2967 wolfSSL_SetEccSharedSecretCtx(ssl, myCtx); 2968 #endif /* HAVE_ECC */ 2969 #ifndef NO_DH 2970 wolfSSL_SetDhAgreeCtx(ssl, myCtx); 2971 #endif 2972 #ifdef HAVE_ED25519 2973 wolfSSL_SetEd25519SignCtx(ssl, myCtx); 2974 wolfSSL_SetEd25519VerifyCtx(ssl, myCtx); 2975 #endif 2976 #ifdef HAVE_CURVE25519 2977 wolfSSL_SetX25519KeyGenCtx(ssl, myCtx); 2978 wolfSSL_SetX25519SharedSecretCtx(ssl, myCtx); 2979 #endif 2980 #ifndef NO_RSA 2981 wolfSSL_SetRsaSignCtx(ssl, myCtx); 2982 wolfSSL_SetRsaVerifyCtx(ssl, myCtx); 2983 #ifdef WC_RSA_PSS 2984 wolfSSL_SetRsaPssSignCtx(ssl, myCtx); 2985 wolfSSL_SetRsaPssVerifyCtx(ssl, myCtx); 2986 #endif 2987 wolfSSL_SetRsaEncCtx(ssl, myCtx); 2988 wolfSSL_SetRsaDecCtx(ssl, myCtx); 2989 #endif /* NO_RSA */ 2990 } 2991 2223 2992 #endif /* HAVE_PK_CALLBACKS */ 2224 2225 2993 2226 2994 … … 2231 2999 2232 3000 /* HP/UX doesn't have strsep, needed by test/suites.c */ 2233 static INLINE char* strsep(char **stringp, const char *delim)3001 static WC_INLINE char* strsep(char **stringp, const char *delim) 2234 3002 { 2235 3003 char* start; … … 2255 3023 len does not include null terminating character, 2256 3024 num is number of characters in tempfn name to randomize */ 2257 static INLINE const char* mymktemp(char *tempfn, int len, int num)3025 static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) 2258 3026 { 2259 3027 int x, size; … … 2285 3053 2286 3054 wc_FreeRng(&rng); 3055 (void)rng; /* for WC_NO_RNG case */ 2287 3056 2288 3057 return tempfn; … … 2301 3070 } key_ctx; 2302 3071 2303 static key_ctx myKey_ctx;2304 static WC_RNG myKey_rng;2305 2306 static INLINE int TicketInit(void)3072 static THREAD_LS_T key_ctx myKey_ctx; 3073 static THREAD_LS_T WC_RNG myKey_rng; 3074 3075 static WC_INLINE int TicketInit(void) 2307 3076 { 2308 3077 int ret = wc_InitRng(&myKey_rng); … … 2318 3087 } 2319 3088 2320 static INLINE void TicketCleanup(void)3089 static WC_INLINE void TicketCleanup(void) 2321 3090 { 2322 3091 wc_FreeRng(&myKey_rng); 2323 3092 } 2324 3093 2325 static INLINE int myTicketEncCb(WOLFSSL* ssl,3094 static WC_INLINE int myTicketEncCb(WOLFSSL* ssl, 2326 3095 byte key_name[WOLFSSL_TICKET_NAME_SZ], 2327 3096 byte iv[WOLFSSL_TICKET_IV_SZ], … … 2389 3158 #endif /* HAVE_SESSION_TICKET && CHACHA20 && POLY1305 */ 2390 3159 2391 static INLINE word16 GetRandomPort(void)3160 static WC_INLINE word16 GetRandomPort(void) 2392 3161 { 2393 3162 word16 port = 0; … … 2396 3165 WC_RNG rng; 2397 3166 if (wc_InitRng(&rng) == 0) { 2398 wc_RNG_GenerateBlock(&rng, (byte*)&port, sizeof(port));3167 if (wc_RNG_GenerateBlock(&rng, (byte*)&port, sizeof(port)) == 0) { 2399 3168 port |= 0xC000; /* Make sure its in the 49152 - 65535 range */ 3169 } 2400 3170 wc_FreeRng(&rng); 2401 3171 } 3172 (void)rng; /* for WC_NO_RNG case */ 2402 3173 return port; 2403 3174 } -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/version.h
r337 r372 29 29 #endif 30 30 31 #define LIBWOLFSSL_VERSION_STRING "3.1 2.2"32 #define LIBWOLFSSL_VERSION_HEX 0x0301 200231 #define LIBWOLFSSL_VERSION_STRING "3.15.7" 32 #define LIBWOLFSSL_VERSION_HEX 0x03015007 33 33 34 34 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/aes.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/aes.h 24 */ 25 22 26 23 27 #ifndef WOLF_CRYPT_AES_H … … 28 32 #ifndef NO_AES 29 33 34 #if defined(HAVE_FIPS) && \ 35 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 36 #include <wolfssl/wolfcrypt/fips.h> 37 #endif /* HAVE_FIPS_VERSION >= 2 */ 38 30 39 /* included for fips @wc_fips */ 31 #ifdef HAVE_FIPS 40 #if defined(HAVE_FIPS) && \ 41 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 32 42 #include <cyassl/ctaocrypt/aes.h> 33 43 #if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER) … … 39 49 #endif 40 50 41 #ifndef HAVE_FIPS /* to avoid redefinition of macros */ 51 #ifndef WC_NO_RNG 52 #include <wolfssl/wolfcrypt/random.h> 53 #endif 54 #ifdef STM32_CRYPTO 55 #include <wolfssl/wolfcrypt/port/st/stm32.h> 56 #endif 42 57 43 58 #ifdef WOLFSSL_AESNI … … 49 64 #endif /* WOLFSSL_AESNI */ 50 65 66 51 67 #ifdef WOLFSSL_XILINX_CRYPT 52 68 #include "xsecure_aes.h" 53 69 #endif 54 70 55 #endif /* HAVE_FIPS */ 71 #ifdef WOLFSSL_AFALG 72 /* included for struct msghdr */ 73 #include <sys/socket.h> 74 #endif 75 76 #if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC) 77 #include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h> 78 #endif 79 80 #if defined(HAVE_AESGCM) && !defined(WC_NO_RNG) 81 #include <wolfssl/wolfcrypt/random.h> 82 #endif 83 56 84 57 85 #ifdef __cplusplus … … 59 87 #endif 60 88 61 #ifndef HAVE_FIPS /* to avoid redefinition of structures */ 89 /* these are required for FIPS and non-FIPS */ 90 enum { 91 AES_128_KEY_SIZE = 16, /* for 128 bit */ 92 AES_192_KEY_SIZE = 24, /* for 192 bit */ 93 AES_256_KEY_SIZE = 32, /* for 256 bit */ 94 95 AES_IV_SIZE = 16, /* always block size */ 96 }; 97 98 99 /* avoid redefinition of structs */ 100 #if !defined(HAVE_FIPS) || \ 101 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 62 102 63 103 #ifdef WOLFSSL_ASYNC_CRYPT … … 66 106 67 107 enum { 68 AES_ENC_TYPE = 1, /* cipher unique type */108 AES_ENC_TYPE = WC_CIPHER_AES, /* cipher unique type */ 69 109 AES_ENCRYPTION = 0, 70 110 AES_DECRYPTION = 1, 111 112 AES_BLOCK_SIZE = 16, 113 71 114 KEYWRAP_BLOCK_SIZE = 8, 72 AES_BLOCK_SIZE = 16 115 116 GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */ 117 GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */ 118 GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */ 119 CCM_NONCE_MIN_SZ = 7, 120 CCM_NONCE_MAX_SZ = 13, 121 CTR_SZ = 4, 122 AES_IV_FIXED_SZ = 4, 123 124 #ifdef HAVE_PKCS11 125 AES_MAX_ID_LEN = 32, 126 #endif 73 127 }; 74 128 … … 83 137 ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */ 84 138 139 #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) 140 word32 invokeCtr[2]; 141 word32 nonceSz; 142 #endif 85 143 #ifdef HAVE_AESGCM 86 144 ALIGN16 byte H[AES_BLOCK_SIZE]; … … 93 151 byte use_aesni; 94 152 #endif /* WOLFSSL_AESNI */ 153 #ifdef WOLF_CRYPTO_DEV 154 int devId; 155 #endif 156 #ifdef HAVE_PKCS11 157 byte id[AES_MAX_ID_LEN]; 158 int idLen; 159 #endif 95 160 #ifdef WOLFSSL_ASYNC_CRYPT 96 161 word32 asyncKey[AES_MAX_KEY_SIZE/8/sizeof(word32)]; /* raw key */ … … 98 163 WC_ASYNC_DEV asyncDev; 99 164 #endif /* WOLFSSL_ASYNC_CRYPT */ 100 #if def WOLFSSL_AES_COUNTER165 #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) 101 166 word32 left; /* unused bytes left from last call */ 102 167 #endif … … 106 171 word32 key_init[8]; 107 172 word32 kup; 173 #endif 174 #ifdef WOLFSSL_AFALG 175 int alFd; /* server socket to bind to */ 176 int rdFd; /* socket to read from */ 177 struct msghdr msg; 178 int dir; /* flag for encrpyt or decrypt */ 179 #endif 180 #if defined(WOLFSSL_DEVCRYPTO) && \ 181 (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)) 182 word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */ 183 WC_CRYPTODEV ctx; 108 184 #endif 109 185 void* heap; /* memory hint to use */ … … 141 217 const byte* iv, int dir); 142 218 WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv); 219 220 #ifdef HAVE_AES_CBC 143 221 WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out, 144 222 const byte* in, word32 sz); 145 223 WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out, 146 224 const byte* in, word32 sz); 225 #endif 226 227 #ifdef WOLFSSL_AES_CFB 228 WOLFSSL_API int wc_AesCfbEncrypt(Aes* aes, byte* out, 229 const byte* in, word32 sz); 230 #ifdef HAVE_AES_DECRYPT 231 WOLFSSL_API int wc_AesCfbDecrypt(Aes* aes, byte* out, 232 const byte* in, word32 sz); 233 #endif /* HAVE_AES_DECRYPT */ 234 #endif /* WOLFSSL_AES_CFB */ 147 235 148 236 #ifdef HAVE_AES_ECB … … 165 253 const byte* iv, int dir); 166 254 #endif 255 167 256 #ifdef HAVE_AESGCM 168 257 #ifdef WOLFSSL_XILINX_CRYPT … … 182 271 const byte* authIn, word32 authInSz); 183 272 273 #ifndef WC_NO_RNG 274 WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz); 275 WOLFSSL_API int wc_AesGcmSetIV(Aes* aes, word32 ivSz, 276 const byte* ivFixed, word32 ivFixedSz, 277 WC_RNG* rng); 278 WOLFSSL_API int wc_AesGcmEncrypt_ex(Aes* aes, byte* out, 279 const byte* in, word32 sz, 280 byte* ivOut, word32 ivOutSz, 281 byte* authTag, word32 authTagSz, 282 const byte* authIn, word32 authInSz); 283 #endif /* WC_NO_RNG */ 284 184 285 WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len); 185 286 WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz, 186 287 const byte* authIn, word32 authInSz, 187 288 byte* authTag, word32 authTagSz); 289 #ifndef WC_NO_RNG 290 WOLFSSL_API int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, 291 const byte* authIn, word32 authInSz, 292 byte* authTag, word32 authTagSz, WC_RNG* rng); 293 WOLFSSL_API int wc_GmacVerify(const byte* key, word32 keySz, 294 const byte* iv, word32 ivSz, 295 const byte* authIn, word32 authInSz, 296 const byte* authTag, word32 authTagSz); 297 #endif /* WC_NO_RNG */ 188 298 WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c, 189 299 word32 cSz, byte* s, word32 sSz); … … 200 310 const byte* nonce, word32 nonceSz, 201 311 const byte* authTag, word32 authTagSz, 312 const byte* authIn, word32 authInSz); 313 WOLFSSL_API int wc_AesCcmSetNonce(Aes* aes, 314 const byte* nonce, word32 nonceSz); 315 WOLFSSL_API int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, 316 const byte* in, word32 sz, 317 byte* ivOut, word32 ivOutSz, 318 byte* authTag, word32 authTagSz, 202 319 const byte* authIn, word32 authInSz); 203 320 #endif /* HAVE_AESCCM */ … … 214 331 215 332 #ifdef WOLFSSL_AES_XTS 216 /*! 217 \ingroup AES 218 219 \brief This is to help with setting keys to correct encrypt or decrypt type. 220 221 \note Is up to user to call wc_AesXtsFree on aes key when done. 222 223 \return 0 Success 224 225 \param aes AES keys for encrypt/decrypt process 226 \param key buffer holding aes key | tweak key 227 \param len length of key buffer in bytes. Should be twice that of key size. 228 i.e. 32 for a 16 byte key. 229 \param dir direction, either AES_ENCRYPTION or AES_DECRYPTION 230 \param heap heap hint to use for memory. Can be NULL 231 \param devId id to use with async crypto. Can be 0 232 233 _Example_ 234 \code 235 XtsAes aes; 236 237 if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0) 238 { 239 // Handle error 240 } 241 wc_AesXtsFree(&aes); 242 \endcode 243 244 \sa wc_AesXtsEncrypt 245 \sa wc_AesXtsDecrypt 246 \sa wc_AesXtsFree 247 */ 333 248 334 WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key, 249 335 word32 len, int dir, void* heap, int devId); 250 336 251 252 /*!253 \ingroup AES254 255 \brief Same process as wc_AesXtsEncrypt but uses a word64 type as the tweak256 value instead of a byte array. This just converts the word64 to a257 byte array and calls wc_AesXtsEncrypt.258 259 \return 0 Success260 261 \param aes AES keys to use for block encrypt/decrypt262 \param out output buffer to hold cipher text263 \param in input plain text buffer to encrypt264 \param sz size of both out and in buffers265 \param sector value to use for tweak266 267 _Example_268 \code269 XtsAes aes;270 unsigned char plain[SIZE];271 unsigned char cipher[SIZE];272 word64 s = VALUE;273 274 //set up keys with AES_ENCRYPTION as dir275 276 if(wc_AesXtsEncryptSector(&aes, cipher, plain, SIZE, s) != 0)277 {278 // Handle error279 }280 wc_AesXtsFree(&aes);281 \endcode282 283 \sa wc_AesXtsEncrypt284 \sa wc_AesXtsDecrypt285 \sa wc_AesXtsSetKey286 \sa wc_AesXtsFree287 */288 337 WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out, 289 338 const byte* in, word32 sz, word64 sector); 290 339 291 292 /*!293 \ingroup AES294 295 \brief Same process as wc_AesXtsDecrypt but uses a word64 type as the tweak296 value instead of a byte array. This just converts the word64 to a297 byte array.298 299 \return 0 Success300 301 \param aes AES keys to use for block encrypt/decrypt302 \param out output buffer to hold plain text303 \param in input cipher text buffer to decrypt304 \param sz size of both out and in buffers305 \param sector value to use for tweak306 307 _Example_308 \code309 XtsAes aes;310 unsigned char plain[SIZE];311 unsigned char cipher[SIZE];312 word64 s = VALUE;313 314 //set up aes key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION315 316 if(wc_AesXtsDecryptSector(&aes, plain, cipher, SIZE, s) != 0)317 {318 // Handle error319 }320 wc_AesXtsFree(&aes);321 \endcode322 323 \sa wc_AesXtsEncrypt324 \sa wc_AesXtsDecrypt325 \sa wc_AesXtsSetKey326 \sa wc_AesXtsFree327 */328 340 WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out, 329 341 const byte* in, word32 sz, word64 sector); 330 342 331 332 /*!333 \ingroup AES334 335 \brief AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text336 Stealing.337 338 \return 0 Success339 340 \param aes AES keys to use for block encrypt/decrypt341 \param out output buffer to hold cipher text342 \param in input plain text buffer to encrypt343 \param sz size of both out and in buffers344 \param i value to use for tweak345 \param iSz size of i buffer, should always be AES_BLOCK_SIZE but having346 this input adds a sanity check on how the user calls the347 function.348 349 _Example_350 \code351 XtsAes aes;352 unsigned char plain[SIZE];353 unsigned char cipher[SIZE];354 unsigned char i[AES_BLOCK_SIZE];355 356 //set up key with AES_ENCRYPTION as dir357 358 if(wc_AesXtsEncrypt(&aes, cipher, plain, SIZE, i, sizeof(i)) != 0)359 {360 // Handle error361 }362 wc_AesXtsFree(&aes);363 \endcode364 365 \sa wc_AesXtsDecrypt366 \sa wc_AesXtsSetKey367 \sa wc_AesXtsFree368 */369 343 WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out, 370 344 const byte* in, word32 sz, const byte* i, word32 iSz); 371 345 372 373 /*!374 \ingroup AES375 376 \brief Same process as encryption but Aes key is AES_DECRYPTION type.377 378 \return 0 Success379 380 \param aes AES keys to use for block encrypt/decrypt381 \param out output buffer to hold plain text382 \param in input cipher text buffer to decrypt383 \param sz size of both out and in buffers384 \param i value to use for tweak385 \param iSz size of i buffer, should always be AES_BLOCK_SIZE but having386 this input adds a sanity check on how the user calls the387 function.388 _Example_389 \code390 XtsAes aes;391 unsigned char plain[SIZE];392 unsigned char cipher[SIZE];393 unsigned char i[AES_BLOCK_SIZE];394 395 //set up key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION396 397 if(wc_AesXtsDecrypt(&aes, plain, cipher, SIZE, i, sizeof(i)) != 0)398 {399 // Handle error400 }401 wc_AesXtsFree(&aes);402 \endcode403 404 \sa wc_AesXtsEncrypt405 \sa wc_AesXtsSetKey406 \sa wc_AesXtsFree407 */408 346 WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out, 409 347 const byte* in, word32 sz, const byte* i, word32 iSz); 410 348 411 412 /*!413 \ingroup AES414 415 \brief This is to free up any resources used by the XtsAes structure416 417 \return 0 Success418 419 \param aes AES keys to free420 421 _Example_422 \code423 XtsAes aes;424 425 if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0)426 {427 // Handle error428 }429 wc_AesXtsFree(&aes);430 \endcode431 432 \sa wc_AesXtsEncrypt433 \sa wc_AesXtsDecrypt434 \sa wc_AesXtsSetKey435 */436 349 WOLFSSL_API int wc_AesXtsFree(XtsAes* aes); 437 350 #endif … … 439 352 WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize); 440 353 441 WOLFSSL_API int wc_AesInit(Aes*, void*, int); 442 WOLFSSL_API void wc_AesFree(Aes*); 354 WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId); 355 #ifdef HAVE_PKCS11 356 WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap, 357 int devId); 358 #endif 359 WOLFSSL_API void wc_AesFree(Aes* aes); 443 360 444 361 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/arc4.h
r337 r372 20 20 */ 21 21 22 22 /*! 23 \file wolfssl/wolfcrypt/arc4.h 24 */ 23 25 24 26 #ifndef WOLF_CRYPT_ARC4_H … … 37 39 enum { 38 40 ARC4_ENC_TYPE = 4, /* cipher unique type */ 39 ARC4_STATE_SIZE = 256 41 ARC4_STATE_SIZE = 256, 42 RC4_KEY_SIZE = 16, /* always 128bit */ 40 43 }; 41 44 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/asn.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/asn.h 24 */ 22 25 23 26 #ifndef WOLF_CRYPT_ASN_H … … 28 31 #ifndef NO_ASN 29 32 33 34 #if !defined(NO_ASN_TIME) && defined(NO_TIME_H) 35 #define NO_ASN_TIME /* backwards compatibility with NO_TIME_H */ 36 #endif 37 30 38 #include <wolfssl/wolfcrypt/integer.h> 31 39 32 40 /* fips declare of RsaPrivateKeyDecode @wc_fips */ 33 #if defined(HAVE_FIPS) && !defined(NO_RSA) 41 #if defined(HAVE_FIPS) && !defined(NO_RSA) && \ 42 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 34 43 #include <cyassl/ctaocrypt/rsa.h> 35 44 #endif … … 50 59 #include <wolfssl/wolfcrypt/asn_public.h> /* public interface */ 51 60 61 #if defined(NO_SHA) && defined(NO_SHA256) 62 #define WC_SHA256_DIGEST_SIZE 32 63 #endif 52 64 53 65 #ifdef __cplusplus … … 77 89 ASN_SEQUENCE = 0x10, 78 90 ASN_SET = 0x11, 91 ASN_PRINTABLE_STRING = 0x13, 79 92 ASN_UTC_TIME = 0x17, 80 93 ASN_OTHER_TYPE = 0x00, … … 82 95 ASN_DNS_TYPE = 0x02, 83 96 ASN_DIR_TYPE = 0x04, 97 ASN_URI_TYPE = 0x06, /* the value 6 is from GeneralName OID */ 84 98 ASN_GENERALIZED_TIME = 0x18, 85 99 CRL_EXTENSIONS = 0xa0, 86 100 ASN_EXTENSIONS = 0xa3, 87 ASN_LONG_LENGTH = 0x80 88 }; 89 90 enum ASN_Flags { 101 ASN_LONG_LENGTH = 0x80, 102 ASN_INDEF_LENGTH = 0x80, 103 104 /* ASN_Flags - Bitmask */ 91 105 ASN_CONSTRUCTED = 0x20, 92 ASN_CONTEXT_SPECIFIC = 0x80 93 }; 106 ASN_APPLICATION = 0x40, 107 ASN_CONTEXT_SPECIFIC = 0x80, 108 }; 109 110 #define ASN_UTC_TIME_SIZE 14 111 #define ASN_GENERALIZED_TIME_SIZE 16 112 #define ASN_GENERALIZED_TIME_MAX 68 94 113 95 114 enum DN_Tags { … … 101 120 ASN_STATE_NAME = 0x08, /* ST */ 102 121 ASN_ORG_NAME = 0x0a, /* O */ 103 ASN_ORGUNIT_NAME = 0x0b /* OU */ 104 }; 105 106 enum PBES { 107 PBE_MD5_DES = 0, 108 PBE_SHA1_DES = 1, 109 PBE_SHA1_DES3 = 2, 110 PBE_SHA1_RC4_128 = 3, 111 PBES2 = 13 /* algo ID */ 112 }; 113 114 enum ENCRYPTION_TYPES { 115 DES_TYPE = 0, 116 DES3_TYPE = 1, 117 RC4_TYPE = 2 118 }; 119 120 enum ECC_TYPES { 122 ASN_ORGUNIT_NAME = 0x0b, /* OU */ 123 ASN_BUS_CAT = 0x0f, /* businessCategory */ 124 ASN_EMAIL_NAME = 0x98, /* not oid number there is 97 in 2.5.4.0-97 */ 125 126 /* pilot attribute types 127 * OID values of 0.9.2342.19200300.100.1.* */ 128 ASN_USER_ID = 0x01, /* UID */ 129 ASN_DOMAIN_COMPONENT = 0x19 /* DC */ 130 }; 131 132 /* DN Tag Strings */ 133 #define WOLFSSL_COMMON_NAME "/CN=" 134 #define WOLFSSL_SUR_NAME "/SN=" 135 #define WOLFSSL_SERIAL_NUMBER "/serialNumber=" 136 #define WOLFSSL_COUNTRY_NAME "/C=" 137 #define WOLFSSL_LOCALITY_NAME "/L=" 138 #define WOLFSSL_STATE_NAME "/ST=" 139 #define WOLFSSL_ORG_NAME "/O=" 140 #define WOLFSSL_ORGUNIT_NAME "/OU=" 141 #define WOLFSSL_DOMAIN_COMPONENT "/DC=" 142 #define WOLFSSL_BUS_CAT "/businessCategory=" 143 #define WOLFSSL_JOI_C "/jurisdictionC=" 144 #define WOLFSSL_JOI_ST "/jurisdictionST=" 145 #define WOLFSSL_EMAIL_ADDR "/emailAddress=" 146 147 /* NIDs */ 148 enum 149 { 150 NID_undef = 0, 151 NID_des = 66, 152 NID_des3 = 67, 153 NID_sha256 = 672, 154 NID_sha384 = 673, 155 NID_sha512 = 674, 156 NID_hw_name_oid = 73, 157 NID_id_pkix_OCSP_basic = 74, 158 NID_any_policy = 75, 159 NID_anyExtendedKeyUsage = 76, 160 NID_basic_constraints = 133, 161 NID_key_usage = 129, /* 2.5.29.15 */ 162 NID_ext_key_usage = 151, /* 2.5.29.37 */ 163 NID_subject_key_identifier = 128, 164 NID_authority_key_identifier = 149, 165 NID_private_key_usage_period = 130, /* 2.5.29.16 */ 166 NID_subject_alt_name = 131, 167 NID_issuer_alt_name = 132, 168 NID_info_access = 69, 169 NID_sinfo_access = 79, /* id-pe 11 */ 170 NID_name_constraints = 144, /* 2.5.29.30 */ 171 NID_certificate_policies = 146, 172 NID_policy_mappings = 147, 173 NID_policy_constraints = 150, 174 NID_inhibit_any_policy = 168, /* 2.5.29.54 */ 175 NID_tlsfeature = 92, /* id-pe 24 */ 176 NID_commonName = 0x03, /* matchs ASN_COMMON_NAME in asn.h */ 177 NID_surname = 0x04, /* SN */ 178 NID_serialNumber = 0x05, /* serialNumber */ 179 NID_countryName = 0x06, /* C */ 180 NID_localityName = 0x07, /* L */ 181 NID_stateOrProvinceName = 0x08, /* ST */ 182 NID_organizationName = 0x0a, /* O */ 183 NID_organizationalUnitName = 0x0b, /* OU */ 184 NID_domainComponent = 0x19, /* matchs ASN_DOMAIN_COMPONENT in asn.h */ 185 NID_emailAddress = 0x30, /* emailAddress */ 186 }; 187 188 enum ECC_TYPES 189 { 121 190 ECC_PREFIX_0 = 160, 122 191 ECC_PREFIX_1 = 161 123 192 }; 124 193 194 #ifdef WOLFSSL_CERT_PIV 195 enum PIV_Tags { 196 ASN_PIV_CERT = 0x0A, 197 ASN_PIV_NONCE = 0x0B, 198 ASN_PIV_SIGNED_NONCE = 0x0C, 199 200 ASN_PIV_TAG_CERT = 0x70, 201 ASN_PIV_TAG_CERT_INFO = 0x71, 202 ASN_PIV_TAG_MSCUID = 0x72, 203 ASN_PIV_TAG_ERR_DET = 0xFE, 204 205 /* certificate info masks */ 206 ASN_PIV_CERT_INFO_COMPRESSED = 0x03, 207 ASN_PIV_CERT_INFO_ISX509 = 0x04, 208 }; 209 #endif /* WOLFSSL_CERT_PIV */ 210 211 212 #define ASN_JOI_PREFIX "\x2b\x06\x01\x04\x01\x82\x37\x3c\x02\x01" 213 #define ASN_JOI_C 0x3 214 #define ASN_JOI_ST 0x2 215 216 #ifndef WC_ASN_NAME_MAX 217 #define WC_ASN_NAME_MAX 256 218 #endif 219 125 220 enum Misc_ASN { 126 ASN_NAME_MAX = 256,221 ASN_NAME_MAX = WC_ASN_NAME_MAX, 127 222 MAX_SALT_SIZE = 64, /* MAX PKCS Salt length */ 128 223 MAX_IV_SIZE = 64, /* MAX PKCS Iv length */ 129 MAX_KEY_SIZE = 64, /* MAX PKCS Key length */130 PKCS5 = 5, /* PKCS oid tag */131 PKCS5v2 = 6, /* PKCS #5 v2.0 */132 PKCS8v0 = 0, /* default PKCS#8 version */133 PKCS12v1 = 12, /* PKCS #12 */134 MAX_UNICODE_SZ = 256,135 224 ASN_BOOL_SIZE = 2, /* including type */ 136 225 ASN_ECC_HEADER_SZ = 2, /* String type + 1 byte len */ … … 146 235 MAX_DATE_SIZE = 32, 147 236 ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */ 237 #ifndef NO_RSA 148 238 MAX_ENCODED_SIG_SZ = 512, 239 #elif defined(HAVE_ECC) 240 MAX_ENCODED_SIG_SZ = 140, 241 #else 242 MAX_ENCODED_SIG_SZ = 64, 243 #endif 149 244 MAX_SIG_SZ = 256, 150 245 MAX_ALGO_SZ = 20, 246 MAX_SHORT_SZ = 6, /* asn int + byte len + 4 byte length */ 151 247 MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */ 152 248 MAX_SET_SZ = 5, /* enum(set | con) + length(4) */ … … 155 251 MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */ 156 252 MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/ 157 MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + length(4) */ 253 MAX_ENCODED_DIG_ASN_SZ= 9, /* enum(bit or octet) + length(4) */ 254 MAX_ENCODED_DIG_SZ = 64 + MAX_ENCODED_DIG_ASN_SZ, /* asn header + sha512 */ 158 255 MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */ 159 256 MAX_NTRU_KEY_SZ = 610, /* NTRU 112 bit public key */ … … 163 260 MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */ 164 261 MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */ 165 MAX_DER_DIGEST_SZ = MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ, /* Maximum DER digest size */ 262 MAX_DER_DIGEST_SZ = MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ, 263 /* Maximum DER digest size */ 264 MAX_DER_DIGEST_ASN_SZ = MAX_ENCODED_DIG_ASN_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ, 265 /* Maximum DER digest ASN header size */ 166 266 #ifdef WOLFSSL_CERT_GEN 167 267 #ifdef WOLFSSL_CERT_REQ … … 177 277 /* Max total extensions, id + len + others */ 178 278 #endif 279 #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7) 280 MAX_OID_SZ = 32, /* Max DER length of OID*/ 281 MAX_OID_STRING_SZ = 64, /* Max string length representation of OID*/ 282 #endif 179 283 #ifdef WOLFSSL_CERT_EXT 180 284 MAX_KID_SZ = 45, /* Max encoded KID length (SHA-256 case) */ 181 285 MAX_KEYUSAGE_SZ = 18, /* Max encoded Key Usage length */ 182 MAX_EXTKEYUSAGE_SZ = 12 + (6 * (8 + 2)) , /* Max encoded ExtKeyUsage183 (SEQ/LEN + OBJID + OCTSTR/LEN + SEQ + (6 * (SEQ + OID))) */184 MAX_OID_SZ = 32, /* Max DER length of OID*/185 MAX_OID_STRING_SZ = 64, /* Max string length representation of OID*/286 MAX_EXTKEYUSAGE_SZ = 12 + (6 * (8 + 2)) + 287 CTC_MAX_EKU_OID_SZ, /* Max encoded ExtKeyUsage 288 (SEQ/LEN + OBJID + OCTSTR/LEN + SEQ + 289 (6 * (SEQ + OID))) */ 186 290 MAX_CERTPOL_NB = CTC_MAX_CERTPOL_NB,/* Max number of Cert Policy */ 187 291 MAX_CERTPOL_SZ = CTC_MAX_CERTPOL_SZ, 188 292 #endif 293 MAX_NAME_ENTRIES = 5, /* extra entries added to x509 name struct */ 189 294 OCSP_NONCE_EXT_SZ = 35, /* OCSP Nonce Extension size */ 190 295 MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */ … … 193 298 MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2, 194 299 /* use bigger NTRU size */ 300 #ifdef WOLFSSL_ENCRYPTED_KEYS 195 301 HEADER_ENCRYPTED_KEY_SIZE = 88,/* Extra header size for encrypted key */ 302 #else 303 HEADER_ENCRYPTED_KEY_SIZE = 0, 304 #endif 196 305 TRAILING_ZERO = 1, /* Used for size of zero pad */ 306 ASN_TAG_SZ = 1, /* single byte ASN.1 tag */ 197 307 MIN_VERSION_SZ = 3, /* Min bytes needed for GetMyVersion */ 198 #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 308 #if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ 309 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ 310 defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7) 199 311 MAX_TIME_STRING_SZ = 25, /* Max length of formatted time string */ 200 312 #endif 313 314 PKCS5_SALT_SZ = 8, 315 316 PEM_LINE_LEN = 80, /* PEM line max + fudge */ 201 317 }; 202 318 … … 217 333 oidKeyWrapType = 12, 218 334 oidCmsKeyAgreeType = 13, 335 oidPBEType = 14, 336 oidHmacType = 15, 337 oidCompressType = 16, 338 oidCertNameType = 17, 219 339 oidIgnoreType 220 340 }; … … 232 352 233 353 354 #if !defined(NO_DES3) || !defined(NO_AES) 234 355 enum Block_Sum { 356 #ifdef WOLFSSL_AES_128 235 357 AES128CBCb = 414, 358 AES128GCMb = 418, 359 AES128CCMb = 419, 360 #endif 361 #ifdef WOLFSSL_AES_192 236 362 AES192CBCb = 434, 363 AES192GCMb = 438, 364 AES192CCMb = 439, 365 #endif 366 #ifdef WOLFSSL_AES_256 237 367 AES256CBCb = 454, 368 AES256GCMb = 458, 369 AES256CCMb = 459, 370 #endif 371 #ifndef NO_DES3 238 372 DESb = 69, 239 373 DES3b = 652 240 }; 374 #endif 375 }; 376 #endif /* !NO_DES3 || !NO_AES */ 241 377 242 378 … … 250 386 251 387 388 #if !defined(NO_AES) || defined(HAVE_PKCS7) 252 389 enum KeyWrap_Sum { 390 #ifdef WOLFSSL_AES_128 253 391 AES128_WRAP = 417, 392 #endif 393 #ifdef WOLFSSL_AES_192 254 394 AES192_WRAP = 437, 255 AES256_WRAP = 457 256 }; 257 395 #endif 396 #ifdef WOLFSSL_AES_256 397 AES256_WRAP = 457, 398 #endif 399 #ifdef HAVE_PKCS7 400 PWRI_KEK_WRAP = 680 /*id-alg-PWRI-KEK, 1.2.840.113549.1.9.16.3.9 */ 401 #endif 402 }; 403 #endif /* !NO_AES || PKCS7 */ 258 404 259 405 enum Key_Agree { … … 304 450 305 451 452 enum HMAC_Sum { 453 HMAC_SHA224_OID = 652, 454 HMAC_SHA256_OID = 653, 455 HMAC_SHA384_OID = 654, 456 HMAC_SHA512_OID = 655 457 }; 458 459 306 460 enum Extensions_Sum { 307 461 BASIC_CA_OID = 133, … … 347 501 }; 348 502 503 #ifdef HAVE_LIBZ 504 enum CompressAlg_Sum { 505 ZLIBc = 679 /* 1.2.840.113549.1.9.16.3.8, id-alg-zlibCompress */ 506 }; 507 #endif 349 508 350 509 enum VerifyType { … … 352 511 VERIFY = 1, 353 512 VERIFY_CRL = 2, 354 VERIFY_OCSP = 3 513 VERIFY_OCSP = 3, 514 VERIFY_NAME = 4 355 515 }; 356 516 … … 374 534 375 535 /* Extended Key Usage bits (internal mapping only) */ 536 #define EXTKEYUSE_USER 0x80 376 537 #define EXTKEYUSE_OCSP_SIGN 0x40 377 538 #define EXTKEYUSE_TIMESTAMP 0x20 … … 386 547 struct DNS_entry { 387 548 DNS_entry* next; /* next on DNS list */ 549 int type; /* i.e. ASN_DNS_TYPE */ 550 int len; /* actual DNS len */ 388 551 char* name; /* actual DNS name */ 389 552 }; … … 399 562 }; 400 563 564 #define DOMAIN_COMPONENT_MAX 10 401 565 402 566 struct DecodedName { … … 406 570 int cnIdx; 407 571 int cnLen; 572 int cnNid; 408 573 int snIdx; 409 574 int snLen; 575 int snNid; 410 576 int cIdx; 411 577 int cLen; 578 int cNid; 412 579 int lIdx; 413 580 int lLen; 581 int lNid; 414 582 int stIdx; 415 583 int stLen; 584 int stNid; 416 585 int oIdx; 417 586 int oLen; 587 int oNid; 418 588 int ouIdx; 419 589 int ouLen; 590 #ifdef WOLFSSL_CERT_EXT 591 int bcIdx; 592 int bcLen; 593 int jcIdx; 594 int jcLen; 595 int jsIdx; 596 int jsLen; 597 #endif 598 int ouNid; 420 599 int emailIdx; 421 600 int emailLen; 601 int emailNid; 422 602 int uidIdx; 423 603 int uidLen; 604 int uidNid; 424 605 int serialIdx; 425 606 int serialLen; 607 int serialNid; 608 int dcIdx[DOMAIN_COMPONENT_MAX]; 609 int dcLen[DOMAIN_COMPONENT_MAX]; 610 int dcNum; 611 int dcMode; 426 612 }; 427 613 … … 433 619 SIG_STATE_CHECK, 434 620 }; 621 622 623 #ifdef HAVE_PK_CALLBACKS 624 #ifdef HAVE_ECC 625 typedef int (*wc_CallbackEccVerify)( 626 const unsigned char* sig, unsigned int sigSz, 627 const unsigned char* hash, unsigned int hashSz, 628 const unsigned char* keyDer, unsigned int keySz, 629 int* result, void* ctx); 630 #endif 631 #ifndef NO_RSA 632 typedef int (*wc_CallbackRsaVerify)( 633 unsigned char* sig, unsigned int sigSz, 634 unsigned char** out, 635 const unsigned char* keyDer, unsigned int keySz, 636 void* ctx); 637 #endif 638 #endif /* HAVE_PK_CALLBACKS */ 435 639 436 640 struct SignatureCtx { … … 465 669 void* asyncCtx; 466 670 #endif 671 672 #ifdef HAVE_PK_CALLBACKS 673 #ifdef HAVE_ECC 674 wc_CallbackEccVerify pkCbEcc; 675 void* pkCtxEcc; 676 #endif 677 #ifndef NO_RSA 678 wc_CallbackRsaVerify pkCbRsa; 679 void* pkCtxRsa; 680 #endif 681 #endif /* HAVE_PK_CALLBACKS */ 467 682 }; 468 683 … … 496 711 497 712 struct DecodedCert { 498 byte*publicKey;713 const byte* publicKey; 499 714 word32 pubKeySize; 500 715 int pubKeyStored; … … 516 731 byte issuerKeyHash[KEYID_SIZE]; /* hash of the public Key */ 517 732 #endif /* HAVE_OCSP */ 518 byte* signature;/* not owned, points into raw cert */733 const byte* signature; /* not owned, points into raw cert */ 519 734 char* subjectCN; /* CommonName */ 520 735 int subjectCNLen; /* CommonName Length */ 521 736 char subjectCNEnc; /* CommonName Encoding */ 522 int subjectCNStored; /* have we saved a copy we own */523 737 char issuer[ASN_NAME_MAX]; /* full name including common name */ 524 738 char subject[ASN_NAME_MAX]; /* full name including common name */ 525 739 int verify; /* Default to yes, but could be off */ 526 byte* source;/* byte buffer holder cert, NOT owner */740 const byte* source; /* byte buffer holder cert, NOT owner */ 527 741 word32 srcIdx; /* current offset into buffer */ 528 742 word32 maxIdx; /* max offset based on init size */ … … 530 744 byte serial[EXTERNAL_SERIAL_SIZE]; /* raw serial number */ 531 745 int serialSz; /* raw serial bytes stored */ 532 byte* extensions;/* not owned, points into raw cert */746 const byte* extensions; /* not owned, points into raw cert */ 533 747 int extensionsSz; /* length of cert extensions */ 534 748 word32 extensionsIdx; /* if want to go back and parse later */ 535 byte* extAuthInfo;/* Authority Information Access URI */749 const byte* extAuthInfo; /* Authority Information Access URI */ 536 750 int extAuthInfoSz; /* length of the URI */ 537 byte* extCrlInfo;/* CRL Distribution Points */751 const byte* extCrlInfo; /* CRL Distribution Points */ 538 752 int extCrlInfoSz; /* length of the URI */ 539 753 byte extSubjKeyId[KEYID_SIZE]; /* Subject Key ID */ 540 byte extSubjKeyIdSet; /* Set when the SKID was read from cert */541 754 byte extAuthKeyId[KEYID_SIZE]; /* Authority Key ID */ 542 byte extAuthKeyIdSet; /* Set when the AKID was read from cert */543 #ifndef IGNORE_NAME_CONSTRAINTS544 byte extNameConstraintSet;545 #endif /* IGNORE_NAME_CONSTRAINTS */546 byte isCA; /* CA basic constraint true */547 byte pathLengthSet; /* CA basic const path length set */548 755 byte pathLength; /* CA basic constraint path length */ 549 byte weOwnAltNames; /* altNames haven't been given to copy */550 byte extKeyUsageSet;551 756 word16 extKeyUsage; /* Key usage bitfield */ 552 byte extExtKeyUsageSet; /* Extended Key Usage */553 757 byte extExtKeyUsage; /* Extended Key usage bitfield */ 554 #ifdef OPENSSL_EXTRA 555 byte extCRLdistSet; 556 byte extCRLdistCrit; 557 byte extAuthInfoSet; 558 byte extAuthInfoCrit; 559 byte extBasicConstSet; 560 byte extBasicConstCrit; 561 byte extSubjAltNameSet; 562 byte extSubjAltNameCrit; 563 byte extAuthKeyIdCrit; 564 #ifndef IGNORE_NAME_CONSTRAINTS 565 byte extNameConstraintCrit; 566 #endif /* IGNORE_NAME_CONSTRAINTS */ 567 byte extSubjKeyIdCrit; 568 byte extKeyUsageCrit; 569 byte extExtKeyUsageCrit; 570 byte* extExtKeyUsageSrc; 758 759 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 760 const byte* extExtKeyUsageSrc; 571 761 word32 extExtKeyUsageSz; 572 762 word32 extExtKeyUsageCount; 573 byte*extAuthKeyIdSrc;763 const byte* extAuthKeyIdSrc; 574 764 word32 extAuthKeyIdSz; 575 byte*extSubjKeyIdSrc;765 const byte* extSubjKeyIdSrc; 576 766 word32 extSubjKeyIdSz; 577 767 #endif 768 578 769 #if defined(HAVE_ECC) || defined(HAVE_ED25519) 579 770 word32 pkCurveOID; /* Public Key's curve OID */ 580 771 #endif /* HAVE_ECC */ 581 byte*beforeDate;772 const byte* beforeDate; 582 773 int beforeDateLen; 583 byte*afterDate;774 const byte* afterDate; 584 775 int afterDateLen; 585 #if def HAVE_PKCS7586 byte* issuerRaw;/* pointer to issuer inside source */776 #if defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT) 777 const byte* issuerRaw; /* pointer to issuer inside source */ 587 778 int issuerRawLen; 588 779 #endif 589 780 #ifndef IGNORE_NAME_CONSTRAINT 590 byte* subjectRaw;/* pointer to subject inside source */781 const byte* subjectRaw; /* pointer to subject inside source */ 591 782 int subjectRawLen; 592 783 #endif 593 #if defined(WOLFSSL_CERT_GEN) 784 #if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT) 594 785 /* easy access to subject info for other sign */ 595 786 char* subjectSN; … … 611 802 int subjectOULen; 612 803 char subjectOUEnc; 804 char* subjectSND; 805 int subjectSNDLen; 806 char subjectSNDEnc; 807 #ifdef WOLFSSL_CERT_EXT 808 char* subjectBC; 809 int subjectBCLen; 810 char subjectBCEnc; 811 char* subjectJC; 812 int subjectJCLen; 813 char subjectJCEnc; 814 char* subjectJS; 815 int subjectJSLen; 816 char subjectJSEnc; 817 #endif 613 818 char* subjectEmail; 614 819 int subjectEmailLen; 615 820 #endif /* WOLFSSL_CERT_GEN */ 616 #if def OPENSSL_EXTRA821 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 617 822 DecodedName issuerName; 618 823 DecodedName subjectName; … … 625 830 int hwSerialNumSz; 626 831 byte* hwSerialNum; 627 #ifdef OPENSSL_EXTRA628 byte extCertPolicySet;629 byte extCertPolicyCrit;630 #endif /* OPENSSL_EXTRA */631 832 #endif /* WOLFSSL_SEP */ 632 833 #ifdef WOLFSSL_CERT_EXT 633 834 char extCertPolicies[MAX_CERTPOL_NB][MAX_CERTPOL_SZ]; 634 835 int extCertPoliciesNb; 635 #endif /* WOLFSSL_CERT_EXT*/836 #endif /* defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT) */ 636 837 637 838 Signer* ca; 638 839 SignatureCtx sigCtx; 639 }; 640 641 642 struct WOLFSSL_ASN1_OBJECT { 643 void* heap; 644 byte* obj; 645 int type; /* oid */ 646 word32 objSz; 647 byte dynamic; /* if 1 then obj was dynamiclly created, 0 otherwise */ 648 }; 649 650 651 extern const char* BEGIN_CERT; 652 extern const char* END_CERT; 653 extern const char* BEGIN_CERT_REQ; 654 extern const char* END_CERT_REQ; 655 extern const char* BEGIN_DSA_PARAM; 656 extern const char* END_DSA_PARAM; 657 extern const char* BEGIN_DH_PARAM; 658 extern const char* END_DH_PARAM; 659 extern const char* BEGIN_X509_CRL; 660 extern const char* END_X509_CRL; 661 extern const char* BEGIN_RSA_PRIV; 662 extern const char* END_RSA_PRIV; 663 extern const char* BEGIN_PRIV_KEY; 664 extern const char* END_PRIV_KEY; 665 extern const char* BEGIN_ENC_PRIV_KEY; 666 extern const char* END_ENC_PRIV_KEY; 667 extern const char* BEGIN_EC_PRIV; 668 extern const char* END_EC_PRIV; 669 extern const char* BEGIN_DSA_PRIV; 670 extern const char* END_DSA_PRIV; 671 extern const char* BEGIN_PUB_KEY; 672 extern const char* END_PUB_KEY; 673 extern const char* BEGIN_EDDSA_PRIV; 674 extern const char* END_EDDSA_PRIV; 840 841 /* Option Bits */ 842 byte subjectCNStored : 1; /* have we saved a copy we own */ 843 byte extSubjKeyIdSet : 1; /* Set when the SKID was read from cert */ 844 byte extAuthKeyIdSet : 1; /* Set when the AKID was read from cert */ 845 #ifndef IGNORE_NAME_CONSTRAINTS 846 byte extNameConstraintSet : 1; 847 #endif 848 byte isCA : 1; /* CA basic constraint true */ 849 byte pathLengthSet : 1; /* CA basic const path length set */ 850 byte weOwnAltNames : 1; /* altNames haven't been given to copy */ 851 byte extKeyUsageSet : 1; 852 byte extExtKeyUsageSet : 1; /* Extended Key Usage set */ 853 byte extCRLdistSet : 1; 854 byte extAuthInfoSet : 1; 855 byte extBasicConstSet : 1; 856 byte extSubjAltNameSet : 1; 857 byte inhibitAnyOidSet : 1; 858 #ifdef WOLFSSL_SEP 859 byte extCertPolicySet : 1; 860 #endif 861 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 862 byte extCRLdistCrit : 1; 863 byte extAuthInfoCrit : 1; 864 byte extBasicConstCrit : 1; 865 byte extSubjAltNameCrit : 1; 866 byte extAuthKeyIdCrit : 1; 867 #ifndef IGNORE_NAME_CONSTRAINTS 868 byte extNameConstraintCrit : 1; 869 #endif 870 byte extSubjKeyIdCrit : 1; 871 byte extKeyUsageCrit : 1; 872 byte extExtKeyUsageCrit : 1; 873 #endif /* OPENSSL_EXTRA */ 874 #ifdef WOLFSSL_SEP 875 byte extCertPolicyCrit : 1; 876 #endif 877 878 }; 879 675 880 676 881 #ifdef NO_SHA … … 688 893 byte pathLength; 689 894 byte pathLengthSet; 690 byte*publicKey;895 const byte* publicKey; 691 896 int nameLen; 692 897 char* name; /* common name */ … … 701 906 /* sha hash of names in certificate */ 702 907 #endif 908 #ifdef WOLFSSL_SIGNER_DER_CERT 909 DerBuffer* derCert; 910 #endif 703 911 Signer* next; 704 912 }; … … 728 936 729 937 /* for testing or custom openssl wrappers */ 730 #if defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) 938 #if defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \ 939 defined(OPENSSL_EXTRA_X509_SMALL) 731 940 #define WOLFSSL_ASN_API WOLFSSL_API 732 941 #else 733 942 #define WOLFSSL_ASN_API WOLFSSL_LOCAL 734 943 #endif 944 945 /* Macro for calculating hashId */ 946 #if defined(NO_SHA) && defined(NO_SHA256) 947 #ifdef WOLF_CRYPTO_DEV 948 #define CalcHashId(data, len, hash) wc_CryptoDevSha256Hash(data, len, hash) 949 #else 950 #define CalcHashId(data, len, hash) NOT_COMPILED_IN 951 #endif 952 #elif defined(NO_SHA) 953 #define CalcHashId(data, len, hash) wc_Sha256Hash(data, len, hash) 954 #else 955 #define CalcHashId(data, len, hash) wc_ShaHash(data, len, hash) 956 #endif 957 958 959 WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der, 960 word32* derSz); 735 961 736 962 WOLFSSL_ASN_API void FreeAltNames(DNS_entry*, void*); … … 738 964 WOLFSSL_ASN_API void FreeNameSubtrees(Base_entry*, void*); 739 965 #endif /* IGNORE_NAME_CONSTRAINTS */ 740 WOLFSSL_ASN_API void InitDecodedCert(DecodedCert*, byte*, word32, void*);966 WOLFSSL_ASN_API void InitDecodedCert(DecodedCert*, const byte*, word32, void*); 741 967 WOLFSSL_ASN_API void FreeDecodedCert(DecodedCert*); 742 968 WOLFSSL_ASN_API int ParseCert(DecodedCert*, int type, int verify, void* cm); 743 969 970 WOLFSSL_LOCAL int DecodePolicyOID(char *o, word32 oSz, 971 const byte *in, word32 inSz); 972 WOLFSSL_API int CheckCertSignature(const byte*,word32,void*,void* cm); 744 973 WOLFSSL_LOCAL int ParseCertRelative(DecodedCert*,int type,int verify,void* cm); 745 974 WOLFSSL_LOCAL int DecodeToKey(DecodedCert*, int verify); 746 975 976 WOLFSSL_LOCAL const byte* OidFromId(word32 id, word32 type, word32* oidSz); 747 977 WOLFSSL_LOCAL Signer* MakeSigner(void*); 748 978 WOLFSSL_LOCAL void FreeSigner(Signer*, void*); … … 754 984 755 985 WOLFSSL_ASN_API int ToTraditional(byte* buffer, word32 length); 986 WOLFSSL_ASN_API int ToTraditional_ex(byte* buffer, word32 length, 987 word32* algId); 756 988 WOLFSSL_LOCAL int ToTraditionalInline(const byte* input, word32* inOutIdx, 757 989 word32 length); 758 WOLFSSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*,int); 990 WOLFSSL_LOCAL int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, 991 word32 length, word32* algId); 992 WOLFSSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*,int, 993 word32* algId); 994 WOLFSSL_ASN_API int UnTraditionalEnc(byte* key, word32 keySz, byte* out, 995 word32* outSz, const char* password, int passwordSz, int vPKCS, 996 int vAlgo, byte* salt, word32 saltSz, int itt, WC_RNG* rng, void* heap); 997 WOLFSSL_ASN_API int TraditionalEnc(byte* key, word32 keySz, byte* out, 998 word32* outSz, const char* password, int passwordSz, int vPKCS, 999 int vAlgo, int encAlgId, byte* salt, word32 saltSz, int itt, 1000 WC_RNG* rng, void* heap); 759 1001 WOLFSSL_LOCAL int DecryptContent(byte* input, word32 sz,const char* psw,int pswSz); 1002 WOLFSSL_LOCAL int EncryptContent(byte* input, word32 sz, byte* out, word32* outSz, 1003 const char* password,int passwordSz, int vPKCS, int vAlgo, 1004 byte* salt, word32 saltSz, int itt, WC_RNG* rng, void* heap); 760 1005 WOLFSSL_LOCAL int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, 761 1006 word32* oidSz, int* algoID, void* heap); 762 1007 763 1008 typedef struct tm wolfssl_tm; 764 #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 1009 #if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) || \ 1010 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 765 1011 WOLFSSL_LOCAL int GetTimeString(byte* date, int format, char* buf, int len); 1012 #endif 1013 #if !defined(NO_ASN_TIME) && defined(HAVE_PKCS7) 1014 WOLFSSL_LOCAL int GetAsnTimeString(void* currTime, byte* buf, word32 len); 766 1015 #endif 767 1016 WOLFSSL_LOCAL int ExtractDate(const unsigned char* date, unsigned char format, 768 1017 wolfssl_tm* certTime, int* idx); 769 1018 WOLFSSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType); 1019 WOLFSSL_LOCAL int OBJ_sn2nid(const char *sn); 770 1020 771 1021 /* ASN.1 helper functions */ … … 775 1025 WOLFSSL_LOCAL int GetShortInt(const byte* input, word32* inOutIdx, int* number, 776 1026 word32 maxIdx); 1027 WOLFSSL_LOCAL char* GetSigName(int oid); 777 1028 WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, 778 1029 word32 maxIdx); 1030 WOLFSSL_LOCAL int GetLength_ex(const byte* input, word32* inOutIdx, int* len, 1031 word32 maxIdx, int check); 779 1032 WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len, 780 1033 word32 maxIdx); 1034 WOLFSSL_LOCAL int GetSequence_ex(const byte* input, word32* inOutIdx, int* len, 1035 word32 maxIdx, int check); 781 1036 WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len, 782 1037 word32 maxIdx); … … 793 1048 word16* out, word32* outSz); 794 1049 #endif 1050 WOLFSSL_LOCAL int GetASNObjectId(const byte* input, word32* inOutIdx, int* len, 1051 word32 maxIdx); 1052 WOLFSSL_LOCAL int SetObjectId(int len, byte* output); 795 1053 WOLFSSL_LOCAL int GetObjectId(const byte* input, word32* inOutIdx, word32* oid, 796 1054 word32 oidType, word32 maxIdx); … … 812 1070 int maxIdx); 813 1071 WOLFSSL_LOCAL int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der); 1072 WOLFSSL_LOCAL int RsaPublicKeyDerSize(RsaKey* key, int with_header); 814 1073 815 1074 #ifdef HAVE_ECC … … 824 1083 WOLFSSL_LOCAL void FreeSignatureCtx(SignatureCtx* sigCtx); 825 1084 1085 #ifndef NO_CERTS 1086 1087 WOLFSSL_LOCAL int wc_EncryptedInfoParse(EncryptedInfo* info, char** pBuffer, 1088 size_t bufSz); 1089 1090 WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type, 1091 DerBuffer** pDer, void* heap, EncryptedInfo* info, 1092 int* eccKey); 1093 WOLFSSL_LOCAL int AllocDer(DerBuffer** der, word32 length, int type, void* heap); 1094 WOLFSSL_LOCAL void FreeDer(DerBuffer** der); 1095 1096 #endif /* !NO_CERTS */ 826 1097 827 1098 #ifdef WOLFSSL_CERT_GEN 828 1099 829 1100 enum cert_enums { 830 NAME_ENTRIES = 8, 1101 #ifdef WOLFSSL_CERT_EXT 1102 NAME_ENTRIES = 10, 1103 #else 1104 NAME_ENTRIES = 9, 1105 #endif 831 1106 JOINT_LEN = 2, 832 1107 EMAIL_JOINT_LEN = 9, 1108 PILOT_JOINT_LEN = 10, 833 1109 RSA_KEY = 10, 834 1110 NTRU_KEY = 11, … … 836 1112 ED25519_KEY = 13 837 1113 }; 838 839 #ifndef WOLFSSL_PEMCERT_TODER_DEFINED840 #ifndef NO_FILESYSTEM841 /* forward from wolfSSL */842 WOLFSSL_API843 int wolfSSL_PemCertToDer(const char* fileName,unsigned char* derBuf,int derSz);844 #define WOLFSSL_PEMCERT_TODER_DEFINED845 #endif846 #endif847 1114 848 1115 #endif /* WOLFSSL_CERT_GEN */ … … 877 1144 }; 878 1145 1146 #ifdef OPENSSL_EXTRA 1147 enum Ocsp_Verify_Error { 1148 OCSP_VERIFY_ERROR_NONE = 0, 1149 OCSP_BAD_ISSUER = 1 1150 }; 1151 #endif 1152 879 1153 880 1154 typedef struct OcspRequest OcspRequest; … … 894 1168 byte thisDateFormat; 895 1169 byte nextDateFormat; 896 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)1170 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 897 1171 byte* thisDateAsn; 898 1172 byte* nextDateAsn; … … 930 1204 byte* source; /* pointer to source buffer, not owned */ 931 1205 word32 maxIdx; /* max offset based on init size */ 1206 1207 #ifdef OPENSSL_EXTRA 1208 int verifyError; 1209 #endif 932 1210 }; 933 1211 … … 1011 1289 1012 1290 #endif /* !NO_ASN */ 1291 1292 1293 #if !defined(NO_ASN) || !defined(NO_PWDBASED) 1294 1295 #ifndef MAX_KEY_SIZE 1296 #define MAX_KEY_SIZE 64 /* MAX PKCS Key length */ 1297 #endif 1298 #ifndef MAX_UNICODE_SZ 1299 #define MAX_UNICODE_SZ 256 1300 #endif 1301 1302 enum PBESTypes { 1303 PBE_MD5_DES = 0, 1304 PBE_SHA1_RC4_128 = 1, 1305 PBE_SHA1_DES = 2, 1306 PBE_SHA1_DES3 = 3, 1307 PBE_AES256_CBC = 4, 1308 1309 PBE_SHA1_RC4_128_SUM = 657, 1310 PBE_SHA1_DES3_SUM = 659, 1311 PBES2 = 13 /* algo ID */ 1312 }; 1313 1314 enum PKCSTypes { 1315 PKCS5v2 = 6, /* PKCS #5 v2.0 */ 1316 PKCS12v1 = 12, /* PKCS #12 */ 1317 PKCS5 = 5, /* PKCS oid tag */ 1318 PKCS8v0 = 0, /* default PKCS#8 version */ 1319 }; 1320 1321 #endif /* !NO_ASN || !NO_PWDBASED */ 1322 1013 1323 #endif /* WOLF_CRYPT_ASN_H */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/asn_public.h
r337 r372 20 20 */ 21 21 22 22 /*! 23 \file wolfssl/wolfcrypt/asn_public.h 24 */ 23 25 24 26 #ifndef WOLF_CRYPT_ASN_PUBLIC_H … … 48 50 #define WC_RNG_TYPE_DEFINED 49 51 #endif 52 50 53 51 54 /* Certificate file Type */ … … 68 71 TRUSTED_PEER_TYPE, 69 72 EDDSA_PRIVATEKEY_TYPE, 70 ED25519_TYPE 73 ED25519_TYPE, 74 PKCS12_TYPE, 75 PKCS8_PRIVATEKEY_TYPE, 76 PKCS8_ENC_PRIVATEKEY_TYPE 71 77 }; 72 78 … … 80 86 CTC_SHAwECDSA = 520, 81 87 CTC_SHA224wRSA = 658, 82 CTC_SHA224wECDSA = 52 7,88 CTC_SHA224wECDSA = 523, 83 89 CTC_SHA256wRSA = 655, 84 90 CTC_SHA256wECDSA = 524, … … 95 101 }; 96 102 103 #ifndef WC_CTC_NAME_SIZE 104 #define WC_CTC_NAME_SIZE 64 105 #endif 106 #ifndef WC_CTC_MAX_ALT_SIZE 107 #define WC_CTC_MAX_ALT_SIZE 16384 108 #endif 109 97 110 enum Ctc_Misc { 98 111 CTC_COUNTRY_SIZE = 2, 99 CTC_NAME_SIZE = 64,112 CTC_NAME_SIZE = WC_CTC_NAME_SIZE, 100 113 CTC_DATE_SIZE = 32, 101 CTC_MAX_ALT_SIZE = 16384, /* may be huge*/114 CTC_MAX_ALT_SIZE = WC_CTC_MAX_ALT_SIZE, /* may be huge, default: 16384 */ 102 115 CTC_SERIAL_SIZE = 16, 103 116 #ifdef WOLFSSL_CERT_EXT … … 111 124 }; 112 125 126 /* DER buffer */ 127 typedef struct DerBuffer { 128 byte* buffer; 129 void* heap; 130 word32 length; 131 int type; /* enum CertType */ 132 int dynType; /* DYNAMIC_TYPE_* */ 133 } DerBuffer; 134 135 enum { 136 IV_SZ = 32, /* max iv sz */ 137 NAME_SZ = 80, /* max one line */ 138 139 PEM_PASS_READ = 0, 140 PEM_PASS_WRITE = 1, 141 }; 142 143 144 typedef int (pem_password_cb)(char* passwd, int sz, int rw, void* userdata); 145 146 typedef struct EncryptedInfo { 147 pem_password_cb* passwd_cb; 148 void* passwd_userdata; 149 150 long consumed; /* tracks PEM bytes consumed */ 151 152 int cipherType; 153 word32 keySz; 154 word32 ivSz; /* salt or encrypted IV size */ 155 156 char name[NAME_SZ]; /* cipher name, such as "DES-CBC" */ 157 byte iv[IV_SZ]; /* salt or encrypted IV */ 158 159 word16 set:1; /* if encryption set */ 160 } EncryptedInfo; 161 162 163 #if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT) 164 #ifdef WOLFSSL_EKU_OID 165 #ifndef CTC_MAX_EKU_NB 166 #define CTC_MAX_EKU_NB 1 167 #endif 168 #ifndef CTC_MAX_EKU_OID_SZ 169 #define CTC_MAX_EKU_OID_SZ 30 170 #endif 171 #else 172 #undef CTC_MAX_EKU_OID_SZ 173 #define CTC_MAX_EKU_OID_SZ 0 174 #endif 175 #endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */ 113 176 114 177 #ifdef WOLFSSL_CERT_GEN 178 179 #ifdef WOLFSSL_MULTI_ATTRIB 180 #ifndef CTC_MAX_ATTRIB 181 #define CTC_MAX_ATTRIB 4 182 #endif 183 184 /* ASN Encoded Name field */ 185 typedef struct NameAttrib { 186 int sz; /* actual string value length */ 187 int id; /* id of name */ 188 int type; /* enc of name */ 189 char value[CTC_NAME_SIZE]; /* name */ 190 } NameAttrib; 191 #endif /* WOLFSSL_MULTI_ATTRIB */ 192 115 193 116 194 typedef struct CertName { … … 129 207 char commonName[CTC_NAME_SIZE]; 130 208 char commonNameEnc; 209 char serialDev[CTC_NAME_SIZE]; 210 char serialDevEnc; 211 #ifdef WOLFSSL_CERT_EXT 212 char busCat[CTC_NAME_SIZE]; 213 char busCatEnc; 214 char joiC[CTC_NAME_SIZE]; 215 char joiCEnc; 216 char joiSt[CTC_NAME_SIZE]; 217 char joiStEnc; 218 #endif 131 219 char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */ 220 #ifdef WOLFSSL_MULTI_ATTRIB 221 NameAttrib name[CTC_MAX_ATTRIB]; 222 #endif 132 223 } CertName; 133 224 … … 162 253 word16 keyUsage; /* Key Usage */ 163 254 byte extKeyUsage; /* Extended Key Usage */ 255 #ifdef WOLFSSL_EKU_OID 256 /* Extended Key Usage OIDs */ 257 byte extKeyUsageOID[CTC_MAX_EKU_NB][CTC_MAX_EKU_OID_SZ]; 258 byte extKeyUsageOIDSz[CTC_MAX_EKU_NB]; 259 #endif 164 260 char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ]; 165 261 word16 certPoliciesNb; /* Number of Cert Policy */ 262 byte issRaw[sizeof(CertName)]; /* raw issuer info */ 263 byte sbjRaw[sizeof(CertName)]; /* raw subject info */ 166 264 #endif 167 265 #ifdef WOLFSSL_CERT_REQ … … 170 268 void* heap; /* heap hint */ 171 269 } Cert; 270 172 271 173 272 … … 211 310 WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int); 212 311 312 #ifndef NO_ASN_TIME 313 WOLFSSL_API int wc_GetCertDates(Cert* cert, struct tm* before, 314 struct tm* after); 315 #endif 316 213 317 #ifdef WOLFSSL_CERT_EXT 214 318 WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey_ex(Cert *cert, int keyType, … … 223 327 ecc_key *eckey); 224 328 WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file); 329 WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert); 330 WOLFSSL_API int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz); 331 WOLFSSL_API int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz); 225 332 226 333 #ifdef HAVE_NTRU … … 244 351 WOLFSSL_API int wc_SetExtKeyUsage(Cert *cert, const char *value); 245 352 353 354 #ifdef WOLFSSL_EKU_OID 355 /* Set ExtendedKeyUsage with unique OID 356 * oid is expected to be in byte representation 357 */ 358 WOLFSSL_API int wc_SetExtKeyUsageOID(Cert *cert, const char *oid, word32 sz, 359 byte idx, void* heap); 360 #endif /* WOLFSSL_EKU_OID */ 246 361 #endif /* WOLFSSL_CERT_EXT */ 247 362 … … 254 369 #endif /* WOLFSSL_CERT_GEN */ 255 370 371 WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz, 372 const byte** date, byte* format, int* length); 373 #ifndef NO_ASN_TIME 374 WOLFSSL_API int wc_GetDateAsCalendarTime(const byte* date, int length, 375 byte format, struct tm* time); 376 #endif 377 378 #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) 379 380 WOLFSSL_API int wc_PemGetHeaderFooter(int type, const char** header, 381 const char** footer); 382 383 #endif 384 385 WOLFSSL_API int wc_AllocDer(DerBuffer** pDer, word32 length, int type, void* heap); 386 WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); 387 388 #ifdef WOLFSSL_PEM_TO_DER 389 WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type, 390 DerBuffer** pDer, void* heap, EncryptedInfo* info, int* eccKey); 391 392 WOLFSSL_API int wc_KeyPemToDer(const unsigned char*, int, 393 unsigned char*, int, const char*); 394 WOLFSSL_API int wc_CertPemToDer(const unsigned char*, int, 395 unsigned char*, int, int); 396 #endif /* WOLFSSL_PEM_TO_DER */ 397 256 398 #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER) 257 #ifndef WOLFSSL_PEMPUBKEY_TODER_DEFINED258 399 #ifndef NO_FILESYSTEM 259 /* forward from wolfssl */ 260 WOLFSSL_API int wolfSSL_PemPubKeyToDer(const char* fileName, 400 WOLFSSL_API int wc_PemPubKeyToDer(const char* fileName, 261 401 unsigned char* derBuf, int derSz); 262 402 #endif 263 403 264 /* forward from wolfssl */ 265 WOLFSSL_API int wolfSSL_PubKeyPemToDer(const unsigned char*, int, 404 WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char*, int, 266 405 unsigned char*, int); 267 #define WOLFSSL_PEMPUBKEY_TODER_DEFINED268 #endif /* WOLFSSL_PEMPUBKEY_TODER_DEFINED */269 406 #endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */ 270 407 271 #if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || !defined(NO_DSA) \ 272 || defined(OPENSSL_EXTRA) 408 #ifdef WOLFSSL_CERT_GEN 409 #ifndef NO_FILESYSTEM 410 WOLFSSL_API int wc_PemCertToDer(const char* fileName, 411 unsigned char* derBuf, int derSz); 412 #endif 413 #endif /* WOLFSSL_CERT_GEN */ 414 415 #ifdef WOLFSSL_DER_TO_PEM 273 416 WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output, 274 417 word32 outputSz, int type); 275 418 WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, 276 419 word32 outputSz, byte *cipherIno, int type); 420 #endif 421 422 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA) 423 WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx, 424 word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz); 277 425 #endif 278 426 … … 284 432 WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, 285 433 word32 inLen); 434 WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output, 435 word32* outLen); 286 436 287 437 /* public key helper */ 288 438 WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*, 289 439 ecc_key*, word32); 290 #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))291 440 WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key*, byte* output, 292 441 word32 inLen, int with_AlgCurve); 293 442 #endif 294 #endif295 443 296 444 #ifdef HAVE_ED25519 … … 322 470 byte* key, word32 keySz, int algoID, const byte* curveOID, word32 oidSz); 323 471 472 #ifndef NO_ASN_TIME 324 473 /* Time */ 325 474 /* Returns seconds (Epoch/UTC) … … 330 479 */ 331 480 WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize); 481 #endif 482 483 #ifdef WOLFSSL_ENCRYPTED_KEYS 484 WOLFSSL_API int wc_EncryptedInfoGet(EncryptedInfo* info, 485 const char* cipherInfo); 486 #endif 487 488 489 #ifdef WOLFSSL_CERT_PIV 490 491 typedef struct _wc_CertPIV { 492 const byte* cert; 493 word32 certSz; 494 const byte* certErrDet; 495 word32 certErrDetSz; 496 const byte* nonce; /* Identiv Only */ 497 word32 nonceSz; /* Identiv Only */ 498 const byte* signedNonce; /* Identiv Only */ 499 word32 signedNonceSz; /* Identiv Only */ 500 501 /* flags */ 502 word16 compression:2; 503 word16 isX509:1; 504 word16 isIdentiv:1; 505 } wc_CertPIV; 506 507 WOLFSSL_API int wc_ParseCertPIV(wc_CertPIV* cert, const byte* buf, word32 totalSz); 508 #endif /* WOLFSSL_CERT_PIV */ 509 332 510 333 511 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/coding.h
r337 r372 20 20 */ 21 21 22 22 /*! 23 \file wolfssl/wolfcrypt/coding.h 24 */ 23 25 24 26 #ifndef WOLF_CRYPT_CODING_H … … 62 64 #endif 63 65 64 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS) \ 65 || defined(HAVE_ECC_CDH) 66 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ 67 defined(HAVE_WEBSERVER) || defined(HAVE_FIPS) || \ 68 defined(HAVE_ECC_CDH) || defined(HAVE_SELFTEST) || \ 69 defined(WOLFSSL_ENCRYPTED_KEYS) 70 #ifndef WOLFSSL_BASE16 71 #define WOLFSSL_BASE16 72 #endif 73 #endif 74 75 #ifdef WOLFSSL_BASE16 66 76 WOLFSSL_API 67 77 int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen); -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/curve25519.h
r337 r372 19 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 20 */ 21 22 /*! 23 \file wolfssl/wolfcrypt/curve25519.h 24 */ 21 25 22 26 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/des3.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/des3.h 24 */ 22 25 23 26 #ifndef WOLF_CRYPT_DES3_H … … 28 31 #ifndef NO_DES3 29 32 30 #ifdef HAVE_FIPS 33 #if defined(HAVE_FIPS) && \ 34 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 35 #include <wolfssl/wolfcrypt/fips.h> 36 #endif /* HAVE_FIPS_VERSION >= 2 */ 37 38 #if defined(HAVE_FIPS) && \ 39 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 31 40 /* included for fips @wc_fips */ 32 41 #include <cyassl/ctaocrypt/des3.h> … … 37 46 #endif 38 47 39 #ifndef HAVE_FIPS /* to avoid redefinition of macros */ 48 /* these are required for FIPS and non-FIPS */ 49 enum { 50 DES_KEY_SIZE = 8, /* des */ 51 DES3_KEY_SIZE = 24, /* 3 des ede */ 52 DES_IV_SIZE = 8, /* should be the same as DES_BLOCK_SIZE */ 53 }; 54 55 56 /* avoid redefinition of structs */ 57 #if !defined(HAVE_FIPS) || \ 58 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 40 59 41 60 #ifdef WOLFSSL_ASYNC_CRYPT … … 44 63 45 64 enum { 46 DES_ENC_TYPE = 2, /* cipher unique type */ 47 DES3_ENC_TYPE = 3, /* cipher unique type */ 65 DES_ENC_TYPE = WC_CIPHER_DES, /* cipher unique type */ 66 DES3_ENC_TYPE = WC_CIPHER_DES3, /* cipher unique type */ 67 48 68 DES_BLOCK_SIZE = 8, 49 DES_KS_SIZE = 32, 69 DES_KS_SIZE = 32, /* internal DES key buffer size */ 50 70 51 71 DES_ENCRYPTION = 0, -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/dh.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/dh.h 24 */ 22 25 23 26 #ifndef WOLF_CRYPT_DH_H … … 27 30 28 31 #ifndef NO_DH 32 33 #if defined(HAVE_FIPS) && \ 34 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 35 #include <wolfssl/wolfcrypt/fips.h> 36 #endif /* HAVE_FIPS_VERSION >= 2 */ 29 37 30 38 #include <wolfssl/wolfcrypt/integer.h> … … 39 47 #endif 40 48 typedef struct DhParams { 49 #ifdef HAVE_FFDHE_Q 50 const byte* q; 51 word32 q_len; 52 #endif /* HAVE_FFDHE_Q */ 41 53 const byte* p; 42 54 word32 p_len; … … 47 59 /* Diffie-Hellman Key */ 48 60 typedef struct DhKey { 49 mp_int p, g ;/* group parameters */61 mp_int p, g, q; /* group parameters */ 50 62 void* heap; 51 63 #ifdef WOLFSSL_ASYNC_CRYPT … … 73 85 WOLFSSL_API int wc_InitDhKey(DhKey* key); 74 86 WOLFSSL_API int wc_InitDhKey_ex(DhKey* key, void* heap, int devId); 75 WOLFSSL_API voidwc_FreeDhKey(DhKey* key);87 WOLFSSL_API int wc_FreeDhKey(DhKey* key); 76 88 77 89 WOLFSSL_API int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng, byte* priv, … … 85 97 WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, 86 98 word32 gSz); 99 WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz, 100 const byte* g, word32 gSz, const byte* q, word32 qSz); 101 WOLFSSL_API int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz, 102 const byte* g, word32 gSz, const byte* q, word32 qSz, 103 int trusted, WC_RNG* rng); 87 104 WOLFSSL_API int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, 88 105 word32* pInOutSz, byte* g, word32* gInOutSz); 89 106 WOLFSSL_API int wc_DhCheckPubKey(DhKey* key, const byte* pub, word32 pubSz); 107 WOLFSSL_API int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz, 108 const byte* prime, word32 primeSz); 109 WOLFSSL_API int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 pubSz); 110 WOLFSSL_API int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 pubSz, 111 const byte* prime, word32 primeSz); 112 WOLFSSL_API int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz, 113 const byte* priv, word32 privSz); 114 WOLFSSL_API int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh); 115 WOLFSSL_API int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz, 116 byte* q, word32* qSz, byte* g, word32* gSz); 117 90 118 91 119 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/dsa.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/dsa.h 24 */ 22 25 23 26 #ifndef WOLF_CRYPT_DSA_H … … 75 78 #endif 76 79 80 /* raw export functions */ 81 WOLFSSL_API int wc_DsaImportParamsRaw(DsaKey* dsa, const char* p, 82 const char* q, const char* g); 83 WOLFSSL_API int wc_DsaImportParamsRawCheck(DsaKey* dsa, const char* p, 84 const char* q, const char* g, 85 int trusted, WC_RNG* rng); 86 WOLFSSL_API int wc_DsaExportParamsRaw(DsaKey* dsa, byte* p, word32* pSz, 87 byte* q, word32* qSz, byte* g, 88 word32* gSz); 89 WOLFSSL_API int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, 90 word32* ySz); 77 91 #ifdef __cplusplus 78 92 } /* extern "C" */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/ecc.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/ecc.h 24 */ 25 22 26 23 27 #ifndef WOLF_CRYPT_ECC_H … … 27 31 28 32 #ifdef HAVE_ECC 33 34 #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 35 #include <wolfssl/wolfcrypt/fips.h> 36 #endif /* HAVE_FIPS_VERSION >= 2 */ 29 37 30 38 #include <wolfssl/wolfcrypt/integer.h> … … 73 81 #elif defined(HAVE_ECC320) 74 82 #define MAX_ECC_BITS 320 83 #elif !defined(NO_ECC256) 84 #define MAX_ECC_BITS 256 75 85 #elif defined(HAVE_ECC239) 76 86 #define MAX_ECC_BITS 239 77 87 #elif defined(HAVE_ECC224) 78 88 #define MAX_ECC_BITS 224 79 #elif !defined(NO_ECC256)80 #define MAX_ECC_BITS 25681 89 #elif defined(HAVE_ECC192) 82 90 #define MAX_ECC_BITS 192 … … 110 118 ECC_MAX_PAD_SZ = 4, /* ECC maximum padding size */ 111 119 ECC_MAX_OID_LEN = 16, 112 ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ) 120 ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ), 121 122 /* max crypto hardware size */ 123 #ifdef WOLFSSL_ATECC508A 124 ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */ 125 ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2), 126 #elif defined(PLUTON_CRYPTO_ECC) 127 ECC_MAX_CRYPTO_HW_SIZE = 32, 128 #endif 129 130 /* point compression type */ 131 ECC_POINT_COMP_EVEN = 0x02, 132 ECC_POINT_COMP_ODD = 0x03, 133 ECC_POINT_UNCOMP = 0x04, 134 135 /* Shamir's dual add constants */ 136 SHAMIR_PRECOMP_SZ = 16, 137 138 #ifdef HAVE_PKCS11 139 ECC_MAX_ID_LEN = 32, 140 #endif 113 141 }; 114 142 … … 176 204 177 205 /* ECC set type defined a GF(p) curve */ 206 #ifndef USE_WINDOWS_API 178 207 typedef struct ecc_set_type { 179 208 int size; /* The size of the curve in octets */ … … 191 220 int cofactor; 192 221 } ecc_set_type; 222 #else 223 /* MSC does something different with the pointers to the arrays than GCC, 224 * and it causes the FIPS checksum to fail. In the case of windows builds, 225 * store everything as arrays instead of pointers to strings. */ 226 227 #define MAX_ECC_NAME 16 228 #define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 1) 229 /* The values are stored as text strings. */ 230 231 typedef struct ecc_set_type { 232 int size; /* The size of the curve in octets */ 233 int id; /* id of this curve */ 234 const char name[MAX_ECC_NAME]; /* name of this curve */ 235 const char prime[MAX_ECC_STRING]; /* prime that defines the field, curve is in (hex) */ 236 const char Af[MAX_ECC_STRING]; /* fields A param (hex) */ 237 const char Bf[MAX_ECC_STRING]; /* fields B param (hex) */ 238 const char order[MAX_ECC_STRING]; /* order of the curve (hex) */ 239 const char Gx[MAX_ECC_STRING]; /* x coordinate of the base point on curve (hex) */ 240 const char Gy[MAX_ECC_STRING]; /* y coordinate of the base point on curve (hex) */ 241 const ecc_oid_t oid[10]; 242 word32 oidSz; 243 word32 oidSum; /* sum of encoded OID bytes */ 244 int cofactor; 245 } ecc_set_type; 246 #endif 193 247 194 248 … … 247 301 typedef struct alt_fp_int { 248 302 int used, sign, size; 249 fp_digit dp[FP_SIZE_ECC];303 mp_digit dp[FP_SIZE_ECC]; 250 304 } alt_fp_int; 251 305 #endif /* ALT_ECC_SIZE */ 306 307 #ifndef WC_ECCKEY_TYPE_DEFINED 308 typedef struct ecc_key ecc_key; 309 #define WC_ECCKEY_TYPE_DEFINED 310 #endif 252 311 253 312 … … 265 324 alt_fp_int xyz[3]; 266 325 #endif 326 #ifdef WOLFSSL_SMALL_STACK_CACHE 327 ecc_key* key; 328 #endif 267 329 } ecc_point; 268 330 … … 285 347 const ecc_set_type* dp; /* domain parameters, either points to NIST 286 348 curves (idx >= 0) or user supplied */ 349 #ifdef WOLFSSL_CUSTOM_CURVES 350 int deallocSet; 351 #endif 287 352 void* heap; /* heap hint */ 353 ecc_point pubkey; /* public key */ 354 mp_int k; /* private key */ 288 355 #ifdef WOLFSSL_ATECC508A 289 356 int slot; /* Key Slot Number (-1 unknown) */ 290 byte pubkey [PUB_KEY_SIZE];291 #e lse292 ecc_point pubkey; /* public key */ 293 mp_int k; /* private key */357 byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE]; 358 #endif 359 #if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_DEV) 360 int devId; 294 361 #endif 295 362 #ifdef WOLFSSL_ASYNC_CRYPT … … 297 364 mp_int* s; 298 365 WC_ASYNC_DEV asyncDev; 366 #ifdef HAVE_CAVIUM_V 367 mp_int* e; /* Sign, Verify and Shared Secret */ 368 mp_int* signK; 369 #endif 299 370 #ifdef WOLFSSL_CERT_GEN 300 371 CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */ 301 372 #endif 302 373 #endif /* WOLFSSL_ASYNC_CRYPT */ 303 }; 304 305 #ifndef WC_ECCKEY_TYPE_DEFINED 306 typedef struct ecc_key ecc_key; 307 #define WC_ECCKEY_TYPE_DEFINED 308 #endif 374 #ifdef HAVE_PKCS11 375 byte id[ECC_MAX_ID_LEN]; 376 int idLen; 377 #endif 378 #ifdef WOLFSSL_SMALL_STACK_CACHE 379 mp_int* t1; 380 mp_int* t2; 381 #ifdef ALT_ECC_SIZE 382 mp_int* x; 383 mp_int* y; 384 mp_int* z; 385 #endif 386 #endif 387 }; 309 388 310 389 … … 322 401 #define ECC_API WOLFSSL_LOCAL 323 402 #endif 403 404 ECC_API int ecc_mul2add(ecc_point* A, mp_int* kA, 405 ecc_point* B, mp_int* kB, 406 ecc_point* C, mp_int* a, mp_int* modulus, void* heap); 324 407 325 408 ECC_API int ecc_map(ecc_point*, mp_int*, mp_digit); … … 378 461 WOLFSSL_API 379 462 int wc_ecc_init_ex(ecc_key* key, void* heap, int devId); 380 WOLFSSL_API 381 void wc_ecc_free(ecc_key* key); 463 #ifdef HAVE_PKCS11 464 WOLFSSL_API 465 int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap, 466 int devId); 467 #endif 468 #ifdef WOLFSSL_CUSTOM_CURVES 469 WOLFSSL_LOCAL 470 void wc_ecc_free_curve(const ecc_set_type* curve, void* heap); 471 #endif 472 WOLFSSL_API 473 int wc_ecc_free(ecc_key* key); 382 474 WOLFSSL_API 383 475 int wc_ecc_set_flags(ecc_key* key, word32 flags); … … 410 502 const byte* Gx, word32 GxSz, const byte* Gy, word32 GySz, int cofactor); 411 503 504 WOLFSSL_API 505 int wc_ecc_get_curve_id_from_oid(const byte* oid, word32 len); 506 507 WOLFSSL_API 508 ecc_point* wc_ecc_new_point(void); 509 WOLFSSL_API 510 ecc_point* wc_ecc_new_point_h(void* h); 511 WOLFSSL_API 512 void wc_ecc_del_point(ecc_point* p); 513 WOLFSSL_API 514 void wc_ecc_del_point_h(ecc_point* p, void* h); 515 WOLFSSL_API 516 int wc_ecc_copy_point(ecc_point* p, ecc_point *r); 517 WOLFSSL_API 518 int wc_ecc_cmp_point(ecc_point* a, ecc_point *b); 519 WOLFSSL_API 520 int wc_ecc_point_is_at_infinity(ecc_point *p); 521 412 522 #ifndef WOLFSSL_ATECC508A 413 414 WOLFSSL_API415 ecc_point* wc_ecc_new_point(void);416 WOLFSSL_API417 ecc_point* wc_ecc_new_point_h(void* h);418 WOLFSSL_API419 void wc_ecc_del_point(ecc_point* p);420 WOLFSSL_API421 void wc_ecc_del_point_h(ecc_point* p, void* h);422 WOLFSSL_API423 int wc_ecc_copy_point(ecc_point* p, ecc_point *r);424 WOLFSSL_API425 int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);426 WOLFSSL_API427 int wc_ecc_point_is_at_infinity(ecc_point *p);428 523 WOLFSSL_API 429 524 int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, … … 459 554 int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen); 460 555 WOLFSSL_API 556 int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz, 557 byte* out, word32* outlen); 558 WOLFSSL_API 461 559 int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen, 462 560 byte* s, word32* sLen); … … 467 565 int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy, 468 566 const char* d, int curve_id); 567 WOLFSSL_API 568 int wc_ecc_import_unsigned(ecc_key* key, byte* qx, byte* qy, 569 byte* d, int curve_id); 469 570 #endif /* HAVE_ECC_KEY_IMPORT */ 470 571 471 572 #ifdef HAVE_ECC_KEY_EXPORT 573 WOLFSSL_API 574 int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen, 575 byte* qy, word32* qyLen, byte* d, word32* dLen, 576 int encType); 472 577 WOLFSSL_API 473 578 int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen); … … 497 602 WOLFSSL_API 498 603 int wc_ecc_size(ecc_key* key); 604 WOLFSSL_API 605 int wc_ecc_sig_size_calc(int sz); 499 606 WOLFSSL_API 500 607 int wc_ecc_sig_size(ecc_key* key); -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/ed25519.h
r337 r372 19 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 20 */ 21 22 /*! 23 \file wolfssl/wolfcrypt/ed25519.h 24 */ 21 25 22 26 … … 74 78 byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */ 75 79 #endif 80 word16 pubKeySet:1; 76 81 #ifdef WOLFSSL_ASYNC_CRYPT 77 82 WC_ASYNC_DEV asyncDev; -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/error-crypt.h
r337 r372 20 20 */ 21 21 22 22 /*! 23 \file wolfssl/wolfcrypt/error-crypt.h 24 */ 23 25 24 26 #ifndef WOLF_CRYPT_ERROR_H … … 98 100 ASN_NTRU_KEY_E = -159, /* ASN ntru key decode error, invalid input */ 99 101 ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */ 102 ASN_ALT_NAME_E = -161, /* ASN alternate name error */ 103 ASN_NO_PEM_HEADER = -162, /* ASN no PEM header found */ 100 104 101 105 ECC_BAD_ARG_E = -170, /* ECC input argument of wrong type */ … … 192 196 ECC_PRIVATEONLY_E = -246, /* Invalid use of private only ECC key*/ 193 197 EXTKEYUSAGE_E = -247, /* Bad Extended Key Usage value */ 194 195 WC_LAST_E = -247, /* Update this to indicate last error */ 198 WC_HW_E = -248, /* Error with hardware crypto use */ 199 WC_HW_WAIT_E = -249, /* Hardware waiting on resource */ 200 201 PSS_SALTLEN_E = -250, /* PSS length of salt is to long for hash */ 202 PRIME_GEN_E = -251, /* Failure finding a prime. */ 203 BER_INDEF_E = -252, /* Cannot decode indefinite length BER. */ 204 RSA_OUT_OF_RANGE_E = -253, /* Ciphertext to decrypt out of range. */ 205 RSAPSS_PAT_FIPS_E = -254, /* RSA-PSS PAT failure */ 206 ECDSA_PAT_FIPS_E = -255, /* ECDSA PAT failure */ 207 DH_KAT_FIPS_E = -256, /* DH KAT failure */ 208 AESCCM_KAT_FIPS_E = -257, /* AESCCM KAT failure */ 209 SHA3_KAT_FIPS_E = -258, /* SHA-3 KAT failure */ 210 ECDHE_KAT_FIPS_E = -259, /* ECDHE KAT failure */ 211 AES_GCM_OVERFLOW_E = -260, /* AES-GCM invocation counter overflow. */ 212 AES_CCM_OVERFLOW_E = -261, /* AES-CCM invocation counter overflow. */ 213 RSA_KEY_PAIR_E = -262, /* RSA Key Pair-Wise Consistency check fail. */ 214 DH_CHECK_PRIV_E = -263, /* DH Check Priv Key error */ 215 216 WC_AFALG_SOCK_E = -264, /* AF_ALG socket error */ 217 WC_DEVCRYPTO_E = -265, /* /dev/crypto error */ 218 219 ZLIB_INIT_ERROR = -266, /* zlib init error */ 220 ZLIB_COMPRESS_ERROR = -267, /* zlib compression error */ 221 ZLIB_DECOMPRESS_ERROR = -268, /* zlib decompression error */ 222 223 PKCS7_NO_SIGNER_E = -269, /* No signer in PKCS#7 signed data msg */ 224 WC_PKCS7_WANT_READ_E= -270, /* PKCS7 operations wants more input */ 225 226 WC_LAST_E = -270, /* Update this to indicate last error */ 196 227 MIN_CODE_E = -300 /* errors -101 - -299 */ 197 228 … … 201 232 202 233 234 #ifdef NO_ERROR_STRINGS 235 #define wc_GetErrorString(error) "no support for error strings built in" 236 #define wc_ErrorString(err, buf) \ 237 (void)err; XSTRNCPY((buf), wc_GetErrorString((err)), \ 238 WOLFSSL_MAX_ERROR_SZ); 239 240 #else 203 241 WOLFSSL_API void wc_ErrorString(int err, char* buff); 204 242 WOLFSSL_API const char* wc_GetErrorString(int error); 205 243 #endif 206 244 207 245 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/hash.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/hash.h 24 */ 22 25 23 26 #ifndef WOLF_CRYPT_HASH_H … … 38 41 #include <wolfssl/wolfcrypt/sha512.h> 39 42 #endif 43 #ifdef HAVE_BLAKE2 44 #include <wolfssl/wolfcrypt/blake2.h> 45 #endif 46 #ifdef WOLFSSL_SHA3 47 #include <wolfssl/wolfcrypt/sha3.h> 48 #endif 49 #ifndef NO_MD4 50 #include <wolfssl/wolfcrypt/md4.h> 51 #endif 52 #ifdef WOLFSSL_MD2 53 #include <wolfssl/wolfcrypt/md2.h> 54 #endif 55 40 56 41 57 #ifdef __cplusplus … … 43 59 #endif 44 60 45 /* Hash types */ 46 enum wc_HashType { 47 WC_HASH_TYPE_NONE = 0, 48 WC_HASH_TYPE_MD2 = 1, 49 WC_HASH_TYPE_MD4 = 2, 50 WC_HASH_TYPE_MD5 = 3, 51 WC_HASH_TYPE_SHA = 4, /* SHA-1 (not old SHA-0) */ 52 WC_HASH_TYPE_SHA224 = 9, 53 WC_HASH_TYPE_SHA256 = 5, 54 WC_HASH_TYPE_SHA384 = 6, 55 WC_HASH_TYPE_SHA512 = 7, 56 WC_HASH_TYPE_MD5_SHA = 8, 57 }; 61 #if !defined(HAVE_FIPS) && !defined(NO_OLD_WC_NAMES) 62 #define MAX_DIGEST_SIZE WC_MAX_DIGEST_SIZE 63 #endif 64 58 65 59 66 typedef union { … … 80 87 /* Find largest possible digest size 81 88 Note if this gets up to the size of 80 or over check smallstack build */ 82 #if defined(WOLFSSL_SHA512) 89 #if defined(WOLFSSL_SHA3) 90 #define WC_MAX_DIGEST_SIZE WC_SHA3_512_DIGEST_SIZE 91 #define WC_MAX_BLOCK_SIZE WC_SHA3_224_BLOCK_SIZE /* 224 is the largest block size */ 92 #elif defined(WOLFSSL_SHA512) 83 93 #define WC_MAX_DIGEST_SIZE WC_SHA512_DIGEST_SIZE 94 #define WC_MAX_BLOCK_SIZE WC_SHA512_BLOCK_SIZE 95 #elif defined(HAVE_BLAKE2) 96 #define WC_MAX_DIGEST_SIZE BLAKE2B_OUTBYTES 97 #define WC_MAX_BLOCK_SIZE BLAKE2B_BLOCKBYTES 84 98 #elif defined(WOLFSSL_SHA384) 85 99 #define WC_MAX_DIGEST_SIZE WC_SHA384_DIGEST_SIZE 100 #define WC_MAX_BLOCK_SIZE WC_SHA384_BLOCK_SIZE 86 101 #elif !defined(NO_SHA256) 87 102 #define WC_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE 103 #define WC_MAX_BLOCK_SIZE WC_SHA256_BLOCK_SIZE 88 104 #elif defined(WOLFSSL_SHA224) 89 105 #define WC_MAX_DIGEST_SIZE WC_SHA224_DIGEST_SIZE 106 #define WC_MAX_BLOCK_SIZE WC_SHA224_BLOCK_SIZE 90 107 #elif !defined(NO_SHA) 91 108 #define WC_MAX_DIGEST_SIZE WC_SHA_DIGEST_SIZE 109 #define WC_MAX_BLOCK_SIZE WC_SHA_BLOCK_SIZE 92 110 #elif !defined(NO_MD5) 93 111 #define WC_MAX_DIGEST_SIZE WC_MD5_DIGEST_SIZE 112 #define WC_MAX_BLOCK_SIZE WC_MD5_BLOCK_SIZE 94 113 #else 95 114 #define WC_MAX_DIGEST_SIZE 64 /* default to max size of 64 */ 115 #define WC_MAX_BLOCK_SIZE 128 96 116 #endif 97 117 98 118 #if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC) 99 119 WOLFSSL_API int wc_HashGetOID(enum wc_HashType hash_type); 120 WOLFSSL_API enum wc_HashType wc_OidGetHash(int oid); 100 121 #endif 101 122 123 WOLFSSL_API enum wc_HashType wc_HashTypeConvert(int hashType); 124 102 125 WOLFSSL_API int wc_HashGetDigestSize(enum wc_HashType hash_type); 126 WOLFSSL_API int wc_HashGetBlockSize(enum wc_HashType hash_type); 103 127 WOLFSSL_API int wc_Hash(enum wc_HashType hash_type, 104 128 const byte* data, word32 data_len, … … 111 135 WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, 112 136 byte* out); 113 137 WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); 114 138 115 139 #ifndef NO_MD5 … … 123 147 #endif 124 148 149 #ifdef WOLFSSL_SHA224 150 #include <wolfssl/wolfcrypt/sha256.h> 151 WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*); 152 #endif /* defined(WOLFSSL_SHA224) */ 153 125 154 #ifndef NO_SHA256 126 155 #include <wolfssl/wolfcrypt/sha256.h> 127 156 WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*); 157 #endif 128 158 129 #if defined(WOLFSSL_SHA224) 130 WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*); 131 #endif /* defined(WOLFSSL_SHA224) */132 #endif 159 #ifdef WOLFSSL_SHA384 160 #include <wolfssl/wolfcrypt/sha512.h> 161 WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*); 162 #endif /* defined(WOLFSSL_SHA384) */ 133 163 134 164 #ifdef WOLFSSL_SHA512 135 165 #include <wolfssl/wolfcrypt/sha512.h> 136 166 WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*); 137 138 #if defined(WOLFSSL_SHA384)139 WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);140 #endif /* defined(WOLFSSL_SHA384) */141 167 #endif /* WOLFSSL_SHA512 */ 142 168 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/hc128.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/hc128.h 24 */ 25 22 26 23 27 #ifndef WOLF_CRYPT_HC128_H … … 33 37 34 38 enum { 35 HC128_ENC_TYPE = 6/* cipher unique type */39 HC128_ENC_TYPE = WC_CIPHER_HC128, /* cipher unique type */ 36 40 }; 37 41 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/hmac.h
r337 r372 20 20 */ 21 21 22 22 /*! 23 \file wolfssl/wolfcrypt/hmac.h 24 */ 23 25 24 26 #ifndef NO_HMAC … … 27 29 #define WOLF_CRYPT_HMAC_H 28 30 29 #include <wolfssl/wolfcrypt/ types.h>31 #include <wolfssl/wolfcrypt/hash.h> 30 32 31 #ifndef NO_MD5 32 #include <wolfssl/wolfcrypt/md5.h> 33 #if defined(HAVE_FIPS) && \ 34 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 35 /* for fips @wc_fips */ 36 #include <cyassl/ctaocrypt/hmac.h> 37 #define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE 33 38 #endif 34 39 35 #ifndef NO_SHA 36 #include <wolfssl/wolfcrypt/sha.h> 40 41 #if defined(HAVE_FIPS) && \ 42 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 43 #include <wolfssl/wolfcrypt/fips.h> 37 44 #endif 38 39 #if !defined(NO_SHA256) || defined(WOLFSSL_SHA224)40 #include <wolfssl/wolfcrypt/sha256.h>41 #endif42 43 #ifdef WOLFSSL_SHA51244 #include <wolfssl/wolfcrypt/sha512.h>45 #endif46 47 #ifdef HAVE_BLAKE248 #include <wolfssl/wolfcrypt/blake2.h>49 #endif50 51 #ifdef HAVE_FIPS52 /* for fips */53 #include <cyassl/ctaocrypt/hmac.h>54 #endif55 56 45 57 46 #ifdef __cplusplus 58 47 extern "C" { 59 48 #endif 60 #ifndef HAVE_FIPS 49 50 /* avoid redefinition of structs */ 51 #if !defined(HAVE_FIPS) || \ 52 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 61 53 62 54 #ifdef WOLFSSL_ASYNC_CRYPT 63 55 #include <wolfssl/wolfcrypt/async.h> 56 #endif 57 58 #ifndef NO_OLD_WC_NAMES 59 #define HMAC_BLOCK_SIZE WC_HMAC_BLOCK_SIZE 64 60 #endif 65 61 … … 72 68 /* If any hash is not enabled, add the ID here. */ 73 69 #ifdef NO_MD5 74 WC_MD5 = 0,70 WC_MD5 = WC_HASH_TYPE_MD5, 75 71 #endif 76 72 #ifdef NO_SHA 77 WC_SHA = 1,73 WC_SHA = WC_HASH_TYPE_SHA, 78 74 #endif 79 75 #ifdef NO_SHA256 80 WC_SHA256 = 2,76 WC_SHA256 = WC_HASH_TYPE_SHA256, 81 77 #endif 82 78 #ifndef WOLFSSL_SHA512 83 WC_SHA512 = 4,79 WC_SHA512 = WC_HASH_TYPE_SHA512, 84 80 #endif 85 81 #ifndef WOLFSSL_SHA384 86 WC_SHA384 = 5,82 WC_SHA384 = WC_HASH_TYPE_SHA384, 87 83 #endif 88 84 #ifndef HAVE_BLAKE2 89 BLAKE2B_ID = 7,85 BLAKE2B_ID = WC_HASH_TYPE_BLAKE2B, 90 86 #endif 91 87 #ifndef WOLFSSL_SHA224 92 WC_SHA224 = 8,88 WC_SHA224 = WC_HASH_TYPE_SHA224, 93 89 #endif 94 90 #ifndef WOLFSSL_SHA3 91 WC_SHA3_224 = WC_HASH_TYPE_SHA3_224, 92 WC_SHA3_256 = WC_HASH_TYPE_SHA3_256, 93 WC_SHA3_384 = WC_HASH_TYPE_SHA3_384, 94 WC_SHA3_512 = WC_HASH_TYPE_SHA3_512, 95 #endif 96 }; 95 97 96 98 /* Select the largest available hash for the buffer size. */ 97 #if defined(WOLFSSL_SHA512) 98 MAX_DIGEST_SIZE = WC_SHA512_DIGEST_SIZE, 99 HMAC_BLOCK_SIZE = WC_SHA512_BLOCK_SIZE, 100 #elif defined(HAVE_BLAKE2) 101 MAX_DIGEST_SIZE = BLAKE2B_OUTBYTES, 102 HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES, 103 #elif defined(WOLFSSL_SHA384) 104 MAX_DIGEST_SIZE = WC_SHA384_DIGEST_SIZE, 105 HMAC_BLOCK_SIZE = WC_SHA384_BLOCK_SIZE 106 #elif !defined(NO_SHA256) 107 MAX_DIGEST_SIZE = WC_SHA256_DIGEST_SIZE, 108 HMAC_BLOCK_SIZE = WC_SHA256_BLOCK_SIZE 109 #elif defined(WOLFSSL_SHA224) 110 MAX_DIGEST_SIZE = WC_SHA224_DIGEST_SIZE, 111 HMAC_BLOCK_SIZE = WC_SHA224_BLOCK_SIZE 112 #elif !defined(NO_SHA) 113 MAX_DIGEST_SIZE = WC_SHA_DIGEST_SIZE, 114 HMAC_BLOCK_SIZE = WC_SHA_BLOCK_SIZE, 115 #elif !defined(NO_MD5) 116 MAX_DIGEST_SIZE = WC_MD5_DIGEST_SIZE, 117 HMAC_BLOCK_SIZE = WC_MD5_BLOCK_SIZE, 118 #else 99 #define WC_HMAC_BLOCK_SIZE WC_MAX_BLOCK_SIZE 100 101 #if !defined(WOLFSSL_SHA3) && !defined(WOLFSSL_SHA512) && !defined(HAVE_BLAKE2) && \ 102 !defined(WOLFSSL_SHA384) && defined(NO_SHA256) && defined(WOLFSSL_SHA224) && \ 103 defined(NO_SHA) && defined(NO_MD5) 119 104 #error "You have to have some kind of hash if you want to use HMAC." 120 105 #endif 121 };122 106 123 107 … … 136 120 wc_Sha256 sha256; 137 121 #endif 138 #ifdef WOLFSSL_SHA512139 122 #ifdef WOLFSSL_SHA384 140 123 wc_Sha384 sha384; 141 124 #endif 125 #ifdef WOLFSSL_SHA512 142 126 wc_Sha512 sha512; 143 127 #endif 144 128 #ifdef HAVE_BLAKE2 145 129 Blake2b blake2b; 130 #endif 131 #ifdef WOLFSSL_SHA3 132 wc_Sha3 sha3; 146 133 #endif 147 134 } Hash; … … 150 137 typedef struct Hmac { 151 138 Hash hash; 152 word32 ipad[ HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/153 word32 opad[ HMAC_BLOCK_SIZE / sizeof(word32)];154 word32 innerHash[ MAX_DIGEST_SIZE / sizeof(word32)];139 word32 ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ 140 word32 opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; 141 word32 innerHash[WC_MAX_DIGEST_SIZE / sizeof(word32)]; 155 142 void* heap; /* heap hint */ 156 143 byte macType; /* md5 sha or sha256 */ … … 160 147 WC_ASYNC_DEV asyncDev; 161 148 word16 keyLen; /* hmac key length (key in ipad) */ 162 #ifdef HAVE_CAVIUM163 byte* data; /* buffered input data for one call */164 word16 dataLen;165 #endif /* HAVE_CAVIUM */166 149 #endif /* WOLFSSL_ASYNC_CRYPT */ 167 150 } Hmac; … … 179 162 180 163 WOLFSSL_API int wolfSSL_GetHmacMaxSize(void); 164 165 WOLFSSL_LOCAL int _InitHmac(Hmac* hmac, int type, void* heap); 181 166 182 167 #ifdef HAVE_HKDF -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/idea.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/idea.h 24 */ 22 25 23 26 #ifndef WOLF_CRYPT_IDEA_H -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/integer.h
r337 r372 34 34 */ 35 35 #include <wolfssl/wolfcrypt/types.h> /* will set MP_xxBIT if not default */ 36 #ifdef USE_FAST_MATH 36 #ifdef WOLFSSL_SP_MATH 37 #include <wolfssl/wolfcrypt/sp_int.h> 38 #elif defined(USE_FAST_MATH) 37 39 #include <wolfssl/wolfcrypt/tfm.h> 38 40 #else … … 68 70 69 71 /* C++ compilers don't like assigning void * to mp_digit * */ 72 #define OPT_CAST(x) (x *) 73 74 #elif defined(_SH3) 75 76 /* SuperH SH3 compiler doesn't like assigning voi* to mp_digit* */ 70 77 #define OPT_CAST(x) (x *) 71 78 … … 249 256 #define mp_tomag(mp, str) mp_to_unsigned_bin((mp), (str)) 250 257 251 #define mp_tobinary(M, S) mp_toradix((M), (S), 2) 252 #define mp_tooctal(M, S) mp_toradix((M), (S), 8) 253 #define mp_todecimal(M, S) mp_toradix((M), (S), 10) 254 #define mp_tohex(M, S) mp_toradix((M), (S), 16) 258 #define MP_RADIX_BIN 2 259 #define MP_RADIX_OCT 8 260 #define MP_RADIX_DEC 10 261 #define MP_RADIX_HEX 16 262 #define MP_RADIX_MAX 64 263 264 #define mp_tobinary(M, S) mp_toradix((M), (S), MP_RADIX_BIN) 265 #define mp_tooctal(M, S) mp_toradix((M), (S), MP_RADIX_OCT) 266 #define mp_todecimal(M, S) mp_toradix((M), (S), MP_RADIX_DEC) 267 #define mp_tohex(M, S) mp_toradix((M), (S), MP_RADIX_HEX) 255 268 256 269 #define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1) 257 270 271 #if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \ 272 defined(WOLFSSL_DEBUG_MATH) || defined(DEBUG_WOLFSSL) 258 273 extern const char *mp_s_rmap; 274 #endif 259 275 260 276 /* 6 functions needed by Rsa */ … … 267 283 MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b); 268 284 MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b); 285 MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c); 269 286 MP_API int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y); 270 287 /* end functions needed by Rsa */ … … 353 370 #endif 354 371 355 #if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) 372 #if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \ 373 !defined(NO_DSA) || !defined(NO_DH) 356 374 MP_API int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c); 357 375 #endif 358 #if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)376 #if !defined(NO_DSA) || defined(HAVE_ECC) 359 377 MP_API int mp_read_radix(mp_int* a, const char* str, int radix); 360 378 #endif 361 379 380 #if defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH) 381 MP_API int mp_prime_is_prime (mp_int * a, int t, int *result); 382 MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG*); 383 #endif /* WOLFSSL_KEY_GEN NO_RSA NO_DSA NO_DH */ 362 384 #ifdef WOLFSSL_KEY_GEN 363 MP_API int mp_prime_is_prime (mp_int * a, int t, int *result);364 385 MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c); 365 386 MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c); -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/logging.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/logging.h 24 */ 25 22 26 23 27 /* submitted by eof */ … … 34 38 35 39 36 enum CYA_Log_Levels {40 enum wc_LogLevels { 37 41 ERROR_LOG = 0, 38 42 INFO_LOG, … … 42 46 }; 43 47 48 #ifdef WOLFSSL_FUNC_TIME 49 /* WARNING: This code is only to be used for debugging performance. 50 * The code is not thread-safe. 51 * Do not use WOLFSSL_FUNC_TIME in production code. 52 */ 53 enum wc_FuncNum { 54 WC_FUNC_HELLO_REQUEST_SEND = 0, 55 WC_FUNC_HELLO_REQUEST_DO, 56 WC_FUNC_CLIENT_HELLO_SEND, 57 WC_FUNC_CLIENT_HELLO_DO, 58 WC_FUNC_SERVER_HELLO_SEND, 59 WC_FUNC_SERVER_HELLO_DO, 60 WC_FUNC_ENCRYPTED_EXTENSIONS_SEND, 61 WC_FUNC_ENCRYPTED_EXTENSIONS_DO, 62 WC_FUNC_CERTIFICATE_REQUEST_SEND, 63 WC_FUNC_CERTIFICATE_REQUEST_DO, 64 WC_FUNC_CERTIFICATE_SEND, 65 WC_FUNC_CERTIFICATE_DO, 66 WC_FUNC_CERTIFICATE_VERIFY_SEND, 67 WC_FUNC_CERTIFICATE_VERIFY_DO, 68 WC_FUNC_FINISHED_SEND, 69 WC_FUNC_FINISHED_DO, 70 WC_FUNC_KEY_UPDATE_SEND, 71 WC_FUNC_KEY_UPDATE_DO, 72 WC_FUNC_EARLY_DATA_SEND, 73 WC_FUNC_EARLY_DATA_DO, 74 WC_FUNC_NEW_SESSION_TICKET_SEND, 75 WC_FUNC_NEW_SESSION_TICKET_DO, 76 WC_FUNC_SERVER_HELLO_DONE_SEND, 77 WC_FUNC_SERVER_HELLO_DONE_DO, 78 WC_FUNC_TICKET_SEND, 79 WC_FUNC_TICKET_DO, 80 WC_FUNC_CLIENT_KEY_EXCHANGE_SEND, 81 WC_FUNC_CLIENT_KEY_EXCHANGE_DO, 82 WC_FUNC_CERTIFICATE_STATUS_SEND, 83 WC_FUNC_CERTIFICATE_STATUS_DO, 84 WC_FUNC_SERVER_KEY_EXCHANGE_SEND, 85 WC_FUNC_SERVER_KEY_EXCHANGE_DO, 86 WC_FUNC_END_OF_EARLY_DATA_SEND, 87 WC_FUNC_END_OF_EARLY_DATA_DO, 88 WC_FUNC_COUNT 89 }; 90 #endif 91 44 92 typedef void (*wolfSSL_Logging_cb)(const int logLevel, 45 93 const char *const logMessage); 46 94 47 95 WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function); 96 97 /* turn logging on, only if compiled in */ 98 WOLFSSL_API int wolfSSL_Debugging_ON(void); 99 /* turn logging off */ 100 WOLFSSL_API void wolfSSL_Debugging_OFF(void); 101 48 102 49 103 #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) … … 56 110 WOLFSSL_LOCAL void wc_RemoveErrorNode(int index); 57 111 WOLFSSL_LOCAL void wc_ClearErrorNodes(void); 112 WOLFSSL_LOCAL int wc_PullErrorNode(const char **file, const char **reason, 113 int *line); 58 114 WOLFSSL_API int wc_SetLoggingHeap(void* h); 115 WOLFSSL_API int wc_ERR_remove_state(void); 59 116 #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) 60 WOLFSSL_API void wc_ERR_print_errors_fp( FILE*fp);117 WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp); 61 118 #endif 62 #endif /* defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)*/119 #endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */ 63 120 64 #ifdef DEBUG_WOLFSSL 121 #ifdef WOLFSSL_FUNC_TIME 122 /* WARNING: This code is only to be used for debugging performance. 123 * The code is not thread-safe. 124 * Do not use WOLFSSL_FUNC_TIME in production code. 125 */ 126 WOLFSSL_API void WOLFSSL_START(int funcNum); 127 WOLFSSL_API void WOLFSSL_END(int funcNum); 128 WOLFSSL_API void WOLFSSL_TIME(int count); 129 #else 130 #define WOLFSSL_START(n) 131 #define WOLFSSL_END(n) 132 #define WOLFSSL_TIME(n) 133 #endif 134 135 #if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_DEBUG_ERRORS_ONLY) 65 136 #if defined(_WIN32) 66 137 #if defined(INTIME_RTOS) … … 74 145 #define WOLFSSL_LOG_CAT(a, m, b) #a " " m " " #b 75 146 76 void WOLFSSL_ENTER(const char* msg);77 void WOLFSSL_LEAVE(const char* msg, int ret);147 WOLFSSL_API void WOLFSSL_ENTER(const char* msg); 148 WOLFSSL_API void WOLFSSL_LEAVE(const char* msg, int ret); 78 149 #define WOLFSSL_STUB(m) \ 79 150 WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented)) 80 151 81 void WOLFSSL_MSG(const char* msg);82 void WOLFSSL_BUFFER(const byte* buffer, word32 length);152 WOLFSSL_API void WOLFSSL_MSG(const char* msg); 153 WOLFSSL_API void WOLFSSL_BUFFER(const byte* buffer, word32 length); 83 154 84 #else /* DEBUG_WOLFSSL */155 #else 85 156 86 157 #define WOLFSSL_ENTER(m) … … 91 162 #define WOLFSSL_BUFFER(b, l) 92 163 93 #endif /* DEBUG_WOLFSSL */164 #endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */ 94 165 95 #if (defined(DEBUG_WOLFSSL) || defined(WOLFSSL_NGINX)) || defined(WOLFSSL_HAPROXY) 96 #if (defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)) 97 void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line, 166 #if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 167 168 #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) 169 WOLFSSL_API void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line, 98 170 const char* file, void* ctx); 99 #define WOLFSSL_ERROR(x) WOLFSSL_ERROR_LINE((x), __func__, __LINE__, __FILE__,NULL) 171 #define WOLFSSL_ERROR(x) \ 172 WOLFSSL_ERROR_LINE((x), __func__, __LINE__, __FILE__, NULL) 100 173 #else 101 void WOLFSSL_ERROR(int);174 WOLFSSL_API void WOLFSSL_ERROR(int err); 102 175 #endif 176 WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg); 177 103 178 #else 104 179 #define WOLFSSL_ERROR(e) 180 #define WOLFSSL_ERROR_MSG(m) 105 181 #endif 106 182 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/md2.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/md2.h 24 */ 25 22 26 23 27 #ifndef WOLF_CRYPT_MD2_H … … 34 38 /* in bytes */ 35 39 enum { 36 MD2 = 6, /* hash type unique */40 MD2 = WC_HASH_TYPE_MD2, 37 41 MD2_BLOCK_SIZE = 16, 38 42 MD2_DIGEST_SIZE = 16, -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/md4.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/md4.h 24 */ 22 25 23 26 #ifndef WOLF_CRYPT_MD4_H … … 34 37 /* in bytes */ 35 38 enum { 39 MD4 = WC_HASH_TYPE_MD4, 36 40 MD4_BLOCK_SIZE = 64, 37 41 MD4_DIGEST_SIZE = 16, -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/md5.h
r337 r372 19 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 20 */ 21 22 /*! 23 \file wolfssl/wolfcrypt/md5.h 24 */ 21 25 22 26 … … 49 53 /* in bytes */ 50 54 enum { 51 WC_MD5 = 0, /* hash type unique */55 WC_MD5 = WC_HASH_TYPE_MD5, 52 56 WC_MD5_BLOCK_SIZE = 64, 53 57 WC_MD5_DIGEST_SIZE = 16, … … 55 59 }; 56 60 61 57 62 #ifdef WOLFSSL_MICROCHIP_PIC32MZ 58 63 #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h> 64 #endif 65 #ifdef STM32_HASH 66 #include <wolfssl/wolfcrypt/port/st/stm32.h> 59 67 #endif 60 68 #ifdef WOLFSSL_ASYNC_CRYPT … … 64 72 #ifdef WOLFSSL_TI_HASH 65 73 #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" 74 #elif defined(WOLFSSL_IMX6_CAAM) 75 #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" 66 76 #else 67 77 68 78 /* MD5 digest */ 69 79 typedef struct wc_Md5 { 80 #ifdef STM32_HASH 81 STM32_HASH_Context stmCtx; 82 #else 70 83 word32 buffLen; /* in bytes */ 71 84 word32 loLen; /* length in bytes */ … … 81 94 hashUpdCache cache; /* cache for updates */ 82 95 #endif 83 #if defined(STM32_HASH) && defined(WOLFSSL_STM32_CUBEMX) 84 HASH_HandleTypeDef hashHandle; 85 #endif 96 #endif /* STM32_HASH */ 86 97 #ifdef WOLFSSL_ASYNC_CRYPT 87 98 WC_ASYNC_DEV asyncDev; -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/memory.h
r337 r372 23 23 /* submitted by eof */ 24 24 25 /*! 26 \file wolfssl/wolfcrypt/memory.h 27 */ 25 28 26 29 #ifndef WOLFSSL_MEMORY_H … … 32 35 #ifdef __cplusplus 33 36 extern "C" { 37 #endif 38 39 #ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST 40 WOLFSSL_API void wolfSSL_SetMemFailCount(int memFailCount); 34 41 #endif 35 42 … … 75 82 wolfSSL_Free_cb, 76 83 wolfSSL_Realloc_cb); 77 78 84 WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*, 79 85 wolfSSL_Free_cb*, … … 89 95 #endif 90 96 #define WOLFMEM_DEF_BUCKETS 9 /* number of default memory blocks */ 97 #ifndef WOLFMEM_IO_SZ 91 98 #define WOLFMEM_IO_SZ 16992 /* 16 byte aligned */ 99 #endif 92 100 #ifndef WOLFMEM_BUCKETS 93 /* default size of chunks of memory to seperate into94 * having session certs enabled makes a 21k SSL struct */95 101 #ifndef SESSION_CERTS 102 /* default size of chunks of memory to separate into */ 96 103 #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,16128 104 #elif defined (WOLFSSL_CERT_EXT) 105 /* certificate extensions requires 24k for the SSL struct */ 106 #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,24576 97 107 #else 98 #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,21056 108 /* increase 23k for object member of WOLFSSL_X509_NAME_ENTRY */ 109 #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,23440 99 110 #endif 100 111 #endif 101 112 #ifndef WOLFMEM_DIST 102 #define WOLFMEM_DIST 8,4,4,12,4,5,8,1,1113 #define WOLFMEM_DIST 49,10,6,14,5,6,9,1,1 103 114 #endif 104 115 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/misc.h
r337 r372 92 92 word32 btoi(byte b); 93 93 94 95 WOLFSSL_LOCAL byte ctMaskGT(int a, int b); 96 WOLFSSL_LOCAL byte ctMaskGTE(int a, int b); 97 WOLFSSL_LOCAL byte ctMaskLT(int a, int b); 98 WOLFSSL_LOCAL byte ctMaskLTE(int a, int b); 99 WOLFSSL_LOCAL byte ctMaskEq(int a, int b); 100 WOLFSSL_LOCAL byte ctMaskNotEq(int a, int b); 101 WOLFSSL_LOCAL byte ctMaskSel(byte m, byte a, byte b); 102 WOLFSSL_LOCAL int ctMaskSelInt(byte m, int a, int b); 103 WOLFSSL_LOCAL byte ctSetLTE(int a, int b); 104 94 105 #endif /* NO_INLINE */ 95 106 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/pkcs12.h
r337 r372 40 40 } WC_DerCertList; 41 41 42 42 /* default values for creating PKCS12 */ 43 enum { 44 WC_PKCS12_ITT_DEFAULT = 2048, 45 WC_PKCS12_MAC_DEFAULT = 1, 46 }; 43 47 44 48 WOLFSSL_API WC_PKCS12* wc_PKCS12_new(void); … … 48 52 byte** pkey, word32* pkeySz, byte** cert, word32* certSz, 49 53 WC_DerCertList** ca); 54 WOLFSSL_API WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, 55 char* name, byte* key, word32 keySz, byte* cert, word32 certSz, 56 WC_DerCertList* ca, int nidKey, int nidCert, int iter, int macIter, 57 int keyType, void* heap); 58 50 59 51 60 WOLFSSL_LOCAL int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap); 52 61 WOLFSSL_LOCAL void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12); 53 62 63 WOLFSSL_LOCAL void wc_FreeCertList(WC_DerCertList* list, void* heap); 54 64 55 65 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/pwdbased.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/pwdbased.h 24 */ 22 25 23 26 #ifndef WOLF_CRYPT_PWDBASED_H … … 28 31 #ifndef NO_PWDBASED 29 32 30 #ifndef NO_MD531 #include <wolfssl/wolfcrypt/md5.h> /* for hash type */32 #endif33 34 #include <wolfssl/wolfcrypt/sha.h>35 33 36 34 #ifdef __cplusplus … … 42 40 * wolfssl/wolfcrypt/asn.h line 173 in enum Oid_Types 43 41 */ 42 WOLFSSL_API int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen, 43 const byte* passwd, int passwdLen, 44 const byte* salt, int saltLen, int iterations, 45 int hashType, void* heap); 44 46 WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen, 45 47 const byte* salt, int sLen, int iterations, int kLen, … … 61 63 #endif 62 64 63 /* helper functions */64 WOLFSSL_LOCAL int GetDigestSize(int typeH);65 WOLFSSL_LOCAL int GetPKCS12HashSizes(int typeH, word32* v, word32* u);66 WOLFSSL_LOCAL int DoPKCS12Hash(int typeH, byte* buffer, word32 totalLen,67 byte* Ai, word32 u, int iterations);68 69 65 70 66 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/rabbit.h
r337 r372 19 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 20 */ 21 22 /*! 23 \file wolfssl/wolfcrypt/rabbit.h 24 */ 21 25 22 26 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/random.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/random.h 24 */ 25 22 26 23 27 … … 27 31 #include <wolfssl/wolfcrypt/types.h> 28 32 29 #ifdef HAVE_FIPS 30 /* for fips @wc_fips */ 33 #if defined(HAVE_FIPS) && \ 34 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 35 #include <wolfssl/wolfcrypt/fips.h> 36 #endif /* HAVE_FIPS_VERSION >= 2 */ 37 38 /* included for fips @wc_fips */ 39 #if defined(HAVE_FIPS) && \ 40 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 31 41 #include <cyassl/ctaocrypt/random.h> 32 42 #endif … … 58 68 /* make sure Hash DRBG is enabled, unless WC_NO_HASHDRBG is defined 59 69 or CUSTOM_RAND_GENERATE_BLOCK is defined*/ 60 #if !defined(WC_NO_HASHDRBG) ||!defined(CUSTOM_RAND_GENERATE_BLOCK)70 #if !defined(WC_NO_HASHDRBG) && !defined(CUSTOM_RAND_GENERATE_BLOCK) 61 71 #undef HAVE_HASHDRBG 62 72 #define HAVE_HASHDRBG … … 67 77 68 78 69 #ifndef HAVE_FIPS /* avoid redefining structs and macros */ 79 /* avoid redefinition of structs */ 80 #if !defined(HAVE_FIPS) || \ 81 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 70 82 71 83 /* RNG supports the following sources (in order): … … 95 107 #elif defined(HAVE_WNR) 96 108 /* allow whitewood as direct RNG source using wc_GenerateSeed directly */ 97 #else 109 #elif defined(HAVE_INTEL_RDRAND) 110 /* Intel RDRAND or RDSEED */ 111 #elif !defined(WC_NO_RNG) 98 112 #error No RNG source defined! 99 113 #endif … … 131 145 typedef struct WC_RNG WC_RNG; 132 146 #define WC_RNG_TYPE_DEFINED 133 #endif134 135 #ifdef HAVE_HASHDRBG136 /* Private DRBG state */137 struct DRBG;138 147 #endif 139 148 … … 153 162 }; 154 163 155 #endif /* HAVE_FIPS*/164 #endif /* NO FIPS or have FIPS v2*/ 156 165 157 166 /* NO_OLD_RNGNAME removes RNG struct name to prevent possible type conflicts, … … 172 181 #endif /* HAVE_WNR */ 173 182 174 183 #ifndef WC_NO_RNG 175 184 WOLFSSL_API int wc_InitRng(WC_RNG*); 176 185 WOLFSSL_API int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId); 186 WOLFSSL_API int wc_InitRngNonce(WC_RNG* rng, byte* nonce, word32 nonceSz); 187 WOLFSSL_API int wc_InitRngNonce_ex(WC_RNG* rng, byte* nonce, word32 nonceSz, 188 void* heap, int devId); 177 189 WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz); 178 190 WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*); 179 191 WOLFSSL_API int wc_FreeRng(WC_RNG*); 192 #else 193 #include <wolfssl/wolfcrypt/error-crypt.h> 194 #define wc_InitRng(rng) NOT_COMPILED_IN 195 #define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN 196 #define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN 197 #define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN 198 #define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN 199 #define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN 200 #define wc_FreeRng(rng) (void)NOT_COMPILED_IN 201 #endif 202 180 203 181 204 182 205 #ifdef HAVE_HASHDRBG 206 WOLFSSL_LOCAL int wc_RNG_DRBG_Reseed(WC_RNG* rng, const byte* entropy, 207 word32 entropySz); 208 WOLFSSL_API int wc_RNG_TestSeed(const byte* seed, word32 seedSz); 183 209 WOLFSSL_API int wc_RNG_HealthTest(int reseed, 184 210 const byte* entropyA, word32 entropyASz, 185 211 const byte* entropyB, word32 entropyBSz, 186 212 byte* output, word32 outputSz); 213 WOLFSSL_API int wc_RNG_HealthTest_ex(int reseed, 214 const byte* nonce, word32 nonceSz, 215 const byte* entropyA, word32 entropyASz, 216 const byte* entropyB, word32 entropyBSz, 217 byte* output, word32 outputSz, 218 void* heap, int devId); 187 219 #endif /* HAVE_HASHDRBG */ 188 220 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/ripemd.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/ripemd.h 24 */ 22 25 23 26 #ifndef WOLF_CRYPT_RIPEMD_H -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/rsa.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/rsa.h 24 */ 25 22 26 23 27 #ifndef WOLF_CRYPT_RSA_H … … 27 31 28 32 #ifndef NO_RSA 33 34 35 /* RSA default exponent */ 36 #ifndef WC_RSA_EXPONENT 37 #define WC_RSA_EXPONENT 65537L 38 #endif 39 40 #if defined(WC_RSA_NONBLOCK) 41 /* enable support for fast math based non-blocking exptmod */ 42 /* this splits the RSA function into many smaller operations */ 43 #ifndef USE_FAST_MATH 44 #error RSA non-blocking mode only supported using fast math 45 #endif 46 #ifndef TFM_TIMING_RESISTANT 47 #error RSA non-blocking mode only supported with timing resistance enabled 48 #endif 49 50 /* RSA bounds check is not supported with RSA non-blocking mode */ 51 #undef NO_RSA_BOUNDS_CHECK 52 #define NO_RSA_BOUNDS_CHECK 53 #endif 29 54 30 55 /* allow for user to plug in own crypto */ … … 33 58 #else 34 59 35 #ifdef HAVE_FIPS 60 #if defined(HAVE_FIPS) && \ 61 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 36 62 /* for fips @wc_fips */ 37 63 #include <cyassl/ctaocrypt/rsa.h> … … 42 68 #include <wolfssl/wolfcrypt/integer.h> 43 69 #include <wolfssl/wolfcrypt/random.h> 44 #endif /* HAVE_FIPS */ 70 #endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */ 71 #if defined(HAVE_FIPS) && \ 72 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 73 #include <wolfssl/wolfcrypt/fips.h> 74 #endif 45 75 46 76 /* header file needed for OAEP padding */ … … 55 85 #endif 56 86 87 enum { 88 RSA_MIN_SIZE = 512, 89 RSA_MAX_SIZE = 4096, 90 }; 91 57 92 /* avoid redefinition of structs */ 58 #if !defined(HAVE_FIPS) 93 #if !defined(HAVE_FIPS) || \ 94 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 59 95 60 96 #ifdef WOLFSSL_ASYNC_CRYPT … … 78 114 RSA_BLOCK_TYPE_2 = 2, 79 115 80 RSA_MIN_SIZE = 512,81 RSA_MAX_SIZE = 4096,82 83 116 RSA_MIN_PAD_SZ = 11, /* separator + 0 + pad value + 8 pads */ 84 117 85 118 RSA_PSS_PAD_SZ = 8, 119 RSA_PSS_SALT_MAX_SZ = 62, 86 120 87 121 #ifdef OPENSSL_EXTRA 88 122 RSA_PKCS1_PADDING_SIZE = 11, 89 RSA_PKCS1_OAEP_PADDING_SIZE = 42 /* (2 * hashlen(SHA-1)) + 2 */ 123 RSA_PKCS1_OAEP_PADDING_SIZE = 42, /* (2 * hashlen(SHA-1)) + 2 */ 124 #endif 125 #ifdef WC_RSA_PSS 126 RSA_PSS_PAD_TERM = 0xBC, 127 #endif 128 129 #ifdef HAVE_PKCS11 130 RSA_MAX_ID_LEN = 32, 90 131 #endif 91 132 }; 92 133 134 #ifdef WC_RSA_NONBLOCK 135 typedef struct RsaNb { 136 exptModNb_t exptmod; /* non-block expt_mod */ 137 mp_int tmp; 138 } RsaNb; 139 #endif 93 140 94 141 /* RSA */ 95 142 struct RsaKey { 96 mp_int n, e, d, p, q, dP, dQ, u; 143 mp_int n, e; 144 #ifndef WOLFSSL_RSA_PUBLIC_ONLY 145 mp_int d, p, q; 146 #if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM) 147 mp_int dP, dQ, u; 148 #endif 149 #endif 97 150 void* heap; /* for user memory overrides */ 98 151 byte* data; /* temp buffer for async RSA */ … … 103 156 WC_RNG* rng; /* for PrivateDecrypt blinding */ 104 157 #endif 158 #ifdef WOLF_CRYPTO_DEV 159 int devId; 160 #endif 105 161 #ifdef WOLFSSL_ASYNC_CRYPT 106 162 WC_ASYNC_DEV asyncDev; … … 114 170 XSecure_Rsa xRsa; 115 171 #endif 172 #ifdef HAVE_PKCS11 173 byte id[RSA_MAX_ID_LEN]; 174 int idLen; 175 #endif 176 #if defined(WOLFSSL_ASYNC_CRYPT) || !defined(WOLFSSL_RSA_VERIFY_INLINE) 116 177 byte dataIsAlloc; 178 #endif 179 #ifdef WC_RSA_NONBLOCK 180 RsaNb* nb; 181 #endif 117 182 }; 118 183 … … 127 192 WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); 128 193 WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); 194 #ifdef HAVE_PKCS11 195 WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, 196 void* heap, int devId); 197 #endif 198 WOLFSSL_API int wc_CheckRsaKey(RsaKey* key); 129 199 #ifdef WOLFSSL_XILINX_CRYPT 130 200 WOLFSSL_LOCAL int wc_InitRsaHw(RsaKey* key); 131 201 #endif /* WOLFSSL_XILINX_CRYPT */ 132 202 133 WOLFSSL_ LOCAL intwc_RsaFunction(const byte* in, word32 inLen, byte* out,203 WOLFSSL_API int wc_RsaFunction(const byte* in, word32 inLen, byte* out, 134 204 word32* outLen, int type, RsaKey* key, WC_RNG* rng); 135 205 … … 145 215 word32 outLen, enum wc_HashType hash, int mgf, 146 216 RsaKey* key, WC_RNG* rng); 217 WOLFSSL_API int wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out, 218 word32 outLen, enum wc_HashType hash, 219 int mgf, int saltLen, RsaKey* key, 220 WC_RNG* rng); 147 221 WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, 148 222 RsaKey* key); … … 152 226 enum wc_HashType hash, int mgf, 153 227 RsaKey* key); 228 WOLFSSL_API int wc_RsaPSS_VerifyInline_ex(byte* in, word32 inLen, byte** out, 229 enum wc_HashType hash, int mgf, 230 int saltLen, RsaKey* key); 231 WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out, 232 word32 outLen, enum wc_HashType hash, int mgf, 233 RsaKey* key); 234 WOLFSSL_API int wc_RsaPSS_Verify_ex(byte* in, word32 inLen, byte* out, 235 word32 outLen, enum wc_HashType hash, 236 int mgf, int saltLen, RsaKey* key); 154 237 WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig, 155 238 word32 sigSz, 156 239 enum wc_HashType hashType); 240 WOLFSSL_API int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen, 241 byte* sig, word32 sigSz, 242 enum wc_HashType hashType, 243 int saltLen, int bits); 244 WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out, 245 const byte* digest, word32 digentLen, 246 enum wc_HashType hash, int mgf, 247 RsaKey* key); 248 WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen, 249 byte* out, word32 outLen, 250 const byte* digest, word32 digestLen, 251 enum wc_HashType hash, int mgf, 252 RsaKey* key); 157 253 158 254 WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key); 159 255 160 #ifndef HAVE_FIPS /* to avoid asn duplicate symbols @wc_fips */ 256 #if !defined(HAVE_FIPS) || \ 257 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 258 /* to avoid asn duplicate symbols @wc_fips */ 161 259 WOLFSSL_API int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, 162 260 RsaKey*, word32); … … 169 267 #endif 170 268 269 #ifdef WC_RSA_BLINDING 171 270 WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng); 271 #endif 272 #ifdef WC_RSA_NONBLOCK 273 WOLFSSL_API int wc_RsaSetNonBlock(RsaKey* key, RsaNb* nb); 274 #ifdef WC_RSA_NONBLOCK_TIME 275 WOLFSSL_API int wc_RsaSetNonBlockTime(RsaKey* key, word32 maxBlockUs, 276 word32 cpuMHz); 277 #endif 278 #endif 172 279 173 280 /* … … 187 294 #define WC_RSA_OAEP_PAD 1 188 295 #define WC_RSA_PSS_PAD 2 296 #define WC_RSA_NO_PAD 3 189 297 190 298 WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out, … … 197 305 byte** out, RsaKey* key, int type, enum wc_HashType hash, 198 306 int mgf, byte* label, word32 lableSz); 307 #if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING) 308 WOLFSSL_API int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz, 309 RsaKey* key, int type, WC_RNG* rng); 310 #endif 311 199 312 #endif /* HAVE_FIPS*/ 313 200 314 WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*, 201 315 word32*); 316 WOLFSSL_API int wc_RsaExportKey(RsaKey* key, 317 byte* e, word32* eSz, 318 byte* n, word32* nSz, 319 byte* d, word32* dSz, 320 byte* p, word32* pSz, 321 byte* q, word32* qSz); 322 323 WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen); 202 324 203 325 #ifdef WOLFSSL_KEY_GEN 204 WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);205 326 WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng); 327 WOLFSSL_API int wc_CheckProbablePrime_ex(const byte* p, word32 pSz, 328 const byte* q, word32 qSz, 329 const byte* e, word32 eSz, 330 int nlen, int* isPrime, WC_RNG* rng); 331 WOLFSSL_API int wc_CheckProbablePrime(const byte* p, word32 pSz, 332 const byte* q, word32 qSz, 333 const byte* e, word32 eSz, 334 int nlen, int* isPrime); 206 335 #endif 207 336 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/settings.h
r337 r372 77 77 /* #define WOLFSSL_LSR */ 78 78 79 /* Uncomment next line if building for Freescale Classic MQX version 4.0 */ 80 /* #define FREESCALE_MQX_4_0 */ 81 79 82 /* Uncomment next line if building for Freescale Classic MQX/RTCS/MFS */ 80 83 /* #define FREESCALE_MQX */ … … 86 89 /* #define FREESCALE_KSDK_BM */ 87 90 88 /* Uncomment next line if building for Freescale KSDK FreeRTOS (old name FREESCALE_FREE_RTOS) */ 91 /* Uncomment next line if building for Freescale KSDK FreeRTOS, */ 92 /* (old name FREESCALE_FREE_RTOS) */ 89 93 /* #define FREESCALE_KSDK_FREERTOS */ 90 94 … … 94 98 /* Uncomment next line if using STM32F4 */ 95 99 /* #define WOLFSSL_STM32F4 */ 100 101 /* Uncomment next line if using STM32FL */ 102 /* #define WOLFSSL_STM32FL */ 96 103 97 104 /* Uncomment next line if using STM32F7 */ … … 162 169 /* Uncomment next line if building for using XILINX */ 163 170 /* #define WOLFSSL_XILINX */ 171 172 /* Uncomment next line if building for Nucleus 1.2 */ 173 /* #define WOLFSSL_NUCLEUS_1_2 */ 174 175 /* Uncomment next line if building for using Apache mynewt */ 176 /* #define WOLFSSL_APACHE_MYNEWT */ 177 178 /* Uncomment next line if building for using ESP-IDF */ 179 /* #define WOLFSSL_ESPIDF */ 180 181 /* Uncomment next line if using Espressif ESP32-WROOM-32 */ 182 /* #define WOLFSSL_ESPWROOM32 */ 164 183 165 184 #include <wolfssl/wolfcrypt/visibility.h> … … 203 222 #include <nx_api.h> 204 223 #endif 224 225 #if defined(WOLFSSL_ESPIDF) 226 #define FREERTOS 227 #define WOLFSSL_LWIP 228 #define NO_WRITEV 229 #define SIZEOF_LONG_LONG 8 230 #define NO_WOLFSSL_DIR 231 #define WOLFSSL_NO_CURRDIR 232 233 #define TFM_TIMING_RESISTANT 234 #define ECC_TIMING_RESISTANT 235 #define WC_RSA_BLINDING 236 #if !defined(WOLFSSL_USER_SETTINGS) 237 #define HAVE_ECC 238 #endif /* !WOLFSSL_USER_SETTINGS */ 239 #endif /* WOLFSSL_ESPIDF */ 205 240 206 241 #if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */ … … 210 245 #define WOLFSSL_USER_IO 211 246 #define NO_FILESYSTEM 247 #endif 248 249 #if defined(WOLFSSL_CONTIKI) 250 #include <contiki.h> 251 #define WOLFSSL_UIP 252 #define NO_WOLFSSL_MEMORY 253 #define NO_WRITEV 254 #define SINGLE_THREADED 255 #define WOLFSSL_USER_IO 256 #define NO_FILESYSTEM 257 #define CUSTOM_RAND_TYPE uint16_t 258 #define CUSTOM_RAND_GENERATE random_rand 259 static inline unsigned int LowResTimer(void) 260 { 261 return clock_seconds(); 262 } 212 263 #endif 213 264 … … 241 292 242 293 #ifdef WOLFSSL_MICROCHIP_PIC32MZ 294 #ifndef NO_PIC32MZ_CRYPT 243 295 #define WOLFSSL_PIC32MZ_CRYPT 296 #endif 297 #ifndef NO_PIC32MZ_RNG 244 298 #define WOLFSSL_PIC32MZ_RNG 299 #endif 300 #ifndef NO_PIC32MZ_HASH 245 301 #define WOLFSSL_PIC32MZ_HASH 302 #endif 246 303 #endif 247 304 … … 342 399 #define TFM_NO_ASM 343 400 #endif 344 #define WOLFSSL_PTHREADS 401 /* For VxWorks pthreads wrappers for mutexes uncomment the next line. */ 402 /* #define WOLFSSL_PTHREADS */ 345 403 #define WOLFSSL_HAVE_MIN 346 404 #define WOLFSSL_HAVE_MAX … … 441 499 #define NO_FILESYSTEM 442 500 #define USE_CERT_BUFFERS_2048 501 #endif 502 503 #ifdef WOLFSSL_CHIBIOS 504 /* ChibiOS definitions. This file is distributed with chibiOS. */ 505 #include "wolfssl_chibios.h" 506 #endif 507 508 #ifdef WOLFSSL_PB 509 /* PB is using older 1.2 version of Nucleus */ 510 #undef WOLFSSL_NUCLEUS 511 #define WOLFSSL_NUCLEUS_1_2 512 #endif 513 514 #ifdef WOLFSSL_NUCLEUS_1_2 515 #define NO_WRITEV 516 #define NO_WOLFSSL_DIR 517 518 #if !defined(NO_ASN_TIME) && !defined(USER_TIME) 519 #error User must define XTIME, see manual 520 #endif 521 522 #if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER) 523 extern void* nucleus_malloc(unsigned long size, void* heap, int type); 524 extern void* nucleus_realloc(void* ptr, unsigned long size, void* heap, 525 int type); 526 extern void nucleus_free(void* ptr, void* heap, int type); 527 528 #define XMALLOC(s, h, type) nucleus_malloc((s), (h), (type)) 529 #define XREALLOC(p, n, h, t) nucleus_realloc((p), (n), (h), (t)) 530 #define XFREE(p, h, type) nucleus_free((p), (h), (type)) 531 #endif 443 532 #endif 444 533 … … 499 588 500 589 /* static char* gets(char *buff); */ 501 static char* fgets(char *buff, int sz, FILE *fp) {590 static char* fgets(char *buff, int sz, XFILE fp) { 502 591 char * p = buff; 503 592 *p = '\0'; … … 539 628 540 629 /* FreeRTOS pvPortRealloc() only in AVR32_UC3 port */ 541 #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) 630 #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \ 631 !defined(WOLFSSL_STATIC_MEMORY) 542 632 #define XMALLOC(s, h, type) pvPortMalloc((s)) 543 633 #define XFREE(p, h, type) vPortFree((p)) 544 634 #endif 545 635 #if defined(HAVE_ED25519) || defined(WOLFSSL_ESPIDF) 636 #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n)) 637 #endif 546 638 #ifndef NO_WRITEV 547 639 #define NO_WRITEV … … 570 662 571 663 #ifdef FREERTOS_TCP 572 573 #if !defined(NO_WOLFSSL_MEMORY) && !defined(XMALLOC_USER)664 #if !defined(NO_WOLFSSL_MEMORY) && !defined(XMALLOC_USER) && \ 665 !defined(WOLFSSL_STATIC_MEMORY) 574 666 #define XMALLOC(s, h, type) pvPortMalloc((s)) 575 667 #define XFREE(p, h, type) vPortFree((p)) … … 583 675 #define TFM_TIMING_RESISTANT 584 676 #define NO_MAIN_DRIVER 585 586 677 #endif 587 678 … … 592 683 #define USE_FAST_MATH 593 684 #define TFM_TIMING_RESISTANT 685 #define ECC_TIMING_RESISTANT 686 #define WC_RSA_BLINDING 594 687 #define NO_DEV_RANDOM 595 688 #define NO_FILESYSTEM … … 599 692 #define HAVE_ECC 600 693 #define HAVE_ALPN 694 #define USE_WOLF_STRTOK /* use with HAVE_ALPN */ 601 695 #define HAVE_TLS_EXTENSIONS 602 696 #define HAVE_AESGCM … … 702 796 #endif 703 797 798 #ifdef FREESCALE_MQX_4_0 799 /* use normal Freescale MQX port, but with minor changes for 4.0 */ 800 #define FREESCALE_MQX 801 #endif 802 704 803 #ifdef FREESCALE_MQX 705 804 #define FREESCALE_COMMON … … 718 817 #endif 719 818 819 #if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER) 720 820 #define XMALLOC_OVERRIDE 721 821 #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) 722 822 #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} 723 823 /* Note: MQX has no realloc, using fastmath above */ 824 #endif 724 825 #endif 725 826 … … 948 1049 #define HAVE_ECC384 949 1050 #endif 950 951 /* enable features */952 #undef HAVE_CURVE25519953 #define HAVE_CURVE25519954 #undef HAVE_ED25519955 #define HAVE_ED25519956 #undef WOLFSSL_SHA512957 #define WOLFSSL_SHA512958 1051 #endif 959 1052 #endif … … 979 1072 980 1073 #if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \ 981 defined(WOLFSSL_STM32F7) 1074 defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \ 1075 defined(WOLFSSL_STM32L4) 982 1076 983 1077 #define SIZEOF_LONG_LONG 8 … … 986 1080 #undef NO_RABBIT 987 1081 #define NO_RABBIT 988 #undef NO_64BIT989 #define NO_64BIT990 1082 #ifndef NO_STM32_RNG 991 1083 #undef STM32_RNG 992 1084 #define STM32_RNG 1085 #ifdef WOLFSSL_STM32F427_RNG 1086 #include "stm32f427xx.h" 1087 #endif 993 1088 #endif 994 1089 #ifndef NO_STM32_CRYPTO 995 1090 #undef STM32_CRYPTO 996 1091 #define STM32_CRYPTO 1092 1093 #ifdef WOLFSSL_STM32L4 1094 #define NO_AES_192 /* hardware does not support 192-bit */ 1095 #endif 997 1096 #endif 998 1097 #ifndef NO_STM32_HASH … … 1007 1106 #if defined(WOLFSSL_STM32F2) 1008 1107 #include "stm32f2xx_hal.h" 1108 #elif defined(WOLFSSL_STM32L4) 1109 #include "stm32l4xx_hal.h" 1009 1110 #elif defined(WOLFSSL_STM32F4) 1010 1111 #include "stm32f4xx_hal.h" 1011 1112 #elif defined(WOLFSSL_STM32F7) 1012 1113 #include "stm32f7xx_hal.h" 1114 #elif defined(WOLFSSL_STM32F1) 1115 #include "stm32f1xx_hal.h" 1013 1116 #endif 1014 1117 … … 1033 1136 #include "stm32f4xx_hash.h" 1034 1137 #endif 1138 #elif defined(WOLFSSL_STM32L4) 1139 #include "stm32l4xx.h" 1140 #ifdef STM32_CRYPTO 1141 #include "stm32l4xx_cryp.h" 1142 #endif 1143 #ifdef STM32_HASH 1144 #include "stm32l4xx_hash.h" 1145 #endif 1035 1146 #elif defined(WOLFSSL_STM32F7) 1036 1147 #include "stm32f7xx.h" 1148 #elif defined(WOLFSSL_STM32F1) 1149 #include "stm32f1xx.h" 1037 1150 #endif 1038 1151 #endif /* WOLFSSL_STM32_CUBEMX */ 1039 #endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32 F7 */1152 #endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || WOLFSSL_STM32F7 */ 1040 1153 1041 1154 #ifdef MICRIUM … … 1074 1187 #define CUSTOM_RAND_GENERATE Math_Rand 1075 1188 #endif 1076 1077 #define WOLFSSL_TYPES1078 typedef CPU_INT08U byte;1079 typedef CPU_INT16U word16;1080 typedef CPU_INT32U word32;1081 1082 1189 #define STRING_USER 1083 1190 #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) … … 1176 1283 #endif /*(WOLFSSL_XILINX_CRYPT)*/ 1177 1284 1285 #if defined(WOLFSSL_APACHE_MYNEWT) 1286 #include "os/os_malloc.h" 1287 #if !defined(WOLFSSL_LWIP) 1288 #include <mn_socket/mn_socket.h> 1289 #endif 1290 1291 #if !defined(SIZEOF_LONG) 1292 #define SIZEOF_LONG 4 1293 #endif 1294 #if !defined(SIZEOF_LONG_LONG) 1295 #define SIZEOF_LONG_LONG 8 1296 #endif 1297 #if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) 1298 #define BIG_ENDIAN_ORDER 1299 #else 1300 #undef BIG_ENDIAN_ORDER 1301 #define LITTLE_ENDIAN_ORDER 1302 #endif 1303 #define NO_WRITEV 1304 #define WOLFSSL_USER_IO 1305 #define SINGLE_THREADED 1306 #define NO_DEV_RANDOM 1307 #define NO_DH 1308 #define NO_WOLFSSL_DIR 1309 #define NO_ERROR_STRINGS 1310 #define HAVE_ECC 1311 #define NO_SESSION_CACHE 1312 #define NO_ERROR_STRINGS 1313 #define XMALLOC_USER 1314 #define XMALLOC(sz, heap, type) os_malloc(sz) 1315 #define XREALLOC(p, sz, heap, type) os_realloc(p, sz) 1316 #define XFREE(p, heap, type) os_free(p) 1317 1318 #endif /*(WOLFSSL_APACHE_MYNEWT)*/ 1319 1320 #ifdef WOLFSSL_IMX6 1321 #ifndef SIZEOF_LONG_LONG 1322 #define SIZEOF_LONG_LONG 8 1323 #endif 1324 #endif 1325 1326 /* if defined turn on all CAAM support */ 1327 #ifdef WOLFSSL_IMX6_CAAM 1328 #undef WOLFSSL_IMX6_CAAM_RNG 1329 #define WOLFSSL_IMX6_CAAM_RNG 1330 1331 #undef WOLFSSL_IMX6_CAAM_BLOB 1332 #define WOLFSSL_IMX6_CAAM_BLOB 1333 1334 #if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_XTS) 1335 /* large performance gain with HAVE_AES_ECB defined */ 1336 #undef HAVE_AES_ECB 1337 #define HAVE_AES_ECB 1338 #endif 1339 #endif 1340 1178 1341 #if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ 1179 1342 !defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) && \ … … 1206 1369 #ifdef WOLFSSL_SGX 1207 1370 #ifdef _MSC_VER 1208 #define WOLFCRYPT_ONLY1209 1371 #define NO_RC4 1372 #ifndef HAVE_FIPS 1373 #define WOLFCRYPT_ONLY 1210 1374 #define NO_DES3 1211 1375 #define NO_SHA 1212 1376 #define NO_MD5 1213 1377 #else 1378 #define TFM_TIMING_RESISTANT 1379 #define NO_WOLFSSL_DIR 1380 #define NO_WRITEV 1381 #define NO_MAIN_DRIVER 1382 #define WOLFSSL_LOG_PRINTF 1383 #define WOLFSSL_DH_CONST 1384 #endif 1385 #else 1214 1386 #define HAVE_ECC 1215 #define ECC_TIMING_RESISTANT1216 #define TFM_TIMING_RESISTANT1217 #define NO_FILESYSTEM1218 1387 #define NO_WRITEV 1219 1388 #define NO_MAIN_DRIVER … … 1222 1391 #define WOLFSSL_DH_CONST 1223 1392 #endif /* _MSC_VER */ 1224 #if ndef NO_RSA1393 #if !defined(HAVE_FIPS) && !defined(NO_RSA) 1225 1394 #define WC_RSA_BLINDING 1226 1395 #endif 1396 1397 #define NO_FILESYSTEM 1398 #define ECC_TIMING_RESISTANT 1399 #define TFM_TIMING_RESISTANT 1227 1400 #define SINGLE_THREADED 1228 1401 #define NO_ASN_TIME /* can not use headers such as windows.h */ … … 1284 1457 * all curves are on by default for now */ 1285 1458 #ifndef ECC_USER_CURVES 1286 #if ndef HAVE_ALL_CURVES1459 #if !defined(WOLFSSL_SP_MATH) && !defined(HAVE_ALL_CURVES) 1287 1460 #define HAVE_ALL_CURVES 1288 1461 #endif … … 1300 1473 #define HAVE_ECC_VERIFY 1301 1474 #endif 1475 #ifndef NO_ECC_CHECK_KEY 1476 #undef HAVE_ECC_CHECK_KEY 1477 #define HAVE_ECC_CHECK_KEY 1478 #endif 1302 1479 #ifndef NO_ECC_DHE 1303 1480 #undef HAVE_ECC_DHE … … 1359 1536 #define AES_MAX_KEY_SIZE 256 1360 1537 #endif 1538 1539 #ifndef NO_AES_128 1540 #undef WOLFSSL_AES_128 1541 #define WOLFSSL_AES_128 1542 #endif 1543 #if !defined(NO_AES_192) && AES_MAX_KEY_SIZE >= 192 1544 #undef WOLFSSL_AES_192 1545 #define WOLFSSL_AES_192 1546 #endif 1547 #if !defined(NO_AES_256) && AES_MAX_KEY_SIZE >= 256 1548 #undef WOLFSSL_AES_256 1549 #define WOLFSSL_AES_256 1550 #endif 1551 #if !defined(WOLFSSL_AES_128) && defined(HAVE_ECC_ENCRYPT) 1552 #warning HAVE_ECC_ENCRYPT uses AES 128 bit keys 1553 #endif 1554 1361 1555 #ifndef NO_AES_DECRYPT 1362 1556 #undef HAVE_AES_DECRYPT … … 1366 1560 #undef HAVE_AES_CBC 1367 1561 #define HAVE_AES_CBC 1368 #else1369 #ifndef WOLFCRYPT_ONLY1370 #error "AES CBC is required for TLS and can only be disabled for WOLFCRYPT_ONLY builds"1371 #endif1372 1562 #endif 1373 1563 #ifdef WOLFSSL_AES_XTS … … 1377 1567 #endif 1378 1568 #endif 1569 #ifdef WOLFSSL_AES_CFB 1570 /* AES-CFB makes calls to AES direct functions */ 1571 #ifndef WOLFSSL_AES_DIRECT 1572 #define WOLFSSL_AES_DIRECT 1573 #endif 1574 #endif 1575 #endif 1576 1577 #if (defined(WOLFSSL_TLS13) && defined(WOLFSSL_NO_TLS12)) || \ 1578 (!defined(HAVE_AES_CBC) && defined(NO_DES3) && defined(NO_RC4) && \ 1579 !defined(HAVE_CAMELLIA) && !defined(HAVE_IDEA) && \ 1580 !defined(HAVE_NULL_CIPHER) && !defined(HAVE_HC128)) 1581 #define WOLFSSL_AEAD_ONLY 1379 1582 #endif 1380 1583 … … 1445 1648 1446 1649 #ifdef WOLFSSL_ASYNC_CRYPT_TEST 1447 #define WC_ASYNC_DEV_SIZE 32 0+241650 #define WC_ASYNC_DEV_SIZE 328+24 1448 1651 #else 1449 #define WC_ASYNC_DEV_SIZE 32 01652 #define WC_ASYNC_DEV_SIZE 328 1450 1653 #endif 1451 1654 … … 1491 1694 1492 1695 #ifdef HAVE_PKCS7 1696 #if defined(NO_AES) && defined(NO_DES3) 1697 #error PKCS7 needs either AES or 3DES enabled, please enable one 1698 #endif 1493 1699 #ifndef HAVE_AES_KEYWRAP 1494 1700 #error PKCS7 requires AES key wrap please define HAVE_AES_KEYWRAP 1495 1701 #endif 1496 #if ndef HAVE_X963_KDF1702 #if defined(HAVE_ECC) && !defined(HAVE_X963_KDF) 1497 1703 #error PKCS7 requires X963 KDF please define HAVE_X963_KDF 1498 1704 #endif … … 1517 1723 #endif /* WOLFSSL_MYSQL_COMPATIBLE */ 1518 1724 1519 #if defined( WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)1725 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 1520 1726 #define SSL_OP_NO_COMPRESSION SSL_OP_NO_COMPRESSION 1521 1727 #define OPENSSL_NO_ENGINE … … 1557 1763 #if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \ 1558 1764 (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \ 1559 (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)) 1765 (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) && \ 1766 !defined(WC_NO_RNG)) 1560 1767 1561 1768 #ifndef _MSC_VER … … 1567 1774 #endif 1568 1775 1776 #if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA) 1777 /* added to have compatibility with SHA256() */ 1778 #if !defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) 1779 #define NO_OLD_SHA_NAMES 1780 #endif 1781 #endif 1782 1783 /* switch for compatibility layer functionality. Has subparts i.e. BIO/X509 1784 * When opensslextra is enabled all subparts should be turned on. */ 1785 #ifdef OPENSSL_EXTRA 1786 #undef OPENSSL_EXTRA_X509_SMALL 1787 #define OPENSSL_EXTRA_X509_SMALL 1788 #endif /* OPENSSL_EXTRA */ 1789 1790 /* support for converting DER to PEM */ 1791 #if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || \ 1792 defined(OPENSSL_EXTRA) 1793 #undef WOLFSSL_DER_TO_PEM 1794 #define WOLFSSL_DER_TO_PEM 1795 #endif 1796 1797 /* keep backwards compatibility enabling encrypted private key */ 1798 #ifndef WOLFSSL_ENCRYPTED_KEYS 1799 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ 1800 defined(HAVE_WEBSERVER) 1801 #define WOLFSSL_ENCRYPTED_KEYS 1802 #endif 1803 #endif 1804 1805 /* support for disabling PEM to DER */ 1806 #if !defined(WOLFSSL_NO_PEM) 1807 #undef WOLFSSL_PEM_TO_DER 1808 #define WOLFSSL_PEM_TO_DER 1809 #endif 1810 1811 /* Parts of the openssl compatibility layer require peer certs */ 1812 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 1813 #undef KEEP_PEER_CERT 1814 #define KEEP_PEER_CERT 1815 #endif 1816 1817 /* RAW hash function APIs are not implemented with ARMv8 hardware acceleration*/ 1818 #ifdef WOLFSSL_ARMASM 1819 #undef WOLFSSL_NO_HASH_RAW 1820 #define WOLFSSL_NO_HASH_RAW 1821 #endif 1822 1823 #if !defined(WOLFSSL_SHA384) && !defined(WOLFSSL_SHA512) && defined(NO_AES) && \ 1824 !defined(WOLFSSL_SHA3) 1825 #undef WOLFSSL_NO_WORD64_OPS 1826 #define WOLFSSL_NO_WORD64_OPS 1827 #endif 1828 1829 #if defined(NO_AES) && defined(NO_DES3) && !defined(HAVE_CAMELLIA) && \ 1830 defined(NO_PWDBASED) && !defined(HAVE_IDEA) 1831 #undef WOLFSSL_NO_XOR_OPS 1832 #define WOLFSSL_NO_XOR_OPS 1833 #endif 1834 1835 #if defined(NO_ASN) && defined(WOLFCRYPT_ONLY) 1836 #undef WOLFSSL_NO_INT_ENCODE 1837 #define WOLFSSL_NO_INT_ENCODE 1838 #undef WOLFSSL_NO_INT_DECODE 1839 #define WOLFSSL_NO_INT_DECODE 1840 #endif 1841 1842 #if defined(WOLFCRYPT_ONLY) && defined(WOLFSSL_RSA_VERIFY_ONLY) && \ 1843 defined(WC_NO_RSA_OAEP) 1844 #undef WOLFSSL_NO_CT_OPS 1845 #define WOLFSSL_NO_CT_OPS 1846 #endif 1847 1848 #if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(HAVE_CURVE25519) && \ 1849 defined(WC_NO_RNG) && defined(WC_NO_RSA_OAEP) 1850 #undef WOLFSSL_NO_CONST_CMP 1851 #define WOLFSSL_NO_CONST_CMP 1852 #endif 1853 1854 #if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(WOLFSSL_SHA384) && \ 1855 !defined(WOLFSSL_SHA512) && defined(WC_NO_RNG) && \ 1856 defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_RSA_PUBLIC_ONLY) 1857 #undef WOLFSSL_NO_FORCE_ZERO 1858 #define WOLFSSL_NO_FORCE_ZERO 1859 #endif 1860 1569 1861 #ifdef __cplusplus 1570 1862 } /* extern "C" */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/sha.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/sha.h 24 */ 25 22 26 23 27 #ifndef WOLF_CRYPT_SHA_H … … 28 32 #ifndef NO_SHA 29 33 30 #ifdef HAVE_FIPS 34 #if defined(HAVE_FIPS) && \ 35 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 36 #include <wolfssl/wolfcrypt/fips.h> 37 #endif /* HAVE_FIPS_VERSION >= 2 */ 38 39 #if defined(HAVE_FIPS) && \ 40 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 31 41 #define wc_Sha Sha 32 42 #define WC_SHA SHA … … 47 57 #endif 48 58 49 #ifndef HAVE_FIPS /* avoid redefining structs */ 59 /* avoid redefinition of structs */ 60 #if !defined(HAVE_FIPS) || \ 61 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 50 62 51 63 #ifdef WOLFSSL_MICROCHIP_PIC32MZ 52 64 #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h> 65 #endif 66 #ifdef STM32_HASH 67 #include <wolfssl/wolfcrypt/port/st/stm32.h> 53 68 #endif 54 69 #ifdef WOLFSSL_ASYNC_CRYPT … … 56 71 #endif 57 72 73 #if !defined(NO_OLD_SHA_NAMES) 74 #define SHA WC_SHA 75 #endif 76 58 77 #ifndef NO_OLD_WC_NAMES 59 78 #define Sha wc_Sha 60 #define SHA WC_SHA61 79 #define SHA_BLOCK_SIZE WC_SHA_BLOCK_SIZE 62 80 #define SHA_DIGEST_SIZE WC_SHA_DIGEST_SIZE … … 66 84 /* in bytes */ 67 85 enum { 68 WC_SHA = 1, /* hash type unique */86 WC_SHA = WC_HASH_TYPE_SHA, 69 87 WC_SHA_BLOCK_SIZE = 64, 70 88 WC_SHA_DIGEST_SIZE = 20, … … 73 91 74 92 75 #ifndef WOLFSSL_TI_HASH 93 #if defined(WOLFSSL_TI_HASH) 94 #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" 95 96 #elif defined(WOLFSSL_IMX6_CAAM) 97 #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" 98 99 #else 76 100 /* Sha digest */ 77 101 typedef struct wc_Sha { 78 102 #ifdef FREESCALE_LTC_SHA 79 103 ltc_hash_ctx_t ctx; 104 #elif defined(STM32_HASH) 105 STM32_HASH_Context stmCtx; 80 106 #else 81 107 word32 buffLen; /* in bytes */ … … 95 121 WC_ASYNC_DEV asyncDev; 96 122 #endif /* WOLFSSL_ASYNC_CRYPT */ 97 #endif /* FREESCALE_LTC_SHA */123 #endif 98 124 } wc_Sha; 99 125 100 #else101 #include "wolfssl/wolfcrypt/port/ti/ti-hash.h"102 126 #endif /* WOLFSSL_TI_HASH */ 103 127 … … 108 132 WOLFSSL_API int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId); 109 133 WOLFSSL_API int wc_ShaUpdate(wc_Sha*, const byte*, word32); 134 WOLFSSL_API int wc_ShaFinalRaw(wc_Sha*, byte*); 110 135 WOLFSSL_API int wc_ShaFinal(wc_Sha*, byte*); 111 136 WOLFSSL_API void wc_ShaFree(wc_Sha*); -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/sha256.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/sha256.h 24 */ 25 22 26 23 27 /* code submitted by raphael.huck@efixo.com */ … … 30 34 #ifndef NO_SHA256 31 35 32 #ifdef HAVE_FIPS 36 #if defined(HAVE_FIPS) && \ 37 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 38 #include <wolfssl/wolfcrypt/fips.h> 39 #endif /* HAVE_FIPS_VERSION >= 2 */ 40 41 #if defined(HAVE_FIPS) && \ 42 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 33 43 #define wc_Sha256 Sha256 34 44 #define WC_SHA256 SHA256 … … 58 68 #endif 59 69 60 #ifndef HAVE_FIPS /* avoid redefinition of structs */ 70 /* avoid redefinition of structs */ 71 #if !defined(HAVE_FIPS) || \ 72 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 61 73 62 74 #ifdef WOLFSSL_MICROCHIP_PIC32MZ 63 75 #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h> 64 76 #endif 77 #ifdef STM32_HASH 78 #include <wolfssl/wolfcrypt/port/st/stm32.h> 79 #endif 65 80 #ifdef WOLFSSL_ASYNC_CRYPT 66 81 #include <wolfssl/wolfcrypt/async.h> 67 82 #endif 83 #if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HASH) 84 #include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h> 85 #endif 86 87 #if defined(_MSC_VER) 88 #define SHA256_NOINLINE __declspec(noinline) 89 #elif defined(__GNUC__) 90 #define SHA256_NOINLINE __attribute__((noinline)) 91 #else 92 #define SHA256_NOINLINE 93 #endif 94 95 #if !defined(NO_OLD_SHA_NAMES) 96 #define SHA256 WC_SHA256 97 #endif 68 98 69 99 #ifndef NO_OLD_WC_NAMES 70 100 #define Sha256 wc_Sha256 71 #define SHA256 WC_SHA25672 101 #define SHA256_BLOCK_SIZE WC_SHA256_BLOCK_SIZE 73 102 #define SHA256_DIGEST_SIZE WC_SHA256_DIGEST_SIZE … … 77 106 /* in bytes */ 78 107 enum { 79 WC_SHA256 = 2, /* hash type unique */108 WC_SHA256 = WC_HASH_TYPE_SHA256, 80 109 WC_SHA256_BLOCK_SIZE = 64, 81 110 WC_SHA256_DIGEST_SIZE = 32, … … 83 112 }; 84 113 85 #ifndef WOLFSSL_TI_HASH 86 114 115 #ifdef WOLFSSL_TI_HASH 116 #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" 117 #elif defined(WOLFSSL_IMX6_CAAM) 118 #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" 119 #elif defined(WOLFSSL_AFALG_HASH) 120 #include "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h" 121 #else 87 122 /* wc_Sha256 digest */ 88 123 typedef struct wc_Sha256 { 89 124 #ifdef FREESCALE_LTC_SHA 90 125 ltc_hash_ctx_t ctx; 126 #elif defined(STM32_HASH) 127 STM32_HASH_Context stmCtx; 91 128 #else 92 129 /* alignment on digest and buffer speeds up ARMv8 crypto operations */ … … 97 134 word32 hiLen; /* length in bytes */ 98 135 void* heap; 136 #ifdef USE_INTEL_SPEEDUP 137 const byte* data; 138 #endif 99 139 #ifdef WOLFSSL_PIC32MZ_HASH 100 140 hashUpdCache cache; /* cache for updates */ 101 #endif102 #if defined(STM32_HASH) && defined(WOLFSSL_STM32_CUBEMX)103 HASH_HandleTypeDef hashHandle;104 141 #endif 105 142 #ifdef WOLFSSL_ASYNC_CRYPT 106 143 WC_ASYNC_DEV asyncDev; 107 144 #endif /* WOLFSSL_ASYNC_CRYPT */ 108 #endif /* FREESCALE_LTC_SHA */ 145 #ifdef WOLFSSL_SMALL_STACK_CACHE 146 word32* W; 147 #endif 148 #ifdef WOLFSSL_DEVCRYPTO_HASH 149 WC_CRYPTODEV ctx; 150 byte* msg; 151 word32 used; 152 word32 len; 153 #endif 154 #endif 109 155 } wc_Sha256; 110 156 111 #else112 #include "wolfssl/wolfcrypt/port/ti/ti-hash.h"113 157 #endif 114 158 … … 118 162 WOLFSSL_API int wc_InitSha256_ex(wc_Sha256*, void*, int); 119 163 WOLFSSL_API int wc_Sha256Update(wc_Sha256*, const byte*, word32); 164 WOLFSSL_API int wc_Sha256FinalRaw(wc_Sha256*, byte*); 120 165 WOLFSSL_API int wc_Sha256Final(wc_Sha256*, byte*); 121 166 WOLFSSL_API void wc_Sha256Free(wc_Sha256*); … … 129 174 130 175 #ifdef WOLFSSL_SHA224 131 #ifndef HAVE_FIPS /* avoid redefinition of structs */ 176 /* avoid redefinition of structs */ 177 #if !defined(HAVE_FIPS) || \ 178 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 132 179 133 180 #ifndef NO_OLD_WC_NAMES … … 141 188 /* in bytes */ 142 189 enum { 143 WC_SHA224 = 8, /* hash type unique */190 WC_SHA224 = WC_HASH_TYPE_SHA224, 144 191 WC_SHA224_BLOCK_SIZE = WC_SHA256_BLOCK_SIZE, 145 192 WC_SHA224_DIGEST_SIZE = 28, 146 193 WC_SHA224_PAD_SIZE = WC_SHA256_PAD_SIZE 147 194 }; 195 148 196 149 197 typedef wc_Sha256 wc_Sha224; -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/sha512.h
r337 r372 1 1 /* sha512.h 2 2 * 3 * Copyright (C) 2006-201 7wolfSSL Inc.3 * Copyright (C) 2006-2018 wolfSSL Inc. 4 4 * 5 5 * This file is part of wolfSSL. … … 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/sha512.h 24 */ 25 22 26 23 27 #ifndef WOLF_CRYPT_SHA512_H … … 26 30 #include <wolfssl/wolfcrypt/types.h> 27 31 28 #if def WOLFSSL_SHA51232 #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) 29 33 30 /* for fips @wc_fips */ 31 #ifdef HAVE_FIPS 34 #if defined(HAVE_FIPS) && \ 35 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 36 #include <wolfssl/wolfcrypt/fips.h> 37 #endif /* HAVE_FIPS_VERSION >= 2 */ 38 39 #if defined(HAVE_FIPS) && \ 40 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 41 #ifdef WOLFSSL_SHA512 32 42 #define wc_Sha512 Sha512 33 43 #define WC_SHA512 SHA512 … … 35 45 #define WC_SHA512_DIGEST_SIZE SHA512_DIGEST_SIZE 36 46 #define WC_SHA512_PAD_SIZE SHA512_PAD_SIZE 47 #endif /* WOLFSSL_SHA512 */ 37 48 #ifdef WOLFSSL_SHA384 38 49 #define wc_Sha384 Sha384 … … 47 58 #define CYASSL_SHA384 48 59 #endif 60 /* for fips @wc_fips */ 49 61 #include <cyassl/ctaocrypt/sha512.h> 50 62 #endif … … 54 66 #endif 55 67 56 #ifndef HAVE_FIPS /* avoid redefinition of structs */ 68 /* avoid redefinition of structs */ 69 #if !defined(HAVE_FIPS) || \ 70 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 57 71 58 72 #ifdef WOLFSSL_ASYNC_CRYPT … … 60 74 #endif 61 75 62 #ifndef NO_OLD_WC_NAMES 76 #if defined(_MSC_VER) 77 #define SHA512_NOINLINE __declspec(noinline) 78 #elif defined(__GNUC__) 79 #define SHA512_NOINLINE __attribute__((noinline)) 80 #else 81 #define SHA512_NOINLINE 82 #endif 83 84 #ifdef WOLFSSL_SHA512 85 86 #if !defined(NO_OLD_SHA_NAMES) 87 #define SHA512 WC_SHA512 88 #endif 89 90 #if !defined(NO_OLD_WC_NAMES) 63 91 #define Sha512 wc_Sha512 64 #define SHA512 WC_SHA51265 92 #define SHA512_BLOCK_SIZE WC_SHA512_BLOCK_SIZE 66 93 #define SHA512_DIGEST_SIZE WC_SHA512_DIGEST_SIZE … … 68 95 #endif 69 96 97 #endif /* WOLFSSL_SHA512 */ 98 70 99 /* in bytes */ 71 100 enum { 72 WC_SHA512 = 4, /* hash type unique */ 101 #ifdef WOLFSSL_SHA512 102 WC_SHA512 = WC_HASH_TYPE_SHA512, 103 #endif 73 104 WC_SHA512_BLOCK_SIZE = 128, 74 105 WC_SHA512_DIGEST_SIZE = 64, … … 77 108 78 109 110 #ifdef WOLFSSL_IMX6_CAAM 111 #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" 112 #else 79 113 /* wc_Sha512 digest */ 80 114 typedef struct wc_Sha512 { 115 word64 digest[WC_SHA512_DIGEST_SIZE / sizeof(word64)]; 116 word64 buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64)]; 81 117 word32 buffLen; /* in bytes */ 82 118 word64 loLen; /* length in bytes */ 83 119 word64 hiLen; /* length in bytes */ 84 word64 digest[WC_SHA512_DIGEST_SIZE / sizeof(word64)];85 word64 buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64)];86 120 void* heap; 121 #ifdef USE_INTEL_SPEEDUP 122 const byte* data; 123 #endif 87 124 #ifdef WOLFSSL_ASYNC_CRYPT 88 125 WC_ASYNC_DEV asyncDev; 89 126 #endif /* WOLFSSL_ASYNC_CRYPT */ 127 #ifdef WOLFSSL_SMALL_STACK_CACHE 128 word64* W; 129 #endif 90 130 } wc_Sha512; 131 #endif 91 132 92 133 #endif /* HAVE_FIPS */ 134 135 #ifdef WOLFSSL_SHA512 93 136 94 137 WOLFSSL_API int wc_InitSha512(wc_Sha512*); 95 138 WOLFSSL_API int wc_InitSha512_ex(wc_Sha512*, void*, int); 96 139 WOLFSSL_API int wc_Sha512Update(wc_Sha512*, const byte*, word32); 140 WOLFSSL_API int wc_Sha512FinalRaw(wc_Sha512*, byte*); 97 141 WOLFSSL_API int wc_Sha512Final(wc_Sha512*, byte*); 98 142 WOLFSSL_API void wc_Sha512Free(wc_Sha512*); … … 101 145 WOLFSSL_API int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst); 102 146 147 #endif /* WOLFSSL_SHA512 */ 148 103 149 #if defined(WOLFSSL_SHA384) 104 150 105 #ifndef HAVE_FIPS /* avoid redefinition of structs */ 151 /* avoid redefinition of structs */ 152 #if !defined(HAVE_FIPS) || \ 153 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 106 154 107 #ifndef NO_OLD_WC_NAMES 155 #if !defined(NO_OLD_SHA_NAMES) 156 #define SHA384 WC_SHA384 157 #endif 158 159 #if !defined(NO_OLD_WC_NAMES) 108 160 #define Sha384 wc_Sha384 109 #define SHA384 WC_SHA384110 161 #define SHA384_BLOCK_SIZE WC_SHA384_BLOCK_SIZE 111 162 #define SHA384_DIGEST_SIZE WC_SHA384_DIGEST_SIZE … … 115 166 /* in bytes */ 116 167 enum { 117 WC_SHA384 = 5, /* hash type unique */168 WC_SHA384 = WC_HASH_TYPE_SHA384, 118 169 WC_SHA384_BLOCK_SIZE = WC_SHA512_BLOCK_SIZE, 119 170 WC_SHA384_DIGEST_SIZE = 48, 120 171 WC_SHA384_PAD_SIZE = WC_SHA512_PAD_SIZE 121 172 }; 173 122 174 123 175 typedef wc_Sha512 wc_Sha384; … … 127 179 WOLFSSL_API int wc_InitSha384_ex(wc_Sha384*, void*, int); 128 180 WOLFSSL_API int wc_Sha384Update(wc_Sha384*, const byte*, word32); 181 WOLFSSL_API int wc_Sha384FinalRaw(wc_Sha384*, byte*); 129 182 WOLFSSL_API int wc_Sha384Final(wc_Sha384*, byte*); 130 183 WOLFSSL_API void wc_Sha384Free(wc_Sha384*); … … 139 192 #endif 140 193 141 #endif /* WOLFSSL_SHA512 */194 #endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */ 142 195 #endif /* WOLF_CRYPT_SHA512_H */ 143 196 -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/types.h
r337 r372 20 20 */ 21 21 22 22 /*! 23 \file wolfssl/wolfcrypt/types.h 24 */ 23 25 24 26 #ifndef WOLF_CRYPT_TYPES_H … … 52 54 53 55 /* try to set SIZEOF_LONG or LONG_LONG if user didn't */ 54 #if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__)56 #if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) && !defined(__EMSCRIPTEN__) 55 57 #if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG) 56 #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) \ 57 || defined(__mips64) || defined(__x86_64__) || \ 58 #if (defined(__alpha__) || defined(__ia64__) || \ 59 defined(_ARCH_PPC64) || defined(__mips64) || \ 60 defined(__x86_64__) || \ 58 61 ((defined(sun) || defined(__sun)) && \ 59 62 (defined(LP64) || defined(_LP64)))) … … 67 70 #endif 68 71 69 70 72 #if defined(_MSC_VER) || defined(__BCPLUSPLUS__) 71 73 #define WORD64_AVAILABLE 72 74 #define W64LIT(x) x##ui64 73 75 typedef unsigned __int64 word64; 76 #elif defined(__EMSCRIPTEN__) 77 #define WORD64_AVAILABLE 78 #define W64LIT(x) x##ull 79 typedef unsigned long long word64; 74 80 #elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8 75 81 #define WORD64_AVAILABLE … … 84 90 #define W64LIT(x) x##LL 85 91 typedef unsigned long long word64; 86 #else 87 #define MP_16BIT /* for mp_int, mp_word needs to be twice as big as 88 mp_digit, no 64 bit type so make mp_digit 16 bit */ 89 #endif 90 91 92 #endif 93 94 #if !defined(NO_64BIT) && defined(WORD64_AVAILABLE) 92 95 /* These platforms have 64-bit CPU registers. */ 93 96 #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \ … … 100 103 /* LP64 with GNU GCC compiler is reserved for when long int is 64 bits 101 104 * and int uses 32 bits. When using Solaris Studio sparc and __sparc are 102 * av ialable for 32 bit detection but __sparc64__ could be missed. This105 * available for 32 bit detection but __sparc64__ could be missed. This 103 106 * uses LP64 for checking 64 bit CPU arch. */ 104 107 typedef word64 wolfssl_word; … … 110 113 #endif 111 114 #endif 112 115 #else 116 #undef WORD64_AVAILABLE 117 typedef word32 wolfssl_word; 118 #define MP_16BIT /* for mp_int, mp_word needs to be twice as big as 119 mp_digit, no 64 bit type so make mp_digit 16 bit */ 120 #endif 113 121 114 122 enum { … … 121 129 122 130 /* use inlining if compiler allows */ 123 #ifndefINLINE131 #ifndef WC_INLINE 124 132 #ifndef NO_INLINE 125 133 #ifdef _MSC_VER 126 #defineINLINE __inline134 #define WC_INLINE __inline 127 135 #elif defined(__GNUC__) 128 136 #ifdef WOLFSSL_VXWORKS 129 #define INLINE __inline__137 #define WC_INLINE __inline__ 130 138 #else 131 #define INLINE inline139 #define WC_INLINE inline 132 140 #endif 133 141 #elif defined(__IAR_SYSTEMS_ICC__) 134 #defineINLINE inline142 #define WC_INLINE inline 135 143 #elif defined(THREADX) 136 #defineINLINE _Inline144 #define WC_INLINE _Inline 137 145 #else 138 #defineINLINE146 #define WC_INLINE 139 147 #endif 140 148 #else 141 #define INLINE 142 #endif 149 #define WC_INLINE 150 #endif 151 #endif 152 153 #if defined(HAVE_FIPS) || defined(HAVE_SELFTEST) 154 #define INLINE WC_INLINE 143 155 #endif 144 156 … … 164 176 #define THREAD_LS_T __declspec(thread) 165 177 /* Thread local storage only in FreeRTOS v8.2.1 and higher */ 166 #elif defined(FREERTOS)178 #elif defined(FREERTOS) || defined(FREERTOS_TCP) 167 179 #define THREAD_LS_T 168 180 #else … … 176 188 #if defined(__GNUC__) 177 189 #if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1))) 178 #define FALL_THROUGH __attribute__ ((fallthrough)) ;190 #define FALL_THROUGH __attribute__ ((fallthrough)) 179 191 #endif 180 192 #endif … … 194 206 /* default to libc stuff */ 195 207 /* XREALLOC is used once in normal math lib, not in fast math lib */ 196 /* XFREE on some embeded systems doesn't like free(0) so test */208 /* XFREE on some embedded systems doesn't like free(0) so test */ 197 209 #if defined(HAVE_IO_POOL) 198 210 WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type); … … 217 229 extern void *XREALLOC(void *p, size_t n, void* heap, int type); 218 230 extern void XFREE(void *p, void* heap, int type); 231 #elif defined(WOLFSSL_MEMORY_LOG) 232 #define XMALLOC(n, h, t) xmalloc(n, h, t, __func__, __FILE__, __LINE__) 233 #define XREALLOC(p, n, h, t) xrealloc(p, n, h, t, __func__, __FILE__, __LINE__) 234 #define XFREE(p, h, t) xfree(p, h, t, __func__, __FILE__, __LINE__) 235 236 /* prototypes for user heap override functions */ 237 #include <stddef.h> /* for size_t */ 238 #include <stdlib.h> 239 extern void *xmalloc(size_t n, void* heap, int type, const char* func, 240 const char* file, unsigned int line); 241 extern void *xrealloc(void *p, size_t n, void* heap, int type, 242 const char* func, const char* file, unsigned int line); 243 extern void xfree(void *p, void* heap, int type, const char* func, 244 const char* file, unsigned int line); 219 245 #elif defined(XMALLOC_OVERRIDE) 220 246 /* override the XMALLOC, XFREE and XREALLOC macros */ … … 228 254 && !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \ 229 255 && !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \ 230 && !defined(WOLFSSL_LEANPSK) && !defined(FREERTOS) && !defined(FREERTOS_TCP)\ 231 && !defined(WOLFSSL_uITRON4) 256 && !defined(WOLFSSL_LEANPSK) && !defined(WOLFSSL_uITRON4) 232 257 /* default C runtime, can install different routines at runtime via cbs */ 233 258 #include <wolfssl/wolfcrypt/memory.h> … … 242 267 #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t)) 243 268 #endif /* WOLFSSL_DEBUG_MEMORY */ 244 #el se269 #elif !defined(FREERTOS) && !defined(FREERTOS_TCP) 245 270 #ifdef WOLFSSL_DEBUG_MEMORY 246 271 #define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__)) … … 258 283 #ifdef WOLFSSL_ASYNC_CRYPT 259 284 #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ 260 VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT);285 VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); 261 286 #define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \ 262 287 VAR_TYPE* VAR_NAME = ({ \ 263 VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \288 VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \ 264 289 if (ptr && INIT_VALUE) { \ 265 290 XMEMCPY(ptr, INIT_VALUE, sizeof(VAR_TYPE) * VAR_SIZE); \ … … 271 296 int idx##VAR_NAME; \ 272 297 for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \ 273 VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \298 VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \ 274 299 } 275 300 #define FREE_VAR(VAR_NAME, HEAP) \ 276 XFREE(VAR_NAME, HEAP, DYNAMIC_TYPE_WOLF_BIGINT);301 XFREE(VAR_NAME, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); 277 302 #define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) \ 278 303 for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \ 279 XFREE(VAR_NAME[idx##VAR_NAME], HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \304 XFREE(VAR_NAME[idx##VAR_NAME], (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \ 280 305 } 281 306 #else … … 290 315 #endif 291 316 292 #ifndef WOLFSSL_LEANPSK 293 char* mystrnstr(const char* s1, const char* s2, unsigned int n); 317 #if !defined(USE_WOLF_STRTOK) && \ 318 ((defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR)) || \ 319 defined(WOLFSSL_TIRTOS) || defined(WOLF_C99)) 320 #define USE_WOLF_STRTOK 321 #endif 322 #if !defined(USE_WOLF_STRSEP) && (defined(WOLF_C99)) 323 #define USE_WOLF_STRSEP 294 324 #endif 295 325 … … 310 340 #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n)) 311 341 312 #ifdef MICROCHIP_PIC32 342 #ifdef USE_WOLF_STRSEP 343 #define XSTRSEP(s1,d) wc_strsep((s1),(d)) 344 #else 345 #define XSTRSEP(s1,d) strsep((s1),(d)) 346 #endif 347 348 #if defined(MICROCHIP_PIC32) || defined(WOLFSSL_TIRTOS) 313 349 /* XC32 does not support strncasecmp, so use case sensitive one */ 314 350 #define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n)) 315 #elif defined(USE_WINDOWS_API) 351 #elif defined(USE_WINDOWS_API) || defined(FREERTOS_TCP_WINSIM) 316 352 #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n)) 317 353 #else 354 #if defined(HAVE_STRINGS_H) && defined(WOLF_C99) && \ 355 !defined(WOLFSSL_SGX) 356 #include <strings.h> 357 #endif 318 358 #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n)) 319 359 #endif 320 360 321 /* snprintf is used in asn.c for GetTimeString and PKCS7 test */ 361 /* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when 362 debugging is turned on */ 322 363 #ifndef USE_WINDOWS_API 364 #if defined(NO_FILESYSTEM) && (defined(OPENSSL_EXTRA) || \ 365 defined(HAVE_PKCS7)) && !defined(NO_STDIO_FILESYSTEM) 366 /* case where stdio is not included else where but is needed for 367 * snprintf */ 368 #include <stdio.h> 369 #endif 323 370 #define XSNPRINTF snprintf 324 371 #else … … 328 375 #if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN) 329 376 /* use only Thread Safe version of strtok */ 330 #if !defined(USE_WINDOWS_API) && !defined(INTIME_RTOS) 331 #define XSTRTOK strtok_r 332 #elif defined(__MINGW32__) || defined(WOLFSSL_TIRTOS) || \ 333 defined(USE_WOLF_STRTOK) 334 #ifndef USE_WOLF_STRTOK 335 #define USE_WOLF_STRTOK 336 #endif 337 #define XSTRTOK wc_strtok 377 #if defined(USE_WOLF_STRTOK) 378 #define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr)) 379 #elif defined(USE_WINDOWS_API) || defined(INTIME_RTOS) 380 #define XSTRTOK(s1,d,ptr) strtok_s((s1),(d),(ptr)) 338 381 #else 339 #define XSTRTOK strtok_s382 #define XSTRTOK(s1,d,ptr) strtok_r((s1),(d),(ptr)) 340 383 #endif 341 384 #endif 342 #endif 385 #endif 386 387 #ifdef USE_WOLF_STRTOK 388 WOLFSSL_API char* wc_strtok(char *str, const char *delim, char **nextp); 389 #endif 390 #ifdef USE_WOLF_STRSEP 391 WOLFSSL_API char* wc_strsep(char **stringp, const char *delim); 392 #endif 393 394 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ 395 !defined(NO_STDIO_FILESYSTEM) 396 #ifndef XGETENV 397 #include <stdlib.h> 398 #define XGETENV getenv 399 #endif 400 #endif /* OPENSSL_EXTRA */ 343 401 344 402 #ifndef CTYPE_USER 345 403 #include <ctype.h> 346 #if defined(HAVE_ECC) || defined(HAVE_OCSP) || defined(WOLFSSL_KEY_GEN) 404 #if defined(HAVE_ECC) || defined(HAVE_OCSP) || \ 405 defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA) 347 406 #define XTOUPPER(c) toupper((c)) 348 407 #define XISALPHA(c) isalpha((c)) … … 438 497 DYNAMIC_TYPE_HASHCTX = 82, 439 498 DYNAMIC_TYPE_SEED = 83, 440 DYNAMIC_TYPE_SYM ETRIC_KEY= 84,499 DYNAMIC_TYPE_SYMMETRIC_KEY= 84, 441 500 DYNAMIC_TYPE_ECC_BUFFER = 85, 442 501 DYNAMIC_TYPE_QSH = 86, 443 502 DYNAMIC_TYPE_SALT = 87, 444 503 DYNAMIC_TYPE_HASH_TMP = 88, 504 DYNAMIC_TYPE_BLOB = 89, 505 DYNAMIC_TYPE_NAME_ENTRY = 90, 445 506 }; 446 507 447 508 /* max error buffer string size */ 448 enum { 449 WOLFSSL_MAX_ERROR_SZ =80450 }; 509 #ifndef WOLFSSL_MAX_ERROR_SZ 510 #define WOLFSSL_MAX_ERROR_SZ 80 511 #endif 451 512 452 513 /* stack protection */ … … 455 516 }; 456 517 518 519 /* Algorithm Types */ 520 enum wc_AlgoType { 521 WC_ALGO_TYPE_NONE = 0, 522 WC_ALGO_TYPE_HASH = 1, 523 WC_ALGO_TYPE_CIPHER = 2, 524 WC_ALGO_TYPE_PK = 3, 525 526 WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_PK 527 }; 528 529 /* hash types */ 530 enum wc_HashType { 531 #if defined(HAVE_SELFTEST) || defined(HAVE_FIPS) 532 /* In selftest build, WC_* types are not mapped to WC_HASH_TYPE types. 533 * Values here are based on old selftest hmac.h enum, with additions */ 534 WC_HASH_TYPE_NONE = 15, 535 WC_HASH_TYPE_MD2 = 16, 536 WC_HASH_TYPE_MD4 = 17, 537 WC_HASH_TYPE_MD5 = 0, 538 WC_HASH_TYPE_SHA = 1, /* SHA-1 (not old SHA-0) */ 539 WC_HASH_TYPE_SHA224 = 8, 540 WC_HASH_TYPE_SHA256 = 2, 541 WC_HASH_TYPE_SHA384 = 5, 542 WC_HASH_TYPE_SHA512 = 4, 543 WC_HASH_TYPE_MD5_SHA = 18, 544 WC_HASH_TYPE_SHA3_224 = 10, 545 WC_HASH_TYPE_SHA3_256 = 11, 546 WC_HASH_TYPE_SHA3_384 = 12, 547 WC_HASH_TYPE_SHA3_512 = 13, 548 WC_HASH_TYPE_BLAKE2B = 14, 549 550 WC_HASH_TYPE_MAX = WC_HASH_TYPE_MD5_SHA 551 #else 552 WC_HASH_TYPE_NONE = 0, 553 WC_HASH_TYPE_MD2 = 1, 554 WC_HASH_TYPE_MD4 = 2, 555 WC_HASH_TYPE_MD5 = 3, 556 WC_HASH_TYPE_SHA = 4, /* SHA-1 (not old SHA-0) */ 557 WC_HASH_TYPE_SHA224 = 5, 558 WC_HASH_TYPE_SHA256 = 6, 559 WC_HASH_TYPE_SHA384 = 7, 560 WC_HASH_TYPE_SHA512 = 8, 561 WC_HASH_TYPE_MD5_SHA = 9, 562 WC_HASH_TYPE_SHA3_224 = 10, 563 WC_HASH_TYPE_SHA3_256 = 11, 564 WC_HASH_TYPE_SHA3_384 = 12, 565 WC_HASH_TYPE_SHA3_512 = 13, 566 WC_HASH_TYPE_BLAKE2B = 14, 567 568 WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2B 569 #endif /* HAVE_SELFTEST */ 570 }; 571 572 /* cipher types */ 573 enum wc_CipherType { 574 WC_CIPHER_NONE = 0, 575 WC_CIPHER_AES = 1, 576 WC_CIPHER_AES_CBC = 2, 577 WC_CIPHER_AES_GCM = 3, 578 WC_CIPHER_AES_CTR = 4, 579 WC_CIPHER_AES_XTS = 5, 580 WC_CIPHER_AES_CFB = 6, 581 WC_CIPHER_DES3 = 7, 582 WC_CIPHER_DES = 8, 583 WC_CIPHER_CHACHA = 9, 584 WC_CIPHER_HC128 = 10, 585 WC_CIPHER_IDEA = 11, 586 587 WC_CIPHER_MAX = WC_CIPHER_HC128 588 }; 589 590 /* PK=public key (asymmetric) based algorithms */ 591 enum wc_PkType { 592 WC_PK_TYPE_NONE = 0, 593 WC_PK_TYPE_RSA = 1, 594 WC_PK_TYPE_DH = 2, 595 WC_PK_TYPE_ECDH = 3, 596 WC_PK_TYPE_ECDSA_SIGN = 4, 597 WC_PK_TYPE_ECDSA_VERIFY = 5, 598 WC_PK_TYPE_ED25519 = 6, 599 WC_PK_TYPE_CURVE25519 = 7, 600 WC_PK_TYPE_RSA_KEYGEN = 8, 601 WC_PK_TYPE_EC_KEYGEN = 9, 602 603 WC_PK_TYPE_MAX = WC_PK_TYPE_EC_KEYGEN 604 }; 457 605 458 606 … … 582 730 #endif 583 731 732 733 #if defined(__GNUC__) 734 #define WOLFSSL_PACK __attribute__ ((packed)) 735 #else 736 #define WOLFSSL_PACK 737 #endif 738 739 #ifndef __GNUC_PREREQ 740 #if defined(__GNUC__) && defined(__GNUC_MINOR__) 741 #define __GNUC_PREREQ(maj, min) \ 742 ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min)) 743 #else 744 #define __GNUC_PREREQ(maj, min) (0) /* not GNUC */ 745 #endif 746 #endif 747 748 #if defined(__GNUC__) 749 #define WC_NORETURN __attribute__((noreturn)) 750 #else 751 #define WC_NORETURN 752 #endif 753 754 #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \ 755 defined(WOLFSSL_DEBUG_MATH) || defined(DEBUG_WOLFSSL) || \ 756 defined(WOLFSSL_PUBLIC_MP) || defined(OPENSSL_EXTRA) || \ 757 (defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)) 758 #undef WC_MP_TO_RADIX 759 #define WC_MP_TO_RADIX 760 #endif 761 584 762 #ifdef __cplusplus 585 763 } /* extern "C" */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/visibility.h
r337 r372 28 28 29 29 /* for compatibility and so that fips is using same name of macro @wc_fips */ 30 #ifdef HAVE_FIPS 30 /* The following visibility wrappers are for old FIPS. New FIPS should use 31 * the same as a non-FIPS build. */ 32 #if defined(HAVE_FIPS) && \ 33 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 31 34 #include <cyassl/ctaocrypt/visibility.h> 32 35 #define WOLFSSL_API CYASSL_API … … 41 44 42 45 #if defined(BUILDING_WOLFSSL) 43 #if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY 44 #define WOLFSSL_API __attribute__ ((visibility("default"))) 45 #define WOLFSSL_LOCAL __attribute__ ((visibility("hidden"))) 46 #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550) 47 #define WOLFSSL_API __global 48 #define WOLFSSL_LOCAL __hidden 49 #elif defined(_MSC_VER) || defined(__MINGW32__) 46 #if defined(_MSC_VER) || defined(__MINGW32__) 50 47 #if defined(WOLFSSL_DLL) 51 48 #define WOLFSSL_API __declspec(dllexport) … … 54 51 #endif 55 52 #define WOLFSSL_LOCAL 53 #elif defined(HAVE_VISIBILITY) && HAVE_VISIBILITY 54 #define WOLFSSL_API __attribute__ ((visibility("default"))) 55 #define WOLFSSL_LOCAL __attribute__ ((visibility("hidden"))) 56 #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550) 57 #define WOLFSSL_API __global 58 #define WOLFSSL_LOCAL __hidden 56 59 #else 57 60 #define WOLFSSL_API -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/wc_encrypt.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfcrypt/wc_encrypt.h 24 */ 22 25 23 26 … … 26 29 27 30 #include <wolfssl/wolfcrypt/types.h> 31 #include <wolfssl/wolfcrypt/aes.h> 32 #include <wolfssl/wolfcrypt/chacha.h> 33 #include <wolfssl/wolfcrypt/des3.h> 34 #include <wolfssl/wolfcrypt/arc4.h> 28 35 29 36 #ifdef __cplusplus … … 31 38 #endif 32 39 40 /* determine max cipher key size */ 33 41 #ifndef NO_AES 42 #define WC_MAX_SYM_KEY_SIZE (AES_MAX_KEY_SIZE/8) 43 #elif defined(HAVE_CHACHA) 44 #define WC_MAX_SYM_KEY_SIZE CHACHA_MAX_KEY_SZ 45 #elif !defined(NO_DES3) 46 #define WC_MAX_SYM_KEY_SIZE DES3_KEY_SIZE 47 #elif !defined(NO_RC4) 48 #define WC_MAX_SYM_KEY_SIZE RC4_KEY_SIZE 49 #else 50 #define WC_MAX_SYM_KEY_SIZE 32 51 #endif 52 53 54 #if !defined(NO_AES) && defined(HAVE_AES_CBC) 34 55 WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz, 35 56 const byte* key, word32 keySz, … … 56 77 #endif /* !NO_DES3 */ 57 78 79 80 81 82 #ifdef WOLFSSL_ENCRYPTED_KEYS 83 struct EncryptedInfo; 84 WOLFSSL_API int wc_BufferKeyDecrypt(struct EncryptedInfo* info, byte* der, word32 derSz, 85 const byte* password, int passwordSz, int hashType); 86 WOLFSSL_API int wc_BufferKeyEncrypt(struct EncryptedInfo* info, byte* der, word32 derSz, 87 const byte* password, int passwordSz, int hashType); 88 #endif /* WOLFSSL_ENCRYPTED_KEYS */ 89 90 #ifndef NO_PWDBASED 91 WOLFSSL_LOCAL int wc_CryptKey(const char* password, int passwordSz, 92 byte* salt, int saltSz, int iterations, int id, byte* input, int length, 93 int version, byte* cbcIv, int enc); 94 #endif 95 58 96 #ifdef __cplusplus 59 97 } /* extern "C" */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/wc_port.h
r337 r372 20 20 */ 21 21 22 22 /*! 23 \file wolfssl/wolfcrypt/wc_port.h 24 */ 23 25 24 26 #ifndef WOLF_CRYPT_PORT_H … … 32 34 #endif 33 35 36 /* Detect if compiler supports C99. "NO_WOLF_C99" can be defined in 37 * user_settings.h to disable checking for C99 support. */ 38 #if !defined(WOLF_C99) && defined(__STDC_VERSION__) && \ 39 !defined(WOLFSSL_ARDUINO) && !defined(NO_WOLF_C99) 40 #if __STDC_VERSION__ >= 199901L 41 #define WOLF_C99 42 #endif 43 #endif 34 44 35 45 #ifdef USE_WINDOWS_API … … 65 75 #elif defined(FREESCALE_FREE_RTOS) 66 76 #include "fsl_os_abstraction.h" 77 #elif defined(WOLFSSL_VXWORKS) 78 #include <semLib.h> 67 79 #elif defined(WOLFSSL_uITRON4) 68 80 #include "stddef.h" … … 70 82 #elif defined(WOLFSSL_uTKERNEL2) 71 83 #include "tk/tkernel.h" 84 #elif defined(WOLFSSL_CMSIS_RTOS) 85 #include "cmsis_os.h" 72 86 #elif defined(WOLFSSL_MDK_ARM) 73 87 #if defined(WOLFSSL_MDK5) … … 86 100 #include <rt.h> 87 101 #include <io.h> 102 #elif defined(WOLFSSL_NUCLEUS_1_2) 103 /* NU_DEBUG needed struct access in nucleus_realloc */ 104 #define NU_DEBUG 105 #include "plus/nucleus.h" 106 #include "nucleus.h" 107 #elif defined(WOLFSSL_APACHE_MYNEWT) 108 /* do nothing */ 88 109 #else 89 110 #ifndef SINGLE_THREADED … … 133 154 #elif defined(FREESCALE_FREE_RTOS) 134 155 typedef mutex_t wolfSSL_Mutex; 156 #elif defined(WOLFSSL_VXWORKS) 157 typedef SEM_ID wolfSSL_Mutex; 135 158 #elif defined(WOLFSSL_uITRON4) 136 159 typedef struct wolfSSL_Mutex { … … 157 180 #elif defined(INTIME_RTOS) 158 181 typedef RTHANDLE wolfSSL_Mutex; 182 #elif defined(WOLFSSL_NUCLEUS_1_2) 183 typedef NU_SEMAPHORE wolfSSL_Mutex; 159 184 #else 160 185 #error Need a mutex type in multithreaded mode … … 185 210 #define wolfSSL_CryptHwMutexInit() 0 /* Success */ 186 211 #define wolfSSL_CryptHwMutexLock() 0 /* Success */ 187 #define wolfSSL_CryptHwMutexUnLock() 0 /* Success */212 #define wolfSSL_CryptHwMutexUnLock() (void)0 /* Success */ 188 213 #endif /* WOLFSSL_CRYPT_HW_MUTEX */ 189 214 … … 194 219 WOLFSSL_API int wc_LockMutex(wolfSSL_Mutex*); 195 220 WOLFSSL_API int wc_UnLockMutex(wolfSSL_Mutex*); 221 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 222 /* dynamiclly set which mutex to use. unlock / lock is controlled by flag */ 223 typedef void (mutex_cb)(int flag, int type, const char* file, int line); 224 225 WOLFSSL_API int wc_LockMutex_ex(int flag, int type, const char* file, int line); 226 WOLFSSL_API int wc_SetMutexCb(mutex_cb* cb); 227 #endif 196 228 197 229 /* main crypto initialization function */ … … 255 287 #define XBADFILE NULL 256 288 #define XFGETS(b,s,f) -2 /* Not ported yet */ 289 #elif defined(WOLFSSL_NUCLEUS_1_2) 290 #include "fal/inc/fal.h" 291 #define XFILE FILE* 292 #define XFOPEN fopen 293 #define XFSEEK fseek 294 #define XFTELL ftell 295 #define XREWIND rewind 296 #define XFREAD fread 297 #define XFWRITE fwrite 298 #define XFCLOSE fclose 299 #define XSEEK_END PSEEK_END 300 #define XBADFILE NULL 301 #elif defined(WOLFSSL_APACHE_MYNEWT) 302 #include <fs/fs.h> 303 #define XFILE struct fs_file* 304 305 #define XFOPEN mynewt_fopen 306 #define XFSEEK mynewt_fseek 307 #define XFTELL mynewt_ftell 308 #define XREWIND mynewt_rewind 309 #define XFREAD mynewt_fread 310 #define XFWRITE mynewt_fwrite 311 #define XFCLOSE mynewt_fclose 312 #define XSEEK_END 2 313 #define XBADFILE NULL 314 #define XFGETS(b,s,f) -2 /* Not ported yet */ 315 #elif defined(WOLFSSL_USER_FILESYSTEM) 316 /* To be defined in user_settings.h */ 257 317 #else 258 318 /* stdio, default case */ … … 275 335 #define XFGETS fgets 276 336 277 #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR) 337 #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\ 338 && !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2) 278 339 #include <dirent.h> 279 340 #include <unistd.h> … … 289 350 #endif 290 351 291 #if !defined(NO_WOLFSSL_DIR) 352 #if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_NUCLEUS) && \ 353 !defined(WOLFSSL_NUCLEUS_1_2) 292 354 typedef struct ReadDirCtx { 293 355 #ifdef USE_WINDOWS_API … … 302 364 } ReadDirCtx; 303 365 366 #define WC_READDIR_NOFILE -1 367 304 368 WOLFSSL_API int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name); 305 369 WOLFSSL_API int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name); … … 308 372 309 373 #endif /* !NO_FILESYSTEM */ 310 311 #ifdef USE_WOLF_STRTOK312 WOLFSSL_LOCAL char* wc_strtok(char *str, const char *delim, char **nextp);313 #endif314 374 315 375 /* Windows API defines its own min() macro. */ … … 323 383 #endif /* USE_WINDOWS_API */ 324 384 385 /* Time functions */ 386 #ifndef NO_ASN_TIME 387 #if defined(USER_TIME) 388 /* Use our gmtime and time_t/struct tm types. 389 Only needs seconds since EPOCH using XTIME function. 390 time_t XTIME(time_t * timer) {} 391 */ 392 #define WOLFSSL_GMTIME 393 #define USE_WOLF_TM 394 #define USE_WOLF_TIME_T 395 396 #elif defined(TIME_OVERRIDES) 397 /* Override XTIME() and XGMTIME() functionality. 398 Requires user to provide these functions: 399 time_t XTIME(time_t * timer) {} 400 struct tm* XGMTIME(const time_t* timer, struct tm* tmp) {} 401 */ 402 #ifndef HAVE_TIME_T_TYPE 403 #define USE_WOLF_TIME_T 404 #endif 405 #ifndef HAVE_TM_TYPE 406 #define USE_WOLF_TM 407 #endif 408 #define NEED_TMP_TIME 409 410 #elif defined(HAVE_RTP_SYS) 411 #include "os.h" /* dc_rtc_api needs */ 412 #include "dc_rtc_api.h" /* to get current time */ 413 414 /* uses parital <time.h> structures */ 415 #define XTIME(tl) (0) 416 #define XGMTIME(c, t) rtpsys_gmtime((c)) 417 418 #elif defined(MICRIUM) 419 #include <clk.h> 420 #include <time.h> 421 #define XTIME(t1) micrium_time((t1)) 422 #define WOLFSSL_GMTIME 423 424 #elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP) 425 #include <time.h> 426 #define XTIME(t1) pic32_time((t1)) 427 #define XGMTIME(c, t) gmtime((c)) 428 429 #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) 430 #ifdef FREESCALE_MQX_4_0 431 #include <time.h> 432 extern time_t mqx_time(time_t* timer); 433 #else 434 #define HAVE_GMTIME_R 435 #endif 436 #define XTIME(t1) mqx_time((t1)) 437 438 #elif defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS) 439 #include <time.h> 440 #ifndef XTIME 441 /*extern time_t ksdk_time(time_t* timer);*/ 442 #define XTIME(t1) ksdk_time((t1)) 443 #endif 444 #define XGMTIME(c, t) gmtime((c)) 445 446 #elif defined(WOLFSSL_ATMEL) && defined(WOLFSSL_ATMEL_TIME) 447 #define XTIME(t1) atmel_get_curr_time_and_date((t1)) 448 #define WOLFSSL_GMTIME 449 #define USE_WOLF_TM 450 #define USE_WOLF_TIME_T 451 452 #elif defined(IDIRECT_DEV_TIME) 453 /*Gets the timestamp from cloak software owned by VT iDirect 454 in place of time() from <time.h> */ 455 #include <time.h> 456 #define XTIME(t1) idirect_time((t1)) 457 #define XGMTIME(c, t) gmtime((c)) 458 459 #elif defined(_WIN32_WCE) 460 #include <windows.h> 461 #define XTIME(t1) windows_time((t1)) 462 #define WOLFSSL_GMTIME 463 464 #elif defined(WOLFSSL_APACHE_MYNEWT) 465 #include "os/os_time.h" 466 #define XTIME(t1) mynewt_time((t1)) 467 #define WOLFSSL_GMTIME 468 #define USE_WOLF_TM 469 #define USE_WOLF_TIME_T 470 #else 471 /* default */ 472 /* uses complete <time.h> facility */ 473 #include <time.h> 474 #if defined(HAVE_SYS_TIME_H) 475 #include <sys/time.h> 476 #endif 477 478 /* PowerPC time_t is int */ 479 #ifdef __PPC__ 480 #define TIME_T_NOT_64BIT 481 #endif 482 #endif 483 484 #ifdef SIZEOF_TIME_T 485 /* check if size of time_t from autoconf is less than 8 bytes (64bits) */ 486 #if SIZEOF_TIME_T < 8 487 #undef TIME_T_NOT_64BIT 488 #define TIME_T_NOT_64BIT 489 #endif 490 #endif 491 #ifdef TIME_T_NOT_LONG 492 /* one old reference to TIME_T_NOT_LONG in GCC-ARM example README 493 * this keeps support for the old macro name */ 494 #undef TIME_T_NOT_64BIT 495 #define TIME_T_NOT_64BIT 496 #endif 497 498 /* Map default time functions */ 499 #if !defined(XTIME) && !defined(TIME_OVERRIDES) && !defined(USER_TIME) 500 #define XTIME(tl) time((tl)) 501 #endif 502 #if !defined(XGMTIME) && !defined(TIME_OVERRIDES) 503 #if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R) || defined(WOLF_C99) 504 #define XGMTIME(c, t) gmtime((c)) 505 #else 506 #define XGMTIME(c, t) gmtime_r((c), (t)) 507 #define NEED_TMP_TIME 508 #endif 509 #endif 510 #if !defined(XVALIDATE_DATE) && !defined(HAVE_VALIDATE_DATE) 511 #define USE_WOLF_VALIDDATE 512 #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) 513 #endif 514 515 /* wolf struct tm and time_t */ 516 #if defined(USE_WOLF_TM) 517 struct tm { 518 int tm_sec; /* seconds after the minute [0-60] */ 519 int tm_min; /* minutes after the hour [0-59] */ 520 int tm_hour; /* hours since midnight [0-23] */ 521 int tm_mday; /* day of the month [1-31] */ 522 int tm_mon; /* months since January [0-11] */ 523 int tm_year; /* years since 1900 */ 524 int tm_wday; /* days since Sunday [0-6] */ 525 int tm_yday; /* days since January 1 [0-365] */ 526 int tm_isdst; /* Daylight Savings Time flag */ 527 long tm_gmtoff; /* offset from CUT in seconds */ 528 char *tm_zone; /* timezone abbreviation */ 529 }; 530 #endif /* USE_WOLF_TM */ 531 #if defined(USE_WOLF_TIME_T) 532 typedef long time_t; 533 #endif 534 #if defined(USE_WOLF_SUSECONDS_T) 535 typedef long suseconds_t; 536 #endif 537 #if defined(USE_WOLF_TIMEVAL_T) 538 struct timeval 539 { 540 time_t tv_sec; 541 suseconds_t tv_usec; 542 }; 543 #endif 544 545 /* forward declarations */ 546 #if defined(USER_TIME) 547 struct tm* gmtime(const time_t* timer); 548 extern time_t XTIME(time_t * timer); 549 550 #ifdef STACK_TRAP 551 /* for stack trap tracking, don't call os gmtime on OS X/linux, 552 uses a lot of stack spce */ 553 extern time_t time(time_t * timer); 554 #define XTIME(tl) time((tl)) 555 #endif /* STACK_TRAP */ 556 557 #elif defined(TIME_OVERRIDES) 558 extern time_t XTIME(time_t * timer); 559 extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp); 560 #elif defined(WOLFSSL_GMTIME) 561 struct tm* gmtime(const time_t* timer); 562 #endif 563 #endif /* NO_ASN_TIME */ 564 565 #ifndef WOLFSSL_LEANPSK 566 char* mystrnstr(const char* s1, const char* s2, unsigned int n); 567 #endif 568 569 #ifndef FILE_BUFFER_SIZE 570 #define FILE_BUFFER_SIZE 1024 /* default static file buffer size for input, 571 will use dynamic buffer if not big enough */ 572 #endif 573 325 574 326 575 #ifdef __cplusplus -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfcrypt/wolfmath.h
r337 r372 52 52 int mp_rand(mp_int* a, int digits, WC_RNG* rng); 53 53 54 enum { 55 /* format type */ 56 WC_TYPE_HEX_STR = 1, 57 WC_TYPE_UNSIGNED_BIN = 2, 58 }; 59 60 WOLFSSL_API int wc_export_int(mp_int* mp, byte* buf, word32* len, 61 word32 keySz, int encType); 54 62 55 63 #ifdef HAVE_WOLF_BIGINT … … 62 70 63 71 int wc_mp_to_bigint(mp_int* src, WC_BIGINT* dst); 72 int wc_mp_to_bigint_sz(mp_int* src, WC_BIGINT* dst, word32 sz); 64 73 int wc_bigint_to_mp(WC_BIGINT* src, mp_int* dst); 65 74 #endif /* HAVE_WOLF_BIGINT */ -
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfssl/wolfio.h
r337 r372 20 20 */ 21 21 22 /*! 23 \file wolfssl/wolfio.h 24 */ 22 25 23 26 #ifndef WOLFSSL_IO_H … … 28 31 #endif 29 32 33 /* Micrium uses NetSock I/O callbacks in wolfio.c */ 34 #if !defined(WOLFSSL_USER_IO) 30 35 /* OCSP and CRL_IO require HTTP client */ 31 36 #if defined(HAVE_OCSP) || defined(HAVE_CRL_IO) … … 34 39 #endif 35 40 #endif 41 #endif 36 42 37 43 #if !defined(WOLFSSL_USER_IO) 38 44 /* Micrium uses NetSock I/O callbacks in wolfio.c */ 39 #if !defined(USE_WOLFSSL_IO) && !defined(MICRIUM) 45 #if !defined(USE_WOLFSSL_IO) && !defined(MICRIUM) && !defined(WOLFSSL_CONTIKI) 40 46 #define USE_WOLFSSL_IO 41 47 #endif … … 50 56 51 57 #ifndef USE_WINDOWS_API 52 #if def WOLFSSL_LWIP58 #if defined(WOLFSSL_LWIP) && !defined(WOLFSSL_APACHE_MYNEWT) 53 59 /* lwIP needs to be configured to use sockets API in this mode */ 54 60 /* LWIP_SOCKET 1 in lwip/opt.h or in build */ 55 61 #include "lwip/sockets.h" 56 #include <errno.h>57 62 #ifndef LWIP_PROVIDE_ERRNO 63 #include <errno.h> 58 64 #define LWIP_PROVIDE_ERRNO 1 59 65 #endif … … 63 69 #elif defined(FREESCALE_KSDK_MQX) 64 70 #include <rtcs.h> 65 #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) 66 #if !defined(WOLFSSL_MDK_ARM) 71 #elif (defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)) 67 72 #include "cmsis_os.h" 68 73 #include "rl_net.h" 69 #else70 #include <rtl.h>71 #endif72 74 #include "errno.h" 73 #define SOCKET_T int 75 #elif defined(WOLFSSL_CMSIS_RTOS) 76 #include "cmsis_os.h" 74 77 #elif defined(WOLFSSL_TIRTOS) 75 78 #include <sys/socket.h> … … 80 83 #elif defined(WOLFSSL_VXWORKS) 81 84 #include <sockLib.h> 85 #include <errno.h> 86 #elif defined(WOLFSSL_NUCLEUS_1_2) 87 #include <externs.h> 82 88 #include <errno.h> 83 89 #elif defined(WOLFSSL_ATMEL) … … 105 111 #elif defined(WOLFSSL_SGX) 106 112 #include <errno.h> 113 #elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) 114 #include <mn_socket/mn_socket.h> 107 115 #elif !defined(WOLFSSL_NO_SOCK) 108 116 #include <sys/types.h> … … 118 126 #include "rtipapi.h" /* errno */ 119 127 #include "socket.h" 120 #elif !defined(DEVKITPRO) && !defined(WOLFSSL_PICOTCP) 128 #elif !defined(DEVKITPRO) && !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_CONTIKI) 121 129 #include <sys/socket.h> 122 130 #include <arpa/inet.h> … … 148 156 #define SOCKET_ECONNREFUSED WSAENOTCONN 149 157 #define SOCKET_ECONNABORTED WSAECONNABORTED 150 #define close(s) closesocket(s)151 158 #elif defined(__PPU) 152 159 #define SOCKET_EWOULDBLOCK SYS_NET_EWOULDBLOCK … … 177 184 #endif 178 185 #elif defined(WOLFSSL_MDK_ARM)|| defined(WOLFSSL_KEIL_TCP_NET) 179 #if !defined(WOLFSSL_MDK_ARM)180 186 #define SOCKET_EWOULDBLOCK BSD_ERROR_WOULDBLOCK 181 187 #define SOCKET_EAGAIN BSD_ERROR_LOCKED … … 185 191 #define SOCKET_ECONNREFUSED BSD_ERROR 186 192 #define SOCKET_ECONNABORTED BSD_ERROR 187 #else188 #define SOCKET_EWOULDBLOCK SCK_EWOULDBLOCK189 #define SOCKET_EAGAIN SCK_ELOCKED190 #define SOCKET_ECONNRESET SCK_ECLOSED191 #define SOCKET_EINTR SCK_ERROR192 #define SOCKET_EPIPE SCK_ERROR193 #define SOCKET_ECONNREFUSED SCK_ERROR194 #define SOCKET_ECONNABORTED SCK_ERROR195 #endif196 193 #elif defined(WOLFSSL_PICOTCP) 197 194 #define SOCKET_EWOULDBLOCK PICO_ERR_EAGAIN … … 210 207 #define SOCKET_ECONNREFUSED FREERTOS_SOCKET_ERROR 211 208 #define SOCKET_ECONNABORTED FREERTOS_SOCKET_ERROR 209 #elif defined(WOLFSSL_NUCLEUS_1_2) 210 #define SOCKET_EWOULDBLOCK NU_WOULD_BLOCK 211 #define SOCKET_EAGAIN NU_WOULD_BLOCK 212 #define SOCKET_ECONNRESET NU_NOT_CONNECTED 213 #define SOCKET_EINTR NU_NOT_CONNECTED 214 #define SOCKET_EPIPE NU_NOT_CONNECTED 215 #define SOCKET_ECONNREFUSED NU_CONNECTION_REFUSED 216 #define SOCKET_ECONNABORTED NU_NOT_CONNECTED 212 217 #else 213 218 #define SOCKET_EWOULDBLOCK EWOULDBLOCK … … 221 226 222 227 228 229 223 230 #ifdef DEVKITPRO 224 231 /* from network.h */ … … 227 234 #define SEND_FUNCTION net_send 228 235 #define RECV_FUNCTION net_recv 229 #elif defined(WOLFSSL_LWIP) 236 #elif defined(WOLFSSL_LWIP) && !defined(WOLFSSL_APACHE_MYNEWT) 230 237 #define SEND_FUNCTION lwip_send 231 238 #define RECV_FUNCTION lwip_recv … … 239 246 #define SEND_FUNCTION send 240 247 #define RECV_FUNCTION recv 248 #elif defined(WOLFSSL_NUCLEUS_1_2) 249 #define SEND_FUNCTION NU_Send 250 #define RECV_FUNCTION NU_Recv 241 251 #else 242 252 #define SEND_FUNCTION send … … 273 283 #endif /* HAVE_SOCKADDR */ 274 284 285 /* use gethostbyname for c99 */ 286 #ifdef WOLF_C99 287 #undef HAVE_GETADDRINFO 288 #endif 289 275 290 #ifdef HAVE_GETADDRINFO 276 291 typedef struct addrinfo ADDRINFO; … … 282 297 #ifdef HAVE_IO_TIMEOUT 283 298 WOLFSSL_API int wolfIO_SetBlockingMode(SOCKET_T sockfd, int non_blocking); 284 WOLFSSL_API void wolfIO_SetTimeout(int to_sec); ;299 WOLFSSL_API void wolfIO_SetTimeout(int to_sec); 285 300 WOLFSSL_API int wolfIO_Select(SOCKET_T sockfd, int to_sec); 286 301 #endif … … 293 308 294 309 310 #ifdef USE_WINDOWS_API 311 #ifndef CloseSocket 312 #define CloseSocket(s) closesocket(s) 313 #endif 314 #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); } 315 #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) 316 #ifndef CloseSocket 317 extern int closesocket(int); 318 #define CloseSocket(s) closesocket(s) 319 #endif 320 #define StartTCP() 321 #else 322 #ifndef CloseSocket 323 #define CloseSocket(s) close(s) 324 #endif 325 #define StartTCP() 326 #ifdef FREERTOS_TCP_WINSIM 327 extern int close(int); 328 #endif 329 #endif 330 331 332 WOLFSSL_API int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx); 333 WOLFSSL_API int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx); 295 334 #if defined(USE_WOLFSSL_IO) 296 335 /* default IO callbacks */ … … 346 385 const char* domainName, const char* path, int pathLen, int reqSz, 347 386 const char* contentType, unsigned char* buf, int bufSize); 348 WOLFSSL_API int wolfIO_HttpProcessResponse(int sfd, const char* appStr,387 WOLFSSL_API int wolfIO_HttpProcessResponse(int sfd, const char** appStrList, 349 388 unsigned char** respBuf, unsigned char* httpBuf, int httpBufSz, 350 389 int dynType, void* heap); … … 355 394 typedef int (*CallbackIORecv)(WOLFSSL *ssl, char *buf, int sz, void *ctx); 356 395 typedef int (*CallbackIOSend)(WOLFSSL *ssl, char *buf, int sz, void *ctx); 357 WOLFSSL_API void wolfSSL_SetIORecv(WOLFSSL_CTX*, CallbackIORecv); 358 WOLFSSL_API void wolfSSL_SetIOSend(WOLFSSL_CTX*, CallbackIOSend); 396 WOLFSSL_API void wolfSSL_CTX_SetIORecv(WOLFSSL_CTX*, CallbackIORecv); 397 WOLFSSL_API void wolfSSL_CTX_SetIOSend(WOLFSSL_CTX*, CallbackIOSend); 398 /* deprecated old name */ 399 #define wolfSSL_SetIORecv wolfSSL_CTX_SetIORecv 400 #define wolfSSL_SetIOSend wolfSSL_CTX_SetIOSend 359 401 360 402 WOLFSSL_API void wolfSSL_SetIOReadCtx( WOLFSSL* ssl, void *ctx); … … 385 427 #endif /* MICRIUM */ 386 428 429 #if defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) 430 WOLFSSL_LOCAL int Mynewt_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx); 431 WOLFSSL_LOCAL int Mynewt_Send(WOLFSSL* ssl, char *buf, int sz, void *ctx); 432 WOLFSSL_API void wolfSSL_SetIO_Mynewt(WOLFSSL* ssl, struct mn_socket* mnSocket, 433 struct mn_sockaddr_in* mnSockAddrIn); 434 #endif /* defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) */ 435 436 #ifdef WOLFSSL_UIP 437 438 struct uip_wolfssl_ctx { 439 union socket_connector { 440 struct tcp_socket tcp; 441 struct udp_socket udp; 442 } conn; 443 WOLFSSL_CTX *ctx; 444 WOLFSSL *ssl; 445 uint8_t *input_databuf; 446 uint8_t *output_databuf; 447 uint8_t *ssl_rx_databuf; 448 int ssl_rb_len; 449 int ssl_rb_off; 450 struct process *process; 451 tcp_socket_data_callback_t input_callback; 452 tcp_socket_event_callback_t event_callback; 453 int closing; 454 uip_ipaddr_t peer_addr; 455 uint16_t peer_port; 456 }; 457 458 typedef struct uip_wolfssl_ctx uip_wolfssl_ctx; 459 460 WOLFSSL_LOCAL int uIPSend(WOLFSSL* ssl, char* buf, int sz, void* ctx); 461 WOLFSSL_LOCAL int uIPReceive(WOLFSSL* ssl, char* buf, int sz, 462 void* ctx); 463 WOLFSSL_LOCAL int uIPReceiveFrom(WOLFSSL* ssl, char* buf, int sz, 464 void* ctx); 465 WOLFSSL_LOCAL int uIPSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx); 466 467 #endif 468 387 469 #ifdef WOLFSSL_DTLS 388 470 typedef int (*CallbackGenCookie)(WOLFSSL* ssl, unsigned char* buf, int sz, … … 407 489 #ifndef XINET_NTOP 408 490 #define XINET_NTOP(a,b,c,d) inet_ntop((a),(b),(c),(d)) 491 #ifdef USE_WINDOWS_API /* Windows-friendly definition */ 492 #undef XINET_NTOP 493 #define XINET_NTOP(a,b,c,d) InetNtop((a),(b),(c),(d)) 494 #endif 409 495 #endif 410 496 #ifndef XINET_PTON 411 497 #define XINET_PTON(a,b,c) inet_pton((a),(b),(c)) 498 #ifdef USE_WINDOWS_API /* Windows-friendly definition */ 499 #undef XINET_PTON 500 #define XINET_PTON(a,b,c) InetPton((a),(b),(c)) 501 #endif 412 502 #endif 413 503 #ifndef XHTONS
Note:
See TracChangeset
for help on using the changeset viewer.