Update wolfSSL and networking code
Uses MEM2 for downloads, improves timeout handling and adds proxy support.
This commit is contained in:
parent
4440574baa
commit
1129a26b44
102 changed files with 3454 additions and 5486 deletions
|
@ -2058,6 +2058,9 @@ msgstr "Synchronizuji ..."
|
|||
msgid "System Default"
|
||||
msgstr "Puvodní nastavení systému"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Cínsky"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "Synkronisere..."
|
|||
msgid "System Default"
|
||||
msgstr "System-standard"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Kinesisk (trad.)"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "Synchroniseren..."
|
|||
msgid "System Default"
|
||||
msgstr "Systeem standaard"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Chinees Trad."
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr ""
|
|||
msgid "System Default"
|
||||
msgstr ""
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr ""
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr ""
|
|||
msgid "System Default"
|
||||
msgstr "Wiin oletus"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "TKiina"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "Synchronisation..."
|
|||
msgid "System Default"
|
||||
msgstr "Console par défaut"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Chinois traditionnel"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "Synchronisiere..."
|
|||
msgid "System Default"
|
||||
msgstr "Konsolenstandard"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Traditionelles Chinesisch"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "Συγχρονισμός..."
|
|||
msgid "System Default"
|
||||
msgstr "Βασικό-η συστήματος"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Παραδοσιακά κινέζικα"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr ""
|
|||
msgid "System Default"
|
||||
msgstr "Rendszer Alapértelmezett"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Tradicionális Kínai"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "Sincronizzando..."
|
|||
msgid "System Default"
|
||||
msgstr "Predefinita del sistema"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Cinese tradizionale"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "同期中です..."
|
|||
msgid "System Default"
|
||||
msgstr "Wiiの初期値"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "繁体中国語"
|
||||
|
||||
|
|
|
@ -2052,6 +2052,9 @@ msgstr "동기화 중..."
|
|||
msgid "System Default"
|
||||
msgstr "기본 시스템"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "번체 중국어"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "Synkroniserer..."
|
|||
msgid "System Default"
|
||||
msgstr "System Standard"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "T.Kinesisk"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr ""
|
|||
msgid "System Default"
|
||||
msgstr "Domyslne ustawienia systemowe"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "chinski"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "Sincronizando..."
|
|||
msgid "System Default"
|
||||
msgstr "Padrão"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Chinês"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "A sincronizar"
|
|||
msgid "System Default"
|
||||
msgstr "Predefinição Sistema"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Chinês Tradicional"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr ""
|
|||
msgid "System Default"
|
||||
msgstr "По умолчанию"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Традиционный китайский"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "正在同步 ..."
|
|||
msgid "System Default"
|
||||
msgstr "系统默认"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "繁体中文"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "Sincronizando..."
|
|||
msgid "System Default"
|
||||
msgstr "Consola"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Chino Tradicional"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr ""
|
|||
msgid "System Default"
|
||||
msgstr "Systemets standard"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "TKinesiska"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr "正在同步..."
|
|||
msgid "System Default"
|
||||
msgstr "系統預設值"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "繁體中文"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr ""
|
|||
msgid "System Default"
|
||||
msgstr "ค่าเริ่มต้นของระบบ"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "จีนโบราณ"
|
||||
|
||||
|
|
|
@ -2058,6 +2058,9 @@ msgstr ""
|
|||
msgid "System Default"
|
||||
msgstr "Sistem Varsayılanı"
|
||||
|
||||
msgid "System Proxy Settings"
|
||||
msgstr ""
|
||||
|
||||
msgid "TChinese"
|
||||
msgstr "Geleneksel Çince"
|
||||
|
||||
|
|
|
@ -83,7 +83,7 @@ int DownloadAllLanguageFiles(int revision)
|
|||
fclose(pfile);
|
||||
files_downloaded++;
|
||||
}
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -151,7 +151,7 @@ int UpdateLanguageFiles()
|
|||
fclose(pfile);
|
||||
done++;
|
||||
}
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -167,6 +167,8 @@ enum wolfSSL_ErrorCodes {
|
|||
CLIENT_CERT_CB_ERROR = -436, /* Client cert callback error */
|
||||
SSL_SHUTDOWN_ALREADY_DONE_E = -437, /* Shutdown called redundantly */
|
||||
TLS13_SECRET_CB_E = -438, /* TLS1.3 secret Cb fcn failure */
|
||||
DTLS_SIZE_ERROR = -439, /* Trying to send too much data */
|
||||
NO_CERT_ERROR = -440, /* TLS1.3 - no cert set error */
|
||||
|
||||
/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */
|
||||
|
||||
|
|
|
@ -72,6 +72,9 @@
|
|||
#ifndef NO_SHA256
|
||||
#include <libs/libwolfssl/wolfcrypt/sha256.h>
|
||||
#endif
|
||||
#if defined(WOLFSSL_SHA384)
|
||||
#include <libs/libwolfssl/wolfcrypt/sha512.h>
|
||||
#endif
|
||||
#ifdef HAVE_OCSP
|
||||
#include <libs/libwolfssl/ocsp.h>
|
||||
#endif
|
||||
|
@ -183,8 +186,15 @@
|
|||
/* do nothing */
|
||||
#else
|
||||
#ifndef SINGLE_THREADED
|
||||
#define WOLFSSL_PTHREADS
|
||||
#include <pthread.h>
|
||||
#if defined(WOLFSSL_LINUXKM)
|
||||
#define WOLFSSL_KTHREADS
|
||||
#include <linux/kthread.h>
|
||||
#elif defined(WOLFSSL_USER_MUTEX)
|
||||
/* do nothing */
|
||||
#else
|
||||
#define WOLFSSL_PTHREADS
|
||||
#include <pthread.h>
|
||||
#endif
|
||||
#endif
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
|
||||
#include <unistd.h> /* for close of BIO */
|
||||
|
@ -858,11 +868,13 @@
|
|||
|
||||
#if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) || \
|
||||
defined(BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) || \
|
||||
defined(BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) || \
|
||||
defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) || \
|
||||
defined(BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256) || \
|
||||
defined(BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256) || \
|
||||
defined(BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384) || \
|
||||
defined(BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) || \
|
||||
defined(BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) || \
|
||||
defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) || \
|
||||
defined(BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384) || \
|
||||
defined(BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384) || \
|
||||
|
@ -906,7 +918,7 @@
|
|||
#define BUILD_DES3
|
||||
#endif
|
||||
|
||||
#if defined(NO_AES) || defined(NO_AES_DECRYPT)
|
||||
#if defined(NO_AES) || !defined(HAVE_AES_DECRYPT)
|
||||
#define AES_BLOCK_SIZE 16
|
||||
#undef BUILD_AES
|
||||
#else
|
||||
|
@ -1165,7 +1177,8 @@ enum {
|
|||
#ifndef MAX_PSK_ID_LEN
|
||||
/* max psk identity/hint supported */
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
#define MAX_PSK_ID_LEN 256
|
||||
/* OpenSSL has a 1472 byte sessiont ticket */
|
||||
#define MAX_PSK_ID_LEN 1536
|
||||
#else
|
||||
#define MAX_PSK_ID_LEN 128
|
||||
#endif
|
||||
|
@ -1207,19 +1220,6 @@ enum Misc {
|
|||
TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */
|
||||
TLSv1_3_MINOR = 4, /* TLSv1_3 minor version number */
|
||||
TLS_DRAFT_MAJOR = 0x7f, /* Draft TLS major version number */
|
||||
#ifdef WOLFSSL_TLS13_DRAFT
|
||||
#ifdef WOLFSSL_TLS13_DRAFT_18
|
||||
TLS_DRAFT_MINOR = 0x12, /* Minor version number of TLS draft */
|
||||
#elif defined(WOLFSSL_TLS13_DRAFT_22)
|
||||
TLS_DRAFT_MINOR = 0x16, /* Minor version number of TLS draft */
|
||||
#elif defined(WOLFSSL_TLS13_DRAFT_23)
|
||||
TLS_DRAFT_MINOR = 0x17, /* Minor version number of TLS draft */
|
||||
#elif defined(WOLFSSL_TLS13_DRAFT_26)
|
||||
TLS_DRAFT_MINOR = 0x1a, /* Minor version number of TLS draft */
|
||||
#else
|
||||
TLS_DRAFT_MINOR = 0x1c, /* Minor version number of TLS draft */
|
||||
#endif
|
||||
#endif
|
||||
OLD_HELLO_ID = 0x01, /* SSLv2 Client Hello Indicator */
|
||||
INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */
|
||||
NO_COMPRESSION = 0,
|
||||
|
@ -1355,10 +1355,21 @@ enum Misc {
|
|||
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
|
||||
MAX_SYM_KEY_SIZE = AES_256_KEY_SIZE,
|
||||
#else
|
||||
MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
|
||||
#if defined(HAVE_NULL_CIPHER) && defined(WOLFSSL_TLS13)
|
||||
#if defined(WOLFSSL_SHA384) && WC_MAX_SYM_KEY_SIZE < 48
|
||||
MAX_SYM_KEY_SIZE = WC_SHA384_DIGEST_SIZE,
|
||||
#elif !defined(NO_SHA256) && WC_MAX_SYM_KEY_SIZE < 32
|
||||
MAX_SYM_KEY_SIZE = WC_SHA256_DIGEST_SIZE,
|
||||
#else
|
||||
MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
|
||||
#endif
|
||||
#else
|
||||
MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SELFTEST
|
||||
#if defined(HAVE_SELFTEST) && \
|
||||
(!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2))
|
||||
#ifndef WOLFSSL_AES_KEY_SIZE_ENUM
|
||||
#define WOLFSSL_AES_KEY_SIZE_ENUM
|
||||
AES_IV_SIZE = 16,
|
||||
|
@ -1502,7 +1513,7 @@ enum Misc {
|
|||
|
||||
/* number of items in the signature algo list */
|
||||
#ifndef WOLFSSL_MAX_SIGALGO
|
||||
#define WOLFSSL_MAX_SIGALGO 32
|
||||
#define WOLFSSL_MAX_SIGALGO 36
|
||||
#endif
|
||||
|
||||
|
||||
|
@ -1590,6 +1601,7 @@ enum states {
|
|||
SERVER_HELLO_COMPLETE,
|
||||
SERVER_ENCRYPTED_EXTENSIONS_COMPLETE,
|
||||
SERVER_CERT_COMPLETE,
|
||||
SERVER_CERT_VERIFY_COMPLETE,
|
||||
SERVER_KEYEXCHANGE_COMPLETE,
|
||||
SERVER_HELLODONE_COMPLETE,
|
||||
SERVER_CHANGECIPHERSPEC_COMPLETE,
|
||||
|
@ -1622,14 +1634,14 @@ WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_3(void);
|
|||
WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1_2(void);
|
||||
|
||||
#ifdef WOLFSSL_SESSION_EXPORT
|
||||
WOLFSSL_LOCAL int wolfSSL_dtls_import_internal(WOLFSSL* ssl, byte* buf,
|
||||
WOLFSSL_LOCAL int wolfSSL_dtls_import_internal(WOLFSSL* ssl, const byte* buf,
|
||||
word32 sz);
|
||||
WOLFSSL_LOCAL int wolfSSL_dtls_export_internal(WOLFSSL* ssl, byte* buf,
|
||||
word32 sz);
|
||||
WOLFSSL_LOCAL int wolfSSL_dtls_export_state_internal(WOLFSSL* ssl,
|
||||
byte* buf, word32 sz);
|
||||
WOLFSSL_LOCAL int wolfSSL_dtls_import_state_internal(WOLFSSL* ssl,
|
||||
byte* buf, word32 sz);
|
||||
const byte* buf, word32 sz);
|
||||
WOLFSSL_LOCAL int wolfSSL_send_session(WOLFSSL* ssl);
|
||||
#endif
|
||||
#endif
|
||||
|
@ -1657,6 +1669,10 @@ WOLFSSL_LOCAL int InitSSL_Side(WOLFSSL* ssl, word16 side);
|
|||
/* for sniffer */
|
||||
WOLFSSL_LOCAL int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
word32 size, word32 totalSz, int sniff);
|
||||
#ifdef WOLFSSL_TLS13
|
||||
WOLFSSL_LOCAL int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
word32 size, word32 totalSz, int sniff);
|
||||
#endif
|
||||
WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx);
|
||||
/* TLS v1.3 needs these */
|
||||
WOLFSSL_LOCAL int HandleTlsResumption(WOLFSSL* ssl, int bogusID,
|
||||
|
@ -1688,16 +1704,15 @@ WOLFSSL_LOCAL void FreeSuites(WOLFSSL* ssl);
|
|||
WOLFSSL_LOCAL int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 size);
|
||||
WOLFSSL_LOCAL int MatchDomainName(const char* pattern, int len, const char* str);
|
||||
#ifndef NO_CERTS
|
||||
WOLFSSL_LOCAL int CheckAltNames(DecodedCert* dCert, char* domain);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_LOCAL int CheckIPAddr(DecodedCert* dCert, char* ipasc);
|
||||
#endif
|
||||
WOLFSSL_LOCAL int CheckForAltNames(DecodedCert* dCert, const char* domain, int* checkCN);
|
||||
WOLFSSL_LOCAL int CheckIPAddr(DecodedCert* dCert, const char* ipasc);
|
||||
#endif
|
||||
WOLFSSL_LOCAL int CreateTicket(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz);
|
||||
WOLFSSL_LOCAL int HashRaw(WOLFSSL* ssl, const byte* output, int sz);
|
||||
WOLFSSL_LOCAL int HashOutput(WOLFSSL* ssl, const byte* output, int sz,
|
||||
int ivSz);
|
||||
WOLFSSL_LOCAL int HashInput(WOLFSSL* ssl, const byte* input, int sz);
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
|
||||
WOLFSSL_LOCAL int SNI_Callback(WOLFSSL* ssl);
|
||||
#endif
|
||||
|
@ -1840,11 +1855,10 @@ WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list);
|
|||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
|
||||
#define MAX_DESCRIPTION_SZ 255
|
||||
#endif
|
||||
/* wolfSSL Cipher type just points back to SSL */
|
||||
struct WOLFSSL_CIPHER {
|
||||
byte cipherSuite0;
|
||||
byte cipherSuite;
|
||||
WOLFSSL* ssl;
|
||||
const WOLFSSL* ssl;
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
|
||||
char description[MAX_DESCRIPTION_SZ];
|
||||
unsigned long offset;
|
||||
|
@ -2015,8 +2029,7 @@ WOLFSSL_LOCAL int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
|
|||
|
||||
|
||||
#ifndef NO_CERTS
|
||||
#if !defined NOCERTS &&\
|
||||
(!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
|
||||
#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
|
||||
typedef struct ProcPeerCertArgs {
|
||||
buffer* certs;
|
||||
#ifdef WOLFSSL_TLS13
|
||||
|
@ -2132,8 +2145,10 @@ typedef struct Keys {
|
|||
byte keyUpdateRespond:1; /* KeyUpdate is to be responded to. */
|
||||
#endif
|
||||
#ifdef WOLFSSL_RENESAS_TSIP_TLS
|
||||
byte tsip_client_write_MAC_secret[TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE];
|
||||
byte tsip_server_write_MAC_secret[TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE];
|
||||
|
||||
tsip_hmac_sha_key_index_t tsip_client_write_MAC_secret;
|
||||
tsip_hmac_sha_key_index_t tsip_server_write_MAC_secret;
|
||||
|
||||
#endif
|
||||
} Keys;
|
||||
|
||||
|
@ -2151,13 +2166,14 @@ typedef enum {
|
|||
TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */
|
||||
TLSX_EC_POINT_FORMATS = 0x000b,
|
||||
#if !defined(WOLFSSL_NO_SIGALG)
|
||||
TLSX_SIGNATURE_ALGORITHMS = 0x000d,
|
||||
TLSX_SIGNATURE_ALGORITHMS = 0x000d, /* HELLO_EXT_SIG_ALGO */
|
||||
#endif
|
||||
TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */
|
||||
TLSX_STATUS_REQUEST_V2 = 0x0011, /* a.k.a. OCSP stapling v2 */
|
||||
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
|
||||
TLSX_ENCRYPT_THEN_MAC = 0x0016, /* RFC 7366 */
|
||||
#endif
|
||||
TLSX_EXTENDED_MASTER_SECRET = 0x0017, /* HELLO_EXT_EXTMS */
|
||||
TLSX_QUANTUM_SAFE_HYBRID = 0x0018, /* a.k.a. QSH */
|
||||
TLSX_SESSION_TICKET = 0x0023,
|
||||
#ifdef WOLFSSL_TLS13
|
||||
|
@ -2175,12 +2191,8 @@ typedef enum {
|
|||
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
|
||||
TLSX_POST_HANDSHAKE_AUTH = 0x0031,
|
||||
#endif
|
||||
#if defined(WOLFSSL_TLS13_DRAFT_18) || defined(WOLFSSL_TLS13_DRAFT_22)
|
||||
TLSX_KEY_SHARE = 0x0028,
|
||||
#else
|
||||
TLSX_SIGNATURE_ALGORITHMS_CERT = 0x0032,
|
||||
TLSX_KEY_SHARE = 0x0033,
|
||||
#endif
|
||||
#endif
|
||||
TLSX_RENEGOTIATION_INFO = 0xff01
|
||||
} TLSX_Type;
|
||||
|
@ -2522,7 +2534,6 @@ WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* ssl);
|
|||
|
||||
|
||||
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
|
||||
#ifndef WOLFSSL_TLS13_DRAFT_18
|
||||
/* Ticket nonce - for deriving PSK.
|
||||
* Length allowed to be: 1..255. Only support 4 bytes.
|
||||
*/
|
||||
|
@ -2530,7 +2541,6 @@ typedef struct TicketNonce {
|
|||
byte len;
|
||||
byte data[MAX_TICKET_NONCE_SZ];
|
||||
} TicketNonce;
|
||||
#endif
|
||||
|
||||
/* The PreSharedKey extension information - entry in a linked list. */
|
||||
typedef struct PreSharedKey {
|
||||
|
@ -2586,6 +2596,13 @@ enum DeriveKeyType {
|
|||
update_traffic_key
|
||||
};
|
||||
|
||||
WOLFSSL_LOCAL int DeriveEarlySecret(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int DeriveHandshakeSecret(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store);
|
||||
WOLFSSL_LOCAL int DeriveMasterSecret(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret);
|
||||
WOLFSSL_LOCAL int DeriveResumptionSecret(WOLFSSL* ssl, byte* key);
|
||||
|
||||
/* The key update request values for KeyUpdate message. */
|
||||
enum KeyUpdateRequest {
|
||||
update_not_requested,
|
||||
|
@ -2602,6 +2619,14 @@ enum SetCBIO {
|
|||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_EPHEMERAL
|
||||
typedef struct {
|
||||
int keyAlgo;
|
||||
DerBuffer* key;
|
||||
} StaticKeyExchangeInfo_t;
|
||||
#endif
|
||||
|
||||
|
||||
/* wolfSSL context type */
|
||||
struct WOLFSSL_CTX {
|
||||
WOLFSSL_METHOD* method;
|
||||
|
@ -2710,9 +2735,7 @@ struct WOLFSSL_CTX {
|
|||
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
|
||||
short minEccKeySz; /* minimum ECC key size */
|
||||
#endif
|
||||
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
|
||||
unsigned long mask; /* store SSL_OP_ flags */
|
||||
#endif
|
||||
#ifdef OPENSSL_EXTRA
|
||||
byte sessionCtx[ID_LEN]; /* app session context ID */
|
||||
word32 disabledCurves; /* curves disabled by user */
|
||||
|
@ -2755,6 +2778,7 @@ struct WOLFSSL_CTX {
|
|||
wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */
|
||||
wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */
|
||||
#endif
|
||||
void* psk_ctx;
|
||||
char server_hint[MAX_PSK_ID_LEN + NULL_TERM_LEN];
|
||||
#endif /* HAVE_SESSION_TICKET || !NO_PSK */
|
||||
#ifdef WOLFSSL_TLS13
|
||||
|
@ -2771,7 +2795,7 @@ struct WOLFSSL_CTX {
|
|||
pem_password_cb* passwd_cb;
|
||||
void* passwd_userdata;
|
||||
#endif
|
||||
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
|
||||
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_X509_STORE x509_store; /* points to ctx->cm */
|
||||
WOLFSSL_X509_STORE* x509_store_pt; /* take ownership of external store */
|
||||
byte readAhead;
|
||||
|
@ -2876,16 +2900,19 @@ struct WOLFSSL_CTX {
|
|||
#endif /* NO_RSA */
|
||||
#endif /* HAVE_PK_CALLBACKS */
|
||||
#ifdef HAVE_WOLF_EVENT
|
||||
WOLF_EVENT_QUEUE event_queue;
|
||||
WOLF_EVENT_QUEUE event_queue;
|
||||
#endif /* HAVE_WOLF_EVENT */
|
||||
#ifdef HAVE_EXT_CACHE
|
||||
WOLFSSL_SESSION*(*get_sess_cb)(WOLFSSL*, unsigned char*, int, int*);
|
||||
int (*new_sess_cb)(WOLFSSL*, WOLFSSL_SESSION*);
|
||||
void (*rem_sess_cb)(WOLFSSL_CTX*, WOLFSSL_SESSION*);
|
||||
WOLFSSL_SESSION*(*get_sess_cb)(WOLFSSL*, unsigned char*, int, int*);
|
||||
int (*new_sess_cb)(WOLFSSL*, WOLFSSL_SESSION*);
|
||||
void (*rem_sess_cb)(WOLFSSL_CTX*, WOLFSSL_SESSION*);
|
||||
#endif
|
||||
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256)
|
||||
Srp* srp; /* TLS Secure Remote Password Protocol*/
|
||||
byte* srp_password;
|
||||
Srp* srp; /* TLS Secure Remote Password Protocol*/
|
||||
byte* srp_password;
|
||||
#endif
|
||||
#ifdef WOLFSSL_STATIC_EPHEMERAL
|
||||
StaticKeyExchangeInfo_t staticKE;
|
||||
#endif
|
||||
};
|
||||
|
||||
|
@ -2950,7 +2977,6 @@ enum KeyExchangeAlgorithm {
|
|||
ecc_static_diffie_hellman_kea /* for verify suite only */
|
||||
};
|
||||
|
||||
|
||||
/* Supported Authentication Schemes */
|
||||
enum SignatureAlgorithm {
|
||||
anonymous_sa_algo = 0,
|
||||
|
@ -3009,6 +3035,13 @@ enum CipherType { aead };
|
|||
#define CIPHER_NONCE
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION)
|
||||
enum CipherSrc {
|
||||
KEYS_NOT_SET = 0,
|
||||
KEYS, /* keys from ssl->keys are loaded */
|
||||
SCR /* keys from ssl->secure_renegotiation->tmp_keys are loaded */
|
||||
};
|
||||
#endif
|
||||
|
||||
/* cipher for now */
|
||||
typedef struct Ciphers {
|
||||
|
@ -3048,6 +3081,10 @@ typedef struct Ciphers {
|
|||
#endif
|
||||
byte state;
|
||||
byte setup; /* have we set it up flag for detection */
|
||||
#if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION)
|
||||
enum CipherSrc src; /* DTLS uses this to determine which keys
|
||||
* are currently loaded */
|
||||
#endif
|
||||
} Ciphers;
|
||||
|
||||
|
||||
|
@ -3149,6 +3186,8 @@ struct WOLFSSL_SESSION {
|
|||
#ifdef OPENSSL_EXTRA
|
||||
byte sessionCtxSz; /* sessionCtx length */
|
||||
byte sessionCtx[ID_LEN]; /* app specific context id */
|
||||
wolfSSL_Mutex refMutex; /* ref count mutex */
|
||||
int refCount; /* reference count */
|
||||
#endif
|
||||
#ifdef WOLFSSL_TLS13
|
||||
word16 namedGroup;
|
||||
|
@ -3157,9 +3196,7 @@ struct WOLFSSL_SESSION {
|
|||
#ifdef WOLFSSL_TLS13
|
||||
word32 ticketSeen; /* Time ticket seen (ms) */
|
||||
word32 ticketAdd; /* Added by client */
|
||||
#ifndef WOLFSSL_TLS13_DRAFT_18
|
||||
TicketNonce ticketNonce; /* Nonce used to derive PSK */
|
||||
#endif
|
||||
#endif
|
||||
#ifdef WOLFSSL_EARLY_DATA
|
||||
word32 maxEarlyDataSz;
|
||||
|
@ -3171,7 +3208,7 @@ struct WOLFSSL_SESSION {
|
|||
byte staticTicket[SESSION_TICKET_LEN];
|
||||
byte isDynamic;
|
||||
#endif
|
||||
#ifdef HAVE_EXT_CACHE
|
||||
#if defined(HAVE_EXT_CACHE) || defined(OPENSSL_EXTRA)
|
||||
byte isAlloced;
|
||||
#endif
|
||||
#ifdef HAVE_EX_DATA
|
||||
|
@ -3185,7 +3222,7 @@ WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte);
|
|||
WOLFSSL_LOCAL
|
||||
int SetSession(WOLFSSL*, WOLFSSL_SESSION*);
|
||||
|
||||
typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int);
|
||||
typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int, int);
|
||||
|
||||
#ifndef NO_CLIENT_CACHE
|
||||
WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int);
|
||||
|
@ -3346,8 +3383,9 @@ typedef struct Options {
|
|||
wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */
|
||||
wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */
|
||||
#endif
|
||||
void* psk_ctx;
|
||||
#endif /* NO_PSK */
|
||||
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
|
||||
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(WOLFSSL_WPAS_SMALL)
|
||||
unsigned long mask; /* store SSL_OP_ flags */
|
||||
#endif
|
||||
|
||||
|
@ -3587,15 +3625,15 @@ struct WOLFSSL_X509_NAME {
|
|||
char staticName[ASN_NAME_MAX];
|
||||
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
|
||||
!defined(NO_ASN)
|
||||
DecodedName fullName;
|
||||
WOLFSSL_X509_NAME_ENTRY cnEntry;
|
||||
WOLFSSL_X509_NAME_ENTRY extra[MAX_NAME_ENTRIES]; /* extra entries added */
|
||||
int entrySz; /* number of entries */
|
||||
WOLFSSL_X509_NAME_ENTRY entry[MAX_NAME_ENTRIES]; /* all entries i.e. CN */
|
||||
WOLFSSL_X509* x509; /* x509 that struct belongs to */
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
|
||||
byte raw[ASN_NAME_MAX];
|
||||
int rawLen;
|
||||
#endif
|
||||
void* heap;
|
||||
};
|
||||
|
||||
#ifndef EXTERNAL_SERIAL_SIZE
|
||||
|
@ -3626,7 +3664,7 @@ struct WOLFSSL_X509 {
|
|||
WOLFSSL_STACK* ext_sk; /* Store X509_EXTENSIONS from wolfSSL_X509_get_ext */
|
||||
WOLFSSL_STACK* ext_d2i;/* Store d2i extensions from wolfSSL_X509_get_ext_d2i */
|
||||
#endif /* WOLFSSL_QT || OPENSSL_ALL */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_ASN1_INTEGER* serialNumber; /* Stores SN from wolfSSL_X509_get_serialNumber */
|
||||
#endif
|
||||
WOLFSSL_ASN1_TIME notBefore;
|
||||
|
@ -3741,6 +3779,7 @@ typedef struct DtlsMsg {
|
|||
byte* msg;
|
||||
DtlsFrag* fragList;
|
||||
word32 fragSz; /* Length of fragments received */
|
||||
word16 epoch; /* Epoch that this message belongs to */
|
||||
word32 seq; /* Handshake sequence number */
|
||||
word32 sz; /* Length of whole message */
|
||||
byte type;
|
||||
|
@ -3810,6 +3849,20 @@ typedef struct HS_Hashes {
|
|||
} HS_Hashes;
|
||||
|
||||
|
||||
#ifndef WOLFSSL_NO_TLS12
|
||||
/* Persistable BuildMessage arguments */
|
||||
typedef struct BuildMsgArgs {
|
||||
word32 digestSz;
|
||||
word32 sz;
|
||||
word32 pad;
|
||||
word32 idx;
|
||||
word32 headerSz;
|
||||
word16 size;
|
||||
word32 ivSz; /* TLSv1.1 IV */
|
||||
byte* iv;
|
||||
} BuildMsgArgs;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
#define MAX_ASYNC_ARGS 18
|
||||
typedef void (*FreeArgsCb)(struct WOLFSSL* ssl, void* pArgs);
|
||||
|
@ -3818,6 +3871,7 @@ typedef struct HS_Hashes {
|
|||
WC_ASYNC_DEV* dev;
|
||||
FreeArgsCb freeArgs; /* function pointer to cleanup args */
|
||||
word32 args[MAX_ASYNC_ARGS]; /* holder for current args */
|
||||
BuildMsgArgs buildArgs; /* holder for current BuildMessage args */
|
||||
};
|
||||
#endif
|
||||
|
||||
|
@ -3971,11 +4025,9 @@ struct WOLFSSL {
|
|||
#endif
|
||||
word16 pssAlgo;
|
||||
#ifdef WOLFSSL_TLS13
|
||||
#if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22)
|
||||
word16 certHashSigAlgoSz; /* SigAlgoCert ext length in bytes */
|
||||
byte certHashSigAlgo[WOLFSSL_MAX_SIGALGO]; /* cert sig/algo to
|
||||
* offer */
|
||||
#endif /* !WOLFSSL_TLS13_DRAFT_18 && !WOLFSSL_TLS13_DRAFT_22 */
|
||||
#endif
|
||||
#ifdef HAVE_NTRU
|
||||
word16 peerNtruKeyLen;
|
||||
|
@ -4115,6 +4167,8 @@ struct WOLFSSL {
|
|||
#endif /* HAVE_TLS_EXTENSIONS */
|
||||
#ifdef HAVE_OCSP
|
||||
void* ocspIOCtx;
|
||||
byte ocspProducedDate[MAX_DATE_SZ];
|
||||
int ocspProducedDateFormat;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
byte* ocspResp;
|
||||
int ocspRespSz;
|
||||
|
@ -4202,6 +4256,9 @@ struct WOLFSSL {
|
|||
WOLFSSL_STACK* supportedCiphers; /* Used in wolfSSL_get_ciphers_compat */
|
||||
WOLFSSL_STACK* peerCertChain; /* Used in wolfSSL_get_peer_cert_chain */
|
||||
#endif
|
||||
#ifdef WOLFSSL_STATIC_EPHEMERAL
|
||||
StaticKeyExchangeInfo_t staticKE;
|
||||
#endif
|
||||
};
|
||||
|
||||
|
||||
|
@ -4221,10 +4278,8 @@ WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */
|
|||
int type, WOLFSSL* ssl, int userChain,
|
||||
WOLFSSL_CRL* crl, int verify);
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_LOCAL int CheckHostName(DecodedCert* dCert, char *domainName,
|
||||
WOLFSSL_LOCAL int CheckHostName(DecodedCert* dCert, const char *domainName,
|
||||
size_t domainNameLen);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
|
@ -4333,12 +4388,8 @@ WOLFSSL_LOCAL int SendTicket(WOLFSSL*);
|
|||
WOLFSSL_LOCAL int DoClientTicket(WOLFSSL*, const byte*, word32);
|
||||
WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int);
|
||||
#ifdef WOLFSSL_TLS13
|
||||
#ifdef WOLFSSL_TLS13_DRAFT_18
|
||||
WOLFSSL_LOCAL int SendTls13HelloRetryRequest(WOLFSSL*);
|
||||
#else
|
||||
WOLFSSL_LOCAL int SendTls13ServerHello(WOLFSSL*, byte);
|
||||
#endif
|
||||
#endif
|
||||
WOLFSSL_LOCAL int SendCertificate(WOLFSSL*);
|
||||
WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*);
|
||||
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
||||
|
@ -4464,7 +4515,7 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
|
|||
WOLFSSL_LOCAL int MakeTlsMasterSecret(WOLFSSL*);
|
||||
#ifndef WOLFSSL_AEAD_ONLY
|
||||
WOLFSSL_LOCAL int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in,
|
||||
word32 sz, int padSz, int content, int verify);
|
||||
word32 sz, int padSz, int content, int verify, int epochOrder);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
@ -4486,24 +4537,30 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
|
|||
WOLFSSL_LOCAL DtlsMsg* DtlsMsgNew(word32, void*);
|
||||
WOLFSSL_LOCAL void DtlsMsgDelete(DtlsMsg*, void*);
|
||||
WOLFSSL_LOCAL void DtlsMsgListDelete(DtlsMsg*, void*);
|
||||
WOLFSSL_LOCAL int DtlsMsgSet(DtlsMsg*, word32, const byte*, byte,
|
||||
WOLFSSL_LOCAL void DtlsTxMsgListClean(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int DtlsMsgSet(DtlsMsg*, word32, word16, const byte*, byte,
|
||||
word32, word32, void*);
|
||||
WOLFSSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32);
|
||||
WOLFSSL_LOCAL void DtlsMsgStore(WOLFSSL*, word32, const byte*, word32,
|
||||
WOLFSSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32, word32);
|
||||
WOLFSSL_LOCAL void DtlsMsgStore(WOLFSSL*, word32, word32, const byte*, word32,
|
||||
byte, word32, word32, void*);
|
||||
WOLFSSL_LOCAL DtlsMsg* DtlsMsgInsert(DtlsMsg*, DtlsMsg*);
|
||||
|
||||
WOLFSSL_LOCAL int DtlsMsgPoolSave(WOLFSSL*, const byte*, word32);
|
||||
WOLFSSL_LOCAL int DtlsMsgPoolSave(WOLFSSL*, const byte*, word32, enum HandShakeType);
|
||||
WOLFSSL_LOCAL int DtlsMsgPoolTimeout(WOLFSSL*);
|
||||
WOLFSSL_LOCAL int VerifyForDtlsMsgPoolSend(WOLFSSL*, byte, word32);
|
||||
WOLFSSL_LOCAL int VerifyForTxDtlsMsgDelete(WOLFSSL* ssl, DtlsMsg* head);
|
||||
WOLFSSL_LOCAL void DtlsMsgPoolReset(WOLFSSL*);
|
||||
WOLFSSL_LOCAL int DtlsMsgPoolSend(WOLFSSL*, int);
|
||||
#endif /* WOLFSSL_DTLS */
|
||||
|
||||
#ifndef NO_TLS
|
||||
#if defined(HAVE_SECURE_RENEGOTIATION) && defined(WOLFSSL_DTLS)
|
||||
WOLFSSL_LOCAL int DtlsSCRKeysSet(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int IsDtlsMsgSCRKeys(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int DtlsUseSCRKeys(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int DtlsCheckOrder(WOLFSSL* ssl, int order);
|
||||
#endif
|
||||
|
||||
|
||||
#endif /* NO_TLS */
|
||||
WOLFSSL_LOCAL void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out);
|
||||
|
||||
#if defined(WOLFSSL_TLS13) && (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK))
|
||||
WOLFSSL_LOCAL word32 TimeNowInMilliseconds(void);
|
||||
|
@ -4511,8 +4568,8 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
|
|||
WOLFSSL_LOCAL word32 LowResTimer(void);
|
||||
|
||||
#ifndef NO_CERTS
|
||||
WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int);
|
||||
WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap);
|
||||
WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int, void*);
|
||||
WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name);
|
||||
WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int, void* heap);
|
||||
WOLFSSL_LOCAL void FreeX509(WOLFSSL_X509*);
|
||||
WOLFSSL_LOCAL int CopyDecodedToX509(WOLFSSL_X509*, DecodedCert*);
|
||||
|
@ -4598,9 +4655,13 @@ WOLFSSL_LOCAL int SetDhExternal(WOLFSSL_DH *dh);
|
|||
WOLFSSL_LOCAL int InitHandshakeHashes(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL void FreeHandshakeHashes(WOLFSSL* ssl);
|
||||
|
||||
|
||||
#ifndef WOLFSSL_NO_TLS12
|
||||
WOLFSSL_LOCAL void FreeBuildMsgArgs(WOLFSSL* ssl, BuildMsgArgs* args);
|
||||
#endif
|
||||
WOLFSSL_LOCAL int BuildMessage(WOLFSSL* ssl, byte* output, int outSz,
|
||||
const byte* input, int inSz, int type, int hashOutput,
|
||||
int sizeOnly, int asyncOkay);
|
||||
int sizeOnly, int asyncOkay, int epochOrder);
|
||||
|
||||
#ifdef WOLFSSL_TLS13
|
||||
int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
|
||||
|
|
Binary file not shown.
|
@ -69,6 +69,7 @@
|
|||
#define V_ASN1_OBJECT 6
|
||||
#define V_ASN1_UTCTIME 23
|
||||
#define V_ASN1_GENERALIZEDTIME 24
|
||||
#define V_ASN1_PRINTABLESTRING 19
|
||||
|
||||
#define ASN1_STRING_FLAG_BITS_LEFT 0x008
|
||||
#define ASN1_STRING_FLAG_NDEF 0x010
|
||||
|
@ -107,7 +108,7 @@ typedef enum {
|
|||
} WOLFSSL_ASN1_TYPES;
|
||||
|
||||
#define ASN1_SEQUENCE(type) \
|
||||
static const type __##type##_dummy_struct;\
|
||||
static type __##type##_dummy_struct;\
|
||||
static const WOLFSSL_ASN1_TEMPLATE type##_member_data[]
|
||||
|
||||
#define ASN1_SIMPLE(type, member, member_type) \
|
||||
|
|
|
@ -33,11 +33,11 @@
|
|||
#endif
|
||||
|
||||
|
||||
#define BIO_FLAG_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL
|
||||
#define BIO_FLAG_READ WOLFSSL_BIO_FLAG_READ
|
||||
#define BIO_FLAG_WRITE WOLFSSL_BIO_FLAG_WRITE
|
||||
#define BIO_FLAG_IO_SPECIAL WOLFSSL_BIO_FLAG_IO_SPECIAL
|
||||
#define BIO_FLAG_RETRY WOLFSSL_BIO_FLAG_RETRY
|
||||
#define BIO_FLAGS_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL
|
||||
#define BIO_FLAGS_READ WOLFSSL_BIO_FLAG_READ
|
||||
#define BIO_FLAGS_WRITE WOLFSSL_BIO_FLAG_WRITE
|
||||
#define BIO_FLAGS_IO_SPECIAL WOLFSSL_BIO_FLAG_IO_SPECIAL
|
||||
#define BIO_FLAGS_SHOULD_RETRY WOLFSSL_BIO_FLAG_RETRY
|
||||
|
||||
#define BIO_new_fp wolfSSL_BIO_new_fp
|
||||
#define BIO_new_file wolfSSL_BIO_new_file
|
||||
|
|
|
@ -80,6 +80,8 @@ WOLFSSL_API int wolfSSL_DSA_do_verify(const unsigned char* d,
|
|||
unsigned char* sig,
|
||||
WOLFSSL_DSA* dsa, int *dsacheck);
|
||||
|
||||
WOLFSSL_API int wolfSSL_DSA_bits(const WOLFSSL_DSA *d);
|
||||
|
||||
WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_SIG_new(void);
|
||||
WOLFSSL_API void wolfSSL_DSA_SIG_free(WOLFSSL_DSA_SIG *sig);
|
||||
WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_do_sign_ex(const unsigned char* digest,
|
||||
|
|
|
@ -148,12 +148,21 @@ int wolfSSL_EC_POINT_oct2point(const WOLFSSL_EC_GROUP *group,
|
|||
WOLFSSL_API
|
||||
int wolfSSL_i2o_ECPublicKey(const WOLFSSL_EC_KEY *in, unsigned char **out);
|
||||
WOLFSSL_API
|
||||
WOLFSSL_EC_KEY *wolfSSL_d2i_ECPrivateKey(WOLFSSL_EC_KEY **key, const unsigned char **in,
|
||||
long len);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_i2d_ECPrivateKey(const WOLFSSL_EC_KEY *in, unsigned char **out);
|
||||
WOLFSSL_API
|
||||
void wolfSSL_EC_KEY_set_conv_form(WOLFSSL_EC_KEY *eckey, char form);
|
||||
WOLFSSL_API
|
||||
WOLFSSL_BIGNUM *wolfSSL_EC_POINT_point2bn(const WOLFSSL_EC_GROUP *group,
|
||||
const WOLFSSL_EC_POINT *p,
|
||||
char form,
|
||||
WOLFSSL_BIGNUM *in, WOLFSSL_BN_CTX *ctx);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EC_POINT_is_on_curve(const WOLFSSL_EC_GROUP *group,
|
||||
const WOLFSSL_EC_POINT *point,
|
||||
WOLFSSL_BN_CTX *ctx);
|
||||
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EC_KEY_LoadDer(WOLFSSL_EC_KEY* key,
|
||||
|
@ -198,6 +207,8 @@ WOLFSSL_API
|
|||
int wolfSSL_EC_GROUP_cmp(const WOLFSSL_EC_GROUP *a, const WOLFSSL_EC_GROUP *b,
|
||||
WOLFSSL_BN_CTX *ctx);
|
||||
WOLFSSL_API
|
||||
WOLFSSL_EC_GROUP *wolfSSL_EC_GROUP_dup(const WOLFSSL_EC_GROUP *src);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EC_GROUP_get_curve_name(const WOLFSSL_EC_GROUP *group);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EC_GROUP_get_degree(const WOLFSSL_EC_GROUP *group);
|
||||
|
@ -228,11 +239,18 @@ int wolfSSL_EC_POINT_set_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
|
|||
const WOLFSSL_BIGNUM *y,
|
||||
WOLFSSL_BN_CTX *ctx);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EC_POINT_add(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
|
||||
const WOLFSSL_EC_POINT *p1,
|
||||
const WOLFSSL_EC_POINT *p2, WOLFSSL_BN_CTX *ctx);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
|
||||
const WOLFSSL_BIGNUM *n,
|
||||
const WOLFSSL_EC_POINT *q, const WOLFSSL_BIGNUM *m,
|
||||
WOLFSSL_BN_CTX *ctx);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EC_POINT_invert(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *a,
|
||||
WOLFSSL_BN_CTX *ctx);
|
||||
WOLFSSL_API
|
||||
void wolfSSL_EC_POINT_clear_free(WOLFSSL_EC_POINT *point);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EC_POINT_cmp(const WOLFSSL_EC_GROUP *group,
|
||||
|
@ -277,6 +295,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
|
|||
#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
|
||||
#define EC_GROUP_new_by_curve_name wolfSSL_EC_GROUP_new_by_curve_name
|
||||
#define EC_GROUP_cmp wolfSSL_EC_GROUP_cmp
|
||||
#define EC_GROUP_dup wolfSSL_EC_GROUP_dup
|
||||
#define EC_GROUP_get_curve_name wolfSSL_EC_GROUP_get_curve_name
|
||||
#define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree
|
||||
#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
|
||||
|
@ -291,7 +310,9 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
|
|||
wolfSSL_EC_POINT_get_affine_coordinates_GFp
|
||||
#define EC_POINT_set_affine_coordinates_GFp \
|
||||
wolfSSL_EC_POINT_set_affine_coordinates_GFp
|
||||
#define EC_POINT_add wolfSSL_EC_POINT_add
|
||||
#define EC_POINT_mul wolfSSL_EC_POINT_mul
|
||||
#define EC_POINT_invert wolfSSL_EC_POINT_invert
|
||||
#define EC_POINT_clear_free wolfSSL_EC_POINT_clear_free
|
||||
#define EC_POINT_cmp wolfSSL_EC_POINT_cmp
|
||||
#define EC_POINT_copy wolfSSL_EC_POINT_copy
|
||||
|
@ -304,7 +325,11 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
|
|||
#define EC_POINT_point2oct wolfSSL_EC_POINT_point2oct
|
||||
#define EC_POINT_oct2point wolfSSL_EC_POINT_oct2point
|
||||
#define EC_POINT_point2bn wolfSSL_EC_POINT_point2bn
|
||||
#define EC_POINT_is_on_curve wolfSSL_EC_POINT_is_on_curve
|
||||
#define i2o_ECPublicKey wolfSSL_i2o_ECPublicKey
|
||||
#define i2d_EC_PUBKEY wolfSSL_i2o_ECPublicKey
|
||||
#define d2i_ECPrivateKey wolfSSL_d2i_ECPrivateKey
|
||||
#define i2d_ECPrivateKey wolfSSL_i2d_ECPrivateKey
|
||||
#define EC_KEY_set_conv_form wolfSSL_EC_KEY_set_conv_form
|
||||
|
||||
#ifndef HAVE_SELFTEST
|
||||
|
|
|
@ -354,11 +354,13 @@ struct WOLFSSL_EVP_CIPHER_CTX {
|
|||
#define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
|
||||
int ivSz;
|
||||
#ifdef HAVE_AESGCM
|
||||
byte* gcmDecryptBuffer;
|
||||
int gcmDecryptBufferLen;
|
||||
#endif
|
||||
byte* gcmBuffer;
|
||||
int gcmBufferLen;
|
||||
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];
|
||||
int authTagSz;
|
||||
byte* gcmAuthIn;
|
||||
int gcmAuthInSz;
|
||||
#endif
|
||||
#endif
|
||||
};
|
||||
|
||||
|
@ -521,6 +523,7 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey,
|
|||
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key);
|
||||
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get0_RSA(struct WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get0_DSA(struct WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
|
||||
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
|
||||
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get0_EC_KEY(WOLFSSL_EVP_PKEY *pkey);
|
||||
|
|
|
@ -72,6 +72,7 @@ WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,
|
|||
WOLFSSL_API int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
|
||||
unsigned int* len);
|
||||
WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx);
|
||||
WOLFSSL_API void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx);
|
||||
WOLFSSL_API void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx);
|
||||
WOLFSSL_API size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx);
|
||||
|
||||
|
@ -83,6 +84,7 @@ typedef struct WOLFSSL_HMAC_CTX HMAC_CTX;
|
|||
#define HMAC_CTX_init wolfSSL_HMAC_CTX_Init
|
||||
#define HMAC_CTX_copy wolfSSL_HMAC_CTX_copy
|
||||
#define HMAC_CTX_free wolfSSL_HMAC_CTX_free
|
||||
#define HMAC_CTX_cleanup wolfSSL_HMAC_CTX_cleanup
|
||||
#define HMAC_CTX_reset wolfSSL_HMAC_cleanup
|
||||
#define HMAC_Init_ex wolfSSL_HMAC_Init_ex
|
||||
#define HMAC_Init wolfSSL_HMAC_Init
|
||||
|
|
|
@ -79,6 +79,7 @@ typedef WOLFSSL_X509_NAME X509_NAME;
|
|||
typedef WOLFSSL_X509_INFO X509_INFO;
|
||||
typedef WOLFSSL_X509_CHAIN X509_CHAIN;
|
||||
|
||||
/* STACK_OF(ASN1_OBJECT) */
|
||||
typedef WOLFSSL_STACK EXTENDED_KEY_USAGE;
|
||||
|
||||
|
||||
|
@ -151,6 +152,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define CRYPTO_cleanup_all_ex_data wolfSSL_cleanup_all_ex_data
|
||||
#define set_ex_data wolfSSL_CRYPTO_set_ex_data
|
||||
#define get_ex_data wolfSSL_CRYPTO_get_ex_data
|
||||
#define CRYPTO_memcmp wolfSSL_CRYPTO_memcmp
|
||||
|
||||
/* this function was used to set the default malloc, free, and realloc */
|
||||
#define CRYPTO_malloc_init() 0 /* CRYPTO_malloc_init is not needed */
|
||||
|
@ -174,14 +176,15 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1
|
||||
#define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio
|
||||
#define d2i_PKCS8PrivateKey_bio wolfSSL_d2i_PKCS8PrivateKey_bio
|
||||
#define i2d_PKCS8PrivateKey_bio wolfSSL_PEM_write_bio_PKCS8PrivateKey
|
||||
#define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free
|
||||
#define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp
|
||||
|
||||
#define i2d_PUBKEY wolfSSL_i2d_PUBKEY
|
||||
#define d2i_PUBKEY wolfSSL_d2i_PUBKEY
|
||||
#define d2i_PUBKEY_bio wolfSSL_d2i_PUBKEY_bio
|
||||
#define d2i_PrivateKey wolfSSL_d2i_PrivateKey
|
||||
#define d2i_AutoPrivateKey wolfSSL_d2i_AutoPrivateKey
|
||||
#define i2d_PrivateKey wolfSSL_i2d_PrivateKey
|
||||
#define SSL_use_PrivateKey wolfSSL_use_PrivateKey
|
||||
#define SSL_use_PrivateKey_ASN1 wolfSSL_use_PrivateKey_ASN1
|
||||
#define SSL_use_RSAPrivateKey_ASN1 wolfSSL_use_RSAPrivateKey_ASN1
|
||||
|
@ -301,6 +304,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define SSL_set_connect_state wolfSSL_set_connect_state
|
||||
#define SSL_set_accept_state wolfSSL_set_accept_state
|
||||
#define SSL_session_reused wolfSSL_session_reused
|
||||
#define SSL_SESSION_up_ref wolfSSL_SESSION_up_ref
|
||||
#define SSL_SESSION_dup wolfSSL_SESSION_dup
|
||||
#define SSL_SESSION_free wolfSSL_SESSION_free
|
||||
#define SSL_is_init_finished wolfSSL_is_init_finished
|
||||
|
@ -340,8 +344,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
|
||||
#define DSA_dup_DH wolfSSL_DSA_dup_DH
|
||||
/* wolfSSL does not support DSA as the cert public key */
|
||||
#define EVP_PKEY_get0_DSA(...) NULL
|
||||
#define DSA_bits(...) 0
|
||||
#define EVP_PKEY_get0_DSA wolfSSL_EVP_PKEY_get0_DSA
|
||||
#define DSA_bits wolfSSL_DSA_bits
|
||||
|
||||
#define i2d_X509_bio wolfSSL_i2d_X509_bio
|
||||
#define d2i_X509_bio wolfSSL_d2i_X509_bio
|
||||
|
@ -374,14 +378,19 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define X509_digest wolfSSL_X509_digest
|
||||
#define X509_get_ext_count wolfSSL_X509_get_ext_count
|
||||
#define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i
|
||||
#define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d
|
||||
#define X509_get_ext wolfSSL_X509_get_ext
|
||||
#define X509_get_ext_by_NID wolfSSL_X509_get_ext_by_NID
|
||||
#define X509_get_issuer_name wolfSSL_X509_get_issuer_name
|
||||
#define X509_issuer_name_hash wolfSSL_X509_issuer_name_hash
|
||||
#define X509_get_subject_name wolfSSL_X509_get_subject_name
|
||||
#define X509_subject_name_hash wolfSSL_X509_subject_name_hash
|
||||
#define X509_get_pubkey wolfSSL_X509_get_pubkey
|
||||
#define X509_get0_pubkey wolfSSL_X509_get_pubkey
|
||||
#define X509_get_notBefore wolfSSL_X509_get_notBefore
|
||||
#define X509_get0_notBefore wolfSSL_X509_get_notBefore
|
||||
#define X509_get_notAfter wolfSSL_X509_get_notAfter
|
||||
#define X509_get0_notAfter wolfSSL_X509_get_notAfter
|
||||
#define X509_get_serialNumber wolfSSL_X509_get_serialNumber
|
||||
#define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr
|
||||
#define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index
|
||||
|
@ -407,9 +416,11 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define X509_check_private_key wolfSSL_X509_check_private_key
|
||||
#define X509_check_ca wolfSSL_X509_check_ca
|
||||
#define X509_check_host wolfSSL_X509_check_host
|
||||
#define X509_check_ip_asc wolfSSL_X509_check_ip_asc
|
||||
#define X509_email_free wolfSSL_X509_email_free
|
||||
#define X509_check_issued wolfSSL_X509_check_issued
|
||||
#define X509_dup wolfSSL_X509_dup
|
||||
#define X509_add_ext wolfSSL_X509_add_ext
|
||||
|
||||
#define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object
|
||||
#define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data
|
||||
|
@ -422,7 +433,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define sk_X509_push wolfSSL_sk_X509_push
|
||||
#define sk_X509_pop wolfSSL_sk_X509_pop
|
||||
#define sk_X509_pop_free wolfSSL_sk_X509_pop_free
|
||||
#define sk_X509_dup wolfSSL_sk_X509_dup
|
||||
#define sk_X509_dup wolfSSL_sk_dup
|
||||
#define sk_X509_free wolfSSL_sk_X509_free
|
||||
|
||||
#define sk_X509_EXTENSION_num wolfSSL_sk_X509_EXTENSION_num
|
||||
|
@ -430,7 +441,6 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define sk_X509_EXTENSION_new_null wolfSSL_sk_X509_EXTENSION_new_null
|
||||
#define sk_X509_EXTENSION_pop_free wolfSSL_sk_X509_EXTENSION_pop_free
|
||||
#define sk_X509_EXTENSION_push wolfSSL_sk_X509_EXTENSION_push
|
||||
#define X509_EXTENSION_free wolfSSL_X509_EXTENSION_free
|
||||
|
||||
#define X509_INFO_new wolfSSL_X509_INFO_new
|
||||
#define X509_INFO_free wolfSSL_X509_INFO_free
|
||||
|
@ -444,6 +454,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define sk_X509_INFO_free wolfSSL_sk_X509_INFO_free
|
||||
|
||||
#define i2d_X509_NAME wolfSSL_i2d_X509_NAME
|
||||
#define d2i_X509_NAME wolfSSL_d2i_X509_NAME
|
||||
#define X509_NAME_new wolfSSL_X509_NAME_new
|
||||
#define X509_NAME_free wolfSSL_X509_NAME_free
|
||||
#define X509_NAME_dup wolfSSL_X509_NAME_dup
|
||||
|
@ -568,7 +579,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define sk_X509_REVOKED_value wolfSSL_sk_X509_REVOKED_value
|
||||
|
||||
#define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
|
||||
#define X509_subject_name_hash wolfSSL_X509_subject_name_hash
|
||||
|
||||
#define X509_check_purpose(...) 0
|
||||
|
||||
|
@ -661,6 +671,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define ASN1_INTEGER_to_BN wolfSSL_ASN1_INTEGER_to_BN
|
||||
|
||||
#define i2a_ASN1_OBJECT wolfSSL_i2a_ASN1_OBJECT
|
||||
#define i2d_ASN1_OBJECT wolfSSL_i2d_ASN1_OBJECT
|
||||
|
||||
#define ASN1_STRING_data wolfSSL_ASN1_STRING_data
|
||||
#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data
|
||||
|
@ -850,7 +861,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
/*#if OPENSSL_API_COMPAT < 0x10100000L*/
|
||||
#define CONF_modules_free()
|
||||
#define ENGINE_cleanup()
|
||||
#define HMAC_CTX_cleanup wolfSSL_HMAC_cleanup
|
||||
#define SSL_CTX_need_tmp_RSA(ctx) 0
|
||||
#define SSL_CTX_set_tmp_rsa(ctx,rsa) 1
|
||||
#define SSL_need_tmp_RSA(ssl) 0
|
||||
|
@ -887,14 +897,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
|
||||
#define sk_X509_NAME_find wolfSSL_sk_X509_NAME_find
|
||||
|
||||
enum {
|
||||
GEN_DNS = 0x02, /* ASN_DNS_TYPE */
|
||||
GEN_EMAIL = 0x01, /* ASN_RFC822_TYPE */
|
||||
GEN_URI = 0x06, /* ASN_URI_TYPE */
|
||||
GEN_IPADD = 0x07,
|
||||
GEN_RID = 0x08, /* Registered ID, not supported */
|
||||
};
|
||||
|
||||
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
|
||||
#define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams
|
||||
|
||||
|
@ -910,7 +912,7 @@ enum {
|
|||
#define sk_SSL_COMP_zero wolfSSL_sk_SSL_COMP_zero
|
||||
#define sk_SSL_CIPHER_value wolfSSL_sk_SSL_CIPHER_value
|
||||
#endif /* OPENSSL_ALL || WOLFSSL_HAPROXY */
|
||||
#define sk_SSL_CIPHER_dup wolfSSL_sk_SSL_CIPHER_dup
|
||||
#define sk_SSL_CIPHER_dup wolfSSL_sk_dup
|
||||
#define sk_SSL_CIPHER_free wolfSSL_sk_SSL_CIPHER_free
|
||||
#define sk_SSL_CIPHER_find wolfSSL_sk_SSL_CIPHER_find
|
||||
|
||||
|
@ -919,7 +921,6 @@ enum {
|
|||
#include <libs/libwolfssl/openssl/pem.h>
|
||||
|
||||
#define SSL_CTRL_CHAIN 88
|
||||
#define GEN_IPADD 7
|
||||
#define ERR_LIB_SSL 20
|
||||
#define SSL_R_SHORT_READ 10
|
||||
#define ERR_R_PEM_LIB 9
|
||||
|
@ -959,6 +960,7 @@ enum {
|
|||
#define SSL_num_renegotiations wolfSSL_num_renegotiations
|
||||
#define SSL_renegotiate wolfSSL_Rehandshake
|
||||
#define SSL_get_secure_renegotiation_support wolfSSL_SSL_get_secure_renegotiation_support
|
||||
#define SSL_renegotiate_pending wolfSSL_SSL_renegotiate_pending
|
||||
#define SSL_set_tlsext_debug_arg wolfSSL_set_tlsext_debug_arg
|
||||
#define SSL_set_tlsext_status_type wolfSSL_set_tlsext_status_type
|
||||
#define SSL_set_tlsext_status_exts wolfSSL_set_tlsext_status_exts
|
||||
|
@ -1227,7 +1229,7 @@ enum {
|
|||
#define X509_OBJECT_free wolfSSL_X509_OBJECT_free
|
||||
#define X509_OBJECT_get_type(x) 0
|
||||
|
||||
#define OpenSSL_version(x) wolfSSL_lib_version()
|
||||
#define OpenSSL_version(x) wolfSSL_OpenSSL_version()
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
|
|
@ -28,6 +28,8 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#include <libs/libwolfssl/openssl/conf.h>
|
||||
|
||||
typedef void (*wolfSSL_sk_freefunc)(void *);
|
||||
|
||||
WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc);
|
||||
|
|
|
@ -40,6 +40,7 @@
|
|||
/* Forward reference */
|
||||
|
||||
typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
|
||||
typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
|
||||
typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) (
|
||||
struct WOLFSSL_v3_ext_method *method,
|
||||
void *ext, STACK_OF(CONF_VALUE) *extlist);
|
||||
|
@ -53,6 +54,7 @@ struct WOLFSSL_v3_ext_method {
|
|||
int ext_flags;
|
||||
void *usr_data;
|
||||
X509V3_EXT_D2I d2i;
|
||||
X509V3_EXT_I2D i2d;
|
||||
X509V3_EXT_I2V i2v;
|
||||
X509V3_EXT_I2S i2s;
|
||||
X509V3_EXT_I2R i2r;
|
||||
|
@ -61,7 +63,7 @@ struct WOLFSSL_v3_ext_method {
|
|||
struct WOLFSSL_X509_EXTENSION {
|
||||
WOLFSSL_ASN1_OBJECT *obj;
|
||||
WOLFSSL_ASN1_BOOLEAN crit;
|
||||
WOLFSSL_ASN1_STRING value;
|
||||
ASN1_OCTET_STRING value; /* DER format of extension */
|
||||
WOLFSSL_v3_ext_method ext_method;
|
||||
WOLFSSL_STACK* ext_sk; /* For extension specific data */
|
||||
};
|
||||
|
@ -86,7 +88,9 @@ typedef struct WOLFSSL_BASIC_CONSTRAINTS BASIC_CONSTRAINTS;
|
|||
typedef struct WOLFSSL_ACCESS_DESCRIPTION ACCESS_DESCRIPTION;
|
||||
typedef WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION) WOLFSSL_AUTHORITY_INFO_ACCESS;
|
||||
|
||||
WOLFSSL_API WOLFSSL_BASIC_CONSTRAINTS* wolfSSL_BASIC_CONSTRAINTS_new(void);
|
||||
WOLFSSL_API void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc);
|
||||
WOLFSSL_API WOLFSSL_AUTHORITY_KEYID* wolfSSL_AUTHORITY_KEYID_new(void);
|
||||
WOLFSSL_API void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id);
|
||||
WOLFSSL_API const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(
|
||||
WOLFSSL_X509_EXTENSION* ex);
|
||||
|
|
|
@ -49,12 +49,49 @@ SSL_SNIFFER_API int ssl_SetPrivateKey(const char* address, int port,
|
|||
const char* keyFile, int typeK,
|
||||
const char* password, char* error);
|
||||
|
||||
WOLFSSL_API
|
||||
SSL_SNIFFER_API int ssl_SetPrivateKeyBuffer(const char* address, int port,
|
||||
const char* keyBuf, int keySz,
|
||||
int typeK, const char* password,
|
||||
char* error);
|
||||
|
||||
|
||||
WOLFSSL_API
|
||||
SSL_SNIFFER_API int ssl_SetNamedPrivateKey(const char* name,
|
||||
const char* address, int port,
|
||||
const char* keyFile, int typeK,
|
||||
const char* password, char* error);
|
||||
|
||||
WOLFSSL_API
|
||||
SSL_SNIFFER_API int ssl_SetNamedPrivateKeyBuffer(const char* name,
|
||||
const char* address, int port,
|
||||
const char* keyBuf, int keySz,
|
||||
int typeK, const char* password,
|
||||
char* error);
|
||||
|
||||
WOLFSSL_API
|
||||
SSL_SNIFFER_API int ssl_SetEphemeralKey(const char* address, int port,
|
||||
const char* keyFile, int typeKey,
|
||||
const char* password, char* error);
|
||||
|
||||
WOLFSSL_API
|
||||
SSL_SNIFFER_API int ssl_SetEphemeralKeyBuffer(const char* address, int port,
|
||||
const char* keyBuf, int keySz, int typeKey,
|
||||
const char* password, char* error);
|
||||
|
||||
|
||||
WOLFSSL_API
|
||||
SSL_SNIFFER_API int ssl_SetNamedEphemeralKey(const char* name,
|
||||
const char* address, int port,
|
||||
const char* keyFile, int typeKey,
|
||||
const char* password, char* error);
|
||||
|
||||
WOLFSSL_API
|
||||
SSL_SNIFFER_API int ssl_SetNamedEphemeralKeyBuffer(const char* name,
|
||||
const char* address, int port,
|
||||
const char* keyBuf, int keySz, int typeKey,
|
||||
const char* password, char* error);
|
||||
|
||||
WOLFSSL_API
|
||||
SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
|
||||
unsigned char** data, char* error);
|
||||
|
|
|
@ -130,6 +130,7 @@
|
|||
#define NO_DATA_DEST_STR 91
|
||||
#define STORE_DATA_FAIL_STR 92
|
||||
#define CHAIN_INPUT_STR 93
|
||||
#define GOT_ENC_EXT_STR 94
|
||||
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
|
||||
|
||||
|
||||
|
|
|
@ -191,7 +191,7 @@ typedef struct WOLFSSL_AUTHORITY_KEYID WOLFSSL_AUTHORITY_KEYID;
|
|||
typedef struct WOLFSSL_BASIC_CONSTRAINTS WOLFSSL_BASIC_CONSTRAINTS;
|
||||
typedef struct WOLFSSL_ACCESS_DESCRIPTION WOLFSSL_ACCESS_DESCRIPTION;
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
|
||||
struct WOLFSSL_AUTHORITY_KEYID {
|
||||
WOLFSSL_ASN1_STRING *keyid;
|
||||
|
@ -274,7 +274,8 @@ struct WOLFSSL_ASN1_OBJECT {
|
|||
int ca;
|
||||
WOLFSSL_ASN1_INTEGER *pathlen;
|
||||
#endif
|
||||
unsigned char dynamic; /* if 1 then obj was dynamically created, 0 otherwise */
|
||||
unsigned char dynamic; /* Use WOLFSSL_ASN1_DYNAMIC and WOLFSSL_ASN1_DYNAMIC_DATA
|
||||
* to determine what needs to be freed. */
|
||||
|
||||
#if defined(WOLFSSL_APACHE_HTTPD)
|
||||
WOLFSSL_GENERAL_NAME* gn;
|
||||
|
@ -506,7 +507,7 @@ struct WOLFSSL_X509_STORE {
|
|||
int cache; /* stunnel dereference */
|
||||
WOLFSSL_CERT_MANAGER* cm;
|
||||
WOLFSSL_X509_LOOKUP lookup;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
int isDynamic;
|
||||
WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */
|
||||
#endif
|
||||
|
@ -516,15 +517,15 @@ struct WOLFSSL_X509_STORE {
|
|||
#ifdef HAVE_EX_DATA
|
||||
WOLFSSL_CRYPTO_EX_DATA ex_data;
|
||||
#endif
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL)
|
||||
WOLFSSL_X509_CRL *crl;
|
||||
#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && defined(HAVE_CRL)
|
||||
WOLFSSL_X509_CRL *crl; /* points to cm->crl */
|
||||
#endif
|
||||
};
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#define WOLFSSL_NO_WILDCARDS 0x4
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
#define WOLFSSL_USE_CHECK_TIME 0x2
|
||||
#define WOLFSSL_NO_CHECK_TIME 0x200000
|
||||
#define WOLFSSL_NO_WILDCARDS 0x4
|
||||
#define WOLFSSL_HOST_NAME_MAX 256
|
||||
#define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
|
||||
struct WOLFSSL_X509_VERIFY_PARAM {
|
||||
|
@ -534,7 +535,7 @@ struct WOLFSSL_X509_VERIFY_PARAM {
|
|||
unsigned int hostFlags;
|
||||
char ipasc[WOLFSSL_MAX_IPSTR];
|
||||
};
|
||||
#endif
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
typedef struct WOLFSSL_ALERT {
|
||||
int code;
|
||||
|
@ -709,11 +710,11 @@ WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_method(void);
|
|||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_method(void);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
|
||||
WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
|
||||
WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
|
||||
#ifdef WOLFSSL_TLS13
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_method(void);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);
|
||||
WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);
|
||||
WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_client_method(void);
|
||||
#endif
|
||||
|
||||
|
@ -742,7 +743,7 @@ typedef int (*wc_dtls_export)(WOLFSSL* ssl,
|
|||
#define WOLFSSL_DTLS_EXPORT_TYPES
|
||||
#endif /* WOLFSSL_DTLS_EXPORT_TYPES */
|
||||
|
||||
WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf,
|
||||
WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL* ssl, const unsigned char* buf,
|
||||
unsigned int sz);
|
||||
WOLFSSL_API int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx,
|
||||
wc_dtls_export func);
|
||||
|
@ -861,7 +862,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_connect(WOLFSSL*);
|
|||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_write(WOLFSSL*, const void*, int);
|
||||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_read(WOLFSSL*, void*, int);
|
||||
WOLFSSL_API int wolfSSL_peek(WOLFSSL*, void*, int);
|
||||
WOLFSSL_API int wolfSSL_accept(WOLFSSL*);
|
||||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_accept(WOLFSSL*);
|
||||
WOLFSSL_API int wolfSSL_CTX_mutual_auth(WOLFSSL_CTX* ctx, int req);
|
||||
WOLFSSL_API int wolfSSL_mutual_auth(WOLFSSL* ssl, int req);
|
||||
#ifdef WOLFSSL_TLS13
|
||||
|
@ -891,10 +892,12 @@ WOLFSSL_API int wolfSSL_accept_TLSv13(WOLFSSL*);
|
|||
WOLFSSL_API int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx,
|
||||
unsigned int sz);
|
||||
WOLFSSL_API int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
|
||||
WOLFSSL_API int wolfSSL_write_early_data(WOLFSSL*, const void*, int, int*);
|
||||
WOLFSSL_API int wolfSSL_read_early_data(WOLFSSL*, void*, int, int*);
|
||||
#endif
|
||||
#endif
|
||||
WOLFSSL_API int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data,
|
||||
int sz, int* outSz);
|
||||
WOLFSSL_API int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz,
|
||||
int* outSz);
|
||||
#endif /* WOLFSSL_EARLY_DATA */
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
WOLFSSL_ABI WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX*);
|
||||
WOLFSSL_ABI WOLFSSL_API void wolfSSL_free(WOLFSSL*);
|
||||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_shutdown(WOLFSSL*);
|
||||
|
@ -918,9 +921,11 @@ WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL*, const unsigned char*, int, int);
|
|||
WOLFSSL_API int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO**, size_t,
|
||||
WOLFSSL_BIO**, size_t);
|
||||
|
||||
WOLFSSL_API int wolfSSL_RSA_padding_add_PKCS1_PSS(WOLFSSL_RSA *rsa, unsigned char *EM,
|
||||
WOLFSSL_API int wolfSSL_RSA_padding_add_PKCS1_PSS(WOLFSSL_RSA *rsa,
|
||||
unsigned char *EM,
|
||||
const unsigned char *mHash,
|
||||
const WOLFSSL_EVP_MD *Hash, int saltLen);
|
||||
const WOLFSSL_EVP_MD *hashAlg,
|
||||
int saltLen);
|
||||
WOLFSSL_API int wolfSSL_RSA_verify_PKCS1_PSS(WOLFSSL_RSA *rsa, const unsigned char *mHash,
|
||||
const WOLFSSL_EVP_MD *hashAlg,
|
||||
const unsigned char *EM, int saltLen);
|
||||
|
@ -1082,6 +1087,7 @@ typedef int WOLFSSL_LHASH;
|
|||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_node(void* heap);
|
||||
WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void wolfSSL_sk_free_node(WOLFSSL_STACK* in);
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_dup(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API int wolfSSL_sk_push_node(WOLFSSL_STACK** stack, WOLFSSL_STACK* in);
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_get_node(WOLFSSL_STACK* sk, int idx);
|
||||
WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data);
|
||||
|
@ -1102,12 +1108,13 @@ typedef WOLF_STACK_OF(WOLFSSL_GENERAL_NAME) WOLFSSL_GENERAL_NAMES;
|
|||
WOLFSSL_API int wolfSSL_sk_X509_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk,
|
||||
WOLFSSL_X509* x509);
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_pop(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk);
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_dup(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void wolfSSL_sk_X509_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk);
|
||||
WOLFSSL_API WOLFSSL_GENERAL_NAME* wolfSSL_GENERAL_NAME_new(void);
|
||||
WOLFSSL_API void wolfSSL_GENERAL_NAME_free(WOLFSSL_GENERAL_NAME* gn);
|
||||
WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_push(WOLF_STACK_OF(WOLFSSL_GENERAL_NAME)* sk,
|
||||
WOLFSSL_GENERAL_NAME* gn);
|
||||
WOLFSSL_API WOLFSSL_GENERAL_NAMES* wolfSSL_GENERAL_NAMES_dup(
|
||||
WOLFSSL_GENERAL_NAMES* gns);
|
||||
WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_push(WOLFSSL_GENERAL_NAMES* sk,
|
||||
WOLFSSL_GENERAL_NAME* gn);
|
||||
WOLFSSL_API WOLFSSL_GENERAL_NAME* wolfSSL_sk_GENERAL_NAME_value(
|
||||
WOLFSSL_STACK* sk, int i);
|
||||
WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_num(WOLFSSL_STACK* sk);
|
||||
|
@ -1129,6 +1136,7 @@ WOLFSSL_API void wolfSSL_sk_X509_EXTENSION_pop_free(
|
|||
void (*f) (WOLFSSL_X509_EXTENSION*));
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* wolfSSL_sk_X509_EXTENSION_new_null(void);
|
||||
WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void);
|
||||
WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj);
|
||||
WOLFSSL_API void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj);
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_asn1_obj(void);
|
||||
WOLFSSL_API int wolfSSL_sk_ASN1_OBJECT_push(WOLF_STACK_OF(WOLFSSL_ASN1_OBJEXT)* sk,
|
||||
|
@ -1153,11 +1161,13 @@ WOLFSSL_API int wolfSSL_set_session_id_context(WOLFSSL*, const unsigned char*,
|
|||
WOLFSSL_API void wolfSSL_set_connect_state(WOLFSSL*);
|
||||
WOLFSSL_API void wolfSSL_set_accept_state(WOLFSSL*);
|
||||
WOLFSSL_API int wolfSSL_session_reused(WOLFSSL*);
|
||||
WOLFSSL_API int wolfSSL_SESSION_up_ref(WOLFSSL_SESSION* session);
|
||||
WOLFSSL_API WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session);
|
||||
WOLFSSL_API WOLFSSL_SESSION* wolfSSL_SESSION_new(void);
|
||||
WOLFSSL_API void wolfSSL_SESSION_free(WOLFSSL_SESSION* session);
|
||||
WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL*);
|
||||
|
||||
WOLFSSL_API const char* wolfSSL_get_version(WOLFSSL*);
|
||||
WOLFSSL_API const char* wolfSSL_get_version(const WOLFSSL*);
|
||||
WOLFSSL_API int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
|
||||
WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*);
|
||||
WOLFSSL_API char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER*, char*, int);
|
||||
|
@ -1312,6 +1322,8 @@ WOLFSSL_API void wolfSSL_X509_STORE_set_verify_cb(WOLFSSL_X509_STORE *st,
|
|||
WOLFSSL_X509_STORE_CTX_verify_cb verify_cb);
|
||||
WOLFSSL_API int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* n,
|
||||
unsigned char** out);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME *wolfSSL_d2i_X509_NAME(WOLFSSL_X509_NAME **name,
|
||||
unsigned char **in, long length);
|
||||
#ifndef NO_RSA
|
||||
WOLFSSL_API int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset);
|
||||
#endif
|
||||
|
@ -1325,8 +1337,10 @@ WOLFSSL_API char* wolfSSL_X509_get_name_oneline(WOLFSSL_X509_NAME*, char*, int);
|
|||
#endif
|
||||
WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(
|
||||
WOLFSSL_X509*);
|
||||
WOLFSSL_API unsigned long wolfSSL_X509_issuer_name_hash(const WOLFSSL_X509* x509);
|
||||
WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(
|
||||
WOLFSSL_X509*);
|
||||
WOLFSSL_API unsigned long wolfSSL_X509_subject_name_hash(const WOLFSSL_X509* x509);
|
||||
WOLFSSL_API int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509*, int);
|
||||
WOLFSSL_API int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509*, int);
|
||||
WOLFSSL_API int wolfSSL_X509_get_isCA(WOLFSSL_X509*);
|
||||
|
@ -1365,6 +1379,7 @@ WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_NID(
|
|||
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY*);
|
||||
|
||||
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void);
|
||||
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_dup(WOLFSSL_ASN1_STRING* asn1);
|
||||
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type);
|
||||
WOLFSSL_API int wolfSSL_ASN1_STRING_type(const WOLFSSL_ASN1_STRING* asn1);
|
||||
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_d2i_DISPLAYTEXT(WOLFSSL_ASN1_STRING **asn, const unsigned char **in, long len);
|
||||
|
@ -1421,11 +1436,12 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio,
|
|||
WOLFSSL_EVP_PKEY** out);
|
||||
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** key,
|
||||
const unsigned char** in, long inSz);
|
||||
WOLFSSL_API int wolfSSL_i2d_PUBKEY(const WOLFSSL_EVP_PKEY *key, unsigned char **der);
|
||||
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type,
|
||||
WOLFSSL_EVP_PKEY** out, const unsigned char **in, long inSz);
|
||||
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** key,
|
||||
unsigned char** in, long inSz);
|
||||
WOLFSSL_API int wolfSSL_i2d_PrivateKey(WOLFSSL_EVP_PKEY* key,
|
||||
WOLFSSL_API int wolfSSL_i2d_PrivateKey(const WOLFSSL_EVP_PKEY* key,
|
||||
unsigned char** der);
|
||||
WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
|
@ -1571,6 +1587,7 @@ WOLFSSL_API long wolfSSL_clear_options(WOLFSSL *s, long op);
|
|||
WOLFSSL_API long wolfSSL_clear_num_renegotiations(WOLFSSL *s);
|
||||
WOLFSSL_API long wolfSSL_total_renegotiations(WOLFSSL *s);
|
||||
WOLFSSL_API long wolfSSL_num_renegotiations(WOLFSSL* s);
|
||||
WOLFSSL_API int wolfSSL_SSL_renegotiate_pending(WOLFSSL *s);
|
||||
WOLFSSL_API long wolfSSL_set_tmp_dh(WOLFSSL *s, WOLFSSL_DH *dh);
|
||||
WOLFSSL_API long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
|
||||
WOLFSSL_API long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type);
|
||||
|
@ -1597,8 +1614,6 @@ enum {
|
|||
WOLFSSL_CRL_CHECK = 2,
|
||||
};
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
|
||||
defined(HAVE_WEBSERVER)
|
||||
/* Separated out from other enums because of size */
|
||||
enum {
|
||||
SSL_OP_MICROSOFT_SESS_ID_BUG = 0x00000001,
|
||||
|
@ -1645,6 +1660,8 @@ enum {
|
|||
| SSL_OP_TLS_ROLLBACK_BUG),
|
||||
};
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
|
||||
defined(HAVE_WEBSERVER)
|
||||
/* for compatibility these must be macros */
|
||||
#define SSL_OP_NO_SSLv2 WOLFSSL_OP_NO_SSLv2
|
||||
#define SSL_OP_NO_SSLv3 WOLFSSL_OP_NO_SSLv3
|
||||
|
@ -1950,6 +1967,11 @@ enum { /* ssl Constants */
|
|||
WOLFSSL_API void wolfSSL_set_psk_server_tls13_callback(WOLFSSL*,
|
||||
wc_psk_server_tls13_callback);
|
||||
#endif
|
||||
WOLFSSL_API void* wolfSSL_get_psk_callback_ctx(WOLFSSL*);
|
||||
WOLFSSL_API int wolfSSL_set_psk_callback_ctx(WOLFSSL*, void*);
|
||||
|
||||
WOLFSSL_API void* wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX*);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX*, void*);
|
||||
|
||||
#define PSK_TYPES_DEFINED
|
||||
#endif /* NO_PSK */
|
||||
|
@ -1992,10 +2014,9 @@ WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long);
|
|||
WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx);
|
||||
WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long);
|
||||
|
||||
#ifndef NO_CERTS
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_CHECK_PRIVATE_KEY)
|
||||
WOLFSSL_API int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX*);
|
||||
#endif /* !NO_CERTS */
|
||||
|
||||
#endif
|
||||
WOLFSSL_API void wolfSSL_ERR_free_strings(void);
|
||||
WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long);
|
||||
WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl);
|
||||
|
@ -2045,7 +2066,8 @@ WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_
|
|||
WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i);
|
||||
|
||||
#if defined(HAVE_EX_DATA) || defined(FORTRESS)
|
||||
#if (defined(HAVE_EX_DATA) || defined(FORTRESS)) && \
|
||||
(defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
|
||||
WOLFSSL_API void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data,
|
||||
int idx);
|
||||
WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx,
|
||||
|
@ -2087,6 +2109,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_Cleanup(void);
|
|||
|
||||
/* which library version do we have */
|
||||
WOLFSSL_API const char* wolfSSL_lib_version(void);
|
||||
WOLFSSL_API const char* wolfSSL_OpenSSL_version(void);
|
||||
/* which library version do we have in hex */
|
||||
WOLFSSL_API word32 wolfSSL_lib_version_hex(void);
|
||||
|
||||
|
@ -2134,6 +2157,7 @@ WOLFSSL_API int wolfSSL_X509_version(WOLFSSL_X509*);
|
|||
WOLFSSL_API int wolfSSL_cmp_peer_cert_to_file(WOLFSSL*, const char*);
|
||||
|
||||
WOLFSSL_ABI WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
|
||||
WOLFSSL_API int wolfSSL_X509_add_altname_ex(WOLFSSL_X509*, const char*, word32, int);
|
||||
WOLFSSL_API int wolfSSL_X509_add_altname(WOLFSSL_X509*, const char*, int);
|
||||
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509,
|
||||
|
@ -2143,7 +2167,7 @@ WOLFSSL_API WOLFSSL_X509*
|
|||
WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out);
|
||||
WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl,
|
||||
const unsigned char *in, int len);
|
||||
#ifndef NO_FILESYSTEM
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
|
||||
WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE file, WOLFSSL_X509_CRL **crl);
|
||||
#endif
|
||||
WOLFSSL_API void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl);
|
||||
|
@ -2178,7 +2202,7 @@ typedef struct WC_PKCS12 WC_PKCS12;
|
|||
WOLFSSL_API WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio,
|
||||
WC_PKCS12** pkcs12);
|
||||
WOLFSSL_API int wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12);
|
||||
#ifndef NO_FILESYSTEM
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
|
||||
WOLFSSL_API WOLFSSL_X509_PKCS12* wolfSSL_d2i_PKCS12_fp(XFILE fp,
|
||||
WOLFSSL_X509_PKCS12** pkcs12);
|
||||
#endif
|
||||
|
@ -2424,6 +2448,7 @@ WOLFSSL_API void wolfSSL_SetVerifyDecryptCtx(WOLFSSL* ssl, void *ctx);
|
|||
WOLFSSL_API void* wolfSSL_GetVerifyDecryptCtx(WOLFSSL* ssl);
|
||||
|
||||
WOLFSSL_API const unsigned char* wolfSSL_GetMacSecret(WOLFSSL*, int);
|
||||
WOLFSSL_API const unsigned char* wolfSSL_GetDtlsMacSecret(WOLFSSL*, int, int);
|
||||
WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*);
|
||||
WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*);
|
||||
WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*);
|
||||
|
@ -2527,7 +2552,7 @@ struct DhKey;
|
|||
typedef int (*CallbackDhAgree)(WOLFSSL* ssl, struct DhKey* key,
|
||||
const unsigned char* priv, unsigned int privSz,
|
||||
const unsigned char* otherPubKeyDer, unsigned int otherPubKeySz,
|
||||
unsigned char* out, unsigned int* outlen,
|
||||
unsigned char* out, word32* outlen,
|
||||
void* ctx);
|
||||
WOLFSSL_API void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX*, CallbackDhAgree);
|
||||
WOLFSSL_API void wolfSSL_SetDhAgreeCtx(WOLFSSL* ssl, void *ctx);
|
||||
|
@ -2625,7 +2650,7 @@ WOLFSSL_API void* wolfSSL_GetX448SharedSecretCtx(WOLFSSL* ssl);
|
|||
#ifndef NO_RSA
|
||||
typedef int (*CallbackRsaSign)(WOLFSSL* ssl,
|
||||
const unsigned char* in, unsigned int inSz,
|
||||
unsigned char* out, unsigned int* outSz,
|
||||
unsigned char* out, word32* outSz,
|
||||
const unsigned char* keyDer, unsigned int keySz,
|
||||
void* ctx);
|
||||
WOLFSSL_API void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX*, CallbackRsaSign);
|
||||
|
@ -2670,7 +2695,7 @@ WOLFSSL_API void* wolfSSL_GetRsaPssVerifyCtx(WOLFSSL* ssl);
|
|||
/* RSA Public Encrypt cb */
|
||||
typedef int (*CallbackRsaEnc)(WOLFSSL* ssl,
|
||||
const unsigned char* in, unsigned int inSz,
|
||||
unsigned char* out, unsigned int* outSz,
|
||||
unsigned char* out, word32* outSz,
|
||||
const unsigned char* keyDer, unsigned int keySz,
|
||||
void* ctx);
|
||||
WOLFSSL_API void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX*, CallbackRsaEnc);
|
||||
|
@ -3031,6 +3056,7 @@ enum {
|
|||
WOLFSSL_ECC_BRAINPOOLP512R1 = 28,
|
||||
WOLFSSL_ECC_X25519 = 29,
|
||||
WOLFSSL_ECC_X448 = 30,
|
||||
WOLFSSL_ECC_MAX = 30,
|
||||
|
||||
WOLFSSL_FFDHE_2048 = 256,
|
||||
WOLFSSL_FFDHE_3072 = 257,
|
||||
|
@ -3208,7 +3234,6 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
|
|||
#include <libs/libwolfssl/openssl/asn1.h>
|
||||
struct WOLFSSL_X509_NAME_ENTRY {
|
||||
WOLFSSL_ASN1_OBJECT object; /* static object just for keeping grp, type */
|
||||
WOLFSSL_ASN1_STRING data;
|
||||
WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */
|
||||
int nid; /* i.e. ASN_COMMON_NAME */
|
||||
int set;
|
||||
|
@ -3219,11 +3244,8 @@ WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_OBJ(WOLFSSL_X509_NAME *name,
|
|||
const WOLFSSL_ASN1_OBJECT *obj,
|
||||
int idx);
|
||||
|
||||
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
|
||||
|
||||
enum {
|
||||
WOLFSSL_SYS_ACCEPT = 0,
|
||||
WOLFSSL_SYS_BIND,
|
||||
|
@ -3293,12 +3315,28 @@ WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
|
|||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509*);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME*);
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME*, WOLFSSL_X509_NAME*);
|
||||
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
|
||||
#endif /* !NO_CERTS */
|
||||
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
#ifdef WOLFSSL_WPAS_SMALL
|
||||
/* WPA Supplicant requires GEN_ values */
|
||||
#include <libs/libwolfssl/openssl/x509v3.h>
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
|
||||
int nid, int* c, int* idx);
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
|
||||
#ifndef NO_CERTS
|
||||
WOLFSSL_API int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert);
|
||||
WOLFSSL_API int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509 *x, int nid, int lastpos);
|
||||
WOLFSSL_API int wolfSSL_X509_add_ext(WOLFSSL_X509 *x, WOLFSSL_X509_EXTENSION *ex, int loc);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit,
|
||||
void *data);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_conf_nid(
|
||||
WOLF_LHASH_OF(CONF_VALUE)* conf, WOLFSSL_X509V3_CTX* ctx, int nid,
|
||||
char* value);
|
||||
|
@ -3335,7 +3373,7 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_x509_ext(void);
|
|||
|
||||
WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_X509_EXTENSION_get_object(WOLFSSL_X509_EXTENSION* ext);
|
||||
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_EXTENSION_get_data(WOLFSSL_X509_EXTENSION* ext);
|
||||
#endif /* NO_CERTS */
|
||||
#endif /* !NO_CERTS */
|
||||
|
||||
WOLFSSL_API WOLFSSL_DH *wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r);
|
||||
|
||||
|
@ -3343,8 +3381,6 @@ WOLFSSL_API int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
|
|||
unsigned char* out, int outSz);
|
||||
WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses);
|
||||
|
||||
WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
|
||||
WOLFSSL_X509_STORE* str);
|
||||
WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
|
||||
#if !defined(NO_FILESYSTEM)
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(XFILE fp,
|
||||
|
@ -3353,20 +3389,27 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_GetCerts(WOLFSSL_X509_STORE_CTX* s
|
|||
#endif
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio,
|
||||
WOLFSSL_X509** x509);
|
||||
WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
|
||||
WOLFSSL_X509_STORE* str);
|
||||
WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
|
||||
WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl,
|
||||
unsigned char *out, size_t outlen);
|
||||
WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl,
|
||||
unsigned char* out, size_t outSz);
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
|
||||
WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio);
|
||||
WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b);
|
||||
|
||||
WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl,
|
||||
unsigned char *out, size_t outlen);
|
||||
WOLFSSL_API int wolfSSL_get_server_tmp_key(const WOLFSSL*, WOLFSSL_EVP_PKEY**);
|
||||
|
||||
WOLFSSL_API int wolfSSL_CTX_set_min_proto_version(WOLFSSL_CTX*, int);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_max_proto_version(WOLFSSL_CTX*, int);
|
||||
|
||||
WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl,
|
||||
unsigned char* out, size_t outSz);
|
||||
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u);
|
||||
WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_bio_X509_CRL(WOLFSSL_BIO *bp,
|
||||
|
@ -3385,9 +3428,12 @@ WOLFSSL_API int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header,
|
|||
WOLFSSL_API int wolfSSL_PEM_do_header(EncryptedInfo* cipher,
|
||||
unsigned char* data, long* len,
|
||||
pem_password_cb* callback, void* ctx);
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
|
||||
|
||||
/*lighttp compatibility */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
|
||||
defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
struct WOLFSSL_ASN1_BIT_STRING {
|
||||
int length;
|
||||
int type;
|
||||
|
@ -3395,6 +3441,11 @@ struct WOLFSSL_ASN1_BIT_STRING {
|
|||
long flags;
|
||||
};
|
||||
|
||||
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc);
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)|| \
|
||||
defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
|
||||
#if defined(OPENSSL_EXTRA) \
|
||||
|| defined(OPENSSL_ALL) \
|
||||
|
@ -3402,7 +3453,8 @@ struct WOLFSSL_ASN1_BIT_STRING {
|
|||
|| defined(WOLFSSL_MYSQL_COMPATIBLE) \
|
||||
|| defined(HAVE_STUNNEL) \
|
||||
|| defined(WOLFSSL_NGINX) \
|
||||
|| defined(WOLFSSL_HAPROXY)
|
||||
|| defined(WOLFSSL_HAPROXY) \
|
||||
|| defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void);
|
||||
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name);
|
||||
|
@ -3414,7 +3466,6 @@ WOLFSSL_API void wolfSSL_set_verify_depth(WOLFSSL *ssl,int depth);
|
|||
WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl);
|
||||
WOLFSSL_API int wolfSSL_set_app_data(WOLFSSL *ssl, void *arg);
|
||||
WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc);
|
||||
WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md);
|
||||
WOLFSSL_API unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, unsigned char *md);
|
||||
WOLFSSL_API unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n, unsigned char *md);
|
||||
|
@ -3468,12 +3519,8 @@ WOLFSSL_API int wolfSSL_X509_REQ_set_pubkey(WOLFSSL_X509 *req,
|
|||
#endif
|
||||
|
||||
|
||||
#if defined(OPENSSL_ALL) \
|
||||
|| defined(HAVE_STUNNEL) \
|
||||
|| defined(WOLFSSL_NGINX) \
|
||||
|| defined(WOLFSSL_HAPROXY) \
|
||||
|| defined(OPENSSL_EXTRA) \
|
||||
|| defined(HAVE_LIGHTY)
|
||||
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \
|
||||
|| defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
|
||||
|
||||
#include <libs/libwolfssl/openssl/crypto.h>
|
||||
|
||||
|
@ -3485,6 +3532,8 @@ WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const ch
|
|||
|
||||
WOLFSSL_API void wolfSSL_CRYPTO_cleanup_all_ex_data(void);
|
||||
|
||||
WOLFSSL_API int wolfSSL_CRYPTO_memcmp(const void *a, const void *b, size_t size);
|
||||
|
||||
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_768_prime(WOLFSSL_BIGNUM* bn);
|
||||
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1024_prime(WOLFSSL_BIGNUM* bn);
|
||||
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn);
|
||||
|
@ -3550,7 +3599,9 @@ WOLFSSL_API int wolfSSL_sk_X509_OBJECT_num(const WOLF_STACK_OF(WOLFSSL_X509_OBJE
|
|||
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,
|
||||
unsigned long);
|
||||
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_ASN1_BIT_STRING_new(void);
|
||||
WOLFSSL_API void wolfSSL_ASN1_BIT_STRING_free(WOLFSSL_ASN1_BIT_STRING*);
|
||||
WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(
|
||||
|
@ -3559,6 +3610,10 @@ WOLFSSL_API int wolfSSL_ASN1_BIT_STRING_get_bit(
|
|||
const WOLFSSL_ASN1_BIT_STRING*, int);
|
||||
WOLFSSL_API int wolfSSL_ASN1_BIT_STRING_set_bit(
|
||||
WOLFSSL_ASN1_BIT_STRING*, int, int);
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \
|
||||
|| defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
|
||||
|
||||
WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*);
|
||||
|
||||
|
@ -3571,17 +3626,22 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)*, in
|
|||
WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_shift(WOLF_STACK_OF(WOLFSSL_X509)*);
|
||||
|
||||
WOLFSSL_API void* wolfSSL_sk_X509_OBJECT_value(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)*, int);
|
||||
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int);
|
||||
|
||||
WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*);
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \
|
||||
|| defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
|
||||
|
||||
WOLFSSL_API int wolfSSL_SESSION_get_ex_new_index(long,void*,void*,void*,
|
||||
CRYPTO_free_func*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*);
|
||||
|
||||
|
||||
WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*,
|
||||
unsigned int*);
|
||||
|
||||
|
@ -3624,10 +3684,13 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_OBJECT)*
|
|||
WOLFSSL_API WOLFSSL_X509_OBJECT*
|
||||
wolfSSL_sk_X509_OBJECT_delete(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* sk, int i);
|
||||
WOLFSSL_API void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *a);
|
||||
|
||||
WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*));
|
||||
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
#include <libs/libwolfssl/openssl/stack.h>
|
||||
WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*));
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
|
||||
WOLFSSL_API int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names);
|
||||
WOLFSSL_API int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names);
|
||||
|
@ -3672,6 +3735,16 @@ WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data,
|
|||
WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void);
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_OCSP) && !defined(NO_ASN_TIME)
|
||||
WOLFSSL_API int wolfSSL_get_ocsp_producedDate(
|
||||
WOLFSSL *ssl,
|
||||
byte *producedDate,
|
||||
size_t producedDate_space,
|
||||
int *producedDateFormat);
|
||||
WOLFSSL_API int wolfSSL_get_ocsp_producedDate_tm(WOLFSSL *ssl,
|
||||
struct tm *produced_tm);
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_ALL) \
|
||||
|| defined(WOLFSSL_NGINX) \
|
||||
|| defined(WOLFSSL_HAPROXY) \
|
||||
|
@ -3688,14 +3761,17 @@ WOLFSSL_LOCAL char* wolfSSL_get_ocsp_url(WOLFSSL* ssl);
|
|||
WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url);
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx);
|
||||
WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx,
|
||||
void *data);
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
|
||||
|| defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl);
|
||||
WOLFSSL_API int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a,
|
||||
void *b, void *c);
|
||||
WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx);
|
||||
WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx,
|
||||
void *data);
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_digest(const WOLFSSL_X509_NAME *data,
|
||||
const WOLFSSL_EVP_MD *type, unsigned char *md, unsigned int *len);
|
||||
|
||||
|
@ -3715,8 +3791,6 @@ WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL*);
|
|||
#ifndef NO_SESSION_CACHE
|
||||
WOLFSSL_API WOLFSSL_SESSION *wolfSSL_SSL_get0_session(const WOLFSSL *s);
|
||||
#endif
|
||||
WOLFSSL_API int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk,
|
||||
size_t chklen, unsigned int flags, char **peername);
|
||||
|
||||
WOLFSSL_API int wolfSSL_i2a_ASN1_INTEGER(WOLFSSL_BIO *bp,
|
||||
const WOLFSSL_ASN1_INTEGER *a);
|
||||
|
@ -3745,13 +3819,13 @@ WOLFSSL_API int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer,
|
|||
|
||||
WOLFSSL_API char* wolfSSL_sk_WOLFSSL_STRING_value(
|
||||
WOLF_STACK_OF(WOLFSSL_STRING)* strings, int idx);
|
||||
#endif /* HAVE_OCSP */
|
||||
#endif /* HAVE_OCSP || OPENSSL_EXTRA || OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
|
||||
|
||||
WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio,
|
||||
WOLFSSL_X509 *cert);
|
||||
|
||||
#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
|
||||
OPENSSL_EXTRA || HAVE_LIGHTY*/
|
||||
OPENSSL_EXTRA || HAVE_LIGHTY */
|
||||
|
||||
WOLFSSL_API void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl,
|
||||
const unsigned char **data, unsigned int *len);
|
||||
|
@ -3782,8 +3856,14 @@ WOLFSSL_API void wolfSSL_CTX_set_next_proto_select_cb(WOLFSSL_CTX *s,
|
|||
WOLFSSL_API void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char **data,
|
||||
unsigned *len);
|
||||
|
||||
#ifndef NO_ASN
|
||||
WOLFSSL_API int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk,
|
||||
size_t chklen, unsigned int flags, char **peername);
|
||||
WOLFSSL_API int wolfSSL_X509_check_ip_asc(WOLFSSL_X509 *x, const char *ipasc,
|
||||
unsigned int flags);
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
|
||||
WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context(
|
||||
const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length);
|
||||
|
@ -3808,6 +3888,7 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_PUBKEY_get(WOLFSSL_X509_PUBKEY* key);
|
|||
WOLFSSL_API int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key);
|
||||
WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a);
|
||||
WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a);
|
||||
WOLFSSL_API int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp);
|
||||
WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength));
|
||||
WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
|
||||
WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str, const char *file, const char *dir);
|
||||
|
@ -3815,8 +3896,6 @@ WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509
|
|||
WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const WOLF_STACK_OF(WOLFSSL_CIPHER)* p);
|
||||
WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_find(
|
||||
WOLF_STACK_OF(WOLFSSL_CIPHER)* sk, const WOLFSSL_CIPHER* toFind);
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_sk_SSL_CIPHER_dup(
|
||||
WOLF_STACK_OF(WOLFSSL_CIPHER)* in);
|
||||
WOLFSSL_API void wolfSSL_sk_SSL_CIPHER_free(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk);
|
||||
WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st);
|
||||
WOLFSSL_API int wolfSSL_sk_SSL_COMP_num(WOLF_STACK_OF(WOLFSSL_COMP)* sk);
|
||||
|
@ -3843,10 +3922,9 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PKCS8PrivateKey_bio(WOLFSSL_BIO* bio,
|
|||
WOLFSSL_EVP_PKEY** pkey, pem_password_cb* cb, void* u);
|
||||
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(
|
||||
WOLFSSL_EVP_PKEY** pkey, const unsigned char** data, long length);
|
||||
WOLFSSL_API unsigned long wolfSSL_X509_subject_name_hash(const WOLFSSL_X509* x509);
|
||||
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
WOLFSSL_API int wolfSSL_IsPrivatePkSet(WOLFSSL* ssl);
|
||||
|
@ -3858,6 +3936,15 @@ WOLFSSL_API int wolfSSL_CTX_AllowEncryptThenMac(WOLFSSL_CTX *, int);
|
|||
WOLFSSL_API int wolfSSL_AllowEncryptThenMac(WOLFSSL *s, int);
|
||||
#endif
|
||||
|
||||
/* This feature is used to set a fixed ephemeral key and is for testing only */
|
||||
/* Currently allows ECDHE and DHE only */
|
||||
#ifdef WOLFSSL_STATIC_EPHEMERAL
|
||||
WOLFSSL_API int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
|
||||
const char* key, unsigned int keySz, int format);
|
||||
WOLFSSL_API int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
|
||||
const char* key, unsigned int keySz, int format);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -28,8 +28,8 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define LIBWOLFSSL_VERSION_STRING "4.4.0"
|
||||
#define LIBWOLFSSL_VERSION_HEX 0x04004000
|
||||
#define LIBWOLFSSL_VERSION_STRING "4.5.0"
|
||||
#define LIBWOLFSSL_VERSION_HEX 0x04005000
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -22,8 +22,15 @@
|
|||
/*!
|
||||
\file wolfssl/wolfcrypt/aes.h
|
||||
*/
|
||||
/*
|
||||
|
||||
DESCRIPTION
|
||||
This library provides the interfaces to the Advanced Encryption Standard (AES)
|
||||
for encrypting and decrypting data. AES is the standard known for a symmetric
|
||||
block cipher mechanism that uses n-bit binary string parameter key with 128-bits,
|
||||
192-bits, and 256-bits of key sizes.
|
||||
|
||||
*/
|
||||
#ifndef WOLF_CRYPT_AES_H
|
||||
#define WOLF_CRYPT_AES_H
|
||||
|
||||
|
@ -55,14 +62,9 @@
|
|||
#include <libs/libwolfssl/wolfcrypt/port/st/stm32.h>
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AESNI
|
||||
|
||||
#include <wmmintrin.h>
|
||||
#include <emmintrin.h>
|
||||
#include <smmintrin.h>
|
||||
|
||||
#endif /* WOLFSSL_AESNI */
|
||||
|
||||
#ifdef WOLFSSL_IMXRT_DCP
|
||||
#include "fsl_dcp.h"
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_XILINX_CRYPT
|
||||
#include "xsecure_aes.h"
|
||||
|
@ -226,6 +228,9 @@ struct Aes {
|
|||
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
|
||||
defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
|
||||
TSIP_AES_CTX ctx;
|
||||
#endif
|
||||
#if defined(WOLFSSL_IMXRT_DCP)
|
||||
dcp_handle_t handle;
|
||||
#endif
|
||||
void* heap; /* memory hint to use */
|
||||
};
|
||||
|
|
|
@ -23,6 +23,14 @@
|
|||
\file wolfssl/wolfcrypt/asn.h
|
||||
*/
|
||||
|
||||
/*
|
||||
|
||||
DESCRIPTION
|
||||
This library provides the interface to Abstract Syntax Notation One (ASN.1) objects.
|
||||
ASN.1 is a standard interface description language for defining data structures
|
||||
that can be serialized and deserialized in a cross-platform way.
|
||||
|
||||
*/
|
||||
#ifndef WOLF_CRYPT_ASN_H
|
||||
#define WOLF_CRYPT_ASN_H
|
||||
|
||||
|
@ -233,6 +241,7 @@ enum
|
|||
NID_jurisdictionStateOrProvinceName = 0xd,
|
||||
NID_businessCategory = ASN_BUS_CAT,
|
||||
NID_domainComponent = ASN_DOMAIN_COMPONENT,
|
||||
NID_userId = 458,
|
||||
NID_emailAddress = 0x30, /* emailAddress */
|
||||
NID_id_on_dnsSRV = 82, /* 1.3.6.1.5.5.7.8.7 */
|
||||
NID_ms_upn = 265, /* 1.3.6.1.4.1.311.20.2.3 */
|
||||
|
@ -341,7 +350,8 @@ enum Misc_ASN {
|
|||
#endif
|
||||
/* Max total extensions, id + len + others */
|
||||
#endif
|
||||
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7)
|
||||
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
|
||||
defined(HAVE_PKCS7) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
MAX_OID_SZ = 32, /* Max DER length of OID*/
|
||||
MAX_OID_STRING_SZ = 64, /* Max string length representation of OID*/
|
||||
#endif
|
||||
|
@ -356,7 +366,6 @@ enum Misc_ASN {
|
|||
MAX_CERTPOL_SZ = CTC_MAX_CERTPOL_SZ,
|
||||
#endif
|
||||
MAX_AIA_SZ = 2, /* Max Authority Info Access extension size*/
|
||||
MAX_NAME_ENTRIES = 5, /* extra entries added to x509 name struct */
|
||||
OCSP_NONCE_EXT_SZ = 35, /* OCSP Nonce Extension size */
|
||||
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
|
||||
MAX_OCSP_NONCE_SZ = 16, /* OCSP Nonce size */
|
||||
|
@ -371,6 +380,8 @@ enum Misc_ASN {
|
|||
TRAILING_ZERO = 1, /* Used for size of zero pad */
|
||||
ASN_TAG_SZ = 1, /* single byte ASN.1 tag */
|
||||
MIN_VERSION_SZ = 3, /* Min bytes needed for GetMyVersion */
|
||||
MAX_X509_VERSION = 3, /* Max X509 version allowed */
|
||||
MIN_X509_VERSION = 0, /* Min X509 version allowed */
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
|
||||
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
|
||||
defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7)
|
||||
|
@ -383,6 +394,12 @@ enum Misc_ASN {
|
|||
PEM_LINE_LEN = PEM_LINE_SZ + 12, /* PEM line max + fudge */
|
||||
};
|
||||
|
||||
#ifndef WC_MAX_NAME_ENTRIES
|
||||
/* entries added to x509 name struct */
|
||||
#define WC_MAX_NAME_ENTRIES 13
|
||||
#endif
|
||||
#define MAX_NAME_ENTRIES WC_MAX_NAME_ENTRIES
|
||||
|
||||
|
||||
enum Oid_Types {
|
||||
oidHashType = 0,
|
||||
|
@ -521,7 +538,9 @@ enum Extensions_Sum {
|
|||
POLICY_CONST_OID = 150,
|
||||
ISSUE_ALT_NAMES_OID = 132,
|
||||
TLS_FEATURE_OID = 92, /* id-pe 24 */
|
||||
NETSCAPE_CT_OID = 753 /* 2.16.840.1.113730.1.1 */
|
||||
NETSCAPE_CT_OID = 753, /* 2.16.840.1.113730.1.1 */
|
||||
OCSP_NOCHECK_OID = 121 /* 1.3.6.1.5.5.7.48.1.5
|
||||
id-pkix-ocsp-nocheck */
|
||||
};
|
||||
|
||||
enum CertificatePolicy_Sum {
|
||||
|
@ -609,64 +628,6 @@ struct Base_entry {
|
|||
byte type; /* Name base type (DNS or RFC822) */
|
||||
};
|
||||
|
||||
#define DOMAIN_COMPONENT_MAX 10
|
||||
#define DN_NAMES_MAX 9
|
||||
|
||||
struct DecodedName {
|
||||
char* fullName;
|
||||
int fullNameLen;
|
||||
int entryCount;
|
||||
int cnIdx;
|
||||
int cnLen;
|
||||
int cnNid;
|
||||
int snIdx;
|
||||
int snLen;
|
||||
int snNid;
|
||||
int cIdx;
|
||||
int cLen;
|
||||
int cNid;
|
||||
int lIdx;
|
||||
int lLen;
|
||||
int lNid;
|
||||
int stIdx;
|
||||
int stLen;
|
||||
int stNid;
|
||||
int oIdx;
|
||||
int oLen;
|
||||
int oNid;
|
||||
int ouIdx;
|
||||
int ouLen;
|
||||
#ifdef WOLFSSL_CERT_EXT
|
||||
int bcIdx;
|
||||
int bcLen;
|
||||
int jcIdx;
|
||||
int jcLen;
|
||||
int jsIdx;
|
||||
int jsLen;
|
||||
#endif
|
||||
int ouNid;
|
||||
int emailIdx;
|
||||
int emailLen;
|
||||
int emailNid;
|
||||
int uidIdx;
|
||||
int uidLen;
|
||||
int uidNid;
|
||||
int serialIdx;
|
||||
int serialLen;
|
||||
int serialNid;
|
||||
int dcIdx[DOMAIN_COMPONENT_MAX];
|
||||
int dcLen[DOMAIN_COMPONENT_MAX];
|
||||
int dcNum;
|
||||
int dcMode;
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
/* hold the location / order with which each of the DN tags was found
|
||||
*
|
||||
* example of ASN_DOMAIN_COMPONENT at index 0 if first found and so on.
|
||||
*/
|
||||
int loc[DOMAIN_COMPONENT_MAX + DN_NAMES_MAX];
|
||||
int locSz;
|
||||
#endif
|
||||
};
|
||||
|
||||
enum SignatureState {
|
||||
SIG_STATE_BEGIN,
|
||||
|
@ -784,7 +745,6 @@ struct CertSignCtx {
|
|||
#endif
|
||||
|
||||
typedef struct DecodedCert DecodedCert;
|
||||
typedef struct DecodedName DecodedName;
|
||||
typedef struct Signer Signer;
|
||||
#ifdef WOLFSSL_TRUST_PEER_CERT
|
||||
typedef struct TrustedPeerCert TrustedPeerCert;
|
||||
|
@ -911,8 +871,9 @@ struct DecodedCert {
|
|||
int subjectEmailLen;
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
DecodedName issuerName;
|
||||
DecodedName subjectName;
|
||||
/* WOLFSSL_X509_NAME structures (used void* to avoid including ssl.h) */
|
||||
void* issuerName;
|
||||
void* subjectName;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#ifdef WOLFSSL_SEP
|
||||
int deviceTypeSz;
|
||||
|
@ -950,6 +911,9 @@ struct DecodedCert {
|
|||
byte weOwnAltNames : 1; /* altNames haven't been given to copy */
|
||||
byte extKeyUsageSet : 1;
|
||||
byte extExtKeyUsageSet : 1; /* Extended Key Usage set */
|
||||
#ifdef HAVE_OCSP
|
||||
byte ocspNoCheckSet : 1; /* id-pkix-ocsp-nocheck set */
|
||||
#endif
|
||||
byte extCRLdistSet : 1;
|
||||
byte extAuthInfoSet : 1;
|
||||
byte extBasicConstSet : 1;
|
||||
|
@ -1052,6 +1016,7 @@ struct TrustedPeerCert {
|
|||
#endif
|
||||
|
||||
WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash);
|
||||
WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx);
|
||||
|
||||
WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
|
||||
word32* derSz);
|
||||
|
@ -1118,12 +1083,14 @@ WOLFSSL_LOCAL int GetAsnTimeString(void* currTime, byte* buf, word32 len);
|
|||
WOLFSSL_LOCAL int ExtractDate(const unsigned char* date, unsigned char format,
|
||||
wolfssl_tm* certTime, int* idx);
|
||||
WOLFSSL_LOCAL int DateGreaterThan(const struct tm* a, const struct tm* b);
|
||||
WOLFSSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
|
||||
WOLFSSL_LOCAL int wc_ValidateDate(const byte* date, byte format, int dateType);
|
||||
WOLFSSL_LOCAL int wc_OBJ_sn2nid(const char *sn);
|
||||
|
||||
/* ASN.1 helper functions */
|
||||
#ifdef WOLFSSL_CERT_GEN
|
||||
WOLFSSL_ASN_API int SetName(byte* output, word32 outputSz, CertName* name);
|
||||
WOLFSSL_LOCAL const char* GetOneCertName(CertName* name, int idx);
|
||||
WOLFSSL_LOCAL byte GetCertNameId(int idx);
|
||||
#endif
|
||||
WOLFSSL_LOCAL int GetShortInt(const byte* input, word32* inOutIdx, int* number,
|
||||
word32 maxIdx);
|
||||
|
|
|
@ -23,6 +23,11 @@
|
|||
\file wolfssl/wolfcrypt/asn_public.h
|
||||
*/
|
||||
|
||||
/*
|
||||
DESCRIPTION
|
||||
This library defines the interface APIs for X509 certificates.
|
||||
|
||||
*/
|
||||
#ifndef WOLF_CRYPT_ASN_PUBLIC_H
|
||||
#define WOLF_CRYPT_ASN_PUBLIC_H
|
||||
|
||||
|
@ -325,6 +330,8 @@ typedef struct Cert {
|
|||
#endif
|
||||
char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ];
|
||||
word16 certPoliciesNb; /* Number of Cert Policy */
|
||||
#endif
|
||||
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA)
|
||||
byte issRaw[sizeof(CertName)]; /* raw issuer info */
|
||||
byte sbjRaw[sizeof(CertName)]; /* raw subject info */
|
||||
#endif
|
||||
|
|
|
@ -39,16 +39,6 @@
|
|||
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#define ALIGN(x) __declspec(align(x))
|
||||
#elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
|
||||
#define ALIGN(x) __attribute__((aligned(x)))
|
||||
#else
|
||||
#define ALIGN(x)
|
||||
#endif
|
||||
|
||||
|
||||
#if defined(__cplusplus)
|
||||
extern "C" {
|
||||
#endif
|
||||
|
@ -87,7 +77,7 @@
|
|||
byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */
|
||||
} blake2s_param;
|
||||
|
||||
ALIGN( 32 ) typedef struct __blake2s_state
|
||||
ALIGN32 typedef struct __blake2s_state
|
||||
{
|
||||
word32 h[8];
|
||||
word32 t[2];
|
||||
|
@ -112,7 +102,7 @@
|
|||
byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */
|
||||
} blake2b_param;
|
||||
|
||||
ALIGN( 64 ) typedef struct __blake2b_state
|
||||
ALIGN64 typedef struct __blake2b_state
|
||||
{
|
||||
word64 h[8];
|
||||
word64 t[2];
|
||||
|
|
|
@ -76,12 +76,14 @@ typedef struct Blake2s {
|
|||
|
||||
#ifdef HAVE_BLAKE2B
|
||||
WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32);
|
||||
WOLFSSL_API int wc_InitBlake2b_WithKey(Blake2b*, word32, const byte *, word32);
|
||||
WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32);
|
||||
WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_BLAKE2S
|
||||
WOLFSSL_API int wc_InitBlake2s(Blake2s*, word32);
|
||||
WOLFSSL_API int wc_InitBlake2s_WithKey(Blake2s*, word32, const byte *, word32);
|
||||
WOLFSSL_API int wc_Blake2sUpdate(Blake2s*, const byte*, word32);
|
||||
WOLFSSL_API int wc_Blake2sFinal(Blake2s*, byte*, word32);
|
||||
#endif
|
||||
|
|
|
@ -18,7 +18,12 @@
|
|||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
/*
|
||||
|
||||
DESCRIPTION
|
||||
This library contains implementation for the ChaCha20 stream cipher.
|
||||
|
||||
*/
|
||||
/*!
|
||||
\file wolfssl/wolfcrypt/chacha.h
|
||||
*/
|
||||
|
@ -35,9 +40,21 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
Initialization vector starts at 13 with zero being the index origin of a matrix.
|
||||
Block counter is located at index 12.
|
||||
0 1 2 3
|
||||
4 5 6 7
|
||||
8 9 10 11
|
||||
12 13 14 15
|
||||
*/
|
||||
#define CHACHA_MATRIX_CNT_IV 12
|
||||
|
||||
/* Size of the IV */
|
||||
#define CHACHA_IV_WORDS 3
|
||||
#define CHACHA_IV_BYTES (CHACHA_IV_WORDS * sizeof(word32))
|
||||
|
||||
/* Size of IV in bytes*/
|
||||
#define CHACHA_IV_BYTES 12
|
||||
|
||||
/* Size of ChaCha chunks */
|
||||
#define CHACHA_CHUNK_WORDS 16
|
||||
|
@ -57,10 +74,13 @@ enum {
|
|||
|
||||
typedef struct ChaCha {
|
||||
word32 X[CHACHA_CHUNK_WORDS]; /* state of cipher */
|
||||
word32 left; /* number of bytes leftover */
|
||||
#ifdef HAVE_INTEL_AVX1
|
||||
/* vpshufd reads 16 bytes but we only use bottom 4. */
|
||||
byte extra[12];
|
||||
#endif
|
||||
word32 left; /* number of bytes leftover */
|
||||
#if defined(USE_INTEL_CHACHA_SPEEDUP) || defined(WOLFSSL_ARMASM)
|
||||
word32 over[CHACHA_CHUNK_WORDS];
|
||||
#endif
|
||||
} ChaCha;
|
||||
|
||||
|
|
|
@ -18,12 +18,14 @@
|
|||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
/*
|
||||
|
||||
DESCRIPTION
|
||||
This library contains implementation for the ChaCha20 stream cipher and
|
||||
the Poly1305 authenticator, both as as combined-mode,
|
||||
or Authenticated Encryption with Additional Data (AEAD) algorithm.
|
||||
|
||||
/* This implementation of the ChaCha20-Poly1305 AEAD is based on "ChaCha20
|
||||
* and Poly1305 for IETF protocols" (draft-irtf-cfrg-chacha20-poly1305-10):
|
||||
* https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-10
|
||||
*/
|
||||
*/
|
||||
|
||||
/*!
|
||||
\file wolfssl/wolfcrypt/chacha20_poly1305.h
|
||||
|
@ -45,6 +47,7 @@
|
|||
#define CHACHA20_POLY1305_AEAD_KEYSIZE 32
|
||||
#define CHACHA20_POLY1305_AEAD_IV_SIZE 12
|
||||
#define CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE 16
|
||||
#define CHACHA20_POLY1305_MAX 4294967295U
|
||||
|
||||
enum {
|
||||
CHACHA20_POLY_1305_ENC_TYPE = 8, /* cipher unique type */
|
||||
|
|
|
@ -54,6 +54,11 @@
|
|||
|
||||
void cpuid_set_flags(void);
|
||||
word32 cpuid_get_flags(void);
|
||||
|
||||
/* Public APIs to modify flags. */
|
||||
WOLFSSL_API void cpuid_select_flags(word32 flags);
|
||||
WOLFSSL_API void cpuid_set_flag(word32 flag);
|
||||
WOLFSSL_API void cpuid_clear_flag(word32 flag);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
|
|
|
@ -86,6 +86,18 @@ enum {
|
|||
EC25519_BIG_ENDIAN=1
|
||||
};
|
||||
|
||||
WOLFSSL_API
|
||||
int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
|
||||
const byte* priv);
|
||||
|
||||
WOLFSSL_API
|
||||
int wc_curve25519_generic(int public_size, byte* pub,
|
||||
int private_size, const byte* priv,
|
||||
int basepoint_size, const byte* basepoint);
|
||||
|
||||
WOLFSSL_API
|
||||
int wc_curve25519_make_priv(WC_RNG* rng, int keysize, byte* priv);
|
||||
|
||||
WOLFSSL_API
|
||||
int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key);
|
||||
|
||||
|
|
|
@ -45,11 +45,19 @@
|
|||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
#include <libs/libwolfssl/wolfcrypt/async.h>
|
||||
#endif
|
||||
|
||||
/* Optional support extended DH public / private keys */
|
||||
#if !defined(WOLFSSL_DH_EXTRA) && (defined(WOLFSSL_QT) || \
|
||||
defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \
|
||||
defined(WOLFSSL_STATIC_EPHEMERAL))
|
||||
#define WOLFSSL_DH_EXTRA
|
||||
#endif
|
||||
|
||||
typedef struct DhParams {
|
||||
#ifdef HAVE_FFDHE_Q
|
||||
#ifdef HAVE_FFDHE_Q
|
||||
const byte* q;
|
||||
word32 q_len;
|
||||
#endif /* HAVE_FFDHE_Q */
|
||||
#endif /* HAVE_FFDHE_Q */
|
||||
const byte* p;
|
||||
word32 p_len;
|
||||
const byte* g;
|
||||
|
@ -58,8 +66,8 @@ typedef struct DhParams {
|
|||
|
||||
/* Diffie-Hellman Key */
|
||||
struct DhKey {
|
||||
mp_int p, g, q; /* group parameters */
|
||||
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)
|
||||
mp_int p, g, q; /* group parameters */
|
||||
#ifdef WOLFSSL_DH_EXTRA
|
||||
mp_int pub;
|
||||
mp_int priv;
|
||||
#endif
|
||||
|
@ -101,15 +109,20 @@ WOLFSSL_API int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz,
|
|||
word32 pubSz);
|
||||
|
||||
WOLFSSL_API int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
|
||||
word32);
|
||||
word32); /* wc_DhKeyDecode is in asn.c */
|
||||
|
||||
WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
|
||||
word32 gSz);
|
||||
WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz,
|
||||
const byte* g, word32 gSz, const byte* q, word32 qSz);
|
||||
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
|
||||
WOLFSSL_LOCAL int wc_DhSetFullKeys(DhKey* key,const byte* priv_key,word32 privSz,
|
||||
const byte* pub_key, word32 pubSz);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_DH_EXTRA
|
||||
WOLFSSL_API int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz,
|
||||
const byte* pub, word32 pubSz);
|
||||
WOLFSSL_API int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz,
|
||||
byte* pub, word32* pPubSz);
|
||||
#endif /* WOLFSSL_DH_EXTRA */
|
||||
|
||||
WOLFSSL_API int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz,
|
||||
const byte* g, word32 gSz, const byte* q, word32 qSz,
|
||||
int trusted, WC_RNG* rng);
|
||||
|
@ -136,4 +149,3 @@ WOLFSSL_API int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
|
|||
|
||||
#endif /* NO_DH */
|
||||
#endif /* WOLF_CRYPT_DH_H */
|
||||
|
||||
|
|
|
@ -50,7 +50,7 @@
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_ATECC508A
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
|
||||
#include <libs/libwolfssl/wolfcrypt/port/atmel/atmel.h>
|
||||
#endif /* WOLFSSL_ATECC508A */
|
||||
|
||||
|
@ -58,6 +58,11 @@
|
|||
#include <libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h>
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
@ -127,7 +132,7 @@ enum {
|
|||
ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ),
|
||||
|
||||
/* max crypto hardware size */
|
||||
#ifdef WOLFSSL_ATECC508A
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
|
||||
ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */
|
||||
ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2),
|
||||
#elif defined(PLUTON_CRYPTO_ECC)
|
||||
|
@ -278,14 +283,15 @@ typedef struct ecc_set_type {
|
|||
* mp_ints for the components of the point. With ALT_ECC_SIZE, the components
|
||||
* of the point are pointers that are set to each of a three item array of
|
||||
* alt_fp_ints. While an mp_int will have 4096 bits of digit inside the
|
||||
* structure, the alt_fp_int will only have 528 bits. A size value was added
|
||||
* in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The
|
||||
* functions fp_zero() and fp_copy() use the size parameter. An int needs to
|
||||
* be initialized before using it instead of just fp_zeroing it, the init will
|
||||
* call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the
|
||||
* number of bits used in the alternate FP_INT.
|
||||
* structure, the alt_fp_int will only have 512 bits for ECC 256-bit and
|
||||
* 1056-bits for ECC 521-bit. A size value was added in the ALT case, as well,
|
||||
* and is set by mp_init() and alt_fp_init(). The functions fp_zero() and
|
||||
* fp_copy() use the size parameter. An int needs to be initialized before
|
||||
* using it instead of just fp_zeroing it, the init will call zero. The
|
||||
* FP_MAX_BITS_ECC defaults to calculating based on MAX_ECC_BITS, but
|
||||
* can be set to change the number of bits used in the alternate FP_INT.
|
||||
*
|
||||
* Do not enable ALT_ECC_SIZE and disable fast math in the configuration.
|
||||
* The ALT_ECC_SIZE option only applies to stack based fast math USE_FAST_MATH.
|
||||
*/
|
||||
|
||||
#ifndef USE_FAST_MATH
|
||||
|
@ -294,19 +300,18 @@ typedef struct ecc_set_type {
|
|||
|
||||
/* determine max bits required for ECC math */
|
||||
#ifndef FP_MAX_BITS_ECC
|
||||
/* check alignment */
|
||||
#if ((MAX_ECC_BITS * 2) % DIGIT_BIT) == 0
|
||||
/* max bits is double */
|
||||
#define FP_MAX_BITS_ECC (MAX_ECC_BITS * 2)
|
||||
#else
|
||||
/* max bits is doubled, plus one digit of fudge */
|
||||
#define FP_MAX_BITS_ECC ((MAX_ECC_BITS * 2) + DIGIT_BIT)
|
||||
#endif
|
||||
#else
|
||||
/* verify alignment */
|
||||
#if FP_MAX_BITS_ECC % CHAR_BIT
|
||||
#error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
|
||||
#endif
|
||||
/* max bits rounded up by 8 then doubled */
|
||||
/* (ROUND8(MAX_ECC_BITS) * 2) */
|
||||
#define FP_MAX_BITS_ECC (2 * \
|
||||
((MAX_ECC_BITS + DIGIT_BIT - 1) / DIGIT_BIT) * DIGIT_BIT)
|
||||
|
||||
/* Note: For ECC verify only FP_MAX_BITS_ECC can be reduced to:
|
||||
ROUND8(MAX_ECC_BITS) + ROUND8(DIGIT_BIT) */
|
||||
#endif
|
||||
|
||||
/* verify alignment */
|
||||
#if FP_MAX_BITS_ECC % CHAR_BIT
|
||||
#error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
|
||||
#endif
|
||||
|
||||
/* determine buffer size */
|
||||
|
@ -347,12 +352,26 @@ typedef struct {
|
|||
|
||||
/* ECC Flags */
|
||||
enum {
|
||||
WC_ECC_FLAG_NONE = 0x00,
|
||||
WC_ECC_FLAG_NONE = 0x00,
|
||||
#ifdef HAVE_ECC_CDH
|
||||
WC_ECC_FLAG_COFACTOR = 0x01,
|
||||
#endif
|
||||
WC_ECC_FLAG_DEC_SIGN = 0x02,
|
||||
};
|
||||
|
||||
/* ECC non-blocking */
|
||||
#ifdef WC_ECC_NONBLOCK
|
||||
typedef struct ecc_nb_ctx {
|
||||
#if defined(WOLFSSL_HAVE_SP_ECC) && defined(WOLFSSL_SP_NONBLOCK)
|
||||
sp_ecc_ctx_t sp_ctx;
|
||||
#else
|
||||
/* build configuration not supported */
|
||||
#error ECC non-blocking only supports SP (--enable-sp=nonblock)
|
||||
#endif
|
||||
} ecc_nb_ctx_t;
|
||||
#endif /* WC_ECC_NONBLOCK */
|
||||
|
||||
|
||||
/* An ECC Key */
|
||||
struct ecc_key {
|
||||
int type; /* Public or Private */
|
||||
|
@ -369,7 +388,7 @@ struct ecc_key {
|
|||
void* heap; /* heap hint */
|
||||
ecc_point pubkey; /* public key */
|
||||
mp_int k; /* private key */
|
||||
#ifdef WOLFSSL_ATECC508A
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
|
||||
int slot; /* Key Slot Number (-1 unknown) */
|
||||
byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
|
||||
#endif
|
||||
|
@ -413,6 +432,12 @@ struct ecc_key {
|
|||
#ifdef WOLFSSL_DSP
|
||||
remote_handle64 handle;
|
||||
#endif
|
||||
#ifdef ECC_TIMING_RESISTANT
|
||||
WC_RNG* rng;
|
||||
#endif
|
||||
#ifdef WC_ECC_NONBLOCK
|
||||
ecc_nb_ctx_t* nb_ctx;
|
||||
#endif
|
||||
};
|
||||
|
||||
|
||||
|
@ -427,7 +452,7 @@ extern const size_t ecc_sets_count;
|
|||
WOLFSSL_API
|
||||
const char* wc_ecc_get_name(int curve_id);
|
||||
|
||||
#ifndef WOLFSSL_ATECC508A
|
||||
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
|
||||
|
||||
#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
|
||||
#define ECC_API WOLFSSL_API
|
||||
|
@ -446,6 +471,10 @@ ECC_API int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
|
|||
ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a,
|
||||
mp_int* modulus, mp_digit mp);
|
||||
|
||||
WOLFSSL_LOCAL
|
||||
int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B, ecc_point* R,
|
||||
mp_int* a, mp_int* modulus, mp_digit mp, int* infinity);
|
||||
|
||||
#endif
|
||||
|
||||
WOLFSSL_API
|
||||
|
@ -453,8 +482,13 @@ int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
|
|||
WOLFSSL_ABI WOLFSSL_API
|
||||
int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_make_key_ex2(WC_RNG* rng, int keysize, ecc_key* key, int curve_id,
|
||||
int flags);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_check_key(ecc_key* key);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime);
|
||||
|
@ -472,7 +506,8 @@ WOLFSSL_API
|
|||
int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
|
||||
byte* out, word32 *outlen);
|
||||
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL)
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
|
||||
defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL)
|
||||
#define wc_ecc_shared_secret_ssh wc_ecc_shared_secret
|
||||
#else
|
||||
#define wc_ecc_shared_secret_ssh wc_ecc_shared_secret_ex /* For backwards compat */
|
||||
|
@ -521,6 +556,12 @@ WOLFSSL_API
|
|||
int wc_ecc_set_flags(ecc_key* key, word32 flags);
|
||||
WOLFSSL_API
|
||||
void wc_ecc_fp_free(void);
|
||||
WOLFSSL_LOCAL
|
||||
void wc_ecc_fp_init(void);
|
||||
#ifdef ECC_TIMING_RESISTANT
|
||||
WOLFSSL_API
|
||||
int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API
|
||||
int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id);
|
||||
|
@ -568,14 +609,20 @@ WOLFSSL_API
|
|||
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_point_is_at_infinity(ecc_point *p);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_point_is_on_curve(ecc_point *p, int curve_idx);
|
||||
|
||||
#ifndef WOLFSSL_ATECC508A
|
||||
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
|
||||
WOLFSSL_API
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* a, mp_int* modulus, int map);
|
||||
WOLFSSL_LOCAL
|
||||
int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* a, mp_int* modulus, int map, void* heap);
|
||||
WOLFSSL_LOCAL
|
||||
int wc_ecc_mulmod_ex2(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
|
||||
mp_int* modulus, mp_int* order, WC_RNG* rng, int map,
|
||||
void* heap);
|
||||
#endif /* !WOLFSSL_ATECC508A */
|
||||
|
||||
|
||||
|
@ -754,6 +801,10 @@ int sp_dsp_ecc_verify_256(remote_handle64 handle, const byte* hash, word32 hashL
|
|||
mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
|
||||
#endif
|
||||
|
||||
#ifdef WC_ECC_NONBLOCK
|
||||
WOLFSSL_API int wc_ecc_set_nonblock(ecc_key *key, ecc_nb_ctx_t* ctx);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
|
|
@ -22,6 +22,11 @@
|
|||
/*!
|
||||
\file wolfssl/wolfcrypt/error-crypt.h
|
||||
*/
|
||||
/*
|
||||
DESCRIPTION
|
||||
This library defines error codes and contians routines for setting and examining
|
||||
the error status.
|
||||
*/
|
||||
|
||||
#ifndef WOLF_CRYPT_ERROR_H
|
||||
#define WOLF_CRYPT_ERROR_H
|
||||
|
@ -227,10 +232,10 @@ enum {
|
|||
CRYPTOCB_UNAVAILABLE= -271, /* Crypto callback unavailable */
|
||||
PKCS7_SIGNEEDS_CHECK= -272, /* signature needs verified by caller */
|
||||
PSS_SALTLEN_RECOVER_E=-273, /* PSS slat length not recoverable */
|
||||
CHACHA_POLY_OVERFLOW =-274, /* ChaCha20Poly1305 limit overflow */
|
||||
ASN_SELF_SIGNED_E = -275, /* ASN self-signed certificate error */
|
||||
|
||||
ASN_SELF_SIGNED_E = -274, /* ASN self-signed certificate error */
|
||||
|
||||
WC_LAST_E = -274, /* Update this to indicate last error */
|
||||
WC_LAST_E = -275, /* Update this to indicate last error */
|
||||
MIN_CODE_E = -300 /* errors -101 - -299 */
|
||||
|
||||
/* add new companion error id strings for any new error codes
|
||||
|
|
|
@ -27,7 +27,9 @@
|
|||
|
||||
#if defined(HAVE_CURVE448) || defined(HAVE_ED448)
|
||||
|
||||
#ifndef WOLFSSL_LINUXKM
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
|
||||
|
@ -40,7 +42,7 @@
|
|||
#endif
|
||||
|
||||
/* default to be faster but take more memory */
|
||||
#if !defined(CURVE448_SMALL) || !defined(ED448_SMALL)
|
||||
#if !defined(CURVE448_SMALL) && !defined(ED448_SMALL)
|
||||
|
||||
#if defined(CURVED448_128BIT)
|
||||
typedef int64_t fe448;
|
||||
|
|
|
@ -28,8 +28,10 @@
|
|||
#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
|
||||
|
||||
#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
|
||||
#ifndef WOLFSSL_LINUXKM
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
|
||||
|
@ -79,7 +81,7 @@ Bounds on each t[i] vary depending on context.
|
|||
#if !defined(FREESCALE_LTC_ECC)
|
||||
WOLFSSL_LOCAL void fe_init(void);
|
||||
|
||||
WOLFSSL_LOCAL int curve25519(byte * q, byte * n, byte * p);
|
||||
WOLFSSL_LOCAL int curve25519(byte * q, const byte * n, const byte * p);
|
||||
#endif
|
||||
|
||||
/* default to be faster but take more memory */
|
||||
|
|
|
@ -131,11 +131,11 @@ typedef union {
|
|||
#ifdef WOLFSSL_SHA3
|
||||
wc_Sha3 sha3;
|
||||
#endif
|
||||
} Hash;
|
||||
} wc_Hmac_Hash;
|
||||
|
||||
/* Hmac digest */
|
||||
struct Hmac {
|
||||
Hash hash;
|
||||
wc_Hmac_Hash hash;
|
||||
word32 ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
|
||||
word32 opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
|
||||
word32 innerHash[WC_MAX_DIGEST_SIZE / sizeof(word32)];
|
||||
|
|
|
@ -42,7 +42,11 @@
|
|||
#include <libs/libwolfssl/wolfcrypt/random.h>
|
||||
|
||||
#ifndef CHAR_BIT
|
||||
#include <limits.h>
|
||||
#if defined(WOLFSSL_LINUXKM)
|
||||
#include <linux/limits.h>
|
||||
#else
|
||||
#include <limits.h>
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/mpi_class.h>
|
||||
|
@ -301,6 +305,7 @@ MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
|
|||
MP_API void mp_zero (mp_int * a);
|
||||
MP_API void mp_clamp (mp_int * a);
|
||||
MP_API void mp_exch (mp_int * a, mp_int * b);
|
||||
MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
|
||||
MP_API void mp_rshd (mp_int * a, int b);
|
||||
MP_API void mp_rshb (mp_int * a, int b);
|
||||
MP_API int mp_mod_2d (mp_int * a, int b, mp_int * c);
|
||||
|
@ -318,6 +323,7 @@ MP_API int mp_is_bit_set (mp_int * a, mp_digit b);
|
|||
MP_API int mp_mod (mp_int * a, mp_int * b, mp_int * c);
|
||||
MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
|
||||
MP_API int mp_div_2(mp_int * a, mp_int * b);
|
||||
MP_API int mp_div_2_mod_ct (mp_int* a, mp_int* b, mp_int* c);
|
||||
MP_API int mp_add (mp_int * a, mp_int * b, mp_int * c);
|
||||
int s_mp_add (mp_int * a, mp_int * b, mp_int * c);
|
||||
int s_mp_sub (mp_int * a, mp_int * b, mp_int * c);
|
||||
|
@ -332,6 +338,7 @@ MP_API int mp_exptmod_base_2 (mp_int * X, mp_int * P, mp_int * Y);
|
|||
MP_API int mp_montgomery_setup (mp_int * n, mp_digit * rho);
|
||||
int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
|
||||
MP_API int mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
|
||||
#define mp_montgomery_reduce_ex(x, n, rho, ct) mp_montgomery_reduce (x, n, rho)
|
||||
MP_API void mp_dr_setup(mp_int *a, mp_digit *d);
|
||||
MP_API int mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k);
|
||||
MP_API int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
|
||||
|
@ -355,6 +362,8 @@ MP_API int mp_sqr (mp_int * a, mp_int * b);
|
|||
MP_API int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
|
||||
MP_API int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
|
||||
MP_API int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
|
||||
MP_API int mp_submod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
|
||||
MP_API int mp_addmod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
|
||||
MP_API int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
|
||||
MP_API int mp_2expt (mp_int * a, int b);
|
||||
MP_API int mp_set_bit (mp_int * a, int b);
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
#ifndef WOLFSSL_MEMORY_H
|
||||
#define WOLFSSL_MEMORY_H
|
||||
|
||||
#ifndef STRING_USER
|
||||
#if !defined(STRING_USER) && !defined(WOLFSSL_LINUXKM)
|
||||
#include <stdlib.h>
|
||||
#endif
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
|
@ -110,7 +110,11 @@ WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*,
|
|||
#elif defined (OPENSSL_EXTRA)
|
||||
/* extra storage in structs for multiple attributes and order */
|
||||
#ifndef LARGEST_MEM_BUCKET
|
||||
#define LARGEST_MEM_BUCKET 25600
|
||||
#ifdef WOLFSSL_TLS13
|
||||
#define LARGEST_MEM_BUCKET 30400
|
||||
#else
|
||||
#define LARGEST_MEM_BUCKET 25600
|
||||
#endif
|
||||
#endif
|
||||
#define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,\
|
||||
LARGEST_MEM_BUCKET
|
||||
|
|
|
@ -18,9 +18,13 @@
|
|||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
/*
|
||||
|
||||
DESCRIPTION
|
||||
This module implements the arithmetic-shift right, left, byte swapping, XOR,
|
||||
masking and clearing memory logic.
|
||||
|
||||
|
||||
*/
|
||||
#ifndef WOLF_CRYPT_MISC_H
|
||||
#define WOLF_CRYPT_MISC_H
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
|
|
|
@ -154,8 +154,9 @@ enum Pkcs7_Misc {
|
|||
MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
|
||||
MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ,
|
||||
#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
|
||||
(HAVE_FIPS_VERSION >= 2)) || defined(HAVE_SELFTEST)
|
||||
/* In the event of fips cert 3389 or CAVP selftest build, these enums are
|
||||
(HAVE_FIPS_VERSION >= 2)) || (defined(HAVE_SELFTEST) && \
|
||||
(!defined(HAVE_SELFTEST_VERSION) || HAVE_SELFTEST_VERSION < 2))
|
||||
/* In the event of fips cert 3389 or CAVP selftest v1 build, these enums are
|
||||
* not in aes.h for use with pkcs7 so enumerate it here outside the fips
|
||||
* boundary */
|
||||
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
|
||||
|
|
|
@ -119,9 +119,12 @@ WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz, word32 data
|
|||
WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz,
|
||||
byte* input, word32 sz, byte* tag, word32 tagSz);
|
||||
|
||||
void poly1305_block(Poly1305* ctx, const unsigned char *m);
|
||||
#if defined(__aarch64__ ) && defined(WOLFSSL_ARMASM)
|
||||
void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
|
||||
size_t bytes);
|
||||
void poly1305_block(Poly1305* ctx, const unsigned char *m);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
|
|
@ -39,7 +39,7 @@
|
|||
#include "soc/hwcrypto_reg.h"
|
||||
#include "soc/cpu.h"
|
||||
#include "driver/periph_ctrl.h"
|
||||
#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1
|
||||
#if ESP_IDF_VERSION_MAJOR >= 4
|
||||
#include <esp32/rom/ets_sys.h>
|
||||
#else
|
||||
#include <rom/ets_sys.h>
|
||||
|
@ -55,7 +55,7 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
|
|||
|
||||
#ifndef NO_AES
|
||||
|
||||
#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1
|
||||
#if ESP_IDF_VERSION_MAJOR >= 4
|
||||
#include "esp32/rom/aes.h"
|
||||
#else
|
||||
#include "rom/aes.h"
|
||||
|
@ -89,7 +89,7 @@ uint64_t wc_esp32elapsedTime();
|
|||
|
||||
/* RAW hash function APIs are not implemented with esp32 hardware acceleration*/
|
||||
#define WOLFSSL_NO_HASH_RAW
|
||||
#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1
|
||||
#if ESP_IDF_VERSION_MAJOR >= 4
|
||||
#include "esp32/rom/sha.h"
|
||||
#else
|
||||
#include "rom/sha.h"
|
||||
|
|
|
@ -35,6 +35,13 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define TSIP_SESSIONKEY_NONCE_SIZE 8
|
||||
|
||||
typedef enum {
|
||||
WOLFSSL_TSIP_NOERROR = 0,
|
||||
WOLFSSL_TSIP_ILLEGAL_CIPHERSUITE = 0xffffffff,
|
||||
}wolfssl_tsip_error_number;
|
||||
|
||||
typedef enum {
|
||||
tsip_Key_SESSION = 1,
|
||||
tsip_Key_AES128 = 2,
|
||||
|
@ -52,6 +59,34 @@ enum {
|
|||
l_TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d,
|
||||
};
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=109)
|
||||
|
||||
typedef struct
|
||||
{
|
||||
uint8_t *encrypted_provisioning_key;
|
||||
uint8_t *iv;
|
||||
uint8_t *encrypted_user_tls_key;
|
||||
uint32_t encrypted_user_tls_key_type;
|
||||
tsip_tls_ca_certification_public_key_index_t user_rsa2048_tls_pubindex;
|
||||
} tsip_key_data;
|
||||
|
||||
void tsip_inform_user_keys_ex(
|
||||
byte* provisioning_key, /* key got from DLM server */
|
||||
byte* iv, /* iv used for public key */
|
||||
byte* encrypted_public_key,/*RSA2048 or ECDSAp256 public key*/
|
||||
word32 public_key_type); /* 0: RSA-2048 2:ECDSA P-256 */
|
||||
|
||||
int tsip_generateMasterSecretEx(
|
||||
byte cipherSuiteFirst,
|
||||
byte cipherSuite,
|
||||
const byte* pr, /* pre-master */
|
||||
const byte* cr, /* client random */
|
||||
const byte* sr, /* server random */
|
||||
byte* ms);
|
||||
|
||||
|
||||
#elif defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=106)
|
||||
|
||||
typedef struct
|
||||
{
|
||||
uint8_t *encrypted_session_key;
|
||||
|
@ -60,45 +95,81 @@ typedef struct
|
|||
tsip_tls_ca_certification_public_key_index_t user_rsa2048_tls_pubindex;
|
||||
} tsip_key_data;
|
||||
|
||||
struct WOLFSSL;
|
||||
|
||||
int tsip_Open( );
|
||||
void tsip_Close( );
|
||||
int tsip_hw_lock();
|
||||
void tsip_hw_unlock( void );
|
||||
int tsip_usable(const struct WOLFSSL *ssl);
|
||||
void tsip_inform_sflash_signedcacert(const byte *ps_flash,
|
||||
const byte *psigned_ca_cert, word32 len);
|
||||
void tsip_inform_cert_sign(const byte *sign);
|
||||
/* set / get key */
|
||||
void tsip_inform_user_keys(byte *encrypted_session_key, byte *iv,
|
||||
byte *encrypted_user_tls_key);
|
||||
|
||||
byte tsip_rootCAverified( );
|
||||
byte tsip_checkCA(word32 cmIdx);
|
||||
int tsip_tls_RootCertVerify(const byte *cert , word32 cert_len,
|
||||
word32 key_n_start, word32 key_n_len,
|
||||
word32 key_e_start, word32 key_e_len,
|
||||
word32 cm_row);
|
||||
int tsip_tls_CertVerify(const byte *cert, word32 certSz,
|
||||
const byte *signature, word32 sigSz,
|
||||
word32 key_n_start, word32 key_n_len,
|
||||
word32 key_e_start, word32 key_e_len,
|
||||
byte *tsip_encRsaKeyIdx);
|
||||
void tsip_inform_key_position(const word32 key_n_start, const word32 key_n_len,
|
||||
const word32 key_e_start, const word32 key_e_len);
|
||||
int tsip_generatePremasterSecret(byte *premaster, word32 preSz);
|
||||
int tsip_generateEncryptPreMasterSecret(struct WOLFSSL *ssl, byte *out,
|
||||
word32 *outSz);
|
||||
int tsip_generateMasterSecret(const byte *pre, const byte *cr,const byte *sr,
|
||||
byte *ms);
|
||||
int tsip_generateSeesionKey(struct WOLFSSL *ssl);
|
||||
int tsip_Sha256Hmac(const struct WOLFSSL *ssl, const byte *myInner,
|
||||
word32 innerSz, const byte *in, word32 sz, byte *digest,
|
||||
word32 verify);
|
||||
int tsip_Sha1Hmac(const struct WOLFSSL *ssl, const byte *myInner,
|
||||
word32 innerSz, const byte *in, word32 sz, byte *digest,
|
||||
word32 verify);
|
||||
#endif
|
||||
|
||||
struct WOLFSSL;
|
||||
|
||||
int tsip_Open();
|
||||
|
||||
void tsip_Close();
|
||||
|
||||
int tsip_hw_lock();
|
||||
|
||||
void tsip_hw_unlock( void );
|
||||
|
||||
int tsip_usable(const struct WOLFSSL *ssl);
|
||||
|
||||
void tsip_inform_sflash_signedcacert(
|
||||
const byte* ps_flash,
|
||||
const byte* psigned_ca_cert,
|
||||
word32 len);
|
||||
void tsip_inform_cert_sign(const byte *sign);
|
||||
|
||||
byte tsip_rootCAverified();
|
||||
|
||||
byte tsip_checkCA(word32 cmIdx);
|
||||
|
||||
int tsip_tls_RootCertVerify(
|
||||
const byte* cert, word32 cert_len,
|
||||
word32 key_n_start, word32 key_n_len,
|
||||
word32 key_e_start, word32 key_e_len,
|
||||
word32 cm_row);
|
||||
|
||||
int tsip_tls_CertVerify(
|
||||
const byte* cert, word32 certSz,
|
||||
const byte* signature, word32 sigSz,
|
||||
word32 key_n_start, word32 key_n_len,
|
||||
word32 key_e_start, word32 key_e_len,
|
||||
byte* tsip_encRsaKeyIdx);
|
||||
|
||||
void tsip_inform_key_position(
|
||||
const word32 key_n_start,
|
||||
const word32 key_n_len,
|
||||
const word32 key_e_start,
|
||||
const word32 key_e_len);
|
||||
|
||||
int tsip_generatePremasterSecret(
|
||||
byte* premaster,
|
||||
word32 preSz);
|
||||
|
||||
int tsip_generateEncryptPreMasterSecret(
|
||||
struct WOLFSSL* ssl,
|
||||
byte* out,
|
||||
word32* outSz);
|
||||
|
||||
int tsip_generateSeesionKey(struct WOLFSSL *ssl);
|
||||
|
||||
int tsip_Sha256Hmac(
|
||||
const struct WOLFSSL *ssl,
|
||||
const byte* myInner,
|
||||
word32 innerSz,
|
||||
const byte* in,
|
||||
word32 sz,
|
||||
byte* digest,
|
||||
word32 verify);
|
||||
|
||||
int tsip_Sha1Hmac(
|
||||
const struct WOLFSSL *ssl,
|
||||
const byte* myInner,
|
||||
word32 innerSz,
|
||||
const byte* in,
|
||||
word32 sz,
|
||||
byte* digest,
|
||||
word32 verify);
|
||||
|
||||
#if (!defined(NO_SHA) || !defined(NO_SHA256)) && \
|
||||
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
|
||||
|
@ -128,10 +199,10 @@ typedef wolfssl_TSIP_Hash wc_Sha;
|
|||
#endif /* NO_SHA */
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
|
||||
typedef struct {
|
||||
tsip_aes_key_index_t tsip_keyIdx;
|
||||
word32 keySize;
|
||||
} TSIP_AES_CTX;
|
||||
typedef struct {
|
||||
tsip_aes_key_index_t tsip_keyIdx;
|
||||
word32 keySize;
|
||||
} TSIP_AES_CTX;
|
||||
|
||||
struct Aes;
|
||||
int wc_tsip_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in,
|
||||
|
|
|
@ -27,14 +27,15 @@
|
|||
#include <libs/libwolfssl/wolfcrypt/settings.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/error-crypt.h>
|
||||
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC_PKCB)
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
|
||||
defined(WOLFSSL_ATECC_PKCB)
|
||||
#undef SHA_BLOCK_SIZE
|
||||
#define SHA_BLOCK_SIZE SHA_BLOCK_SIZE_REMAP
|
||||
#include <cryptoauthlib.h>
|
||||
#undef SHA_BLOCK_SIZE
|
||||
#endif
|
||||
|
||||
/* ATECC508A only supports ECC P-256 */
|
||||
/* ATECC508A/608A only supports ECC P-256 */
|
||||
#define ATECC_KEY_SIZE (32)
|
||||
#define ATECC_PUBKEY_SIZE (ATECC_KEY_SIZE*2) /* X and Y */
|
||||
#define ATECC_SIG_SIZE (ATECC_KEY_SIZE*2) /* R and S */
|
||||
|
@ -53,11 +54,19 @@
|
|||
#endif
|
||||
/* Symmetric encryption key */
|
||||
#ifndef ATECC_SLOT_I2C_ENC
|
||||
#define ATECC_SLOT_I2C_ENC (0x04)
|
||||
#ifdef WOLFSSL_ATECC_TNGTLS
|
||||
#define ATECC_SLOT_I2C_ENC (0x06)
|
||||
#else
|
||||
#define ATECC_SLOT_I2C_ENC (0x04)
|
||||
#endif
|
||||
#endif
|
||||
/* Parent encryption key */
|
||||
#ifndef ATECC_SLOT_ENC_PARENT
|
||||
#define ATECC_SLOT_ENC_PARENT (0x7)
|
||||
#ifdef WOLFSSL_ATECC_TNGTLS
|
||||
#define ATECC_SLOT_ENC_PARENT (0x6)
|
||||
#else
|
||||
#define ATECC_SLOT_ENC_PARENT (0x7)
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* ATECC_KEY_SIZE required for ecc.h */
|
||||
|
@ -78,7 +87,7 @@ int atmel_get_random_number(uint32_t count, uint8_t* rand_out);
|
|||
#endif
|
||||
long atmel_get_curr_time_and_date(long* tm);
|
||||
|
||||
#ifdef WOLFSSL_ATECC508A
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
|
||||
|
||||
enum atmelSlotType {
|
||||
ATMEL_SLOT_ANY,
|
||||
|
@ -100,6 +109,8 @@ int atmel_ecc_translate_err(int status);
|
|||
int atmel_get_rev_info(word32* revision);
|
||||
void atmel_show_rev_info(void);
|
||||
|
||||
WOLFSSL_API int wolfCrypt_ATECC_SetConfig(ATCAIfaceCfg* cfg);
|
||||
|
||||
/* The macro ATECC_GET_ENC_KEY can be set to override the default
|
||||
encryption key with your own at build-time */
|
||||
#ifndef ATECC_GET_ENC_KEY
|
||||
|
|
74
source/libs/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h
Normal file
74
source/libs/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h
Normal file
|
@ -0,0 +1,74 @@
|
|||
/* psoc6_crypto.h
|
||||
*
|
||||
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#ifndef _PSOC6_CRYPTO_PORT_H_
|
||||
#define _PSOC6_CRYPTO_PORT_H_
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/settings.h>
|
||||
#ifdef USE_FAST_MATH
|
||||
#include <libs/libwolfssl/wolfcrypt/tfm.h>
|
||||
#elif defined WOLFSSL_SP_MATH
|
||||
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
|
||||
#else
|
||||
#include <libs/libwolfssl/wolfcrypt/integer.h>
|
||||
#endif
|
||||
#include "cy_crypto_core_sha.h"
|
||||
#include "cy_device_headers.h"
|
||||
#include "psoc6_02_config.h"
|
||||
#include "cy_crypto_common.h"
|
||||
#include "cy_crypto_core.h"
|
||||
|
||||
#ifdef WOLFSSL_SHA512
|
||||
typedef struct wc_Sha512 {
|
||||
cy_stc_crypto_sha_state_t hash_state;
|
||||
cy_en_crypto_sha_mode_t sha_mode;
|
||||
cy_stc_crypto_v2_sha512_buffers_t sha_buffers;
|
||||
} wc_Sha512;
|
||||
|
||||
#define WC_SHA512_TYPE_DEFINED
|
||||
#include <libs/libwolfssl/wolfcrypt/sha512.h>
|
||||
#endif
|
||||
|
||||
#ifndef NO_SHA256
|
||||
|
||||
typedef struct wc_Sha256 {
|
||||
cy_stc_crypto_sha_state_t hash_state;
|
||||
cy_en_crypto_sha_mode_t sha_mode;
|
||||
cy_stc_crypto_v2_sha256_buffers_t sha_buffers;
|
||||
} wc_Sha256;
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/sha.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/sha256.h>
|
||||
#endif /* !def NO_SHA256 */
|
||||
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
#include <libs/libwolfssl/wolfcrypt/ecc.h>
|
||||
int psoc6_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
||||
word32 hashlen, int* verif_res, ecc_key* key);
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#define PSOC6_CRYPTO_BASE ((CRYPTO_Type*) CRYPTO_BASE)
|
||||
|
||||
/* Crypto HW engine initialization */
|
||||
int psoc6_crypto_port_init(void);
|
||||
|
||||
#endif /* _PSOC6_CRYPTO_PORT_H_ */
|
77
source/libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h
Normal file
77
source/libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h
Normal file
|
@ -0,0 +1,77 @@
|
|||
/* dcp_port.h
|
||||
*
|
||||
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
#ifndef _DCP_PORT_H_
|
||||
#define _DCP_PORT_H_
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/settings.h>
|
||||
#ifdef USE_FAST_MATH
|
||||
#include <libs/libwolfssl/wolfcrypt/tfm.h>
|
||||
#elif defined WOLFSSL_SP_MATH
|
||||
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
|
||||
#else
|
||||
#include <libs/libwolfssl/wolfcrypt/integer.h>
|
||||
#endif
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/aes.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/error-crypt.h>
|
||||
#include "fsl_device_registers.h"
|
||||
#include "fsl_debug_console.h"
|
||||
#include "fsl_dcp.h"
|
||||
|
||||
int wc_dcp_init(void);
|
||||
|
||||
#ifndef NO_AES
|
||||
int DCPAesInit(Aes* aes);
|
||||
void DCPAesFree(Aes *aes);
|
||||
|
||||
int DCPAesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
|
||||
int dir);
|
||||
int DCPAesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
|
||||
int DCPAesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_AES_ECB
|
||||
int DCPAesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
|
||||
int DCPAesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
|
||||
#endif
|
||||
|
||||
#ifndef NO_SHA256
|
||||
typedef struct wc_Sha256_DCP {
|
||||
dcp_handle_t handle;
|
||||
dcp_hash_ctx_t ctx;
|
||||
} wc_Sha256;
|
||||
#define WC_SHA256_TYPE_DEFINED
|
||||
|
||||
void DCPSha256Free(wc_Sha256 *sha256);
|
||||
|
||||
#endif
|
||||
|
||||
#ifndef NO_SHA
|
||||
typedef struct wc_Sha_DCP {
|
||||
dcp_handle_t handle;
|
||||
dcp_hash_ctx_t ctx;
|
||||
} wc_Sha;
|
||||
#define WC_SHA_TYPE_DEFINED
|
||||
|
||||
void DCPShaFree(wc_Sha *sha);
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -65,8 +65,8 @@ int ksdk_port_init(void);
|
|||
int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m);
|
||||
|
||||
#ifdef HAVE_CURVE25519
|
||||
int wc_curve25519(ECPoint *q, byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type);
|
||||
const ECPoint *wc_curve25519_GetBasePoint(void);
|
||||
int nxp_ltc_curve25519(ECPoint *q, const byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type);
|
||||
const ECPoint *nxp_ltc_curve25519_GetBasePoint(void);
|
||||
status_t LTC_PKHA_Curve25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
|
||||
status_t LTC_PKHA_WeierstrassToCurve25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
|
||||
status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint);
|
||||
|
|
|
@ -28,11 +28,6 @@
|
|||
#include <libs/libwolfssl/wolfcrypt/settings.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
|
||||
#if defined(WOLFSSL_STM32_PKA) && defined(HAVE_ECC)
|
||||
#include <libs/libwolfssl/wolfcrypt/integer.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/ecc.h>
|
||||
#endif
|
||||
|
||||
#ifdef STM32_HASH
|
||||
|
||||
#define WOLFSSL_NO_HASH_RAW
|
||||
|
@ -54,6 +49,9 @@
|
|||
#if !defined(HASH_DATATYPE_8B) && defined(HASH_DataType_8b)
|
||||
#define HASH_DATATYPE_8B HASH_DataType_8b
|
||||
#endif
|
||||
#ifndef HASH_STR_NBW
|
||||
#define HASH_STR_NBW HASH_STR_NBLW
|
||||
#endif
|
||||
|
||||
#ifndef STM32_HASH_TIMEOUT
|
||||
#define STM32_HASH_TIMEOUT 0xFFFF
|
||||
|
@ -93,19 +91,30 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
|
|||
|
||||
#ifndef NO_AES
|
||||
#if !defined(STM32_CRYPTO_AES_GCM) && (defined(WOLFSSL_STM32F4) || \
|
||||
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32L4))
|
||||
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32L4) || \
|
||||
defined(WOLFSSL_STM32L5) || defined(WOLFSSL_STM32H7))
|
||||
/* Hardware supports AES GCM acceleration */
|
||||
#define STM32_CRYPTO_AES_GCM
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STM32L4
|
||||
#if defined(WOLFSSL_STM32WB)
|
||||
#define STM32_CRYPTO_AES_ONLY /* crypto engine only supports AES */
|
||||
#define CRYP AES1
|
||||
#define STM32_HAL_V2
|
||||
#endif
|
||||
#if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5)
|
||||
#ifdef WOLFSSL_STM32L4
|
||||
#define STM32_CRYPTO_AES_ONLY /* crypto engine only supports AES */
|
||||
#endif
|
||||
#define CRYP AES
|
||||
#ifndef CRYP_AES_GCM
|
||||
#define CRYP_AES_GCM CRYP_AES_GCM_GMAC
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* Detect newer CubeMX crypto HAL (HAL_CRYP_Encrypt / HAL_CRYP_Decrypt) */
|
||||
#if !defined(STM32_HAL_V2) && \
|
||||
defined(WOLFSSL_STM32F7) && defined(CRYP_AES_GCM)
|
||||
#if !defined(STM32_HAL_V2) && defined(CRYP_AES_GCM) && \
|
||||
(defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32L5) || defined(WOLFSSL_STM32H7))
|
||||
#define STM32_HAL_V2
|
||||
#endif
|
||||
|
||||
|
@ -122,7 +131,7 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
|
|||
struct Aes;
|
||||
#ifdef WOLFSSL_STM32_CUBEMX
|
||||
int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_HandleTypeDef* hcryp);
|
||||
#else /* STD_PERI_LIB */
|
||||
#else /* Standard Peripheral Library */
|
||||
int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_InitTypeDef* cryptInit,
|
||||
CRYP_KeyInitTypeDef* keyInit);
|
||||
#endif /* WOLFSSL_STM32_CUBEMX */
|
||||
|
@ -131,12 +140,25 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
|
|||
#endif /* STM32_CRYPTO */
|
||||
|
||||
#if defined(WOLFSSL_STM32_PKA) && defined(HAVE_ECC)
|
||||
int stm32_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
||||
word32 hashlen, int* res, ecc_key* key);
|
||||
|
||||
int stm32_ecc_sign_hash_ex(const byte* hash, word32 hashlen, WC_RNG* rng,
|
||||
ecc_key* key, mp_int *r, mp_int *s);
|
||||
#ifdef WOLFSSL_SP_MATH
|
||||
struct sp_int;
|
||||
#define MATH_INT_T struct sp_int
|
||||
#elif defined(USE_FAST_MATH)
|
||||
struct fp_int;
|
||||
#define MATH_INT_T struct fp_int
|
||||
#else
|
||||
struct mp_int;
|
||||
#define MATH_INT_T struct mp_int
|
||||
#endif
|
||||
struct ecc_key;
|
||||
struct WC_RNG;
|
||||
|
||||
int stm32_ecc_verify_hash_ex(MATH_INT_T *r, MATH_INT_T *s, const byte* hash,
|
||||
word32 hashlen, int* res, struct ecc_key* key);
|
||||
|
||||
int stm32_ecc_sign_hash_ex(const byte* hash, word32 hashlen, struct WC_RNG* rng,
|
||||
struct ecc_key* key, MATH_INT_T *r, MATH_INT_T *s);
|
||||
#endif /* WOLFSSL_STM32_PKA && HAVE_ECC */
|
||||
|
||||
|
||||
#endif /* _WOLFPORT_STM32_H_ */
|
||||
|
|
|
@ -149,6 +149,23 @@ typedef struct OS_Seed {
|
|||
#define WC_RNG_TYPE_DEFINED
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_HASHDRBG
|
||||
struct DRBG_internal {
|
||||
word32 reseedCtr;
|
||||
word32 lastBlock;
|
||||
byte V[DRBG_SEED_LEN];
|
||||
byte C[DRBG_SEED_LEN];
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
|
||||
void* heap;
|
||||
int devId;
|
||||
#endif
|
||||
byte matchCount;
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
wc_Sha256 sha256;
|
||||
#endif
|
||||
};
|
||||
#endif
|
||||
|
||||
/* RNG context */
|
||||
struct WC_RNG {
|
||||
OS_Seed seed;
|
||||
|
@ -157,18 +174,7 @@ struct WC_RNG {
|
|||
/* Hash-based Deterministic Random Bit Generator */
|
||||
struct DRBG* drbg;
|
||||
#if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY)
|
||||
#define DRBG_STRUCT_SZ ((sizeof(word32)*3) + (DRBG_SEED_LEN*2))
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
#define DRBG_STRUCT_SZ_SHA256 (sizeof(wc_Sha256))
|
||||
#else
|
||||
#define DRBG_STRUCT_SZ_SHA256 0
|
||||
#endif
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
|
||||
#define DRBG_STRUCT_SZ_ASYNC (sizeof(void*) + sizeof(int))
|
||||
#else
|
||||
#define DRBG_STRUCT_SZ_ASYNC 0
|
||||
#endif
|
||||
byte drbg_data[DRBG_STRUCT_SZ + DRBG_STRUCT_SZ_SHA256 + DRBG_STRUCT_SZ_ASYNC];
|
||||
struct DRBG_internal drbg_data;
|
||||
#endif
|
||||
byte status;
|
||||
#endif
|
||||
|
@ -219,7 +225,7 @@ WOLFSSL_API int wc_FreeRng(WC_RNG*);
|
|||
#define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN
|
||||
#define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN
|
||||
#define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN
|
||||
#define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN
|
||||
#define wc_RNG_GenerateBlock(rng, b, s) ({(void)rng; (void)b; (void)s; NOT_COMPILED_IN;})
|
||||
#define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN
|
||||
#define wc_FreeRng(rng) (void)NOT_COMPILED_IN
|
||||
#endif
|
||||
|
|
|
@ -23,7 +23,13 @@
|
|||
\file wolfssl/wolfcrypt/rsa.h
|
||||
*/
|
||||
|
||||
/*
|
||||
|
||||
DESCRIPTION
|
||||
This library provides the interface to the RSA.
|
||||
RSA keys can be used to encrypt, decrypt, sign and verify data.
|
||||
|
||||
*/
|
||||
#ifndef WOLF_CRYPT_RSA_H
|
||||
#define WOLF_CRYPT_RSA_H
|
||||
|
||||
|
@ -280,8 +286,9 @@ WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
|
|||
RsaKey*, word32);
|
||||
WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
|
||||
const byte* e, word32 eSz, RsaKey* key);
|
||||
WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
|
||||
#endif
|
||||
|
||||
#ifdef WC_RSA_BLINDING
|
||||
WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
|
||||
|
|
|
@ -62,6 +62,9 @@
|
|||
/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
|
||||
/* #define MICROCHIP_TCPIP */
|
||||
|
||||
/* Uncomment next line if using above Microchip TCP/IP defines with BSD API */
|
||||
/* #define MICROCHIP_TCPIP_BSD_API */
|
||||
|
||||
/* Uncomment next line if using PIC32MZ Crypto Engine */
|
||||
/* #define WOLFSSL_MICROCHIP_PIC32MZ */
|
||||
|
||||
|
@ -209,10 +212,20 @@
|
|||
/* Uncomment next line if using RENESAS RX64N */
|
||||
/* #define WOLFSSL_RENESAS_RX65N */
|
||||
|
||||
/* Uncomment next line if using Solaris OS*/
|
||||
/* #define WOLFSSL_SOLARIS */
|
||||
|
||||
/* Uncomment next line if building for Linux Kernel Module */
|
||||
/* #define WOLFSSL_LINUXKM */
|
||||
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/visibility.h>
|
||||
|
||||
#ifdef WOLFSSL_USER_SETTINGS
|
||||
#include "user_settings.h"
|
||||
#elif defined(USE_HAL_DRIVER) && !defined(HAVE_CONFIG_H)
|
||||
/* STM Configuration File (generated by CubeMX) */
|
||||
#include "wolfSSL.wolfSSL_conf.h"
|
||||
#endif
|
||||
|
||||
|
||||
|
@ -292,7 +305,7 @@
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_RA6M3G)
|
||||
#if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3)
|
||||
/* settings in user_settings.h */
|
||||
#endif
|
||||
|
||||
|
@ -337,7 +350,9 @@
|
|||
/* #define WOLFSSL_MICROCHIP_PIC32MZ */
|
||||
#define SIZEOF_LONG_LONG 8
|
||||
#define SINGLE_THREADED
|
||||
#define WOLFSSL_USER_IO
|
||||
#ifndef MICROCHIP_TCPIP_BSD_API
|
||||
#define WOLFSSL_USER_IO
|
||||
#endif
|
||||
#define NO_WRITEV
|
||||
#define NO_DEV_RANDOM
|
||||
#define NO_FILESYSTEM
|
||||
|
@ -375,6 +390,16 @@
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_ATECC508A
|
||||
/* backwards compatibility */
|
||||
#ifndef WOLFSSL_ATECC_NO_ECDH_ENC
|
||||
#define WOLFSSL_ATECC_ECDH_ENC
|
||||
#endif
|
||||
#ifdef WOLFSSL_ATECC508A_DEBUG
|
||||
#define WOLFSSL_ATECC_DEBUG
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef MBED
|
||||
#define WOLFSSL_USER_IO
|
||||
#define NO_FILESYSTEM
|
||||
|
@ -601,7 +626,6 @@
|
|||
#ifdef WOLFSSL_NRF5x
|
||||
#define SIZEOF_LONG 4
|
||||
#define SIZEOF_LONG_LONG 8
|
||||
#define NO_ASN_TIME
|
||||
#define NO_DEV_RANDOM
|
||||
#define NO_FILESYSTEM
|
||||
#define NO_MAIN_DRIVER
|
||||
|
@ -609,7 +633,6 @@
|
|||
#define SINGLE_THREADED
|
||||
#define USE_FAST_MATH
|
||||
#define TFM_TIMING_RESISTANT
|
||||
#define USE_WOLFSSL_MEMORY
|
||||
#define WOLFSSL_NRF51
|
||||
#define WOLFSSL_USER_IO
|
||||
#define NO_SESSION_CACHE
|
||||
|
@ -703,7 +726,7 @@ extern void uITRON4_free(void *p) ;
|
|||
https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
|
||||
#if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || defined(HAVE_ED448)
|
||||
#if defined(WOLFSSL_ESPIDF)
|
||||
/*In IDF, realloc(p, n) is equivalent to
|
||||
/*In IDF, realloc(p, n) is equivalent to
|
||||
heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */
|
||||
#define XREALLOC(p, n, h, t) realloc((p), (n))
|
||||
#else
|
||||
|
@ -812,7 +835,9 @@ extern void uITRON4_free(void *p) ;
|
|||
#undef SIZEOF_LONG
|
||||
#define SIZEOF_LONG_LONG 8
|
||||
#else
|
||||
#error settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
|
||||
#if !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
|
||||
#error settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
|
||||
|
@ -822,7 +847,9 @@ extern void uITRON4_free(void *p) ;
|
|||
#if (WINMSP3)
|
||||
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
|
||||
#else
|
||||
#sslpro: settings.h - please implement XSTRNCASECMP - needed for HAVE_ECC
|
||||
#ifndef XSTRNCASECMP
|
||||
#error settings.h - please implement XSTRNCASECMP - needed for HAVE_ECC
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define WOLFSSL_HAVE_MAX
|
||||
|
@ -900,6 +927,19 @@ extern void uITRON4_free(void *p) ;
|
|||
#define TFM_TIMING_RESISTANT
|
||||
#endif
|
||||
|
||||
/* To support storing some of the large constant tables in flash memory rather than SRAM.
|
||||
Useful for processors that have limited SRAM, such as the AVR family of microtrollers. */
|
||||
#ifdef WOLFSSL_USE_FLASHMEM
|
||||
/* This is supported on the avr-gcc compiler, for more information see:
|
||||
https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html */
|
||||
#define FLASH_QUALIFIER __flash
|
||||
|
||||
/* Copy data out of flash memory and into SRAM */
|
||||
#define XMEMCPY_P(pdest, psrc, size) memcpy_P((pdest), (psrc), (size))
|
||||
#else
|
||||
#define FLASH_QUALIFIER
|
||||
#endif
|
||||
|
||||
#ifdef FREESCALE_MQX_5_0
|
||||
/* use normal Freescale MQX port, but with minor changes for 5.0 */
|
||||
#define FREESCALE_MQX
|
||||
|
@ -1051,7 +1091,9 @@ extern void uITRON4_free(void *p) ;
|
|||
|
||||
/* random seed */
|
||||
#define NO_OLD_RNGNAME
|
||||
#if defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0)
|
||||
#if defined(FREESCALE_NO_RNG)
|
||||
/* nothing to define */
|
||||
#elif defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0)
|
||||
#define FREESCALE_KSDK_2_0_TRNG
|
||||
#elif defined(FSL_FEATURE_SOC_RNG_COUNT) && (FSL_FEATURE_SOC_RNG_COUNT > 0)
|
||||
#ifdef FREESCALE_KSDK_1_3
|
||||
|
@ -1187,7 +1229,8 @@ extern void uITRON4_free(void *p) ;
|
|||
|
||||
#if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \
|
||||
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \
|
||||
defined(WOLFSSL_STM32L4)
|
||||
defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
|
||||
defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7)
|
||||
|
||||
#define SIZEOF_LONG_LONG 8
|
||||
#ifndef CHAR_BIT
|
||||
|
@ -1208,7 +1251,8 @@ extern void uITRON4_free(void *p) ;
|
|||
#undef STM32_CRYPTO
|
||||
#define STM32_CRYPTO
|
||||
|
||||
#ifdef WOLFSSL_STM32L4
|
||||
#if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
|
||||
defined(WOLFSSL_STM32WB)
|
||||
#define NO_AES_192 /* hardware does not support 192-bit */
|
||||
#endif
|
||||
#endif
|
||||
|
@ -1221,8 +1265,12 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
#define NO_OLD_RNGNAME
|
||||
#ifdef WOLFSSL_STM32_CUBEMX
|
||||
#if defined(WOLFSSL_STM32F2)
|
||||
#if defined(WOLFSSL_STM32F1)
|
||||
#include "stm32f1xx_hal.h"
|
||||
#elif defined(WOLFSSL_STM32F2)
|
||||
#include "stm32f2xx_hal.h"
|
||||
#elif defined(WOLFSSL_STM32L5)
|
||||
#include "stm32l5xx_hal.h"
|
||||
#elif defined(WOLFSSL_STM32L4)
|
||||
#include "stm32l4xx_hal.h"
|
||||
#elif defined(WOLFSSL_STM32F4)
|
||||
|
@ -1231,6 +1279,10 @@ extern void uITRON4_free(void *p) ;
|
|||
#include "stm32f7xx_hal.h"
|
||||
#elif defined(WOLFSSL_STM32F1)
|
||||
#include "stm32f1xx_hal.h"
|
||||
#elif defined(WOLFSSL_STM32H7)
|
||||
#include "stm32h7xx_hal.h"
|
||||
#elif defined(WOLFSSL_STM32WB)
|
||||
#include "stm32wbxx_hal.h"
|
||||
#endif
|
||||
#if defined(WOLFSSL_CUBEMX_USE_LL) && defined(WOLFSSL_STM32L4)
|
||||
#include "stm32l4xx_ll_rng.h"
|
||||
|
@ -1256,6 +1308,14 @@ extern void uITRON4_free(void *p) ;
|
|||
#ifdef STM32_HASH
|
||||
#include "stm32f4xx_hash.h"
|
||||
#endif
|
||||
#elif defined(WOLFSSL_STM32L5)
|
||||
#include "stm32l5xx.h"
|
||||
#ifdef STM32_CRYPTO
|
||||
#include "stm32l5xx_cryp.h"
|
||||
#endif
|
||||
#ifdef STM32_HASH
|
||||
#include "stm32l5xx_hash.h"
|
||||
#endif
|
||||
#elif defined(WOLFSSL_STM32L4)
|
||||
#include "stm32l4xx.h"
|
||||
#ifdef STM32_CRYPTO
|
||||
|
@ -1266,11 +1326,14 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
#elif defined(WOLFSSL_STM32F7)
|
||||
#include "stm32f7xx.h"
|
||||
#elif defined(WOLFSSL_STM32H7)
|
||||
#include "stm32h7xx.h"
|
||||
#elif defined(WOLFSSL_STM32F1)
|
||||
#include "stm32f1xx.h"
|
||||
#endif
|
||||
#endif /* WOLFSSL_STM32_CUBEMX */
|
||||
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || WOLFSSL_STM32F7 */
|
||||
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 ||
|
||||
WOLFSSL_STM32L5 || WOLFSSL_STM32F7 || WOLFSSL_STMWB || WOLFSSL_STM32H7 */
|
||||
#ifdef WOLFSSL_DEOS
|
||||
#include <deos.h>
|
||||
#include <timeout.h>
|
||||
|
@ -1400,6 +1463,22 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
#endif /* MICRIUM */
|
||||
|
||||
#if defined(sun) || defined(__sun)
|
||||
# if defined(__SVR4) || defined(__svr4__)
|
||||
/* Solaris */
|
||||
#ifndef WOLFSSL_SOLARIS
|
||||
#define WOLFSSL_SOLARIS
|
||||
#endif
|
||||
# else
|
||||
/* SunOS */
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SOLARIS
|
||||
/* Avoid naming clash with fp_zero from math.h > ieefp.h */
|
||||
#define WOLFSSL_DH_CONST
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_MCF5441X
|
||||
#define BIG_ENDIAN_ORDER
|
||||
#ifndef SIZEOF_LONG
|
||||
|
@ -1544,6 +1623,12 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
#endif
|
||||
|
||||
/* If DCP is used without SINGLE_THREADED, enforce WOLFSSL_CRYPT_HW_MUTEX */
|
||||
#if defined(WOLFSSL_IMXRT_DCP) && !defined(SINGLE_THREADED)
|
||||
#undef WOLFSSL_CRYPT_HW_MUTEX
|
||||
#define WOLFSSL_CRYPT_HW_MUTEX 1
|
||||
#endif
|
||||
|
||||
#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
|
||||
!defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) && \
|
||||
!defined(XMALLOC_OVERRIDE)
|
||||
|
@ -2008,6 +2093,60 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
|
||||
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
#ifndef NO_DEV_RANDOM
|
||||
#define NO_DEV_RANDOM
|
||||
#endif
|
||||
#ifndef NO_WRITEV
|
||||
#define NO_WRITEV
|
||||
#endif
|
||||
#ifndef NO_FILESYSTEM
|
||||
#define NO_FILESYSTEM
|
||||
#endif
|
||||
#ifndef NO_STDIO_FILESYSTEM
|
||||
#define NO_STDIO_FILESYSTEM
|
||||
#endif
|
||||
#ifndef WOLFSSL_NO_SOCK
|
||||
#define WOLFSSL_NO_SOCK
|
||||
#endif
|
||||
#ifndef WOLFSSL_DH_CONST
|
||||
#define WOLFSSL_DH_CONST
|
||||
#endif
|
||||
#ifndef WOLFSSL_USER_IO
|
||||
#define WOLFSSL_USER_IO
|
||||
#endif
|
||||
#ifndef USE_WOLF_STRTOK
|
||||
#define USE_WOLF_STRTOK
|
||||
#endif
|
||||
#ifndef WOLFSSL_SP_MOD_WORD_RP
|
||||
#define WOLFSSL_SP_MOD_WORD_RP
|
||||
#endif
|
||||
#ifndef WOLFSSL_OLD_PRIME_CHECK
|
||||
#define WOLFSSL_OLD_PRIME_CHECK
|
||||
#endif
|
||||
#undef HAVE_STRINGS_H
|
||||
#undef HAVE_ERRNO_H
|
||||
#undef HAVE_THREAD_LS
|
||||
#undef WOLFSSL_HAVE_MIN
|
||||
#undef WOLFSSL_HAVE_MAX
|
||||
#define SIZEOF_LONG 8
|
||||
#define SIZEOF_LONG_LONG 8
|
||||
#define CHAR_BIT 8
|
||||
#ifndef WOLFSSL_SP_DIV_64
|
||||
#define WOLFSSL_SP_DIV_64
|
||||
#endif
|
||||
#ifndef WOLFSSL_SP_DIV_WORD_HALF
|
||||
#define WOLFSSL_SP_DIV_WORD_HALF
|
||||
#endif
|
||||
#ifndef SP_HALF_SIZE
|
||||
#define SP_HALF_SIZE 32
|
||||
#endif
|
||||
#ifndef SP_HALF_MAX
|
||||
#define SP_HALF_MAX 4294967295U
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
/* Place any other flags or defines here */
|
||||
|
||||
#if defined(WOLFSSL_MYSQL_COMPATIBLE) && defined(_WIN32) \
|
||||
|
@ -2196,6 +2335,21 @@ extern void uITRON4_free(void *p) ;
|
|||
#define WOLFSSL_NO_CONSTCHARCONST
|
||||
#endif
|
||||
|
||||
/* FIPS v1 does not support TLS v1.3 (requires RSA PSS and HKDF) */
|
||||
#if defined(HAVE_FIPS) && !defined(HAVE_FIPS_VERSION)
|
||||
#undef WC_RSA_PSS
|
||||
#undef WOLFSSL_TLS13
|
||||
#endif
|
||||
|
||||
/* For FIPSv2 make sure the ECDSA encoding allows extra bytes
|
||||
* but make sure users consider enabling it */
|
||||
#if !defined(NO_STRICT_ECDSA_LEN) && defined(HAVE_FIPS) && \
|
||||
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
|
||||
/* ECDSA length checks off by default for CAVP testing
|
||||
* consider enabling strict checks in production */
|
||||
#define NO_STRICT_ECDSA_LEN
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
|
|
@ -72,6 +72,9 @@
|
|||
#ifdef WOLFSSL_ESP32WROOM32_CRYPT
|
||||
#include <libs/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
|
||||
#endif
|
||||
#ifdef WOLFSSL_IMXRT_DCP
|
||||
#include <libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h>
|
||||
#endif
|
||||
|
||||
#if !defined(NO_OLD_SHA_NAMES)
|
||||
#define SHA WC_SHA
|
||||
|
@ -101,6 +104,8 @@ enum {
|
|||
#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
|
||||
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
|
||||
#include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h"
|
||||
#elif defined(WOLFSSL_PSOC6_CRYPTO)
|
||||
#include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h"
|
||||
#else
|
||||
|
||||
/* Sha digest */
|
||||
|
|
|
@ -126,6 +126,10 @@ enum {
|
|||
#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
|
||||
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
|
||||
#include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h"
|
||||
#elif defined(WOLFSSL_PSOC6_CRYPTO)
|
||||
#include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h"
|
||||
#elif defined(WOLFSSL_IMXRT_DCP)
|
||||
#include <libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h>
|
||||
#else
|
||||
|
||||
/* wc_Sha256 digest */
|
||||
|
@ -142,6 +146,7 @@ struct wc_Sha256 {
|
|||
word32 loLen; /* length in bytes */
|
||||
word32 hiLen; /* length in bytes */
|
||||
void* heap;
|
||||
#endif
|
||||
#ifdef WOLFSSL_PIC32MZ_HASH
|
||||
hashUpdCache cache; /* cache for updates */
|
||||
#endif
|
||||
|
@ -150,7 +155,7 @@ struct wc_Sha256 {
|
|||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
word32* W;
|
||||
#endif
|
||||
#endif /* !FREESCALE_LTC_SHA && !STM32_HASH_SHA2 */
|
||||
#ifdef WOLFSSL_DEVCRYPTO_HASH
|
||||
WC_CRYPTODEV ctx;
|
||||
byte* msg;
|
||||
|
@ -168,7 +173,6 @@ struct wc_Sha256 {
|
|||
int devId;
|
||||
void* devCtx; /* generic crypto callback context */
|
||||
#endif
|
||||
#endif
|
||||
#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
|
||||
word32 flags; /* enum wc_HashFlags in hash.h */
|
||||
#endif
|
||||
|
|
|
@ -58,7 +58,8 @@ enum {
|
|||
WC_SHA3_512_DIGEST_SIZE = 64,
|
||||
WC_SHA3_512_COUNT = 9,
|
||||
|
||||
#ifndef HAVE_SELFTEST
|
||||
#if !defined(HAVE_SELFTEST) || \
|
||||
defined(HAVE_SELFTEST_VERSION) && (HAVE_SELFTEST_VERSION >= 2)
|
||||
/* These values are used for HMAC, not SHA-3 directly.
|
||||
* They come from from FIPS PUB 202. */
|
||||
WC_SHA3_224_BLOCK_SIZE = 144,
|
||||
|
|
|
@ -31,6 +31,7 @@
|
|||
|
||||
#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
|
||||
|
||||
|
||||
#if defined(HAVE_FIPS) && \
|
||||
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
|
||||
#include <libs/libwolfssl/wolfcrypt/fips.h>
|
||||
|
@ -111,6 +112,8 @@ enum {
|
|||
|
||||
#ifdef WOLFSSL_IMX6_CAAM
|
||||
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
|
||||
#elif defined (WOLFSSL_PSOC6_CRYPTO)
|
||||
#include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h"
|
||||
#else
|
||||
/* wc_Sha512 digest */
|
||||
struct wc_Sha512 {
|
||||
|
@ -153,6 +156,7 @@ WOLFSSL_LOCAL void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data,
|
|||
|
||||
#ifdef WOLFSSL_SHA512
|
||||
|
||||
|
||||
WOLFSSL_API int wc_InitSha512(wc_Sha512*);
|
||||
WOLFSSL_API int wc_InitSha512_ex(wc_Sha512*, void*, int);
|
||||
WOLFSSL_API int wc_Sha512Update(wc_Sha512*, const byte*, word32);
|
||||
|
|
|
@ -28,16 +28,22 @@
|
|||
#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
|
||||
defined(WOLFSSL_HAVE_SP_ECC)
|
||||
|
||||
#ifndef WOLFSSL_LINUXKM
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/integer.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/ecc.h>
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#ifdef noinline
|
||||
#define SP_NOINLINE noinline
|
||||
#elif defined(_MSC_VER)
|
||||
#define SP_NOINLINE __declspec(noinline)
|
||||
#elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__) || defined(__KEIL__)
|
||||
#elif defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
|
||||
#define SP_NOINLINE _Pragma("inline = never")
|
||||
#elif defined(__GNUC__) || defined(__KEIL__)
|
||||
#define SP_NOINLINE __attribute__((noinline))
|
||||
#else
|
||||
#define SP_NOINLINE
|
||||
|
@ -141,7 +147,18 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
|
|||
int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ);
|
||||
int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym);
|
||||
|
||||
#endif /*ifdef WOLFSSL_HAVE_SP_ECC */
|
||||
#ifdef WOLFSSL_SP_NONBLOCK
|
||||
int sp_ecc_sign_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv,
|
||||
mp_int* rm, mp_int* sm, mp_int* km, void* heap);
|
||||
int sp_ecc_verify_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY,
|
||||
mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
|
||||
int sp_ecc_sign_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv,
|
||||
mp_int* rm, mp_int* sm, mp_int* km, void* heap);
|
||||
int sp_ecc_verify_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY,
|
||||
mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
|
||||
#endif /* WOLFSSL_HAVE_SP_ECC */
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -19,12 +19,18 @@
|
|||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
/*
|
||||
DESCRIPTION
|
||||
This library provides single precision (SP) integer math functions.
|
||||
|
||||
*/
|
||||
#ifndef WOLF_CRYPT_SP_INT_H
|
||||
#define WOLF_CRYPT_SP_INT_H
|
||||
|
||||
#ifndef WOLFSSL_LINUXKM
|
||||
#include <stdint.h>
|
||||
#include <limits.h>
|
||||
#endif
|
||||
|
||||
/* Make sure WOLFSSL_SP_ASM build option defined when requested */
|
||||
#if !defined(WOLFSSL_SP_ASM) && ( \
|
||||
|
@ -60,6 +66,7 @@
|
|||
typedef int32 sp_digit;
|
||||
typedef uint32 sp_int_digit;
|
||||
typedef uint64 sp_int_word;
|
||||
typedef int64 sp_int_sword;
|
||||
#undef SP_WORD_SIZE
|
||||
#define SP_WORD_SIZE 32
|
||||
#elif !defined(WOLFSSL_SP_ASM)
|
||||
|
@ -67,6 +74,7 @@
|
|||
typedef int32_t sp_digit;
|
||||
typedef uint32_t sp_int_digit;
|
||||
typedef uint64_t sp_int_word;
|
||||
typedef int64_t sp_int_sword;
|
||||
#elif SP_WORD_SIZE == 64
|
||||
typedef int64_t sp_digit;
|
||||
typedef uint64_t sp_int_digit;
|
||||
|
@ -78,14 +86,14 @@
|
|||
typedef long int128_t __attribute__ ((mode(TI)));
|
||||
#endif
|
||||
typedef uint128_t sp_int_word;
|
||||
#else
|
||||
#error Word size not defined
|
||||
typedef int128_t sp_int_sword;
|
||||
#endif
|
||||
#else
|
||||
#if SP_WORD_SIZE == 32
|
||||
typedef uint32_t sp_digit;
|
||||
typedef uint32_t sp_int_digit;
|
||||
typedef uint64_t sp_int_word;
|
||||
typedef int64_t sp_int_sword;
|
||||
#elif SP_WORD_SIZE == 64
|
||||
typedef uint64_t sp_digit;
|
||||
typedef uint64_t sp_int_digit;
|
||||
|
@ -97,12 +105,28 @@
|
|||
typedef long int128_t __attribute__ ((mode(TI)));
|
||||
#endif
|
||||
typedef uint128_t sp_int_word;
|
||||
#else
|
||||
#error Word size not defined
|
||||
typedef int128_t sp_int_sword;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define SP_MASK (sp_digit)(-1)
|
||||
#if SP_WORD_SIZE == 32
|
||||
#define SP_MASK ((sp_int_digit)0xffffffffU)
|
||||
#elif SP_WORD_SIZE == 64
|
||||
#define SP_MASK ((sp_int_digit)0xffffffffffffffffUL)
|
||||
#else
|
||||
#error Word size not defined
|
||||
#endif
|
||||
|
||||
|
||||
#if defined(WOLFSSL_HAVE_SP_ECC) && defined(WOLFSSL_SP_NONBLOCK)
|
||||
typedef struct sp_ecc_ctx {
|
||||
#ifdef WOLFSSL_SP_384
|
||||
byte data[48*80]; /* stack data */
|
||||
#else
|
||||
byte data[32*80]; /* stack data */
|
||||
#endif
|
||||
} sp_ecc_ctx_t;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_MATH
|
||||
#include <libs/libwolfssl/wolfcrypt/random.h>
|
||||
|
@ -169,9 +193,10 @@ typedef sp_int_digit mp_digit;
|
|||
MP_API int sp_init(sp_int* a);
|
||||
MP_API int sp_init_multi(sp_int* a, sp_int* b, sp_int* c, sp_int* d,
|
||||
sp_int* e, sp_int* f);
|
||||
MP_API void sp_free(sp_int* a);
|
||||
MP_API void sp_clear(sp_int* a);
|
||||
MP_API int sp_unsigned_bin_size(sp_int* a);
|
||||
MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, int inSz);
|
||||
MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz);
|
||||
MP_API int sp_read_radix(sp_int* a, const char* in, int radix);
|
||||
MP_API int sp_cmp(sp_int* a, sp_int* b);
|
||||
MP_API int sp_count_bits(sp_int* a);
|
||||
|
@ -211,7 +236,6 @@ MP_API void sp_rshb(sp_int* a, int n, sp_int* r);
|
|||
MP_API int sp_mul_d(sp_int* a, sp_int_digit n, sp_int* r);
|
||||
|
||||
|
||||
#define MP_OKAY 0
|
||||
#define MP_NO 0
|
||||
#define MP_YES 1
|
||||
|
||||
|
@ -221,15 +245,17 @@ MP_API int sp_mul_d(sp_int* a, sp_int_digit n, sp_int* r);
|
|||
#define MP_EQ 0
|
||||
#define MP_LT -1
|
||||
|
||||
#define MP_OKAY 0
|
||||
#define MP_MEM -2
|
||||
#define MP_VAL -3
|
||||
#define FP_WOULDBLOCK -4
|
||||
|
||||
#define DIGIT_BIT SP_WORD_SIZE
|
||||
#define MP_MASK SP_MASK
|
||||
|
||||
#define CheckFastMathSettings() 1
|
||||
|
||||
#define mp_free(a)
|
||||
#define mp_free sp_free
|
||||
|
||||
#define mp_isodd sp_isodd
|
||||
#define mp_iseven sp_iseven
|
||||
|
|
|
@ -432,7 +432,7 @@ MP_API void fp_free(fp_int* a);
|
|||
|
||||
/* set to a small digit */
|
||||
void fp_set(fp_int *a, fp_digit b);
|
||||
void fp_set_int(fp_int *a, unsigned long b);
|
||||
int fp_set_int(fp_int *a, unsigned long b);
|
||||
|
||||
/* check if a bit is set */
|
||||
int fp_is_bit_set(fp_int *a, fp_digit b);
|
||||
|
@ -459,7 +459,7 @@ void fp_rshd(fp_int *a, int x);
|
|||
void fp_rshb(fp_int *a, int x);
|
||||
|
||||
/* left shift x digits */
|
||||
void fp_lshd(fp_int *a, int x);
|
||||
int fp_lshd(fp_int *a, int x);
|
||||
|
||||
/* signed comparison */
|
||||
int fp_cmp(fp_int *a, fp_int *b);
|
||||
|
@ -470,19 +470,22 @@ int fp_cmp_mag(fp_int *a, fp_int *b);
|
|||
/* power of 2 operations */
|
||||
void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
|
||||
void fp_mod_2d(fp_int *a, int b, fp_int *c);
|
||||
void fp_mul_2d(fp_int *a, int b, fp_int *c);
|
||||
int fp_mul_2d(fp_int *a, int b, fp_int *c);
|
||||
void fp_2expt (fp_int *a, int b);
|
||||
void fp_mul_2(fp_int *a, fp_int *c);
|
||||
int fp_mul_2(fp_int *a, fp_int *c);
|
||||
void fp_div_2(fp_int *a, fp_int *c);
|
||||
/* c = a / 2 (mod b) - constant time (a < b and positive) */
|
||||
int fp_div_2_mod_ct(fp_int *a, fp_int *b, fp_int *c);
|
||||
|
||||
|
||||
/* Counts the number of lsbs which are zero before the first zero bit */
|
||||
int fp_cnt_lsb(fp_int *a);
|
||||
|
||||
/* c = a + b */
|
||||
void fp_add(fp_int *a, fp_int *b, fp_int *c);
|
||||
int fp_add(fp_int *a, fp_int *b, fp_int *c);
|
||||
|
||||
/* c = a - b */
|
||||
void fp_sub(fp_int *a, fp_int *b, fp_int *c);
|
||||
int fp_sub(fp_int *a, fp_int *b, fp_int *c);
|
||||
|
||||
/* c = a * b */
|
||||
int fp_mul(fp_int *a, fp_int *b, fp_int *c);
|
||||
|
@ -500,13 +503,13 @@ int fp_mod(fp_int *a, fp_int *b, fp_int *c);
|
|||
int fp_cmp_d(fp_int *a, fp_digit b);
|
||||
|
||||
/* c = a + b */
|
||||
void fp_add_d(fp_int *a, fp_digit b, fp_int *c);
|
||||
int fp_add_d(fp_int *a, fp_digit b, fp_int *c);
|
||||
|
||||
/* c = a - b */
|
||||
int fp_sub_d(fp_int *a, fp_digit b, fp_int *c);
|
||||
|
||||
/* c = a * b */
|
||||
void fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
|
||||
int fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
|
||||
|
||||
/* a/b => cb + d == a */
|
||||
/*int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d);*/
|
||||
|
@ -530,6 +533,12 @@ int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
|
|||
/* d = a + b (mod c) */
|
||||
int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
|
||||
|
||||
/* d = a - b (mod c) - constant time (a < c and b < c) */
|
||||
int fp_submod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
|
||||
|
||||
/* d = a + b (mod c) - constant time (a < c and b < c) */
|
||||
int fp_addmod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
|
||||
|
||||
/* c = a * a (mod b) */
|
||||
int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);
|
||||
|
||||
|
@ -549,10 +558,11 @@ int fp_montgomery_setup(fp_int *a, fp_digit *mp);
|
|||
/* computes a = B**n mod b without division or multiplication useful for
|
||||
* normalizing numbers in a Montgomery system.
|
||||
*/
|
||||
void fp_montgomery_calc_normalization(fp_int *a, fp_int *b);
|
||||
int fp_montgomery_calc_normalization(fp_int *a, fp_int *b);
|
||||
|
||||
/* computes x/R == x (mod N) via Montgomery Reduction */
|
||||
int fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
|
||||
int fp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct);
|
||||
|
||||
/* d = a**b (mod c) */
|
||||
int fp_exptmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
|
||||
|
@ -637,7 +647,7 @@ int fp_count_bits(fp_int *a);
|
|||
int fp_leading_bit(fp_int *a);
|
||||
|
||||
int fp_unsigned_bin_size(fp_int *a);
|
||||
void fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c);
|
||||
int fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c);
|
||||
int fp_to_unsigned_bin(fp_int *a, unsigned char *b);
|
||||
int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c);
|
||||
int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b);
|
||||
|
@ -652,7 +662,7 @@ int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b);
|
|||
|
||||
|
||||
/* VARIOUS LOW LEVEL STUFFS */
|
||||
void s_fp_add(fp_int *a, fp_int *b, fp_int *c);
|
||||
int s_fp_add(fp_int *a, fp_int *b, fp_int *c);
|
||||
void s_fp_sub(fp_int *a, fp_int *b, fp_int *c);
|
||||
void fp_reverse(unsigned char *s, int len);
|
||||
|
||||
|
@ -728,6 +738,7 @@ int fp_sqr_comba64(fp_int *a, fp_int *b);
|
|||
#define mp_tohex(M, S) mp_toradix((M), (S), MP_RADIX_HEX)
|
||||
|
||||
MP_API int mp_init (mp_int * a);
|
||||
MP_API int mp_init_copy(fp_int * a, fp_int * b);
|
||||
MP_API void mp_clear (mp_int * a);
|
||||
MP_API void mp_free (mp_int * a);
|
||||
MP_API void mp_forcezero (mp_int * a);
|
||||
|
@ -743,6 +754,8 @@ MP_API int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
|
|||
MP_API int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
|
||||
MP_API int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
|
||||
MP_API int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
|
||||
MP_API int mp_submod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
|
||||
MP_API int mp_addmod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
|
||||
MP_API int mp_mod(mp_int *a, mp_int *b, mp_int *c);
|
||||
MP_API int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
|
||||
MP_API int mp_invmod_mont_ct(mp_int *a, mp_int *b, mp_int *c, fp_digit mp);
|
||||
|
@ -791,9 +804,11 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
|
|||
#ifdef HAVE_ECC
|
||||
MP_API int mp_sqr(fp_int *a, fp_int *b);
|
||||
MP_API int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
|
||||
MP_API int mp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp,
|
||||
int ct);
|
||||
MP_API int mp_montgomery_setup(fp_int *a, fp_digit *rho);
|
||||
MP_API int mp_div_2(fp_int * a, fp_int * b);
|
||||
MP_API int mp_init_copy(fp_int * a, fp_int * b);
|
||||
MP_API int mp_div_2_mod_ct(mp_int *a, mp_int *b, mp_int *c);
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DSA) || \
|
||||
|
@ -817,6 +832,7 @@ MP_API int mp_lcm(fp_int *a, fp_int *b, fp_int *c);
|
|||
MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);
|
||||
MP_API int mp_exch(mp_int *a, mp_int *b);
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
|
||||
|
||||
MP_API int mp_cnt_lsb(fp_int *a);
|
||||
MP_API int mp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
|
||||
|
|
|
@ -22,7 +22,12 @@
|
|||
/*!
|
||||
\file wolfssl/wolfcrypt/types.h
|
||||
*/
|
||||
/*
|
||||
DESCRIPTION
|
||||
This library defines the primitive data types and abstraction macros to
|
||||
decouple library dependencies with standard string, memory and so on.
|
||||
|
||||
*/
|
||||
#ifndef WOLF_CRYPT_TYPES_H
|
||||
#define WOLF_CRYPT_TYPES_H
|
||||
|
||||
|
@ -197,7 +202,11 @@
|
|||
#define WC_INLINE
|
||||
#endif
|
||||
#else
|
||||
#define WC_INLINE
|
||||
#ifdef __GNUC__
|
||||
#define WC_INLINE __attribute__((unused))
|
||||
#else
|
||||
#define WC_INLINE
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
@ -244,7 +253,11 @@
|
|||
#if defined(__GNUC__)
|
||||
#if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1)))
|
||||
#undef FALL_THROUGH
|
||||
#define FALL_THROUGH __attribute__ ((fallthrough));
|
||||
#if defined(WOLFSSL_LINUXKM) && defined(fallthrough)
|
||||
#define FALL_THROUGH fallthrough
|
||||
#else
|
||||
#define FALL_THROUGH __attribute__ ((fallthrough));
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#endif /* FALL_THROUGH */
|
||||
|
@ -342,10 +355,17 @@
|
|||
#else
|
||||
/* just use plain C stdlib stuff if desired */
|
||||
#include <stdlib.h>
|
||||
#define XMALLOC(s, h, t) malloc((s))
|
||||
#define XMALLOC(s, h, t) malloc((size_t)(s))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
|
||||
#define XREALLOC(p, n, h, t) realloc((p), (n))
|
||||
#define XREALLOC(p, n, h, t) realloc((p), (size_t)(n))
|
||||
#endif
|
||||
|
||||
#elif defined(WOLFSSL_LINUXKM)
|
||||
/* the requisite linux/slab.h is included in wc_port.h, with incompatible warnings masked out. */
|
||||
#define XMALLOC(s, h, t) ({(void)(h); (void)(t); kmalloc(s, GFP_KERNEL);})
|
||||
#define XFREE(p, h, t) ({void* _xp; (void)(h); _xp = (p); if(_xp) kfree(_xp);})
|
||||
#define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); krealloc((p), (n), GFP_KERNEL);})
|
||||
|
||||
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
|
||||
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
|
||||
&& !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \
|
||||
|
@ -375,8 +395,9 @@
|
|||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
#endif
|
||||
|
||||
/* declare/free variable handling for async */
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
/* declare/free variable handling for async and smallstack */
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_SMALL_STACK)
|
||||
#define DECLARE_VAR_IS_HEAP_ALLOC
|
||||
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
|
||||
VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
|
||||
#define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \
|
||||
|
@ -389,9 +410,19 @@
|
|||
})
|
||||
#define DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
|
||||
VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
|
||||
int idx##VAR_NAME; \
|
||||
int idx##VAR_NAME, inner_idx_##VAR_NAME; \
|
||||
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
|
||||
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
|
||||
if (VAR_NAME[idx##VAR_NAME] == NULL) { \
|
||||
for (inner_idx_##VAR_NAME = 0; inner_idx_##VAR_NAME < idx##VAR_NAME; inner_idx_##VAR_NAME++) { \
|
||||
XFREE(VAR_NAME[inner_idx_##VAR_NAME], HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
|
||||
VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
|
||||
} \
|
||||
for (inner_idx_##VAR_NAME = idx##VAR_NAME + 1; inner_idx_##VAR_NAME < VAR_ITEMS; inner_idx_##VAR_NAME++) { \
|
||||
VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
|
||||
} \
|
||||
break; \
|
||||
} \
|
||||
}
|
||||
#define FREE_VAR(VAR_NAME, HEAP) \
|
||||
XFREE(VAR_NAME, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
|
||||
|
@ -406,6 +437,7 @@
|
|||
#define FREE_ARRAY_DYNAMIC(VAR_NAME, VAR_ITEMS, HEAP) \
|
||||
FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP)
|
||||
#else
|
||||
#undef DECLARE_VAR_IS_HEAP_ALLOC
|
||||
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
|
||||
VAR_TYPE VAR_NAME[VAR_SIZE]
|
||||
#define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \
|
||||
|
@ -417,10 +449,20 @@
|
|||
|
||||
#define DECLARE_ARRAY_DYNAMIC_DEC(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
|
||||
VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
|
||||
int idx##VAR_NAME;
|
||||
int idx##VAR_NAME, inner_idx_##VAR_NAME;
|
||||
#define DECLARE_ARRAY_DYNAMIC_EXE(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
|
||||
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
|
||||
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_TMP_BUFFER); \
|
||||
if (VAR_NAME[idx##VAR_NAME] == NULL) { \
|
||||
for (inner_idx_##VAR_NAME = 0; inner_idx_##VAR_NAME < idx##VAR_NAME; inner_idx_##VAR_NAME++) { \
|
||||
XFREE(VAR_NAME[inner_idx_##VAR_NAME], HEAP, DYNAMIC_TYPE_TMP_BUFFER); \
|
||||
VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
|
||||
} \
|
||||
for (inner_idx_##VAR_NAME = idx##VAR_NAME + 1; inner_idx_##VAR_NAME < VAR_ITEMS; inner_idx_##VAR_NAME++) { \
|
||||
VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
|
||||
} \
|
||||
break; \
|
||||
} \
|
||||
}
|
||||
#define FREE_ARRAY_DYNAMIC(VAR_NAME, VAR_ITEMS, HEAP) \
|
||||
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
|
||||
|
@ -437,12 +479,17 @@
|
|||
#define USE_WOLF_STRSEP
|
||||
#endif
|
||||
|
||||
#ifndef STRING_USER
|
||||
#include <string.h>
|
||||
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
|
||||
#define XMEMSET(b,c,l) memset((b),(c),(l))
|
||||
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
|
||||
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
|
||||
#ifndef STRING_USER
|
||||
#if defined(WOLFSSL_LINUXKM)
|
||||
#include <linux/string.h>
|
||||
#else
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
|
||||
#define XMEMSET(b,c,l) memset((b),(c),(l))
|
||||
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
|
||||
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
|
||||
|
||||
#define XSTRLEN(s1) strlen((s1))
|
||||
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
|
||||
|
@ -489,7 +536,37 @@
|
|||
for snprintf */
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
#define XSNPRINTF snprintf
|
||||
#if defined(WOLFSSL_ESPIDF) && \
|
||||
(!defined(NO_ASN_TIME) && defined(HAVE_PKCS7))
|
||||
#include<stdarg.h>
|
||||
/* later gcc than 7.1 introduces -Wformat-truncation */
|
||||
/* In cases when truncation is expected the caller needs*/
|
||||
/* to check the return value from the function so that */
|
||||
/* compiler doesn't complain. */
|
||||
/* xtensa-esp32-elf v8.2.0 warns trancation at */
|
||||
/* GetAsnTimeString() */
|
||||
static WC_INLINE
|
||||
int _xsnprintf_(char *s, size_t n, const char *format, ...)
|
||||
{
|
||||
va_list ap;
|
||||
int ret;
|
||||
|
||||
if ((int)n <= 0) return -1;
|
||||
|
||||
va_start(ap, format);
|
||||
|
||||
ret = vsnprintf(s, n, format, ap);
|
||||
if (ret < 0)
|
||||
ret = -1;
|
||||
|
||||
va_end(ap);
|
||||
|
||||
return ret;
|
||||
}
|
||||
#define XSNPRINTF _xsnprintf_
|
||||
#else
|
||||
#define XSNPRINTF snprintf
|
||||
#endif
|
||||
#endif
|
||||
#else
|
||||
#if defined(_MSC_VER) || defined(__CYGWIN__) || defined(__MINGW32__)
|
||||
|
@ -565,9 +642,11 @@
|
|||
#endif
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#ifndef CTYPE_USER
|
||||
#include <ctype.h>
|
||||
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
|
||||
#ifndef CTYPE_USER
|
||||
#ifndef WOLFSSL_LINUXKM
|
||||
#include <ctype.h>
|
||||
#endif
|
||||
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
|
||||
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA)
|
||||
#define XTOUPPER(c) toupper((c))
|
||||
#define XISALPHA(c) isalpha((c))
|
||||
|
|
|
@ -28,24 +28,33 @@
|
|||
#define WOLF_CRYPT_ENCRYPT_H
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/aes.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/chacha.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/des3.h>
|
||||
#include <libs/libwolfssl/wolfcrypt/arc4.h>
|
||||
#ifndef NO_AES
|
||||
#include <libs/libwolfssl/wolfcrypt/aes.h>
|
||||
#endif
|
||||
#ifdef HAVE_CHACHA
|
||||
#include <libs/libwolfssl/wolfcrypt/chacha.h>
|
||||
#endif
|
||||
#ifndef NO_DES3
|
||||
#include <libs/libwolfssl/wolfcrypt/des3.h>
|
||||
#endif
|
||||
#ifndef NO_RC4
|
||||
#include <libs/libwolfssl/wolfcrypt/arc4.h>
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* determine max cipher key size */
|
||||
/* determine max cipher key size - cannot use enum values here, must be define,
|
||||
* since WC_MAX_SYM_KEY_SIZE is used in if macro logic. */
|
||||
#ifndef NO_AES
|
||||
#define WC_MAX_SYM_KEY_SIZE (AES_MAX_KEY_SIZE/8)
|
||||
#elif defined(HAVE_CHACHA)
|
||||
#define WC_MAX_SYM_KEY_SIZE CHACHA_MAX_KEY_SZ
|
||||
#define WC_MAX_SYM_KEY_SIZE 32 /* CHACHA_MAX_KEY_SZ */
|
||||
#elif !defined(NO_DES3)
|
||||
#define WC_MAX_SYM_KEY_SIZE DES3_KEY_SIZE
|
||||
#define WC_MAX_SYM_KEY_SIZE 24 /* DES3_KEY_SIZE */
|
||||
#elif !defined(NO_RC4)
|
||||
#define WC_MAX_SYM_KEY_SIZE RC4_KEY_SIZE
|
||||
#define WC_MAX_SYM_KEY_SIZE 16 /* RC4_KEY_SIZE */
|
||||
#else
|
||||
#define WC_MAX_SYM_KEY_SIZE 32
|
||||
#endif
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
|
|
|
@ -54,6 +54,115 @@
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#ifndef PACKAGE_NAME
|
||||
#error wc_port.h included before config.h
|
||||
#endif
|
||||
/* config.h is autogenerated without gating, and is subject to repeat
|
||||
* inclusions, so gate it out here to keep autodetection masking
|
||||
* intact:
|
||||
*/
|
||||
#undef HAVE_CONFIG_H
|
||||
#endif
|
||||
|
||||
#ifdef BUILDING_WOLFSSL
|
||||
|
||||
_Pragma("GCC diagnostic push");
|
||||
|
||||
/* we include all the needed kernel headers with these masked out. else
|
||||
* there are profuse warnings.
|
||||
*/
|
||||
_Pragma("GCC diagnostic ignored \"-Wunused-parameter\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wpointer-arith\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wshadow\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wnested-externs\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wredundant-decls\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wsign-compare\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wpointer-sign\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wbad-function-cast\"");
|
||||
|
||||
#include <linux/kconfig.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/version.h>
|
||||
#include <linux/ctype.h>
|
||||
#include <linux/init.h>
|
||||
#include <linux/module.h>
|
||||
#ifndef SINGLE_THREADED
|
||||
#include <linux/kthread.h>
|
||||
#endif
|
||||
#include <linux/net.h>
|
||||
#include <linux/slab.h>
|
||||
#if defined(WOLFSSL_AESNI) || defined(USE_INTEL_SPEEDUP)
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
|
||||
#include <asm/i387.h>
|
||||
#else
|
||||
#include <asm/simd.h>
|
||||
#endif
|
||||
#define SAVE_VECTOR_REGISTERS() kernel_fpu_begin()
|
||||
#define RESTORE_VECTOR_REGISTERS() kernel_fpu_end()
|
||||
#elif defined(WOLFSSL_ARMASM)
|
||||
#include <asm/fpsimd.h>
|
||||
#define SAVE_VECTOR_REGISTERS() ({ preempt_disable(); fpsimd_preserve_current_state(); })
|
||||
#define RESTORE_VECTOR_REGISTERS() ({ fpsimd_restore_current_state(); preempt_enable(); })
|
||||
#else
|
||||
#define SAVE_VECTOR_REGISTERS() ({})
|
||||
#define RESTORE_VECTOR_REGISTERS() ({})
|
||||
#endif
|
||||
|
||||
_Pragma("GCC diagnostic pop");
|
||||
|
||||
/* remove this multifariously conflicting macro, picked up from
|
||||
* Linux arch/<arch>/include/asm/current.h.
|
||||
*/
|
||||
#undef current
|
||||
|
||||
/* prevent gcc's mm_malloc.h from being included, since it unconditionally
|
||||
* includes stdlib.h, which is kernel-incompatible.
|
||||
*/
|
||||
#define _MM_MALLOC_H_INCLUDED
|
||||
|
||||
#define malloc(x) kmalloc(x, GFP_KERNEL)
|
||||
#define free(x) kfree(x)
|
||||
#define realloc(x,y) krealloc(x, y, GFP_KERNEL)
|
||||
|
||||
/* min() and max() in linux/kernel.h over-aggressively type-check, producing
|
||||
* myriad spurious -Werrors throughout the codebase.
|
||||
*/
|
||||
#undef min
|
||||
#undef max
|
||||
|
||||
/* work around namespace conflict between wolfssl/internal.h (enum HandShakeType)
|
||||
* and linux/key.h (extern int()).
|
||||
*/
|
||||
#define key_update wc_key_update
|
||||
|
||||
#define lkm_printf(format, args...) printk(KERN_INFO "wolfssl: %s(): " format, __func__, ## args)
|
||||
#define printf(...) lkm_printf(__VA_ARGS__)
|
||||
|
||||
#endif /* BUILDING_WOLFSSL */
|
||||
|
||||
/* needed to suppress inclusion of stdio.h in wolfssl/wolfcrypt/types.h */
|
||||
#define XSNPRINTF snprintf
|
||||
|
||||
/* the rigmarole around kstrtol() here is to accommodate its warn-unused-result attribute. */
|
||||
#define XATOI(s) ({ \
|
||||
long _xatoi_res = 0; \
|
||||
int _xatoi_ret = kstrtol(s, 10, &_xatoi_res); \
|
||||
if (_xatoi_ret != 0) { \
|
||||
_xatoi_res = 0; \
|
||||
} \
|
||||
(int)_xatoi_res; \
|
||||
})
|
||||
|
||||
#else /* ! WOLFSSL_LINUXKM */
|
||||
|
||||
#ifdef BUILDING_WOLFSSL
|
||||
#define SAVE_VECTOR_REGISTERS() do{}while(0)
|
||||
#define RESTORE_VECTOR_REGISTERS() do{}while(0)
|
||||
#endif
|
||||
|
||||
#endif /* WOLFSSL_LINUXKM */
|
||||
|
||||
/* THREADING/MUTEX SECTION */
|
||||
#ifdef USE_WINDOWS_API
|
||||
|
@ -156,8 +265,14 @@
|
|||
|
||||
#else
|
||||
#ifndef SINGLE_THREADED
|
||||
#define WOLFSSL_PTHREADS
|
||||
#include <pthread.h>
|
||||
#ifndef WOLFSSL_USER_MUTEX
|
||||
#if defined(WOLFSSL_LINUXKM)
|
||||
#define WOLFSSL_KTHREADS
|
||||
#else
|
||||
#define WOLFSSL_PTHREADS
|
||||
#include <pthread.h>
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#if (defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)) && \
|
||||
!defined(NO_FILESYSTEM)
|
||||
|
@ -192,6 +307,8 @@
|
|||
typedef CRITICAL_SECTION wolfSSL_Mutex;
|
||||
#elif defined(WOLFSSL_PTHREADS)
|
||||
typedef u32 wolfSSL_Mutex; /* pthread_mutex_t = mutex_t = u32 */
|
||||
#elif defined(WOLFSSL_KTHREADS)
|
||||
typedef struct mutex wolfSSL_Mutex;
|
||||
#elif defined(THREADX)
|
||||
typedef TX_MUTEX wolfSSL_Mutex;
|
||||
#elif defined(WOLFSSL_DEOS)
|
||||
|
@ -238,6 +355,10 @@
|
|||
typedef struct k_mutex wolfSSL_Mutex;
|
||||
#elif defined(WOLFSSL_TELIT_M2MB)
|
||||
typedef M2MB_OS_MTX_HANDLE wolfSSL_Mutex;
|
||||
#elif defined(WOLFSSL_USER_MUTEX)
|
||||
/* typedef User_Mutex wolfSSL_Mutex; */
|
||||
#elif defined(WOLFSSL_LINUXKM)
|
||||
typedef struct mutex wolfSSL_Mutex;
|
||||
#else
|
||||
#error Need a mutex type in multithreaded mode
|
||||
#endif /* USE_WINDOWS_API */
|
||||
|
@ -245,7 +366,7 @@
|
|||
|
||||
/* Enable crypt HW mutex for Freescale MMCAU, PIC32MZ or STM32 */
|
||||
#if defined(FREESCALE_MMCAU) || defined(WOLFSSL_MICROCHIP_PIC32MZ) || \
|
||||
defined(STM32_CRYPTO)
|
||||
defined(STM32_CRYPTO) || defined(STM32_HASH) || defined(STM32_RNG)
|
||||
#ifndef WOLFSSL_CRYPT_HW_MUTEX
|
||||
#define WOLFSSL_CRYPT_HW_MUTEX 1
|
||||
#endif
|
||||
|
@ -414,6 +535,23 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
#define XBADFILE -1
|
||||
#define XFGETS(b,s,f) -2 /* Not ported yet */
|
||||
|
||||
#elif defined (WOLFSSL_XILINX)
|
||||
#include "xsdps.h"
|
||||
#include "ff.h"
|
||||
|
||||
/* workaround to declare variable and provide type */
|
||||
#define XFILE FIL curFile; FIL*
|
||||
#define XFOPEN(NAME, MODE) ({ FRESULT res; res = f_open(&curFile, (NAME), (FA_OPEN_ALWAYS | FA_WRITE | FA_READ)); (res == FR_OK) ? &curFile : NULL; })
|
||||
#define XFSEEK(F, O, W) f_lseek((F), (O))
|
||||
#define XFTELL(F) f_tell((F))
|
||||
#define XREWIND(F) f_rewind((F))
|
||||
#define XFREAD(BUF, SZ, AMT, F) ({ FRESULT res; UINT br; res = f_read((F), (BUF), (SZ)*(AMT), &br); (void)br; res; })
|
||||
#define XFWRITE(BUF, SZ, AMT, F) ({ FRESULT res; UINT written; res = f_write((F), (BUF), (SZ)*(AMT), &written); (void)written; res; })
|
||||
#define XFCLOSE(F) f_close((F))
|
||||
#define XSEEK_END 0
|
||||
#define XBADFILE NULL
|
||||
#define XFGETS(b,s,f) f_gets((b), (s), (f))
|
||||
|
||||
#elif defined(WOLFSSL_USER_FILESYSTEM)
|
||||
/* To be defined in user_settings.h */
|
||||
#else
|
||||
|
@ -451,6 +589,9 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
#define MAX_PATH 256
|
||||
#endif
|
||||
|
||||
WOLFSSL_LOCAL int wc_FileLoad(const char* fname, unsigned char** buf,
|
||||
size_t* bufLen, void* heap);
|
||||
|
||||
#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_NUCLEUS) && \
|
||||
!defined(WOLFSSL_NUCLEUS_1_2)
|
||||
typedef struct ReadDirCtx {
|
||||
|
@ -528,7 +669,9 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
#define NEED_TMP_TIME
|
||||
|
||||
#elif defined(WOLFSSL_XILINX)
|
||||
#define USER_TIME
|
||||
#ifndef XTIME
|
||||
#define XTIME(t1) xilinx_time((t1))
|
||||
#endif
|
||||
#include <time.h>
|
||||
|
||||
#elif defined(HAVE_RTP_SYS)
|
||||
|
@ -553,6 +696,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
|
||||
#elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)
|
||||
#include <time.h>
|
||||
extern time_t pic32_time(time_t* timer);
|
||||
#define XTIME(t1) pic32_time((t1))
|
||||
#define XGMTIME(c, t) gmtime((c))
|
||||
|
||||
|
@ -637,6 +781,24 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
#define WOLFSSL_GMTIME
|
||||
#define USE_WOLF_TM
|
||||
|
||||
|
||||
#elif defined(WOLFSSL_LINUXKM)
|
||||
#ifdef BUILDING_WOLFSSL
|
||||
|
||||
/* includes are all above, with incompatible warnings masked out. */
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
|
||||
typedef __kernel_time_t time_t;
|
||||
#else
|
||||
typedef __kernel_time64_t time_t;
|
||||
#endif
|
||||
extern time_t time(time_t * timer);
|
||||
#define XTIME time
|
||||
#define WOLFSSL_GMTIME
|
||||
#define XGMTIME(c, t) gmtime(c)
|
||||
#define NO_TIMEVAL 1
|
||||
|
||||
#endif /* BUILDING_WOLFSSL */
|
||||
|
||||
#else
|
||||
/* default */
|
||||
/* uses complete <time.h> facility */
|
||||
|
@ -674,16 +836,17 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
#endif
|
||||
#endif
|
||||
#if !defined(XGMTIME) && !defined(TIME_OVERRIDES)
|
||||
#if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R) || defined(WOLF_C99)
|
||||
#define XGMTIME(c, t) gmtime((c))
|
||||
#else
|
||||
/* Always use gmtime_r if available. */
|
||||
#if defined(HAVE_GMTIME_R)
|
||||
#define XGMTIME(c, t) gmtime_r((c), (t))
|
||||
#define NEED_TMP_TIME
|
||||
#else
|
||||
#define XGMTIME(c, t) gmtime((c))
|
||||
#endif
|
||||
#endif
|
||||
#if !defined(XVALIDATE_DATE) && !defined(HAVE_VALIDATE_DATE)
|
||||
#define USE_WOLF_VALIDDATE
|
||||
#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
|
||||
#define XVALIDATE_DATE(d, f, t) wc_ValidateDate((d), (f), (t))
|
||||
#endif
|
||||
|
||||
/* wolf struct tm and time_t */
|
||||
|
@ -742,7 +905,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
#endif
|
||||
|
||||
#ifndef FILE_BUFFER_SIZE
|
||||
#define FILE_BUFFER_SIZE 1024 /* default static file buffer size for input,
|
||||
#define FILE_BUFFER_SIZE 1024 /* default static file buffer size for input, \
|
||||
will use dynamic buffer if not big enough */
|
||||
#endif
|
||||
|
||||
|
|
|
@ -19,6 +19,11 @@
|
|||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
/*
|
||||
DESCRIPTION
|
||||
This library provides big integer math functions.
|
||||
|
||||
*/
|
||||
#ifndef __WOLFMATH_H__
|
||||
#define __WOLFMATH_H__
|
||||
|
||||
|
|
|
@ -94,6 +94,8 @@
|
|||
#elif defined(WOLFSSL_NUCLEUS_1_2)
|
||||
#include <externs.h>
|
||||
#include <errno.h>
|
||||
#elif defined(WOLFSSL_LINUXKM)
|
||||
/* the requisite linux/net.h is included in wc_port.h, with incompatible warnings masked out. */
|
||||
#elif defined(WOLFSSL_ATMEL)
|
||||
#include "socket/include/socket.h"
|
||||
#elif defined(INTIME_RTOS)
|
||||
|
@ -126,6 +128,8 @@
|
|||
#include <errno.h>
|
||||
#elif defined(WOLFSSL_ZEPHYR)
|
||||
#include <net/socket.h>
|
||||
#elif defined(MICROCHIP_PIC32)
|
||||
#include <sys/errno.h>
|
||||
#elif defined(HAVE_NETX)
|
||||
#include "nx_api.h"
|
||||
#include "errno.h"
|
||||
|
@ -147,7 +151,6 @@
|
|||
&& !defined(WOLFSSL_CONTIKI) && !defined(WOLFSSL_WICED) \
|
||||
&& !defined(WOLFSSL_GNRC) && !defined(WOLFSSL_RIOT_OS)
|
||||
#include <network.h>
|
||||
//#include <sys/socket.h>
|
||||
//#include <arpa/inet.h>
|
||||
//#include <netinet/in.h>
|
||||
//#include <netdb.h>
|
||||
|
@ -159,7 +162,7 @@
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_RENESAS_RA6M3G) /* Uses FREERTOS_TCP */
|
||||
#if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3) /* Uses FREERTOS_TCP */
|
||||
#include <errno.h>
|
||||
#endif
|
||||
|
||||
|
@ -294,6 +297,9 @@
|
|||
|
||||
#define SEND_FUNCTION send
|
||||
#define RECV_FUNCTION recv
|
||||
#elif defined(WOLFSSL_LINUXKM)
|
||||
#define SEND_FUNCTION linuxkm_send
|
||||
#define RECV_FUNCTION linuxkm_recv
|
||||
#else
|
||||
#define SEND_FUNCTION send
|
||||
#define RECV_FUNCTION recv
|
||||
|
|
|
@ -215,7 +215,7 @@ int ImageDownloader::DownloadProcess(int TotalDownloadCount)
|
|||
fclose(pfile);
|
||||
MissingImagesCount--;
|
||||
}
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
gprintf("File saved successfully (%s%s)\n", MissingImages[i].gameID.c_str(), MissingImages[i].fileExt);
|
||||
|
||||
//! Remove the image from the vector since it's done
|
||||
|
@ -298,7 +298,7 @@ void ImageDownloader::DownloadImage(const char *url, const char *gameID, const c
|
|||
if(PAL && strcmp(CheckedRegion, "EN") != 0)
|
||||
{
|
||||
snprintf(downloadURL, sizeof(downloadURL), "%sEN/%s.png", url, gameID);
|
||||
gprintf(" - Not found.\n%s", downloadURL);
|
||||
gprintf(" - Not found.\n%s\n", downloadURL);
|
||||
downloadfile(downloadURL, file);
|
||||
if(VALID_IMAGE(file))
|
||||
return;
|
||||
|
@ -311,13 +311,13 @@ void ImageDownloader::DownloadImage(const char *url, const char *gameID, const c
|
|||
lang = "US";
|
||||
|
||||
snprintf(downloadURL, sizeof(downloadURL), "%s%s/%s.png", url, lang, gameID);
|
||||
gprintf(" - Not found.\n%s", downloadURL);
|
||||
gprintf(" - Not found.\n%s\n", downloadURL);
|
||||
downloadfile(downloadURL, file);
|
||||
if(VALID_IMAGE(file))
|
||||
return;
|
||||
|
||||
snprintf(downloadURL, sizeof(downloadURL), "%sOTHER/%s.png", url, gameID);
|
||||
gprintf(" - Not found.\n%s", downloadURL);
|
||||
gprintf(" - Not found.\n%s\n", downloadURL);
|
||||
downloadfile(downloadURL, file);
|
||||
if(VALID_IMAGE(file))
|
||||
return;
|
||||
|
@ -326,7 +326,7 @@ void ImageDownloader::DownloadImage(const char *url, const char *gameID, const c
|
|||
{
|
||||
lang = "RU";
|
||||
snprintf(downloadURL, sizeof(downloadURL), "%s%s/%s.png", url, lang, gameID);
|
||||
gprintf(" - Not found.\n%s", downloadURL);
|
||||
gprintf(" - Not found.\n%s\n", downloadURL);
|
||||
downloadfile(downloadURL, file);
|
||||
if(VALID_IMAGE(file))
|
||||
return;
|
||||
|
@ -336,14 +336,14 @@ void ImageDownloader::DownloadImage(const char *url, const char *gameID, const c
|
|||
{
|
||||
lang = "FI";
|
||||
snprintf(downloadURL, sizeof(downloadURL), "%s%s/%s.png", url, lang, gameID);
|
||||
gprintf(" - Not found.\n%s", downloadURL);
|
||||
gprintf(" - Not found.\n%s\n", downloadURL);
|
||||
downloadfile(downloadURL, file);
|
||||
if(VALID_IMAGE(file))
|
||||
return;
|
||||
|
||||
lang = "SE";
|
||||
snprintf(downloadURL, sizeof(downloadURL), "%s%s/%s.png", url, lang, gameID);
|
||||
gprintf(" - Not found.\n%s", downloadURL);
|
||||
gprintf(" - Not found.\n%s\n", downloadURL);
|
||||
downloadfile(downloadURL, file);
|
||||
if(VALID_IMAGE(file))
|
||||
return;
|
||||
|
|
|
@ -36,7 +36,7 @@ URL_List::URL_List(const char * url)
|
|||
Links = (Link_Info *) malloc(sizeof(Link_Info));
|
||||
if (!Links)
|
||||
{
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
urlcount = -3;
|
||||
return;
|
||||
}
|
||||
|
@ -71,7 +71,7 @@ URL_List::URL_List(const char * url)
|
|||
}
|
||||
free(Links);
|
||||
Links = NULL;
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
urlcount = -4;
|
||||
break;
|
||||
}
|
||||
|
@ -89,7 +89,7 @@ URL_List::URL_List(const char * url)
|
|||
}
|
||||
free(Links);
|
||||
Links = NULL;
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
urlcount = -5;
|
||||
break;
|
||||
}
|
||||
|
@ -105,7 +105,7 @@ URL_List::URL_List(const char * url)
|
|||
cnt++;
|
||||
}
|
||||
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
}
|
||||
|
||||
URL_List::~URL_List()
|
||||
|
|
|
@ -79,7 +79,7 @@ bool Wiinnertag::Send(const char *gameID)
|
|||
replaceString(sendURL, "{KEY}", tagList[i].second.c_str());
|
||||
|
||||
struct download file = {};
|
||||
file.skip_response = 1;
|
||||
file.skip_response = true;
|
||||
downloadfile(sendURL, &file);
|
||||
}
|
||||
|
||||
|
|
|
@ -2,79 +2,113 @@
|
|||
Code by blackb0x @ GBAtemp.net
|
||||
This allows the Wii to download from servers that use SNI.
|
||||
*/
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <network.h>
|
||||
#include <ogc/lwp_watchdog.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "https.h"
|
||||
#include "gecko.h"
|
||||
#include "../svnrev.h"
|
||||
#include "picohttpparser.h"
|
||||
#include "gecko.h"
|
||||
#include "https.h"
|
||||
#include "prompts/ProgressWindow.h"
|
||||
#include "settings/ProxySettings.h"
|
||||
#include "utils/base64.h"
|
||||
|
||||
u8 loop;
|
||||
WOLFSSL_SESSION *session;
|
||||
|
||||
int https_write(HTTP_INFO *httpinfo, char *buffer, int len)
|
||||
int https_write(HTTP_INFO *httpinfo, char *buffer, int len, bool proxy)
|
||||
{
|
||||
int ret, slen = 0;
|
||||
while (1)
|
||||
int ret, pos = 0;
|
||||
int rlen = len > BLOCK_SIZE ? BLOCK_SIZE : len;
|
||||
u64 time = gettime();
|
||||
while (ticks_to_millisecs(diff_ticks(time, gettime())) < READ_WRITE_TIMEOUT)
|
||||
{
|
||||
if (httpinfo->use_https)
|
||||
ret = wolfSSL_write(httpinfo->ssl, &buffer[slen], len - slen);
|
||||
if (httpinfo->use_https && !proxy)
|
||||
ret = wolfSSL_write(httpinfo->ssl, &buffer[pos], rlen);
|
||||
else
|
||||
ret = net_write(httpinfo->sock, &buffer[slen], len - slen);
|
||||
|
||||
if (ret == 0)
|
||||
continue;
|
||||
else if (ret <= 0)
|
||||
return ret; // Timeout would return -1
|
||||
|
||||
slen += ret;
|
||||
if (slen >= len)
|
||||
break;
|
||||
ret = net_write(httpinfo->sock, &buffer[pos], rlen);
|
||||
if (ret > 0)
|
||||
{
|
||||
pos += ret;
|
||||
rlen = len - pos > BLOCK_SIZE ? BLOCK_SIZE : len - pos;
|
||||
if (pos >= len)
|
||||
return pos;
|
||||
time = gettime();
|
||||
}
|
||||
usleep(10000);
|
||||
}
|
||||
return slen;
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("The connection timed out (write)\n");
|
||||
#endif
|
||||
return -ETIMEDOUT;
|
||||
}
|
||||
|
||||
int https_read(HTTP_INFO *httpinfo, char *buffer, int len)
|
||||
int https_read(HTTP_INFO *httpinfo, char *buffer, int len, bool proxy)
|
||||
{
|
||||
struct pollsd fds[1];
|
||||
fds[0].socket = httpinfo->sock;
|
||||
fds[0].events = POLLIN;
|
||||
|
||||
net_fcntl(httpinfo->sock, F_SETFL, 4);
|
||||
switch (net_poll(fds, 1, READ_WRITE_TIMEOUT))
|
||||
int ret = -ETIMEDOUT;
|
||||
u64 time = gettime();
|
||||
if (len > BLOCK_SIZE)
|
||||
len = BLOCK_SIZE;
|
||||
while (ticks_to_millisecs(diff_ticks(time, gettime())) < READ_WRITE_TIMEOUT)
|
||||
{
|
||||
case -1:
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("net_poll error\n");
|
||||
#endif
|
||||
return -1;
|
||||
case 0:
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("The connection timed out\n");
|
||||
#endif
|
||||
return -ETIMEDOUT;
|
||||
default:
|
||||
net_fcntl(httpinfo->sock, F_SETFL, 0);
|
||||
if (len > 8192)
|
||||
len = 8192; // 16KB is the max on a Wii, but 8KB is safe
|
||||
if (httpinfo->use_https)
|
||||
return wolfSSL_read(httpinfo->ssl, buffer, len);
|
||||
return net_read(httpinfo->sock, buffer, len);
|
||||
if (httpinfo->use_https && !proxy)
|
||||
ret = wolfSSL_read(httpinfo->ssl, buffer, len);
|
||||
else
|
||||
ret = net_read(httpinfo->sock, buffer, len);
|
||||
if (ret >= 0)
|
||||
return ret;
|
||||
usleep(10000);
|
||||
}
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("The connection timed out (read)\n");
|
||||
#endif
|
||||
return -ETIMEDOUT;
|
||||
}
|
||||
|
||||
int send_callback(__attribute__((unused)) WOLFSSL *ssl, char *buf, int sz, void *ctx)
|
||||
{
|
||||
int sent = net_write(*(int *)ctx, buf, sz);
|
||||
if (sent < 0)
|
||||
{
|
||||
if (sent == -EAGAIN)
|
||||
return WOLFSSL_CBIO_ERR_WANT_WRITE;
|
||||
else if (sent == -ECONNRESET)
|
||||
return WOLFSSL_CBIO_ERR_CONN_RST;
|
||||
else if (sent == -EINTR)
|
||||
return WOLFSSL_CBIO_ERR_ISR;
|
||||
else if (sent == -EPIPE)
|
||||
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
|
||||
else
|
||||
return WOLFSSL_CBIO_ERR_GENERAL;
|
||||
}
|
||||
return sent;
|
||||
}
|
||||
|
||||
int recv_callback(__attribute__((unused)) WOLFSSL *ssl, char *buf, int sz, void *ctx)
|
||||
{
|
||||
int recvd = net_read(*(int *)ctx, buf, sz);
|
||||
if (recvd < 0)
|
||||
{
|
||||
if (recvd == -EAGAIN)
|
||||
return WOLFSSL_CBIO_ERR_WANT_READ;
|
||||
else if (recvd == -ECONNRESET)
|
||||
return WOLFSSL_CBIO_ERR_CONN_RST;
|
||||
else if (recvd == -EINTR)
|
||||
return WOLFSSL_CBIO_ERR_ISR;
|
||||
else if (recvd == -ECONNABORTED)
|
||||
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
|
||||
else
|
||||
return WOLFSSL_CBIO_ERR_GENERAL;
|
||||
}
|
||||
else if (recvd == 0)
|
||||
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
|
||||
return recvd;
|
||||
}
|
||||
|
||||
void https_close(HTTP_INFO *httpinfo)
|
||||
{
|
||||
if (httpinfo->use_https)
|
||||
{
|
||||
if (wolfSSL_shutdown(httpinfo->ssl) == SSL_SHUTDOWN_NOT_DONE)
|
||||
wolfSSL_shutdown(httpinfo->ssl);
|
||||
wolfSSL_shutdown(httpinfo->ssl);
|
||||
wolfSSL_free(httpinfo->ssl);
|
||||
wolfSSL_CTX_free(httpinfo->ctx);
|
||||
}
|
||||
|
@ -84,41 +118,42 @@ void https_close(HTTP_INFO *httpinfo)
|
|||
#endif
|
||||
}
|
||||
|
||||
u8 get_header_value(struct phr_header *headers, size_t num_headers, char *dst, char *header)
|
||||
bool get_header_value(struct phr_header *headers, size_t num_headers, char *dst, char *header)
|
||||
{
|
||||
for (size_t i = 0; i != num_headers; ++i)
|
||||
{
|
||||
if (strncasecmp(header, headers[i].name, headers[i].name_len) == 0)
|
||||
{
|
||||
strlcpy(dst, headers[i].value, headers[i].value_len + 1);
|
||||
return 1;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
return false;
|
||||
}
|
||||
|
||||
u64 get_header_value_int(struct phr_header *headers, size_t num_headers, char *header)
|
||||
{
|
||||
char header_value[30] = {};
|
||||
char header_value[30];
|
||||
if (!get_header_value(headers, num_headers, header_value, header))
|
||||
return 0;
|
||||
return strtoull(header_value, NULL, 0);
|
||||
}
|
||||
|
||||
u8 is_chunked(struct phr_header *headers, size_t num_headers)
|
||||
bool is_chunked(struct phr_header *headers, size_t num_headers)
|
||||
{
|
||||
char encoding[10] = {};
|
||||
char encoding[9];
|
||||
if (!get_header_value(headers, num_headers, encoding, "transfer-encoding"))
|
||||
return 0;
|
||||
return (strcasecmp(encoding, "chunked") == 0) ? 1 : 0;
|
||||
return false;
|
||||
return (strcasecmp(encoding, "chunked") == 0);
|
||||
}
|
||||
|
||||
u8 read_chunked(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
|
||||
bool read_chunked(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
|
||||
{
|
||||
struct phr_chunked_decoder decoder = {};
|
||||
size_t capacity = 4096, rsize;
|
||||
ssize_t rret, pret;
|
||||
decoder.consume_trailer = 1;
|
||||
struct phr_chunked_decoder decoder = {0};
|
||||
size_t rsize, capacity = 4096;
|
||||
ssize_t pret;
|
||||
int ret;
|
||||
decoder.consume_trailer = true;
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Data is chunked\n");
|
||||
#endif
|
||||
|
@ -127,7 +162,7 @@ u8 read_chunked(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
|
|||
if (buffer->show_progress)
|
||||
{
|
||||
if (ProgressCanceled())
|
||||
return 0;
|
||||
return false;
|
||||
ShowProgress(start_pos, capacity); // Unknown size for chunked transfers
|
||||
}
|
||||
if (start_pos == capacity)
|
||||
|
@ -136,46 +171,39 @@ u8 read_chunked(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
|
|||
gprintf("Increased buffer size\n");
|
||||
#endif
|
||||
capacity *= 2;
|
||||
buffer->data = realloc(buffer->data, capacity);
|
||||
buffer->data = MEM2_realloc(buffer->data, capacity);
|
||||
}
|
||||
while ((rret = https_read(httpinfo, &buffer->data[start_pos], capacity - start_pos)) == -1 && errno == EINTR)
|
||||
;
|
||||
if (rret <= 0)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("IO error\n");
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
rsize = rret;
|
||||
if ((ret = https_read(httpinfo, &buffer->data[start_pos], capacity - start_pos, false)) < 1)
|
||||
return false;
|
||||
rsize = ret;
|
||||
pret = phr_decode_chunked(&decoder, &buffer->data[start_pos], &rsize);
|
||||
if (pret == -1)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Parse error\n");
|
||||
#endif
|
||||
return 0;
|
||||
return false;
|
||||
}
|
||||
start_pos += rsize;
|
||||
} while (pret == -2);
|
||||
buffer->size = start_pos;
|
||||
buffer->data = realloc(buffer->data, buffer->size);
|
||||
return 1;
|
||||
buffer->data = MEM2_realloc(buffer->data, buffer->size);
|
||||
return true;
|
||||
}
|
||||
|
||||
u8 read_all(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
|
||||
bool read_all(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
|
||||
{
|
||||
size_t capacity = 4096;
|
||||
ssize_t ret;
|
||||
int ret;
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Data is not chunked\n");
|
||||
#endif
|
||||
while (1)
|
||||
while (true)
|
||||
{
|
||||
if (buffer->show_progress)
|
||||
{
|
||||
if (ProgressCanceled())
|
||||
return 0;
|
||||
return false;
|
||||
ShowProgress(start_pos, buffer->content_length);
|
||||
}
|
||||
if (start_pos == capacity)
|
||||
|
@ -184,81 +212,140 @@ u8 read_all(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
|
|||
gprintf("Increased buffer size\n");
|
||||
#endif
|
||||
capacity *= 2;
|
||||
buffer->data = realloc(buffer->data, capacity);
|
||||
buffer->data = MEM2_realloc(buffer->data, capacity);
|
||||
}
|
||||
while ((ret = https_read(httpinfo, &buffer->data[start_pos], capacity - start_pos)) == -1 && errno == EINTR)
|
||||
;
|
||||
if (ret == 0)
|
||||
if ((ret = https_read(httpinfo, &buffer->data[start_pos], capacity - start_pos, false)) == 0)
|
||||
break;
|
||||
if (ret < 0)
|
||||
return 0;
|
||||
|
||||
return false;
|
||||
start_pos += ret;
|
||||
};
|
||||
buffer->size = start_pos;
|
||||
buffer->data = realloc(buffer->data, buffer->size);
|
||||
return 1;
|
||||
buffer->data = MEM2_realloc(buffer->data, buffer->size);
|
||||
return (buffer->content_length > 0 && buffer->content_length == start_pos);
|
||||
}
|
||||
|
||||
bool get_response(HTTP_INFO *httpinfo, HTTP_RESPONSE *resp, bool proxy)
|
||||
{
|
||||
int rret, minor_version;
|
||||
size_t msg_len, prevbuflen;
|
||||
const char *msg;
|
||||
|
||||
while (true)
|
||||
{
|
||||
if ((rret = https_read(httpinfo, &resp->data[resp->buflen], 1, proxy)) < 1)
|
||||
return false;
|
||||
prevbuflen = resp->buflen;
|
||||
resp->buflen += rret;
|
||||
// Parse the response
|
||||
resp->num_headers = sizeof(resp->headers) / sizeof(resp->headers[0]);
|
||||
if ((resp->pret = phr_parse_response(resp->data, resp->buflen, &minor_version, &resp->status, &msg, &msg_len,
|
||||
resp->headers, &resp->num_headers, prevbuflen)) > 0)
|
||||
return true;
|
||||
else if (resp->pret == -1)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("pret error %i\n", resp->pret);
|
||||
#endif
|
||||
return false;
|
||||
}
|
||||
if (resp->buflen == sizeof(resp->data))
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("buflen error %lu\n", (unsigned long)resp->buflen);
|
||||
#endif
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
bool check_ip(char *str)
|
||||
{
|
||||
int partA, partB, partC, partD;
|
||||
char extra;
|
||||
// We avoid using regex because it increases the file size
|
||||
return (sscanf(str, "%d.%d.%d.%d%c", &partA, &partB, &partC, &partD, &extra) == 4);
|
||||
}
|
||||
|
||||
bool connect_proxy(HTTP_INFO *httpinfo, char *host, char *username, char *password)
|
||||
{
|
||||
HTTP_RESPONSE response = {0};
|
||||
char request[500];
|
||||
char credentials[66];
|
||||
char *auth;
|
||||
int len;
|
||||
if (username && password)
|
||||
{
|
||||
if (!snprintf(credentials, sizeof(credentials), "%s:%s", username, password))
|
||||
return false;
|
||||
if (!(auth = base64(credentials, strlen(credentials), &len)))
|
||||
return false;
|
||||
len = snprintf(request, sizeof(request),
|
||||
"CONNECT %s:%i HTTP/1.1\r\nProxy-Authorization: Basic %s\r\nUser-Agent: curl/7.55.1\r\n\r\n",
|
||||
host, httpinfo->use_https ? 443 : 80, auth);
|
||||
MEM2_free(auth);
|
||||
}
|
||||
else
|
||||
len = snprintf(request, sizeof(request),
|
||||
"CONNECT %s:%i HTTP/1.1\r\nUser-Agent: curl/7.55.1\r\n\r\n",
|
||||
host, httpinfo->use_https ? 443 : 80);
|
||||
if (len > 0 && https_write(httpinfo, request, len, true) != len)
|
||||
return false;
|
||||
if (get_response(httpinfo, &response, true))
|
||||
{
|
||||
if (response.status == 200)
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
int connect(char *host, u16 port)
|
||||
{
|
||||
struct sockaddr_in sin;
|
||||
s32 sock, ret;
|
||||
u64 t;
|
||||
|
||||
u32 ipaddress = getipbynamecached(host);
|
||||
if (ipaddress == 0)
|
||||
return -1;
|
||||
|
||||
sock = net_socket(AF_INET, SOCK_STREAM, IPPROTO_IP);
|
||||
if (sock < 0)
|
||||
return sock;
|
||||
|
||||
memset(&sin, 0, sizeof(struct sockaddr_in));
|
||||
u32 ipaddress;
|
||||
u64 time;
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Connecting to %s", host);
|
||||
#endif
|
||||
if ((ipaddress = check_ip(host) ? inet_addr(host) : getipbynamecached(host)) == 0)
|
||||
return -EFAULT;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(port);
|
||||
sin.sin_addr.s_addr = ipaddress;
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Connecting to %s (%s)\n", host, inet_ntoa(sin.sin_addr));
|
||||
if (!check_ip(host))
|
||||
gprintf(" (%s)", inet_ntoa(sin.sin_addr));
|
||||
#endif
|
||||
if ((sock = net_socket(AF_INET, SOCK_STREAM, IPPROTO_IP)) < 0)
|
||||
return sock;
|
||||
net_fcntl(sock, F_SETFL, 4);
|
||||
t = gettime();
|
||||
while (1)
|
||||
time = gettime();
|
||||
while (ticks_to_millisecs(diff_ticks(time, gettime())) < CONNECT_TIMEOUT)
|
||||
{
|
||||
if (ticks_to_millisecs(diff_ticks(t, gettime())) > TCP_CONNECT_TIMEOUT)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("The connection timed out\n");
|
||||
#endif
|
||||
net_close(sock);
|
||||
return -ETIMEDOUT;
|
||||
}
|
||||
ret = net_connect(sock, (struct sockaddr *)&sin, sizeof(sin));
|
||||
if (ret < 0)
|
||||
if ((ret = net_connect(sock, (struct sockaddr *)&sin, sizeof(sin))) < 0)
|
||||
{
|
||||
if (ret == -EISCONN)
|
||||
break;
|
||||
return sock;
|
||||
if (ret == -EINPROGRESS || ret == -EALREADY)
|
||||
{
|
||||
usleep(20 * 1000);
|
||||
usleep(10000);
|
||||
continue;
|
||||
}
|
||||
net_close(sock);
|
||||
return ret;
|
||||
}
|
||||
break;
|
||||
}
|
||||
net_fcntl(sock, F_SETFL, 0);
|
||||
return sock;
|
||||
net_close(sock);
|
||||
return -ETIMEDOUT;
|
||||
}
|
||||
|
||||
void downloadfile(const char *url, struct download *buffer)
|
||||
{
|
||||
HTTP_INFO httpinfo;
|
||||
memset(&httpinfo, 0, sizeof(HTTP_INFO));
|
||||
HTTP_INFO httpinfo = {0};
|
||||
// Always reset the size due to the image downloader looping
|
||||
buffer->size = 0;
|
||||
|
||||
// Check if we're using HTTPS and set the path
|
||||
char *path;
|
||||
if (strncmp(url, "https://", 8) == 0)
|
||||
|
@ -272,33 +359,53 @@ void downloadfile(const char *url, struct download *buffer)
|
|||
path = strchr(url + 7, '/');
|
||||
}
|
||||
else
|
||||
return; // Prevents uninitialized warning
|
||||
|
||||
return;
|
||||
if (path == NULL)
|
||||
return;
|
||||
|
||||
// Get the host
|
||||
int domainlength = path - url - 7 - httpinfo.use_https;
|
||||
char host[domainlength + 1];
|
||||
strlcpy(host, url + 7 + httpinfo.use_https, domainlength + 1);
|
||||
|
||||
// Start connecting
|
||||
if ((httpinfo.sock = connect(host, httpinfo.use_https ? 443 : 80)) < 0)
|
||||
if (getProxyAddress() && getProxyPort() > 0)
|
||||
httpinfo.sock = connect(getProxyAddress(), getProxyPort());
|
||||
else
|
||||
httpinfo.sock = connect(host, httpinfo.use_https ? 443 : 80);
|
||||
|
||||
if (httpinfo.sock < 0)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Failed to connect to %s\n", host);
|
||||
if (httpinfo.sock == -ETIMEDOUT)
|
||||
gprintf("\nFailed to connect (timed out)\n");
|
||||
else
|
||||
gprintf("\nFailed to connect (%i)\n", httpinfo.sock);
|
||||
#endif
|
||||
return;
|
||||
}
|
||||
#ifdef DEBUG_NETWORK
|
||||
else
|
||||
gprintf("Connected\n");
|
||||
gprintf("\nConnected\n");
|
||||
#endif
|
||||
|
||||
// Connect to a web proxy
|
||||
if (getProxyAddress() && getProxyPort() > 0)
|
||||
{
|
||||
if (!connect_proxy(&httpinfo, host, getProxyUsername(), getProxyPassword()))
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Failed to connect to proxy (%s:%i)\n", getProxyAddress(), getProxyPort());
|
||||
#endif
|
||||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
session = NULL; // Resume doesn't work with a proxy
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Proxy is ready to receive\n");
|
||||
#endif
|
||||
}
|
||||
// Setup for HTTPS if it's necessary
|
||||
if (httpinfo.use_https)
|
||||
{
|
||||
// Create a new SSL context
|
||||
// wolfSSLv23_client_method() works, but resume would require further changes
|
||||
// wolfSSLv23_client_method() works but TLS 1.2 is slightly faster on Wii
|
||||
if ((httpinfo.ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
|
@ -318,6 +425,9 @@ void downloadfile(const char *url, struct download *buffer)
|
|||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
// Custom I/O is essential due to how libogc handles errors
|
||||
wolfSSL_SetIOSend(httpinfo.ctx, send_callback);
|
||||
wolfSSL_SetIORecv(httpinfo.ctx, recv_callback);
|
||||
// Create a new wolfSSL session
|
||||
if ((httpinfo.ssl = wolfSSL_new(httpinfo.ctx)) == NULL)
|
||||
{
|
||||
|
@ -345,13 +455,20 @@ void downloadfile(const char *url, struct download *buffer)
|
|||
session = NULL;
|
||||
}
|
||||
// Initiate a handshake
|
||||
if (wolfSSL_connect(httpinfo.ssl) != SSL_SUCCESS)
|
||||
u64 time = gettime();
|
||||
while (true)
|
||||
{
|
||||
if (ticks_to_millisecs(diff_ticks(time, gettime())) > CONNECT_TIMEOUT)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("SSL handshake failed\n");
|
||||
gprintf("SSL handshake failed\n");
|
||||
#endif
|
||||
https_close(&httpinfo);
|
||||
return;
|
||||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
if (wolfSSL_connect(httpinfo.ssl) == SSL_SUCCESS)
|
||||
break;
|
||||
usleep(10000);
|
||||
}
|
||||
// Check if we resumed successfully
|
||||
if (session != NULL && !wolfSSL_session_reused(httpinfo.ssl))
|
||||
|
@ -370,28 +487,21 @@ void downloadfile(const char *url, struct download *buffer)
|
|||
gprintf("Using: %s - %s\n", wolfSSL_get_version(httpinfo.ssl), wolfSSL_CIPHER_get_name(cipher));
|
||||
#endif
|
||||
}
|
||||
|
||||
// Send our request
|
||||
char request[2300];
|
||||
char isgecko[36] = "Cookie: challenge=BitMitigate.com\r\n";
|
||||
char method[5] = "HEAD"; // The only way to get the GameTDB timestamp
|
||||
char method[5] = "HEAD"; // Get the GameTDB timestamp
|
||||
int ret, len;
|
||||
if (strcmp(host, "www.geckocodes.org") != 0)
|
||||
memset(isgecko, 0, sizeof(isgecko)); // Not geckocodes, so don't set a cookie
|
||||
|
||||
if (!buffer->gametdbcheck)
|
||||
strcpy(method, "GET");
|
||||
|
||||
len = snprintf(request, 2300,
|
||||
len = snprintf(request, sizeof(request),
|
||||
"%s %s HTTP/1.1\r\n"
|
||||
"Host: %s\r\n"
|
||||
"User-Agent: USBLoaderGX/%s\r\n"
|
||||
"Connection: close\r\n"
|
||||
"%s"
|
||||
"Pragma: no-cache\r\n"
|
||||
"Cache-Control: no-cache\r\n\r\n",
|
||||
method, path, host, GetRev(), isgecko);
|
||||
if ((ret = https_write(&httpinfo, request, len)) != len)
|
||||
method, path, host, GetRev());
|
||||
if ((ret = https_write(&httpinfo, request, len, false)) != len)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("https_write error: %i\n", ret);
|
||||
|
@ -399,7 +509,6 @@ void downloadfile(const char *url, struct download *buffer)
|
|||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
|
||||
// Check if we want a response
|
||||
if (buffer->skip_response)
|
||||
{
|
||||
|
@ -409,56 +518,15 @@ void downloadfile(const char *url, struct download *buffer)
|
|||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
|
||||
// Get the response
|
||||
char response[4096];
|
||||
struct phr_header headers[100];
|
||||
int pret, minor_version, status, dl_valid;
|
||||
size_t buflen = 0, prevbuflen = 0, num_headers, msg_len;
|
||||
ssize_t rret;
|
||||
const char *msg;
|
||||
|
||||
while (1)
|
||||
HTTP_RESPONSE response = {0};
|
||||
if (!get_response(&httpinfo, &response, false))
|
||||
{
|
||||
// Read the response
|
||||
while ((rret = https_read(&httpinfo, &response[buflen], 1)) == -1 && errno == EINTR)
|
||||
;
|
||||
if (rret <= 0)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("rret error %i\n", rret);
|
||||
#endif
|
||||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
prevbuflen = buflen;
|
||||
buflen += rret;
|
||||
// Parse the response
|
||||
num_headers = sizeof(headers) / sizeof(headers[0]);
|
||||
pret = phr_parse_response(response, buflen, &minor_version, &status, &msg, &msg_len, headers, &num_headers, prevbuflen);
|
||||
if (pret > 0)
|
||||
break; // Successfully parsed the response
|
||||
else if (pret == -1)
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("pret error %i\n", pret);
|
||||
#endif
|
||||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
// Response is incomplete so continue the loop
|
||||
if (buflen == sizeof(response))
|
||||
{
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("buflen error %i\n", buflen);
|
||||
#endif
|
||||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
|
||||
// The website wants to redirect us
|
||||
if (status == 301 || status == 302)
|
||||
if (response.status == 301 || response.status == 302)
|
||||
{
|
||||
https_close(&httpinfo);
|
||||
if (loop == REDIRECT_LIMIT)
|
||||
|
@ -469,8 +537,8 @@ void downloadfile(const char *url, struct download *buffer)
|
|||
return;
|
||||
}
|
||||
loop++;
|
||||
char location[2100] = {};
|
||||
if (!get_header_value(headers, num_headers, location, "location"))
|
||||
char location[2049];
|
||||
if (!get_header_value(response.headers, response.num_headers, location, "location"))
|
||||
return;
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Redirect #%i - %s\n", loop, location);
|
||||
|
@ -483,27 +551,29 @@ void downloadfile(const char *url, struct download *buffer)
|
|||
// Exit if it's a GameTDB HEAD request
|
||||
if (buffer->gametdbcheck)
|
||||
{
|
||||
buffer->gametdbcheck = get_header_value_int(headers, num_headers, "x-gametdb-timestamp");
|
||||
buffer->gametdbcheck = get_header_value_int(response.headers, response.num_headers, "x-gametdb-timestamp");
|
||||
https_close(&httpinfo);
|
||||
return;
|
||||
}
|
||||
// We got what we wanted
|
||||
if (status == 200)
|
||||
if (response.status == 200)
|
||||
{
|
||||
buffer->data = malloc(4096);
|
||||
memcpy(buffer->data, &response[pret], buflen - pret);
|
||||
if (buffer->show_progress)
|
||||
buffer->content_length = get_header_value_int(headers, num_headers, "content-length");
|
||||
buffer->data = MEM2_alloc(4096);
|
||||
memcpy(buffer->data, &response.data[response.pret], response.buflen - response.pret);
|
||||
// Determine how to read the data
|
||||
if (is_chunked(headers, num_headers))
|
||||
dl_valid = read_chunked(&httpinfo, buffer, buflen - pret);
|
||||
bool dl_valid;
|
||||
if (is_chunked(response.headers, response.num_headers))
|
||||
dl_valid = read_chunked(&httpinfo, buffer, response.buflen - response.pret);
|
||||
else
|
||||
dl_valid = read_all(&httpinfo, buffer, buflen - pret);
|
||||
{
|
||||
buffer->content_length = get_header_value_int(response.headers, response.num_headers, "content-length");
|
||||
dl_valid = read_all(&httpinfo, buffer, response.buflen - response.pret);
|
||||
}
|
||||
// Check if the download is incomplete
|
||||
if (!dl_valid || buffer->size <= 0)
|
||||
if (!dl_valid || buffer->size < 1)
|
||||
{
|
||||
buffer->size = 0;
|
||||
free(buffer->data);
|
||||
MEM2_free(buffer->data);
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Removed incomplete download\n");
|
||||
#endif
|
||||
|
@ -516,16 +586,18 @@ void downloadfile(const char *url, struct download *buffer)
|
|||
// Finished
|
||||
https_close(&httpinfo);
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Download size: %llu\n", buffer->size);
|
||||
gprintf("Headers:\n");
|
||||
for (size_t i = 0; i != num_headers; ++i)
|
||||
gprintf("%.*s: %.*s\n", (int)headers[i].name_len, headers[i].name, (int)headers[i].value_len, headers[i].value);
|
||||
gprintf("Download size: %llu\n", (long long)buffer->size);
|
||||
gprintf("------------- HEADERS -------------\n");
|
||||
for (size_t i = 0; i != response.num_headers; ++i)
|
||||
gprintf("%.*s: %.*s\n", (int)response.headers[i].name_len, response.headers[i].name,
|
||||
(int)response.headers[i].value_len, response.headers[i].value);
|
||||
gprintf("------------ COMPLETED ------------\n");
|
||||
#endif
|
||||
return;
|
||||
}
|
||||
// Close on all other status codes
|
||||
#ifdef DEBUG_NETWORK
|
||||
gprintf("Status code: %i - %s\n", status, url);
|
||||
gprintf("Status code: %i - %s\n", response.status, url);
|
||||
#endif
|
||||
https_close(&httpinfo);
|
||||
}
|
||||
|
|
|
@ -6,7 +6,10 @@
|
|||
#define _HTTPS_H_
|
||||
|
||||
#include <libs/libwolfssl/ssl.h>
|
||||
|
||||
#include "dns.h"
|
||||
#include "memory/mem2.h"
|
||||
#include "picohttpparser.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
|
@ -15,19 +18,30 @@ extern "C"
|
|||
|
||||
// #define DEBUG_NETWORK
|
||||
#define REDIRECT_LIMIT 3
|
||||
#define TCP_CONNECT_TIMEOUT 5000
|
||||
#define READ_WRITE_TIMEOUT 5000
|
||||
#define CONNECT_TIMEOUT 10000
|
||||
#define READ_WRITE_TIMEOUT 20000
|
||||
#define BLOCK_SIZE 8192
|
||||
|
||||
struct download
|
||||
{
|
||||
u8 skip_response; // Used by WiinnerTag
|
||||
u8 show_progress; // Used when downloading wiitdb.zip
|
||||
bool skip_response; // Used by WiinnerTag
|
||||
bool show_progress; // Used when downloading wiitdb.zip
|
||||
u64 gametdbcheck; // Used when checking the GameTDB version
|
||||
u64 content_length;
|
||||
u64 size;
|
||||
char *data;
|
||||
};
|
||||
|
||||
typedef struct
|
||||
{
|
||||
int status;
|
||||
int pret;
|
||||
size_t num_headers;
|
||||
size_t buflen;
|
||||
struct phr_header headers[100];
|
||||
char data[4096];
|
||||
} HTTP_RESPONSE;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
u8 use_https;
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
#include "networkops.h"
|
||||
#include "https.h"
|
||||
#include "update.h"
|
||||
#include "settings/ProxySettings.h"
|
||||
|
||||
#define PORT 4299
|
||||
|
||||
|
@ -52,6 +53,7 @@ void Initialize_Network(int retries)
|
|||
}
|
||||
else
|
||||
{
|
||||
getProxyInfo();
|
||||
wolfSSL_Init();
|
||||
networkinitialized = true;
|
||||
return;
|
||||
|
|
|
@ -241,6 +241,41 @@ static const char *is_complete(const char *buf, const char *buf_end, size_t last
|
|||
*valp_ += res_; \
|
||||
} while (0)
|
||||
|
||||
/* returned pointer is always within [buf, buf_end), or null */
|
||||
static const char *parse_token(const char *buf, const char *buf_end, const char **token, size_t *token_len, char next_char,
|
||||
int *ret)
|
||||
{
|
||||
/* We use pcmpestri to detect non-token characters. This instruction can take no more than eight character ranges (8*2*8=128
|
||||
* bits that is the size of a SSE register). Due to this restriction, characters `|` and `~` are handled in the slow loop. */
|
||||
static const char ALIGNED(16) ranges[] = "\x00 " /* control chars and up to SP */
|
||||
"\"\"" /* 0x22 */
|
||||
"()" /* 0x28,0x29 */
|
||||
",," /* 0x2c */
|
||||
"//" /* 0x2f */
|
||||
":@" /* 0x3a-0x40 */
|
||||
"[]" /* 0x5b-0x5d */
|
||||
"{\xff"; /* 0x7b-0xff */
|
||||
const char *buf_start = buf;
|
||||
int found;
|
||||
buf = findchar_fast(buf, buf_end, ranges, sizeof(ranges) - 1, &found);
|
||||
if (!found) {
|
||||
CHECK_EOF();
|
||||
}
|
||||
while (1) {
|
||||
if (*buf == next_char) {
|
||||
break;
|
||||
} else if (!token_char_map[(unsigned char)*buf]) {
|
||||
*ret = -1;
|
||||
return NULL;
|
||||
}
|
||||
++buf;
|
||||
CHECK_EOF();
|
||||
}
|
||||
*token = buf_start;
|
||||
*token_len = buf - buf_start;
|
||||
return buf;
|
||||
}
|
||||
|
||||
/* returned pointer is always within [buf, buf_end), or null */
|
||||
static const char *parse_http_version(const char *buf, const char *buf_end, int *minor_version, int *ret)
|
||||
{
|
||||
|
@ -280,31 +315,10 @@ static const char *parse_headers(const char *buf, const char *buf_end, struct ph
|
|||
if (!(*num_headers != 0 && (*buf == ' ' || *buf == '\t'))) {
|
||||
/* parsing name, but do not discard SP before colon, see
|
||||
* http://www.mozilla.org/security/announce/2006/mfsa2006-33.html */
|
||||
headers[*num_headers].name = buf;
|
||||
static const char ALIGNED(16) ranges1[] = "\x00 " /* control chars and up to SP */
|
||||
"\"\"" /* 0x22 */
|
||||
"()" /* 0x28,0x29 */
|
||||
",," /* 0x2c */
|
||||
"//" /* 0x2f */
|
||||
":@" /* 0x3a-0x40 */
|
||||
"[]" /* 0x5b-0x5d */
|
||||
"{\377"; /* 0x7b-0xff */
|
||||
int found;
|
||||
buf = findchar_fast(buf, buf_end, ranges1, sizeof(ranges1) - 1, &found);
|
||||
if (!found) {
|
||||
CHECK_EOF();
|
||||
if ((buf = parse_token(buf, buf_end, &headers[*num_headers].name, &headers[*num_headers].name_len, ':', ret)) == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
while (1) {
|
||||
if (*buf == ':') {
|
||||
break;
|
||||
} else if (!token_char_map[(unsigned char)*buf]) {
|
||||
*ret = -1;
|
||||
return NULL;
|
||||
}
|
||||
++buf;
|
||||
CHECK_EOF();
|
||||
}
|
||||
if ((headers[*num_headers].name_len = buf - headers[*num_headers].name) == 0) {
|
||||
if (headers[*num_headers].name_len == 0) {
|
||||
*ret = -1;
|
||||
return NULL;
|
||||
}
|
||||
|
@ -352,13 +366,17 @@ static const char *parse_request(const char *buf, const char *buf_end, const cha
|
|||
}
|
||||
|
||||
/* parse request line */
|
||||
ADVANCE_TOKEN(*method, *method_len);
|
||||
if ((buf = parse_token(buf, buf_end, method, method_len, ' ', ret)) == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
do {
|
||||
++buf;
|
||||
CHECK_EOF();
|
||||
} while (*buf == ' ');
|
||||
ADVANCE_TOKEN(*path, *path_len);
|
||||
do {
|
||||
++buf;
|
||||
CHECK_EOF();
|
||||
} while (*buf == ' ');
|
||||
if (*method_len == 0 || *path_len == 0) {
|
||||
*ret = -1;
|
||||
|
@ -422,6 +440,7 @@ static const char *parse_response(const char *buf, const char *buf_end, int *min
|
|||
}
|
||||
do {
|
||||
++buf;
|
||||
CHECK_EOF();
|
||||
} while (*buf == ' ');
|
||||
/* parse status code, we want at least [:digit:][:digit:][:digit:]<other char> to try to parse */
|
||||
if (buf_end - buf < 4) {
|
||||
|
@ -437,7 +456,8 @@ static const char *parse_response(const char *buf, const char *buf_end, int *min
|
|||
if (*msg_len == 0) {
|
||||
/* ok */
|
||||
} else if (**msg == ' ') {
|
||||
/* remove preceding space */
|
||||
/* Remove preceding space. Successful return from `get_token_to_eol` guarantees that we would hit something other than SP
|
||||
* before running past the end of the given buffer. */
|
||||
do {
|
||||
++*msg;
|
||||
--*msg_len;
|
||||
|
|
|
@ -61,7 +61,7 @@ int DownloadFileToPath(const char *url, const char *dest)
|
|||
StartProgress(tr("Downloading file..."), 0, filename, true, true);
|
||||
|
||||
struct download file = {};
|
||||
file.show_progress = 1;
|
||||
file.show_progress = true;
|
||||
downloadfile(url, &file);
|
||||
if (file.size > 0)
|
||||
{
|
||||
|
@ -73,7 +73,7 @@ int DownloadFileToPath(const char *url, const char *dest)
|
|||
}
|
||||
fwrite(file.data, 1, file.size, savefile);
|
||||
fclose(savefile);
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
}
|
||||
ProgressStop();
|
||||
ProgressCancelEnable(false);
|
||||
|
@ -84,7 +84,7 @@ static bool CheckNewGameTDBVersion(const char *url)
|
|||
{
|
||||
gprintf("Checking GameTDB version...\n");
|
||||
struct download file = {};
|
||||
file.gametdbcheck = 1;
|
||||
file.gametdbcheck = true;
|
||||
downloadfile(url, &file);
|
||||
|
||||
if (file.gametdbcheck <= 0)
|
||||
|
@ -157,7 +157,7 @@ static void UpdateIconPng()
|
|||
fwrite(file.data, 1, file.size, pfile);
|
||||
fclose(pfile);
|
||||
}
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -175,7 +175,7 @@ static void UpdateMetaXml()
|
|||
fwrite(file.data, 1, file.size, pfile);
|
||||
fclose(pfile);
|
||||
}
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -197,7 +197,7 @@ int CheckUpdate()
|
|||
if (file.size > 0)
|
||||
{
|
||||
revnumber = atoi((char *)file.data);
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
}
|
||||
|
||||
if (revnumber > currentrev)
|
||||
|
@ -233,7 +233,7 @@ static int ApplicationDownload(void)
|
|||
ptr++;
|
||||
}
|
||||
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
}
|
||||
|
||||
if (newrev <= currentrev)
|
||||
|
|
|
@ -1522,12 +1522,12 @@ int CodeDownload(const char *id)
|
|||
else
|
||||
WindowPrompt(tr("Error"), tr("Could not write file."), tr( "OK" ));
|
||||
}
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (file.size > 0)
|
||||
free(file.data);
|
||||
MEM2_free(file.data);
|
||||
snprintf(codeurl, sizeof(codeurl), "%s.txt%s", id, tr(" could not be downloaded."));
|
||||
WindowPrompt(tr( "Error" ), codeurl, tr( "OK" ));
|
||||
}
|
||||
|
|
|
@ -87,6 +87,9 @@ void CSettings::SetDefault()
|
|||
strlcpy(URL_Discs, "https://art.gametdb.com/wii/disc/", sizeof(URL_Discs));
|
||||
strlcpy(URL_DiscsCustom, "https://art.gametdb.com/wii/disccustom/", sizeof(URL_DiscsCustom));
|
||||
strlcpy(URL_GameTDB, "https://www.gametdb.com/wiitdb.zip", sizeof(URL_GameTDB));
|
||||
ProxyUsername[0] = 0;
|
||||
ProxyPassword[0] = 0;
|
||||
ProxyAddress[0] = 0;
|
||||
theme[0] = 0;
|
||||
language_path[0] = 0;
|
||||
ogg_path[0] = 0;
|
||||
|
@ -226,6 +229,8 @@ void CSettings::SetDefault()
|
|||
GCInstallCompressed = OFF;
|
||||
GCInstallAligned = OFF;
|
||||
PrivateServer = OFF;
|
||||
ProxyUseSystem = ON;
|
||||
ProxyPort = 0;
|
||||
}
|
||||
|
||||
bool CSettings::Load()
|
||||
|
@ -499,6 +504,11 @@ bool CSettings::Save()
|
|||
fprintf(file, "URL_Discs = %s\n", URL_Discs);
|
||||
fprintf(file, "URL_DiscsCustom = %s\n", URL_DiscsCustom);
|
||||
fprintf(file, "URL_GameTDB = %s\n", URL_GameTDB);
|
||||
fprintf(file, "ProxyUseSystem = %d\n", ProxyUseSystem);
|
||||
fprintf(file, "ProxyUsername = %s\n", ProxyUsername);
|
||||
fprintf(file, "ProxyPassword = %s\n", ProxyPassword);
|
||||
fprintf(file, "ProxyAddress = %s\n", ProxyAddress);
|
||||
fprintf(file, "ProxyPort = %d\n", ProxyPort);
|
||||
fclose(file);
|
||||
|
||||
return true;
|
||||
|
@ -1326,6 +1336,34 @@ bool CSettings::SetSetting(char *name, char *value)
|
|||
strlcpy(URL_GameTDB, value, sizeof(URL_GameTDB));
|
||||
return true;
|
||||
}
|
||||
else if (strcmp(name, "ProxyUseSystem") == 0)
|
||||
{
|
||||
ProxyUseSystem = atoi(value);
|
||||
return true;
|
||||
}
|
||||
else if (strcmp(name, "ProxyUsername") == 0)
|
||||
{
|
||||
if(strlen(value) > 0)
|
||||
strlcpy(ProxyUsername, value, sizeof(ProxyUsername));
|
||||
return true;
|
||||
}
|
||||
else if (strcmp(name, "ProxyPassword") == 0)
|
||||
{
|
||||
if(strlen(value) > 0)
|
||||
strlcpy(ProxyPassword, value, sizeof(ProxyPassword));
|
||||
return true;
|
||||
}
|
||||
else if (strcmp(name, "ProxyAddress") == 0)
|
||||
{
|
||||
if(strlen(value) > 6)
|
||||
strlcpy(ProxyAddress, value, sizeof(ProxyAddress));
|
||||
return true;
|
||||
}
|
||||
else if(strcmp(name, "ProxyPort") == 0)
|
||||
{
|
||||
ProxyPort = atoi(value);
|
||||
return true;
|
||||
}
|
||||
else if (strcmp(name, "CustomAddress") == 0)
|
||||
{
|
||||
if(strlen(value) > 3)
|
||||
|
|
|
@ -98,6 +98,11 @@ class CSettings
|
|||
char URL_Discs[300];
|
||||
char URL_DiscsCustom[300];
|
||||
char URL_GameTDB[300];
|
||||
char ProxyUsername[33];
|
||||
char ProxyPassword[33];
|
||||
char ProxyAddress[256];
|
||||
u16 ProxyPort;
|
||||
short ProxyUseSystem;
|
||||
short videomode;
|
||||
short language;
|
||||
short ocarina;
|
||||
|
|
74
source/settings/ProxySettings.cpp
Normal file
74
source/settings/ProxySettings.cpp
Normal file
|
@ -0,0 +1,74 @@
|
|||
#include <ogcsys.h>
|
||||
#include <ogc/isfs.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "ProxySettings.h"
|
||||
#include "settings/CSettings.h"
|
||||
|
||||
#define ALIGN32(x) (((x) + 31) & ~31)
|
||||
|
||||
bool proxy_enabled;
|
||||
bool proxy_creds_enabled;
|
||||
char proxy_address[256];
|
||||
u16 proxy_port;
|
||||
char proxy_username[33];
|
||||
char proxy_password[33];
|
||||
|
||||
void getProxyInfo()
|
||||
{
|
||||
char *buffer;
|
||||
int fd = ISFS_Open("/shared2/sys/net/02/config.dat", ISFS_OPEN_READ);
|
||||
if (fd >= 0)
|
||||
{
|
||||
fstats stats ATTRIBUTE_ALIGN(32);
|
||||
if (ISFS_GetFileStats(fd, &stats) >= 0)
|
||||
{
|
||||
if (stats.file_length == 7004)
|
||||
{
|
||||
buffer = (char *)MEM2_alloc(ALIGN32(stats.file_length));
|
||||
if (buffer)
|
||||
{
|
||||
if (ISFS_Read(fd, buffer, stats.file_length) == 7004)
|
||||
{
|
||||
proxy_enabled = buffer[44];
|
||||
proxy_creds_enabled = buffer[45];
|
||||
strncpy(proxy_address, buffer + 48, sizeof(proxy_address) - 1);
|
||||
proxy_port = ((buffer[304] & 0xFF) << 8) | (buffer[305] & 0xFF);
|
||||
strncpy(proxy_username, buffer + 306, sizeof(proxy_username) - 1);
|
||||
strncpy(proxy_password, buffer + 338, sizeof(proxy_password) - 1);
|
||||
}
|
||||
}
|
||||
MEM2_free(buffer);
|
||||
}
|
||||
}
|
||||
ISFS_Close(fd);
|
||||
}
|
||||
}
|
||||
|
||||
char *getProxyAddress()
|
||||
{
|
||||
if (Settings.ProxyUseSystem)
|
||||
return proxy_enabled ? proxy_address : NULL;
|
||||
return (strlen(Settings.ProxyAddress) > 6) ? Settings.ProxyAddress : NULL;
|
||||
}
|
||||
|
||||
u16 getProxyPort()
|
||||
{
|
||||
if (Settings.ProxyUseSystem)
|
||||
return proxy_enabled ? proxy_port : 0;
|
||||
return Settings.ProxyPort;
|
||||
}
|
||||
|
||||
char *getProxyUsername()
|
||||
{
|
||||
if (Settings.ProxyUseSystem)
|
||||
return proxy_enabled && proxy_creds_enabled ? proxy_username : NULL;
|
||||
return (strlen(Settings.ProxyUsername) > 0) ? Settings.ProxyUsername : NULL;
|
||||
}
|
||||
|
||||
char *getProxyPassword()
|
||||
{
|
||||
if (Settings.ProxyUseSystem)
|
||||
return proxy_enabled && proxy_creds_enabled ? proxy_password : NULL;
|
||||
return (strlen(Settings.ProxyPassword) > 0) ? Settings.ProxyPassword : NULL;
|
||||
}
|
17
source/settings/ProxySettings.h
Normal file
17
source/settings/ProxySettings.h
Normal file
|
@ -0,0 +1,17 @@
|
|||
#ifndef _PROXYSETTINGS_
|
||||
#define _PROXYSETTINGS_
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
void getProxyInfo();
|
||||
char *getProxyAddress();
|
||||
u16 getProxyPort();
|
||||
char *getProxyUsername();
|
||||
char *getProxyPassword();
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* _PROXYSETTINGS_ */
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue