Update wolfSSL and networking code

Uses MEM2 for downloads, improves timeout handling and adds proxy support.
This commit is contained in:
wiidev 2020-11-08 21:29:44 +00:00
parent 4440574baa
commit 1129a26b44
102 changed files with 3454 additions and 5486 deletions

View file

@ -2058,6 +2058,9 @@ msgstr "Synchronizuji ..."
msgid "System Default"
msgstr "Puvodní nastavení systému"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Cínsky"

View file

@ -2058,6 +2058,9 @@ msgstr "Synkronisere..."
msgid "System Default"
msgstr "System-standard"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Kinesisk (trad.)"

View file

@ -2058,6 +2058,9 @@ msgstr "Synchroniseren..."
msgid "System Default"
msgstr "Systeem standaard"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Chinees Trad."

View file

@ -2058,6 +2058,9 @@ msgstr ""
msgid "System Default"
msgstr ""
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr ""

View file

@ -2058,6 +2058,9 @@ msgstr ""
msgid "System Default"
msgstr "Wiin oletus"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "TKiina"

View file

@ -2058,6 +2058,9 @@ msgstr "Synchronisation..."
msgid "System Default"
msgstr "Console par défaut"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Chinois traditionnel"

View file

@ -2058,6 +2058,9 @@ msgstr "Synchronisiere..."
msgid "System Default"
msgstr "Konsolenstandard"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Traditionelles Chinesisch"

View file

@ -2058,6 +2058,9 @@ msgstr "Συγχρονισμός..."
msgid "System Default"
msgstr "Βασικό-η συστήματος"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Παραδοσιακά κινέζικα"

View file

@ -2058,6 +2058,9 @@ msgstr ""
msgid "System Default"
msgstr "Rendszer Alapértelmezett"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Tradicionális Kínai"

View file

@ -2058,6 +2058,9 @@ msgstr "Sincronizzando..."
msgid "System Default"
msgstr "Predefinita del sistema"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Cinese tradizionale"

View file

@ -2058,6 +2058,9 @@ msgstr "同期中です..."
msgid "System Default"
msgstr "Wiiの初期値"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "繁体中国語"

View file

@ -2052,6 +2052,9 @@ msgstr "동기화 중..."
msgid "System Default"
msgstr "기본 시스템"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "번체 중국어"

View file

@ -2058,6 +2058,9 @@ msgstr "Synkroniserer..."
msgid "System Default"
msgstr "System Standard"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "T.Kinesisk"

View file

@ -2058,6 +2058,9 @@ msgstr ""
msgid "System Default"
msgstr "Domyslne ustawienia systemowe"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "chinski"

View file

@ -2058,6 +2058,9 @@ msgstr "Sincronizando..."
msgid "System Default"
msgstr "Padrão"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Chinês"

View file

@ -2058,6 +2058,9 @@ msgstr "A sincronizar"
msgid "System Default"
msgstr "Predefinição Sistema"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Chinês Tradicional"

View file

@ -2058,6 +2058,9 @@ msgstr ""
msgid "System Default"
msgstr "По умолчанию"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Традиционный китайский"

View file

@ -2058,6 +2058,9 @@ msgstr "正在同步 ..."
msgid "System Default"
msgstr "系统默认"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "繁体中文"

View file

@ -2058,6 +2058,9 @@ msgstr "Sincronizando..."
msgid "System Default"
msgstr "Consola"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Chino Tradicional"

View file

@ -2058,6 +2058,9 @@ msgstr ""
msgid "System Default"
msgstr "Systemets standard"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "TKinesiska"

View file

@ -2058,6 +2058,9 @@ msgstr "正在同步..."
msgid "System Default"
msgstr "系統預設值"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "繁體中文"

View file

@ -2058,6 +2058,9 @@ msgstr ""
msgid "System Default"
msgstr "ค่าเริ่มต้นของระบบ"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "จีนโบราณ"

View file

@ -2058,6 +2058,9 @@ msgstr ""
msgid "System Default"
msgstr "Sistem Varsayılanı"
msgid "System Proxy Settings"
msgstr ""
msgid "TChinese"
msgstr "Geleneksel Çince"

View file

@ -83,7 +83,7 @@ int DownloadAllLanguageFiles(int revision)
fclose(pfile);
files_downloaded++;
}
free(file.data);
MEM2_free(file.data);
}
}
@ -151,7 +151,7 @@ int UpdateLanguageFiles()
fclose(pfile);
done++;
}
free(file.data);
MEM2_free(file.data);
}
}

File diff suppressed because it is too large Load diff

View file

@ -167,6 +167,8 @@ enum wolfSSL_ErrorCodes {
CLIENT_CERT_CB_ERROR = -436, /* Client cert callback error */
SSL_SHUTDOWN_ALREADY_DONE_E = -437, /* Shutdown called redundantly */
TLS13_SECRET_CB_E = -438, /* TLS1.3 secret Cb fcn failure */
DTLS_SIZE_ERROR = -439, /* Trying to send too much data */
NO_CERT_ERROR = -440, /* TLS1.3 - no cert set error */
/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */

View file

@ -72,6 +72,9 @@
#ifndef NO_SHA256
#include <libs/libwolfssl/wolfcrypt/sha256.h>
#endif
#if defined(WOLFSSL_SHA384)
#include <libs/libwolfssl/wolfcrypt/sha512.h>
#endif
#ifdef HAVE_OCSP
#include <libs/libwolfssl/ocsp.h>
#endif
@ -183,9 +186,16 @@
/* do nothing */
#else
#ifndef SINGLE_THREADED
#if defined(WOLFSSL_LINUXKM)
#define WOLFSSL_KTHREADS
#include <linux/kthread.h>
#elif defined(WOLFSSL_USER_MUTEX)
/* do nothing */
#else
#define WOLFSSL_PTHREADS
#include <pthread.h>
#endif
#endif
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
#include <unistd.h> /* for close of BIO */
#endif
@ -858,11 +868,13 @@
#if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) || \
defined(BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) || \
defined(BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) || \
defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) || \
defined(BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256) || \
defined(BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256) || \
defined(BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384) || \
defined(BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) || \
defined(BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) || \
defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) || \
defined(BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384) || \
defined(BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384) || \
@ -906,7 +918,7 @@
#define BUILD_DES3
#endif
#if defined(NO_AES) || defined(NO_AES_DECRYPT)
#if defined(NO_AES) || !defined(HAVE_AES_DECRYPT)
#define AES_BLOCK_SIZE 16
#undef BUILD_AES
#else
@ -1165,7 +1177,8 @@ enum {
#ifndef MAX_PSK_ID_LEN
/* max psk identity/hint supported */
#if defined(WOLFSSL_TLS13)
#define MAX_PSK_ID_LEN 256
/* OpenSSL has a 1472 byte sessiont ticket */
#define MAX_PSK_ID_LEN 1536
#else
#define MAX_PSK_ID_LEN 128
#endif
@ -1207,19 +1220,6 @@ enum Misc {
TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */
TLSv1_3_MINOR = 4, /* TLSv1_3 minor version number */
TLS_DRAFT_MAJOR = 0x7f, /* Draft TLS major version number */
#ifdef WOLFSSL_TLS13_DRAFT
#ifdef WOLFSSL_TLS13_DRAFT_18
TLS_DRAFT_MINOR = 0x12, /* Minor version number of TLS draft */
#elif defined(WOLFSSL_TLS13_DRAFT_22)
TLS_DRAFT_MINOR = 0x16, /* Minor version number of TLS draft */
#elif defined(WOLFSSL_TLS13_DRAFT_23)
TLS_DRAFT_MINOR = 0x17, /* Minor version number of TLS draft */
#elif defined(WOLFSSL_TLS13_DRAFT_26)
TLS_DRAFT_MINOR = 0x1a, /* Minor version number of TLS draft */
#else
TLS_DRAFT_MINOR = 0x1c, /* Minor version number of TLS draft */
#endif
#endif
OLD_HELLO_ID = 0x01, /* SSLv2 Client Hello Indicator */
INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */
NO_COMPRESSION = 0,
@ -1355,10 +1355,21 @@ enum Misc {
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
MAX_SYM_KEY_SIZE = AES_256_KEY_SIZE,
#else
#if defined(HAVE_NULL_CIPHER) && defined(WOLFSSL_TLS13)
#if defined(WOLFSSL_SHA384) && WC_MAX_SYM_KEY_SIZE < 48
MAX_SYM_KEY_SIZE = WC_SHA384_DIGEST_SIZE,
#elif !defined(NO_SHA256) && WC_MAX_SYM_KEY_SIZE < 32
MAX_SYM_KEY_SIZE = WC_SHA256_DIGEST_SIZE,
#else
MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
#endif
#else
MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
#endif
#endif
#ifdef HAVE_SELFTEST
#if defined(HAVE_SELFTEST) && \
(!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2))
#ifndef WOLFSSL_AES_KEY_SIZE_ENUM
#define WOLFSSL_AES_KEY_SIZE_ENUM
AES_IV_SIZE = 16,
@ -1502,7 +1513,7 @@ enum Misc {
/* number of items in the signature algo list */
#ifndef WOLFSSL_MAX_SIGALGO
#define WOLFSSL_MAX_SIGALGO 32
#define WOLFSSL_MAX_SIGALGO 36
#endif
@ -1590,6 +1601,7 @@ enum states {
SERVER_HELLO_COMPLETE,
SERVER_ENCRYPTED_EXTENSIONS_COMPLETE,
SERVER_CERT_COMPLETE,
SERVER_CERT_VERIFY_COMPLETE,
SERVER_KEYEXCHANGE_COMPLETE,
SERVER_HELLODONE_COMPLETE,
SERVER_CHANGECIPHERSPEC_COMPLETE,
@ -1622,14 +1634,14 @@ WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_3(void);
WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1_2(void);
#ifdef WOLFSSL_SESSION_EXPORT
WOLFSSL_LOCAL int wolfSSL_dtls_import_internal(WOLFSSL* ssl, byte* buf,
WOLFSSL_LOCAL int wolfSSL_dtls_import_internal(WOLFSSL* ssl, const byte* buf,
word32 sz);
WOLFSSL_LOCAL int wolfSSL_dtls_export_internal(WOLFSSL* ssl, byte* buf,
word32 sz);
WOLFSSL_LOCAL int wolfSSL_dtls_export_state_internal(WOLFSSL* ssl,
byte* buf, word32 sz);
WOLFSSL_LOCAL int wolfSSL_dtls_import_state_internal(WOLFSSL* ssl,
byte* buf, word32 sz);
const byte* buf, word32 sz);
WOLFSSL_LOCAL int wolfSSL_send_session(WOLFSSL* ssl);
#endif
#endif
@ -1657,6 +1669,10 @@ WOLFSSL_LOCAL int InitSSL_Side(WOLFSSL* ssl, word16 side);
/* for sniffer */
WOLFSSL_LOCAL int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 size, word32 totalSz, int sniff);
#ifdef WOLFSSL_TLS13
WOLFSSL_LOCAL int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 size, word32 totalSz, int sniff);
#endif
WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx);
/* TLS v1.3 needs these */
WOLFSSL_LOCAL int HandleTlsResumption(WOLFSSL* ssl, int bogusID,
@ -1688,16 +1704,15 @@ WOLFSSL_LOCAL void FreeSuites(WOLFSSL* ssl);
WOLFSSL_LOCAL int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 size);
WOLFSSL_LOCAL int MatchDomainName(const char* pattern, int len, const char* str);
#ifndef NO_CERTS
WOLFSSL_LOCAL int CheckAltNames(DecodedCert* dCert, char* domain);
#ifdef OPENSSL_EXTRA
WOLFSSL_LOCAL int CheckIPAddr(DecodedCert* dCert, char* ipasc);
#endif
WOLFSSL_LOCAL int CheckForAltNames(DecodedCert* dCert, const char* domain, int* checkCN);
WOLFSSL_LOCAL int CheckIPAddr(DecodedCert* dCert, const char* ipasc);
#endif
WOLFSSL_LOCAL int CreateTicket(WOLFSSL* ssl);
WOLFSSL_LOCAL int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz);
WOLFSSL_LOCAL int HashRaw(WOLFSSL* ssl, const byte* output, int sz);
WOLFSSL_LOCAL int HashOutput(WOLFSSL* ssl, const byte* output, int sz,
int ivSz);
WOLFSSL_LOCAL int HashInput(WOLFSSL* ssl, const byte* input, int sz);
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
WOLFSSL_LOCAL int SNI_Callback(WOLFSSL* ssl);
#endif
@ -1840,11 +1855,10 @@ WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#define MAX_DESCRIPTION_SZ 255
#endif
/* wolfSSL Cipher type just points back to SSL */
struct WOLFSSL_CIPHER {
byte cipherSuite0;
byte cipherSuite;
WOLFSSL* ssl;
const WOLFSSL* ssl;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
char description[MAX_DESCRIPTION_SZ];
unsigned long offset;
@ -2015,8 +2029,7 @@ WOLFSSL_LOCAL int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
#ifndef NO_CERTS
#if !defined NOCERTS &&\
(!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
typedef struct ProcPeerCertArgs {
buffer* certs;
#ifdef WOLFSSL_TLS13
@ -2132,8 +2145,10 @@ typedef struct Keys {
byte keyUpdateRespond:1; /* KeyUpdate is to be responded to. */
#endif
#ifdef WOLFSSL_RENESAS_TSIP_TLS
byte tsip_client_write_MAC_secret[TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE];
byte tsip_server_write_MAC_secret[TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE];
tsip_hmac_sha_key_index_t tsip_client_write_MAC_secret;
tsip_hmac_sha_key_index_t tsip_server_write_MAC_secret;
#endif
} Keys;
@ -2151,13 +2166,14 @@ typedef enum {
TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */
TLSX_EC_POINT_FORMATS = 0x000b,
#if !defined(WOLFSSL_NO_SIGALG)
TLSX_SIGNATURE_ALGORITHMS = 0x000d,
TLSX_SIGNATURE_ALGORITHMS = 0x000d, /* HELLO_EXT_SIG_ALGO */
#endif
TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */
TLSX_STATUS_REQUEST_V2 = 0x0011, /* a.k.a. OCSP stapling v2 */
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
TLSX_ENCRYPT_THEN_MAC = 0x0016, /* RFC 7366 */
#endif
TLSX_EXTENDED_MASTER_SECRET = 0x0017, /* HELLO_EXT_EXTMS */
TLSX_QUANTUM_SAFE_HYBRID = 0x0018, /* a.k.a. QSH */
TLSX_SESSION_TICKET = 0x0023,
#ifdef WOLFSSL_TLS13
@ -2175,12 +2191,8 @@ typedef enum {
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
TLSX_POST_HANDSHAKE_AUTH = 0x0031,
#endif
#if defined(WOLFSSL_TLS13_DRAFT_18) || defined(WOLFSSL_TLS13_DRAFT_22)
TLSX_KEY_SHARE = 0x0028,
#else
TLSX_SIGNATURE_ALGORITHMS_CERT = 0x0032,
TLSX_KEY_SHARE = 0x0033,
#endif
#endif
TLSX_RENEGOTIATION_INFO = 0xff01
} TLSX_Type;
@ -2522,7 +2534,6 @@ WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* ssl);
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
#ifndef WOLFSSL_TLS13_DRAFT_18
/* Ticket nonce - for deriving PSK.
* Length allowed to be: 1..255. Only support 4 bytes.
*/
@ -2530,7 +2541,6 @@ typedef struct TicketNonce {
byte len;
byte data[MAX_TICKET_NONCE_SZ];
} TicketNonce;
#endif
/* The PreSharedKey extension information - entry in a linked list. */
typedef struct PreSharedKey {
@ -2586,6 +2596,13 @@ enum DeriveKeyType {
update_traffic_key
};
WOLFSSL_LOCAL int DeriveEarlySecret(WOLFSSL* ssl);
WOLFSSL_LOCAL int DeriveHandshakeSecret(WOLFSSL* ssl);
WOLFSSL_LOCAL int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store);
WOLFSSL_LOCAL int DeriveMasterSecret(WOLFSSL* ssl);
WOLFSSL_LOCAL int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret);
WOLFSSL_LOCAL int DeriveResumptionSecret(WOLFSSL* ssl, byte* key);
/* The key update request values for KeyUpdate message. */
enum KeyUpdateRequest {
update_not_requested,
@ -2602,6 +2619,14 @@ enum SetCBIO {
};
#endif
#ifdef WOLFSSL_STATIC_EPHEMERAL
typedef struct {
int keyAlgo;
DerBuffer* key;
} StaticKeyExchangeInfo_t;
#endif
/* wolfSSL context type */
struct WOLFSSL_CTX {
WOLFSSL_METHOD* method;
@ -2710,9 +2735,7 @@ struct WOLFSSL_CTX {
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
short minEccKeySz; /* minimum ECC key size */
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
unsigned long mask; /* store SSL_OP_ flags */
#endif
#ifdef OPENSSL_EXTRA
byte sessionCtx[ID_LEN]; /* app session context ID */
word32 disabledCurves; /* curves disabled by user */
@ -2755,6 +2778,7 @@ struct WOLFSSL_CTX {
wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */
wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */
#endif
void* psk_ctx;
char server_hint[MAX_PSK_ID_LEN + NULL_TERM_LEN];
#endif /* HAVE_SESSION_TICKET || !NO_PSK */
#ifdef WOLFSSL_TLS13
@ -2771,7 +2795,7 @@ struct WOLFSSL_CTX {
pem_password_cb* passwd_cb;
void* passwd_userdata;
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_X509_STORE x509_store; /* points to ctx->cm */
WOLFSSL_X509_STORE* x509_store_pt; /* take ownership of external store */
byte readAhead;
@ -2887,6 +2911,9 @@ struct WOLFSSL_CTX {
Srp* srp; /* TLS Secure Remote Password Protocol*/
byte* srp_password;
#endif
#ifdef WOLFSSL_STATIC_EPHEMERAL
StaticKeyExchangeInfo_t staticKE;
#endif
};
WOLFSSL_LOCAL
@ -2950,7 +2977,6 @@ enum KeyExchangeAlgorithm {
ecc_static_diffie_hellman_kea /* for verify suite only */
};
/* Supported Authentication Schemes */
enum SignatureAlgorithm {
anonymous_sa_algo = 0,
@ -3009,6 +3035,13 @@ enum CipherType { aead };
#define CIPHER_NONCE
#endif
#if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION)
enum CipherSrc {
KEYS_NOT_SET = 0,
KEYS, /* keys from ssl->keys are loaded */
SCR /* keys from ssl->secure_renegotiation->tmp_keys are loaded */
};
#endif
/* cipher for now */
typedef struct Ciphers {
@ -3048,6 +3081,10 @@ typedef struct Ciphers {
#endif
byte state;
byte setup; /* have we set it up flag for detection */
#if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION)
enum CipherSrc src; /* DTLS uses this to determine which keys
* are currently loaded */
#endif
} Ciphers;
@ -3149,6 +3186,8 @@ struct WOLFSSL_SESSION {
#ifdef OPENSSL_EXTRA
byte sessionCtxSz; /* sessionCtx length */
byte sessionCtx[ID_LEN]; /* app specific context id */
wolfSSL_Mutex refMutex; /* ref count mutex */
int refCount; /* reference count */
#endif
#ifdef WOLFSSL_TLS13
word16 namedGroup;
@ -3157,10 +3196,8 @@ struct WOLFSSL_SESSION {
#ifdef WOLFSSL_TLS13
word32 ticketSeen; /* Time ticket seen (ms) */
word32 ticketAdd; /* Added by client */
#ifndef WOLFSSL_TLS13_DRAFT_18
TicketNonce ticketNonce; /* Nonce used to derive PSK */
#endif
#endif
#ifdef WOLFSSL_EARLY_DATA
word32 maxEarlyDataSz;
#endif
@ -3171,7 +3208,7 @@ struct WOLFSSL_SESSION {
byte staticTicket[SESSION_TICKET_LEN];
byte isDynamic;
#endif
#ifdef HAVE_EXT_CACHE
#if defined(HAVE_EXT_CACHE) || defined(OPENSSL_EXTRA)
byte isAlloced;
#endif
#ifdef HAVE_EX_DATA
@ -3185,7 +3222,7 @@ WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte);
WOLFSSL_LOCAL
int SetSession(WOLFSSL*, WOLFSSL_SESSION*);
typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int);
typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int, int);
#ifndef NO_CLIENT_CACHE
WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int);
@ -3346,8 +3383,9 @@ typedef struct Options {
wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */
wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */
#endif
void* psk_ctx;
#endif /* NO_PSK */
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(WOLFSSL_WPAS_SMALL)
unsigned long mask; /* store SSL_OP_ flags */
#endif
@ -3587,15 +3625,15 @@ struct WOLFSSL_X509_NAME {
char staticName[ASN_NAME_MAX];
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(NO_ASN)
DecodedName fullName;
WOLFSSL_X509_NAME_ENTRY cnEntry;
WOLFSSL_X509_NAME_ENTRY extra[MAX_NAME_ENTRIES]; /* extra entries added */
int entrySz; /* number of entries */
WOLFSSL_X509_NAME_ENTRY entry[MAX_NAME_ENTRIES]; /* all entries i.e. CN */
WOLFSSL_X509* x509; /* x509 that struct belongs to */
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
byte raw[ASN_NAME_MAX];
int rawLen;
#endif
void* heap;
};
#ifndef EXTERNAL_SERIAL_SIZE
@ -3626,7 +3664,7 @@ struct WOLFSSL_X509 {
WOLFSSL_STACK* ext_sk; /* Store X509_EXTENSIONS from wolfSSL_X509_get_ext */
WOLFSSL_STACK* ext_d2i;/* Store d2i extensions from wolfSSL_X509_get_ext_d2i */
#endif /* WOLFSSL_QT || OPENSSL_ALL */
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_ASN1_INTEGER* serialNumber; /* Stores SN from wolfSSL_X509_get_serialNumber */
#endif
WOLFSSL_ASN1_TIME notBefore;
@ -3741,6 +3779,7 @@ typedef struct DtlsMsg {
byte* msg;
DtlsFrag* fragList;
word32 fragSz; /* Length of fragments received */
word16 epoch; /* Epoch that this message belongs to */
word32 seq; /* Handshake sequence number */
word32 sz; /* Length of whole message */
byte type;
@ -3810,6 +3849,20 @@ typedef struct HS_Hashes {
} HS_Hashes;
#ifndef WOLFSSL_NO_TLS12
/* Persistable BuildMessage arguments */
typedef struct BuildMsgArgs {
word32 digestSz;
word32 sz;
word32 pad;
word32 idx;
word32 headerSz;
word16 size;
word32 ivSz; /* TLSv1.1 IV */
byte* iv;
} BuildMsgArgs;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#define MAX_ASYNC_ARGS 18
typedef void (*FreeArgsCb)(struct WOLFSSL* ssl, void* pArgs);
@ -3818,6 +3871,7 @@ typedef struct HS_Hashes {
WC_ASYNC_DEV* dev;
FreeArgsCb freeArgs; /* function pointer to cleanup args */
word32 args[MAX_ASYNC_ARGS]; /* holder for current args */
BuildMsgArgs buildArgs; /* holder for current BuildMessage args */
};
#endif
@ -3971,11 +4025,9 @@ struct WOLFSSL {
#endif
word16 pssAlgo;
#ifdef WOLFSSL_TLS13
#if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22)
word16 certHashSigAlgoSz; /* SigAlgoCert ext length in bytes */
byte certHashSigAlgo[WOLFSSL_MAX_SIGALGO]; /* cert sig/algo to
* offer */
#endif /* !WOLFSSL_TLS13_DRAFT_18 && !WOLFSSL_TLS13_DRAFT_22 */
#endif
#ifdef HAVE_NTRU
word16 peerNtruKeyLen;
@ -4115,6 +4167,8 @@ struct WOLFSSL {
#endif /* HAVE_TLS_EXTENSIONS */
#ifdef HAVE_OCSP
void* ocspIOCtx;
byte ocspProducedDate[MAX_DATE_SZ];
int ocspProducedDateFormat;
#ifdef OPENSSL_EXTRA
byte* ocspResp;
int ocspRespSz;
@ -4202,6 +4256,9 @@ struct WOLFSSL {
WOLFSSL_STACK* supportedCiphers; /* Used in wolfSSL_get_ciphers_compat */
WOLFSSL_STACK* peerCertChain; /* Used in wolfSSL_get_peer_cert_chain */
#endif
#ifdef WOLFSSL_STATIC_EPHEMERAL
StaticKeyExchangeInfo_t staticKE;
#endif
};
@ -4221,10 +4278,8 @@ WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */
int type, WOLFSSL* ssl, int userChain,
WOLFSSL_CRL* crl, int verify);
#ifdef OPENSSL_EXTRA
WOLFSSL_LOCAL int CheckHostName(DecodedCert* dCert, char *domainName,
WOLFSSL_LOCAL int CheckHostName(DecodedCert* dCert, const char *domainName,
size_t domainNameLen);
#endif
#endif
@ -4333,12 +4388,8 @@ WOLFSSL_LOCAL int SendTicket(WOLFSSL*);
WOLFSSL_LOCAL int DoClientTicket(WOLFSSL*, const byte*, word32);
WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int);
#ifdef WOLFSSL_TLS13
#ifdef WOLFSSL_TLS13_DRAFT_18
WOLFSSL_LOCAL int SendTls13HelloRetryRequest(WOLFSSL*);
#else
WOLFSSL_LOCAL int SendTls13ServerHello(WOLFSSL*, byte);
#endif
#endif
WOLFSSL_LOCAL int SendCertificate(WOLFSSL*);
WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*);
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
@ -4464,7 +4515,7 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
WOLFSSL_LOCAL int MakeTlsMasterSecret(WOLFSSL*);
#ifndef WOLFSSL_AEAD_ONLY
WOLFSSL_LOCAL int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in,
word32 sz, int padSz, int content, int verify);
word32 sz, int padSz, int content, int verify, int epochOrder);
#endif
#endif
@ -4486,24 +4537,30 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
WOLFSSL_LOCAL DtlsMsg* DtlsMsgNew(word32, void*);
WOLFSSL_LOCAL void DtlsMsgDelete(DtlsMsg*, void*);
WOLFSSL_LOCAL void DtlsMsgListDelete(DtlsMsg*, void*);
WOLFSSL_LOCAL int DtlsMsgSet(DtlsMsg*, word32, const byte*, byte,
WOLFSSL_LOCAL void DtlsTxMsgListClean(WOLFSSL* ssl);
WOLFSSL_LOCAL int DtlsMsgSet(DtlsMsg*, word32, word16, const byte*, byte,
word32, word32, void*);
WOLFSSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32);
WOLFSSL_LOCAL void DtlsMsgStore(WOLFSSL*, word32, const byte*, word32,
WOLFSSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32, word32);
WOLFSSL_LOCAL void DtlsMsgStore(WOLFSSL*, word32, word32, const byte*, word32,
byte, word32, word32, void*);
WOLFSSL_LOCAL DtlsMsg* DtlsMsgInsert(DtlsMsg*, DtlsMsg*);
WOLFSSL_LOCAL int DtlsMsgPoolSave(WOLFSSL*, const byte*, word32);
WOLFSSL_LOCAL int DtlsMsgPoolSave(WOLFSSL*, const byte*, word32, enum HandShakeType);
WOLFSSL_LOCAL int DtlsMsgPoolTimeout(WOLFSSL*);
WOLFSSL_LOCAL int VerifyForDtlsMsgPoolSend(WOLFSSL*, byte, word32);
WOLFSSL_LOCAL int VerifyForTxDtlsMsgDelete(WOLFSSL* ssl, DtlsMsg* head);
WOLFSSL_LOCAL void DtlsMsgPoolReset(WOLFSSL*);
WOLFSSL_LOCAL int DtlsMsgPoolSend(WOLFSSL*, int);
#endif /* WOLFSSL_DTLS */
#ifndef NO_TLS
#if defined(HAVE_SECURE_RENEGOTIATION) && defined(WOLFSSL_DTLS)
WOLFSSL_LOCAL int DtlsSCRKeysSet(WOLFSSL* ssl);
WOLFSSL_LOCAL int IsDtlsMsgSCRKeys(WOLFSSL* ssl);
WOLFSSL_LOCAL int DtlsUseSCRKeys(WOLFSSL* ssl);
WOLFSSL_LOCAL int DtlsCheckOrder(WOLFSSL* ssl, int order);
#endif
#endif /* NO_TLS */
WOLFSSL_LOCAL void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out);
#if defined(WOLFSSL_TLS13) && (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK))
WOLFSSL_LOCAL word32 TimeNowInMilliseconds(void);
@ -4511,8 +4568,8 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
WOLFSSL_LOCAL word32 LowResTimer(void);
#ifndef NO_CERTS
WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int);
WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap);
WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int, void*);
WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name);
WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int, void* heap);
WOLFSSL_LOCAL void FreeX509(WOLFSSL_X509*);
WOLFSSL_LOCAL int CopyDecodedToX509(WOLFSSL_X509*, DecodedCert*);
@ -4598,9 +4655,13 @@ WOLFSSL_LOCAL int SetDhExternal(WOLFSSL_DH *dh);
WOLFSSL_LOCAL int InitHandshakeHashes(WOLFSSL* ssl);
WOLFSSL_LOCAL void FreeHandshakeHashes(WOLFSSL* ssl);
#ifndef WOLFSSL_NO_TLS12
WOLFSSL_LOCAL void FreeBuildMsgArgs(WOLFSSL* ssl, BuildMsgArgs* args);
#endif
WOLFSSL_LOCAL int BuildMessage(WOLFSSL* ssl, byte* output, int outSz,
const byte* input, int inSz, int type, int hashOutput,
int sizeOnly, int asyncOkay);
int sizeOnly, int asyncOkay, int epochOrder);
#ifdef WOLFSSL_TLS13
int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,

Binary file not shown.

View file

@ -69,6 +69,7 @@
#define V_ASN1_OBJECT 6
#define V_ASN1_UTCTIME 23
#define V_ASN1_GENERALIZEDTIME 24
#define V_ASN1_PRINTABLESTRING 19
#define ASN1_STRING_FLAG_BITS_LEFT 0x008
#define ASN1_STRING_FLAG_NDEF 0x010
@ -107,7 +108,7 @@ typedef enum {
} WOLFSSL_ASN1_TYPES;
#define ASN1_SEQUENCE(type) \
static const type __##type##_dummy_struct;\
static type __##type##_dummy_struct;\
static const WOLFSSL_ASN1_TEMPLATE type##_member_data[]
#define ASN1_SIMPLE(type, member, member_type) \

View file

@ -33,11 +33,11 @@
#endif
#define BIO_FLAG_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL
#define BIO_FLAG_READ WOLFSSL_BIO_FLAG_READ
#define BIO_FLAG_WRITE WOLFSSL_BIO_FLAG_WRITE
#define BIO_FLAG_IO_SPECIAL WOLFSSL_BIO_FLAG_IO_SPECIAL
#define BIO_FLAG_RETRY WOLFSSL_BIO_FLAG_RETRY
#define BIO_FLAGS_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL
#define BIO_FLAGS_READ WOLFSSL_BIO_FLAG_READ
#define BIO_FLAGS_WRITE WOLFSSL_BIO_FLAG_WRITE
#define BIO_FLAGS_IO_SPECIAL WOLFSSL_BIO_FLAG_IO_SPECIAL
#define BIO_FLAGS_SHOULD_RETRY WOLFSSL_BIO_FLAG_RETRY
#define BIO_new_fp wolfSSL_BIO_new_fp
#define BIO_new_file wolfSSL_BIO_new_file

View file

@ -80,6 +80,8 @@ WOLFSSL_API int wolfSSL_DSA_do_verify(const unsigned char* d,
unsigned char* sig,
WOLFSSL_DSA* dsa, int *dsacheck);
WOLFSSL_API int wolfSSL_DSA_bits(const WOLFSSL_DSA *d);
WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_SIG_new(void);
WOLFSSL_API void wolfSSL_DSA_SIG_free(WOLFSSL_DSA_SIG *sig);
WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_do_sign_ex(const unsigned char* digest,

View file

@ -148,12 +148,21 @@ int wolfSSL_EC_POINT_oct2point(const WOLFSSL_EC_GROUP *group,
WOLFSSL_API
int wolfSSL_i2o_ECPublicKey(const WOLFSSL_EC_KEY *in, unsigned char **out);
WOLFSSL_API
WOLFSSL_EC_KEY *wolfSSL_d2i_ECPrivateKey(WOLFSSL_EC_KEY **key, const unsigned char **in,
long len);
WOLFSSL_API
int wolfSSL_i2d_ECPrivateKey(const WOLFSSL_EC_KEY *in, unsigned char **out);
WOLFSSL_API
void wolfSSL_EC_KEY_set_conv_form(WOLFSSL_EC_KEY *eckey, char form);
WOLFSSL_API
WOLFSSL_BIGNUM *wolfSSL_EC_POINT_point2bn(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *p,
char form,
WOLFSSL_BIGNUM *in, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
int wolfSSL_EC_POINT_is_on_curve(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *point,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
int wolfSSL_EC_KEY_LoadDer(WOLFSSL_EC_KEY* key,
@ -198,6 +207,8 @@ WOLFSSL_API
int wolfSSL_EC_GROUP_cmp(const WOLFSSL_EC_GROUP *a, const WOLFSSL_EC_GROUP *b,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
WOLFSSL_EC_GROUP *wolfSSL_EC_GROUP_dup(const WOLFSSL_EC_GROUP *src);
WOLFSSL_API
int wolfSSL_EC_GROUP_get_curve_name(const WOLFSSL_EC_GROUP *group);
WOLFSSL_API
int wolfSSL_EC_GROUP_get_degree(const WOLFSSL_EC_GROUP *group);
@ -228,11 +239,18 @@ int wolfSSL_EC_POINT_set_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_BIGNUM *y,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
int wolfSSL_EC_POINT_add(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
const WOLFSSL_EC_POINT *p1,
const WOLFSSL_EC_POINT *p2, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
const WOLFSSL_BIGNUM *n,
const WOLFSSL_EC_POINT *q, const WOLFSSL_BIGNUM *m,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
int wolfSSL_EC_POINT_invert(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *a,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
void wolfSSL_EC_POINT_clear_free(WOLFSSL_EC_POINT *point);
WOLFSSL_API
int wolfSSL_EC_POINT_cmp(const WOLFSSL_EC_GROUP *group,
@ -277,6 +295,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
#define EC_GROUP_new_by_curve_name wolfSSL_EC_GROUP_new_by_curve_name
#define EC_GROUP_cmp wolfSSL_EC_GROUP_cmp
#define EC_GROUP_dup wolfSSL_EC_GROUP_dup
#define EC_GROUP_get_curve_name wolfSSL_EC_GROUP_get_curve_name
#define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree
#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
@ -291,7 +310,9 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_set_affine_coordinates_GFp \
wolfSSL_EC_POINT_set_affine_coordinates_GFp
#define EC_POINT_add wolfSSL_EC_POINT_add
#define EC_POINT_mul wolfSSL_EC_POINT_mul
#define EC_POINT_invert wolfSSL_EC_POINT_invert
#define EC_POINT_clear_free wolfSSL_EC_POINT_clear_free
#define EC_POINT_cmp wolfSSL_EC_POINT_cmp
#define EC_POINT_copy wolfSSL_EC_POINT_copy
@ -304,7 +325,11 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define EC_POINT_point2oct wolfSSL_EC_POINT_point2oct
#define EC_POINT_oct2point wolfSSL_EC_POINT_oct2point
#define EC_POINT_point2bn wolfSSL_EC_POINT_point2bn
#define EC_POINT_is_on_curve wolfSSL_EC_POINT_is_on_curve
#define i2o_ECPublicKey wolfSSL_i2o_ECPublicKey
#define i2d_EC_PUBKEY wolfSSL_i2o_ECPublicKey
#define d2i_ECPrivateKey wolfSSL_d2i_ECPrivateKey
#define i2d_ECPrivateKey wolfSSL_i2d_ECPrivateKey
#define EC_KEY_set_conv_form wolfSSL_EC_KEY_set_conv_form
#ifndef HAVE_SELFTEST

View file

@ -354,11 +354,13 @@ struct WOLFSSL_EVP_CIPHER_CTX {
#define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
int ivSz;
#ifdef HAVE_AESGCM
byte* gcmDecryptBuffer;
int gcmDecryptBufferLen;
#endif
byte* gcmBuffer;
int gcmBufferLen;
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];
int authTagSz;
byte* gcmAuthIn;
int gcmAuthInSz;
#endif
#endif
};
@ -521,6 +523,7 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get0_RSA(struct WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get0_DSA(struct WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get0_EC_KEY(WOLFSSL_EVP_PKEY *pkey);

View file

@ -72,6 +72,7 @@ WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,
WOLFSSL_API int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
unsigned int* len);
WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx);
WOLFSSL_API void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx);
WOLFSSL_API void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx);
WOLFSSL_API size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx);
@ -83,6 +84,7 @@ typedef struct WOLFSSL_HMAC_CTX HMAC_CTX;
#define HMAC_CTX_init wolfSSL_HMAC_CTX_Init
#define HMAC_CTX_copy wolfSSL_HMAC_CTX_copy
#define HMAC_CTX_free wolfSSL_HMAC_CTX_free
#define HMAC_CTX_cleanup wolfSSL_HMAC_CTX_cleanup
#define HMAC_CTX_reset wolfSSL_HMAC_cleanup
#define HMAC_Init_ex wolfSSL_HMAC_Init_ex
#define HMAC_Init wolfSSL_HMAC_Init

View file

@ -79,6 +79,7 @@ typedef WOLFSSL_X509_NAME X509_NAME;
typedef WOLFSSL_X509_INFO X509_INFO;
typedef WOLFSSL_X509_CHAIN X509_CHAIN;
/* STACK_OF(ASN1_OBJECT) */
typedef WOLFSSL_STACK EXTENDED_KEY_USAGE;
@ -151,6 +152,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define CRYPTO_cleanup_all_ex_data wolfSSL_cleanup_all_ex_data
#define set_ex_data wolfSSL_CRYPTO_set_ex_data
#define get_ex_data wolfSSL_CRYPTO_get_ex_data
#define CRYPTO_memcmp wolfSSL_CRYPTO_memcmp
/* this function was used to set the default malloc, free, and realloc */
#define CRYPTO_malloc_init() 0 /* CRYPTO_malloc_init is not needed */
@ -174,14 +176,15 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1
#define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio
#define d2i_PKCS8PrivateKey_bio wolfSSL_d2i_PKCS8PrivateKey_bio
#define i2d_PKCS8PrivateKey_bio wolfSSL_PEM_write_bio_PKCS8PrivateKey
#define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free
#define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp
#define i2d_PUBKEY wolfSSL_i2d_PUBKEY
#define d2i_PUBKEY wolfSSL_d2i_PUBKEY
#define d2i_PUBKEY_bio wolfSSL_d2i_PUBKEY_bio
#define d2i_PrivateKey wolfSSL_d2i_PrivateKey
#define d2i_AutoPrivateKey wolfSSL_d2i_AutoPrivateKey
#define i2d_PrivateKey wolfSSL_i2d_PrivateKey
#define SSL_use_PrivateKey wolfSSL_use_PrivateKey
#define SSL_use_PrivateKey_ASN1 wolfSSL_use_PrivateKey_ASN1
#define SSL_use_RSAPrivateKey_ASN1 wolfSSL_use_RSAPrivateKey_ASN1
@ -301,6 +304,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_set_connect_state wolfSSL_set_connect_state
#define SSL_set_accept_state wolfSSL_set_accept_state
#define SSL_session_reused wolfSSL_session_reused
#define SSL_SESSION_up_ref wolfSSL_SESSION_up_ref
#define SSL_SESSION_dup wolfSSL_SESSION_dup
#define SSL_SESSION_free wolfSSL_SESSION_free
#define SSL_is_init_finished wolfSSL_is_init_finished
@ -340,8 +344,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define DSA_dup_DH wolfSSL_DSA_dup_DH
/* wolfSSL does not support DSA as the cert public key */
#define EVP_PKEY_get0_DSA(...) NULL
#define DSA_bits(...) 0
#define EVP_PKEY_get0_DSA wolfSSL_EVP_PKEY_get0_DSA
#define DSA_bits wolfSSL_DSA_bits
#define i2d_X509_bio wolfSSL_i2d_X509_bio
#define d2i_X509_bio wolfSSL_d2i_X509_bio
@ -374,14 +378,19 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_digest wolfSSL_X509_digest
#define X509_get_ext_count wolfSSL_X509_get_ext_count
#define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i
#define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d
#define X509_get_ext wolfSSL_X509_get_ext
#define X509_get_ext_by_NID wolfSSL_X509_get_ext_by_NID
#define X509_get_issuer_name wolfSSL_X509_get_issuer_name
#define X509_issuer_name_hash wolfSSL_X509_issuer_name_hash
#define X509_get_subject_name wolfSSL_X509_get_subject_name
#define X509_subject_name_hash wolfSSL_X509_subject_name_hash
#define X509_get_pubkey wolfSSL_X509_get_pubkey
#define X509_get0_pubkey wolfSSL_X509_get_pubkey
#define X509_get_notBefore wolfSSL_X509_get_notBefore
#define X509_get0_notBefore wolfSSL_X509_get_notBefore
#define X509_get_notAfter wolfSSL_X509_get_notAfter
#define X509_get0_notAfter wolfSSL_X509_get_notAfter
#define X509_get_serialNumber wolfSSL_X509_get_serialNumber
#define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr
#define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index
@ -407,9 +416,11 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_check_private_key wolfSSL_X509_check_private_key
#define X509_check_ca wolfSSL_X509_check_ca
#define X509_check_host wolfSSL_X509_check_host
#define X509_check_ip_asc wolfSSL_X509_check_ip_asc
#define X509_email_free wolfSSL_X509_email_free
#define X509_check_issued wolfSSL_X509_check_issued
#define X509_dup wolfSSL_X509_dup
#define X509_add_ext wolfSSL_X509_add_ext
#define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object
#define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data
@ -422,7 +433,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define sk_X509_push wolfSSL_sk_X509_push
#define sk_X509_pop wolfSSL_sk_X509_pop
#define sk_X509_pop_free wolfSSL_sk_X509_pop_free
#define sk_X509_dup wolfSSL_sk_X509_dup
#define sk_X509_dup wolfSSL_sk_dup
#define sk_X509_free wolfSSL_sk_X509_free
#define sk_X509_EXTENSION_num wolfSSL_sk_X509_EXTENSION_num
@ -430,7 +441,6 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define sk_X509_EXTENSION_new_null wolfSSL_sk_X509_EXTENSION_new_null
#define sk_X509_EXTENSION_pop_free wolfSSL_sk_X509_EXTENSION_pop_free
#define sk_X509_EXTENSION_push wolfSSL_sk_X509_EXTENSION_push
#define X509_EXTENSION_free wolfSSL_X509_EXTENSION_free
#define X509_INFO_new wolfSSL_X509_INFO_new
#define X509_INFO_free wolfSSL_X509_INFO_free
@ -444,6 +454,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define sk_X509_INFO_free wolfSSL_sk_X509_INFO_free
#define i2d_X509_NAME wolfSSL_i2d_X509_NAME
#define d2i_X509_NAME wolfSSL_d2i_X509_NAME
#define X509_NAME_new wolfSSL_X509_NAME_new
#define X509_NAME_free wolfSSL_X509_NAME_free
#define X509_NAME_dup wolfSSL_X509_NAME_dup
@ -568,7 +579,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define sk_X509_REVOKED_value wolfSSL_sk_X509_REVOKED_value
#define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
#define X509_subject_name_hash wolfSSL_X509_subject_name_hash
#define X509_check_purpose(...) 0
@ -661,6 +671,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_INTEGER_to_BN wolfSSL_ASN1_INTEGER_to_BN
#define i2a_ASN1_OBJECT wolfSSL_i2a_ASN1_OBJECT
#define i2d_ASN1_OBJECT wolfSSL_i2d_ASN1_OBJECT
#define ASN1_STRING_data wolfSSL_ASN1_STRING_data
#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data
@ -850,7 +861,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
/*#if OPENSSL_API_COMPAT < 0x10100000L*/
#define CONF_modules_free()
#define ENGINE_cleanup()
#define HMAC_CTX_cleanup wolfSSL_HMAC_cleanup
#define SSL_CTX_need_tmp_RSA(ctx) 0
#define SSL_CTX_set_tmp_rsa(ctx,rsa) 1
#define SSL_need_tmp_RSA(ssl) 0
@ -887,14 +897,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define sk_X509_NAME_find wolfSSL_sk_X509_NAME_find
enum {
GEN_DNS = 0x02, /* ASN_DNS_TYPE */
GEN_EMAIL = 0x01, /* ASN_RFC822_TYPE */
GEN_URI = 0x06, /* ASN_URI_TYPE */
GEN_IPADD = 0x07,
GEN_RID = 0x08, /* Registered ID, not supported */
};
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
#define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams
@ -910,7 +912,7 @@ enum {
#define sk_SSL_COMP_zero wolfSSL_sk_SSL_COMP_zero
#define sk_SSL_CIPHER_value wolfSSL_sk_SSL_CIPHER_value
#endif /* OPENSSL_ALL || WOLFSSL_HAPROXY */
#define sk_SSL_CIPHER_dup wolfSSL_sk_SSL_CIPHER_dup
#define sk_SSL_CIPHER_dup wolfSSL_sk_dup
#define sk_SSL_CIPHER_free wolfSSL_sk_SSL_CIPHER_free
#define sk_SSL_CIPHER_find wolfSSL_sk_SSL_CIPHER_find
@ -919,7 +921,6 @@ enum {
#include <libs/libwolfssl/openssl/pem.h>
#define SSL_CTRL_CHAIN 88
#define GEN_IPADD 7
#define ERR_LIB_SSL 20
#define SSL_R_SHORT_READ 10
#define ERR_R_PEM_LIB 9
@ -959,6 +960,7 @@ enum {
#define SSL_num_renegotiations wolfSSL_num_renegotiations
#define SSL_renegotiate wolfSSL_Rehandshake
#define SSL_get_secure_renegotiation_support wolfSSL_SSL_get_secure_renegotiation_support
#define SSL_renegotiate_pending wolfSSL_SSL_renegotiate_pending
#define SSL_set_tlsext_debug_arg wolfSSL_set_tlsext_debug_arg
#define SSL_set_tlsext_status_type wolfSSL_set_tlsext_status_type
#define SSL_set_tlsext_status_exts wolfSSL_set_tlsext_status_exts
@ -1227,7 +1229,7 @@ enum {
#define X509_OBJECT_free wolfSSL_X509_OBJECT_free
#define X509_OBJECT_get_type(x) 0
#define OpenSSL_version(x) wolfSSL_lib_version()
#define OpenSSL_version(x) wolfSSL_OpenSSL_version()
#ifdef __cplusplus
} /* extern "C" */

View file

@ -28,6 +28,8 @@
extern "C" {
#endif
#include <libs/libwolfssl/openssl/conf.h>
typedef void (*wolfSSL_sk_freefunc)(void *);
WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc);

View file

@ -40,6 +40,7 @@
/* Forward reference */
typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) (
struct WOLFSSL_v3_ext_method *method,
void *ext, STACK_OF(CONF_VALUE) *extlist);
@ -53,6 +54,7 @@ struct WOLFSSL_v3_ext_method {
int ext_flags;
void *usr_data;
X509V3_EXT_D2I d2i;
X509V3_EXT_I2D i2d;
X509V3_EXT_I2V i2v;
X509V3_EXT_I2S i2s;
X509V3_EXT_I2R i2r;
@ -61,7 +63,7 @@ struct WOLFSSL_v3_ext_method {
struct WOLFSSL_X509_EXTENSION {
WOLFSSL_ASN1_OBJECT *obj;
WOLFSSL_ASN1_BOOLEAN crit;
WOLFSSL_ASN1_STRING value;
ASN1_OCTET_STRING value; /* DER format of extension */
WOLFSSL_v3_ext_method ext_method;
WOLFSSL_STACK* ext_sk; /* For extension specific data */
};
@ -86,7 +88,9 @@ typedef struct WOLFSSL_BASIC_CONSTRAINTS BASIC_CONSTRAINTS;
typedef struct WOLFSSL_ACCESS_DESCRIPTION ACCESS_DESCRIPTION;
typedef WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION) WOLFSSL_AUTHORITY_INFO_ACCESS;
WOLFSSL_API WOLFSSL_BASIC_CONSTRAINTS* wolfSSL_BASIC_CONSTRAINTS_new(void);
WOLFSSL_API void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc);
WOLFSSL_API WOLFSSL_AUTHORITY_KEYID* wolfSSL_AUTHORITY_KEYID_new(void);
WOLFSSL_API void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id);
WOLFSSL_API const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(
WOLFSSL_X509_EXTENSION* ex);

View file

@ -49,12 +49,49 @@ SSL_SNIFFER_API int ssl_SetPrivateKey(const char* address, int port,
const char* keyFile, int typeK,
const char* password, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetPrivateKeyBuffer(const char* address, int port,
const char* keyBuf, int keySz,
int typeK, const char* password,
char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetNamedPrivateKey(const char* name,
const char* address, int port,
const char* keyFile, int typeK,
const char* password, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetNamedPrivateKeyBuffer(const char* name,
const char* address, int port,
const char* keyBuf, int keySz,
int typeK, const char* password,
char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetEphemeralKey(const char* address, int port,
const char* keyFile, int typeKey,
const char* password, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetEphemeralKeyBuffer(const char* address, int port,
const char* keyBuf, int keySz, int typeKey,
const char* password, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetNamedEphemeralKey(const char* name,
const char* address, int port,
const char* keyFile, int typeKey,
const char* password, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetNamedEphemeralKeyBuffer(const char* name,
const char* address, int port,
const char* keyBuf, int keySz, int typeKey,
const char* password, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
unsigned char** data, char* error);

View file

@ -130,6 +130,7 @@
#define NO_DATA_DEST_STR 91
#define STORE_DATA_FAIL_STR 92
#define CHAIN_INPUT_STR 93
#define GOT_ENC_EXT_STR 94
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */

View file

@ -191,7 +191,7 @@ typedef struct WOLFSSL_AUTHORITY_KEYID WOLFSSL_AUTHORITY_KEYID;
typedef struct WOLFSSL_BASIC_CONSTRAINTS WOLFSSL_BASIC_CONSTRAINTS;
typedef struct WOLFSSL_ACCESS_DESCRIPTION WOLFSSL_ACCESS_DESCRIPTION;
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
struct WOLFSSL_AUTHORITY_KEYID {
WOLFSSL_ASN1_STRING *keyid;
@ -274,7 +274,8 @@ struct WOLFSSL_ASN1_OBJECT {
int ca;
WOLFSSL_ASN1_INTEGER *pathlen;
#endif
unsigned char dynamic; /* if 1 then obj was dynamically created, 0 otherwise */
unsigned char dynamic; /* Use WOLFSSL_ASN1_DYNAMIC and WOLFSSL_ASN1_DYNAMIC_DATA
* to determine what needs to be freed. */
#if defined(WOLFSSL_APACHE_HTTPD)
WOLFSSL_GENERAL_NAME* gn;
@ -506,7 +507,7 @@ struct WOLFSSL_X509_STORE {
int cache; /* stunnel dereference */
WOLFSSL_CERT_MANAGER* cm;
WOLFSSL_X509_LOOKUP lookup;
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
int isDynamic;
WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */
#endif
@ -516,15 +517,15 @@ struct WOLFSSL_X509_STORE {
#ifdef HAVE_EX_DATA
WOLFSSL_CRYPTO_EX_DATA ex_data;
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL)
WOLFSSL_X509_CRL *crl;
#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && defined(HAVE_CRL)
WOLFSSL_X509_CRL *crl; /* points to cm->crl */
#endif
};
#ifdef OPENSSL_EXTRA
#define WOLFSSL_NO_WILDCARDS 0x4
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#define WOLFSSL_USE_CHECK_TIME 0x2
#define WOLFSSL_NO_CHECK_TIME 0x200000
#define WOLFSSL_NO_WILDCARDS 0x4
#define WOLFSSL_HOST_NAME_MAX 256
#define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
struct WOLFSSL_X509_VERIFY_PARAM {
@ -534,7 +535,7 @@ struct WOLFSSL_X509_VERIFY_PARAM {
unsigned int hostFlags;
char ipasc[WOLFSSL_MAX_IPSTR];
};
#endif
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
typedef struct WOLFSSL_ALERT {
int code;
@ -709,11 +710,11 @@ WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
#ifdef WOLFSSL_TLS13
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);
WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);
WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_client_method(void);
#endif
@ -742,7 +743,7 @@ typedef int (*wc_dtls_export)(WOLFSSL* ssl,
#define WOLFSSL_DTLS_EXPORT_TYPES
#endif /* WOLFSSL_DTLS_EXPORT_TYPES */
WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf,
WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL* ssl, const unsigned char* buf,
unsigned int sz);
WOLFSSL_API int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx,
wc_dtls_export func);
@ -861,7 +862,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_connect(WOLFSSL*);
WOLFSSL_ABI WOLFSSL_API int wolfSSL_write(WOLFSSL*, const void*, int);
WOLFSSL_ABI WOLFSSL_API int wolfSSL_read(WOLFSSL*, void*, int);
WOLFSSL_API int wolfSSL_peek(WOLFSSL*, void*, int);
WOLFSSL_API int wolfSSL_accept(WOLFSSL*);
WOLFSSL_ABI WOLFSSL_API int wolfSSL_accept(WOLFSSL*);
WOLFSSL_API int wolfSSL_CTX_mutual_auth(WOLFSSL_CTX* ctx, int req);
WOLFSSL_API int wolfSSL_mutual_auth(WOLFSSL* ssl, int req);
#ifdef WOLFSSL_TLS13
@ -891,10 +892,12 @@ WOLFSSL_API int wolfSSL_accept_TLSv13(WOLFSSL*);
WOLFSSL_API int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx,
unsigned int sz);
WOLFSSL_API int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
WOLFSSL_API int wolfSSL_write_early_data(WOLFSSL*, const void*, int, int*);
WOLFSSL_API int wolfSSL_read_early_data(WOLFSSL*, void*, int, int*);
#endif
#endif
WOLFSSL_API int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data,
int sz, int* outSz);
WOLFSSL_API int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz,
int* outSz);
#endif /* WOLFSSL_EARLY_DATA */
#endif /* WOLFSSL_TLS13 */
WOLFSSL_ABI WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX*);
WOLFSSL_ABI WOLFSSL_API void wolfSSL_free(WOLFSSL*);
WOLFSSL_ABI WOLFSSL_API int wolfSSL_shutdown(WOLFSSL*);
@ -918,9 +921,11 @@ WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL*, const unsigned char*, int, int);
WOLFSSL_API int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO**, size_t,
WOLFSSL_BIO**, size_t);
WOLFSSL_API int wolfSSL_RSA_padding_add_PKCS1_PSS(WOLFSSL_RSA *rsa, unsigned char *EM,
WOLFSSL_API int wolfSSL_RSA_padding_add_PKCS1_PSS(WOLFSSL_RSA *rsa,
unsigned char *EM,
const unsigned char *mHash,
const WOLFSSL_EVP_MD *Hash, int saltLen);
const WOLFSSL_EVP_MD *hashAlg,
int saltLen);
WOLFSSL_API int wolfSSL_RSA_verify_PKCS1_PSS(WOLFSSL_RSA *rsa, const unsigned char *mHash,
const WOLFSSL_EVP_MD *hashAlg,
const unsigned char *EM, int saltLen);
@ -1082,6 +1087,7 @@ typedef int WOLFSSL_LHASH;
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_node(void* heap);
WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK* sk);
WOLFSSL_API void wolfSSL_sk_free_node(WOLFSSL_STACK* in);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_dup(WOLFSSL_STACK* sk);
WOLFSSL_API int wolfSSL_sk_push_node(WOLFSSL_STACK** stack, WOLFSSL_STACK* in);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_get_node(WOLFSSL_STACK* sk, int idx);
WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data);
@ -1102,11 +1108,12 @@ typedef WOLF_STACK_OF(WOLFSSL_GENERAL_NAME) WOLFSSL_GENERAL_NAMES;
WOLFSSL_API int wolfSSL_sk_X509_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk,
WOLFSSL_X509* x509);
WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_pop(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_dup(WOLFSSL_STACK* sk);
WOLFSSL_API void wolfSSL_sk_X509_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk);
WOLFSSL_API WOLFSSL_GENERAL_NAME* wolfSSL_GENERAL_NAME_new(void);
WOLFSSL_API void wolfSSL_GENERAL_NAME_free(WOLFSSL_GENERAL_NAME* gn);
WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_push(WOLF_STACK_OF(WOLFSSL_GENERAL_NAME)* sk,
WOLFSSL_API WOLFSSL_GENERAL_NAMES* wolfSSL_GENERAL_NAMES_dup(
WOLFSSL_GENERAL_NAMES* gns);
WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_push(WOLFSSL_GENERAL_NAMES* sk,
WOLFSSL_GENERAL_NAME* gn);
WOLFSSL_API WOLFSSL_GENERAL_NAME* wolfSSL_sk_GENERAL_NAME_value(
WOLFSSL_STACK* sk, int i);
@ -1129,6 +1136,7 @@ WOLFSSL_API void wolfSSL_sk_X509_EXTENSION_pop_free(
void (*f) (WOLFSSL_X509_EXTENSION*));
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* wolfSSL_sk_X509_EXTENSION_new_null(void);
WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void);
WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj);
WOLFSSL_API void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_asn1_obj(void);
WOLFSSL_API int wolfSSL_sk_ASN1_OBJECT_push(WOLF_STACK_OF(WOLFSSL_ASN1_OBJEXT)* sk,
@ -1153,11 +1161,13 @@ WOLFSSL_API int wolfSSL_set_session_id_context(WOLFSSL*, const unsigned char*,
WOLFSSL_API void wolfSSL_set_connect_state(WOLFSSL*);
WOLFSSL_API void wolfSSL_set_accept_state(WOLFSSL*);
WOLFSSL_API int wolfSSL_session_reused(WOLFSSL*);
WOLFSSL_API int wolfSSL_SESSION_up_ref(WOLFSSL_SESSION* session);
WOLFSSL_API WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session);
WOLFSSL_API WOLFSSL_SESSION* wolfSSL_SESSION_new(void);
WOLFSSL_API void wolfSSL_SESSION_free(WOLFSSL_SESSION* session);
WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL*);
WOLFSSL_API const char* wolfSSL_get_version(WOLFSSL*);
WOLFSSL_API const char* wolfSSL_get_version(const WOLFSSL*);
WOLFSSL_API int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*);
WOLFSSL_API char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER*, char*, int);
@ -1312,6 +1322,8 @@ WOLFSSL_API void wolfSSL_X509_STORE_set_verify_cb(WOLFSSL_X509_STORE *st,
WOLFSSL_X509_STORE_CTX_verify_cb verify_cb);
WOLFSSL_API int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* n,
unsigned char** out);
WOLFSSL_API WOLFSSL_X509_NAME *wolfSSL_d2i_X509_NAME(WOLFSSL_X509_NAME **name,
unsigned char **in, long length);
#ifndef NO_RSA
WOLFSSL_API int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset);
#endif
@ -1325,8 +1337,10 @@ WOLFSSL_API char* wolfSSL_X509_get_name_oneline(WOLFSSL_X509_NAME*, char*, int);
#endif
WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(
WOLFSSL_X509*);
WOLFSSL_API unsigned long wolfSSL_X509_issuer_name_hash(const WOLFSSL_X509* x509);
WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(
WOLFSSL_X509*);
WOLFSSL_API unsigned long wolfSSL_X509_subject_name_hash(const WOLFSSL_X509* x509);
WOLFSSL_API int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509*, int);
WOLFSSL_API int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509*, int);
WOLFSSL_API int wolfSSL_X509_get_isCA(WOLFSSL_X509*);
@ -1365,6 +1379,7 @@ WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_NID(
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY*);
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void);
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_dup(WOLFSSL_ASN1_STRING* asn1);
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type);
WOLFSSL_API int wolfSSL_ASN1_STRING_type(const WOLFSSL_ASN1_STRING* asn1);
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_d2i_DISPLAYTEXT(WOLFSSL_ASN1_STRING **asn, const unsigned char **in, long len);
@ -1421,11 +1436,12 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY** out);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** key,
const unsigned char** in, long inSz);
WOLFSSL_API int wolfSSL_i2d_PUBKEY(const WOLFSSL_EVP_PKEY *key, unsigned char **der);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type,
WOLFSSL_EVP_PKEY** out, const unsigned char **in, long inSz);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** key,
unsigned char** in, long inSz);
WOLFSSL_API int wolfSSL_i2d_PrivateKey(WOLFSSL_EVP_PKEY* key,
WOLFSSL_API int wolfSSL_i2d_PrivateKey(const WOLFSSL_EVP_PKEY* key,
unsigned char** der);
WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*);
#ifdef OPENSSL_EXTRA
@ -1571,6 +1587,7 @@ WOLFSSL_API long wolfSSL_clear_options(WOLFSSL *s, long op);
WOLFSSL_API long wolfSSL_clear_num_renegotiations(WOLFSSL *s);
WOLFSSL_API long wolfSSL_total_renegotiations(WOLFSSL *s);
WOLFSSL_API long wolfSSL_num_renegotiations(WOLFSSL* s);
WOLFSSL_API int wolfSSL_SSL_renegotiate_pending(WOLFSSL *s);
WOLFSSL_API long wolfSSL_set_tmp_dh(WOLFSSL *s, WOLFSSL_DH *dh);
WOLFSSL_API long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
WOLFSSL_API long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type);
@ -1597,8 +1614,6 @@ enum {
WOLFSSL_CRL_CHECK = 2,
};
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(HAVE_WEBSERVER)
/* Separated out from other enums because of size */
enum {
SSL_OP_MICROSOFT_SESS_ID_BUG = 0x00000001,
@ -1645,6 +1660,8 @@ enum {
| SSL_OP_TLS_ROLLBACK_BUG),
};
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(HAVE_WEBSERVER)
/* for compatibility these must be macros */
#define SSL_OP_NO_SSLv2 WOLFSSL_OP_NO_SSLv2
#define SSL_OP_NO_SSLv3 WOLFSSL_OP_NO_SSLv3
@ -1950,6 +1967,11 @@ enum { /* ssl Constants */
WOLFSSL_API void wolfSSL_set_psk_server_tls13_callback(WOLFSSL*,
wc_psk_server_tls13_callback);
#endif
WOLFSSL_API void* wolfSSL_get_psk_callback_ctx(WOLFSSL*);
WOLFSSL_API int wolfSSL_set_psk_callback_ctx(WOLFSSL*, void*);
WOLFSSL_API void* wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX*);
WOLFSSL_API int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX*, void*);
#define PSK_TYPES_DEFINED
#endif /* NO_PSK */
@ -1992,10 +2014,9 @@ WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long);
WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx);
WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long);
#ifndef NO_CERTS
#if !defined(NO_FILESYSTEM) && !defined(NO_CHECK_PRIVATE_KEY)
WOLFSSL_API int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX*);
#endif /* !NO_CERTS */
#endif
WOLFSSL_API void wolfSSL_ERR_free_strings(void);
WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long);
WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl);
@ -2045,7 +2066,8 @@ WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_
WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_STACK* sk);
WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i);
#if defined(HAVE_EX_DATA) || defined(FORTRESS)
#if (defined(HAVE_EX_DATA) || defined(FORTRESS)) && \
(defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
WOLFSSL_API void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data,
int idx);
WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx,
@ -2087,6 +2109,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_Cleanup(void);
/* which library version do we have */
WOLFSSL_API const char* wolfSSL_lib_version(void);
WOLFSSL_API const char* wolfSSL_OpenSSL_version(void);
/* which library version do we have in hex */
WOLFSSL_API word32 wolfSSL_lib_version_hex(void);
@ -2134,6 +2157,7 @@ WOLFSSL_API int wolfSSL_X509_version(WOLFSSL_X509*);
WOLFSSL_API int wolfSSL_cmp_peer_cert_to_file(WOLFSSL*, const char*);
WOLFSSL_ABI WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
WOLFSSL_API int wolfSSL_X509_add_altname_ex(WOLFSSL_X509*, const char*, word32, int);
WOLFSSL_API int wolfSSL_X509_add_altname(WOLFSSL_X509*, const char*, int);
WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509,
@ -2143,7 +2167,7 @@ WOLFSSL_API WOLFSSL_X509*
WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out);
WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl,
const unsigned char *in, int len);
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE file, WOLFSSL_X509_CRL **crl);
#endif
WOLFSSL_API void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl);
@ -2178,7 +2202,7 @@ typedef struct WC_PKCS12 WC_PKCS12;
WOLFSSL_API WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio,
WC_PKCS12** pkcs12);
WOLFSSL_API int wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12);
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API WOLFSSL_X509_PKCS12* wolfSSL_d2i_PKCS12_fp(XFILE fp,
WOLFSSL_X509_PKCS12** pkcs12);
#endif
@ -2424,6 +2448,7 @@ WOLFSSL_API void wolfSSL_SetVerifyDecryptCtx(WOLFSSL* ssl, void *ctx);
WOLFSSL_API void* wolfSSL_GetVerifyDecryptCtx(WOLFSSL* ssl);
WOLFSSL_API const unsigned char* wolfSSL_GetMacSecret(WOLFSSL*, int);
WOLFSSL_API const unsigned char* wolfSSL_GetDtlsMacSecret(WOLFSSL*, int, int);
WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*);
WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*);
WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*);
@ -2527,7 +2552,7 @@ struct DhKey;
typedef int (*CallbackDhAgree)(WOLFSSL* ssl, struct DhKey* key,
const unsigned char* priv, unsigned int privSz,
const unsigned char* otherPubKeyDer, unsigned int otherPubKeySz,
unsigned char* out, unsigned int* outlen,
unsigned char* out, word32* outlen,
void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX*, CallbackDhAgree);
WOLFSSL_API void wolfSSL_SetDhAgreeCtx(WOLFSSL* ssl, void *ctx);
@ -2625,7 +2650,7 @@ WOLFSSL_API void* wolfSSL_GetX448SharedSecretCtx(WOLFSSL* ssl);
#ifndef NO_RSA
typedef int (*CallbackRsaSign)(WOLFSSL* ssl,
const unsigned char* in, unsigned int inSz,
unsigned char* out, unsigned int* outSz,
unsigned char* out, word32* outSz,
const unsigned char* keyDer, unsigned int keySz,
void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX*, CallbackRsaSign);
@ -2670,7 +2695,7 @@ WOLFSSL_API void* wolfSSL_GetRsaPssVerifyCtx(WOLFSSL* ssl);
/* RSA Public Encrypt cb */
typedef int (*CallbackRsaEnc)(WOLFSSL* ssl,
const unsigned char* in, unsigned int inSz,
unsigned char* out, unsigned int* outSz,
unsigned char* out, word32* outSz,
const unsigned char* keyDer, unsigned int keySz,
void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX*, CallbackRsaEnc);
@ -3031,6 +3056,7 @@ enum {
WOLFSSL_ECC_BRAINPOOLP512R1 = 28,
WOLFSSL_ECC_X25519 = 29,
WOLFSSL_ECC_X448 = 30,
WOLFSSL_ECC_MAX = 30,
WOLFSSL_FFDHE_2048 = 256,
WOLFSSL_FFDHE_3072 = 257,
@ -3208,7 +3234,6 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
#include <libs/libwolfssl/openssl/asn1.h>
struct WOLFSSL_X509_NAME_ENTRY {
WOLFSSL_ASN1_OBJECT object; /* static object just for keeping grp, type */
WOLFSSL_ASN1_STRING data;
WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */
int nid; /* i.e. ASN_COMMON_NAME */
int set;
@ -3219,11 +3244,8 @@ WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_OBJ(WOLFSSL_X509_NAME *name,
const WOLFSSL_ASN1_OBJECT *obj,
int idx);
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
enum {
WOLFSSL_SYS_ACCEPT = 0,
WOLFSSL_SYS_BIND,
@ -3293,12 +3315,28 @@ WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509*);
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME*);
WOLFSSL_API int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME*, WOLFSSL_X509_NAME*);
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
#endif /* !NO_CERTS */
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef WOLFSSL_WPAS_SMALL
/* WPA Supplicant requires GEN_ values */
#include <libs/libwolfssl/openssl/x509v3.h>
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
int nid, int* c, int* idx);
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
#ifndef NO_CERTS
WOLFSSL_API int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert);
WOLFSSL_API int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509 *x, int nid, int lastpos);
WOLFSSL_API int wolfSSL_X509_add_ext(WOLFSSL_X509 *x, WOLFSSL_X509_EXTENSION *ex, int loc);
WOLFSSL_API WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit,
void *data);
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_conf_nid(
WOLF_LHASH_OF(CONF_VALUE)* conf, WOLFSSL_X509V3_CTX* ctx, int nid,
char* value);
@ -3335,7 +3373,7 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_x509_ext(void);
WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_X509_EXTENSION_get_object(WOLFSSL_X509_EXTENSION* ext);
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_EXTENSION_get_data(WOLFSSL_X509_EXTENSION* ext);
#endif /* NO_CERTS */
#endif /* !NO_CERTS */
WOLFSSL_API WOLFSSL_DH *wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r);
@ -3343,8 +3381,6 @@ WOLFSSL_API int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
unsigned char* out, int outSz);
WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses);
WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
WOLFSSL_X509_STORE* str);
WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(XFILE fp,
@ -3353,20 +3389,27 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_GetCerts(WOLFSSL_X509_STORE_CTX* s
#endif
WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio,
WOLFSSL_X509** x509);
WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
WOLFSSL_X509_STORE* str);
WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl,
unsigned char *out, size_t outlen);
WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl,
unsigned char* out, size_t outSz);
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio);
WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b);
WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl,
unsigned char *out, size_t outlen);
WOLFSSL_API int wolfSSL_get_server_tmp_key(const WOLFSSL*, WOLFSSL_EVP_PKEY**);
WOLFSSL_API int wolfSSL_CTX_set_min_proto_version(WOLFSSL_CTX*, int);
WOLFSSL_API int wolfSSL_CTX_set_max_proto_version(WOLFSSL_CTX*, int);
WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl,
unsigned char* out, size_t outSz);
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_bio_X509_CRL(WOLFSSL_BIO *bp,
@ -3385,9 +3428,12 @@ WOLFSSL_API int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header,
WOLFSSL_API int wolfSSL_PEM_do_header(EncryptedInfo* cipher,
unsigned char* data, long* len,
pem_password_cb* callback, void* ctx);
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
/*lighttp compatibility */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
defined(OPENSSL_EXTRA_X509_SMALL)
struct WOLFSSL_ASN1_BIT_STRING {
int length;
int type;
@ -3395,6 +3441,11 @@ struct WOLFSSL_ASN1_BIT_STRING {
long flags;
};
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc);
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)|| \
defined(OPENSSL_EXTRA_X509_SMALL)
#if defined(OPENSSL_EXTRA) \
|| defined(OPENSSL_ALL) \
@ -3402,7 +3453,8 @@ struct WOLFSSL_ASN1_BIT_STRING {
|| defined(WOLFSSL_MYSQL_COMPATIBLE) \
|| defined(HAVE_STUNNEL) \
|| defined(WOLFSSL_NGINX) \
|| defined(WOLFSSL_HAPROXY)
|| defined(WOLFSSL_HAPROXY) \
|| defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne);
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void);
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name);
@ -3414,7 +3466,6 @@ WOLFSSL_API void wolfSSL_set_verify_depth(WOLFSSL *ssl,int depth);
WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl);
WOLFSSL_API int wolfSSL_set_app_data(WOLFSSL *ssl, void *arg);
WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne);
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc);
WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md);
WOLFSSL_API unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, unsigned char *md);
WOLFSSL_API unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n, unsigned char *md);
@ -3468,12 +3519,8 @@ WOLFSSL_API int wolfSSL_X509_REQ_set_pubkey(WOLFSSL_X509 *req,
#endif
#if defined(OPENSSL_ALL) \
|| defined(HAVE_STUNNEL) \
|| defined(WOLFSSL_NGINX) \
|| defined(WOLFSSL_HAPROXY) \
|| defined(OPENSSL_EXTRA) \
|| defined(HAVE_LIGHTY)
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \
|| defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
#include <libs/libwolfssl/openssl/crypto.h>
@ -3485,6 +3532,8 @@ WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const ch
WOLFSSL_API void wolfSSL_CRYPTO_cleanup_all_ex_data(void);
WOLFSSL_API int wolfSSL_CRYPTO_memcmp(const void *a, const void *b, size_t size);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_768_prime(WOLFSSL_BIGNUM* bn);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1024_prime(WOLFSSL_BIGNUM* bn);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn);
@ -3550,7 +3599,9 @@ WOLFSSL_API int wolfSSL_sk_X509_OBJECT_num(const WOLF_STACK_OF(WOLFSSL_X509_OBJE
WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,
unsigned long);
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_ASN1_BIT_STRING_new(void);
WOLFSSL_API void wolfSSL_ASN1_BIT_STRING_free(WOLFSSL_ASN1_BIT_STRING*);
WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(
@ -3559,6 +3610,10 @@ WOLFSSL_API int wolfSSL_ASN1_BIT_STRING_get_bit(
const WOLFSSL_ASN1_BIT_STRING*, int);
WOLFSSL_API int wolfSSL_ASN1_BIT_STRING_set_bit(
WOLFSSL_ASN1_BIT_STRING*, int, int);
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \
|| defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*);
@ -3571,17 +3626,22 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)*, in
WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_shift(WOLF_STACK_OF(WOLFSSL_X509)*);
WOLFSSL_API void* wolfSSL_sk_X509_OBJECT_value(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)*, int);
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int);
WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*);
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \
|| defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
WOLFSSL_API int wolfSSL_SESSION_get_ex_new_index(long,void*,void*,void*,
CRYPTO_free_func*);
WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*);
WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*,
unsigned int*);
@ -3624,10 +3684,13 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_OBJECT)*
WOLFSSL_API WOLFSSL_X509_OBJECT*
wolfSSL_sk_X509_OBJECT_delete(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* sk, int i);
WOLFSSL_API void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *a);
WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*));
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#include <libs/libwolfssl/openssl/stack.h>
WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*));
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
WOLFSSL_API int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names);
WOLFSSL_API int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names);
@ -3672,6 +3735,16 @@ WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data,
WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void);
#endif
#if defined(HAVE_OCSP) && !defined(NO_ASN_TIME)
WOLFSSL_API int wolfSSL_get_ocsp_producedDate(
WOLFSSL *ssl,
byte *producedDate,
size_t producedDate_space,
int *producedDateFormat);
WOLFSSL_API int wolfSSL_get_ocsp_producedDate_tm(WOLFSSL *ssl,
struct tm *produced_tm);
#endif
#if defined(OPENSSL_ALL) \
|| defined(WOLFSSL_NGINX) \
|| defined(WOLFSSL_HAPROXY) \
@ -3688,14 +3761,17 @@ WOLFSSL_LOCAL char* wolfSSL_get_ocsp_url(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url);
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx);
WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx,
void *data);
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
|| defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl);
WOLFSSL_API int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a,
void *b, void *c);
WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx);
WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx,
void *data);
WOLFSSL_API int wolfSSL_X509_NAME_digest(const WOLFSSL_X509_NAME *data,
const WOLFSSL_EVP_MD *type, unsigned char *md, unsigned int *len);
@ -3715,8 +3791,6 @@ WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL*);
#ifndef NO_SESSION_CACHE
WOLFSSL_API WOLFSSL_SESSION *wolfSSL_SSL_get0_session(const WOLFSSL *s);
#endif
WOLFSSL_API int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk,
size_t chklen, unsigned int flags, char **peername);
WOLFSSL_API int wolfSSL_i2a_ASN1_INTEGER(WOLFSSL_BIO *bp,
const WOLFSSL_ASN1_INTEGER *a);
@ -3745,13 +3819,13 @@ WOLFSSL_API int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer,
WOLFSSL_API char* wolfSSL_sk_WOLFSSL_STRING_value(
WOLF_STACK_OF(WOLFSSL_STRING)* strings, int idx);
#endif /* HAVE_OCSP */
#endif /* HAVE_OCSP || OPENSSL_EXTRA || OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio,
WOLFSSL_X509 *cert);
#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
OPENSSL_EXTRA || HAVE_LIGHTY*/
OPENSSL_EXTRA || HAVE_LIGHTY */
WOLFSSL_API void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl,
const unsigned char **data, unsigned int *len);
@ -3782,8 +3856,14 @@ WOLFSSL_API void wolfSSL_CTX_set_next_proto_select_cb(WOLFSSL_CTX *s,
WOLFSSL_API void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char **data,
unsigned *len);
#ifndef NO_ASN
WOLFSSL_API int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk,
size_t chklen, unsigned int flags, char **peername);
WOLFSSL_API int wolfSSL_X509_check_ip_asc(WOLFSSL_X509 *x, const char *ipasc,
unsigned int flags);
#endif
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context(
const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length);
@ -3808,6 +3888,7 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_PUBKEY_get(WOLFSSL_X509_PUBKEY* key);
WOLFSSL_API int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key);
WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a);
WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a);
WOLFSSL_API int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp);
WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength));
WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str, const char *file, const char *dir);
@ -3815,8 +3896,6 @@ WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509
WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const WOLF_STACK_OF(WOLFSSL_CIPHER)* p);
WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_find(
WOLF_STACK_OF(WOLFSSL_CIPHER)* sk, const WOLFSSL_CIPHER* toFind);
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_sk_SSL_CIPHER_dup(
WOLF_STACK_OF(WOLFSSL_CIPHER)* in);
WOLFSSL_API void wolfSSL_sk_SSL_CIPHER_free(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk);
WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st);
WOLFSSL_API int wolfSSL_sk_SSL_COMP_num(WOLF_STACK_OF(WOLFSSL_COMP)* sk);
@ -3843,10 +3922,9 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PKCS8PrivateKey_bio(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY** pkey, pem_password_cb* cb, void* u);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(
WOLFSSL_EVP_PKEY** pkey, const unsigned char** data, long length);
WOLFSSL_API unsigned long wolfSSL_X509_subject_name_hash(const WOLFSSL_X509* x509);
#endif /* OPENSSL_EXTRA */
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef HAVE_PK_CALLBACKS
WOLFSSL_API int wolfSSL_IsPrivatePkSet(WOLFSSL* ssl);
@ -3858,6 +3936,15 @@ WOLFSSL_API int wolfSSL_CTX_AllowEncryptThenMac(WOLFSSL_CTX *, int);
WOLFSSL_API int wolfSSL_AllowEncryptThenMac(WOLFSSL *s, int);
#endif
/* This feature is used to set a fixed ephemeral key and is for testing only */
/* Currently allows ECDHE and DHE only */
#ifdef WOLFSSL_STATIC_EPHEMERAL
WOLFSSL_API int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
const char* key, unsigned int keySz, int format);
WOLFSSL_API int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
const char* key, unsigned int keySz, int format);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

File diff suppressed because it is too large Load diff

View file

@ -28,8 +28,8 @@
extern "C" {
#endif
#define LIBWOLFSSL_VERSION_STRING "4.4.0"
#define LIBWOLFSSL_VERSION_HEX 0x04004000
#define LIBWOLFSSL_VERSION_STRING "4.5.0"
#define LIBWOLFSSL_VERSION_HEX 0x04005000
#ifdef __cplusplus
}

View file

@ -22,8 +22,15 @@
/*!
\file wolfssl/wolfcrypt/aes.h
*/
/*
DESCRIPTION
This library provides the interfaces to the Advanced Encryption Standard (AES)
for encrypting and decrypting data. AES is the standard known for a symmetric
block cipher mechanism that uses n-bit binary string parameter key with 128-bits,
192-bits, and 256-bits of key sizes.
*/
#ifndef WOLF_CRYPT_AES_H
#define WOLF_CRYPT_AES_H
@ -55,14 +62,9 @@
#include <libs/libwolfssl/wolfcrypt/port/st/stm32.h>
#endif
#ifdef WOLFSSL_AESNI
#include <wmmintrin.h>
#include <emmintrin.h>
#include <smmintrin.h>
#endif /* WOLFSSL_AESNI */
#ifdef WOLFSSL_IMXRT_DCP
#include "fsl_dcp.h"
#endif
#ifdef WOLFSSL_XILINX_CRYPT
#include "xsecure_aes.h"
@ -226,6 +228,9 @@ struct Aes {
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
TSIP_AES_CTX ctx;
#endif
#if defined(WOLFSSL_IMXRT_DCP)
dcp_handle_t handle;
#endif
void* heap; /* memory hint to use */
};

View file

@ -23,6 +23,14 @@
\file wolfssl/wolfcrypt/asn.h
*/
/*
DESCRIPTION
This library provides the interface to Abstract Syntax Notation One (ASN.1) objects.
ASN.1 is a standard interface description language for defining data structures
that can be serialized and deserialized in a cross-platform way.
*/
#ifndef WOLF_CRYPT_ASN_H
#define WOLF_CRYPT_ASN_H
@ -233,6 +241,7 @@ enum
NID_jurisdictionStateOrProvinceName = 0xd,
NID_businessCategory = ASN_BUS_CAT,
NID_domainComponent = ASN_DOMAIN_COMPONENT,
NID_userId = 458,
NID_emailAddress = 0x30, /* emailAddress */
NID_id_on_dnsSRV = 82, /* 1.3.6.1.5.5.7.8.7 */
NID_ms_upn = 265, /* 1.3.6.1.4.1.311.20.2.3 */
@ -341,7 +350,8 @@ enum Misc_ASN {
#endif
/* Max total extensions, id + len + others */
#endif
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7)
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
defined(HAVE_PKCS7) || defined(OPENSSL_EXTRA_X509_SMALL)
MAX_OID_SZ = 32, /* Max DER length of OID*/
MAX_OID_STRING_SZ = 64, /* Max string length representation of OID*/
#endif
@ -356,7 +366,6 @@ enum Misc_ASN {
MAX_CERTPOL_SZ = CTC_MAX_CERTPOL_SZ,
#endif
MAX_AIA_SZ = 2, /* Max Authority Info Access extension size*/
MAX_NAME_ENTRIES = 5, /* extra entries added to x509 name struct */
OCSP_NONCE_EXT_SZ = 35, /* OCSP Nonce Extension size */
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
MAX_OCSP_NONCE_SZ = 16, /* OCSP Nonce size */
@ -371,6 +380,8 @@ enum Misc_ASN {
TRAILING_ZERO = 1, /* Used for size of zero pad */
ASN_TAG_SZ = 1, /* single byte ASN.1 tag */
MIN_VERSION_SZ = 3, /* Min bytes needed for GetMyVersion */
MAX_X509_VERSION = 3, /* Max X509 version allowed */
MIN_X509_VERSION = 0, /* Min X509 version allowed */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7)
@ -383,6 +394,12 @@ enum Misc_ASN {
PEM_LINE_LEN = PEM_LINE_SZ + 12, /* PEM line max + fudge */
};
#ifndef WC_MAX_NAME_ENTRIES
/* entries added to x509 name struct */
#define WC_MAX_NAME_ENTRIES 13
#endif
#define MAX_NAME_ENTRIES WC_MAX_NAME_ENTRIES
enum Oid_Types {
oidHashType = 0,
@ -521,7 +538,9 @@ enum Extensions_Sum {
POLICY_CONST_OID = 150,
ISSUE_ALT_NAMES_OID = 132,
TLS_FEATURE_OID = 92, /* id-pe 24 */
NETSCAPE_CT_OID = 753 /* 2.16.840.1.113730.1.1 */
NETSCAPE_CT_OID = 753, /* 2.16.840.1.113730.1.1 */
OCSP_NOCHECK_OID = 121 /* 1.3.6.1.5.5.7.48.1.5
id-pkix-ocsp-nocheck */
};
enum CertificatePolicy_Sum {
@ -609,64 +628,6 @@ struct Base_entry {
byte type; /* Name base type (DNS or RFC822) */
};
#define DOMAIN_COMPONENT_MAX 10
#define DN_NAMES_MAX 9
struct DecodedName {
char* fullName;
int fullNameLen;
int entryCount;
int cnIdx;
int cnLen;
int cnNid;
int snIdx;
int snLen;
int snNid;
int cIdx;
int cLen;
int cNid;
int lIdx;
int lLen;
int lNid;
int stIdx;
int stLen;
int stNid;
int oIdx;
int oLen;
int oNid;
int ouIdx;
int ouLen;
#ifdef WOLFSSL_CERT_EXT
int bcIdx;
int bcLen;
int jcIdx;
int jcLen;
int jsIdx;
int jsLen;
#endif
int ouNid;
int emailIdx;
int emailLen;
int emailNid;
int uidIdx;
int uidLen;
int uidNid;
int serialIdx;
int serialLen;
int serialNid;
int dcIdx[DOMAIN_COMPONENT_MAX];
int dcLen[DOMAIN_COMPONENT_MAX];
int dcNum;
int dcMode;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* hold the location / order with which each of the DN tags was found
*
* example of ASN_DOMAIN_COMPONENT at index 0 if first found and so on.
*/
int loc[DOMAIN_COMPONENT_MAX + DN_NAMES_MAX];
int locSz;
#endif
};
enum SignatureState {
SIG_STATE_BEGIN,
@ -784,7 +745,6 @@ struct CertSignCtx {
#endif
typedef struct DecodedCert DecodedCert;
typedef struct DecodedName DecodedName;
typedef struct Signer Signer;
#ifdef WOLFSSL_TRUST_PEER_CERT
typedef struct TrustedPeerCert TrustedPeerCert;
@ -911,8 +871,9 @@ struct DecodedCert {
int subjectEmailLen;
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
DecodedName issuerName;
DecodedName subjectName;
/* WOLFSSL_X509_NAME structures (used void* to avoid including ssl.h) */
void* issuerName;
void* subjectName;
#endif /* OPENSSL_EXTRA */
#ifdef WOLFSSL_SEP
int deviceTypeSz;
@ -950,6 +911,9 @@ struct DecodedCert {
byte weOwnAltNames : 1; /* altNames haven't been given to copy */
byte extKeyUsageSet : 1;
byte extExtKeyUsageSet : 1; /* Extended Key Usage set */
#ifdef HAVE_OCSP
byte ocspNoCheckSet : 1; /* id-pkix-ocsp-nocheck set */
#endif
byte extCRLdistSet : 1;
byte extAuthInfoSet : 1;
byte extBasicConstSet : 1;
@ -1052,6 +1016,7 @@ struct TrustedPeerCert {
#endif
WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash);
WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx);
WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
word32* derSz);
@ -1118,12 +1083,14 @@ WOLFSSL_LOCAL int GetAsnTimeString(void* currTime, byte* buf, word32 len);
WOLFSSL_LOCAL int ExtractDate(const unsigned char* date, unsigned char format,
wolfssl_tm* certTime, int* idx);
WOLFSSL_LOCAL int DateGreaterThan(const struct tm* a, const struct tm* b);
WOLFSSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
WOLFSSL_LOCAL int wc_ValidateDate(const byte* date, byte format, int dateType);
WOLFSSL_LOCAL int wc_OBJ_sn2nid(const char *sn);
/* ASN.1 helper functions */
#ifdef WOLFSSL_CERT_GEN
WOLFSSL_ASN_API int SetName(byte* output, word32 outputSz, CertName* name);
WOLFSSL_LOCAL const char* GetOneCertName(CertName* name, int idx);
WOLFSSL_LOCAL byte GetCertNameId(int idx);
#endif
WOLFSSL_LOCAL int GetShortInt(const byte* input, word32* inOutIdx, int* number,
word32 maxIdx);

View file

@ -23,6 +23,11 @@
\file wolfssl/wolfcrypt/asn_public.h
*/
/*
DESCRIPTION
This library defines the interface APIs for X509 certificates.
*/
#ifndef WOLF_CRYPT_ASN_PUBLIC_H
#define WOLF_CRYPT_ASN_PUBLIC_H
@ -325,6 +330,8 @@ typedef struct Cert {
#endif
char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ];
word16 certPoliciesNb; /* Number of Cert Policy */
#endif
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA)
byte issRaw[sizeof(CertName)]; /* raw issuer info */
byte sbjRaw[sizeof(CertName)]; /* raw subject info */
#endif

View file

@ -39,16 +39,6 @@
#include <libs/libwolfssl/wolfcrypt/types.h>
#if defined(_MSC_VER)
#define ALIGN(x) __declspec(align(x))
#elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
#define ALIGN(x) __attribute__((aligned(x)))
#else
#define ALIGN(x)
#endif
#if defined(__cplusplus)
extern "C" {
#endif
@ -87,7 +77,7 @@
byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */
} blake2s_param;
ALIGN( 32 ) typedef struct __blake2s_state
ALIGN32 typedef struct __blake2s_state
{
word32 h[8];
word32 t[2];
@ -112,7 +102,7 @@
byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */
} blake2b_param;
ALIGN( 64 ) typedef struct __blake2b_state
ALIGN64 typedef struct __blake2b_state
{
word64 h[8];
word64 t[2];

View file

@ -76,12 +76,14 @@ typedef struct Blake2s {
#ifdef HAVE_BLAKE2B
WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32);
WOLFSSL_API int wc_InitBlake2b_WithKey(Blake2b*, word32, const byte *, word32);
WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32);
WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32);
#endif
#ifdef HAVE_BLAKE2S
WOLFSSL_API int wc_InitBlake2s(Blake2s*, word32);
WOLFSSL_API int wc_InitBlake2s_WithKey(Blake2s*, word32, const byte *, word32);
WOLFSSL_API int wc_Blake2sUpdate(Blake2s*, const byte*, word32);
WOLFSSL_API int wc_Blake2sFinal(Blake2s*, byte*, word32);
#endif

View file

@ -18,7 +18,12 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*
DESCRIPTION
This library contains implementation for the ChaCha20 stream cipher.
*/
/*!
\file wolfssl/wolfcrypt/chacha.h
*/
@ -35,9 +40,21 @@
extern "C" {
#endif
/*
Initialization vector starts at 13 with zero being the index origin of a matrix.
Block counter is located at index 12.
0 1 2 3
4 5 6 7
8 9 10 11
12 13 14 15
*/
#define CHACHA_MATRIX_CNT_IV 12
/* Size of the IV */
#define CHACHA_IV_WORDS 3
#define CHACHA_IV_BYTES (CHACHA_IV_WORDS * sizeof(word32))
/* Size of IV in bytes*/
#define CHACHA_IV_BYTES 12
/* Size of ChaCha chunks */
#define CHACHA_CHUNK_WORDS 16
@ -57,10 +74,13 @@ enum {
typedef struct ChaCha {
word32 X[CHACHA_CHUNK_WORDS]; /* state of cipher */
word32 left; /* number of bytes leftover */
#ifdef HAVE_INTEL_AVX1
/* vpshufd reads 16 bytes but we only use bottom 4. */
byte extra[12];
#endif
word32 left; /* number of bytes leftover */
#if defined(USE_INTEL_CHACHA_SPEEDUP) || defined(WOLFSSL_ARMASM)
word32 over[CHACHA_CHUNK_WORDS];
#endif
} ChaCha;

View file

@ -18,12 +18,14 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*
DESCRIPTION
This library contains implementation for the ChaCha20 stream cipher and
the Poly1305 authenticator, both as as combined-mode,
or Authenticated Encryption with Additional Data (AEAD) algorithm.
/* This implementation of the ChaCha20-Poly1305 AEAD is based on "ChaCha20
* and Poly1305 for IETF protocols" (draft-irtf-cfrg-chacha20-poly1305-10):
* https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-10
*/
*/
/*!
\file wolfssl/wolfcrypt/chacha20_poly1305.h
@ -45,6 +47,7 @@
#define CHACHA20_POLY1305_AEAD_KEYSIZE 32
#define CHACHA20_POLY1305_AEAD_IV_SIZE 12
#define CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE 16
#define CHACHA20_POLY1305_MAX 4294967295U
enum {
CHACHA20_POLY_1305_ENC_TYPE = 8, /* cipher unique type */

View file

@ -54,6 +54,11 @@
void cpuid_set_flags(void);
word32 cpuid_get_flags(void);
/* Public APIs to modify flags. */
WOLFSSL_API void cpuid_select_flags(word32 flags);
WOLFSSL_API void cpuid_set_flag(word32 flag);
WOLFSSL_API void cpuid_clear_flag(word32 flag);
#endif
#ifdef __cplusplus

View file

@ -6,7 +6,7 @@
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,

View file

@ -86,6 +86,18 @@ enum {
EC25519_BIG_ENDIAN=1
};
WOLFSSL_API
int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
const byte* priv);
WOLFSSL_API
int wc_curve25519_generic(int public_size, byte* pub,
int private_size, const byte* priv,
int basepoint_size, const byte* basepoint);
WOLFSSL_API
int wc_curve25519_make_priv(WC_RNG* rng, int keysize, byte* priv);
WOLFSSL_API
int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key);

View file

@ -45,11 +45,19 @@
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libs/libwolfssl/wolfcrypt/async.h>
#endif
/* Optional support extended DH public / private keys */
#if !defined(WOLFSSL_DH_EXTRA) && (defined(WOLFSSL_QT) || \
defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \
defined(WOLFSSL_STATIC_EPHEMERAL))
#define WOLFSSL_DH_EXTRA
#endif
typedef struct DhParams {
#ifdef HAVE_FFDHE_Q
#ifdef HAVE_FFDHE_Q
const byte* q;
word32 q_len;
#endif /* HAVE_FFDHE_Q */
#endif /* HAVE_FFDHE_Q */
const byte* p;
word32 p_len;
const byte* g;
@ -59,7 +67,7 @@ typedef struct DhParams {
/* Diffie-Hellman Key */
struct DhKey {
mp_int p, g, q; /* group parameters */
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)
#ifdef WOLFSSL_DH_EXTRA
mp_int pub;
mp_int priv;
#endif
@ -101,15 +109,20 @@ WOLFSSL_API int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz,
word32 pubSz);
WOLFSSL_API int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
word32);
word32); /* wc_DhKeyDecode is in asn.c */
WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
word32 gSz);
WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz,
const byte* g, word32 gSz, const byte* q, word32 qSz);
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
WOLFSSL_LOCAL int wc_DhSetFullKeys(DhKey* key,const byte* priv_key,word32 privSz,
const byte* pub_key, word32 pubSz);
#endif
#ifdef WOLFSSL_DH_EXTRA
WOLFSSL_API int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz,
const byte* pub, word32 pubSz);
WOLFSSL_API int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz,
byte* pub, word32* pPubSz);
#endif /* WOLFSSL_DH_EXTRA */
WOLFSSL_API int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz,
const byte* g, word32 gSz, const byte* q, word32 qSz,
int trusted, WC_RNG* rng);
@ -136,4 +149,3 @@ WOLFSSL_API int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
#endif /* NO_DH */
#endif /* WOLF_CRYPT_DH_H */

View file

@ -50,7 +50,7 @@
#endif
#endif
#ifdef WOLFSSL_ATECC508A
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
#include <libs/libwolfssl/wolfcrypt/port/atmel/atmel.h>
#endif /* WOLFSSL_ATECC508A */
@ -58,6 +58,11 @@
#include <libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h>
#endif
#ifdef WOLFSSL_HAVE_SP_ECC
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
@ -127,7 +132,7 @@ enum {
ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ),
/* max crypto hardware size */
#ifdef WOLFSSL_ATECC508A
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */
ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2),
#elif defined(PLUTON_CRYPTO_ECC)
@ -278,14 +283,15 @@ typedef struct ecc_set_type {
* mp_ints for the components of the point. With ALT_ECC_SIZE, the components
* of the point are pointers that are set to each of a three item array of
* alt_fp_ints. While an mp_int will have 4096 bits of digit inside the
* structure, the alt_fp_int will only have 528 bits. A size value was added
* in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The
* functions fp_zero() and fp_copy() use the size parameter. An int needs to
* be initialized before using it instead of just fp_zeroing it, the init will
* call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the
* number of bits used in the alternate FP_INT.
* structure, the alt_fp_int will only have 512 bits for ECC 256-bit and
* 1056-bits for ECC 521-bit. A size value was added in the ALT case, as well,
* and is set by mp_init() and alt_fp_init(). The functions fp_zero() and
* fp_copy() use the size parameter. An int needs to be initialized before
* using it instead of just fp_zeroing it, the init will call zero. The
* FP_MAX_BITS_ECC defaults to calculating based on MAX_ECC_BITS, but
* can be set to change the number of bits used in the alternate FP_INT.
*
* Do not enable ALT_ECC_SIZE and disable fast math in the configuration.
* The ALT_ECC_SIZE option only applies to stack based fast math USE_FAST_MATH.
*/
#ifndef USE_FAST_MATH
@ -294,19 +300,18 @@ typedef struct ecc_set_type {
/* determine max bits required for ECC math */
#ifndef FP_MAX_BITS_ECC
/* check alignment */
#if ((MAX_ECC_BITS * 2) % DIGIT_BIT) == 0
/* max bits is double */
#define FP_MAX_BITS_ECC (MAX_ECC_BITS * 2)
#else
/* max bits is doubled, plus one digit of fudge */
#define FP_MAX_BITS_ECC ((MAX_ECC_BITS * 2) + DIGIT_BIT)
#endif
#else
/* verify alignment */
#if FP_MAX_BITS_ECC % CHAR_BIT
/* max bits rounded up by 8 then doubled */
/* (ROUND8(MAX_ECC_BITS) * 2) */
#define FP_MAX_BITS_ECC (2 * \
((MAX_ECC_BITS + DIGIT_BIT - 1) / DIGIT_BIT) * DIGIT_BIT)
/* Note: For ECC verify only FP_MAX_BITS_ECC can be reduced to:
ROUND8(MAX_ECC_BITS) + ROUND8(DIGIT_BIT) */
#endif
/* verify alignment */
#if FP_MAX_BITS_ECC % CHAR_BIT
#error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
#endif
#endif
/* determine buffer size */
@ -351,8 +356,22 @@ enum {
#ifdef HAVE_ECC_CDH
WC_ECC_FLAG_COFACTOR = 0x01,
#endif
WC_ECC_FLAG_DEC_SIGN = 0x02,
};
/* ECC non-blocking */
#ifdef WC_ECC_NONBLOCK
typedef struct ecc_nb_ctx {
#if defined(WOLFSSL_HAVE_SP_ECC) && defined(WOLFSSL_SP_NONBLOCK)
sp_ecc_ctx_t sp_ctx;
#else
/* build configuration not supported */
#error ECC non-blocking only supports SP (--enable-sp=nonblock)
#endif
} ecc_nb_ctx_t;
#endif /* WC_ECC_NONBLOCK */
/* An ECC Key */
struct ecc_key {
int type; /* Public or Private */
@ -369,7 +388,7 @@ struct ecc_key {
void* heap; /* heap hint */
ecc_point pubkey; /* public key */
mp_int k; /* private key */
#ifdef WOLFSSL_ATECC508A
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
int slot; /* Key Slot Number (-1 unknown) */
byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
#endif
@ -413,6 +432,12 @@ struct ecc_key {
#ifdef WOLFSSL_DSP
remote_handle64 handle;
#endif
#ifdef ECC_TIMING_RESISTANT
WC_RNG* rng;
#endif
#ifdef WC_ECC_NONBLOCK
ecc_nb_ctx_t* nb_ctx;
#endif
};
@ -427,7 +452,7 @@ extern const size_t ecc_sets_count;
WOLFSSL_API
const char* wc_ecc_get_name(int curve_id);
#ifndef WOLFSSL_ATECC508A
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
#define ECC_API WOLFSSL_API
@ -446,6 +471,10 @@ ECC_API int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a,
mp_int* modulus, mp_digit mp);
WOLFSSL_LOCAL
int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B, ecc_point* R,
mp_int* a, mp_int* modulus, mp_digit mp, int* infinity);
#endif
WOLFSSL_API
@ -453,8 +482,13 @@ int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
WOLFSSL_API
int wc_ecc_make_key_ex2(WC_RNG* rng, int keysize, ecc_key* key, int curve_id,
int flags);
WOLFSSL_API
int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut);
WOLFSSL_API
int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng);
WOLFSSL_API
int wc_ecc_check_key(ecc_key* key);
WOLFSSL_API
int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime);
@ -472,7 +506,8 @@ WOLFSSL_API
int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen);
#if defined(WOLFSSL_ATECC508A) || defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL)
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL)
#define wc_ecc_shared_secret_ssh wc_ecc_shared_secret
#else
#define wc_ecc_shared_secret_ssh wc_ecc_shared_secret_ex /* For backwards compat */
@ -521,6 +556,12 @@ WOLFSSL_API
int wc_ecc_set_flags(ecc_key* key, word32 flags);
WOLFSSL_API
void wc_ecc_fp_free(void);
WOLFSSL_LOCAL
void wc_ecc_fp_init(void);
#ifdef ECC_TIMING_RESISTANT
WOLFSSL_API
int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng);
#endif
WOLFSSL_API
int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id);
@ -568,14 +609,20 @@ WOLFSSL_API
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
WOLFSSL_API
int wc_ecc_point_is_at_infinity(ecc_point *p);
WOLFSSL_API
int wc_ecc_point_is_on_curve(ecc_point *p, int curve_idx);
#ifndef WOLFSSL_ATECC508A
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
WOLFSSL_API
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map);
WOLFSSL_LOCAL
int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map, void* heap);
WOLFSSL_LOCAL
int wc_ecc_mulmod_ex2(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
mp_int* modulus, mp_int* order, WC_RNG* rng, int map,
void* heap);
#endif /* !WOLFSSL_ATECC508A */
@ -754,6 +801,10 @@ int sp_dsp_ecc_verify_256(remote_handle64 handle, const byte* hash, word32 hashL
mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
#endif
#ifdef WC_ECC_NONBLOCK
WOLFSSL_API int wc_ecc_set_nonblock(ecc_key *key, ecc_nb_ctx_t* ctx);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

View file

@ -22,6 +22,11 @@
/*!
\file wolfssl/wolfcrypt/error-crypt.h
*/
/*
DESCRIPTION
This library defines error codes and contians routines for setting and examining
the error status.
*/
#ifndef WOLF_CRYPT_ERROR_H
#define WOLF_CRYPT_ERROR_H
@ -227,10 +232,10 @@ enum {
CRYPTOCB_UNAVAILABLE= -271, /* Crypto callback unavailable */
PKCS7_SIGNEEDS_CHECK= -272, /* signature needs verified by caller */
PSS_SALTLEN_RECOVER_E=-273, /* PSS slat length not recoverable */
CHACHA_POLY_OVERFLOW =-274, /* ChaCha20Poly1305 limit overflow */
ASN_SELF_SIGNED_E = -275, /* ASN self-signed certificate error */
ASN_SELF_SIGNED_E = -274, /* ASN self-signed certificate error */
WC_LAST_E = -274, /* Update this to indicate last error */
WC_LAST_E = -275, /* Update this to indicate last error */
MIN_CODE_E = -300 /* errors -101 - -299 */
/* add new companion error id strings for any new error codes

View file

@ -27,7 +27,9 @@
#if defined(HAVE_CURVE448) || defined(HAVE_ED448)
#ifndef WOLFSSL_LINUXKM
#include <stdint.h>
#endif
#include <libs/libwolfssl/wolfcrypt/types.h>
@ -40,7 +42,7 @@
#endif
/* default to be faster but take more memory */
#if !defined(CURVE448_SMALL) || !defined(ED448_SMALL)
#if !defined(CURVE448_SMALL) && !defined(ED448_SMALL)
#if defined(CURVED448_128BIT)
typedef int64_t fe448;

View file

@ -28,8 +28,10 @@
#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
#ifndef WOLFSSL_LINUXKM
#include <stdint.h>
#endif
#endif
#include <libs/libwolfssl/wolfcrypt/types.h>
@ -79,7 +81,7 @@ Bounds on each t[i] vary depending on context.
#if !defined(FREESCALE_LTC_ECC)
WOLFSSL_LOCAL void fe_init(void);
WOLFSSL_LOCAL int curve25519(byte * q, byte * n, byte * p);
WOLFSSL_LOCAL int curve25519(byte * q, const byte * n, const byte * p);
#endif
/* default to be faster but take more memory */

View file

@ -131,11 +131,11 @@ typedef union {
#ifdef WOLFSSL_SHA3
wc_Sha3 sha3;
#endif
} Hash;
} wc_Hmac_Hash;
/* Hmac digest */
struct Hmac {
Hash hash;
wc_Hmac_Hash hash;
word32 ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
word32 innerHash[WC_MAX_DIGEST_SIZE / sizeof(word32)];

View file

@ -42,7 +42,11 @@
#include <libs/libwolfssl/wolfcrypt/random.h>
#ifndef CHAR_BIT
#if defined(WOLFSSL_LINUXKM)
#include <linux/limits.h>
#else
#include <limits.h>
#endif
#endif
#include <libs/libwolfssl/wolfcrypt/mpi_class.h>
@ -301,6 +305,7 @@ MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
MP_API void mp_zero (mp_int * a);
MP_API void mp_clamp (mp_int * a);
MP_API void mp_exch (mp_int * a, mp_int * b);
MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
MP_API void mp_rshd (mp_int * a, int b);
MP_API void mp_rshb (mp_int * a, int b);
MP_API int mp_mod_2d (mp_int * a, int b, mp_int * c);
@ -318,6 +323,7 @@ MP_API int mp_is_bit_set (mp_int * a, mp_digit b);
MP_API int mp_mod (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
MP_API int mp_div_2(mp_int * a, mp_int * b);
MP_API int mp_div_2_mod_ct (mp_int* a, mp_int* b, mp_int* c);
MP_API int mp_add (mp_int * a, mp_int * b, mp_int * c);
int s_mp_add (mp_int * a, mp_int * b, mp_int * c);
int s_mp_sub (mp_int * a, mp_int * b, mp_int * c);
@ -332,6 +338,7 @@ MP_API int mp_exptmod_base_2 (mp_int * X, mp_int * P, mp_int * Y);
MP_API int mp_montgomery_setup (mp_int * n, mp_digit * rho);
int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
MP_API int mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
#define mp_montgomery_reduce_ex(x, n, rho, ct) mp_montgomery_reduce (x, n, rho)
MP_API void mp_dr_setup(mp_int *a, mp_digit *d);
MP_API int mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k);
MP_API int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
@ -355,6 +362,8 @@ MP_API int mp_sqr (mp_int * a, mp_int * b);
MP_API int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
MP_API int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_submod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_addmod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
MP_API int mp_2expt (mp_int * a, int b);
MP_API int mp_set_bit (mp_int * a, int b);

View file

@ -29,7 +29,7 @@
#ifndef WOLFSSL_MEMORY_H
#define WOLFSSL_MEMORY_H
#ifndef STRING_USER
#if !defined(STRING_USER) && !defined(WOLFSSL_LINUXKM)
#include <stdlib.h>
#endif
#include <libs/libwolfssl/wolfcrypt/types.h>
@ -110,8 +110,12 @@ WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*,
#elif defined (OPENSSL_EXTRA)
/* extra storage in structs for multiple attributes and order */
#ifndef LARGEST_MEM_BUCKET
#ifdef WOLFSSL_TLS13
#define LARGEST_MEM_BUCKET 30400
#else
#define LARGEST_MEM_BUCKET 25600
#endif
#endif
#define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,\
LARGEST_MEM_BUCKET
#elif defined (WOLFSSL_CERT_EXT)

View file

@ -18,9 +18,13 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*
DESCRIPTION
This module implements the arithmetic-shift right, left, byte swapping, XOR,
masking and clearing memory logic.
*/
#ifndef WOLF_CRYPT_MISC_H
#define WOLF_CRYPT_MISC_H

View file

@ -6,7 +6,7 @@
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,

View file

@ -154,8 +154,9 @@ enum Pkcs7_Misc {
MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ,
#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION >= 2)) || defined(HAVE_SELFTEST)
/* In the event of fips cert 3389 or CAVP selftest build, these enums are
(HAVE_FIPS_VERSION >= 2)) || (defined(HAVE_SELFTEST) && \
(!defined(HAVE_SELFTEST_VERSION) || HAVE_SELFTEST_VERSION < 2))
/* In the event of fips cert 3389 or CAVP selftest v1 build, these enums are
* not in aes.h for use with pkcs7 so enumerate it here outside the fips
* boundary */
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */

View file

@ -119,9 +119,12 @@ WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz, word32 data
WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz,
byte* input, word32 sz, byte* tag, word32 tagSz);
void poly1305_block(Poly1305* ctx, const unsigned char *m);
#if defined(__aarch64__ ) && defined(WOLFSSL_ARMASM)
void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
size_t bytes);
void poly1305_block(Poly1305* ctx, const unsigned char *m);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

View file

@ -39,7 +39,7 @@
#include "soc/hwcrypto_reg.h"
#include "soc/cpu.h"
#include "driver/periph_ctrl.h"
#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1
#if ESP_IDF_VERSION_MAJOR >= 4
#include <esp32/rom/ets_sys.h>
#else
#include <rom/ets_sys.h>
@ -55,7 +55,7 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
#ifndef NO_AES
#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1
#if ESP_IDF_VERSION_MAJOR >= 4
#include "esp32/rom/aes.h"
#else
#include "rom/aes.h"
@ -89,7 +89,7 @@ uint64_t wc_esp32elapsedTime();
/* RAW hash function APIs are not implemented with esp32 hardware acceleration*/
#define WOLFSSL_NO_HASH_RAW
#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1
#if ESP_IDF_VERSION_MAJOR >= 4
#include "esp32/rom/sha.h"
#else
#include "rom/sha.h"

View file

@ -35,6 +35,13 @@
extern "C" {
#endif
#define TSIP_SESSIONKEY_NONCE_SIZE 8
typedef enum {
WOLFSSL_TSIP_NOERROR = 0,
WOLFSSL_TSIP_ILLEGAL_CIPHERSUITE = 0xffffffff,
}wolfssl_tsip_error_number;
typedef enum {
tsip_Key_SESSION = 1,
tsip_Key_AES128 = 2,
@ -52,6 +59,34 @@ enum {
l_TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d,
};
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=109)
typedef struct
{
uint8_t *encrypted_provisioning_key;
uint8_t *iv;
uint8_t *encrypted_user_tls_key;
uint32_t encrypted_user_tls_key_type;
tsip_tls_ca_certification_public_key_index_t user_rsa2048_tls_pubindex;
} tsip_key_data;
void tsip_inform_user_keys_ex(
byte* provisioning_key, /* key got from DLM server */
byte* iv, /* iv used for public key */
byte* encrypted_public_key,/*RSA2048 or ECDSAp256 public key*/
word32 public_key_type); /* 0: RSA-2048 2:ECDSA P-256 */
int tsip_generateMasterSecretEx(
byte cipherSuiteFirst,
byte cipherSuite,
const byte* pr, /* pre-master */
const byte* cr, /* client random */
const byte* sr, /* server random */
byte* ms);
#elif defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=106)
typedef struct
{
uint8_t *encrypted_session_key;
@ -60,44 +95,80 @@ typedef struct
tsip_tls_ca_certification_public_key_index_t user_rsa2048_tls_pubindex;
} tsip_key_data;
struct WOLFSSL;
int tsip_Open( );
void tsip_Close( );
int tsip_hw_lock();
void tsip_hw_unlock( void );
int tsip_usable(const struct WOLFSSL *ssl);
void tsip_inform_sflash_signedcacert(const byte *ps_flash,
const byte *psigned_ca_cert, word32 len);
void tsip_inform_cert_sign(const byte *sign);
/* set / get key */
void tsip_inform_user_keys(byte *encrypted_session_key, byte *iv,
byte *encrypted_user_tls_key);
int tsip_generateMasterSecret(const byte *pre, const byte *cr,const byte *sr,
byte *ms);
#endif
struct WOLFSSL;
int tsip_Open();
void tsip_Close();
int tsip_hw_lock();
void tsip_hw_unlock( void );
int tsip_usable(const struct WOLFSSL *ssl);
void tsip_inform_sflash_signedcacert(
const byte* ps_flash,
const byte* psigned_ca_cert,
word32 len);
void tsip_inform_cert_sign(const byte *sign);
byte tsip_rootCAverified();
byte tsip_rootCAverified( );
byte tsip_checkCA(word32 cmIdx);
int tsip_tls_RootCertVerify(const byte *cert , word32 cert_len,
int tsip_tls_RootCertVerify(
const byte* cert, word32 cert_len,
word32 key_n_start, word32 key_n_len,
word32 key_e_start, word32 key_e_len,
word32 cm_row);
int tsip_tls_CertVerify(const byte *cert, word32 certSz,
const byte *signature, word32 sigSz,
int tsip_tls_CertVerify(
const byte* cert, word32 certSz,
const byte* signature, word32 sigSz,
word32 key_n_start, word32 key_n_len,
word32 key_e_start, word32 key_e_len,
byte *tsip_encRsaKeyIdx);
void tsip_inform_key_position(const word32 key_n_start, const word32 key_n_len,
const word32 key_e_start, const word32 key_e_len);
int tsip_generatePremasterSecret(byte *premaster, word32 preSz);
int tsip_generateEncryptPreMasterSecret(struct WOLFSSL *ssl, byte *out,
word32 *outSz);
int tsip_generateMasterSecret(const byte *pre, const byte *cr,const byte *sr,
byte *ms);
byte* tsip_encRsaKeyIdx);
void tsip_inform_key_position(
const word32 key_n_start,
const word32 key_n_len,
const word32 key_e_start,
const word32 key_e_len);
int tsip_generatePremasterSecret(
byte* premaster,
word32 preSz);
int tsip_generateEncryptPreMasterSecret(
struct WOLFSSL* ssl,
byte* out,
word32* outSz);
int tsip_generateSeesionKey(struct WOLFSSL *ssl);
int tsip_Sha256Hmac(const struct WOLFSSL *ssl, const byte *myInner,
word32 innerSz, const byte *in, word32 sz, byte *digest,
int tsip_Sha256Hmac(
const struct WOLFSSL *ssl,
const byte* myInner,
word32 innerSz,
const byte* in,
word32 sz,
byte* digest,
word32 verify);
int tsip_Sha1Hmac(const struct WOLFSSL *ssl, const byte *myInner,
word32 innerSz, const byte *in, word32 sz, byte *digest,
int tsip_Sha1Hmac(
const struct WOLFSSL *ssl,
const byte* myInner,
word32 innerSz,
const byte* in,
word32 sz,
byte* digest,
word32 verify);
#if (!defined(NO_SHA) || !defined(NO_SHA256)) && \
@ -128,10 +199,10 @@ typedef wolfssl_TSIP_Hash wc_Sha;
#endif /* NO_SHA */
#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
typedef struct {
typedef struct {
tsip_aes_key_index_t tsip_keyIdx;
word32 keySize;
} TSIP_AES_CTX;
} TSIP_AES_CTX;
struct Aes;
int wc_tsip_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in,

View file

@ -27,14 +27,15 @@
#include <libs/libwolfssl/wolfcrypt/settings.h>
#include <libs/libwolfssl/wolfcrypt/error-crypt.h>
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC_PKCB)
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(WOLFSSL_ATECC_PKCB)
#undef SHA_BLOCK_SIZE
#define SHA_BLOCK_SIZE SHA_BLOCK_SIZE_REMAP
#include <cryptoauthlib.h>
#undef SHA_BLOCK_SIZE
#endif
/* ATECC508A only supports ECC P-256 */
/* ATECC508A/608A only supports ECC P-256 */
#define ATECC_KEY_SIZE (32)
#define ATECC_PUBKEY_SIZE (ATECC_KEY_SIZE*2) /* X and Y */
#define ATECC_SIG_SIZE (ATECC_KEY_SIZE*2) /* R and S */
@ -53,11 +54,19 @@
#endif
/* Symmetric encryption key */
#ifndef ATECC_SLOT_I2C_ENC
#define ATECC_SLOT_I2C_ENC (0x04)
#ifdef WOLFSSL_ATECC_TNGTLS
#define ATECC_SLOT_I2C_ENC (0x06)
#else
#define ATECC_SLOT_I2C_ENC (0x04)
#endif
#endif
/* Parent encryption key */
#ifndef ATECC_SLOT_ENC_PARENT
#define ATECC_SLOT_ENC_PARENT (0x7)
#ifdef WOLFSSL_ATECC_TNGTLS
#define ATECC_SLOT_ENC_PARENT (0x6)
#else
#define ATECC_SLOT_ENC_PARENT (0x7)
#endif
#endif
/* ATECC_KEY_SIZE required for ecc.h */
@ -78,7 +87,7 @@ int atmel_get_random_number(uint32_t count, uint8_t* rand_out);
#endif
long atmel_get_curr_time_and_date(long* tm);
#ifdef WOLFSSL_ATECC508A
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
enum atmelSlotType {
ATMEL_SLOT_ANY,
@ -100,6 +109,8 @@ int atmel_ecc_translate_err(int status);
int atmel_get_rev_info(word32* revision);
void atmel_show_rev_info(void);
WOLFSSL_API int wolfCrypt_ATECC_SetConfig(ATCAIfaceCfg* cfg);
/* The macro ATECC_GET_ENC_KEY can be set to override the default
encryption key with your own at build-time */
#ifndef ATECC_GET_ENC_KEY

View file

@ -0,0 +1,74 @@
/* psoc6_crypto.h
*
* Copyright (C) 2006-2020 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _PSOC6_CRYPTO_PORT_H_
#define _PSOC6_CRYPTO_PORT_H_
#include <libs/libwolfssl/wolfcrypt/settings.h>
#ifdef USE_FAST_MATH
#include <libs/libwolfssl/wolfcrypt/tfm.h>
#elif defined WOLFSSL_SP_MATH
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
#else
#include <libs/libwolfssl/wolfcrypt/integer.h>
#endif
#include "cy_crypto_core_sha.h"
#include "cy_device_headers.h"
#include "psoc6_02_config.h"
#include "cy_crypto_common.h"
#include "cy_crypto_core.h"
#ifdef WOLFSSL_SHA512
typedef struct wc_Sha512 {
cy_stc_crypto_sha_state_t hash_state;
cy_en_crypto_sha_mode_t sha_mode;
cy_stc_crypto_v2_sha512_buffers_t sha_buffers;
} wc_Sha512;
#define WC_SHA512_TYPE_DEFINED
#include <libs/libwolfssl/wolfcrypt/sha512.h>
#endif
#ifndef NO_SHA256
typedef struct wc_Sha256 {
cy_stc_crypto_sha_state_t hash_state;
cy_en_crypto_sha_mode_t sha_mode;
cy_stc_crypto_v2_sha256_buffers_t sha_buffers;
} wc_Sha256;
#include <libs/libwolfssl/wolfcrypt/sha.h>
#include <libs/libwolfssl/wolfcrypt/sha256.h>
#endif /* !def NO_SHA256 */
#ifdef HAVE_ECC
#include <libs/libwolfssl/wolfcrypt/ecc.h>
int psoc6_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* verif_res, ecc_key* key);
#endif /* HAVE_ECC */
#define PSOC6_CRYPTO_BASE ((CRYPTO_Type*) CRYPTO_BASE)
/* Crypto HW engine initialization */
int psoc6_crypto_port_init(void);
#endif /* _PSOC6_CRYPTO_PORT_H_ */

View file

@ -0,0 +1,77 @@
/* dcp_port.h
*
* Copyright (C) 2006-2020 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _DCP_PORT_H_
#define _DCP_PORT_H_
#include <libs/libwolfssl/wolfcrypt/settings.h>
#ifdef USE_FAST_MATH
#include <libs/libwolfssl/wolfcrypt/tfm.h>
#elif defined WOLFSSL_SP_MATH
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
#else
#include <libs/libwolfssl/wolfcrypt/integer.h>
#endif
#include <libs/libwolfssl/wolfcrypt/aes.h>
#include <libs/libwolfssl/wolfcrypt/error-crypt.h>
#include "fsl_device_registers.h"
#include "fsl_debug_console.h"
#include "fsl_dcp.h"
int wc_dcp_init(void);
#ifndef NO_AES
int DCPAesInit(Aes* aes);
void DCPAesFree(Aes *aes);
int DCPAesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
int dir);
int DCPAesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
int DCPAesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
#endif
#ifdef HAVE_AES_ECB
int DCPAesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
int DCPAesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
#endif
#ifndef NO_SHA256
typedef struct wc_Sha256_DCP {
dcp_handle_t handle;
dcp_hash_ctx_t ctx;
} wc_Sha256;
#define WC_SHA256_TYPE_DEFINED
void DCPSha256Free(wc_Sha256 *sha256);
#endif
#ifndef NO_SHA
typedef struct wc_Sha_DCP {
dcp_handle_t handle;
dcp_hash_ctx_t ctx;
} wc_Sha;
#define WC_SHA_TYPE_DEFINED
void DCPShaFree(wc_Sha *sha);
#endif
#endif

View file

@ -65,8 +65,8 @@ int ksdk_port_init(void);
int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m);
#ifdef HAVE_CURVE25519
int wc_curve25519(ECPoint *q, byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type);
const ECPoint *wc_curve25519_GetBasePoint(void);
int nxp_ltc_curve25519(ECPoint *q, const byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type);
const ECPoint *nxp_ltc_curve25519_GetBasePoint(void);
status_t LTC_PKHA_Curve25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
status_t LTC_PKHA_WeierstrassToCurve25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint);

View file

@ -28,11 +28,6 @@
#include <libs/libwolfssl/wolfcrypt/settings.h>
#include <libs/libwolfssl/wolfcrypt/types.h>
#if defined(WOLFSSL_STM32_PKA) && defined(HAVE_ECC)
#include <libs/libwolfssl/wolfcrypt/integer.h>
#include <libs/libwolfssl/wolfcrypt/ecc.h>
#endif
#ifdef STM32_HASH
#define WOLFSSL_NO_HASH_RAW
@ -54,6 +49,9 @@
#if !defined(HASH_DATATYPE_8B) && defined(HASH_DataType_8b)
#define HASH_DATATYPE_8B HASH_DataType_8b
#endif
#ifndef HASH_STR_NBW
#define HASH_STR_NBW HASH_STR_NBLW
#endif
#ifndef STM32_HASH_TIMEOUT
#define STM32_HASH_TIMEOUT 0xFFFF
@ -93,19 +91,30 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
#ifndef NO_AES
#if !defined(STM32_CRYPTO_AES_GCM) && (defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32L4))
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32L4) || \
defined(WOLFSSL_STM32L5) || defined(WOLFSSL_STM32H7))
/* Hardware supports AES GCM acceleration */
#define STM32_CRYPTO_AES_GCM
#endif
#if defined(WOLFSSL_STM32WB)
#define STM32_CRYPTO_AES_ONLY /* crypto engine only supports AES */
#define CRYP AES1
#define STM32_HAL_V2
#endif
#if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5)
#ifdef WOLFSSL_STM32L4
#define STM32_CRYPTO_AES_ONLY /* crypto engine only supports AES */
#endif
#define CRYP AES
#ifndef CRYP_AES_GCM
#define CRYP_AES_GCM CRYP_AES_GCM_GMAC
#endif
#endif
/* Detect newer CubeMX crypto HAL (HAL_CRYP_Encrypt / HAL_CRYP_Decrypt) */
#if !defined(STM32_HAL_V2) && \
defined(WOLFSSL_STM32F7) && defined(CRYP_AES_GCM)
#if !defined(STM32_HAL_V2) && defined(CRYP_AES_GCM) && \
(defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32L5) || defined(WOLFSSL_STM32H7))
#define STM32_HAL_V2
#endif
@ -122,7 +131,7 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
struct Aes;
#ifdef WOLFSSL_STM32_CUBEMX
int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_HandleTypeDef* hcryp);
#else /* STD_PERI_LIB */
#else /* Standard Peripheral Library */
int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_InitTypeDef* cryptInit,
CRYP_KeyInitTypeDef* keyInit);
#endif /* WOLFSSL_STM32_CUBEMX */
@ -131,12 +140,25 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
#endif /* STM32_CRYPTO */
#if defined(WOLFSSL_STM32_PKA) && defined(HAVE_ECC)
int stm32_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* res, ecc_key* key);
int stm32_ecc_sign_hash_ex(const byte* hash, word32 hashlen, WC_RNG* rng,
ecc_key* key, mp_int *r, mp_int *s);
#ifdef WOLFSSL_SP_MATH
struct sp_int;
#define MATH_INT_T struct sp_int
#elif defined(USE_FAST_MATH)
struct fp_int;
#define MATH_INT_T struct fp_int
#else
struct mp_int;
#define MATH_INT_T struct mp_int
#endif
struct ecc_key;
struct WC_RNG;
int stm32_ecc_verify_hash_ex(MATH_INT_T *r, MATH_INT_T *s, const byte* hash,
word32 hashlen, int* res, struct ecc_key* key);
int stm32_ecc_sign_hash_ex(const byte* hash, word32 hashlen, struct WC_RNG* rng,
struct ecc_key* key, MATH_INT_T *r, MATH_INT_T *s);
#endif /* WOLFSSL_STM32_PKA && HAVE_ECC */
#endif /* _WOLFPORT_STM32_H_ */

View file

@ -149,6 +149,23 @@ typedef struct OS_Seed {
#define WC_RNG_TYPE_DEFINED
#endif
#ifdef HAVE_HASHDRBG
struct DRBG_internal {
word32 reseedCtr;
word32 lastBlock;
byte V[DRBG_SEED_LEN];
byte C[DRBG_SEED_LEN];
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
void* heap;
int devId;
#endif
byte matchCount;
#ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256 sha256;
#endif
};
#endif
/* RNG context */
struct WC_RNG {
OS_Seed seed;
@ -157,18 +174,7 @@ struct WC_RNG {
/* Hash-based Deterministic Random Bit Generator */
struct DRBG* drbg;
#if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY)
#define DRBG_STRUCT_SZ ((sizeof(word32)*3) + (DRBG_SEED_LEN*2))
#ifdef WOLFSSL_SMALL_STACK_CACHE
#define DRBG_STRUCT_SZ_SHA256 (sizeof(wc_Sha256))
#else
#define DRBG_STRUCT_SZ_SHA256 0
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
#define DRBG_STRUCT_SZ_ASYNC (sizeof(void*) + sizeof(int))
#else
#define DRBG_STRUCT_SZ_ASYNC 0
#endif
byte drbg_data[DRBG_STRUCT_SZ + DRBG_STRUCT_SZ_SHA256 + DRBG_STRUCT_SZ_ASYNC];
struct DRBG_internal drbg_data;
#endif
byte status;
#endif
@ -219,7 +225,7 @@ WOLFSSL_API int wc_FreeRng(WC_RNG*);
#define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN
#define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN
#define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN
#define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN
#define wc_RNG_GenerateBlock(rng, b, s) ({(void)rng; (void)b; (void)s; NOT_COMPILED_IN;})
#define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN
#define wc_FreeRng(rng) (void)NOT_COMPILED_IN
#endif

View file

@ -23,7 +23,13 @@
\file wolfssl/wolfcrypt/rsa.h
*/
/*
DESCRIPTION
This library provides the interface to the RSA.
RSA keys can be used to encrypt, decrypt, sign and verify data.
*/
#ifndef WOLF_CRYPT_RSA_H
#define WOLF_CRYPT_RSA_H
@ -280,8 +286,9 @@ WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
RsaKey*, word32);
WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
const byte* e, word32 eSz, RsaKey* key);
WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
#ifdef WOLFSSL_KEY_GEN
WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
#endif
#ifdef WC_RSA_BLINDING
WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);

View file

@ -62,6 +62,9 @@
/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
/* #define MICROCHIP_TCPIP */
/* Uncomment next line if using above Microchip TCP/IP defines with BSD API */
/* #define MICROCHIP_TCPIP_BSD_API */
/* Uncomment next line if using PIC32MZ Crypto Engine */
/* #define WOLFSSL_MICROCHIP_PIC32MZ */
@ -209,10 +212,20 @@
/* Uncomment next line if using RENESAS RX64N */
/* #define WOLFSSL_RENESAS_RX65N */
/* Uncomment next line if using Solaris OS*/
/* #define WOLFSSL_SOLARIS */
/* Uncomment next line if building for Linux Kernel Module */
/* #define WOLFSSL_LINUXKM */
#include <libs/libwolfssl/wolfcrypt/visibility.h>
#ifdef WOLFSSL_USER_SETTINGS
#include "user_settings.h"
#elif defined(USE_HAL_DRIVER) && !defined(HAVE_CONFIG_H)
/* STM Configuration File (generated by CubeMX) */
#include "wolfSSL.wolfSSL_conf.h"
#endif
@ -292,7 +305,7 @@
#endif
#endif
#if defined(WOLFSSL_RENESAS_RA6M3G)
#if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3)
/* settings in user_settings.h */
#endif
@ -337,7 +350,9 @@
/* #define WOLFSSL_MICROCHIP_PIC32MZ */
#define SIZEOF_LONG_LONG 8
#define SINGLE_THREADED
#ifndef MICROCHIP_TCPIP_BSD_API
#define WOLFSSL_USER_IO
#endif
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_FILESYSTEM
@ -375,6 +390,16 @@
#endif
#endif
#ifdef WOLFSSL_ATECC508A
/* backwards compatibility */
#ifndef WOLFSSL_ATECC_NO_ECDH_ENC
#define WOLFSSL_ATECC_ECDH_ENC
#endif
#ifdef WOLFSSL_ATECC508A_DEBUG
#define WOLFSSL_ATECC_DEBUG
#endif
#endif
#ifdef MBED
#define WOLFSSL_USER_IO
#define NO_FILESYSTEM
@ -601,7 +626,6 @@
#ifdef WOLFSSL_NRF5x
#define SIZEOF_LONG 4
#define SIZEOF_LONG_LONG 8
#define NO_ASN_TIME
#define NO_DEV_RANDOM
#define NO_FILESYSTEM
#define NO_MAIN_DRIVER
@ -609,7 +633,6 @@
#define SINGLE_THREADED
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define USE_WOLFSSL_MEMORY
#define WOLFSSL_NRF51
#define WOLFSSL_USER_IO
#define NO_SESSION_CACHE
@ -812,8 +835,10 @@ extern void uITRON4_free(void *p) ;
#undef SIZEOF_LONG
#define SIZEOF_LONG_LONG 8
#else
#if !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
#error settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
#endif
#endif
#define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
#define XFREE(p, h, type) (rtp_free(p))
@ -822,7 +847,9 @@ extern void uITRON4_free(void *p) ;
#if (WINMSP3)
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
#else
#sslpro: settings.h - please implement XSTRNCASECMP - needed for HAVE_ECC
#ifndef XSTRNCASECMP
#error settings.h - please implement XSTRNCASECMP - needed for HAVE_ECC
#endif
#endif
#define WOLFSSL_HAVE_MAX
@ -900,6 +927,19 @@ extern void uITRON4_free(void *p) ;
#define TFM_TIMING_RESISTANT
#endif
/* To support storing some of the large constant tables in flash memory rather than SRAM.
Useful for processors that have limited SRAM, such as the AVR family of microtrollers. */
#ifdef WOLFSSL_USE_FLASHMEM
/* This is supported on the avr-gcc compiler, for more information see:
https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html */
#define FLASH_QUALIFIER __flash
/* Copy data out of flash memory and into SRAM */
#define XMEMCPY_P(pdest, psrc, size) memcpy_P((pdest), (psrc), (size))
#else
#define FLASH_QUALIFIER
#endif
#ifdef FREESCALE_MQX_5_0
/* use normal Freescale MQX port, but with minor changes for 5.0 */
#define FREESCALE_MQX
@ -1051,7 +1091,9 @@ extern void uITRON4_free(void *p) ;
/* random seed */
#define NO_OLD_RNGNAME
#if defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0)
#if defined(FREESCALE_NO_RNG)
/* nothing to define */
#elif defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0)
#define FREESCALE_KSDK_2_0_TRNG
#elif defined(FSL_FEATURE_SOC_RNG_COUNT) && (FSL_FEATURE_SOC_RNG_COUNT > 0)
#ifdef FREESCALE_KSDK_1_3
@ -1187,7 +1229,8 @@ extern void uITRON4_free(void *p) ;
#if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \
defined(WOLFSSL_STM32L4)
defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7)
#define SIZEOF_LONG_LONG 8
#ifndef CHAR_BIT
@ -1208,7 +1251,8 @@ extern void uITRON4_free(void *p) ;
#undef STM32_CRYPTO
#define STM32_CRYPTO
#ifdef WOLFSSL_STM32L4
#if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
defined(WOLFSSL_STM32WB)
#define NO_AES_192 /* hardware does not support 192-bit */
#endif
#endif
@ -1221,8 +1265,12 @@ extern void uITRON4_free(void *p) ;
#endif
#define NO_OLD_RNGNAME
#ifdef WOLFSSL_STM32_CUBEMX
#if defined(WOLFSSL_STM32F2)
#if defined(WOLFSSL_STM32F1)
#include "stm32f1xx_hal.h"
#elif defined(WOLFSSL_STM32F2)
#include "stm32f2xx_hal.h"
#elif defined(WOLFSSL_STM32L5)
#include "stm32l5xx_hal.h"
#elif defined(WOLFSSL_STM32L4)
#include "stm32l4xx_hal.h"
#elif defined(WOLFSSL_STM32F4)
@ -1231,6 +1279,10 @@ extern void uITRON4_free(void *p) ;
#include "stm32f7xx_hal.h"
#elif defined(WOLFSSL_STM32F1)
#include "stm32f1xx_hal.h"
#elif defined(WOLFSSL_STM32H7)
#include "stm32h7xx_hal.h"
#elif defined(WOLFSSL_STM32WB)
#include "stm32wbxx_hal.h"
#endif
#if defined(WOLFSSL_CUBEMX_USE_LL) && defined(WOLFSSL_STM32L4)
#include "stm32l4xx_ll_rng.h"
@ -1256,6 +1308,14 @@ extern void uITRON4_free(void *p) ;
#ifdef STM32_HASH
#include "stm32f4xx_hash.h"
#endif
#elif defined(WOLFSSL_STM32L5)
#include "stm32l5xx.h"
#ifdef STM32_CRYPTO
#include "stm32l5xx_cryp.h"
#endif
#ifdef STM32_HASH
#include "stm32l5xx_hash.h"
#endif
#elif defined(WOLFSSL_STM32L4)
#include "stm32l4xx.h"
#ifdef STM32_CRYPTO
@ -1266,11 +1326,14 @@ extern void uITRON4_free(void *p) ;
#endif
#elif defined(WOLFSSL_STM32F7)
#include "stm32f7xx.h"
#elif defined(WOLFSSL_STM32H7)
#include "stm32h7xx.h"
#elif defined(WOLFSSL_STM32F1)
#include "stm32f1xx.h"
#endif
#endif /* WOLFSSL_STM32_CUBEMX */
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || WOLFSSL_STM32F7 */
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 ||
WOLFSSL_STM32L5 || WOLFSSL_STM32F7 || WOLFSSL_STMWB || WOLFSSL_STM32H7 */
#ifdef WOLFSSL_DEOS
#include <deos.h>
#include <timeout.h>
@ -1400,6 +1463,22 @@ extern void uITRON4_free(void *p) ;
#endif
#endif /* MICRIUM */
#if defined(sun) || defined(__sun)
# if defined(__SVR4) || defined(__svr4__)
/* Solaris */
#ifndef WOLFSSL_SOLARIS
#define WOLFSSL_SOLARIS
#endif
# else
/* SunOS */
# endif
#endif
#ifdef WOLFSSL_SOLARIS
/* Avoid naming clash with fp_zero from math.h > ieefp.h */
#define WOLFSSL_DH_CONST
#endif
#ifdef WOLFSSL_MCF5441X
#define BIG_ENDIAN_ORDER
#ifndef SIZEOF_LONG
@ -1544,6 +1623,12 @@ extern void uITRON4_free(void *p) ;
#endif
#endif
/* If DCP is used without SINGLE_THREADED, enforce WOLFSSL_CRYPT_HW_MUTEX */
#if defined(WOLFSSL_IMXRT_DCP) && !defined(SINGLE_THREADED)
#undef WOLFSSL_CRYPT_HW_MUTEX
#define WOLFSSL_CRYPT_HW_MUTEX 1
#endif
#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
!defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) && \
!defined(XMALLOC_OVERRIDE)
@ -2008,6 +2093,60 @@ extern void uITRON4_free(void *p) ;
#endif
#ifdef WOLFSSL_LINUXKM
#ifndef NO_DEV_RANDOM
#define NO_DEV_RANDOM
#endif
#ifndef NO_WRITEV
#define NO_WRITEV
#endif
#ifndef NO_FILESYSTEM
#define NO_FILESYSTEM
#endif
#ifndef NO_STDIO_FILESYSTEM
#define NO_STDIO_FILESYSTEM
#endif
#ifndef WOLFSSL_NO_SOCK
#define WOLFSSL_NO_SOCK
#endif
#ifndef WOLFSSL_DH_CONST
#define WOLFSSL_DH_CONST
#endif
#ifndef WOLFSSL_USER_IO
#define WOLFSSL_USER_IO
#endif
#ifndef USE_WOLF_STRTOK
#define USE_WOLF_STRTOK
#endif
#ifndef WOLFSSL_SP_MOD_WORD_RP
#define WOLFSSL_SP_MOD_WORD_RP
#endif
#ifndef WOLFSSL_OLD_PRIME_CHECK
#define WOLFSSL_OLD_PRIME_CHECK
#endif
#undef HAVE_STRINGS_H
#undef HAVE_ERRNO_H
#undef HAVE_THREAD_LS
#undef WOLFSSL_HAVE_MIN
#undef WOLFSSL_HAVE_MAX
#define SIZEOF_LONG 8
#define SIZEOF_LONG_LONG 8
#define CHAR_BIT 8
#ifndef WOLFSSL_SP_DIV_64
#define WOLFSSL_SP_DIV_64
#endif
#ifndef WOLFSSL_SP_DIV_WORD_HALF
#define WOLFSSL_SP_DIV_WORD_HALF
#endif
#ifndef SP_HALF_SIZE
#define SP_HALF_SIZE 32
#endif
#ifndef SP_HALF_MAX
#define SP_HALF_MAX 4294967295U
#endif
#endif
/* Place any other flags or defines here */
#if defined(WOLFSSL_MYSQL_COMPATIBLE) && defined(_WIN32) \
@ -2196,6 +2335,21 @@ extern void uITRON4_free(void *p) ;
#define WOLFSSL_NO_CONSTCHARCONST
#endif
/* FIPS v1 does not support TLS v1.3 (requires RSA PSS and HKDF) */
#if defined(HAVE_FIPS) && !defined(HAVE_FIPS_VERSION)
#undef WC_RSA_PSS
#undef WOLFSSL_TLS13
#endif
/* For FIPSv2 make sure the ECDSA encoding allows extra bytes
* but make sure users consider enabling it */
#if !defined(NO_STRICT_ECDSA_LEN) && defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
/* ECDSA length checks off by default for CAVP testing
* consider enabling strict checks in production */
#define NO_STRICT_ECDSA_LEN
#endif
#ifdef __cplusplus
} /* extern "C" */

View file

@ -72,6 +72,9 @@
#ifdef WOLFSSL_ESP32WROOM32_CRYPT
#include <libs/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#endif
#ifdef WOLFSSL_IMXRT_DCP
#include <libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h>
#endif
#if !defined(NO_OLD_SHA_NAMES)
#define SHA WC_SHA
@ -101,6 +104,8 @@ enum {
#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
#include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h"
#elif defined(WOLFSSL_PSOC6_CRYPTO)
#include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h"
#else
/* Sha digest */

View file

@ -126,6 +126,10 @@ enum {
#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
#include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h"
#elif defined(WOLFSSL_PSOC6_CRYPTO)
#include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h"
#elif defined(WOLFSSL_IMXRT_DCP)
#include <libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h>
#else
/* wc_Sha256 digest */
@ -142,6 +146,7 @@ struct wc_Sha256 {
word32 loLen; /* length in bytes */
word32 hiLen; /* length in bytes */
void* heap;
#endif
#ifdef WOLFSSL_PIC32MZ_HASH
hashUpdCache cache; /* cache for updates */
#endif
@ -150,7 +155,7 @@ struct wc_Sha256 {
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_SMALL_STACK_CACHE
word32* W;
#endif
#endif /* !FREESCALE_LTC_SHA && !STM32_HASH_SHA2 */
#ifdef WOLFSSL_DEVCRYPTO_HASH
WC_CRYPTODEV ctx;
byte* msg;
@ -168,7 +173,6 @@ struct wc_Sha256 {
int devId;
void* devCtx; /* generic crypto callback context */
#endif
#endif
#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
word32 flags; /* enum wc_HashFlags in hash.h */
#endif

View file

@ -58,7 +58,8 @@ enum {
WC_SHA3_512_DIGEST_SIZE = 64,
WC_SHA3_512_COUNT = 9,
#ifndef HAVE_SELFTEST
#if !defined(HAVE_SELFTEST) || \
defined(HAVE_SELFTEST_VERSION) && (HAVE_SELFTEST_VERSION >= 2)
/* These values are used for HMAC, not SHA-3 directly.
* They come from from FIPS PUB 202. */
WC_SHA3_224_BLOCK_SIZE = 144,

View file

@ -31,6 +31,7 @@
#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <libs/libwolfssl/wolfcrypt/fips.h>
@ -111,6 +112,8 @@ enum {
#ifdef WOLFSSL_IMX6_CAAM
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
#elif defined (WOLFSSL_PSOC6_CRYPTO)
#include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h"
#else
/* wc_Sha512 digest */
struct wc_Sha512 {
@ -153,6 +156,7 @@ WOLFSSL_LOCAL void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data,
#ifdef WOLFSSL_SHA512
WOLFSSL_API int wc_InitSha512(wc_Sha512*);
WOLFSSL_API int wc_InitSha512_ex(wc_Sha512*, void*, int);
WOLFSSL_API int wc_Sha512Update(wc_Sha512*, const byte*, word32);

View file

@ -28,16 +28,22 @@
#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
defined(WOLFSSL_HAVE_SP_ECC)
#ifndef WOLFSSL_LINUXKM
#include <stdint.h>
#endif
#include <libs/libwolfssl/wolfcrypt/integer.h>
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
#include <libs/libwolfssl/wolfcrypt/ecc.h>
#if defined(_MSC_VER)
#ifdef noinline
#define SP_NOINLINE noinline
#elif defined(_MSC_VER)
#define SP_NOINLINE __declspec(noinline)
#elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__) || defined(__KEIL__)
#elif defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
#define SP_NOINLINE _Pragma("inline = never")
#elif defined(__GNUC__) || defined(__KEIL__)
#define SP_NOINLINE __attribute__((noinline))
#else
#define SP_NOINLINE
@ -141,7 +147,18 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ);
int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym);
#endif /*ifdef WOLFSSL_HAVE_SP_ECC */
#ifdef WOLFSSL_SP_NONBLOCK
int sp_ecc_sign_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv,
mp_int* rm, mp_int* sm, mp_int* km, void* heap);
int sp_ecc_verify_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY,
mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
int sp_ecc_sign_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv,
mp_int* rm, mp_int* sm, mp_int* km, void* heap);
int sp_ecc_verify_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY,
mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
#endif /* WOLFSSL_SP_NONBLOCK */
#endif /* WOLFSSL_HAVE_SP_ECC */
#ifdef __cplusplus

View file

@ -19,12 +19,18 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*
DESCRIPTION
This library provides single precision (SP) integer math functions.
*/
#ifndef WOLF_CRYPT_SP_INT_H
#define WOLF_CRYPT_SP_INT_H
#ifndef WOLFSSL_LINUXKM
#include <stdint.h>
#include <limits.h>
#endif
/* Make sure WOLFSSL_SP_ASM build option defined when requested */
#if !defined(WOLFSSL_SP_ASM) && ( \
@ -60,6 +66,7 @@
typedef int32 sp_digit;
typedef uint32 sp_int_digit;
typedef uint64 sp_int_word;
typedef int64 sp_int_sword;
#undef SP_WORD_SIZE
#define SP_WORD_SIZE 32
#elif !defined(WOLFSSL_SP_ASM)
@ -67,6 +74,7 @@
typedef int32_t sp_digit;
typedef uint32_t sp_int_digit;
typedef uint64_t sp_int_word;
typedef int64_t sp_int_sword;
#elif SP_WORD_SIZE == 64
typedef int64_t sp_digit;
typedef uint64_t sp_int_digit;
@ -78,14 +86,14 @@
typedef long int128_t __attribute__ ((mode(TI)));
#endif
typedef uint128_t sp_int_word;
#else
#error Word size not defined
typedef int128_t sp_int_sword;
#endif
#else
#if SP_WORD_SIZE == 32
typedef uint32_t sp_digit;
typedef uint32_t sp_int_digit;
typedef uint64_t sp_int_word;
typedef int64_t sp_int_sword;
#elif SP_WORD_SIZE == 64
typedef uint64_t sp_digit;
typedef uint64_t sp_int_digit;
@ -97,12 +105,28 @@
typedef long int128_t __attribute__ ((mode(TI)));
#endif
typedef uint128_t sp_int_word;
#else
#error Word size not defined
typedef int128_t sp_int_sword;
#endif
#endif
#define SP_MASK (sp_digit)(-1)
#if SP_WORD_SIZE == 32
#define SP_MASK ((sp_int_digit)0xffffffffU)
#elif SP_WORD_SIZE == 64
#define SP_MASK ((sp_int_digit)0xffffffffffffffffUL)
#else
#error Word size not defined
#endif
#if defined(WOLFSSL_HAVE_SP_ECC) && defined(WOLFSSL_SP_NONBLOCK)
typedef struct sp_ecc_ctx {
#ifdef WOLFSSL_SP_384
byte data[48*80]; /* stack data */
#else
byte data[32*80]; /* stack data */
#endif
} sp_ecc_ctx_t;
#endif
#ifdef WOLFSSL_SP_MATH
#include <libs/libwolfssl/wolfcrypt/random.h>
@ -169,9 +193,10 @@ typedef sp_int_digit mp_digit;
MP_API int sp_init(sp_int* a);
MP_API int sp_init_multi(sp_int* a, sp_int* b, sp_int* c, sp_int* d,
sp_int* e, sp_int* f);
MP_API void sp_free(sp_int* a);
MP_API void sp_clear(sp_int* a);
MP_API int sp_unsigned_bin_size(sp_int* a);
MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, int inSz);
MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz);
MP_API int sp_read_radix(sp_int* a, const char* in, int radix);
MP_API int sp_cmp(sp_int* a, sp_int* b);
MP_API int sp_count_bits(sp_int* a);
@ -211,7 +236,6 @@ MP_API void sp_rshb(sp_int* a, int n, sp_int* r);
MP_API int sp_mul_d(sp_int* a, sp_int_digit n, sp_int* r);
#define MP_OKAY 0
#define MP_NO 0
#define MP_YES 1
@ -221,15 +245,17 @@ MP_API int sp_mul_d(sp_int* a, sp_int_digit n, sp_int* r);
#define MP_EQ 0
#define MP_LT -1
#define MP_OKAY 0
#define MP_MEM -2
#define MP_VAL -3
#define FP_WOULDBLOCK -4
#define DIGIT_BIT SP_WORD_SIZE
#define MP_MASK SP_MASK
#define CheckFastMathSettings() 1
#define mp_free(a)
#define mp_free sp_free
#define mp_isodd sp_isodd
#define mp_iseven sp_iseven

View file

@ -432,7 +432,7 @@ MP_API void fp_free(fp_int* a);
/* set to a small digit */
void fp_set(fp_int *a, fp_digit b);
void fp_set_int(fp_int *a, unsigned long b);
int fp_set_int(fp_int *a, unsigned long b);
/* check if a bit is set */
int fp_is_bit_set(fp_int *a, fp_digit b);
@ -459,7 +459,7 @@ void fp_rshd(fp_int *a, int x);
void fp_rshb(fp_int *a, int x);
/* left shift x digits */
void fp_lshd(fp_int *a, int x);
int fp_lshd(fp_int *a, int x);
/* signed comparison */
int fp_cmp(fp_int *a, fp_int *b);
@ -470,19 +470,22 @@ int fp_cmp_mag(fp_int *a, fp_int *b);
/* power of 2 operations */
void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
void fp_mod_2d(fp_int *a, int b, fp_int *c);
void fp_mul_2d(fp_int *a, int b, fp_int *c);
int fp_mul_2d(fp_int *a, int b, fp_int *c);
void fp_2expt (fp_int *a, int b);
void fp_mul_2(fp_int *a, fp_int *c);
int fp_mul_2(fp_int *a, fp_int *c);
void fp_div_2(fp_int *a, fp_int *c);
/* c = a / 2 (mod b) - constant time (a < b and positive) */
int fp_div_2_mod_ct(fp_int *a, fp_int *b, fp_int *c);
/* Counts the number of lsbs which are zero before the first zero bit */
int fp_cnt_lsb(fp_int *a);
/* c = a + b */
void fp_add(fp_int *a, fp_int *b, fp_int *c);
int fp_add(fp_int *a, fp_int *b, fp_int *c);
/* c = a - b */
void fp_sub(fp_int *a, fp_int *b, fp_int *c);
int fp_sub(fp_int *a, fp_int *b, fp_int *c);
/* c = a * b */
int fp_mul(fp_int *a, fp_int *b, fp_int *c);
@ -500,13 +503,13 @@ int fp_mod(fp_int *a, fp_int *b, fp_int *c);
int fp_cmp_d(fp_int *a, fp_digit b);
/* c = a + b */
void fp_add_d(fp_int *a, fp_digit b, fp_int *c);
int fp_add_d(fp_int *a, fp_digit b, fp_int *c);
/* c = a - b */
int fp_sub_d(fp_int *a, fp_digit b, fp_int *c);
/* c = a * b */
void fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
int fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
/* a/b => cb + d == a */
/*int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d);*/
@ -530,6 +533,12 @@ int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/* d = a + b (mod c) */
int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/* d = a - b (mod c) - constant time (a < c and b < c) */
int fp_submod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/* d = a + b (mod c) - constant time (a < c and b < c) */
int fp_addmod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/* c = a * a (mod b) */
int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);
@ -549,10 +558,11 @@ int fp_montgomery_setup(fp_int *a, fp_digit *mp);
/* computes a = B**n mod b without division or multiplication useful for
* normalizing numbers in a Montgomery system.
*/
void fp_montgomery_calc_normalization(fp_int *a, fp_int *b);
int fp_montgomery_calc_normalization(fp_int *a, fp_int *b);
/* computes x/R == x (mod N) via Montgomery Reduction */
int fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
int fp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct);
/* d = a**b (mod c) */
int fp_exptmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
@ -637,7 +647,7 @@ int fp_count_bits(fp_int *a);
int fp_leading_bit(fp_int *a);
int fp_unsigned_bin_size(fp_int *a);
void fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c);
int fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c);
int fp_to_unsigned_bin(fp_int *a, unsigned char *b);
int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c);
int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b);
@ -652,7 +662,7 @@ int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b);
/* VARIOUS LOW LEVEL STUFFS */
void s_fp_add(fp_int *a, fp_int *b, fp_int *c);
int s_fp_add(fp_int *a, fp_int *b, fp_int *c);
void s_fp_sub(fp_int *a, fp_int *b, fp_int *c);
void fp_reverse(unsigned char *s, int len);
@ -728,6 +738,7 @@ int fp_sqr_comba64(fp_int *a, fp_int *b);
#define mp_tohex(M, S) mp_toradix((M), (S), MP_RADIX_HEX)
MP_API int mp_init (mp_int * a);
MP_API int mp_init_copy(fp_int * a, fp_int * b);
MP_API void mp_clear (mp_int * a);
MP_API void mp_free (mp_int * a);
MP_API void mp_forcezero (mp_int * a);
@ -743,6 +754,8 @@ MP_API int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
MP_API int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
MP_API int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_submod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_addmod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_mod(mp_int *a, mp_int *b, mp_int *c);
MP_API int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
MP_API int mp_invmod_mont_ct(mp_int *a, mp_int *b, mp_int *c, fp_digit mp);
@ -791,9 +804,11 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
#ifdef HAVE_ECC
MP_API int mp_sqr(fp_int *a, fp_int *b);
MP_API int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
MP_API int mp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp,
int ct);
MP_API int mp_montgomery_setup(fp_int *a, fp_digit *rho);
MP_API int mp_div_2(fp_int * a, fp_int * b);
MP_API int mp_init_copy(fp_int * a, fp_int * b);
MP_API int mp_div_2_mod_ct(mp_int *a, mp_int *b, mp_int *c);
#endif
#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DSA) || \
@ -817,6 +832,7 @@ MP_API int mp_lcm(fp_int *a, fp_int *b, fp_int *c);
MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);
MP_API int mp_exch(mp_int *a, mp_int *b);
#endif /* WOLFSSL_KEY_GEN */
MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
MP_API int mp_cnt_lsb(fp_int *a);
MP_API int mp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);

View file

@ -22,7 +22,12 @@
/*!
\file wolfssl/wolfcrypt/types.h
*/
/*
DESCRIPTION
This library defines the primitive data types and abstraction macros to
decouple library dependencies with standard string, memory and so on.
*/
#ifndef WOLF_CRYPT_TYPES_H
#define WOLF_CRYPT_TYPES_H
@ -196,10 +201,14 @@
#else
#define WC_INLINE
#endif
#else
#ifdef __GNUC__
#define WC_INLINE __attribute__((unused))
#else
#define WC_INLINE
#endif
#endif
#endif
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
#define INLINE WC_INLINE
@ -244,9 +253,13 @@
#if defined(__GNUC__)
#if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1)))
#undef FALL_THROUGH
#if defined(WOLFSSL_LINUXKM) && defined(fallthrough)
#define FALL_THROUGH fallthrough
#else
#define FALL_THROUGH __attribute__ ((fallthrough));
#endif
#endif
#endif
#endif /* FALL_THROUGH */
/* Micrium will use Visual Studio for compilation but not the Win32 API */
@ -342,10 +355,17 @@
#else
/* just use plain C stdlib stuff if desired */
#include <stdlib.h>
#define XMALLOC(s, h, t) malloc((s))
#define XMALLOC(s, h, t) malloc((size_t)(s))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
#define XREALLOC(p, n, h, t) realloc((p), (size_t)(n))
#endif
#elif defined(WOLFSSL_LINUXKM)
/* the requisite linux/slab.h is included in wc_port.h, with incompatible warnings masked out. */
#define XMALLOC(s, h, t) ({(void)(h); (void)(t); kmalloc(s, GFP_KERNEL);})
#define XFREE(p, h, t) ({void* _xp; (void)(h); _xp = (p); if(_xp) kfree(_xp);})
#define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); krealloc((p), (n), GFP_KERNEL);})
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
&& !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \
@ -375,8 +395,9 @@
#endif /* WOLFSSL_STATIC_MEMORY */
#endif
/* declare/free variable handling for async */
#ifdef WOLFSSL_ASYNC_CRYPT
/* declare/free variable handling for async and smallstack */
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_SMALL_STACK)
#define DECLARE_VAR_IS_HEAP_ALLOC
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
#define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \
@ -389,9 +410,19 @@
})
#define DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
int idx##VAR_NAME; \
int idx##VAR_NAME, inner_idx_##VAR_NAME; \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
if (VAR_NAME[idx##VAR_NAME] == NULL) { \
for (inner_idx_##VAR_NAME = 0; inner_idx_##VAR_NAME < idx##VAR_NAME; inner_idx_##VAR_NAME++) { \
XFREE(VAR_NAME[inner_idx_##VAR_NAME], HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
} \
for (inner_idx_##VAR_NAME = idx##VAR_NAME + 1; inner_idx_##VAR_NAME < VAR_ITEMS; inner_idx_##VAR_NAME++) { \
VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
} \
break; \
} \
}
#define FREE_VAR(VAR_NAME, HEAP) \
XFREE(VAR_NAME, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
@ -406,6 +437,7 @@
#define FREE_ARRAY_DYNAMIC(VAR_NAME, VAR_ITEMS, HEAP) \
FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP)
#else
#undef DECLARE_VAR_IS_HEAP_ALLOC
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
VAR_TYPE VAR_NAME[VAR_SIZE]
#define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \
@ -417,10 +449,20 @@
#define DECLARE_ARRAY_DYNAMIC_DEC(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
int idx##VAR_NAME;
int idx##VAR_NAME, inner_idx_##VAR_NAME;
#define DECLARE_ARRAY_DYNAMIC_EXE(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_TMP_BUFFER); \
if (VAR_NAME[idx##VAR_NAME] == NULL) { \
for (inner_idx_##VAR_NAME = 0; inner_idx_##VAR_NAME < idx##VAR_NAME; inner_idx_##VAR_NAME++) { \
XFREE(VAR_NAME[inner_idx_##VAR_NAME], HEAP, DYNAMIC_TYPE_TMP_BUFFER); \
VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
} \
for (inner_idx_##VAR_NAME = idx##VAR_NAME + 1; inner_idx_##VAR_NAME < VAR_ITEMS; inner_idx_##VAR_NAME++) { \
VAR_NAME[inner_idx_##VAR_NAME] = NULL; \
} \
break; \
} \
}
#define FREE_ARRAY_DYNAMIC(VAR_NAME, VAR_ITEMS, HEAP) \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
@ -438,7 +480,12 @@
#endif
#ifndef STRING_USER
#if defined(WOLFSSL_LINUXKM)
#include <linux/string.h>
#else
#include <string.h>
#endif
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
#define XMEMSET(b,c,l) memset((b),(c),(l))
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
@ -489,8 +536,38 @@
for snprintf */
#include <stdio.h>
#endif
#if defined(WOLFSSL_ESPIDF) && \
(!defined(NO_ASN_TIME) && defined(HAVE_PKCS7))
#include<stdarg.h>
/* later gcc than 7.1 introduces -Wformat-truncation */
/* In cases when truncation is expected the caller needs*/
/* to check the return value from the function so that */
/* compiler doesn't complain. */
/* xtensa-esp32-elf v8.2.0 warns trancation at */
/* GetAsnTimeString() */
static WC_INLINE
int _xsnprintf_(char *s, size_t n, const char *format, ...)
{
va_list ap;
int ret;
if ((int)n <= 0) return -1;
va_start(ap, format);
ret = vsnprintf(s, n, format, ap);
if (ret < 0)
ret = -1;
va_end(ap);
return ret;
}
#define XSNPRINTF _xsnprintf_
#else
#define XSNPRINTF snprintf
#endif
#endif
#else
#if defined(_MSC_VER) || defined(__CYGWIN__) || defined(__MINGW32__)
#if defined(_MSC_VER) && (_MSC_VER >= 1900)
@ -566,7 +643,9 @@
#endif /* OPENSSL_EXTRA */
#ifndef CTYPE_USER
#ifndef WOLFSSL_LINUXKM
#include <ctype.h>
#endif
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA)
#define XTOUPPER(c) toupper((c))

View file

@ -28,24 +28,33 @@
#define WOLF_CRYPT_ENCRYPT_H
#include <libs/libwolfssl/wolfcrypt/types.h>
#include <libs/libwolfssl/wolfcrypt/aes.h>
#include <libs/libwolfssl/wolfcrypt/chacha.h>
#include <libs/libwolfssl/wolfcrypt/des3.h>
#include <libs/libwolfssl/wolfcrypt/arc4.h>
#ifndef NO_AES
#include <libs/libwolfssl/wolfcrypt/aes.h>
#endif
#ifdef HAVE_CHACHA
#include <libs/libwolfssl/wolfcrypt/chacha.h>
#endif
#ifndef NO_DES3
#include <libs/libwolfssl/wolfcrypt/des3.h>
#endif
#ifndef NO_RC4
#include <libs/libwolfssl/wolfcrypt/arc4.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* determine max cipher key size */
/* determine max cipher key size - cannot use enum values here, must be define,
* since WC_MAX_SYM_KEY_SIZE is used in if macro logic. */
#ifndef NO_AES
#define WC_MAX_SYM_KEY_SIZE (AES_MAX_KEY_SIZE/8)
#elif defined(HAVE_CHACHA)
#define WC_MAX_SYM_KEY_SIZE CHACHA_MAX_KEY_SZ
#define WC_MAX_SYM_KEY_SIZE 32 /* CHACHA_MAX_KEY_SZ */
#elif !defined(NO_DES3)
#define WC_MAX_SYM_KEY_SIZE DES3_KEY_SIZE
#define WC_MAX_SYM_KEY_SIZE 24 /* DES3_KEY_SIZE */
#elif !defined(NO_RC4)
#define WC_MAX_SYM_KEY_SIZE RC4_KEY_SIZE
#define WC_MAX_SYM_KEY_SIZE 16 /* RC4_KEY_SIZE */
#else
#define WC_MAX_SYM_KEY_SIZE 32
#endif

View file

@ -6,7 +6,7 @@
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,

View file

@ -54,6 +54,115 @@
#endif
#endif
#ifdef WOLFSSL_LINUXKM
#ifdef HAVE_CONFIG_H
#ifndef PACKAGE_NAME
#error wc_port.h included before config.h
#endif
/* config.h is autogenerated without gating, and is subject to repeat
* inclusions, so gate it out here to keep autodetection masking
* intact:
*/
#undef HAVE_CONFIG_H
#endif
#ifdef BUILDING_WOLFSSL
_Pragma("GCC diagnostic push");
/* we include all the needed kernel headers with these masked out. else
* there are profuse warnings.
*/
_Pragma("GCC diagnostic ignored \"-Wunused-parameter\"");
_Pragma("GCC diagnostic ignored \"-Wpointer-arith\"");
_Pragma("GCC diagnostic ignored \"-Wshadow\"");
_Pragma("GCC diagnostic ignored \"-Wnested-externs\"");
_Pragma("GCC diagnostic ignored \"-Wredundant-decls\"");
_Pragma("GCC diagnostic ignored \"-Wsign-compare\"");
_Pragma("GCC diagnostic ignored \"-Wpointer-sign\"");
_Pragma("GCC diagnostic ignored \"-Wbad-function-cast\"");
#include <linux/kconfig.h>
#include <linux/kernel.h>
#include <linux/version.h>
#include <linux/ctype.h>
#include <linux/init.h>
#include <linux/module.h>
#ifndef SINGLE_THREADED
#include <linux/kthread.h>
#endif
#include <linux/net.h>
#include <linux/slab.h>
#if defined(WOLFSSL_AESNI) || defined(USE_INTEL_SPEEDUP)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#include <asm/i387.h>
#else
#include <asm/simd.h>
#endif
#define SAVE_VECTOR_REGISTERS() kernel_fpu_begin()
#define RESTORE_VECTOR_REGISTERS() kernel_fpu_end()
#elif defined(WOLFSSL_ARMASM)
#include <asm/fpsimd.h>
#define SAVE_VECTOR_REGISTERS() ({ preempt_disable(); fpsimd_preserve_current_state(); })
#define RESTORE_VECTOR_REGISTERS() ({ fpsimd_restore_current_state(); preempt_enable(); })
#else
#define SAVE_VECTOR_REGISTERS() ({})
#define RESTORE_VECTOR_REGISTERS() ({})
#endif
_Pragma("GCC diagnostic pop");
/* remove this multifariously conflicting macro, picked up from
* Linux arch/<arch>/include/asm/current.h.
*/
#undef current
/* prevent gcc's mm_malloc.h from being included, since it unconditionally
* includes stdlib.h, which is kernel-incompatible.
*/
#define _MM_MALLOC_H_INCLUDED
#define malloc(x) kmalloc(x, GFP_KERNEL)
#define free(x) kfree(x)
#define realloc(x,y) krealloc(x, y, GFP_KERNEL)
/* min() and max() in linux/kernel.h over-aggressively type-check, producing
* myriad spurious -Werrors throughout the codebase.
*/
#undef min
#undef max
/* work around namespace conflict between wolfssl/internal.h (enum HandShakeType)
* and linux/key.h (extern int()).
*/
#define key_update wc_key_update
#define lkm_printf(format, args...) printk(KERN_INFO "wolfssl: %s(): " format, __func__, ## args)
#define printf(...) lkm_printf(__VA_ARGS__)
#endif /* BUILDING_WOLFSSL */
/* needed to suppress inclusion of stdio.h in wolfssl/wolfcrypt/types.h */
#define XSNPRINTF snprintf
/* the rigmarole around kstrtol() here is to accommodate its warn-unused-result attribute. */
#define XATOI(s) ({ \
long _xatoi_res = 0; \
int _xatoi_ret = kstrtol(s, 10, &_xatoi_res); \
if (_xatoi_ret != 0) { \
_xatoi_res = 0; \
} \
(int)_xatoi_res; \
})
#else /* ! WOLFSSL_LINUXKM */
#ifdef BUILDING_WOLFSSL
#define SAVE_VECTOR_REGISTERS() do{}while(0)
#define RESTORE_VECTOR_REGISTERS() do{}while(0)
#endif
#endif /* WOLFSSL_LINUXKM */
/* THREADING/MUTEX SECTION */
#ifdef USE_WINDOWS_API
@ -156,9 +265,15 @@
#else
#ifndef SINGLE_THREADED
#ifndef WOLFSSL_USER_MUTEX
#if defined(WOLFSSL_LINUXKM)
#define WOLFSSL_KTHREADS
#else
#define WOLFSSL_PTHREADS
#include <pthread.h>
#endif
#endif
#endif
#if (defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)) && \
!defined(NO_FILESYSTEM)
#include <unistd.h> /* for close of BIO */
@ -192,6 +307,8 @@
typedef CRITICAL_SECTION wolfSSL_Mutex;
#elif defined(WOLFSSL_PTHREADS)
typedef u32 wolfSSL_Mutex; /* pthread_mutex_t = mutex_t = u32 */
#elif defined(WOLFSSL_KTHREADS)
typedef struct mutex wolfSSL_Mutex;
#elif defined(THREADX)
typedef TX_MUTEX wolfSSL_Mutex;
#elif defined(WOLFSSL_DEOS)
@ -238,6 +355,10 @@
typedef struct k_mutex wolfSSL_Mutex;
#elif defined(WOLFSSL_TELIT_M2MB)
typedef M2MB_OS_MTX_HANDLE wolfSSL_Mutex;
#elif defined(WOLFSSL_USER_MUTEX)
/* typedef User_Mutex wolfSSL_Mutex; */
#elif defined(WOLFSSL_LINUXKM)
typedef struct mutex wolfSSL_Mutex;
#else
#error Need a mutex type in multithreaded mode
#endif /* USE_WINDOWS_API */
@ -245,7 +366,7 @@
/* Enable crypt HW mutex for Freescale MMCAU, PIC32MZ or STM32 */
#if defined(FREESCALE_MMCAU) || defined(WOLFSSL_MICROCHIP_PIC32MZ) || \
defined(STM32_CRYPTO)
defined(STM32_CRYPTO) || defined(STM32_HASH) || defined(STM32_RNG)
#ifndef WOLFSSL_CRYPT_HW_MUTEX
#define WOLFSSL_CRYPT_HW_MUTEX 1
#endif
@ -414,6 +535,23 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XBADFILE -1
#define XFGETS(b,s,f) -2 /* Not ported yet */
#elif defined (WOLFSSL_XILINX)
#include "xsdps.h"
#include "ff.h"
/* workaround to declare variable and provide type */
#define XFILE FIL curFile; FIL*
#define XFOPEN(NAME, MODE) ({ FRESULT res; res = f_open(&curFile, (NAME), (FA_OPEN_ALWAYS | FA_WRITE | FA_READ)); (res == FR_OK) ? &curFile : NULL; })
#define XFSEEK(F, O, W) f_lseek((F), (O))
#define XFTELL(F) f_tell((F))
#define XREWIND(F) f_rewind((F))
#define XFREAD(BUF, SZ, AMT, F) ({ FRESULT res; UINT br; res = f_read((F), (BUF), (SZ)*(AMT), &br); (void)br; res; })
#define XFWRITE(BUF, SZ, AMT, F) ({ FRESULT res; UINT written; res = f_write((F), (BUF), (SZ)*(AMT), &written); (void)written; res; })
#define XFCLOSE(F) f_close((F))
#define XSEEK_END 0
#define XBADFILE NULL
#define XFGETS(b,s,f) f_gets((b), (s), (f))
#elif defined(WOLFSSL_USER_FILESYSTEM)
/* To be defined in user_settings.h */
#else
@ -451,6 +589,9 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define MAX_PATH 256
#endif
WOLFSSL_LOCAL int wc_FileLoad(const char* fname, unsigned char** buf,
size_t* bufLen, void* heap);
#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_NUCLEUS) && \
!defined(WOLFSSL_NUCLEUS_1_2)
typedef struct ReadDirCtx {
@ -528,7 +669,9 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define NEED_TMP_TIME
#elif defined(WOLFSSL_XILINX)
#define USER_TIME
#ifndef XTIME
#define XTIME(t1) xilinx_time((t1))
#endif
#include <time.h>
#elif defined(HAVE_RTP_SYS)
@ -553,6 +696,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)
#include <time.h>
extern time_t pic32_time(time_t* timer);
#define XTIME(t1) pic32_time((t1))
#define XGMTIME(c, t) gmtime((c))
@ -637,6 +781,24 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#elif defined(WOLFSSL_LINUXKM)
#ifdef BUILDING_WOLFSSL
/* includes are all above, with incompatible warnings masked out. */
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
typedef __kernel_time_t time_t;
#else
typedef __kernel_time64_t time_t;
#endif
extern time_t time(time_t * timer);
#define XTIME time
#define WOLFSSL_GMTIME
#define XGMTIME(c, t) gmtime(c)
#define NO_TIMEVAL 1
#endif /* BUILDING_WOLFSSL */
#else
/* default */
/* uses complete <time.h> facility */
@ -674,16 +836,17 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif
#endif
#if !defined(XGMTIME) && !defined(TIME_OVERRIDES)
#if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R) || defined(WOLF_C99)
#define XGMTIME(c, t) gmtime((c))
#else
/* Always use gmtime_r if available. */
#if defined(HAVE_GMTIME_R)
#define XGMTIME(c, t) gmtime_r((c), (t))
#define NEED_TMP_TIME
#else
#define XGMTIME(c, t) gmtime((c))
#endif
#endif
#if !defined(XVALIDATE_DATE) && !defined(HAVE_VALIDATE_DATE)
#define USE_WOLF_VALIDDATE
#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
#define XVALIDATE_DATE(d, f, t) wc_ValidateDate((d), (f), (t))
#endif
/* wolf struct tm and time_t */
@ -742,7 +905,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif
#ifndef FILE_BUFFER_SIZE
#define FILE_BUFFER_SIZE 1024 /* default static file buffer size for input,
#define FILE_BUFFER_SIZE 1024 /* default static file buffer size for input, \
will use dynamic buffer if not big enough */
#endif

View file

@ -19,6 +19,11 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*
DESCRIPTION
This library provides big integer math functions.
*/
#ifndef __WOLFMATH_H__
#define __WOLFMATH_H__

View file

@ -94,6 +94,8 @@
#elif defined(WOLFSSL_NUCLEUS_1_2)
#include <externs.h>
#include <errno.h>
#elif defined(WOLFSSL_LINUXKM)
/* the requisite linux/net.h is included in wc_port.h, with incompatible warnings masked out. */
#elif defined(WOLFSSL_ATMEL)
#include "socket/include/socket.h"
#elif defined(INTIME_RTOS)
@ -126,6 +128,8 @@
#include <errno.h>
#elif defined(WOLFSSL_ZEPHYR)
#include <net/socket.h>
#elif defined(MICROCHIP_PIC32)
#include <sys/errno.h>
#elif defined(HAVE_NETX)
#include "nx_api.h"
#include "errno.h"
@ -147,7 +151,6 @@
&& !defined(WOLFSSL_CONTIKI) && !defined(WOLFSSL_WICED) \
&& !defined(WOLFSSL_GNRC) && !defined(WOLFSSL_RIOT_OS)
#include <network.h>
//#include <sys/socket.h>
//#include <arpa/inet.h>
//#include <netinet/in.h>
//#include <netdb.h>
@ -159,7 +162,7 @@
#endif
#endif
#if defined(WOLFSSL_RENESAS_RA6M3G) /* Uses FREERTOS_TCP */
#if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3) /* Uses FREERTOS_TCP */
#include <errno.h>
#endif
@ -294,6 +297,9 @@
#define SEND_FUNCTION send
#define RECV_FUNCTION recv
#elif defined(WOLFSSL_LINUXKM)
#define SEND_FUNCTION linuxkm_send
#define RECV_FUNCTION linuxkm_recv
#else
#define SEND_FUNCTION send
#define RECV_FUNCTION recv

View file

@ -215,7 +215,7 @@ int ImageDownloader::DownloadProcess(int TotalDownloadCount)
fclose(pfile);
MissingImagesCount--;
}
free(file.data);
MEM2_free(file.data);
gprintf("File saved successfully (%s%s)\n", MissingImages[i].gameID.c_str(), MissingImages[i].fileExt);
//! Remove the image from the vector since it's done
@ -298,7 +298,7 @@ void ImageDownloader::DownloadImage(const char *url, const char *gameID, const c
if(PAL && strcmp(CheckedRegion, "EN") != 0)
{
snprintf(downloadURL, sizeof(downloadURL), "%sEN/%s.png", url, gameID);
gprintf(" - Not found.\n%s", downloadURL);
gprintf(" - Not found.\n%s\n", downloadURL);
downloadfile(downloadURL, file);
if(VALID_IMAGE(file))
return;
@ -311,13 +311,13 @@ void ImageDownloader::DownloadImage(const char *url, const char *gameID, const c
lang = "US";
snprintf(downloadURL, sizeof(downloadURL), "%s%s/%s.png", url, lang, gameID);
gprintf(" - Not found.\n%s", downloadURL);
gprintf(" - Not found.\n%s\n", downloadURL);
downloadfile(downloadURL, file);
if(VALID_IMAGE(file))
return;
snprintf(downloadURL, sizeof(downloadURL), "%sOTHER/%s.png", url, gameID);
gprintf(" - Not found.\n%s", downloadURL);
gprintf(" - Not found.\n%s\n", downloadURL);
downloadfile(downloadURL, file);
if(VALID_IMAGE(file))
return;
@ -326,7 +326,7 @@ void ImageDownloader::DownloadImage(const char *url, const char *gameID, const c
{
lang = "RU";
snprintf(downloadURL, sizeof(downloadURL), "%s%s/%s.png", url, lang, gameID);
gprintf(" - Not found.\n%s", downloadURL);
gprintf(" - Not found.\n%s\n", downloadURL);
downloadfile(downloadURL, file);
if(VALID_IMAGE(file))
return;
@ -336,14 +336,14 @@ void ImageDownloader::DownloadImage(const char *url, const char *gameID, const c
{
lang = "FI";
snprintf(downloadURL, sizeof(downloadURL), "%s%s/%s.png", url, lang, gameID);
gprintf(" - Not found.\n%s", downloadURL);
gprintf(" - Not found.\n%s\n", downloadURL);
downloadfile(downloadURL, file);
if(VALID_IMAGE(file))
return;
lang = "SE";
snprintf(downloadURL, sizeof(downloadURL), "%s%s/%s.png", url, lang, gameID);
gprintf(" - Not found.\n%s", downloadURL);
gprintf(" - Not found.\n%s\n", downloadURL);
downloadfile(downloadURL, file);
if(VALID_IMAGE(file))
return;

View file

@ -36,7 +36,7 @@ URL_List::URL_List(const char * url)
Links = (Link_Info *) malloc(sizeof(Link_Info));
if (!Links)
{
free(file.data);
MEM2_free(file.data);
urlcount = -3;
return;
}
@ -71,7 +71,7 @@ URL_List::URL_List(const char * url)
}
free(Links);
Links = NULL;
free(file.data);
MEM2_free(file.data);
urlcount = -4;
break;
}
@ -89,7 +89,7 @@ URL_List::URL_List(const char * url)
}
free(Links);
Links = NULL;
free(file.data);
MEM2_free(file.data);
urlcount = -5;
break;
}
@ -105,7 +105,7 @@ URL_List::URL_List(const char * url)
cnt++;
}
free(file.data);
MEM2_free(file.data);
}
URL_List::~URL_List()

View file

@ -79,7 +79,7 @@ bool Wiinnertag::Send(const char *gameID)
replaceString(sendURL, "{KEY}", tagList[i].second.c_str());
struct download file = {};
file.skip_response = 1;
file.skip_response = true;
downloadfile(sendURL, &file);
}

View file

@ -2,78 +2,112 @@
Code by blackb0x @ GBAtemp.net
This allows the Wii to download from servers that use SNI.
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <network.h>
#include <ogc/lwp_watchdog.h>
#include <unistd.h>
#include "https.h"
#include "gecko.h"
#include "../svnrev.h"
#include "picohttpparser.h"
#include "gecko.h"
#include "https.h"
#include "prompts/ProgressWindow.h"
#include "settings/ProxySettings.h"
#include "utils/base64.h"
u8 loop;
WOLFSSL_SESSION *session;
int https_write(HTTP_INFO *httpinfo, char *buffer, int len)
int https_write(HTTP_INFO *httpinfo, char *buffer, int len, bool proxy)
{
int ret, slen = 0;
while (1)
int ret, pos = 0;
int rlen = len > BLOCK_SIZE ? BLOCK_SIZE : len;
u64 time = gettime();
while (ticks_to_millisecs(diff_ticks(time, gettime())) < READ_WRITE_TIMEOUT)
{
if (httpinfo->use_https)
ret = wolfSSL_write(httpinfo->ssl, &buffer[slen], len - slen);
if (httpinfo->use_https && !proxy)
ret = wolfSSL_write(httpinfo->ssl, &buffer[pos], rlen);
else
ret = net_write(httpinfo->sock, &buffer[slen], len - slen);
if (ret == 0)
continue;
else if (ret <= 0)
return ret; // Timeout would return -1
slen += ret;
if (slen >= len)
break;
}
return slen;
}
int https_read(HTTP_INFO *httpinfo, char *buffer, int len)
{
struct pollsd fds[1];
fds[0].socket = httpinfo->sock;
fds[0].events = POLLIN;
net_fcntl(httpinfo->sock, F_SETFL, 4);
switch (net_poll(fds, 1, READ_WRITE_TIMEOUT))
ret = net_write(httpinfo->sock, &buffer[pos], rlen);
if (ret > 0)
{
case -1:
pos += ret;
rlen = len - pos > BLOCK_SIZE ? BLOCK_SIZE : len - pos;
if (pos >= len)
return pos;
time = gettime();
}
usleep(10000);
}
#ifdef DEBUG_NETWORK
gprintf("net_poll error\n");
#endif
return -1;
case 0:
#ifdef DEBUG_NETWORK
gprintf("The connection timed out\n");
gprintf("The connection timed out (write)\n");
#endif
return -ETIMEDOUT;
default:
net_fcntl(httpinfo->sock, F_SETFL, 0);
if (len > 8192)
len = 8192; // 16KB is the max on a Wii, but 8KB is safe
if (httpinfo->use_https)
return wolfSSL_read(httpinfo->ssl, buffer, len);
return net_read(httpinfo->sock, buffer, len);
}
int https_read(HTTP_INFO *httpinfo, char *buffer, int len, bool proxy)
{
int ret = -ETIMEDOUT;
u64 time = gettime();
if (len > BLOCK_SIZE)
len = BLOCK_SIZE;
while (ticks_to_millisecs(diff_ticks(time, gettime())) < READ_WRITE_TIMEOUT)
{
if (httpinfo->use_https && !proxy)
ret = wolfSSL_read(httpinfo->ssl, buffer, len);
else
ret = net_read(httpinfo->sock, buffer, len);
if (ret >= 0)
return ret;
usleep(10000);
}
#ifdef DEBUG_NETWORK
gprintf("The connection timed out (read)\n");
#endif
return -ETIMEDOUT;
}
int send_callback(__attribute__((unused)) WOLFSSL *ssl, char *buf, int sz, void *ctx)
{
int sent = net_write(*(int *)ctx, buf, sz);
if (sent < 0)
{
if (sent == -EAGAIN)
return WOLFSSL_CBIO_ERR_WANT_WRITE;
else if (sent == -ECONNRESET)
return WOLFSSL_CBIO_ERR_CONN_RST;
else if (sent == -EINTR)
return WOLFSSL_CBIO_ERR_ISR;
else if (sent == -EPIPE)
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
else
return WOLFSSL_CBIO_ERR_GENERAL;
}
return sent;
}
int recv_callback(__attribute__((unused)) WOLFSSL *ssl, char *buf, int sz, void *ctx)
{
int recvd = net_read(*(int *)ctx, buf, sz);
if (recvd < 0)
{
if (recvd == -EAGAIN)
return WOLFSSL_CBIO_ERR_WANT_READ;
else if (recvd == -ECONNRESET)
return WOLFSSL_CBIO_ERR_CONN_RST;
else if (recvd == -EINTR)
return WOLFSSL_CBIO_ERR_ISR;
else if (recvd == -ECONNABORTED)
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
else
return WOLFSSL_CBIO_ERR_GENERAL;
}
else if (recvd == 0)
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
return recvd;
}
void https_close(HTTP_INFO *httpinfo)
{
if (httpinfo->use_https)
{
if (wolfSSL_shutdown(httpinfo->ssl) == SSL_SHUTDOWN_NOT_DONE)
wolfSSL_shutdown(httpinfo->ssl);
wolfSSL_free(httpinfo->ssl);
wolfSSL_CTX_free(httpinfo->ctx);
@ -84,41 +118,42 @@ void https_close(HTTP_INFO *httpinfo)
#endif
}
u8 get_header_value(struct phr_header *headers, size_t num_headers, char *dst, char *header)
bool get_header_value(struct phr_header *headers, size_t num_headers, char *dst, char *header)
{
for (size_t i = 0; i != num_headers; ++i)
{
if (strncasecmp(header, headers[i].name, headers[i].name_len) == 0)
{
strlcpy(dst, headers[i].value, headers[i].value_len + 1);
return 1;
return true;
}
}
return 0;
return false;
}
u64 get_header_value_int(struct phr_header *headers, size_t num_headers, char *header)
{
char header_value[30] = {};
char header_value[30];
if (!get_header_value(headers, num_headers, header_value, header))
return 0;
return strtoull(header_value, NULL, 0);
}
u8 is_chunked(struct phr_header *headers, size_t num_headers)
bool is_chunked(struct phr_header *headers, size_t num_headers)
{
char encoding[10] = {};
char encoding[9];
if (!get_header_value(headers, num_headers, encoding, "transfer-encoding"))
return 0;
return (strcasecmp(encoding, "chunked") == 0) ? 1 : 0;
return false;
return (strcasecmp(encoding, "chunked") == 0);
}
u8 read_chunked(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
bool read_chunked(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
{
struct phr_chunked_decoder decoder = {};
size_t capacity = 4096, rsize;
ssize_t rret, pret;
decoder.consume_trailer = 1;
struct phr_chunked_decoder decoder = {0};
size_t rsize, capacity = 4096;
ssize_t pret;
int ret;
decoder.consume_trailer = true;
#ifdef DEBUG_NETWORK
gprintf("Data is chunked\n");
#endif
@ -127,7 +162,7 @@ u8 read_chunked(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
if (buffer->show_progress)
{
if (ProgressCanceled())
return 0;
return false;
ShowProgress(start_pos, capacity); // Unknown size for chunked transfers
}
if (start_pos == capacity)
@ -136,46 +171,39 @@ u8 read_chunked(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
gprintf("Increased buffer size\n");
#endif
capacity *= 2;
buffer->data = realloc(buffer->data, capacity);
buffer->data = MEM2_realloc(buffer->data, capacity);
}
while ((rret = https_read(httpinfo, &buffer->data[start_pos], capacity - start_pos)) == -1 && errno == EINTR)
;
if (rret <= 0)
{
#ifdef DEBUG_NETWORK
gprintf("IO error\n");
#endif
return 0;
}
rsize = rret;
if ((ret = https_read(httpinfo, &buffer->data[start_pos], capacity - start_pos, false)) < 1)
return false;
rsize = ret;
pret = phr_decode_chunked(&decoder, &buffer->data[start_pos], &rsize);
if (pret == -1)
{
#ifdef DEBUG_NETWORK
gprintf("Parse error\n");
#endif
return 0;
return false;
}
start_pos += rsize;
} while (pret == -2);
buffer->size = start_pos;
buffer->data = realloc(buffer->data, buffer->size);
return 1;
buffer->data = MEM2_realloc(buffer->data, buffer->size);
return true;
}
u8 read_all(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
bool read_all(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
{
size_t capacity = 4096;
ssize_t ret;
int ret;
#ifdef DEBUG_NETWORK
gprintf("Data is not chunked\n");
#endif
while (1)
while (true)
{
if (buffer->show_progress)
{
if (ProgressCanceled())
return 0;
return false;
ShowProgress(start_pos, buffer->content_length);
}
if (start_pos == capacity)
@ -184,81 +212,140 @@ u8 read_all(HTTP_INFO *httpinfo, struct download *buffer, size_t start_pos)
gprintf("Increased buffer size\n");
#endif
capacity *= 2;
buffer->data = realloc(buffer->data, capacity);
buffer->data = MEM2_realloc(buffer->data, capacity);
}
while ((ret = https_read(httpinfo, &buffer->data[start_pos], capacity - start_pos)) == -1 && errno == EINTR)
;
if (ret == 0)
if ((ret = https_read(httpinfo, &buffer->data[start_pos], capacity - start_pos, false)) == 0)
break;
if (ret < 0)
return 0;
return false;
start_pos += ret;
};
buffer->size = start_pos;
buffer->data = realloc(buffer->data, buffer->size);
return 1;
buffer->data = MEM2_realloc(buffer->data, buffer->size);
return (buffer->content_length > 0 && buffer->content_length == start_pos);
}
bool get_response(HTTP_INFO *httpinfo, HTTP_RESPONSE *resp, bool proxy)
{
int rret, minor_version;
size_t msg_len, prevbuflen;
const char *msg;
while (true)
{
if ((rret = https_read(httpinfo, &resp->data[resp->buflen], 1, proxy)) < 1)
return false;
prevbuflen = resp->buflen;
resp->buflen += rret;
// Parse the response
resp->num_headers = sizeof(resp->headers) / sizeof(resp->headers[0]);
if ((resp->pret = phr_parse_response(resp->data, resp->buflen, &minor_version, &resp->status, &msg, &msg_len,
resp->headers, &resp->num_headers, prevbuflen)) > 0)
return true;
else if (resp->pret == -1)
{
#ifdef DEBUG_NETWORK
gprintf("pret error %i\n", resp->pret);
#endif
return false;
}
if (resp->buflen == sizeof(resp->data))
{
#ifdef DEBUG_NETWORK
gprintf("buflen error %lu\n", (unsigned long)resp->buflen);
#endif
return false;
}
}
return false;
}
bool check_ip(char *str)
{
int partA, partB, partC, partD;
char extra;
// We avoid using regex because it increases the file size
return (sscanf(str, "%d.%d.%d.%d%c", &partA, &partB, &partC, &partD, &extra) == 4);
}
bool connect_proxy(HTTP_INFO *httpinfo, char *host, char *username, char *password)
{
HTTP_RESPONSE response = {0};
char request[500];
char credentials[66];
char *auth;
int len;
if (username && password)
{
if (!snprintf(credentials, sizeof(credentials), "%s:%s", username, password))
return false;
if (!(auth = base64(credentials, strlen(credentials), &len)))
return false;
len = snprintf(request, sizeof(request),
"CONNECT %s:%i HTTP/1.1\r\nProxy-Authorization: Basic %s\r\nUser-Agent: curl/7.55.1\r\n\r\n",
host, httpinfo->use_https ? 443 : 80, auth);
MEM2_free(auth);
}
else
len = snprintf(request, sizeof(request),
"CONNECT %s:%i HTTP/1.1\r\nUser-Agent: curl/7.55.1\r\n\r\n",
host, httpinfo->use_https ? 443 : 80);
if (len > 0 && https_write(httpinfo, request, len, true) != len)
return false;
if (get_response(httpinfo, &response, true))
{
if (response.status == 200)
return true;
}
return false;
}
int connect(char *host, u16 port)
{
struct sockaddr_in sin;
s32 sock, ret;
u64 t;
u32 ipaddress = getipbynamecached(host);
if (ipaddress == 0)
return -1;
sock = net_socket(AF_INET, SOCK_STREAM, IPPROTO_IP);
if (sock < 0)
return sock;
memset(&sin, 0, sizeof(struct sockaddr_in));
u32 ipaddress;
u64 time;
#ifdef DEBUG_NETWORK
gprintf("Connecting to %s", host);
#endif
if ((ipaddress = check_ip(host) ? inet_addr(host) : getipbynamecached(host)) == 0)
return -EFAULT;
sin.sin_family = AF_INET;
sin.sin_port = htons(port);
sin.sin_addr.s_addr = ipaddress;
#ifdef DEBUG_NETWORK
gprintf("Connecting to %s (%s)\n", host, inet_ntoa(sin.sin_addr));
if (!check_ip(host))
gprintf(" (%s)", inet_ntoa(sin.sin_addr));
#endif
if ((sock = net_socket(AF_INET, SOCK_STREAM, IPPROTO_IP)) < 0)
return sock;
net_fcntl(sock, F_SETFL, 4);
t = gettime();
while (1)
time = gettime();
while (ticks_to_millisecs(diff_ticks(time, gettime())) < CONNECT_TIMEOUT)
{
if (ticks_to_millisecs(diff_ticks(t, gettime())) > TCP_CONNECT_TIMEOUT)
{
#ifdef DEBUG_NETWORK
gprintf("The connection timed out\n");
#endif
net_close(sock);
return -ETIMEDOUT;
}
ret = net_connect(sock, (struct sockaddr *)&sin, sizeof(sin));
if (ret < 0)
if ((ret = net_connect(sock, (struct sockaddr *)&sin, sizeof(sin))) < 0)
{
if (ret == -EISCONN)
break;
return sock;
if (ret == -EINPROGRESS || ret == -EALREADY)
{
usleep(20 * 1000);
usleep(10000);
continue;
}
net_close(sock);
return ret;
}
break;
}
net_fcntl(sock, F_SETFL, 0);
return sock;
net_close(sock);
return -ETIMEDOUT;
}
void downloadfile(const char *url, struct download *buffer)
{
HTTP_INFO httpinfo;
memset(&httpinfo, 0, sizeof(HTTP_INFO));
HTTP_INFO httpinfo = {0};
// Always reset the size due to the image downloader looping
buffer->size = 0;
// Check if we're using HTTPS and set the path
char *path;
if (strncmp(url, "https://", 8) == 0)
@ -272,33 +359,53 @@ void downloadfile(const char *url, struct download *buffer)
path = strchr(url + 7, '/');
}
else
return; // Prevents uninitialized warning
return;
if (path == NULL)
return;
// Get the host
int domainlength = path - url - 7 - httpinfo.use_https;
char host[domainlength + 1];
strlcpy(host, url + 7 + httpinfo.use_https, domainlength + 1);
// Start connecting
if ((httpinfo.sock = connect(host, httpinfo.use_https ? 443 : 80)) < 0)
if (getProxyAddress() && getProxyPort() > 0)
httpinfo.sock = connect(getProxyAddress(), getProxyPort());
else
httpinfo.sock = connect(host, httpinfo.use_https ? 443 : 80);
if (httpinfo.sock < 0)
{
#ifdef DEBUG_NETWORK
gprintf("Failed to connect to %s\n", host);
if (httpinfo.sock == -ETIMEDOUT)
gprintf("\nFailed to connect (timed out)\n");
else
gprintf("\nFailed to connect (%i)\n", httpinfo.sock);
#endif
return;
}
#ifdef DEBUG_NETWORK
else
gprintf("Connected\n");
gprintf("\nConnected\n");
#endif
// Connect to a web proxy
if (getProxyAddress() && getProxyPort() > 0)
{
if (!connect_proxy(&httpinfo, host, getProxyUsername(), getProxyPassword()))
{
#ifdef DEBUG_NETWORK
gprintf("Failed to connect to proxy (%s:%i)\n", getProxyAddress(), getProxyPort());
#endif
https_close(&httpinfo);
return;
}
session = NULL; // Resume doesn't work with a proxy
#ifdef DEBUG_NETWORK
gprintf("Proxy is ready to receive\n");
#endif
}
// Setup for HTTPS if it's necessary
if (httpinfo.use_https)
{
// Create a new SSL context
// wolfSSLv23_client_method() works, but resume would require further changes
// wolfSSLv23_client_method() works but TLS 1.2 is slightly faster on Wii
if ((httpinfo.ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL)
{
#ifdef DEBUG_NETWORK
@ -318,6 +425,9 @@ void downloadfile(const char *url, struct download *buffer)
https_close(&httpinfo);
return;
}
// Custom I/O is essential due to how libogc handles errors
wolfSSL_SetIOSend(httpinfo.ctx, send_callback);
wolfSSL_SetIORecv(httpinfo.ctx, recv_callback);
// Create a new wolfSSL session
if ((httpinfo.ssl = wolfSSL_new(httpinfo.ctx)) == NULL)
{
@ -345,7 +455,10 @@ void downloadfile(const char *url, struct download *buffer)
session = NULL;
}
// Initiate a handshake
if (wolfSSL_connect(httpinfo.ssl) != SSL_SUCCESS)
u64 time = gettime();
while (true)
{
if (ticks_to_millisecs(diff_ticks(time, gettime())) > CONNECT_TIMEOUT)
{
#ifdef DEBUG_NETWORK
gprintf("SSL handshake failed\n");
@ -353,6 +466,10 @@ void downloadfile(const char *url, struct download *buffer)
https_close(&httpinfo);
return;
}
if (wolfSSL_connect(httpinfo.ssl) == SSL_SUCCESS)
break;
usleep(10000);
}
// Check if we resumed successfully
if (session != NULL && !wolfSSL_session_reused(httpinfo.ssl))
{
@ -370,28 +487,21 @@ void downloadfile(const char *url, struct download *buffer)
gprintf("Using: %s - %s\n", wolfSSL_get_version(httpinfo.ssl), wolfSSL_CIPHER_get_name(cipher));
#endif
}
// Send our request
char request[2300];
char isgecko[36] = "Cookie: challenge=BitMitigate.com\r\n";
char method[5] = "HEAD"; // The only way to get the GameTDB timestamp
char method[5] = "HEAD"; // Get the GameTDB timestamp
int ret, len;
if (strcmp(host, "www.geckocodes.org") != 0)
memset(isgecko, 0, sizeof(isgecko)); // Not geckocodes, so don't set a cookie
if (!buffer->gametdbcheck)
strcpy(method, "GET");
len = snprintf(request, 2300,
len = snprintf(request, sizeof(request),
"%s %s HTTP/1.1\r\n"
"Host: %s\r\n"
"User-Agent: USBLoaderGX/%s\r\n"
"Connection: close\r\n"
"%s"
"Pragma: no-cache\r\n"
"Cache-Control: no-cache\r\n\r\n",
method, path, host, GetRev(), isgecko);
if ((ret = https_write(&httpinfo, request, len)) != len)
method, path, host, GetRev());
if ((ret = https_write(&httpinfo, request, len, false)) != len)
{
#ifdef DEBUG_NETWORK
gprintf("https_write error: %i\n", ret);
@ -399,7 +509,6 @@ void downloadfile(const char *url, struct download *buffer)
https_close(&httpinfo);
return;
}
// Check if we want a response
if (buffer->skip_response)
{
@ -409,56 +518,15 @@ void downloadfile(const char *url, struct download *buffer)
https_close(&httpinfo);
return;
}
// Get the response
char response[4096];
struct phr_header headers[100];
int pret, minor_version, status, dl_valid;
size_t buflen = 0, prevbuflen = 0, num_headers, msg_len;
ssize_t rret;
const char *msg;
while (1)
HTTP_RESPONSE response = {0};
if (!get_response(&httpinfo, &response, false))
{
// Read the response
while ((rret = https_read(&httpinfo, &response[buflen], 1)) == -1 && errno == EINTR)
;
if (rret <= 0)
{
#ifdef DEBUG_NETWORK
gprintf("rret error %i\n", rret);
#endif
https_close(&httpinfo);
return;
}
prevbuflen = buflen;
buflen += rret;
// Parse the response
num_headers = sizeof(headers) / sizeof(headers[0]);
pret = phr_parse_response(response, buflen, &minor_version, &status, &msg, &msg_len, headers, &num_headers, prevbuflen);
if (pret > 0)
break; // Successfully parsed the response
else if (pret == -1)
{
#ifdef DEBUG_NETWORK
gprintf("pret error %i\n", pret);
#endif
https_close(&httpinfo);
return;
}
// Response is incomplete so continue the loop
if (buflen == sizeof(response))
{
#ifdef DEBUG_NETWORK
gprintf("buflen error %i\n", buflen);
#endif
https_close(&httpinfo);
return;
}
}
// The website wants to redirect us
if (status == 301 || status == 302)
if (response.status == 301 || response.status == 302)
{
https_close(&httpinfo);
if (loop == REDIRECT_LIMIT)
@ -469,8 +537,8 @@ void downloadfile(const char *url, struct download *buffer)
return;
}
loop++;
char location[2100] = {};
if (!get_header_value(headers, num_headers, location, "location"))
char location[2049];
if (!get_header_value(response.headers, response.num_headers, location, "location"))
return;
#ifdef DEBUG_NETWORK
gprintf("Redirect #%i - %s\n", loop, location);
@ -483,27 +551,29 @@ void downloadfile(const char *url, struct download *buffer)
// Exit if it's a GameTDB HEAD request
if (buffer->gametdbcheck)
{
buffer->gametdbcheck = get_header_value_int(headers, num_headers, "x-gametdb-timestamp");
buffer->gametdbcheck = get_header_value_int(response.headers, response.num_headers, "x-gametdb-timestamp");
https_close(&httpinfo);
return;
}
// We got what we wanted
if (status == 200)
if (response.status == 200)
{
buffer->data = malloc(4096);
memcpy(buffer->data, &response[pret], buflen - pret);
if (buffer->show_progress)
buffer->content_length = get_header_value_int(headers, num_headers, "content-length");
buffer->data = MEM2_alloc(4096);
memcpy(buffer->data, &response.data[response.pret], response.buflen - response.pret);
// Determine how to read the data
if (is_chunked(headers, num_headers))
dl_valid = read_chunked(&httpinfo, buffer, buflen - pret);
bool dl_valid;
if (is_chunked(response.headers, response.num_headers))
dl_valid = read_chunked(&httpinfo, buffer, response.buflen - response.pret);
else
dl_valid = read_all(&httpinfo, buffer, buflen - pret);
{
buffer->content_length = get_header_value_int(response.headers, response.num_headers, "content-length");
dl_valid = read_all(&httpinfo, buffer, response.buflen - response.pret);
}
// Check if the download is incomplete
if (!dl_valid || buffer->size <= 0)
if (!dl_valid || buffer->size < 1)
{
buffer->size = 0;
free(buffer->data);
MEM2_free(buffer->data);
#ifdef DEBUG_NETWORK
gprintf("Removed incomplete download\n");
#endif
@ -516,16 +586,18 @@ void downloadfile(const char *url, struct download *buffer)
// Finished
https_close(&httpinfo);
#ifdef DEBUG_NETWORK
gprintf("Download size: %llu\n", buffer->size);
gprintf("Headers:\n");
for (size_t i = 0; i != num_headers; ++i)
gprintf("%.*s: %.*s\n", (int)headers[i].name_len, headers[i].name, (int)headers[i].value_len, headers[i].value);
gprintf("Download size: %llu\n", (long long)buffer->size);
gprintf("------------- HEADERS -------------\n");
for (size_t i = 0; i != response.num_headers; ++i)
gprintf("%.*s: %.*s\n", (int)response.headers[i].name_len, response.headers[i].name,
(int)response.headers[i].value_len, response.headers[i].value);
gprintf("------------ COMPLETED ------------\n");
#endif
return;
}
// Close on all other status codes
#ifdef DEBUG_NETWORK
gprintf("Status code: %i - %s\n", status, url);
gprintf("Status code: %i - %s\n", response.status, url);
#endif
https_close(&httpinfo);
}

View file

@ -6,7 +6,10 @@
#define _HTTPS_H_
#include <libs/libwolfssl/ssl.h>
#include "dns.h"
#include "memory/mem2.h"
#include "picohttpparser.h"
#ifdef __cplusplus
extern "C"
@ -15,19 +18,30 @@ extern "C"
// #define DEBUG_NETWORK
#define REDIRECT_LIMIT 3
#define TCP_CONNECT_TIMEOUT 5000
#define READ_WRITE_TIMEOUT 5000
#define CONNECT_TIMEOUT 10000
#define READ_WRITE_TIMEOUT 20000
#define BLOCK_SIZE 8192
struct download
{
u8 skip_response; // Used by WiinnerTag
u8 show_progress; // Used when downloading wiitdb.zip
bool skip_response; // Used by WiinnerTag
bool show_progress; // Used when downloading wiitdb.zip
u64 gametdbcheck; // Used when checking the GameTDB version
u64 content_length;
u64 size;
char *data;
};
typedef struct
{
int status;
int pret;
size_t num_headers;
size_t buflen;
struct phr_header headers[100];
char data[4096];
} HTTP_RESPONSE;
typedef struct
{
u8 use_https;

View file

@ -11,6 +11,7 @@
#include "networkops.h"
#include "https.h"
#include "update.h"
#include "settings/ProxySettings.h"
#define PORT 4299
@ -52,6 +53,7 @@ void Initialize_Network(int retries)
}
else
{
getProxyInfo();
wolfSSL_Init();
networkinitialized = true;
return;

View file

@ -241,6 +241,41 @@ static const char *is_complete(const char *buf, const char *buf_end, size_t last
*valp_ += res_; \
} while (0)
/* returned pointer is always within [buf, buf_end), or null */
static const char *parse_token(const char *buf, const char *buf_end, const char **token, size_t *token_len, char next_char,
int *ret)
{
/* We use pcmpestri to detect non-token characters. This instruction can take no more than eight character ranges (8*2*8=128
* bits that is the size of a SSE register). Due to this restriction, characters `|` and `~` are handled in the slow loop. */
static const char ALIGNED(16) ranges[] = "\x00 " /* control chars and up to SP */
"\"\"" /* 0x22 */
"()" /* 0x28,0x29 */
",," /* 0x2c */
"//" /* 0x2f */
":@" /* 0x3a-0x40 */
"[]" /* 0x5b-0x5d */
"{\xff"; /* 0x7b-0xff */
const char *buf_start = buf;
int found;
buf = findchar_fast(buf, buf_end, ranges, sizeof(ranges) - 1, &found);
if (!found) {
CHECK_EOF();
}
while (1) {
if (*buf == next_char) {
break;
} else if (!token_char_map[(unsigned char)*buf]) {
*ret = -1;
return NULL;
}
++buf;
CHECK_EOF();
}
*token = buf_start;
*token_len = buf - buf_start;
return buf;
}
/* returned pointer is always within [buf, buf_end), or null */
static const char *parse_http_version(const char *buf, const char *buf_end, int *minor_version, int *ret)
{
@ -280,31 +315,10 @@ static const char *parse_headers(const char *buf, const char *buf_end, struct ph
if (!(*num_headers != 0 && (*buf == ' ' || *buf == '\t'))) {
/* parsing name, but do not discard SP before colon, see
* http://www.mozilla.org/security/announce/2006/mfsa2006-33.html */
headers[*num_headers].name = buf;
static const char ALIGNED(16) ranges1[] = "\x00 " /* control chars and up to SP */
"\"\"" /* 0x22 */
"()" /* 0x28,0x29 */
",," /* 0x2c */
"//" /* 0x2f */
":@" /* 0x3a-0x40 */
"[]" /* 0x5b-0x5d */
"{\377"; /* 0x7b-0xff */
int found;
buf = findchar_fast(buf, buf_end, ranges1, sizeof(ranges1) - 1, &found);
if (!found) {
CHECK_EOF();
}
while (1) {
if (*buf == ':') {
break;
} else if (!token_char_map[(unsigned char)*buf]) {
*ret = -1;
if ((buf = parse_token(buf, buf_end, &headers[*num_headers].name, &headers[*num_headers].name_len, ':', ret)) == NULL) {
return NULL;
}
++buf;
CHECK_EOF();
}
if ((headers[*num_headers].name_len = buf - headers[*num_headers].name) == 0) {
if (headers[*num_headers].name_len == 0) {
*ret = -1;
return NULL;
}
@ -352,13 +366,17 @@ static const char *parse_request(const char *buf, const char *buf_end, const cha
}
/* parse request line */
ADVANCE_TOKEN(*method, *method_len);
if ((buf = parse_token(buf, buf_end, method, method_len, ' ', ret)) == NULL) {
return NULL;
}
do {
++buf;
CHECK_EOF();
} while (*buf == ' ');
ADVANCE_TOKEN(*path, *path_len);
do {
++buf;
CHECK_EOF();
} while (*buf == ' ');
if (*method_len == 0 || *path_len == 0) {
*ret = -1;
@ -422,6 +440,7 @@ static const char *parse_response(const char *buf, const char *buf_end, int *min
}
do {
++buf;
CHECK_EOF();
} while (*buf == ' ');
/* parse status code, we want at least [:digit:][:digit:][:digit:]<other char> to try to parse */
if (buf_end - buf < 4) {
@ -437,7 +456,8 @@ static const char *parse_response(const char *buf, const char *buf_end, int *min
if (*msg_len == 0) {
/* ok */
} else if (**msg == ' ') {
/* remove preceding space */
/* Remove preceding space. Successful return from `get_token_to_eol` guarantees that we would hit something other than SP
* before running past the end of the given buffer. */
do {
++*msg;
--*msg_len;

View file

@ -61,7 +61,7 @@ int DownloadFileToPath(const char *url, const char *dest)
StartProgress(tr("Downloading file..."), 0, filename, true, true);
struct download file = {};
file.show_progress = 1;
file.show_progress = true;
downloadfile(url, &file);
if (file.size > 0)
{
@ -73,7 +73,7 @@ int DownloadFileToPath(const char *url, const char *dest)
}
fwrite(file.data, 1, file.size, savefile);
fclose(savefile);
free(file.data);
MEM2_free(file.data);
}
ProgressStop();
ProgressCancelEnable(false);
@ -84,7 +84,7 @@ static bool CheckNewGameTDBVersion(const char *url)
{
gprintf("Checking GameTDB version...\n");
struct download file = {};
file.gametdbcheck = 1;
file.gametdbcheck = true;
downloadfile(url, &file);
if (file.gametdbcheck <= 0)
@ -157,7 +157,7 @@ static void UpdateIconPng()
fwrite(file.data, 1, file.size, pfile);
fclose(pfile);
}
free(file.data);
MEM2_free(file.data);
}
}
@ -175,7 +175,7 @@ static void UpdateMetaXml()
fwrite(file.data, 1, file.size, pfile);
fclose(pfile);
}
free(file.data);
MEM2_free(file.data);
}
}
@ -197,7 +197,7 @@ int CheckUpdate()
if (file.size > 0)
{
revnumber = atoi((char *)file.data);
free(file.data);
MEM2_free(file.data);
}
if (revnumber > currentrev)
@ -233,7 +233,7 @@ static int ApplicationDownload(void)
ptr++;
}
free(file.data);
MEM2_free(file.data);
}
if (newrev <= currentrev)

View file

@ -1522,12 +1522,12 @@ int CodeDownload(const char *id)
else
WindowPrompt(tr("Error"), tr("Could not write file."), tr( "OK" ));
}
free(file.data);
MEM2_free(file.data);
}
else
{
if (file.size > 0)
free(file.data);
MEM2_free(file.data);
snprintf(codeurl, sizeof(codeurl), "%s.txt%s", id, tr(" could not be downloaded."));
WindowPrompt(tr( "Error" ), codeurl, tr( "OK" ));
}

View file

@ -87,6 +87,9 @@ void CSettings::SetDefault()
strlcpy(URL_Discs, "https://art.gametdb.com/wii/disc/", sizeof(URL_Discs));
strlcpy(URL_DiscsCustom, "https://art.gametdb.com/wii/disccustom/", sizeof(URL_DiscsCustom));
strlcpy(URL_GameTDB, "https://www.gametdb.com/wiitdb.zip", sizeof(URL_GameTDB));
ProxyUsername[0] = 0;
ProxyPassword[0] = 0;
ProxyAddress[0] = 0;
theme[0] = 0;
language_path[0] = 0;
ogg_path[0] = 0;
@ -226,6 +229,8 @@ void CSettings::SetDefault()
GCInstallCompressed = OFF;
GCInstallAligned = OFF;
PrivateServer = OFF;
ProxyUseSystem = ON;
ProxyPort = 0;
}
bool CSettings::Load()
@ -499,6 +504,11 @@ bool CSettings::Save()
fprintf(file, "URL_Discs = %s\n", URL_Discs);
fprintf(file, "URL_DiscsCustom = %s\n", URL_DiscsCustom);
fprintf(file, "URL_GameTDB = %s\n", URL_GameTDB);
fprintf(file, "ProxyUseSystem = %d\n", ProxyUseSystem);
fprintf(file, "ProxyUsername = %s\n", ProxyUsername);
fprintf(file, "ProxyPassword = %s\n", ProxyPassword);
fprintf(file, "ProxyAddress = %s\n", ProxyAddress);
fprintf(file, "ProxyPort = %d\n", ProxyPort);
fclose(file);
return true;
@ -1326,6 +1336,34 @@ bool CSettings::SetSetting(char *name, char *value)
strlcpy(URL_GameTDB, value, sizeof(URL_GameTDB));
return true;
}
else if (strcmp(name, "ProxyUseSystem") == 0)
{
ProxyUseSystem = atoi(value);
return true;
}
else if (strcmp(name, "ProxyUsername") == 0)
{
if(strlen(value) > 0)
strlcpy(ProxyUsername, value, sizeof(ProxyUsername));
return true;
}
else if (strcmp(name, "ProxyPassword") == 0)
{
if(strlen(value) > 0)
strlcpy(ProxyPassword, value, sizeof(ProxyPassword));
return true;
}
else if (strcmp(name, "ProxyAddress") == 0)
{
if(strlen(value) > 6)
strlcpy(ProxyAddress, value, sizeof(ProxyAddress));
return true;
}
else if(strcmp(name, "ProxyPort") == 0)
{
ProxyPort = atoi(value);
return true;
}
else if (strcmp(name, "CustomAddress") == 0)
{
if(strlen(value) > 3)

View file

@ -98,6 +98,11 @@ class CSettings
char URL_Discs[300];
char URL_DiscsCustom[300];
char URL_GameTDB[300];
char ProxyUsername[33];
char ProxyPassword[33];
char ProxyAddress[256];
u16 ProxyPort;
short ProxyUseSystem;
short videomode;
short language;
short ocarina;

View file

@ -0,0 +1,74 @@
#include <ogcsys.h>
#include <ogc/isfs.h>
#include <string.h>
#include "ProxySettings.h"
#include "settings/CSettings.h"
#define ALIGN32(x) (((x) + 31) & ~31)
bool proxy_enabled;
bool proxy_creds_enabled;
char proxy_address[256];
u16 proxy_port;
char proxy_username[33];
char proxy_password[33];
void getProxyInfo()
{
char *buffer;
int fd = ISFS_Open("/shared2/sys/net/02/config.dat", ISFS_OPEN_READ);
if (fd >= 0)
{
fstats stats ATTRIBUTE_ALIGN(32);
if (ISFS_GetFileStats(fd, &stats) >= 0)
{
if (stats.file_length == 7004)
{
buffer = (char *)MEM2_alloc(ALIGN32(stats.file_length));
if (buffer)
{
if (ISFS_Read(fd, buffer, stats.file_length) == 7004)
{
proxy_enabled = buffer[44];
proxy_creds_enabled = buffer[45];
strncpy(proxy_address, buffer + 48, sizeof(proxy_address) - 1);
proxy_port = ((buffer[304] & 0xFF) << 8) | (buffer[305] & 0xFF);
strncpy(proxy_username, buffer + 306, sizeof(proxy_username) - 1);
strncpy(proxy_password, buffer + 338, sizeof(proxy_password) - 1);
}
}
MEM2_free(buffer);
}
}
ISFS_Close(fd);
}
}
char *getProxyAddress()
{
if (Settings.ProxyUseSystem)
return proxy_enabled ? proxy_address : NULL;
return (strlen(Settings.ProxyAddress) > 6) ? Settings.ProxyAddress : NULL;
}
u16 getProxyPort()
{
if (Settings.ProxyUseSystem)
return proxy_enabled ? proxy_port : 0;
return Settings.ProxyPort;
}
char *getProxyUsername()
{
if (Settings.ProxyUseSystem)
return proxy_enabled && proxy_creds_enabled ? proxy_username : NULL;
return (strlen(Settings.ProxyUsername) > 0) ? Settings.ProxyUsername : NULL;
}
char *getProxyPassword()
{
if (Settings.ProxyUseSystem)
return proxy_enabled && proxy_creds_enabled ? proxy_password : NULL;
return (strlen(Settings.ProxyPassword) > 0) ? Settings.ProxyPassword : NULL;
}

View file

@ -0,0 +1,17 @@
#ifndef _PROXYSETTINGS_
#define _PROXYSETTINGS_
#ifdef __cplusplus
extern "C"
{
#endif
void getProxyInfo();
char *getProxyAddress();
u16 getProxyPort();
char *getProxyUsername();
char *getProxyPassword();
#ifdef __cplusplus
}
#endif
#endif /* _PROXYSETTINGS_ */

Some files were not shown because too many files have changed in this diff Show more