Update wolfSSL
This commit is contained in:
parent
69de883610
commit
5ee143c499
65 changed files with 2212 additions and 437 deletions
|
@ -169,6 +169,7 @@ enum wolfSSL_ErrorCodes {
|
|||
TLS13_SECRET_CB_E = -438, /* TLS1.3 secret Cb fcn failure */
|
||||
DTLS_SIZE_ERROR = -439, /* Trying to send too much data */
|
||||
NO_CERT_ERROR = -440, /* TLS1.3 - no cert set error */
|
||||
APP_DATA_READY = -441, /* DTLS1.2 application data ready for read */
|
||||
|
||||
/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */
|
||||
|
||||
|
|
|
@ -146,6 +146,8 @@
|
|||
/* do nothing, just don't pick Unix */
|
||||
#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS)
|
||||
/* do nothing */
|
||||
#elif defined(RTTHREAD)
|
||||
/* do nothing */
|
||||
#elif defined(EBSNET)
|
||||
/* do nothing */
|
||||
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
|
||||
|
@ -1692,6 +1694,11 @@ WOLFSSL_LOCAL int CompleteServerHello(WOLFSSL *ssl);
|
|||
WOLFSSL_LOCAL int CheckVersion(WOLFSSL *ssl, ProtocolVersion pv);
|
||||
WOLFSSL_LOCAL int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo,
|
||||
word32 hashSigAlgoSz);
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
WOLFSSL_LOCAL int CreateDevPrivateKey(void** pkey, byte* buffer, word32 length,
|
||||
int hsType, int label, int id,
|
||||
void* heap, int devId);
|
||||
#endif
|
||||
WOLFSSL_LOCAL int DecodePrivateKey(WOLFSSL *ssl, word16* length);
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
WOLFSSL_LOCAL int GetPrivateKeySigSize(WOLFSSL* ssl);
|
||||
|
@ -1713,9 +1720,11 @@ WOLFSSL_LOCAL int HashOutput(WOLFSSL* ssl, const byte* output, int sz,
|
|||
int ivSz);
|
||||
WOLFSSL_LOCAL int HashInput(WOLFSSL* ssl, const byte* input, int sz);
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
|
||||
#ifdef HAVE_SNI
|
||||
#ifndef NO_WOLFSSL_SERVER
|
||||
WOLFSSL_LOCAL int SNI_Callback(WOLFSSL* ssl);
|
||||
#endif
|
||||
#endif
|
||||
#ifdef WOLFSSL_TLS13
|
||||
WOLFSSL_LOCAL int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
|
||||
word16 sz, const byte* aad, word16 aadSz);
|
||||
|
@ -1727,6 +1736,7 @@ WOLFSSL_LOCAL int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input,
|
|||
WOLFSSL_LOCAL int DoTls13ServerHello(WOLFSSL* ssl, const byte* input,
|
||||
word32* inOutIdx, word32 helloSz,
|
||||
byte* extMsgType);
|
||||
WOLFSSL_LOCAL int RestartHandshakeHash(WOLFSSL* ssl);
|
||||
#endif
|
||||
int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int t,
|
||||
int pLen, int content);
|
||||
|
@ -1998,18 +2008,22 @@ struct WOLFSSL_CERT_MANAGER {
|
|||
#ifndef NO_WOLFSSL_CM_VERIFY
|
||||
VerifyCallback verifyCallback; /* Verify callback */
|
||||
#endif
|
||||
CallbackCACache caCacheCallback; /* CA cache addition callback */
|
||||
CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */
|
||||
CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */
|
||||
CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */
|
||||
wolfSSL_Mutex caLock; /* CA list lock */
|
||||
byte crlEnabled; /* is CRL on ? */
|
||||
byte crlCheckAll; /* always leaf, but all ? */
|
||||
byte ocspEnabled; /* is OCSP on ? */
|
||||
byte ocspCheckAll; /* always leaf, but all ? */
|
||||
byte ocspSendNonce; /* send the OCSP nonce ? */
|
||||
byte ocspUseOverrideURL; /* ignore cert's responder, override */
|
||||
byte ocspStaplingEnabled; /* is OCSP Stapling on ? */
|
||||
CallbackCACache caCacheCallback; /* CA cache addition callback */
|
||||
CbMissingCRL cbMissingCRL; /* notify thru cb of missing crl */
|
||||
CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */
|
||||
CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */
|
||||
wolfSSL_Mutex caLock; /* CA list lock */
|
||||
byte crlEnabled:1; /* is CRL on ? */
|
||||
byte crlCheckAll:1; /* always leaf, but all ? */
|
||||
byte ocspEnabled:1; /* is OCSP on ? */
|
||||
byte ocspCheckAll:1; /* always leaf, but all ? */
|
||||
byte ocspSendNonce:1; /* send the OCSP nonce ? */
|
||||
byte ocspUseOverrideURL:1; /* ignore cert responder, override */
|
||||
byte ocspStaplingEnabled:1; /* is OCSP Stapling on ? */
|
||||
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
||||
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
||||
byte ocspMustStaple:1; /* server must respond with staple */
|
||||
#endif
|
||||
|
||||
#ifndef NO_RSA
|
||||
short minRsaKeySz; /* minimum allowed RSA key size */
|
||||
|
@ -2017,6 +2031,8 @@ struct WOLFSSL_CERT_MANAGER {
|
|||
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
|
||||
short minEccKeySz; /* minimum allowed ECC key size */
|
||||
#endif
|
||||
wolfSSL_Mutex refMutex; /* reference count mutex */
|
||||
int refCount; /* reference count */
|
||||
};
|
||||
|
||||
WOLFSSL_LOCAL int CM_SaveCertCache(WOLFSSL_CERT_MANAGER*, const char*);
|
||||
|
@ -2158,14 +2174,16 @@ typedef struct Keys {
|
|||
#ifdef HAVE_TLS_EXTENSIONS
|
||||
|
||||
typedef enum {
|
||||
#ifdef HAVE_SNI
|
||||
TLSX_SERVER_NAME = 0x0000, /* a.k.a. SNI */
|
||||
#endif
|
||||
TLSX_MAX_FRAGMENT_LENGTH = 0x0001,
|
||||
TLSX_TRUSTED_CA_KEYS = 0x0003,
|
||||
TLSX_TRUNCATED_HMAC = 0x0004,
|
||||
TLSX_STATUS_REQUEST = 0x0005, /* a.k.a. OCSP stapling */
|
||||
TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */
|
||||
TLSX_EC_POINT_FORMATS = 0x000b,
|
||||
#if !defined(WOLFSSL_NO_SIGALG)
|
||||
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
|
||||
TLSX_SIGNATURE_ALGORITHMS = 0x000d, /* HELLO_EXT_SIG_ALGO */
|
||||
#endif
|
||||
TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */
|
||||
|
@ -2184,14 +2202,18 @@ typedef enum {
|
|||
TLSX_EARLY_DATA = 0x002a,
|
||||
#endif
|
||||
TLSX_SUPPORTED_VERSIONS = 0x002b,
|
||||
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
||||
TLSX_COOKIE = 0x002c,
|
||||
#endif
|
||||
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
|
||||
TLSX_PSK_KEY_EXCHANGE_MODES = 0x002d,
|
||||
#endif
|
||||
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
|
||||
TLSX_POST_HANDSHAKE_AUTH = 0x0031,
|
||||
#endif
|
||||
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
|
||||
TLSX_SIGNATURE_ALGORITHMS_CERT = 0x0032,
|
||||
#endif
|
||||
TLSX_KEY_SHARE = 0x0033,
|
||||
#endif
|
||||
TLSX_RENEGOTIATION_INFO = 0xff01
|
||||
|
@ -2334,7 +2356,7 @@ typedef struct {
|
|||
union {
|
||||
OcspRequest ocsp;
|
||||
} request;
|
||||
#if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER)
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
buffer response;
|
||||
#endif
|
||||
} CertificateStatusRequest;
|
||||
|
@ -2620,9 +2642,14 @@ enum SetCBIO {
|
|||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_EPHEMERAL
|
||||
/* contains static ephemeral keys */
|
||||
typedef struct {
|
||||
int keyAlgo;
|
||||
DerBuffer* key;
|
||||
#ifndef NO_DH
|
||||
DerBuffer* dhKey;
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
DerBuffer* ecKey;
|
||||
#endif
|
||||
} StaticKeyExchangeInfo_t;
|
||||
#endif
|
||||
|
||||
|
@ -2644,7 +2671,7 @@ struct WOLFSSL_CTX {
|
|||
DerBuffer* certificate;
|
||||
DerBuffer* certChain;
|
||||
/* chain after self, in DER, with leading size for each cert */
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
|
||||
WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names;
|
||||
#endif
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
|
||||
|
@ -2656,8 +2683,9 @@ struct WOLFSSL_CTX {
|
|||
int certChainCnt;
|
||||
#endif
|
||||
DerBuffer* privateKey;
|
||||
byte privateKeyType:7;
|
||||
byte privateKeyType:6;
|
||||
byte privateKeyId:1;
|
||||
byte privateKeyLabel:1;
|
||||
int privateKeySz;
|
||||
int privateKeyDevId;
|
||||
WOLFSSL_CERT_MANAGER* cm; /* our cert manager, ctx owns SSL will use */
|
||||
|
@ -2804,13 +2832,11 @@ struct WOLFSSL_CTX {
|
|||
#ifdef HAVE_EX_DATA
|
||||
WOLFSSL_CRYPTO_EX_DATA ex_data;
|
||||
#endif
|
||||
#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY))
|
||||
#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY))
|
||||
CallbackALPNSelect alpnSelect;
|
||||
void* alpnSelectArg;
|
||||
#endif
|
||||
#if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || \
|
||||
defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) || \
|
||||
defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_OPENSSH) ))
|
||||
#ifdef HAVE_SNI
|
||||
CallbackSniRecv sniRecvCb;
|
||||
void* sniRecvCbArg;
|
||||
#endif
|
||||
|
@ -3214,17 +3240,19 @@ struct WOLFSSL_SESSION {
|
|||
#ifdef HAVE_EX_DATA
|
||||
WOLFSSL_CRYPTO_EX_DATA ex_data;
|
||||
#endif
|
||||
byte side; /* Either WOLFSSL_CLIENT_END or
|
||||
WOLFSSL_SERVER_END */
|
||||
};
|
||||
|
||||
|
||||
WOLFSSL_LOCAL
|
||||
WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte);
|
||||
WOLFSSL_LOCAL
|
||||
int SetSession(WOLFSSL*, WOLFSSL_SESSION*);
|
||||
WOLFSSL_LOCAL WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte);
|
||||
WOLFSSL_LOCAL int SetSession(WOLFSSL*, WOLFSSL_SESSION*);
|
||||
WOLFSSL_LOCAL void FreeSession(WOLFSSL_SESSION*, int);
|
||||
|
||||
typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int, int);
|
||||
|
||||
#ifndef NO_CLIENT_CACHE
|
||||
WOLFSSL_LOCAL
|
||||
WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int);
|
||||
#endif
|
||||
|
||||
|
@ -3312,8 +3340,9 @@ typedef struct Buffers {
|
|||
#ifndef NO_CERTS
|
||||
DerBuffer* certificate; /* WOLFSSL_CTX owns, unless we own */
|
||||
DerBuffer* key; /* WOLFSSL_CTX owns, unless we own */
|
||||
byte keyType:7; /* Type of key: RSA, ECC, Ed25519 */
|
||||
byte keyType:6; /* Type of key: RSA, ECC, Ed25519 */
|
||||
byte keyId:1; /* Key data is an id not data */
|
||||
byte keyLabel:1; /* Key data is a label not data */
|
||||
int keySz; /* Size of RSA key */
|
||||
int keyDevId; /* Device Id for key */
|
||||
DerBuffer* certChain; /* WOLFSSL_CTX owns, unless we own */
|
||||
|
@ -3597,6 +3626,8 @@ struct WOLFSSL_STACK {
|
|||
* (safety measure for freeing and shortcut for count) */
|
||||
#if defined(OPENSSL_ALL)
|
||||
wolf_sk_compare_cb comp;
|
||||
wolf_sk_hash_cb hash_fn;
|
||||
unsigned long hash;
|
||||
#endif
|
||||
|
||||
union {
|
||||
|
@ -3608,7 +3639,9 @@ struct WOLFSSL_STACK {
|
|||
WOLFSSL_CIPHER cipher;
|
||||
WOLFSSL_ACCESS_DESCRIPTION* access;
|
||||
WOLFSSL_X509_EXTENSION* ext;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_CONF_VALUE* conf;
|
||||
#endif
|
||||
void* generic;
|
||||
char* string;
|
||||
WOLFSSL_GENERAL_NAME* gn;
|
||||
|
@ -3629,7 +3662,7 @@ struct WOLFSSL_X509_NAME {
|
|||
WOLFSSL_X509_NAME_ENTRY entry[MAX_NAME_ENTRIES]; /* all entries i.e. CN */
|
||||
WOLFSSL_X509* x509; /* x509 that struct belongs to */
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
|
||||
byte raw[ASN_NAME_MAX];
|
||||
int rawLen;
|
||||
#endif
|
||||
|
@ -3662,6 +3695,7 @@ struct WOLFSSL_X509 {
|
|||
#endif /* (WOLFSSL_SEP || WOLFSSL_QT) && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */
|
||||
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
|
||||
WOLFSSL_STACK* ext_sk; /* Store X509_EXTENSIONS from wolfSSL_X509_get_ext */
|
||||
WOLFSSL_STACK* ext_sk_full; /* Store X509_EXTENSIONS from wolfSSL_X509_get0_extensions */
|
||||
WOLFSSL_STACK* ext_d2i;/* Store d2i extensions from wolfSSL_X509_get_ext_d2i */
|
||||
#endif /* WOLFSSL_QT || OPENSSL_ALL */
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
|
@ -3731,10 +3765,17 @@ struct WOLFSSL_X509 {
|
|||
byte subjAltNameCrit:1;
|
||||
byte authKeyIdSet:1;
|
||||
byte authKeyIdCrit:1;
|
||||
byte issuerSet:1;
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
byte isCSR:1;
|
||||
#endif
|
||||
byte serial[EXTERNAL_SERIAL_SIZE];
|
||||
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
#ifdef OPENSSL_ALL
|
||||
WOLFSSL_X509_ATTRIBUTE* challengePwAttr;
|
||||
#endif
|
||||
char challengePw[CTC_NAME_SIZE]; /* for REQ certs */
|
||||
#endif
|
||||
WOLFSSL_X509_NAME issuer;
|
||||
|
@ -3743,7 +3784,11 @@ struct WOLFSSL_X509 {
|
|||
WOLFSSL_X509_ALGOR algor;
|
||||
WOLFSSL_X509_PUBKEY key;
|
||||
#endif
|
||||
byte issuerSet:1;
|
||||
#if defined(OPENSSL_ALL) || defined(KEEP_OUR_CERT) || defined(KEEP_PEER_CERT) || \
|
||||
defined(SESSION_CERTS)
|
||||
byte notBeforeData[CTC_DATE_SIZE];
|
||||
byte notAfterData[CTC_DATE_SIZE];
|
||||
#endif
|
||||
};
|
||||
|
||||
|
||||
|
@ -4077,6 +4122,9 @@ struct WOLFSSL {
|
|||
int dtls_timeout_init; /* starting timeout value */
|
||||
int dtls_timeout_max; /* maximum timeout value */
|
||||
int dtls_timeout; /* current timeout value, changes */
|
||||
#ifndef NO_ASN_TIME
|
||||
word32 dtls_start_timeout;
|
||||
#endif /* !NO_ASN_TIME */
|
||||
word32 dtls_tx_msg_list_sz;
|
||||
word32 dtls_rx_msg_list_sz;
|
||||
DtlsMsg* dtls_tx_msg_list;
|
||||
|
@ -4259,6 +4307,15 @@ struct WOLFSSL {
|
|||
#ifdef WOLFSSL_STATIC_EPHEMERAL
|
||||
StaticKeyExchangeInfo_t staticKE;
|
||||
#endif
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)
|
||||
/* Added in libest port: allow applications to get the 'tls-unique' Channel
|
||||
* Binding Type (https://tools.ietf.org/html/rfc5929#section-3). This is
|
||||
* used in the EST protocol to bind an enrollment to a TLS session through
|
||||
* 'proof-of-possession' (https://tools.ietf.org/html/rfc7030#section-3.4
|
||||
* and https://tools.ietf.org/html/rfc7030#section-3.5). */
|
||||
byte clientFinished[TLS_FINISHED_SZ];
|
||||
byte serverFinished[TLS_FINISHED_SZ];
|
||||
#endif
|
||||
};
|
||||
|
||||
|
||||
|
@ -4418,6 +4475,7 @@ WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side);
|
|||
WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int IsAtLeastTLSv1_3(const ProtocolVersion pv);
|
||||
WOLFSSL_LOCAL int TLSv1_3_Capable(WOLFSSL* ssl);
|
||||
|
||||
WOLFSSL_LOCAL void FreeHandshakeResources(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree);
|
||||
|
@ -4559,6 +4617,7 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
|
|||
WOLFSSL_LOCAL int DtlsUseSCRKeys(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int DtlsCheckOrder(WOLFSSL* ssl, int order);
|
||||
#endif
|
||||
WOLFSSL_LOCAL int IsSCR(WOLFSSL* ssl);
|
||||
|
||||
WOLFSSL_LOCAL void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out);
|
||||
|
||||
|
@ -4596,6 +4655,7 @@ typedef struct CipherSuiteInfo {
|
|||
byte minor;
|
||||
byte major;
|
||||
#endif
|
||||
byte flags;
|
||||
} CipherSuiteInfo;
|
||||
|
||||
WOLFSSL_LOCAL const CipherSuiteInfo* GetCipherNames(void);
|
||||
|
@ -4617,7 +4677,8 @@ WOLFSSL_LOCAL const char* GetCipherNameIana(const byte cipherSuite0, const byte
|
|||
WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_iana(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int GetCipherSuiteFromName(const char* name, byte* cipherSuite0,
|
||||
byte* cipherSuite);
|
||||
byte* cipherSuite, int* flags);
|
||||
|
||||
|
||||
enum encrypt_side {
|
||||
ENCRYPT_SIDE_ONLY = 1,
|
||||
|
|
Binary file not shown.
|
@ -38,10 +38,12 @@
|
|||
typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\
|
||||
defined(WOLFSSL_HAPROXY)
|
||||
defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
|
||||
typedef struct OcspResponse WOLFSSL_OCSP_BASICRESP;
|
||||
|
||||
typedef struct OcspRequest WOLFSSL_OCSP_CERTID;
|
||||
typedef struct OcspEntry WOLFSSL_OCSP_CERTID;
|
||||
|
||||
typedef struct OcspEntry WOLFSSL_OCSP_SINGLERESP;
|
||||
|
||||
typedef struct OcspRequest WOLFSSL_OCSP_ONEREQ;
|
||||
|
||||
|
@ -62,7 +64,7 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp
|
|||
OcspEntry *entry, OcspRequest *ocspRequest);
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
|
||||
defined(WOLFSSL_APACHE_HTTPD)
|
||||
defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY)
|
||||
|
||||
WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs,
|
||||
WOLFSSL_OCSP_CERTID *id, int *status, int *reason,
|
||||
|
@ -82,8 +84,10 @@ WOLFSSL_API int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs,
|
|||
WOLF_STACK_OF(WOLFSSL_X509) *certs, WOLFSSL_X509_STORE *st, unsigned long flags);
|
||||
|
||||
WOLFSSL_API void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response);
|
||||
#ifndef NO_BIO
|
||||
WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio,
|
||||
OcspResponse** response);
|
||||
#endif
|
||||
WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response,
|
||||
const unsigned char** data, int len);
|
||||
WOLFSSL_API int wolfSSL_i2d_OCSP_RESPONSE(OcspResponse* response,
|
||||
|
@ -100,8 +104,20 @@ WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request,
|
|||
WOLFSSL_API WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req,
|
||||
WOLFSSL_OCSP_CERTID *cid);
|
||||
WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID*);
|
||||
#ifndef NO_BIO
|
||||
WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out,
|
||||
WOLFSSL_OCSP_REQUEST *req);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API int wolfSSL_i2d_OCSP_CERTID(WOLFSSL_OCSP_CERTID *, unsigned char **);
|
||||
WOLFSSL_API const WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_SINGLERESP_get0_id(const WOLFSSL_OCSP_SINGLERESP *single);
|
||||
WOLFSSL_API int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single,
|
||||
int *reason,
|
||||
WOLFSSL_ASN1_TIME **revtime,
|
||||
WOLFSSL_ASN1_TIME **thisupd,
|
||||
WOLFSSL_ASN1_TIME **nextupd);
|
||||
WOLFSSL_API int wolfSSL_OCSP_resp_count(WOLFSSL_OCSP_BASICRESP *bs);
|
||||
WOLFSSL_API WOLFSSL_OCSP_SINGLERESP* wolfSSL_OCSP_resp_get0(WOLFSSL_OCSP_BASICRESP *bs, int idx);
|
||||
|
||||
#endif
|
||||
#ifdef OPENSSL_EXTRA
|
||||
|
|
|
@ -42,26 +42,7 @@
|
|||
* OpenSSL compatibility layer. This makes code working with an AES structure
|
||||
* to need the size of the structure. */
|
||||
typedef struct WOLFSSL_AES_KEY {
|
||||
/* aligned and big enough for Aes from wolfssl/wolfcrypt/aes.h */
|
||||
ALIGN16 void* holder[(376 + WC_ASYNC_DEV_SIZE)/ sizeof(void*)];
|
||||
#ifdef GCM_TABLE
|
||||
/* key-based fast multiplication table. */
|
||||
ALIGN16 void* M0[4096 / sizeof(void*)];
|
||||
#endif /* GCM_TABLE */
|
||||
#if defined(WOLFSSL_DEVCRYPTO) && \
|
||||
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
|
||||
/* large enough for additional devcrypto information */
|
||||
void* devKey[288 / sizeof(void*)];
|
||||
#endif
|
||||
#ifdef WOLFSSL_AFALG
|
||||
void* afalg_holder[288 / sizeof(void*)];
|
||||
#endif
|
||||
#ifdef HAVE_PKCS11
|
||||
void* pkcs11_holder[(AES_MAX_ID_LEN + sizeof(int)) / sizeof(void*)];
|
||||
#endif
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
|
||||
void* async_holder[128 / sizeof(void*)];
|
||||
#endif
|
||||
ALIGN16 void *buf[(sizeof(Aes) / sizeof(void *)) + 1];
|
||||
} WOLFSSL_AES_KEY;
|
||||
typedef WOLFSSL_AES_KEY AES_KEY;
|
||||
|
||||
|
|
|
@ -32,6 +32,10 @@
|
|||
#define ASN1_STRING_set wolfSSL_ASN1_STRING_set
|
||||
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
|
||||
|
||||
#define ASN1_get_object wolfSSL_ASN1_get_object
|
||||
#define d2i_ASN1_OBJECT wolfSSL_d2i_ASN1_OBJECT
|
||||
#define c2i_ASN1_OBJECT wolfSSL_c2i_ASN1_OBJECT
|
||||
|
||||
#define V_ASN1_INTEGER 0x02
|
||||
#define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */
|
||||
#define V_ASN1_NEG 0x100
|
||||
|
@ -66,10 +70,21 @@
|
|||
#define ASN1_TIME_diff wolfSSL_ASN1_TIME_diff
|
||||
#define ASN1_TIME_set wolfSSL_ASN1_TIME_set
|
||||
|
||||
#define V_ASN1_EOC 0
|
||||
#define V_ASN1_OBJECT 6
|
||||
#define V_ASN1_UTF8STRING 12
|
||||
#define V_ASN1_SEQUENCE 16
|
||||
#define V_ASN1_SET 17
|
||||
#define V_ASN1_PRINTABLESTRING 19
|
||||
#define V_ASN1_T61STRING 20
|
||||
#define V_ASN1_IA5STRING 22
|
||||
#define V_ASN1_UTCTIME 23
|
||||
#define V_ASN1_GENERALIZEDTIME 24
|
||||
#define V_ASN1_PRINTABLESTRING 19
|
||||
#define V_ASN1_UNIVERSALSTRING 28
|
||||
#define V_ASN1_BMPSTRING 30
|
||||
|
||||
|
||||
#define V_ASN1_CONSTRUCTED 0x20
|
||||
|
||||
#define ASN1_STRING_FLAG_BITS_LEFT 0x008
|
||||
#define ASN1_STRING_FLAG_NDEF 0x010
|
||||
|
@ -83,6 +98,12 @@ WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER(
|
|||
|
||||
WOLFSSL_API void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value);
|
||||
|
||||
WOLFSSL_API int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag,
|
||||
int *cls, long inLen);
|
||||
|
||||
WOLFSSL_API WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
||||
const unsigned char **pp, long len);
|
||||
|
||||
#ifdef OPENSSL_ALL
|
||||
/* IMPLEMENT_ASN1_FUNCTIONS is strictly for external use only. Internally
|
||||
* we don't use this. Some projects use OpenSSL to implement ASN1 types and
|
||||
|
|
|
@ -40,7 +40,14 @@
|
|||
#define BIO_FLAGS_SHOULD_RETRY WOLFSSL_BIO_FLAG_RETRY
|
||||
|
||||
#define BIO_new_fp wolfSSL_BIO_new_fp
|
||||
#if defined(OPENSSL_ALL) \
|
||||
|| defined(HAVE_STUNNEL) \
|
||||
|| defined(HAVE_LIGHTY) \
|
||||
|| defined(WOLFSSL_MYSQL_COMPATIBLE) \
|
||||
|| defined(WOLFSSL_HAPROXY) \
|
||||
|| defined(OPENSSL_EXTRA)
|
||||
#define BIO_new_file wolfSSL_BIO_new_file
|
||||
#endif
|
||||
#define BIO_new_fp wolfSSL_BIO_new_fp
|
||||
#define BIO_ctrl wolfSSL_BIO_ctrl
|
||||
#define BIO_ctrl_pending wolfSSL_BIO_ctrl_pending
|
||||
|
@ -57,6 +64,7 @@
|
|||
#define BIO_set_write_buf_size wolfSSL_BIO_set_write_buf_size
|
||||
#define BIO_make_bio_pair wolfSSL_BIO_make_bio_pair
|
||||
|
||||
#define BIO_new_fd wolfSSL_BIO_new_fd
|
||||
#define BIO_set_fp wolfSSL_BIO_set_fp
|
||||
#define BIO_get_fp wolfSSL_BIO_get_fp
|
||||
#define BIO_seek wolfSSL_BIO_seek
|
||||
|
@ -123,6 +131,7 @@
|
|||
#define BIO_meth_set_create wolfSSL_BIO_meth_set_create
|
||||
#define BIO_meth_set_destroy wolfSSL_BIO_meth_set_destroy
|
||||
|
||||
#define BIO_snprintf XSNPRINTF
|
||||
|
||||
/* BIO CTRL */
|
||||
#define BIO_CTRL_RESET 1
|
||||
|
@ -149,6 +158,7 @@
|
|||
|
||||
#define BIO_CTRL_DGRAM_QUERY_MTU 40
|
||||
|
||||
#define BIO_FP_TEXT 0x00
|
||||
#define BIO_NOCLOSE 0x00
|
||||
#define BIO_CLOSE 0x01
|
||||
|
||||
|
|
|
@ -40,7 +40,7 @@
|
|||
typedef struct WOLFSSL_BIGNUM {
|
||||
int neg; /* openssh deference */
|
||||
void *internal; /* our big num */
|
||||
#ifdef WOLFSSL_SP_MATH
|
||||
#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
|
||||
sp_int fp;
|
||||
#elif defined(USE_FAST_MATH) && !defined(HAVE_WOLF_BIGINT)
|
||||
fp_int fp;
|
||||
|
@ -49,7 +49,7 @@ typedef struct WOLFSSL_BIGNUM {
|
|||
|
||||
|
||||
#define BN_ULONG WOLFSSL_BN_ULONG
|
||||
#define WOLFSSL_BN_ULONG mp_digit
|
||||
#define WOLFSSL_BN_ULONG unsigned long
|
||||
|
||||
typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
|
||||
typedef struct WOLFSSL_BN_GENCB WOLFSSL_BN_GENCB;
|
||||
|
@ -113,7 +113,7 @@ WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
|
|||
WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM*, int);
|
||||
WOLFSSL_API int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM*, int);
|
||||
WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
|
||||
WOLFSSL_API unsigned long wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*);
|
||||
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*,
|
||||
WOLFSSL_BIGNUM*);
|
||||
|
|
|
@ -34,12 +34,18 @@
|
|||
WOLFSSL_API WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void);
|
||||
WOLFSSL_API int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len);
|
||||
WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf);
|
||||
WOLFSSL_API size_t wolfSSL_strlcpy(char *dst, const char *src, size_t dstSize);
|
||||
WOLFSSL_API size_t wolfSSL_strlcat(char *dst, const char *src, size_t dstSize);
|
||||
|
||||
|
||||
#define BUF_MEM_new wolfSSL_BUF_MEM_new
|
||||
#define BUF_MEM_grow wolfSSL_BUF_MEM_grow
|
||||
#define BUF_MEM_free wolfSSL_BUF_MEM_free
|
||||
|
||||
#define BUF_strdup strdup
|
||||
#define BUF_strlcpy wolfSSL_strlcpy
|
||||
#define BUF_strlcat wolfSSL_strlcat
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
|
|
@ -28,18 +28,76 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
struct WOLFSSL_CONF_VALUE {
|
||||
#include <libs/libwolfssl/wolfcrypt/settings.h>
|
||||
#include <libs/libwolfssl/version.h>
|
||||
|
||||
typedef struct WOLFSSL_CONF_VALUE {
|
||||
char *section;
|
||||
char *name;
|
||||
char *value;
|
||||
};
|
||||
} WOLFSSL_CONF_VALUE;
|
||||
|
||||
struct WOLFSSL_INIT_SETTINGS {
|
||||
char* appname;
|
||||
};
|
||||
/* ssl.h requires WOLFSSL_CONF_VALUE */
|
||||
#include <libs/libwolfssl/ssl.h>
|
||||
|
||||
typedef struct WOLFSSL_CONF_VALUE CONF_VALUE;
|
||||
typedef struct WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS;
|
||||
typedef struct WOLFSSL_CONF {
|
||||
void *meth_data;
|
||||
WOLF_LHASH_OF(WOLFSSL_CONF_VALUE) *data;
|
||||
} WOLFSSL_CONF;
|
||||
|
||||
typedef WOLFSSL_CONF CONF;
|
||||
typedef WOLFSSL_CONF_VALUE CONF_VALUE;
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
|
||||
WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new(void);
|
||||
WOLFSSL_API int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf,
|
||||
WOLFSSL_CONF_VALUE *section, WOLFSSL_CONF_VALUE *value);
|
||||
WOLFSSL_API void wolfSSL_X509V3_conf_free(WOLFSSL_CONF_VALUE *val);
|
||||
|
||||
WOLFSSL_API WOLFSSL_CONF *wolfSSL_NCONF_new(void *meth);
|
||||
WOLFSSL_API char *wolfSSL_NCONF_get_string(const WOLFSSL_CONF *conf,
|
||||
const char *group, const char *name);
|
||||
WOLFSSL_API int wolfSSL_NCONF_get_number(const CONF *conf, const char *group,
|
||||
const char *name, long *result);
|
||||
WOLFSSL_API WOLFSSL_STACK *wolfSSL_NCONF_get_section(
|
||||
const WOLFSSL_CONF *conf, const char *section);
|
||||
WOLFSSL_API int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline);
|
||||
WOLFSSL_API void wolfSSL_NCONF_free(WOLFSSL_CONF *conf);
|
||||
|
||||
WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve(
|
||||
WOLF_LHASH_OF(WOLFSSL_CONF_VALUE) *sk, WOLFSSL_CONF_VALUE *data);
|
||||
|
||||
WOLFSSL_API int wolfSSL_CONF_modules_load(const WOLFSSL_CONF *cnf, const char *appname,
|
||||
unsigned long flags);
|
||||
WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_new_section(WOLFSSL_CONF *conf,
|
||||
const char *section);
|
||||
WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_get_section(WOLFSSL_CONF *conf,
|
||||
const char *section);
|
||||
|
||||
#define sk_CONF_VALUE_new wolfSSL_sk_CONF_VALUE_new
|
||||
#define sk_CONF_VALUE_free wolfSSL_sk_CONF_VALUE_free
|
||||
#define sk_CONF_VALUE_pop_free(a,b) wolfSSL_sk_CONF_VALUE_free(a)
|
||||
#define sk_CONF_VALUE_num wolfSSL_sk_CONF_VALUE_num
|
||||
#define sk_CONF_VALUE_value wolfSSL_sk_CONF_VALUE_value
|
||||
|
||||
#define lh_CONF_VALUE_retrieve wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve
|
||||
#define lh_CONF_VALUE_insert wolfSSL_sk_CONF_VALUE_push
|
||||
|
||||
#define NCONF_new wolfSSL_NCONF_new
|
||||
#define NCONF_free wolfSSL_NCONF_free
|
||||
#define NCONF_get_string wolfSSL_NCONF_get_string
|
||||
#define NCONF_get_section wolfSSL_NCONF_get_section
|
||||
#define NCONF_get_number wolfSSL_NCONF_get_number
|
||||
#define NCONF_load wolfSSL_NCONF_load
|
||||
|
||||
#define CONF_modules_load wolfSSL_CONF_modules_load
|
||||
#define _CONF_new_section wolfSSL_CONF_new_section
|
||||
#define _CONF_get_section wolfSSL_CONF_get_section
|
||||
|
||||
#define X509V3_conf_free wolfSSL_X509V3_conf_free
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
|
|
@ -24,22 +24,32 @@
|
|||
#ifndef WOLFSSL_CRYPTO_H_
|
||||
#define WOLFSSL_CRYPTO_H_
|
||||
|
||||
#include <libs/libwolfssl/openssl/opensslv.h>
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/settings.h>
|
||||
|
||||
#include <libs/libwolfssl/openssl/opensslv.h>
|
||||
#include <libs/libwolfssl/openssl/conf.h>
|
||||
|
||||
#ifdef WOLFSSL_PREFIX
|
||||
#include "prefix_crypto.h"
|
||||
#endif
|
||||
|
||||
typedef struct WOLFSSL_INIT_SETTINGS {
|
||||
char* appname;
|
||||
} WOLFSSL_INIT_SETTINGS;
|
||||
|
||||
typedef WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS;
|
||||
|
||||
WOLFSSL_API const char* wolfSSLeay_version(int type);
|
||||
WOLFSSL_API unsigned long wolfSSLeay(void);
|
||||
WOLFSSL_API unsigned long wolfSSL_OpenSSL_version_num(void);
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#include <stdint.h>
|
||||
|
||||
WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
|
||||
WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
|
||||
|
||||
WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
|
||||
#endif
|
||||
|
||||
#define CRYPTO_THREADID void
|
||||
|
@ -62,14 +72,16 @@ WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
|
|||
#define OPENSSL_free wolfSSL_OPENSSL_free
|
||||
#define OPENSSL_malloc wolfSSL_OPENSSL_malloc
|
||||
|
||||
#ifdef WOLFSSL_QT
|
||||
#define OPENSSL_INIT_ADD_ALL_CIPHERS 0x00000004L
|
||||
#define OPENSSL_INIT_ADD_ALL_DIGESTS 0x00000008L
|
||||
#define OPENSSL_INIT_LOAD_CONFIG 0x00000040L
|
||||
#endif
|
||||
#define OPENSSL_INIT_ENGINE_ALL_BUILTIN 0x00000001L
|
||||
#define OPENSSL_INIT_ADD_ALL_CIPHERS 0x00000004L
|
||||
#define OPENSSL_INIT_ADD_ALL_DIGESTS 0x00000008L
|
||||
#define OPENSSL_INIT_LOAD_CONFIG 0x00000040L
|
||||
|
||||
#define OPENSSL_init_crypto wolfSSL_OPENSSL_init_crypto
|
||||
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
|
||||
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
|
||||
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_EX_DATA)
|
||||
#define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions
|
||||
#define FIPS_mode wolfSSL_FIPS_mode
|
||||
#define FIPS_mode_set wolfSSL_FIPS_mode_set
|
||||
|
@ -86,6 +98,6 @@ typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int i
|
|||
#define CRYPTO_THREAD_r_lock wc_LockMutex
|
||||
#define CRYPTO_THREAD_unlock wc_UnLockMutex
|
||||
|
||||
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
|
||||
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_EX_DATA */
|
||||
|
||||
#endif /* header */
|
||||
|
|
|
@ -26,6 +26,7 @@
|
|||
#define WOLFSSL_DH_H_
|
||||
|
||||
#include <libs/libwolfssl/openssl/bn.h>
|
||||
#include <libs/libwolfssl/openssl/opensslv.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
@ -58,6 +59,7 @@ WOLFSSL_API WOLFSSL_DH *wolfSSL_d2i_DHparams(WOLFSSL_DH **dh,
|
|||
WOLFSSL_API int wolfSSL_i2d_DHparams(const WOLFSSL_DH *dh, unsigned char **out);
|
||||
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new(void);
|
||||
WOLFSSL_API void wolfSSL_DH_free(WOLFSSL_DH*);
|
||||
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_dup(WOLFSSL_DH* dh);
|
||||
|
||||
WOLFSSL_API int wolfSSL_DH_check(const WOLFSSL_DH *dh, int *codes);
|
||||
WOLFSSL_API int wolfSSL_DH_size(WOLFSSL_DH*);
|
||||
|
|
|
@ -301,6 +301,9 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
|
|||
#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
|
||||
#define EC_GROUP_order_bits wolfSSL_EC_GROUP_order_bits
|
||||
#define EC_GROUP_method_of wolfSSL_EC_GROUP_method_of
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
#define EC_GROUP_set_point_conversion_form(...)
|
||||
#endif
|
||||
|
||||
#define EC_METHOD_get_field_type wolfSSL_EC_METHOD_get_field_type
|
||||
|
||||
|
|
|
@ -557,6 +557,9 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_derive_init(WOLFSSL_EVP_PKEY_CTX *ctx);
|
|||
WOLFSSL_API int wolfSSL_EVP_PKEY_derive_set_peer(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY *peer);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
|
||||
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_ctrl_str(WOLFSSL_EVP_PKEY_CTX *ctx,
|
||||
const char *name, const char *value);
|
||||
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
|
||||
unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen);
|
||||
|
@ -569,11 +572,13 @@ WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void);
|
|||
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap);
|
||||
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, const WOLFSSL_EVP_PKEY *from);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid);
|
||||
WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
|
||||
unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type);
|
||||
|
@ -825,11 +830,14 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
|
|||
#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
|
||||
#define EVP_PKEY_up_ref wolfSSL_EVP_PKEY_up_ref
|
||||
#define EVP_PKEY_size wolfSSL_EVP_PKEY_size
|
||||
#define EVP_PKEY_copy_parameters wolfSSL_EVP_PKEY_copy_parameters
|
||||
#define EVP_PKEY_missing_parameters wolfSSL_EVP_PKEY_missing_parameters
|
||||
#define EVP_PKEY_cmp wolfSSL_EVP_PKEY_cmp
|
||||
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
|
||||
#define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id
|
||||
#define EVP_PKEY_get_default_digest_nid wolfSSL_EVP_PKEY_get_default_digest_nid
|
||||
#define EVP_PKEY_id wolfSSL_EVP_PKEY_id
|
||||
#define EVP_PKEY_CTX_ctrl_str wolfSSL_EVP_PKEY_CTX_ctrl_str
|
||||
#define EVP_SignFinal wolfSSL_EVP_SignFinal
|
||||
#define EVP_SignInit wolfSSL_EVP_SignInit
|
||||
#define EVP_SignInit_ex wolfSSL_EVP_SignInit_ex
|
||||
|
@ -917,7 +925,6 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
|
|||
#define EVP_R_PRIVATE_KEY_DECODE_ERROR (-MIN_CODE_E + 100 + 4)
|
||||
|
||||
#define EVP_PKEY_NONE NID_undef
|
||||
#define EVP_PKEY_RSA 6
|
||||
#define EVP_PKEY_RSA2 19
|
||||
#define EVP_PKEY_DH 28
|
||||
#define EVP_CIPHER_mode WOLFSSL_CIPHER_mode
|
||||
|
|
|
@ -1,2 +1,64 @@
|
|||
/* lhash.h
|
||||
*
|
||||
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
/* lhash.h for openSSL */
|
||||
|
||||
#ifndef WOLFSSL_lhash_H_
|
||||
#define WOLFSSL_lhash_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#include <libs/libwolfssl/openssl/ssl.h>
|
||||
|
||||
#ifdef OPENSSL_ALL
|
||||
#define IMPLEMENT_LHASH_HASH_FN(name, type) \
|
||||
unsigned long wolfSSL_##name##_LHASH_HASH(const void *arg) \
|
||||
{ \
|
||||
const type *a = arg; \
|
||||
return name##_hash(a); \
|
||||
}
|
||||
#define IMPLEMENT_LHASH_COMP_FN(name, type) \
|
||||
int wolfSSL_##name##_LHASH_COMP(const void *p1, const void *p2) \
|
||||
{ \
|
||||
const type *_p1 = p1; \
|
||||
const type *_p2 = p2; \
|
||||
return name##_cmp(_p1, _p2); \
|
||||
}
|
||||
|
||||
#define LHASH_HASH_FN(name) wolfSSL_##name##_LHASH_HASH
|
||||
#define LHASH_COMP_FN(name) wolfSSL_##name##_LHASH_COMP
|
||||
|
||||
WOLFSSL_API unsigned long wolfSSL_LH_strhash(const char *str);
|
||||
|
||||
WOLFSSL_API void *wolfSSL_lh_retrieve(WOLFSSL_STACK *sk, void *data);
|
||||
|
||||
#define lh_strhash wolfSSL_LH_strhash
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
#endif /* WOLFSSL_lhash_H_ */
|
||||
|
|
|
@ -30,6 +30,7 @@
|
|||
#define OCSP_REQUEST OcspRequest
|
||||
#define OCSP_RESPONSE OcspResponse
|
||||
#define OCSP_BASICRESP WOLFSSL_OCSP_BASICRESP
|
||||
#define OCSP_SINGLERESP WOLFSSL_OCSP_SINGLERESP
|
||||
#define OCSP_CERTID WOLFSSL_OCSP_CERTID
|
||||
#define OCSP_ONEREQ WOLFSSL_OCSP_ONEREQ
|
||||
|
||||
|
@ -76,6 +77,12 @@
|
|||
|
||||
#define i2d_OCSP_REQUEST_bio wolfSSL_i2d_OCSP_REQUEST_bio
|
||||
|
||||
#define i2d_OCSP_CERTID wolfSSL_i2d_OCSP_CERTID
|
||||
#define OCSP_SINGLERESP_get0_id wolfSSL_OCSP_SINGLERESP_get0_id
|
||||
#define OCSP_single_get0_status wolfSSL_OCSP_single_get0_status
|
||||
#define OCSP_resp_count wolfSSL_OCSP_resp_count
|
||||
#define OCSP_resp_get0 wolfSSL_OCSP_resp_get0
|
||||
|
||||
#endif /* HAVE_OCSP */
|
||||
|
||||
#endif /* WOLFSSL_OCSP_H_ */
|
||||
|
|
|
@ -26,7 +26,11 @@
|
|||
|
||||
|
||||
/* api version compatibility */
|
||||
#if defined(WOLFSSL_APACHE_HTTPD)
|
||||
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x0090810fL) ||\
|
||||
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10100000L) ||\
|
||||
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10001040L)
|
||||
/* valid version */
|
||||
#elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST)
|
||||
/* For Apache httpd, Use 1.1.0 compatibility */
|
||||
#define OPENSSL_VERSION_NUMBER 0x10100000L
|
||||
#elif defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \
|
||||
|
|
|
@ -242,6 +242,9 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh);
|
|||
#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
|
||||
#define PEM_read_bio_ECPrivateKey wolfSSL_PEM_read_bio_ECPrivateKey
|
||||
#define PEM_read_bio_EC_PUBKEY wolfSSL_PEM_read_bio_EC_PUBKEY
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
#define PEM_write_bio_ECPKParameters(...) 0
|
||||
#endif
|
||||
/* EVP_KEY */
|
||||
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
|
||||
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
|
||||
|
|
|
@ -42,6 +42,7 @@
|
|||
/* wolfSSL level using structs from ssl.h and calls down to wolfCrypt */
|
||||
#define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio
|
||||
#define PKCS12_parse wolfSSL_PKCS12_parse
|
||||
#define PKCS12_verify_mac wolfSSL_PKCS12_verify_mac
|
||||
#define PKCS12_create wolfSSL_PKCS12_create
|
||||
#define PKCS12_PBE_add wolfSSL_PKCS12_PBE_add
|
||||
|
||||
|
|
|
@ -43,6 +43,7 @@ typedef struct WOLFSSL_PKCS7
|
|||
PKCS7 pkcs7;
|
||||
unsigned char* data;
|
||||
int len;
|
||||
WOLFSSL_STACK* certs;
|
||||
} WOLFSSL_PKCS7;
|
||||
|
||||
|
||||
|
@ -53,8 +54,12 @@ WOLFSSL_API void wolfSSL_PKCS7_SIGNED_free(PKCS7_SIGNED* p7);
|
|||
WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in,
|
||||
int len);
|
||||
WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7);
|
||||
WOLFSSL_API int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7);
|
||||
WOLFSSL_API int wolfSSL_PKCS7_verify(PKCS7* p7, WOLFSSL_STACK* certs,
|
||||
WOLFSSL_X509_STORE* store, WOLFSSL_BIO* in, WOLFSSL_BIO* out, int flags);
|
||||
WOLFSSL_API int wolfSSL_PKCS7_encode_certs(PKCS7* p7, WOLFSSL_STACK* certs,
|
||||
WOLFSSL_BIO* out);
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7);
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* p7,
|
||||
WOLFSSL_STACK* certs, int flags);
|
||||
WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7);
|
||||
|
@ -65,6 +70,7 @@ WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7);
|
|||
#define PKCS7_SIGNED_free wolfSSL_PKCS7_SIGNED_free
|
||||
#define d2i_PKCS7 wolfSSL_d2i_PKCS7
|
||||
#define d2i_PKCS7_bio wolfSSL_d2i_PKCS7_bio
|
||||
#define i2d_PKCS7_bio wolfSSL_i2d_PKCS7_bio
|
||||
#define PKCS7_verify wolfSSL_PKCS7_verify
|
||||
#define PKCS7_get0_signers wolfSSL_PKCS7_get0_signers
|
||||
#define PEM_write_bio_PKCS7 wolfSSL_PEM_write_bio_PKCS7
|
||||
|
|
|
@ -117,9 +117,16 @@ WOLFSSL_API int wolfSSL_RSA_sign(int type, const unsigned char* m,
|
|||
WOLFSSL_API int wolfSSL_RSA_sign_ex(int type, const unsigned char* m,
|
||||
unsigned int mLen, unsigned char* sigRet,
|
||||
unsigned int* sigLen, WOLFSSL_RSA*, int);
|
||||
WOLFSSL_API int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m,
|
||||
unsigned int mLen, unsigned char* sigRet,
|
||||
unsigned int* sigLen, WOLFSSL_RSA*, int, int);
|
||||
WOLFSSL_API int wolfSSL_RSA_verify(int type, const unsigned char* m,
|
||||
unsigned int mLen, const unsigned char* sig,
|
||||
unsigned int sigLen, WOLFSSL_RSA*);
|
||||
WOLFSSL_API int wolfSSL_RSA_verify_ex(int type, const unsigned char* m,
|
||||
unsigned int mLen, const unsigned char* sig,
|
||||
unsigned int sigLen, WOLFSSL_RSA* rsa,
|
||||
int padding);
|
||||
WOLFSSL_API int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from,
|
||||
unsigned char* to, WOLFSSL_RSA*, int padding);
|
||||
WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA*);
|
||||
|
|
29
source/libs/libwolfssl/openssl/srp.h
Normal file
29
source/libs/libwolfssl/openssl/srp.h
Normal file
|
@ -0,0 +1,29 @@
|
|||
/* srp.h
|
||||
*
|
||||
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#ifndef WOLFSSL_SRP_H_
|
||||
#define WOLFSSL_SRP_H_
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/srp.h>
|
||||
|
||||
#define SRP_MINIMAL_N SRP_MODULUS_MIN_BITS
|
||||
|
||||
#endif /* WOLFSSL_SRP_H_ */
|
|
@ -53,6 +53,8 @@
|
|||
/* all NID_* values are in asn.h */
|
||||
#include <libs/libwolfssl/wolfcrypt/asn.h>
|
||||
|
||||
#include <libs/libwolfssl/openssl/x509.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
@ -67,6 +69,10 @@
|
|||
#undef ASN1_INTEGER
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#include <stdint.h>
|
||||
WOLFSSL_API int wolfSSL_OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
|
||||
#endif
|
||||
|
||||
typedef WOLFSSL SSL;
|
||||
typedef WOLFSSL_SESSION SSL_SESSION;
|
||||
|
@ -100,6 +106,7 @@ typedef WOLFSSL_ASN1_INTEGER ASN1_INTEGER;
|
|||
typedef WOLFSSL_ASN1_OBJECT ASN1_OBJECT;
|
||||
typedef WOLFSSL_ASN1_STRING ASN1_STRING;
|
||||
typedef WOLFSSL_ASN1_TYPE ASN1_TYPE;
|
||||
typedef WOLFSSL_X509_ATTRIBUTE X509_ATTRIBUTE;
|
||||
typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
|
||||
typedef WOLFSSL_dynlock_value CRYPTO_dynlock_value;
|
||||
typedef WOLFSSL_BUF_MEM BUF_MEM;
|
||||
|
@ -279,9 +286,13 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define SSL_CTX_set_cert_verify_callback wolfSSL_CTX_set_cert_verify_callback
|
||||
#define SSL_set_verify wolfSSL_set_verify
|
||||
#define SSL_set_verify_result wolfSSL_set_verify_result
|
||||
#define SSL_verify_client_post_handshake wolfSSL_verify_client_post_handshake
|
||||
#define SSL_set_post_handshake_auth wolfSSL_set_post_handshake_auth
|
||||
#define SSL_CTX_set_post_handshake_auth wolfSSL_CTX_set_post_handshake_auth
|
||||
#define SSL_pending wolfSSL_pending
|
||||
#define SSL_load_error_strings wolfSSL_load_error_strings
|
||||
#define SSL_library_init wolfSSL_library_init
|
||||
#define OPENSSL_init_ssl wolfSSL_OPENSSL_init_ssl
|
||||
#define OpenSSL_add_ssl_algorithms wolfSSL_library_init
|
||||
#define SSL_CTX_set_session_cache_mode wolfSSL_CTX_set_session_cache_mode
|
||||
#define SSL_CTX_set_cipher_list wolfSSL_CTX_set_cipher_list
|
||||
|
@ -297,6 +308,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
|
||||
#define SSL_set_ex_data wolfSSL_set_ex_data
|
||||
#define SSL_get_shutdown wolfSSL_get_shutdown
|
||||
#define SSL_get_finished wolfSSL_get_finished
|
||||
#define SSL_get_peer_finished wolfSSL_get_peer_finished
|
||||
#define SSL_set_rfd wolfSSL_set_rfd
|
||||
#define SSL_set_wfd wolfSSL_set_wfd
|
||||
#define SSL_set_shutdown wolfSSL_set_shutdown
|
||||
|
@ -333,6 +346,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define SSL_MODE_RELEASE_BUFFERS 0x00000010U
|
||||
#define ASN1_BOOLEAN WOLFSSL_ASN1_BOOLEAN
|
||||
#define X509_get_ext wolfSSL_X509_get_ext
|
||||
#define X509_get_ext_by_OBJ wolfSSL_X509_get_ext_by_OBJ
|
||||
#define X509_cmp wolfSSL_X509_cmp
|
||||
#define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object
|
||||
#define X509_EXTENSION_get_critical wolfSSL_X509_EXTENSION_get_critical
|
||||
|
@ -348,11 +362,14 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define DSA_bits wolfSSL_DSA_bits
|
||||
|
||||
#define i2d_X509_bio wolfSSL_i2d_X509_bio
|
||||
#define i2d_X509_REQ_bio wolfSSL_i2d_X509_REQ_bio
|
||||
#define d2i_X509_bio wolfSSL_d2i_X509_bio
|
||||
#define d2i_X509_REQ_bio wolfSSL_d2i_X509_REQ_bio
|
||||
#define d2i_X509_fp wolfSSL_d2i_X509_fp
|
||||
#define i2d_X509 wolfSSL_i2d_X509
|
||||
#define d2i_X509 wolfSSL_d2i_X509
|
||||
#define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509
|
||||
#define PEM_read_bio_X509_REQ wolfSSL_PEM_read_bio_X509_REQ
|
||||
#define PEM_read_bio_X509_CRL wolfSSL_PEM_read_bio_X509_CRL
|
||||
#define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX
|
||||
#define PEM_read_X509 wolfSSL_PEM_read_X509
|
||||
|
@ -363,10 +380,18 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define i2d_PrivateKey wolfSSL_i2d_PrivateKey
|
||||
|
||||
#define i2d_X509_REQ wolfSSL_i2d_X509_REQ
|
||||
#define d2i_X509_REQ wolfSSL_d2i_X509_REQ
|
||||
#define X509_REQ_new wolfSSL_X509_REQ_new
|
||||
#define X509_REQ_free wolfSSL_X509_REQ_free
|
||||
#define X509_REQ_sign wolfSSL_X509_REQ_sign
|
||||
#define X509_REQ_sign_ctx wolfSSL_X509_REQ_sign_ctx
|
||||
#define X509_REQ_add_extensions wolfSSL_X509_REQ_add_extensions
|
||||
#define X509_REQ_add1_attr_by_NID wolfSSL_X509_REQ_add1_attr_by_NID
|
||||
#define X509_REQ_add1_attr_by_txt wolfSSL_X509_REQ_add1_attr_by_txt
|
||||
#define X509_REQ_get_attr_by_NID wolfSSL_X509_REQ_get_attr_by_NID
|
||||
#define X509_REQ_get_attr wolfSSL_X509_REQ_get_attr
|
||||
#define X509_ATTRIBUTE_get0_type wolfSSL_X509_ATTRIBUTE_get0_type
|
||||
#define X509_to_X509_REQ wolfSSL_X509_to_X509_REQ
|
||||
#define X509_REQ_set_subject_name wolfSSL_X509_REQ_set_subject_name
|
||||
#define X509_REQ_set_pubkey wolfSSL_X509_REQ_set_pubkey
|
||||
#define PEM_write_bio_X509_REQ wolfSSL_PEM_write_bio_X509_REQ
|
||||
|
@ -379,14 +404,19 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define X509_get_ext_count wolfSSL_X509_get_ext_count
|
||||
#define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i
|
||||
#define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d
|
||||
#define X509_get0_extensions wolfSSL_X509_get0_extensions
|
||||
#define X509_get_extensions wolfSSL_X509_get0_extensions
|
||||
#define X509_REQ_get_extensions wolfSSL_X509_REQ_get_extensions
|
||||
#define X509_get_ext wolfSSL_X509_get_ext
|
||||
#define X509_get_ext_by_NID wolfSSL_X509_get_ext_by_NID
|
||||
#define X509_get_issuer_name wolfSSL_X509_get_issuer_name
|
||||
#define X509_issuer_name_hash wolfSSL_X509_issuer_name_hash
|
||||
#define X509_get_subject_name wolfSSL_X509_get_subject_name
|
||||
#define X509_subject_name_hash wolfSSL_X509_subject_name_hash
|
||||
#define X509_get_subject_name wolfSSL_X509_get_subject_name
|
||||
#define X509_REQ_get_subject_name wolfSSL_X509_get_subject_name
|
||||
#define X509_get_pubkey wolfSSL_X509_get_pubkey
|
||||
#define X509_get0_pubkey wolfSSL_X509_get_pubkey
|
||||
#define X509_REQ_get_pubkey wolfSSL_X509_get_pubkey
|
||||
#define X509_get_notBefore wolfSSL_X509_get_notBefore
|
||||
#define X509_get0_notBefore wolfSSL_X509_get_notBefore
|
||||
#define X509_get_notAfter wolfSSL_X509_get_notAfter
|
||||
|
@ -408,12 +438,22 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define X509_set_notBefore wolfSSL_X509_set_notBefore
|
||||
#define X509_set_serialNumber wolfSSL_X509_set_serialNumber
|
||||
#define X509_set_version wolfSSL_X509_set_version
|
||||
#define X509_REQ_set_version wolfSSL_X509_set_version
|
||||
#define X509_sign wolfSSL_X509_sign
|
||||
#define X509_sign_ctx wolfSSL_X509_sign_ctx
|
||||
#define X509_print wolfSSL_X509_print
|
||||
#define X509_REQ_print wolfSSL_X509_print
|
||||
#define X509_print_ex wolfSSL_X509_print_ex
|
||||
#define X509_print_fp wolfSSL_X509_print_fp
|
||||
#define X509_REQ_print_fp wolfSSL_X509_print_fp
|
||||
#define X509_signature_print wolfSSL_X509_signature_print
|
||||
#define X509_get0_signature wolfSSL_X509_get0_signature
|
||||
#define X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string
|
||||
#define X509_verify_cert wolfSSL_X509_verify_cert
|
||||
#define X509_verify wolfSSL_X509_verify
|
||||
#define X509_REQ_verify wolfSSL_X509_REQ_verify
|
||||
#define X509_check_private_key wolfSSL_X509_check_private_key
|
||||
#define X509_REQ_check_private_key wolfSSL_X509_check_private_key
|
||||
#define X509_check_ca wolfSSL_X509_check_ca
|
||||
#define X509_check_host wolfSSL_X509_check_host
|
||||
#define X509_check_ip_asc wolfSSL_X509_check_ip_asc
|
||||
|
@ -421,6 +461,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define X509_check_issued wolfSSL_X509_check_issued
|
||||
#define X509_dup wolfSSL_X509_dup
|
||||
#define X509_add_ext wolfSSL_X509_add_ext
|
||||
#define X509_delete_ext wolfSSL_X509_delete_ext
|
||||
|
||||
#define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object
|
||||
#define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data
|
||||
|
@ -452,6 +493,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define sk_X509_INFO_pop wolfSSL_sk_X509_INFO_pop
|
||||
#define sk_X509_INFO_pop_free wolfSSL_sk_X509_INFO_pop_free
|
||||
#define sk_X509_INFO_free wolfSSL_sk_X509_INFO_free
|
||||
#define sk_X509_INFO_shift wolfSSL_sk_X509_INFO_pop
|
||||
|
||||
#define i2d_X509_NAME wolfSSL_i2d_X509_NAME
|
||||
#define d2i_X509_NAME wolfSSL_d2i_X509_NAME
|
||||
|
@ -468,9 +510,11 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
|||
#define X509_NAME_add_entry wolfSSL_X509_NAME_add_entry
|
||||
#define X509_NAME_add_entry_by_txt wolfSSL_X509_NAME_add_entry_by_txt
|
||||
#define X509_NAME_add_entry_by_NID wolfSSL_X509_NAME_add_entry_by_NID
|
||||
#define X509_NAME_delete_entry wolfSSL_X509_NAME_delete_entry
|
||||
#define X509_NAME_oneline wolfSSL_X509_NAME_oneline
|
||||
#define X509_NAME_get_index_by_NID wolfSSL_X509_NAME_get_index_by_NID
|
||||
#define X509_NAME_print_ex wolfSSL_X509_NAME_print_ex
|
||||
#define X509_NAME_print_ex_fp wolfSSL_X509_NAME_print_ex_fp
|
||||
#define X509_NAME_digest wolfSSL_X509_NAME_digest
|
||||
#define X509_cmp_current_time wolfSSL_X509_cmp_current_time
|
||||
#define X509_cmp_time wolfSSL_X509_cmp_time
|
||||
|
@ -511,6 +555,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
|
|||
#define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free
|
||||
#define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain
|
||||
#define X509_STORE_CTX_get1_chain wolfSSL_X509_STORE_CTX_get1_chain
|
||||
#define X509_STORE_CTX_get0_parent_ctx wolfSSL_X509_STORE_CTX_get0_parent_ctx
|
||||
#define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error
|
||||
#define X509_STORE_CTX_get_error_depth wolfSSL_X509_STORE_CTX_get_error_depth
|
||||
#define X509_STORE_CTX_init wolfSSL_X509_STORE_CTX_init
|
||||
|
@ -563,6 +608,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED
|
||||
|
||||
#define X509_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY
|
||||
#define X509_REQ_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY
|
||||
#define X509_get0_tbs_sigalg wolfSSL_X509_get0_tbs_sigalg
|
||||
#define X509_PUBKEY_get0_param wolfSSL_X509_PUBKEY_get0_param
|
||||
#define X509_PUBKEY_get wolfSSL_X509_PUBKEY_get
|
||||
|
@ -610,6 +656,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define BIO_set_write_buffer_size wolfSSL_BIO_set_write_buffer_size
|
||||
#define BIO_f_ssl wolfSSL_BIO_f_ssl
|
||||
#define BIO_new_socket wolfSSL_BIO_new_socket
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
#define BIO_new_connect wolfSSL_BIO_new_connect
|
||||
#define BIO_set_conn_port wolfSSL_BIO_set_conn_port
|
||||
#define BIO_do_connect wolfSSL_BIO_do_connect
|
||||
#endif
|
||||
#define SSL_set_bio wolfSSL_set_bio
|
||||
#define BIO_set_ssl wolfSSL_BIO_set_ssl
|
||||
#define BIO_eof wolfSSL_BIO_eof
|
||||
|
@ -652,15 +703,22 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
|
||||
#define sk_ASN1_OBJECT_free wolfSSL_sk_ASN1_OBJECT_free
|
||||
|
||||
#define ASN1_TIME_new wolfSSL_ASN1_TIME_new
|
||||
#define ASN1_UTCTIME_new wolfSSL_ASN1_TIME_new
|
||||
#define ASN1_TIME_free wolfSSL_ASN1_TIME_free
|
||||
#define ASN1_UTCTIME_free wolfSSL_ASN1_TIME_free
|
||||
#define ASN1_TIME_adj wolfSSL_ASN1_TIME_adj
|
||||
#define ASN1_TIME_print wolfSSL_ASN1_TIME_print
|
||||
#define ASN1_TIME_to_generalizedtime wolfSSL_ASN1_TIME_to_generalizedtime
|
||||
#define ASN1_TIME_set wolfSSL_ASN1_TIME_set
|
||||
#define ASN1_TIME_set_string wolfSSL_ASN1_TIME_set_string
|
||||
#define ASN1_TIME_to_string wolfSSL_ASN1_TIME_to_string
|
||||
#define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print
|
||||
#define ASN1_GENERALIZEDTIME_free wolfSSL_ASN1_GENERALIZEDTIME_free
|
||||
|
||||
#define ASN1_tag2str wolfSSL_ASN1_tag2str
|
||||
|
||||
#define a2i_ASN1_INTEGER wolfSSL_a2i_ASN1_INTEGER
|
||||
#define i2a_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER
|
||||
#define i2c_ASN1_INTEGER wolfSSL_i2c_ASN1_INTEGER
|
||||
#define ASN1_INTEGER_new wolfSSL_ASN1_INTEGER_new
|
||||
|
@ -673,13 +731,22 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define i2a_ASN1_OBJECT wolfSSL_i2a_ASN1_OBJECT
|
||||
#define i2d_ASN1_OBJECT wolfSSL_i2d_ASN1_OBJECT
|
||||
|
||||
#define ASN1_STRING_new wolfSSL_ASN1_STRING_new
|
||||
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
|
||||
#define ASN1_STRING_cmp wolfSSL_ASN1_STRING_cmp
|
||||
#define ASN1_STRING_data wolfSSL_ASN1_STRING_data
|
||||
#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data
|
||||
#define ASN1_STRING_length wolfSSL_ASN1_STRING_length
|
||||
#define ASN1_STRING_to_UTF8 wolfSSL_ASN1_STRING_to_UTF8
|
||||
#define ASN1_UNIVERSALSTRING_to_string wolfSSL_ASN1_UNIVERSALSTRING_to_string
|
||||
#define ASN1_STRING_print_ex wolfSSL_ASN1_STRING_print_ex
|
||||
#define ASN1_STRING_print(x, y) wolfSSL_ASN1_STRING_print ((WOLFSSL_BIO*)(x), (WOLFSSL_ASN1_STRING*)(y))
|
||||
#define d2i_DISPLAYTEXT wolfSSL_d2i_DISPLAYTEXT
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
#define ASN1_STRING_set_default_mask_asc(...) 1
|
||||
#endif
|
||||
|
||||
#define ASN1_PRINTABLE_type(...) V_ASN1_PRINTABLESTRING
|
||||
|
||||
#define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr
|
||||
|
||||
|
@ -800,6 +867,13 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define PEMerr(func, reason) WOLFSSL_ERROR_LINE((reason), \
|
||||
NULL, __LINE__, __FILE__, NULL)
|
||||
#endif
|
||||
#ifndef WOLFCRYPT_ONLY
|
||||
#define EVPerr(func, reason) wolfSSL_ERR_put_error(ERR_LIB_EVP, \
|
||||
(func), (reason), __FILE__, __LINE__)
|
||||
#else
|
||||
#define EVPerr(func, reason) WOLFSSL_ERROR_LINE((reason), \
|
||||
NULL, __LINE__, __FILE__, NULL)
|
||||
#endif
|
||||
|
||||
#define SSLv23_server_method wolfSSLv23_server_method
|
||||
#define SSL_CTX_set_options wolfSSL_CTX_set_options
|
||||
|
@ -897,6 +971,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
|
||||
#define sk_X509_NAME_find wolfSSL_sk_X509_NAME_find
|
||||
|
||||
#define DHparams_dup wolfSSL_DH_dup
|
||||
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
|
||||
#define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams
|
||||
|
||||
|
@ -924,8 +999,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define ERR_LIB_SSL 20
|
||||
#define SSL_R_SHORT_READ 10
|
||||
#define ERR_R_PEM_LIB 9
|
||||
#define V_ASN1_IA5STRING 22
|
||||
#define V_ASN1_UTF8STRING 12
|
||||
#define SSL_CTRL_MODE 33
|
||||
|
||||
#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
|
||||
|
@ -1091,6 +1164,12 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
|
||||
|
||||
#endif /* HAVE_STUNNEL || WOLFSSL_NGINX */
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
#define b2i_PrivateKey_bio(...) NULL
|
||||
#define b2i_PVK_bio(...) NULL
|
||||
#endif
|
||||
|
||||
#define SSL_CTX_get_default_passwd_cb wolfSSL_CTX_get_default_passwd_cb
|
||||
#define SSL_CTX_get_default_passwd_cb_userdata wolfSSL_CTX_get_default_passwd_cb_userdata
|
||||
|
||||
|
@ -1128,6 +1207,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#include <libs/libwolfssl/error-ssl.h>
|
||||
|
||||
#define OPENSSL_STRING WOLFSSL_STRING
|
||||
#define OPENSSL_CSTRING WOLFSSL_STRING
|
||||
|
||||
#define TLSEXT_TYPE_application_layer_protocol_negotiation 16
|
||||
|
||||
|
@ -1164,6 +1244,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
|
||||
#define OPENSSL_config wolfSSL_OPENSSL_config
|
||||
#define OPENSSL_memdup wolfSSL_OPENSSL_memdup
|
||||
#define OPENSSL_cleanse wolfSSL_OPENSSL_cleanse
|
||||
#define SSL_CTX_get_timeout wolfSSL_SSL_CTX_get_timeout
|
||||
#define SSL_CTX_set_tmp_ecdh wolfSSL_SSL_CTX_set_tmp_ecdh
|
||||
#define SSL_CTX_remove_session wolfSSL_SSL_CTX_remove_session
|
||||
|
@ -1176,7 +1257,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb
|
||||
#define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb
|
||||
#define SSL_CTX_get_extra_chain_certs wolfSSL_CTX_get_extra_chain_certs
|
||||
#define sk_OPENSSL_STRING_num wolfSSL_sk_WOLFSSL_STRING_num
|
||||
#define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value
|
||||
#define sk_OPENSSL_PSTRING_num wolfSSL_sk_WOLFSSL_STRING_num
|
||||
#define sk_OPENSSL_PSTRING_value (WOLFSSL_STRING*)wolfSSL_sk_WOLFSSL_STRING_value
|
||||
#define sk_OPENSSL_STRING_free wolfSSL_sk_free
|
||||
#define SSL_get0_alpn_selected wolfSSL_get0_alpn_selected
|
||||
#define SSL_select_next_proto wolfSSL_select_next_proto
|
||||
#define SSL_CTX_set_alpn_select_cb wolfSSL_CTX_set_alpn_select_cb
|
||||
|
@ -1198,8 +1283,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define SSL_CTX_add_client_CA wolfSSL_CTX_add_client_CA
|
||||
#define SSL_CTX_set_srp_password wolfSSL_CTX_set_srp_password
|
||||
#define SSL_CTX_set_srp_username wolfSSL_CTX_set_srp_username
|
||||
#define SSL_CTX_set_srp_strength wolfSSL_CTX_set_srp_strength
|
||||
#define SSL_get_SSL_CTX wolfSSL_get_SSL_CTX
|
||||
#define SSL_get0_param wolfSSL_get0_param
|
||||
#define SSL_get_srp_username wolfSSL_get_srp_username
|
||||
|
||||
#define ERR_NUM_ERRORS 16
|
||||
#define SN_pkcs9_emailAddress "Email"
|
||||
|
@ -1231,6 +1318,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
|
||||
#define OpenSSL_version(x) wolfSSL_OpenSSL_version()
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
#define OBJ_create_objects(...)
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
|
|
@ -28,15 +28,12 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#include <libs/libwolfssl/openssl/conf.h>
|
||||
|
||||
typedef void (*wolfSSL_sk_freefunc)(void *);
|
||||
|
||||
WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc);
|
||||
WOLFSSL_API void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK *);
|
||||
WOLFSSL_API int wolfSSL_sk_GENERIC_push(WOLFSSL_STACK *sk, void *data);
|
||||
WOLFSSL_API void wolfSSL_sk_pop_free(WOLFSSL_STACK *st, void (*func) (void *));
|
||||
WOLFSSL_API void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk);
|
||||
WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_new_null(void);
|
||||
|
||||
WOLFSSL_API int wolfSSL_sk_CIPHER_push(WOLFSSL_STACK *st,WOLFSSL_CIPHER *cipher);
|
||||
|
|
|
@ -5,6 +5,7 @@
|
|||
#include <libs/libwolfssl/openssl/dh.h>
|
||||
#include <libs/libwolfssl/openssl/ec.h>
|
||||
#include <libs/libwolfssl/openssl/ecdsa.h>
|
||||
#include <libs/libwolfssl/openssl/pkcs7.h>
|
||||
|
||||
/* wolfSSL_X509_print_ex flags */
|
||||
#define X509_FLAG_COMPAT (0UL)
|
||||
|
@ -23,4 +24,21 @@
|
|||
#define X509_FLAG_NO_IDS (1UL << 12)
|
||||
|
||||
#define XN_FLAG_FN_SN 0
|
||||
#define XN_FLAG_SEP_CPLUS_SPC 2
|
||||
#define XN_FLAG_ONELINE 0
|
||||
#define XN_FLAG_COMPAT 0
|
||||
#define XN_FLAG_RFC2253 1
|
||||
#define XN_FLAG_SEP_COMMA_PLUS (1 << 16)
|
||||
#define XN_FLAG_SEP_CPLUS_SPC (2 << 16)
|
||||
#define XN_FLAG_SEP_SPLUS_SPC (3 << 16)
|
||||
#define XN_FLAG_SEP_MULTILINE (4 << 16)
|
||||
#define XN_FLAG_SEP_MASK (0xF << 16)
|
||||
#define XN_FLAG_DN_REV (1 << 20)
|
||||
#define XN_FLAG_FN_LN (1 << 21)
|
||||
#define XN_FLAG_FN_OID (2 << 21)
|
||||
#define XN_FLAG_FN_NONE (3 << 21)
|
||||
#define XN_FLAG_FN_MASK (3 << 21)
|
||||
#define XN_FLAG_SPC_EQ (1 << 23)
|
||||
#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
|
||||
#define XN_FLAG_FN_ALIGN (1 << 25)
|
||||
|
||||
#define XN_FLAG_MULTILINE 0xFFFF
|
||||
|
|
|
@ -83,6 +83,8 @@ struct WOLFSSL_X509_EXTENSION {
|
|||
|
||||
#define X509V3_CTX WOLFSSL_X509V3_CTX
|
||||
|
||||
#define CTX_TEST 0x1
|
||||
|
||||
typedef struct WOLFSSL_AUTHORITY_KEYID AUTHORITY_KEYID;
|
||||
typedef struct WOLFSSL_BASIC_CONSTRAINTS BASIC_CONSTRAINTS;
|
||||
typedef struct WOLFSSL_ACCESS_DESCRIPTION ACCESS_DESCRIPTION;
|
||||
|
@ -99,6 +101,8 @@ WOLFSSL_API char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method,
|
|||
const WOLFSSL_ASN1_STRING *s);
|
||||
WOLFSSL_API int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out,
|
||||
WOLFSSL_X509_EXTENSION *ext, unsigned long flag, int indent);
|
||||
WOLFSSL_API int wolfSSL_X509V3_EXT_add_nconf(WOLFSSL_CONF *conf, WOLFSSL_X509V3_CTX *ctx,
|
||||
const char *section, WOLFSSL_X509 *cert);
|
||||
|
||||
#define BASIC_CONSTRAINTS_free wolfSSL_BASIC_CONSTRAINTS_free
|
||||
#define AUTHORITY_KEYID_free wolfSSL_AUTHORITY_KEYID_free
|
||||
|
@ -107,11 +111,20 @@ WOLFSSL_API int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out,
|
|||
#define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING
|
||||
#define X509V3_EXT_get wolfSSL_X509V3_EXT_get
|
||||
#define X509V3_EXT_d2i wolfSSL_X509V3_EXT_d2i
|
||||
#define X509V3_EXT_add_nconf wolfSSL_X509V3_EXT_add_nconf
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
#define X509V3_parse_list(...) NULL
|
||||
#endif
|
||||
#define i2s_ASN1_OCTET_STRING wolfSSL_i2s_ASN1_STRING
|
||||
#define X509V3_EXT_print wolfSSL_X509V3_EXT_print
|
||||
#define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid
|
||||
#define X509V3_set_ctx wolfSSL_X509V3_set_ctx
|
||||
#define X509V3_set_ctx_nodb wolfSSL_X509V3_set_ctx_nodb
|
||||
#define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid
|
||||
#define X509V3_set_ctx wolfSSL_X509V3_set_ctx
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
#define X509V3_set_nconf(...)
|
||||
#endif
|
||||
#define X509V3_set_ctx_test(ctx) wolfSSL_X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
|
||||
#define X509V3_set_ctx_nodb wolfSSL_X509V3_set_ctx_nodb
|
||||
#define X509v3_get_ext_count wolfSSL_sk_num
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -109,7 +109,6 @@
|
|||
#define GOT_CERT_STATUS_STR 73
|
||||
#define RSA_KEY_MISSING_STR 74
|
||||
#define NO_SECURE_RENEGOTIATION 75
|
||||
|
||||
#define BAD_SESSION_STATS 76
|
||||
#define REASSEMBLY_MAX_STR 77
|
||||
#define DROPPING_LOST_FRAG_STR 78
|
||||
|
@ -131,6 +130,7 @@
|
|||
#define STORE_DATA_FAIL_STR 92
|
||||
#define CHAIN_INPUT_STR 93
|
||||
#define GOT_ENC_EXT_STR 94
|
||||
#define GOT_HELLO_RETRY_REQ_STR 95
|
||||
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
|
||||
|
||||
|
||||
|
|
|
@ -40,6 +40,10 @@
|
|||
#include <libs/libwolfssl/wolfcrypt/wolfevent.h>
|
||||
#endif
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
#include <libs/libwolfssl/wolfcrypt/cryptocb.h>
|
||||
#endif
|
||||
|
||||
/* used internally by wolfSSL while OpenSSL types aren't */
|
||||
#include <libs/libwolfssl/callbacks.h>
|
||||
|
||||
|
@ -98,6 +102,19 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* LHASH is implemented as a stack */
|
||||
typedef struct WOLFSSL_STACK WOLFSSL_LHASH;
|
||||
#ifndef WOLF_LHASH_OF
|
||||
#define WOLF_LHASH_OF(x) WOLFSSL_LHASH
|
||||
#endif
|
||||
|
||||
#ifndef WOLF_STACK_OF
|
||||
#define WOLF_STACK_OF(x) WOLFSSL_STACK
|
||||
#endif
|
||||
#ifndef DECLARE_STACK_OF
|
||||
#define DECLARE_STACK_OF(x) WOLF_STACK_OF(x);
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_WOLFSSL_TYPE_DEFINED
|
||||
#define WOLFSSL_WOLFSSL_TYPE_DEFINED
|
||||
typedef struct WOLFSSL WOLFSSL;
|
||||
|
@ -171,7 +188,6 @@ typedef struct WOLFSSL_X509_VERIFY_PARAM WOLFSSL_X509_VERIFY_PARAM;
|
|||
typedef struct WOLFSSL_BIO WOLFSSL_BIO;
|
||||
typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD;
|
||||
typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION;
|
||||
typedef struct WOLFSSL_CONF_VALUE WOLFSSL_CONF_VALUE;
|
||||
typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT;
|
||||
typedef struct WOLFSSL_ASN1_OTHERNAME WOLFSSL_ASN1_OTHERNAME;
|
||||
typedef struct WOLFSSL_X509V3_CTX WOLFSSL_X509V3_CTX;
|
||||
|
@ -185,6 +201,7 @@ typedef struct WOLFSSL_DH WOLFSSL_DH;
|
|||
#endif
|
||||
typedef struct WOLFSSL_ASN1_BIT_STRING WOLFSSL_ASN1_BIT_STRING;
|
||||
typedef struct WOLFSSL_ASN1_TYPE WOLFSSL_ASN1_TYPE;
|
||||
typedef struct WOLFSSL_X509_ATTRIBUTE WOLFSSL_X509_ATTRIBUTE;
|
||||
|
||||
typedef struct WOLFSSL_GENERAL_NAME WOLFSSL_GENERAL_NAME;
|
||||
typedef struct WOLFSSL_AUTHORITY_KEYID WOLFSSL_AUTHORITY_KEYID;
|
||||
|
@ -314,6 +331,12 @@ struct WOLFSSL_ASN1_TYPE {
|
|||
} value;
|
||||
};
|
||||
|
||||
struct WOLFSSL_X509_ATTRIBUTE {
|
||||
WOLFSSL_ASN1_OBJECT *object;
|
||||
WOLFSSL_ASN1_TYPE *value;
|
||||
WOLF_STACK_OF(WOLFSSL_ASN1_TYPE) *set;
|
||||
};
|
||||
|
||||
struct WOLFSSL_EVP_PKEY {
|
||||
void* heap;
|
||||
int type; /* openssh dereference */
|
||||
|
@ -468,6 +491,8 @@ struct WOLFSSL_BIO {
|
|||
void* heap; /* user heap hint */
|
||||
void* ptr; /* WOLFSSL, file descriptor, MD, or mem buf */
|
||||
void* usrCtx; /* user set pointer */
|
||||
const char* ip; /* IP address for wolfIO_TcpConnect */
|
||||
word16 port; /* Port for wolfIO_TcpConnect */
|
||||
char* infoArg; /* BIO callback argument */
|
||||
wolf_bio_info_cb infoCb; /* BIO callback */
|
||||
int wrSz; /* write buffer size (mem) */
|
||||
|
@ -523,11 +548,16 @@ struct WOLFSSL_X509_STORE {
|
|||
};
|
||||
|
||||
#define WOLFSSL_NO_WILDCARDS 0x4
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
|
||||
defined(WOLFSSL_WPAS_SMALL) || defined(WOLFSSL_IP_ALT_NAME)
|
||||
#define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
|
||||
#endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
#define WOLFSSL_USE_CHECK_TIME 0x2
|
||||
#define WOLFSSL_NO_CHECK_TIME 0x200000
|
||||
#define WOLFSSL_HOST_NAME_MAX 256
|
||||
#define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
|
||||
struct WOLFSSL_X509_VERIFY_PARAM {
|
||||
time_t check_time;
|
||||
unsigned long flags;
|
||||
|
@ -789,8 +819,15 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*,
|
|||
#ifndef WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS
|
||||
#define WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS WOLFSSL_LOAD_FLAG_NONE
|
||||
#endif
|
||||
|
||||
WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl);
|
||||
WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
|
||||
WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth);
|
||||
#endif /* !NO_CERTS */
|
||||
|
||||
#define WOLFSSL_CIPHER_SUITE_FLAG_NONE 0x0
|
||||
#define WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS 0x1
|
||||
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
|
||||
|
||||
WOLFSSL_API int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX*, const char*,
|
||||
|
@ -806,9 +843,6 @@ WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX *,
|
|||
const char *file, int format);
|
||||
WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int);
|
||||
|
||||
WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl);
|
||||
WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
|
||||
WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth);
|
||||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*,
|
||||
int);
|
||||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*,
|
||||
|
@ -853,6 +887,8 @@ WOLFSSL_API const char* wolfSSL_get_cipher_name_from_suite(const unsigned char,
|
|||
const unsigned char);
|
||||
WOLFSSL_API const char* wolfSSL_get_cipher_name_iana_from_suite(
|
||||
const unsigned char, const unsigned char);
|
||||
WOLFSSL_API int wolfSSL_get_cipher_suite_from_name(const char* name,
|
||||
byte* cipherSuite0, byte* cipherSuite, int* flags);
|
||||
WOLFSSL_API const char* wolfSSL_get_shared_ciphers(WOLFSSL* ssl, char* buf,
|
||||
int len);
|
||||
WOLFSSL_API const char* wolfSSL_get_curve_name(WOLFSSL* ssl);
|
||||
|
@ -974,6 +1010,14 @@ WOLFSSL_API void wolfSSL_CTX_set_cert_verify_callback(WOLFSSL_CTX* ctx,
|
|||
|
||||
WOLFSSL_API void wolfSSL_set_verify(WOLFSSL*, int, VerifyCallback verify_callback);
|
||||
WOLFSSL_API void wolfSSL_set_verify_result(WOLFSSL*, long);
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
|
||||
defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
||||
WOLFSSL_API int wolfSSL_verify_client_post_handshake(WOLFSSL*);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_post_handshake_auth(WOLFSSL_CTX*, int);
|
||||
WOLFSSL_API int wolfSSL_set_post_handshake_auth(WOLFSSL*, int);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*);
|
||||
|
||||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_pending(WOLFSSL*);
|
||||
|
@ -1070,20 +1114,6 @@ WOLFSSL_API const char* wolfSSL_ERR_reason_error_string(unsigned long);
|
|||
|
||||
/* extras */
|
||||
|
||||
|
||||
/* for now LHASH is not implemented */
|
||||
typedef int WOLFSSL_LHASH;
|
||||
#ifndef WOLF_LHASH_OF
|
||||
#define WOLF_LHASH_OF(x) WOLFSSL_LHASH
|
||||
#endif
|
||||
|
||||
#ifndef WOLF_STACK_OF
|
||||
#define WOLF_STACK_OF(x) WOLFSSL_STACK
|
||||
#endif
|
||||
#ifndef DECLARE_STACK_OF
|
||||
#define DECLARE_STACK_OF(x) WOLF_STACK_OF(x);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_node(void* heap);
|
||||
WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void wolfSSL_sk_free_node(WOLFSSL_STACK* in);
|
||||
|
@ -1148,6 +1178,7 @@ WOLFSSL_API void wolfSSL_sk_ASN1_OBJECT_pop_free(
|
|||
WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk,
|
||||
void (*f)(WOLFSSL_ASN1_OBJECT*));
|
||||
WOLFSSL_API int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *in);
|
||||
WOLFSSL_API int wolfSSL_ASN1_UNIVERSALSTRING_to_string(WOLFSSL_ASN1_STRING *s);
|
||||
WOLFSSL_API int wolfSSL_sk_X509_EXTENSION_num(WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_sk_X509_EXTENSION_value(
|
||||
WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk, int idx);
|
||||
|
@ -1263,11 +1294,16 @@ WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr);
|
|||
|
||||
#ifndef NO_FILESYSTEM
|
||||
WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_file(void);
|
||||
WOLFSSL_API WOLFSSL_BIO *wolfSSL_BIO_new_fd(int fd, int close_flag);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_bio(void);
|
||||
WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void);
|
||||
|
||||
WOLFSSL_API WOLFSSL_BIO *wolfSSL_BIO_new_connect(const char *str);
|
||||
WOLFSSL_API long wolfSSL_BIO_set_conn_port(WOLFSSL_BIO *b, char* port);
|
||||
WOLFSSL_API long wolfSSL_BIO_do_connect(WOLFSSL_BIO *b);
|
||||
|
||||
WOLFSSL_API long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, void *parg);
|
||||
WOLFSSL_API long wolfSSL_BIO_int_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, int iarg);
|
||||
|
||||
|
@ -1329,6 +1365,13 @@ WOLFSSL_API int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset
|
|||
#endif
|
||||
WOLFSSL_API int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
|
||||
unsigned long nmflags, unsigned long cflag);
|
||||
#ifndef NO_FILESYSTEM
|
||||
WOLFSSL_API int wolfSSL_X509_print_fp(XFILE fp, WOLFSSL_X509 *x509);
|
||||
#endif
|
||||
WOLFSSL_API int wolfSSL_X509_signature_print(WOLFSSL_BIO *bp,
|
||||
const WOLFSSL_X509_ALGOR *sigalg, const WOLFSSL_ASN1_STRING *sig);
|
||||
WOLFSSL_API void wolfSSL_X509_get0_signature(const WOLFSSL_ASN1_BIT_STRING **psig,
|
||||
const WOLFSSL_X509_ALGOR **palg, const WOLFSSL_X509 *x509);
|
||||
WOLFSSL_API int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
|
||||
WOLFSSL_ABI WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*,
|
||||
char*, int);
|
||||
|
@ -1353,6 +1396,9 @@ WOLFSSL_API unsigned char* wolfSSL_X509_get_subjectKeyID(
|
|||
WOLFSSL_X509*, unsigned char*, int*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_X509_verify(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey);
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
WOLFSSL_API int wolfSSL_X509_REQ_verify(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey);
|
||||
#endif
|
||||
WOLFSSL_API int wolfSSL_X509_set_subject_name(WOLFSSL_X509*,
|
||||
WOLFSSL_X509_NAME*);
|
||||
WOLFSSL_API int wolfSSL_X509_set_issuer_name(WOLFSSL_X509*,
|
||||
|
@ -1369,6 +1415,7 @@ WOLFSSL_API int wolfSSL_X509_set_serialNumber(WOLFSSL_X509* x509,
|
|||
WOLFSSL_API int wolfSSL_X509_set_version(WOLFSSL_X509* x509, long v);
|
||||
WOLFSSL_API int wolfSSL_X509_sign(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey,
|
||||
const WOLFSSL_EVP_MD* md);
|
||||
WOLFSSL_API int wolfSSL_X509_sign_ctx(WOLFSSL_X509 *x509, WOLFSSL_EVP_MD_CTX *ctx);
|
||||
|
||||
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*);
|
||||
|
@ -1383,6 +1430,7 @@ WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_dup(WOLFSSL_ASN1_STRING* as
|
|||
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type);
|
||||
WOLFSSL_API int wolfSSL_ASN1_STRING_type(const WOLFSSL_ASN1_STRING* asn1);
|
||||
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_d2i_DISPLAYTEXT(WOLFSSL_ASN1_STRING **asn, const unsigned char **in, long len);
|
||||
WOLFSSL_API int wolfSSL_ASN1_STRING_cmp(const WOLFSSL_ASN1_STRING *a, const WOLFSSL_ASN1_STRING *b);
|
||||
WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1);
|
||||
WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1,
|
||||
const void* data, int dataSz);
|
||||
|
@ -1412,6 +1460,8 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get_chain(
|
|||
WOLFSSL_X509_STORE_CTX* ctx);
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get1_chain(
|
||||
WOLFSSL_X509_STORE_CTX* ctx);
|
||||
WOLFSSL_API WOLFSSL_X509_STORE_CTX *wolfSSL_X509_STORE_CTX_get0_parent_ctx(
|
||||
WOLFSSL_X509_STORE_CTX *ctx);
|
||||
WOLFSSL_API int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store,
|
||||
unsigned long flag);
|
||||
WOLFSSL_API int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE*);
|
||||
|
@ -1425,7 +1475,7 @@ WOLFSSL_API void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX*);
|
|||
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL*);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL*);
|
||||
WOLFSSL_ASN1_TIME* wolfSSL_X509_gmtime_adj(WOLFSSL_ASN1_TIME *s, long adj);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_gmtime_adj(WOLFSSL_ASN1_TIME *s, long adj);
|
||||
|
||||
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509*);
|
||||
WOLFSSL_API int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKEY*);
|
||||
|
@ -1580,6 +1630,9 @@ WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(
|
|||
WOLFSSL_API int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX*, WOLFSSL_X509*);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX*, char*);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_srp_username(WOLFSSL_CTX*, char*);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_srp_strength(WOLFSSL_CTX *ctx, int strength);
|
||||
|
||||
WOLFSSL_API char* wolfSSL_get_srp_username(WOLFSSL *ssl);
|
||||
|
||||
WOLFSSL_API long wolfSSL_set_options(WOLFSSL *s, long op);
|
||||
WOLFSSL_API long wolfSSL_get_options(const WOLFSSL *s);
|
||||
|
@ -1730,7 +1783,6 @@ enum {
|
|||
* and auto retry */
|
||||
SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */
|
||||
|
||||
BIO_FLAGS_BASE64_NO_NL = 1,
|
||||
BIO_CLOSE = 1,
|
||||
BIO_NOCLOSE = 0,
|
||||
|
||||
|
@ -1788,12 +1840,6 @@ enum {
|
|||
|
||||
X509_R_CERT_ALREADY_IN_HASH_TABLE,
|
||||
|
||||
XN_FLAG_SPC_EQ = (1 << 23),
|
||||
XN_FLAG_SEP_CPLUS_SPC = (2 << 16),
|
||||
XN_FLAG_ONELINE = 0,
|
||||
XN_FLAG_RFC2253 = 1,
|
||||
XN_FLAG_DN_REV = (1 << 20),
|
||||
|
||||
CRYPTO_LOCK = 1,
|
||||
CRYPTO_NUM_LOCKS = 10,
|
||||
|
||||
|
@ -2014,7 +2060,7 @@ WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long);
|
|||
WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx);
|
||||
WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long);
|
||||
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_CHECK_PRIVATE_KEY)
|
||||
#if !defined(NO_CHECK_PRIVATE_KEY)
|
||||
WOLFSSL_API int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX*);
|
||||
#endif
|
||||
WOLFSSL_API void wolfSSL_ERR_free_strings(void);
|
||||
|
@ -2061,13 +2107,14 @@ WOLFSSL_API int wolfSSL_ASN1_TIME_diff(int *pday, int *psec,
|
|||
const WOLFSSL_ASN1_TIME *from, const WOLFSSL_ASN1_TIME *to);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_t t);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *s, const char *str);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i);
|
||||
WOLFSSL_API int wolfSSL_sk_num(const WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void* wolfSSL_sk_value(const WOLFSSL_STACK* sk, int i);
|
||||
|
||||
#if (defined(HAVE_EX_DATA) || defined(FORTRESS)) && \
|
||||
(defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
|
||||
(defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || defined(WOLFSSL_WPAS_SMALL))
|
||||
WOLFSSL_API void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data,
|
||||
int idx);
|
||||
WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx,
|
||||
|
@ -2164,6 +2211,10 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509,
|
|||
const unsigned char** in, int len);
|
||||
WOLFSSL_API WOLFSSL_X509*
|
||||
wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len);
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
WOLFSSL_API WOLFSSL_X509*
|
||||
wolfSSL_X509_REQ_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len);
|
||||
#endif
|
||||
WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out);
|
||||
WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl,
|
||||
const unsigned char *in, int len);
|
||||
|
@ -2182,6 +2233,10 @@ WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509*
|
|||
#endif
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_load_certificate_buffer(
|
||||
const unsigned char* buf, int sz, int format);
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_REQ_load_certificate_buffer(
|
||||
const unsigned char* buf, int sz, int format);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SEP
|
||||
WOLFSSL_API unsigned char*
|
||||
|
@ -2209,6 +2264,8 @@ WOLFSSL_API WOLFSSL_X509_PKCS12* wolfSSL_d2i_PKCS12_fp(XFILE fp,
|
|||
WOLFSSL_API int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
|
||||
WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert,
|
||||
WOLF_STACK_OF(WOLFSSL_X509)** ca);
|
||||
WOLFSSL_API int wolfSSL_PKCS12_verify_mac(WC_PKCS12 *pkcs12, const char *psw,
|
||||
int pswLen);
|
||||
WOLFSSL_API WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name,
|
||||
WOLFSSL_EVP_PKEY* pkey, WOLFSSL_X509* cert,
|
||||
WOLF_STACK_OF(WOLFSSL_X509)* ca,
|
||||
|
@ -2310,7 +2367,13 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len,
|
|||
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX*,
|
||||
const unsigned char*, long, int);
|
||||
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_id(WOLFSSL_CTX*,
|
||||
const unsigned char*, long, int, long);
|
||||
const unsigned char*, long,
|
||||
int, long);
|
||||
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_Id(WOLFSSL_CTX*,
|
||||
const unsigned char*, long,
|
||||
int);
|
||||
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_Label(WOLFSSL_CTX*, const char*,
|
||||
int);
|
||||
WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer_format(WOLFSSL_CTX*,
|
||||
const unsigned char*, long, int);
|
||||
WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX*,
|
||||
|
@ -2324,7 +2387,10 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len,
|
|||
WOLFSSL_API int wolfSSL_use_PrivateKey_buffer(WOLFSSL*, const unsigned char*,
|
||||
long, int);
|
||||
WOLFSSL_API int wolfSSL_use_PrivateKey_id(WOLFSSL*, const unsigned char*,
|
||||
long, int, long);
|
||||
long, int, long);
|
||||
WOLFSSL_API int wolfSSL_use_PrivateKey_Id(WOLFSSL*, const unsigned char*,
|
||||
long, int);
|
||||
WOLFSSL_API int wolfSSL_use_PrivateKey_Label(WOLFSSL*, const char*, int);
|
||||
WOLFSSL_API int wolfSSL_use_certificate_chain_buffer_format(WOLFSSL*,
|
||||
const unsigned char*, long, int);
|
||||
WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL*,
|
||||
|
@ -2392,7 +2458,7 @@ WOLFSSL_API int wolfSSL_CTX_GetObjectSize(void);
|
|||
WOLFSSL_API int wolfSSL_METHOD_GetObjectSize(void);
|
||||
WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int);
|
||||
WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*);
|
||||
WOLFSSL_API int wolfSSL_GetVersion(WOLFSSL* ssl);
|
||||
WOLFSSL_API int wolfSSL_GetVersion(const WOLFSSL* ssl);
|
||||
WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version);
|
||||
|
||||
/* moved to asn.c, old names kept for backwards compatibility */
|
||||
|
@ -2722,6 +2788,7 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
|
|||
WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap);
|
||||
WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void);
|
||||
WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*);
|
||||
WOLFSSL_API int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER*, const char* f,
|
||||
const char* d);
|
||||
|
@ -2772,6 +2839,10 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
|
|||
WOLFSSL_CERT_MANAGER* cm);
|
||||
WOLFSSL_API int wolfSSL_CertManagerDisableOCSPStapling(
|
||||
WOLFSSL_CERT_MANAGER* cm);
|
||||
WOLFSSL_API int wolfSSL_CertManagerEnableOCSPMustStaple(
|
||||
WOLFSSL_CERT_MANAGER* cm);
|
||||
WOLFSSL_API int wolfSSL_CertManagerDisableOCSPMustStaple(
|
||||
WOLFSSL_CERT_MANAGER* cm);
|
||||
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && !defined(NO_FILESYSTEM)
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm);
|
||||
#endif
|
||||
|
@ -2808,6 +2879,8 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm)
|
|||
CbOCSPIO, CbOCSPRespFree, void*);
|
||||
WOLFSSL_API int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*);
|
||||
WOLFSSL_API int wolfSSL_CTX_DisableOCSPStapling(WOLFSSL_CTX*);
|
||||
WOLFSSL_API int wolfSSL_CTX_EnableOCSPMustStaple(WOLFSSL_CTX*);
|
||||
WOLFSSL_API int wolfSSL_CTX_DisableOCSPMustStaple(WOLFSSL_CTX*);
|
||||
#endif /* !NO_CERTS */
|
||||
|
||||
|
||||
|
@ -2923,7 +2996,7 @@ enum {
|
|||
WOLFSSL_MAX_ALPN_NUMBER = 257
|
||||
};
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
|
||||
typedef int (*CallbackALPNSelect)(WOLFSSL* ssl, const unsigned char** out,
|
||||
unsigned char* outLen, const unsigned char* in, unsigned int inLen,
|
||||
void *arg);
|
||||
|
@ -3233,7 +3306,7 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
|
|||
|
||||
#include <libs/libwolfssl/openssl/asn1.h>
|
||||
struct WOLFSSL_X509_NAME_ENTRY {
|
||||
WOLFSSL_ASN1_OBJECT object; /* static object just for keeping grp, type */
|
||||
WOLFSSL_ASN1_OBJECT* object; /* static object just for keeping grp, type */
|
||||
WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */
|
||||
int nid; /* i.e. ASN_COMMON_NAME */
|
||||
int set;
|
||||
|
@ -3290,7 +3363,6 @@ WOLFSSL_LOCAL int NIDToEccEnum(int n);
|
|||
/* end of object functions */
|
||||
|
||||
WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error_line(const char **file, int *line);
|
||||
WOLFSSL_API long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt);
|
||||
WOLFSSL_API long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt,void* pt);
|
||||
WOLFSSL_API long wolfSSL_CTX_callback_ctrl(WOLFSSL_CTX* ctx, int cmd, void (*fp)(void));
|
||||
WOLFSSL_API long wolfSSL_CTX_clear_extra_chain_certs(WOLFSSL_CTX* ctx);
|
||||
|
@ -3310,6 +3382,8 @@ WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name,
|
|||
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_NID(WOLFSSL_X509_NAME *name, int nid,
|
||||
int type, const unsigned char *bytes,
|
||||
int len, int loc, int set);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry(
|
||||
WOLFSSL_X509_NAME *name, int loc);
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
|
||||
const WOLFSSL_X509_NAME* y);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
|
||||
|
@ -3320,6 +3394,11 @@ WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
|
|||
#endif /* !NO_CERTS */
|
||||
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \
|
||||
|| defined(WOLFSSL_NGINX) || defined(WOLFSSL_QT)
|
||||
WOLFSSL_API long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_WPAS_SMALL
|
||||
/* WPA Supplicant requires GEN_ values */
|
||||
#include <libs/libwolfssl/openssl/x509v3.h>
|
||||
|
@ -3337,6 +3416,7 @@ WOLFSSL_API int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509 *x, int nid, int
|
|||
WOLFSSL_API int wolfSSL_X509_add_ext(WOLFSSL_X509 *x, WOLFSSL_X509_EXTENSION *ex, int loc);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit,
|
||||
void *data);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION *wolfSSL_X509_delete_ext(WOLFSSL_X509 *x509, int loc);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_conf_nid(
|
||||
WOLF_LHASH_OF(CONF_VALUE)* conf, WOLFSSL_X509V3_CTX* ctx, int nid,
|
||||
char* value);
|
||||
|
@ -3360,7 +3440,11 @@ WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_ASN1(int pri, WOLFSSL_CTX* ctx,
|
|||
|
||||
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
|
||||
WOLFSSL_API int wolfSSL_X509_cmp(const WOLFSSL_X509* a, const WOLFSSL_X509* b);
|
||||
WOLFSSL_API const WOLFSSL_STACK *wolfSSL_X509_get0_extensions(const WOLFSSL_X509 *x);
|
||||
WOLFSSL_API const WOLFSSL_STACK *wolfSSL_X509_REQ_get_extensions(const WOLFSSL_X509 *x);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_get_ext(const WOLFSSL_X509* x, int loc);
|
||||
WOLFSSL_API int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x,
|
||||
const WOLFSSL_ASN1_OBJECT *obj, int lastpos);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x, int loc);
|
||||
WOLFSSL_API int wolfSSL_X509_EXTENSION_get_critical(const WOLFSSL_X509_EXTENSION* ex);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_EXTENSION_new(void);
|
||||
|
@ -3382,6 +3466,9 @@ WOLFSSL_API int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
|
|||
WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses);
|
||||
|
||||
WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
WOLFSSL_API int wolfSSL_i2d_X509_REQ_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
|
||||
#endif
|
||||
#if !defined(NO_FILESYSTEM)
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(XFILE fp,
|
||||
WOLFSSL_X509** x509);
|
||||
|
@ -3389,6 +3476,10 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_GetCerts(WOLFSSL_X509_STORE_CTX* s
|
|||
#endif
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio,
|
||||
WOLFSSL_X509** x509);
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_REQ_bio(WOLFSSL_BIO* bio,
|
||||
WOLFSSL_X509** x509);
|
||||
#endif
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
|
@ -3412,6 +3503,9 @@ WOLFSSL_API int wolfSSL_CTX_set_max_proto_version(WOLFSSL_CTX*, int);
|
|||
|
||||
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u);
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_REQ(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u);
|
||||
#endif
|
||||
WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_bio_X509_CRL(WOLFSSL_BIO *bp,
|
||||
WOLFSSL_X509_CRL **x, pem_password_cb *cb, void *u);
|
||||
WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX
|
||||
|
@ -3491,6 +3585,7 @@ WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int c);
|
|||
|| defined(WOLFSSL_MYSQL_COMPATIBLE) \
|
||||
|| defined(WOLFSSL_HAPROXY) \
|
||||
|| defined(OPENSSL_EXTRA)
|
||||
#define X509_BUFFER_SZ 8192
|
||||
|
||||
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode);
|
||||
WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*);
|
||||
|
@ -3510,12 +3605,31 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_REQ_new(void);
|
|||
WOLFSSL_API void wolfSSL_X509_REQ_free(WOLFSSL_X509* req);
|
||||
WOLFSSL_API int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey,
|
||||
const WOLFSSL_EVP_MD *md);
|
||||
WOLFSSL_API int wolfSSL_X509_REQ_sign_ctx(WOLFSSL_X509 *req,
|
||||
WOLFSSL_EVP_MD_CTX* md_ctx);
|
||||
WOLFSSL_API int wolfSSL_X509_REQ_add_extensions(WOLFSSL_X509* req,
|
||||
WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* ext);
|
||||
WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* ext_sk);
|
||||
WOLFSSL_API int wolfSSL_X509_REQ_set_subject_name(WOLFSSL_X509 *req,
|
||||
WOLFSSL_X509_NAME *name);
|
||||
WOLFSSL_API int wolfSSL_X509_REQ_set_pubkey(WOLFSSL_X509 *req,
|
||||
WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req,
|
||||
int nid, int type,
|
||||
const unsigned char *bytes,
|
||||
int len);
|
||||
WOLFSSL_API int wolfSSL_X509_REQ_get_attr_by_NID(const WOLFSSL_X509 *req,
|
||||
int nid, int lastpos);
|
||||
WOLFSSL_API int wolfSSL_X509_REQ_add1_attr_by_txt(WOLFSSL_X509 *req,
|
||||
const char *attrname, int type,
|
||||
const unsigned char *bytes, int len);
|
||||
WOLFSSL_API WOLFSSL_X509_ATTRIBUTE *wolfSSL_X509_REQ_get_attr(
|
||||
const WOLFSSL_X509 *req, int loc);
|
||||
WOLFSSL_API WOLFSSL_X509_ATTRIBUTE* wolfSSL_X509_ATTRIBUTE_new(void);
|
||||
WOLFSSL_API void wolfSSL_X509_ATTRIBUTE_free(WOLFSSL_X509_ATTRIBUTE* attr);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TYPE *wolfSSL_X509_ATTRIBUTE_get0_type(
|
||||
WOLFSSL_X509_ATTRIBUTE *attr, int idx);
|
||||
WOLFSSL_API WOLFSSL_X509 *wolfSSL_X509_to_X509_REQ(WOLFSSL_X509 *x,
|
||||
WOLFSSL_EVP_PKEY *pkey, const WOLFSSL_EVP_MD *md);
|
||||
#endif
|
||||
|
||||
|
||||
|
@ -3524,9 +3638,6 @@ WOLFSSL_API int wolfSSL_X509_REQ_set_pubkey(WOLFSSL_X509 *req,
|
|||
|
||||
#include <libs/libwolfssl/openssl/crypto.h>
|
||||
|
||||
/* SNI received callback type */
|
||||
typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg);
|
||||
|
||||
WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
|
||||
void *(*r) (void *, size_t, const char *, int), void (*f) (void *));
|
||||
|
||||
|
@ -3578,8 +3689,9 @@ WOLFSSL_API void wolfSSL_sk_X509_INFO_pop_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*
|
|||
void (*f) (WOLFSSL_X509_INFO*));
|
||||
WOLFSSL_API void wolfSSL_sk_X509_INFO_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*);
|
||||
|
||||
typedef int (*wolf_sk_compare_cb)(const void* const *a,
|
||||
const void* const *b);
|
||||
typedef int (*wolf_sk_compare_cb)(const void* a,
|
||||
const void* b);
|
||||
typedef unsigned long (*wolf_sk_hash_cb) (const void *v);
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_sk_X509_NAME_new(
|
||||
wolf_sk_compare_cb);
|
||||
WOLFSSL_API int wolfSSL_sk_X509_NAME_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)*,
|
||||
|
@ -3599,6 +3711,18 @@ WOLFSSL_API int wolfSSL_sk_X509_OBJECT_num(const WOLF_STACK_OF(WOLFSSL_X509_OBJE
|
|||
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,
|
||||
unsigned long);
|
||||
#ifndef NO_FILESYSTEM
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_print_ex_fp(XFILE,WOLFSSL_X509_NAME*,int,
|
||||
unsigned long);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_CONF_VALUE_new(wolf_sk_compare_cb compFunc);
|
||||
WOLFSSL_API void wolfSSL_sk_CONF_VALUE_free(struct WOLFSSL_STACK *sk);
|
||||
WOLFSSL_API int wolfSSL_sk_CONF_VALUE_num(const WOLFSSL_STACK *sk);
|
||||
WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_sk_CONF_VALUE_value(
|
||||
const struct WOLFSSL_STACK *sk, int i);
|
||||
WOLFSSL_API int wolfSSL_sk_CONF_VALUE_push(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk,
|
||||
WOLFSSL_CONF_VALUE* val);
|
||||
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
|
@ -3657,12 +3781,22 @@ WOLFSSL_API VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX*);
|
|||
|
||||
WOLFSSL_API VerifyCallback wolfSSL_get_verify_callback(WOLFSSL*);
|
||||
|
||||
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */
|
||||
|
||||
#ifdef HAVE_SNI
|
||||
/* SNI received callback type */
|
||||
typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg);
|
||||
|
||||
WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *,
|
||||
CallbackSniRecv);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX *,
|
||||
CallbackSniRecv);
|
||||
|
||||
WOLFSSL_API int wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*);
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \
|
||||
|| defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
|
||||
|
||||
WOLFSSL_API void wolfSSL_ERR_remove_thread_state(void*);
|
||||
|
||||
|
@ -3732,6 +3866,7 @@ WOLFSSL_API int wolfSSL_set_alpn_protos(WOLFSSL* ssl,
|
|||
const unsigned char* protos, unsigned int protos_len);
|
||||
WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data,
|
||||
size_t siz, const char* file, int line);
|
||||
WOLFSSL_API void wolfSSL_OPENSSL_cleanse(void *ptr, size_t len);
|
||||
WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void);
|
||||
#endif
|
||||
|
||||
|
@ -3761,11 +3896,12 @@ WOLFSSL_LOCAL char* wolfSSL_get_ocsp_url(WOLFSSL* ssl);
|
|||
WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url);
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) \
|
||||
|| defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx);
|
||||
WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx,
|
||||
void *data);
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
|
||||
|| defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
|
||||
|
@ -3817,8 +3953,12 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_STRING) *wolfSSL_X509_get1_ocsp(WOLFSSL_X509 *
|
|||
WOLFSSL_API int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer,
|
||||
WOLFSSL_X509 *subject);
|
||||
|
||||
WOLFSSL_API char* wolfSSL_sk_WOLFSSL_STRING_value(
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_STRING)* wolfSSL_sk_WOLFSSL_STRING_new(void);
|
||||
WOLFSSL_API void wolfSSL_sk_WOLFSSL_STRING_free(WOLF_STACK_OF(WOLFSSL_STRING)* sk);
|
||||
WOLFSSL_API WOLFSSL_STRING wolfSSL_sk_WOLFSSL_STRING_value(
|
||||
WOLF_STACK_OF(WOLFSSL_STRING)* strings, int idx);
|
||||
WOLFSSL_API int wolfSSL_sk_WOLFSSL_STRING_num(
|
||||
WOLF_STACK_OF(WOLFSSL_STRING)* strings);
|
||||
#endif /* HAVE_OCSP || OPENSSL_EXTRA || OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
|
||||
|
||||
WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio,
|
||||
|
@ -3867,8 +4007,8 @@ WOLFSSL_API int wolfSSL_X509_check_ip_asc(WOLFSSL_X509 *x, const char *ipasc,
|
|||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
|
||||
WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context(
|
||||
const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length);
|
||||
WOLFSSL_API size_t SSL_get_finished(const WOLFSSL *s, void *buf, size_t count);
|
||||
WOLFSSL_API size_t SSL_get_peer_finished(const WOLFSSL *s, void *buf, size_t count);
|
||||
WOLFSSL_API size_t wolfSSL_get_finished(const WOLFSSL *ssl, void *buf, size_t count);
|
||||
WOLFSSL_API size_t wolfSSL_get_peer_finished(const WOLFSSL *ssl, void *buf, size_t count);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API int SSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid, unsigned int sid_len);
|
||||
|
@ -3887,6 +4027,9 @@ WOLFSSL_API int wolfSSL_X509_PUBKEY_get0_param(WOLFSSL_ASN1_OBJECT **ppkalg, con
|
|||
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_PUBKEY_get(WOLFSSL_X509_PUBKEY* key);
|
||||
WOLFSSL_API int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key);
|
||||
WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a);
|
||||
WOLFSSL_API WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
||||
const unsigned char **der,
|
||||
long length);
|
||||
WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a);
|
||||
WOLFSSL_API int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp);
|
||||
WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength));
|
||||
|
@ -3911,6 +4054,8 @@ WOLFSSL_API unsigned char* wolfSSL_ASN1_TIME_get_data(WOLFSSL_ASN1_TIME *t);
|
|||
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
|
||||
WOLFSSL_ASN1_TIME **out);
|
||||
WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp);
|
||||
WOLFSSL_API int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1,
|
||||
char *buf, int size);
|
||||
WOLFSSL_API int wolfSSL_X509_CA_num(WOLFSSL_X509_STORE *store);
|
||||
WOLFSSL_API long wolfSSL_X509_get_version(const WOLFSSL_X509 *x);
|
||||
WOLFSSL_API int wolfSSL_X509_get_signature_nid(const WOLFSSL_X509* x);
|
||||
|
|
|
@ -28,8 +28,8 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define LIBWOLFSSL_VERSION_STRING "4.5.0"
|
||||
#define LIBWOLFSSL_VERSION_HEX 0x04005000
|
||||
#define LIBWOLFSSL_VERSION_STRING "4.6.0"
|
||||
#define LIBWOLFSSL_VERSION_HEX 0x04006000
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -79,6 +79,11 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
|
|||
#include <libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SILABS_SE_ACCEL
|
||||
#include <libs/libwolfssl/wolfcrypt/port/silabs/silabs_aes.h>
|
||||
#endif
|
||||
|
||||
|
||||
#if defined(HAVE_AESGCM) && !defined(WC_NO_RNG)
|
||||
#include <libs/libwolfssl/wolfcrypt/random.h>
|
||||
#endif
|
||||
|
@ -143,7 +148,8 @@ enum {
|
|||
#endif
|
||||
|
||||
#ifdef HAVE_PKCS11
|
||||
AES_MAX_ID_LEN = 32,
|
||||
AES_MAX_ID_LEN = 32,
|
||||
AES_MAX_LABEL_LEN = 32,
|
||||
#endif
|
||||
};
|
||||
|
||||
|
@ -171,6 +177,12 @@ struct Aes {
|
|||
#ifdef GCM_TABLE
|
||||
/* key-based fast multiplication table. */
|
||||
ALIGN16 byte M0[256][AES_BLOCK_SIZE];
|
||||
#elif defined(GCM_TABLE_4BIT)
|
||||
#if defined(BIG_ENDIAN_ORDER) || defined(WC_16BIT_CPU)
|
||||
ALIGN16 byte M0[16][AES_BLOCK_SIZE];
|
||||
#else
|
||||
ALIGN16 byte M0[32][AES_BLOCK_SIZE];
|
||||
#endif
|
||||
#endif /* GCM_TABLE */
|
||||
#ifdef HAVE_CAVIUM_OCTEON_SYNC
|
||||
word32 y0;
|
||||
|
@ -186,6 +198,8 @@ struct Aes {
|
|||
#ifdef HAVE_PKCS11
|
||||
byte id[AES_MAX_ID_LEN];
|
||||
int idLen;
|
||||
char label[AES_MAX_LABEL_LEN];
|
||||
int labelLen;
|
||||
#endif
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
WC_ASYNC_DEV asyncDev;
|
||||
|
@ -231,6 +245,9 @@ struct Aes {
|
|||
#endif
|
||||
#if defined(WOLFSSL_IMXRT_DCP)
|
||||
dcp_handle_t handle;
|
||||
#endif
|
||||
#if defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
silabs_aes_t ctx;
|
||||
#endif
|
||||
void* heap; /* memory hint to use */
|
||||
};
|
||||
|
@ -431,6 +448,8 @@ WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
|
|||
#ifdef HAVE_PKCS11
|
||||
WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
|
||||
int devId);
|
||||
WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap,
|
||||
int devId);
|
||||
#endif
|
||||
WOLFSSL_API void wc_AesFree(Aes* aes);
|
||||
|
||||
|
|
|
@ -100,6 +100,7 @@ enum ASN_Tags {
|
|||
ASN_SEQUENCE = 0x10,
|
||||
ASN_SET = 0x11,
|
||||
ASN_PRINTABLE_STRING = 0x13,
|
||||
ASN_IA5_STRING = 0x16,
|
||||
ASN_UTC_TIME = 0x17,
|
||||
ASN_OTHER_TYPE = 0x00,
|
||||
ASN_RFC822_TYPE = 0x01,
|
||||
|
@ -142,6 +143,9 @@ enum DN_Tags {
|
|||
ASN_DOMAIN_COMPONENT = 0x19 /* DC */
|
||||
};
|
||||
|
||||
/* This is the size of the smallest possible PEM header and footer */
|
||||
extern const int pem_struct_min_sz;
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
typedef struct WOLFSSL_ObjectInfo {
|
||||
int nid;
|
||||
|
@ -202,6 +206,7 @@ enum
|
|||
NID_sha256 = 672,
|
||||
NID_sha384 = 673,
|
||||
NID_sha512 = 674,
|
||||
NID_pkcs9_challengePassword = 54,
|
||||
NID_hw_name_oid = 73,
|
||||
NID_id_pkix_OCSP_basic = 74,
|
||||
NID_any_policy = 75,
|
||||
|
@ -228,6 +233,7 @@ enum
|
|||
NID_inhibit_any_policy = 168, /* 2.5.29.54 */
|
||||
NID_tlsfeature = 1020, /* id-pe 24 */
|
||||
NID_commonName = 0x03, /* matches ASN_COMMON_NAME in asn.h */
|
||||
NID_buildingName = 1494,
|
||||
|
||||
|
||||
NID_surname = 0x04, /* SN */
|
||||
|
@ -300,7 +306,7 @@ enum Misc_ASN {
|
|||
#endif
|
||||
RSA_INTS = 8, /* RSA ints in private key */
|
||||
DSA_INTS = 5, /* DSA ints in private key */
|
||||
MIN_DATE_SIZE = 13,
|
||||
MIN_DATE_SIZE = 12,
|
||||
MAX_DATE_SIZE = 32,
|
||||
ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */
|
||||
#ifndef NO_RSA
|
||||
|
@ -382,6 +388,9 @@ enum Misc_ASN {
|
|||
MIN_VERSION_SZ = 3, /* Min bytes needed for GetMyVersion */
|
||||
MAX_X509_VERSION = 3, /* Max X509 version allowed */
|
||||
MIN_X509_VERSION = 0, /* Min X509 version allowed */
|
||||
WOLFSSL_X509_V1 = 0,
|
||||
WOLFSSL_X509_V2 = 1,
|
||||
WOLFSSL_X509_V3 = 2,
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
|
||||
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
|
||||
defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7)
|
||||
|
@ -422,6 +431,7 @@ enum Oid_Types {
|
|||
oidCertNameType = 17,
|
||||
oidTlsExtType = 18,
|
||||
oidCrlExtType = 19,
|
||||
oidCsrAttrType = 20,
|
||||
oidIgnoreType
|
||||
};
|
||||
|
||||
|
@ -588,6 +598,14 @@ enum KeyIdType {
|
|||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
enum CsrAttrType {
|
||||
CHALLENGE_PASSWORD_OID = 659,
|
||||
SERIAL_NUMBER_OID = 94,
|
||||
EXTENSION_REQUEST_OID = 666,
|
||||
};
|
||||
#endif
|
||||
|
||||
/* Key usage extension bits (based on RFC 5280) */
|
||||
#define KEYUSE_DIGITAL_SIG 0x0080
|
||||
#define KEYUSE_CONTENT_COMMIT 0x0040
|
||||
|
@ -660,7 +678,9 @@ struct SignatureCtx {
|
|||
byte* digest;
|
||||
#ifndef NO_RSA
|
||||
byte* out;
|
||||
byte* plain;
|
||||
#endif
|
||||
#if !(defined(NO_RSA) && defined(NO_DSA))
|
||||
byte* sigCpy;
|
||||
#endif
|
||||
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
|
||||
int verify;
|
||||
|
@ -669,6 +689,9 @@ struct SignatureCtx {
|
|||
#ifndef NO_RSA
|
||||
struct RsaKey* rsa;
|
||||
#endif
|
||||
#ifndef NO_DSA
|
||||
struct DsaKey* dsa;
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
struct ecc_key* ecc;
|
||||
#endif
|
||||
|
@ -766,6 +789,7 @@ struct DecodedCert {
|
|||
DNS_entry* altNames; /* alt names list of dns entries */
|
||||
#ifndef IGNORE_NAME_CONSTRAINTS
|
||||
DNS_entry* altEmailNames; /* alt names list of RFC822 entries */
|
||||
DNS_entry* altDirNames; /* alt names list of DIR entries */
|
||||
Base_entry* permittedNames; /* Permitted name bases */
|
||||
Base_entry* excludedNames; /* Excluded name bases */
|
||||
#endif /* IGNORE_NAME_CONSTRAINTS */
|
||||
|
@ -888,6 +912,14 @@ struct DecodedCert {
|
|||
int extCertPoliciesNb;
|
||||
#endif /* defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT) */
|
||||
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
/* CSR attributes */
|
||||
char* cPwd; /* challengePassword */
|
||||
int cPwdLen;
|
||||
char* sNum; /* Serial Number */
|
||||
int sNumLen;
|
||||
#endif /* WOLFSSL_CERT_REQ */
|
||||
|
||||
Signer* ca;
|
||||
#ifndef NO_CERTS
|
||||
SignatureCtx sigCtx;
|
||||
|
@ -939,7 +971,9 @@ struct DecodedCert {
|
|||
#if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
|
||||
byte extCertPolicyCrit : 1;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
byte isCSR : 1; /* Do we intend on parsing a CSR? */
|
||||
#endif
|
||||
};
|
||||
|
||||
|
||||
|
@ -1036,6 +1070,12 @@ WOLFSSL_LOCAL int EncodePolicyOID(byte *out, word32 *outSz,
|
|||
WOLFSSL_API int CheckCertSignature(const byte*,word32,void*,void* cm);
|
||||
WOLFSSL_LOCAL int CheckCertSignaturePubKey(const byte* cert, word32 certSz,
|
||||
void* heap, const byte* pubKey, word32 pubKeySz, int pubKeyOID);
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
WOLFSSL_LOCAL int CheckCSRSignaturePubKey(const byte* cert, word32 certSz, void* heap,
|
||||
const byte* pubKey, word32 pubKeySz, int pubKeyOID);
|
||||
#endif /* WOLFSSL_CERT_REQ */
|
||||
WOLFSSL_LOCAL int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz,
|
||||
int sigAlgoType);
|
||||
WOLFSSL_LOCAL int ParseCertRelative(DecodedCert*,int type,int verify,void* cm);
|
||||
WOLFSSL_LOCAL int DecodeToKey(DecodedCert*, int verify);
|
||||
WOLFSSL_LOCAL int wc_GetPubX509(DecodedCert* cert, int verify, int* badDate);
|
||||
|
@ -1108,6 +1148,8 @@ WOLFSSL_LOCAL int GetSequence_ex(const byte* input, word32* inOutIdx, int* len,
|
|||
word32 maxIdx, int check);
|
||||
WOLFSSL_LOCAL int GetOctetString(const byte* input, word32* inOutIdx, int* len,
|
||||
word32 maxIdx);
|
||||
WOLFSSL_LOCAL int CheckBitString(const byte* input, word32* inOutIdx, int* len,
|
||||
word32 maxIdx, int zeroBits, byte* unusedBits);
|
||||
WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
|
||||
word32 maxIdx);
|
||||
WOLFSSL_LOCAL int GetSet_ex(const byte* input, word32* inOutIdx, int* len,
|
||||
|
@ -1142,6 +1184,7 @@ WOLFSSL_LOCAL int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz);
|
|||
WOLFSSL_LOCAL int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz);
|
||||
WOLFSSL_LOCAL int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
|
||||
#endif
|
||||
WOLFSSL_LOCAL int SetASNInt(int len, byte firstByte, byte* output);
|
||||
WOLFSSL_LOCAL word32 SetBitString(word32 len, byte unusedBits, byte* output);
|
||||
WOLFSSL_LOCAL word32 SetImplicit(byte tag,byte number,word32 len,byte* output);
|
||||
WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
|
||||
|
@ -1154,7 +1197,9 @@ WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx,
|
|||
byte* serial, int* serialSz, word32 maxIdx);
|
||||
WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
|
||||
int maxIdx);
|
||||
WOLFSSL_LOCAL int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der);
|
||||
WOLFSSL_LOCAL int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der);
|
||||
WOLFSSL_LOCAL int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
||||
const byte* pubKey, word32 pubKeySz, enum Key_Sum ks);
|
||||
WOLFSSL_LOCAL int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g);
|
||||
WOLFSSL_LOCAL int FlattenAltNames( byte*, word32, const DNS_entry*);
|
||||
|
||||
|
@ -1162,8 +1207,12 @@ WOLFSSL_LOCAL int FlattenAltNames( byte*, word32, const DNS_entry*);
|
|||
/* ASN sig helpers */
|
||||
WOLFSSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
|
||||
mp_int* s);
|
||||
WOLFSSL_LOCAL int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen,
|
||||
const byte* r, word32 rLen, const byte* s, word32 sLen);
|
||||
WOLFSSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
|
||||
mp_int* r, mp_int* s);
|
||||
WOLFSSL_LOCAL int DecodeECC_DSA_Sig_Bin(const byte* sig, word32 sigLen,
|
||||
byte* r, word32* rLen, byte* s, word32* sLen);
|
||||
#endif
|
||||
#if defined HAVE_ECC && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
|
||||
WOLFSSL_API int EccEnumToNID(int n);
|
||||
|
@ -1200,7 +1249,8 @@ enum cert_enums {
|
|||
NTRU_KEY = 11,
|
||||
ECC_KEY = 12,
|
||||
ED25519_KEY = 13,
|
||||
ED448_KEY = 14
|
||||
ED448_KEY = 14,
|
||||
DSA_KEY = 15
|
||||
};
|
||||
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
|
@ -1251,6 +1301,9 @@ struct CertStatus {
|
|||
|
||||
byte serial[EXTERNAL_SERIAL_SIZE];
|
||||
int serialSz;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_ASN1_INTEGER* serialInt;
|
||||
#endif
|
||||
|
||||
int status;
|
||||
|
||||
|
@ -1258,7 +1311,7 @@ struct CertStatus {
|
|||
byte nextDate[MAX_DATE_SIZE];
|
||||
byte thisDateFormat;
|
||||
byte nextDateFormat;
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
|
||||
WOLFSSL_ASN1_TIME thisDateParsed;
|
||||
WOLFSSL_ASN1_TIME nextDateParsed;
|
||||
byte* thisDateAsn;
|
||||
|
@ -1269,7 +1322,34 @@ struct CertStatus {
|
|||
word32 rawOcspResponseSz;
|
||||
};
|
||||
|
||||
typedef struct OcspEntry OcspEntry;
|
||||
|
||||
#ifdef NO_SHA
|
||||
#define OCSP_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
|
||||
#else
|
||||
#define OCSP_DIGEST_SIZE WC_SHA_DIGEST_SIZE
|
||||
#endif
|
||||
|
||||
struct OcspEntry
|
||||
{
|
||||
OcspEntry *next; /* next entry */
|
||||
word32 hashAlgoOID; /* hash algo ID */
|
||||
byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */
|
||||
byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */
|
||||
CertStatus *status; /* OCSP response list */
|
||||
int totalStatus; /* number on list */
|
||||
byte* rawCertId; /* raw bytes of the CertID */
|
||||
int rawCertIdSize; /* num bytes in raw CertID */
|
||||
/* option bits - using 32-bit for alignment */
|
||||
word32 isDynamic:1; /* was dynamically allocated */
|
||||
|
||||
};
|
||||
|
||||
/* TODO: Long-term, it would be helpful if we made this struct and other OCSP
|
||||
structs conform to the ASN spec as described in RFC 6960. It will help
|
||||
with readability and with implementing OpenSSL compatibility API
|
||||
functions, because OpenSSL's OCSP data structures conform to the
|
||||
RFC. */
|
||||
struct OcspResponse {
|
||||
int responseStatus; /* return code from Responder */
|
||||
|
||||
|
@ -1279,8 +1359,6 @@ struct OcspResponse {
|
|||
byte producedDate[MAX_DATE_SIZE];
|
||||
/* Date at which this response was signed */
|
||||
byte producedDateFormat; /* format of the producedDate */
|
||||
byte* issuerHash;
|
||||
byte* issuerKeyHash;
|
||||
|
||||
byte* cert;
|
||||
word32 certSz;
|
||||
|
@ -1289,7 +1367,7 @@ struct OcspResponse {
|
|||
word32 sigSz; /* Length in octets for the sig */
|
||||
word32 sigOID; /* OID for hash used for sig */
|
||||
|
||||
CertStatus* status; /* certificate status to fill out */
|
||||
OcspEntry* single; /* chain of OCSP single responses */
|
||||
|
||||
byte* nonce; /* pointer to nonce inside ASN.1 response */
|
||||
int nonceSz; /* length of the nonce string */
|
||||
|
@ -1300,6 +1378,7 @@ struct OcspResponse {
|
|||
#ifdef OPENSSL_EXTRA
|
||||
int verifyError;
|
||||
#endif
|
||||
void* heap;
|
||||
};
|
||||
|
||||
|
||||
|
@ -1320,25 +1399,9 @@ struct OcspRequest {
|
|||
void* ssl;
|
||||
};
|
||||
|
||||
typedef struct OcspEntry OcspEntry;
|
||||
|
||||
#ifdef NO_SHA
|
||||
#define OCSP_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
|
||||
#else
|
||||
#define OCSP_DIGEST_SIZE WC_SHA_DIGEST_SIZE
|
||||
#endif
|
||||
|
||||
struct OcspEntry
|
||||
{
|
||||
OcspEntry *next; /* next entry */
|
||||
byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */
|
||||
byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */
|
||||
CertStatus *status; /* OCSP response list */
|
||||
int totalStatus; /* number on list */
|
||||
};
|
||||
|
||||
WOLFSSL_LOCAL void InitOcspResponse(OcspResponse*, CertStatus*, byte*, word32);
|
||||
WOLFSSL_LOCAL int OcspResponseDecode(OcspResponse*, void*, void* heap, int);
|
||||
WOLFSSL_LOCAL void InitOcspResponse(OcspResponse*, OcspEntry*, CertStatus*, byte*, word32, void*);
|
||||
WOLFSSL_LOCAL void FreeOcspResponse(OcspResponse*);
|
||||
WOLFSSL_LOCAL int OcspResponseDecode(OcspResponse*, void*, void* heap, int);
|
||||
|
||||
WOLFSSL_LOCAL int InitOcspRequest(OcspRequest*, DecodedCert*, byte, void*);
|
||||
WOLFSSL_LOCAL void FreeOcspRequest(OcspRequest*);
|
||||
|
@ -1416,12 +1479,13 @@ WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
|
|||
#endif
|
||||
|
||||
enum PBESTypes {
|
||||
PBE_MD5_DES = 0,
|
||||
PBE_SHA1_RC4_128 = 1,
|
||||
PBE_SHA1_DES = 2,
|
||||
PBE_SHA1_DES3 = 3,
|
||||
PBE_AES256_CBC = 4,
|
||||
PBE_AES128_CBC = 5,
|
||||
PBE_MD5_DES = 0,
|
||||
PBE_SHA1_RC4_128 = 1,
|
||||
PBE_SHA1_DES = 2,
|
||||
PBE_SHA1_DES3 = 3,
|
||||
PBE_AES256_CBC = 4,
|
||||
PBE_AES128_CBC = 5,
|
||||
PBE_SHA1_40RC2_CBC = 6,
|
||||
|
||||
PBE_SHA1_RC4_128_SUM = 657,
|
||||
PBE_SHA1_DES3_SUM = 659,
|
||||
|
|
|
@ -126,6 +126,7 @@ enum CertType {
|
|||
/* Signature type, by OID sum */
|
||||
enum Ctc_SigType {
|
||||
CTC_SHAwDSA = 517,
|
||||
CTC_SHA256wDSA = 416,
|
||||
CTC_MD2wRSA = 646,
|
||||
CTC_MD5wRSA = 648,
|
||||
CTC_SHAwRSA = 649,
|
||||
|
|
|
@ -55,6 +55,9 @@ Block counter is located at index 12.
|
|||
|
||||
/* Size of IV in bytes*/
|
||||
#define CHACHA_IV_BYTES 12
|
||||
#ifdef HAVE_XCHACHA
|
||||
#define XCHACHA_NONCE_BYTES 24
|
||||
#endif
|
||||
|
||||
/* Size of ChaCha chunks */
|
||||
#define CHACHA_CHUNK_WORDS 16
|
||||
|
@ -92,8 +95,17 @@ WOLFSSL_API int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter);
|
|||
|
||||
WOLFSSL_API int wc_Chacha_Process(ChaCha* ctx, byte* cipher, const byte* plain,
|
||||
word32 msglen);
|
||||
|
||||
WOLFSSL_LOCAL void wc_Chacha_purge_current_block(ChaCha* ctx);
|
||||
|
||||
WOLFSSL_API int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz);
|
||||
|
||||
#ifdef HAVE_XCHACHA
|
||||
WOLFSSL_API int wc_XChacha_SetKey(ChaCha *ctx, const byte *key, word32 keySz,
|
||||
const byte *nonce, word32 nonceSz,
|
||||
word32 counter);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
|
|
@ -48,6 +48,7 @@ or Authenticated Encryption with Additional Data (AEAD) algorithm.
|
|||
#define CHACHA20_POLY1305_AEAD_IV_SIZE 12
|
||||
#define CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE 16
|
||||
#define CHACHA20_POLY1305_MAX 4294967295U
|
||||
#define XCHACHA20_POLY1305_AEAD_NONCE_SIZE 24
|
||||
|
||||
enum {
|
||||
CHACHA20_POLY_1305_ENC_TYPE = 8, /* cipher unique type */
|
||||
|
@ -123,6 +124,30 @@ WOLFSSL_API int wc_ChaCha20Poly1305_UpdateData(ChaChaPoly_Aead* aead,
|
|||
WOLFSSL_API int wc_ChaCha20Poly1305_Final(ChaChaPoly_Aead* aead,
|
||||
byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
|
||||
|
||||
#ifdef HAVE_XCHACHA
|
||||
|
||||
WOLFSSL_API int wc_XChaCha20Poly1305_Init(
|
||||
ChaChaPoly_Aead* aead,
|
||||
const byte *ad, word32 ad_len,
|
||||
const byte *inKey, word32 inKeySz,
|
||||
const byte *inIV, word32 inIVSz,
|
||||
int isEncrypt);
|
||||
|
||||
WOLFSSL_API int wc_XChaCha20Poly1305_Encrypt(
|
||||
byte *dst, const size_t dst_space,
|
||||
const byte *src, const size_t src_len,
|
||||
const byte *ad, const size_t ad_len,
|
||||
const byte *nonce, const size_t nonce_len,
|
||||
const byte *key, const size_t key_len);
|
||||
|
||||
WOLFSSL_API int wc_XChaCha20Poly1305_Decrypt(
|
||||
byte *dst, const size_t dst_space,
|
||||
const byte *src, const size_t src_len,
|
||||
const byte *ad, const size_t ad_len,
|
||||
const byte *nonce, const size_t nonce_len,
|
||||
const byte *key, const size_t key_len);
|
||||
|
||||
#endif /* HAVE_XCHACHA */
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
|
|
@ -47,6 +47,8 @@ WOLFSSL_API int wc_Compress_ex(byte* out, word32 outSz, const byte* in,
|
|||
WOLFSSL_API int wc_DeCompress(byte*, word32, const byte*, word32);
|
||||
WOLFSSL_API int wc_DeCompress_ex(byte* out, word32 outSz, const byte* in,
|
||||
word32 inSz, int windowBits);
|
||||
WOLFSSL_API int wc_DeCompressDynamic(byte** out, int max, int memoryType,
|
||||
const byte* in, word32 inSz, int windowBits, void* heap);
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
|
|
@ -34,6 +34,7 @@
|
|||
|
||||
#if defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \
|
||||
defined(WOLFSSL_AESNI)
|
||||
|
||||
#define CPUID_AVX1 0x0001
|
||||
#define CPUID_AVX2 0x0002
|
||||
#define CPUID_RDRAND 0x0004
|
||||
|
@ -59,6 +60,7 @@
|
|||
WOLFSSL_API void cpuid_select_flags(word32 flags);
|
||||
WOLFSSL_API void cpuid_set_flag(word32 flag);
|
||||
WOLFSSL_API void cpuid_clear_flag(word32 flag);
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -85,6 +85,11 @@ typedef struct wc_CryptoInfo {
|
|||
WC_RNG* rng;
|
||||
} rsakg;
|
||||
#endif
|
||||
struct {
|
||||
RsaKey* key;
|
||||
const byte* pubKey;
|
||||
word32 pubKeySz;
|
||||
} rsa_check;
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
struct {
|
||||
|
@ -115,6 +120,11 @@ typedef struct wc_CryptoInfo {
|
|||
int* res;
|
||||
ecc_key* key;
|
||||
} eccverify;
|
||||
struct {
|
||||
ecc_key* key;
|
||||
const byte* pubKey;
|
||||
word32 pubKeySz;
|
||||
} ecc_check;
|
||||
#endif
|
||||
};
|
||||
} pk;
|
||||
|
@ -212,7 +222,7 @@ typedef struct wc_CryptoInfo {
|
|||
typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
|
||||
|
||||
WOLFSSL_LOCAL void wc_CryptoCb_Init(void);
|
||||
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_GetDevIdAtIndex(int startIdx);
|
||||
WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
|
||||
WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId);
|
||||
|
||||
|
@ -229,6 +239,9 @@ WOLFSSL_LOCAL int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
|
|||
WOLFSSL_LOCAL int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e,
|
||||
WC_RNG* rng);
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_RsaCheckPrivKey(RsaKey* key, const byte* pubKey,
|
||||
word32 pubKeySz);
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
|
@ -243,6 +256,9 @@ WOLFSSL_LOCAL int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out,
|
|||
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen,
|
||||
const byte* hash, word32 hashlen, int* res, ecc_key* key);
|
||||
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey,
|
||||
word32 pubKeySz);
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#ifndef NO_AES
|
||||
|
|
|
@ -121,8 +121,8 @@ WOLFSSL_API int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz,
|
|||
const byte* pub, word32 pubSz);
|
||||
WOLFSSL_API int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz,
|
||||
byte* pub, word32* pPubSz);
|
||||
#endif /* WOLFSSL_DH_EXTRA */
|
||||
|
||||
WOLFSSL_LOCAL int wc_DhKeyCopy(DhKey* src, DhKey* dst);
|
||||
#endif
|
||||
WOLFSSL_API int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz,
|
||||
const byte* g, word32 gSz, const byte* q, word32 qSz,
|
||||
int trusted, WC_RNG* rng);
|
||||
|
|
|
@ -58,6 +58,10 @@
|
|||
#include <libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h>
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SILABS_SE_ACCEL
|
||||
#include <libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h>
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
|
||||
#endif
|
||||
|
@ -125,7 +129,7 @@ enum {
|
|||
ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */
|
||||
SIG_HEADER_SZ = 7, /* ECC signature header size (30 81 87 02 42 [R] 02 42 [S]) */
|
||||
ECC_BUFSIZE = 256, /* for exported keys temp buffer */
|
||||
ECC_MINSIZE = 20, /* MIN Private Key size */
|
||||
ECC_MINSIZE = ECC_MIN_KEY_SZ/8, /* MIN Private Key size */
|
||||
ECC_MAXSIZE = 66, /* MAX Private Key size */
|
||||
ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/
|
||||
ECC_MAX_OID_LEN = 16,
|
||||
|
@ -137,6 +141,8 @@ enum {
|
|||
ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2),
|
||||
#elif defined(PLUTON_CRYPTO_ECC)
|
||||
ECC_MAX_CRYPTO_HW_SIZE = 32,
|
||||
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
ECC_MAX_CRYPTO_HW_SIZE = 32,
|
||||
#elif defined(WOLFSSL_CRYPTOCELL)
|
||||
#ifndef CRYPTOCELL_KEY_SIZE
|
||||
CRYPTOCELL_KEY_SIZE = ECC_MAXSIZE,
|
||||
|
@ -152,8 +158,9 @@ enum {
|
|||
/* Shamir's dual add constants */
|
||||
SHAMIR_PRECOMP_SZ = 16,
|
||||
|
||||
#ifdef HAVE_PKCS11
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
ECC_MAX_ID_LEN = 32,
|
||||
ECC_MAX_LABEL_LEN = 32,
|
||||
#endif
|
||||
};
|
||||
|
||||
|
@ -315,7 +322,8 @@ typedef struct ecc_set_type {
|
|||
#endif
|
||||
|
||||
/* determine buffer size */
|
||||
#define FP_SIZE_ECC (FP_MAX_BITS_ECC/DIGIT_BIT)
|
||||
/* Add one to accommodate extra digit used by sp_mul(), sp_mulmod(), sp_sqr(), and sp_sqrmod(). */
|
||||
#define FP_SIZE_ECC ((FP_MAX_BITS_ECC/DIGIT_BIT) + 1)
|
||||
|
||||
|
||||
/* This needs to match the size of the fp_int struct, except the
|
||||
|
@ -395,6 +403,16 @@ struct ecc_key {
|
|||
#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_CB)
|
||||
int devId;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SILABS_SE_ACCEL
|
||||
sl_se_command_context_t cmd_ctx;
|
||||
sl_se_key_descriptor_t key;
|
||||
/* Used for SiLabs "plaintext" with public X, public Y, and
|
||||
* private D concatenated. These are respectively at offset `0`,
|
||||
* offset `keysize`, and offset `2 * keysize`.
|
||||
*/
|
||||
byte key_raw[3 * ECC_MAX_CRYPTO_HW_SIZE];
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
mp_int* r; /* sign/verify temps */
|
||||
mp_int* s;
|
||||
|
@ -407,9 +425,11 @@ struct ecc_key {
|
|||
CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
|
||||
#endif
|
||||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||
#ifdef HAVE_PKCS11
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
byte id[ECC_MAX_ID_LEN];
|
||||
int idLen;
|
||||
char label[ECC_MAX_LABEL_LEN];
|
||||
int labelLen;
|
||||
#endif
|
||||
#if defined(WOLFSSL_CRYPTOCELL)
|
||||
ecc_context_t ctx;
|
||||
|
@ -474,6 +494,9 @@ ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a,
|
|||
WOLFSSL_LOCAL
|
||||
int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B, ecc_point* R,
|
||||
mp_int* a, mp_int* modulus, mp_digit mp, int* infinity);
|
||||
WOLFSSL_LOCAL
|
||||
int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a,
|
||||
mp_int* modulus, mp_digit mp);
|
||||
|
||||
#endif
|
||||
|
||||
|
@ -541,10 +564,12 @@ WOLFSSL_API
|
|||
int wc_ecc_init(ecc_key* key);
|
||||
WOLFSSL_ABI WOLFSSL_API
|
||||
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
|
||||
#ifdef HAVE_PKCS11
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
WOLFSSL_API
|
||||
int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
|
||||
int devId);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_init_label(ecc_key* key, const char* label, void* heap, int devId);
|
||||
#endif
|
||||
#ifdef WOLFSSL_CUSTOM_CURVES
|
||||
WOLFSSL_LOCAL
|
||||
|
|
|
@ -46,12 +46,15 @@
|
|||
|
||||
#if defined(CURVED448_128BIT)
|
||||
typedef int64_t fe448;
|
||||
#ifdef __SIZEOF_INT128__
|
||||
typedef __uint128_t uint128_t;
|
||||
typedef __int128_t int128_t;
|
||||
#else
|
||||
typedef unsigned long uint128_t __attribute__ ((mode(TI)));
|
||||
typedef long int128_t __attribute__ ((mode(TI)));
|
||||
#ifndef WOLFSSL_UINT128_T_DEFINED
|
||||
#ifdef __SIZEOF_INT128__
|
||||
typedef __uint128_t uint128_t;
|
||||
typedef __int128_t int128_t;
|
||||
#else
|
||||
typedef unsigned long uint128_t __attribute__ ((mode(TI)));
|
||||
typedef long int128_t __attribute__ ((mode(TI)));
|
||||
#endif
|
||||
#define WOLFSSL_UINT128_T_DEFINED
|
||||
#endif
|
||||
#else
|
||||
typedef int32_t fe448;
|
||||
|
|
|
@ -94,7 +94,8 @@ enum {
|
|||
WC_SHA3_512 = WC_HASH_TYPE_SHA3_512,
|
||||
#endif
|
||||
#ifdef HAVE_PKCS11
|
||||
HMAC_MAX_ID_LEN = 32,
|
||||
HMAC_MAX_ID_LEN = 32,
|
||||
HMAC_MAX_LABEL_LEN = 32,
|
||||
#endif
|
||||
};
|
||||
|
||||
|
@ -153,6 +154,8 @@ struct Hmac {
|
|||
#ifdef HAVE_PKCS11
|
||||
byte id[HMAC_MAX_ID_LEN];
|
||||
int idLen;
|
||||
char label[HMAC_MAX_LABEL_LEN];
|
||||
int labelLen;
|
||||
#endif
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
|
||||
word16 keyLen; /* hmac key length (key in ipad) */
|
||||
|
@ -174,8 +177,12 @@ WOLFSSL_API int wc_HmacFinal(Hmac*, byte*);
|
|||
WOLFSSL_API int wc_HmacSizeByType(int type);
|
||||
|
||||
WOLFSSL_API int wc_HmacInit(Hmac* hmac, void* heap, int devId);
|
||||
#ifdef HAVE_PKCS11
|
||||
WOLFSSL_API int wc_HmacInit_Id(Hmac* hmac, byte* id, int len, void* heap,
|
||||
int devId);
|
||||
WOLFSSL_API int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap,
|
||||
int devId);
|
||||
#endif
|
||||
WOLFSSL_API void wc_HmacFree(Hmac*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_GetHmacMaxSize(void);
|
||||
|
|
|
@ -33,7 +33,7 @@
|
|||
may not be faster on all
|
||||
*/
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h> /* will set MP_xxBIT if not default */
|
||||
#ifdef WOLFSSL_SP_MATH
|
||||
#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
|
||||
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
|
||||
#elif defined(USE_FAST_MATH)
|
||||
#include <libs/libwolfssl/wolfcrypt/tfm.h>
|
||||
|
@ -161,7 +161,7 @@ extern "C" {
|
|||
#define MP_OKAY 0 /* ok result */
|
||||
#define MP_MEM -2 /* out of mem */
|
||||
#define MP_VAL -3 /* invalid input */
|
||||
#define MP_NOT_INF -4 /* point not at infinity */
|
||||
#define MP_NOT_INF -4 /* point not at infinity */
|
||||
#define MP_RANGE MP_NOT_INF
|
||||
|
||||
#define MP_YES 1 /* yes response */
|
||||
|
|
|
@ -100,6 +100,10 @@ WOLFSSL_API int wolfSSL_Debugging_ON(void);
|
|||
/* turn logging off */
|
||||
WOLFSSL_API void wolfSSL_Debugging_OFF(void);
|
||||
|
||||
#ifdef HAVE_WC_INTROSPECTION
|
||||
WOLFSSL_API const char *wolfSSL_configure_args(void);
|
||||
WOLFSSL_API const char *wolfSSL_global_cflags(void);
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
|
||||
WOLFSSL_LOCAL int wc_LoggingInit(void);
|
||||
|
@ -187,6 +191,14 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
|
|||
#define WOLFSSL_ERROR_MSG(m)
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_STACK_SIZE_VERBOSE
|
||||
extern WOLFSSL_API THREAD_LS_T unsigned char *StackSizeCheck_myStack;
|
||||
extern WOLFSSL_API THREAD_LS_T size_t StackSizeCheck_stackSize;
|
||||
extern WOLFSSL_API THREAD_LS_T size_t StackSizeCheck_stackSizeHWM;
|
||||
extern WOLFSSL_API THREAD_LS_T size_t *StackSizeCheck_stackSizeHWM_ptr;
|
||||
extern WOLFSSL_API THREAD_LS_T void *StackSizeCheck_stackOffsetPointer;
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -76,6 +76,15 @@
|
|||
long totalBytes; /* total number of bytes allocated */
|
||||
long peakBytes; /* concurrent max bytes */
|
||||
long currentBytes; /* total current bytes in use */
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
|
||||
long peakAllocsTripOdometer; /* peak number of concurrent allocations,
|
||||
* subject to reset by
|
||||
* wolfCrypt_heap_peak_checkpoint()
|
||||
*/
|
||||
long peakBytesTripOdometer; /* peak concurrent bytes, subject to reset
|
||||
* by wolfCrypt_heap_peak_checkpoint()
|
||||
*/
|
||||
#endif
|
||||
} memoryStats;
|
||||
|
||||
typedef struct memHint {
|
||||
|
@ -170,8 +179,17 @@
|
|||
ourMemStats.totalAllocs++;
|
||||
ourMemStats.totalBytes += sz;
|
||||
ourMemStats.currentBytes += sz;
|
||||
if (ourMemStats.currentBytes > ourMemStats.peakBytes)
|
||||
ourMemStats.peakBytes = ourMemStats.currentBytes;
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
|
||||
if (ourMemStats.peakAllocsTripOdometer < ourMemStats.totalAllocs - ourMemStats.totalDeallocs)
|
||||
ourMemStats.peakAllocsTripOdometer = ourMemStats.totalAllocs - ourMemStats.totalDeallocs;
|
||||
if (ourMemStats.peakBytesTripOdometer < ourMemStats.currentBytes) {
|
||||
ourMemStats.peakBytesTripOdometer = ourMemStats.currentBytes;
|
||||
#endif
|
||||
if (ourMemStats.currentBytes > ourMemStats.peakBytes)
|
||||
ourMemStats.peakBytes = ourMemStats.currentBytes;
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
#ifdef DO_MEM_LIST
|
||||
if (pthread_mutex_lock(&memLock) == 0) {
|
||||
|
@ -338,8 +356,12 @@
|
|||
ourMemStats.totalBytes = 0;
|
||||
ourMemStats.peakBytes = 0;
|
||||
ourMemStats.currentBytes = 0;
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
|
||||
ourMemStats.peakAllocsTripOdometer = 0;
|
||||
ourMemStats.peakBytesTripOdometer = 0;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef DO_MEM_LIST
|
||||
XMEMSET(&ourMemList, 0, sizeof(ourMemList));
|
||||
|
||||
|
|
|
@ -43,11 +43,23 @@ word32 rotlFixed(word32, word32);
|
|||
WOLFSSL_LOCAL
|
||||
word32 rotrFixed(word32, word32);
|
||||
|
||||
#ifdef WC_RC2
|
||||
WOLFSSL_LOCAL
|
||||
word16 rotlFixed16(word16, word16);
|
||||
WOLFSSL_LOCAL
|
||||
word16 rotrFixed16(word16, word16);
|
||||
#endif
|
||||
|
||||
WOLFSSL_LOCAL
|
||||
word32 ByteReverseWord32(word32);
|
||||
WOLFSSL_LOCAL
|
||||
void ByteReverseWords(word32*, const word32*, word32);
|
||||
|
||||
WOLFSSL_LOCAL
|
||||
void XorWordsOut(wolfssl_word* r, const wolfssl_word* a, const wolfssl_word* b,
|
||||
word32 n);
|
||||
WOLFSSL_LOCAL
|
||||
void xorbufout(void*, const void*, const void*, word32);
|
||||
WOLFSSL_LOCAL
|
||||
void XorWords(wolfssl_word*, const wolfssl_word*, word32);
|
||||
WOLFSSL_LOCAL
|
||||
|
@ -103,7 +115,9 @@ WOLFSSL_LOCAL byte ctMaskLT(int a, int b);
|
|||
WOLFSSL_LOCAL byte ctMaskLTE(int a, int b);
|
||||
WOLFSSL_LOCAL byte ctMaskEq(int a, int b);
|
||||
WOLFSSL_LOCAL word16 ctMask16GT(int a, int b);
|
||||
WOLFSSL_LOCAL word16 ctMask16GTE(int a, int b);
|
||||
WOLFSSL_LOCAL word16 ctMask16LT(int a, int b);
|
||||
WOLFSSL_LOCAL word16 ctMask16LTE(int a, int b);
|
||||
WOLFSSL_LOCAL word16 ctMask16Eq(int a, int b);
|
||||
WOLFSSL_LOCAL byte ctMaskNotEq(int a, int b);
|
||||
WOLFSSL_LOCAL byte ctMaskSel(byte m, byte a, byte b);
|
||||
|
|
|
@ -53,6 +53,8 @@ WOLFSSL_API int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz);
|
|||
WOLFSSL_API int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
|
||||
byte** pkey, word32* pkeySz, byte** cert, word32* certSz,
|
||||
WC_DerCertList** ca);
|
||||
WOLFSSL_LOCAL int wc_PKCS12_verify_ex(WC_PKCS12* pkcs12,
|
||||
const byte* psw, word32 pswSz);
|
||||
WOLFSSL_API WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz,
|
||||
char* name, byte* key, word32 keySz, byte* cert, word32 certSz,
|
||||
WC_DerCertList* ca, int nidKey, int nidCert, int iter, int macIter,
|
||||
|
|
|
@ -48,8 +48,12 @@
|
|||
|
||||
/* Max number of certificates that PKCS7 structure can parse */
|
||||
#ifndef MAX_PKCS7_CERTS
|
||||
#ifdef OPENSSL_ALL
|
||||
#define MAX_PKCS7_CERTS 15
|
||||
#else
|
||||
#define MAX_PKCS7_CERTS 4
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifndef MAX_ORI_TYPE_SZ
|
||||
#define MAX_ORI_TYPE_SZ MAX_OID_SZ
|
||||
|
@ -154,8 +158,8 @@ enum Pkcs7_Misc {
|
|||
MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
|
||||
MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ,
|
||||
#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
|
||||
(HAVE_FIPS_VERSION >= 2)) || (defined(HAVE_SELFTEST) && \
|
||||
(!defined(HAVE_SELFTEST_VERSION) || HAVE_SELFTEST_VERSION < 2))
|
||||
(HAVE_FIPS_VERSION <= 2)) || (defined(HAVE_SELFTEST) && \
|
||||
(!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2)))
|
||||
/* In the event of fips cert 3389 or CAVP selftest v1 build, these enums are
|
||||
* not in aes.h for use with pkcs7 so enumerate it here outside the fips
|
||||
* boundary */
|
||||
|
|
|
@ -116,6 +116,9 @@ WOLFSSL_API int wc_Poly1305Final(Poly1305* poly1305, byte* tag);
|
|||
/* AEAD Functions */
|
||||
WOLFSSL_API int wc_Poly1305_Pad(Poly1305* ctx, word32 lenToPad);
|
||||
WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz, word32 dataSz);
|
||||
#ifdef WORD64_AVAILABLE
|
||||
WOLFSSL_API int wc_Poly1305_EncodeSizes64(Poly1305* ctx, word64 aadSz, word64 dataSz);
|
||||
#endif
|
||||
WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz,
|
||||
byte* input, word32 sz, byte* tag, word32 tagSz);
|
||||
|
||||
|
|
|
@ -29,10 +29,8 @@
|
|||
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
|
||||
defined(WOLFSSL_ATECC_PKCB)
|
||||
#undef SHA_BLOCK_SIZE
|
||||
#define SHA_BLOCK_SIZE SHA_BLOCK_SIZE_REMAP
|
||||
#include <cryptoauthlib.h>
|
||||
#undef SHA_BLOCK_SIZE
|
||||
#include <cryptoauthlib.h>
|
||||
#endif
|
||||
|
||||
/* ATECC508A/608A only supports ECC P-256 */
|
||||
|
|
67
source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_aes.h
Normal file
67
source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_aes.h
Normal file
|
@ -0,0 +1,67 @@
|
|||
/* silabs_aes.h
|
||||
*
|
||||
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#ifndef _SILABS_AES_H_
|
||||
#define _SILABS_AES_H_
|
||||
|
||||
#include <em_device.h>
|
||||
|
||||
#if defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
|
||||
#include <sl_se_manager.h>
|
||||
#include <sl_se_manager_cipher.h>
|
||||
|
||||
typedef struct {
|
||||
sl_se_command_context_t cmd_ctx;
|
||||
sl_se_key_descriptor_t key;
|
||||
} silabs_aes_t;
|
||||
|
||||
typedef struct Aes Aes;
|
||||
|
||||
#ifdef HAVE_AESGCM
|
||||
int wc_AesGcmEncrypt_silabs (Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
int wc_AesGcmDecrypt_silabs (Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
const byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
|
||||
#endif /* HAVE_AESGCM */
|
||||
|
||||
#ifdef HAVE_AESCCM
|
||||
int wc_AesCcmEncrypt_silabs (Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
int wc_AesCcmDecrypt_silabs (Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
const byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
|
||||
#endif /* HAVE_AESCCM */
|
||||
|
||||
#endif /* defined(WOLFSSL_SILABS_SE_ACCEL) */
|
||||
|
||||
#endif /* _SILABS_AES_H_ */
|
63
source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h
Normal file
63
source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h
Normal file
|
@ -0,0 +1,63 @@
|
|||
/* silabs_ecc.h
|
||||
*
|
||||
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
|
||||
#ifndef _SILABS_ECC_H_
|
||||
#define _SILABS_ECC_H_
|
||||
|
||||
|
||||
#if defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
|
||||
#include <sl_se_manager.h>
|
||||
#include <sl_se_manager_defines.h>
|
||||
#include <sl_se_manager_key_derivation.h>
|
||||
#include <sl_se_manager_signature.h>
|
||||
|
||||
typedef enum ecc_curve_id ecc_curve_id;
|
||||
typedef struct ecc_key ecc_key;
|
||||
|
||||
int silabs_ecc_sign_hash (const byte* in, word32 inlen,
|
||||
byte* out, word32 *outlen,
|
||||
ecc_key* key);
|
||||
int silabs_ecc_verify_hash (const byte* sig, word32 siglen,
|
||||
const byte* hash, word32 hashlen,
|
||||
int* stat, ecc_key* key);
|
||||
|
||||
|
||||
|
||||
int silabs_ecc_make_key(ecc_key* key, int keysize);
|
||||
|
||||
int silabs_ecc_import(ecc_key* key, word32 keysize);
|
||||
|
||||
int silabs_ecc_import_private(ecc_key* key, word32 keysize);
|
||||
|
||||
int silabs_ecc_sig_to_rs(ecc_key* key, word32 keySz);
|
||||
|
||||
int silabs_ecc_import_private_raw(ecc_key* key, word32 keySz, const char* d, int encType);
|
||||
|
||||
int silabs_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
|
||||
byte* out, word32* outlen);
|
||||
|
||||
#endif /* WOLFSSL_SILABS_SE_ACCEL */
|
||||
|
||||
#endif /* _SILABS_ECC_H_ */
|
66
source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_hash.h
Normal file
66
source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_hash.h
Normal file
|
@ -0,0 +1,66 @@
|
|||
/* silabs_hash.h
|
||||
*
|
||||
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
#ifndef _SILABS_HASH_H_
|
||||
#define _SILABS_HASH_H_
|
||||
|
||||
#include <em_device.h>
|
||||
|
||||
#if defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
|
||||
#include <sl_se_manager.h>
|
||||
#include <sl_se_manager_hash.h>
|
||||
|
||||
#if defined(SL_SE_HASH_SHA384) && !defined(NO_SHA384)
|
||||
#define WOLFSSL_SILABS_SHA384
|
||||
#endif
|
||||
|
||||
#if defined(SL_SE_HASH_SHA512) && !defined(NO_SHA384)
|
||||
#define WOLFSSL_SILABS_SHA512
|
||||
#endif
|
||||
|
||||
typedef struct {
|
||||
sl_se_hash_streaming_context_t hash_ctx;
|
||||
sl_se_command_context_t cmd_ctx;
|
||||
union hash_type_ctx_u {
|
||||
sl_se_sha1_streaming_context_t sha1_ctx;
|
||||
sl_se_sha224_streaming_context_t sha224_ctx;
|
||||
sl_se_sha256_streaming_context_t sha256_ctx;
|
||||
#ifdef WOLFSSL_SILABS_SHA384
|
||||
sl_se_sha384_streaming_context_t sha384_ctx;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SILABS_SHA512
|
||||
sl_se_sha512_streaming_context_t sha512_ctx;
|
||||
#endif
|
||||
} hash_type_ctx;
|
||||
} wc_silabs_sha_t;
|
||||
|
||||
int wc_silabs_se_hash_init (wc_silabs_sha_t* sha, enum wc_HashType type);
|
||||
int wc_silabs_se_hash_update (wc_silabs_sha_t* sha, const byte* data, word32 len);
|
||||
int wc_silabs_se_hash_final (wc_silabs_sha_t* sha, byte* hash);
|
||||
|
||||
|
||||
|
||||
#endif /* defined(WOLFSSL_SILABS_SE_ACCEL) */
|
||||
|
||||
#endif /* _SILABS_HASH_H_ */
|
35
source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_random.h
Normal file
35
source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_random.h
Normal file
|
@ -0,0 +1,35 @@
|
|||
/* silabs_random.h
|
||||
*
|
||||
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
|
||||
#ifndef _SILABS_RANDOM_H_
|
||||
#define _SILABS_RANDOM_H_
|
||||
|
||||
|
||||
#if defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
|
||||
#include <libs/libwolfssl/wolfcrypt/types.h>
|
||||
|
||||
int silabs_GenerateRand(byte* output, word32 sz);
|
||||
|
||||
#endif /* WOLFSSL_SILABS_SE_ACCEL */
|
||||
|
||||
#endif /* _SILABS_RANDOM_H_ */
|
|
@ -225,7 +225,12 @@ WOLFSSL_API int wc_FreeRng(WC_RNG*);
|
|||
#define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN
|
||||
#define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN
|
||||
#define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN
|
||||
#if defined(__ghs__) || defined(WC_NO_RNG_SIMPLE)
|
||||
/* some older compilers do not like macro function in expression */
|
||||
#define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN
|
||||
#else
|
||||
#define wc_RNG_GenerateBlock(rng, b, s) ({(void)rng; (void)b; (void)s; NOT_COMPILED_IN;})
|
||||
#endif
|
||||
#define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN
|
||||
#define wc_FreeRng(rng) (void)NOT_COMPILED_IN
|
||||
#endif
|
||||
|
|
|
@ -141,8 +141,9 @@ enum {
|
|||
RSA_PSS_SALT_LEN_DISCOVER = -2,
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_PKCS11
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
RSA_MAX_ID_LEN = 32,
|
||||
RSA_MAX_LABEL_LEN = 32,
|
||||
#endif
|
||||
};
|
||||
|
||||
|
@ -184,9 +185,11 @@ struct RsaKey {
|
|||
byte* mod;
|
||||
XSecure_Rsa xRsa;
|
||||
#endif
|
||||
#ifdef HAVE_PKCS11
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
byte id[RSA_MAX_ID_LEN];
|
||||
int idLen;
|
||||
char label[RSA_MAX_LABEL_LEN];
|
||||
int labelLen;
|
||||
#endif
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) || !defined(WOLFSSL_RSA_VERIFY_INLINE)
|
||||
byte dataIsAlloc;
|
||||
|
@ -213,9 +216,11 @@ struct RsaKey {
|
|||
WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap);
|
||||
WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
|
||||
WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
|
||||
#ifdef HAVE_PKCS11
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len,
|
||||
void* heap, int devId);
|
||||
WOLFSSL_API int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap,
|
||||
int devId);
|
||||
#endif
|
||||
WOLFSSL_API int wc_CheckRsaKey(RsaKey* key);
|
||||
#ifdef WOLFSSL_XILINX_CRYPT
|
||||
|
@ -246,6 +251,9 @@ WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
|
|||
word32 outLen, RsaKey* key);
|
||||
WOLFSSL_API int wc_RsaSSL_Verify_ex(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key, int pad_type);
|
||||
WOLFSSL_API int wc_RsaSSL_Verify_ex2(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key, int pad_type,
|
||||
enum wc_HashType hash);
|
||||
WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
|
||||
enum wc_HashType hash, int mgf,
|
||||
RsaKey* key);
|
||||
|
@ -367,6 +375,8 @@ WOLFSSL_LOCAL int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** ou
|
|||
int mgf, byte* optLabel, word32 labelLen, int saltLen,
|
||||
int bits, void* heap);
|
||||
|
||||
WOLFSSL_LOCAL int wc_hash2mgf(enum wc_HashType hType);
|
||||
|
||||
#endif /* HAVE_USER_RSA */
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -225,10 +225,9 @@
|
|||
#include "user_settings.h"
|
||||
#elif defined(USE_HAL_DRIVER) && !defined(HAVE_CONFIG_H)
|
||||
/* STM Configuration File (generated by CubeMX) */
|
||||
#include "wolfSSL.wolfSSL_conf.h"
|
||||
#include "wolfSSL.I-CUBE-wolfSSL_conf.h"
|
||||
#endif
|
||||
|
||||
|
||||
/* make sure old RNG name is used with CTaoCrypt FIPS */
|
||||
#ifdef HAVE_FIPS
|
||||
#if !defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)
|
||||
|
@ -358,12 +357,13 @@
|
|||
#define NO_FILESYSTEM
|
||||
#define USE_FAST_MATH
|
||||
#define TFM_TIMING_RESISTANT
|
||||
#define WOLFSSL_HAVE_MIN
|
||||
#define WOLFSSL_HAVE_MAX
|
||||
#define NO_BIG_INT
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
|
||||
#define WOLFSSL_HAVE_MIN
|
||||
#define WOLFSSL_HAVE_MAX
|
||||
|
||||
#ifndef NO_PIC32MZ_CRYPT
|
||||
#define WOLFSSL_PIC32MZ_CRYPT
|
||||
#endif
|
||||
|
@ -678,17 +678,17 @@ extern void uITRON4_free(void *p) ;
|
|||
|
||||
/* static char* gets(char *buff); */
|
||||
static char* fgets(char *buff, int sz, XFILE fp) {
|
||||
char * p = buff;
|
||||
*p = '\0';
|
||||
char * s = buff;
|
||||
*s = '\0';
|
||||
while (1) {
|
||||
*p = tm_getchar(-1);
|
||||
tm_putchar(*p);
|
||||
if (*p == '\r') {
|
||||
*s = tm_getchar(-1);
|
||||
tm_putchar(*s);
|
||||
if (*s == '\r') {
|
||||
tm_putchar('\n');
|
||||
*p = '\0';
|
||||
*s = '\0';
|
||||
break;
|
||||
}
|
||||
p++;
|
||||
s++;
|
||||
}
|
||||
return buff;
|
||||
}
|
||||
|
@ -1070,7 +1070,9 @@ extern void uITRON4_free(void *p) ;
|
|||
#define ECC_TIMING_RESISTANT
|
||||
|
||||
#undef HAVE_ECC
|
||||
#ifndef WOLFCRYPT_FIPS_RAND
|
||||
#define HAVE_ECC
|
||||
#endif
|
||||
#ifndef NO_AES
|
||||
#undef HAVE_AESCCM
|
||||
#define HAVE_AESCCM
|
||||
|
@ -1165,7 +1167,9 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
|
||||
#if defined(FSL_FEATURE_LTC_HAS_PKHA) && FSL_FEATURE_LTC_HAS_PKHA
|
||||
#ifndef WOLFCRYPT_FIPS_RAND
|
||||
#define FREESCALE_LTC_ECC
|
||||
#endif
|
||||
#define FREESCALE_LTC_TFM
|
||||
|
||||
/* the LTC PKHA hardware limit is 2048 bits (256 bytes) for integer arithmetic.
|
||||
|
@ -1215,6 +1219,8 @@ extern void uITRON4_free(void *p) ;
|
|||
#define USE_CERT_BUFFERS_4096
|
||||
#undef FP_MAX_BITS
|
||||
#define FP_MAX_BITS (8192)
|
||||
#undef SP_INT_BITS
|
||||
#define SP_INT_BITS (4096)
|
||||
|
||||
#undef NO_DH
|
||||
#define NO_DH
|
||||
|
@ -1387,11 +1393,18 @@ extern void uITRON4_free(void *p) ;
|
|||
#ifdef MICRIUM
|
||||
#include <stdlib.h>
|
||||
#include <os.h>
|
||||
#include <net_cfg.h>
|
||||
#include <net_sock.h>
|
||||
#include <net_err.h>
|
||||
#if defined(RTOS_MODULE_NET_AVAIL) || (APP_CFG_TCPIP_EN == DEF_ENABLED)
|
||||
#include <net_cfg.h>
|
||||
#include <net_sock.h>
|
||||
#if (OS_VERSION < 50000)
|
||||
#include <net_err.h>
|
||||
#endif
|
||||
#endif
|
||||
#include <lib_mem.h>
|
||||
#include <lib_math.h>
|
||||
#include <lib_str.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#define USE_FAST_MATH
|
||||
#define TFM_TIMING_RESISTANT
|
||||
|
@ -1415,7 +1428,7 @@ extern void uITRON4_free(void *p) ;
|
|||
#define NO_WOLFSSL_DIR
|
||||
#define NO_WRITEV
|
||||
|
||||
#ifndef CUSTOM_RAND_GENERATE
|
||||
#if ! defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(CUSTOM_RAND_GENERATE)
|
||||
#define CUSTOM_RAND_TYPE RAND_NBR
|
||||
#define CUSTOM_RAND_GENERATE Math_Rand
|
||||
#endif
|
||||
|
@ -1445,10 +1458,25 @@ extern void uITRON4_free(void *p) ;
|
|||
(CPU_SIZE_T)(size)))
|
||||
#define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
|
||||
(void *)(psrc), (CPU_SIZE_T)(size)))
|
||||
#define XMEMCMP(pmem_1, pmem_2, size) \
|
||||
(((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \
|
||||
(void *)(pmem_2), \
|
||||
|
||||
#if (OS_VERSION < 50000)
|
||||
#define XMEMCMP(pmem_1, pmem_2, size) \
|
||||
(((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \
|
||||
(void *)(pmem_2), \
|
||||
(CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
|
||||
#else
|
||||
/* Work around for Micrium OS version 5.8 change in behavior
|
||||
* that returns DEF_NO for 0 size compare
|
||||
*/
|
||||
#define XMEMCMP(pmem_1, pmem_2, size) \
|
||||
(( (size < 1 ) || \
|
||||
((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \
|
||||
(void *)(pmem_2), \
|
||||
(CPU_SIZE_T)(size)) == DEF_YES)) \
|
||||
? 0 : 1)
|
||||
#define XSNPRINTF snprintf
|
||||
#endif
|
||||
|
||||
#define XMEMMOVE XMEMCPY
|
||||
|
||||
#if (OS_CFG_MUTEX_EN == DEF_DISABLED)
|
||||
|
@ -1746,6 +1774,21 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
#endif
|
||||
|
||||
/* The minimum allowed ECC key size */
|
||||
/* Note: 224-bits is equivelant to 2048-bit RSA */
|
||||
#ifndef ECC_MIN_KEY_SZ
|
||||
#ifdef WOLFSSL_MIN_ECC_BITS
|
||||
#define ECC_MIN_KEY_SZ WOLFSSL_MIN_ECC_BITS
|
||||
#else
|
||||
#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2
|
||||
/* FIPSv2 and ready (for now) includes 192-bit support */
|
||||
#define ECC_MIN_KEY_SZ 192
|
||||
#else
|
||||
#define ECC_MIN_KEY_SZ 224
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* ECC Configs */
|
||||
#ifdef HAVE_ECC
|
||||
/* By default enable Sign, Verify, DHE, Key Import and Key Export unless explicitly disabled */
|
||||
|
@ -1929,6 +1972,11 @@ extern void uITRON4_free(void *p) ;
|
|||
#error "FFDHE parameters are too large for FP_MAX_BIT as set"
|
||||
#endif
|
||||
#endif
|
||||
#if defined(HAVE_FFDHE) && defined(SP_INT_BITS)
|
||||
#if MIN_FFDHE_FP_MAX_BITS > SP_INT_BITS * 2
|
||||
#error "FFDHE parameters are too large for SP_INT_BIT as set"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* if desktop type system and fastmath increase default max bits */
|
||||
#ifdef WOLFSSL_X86_64_BUILD
|
||||
|
@ -1939,6 +1987,13 @@ extern void uITRON4_free(void *p) ;
|
|||
#define FP_MAX_BITS MIN_FFDHE_FP_MAX_BITS
|
||||
#endif
|
||||
#endif
|
||||
#if defined(WOLFSSL_SP_MATH_ALL) && !defined(SP_INT_BITS)
|
||||
#if MIN_FFDHE_FP_MAX_BITS <= 8192
|
||||
#define SP_INT_BITS 4096
|
||||
#else
|
||||
#define PS_INT_BITS MIN_FFDHE_FP_MAX_BITS / 2
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* If using the max strength build, ensure OLD TLS is disabled. */
|
||||
|
@ -2118,8 +2173,8 @@ extern void uITRON4_free(void *p) ;
|
|||
#ifndef USE_WOLF_STRTOK
|
||||
#define USE_WOLF_STRTOK
|
||||
#endif
|
||||
#ifndef WOLFSSL_SP_MOD_WORD_RP
|
||||
#define WOLFSSL_SP_MOD_WORD_RP
|
||||
#ifndef WOLFSSL_SP_DIV_WORD_HALF
|
||||
#define WOLFSSL_SP_DIV_WORD_HALF
|
||||
#endif
|
||||
#ifndef WOLFSSL_OLD_PRIME_CHECK
|
||||
#define WOLFSSL_OLD_PRIME_CHECK
|
||||
|
@ -2138,12 +2193,6 @@ extern void uITRON4_free(void *p) ;
|
|||
#ifndef WOLFSSL_SP_DIV_WORD_HALF
|
||||
#define WOLFSSL_SP_DIV_WORD_HALF
|
||||
#endif
|
||||
#ifndef SP_HALF_SIZE
|
||||
#define SP_HALF_SIZE 32
|
||||
#endif
|
||||
#ifndef SP_HALF_MAX
|
||||
#define SP_HALF_MAX 4294967295U
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
|
@ -2154,7 +2203,8 @@ extern void uITRON4_free(void *p) ;
|
|||
#undef HAVE_GMTIME_R /* don't trust macro with windows */
|
||||
#endif /* WOLFSSL_MYSQL_COMPATIBLE */
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
|
||||
|| defined(HAVE_LIGHTY)
|
||||
#define SSL_OP_NO_COMPRESSION SSL_OP_NO_COMPRESSION
|
||||
#define OPENSSL_NO_ENGINE
|
||||
#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT
|
||||
|
@ -2175,7 +2225,7 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
|
||||
#ifdef HAVE_SNI
|
||||
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
|
||||
#endif
|
||||
|
||||
|
@ -2248,17 +2298,23 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
|
||||
/* Parts of the openssl compatibility layer require peer certs */
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
|
||||
|| defined(HAVE_LIGHTY)
|
||||
#undef KEEP_PEER_CERT
|
||||
#define KEEP_PEER_CERT
|
||||
#endif
|
||||
|
||||
/* RAW hash function APIs are not implemented with ARMv8 hardware acceleration*/
|
||||
#ifdef WOLFSSL_ARMASM
|
||||
/* RAW hash function APIs are not implemented */
|
||||
#if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_AFALG_HASH)
|
||||
#undef WOLFSSL_NO_HASH_RAW
|
||||
#define WOLFSSL_NO_HASH_RAW
|
||||
#endif
|
||||
|
||||
/* XChacha not implemented with ARM assembly ChaCha */
|
||||
#if defined(WOLFSSL_ARMASM)
|
||||
#undef HAVE_XCHACHA
|
||||
#endif
|
||||
|
||||
#if !defined(WOLFSSL_SHA384) && !defined(WOLFSSL_SHA512) && defined(NO_AES) && \
|
||||
!defined(WOLFSSL_SHA3)
|
||||
#undef WOLFSSL_NO_WORD64_OPS
|
||||
|
@ -2297,7 +2353,8 @@ extern void uITRON4_free(void *p) ;
|
|||
|
||||
#if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(WOLFSSL_SHA384) && \
|
||||
!defined(WOLFSSL_SHA512) && defined(WC_NO_RNG) && \
|
||||
defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_RSA_PUBLIC_ONLY)
|
||||
(defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
|
||||
defined(WOLFSSL_RSA_PUBLIC_ONLY)
|
||||
#undef WOLFSSL_NO_FORCE_ZERO
|
||||
#define WOLFSSL_NO_FORCE_ZERO
|
||||
#endif
|
||||
|
@ -2323,6 +2380,13 @@ extern void uITRON4_free(void *p) ;
|
|||
#undef WOLFSSL_SMALL_STACK
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK_STATIC
|
||||
#undef WOLFSSL_SMALL_STACK_STATIC
|
||||
#define WOLFSSL_SMALL_STACK_STATIC static
|
||||
#else
|
||||
#define WOLFSSL_SMALL_STACK_STATIC
|
||||
#endif
|
||||
|
||||
/* The client session cache requires time for timeout */
|
||||
#if defined(NO_ASN_TIME) && !defined(NO_SESSION_CACHE)
|
||||
#define NO_SESSION_CACHE
|
||||
|
|
|
@ -75,6 +75,9 @@
|
|||
#ifdef WOLFSSL_IMXRT_DCP
|
||||
#include <libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h>
|
||||
#endif
|
||||
#if defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
#include <libs/libwolfssl/wolfcrypt/port/silabs/silabs_hash.h>
|
||||
#endif
|
||||
|
||||
#if !defined(NO_OLD_SHA_NAMES)
|
||||
#define SHA WC_SHA
|
||||
|
@ -114,6 +117,8 @@ struct wc_Sha {
|
|||
ltc_hash_ctx_t ctx;
|
||||
#elif defined(STM32_HASH)
|
||||
STM32_HASH_Context stmCtx;
|
||||
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
wc_silabs_sha_t silabsCtx;
|
||||
#else
|
||||
word32 buffLen; /* in bytes */
|
||||
word32 loLen; /* length in bytes */
|
||||
|
|
|
@ -88,6 +88,9 @@
|
|||
#if defined(WOLFSSL_CRYPTOCELL)
|
||||
#include <libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h>
|
||||
#endif
|
||||
#if defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
#include <libs/libwolfssl/wolfcrypt/port/silabs/silabs_hash.h>
|
||||
#endif
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#define SHA256_NOINLINE __declspec(noinline)
|
||||
|
@ -138,6 +141,8 @@ struct wc_Sha256 {
|
|||
ltc_hash_ctx_t ctx;
|
||||
#elif defined(STM32_HASH_SHA2)
|
||||
STM32_HASH_Context stmCtx;
|
||||
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
wc_silabs_sha_t silabsCtx;
|
||||
#else
|
||||
/* alignment on digest and buffer speeds up ARMv8 crypto operations */
|
||||
ALIGN16 word32 digest[WC_SHA256_DIGEST_SIZE / sizeof(word32)];
|
||||
|
|
|
@ -90,7 +90,7 @@ enum {
|
|||
#else
|
||||
|
||||
/* Sha3 digest */
|
||||
struct Sha3 {
|
||||
struct wc_Sha3 {
|
||||
/* State data that is processed for each block. */
|
||||
word64 s[25];
|
||||
/* Unprocessed message data. */
|
||||
|
@ -109,7 +109,7 @@ struct Sha3 {
|
|||
};
|
||||
|
||||
#ifndef WC_SHA3_TYPE_DEFINED
|
||||
typedef struct Sha3 wc_Sha3;
|
||||
typedef struct wc_Sha3 wc_Sha3;
|
||||
#define WC_SHA3_TYPE_DEFINED
|
||||
#endif
|
||||
|
||||
|
|
|
@ -76,6 +76,10 @@
|
|||
#ifdef WOLFSSL_ESP32WROOM32_CRYPT
|
||||
#include <libs/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
|
||||
#endif
|
||||
#if defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
#include <libs/libwolfssl/wolfcrypt/port/silabs/silabs_hash.h>
|
||||
#endif
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#define SHA512_NOINLINE __declspec(noinline)
|
||||
#elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
|
||||
|
@ -136,6 +140,10 @@ struct wc_Sha512 {
|
|||
!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
|
||||
WC_ESP32SHA ctx;
|
||||
#endif
|
||||
#if defined(WOLFSSL_SILABS_SE_ACCEL)
|
||||
wc_silabs_sha_t silabsCtx;
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
|
||||
word32 flags; /* enum wc_HashFlags in hash.h */
|
||||
#endif
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -154,6 +154,7 @@ decouple library dependencies with standard string, memory and so on.
|
|||
#ifdef WORD64_AVAILABLE
|
||||
#define WOLFCRYPT_SLOW_WORD64
|
||||
#endif
|
||||
#define WC_32BIT_CPU
|
||||
#endif
|
||||
|
||||
#elif defined(WC_16BIT_CPU)
|
||||
|
@ -167,6 +168,7 @@ decouple library dependencies with standard string, memory and so on.
|
|||
typedef word32 wolfssl_word;
|
||||
#define MP_16BIT /* for mp_int, mp_word needs to be twice as big as
|
||||
mp_digit, no 64 bit type so make mp_digit 16 bit */
|
||||
#define WC_32BIT_CPU
|
||||
#endif
|
||||
|
||||
enum {
|
||||
|
@ -493,11 +495,12 @@ decouple library dependencies with standard string, memory and so on.
|
|||
|
||||
#define XSTRLEN(s1) strlen((s1))
|
||||
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
|
||||
/* strstr, strncmp, and strncat only used by wolfSSL proper,
|
||||
/* strstr, strncmp, strcmp, and strncat only used by wolfSSL proper,
|
||||
* not required for wolfCrypt only */
|
||||
#define XSTRSTR(s1,s2) strstr((s1),(s2))
|
||||
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
|
||||
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
|
||||
#define XSTRCMP(s1,s2) strcmp((s1),(s2))
|
||||
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
|
||||
|
||||
#ifdef USE_WOLF_STRSEP
|
||||
|
@ -647,9 +650,12 @@ decouple library dependencies with standard string, memory and so on.
|
|||
#include <ctype.h>
|
||||
#endif
|
||||
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
|
||||
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA)
|
||||
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA) || \
|
||||
defined(OPENSSL_EXTRA)
|
||||
#define XTOUPPER(c) toupper((c))
|
||||
#define XISALPHA(c) isalpha((c))
|
||||
#endif
|
||||
#ifdef OPENSSL_ALL
|
||||
#define XISALNUM(c) isalnum((c))
|
||||
#endif
|
||||
/* needed by wolfSSL_check_domain_name() */
|
||||
#define XTOLOWER(c) tolower((c))
|
||||
|
@ -784,7 +790,8 @@ decouple library dependencies with standard string, memory and so on.
|
|||
|
||||
/* hash types */
|
||||
enum wc_HashType {
|
||||
#if defined(HAVE_SELFTEST) || defined(HAVE_FIPS)
|
||||
#if defined(HAVE_SELFTEST) || defined(HAVE_FIPS) && \
|
||||
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2))
|
||||
/* In selftest build, WC_* types are not mapped to WC_HASH_TYPE types.
|
||||
* Values here are based on old selftest hmac.h enum, with additions.
|
||||
* These values are fixed for backwards FIPS compatibility */
|
||||
|
@ -858,8 +865,10 @@ decouple library dependencies with standard string, memory and so on.
|
|||
WC_PK_TYPE_CURVE25519 = 7,
|
||||
WC_PK_TYPE_RSA_KEYGEN = 8,
|
||||
WC_PK_TYPE_EC_KEYGEN = 9,
|
||||
WC_PK_TYPE_RSA_CHECK_PRIV_KEY = 10,
|
||||
WC_PK_TYPE_EC_CHECK_PRIV_KEY = 11,
|
||||
|
||||
WC_PK_TYPE_MAX = WC_PK_TYPE_EC_KEYGEN
|
||||
WC_PK_TYPE_MAX = WC_PK_TYPE_EC_CHECK_PRIV_KEY
|
||||
};
|
||||
|
||||
|
||||
|
|
|
@ -67,7 +67,6 @@ enum Pkcs11KeyType {
|
|||
PKCS11_KEY_TYPE_EC,
|
||||
};
|
||||
|
||||
|
||||
WOLFSSL_API int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library,
|
||||
void* heap);
|
||||
WOLFSSL_API void wc_Pkcs11_Finalize(Pkcs11Dev* dev);
|
||||
|
|
|
@ -81,6 +81,7 @@
|
|||
_Pragma("GCC diagnostic ignored \"-Wsign-compare\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wpointer-sign\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wbad-function-cast\"");
|
||||
_Pragma("GCC diagnostic ignored \"-Wdiscarded-qualifiers\"");
|
||||
|
||||
#include <linux/kconfig.h>
|
||||
#include <linux/kernel.h>
|
||||
|
@ -88,6 +89,7 @@
|
|||
#include <linux/ctype.h>
|
||||
#include <linux/init.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/mm.h>
|
||||
#ifndef SINGLE_THREADED
|
||||
#include <linux/kthread.h>
|
||||
#endif
|
||||
|
@ -99,19 +101,52 @@
|
|||
#else
|
||||
#include <asm/simd.h>
|
||||
#endif
|
||||
#define SAVE_VECTOR_REGISTERS() kernel_fpu_begin()
|
||||
#define RESTORE_VECTOR_REGISTERS() kernel_fpu_end()
|
||||
#ifndef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS() kernel_fpu_begin()
|
||||
#endif
|
||||
#ifndef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() kernel_fpu_end()
|
||||
#endif
|
||||
#elif defined(WOLFSSL_ARMASM)
|
||||
#include <asm/fpsimd.h>
|
||||
#define SAVE_VECTOR_REGISTERS() ({ preempt_disable(); fpsimd_preserve_current_state(); })
|
||||
#define RESTORE_VECTOR_REGISTERS() ({ fpsimd_restore_current_state(); preempt_enable(); })
|
||||
#ifndef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS() ({ preempt_disable(); fpsimd_preserve_current_state(); })
|
||||
#endif
|
||||
#ifndef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() ({ fpsimd_restore_current_state(); preempt_enable(); })
|
||||
#endif
|
||||
#else
|
||||
#define SAVE_VECTOR_REGISTERS() ({})
|
||||
#define RESTORE_VECTOR_REGISTERS() ({})
|
||||
#ifndef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS() ({})
|
||||
#endif
|
||||
#ifndef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() ({})
|
||||
#endif
|
||||
#endif
|
||||
|
||||
_Pragma("GCC diagnostic pop");
|
||||
|
||||
/* Linux headers define these using C expressions, but we need
|
||||
* them to be evaluable by the preprocessor, for use in sp_int.h.
|
||||
*/
|
||||
_Static_assert(sizeof(ULONG_MAX) == 8, "WOLFSSL_LINUXKM supported only on targets with 64 bit long words.");
|
||||
#undef UCHAR_MAX
|
||||
#define UCHAR_MAX 255
|
||||
#undef USHRT_MAX
|
||||
#define USHRT_MAX 65535
|
||||
#undef UINT_MAX
|
||||
#define UINT_MAX 4294967295U
|
||||
#undef ULONG_MAX
|
||||
#define ULONG_MAX 18446744073709551615UL
|
||||
#undef ULLONG_MAX
|
||||
#define ULLONG_MAX ULONG_MAX
|
||||
#undef INT_MAX
|
||||
#define INT_MAX 2147483647
|
||||
#undef LONG_MAX
|
||||
#define LONG_MAX 9223372036854775807L
|
||||
#undef LLONG_MAX
|
||||
#define LLONG_MAX LONG_MAX
|
||||
|
||||
/* remove this multifariously conflicting macro, picked up from
|
||||
* Linux arch/<arch>/include/asm/current.h.
|
||||
*/
|
||||
|
@ -122,9 +157,17 @@
|
|||
*/
|
||||
#define _MM_MALLOC_H_INCLUDED
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
|
||||
/* kvmalloc()/kvfree() and friends added in linux commit a7c3e901 */
|
||||
#define malloc(x) kvmalloc(x, GFP_KERNEL)
|
||||
#define free(x) kvfree(x)
|
||||
void *lkm_realloc(void *ptr, size_t newsize);
|
||||
#define realloc(x, y) lkm_realloc(x, y)
|
||||
#else
|
||||
#define malloc(x) kmalloc(x, GFP_KERNEL)
|
||||
#define free(x) kfree(x)
|
||||
#define realloc(x,y) krealloc(x, y, GFP_KERNEL)
|
||||
#endif
|
||||
|
||||
/* min() and max() in linux/kernel.h over-aggressively type-check, producing
|
||||
* myriad spurious -Werrors throughout the codebase.
|
||||
|
@ -157,8 +200,10 @@
|
|||
|
||||
#else /* ! WOLFSSL_LINUXKM */
|
||||
|
||||
#ifdef BUILDING_WOLFSSL
|
||||
#ifndef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS() do{}while(0)
|
||||
#endif
|
||||
#ifndef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() do{}while(0)
|
||||
#endif
|
||||
|
||||
|
@ -193,6 +238,8 @@
|
|||
/* do nothing, just don't pick Unix */
|
||||
#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS)
|
||||
/* do nothing */
|
||||
#elif defined(RTTHREAD)
|
||||
/* do nothing */
|
||||
#elif defined(EBSNET)
|
||||
/* do nothing */
|
||||
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
|
||||
|
@ -298,6 +345,9 @@
|
|||
#include "FreeRTOS.h"
|
||||
#include "semphr.h"
|
||||
typedef SemaphoreHandle_t wolfSSL_Mutex;
|
||||
#elif defined (RTTHREAD)
|
||||
#include "rtthread.h"
|
||||
typedef rt_mutex_t wolfSSL_Mutex;
|
||||
#elif defined(WOLFSSL_SAFERTOS)
|
||||
typedef struct wolfSSL_Mutex {
|
||||
signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES];
|
||||
|
@ -409,6 +459,11 @@ WOLFSSL_API int wc_SetMutexCb(mutex_cb* cb);
|
|||
WOLFSSL_API int wolfCrypt_Init(void);
|
||||
WOLFSSL_API int wolfCrypt_Cleanup(void);
|
||||
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
|
||||
WOLFSSL_API long wolfCrypt_heap_peakAllocs_checkpoint(void);
|
||||
WOLFSSL_API long wolfCrypt_heap_peakBytes_checkpoint(void);
|
||||
#endif
|
||||
|
||||
|
||||
/* FILESYSTEM SECTION */
|
||||
/* filesystem abstraction layer, used by ssl.c */
|
||||
|
@ -564,6 +619,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
#else
|
||||
#define XFOPEN fopen
|
||||
#endif
|
||||
#define XFDOPEN fdopen
|
||||
#define XFSEEK fseek
|
||||
#define XFTELL ftell
|
||||
#define XREWIND rewind
|
||||
|
@ -579,6 +635,9 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
#include <dirent.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/stat.h>
|
||||
#define XWRITE write
|
||||
#define XREAD read
|
||||
#define XCLOSE close
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
@ -786,7 +845,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||
#ifdef BUILDING_WOLFSSL
|
||||
|
||||
/* includes are all above, with incompatible warnings masked out. */
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 5, 0)
|
||||
typedef __kernel_time_t time_t;
|
||||
#else
|
||||
typedef __kernel_time64_t time_t;
|
||||
|
|
|
@ -449,7 +449,7 @@ static const char *parse_response(const char *buf, const char *buf_end, int *min
|
|||
}
|
||||
PARSE_INT_3(status);
|
||||
|
||||
/* get message includig preceding space */
|
||||
/* get message including preceding space */
|
||||
if ((buf = get_token_to_eol(buf, buf_end, msg, msg_len, ret)) == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue