espressif/ESP8266_RTOS_SDK
1
0
Fork 0
mirror of https://github.com/espressif/ESP8266_RTOS_SDK.git synced 2025-05-26 03:47:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'feature/update_wolfssl_to_commercial_version_3.15.7' into 'master'

Browse Source 
feat(wolfssl): update wolfssl to commercial version 3.15.7

See merge request sdk/ESP8266_RTOS_SDK!716
This commit is contained in:
Wu Jian Gang
2019-01-14 20:31:38 +08:00
parent e7d73894f5 f56dfe2b14
commit 74b4a550de
42 changed files with 3250 additions and 1457 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
components/ssl/Kconfig
View File

@ -2,7 +2,7 @@ menu "SSL"
choice SSL_LIBRARY_CHOOSE
prompt "Choose SSL/TLS library"
default SSL_USING_WOLFSSL
default SSL_USING_MBEDTLS
help
Choose the SSL/TLS library which you want to use.
@ -16,6 +16,17 @@ config SSL_USING_WOLFSSL
bool "wolfSSL"
endchoice
menu "wolfSSL"
depends on SSL_USING_WOLFSSL
config WOLFSSL_DEBUG
bool "Enable wolfSSL debugging"
default n
help
Enable wolfSSL debugging functions at compile time.
endmenu # wolfSSL
menu "mbedTLS"
depends on SSL_USING_MBEDTLS

5
components/ssl/component.mk
View File

@ -5,8 +5,13 @@
ifdef CONFIG_SSL_USING_WOLFSSL
COMPONENT_ADD_INCLUDEDIRS := wolfssl/include wolfssl/wolfssl wolfssl/wolfssl/wolfssl
ifdef CONFIG_WOLFSSL_DEBUG
WOLFSSLLIB = wolfssl_debug
COMPONENT_ADD_LDFLAGS := -L $(COMPONENT_PATH)/wolfssl/lib -lwolfssl_debug
else
WOLFSSLLIB = wolfssl
COMPONENT_ADD_LDFLAGS := -L $(COMPONENT_PATH)/wolfssl/lib -lwolfssl
endif
# re-link program if wolfssl library change
COMPONENT_ADD_LINKER_DEPS := $(patsubst %,$(COMPONENT_PATH)/wolfssl/lib/lib%.a,$(WOLFSSLLIB))

4
components/ssl/wolfssl/include/user_settings.h
View File

@ -31,6 +31,8 @@
#define NO_RC4
#define NO_RABBIT
#define HAVE_ECC
#define HAVE_AES_ECB
#define WOLFSSL_AES_DIRECT
#define WC_NO_HARDEN
#define FREERTOS
#define WOLFSSL_TYPES
@ -39,6 +41,7 @@
#define WOLFSSL_ALLOW_TLSV10
#define WOLFSSL_SMALL_STACK
#define SMALL_SESSION_CACHE
#define OPENSSL_EXTRA
#define SSL_CTX_use_certificate_ASN1(ctx,len,buf) wolfSSL_CTX_use_certificate_buffer(ctx,buf,len,WOLFSSL_FILETYPE_PEM)
#define SSL_CTX_use_PrivateKey_ASN1(type,ctx,buf,len) wolfSSL_CTX_use_PrivateKey_buffer(ctx,buf,len, WOLFSSL_FILETYPE_PEM)
@ -54,6 +57,7 @@
#endif
#ifndef CUSTOM_RAND_GENERATE_BLOCK
#include "esp_libc.h"
/* To use define the following:*/
#define CUSTOM_RAND_GENERATE_BLOCK os_get_random
#endif

BIN
components/ssl/wolfssl/lib/libwolfssl.a
View File

Binary file not shown.

BIN
components/ssl/wolfssl/lib/libwolfssl_debug.a Normal file
View File

Binary file not shown.

50
components/ssl/wolfssl/wolfssl/wolfssl/openssl/asn1.h Normal file
View File

@ -0,0 +1,50 @@
/* asn1.h
*
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* https://www.wolfssl.com
*/
/* asn1.h for openssl */
#ifndef WOLFSSL_ASN1_H_
#define WOLFSSL_ASN1_H_
#include <wolfssl/openssl/ssl.h>
#define ASN1_STRING_new wolfSSL_ASN1_STRING_type_new
#define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new
#define ASN1_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
#define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */
#define V_ASN1_NEG 0x100
#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
/* Type for ASN1_print_ex */
# define ASN1_STRFLGS_ESC_2253 1
# define ASN1_STRFLGS_ESC_CTRL 2
# define ASN1_STRFLGS_ESC_MSB 4
# define ASN1_STRFLGS_ESC_QUOTE 8
# define ASN1_STRFLGS_UTF8_CONVERT 0x10
# define ASN1_STRFLGS_IGNORE_TYPE 0x20
# define ASN1_STRFLGS_SHOW_TYPE 0x40
# define ASN1_STRFLGS_DUMP_ALL 0x80
# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
# define ASN1_STRFLGS_DUMP_DER 0x200
# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
ASN1_STRFLGS_ESC_CTRL | \
ASN1_STRFLGS_ESC_MSB | \
ASN1_STRFLGS_UTF8_CONVERT | \
ASN1_STRFLGS_DUMP_UNKNOWN | \
ASN1_STRFLGS_DUMP_DER)
#define MBSTRING_UTF8 0x1000
#endif /* WOLFSSL_ASN1_H_ */

11
components/ssl/wolfssl/wolfssl/wolfssl/openssl/bn.h
View File

@ -1,17 +1,22 @@
/* bn.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/* bn.h for openssl */
/*!
\file wolfssl/openssl/bn.h
\brief bn.h for openssl
*/
#ifndef WOLFSSL_BN_H_
#define WOLFSSL_BN_H_
@ -96,7 +101,7 @@ WOLFSSL_API int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM*, int,
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM*,
WOLFSSL_BN_ULONG);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_BN_print_fp(FILE*, const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_print_fp(XFILE, const WOLFSSL_BIGNUM*);
#endif
WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx);

71
components/ssl/wolfssl/wolfssl/wolfssl/openssl/crypto.h Normal file
View File

@ -0,0 +1,71 @@
/* crypto.h
*
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* https://www.wolfssl.com
*/
/* crypto.h for openSSL */
#ifndef WOLFSSL_CRYPTO_H_
#define WOLFSSL_CRYPTO_H_
#include <wolfssl/openssl/opensslv.h>
#include <wolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_crypto.h"
#endif
WOLFSSL_API const char* wolfSSLeay_version(int type);
WOLFSSL_API unsigned long wolfSSLeay(void);
#ifdef OPENSSL_EXTRA
WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
#endif
#define CRYPTO_THREADID void
#define SSLeay_version wolfSSLeay_version
#define SSLeay wolfSSLeay
#define SSLEAY_VERSION 0x0090600fL
#define SSLEAY_VERSION_NUMBER SSLEAY_VERSION
#define CRYPTO_lock wc_LockMutex_ex
/* this function was used to set the default malloc, free, and realloc */
#define CRYPTO_malloc_init() /* CRYPTO_malloc_init is not needed */
#define OPENSSL_free wolfSSL_OPENSSL_free
#define OPENSSL_malloc wolfSSL_OPENSSL_malloc
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
#define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions
#define FIPS_mode wolfSSL_FIPS_mode
#define FIPS_mode_set wolfSSL_FIPS_mode_set
typedef struct CRYPTO_EX_DATA CRYPTO_EX_DATA;
typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int idx,
long argl, void* argp);
#define CRYPTO_THREADID_set_callback wolfSSL_THREADID_set_callback
#define CRYPTO_THREADID_set_numeric wolfSSL_THREADID_set_numeric
#define CRYPTO_r_lock wc_LockMutex_ex
#define CRYPTO_unlock wc_LockMutex_ex
#define CRYPTO_THREAD_lock wc_LockMutex
#define CRYPTO_THREAD_r_lock wc_LockMutex
#define CRYPTO_THREAD_unlock wc_UnLockMutex
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
#endif /* header */

4
components/ssl/wolfssl/wolfssl/wolfssl/openssl/dsa.h
View File

@ -1,12 +1,12 @@
/* dsa.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

75
components/ssl/wolfssl/wolfssl/wolfssl/openssl/ec.h
View File

@ -1,12 +1,12 @@
/* ec.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -24,6 +24,7 @@ extern "C" {
/* Map OpenSSL NID value */
enum {
POINT_CONVERSION_COMPRESSED = 2,
POINT_CONVERSION_UNCOMPRESSED = 4,
#ifdef HAVE_ECC
@ -92,6 +93,10 @@ struct WOLFSSL_EC_KEY {
char exSet; /* external set from internal ? */
};
#define WOLFSSL_EC_KEY_LOAD_PRIVATE 1
#define WOLFSSL_EC_KEY_LOAD_PUBLIC 2
WOLFSSL_API
int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *curve,
const WOLFSSL_EC_POINT *p,
@ -103,6 +108,9 @@ WOLFSSL_API
int wolfSSL_EC_KEY_LoadDer(WOLFSSL_EC_KEY* key,
const unsigned char* der, int derSz);
WOLFSSL_API
int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key,
const unsigned char* der, int derSz, int opt);
WOLFSSL_API
void wolfSSL_EC_KEY_free(WOLFSSL_EC_KEY *key);
WOLFSSL_API
WOLFSSL_EC_POINT *wolfSSL_EC_KEY_get0_public_key(const WOLFSSL_EC_KEY *key);
@ -167,36 +175,47 @@ WOLFSSL_API
int wolfSSL_EC_POINT_is_at_infinity(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *a);
#define EC_KEY_free wolfSSL_EC_KEY_free
#define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key
#define EC_KEY_get0_group wolfSSL_EC_KEY_get0_group
#define EC_KEY_set_private_key wolfSSL_EC_KEY_set_private_key
#define EC_KEY_get0_private_key wolfSSL_EC_KEY_get0_private_key
#define EC_KEY_new_by_curve_name wolfSSL_EC_KEY_new_by_curve_name
#define EC_KEY_set_group wolfSSL_EC_KEY_set_group
#define EC_KEY_generate_key wolfSSL_EC_KEY_generate_key
#define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag
#define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key
#define EC_KEY_new wolfSSL_EC_KEY_new
#ifndef HAVE_SELFTEST
WOLFSSL_API
char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
const WOLFSSL_EC_POINT* point, int form,
WOLFSSL_BN_CTX* ctx);
#endif
#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
#define EC_GROUP_new_by_curve_name wolfSSL_EC_GROUP_new_by_curve_name
#define EC_GROUP_cmp wolfSSL_EC_GROUP_cmp
#define EC_GROUP_get_curve_name wolfSSL_EC_GROUP_get_curve_name
#define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree
#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
#define EC_GROUP_free wolfSSL_EC_GROUP_free
#define EC_KEY_new wolfSSL_EC_KEY_new
#define EC_KEY_free wolfSSL_EC_KEY_free
#define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key
#define EC_KEY_get0_group wolfSSL_EC_KEY_get0_group
#define EC_KEY_set_private_key wolfSSL_EC_KEY_set_private_key
#define EC_KEY_get0_private_key wolfSSL_EC_KEY_get0_private_key
#define EC_KEY_new_by_curve_name wolfSSL_EC_KEY_new_by_curve_name
#define EC_KEY_set_group wolfSSL_EC_KEY_set_group
#define EC_KEY_generate_key wolfSSL_EC_KEY_generate_key
#define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag
#define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key
#define EC_POINT_new wolfSSL_EC_POINT_new
#define EC_GROUP_free wolfSSL_EC_GROUP_free
#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
#define EC_GROUP_new_by_curve_name wolfSSL_EC_GROUP_new_by_curve_name
#define EC_GROUP_cmp wolfSSL_EC_GROUP_cmp
#define EC_GROUP_get_curve_name wolfSSL_EC_GROUP_get_curve_name
#define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree
#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
#define EC_POINT_new wolfSSL_EC_POINT_new
#define EC_POINT_free wolfSSL_EC_POINT_free
#define EC_POINT_get_affine_coordinates_GFp \
wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_mul wolfSSL_EC_POINT_mul
#define EC_POINT_clear_free wolfSSL_EC_POINT_clear_free
#define EC_POINT_cmp wolfSSL_EC_POINT_cmp
#define EC_POINT_free wolfSSL_EC_POINT_free
#define EC_POINT_is_at_infinity wolfSSL_EC_POINT_is_at_infinity
wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_mul wolfSSL_EC_POINT_mul
#define EC_POINT_clear_free wolfSSL_EC_POINT_clear_free
#define EC_POINT_cmp wolfSSL_EC_POINT_cmp
#define EC_POINT_is_at_infinity wolfSSL_EC_POINT_is_at_infinity
#define EC_POINT_dump wolfSSL_EC_POINT_dump
#ifndef HAVE_SELFTEST
#define EC_POINT_point2hex wolfSSL_EC_POINT_point2hex
#endif
#define EC_POINT_dump wolfSSL_EC_POINT_dump
#ifdef __cplusplus
} /* extern "C" */

133
components/ssl/wolfssl/wolfssl/wolfssl/openssl/evp.h
View File

@ -1,19 +1,20 @@
/* evp.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/* evp.h defines mini evp openssl compatibility layer
*
/*!
\file wolfssl/openssl/evp.h
\brief evp.h defines mini evp openssl compatibility layer
*/
@ -51,6 +52,7 @@
extern "C" {
#endif
typedef char WOLFSSL_EVP_CIPHER;
#ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */
typedef char WOLFSSL_EVP_MD;
@ -58,6 +60,9 @@ typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY;
#define WOLFSSL_EVP_TYPE_DEFINED
#endif
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
#ifndef NO_MD4
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void);
#endif
@ -75,8 +80,10 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void);
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void);
#endif
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void);
@ -112,6 +119,7 @@ typedef union {
#endif
} WOLFSSL_Hasher;
typedef struct WOLFSSL_EVP_PKEY_CTX WOLFSSL_EVP_PKEY_CTX;
typedef struct WOLFSSL_EVP_MD_CTX {
union {
@ -119,6 +127,7 @@ typedef struct WOLFSSL_EVP_MD_CTX {
Hmac hmac;
} hash;
unsigned char macType;
WOLFSSL_EVP_PKEY_CTX *pctx;
} WOLFSSL_EVP_MD_CTX;
@ -205,11 +214,11 @@ typedef struct WOLFSSL_EVP_CIPHER_CTX {
int lastUsed;
} WOLFSSL_EVP_CIPHER_CTX;
typedef struct WOLFSSL_EVP_PKEY_CTX {
struct WOLFSSL_EVP_PKEY_CTX {
WOLFSSL_EVP_PKEY *pkey;
int op; /* operation */
int padding;
} WOLFSSL_EVP_PKEY_CTX;
};
typedef int WOLFSSL_ENGINE ;
typedef WOLFSSL_ENGINE ENGINE;
@ -255,12 +264,22 @@ WOLFSSL_API int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_API int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx,
unsigned char *sig, size_t *siglen);
#ifndef NO_MD5
WOLFSSL_API int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx,
const void *d, size_t cnt);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
const unsigned char *sig,
size_t siglen);
WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER*,
const WOLFSSL_EVP_MD*, const unsigned char*,
const unsigned char*, int, int, unsigned char*,
unsigned char*);
#endif
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx);
@ -327,6 +346,10 @@ WOLFSSL_API int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx,
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_get_cipherbynid(int);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_RSA(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_RSA* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_EC_KEY* key);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key);
@ -349,7 +372,11 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
const unsigned char *in, size_t inlen);
WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type);
@ -378,11 +405,14 @@ WOLFSSL_API unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *ciph
WOLFSSL_API unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad);
WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest);
WOLFSSL_API int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API void wolfSSL_EVP_cleanup(void);
WOLFSSL_API int wolfSSL_add_all_algorithms(void);
WOLFSSL_API int wolfSSL_OpenSSL_add_all_algorithms_noconf(void);
WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char * pass, int passlen,
const unsigned char * salt,
@ -459,15 +489,18 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_MD_CTX_type wolfSSL_EVP_MD_CTX_type
#define EVP_MD_type wolfSSL_EVP_MD_type
#define EVP_DigestInit wolfSSL_EVP_DigestInit
#define EVP_DigestInit_ex wolfSSL_EVP_DigestInit_ex
#define EVP_DigestUpdate wolfSSL_EVP_DigestUpdate
#define EVP_DigestFinal wolfSSL_EVP_DigestFinal
#define EVP_DigestFinal_ex wolfSSL_EVP_DigestFinal_ex
#define EVP_DigestSignInit wolfSSL_EVP_DigestSignInit
#define EVP_DigestSignUpdate wolfSSL_EVP_DigestSignUpdate
#define EVP_DigestSignFinal wolfSSL_EVP_DigestSignFinal
#define EVP_BytesToKey wolfSSL_EVP_BytesToKey
#define EVP_DigestInit wolfSSL_EVP_DigestInit
#define EVP_DigestInit_ex wolfSSL_EVP_DigestInit_ex
#define EVP_DigestUpdate wolfSSL_EVP_DigestUpdate
#define EVP_DigestFinal wolfSSL_EVP_DigestFinal
#define EVP_DigestFinal_ex wolfSSL_EVP_DigestFinal_ex
#define EVP_DigestSignInit wolfSSL_EVP_DigestSignInit
#define EVP_DigestSignUpdate wolfSSL_EVP_DigestSignUpdate
#define EVP_DigestSignFinal wolfSSL_EVP_DigestSignFinal
#define EVP_DigestVerifyInit wolfSSL_EVP_DigestVerifyInit
#define EVP_DigestVerifyUpdate wolfSSL_EVP_DigestVerifyUpdate
#define EVP_DigestVerifyFinal wolfSSL_EVP_DigestVerifyFinal
#define EVP_BytesToKey wolfSSL_EVP_BytesToKey
#define EVP_get_cipherbyname wolfSSL_EVP_get_cipherbyname
#define EVP_get_digestbyname wolfSSL_EVP_get_digestbyname
@ -508,40 +541,54 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_get_cipherbyname wolfSSL_EVP_get_cipherbyname
#define EVP_get_digestbyname wolfSSL_EVP_get_digestbyname
#define EVP_PKEY_get1_RSA wolfSSL_EVP_PKEY_get1_RSA
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
#define EVP_PKEY_set1_RSA wolfSSL_EVP_PKEY_set1_RSA
#define EVP_PKEY_get1_EC_KEY wolfSSL_EVP_PKEY_get1_EC_KEY
#define EVP_PKEY_get0_hmac wolfSSL_EVP_PKEY_get0_hmac
#define EVP_PKEY_new_mac_key wolfSSL_EVP_PKEY_new_mac_key
#define EVP_MD_CTX_copy wolfSSL_EVP_MD_CTX_copy
#define EVP_MD_CTX_copy_ex wolfSSL_EVP_MD_CTX_copy_ex
#define EVP_PKEY_bits wolfSSL_EVP_PKEY_bits
#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free
#define EVP_PKEY_CTX_new wolfSSL_EVP_PKEY_CTX_new
#define EVP_PKEY_CTX_set_rsa_padding wolfSSL_EVP_PKEY_CTX_set_rsa_padding
#define EVP_PKEY_decrypt wolfSSL_EVP_PKEY_decrypt
#define EVP_PKEY_decrypt_init wolfSSL_EVP_PKEY_decrypt_init
#define EVP_PKEY_encrypt wolfSSL_EVP_PKEY_encrypt
#define EVP_PKEY_encrypt_init wolfSSL_EVP_PKEY_encrypt_init
#define EVP_PKEY_new wolfSSL_PKEY_new
#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
#define EVP_PKEY_size wolfSSL_EVP_PKEY_size
#define EVP_SignFinal wolfSSL_EVP_SignFinal
#define EVP_SignInit wolfSSL_EVP_SignInit
#define EVP_SignUpdate wolfSSL_EVP_SignUpdate
#define EVP_VerifyFinal wolfSSL_EVP_VerifyFinal
#define EVP_VerifyInit wolfSSL_EVP_VerifyInit
#define EVP_VerifyUpdate wolfSSL_EVP_VerifyUpdate
#define EVP_PKEY_asign_RSA wolfSSL_EVP_PKEY_assign_RSA
#define EVP_PKEY_asign_EC_KEY wolfSSL_EVP_PKEY_assign_EC_KEY
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
#define EVP_PKEY_get1_RSA wolfSSL_EVP_PKEY_get1_RSA
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
#define EVP_PKEY_set1_RSA wolfSSL_EVP_PKEY_set1_RSA
#define EVP_PKEY_get1_EC_KEY wolfSSL_EVP_PKEY_get1_EC_KEY
#define EVP_PKEY_get0_hmac wolfSSL_EVP_PKEY_get0_hmac
#define EVP_PKEY_new_mac_key wolfSSL_EVP_PKEY_new_mac_key
#define EVP_MD_CTX_copy wolfSSL_EVP_MD_CTX_copy
#define EVP_MD_CTX_copy_ex wolfSSL_EVP_MD_CTX_copy_ex
#define EVP_PKEY_bits wolfSSL_EVP_PKEY_bits
#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free
#define EVP_PKEY_CTX_new wolfSSL_EVP_PKEY_CTX_new
#define EVP_PKEY_CTX_set_rsa_padding wolfSSL_EVP_PKEY_CTX_set_rsa_padding
#define EVP_PKEY_decrypt wolfSSL_EVP_PKEY_decrypt
#define EVP_PKEY_decrypt_init wolfSSL_EVP_PKEY_decrypt_init
#define EVP_PKEY_encrypt wolfSSL_EVP_PKEY_encrypt
#define EVP_PKEY_encrypt_init wolfSSL_EVP_PKEY_encrypt_init
#define EVP_PKEY_new wolfSSL_PKEY_new
#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
#define EVP_PKEY_size wolfSSL_EVP_PKEY_size
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id
#define EVP_PKEY_id wolfSSL_EVP_PKEY_id
#define EVP_SignFinal wolfSSL_EVP_SignFinal
#define EVP_SignInit wolfSSL_EVP_SignInit
#define EVP_SignUpdate wolfSSL_EVP_SignUpdate
#define EVP_VerifyFinal wolfSSL_EVP_VerifyFinal
#define EVP_VerifyInit wolfSSL_EVP_VerifyInit
#define EVP_VerifyUpdate wolfSSL_EVP_VerifyUpdate
#define EVP_CIPHER_CTX_block_size wolfSSL_EVP_CIPHER_CTX_block_size
#define EVP_CIPHER_block_size wolfSSL_EVP_CIPHER_block_size
#define EVP_CIPHER_flags wolfSSL_EVP_CIPHER_flags
#define EVP_CIPHER_CTX_set_flags wolfSSL_EVP_CIPHER_CTX_set_flags
#define EVP_CIPHER_CTX_clear_flags wolfSSL_EVP_CIPHER_CTX_clear_flags
#define EVP_CIPHER_CTX_set_padding wolfSSL_EVP_CIPHER_CTX_set_padding
#define EVP_CIPHER_CTX_flags wolfSSL_EVP_CIPHER_CTX_flags
#define EVP_add_digest wolfSSL_EVP_add_digest
#define EVP_add_cipher wolfSSL_EVP_add_cipher
#define EVP_cleanup wolfSSL_EVP_cleanup
#define OpenSSL_add_all_digests() wolfCrypt_Init()
#define OpenSSL_add_all_ciphers() wolfCrypt_Init()
#define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms
#define OpenSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf
#define wolfSSL_OPENSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf
#define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1

84
components/ssl/wolfssl/wolfssl/wolfssl/openssl/hmac.h Normal file
View File

@ -0,0 +1,84 @@
/* hmac.h
*
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* https://www.wolfssl.com
*/
/* hmac.h defines mini hamc openssl compatibility layer
*
*/
#ifndef WOLFSSL_HMAC_H_
#define WOLFSSL_HMAC_H_
#include <wolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_hmac.h"
#endif
#include <wolfssl/openssl/evp.h>
#include <wolfssl/openssl/opensslv.h>
#include <wolfssl/wolfcrypt/hmac.h>
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md,
const void* key, int key_len,
const unsigned char* d, int n, unsigned char* md,
unsigned int* md_len);
typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac;
int type;
word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
} WOLFSSL_HMAC_CTX;
WOLFSSL_API int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx);
WOLFSSL_API int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des,
WOLFSSL_HMAC_CTX* src);
WOLFSSL_LOCAL int wolfSSL_HmacCopy(Hmac* des, Hmac* src);
WOLFSSL_API int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key,
int keylen, const EVP_MD* type);
WOLFSSL_API int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key,
int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e);
WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,
const unsigned char* data, int len);
WOLFSSL_API int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
unsigned int* len);
WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx);
typedef struct WOLFSSL_HMAC_CTX HMAC_CTX;
#define HMAC(a,b,c,d,e,f,g) wolfSSL_HMAC((a),(b),(c),(d),(e),(f),(g))
#define HMAC_CTX_init wolfSSL_HMAC_CTX_Init
#define HMAC_CTX_copy wolfSSL_HMAC_CTX_copy
#define HMAC_Init_ex wolfSSL_HMAC_Init_ex
#define HMAC_Init wolfSSL_HMAC_Init
#define HMAC_Update wolfSSL_HMAC_Update
#define HMAC_Final wolfSSL_HMAC_Final
#define HMAC_cleanup wolfSSL_HMAC_cleanup
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_HMAC_H_ */

4
components/ssl/wolfssl/wolfssl/wolfssl/openssl/md5.h
View File

@ -1,12 +1,12 @@
/* md5.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

7
components/ssl/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
View File

@ -1,12 +1,12 @@
/* opensslv.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -17,7 +17,8 @@
/* api version compatibility */
#if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_SIGNAL)
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
/* version number can be increased for Lighty after compatibility for ECDH
is added */
#define OPENSSL_VERSION_NUMBER 0x10001000L

4
components/ssl/wolfssl/wolfssl/wolfssl/openssl/ripemd.h
View File

@ -1,12 +1,12 @@
/* ripemd.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

24
components/ssl/wolfssl/wolfssl/wolfssl/openssl/rsa.h
View File

@ -1,12 +1,12 @@
/* rsa.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -23,21 +23,9 @@
extern "C" {
#endif
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
#if defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION < 2))
/*
choice of padding added after fips, so not available when using fips RSA
*/
/* Padding types */
#define RSA_PKCS1_PADDING 0
#define RSA_PKCS1_OAEP_PADDING 1
#else
#define RSA_PKCS1_PADDING WC_RSA_PKCSV15_PAD
#define RSA_PKCS1_OAEP_PADDING WC_RSA_OAEP_PAD
#endif /* HAVE_FIPS */
#endif
/* Padding types */
#define RSA_PKCS1_PADDING 0
#define RSA_PKCS1_OAEP_PADDING 1
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_RSA WOLFSSL_RSA;
@ -98,6 +86,7 @@ WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int s
#define WOLFSSL_RSA_LOAD_PRIVATE 1
#define WOLFSSL_RSA_LOAD_PUBLIC 2
#define WOLFSSL_RSA_F4 0x10001L
#define RSA_new wolfSSL_RSA_new
#define RSA_free wolfSSL_RSA_free
@ -114,6 +103,7 @@ WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int s
#define RSA_verify wolfSSL_RSA_verify
#define RSA_public_decrypt wolfSSL_RSA_public_decrypt
#define RSA_F4 WOLFSSL_RSA_F4
#ifdef __cplusplus
} /* extern "C" */

18
components/ssl/wolfssl/wolfssl/wolfssl/openssl/sha.h
View File

@ -1,12 +1,12 @@
/* sha.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -110,7 +110,7 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX;
#define SHA256_Init wolfSSL_SHA256_Init
#define SHA256_Update wolfSSL_SHA256_Update
#define SHA256_Final wolfSSL_SHA256_Final
#if defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS)
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA256 is only available in non-fips mode because of SHA256 enum in FIPS
* build. */
#define SHA256 wolfSSL_SHA256
@ -139,7 +139,11 @@ typedef WOLFSSL_SHA384_CTX SHA384_CTX;
#define SHA384_Init wolfSSL_SHA384_Init
#define SHA384_Update wolfSSL_SHA384_Update
#define SHA384_Final wolfSSL_SHA384_Final
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA384 is only available in non-fips mode because of SHA384 enum in FIPS
* build. */
#define SHA384 wolfSSL_SHA384
#endif
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
@ -164,7 +168,11 @@ typedef WOLFSSL_SHA512_CTX SHA512_CTX;
#define SHA512_Init wolfSSL_SHA512_Init
#define SHA512_Update wolfSSL_SHA512_Update
#define SHA512_Final wolfSSL_SHA512_Final
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA512 is only available in non-fips mode because of SHA512 enum in FIPS
* build. */
#define SHA512 wolfSSL_SHA512
#endif
#endif /* WOLFSSL_SHA512 */

1165
components/ssl/wolfssl/wolfssl/wolfssl/openssl/ssl.h
View File

File diff suppressed because it is too large Load Diff

425
components/ssl/wolfssl/wolfssl/wolfssl/ssl.h
View File

File diff suppressed because it is too large Load Diff

8
components/ssl/wolfssl/wolfssl/wolfssl/version.h
View File

@ -1,12 +1,12 @@
/* wolfssl_version.h.in
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -19,8 +19,8 @@
extern "C" {
#endif
#define LIBWOLFSSL_VERSION_STRING "3.14.0"
#define LIBWOLFSSL_VERSION_HEX 0x03014000
#define LIBWOLFSSL_VERSION_STRING "3.15.7"
#define LIBWOLFSSL_VERSION_HEX 0x03015007
#ifdef __cplusplus
}

338
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h
View File

@ -1,15 +1,19 @@
/* aes.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/aes.h
*/
#ifndef WOLF_CRYPT_AES_H
#define WOLF_CRYPT_AES_H
@ -18,8 +22,14 @@
#ifndef NO_AES
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
/* included for fips @wc_fips */
#ifdef HAVE_FIPS
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#include <cyassl/ctaocrypt/aes.h>
#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
#define WOLFSSL_AES_COUNTER
@ -29,7 +39,12 @@
#endif
#endif
#ifndef HAVE_FIPS /* to avoid redefinition of macros */
#ifndef WC_NO_RNG
#include <wolfssl/wolfcrypt/random.h>
#endif
#ifdef STM32_CRYPTO
#include <wolfssl/wolfcrypt/port/st/stm32.h>
#endif
#ifdef WOLFSSL_AESNI
@ -39,28 +54,67 @@
#endif /* WOLFSSL_AESNI */
#ifdef WOLFSSL_XILINX_CRYPT
#include "xsecure_aes.h"
#endif
#endif /* HAVE_FIPS */
#ifdef WOLFSSL_AFALG
/* included for struct msghdr */
#include <sys/socket.h>
#endif
#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
#if defined(HAVE_AESGCM) && !defined(WC_NO_RNG)
#include <wolfssl/wolfcrypt/random.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifndef HAVE_FIPS /* to avoid redefinition of structures */
/* these are required for FIPS and non-FIPS */
enum {
AES_128_KEY_SIZE = 16, /* for 128 bit */
AES_192_KEY_SIZE = 24, /* for 192 bit */
AES_256_KEY_SIZE = 32, /* for 256 bit */
AES_IV_SIZE = 16, /* always block size */
};
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
enum {
AES_ENC_TYPE = 1, /* cipher unique type */
AES_ENC_TYPE = WC_CIPHER_AES, /* cipher unique type */
AES_ENCRYPTION = 0,
AES_DECRYPTION = 1,
KEYWRAP_BLOCK_SIZE = 8,
AES_BLOCK_SIZE = 16
AES_BLOCK_SIZE = 16,
KEYWRAP_BLOCK_SIZE = 8,
GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
CCM_NONCE_MIN_SZ = 7,
CCM_NONCE_MAX_SZ = 13,
CTR_SZ = 4,
AES_IV_FIXED_SZ = 4,
#ifdef HAVE_PKCS11
AES_MAX_ID_LEN = 32,
#endif
};
@ -73,6 +127,10 @@ typedef struct Aes {
ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
word32 invokeCtr[2];
word32 nonceSz;
#endif
#ifdef HAVE_AESGCM
ALIGN16 byte H[AES_BLOCK_SIZE];
#ifdef GCM_TABLE
@ -83,6 +141,13 @@ typedef struct Aes {
#ifdef WOLFSSL_AESNI
byte use_aesni;
#endif /* WOLFSSL_AESNI */
#ifdef WOLF_CRYPTO_DEV
int devId;
#endif
#ifdef HAVE_PKCS11
byte id[AES_MAX_ID_LEN];
int idLen;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
word32 asyncKey[AES_MAX_KEY_SIZE/8/sizeof(word32)]; /* raw key */
word32 asyncIv[AES_BLOCK_SIZE/sizeof(word32)]; /* raw IV */
@ -96,6 +161,17 @@ typedef struct Aes {
XCsuDma dma;
word32 key_init[8];
word32 kup;
#endif
#ifdef WOLFSSL_AFALG
int alFd; /* server socket to bind to */
int rdFd; /* socket to read from */
struct msghdr msg;
int dir; /* flag for encrpyt or decrypt */
#endif
#if defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
WC_CRYPTODEV ctx;
#endif
void* heap; /* memory hint to use */
} Aes;
@ -131,10 +207,13 @@ typedef int (*wc_AesAuthDecryptFunc)(Aes* aes, byte* out,
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
#ifdef HAVE_AES_CBC
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif
#ifdef WOLFSSL_AES_CFB
WOLFSSL_API int wc_AesCfbEncrypt(Aes* aes, byte* out,
@ -164,6 +243,7 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
#endif
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_XILINX_CRYPT
WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
@ -181,10 +261,31 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#ifndef WC_NO_RNG
WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz);
WOLFSSL_API int wc_AesGcmSetIV(Aes* aes, word32 ivSz,
const byte* ivFixed, word32 ivFixedSz,
WC_RNG* rng);
WOLFSSL_API int wc_AesGcmEncrypt_ex(Aes* aes, byte* out,
const byte* in, word32 sz,
byte* ivOut, word32 ivOutSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* WC_NO_RNG */
WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz);
#ifndef WC_NO_RNG
WOLFSSL_API int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz, WC_RNG* rng);
WOLFSSL_API int wc_GmacVerify(const byte* key, word32 keySz,
const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
const byte* authTag, word32 authTagSz);
#endif /* WC_NO_RNG */
WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz);
#endif /* HAVE_AESGCM */
@ -200,6 +301,13 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesCcmSetNonce(Aes* aes,
const byte* nonce, word32 nonceSz);
WOLFSSL_API int wc_AesCcmEncrypt_ex(Aes* aes, byte* out,
const byte* in, word32 sz,
byte* ivOut, word32 ivOutSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
#ifdef HAVE_AES_KEYWRAP
WOLFSSL_API int wc_AesKeyWrap(const byte* key, word32 keySz,
@ -213,233 +321,33 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
#endif /* HAVE_AES_KEYWRAP */
#ifdef WOLFSSL_AES_XTS
/*!
\ingroup AES
\brief This is to help with setting keys to correct encrypt or decrypt type.
\note Is up to user to call wc_AesXtsFree on aes key when done.
\return 0 Success
\param aes AES keys for encrypt/decrypt process
\param key buffer holding aes key | tweak key
\param len length of key buffer in bytes. Should be twice that of key size.
i.e. 32 for a 16 byte key.
\param dir direction, either AES_ENCRYPTION or AES_DECRYPTION
\param heap heap hint to use for memory. Can be NULL
\param devId id to use with async crypto. Can be 0
_Example_
\code
XtsAes aes;
if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
word32 len, int dir, void* heap, int devId);
/*!
\ingroup AES
\brief Same process as wc_AesXtsEncrypt but uses a word64 type as the tweak
value instead of a byte array. This just converts the word64 to a
byte array and calls wc_AesXtsEncrypt.
\return 0 Success
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold cipher text
\param in input plain text buffer to encrypt
\param sz size of both out and in buffers
\param sector value to use for tweak
_Example_
\code
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
word64 s = VALUE;
//set up keys with AES_ENCRYPTION as dir
if(wc_AesXtsEncryptSector(&aes, cipher, plain, SIZE, s) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
/*!
\ingroup AES
\brief Same process as wc_AesXtsDecrypt but uses a word64 type as the tweak
value instead of a byte array. This just converts the word64 to a
byte array.
\return 0 Success
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold plain text
\param in input cipher text buffer to decrypt
\param sz size of both out and in buffers
\param sector value to use for tweak
_Example_
\code
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
word64 s = VALUE;
//set up aes key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION
if(wc_AesXtsDecryptSector(&aes, plain, cipher, SIZE, s) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
/*!
\ingroup AES
\brief AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text
Stealing.
\return 0 Success
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold cipher text
\param in input plain text buffer to encrypt
\param sz size of both out and in buffers
\param i value to use for tweak
\param iSz size of i buffer, should always be AES_BLOCK_SIZE but having
this input adds a sanity check on how the user calls the
function.
_Example_
\code
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
unsigned char i[AES_BLOCK_SIZE];
//set up key with AES_ENCRYPTION as dir
if(wc_AesXtsEncrypt(&aes, cipher, plain, SIZE, i, sizeof(i)) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
/*!
\ingroup AES
\brief Same process as encryption but Aes key is AES_DECRYPTION type.
\return 0 Success
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold plain text
\param in input cipher text buffer to decrypt
\param sz size of both out and in buffers
\param i value to use for tweak
\param iSz size of i buffer, should always be AES_BLOCK_SIZE but having
this input adds a sanity check on how the user calls the
function.
_Example_
\code
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
unsigned char i[AES_BLOCK_SIZE];
//set up key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION
if(wc_AesXtsDecrypt(&aes, plain, cipher, SIZE, i, sizeof(i)) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
/*!
\ingroup AES
\brief This is to free up any resources used by the XtsAes structure
\return 0 Success
\param aes AES keys to free
_Example_
\code
XtsAes aes;
if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
*/
WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
#endif
WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
WOLFSSL_API int wc_AesInit(Aes*, void*, int);
WOLFSSL_API void wc_AesFree(Aes*);
WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
#ifdef HAVE_PKCS11
WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
int devId);
#endif
WOLFSSL_API void wc_AesFree(Aes* aes);
#ifdef __cplusplus
} /* extern "C" */

11
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/arc4.h
View File

@ -1,16 +1,18 @@
/* arc4.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/arc4.h
*/
#ifndef WOLF_CRYPT_ARC4_H
#define WOLF_CRYPT_ARC4_H
@ -27,7 +29,8 @@
enum {
ARC4_ENC_TYPE = 4, /* cipher unique type */
ARC4_STATE_SIZE = 256
ARC4_STATE_SIZE = 256,
RC4_KEY_SIZE = 16, /* always 128bit */
};
/* ARC4 encryption and decryption */

507
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h Normal file
View File

@ -0,0 +1,507 @@
/* asn_public.h
*
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/asn_public.h
*/
#ifndef WOLF_CRYPT_ASN_PUBLIC_H
#define WOLF_CRYPT_ASN_PUBLIC_H
#include <wolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
/* guard on redeclaration */
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#endif
#ifndef WC_ED25519KEY_TYPE_DEFINED
typedef struct ed25519_key ed25519_key;
#define WC_ED25519KEY_TYPE_DEFINED
#endif
#ifndef WC_RSAKEY_TYPE_DEFINED
typedef struct RsaKey RsaKey;
#define WC_RSAKEY_TYPE_DEFINED
#endif
#ifndef WC_RNG_TYPE_DEFINED
typedef struct WC_RNG WC_RNG;
#define WC_RNG_TYPE_DEFINED
#endif
/* Certificate file Type */
enum CertType {
CERT_TYPE = 0,
PRIVATEKEY_TYPE,
DH_PARAM_TYPE,
DSA_PARAM_TYPE,
CRL_TYPE,
CA_TYPE,
ECC_PRIVATEKEY_TYPE,
DSA_PRIVATEKEY_TYPE,
CERTREQ_TYPE,
DSA_TYPE,
ECC_TYPE,
RSA_TYPE,
PUBLICKEY_TYPE,
RSA_PUBLICKEY_TYPE,
ECC_PUBLICKEY_TYPE,
TRUSTED_PEER_TYPE,
EDDSA_PRIVATEKEY_TYPE,
ED25519_TYPE,
PKCS12_TYPE,
PKCS8_PRIVATEKEY_TYPE,
PKCS8_ENC_PRIVATEKEY_TYPE
};
/* Signature type, by OID sum */
enum Ctc_SigType {
CTC_SHAwDSA = 517,
CTC_MD2wRSA = 646,
CTC_MD5wRSA = 648,
CTC_SHAwRSA = 649,
CTC_SHAwECDSA = 520,
CTC_SHA224wRSA = 658,
CTC_SHA224wECDSA = 523,
CTC_SHA256wRSA = 655,
CTC_SHA256wECDSA = 524,
CTC_SHA384wRSA = 656,
CTC_SHA384wECDSA = 525,
CTC_SHA512wRSA = 657,
CTC_SHA512wECDSA = 526,
CTC_ED25519 = 256
};
enum Ctc_Encoding {
CTC_UTF8 = 0x0c, /* utf8 */
CTC_PRINTABLE = 0x13 /* printable */
};
#ifndef WC_CTC_NAME_SIZE
#define WC_CTC_NAME_SIZE 64
#endif
#ifndef WC_CTC_MAX_ALT_SIZE
#define WC_CTC_MAX_ALT_SIZE 16384
#endif
enum Ctc_Misc {
CTC_COUNTRY_SIZE = 2,
CTC_NAME_SIZE = WC_CTC_NAME_SIZE,
CTC_DATE_SIZE = 32,
CTC_MAX_ALT_SIZE = WC_CTC_MAX_ALT_SIZE, /* may be huge, default: 16384 */
CTC_SERIAL_SIZE = 16,
#ifdef WOLFSSL_CERT_EXT
/* AKID could contains: hash + (Option) AuthCertIssuer,AuthCertSerialNum
* We support only hash */
CTC_MAX_SKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_AKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_CERTPOL_SZ = 64,
CTC_MAX_CERTPOL_NB = 2 /* Max number of Certificate Policy */
#endif /* WOLFSSL_CERT_EXT */
};
/* DER buffer */
typedef struct DerBuffer {
byte* buffer;
void* heap;
word32 length;
int type; /* enum CertType */
int dynType; /* DYNAMIC_TYPE_* */
} DerBuffer;
enum {
IV_SZ = 32, /* max iv sz */
NAME_SZ = 80, /* max one line */
PEM_PASS_READ = 0,
PEM_PASS_WRITE = 1,
};
typedef int (pem_password_cb)(char* passwd, int sz, int rw, void* userdata);
typedef struct EncryptedInfo {
pem_password_cb* passwd_cb;
void* passwd_userdata;
long consumed; /* tracks PEM bytes consumed */
int cipherType;
word32 keySz;
word32 ivSz; /* salt or encrypted IV size */
char name[NAME_SZ]; /* cipher name, such as "DES-CBC" */
byte iv[IV_SZ]; /* salt or encrypted IV */
word16 set:1; /* if encryption set */
} EncryptedInfo;
#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT)
#ifdef WOLFSSL_EKU_OID
#ifndef CTC_MAX_EKU_NB
#define CTC_MAX_EKU_NB 1
#endif
#ifndef CTC_MAX_EKU_OID_SZ
#define CTC_MAX_EKU_OID_SZ 30
#endif
#else
#undef CTC_MAX_EKU_OID_SZ
#define CTC_MAX_EKU_OID_SZ 0
#endif
#endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_MULTI_ATTRIB
#ifndef CTC_MAX_ATTRIB
#define CTC_MAX_ATTRIB 4
#endif
/* ASN Encoded Name field */
typedef struct NameAttrib {
int sz; /* actual string value length */
int id; /* id of name */
int type; /* enc of name */
char value[CTC_NAME_SIZE]; /* name */
} NameAttrib;
#endif /* WOLFSSL_MULTI_ATTRIB */
typedef struct CertName {
char country[CTC_NAME_SIZE];
char countryEnc;
char state[CTC_NAME_SIZE];
char stateEnc;
char locality[CTC_NAME_SIZE];
char localityEnc;
char sur[CTC_NAME_SIZE];
char surEnc;
char org[CTC_NAME_SIZE];
char orgEnc;
char unit[CTC_NAME_SIZE];
char unitEnc;
char commonName[CTC_NAME_SIZE];
char commonNameEnc;
char serialDev[CTC_NAME_SIZE];
char serialDevEnc;
#ifdef WOLFSSL_CERT_EXT
char busCat[CTC_NAME_SIZE];
char busCatEnc;
char joiC[CTC_NAME_SIZE];
char joiCEnc;
char joiSt[CTC_NAME_SIZE];
char joiStEnc;
#endif
char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */
#ifdef WOLFSSL_MULTI_ATTRIB
NameAttrib name[CTC_MAX_ATTRIB];
#endif
} CertName;
/* for user to fill for certificate generation */
typedef struct Cert {
int version; /* x509 version */
byte serial[CTC_SERIAL_SIZE]; /* serial number */
int serialSz; /* serial size */
int sigType; /* signature algo type */
CertName issuer; /* issuer info */
int daysValid; /* validity days */
int selfSigned; /* self signed flag */
CertName subject; /* subject info */
int isCA; /* is this going to be a CA */
/* internal use only */
int bodySz; /* pre sign total size */
int keyType; /* public key type of subject */
#ifdef WOLFSSL_ALT_NAMES
byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
int altNamesSz; /* altNames size in bytes */
byte beforeDate[CTC_DATE_SIZE]; /* before date copy */
int beforeDateSz; /* size of copy */
byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */
#endif
#ifdef WOLFSSL_CERT_EXT
byte skid[CTC_MAX_SKID_SIZE]; /* Subject Key Identifier */
int skidSz; /* SKID size in bytes */
byte akid[CTC_MAX_AKID_SIZE]; /* Authority Key Identifier */
int akidSz; /* AKID size in bytes */
word16 keyUsage; /* Key Usage */
byte extKeyUsage; /* Extended Key Usage */
#ifdef WOLFSSL_EKU_OID
/* Extended Key Usage OIDs */
byte extKeyUsageOID[CTC_MAX_EKU_NB][CTC_MAX_EKU_OID_SZ];
byte extKeyUsageOIDSz[CTC_MAX_EKU_NB];
#endif
char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ];
word16 certPoliciesNb; /* Number of Cert Policy */
byte issRaw[sizeof(CertName)]; /* raw issuer info */
byte sbjRaw[sizeof(CertName)]; /* raw subject info */
#endif
#ifdef WOLFSSL_CERT_REQ
char challengePw[CTC_NAME_SIZE];
#endif
void* heap; /* heap hint */
} Cert;
/* Initialize and Set Certificate defaults:
version = 3 (0x2)
serial = 0 (Will be randomly generated)
sigType = SHA_WITH_RSA
issuer = blank
daysValid = 500
selfSigned = 1 (true) use subject as issuer
subject = blank
isCA = 0 (false)
keyType = RSA_KEY (default)
*/
WOLFSSL_API int wc_InitCert(Cert*);
WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz,
int keyType, void* key, WC_RNG* rng);
WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*, WC_RNG*);
#ifdef WOLFSSL_CERT_REQ
WOLFSSL_API int wc_MakeCertReq_ex(Cert*, byte* derBuffer, word32 derSz,
int, void*);
WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz,
RsaKey*, ecc_key*);
#endif
WOLFSSL_API int wc_SignCert_ex(int requestSz, int sType, byte* buffer,
word32 buffSz, int keyType, void* key,
WC_RNG* rng);
WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey*, ecc_key*, WC_RNG*);
WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
WC_RNG*);
WOLFSSL_API int wc_SetIssuer(Cert*, const char*);
WOLFSSL_API int wc_SetSubject(Cert*, const char*);
#ifdef WOLFSSL_ALT_NAMES
WOLFSSL_API int wc_SetAltNames(Cert*, const char*);
#endif
WOLFSSL_API int wc_SetIssuerBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetSubjectBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetAltNamesBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
#ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetCertDates(Cert* cert, struct tm* before,
struct tm* after);
#endif
#ifdef WOLFSSL_CERT_EXT
WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey_ex(Cert *cert, int keyType,
void* key);
WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
ecc_key *eckey);
WOLFSSL_API int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz);
WOLFSSL_API int wc_SetAuthKeyId(Cert *cert, const char* file);
WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType,
void* key);
WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
ecc_key *eckey);
WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file);
WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert);
WOLFSSL_API int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz);
WOLFSSL_API int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz);
#ifdef HAVE_NTRU
WOLFSSL_API int wc_SetSubjectKeyIdFromNtruPublicKey(Cert *cert, byte *ntruKey,
word16 ntruKeySz);
#endif
/* Set the KeyUsage.
* Value is a string separated tokens with ','. Accepted tokens are :
* digitalSignature,nonRepudiation,contentCommitment,keyCertSign,cRLSign,
* dataEncipherment,keyAgreement,keyEncipherment,encipherOnly and decipherOnly.
*
* nonRepudiation and contentCommitment are for the same usage.
*/
WOLFSSL_API int wc_SetKeyUsage(Cert *cert, const char *value);
/* Set ExtendedKeyUsage
* Value is a string separated tokens with ','. Accepted tokens are :
* any,serverAuth,clientAuth,codeSigning,emailProtection,timeStamping,OCSPSigning
*/
WOLFSSL_API int wc_SetExtKeyUsage(Cert *cert, const char *value);
#ifdef WOLFSSL_EKU_OID
/* Set ExtendedKeyUsage with unique OID
* oid is expected to be in byte representation
*/
WOLFSSL_API int wc_SetExtKeyUsageOID(Cert *cert, const char *oid, word32 sz,
byte idx, void* heap);
#endif /* WOLFSSL_EKU_OID */
#endif /* WOLFSSL_CERT_EXT */
#ifdef HAVE_NTRU
WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
const byte* ntruKey, word16 keySz,
WC_RNG*);
#endif
#endif /* WOLFSSL_CERT_GEN */
WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz,
const byte** date, byte* format, int* length);
#ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetDateAsCalendarTime(const byte* date, int length,
byte format, struct tm* time);
#endif
#if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
WOLFSSL_API int wc_PemGetHeaderFooter(int type, const char** header,
const char** footer);
#endif
WOLFSSL_API int wc_AllocDer(DerBuffer** pDer, word32 length, int type, void* heap);
WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
#ifdef WOLFSSL_PEM_TO_DER
WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type,
DerBuffer** pDer, void* heap, EncryptedInfo* info, int* eccKey);
WOLFSSL_API int wc_KeyPemToDer(const unsigned char*, int,
unsigned char*, int, const char*);
WOLFSSL_API int wc_CertPemToDer(const unsigned char*, int,
unsigned char*, int, int);
#endif /* WOLFSSL_PEM_TO_DER */
#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
#ifndef NO_FILESYSTEM
WOLFSSL_API int wc_PemPubKeyToDer(const char* fileName,
unsigned char* derBuf, int derSz);
#endif
WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char*, int,
unsigned char*, int);
#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
#ifdef WOLFSSL_CERT_GEN
#ifndef NO_FILESYSTEM
WOLFSSL_API int wc_PemCertToDer(const char* fileName,
unsigned char* derBuf, int derSz);
#endif
#endif /* WOLFSSL_CERT_GEN */
#ifdef WOLFSSL_DER_TO_PEM
WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
word32 outputSz, byte *cipherIno, int type);
#endif
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx,
word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz);
#endif
#ifdef HAVE_ECC
/* private key helpers */
WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*,
ecc_key*, word32);
WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen);
WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output,
word32* outLen);
/* public key helper */
WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*,
ecc_key*, word32);
WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key*, byte* output,
word32 inLen, int with_AlgCurve);
#endif
#ifdef HAVE_ED25519
/* private key helpers */
WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte*, word32*,
ed25519_key*, word32);
WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output,
word32 inLen);
/* public key helper */
WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte*, word32*,
ed25519_key*, word32);
#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key*, byte* output,
word32 inLen, int with_AlgCurve);
#endif
#endif
/* DER encode signature */
WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest,
word32 digSz, int hashOID);
WOLFSSL_API int wc_GetCTC_HashOID(int type);
WOLFSSL_API int wc_GetPkcs8TraditionalOffset(byte* input,
word32* inOutIdx, word32 sz);
WOLFSSL_API int wc_CreatePKCS8Key(byte* out, word32* outSz,
byte* key, word32 keySz, int algoID, const byte* curveOID, word32 oidSz);
#ifndef NO_ASN_TIME
/* Time */
/* Returns seconds (Epoch/UTC)
* timePtr: is "time_t", which is typically "long"
* Example:
long lTime;
rc = wc_GetTime(&lTime, (word32)sizeof(lTime));
*/
WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize);
#endif
#ifdef WOLFSSL_ENCRYPTED_KEYS
WOLFSSL_API int wc_EncryptedInfoGet(EncryptedInfo* info,
const char* cipherInfo);
#endif
#ifdef WOLFSSL_CERT_PIV
typedef struct _wc_CertPIV {
const byte* cert;
word32 certSz;
const byte* certErrDet;
word32 certErrDetSz;
const byte* nonce; /* Identiv Only */
word32 nonceSz; /* Identiv Only */
const byte* signedNonce; /* Identiv Only */
word32 signedNonceSz; /* Identiv Only */
/* flags */
word16 compression:2;
word16 isX509:1;
word16 isIdentiv:1;
} wc_CertPIV;
WOLFSSL_API int wc_ParseCertPIV(wc_CertPIV* cert, const byte* buf, word32 totalSz);
#endif /* WOLFSSL_CERT_PIV */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_ASN_PUBLIC_H */

34
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h
View File

@ -1,15 +1,18 @@
/* des3.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/des3.h
*/
#ifndef WOLF_CRYPT_DES3_H
#define WOLF_CRYPT_DES3_H
@ -18,7 +21,13 @@
#ifndef NO_DES3
#ifdef HAVE_FIPS
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* included for fips @wc_fips */
#include <cyassl/ctaocrypt/des3.h>
#endif
@ -27,17 +36,28 @@
extern "C" {
#endif
#ifndef HAVE_FIPS /* to avoid redefinition of macros */
/* these are required for FIPS and non-FIPS */
enum {
DES_KEY_SIZE = 8, /* des */
DES3_KEY_SIZE = 24, /* 3 des ede */
DES_IV_SIZE = 8, /* should be the same as DES_BLOCK_SIZE */
};
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
enum {
DES_ENC_TYPE = 2, /* cipher unique type */
DES3_ENC_TYPE = 3, /* cipher unique type */
DES_ENC_TYPE = WC_CIPHER_DES, /* cipher unique type */
DES3_ENC_TYPE = WC_CIPHER_DES3, /* cipher unique type */
DES_BLOCK_SIZE = 8,
DES_KS_SIZE = 32,
DES_KS_SIZE = 32, /* internal DES key buffer size */
DES_ENCRYPTION = 0,
DES_DECRYPTION = 1

108
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h
View File

@ -1,15 +1,19 @@
/* ecc.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/ecc.h
*/
#ifndef WOLF_CRYPT_ECC_H
#define WOLF_CRYPT_ECC_H
@ -67,12 +71,12 @@
#define MAX_ECC_BITS 384
#elif defined(HAVE_ECC320)
#define MAX_ECC_BITS 320
#elif !defined(NO_ECC256)
#define MAX_ECC_BITS 256
#elif defined(HAVE_ECC239)
#define MAX_ECC_BITS 239
#elif defined(HAVE_ECC224)
#define MAX_ECC_BITS 224
#elif !defined(NO_ECC256)
#define MAX_ECC_BITS 256
#elif defined(HAVE_ECC192)
#define MAX_ECC_BITS 192
#elif defined(HAVE_ECC160)
@ -109,9 +113,22 @@ enum {
/* max crypto hardware size */
#ifdef WOLFSSL_ATECC508A
ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */
ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2),
#elif defined(PLUTON_CRYPTO_ECC)
ECC_MAX_CRYPTO_HW_SIZE = 32,
#endif
/* point compression type */
ECC_POINT_COMP_EVEN = 0x02,
ECC_POINT_COMP_ODD = 0x03,
ECC_POINT_UNCOMP = 0x04,
/* Shamir's dual add constants */
SHAMIR_PRECOMP_SZ = 16,
#ifdef HAVE_PKCS11
ECC_MAX_ID_LEN = 32,
#endif
};
/* Curve Types */
@ -177,6 +194,7 @@ typedef byte ecc_oid_t;
#endif
/* ECC set type defined a GF(p) curve */
#ifndef USE_WINDOWS_API
typedef struct ecc_set_type {
int size; /* The size of the curve in octets */
int id; /* id of this curve */
@ -192,6 +210,31 @@ typedef struct ecc_set_type {
word32 oidSum; /* sum of encoded OID bytes */
int cofactor;
} ecc_set_type;
#else
/* MSC does something different with the pointers to the arrays than GCC,
* and it causes the FIPS checksum to fail. In the case of windows builds,
* store everything as arrays instead of pointers to strings. */
#define MAX_ECC_NAME 16
#define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 1)
/* The values are stored as text strings. */
typedef struct ecc_set_type {
int size; /* The size of the curve in octets */
int id; /* id of this curve */
const char name[MAX_ECC_NAME]; /* name of this curve */
const char prime[MAX_ECC_STRING]; /* prime that defines the field, curve is in (hex) */
const char Af[MAX_ECC_STRING]; /* fields A param (hex) */
const char Bf[MAX_ECC_STRING]; /* fields B param (hex) */
const char order[MAX_ECC_STRING]; /* order of the curve (hex) */
const char Gx[MAX_ECC_STRING]; /* x coordinate of the base point on curve (hex) */
const char Gy[MAX_ECC_STRING]; /* y coordinate of the base point on curve (hex) */
const ecc_oid_t oid[10];
word32 oidSz;
word32 oidSum; /* sum of encoded OID bytes */
int cofactor;
} ecc_set_type;
#endif
#ifdef ALT_ECC_SIZE
@ -248,10 +291,15 @@ typedef struct ecc_set_type {
* fp_digit array will be shorter. */
typedef struct alt_fp_int {
int used, sign, size;
fp_digit dp[FP_SIZE_ECC];
mp_digit dp[FP_SIZE_ECC];
} alt_fp_int;
#endif /* ALT_ECC_SIZE */
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#endif
/* A point on an ECC curve, stored in Jacbobian format such that (x,y,z) =>
(x/z^2, y/z^3, 1) when interpreted as affine */
@ -266,6 +314,9 @@ typedef struct {
mp_int* z; /* The z coordinate */
alt_fp_int xyz[3];
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
ecc_key* key;
#endif
} ecc_point;
/* ECC Flags */
@ -294,25 +345,37 @@ struct ecc_key {
mp_int k; /* private key */
#ifdef WOLFSSL_ATECC508A
int slot; /* Key Slot Number (-1 unknown) */
byte pubkey_raw[PUB_KEY_SIZE];
byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
#endif
#ifdef PLUTON_CRYPTO_ECC
#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_DEV)
int devId;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
mp_int* r; /* sign/verify temps */
mp_int* s;
WC_ASYNC_DEV asyncDev;
#ifdef HAVE_CAVIUM_V
mp_int* e; /* Sign, Verify and Shared Secret */
mp_int* signK;
#endif
#ifdef WOLFSSL_CERT_GEN
CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
};
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#ifdef HAVE_PKCS11
byte id[ECC_MAX_ID_LEN];
int idLen;
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
mp_int* t1;
mp_int* t2;
#ifdef ALT_ECC_SIZE
mp_int* x;
mp_int* y;
mp_int* z;
#endif
#endif
};
/* ECC predefined curve sets */
@ -388,6 +451,11 @@ WOLFSSL_API
int wc_ecc_init(ecc_key* key);
WOLFSSL_API
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
#ifdef HAVE_PKCS11
WOLFSSL_API
int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
int devId);
#endif
#ifdef WOLFSSL_CUSTOM_CURVES
WOLFSSL_LOCAL
void wc_ecc_free_curve(const ecc_set_type* curve, void* heap);
@ -424,6 +492,8 @@ int wc_ecc_get_curve_id_from_params(int fieldSize,
const byte* Bf, word32 BfSz, const byte* order, word32 orderSz,
const byte* Gx, word32 GxSz, const byte* Gy, word32 GySz, int cofactor);
WOLFSSL_API
int wc_ecc_get_curve_id_from_oid(const byte* oid, word32 len);
WOLFSSL_API
ecc_point* wc_ecc_new_point(void);
@ -474,6 +544,9 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
WOLFSSL_API
int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
WOLFSSL_API
int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz,
byte* out, word32* outlen);
WOLFSSL_API
int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen,
byte* s, word32* sLen);
WOLFSSL_API
@ -482,17 +555,24 @@ int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
WOLFSSL_API
int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy,
const char* d, int curve_id);
WOLFSSL_API
int wc_ecc_import_unsigned(ecc_key* key, byte* qx, byte* qy,
byte* d, int curve_id);
#endif /* HAVE_ECC_KEY_IMPORT */
#ifdef HAVE_ECC_KEY_EXPORT
WOLFSSL_API
int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
byte* qy, word32* qyLen, byte* d, word32* dLen,
int encType);
WOLFSSL_API
int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen,
byte* qy, word32* qyLen);
WOLFSSL_API
int wc_ecc_export_private_raw(ecc_key* key, byte* qx, word32* qxLen,
byte* qy, word32* qyLen, byte* d, word32* dLen);
byte* qy, word32* qyLen, byte* d, word32* dLen);
#endif /* HAVE_ECC_KEY_EXPORT */
#ifdef HAVE_ECC_KEY_EXPORT
@ -513,6 +593,8 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
WOLFSSL_API
int wc_ecc_size(ecc_key* key);
WOLFSSL_API
int wc_ecc_sig_size_calc(int sz);
WOLFSSL_API
int wc_ecc_sig_size(ecc_key* key);
WOLFSSL_API

61
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h
View File

@ -1,15 +1,18 @@
/* hash.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/hash.h
*/
#ifndef WOLF_CRYPT_HASH_H
#define WOLF_CRYPT_HASH_H
@ -34,6 +37,13 @@
#ifdef WOLFSSL_SHA3
#include <wolfssl/wolfcrypt/sha3.h>
#endif
#ifndef NO_MD4
#include <wolfssl/wolfcrypt/md4.h>
#endif
#ifdef WOLFSSL_MD2
#include <wolfssl/wolfcrypt/md2.h>
#endif
#ifdef __cplusplus
extern "C" {
@ -44,20 +54,6 @@
#endif
/* Hash types */
enum wc_HashType {
WC_HASH_TYPE_NONE = 0,
WC_HASH_TYPE_MD2 = 1,
WC_HASH_TYPE_MD4 = 2,
WC_HASH_TYPE_MD5 = 3,
WC_HASH_TYPE_SHA = 4, /* SHA-1 (not old SHA-0) */
WC_HASH_TYPE_SHA224 = 9,
WC_HASH_TYPE_SHA256 = 5,
WC_HASH_TYPE_SHA384 = 6,
WC_HASH_TYPE_SHA512 = 7,
WC_HASH_TYPE_MD5_SHA = 8,
};
typedef union {
#ifndef NO_MD5
wc_Md5 md5;
@ -83,29 +79,42 @@ typedef union {
Note if this gets up to the size of 80 or over check smallstack build */
#if defined(WOLFSSL_SHA3)
#define WC_MAX_DIGEST_SIZE WC_SHA3_512_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA3_224_BLOCK_SIZE /* 224 is the largest block size */
#elif defined(WOLFSSL_SHA512)
#define WC_MAX_DIGEST_SIZE WC_SHA512_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA512_BLOCK_SIZE
#elif defined(HAVE_BLAKE2)
#define WC_MAX_DIGEST_SIZE BLAKE2B_OUTBYTES
#define WC_MAX_BLOCK_SIZE BLAKE2B_BLOCKBYTES
#elif defined(WOLFSSL_SHA384)
#define WC_MAX_DIGEST_SIZE WC_SHA384_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA384_BLOCK_SIZE
#elif !defined(NO_SHA256)
#define WC_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA256_BLOCK_SIZE
#elif defined(WOLFSSL_SHA224)
#define WC_MAX_DIGEST_SIZE WC_SHA224_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA224_BLOCK_SIZE
#elif !defined(NO_SHA)
#define WC_MAX_DIGEST_SIZE WC_SHA_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA_BLOCK_SIZE
#elif !defined(NO_MD5)
#define WC_MAX_DIGEST_SIZE WC_MD5_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_MD5_BLOCK_SIZE
#else
#define WC_MAX_DIGEST_SIZE 64 /* default to max size of 64 */
#define WC_MAX_BLOCK_SIZE 128
#endif
#if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC)
WOLFSSL_API int wc_HashGetOID(enum wc_HashType hash_type);
WOLFSSL_API enum wc_HashType wc_OidGetHash(int oid);
#endif
WOLFSSL_API enum wc_HashType wc_HashTypeConvert(int hashType);
WOLFSSL_API int wc_HashGetDigestSize(enum wc_HashType hash_type);
WOLFSSL_API int wc_HashGetBlockSize(enum wc_HashType hash_type);
WOLFSSL_API int wc_Hash(enum wc_HashType hash_type,
const byte* data, word32 data_len,
byte* hash, word32 hash_len);
@ -116,7 +125,7 @@ WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type,
const byte* data, word32 dataSz);
WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type,
byte* out);
WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type);
#ifndef NO_MD5
#include <wolfssl/wolfcrypt/md5.h>
@ -128,22 +137,24 @@ WOLFSSL_API int wc_Md5Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*);
#endif
#ifdef WOLFSSL_SHA224
#include <wolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA224) */
#ifndef NO_SHA256
#include <wolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*);
#if defined(WOLFSSL_SHA224)
WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA224) */
#endif
#ifdef WOLFSSL_SHA384
#include <wolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA384) */
#ifdef WOLFSSL_SHA512
#include <wolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
#if defined(WOLFSSL_SHA384)
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA384) */
#endif /* WOLFSSL_SHA512 */
#ifdef __cplusplus

91
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h
View File

@ -1,16 +1,18 @@
/* hmac.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/hmac.h
*/
#ifndef NO_HMAC
@ -19,17 +21,26 @@
#include <wolfssl/wolfcrypt/hash.h>
#ifdef HAVE_FIPS
/* for fips */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* for fips @wc_fips */
#include <cyassl/ctaocrypt/hmac.h>
#define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE
#endif
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifndef HAVE_FIPS
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
@ -47,63 +58,43 @@ enum {
/* If any hash is not enabled, add the ID here. */
#ifdef NO_MD5
WC_MD5 = 0,
WC_MD5 = WC_HASH_TYPE_MD5,
#endif
#ifdef NO_SHA
WC_SHA = 1,
WC_SHA = WC_HASH_TYPE_SHA,
#endif
#ifdef NO_SHA256
WC_SHA256 = 2,
WC_SHA256 = WC_HASH_TYPE_SHA256,
#endif
#ifndef WOLFSSL_SHA512
WC_SHA512 = 4,
WC_SHA512 = WC_HASH_TYPE_SHA512,
#endif
#ifndef WOLFSSL_SHA384
WC_SHA384 = 5,
WC_SHA384 = WC_HASH_TYPE_SHA384,
#endif
#ifndef HAVE_BLAKE2
BLAKE2B_ID = 7,
BLAKE2B_ID = WC_HASH_TYPE_BLAKE2B,
#endif
#ifndef WOLFSSL_SHA224
WC_SHA224 = 8,
WC_SHA224 = WC_HASH_TYPE_SHA224,
#endif
#ifndef WOLFSSL_SHA3
WC_SHA3_224 = 10,
WC_SHA3_256 = 11,
WC_SHA3_384 = 12,
WC_SHA3_512 = 13,
#else
/* These values are used for HMAC, not SHA-3 directly.
* They come from from FIPS PUB 202. */
WC_SHA3_224_BLOCK_SIZE = 144,
WC_SHA3_256_BLOCK_SIZE = 136,
WC_SHA3_384_BLOCK_SIZE = 104,
WC_SHA3_512_BLOCK_SIZE = 72,
#endif
/* Select the largest available hash for the buffer size. */
#if defined(WOLFSSL_SHA3)
WC_HMAC_BLOCK_SIZE = WC_SHA3_224_BLOCK_SIZE
/* SHA3-224 has the largest block size */
#elif defined(WOLFSSL_SHA512)
WC_HMAC_BLOCK_SIZE = WC_SHA512_BLOCK_SIZE,
#elif defined(HAVE_BLAKE2)
WC_HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES,
#elif defined(WOLFSSL_SHA384)
WC_HMAC_BLOCK_SIZE = WC_SHA384_BLOCK_SIZE
#elif !defined(NO_SHA256)
WC_HMAC_BLOCK_SIZE = WC_SHA256_BLOCK_SIZE
#elif defined(WOLFSSL_SHA224)
WC_HMAC_BLOCK_SIZE = WC_SHA224_BLOCK_SIZE
#elif !defined(NO_SHA)
WC_HMAC_BLOCK_SIZE = WC_SHA_BLOCK_SIZE,
#elif !defined(NO_MD5)
WC_HMAC_BLOCK_SIZE = WC_MD5_BLOCK_SIZE,
#else
#error "You have to have some kind of hash if you want to use HMAC."
WC_SHA3_224 = WC_HASH_TYPE_SHA3_224,
WC_SHA3_256 = WC_HASH_TYPE_SHA3_256,
WC_SHA3_384 = WC_HASH_TYPE_SHA3_384,
WC_SHA3_512 = WC_HASH_TYPE_SHA3_512,
#endif
};
/* Select the largest available hash for the buffer size. */
#define WC_HMAC_BLOCK_SIZE WC_MAX_BLOCK_SIZE
#if !defined(WOLFSSL_SHA3) && !defined(WOLFSSL_SHA512) && !defined(HAVE_BLAKE2) && \
!defined(WOLFSSL_SHA384) && defined(NO_SHA256) && defined(WOLFSSL_SHA224) && \
defined(NO_SHA) && defined(NO_MD5)
#error "You have to have some kind of hash if you want to use HMAC."
#endif
/* hash union */
typedef union {
@ -119,17 +110,17 @@ typedef union {
#ifndef NO_SHA256
wc_Sha256 sha256;
#endif
#ifdef WOLFSSL_SHA512
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
#endif
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
#endif
#ifdef HAVE_BLAKE2
Blake2b blake2b;
#endif
#ifdef WOLFSSL_SHA3
Sha3 sha3;
wc_Sha3 sha3;
#endif
} Hash;
@ -146,10 +137,6 @@ typedef struct Hmac {
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
word16 keyLen; /* hmac key length (key in ipad) */
#ifdef HAVE_CAVIUM
byte* data; /* buffered input data for one call */
word16 dataLen;
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
} Hmac;

18
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h
View File

@ -1,12 +1,12 @@
/* integer.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -62,6 +62,11 @@ extern "C" {
/* C++ compilers don't like assigning void * to mp_digit * */
#define OPT_CAST(x) (x *)
#elif defined(_SH3)
/* SuperH SH3 compiler doesn't like assigning voi* to mp_digit* */
#define OPT_CAST(x) (x *)
#else
/* C on the other hand doesn't care */
@ -268,6 +273,7 @@ MP_API int mp_unsigned_bin_size(mp_int * a);
MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b);
MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
MP_API int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
/* end functions needed by Rsa */
@ -354,15 +360,19 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
#define mp_dump(desc, a, verbose)
#endif
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \
!defined(NO_DSA) || !defined(NO_DH)
MP_API int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
#endif
#if !defined(NO_DSA) || defined(HAVE_ECC)
MP_API int mp_read_radix(mp_int* a, const char* str, int radix);
#endif
#ifdef WOLFSSL_KEY_GEN
#if defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH)
MP_API int mp_prime_is_prime (mp_int * a, int t, int *result);
MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG*);
#endif /* WOLFSSL_KEY_GEN NO_RSA NO_DSA NO_DH */
#ifdef WOLFSSL_KEY_GEN
MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);

69
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h
View File

@ -1,15 +1,19 @@
/* logging.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/logging.h
*/
/* submitted by eof */
@ -32,6 +36,50 @@ enum wc_LogLevels {
OTHER_LOG
};
#ifdef WOLFSSL_FUNC_TIME
/* WARNING: This code is only to be used for debugging performance.
* The code is not thread-safe.
* Do not use WOLFSSL_FUNC_TIME in production code.
*/
enum wc_FuncNum {
WC_FUNC_HELLO_REQUEST_SEND = 0,
WC_FUNC_HELLO_REQUEST_DO,
WC_FUNC_CLIENT_HELLO_SEND,
WC_FUNC_CLIENT_HELLO_DO,
WC_FUNC_SERVER_HELLO_SEND,
WC_FUNC_SERVER_HELLO_DO,
WC_FUNC_ENCRYPTED_EXTENSIONS_SEND,
WC_FUNC_ENCRYPTED_EXTENSIONS_DO,
WC_FUNC_CERTIFICATE_REQUEST_SEND,
WC_FUNC_CERTIFICATE_REQUEST_DO,
WC_FUNC_CERTIFICATE_SEND,
WC_FUNC_CERTIFICATE_DO,
WC_FUNC_CERTIFICATE_VERIFY_SEND,
WC_FUNC_CERTIFICATE_VERIFY_DO,
WC_FUNC_FINISHED_SEND,
WC_FUNC_FINISHED_DO,
WC_FUNC_KEY_UPDATE_SEND,
WC_FUNC_KEY_UPDATE_DO,
WC_FUNC_EARLY_DATA_SEND,
WC_FUNC_EARLY_DATA_DO,
WC_FUNC_NEW_SESSION_TICKET_SEND,
WC_FUNC_NEW_SESSION_TICKET_DO,
WC_FUNC_SERVER_HELLO_DONE_SEND,
WC_FUNC_SERVER_HELLO_DONE_DO,
WC_FUNC_TICKET_SEND,
WC_FUNC_TICKET_DO,
WC_FUNC_CLIENT_KEY_EXCHANGE_SEND,
WC_FUNC_CLIENT_KEY_EXCHANGE_DO,
WC_FUNC_CERTIFICATE_STATUS_SEND,
WC_FUNC_CERTIFICATE_STATUS_DO,
WC_FUNC_SERVER_KEY_EXCHANGE_SEND,
WC_FUNC_SERVER_KEY_EXCHANGE_DO,
WC_FUNC_END_OF_EARLY_DATA_SEND,
WC_FUNC_END_OF_EARLY_DATA_DO,
WC_FUNC_COUNT
};
#endif
typedef void (*wolfSSL_Logging_cb)(const int logLevel,
const char *const logMessage);
@ -57,10 +105,23 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
WOLFSSL_API int wc_SetLoggingHeap(void* h);
WOLFSSL_API int wc_ERR_remove_state(void);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API void wc_ERR_print_errors_fp(FILE* fp);
WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp);
#endif
#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */
#ifdef WOLFSSL_FUNC_TIME
/* WARNING: This code is only to be used for debugging performance.
* The code is not thread-safe.
* Do not use WOLFSSL_FUNC_TIME in production code.
*/
WOLFSSL_API void WOLFSSL_START(int funcNum);
WOLFSSL_API void WOLFSSL_END(int funcNum);
WOLFSSL_API void WOLFSSL_TIME(int count);
#else
#define WOLFSSL_START(n)
#define WOLFSSL_END(n)
#define WOLFSSL_TIME(n)
#endif
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_DEBUG_ERRORS_ONLY)
#if defined(_WIN32)
@ -93,7 +154,7 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
#endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */
#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
WOLFSSL_API void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line,

11
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/md5.h
View File

@ -1,15 +1,19 @@
/* md5.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/md5.h
*/
#ifndef WOLF_CRYPT_MD5_H
#define WOLF_CRYPT_MD5_H
@ -39,12 +43,13 @@
/* in bytes */
enum {
WC_MD5 = 0, /* hash type unique */
WC_MD5 = WC_HASH_TYPE_MD5,
WC_MD5_BLOCK_SIZE = 64,
WC_MD5_DIGEST_SIZE = 16,
WC_MD5_PAD_SIZE = 56
};
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
#endif

4
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/mpi_class.h
View File

@ -1,12 +1,12 @@
/* mpi_class.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

4
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/mpi_superclass.h
View File

@ -1,12 +1,12 @@
/* mpi_superclass.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

22
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/pwdbased.h
View File

@ -1,15 +1,18 @@
/* pwdbased.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/pwdbased.h
*/
#ifndef WOLF_CRYPT_PWDBASED_H
#define WOLF_CRYPT_PWDBASED_H
@ -18,11 +21,6 @@
#ifndef NO_PWDBASED
#ifndef NO_MD5
#include <wolfssl/wolfcrypt/md5.h> /* for hash type */
#endif
#include <wolfssl/wolfcrypt/sha.h>
#ifdef __cplusplus
extern "C" {
@ -32,6 +30,10 @@
* hashType renamed to typeH to avoid shadowing global declaration here:
* wolfssl/wolfcrypt/asn.h line 173 in enum Oid_Types
*/
WOLFSSL_API int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen,
const byte* passwd, int passwdLen,
const byte* salt, int saltLen, int iterations,
int hashType, void* heap);
WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations, int kLen,
int typeH);
@ -51,12 +53,6 @@ WOLFSSL_API int wc_scrypt(byte* output, const byte* passwd, int passLen,
int blockSize, int parallel, int dkLen);
#endif
/* helper functions */
WOLFSSL_LOCAL int GetDigestSize(int typeH);
WOLFSSL_LOCAL int GetPKCS12HashSizes(int typeH, word32* v, word32* u);
WOLFSSL_LOCAL int DoPKCS12Hash(int typeH, byte* buffer, word32 totalLen,
byte* Ai, word32 u, int iterations);
#ifdef __cplusplus
} /* extern "C" */

55
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h
View File

@ -1,15 +1,19 @@
/* random.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/random.h
*/
#ifndef WOLF_CRYPT_RANDOM_H
@ -17,8 +21,14 @@
#include <wolfssl/wolfcrypt/types.h>
#ifdef HAVE_FIPS
/* for fips @wc_fips */
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
/* included for fips @wc_fips */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#include <cyassl/ctaocrypt/random.h>
#endif
@ -47,8 +57,8 @@
#endif
/* make sure Hash DRBG is enabled, unless WC_NO_HASHDRBG is defined
or CUSTOM_RAND_GENERATE_BLOCK is defined*/
#if !defined(WC_NO_HASHDRBG) || !defined(CUSTOM_RAND_GENERATE_BLOCK)
or CUSTOM_RAND_GENERATE_BLOCK is defined */
#if !defined(WC_NO_HASHDRBG) && !defined(CUSTOM_RAND_GENERATE_BLOCK)
#undef HAVE_HASHDRBG
#define HAVE_HASHDRBG
#ifndef WC_RESEED_INTERVAL
@ -57,7 +67,9 @@
#endif
#ifndef HAVE_FIPS /* avoid redefining structs and macros */
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
/* RNG supports the following sources (in order):
* 1. CUSTOM_RAND_GENERATE_BLOCK: Defines name of function as RNG source and
@ -85,7 +97,9 @@
#include <wolfssl/wolfcrypt/sha256.h>
#elif defined(HAVE_WNR)
/* allow whitewood as direct RNG source using wc_GenerateSeed directly */
#else
#elif defined(HAVE_INTEL_RDRAND)
/* Intel RDRAND or RDSEED */
#elif !defined(WC_NO_RNG)
#error No RNG source defined!
#endif
@ -138,7 +152,7 @@ struct WC_RNG {
#endif
};
#endif /* HAVE_FIPS */
#endif /* NO FIPS or have FIPS v2*/
/* NO_OLD_RNGNAME removes RNG struct name to prevent possible type conflicts,
* can't be used with CTaoCrypt FIPS */
@ -157,21 +171,42 @@ int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
WOLFSSL_API int wc_FreeNetRandom(void);
#endif /* HAVE_WNR */
#ifndef WC_NO_RNG
WOLFSSL_API int wc_InitRng(WC_RNG*);
WOLFSSL_API int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId);
WOLFSSL_API int wc_InitRngNonce(WC_RNG* rng, byte* nonce, word32 nonceSz);
WOLFSSL_API int wc_InitRngNonce_ex(WC_RNG* rng, byte* nonce, word32 nonceSz,
void* heap, int devId);
WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz);
WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*);
WOLFSSL_API int wc_FreeRng(WC_RNG*);
#else
#include <wolfssl/wolfcrypt/error-crypt.h>
#define wc_InitRng(rng) NOT_COMPILED_IN
#define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN
#define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN
#define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN
#define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN
#define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN
#define wc_FreeRng(rng) (void)NOT_COMPILED_IN
#endif
#ifdef HAVE_HASHDRBG
WOLFSSL_LOCAL int wc_RNG_DRBG_Reseed(WC_RNG* rng, const byte* entropy,
word32 entropySz);
WOLFSSL_API int wc_RNG_TestSeed(const byte* seed, word32 seedSz);
WOLFSSL_API int wc_RNG_HealthTest(int reseed,
const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
byte* output, word32 outputSz);
WOLFSSL_API int wc_RNG_HealthTest_ex(int reseed,
const byte* nonce, word32 nonceSz,
const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
byte* output, word32 outputSz,
void* heap, int devId);
#endif /* HAVE_HASHDRBG */
#ifdef __cplusplus

300
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h
View File

@ -1,12 +1,12 @@
/* settings.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -67,6 +67,9 @@
/* Uncomment next line if building wolfSSL for LSR */
/* #define WOLFSSL_LSR */
/* Uncomment next line if building for Freescale Classic MQX version 4.0 */
/* #define FREESCALE_MQX_4_0 */
/* Uncomment next line if building for Freescale Classic MQX/RTCS/MFS */
/* #define FREESCALE_MQX */
@ -76,7 +79,8 @@
/* Uncomment next line if building for Freescale KSDK Bare Metal */
/* #define FREESCALE_KSDK_BM */
/* Uncomment next line if building for Freescale KSDK FreeRTOS (old name FREESCALE_FREE_RTOS) */
/* Uncomment next line if building for Freescale KSDK FreeRTOS, */
/* (old name FREESCALE_FREE_RTOS) */
/* #define FREESCALE_KSDK_FREERTOS */
/* Uncomment next line if using STM32F2 */
@ -85,6 +89,9 @@
/* Uncomment next line if using STM32F4 */
/* #define WOLFSSL_STM32F4 */
/* Uncomment next line if using STM32FL */
/* #define WOLFSSL_STM32FL */
/* Uncomment next line if using STM32F7 */
/* #define WOLFSSL_STM32F7 */
@ -153,6 +160,18 @@
/* Uncomment next line if building for using XILINX */
/* #define WOLFSSL_XILINX */
/* Uncomment next line if building for Nucleus 1.2 */
/* #define WOLFSSL_NUCLEUS_1_2 */
/* Uncomment next line if building for using Apache mynewt */
/* #define WOLFSSL_APACHE_MYNEWT */
/* Uncomment next line if building for using ESP-IDF */
/* #define WOLFSSL_ESPIDF */
/* Uncomment next line if using Espressif ESP32-WROOM-32 */
/* #define WOLFSSL_ESPWROOM32 */
#include <wolfssl/wolfcrypt/visibility.h>
#ifdef WOLFSSL_USER_SETTINGS
@ -194,6 +213,22 @@
#include <nx_api.h>
#endif
#if defined(WOLFSSL_ESPIDF)
#define FREERTOS
#define WOLFSSL_LWIP
#define NO_WRITEV
#define SIZEOF_LONG_LONG 8
#define NO_WOLFSSL_DIR
#define WOLFSSL_NO_CURRDIR
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#if !defined(WOLFSSL_USER_SETTINGS)
#define HAVE_ECC
#endif /* !WOLFSSL_USER_SETTINGS */
#endif /* WOLFSSL_ESPIDF */
#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
#define WOLFSSL_LWIP
#define NO_WRITEV
@ -202,6 +237,22 @@
#define NO_FILESYSTEM
#endif
#if defined(WOLFSSL_CONTIKI)
#include <contiki.h>
#define WOLFSSL_UIP
#define NO_WOLFSSL_MEMORY
#define NO_WRITEV
#define SINGLE_THREADED
#define WOLFSSL_USER_IO
#define NO_FILESYSTEM
#define CUSTOM_RAND_TYPE uint16_t
#define CUSTOM_RAND_GENERATE random_rand
static inline unsigned int LowResTimer(void)
{
return clock_seconds();
}
#endif
#if defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_ROWLEY_ARM)
#define NO_MAIN_DRIVER
#define SINGLE_THREADED
@ -231,9 +282,15 @@
#endif
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
#define WOLFSSL_PIC32MZ_CRYPT
#define WOLFSSL_PIC32MZ_RNG
#define WOLFSSL_PIC32MZ_HASH
#ifndef NO_PIC32MZ_CRYPT
#define WOLFSSL_PIC32MZ_CRYPT
#endif
#ifndef NO_PIC32MZ_RNG
#define WOLFSSL_PIC32MZ_RNG
#endif
#ifndef NO_PIC32MZ_HASH
#define WOLFSSL_PIC32MZ_HASH
#endif
#endif
#ifdef MICROCHIP_TCPIP_V5
@ -332,7 +389,8 @@
#ifdef VXWORKS_SIM
#define TFM_NO_ASM
#endif
#define WOLFSSL_PTHREADS
/* For VxWorks pthreads wrappers for mutexes uncomment the next line. */
/* #define WOLFSSL_PTHREADS */
#define WOLFSSL_HAVE_MIN
#define WOLFSSL_HAVE_MAX
#define USE_FAST_MATH
@ -438,6 +496,32 @@
#include "wolfssl_chibios.h"
#endif
#ifdef WOLFSSL_PB
/* PB is using older 1.2 version of Nucleus */
#undef WOLFSSL_NUCLEUS
#define WOLFSSL_NUCLEUS_1_2
#endif
#ifdef WOLFSSL_NUCLEUS_1_2
#define NO_WRITEV
#define NO_WOLFSSL_DIR
#if !defined(NO_ASN_TIME) && !defined(USER_TIME)
#error User must define XTIME, see manual
#endif
#if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER)
extern void* nucleus_malloc(unsigned long size, void* heap, int type);
extern void* nucleus_realloc(void* ptr, unsigned long size, void* heap,
int type);
extern void nucleus_free(void* ptr, void* heap, int type);
#define XMALLOC(s, h, type) nucleus_malloc((s), (h), (type))
#define XREALLOC(p, n, h, t) nucleus_realloc((p), (n), (h), (t))
#define XFREE(p, h, type) nucleus_free((p), (h), (type))
#endif
#endif
#ifdef WOLFSSL_NRF5x
#define SIZEOF_LONG 4
#define SIZEOF_LONG_LONG 8
@ -494,7 +578,7 @@ extern void uITRON4_free(void *p) ;
#include "tm/tmonitor.h"
/* static char* gets(char *buff); */
static char* fgets(char *buff, int sz, FILE *fp) {
static char* fgets(char *buff, int sz, XFILE fp) {
char * p = buff;
*p = '\0';
while (1) {
@ -539,7 +623,9 @@ extern void uITRON4_free(void *p) ;
#define XMALLOC(s, h, type) pvPortMalloc((s))
#define XFREE(p, h, type) vPortFree((p))
#endif
#if defined(HAVE_ED25519) || defined(WOLFSSL_ESPIDF)
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
#endif
#ifndef NO_WRITEV
#define NO_WRITEV
#endif
@ -700,6 +786,11 @@ extern void uITRON4_free(void *p) ;
#define TFM_TIMING_RESISTANT
#endif
#ifdef FREESCALE_MQX_4_0
/* use normal Freescale MQX port, but with minor changes for 4.0 */
#define FREESCALE_MQX
#endif
#ifdef FREESCALE_MQX
#define FREESCALE_COMMON
#include "mqx.h"
@ -716,10 +807,12 @@ extern void uITRON4_free(void *p) ;
#include "mutex.h"
#endif
#define XMALLOC_OVERRIDE
#define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
#define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */
#if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER)
#define XMALLOC_OVERRIDE
#define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
#define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */
#endif
#endif
#ifdef FREESCALE_KSDK_MQX
@ -946,14 +1039,6 @@ extern void uITRON4_free(void *p) ;
#undef NO_ECC256
#define HAVE_ECC384
#endif
/* enable features */
#undef HAVE_CURVE25519
#define HAVE_CURVE25519
#undef HAVE_ED25519
#define HAVE_ED25519
#undef WOLFSSL_SHA512
#define WOLFSSL_SHA512
#endif
#endif
#endif
@ -977,7 +1062,8 @@ extern void uITRON4_free(void *p) ;
#endif
#if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7)
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \
defined(WOLFSSL_STM32L4)
#define SIZEOF_LONG_LONG 8
#define NO_DEV_RANDOM
@ -987,10 +1073,17 @@ extern void uITRON4_free(void *p) ;
#ifndef NO_STM32_RNG
#undef STM32_RNG
#define STM32_RNG
#ifdef WOLFSSL_STM32F427_RNG
#include "stm32f427xx.h"
#endif
#endif
#ifndef NO_STM32_CRYPTO
#undef STM32_CRYPTO
#define STM32_CRYPTO
#ifdef WOLFSSL_STM32L4
#define NO_AES_192 /* hardware does not support 192-bit */
#endif
#endif
#ifndef NO_STM32_HASH
#undef STM32_HASH
@ -1003,10 +1096,14 @@ extern void uITRON4_free(void *p) ;
#ifdef WOLFSSL_STM32_CUBEMX
#if defined(WOLFSSL_STM32F2)
#include "stm32f2xx_hal.h"
#elif defined(WOLFSSL_STM32L4)
#include "stm32l4xx_hal.h"
#elif defined(WOLFSSL_STM32F4)
#include "stm32f4xx_hal.h"
#elif defined(WOLFSSL_STM32F7)
#include "stm32f7xx_hal.h"
#elif defined(WOLFSSL_STM32F1)
#include "stm32f1xx_hal.h"
#endif
#ifndef STM32_HAL_TIMEOUT
@ -1029,11 +1126,21 @@ extern void uITRON4_free(void *p) ;
#ifdef STM32_HASH
#include "stm32f4xx_hash.h"
#endif
#elif defined(WOLFSSL_STM32L4)
#include "stm32l4xx.h"
#ifdef STM32_CRYPTO
#include "stm32l4xx_cryp.h"
#endif
#ifdef STM32_HASH
#include "stm32l4xx_hash.h"
#endif
#elif defined(WOLFSSL_STM32F7)
#include "stm32f7xx.h"
#elif defined(WOLFSSL_STM32F1)
#include "stm32f1xx.h"
#endif
#endif /* WOLFSSL_STM32_CUBEMX */
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32F7 */
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || WOLFSSL_STM32F7 */
#ifdef MICRIUM
#include <stdlib.h>
@ -1070,12 +1177,6 @@ extern void uITRON4_free(void *p) ;
#define CUSTOM_RAND_TYPE RAND_NBR
#define CUSTOM_RAND_GENERATE Math_Rand
#endif
#define WOLFSSL_TYPES
typedef CPU_INT08U byte;
typedef CPU_INT16U word16;
typedef CPU_INT32U word32;
#define STRING_USER
#define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
#define XSTRNCPY(pstr_dest, pstr_src, len_max) \
@ -1172,6 +1273,41 @@ extern void uITRON4_free(void *p) ;
#endif
#endif /*(WOLFSSL_XILINX_CRYPT)*/
#if defined(WOLFSSL_APACHE_MYNEWT)
#include "os/os_malloc.h"
#if !defined(WOLFSSL_LWIP)
#include <mn_socket/mn_socket.h>
#endif
#if !defined(SIZEOF_LONG)
#define SIZEOF_LONG 4
#endif
#if !defined(SIZEOF_LONG_LONG)
#define SIZEOF_LONG_LONG 8
#endif
#if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
#define BIG_ENDIAN_ORDER
#else
#undef BIG_ENDIAN_ORDER
#define LITTLE_ENDIAN_ORDER
#endif
#define NO_WRITEV
#define WOLFSSL_USER_IO
#define SINGLE_THREADED
#define NO_DEV_RANDOM
#define NO_DH
#define NO_WOLFSSL_DIR
#define NO_ERROR_STRINGS
#define HAVE_ECC
#define NO_SESSION_CACHE
#define NO_ERROR_STRINGS
#define XMALLOC_USER
#define XMALLOC(sz, heap, type) os_malloc(sz)
#define XREALLOC(p, sz, heap, type) os_realloc(p, sz)
#define XFREE(p, heap, type) os_free(p)
#endif /*(WOLFSSL_APACHE_MYNEWT)*/
#ifdef WOLFSSL_IMX6
#ifndef SIZEOF_LONG_LONG
#define SIZEOF_LONG_LONG 8
@ -1232,7 +1368,6 @@ extern void uITRON4_free(void *p) ;
#else
#define TFM_TIMING_RESISTANT
#define NO_WOLFSSL_DIR
#define NO_FILESYSTEM
#define NO_WRITEV
#define NO_MAIN_DRIVER
#define WOLFSSL_LOG_PRINTF
@ -1240,9 +1375,6 @@ extern void uITRON4_free(void *p) ;
#endif
#else
#define HAVE_ECC
#define ECC_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#define NO_FILESYSTEM
#define NO_WRITEV
#define NO_MAIN_DRIVER
#define USER_TICKS
@ -1252,6 +1384,10 @@ extern void uITRON4_free(void *p) ;
#if !defined(HAVE_FIPS) && !defined(NO_RSA)
#define WC_RSA_BLINDING
#endif
#define NO_FILESYSTEM
#define ECC_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#define SINGLE_THREADED
#define NO_ASN_TIME /* can not use headers such as windows.h */
#define HAVE_AESGCM
@ -1414,10 +1550,6 @@ extern void uITRON4_free(void *p) ;
#ifndef NO_AES_CBC
#undef HAVE_AES_CBC
#define HAVE_AES_CBC
#else
#ifndef WOLFCRYPT_ONLY
#error "AES CBC is required for TLS and can only be disabled for WOLFCRYPT_ONLY builds"
#endif
#endif
#ifdef WOLFSSL_AES_XTS
/* AES-XTS makes calls to AES direct functions */
@ -1433,6 +1565,13 @@ extern void uITRON4_free(void *p) ;
#endif
#endif
#if (defined(WOLFSSL_TLS13) && defined(WOLFSSL_NO_TLS12)) || \
(!defined(HAVE_AES_CBC) && defined(NO_DES3) && defined(NO_RC4) && \
!defined(HAVE_CAMELLIA) && !defined(HAVE_IDEA) && \
!defined(HAVE_NULL_CIPHER) && !defined(HAVE_HC128))
#define WOLFSSL_AEAD_ONLY
#endif
/* if desktop type system and fastmath increase default max bits */
#ifdef WOLFSSL_X86_64_BUILD
#ifdef USE_FAST_MATH
@ -1499,9 +1638,9 @@ extern void uITRON4_free(void *p) ;
#define HAVE_WOLF_EVENT
#ifdef WOLFSSL_ASYNC_CRYPT_TEST
#define WC_ASYNC_DEV_SIZE 320+24
#define WC_ASYNC_DEV_SIZE 328+24
#else
#define WC_ASYNC_DEV_SIZE 320
#define WC_ASYNC_DEV_SIZE 328
#endif
#if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \
@ -1551,7 +1690,7 @@ extern void uITRON4_free(void *p) ;
#ifndef HAVE_AES_KEYWRAP
#error PKCS7 requires AES key wrap please define HAVE_AES_KEYWRAP
#endif
#ifndef HAVE_X963_KDF
#if defined(HAVE_ECC) && !defined(HAVE_X963_KDF)
#error PKCS7 requires X963 KDF please define HAVE_X963_KDF
#endif
#endif
@ -1574,7 +1713,7 @@ extern void uITRON4_free(void *p) ;
#undef HAVE_GMTIME_R /* don't trust macro with windows */
#endif /* WOLFSSL_MYSQL_COMPATIBLE */
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#define SSL_OP_NO_COMPRESSION SSL_OP_NO_COMPRESSION
#define OPENSSL_NO_ENGINE
#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT
@ -1614,7 +1753,8 @@ extern void uITRON4_free(void *p) ;
#ifndef WC_NO_HARDEN
#if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
(defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
(!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS))
(!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) && \
!defined(WC_NO_RNG))
#ifndef _MSC_VER
#warning "For timing resistance / side-channel attack prevention consider using harden options"
@ -1626,8 +1766,8 @@ extern void uITRON4_free(void *p) ;
#if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA)
/* added to have compatibility with SHA256() */
#if !defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS)
#define NO_OLD_SHA256_NAMES
#if !defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS)
#define NO_OLD_SHA_NAMES
#endif
#endif
@ -1637,7 +1777,77 @@ extern void uITRON4_free(void *p) ;
#undef OPENSSL_EXTRA_X509_SMALL
#define OPENSSL_EXTRA_X509_SMALL
#endif /* OPENSSL_EXTRA */
/* support for converting DER to PEM */
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || \
defined(OPENSSL_EXTRA)
#undef WOLFSSL_DER_TO_PEM
#define WOLFSSL_DER_TO_PEM
#endif
/* keep backwards compatibility enabling encrypted private key */
#ifndef WOLFSSL_ENCRYPTED_KEYS
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(HAVE_WEBSERVER)
#define WOLFSSL_ENCRYPTED_KEYS
#endif
#endif
/* support for disabling PEM to DER */
#if !defined(WOLFSSL_NO_PEM)
#undef WOLFSSL_PEM_TO_DER
#define WOLFSSL_PEM_TO_DER
#endif
/* Parts of the openssl compatibility layer require peer certs */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#undef KEEP_PEER_CERT
#define KEEP_PEER_CERT
#endif
/* RAW hash function APIs are not implemented with ARMv8 hardware acceleration*/
#ifdef WOLFSSL_ARMASM
#undef WOLFSSL_NO_HASH_RAW
#define WOLFSSL_NO_HASH_RAW
#endif
#if !defined(WOLFSSL_SHA384) && !defined(WOLFSSL_SHA512) && defined(NO_AES) && \
!defined(WOLFSSL_SHA3)
#undef WOLFSSL_NO_WORD64_OPS
#define WOLFSSL_NO_WORD64_OPS
#endif
#if defined(NO_AES) && defined(NO_DES3) && !defined(HAVE_CAMELLIA) && \
defined(NO_PWDBASED) && !defined(HAVE_IDEA)
#undef WOLFSSL_NO_XOR_OPS
#define WOLFSSL_NO_XOR_OPS
#endif
#if defined(NO_ASN) && defined(WOLFCRYPT_ONLY)
#undef WOLFSSL_NO_INT_ENCODE
#define WOLFSSL_NO_INT_ENCODE
#undef WOLFSSL_NO_INT_DECODE
#define WOLFSSL_NO_INT_DECODE
#endif
#if defined(WOLFCRYPT_ONLY) && defined(WOLFSSL_RSA_VERIFY_ONLY) && \
defined(WC_NO_RSA_OAEP)
#undef WOLFSSL_NO_CT_OPS
#define WOLFSSL_NO_CT_OPS
#endif
#if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(HAVE_CURVE25519) && \
defined(WC_NO_RNG) && defined(WC_NO_RSA_OAEP)
#undef WOLFSSL_NO_CONST_CMP
#define WOLFSSL_NO_CONST_CMP
#endif
#if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(WOLFSSL_SHA384) && \
!defined(WOLFSSL_SHA512) && defined(WC_NO_RNG) && \
defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_RSA_PUBLIC_ONLY)
#undef WOLFSSL_NO_FORCE_ZERO
#define WOLFSSL_NO_FORCE_ZERO
#endif
#ifdef __cplusplus
} /* extern "C" */

28
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h
View File

@ -1,15 +1,19 @@
/* sha.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/sha.h
*/
#ifndef WOLF_CRYPT_SHA_H
#define WOLF_CRYPT_SHA_H
@ -18,7 +22,13 @@
#ifndef NO_SHA
#ifdef HAVE_FIPS
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#define wc_Sha Sha
#define WC_SHA SHA
#define WC_SHA_BLOCK_SIZE SHA_BLOCK_SIZE
@ -37,7 +47,9 @@
extern "C" {
#endif
#ifndef HAVE_FIPS /* avoid redefining structs */
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
@ -49,9 +61,12 @@
#include <wolfssl/wolfcrypt/async.h>
#endif
#if !defined(NO_OLD_SHA_NAMES)
#define SHA WC_SHA
#endif
#ifndef NO_OLD_WC_NAMES
#define Sha wc_Sha
#define SHA WC_SHA
#define SHA_BLOCK_SIZE WC_SHA_BLOCK_SIZE
#define SHA_DIGEST_SIZE WC_SHA_DIGEST_SIZE
#define SHA_PAD_SIZE WC_SHA_PAD_SIZE
@ -59,7 +74,7 @@
/* in bytes */
enum {
WC_SHA = 1, /* hash type unique */
WC_SHA = WC_HASH_TYPE_SHA,
WC_SHA_BLOCK_SIZE = 64,
WC_SHA_DIGEST_SIZE = 20,
WC_SHA_PAD_SIZE = 56
@ -107,6 +122,7 @@ typedef struct wc_Sha {
WOLFSSL_API int wc_InitSha(wc_Sha*);
WOLFSSL_API int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId);
WOLFSSL_API int wc_ShaUpdate(wc_Sha*, const byte*, word32);
WOLFSSL_API int wc_ShaFinalRaw(wc_Sha*, byte*);
WOLFSSL_API int wc_ShaFinal(wc_Sha*, byte*);
WOLFSSL_API void wc_ShaFree(wc_Sha*);

48
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h
View File

@ -1,15 +1,19 @@
/* sha256.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/sha256.h
*/
/* code submitted by raphael.huck@efixo.com */
@ -20,7 +24,13 @@
#ifndef NO_SHA256
#ifdef HAVE_FIPS
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#define wc_Sha256 Sha256
#define WC_SHA256 SHA256
#define WC_SHA256_BLOCK_SIZE SHA256_BLOCK_SIZE
@ -48,7 +58,9 @@
extern "C" {
#endif
#ifndef HAVE_FIPS /* avoid redefinition of structs */
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
@ -59,6 +71,9 @@
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
#if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HASH)
#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
#if defined(_MSC_VER)
#define SHA256_NOINLINE __declspec(noinline)
@ -68,9 +83,10 @@
#define SHA256_NOINLINE
#endif
#ifndef NO_OLD_SHA256_NAMES
#if !defined(NO_OLD_SHA_NAMES)
#define SHA256 WC_SHA256
#endif
#ifndef NO_OLD_WC_NAMES
#define Sha256 wc_Sha256
#define SHA256_BLOCK_SIZE WC_SHA256_BLOCK_SIZE
@ -80,16 +96,19 @@
/* in bytes */
enum {
WC_SHA256 = 2, /* hash type unique */
WC_SHA256 = WC_HASH_TYPE_SHA256,
WC_SHA256_BLOCK_SIZE = 64,
WC_SHA256_DIGEST_SIZE = 32,
WC_SHA256_PAD_SIZE = 56
};
#ifdef WOLFSSL_TI_HASH
#include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
#elif defined(WOLFSSL_IMX6_CAAM)
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
#elif defined(WOLFSSL_AFALG_HASH)
#include "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h"
#else
/* wc_Sha256 digest */
typedef struct wc_Sha256 {
@ -114,6 +133,15 @@ typedef struct wc_Sha256 {
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_SMALL_STACK_CACHE
word32* W;
#endif
#ifdef WOLFSSL_DEVCRYPTO_HASH
WC_CRYPTODEV ctx;
byte* msg;
word32 used;
word32 len;
#endif
#endif
} wc_Sha256;
@ -124,6 +152,7 @@ typedef struct wc_Sha256 {
WOLFSSL_API int wc_InitSha256(wc_Sha256*);
WOLFSSL_API int wc_InitSha256_ex(wc_Sha256*, void*, int);
WOLFSSL_API int wc_Sha256Update(wc_Sha256*, const byte*, word32);
WOLFSSL_API int wc_Sha256FinalRaw(wc_Sha256*, byte*);
WOLFSSL_API int wc_Sha256Final(wc_Sha256*, byte*);
WOLFSSL_API void wc_Sha256Free(wc_Sha256*);
@ -135,7 +164,9 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32);
#endif
#ifdef WOLFSSL_SHA224
#ifndef HAVE_FIPS /* avoid redefinition of structs */
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifndef NO_OLD_WC_NAMES
#define Sha224 wc_Sha224
@ -147,12 +178,13 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32);
/* in bytes */
enum {
WC_SHA224 = 8, /* hash type unique */
WC_SHA224 = WC_HASH_TYPE_SHA224,
WC_SHA224_BLOCK_SIZE = WC_SHA256_BLOCK_SIZE,
WC_SHA224_DIGEST_SIZE = 28,
WC_SHA224_PAD_SIZE = WC_SHA256_PAD_SIZE
};
typedef wc_Sha256 wc_Sha224;
#endif /* HAVE_FIPS */

610
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h
View File

@ -1,106 +1,108 @@
/* types.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/types.h
*/
#ifndef WOLF_CRYPT_TYPES_H
#define WOLF_CRYPT_TYPES_H
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/wc_port.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef __cplusplus
extern "C" {
#endif
#if defined(WORDS_BIGENDIAN)
#define BIG_ENDIAN_ORDER
#endif
#if defined(WORDS_BIGENDIAN)
#define BIG_ENDIAN_ORDER
#endif
#ifndef BIG_ENDIAN_ORDER
#define LITTLE_ENDIAN_ORDER
#endif
#ifndef BIG_ENDIAN_ORDER
#define LITTLE_ENDIAN_ORDER
#endif
#ifndef WOLFSSL_TYPES
#ifndef byte
typedef unsigned char byte;
#endif
typedef unsigned short word16;
typedef unsigned int word32;
typedef byte word24[3];
#endif
#ifndef WOLFSSL_TYPES
#ifndef byte
typedef unsigned char byte;
#endif
typedef unsigned short word16;
typedef unsigned int word32;
typedef byte word24[3];
#endif
/* try to set SIZEOF_LONG or LONG_LONG if user didn't */
#if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) && !defined(__EMSCRIPTEN__)
#if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG)
#if (defined(__alpha__) || defined(__ia64__) || \
defined(_ARCH_PPC64) || defined(__mips64) || \
defined(__x86_64__) || \
((defined(sun) || defined(__sun)) && \
(defined(LP64) || defined(_LP64))))
/* long should be 64bit */
#define SIZEOF_LONG 8
#elif defined(__i386__) || defined(__CORTEX_M3__)
/* long long should be 64bit */
#define SIZEOF_LONG_LONG 8
#endif
#endif
#endif
/* try to set SIZEOF_LONG or LONG_LONG if user didn't */
#if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) && !defined(__EMSCRIPTEN__)
#if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG)
#if (defined(__alpha__) || defined(__ia64__) || \
defined(_ARCH_PPC64) || defined(__mips64) || \
defined(__x86_64__) || \
((defined(sun) || defined(__sun)) && \
(defined(LP64) || defined(_LP64))))
/* long should be 64bit */
#define SIZEOF_LONG 8
#elif defined(__i386__) || defined(__CORTEX_M3__)
/* long long should be 64bit */
#define SIZEOF_LONG_LONG 8
#endif
#endif
#endif
#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
#define WORD64_AVAILABLE
#define W64LIT(x) x##ui64
typedef unsigned __int64 word64;
#elif defined(__EMSCRIPTEN__)
#define WORD64_AVAILABLE
#define W64LIT(x) x##ull
typedef unsigned long long word64;
#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long word64;
#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
#endif
#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
#define WORD64_AVAILABLE
#define W64LIT(x) x##ui64
typedef unsigned __int64 word64;
#elif defined(__EMSCRIPTEN__)
#define WORD64_AVAILABLE
#define W64LIT(x) x##ull
typedef unsigned long long word64;
#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long word64;
#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
#endif
#if !defined(NO_64BIT) && defined(WORD64_AVAILABLE)
/* These platforms have 64-bit CPU registers. */
#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \
/* These platforms have 64-bit CPU registers. */
#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \
defined(__aarch64__) || defined(__sparc64__)
typedef word64 wolfssl_word;
typedef word64 wolfssl_word;
#define WC_64BIT_CPU
#elif (defined(sun) || defined(__sun)) && \
#elif (defined(sun) || defined(__sun)) && \
(defined(LP64) || defined(_LP64))
/* LP64 with GNU GCC compiler is reserved for when long int is 64 bits
* and int uses 32 bits. When using Solaris Studio sparc and __sparc are
* avialable for 32 bit detection but __sparc64__ could be missed. This
* available for 32 bit detection but __sparc64__ could be missed. This
* uses LP64 for checking 64 bit CPU arch. */
typedef word64 wolfssl_word;
typedef word64 wolfssl_word;
#define WC_64BIT_CPU
#else
typedef word32 wolfssl_word;
#ifdef WORD64_AVAILABLE
#define WOLFCRYPT_SLOW_WORD64
#endif
#endif
typedef word32 wolfssl_word;
#ifdef WORD64_AVAILABLE
#define WOLFCRYPT_SLOW_WORD64
#endif
#endif
#else
#undef WORD64_AVAILABLE
typedef word32 wolfssl_word;
@ -108,36 +110,40 @@
mp_digit, no 64 bit type so make mp_digit 16 bit */
#endif
enum {
WOLFSSL_WORD_SIZE = sizeof(wolfssl_word),
WOLFSSL_BIT_SIZE = 8,
WOLFSSL_WORD_BITS = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE
};
enum {
WOLFSSL_WORD_SIZE = sizeof(wolfssl_word),
WOLFSSL_BIT_SIZE = 8,
WOLFSSL_WORD_BITS = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE
};
#define WOLFSSL_MAX_16BIT 0xffffU
#define WOLFSSL_MAX_16BIT 0xffffU
/* use inlining if compiler allows */
#ifndef INLINE
#ifndef NO_INLINE
#ifdef _MSC_VER
#define INLINE __inline
#elif defined(__GNUC__)
/* use inlining if compiler allows */
#ifndef WC_INLINE
#ifndef NO_INLINE
#ifdef _MSC_VER
#define WC_INLINE __inline
#elif defined(__GNUC__)
#ifdef WOLFSSL_VXWORKS
#define INLINE __inline__
#define WC_INLINE __inline__
#else
#define INLINE inline
#define WC_INLINE inline
#endif
#elif defined(__IAR_SYSTEMS_ICC__)
#define INLINE inline
#elif defined(THREADX)
#define INLINE _Inline
#else
#define INLINE
#endif
#else
#define INLINE
#endif
#endif
#elif defined(__IAR_SYSTEMS_ICC__)
#define WC_INLINE inline
#elif defined(THREADX)
#define WC_INLINE _Inline
#else
#define WC_INLINE
#endif
#else
#define WC_INLINE
#endif
#endif
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
#define INLINE WC_INLINE
#endif
/* set up rotate style */
@ -155,47 +161,47 @@
#endif
/* set up thread local storage if available */
#ifdef HAVE_THREAD_LS
#if defined(_MSC_VER)
#define THREAD_LS_T __declspec(thread)
/* Thread local storage only in FreeRTOS v8.2.1 and higher */
#elif defined(FREERTOS)
#define THREAD_LS_T
#else
#define THREAD_LS_T __thread
#endif
#else
#define THREAD_LS_T
#endif
/* set up thread local storage if available */
#ifdef HAVE_THREAD_LS
#if defined(_MSC_VER)
#define THREAD_LS_T __declspec(thread)
/* Thread local storage only in FreeRTOS v8.2.1 and higher */
#elif defined(FREERTOS) || defined(FREERTOS_TCP)
#define THREAD_LS_T
#else
#define THREAD_LS_T __thread
#endif
#else
#define THREAD_LS_T
#endif
/* GCC 7 has new switch() fall-through detection */
#if defined(__GNUC__)
#if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1)))
#define FALL_THROUGH __attribute__ ((fallthrough));
#define FALL_THROUGH __attribute__ ((fallthrough))
#endif
#endif
#ifndef FALL_THROUGH
#define FALL_THROUGH
#endif
/* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
!defined(FREERTOS_TCP) && !defined(EBSNET) && \
/* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
!defined(FREERTOS_TCP) && !defined(EBSNET) && \
!defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS)
#define USE_WINDOWS_API
#endif
#define USE_WINDOWS_API
#endif
/* idea to add global alloc override by Moises Guimaraes */
/* default to libc stuff */
/* XREALLOC is used once in normal math lib, not in fast math lib */
/* XFREE on some embeded systems doesn't like free(0) so test */
#if defined(HAVE_IO_POOL)
WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type);
WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type);
WOLFSSL_API void XFREE(void *p, void* heap, int type);
#elif defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_INTEL_QA)
/* idea to add global alloc override by Moises Guimaraes */
/* default to libc stuff */
/* XREALLOC is used once in normal math lib, not in fast math lib */
/* XFREE on some embedded systems doesn't like free(0) so test */
#if defined(HAVE_IO_POOL)
WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type);
WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type);
WOLFSSL_API void XFREE(void *p, void* heap, int type);
#elif defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_INTEL_QA)
#include <wolfssl/wolfcrypt/port/intel/quickassist_mem.h>
#undef USE_WOLFSSL_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY
@ -208,55 +214,69 @@
#define XREALLOC(p, n, h, t) IntelQaRealloc((p), (n), (h), (t))
#endif /* WOLFSSL_DEBUG_MEMORY */
#elif defined(XMALLOC_USER)
/* prototypes for user heap override functions */
#include <stddef.h> /* for size_t */
extern void *XMALLOC(size_t n, void* heap, int type);
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
/* prototypes for user heap override functions */
#include <stddef.h> /* for size_t */
extern void *XMALLOC(size_t n, void* heap, int type);
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
#elif defined(WOLFSSL_MEMORY_LOG)
#define XMALLOC(n, h, t) xmalloc(n, h, t, __func__, __FILE__, __LINE__)
#define XREALLOC(p, n, h, t) xrealloc(p, n, h, t, __func__, __FILE__, __LINE__)
#define XFREE(p, h, t) xfree(p, h, t, __func__, __FILE__, __LINE__)
/* prototypes for user heap override functions */
#include <stddef.h> /* for size_t */
#include <stdlib.h>
extern void *xmalloc(size_t n, void* heap, int type, const char* func,
const char* file, unsigned int line);
extern void *xrealloc(void *p, size_t n, void* heap, int type,
const char* func, const char* file, unsigned int line);
extern void xfree(void *p, void* heap, int type, const char* func,
const char* file, unsigned int line);
#elif defined(XMALLOC_OVERRIDE)
/* override the XMALLOC, XFREE and XREALLOC macros */
#elif defined(NO_WOLFSSL_MEMORY)
/* just use plain C stdlib stuff if desired */
#include <stdlib.h>
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
&& !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \
#elif defined(NO_WOLFSSL_MEMORY)
/* just use plain C stdlib stuff if desired */
#include <stdlib.h>
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
&& !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \
&& !defined(WOLFSSL_LEANPSK) && !defined(WOLFSSL_uITRON4)
/* default C runtime, can install different routines at runtime via cbs */
#include <wolfssl/wolfcrypt/memory.h>
/* default C runtime, can install different routines at runtime via cbs */
#include <wolfssl/wolfcrypt/memory.h>
#ifdef WOLFSSL_STATIC_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__)
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__)
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__)
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__)
#else
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t))
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t))
#endif /* WOLFSSL_DEBUG_MEMORY */
#elif !defined(FREERTOS) && !defined(FREERTOS_TCP)
#ifdef WOLFSSL_DEBUG_MEMORY
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
#else
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
#endif /* WOLFSSL_DEBUG_MEMORY */
#endif /* WOLFSSL_STATIC_MEMORY */
#endif
#endif
/* declare/free variable handling for async */
#ifdef WOLFSSL_ASYNC_CRYPT
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT);
VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
#define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \
VAR_TYPE* VAR_NAME = ({ \
VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
if (ptr && INIT_VALUE) { \
XMEMCPY(ptr, INIT_VALUE, sizeof(VAR_TYPE) * VAR_SIZE); \
} \
@ -266,13 +286,13 @@
VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
int idx##VAR_NAME; \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
}
#define FREE_VAR(VAR_NAME, HEAP) \
XFREE(VAR_NAME, HEAP, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(VAR_NAME, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
#define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
XFREE(VAR_NAME[idx##VAR_NAME], HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
XFREE(VAR_NAME[idx##VAR_NAME], (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
}
#else
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
@ -285,40 +305,55 @@
#define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) /* nothing to free, its stack */
#endif
#ifndef WOLFSSL_LEANPSK
char* mystrnstr(const char* s1, const char* s2, unsigned int n);
#if !defined(USE_WOLF_STRTOK) && \
((defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR)) || \
defined(WOLFSSL_TIRTOS) || defined(WOLF_C99))
#define USE_WOLF_STRTOK
#endif
#if !defined(USE_WOLF_STRSEP) && (defined(WOLF_C99))
#define USE_WOLF_STRSEP
#endif
#ifndef STRING_USER
#include <string.h>
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
#define XMEMSET(b,c,l) memset((b),(c),(l))
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
#ifndef STRING_USER
#include <string.h>
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
#define XMEMSET(b,c,l) memset((b),(c),(l))
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
#define XSTRLEN(s1) strlen((s1))
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
/* strstr, strncmp, and strncat only used by wolfSSL proper,
#define XSTRLEN(s1) strlen((s1))
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
/* strstr, strncmp, and strncat only used by wolfSSL proper,
* not required for wolfCrypt only */
#define XSTRSTR(s1,s2) strstr((s1),(s2))
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
#define XSTRSTR(s1,s2) strstr((s1),(s2))
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
#ifdef USE_WOLF_STRSEP
#define XSTRSEP(s1,d) wc_strsep((s1),(d))
#else
#define XSTRSEP(s1,d) strsep((s1),(d))
#endif
#if defined(MICROCHIP_PIC32) || defined(WOLFSSL_TIRTOS)
/* XC32 does not support strncasecmp, so use case sensitive one */
#define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n))
#elif defined(USE_WINDOWS_API)
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
#elif defined(USE_WINDOWS_API) || defined(FREERTOS_TCP_WINSIM)
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
#else
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#endif
#if defined(HAVE_STRINGS_H) && defined(WOLF_C99) && \
!defined(WOLFSSL_SGX)
#include <strings.h>
#endif
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#endif
/* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when
debugging is turned on */
#ifndef USE_WINDOWS_API
#if defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
!defined(NO_STDIO_FILESYSTEM)
#if defined(NO_FILESYSTEM) && (defined(OPENSSL_EXTRA) || \
defined(HAVE_PKCS7)) && !defined(NO_STDIO_FILESYSTEM)
/* case where stdio is not included else where but is needed for
* snprintf */
#include <stdio.h>
@ -330,19 +365,22 @@
#if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN)
/* use only Thread Safe version of strtok */
#if defined(__MINGW32__) || defined(WOLFSSL_TIRTOS) || \
defined(USE_WOLF_STRTOK)
#ifndef USE_WOLF_STRTOK
#define USE_WOLF_STRTOK
#endif
#define XSTRTOK wc_strtok
#if defined(USE_WOLF_STRTOK)
#define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
#elif defined(USE_WINDOWS_API) || defined(INTIME_RTOS)
#define XSTRTOK strtok_s
#define XSTRTOK(s1,d,ptr) strtok_s((s1),(d),(ptr))
#else
#define XSTRTOK strtok_r
#define XSTRTOK(s1,d,ptr) strtok_r((s1),(d),(ptr))
#endif
#endif
#endif
#endif
#ifdef USE_WOLF_STRTOK
WOLFSSL_API char* wc_strtok(char *str, const char *delim, char **nextp);
#endif
#ifdef USE_WOLF_STRSEP
WOLFSSL_API char* wc_strsep(char **stringp, const char *delim);
#endif
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
!defined(NO_STDIO_FILESYSTEM)
@ -352,20 +390,20 @@
#endif
#endif /* OPENSSL_EXTRA */
#ifndef CTYPE_USER
#include <ctype.h>
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
#ifndef CTYPE_USER
#include <ctype.h>
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA)
#define XTOUPPER(c) toupper((c))
#define XISALPHA(c) isalpha((c))
#endif
/* needed by wolfSSL_check_domain_name() */
#define XTOLOWER(c) tolower((c))
#endif
#define XTOUPPER(c) toupper((c))
#define XISALPHA(c) isalpha((c))
#endif
/* needed by wolfSSL_check_domain_name() */
#define XTOLOWER(c) tolower((c))
#endif
/* memory allocation types for user hints */
enum {
/* memory allocation types for user hints */
enum {
DYNAMIC_TYPE_CA = 1,
DYNAMIC_TYPE_CERT = 2,
DYNAMIC_TYPE_KEY = 3,
@ -449,60 +487,147 @@
DYNAMIC_TYPE_DIRCTX = 81,
DYNAMIC_TYPE_HASHCTX = 82,
DYNAMIC_TYPE_SEED = 83,
DYNAMIC_TYPE_SYMETRIC_KEY = 84,
DYNAMIC_TYPE_SYMMETRIC_KEY= 84,
DYNAMIC_TYPE_ECC_BUFFER = 85,
DYNAMIC_TYPE_QSH = 86,
DYNAMIC_TYPE_SALT = 87,
DYNAMIC_TYPE_HASH_TMP = 88,
DYNAMIC_TYPE_BLOB = 89,
DYNAMIC_TYPE_NAME_ENTRY = 90,
};
};
/* max error buffer string size */
/* max error buffer string size */
#ifndef WOLFSSL_MAX_ERROR_SZ
#define WOLFSSL_MAX_ERROR_SZ 80
#define WOLFSSL_MAX_ERROR_SZ 80
#endif
/* stack protection */
enum {
MIN_STACK_BUFFER = 8
};
/* stack protection */
enum {
MIN_STACK_BUFFER = 8
};
/* Algorithm Types */
enum wc_AlgoType {
WC_ALGO_TYPE_NONE = 0,
WC_ALGO_TYPE_HASH = 1,
WC_ALGO_TYPE_CIPHER = 2,
WC_ALGO_TYPE_PK = 3,
/* settings detection for compile vs runtime math incompatibilities */
enum {
#if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
CTC_SETTINGS = 0x0
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
CTC_SETTINGS = 0x1
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
CTC_SETTINGS = 0x2
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
CTC_SETTINGS = 0x4
#elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
CTC_SETTINGS = 0x8
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
CTC_SETTINGS = 0x10
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
CTC_SETTINGS = 0x20
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
CTC_SETTINGS = 0x40
#else
#error "bad math long / long long settings"
#endif
};
WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_PK
};
/* hash types */
enum wc_HashType {
#if defined(HAVE_SELFTEST) || defined(HAVE_FIPS)
/* In selftest build, WC_* types are not mapped to WC_HASH_TYPE types.
* Values here are based on old selftest hmac.h enum, with additions */
WC_HASH_TYPE_NONE = 15,
WC_HASH_TYPE_MD2 = 16,
WC_HASH_TYPE_MD4 = 17,
WC_HASH_TYPE_MD5 = 0,
WC_HASH_TYPE_SHA = 1, /* SHA-1 (not old SHA-0) */
WC_HASH_TYPE_SHA224 = 8,
WC_HASH_TYPE_SHA256 = 2,
WC_HASH_TYPE_SHA384 = 5,
WC_HASH_TYPE_SHA512 = 4,
WC_HASH_TYPE_MD5_SHA = 18,
WC_HASH_TYPE_SHA3_224 = 10,
WC_HASH_TYPE_SHA3_256 = 11,
WC_HASH_TYPE_SHA3_384 = 12,
WC_HASH_TYPE_SHA3_512 = 13,
WC_HASH_TYPE_BLAKE2B = 14,
WC_HASH_TYPE_MAX = WC_HASH_TYPE_MD5_SHA
#else
WC_HASH_TYPE_NONE = 0,
WC_HASH_TYPE_MD2 = 1,
WC_HASH_TYPE_MD4 = 2,
WC_HASH_TYPE_MD5 = 3,
WC_HASH_TYPE_SHA = 4, /* SHA-1 (not old SHA-0) */
WC_HASH_TYPE_SHA224 = 5,
WC_HASH_TYPE_SHA256 = 6,
WC_HASH_TYPE_SHA384 = 7,
WC_HASH_TYPE_SHA512 = 8,
WC_HASH_TYPE_MD5_SHA = 9,
WC_HASH_TYPE_SHA3_224 = 10,
WC_HASH_TYPE_SHA3_256 = 11,
WC_HASH_TYPE_SHA3_384 = 12,
WC_HASH_TYPE_SHA3_512 = 13,
WC_HASH_TYPE_BLAKE2B = 14,
WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2B
#endif /* HAVE_SELFTEST */
};
/* cipher types */
enum wc_CipherType {
WC_CIPHER_NONE = 0,
WC_CIPHER_AES = 1,
WC_CIPHER_AES_CBC = 2,
WC_CIPHER_AES_GCM = 3,
WC_CIPHER_AES_CTR = 4,
WC_CIPHER_AES_XTS = 5,
WC_CIPHER_AES_CFB = 6,
WC_CIPHER_DES3 = 7,
WC_CIPHER_DES = 8,
WC_CIPHER_CHACHA = 9,
WC_CIPHER_HC128 = 10,
WC_CIPHER_IDEA = 11,
WC_CIPHER_MAX = WC_CIPHER_HC128
};
/* PK=public key (asymmetric) based algorithms */
enum wc_PkType {
WC_PK_TYPE_NONE = 0,
WC_PK_TYPE_RSA = 1,
WC_PK_TYPE_DH = 2,
WC_PK_TYPE_ECDH = 3,
WC_PK_TYPE_ECDSA_SIGN = 4,
WC_PK_TYPE_ECDSA_VERIFY = 5,
WC_PK_TYPE_ED25519 = 6,
WC_PK_TYPE_CURVE25519 = 7,
WC_PK_TYPE_RSA_KEYGEN = 8,
WC_PK_TYPE_EC_KEYGEN = 9,
WC_PK_TYPE_MAX = WC_PK_TYPE_EC_KEYGEN
};
WOLFSSL_API word32 CheckRunTimeSettings(void);
/* settings detection for compile vs runtime math incompatibilities */
enum {
#if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
CTC_SETTINGS = 0x0
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
CTC_SETTINGS = 0x1
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
CTC_SETTINGS = 0x2
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
CTC_SETTINGS = 0x4
#elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
CTC_SETTINGS = 0x8
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
CTC_SETTINGS = 0x10
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
CTC_SETTINGS = 0x20
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
CTC_SETTINGS = 0x40
#else
#error "bad math long / long long settings"
#endif
};
/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long
types need to match at compile time and run time, CheckCtcSettings will
return 1 if a match otherwise 0 */
#define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings())
/* invalid device id */
#define INVALID_DEVID -2
WOLFSSL_API word32 CheckRunTimeSettings(void);
/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long
types need to match at compile time and run time, CheckCtcSettings will
return 1 if a match otherwise 0 */
#define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings())
/* invalid device id */
#define INVALID_DEVID -2
/* AESNI requires alignment and ARMASM gains some performance from it */
@ -617,9 +742,16 @@
#define WC_NORETURN
#endif
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \
defined(WOLFSSL_DEBUG_MATH) || defined(DEBUG_WOLFSSL) || \
defined(WOLFSSL_PUBLIC_MP) || defined(OPENSSL_EXTRA) || \
(defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT))
#undef WC_MP_TO_RADIX
#define WC_MP_TO_RADIX
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_TYPES_H */

23
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h
View File

@ -1,12 +1,12 @@
/* visibility.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -18,7 +18,10 @@
/* for compatibility and so that fips is using same name of macro @wc_fips */
#ifdef HAVE_FIPS
/* The following visibility wrappers are for old FIPS. New FIPS should use
* the same as a non-FIPS build. */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#include <cyassl/ctaocrypt/visibility.h>
#define WOLFSSL_API CYASSL_API
#define WOLFSSL_LOCAL CYASSL_LOCAL
@ -31,19 +34,19 @@
*/
#if defined(BUILDING_WOLFSSL)
#if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
#define WOLFSSL_API __attribute__ ((visibility("default")))
#define WOLFSSL_LOCAL __attribute__ ((visibility("hidden")))
#elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
#define WOLFSSL_API __global
#define WOLFSSL_LOCAL __hidden
#elif defined(_MSC_VER) || defined(__MINGW32__)
#if defined(_MSC_VER) || defined(__MINGW32__)
#if defined(WOLFSSL_DLL)
#define WOLFSSL_API __declspec(dllexport)
#else
#define WOLFSSL_API
#endif
#define WOLFSSL_LOCAL
#elif defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
#define WOLFSSL_API __attribute__ ((visibility("default")))
#define WOLFSSL_LOCAL __attribute__ ((visibility("hidden")))
#elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
#define WOLFSSL_API __global
#define WOLFSSL_LOCAL __hidden
#else
#define WOLFSSL_API
#define WOLFSSL_LOCAL

126
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h Normal file → Executable file
View File

@ -1,16 +1,18 @@
/* wc_port.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/wc_port.h
*/
#ifndef WOLF_CRYPT_PORT_H
#define WOLF_CRYPT_PORT_H
@ -22,6 +24,14 @@
extern "C" {
#endif
/* Detect if compiler supports C99. "NO_WOLF_C99" can be defined in
* user_settings.h to disable checking for C99 support. */
#if !defined(WOLF_C99) && defined(__STDC_VERSION__) && \
!defined(WOLFSSL_ARDUINO) && !defined(NO_WOLF_C99)
#if __STDC_VERSION__ >= 199901L
#define WOLF_C99
#endif
#endif
#ifdef USE_WINDOWS_API
#ifdef WOLFSSL_GAME_BUILD
@ -55,6 +65,8 @@
/* do nothing */
#elif defined(FREESCALE_FREE_RTOS)
#include "fsl_os_abstraction.h"
#elif defined(WOLFSSL_VXWORKS)
#include <semLib.h>
#elif defined(WOLFSSL_uITRON4)
#include "stddef.h"
#include "kernel.h"
@ -78,6 +90,13 @@
#elif defined(INTIME_RTOS)
#include <rt.h>
#include <io.h>
#elif defined(WOLFSSL_NUCLEUS_1_2)
/* NU_DEBUG needed struct access in nucleus_realloc */
#define NU_DEBUG
#include "plus/nucleus.h"
#include "nucleus.h"
#elif defined(WOLFSSL_APACHE_MYNEWT)
/* do nothing */
#else
#ifndef SINGLE_THREADED
#define WOLFSSL_PTHREADS
@ -125,6 +144,8 @@
typedef MUTEX_STRUCT wolfSSL_Mutex;
#elif defined(FREESCALE_FREE_RTOS)
typedef mutex_t wolfSSL_Mutex;
#elif defined(WOLFSSL_VXWORKS)
typedef SEM_ID wolfSSL_Mutex;
#elif defined(WOLFSSL_uITRON4)
typedef struct wolfSSL_Mutex {
T_CSEM sem ;
@ -149,6 +170,8 @@
typedef mutex_t * wolfSSL_Mutex;
#elif defined(INTIME_RTOS)
typedef RTHANDLE wolfSSL_Mutex;
#elif defined(WOLFSSL_NUCLEUS_1_2)
typedef NU_SEMAPHORE wolfSSL_Mutex;
#else
#error Need a mutex type in multithreaded mode
#endif /* USE_WINDOWS_API */
@ -254,6 +277,34 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XSEEK_END FS_SEEK_END
#define XBADFILE NULL
#define XFGETS(b,s,f) -2 /* Not ported yet */
#elif defined(WOLFSSL_NUCLEUS_1_2)
#include "fal/inc/fal.h"
#define XFILE FILE*
#define XFOPEN fopen
#define XFSEEK fseek
#define XFTELL ftell
#define XREWIND rewind
#define XFREAD fread
#define XFWRITE fwrite
#define XFCLOSE fclose
#define XSEEK_END PSEEK_END
#define XBADFILE NULL
#elif defined(WOLFSSL_APACHE_MYNEWT)
#include <fs/fs.h>
#define XFILE struct fs_file*
#define XFOPEN mynewt_fopen
#define XFSEEK mynewt_fseek
#define XFTELL mynewt_ftell
#define XREWIND mynewt_rewind
#define XFREAD mynewt_fread
#define XFWRITE mynewt_fwrite
#define XFCLOSE mynewt_fclose
#define XSEEK_END 2
#define XBADFILE NULL
#define XFGETS(b,s,f) -2 /* Not ported yet */
#elif defined(WOLFSSL_USER_FILESYSTEM)
/* To be defined in user_settings.h */
#else
/* stdio, default case */
#include <stdio.h>
@ -274,7 +325,8 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XBADFILE NULL
#define XFGETS fgets
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\
&& !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
#include <dirent.h>
#include <unistd.h>
#include <sys/stat.h>
@ -288,7 +340,8 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define MAX_PATH 256
#endif
#if !defined(NO_WOLFSSL_DIR)
#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_NUCLEUS) && \
!defined(WOLFSSL_NUCLEUS_1_2)
typedef struct ReadDirCtx {
#ifdef USE_WINDOWS_API
WIN32_FIND_DATAA FindFileData;
@ -301,6 +354,8 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
char name[MAX_FILENAME_SZ];
} ReadDirCtx;
#define WC_READDIR_NOFILE -1
WOLFSSL_API int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name);
WOLFSSL_API int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name);
WOLFSSL_API void wc_ReadDirClose(ReadDirCtx* ctx);
@ -308,10 +363,6 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif /* !NO_FILESYSTEM */
#ifdef USE_WOLF_STRTOK
WOLFSSL_LOCAL char* wc_strtok(char *str, const char *delim, char **nextp);
#endif
/* Windows API defines its own min() macro. */
#if defined(USE_WINDOWS_API)
#if defined(min) || defined(WOLFSSL_MYSQL_COMPATIBLE)
@ -367,8 +418,13 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XGMTIME(c, t) gmtime((c))
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
#ifdef FREESCALE_MQX_4_0
#include <time.h>
extern time_t mqx_time(time_t* timer);
#else
#define HAVE_GMTIME_R
#endif
#define XTIME(t1) mqx_time((t1))
#define HAVE_GMTIME_R
#elif defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS)
#include <time.h>
@ -378,7 +434,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif
#define XGMTIME(c, t) gmtime((c))
#elif defined(WOLFSSL_ATMEL)
#elif defined(WOLFSSL_ATMEL) && defined(WOLFSSL_ATMEL_TIME)
#define XTIME(t1) atmel_get_curr_time_and_date((t1))
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
@ -396,24 +452,46 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XTIME(t1) windows_time((t1))
#define WOLFSSL_GMTIME
#elif defined(WOLFSSL_APACHE_MYNEWT)
#include "os/os_time.h"
#define XTIME(t1) mynewt_time((t1))
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#define USE_WOLF_TIME_T
#else
/* default */
/* uses complete <time.h> facility */
#include <time.h>
#if defined(HAVE_SYS_TIME_H)
#include <sys/time.h>
#endif
/* PowerPC time_t is int */
#ifdef __PPC__
#define TIME_T_NOT_LONG
#define TIME_T_NOT_64BIT
#endif
#endif
#ifdef SIZEOF_TIME_T
/* check if size of time_t from autoconf is less than 8 bytes (64bits) */
#if SIZEOF_TIME_T < 8
#undef TIME_T_NOT_64BIT
#define TIME_T_NOT_64BIT
#endif
#endif
#ifdef TIME_T_NOT_LONG
/* one old reference to TIME_T_NOT_LONG in GCC-ARM example README
* this keeps support for the old macro name */
#undef TIME_T_NOT_64BIT
#define TIME_T_NOT_64BIT
#endif
/* Map default time functions */
#if !defined(XTIME) && !defined(TIME_OVERRIDES) && !defined(USER_TIME)
#define XTIME(tl) time((tl))
#endif
#if !defined(XGMTIME) && !defined(TIME_OVERRIDES)
#if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R)
#if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R) || defined(WOLF_C99)
#define XGMTIME(c, t) gmtime((c))
#else
#define XGMTIME(c, t) gmtime_r((c), (t))
@ -444,8 +522,18 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#if defined(USE_WOLF_TIME_T)
typedef long time_t;
#endif
#if defined(USE_WOLF_SUSECONDS_T)
typedef long suseconds_t;
#endif
#if defined(USE_WOLF_TIMEVAL_T)
struct timeval
{
time_t tv_sec;
suseconds_t tv_usec;
};
#endif
/* forward declarations */
/* forward declarations */
#if defined(USER_TIME)
struct tm* gmtime(const time_t* timer);
extern time_t XTIME(time_t * timer);
@ -465,6 +553,16 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif
#endif /* NO_ASN_TIME */
#ifndef WOLFSSL_LEANPSK
char* mystrnstr(const char* s1, const char* s2, unsigned int n);
#endif
#ifndef FILE_BUFFER_SIZE
#define FILE_BUFFER_SIZE 1024 /* default static file buffer size for input,
will use dynamic buffer if not big enough */
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

13
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/wolfmath.h
View File

@ -1,12 +1,12 @@
/* wolfmath.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -42,6 +42,14 @@
int get_rand_digit(WC_RNG* rng, mp_digit* d);
int mp_rand(mp_int* a, int digits, WC_RNG* rng);
enum {
/* format type */
WC_TYPE_HEX_STR = 1,
WC_TYPE_UNSIGNED_BIN = 2,
};
WOLFSSL_API int wc_export_int(mp_int* mp, byte* buf, word32* len,
word32 keySz, int encType);
#ifdef HAVE_WOLF_BIGINT
void wc_bigint_init(WC_BIGINT* a);
@ -52,6 +60,7 @@
void wc_bigint_free(WC_BIGINT* a);
int wc_mp_to_bigint(mp_int* src, WC_BIGINT* dst);
int wc_mp_to_bigint_sz(mp_int* src, WC_BIGINT* dst, word32 sz);
int wc_bigint_to_mp(WC_BIGINT* src, mp_int* dst);
#endif /* HAVE_WOLF_BIGINT */

121
components/ssl/wolfssl/wolfssl/wolfssl/wolfio.h
View File

@ -1,15 +1,18 @@
/* io.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfio.h
*/
#ifndef WOLFSSL_IO_H
#define WOLFSSL_IO_H
@ -18,16 +21,19 @@
extern "C" {
#endif
/* OCSP and CRL_IO require HTTP client */
#if defined(HAVE_OCSP) || defined(HAVE_CRL_IO)
#ifndef HAVE_HTTP_CLIENT
#define HAVE_HTTP_CLIENT
/* Micrium uses NetSock I/O callbacks in wolfio.c */
#if !defined(WOLFSSL_USER_IO)
/* OCSP and CRL_IO require HTTP client */
#if defined(HAVE_OCSP) || defined(HAVE_CRL_IO)
#ifndef HAVE_HTTP_CLIENT
#define HAVE_HTTP_CLIENT
#endif
#endif
#endif
#if !defined(WOLFSSL_USER_IO)
/* Micrium uses NetSock I/O callbacks in wolfio.c */
#if !defined(USE_WOLFSSL_IO) && !defined(MICRIUM)
#if !defined(USE_WOLFSSL_IO) && !defined(MICRIUM) && !defined(WOLFSSL_CONTIKI)
#define USE_WOLFSSL_IO
#endif
#endif
@ -40,7 +46,7 @@
#endif
#ifndef USE_WINDOWS_API
#ifdef WOLFSSL_LWIP
#if defined(WOLFSSL_LWIP) && !defined(WOLFSSL_APACHE_MYNEWT)
/* lwIP needs to be configured to use sockets API in this mode */
/* LWIP_SOCKET 1 in lwip/opt.h or in build */
#include "lwip/sockets.h"
@ -68,6 +74,9 @@
#elif defined(WOLFSSL_VXWORKS)
#include <sockLib.h>
#include <errno.h>
#elif defined(WOLFSSL_NUCLEUS_1_2)
#include <externs.h>
#include <errno.h>
#elif defined(WOLFSSL_ATMEL)
#include "socket/include/socket.h"
#elif defined(INTIME_RTOS)
@ -92,6 +101,8 @@
#include <sys/ioctl.h>
#elif defined(WOLFSSL_SGX)
#include <errno.h>
#elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP)
#include <mn_socket/mn_socket.h>
#elif !defined(WOLFSSL_NO_SOCK)
#include <sys/types.h>
#include <errno.h>
@ -105,7 +116,7 @@
#elif defined(EBSNET)
#include "rtipapi.h" /* errno */
#include "socket.h"
#elif !defined(DEVKITPRO) && !defined(WOLFSSL_PICOTCP)
#elif !defined(DEVKITPRO) && !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_CONTIKI)
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
@ -135,7 +146,6 @@
#define SOCKET_EPIPE WSAEPIPE
#define SOCKET_ECONNREFUSED WSAENOTCONN
#define SOCKET_ECONNABORTED WSAECONNABORTED
#define close(s) closesocket(s)
#elif defined(__PPU)
#define SOCKET_EWOULDBLOCK SYS_NET_EWOULDBLOCK
#define SOCKET_EAGAIN SYS_NET_EAGAIN
@ -187,6 +197,14 @@
#define SOCKET_EPIPE FREERTOS_SOCKET_ERROR
#define SOCKET_ECONNREFUSED FREERTOS_SOCKET_ERROR
#define SOCKET_ECONNABORTED FREERTOS_SOCKET_ERROR
#elif defined(WOLFSSL_NUCLEUS_1_2)
#define SOCKET_EWOULDBLOCK NU_WOULD_BLOCK
#define SOCKET_EAGAIN NU_WOULD_BLOCK
#define SOCKET_ECONNRESET NU_NOT_CONNECTED
#define SOCKET_EINTR NU_NOT_CONNECTED
#define SOCKET_EPIPE NU_NOT_CONNECTED
#define SOCKET_ECONNREFUSED NU_CONNECTION_REFUSED
#define SOCKET_ECONNABORTED NU_NOT_CONNECTED
#else
#define SOCKET_EWOULDBLOCK EWOULDBLOCK
#define SOCKET_EAGAIN EAGAIN
@ -198,13 +216,15 @@
#endif /* USE_WINDOWS_API */
#ifdef DEVKITPRO
/* from network.h */
int net_send(int, const void*, int, unsigned int);
int net_recv(int, void*, int, unsigned int);
#define SEND_FUNCTION net_send
#define RECV_FUNCTION net_recv
#elif defined(WOLFSSL_LWIP)
#elif defined(WOLFSSL_LWIP) && !defined(WOLFSSL_APACHE_MYNEWT)
#define SEND_FUNCTION lwip_send
#define RECV_FUNCTION lwip_recv
#elif defined(WOLFSSL_PICOTCP)
@ -216,6 +236,9 @@
#elif defined(WOLFSSL_VXWORKS)
#define SEND_FUNCTION send
#define RECV_FUNCTION recv
#elif defined(WOLFSSL_NUCLEUS_1_2)
#define SEND_FUNCTION NU_Send
#define RECV_FUNCTION NU_Recv
#else
#define SEND_FUNCTION send
#define RECV_FUNCTION recv
@ -250,6 +273,11 @@
typedef struct hostent HOSTENT;
#endif /* HAVE_SOCKADDR */
/* use gethostbyname for c99 */
#ifdef WOLF_C99
#undef HAVE_GETADDRINFO
#endif
#ifdef HAVE_GETADDRINFO
typedef struct addrinfo ADDRINFO;
#endif
@ -259,7 +287,7 @@
/* IO API's */
#ifdef HAVE_IO_TIMEOUT
WOLFSSL_API int wolfIO_SetBlockingMode(SOCKET_T sockfd, int non_blocking);
WOLFSSL_API void wolfIO_SetTimeout(int to_sec);;
WOLFSSL_API void wolfIO_SetTimeout(int to_sec);
WOLFSSL_API int wolfIO_Select(SOCKET_T sockfd, int to_sec);
#endif
WOLFSSL_API int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip,
@ -270,6 +298,28 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
#endif /* USE_WOLFSSL_IO || HAVE_HTTP_CLIENT */
#ifdef USE_WINDOWS_API
#ifndef CloseSocket
#define CloseSocket(s) closesocket(s)
#endif
#define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
#elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
#ifndef CloseSocket
extern int closesocket(int);
#define CloseSocket(s) closesocket(s)
#endif
#define StartTCP()
#else
#ifndef CloseSocket
#define CloseSocket(s) close(s)
#endif
#define StartTCP()
#ifdef FREERTOS_TCP_WINSIM
extern int close(int);
#endif
#endif
WOLFSSL_API int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx);
WOLFSSL_API int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
#if defined(USE_WOLFSSL_IO)
@ -334,8 +384,11 @@ WOLFSSL_API int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
/* I/O callbacks */
typedef int (*CallbackIORecv)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
typedef int (*CallbackIOSend)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
WOLFSSL_API void wolfSSL_SetIORecv(WOLFSSL_CTX*, CallbackIORecv);
WOLFSSL_API void wolfSSL_SetIOSend(WOLFSSL_CTX*, CallbackIOSend);
WOLFSSL_API void wolfSSL_CTX_SetIORecv(WOLFSSL_CTX*, CallbackIORecv);
WOLFSSL_API void wolfSSL_CTX_SetIOSend(WOLFSSL_CTX*, CallbackIOSend);
/* deprecated old name */
#define wolfSSL_SetIORecv wolfSSL_CTX_SetIORecv
#define wolfSSL_SetIOSend wolfSSL_CTX_SetIOSend
WOLFSSL_API void wolfSSL_SetIOReadCtx( WOLFSSL* ssl, void *ctx);
WOLFSSL_API void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *ctx);
@ -364,6 +417,46 @@ WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags);
WOLFSSL_LOCAL int MicriumSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx);
#endif /* MICRIUM */
#if defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP)
WOLFSSL_LOCAL int Mynewt_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx);
WOLFSSL_LOCAL int Mynewt_Send(WOLFSSL* ssl, char *buf, int sz, void *ctx);
WOLFSSL_API void wolfSSL_SetIO_Mynewt(WOLFSSL* ssl, struct mn_socket* mnSocket,
struct mn_sockaddr_in* mnSockAddrIn);
#endif /* defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) */
#ifdef WOLFSSL_UIP
struct uip_wolfssl_ctx {
union socket_connector {
struct tcp_socket tcp;
struct udp_socket udp;
} conn;
WOLFSSL_CTX *ctx;
WOLFSSL *ssl;
uint8_t *input_databuf;
uint8_t *output_databuf;
uint8_t *ssl_rx_databuf;
int ssl_rb_len;
int ssl_rb_off;
struct process *process;
tcp_socket_data_callback_t input_callback;
tcp_socket_event_callback_t event_callback;
int closing;
uip_ipaddr_t peer_addr;
uint16_t peer_port;
};
typedef struct uip_wolfssl_ctx uip_wolfssl_ctx;
WOLFSSL_LOCAL int uIPSend(WOLFSSL* ssl, char* buf, int sz, void* ctx);
WOLFSSL_LOCAL int uIPReceive(WOLFSSL* ssl, char* buf, int sz,
void* ctx);
WOLFSSL_LOCAL int uIPReceiveFrom(WOLFSSL* ssl, char* buf, int sz,
void* ctx);
WOLFSSL_LOCAL int uIPSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx);
#endif
#ifdef WOLFSSL_DTLS
typedef int (*CallbackGenCookie)(WOLFSSL* ssl, unsigned char* buf, int sz,
void* ctx);