espressif/ESP8266_RTOS_SDK
1
0
Fork 0
mirror of https://github.com/espressif/ESP8266_RTOS_SDK.git synced 2025-05-26 11:57:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'feature/update_wolfssl_to_commercial_version_3.15.7' into 'master'

Browse Source 
feat(wolfssl): update wolfssl to commercial version 3.15.7

See merge request sdk/ESP8266_RTOS_SDK!716
This commit is contained in:
Wu Jian Gang
2019-01-14 20:31:38 +08:00
parent e7d73894f5 f56dfe2b14
commit 74b4a550de
42 changed files with 3250 additions and 1457 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
components/ssl/Kconfig
View File

@ -2,7 +2,7 @@ menu "SSL"
choice SSL_LIBRARY_CHOOSE
prompt "Choose SSL/TLS library"
default SSL_USING_WOLFSSL
default SSL_USING_MBEDTLS
help
Choose the SSL/TLS library which you want to use.
@ -16,6 +16,17 @@ config SSL_USING_WOLFSSL
bool "wolfSSL"
endchoice
menu "wolfSSL"
depends on SSL_USING_WOLFSSL
config WOLFSSL_DEBUG
bool "Enable wolfSSL debugging"
default n
help
Enable wolfSSL debugging functions at compile time.
endmenu # wolfSSL
menu "mbedTLS"
depends on SSL_USING_MBEDTLS

5
components/ssl/component.mk
View File

@ -5,8 +5,13 @@
ifdef CONFIG_SSL_USING_WOLFSSL
COMPONENT_ADD_INCLUDEDIRS := wolfssl/include wolfssl/wolfssl wolfssl/wolfssl/wolfssl
ifdef CONFIG_WOLFSSL_DEBUG
WOLFSSLLIB = wolfssl_debug
COMPONENT_ADD_LDFLAGS := -L $(COMPONENT_PATH)/wolfssl/lib -lwolfssl_debug
else
WOLFSSLLIB = wolfssl
COMPONENT_ADD_LDFLAGS := -L $(COMPONENT_PATH)/wolfssl/lib -lwolfssl
endif
# re-link program if wolfssl library change
COMPONENT_ADD_LINKER_DEPS := $(patsubst %,$(COMPONENT_PATH)/wolfssl/lib/lib%.a,$(WOLFSSLLIB))

4
components/ssl/wolfssl/include/user_settings.h
View File

@ -31,6 +31,8 @@
#define NO_RC4
#define NO_RABBIT
#define HAVE_ECC
#define HAVE_AES_ECB
#define WOLFSSL_AES_DIRECT
#define WC_NO_HARDEN
#define FREERTOS
#define WOLFSSL_TYPES
@ -39,6 +41,7 @@
#define WOLFSSL_ALLOW_TLSV10
#define WOLFSSL_SMALL_STACK
#define SMALL_SESSION_CACHE
#define OPENSSL_EXTRA
#define SSL_CTX_use_certificate_ASN1(ctx,len,buf) wolfSSL_CTX_use_certificate_buffer(ctx,buf,len,WOLFSSL_FILETYPE_PEM)
#define SSL_CTX_use_PrivateKey_ASN1(type,ctx,buf,len) wolfSSL_CTX_use_PrivateKey_buffer(ctx,buf,len, WOLFSSL_FILETYPE_PEM)
@ -54,6 +57,7 @@
#endif
#ifndef CUSTOM_RAND_GENERATE_BLOCK
#include "esp_libc.h"
/* To use define the following:*/
#define CUSTOM_RAND_GENERATE_BLOCK os_get_random
#endif

BIN
components/ssl/wolfssl/lib/libwolfssl.a
View File

Binary file not shown.

BIN
components/ssl/wolfssl/lib/libwolfssl_debug.a Normal file
View File

Binary file not shown.

50
components/ssl/wolfssl/wolfssl/wolfssl/openssl/asn1.h Normal file
View File

@ -0,0 +1,50 @@
/* asn1.h
*
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* https://www.wolfssl.com
*/
/* asn1.h for openssl */
#ifndef WOLFSSL_ASN1_H_
#define WOLFSSL_ASN1_H_
#include <wolfssl/openssl/ssl.h>
#define ASN1_STRING_new wolfSSL_ASN1_STRING_type_new
#define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new
#define ASN1_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
#define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */
#define V_ASN1_NEG 0x100
#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
/* Type for ASN1_print_ex */
# define ASN1_STRFLGS_ESC_2253 1
# define ASN1_STRFLGS_ESC_CTRL 2
# define ASN1_STRFLGS_ESC_MSB 4
# define ASN1_STRFLGS_ESC_QUOTE 8
# define ASN1_STRFLGS_UTF8_CONVERT 0x10
# define ASN1_STRFLGS_IGNORE_TYPE 0x20
# define ASN1_STRFLGS_SHOW_TYPE 0x40
# define ASN1_STRFLGS_DUMP_ALL 0x80
# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
# define ASN1_STRFLGS_DUMP_DER 0x200
# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
ASN1_STRFLGS_ESC_CTRL | \
ASN1_STRFLGS_ESC_MSB | \
ASN1_STRFLGS_UTF8_CONVERT | \
ASN1_STRFLGS_DUMP_UNKNOWN | \
ASN1_STRFLGS_DUMP_DER)
#define MBSTRING_UTF8 0x1000
#endif /* WOLFSSL_ASN1_H_ */

11
components/ssl/wolfssl/wolfssl/wolfssl/openssl/bn.h
View File

@ -1,17 +1,22 @@
/* bn.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/* bn.h for openssl */
/*!
\file wolfssl/openssl/bn.h
\brief bn.h for openssl
*/
#ifndef WOLFSSL_BN_H_
#define WOLFSSL_BN_H_
@ -96,7 +101,7 @@ WOLFSSL_API int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM*, int,
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM*,
WOLFSSL_BN_ULONG);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_BN_print_fp(FILE*, const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_print_fp(XFILE, const WOLFSSL_BIGNUM*);
#endif
WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx);

71
components/ssl/wolfssl/wolfssl/wolfssl/openssl/crypto.h Normal file
View File

@ -0,0 +1,71 @@
/* crypto.h
*
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* https://www.wolfssl.com
*/
/* crypto.h for openSSL */
#ifndef WOLFSSL_CRYPTO_H_
#define WOLFSSL_CRYPTO_H_
#include <wolfssl/openssl/opensslv.h>
#include <wolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_crypto.h"
#endif
WOLFSSL_API const char* wolfSSLeay_version(int type);
WOLFSSL_API unsigned long wolfSSLeay(void);
#ifdef OPENSSL_EXTRA
WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
#endif
#define CRYPTO_THREADID void
#define SSLeay_version wolfSSLeay_version
#define SSLeay wolfSSLeay
#define SSLEAY_VERSION 0x0090600fL
#define SSLEAY_VERSION_NUMBER SSLEAY_VERSION
#define CRYPTO_lock wc_LockMutex_ex
/* this function was used to set the default malloc, free, and realloc */
#define CRYPTO_malloc_init() /* CRYPTO_malloc_init is not needed */
#define OPENSSL_free wolfSSL_OPENSSL_free
#define OPENSSL_malloc wolfSSL_OPENSSL_malloc
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
#define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions
#define FIPS_mode wolfSSL_FIPS_mode
#define FIPS_mode_set wolfSSL_FIPS_mode_set
typedef struct CRYPTO_EX_DATA CRYPTO_EX_DATA;
typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int idx,
long argl, void* argp);
#define CRYPTO_THREADID_set_callback wolfSSL_THREADID_set_callback
#define CRYPTO_THREADID_set_numeric wolfSSL_THREADID_set_numeric
#define CRYPTO_r_lock wc_LockMutex_ex
#define CRYPTO_unlock wc_LockMutex_ex
#define CRYPTO_THREAD_lock wc_LockMutex
#define CRYPTO_THREAD_r_lock wc_LockMutex
#define CRYPTO_THREAD_unlock wc_UnLockMutex
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
#endif /* header */

4
components/ssl/wolfssl/wolfssl/wolfssl/openssl/dsa.h
View File

@ -1,12 +1,12 @@
/* dsa.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

29
components/ssl/wolfssl/wolfssl/wolfssl/openssl/ec.h
View File

@ -1,12 +1,12 @@
/* ec.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -24,6 +24,7 @@ extern "C" {
/* Map OpenSSL NID value */
enum {
POINT_CONVERSION_COMPRESSED = 2,
POINT_CONVERSION_UNCOMPRESSED = 4,
#ifdef HAVE_ECC
@ -92,6 +93,10 @@ struct WOLFSSL_EC_KEY {
char exSet; /* external set from internal ? */
};
#define WOLFSSL_EC_KEY_LOAD_PRIVATE 1
#define WOLFSSL_EC_KEY_LOAD_PUBLIC 2
WOLFSSL_API
int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *curve,
const WOLFSSL_EC_POINT *p,
@ -103,6 +108,9 @@ WOLFSSL_API
int wolfSSL_EC_KEY_LoadDer(WOLFSSL_EC_KEY* key,
const unsigned char* der, int derSz);
WOLFSSL_API
int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key,
const unsigned char* der, int derSz, int opt);
WOLFSSL_API
void wolfSSL_EC_KEY_free(WOLFSSL_EC_KEY *key);
WOLFSSL_API
WOLFSSL_EC_POINT *wolfSSL_EC_KEY_get0_public_key(const WOLFSSL_EC_KEY *key);
@ -167,6 +175,14 @@ WOLFSSL_API
int wolfSSL_EC_POINT_is_at_infinity(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *a);
#ifndef HAVE_SELFTEST
WOLFSSL_API
char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
const WOLFSSL_EC_POINT* point, int form,
WOLFSSL_BN_CTX* ctx);
#endif
#define EC_KEY_new wolfSSL_EC_KEY_new
#define EC_KEY_free wolfSSL_EC_KEY_free
#define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key
#define EC_KEY_get0_group wolfSSL_EC_KEY_get0_group
@ -177,25 +193,28 @@ int wolfSSL_EC_POINT_is_at_infinity(const WOLFSSL_EC_GROUP *group,
#define EC_KEY_generate_key wolfSSL_EC_KEY_generate_key
#define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag
#define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key
#define EC_KEY_new wolfSSL_EC_KEY_new
#define EC_GROUP_free wolfSSL_EC_GROUP_free
#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
#define EC_GROUP_new_by_curve_name wolfSSL_EC_GROUP_new_by_curve_name
#define EC_GROUP_cmp wolfSSL_EC_GROUP_cmp
#define EC_GROUP_get_curve_name wolfSSL_EC_GROUP_get_curve_name
#define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree
#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
#define EC_GROUP_free wolfSSL_EC_GROUP_free
#define EC_POINT_new wolfSSL_EC_POINT_new
#define EC_POINT_free wolfSSL_EC_POINT_free
#define EC_POINT_get_affine_coordinates_GFp \
wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_mul wolfSSL_EC_POINT_mul
#define EC_POINT_clear_free wolfSSL_EC_POINT_clear_free
#define EC_POINT_cmp wolfSSL_EC_POINT_cmp
#define EC_POINT_free wolfSSL_EC_POINT_free
#define EC_POINT_is_at_infinity wolfSSL_EC_POINT_is_at_infinity
#ifndef HAVE_SELFTEST
#define EC_POINT_point2hex wolfSSL_EC_POINT_point2hex
#endif
#define EC_POINT_dump wolfSSL_EC_POINT_dump
#ifdef __cplusplus

65
components/ssl/wolfssl/wolfssl/wolfssl/openssl/evp.h
View File

@ -1,19 +1,20 @@
/* evp.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/* evp.h defines mini evp openssl compatibility layer
*
/*!
\file wolfssl/openssl/evp.h
\brief evp.h defines mini evp openssl compatibility layer
*/
@ -51,6 +52,7 @@
extern "C" {
#endif
typedef char WOLFSSL_EVP_CIPHER;
#ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */
typedef char WOLFSSL_EVP_MD;
@ -58,6 +60,9 @@ typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY;
#define WOLFSSL_EVP_TYPE_DEFINED
#endif
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
#ifndef NO_MD4
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void);
#endif
@ -75,8 +80,10 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void);
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void);
#endif
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void);
@ -112,6 +119,7 @@ typedef union {
#endif
} WOLFSSL_Hasher;
typedef struct WOLFSSL_EVP_PKEY_CTX WOLFSSL_EVP_PKEY_CTX;
typedef struct WOLFSSL_EVP_MD_CTX {
union {
@ -119,6 +127,7 @@ typedef struct WOLFSSL_EVP_MD_CTX {
Hmac hmac;
} hash;
unsigned char macType;
WOLFSSL_EVP_PKEY_CTX *pctx;
} WOLFSSL_EVP_MD_CTX;
@ -205,11 +214,11 @@ typedef struct WOLFSSL_EVP_CIPHER_CTX {
int lastUsed;
} WOLFSSL_EVP_CIPHER_CTX;
typedef struct WOLFSSL_EVP_PKEY_CTX {
struct WOLFSSL_EVP_PKEY_CTX {
WOLFSSL_EVP_PKEY *pkey;
int op; /* operation */
int padding;
} WOLFSSL_EVP_PKEY_CTX;
};
typedef int WOLFSSL_ENGINE ;
typedef WOLFSSL_ENGINE ENGINE;
@ -255,12 +264,22 @@ WOLFSSL_API int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_API int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx,
unsigned char *sig, size_t *siglen);
#ifndef NO_MD5
WOLFSSL_API int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx,
const void *d, size_t cnt);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
const unsigned char *sig,
size_t siglen);
WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER*,
const WOLFSSL_EVP_MD*, const unsigned char*,
const unsigned char*, int, int, unsigned char*,
unsigned char*);
#endif
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx);
@ -327,6 +346,10 @@ WOLFSSL_API int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx,
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_get_cipherbynid(int);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_RSA(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_RSA* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_EC_KEY* key);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key);
@ -349,7 +372,11 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
const unsigned char *in, size_t inlen);
WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type);
@ -378,11 +405,14 @@ WOLFSSL_API unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *ciph
WOLFSSL_API unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad);
WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest);
WOLFSSL_API int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API void wolfSSL_EVP_cleanup(void);
WOLFSSL_API int wolfSSL_add_all_algorithms(void);
WOLFSSL_API int wolfSSL_OpenSSL_add_all_algorithms_noconf(void);
WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char * pass, int passlen,
const unsigned char * salt,
@ -467,6 +497,9 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_DigestSignInit wolfSSL_EVP_DigestSignInit
#define EVP_DigestSignUpdate wolfSSL_EVP_DigestSignUpdate
#define EVP_DigestSignFinal wolfSSL_EVP_DigestSignFinal
#define EVP_DigestVerifyInit wolfSSL_EVP_DigestVerifyInit
#define EVP_DigestVerifyUpdate wolfSSL_EVP_DigestVerifyUpdate
#define EVP_DigestVerifyFinal wolfSSL_EVP_DigestVerifyFinal
#define EVP_BytesToKey wolfSSL_EVP_BytesToKey
#define EVP_get_cipherbyname wolfSSL_EVP_get_cipherbyname
@ -508,6 +541,9 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_get_cipherbyname wolfSSL_EVP_get_cipherbyname
#define EVP_get_digestbyname wolfSSL_EVP_get_digestbyname
#define EVP_PKEY_asign_RSA wolfSSL_EVP_PKEY_assign_RSA
#define EVP_PKEY_asign_EC_KEY wolfSSL_EVP_PKEY_assign_EC_KEY
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
#define EVP_PKEY_get1_RSA wolfSSL_EVP_PKEY_get1_RSA
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
#define EVP_PKEY_set1_RSA wolfSSL_EVP_PKEY_set1_RSA
@ -527,6 +563,9 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_PKEY_new wolfSSL_PKEY_new
#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
#define EVP_PKEY_size wolfSSL_EVP_PKEY_size
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id
#define EVP_PKEY_id wolfSSL_EVP_PKEY_id
#define EVP_SignFinal wolfSSL_EVP_SignFinal
#define EVP_SignInit wolfSSL_EVP_SignInit
#define EVP_SignUpdate wolfSSL_EVP_SignUpdate
@ -538,10 +577,18 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_CIPHER_block_size wolfSSL_EVP_CIPHER_block_size
#define EVP_CIPHER_flags wolfSSL_EVP_CIPHER_flags
#define EVP_CIPHER_CTX_set_flags wolfSSL_EVP_CIPHER_CTX_set_flags
#define EVP_CIPHER_CTX_clear_flags wolfSSL_EVP_CIPHER_CTX_clear_flags
#define EVP_CIPHER_CTX_set_padding wolfSSL_EVP_CIPHER_CTX_set_padding
#define EVP_CIPHER_CTX_flags wolfSSL_EVP_CIPHER_CTX_flags
#define EVP_add_digest wolfSSL_EVP_add_digest
#define EVP_add_cipher wolfSSL_EVP_add_cipher
#define EVP_cleanup wolfSSL_EVP_cleanup
#define OpenSSL_add_all_digests() wolfCrypt_Init()
#define OpenSSL_add_all_ciphers() wolfCrypt_Init()
#define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms
#define OpenSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf
#define wolfSSL_OPENSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf
#define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1

84
components/ssl/wolfssl/wolfssl/wolfssl/openssl/hmac.h Normal file
View File

@ -0,0 +1,84 @@
/* hmac.h
*
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* https://www.wolfssl.com
*/
/* hmac.h defines mini hamc openssl compatibility layer
*
*/
#ifndef WOLFSSL_HMAC_H_
#define WOLFSSL_HMAC_H_
#include <wolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_hmac.h"
#endif
#include <wolfssl/openssl/evp.h>
#include <wolfssl/openssl/opensslv.h>
#include <wolfssl/wolfcrypt/hmac.h>
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md,
const void* key, int key_len,
const unsigned char* d, int n, unsigned char* md,
unsigned int* md_len);
typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac;
int type;
word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
} WOLFSSL_HMAC_CTX;
WOLFSSL_API int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx);
WOLFSSL_API int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des,
WOLFSSL_HMAC_CTX* src);
WOLFSSL_LOCAL int wolfSSL_HmacCopy(Hmac* des, Hmac* src);
WOLFSSL_API int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key,
int keylen, const EVP_MD* type);
WOLFSSL_API int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key,
int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e);
WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,
const unsigned char* data, int len);
WOLFSSL_API int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
unsigned int* len);
WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx);
typedef struct WOLFSSL_HMAC_CTX HMAC_CTX;
#define HMAC(a,b,c,d,e,f,g) wolfSSL_HMAC((a),(b),(c),(d),(e),(f),(g))
#define HMAC_CTX_init wolfSSL_HMAC_CTX_Init
#define HMAC_CTX_copy wolfSSL_HMAC_CTX_copy
#define HMAC_Init_ex wolfSSL_HMAC_Init_ex
#define HMAC_Init wolfSSL_HMAC_Init
#define HMAC_Update wolfSSL_HMAC_Update
#define HMAC_Final wolfSSL_HMAC_Final
#define HMAC_cleanup wolfSSL_HMAC_cleanup
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_HMAC_H_ */

4
components/ssl/wolfssl/wolfssl/wolfssl/openssl/md5.h
View File

@ -1,12 +1,12 @@
/* md5.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

7
components/ssl/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
View File

@ -1,12 +1,12 @@
/* opensslv.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -17,7 +17,8 @@
/* api version compatibility */
#if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_SIGNAL)
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
/* version number can be increased for Lighty after compatibility for ECDH
is added */
#define OPENSSL_VERSION_NUMBER 0x10001000L

4
components/ssl/wolfssl/wolfssl/wolfssl/openssl/ripemd.h
View File

@ -1,12 +1,12 @@
/* ripemd.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

24
components/ssl/wolfssl/wolfssl/wolfssl/openssl/rsa.h
View File

@ -1,12 +1,12 @@
/* rsa.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -23,21 +23,9 @@
extern "C" {
#endif
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
#if defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION < 2))
/*
choice of padding added after fips, so not available when using fips RSA
*/
/* Padding types */
#define RSA_PKCS1_PADDING 0
#define RSA_PKCS1_OAEP_PADDING 1
#else
#define RSA_PKCS1_PADDING WC_RSA_PKCSV15_PAD
#define RSA_PKCS1_OAEP_PADDING WC_RSA_OAEP_PAD
#endif /* HAVE_FIPS */
#endif
/* Padding types */
#define RSA_PKCS1_PADDING 0
#define RSA_PKCS1_OAEP_PADDING 1
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_RSA WOLFSSL_RSA;
@ -98,6 +86,7 @@ WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int s
#define WOLFSSL_RSA_LOAD_PRIVATE 1
#define WOLFSSL_RSA_LOAD_PUBLIC 2
#define WOLFSSL_RSA_F4 0x10001L
#define RSA_new wolfSSL_RSA_new
#define RSA_free wolfSSL_RSA_free
@ -114,6 +103,7 @@ WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int s
#define RSA_verify wolfSSL_RSA_verify
#define RSA_public_decrypt wolfSSL_RSA_public_decrypt
#define RSA_F4 WOLFSSL_RSA_F4
#ifdef __cplusplus
} /* extern "C" */

18
components/ssl/wolfssl/wolfssl/wolfssl/openssl/sha.h
View File

@ -1,12 +1,12 @@
/* sha.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -110,7 +110,7 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX;
#define SHA256_Init wolfSSL_SHA256_Init
#define SHA256_Update wolfSSL_SHA256_Update
#define SHA256_Final wolfSSL_SHA256_Final
#if defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS)
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA256 is only available in non-fips mode because of SHA256 enum in FIPS
* build. */
#define SHA256 wolfSSL_SHA256
@ -139,7 +139,11 @@ typedef WOLFSSL_SHA384_CTX SHA384_CTX;
#define SHA384_Init wolfSSL_SHA384_Init
#define SHA384_Update wolfSSL_SHA384_Update
#define SHA384_Final wolfSSL_SHA384_Final
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA384 is only available in non-fips mode because of SHA384 enum in FIPS
* build. */
#define SHA384 wolfSSL_SHA384
#endif
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
@ -164,7 +168,11 @@ typedef WOLFSSL_SHA512_CTX SHA512_CTX;
#define SHA512_Init wolfSSL_SHA512_Init
#define SHA512_Update wolfSSL_SHA512_Update
#define SHA512_Final wolfSSL_SHA512_Final
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA512 is only available in non-fips mode because of SHA512 enum in FIPS
* build. */
#define SHA512 wolfSSL_SHA512
#endif
#endif /* WOLFSSL_SHA512 */

529
components/ssl/wolfssl/wolfssl/wolfssl/openssl/ssl.h
View File

@ -1,12 +1,12 @@
/* ssl.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -27,6 +27,13 @@
#endif /* OPENSSL_EXTRA_SSL_GUARD */
#include <wolfssl/openssl/evp.h>
#ifdef OPENSSL_EXTRA
#include <wolfssl/openssl/crypto.h>
#endif
#if defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY)
#include <wolfssl/wolfcrypt/asn.h>
#endif
#ifdef __cplusplus
extern "C" {
@ -53,13 +60,12 @@ typedef WOLFSSL_X509 X509_REQ;
typedef WOLFSSL_X509_NAME X509_NAME;
typedef WOLFSSL_X509_CHAIN X509_CHAIN;
typedef WOLFSSL_STACK EXTENDED_KEY_USAGE;
/* redeclare guard */
#define WOLFSSL_TYPES_DEFINED
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
typedef WOLFSSL_BIO BIO;
typedef WOLFSSL_BIO_METHOD BIO_METHOD;
typedef WOLFSSL_CIPHER SSL_CIPHER;
@ -88,13 +94,33 @@ typedef WOLFSSL_X509_OBJECT X509_OBJECT;
typedef WOLFSSL_X509_STORE X509_STORE;
typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define EVP_CIPHER_INFO EncryptedInfo
#define STACK_OF(x) WOLFSSL_STACK
#define CRYPTO_free XFREE
#define CRYPTO_malloc XMALLOC
#define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new
#define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup
#define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free
#define STACK_OF(x) WOLFSSL_STACK
/* depreciated */
#define CRYPTO_thread_id wolfSSL_thread_id
#define CRYPTO_set_id_callback wolfSSL_set_id_callback
#define CRYPTO_LOCK 0x01
#define CRYPTO_UNLOCK 0x02
#define CRYPTO_READ 0x04
#define CRYPTO_WRITE 0x08
#define CRYPTO_set_locking_callback wolfSSL_set_locking_callback
#define CRYPTO_set_dynlock_create_callback wolfSSL_set_dynlock_create_callback
#define CRYPTO_set_dynlock_lock_callback wolfSSL_set_dynlock_lock_callback
#define CRYPTO_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback
#define CRYPTO_num_locks wolfSSL_num_locks
#define CRYPTO_dynlock_value WOLFSSL_dynlock_value
#define CRYPTO_cleanup_all_ex_data wolfSSL_cleanup_all_ex_data
/* this function was used to set the default malloc, free, and realloc */
#define CRYPTO_malloc_init() /* CRYPTO_malloc_init is not needed */
@ -106,8 +132,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_get_shared_ciphers(ctx,buf,len) \
wolfSSL_get_shared_ciphers((ctx),(buf),(len))
#define ERR_print_errors_fp(file) wolfSSL_ERR_dump_errors_fp((file))
/* at the moment only returns ok */
#define SSL_get_verify_result wolfSSL_get_verify_result
#define SSL_get_verify_mode wolfSSL_SSL_get_mode
@ -118,25 +142,37 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_use_certificate wolfSSL_use_certificate
#define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1
#define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio
#define d2i_PKCS8PrivateKey_bio wolfSSL_d2i_PKCS8PrivateKey_bio
#define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free
#define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp
#define d2i_PUBKEY wolfSSL_d2i_PUBKEY
#define d2i_PUBKEY_bio wolfSSL_d2i_PUBKEY_bio
#define d2i_PrivateKey wolfSSL_d2i_PrivateKey
#define d2i_AutoPrivateKey wolfSSL_d2i_AutoPrivateKey
#define SSL_use_PrivateKey wolfSSL_use_PrivateKey
#define SSL_use_PrivateKey_ASN1 wolfSSL_use_PrivateKey_ASN1
#define SSL_use_RSAPrivateKey_ASN1 wolfSSL_use_RSAPrivateKey_ASN1
#define SSL_get_privatekey wolfSSL_get_privatekey
#define SSLv23_method wolfSSLv23_method
#define SSLv23_client_method wolfSSLv23_client_method
#define SSLv2_client_method wolfSSLv2_client_method
#define SSLv2_server_method wolfSSLv2_server_method
#define SSLv3_server_method wolfSSLv3_server_method
#define SSLv3_client_method wolfSSLv3_client_method
#define TLSv1_method wolfTLSv1_method
#define TLSv1_server_method wolfTLSv1_server_method
#define TLSv1_client_method wolfTLSv1_client_method
#define TLSv1_1_method wolfTLSv1_1_method
#define TLSv1_1_server_method wolfTLSv1_1_server_method
#define TLSv1_1_client_method wolfTLSv1_1_client_method
#define TLSv1_2_method wolfTLSv1_2_method
#define TLSv1_2_server_method wolfTLSv1_2_server_method
#define TLSv1_2_client_method wolfTLSv1_2_client_method
#define TLSv1_3_method wolfTLSv1_3_method
#define TLSv1_3_server_method wolfTLSv1_3_server_method
#define TLSv1_3_client_method wolfTLSv1_3_client_method
#define X509_FILETYPE_ASN1 SSL_FILETYPE_ASN1
@ -195,10 +231,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_CTX_set_cipher_list wolfSSL_CTX_set_cipher_list
#define SSL_set_cipher_list wolfSSL_set_cipher_list
#define ERR_error_string wolfSSL_ERR_error_string
#define ERR_error_string_n wolfSSL_ERR_error_string_n
#define ERR_reason_error_string wolfSSL_ERR_reason_error_string
#define SSL_set_ex_data wolfSSL_set_ex_data
#define SSL_get_shutdown wolfSSL_get_shutdown
#define SSL_set_rfd wolfSSL_set_rfd
@ -227,19 +259,143 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define DSA_dup_DH wolfSSL_DSA_dup_DH
#define X509_load_certificate_file wolfSSL_X509_load_certificate_file
#define X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID
#define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i
#define X509_digest wolfSSL_X509_digest
#define X509_free wolfSSL_X509_free
#define i2d_X509_bio wolfSSL_i2d_X509_bio
#define d2i_X509_bio wolfSSL_d2i_X509_bio
#define d2i_X509_fp wolfSSL_d2i_X509_fp
#define i2d_X509 wolfSSL_i2d_X509
#define d2i_X509 wolfSSL_d2i_X509
#define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509
#define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX
#define PEM_read_X509 wolfSSL_PEM_read_X509
#define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509
#define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX
#define i2d_X509_REQ wolfSSL_i2d_X509_REQ
#define X509_REQ_new wolfSSL_X509_REQ_new
#define X509_REQ_free wolfSSL_X509_REQ_free
#define X509_REQ_sign wolfSSL_X509_REQ_sign
#define X509_REQ_set_subject_name wolfSSL_X509_REQ_set_subject_name
#define X509_REQ_set_pubkey wolfSSL_X509_REQ_set_pubkey
#define PEM_write_bio_X509_REQ wolfSSL_PEM_write_bio_X509_REQ
#define X509_new wolfSSL_X509_new
#define OPENSSL_free wolfSSL_OPENSSL_free
#define OPENSSL_malloc wolfSSL_OPENSSL_malloc
#define X509_free wolfSSL_X509_free
#define X509_load_certificate_file wolfSSL_X509_load_certificate_file
#define X509_digest wolfSSL_X509_digest
#define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i
#define X509_get_issuer_name wolfSSL_X509_get_issuer_name
#define X509_get_subject_name wolfSSL_X509_get_subject_name
#define X509_get_pubkey wolfSSL_X509_get_pubkey
#define X509_get_notBefore(cert) (ASN1_TIME*)wolfSSL_X509_notBefore((cert))
#define X509_get_notAfter(cert) (ASN1_TIME*)wolfSSL_X509_notAfter((cert))
#define X509_get_serialNumber wolfSSL_X509_get_serialNumber
#define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr
#define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index
#define X509_get_ex_data wolfSSL_X509_get_ex_data
#define X509_set_ex_data wolfSSL_X509_set_ex_data
#define X509_get1_ocsp wolfSSL_X509_get1_ocsp
#ifndef WOLFSSL_HAPROXY
#define X509_get_version wolfSSL_X509_get_version
#endif
#define X509_get_signature_nid wolfSSL_X509_get_signature_nid
#define X509_set_subject_name wolfSSL_X509_set_subject_name
#define X509_set_pubkey wolfSSL_X509_set_pubkey
#define X509_print wolfSSL_X509_print
#define X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string
#define X509_verify_cert wolfSSL_X509_verify_cert
#define X509_check_private_key wolfSSL_X509_check_private_key
#define X509_check_ca wolfSSL_X509_check_ca
#define X509_check_host wolfSSL_X509_check_host
#define X509_email_free wolfSSL_X509_email_free
#define X509_check_issued wolfSSL_X509_check_issued
#define X509_dup wolfSSL_X509_dup
#define sk_X509_new wolfSSL_sk_X509_new
#define sk_X509_num wolfSSL_sk_X509_num
#define sk_X509_value wolfSSL_sk_X509_value
#define sk_X509_push wolfSSL_sk_X509_push
#define sk_X509_pop wolfSSL_sk_X509_pop
#define sk_X509_pop_free wolfSSL_sk_X509_pop_free
#define sk_X509_free wolfSSL_sk_X509_free
#define i2d_X509_NAME wolfSSL_i2d_X509_NAME
#define X509_NAME_new wolfSSL_X509_NAME_new
#define X509_NAME_free wolfSSL_X509_NAME_free
#define X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID
#define X509_NAME_cmp wolfSSL_X509_NAME_cmp
#define X509_NAME_ENTRY_free wolfSSL_X509_NAME_ENTRY_free
#define X509_NAME_ENTRY_create_by_NID wolfSSL_X509_NAME_ENTRY_create_by_NID
#define X509_NAME_add_entry wolfSSL_X509_NAME_add_entry
#define X509_NAME_add_entry_by_txt wolfSSL_X509_NAME_add_entry_by_txt
#define X509_NAME_oneline wolfSSL_X509_NAME_oneline
#define X509_NAME_get_index_by_NID wolfSSL_X509_NAME_get_index_by_NID
#define X509_NAME_print_ex wolfSSL_X509_NAME_print_ex
#define X509_NAME_digest wolfSSL_X509_NAME_digest
#define X509_cmp_current_time wolfSSL_X509_cmp_current_time
#define sk_X509_NAME_pop_free wolfSSL_sk_X509_NAME_pop_free
#define sk_X509_NAME_num wolfSSL_sk_X509_NAME_num
#define sk_X509_NAME_value wolfSSL_sk_X509_NAME_value
typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define X509_NAME_entry_count wolfSSL_X509_NAME_entry_count
#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object
#define X509_NAME_get_entry wolfSSL_X509_NAME_get_entry
#define X509_NAME_ENTRY_get_data wolfSSL_X509_NAME_ENTRY_get_data
#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object
#define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK
#define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL
#define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME
#define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME
#define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS
#define X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert
#define X509_STORE_CTX_set_verify_cb wolfSSL_X509_STORE_CTX_set_verify_cb
#define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new
#define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free
#define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain
#define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error
#define X509_STORE_CTX_get_error_depth wolfSSL_X509_STORE_CTX_get_error_depth
#define X509_STORE_CTX_init wolfSSL_X509_STORE_CTX_init
#define X509_STORE_CTX_cleanup wolfSSL_X509_STORE_CTX_cleanup
#define X509_STORE_CTX_set_error wolfSSL_X509_STORE_CTX_set_error
#define X509_STORE_CTX_get_ex_data wolfSSL_X509_STORE_CTX_get_ex_data
#define X509_STORE_new wolfSSL_X509_STORE_new
#define X509_STORE_free wolfSSL_X509_STORE_free
#define X509_STORE_add_lookup wolfSSL_X509_STORE_add_lookup
#define X509_STORE_add_cert wolfSSL_X509_STORE_add_cert
#define X509_STORE_add_crl wolfSSL_X509_STORE_add_crl
#define X509_STORE_set_flags wolfSSL_X509_STORE_set_flags
#define X509_STORE_get1_certs wolfSSL_X509_STORE_get1_certs
#define X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject
#define X509_STORE_CTX_get1_issuer wolfSSL_X509_STORE_CTX_get1_issuer
#define X509_STORE_CTX_set_time wolfSSL_X509_STORE_CTX_set_time
#define X509_LOOKUP_add_dir wolfSSL_X509_LOOKUP_add_dir
#define X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file
#define X509_LOOKUP_hash_dir wolfSSL_X509_LOOKUP_hash_dir
#define X509_LOOKUP_file wolfSSL_X509_LOOKUP_file
#define d2i_X509_CRL wolfSSL_d2i_X509_CRL
#define d2i_X509_CRL_fp wolfSSL_d2i_X509_CRL_fp
#define PEM_read_X509_CRL wolfSSL_PEM_read_X509_CRL
#define X509_CRL_free wolfSSL_X509_CRL_free
#define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
#define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
#define X509_CRL_verify wolfSSL_X509_CRL_verify
#define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED
#define sk_X509_REVOKED_num wolfSSL_sk_X509_REVOKED_num
#define sk_X509_REVOKED_value wolfSSL_sk_X509_REVOKED_value
#define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
#define OCSP_parse_url wolfSSL_OCSP_parse_url
#define SSLv23_client_method wolfSSLv23_client_method
#define SSLv2_client_method wolfSSLv2_client_method
#define SSLv2_server_method wolfSSLv2_server_method
#define MD4_Init wolfSSL_MD4_Init
#define MD4_Update wolfSSL_MD4_Update
@ -274,9 +430,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define BIO_f_base64 wolfSSL_BIO_f_base64
#define BIO_set_flags wolfSSL_BIO_set_flags
#define OpenSSL_add_all_digests() wolfCrypt_Init()
#define OpenSSL_add_all_ciphers() wolfCrypt_Init()
#define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms
#define SSLeay_add_ssl_algorithms wolfSSL_add_all_algorithms
#define SSLeay_add_all_algorithms wolfSSL_add_all_algorithms
@ -288,6 +441,10 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define RAND_seed wolfSSL_RAND_seed
#define RAND_cleanup wolfSSL_RAND_Cleanup
#define RAND_add wolfSSL_RAND_add
#define RAND_poll wolfSSL_RAND_poll
#define RAND_status wolfSSL_RAND_status
#define RAND_bytes wolfSSL_RAND_bytes
#define RAND_pseudo_bytes wolfSSL_RAND_pseudo_bytes
#define COMP_zlib wolfSSL_COMP_zlib
#define COMP_rle wolfSSL_COMP_rle
@ -295,85 +452,36 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_get_ex_new_index wolfSSL_get_ex_new_index
/* depreciated */
#define CRYPTO_thread_id wolfSSL_thread_id
#define CRYPTO_set_id_callback wolfSSL_set_id_callback
#define CRYPTO_set_locking_callback wolfSSL_set_locking_callback
#define CRYPTO_set_dynlock_create_callback wolfSSL_set_dynlock_create_callback
#define CRYPTO_set_dynlock_lock_callback wolfSSL_set_dynlock_lock_callback
#define CRYPTO_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback
#define CRYPTO_num_locks wolfSSL_num_locks
typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define CRYPTO_LOCK 1
#define CRYPTO_UNLOCK 2
#define CRYPTO_READ 4
#define CRYPTO_WRITE 8
#define X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert
#define X509_STORE_add_cert wolfSSL_X509_STORE_add_cert
#define X509_STORE_set_flags wolfSSL_X509_STORE_set_flags
#define X509_STORE_CTX_set_verify_cb wolfSSL_X509_STORE_CTX_set_verify_cb
#define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free
#define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new
#define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain
#define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error
#define X509_STORE_CTX_get_error_depth wolfSSL_X509_STORE_CTX_get_error_depth
#define X509_print wolfSSL_X509_print
#define X509_NAME_cmp wolfSSL_X509_NAME_cmp
#define i2d_X509_NAME wolfSSL_i2d_X509_NAME
#define X509_NAME_ENTRY_free wolfSSL_X509_NAME_ENTRY_free
#define X509_NAME_ENTRY_create_by_NID wolfSSL_X509_NAME_ENTRY_create_by_NID
#define X509_NAME_add_entry wolfSSL_X509_NAME_add_entry
#define X509_NAME_oneline wolfSSL_X509_NAME_oneline
#define X509_get_issuer_name wolfSSL_X509_get_issuer_name
#define X509_get_subject_name wolfSSL_X509_get_subject_name
#define X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string
#define X509_verify_cert wolfSSL_X509_verify_cert
#define X509_LOOKUP_add_dir wolfSSL_X509_LOOKUP_add_dir
#define X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file
#define X509_LOOKUP_hash_dir wolfSSL_X509_LOOKUP_hash_dir
#define X509_LOOKUP_file wolfSSL_X509_LOOKUP_file
#define X509_STORE_add_lookup wolfSSL_X509_STORE_add_lookup
#define X509_STORE_new wolfSSL_X509_STORE_new
#define X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject
#define X509_STORE_CTX_init wolfSSL_X509_STORE_CTX_init
#define X509_STORE_CTX_cleanup wolfSSL_X509_STORE_CTX_cleanup
#define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
#define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
#define X509_get_pubkey wolfSSL_X509_get_pubkey
#define X509_CRL_verify wolfSSL_X509_CRL_verify
#define X509_STORE_CTX_set_error wolfSSL_X509_STORE_CTX_set_error
#define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
#define EVP_PKEY_new wolfSSL_PKEY_new
#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id
#define d2i_PUBKEY wolfSSL_d2i_PUBKEY
#define X509_cmp_current_time wolfSSL_X509_cmp_current_time
#define sk_X509_REVOKED_num wolfSSL_sk_X509_REVOKED_num
#define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED
#define sk_X509_REVOKED_value wolfSSL_sk_X509_REVOKED_value
#define X509_get_notBefore(cert) (ASN1_TIME*)wolfSSL_X509_notBefore((cert))
#define X509_get_notAfter(cert) (ASN1_TIME*)wolfSSL_X509_notAfter((cert))
#define X509_get_serialNumber wolfSSL_X509_get_serialNumber
#define ASN1_TIME_print wolfSSL_ASN1_TIME_print
#define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print
#define ASN1_TIME_adj wolfSSL_ASN1_TIME_adj
#define ASN1_TIME_print wolfSSL_ASN1_TIME_print
#define ASN1_TIME_to_generalizedtime wolfSSL_ASN1_TIME_to_generalizedtime
#define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print
#define ASN1_GENERALIZEDTIME_free wolfSSL_ASN1_GENERALIZEDTIME_free
#define ASN1_tag2str wolfSSL_ASN1_tag2str
#define i2a_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER
#define i2c_ASN1_INTEGER wolfSSL_i2c_ASN1_INTEGER
#define ASN1_INTEGER_new wolfSSL_ASN1_INTEGER_new
#define ASN1_INTEGER_free wolfSSL_ASN1_INTEGER_free
#define ASN1_INTEGER_cmp wolfSSL_ASN1_INTEGER_cmp
#define ASN1_INTEGER_get wolfSSL_ASN1_INTEGER_get
#define ASN1_INTEGER_to_BN wolfSSL_ASN1_INTEGER_to_BN
#define ASN1_STRING_data wolfSSL_ASN1_STRING_data
#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data
#define ASN1_STRING_length wolfSSL_ASN1_STRING_length
#define ASN1_STRING_to_UTF8 wolfSSL_ASN1_STRING_to_UTF8
#define ASN1_STRING_print_ex wolfSSL_ASN1_STRING_print_ex
#define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr
#define ASN1_IA5STRING WOLFSSL_ASN1_STRING
#define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING
#define SSL_load_client_CA_file wolfSSL_load_client_CA_file
@ -381,20 +489,16 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_CTX_set_client_CA_list wolfSSL_CTX_set_client_CA_list
#define SSL_CTX_set_cert_store wolfSSL_CTX_set_cert_store
#define SSL_CTX_get_cert_store wolfSSL_CTX_get_cert_store
#define X509_STORE_CTX_get_ex_data wolfSSL_X509_STORE_CTX_get_ex_data
#define SSL_get_ex_data_X509_STORE_CTX_idx wolfSSL_get_ex_data_X509_STORE_CTX_idx
#define SSL_get_ex_data wolfSSL_get_ex_data
#define SSL_CTX_set_default_passwd_cb_userdata wolfSSL_CTX_set_default_passwd_cb_userdata
#define SSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb
#define SSL_CTX_set_timeout(ctx, to) wolfSSL_CTX_set_timeout(ctx, (unsigned int) to)
#define SSL_CTX_set_timeout(ctx, to) \
wolfSSL_CTX_set_timeout(ctx, (unsigned int) to)
#define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback
#define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos
#define ERR_peek_error wolfSSL_ERR_peek_error
#define ERR_peek_last_error_line wolfSSL_ERR_peek_last_error_line
#define ERR_peek_errors_fp wolfSSL_ERR_peek_errors_fp
#define ERR_GET_REASON wolfSSL_ERR_GET_REASON
#define SSL_alert_type_string wolfSSL_alert_type_string
#define SSL_alert_desc_string wolfSSL_alert_desc_string
@ -422,7 +526,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_DEFAULT_CIPHER_LIST WOLFSSL_DEFAULT_CIPHER_LIST
#define RSA_F4 WOLFSSL_RSA_F4
#define SSL_CTX_set_psk_client_callback wolfSSL_CTX_set_psk_client_callback
#define SSL_set_psk_client_callback wolfSSL_set_psk_client_callback
@ -454,16 +557,27 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SYS_F_IOCTLSOCKET WOLFSSL_SYS_IOCTLSOCKET
#define SYS_F_LISTEN WOLFSSL_SYS_LISTEN
#define ERR_GET_REASON wolfSSL_ERR_GET_REASON
#define ERR_put_error wolfSSL_ERR_put_error
#define ERR_peek_error wolfSSL_ERR_peek_error
#define ERR_peek_errors_fp wolfSSL_ERR_peek_errors_fp
#define ERR_peek_error_line_data wolfSSL_ERR_peek_error_line_data
#define ERR_peek_last_error wolfSSL_ERR_peek_last_error
#define ERR_peek_last_error_line wolfSSL_ERR_peek_last_error_line
#define ERR_get_error_line wolfSSL_ERR_get_error_line
#define ERR_get_error_line_data wolfSSL_ERR_get_error_line_data
#define ERR_get_error wolfSSL_ERR_get_error
#define ERR_print_errors_fp(file) wolfSSL_ERR_dump_errors_fp((file))
#define ERR_clear_error wolfSSL_ERR_clear_error
#define ERR_free_strings wolfSSL_ERR_free_strings
#define ERR_remove_state wolfSSL_ERR_remove_state
#define ERR_remove_thread_state wolfSSL_ERR_remove_thread_state
#define ERR_error_string wolfSSL_ERR_error_string
#define ERR_error_string_n wolfSSL_ERR_error_string_n
#define ERR_reason_error_string wolfSSL_ERR_reason_error_string
#define ERR_load_BIO_strings wolfSSL_ERR_load_BIO_strings
#define RAND_status wolfSSL_RAND_status
#define RAND_bytes wolfSSL_RAND_bytes
#define RAND_pseudo_bytes wolfSSL_RAND_pseudo_bytes
#define SSLv23_server_method wolfSSLv23_server_method
#define SSL_CTX_set_options wolfSSL_CTX_set_options
#define SSL_CTX_get_options wolfSSL_CTX_get_options
@ -472,11 +586,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_CTX_check_private_key wolfSSL_CTX_check_private_key
#define SSL_check_private_key wolfSSL_check_private_key
#define ERR_free_strings wolfSSL_ERR_free_strings
#define ERR_remove_state wolfSSL_ERR_remove_state
#define EVP_cleanup wolfSSL_EVP_cleanup
#define CRYPTO_cleanup_all_ex_data wolfSSL_cleanup_all_ex_data
#define SSL_CTX_set_mode wolfSSL_CTX_set_mode
#define SSL_CTX_get_mode wolfSSL_CTX_get_mode
#define SSL_CTX_set_default_read_ahead wolfSSL_CTX_set_default_read_ahead
@ -492,16 +601,17 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_want_write wolfSSL_want_write
#define BIO_prf wolfSSL_BIO_prf
#define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr
#define sk_num wolfSSL_sk_num
#define sk_value wolfSSL_sk_value
#define sk_X509_pop wolfSSL_sk_X509_pop
#define sk_X509_free wolfSSL_sk_X509_free
#define i2d_X509_bio wolfSSL_i2d_X509_bio
#define d2i_X509_bio wolfSSL_d2i_X509_bio
#define i2d_X509 wolfSSL_i2d_X509
#define d2i_X509 wolfSSL_d2i_X509
#define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio
#define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp
#define d2i_RSAPublicKey wolfSSL_d2i_RSAPublicKey
#define d2i_RSAPrivateKey wolfSSL_d2i_RSAPrivateKey
#define i2d_RSAPrivateKey wolfSSL_i2d_RSAPrivateKey
#define i2d_RSAPublicKey wolfSSL_i2d_RSAPublicKey
#define SSL_CTX_get_ex_data wolfSSL_CTX_get_ex_data
#define SSL_CTX_set_ex_data wolfSSL_CTX_set_ex_data
@ -515,8 +625,10 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_SESSION_get_timeout wolfSSL_SESSION_get_timeout
#define SSL_SESSION_get_time wolfSSL_SESSION_get_time
#define SSL_CTX_get_ex_new_index wolfSSL_CTX_get_ex_new_index
#define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509
#define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX
#define PEM_read wolfSSL_PEM_read
#define PEM_write wolfSSL_PEM_write
#define PEM_get_EVP_CIPHER_INFO wolfSSL_PEM_get_EVP_CIPHER_INFO
#define PEM_do_header wolfSSL_PEM_do_header
/*#if OPENSSL_API_COMPAT < 0x10100000L*/
#define CONF_modules_free()
@ -535,11 +647,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
/* yassl had set the default to be 500 */
#define SSL_get_default_timeout(ctx) 500
#define X509_NAME_free wolfSSL_X509_NAME_free
#define X509_NAME_new wolfSSL_X509_NAME_new
typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define SSL_CTX_use_certificate wolfSSL_CTX_use_certificate
#define SSL_CTX_use_PrivateKey wolfSSL_CTX_use_PrivateKey
#define BIO_read_filename wolfSSL_BIO_read_filename
@ -548,67 +655,69 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define SSL_set_verify_depth wolfSSL_set_verify_depth
#define SSL_get_app_data wolfSSL_get_app_data
#define SSL_set_app_data wolfSSL_set_app_data
#define X509_NAME_entry_count wolfSSL_X509_NAME_entry_count
#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object
#define X509_NAME_get_entry wolfSSL_X509_NAME_get_entry
#define ASN1_STRING_data wolfSSL_ASN1_STRING_data
#define ASN1_STRING_length wolfSSL_ASN1_STRING_length
#define X509_NAME_get_index_by_NID wolfSSL_X509_NAME_get_index_by_NID
#define X509_NAME_ENTRY_get_data wolfSSL_X509_NAME_ENTRY_get_data
#define sk_X509_NAME_pop_free wolfSSL_sk_X509_NAME_pop_free
#define SHA1 wolfSSL_SHA1
#define X509_check_private_key wolfSSL_X509_check_private_key
#define SSL_dup_CA_list wolfSSL_dup_CA_list
/* NIDs */
enum {
NID_des = 66,
NID_des3 = 67,
NID_sha256 = 672,
NID_sha384 = 673,
NID_sha512 = 674,
NID_hw_name_oid = 73,
NID_id_pkix_OCSP_basic = 74,
NID_any_policy = 75,
NID_anyExtendedKeyUsage = 76,
};
enum {
GEN_DNS = 0x02, /* ASN_DNS_TYPE */
GEN_EMAIL = 0x01, /* ASN_RFC822_TYPE */
GEN_URI = 0x06 /* ASN_URI_TYPE */
};
#define PEM_write_bio_X509_REQ wolfSSL_PEM_write_bio_X509_REQ
#define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
#define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams
#define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509
#define PEM_write_bio_X509_REQ wolfSSL_PEM_write_bio_X509_REQ
#define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX
#ifdef WOLFSSL_HAPROXY
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)
#define SSL_get_rbio wolfSSL_SSL_get_rbio
#define SSL_get_wbio wolfSSL_SSL_get_wbio
#define SSL_do_handshake wolfSSL_SSL_do_handshake
#define SSL_get_ciphers(x) wolfSSL_get_ciphers_compat(x)
#define SSL_SESSION_get_id wolfSSL_SESSION_get_id
#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data
#define SSL_get_cipher_bits(s,np) wolfSSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
#define SSL_get_cipher_bits(s,np) \
wolfSSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
#define sk_SSL_CIPHER_num wolfSSL_sk_SSL_CIPHER_num
#define sk_SSL_COMP_zero wolfSSL_sk_SSL_COMP_zero
#define sk_SSL_CIPHER_value wolfSSL_sk_SSL_CIPHER_value
#endif /* WOLFSSL_HAPROXY */
#endif /* OPENSSL_ALL || WOLFSSL_HAPROXY */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)
#include <wolfssl/openssl/pem.h>
typedef STACK_OF(WOLFSSL_ASN1_OBJECT) GENERAL_NAMES;
#define SSL_CTRL_CHAIN 88
#define BIO_CTRL_WPENDING 13
#define GEN_IPADD 7
#define ERR_LIB_SSL 20
#define SSL_R_SHORT_READ 10
#define ERR_R_PEM_LIB 9
#define V_ASN1_IA5STRING 22
#define SSL_CTRL_MODE 33
#define SSL_CTX_clear_chain_certs(ctx) SSL_CTX_set0_chain(ctx,NULL)
#define d2i_RSAPrivateKey_bio wolfSSL_d2i_RSAPrivateKey_bio
#define SSL_CTX_use_RSAPrivateKey wolfSSL_CTX_use_RSAPrivateKey
#define d2i_PrivateKey_bio wolfSSL_d2i_PrivateKey_bio
#define BIO_new_bio_pair wolfSSL_BIO_new_bio_pair
#define SSL_get_verify_callback wolfSSL_get_verify_callback
#define GENERAL_NAMES_free(GENERAL_NAMES)NULL
#define SSL_set_mode(ssl,op) wolfSSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
#define SSL_CTX_use_certificate_ASN1 wolfSSL_CTX_use_certificate_ASN1
#define SSL_CTX_set0_chain(ctx,sk) \
wolfSSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)(sk))
#define SSL_CTX_get_app_data(ctx) wolfSSL_CTX_get_ex_data(ctx,0)
#define SSL_CTX_set_app_data(ctx,arg) wolfSSL_CTX_set_ex_data(ctx,0, \
(char *)(arg))
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
#define SSL_CTX_set_tmp_dh wolfSSL_CTX_set_tmp_dh
#define BIO_new_file wolfSSL_BIO_new_file
#define BIO_ctrl wolfSSL_BIO_ctrl
#define BIO_ctrl_pending wolfSSL_BIO_ctrl_pending
#define BIO_wpending wolfSSL_BIO_wpending
#define BIO_get_mem_ptr wolfSSL_BIO_get_mem_ptr
#define BIO_int_ctrl wolfSSL_BIO_int_ctrl
#define BIO_reset wolfSSL_BIO_reset
@ -640,8 +749,10 @@ enum {
#define SSL_set_tlsext_status_exts wolfSSL_set_tlsext_status_exts
#define SSL_get_tlsext_status_ids wolfSSL_get_tlsext_status_ids
#define SSL_set_tlsext_status_ids wolfSSL_set_tlsext_status_ids
#define SSL_get_tlsext_status_ocsp_resp wolfSSL_get_tlsext_status_ocsp_resp
#define SSL_get_tlsext_status_ocsp_res wolfSSL_get_tlsext_status_ocsp_resp
#define SSL_set_tlsext_status_ocsp_res wolfSSL_set_tlsext_status_ocsp_resp
#define SSL_set_tlsext_status_ocsp_resp wolfSSL_set_tlsext_status_ocsp_resp
#define SSL_get_tlsext_status_ocsp_resp wolfSSL_get_tlsext_status_ocsp_resp
#define SSL_CTX_add_extra_chain_cert wolfSSL_CTX_add_extra_chain_cert
#define SSL_CTX_get_read_ahead wolfSSL_CTX_get_read_ahead
@ -694,14 +805,9 @@ enum {
#define SSL_ctrl wolfSSL_ctrl
#define SSL_CTX_ctrl wolfSSL_CTX_ctrl
#define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK
#define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL
#define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME
#define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME
#define SSL3_RANDOM_SIZE 32 /* same as RAN_LEN in internal.h */
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA)
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \
|| defined(OPENSSL_ALL)
#include <wolfssl/openssl/asn1.h>
#define SSL2_VERSION 0x0002
@ -717,31 +823,20 @@ enum {
#define SSL_alert_desc_string_long wolfSSL_alert_desc_string_long
#define SSL_alert_type_string_long wolfSSL_alert_type_string_long
#define SSL_CIPHER_get_bits wolfSSL_CIPHER_get_bits
#define sk_X509_NAME_num wolfSSL_sk_X509_NAME_num
#define sk_GENERAL_NAME_num wolfSSL_sk_GENERAL_NAME_num
#define sk_X509_num wolfSSL_sk_X509_num
#define X509_NAME_print_ex wolfSSL_X509_NAME_print_ex
#define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr
#define SSL_CTX_get_options wolfSSL_CTX_get_options
#define SSL_CTX_flush_sessions wolfSSL_flush_sessions
#define SSL_CTX_add_session wolfSSL_CTX_add_session
#define SSL_get_SSL_CTX wolfSSL_get_SSL_CTX
#define SSL_version wolfSSL_version
#define SSL_get_state wolfSSL_get_state
#define SSL_state_string_long wolfSSL_state_string_long
#define sk_X509_NAME_value wolfSSL_sk_X509_NAME_value
#define sk_X509_value wolfSSL_sk_X509_value
#define sk_GENERAL_NAME_value wolfSSL_sk_GENERAL_NAME_value
#define SSL_SESSION_get_ex_data wolfSSL_SESSION_get_ex_data
#define SSL_SESSION_set_ex_data wolfSSL_SESSION_set_ex_data
#define SSL_SESSION_get_ex_new_index wolfSSL_SESSION_get_ex_new_index
#define SSL_SESSION_get_id wolfSSL_SESSION_get_id
#define CRYPTO_dynlock_value WOLFSSL_dynlock_value
typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define X509_STORE_get1_certs wolfSSL_X509_STORE_get1_certs
#define sk_X509_pop_free wolfSSL_sk_X509_pop_free
#define sk_GENERAL_NAME_pop_free wolfSSL_sk_GENERAL_NAME_pop_free
#define GENERAL_NAME_free NULL
@ -760,7 +855,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define PSK_MAX_PSK_LEN 256
#define PSK_MAX_IDENTITY_LEN 128
#define ERR_remove_thread_state WOLFSSL_ERR_remove_thread_state
#define SSL_CTX_clear_options wolfSSL_CTX_clear_options
@ -768,37 +862,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define SSL_CTX_get_default_passwd_cb wolfSSL_CTX_get_default_passwd_cb
#define SSL_CTX_get_default_passwd_cb_userdata wolfSSL_CTX_get_default_passwd_cb_userdata
/* certificate extension NIDs */
#define NID_basic_constraints 133
#define NID_key_usage 129 /* 2.5.29.15 */
#define NID_ext_key_usage 151 /* 2.5.29.37 */
#define NID_subject_key_identifier 128
#define NID_authority_key_identifier 149
#define NID_private_key_usage_period 130 /* 2.5.29.16 */
#define NID_subject_alt_name 131
#define NID_issuer_alt_name 132
#define NID_info_access 69
#define NID_sinfo_access 79 /* id-pe 11 */
#define NID_name_constraints 144 /* 2.5.29.30 */
#define NID_certificate_policies 146
#define NID_policy_mappings 147
#define NID_policy_constraints 150
#define NID_inhibit_any_policy 168 /* 2.5.29.54 */
#define NID_tlsfeature 92 /* id-pe 24 */
#define NID_commonName 0x03 /* matchs ASN_COMMON_NAME in asn.h */
#define NID_domainComponent 0x19
/* matchs ASN_DOMAIN_COMPONENT in asn.h */
/* matchs ASN_..._NAME in asn.h */
#define NID_surname 0x04, /* SN */
#define NID_serialNumber 0x05, /* serialNumber */
#define NID_countryName 0x06, /* C */
#define NID_localityName 0x07, /* L */
#define NID_stateOrProvinceName 0x08, /* ST */
#define NID_organizationName 0x0a, /* O */
#define NID_organizationalUnitName 0x0b, /* OU */
#define SSL_CTX_set_msg_callback wolfSSL_CTX_set_msg_callback
#define SSL_set_msg_callback wolfSSL_set_msg_callback
#define SSL_CTX_set_msg_callback_arg wolfSSL_CTX_set_msg_callback_arg
@ -815,7 +878,8 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define ERR_LIB_X509 10
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_MYSQL_COMPATIBLE)
defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_ALL) || \
defined(HAVE_LIGHTY)
#include <wolfssl/error-ssl.h>
@ -844,6 +908,10 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define SSL_R_UNKNOWN_PROTOCOL VERSION_ERROR
#define SSL_R_WRONG_VERSION_NUMBER VERSION_ERROR
#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC ENCRYPT_ERROR
#define SSL_R_HTTPS_PROXY_REQUEST PARSE_ERROR
#define SSL_R_HTTP_REQUEST PARSE_ERROR
#define SSL_R_UNSUPPORTED_PROTOCOL VERSION_ERROR
#ifdef HAVE_SESSION_TICKET
#define SSL_OP_NO_TICKET SSL_OP_NO_TICKET
@ -852,10 +920,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define OPENSSL_config wolfSSL_OPENSSL_config
#define OPENSSL_memdup wolfSSL_OPENSSL_memdup
#define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index
#define X509_get_ex_data wolfSSL_X509_get_ex_data
#define X509_set_ex_data wolfSSL_X509_set_ex_data
#define X509_NAME_digest wolfSSL_X509_NAME_digest
#define SSL_CTX_get_timeout wolfSSL_SSL_CTX_get_timeout
#define SSL_CTX_set_tmp_ecdh wolfSSL_SSL_CTX_set_tmp_ecdh
#define SSL_CTX_remove_session wolfSSL_SSL_CTX_remove_session
@ -864,20 +928,9 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define SSL_do_handshake wolfSSL_SSL_do_handshake
#define SSL_in_init wolfSSL_SSL_in_init
#define SSL_get0_session wolfSSL_SSL_get0_session
#define X509_check_host wolfSSL_X509_check_host
#define i2a_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER
#define ERR_peek_error_line_data wolfSSL_ERR_peek_error_line_data
#define ERR_load_BIO_strings wolfSSL_ERR_load_BIO_strings
#define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb
#define X509_email_free wolfSSL_X509_email_free
#define X509_get1_ocsp wolfSSL_X509_get1_ocsp
#define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb
#define X509_check_issued wolfSSL_X509_check_issued
#define X509_dup wolfSSL_X509_dup
#define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new
#define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free
#define SSL_CTX_get_extra_chain_certs wolfSSL_CTX_get_extra_chain_certs
#define X509_STORE_CTX_get1_issuer wolfSSL_X509_STORE_CTX_get1_issuer
#define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value
#define SSL_get0_alpn_selected wolfSSL_get0_alpn_selected
#define SSL_select_next_proto wolfSSL_select_next_proto
@ -888,16 +941,30 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define SSL_is_server wolfSSL_is_server
#define SSL_CTX_set1_curves_list wolfSSL_CTX_set1_curves_list
#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY */
#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || WOLFSSL_MYSQL_COMPATIBLE ||
OPENSSL_ALL || HAVE_LIGHTY */
#define X509_STORE_CTX_set_time wolfSSL_X509_STORE_CTX_set_time
#ifdef OPENSSL_EXTRA
#define SSL_CTX_add_client_CA wolfSSL_CTX_add_client_CA
#define SSL_CTX_set_srp_password wolfSSL_CTX_set_srp_password
#define SSL_CTX_set_srp_username wolfSSL_CTX_set_srp_username
#define SSL_get_SSL_CTX wolfSSL_get_SSL_CTX
#define ERR_NUM_ERRORS 16
#define EVP_PKEY_RSA 6
#define EVP_PKEY_RSA2 19
#define SN_pkcs9_emailAddress "Email"
#define LN_pkcs9_emailAddress "emailAddress"
#define NID_pkcs9_emailAddress 48
#define OBJ_pkcs9_emailAddress 1L,2L,840L,113539L,1L,9L,1L
#define SSL_get_rbio wolfSSL_SSL_get_rbio
#define SSL_get_wbio wolfSSL_SSL_get_wbio
#define SSL_do_handshake wolfSSL_SSL_do_handshake
#endif /* OPENSSL_EXTRA */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* wolfSSL_openssl_h__ */

415
components/ssl/wolfssl/wolfssl/wolfssl/ssl.h
View File

File diff suppressed because it is too large Load Diff

8
components/ssl/wolfssl/wolfssl/wolfssl/version.h
View File

@ -1,12 +1,12 @@
/* wolfssl_version.h.in
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -19,8 +19,8 @@
extern "C" {
#endif
#define LIBWOLFSSL_VERSION_STRING "3.14.0"
#define LIBWOLFSSL_VERSION_HEX 0x03014000
#define LIBWOLFSSL_VERSION_STRING "3.15.7"
#define LIBWOLFSSL_VERSION_HEX 0x03015007
#ifdef __cplusplus
}

336
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h
View File

@ -1,15 +1,19 @@
/* aes.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/aes.h
*/
#ifndef WOLF_CRYPT_AES_H
#define WOLF_CRYPT_AES_H
@ -18,8 +22,14 @@
#ifndef NO_AES
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
/* included for fips @wc_fips */
#ifdef HAVE_FIPS
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#include <cyassl/ctaocrypt/aes.h>
#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
#define WOLFSSL_AES_COUNTER
@ -29,7 +39,12 @@
#endif
#endif
#ifndef HAVE_FIPS /* to avoid redefinition of macros */
#ifndef WC_NO_RNG
#include <wolfssl/wolfcrypt/random.h>
#endif
#ifdef STM32_CRYPTO
#include <wolfssl/wolfcrypt/port/st/stm32.h>
#endif
#ifdef WOLFSSL_AESNI
@ -39,28 +54,67 @@
#endif /* WOLFSSL_AESNI */
#ifdef WOLFSSL_XILINX_CRYPT
#include "xsecure_aes.h"
#endif
#endif /* HAVE_FIPS */
#ifdef WOLFSSL_AFALG
/* included for struct msghdr */
#include <sys/socket.h>
#endif
#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
#if defined(HAVE_AESGCM) && !defined(WC_NO_RNG)
#include <wolfssl/wolfcrypt/random.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifndef HAVE_FIPS /* to avoid redefinition of structures */
/* these are required for FIPS and non-FIPS */
enum {
AES_128_KEY_SIZE = 16, /* for 128 bit */
AES_192_KEY_SIZE = 24, /* for 192 bit */
AES_256_KEY_SIZE = 32, /* for 256 bit */
AES_IV_SIZE = 16, /* always block size */
};
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
enum {
AES_ENC_TYPE = 1, /* cipher unique type */
AES_ENC_TYPE = WC_CIPHER_AES, /* cipher unique type */
AES_ENCRYPTION = 0,
AES_DECRYPTION = 1,
AES_BLOCK_SIZE = 16,
KEYWRAP_BLOCK_SIZE = 8,
AES_BLOCK_SIZE = 16
GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
CCM_NONCE_MIN_SZ = 7,
CCM_NONCE_MAX_SZ = 13,
CTR_SZ = 4,
AES_IV_FIXED_SZ = 4,
#ifdef HAVE_PKCS11
AES_MAX_ID_LEN = 32,
#endif
};
@ -73,6 +127,10 @@ typedef struct Aes {
ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
word32 invokeCtr[2];
word32 nonceSz;
#endif
#ifdef HAVE_AESGCM
ALIGN16 byte H[AES_BLOCK_SIZE];
#ifdef GCM_TABLE
@ -83,6 +141,13 @@ typedef struct Aes {
#ifdef WOLFSSL_AESNI
byte use_aesni;
#endif /* WOLFSSL_AESNI */
#ifdef WOLF_CRYPTO_DEV
int devId;
#endif
#ifdef HAVE_PKCS11
byte id[AES_MAX_ID_LEN];
int idLen;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
word32 asyncKey[AES_MAX_KEY_SIZE/8/sizeof(word32)]; /* raw key */
word32 asyncIv[AES_BLOCK_SIZE/sizeof(word32)]; /* raw IV */
@ -96,6 +161,17 @@ typedef struct Aes {
XCsuDma dma;
word32 key_init[8];
word32 kup;
#endif
#ifdef WOLFSSL_AFALG
int alFd; /* server socket to bind to */
int rdFd; /* socket to read from */
struct msghdr msg;
int dir; /* flag for encrpyt or decrypt */
#endif
#if defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
WC_CRYPTODEV ctx;
#endif
void* heap; /* memory hint to use */
} Aes;
@ -131,10 +207,13 @@ typedef int (*wc_AesAuthDecryptFunc)(Aes* aes, byte* out,
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
#ifdef HAVE_AES_CBC
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif
#ifdef WOLFSSL_AES_CFB
WOLFSSL_API int wc_AesCfbEncrypt(Aes* aes, byte* out,
@ -164,6 +243,7 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
#endif
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_XILINX_CRYPT
WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
@ -181,10 +261,31 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#ifndef WC_NO_RNG
WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz);
WOLFSSL_API int wc_AesGcmSetIV(Aes* aes, word32 ivSz,
const byte* ivFixed, word32 ivFixedSz,
WC_RNG* rng);
WOLFSSL_API int wc_AesGcmEncrypt_ex(Aes* aes, byte* out,
const byte* in, word32 sz,
byte* ivOut, word32 ivOutSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* WC_NO_RNG */
WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz);
#ifndef WC_NO_RNG
WOLFSSL_API int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz, WC_RNG* rng);
WOLFSSL_API int wc_GmacVerify(const byte* key, word32 keySz,
const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
const byte* authTag, word32 authTagSz);
#endif /* WC_NO_RNG */
WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz);
#endif /* HAVE_AESGCM */
@ -200,6 +301,13 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesCcmSetNonce(Aes* aes,
const byte* nonce, word32 nonceSz);
WOLFSSL_API int wc_AesCcmEncrypt_ex(Aes* aes, byte* out,
const byte* in, word32 sz,
byte* ivOut, word32 ivOutSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
#ifdef HAVE_AES_KEYWRAP
WOLFSSL_API int wc_AesKeyWrap(const byte* key, word32 keySz,
@ -213,233 +321,33 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
#endif /* HAVE_AES_KEYWRAP */
#ifdef WOLFSSL_AES_XTS
/*!
\ingroup AES
\brief This is to help with setting keys to correct encrypt or decrypt type.
\note Is up to user to call wc_AesXtsFree on aes key when done.
\return 0 Success
\param aes AES keys for encrypt/decrypt process
\param key buffer holding aes key | tweak key
\param len length of key buffer in bytes. Should be twice that of key size.
i.e. 32 for a 16 byte key.
\param dir direction, either AES_ENCRYPTION or AES_DECRYPTION
\param heap heap hint to use for memory. Can be NULL
\param devId id to use with async crypto. Can be 0
_Example_
\code
XtsAes aes;
if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
word32 len, int dir, void* heap, int devId);
/*!
\ingroup AES
\brief Same process as wc_AesXtsEncrypt but uses a word64 type as the tweak
value instead of a byte array. This just converts the word64 to a
byte array and calls wc_AesXtsEncrypt.
\return 0 Success
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold cipher text
\param in input plain text buffer to encrypt
\param sz size of both out and in buffers
\param sector value to use for tweak
_Example_
\code
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
word64 s = VALUE;
//set up keys with AES_ENCRYPTION as dir
if(wc_AesXtsEncryptSector(&aes, cipher, plain, SIZE, s) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
/*!
\ingroup AES
\brief Same process as wc_AesXtsDecrypt but uses a word64 type as the tweak
value instead of a byte array. This just converts the word64 to a
byte array.
\return 0 Success
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold plain text
\param in input cipher text buffer to decrypt
\param sz size of both out and in buffers
\param sector value to use for tweak
_Example_
\code
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
word64 s = VALUE;
//set up aes key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION
if(wc_AesXtsDecryptSector(&aes, plain, cipher, SIZE, s) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
/*!
\ingroup AES
\brief AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text
Stealing.
\return 0 Success
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold cipher text
\param in input plain text buffer to encrypt
\param sz size of both out and in buffers
\param i value to use for tweak
\param iSz size of i buffer, should always be AES_BLOCK_SIZE but having
this input adds a sanity check on how the user calls the
function.
_Example_
\code
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
unsigned char i[AES_BLOCK_SIZE];
//set up key with AES_ENCRYPTION as dir
if(wc_AesXtsEncrypt(&aes, cipher, plain, SIZE, i, sizeof(i)) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
/*!
\ingroup AES
\brief Same process as encryption but Aes key is AES_DECRYPTION type.
\return 0 Success
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold plain text
\param in input cipher text buffer to decrypt
\param sz size of both out and in buffers
\param i value to use for tweak
\param iSz size of i buffer, should always be AES_BLOCK_SIZE but having
this input adds a sanity check on how the user calls the
function.
_Example_
\code
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
unsigned char i[AES_BLOCK_SIZE];
//set up key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION
if(wc_AesXtsDecrypt(&aes, plain, cipher, SIZE, i, sizeof(i)) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
/*!
\ingroup AES
\brief This is to free up any resources used by the XtsAes structure
\return 0 Success
\param aes AES keys to free
_Example_
\code
XtsAes aes;
if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
*/
WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
#endif
WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
WOLFSSL_API int wc_AesInit(Aes*, void*, int);
WOLFSSL_API void wc_AesFree(Aes*);
WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
#ifdef HAVE_PKCS11
WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
int devId);
#endif
WOLFSSL_API void wc_AesFree(Aes* aes);
#ifdef __cplusplus
} /* extern "C" */

11
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/arc4.h
View File

@ -1,16 +1,18 @@
/* arc4.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/arc4.h
*/
#ifndef WOLF_CRYPT_ARC4_H
#define WOLF_CRYPT_ARC4_H
@ -27,7 +29,8 @@
enum {
ARC4_ENC_TYPE = 4, /* cipher unique type */
ARC4_STATE_SIZE = 256
ARC4_STATE_SIZE = 256,
RC4_KEY_SIZE = 16, /* always 128bit */
};
/* ARC4 encryption and decryption */

507
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h Normal file
View File

@ -0,0 +1,507 @@
/* asn_public.h
*
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/asn_public.h
*/
#ifndef WOLF_CRYPT_ASN_PUBLIC_H
#define WOLF_CRYPT_ASN_PUBLIC_H
#include <wolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
/* guard on redeclaration */
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#endif
#ifndef WC_ED25519KEY_TYPE_DEFINED
typedef struct ed25519_key ed25519_key;
#define WC_ED25519KEY_TYPE_DEFINED
#endif
#ifndef WC_RSAKEY_TYPE_DEFINED
typedef struct RsaKey RsaKey;
#define WC_RSAKEY_TYPE_DEFINED
#endif
#ifndef WC_RNG_TYPE_DEFINED
typedef struct WC_RNG WC_RNG;
#define WC_RNG_TYPE_DEFINED
#endif
/* Certificate file Type */
enum CertType {
CERT_TYPE = 0,
PRIVATEKEY_TYPE,
DH_PARAM_TYPE,
DSA_PARAM_TYPE,
CRL_TYPE,
CA_TYPE,
ECC_PRIVATEKEY_TYPE,
DSA_PRIVATEKEY_TYPE,
CERTREQ_TYPE,
DSA_TYPE,
ECC_TYPE,
RSA_TYPE,
PUBLICKEY_TYPE,
RSA_PUBLICKEY_TYPE,
ECC_PUBLICKEY_TYPE,
TRUSTED_PEER_TYPE,
EDDSA_PRIVATEKEY_TYPE,
ED25519_TYPE,
PKCS12_TYPE,
PKCS8_PRIVATEKEY_TYPE,
PKCS8_ENC_PRIVATEKEY_TYPE
};
/* Signature type, by OID sum */
enum Ctc_SigType {
CTC_SHAwDSA = 517,
CTC_MD2wRSA = 646,
CTC_MD5wRSA = 648,
CTC_SHAwRSA = 649,
CTC_SHAwECDSA = 520,
CTC_SHA224wRSA = 658,
CTC_SHA224wECDSA = 523,
CTC_SHA256wRSA = 655,
CTC_SHA256wECDSA = 524,
CTC_SHA384wRSA = 656,
CTC_SHA384wECDSA = 525,
CTC_SHA512wRSA = 657,
CTC_SHA512wECDSA = 526,
CTC_ED25519 = 256
};
enum Ctc_Encoding {
CTC_UTF8 = 0x0c, /* utf8 */
CTC_PRINTABLE = 0x13 /* printable */
};
#ifndef WC_CTC_NAME_SIZE
#define WC_CTC_NAME_SIZE 64
#endif
#ifndef WC_CTC_MAX_ALT_SIZE
#define WC_CTC_MAX_ALT_SIZE 16384
#endif
enum Ctc_Misc {
CTC_COUNTRY_SIZE = 2,
CTC_NAME_SIZE = WC_CTC_NAME_SIZE,
CTC_DATE_SIZE = 32,
CTC_MAX_ALT_SIZE = WC_CTC_MAX_ALT_SIZE, /* may be huge, default: 16384 */
CTC_SERIAL_SIZE = 16,
#ifdef WOLFSSL_CERT_EXT
/* AKID could contains: hash + (Option) AuthCertIssuer,AuthCertSerialNum
* We support only hash */
CTC_MAX_SKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_AKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_CERTPOL_SZ = 64,
CTC_MAX_CERTPOL_NB = 2 /* Max number of Certificate Policy */
#endif /* WOLFSSL_CERT_EXT */
};
/* DER buffer */
typedef struct DerBuffer {
byte* buffer;
void* heap;
word32 length;
int type; /* enum CertType */
int dynType; /* DYNAMIC_TYPE_* */
} DerBuffer;
enum {
IV_SZ = 32, /* max iv sz */
NAME_SZ = 80, /* max one line */
PEM_PASS_READ = 0,
PEM_PASS_WRITE = 1,
};
typedef int (pem_password_cb)(char* passwd, int sz, int rw, void* userdata);
typedef struct EncryptedInfo {
pem_password_cb* passwd_cb;
void* passwd_userdata;
long consumed; /* tracks PEM bytes consumed */
int cipherType;
word32 keySz;
word32 ivSz; /* salt or encrypted IV size */
char name[NAME_SZ]; /* cipher name, such as "DES-CBC" */
byte iv[IV_SZ]; /* salt or encrypted IV */
word16 set:1; /* if encryption set */
} EncryptedInfo;
#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT)
#ifdef WOLFSSL_EKU_OID
#ifndef CTC_MAX_EKU_NB
#define CTC_MAX_EKU_NB 1
#endif
#ifndef CTC_MAX_EKU_OID_SZ
#define CTC_MAX_EKU_OID_SZ 30
#endif
#else
#undef CTC_MAX_EKU_OID_SZ
#define CTC_MAX_EKU_OID_SZ 0
#endif
#endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_MULTI_ATTRIB
#ifndef CTC_MAX_ATTRIB
#define CTC_MAX_ATTRIB 4
#endif
/* ASN Encoded Name field */
typedef struct NameAttrib {
int sz; /* actual string value length */
int id; /* id of name */
int type; /* enc of name */
char value[CTC_NAME_SIZE]; /* name */
} NameAttrib;
#endif /* WOLFSSL_MULTI_ATTRIB */
typedef struct CertName {
char country[CTC_NAME_SIZE];
char countryEnc;
char state[CTC_NAME_SIZE];
char stateEnc;
char locality[CTC_NAME_SIZE];
char localityEnc;
char sur[CTC_NAME_SIZE];
char surEnc;
char org[CTC_NAME_SIZE];
char orgEnc;
char unit[CTC_NAME_SIZE];
char unitEnc;
char commonName[CTC_NAME_SIZE];
char commonNameEnc;
char serialDev[CTC_NAME_SIZE];
char serialDevEnc;
#ifdef WOLFSSL_CERT_EXT
char busCat[CTC_NAME_SIZE];
char busCatEnc;
char joiC[CTC_NAME_SIZE];
char joiCEnc;
char joiSt[CTC_NAME_SIZE];
char joiStEnc;
#endif
char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */
#ifdef WOLFSSL_MULTI_ATTRIB
NameAttrib name[CTC_MAX_ATTRIB];
#endif
} CertName;
/* for user to fill for certificate generation */
typedef struct Cert {
int version; /* x509 version */
byte serial[CTC_SERIAL_SIZE]; /* serial number */
int serialSz; /* serial size */
int sigType; /* signature algo type */
CertName issuer; /* issuer info */
int daysValid; /* validity days */
int selfSigned; /* self signed flag */
CertName subject; /* subject info */
int isCA; /* is this going to be a CA */
/* internal use only */
int bodySz; /* pre sign total size */
int keyType; /* public key type of subject */
#ifdef WOLFSSL_ALT_NAMES
byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
int altNamesSz; /* altNames size in bytes */
byte beforeDate[CTC_DATE_SIZE]; /* before date copy */
int beforeDateSz; /* size of copy */
byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */
#endif
#ifdef WOLFSSL_CERT_EXT
byte skid[CTC_MAX_SKID_SIZE]; /* Subject Key Identifier */
int skidSz; /* SKID size in bytes */
byte akid[CTC_MAX_AKID_SIZE]; /* Authority Key Identifier */
int akidSz; /* AKID size in bytes */
word16 keyUsage; /* Key Usage */
byte extKeyUsage; /* Extended Key Usage */
#ifdef WOLFSSL_EKU_OID
/* Extended Key Usage OIDs */
byte extKeyUsageOID[CTC_MAX_EKU_NB][CTC_MAX_EKU_OID_SZ];
byte extKeyUsageOIDSz[CTC_MAX_EKU_NB];
#endif
char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ];
word16 certPoliciesNb; /* Number of Cert Policy */
byte issRaw[sizeof(CertName)]; /* raw issuer info */
byte sbjRaw[sizeof(CertName)]; /* raw subject info */
#endif
#ifdef WOLFSSL_CERT_REQ
char challengePw[CTC_NAME_SIZE];
#endif
void* heap; /* heap hint */
} Cert;
/* Initialize and Set Certificate defaults:
version = 3 (0x2)
serial = 0 (Will be randomly generated)
sigType = SHA_WITH_RSA
issuer = blank
daysValid = 500
selfSigned = 1 (true) use subject as issuer
subject = blank
isCA = 0 (false)
keyType = RSA_KEY (default)
*/
WOLFSSL_API int wc_InitCert(Cert*);
WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz,
int keyType, void* key, WC_RNG* rng);
WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*, WC_RNG*);
#ifdef WOLFSSL_CERT_REQ
WOLFSSL_API int wc_MakeCertReq_ex(Cert*, byte* derBuffer, word32 derSz,
int, void*);
WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz,
RsaKey*, ecc_key*);
#endif
WOLFSSL_API int wc_SignCert_ex(int requestSz, int sType, byte* buffer,
word32 buffSz, int keyType, void* key,
WC_RNG* rng);
WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey*, ecc_key*, WC_RNG*);
WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
WC_RNG*);
WOLFSSL_API int wc_SetIssuer(Cert*, const char*);
WOLFSSL_API int wc_SetSubject(Cert*, const char*);
#ifdef WOLFSSL_ALT_NAMES
WOLFSSL_API int wc_SetAltNames(Cert*, const char*);
#endif
WOLFSSL_API int wc_SetIssuerBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetSubjectBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetAltNamesBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
#ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetCertDates(Cert* cert, struct tm* before,
struct tm* after);
#endif
#ifdef WOLFSSL_CERT_EXT
WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey_ex(Cert *cert, int keyType,
void* key);
WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
ecc_key *eckey);
WOLFSSL_API int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz);
WOLFSSL_API int wc_SetAuthKeyId(Cert *cert, const char* file);
WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType,
void* key);
WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
ecc_key *eckey);
WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file);
WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert);
WOLFSSL_API int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz);
WOLFSSL_API int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz);
#ifdef HAVE_NTRU
WOLFSSL_API int wc_SetSubjectKeyIdFromNtruPublicKey(Cert *cert, byte *ntruKey,
word16 ntruKeySz);
#endif
/* Set the KeyUsage.
* Value is a string separated tokens with ','. Accepted tokens are :
* digitalSignature,nonRepudiation,contentCommitment,keyCertSign,cRLSign,
* dataEncipherment,keyAgreement,keyEncipherment,encipherOnly and decipherOnly.
*
* nonRepudiation and contentCommitment are for the same usage.
*/
WOLFSSL_API int wc_SetKeyUsage(Cert *cert, const char *value);
/* Set ExtendedKeyUsage
* Value is a string separated tokens with ','. Accepted tokens are :
* any,serverAuth,clientAuth,codeSigning,emailProtection,timeStamping,OCSPSigning
*/
WOLFSSL_API int wc_SetExtKeyUsage(Cert *cert, const char *value);
#ifdef WOLFSSL_EKU_OID
/* Set ExtendedKeyUsage with unique OID
* oid is expected to be in byte representation
*/
WOLFSSL_API int wc_SetExtKeyUsageOID(Cert *cert, const char *oid, word32 sz,
byte idx, void* heap);
#endif /* WOLFSSL_EKU_OID */
#endif /* WOLFSSL_CERT_EXT */
#ifdef HAVE_NTRU
WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
const byte* ntruKey, word16 keySz,
WC_RNG*);
#endif
#endif /* WOLFSSL_CERT_GEN */
WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz,
const byte** date, byte* format, int* length);
#ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetDateAsCalendarTime(const byte* date, int length,
byte format, struct tm* time);
#endif
#if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
WOLFSSL_API int wc_PemGetHeaderFooter(int type, const char** header,
const char** footer);
#endif
WOLFSSL_API int wc_AllocDer(DerBuffer** pDer, word32 length, int type, void* heap);
WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
#ifdef WOLFSSL_PEM_TO_DER
WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type,
DerBuffer** pDer, void* heap, EncryptedInfo* info, int* eccKey);
WOLFSSL_API int wc_KeyPemToDer(const unsigned char*, int,
unsigned char*, int, const char*);
WOLFSSL_API int wc_CertPemToDer(const unsigned char*, int,
unsigned char*, int, int);
#endif /* WOLFSSL_PEM_TO_DER */
#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
#ifndef NO_FILESYSTEM
WOLFSSL_API int wc_PemPubKeyToDer(const char* fileName,
unsigned char* derBuf, int derSz);
#endif
WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char*, int,
unsigned char*, int);
#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
#ifdef WOLFSSL_CERT_GEN
#ifndef NO_FILESYSTEM
WOLFSSL_API int wc_PemCertToDer(const char* fileName,
unsigned char* derBuf, int derSz);
#endif
#endif /* WOLFSSL_CERT_GEN */
#ifdef WOLFSSL_DER_TO_PEM
WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
word32 outputSz, byte *cipherIno, int type);
#endif
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx,
word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz);
#endif
#ifdef HAVE_ECC
/* private key helpers */
WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*,
ecc_key*, word32);
WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen);
WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output,
word32* outLen);
/* public key helper */
WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*,
ecc_key*, word32);
WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key*, byte* output,
word32 inLen, int with_AlgCurve);
#endif
#ifdef HAVE_ED25519
/* private key helpers */
WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte*, word32*,
ed25519_key*, word32);
WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output,
word32 inLen);
/* public key helper */
WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte*, word32*,
ed25519_key*, word32);
#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key*, byte* output,
word32 inLen, int with_AlgCurve);
#endif
#endif
/* DER encode signature */
WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest,
word32 digSz, int hashOID);
WOLFSSL_API int wc_GetCTC_HashOID(int type);
WOLFSSL_API int wc_GetPkcs8TraditionalOffset(byte* input,
word32* inOutIdx, word32 sz);
WOLFSSL_API int wc_CreatePKCS8Key(byte* out, word32* outSz,
byte* key, word32 keySz, int algoID, const byte* curveOID, word32 oidSz);
#ifndef NO_ASN_TIME
/* Time */
/* Returns seconds (Epoch/UTC)
* timePtr: is "time_t", which is typically "long"
* Example:
long lTime;
rc = wc_GetTime(&lTime, (word32)sizeof(lTime));
*/
WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize);
#endif
#ifdef WOLFSSL_ENCRYPTED_KEYS
WOLFSSL_API int wc_EncryptedInfoGet(EncryptedInfo* info,
const char* cipherInfo);
#endif
#ifdef WOLFSSL_CERT_PIV
typedef struct _wc_CertPIV {
const byte* cert;
word32 certSz;
const byte* certErrDet;
word32 certErrDetSz;
const byte* nonce; /* Identiv Only */
word32 nonceSz; /* Identiv Only */
const byte* signedNonce; /* Identiv Only */
word32 signedNonceSz; /* Identiv Only */
/* flags */
word16 compression:2;
word16 isX509:1;
word16 isIdentiv:1;
} wc_CertPIV;
WOLFSSL_API int wc_ParseCertPIV(wc_CertPIV* cert, const byte* buf, word32 totalSz);
#endif /* WOLFSSL_CERT_PIV */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_ASN_PUBLIC_H */

34
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h
View File

@ -1,15 +1,18 @@
/* des3.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/des3.h
*/
#ifndef WOLF_CRYPT_DES3_H
#define WOLF_CRYPT_DES3_H
@ -18,7 +21,13 @@
#ifndef NO_DES3
#ifdef HAVE_FIPS
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* included for fips @wc_fips */
#include <cyassl/ctaocrypt/des3.h>
#endif
@ -27,17 +36,28 @@
extern "C" {
#endif
#ifndef HAVE_FIPS /* to avoid redefinition of macros */
/* these are required for FIPS and non-FIPS */
enum {
DES_KEY_SIZE = 8, /* des */
DES3_KEY_SIZE = 24, /* 3 des ede */
DES_IV_SIZE = 8, /* should be the same as DES_BLOCK_SIZE */
};
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
enum {
DES_ENC_TYPE = 2, /* cipher unique type */
DES3_ENC_TYPE = 3, /* cipher unique type */
DES_ENC_TYPE = WC_CIPHER_DES, /* cipher unique type */
DES3_ENC_TYPE = WC_CIPHER_DES3, /* cipher unique type */
DES_BLOCK_SIZE = 8,
DES_KS_SIZE = 32,
DES_KS_SIZE = 32, /* internal DES key buffer size */
DES_ENCRYPTION = 0,
DES_DECRYPTION = 1

106
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h
View File

@ -1,15 +1,19 @@
/* ecc.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/ecc.h
*/
#ifndef WOLF_CRYPT_ECC_H
#define WOLF_CRYPT_ECC_H
@ -67,12 +71,12 @@
#define MAX_ECC_BITS 384
#elif defined(HAVE_ECC320)
#define MAX_ECC_BITS 320
#elif !defined(NO_ECC256)
#define MAX_ECC_BITS 256
#elif defined(HAVE_ECC239)
#define MAX_ECC_BITS 239
#elif defined(HAVE_ECC224)
#define MAX_ECC_BITS 224
#elif !defined(NO_ECC256)
#define MAX_ECC_BITS 256
#elif defined(HAVE_ECC192)
#define MAX_ECC_BITS 192
#elif defined(HAVE_ECC160)
@ -109,9 +113,22 @@ enum {
/* max crypto hardware size */
#ifdef WOLFSSL_ATECC508A
ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */
ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2),
#elif defined(PLUTON_CRYPTO_ECC)
ECC_MAX_CRYPTO_HW_SIZE = 32,
#endif
/* point compression type */
ECC_POINT_COMP_EVEN = 0x02,
ECC_POINT_COMP_ODD = 0x03,
ECC_POINT_UNCOMP = 0x04,
/* Shamir's dual add constants */
SHAMIR_PRECOMP_SZ = 16,
#ifdef HAVE_PKCS11
ECC_MAX_ID_LEN = 32,
#endif
};
/* Curve Types */
@ -177,6 +194,7 @@ typedef byte ecc_oid_t;
#endif
/* ECC set type defined a GF(p) curve */
#ifndef USE_WINDOWS_API
typedef struct ecc_set_type {
int size; /* The size of the curve in octets */
int id; /* id of this curve */
@ -192,6 +210,31 @@ typedef struct ecc_set_type {
word32 oidSum; /* sum of encoded OID bytes */
int cofactor;
} ecc_set_type;
#else
/* MSC does something different with the pointers to the arrays than GCC,
* and it causes the FIPS checksum to fail. In the case of windows builds,
* store everything as arrays instead of pointers to strings. */
#define MAX_ECC_NAME 16
#define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 1)
/* The values are stored as text strings. */
typedef struct ecc_set_type {
int size; /* The size of the curve in octets */
int id; /* id of this curve */
const char name[MAX_ECC_NAME]; /* name of this curve */
const char prime[MAX_ECC_STRING]; /* prime that defines the field, curve is in (hex) */
const char Af[MAX_ECC_STRING]; /* fields A param (hex) */
const char Bf[MAX_ECC_STRING]; /* fields B param (hex) */
const char order[MAX_ECC_STRING]; /* order of the curve (hex) */
const char Gx[MAX_ECC_STRING]; /* x coordinate of the base point on curve (hex) */
const char Gy[MAX_ECC_STRING]; /* y coordinate of the base point on curve (hex) */
const ecc_oid_t oid[10];
word32 oidSz;
word32 oidSum; /* sum of encoded OID bytes */
int cofactor;
} ecc_set_type;
#endif
#ifdef ALT_ECC_SIZE
@ -248,10 +291,15 @@ typedef struct ecc_set_type {
* fp_digit array will be shorter. */
typedef struct alt_fp_int {
int used, sign, size;
fp_digit dp[FP_SIZE_ECC];
mp_digit dp[FP_SIZE_ECC];
} alt_fp_int;
#endif /* ALT_ECC_SIZE */
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#endif
/* A point on an ECC curve, stored in Jacbobian format such that (x,y,z) =>
(x/z^2, y/z^3, 1) when interpreted as affine */
@ -266,6 +314,9 @@ typedef struct {
mp_int* z; /* The z coordinate */
alt_fp_int xyz[3];
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
ecc_key* key;
#endif
} ecc_point;
/* ECC Flags */
@ -294,25 +345,37 @@ struct ecc_key {
mp_int k; /* private key */
#ifdef WOLFSSL_ATECC508A
int slot; /* Key Slot Number (-1 unknown) */
byte pubkey_raw[PUB_KEY_SIZE];
byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
#endif
#ifdef PLUTON_CRYPTO_ECC
#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_DEV)
int devId;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
mp_int* r; /* sign/verify temps */
mp_int* s;
WC_ASYNC_DEV asyncDev;
#ifdef HAVE_CAVIUM_V
mp_int* e; /* Sign, Verify and Shared Secret */
mp_int* signK;
#endif
#ifdef WOLFSSL_CERT_GEN
CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
};
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#ifdef HAVE_PKCS11
byte id[ECC_MAX_ID_LEN];
int idLen;
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
mp_int* t1;
mp_int* t2;
#ifdef ALT_ECC_SIZE
mp_int* x;
mp_int* y;
mp_int* z;
#endif
#endif
};
/* ECC predefined curve sets */
@ -388,6 +451,11 @@ WOLFSSL_API
int wc_ecc_init(ecc_key* key);
WOLFSSL_API
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
#ifdef HAVE_PKCS11
WOLFSSL_API
int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
int devId);
#endif
#ifdef WOLFSSL_CUSTOM_CURVES
WOLFSSL_LOCAL
void wc_ecc_free_curve(const ecc_set_type* curve, void* heap);
@ -424,6 +492,8 @@ int wc_ecc_get_curve_id_from_params(int fieldSize,
const byte* Bf, word32 BfSz, const byte* order, word32 orderSz,
const byte* Gx, word32 GxSz, const byte* Gy, word32 GySz, int cofactor);
WOLFSSL_API
int wc_ecc_get_curve_id_from_oid(const byte* oid, word32 len);
WOLFSSL_API
ecc_point* wc_ecc_new_point(void);
@ -474,6 +544,9 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
WOLFSSL_API
int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
WOLFSSL_API
int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz,
byte* out, word32* outlen);
WOLFSSL_API
int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen,
byte* s, word32* sLen);
WOLFSSL_API
@ -482,10 +555,17 @@ int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
WOLFSSL_API
int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy,
const char* d, int curve_id);
WOLFSSL_API
int wc_ecc_import_unsigned(ecc_key* key, byte* qx, byte* qy,
byte* d, int curve_id);
#endif /* HAVE_ECC_KEY_IMPORT */
#ifdef HAVE_ECC_KEY_EXPORT
WOLFSSL_API
int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
byte* qy, word32* qyLen, byte* d, word32* dLen,
int encType);
WOLFSSL_API
int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen,
@ -513,6 +593,8 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
WOLFSSL_API
int wc_ecc_size(ecc_key* key);
WOLFSSL_API
int wc_ecc_sig_size_calc(int sz);
WOLFSSL_API
int wc_ecc_sig_size(ecc_key* key);
WOLFSSL_API

61
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h
View File

@ -1,15 +1,18 @@
/* hash.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/hash.h
*/
#ifndef WOLF_CRYPT_HASH_H
#define WOLF_CRYPT_HASH_H
@ -34,6 +37,13 @@
#ifdef WOLFSSL_SHA3
#include <wolfssl/wolfcrypt/sha3.h>
#endif
#ifndef NO_MD4
#include <wolfssl/wolfcrypt/md4.h>
#endif
#ifdef WOLFSSL_MD2
#include <wolfssl/wolfcrypt/md2.h>
#endif
#ifdef __cplusplus
extern "C" {
@ -44,20 +54,6 @@
#endif
/* Hash types */
enum wc_HashType {
WC_HASH_TYPE_NONE = 0,
WC_HASH_TYPE_MD2 = 1,
WC_HASH_TYPE_MD4 = 2,
WC_HASH_TYPE_MD5 = 3,
WC_HASH_TYPE_SHA = 4, /* SHA-1 (not old SHA-0) */
WC_HASH_TYPE_SHA224 = 9,
WC_HASH_TYPE_SHA256 = 5,
WC_HASH_TYPE_SHA384 = 6,
WC_HASH_TYPE_SHA512 = 7,
WC_HASH_TYPE_MD5_SHA = 8,
};
typedef union {
#ifndef NO_MD5
wc_Md5 md5;
@ -83,29 +79,42 @@ typedef union {
Note if this gets up to the size of 80 or over check smallstack build */
#if defined(WOLFSSL_SHA3)
#define WC_MAX_DIGEST_SIZE WC_SHA3_512_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA3_224_BLOCK_SIZE /* 224 is the largest block size */
#elif defined(WOLFSSL_SHA512)
#define WC_MAX_DIGEST_SIZE WC_SHA512_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA512_BLOCK_SIZE
#elif defined(HAVE_BLAKE2)
#define WC_MAX_DIGEST_SIZE BLAKE2B_OUTBYTES
#define WC_MAX_BLOCK_SIZE BLAKE2B_BLOCKBYTES
#elif defined(WOLFSSL_SHA384)
#define WC_MAX_DIGEST_SIZE WC_SHA384_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA384_BLOCK_SIZE
#elif !defined(NO_SHA256)
#define WC_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA256_BLOCK_SIZE
#elif defined(WOLFSSL_SHA224)
#define WC_MAX_DIGEST_SIZE WC_SHA224_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA224_BLOCK_SIZE
#elif !defined(NO_SHA)
#define WC_MAX_DIGEST_SIZE WC_SHA_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA_BLOCK_SIZE
#elif !defined(NO_MD5)
#define WC_MAX_DIGEST_SIZE WC_MD5_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_MD5_BLOCK_SIZE
#else
#define WC_MAX_DIGEST_SIZE 64 /* default to max size of 64 */
#define WC_MAX_BLOCK_SIZE 128
#endif
#if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC)
WOLFSSL_API int wc_HashGetOID(enum wc_HashType hash_type);
WOLFSSL_API enum wc_HashType wc_OidGetHash(int oid);
#endif
WOLFSSL_API enum wc_HashType wc_HashTypeConvert(int hashType);
WOLFSSL_API int wc_HashGetDigestSize(enum wc_HashType hash_type);
WOLFSSL_API int wc_HashGetBlockSize(enum wc_HashType hash_type);
WOLFSSL_API int wc_Hash(enum wc_HashType hash_type,
const byte* data, word32 data_len,
byte* hash, word32 hash_len);
@ -116,7 +125,7 @@ WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type,
const byte* data, word32 dataSz);
WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type,
byte* out);
WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type);
#ifndef NO_MD5
#include <wolfssl/wolfcrypt/md5.h>
@ -128,22 +137,24 @@ WOLFSSL_API int wc_Md5Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*);
#endif
#ifdef WOLFSSL_SHA224
#include <wolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA224) */
#ifndef NO_SHA256
#include <wolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*);
#if defined(WOLFSSL_SHA224)
WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA224) */
#endif
#ifdef WOLFSSL_SHA384
#include <wolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA384) */
#ifdef WOLFSSL_SHA512
#include <wolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
#if defined(WOLFSSL_SHA384)
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA384) */
#endif /* WOLFSSL_SHA512 */
#ifdef __cplusplus

91
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h
View File

@ -1,16 +1,18 @@
/* hmac.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/hmac.h
*/
#ifndef NO_HMAC
@ -19,17 +21,26 @@
#include <wolfssl/wolfcrypt/hash.h>
#ifdef HAVE_FIPS
/* for fips */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* for fips @wc_fips */
#include <cyassl/ctaocrypt/hmac.h>
#define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE
#endif
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifndef HAVE_FIPS
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
@ -47,63 +58,43 @@ enum {
/* If any hash is not enabled, add the ID here. */
#ifdef NO_MD5
WC_MD5 = 0,
WC_MD5 = WC_HASH_TYPE_MD5,
#endif
#ifdef NO_SHA
WC_SHA = 1,
WC_SHA = WC_HASH_TYPE_SHA,
#endif
#ifdef NO_SHA256
WC_SHA256 = 2,
WC_SHA256 = WC_HASH_TYPE_SHA256,
#endif
#ifndef WOLFSSL_SHA512
WC_SHA512 = 4,
WC_SHA512 = WC_HASH_TYPE_SHA512,
#endif
#ifndef WOLFSSL_SHA384
WC_SHA384 = 5,
WC_SHA384 = WC_HASH_TYPE_SHA384,
#endif
#ifndef HAVE_BLAKE2
BLAKE2B_ID = 7,
BLAKE2B_ID = WC_HASH_TYPE_BLAKE2B,
#endif
#ifndef WOLFSSL_SHA224
WC_SHA224 = 8,
WC_SHA224 = WC_HASH_TYPE_SHA224,
#endif
#ifndef WOLFSSL_SHA3
WC_SHA3_224 = 10,
WC_SHA3_256 = 11,
WC_SHA3_384 = 12,
WC_SHA3_512 = 13,
#else
/* These values are used for HMAC, not SHA-3 directly.
* They come from from FIPS PUB 202. */
WC_SHA3_224_BLOCK_SIZE = 144,
WC_SHA3_256_BLOCK_SIZE = 136,
WC_SHA3_384_BLOCK_SIZE = 104,
WC_SHA3_512_BLOCK_SIZE = 72,
#endif
/* Select the largest available hash for the buffer size. */
#if defined(WOLFSSL_SHA3)
WC_HMAC_BLOCK_SIZE = WC_SHA3_224_BLOCK_SIZE
/* SHA3-224 has the largest block size */
#elif defined(WOLFSSL_SHA512)
WC_HMAC_BLOCK_SIZE = WC_SHA512_BLOCK_SIZE,
#elif defined(HAVE_BLAKE2)
WC_HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES,
#elif defined(WOLFSSL_SHA384)
WC_HMAC_BLOCK_SIZE = WC_SHA384_BLOCK_SIZE
#elif !defined(NO_SHA256)
WC_HMAC_BLOCK_SIZE = WC_SHA256_BLOCK_SIZE
#elif defined(WOLFSSL_SHA224)
WC_HMAC_BLOCK_SIZE = WC_SHA224_BLOCK_SIZE
#elif !defined(NO_SHA)
WC_HMAC_BLOCK_SIZE = WC_SHA_BLOCK_SIZE,
#elif !defined(NO_MD5)
WC_HMAC_BLOCK_SIZE = WC_MD5_BLOCK_SIZE,
#else
#error "You have to have some kind of hash if you want to use HMAC."
WC_SHA3_224 = WC_HASH_TYPE_SHA3_224,
WC_SHA3_256 = WC_HASH_TYPE_SHA3_256,
WC_SHA3_384 = WC_HASH_TYPE_SHA3_384,
WC_SHA3_512 = WC_HASH_TYPE_SHA3_512,
#endif
};
/* Select the largest available hash for the buffer size. */
#define WC_HMAC_BLOCK_SIZE WC_MAX_BLOCK_SIZE
#if !defined(WOLFSSL_SHA3) && !defined(WOLFSSL_SHA512) && !defined(HAVE_BLAKE2) && \
!defined(WOLFSSL_SHA384) && defined(NO_SHA256) && defined(WOLFSSL_SHA224) && \
defined(NO_SHA) && defined(NO_MD5)
#error "You have to have some kind of hash if you want to use HMAC."
#endif
/* hash union */
typedef union {
@ -119,17 +110,17 @@ typedef union {
#ifndef NO_SHA256
wc_Sha256 sha256;
#endif
#ifdef WOLFSSL_SHA512
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
#endif
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
#endif
#ifdef HAVE_BLAKE2
Blake2b blake2b;
#endif
#ifdef WOLFSSL_SHA3
Sha3 sha3;
wc_Sha3 sha3;
#endif
} Hash;
@ -146,10 +137,6 @@ typedef struct Hmac {
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
word16 keyLen; /* hmac key length (key in ipad) */
#ifdef HAVE_CAVIUM
byte* data; /* buffered input data for one call */
word16 dataLen;
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
} Hmac;

18
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h
View File

@ -1,12 +1,12 @@
/* integer.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -62,6 +62,11 @@ extern "C" {
/* C++ compilers don't like assigning void * to mp_digit * */
#define OPT_CAST(x) (x *)
#elif defined(_SH3)
/* SuperH SH3 compiler doesn't like assigning voi* to mp_digit* */
#define OPT_CAST(x) (x *)
#else
/* C on the other hand doesn't care */
@ -268,6 +273,7 @@ MP_API int mp_unsigned_bin_size(mp_int * a);
MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b);
MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
MP_API int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
/* end functions needed by Rsa */
@ -354,15 +360,19 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
#define mp_dump(desc, a, verbose)
#endif
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \
!defined(NO_DSA) || !defined(NO_DH)
MP_API int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
#endif
#if !defined(NO_DSA) || defined(HAVE_ECC)
MP_API int mp_read_radix(mp_int* a, const char* str, int radix);
#endif
#ifdef WOLFSSL_KEY_GEN
#if defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH)
MP_API int mp_prime_is_prime (mp_int * a, int t, int *result);
MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG*);
#endif /* WOLFSSL_KEY_GEN NO_RSA NO_DSA NO_DH */
#ifdef WOLFSSL_KEY_GEN
MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);

69
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h
View File

@ -1,15 +1,19 @@
/* logging.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/logging.h
*/
/* submitted by eof */
@ -32,6 +36,50 @@ enum wc_LogLevels {
OTHER_LOG
};
#ifdef WOLFSSL_FUNC_TIME
/* WARNING: This code is only to be used for debugging performance.
* The code is not thread-safe.
* Do not use WOLFSSL_FUNC_TIME in production code.
*/
enum wc_FuncNum {
WC_FUNC_HELLO_REQUEST_SEND = 0,
WC_FUNC_HELLO_REQUEST_DO,
WC_FUNC_CLIENT_HELLO_SEND,
WC_FUNC_CLIENT_HELLO_DO,
WC_FUNC_SERVER_HELLO_SEND,
WC_FUNC_SERVER_HELLO_DO,
WC_FUNC_ENCRYPTED_EXTENSIONS_SEND,
WC_FUNC_ENCRYPTED_EXTENSIONS_DO,
WC_FUNC_CERTIFICATE_REQUEST_SEND,
WC_FUNC_CERTIFICATE_REQUEST_DO,
WC_FUNC_CERTIFICATE_SEND,
WC_FUNC_CERTIFICATE_DO,
WC_FUNC_CERTIFICATE_VERIFY_SEND,
WC_FUNC_CERTIFICATE_VERIFY_DO,
WC_FUNC_FINISHED_SEND,
WC_FUNC_FINISHED_DO,
WC_FUNC_KEY_UPDATE_SEND,
WC_FUNC_KEY_UPDATE_DO,
WC_FUNC_EARLY_DATA_SEND,
WC_FUNC_EARLY_DATA_DO,
WC_FUNC_NEW_SESSION_TICKET_SEND,
WC_FUNC_NEW_SESSION_TICKET_DO,
WC_FUNC_SERVER_HELLO_DONE_SEND,
WC_FUNC_SERVER_HELLO_DONE_DO,
WC_FUNC_TICKET_SEND,
WC_FUNC_TICKET_DO,
WC_FUNC_CLIENT_KEY_EXCHANGE_SEND,
WC_FUNC_CLIENT_KEY_EXCHANGE_DO,
WC_FUNC_CERTIFICATE_STATUS_SEND,
WC_FUNC_CERTIFICATE_STATUS_DO,
WC_FUNC_SERVER_KEY_EXCHANGE_SEND,
WC_FUNC_SERVER_KEY_EXCHANGE_DO,
WC_FUNC_END_OF_EARLY_DATA_SEND,
WC_FUNC_END_OF_EARLY_DATA_DO,
WC_FUNC_COUNT
};
#endif
typedef void (*wolfSSL_Logging_cb)(const int logLevel,
const char *const logMessage);
@ -57,10 +105,23 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
WOLFSSL_API int wc_SetLoggingHeap(void* h);
WOLFSSL_API int wc_ERR_remove_state(void);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API void wc_ERR_print_errors_fp(FILE* fp);
WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp);
#endif
#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */
#ifdef WOLFSSL_FUNC_TIME
/* WARNING: This code is only to be used for debugging performance.
* The code is not thread-safe.
* Do not use WOLFSSL_FUNC_TIME in production code.
*/
WOLFSSL_API void WOLFSSL_START(int funcNum);
WOLFSSL_API void WOLFSSL_END(int funcNum);
WOLFSSL_API void WOLFSSL_TIME(int count);
#else
#define WOLFSSL_START(n)
#define WOLFSSL_END(n)
#define WOLFSSL_TIME(n)
#endif
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_DEBUG_ERRORS_ONLY)
#if defined(_WIN32)
@ -93,7 +154,7 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
#endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */
#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
WOLFSSL_API void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line,

11
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/md5.h
View File

@ -1,15 +1,19 @@
/* md5.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/md5.h
*/
#ifndef WOLF_CRYPT_MD5_H
#define WOLF_CRYPT_MD5_H
@ -39,12 +43,13 @@
/* in bytes */
enum {
WC_MD5 = 0, /* hash type unique */
WC_MD5 = WC_HASH_TYPE_MD5,
WC_MD5_BLOCK_SIZE = 64,
WC_MD5_DIGEST_SIZE = 16,
WC_MD5_PAD_SIZE = 56
};
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
#endif

4
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/mpi_class.h
View File

@ -1,12 +1,12 @@
/* mpi_class.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

4
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/mpi_superclass.h
View File

@ -1,12 +1,12 @@
/* mpi_superclass.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/

22
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/pwdbased.h
View File

@ -1,15 +1,18 @@
/* pwdbased.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/pwdbased.h
*/
#ifndef WOLF_CRYPT_PWDBASED_H
#define WOLF_CRYPT_PWDBASED_H
@ -18,11 +21,6 @@
#ifndef NO_PWDBASED
#ifndef NO_MD5
#include <wolfssl/wolfcrypt/md5.h> /* for hash type */
#endif
#include <wolfssl/wolfcrypt/sha.h>
#ifdef __cplusplus
extern "C" {
@ -32,6 +30,10 @@
* hashType renamed to typeH to avoid shadowing global declaration here:
* wolfssl/wolfcrypt/asn.h line 173 in enum Oid_Types
*/
WOLFSSL_API int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen,
const byte* passwd, int passwdLen,
const byte* salt, int saltLen, int iterations,
int hashType, void* heap);
WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations, int kLen,
int typeH);
@ -51,12 +53,6 @@ WOLFSSL_API int wc_scrypt(byte* output, const byte* passwd, int passLen,
int blockSize, int parallel, int dkLen);
#endif
/* helper functions */
WOLFSSL_LOCAL int GetDigestSize(int typeH);
WOLFSSL_LOCAL int GetPKCS12HashSizes(int typeH, word32* v, word32* u);
WOLFSSL_LOCAL int DoPKCS12Hash(int typeH, byte* buffer, word32 totalLen,
byte* Ai, word32 u, int iterations);
#ifdef __cplusplus
} /* extern "C" */

55
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h
View File

@ -1,15 +1,19 @@
/* random.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/random.h
*/
#ifndef WOLF_CRYPT_RANDOM_H
@ -17,8 +21,14 @@
#include <wolfssl/wolfcrypt/types.h>
#ifdef HAVE_FIPS
/* for fips @wc_fips */
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
/* included for fips @wc_fips */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#include <cyassl/ctaocrypt/random.h>
#endif
@ -47,8 +57,8 @@
#endif
/* make sure Hash DRBG is enabled, unless WC_NO_HASHDRBG is defined
or CUSTOM_RAND_GENERATE_BLOCK is defined*/
#if !defined(WC_NO_HASHDRBG) || !defined(CUSTOM_RAND_GENERATE_BLOCK)
or CUSTOM_RAND_GENERATE_BLOCK is defined */
#if !defined(WC_NO_HASHDRBG) && !defined(CUSTOM_RAND_GENERATE_BLOCK)
#undef HAVE_HASHDRBG
#define HAVE_HASHDRBG
#ifndef WC_RESEED_INTERVAL
@ -57,7 +67,9 @@
#endif
#ifndef HAVE_FIPS /* avoid redefining structs and macros */
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
/* RNG supports the following sources (in order):
* 1. CUSTOM_RAND_GENERATE_BLOCK: Defines name of function as RNG source and
@ -85,7 +97,9 @@
#include <wolfssl/wolfcrypt/sha256.h>
#elif defined(HAVE_WNR)
/* allow whitewood as direct RNG source using wc_GenerateSeed directly */
#else
#elif defined(HAVE_INTEL_RDRAND)
/* Intel RDRAND or RDSEED */
#elif !defined(WC_NO_RNG)
#error No RNG source defined!
#endif
@ -138,7 +152,7 @@ struct WC_RNG {
#endif
};
#endif /* HAVE_FIPS */
#endif /* NO FIPS or have FIPS v2*/
/* NO_OLD_RNGNAME removes RNG struct name to prevent possible type conflicts,
* can't be used with CTaoCrypt FIPS */
@ -157,21 +171,42 @@ int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
WOLFSSL_API int wc_FreeNetRandom(void);
#endif /* HAVE_WNR */
#ifndef WC_NO_RNG
WOLFSSL_API int wc_InitRng(WC_RNG*);
WOLFSSL_API int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId);
WOLFSSL_API int wc_InitRngNonce(WC_RNG* rng, byte* nonce, word32 nonceSz);
WOLFSSL_API int wc_InitRngNonce_ex(WC_RNG* rng, byte* nonce, word32 nonceSz,
void* heap, int devId);
WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz);
WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*);
WOLFSSL_API int wc_FreeRng(WC_RNG*);
#else
#include <wolfssl/wolfcrypt/error-crypt.h>
#define wc_InitRng(rng) NOT_COMPILED_IN
#define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN
#define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN
#define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN
#define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN
#define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN
#define wc_FreeRng(rng) (void)NOT_COMPILED_IN
#endif
#ifdef HAVE_HASHDRBG
WOLFSSL_LOCAL int wc_RNG_DRBG_Reseed(WC_RNG* rng, const byte* entropy,
word32 entropySz);
WOLFSSL_API int wc_RNG_TestSeed(const byte* seed, word32 seedSz);
WOLFSSL_API int wc_RNG_HealthTest(int reseed,
const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
byte* output, word32 outputSz);
WOLFSSL_API int wc_RNG_HealthTest_ex(int reseed,
const byte* nonce, word32 nonceSz,
const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
byte* output, word32 outputSz,
void* heap, int devId);
#endif /* HAVE_HASHDRBG */
#ifdef __cplusplus

284
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h
View File

@ -1,12 +1,12 @@
/* settings.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -67,6 +67,9 @@
/* Uncomment next line if building wolfSSL for LSR */
/* #define WOLFSSL_LSR */
/* Uncomment next line if building for Freescale Classic MQX version 4.0 */
/* #define FREESCALE_MQX_4_0 */
/* Uncomment next line if building for Freescale Classic MQX/RTCS/MFS */
/* #define FREESCALE_MQX */
@ -76,7 +79,8 @@
/* Uncomment next line if building for Freescale KSDK Bare Metal */
/* #define FREESCALE_KSDK_BM */
/* Uncomment next line if building for Freescale KSDK FreeRTOS (old name FREESCALE_FREE_RTOS) */
/* Uncomment next line if building for Freescale KSDK FreeRTOS, */
/* (old name FREESCALE_FREE_RTOS) */
/* #define FREESCALE_KSDK_FREERTOS */
/* Uncomment next line if using STM32F2 */
@ -85,6 +89,9 @@
/* Uncomment next line if using STM32F4 */
/* #define WOLFSSL_STM32F4 */
/* Uncomment next line if using STM32FL */
/* #define WOLFSSL_STM32FL */
/* Uncomment next line if using STM32F7 */
/* #define WOLFSSL_STM32F7 */
@ -153,6 +160,18 @@
/* Uncomment next line if building for using XILINX */
/* #define WOLFSSL_XILINX */
/* Uncomment next line if building for Nucleus 1.2 */
/* #define WOLFSSL_NUCLEUS_1_2 */
/* Uncomment next line if building for using Apache mynewt */
/* #define WOLFSSL_APACHE_MYNEWT */
/* Uncomment next line if building for using ESP-IDF */
/* #define WOLFSSL_ESPIDF */
/* Uncomment next line if using Espressif ESP32-WROOM-32 */
/* #define WOLFSSL_ESPWROOM32 */
#include <wolfssl/wolfcrypt/visibility.h>
#ifdef WOLFSSL_USER_SETTINGS
@ -194,6 +213,22 @@
#include <nx_api.h>
#endif
#if defined(WOLFSSL_ESPIDF)
#define FREERTOS
#define WOLFSSL_LWIP
#define NO_WRITEV
#define SIZEOF_LONG_LONG 8
#define NO_WOLFSSL_DIR
#define WOLFSSL_NO_CURRDIR
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#if !defined(WOLFSSL_USER_SETTINGS)
#define HAVE_ECC
#endif /* !WOLFSSL_USER_SETTINGS */
#endif /* WOLFSSL_ESPIDF */
#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
#define WOLFSSL_LWIP
#define NO_WRITEV
@ -202,6 +237,22 @@
#define NO_FILESYSTEM
#endif
#if defined(WOLFSSL_CONTIKI)
#include <contiki.h>
#define WOLFSSL_UIP
#define NO_WOLFSSL_MEMORY
#define NO_WRITEV
#define SINGLE_THREADED
#define WOLFSSL_USER_IO
#define NO_FILESYSTEM
#define CUSTOM_RAND_TYPE uint16_t
#define CUSTOM_RAND_GENERATE random_rand
static inline unsigned int LowResTimer(void)
{
return clock_seconds();
}
#endif
#if defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_ROWLEY_ARM)
#define NO_MAIN_DRIVER
#define SINGLE_THREADED
@ -231,9 +282,15 @@
#endif
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
#ifndef NO_PIC32MZ_CRYPT
#define WOLFSSL_PIC32MZ_CRYPT
#endif
#ifndef NO_PIC32MZ_RNG
#define WOLFSSL_PIC32MZ_RNG
#endif
#ifndef NO_PIC32MZ_HASH
#define WOLFSSL_PIC32MZ_HASH
#endif
#endif
#ifdef MICROCHIP_TCPIP_V5
@ -332,7 +389,8 @@
#ifdef VXWORKS_SIM
#define TFM_NO_ASM
#endif
#define WOLFSSL_PTHREADS
/* For VxWorks pthreads wrappers for mutexes uncomment the next line. */
/* #define WOLFSSL_PTHREADS */
#define WOLFSSL_HAVE_MIN
#define WOLFSSL_HAVE_MAX
#define USE_FAST_MATH
@ -438,6 +496,32 @@
#include "wolfssl_chibios.h"
#endif
#ifdef WOLFSSL_PB
/* PB is using older 1.2 version of Nucleus */
#undef WOLFSSL_NUCLEUS
#define WOLFSSL_NUCLEUS_1_2
#endif
#ifdef WOLFSSL_NUCLEUS_1_2
#define NO_WRITEV
#define NO_WOLFSSL_DIR
#if !defined(NO_ASN_TIME) && !defined(USER_TIME)
#error User must define XTIME, see manual
#endif
#if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER)
extern void* nucleus_malloc(unsigned long size, void* heap, int type);
extern void* nucleus_realloc(void* ptr, unsigned long size, void* heap,
int type);
extern void nucleus_free(void* ptr, void* heap, int type);
#define XMALLOC(s, h, type) nucleus_malloc((s), (h), (type))
#define XREALLOC(p, n, h, t) nucleus_realloc((p), (n), (h), (t))
#define XFREE(p, h, type) nucleus_free((p), (h), (type))
#endif
#endif
#ifdef WOLFSSL_NRF5x
#define SIZEOF_LONG 4
#define SIZEOF_LONG_LONG 8
@ -494,7 +578,7 @@ extern void uITRON4_free(void *p) ;
#include "tm/tmonitor.h"
/* static char* gets(char *buff); */
static char* fgets(char *buff, int sz, FILE *fp) {
static char* fgets(char *buff, int sz, XFILE fp) {
char * p = buff;
*p = '\0';
while (1) {
@ -539,7 +623,9 @@ extern void uITRON4_free(void *p) ;
#define XMALLOC(s, h, type) pvPortMalloc((s))
#define XFREE(p, h, type) vPortFree((p))
#endif
#if defined(HAVE_ED25519) || defined(WOLFSSL_ESPIDF)
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
#endif
#ifndef NO_WRITEV
#define NO_WRITEV
#endif
@ -700,6 +786,11 @@ extern void uITRON4_free(void *p) ;
#define TFM_TIMING_RESISTANT
#endif
#ifdef FREESCALE_MQX_4_0
/* use normal Freescale MQX port, but with minor changes for 4.0 */
#define FREESCALE_MQX
#endif
#ifdef FREESCALE_MQX
#define FREESCALE_COMMON
#include "mqx.h"
@ -716,10 +807,12 @@ extern void uITRON4_free(void *p) ;
#include "mutex.h"
#endif
#if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER)
#define XMALLOC_OVERRIDE
#define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
#define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */
#endif
#endif
#ifdef FREESCALE_KSDK_MQX
@ -946,14 +1039,6 @@ extern void uITRON4_free(void *p) ;
#undef NO_ECC256
#define HAVE_ECC384
#endif
/* enable features */
#undef HAVE_CURVE25519
#define HAVE_CURVE25519
#undef HAVE_ED25519
#define HAVE_ED25519
#undef WOLFSSL_SHA512
#define WOLFSSL_SHA512
#endif
#endif
#endif
@ -977,7 +1062,8 @@ extern void uITRON4_free(void *p) ;
#endif
#if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7)
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \
defined(WOLFSSL_STM32L4)
#define SIZEOF_LONG_LONG 8
#define NO_DEV_RANDOM
@ -987,10 +1073,17 @@ extern void uITRON4_free(void *p) ;
#ifndef NO_STM32_RNG
#undef STM32_RNG
#define STM32_RNG
#ifdef WOLFSSL_STM32F427_RNG
#include "stm32f427xx.h"
#endif
#endif
#ifndef NO_STM32_CRYPTO
#undef STM32_CRYPTO
#define STM32_CRYPTO
#ifdef WOLFSSL_STM32L4
#define NO_AES_192 /* hardware does not support 192-bit */
#endif
#endif
#ifndef NO_STM32_HASH
#undef STM32_HASH
@ -1003,10 +1096,14 @@ extern void uITRON4_free(void *p) ;
#ifdef WOLFSSL_STM32_CUBEMX
#if defined(WOLFSSL_STM32F2)
#include "stm32f2xx_hal.h"
#elif defined(WOLFSSL_STM32L4)
#include "stm32l4xx_hal.h"
#elif defined(WOLFSSL_STM32F4)
#include "stm32f4xx_hal.h"
#elif defined(WOLFSSL_STM32F7)
#include "stm32f7xx_hal.h"
#elif defined(WOLFSSL_STM32F1)
#include "stm32f1xx_hal.h"
#endif
#ifndef STM32_HAL_TIMEOUT
@ -1029,11 +1126,21 @@ extern void uITRON4_free(void *p) ;
#ifdef STM32_HASH
#include "stm32f4xx_hash.h"
#endif
#elif defined(WOLFSSL_STM32L4)
#include "stm32l4xx.h"
#ifdef STM32_CRYPTO
#include "stm32l4xx_cryp.h"
#endif
#ifdef STM32_HASH
#include "stm32l4xx_hash.h"
#endif
#elif defined(WOLFSSL_STM32F7)
#include "stm32f7xx.h"
#elif defined(WOLFSSL_STM32F1)
#include "stm32f1xx.h"
#endif
#endif /* WOLFSSL_STM32_CUBEMX */
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32F7 */
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || WOLFSSL_STM32F7 */
#ifdef MICRIUM
#include <stdlib.h>
@ -1070,12 +1177,6 @@ extern void uITRON4_free(void *p) ;
#define CUSTOM_RAND_TYPE RAND_NBR
#define CUSTOM_RAND_GENERATE Math_Rand
#endif
#define WOLFSSL_TYPES
typedef CPU_INT08U byte;
typedef CPU_INT16U word16;
typedef CPU_INT32U word32;
#define STRING_USER
#define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
#define XSTRNCPY(pstr_dest, pstr_src, len_max) \
@ -1172,6 +1273,41 @@ extern void uITRON4_free(void *p) ;
#endif
#endif /*(WOLFSSL_XILINX_CRYPT)*/
#if defined(WOLFSSL_APACHE_MYNEWT)
#include "os/os_malloc.h"
#if !defined(WOLFSSL_LWIP)
#include <mn_socket/mn_socket.h>
#endif
#if !defined(SIZEOF_LONG)
#define SIZEOF_LONG 4
#endif
#if !defined(SIZEOF_LONG_LONG)
#define SIZEOF_LONG_LONG 8
#endif
#if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
#define BIG_ENDIAN_ORDER
#else
#undef BIG_ENDIAN_ORDER
#define LITTLE_ENDIAN_ORDER
#endif
#define NO_WRITEV
#define WOLFSSL_USER_IO
#define SINGLE_THREADED
#define NO_DEV_RANDOM
#define NO_DH
#define NO_WOLFSSL_DIR
#define NO_ERROR_STRINGS
#define HAVE_ECC
#define NO_SESSION_CACHE
#define NO_ERROR_STRINGS
#define XMALLOC_USER
#define XMALLOC(sz, heap, type) os_malloc(sz)
#define XREALLOC(p, sz, heap, type) os_realloc(p, sz)
#define XFREE(p, heap, type) os_free(p)
#endif /*(WOLFSSL_APACHE_MYNEWT)*/
#ifdef WOLFSSL_IMX6
#ifndef SIZEOF_LONG_LONG
#define SIZEOF_LONG_LONG 8
@ -1232,7 +1368,6 @@ extern void uITRON4_free(void *p) ;
#else
#define TFM_TIMING_RESISTANT
#define NO_WOLFSSL_DIR
#define NO_FILESYSTEM
#define NO_WRITEV
#define NO_MAIN_DRIVER
#define WOLFSSL_LOG_PRINTF
@ -1240,9 +1375,6 @@ extern void uITRON4_free(void *p) ;
#endif
#else
#define HAVE_ECC
#define ECC_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#define NO_FILESYSTEM
#define NO_WRITEV
#define NO_MAIN_DRIVER
#define USER_TICKS
@ -1252,6 +1384,10 @@ extern void uITRON4_free(void *p) ;
#if !defined(HAVE_FIPS) && !defined(NO_RSA)
#define WC_RSA_BLINDING
#endif
#define NO_FILESYSTEM
#define ECC_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#define SINGLE_THREADED
#define NO_ASN_TIME /* can not use headers such as windows.h */
#define HAVE_AESGCM
@ -1414,10 +1550,6 @@ extern void uITRON4_free(void *p) ;
#ifndef NO_AES_CBC
#undef HAVE_AES_CBC
#define HAVE_AES_CBC
#else
#ifndef WOLFCRYPT_ONLY
#error "AES CBC is required for TLS and can only be disabled for WOLFCRYPT_ONLY builds"
#endif
#endif
#ifdef WOLFSSL_AES_XTS
/* AES-XTS makes calls to AES direct functions */
@ -1433,6 +1565,13 @@ extern void uITRON4_free(void *p) ;
#endif
#endif
#if (defined(WOLFSSL_TLS13) && defined(WOLFSSL_NO_TLS12)) || \
(!defined(HAVE_AES_CBC) && defined(NO_DES3) && defined(NO_RC4) && \
!defined(HAVE_CAMELLIA) && !defined(HAVE_IDEA) && \
!defined(HAVE_NULL_CIPHER) && !defined(HAVE_HC128))
#define WOLFSSL_AEAD_ONLY
#endif
/* if desktop type system and fastmath increase default max bits */
#ifdef WOLFSSL_X86_64_BUILD
#ifdef USE_FAST_MATH
@ -1499,9 +1638,9 @@ extern void uITRON4_free(void *p) ;
#define HAVE_WOLF_EVENT
#ifdef WOLFSSL_ASYNC_CRYPT_TEST
#define WC_ASYNC_DEV_SIZE 320+24
#define WC_ASYNC_DEV_SIZE 328+24
#else
#define WC_ASYNC_DEV_SIZE 320
#define WC_ASYNC_DEV_SIZE 328
#endif
#if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \
@ -1551,7 +1690,7 @@ extern void uITRON4_free(void *p) ;
#ifndef HAVE_AES_KEYWRAP
#error PKCS7 requires AES key wrap please define HAVE_AES_KEYWRAP
#endif
#ifndef HAVE_X963_KDF
#if defined(HAVE_ECC) && !defined(HAVE_X963_KDF)
#error PKCS7 requires X963 KDF please define HAVE_X963_KDF
#endif
#endif
@ -1574,7 +1713,7 @@ extern void uITRON4_free(void *p) ;
#undef HAVE_GMTIME_R /* don't trust macro with windows */
#endif /* WOLFSSL_MYSQL_COMPATIBLE */
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#define SSL_OP_NO_COMPRESSION SSL_OP_NO_COMPRESSION
#define OPENSSL_NO_ENGINE
#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT
@ -1614,7 +1753,8 @@ extern void uITRON4_free(void *p) ;
#ifndef WC_NO_HARDEN
#if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
(defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
(!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS))
(!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) && \
!defined(WC_NO_RNG))
#ifndef _MSC_VER
#warning "For timing resistance / side-channel attack prevention consider using harden options"
@ -1626,8 +1766,8 @@ extern void uITRON4_free(void *p) ;
#if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA)
/* added to have compatibility with SHA256() */
#if !defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS)
#define NO_OLD_SHA256_NAMES
#if !defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS)
#define NO_OLD_SHA_NAMES
#endif
#endif
@ -1638,6 +1778,76 @@ extern void uITRON4_free(void *p) ;
#define OPENSSL_EXTRA_X509_SMALL
#endif /* OPENSSL_EXTRA */
/* support for converting DER to PEM */
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || \
defined(OPENSSL_EXTRA)
#undef WOLFSSL_DER_TO_PEM
#define WOLFSSL_DER_TO_PEM
#endif
/* keep backwards compatibility enabling encrypted private key */
#ifndef WOLFSSL_ENCRYPTED_KEYS
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(HAVE_WEBSERVER)
#define WOLFSSL_ENCRYPTED_KEYS
#endif
#endif
/* support for disabling PEM to DER */
#if !defined(WOLFSSL_NO_PEM)
#undef WOLFSSL_PEM_TO_DER
#define WOLFSSL_PEM_TO_DER
#endif
/* Parts of the openssl compatibility layer require peer certs */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#undef KEEP_PEER_CERT
#define KEEP_PEER_CERT
#endif
/* RAW hash function APIs are not implemented with ARMv8 hardware acceleration*/
#ifdef WOLFSSL_ARMASM
#undef WOLFSSL_NO_HASH_RAW
#define WOLFSSL_NO_HASH_RAW
#endif
#if !defined(WOLFSSL_SHA384) && !defined(WOLFSSL_SHA512) && defined(NO_AES) && \
!defined(WOLFSSL_SHA3)
#undef WOLFSSL_NO_WORD64_OPS
#define WOLFSSL_NO_WORD64_OPS
#endif
#if defined(NO_AES) && defined(NO_DES3) && !defined(HAVE_CAMELLIA) && \
defined(NO_PWDBASED) && !defined(HAVE_IDEA)
#undef WOLFSSL_NO_XOR_OPS
#define WOLFSSL_NO_XOR_OPS
#endif
#if defined(NO_ASN) && defined(WOLFCRYPT_ONLY)
#undef WOLFSSL_NO_INT_ENCODE
#define WOLFSSL_NO_INT_ENCODE
#undef WOLFSSL_NO_INT_DECODE
#define WOLFSSL_NO_INT_DECODE
#endif
#if defined(WOLFCRYPT_ONLY) && defined(WOLFSSL_RSA_VERIFY_ONLY) && \
defined(WC_NO_RSA_OAEP)
#undef WOLFSSL_NO_CT_OPS
#define WOLFSSL_NO_CT_OPS
#endif
#if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(HAVE_CURVE25519) && \
defined(WC_NO_RNG) && defined(WC_NO_RSA_OAEP)
#undef WOLFSSL_NO_CONST_CMP
#define WOLFSSL_NO_CONST_CMP
#endif
#if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(WOLFSSL_SHA384) && \
!defined(WOLFSSL_SHA512) && defined(WC_NO_RNG) && \
defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_RSA_PUBLIC_ONLY)
#undef WOLFSSL_NO_FORCE_ZERO
#define WOLFSSL_NO_FORCE_ZERO
#endif
#ifdef __cplusplus
} /* extern "C" */

28
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h
View File

@ -1,15 +1,19 @@
/* sha.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/sha.h
*/
#ifndef WOLF_CRYPT_SHA_H
#define WOLF_CRYPT_SHA_H
@ -18,7 +22,13 @@
#ifndef NO_SHA
#ifdef HAVE_FIPS
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#define wc_Sha Sha
#define WC_SHA SHA
#define WC_SHA_BLOCK_SIZE SHA_BLOCK_SIZE
@ -37,7 +47,9 @@
extern "C" {
#endif
#ifndef HAVE_FIPS /* avoid redefining structs */
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
@ -49,9 +61,12 @@
#include <wolfssl/wolfcrypt/async.h>
#endif
#if !defined(NO_OLD_SHA_NAMES)
#define SHA WC_SHA
#endif
#ifndef NO_OLD_WC_NAMES
#define Sha wc_Sha
#define SHA WC_SHA
#define SHA_BLOCK_SIZE WC_SHA_BLOCK_SIZE
#define SHA_DIGEST_SIZE WC_SHA_DIGEST_SIZE
#define SHA_PAD_SIZE WC_SHA_PAD_SIZE
@ -59,7 +74,7 @@
/* in bytes */
enum {
WC_SHA = 1, /* hash type unique */
WC_SHA = WC_HASH_TYPE_SHA,
WC_SHA_BLOCK_SIZE = 64,
WC_SHA_DIGEST_SIZE = 20,
WC_SHA_PAD_SIZE = 56
@ -107,6 +122,7 @@ typedef struct wc_Sha {
WOLFSSL_API int wc_InitSha(wc_Sha*);
WOLFSSL_API int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId);
WOLFSSL_API int wc_ShaUpdate(wc_Sha*, const byte*, word32);
WOLFSSL_API int wc_ShaFinalRaw(wc_Sha*, byte*);
WOLFSSL_API int wc_ShaFinal(wc_Sha*, byte*);
WOLFSSL_API void wc_ShaFree(wc_Sha*);

48
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h
View File

@ -1,15 +1,19 @@
/* sha256.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/sha256.h
*/
/* code submitted by raphael.huck@efixo.com */
@ -20,7 +24,13 @@
#ifndef NO_SHA256
#ifdef HAVE_FIPS
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#define wc_Sha256 Sha256
#define WC_SHA256 SHA256
#define WC_SHA256_BLOCK_SIZE SHA256_BLOCK_SIZE
@ -48,7 +58,9 @@
extern "C" {
#endif
#ifndef HAVE_FIPS /* avoid redefinition of structs */
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
@ -59,6 +71,9 @@
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
#if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HASH)
#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
#if defined(_MSC_VER)
#define SHA256_NOINLINE __declspec(noinline)
@ -68,9 +83,10 @@
#define SHA256_NOINLINE
#endif
#ifndef NO_OLD_SHA256_NAMES
#if !defined(NO_OLD_SHA_NAMES)
#define SHA256 WC_SHA256
#endif
#ifndef NO_OLD_WC_NAMES
#define Sha256 wc_Sha256
#define SHA256_BLOCK_SIZE WC_SHA256_BLOCK_SIZE
@ -80,16 +96,19 @@
/* in bytes */
enum {
WC_SHA256 = 2, /* hash type unique */
WC_SHA256 = WC_HASH_TYPE_SHA256,
WC_SHA256_BLOCK_SIZE = 64,
WC_SHA256_DIGEST_SIZE = 32,
WC_SHA256_PAD_SIZE = 56
};
#ifdef WOLFSSL_TI_HASH
#include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
#elif defined(WOLFSSL_IMX6_CAAM)
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
#elif defined(WOLFSSL_AFALG_HASH)
#include "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h"
#else
/* wc_Sha256 digest */
typedef struct wc_Sha256 {
@ -114,6 +133,15 @@ typedef struct wc_Sha256 {
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_SMALL_STACK_CACHE
word32* W;
#endif
#ifdef WOLFSSL_DEVCRYPTO_HASH
WC_CRYPTODEV ctx;
byte* msg;
word32 used;
word32 len;
#endif
#endif
} wc_Sha256;
@ -124,6 +152,7 @@ typedef struct wc_Sha256 {
WOLFSSL_API int wc_InitSha256(wc_Sha256*);
WOLFSSL_API int wc_InitSha256_ex(wc_Sha256*, void*, int);
WOLFSSL_API int wc_Sha256Update(wc_Sha256*, const byte*, word32);
WOLFSSL_API int wc_Sha256FinalRaw(wc_Sha256*, byte*);
WOLFSSL_API int wc_Sha256Final(wc_Sha256*, byte*);
WOLFSSL_API void wc_Sha256Free(wc_Sha256*);
@ -135,7 +164,9 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32);
#endif
#ifdef WOLFSSL_SHA224
#ifndef HAVE_FIPS /* avoid redefinition of structs */
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifndef NO_OLD_WC_NAMES
#define Sha224 wc_Sha224
@ -147,12 +178,13 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32);
/* in bytes */
enum {
WC_SHA224 = 8, /* hash type unique */
WC_SHA224 = WC_HASH_TYPE_SHA224,
WC_SHA224_BLOCK_SIZE = WC_SHA256_BLOCK_SIZE,
WC_SHA224_DIGEST_SIZE = 28,
WC_SHA224_PAD_SIZE = WC_SHA256_PAD_SIZE
};
typedef wc_Sha256 wc_Sha224;
#endif /* HAVE_FIPS */

200
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h
View File

@ -1,16 +1,18 @@
/* types.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/types.h
*/
#ifndef WOLF_CRYPT_TYPES_H
#define WOLF_CRYPT_TYPES_H
@ -91,7 +93,7 @@
(defined(LP64) || defined(_LP64))
/* LP64 with GNU GCC compiler is reserved for when long int is 64 bits
* and int uses 32 bits. When using Solaris Studio sparc and __sparc are
* avialable for 32 bit detection but __sparc64__ could be missed. This
* available for 32 bit detection but __sparc64__ could be missed. This
* uses LP64 for checking 64 bit CPU arch. */
typedef word64 wolfssl_word;
#define WC_64BIT_CPU
@ -117,28 +119,32 @@
#define WOLFSSL_MAX_16BIT 0xffffU
/* use inlining if compiler allows */
#ifndef INLINE
#ifndef WC_INLINE
#ifndef NO_INLINE
#ifdef _MSC_VER
#define INLINE __inline
#define WC_INLINE __inline
#elif defined(__GNUC__)
#ifdef WOLFSSL_VXWORKS
#define INLINE __inline__
#define WC_INLINE __inline__
#else
#define INLINE inline
#define WC_INLINE inline
#endif
#elif defined(__IAR_SYSTEMS_ICC__)
#define INLINE inline
#define WC_INLINE inline
#elif defined(THREADX)
#define INLINE _Inline
#define WC_INLINE _Inline
#else
#define INLINE
#define WC_INLINE
#endif
#else
#define INLINE
#define WC_INLINE
#endif
#endif
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
#define INLINE WC_INLINE
#endif
/* set up rotate style */
#if (defined(_MSC_VER) || defined(__BCPLUSPLUS__)) && \
@ -160,7 +166,7 @@
#if defined(_MSC_VER)
#define THREAD_LS_T __declspec(thread)
/* Thread local storage only in FreeRTOS v8.2.1 and higher */
#elif defined(FREERTOS)
#elif defined(FREERTOS) || defined(FREERTOS_TCP)
#define THREAD_LS_T
#else
#define THREAD_LS_T __thread
@ -172,7 +178,7 @@
/* GCC 7 has new switch() fall-through detection */
#if defined(__GNUC__)
#if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1)))
#define FALL_THROUGH __attribute__ ((fallthrough));
#define FALL_THROUGH __attribute__ ((fallthrough))
#endif
#endif
#ifndef FALL_THROUGH
@ -190,7 +196,7 @@
/* idea to add global alloc override by Moises Guimaraes */
/* default to libc stuff */
/* XREALLOC is used once in normal math lib, not in fast math lib */
/* XFREE on some embeded systems doesn't like free(0) so test */
/* XFREE on some embedded systems doesn't like free(0) so test */
#if defined(HAVE_IO_POOL)
WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type);
WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type);
@ -213,6 +219,20 @@
extern void *XMALLOC(size_t n, void* heap, int type);
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
#elif defined(WOLFSSL_MEMORY_LOG)
#define XMALLOC(n, h, t) xmalloc(n, h, t, __func__, __FILE__, __LINE__)
#define XREALLOC(p, n, h, t) xrealloc(p, n, h, t, __func__, __FILE__, __LINE__)
#define XFREE(p, h, t) xfree(p, h, t, __func__, __FILE__, __LINE__)
/* prototypes for user heap override functions */
#include <stddef.h> /* for size_t */
#include <stdlib.h>
extern void *xmalloc(size_t n, void* heap, int type, const char* func,
const char* file, unsigned int line);
extern void *xrealloc(void *p, size_t n, void* heap, int type,
const char* func, const char* file, unsigned int line);
extern void xfree(void *p, void* heap, int type, const char* func,
const char* file, unsigned int line);
#elif defined(XMALLOC_OVERRIDE)
/* override the XMALLOC, XFREE and XREALLOC macros */
#elif defined(NO_WOLFSSL_MEMORY)
@ -253,10 +273,10 @@
/* declare/free variable handling for async */
#ifdef WOLFSSL_ASYNC_CRYPT
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT);
VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
#define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \
VAR_TYPE* VAR_NAME = ({ \
VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
if (ptr && INIT_VALUE) { \
XMEMCPY(ptr, INIT_VALUE, sizeof(VAR_TYPE) * VAR_SIZE); \
} \
@ -266,13 +286,13 @@
VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
int idx##VAR_NAME; \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
}
#define FREE_VAR(VAR_NAME, HEAP) \
XFREE(VAR_NAME, HEAP, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(VAR_NAME, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
#define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
XFREE(VAR_NAME[idx##VAR_NAME], HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
XFREE(VAR_NAME[idx##VAR_NAME], (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
}
#else
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
@ -285,8 +305,13 @@
#define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) /* nothing to free, its stack */
#endif
#ifndef WOLFSSL_LEANPSK
char* mystrnstr(const char* s1, const char* s2, unsigned int n);
#if !defined(USE_WOLF_STRTOK) && \
((defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR)) || \
defined(WOLFSSL_TIRTOS) || defined(WOLF_C99))
#define USE_WOLF_STRTOK
#endif
#if !defined(USE_WOLF_STRSEP) && (defined(WOLF_C99))
#define USE_WOLF_STRSEP
#endif
#ifndef STRING_USER
@ -305,20 +330,30 @@
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
#ifdef USE_WOLF_STRSEP
#define XSTRSEP(s1,d) wc_strsep((s1),(d))
#else
#define XSTRSEP(s1,d) strsep((s1),(d))
#endif
#if defined(MICROCHIP_PIC32) || defined(WOLFSSL_TIRTOS)
/* XC32 does not support strncasecmp, so use case sensitive one */
#define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n))
#elif defined(USE_WINDOWS_API)
#elif defined(USE_WINDOWS_API) || defined(FREERTOS_TCP_WINSIM)
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
#else
#if defined(HAVE_STRINGS_H) && defined(WOLF_C99) && \
!defined(WOLFSSL_SGX)
#include <strings.h>
#endif
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#endif
/* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when
debugging is turned on */
#ifndef USE_WINDOWS_API
#if defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
!defined(NO_STDIO_FILESYSTEM)
#if defined(NO_FILESYSTEM) && (defined(OPENSSL_EXTRA) || \
defined(HAVE_PKCS7)) && !defined(NO_STDIO_FILESYSTEM)
/* case where stdio is not included else where but is needed for
* snprintf */
#include <stdio.h>
@ -330,20 +365,23 @@
#if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN)
/* use only Thread Safe version of strtok */
#if defined(__MINGW32__) || defined(WOLFSSL_TIRTOS) || \
defined(USE_WOLF_STRTOK)
#ifndef USE_WOLF_STRTOK
#define USE_WOLF_STRTOK
#endif
#define XSTRTOK wc_strtok
#if defined(USE_WOLF_STRTOK)
#define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
#elif defined(USE_WINDOWS_API) || defined(INTIME_RTOS)
#define XSTRTOK strtok_s
#define XSTRTOK(s1,d,ptr) strtok_s((s1),(d),(ptr))
#else
#define XSTRTOK strtok_r
#define XSTRTOK(s1,d,ptr) strtok_r((s1),(d),(ptr))
#endif
#endif
#endif
#ifdef USE_WOLF_STRTOK
WOLFSSL_API char* wc_strtok(char *str, const char *delim, char **nextp);
#endif
#ifdef USE_WOLF_STRSEP
WOLFSSL_API char* wc_strsep(char **stringp, const char *delim);
#endif
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
!defined(NO_STDIO_FILESYSTEM)
#ifndef XGETENV
@ -449,7 +487,7 @@
DYNAMIC_TYPE_DIRCTX = 81,
DYNAMIC_TYPE_HASHCTX = 82,
DYNAMIC_TYPE_SEED = 83,
DYNAMIC_TYPE_SYMETRIC_KEY = 84,
DYNAMIC_TYPE_SYMMETRIC_KEY= 84,
DYNAMIC_TYPE_ECC_BUFFER = 85,
DYNAMIC_TYPE_QSH = 86,
DYNAMIC_TYPE_SALT = 87,
@ -469,6 +507,93 @@
};
/* Algorithm Types */
enum wc_AlgoType {
WC_ALGO_TYPE_NONE = 0,
WC_ALGO_TYPE_HASH = 1,
WC_ALGO_TYPE_CIPHER = 2,
WC_ALGO_TYPE_PK = 3,
WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_PK
};
/* hash types */
enum wc_HashType {
#if defined(HAVE_SELFTEST) || defined(HAVE_FIPS)
/* In selftest build, WC_* types are not mapped to WC_HASH_TYPE types.
* Values here are based on old selftest hmac.h enum, with additions */
WC_HASH_TYPE_NONE = 15,
WC_HASH_TYPE_MD2 = 16,
WC_HASH_TYPE_MD4 = 17,
WC_HASH_TYPE_MD5 = 0,
WC_HASH_TYPE_SHA = 1, /* SHA-1 (not old SHA-0) */
WC_HASH_TYPE_SHA224 = 8,
WC_HASH_TYPE_SHA256 = 2,
WC_HASH_TYPE_SHA384 = 5,
WC_HASH_TYPE_SHA512 = 4,
WC_HASH_TYPE_MD5_SHA = 18,
WC_HASH_TYPE_SHA3_224 = 10,
WC_HASH_TYPE_SHA3_256 = 11,
WC_HASH_TYPE_SHA3_384 = 12,
WC_HASH_TYPE_SHA3_512 = 13,
WC_HASH_TYPE_BLAKE2B = 14,
WC_HASH_TYPE_MAX = WC_HASH_TYPE_MD5_SHA
#else
WC_HASH_TYPE_NONE = 0,
WC_HASH_TYPE_MD2 = 1,
WC_HASH_TYPE_MD4 = 2,
WC_HASH_TYPE_MD5 = 3,
WC_HASH_TYPE_SHA = 4, /* SHA-1 (not old SHA-0) */
WC_HASH_TYPE_SHA224 = 5,
WC_HASH_TYPE_SHA256 = 6,
WC_HASH_TYPE_SHA384 = 7,
WC_HASH_TYPE_SHA512 = 8,
WC_HASH_TYPE_MD5_SHA = 9,
WC_HASH_TYPE_SHA3_224 = 10,
WC_HASH_TYPE_SHA3_256 = 11,
WC_HASH_TYPE_SHA3_384 = 12,
WC_HASH_TYPE_SHA3_512 = 13,
WC_HASH_TYPE_BLAKE2B = 14,
WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2B
#endif /* HAVE_SELFTEST */
};
/* cipher types */
enum wc_CipherType {
WC_CIPHER_NONE = 0,
WC_CIPHER_AES = 1,
WC_CIPHER_AES_CBC = 2,
WC_CIPHER_AES_GCM = 3,
WC_CIPHER_AES_CTR = 4,
WC_CIPHER_AES_XTS = 5,
WC_CIPHER_AES_CFB = 6,
WC_CIPHER_DES3 = 7,
WC_CIPHER_DES = 8,
WC_CIPHER_CHACHA = 9,
WC_CIPHER_HC128 = 10,
WC_CIPHER_IDEA = 11,
WC_CIPHER_MAX = WC_CIPHER_HC128
};
/* PK=public key (asymmetric) based algorithms */
enum wc_PkType {
WC_PK_TYPE_NONE = 0,
WC_PK_TYPE_RSA = 1,
WC_PK_TYPE_DH = 2,
WC_PK_TYPE_ECDH = 3,
WC_PK_TYPE_ECDSA_SIGN = 4,
WC_PK_TYPE_ECDSA_VERIFY = 5,
WC_PK_TYPE_ED25519 = 6,
WC_PK_TYPE_CURVE25519 = 7,
WC_PK_TYPE_RSA_KEYGEN = 8,
WC_PK_TYPE_EC_KEYGEN = 9,
WC_PK_TYPE_MAX = WC_PK_TYPE_EC_KEYGEN
};
/* settings detection for compile vs runtime math incompatibilities */
enum {
@ -617,6 +742,13 @@
#define WC_NORETURN
#endif
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \
defined(WOLFSSL_DEBUG_MATH) || defined(DEBUG_WOLFSSL) || \
defined(WOLFSSL_PUBLIC_MP) || defined(OPENSSL_EXTRA) || \
(defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT))
#undef WC_MP_TO_RADIX
#define WC_MP_TO_RADIX
#endif
#ifdef __cplusplus
} /* extern "C" */

23
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h
View File

@ -1,12 +1,12 @@
/* visibility.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -18,7 +18,10 @@
/* for compatibility and so that fips is using same name of macro @wc_fips */
#ifdef HAVE_FIPS
/* The following visibility wrappers are for old FIPS. New FIPS should use
* the same as a non-FIPS build. */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#include <cyassl/ctaocrypt/visibility.h>
#define WOLFSSL_API CYASSL_API
#define WOLFSSL_LOCAL CYASSL_LOCAL
@ -31,19 +34,19 @@
*/
#if defined(BUILDING_WOLFSSL)
#if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
#define WOLFSSL_API __attribute__ ((visibility("default")))
#define WOLFSSL_LOCAL __attribute__ ((visibility("hidden")))
#elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
#define WOLFSSL_API __global
#define WOLFSSL_LOCAL __hidden
#elif defined(_MSC_VER) || defined(__MINGW32__)
#if defined(_MSC_VER) || defined(__MINGW32__)
#if defined(WOLFSSL_DLL)
#define WOLFSSL_API __declspec(dllexport)
#else
#define WOLFSSL_API
#endif
#define WOLFSSL_LOCAL
#elif defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
#define WOLFSSL_API __attribute__ ((visibility("default")))
#define WOLFSSL_LOCAL __attribute__ ((visibility("hidden")))
#elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
#define WOLFSSL_API __global
#define WOLFSSL_LOCAL __hidden
#else
#define WOLFSSL_API
#define WOLFSSL_LOCAL

126
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h Normal file → Executable file
View File

@ -1,16 +1,18 @@
/* wc_port.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfcrypt/wc_port.h
*/
#ifndef WOLF_CRYPT_PORT_H
#define WOLF_CRYPT_PORT_H
@ -22,6 +24,14 @@
extern "C" {
#endif
/* Detect if compiler supports C99. "NO_WOLF_C99" can be defined in
* user_settings.h to disable checking for C99 support. */
#if !defined(WOLF_C99) && defined(__STDC_VERSION__) && \
!defined(WOLFSSL_ARDUINO) && !defined(NO_WOLF_C99)
#if __STDC_VERSION__ >= 199901L
#define WOLF_C99
#endif
#endif
#ifdef USE_WINDOWS_API
#ifdef WOLFSSL_GAME_BUILD
@ -55,6 +65,8 @@
/* do nothing */
#elif defined(FREESCALE_FREE_RTOS)
#include "fsl_os_abstraction.h"
#elif defined(WOLFSSL_VXWORKS)
#include <semLib.h>
#elif defined(WOLFSSL_uITRON4)
#include "stddef.h"
#include "kernel.h"
@ -78,6 +90,13 @@
#elif defined(INTIME_RTOS)
#include <rt.h>
#include <io.h>
#elif defined(WOLFSSL_NUCLEUS_1_2)
/* NU_DEBUG needed struct access in nucleus_realloc */
#define NU_DEBUG
#include "plus/nucleus.h"
#include "nucleus.h"
#elif defined(WOLFSSL_APACHE_MYNEWT)
/* do nothing */
#else
#ifndef SINGLE_THREADED
#define WOLFSSL_PTHREADS
@ -125,6 +144,8 @@
typedef MUTEX_STRUCT wolfSSL_Mutex;
#elif defined(FREESCALE_FREE_RTOS)
typedef mutex_t wolfSSL_Mutex;
#elif defined(WOLFSSL_VXWORKS)
typedef SEM_ID wolfSSL_Mutex;
#elif defined(WOLFSSL_uITRON4)
typedef struct wolfSSL_Mutex {
T_CSEM sem ;
@ -149,6 +170,8 @@
typedef mutex_t * wolfSSL_Mutex;
#elif defined(INTIME_RTOS)
typedef RTHANDLE wolfSSL_Mutex;
#elif defined(WOLFSSL_NUCLEUS_1_2)
typedef NU_SEMAPHORE wolfSSL_Mutex;
#else
#error Need a mutex type in multithreaded mode
#endif /* USE_WINDOWS_API */
@ -254,6 +277,34 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XSEEK_END FS_SEEK_END
#define XBADFILE NULL
#define XFGETS(b,s,f) -2 /* Not ported yet */
#elif defined(WOLFSSL_NUCLEUS_1_2)
#include "fal/inc/fal.h"
#define XFILE FILE*
#define XFOPEN fopen
#define XFSEEK fseek
#define XFTELL ftell
#define XREWIND rewind
#define XFREAD fread
#define XFWRITE fwrite
#define XFCLOSE fclose
#define XSEEK_END PSEEK_END
#define XBADFILE NULL
#elif defined(WOLFSSL_APACHE_MYNEWT)
#include <fs/fs.h>
#define XFILE struct fs_file*
#define XFOPEN mynewt_fopen
#define XFSEEK mynewt_fseek
#define XFTELL mynewt_ftell
#define XREWIND mynewt_rewind
#define XFREAD mynewt_fread
#define XFWRITE mynewt_fwrite
#define XFCLOSE mynewt_fclose
#define XSEEK_END 2
#define XBADFILE NULL
#define XFGETS(b,s,f) -2 /* Not ported yet */
#elif defined(WOLFSSL_USER_FILESYSTEM)
/* To be defined in user_settings.h */
#else
/* stdio, default case */
#include <stdio.h>
@ -274,7 +325,8 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XBADFILE NULL
#define XFGETS fgets
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\
&& !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
#include <dirent.h>
#include <unistd.h>
#include <sys/stat.h>
@ -288,7 +340,8 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define MAX_PATH 256
#endif
#if !defined(NO_WOLFSSL_DIR)
#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_NUCLEUS) && \
!defined(WOLFSSL_NUCLEUS_1_2)
typedef struct ReadDirCtx {
#ifdef USE_WINDOWS_API
WIN32_FIND_DATAA FindFileData;
@ -301,6 +354,8 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
char name[MAX_FILENAME_SZ];
} ReadDirCtx;
#define WC_READDIR_NOFILE -1
WOLFSSL_API int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name);
WOLFSSL_API int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name);
WOLFSSL_API void wc_ReadDirClose(ReadDirCtx* ctx);
@ -308,10 +363,6 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif /* !NO_FILESYSTEM */
#ifdef USE_WOLF_STRTOK
WOLFSSL_LOCAL char* wc_strtok(char *str, const char *delim, char **nextp);
#endif
/* Windows API defines its own min() macro. */
#if defined(USE_WINDOWS_API)
#if defined(min) || defined(WOLFSSL_MYSQL_COMPATIBLE)
@ -367,8 +418,13 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XGMTIME(c, t) gmtime((c))
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
#define XTIME(t1) mqx_time((t1))
#ifdef FREESCALE_MQX_4_0
#include <time.h>
extern time_t mqx_time(time_t* timer);
#else
#define HAVE_GMTIME_R
#endif
#define XTIME(t1) mqx_time((t1))
#elif defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS)
#include <time.h>
@ -378,7 +434,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif
#define XGMTIME(c, t) gmtime((c))
#elif defined(WOLFSSL_ATMEL)
#elif defined(WOLFSSL_ATMEL) && defined(WOLFSSL_ATMEL_TIME)
#define XTIME(t1) atmel_get_curr_time_and_date((t1))
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
@ -396,24 +452,46 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XTIME(t1) windows_time((t1))
#define WOLFSSL_GMTIME
#elif defined(WOLFSSL_APACHE_MYNEWT)
#include "os/os_time.h"
#define XTIME(t1) mynewt_time((t1))
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#define USE_WOLF_TIME_T
#else
/* default */
/* uses complete <time.h> facility */
#include <time.h>
#if defined(HAVE_SYS_TIME_H)
#include <sys/time.h>
#endif
/* PowerPC time_t is int */
#ifdef __PPC__
#define TIME_T_NOT_LONG
#define TIME_T_NOT_64BIT
#endif
#endif
#ifdef SIZEOF_TIME_T
/* check if size of time_t from autoconf is less than 8 bytes (64bits) */
#if SIZEOF_TIME_T < 8
#undef TIME_T_NOT_64BIT
#define TIME_T_NOT_64BIT
#endif
#endif
#ifdef TIME_T_NOT_LONG
/* one old reference to TIME_T_NOT_LONG in GCC-ARM example README
* this keeps support for the old macro name */
#undef TIME_T_NOT_64BIT
#define TIME_T_NOT_64BIT
#endif
/* Map default time functions */
#if !defined(XTIME) && !defined(TIME_OVERRIDES) && !defined(USER_TIME)
#define XTIME(tl) time((tl))
#endif
#if !defined(XGMTIME) && !defined(TIME_OVERRIDES)
#if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R)
#if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R) || defined(WOLF_C99)
#define XGMTIME(c, t) gmtime((c))
#else
#define XGMTIME(c, t) gmtime_r((c), (t))
@ -444,8 +522,18 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#if defined(USE_WOLF_TIME_T)
typedef long time_t;
#endif
#if defined(USE_WOLF_SUSECONDS_T)
typedef long suseconds_t;
#endif
#if defined(USE_WOLF_TIMEVAL_T)
struct timeval
{
time_t tv_sec;
suseconds_t tv_usec;
};
#endif
/* forward declarations */
/* forward declarations */
#if defined(USER_TIME)
struct tm* gmtime(const time_t* timer);
extern time_t XTIME(time_t * timer);
@ -465,6 +553,16 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif
#endif /* NO_ASN_TIME */
#ifndef WOLFSSL_LEANPSK
char* mystrnstr(const char* s1, const char* s2, unsigned int n);
#endif
#ifndef FILE_BUFFER_SIZE
#define FILE_BUFFER_SIZE 1024 /* default static file buffer size for input,
will use dynamic buffer if not big enough */
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

13
components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/wolfmath.h
View File

@ -1,12 +1,12 @@
/* wolfmath.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
@ -42,6 +42,14 @@
int get_rand_digit(WC_RNG* rng, mp_digit* d);
int mp_rand(mp_int* a, int digits, WC_RNG* rng);
enum {
/* format type */
WC_TYPE_HEX_STR = 1,
WC_TYPE_UNSIGNED_BIN = 2,
};
WOLFSSL_API int wc_export_int(mp_int* mp, byte* buf, word32* len,
word32 keySz, int encType);
#ifdef HAVE_WOLF_BIGINT
void wc_bigint_init(WC_BIGINT* a);
@ -52,6 +60,7 @@
void wc_bigint_free(WC_BIGINT* a);
int wc_mp_to_bigint(mp_int* src, WC_BIGINT* dst);
int wc_mp_to_bigint_sz(mp_int* src, WC_BIGINT* dst, word32 sz);
int wc_bigint_to_mp(WC_BIGINT* src, mp_int* dst);
#endif /* HAVE_WOLF_BIGINT */

117
components/ssl/wolfssl/wolfssl/wolfssl/wolfio.h
View File

@ -1,15 +1,18 @@
/* io.h
*
* Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved.
* Copyright (C) 2006-2018 wolfSSL Inc. All rights reserved.
*
* This file is part of wolfSSL.
*
* Contact licensing@wolfssl.com with any questions or comments.
*
* http://www.wolfssl.com
* https://www.wolfssl.com
*/
/*!
\file wolfssl/wolfio.h
*/
#ifndef WOLFSSL_IO_H
#define WOLFSSL_IO_H
@ -18,16 +21,19 @@
extern "C" {
#endif
/* OCSP and CRL_IO require HTTP client */
#if defined(HAVE_OCSP) || defined(HAVE_CRL_IO)
/* Micrium uses NetSock I/O callbacks in wolfio.c */
#if !defined(WOLFSSL_USER_IO)
/* OCSP and CRL_IO require HTTP client */
#if defined(HAVE_OCSP) || defined(HAVE_CRL_IO)
#ifndef HAVE_HTTP_CLIENT
#define HAVE_HTTP_CLIENT
#endif
#endif
#endif
#if !defined(WOLFSSL_USER_IO)
/* Micrium uses NetSock I/O callbacks in wolfio.c */
#if !defined(USE_WOLFSSL_IO) && !defined(MICRIUM)
#if !defined(USE_WOLFSSL_IO) && !defined(MICRIUM) && !defined(WOLFSSL_CONTIKI)
#define USE_WOLFSSL_IO
#endif
#endif
@ -40,7 +46,7 @@
#endif
#ifndef USE_WINDOWS_API
#ifdef WOLFSSL_LWIP
#if defined(WOLFSSL_LWIP) && !defined(WOLFSSL_APACHE_MYNEWT)
/* lwIP needs to be configured to use sockets API in this mode */
/* LWIP_SOCKET 1 in lwip/opt.h or in build */
#include "lwip/sockets.h"
@ -68,6 +74,9 @@
#elif defined(WOLFSSL_VXWORKS)
#include <sockLib.h>
#include <errno.h>
#elif defined(WOLFSSL_NUCLEUS_1_2)
#include <externs.h>
#include <errno.h>
#elif defined(WOLFSSL_ATMEL)
#include "socket/include/socket.h"
#elif defined(INTIME_RTOS)
@ -92,6 +101,8 @@
#include <sys/ioctl.h>
#elif defined(WOLFSSL_SGX)
#include <errno.h>
#elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP)
#include <mn_socket/mn_socket.h>
#elif !defined(WOLFSSL_NO_SOCK)
#include <sys/types.h>
#include <errno.h>
@ -105,7 +116,7 @@
#elif defined(EBSNET)
#include "rtipapi.h" /* errno */
#include "socket.h"
#elif !defined(DEVKITPRO) && !defined(WOLFSSL_PICOTCP)
#elif !defined(DEVKITPRO) && !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_CONTIKI)
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
@ -135,7 +146,6 @@
#define SOCKET_EPIPE WSAEPIPE
#define SOCKET_ECONNREFUSED WSAENOTCONN
#define SOCKET_ECONNABORTED WSAECONNABORTED
#define close(s) closesocket(s)
#elif defined(__PPU)
#define SOCKET_EWOULDBLOCK SYS_NET_EWOULDBLOCK
#define SOCKET_EAGAIN SYS_NET_EAGAIN
@ -187,6 +197,14 @@
#define SOCKET_EPIPE FREERTOS_SOCKET_ERROR
#define SOCKET_ECONNREFUSED FREERTOS_SOCKET_ERROR
#define SOCKET_ECONNABORTED FREERTOS_SOCKET_ERROR
#elif defined(WOLFSSL_NUCLEUS_1_2)
#define SOCKET_EWOULDBLOCK NU_WOULD_BLOCK
#define SOCKET_EAGAIN NU_WOULD_BLOCK
#define SOCKET_ECONNRESET NU_NOT_CONNECTED
#define SOCKET_EINTR NU_NOT_CONNECTED
#define SOCKET_EPIPE NU_NOT_CONNECTED
#define SOCKET_ECONNREFUSED NU_CONNECTION_REFUSED
#define SOCKET_ECONNABORTED NU_NOT_CONNECTED
#else
#define SOCKET_EWOULDBLOCK EWOULDBLOCK
#define SOCKET_EAGAIN EAGAIN
@ -198,13 +216,15 @@
#endif /* USE_WINDOWS_API */
#ifdef DEVKITPRO
/* from network.h */
int net_send(int, const void*, int, unsigned int);
int net_recv(int, void*, int, unsigned int);
#define SEND_FUNCTION net_send
#define RECV_FUNCTION net_recv
#elif defined(WOLFSSL_LWIP)
#elif defined(WOLFSSL_LWIP) && !defined(WOLFSSL_APACHE_MYNEWT)
#define SEND_FUNCTION lwip_send
#define RECV_FUNCTION lwip_recv
#elif defined(WOLFSSL_PICOTCP)
@ -216,6 +236,9 @@
#elif defined(WOLFSSL_VXWORKS)
#define SEND_FUNCTION send
#define RECV_FUNCTION recv
#elif defined(WOLFSSL_NUCLEUS_1_2)
#define SEND_FUNCTION NU_Send
#define RECV_FUNCTION NU_Recv
#else
#define SEND_FUNCTION send
#define RECV_FUNCTION recv
@ -250,6 +273,11 @@
typedef struct hostent HOSTENT;
#endif /* HAVE_SOCKADDR */
/* use gethostbyname for c99 */
#ifdef WOLF_C99
#undef HAVE_GETADDRINFO
#endif
#ifdef HAVE_GETADDRINFO
typedef struct addrinfo ADDRINFO;
#endif
@ -259,7 +287,7 @@
/* IO API's */
#ifdef HAVE_IO_TIMEOUT
WOLFSSL_API int wolfIO_SetBlockingMode(SOCKET_T sockfd, int non_blocking);
WOLFSSL_API void wolfIO_SetTimeout(int to_sec);;
WOLFSSL_API void wolfIO_SetTimeout(int to_sec);
WOLFSSL_API int wolfIO_Select(SOCKET_T sockfd, int to_sec);
#endif
WOLFSSL_API int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip,
@ -270,6 +298,28 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
#endif /* USE_WOLFSSL_IO || HAVE_HTTP_CLIENT */
#ifdef USE_WINDOWS_API
#ifndef CloseSocket
#define CloseSocket(s) closesocket(s)
#endif
#define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
#elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
#ifndef CloseSocket
extern int closesocket(int);
#define CloseSocket(s) closesocket(s)
#endif
#define StartTCP()
#else
#ifndef CloseSocket
#define CloseSocket(s) close(s)
#endif
#define StartTCP()
#ifdef FREERTOS_TCP_WINSIM
extern int close(int);
#endif
#endif
WOLFSSL_API int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx);
WOLFSSL_API int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
#if defined(USE_WOLFSSL_IO)
@ -334,8 +384,11 @@ WOLFSSL_API int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
/* I/O callbacks */
typedef int (*CallbackIORecv)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
typedef int (*CallbackIOSend)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
WOLFSSL_API void wolfSSL_SetIORecv(WOLFSSL_CTX*, CallbackIORecv);
WOLFSSL_API void wolfSSL_SetIOSend(WOLFSSL_CTX*, CallbackIOSend);
WOLFSSL_API void wolfSSL_CTX_SetIORecv(WOLFSSL_CTX*, CallbackIORecv);
WOLFSSL_API void wolfSSL_CTX_SetIOSend(WOLFSSL_CTX*, CallbackIOSend);
/* deprecated old name */
#define wolfSSL_SetIORecv wolfSSL_CTX_SetIORecv
#define wolfSSL_SetIOSend wolfSSL_CTX_SetIOSend
WOLFSSL_API void wolfSSL_SetIOReadCtx( WOLFSSL* ssl, void *ctx);
WOLFSSL_API void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *ctx);
@ -364,6 +417,46 @@ WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags);
WOLFSSL_LOCAL int MicriumSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx);
#endif /* MICRIUM */
#if defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP)
WOLFSSL_LOCAL int Mynewt_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx);
WOLFSSL_LOCAL int Mynewt_Send(WOLFSSL* ssl, char *buf, int sz, void *ctx);
WOLFSSL_API void wolfSSL_SetIO_Mynewt(WOLFSSL* ssl, struct mn_socket* mnSocket,
struct mn_sockaddr_in* mnSockAddrIn);
#endif /* defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) */
#ifdef WOLFSSL_UIP
struct uip_wolfssl_ctx {
union socket_connector {
struct tcp_socket tcp;
struct udp_socket udp;
} conn;
WOLFSSL_CTX *ctx;
WOLFSSL *ssl;
uint8_t *input_databuf;
uint8_t *output_databuf;
uint8_t *ssl_rx_databuf;
int ssl_rb_len;
int ssl_rb_off;
struct process *process;
tcp_socket_data_callback_t input_callback;
tcp_socket_event_callback_t event_callback;
int closing;
uip_ipaddr_t peer_addr;
uint16_t peer_port;
};
typedef struct uip_wolfssl_ctx uip_wolfssl_ctx;
WOLFSSL_LOCAL int uIPSend(WOLFSSL* ssl, char* buf, int sz, void* ctx);
WOLFSSL_LOCAL int uIPReceive(WOLFSSL* ssl, char* buf, int sz,
void* ctx);
WOLFSSL_LOCAL int uIPReceiveFrom(WOLFSSL* ssl, char* buf, int sz,
void* ctx);
WOLFSSL_LOCAL int uIPSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx);
#endif
#ifdef WOLFSSL_DTLS
typedef int (*CallbackGenCookie)(WOLFSSL* ssl, unsigned char* buf, int sz,
void* ctx);