diff --git a/include/wolfssl/ssl.h b/include/wolfssl/ssl.h index e69b127a..8f0dfe41 100644 --- a/include/wolfssl/ssl.h +++ b/include/wolfssl/ssl.h @@ -1,26 +1,17 @@ /* ssl.h * - * Copyright (C) 2006-2017 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved. * * This file is part of wolfSSL. * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. + * Contact licensing@wolfssl.com with any questions or comments. * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * http://www.wolfssl.com */ + /* wolfSSL API */ #ifndef WOLFSSL_SSL_H @@ -30,6 +21,7 @@ /* for users not using preprocessor flags*/ #include #include +#include #ifdef HAVE_WOLF_EVENT #include @@ -83,7 +75,7 @@ #define NO_OLD_WC_NAMES #endif -#elif defined(OPENSSL_EXTRA) +#elif (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) #include #include @@ -122,6 +114,8 @@ typedef struct WOLFSSL_CERT_MANAGER WOLFSSL_CERT_MANAGER; typedef struct WOLFSSL_SOCKADDR WOLFSSL_SOCKADDR; typedef struct WOLFSSL_CRL WOLFSSL_CRL; +typedef void *WOLFSSL_X509_STORE_CTX_verify_cb; /* verify callback */ + /* redeclare guard */ #define WOLFSSL_TYPES_DEFINED @@ -160,6 +154,7 @@ typedef struct WOLFSSL_X509_LOOKUP WOLFSSL_X509_LOOKUP; typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD; typedef struct WOLFSSL_X509_CRL WOLFSSL_X509_CRL; typedef struct WOLFSSL_X509_STORE WOLFSSL_X509_STORE; +typedef struct WOLFSSL_X509_VERIFY_PARAM WOLFSSL_X509_VERIFY_PARAM; typedef struct WOLFSSL_BIO WOLFSSL_BIO; typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD; typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION; @@ -171,7 +166,6 @@ typedef struct WOLFSSL_ASN1_STRING WOLFSSL_ASN1_STRING; typedef struct WOLFSSL_dynlock_value WOLFSSL_dynlock_value; typedef struct WOLFSSL_DH WOLFSSL_DH; typedef struct WOLFSSL_ASN1_BIT_STRING WOLFSSL_ASN1_BIT_STRING; -typedef unsigned char* WOLFSSL_BUF_MEM; #define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME #define WOLFSSL_ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME @@ -189,16 +183,87 @@ struct WOLFSSL_ASN1_TIME { /* ASN_TIME | LENGTH | date bytes */ }; -#ifndef WOLFSSL_EVP_PKEY_TYPE_DEFINED /* guard on redeclaration */ +struct WOLFSSL_ASN1_STRING { + int length; + int type; /* type of string i.e. CTC_UTF8 */ + char* data; + long flags; +}; + +#define WOLFSSL_MAX_SNAME 40 +struct WOLFSSL_ASN1_OBJECT { + void* heap; + unsigned char* obj; + /* sName is short name i.e sha256 rather than oid (null terminated) */ + char sName[WOLFSSL_MAX_SNAME]; + int type; /* oid */ + int grp; /* type of OID, i.e. oidCertPolicyType */ + unsigned int objSz; + unsigned char dynamic; /* if 1 then obj was dynamiclly created, 0 otherwise */ + struct d { /* derefrenced */ + WOLFSSL_ASN1_STRING ia5_internal; + WOLFSSL_ASN1_STRING* ia5; /* points to ia5_internal */ + } d; +}; + +struct WOLFSSL_EVP_PKEY { + void* heap; + int type; /* openssh dereference */ + int save_type; /* openssh dereference */ + int pkey_sz; + union { + char* ptr; /* der format of key / or raw for NTRU */ + } pkey; + #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) + #ifndef NO_RSA + WOLFSSL_RSA* rsa; + byte ownRsa; /* if struct owns RSA and should free it */ + #endif + #ifdef HAVE_ECC + WOLFSSL_EC_KEY* ecc; + byte ownEcc; /* if struct owns ECC and should free it */ + #endif + WC_RNG rng; + #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ + #ifdef HAVE_ECC + int pkey_curve; + #endif +}; +typedef struct WOLFSSL_EVP_PKEY WOLFSSL_PKCS8_PRIV_KEY_INFO; + +#ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */ typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY; -#define WOLFSSL_EVP_PKEY_TYPE_DEFINED +typedef char WOLFSSL_EVP_MD; +#define WOLFSSL_EVP_TYPE_DEFINED #endif -typedef struct WOLFSSL_MD4_CTX { - int buffer[32]; /* big enough to hold, check size in Init */ -} WOLFSSL_MD4_CTX; +#define WOLFSSL_EVP_PKEY_DEFAULT EVP_PKEY_RSA /* default key type */ +enum BIO_TYPE { + WOLFSSL_BIO_BUFFER = 1, + WOLFSSL_BIO_SOCKET = 2, + WOLFSSL_BIO_SSL = 3, + WOLFSSL_BIO_MEMORY = 4, + WOLFSSL_BIO_BIO = 5, + WOLFSSL_BIO_FILE = 6, + WOLFSSL_BIO_BASE64 = 7 +}; + +enum BIO_FLAGS { + WOLFSSL_BIO_FLAG_BASE64_NO_NL = 0x01, + WOLFSSL_BIO_FLAG_READ = 0x02, + WOLFSSL_BIO_FLAG_WRITE = 0x04, + WOLFSSL_BIO_FLAG_IO_SPECIAL = 0x08, + WOLFSSL_BIO_FLAG_RETRY = 0x10 +}; + +typedef struct WOLFSSL_BUF_MEM { + char* data; /* dereferenced */ + size_t length; /* current length */ + size_t max; /* maximum length */ +} WOLFSSL_BUF_MEM; + typedef struct WOLFSSL_COMP_METHOD { int type; /* stunnel dereference */ } WOLFSSL_COMP_METHOD; @@ -220,6 +285,15 @@ struct WOLFSSL_X509_STORE { #endif }; +#ifdef OPENSSL_EXTRA +#define WOLFSSL_USE_CHECK_TIME 0x2 +#define WOLFSSL_NO_CHECK_TIME 0x200000 +struct WOLFSSL_X509_VERIFY_PARAM { + time_t check_time; + unsigned long flags; +}; +#endif + typedef struct WOLFSSL_ALERT { int code; int level; @@ -251,20 +325,27 @@ typedef struct WOLFSSL_BUFFER_INFO { typedef struct WOLFSSL_X509_STORE_CTX { WOLFSSL_X509_STORE* store; /* Store full of a CA cert chain */ WOLFSSL_X509* current_cert; /* stunnel dereference */ + WOLFSSL_X509_CHAIN* sesChain; /* pointer to WOLFSSL_SESSION peer chain */ WOLFSSL_STACK* chain; +#ifdef OPENSSL_EXTRA + WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */ +#endif char* domain; /* subject CN domain name */ void* ex_data; /* external data, for fortress build */ void* userCtx; /* user ctx */ int error; /* current error */ - int error_depth; /* cert depth for this error */ + int error_depth; /* index of cert depth for this error */ int discardSessionCerts; /* so verify callback can flag for discard */ int totalCerts; /* number of peer cert buffers */ WOLFSSL_BUFFER_INFO* certs; /* peer certs */ + WOLFSSL_X509_STORE_CTX_verify_cb verify_cb; /* verify callback */ } WOLFSSL_X509_STORE_CTX; typedef char* WOLFSSL_STRING; -/* Valid Alert types from page 16/17 */ +/* Valid Alert types from page 16/17 + * Add alert string to the function wolfSSL_alert_type_string_long in src/ssl.c + */ enum AlertDescription { close_notify = 0, unexpected_message = 10, @@ -288,6 +369,7 @@ enum AlertDescription { protocol_version = 70, #endif no_renegotiation = 100, + unsupported_extension = 110, /**< RFC 5246, section 7.2.2 */ unrecognized_name = 112, /**< RFC 6066, section 3 */ bad_certificate_status_response = 113, /**< RFC 6066, section 8 */ no_application_protocol = 120 @@ -327,6 +409,7 @@ WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_client_method_ex(void* heap); WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_method(void); WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method(void); WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method(void); +WOLFSSL_API WOLFSSL_METHOD* wolfTLSv1_method(void); WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method(void); WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method(void); WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void); @@ -351,8 +434,13 @@ WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void); #ifdef WOLFSSL_SESSION_EXPORT #ifdef WOLFSSL_DTLS + +#ifndef WOLFSSL_DTLS_EXPORT_TYPES typedef int (*wc_dtls_export)(WOLFSSL* ssl, unsigned char* exportBuffer, unsigned int sz, void* userCtx); +#define WOLFSSL_DTLS_EXPORT_TYPES +#endif /* WOLFSSL_DTLS_EXPORT_TYPES */ + WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf, unsigned int sz); WOLFSSL_API int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx, @@ -394,6 +482,7 @@ WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, in WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl); WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx); +WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, int); WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*, int); WOLFSSL_API int wolfSSL_use_certificate_chain_file(WOLFSSL*, const char *file); @@ -493,6 +582,24 @@ WOLFSSL_API typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*); typedef int (pem_password_cb)(char*, int, int, void*); +#ifdef OPENSSL_EXTRA +typedef void (CallbackInfoState)(const WOLFSSL*, int, int); + +typedef struct WOLFSSL_CRYPTO_EX_DATA { + WOLFSSL_STACK* data; +} WOLFSSL_CRYPTO_EX_DATA; + +typedef int (WOLFSSL_CRYPTO_EX_new)(void* p, void* ptr, + WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); +typedef int (WOLFSSL_CRYPTO_EX_dup)(WOLFSSL_CRYPTO_EX_DATA* out, + WOLFSSL_CRYPTO_EX_DATA* in, void* inPtr, int idx, long argV, void* arg); +typedef void (WOLFSSL_CRYPTO_EX_free)(void* p, void* ptr, + WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); + +WOLFSSL_API int wolfSSL_get_ex_new_index(long argValue, void* arg, + WOLFSSL_CRYPTO_EX_new* a, WOLFSSL_CRYPTO_EX_dup* b, + WOLFSSL_CRYPTO_EX_free* c); +#endif WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int, VerifyCallback verify_callback); @@ -584,6 +691,11 @@ WOLFSSL_API int wolfSSL_sk_X509_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, WOLFSSL_X509* x509); WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_pop(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk); WOLFSSL_API void wolfSSL_sk_X509_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk); +WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_sk_GENERAL_NAME_value( + WOLFSSL_STACK* sk, int i); +WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_num(WOLFSSL_STACK* sk); +WOLFSSL_API void wolfSSL_sk_GENERAL_NAME_pop_free(WOLFSSL_STACK* sk, + void f (WOLFSSL_ASN1_OBJECT*)); WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void); WOLFSSL_API void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj); WOLFSSL_API int wolfSSL_sk_ASN1_OBJECT_push(WOLF_STACK_OF(WOLFSSL_ASN1_OBJEXT)* sk, @@ -616,8 +728,12 @@ WOLFSSL_API const char* wolfSSL_get_cipher(WOLFSSL*); WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl); /* what's ref count */ -WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*); +WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_new(void); + +#ifdef OPENSSL_EXTRA WOLFSSL_API void wolfSSL_OPENSSL_free(void*); +WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a); +#endif WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, char** path, int* ssl); @@ -626,14 +742,12 @@ WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); -WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX*); -WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX*, const void*, unsigned long); -WOLFSSL_API void wolfSSL_MD4_Final(unsigned char*, WOLFSSL_MD4_CTX*); - - WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*); WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*); +WOLFSSL_API int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz); +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_next(WOLFSSL_BIO* bio); +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_find_type(WOLFSSL_BIO* bio, int type); WOLFSSL_API int wolfSSL_BIO_read(WOLFSSL_BIO*, void*, int); WOLFSSL_API int wolfSSL_BIO_write(WOLFSSL_BIO*, const void*, int); WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO*, WOLFSSL_BIO* append); @@ -689,14 +803,14 @@ WOLFSSL_API int wolfSSL_RAND_write_file(const char*); WOLFSSL_API int wolfSSL_RAND_load_file(const char*, long); WOLFSSL_API int wolfSSL_RAND_egd(const char*); WOLFSSL_API int wolfSSL_RAND_seed(const void*, int); +WOLFSSL_API void wolfSSL_RAND_Cleanup(void); WOLFSSL_API void wolfSSL_RAND_add(const void*, int, double); WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void); WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void); WOLFSSL_API int wolfSSL_COMP_add_compression_method(int, void*); -WOLFSSL_API int wolfSSL_get_ex_new_index(long, void*, void*, void*, void*); - +WOLFSSL_API unsigned long wolfSSL_thread_id(void); WOLFSSL_API void wolfSSL_set_id_callback(unsigned long (*f)(void)); WOLFSSL_API void wolfSSL_set_locking_callback(void (*f)(int, int, const char*, int)); @@ -713,6 +827,11 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get_current_cert( WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error(WOLFSSL_X509_STORE_CTX*); WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error_depth(WOLFSSL_X509_STORE_CTX*); +WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_verify_cb(WOLFSSL_X509_STORE_CTX *ctx, + WOLFSSL_X509_STORE_CTX_verify_cb verify_cb); +WOLFSSL_API int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* n, + unsigned char** out); +WOLFSSL_API int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, char*, int); WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*); WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*); @@ -732,7 +851,12 @@ WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID( WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_NID( WOLFSSL_X509_NAME*, int, int); WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY*); -WOLFSSL_API char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); +WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void); +WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type); +WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); +WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, + const void* data, int dataSz); +WOLFSSL_API unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*); WOLFSSL_API const char* wolfSSL_X509_verify_cert_error_string(long); @@ -769,16 +893,25 @@ WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL* WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509*); WOLFSSL_API int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKEY*); -WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX*, - int); WOLFSSL_API void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT*); +WOLFSSL_API WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_d2i_PKCS8_PKEY_bio( + WOLFSSL_BIO* bio, WOLFSSL_PKCS8_PRIV_KEY_INFO** pkey); +WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio, + WOLFSSL_EVP_PKEY** out); +WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** key, + unsigned char** in, long inSz); WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, WOLFSSL_EVP_PKEY** out, const unsigned char **in, long inSz); +WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new_ex(void* heap); WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new(void); WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*); WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*); WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*); - +#ifdef OPENSSL_EXTRA +WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX*, + unsigned long flags, + time_t t); +#endif WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*); WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value( WOLFSSL_X509_REVOKED*,int); @@ -786,6 +919,8 @@ WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509*); WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO*, const WOLFSSL_ASN1_TIME*); +WOLFSSL_API char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, + char* buf, int len); WOLFSSL_API int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER*, const WOLFSSL_ASN1_INTEGER*); WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER*); @@ -794,6 +929,8 @@ WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER*); WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai, WOLFSSL_BIGNUM *bn); WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*); +WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME*, time_t, + int, long); #endif WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list( @@ -802,6 +939,8 @@ WOLFSSL_API void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX*, WOLF_STACK_OF(WOLFSSL_X509_NAME)*); WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX*, int); WOLFSSL_API int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void); +WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error( + WOLFSSL_X509_STORE_CTX* ctx, int er); WOLFSSL_API void* wolfSSL_get_ex_data(const WOLFSSL*, int); WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX*, @@ -816,9 +955,9 @@ WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX*, WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void); WOLFSSL_API int wolfSSL_GET_REASON(int); -WOLFSSL_API char* wolfSSL_alert_type_string_long(int); -WOLFSSL_API char* wolfSSL_alert_desc_string_long(int); -WOLFSSL_API char* wolfSSL_state_string_long(const WOLFSSL*); +WOLFSSL_API const char* wolfSSL_alert_type_string_long(int); +WOLFSSL_API const char* wolfSSL_alert_desc_string_long(int); +WOLFSSL_API const char* wolfSSL_state_string_long(const WOLFSSL*); WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*); @@ -850,9 +989,13 @@ WOLFSSL_API int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX*, int v); WOLFSSL_API long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX*, void* arg); WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg( WOLFSSL_CTX*, void* arg); +WOLFSSL_API int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX*, WOLFSSL_X509*); +WOLFSSL_API int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX*, char*); +WOLFSSL_API int wolfSSL_CTX_set_srp_username(WOLFSSL_CTX*, char*); -WOLFSSL_API unsigned long wolfSSL_set_options(WOLFSSL *s, unsigned long op); -WOLFSSL_API unsigned long wolfSSL_get_options(const WOLFSSL *s); +WOLFSSL_API long wolfSSL_set_options(WOLFSSL *s, long op); +WOLFSSL_API long wolfSSL_get_options(const WOLFSSL *s); +WOLFSSL_API long wolfSSL_clear_options(WOLFSSL *s, long op); WOLFSSL_API long wolfSSL_clear_num_renegotiations(WOLFSSL *s); WOLFSSL_API long wolfSSL_total_renegotiations(WOLFSSL *s); WOLFSSL_API long wolfSSL_set_tmp_dh(WOLFSSL *s, WOLFSSL_DH *dh); @@ -945,6 +1088,7 @@ enum { SSL_ST_CONNECT = 0x1000, SSL_ST_ACCEPT = 0x2000, + SSL_ST_MASK = 0x0FFF, SSL_CB_LOOP = 0x01, SSL_CB_EXIT = 0x02, @@ -959,6 +1103,8 @@ enum { SSL_CB_ACCEPT_EXIT = (SSL_ST_ACCEPT | SSL_CB_EXIT), SSL_CB_CONNECT_LOOP = (SSL_ST_CONNECT | SSL_CB_LOOP), SSL_CB_CONNECT_EXIT = (SSL_ST_CONNECT | SSL_CB_EXIT), + SSL_CB_MODE_READ = 1, + SSL_CB_MODE_WRITE = 2, SSL_MODE_ENABLE_PARTIAL_WRITE = 2, @@ -1019,6 +1165,8 @@ enum { X509_V_ERR_NO_EXPLICIT_POLICY, X509_V_ERR_UNNESTED_RESOURCE, + X509_R_CERT_ALREADY_IN_HASH_TABLE, + XN_FLAG_SPC_EQ = (1 << 23), XN_FLAG_ONELINE = 0, XN_FLAG_RFC2253 = 1, @@ -1204,6 +1352,9 @@ enum { #endif +WOLFSSL_API void wolfSSL_ERR_put_error(int lib, int fun, int err, + const char* file, int line); +WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line(const char**, int*); WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line_data(const char**, int*, const char**, int *); @@ -1212,11 +1363,15 @@ WOLFSSL_API void wolfSSL_ERR_clear_error(void); WOLFSSL_API int wolfSSL_RAND_status(void); +WOLFSSL_API int wolfSSL_RAND_pseudo_bytes(unsigned char* buf, int num); WOLFSSL_API int wolfSSL_RAND_bytes(unsigned char* buf, int num); WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method(void); WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long); +WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx); +WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long); + #ifndef NO_CERTS - WOLFSSL_API int wolfSSL_CTX_check_private_key(WOLFSSL_CTX*); + WOLFSSL_API int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX*); #endif /* !NO_CERTS */ WOLFSSL_API void wolfSSL_ERR_free_strings(void); @@ -1236,6 +1391,7 @@ WOLFSSL_API int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX*, const unsigned char*, unsigned int); WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl); +WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*); WOLFSSL_API int wolfSSL_want_read(WOLFSSL*); WOLFSSL_API int wolfSSL_want_write(WOLFSSL*); @@ -1285,11 +1441,6 @@ WOLFSSL_API const char* wolfSSL_lib_version(void); /* which library version do we have in hex */ WOLFSSL_API unsigned int wolfSSL_lib_version_hex(void); -/* turn logging on, only if compiled in */ -WOLFSSL_API int wolfSSL_Debugging_ON(void); -/* turn logging off */ -WOLFSSL_API void wolfSSL_Debugging_OFF(void); - /* do accept or connect depedning on side */ WOLFSSL_API int wolfSSL_negotiate(WOLFSSL* ssl); /* turn on wolfSSL data compression */ @@ -1314,7 +1465,8 @@ WOLFSSL_API unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN*, int idx); /* index cert in X509 */ WOLFSSL_API WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN*, int idx); /* free X509 */ -WOLFSSL_API void wolfSSL_FreeX509(WOLFSSL_X509*); +#define wolfSSL_FreeX509(x509) wolfSSL_X509_free((x509)) +WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*); /* get index cert in PEM */ WOLFSSL_API int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN*, int idx, unsigned char* buf, int inLen, int* outLen); @@ -1330,8 +1482,11 @@ WOLFSSL_API int wolfSSL_cmp_peer_cert_to_file(WOLFSSL*, const char*); WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*); +WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509, + const unsigned char** in, int len); WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len); +WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out); #ifndef NO_FILESYSTEM #ifndef NO_STDIO_FILESYSTEM WOLFSSL_API WOLFSSL_X509* @@ -1362,7 +1517,12 @@ typedef struct WC_PKCS12 WC_PKCS12; WOLFSSL_API WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, WC_PKCS12** pkcs12); WOLFSSL_API int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, - WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, WOLF_STACK_OF(WOLFSSL_X509)** ca); + WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, + WOLF_STACK_OF(WOLFSSL_X509)** ca); +WOLFSSL_API WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name, + WOLFSSL_EVP_PKEY* pkey, WOLFSSL_X509* cert, + WOLF_STACK_OF(WOLFSSL_X509)* ca, + int keyNID, int certNID, int itt, int macItt, int keytype); WOLFSSL_API void wolfSSL_PKCS12_PBE_add(void); @@ -1425,7 +1585,8 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, #include #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM) && \ !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_ROWLEY_ARM) && \ - !defined(WOLFSSL_EMBOS) && !defined(WOLFSSL_FROSTED) + !defined(WOLFSSL_EMBOS) && !defined(WOLFSSL_FROSTED) && \ + !defined(WOLFSSL_CHIBIOS) #include #endif /* allow writev style writing */ @@ -1513,6 +1674,7 @@ enum { WOLFSSL_TLSV1 = 1, WOLFSSL_TLSV1_1 = 2, WOLFSSL_TLSV1_2 = 3, + WOLFSSL_TLSV1_3 = 4, WOLFSSL_USER_CA = 1, /* user added as trusted */ WOLFSSL_CHAIN_CA = 2 /* added to cache from trusted chain */ }; @@ -1526,6 +1688,7 @@ WOLFSSL_API int wolfSSL_CTX_GetObjectSize(void); WOLFSSL_API int wolfSSL_METHOD_GetObjectSize(void); WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int); WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetVersion(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version); WOLFSSL_API int wolfSSL_KeyPemToDer(const unsigned char*, int, unsigned char*, int, const char*); @@ -1608,7 +1771,9 @@ enum BulkCipherAlgorithm { wolfssl_des, wolfssl_triple_des, /* leading 3 (3des) not valid identifier */ wolfssl_des40, +#ifdef HAVE_IDEA wolfssl_idea, +#endif wolfssl_aes, wolfssl_aes_gcm, wolfssl_aes_ccm, @@ -1655,6 +1820,19 @@ WOLFSSL_API void wolfSSL_CTX_SetEccSharedSecretCb(WOLFSSL_CTX*, CallbackEccShar WOLFSSL_API void wolfSSL_SetEccSharedSecretCtx(WOLFSSL* ssl, void *ctx); WOLFSSL_API void* wolfSSL_GetEccSharedSecretCtx(WOLFSSL* ssl); +#ifndef NO_DH +/* Public DH Key Callback support */ +struct DhKey; +typedef int (*CallbackDhAgree)(WOLFSSL* ssl, struct DhKey* key, + const unsigned char* priv, unsigned int privSz, + const unsigned char* otherPubKeyDer, unsigned int otherPubKeySz, + unsigned char* out, unsigned int* outlen, + void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX*, CallbackDhAgree); +WOLFSSL_API void wolfSSL_SetDhAgreeCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl); +#endif /* !NO_DH */ + struct ed25519_key; typedef int (*CallbackEd25519Sign)(WOLFSSL* ssl, const unsigned char* in, unsigned int inSz, @@ -1854,8 +2032,10 @@ WOLFSSL_API int wolfSSL_CTX_UseClientSuites(WOLFSSL_CTX* ctx); WOLFSSL_API int wolfSSL_UseClientSuites(WOLFSSL* ssl); /* async additions */ -WOLFSSL_API int wolfSSL_UseAsync(WOLFSSL*, int devId); -WOLFSSL_API int wolfSSL_CTX_UseAsync(WOLFSSL_CTX*, int devId); +#define wolfSSL_UseAsync wolfSSL_SetDevId +#define wolfSSL_CTX_UseAsync wolfSSL_CTX_SetDevId +WOLFSSL_API int wolfSSL_SetDevId(WOLFSSL*, int devId); +WOLFSSL_API int wolfSSL_CTX_SetDevId(WOLFSSL_CTX*, int devId); /* helpers to get device id and heap */ WOLFSSL_API int wolfSSL_CTX_GetDevId(WOLFSSL_CTX* ctx, WOLFSSL* ssl); @@ -1895,6 +2075,11 @@ WOLFSSL_API void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, unsigned char type, unsigned char options); WOLFSSL_API void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx, unsigned char type, unsigned char options); +WOLFSSL_API int wolfSSL_SNI_GetFromBuffer( + const unsigned char* clientHello, unsigned int helloSz, + unsigned char type, unsigned char* sni, unsigned int* inOutSz); + +#endif /* NO_WOLFSSL_SERVER */ /* SNI status */ enum { @@ -1908,12 +2093,8 @@ WOLFSSL_API unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type); WOLFSSL_API unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl, unsigned char type, void** data); -WOLFSSL_API int wolfSSL_SNI_GetFromBuffer( - const unsigned char* clientHello, unsigned int helloSz, - unsigned char type, unsigned char* sni, unsigned int* inOutSz); -#endif -#endif +#endif /* HAVE_SNI */ /* Application-Layer Protocol Negotiation */ #ifdef HAVE_ALPN @@ -2231,13 +2412,56 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, WOLFSSL_API void wolfSSL_cert_service(void); #endif -#if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) -WOLFSSL_API char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* time, - char* buf, int len); -#endif /* WOLFSSL_MYSQL_COMPATIBLE */ +#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) +/* Smaller subset of X509 compatibility functions. Avoid increasing the size of + * this subset and its memory usage */ + +#include +struct WOLFSSL_X509_NAME_ENTRY { + WOLFSSL_ASN1_OBJECT* object; /* not defined yet */ + WOLFSSL_ASN1_STRING data; + WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ + int nid; /* i.e. ASN_COMMON_NAME */ + int set; + int size; +}; +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ #ifdef OPENSSL_EXTRA +enum { + WOLFSSL_SYS_ACCEPT = 0, + WOLFSSL_SYS_BIND, + WOLFSSL_SYS_CONNECT, + WOLFSSL_SYS_FOPEN, + WOLFSSL_SYS_FREAD, + WOLFSSL_SYS_GETADDRINFO, + WOLFSSL_SYS_GETSOCKOPT, + WOLFSSL_SYS_GETSOCKNAME, + WOLFSSL_SYS_GETHOSTBYNAME, + WOLFSSL_SYS_GETNAMEINFO, + WOLFSSL_SYS_GETSERVBYNAME, + WOLFSSL_SYS_IOCTLSOCKET, + WOLFSSL_SYS_LISTEN, + WOLFSSL_SYS_OPENDIR, + WOLFSSL_SYS_SETSOCKOPT, + WOLFSSL_SYS_SOCKET +}; + +/* Object functions */ +WOLFSSL_API const char * wolfSSL_OBJ_nid2sn(int n); +WOLFSSL_API int wolfSSL_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o); +WOLFSSL_API int wolfSSL_OBJ_sn2nid(const char *sn); + +WOLFSSL_API char* wolfSSL_OBJ_nid2ln(int n); +WOLFSSL_API int wolfSSL_OBJ_txt2nid(const char *sn); + +WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj(int n); +WOLFSSL_API int wolfSSL_OBJ_obj2txt(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a, int no_name); + +WOLFSSL_API void wolfSSL_OBJ_cleanup(void); +/* end of object functions */ + #ifndef NO_FILESYSTEM WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c); WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp); @@ -2248,6 +2472,14 @@ WOLFSSL_API long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt); WOLFSSL_API long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt,void* pt); #ifndef NO_CERTS +WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID( + WOLFSSL_X509_NAME_ENTRY** out, int nid, int type, + unsigned char* data, int dataSz); +WOLFSSL_API int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name, + WOLFSSL_X509_NAME_ENTRY* entry, int idx, int set); +WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x, + const WOLFSSL_X509_NAME* y); +WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void); WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl); WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c, int* idx); @@ -2274,7 +2506,9 @@ WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str); -WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509); +WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); +WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, + WOLFSSL_X509** x509); WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx); WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b); @@ -2291,28 +2525,25 @@ WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX /*lighttp compatibility */ -#include -struct WOLFSSL_X509_NAME_ENTRY { - WOLFSSL_ASN1_OBJECT* object; /* not defined yet */ - WOLFSSL_ASN1_STRING data; - WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ - int set; - int size; +struct WOLFSSL_ASN1_BIT_STRING { + int length; + int type; + char* data; + long flags; }; + #if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) \ || defined(HAVE_STUNNEL) \ || defined(WOLFSSL_NGINX) \ || defined(WOLFSSL_HAPROXY) \ || defined(OPENSSL_EXTRA) -WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name); +WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne); +WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void); +WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name); WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x); WOLFSSL_API int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name); /* These are to be merged shortly */ -WOLFSSL_API const char * wolfSSL_OBJ_nid2sn(int n); -WOLFSSL_API int wolfSSL_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o); -WOLFSSL_API int wolfSSL_OBJ_sn2nid(const char *sn); -WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); WOLFSSL_API void wolfSSL_set_verify_depth(WOLFSSL *ssl,int depth); WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl); WOLFSSL_API int wolfSSL_set_app_data(WOLFSSL *ssl, void *arg); @@ -2320,6 +2551,7 @@ WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X50 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc); WOLFSSL_API void wolfSSL_sk_X509_NAME_pop_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, void f (WOLFSSL_X509_NAME*)); WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md); +WOLFSSL_API unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, unsigned char *md); WOLFSSL_API int wolfSSL_X509_check_private_key(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*); WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk ); @@ -2332,23 +2564,21 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( WOLF_STACK_OF || defined(WOLFSSL_HAPROXY) \ || defined(OPENSSL_EXTRA) -WOLFSSL_API char* wolfSSL_OBJ_nid2ln(int n); -WOLFSSL_API int wolfSSL_OBJ_txt2nid(const char *sn); WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode); WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*); WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp, WOLFSSL_DH **x, pem_password_cb *cb, void *u); WOLFSSL_API WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x, pem_password_cb *cb, void *u); +WOLFSSL_API int wolfSSL_PEM_write_bio_X509_REQ(WOLFSSL_BIO *bp,WOLFSSL_X509 *x); +WOLFSSL_API int wolfSSL_PEM_write_bio_X509_AUX(WOLFSSL_BIO *bp,WOLFSSL_X509 *x); WOLFSSL_API int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x); -WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx); - - #endif /* HAVE_STUNNEL || HAVE_LIGHTY */ -#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ + defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) #include @@ -2358,6 +2588,9 @@ typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg); WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), void *(*r) (void *, size_t, const char *, int), void (*f) (void *)); +WOLFSSL_API void wolfSSL_CRYPTO_cleanup_all_ex_data(void); + +WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn); WOLFSSL_API WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator, void (*callback) (int, int, void *), void *cb_arg); @@ -2398,8 +2631,6 @@ WOLFSSL_API void* wolfSSL_sk_X509_NAME_value(const WOLF_STACK_OF(WOLFSSL_X509_NA WOLFSSL_API void* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)*, int); -WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*); - WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int); WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*); @@ -2434,8 +2665,6 @@ WOLFSSL_API void WOLFSSL_ERR_remove_thread_state(void*); WOLFSSL_API void wolfSSL_print_all_errors_fp(XFILE *fp); #endif -WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long); - WOLFSSL_API void wolfSSL_THREADID_set_callback(void (*threadid_func)(void*)); WOLFSSL_API void wolfSSL_THREADID_set_numeric(void* id, unsigned long val); @@ -2475,14 +2704,21 @@ WOLFSSL_API int wolfSSL_CTX_set_msg_callback(WOLFSSL_CTX *ctx, SSL_Msg_Cb cb); WOLFSSL_API int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb); WOLFSSL_API int wolfSSL_CTX_set_msg_callback_arg(WOLFSSL_CTX *ctx, void* arg); WOLFSSL_API int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg); -#endif - -#ifdef OPENSSL_EXTRA WOLFSSL_API unsigned long wolfSSL_ERR_peek_error_line_data(const char **file, int *line, const char **data, int *flags); +WOLFSSL_API int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, + const unsigned char *protos, unsigned int protos_len); +WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data, + size_t siz, const char* file, int line); +WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); #endif -#if defined WOLFSSL_NGINX || defined WOLFSSL_HAPROXY +#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ + defined(OPENSSL_EXTRA) +WOLFSSL_API void wolfSSL_OPENSSL_config(char *config_name); +#endif + +#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) /* Not an OpenSSL API. */ WOLFSSL_LOCAL int wolfSSL_get_ocsp_response(WOLFSSL* ssl, byte** response); /* Not an OpenSSL API. */ @@ -2491,7 +2727,6 @@ WOLFSSL_LOCAL char* wolfSSL_get_ocsp_url(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url); WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl); -WOLFSSL_API void wolfSSL_OPENSSL_config(char *config_name); WOLFSSL_API int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a, void *b, void *c); WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx); @@ -2596,8 +2831,6 @@ WOLFSSL_API void *X509_get0_tbs_sigalg(const WOLFSSL_X509 *x); WOLFSSL_API void X509_ALGOR_get0(WOLFSSL_ASN1_OBJECT **paobj, int *pptype, const void **ppval, const void *algor); WOLFSSL_API void *X509_get_X509_PUBKEY(void * x); WOLFSSL_API int X509_PUBKEY_get0_param(WOLFSSL_ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, void **pa, WOLFSSL_EVP_PKEY *pub); -WOLFSSL_API int EVP_PKEY_bits(WOLFSSL_EVP_PKEY *pkey); -WOLFSSL_API int i2d_X509(WOLFSSL_X509 *x, unsigned char **out); WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a); WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength)); WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); @@ -2606,6 +2839,8 @@ WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const void * p); WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st); WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx); WOLFSSL_API void ERR_load_SSL_strings(void); +WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p); + #endif /* OPENSSL_EXTRA */ #ifdef __cplusplus diff --git a/include/wolfssl/version.h b/include/wolfssl/version.h index 075f9e4c..66cc4388 100644 --- a/include/wolfssl/version.h +++ b/include/wolfssl/version.h @@ -1,25 +1,16 @@ /* wolfssl_version.h.in * - * Copyright (C) 2006-2017 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved. * * This file is part of wolfSSL. * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. + * Contact licensing@wolfssl.com with any questions or comments. * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * http://www.wolfssl.com */ + #ifndef WOLFSSL_VERSION_H #define WOLFSSL_VERSION_H @@ -28,8 +19,8 @@ extern "C" { #endif -#define LIBWOLFSSL_VERSION_STRING "3.12.2" -#define LIBWOLFSSL_VERSION_HEX 0x03012002 +#define LIBWOLFSSL_VERSION_STRING "3.14.0" +#define LIBWOLFSSL_VERSION_HEX 0x03014000 #ifdef __cplusplus } diff --git a/include/wolfssl/wolfcrypt/logging.h b/include/wolfssl/wolfcrypt/logging.h new file mode 100644 index 00000000..8be8f141 --- /dev/null +++ b/include/wolfssl/wolfcrypt/logging.h @@ -0,0 +1,117 @@ +/* logging.h + * + * Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved. + * + * This file is part of wolfSSL. + * + * Contact licensing@wolfssl.com with any questions or comments. + * + * http://www.wolfssl.com + */ + + + +/* submitted by eof */ + + +#ifndef WOLFSSL_LOGGING_H +#define WOLFSSL_LOGGING_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +enum wc_LogLevels { + ERROR_LOG = 0, + INFO_LOG, + ENTER_LOG, + LEAVE_LOG, + OTHER_LOG +}; + +typedef void (*wolfSSL_Logging_cb)(const int logLevel, + const char *const logMessage); + +WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function); + +/* turn logging on, only if compiled in */ +WOLFSSL_API int wolfSSL_Debugging_ON(void); +/* turn logging off */ +WOLFSSL_API void wolfSSL_Debugging_OFF(void); + + +#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) + WOLFSSL_LOCAL int wc_LoggingInit(void); + WOLFSSL_LOCAL int wc_LoggingCleanup(void); + WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf, + char* file); + WOLFSSL_LOCAL int wc_PeekErrorNode(int index, const char **file, + const char **reason, int *line); + WOLFSSL_LOCAL void wc_RemoveErrorNode(int index); + WOLFSSL_LOCAL void wc_ClearErrorNodes(void); + WOLFSSL_LOCAL int wc_PullErrorNode(const char **file, const char **reason, + int *line); + WOLFSSL_API int wc_SetLoggingHeap(void* h); + WOLFSSL_API int wc_ERR_remove_state(void); + #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) + WOLFSSL_API void wc_ERR_print_errors_fp(FILE* fp); + #endif +#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */ + + +#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_DEBUG_ERRORS_ONLY) + #if defined(_WIN32) + #if defined(INTIME_RTOS) + #define __func__ NULL + #else + #define __func__ __FUNCTION__ + #endif + #endif + + /* a is prepended to m and b is appended, creating a log msg a + m + b */ + #define WOLFSSL_LOG_CAT(a, m, b) #a " " m " " #b + + WOLFSSL_API void WOLFSSL_ENTER(const char* msg); + WOLFSSL_API void WOLFSSL_LEAVE(const char* msg, int ret); + #define WOLFSSL_STUB(m) \ + WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented)) + + WOLFSSL_API void WOLFSSL_MSG(const char* msg); + WOLFSSL_API void WOLFSSL_BUFFER(const byte* buffer, word32 length); + +#else + + #define WOLFSSL_ENTER(m) + #define WOLFSSL_LEAVE(m, r) + #define WOLFSSL_STUB(m) + + #define WOLFSSL_MSG(m) + #define WOLFSSL_BUFFER(b, l) + +#endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */ + +#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) + + #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) + WOLFSSL_API void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line, + const char* file, void* ctx); + #define WOLFSSL_ERROR(x) \ + WOLFSSL_ERROR_LINE((x), __func__, __LINE__, __FILE__, NULL) + #else + WOLFSSL_API void WOLFSSL_ERROR(int err); + #endif + WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg); + +#else + #define WOLFSSL_ERROR(e) + #define WOLFSSL_ERROR_MSG(m) +#endif + +#ifdef __cplusplus +} +#endif +#endif /* WOLFSSL_LOGGING_H */ + diff --git a/include/wolfssl/wolfcrypt/settings.h b/include/wolfssl/wolfcrypt/settings.h index b23b838d..5a22416b 100644 --- a/include/wolfssl/wolfcrypt/settings.h +++ b/include/wolfssl/wolfcrypt/settings.h @@ -1,25 +1,16 @@ /* settings.h * - * Copyright (C) 2006-2017 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved. * * This file is part of wolfSSL. * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. + * Contact licensing@wolfssl.com with any questions or comments. * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * http://www.wolfssl.com */ + /* Place OS specific preprocessor flags, defines, includes here, will be included into every file because types.h includes it */ @@ -442,6 +433,11 @@ #define USE_CERT_BUFFERS_2048 #endif +#ifdef WOLFSSL_CHIBIOS + /* ChibiOS definitions. This file is distributed with chibiOS. */ + #include "wolfssl_chibios.h" +#endif + #ifdef WOLFSSL_NRF5x #define SIZEOF_LONG 4 #define SIZEOF_LONG_LONG 8 @@ -538,7 +534,8 @@ extern void uITRON4_free(void *p) ; #include "FreeRTOS.h" /* FreeRTOS pvPortRealloc() only in AVR32_UC3 port */ - #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) + #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \ + !defined(WOLFSSL_STATIC_MEMORY) #define XMALLOC(s, h, type) pvPortMalloc((s)) #define XFREE(p, h, type) vPortFree((p)) #endif @@ -569,20 +566,19 @@ extern void uITRON4_free(void *p) ; #endif #ifdef FREERTOS_TCP + #if !defined(NO_WOLFSSL_MEMORY) && !defined(XMALLOC_USER) && \ + !defined(WOLFSSL_STATIC_MEMORY) + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #endif -#if !defined(NO_WOLFSSL_MEMORY) && !defined(XMALLOC_USER) -#define XMALLOC(s, h, type) pvPortMalloc((s)) -#define XFREE(p, h, type) vPortFree((p)) -#endif - -#define WOLFSSL_GENSEED_FORTEST - -#define NO_WOLFSSL_DIR -#define NO_WRITEV -#define USE_FAST_MATH -#define TFM_TIMING_RESISTANT -#define NO_MAIN_DRIVER + #define WOLFSSL_GENSEED_FORTEST + #define NO_WOLFSSL_DIR + #define NO_WRITEV + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define NO_MAIN_DRIVER #endif #ifdef WOLFSSL_TIRTOS @@ -591,6 +587,8 @@ extern void uITRON4_free(void *p) ; #define NO_WOLFSSL_DIR #define USE_FAST_MATH #define TFM_TIMING_RESISTANT + #define ECC_TIMING_RESISTANT + #define WC_RSA_BLINDING #define NO_DEV_RANDOM #define NO_FILESYSTEM #define USE_CERT_BUFFERS_2048 @@ -598,6 +596,7 @@ extern void uITRON4_free(void *p) ; #define USER_TIME #define HAVE_ECC #define HAVE_ALPN + #define USE_WOLF_STRTOK /* use with HAVE_ALPN */ #define HAVE_TLS_EXTENSIONS #define HAVE_AESGCM #define HAVE_SUPPORTED_CURVES @@ -985,8 +984,6 @@ extern void uITRON4_free(void *p) ; #define NO_WOLFSSL_DIR #undef NO_RABBIT #define NO_RABBIT - #undef NO_64BIT - #define NO_64BIT #ifndef NO_STM32_RNG #undef STM32_RNG #define STM32_RNG @@ -1175,6 +1172,27 @@ extern void uITRON4_free(void *p) ; #endif #endif /*(WOLFSSL_XILINX_CRYPT)*/ +#ifdef WOLFSSL_IMX6 + #ifndef SIZEOF_LONG_LONG + #define SIZEOF_LONG_LONG 8 + #endif +#endif + +/* if defined turn on all CAAM support */ +#ifdef WOLFSSL_IMX6_CAAM + #undef WOLFSSL_IMX6_CAAM_RNG + #define WOLFSSL_IMX6_CAAM_RNG + + #undef WOLFSSL_IMX6_CAAM_BLOB + #define WOLFSSL_IMX6_CAAM_BLOB + +#if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_XTS) + /* large performance gain with HAVE_AES_ECB defined */ + #undef HAVE_AES_ECB + #define HAVE_AES_ECB +#endif +#endif + #if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ !defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) && \ !defined(XMALLOC_OVERRIDE) @@ -1205,11 +1223,21 @@ extern void uITRON4_free(void *p) ; #ifdef WOLFSSL_SGX #ifdef _MSC_VER - #define WOLFCRYPT_ONLY #define NO_RC4 - #define NO_DES3 - #define NO_SHA - #define NO_MD5 + #ifndef HAVE_FIPS + #define WOLFCRYPT_ONLY + #define NO_DES3 + #define NO_SHA + #define NO_MD5 + #else + #define TFM_TIMING_RESISTANT + #define NO_WOLFSSL_DIR + #define NO_FILESYSTEM + #define NO_WRITEV + #define NO_MAIN_DRIVER + #define WOLFSSL_LOG_PRINTF + #define WOLFSSL_DH_CONST + #endif #else #define HAVE_ECC #define ECC_TIMING_RESISTANT @@ -1221,7 +1249,7 @@ extern void uITRON4_free(void *p) ; #define WOLFSSL_LOG_PRINTF #define WOLFSSL_DH_CONST #endif /* _MSC_VER */ - #ifndef NO_RSA + #if !defined(HAVE_FIPS) && !defined(NO_RSA) #define WC_RSA_BLINDING #endif #define SINGLE_THREADED @@ -1283,7 +1311,7 @@ extern void uITRON4_free(void *p) ; /* user can specify what curves they want with ECC_USER_CURVES otherwise * all curves are on by default for now */ #ifndef ECC_USER_CURVES - #ifndef HAVE_ALL_CURVES + #if !defined(WOLFSSL_SP_MATH) && !defined(HAVE_ALL_CURVES) #define HAVE_ALL_CURVES #endif #endif @@ -1299,6 +1327,10 @@ extern void uITRON4_free(void *p) ; #undef HAVE_ECC_VERIFY #define HAVE_ECC_VERIFY #endif + #ifndef NO_ECC_CHECK_KEY + #undef HAVE_ECC_CHECK_KEY + #define HAVE_ECC_CHECK_KEY + #endif #ifndef NO_ECC_DHE #undef HAVE_ECC_DHE #define HAVE_ECC_DHE @@ -1358,6 +1390,23 @@ extern void uITRON4_free(void *p) ; #undef AES_MAX_KEY_SIZE #define AES_MAX_KEY_SIZE 256 #endif + + #ifndef NO_AES_128 + #undef WOLFSSL_AES_128 + #define WOLFSSL_AES_128 + #endif + #if !defined(NO_AES_192) && AES_MAX_KEY_SIZE >= 192 + #undef WOLFSSL_AES_192 + #define WOLFSSL_AES_192 + #endif + #if !defined(NO_AES_256) && AES_MAX_KEY_SIZE >= 256 + #undef WOLFSSL_AES_256 + #define WOLFSSL_AES_256 + #endif + #if !defined(WOLFSSL_AES_128) && defined(HAVE_ECC_ENCRYPT) + #warning HAVE_ECC_ENCRYPT uses AES 128 bit keys + #endif + #ifndef NO_AES_DECRYPT #undef HAVE_AES_DECRYPT #define HAVE_AES_DECRYPT @@ -1376,6 +1425,12 @@ extern void uITRON4_free(void *p) ; #define WOLFSSL_AES_DIRECT #endif #endif + #ifdef WOLFSSL_AES_CFB + /* AES-CFB makes calls to AES direct functions */ + #ifndef WOLFSSL_AES_DIRECT + #define WOLFSSL_AES_DIRECT + #endif + #endif #endif /* if desktop type system and fastmath increase default max bits */ @@ -1490,6 +1545,9 @@ extern void uITRON4_free(void *p) ; #endif #ifdef HAVE_PKCS7 + #if defined(NO_AES) && defined(NO_DES3) + #error PKCS7 needs either AES or 3DES enabled, please enable one + #endif #ifndef HAVE_AES_KEYWRAP #error PKCS7 requires AES key wrap please define HAVE_AES_KEYWRAP #endif @@ -1566,6 +1624,21 @@ extern void uITRON4_free(void *p) ; #endif #endif +#if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA) + /* added to have compatibility with SHA256() */ + #if !defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS) + #define NO_OLD_SHA256_NAMES + #endif +#endif + +/* switch for compatibility layer functionality. Has subparts i.e. BIO/X509 + * When opensslextra is enabled all subparts should be turned on. */ +#ifdef OPENSSL_EXTRA + #undef OPENSSL_EXTRA_X509_SMALL + #define OPENSSL_EXTRA_X509_SMALL +#endif /* OPENSSL_EXTRA */ + + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/include/wolfssl/wolfcrypt/types.h b/include/wolfssl/wolfcrypt/types.h new file mode 100755 index 00000000..e9584f8e --- /dev/null +++ b/include/wolfssl/wolfcrypt/types.h @@ -0,0 +1,625 @@ +/* types.h + * + * Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved. + * + * This file is part of wolfSSL. + * + * Contact licensing@wolfssl.com with any questions or comments. + * + * http://www.wolfssl.com + */ + + + + +#ifndef WOLF_CRYPT_TYPES_H +#define WOLF_CRYPT_TYPES_H + + #include + #include + + #ifdef __cplusplus + extern "C" { + #endif + + + #if defined(WORDS_BIGENDIAN) + #define BIG_ENDIAN_ORDER + #endif + + #ifndef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #ifndef WOLFSSL_TYPES + #ifndef byte + typedef unsigned char byte; + #endif + typedef unsigned short word16; + typedef unsigned int word32; + typedef byte word24[3]; + #endif + + + /* try to set SIZEOF_LONG or LONG_LONG if user didn't */ + #if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) && !defined(__EMSCRIPTEN__) + #if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG) + #if (defined(__alpha__) || defined(__ia64__) || \ + defined(_ARCH_PPC64) || defined(__mips64) || \ + defined(__x86_64__) || \ + ((defined(sun) || defined(__sun)) && \ + (defined(LP64) || defined(_LP64)))) + /* long should be 64bit */ + #define SIZEOF_LONG 8 + #elif defined(__i386__) || defined(__CORTEX_M3__) + /* long long should be 64bit */ + #define SIZEOF_LONG_LONG 8 + #endif + #endif + #endif + + #if defined(_MSC_VER) || defined(__BCPLUSPLUS__) + #define WORD64_AVAILABLE + #define W64LIT(x) x##ui64 + typedef unsigned __int64 word64; + #elif defined(__EMSCRIPTEN__) + #define WORD64_AVAILABLE + #define W64LIT(x) x##ull + typedef unsigned long long word64; + #elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8 + #define WORD64_AVAILABLE + #define W64LIT(x) x##LL + typedef unsigned long word64; + #elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8 + #define WORD64_AVAILABLE + #define W64LIT(x) x##LL + typedef unsigned long long word64; + #elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8 + #define WORD64_AVAILABLE + #define W64LIT(x) x##LL + typedef unsigned long long word64; + #endif + +#if !defined(NO_64BIT) && defined(WORD64_AVAILABLE) + /* These platforms have 64-bit CPU registers. */ + #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \ + defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \ + defined(__aarch64__) || defined(__sparc64__) + typedef word64 wolfssl_word; + #define WC_64BIT_CPU + #elif (defined(sun) || defined(__sun)) && \ + (defined(LP64) || defined(_LP64)) + /* LP64 with GNU GCC compiler is reserved for when long int is 64 bits + * and int uses 32 bits. When using Solaris Studio sparc and __sparc are + * avialable for 32 bit detection but __sparc64__ could be missed. This + * uses LP64 for checking 64 bit CPU arch. */ + typedef word64 wolfssl_word; + #define WC_64BIT_CPU + #else + typedef word32 wolfssl_word; + #ifdef WORD64_AVAILABLE + #define WOLFCRYPT_SLOW_WORD64 + #endif + #endif +#else + #undef WORD64_AVAILABLE + typedef word32 wolfssl_word; + #define MP_16BIT /* for mp_int, mp_word needs to be twice as big as + mp_digit, no 64 bit type so make mp_digit 16 bit */ +#endif + + enum { + WOLFSSL_WORD_SIZE = sizeof(wolfssl_word), + WOLFSSL_BIT_SIZE = 8, + WOLFSSL_WORD_BITS = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE + }; + + #define WOLFSSL_MAX_16BIT 0xffffU + + /* use inlining if compiler allows */ + #ifndef INLINE + #ifndef NO_INLINE + #ifdef _MSC_VER + #define INLINE __inline + #elif defined(__GNUC__) + #ifdef WOLFSSL_VXWORKS + #define INLINE __inline__ + #else + #define INLINE inline + #endif + #elif defined(__IAR_SYSTEMS_ICC__) + #define INLINE inline + #elif defined(THREADX) + #define INLINE _Inline + #else + #define INLINE + #endif + #else + #define INLINE + #endif + #endif + + + /* set up rotate style */ + #if (defined(_MSC_VER) || defined(__BCPLUSPLUS__)) && \ + !defined(WOLFSSL_SGX) && !defined(INTIME_RTOS) + #define INTEL_INTRINSICS + #define FAST_ROTATE + #elif defined(__MWERKS__) && TARGET_CPU_PPC + #define PPC_INTRINSICS + #define FAST_ROTATE + #elif defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) + /* GCC does peephole optimizations which should result in using rotate + instructions */ + #define FAST_ROTATE + #endif + + + /* set up thread local storage if available */ + #ifdef HAVE_THREAD_LS + #if defined(_MSC_VER) + #define THREAD_LS_T __declspec(thread) + /* Thread local storage only in FreeRTOS v8.2.1 and higher */ + #elif defined(FREERTOS) + #define THREAD_LS_T + #else + #define THREAD_LS_T __thread + #endif + #else + #define THREAD_LS_T + #endif + + /* GCC 7 has new switch() fall-through detection */ + #if defined(__GNUC__) + #if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1))) + #define FALL_THROUGH __attribute__ ((fallthrough)); + #endif + #endif + #ifndef FALL_THROUGH + #define FALL_THROUGH + #endif + + /* Micrium will use Visual Studio for compilation but not the Win32 API */ + #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \ + !defined(FREERTOS_TCP) && !defined(EBSNET) && \ + !defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS) + #define USE_WINDOWS_API + #endif + + + /* idea to add global alloc override by Moises Guimaraes */ + /* default to libc stuff */ + /* XREALLOC is used once in normal math lib, not in fast math lib */ + /* XFREE on some embeded systems doesn't like free(0) so test */ + #if defined(HAVE_IO_POOL) + WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type); + WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type); + WOLFSSL_API void XFREE(void *p, void* heap, int type); + #elif defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_INTEL_QA) + #include + #undef USE_WOLFSSL_MEMORY + #ifdef WOLFSSL_DEBUG_MEMORY + #define XMALLOC(s, h, t) IntelQaMalloc((s), (h), (t), __func__, __LINE__) + #define XFREE(p, h, t) IntelQaFree((p), (h), (t), __func__, __LINE__) + #define XREALLOC(p, n, h, t) IntelQaRealloc((p), (n), (h), (t), __func__, __LINE__) + #else + #define XMALLOC(s, h, t) IntelQaMalloc((s), (h), (t)) + #define XFREE(p, h, t) IntelQaFree((p), (h), (t)) + #define XREALLOC(p, n, h, t) IntelQaRealloc((p), (n), (h), (t)) + #endif /* WOLFSSL_DEBUG_MEMORY */ + #elif defined(XMALLOC_USER) + /* prototypes for user heap override functions */ + #include /* for size_t */ + extern void *XMALLOC(size_t n, void* heap, int type); + extern void *XREALLOC(void *p, size_t n, void* heap, int type); + extern void XFREE(void *p, void* heap, int type); + #elif defined(XMALLOC_OVERRIDE) + /* override the XMALLOC, XFREE and XREALLOC macros */ + #elif defined(NO_WOLFSSL_MEMORY) + /* just use plain C stdlib stuff if desired */ + #include + #define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s))) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));} + #define XREALLOC(p, n, h, t) realloc((p), (n)) + #elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \ + && !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \ + && !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \ + && !defined(WOLFSSL_LEANPSK) && !defined(WOLFSSL_uITRON4) + /* default C runtime, can install different routines at runtime via cbs */ + #include + #ifdef WOLFSSL_STATIC_MEMORY + #ifdef WOLFSSL_DEBUG_MEMORY + #define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);} + #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__) + #else + #define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t)) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));} + #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t)) + #endif /* WOLFSSL_DEBUG_MEMORY */ + #elif !defined(FREERTOS) && !defined(FREERTOS_TCP) + #ifdef WOLFSSL_DEBUG_MEMORY + #define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__)) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);} + #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__) + #else + #define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s))) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));} + #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n)) + #endif /* WOLFSSL_DEBUG_MEMORY */ + #endif /* WOLFSSL_STATIC_MEMORY */ + #endif + + /* declare/free variable handling for async */ + #ifdef WOLFSSL_ASYNC_CRYPT + #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ + VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); + #define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \ + VAR_TYPE* VAR_NAME = ({ \ + VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \ + if (ptr && INIT_VALUE) { \ + XMEMCPY(ptr, INIT_VALUE, sizeof(VAR_TYPE) * VAR_SIZE); \ + } \ + ptr; \ + }) + #define DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ + VAR_TYPE* VAR_NAME[VAR_ITEMS]; \ + int idx##VAR_NAME; \ + for (idx##VAR_NAME=0; idx##VAR_NAME + #define XMEMCPY(d,s,l) memcpy((d),(s),(l)) + #define XMEMSET(b,c,l) memset((b),(c),(l)) + #define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n)) + #define XMEMMOVE(d,s,l) memmove((d),(s),(l)) + + #define XSTRLEN(s1) strlen((s1)) + #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n)) + /* strstr, strncmp, and strncat only used by wolfSSL proper, + * not required for wolfCrypt only */ + #define XSTRSTR(s1,s2) strstr((s1),(s2)) + #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n)) + #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n)) + #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n)) + + #if defined(MICROCHIP_PIC32) || defined(WOLFSSL_TIRTOS) + /* XC32 does not support strncasecmp, so use case sensitive one */ + #define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n)) + #elif defined(USE_WINDOWS_API) + #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n)) + #else + #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n)) + #endif + + /* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when + debugging is turned on */ + #ifndef USE_WINDOWS_API + #if defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ + !defined(NO_STDIO_FILESYSTEM) + /* case where stdio is not included else where but is needed for + * snprintf */ + #include + #endif + #define XSNPRINTF snprintf + #else + #define XSNPRINTF _snprintf + #endif + + #if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN) + /* use only Thread Safe version of strtok */ + #if defined(__MINGW32__) || defined(WOLFSSL_TIRTOS) || \ + defined(USE_WOLF_STRTOK) + #ifndef USE_WOLF_STRTOK + #define USE_WOLF_STRTOK + #endif + #define XSTRTOK wc_strtok + #elif defined(USE_WINDOWS_API) || defined(INTIME_RTOS) + #define XSTRTOK strtok_s + #else + #define XSTRTOK strtok_r + #endif + #endif + #endif + + #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ + !defined(NO_STDIO_FILESYSTEM) + #ifndef XGETENV + #include + #define XGETENV getenv + #endif + #endif /* OPENSSL_EXTRA */ + + #ifndef CTYPE_USER + #include + #if defined(HAVE_ECC) || defined(HAVE_OCSP) || \ + defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA) + #define XTOUPPER(c) toupper((c)) + #define XISALPHA(c) isalpha((c)) + #endif + /* needed by wolfSSL_check_domain_name() */ + #define XTOLOWER(c) tolower((c)) + #endif + + + /* memory allocation types for user hints */ + enum { + DYNAMIC_TYPE_CA = 1, + DYNAMIC_TYPE_CERT = 2, + DYNAMIC_TYPE_KEY = 3, + DYNAMIC_TYPE_FILE = 4, + DYNAMIC_TYPE_SUBJECT_CN = 5, + DYNAMIC_TYPE_PUBLIC_KEY = 6, + DYNAMIC_TYPE_SIGNER = 7, + DYNAMIC_TYPE_NONE = 8, + DYNAMIC_TYPE_BIGINT = 9, + DYNAMIC_TYPE_RSA = 10, + DYNAMIC_TYPE_METHOD = 11, + DYNAMIC_TYPE_OUT_BUFFER = 12, + DYNAMIC_TYPE_IN_BUFFER = 13, + DYNAMIC_TYPE_INFO = 14, + DYNAMIC_TYPE_DH = 15, + DYNAMIC_TYPE_DOMAIN = 16, + DYNAMIC_TYPE_SSL = 17, + DYNAMIC_TYPE_CTX = 18, + DYNAMIC_TYPE_WRITEV = 19, + DYNAMIC_TYPE_OPENSSL = 20, + DYNAMIC_TYPE_DSA = 21, + DYNAMIC_TYPE_CRL = 22, + DYNAMIC_TYPE_REVOKED = 23, + DYNAMIC_TYPE_CRL_ENTRY = 24, + DYNAMIC_TYPE_CERT_MANAGER = 25, + DYNAMIC_TYPE_CRL_MONITOR = 26, + DYNAMIC_TYPE_OCSP_STATUS = 27, + DYNAMIC_TYPE_OCSP_ENTRY = 28, + DYNAMIC_TYPE_ALTNAME = 29, + DYNAMIC_TYPE_SUITES = 30, + DYNAMIC_TYPE_CIPHER = 31, + DYNAMIC_TYPE_RNG = 32, + DYNAMIC_TYPE_ARRAYS = 33, + DYNAMIC_TYPE_DTLS_POOL = 34, + DYNAMIC_TYPE_SOCKADDR = 35, + DYNAMIC_TYPE_LIBZ = 36, + DYNAMIC_TYPE_ECC = 37, + DYNAMIC_TYPE_TMP_BUFFER = 38, + DYNAMIC_TYPE_DTLS_MSG = 39, + DYNAMIC_TYPE_X509 = 40, + DYNAMIC_TYPE_TLSX = 41, + DYNAMIC_TYPE_OCSP = 42, + DYNAMIC_TYPE_SIGNATURE = 43, + DYNAMIC_TYPE_HASHES = 44, + DYNAMIC_TYPE_SRP = 45, + DYNAMIC_TYPE_COOKIE_PWD = 46, + DYNAMIC_TYPE_USER_CRYPTO = 47, + DYNAMIC_TYPE_OCSP_REQUEST = 48, + DYNAMIC_TYPE_X509_EXT = 49, + DYNAMIC_TYPE_X509_STORE = 50, + DYNAMIC_TYPE_X509_CTX = 51, + DYNAMIC_TYPE_URL = 52, + DYNAMIC_TYPE_DTLS_FRAG = 53, + DYNAMIC_TYPE_DTLS_BUFFER = 54, + DYNAMIC_TYPE_SESSION_TICK = 55, + DYNAMIC_TYPE_PKCS = 56, + DYNAMIC_TYPE_MUTEX = 57, + DYNAMIC_TYPE_PKCS7 = 58, + DYNAMIC_TYPE_AES_BUFFER = 59, + DYNAMIC_TYPE_WOLF_BIGINT = 60, + DYNAMIC_TYPE_ASN1 = 61, + DYNAMIC_TYPE_LOG = 62, + DYNAMIC_TYPE_WRITEDUP = 63, + DYNAMIC_TYPE_PRIVATE_KEY = 64, + DYNAMIC_TYPE_HMAC = 65, + DYNAMIC_TYPE_ASYNC = 66, + DYNAMIC_TYPE_ASYNC_NUMA = 67, + DYNAMIC_TYPE_ASYNC_NUMA64 = 68, + DYNAMIC_TYPE_CURVE25519 = 69, + DYNAMIC_TYPE_ED25519 = 70, + DYNAMIC_TYPE_SECRET = 71, + DYNAMIC_TYPE_DIGEST = 72, + DYNAMIC_TYPE_RSA_BUFFER = 73, + DYNAMIC_TYPE_DCERT = 74, + DYNAMIC_TYPE_STRING = 75, + DYNAMIC_TYPE_PEM = 76, + DYNAMIC_TYPE_DER = 77, + DYNAMIC_TYPE_CERT_EXT = 78, + DYNAMIC_TYPE_ALPN = 79, + DYNAMIC_TYPE_ENCRYPTEDINFO= 80, + DYNAMIC_TYPE_DIRCTX = 81, + DYNAMIC_TYPE_HASHCTX = 82, + DYNAMIC_TYPE_SEED = 83, + DYNAMIC_TYPE_SYMETRIC_KEY = 84, + DYNAMIC_TYPE_ECC_BUFFER = 85, + DYNAMIC_TYPE_QSH = 86, + DYNAMIC_TYPE_SALT = 87, + DYNAMIC_TYPE_HASH_TMP = 88, + DYNAMIC_TYPE_BLOB = 89, + DYNAMIC_TYPE_NAME_ENTRY = 90, + }; + + /* max error buffer string size */ + #ifndef WOLFSSL_MAX_ERROR_SZ + #define WOLFSSL_MAX_ERROR_SZ 80 + #endif + + /* stack protection */ + enum { + MIN_STACK_BUFFER = 8 + }; + + + + /* settings detection for compile vs runtime math incompatibilities */ + enum { + #if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG) + CTC_SETTINGS = 0x0 + #elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8) + CTC_SETTINGS = 0x1 + #elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8) + CTC_SETTINGS = 0x2 + #elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4) + CTC_SETTINGS = 0x4 + #elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG) + CTC_SETTINGS = 0x8 + #elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8) + CTC_SETTINGS = 0x10 + #elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8) + CTC_SETTINGS = 0x20 + #elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4) + CTC_SETTINGS = 0x40 + #else + #error "bad math long / long long settings" + #endif + }; + + + WOLFSSL_API word32 CheckRunTimeSettings(void); + + /* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long + types need to match at compile time and run time, CheckCtcSettings will + return 1 if a match otherwise 0 */ + #define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings()) + + /* invalid device id */ + #define INVALID_DEVID -2 + + + /* AESNI requires alignment and ARMASM gains some performance from it */ + #if defined(WOLFSSL_AESNI) || defined(WOLFSSL_ARMASM) || defined(USE_INTEL_SPEEDUP) + #if !defined(ALIGN16) + #if defined(__GNUC__) + #define ALIGN16 __attribute__ ( (aligned (16))) + #elif defined(_MSC_VER) + /* disable align warning, we want alignment ! */ + #pragma warning(disable: 4324) + #define ALIGN16 __declspec (align (16)) + #else + #define ALIGN16 + #endif + #endif /* !ALIGN16 */ + + #if !defined (ALIGN32) + #if defined (__GNUC__) + #define ALIGN32 __attribute__ ( (aligned (32))) + #elif defined(_MSC_VER) + /* disable align warning, we want alignment ! */ + #pragma warning(disable: 4324) + #define ALIGN32 __declspec (align (32)) + #else + #define ALIGN32 + #endif + #endif + + #if !defined(ALIGN32) + #if defined(__GNUC__) + #define ALIGN32 __attribute__ ( (aligned (32))) + #elif defined(_MSC_VER) + /* disable align warning, we want alignment ! */ + #pragma warning(disable: 4324) + #define ALIGN32 __declspec (align (32)) + #else + #define ALIGN32 + #endif + #endif /* !ALIGN32 */ + + #if defined(__GNUC__) + #define ALIGN128 __attribute__ ( (aligned (128))) + #elif defined(_MSC_VER) + /* disable align warning, we want alignment ! */ + #pragma warning(disable: 4324) + #define ALIGN128 __declspec (align (128)) + #else + #define ALIGN128 + #endif + + #if defined(__GNUC__) + #define ALIGN256 __attribute__ ( (aligned (256))) + #elif defined(_MSC_VER) + /* disable align warning, we want alignment ! */ + #pragma warning(disable: 4324) + #define ALIGN256 __declspec (align (256)) + #else + #define ALIGN256 + #endif + + #else + #ifndef ALIGN16 + #define ALIGN16 + #endif + #ifndef ALIGN32 + #define ALIGN32 + #endif + #ifndef ALIGN128 + #define ALIGN128 + #endif + #ifndef ALIGN256 + #define ALIGN256 + #endif + #endif /* WOLFSSL_AESNI || WOLFSSL_ARMASM */ + + + #ifndef TRUE + #define TRUE 1 + #endif + #ifndef FALSE + #define FALSE 0 + #endif + + + #ifdef WOLFSSL_RIOT_OS + #define EXIT_TEST(ret) exit(ret) + #elif defined(HAVE_STACK_SIZE) + #define EXIT_TEST(ret) return (void*)((size_t)(ret)) + #else + #define EXIT_TEST(ret) return ret + #endif + + + #if defined(__GNUC__) + #define WOLFSSL_PACK __attribute__ ((packed)) + #else + #define WOLFSSL_PACK + #endif + + #ifndef __GNUC_PREREQ + #if defined(__GNUC__) && defined(__GNUC_MINOR__) + #define __GNUC_PREREQ(maj, min) \ + ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min)) + #else + #define __GNUC_PREREQ(maj, min) (0) /* not GNUC */ + #endif + #endif + + #if defined(__GNUC__) + #define WC_NORETURN __attribute__((noreturn)) + #else + #define WC_NORETURN + #endif + + + #ifdef __cplusplus + } /* extern "C" */ + #endif + +#endif /* WOLF_CRYPT_TYPES_H */ diff --git a/include/wolfssl/wolfcrypt/visibility.h b/include/wolfssl/wolfcrypt/visibility.h index 78191aa4..9fa91c25 100644 --- a/include/wolfssl/wolfcrypt/visibility.h +++ b/include/wolfssl/wolfcrypt/visibility.h @@ -1,25 +1,16 @@ /* visibility.h * - * Copyright (C) 2006-2017 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved. * * This file is part of wolfSSL. * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. + * Contact licensing@wolfssl.com with any questions or comments. * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * http://www.wolfssl.com */ + /* Visibility control macros */ #ifndef WOLF_CRYPT_VISIBILITY_H diff --git a/include/wolfssl/wolfcrypt/wc_port.h b/include/wolfssl/wolfcrypt/wc_port.h new file mode 100644 index 00000000..7e1b71de --- /dev/null +++ b/include/wolfssl/wolfcrypt/wc_port.h @@ -0,0 +1,473 @@ +/* wc_port.h + * + * Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved. + * + * This file is part of wolfSSL. + * + * Contact licensing@wolfssl.com with any questions or comments. + * + * http://www.wolfssl.com + */ + + + + +#ifndef WOLF_CRYPT_PORT_H +#define WOLF_CRYPT_PORT_H + +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +#ifdef USE_WINDOWS_API + #ifdef WOLFSSL_GAME_BUILD + #include "system/xtl.h" + #else + #ifndef WIN32_LEAN_AND_MEAN + #define WIN32_LEAN_AND_MEAN + #endif + #ifndef WOLFSSL_SGX + #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN) + /* On WinCE winsock2.h must be included before windows.h */ + #include + #endif + #include + #endif /* WOLFSSL_SGX */ + #endif +#elif defined(THREADX) + #ifndef SINGLE_THREADED + #ifdef NEED_THREADX_TYPES + #include + #endif + #include + #endif +#elif defined(MICRIUM) + /* do nothing, just don't pick Unix */ +#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS) + /* do nothing */ +#elif defined(EBSNET) + /* do nothing */ +#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + /* do nothing */ +#elif defined(FREESCALE_FREE_RTOS) + #include "fsl_os_abstraction.h" +#elif defined(WOLFSSL_uITRON4) + #include "stddef.h" + #include "kernel.h" +#elif defined(WOLFSSL_uTKERNEL2) + #include "tk/tkernel.h" +#elif defined(WOLFSSL_CMSIS_RTOS) + #include "cmsis_os.h" +#elif defined(WOLFSSL_MDK_ARM) + #if defined(WOLFSSL_MDK5) + #include "cmsis_os.h" + #else + #include + #endif +#elif defined(WOLFSSL_CMSIS_RTOS) + #include "cmsis_os.h" +#elif defined(WOLFSSL_TIRTOS) + #include + #include +#elif defined(WOLFSSL_FROSTED) + #include +#elif defined(INTIME_RTOS) + #include + #include +#else + #ifndef SINGLE_THREADED + #define WOLFSSL_PTHREADS + #include + #endif + #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) + #include /* for close of BIO */ + #endif +#endif + +/* For FIPS keep the function names the same */ +#ifdef HAVE_FIPS +#define wc_InitMutex InitMutex +#define wc_FreeMutex FreeMutex +#define wc_LockMutex LockMutex +#define wc_UnLockMutex UnLockMutex +#endif /* HAVE_FIPS */ + +#ifdef SINGLE_THREADED + typedef int wolfSSL_Mutex; +#else /* MULTI_THREADED */ + /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */ + #if defined(FREERTOS) + typedef xSemaphoreHandle wolfSSL_Mutex; + #elif defined(FREERTOS_TCP) + #include "FreeRTOS.h" + #include "semphr.h" + typedef SemaphoreHandle_t wolfSSL_Mutex; + #elif defined(WOLFSSL_SAFERTOS) + typedef struct wolfSSL_Mutex { + signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES]; + xSemaphoreHandle mutex; + } wolfSSL_Mutex; + #elif defined(USE_WINDOWS_API) + typedef CRITICAL_SECTION wolfSSL_Mutex; + #elif defined(WOLFSSL_PTHREADS) + typedef pthread_mutex_t wolfSSL_Mutex; + #elif defined(THREADX) + typedef TX_MUTEX wolfSSL_Mutex; + #elif defined(MICRIUM) + typedef OS_MUTEX wolfSSL_Mutex; + #elif defined(EBSNET) + typedef RTP_MUTEX wolfSSL_Mutex; + #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + typedef MUTEX_STRUCT wolfSSL_Mutex; + #elif defined(FREESCALE_FREE_RTOS) + typedef mutex_t wolfSSL_Mutex; + #elif defined(WOLFSSL_uITRON4) + typedef struct wolfSSL_Mutex { + T_CSEM sem ; + ID id ; + } wolfSSL_Mutex; + #elif defined(WOLFSSL_uTKERNEL2) + typedef struct wolfSSL_Mutex { + T_CSEM sem ; + ID id ; + } wolfSSL_Mutex; + #elif defined(WOLFSSL_MDK_ARM) + #if defined(WOLFSSL_CMSIS_RTOS) + typedef osMutexId wolfSSL_Mutex; + #else + typedef OS_MUT wolfSSL_Mutex; + #endif + #elif defined(WOLFSSL_CMSIS_RTOS) + typedef osMutexId wolfSSL_Mutex; + #elif defined(WOLFSSL_TIRTOS) + typedef ti_sysbios_knl_Semaphore_Handle wolfSSL_Mutex; + #elif defined(WOLFSSL_FROSTED) + typedef mutex_t * wolfSSL_Mutex; + #elif defined(INTIME_RTOS) + typedef RTHANDLE wolfSSL_Mutex; + #else + #error Need a mutex type in multithreaded mode + #endif /* USE_WINDOWS_API */ +#endif /* SINGLE_THREADED */ + +/* Enable crypt HW mutex for Freescale MMCAU or PIC32MZ */ +#if defined(FREESCALE_MMCAU) || defined(WOLFSSL_MICROCHIP_PIC32MZ) + #ifndef WOLFSSL_CRYPT_HW_MUTEX + #define WOLFSSL_CRYPT_HW_MUTEX 1 + #endif +#endif /* FREESCALE_MMCAU */ + +#ifndef WOLFSSL_CRYPT_HW_MUTEX + #define WOLFSSL_CRYPT_HW_MUTEX 0 +#endif + +#if WOLFSSL_CRYPT_HW_MUTEX + /* wolfSSL_CryptHwMutexInit is called on first wolfSSL_CryptHwMutexLock, + however it's recommended to call this directly on Hw init to avoid possible + race condition where two calls to wolfSSL_CryptHwMutexLock are made at + the same time. */ + int wolfSSL_CryptHwMutexInit(void); + int wolfSSL_CryptHwMutexLock(void); + int wolfSSL_CryptHwMutexUnLock(void); +#else + /* Define stubs, since HW mutex is disabled */ + #define wolfSSL_CryptHwMutexInit() 0 /* Success */ + #define wolfSSL_CryptHwMutexLock() 0 /* Success */ + #define wolfSSL_CryptHwMutexUnLock() (void)0 /* Success */ +#endif /* WOLFSSL_CRYPT_HW_MUTEX */ + +/* Mutex functions */ +WOLFSSL_API int wc_InitMutex(wolfSSL_Mutex*); +WOLFSSL_API wolfSSL_Mutex* wc_InitAndAllocMutex(void); +WOLFSSL_API int wc_FreeMutex(wolfSSL_Mutex*); +WOLFSSL_API int wc_LockMutex(wolfSSL_Mutex*); +WOLFSSL_API int wc_UnLockMutex(wolfSSL_Mutex*); +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) +/* dynamiclly set which mutex to use. unlock / lock is controlled by flag */ +typedef void (mutex_cb)(int flag, int type, const char* file, int line); + +WOLFSSL_API int wc_LockMutex_ex(int flag, int type, const char* file, int line); +WOLFSSL_API int wc_SetMutexCb(mutex_cb* cb); +#endif + +/* main crypto initialization function */ +WOLFSSL_API int wolfCrypt_Init(void); +WOLFSSL_API int wolfCrypt_Cleanup(void); + +/* filesystem abstraction layer, used by ssl.c */ +#ifndef NO_FILESYSTEM + +#if defined(EBSNET) + #include "vfapi.h" + #include "vfile.h" + + #define XFILE int + #define XFOPEN(NAME, MODE) vf_open((const char *)NAME, VO_RDONLY, 0); + #define XFSEEK vf_lseek + #define XFTELL vf_tell + #define XREWIND vf_rewind + #define XFREAD(BUF, SZ, AMT, FD) vf_read(FD, BUF, SZ*AMT) + #define XFWRITE(BUF, SZ, AMT, FD) vf_write(FD, BUF, SZ*AMT) + #define XFCLOSE vf_close + #define XSEEK_END VSEEK_END + #define XBADFILE -1 + #define XFGETS(b,s,f) -2 /* Not ported yet */ +#elif defined(LSR_FS) + #include + #define XFILE struct fs_file* + #define XFOPEN(NAME, MODE) fs_open((char*)NAME); + #define XFSEEK(F, O, W) (void)F + #define XFTELL(F) (F)->len + #define XREWIND(F) (void)F + #define XFREAD(BUF, SZ, AMT, F) fs_read(F, (char*)BUF, SZ*AMT) + #define XFWRITE(BUF, SZ, AMT, F) fs_write(F, (char*)BUF, SZ*AMT) + #define XFCLOSE fs_close + #define XSEEK_END 0 + #define XBADFILE NULL + #define XFGETS(b,s,f) -2 /* Not ported yet */ +#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + #define XFILE MQX_FILE_PTR + #define XFOPEN fopen + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND(F) fseek(F, 0, IO_SEEK_SET) + #define XFREAD fread + #define XFWRITE fwrite + #define XFCLOSE fclose + #define XSEEK_END IO_SEEK_END + #define XBADFILE NULL + #define XFGETS fgets +#elif defined(MICRIUM) + #include + #define XFILE FS_FILE* + #define XFOPEN fs_fopen + #define XFSEEK fs_fseek + #define XFTELL fs_ftell + #define XREWIND fs_rewind + #define XFREAD fs_fread + #define XFWRITE fs_fwrite + #define XFCLOSE fs_fclose + #define XSEEK_END FS_SEEK_END + #define XBADFILE NULL + #define XFGETS(b,s,f) -2 /* Not ported yet */ +#else + /* stdio, default case */ + #include + #define XFILE FILE* + #if defined(WOLFSSL_MDK_ARM) + extern FILE * wolfSSL_fopen(const char *name, const char *mode) ; + #define XFOPEN wolfSSL_fopen + #else + #define XFOPEN fopen + #endif + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND rewind + #define XFREAD fread + #define XFWRITE fwrite + #define XFCLOSE fclose + #define XSEEK_END SEEK_END + #define XBADFILE NULL + #define XFGETS fgets + + #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR) + #include + #include + #include + #endif +#endif + + #ifndef MAX_FILENAME_SZ + #define MAX_FILENAME_SZ 256 /* max file name length */ + #endif + #ifndef MAX_PATH + #define MAX_PATH 256 + #endif + +#if !defined(NO_WOLFSSL_DIR) + typedef struct ReadDirCtx { + #ifdef USE_WINDOWS_API + WIN32_FIND_DATAA FindFileData; + HANDLE hFind; + #else + struct dirent* entry; + DIR* dir; + struct stat s; + #endif + char name[MAX_FILENAME_SZ]; + } ReadDirCtx; + + WOLFSSL_API int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name); + WOLFSSL_API int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name); + WOLFSSL_API void wc_ReadDirClose(ReadDirCtx* ctx); +#endif /* !NO_WOLFSSL_DIR */ + +#endif /* !NO_FILESYSTEM */ + +#ifdef USE_WOLF_STRTOK + WOLFSSL_LOCAL char* wc_strtok(char *str, const char *delim, char **nextp); +#endif + +/* Windows API defines its own min() macro. */ +#if defined(USE_WINDOWS_API) + #if defined(min) || defined(WOLFSSL_MYSQL_COMPATIBLE) + #define WOLFSSL_HAVE_MIN + #endif /* min */ + #if defined(max) || defined(WOLFSSL_MYSQL_COMPATIBLE) + #define WOLFSSL_HAVE_MAX + #endif /* max */ +#endif /* USE_WINDOWS_API */ + +/* Time functions */ +#ifndef NO_ASN_TIME +#if defined(USER_TIME) + /* Use our gmtime and time_t/struct tm types. + Only needs seconds since EPOCH using XTIME function. + time_t XTIME(time_t * timer) {} + */ + #define WOLFSSL_GMTIME + #define USE_WOLF_TM + #define USE_WOLF_TIME_T + +#elif defined(TIME_OVERRIDES) + /* Override XTIME() and XGMTIME() functionality. + Requires user to provide these functions: + time_t XTIME(time_t * timer) {} + struct tm* XGMTIME(const time_t* timer, struct tm* tmp) {} + */ + #ifndef HAVE_TIME_T_TYPE + #define USE_WOLF_TIME_T + #endif + #ifndef HAVE_TM_TYPE + #define USE_WOLF_TM + #endif + #define NEED_TMP_TIME + +#elif defined(HAVE_RTP_SYS) + #include "os.h" /* dc_rtc_api needs */ + #include "dc_rtc_api.h" /* to get current time */ + + /* uses parital structures */ + #define XTIME(tl) (0) + #define XGMTIME(c, t) rtpsys_gmtime((c)) + +#elif defined(MICRIUM) + #include + #include + #define XTIME(t1) micrium_time((t1)) + #define WOLFSSL_GMTIME + +#elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP) + #include + #define XTIME(t1) pic32_time((t1)) + #define XGMTIME(c, t) gmtime((c)) + +#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + #define XTIME(t1) mqx_time((t1)) + #define HAVE_GMTIME_R + +#elif defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS) + #include + #ifndef XTIME + /*extern time_t ksdk_time(time_t* timer);*/ + #define XTIME(t1) ksdk_time((t1)) + #endif + #define XGMTIME(c, t) gmtime((c)) + +#elif defined(WOLFSSL_ATMEL) + #define XTIME(t1) atmel_get_curr_time_and_date((t1)) + #define WOLFSSL_GMTIME + #define USE_WOLF_TM + #define USE_WOLF_TIME_T + +#elif defined(IDIRECT_DEV_TIME) + /*Gets the timestamp from cloak software owned by VT iDirect + in place of time() from */ + #include + #define XTIME(t1) idirect_time((t1)) + #define XGMTIME(c, t) gmtime((c)) + +#elif defined(_WIN32_WCE) + #include + #define XTIME(t1) windows_time((t1)) + #define WOLFSSL_GMTIME + +#else + /* default */ + /* uses complete facility */ + #include + + /* PowerPC time_t is int */ + #ifdef __PPC__ + #define TIME_T_NOT_LONG + #endif +#endif + + +/* Map default time functions */ +#if !defined(XTIME) && !defined(TIME_OVERRIDES) && !defined(USER_TIME) + #define XTIME(tl) time((tl)) +#endif +#if !defined(XGMTIME) && !defined(TIME_OVERRIDES) + #if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R) + #define XGMTIME(c, t) gmtime((c)) + #else + #define XGMTIME(c, t) gmtime_r((c), (t)) + #define NEED_TMP_TIME + #endif +#endif +#if !defined(XVALIDATE_DATE) && !defined(HAVE_VALIDATE_DATE) + #define USE_WOLF_VALIDDATE + #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) +#endif + +/* wolf struct tm and time_t */ +#if defined(USE_WOLF_TM) + struct tm { + int tm_sec; /* seconds after the minute [0-60] */ + int tm_min; /* minutes after the hour [0-59] */ + int tm_hour; /* hours since midnight [0-23] */ + int tm_mday; /* day of the month [1-31] */ + int tm_mon; /* months since January [0-11] */ + int tm_year; /* years since 1900 */ + int tm_wday; /* days since Sunday [0-6] */ + int tm_yday; /* days since January 1 [0-365] */ + int tm_isdst; /* Daylight Savings Time flag */ + long tm_gmtoff; /* offset from CUT in seconds */ + char *tm_zone; /* timezone abbreviation */ + }; +#endif /* USE_WOLF_TM */ +#if defined(USE_WOLF_TIME_T) + typedef long time_t; +#endif + +/* forward declarations */ +#if defined(USER_TIME) + struct tm* gmtime(const time_t* timer); + extern time_t XTIME(time_t * timer); + + #ifdef STACK_TRAP + /* for stack trap tracking, don't call os gmtime on OS X/linux, + uses a lot of stack spce */ + extern time_t time(time_t * timer); + #define XTIME(tl) time((tl)) + #endif /* STACK_TRAP */ + +#elif defined(TIME_OVERRIDES) + extern time_t XTIME(time_t * timer); + extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp); +#elif defined(WOLFSSL_GMTIME) + struct tm* gmtime(const time_t* timer); +#endif +#endif /* NO_ASN_TIME */ + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_PORT_H */ + diff --git a/include/wolfssl/wolfio.h b/include/wolfssl/wolfio.h index 9055a51c..a224483d 100644 --- a/include/wolfssl/wolfio.h +++ b/include/wolfssl/wolfio.h @@ -1,25 +1,16 @@ /* io.h * - * Copyright (C) 2006-2017 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. All rights reserved. * * This file is part of wolfSSL. * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. + * Contact licensing@wolfssl.com with any questions or comments. * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * http://www.wolfssl.com */ + #ifndef WOLFSSL_IO_H #define WOLFSSL_IO_H @@ -53,8 +44,8 @@ /* lwIP needs to be configured to use sockets API in this mode */ /* LWIP_SOCKET 1 in lwip/opt.h or in build */ #include "lwip/sockets.h" - #include #ifndef LWIP_PROVIDE_ERRNO + #include #define LWIP_PROVIDE_ERRNO 1 #endif #elif defined(FREESCALE_MQX) @@ -62,15 +53,12 @@ #include #elif defined(FREESCALE_KSDK_MQX) #include - #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) - #if !defined(WOLFSSL_MDK_ARM) - #include "cmsis_os.h" - #include "rl_net.h" - #else - #include - #endif + #elif (defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)) + #include "cmsis_os.h" + #include "rl_net.h" #include "errno.h" - #define SOCKET_T int + #elif defined(WOLFSSL_CMSIS_RTOS) + #include "cmsis_os.h" #elif defined(WOLFSSL_TIRTOS) #include #elif defined(FREERTOS_TCP) @@ -176,7 +164,6 @@ #define SOCKET_ECONNABORTED NIO_ECONNABORTED #endif #elif defined(WOLFSSL_MDK_ARM)|| defined(WOLFSSL_KEIL_TCP_NET) - #if !defined(WOLFSSL_MDK_ARM) #define SOCKET_EWOULDBLOCK BSD_ERROR_WOULDBLOCK #define SOCKET_EAGAIN BSD_ERROR_LOCKED #define SOCKET_ECONNRESET BSD_ERROR_CLOSED @@ -184,15 +171,6 @@ #define SOCKET_EPIPE BSD_ERROR #define SOCKET_ECONNREFUSED BSD_ERROR #define SOCKET_ECONNABORTED BSD_ERROR - #else - #define SOCKET_EWOULDBLOCK SCK_EWOULDBLOCK - #define SOCKET_EAGAIN SCK_ELOCKED - #define SOCKET_ECONNRESET SCK_ECLOSED - #define SOCKET_EINTR SCK_ERROR - #define SOCKET_EPIPE SCK_ERROR - #define SOCKET_ECONNREFUSED SCK_ERROR - #define SOCKET_ECONNABORTED SCK_ERROR - #endif #elif defined(WOLFSSL_PICOTCP) #define SOCKET_EWOULDBLOCK PICO_ERR_EAGAIN #define SOCKET_EAGAIN PICO_ERR_EAGAIN @@ -292,6 +270,8 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags); #endif /* USE_WOLFSSL_IO || HAVE_HTTP_CLIENT */ +WOLFSSL_API int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx); +WOLFSSL_API int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx); #if defined(USE_WOLFSSL_IO) /* default IO callbacks */ WOLFSSL_API int EmbedReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx); @@ -345,7 +325,7 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags); WOLFSSL_API int wolfIO_HttpBuildRequest(const char* reqType, const char* domainName, const char* path, int pathLen, int reqSz, const char* contentType, unsigned char* buf, int bufSize); - WOLFSSL_API int wolfIO_HttpProcessResponse(int sfd, const char* appStr, + WOLFSSL_API int wolfIO_HttpProcessResponse(int sfd, const char** appStrList, unsigned char** respBuf, unsigned char* httpBuf, int httpBufSz, int dynType, void* heap); #endif /* HAVE_HTTP_CLIENT */ @@ -406,9 +386,17 @@ WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags); #ifndef XINET_NTOP #define XINET_NTOP(a,b,c,d) inet_ntop((a),(b),(c),(d)) + #ifdef USE_WINDOWS_API /* Windows-friendly definition */ + #undef XINET_NTOP + #define XINET_NTOP(a,b,c,d) InetNtop((a),(b),(c),(d)) + #endif #endif #ifndef XINET_PTON #define XINET_PTON(a,b,c) inet_pton((a),(b),(c)) + #ifdef USE_WINDOWS_API /* Windows-friendly definition */ + #undef XINET_PTON + #define XINET_PTON(a,b,c) InetPton((a),(b),(c)) + #endif #endif #ifndef XHTONS #define XHTONS(a) htons((a)) diff --git a/lib/libwolfssl.a b/lib/libwolfssl.a index 885d3b50..e025f845 100644 Binary files a/lib/libwolfssl.a and b/lib/libwolfssl.a differ