feat(wolfssl): Add TLS1.0 and TLS1.1 support for wolfssl

2025-05-21 00:56:38 +08:00 · 2018-05-16 13:01:47 +08:00
parent f9b16e65b5
commit bcb1d17cd9
5 changed files with 215 additions and 10 deletions
--- a/components/ssl/wolfssl/include/user_settings.h
+++ b/components/ssl/wolfssl/include/user_settings.h
@ -22,24 +22,27 @@
 #define HAVE_PK_CALLBACKS
 #define WOLFSSL_KEY_GEN
 #define WOLFSSL_RIPEMD
-#define ESP_PLATFORM
-#define DEBUG_ESP_PLATFORM
 #define USE_WOLFSSL_IO
 #define WOLFSSL_STATIC_RSA
 #define NO_DH
 #define NO_MD4
-#define NO_MD5
 #define NO_DES3
 #define NO_DSA
 #define NO_RC4
 #define NO_RABBIT
-#define NO_OLD_TLS
 #define HAVE_ECC
 #define WC_NO_HARDEN
 #define FREERTOS
 #define WOLFSSL_TYPES
 #define NO_FILESYSTEM
 #define WOLFSSL_ALT_CERT_CHAINS
+#define WOLFSSL_ALLOW_TLSV10
+#define WOLFSSL_SMALL_STACK
+#define SMALL_SESSION_CACHE
+
+#define SSL_CTX_use_certificate_ASN1(ctx,len,buf) wolfSSL_CTX_use_certificate_buffer(ctx,buf,len,WOLFSSL_FILETYPE_PEM)
+#define SSL_CTX_use_PrivateKey_ASN1(type,ctx,buf,len) wolfSSL_CTX_use_PrivateKey_buffer(ctx,buf,len, WOLFSSL_FILETYPE_PEM)
+#define SSL_CTX_load_verify_buffer(ctx,buf,len) wolfSSL_CTX_load_verify_buffer(ctx,buf,len, WOLFSSL_FILETYPE_PEM)

 #ifdef WOLFSSL_TYPES
    #ifndef byte
@ -51,12 +54,8 @@
 #endif

 #ifndef CUSTOM_RAND_GENERATE_BLOCK
-
    /* To use define the following:*/
-    #define CUSTOM_RAND_GENERATE_BLOCK myRngFunc
-    extern int myRngFunc(byte* output, word32 sz);
-
-#endif
-
+    #define CUSTOM_RAND_GENERATE_BLOCK os_get_random
 #endif

+#endif
--- a/components/ssl/wolfssl/lib/libwolfssl.a
+++ b/components/ssl/wolfssl/lib/libwolfssl.a
--- a/components/ssl/wolfssl/wolfssl/wolfssl/openssl/md5.h
+++ b/components/ssl/wolfssl/wolfssl/wolfssl/openssl/md5.h
@ -0,0 +1,67 @@
+/* md5.h
+ *
+ * Copyright (C) 2006-2017 wolfSSL Inc.  All rights reserved.
+ *
+ * This file is part of wolfSSL.
+ *
+ * Contact licensing@wolfssl.com with any questions or comments.
+ *
+ * http://www.wolfssl.com
+ */
+
+
+/* md5.h for openssl */
+
+
+#ifndef WOLFSSL_MD5_H_
+#define WOLFSSL_MD5_H_
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifndef NO_MD5
+
+#include <wolfssl/wolfcrypt/hash.h>
+
+#ifdef WOLFSSL_PREFIX
+#include "prefix_md5.h"
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+typedef struct WOLFSSL_MD5_CTX {
+    void* holder[(112 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];   /* big enough to hold wolfcrypt md5, but check on init */
+} WOLFSSL_MD5_CTX;
+
+WOLFSSL_API int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX*);
+WOLFSSL_API int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX*, const void*, unsigned long);
+WOLFSSL_API int wolfSSL_MD5_Final(unsigned char*, WOLFSSL_MD5_CTX*);
+
+
+typedef WOLFSSL_MD5_CTX MD5_CTX;
+
+#define MD5_Init wolfSSL_MD5_Init
+#define MD5_Update wolfSSL_MD5_Update
+#define MD5_Final wolfSSL_MD5_Final
+
+#ifdef OPENSSL_EXTRA_BSD
+    #define MD5Init wolfSSL_MD5_Init
+    #define MD5Update wolfSSL_MD5_Update
+    #define MD5Final wolfSSL_MD5_Final
+#endif
+
+#ifndef MD5
+#define MD5(d, n, md) wc_Md5Hash((d), (n), (md))
+#endif
+
+#define MD5_DIGEST_LENGTH MD5_DIGEST_SIZE
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+#endif /* NO_MD5 */
+
+#endif /* WOLFSSL_MD5_H_ */
--- a/components/ssl/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
+++ b/components/ssl/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
@ -0,0 +1,31 @@
+/* opensslv.h
+ *
+ * Copyright (C) 2006-2017 wolfSSL Inc.  All rights reserved.
+ *
+ * This file is part of wolfSSL.
+ *
+ * Contact licensing@wolfssl.com with any questions or comments.
+ *
+ * http://www.wolfssl.com
+ */
+
+
+/* opensslv.h compatibility */
+
+#ifndef WOLFSSL_OPENSSLV_H_
+#define WOLFSSL_OPENSSLV_H_
+
+
+/* api version compatibility */
+#if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_SIGNAL)
+     /* version number can be increased for Lighty after compatibility for ECDH
+        is added */
+     #define OPENSSL_VERSION_NUMBER 0x10001000L
+#else
+     #define OPENSSL_VERSION_NUMBER 0x0090810fL
+#endif
+
+#define OPENSSL_VERSION_TEXT             LIBWOLFSSL_VERSION_STRING
+
+
+#endif /* header */
--- a/components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/md5.h
+++ b/components/ssl/wolfssl/wolfssl/wolfssl/wolfcrypt/md5.h
@ -0,0 +1,108 @@
+/* md5.h
+ *
+ * Copyright (C) 2006-2017 wolfSSL Inc.  All rights reserved.
+ *
+ * This file is part of wolfSSL.
+ *
+ * Contact licensing@wolfssl.com with any questions or comments.
+ *
+ * http://www.wolfssl.com
+ */
+
+
+
+#ifndef WOLF_CRYPT_MD5_H
+#define WOLF_CRYPT_MD5_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_MD5
+
+#ifdef HAVE_FIPS
+    #define wc_InitMd5   InitMd5
+    #define wc_Md5Update Md5Update
+    #define wc_Md5Final  Md5Final
+    #define wc_Md5Hash   Md5Hash
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifndef NO_OLD_WC_NAMES
+    #define Md5             wc_Md5
+    #define MD5             WC_MD5
+    #define MD5_BLOCK_SIZE  WC_MD5_BLOCK_SIZE
+    #define MD5_DIGEST_SIZE WC_MD5_DIGEST_SIZE
+    #define WC_MD5_PAD_SIZE WC_MD5_PAD_SIZE
+#endif
+
+/* in bytes */
+enum {
+    WC_MD5             =  0,      /* hash type unique */
+    WC_MD5_BLOCK_SIZE  = 64,
+    WC_MD5_DIGEST_SIZE = 16,
+    WC_MD5_PAD_SIZE    = 56
+};
+
+#ifdef WOLFSSL_MICROCHIP_PIC32MZ
+    #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
+#endif
+#ifdef STM32_HASH
+    #include <wolfssl/wolfcrypt/port/st/stm32.h>
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+    #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+#ifdef WOLFSSL_TI_HASH
+    #include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
+#elif defined(WOLFSSL_IMX6_CAAM)
+    #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
+#else
+
+/* MD5 digest */
+typedef struct wc_Md5 {
+#ifdef STM32_HASH
+    STM32_HASH_Context stmCtx;
+#else
+    word32  buffLen;   /* in bytes          */
+    word32  loLen;     /* length in bytes   */
+    word32  hiLen;     /* length in bytes   */
+    word32  buffer[WC_MD5_BLOCK_SIZE  / sizeof(word32)];
+#ifdef WOLFSSL_PIC32MZ_HASH
+    word32  digest[PIC32_DIGEST_SIZE / sizeof(word32)];
+#else
+    word32  digest[WC_MD5_DIGEST_SIZE / sizeof(word32)];
+#endif
+    void*   heap;
+#ifdef WOLFSSL_PIC32MZ_HASH
+    hashUpdCache cache; /* cache for updates */
+#endif
+#endif /* STM32_HASH */
+#ifdef WOLFSSL_ASYNC_CRYPT
+    WC_ASYNC_DEV asyncDev;
+#endif /* WOLFSSL_ASYNC_CRYPT */
+} wc_Md5;
+
+#endif /* WOLFSSL_TI_HASH */
+
+WOLFSSL_API int wc_InitMd5(wc_Md5*);
+WOLFSSL_API int wc_InitMd5_ex(wc_Md5*, void*, int);
+WOLFSSL_API int wc_Md5Update(wc_Md5*, const byte*, word32);
+WOLFSSL_API int wc_Md5Final(wc_Md5*, byte*);
+WOLFSSL_API void wc_Md5Free(wc_Md5*);
+
+WOLFSSL_API int  wc_Md5GetHash(wc_Md5*, byte*);
+WOLFSSL_API int  wc_Md5Copy(wc_Md5*, wc_Md5*);
+
+#ifdef WOLFSSL_PIC32MZ_HASH
+WOLFSSL_API void wc_Md5SizeSet(wc_Md5* md5, word32 len);
+#endif
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* NO_MD5 */
+#endif /* WOLF_CRYPT_MD5_H */