diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 26e46d3a..064322e0 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -21,22 +21,22 @@ jobs: # general-tools is needed for bin2s and gamecube-tools is needed for elf2dol run: | mkdir cache && cd cache - wget "https://wii.leseratte10.de/devkitPro/file.php/devkitPPC-r36-1-linux.pkg.tar.xz" - wget "https://wii.leseratte10.de/devkitPro/file.php/devkitppc-rules-1.0.1-1-any.pkg.tar.xz" - wget "https://wii.leseratte10.de/devkitPro/file.php/libogc-1.8.24-1-any.pkg.tar.xz" - wget "https://wii.leseratte10.de/devkitPro/file.php/general-tools-1.2.0-1-linux.pkg.tar.xz" - wget "https://wii.leseratte10.de/devkitPro/file.php/gamecube-tools-1.0.2-1-linux.pkg.tar.xz" + wget "https://wii.leseratte10.de/devkitPro/file.php/devkitPPC-r39-2-linux_x86_64.pkg.tar.xz" + wget "https://wii.leseratte10.de/devkitPro/file.php/devkitppc-rules-1.1.1-1-any.pkg.tar.xz" + wget "https://wii.leseratte10.de/devkitPro/file.php/libogc-2.3.1-1-any.pkg.tar.xz" + wget "https://wii.leseratte10.de/devkitPro/file.php/general-tools-1.2.0-2-linux_x86_64.pkg.tar.xz" + wget "https://wii.leseratte10.de/devkitPro/file.php/gamecube-tools-1.0.3-1-linux_x86_64.pkg.tar.xz" cd .. - name: Extract devkitPPC r36, libogc 1.8.24, bin2s and elf2dol # general-tools is needed for bin2s and gamecube-tools is needed for elf2dol run: | - tar -xf cache/devkitPPC-r36-1-linux.pkg.tar.xz opt/devkitpro/devkitPPC --strip-components=1 - tar -xf cache/devkitppc-rules-1.0.1-1-any.pkg.tar.xz opt/devkitpro/devkitPPC --strip-components=1 - tar -xf cache/libogc-1.8.24-1-any.pkg.tar.xz opt/devkitpro/libogc --strip-components=1 - tar -xf cache/general-tools-1.2.0-1-linux.pkg.tar.xz opt/devkitpro/tools/bin/bin2s --strip-components=4 + tar -xf cache/devkitPPC-r39-2-linux_x86_64.pkg.tar.xz opt/devkitpro/devkitPPC --strip-components=1 + tar -xf cache/devkitppc-rules-1.1.1-1-any.pkg.tar.xz opt/devkitpro/devkitPPC --strip-components=1 + tar -xf cache/libogc-2.3.1-1-any.pkg.tar.xz opt/devkitpro/libogc --strip-components=1 + tar -xf cache/general-tools-1.2.0-2-linux_x86_64.pkg.tar.xz opt/devkitpro/tools/bin/bin2s --strip-components=4 sudo cp bin2s /usr/local/bin/bin2s - tar -xf cache/gamecube-tools-1.0.2-1-linux.pkg.tar.xz opt/devkitpro/tools/bin/elf2dol --strip-components=4 + tar -xf cache/gamecube-tools-1.0.3-1-linux_x86_64.pkg.tar.xz opt/devkitpro/tools/bin/elf2dol --strip-components=4 sudo cp elf2dol /usr/local/bin/elf2dol - name: Compile diff --git a/Makefile.main b/Makefile.main index 6a337785..00a1ea6a 100644 --- a/Makefile.main +++ b/Makefile.main @@ -45,6 +45,7 @@ DATA := data \ data/help \ data/sounds INCLUDES := source +FALSE_POSITIVES := -Wno-array-bounds -Wno-stringop-overflow -Wno-stringop-overread #--------------------------------------------------------------------------------- # Default build shell script options @@ -53,7 +54,7 @@ ios := 249 #--------------------------------------------------------------------------------- # options for code generation #--------------------------------------------------------------------------------- -CFLAGS = -g -ggdb -O2 -Wall -Wno-multichar -Wno-address-of-packed-member -Wextra $(MACHDEP) $(INCLUDE) -D_GNU_SOURCE -DHAVE_CONFIG_H +CFLAGS = -g -ggdb -O2 -Wall -Wno-multichar -Wno-address-of-packed-member -Wextra $(FALSE_POSITIVES) $(MACHDEP) $(INCLUDE) -D_GNU_SOURCE -DHAVE_CONFIG_H CXXFLAGS = $(CFLAGS) LDFLAGS = -g -ggdb $(MACHDEP) -Wl,-Map,$(notdir $@).map,--section-start,.init=0x80620000,-wrap,malloc,-wrap,free,-wrap,memalign,-wrap,calloc,-wrap,realloc,-wrap,malloc_usable_size,-wrap,wiiuse_register diff --git a/out/bins/app_booter.bin b/out/bins/app_booter.bin index fece52c0..3269cc1d 100644 Binary files a/out/bins/app_booter.bin and b/out/bins/app_booter.bin differ diff --git a/out/bins/ext_booter.bin b/out/bins/ext_booter.bin index 530bee44..fb9510f2 100644 Binary files a/out/bins/ext_booter.bin and b/out/bins/ext_booter.bin differ diff --git a/out/bins/ext_loader.bin b/out/bins/ext_loader.bin index c058e1f3..a2d4a3c6 100644 Binary files a/out/bins/ext_loader.bin and b/out/bins/ext_loader.bin differ diff --git a/out/boot.dol b/out/boot.dol index 1d105610..45e1cb88 100644 Binary files a/out/boot.dol and b/out/boot.dol differ diff --git a/resources/app_booter/Makefile b/resources/app_booter/Makefile index 17deab9a..ed159033 100644 --- a/resources/app_booter/Makefile +++ b/resources/app_booter/Makefile @@ -35,8 +35,9 @@ INCLUDES := #--------------------------------------------------------------------------------- # options for code generation #--------------------------------------------------------------------------------- +FALSE_POSITIVES := -Wno-array-bounds -Wno-stringop-overflow -Wno-stringop-overread MACHDEP := -mno-eabi -mno-sdata -mcpu=750 -CFLAGS := -Wall -W -O1 -ffreestanding -std=gnu99 -Wstrict-aliasing=2 $(MACHDEP) $(INCLUDE) +CFLAGS := -Wall -W -O1 -ffreestanding -std=gnu99 -Wstrict-aliasing=2 $(FALSE_POSITIVES) $(MACHDEP) $(INCLUDE) LDFLAGS := -nostartfiles -nostdlib $(MACHDEP) #--------------------------------------------------------------------------------- diff --git a/resources/extldr/Makefile b/resources/extldr/Makefile index a15fe15c..8000a1d2 100644 --- a/resources/extldr/Makefile +++ b/resources/extldr/Makefile @@ -10,8 +10,9 @@ OBJCOPY = $(PREFIX)objcopy RANLIB = $(PREFIX)ranlib STRIP = $(PREFIX)strip +FALSE_POSITIVES := -Wno-array-bounds -Wno-stringop-overflow -Wno-stringop-overread MACHDEP = -mcpu=750 -mno-eabi -CFLAGS = $(MACHDEP) -O1 -Werror -Wall -pipe -mno-sdata +CFLAGS = $(FALSE_POSITIVES) $(MACHDEP) -O1 -Werror -Wall -pipe -mno-sdata LDFLAGS = $(MACHDEP) -n -nostartfiles -nostdlib -Wl,-T,link.ld -L. ASFLAGS = -D_LANGUAGE_ASSEMBLY -DHW_RVL -x assembler-with-cpp diff --git a/resources/wiiflow_game_booter/Makefile b/resources/wiiflow_game_booter/Makefile index 1fc4e20f..96a07c4c 100644 --- a/resources/wiiflow_game_booter/Makefile +++ b/resources/wiiflow_game_booter/Makefile @@ -23,7 +23,8 @@ INCLUDES := source #--------------------------------------------------------------------------------- # options for code generation #--------------------------------------------------------------------------------- -CFLAGS = -g -ggdb -O1 -Wall -Wextra -Wno-shift-negative-value $(MACHDEP) $(INCLUDE) -DHAVE_CONFIG_H +FALSE_POSITIVES := -Wno-array-bounds -Wno-stringop-overflow -Wno-stringop-overread +CFLAGS = -g -ggdb -O1 -Wall -Wextra -Wno-shift-negative-value $(FALSE_POSITIVES) $(MACHDEP) $(INCLUDE) -DHAVE_CONFIG_H CXXFLAGS = $(CFLAGS) LDFLAGS = -g -ggdb $(MACHDEP) -Wl,-Map,$(notdir $@).map,--section-start,.init=0x80A80000 diff --git a/resources/wiiflow_game_booter/source/ChannelHandler.cpp b/resources/wiiflow_game_booter/source/ChannelHandler.cpp index ef28e1ce..ef1cdf5e 100644 --- a/resources/wiiflow_game_booter/source/ChannelHandler.cpp +++ b/resources/wiiflow_game_booter/source/ChannelHandler.cpp @@ -42,8 +42,6 @@ #include "videopatch.h" #include "video_tinyload.h" -using namespace std; - void *dolchunkoffset[18]; u32 dolchunksize[18]; u32 dolchunkcount; diff --git a/resources/wiiflow_game_booter/source/main.cpp b/resources/wiiflow_game_booter/source/main.cpp index 2f79ce49..4964b2d2 100644 --- a/resources/wiiflow_game_booter/source/main.cpp +++ b/resources/wiiflow_game_booter/source/main.cpp @@ -34,7 +34,6 @@ #include "gecko.h" #define EXT_ADDR_CFG ((vu32*)0x90100000) -using namespace std; IOS_Info CurrentIOS; /* Boot Variables */ diff --git a/source/channel/banner.h b/source/channel/banner.h index 955bedae..d7afb8f0 100644 --- a/source/channel/banner.h +++ b/source/channel/banner.h @@ -31,8 +31,6 @@ #include -using namespace std; - #define IMET_MAX_NAME_LEN 0x2a typedef struct diff --git a/source/channel/channels.h b/source/channel/channels.h index 86b45644..6b4eaa50 100644 --- a/source/channel/channels.h +++ b/source/channel/channels.h @@ -35,7 +35,8 @@ #define IMET_MAX_NAME_LEN 0x2a -using namespace std; +using std::string; +using std::vector; typedef struct { diff --git a/source/channel/nand.hpp b/source/channel/nand.hpp index e31d5cdb..de346f41 100644 --- a/source/channel/nand.hpp +++ b/source/channel/nand.hpp @@ -59,7 +59,8 @@ typedef struct _uid u16 uid; } ATTRIBUTE_PACKED uid; -using namespace std; +using std::string; +using std::min; class Nand { diff --git a/source/cheats/gct.cpp b/source/cheats/gct.cpp index 563af484..62bc1a15 100644 --- a/source/cheats/gct.cpp +++ b/source/cheats/gct.cpp @@ -56,7 +56,7 @@ string GCTCheats::getCheatComment(unsigned int nr) //creates gct from internal array int GCTCheats::createGCT(const char * filename) { - ofstream filestr; + std::ofstream filestr; filestr.open(filename); if (filestr.fail()) return 0; @@ -93,33 +93,33 @@ int GCTCheats::createTXT(const char * filename) { // save gct file - fstream file; - file.open(filename,ios::out); + std::fstream file; + file.open(filename, std::ios::out); - file << sGameID << endl; - file << sGameTitle << endl << endl; + file << sGameID << std::endl; + file << sGameTitle << std::endl << std::endl; for (unsigned int i=0; i < iCntCheats; ++i) if (sCheatSelected[i]) { - file << sCheatName[i] << endl; + file << sCheatName[i] << std::endl; for (unsigned int j=0; j+8 < sCheats[i].size(); j+=16) - file << sCheats[i].substr(j,8) << " " << sCheats[i].substr(j+8,8) << endl; + file << sCheats[i].substr(j,8) << " " << sCheats[i].substr(j+8,8) << std::endl; - file << "#selected#" << sCheatComment[i] << endl; - file << endl; + file << "#selected#" << sCheatComment[i] << std::endl; + file << std::endl; } for (unsigned int i=0; i < iCntCheats; ++i) if (!sCheatSelected[i]) { - file << sCheatName[i] << endl; + file << sCheatName[i] << std::endl; for (unsigned int j=0; j+8 < sCheats[i].size(); j+=16) - file << sCheats[i].substr(j,8) << " " << sCheats[i].substr(j+8,8) << endl; + file << sCheats[i].substr(j,8) << " " << sCheats[i].substr(j+8,8) << std::endl; if (sCheatComment[i].size() > 1) - file << sCheatComment[i] << endl; - file << endl; + file << sCheatComment[i] << std::endl; + file << std::endl; } file.close(); @@ -131,17 +131,17 @@ int GCTCheats::openTxtfile(const char * filename) { Reset(); - ifstream filestr; + std::ifstream filestr; filestr.open(filename); if (filestr.fail()) return 0; int i = 0; string str; - filestr.seekg(0,ios_base::end); + filestr.seekg(0, std::ios_base::end); int size = filestr.tellg(); if (size <= 0) return -1; - filestr.seekg(0,ios_base::beg); + filestr.seekg(0, std::ios_base::beg); getline(filestr,sGameID); if (sGameID[sGameID.length() - 1] == '\r') diff --git a/source/cheats/gct.h b/source/cheats/gct.h index e882b8e5..47e997cf 100644 --- a/source/cheats/gct.h +++ b/source/cheats/gct.h @@ -11,7 +11,7 @@ #define MAXCHEATS 100 -using namespace std; +using std::string; //!Handles Ocarina TXT Cheatfiles class GCTCheats { diff --git a/source/config/config.cpp b/source/config/config.cpp index 4fb1b567..46b2a57a 100644 --- a/source/config/config.cpp +++ b/source/config/config.cpp @@ -9,25 +9,25 @@ static const char *g_whitespaces = " \f\n\r\t\v"; static const int g_floatPrecision = 10; -const string Config::emptyString; +const std::string Config::emptyString; Config::Config(void) : m_loaded(false), m_changed(false), m_domains(), m_filename(), m_iter() { } -static string trimEnd(string line) +static std::string trimEnd(std::string line) { - string::size_type i = line.find_last_not_of(g_whitespaces); - if (i == string::npos) line.clear(); + std::string::size_type i = line.find_last_not_of(g_whitespaces); + if (i == std::string::npos) line.clear(); else line.resize(i + 1); return line; } -static string trim(string line) +static std::string trim(std::string line) { - string::size_type i = line.find_last_not_of(g_whitespaces); - if (i == string::npos) + std::string::size_type i = line.find_last_not_of(g_whitespaces); + if (i == std::string::npos) { line.clear(); return line; @@ -40,13 +40,13 @@ static string trim(string line) return line; } -static string unescNewlines(const string &text) +static std::string unescNewlines(const std::string &text) { - string s; + std::string s; bool escaping = false; s.reserve(text.size()); - for (string::size_type i = 0; i < text.size(); ++i) + for (std::string::size_type i = 0; i < text.size(); ++i) { if (escaping) { @@ -68,12 +68,12 @@ static string unescNewlines(const string &text) return s; } -static string escNewlines(const string &text) +static std::string escNewlines(const std::string &text) { - string s; + std::string s; s.reserve(text.size()); - for (string::size_type i = 0; i < text.size(); ++i) + for (std::string::size_type i = 0; i < text.size(); ++i) { switch (text[i]) { @@ -92,17 +92,17 @@ static string escNewlines(const string &text) return s; } -bool Config::hasDomain(const string &domain) const +bool Config::hasDomain(const std::string &domain) const { return m_domains.find(domain) != m_domains.end(); } -void Config::copyDomain(const string &dst, const string &src) +void Config::copyDomain(const std::string &dst, const std::string &src) { m_domains[upperCase(dst)] = m_domains[upperCase(src)]; } -const string &Config::firstDomain(void) +const std::string &Config::firstDomain(void) { m_iter = m_domains.begin(); if (m_iter == m_domains.end()) @@ -110,7 +110,7 @@ const string &Config::firstDomain(void) return m_iter->first; } -const string &Config::nextDomain(void) +const std::string &Config::nextDomain(void) { ++m_iter; if (m_iter == m_domains.end()) @@ -118,7 +118,7 @@ const string &Config::nextDomain(void) return m_iter->first; } -const string &Config::nextDomain(const string &start) const +const std::string &Config::nextDomain(const std::string &start) const { Config::DomainMap::const_iterator i; Config::DomainMap::const_iterator j; @@ -132,7 +132,7 @@ const string &Config::nextDomain(const string &start) const return j != m_domains.end() ? j->first : i->first; } -const string &Config::prevDomain(const string &start) const +const std::string &Config::prevDomain(const std::string &start) const { Config::DomainMap::const_iterator i; if (m_domains.empty()) @@ -148,9 +148,9 @@ bool Config::load(const char *filename) { if (m_loaded && m_changed) save(); - ifstream file(filename, ios::in | ios::binary); - string line; - string domain(""); + std::ifstream file(filename, std::ios::in | std::ios::binary); + std::string line; + std::string domain(""); m_changed = false; m_loaded = false; @@ -161,7 +161,7 @@ bool Config::load(const char *filename) while (file.good()) { line.clear(); - getline(file, line, '\n'); + std::getline(file, line, '\n'); ++n; if (!file.bad() && !file.fail()) { @@ -169,8 +169,8 @@ bool Config::load(const char *filename) if (line.empty() || line[0] == '#' || line[0] == '\0') continue; if (line[0] == '[') { - string::size_type i = line.find_first_of(']'); - if (i != string::npos && i > 1) + std::string::size_type i = line.find_first_of(']'); + if (i != std::string::npos && i > 1) { domain = upperCase(line.substr(1, i - 1)); if (m_domains.find(domain) != m_domains.end()) @@ -180,8 +180,8 @@ bool Config::load(const char *filename) else if (!domain.empty()) { - string::size_type i = line.find_first_of('='); - if (i != string::npos && i > 0) + std::string::size_type i = line.find_first_of('='); + if (i != std::string::npos && i > 0) m_domains[domain][lowerCase(trim(line.substr(0, i)))] = unescNewlines(trim(line.substr(i + 1))); } } @@ -205,7 +205,7 @@ void Config::save(bool unload) if (m_changed) { //gprintf("changed:%d\n",m_changed); - ofstream file(m_filename.c_str(), ios::out | ios::binary); + std::ofstream file(m_filename.c_str(), std::ios::out | std::ios::binary); for (Config::DomainMap::iterator k = m_domains.begin(); k != m_domains.end(); ++k) { Config::KeyMap *m = &k->second; @@ -231,15 +231,15 @@ void Config::groupCustomTitles(void) { for (Config::DomainMap::iterator k = m_domains.begin(); k != m_domains.end(); ++k) { - string uc_domain(upperCase(k->first)); - istringstream f(uc_domain); - string s; + std::string uc_domain(upperCase(k->first)); + std::istringstream f(uc_domain); + std::string s; while (getline(f, s, ',')) m_groupCustomTitles[s] = uc_domain; } } -void Config::setWString(const string &domain, const string &key, const wstringEx &val) +void Config::setWString(const std::string &domain, const std::string &key, const wstringEx &val) { if (domain.empty() || key.empty()) return; //gprintf("setWString %s\n", val.toUTF8().c_str()); @@ -247,7 +247,7 @@ void Config::setWString(const string &domain, const string &key, const wstringEx m_domains[upperCase(domain)][lowerCase(key)] = val.toUTF8(); } -void Config::setString(const string &domain, const string &key, const string &val) +void Config::setString(const std::string &domain, const std::string &key, const std::string &val) { if (domain.empty() || key.empty()) return; //gprintf("setString %s\n", val.c_str()); @@ -255,7 +255,7 @@ void Config::setString(const string &domain, const string &key, const string &va m_domains[upperCase(domain)][lowerCase(key)] = val; } -void Config::setBool(const string &domain, const string &key, bool val) +void Config::setBool(const std::string &domain, const std::string &key, bool val) { if (domain.empty() || key.empty()) return; //gprintf("setBool %d\n", val); @@ -263,7 +263,7 @@ void Config::setBool(const string &domain, const string &key, bool val) m_domains[upperCase(domain)][lowerCase(key)] = val ? "yes" : "no"; } -void Config::remove(const string &domain, const string &key) +void Config::remove(const std::string &domain, const std::string &key) { if (domain.empty() || key.empty()) return; //gprintf("remove %s\n", key.c_str()); @@ -271,7 +271,7 @@ void Config::remove(const string &domain, const string &key) m_domains[upperCase(domain)].erase(lowerCase(key)); } -void Config::setOptBool(const string &domain, const string &key, int val) +void Config::setOptBool(const std::string &domain, const std::string &key, int val) { if (domain.empty() || key.empty()) return; //gprintf("setOptBool %d\n", val); @@ -289,7 +289,7 @@ void Config::setOptBool(const string &domain, const string &key, int val) } } -void Config::setInt(const string &domain, const string &key, int val) +void Config::setInt(const std::string &domain, const std::string &key, int val) { if (domain.empty() || key.empty()) return; //gprintf("setInt %i\n", val); @@ -305,7 +305,7 @@ void Config::setUInt(const std::string &domain, const std::string &key, unsigned m_domains[upperCase(domain)][lowerCase(key)] = sfmt("%u", val); } -void Config::setFloat(const string &domain, const string &key, float val) +void Config::setFloat(const std::string &domain, const std::string &key, float val) { if (domain.empty() || key.empty()) return; //gprintf("setFloat %f\n", val); @@ -329,10 +329,10 @@ void Config::setColor(const std::string &domain, const std::string &key, const C m_domains[upperCase(domain)][lowerCase(key)] = sfmt("#%.2X%.2X%.2X%.2X", val.r, val.g, val.b, val.a); } -wstringEx Config::getWString(const string &domain, const string &key, const wstringEx &defVal) +wstringEx Config::getWString(const std::string &domain, const std::string &key, const wstringEx &defVal) { if (domain.empty() || key.empty()) return defVal; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; if (data.empty()) { data = defVal.toUTF8(); @@ -345,11 +345,11 @@ wstringEx Config::getWString(const string &domain, const string &key, const wstr return ws; } -string Config::getString(const string &domain, const string &key, const string &defVal) +std::string Config::getString(const std::string &domain, const std::string &key, const std::string &defVal) { if(domain.empty() || key.empty()) return defVal; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; if(data.empty()) { data = defVal; @@ -359,13 +359,13 @@ string Config::getString(const string &domain, const string &key, const string & return data; } -string Config::getStringCustomTitles(const string &domain, const string &key, const string &defVal) +std::string Config::getStringCustomTitles(const std::string &domain, const std::string &key, const std::string &defVal) { if(domain.empty() || key.empty()) return defVal; KeyMap::iterator i = m_groupCustomTitles.find(upperCase(domain)); if (i == m_groupCustomTitles.end()) return defVal; - string &data = m_domains[i->second][lowerCase(key)]; + std::string &data = m_domains[i->second][lowerCase(key)]; if(data.empty()) { data = defVal; @@ -375,9 +375,9 @@ string Config::getStringCustomTitles(const string &domain, const string &key, co return data; } -vector Config::getStrings(const string &domain, const string &key, char seperator, const string &defVal) +std::vector Config::getStrings(const std::string &domain, const std::string &key, char seperator, const std::string &defVal) { - vector retval; + std::vector retval; if(domain.empty() || key.empty()) { @@ -386,7 +386,7 @@ vector Config::getStrings(const string &domain, const string &key, char return retval; } - string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; if(data.empty()) { if(!defVal.empty()) @@ -396,19 +396,19 @@ vector Config::getStrings(const string &domain, const string &key, char // Parse the string into different substrings // skip delimiters at beginning. - string::size_type lastPos = data.find_first_not_of(seperator, 0); + std::string::size_type lastPos = data.find_first_not_of(seperator, 0); // find first "non-delimiter". - string::size_type pos = data.find_first_of(seperator, lastPos); + std::string::size_type pos = data.find_first_of(seperator, lastPos); // no seperator found, return data - if(pos == string::npos) + if(pos == std::string::npos) { retval.push_back(data); return retval; } - while(string::npos != pos || string::npos != lastPos) + while(std::string::npos != pos || std::string::npos != lastPos) { // found a token, add it to the vector. retval.push_back(data.substr(lastPos, pos - lastPos)); @@ -423,10 +423,10 @@ vector Config::getStrings(const string &domain, const string &key, char return retval; } -bool Config::getBool(const string &domain, const string &key, bool defVal) +bool Config::getBool(const std::string &domain, const std::string &key, bool defVal) { if (domain.empty() || key.empty()) return defVal; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; if (data.empty()) { data = defVal ? "yes" : "no"; @@ -434,19 +434,19 @@ bool Config::getBool(const string &domain, const string &key, bool defVal) m_changed = true; return defVal; } - string s(lowerCase(trim(data))); + std::string s(lowerCase(trim(data))); if (s == "yes" || s == "true" || s == "y" || s == "1") return true; return false; } -bool Config::testOptBool(const string &domain, const string &key, bool defVal) +bool Config::testOptBool(const std::string &domain, const std::string &key, bool defVal) { if (domain.empty() || key.empty()) return defVal; KeyMap &km = m_domains[upperCase(domain)]; KeyMap::iterator i = km.find(lowerCase(key)); if (i == km.end()) return defVal; - string s(lowerCase(trim(i->second))); + std::string s(lowerCase(trim(i->second))); if (s == "yes" || s == "true" || s == "y" || s == "1") return true; if (s == "no" || s == "false" || s == "n" || s == "0") @@ -454,10 +454,10 @@ bool Config::testOptBool(const string &domain, const string &key, bool defVal) return defVal; } -int Config::getOptBool(const string &domain, const string &key, int defVal) +int Config::getOptBool(const std::string &domain, const std::string &key, int defVal) { if (domain.empty() || key.empty()) return defVal; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; if (data.empty()) { switch (defVal) @@ -475,7 +475,7 @@ int Config::getOptBool(const string &domain, const string &key, int defVal) m_changed = true; return defVal; } - string s(lowerCase(trim(data))); + std::string s(lowerCase(trim(data))); if (s == "yes" || s == "true" || s == "y" || s == "1") return 1; if (s == "no" || s == "false" || s == "n" || s == "0") @@ -483,10 +483,10 @@ int Config::getOptBool(const string &domain, const string &key, int defVal) return 2; } -int Config::getInt(const string &domain, const string &key, int defVal) +int Config::getInt(const std::string &domain, const std::string &key, int defVal) { if (domain.empty() || key.empty()) return defVal; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; if (data.empty()) { data = sfmt("%i", defVal); @@ -501,16 +501,16 @@ int Config::getInt(const string &domain, const string &key, int defVal) bool Config::getInt(const std::string &domain, const std::string &key, int *value) { if (domain.empty() || key.empty()) return false; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; if (data.empty()) return false; *value = strtol(data.c_str(), 0, 10); return true; } -unsigned int Config::getUInt(const string &domain, const string &key, unsigned int defVal) +unsigned int Config::getUInt(const std::string &domain, const std::string &key, unsigned int defVal) { if (domain.empty() || key.empty()) return defVal; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; if (data.empty()) { data = sfmt("%u", defVal); @@ -521,10 +521,10 @@ unsigned int Config::getUInt(const string &domain, const string &key, unsigned i return strtoul(data.c_str(), 0, 10); } -float Config::getFloat(const string &domain, const string &key, float defVal) +float Config::getFloat(const std::string &domain, const std::string &key, float defVal) { if (domain.empty() || key.empty()) return defVal; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; if (data.empty()) { data = sfmt("%.*g", g_floatPrecision, defVal); @@ -538,12 +538,12 @@ float Config::getFloat(const string &domain, const string &key, float defVal) Vector3D Config::getVector3D(const std::string &domain, const std::string &key, const Vector3D &defVal) { if (domain.empty() || key.empty()) return defVal; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; - string::size_type i; - string::size_type j = string::npos; + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string::size_type i; + std::string::size_type j = std::string::npos; i = data.find_first_of(','); - if (i != string::npos) j = data.find_first_of(',', i + 1); - if (j == string::npos) + if (i != std::string::npos) j = data.find_first_of(',', i + 1); + if (j == std::string::npos) { data = sfmt("%.*g, %.*g, %.*g", g_floatPrecision, defVal.x, g_floatPrecision, defVal.y, g_floatPrecision, defVal.z); //gprintf("getVector3D\n"); @@ -556,16 +556,16 @@ Vector3D Config::getVector3D(const std::string &domain, const std::string &key, CColor Config::getColor(const std::string &domain, const std::string &key, const CColor &defVal) { if (domain.empty() || key.empty()) return defVal; - string &data = m_domains[upperCase(domain)][lowerCase(key)]; - string text(upperCase(trim(data))); + std::string &data = m_domains[upperCase(domain)][lowerCase(key)]; + std::string text(upperCase(trim(data))); u32 i = (u32)text.find_first_of('#'); - if (i != string::npos) + if (i != std::string::npos) { text.erase(0, i + 1); i = (u32)text.find_first_not_of("0123456789ABCDEF"); - if ((i != string::npos && i >= 6) || (i == string::npos && text.size() >= 6)) + if ((i != std::string::npos && i >= 6) || (i == std::string::npos && text.size() >= 6)) { - u32 n = ((i != string::npos && i >= 8) || (i == string::npos && text.size() >= 8)) ? 8 : 6; + u32 n = ((i != std::string::npos && i >= 8) || (i == std::string::npos && text.size() >= 8)) ? 8 : 6; for (i = 0; i < n; ++i) if (text[i] <= '9') text[i] -= '0'; diff --git a/source/config/config.hpp b/source/config/config.hpp index 3ecb6654..dd7cf872 100644 --- a/source/config/config.hpp +++ b/source/config/config.hpp @@ -34,7 +34,7 @@ public: wstringEx getWString(const std::string &domain, const std::string &key, const wstringEx &defVal = wstringEx()); std::string getString(const std::string &domain, const std::string &key, const std::string &defVal = std::string()); std::string getStringCustomTitles(const std::string &domain, const std::string &key, const std::string &defVal = std::string()); - vector getStrings(const std::string &domain, const std::string &key, char seperator = ',', const std::string &defval = std::string()); + std::vector getStrings(const std::string &domain, const std::string &key, char seperator = ',', const std::string &defval = std::string()); bool getBool(const std::string &domain, const std::string &key, bool defVal = false); int getOptBool(const std::string &domain, const std::string &key, int defVal = 2); bool testOptBool(const std::string &domain, const std::string &key, bool defVal); diff --git a/source/defines.h b/source/defines.h index 7a99e077..37925364 100644 --- a/source/defines.h +++ b/source/defines.h @@ -1,6 +1,6 @@ #define APP_NAME "WiiFlow WFL" -#define APP_VERSION "5.5.0 beta 1" +#define APP_VERSION "5.5.0 beta 2" #define APP_DATA_DIR "wiiflow" #define APPS_DIR "apps/wiiflow" diff --git a/source/devicemounter/PartitionHandle.h b/source/devicemounter/PartitionHandle.h index 536ef402..bce47be5 100644 --- a/source/devicemounter/PartitionHandle.h +++ b/source/devicemounter/PartitionHandle.h @@ -29,8 +29,6 @@ #include #include -using namespace std; - #define MAX_PARTITIONS 32 /* Maximum number of partitions that can be found */ #define MAX_MOUNTS 10 /* Maximum number of mounts available at one time */ #define MAX_SYMLINK_DEPTH 10 /* Maximum search depth when resolving symbolic links */ @@ -171,8 +169,8 @@ protected: s8 CheckGPT(); const DISC_INTERFACE *interface; - vector PartitionList; - vector MountNameList; + std::vector PartitionList; + std::vector MountNameList; }; #endif diff --git a/source/gui/FreeTypeGX.cpp b/source/gui/FreeTypeGX.cpp index af380d71..b5ff4d51 100644 --- a/source/gui/FreeTypeGX.cpp +++ b/source/gui/FreeTypeGX.cpp @@ -21,8 +21,6 @@ #include "FreeTypeGX.h" #include "memory/mem2.hpp" -using namespace std; - #define ALIGN8(x) (((x) + 7) & ~7) FreeTypeGX::FreeTypeGX() @@ -88,8 +86,8 @@ void FreeTypeGX::unloadFont() { if (this->fontData.size() == 0) return; - map >::iterator itr; - map::iterator itr2; + std::map >::iterator itr; + std::map::iterator itr2; for (itr = fontData.begin(); itr != fontData.end(); itr++) { @@ -105,10 +103,10 @@ void FreeTypeGX::unloadFont() ftgxCharData * FreeTypeGX::cacheGlyphData(wchar_t charCode, int16_t pixelSize) { - map >::iterator itr = fontData.find(pixelSize); + std::map >::iterator itr = fontData.find(pixelSize); if (itr != fontData.end()) { - map::iterator itr2 = itr->second.find(charCode); + std::map::iterator itr2 = itr->second.find(charCode); if (itr2 != itr->second.end()) { return &itr2->second; @@ -124,7 +122,7 @@ ftgxCharData * FreeTypeGX::cacheGlyphData(wchar_t charCode, int16_t pixelSize) FT_Set_Pixel_Sizes(ftFace, 0, ftPointSize); //!Cache ascender and decender as well - map::iterator itrAlign = ftgxAlign.find(ftPointSize); + std::map::iterator itrAlign = ftgxAlign.find(ftPointSize); if (itrAlign == ftgxAlign.end()) { ftgxAlign[ftPointSize].ascender = (int16_t) ftFace->size->metrics.ascender >> 6; @@ -231,7 +229,7 @@ int16_t FreeTypeGX::getStyleOffsetWidth(uint16_t width, uint16_t format) int16_t FreeTypeGX::getStyleOffsetHeight(int16_t format, uint16_t pixelSize) { - map::iterator itrAlign = ftgxAlign.find(pixelSize); + std::map::iterator itrAlign = ftgxAlign.find(pixelSize); if (itrAlign == ftgxAlign.end()) return 0; switch (format & FTGX_ALIGN_MASK) diff --git a/source/gui/GameTDB.cpp b/source/gui/GameTDB.cpp index 8e226180..ed9cda61 100644 --- a/source/gui/GameTDB.cpp +++ b/source/gui/GameTDB.cpp @@ -80,8 +80,8 @@ bool GameTDB::OpenFile(const char *filepath) if(file) { int pos; - string OffsetsPath = filepath; - if((pos = OffsetsPath.find_last_of('/')) != (int) string::npos) + std::string OffsetsPath = filepath; + if((pos = OffsetsPath.find_last_of('/')) != (int) std::string::npos) OffsetsPath[pos] = '\0'; else OffsetsPath.clear(); //! Relative path @@ -96,7 +96,7 @@ bool GameTDB::OpenFile(const char *filepath) void GameTDB::CloseFile() { OffsetMap.clear(); - vector().swap(OffsetMap); + std::vector().swap(OffsetMap); if(GameNodeCache) MEM2_free(GameNodeCache); @@ -112,7 +112,7 @@ bool GameTDB::LoadGameOffsets(const char *path) if(!path) return false; - string OffsetDBPath = path; + std::string OffsetDBPath = path; if(strlen(path) > 0 && path[strlen(path)-1] != '/') OffsetDBPath += '/'; OffsetDBPath += NAME_OFFSET_DB; @@ -777,7 +777,7 @@ bool GameTDB::GetRatingValue(const char *id, const char * &rating_value) return true; } -int GameTDB::GetRatingDescriptors(const char *id, vector & desc_list) +int GameTDB::GetRatingDescriptors(const char *id, std::vector & desc_list) { desc_list.clear(); if(!id) @@ -845,7 +845,7 @@ int GameTDB::GetWifiPlayers(const char *id) return players; } -int GameTDB::GetWifiFeatures(const char *id, vector & feat_list) +int GameTDB::GetWifiFeatures(const char *id, std::vector & feat_list) { feat_list.clear(); if(!id) @@ -917,7 +917,7 @@ int GameTDB::GetPlayers(const char *id) return players; } -int GameTDB::GetAccessories(const char *id, vector & acc_list) +int GameTDB::GetAccessories(const char *id, std::vector & acc_list) { acc_list.clear(); if(!id) diff --git a/source/gui/GameTDB.hpp b/source/gui/GameTDB.hpp index 92bccc2a..a9b818a4 100644 --- a/source/gui/GameTDB.hpp +++ b/source/gui/GameTDB.hpp @@ -28,7 +28,7 @@ #include #include -using namespace std; +//using namespace std; enum { @@ -40,7 +40,7 @@ enum typedef struct _Accessory { - string Name; + std::string Name; bool Required; } Accessory; @@ -95,19 +95,19 @@ public: bool GetRatingValue(const char * id, const char * &rating_value); //! Get the rating descriptor list inside a vector for a specific game id //! Returns the amount of descriptors found or -1 if failed - int GetRatingDescriptors(const char * id, vector & desc_list); + int GetRatingDescriptors(const char * id, std::vector & desc_list); //! Get the wifi player count for a specific game id //! Returns the amount of wifi players or -1 if failed int GetWifiPlayers(const char * id); //! Get the wifi feature list inside a vector for a specific game id //! Returns the amount of wifi features found or -1 if failed - int GetWifiFeatures(const char * id, vector & feat_list); + int GetWifiFeatures(const char * id, std::vector & feat_list); //! Get the player count for a specific game id //! Returns the amount of players or -1 if failed int GetPlayers(const char * id); //! Returns the amount of accessoires found or -1 if failed //! Get the accessoire (inputs) list inside a vector for a specific game id - int GetAccessories(const char * id, vector & acc_list); + int GetAccessories(const char * id, std::vector & acc_list); //! Get the box (case) color for a specific game id //! Returns the color in RGB (first 3 bytes) u32 GetCaseColor(const char * id); @@ -132,9 +132,9 @@ private: inline char * GetNodeText(char *data, const char *nodestart, const char *nodeend); bool isLoaded; - vector OffsetMap; + std::vector OffsetMap; FILE * file; - string LangCode; + std::string LangCode; char *GameNodeCache; char GameIDCache[7]; }; diff --git a/source/gui/WiiMovie.hpp b/source/gui/WiiMovie.hpp index 89f18ac8..b5f9f39e 100644 --- a/source/gui/WiiMovie.hpp +++ b/source/gui/WiiMovie.hpp @@ -5,8 +5,6 @@ #include "Timer.h" #include "texture.hpp" -using namespace std; - class WiiMovie { public: diff --git a/source/gui/coverflow.hpp b/source/gui/coverflow.hpp index ec1cb5dd..56bc4e11 100644 --- a/source/gui/coverflow.hpp +++ b/source/gui/coverflow.hpp @@ -16,7 +16,9 @@ #include "loader/utils.h" #include "music/gui_sound.h" -using namespace std; +//using namespace std; +using std::min; +using std::max; enum Sorting { @@ -47,7 +49,7 @@ public: bool empty(void) const { return m_items.empty(); } u32 size(void) const { return m_items.size(); } // - bool start(const string &m_imgsDir); + bool start(const std::string &m_imgsDir); void stopCoverLoader(bool empty = false); void startCoverLoader(void); u32 _currentPos(void) const; @@ -86,7 +88,7 @@ public: void setCompression(bool enable) { m_compressTextures = enable; } bool getBoxMode(void) const { return m_box;} void setBufferSize(u32 numCovers); - void setTextures(const string &loadingPic, const string &loadingPicFlat, const string &noCoverPic, const string &noCoverPicFlat); + void setTextures(const std::string &loadingPic, const std::string &loadingPicFlat, const std::string &noCoverPic, const std::string &noCoverPicFlat); void setFont(const SFont &font, const CColor &color); void setRange(u32 rows, u32 columns); void setBoxMode(bool box); @@ -237,7 +239,7 @@ private: Vector3D m_cameraAim; Vector3D m_targetCameraPos; Vector3D m_targetCameraAim; - vector m_items; + std::vector m_items; CCover *m_covers; int m_delay; int m_minDelay; @@ -264,10 +266,10 @@ private: TexData m_dvdSkin_GreenTwo; TexData m_dvdSkin_Clear; // Settings - string m_pngLoadCover; - string m_pngLoadCoverFlat; - string m_pngNoCover; - string m_pngNoCoverFlat; + std::string m_pngLoadCover; + std::string m_pngLoadCoverFlat; + std::string m_pngNoCover; + std::string m_pngNoCoverFlat; u32 m_numBufCovers; SFont m_font; CColor m_fontColor; @@ -285,7 +287,7 @@ private: bool m_hideCover; bool m_compressTextures; bool m_compressCache; - string m_cachePath; + std::string m_cachePath; bool m_deletePicsAfterCaching; bool m_pluginCacheFolders; bool m_mirrorBlur; diff --git a/source/gui/cursor.cpp b/source/gui/cursor.cpp index 1812bb3a..8eb4bee1 100644 --- a/source/gui/cursor.cpp +++ b/source/gui/cursor.cpp @@ -4,7 +4,7 @@ #include "memory/mem2.hpp" #include -using namespace std; +//using namespace std; extern const u8 player1_point_png[]; extern const u8 player2_point_png[]; @@ -172,13 +172,13 @@ void CCursor::_blur(void) return; for (int i = 0; i < w; ++i) { - xmax[i] = min(i + radius + 1, w - 1); - xmin[i] = max(i - radius, 0); + xmax[i] = std::min(i + radius + 1, w - 1); + xmin[i] = std::max(i - radius, 0); } for (int i = 0; i < h; ++i) { - ymax[i] = min(i + radius + 1, h - 1) * w; - ymin[i] = max(i - radius, 0) * w; + ymax[i] = std::min(i + radius + 1, h - 1) * w; + ymin[i] = std::max(i - radius, 0) * w; } for (int k = 0; k < pass; ++k) // 2 passes for much better quality { @@ -187,7 +187,7 @@ void CCursor::_blur(void) { sum = 0; for (int i = -radius; i <= radius; ++i) - sum += pic[coordsI8(min(max(0, i), w - 1), y, w)]; + sum += pic[coordsI8(std::min(std::max(0, i), w - 1), y, w)]; for (int x = 0; x < w; ++x) { r[yi] = sum / div; @@ -202,7 +202,7 @@ void CCursor::_blur(void) yp = -radius * w; for (int i = -radius; i <= radius; ++i) { - yi = max(0, yp) + x; + yi = std::max(0, yp) + x; sum += r[yi]; yp += w; } diff --git a/source/gui/fanart.cpp b/source/gui/fanart.cpp index b50231ff..896173c7 100644 --- a/source/gui/fanart.cpp +++ b/source/gui/fanart.cpp @@ -3,7 +3,7 @@ #include "memory/mem2.hpp" #include "types.h" -using namespace std; +//using namespace std; static guVector _GRRaxisx = (guVector){1, 0, 0}; // DO NOT MODIFY!!! static guVector _GRRaxisy = (guVector){0, 1, 0}; // Even at runtime @@ -22,7 +22,7 @@ void CFanart::unload() { m_faConfig.unload(); m_loaded = false; - for(vector::iterator Elm = m_elms.begin(); Elm != m_elms.end(); Elm++) + for(std::vector::iterator Elm = m_elms.begin(); Elm != m_elms.end(); Elm++) Elm->Cleanup(); m_elms.clear(); TexHandle.Cleanup(m_bg); @@ -105,7 +105,7 @@ void CFanart::getBackground(const TexData * &hq, const TexData * &lq) void CFanart::reset() { - for(vector::iterator Elm = m_elms.begin(); Elm != m_elms.end(); Elm++) + for(std::vector::iterator Elm = m_elms.begin(); Elm != m_elms.end(); Elm++) Elm->Cleanup(); m_elms.clear(); for(int i = 1; i <= 6; i++) @@ -186,7 +186,7 @@ CFanartElement::CFanartElement(Config &cfg, const char *dir, int artwork) m_y = cfg.getInt(domain, "y", 0); m_scaleX = cfg.getFloat(domain, "scale_x", 1.f); m_scaleY = cfg.getFloat(domain, "scale_y", 1.f); - m_alpha = min(cfg.getInt(domain, "alpha", 255), 255); + m_alpha = std::min(cfg.getInt(domain, "alpha", 255), 255); m_delay = (int) (cfg.getFloat(domain, "delay", 0.f) * 50); m_angle = cfg.getFloat(domain, "angle", 0.f); @@ -195,7 +195,7 @@ CFanartElement::CFanartElement(Config &cfg, const char *dir, int artwork) m_event_y = m_event_duration == 0 ? m_y : cfg.getInt(domain, "event_y", m_y); m_event_scaleX = m_event_duration == 0 ? m_scaleX : cfg.getInt(domain, "event_scale_x", m_scaleX); m_event_scaleY = m_event_duration == 0 ? m_scaleY : cfg.getInt(domain, "event_scale_y", m_scaleY); - m_event_alpha = m_event_duration == 0 ? m_alpha : min(cfg.getInt(domain, "event_alpha", m_alpha), 255); // Not from m_alpha, because the animation can start less translucent than m_alpha + m_event_alpha = m_event_duration == 0 ? m_alpha : std::min(cfg.getInt(domain, "event_alpha", m_alpha), 255); // Not from m_alpha, because the animation can start less translucent than m_alpha m_event_angle = m_event_duration == 0 ? m_angle : cfg.getFloat(domain, "event_angle", m_angle); m_step_x = m_event_duration == 0 ? 0 : (m_x - m_event_x) / m_event_duration; diff --git a/source/gui/fanart.hpp b/source/gui/fanart.hpp index cbadd6d2..9949f30d 100644 --- a/source/gui/fanart.hpp +++ b/source/gui/fanart.hpp @@ -70,7 +70,7 @@ public: void reset(); private: - vector m_elms; + std::vector m_elms; bool m_animationComplete; u16 m_delayAfterAnimation; diff --git a/source/gui/gcvid.cpp b/source/gui/gcvid.cpp index eb91902f..10aeb500 100644 --- a/source/gui/gcvid.cpp +++ b/source/gui/gcvid.cpp @@ -36,8 +36,6 @@ #include "loader/utils.h" #include "memory/mem2.hpp" -using namespace std; - void readThpHeader(FILE* f, ThpHeader& h) { fread(&h, sizeof(h), 1, f); diff --git a/source/gui/gcvid.h b/source/gui/gcvid.h index b11b12e6..2081a1ce 100644 --- a/source/gui/gcvid.h +++ b/source/gui/gcvid.h @@ -32,7 +32,8 @@ #include //FILE* #include #include -using namespace std; +using std::string; +using std::vector; #include diff --git a/source/gui/gui.cpp b/source/gui/gui.cpp index bb683c71..3c8967ac 100644 --- a/source/gui/gui.cpp +++ b/source/gui/gui.cpp @@ -1,8 +1,6 @@ #include "gui.hpp" #include -using namespace std; - template static inline T loopNum(T i, T s) { return (i + s) % s; @@ -444,7 +442,7 @@ void CButtonsMgr::stopSounds(void) void CButtonsMgr::setSoundVolume(int vol) { - m_soundVolume = min(max(0, vol), 0xFF); + m_soundVolume = std::min(std::max(0, vol), 0xFF); } void CButtonsMgr::setRumble(int chan, bool wii, bool gc, bool wupc) diff --git a/source/gui/text.cpp b/source/gui/text.cpp index 976f62c1..369410f9 100644 --- a/source/gui/text.cpp +++ b/source/gui/text.cpp @@ -168,9 +168,9 @@ bool SFont::fromBuffer(const u8 *buffer, const u32 bufferSize, u32 size, u32 lsp { if(buffer == NULL) return false; - fSize = min(max(6u, size), 1000u); - lineSpacing = min(max(6u, lspacing), 1000u); - weight = min(w, 32u); + fSize = std::min(std::max(6u, size), 1000u); + lineSpacing = std::min(std::max(6u, lspacing), 1000u); + weight = std::min(w, 32u); index = idx;// currently not used if(data != NULL) @@ -190,11 +190,11 @@ bool SFont::fromBuffer(const u8 *buffer, const u32 bufferSize, u32 size, u32 lsp bool SFont::fromFile(const char *path, u32 size, u32 lspacing, u32 w, u32 idx, const char *fontname) { - fSize = min(max(6u, size), 1000u); - weight = min(w, 32u); + fSize = std::min(std::max(6u, size), 1000u); + weight = std::min(w, 32u); index = idx;// currently not used - lineSpacing = min(max(6u, lspacing), 1000u); + lineSpacing = std::min(std::max(6u, lspacing), 1000u); if(data != NULL) free(data); @@ -425,14 +425,14 @@ string lowerCase(string text) // trim from start string ltrim(string s) { - s.erase(s.begin(), find_if(s.begin(), s.end(), not1(ptr_fun(isspace)))); + s.erase(s.begin(), find_if(s.begin(), s.end(), std::not1(std::ptr_fun(isspace)))); return s; } // trim from end string rtrim(string s) { - s.erase(find_if(s.rbegin(), s.rend(), not1(ptr_fun(isspace))).base(), s.end()); + s.erase(find_if(s.rbegin(), s.rend(), std::not1(std::ptr_fun(isspace))).base(), s.end()); return s; } diff --git a/source/gui/text.hpp b/source/gui/text.hpp index 5decd9d2..b86e040f 100644 --- a/source/gui/text.hpp +++ b/source/gui/text.hpp @@ -10,7 +10,8 @@ #include "video.hpp" #include "wstringEx/wstringEx.hpp" -using namespace std; +using std::string; +using std::vector; class SFont// should be either struct SFont or class CFont { @@ -59,17 +60,17 @@ private: // Nothing to do with CText. Q&D helpers for string formating. -std::string sfmt(const char *format, ...); +string sfmt(const char *format, ...); wstringEx wfmt(const wstringEx &format, ...); bool checkFmt(const wstringEx &ref, const wstringEx &format); -std::string vectorToString(const vector &vect, std::string sep); +string vectorToString(const vector &vect, string sep); wstringEx vectorToString(const vector &vect, char sep); vector stringToVector(const wstringEx &text, char sep); -vector stringToVector(const std::string &text, char sep); -std::string upperCase(std::string text); -std::string lowerCase(std::string text); -std::string ltrim(std::string s); -std::string rtrim(std::string s); +vector stringToVector(const string &text, char sep); +string upperCase(string text); +string lowerCase(string text); +string ltrim(string s); +string rtrim(string s); bool wchar_cmp(const wchar_t *first, const wchar_t *second, u32 first_len, u32 second_len); bool char_cmp(const char *first, const char *second, u32 first_len, u32 second_len); diff --git a/source/gui/texture.cpp b/source/gui/texture.cpp index 41d4e6b1..12b18363 100644 --- a/source/gui/texture.cpp +++ b/source/gui/texture.cpp @@ -12,8 +12,6 @@ #include "pngu.h" #include "gcvid.h" -using namespace std; - STexture TexHandle; static u32 upperPower(u32 width) @@ -657,11 +655,11 @@ void STexture::_calcMipMaps(u8 &maxLOD, u8 &minLOD, u32 &lod0Width, u32 &lod0Hei if (height - (lod0Height >> 1) < lod0Height >> 3 && minSize <= lod0Height >> 1) lod0Height >>= 1; maxLOD = 0; - for (u32 i = min(lod0Width, lod0Height); i > minSize; i >>= 1) + for (u32 i = std::min(lod0Width, lod0Height); i > minSize; i >>= 1) ++maxLOD; minLOD = 0; if (maxSize > 8) - for (u32 i = max(lod0Width, lod0Height); i > maxSize; i >>= 1) + for (u32 i = std::max(lod0Width, lod0Height); i > maxSize; i >>= 1) ++minLOD; if (minLOD > maxLOD) maxLOD = minLOD; diff --git a/source/gui/video.hpp b/source/gui/video.hpp index 1791a5a9..532a5646 100644 --- a/source/gui/video.hpp +++ b/source/gui/video.hpp @@ -4,10 +4,12 @@ #include #include +#include #include "vector.hpp" #include "texture.hpp" -using namespace std; +using std::string; +using std::vector; class CTexCoord { diff --git a/source/homebrew/homebrew.cpp b/source/homebrew/homebrew.cpp index 2c45a192..d28a9f08 100644 --- a/source/homebrew/homebrew.cpp +++ b/source/homebrew/homebrew.cpp @@ -26,7 +26,9 @@ u32 homebrew_size = 0; u8 *appbooter_ptr = NULL; u32 appbooter_size = 0; -using namespace std; + +using std::string; +using std::vector; extern const u8 wfstub_bin[]; extern const u32 wfstub_bin_size; diff --git a/source/libwolfssl/callbacks.h b/source/libwolfssl/callbacks.h index fe7a077a..d904f735 100644 --- a/source/libwolfssl/callbacks.h +++ b/source/libwolfssl/callbacks.h @@ -1,6 +1,6 @@ /* callbacks.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/certs_test.h b/source/libwolfssl/certs_test.h index d201a40f..ad7a6105 100644 --- a/source/libwolfssl/certs_test.h +++ b/source/libwolfssl/certs_test.h @@ -98,112 +98,110 @@ static const int sizeof_client_keypub_der_1024 = sizeof(client_keypub_der_1024); /* ./certs/1024/client-cert.der, 1024-bit */ static const unsigned char client_cert_der_1024[] = { - 0x30, 0x82, 0x04, 0x18, 0x30, 0x82, 0x03, 0x81, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x77, 0x1A, 0x0F, 0xB4, 0xD6, - 0x66, 0x91, 0xF9, 0xEB, 0xD6, 0x69, 0xE9, 0x5E, 0x55, 0x74, - 0xF3, 0x4B, 0xD7, 0x74, 0x8A, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, - 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, - 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, - 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, - 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, - 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, - 0x81, 0x81, 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, - 0xA2, 0xA9, 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, - 0xC8, 0xEC, 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, - 0x37, 0xEC, 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, - 0xDF, 0x94, 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, - 0xE8, 0x4D, 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, - 0x77, 0x25, 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, - 0x38, 0xCC, 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, - 0xAA, 0xDA, 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, - 0xDC, 0x77, 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, - 0xBA, 0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, - 0x8A, 0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, - 0x3C, 0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, - 0xA9, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, - 0x30, 0x82, 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x0E, 0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, - 0xDD, 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, - 0x75, 0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xDE, 0x06, 0x03, - 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, - 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, - 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, - 0xEC, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, - 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, - 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, - 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, - 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, - 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, - 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, - 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, - 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, - 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, - 0x77, 0x1A, 0x0F, 0xB4, 0xD6, 0x66, 0x91, 0xF9, 0xEB, 0xD6, - 0x69, 0xE9, 0x5E, 0x55, 0x74, 0xF3, 0x4B, 0xD7, 0x74, 0x8A, - 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, - 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, - 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, - 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, - 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x03, 0x81, 0x81, 0x00, 0xA8, 0x13, 0x2C, 0xFC, 0x43, 0xE9, - 0xDB, 0x59, 0xC7, 0x7E, 0x32, 0x8B, 0x32, 0xBA, 0xA3, 0x5C, - 0x2F, 0x60, 0xAB, 0xA1, 0xEF, 0x9A, 0x64, 0x36, 0x4E, 0xCE, - 0x05, 0x6D, 0xBC, 0x63, 0xB0, 0x8F, 0x91, 0xF7, 0x76, 0xBB, - 0x92, 0xB4, 0xB6, 0x78, 0xDB, 0x2E, 0x7F, 0x7F, 0x9C, 0xE7, - 0x58, 0x4B, 0x73, 0x89, 0x0F, 0xD1, 0x13, 0x61, 0xA4, 0x2A, - 0x2F, 0x6E, 0xC7, 0xB1, 0x19, 0xBB, 0x14, 0x00, 0xD7, 0x0E, - 0xDD, 0x7E, 0x2F, 0x66, 0xE7, 0x5F, 0xF9, 0x0F, 0x39, 0x90, - 0xF6, 0x6B, 0xD3, 0x84, 0x1E, 0xD0, 0x09, 0x23, 0x22, 0x27, - 0xF5, 0xC9, 0x96, 0xED, 0x45, 0xD7, 0x78, 0x3C, 0xEB, 0xA7, - 0xD5, 0x8A, 0xF5, 0xF4, 0xDD, 0x99, 0x27, 0xD2, 0x4C, 0x86, - 0x6E, 0x63, 0x7D, 0xA8, 0x93, 0x62, 0x71, 0xC1, 0xCB, 0x93, - 0xF4, 0x81, 0x3E, 0x95, 0xB3, 0xA8, 0xE5, 0xA6, 0x23, 0x51, - 0x4A, 0xB5 + 0x30, 0x82, 0x04, 0x02, 0x30, 0x82, 0x03, 0x6B, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xC5, 0x19, 0x90, 0xA1, + 0xC9, 0x01, 0x0F, 0xB9, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, + 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, + 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, + 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, + 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, + 0x81, 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, + 0xA9, 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, + 0xEC, 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, + 0xEC, 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, + 0x94, 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, + 0x4D, 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, + 0x25, 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, + 0xCC, 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, + 0xDA, 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, + 0x77, 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, + 0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, + 0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, + 0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x44, 0x30, + 0x82, 0x01, 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, + 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, + 0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, + 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, 0xD5, + 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, 0xEC, + 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, + 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, + 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, + 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xC5, 0x19, 0x90, 0xA1, 0xC9, 0x01, 0x0F, 0xB9, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, + 0x81, 0x00, 0x30, 0xCE, 0x46, 0x43, 0x6D, 0x70, 0xE1, 0x6D, + 0xBB, 0x8F, 0x4A, 0x05, 0x64, 0xF7, 0x2C, 0x8D, 0x0E, 0xD6, + 0xF9, 0x1E, 0xB6, 0x2A, 0x8E, 0xED, 0x52, 0xE1, 0x7C, 0x44, + 0xBF, 0x59, 0x54, 0xDA, 0x2D, 0x31, 0x4D, 0xE6, 0x79, 0xD2, + 0xD0, 0xD8, 0xB4, 0xCF, 0x5B, 0x16, 0x0A, 0x16, 0xA1, 0xBE, + 0x62, 0x9F, 0x6C, 0x24, 0x46, 0x7B, 0xB8, 0xDD, 0xB8, 0x8D, + 0x7F, 0xFE, 0xF1, 0xAC, 0x62, 0x94, 0xE0, 0x34, 0xCE, 0x4C, + 0x59, 0x3A, 0xC5, 0x5A, 0xE6, 0x40, 0xD5, 0x60, 0x7E, 0x20, + 0x5D, 0xED, 0x43, 0x92, 0xD3, 0xF3, 0xEA, 0xE0, 0xD1, 0x57, + 0xC8, 0xCE, 0x41, 0x79, 0xDB, 0x81, 0x41, 0xC6, 0xF0, 0x0E, + 0x35, 0xD4, 0x6F, 0x92, 0x58, 0x2D, 0xD6, 0xB2, 0xEC, 0xF1, + 0x88, 0xFF, 0x6D, 0xCA, 0x63, 0xD6, 0x4A, 0x8D, 0x10, 0xA6, + 0x23, 0x06, 0x77, 0x9A, 0xD5, 0xAB, 0x9D, 0x64, 0x46, 0x02 + }; static const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024); @@ -416,70 +414,29 @@ static const int sizeof_ca_key_der_1024 = sizeof(ca_key_der_1024); /* ./certs/1024/ca-cert.der, 1024-bit */ static const unsigned char ca_cert_der_1024[] = { - 0x30, 0x82, 0x04, 0x09, 0x30, 0x82, 0x03, 0x72, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x31, 0x42, 0xB4, 0x2B, 0x87, - 0xEF, 0x4B, 0x66, 0x93, 0xAF, 0x44, 0xDE, 0x45, 0x80, 0xD8, - 0x8E, 0x7E, 0xE3, 0xB5, 0x07, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, - 0x68, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, - 0x6E, 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, - 0x32, 0x30, 0x30, 0x36, 0x31, 0x39, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, - 0x36, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, - 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, - 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, - 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, - 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, - 0x81, 0x81, 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, - 0x24, 0xC3, 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, - 0x16, 0x59, 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, - 0x04, 0x17, 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, - 0x50, 0x62, 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, - 0x24, 0x0B, 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, - 0xA8, 0x2E, 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, - 0xA2, 0x80, 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, - 0x54, 0xDB, 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, - 0x72, 0x27, 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, - 0x9B, 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, - 0x94, 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, - 0xE5, 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, - 0x09, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4A, - 0x30, 0x82, 0x01, 0x46, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x0E, 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, - 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, - 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xD9, 0x06, 0x03, - 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD1, 0x30, 0x81, 0xCE, 0x80, - 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, - 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, - 0xA8, 0xA1, 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, + 0x30, 0x82, 0x03, 0xF3, 0x30, 0x82, 0x03, 0x5C, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x97, 0x1D, 0x33, 0x11, + 0xE8, 0x40, 0x6E, 0x95, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, + 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, + 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x33, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, @@ -495,31 +452,70 @@ static const unsigned char ca_cert_der_1024[] = 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x31, 0x42, 0xB4, 0x2B, 0x87, - 0xEF, 0x4B, 0x66, 0x93, 0xAF, 0x44, 0xDE, 0x45, 0x80, 0xD8, - 0x8E, 0x7E, 0xE3, 0xB5, 0x07, 0x30, 0x0C, 0x06, 0x03, 0x55, - 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, - 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, - 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, - 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, - 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, - 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, - 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, - 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x32, - 0xED, 0x94, 0x35, 0x3D, 0x4A, 0x76, 0xD7, 0x6E, 0xA9, 0x75, - 0xE9, 0xF5, 0x7A, 0x7F, 0x64, 0x31, 0x50, 0x6A, 0x28, 0xD5, - 0x92, 0x21, 0xD5, 0x88, 0xD2, 0x51, 0x82, 0xC5, 0xBB, 0x1A, - 0xF9, 0x26, 0xFA, 0xD8, 0x4B, 0x83, 0xB6, 0x09, 0xD4, 0x62, - 0x19, 0xE0, 0x55, 0x84, 0x97, 0x55, 0xBA, 0x5D, 0x21, 0x48, - 0x27, 0x10, 0xF0, 0xF3, 0x5C, 0x33, 0xB8, 0x38, 0x9B, 0xFB, - 0x57, 0x4C, 0xD8, 0x1C, 0x5B, 0xAB, 0xD3, 0x1C, 0x21, 0xEE, - 0x3E, 0x2E, 0xB8, 0xC6, 0x3A, 0x92, 0x5C, 0x38, 0x3C, 0x25, - 0x40, 0x2F, 0x05, 0xC6, 0xC9, 0x85, 0xFF, 0x27, 0xF3, 0xEE, - 0xFA, 0x10, 0x58, 0xDB, 0x5C, 0xA6, 0x8E, 0xE0, 0xD9, 0x70, - 0x93, 0xCD, 0xBE, 0x7E, 0x68, 0x33, 0x08, 0xC2, 0x28, 0xD6, - 0x5C, 0xB3, 0x15, 0x19, 0xAF, 0x0C, 0xF7, 0xBA, 0xF0, 0xBC, - 0xA1, 0xCF, 0x30, 0x4E, 0x38, 0xE6, 0x4D + 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, + 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, + 0x81, 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, 0x24, + 0xC3, 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, 0x16, + 0x59, 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, 0x04, + 0x17, 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, 0x50, + 0x62, 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, 0x24, + 0x0B, 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, 0xA8, + 0x2E, 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, 0xA2, + 0x80, 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, 0x54, + 0xDB, 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, 0x72, + 0x27, 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, 0x9B, + 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, 0x94, + 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, 0xE5, + 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, 0x09, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3F, 0x30, + 0x82, 0x01, 0x3B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, + 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, + 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, + 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, + 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, + 0xA1, 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, + 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, + 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, 0x6F, + 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, 0x31, + 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, + 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, + 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x82, 0x09, 0x00, 0x97, 0x1D, 0x33, 0x11, 0xE8, + 0x40, 0x6E, 0x95, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, + 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, + 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, + 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, + 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, + 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, + 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, + 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x4E, 0xB1, 0x39, + 0x6A, 0x23, 0xA3, 0x65, 0x17, 0x14, 0xB6, 0x52, 0x2E, 0x86, + 0x46, 0xD5, 0x4F, 0x7C, 0xD5, 0x6C, 0xBB, 0xFA, 0x66, 0xB1, + 0x71, 0x54, 0xA1, 0xAD, 0x0E, 0xA2, 0xB7, 0xBA, 0x59, 0x65, + 0x8B, 0xD5, 0x87, 0x5D, 0x51, 0xD0, 0x65, 0xDE, 0x74, 0x04, + 0x80, 0x7C, 0xDA, 0x3A, 0x52, 0x57, 0x7A, 0x1D, 0x5D, 0x46, + 0x7A, 0x06, 0x79, 0x75, 0xE5, 0x31, 0xDD, 0x1D, 0xF6, 0x54, + 0x77, 0xFC, 0x40, 0x13, 0xA1, 0x5B, 0xFD, 0x9E, 0x7D, 0x1C, + 0xFD, 0x04, 0x4F, 0x7C, 0xEE, 0x92, 0xA2, 0x80, 0x55, 0x3C, + 0x3F, 0x2A, 0x1C, 0xBD, 0x3A, 0x37, 0x12, 0x0E, 0xFD, 0x52, + 0x60, 0x66, 0x19, 0xD5, 0x4B, 0xF6, 0x35, 0x50, 0xA3, 0x59, + 0xD3, 0x7F, 0x6D, 0x95, 0xD7, 0x56, 0x10, 0xC6, 0x86, 0x28, + 0xF4, 0x6E, 0x6D, 0xDA, 0x4E, 0x1C, 0xB4, 0xE9, 0x0B, 0x4C, + 0xED, 0x62, 0x0F, 0x64, 0x06 }; static const int sizeof_ca_cert_der_1024 = sizeof(ca_cert_der_1024); @@ -593,7 +589,7 @@ static const int sizeof_server_key_der_1024 = sizeof(server_key_der_1024); /* ./certs/1024/server-cert.der, 1024-bit */ static const unsigned char server_cert_der_1024[] = { - 0x30, 0x82, 0x03, 0xF2, 0x30, 0x82, 0x03, 0x5B, 0xA0, 0x03, + 0x30, 0x82, 0x03, 0xE7, 0x30, 0x82, 0x03, 0x50, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, @@ -612,9 +608,9 @@ static const unsigned char server_cert_der_1024[] = 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, - 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, 0x39, 0x31, 0x33, 0x32, - 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x30, 0x33, - 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x30, + 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, 0x39, 0x34, + 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x31, + 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x95, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, @@ -646,12 +642,12 @@ static const unsigned char server_cert_der_1024[] = 0xAD, 0xFD, 0x5C, 0x86, 0x73, 0xAA, 0x6B, 0x47, 0xD8, 0x8B, 0x2E, 0x58, 0x4B, 0x69, 0x12, 0x82, 0x26, 0x55, 0xE6, 0x14, 0xBF, 0x55, 0x70, 0x88, 0xFE, 0xF9, 0x75, 0xE1, 0x02, 0x03, - 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4A, 0x30, 0x82, 0x01, - 0x46, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3F, 0x30, 0x82, 0x01, + 0x3B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xD9, 0x3C, 0x35, 0xEA, 0x74, 0x0E, 0x23, 0xBE, 0x9C, 0xFC, 0xFA, 0x29, 0x90, 0x09, 0xC1, 0xE7, 0x84, 0x16, - 0x9F, 0x7C, 0x30, 0x81, 0xD9, 0x06, 0x03, 0x55, 0x1D, 0x23, - 0x04, 0x81, 0xD1, 0x30, 0x81, 0xCE, 0x80, 0x14, 0xD3, 0x22, + 0x9F, 0x7C, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0xA1, 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, @@ -670,31 +666,30 @@ static const unsigned char server_cert_der_1024[] = 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x14, 0x31, 0x42, 0xB4, 0x2B, 0x87, 0xEF, 0x4B, 0x66, - 0x93, 0xAF, 0x44, 0xDE, 0x45, 0x80, 0xD8, 0x8E, 0x7E, 0xE3, - 0xB5, 0x07, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, - 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, - 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, - 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, - 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x56, 0x14, 0x19, 0x1A, - 0x4F, 0x09, 0x91, 0xCD, 0xF5, 0xA7, 0xC5, 0x69, 0xE4, 0xEA, - 0x1A, 0xFD, 0x56, 0xC3, 0x55, 0xFE, 0xC8, 0xCC, 0xED, 0x56, - 0xA8, 0x5F, 0x86, 0xFB, 0xAB, 0x9F, 0x76, 0x8A, 0xDB, 0xB3, - 0xCC, 0x68, 0xCE, 0x99, 0xFB, 0xA4, 0x5E, 0x70, 0xA8, 0x3C, - 0xA8, 0xB6, 0x85, 0x7C, 0xCB, 0x31, 0xFE, 0x4B, 0x01, 0x0C, - 0xAC, 0xF0, 0x19, 0x04, 0x98, 0xD0, 0xE7, 0xA5, 0xA2, 0x51, - 0xE2, 0x52, 0xA3, 0xF7, 0x42, 0xD4, 0xE2, 0x2D, 0xF2, 0x72, - 0xB5, 0xE7, 0x95, 0xD0, 0xB4, 0xE3, 0xD3, 0xC1, 0x34, 0xA4, - 0x2F, 0x7C, 0x3C, 0xEF, 0xF0, 0x45, 0x14, 0x32, 0x2F, 0xC8, - 0xBF, 0x9F, 0xDA, 0x97, 0x6A, 0xDA, 0xCB, 0x3F, 0xEF, 0x1F, - 0xCA, 0xDC, 0x7A, 0x13, 0x1B, 0x5A, 0x45, 0x41, 0xF8, 0xF0, - 0x34, 0x49, 0x9D, 0x58, 0x23, 0x85, 0x3D, 0x99, 0xAB, 0x34, - 0xDE, 0x51, 0x32, 0x76 + 0x82, 0x09, 0x00, 0x97, 0x1D, 0x33, 0x11, 0xE8, 0x40, 0x6E, + 0x95, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, + 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, + 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, + 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, + 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, + 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, + 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, + 0x00, 0x03, 0x81, 0x81, 0x00, 0x27, 0x0A, 0x4E, 0x08, 0x8C, + 0xBA, 0x73, 0xD0, 0x05, 0xF2, 0xEA, 0xF9, 0x51, 0x8C, 0x7E, + 0x29, 0x14, 0x23, 0x8E, 0x9E, 0x9A, 0xFC, 0x46, 0x6F, 0x10, + 0x68, 0x59, 0xD9, 0xA0, 0xEA, 0x53, 0x19, 0xBD, 0x28, 0x89, + 0xE1, 0x97, 0x1E, 0x4C, 0xB8, 0x1E, 0xBE, 0x0F, 0x4D, 0x9D, + 0x1D, 0x76, 0x57, 0x17, 0x31, 0x95, 0xC2, 0x80, 0xBE, 0x04, + 0xD0, 0xC2, 0xE9, 0x5C, 0xE0, 0xF4, 0x81, 0x3F, 0xC4, 0xB0, + 0xC5, 0x86, 0xAE, 0x58, 0x68, 0xB9, 0xAE, 0x0F, 0x88, 0xE8, + 0x63, 0x6F, 0xB9, 0x08, 0xF1, 0x1B, 0x56, 0x90, 0xFB, 0x1F, + 0x2E, 0xCC, 0xE5, 0x69, 0x1F, 0x7C, 0x02, 0x4F, 0xED, 0xB0, + 0x45, 0x7C, 0x2D, 0xA8, 0x59, 0x11, 0xA5, 0x95, 0x51, 0xC7, + 0x50, 0xD8, 0x89, 0xC2, 0x90, 0x63, 0x68, 0xA8, 0x41, 0x6F, + 0xD0, 0x37, 0x26, 0x6F, 0xC8, 0x0E, 0xB5, 0xA0, 0x15, 0x9D, + 0xA5, 0xE6, 0xD2 }; static const int sizeof_server_cert_der_1024 = sizeof(server_cert_der_1024); @@ -867,84 +862,10 @@ static const int sizeof_client_keypub_der_2048 = sizeof(client_keypub_der_2048); /* ./certs/client-cert.der, 2048-bit */ static const unsigned char client_cert_der_2048[] = { - 0x30, 0x82, 0x05, 0x1D, 0x30, 0x82, 0x04, 0x05, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x45, 0x45, 0x81, 0x82, 0xE6, - 0x3A, 0xBD, 0xA2, 0xE3, 0x06, 0x0E, 0xBA, 0x2C, 0x45, 0x74, - 0x4B, 0xBE, 0xC0, 0x39, 0x11, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, - 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, - 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, - 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, - 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, - 0x2D, 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, - 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, - 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, - 0x2B, 0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, - 0x2B, 0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, - 0x47, 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, - 0x69, 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, - 0x2D, 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, - 0x2C, 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, - 0xEF, 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, - 0xBF, 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, - 0x89, 0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, - 0x67, 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, - 0xA6, 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, - 0xD1, 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, - 0xF1, 0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, - 0x7E, 0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, - 0x81, 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, - 0x32, 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, - 0x83, 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, - 0x24, 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, - 0x6C, 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, - 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, - 0x0C, 0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, - 0xFA, 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, - 0x71, 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, - 0x4E, 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, - 0x15, 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, - 0xA1, 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, - 0x01, 0x4F, 0x30, 0x82, 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, - 0x66, 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, - 0x91, 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xDE, - 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, - 0xD3, 0x80, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, - 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, - 0x85, 0x65, 0xC0, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, + 0x30, 0x82, 0x05, 0x07, 0x30, 0x82, 0x03, 0xEF, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xF1, 0x5C, 0x99, 0x43, + 0x66, 0x3D, 0x96, 0x04, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, @@ -961,44 +882,116 @@ static const unsigned char client_cert_der_2048[] = 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x14, 0x45, 0x45, 0x81, 0x82, 0xE6, 0x3A, 0xBD, 0xA2, - 0xE3, 0x06, 0x0E, 0xBA, 0x2C, 0x45, 0x74, 0x4B, 0xBE, 0xC0, - 0x39, 0x11, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, - 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, - 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, - 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xC1, 0x06, 0x39, - 0xC8, 0xCE, 0xF5, 0x81, 0x49, 0x55, 0xE1, 0x3A, 0x55, 0xAA, - 0x91, 0x5D, 0x64, 0xF1, 0x4B, 0xDC, 0x33, 0x1E, 0x31, 0x15, - 0xE7, 0x10, 0x71, 0x16, 0x0D, 0xB5, 0x00, 0xDC, 0xBB, 0x22, - 0x0D, 0x81, 0xD9, 0x12, 0x5C, 0x0C, 0xDD, 0x61, 0xE1, 0xAF, - 0xB5, 0xE2, 0xF7, 0x7D, 0x8B, 0xE6, 0x61, 0xFD, 0xCA, 0x45, - 0x3A, 0x61, 0xE7, 0x18, 0x56, 0x2C, 0x26, 0xF2, 0xDF, 0x14, - 0xF1, 0xE0, 0x3D, 0x7F, 0x62, 0x12, 0x5F, 0xD8, 0x04, 0x44, - 0x06, 0x0C, 0x72, 0xB1, 0x8A, 0x50, 0x72, 0x67, 0x77, 0x74, - 0x01, 0xFF, 0x79, 0x64, 0x11, 0x6E, 0xB3, 0x84, 0x51, 0x19, - 0x22, 0xB6, 0x43, 0x10, 0x06, 0x0D, 0x39, 0x46, 0x5A, 0xC6, - 0x57, 0x0A, 0x43, 0xA1, 0x94, 0x02, 0x28, 0x0A, 0x12, 0x38, - 0x85, 0x04, 0x0E, 0x78, 0x52, 0x48, 0x28, 0x7E, 0x6C, 0xD9, - 0xF0, 0x4B, 0x04, 0x55, 0x7C, 0x39, 0x01, 0xC1, 0xB4, 0x5F, - 0x50, 0x06, 0xCF, 0xDA, 0x6F, 0x20, 0xB8, 0x94, 0xF7, 0x51, - 0x1A, 0x23, 0xCB, 0x30, 0xE3, 0x21, 0xB4, 0xA3, 0x73, 0xAD, - 0x48, 0xFB, 0x96, 0x69, 0xEF, 0x2E, 0x50, 0xB6, 0x67, 0xBC, - 0x64, 0xEE, 0x27, 0x76, 0x43, 0x7A, 0x34, 0x59, 0x8E, 0xB4, - 0x57, 0x53, 0x7D, 0x95, 0x7E, 0x50, 0x7E, 0x64, 0x4C, 0x29, - 0x68, 0xFE, 0x81, 0x4F, 0x73, 0x21, 0x24, 0xB5, 0xA9, 0xA2, - 0x49, 0x5F, 0x54, 0x7F, 0x0D, 0xC2, 0x96, 0xC7, 0xF5, 0x36, - 0x81, 0x8E, 0xC0, 0x00, 0xAF, 0xB4, 0x10, 0x6B, 0x0E, 0xBC, - 0x1A, 0x3A, 0xF1, 0xA6, 0xDD, 0xFD, 0x8E, 0x63, 0x21, 0x33, - 0xD4, 0x32, 0x31, 0x1F, 0xBE, 0xA3, 0x7C, 0x52, 0x85, 0x26, - 0xC8, 0x6E, 0x50, 0x6C, 0xAC, 0x3D, 0x2E, 0xC0, 0xF9, 0x50, - 0xED, 0xC8, 0x4D, 0xCD, 0x13, 0x50, 0xCE, 0x5E, 0xDE, 0x15, - 0x89, 0xD1, 0xFB + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, + 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, + 0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, + 0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, + 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, + 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, + 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, + 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, + 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, + 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, + 0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, + 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, + 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, + 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, + 0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, + 0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, + 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, + 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, + 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, + 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, + 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, + 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, + 0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, + 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, + 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, + 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, + 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, + 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, + 0x44, 0x30, 0x82, 0x01, 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66, + 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, + 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xD3, 0x06, + 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, + 0x80, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, 0x18, + 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, 0x85, + 0x65, 0xC0, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, + 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, + 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, + 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, + 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, + 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x32, + 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, + 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, 0x34, 0x38, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, + 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, + 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, + 0x09, 0x00, 0xF1, 0x5C, 0x99, 0x43, 0x66, 0x3D, 0x96, 0x04, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, + 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, + 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, + 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x03, 0x82, 0x01, 0x01, 0x00, 0xBA, 0x2B, 0x48, 0xD1, 0xA8, + 0xE3, 0xC2, 0x84, 0x42, 0x96, 0xA1, 0x7C, 0xE5, 0xF1, 0x46, + 0xBA, 0x4C, 0xF7, 0x87, 0x57, 0xC7, 0x78, 0xC8, 0xC1, 0x32, + 0xC4, 0x69, 0xFF, 0x85, 0xBB, 0x5D, 0x6A, 0xDD, 0xC9, 0x87, + 0x7E, 0xFE, 0xBB, 0xF4, 0xFD, 0x15, 0x0A, 0x4C, 0x94, 0x95, + 0x80, 0x30, 0x90, 0x45, 0x03, 0xF8, 0x33, 0x87, 0xCA, 0x5F, + 0x74, 0x38, 0xA4, 0xD0, 0x5A, 0xC7, 0x65, 0x38, 0xC3, 0xB0, + 0xE8, 0x87, 0xB1, 0x49, 0x32, 0xB9, 0xAC, 0xE9, 0xFB, 0xD3, + 0x08, 0x1D, 0xA4, 0x51, 0x7B, 0xD7, 0xD9, 0x4B, 0x79, 0x35, + 0xA2, 0x3A, 0x0B, 0xE4, 0x0C, 0xA0, 0x02, 0x9C, 0xA1, 0x68, + 0xE1, 0x5D, 0x6C, 0x8E, 0x2E, 0x3A, 0x24, 0xDE, 0xBB, 0xD6, + 0x1C, 0xA7, 0xAC, 0x2E, 0xCD, 0x57, 0x44, 0x48, 0xF6, 0x72, + 0xE0, 0xC7, 0x5B, 0x93, 0xDC, 0x7D, 0x5B, 0x64, 0x0E, 0x17, + 0x84, 0x68, 0x2C, 0x95, 0x1D, 0x2C, 0x86, 0xD6, 0xB0, 0x74, + 0x67, 0x51, 0x6E, 0x7B, 0xF4, 0xD5, 0x61, 0x38, 0x51, 0xB3, + 0x18, 0xE3, 0x10, 0x16, 0x73, 0x4B, 0x36, 0x8A, 0x8A, 0x62, + 0x05, 0xF5, 0x56, 0x8A, 0xBE, 0x21, 0xE1, 0x78, 0x7D, 0xBF, + 0xAD, 0x45, 0xF9, 0x0B, 0xF5, 0xAF, 0xA0, 0x62, 0x01, 0xFD, + 0x3F, 0x49, 0xDF, 0x39, 0x3C, 0xFF, 0x46, 0xE8, 0x0A, 0xFE, + 0x5C, 0x6B, 0xBB, 0x41, 0xA5, 0x64, 0xF1, 0x5C, 0x9B, 0x51, + 0x4C, 0xBC, 0x6D, 0x9F, 0xA3, 0x20, 0xED, 0xE9, 0x48, 0xE1, + 0xA9, 0xBE, 0x08, 0x2D, 0x85, 0x42, 0x59, 0xD6, 0x43, 0x7D, + 0x47, 0x22, 0xA5, 0xFA, 0x1F, 0xA2, 0x58, 0x76, 0x0B, 0x70, + 0x1C, 0x1D, 0x59, 0x1D, 0xAA, 0xBE, 0x5D, 0x2D, 0x25, 0x7C, + 0xB1, 0x06, 0xB6, 0xC0, 0xAA, 0x28, 0xAA, 0x93, 0x7C, 0xD0, + 0xBD, 0x43, 0xAD, 0x91, 0x50, 0x1C, 0x7B, 0x4D, 0xF3, 0xE4, + 0xD7 }; static const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048); @@ -1035,6 +1028,159 @@ static const unsigned char dh_key_der_2048[] = }; static const int sizeof_dh_key_der_2048 = sizeof(dh_key_der_2048); +/* ./certs/dh-pubkey-2048.der, 2048-bit */ +static const unsigned char dh_pub_key_der_2048[] = +{ + 0x30, 0x82, 0x02, 0x24, 0x30, 0x82, 0x01, 0x17, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x03, 0x01, 0x30, + 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xD3, 0xB2, + 0x99, 0x84, 0x5C, 0x0A, 0x4C, 0xE7, 0x37, 0xCC, 0xFC, 0x18, + 0x37, 0x01, 0x2F, 0x5D, 0xC1, 0x4C, 0xF4, 0x5C, 0xC9, 0x82, + 0x8D, 0xB7, 0xF3, 0xD4, 0xA9, 0x8A, 0x9D, 0x34, 0xD7, 0x76, + 0x57, 0xE5, 0xE5, 0xC3, 0xE5, 0x16, 0x85, 0xCA, 0x4D, 0xD6, + 0x5B, 0xC1, 0xF8, 0xCF, 0x89, 0x26, 0xD0, 0x38, 0x8A, 0xEE, + 0xF3, 0xCD, 0x33, 0xE5, 0x56, 0xBB, 0x90, 0x83, 0x9F, 0x97, + 0x8E, 0x71, 0xFB, 0x27, 0xE4, 0x35, 0x15, 0x45, 0x86, 0x09, + 0x71, 0xA8, 0x9A, 0xB9, 0x3E, 0x0F, 0x51, 0x8A, 0xC2, 0x75, + 0x51, 0x23, 0x12, 0xFB, 0x94, 0x31, 0x44, 0xBF, 0xCE, 0xF6, + 0xED, 0xA6, 0x3A, 0xB7, 0x92, 0xCE, 0x16, 0xA9, 0x14, 0xB3, + 0x88, 0xB7, 0x13, 0x81, 0x71, 0x83, 0x88, 0xCD, 0xB1, 0xA2, + 0x37, 0xE1, 0x59, 0x5C, 0xD0, 0xDC, 0xCA, 0x82, 0x87, 0xFA, + 0x43, 0x44, 0xDD, 0x78, 0x3F, 0xCA, 0x27, 0x7E, 0xE1, 0x6B, + 0x93, 0x19, 0x7C, 0xD9, 0xA6, 0x96, 0x47, 0x0D, 0x12, 0xC1, + 0x13, 0xD7, 0xB9, 0x0A, 0x40, 0xD9, 0x1F, 0xFF, 0xB8, 0xB4, + 0x00, 0xC8, 0xAA, 0x5E, 0xD2, 0x66, 0x4A, 0x05, 0x8E, 0x9E, + 0xF5, 0x34, 0xE7, 0xD7, 0x09, 0x7B, 0x15, 0x49, 0x1D, 0x76, + 0x31, 0xD6, 0x71, 0xEC, 0x13, 0x4E, 0x89, 0x8C, 0x09, 0x22, + 0xD8, 0xE7, 0xA3, 0xE9, 0x7D, 0x21, 0x51, 0x26, 0x6E, 0x9F, + 0x30, 0x8A, 0xBB, 0xBC, 0x74, 0xC1, 0xC3, 0x27, 0x6A, 0xCE, + 0xA3, 0x12, 0x60, 0x68, 0x01, 0xD2, 0x34, 0x07, 0x80, 0xCC, + 0x2D, 0x7F, 0x5C, 0xAE, 0xA2, 0x97, 0x40, 0xC8, 0x3C, 0xAC, + 0xDB, 0x6F, 0xFE, 0x6C, 0x6D, 0xD2, 0x06, 0x1C, 0x43, 0xA2, + 0xB2, 0x2B, 0x82, 0xB7, 0xD0, 0xAB, 0x3F, 0x2C, 0xE7, 0x9C, + 0x19, 0x16, 0xD1, 0x5E, 0x26, 0x86, 0xC7, 0x92, 0xF9, 0x16, + 0x0B, 0xFA, 0x66, 0x83, 0x02, 0x01, 0x02, 0x03, 0x82, 0x01, + 0x05, 0x00, 0x02, 0x82, 0x01, 0x00, 0x34, 0x41, 0xBF, 0xE9, + 0xF2, 0x11, 0xBF, 0x05, 0xDB, 0xB2, 0x72, 0xA8, 0x29, 0xCC, + 0xBD, 0x93, 0xEB, 0x14, 0x5D, 0x2C, 0x6B, 0x84, 0x4E, 0x96, + 0x12, 0xB3, 0x38, 0xBA, 0x8A, 0x46, 0x7C, 0x36, 0xCB, 0xE9, + 0x97, 0x70, 0xC5, 0xC3, 0x85, 0xB5, 0x51, 0xA5, 0x8B, 0x39, + 0xA8, 0xEA, 0x47, 0xD3, 0xD5, 0x11, 0xC0, 0x6D, 0xE3, 0xE3, + 0x9E, 0x00, 0x4C, 0x65, 0x41, 0x9B, 0xF6, 0xD0, 0xAC, 0x26, + 0x88, 0x01, 0xFC, 0x3C, 0x26, 0x5F, 0x67, 0xF7, 0x77, 0xD7, + 0xAC, 0xC5, 0xCA, 0xBB, 0xD8, 0x70, 0x58, 0x41, 0xF5, 0xF1, + 0x21, 0x3B, 0x15, 0xD5, 0x31, 0xF2, 0xC4, 0x8E, 0x0C, 0x38, + 0x01, 0x93, 0xD3, 0x64, 0x63, 0x57, 0xDC, 0x31, 0xE5, 0xFD, + 0x9C, 0x2B, 0xA6, 0xDE, 0x15, 0xB2, 0xC8, 0x8D, 0x65, 0x71, + 0x2E, 0xED, 0xF9, 0x1D, 0x2D, 0xA1, 0x17, 0xDD, 0xA3, 0xDA, + 0xF3, 0x10, 0x81, 0x40, 0xFA, 0x4F, 0x49, 0xB0, 0xDA, 0x16, + 0x64, 0xBE, 0x6F, 0xC5, 0x05, 0xCE, 0xC4, 0x4F, 0x67, 0x80, + 0xB3, 0x8A, 0x81, 0x17, 0xEB, 0xF9, 0x6F, 0x6D, 0x9F, 0x7F, + 0xDE, 0xEE, 0x08, 0xB8, 0xFA, 0x81, 0x68, 0x66, 0xD6, 0xC6, + 0x08, 0x50, 0xAB, 0xF0, 0x29, 0xDE, 0x6B, 0x1D, 0x50, 0x13, + 0x7F, 0x54, 0x31, 0x53, 0x89, 0x5F, 0x48, 0x72, 0x24, 0xD4, + 0xD2, 0x1D, 0x27, 0x7D, 0x74, 0xCF, 0x51, 0x17, 0xF0, 0xC5, + 0x6D, 0x3C, 0x3D, 0x6D, 0x0A, 0x8B, 0xDB, 0xEF, 0x02, 0xD8, + 0xC3, 0xCB, 0xCA, 0x21, 0xCA, 0xD6, 0x9C, 0x18, 0x9E, 0x92, + 0xBE, 0x6E, 0xE2, 0x16, 0x5E, 0x89, 0x9B, 0xAD, 0xD4, 0x04, + 0x5A, 0x24, 0x5A, 0x3F, 0x7C, 0x12, 0xAC, 0xB4, 0x71, 0x51, + 0x25, 0x58, 0x74, 0xE4, 0xB2, 0xD4, 0x45, 0xFC, 0x5F, 0xCD, + 0x81, 0x8F, 0xE7, 0x96, 0x18, 0xD9, 0xE0, 0x97, 0x08, 0x45, + 0x36, 0xC3 +}; +static const int sizeof_dh_pub_key_der_2048 = sizeof(dh_pub_key_der_2048); + +/* ./certs/dsa-pubkey-2048.der, 2048-bit */ +static const unsigned char dsa_pub_key_der_2048[] = +{ + 0x30, 0x82, 0x03, 0x47, 0x30, 0x82, 0x02, 0x39, 0x06, 0x07, + 0x2A, 0x86, 0x48, 0xCE, 0x38, 0x04, 0x01, 0x30, 0x82, 0x02, + 0x2C, 0x02, 0x82, 0x01, 0x01, 0x00, 0xEB, 0x7E, 0x2C, 0x97, + 0x36, 0x67, 0x0E, 0x73, 0x9A, 0xAC, 0xFD, 0xB1, 0x19, 0x03, + 0x52, 0x61, 0x25, 0x12, 0xB2, 0x37, 0x3D, 0xEA, 0xCA, 0x80, + 0x07, 0x5D, 0x2D, 0x33, 0xA2, 0x4E, 0x6B, 0xB7, 0x62, 0xF8, + 0x87, 0x4D, 0x4B, 0x20, 0xDA, 0xEA, 0x6A, 0x96, 0x13, 0xB7, + 0xB9, 0x49, 0xC0, 0x86, 0x14, 0x71, 0xCD, 0x8C, 0x60, 0x61, + 0x94, 0x71, 0x89, 0x95, 0x1A, 0x0F, 0x38, 0xCC, 0x9C, 0x1F, + 0x20, 0xE5, 0xD0, 0x65, 0x75, 0xCD, 0xFE, 0x24, 0x29, 0xE6, + 0x60, 0x97, 0x74, 0xEC, 0x4C, 0x42, 0xE8, 0xBA, 0xE9, 0xC2, + 0xF7, 0xCB, 0x9B, 0xEA, 0x55, 0xD8, 0x40, 0x50, 0x2E, 0xCF, + 0xCD, 0x41, 0x01, 0xA9, 0xE5, 0x29, 0xCA, 0xC3, 0x36, 0x58, + 0x7E, 0x2E, 0x11, 0x96, 0x87, 0xC6, 0xFA, 0xE1, 0x27, 0x53, + 0x3D, 0x60, 0x93, 0x7B, 0xAD, 0xEE, 0xE7, 0xD4, 0xDC, 0xD6, + 0x03, 0x16, 0x92, 0xD4, 0x51, 0x0C, 0xFD, 0xA9, 0x01, 0x3E, + 0x6E, 0x27, 0x67, 0x6E, 0x9F, 0x29, 0x63, 0xFD, 0x51, 0x82, + 0x79, 0x83, 0x2B, 0xCB, 0x12, 0xCD, 0x50, 0x92, 0xAC, 0x16, + 0xC9, 0xEA, 0x9E, 0x68, 0x9E, 0x4B, 0xE1, 0x63, 0xB4, 0x80, + 0xE4, 0xDF, 0x75, 0xBC, 0x27, 0xD1, 0x76, 0x03, 0x48, 0x98, + 0x1D, 0xE3, 0x29, 0x8A, 0x99, 0x59, 0xF3, 0x75, 0x5B, 0xD9, + 0xAC, 0x59, 0x11, 0x52, 0x2F, 0xE0, 0x91, 0x55, 0xB0, 0xF2, + 0x5F, 0x0A, 0xF8, 0xD2, 0x7A, 0xDD, 0x8D, 0xE9, 0x92, 0xE2, + 0xF3, 0xF7, 0x4A, 0xB1, 0x50, 0xD7, 0xFE, 0x07, 0x8D, 0x27, + 0x7D, 0x08, 0x6F, 0x08, 0x7E, 0x25, 0x19, 0x0D, 0xDE, 0x11, + 0xD1, 0x63, 0x31, 0x84, 0x18, 0x25, 0xBE, 0x7D, 0x64, 0x77, + 0xDB, 0x4A, 0x20, 0xC5, 0x51, 0x75, 0xD8, 0xB1, 0x1B, 0xDF, + 0x91, 0x7F, 0xFC, 0x74, 0xBA, 0x9D, 0xD1, 0xFA, 0x8D, 0xBD, + 0x59, 0xFD, 0x02, 0x21, 0x00, 0xFA, 0xF7, 0x62, 0x9A, 0x62, + 0x19, 0x64, 0x6D, 0xC1, 0xF3, 0xC0, 0x9B, 0xAC, 0x90, 0x28, + 0xEA, 0xA1, 0x83, 0xF9, 0xC8, 0xED, 0x31, 0xEE, 0x33, 0x1D, + 0x35, 0x22, 0x00, 0x2B, 0x12, 0x84, 0xFF, 0x02, 0x82, 0x01, + 0x00, 0x73, 0xC9, 0xED, 0x1F, 0xBC, 0xC7, 0xC4, 0xEF, 0x46, + 0x03, 0xD1, 0x72, 0xC3, 0xE5, 0x29, 0xB0, 0x9A, 0x95, 0x13, + 0x5B, 0x4E, 0x59, 0x57, 0x0F, 0x80, 0xEB, 0x74, 0x87, 0x11, + 0x1B, 0xC8, 0x11, 0xB6, 0x97, 0x4C, 0x48, 0x50, 0x3A, 0xB8, + 0x2C, 0x28, 0xF3, 0xB0, 0x9C, 0x7C, 0x3D, 0xFF, 0x8B, 0x43, + 0x43, 0x30, 0x85, 0x5F, 0x97, 0xD2, 0x68, 0x85, 0x35, 0x2E, + 0xD4, 0x61, 0xF6, 0x3E, 0x05, 0xEC, 0xCD, 0x60, 0x13, 0xE2, + 0x16, 0x02, 0x7C, 0x8B, 0x21, 0xCE, 0x36, 0x71, 0xC4, 0xED, + 0x0B, 0x47, 0x76, 0x83, 0x23, 0x2F, 0x98, 0xA4, 0x84, 0x98, + 0x9C, 0xFB, 0xD0, 0xA8, 0xD9, 0xB9, 0xE3, 0xD7, 0x32, 0xD9, + 0xB5, 0x9E, 0x82, 0x93, 0xD0, 0x55, 0x74, 0x5F, 0xDA, 0x87, + 0x91, 0x90, 0x0F, 0x85, 0x74, 0x1A, 0x32, 0x76, 0x4F, 0xCC, + 0x2A, 0x18, 0x11, 0x5B, 0xB4, 0x78, 0x93, 0xB6, 0xE5, 0xF0, + 0xC6, 0x71, 0xE8, 0xD7, 0x31, 0x19, 0x91, 0x27, 0x71, 0x5A, + 0x02, 0x1A, 0x1A, 0x3A, 0x55, 0x95, 0xFF, 0xF8, 0xED, 0xD3, + 0xE1, 0xAE, 0x8A, 0x1D, 0xFF, 0x53, 0x63, 0x79, 0x13, 0xA1, + 0xAD, 0x0A, 0x68, 0x67, 0x43, 0xB2, 0x5B, 0xD5, 0x36, 0xD4, + 0x84, 0xD0, 0xCD, 0x34, 0x82, 0x84, 0xA4, 0x89, 0xAE, 0xA1, + 0x66, 0x57, 0x89, 0x6F, 0xDC, 0x0C, 0x3B, 0x48, 0x14, 0x7C, + 0xCC, 0x63, 0x7C, 0x83, 0x93, 0x55, 0x7D, 0xB4, 0xF3, 0x34, + 0x66, 0x72, 0x85, 0xF5, 0x8D, 0xEF, 0x90, 0x1A, 0x66, 0xF8, + 0x3B, 0xC6, 0xA4, 0x59, 0xB8, 0x25, 0x4E, 0x5D, 0x84, 0xED, + 0x7C, 0x1C, 0xDD, 0x35, 0xA6, 0xBA, 0xED, 0x3B, 0xD6, 0x49, + 0xE6, 0x5A, 0xD1, 0xF8, 0xEA, 0x96, 0x75, 0x92, 0xCF, 0x05, + 0x52, 0x05, 0x3D, 0x78, 0x09, 0xCF, 0xCD, 0xE2, 0x1A, 0x99, + 0xEB, 0x5E, 0xFA, 0x27, 0x73, 0x89, 0x15, 0x03, 0x82, 0x01, + 0x06, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC2, 0x35, 0x2D, + 0xEC, 0x83, 0x83, 0x6C, 0x73, 0x13, 0x9E, 0x52, 0x7C, 0x74, + 0xC8, 0x7B, 0xEE, 0xDF, 0x39, 0xC0, 0x33, 0xCD, 0x9F, 0xB2, + 0x22, 0x64, 0x9F, 0xC5, 0xE9, 0xFF, 0xF7, 0x09, 0x47, 0x79, + 0x13, 0x96, 0x77, 0x25, 0xF3, 0x5D, 0xAA, 0x9F, 0x97, 0x67, + 0x62, 0xBC, 0x94, 0x1D, 0xAE, 0x22, 0x7E, 0x08, 0x03, 0xBD, + 0x7E, 0x34, 0x29, 0xCB, 0x62, 0xB7, 0x82, 0x1D, 0xE2, 0xFA, + 0x05, 0xC6, 0xC1, 0x68, 0xE7, 0x01, 0x27, 0x63, 0x51, 0x3E, + 0x37, 0x59, 0x42, 0x92, 0x4F, 0x99, 0x60, 0xFD, 0x63, 0x94, + 0xB7, 0xD0, 0xEE, 0xC1, 0xA0, 0xA5, 0x01, 0x74, 0x4D, 0x0E, + 0x14, 0xB2, 0xE2, 0x2C, 0xE7, 0x82, 0x0A, 0x23, 0xC7, 0x39, + 0x45, 0x40, 0xE9, 0xE9, 0x9D, 0x36, 0xE0, 0x52, 0x03, 0x99, + 0xDC, 0x87, 0x7D, 0x6A, 0x90, 0xE4, 0xDD, 0xA9, 0xC2, 0x57, + 0x90, 0xD6, 0xCA, 0xB4, 0x15, 0x80, 0xEE, 0x00, 0xCB, 0x2A, + 0xC9, 0x59, 0x4C, 0xA7, 0x7D, 0x33, 0x0A, 0x3E, 0x4A, 0x76, + 0xEA, 0x27, 0x89, 0xD8, 0x1A, 0xEA, 0x7E, 0xDB, 0x13, 0x92, + 0x93, 0x6A, 0x57, 0x9B, 0x33, 0xFD, 0xCE, 0x09, 0x0A, 0xB0, + 0x35, 0x24, 0xE4, 0x7D, 0xD8, 0x9D, 0xFF, 0x80, 0x65, 0x0F, + 0x61, 0xF7, 0xF7, 0xED, 0x8B, 0xD5, 0x8F, 0xBF, 0xB3, 0x22, + 0x20, 0x39, 0x89, 0x83, 0xB8, 0x83, 0x96, 0x32, 0x20, 0xAD, + 0xA1, 0x5D, 0x73, 0x8F, 0xE3, 0x27, 0xD9, 0x5D, 0xDB, 0x00, + 0x27, 0xF2, 0xBE, 0x89, 0x13, 0xE2, 0x97, 0x79, 0x10, 0x27, + 0x3D, 0xD8, 0x05, 0x96, 0x59, 0x6E, 0xA0, 0xC1, 0x6F, 0x99, + 0x4F, 0x28, 0xFA, 0xA6, 0x0B, 0x5C, 0x16, 0xEE, 0xB0, 0x98, + 0x8A, 0x06, 0x4A, 0xB0, 0x02, 0x2A, 0x6D, 0xCC, 0xE2, 0xC8, + 0x11, 0xF9, 0x1B, 0xF1, 0x3C, 0x68, 0xDF, 0xC2, 0xF4, 0x98, + 0x5F, 0x6C, 0xC8 +}; +static const int sizeof_dsa_pub_key_der_2048 = sizeof(dsa_pub_key_der_2048); + /* ./certs/dsa2048.der, 2048-bit */ static const unsigned char dsa_key_der_2048[] = { @@ -1380,82 +1526,10 @@ static const int sizeof_ca_key_der_2048 = sizeof(ca_key_der_2048); /* ./certs/ca-cert.der, 2048-bit */ static const unsigned char ca_cert_der_2048[] = { - 0x30, 0x82, 0x04, 0xFF, 0x30, 0x82, 0x03, 0xE7, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x5E, 0xBA, 0xA4, 0xF4, 0xB1, - 0xF7, 0x48, 0x25, 0xE3, 0x5F, 0x9B, 0xDA, 0xA1, 0x13, 0xED, - 0xD5, 0x2B, 0x03, 0x67, 0x15, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, - 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, - 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, - 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, - 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, - 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, - 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, - 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, 0x0C, 0xCA, - 0x2D, 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, 0x38, 0x1F, - 0x4A, 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, 0x9F, 0xDF, - 0xCA, 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, 0x66, 0xEE, - 0x2A, 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, 0x0B, 0x10, - 0x98, 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, 0xCC, 0x4F, - 0xDE, 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, 0xCA, 0x90, - 0xBB, 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, 0x95, 0xC5, - 0xF1, 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, 0xA4, 0x10, - 0x41, 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, - 0x70, 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, 0x2C, 0x7C, - 0xED, 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, 0xAC, 0xC7, - 0xED, 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, 0x49, 0x5C, - 0x38, 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, 0x53, 0x94, - 0x3C, 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, 0xD3, 0x1D, - 0x13, 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, 0xCC, 0xB8, - 0x7D, 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, 0xD8, 0x21, - 0xDC, 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, 0x1A, 0xFC, - 0x7D, 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, 0x7C, 0x05, - 0x67, 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, 0x8C, 0xB5, - 0x68, 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, 0xA0, 0x63, - 0xF5, 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, - 0x17, 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, 0x6F, 0xFE, - 0xC3, 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, - 0x52, 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, - 0xB9, 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, - 0xED, 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, - 0x01, 0x45, 0x30, 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, - 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, - 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xD4, - 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, - 0xC9, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, - 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, - 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, + 0x30, 0x82, 0x04, 0xE9, 0x30, 0x82, 0x03, 0xD1, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xAA, 0xD3, 0x3F, 0xAC, + 0x18, 0x0A, 0x37, 0x4D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, @@ -1471,83 +1545,152 @@ static const unsigned char ca_cert_der_2048[] = 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x14, 0x5E, 0xBA, 0xA4, 0xF4, 0xB1, 0xF7, 0x48, 0x25, - 0xE3, 0x5F, 0x9B, 0xDA, 0xA1, 0x13, 0xED, 0xD5, 0x2B, 0x03, - 0x67, 0x15, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, - 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, - 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, - 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xB9, 0xED, 0x94, - 0x3E, 0x00, 0x73, 0x2D, 0xA5, 0xD1, 0x04, 0xB3, 0xFB, 0xDC, - 0xF0, 0xB7, 0x0D, 0x3D, 0xAD, 0x96, 0x74, 0x4C, 0x92, 0x67, - 0xAD, 0x6D, 0x7C, 0xE2, 0x99, 0x6A, 0x33, 0xCA, 0xB2, 0x0F, - 0x04, 0x5A, 0xA5, 0x67, 0xF8, 0xE3, 0x0B, 0x3D, 0xF5, 0xD0, - 0x5B, 0x1E, 0x20, 0x52, 0x12, 0x92, 0x28, 0xEA, 0x31, 0xA3, - 0x51, 0x9E, 0x8B, 0xD2, 0x39, 0xE4, 0x25, 0xEA, 0x61, 0x61, - 0x41, 0x16, 0x2D, 0x54, 0x50, 0xD3, 0xFB, 0xD0, 0x34, 0x00, - 0x10, 0xF1, 0x7B, 0xBC, 0xF0, 0x08, 0xA7, 0xF5, 0x27, 0x5E, - 0x7E, 0x40, 0x9D, 0x99, 0xB0, 0xD3, 0x31, 0x11, 0xC3, 0x9D, - 0xA9, 0x51, 0xA0, 0x17, 0xCF, 0x83, 0x2C, 0x55, 0x84, 0xE0, - 0xD5, 0x92, 0xA0, 0x05, 0x3A, 0x9F, 0xB8, 0x75, 0xF8, 0x1B, - 0xE5, 0xF7, 0xA4, 0x6C, 0xE9, 0xAA, 0x25, 0x8B, 0x19, 0x93, - 0x46, 0x1F, 0x3F, 0x33, 0xAF, 0x47, 0x29, 0xCF, 0x7B, 0x8B, - 0x59, 0x27, 0xEB, 0xD7, 0x4F, 0xCB, 0x33, 0x19, 0xFA, 0x5F, - 0xEE, 0xD8, 0x13, 0xE9, 0x0C, 0x07, 0xAD, 0x3B, 0xC0, 0x7F, - 0x10, 0xD7, 0xE4, 0xED, 0xE8, 0xDB, 0x16, 0xE1, 0x1F, 0xA4, - 0x7F, 0x16, 0x3C, 0xBD, 0xD7, 0x11, 0xF2, 0xD4, 0x3A, 0xA9, - 0x9B, 0x95, 0xE1, 0x39, 0x51, 0x99, 0xEB, 0x5B, 0x65, 0x46, - 0xEF, 0x63, 0x84, 0x73, 0x95, 0x23, 0xB8, 0xBF, 0xB5, 0xF6, - 0x4D, 0x12, 0x71, 0xF7, 0xFF, 0x33, 0xAA, 0x4A, 0x8C, 0x65, - 0x73, 0x73, 0x89, 0x69, 0xDF, 0xA6, 0xDC, 0xA4, 0x91, 0xFF, - 0xAE, 0xC7, 0x28, 0x93, 0xB5, 0x1A, 0xDE, 0xA9, 0x8F, 0x2B, - 0x30, 0x85, 0x83, 0x8B, 0x99, 0x82, 0xCA, 0xB3, 0x7C, 0x11, - 0x10, 0x88, 0x9D, 0x8E, 0x6C, 0x2C, 0xF3, 0x05, 0x6F, 0xCB, - 0x80, 0x85, 0x16, 0xB7, 0xED, 0xE4, 0x68, 0xFB, 0xB6, 0xB6, - 0x31, 0x8A, 0x7D + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, + 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, + 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, + 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, 0x0C, 0xCA, 0x2D, + 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, 0x38, 0x1F, 0x4A, + 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, 0x9F, 0xDF, 0xCA, + 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, 0x66, 0xEE, 0x2A, + 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, 0x0B, 0x10, 0x98, + 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, 0xCC, 0x4F, 0xDE, + 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, 0xCA, 0x90, 0xBB, + 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, 0x95, 0xC5, 0xF1, + 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, 0xA4, 0x10, 0x41, + 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, 0x70, + 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, 0x2C, 0x7C, 0xED, + 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, 0xAC, 0xC7, 0xED, + 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, 0x49, 0x5C, 0x38, + 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, 0x53, 0x94, 0x3C, + 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, 0xD3, 0x1D, 0x13, + 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, 0xCC, 0xB8, 0x7D, + 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, 0xD8, 0x21, 0xDC, + 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, 0x1A, 0xFC, 0x7D, + 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, 0x7C, 0x05, 0x67, + 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, 0x8C, 0xB5, 0x68, + 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, 0xA0, 0x63, 0xF5, + 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, 0x17, + 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, 0x6F, 0xFE, 0xC3, + 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52, + 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9, + 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED, + 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, + 0x3A, 0x30, 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11, + 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, + 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06, + 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, + 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, + 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, + 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, + 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, + 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, + 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, + 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, + 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, + 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, + 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, + 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, + 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, + 0x09, 0x00, 0xAA, 0xD3, 0x3F, 0xAC, 0x18, 0x0A, 0x37, 0x4D, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, + 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, + 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, + 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x03, 0x82, 0x01, 0x01, 0x00, 0x62, 0x98, 0xC8, 0x58, 0xCF, + 0x56, 0x03, 0x86, 0x5B, 0x1B, 0x71, 0x49, 0x7D, 0x05, 0x03, + 0x5D, 0xE0, 0x08, 0x86, 0xAD, 0xDB, 0x4A, 0xDE, 0xAB, 0x22, + 0x96, 0xA8, 0xC3, 0x59, 0x68, 0xC1, 0x37, 0x90, 0x40, 0xDF, + 0xBD, 0x89, 0xD0, 0xBC, 0xDA, 0x8E, 0xEF, 0x87, 0xB2, 0xC2, + 0x62, 0x52, 0xE1, 0x1A, 0x29, 0x17, 0x6A, 0x96, 0x99, 0xC8, + 0x4E, 0xD8, 0x32, 0xFE, 0xB8, 0xD1, 0x5C, 0x3B, 0x0A, 0xC2, + 0x3C, 0x5F, 0xA1, 0x1E, 0x98, 0x7F, 0xCE, 0x89, 0x26, 0x21, + 0x1F, 0x64, 0x9C, 0x15, 0x7A, 0x9C, 0xEF, 0xFB, 0x1D, 0x85, + 0x6A, 0xFA, 0x98, 0xCE, 0xA8, 0xA9, 0xAB, 0xC3, 0xA2, 0xC0, + 0xEB, 0x87, 0xED, 0xBC, 0x21, 0xDF, 0xF3, 0x07, 0x5B, 0xAE, + 0xFD, 0x40, 0xD4, 0xAE, 0x20, 0xD0, 0x76, 0x8A, 0x31, 0x0A, + 0xA2, 0x62, 0x7C, 0x61, 0x0D, 0xCE, 0x5D, 0x9A, 0x1E, 0xE4, + 0x20, 0x88, 0x51, 0x49, 0xFB, 0x77, 0xA9, 0xCD, 0x4D, 0xC6, + 0xBF, 0x54, 0x99, 0x33, 0xEF, 0x4B, 0xA0, 0x73, 0x70, 0x6D, + 0x2E, 0xD9, 0x3D, 0x08, 0xF6, 0x12, 0x39, 0x31, 0x68, 0xC6, + 0x61, 0x5C, 0x41, 0xB5, 0x1B, 0xF4, 0x38, 0x7D, 0xFC, 0xBE, + 0x73, 0x66, 0x2D, 0xF7, 0xCA, 0x5B, 0x2C, 0x5B, 0x31, 0xAA, + 0xCF, 0xF6, 0x7F, 0x30, 0xE4, 0x12, 0x2C, 0x8E, 0xD6, 0x38, + 0x51, 0xE6, 0x45, 0xEE, 0xD5, 0xDA, 0xC3, 0x83, 0xD6, 0xED, + 0x5E, 0xEC, 0xD6, 0xB6, 0x14, 0xB3, 0x93, 0x59, 0xE1, 0x55, + 0x4A, 0x7F, 0x04, 0xDF, 0xCE, 0x65, 0xD4, 0xDF, 0x18, 0x4F, + 0xDD, 0xB4, 0x45, 0x7F, 0xA6, 0x56, 0x30, 0xC4, 0x05, 0x44, + 0x98, 0x9D, 0x4F, 0x26, 0x6D, 0x84, 0x80, 0xA0, 0x5E, 0xED, + 0x23, 0xD1, 0x48, 0x87, 0x0E, 0x05, 0x06, 0x91, 0x3B, 0xB0, + 0x3C, 0xBB, 0x8C, 0x8F, 0x3C, 0x7B, 0x4C, 0x4F, 0xA1, 0xCA, + 0x98 }; static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048); /* ./certs/ca-cert-chain.der, 2048-bit */ static const unsigned char ca_cert_chain_der[] = { - 0x30, 0x82, 0x03, 0xB5, 0x30, 0x82, 0x03, 0x1E, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xDA, 0xFB, 0x6A, 0x0D, - 0xFE, 0xCF, 0x9B, 0x47, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x30, 0x82, 0x03, 0xE4, 0x30, 0x82, 0x03, 0x4D, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE9, 0x2F, 0xDA, 0xA8, + 0x53, 0xBD, 0xBD, 0xD5, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, - 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, - 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, - 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, - 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, - 0x38, 0x30, 0x34, 0x31, 0x33, 0x31, 0x35, 0x32, 0x33, 0x31, - 0x30, 0x5A, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x31, 0x30, 0x37, - 0x31, 0x35, 0x32, 0x33, 0x31, 0x30, 0x5A, 0x30, 0x81, 0x99, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, - 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, - 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, - 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, - 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, - 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, - 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, + 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, + 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, + 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, @@ -1569,168 +1712,54 @@ static const unsigned char ca_cert_chain_der[] = 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, 0x94, 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, 0xE5, 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, 0x09, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x01, 0x30, - 0x81, 0xFE, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, - 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, - 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, - 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, 0x1D, - 0x23, 0x04, 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, 0xD3, - 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, - 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0xA1, - 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, - 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, - 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, 0x6F, 0x6E, - 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, 0x31, 0x30, - 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x82, 0x09, 0x00, 0xDA, 0xFB, 0x6A, 0x0D, 0xFE, 0xCF, - 0x9B, 0x47, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, - 0x00, 0x03, 0x81, 0x81, 0x00, 0x1D, 0x48, 0xF6, 0x40, 0x41, - 0x04, 0x06, 0xF2, 0xE4, 0x72, 0x2F, 0xEA, 0xFF, 0xC1, 0x67, - 0x6B, 0x15, 0xBB, 0x0A, 0x28, 0x23, 0x28, 0x07, 0xC6, 0xD7, - 0x13, 0x2C, 0xBE, 0x00, 0x00, 0xAC, 0x1D, 0xF7, 0xF4, 0x92, - 0xD3, 0x2B, 0xAF, 0x23, 0xEB, 0x9F, 0x1A, 0xE2, 0x11, 0x3C, - 0x2D, 0x97, 0xF2, 0x0F, 0xAC, 0xAE, 0x97, 0x86, 0x0A, 0xFB, - 0xA8, 0x4F, 0x74, 0x1B, 0xDE, 0x19, 0x51, 0xDB, 0xCD, 0xE2, - 0x11, 0x38, 0xC1, 0xA4, 0x9D, 0x56, 0xAB, 0x47, 0x5C, 0xDE, - 0xBA, 0xEB, 0x27, 0xDF, 0x6D, 0xC8, 0x7E, 0x3A, 0xBD, 0x2E, - 0x9B, 0x2A, 0xAD, 0x22, 0x3B, 0x95, 0xA9, 0xF2, 0x28, 0x03, - 0xBC, 0xE5, 0xEC, 0xCC, 0xF2, 0x08, 0xD4, 0xC8, 0x2F, 0xDB, - 0xEA, 0xFB, 0x2E, 0x52, 0x16, 0x8C, 0x42, 0x02, 0xA4, 0x59, - 0x6D, 0x4C, 0x33, 0xB4, 0x9A, 0xD2, 0x73, 0x4A, 0x1E, 0x9F, - 0xD9, 0xC8, 0x83, 0x30, 0x82, 0x04, 0xAA, 0x30, 0x82, 0x03, - 0x92, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x86, - 0xFF, 0xF5, 0x8E, 0x10, 0xDE, 0xB8, 0xFB, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, - 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, - 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, - 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x38, 0x30, - 0x34, 0x31, 0x33, 0x31, 0x35, 0x32, 0x33, 0x30, 0x39, 0x5A, - 0x17, 0x0D, 0x32, 0x31, 0x30, 0x31, 0x30, 0x37, 0x31, 0x35, - 0x32, 0x33, 0x30, 0x39, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, - 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, - 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, - 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, - 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, - 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, - 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, - 0x0C, 0xCA, 0x2D, 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, - 0x38, 0x1F, 0x4A, 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, - 0x9F, 0xDF, 0xCA, 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, - 0x66, 0xEE, 0x2A, 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, - 0x0B, 0x10, 0x98, 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, - 0xCC, 0x4F, 0xDE, 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, - 0xCA, 0x90, 0xBB, 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, - 0x95, 0xC5, 0xF1, 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, - 0xA4, 0x10, 0x41, 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, - 0xB0, 0xD2, 0x70, 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, - 0x2C, 0x7C, 0xED, 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, - 0xAC, 0xC7, 0xED, 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, - 0x49, 0x5C, 0x38, 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, - 0x53, 0x94, 0x3C, 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, - 0xD3, 0x1D, 0x13, 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, - 0xCC, 0xB8, 0x7D, 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, - 0xD8, 0x21, 0xDC, 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, - 0x1A, 0xFC, 0x7D, 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, - 0x7C, 0x05, 0x67, 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, - 0x8C, 0xB5, 0x68, 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, - 0xA0, 0x63, 0xF5, 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, - 0xB1, 0x5A, 0x17, 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, - 0x6F, 0xFE, 0xC3, 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, - 0x67, 0x00, 0x52, 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, - 0x45, 0x1D, 0xB9, 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, - 0x4B, 0xBD, 0xED, 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, - 0xA3, 0x81, 0xFC, 0x30, 0x81, 0xF9, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, - 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, - 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, - 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, - 0xBE, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, - 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, - 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, - 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, - 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, - 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, - 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, - 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x09, 0x00, 0x86, 0xFF, 0xF5, 0x8E, 0x10, 0xDE, 0xB8, - 0xFB, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, - 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x03, 0x82, 0x01, 0x01, 0x00, 0x9E, 0x28, 0x88, 0x72, 0x00, - 0xCA, 0xE6, 0xE7, 0x97, 0xCA, 0xC1, 0xF1, 0x1F, 0x9E, 0x12, - 0xB2, 0xB8, 0xC7, 0x51, 0xEA, 0x28, 0xE1, 0x36, 0xB5, 0x2D, - 0xE6, 0x2F, 0x08, 0x23, 0xCB, 0xA9, 0x4A, 0x87, 0x25, 0xC6, - 0x5D, 0x89, 0x45, 0xEA, 0xF5, 0x00, 0x98, 0xAC, 0x76, 0xFB, - 0x1B, 0xAF, 0xF0, 0xCE, 0x64, 0x9E, 0xDA, 0x08, 0xBF, 0xB6, - 0xEB, 0xB4, 0xB5, 0x0C, 0xA0, 0xE7, 0xF6, 0x47, 0x59, 0x1C, - 0x61, 0xCF, 0x2E, 0x0E, 0x58, 0xA4, 0x82, 0xAC, 0x0F, 0x3F, - 0xEC, 0xC4, 0xAE, 0x80, 0xF7, 0xB0, 0x8A, 0x1E, 0x85, 0x41, - 0xE8, 0xFF, 0xFE, 0xFE, 0x4F, 0x1A, 0x24, 0xD5, 0x49, 0xFA, - 0xFB, 0xFE, 0x5E, 0xE5, 0xD3, 0x91, 0x0E, 0x4F, 0x4E, 0x0C, - 0x21, 0x51, 0x71, 0x83, 0x04, 0x6B, 0x62, 0x7B, 0x4F, 0x59, - 0x76, 0x48, 0x81, 0x1E, 0xB4, 0xF7, 0x04, 0x47, 0x8A, 0x91, - 0x57, 0xA3, 0x11, 0xA9, 0xF2, 0x20, 0xB4, 0x78, 0x33, 0x62, - 0x3D, 0xB0, 0x5E, 0x0D, 0xF9, 0x86, 0x38, 0x82, 0xDA, 0xA1, - 0x98, 0x8D, 0x19, 0x06, 0x87, 0x21, 0x39, 0xB7, 0x02, 0xF7, - 0xDA, 0x7D, 0x58, 0xBA, 0x52, 0x15, 0xD8, 0x3B, 0xC9, 0x7B, - 0x58, 0x34, 0xA0, 0xC7, 0xE2, 0x7C, 0xA9, 0x83, 0x13, 0xE1, - 0xB6, 0xEC, 0x01, 0xBF, 0x52, 0x33, 0x0B, 0xC4, 0xFE, 0x43, - 0xD3, 0xC6, 0xA4, 0x8E, 0x2F, 0x87, 0x7F, 0x7A, 0x44, 0xEA, - 0xCA, 0x53, 0x6C, 0x85, 0xED, 0x65, 0x76, 0x73, 0x31, 0x03, - 0x4E, 0xEA, 0xBD, 0x35, 0x54, 0x13, 0xF3, 0x64, 0x87, 0x6B, - 0xDF, 0x34, 0xDD, 0x34, 0xA1, 0x88, 0x3B, 0xDB, 0x4D, 0xAF, - 0x1B, 0x64, 0x90, 0x92, 0x71, 0x30, 0x8E, 0xC8, 0xCC, 0xE5, - 0x60, 0x24, 0xAF, 0x31, 0x16, 0x39, 0x33, 0x91, 0x50, 0xF9, - 0xAB, 0x68, 0x42, 0x74, 0x7A, 0x35, 0xD9, 0xDD, 0xC8, 0xC4, - 0x52 + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3A, 0x30, + 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, + 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, + 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, + 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, + 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, + 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, + 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, + 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, + 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, + 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xE9, 0x2F, 0xDA, 0xA8, 0x53, 0xBD, 0xBD, 0xD5, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, + 0x81, 0x00, 0xB3, 0xE9, 0x88, 0x6A, 0xEA, 0x5F, 0x35, 0x7C, + 0x6C, 0xFD, 0x93, 0xFE, 0x9A, 0x98, 0xE7, 0x1C, 0xBC, 0xD1, + 0xC8, 0x7A, 0x15, 0xC5, 0x69, 0xE1, 0xFB, 0x35, 0x1B, 0xEC, + 0x92, 0x3F, 0xD1, 0x3E, 0x69, 0x2A, 0x11, 0x95, 0x44, 0x3D, + 0x3F, 0x7C, 0xFF, 0xF6, 0x64, 0xD8, 0xE4, 0x1D, 0xEC, 0x86, + 0x95, 0x69, 0x48, 0x3D, 0x5B, 0x6D, 0x39, 0xE7, 0x7E, 0x51, + 0x12, 0x15, 0x4B, 0x90, 0xA8, 0xFA, 0x1E, 0xAA, 0x81, 0x53, + 0xDE, 0x85, 0x29, 0x4D, 0x79, 0x6C, 0x08, 0xC2, 0xC4, 0x5E, + 0x4D, 0x39, 0xA6, 0x09, 0xA4, 0x67, 0xAC, 0xDC, 0xF0, 0xCD, + 0xB7, 0x4E, 0xE5, 0xF9, 0x72, 0xC3, 0x25, 0x1C, 0x8D, 0xE0, + 0x03, 0x30, 0x19, 0x5A, 0xA5, 0x63, 0xA6, 0xBA, 0xEC, 0x12, + 0x87, 0xEF, 0x6D, 0x56, 0x22, 0xA7, 0x42, 0x4A, 0x8F, 0x3B, + 0xFD, 0x20, 0xAB, 0xEF, 0x29, 0x5E, 0x3D, 0x16, 0xD7, 0xAC + }; static const int sizeof_ca_cert_chain_der = sizeof(ca_cert_chain_der); @@ -1863,7 +1892,7 @@ static const int sizeof_server_key_der_2048 = sizeof(server_key_der_2048); /* ./certs/server-cert.der, 2048-bit */ static const unsigned char server_cert_der_2048[] = { - 0x30, 0x82, 0x04, 0xE8, 0x30, 0x82, 0x03, 0xD0, 0xA0, 0x03, + 0x30, 0x82, 0x04, 0xDD, 0x30, 0x82, 0x03, 0xC5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, @@ -1881,10 +1910,10 @@ static const unsigned char server_cert_der_2048[] = 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, - 0x31, 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, - 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, - 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, + 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, + 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, + 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, @@ -1928,12 +1957,12 @@ static const unsigned char server_cert_der_2048[] = 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x45, 0x30, - 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3A, 0x30, + 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98, 0x84, 0xE2, 0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA, - 0x1F, 0x0E, 0x8E, 0x3C, 0x30, 0x81, 0xD4, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, 0xC9, 0x80, 0x14, + 0x1F, 0x0E, 0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, @@ -1951,45 +1980,43 @@ static const unsigned char server_cert_der_2048[] = 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x5E, - 0xBA, 0xA4, 0xF4, 0xB1, 0xF7, 0x48, 0x25, 0xE3, 0x5F, 0x9B, - 0xDA, 0xA1, 0x13, 0xED, 0xD5, 0x2B, 0x03, 0x67, 0x15, 0x30, - 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, - 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, - 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, - 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, - 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, - 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, - 0x82, 0x01, 0x01, 0x00, 0x35, 0x91, 0xE6, 0x72, 0xCC, 0x0B, - 0xF1, 0x47, 0x8F, 0x3D, 0xE3, 0x5D, 0x52, 0x2F, 0x83, 0xB8, - 0xB1, 0x3B, 0x6D, 0xD6, 0xAC, 0x13, 0x79, 0x74, 0x14, 0xFF, - 0x07, 0x8D, 0xEE, 0x74, 0x77, 0x64, 0xFF, 0xB8, 0x83, 0x1D, - 0x81, 0x80, 0x84, 0xBB, 0x38, 0xFA, 0x8F, 0xF3, 0x75, 0x29, - 0x23, 0xCE, 0xE5, 0x09, 0xA8, 0x13, 0x85, 0x14, 0xB6, 0x6A, - 0x35, 0x30, 0x2C, 0x1C, 0xC4, 0x0F, 0x23, 0x67, 0xEA, 0xED, - 0xCB, 0x91, 0xC4, 0x05, 0xE3, 0xEC, 0x6B, 0xBE, 0x11, 0xBF, - 0xD9, 0x9A, 0xAB, 0x93, 0x17, 0x9F, 0xE4, 0x9A, 0x59, 0xD4, - 0xE7, 0xCC, 0xCE, 0xDC, 0x83, 0x10, 0xF5, 0xCD, 0xDE, 0xD7, - 0x35, 0x75, 0x4B, 0xAA, 0x7A, 0x7A, 0xBA, 0x02, 0xA0, 0xB0, - 0xB5, 0xC1, 0x8A, 0x6B, 0xB1, 0x72, 0xCF, 0x64, 0x59, 0x4E, - 0xD3, 0xA4, 0xA1, 0x6C, 0x64, 0x4B, 0x14, 0xCF, 0xA3, 0xD6, - 0x37, 0x0A, 0xE6, 0xF9, 0x5B, 0x21, 0xBE, 0xDE, 0x0C, 0xC1, - 0xCF, 0x43, 0xE1, 0x18, 0x0B, 0x19, 0x13, 0x6B, 0x8E, 0x3D, - 0xDF, 0x0F, 0xA7, 0x43, 0xFB, 0x35, 0x67, 0x4A, 0x50, 0xE8, - 0x09, 0x46, 0x34, 0xBD, 0xF4, 0xAB, 0x1A, 0x8F, 0xBD, 0x4D, - 0x1C, 0x6B, 0x20, 0xBE, 0x1C, 0x8C, 0xCA, 0x66, 0x98, 0xBA, - 0x03, 0x67, 0xF2, 0x1C, 0x3C, 0x1E, 0x01, 0xF0, 0x4D, 0xC6, - 0x85, 0x82, 0x6F, 0xA9, 0x49, 0xF7, 0x1B, 0x7D, 0x6B, 0xDB, - 0x76, 0x84, 0x73, 0xBB, 0x16, 0xC5, 0x6E, 0x74, 0xAB, 0x7B, - 0xFB, 0x1C, 0xE9, 0x91, 0xBB, 0x29, 0x73, 0x1C, 0xDE, 0x27, - 0xB4, 0x67, 0x3B, 0x10, 0x51, 0xF4, 0x17, 0xEB, 0xB8, 0x38, - 0xA0, 0x9A, 0xEB, 0x37, 0x5B, 0x76, 0x8F, 0x39, 0x12, 0x39, - 0x35, 0xD1, 0xCA, 0xFE, 0xC0, 0x26, 0xFB, 0x73, 0x50, 0x1E, - 0x2D, 0xB9, 0xD2, 0xBA, 0xE5, 0x4C, 0x35, 0xBD, 0xED, 0x7B - + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xAA, 0xD3, 0x3F, 0xAC, 0x18, 0x0A, 0x37, 0x4D, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, + 0x01, 0x01, 0x00, 0x1B, 0x0D, 0xA6, 0x44, 0x93, 0x0D, 0x0E, + 0x0C, 0x35, 0x28, 0x26, 0x40, 0x31, 0xD2, 0xEB, 0x26, 0x4C, + 0x47, 0x5B, 0x19, 0xFB, 0xAD, 0xFE, 0x3A, 0xF5, 0x30, 0x3A, + 0x28, 0xD7, 0xAA, 0x69, 0xA4, 0x15, 0xE7, 0x26, 0x6E, 0xB7, + 0x33, 0x56, 0xAC, 0x8F, 0x34, 0x3D, 0xF3, 0x21, 0x2F, 0x53, + 0x58, 0x91, 0xD0, 0x3E, 0xB4, 0x39, 0x48, 0xBF, 0x93, 0x11, + 0x74, 0x36, 0xD3, 0x87, 0x49, 0xC3, 0x34, 0x0D, 0x30, 0x30, + 0xAB, 0xF4, 0x4C, 0x27, 0x19, 0xD5, 0xC4, 0x0C, 0xAD, 0x49, + 0xBD, 0x91, 0xF8, 0xDA, 0x9E, 0xC8, 0x2D, 0x2A, 0xAC, 0xE2, + 0x75, 0x8E, 0xAA, 0x08, 0xD9, 0xBF, 0x65, 0xFF, 0xA3, 0xB1, + 0x4F, 0xF0, 0x60, 0x6F, 0x4D, 0x95, 0xC4, 0x06, 0x7F, 0xAF, + 0x66, 0x6A, 0x23, 0x3B, 0x3A, 0xA4, 0x61, 0xB6, 0x6C, 0xCA, + 0xBE, 0xE1, 0xB0, 0x77, 0xF3, 0xEC, 0x83, 0xD5, 0x8C, 0x1D, + 0x85, 0x7F, 0x8D, 0x74, 0xC8, 0xEC, 0x1E, 0x49, 0xEC, 0x57, + 0x4A, 0xCC, 0xFD, 0xE2, 0x3A, 0x3E, 0x54, 0x50, 0xAE, 0x67, + 0xCD, 0x17, 0xB0, 0x67, 0xA5, 0x53, 0x7F, 0xC3, 0x0E, 0x3E, + 0xA7, 0x58, 0xE8, 0xDF, 0xD5, 0x0C, 0xF2, 0x64, 0xF3, 0xAD, + 0x12, 0x70, 0xE3, 0xB9, 0x42, 0xBC, 0x08, 0x60, 0x76, 0xD5, + 0x0C, 0xA5, 0x31, 0x77, 0x50, 0xE0, 0xC8, 0xF3, 0x3A, 0x3D, + 0x45, 0xCF, 0x32, 0x75, 0xEF, 0x10, 0xDD, 0xB5, 0xED, 0x6E, + 0xD2, 0x2D, 0x57, 0x82, 0x95, 0x38, 0xBC, 0x7D, 0x54, 0xC4, + 0x84, 0x5E, 0xFB, 0x7E, 0x83, 0xF5, 0xF1, 0x2D, 0x9C, 0x98, + 0xAC, 0x73, 0xE3, 0xA7, 0xD2, 0x02, 0x30, 0xD6, 0x1F, 0x06, + 0x1E, 0xD0, 0xDC, 0x3A, 0xAC, 0xF4, 0xC2, 0xC2, 0xBE, 0x72, + 0x40, 0x9A, 0xEA, 0xCF, 0x35, 0x21, 0x3B, 0x56, 0x6D, 0xE1, + 0x52, 0xF2, 0x80, 0xD7, 0x35, 0x83, 0x97, 0x07, 0xCC }; static const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048); @@ -2592,163 +2619,161 @@ static const int sizeof_client_keypub_der_3072 = sizeof(client_keypub_der_3072); /* ./certs/3072/client-cert.der, 3072-bit */ static const unsigned char client_cert_der_3072[] = { - 0x30, 0x82, 0x06, 0x1D, 0x30, 0x82, 0x04, 0x85, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x53, 0x82, 0x30, 0x49, 0xE8, - 0xBE, 0x64, 0x59, 0x2E, 0x35, 0x41, 0xAC, 0x31, 0x0D, 0x4D, - 0x25, 0x21, 0x54, 0x90, 0xA4, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, - 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, - 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, - 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, - 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, - 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0xA2, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, - 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00, 0x30, 0x82, - 0x01, 0x8A, 0x02, 0x82, 0x01, 0x81, 0x00, 0xAC, 0x39, 0x50, - 0x68, 0x8F, 0x78, 0xF8, 0x10, 0x9B, 0x68, 0x96, 0xD3, 0xE1, - 0x9C, 0x56, 0x68, 0x5A, 0x41, 0x62, 0xE3, 0xB3, 0x41, 0xB0, - 0x55, 0x80, 0x17, 0xB0, 0x88, 0x16, 0x9B, 0xE0, 0x97, 0x74, - 0x5F, 0x42, 0x79, 0x73, 0x42, 0xDF, 0x93, 0xF3, 0xAA, 0x9D, - 0xEE, 0x2D, 0x6F, 0xAA, 0xBC, 0x27, 0x90, 0x84, 0xC0, 0x5D, - 0xC7, 0xEC, 0x49, 0xEA, 0x5C, 0x66, 0x1D, 0x70, 0x9C, 0x53, - 0x5C, 0xBA, 0xA1, 0xB3, 0x58, 0xC9, 0x3E, 0x8E, 0x9B, 0x72, - 0x3D, 0x6E, 0x02, 0x02, 0x00, 0x9C, 0x65, 0x56, 0x82, 0xA3, - 0x22, 0xB4, 0x08, 0x5F, 0x2A, 0xEF, 0xDF, 0x9A, 0xD0, 0xE7, - 0x31, 0x59, 0x26, 0x5B, 0x0B, 0x1C, 0x63, 0x61, 0xFF, 0xD5, - 0x69, 0x32, 0x19, 0x06, 0x7E, 0x0F, 0x40, 0x3C, 0x7A, 0x1E, - 0xC8, 0xFC, 0x58, 0x6C, 0x64, 0xAE, 0x10, 0x3D, 0xA8, 0x23, - 0xFF, 0x8E, 0x1A, 0xCA, 0x6A, 0x82, 0xE2, 0xF9, 0x01, 0x64, - 0x2C, 0x97, 0xA0, 0x1A, 0x89, 0xA0, 0x74, 0xD3, 0xB6, 0x05, - 0x11, 0xF2, 0x62, 0x06, 0x48, 0x2A, 0xF7, 0x66, 0xCE, 0xC1, - 0x85, 0xE1, 0xD2, 0x27, 0xEA, 0xCA, 0x12, 0xA5, 0x91, 0x97, - 0x3E, 0xFC, 0x94, 0x06, 0x59, 0x51, 0xC0, 0xE7, 0x13, 0xB6, - 0x87, 0x7B, 0x5F, 0xD2, 0xC0, 0x56, 0x2F, 0x5E, 0x1D, 0x02, - 0xC3, 0x11, 0x2C, 0xDF, 0xF7, 0x01, 0xDA, 0xBD, 0x85, 0x54, - 0x35, 0x32, 0x5F, 0xC5, 0xC8, 0xF9, 0x7A, 0x9F, 0x89, 0xF7, - 0x03, 0x0E, 0x7E, 0x79, 0x5D, 0x04, 0x82, 0x35, 0x10, 0xFE, - 0x6D, 0x9B, 0xBF, 0xB8, 0xEE, 0xE2, 0x62, 0x87, 0x26, 0x5E, - 0x2F, 0x50, 0x2F, 0x78, 0x0C, 0xE8, 0x73, 0x4F, 0x88, 0x6A, - 0xD6, 0x26, 0xA4, 0xC9, 0xFC, 0xFA, 0x1E, 0x8A, 0xB0, 0xF4, - 0x32, 0xCF, 0x57, 0xCD, 0xA1, 0x58, 0x8A, 0x49, 0x0F, 0xBB, - 0xA9, 0x1D, 0x86, 0xAB, 0xB9, 0x8F, 0x8D, 0x57, 0x19, 0xB2, - 0x5A, 0x7E, 0xA4, 0xEA, 0xCC, 0xB7, 0x96, 0x7A, 0x3B, 0x38, - 0xCD, 0xDE, 0xE0, 0x61, 0xFC, 0xC9, 0x06, 0x8F, 0x93, 0x5A, - 0xCE, 0xAD, 0x2A, 0xE3, 0x2D, 0x3E, 0x39, 0x5D, 0x41, 0x83, - 0x01, 0x1F, 0x0F, 0xE1, 0x7F, 0x76, 0xC7, 0x28, 0xDA, 0x56, - 0xEF, 0xBF, 0xDC, 0x26, 0x35, 0x40, 0xBE, 0xAD, 0xC7, 0x38, - 0xAD, 0xA4, 0x06, 0xAC, 0xCA, 0xE8, 0x51, 0xEB, 0xC0, 0xF8, - 0x68, 0x02, 0x2C, 0x9B, 0xA1, 0x14, 0xBC, 0xF8, 0x61, 0x86, - 0xD7, 0x56, 0xD7, 0x73, 0xF4, 0xAB, 0xBB, 0x6A, 0x21, 0xD3, - 0x88, 0x22, 0xB4, 0xE7, 0x6F, 0x7F, 0x91, 0xE5, 0x0E, 0xC6, - 0x08, 0x49, 0xDE, 0xEA, 0x13, 0x58, 0x72, 0xA0, 0xAA, 0x3A, - 0xF9, 0x36, 0x03, 0x45, 0x57, 0x5E, 0x87, 0xD2, 0x73, 0x65, - 0xC4, 0x8C, 0xA3, 0xEE, 0xC9, 0xD6, 0x73, 0x7C, 0x96, 0x41, - 0x93, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, - 0x30, 0x82, 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x0E, 0x04, 0x16, 0x04, 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, - 0xB0, 0x20, 0x49, 0xBC, 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, - 0xD2, 0xD4, 0x0C, 0xA3, 0xA8, 0x30, 0x81, 0xDE, 0x06, 0x03, - 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, - 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, 0x20, 0x49, 0xBC, - 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, 0xD4, 0x0C, 0xA3, - 0xA8, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, - 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, - 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, - 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, - 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, - 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, - 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, - 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, - 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, - 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, - 0x53, 0x82, 0x30, 0x49, 0xE8, 0xBE, 0x64, 0x59, 0x2E, 0x35, - 0x41, 0xAC, 0x31, 0x0D, 0x4D, 0x25, 0x21, 0x54, 0x90, 0xA4, - 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, - 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, - 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, - 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, - 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x03, 0x82, 0x01, 0x81, 0x00, 0x9E, 0xC9, 0x99, 0xB8, 0x8C, - 0xC1, 0xA2, 0xDB, 0xCB, 0x78, 0x73, 0x5A, 0x8A, 0x8D, 0x3B, - 0xF3, 0x0A, 0x2A, 0x2F, 0xEF, 0x30, 0x09, 0x18, 0x49, 0xE1, - 0xF7, 0x9F, 0x8A, 0xA2, 0x33, 0xCE, 0x7C, 0xEC, 0x88, 0xA3, - 0x3D, 0x81, 0x50, 0x76, 0x4B, 0x2C, 0x20, 0x82, 0xBC, 0x99, - 0x30, 0x82, 0x7F, 0x0E, 0x33, 0x9C, 0xC8, 0x02, 0x9B, 0x3C, - 0xDE, 0x3E, 0x65, 0x78, 0x2D, 0x6E, 0x27, 0x39, 0x4F, 0xC4, - 0x18, 0xD3, 0x96, 0x23, 0xA3, 0x2D, 0x91, 0x57, 0x90, 0x52, - 0xBD, 0x7D, 0x12, 0x3D, 0xBF, 0x7D, 0xB1, 0x35, 0x2E, 0xA6, - 0xBE, 0x26, 0x95, 0x3C, 0x04, 0x5C, 0x20, 0x6C, 0xD8, 0xE5, - 0x36, 0xB2, 0xE1, 0x7B, 0x0F, 0xA1, 0x2C, 0x1F, 0x28, 0x3C, - 0x19, 0xCB, 0xC4, 0x69, 0xBB, 0x59, 0xB4, 0x99, 0x13, 0xF2, - 0xE5, 0xF5, 0x6C, 0x23, 0xD3, 0x69, 0x3B, 0x01, 0xB7, 0x5A, - 0xA1, 0xBE, 0xF6, 0x70, 0x00, 0x6C, 0x9C, 0x2E, 0x2F, 0x22, - 0xEA, 0x4C, 0x7C, 0x72, 0xE3, 0x99, 0x21, 0xA9, 0xDD, 0xBA, - 0x8D, 0x16, 0x5C, 0x88, 0xF7, 0xC0, 0x99, 0xC2, 0x8E, 0x83, - 0x10, 0x3D, 0xEA, 0xC8, 0x11, 0x77, 0x6A, 0xE5, 0x78, 0x47, - 0x92, 0x33, 0xEC, 0xAA, 0x35, 0x8C, 0x13, 0xF0, 0x4C, 0x9D, - 0xDD, 0x35, 0x56, 0x42, 0x35, 0x36, 0xCE, 0xD8, 0x46, 0xD8, - 0xD7, 0xD4, 0x84, 0xA1, 0x17, 0xBC, 0x57, 0x09, 0xCB, 0xDA, - 0x56, 0xD2, 0x76, 0xAC, 0x6A, 0xC0, 0xB3, 0x71, 0xA3, 0x1C, - 0xD3, 0x2C, 0xEA, 0xF6, 0x4C, 0x9A, 0x4D, 0xDD, 0x3A, 0xCE, - 0x10, 0x33, 0xF0, 0x82, 0x34, 0x70, 0x71, 0x5D, 0x6F, 0x77, - 0x8F, 0xEC, 0xA2, 0x77, 0x7D, 0x1C, 0x9E, 0x7F, 0x55, 0x6B, - 0xE5, 0xD3, 0x29, 0x49, 0x3D, 0x77, 0xFD, 0x5F, 0xBB, 0xCA, - 0x7A, 0xB9, 0x80, 0xB5, 0x81, 0x69, 0xA3, 0x38, 0xA3, 0xC6, - 0x96, 0xD2, 0x21, 0x1D, 0x85, 0x08, 0x47, 0x59, 0xA9, 0xD4, - 0x92, 0x8E, 0x94, 0x3F, 0x5A, 0xA1, 0x36, 0xD7, 0x92, 0xB7, - 0x2F, 0xCE, 0xF0, 0xA8, 0x40, 0x50, 0xAE, 0x3F, 0xD0, 0x20, - 0x39, 0x86, 0xA6, 0xA1, 0x7C, 0x4F, 0x23, 0x5C, 0x9C, 0x5F, - 0xDA, 0x93, 0x75, 0xD6, 0x93, 0xB1, 0x5F, 0x30, 0x25, 0x76, - 0x6C, 0x77, 0x8F, 0xF8, 0x8E, 0x15, 0xAE, 0x66, 0x5B, 0x7D, - 0xEE, 0xD3, 0x49, 0xAE, 0xC6, 0x1C, 0xB0, 0x90, 0x96, 0x5D, - 0x36, 0x9E, 0x12, 0x4C, 0x98, 0x4A, 0xF1, 0xD1, 0x6B, 0xA4, - 0x7F, 0x76, 0xCB, 0x51, 0xF9, 0xF2, 0x52, 0x07, 0xE4, 0x60, - 0x6F, 0x67, 0x6F, 0xE3, 0xA3, 0x84, 0xC0, 0x43, 0x0D, 0xFD, - 0xF6, 0x25, 0x9E, 0x3C, 0xD3, 0x41, 0xE9, 0x44, 0xC5, 0xF7, - 0xB9, 0x11, 0x3B, 0x0F, 0xDC, 0x9C, 0xE3, 0xDD, 0xF2, 0xAC, - 0x06, 0xB3, 0x20, 0x14, 0x2D, 0x6C, 0xDB, 0x8E, 0x78 + 0x30, 0x82, 0x06, 0x07, 0x30, 0x82, 0x04, 0x6F, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA4, 0xE0, 0xAA, 0xF3, + 0x29, 0x50, 0x39, 0x8A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, + 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, + 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, + 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0xA2, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00, 0x30, 0x82, 0x01, + 0x8A, 0x02, 0x82, 0x01, 0x81, 0x00, 0xAC, 0x39, 0x50, 0x68, + 0x8F, 0x78, 0xF8, 0x10, 0x9B, 0x68, 0x96, 0xD3, 0xE1, 0x9C, + 0x56, 0x68, 0x5A, 0x41, 0x62, 0xE3, 0xB3, 0x41, 0xB0, 0x55, + 0x80, 0x17, 0xB0, 0x88, 0x16, 0x9B, 0xE0, 0x97, 0x74, 0x5F, + 0x42, 0x79, 0x73, 0x42, 0xDF, 0x93, 0xF3, 0xAA, 0x9D, 0xEE, + 0x2D, 0x6F, 0xAA, 0xBC, 0x27, 0x90, 0x84, 0xC0, 0x5D, 0xC7, + 0xEC, 0x49, 0xEA, 0x5C, 0x66, 0x1D, 0x70, 0x9C, 0x53, 0x5C, + 0xBA, 0xA1, 0xB3, 0x58, 0xC9, 0x3E, 0x8E, 0x9B, 0x72, 0x3D, + 0x6E, 0x02, 0x02, 0x00, 0x9C, 0x65, 0x56, 0x82, 0xA3, 0x22, + 0xB4, 0x08, 0x5F, 0x2A, 0xEF, 0xDF, 0x9A, 0xD0, 0xE7, 0x31, + 0x59, 0x26, 0x5B, 0x0B, 0x1C, 0x63, 0x61, 0xFF, 0xD5, 0x69, + 0x32, 0x19, 0x06, 0x7E, 0x0F, 0x40, 0x3C, 0x7A, 0x1E, 0xC8, + 0xFC, 0x58, 0x6C, 0x64, 0xAE, 0x10, 0x3D, 0xA8, 0x23, 0xFF, + 0x8E, 0x1A, 0xCA, 0x6A, 0x82, 0xE2, 0xF9, 0x01, 0x64, 0x2C, + 0x97, 0xA0, 0x1A, 0x89, 0xA0, 0x74, 0xD3, 0xB6, 0x05, 0x11, + 0xF2, 0x62, 0x06, 0x48, 0x2A, 0xF7, 0x66, 0xCE, 0xC1, 0x85, + 0xE1, 0xD2, 0x27, 0xEA, 0xCA, 0x12, 0xA5, 0x91, 0x97, 0x3E, + 0xFC, 0x94, 0x06, 0x59, 0x51, 0xC0, 0xE7, 0x13, 0xB6, 0x87, + 0x7B, 0x5F, 0xD2, 0xC0, 0x56, 0x2F, 0x5E, 0x1D, 0x02, 0xC3, + 0x11, 0x2C, 0xDF, 0xF7, 0x01, 0xDA, 0xBD, 0x85, 0x54, 0x35, + 0x32, 0x5F, 0xC5, 0xC8, 0xF9, 0x7A, 0x9F, 0x89, 0xF7, 0x03, + 0x0E, 0x7E, 0x79, 0x5D, 0x04, 0x82, 0x35, 0x10, 0xFE, 0x6D, + 0x9B, 0xBF, 0xB8, 0xEE, 0xE2, 0x62, 0x87, 0x26, 0x5E, 0x2F, + 0x50, 0x2F, 0x78, 0x0C, 0xE8, 0x73, 0x4F, 0x88, 0x6A, 0xD6, + 0x26, 0xA4, 0xC9, 0xFC, 0xFA, 0x1E, 0x8A, 0xB0, 0xF4, 0x32, + 0xCF, 0x57, 0xCD, 0xA1, 0x58, 0x8A, 0x49, 0x0F, 0xBB, 0xA9, + 0x1D, 0x86, 0xAB, 0xB9, 0x8F, 0x8D, 0x57, 0x19, 0xB2, 0x5A, + 0x7E, 0xA4, 0xEA, 0xCC, 0xB7, 0x96, 0x7A, 0x3B, 0x38, 0xCD, + 0xDE, 0xE0, 0x61, 0xFC, 0xC9, 0x06, 0x8F, 0x93, 0x5A, 0xCE, + 0xAD, 0x2A, 0xE3, 0x2D, 0x3E, 0x39, 0x5D, 0x41, 0x83, 0x01, + 0x1F, 0x0F, 0xE1, 0x7F, 0x76, 0xC7, 0x28, 0xDA, 0x56, 0xEF, + 0xBF, 0xDC, 0x26, 0x35, 0x40, 0xBE, 0xAD, 0xC7, 0x38, 0xAD, + 0xA4, 0x06, 0xAC, 0xCA, 0xE8, 0x51, 0xEB, 0xC0, 0xF8, 0x68, + 0x02, 0x2C, 0x9B, 0xA1, 0x14, 0xBC, 0xF8, 0x61, 0x86, 0xD7, + 0x56, 0xD7, 0x73, 0xF4, 0xAB, 0xBB, 0x6A, 0x21, 0xD3, 0x88, + 0x22, 0xB4, 0xE7, 0x6F, 0x7F, 0x91, 0xE5, 0x0E, 0xC6, 0x08, + 0x49, 0xDE, 0xEA, 0x13, 0x58, 0x72, 0xA0, 0xAA, 0x3A, 0xF9, + 0x36, 0x03, 0x45, 0x57, 0x5E, 0x87, 0xD2, 0x73, 0x65, 0xC4, + 0x8C, 0xA3, 0xEE, 0xC9, 0xD6, 0x73, 0x7C, 0x96, 0x41, 0x93, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x44, 0x30, + 0x82, 0x01, 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, + 0x20, 0x49, 0xBC, 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, + 0xD4, 0x0C, 0xA3, 0xA8, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, + 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, 0x20, 0x49, 0xBC, 0x74, + 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, 0xD4, 0x0C, 0xA3, 0xA8, + 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, + 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, + 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, + 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xA4, 0xE0, 0xAA, 0xF3, 0x29, 0x50, 0x39, 0x8A, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, + 0x01, 0x81, 0x00, 0x57, 0x21, 0xC0, 0xAD, 0x6E, 0x16, 0x74, + 0xD5, 0xB1, 0x8B, 0x19, 0x55, 0x49, 0x7A, 0xA4, 0x5E, 0xD6, + 0x18, 0xF9, 0x03, 0x80, 0x4B, 0xC2, 0x71, 0xD1, 0x04, 0x47, + 0x9C, 0xB3, 0x73, 0x9C, 0x4F, 0x62, 0x4A, 0x3A, 0x9A, 0xD4, + 0x48, 0xE4, 0x81, 0xDB, 0x8D, 0x15, 0xDF, 0x5D, 0x0F, 0x08, + 0x13, 0x28, 0x28, 0xD7, 0x05, 0x44, 0xC1, 0xB9, 0x6D, 0xF1, + 0x75, 0x60, 0x74, 0xD0, 0x44, 0xAE, 0x91, 0x0F, 0x3A, 0x7C, + 0xF4, 0xEE, 0xEA, 0x6F, 0x06, 0x3A, 0x41, 0xAE, 0x6B, 0x5C, + 0x8A, 0x0D, 0x85, 0x6B, 0xB3, 0xFB, 0xB1, 0x5F, 0x70, 0xF7, + 0x9B, 0x32, 0x57, 0xFB, 0xC4, 0x6B, 0xCE, 0x90, 0x86, 0x0C, + 0x96, 0x8A, 0x41, 0x4E, 0x61, 0xF3, 0xA1, 0x3F, 0x55, 0xE8, + 0x94, 0x56, 0x12, 0x6D, 0x9E, 0x46, 0x2C, 0x31, 0xBD, 0x3F, + 0x8A, 0x70, 0xC8, 0x20, 0xA4, 0xFB, 0xFA, 0xC6, 0x53, 0x58, + 0xBB, 0x05, 0x28, 0xBA, 0x89, 0x0C, 0xB1, 0x5F, 0x21, 0xAC, + 0x1E, 0xF1, 0x35, 0xFD, 0x6B, 0x14, 0xC1, 0x69, 0x08, 0xE9, + 0x37, 0x14, 0xD8, 0x76, 0x50, 0x2A, 0xFC, 0xAA, 0x94, 0x7F, + 0x39, 0x52, 0x3A, 0xA7, 0x3C, 0x0A, 0x53, 0x5E, 0xE0, 0x13, + 0x1A, 0x00, 0xCA, 0xAC, 0xAA, 0x7E, 0xF7, 0x09, 0x68, 0x78, + 0x60, 0x11, 0x73, 0xAB, 0x7D, 0x58, 0xFE, 0x03, 0x9F, 0xE6, + 0x84, 0xEA, 0x51, 0x58, 0x40, 0x82, 0xA5, 0xFF, 0xA7, 0x2C, + 0xEA, 0x42, 0xA5, 0x4C, 0xB6, 0x3B, 0x5C, 0x6B, 0xAB, 0xCF, + 0x56, 0x8A, 0x8C, 0xEC, 0x3C, 0xF0, 0xAE, 0xD3, 0xCA, 0x0E, + 0x09, 0x71, 0xCF, 0x79, 0x96, 0x72, 0x63, 0x4B, 0x24, 0x7A, + 0xF3, 0x79, 0xCA, 0x69, 0x75, 0xC9, 0xB2, 0xA4, 0x54, 0xB8, + 0x84, 0x40, 0x2B, 0x8F, 0x24, 0x27, 0x6A, 0xED, 0x8F, 0x53, + 0xE0, 0x55, 0x9B, 0x35, 0x91, 0x18, 0x11, 0xCF, 0xB0, 0x3B, + 0xB8, 0x65, 0x3C, 0xC6, 0xEF, 0xB0, 0x78, 0x7C, 0x43, 0x26, + 0xF1, 0x12, 0x84, 0x6B, 0x2B, 0xF0, 0x7D, 0x3C, 0x7F, 0xDC, + 0x67, 0xA4, 0x17, 0x89, 0x75, 0x00, 0x86, 0x1A, 0xEA, 0xCD, + 0x1A, 0xCF, 0xDA, 0x11, 0x64, 0xCC, 0xBD, 0x10, 0x26, 0xEF, + 0x6B, 0x1B, 0x93, 0xB3, 0x37, 0x14, 0x7F, 0x12, 0x80, 0x81, + 0xB6, 0xFD, 0x8A, 0x8A, 0xD8, 0x95, 0x5F, 0xF9, 0x1E, 0xA5, + 0x1E, 0x65, 0x5F, 0x75, 0x8D, 0x90, 0x2A, 0x0D, 0xB1, 0xAB, + 0x26, 0x16, 0x31, 0xB2, 0x06, 0x64, 0x6F, 0x2B, 0x7E, 0x4A, + 0xF4, 0xDE, 0xE9, 0x7A, 0xEC, 0x67, 0x35, 0xF3, 0x40, 0x71, + 0x75, 0x37, 0xB3, 0xE1, 0x1D, 0xEF, 0x7D, 0xE2, 0x92, 0xEC, + 0xD5, 0xE5, 0xBB, 0x99, 0x79, 0x50, 0x11, 0xB2, 0x8A, 0x57, + 0x1B, 0x30, 0x2E, 0xB7, 0x16, 0x4C, 0xC8, 0xA6, 0x99, 0xB1, + 0x01, 0x34, 0x08, 0x9D, 0xD8, 0xDF, 0xAF }; static const int sizeof_client_cert_der_3072 = sizeof(client_cert_der_3072); @@ -3062,189 +3087,187 @@ static const int sizeof_client_keypub_der_4096 = sizeof(client_keypub_der_4096); /* ./certs/4096/client-cert.der, 4096-bit */ static const unsigned char client_cert_der_4096[] = { - 0x30, 0x82, 0x07, 0x1D, 0x30, 0x82, 0x05, 0x05, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x36, 0x8A, 0xA6, 0x8A, 0x3D, - 0x0A, 0x72, 0xFF, 0xDD, 0xE4, 0x4F, 0x56, 0xBD, 0x89, 0x24, - 0x23, 0x3C, 0x0B, 0xB6, 0x40, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, - 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30, - 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, - 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, - 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, - 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, - 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, - 0x02, 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31, - 0xE4, 0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79, - 0xFC, 0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86, - 0x71, 0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17, - 0x13, 0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D, - 0xAF, 0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A, - 0x12, 0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46, - 0x74, 0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C, - 0x2E, 0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B, - 0xBE, 0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66, - 0xC5, 0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB, - 0xC1, 0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99, - 0x13, 0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4, - 0xD5, 0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17, - 0x05, 0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28, - 0x48, 0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7, - 0xCD, 0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5, - 0x3F, 0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0, - 0x18, 0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C, - 0xF4, 0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7, - 0xC2, 0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D, - 0x80, 0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED, - 0x51, 0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E, - 0x81, 0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3, - 0x8E, 0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5, - 0xAA, 0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1, - 0x8E, 0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2, - 0xFD, 0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A, - 0x8B, 0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C, - 0x9C, 0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5, - 0x88, 0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C, - 0x0B, 0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6, - 0x47, 0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26, - 0xB1, 0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21, - 0xD6, 0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9, - 0x85, 0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3, - 0x51, 0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76, - 0x94, 0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3, - 0x62, 0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31, - 0xE8, 0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57, - 0xC4, 0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA, - 0xBD, 0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54, - 0x9B, 0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F, - 0xEE, 0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6, - 0x44, 0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9, - 0x26, 0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13, - 0xB2, 0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5, - 0x7B, 0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB, - 0xAE, 0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C, - 0x17, 0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9, - 0xC9, 0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD, - 0x0E, 0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02, - 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, 0x30, 0x82, - 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, - 0x16, 0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, - 0x31, 0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, - 0x16, 0xA5, 0x6E, 0x30, 0x81, 0xDE, 0x06, 0x03, 0x55, 0x1D, - 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, 0x14, 0xFA, - 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD, - 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1, - 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, - 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, - 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, - 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, - 0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x36, 0x8A, - 0xA6, 0x8A, 0x3D, 0x0A, 0x72, 0xFF, 0xDD, 0xE4, 0x4F, 0x56, - 0xBD, 0x89, 0x24, 0x23, 0x3C, 0x0B, 0xB6, 0x40, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, - 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, - 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, - 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, - 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, - 0x02, 0x01, 0x00, 0x64, 0xD8, 0x59, 0x19, 0xC0, 0xB5, 0x79, - 0x9E, 0x58, 0x63, 0xAE, 0x8B, 0x28, 0x64, 0x81, 0xD9, 0xD2, - 0xCD, 0xE8, 0x26, 0x1F, 0x04, 0x09, 0x7B, 0x52, 0x0A, 0x7A, - 0x16, 0x70, 0xEE, 0x37, 0x8A, 0x6D, 0x7C, 0x74, 0x67, 0x51, - 0x2F, 0xCF, 0x97, 0xA1, 0xD6, 0x54, 0xA2, 0xA3, 0x93, 0xDD, - 0x2B, 0x63, 0x5E, 0x9F, 0x13, 0x56, 0x7F, 0x8C, 0xE5, 0x9B, - 0x49, 0x19, 0x78, 0xDB, 0x3D, 0x75, 0xFE, 0xB7, 0xB8, 0x57, - 0x92, 0x58, 0xFF, 0x84, 0x8B, 0xD1, 0x2F, 0xF4, 0xB0, 0x22, - 0xD2, 0xF9, 0xBB, 0x00, 0xDD, 0x3B, 0xD2, 0x7A, 0xB9, 0xD9, - 0x50, 0xE5, 0x90, 0x70, 0x2D, 0x77, 0xF2, 0x74, 0xC2, 0x40, - 0x2F, 0x39, 0x25, 0x5D, 0x8E, 0xDE, 0x11, 0xE1, 0xCF, 0xA7, - 0x8F, 0x8E, 0xBD, 0x2A, 0xAA, 0x2E, 0xA1, 0x14, 0x3D, 0x06, - 0x70, 0xC7, 0xC9, 0x58, 0x86, 0x9E, 0x4C, 0x86, 0x65, 0x9E, - 0x69, 0x62, 0x3E, 0x30, 0x22, 0xEB, 0xD5, 0x00, 0xD1, 0x1E, - 0x8C, 0xBA, 0xF2, 0x7B, 0xA3, 0x39, 0x77, 0xFE, 0x90, 0x42, - 0xB7, 0xA4, 0x98, 0x28, 0xD7, 0x82, 0x4A, 0x54, 0x1B, 0x27, - 0xC9, 0xCF, 0x09, 0xB5, 0x60, 0xB6, 0x09, 0x37, 0x40, 0xE9, - 0xA5, 0xCD, 0x3E, 0x80, 0x84, 0xC4, 0xC4, 0xB6, 0x63, 0x06, - 0xEA, 0x5C, 0x63, 0xF2, 0x2B, 0xEE, 0x00, 0x31, 0x52, 0xD8, - 0x6C, 0xCD, 0x6A, 0xD2, 0x57, 0xA0, 0x6B, 0xD5, 0xA7, 0x6E, - 0x4C, 0xCE, 0x3B, 0xFF, 0x44, 0x7D, 0x99, 0xA5, 0xE3, 0xFB, - 0x23, 0x91, 0x99, 0x8C, 0x19, 0xCE, 0x1F, 0xC1, 0xA1, 0x89, - 0xE3, 0xBC, 0xE8, 0x74, 0x2C, 0x3D, 0x80, 0xBC, 0x0C, 0x6C, - 0x6A, 0x39, 0xA6, 0x50, 0x4C, 0xD1, 0x25, 0x1E, 0xA6, 0x96, - 0xF4, 0x54, 0xFD, 0x2A, 0xCE, 0x3C, 0x59, 0xAA, 0x1C, 0x05, - 0xDF, 0xDF, 0x10, 0x9A, 0x2B, 0x52, 0x9C, 0xF1, 0xA8, 0x19, - 0xAC, 0x56, 0x03, 0x56, 0x1F, 0xC9, 0xA5, 0xE4, 0xAA, 0xBC, - 0xE2, 0x90, 0xC1, 0xC9, 0xAD, 0xF5, 0x94, 0x1B, 0x72, 0xA7, - 0xC9, 0x9E, 0x90, 0x26, 0x2E, 0x70, 0x48, 0x41, 0xB5, 0x2F, - 0x6C, 0x35, 0xCA, 0x30, 0xE3, 0xCA, 0x71, 0x5B, 0x97, 0x96, - 0x15, 0x6F, 0xB5, 0x4D, 0x43, 0xD1, 0x5A, 0x02, 0xD0, 0x21, - 0x48, 0xEE, 0x2B, 0xC7, 0x8D, 0xE1, 0x60, 0x92, 0x86, 0x8C, - 0x5E, 0x8D, 0x9C, 0xA1, 0x6A, 0x99, 0xC0, 0xD0, 0x3D, 0x3A, - 0x8C, 0x7E, 0xC3, 0x87, 0xB2, 0x81, 0x8B, 0xE9, 0xBD, 0xB0, - 0xD3, 0xF3, 0x6F, 0xF2, 0x89, 0x40, 0xB9, 0xD1, 0x5C, 0xD0, - 0x1C, 0x9D, 0xBF, 0x80, 0xFC, 0x75, 0x0A, 0x66, 0xC6, 0x5A, - 0xD1, 0x41, 0x15, 0x31, 0x07, 0x55, 0xF8, 0x00, 0x96, 0x77, - 0xB4, 0xA7, 0xDC, 0xD7, 0x62, 0x15, 0xED, 0x75, 0x7A, 0x3E, - 0xCD, 0xB9, 0xE0, 0x56, 0x7D, 0x38, 0x4C, 0x2E, 0xEC, 0xEF, - 0x00, 0x70, 0x93, 0x12, 0x0D, 0x25, 0x5A, 0xE7, 0xF8, 0x02, - 0x37, 0xE8, 0xDD, 0xBB, 0x7E, 0x61, 0x9F, 0xB2, 0xA8, 0x70, - 0xDA, 0x7F, 0x94, 0x7B, 0x29, 0xE0, 0xA4, 0x58, 0x01, 0x8D, - 0x43, 0xF1, 0x25, 0x16, 0x59, 0xFE, 0xD5, 0x21, 0x42, 0xEE, - 0xAB, 0xA8, 0x03, 0x3E, 0xEE, 0x1F, 0x74, 0x1C, 0x43, 0x2D, - 0x37, 0x0F, 0x05, 0x14, 0x29, 0x0D, 0xAC, 0xE8, 0xC7, 0x72, - 0x0E, 0x10, 0xB5, 0x9E, 0xF8, 0x80, 0x41, 0xD0, 0xA2, 0xAA, - 0x6C, 0x94, 0x26, 0x49, 0x91, 0xC7, 0x2C, 0x30, 0x04, 0x2A, - 0x91, 0xF0, 0xE6, 0x7F, 0x76, 0x71, 0x80, 0x09, 0x07, 0x00, - 0x98, 0xB7, 0xF1, 0x1F, 0x3C, 0x0C, 0xDB, 0x98, 0x0A, 0x22, - 0xCC, 0xAF, 0x6F, 0xE5, 0xC7, 0x0D, 0x26, 0xA1, 0x65, 0xB3, - 0x5D, 0x37, 0x04, 0xDE, 0xF4, 0x61, 0x91, 0x06, 0x06, 0xA4, - 0x9A, 0x65, 0x51, 0x8B, 0x3E + 0x30, 0x82, 0x07, 0x07, 0x30, 0x82, 0x04, 0xEF, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA0, 0x3E, 0xDB, 0xCF, + 0x97, 0x9A, 0x72, 0x8C, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, + 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, + 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39, + 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, 0x02, + 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31, 0xE4, + 0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79, 0xFC, + 0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86, 0x71, + 0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17, 0x13, + 0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D, 0xAF, + 0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A, 0x12, + 0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46, 0x74, + 0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C, 0x2E, + 0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B, 0xBE, + 0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66, 0xC5, + 0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB, 0xC1, + 0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99, 0x13, + 0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4, 0xD5, + 0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17, 0x05, + 0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28, 0x48, + 0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7, 0xCD, + 0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5, 0x3F, + 0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0, 0x18, + 0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C, 0xF4, + 0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7, 0xC2, + 0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D, 0x80, + 0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED, 0x51, + 0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E, 0x81, + 0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3, 0x8E, + 0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5, 0xAA, + 0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1, 0x8E, + 0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2, 0xFD, + 0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A, 0x8B, + 0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C, 0x9C, + 0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5, 0x88, + 0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C, 0x0B, + 0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6, 0x47, + 0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26, 0xB1, + 0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21, 0xD6, + 0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9, 0x85, + 0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3, 0x51, + 0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76, 0x94, + 0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3, 0x62, + 0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31, 0xE8, + 0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57, 0xC4, + 0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA, 0xBD, + 0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54, 0x9B, + 0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F, 0xEE, + 0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6, 0x44, + 0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9, 0x26, + 0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13, 0xB2, + 0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5, 0x7B, + 0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB, 0xAE, + 0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C, 0x17, + 0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9, 0xC9, + 0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD, 0x0E, + 0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02, 0x03, + 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x44, 0x30, 0x82, 0x01, + 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, + 0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, + 0xA5, 0x6E, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, 0xFA, 0x54, + 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD, 0xE7, + 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1, 0x81, + 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, + 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, + 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, + 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, + 0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xA0, 0x3E, + 0xDB, 0xCF, 0x97, 0x9A, 0x72, 0x8C, 0x30, 0x0C, 0x06, 0x03, + 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, + 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, + 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, + 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, + 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, + 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, + 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, + 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, + 0x00, 0x17, 0xAB, 0x22, 0x61, 0x05, 0x6D, 0x3A, 0xC0, 0x0D, + 0x6B, 0xD9, 0x15, 0x82, 0x11, 0xCF, 0xE7, 0xF8, 0x65, 0xDA, + 0xC7, 0xEF, 0xDA, 0x0F, 0x50, 0x75, 0xBD, 0x55, 0xCF, 0x3D, + 0x50, 0xDD, 0xD4, 0x0D, 0x2C, 0x04, 0x48, 0xA8, 0x25, 0x3A, + 0xB9, 0xC4, 0xCE, 0x48, 0x7E, 0xB8, 0x63, 0xCD, 0xCD, 0xCE, + 0xBC, 0x50, 0x26, 0xDC, 0x6D, 0xC2, 0x1E, 0xD1, 0x71, 0x3A, + 0x2F, 0xDB, 0xE5, 0x03, 0x6B, 0x73, 0x55, 0x23, 0x70, 0x76, + 0x1E, 0x08, 0x2A, 0x92, 0x7B, 0xD6, 0x6A, 0xEF, 0x17, 0xA0, + 0xF3, 0x8C, 0xEA, 0xEB, 0xC4, 0x2E, 0xCB, 0xD4, 0xD9, 0xD5, + 0xAB, 0xF7, 0xE6, 0x8D, 0xEC, 0xD9, 0x97, 0xA1, 0x56, 0xA7, + 0x0B, 0x5D, 0xE5, 0x3F, 0x1F, 0x5E, 0x6A, 0x7A, 0xA4, 0x64, + 0xD7, 0xB2, 0x42, 0x1A, 0x1E, 0x49, 0x37, 0x93, 0xBC, 0xBE, + 0x13, 0xA8, 0xFB, 0xB1, 0x93, 0x7B, 0xA8, 0x2B, 0x49, 0x90, + 0x43, 0x84, 0x24, 0x60, 0x44, 0xFC, 0x32, 0x74, 0x85, 0x0E, + 0x1B, 0xF8, 0x3A, 0x92, 0x3D, 0xAA, 0x25, 0x1B, 0x9F, 0x97, + 0x31, 0x95, 0x97, 0xC5, 0x3D, 0x51, 0xDD, 0xB6, 0xD5, 0x4A, + 0x7E, 0x41, 0xB3, 0x90, 0x83, 0x7C, 0x98, 0xFA, 0xCB, 0x22, + 0x33, 0xA5, 0xF4, 0x32, 0x74, 0xBD, 0x3E, 0xB1, 0x3B, 0x34, + 0xF9, 0xC3, 0x3F, 0xBE, 0xDB, 0x0E, 0xD9, 0x2F, 0x1A, 0xF9, + 0xD2, 0x4F, 0x14, 0x53, 0x63, 0xF2, 0x21, 0xA3, 0xE9, 0xC3, + 0xAD, 0x04, 0x6E, 0xE7, 0xAD, 0x1F, 0x6B, 0xCE, 0x4E, 0x35, + 0x4A, 0x61, 0x84, 0xB9, 0x61, 0x65, 0x1D, 0xA2, 0xD7, 0xA1, + 0xE6, 0x74, 0x08, 0x15, 0x38, 0x75, 0xB0, 0x23, 0x70, 0x22, + 0x15, 0x59, 0x2C, 0x48, 0xF0, 0xDA, 0x9A, 0x99, 0xD4, 0x2B, + 0x83, 0xDF, 0x9A, 0x93, 0x78, 0x45, 0xB9, 0x84, 0x5C, 0x7E, + 0x71, 0x90, 0xDA, 0x56, 0x1C, 0x9F, 0x57, 0xED, 0x76, 0xF7, + 0x17, 0xE5, 0xD2, 0x01, 0x90, 0x99, 0x5F, 0x4C, 0x07, 0x49, + 0x07, 0x82, 0x75, 0x92, 0x44, 0x7A, 0xFE, 0x9B, 0xA7, 0x4D, + 0xEC, 0xC8, 0xDC, 0x46, 0x67, 0x28, 0x04, 0x8B, 0x08, 0x17, + 0x94, 0x13, 0xE9, 0xA0, 0xD2, 0xB2, 0x26, 0x56, 0x27, 0x60, + 0x94, 0x5A, 0x50, 0x5C, 0xCF, 0x34, 0x4D, 0x3F, 0x35, 0xE7, + 0x12, 0x5D, 0xC5, 0x32, 0x00, 0x2F, 0xE0, 0x1D, 0x09, 0xE5, + 0x36, 0x8D, 0x77, 0x93, 0xF6, 0xE5, 0x62, 0xB4, 0xA3, 0x9B, + 0xC6, 0x7C, 0xE6, 0x3D, 0xD5, 0x38, 0x33, 0x5F, 0x23, 0x5B, + 0x81, 0x2E, 0x24, 0x26, 0x9E, 0x98, 0xA8, 0xAF, 0x04, 0x3D, + 0x65, 0x3F, 0x71, 0x88, 0x48, 0x44, 0x5C, 0x1A, 0x11, 0x0E, + 0x1B, 0xE1, 0x81, 0xB1, 0xB6, 0x66, 0xE6, 0x3C, 0x13, 0x67, + 0xD6, 0x6B, 0xA3, 0xF3, 0xB7, 0xF6, 0x9F, 0x14, 0xA6, 0x87, + 0x7F, 0x2B, 0x14, 0x31, 0x22, 0x7A, 0xF5, 0x0D, 0x44, 0xE6, + 0xA3, 0x1A, 0xD6, 0xD2, 0xDC, 0x88, 0x71, 0x37, 0x28, 0x11, + 0x6C, 0xEF, 0x95, 0xAB, 0x1D, 0xC5, 0xC3, 0x9A, 0xEF, 0x1A, + 0x54, 0x11, 0x92, 0x8E, 0x89, 0x43, 0x03, 0x26, 0xD0, 0xE9, + 0x63, 0x33, 0xFE, 0x79, 0x4C, 0xA6, 0x6F, 0xC4, 0x58, 0x58, + 0x2E, 0xB6, 0xAB, 0x57, 0xA0, 0x39, 0x4D, 0xFF, 0x88, 0xC0, + 0x23, 0x2C, 0x3B, 0xE3, 0x9A, 0xDF, 0x48, 0xD3, 0x17, 0x45, + 0x5D, 0x36, 0x4E, 0x00, 0x58, 0x72, 0xC3, 0xEF, 0xE7, 0x76, + 0x0B, 0xF8, 0x19, 0xA8, 0x5F, 0xF6, 0x53, 0x98, 0x49, 0x2B, + 0x52, 0xB5, 0x8E, 0xA5, 0xD8, 0x73, 0x6E, 0x3C, 0x23, 0x23, + 0x06, 0x86, 0x25, 0x6B, 0x0D, 0x3B, 0xF2, 0x9A, 0x17, 0x33, + 0xA4, 0x4E, 0xF5, 0x6B, 0xDE, 0xB3, 0x64, 0x20, 0x58, 0xC6, + 0x6D, 0x22, 0xA9, 0xAE, 0xF4, 0x09, 0x9D, 0x0D, 0x6E, 0x9F, + 0x96, 0x2A, 0x9E }; static const int sizeof_client_cert_der_4096 = sizeof(client_cert_der_4096); @@ -3349,93 +3372,91 @@ static const int sizeof_ecc_clikeypub_der_256 = sizeof(ecc_clikeypub_der_256); /* ./certs/client-ecc-cert.der, ECC */ static const unsigned char cliecc_cert_der_256[] = { - 0x30, 0x82, 0x03, 0x5F, 0x30, 0x82, 0x03, 0x04, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x61, 0xB3, 0x1E, 0x59, 0xF3, - 0x68, 0x6C, 0xA4, 0x79, 0x42, 0x83, 0x2F, 0x1A, 0x50, 0x71, - 0x03, 0xBE, 0x32, 0xAA, 0x2C, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, - 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, - 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, - 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, - 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, - 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, - 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, - 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, - 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, - 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, - 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, - 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, 0x0F, 0x44, 0x50, - 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D, 0xF5, 0x70, - 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C, - 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, - 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, - 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, - 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, 0xB4, 0xA3, 0x82, - 0x01, 0x3E, 0x30, 0x82, 0x01, 0x3A, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xEB, 0xD4, 0x4B, - 0x59, 0x6B, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, - 0x89, 0x41, 0x88, 0x44, 0x5C, 0xAB, 0xF2, 0x30, 0x81, 0xCD, - 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC5, 0x30, 0x81, - 0xC2, 0x80, 0x14, 0xEB, 0xD4, 0x4B, 0x59, 0x6B, 0x95, 0x61, - 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, 0x44, - 0x5C, 0xAB, 0xF2, 0xA1, 0x81, 0x93, 0xA4, 0x81, 0x90, 0x30, - 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, - 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, - 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, - 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, - 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, - 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x30, 0x82, 0x03, 0x49, 0x30, 0x82, 0x02, 0xEE, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE7, 0x4A, 0x4F, 0xE5, + 0x56, 0x97, 0xCA, 0xC3, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, + 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, + 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, + 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, + 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, + 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x61, 0xB3, 0x1E, 0x59, 0xF3, - 0x68, 0x6C, 0xA4, 0x79, 0x42, 0x83, 0x2F, 0x1A, 0x50, 0x71, - 0x03, 0xBE, 0x32, 0xAA, 0x2C, 0x30, 0x0C, 0x06, 0x03, 0x55, - 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, - 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, - 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, - 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, - 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, - 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, - 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, - 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, - 0x03, 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, - 0xE4, 0xA0, 0x23, 0x26, 0x2B, 0x0B, 0x42, 0x0F, 0x97, 0x37, - 0x6D, 0xCB, 0x14, 0x23, 0xC3, 0xC3, 0xE6, 0x44, 0xCF, 0x5F, - 0x4C, 0x26, 0xA3, 0x72, 0x64, 0x7A, 0x9C, 0xCB, 0x64, 0xAB, - 0xA6, 0xBE, 0x02, 0x21, 0x00, 0xAA, 0xC5, 0xA3, 0x50, 0xF6, - 0xF1, 0xA5, 0xDB, 0x05, 0xE0, 0x75, 0xD2, 0xF7, 0xBA, 0x49, - 0x5F, 0x8F, 0x7D, 0x1C, 0x44, 0xB1, 0x6E, 0xDF, 0xC8, 0xDA, - 0x10, 0x48, 0x2D, 0x53, 0x08, 0xA8, 0xB4 + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x33, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, + 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, + 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, + 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, + 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, + 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, + 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, + 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, 0x0F, 0x44, 0x50, 0x9A, + 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D, 0xF5, 0x70, 0x7B, + 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C, 0xA2, + 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, 0x12, + 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, 0x01, + 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, 0xB2, + 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, 0xB4, 0xA3, 0x82, 0x01, + 0x33, 0x30, 0x82, 0x01, 0x2F, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xEB, 0xD4, 0x4B, 0x59, + 0x6B, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, + 0x41, 0x88, 0x44, 0x5C, 0xAB, 0xF2, 0x30, 0x81, 0xC2, 0x06, + 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xBA, 0x30, 0x81, 0xB7, + 0x80, 0x14, 0xEB, 0xD4, 0x4B, 0x59, 0x6B, 0x95, 0x61, 0x3F, + 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, 0x44, 0x5C, + 0xAB, 0xF2, 0xA1, 0x81, 0x93, 0xA4, 0x81, 0x90, 0x30, 0x81, + 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, + 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, + 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, + 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, + 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, + 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, + 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, + 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, + 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xE7, 0x4A, 0x4F, 0xE5, 0x56, + 0x97, 0xCA, 0xC3, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, + 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, + 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, + 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, + 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, + 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, + 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, + 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, + 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, + 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xE3, 0xBB, + 0xCA, 0x0E, 0x31, 0x2D, 0x39, 0x1D, 0x94, 0x25, 0x81, 0x90, + 0xD5, 0x11, 0xF9, 0x09, 0x6D, 0x58, 0x16, 0x23, 0xBE, 0x9F, + 0xA9, 0x18, 0x64, 0x83, 0x3C, 0x25, 0x03, 0x58, 0x58, 0x39, + 0x02, 0x21, 0x00, 0xA4, 0xAA, 0xB3, 0xF0, 0x09, 0xC9, 0x0C, + 0x2F, 0xF7, 0xB1, 0xD4, 0x8E, 0x9F, 0xA6, 0xB6, 0xAB, 0x1A, + 0xC7, 0x37, 0xED, 0x70, 0x4D, 0x34, 0x04, 0xA0, 0x9B, 0x3D, + 0x84, 0x86, 0x10, 0xA0, 0xF0 }; static const int sizeof_cliecc_cert_der_256 = sizeof(cliecc_cert_der_256); @@ -3477,103 +3498,100 @@ static const int sizeof_ecc_key_pub_der_256 = sizeof(ecc_key_pub_der_256); /* ./certs/server-ecc-comp.der, ECC */ static const unsigned char serv_ecc_comp_der_256[] = { - 0x30, 0x82, 0x03, 0x77, 0x30, 0x82, 0x03, 0x1D, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x2C, 0x04, 0x53, 0x2F, 0xC3, - 0x1B, 0x46, 0x1C, 0xFC, 0xB7, 0x48, 0x3C, 0x25, 0xED, 0xD8, - 0xDE, 0x07, 0x8F, 0xE0, 0xAA, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0xA0, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, - 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, - 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, - 0x45, 0x6C, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, - 0x20, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, - 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, 0x39, - 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, 0x34, - 0x31, 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, 0x69, 0x70, - 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, 0x6D, 0x70, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x45, 0x43, - 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, - 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, - 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x39, 0x30, 0x13, 0x06, - 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, - 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x22, - 0x00, 0x02, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, - 0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, - 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, - 0x2C, 0x16, 0xE8, 0x61, 0xA3, 0x82, 0x01, 0x51, 0x30, 0x82, - 0x01, 0x4D, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, - 0x16, 0x04, 0x14, 0x8C, 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, - 0xDF, 0x6E, 0xF4, 0x59, 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, - 0xA6, 0x5A, 0x18, 0x30, 0x81, 0xE0, 0x06, 0x03, 0x55, 0x1D, - 0x23, 0x04, 0x81, 0xD8, 0x30, 0x81, 0xD5, 0x80, 0x14, 0x8C, - 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, 0x6E, 0xF4, 0x59, - 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, 0x5A, 0x18, 0xA1, - 0x81, 0xA6, 0xA4, 0x81, 0xA3, 0x30, 0x81, 0xA0, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, - 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, - 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, - 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, - 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, - 0x2C, 0x04, 0x53, 0x2F, 0xC3, 0x1B, 0x46, 0x1C, 0xFC, 0xB7, - 0x48, 0x3C, 0x25, 0xED, 0xD8, 0xDE, 0x07, 0x8F, 0xE0, 0xAA, - 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, - 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, - 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, - 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, - 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, - 0x30, 0x45, 0x02, 0x21, 0x00, 0xF4, 0xCC, 0x35, 0x1B, 0x98, - 0x49, 0xE9, 0xB2, 0xA5, 0x86, 0xDF, 0x32, 0xBB, 0xB4, 0x12, - 0x64, 0xAC, 0xA1, 0xDD, 0xCF, 0x09, 0x87, 0x48, 0x6A, 0x1D, - 0xA0, 0x44, 0x25, 0x12, 0x2A, 0xB6, 0x62, 0x02, 0x20, 0x2D, - 0x89, 0xDE, 0xEC, 0x20, 0x13, 0xAD, 0x22, 0x8E, 0xD1, 0xFF, - 0xF2, 0x96, 0x1D, 0xFB, 0xF5, 0xCD, 0xFD, 0x70, 0xEE, 0xAD, - 0x9B, 0x0E, 0x46, 0x1D, 0x60, 0x48, 0x23, 0xED, 0x1E, 0xCF, - 0x8C + 0x30, 0x82, 0x03, 0x61, 0x30, 0x82, 0x03, 0x07, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE5, 0xB6, 0x66, 0xE0, + 0x08, 0x96, 0xC5, 0x95, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0xA0, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, + 0x6C, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, + 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, + 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, + 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, + 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, + 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, 0x33, + 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, + 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, + 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, + 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, 0x69, 0x70, 0x74, + 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, 0x6D, 0x70, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, + 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x45, 0x43, 0x43, + 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x39, 0x30, 0x13, 0x06, 0x07, + 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x22, 0x00, + 0x02, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, + 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, + 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, + 0x16, 0xE8, 0x61, 0xA3, 0x82, 0x01, 0x46, 0x30, 0x82, 0x01, + 0x42, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x8C, 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, + 0x6E, 0xF4, 0x59, 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, + 0x5A, 0x18, 0x30, 0x81, 0xD5, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xCD, 0x30, 0x81, 0xCA, 0x80, 0x14, 0x8C, 0x38, + 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, 0x6E, 0xF4, 0x59, 0xAC, + 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, 0x5A, 0x18, 0xA1, 0x81, + 0xA6, 0xA4, 0x81, 0xA3, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, + 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, + 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, + 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xE5, 0xB6, 0x66, 0xE0, 0x08, 0x96, 0xC5, 0x95, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, + 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, + 0x02, 0x21, 0x00, 0xAE, 0x80, 0xD7, 0xF5, 0x4D, 0x76, 0x79, + 0x5C, 0x01, 0x14, 0x8B, 0xFD, 0x80, 0x79, 0xFB, 0x9B, 0xFE, + 0x8F, 0x0D, 0x9C, 0xC3, 0x7C, 0xE6, 0x80, 0x4C, 0xA6, 0x54, + 0x16, 0x3F, 0xED, 0x1D, 0x5E, 0x02, 0x20, 0x09, 0x61, 0x2D, + 0x84, 0xE9, 0x04, 0x4F, 0x79, 0x0E, 0xE7, 0xF0, 0xCC, 0x52, + 0xD3, 0x2F, 0xE0, 0x89, 0xCF, 0xBE, 0x9B, 0x9F, 0x86, 0x23, + 0x2F, 0xE4, 0xCB, 0x43, 0x16, 0xBB, 0x09, 0x8D, 0x87 }; static const int sizeof_serv_ecc_comp_der_256 = sizeof(serv_ecc_comp_der_256); /* ./certs/server-ecc-rsa.der, ECC */ static const unsigned char serv_ecc_rsa_der_256[] = { - 0x30, 0x82, 0x04, 0x2A, 0x30, 0x82, 0x03, 0x12, 0xA0, 0x03, + 0x30, 0x82, 0x04, 0x1F, 0x30, 0x82, 0x03, 0x07, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, @@ -3591,10 +3609,10 @@ static const unsigned char serv_ecc_rsa_der_256[] = 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, - 0x31, 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, - 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, - 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, + 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, + 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, + 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, @@ -3619,12 +3637,12 @@ static const unsigned char serv_ecc_rsa_der_256[] = 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, - 0x0B, 0x80, 0x34, 0x89, 0xD8, 0xA3, 0x82, 0x01, 0x45, 0x30, - 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x0B, 0x80, 0x34, 0x89, 0xD8, 0xA3, 0x82, 0x01, 0x3A, 0x30, + 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF, 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23, - 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xD4, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, 0xC9, 0x80, 0x14, + 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, @@ -3642,52 +3660,50 @@ static const unsigned char serv_ecc_rsa_der_256[] = 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x5E, - 0xBA, 0xA4, 0xF4, 0xB1, 0xF7, 0x48, 0x25, 0xE3, 0x5F, 0x9B, - 0xDA, 0xA1, 0x13, 0xED, 0xD5, 0x2B, 0x03, 0x67, 0x15, 0x30, - 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, - 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, - 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, - 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, - 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, - 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, - 0x82, 0x01, 0x01, 0x00, 0x69, 0x31, 0x1F, 0x55, 0xAB, 0xA3, - 0x11, 0x91, 0x89, 0xF5, 0xEE, 0x88, 0x8F, 0xC1, 0x53, 0x8B, - 0xF6, 0xEB, 0xFF, 0x14, 0x3B, 0x7A, 0x25, 0x37, 0xF0, 0x19, - 0x20, 0x35, 0x37, 0xF5, 0x27, 0x1E, 0xE9, 0xC1, 0xDB, 0x34, - 0xAC, 0x27, 0x0B, 0xEE, 0x29, 0x9F, 0x7E, 0x8B, 0x89, 0x7D, - 0xC8, 0x1F, 0xB4, 0xEC, 0x75, 0x92, 0xF1, 0x82, 0x4E, 0x22, - 0x02, 0x14, 0x7C, 0x7E, 0xE4, 0x65, 0x09, 0x34, 0x23, 0x0D, - 0x9A, 0x73, 0xBF, 0x86, 0x98, 0x0F, 0xEE, 0x16, 0x57, 0x21, - 0x65, 0x7E, 0x94, 0x96, 0x40, 0x85, 0xBF, 0x3F, 0x9E, 0x11, - 0xA8, 0x8F, 0x7E, 0x9B, 0x4B, 0x82, 0x29, 0xFE, 0xBB, 0x47, - 0xA8, 0x43, 0x9E, 0xDA, 0xFA, 0x4C, 0x40, 0xCF, 0xCA, 0xA6, - 0x98, 0x00, 0x07, 0xBB, 0xC3, 0x86, 0xA8, 0x3F, 0x15, 0xAE, - 0xF5, 0xF9, 0x69, 0x7E, 0x9E, 0x44, 0x2F, 0xC5, 0xA3, 0x33, - 0x1D, 0xDC, 0x04, 0x04, 0xDC, 0x6E, 0x25, 0xC6, 0x7F, 0x15, - 0x7A, 0xF0, 0x99, 0x93, 0x47, 0xF6, 0x8F, 0x41, 0x95, 0xC7, - 0x16, 0x78, 0xF4, 0x5E, 0x48, 0xA3, 0xFE, 0x38, 0x7A, 0x43, - 0xE1, 0x19, 0x40, 0x7E, 0x25, 0x09, 0x23, 0x67, 0xFE, 0x51, - 0x9C, 0xD5, 0xDE, 0xEF, 0xC3, 0x02, 0x23, 0x4F, 0x63, 0xBA, - 0xEC, 0xB8, 0x56, 0x17, 0x04, 0x07, 0x29, 0x09, 0x3E, 0xA8, - 0xF8, 0xD6, 0x76, 0x2B, 0xF7, 0x79, 0x56, 0x3D, 0x39, 0x0A, - 0xDF, 0x6F, 0xC5, 0x5A, 0x2F, 0x81, 0x1F, 0x63, 0x15, 0x36, - 0x51, 0x07, 0xE2, 0x8B, 0xCB, 0x6C, 0xCF, 0x6E, 0x92, 0xA7, - 0xCA, 0x3B, 0xF6, 0xC5, 0x66, 0x34, 0x84, 0x5A, 0x47, 0x20, - 0xE3, 0x63, 0x04, 0x5F, 0x38, 0x35, 0xA4, 0xD3, 0x3D, 0x3A, - 0xE1, 0x85, 0x85, 0x62, 0x85, 0x5B, 0x69, 0xAD, 0xAA, 0xE9, - 0x40, 0x28, 0xD7, 0xF9, 0x7C, 0x53, 0x48, 0xC0, 0x1B, 0xCC - + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xAA, 0xD3, 0x3F, 0xAC, 0x18, 0x0A, 0x37, 0x4D, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, + 0x01, 0x01, 0x00, 0x4B, 0xCD, 0xC5, 0x8F, 0xFC, 0xBB, 0xC3, + 0x36, 0xC5, 0xD4, 0x4D, 0x71, 0x04, 0x13, 0x53, 0xA0, 0x3C, + 0xA3, 0x4E, 0x2A, 0xDD, 0x0D, 0xD3, 0xA7, 0x62, 0x31, 0x0D, + 0xC6, 0x32, 0x07, 0x31, 0xD4, 0x6B, 0x0F, 0x8B, 0x55, 0xA2, + 0x2F, 0x2C, 0xB3, 0xAE, 0x46, 0x91, 0x8A, 0x09, 0xBE, 0x7E, + 0xFF, 0xE2, 0x67, 0x46, 0xF2, 0x7E, 0xD4, 0x6F, 0xBE, 0x5D, + 0x57, 0x42, 0xFD, 0x3A, 0x56, 0xB0, 0xE8, 0x0E, 0x4D, 0x12, + 0xFD, 0xF5, 0x00, 0xCA, 0x6F, 0xBD, 0x88, 0x0C, 0x04, 0x47, + 0x1A, 0xEC, 0x5D, 0x96, 0x3F, 0xB6, 0xA5, 0x8B, 0x9D, 0x47, + 0xA6, 0x4F, 0x82, 0x07, 0x33, 0x9D, 0x11, 0x0A, 0x3D, 0x38, + 0x1D, 0x21, 0x4F, 0xD4, 0x1E, 0x1D, 0xA6, 0xD7, 0x6B, 0x72, + 0x1C, 0x51, 0xE1, 0x7A, 0x7A, 0x6C, 0x76, 0x2C, 0x98, 0x14, + 0x48, 0xFD, 0xF1, 0xD1, 0x7C, 0x53, 0x86, 0xED, 0x8C, 0x5F, + 0x4F, 0x0F, 0x27, 0x5D, 0x45, 0xBE, 0xED, 0x26, 0x90, 0xD2, + 0x51, 0x04, 0x4D, 0x06, 0x5B, 0x64, 0x1C, 0x5E, 0x31, 0x63, + 0xCC, 0xD4, 0xD5, 0x0B, 0x28, 0xCC, 0xE2, 0x29, 0x40, 0x75, + 0x87, 0x21, 0x64, 0x8E, 0x8B, 0x87, 0xEF, 0x90, 0xBB, 0x46, + 0x91, 0x91, 0xF9, 0x63, 0xF8, 0xB0, 0xA7, 0x5E, 0x8D, 0xE8, + 0x20, 0xC6, 0xB7, 0x5A, 0xD9, 0x0E, 0x35, 0xFB, 0xBA, 0xD1, + 0x09, 0xD1, 0x98, 0xA6, 0x61, 0x25, 0xE2, 0x0D, 0x97, 0xC4, + 0x1B, 0x0F, 0xBC, 0xB6, 0xEC, 0xE7, 0x96, 0x80, 0xB8, 0xE5, + 0x55, 0x03, 0x1E, 0x7F, 0xB5, 0xFD, 0x40, 0x06, 0xCC, 0xAA, + 0x7B, 0xF0, 0xB3, 0x81, 0x2E, 0xE1, 0x4E, 0x3A, 0x52, 0xE3, + 0xF3, 0xC4, 0xD3, 0x8C, 0x78, 0x49, 0x00, 0x3A, 0x57, 0xDF, + 0x0E, 0xAA, 0x2F, 0x14, 0x52, 0x3F, 0xC8, 0xFA, 0x82, 0xB9, + 0xBF, 0x27, 0xF8, 0x9C, 0x42, 0xB7, 0x44, 0x36, 0x68 }; static const int sizeof_serv_ecc_rsa_der_256 = sizeof(serv_ecc_rsa_der_256); /* ./certs/server-ecc.der, ECC */ static const unsigned char serv_ecc_der_256[] = { - 0x30, 0x82, 0x02, 0xA0, 0x30, 0x82, 0x02, 0x47, 0xA0, 0x03, + 0x30, 0x82, 0x02, 0xA1, 0x30, 0x82, 0x02, 0x47, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x03, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, @@ -3705,10 +3721,10 @@ static const unsigned char serv_ecc_der_256[] = 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, - 0x31, 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, - 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, - 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, + 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, + 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, + 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, @@ -3747,14 +3763,14 @@ static const unsigned char serv_ecc_der_256[] = 0x03, 0x01, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, - 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, - 0x7C, 0xFB, 0xBB, 0x4B, 0xC0, 0xF6, 0x21, 0x84, 0x04, 0x87, - 0xF8, 0x90, 0x4D, 0xC1, 0xF6, 0xC2, 0x67, 0x95, 0xC4, 0xF3, - 0xE8, 0x8E, 0x5E, 0x43, 0xDF, 0xC2, 0x74, 0xDC, 0xFD, 0x86, - 0x6F, 0x7D, 0x02, 0x20, 0x1B, 0x4C, 0x97, 0xF0, 0x93, 0x4C, - 0x61, 0x26, 0xEA, 0xA7, 0xD9, 0x93, 0x22, 0x4E, 0x21, 0x46, - 0x14, 0x9E, 0x24, 0xBF, 0xF5, 0xD5, 0xAB, 0x3B, 0xAE, 0x69, - 0x40, 0xCF, 0x6F, 0xE0, 0xD3, 0x82 + 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, + 0x61, 0x6F, 0xE8, 0xB9, 0xAD, 0xCC, 0xC9, 0x1A, 0x81, 0x17, + 0x02, 0x64, 0x07, 0xC3, 0x18, 0x44, 0x01, 0x81, 0x76, 0x18, + 0x9D, 0x6D, 0x3D, 0x7D, 0xCB, 0xC1, 0x5A, 0x76, 0x4A, 0xAD, + 0x71, 0x55, 0x02, 0x21, 0x00, 0xCD, 0x22, 0x35, 0x04, 0x19, + 0xC2, 0x23, 0x21, 0x02, 0x88, 0x4B, 0x51, 0xDA, 0xDB, 0x51, + 0xAB, 0x54, 0x8C, 0xCB, 0x38, 0xAC, 0x8E, 0xBB, 0xEE, 0x18, + 0x07, 0xBF, 0x88, 0x36, 0x88, 0xFF, 0xD5 }; static const int sizeof_serv_ecc_der_256 = sizeof(serv_ecc_der_256); @@ -3780,73 +3796,72 @@ static const int sizeof_ca_ecc_key_der_256 = sizeof(ca_ecc_key_der_256); /* ./certs/ca-ecc-cert.der, ECC */ static const unsigned char ca_ecc_cert_der_256[] = { - 0x30, 0x82, 0x02, 0x94, 0x30, 0x82, 0x02, 0x3B, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x7E, 0xBD, 0xD9, 0xC1, 0xA5, - 0xB2, 0x60, 0xA4, 0xBA, 0xF4, 0x86, 0xCF, 0x13, 0xAC, 0x77, - 0x84, 0xBE, 0xAC, 0x07, 0xE7, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, - 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, - 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0B, 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, - 0x6E, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, - 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, - 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, - 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, - 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, - 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, - 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, - 0x03, 0x42, 0x00, 0x04, 0x02, 0xD3, 0xD9, 0x6E, 0xD6, 0x01, - 0x8E, 0x45, 0xC8, 0xB9, 0x90, 0x31, 0xE5, 0xC0, 0x4C, 0xE3, - 0x9E, 0xAD, 0x29, 0x38, 0x98, 0xBA, 0x10, 0xD6, 0xE9, 0x09, - 0x2A, 0x80, 0xA9, 0x2E, 0x17, 0x2A, 0xB9, 0x8A, 0xBF, 0x33, - 0x83, 0x46, 0xE3, 0x95, 0x0B, 0xE4, 0x77, 0x40, 0xB5, 0x3B, - 0x43, 0x45, 0x33, 0x0F, 0x61, 0x53, 0x7C, 0x37, 0x44, 0xC1, - 0xCB, 0xFC, 0x80, 0xCA, 0xE8, 0x43, 0xEA, 0xA7, 0xA3, 0x63, - 0x30, 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, - 0x16, 0x04, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, - 0x18, 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, - 0xF3, 0xA5, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, - 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x56, 0x8E, 0x9A, 0xC3, - 0xF0, 0x42, 0xDE, 0x18, 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, - 0xCF, 0xEA, 0xC3, 0xF3, 0xA5, 0x21, 0x30, 0x0F, 0x06, 0x03, - 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, - 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, - 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, - 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, - 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, 0x06, 0xC3, - 0x0A, 0x69, 0x01, 0x57, 0x31, 0x17, 0x09, 0x3F, 0x21, 0x95, - 0x4F, 0x3F, 0xC5, 0x20, 0xE3, 0x21, 0x86, 0x75, 0x47, 0x5E, - 0x87, 0xF7, 0x48, 0x8A, 0x1E, 0x01, 0xFA, 0xD2, 0x67, 0xC8, - 0x02, 0x20, 0x7D, 0xC8, 0xE9, 0x2D, 0x5B, 0x74, 0x28, 0x87, - 0x71, 0xDB, 0xA3, 0x0E, 0x19, 0x84, 0xCC, 0xB3, 0xA6, 0x83, - 0x35, 0x75, 0xF8, 0x05, 0xDD, 0xFC, 0x5E, 0x51, 0x2B, 0x18, - 0x98, 0xC4, 0xAC, 0x95 + 0x30, 0x82, 0x02, 0x8A, 0x30, 0x82, 0x02, 0x30, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x83, 0x47, 0x7C, 0x81, + 0xD6, 0x0D, 0x1C, 0x4E, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, + 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, + 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, + 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, + 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, + 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x33, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, + 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, + 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, + 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, + 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, 0x65, + 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, + 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, + 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, + 0x42, 0x00, 0x04, 0x02, 0xD3, 0xD9, 0x6E, 0xD6, 0x01, 0x8E, + 0x45, 0xC8, 0xB9, 0x90, 0x31, 0xE5, 0xC0, 0x4C, 0xE3, 0x9E, + 0xAD, 0x29, 0x38, 0x98, 0xBA, 0x10, 0xD6, 0xE9, 0x09, 0x2A, + 0x80, 0xA9, 0x2E, 0x17, 0x2A, 0xB9, 0x8A, 0xBF, 0x33, 0x83, + 0x46, 0xE3, 0x95, 0x0B, 0xE4, 0x77, 0x40, 0xB5, 0x3B, 0x43, + 0x45, 0x33, 0x0F, 0x61, 0x53, 0x7C, 0x37, 0x44, 0xC1, 0xCB, + 0xFC, 0x80, 0xCA, 0xE8, 0x43, 0xEA, 0xA7, 0xA3, 0x63, 0x30, + 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, 0x18, + 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, 0xF3, + 0xA5, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, + 0x18, 0x30, 0x16, 0x80, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, + 0x42, 0xDE, 0x18, 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, + 0xEA, 0xC3, 0xF3, 0xA5, 0x21, 0x30, 0x0F, 0x06, 0x03, 0x55, + 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, + 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, + 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, + 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0xC5, 0x83, + 0xFF, 0x1E, 0x51, 0xF7, 0xA1, 0xE9, 0xF1, 0x42, 0xC4, 0xBE, + 0xED, 0x38, 0xBD, 0x38, 0x32, 0x8F, 0xAE, 0x3F, 0xC7, 0x6D, + 0x11, 0x90, 0xE9, 0x99, 0xAB, 0x61, 0xA2, 0xDB, 0xA7, 0x4B, + 0x02, 0x20, 0x28, 0x40, 0xD9, 0xBA, 0x45, 0xCC, 0xA6, 0xEA, + 0xFA, 0x3F, 0x3E, 0x71, 0x44, 0x8E, 0x02, 0x03, 0x2F, 0x41, + 0x0B, 0x56, 0x78, 0x2D, 0xA6, 0xE8, 0x5E, 0xF6, 0xFF, 0xDA, + 0x62, 0x8C, 0xF9, 0xDF }; static const int sizeof_ca_ecc_cert_der_256 = sizeof(ca_ecc_cert_der_256); @@ -3876,79 +3891,78 @@ static const int sizeof_ca_ecc_key_der_384 = sizeof(ca_ecc_key_der_384); /* ./certs/ca-ecc384-cert.der, ECC */ static const unsigned char ca_ecc_cert_der_384[] = { - 0x30, 0x82, 0x02, 0xD3, 0x30, 0x82, 0x02, 0x58, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x20, 0xDA, 0x85, 0x3F, 0x78, - 0xC9, 0x83, 0x3B, 0xAE, 0xAA, 0x5A, 0x67, 0x49, 0x27, 0x78, - 0xBA, 0x90, 0xDE, 0x66, 0x6E, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x30, 0x81, 0x97, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, - 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, - 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0B, 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, - 0x6E, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, - 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, - 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, - 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, - 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x76, 0x30, - 0x10, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, - 0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, - 0x04, 0xEE, 0x82, 0xD4, 0x39, 0x9A, 0xB1, 0x27, 0x82, 0xF4, - 0xD7, 0xEA, 0xC6, 0xBC, 0x03, 0x1D, 0x4D, 0x83, 0x61, 0xF4, - 0x03, 0xAE, 0x7E, 0xBD, 0xD8, 0x5A, 0xA5, 0xB9, 0xF0, 0x8E, - 0xA2, 0xA5, 0xDA, 0xCE, 0x87, 0x3B, 0x5A, 0xAB, 0x44, 0x16, - 0x9C, 0xF5, 0x9F, 0x62, 0xDD, 0xF6, 0x20, 0xCD, 0x9C, 0x76, - 0x3C, 0x40, 0xB1, 0x3F, 0x97, 0x17, 0xDF, 0x59, 0xF6, 0xCD, - 0xDE, 0xCD, 0x46, 0x35, 0xC0, 0xED, 0x5E, 0x2E, 0x48, 0xB6, - 0x66, 0x91, 0x71, 0x74, 0xB7, 0x0C, 0x3F, 0xB9, 0x9A, 0xB7, - 0x83, 0xBD, 0x93, 0x3F, 0x5F, 0x50, 0x2D, 0x70, 0x3F, 0xDE, - 0x35, 0x25, 0xE1, 0x90, 0x3B, 0x86, 0xE0, 0xA3, 0x63, 0x30, - 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, - 0x04, 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, 0x18, 0xD4, 0x72, - 0xBB, 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, 0x92, 0x80, 0x12, - 0x53, 0x52, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, - 0x18, 0x30, 0x16, 0x80, 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, - 0x18, 0xD4, 0x72, 0xBB, 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, - 0x92, 0x80, 0x12, 0x53, 0x52, 0x30, 0x0F, 0x06, 0x03, 0x55, - 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, - 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, - 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, - 0x03, 0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xD2, 0x4E, - 0x24, 0xAF, 0x70, 0x3E, 0x93, 0x0B, 0x2E, 0xD5, 0x7C, 0x71, - 0xF3, 0x61, 0x3E, 0x8E, 0x71, 0x6D, 0x2E, 0x60, 0xDE, 0xFB, - 0xEF, 0x3F, 0xBE, 0x02, 0xB6, 0x14, 0x45, 0x9B, 0x0A, 0x12, - 0xAF, 0xAF, 0x41, 0xD6, 0xBB, 0x79, 0xAB, 0xD1, 0x4E, 0x8D, - 0x9D, 0xDC, 0x98, 0x25, 0x4E, 0xAA, 0x02, 0x31, 0x00, 0xCF, - 0x2F, 0xB7, 0x32, 0x70, 0xE7, 0x85, 0x69, 0x17, 0xDF, 0x53, - 0x75, 0x2B, 0x36, 0x74, 0xD6, 0x1B, 0xA2, 0x62, 0xF9, 0x80, - 0x19, 0xC1, 0x3A, 0xEA, 0x9A, 0x05, 0x80, 0xB6, 0xC5, 0xF8, - 0xA2, 0xA2, 0xFF, 0xF6, 0x3D, 0xAA, 0x34, 0xD6, 0xE1, 0x1F, - 0xE3, 0x93, 0x66, 0xE7, 0x91, 0x4D, 0xFA + 0x30, 0x82, 0x02, 0xC7, 0x30, 0x82, 0x02, 0x4D, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA8, 0x60, 0xFD, 0x75, + 0x07, 0x98, 0x55, 0x6A, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x30, 0x81, 0x97, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, + 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, + 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, + 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, + 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, + 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x33, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, + 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, + 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, + 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, + 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, 0x65, + 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x76, 0x30, 0x10, + 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, + 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, + 0xEE, 0x82, 0xD4, 0x39, 0x9A, 0xB1, 0x27, 0x82, 0xF4, 0xD7, + 0xEA, 0xC6, 0xBC, 0x03, 0x1D, 0x4D, 0x83, 0x61, 0xF4, 0x03, + 0xAE, 0x7E, 0xBD, 0xD8, 0x5A, 0xA5, 0xB9, 0xF0, 0x8E, 0xA2, + 0xA5, 0xDA, 0xCE, 0x87, 0x3B, 0x5A, 0xAB, 0x44, 0x16, 0x9C, + 0xF5, 0x9F, 0x62, 0xDD, 0xF6, 0x20, 0xCD, 0x9C, 0x76, 0x3C, + 0x40, 0xB1, 0x3F, 0x97, 0x17, 0xDF, 0x59, 0xF6, 0xCD, 0xDE, + 0xCD, 0x46, 0x35, 0xC0, 0xED, 0x5E, 0x2E, 0x48, 0xB6, 0x66, + 0x91, 0x71, 0x74, 0xB7, 0x0C, 0x3F, 0xB9, 0x9A, 0xB7, 0x83, + 0xBD, 0x93, 0x3F, 0x5F, 0x50, 0x2D, 0x70, 0x3F, 0xDE, 0x35, + 0x25, 0xE1, 0x90, 0x3B, 0x86, 0xE0, 0xA3, 0x63, 0x30, 0x61, + 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, + 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, 0x18, 0xD4, 0x72, 0xBB, + 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, 0x92, 0x80, 0x12, 0x53, + 0x52, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, + 0x30, 0x16, 0x80, 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, 0x18, + 0xD4, 0x72, 0xBB, 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, 0x92, + 0x80, 0x12, 0x53, 0x52, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, + 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, + 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, + 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, 0x06, + 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x03, + 0x68, 0x00, 0x30, 0x65, 0x02, 0x30, 0x47, 0xA2, 0x36, 0x33, + 0xF4, 0x27, 0xBD, 0xD0, 0x5C, 0xE6, 0x8D, 0x3E, 0x31, 0xA9, + 0x4E, 0x51, 0x57, 0xA9, 0x93, 0x28, 0x72, 0x0A, 0x72, 0xAB, + 0x6E, 0xF9, 0x56, 0xC0, 0xF5, 0x70, 0x02, 0x9F, 0x9C, 0xB2, + 0x4A, 0x9C, 0x3E, 0x9F, 0xFB, 0xC5, 0x64, 0x26, 0x7A, 0x88, + 0xDC, 0x4A, 0x2A, 0x25, 0x02, 0x31, 0x00, 0x88, 0xF8, 0xE2, + 0xD5, 0x20, 0x82, 0xF2, 0xDE, 0x7B, 0xCB, 0x13, 0xAC, 0xCD, + 0xFF, 0xE8, 0x1E, 0x4E, 0x84, 0x3D, 0x9C, 0xAF, 0x5D, 0xF9, + 0x01, 0xE7, 0x4F, 0xD4, 0x03, 0x09, 0x84, 0x3D, 0x7B, 0x2B, + 0x83, 0xE2, 0xAE, 0x08, 0x68, 0x2E, 0x5B, 0x85, 0x6F, 0x43, + 0xF5, 0x41, 0xE0, 0xC7, 0xC9 }; static const int sizeof_ca_ecc_cert_der_384 = sizeof(ca_ecc_cert_der_384); @@ -3981,231 +3995,250 @@ static const unsigned char dh_g[] = /* ./certs/ed25519/server-ed25519.der, ED25519 */ static const unsigned char server_ed25519_cert[] = { - 0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x02, 0x04, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x10, 0x00, 0xCD, 0xF2, 0x2F, 0xBE, - 0xDC, 0x07, 0xFA, 0xBB, 0x65, 0x03, 0xE2, 0xFF, 0xEA, 0x6A, - 0x99, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x30, 0x81, - 0x9D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, - 0x02, 0x43, 0x41, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, - 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x07, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, - 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, - 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x22, - 0x18, 0x0F, 0x32, 0x30, 0x31, 0x38, 0x30, 0x34, 0x31, 0x32, - 0x31, 0x36, 0x32, 0x32, 0x31, 0x37, 0x5A, 0x18, 0x0F, 0x32, - 0x30, 0x32, 0x31, 0x30, 0x31, 0x30, 0x37, 0x31, 0x35, 0x32, - 0x32, 0x31, 0x37, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, - 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, - 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x0D, 0x30, 0x0B, - 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, 0x04, 0x4C, 0x65, 0x61, - 0x66, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x07, - 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, - 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x21, 0x00, 0x61, 0x5D, - 0xEC, 0xB7, 0x45, 0x93, 0xC9, 0x84, 0x7B, 0x68, 0x21, 0x4A, - 0x4D, 0xF4, 0x04, 0x8B, 0xBD, 0xCD, 0x6C, 0x5D, 0x3D, 0xB7, - 0x62, 0x2C, 0x2D, 0x25, 0xC3, 0x22, 0x49, 0xC8, 0x86, 0xF2, - 0xA3, 0x52, 0x30, 0x50, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xC8, 0x28, 0x63, 0x8C, - 0xF4, 0x57, 0xEE, 0x1E, 0xB0, 0xC7, 0x12, 0x12, 0x76, 0x8A, - 0x80, 0x30, 0x3A, 0xCB, 0x10, 0x30, 0x1F, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x92, 0x3F, - 0x96, 0x72, 0x02, 0xFA, 0x61, 0x1C, 0x21, 0x6D, 0x88, 0xDD, - 0xEB, 0xDD, 0x3C, 0x9B, 0x17, 0xC4, 0x9F, 0xB7, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, - 0x03, 0x02, 0x06, 0xC0, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, - 0x70, 0x03, 0x41, 0x00, 0x15, 0x88, 0x86, 0xFC, 0x66, 0xD1, - 0xE0, 0xF6, 0xCF, 0xC9, 0x09, 0x46, 0xD0, 0x50, 0xE2, 0x01, - 0x5D, 0xF7, 0xCF, 0x57, 0xB8, 0xBA, 0x90, 0x84, 0xCB, 0xF1, - 0x24, 0x4B, 0xEF, 0xA5, 0x95, 0x7D, 0x69, 0x92, 0x88, 0xA8, - 0x89, 0x63, 0xCC, 0x90, 0x40, 0xC2, 0x41, 0x3A, 0x40, 0x76, - 0xB1, 0x2D, 0xA8, 0xA8, 0x97, 0xC9, 0x73, 0xC7, 0x82, 0x30, - 0x24, 0x61, 0xB0, 0xAA, 0xCA, 0xAA, 0x68, 0x00 + 0x30, 0x82, 0x02, 0x75, 0x30, 0x82, 0x02, 0x27, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x05, 0x06, 0x03, + 0x2B, 0x65, 0x70, 0x30, 0x81, 0x9B, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0A, 0x43, 0x41, 0x2D, 0x65, 0x64, 0x32, 0x35, 0x35, + 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x33, 0x31, + 0x30, 0x30, 0x36, 0x34, 0x39, 0x30, 0x33, 0x5A, 0x17, 0x0D, + 0x32, 0x33, 0x31, 0x32, 0x30, 0x35, 0x30, 0x36, 0x34, 0x39, + 0x30, 0x33, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0E, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2D, 0x65, + 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, 0x06, + 0x03, 0x2B, 0x65, 0x70, 0x03, 0x21, 0x00, 0x23, 0xAA, 0x4D, + 0x60, 0x50, 0xE0, 0x13, 0xD3, 0x3A, 0xED, 0xAB, 0xF6, 0xA9, + 0xCC, 0x4A, 0xFE, 0xD7, 0x4D, 0x2F, 0xD2, 0x5B, 0x1A, 0x10, + 0x05, 0xEF, 0x5A, 0x41, 0x25, 0xCE, 0x1B, 0x53, 0x78, 0xA3, + 0x81, 0x89, 0x30, 0x81, 0x86, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xA3, 0x29, 0x81, 0xE7, + 0x90, 0x6F, 0xB9, 0x60, 0xF8, 0xAF, 0xCC, 0x15, 0x7A, 0xAE, + 0xD7, 0xA1, 0xF4, 0xB4, 0x86, 0xBA, 0x30, 0x1F, 0x06, 0x03, + 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x74, + 0xD5, 0x38, 0x19, 0x5E, 0x83, 0xB9, 0x03, 0xF8, 0x01, 0x8A, + 0x35, 0x35, 0xBB, 0x89, 0x4C, 0x49, 0xB4, 0x23, 0xE9, 0x30, + 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, + 0x02, 0x30, 0x00, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, + 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x03, 0xA8, 0x30, + 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, 0x0A, + 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, + 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, + 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, + 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0xF3, + 0xC2, 0xEF, 0x8B, 0x55, 0x65, 0x4F, 0xBC, 0xE3, 0xDF, 0xFC, + 0xD8, 0xA1, 0xAD, 0x8E, 0x43, 0x07, 0x73, 0xC8, 0x58, 0xC3, + 0x46, 0x0A, 0xC1, 0xF1, 0x4D, 0x3F, 0xFB, 0x3D, 0x78, 0xE6, + 0x76, 0x58, 0x26, 0xCE, 0xD7, 0x59, 0x55, 0xEC, 0xC5, 0xB5, + 0xB4, 0x05, 0xED, 0xF9, 0xD4, 0x97, 0x69, 0x66, 0xD6, 0x2C, + 0x1B, 0x43, 0x5A, 0x51, 0x5C, 0xBE, 0x10, 0x28, 0x95, 0xC4, + 0x96, 0xAF, 0x00 }; static const int sizeof_server_ed25519_cert = sizeof(server_ed25519_cert); /* ./certs/ed25519/server-ed25519-key.der, ED25519 */ static const unsigned char server_ed25519_key[] = { - 0x30, 0x52, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2B, - 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x02, 0x2F, 0xC5, 0xFF, - 0xBA, 0x8E, 0xD0, 0xD2, 0xBF, 0x03, 0x8E, 0x76, 0x8F, 0xC8, - 0x86, 0x80, 0x71, 0x87, 0x97, 0x31, 0xE2, 0x40, 0xAC, 0xDF, - 0xBB, 0x90, 0x15, 0x52, 0x6E, 0x24, 0xA1, 0x39, 0xA1, 0x22, - 0x04, 0x20, 0x61, 0x5D, 0xEC, 0xB7, 0x45, 0x93, 0xC9, 0x84, - 0x7B, 0x68, 0x21, 0x4A, 0x4D, 0xF4, 0x04, 0x8B, 0xBD, 0xCD, - 0x6C, 0x5D, 0x3D, 0xB7, 0x62, 0x2C, 0x2D, 0x25, 0xC3, 0x22, - 0x49, 0xC8, 0x86, 0xF2 + 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, + 0x21, 0x00, 0x23, 0xAA, 0x4D, 0x60, 0x50, 0xE0, 0x13, 0xD3, + 0x3A, 0xED, 0xAB, 0xF6, 0xA9, 0xCC, 0x4A, 0xFE, 0xD7, 0x4D, + 0x2F, 0xD2, 0x5B, 0x1A, 0x10, 0x05, 0xEF, 0x5A, 0x41, 0x25, + 0xCE, 0x1B, 0x53, 0x78 }; static const int sizeof_server_ed25519_key = sizeof(server_ed25519_key); /* ./certs/ed25519/ca-ed25519.der, ED25519 */ static const unsigned char ca_ed25519_cert[] = { - 0x30, 0x82, 0x02, 0x60, 0x30, 0x82, 0x02, 0x12, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x10, 0x00, 0x80, 0xBA, 0x68, 0x77, - 0xEF, 0xA5, 0xE5, 0x42, 0x7D, 0xC6, 0x73, 0x2C, 0x54, 0x85, - 0xB8, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x30, 0x81, - 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, - 0x04, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x07, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, - 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x30, 0x82, 0x02, 0x4C, 0x30, 0x82, 0x01, 0xFE, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x05, 0x06, 0x03, + 0x2B, 0x65, 0x70, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x45, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0C, 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x45, 0x64, 0x32, + 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x22, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x38, 0x30, 0x34, - 0x31, 0x32, 0x31, 0x36, 0x32, 0x32, 0x31, 0x37, 0x5A, 0x18, - 0x0F, 0x32, 0x30, 0x32, 0x31, 0x30, 0x31, 0x30, 0x37, 0x31, - 0x35, 0x32, 0x32, 0x31, 0x37, 0x5A, 0x30, 0x81, 0x9D, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, 0x02, 0x43, - 0x41, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x07, - 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, - 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x21, 0x00, 0x65, 0xAA, - 0x7F, 0x05, 0xA4, 0x04, 0x34, 0xA0, 0xEA, 0xAD, 0x1F, 0xA9, - 0x86, 0xF0, 0xD8, 0x7F, 0x72, 0xDF, 0xA9, 0x0E, 0x13, 0xA0, - 0x38, 0x66, 0x26, 0x5E, 0xEB, 0x48, 0x30, 0x80, 0x48, 0x49, - 0xA3, 0x60, 0x30, 0x5E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, - 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1D, - 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x92, - 0x3F, 0x96, 0x72, 0x02, 0xFA, 0x61, 0x1C, 0x21, 0x6D, 0x88, - 0xDD, 0xEB, 0xDD, 0x3C, 0x9B, 0x17, 0xC4, 0x9F, 0xB7, 0x30, - 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, - 0x80, 0x14, 0xFE, 0x01, 0x46, 0x7F, 0x6F, 0x2B, 0x3E, 0x1C, - 0xB0, 0x6F, 0xE1, 0xCC, 0x4D, 0x02, 0x25, 0xF7, 0x4D, 0x0A, - 0x95, 0xB8, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, - 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0xC6, 0x30, 0x05, - 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x4C, 0x40, - 0xD0, 0x7F, 0xBC, 0xFB, 0xF4, 0xA2, 0x1A, 0x58, 0xF6, 0x72, - 0xE3, 0xE8, 0xDA, 0x18, 0x0D, 0x94, 0xDC, 0x0E, 0xFD, 0xC1, - 0xE7, 0x02, 0xA5, 0x7A, 0xEE, 0xCB, 0xC2, 0x7E, 0xFA, 0xA1, - 0xFC, 0x15, 0x9A, 0xFE, 0x1E, 0xE0, 0x37, 0xDF, 0x7F, 0xAB, - 0x76, 0x50, 0x06, 0xD4, 0x3D, 0x1A, 0x65, 0x73, 0x3F, 0x92, - 0xD4, 0x44, 0x62, 0xA7, 0x4C, 0xB3, 0x2A, 0x01, 0x87, 0xE3, - 0x06, 0x06 + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, + 0x33, 0x31, 0x30, 0x30, 0x36, 0x34, 0x39, 0x30, 0x33, 0x5A, + 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x30, 0x35, 0x30, 0x36, + 0x34, 0x39, 0x30, 0x33, 0x5A, 0x30, 0x81, 0x9B, 0x31, 0x0B, + 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, + 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, + 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, + 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, + 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, + 0x35, 0x31, 0x39, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x41, 0x2D, 0x65, 0x64, 0x32, + 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, + 0x65, 0x70, 0x03, 0x21, 0x00, 0x42, 0x3B, 0x7A, 0xF9, 0x82, + 0xCF, 0xF9, 0xDF, 0x19, 0xDD, 0xF3, 0xF0, 0x32, 0x29, 0x6D, + 0xFA, 0xFD, 0x76, 0x4F, 0x68, 0xC2, 0xC2, 0xE0, 0x6C, 0x47, + 0xAE, 0xC2, 0x55, 0x68, 0xAC, 0x0D, 0x4D, 0xA3, 0x63, 0x30, + 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x74, 0xD5, 0x38, 0x19, 0x5E, 0x83, 0xB9, 0x03, + 0xF8, 0x01, 0x8A, 0x35, 0x35, 0xBB, 0x89, 0x4C, 0x49, 0xB4, + 0x23, 0xE9, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, + 0x18, 0x30, 0x16, 0x80, 0x14, 0xFA, 0xBA, 0x5B, 0x76, 0x1D, + 0xF1, 0x1D, 0x1D, 0x4D, 0x74, 0x48, 0xD8, 0x98, 0x3B, 0x56, + 0xEF, 0xB3, 0x14, 0xF3, 0xDE, 0x30, 0x0F, 0x06, 0x03, 0x55, + 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, + 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x05, + 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0xDA, 0xFE, + 0x58, 0x53, 0x89, 0x43, 0x85, 0x98, 0x35, 0xDC, 0x13, 0x1C, + 0xA3, 0xF1, 0x1F, 0x8D, 0x26, 0xBE, 0xB6, 0xA2, 0xFC, 0xB7, + 0xFE, 0x9C, 0xB9, 0x35, 0x69, 0x31, 0x7E, 0xD4, 0xB9, 0x11, + 0x45, 0x16, 0xA2, 0x29, 0x35, 0xA9, 0x74, 0xA7, 0x97, 0xDA, + 0x7E, 0x71, 0x4F, 0xB1, 0x72, 0x5D, 0x75, 0x17, 0xAC, 0xE3, + 0xF6, 0xB8, 0xCE, 0x1E, 0xE4, 0x8A, 0x95, 0xBA, 0xCD, 0x1D, + 0xCE, 0x0D }; static const int sizeof_ca_ed25519_cert = sizeof(ca_ed25519_cert); /* ./certs/ed25519/client-ed25519.der, ED25519 */ static const unsigned char client_ed25519_cert[] = { - 0x30, 0x82, 0x02, 0x58, 0x30, 0x82, 0x02, 0x0A, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x10, 0x00, 0x8F, 0x2F, 0x35, 0xB2, - 0x53, 0xBD, 0x4F, 0x92, 0xD1, 0xFF, 0x1D, 0x4B, 0x40, 0xA5, - 0x49, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x30, 0x81, - 0xA1, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, - 0x06, 0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, - 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x07, 0x45, 0x44, 0x32, 0x35, - 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, - 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, - 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, - 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x22, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x38, - 0x30, 0x34, 0x31, 0x32, 0x31, 0x36, 0x32, 0x32, 0x31, 0x37, - 0x5A, 0x18, 0x0F, 0x32, 0x30, 0x32, 0x31, 0x30, 0x31, 0x30, - 0x37, 0x31, 0x35, 0x32, 0x32, 0x31, 0x37, 0x5A, 0x30, 0x81, - 0xA1, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, - 0x06, 0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, - 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x07, 0x45, 0x44, 0x32, 0x35, - 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, - 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, - 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, - 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, - 0x70, 0x03, 0x21, 0x00, 0xA2, 0xF1, 0x26, 0x40, 0x9B, 0xA2, - 0x59, 0xDA, 0xDB, 0xE6, 0x15, 0x7F, 0x9A, 0x11, 0xB5, 0x48, - 0x5F, 0x55, 0xBA, 0x5E, 0xED, 0x46, 0xF7, 0x98, 0x67, 0xBE, - 0x0C, 0x93, 0xE3, 0xA4, 0x8E, 0x18, 0xA3, 0x52, 0x30, 0x50, + 0x30, 0x82, 0x03, 0x54, 0x30, 0x82, 0x03, 0x06, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x40, 0x66, 0xC6, 0x11, 0xBC, + 0x00, 0xF8, 0x51, 0xF9, 0xE4, 0x4B, 0xBB, 0x0B, 0xAD, 0xC1, + 0x09, 0x38, 0xB0, 0x4A, 0xE4, 0x30, 0x05, 0x06, 0x03, 0x2B, + 0x65, 0x70, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, + 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0E, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x2D, 0x65, 0x64, + 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, + 0x30, 0x33, 0x31, 0x30, 0x30, 0x36, 0x34, 0x39, 0x30, 0x33, + 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x30, 0x35, 0x30, + 0x36, 0x34, 0x39, 0x30, 0x33, 0x5A, 0x30, 0x81, 0x9F, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, + 0x35, 0x35, 0x31, 0x39, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0E, 0x43, 0x6C, 0x69, 0x65, 0x6E, + 0x74, 0x2D, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, + 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, + 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x2A, + 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x21, 0x00, + 0xE6, 0x57, 0x5B, 0x13, 0x1B, 0xC7, 0x51, 0x14, 0x6B, 0xED, + 0x3B, 0xF5, 0xD1, 0xFA, 0xAB, 0x9E, 0x6C, 0xB6, 0xEB, 0x02, + 0x09, 0xA3, 0x99, 0xF5, 0x6E, 0xBF, 0x9D, 0x3C, 0xFE, 0x54, + 0x39, 0xE6, 0xA3, 0x82, 0x01, 0x50, 0x30, 0x82, 0x01, 0x4C, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, - 0x14, 0xFE, 0x01, 0x46, 0x7F, 0x6F, 0x2B, 0x3E, 0x1C, 0xB0, - 0x6F, 0xE1, 0xCC, 0x4D, 0x02, 0x25, 0xF7, 0x4D, 0x0A, 0x95, - 0xB8, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, - 0x30, 0x16, 0x80, 0x14, 0xFE, 0x01, 0x46, 0x7F, 0x6F, 0x2B, - 0x3E, 0x1C, 0xB0, 0x6F, 0xE1, 0xCC, 0x4D, 0x02, 0x25, 0xF7, - 0x4D, 0x0A, 0x95, 0xB8, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, - 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x06, 0xC0, - 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, - 0x29, 0xF6, 0x69, 0xE2, 0xB9, 0x73, 0x12, 0xD1, 0x64, 0xEB, - 0x8F, 0xE9, 0x6B, 0x61, 0xDB, 0x5F, 0xE9, 0xA7, 0x62, 0x6C, - 0x10, 0x89, 0x41, 0x80, 0xE3, 0xE8, 0xFD, 0x1F, 0xD0, 0x13, - 0xAE, 0x95, 0x00, 0xAF, 0xF7, 0x77, 0xE1, 0x22, 0x32, 0xAD, - 0x46, 0x4F, 0xDC, 0x7E, 0xFE, 0xAE, 0xBC, 0x8A, 0x1F, 0x96, - 0x0A, 0xDA, 0x9F, 0xC9, 0x93, 0x52, 0x27, 0x18, 0xB0, 0x8B, - 0xDA, 0xBE, 0x81, 0x09 + 0x14, 0xFE, 0x41, 0x5E, 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, + 0x3E, 0x47, 0x89, 0x90, 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, + 0x8A, 0x30, 0x81, 0xDF, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, + 0x81, 0xD7, 0x30, 0x81, 0xD4, 0x80, 0x14, 0xFE, 0x41, 0x5E, + 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, 0x3E, 0x47, 0x89, 0x90, + 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, 0x8A, 0xA1, 0x81, 0xA5, + 0xA4, 0x81, 0xA2, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0E, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x2D, 0x65, + 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x40, 0x66, 0xC6, + 0x11, 0xBC, 0x00, 0xF8, 0x51, 0xF9, 0xE4, 0x4B, 0xBB, 0x0B, + 0xAD, 0xC1, 0x09, 0x38, 0xB0, 0x4A, 0xE4, 0x30, 0x0C, 0x06, + 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, + 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, + 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, + 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, + 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, + 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, + 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, + 0x03, 0x02, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, + 0x41, 0x00, 0xE0, 0x87, 0xE2, 0xCE, 0xD3, 0x87, 0x77, 0x9D, + 0xF7, 0x44, 0xC0, 0x73, 0x00, 0xFF, 0x07, 0x6D, 0x2E, 0x90, + 0x90, 0x5C, 0xBF, 0x30, 0x46, 0x9C, 0x75, 0xA9, 0x48, 0x50, + 0x8A, 0xDA, 0x09, 0x0F, 0xA8, 0xA8, 0x04, 0xB4, 0x33, 0xC8, + 0xF4, 0x28, 0x61, 0x9E, 0xC2, 0xA5, 0x19, 0xB7, 0x70, 0x1E, + 0x69, 0xCD, 0x49, 0x5C, 0x9A, 0xF3, 0x81, 0xE0, 0xDE, 0x38, + 0xB3, 0x37, 0xFF, 0x33, 0xBB, 0x07 }; static const int sizeof_client_ed25519_cert = sizeof(client_ed25519_cert); /* ./certs/ed25519/client-ed25519-key.der, ED25519 */ static const unsigned char client_ed25519_key[] = { - 0x30, 0x52, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2B, - 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x27, 0xA3, 0x34, 0x2A, - 0x35, 0xD4, 0xBB, 0xB8, 0xE1, 0xDC, 0xD8, 0xEC, 0x0F, 0xC1, - 0xA0, 0xD1, 0xA2, 0x5C, 0xF9, 0x06, 0xF0, 0x44, 0x5D, 0x3B, - 0x97, 0x4D, 0xBD, 0xDF, 0x4A, 0x3B, 0xA3, 0x4E, 0xA1, 0x22, - 0x04, 0x20, 0xA2, 0xF1, 0x26, 0x40, 0x9B, 0xA2, 0x59, 0xDA, - 0xDB, 0xE6, 0x15, 0x7F, 0x9A, 0x11, 0xB5, 0x48, 0x5F, 0x55, - 0xBA, 0x5E, 0xED, 0x46, 0xF7, 0x98, 0x67, 0xBE, 0x0C, 0x93, - 0xE3, 0xA4, 0x8E, 0x18 + 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, + 0x21, 0x00, 0xE6, 0x57, 0x5B, 0x13, 0x1B, 0xC7, 0x51, 0x14, + 0x6B, 0xED, 0x3B, 0xF5, 0xD1, 0xFA, 0xAB, 0x9E, 0x6C, 0xB6, + 0xEB, 0x02, 0x09, 0xA3, 0x99, 0xF5, 0x6E, 0xBF, 0x9D, 0x3C, + 0xFE, 0x54, 0x39, 0xE6 }; static const int sizeof_client_ed25519_key = sizeof(client_ed25519_key); diff --git a/source/libwolfssl/crl.h b/source/libwolfssl/crl.h index 170f78eb..9b3ec3f6 100644 --- a/source/libwolfssl/crl.h +++ b/source/libwolfssl/crl.h @@ -1,6 +1,6 @@ /* crl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,8 +27,8 @@ #ifdef HAVE_CRL -#include -#include +#include +#include #ifdef __cplusplus extern "C" { diff --git a/source/libwolfssl/error-ssl.h b/source/libwolfssl/error-ssl.h index 86d4e7cd..f2e58094 100644 --- a/source/libwolfssl/error-ssl.h +++ b/source/libwolfssl/error-ssl.h @@ -1,6 +1,6 @@ /* error-ssl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,7 +24,7 @@ #ifndef WOLFSSL_ERROR_H #define WOLFSSL_ERROR_H -#include /* pull in wolfCrypt errors */ +#include /* pull in wolfCrypt errors */ #ifdef __cplusplus extern "C" { @@ -169,6 +169,10 @@ enum wolfSSL_ErrorCodes { TLS13_SECRET_CB_E = -438, /* TLS1.3 secret Cb fcn failure */ DTLS_SIZE_ERROR = -439, /* Trying to send too much data */ NO_CERT_ERROR = -440, /* TLS1.3 - no cert set error */ + APP_DATA_READY = -441, /* DTLS1.2 application data ready for read */ + TOO_MUCH_EARLY_DATA = -442, /* Too much Early data */ + + SOCKET_FILTERED_E = -443, /* Session stopped by network filter */ /* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */ diff --git a/source/libwolfssl/internal.h b/source/libwolfssl/internal.h index 7a425fb5..2510ed66 100644 --- a/source/libwolfssl/internal.h +++ b/source/libwolfssl/internal.h @@ -1,6 +1,6 @@ /* internal.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,101 +25,113 @@ #define WOLFSSL_INT_H -#include -#include +#include +#include #ifdef HAVE_CRL - #include + #include #endif -#include +#include #ifndef NO_DES3 - #include + #include #endif #ifndef NO_HC128 - #include + #include #endif #ifndef NO_RABBIT - #include + #include #endif #ifdef HAVE_CHACHA - #include + #include #endif #ifndef NO_ASN - #include - #include + #include + #include #endif #ifndef NO_MD5 - #include + #include #endif #ifndef NO_SHA - #include + #include #endif #ifndef NO_AES - #include + #include #endif #ifdef HAVE_POLY1305 - #include + #include +#endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && defined(OPENSSL_EXTRA) + #include #endif #ifdef HAVE_CAMELLIA - #include + #include #endif -#include +#include #ifndef NO_HMAC - #include + #include #endif #ifndef NO_RC4 - #include + #include #endif #ifndef NO_SHA256 - #include + #include #endif #if defined(WOLFSSL_SHA384) - #include + #include #endif #ifdef HAVE_OCSP - #include + #include #endif #ifdef WOLFSSL_SHA384 - #include + #include #endif #ifdef WOLFSSL_SHA512 - #include + #include #endif #ifdef HAVE_AESGCM - #include + #include #endif #ifdef WOLFSSL_RIPEMD - #include + #include #endif #ifdef HAVE_IDEA - #include + #include #endif #ifndef NO_RSA - #include + #include #endif #ifdef HAVE_ECC - #include + #include #endif #ifndef NO_DH - #include + #include #endif #ifdef HAVE_ED25519 - #include + #include #endif #ifdef HAVE_CURVE25519 - #include + #include #endif #ifdef HAVE_ED448 - #include + #include #endif #ifdef HAVE_CURVE448 - #include + #include +#endif +#ifndef WOLFSSL_NO_DEF_TICKET_ENC_CB + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \ + !defined(WOLFSSL_TICKET_ENC_AES128_GCM) && \ + !defined(WOLFSSL_TICKET_ENC_AES256_GCM) + #include + #else + #include + #endif #endif -#include -#include +#include +#include #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) - #include + #include #endif #ifdef WOLFSSL_CALLBACKS #include @@ -146,6 +158,8 @@ /* do nothing, just don't pick Unix */ #elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS) /* do nothing */ +#elif defined(RTTHREAD) + /* do nothing */ #elif defined(EBSNET) /* do nothing */ #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) @@ -197,7 +211,11 @@ #endif #endif #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) - #include /* for close of BIO */ + #ifdef FUSION_RTOS + #include + #else + #include /* for close of BIO */ + #endif #endif #endif @@ -212,12 +230,12 @@ #endif #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif #ifdef OPENSSL_EXTRA #ifdef WOLFCRYPT_HAVE_SRP - #include + #include #endif #endif @@ -843,6 +861,13 @@ #endif #endif +#if !defined(WOLFCRYPT_ONLY) && defined(NO_PSK) && \ + (defined(NO_DH) || !defined(HAVE_ANON)) && \ + defined(NO_RSA) && !defined(HAVE_ECC) && \ + !defined(HAVE_ED25519) && !defined(HAVE_ED448) + #error "No cipher suites avaialble with this build" +#endif + #ifdef WOLFSSL_MULTICAST #if defined(HAVE_NULL_CIPHER) && !defined(NO_SHA256) #define BUILD_WDM_WITH_NULL_SHA256 @@ -1139,7 +1164,8 @@ enum { #endif /* WOLFSSL_MULTICAST */ #ifndef WOLFSSL_MAX_MTU - #define WOLFSSL_MAX_MTU 1500 + /* 1500 - 100 bytes to account for UDP and IP headers */ + #define WOLFSSL_MAX_MTU 1400 #endif /* WOLFSSL_MAX_MTU */ @@ -1169,8 +1195,8 @@ enum { #if (WOLFSSL_MAX_DHKEY_BITS % 8) #error DH maximum bit size must be multiple of 8 #endif -#if (WOLFSSL_MAX_DHKEY_BITS > 16000) - #error DH maximum bit size must not be greater than 16000 +#if (WOLFSSL_MAX_DHKEY_BITS > 16384) + #error DH maximum bit size must not be greater than 16384 #endif #define MAX_DHKEY_SZ (WOLFSSL_MAX_DHKEY_BITS / 8) @@ -1230,7 +1256,7 @@ enum Misc { /* pre RSA and all master */ #if defined(WOLFSSL_MYSQL_COMPATIBLE) || \ (defined(USE_FAST_MATH) && defined(FP_MAX_BITS) && FP_MAX_BITS >= 16384) -#ifndef NO_PSK +#if !defined(NO_PSK) && defined(USE_FAST_MATH) ENCRYPT_LEN = (FP_MAX_BITS / 2 / 8) + MAX_PSK_ID_LEN + 2, #else ENCRYPT_LEN = 1024, /* allow 8192 bit static buffer */ @@ -1324,9 +1350,9 @@ enum Misc { DTLS_EXPORT_PRO = 165,/* wolfSSL protocol for serialized session */ DTLS_EXPORT_STATE_PRO = 166,/* wolfSSL protocol for serialized state */ DTLS_EXPORT_VERSION = 4, /* wolfSSL version for serialized session */ - DTLS_EXPORT_OPT_SZ = 60, /* amount of bytes used from Options */ + DTLS_EXPORT_OPT_SZ = 61, /* amount of bytes used from Options */ DTLS_EXPORT_VERSION_3 = 3, /* wolfSSL version before TLS 1.3 addition */ - DTLS_EXPORT_OPT_SZ_3 = 59, /* amount of bytes used from Options */ + DTLS_EXPORT_OPT_SZ_3 = 60, /* amount of bytes used from Options */ DTLS_EXPORT_KEY_SZ = 325 + (DTLS_SEQ_SZ * 2), /* max amount of bytes used from Keys */ DTLS_EXPORT_MIN_KEY_SZ = 85 + (DTLS_SEQ_SZ * 2), @@ -1334,6 +1360,9 @@ enum Misc { DTLS_EXPORT_SPC_SZ = 16, /* amount of bytes used from CipherSpecs */ DTLS_EXPORT_LEN = 2, /* 2 bytes for length and protocol */ DTLS_EXPORT_IP = 46, /* max ip size IPv4 mapped IPv6 */ + DTLS_MTU_ADDITIONAL_READ_BUFFER = 100, /* Additional bytes to read so that + * we can work with a peer that has + * a slightly different MTU than us. */ MAX_EXPORT_BUFFER = 514, /* max size of buffer for exporting */ MAX_EXPORT_STATE_BUFFER = (DTLS_EXPORT_MIN_KEY_SZ) + (3 * DTLS_EXPORT_LEN), /* max size of buffer for exporting state */ @@ -1467,7 +1496,11 @@ enum Misc { MAX_WOLFSSL_FILE_SIZE = 1024ul * 1024ul * 4, /* 4 mb file size alloc limit */ #endif +#ifdef WOLFSSL_HAPROXY + MAX_X509_SIZE = 3072, /* max static x509 buffer size */ +#else MAX_X509_SIZE = 2048, /* max static x509 buffer size */ +#endif CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */ MAX_NTRU_PUB_KEY_SZ = 1027, /* NTRU max for now */ @@ -1583,6 +1616,26 @@ enum Misc { #define SESSION_TICKET_HINT_DEFAULT 300 #endif +#if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(WOLFSSL_NO_SERVER) + /* Check chosen encryption is available. */ + #if !(defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) && \ + defined(WOLFSSL_TICKET_ENC_CHACHA20_POLY1305) + #error "ChaCha20-Poly1305 not available for default ticket encryption" + #endif + #if !defined(HAVE_AESGCM) && (defined(WOLFSSL_TICKET_ENC_AES128_GCM) || \ + defined(WOLFSSL_TICKET_ENC_AES256_GCM)) + #error "AES-GCM not available for default ticket encryption" + #endif + + #ifndef WOLFSSL_TICKET_KEY_LIFETIME + /* Default lifetime is 1 hour from issue of first ticket with key. */ + #define WOLFSSL_TICKET_KEY_LIFETIME (60 * 60) + #endif + #if WOLFSSL_TICKET_KEY_LIFETIME <= SESSION_TICKET_HINT_DEFAULT + #error "Ticket Key lifetime must be longer than ticket life hint." + #endif +#endif + /* don't use extra 3/4k stack space unless need to */ #ifdef HAVE_NTRU @@ -1646,6 +1699,21 @@ WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_3(void); #endif #endif +struct WOLFSSL_BY_DIR_HASH { + unsigned long hash_value; + int last_suffix; +}; + +struct WOLFSSL_BY_DIR_entry { + char* dir_name; + int dir_type; + WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *hashes; +}; + +struct WOLFSSL_BY_DIR { + WOLF_STACK_OF(WOLFSSL_BY_DIR_entry) *dir_entry; + wolfSSL_Mutex lock; /* dir list lock */ +}; /* wolfSSL method type */ struct WOLFSSL_METHOD { @@ -1678,7 +1746,7 @@ WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx) WOLFSSL_LOCAL int HandleTlsResumption(WOLFSSL* ssl, int bogusID, Suites* clSuites); #ifdef WOLFSSL_TLS13 -WOLFSSL_LOCAL int FindSuite(Suites* suites, byte first, byte second); +WOLFSSL_LOCAL byte SuiteMac(byte* suite); #endif WOLFSSL_LOCAL int DoClientHello(WOLFSSL* ssl, const byte* input, word32*, word32); @@ -1692,6 +1760,11 @@ WOLFSSL_LOCAL int CompleteServerHello(WOLFSSL *ssl); WOLFSSL_LOCAL int CheckVersion(WOLFSSL *ssl, ProtocolVersion pv); WOLFSSL_LOCAL int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz); +#ifdef WOLF_CRYPTO_CB +WOLFSSL_LOCAL int CreateDevPrivateKey(void** pkey, byte* buffer, word32 length, + int hsType, int label, int id, + void* heap, int devId); +#endif WOLFSSL_LOCAL int DecodePrivateKey(WOLFSSL *ssl, word16* length); #ifdef HAVE_PK_CALLBACKS WOLFSSL_LOCAL int GetPrivateKeySigSize(WOLFSSL* ssl); @@ -1713,9 +1786,11 @@ WOLFSSL_LOCAL int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz); WOLFSSL_LOCAL int HashInput(WOLFSSL* ssl, const byte* input, int sz); -#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#ifdef HAVE_SNI +#ifndef NO_WOLFSSL_SERVER WOLFSSL_LOCAL int SNI_Callback(WOLFSSL* ssl); #endif +#endif #ifdef WOLFSSL_TLS13 WOLFSSL_LOCAL int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz, const byte* aad, word16 aadSz); @@ -1727,6 +1802,7 @@ WOLFSSL_LOCAL int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, WOLFSSL_LOCAL int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 helloSz, byte* extMsgType); +WOLFSSL_LOCAL int RestartHandshakeHash(WOLFSSL* ssl); #endif int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int t, int pLen, int content); @@ -1827,9 +1903,10 @@ WOLFSSL_LOCAL void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig, int haveAnon, int tls1_2, int keySz); WOLFSSL_LOCAL void InitSuites(Suites*, ProtocolVersion, int, word16, word16, - word16, word16, word16, word16, word16, int); + word16, word16, word16, word16, word16, word16, int); WOLFSSL_LOCAL int MatchSuite(WOLFSSL* ssl, Suites* peerSuites); WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list); +WOLFSSL_LOCAL int SetSuitesHashSigAlgo(Suites*, const char* list); #ifndef PSK_TYPES_DEFINED typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*, @@ -1837,11 +1914,15 @@ WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list); typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*, unsigned char*, unsigned int); #ifdef WOLFSSL_TLS13 + typedef unsigned int (*wc_psk_client_cs_callback)(WOLFSSL*, const char*, + char*, unsigned int, unsigned char*, unsigned int, + const char* cipherName); typedef unsigned int (*wc_psk_client_tls13_callback)(WOLFSSL*, const char*, char*, unsigned int, unsigned char*, unsigned int, - const char**); + const char** cipherName); typedef unsigned int (*wc_psk_server_tls13_callback)(WOLFSSL*, const char*, - unsigned char*, unsigned int, const char**); + unsigned char*, unsigned int, + const char** cipherName); #endif #endif /* PSK_TYPES_DEFINED */ #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \ @@ -1998,18 +2079,22 @@ struct WOLFSSL_CERT_MANAGER { #ifndef NO_WOLFSSL_CM_VERIFY VerifyCallback verifyCallback; /* Verify callback */ #endif - CallbackCACache caCacheCallback; /* CA cache addition callback */ - CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */ - CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */ - CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */ - wolfSSL_Mutex caLock; /* CA list lock */ - byte crlEnabled; /* is CRL on ? */ - byte crlCheckAll; /* always leaf, but all ? */ - byte ocspEnabled; /* is OCSP on ? */ - byte ocspCheckAll; /* always leaf, but all ? */ - byte ocspSendNonce; /* send the OCSP nonce ? */ - byte ocspUseOverrideURL; /* ignore cert's responder, override */ - byte ocspStaplingEnabled; /* is OCSP Stapling on ? */ + CallbackCACache caCacheCallback; /* CA cache addition callback */ + CbMissingCRL cbMissingCRL; /* notify thru cb of missing crl */ + CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */ + CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */ + wolfSSL_Mutex caLock; /* CA list lock */ + byte crlEnabled:1; /* is CRL on ? */ + byte crlCheckAll:1; /* always leaf, but all ? */ + byte ocspEnabled:1; /* is OCSP on ? */ + byte ocspCheckAll:1; /* always leaf, but all ? */ + byte ocspSendNonce:1; /* send the OCSP nonce ? */ + byte ocspUseOverrideURL:1; /* ignore cert responder, override */ + byte ocspStaplingEnabled:1; /* is OCSP Stapling on ? */ +#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ +|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) + byte ocspMustStaple:1; /* server must respond with staple */ +#endif #ifndef NO_RSA short minRsaKeySz; /* minimum allowed RSA key size */ @@ -2017,6 +2102,13 @@ struct WOLFSSL_CERT_MANAGER { #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) short minEccKeySz; /* minimum allowed ECC key size */ #endif +#if defined(OPENSSL_EXTRA) + WOLFSSL_X509_STORE *x509_store_p; /* a pointer back to CTX x509 store */ + /* CTX has ownership and free this */ + /* with CTX free. */ +#endif + wolfSSL_Mutex refMutex; /* reference count mutex */ + int refCount; /* reference count */ }; WOLFSSL_LOCAL int CM_SaveCertCache(WOLFSSL_CERT_MANAGER*, const char*); @@ -2158,14 +2250,16 @@ typedef struct Keys { #ifdef HAVE_TLS_EXTENSIONS typedef enum { +#ifdef HAVE_SNI TLSX_SERVER_NAME = 0x0000, /* a.k.a. SNI */ +#endif TLSX_MAX_FRAGMENT_LENGTH = 0x0001, TLSX_TRUSTED_CA_KEYS = 0x0003, TLSX_TRUNCATED_HMAC = 0x0004, TLSX_STATUS_REQUEST = 0x0005, /* a.k.a. OCSP stapling */ TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */ TLSX_EC_POINT_FORMATS = 0x000b, -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) TLSX_SIGNATURE_ALGORITHMS = 0x000d, /* HELLO_EXT_SIG_ALGO */ #endif TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */ @@ -2184,14 +2278,18 @@ typedef enum { TLSX_EARLY_DATA = 0x002a, #endif TLSX_SUPPORTED_VERSIONS = 0x002b, + #ifdef WOLFSSL_SEND_HRR_COOKIE TLSX_COOKIE = 0x002c, + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TLSX_PSK_KEY_EXCHANGE_MODES = 0x002d, #endif #ifdef WOLFSSL_POST_HANDSHAKE_AUTH TLSX_POST_HANDSHAKE_AUTH = 0x0031, #endif + #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) TLSX_SIGNATURE_ALGORITHMS_CERT = 0x0032, + #endif TLSX_KEY_SHARE = 0x0033, #endif TLSX_RENEGOTIATION_INFO = 0xff01 @@ -2226,9 +2324,9 @@ WOLFSSL_LOCAL int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType, word16* pOffset); #endif -WOLFSSL_LOCAL int TLSX_ParseVersion(WOLFSSL* ssl, byte* input, word16 length, - byte msgType, int* found); -WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, +WOLFSSL_LOCAL int TLSX_ParseVersion(WOLFSSL* ssl, const byte* input, + word16 length, byte msgType, int* found); +WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType, Suites *suites); #elif defined(HAVE_SNI) \ @@ -2334,7 +2432,7 @@ typedef struct { union { OcspRequest ocsp; } request; -#if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER) +#if defined(WOLFSSL_TLS13) buffer response; #endif } CertificateStatusRequest; @@ -2451,6 +2549,28 @@ typedef struct SessionTicket { word16 size; } SessionTicket; +#if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(WOLFSSL_NO_SERVER) + +/* Data passed to default SessionTicket enc/dec callback. */ +typedef struct TicketEncCbCtx { + /* Name for this context. */ + byte name[WOLFSSL_TICKET_NAME_SZ]; + /* Current keys - current and next. */ + byte key[2][WOLFSSL_TICKET_KEY_SZ]; + /* Expirary date of keys. */ + word32 expirary[2]; + /* Random number generator to use for generating name, keys and IV. */ + WC_RNG rng; +#ifndef SINGLE_THREADED + /* Mutex for access to changing keys. */ + wolfSSL_Mutex mutex; +#endif + /* Pointer back to SSL_CTX. */ + WOLFSSL_CTX* ctx; +} TicketEncCbCtx; + +#endif /* !WOLFSSL_NO_DEF_TICKET_ENC_CB && !WOLFSSL_NO_SERVER */ + WOLFSSL_LOCAL int TLSX_UseSessionTicket(TLSX** extensions, SessionTicket* ticket, void* heap); WOLFSSL_LOCAL SessionTicket* TLSX_SessionTicket_Create(word32 lifetime, @@ -2508,7 +2628,7 @@ typedef struct Cookie { byte data; } Cookie; -WOLFSSL_LOCAL int TLSX_Cookie_Use(WOLFSSL* ssl, byte* data, word16 len, +WOLFSSL_LOCAL int TLSX_Cookie_Use(WOLFSSL* ssl, const byte* data, word16 len, byte* mac, byte macSz, int resp); @@ -2519,17 +2639,23 @@ typedef struct KeyShareEntry { word16 group; /* NamedGroup */ byte* ke; /* Key exchange data */ word32 keLen; /* Key exchange data length */ - void* key; /* Private key */ - word32 keyLen; /* Private key length */ + void* key; /* Key struct */ + word32 keyLen; /* Key size (bytes) */ byte* pubKey; /* Public key */ word32 pubKeyLen; /* Public key length */ +#ifndef NO_DH + byte* privKey; /* Private key - DH only */ +#endif +#ifdef WOLFSSL_ASYNC_CRYPT + int lastRet; +#endif struct KeyShareEntry* next; /* List pointer */ } KeyShareEntry; WOLFSSL_LOCAL int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data, KeyShareEntry **kse); WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl); -WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl); +WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl, int* doHelloRetry); WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* ssl); @@ -2562,7 +2688,7 @@ WOLFSSL_LOCAL int TLSX_PreSharedKey_WriteBinders(PreSharedKey* list, word16* pSz); WOLFSSL_LOCAL int TLSX_PreSharedKey_GetSizeBinders(PreSharedKey* list, byte msgType, word16* pSz); -WOLFSSL_LOCAL int TLSX_PreSharedKey_Use(WOLFSSL* ssl, byte* identity, +WOLFSSL_LOCAL int TLSX_PreSharedKey_Use(WOLFSSL* ssl, const byte* identity, word16 len, word32 age, byte hmac, byte cipherSuite0, byte cipherSuite, byte resumption, @@ -2603,6 +2729,10 @@ WOLFSSL_LOCAL int DeriveMasterSecret(WOLFSSL* ssl); WOLFSSL_LOCAL int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret); WOLFSSL_LOCAL int DeriveResumptionSecret(WOLFSSL* ssl, byte* key); +WOLFSSL_LOCAL int Tls13_Exporter(WOLFSSL* ssl, unsigned char *out, size_t outLen, + const char *label, size_t labelLen, + const unsigned char *context, size_t contextLen); + /* The key update request values for KeyUpdate message. */ enum KeyUpdateRequest { update_not_requested, @@ -2620,9 +2750,21 @@ enum SetCBIO { #endif #ifdef WOLFSSL_STATIC_EPHEMERAL +/* contains static ephemeral keys */ typedef struct { - int keyAlgo; - DerBuffer* key; +#ifndef NO_DH + DerBuffer* dhKey; +#endif +#ifdef HAVE_ECC + DerBuffer* ecKey; +#endif + /* bits */ +#ifndef NO_DH + byte weOwnDH:1; +#endif +#ifdef HAVE_ECC + byte weOwnEC:1; +#endif } StaticKeyExchangeInfo_t; #endif @@ -2644,7 +2786,7 @@ struct WOLFSSL_CTX { DerBuffer* certificate; DerBuffer* certChain; /* chain after self, in DER, with leading size for each cert */ - #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) + #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY) WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names; #endif #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ @@ -2656,10 +2798,14 @@ struct WOLFSSL_CTX { int certChainCnt; #endif DerBuffer* privateKey; - byte privateKeyType:7; + byte privateKeyType:6; byte privateKeyId:1; + byte privateKeyLabel:1; int privateKeySz; int privateKeyDevId; +#ifdef OPENSSL_ALL + WOLFSSL_EVP_PKEY* privateKeyPKey; +#endif WOLFSSL_CERT_MANAGER* cm; /* our cert manager, ctx owns SSL will use */ #endif #ifdef KEEP_OUR_CERT @@ -2691,8 +2837,11 @@ struct WOLFSSL_CTX { byte minDowngrade; /* minimum downgrade version */ byte haveEMS:1; /* have extended master secret extension */ byte useClientOrder:1; /* Use client's cipher preference order */ +#if defined(HAVE_SESSION_TICKET) + byte noTicketTls12:1; /* TLS 1.2 server won't send ticket */ +#endif #ifdef WOLFSSL_TLS13 - byte noTicketTls13:1; /* Server won't create new Ticket */ + byte noTicketTls13:1; /* TLS 1.3 Server won't create new Ticket */ byte noPskDheKe:1; /* Don't use (EC)DHE with PSK */ #endif byte mutualAuth:1; /* Mutual authentication required */ @@ -2744,7 +2893,14 @@ struct WOLFSSL_CTX { byte sessionCtxSz; byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */ CallbackInfoState* CBIS; /* used to get info about SSL state */ + WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/ #endif +#ifdef WOLFSSL_WOLFSENTRY_HOOKS + NetworkFilterCallback_t AcceptFilter; + void *AcceptFilter_arg; + NetworkFilterCallback_t ConnectFilter; + void *ConnectFilter_arg; +#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ CallbackIORecv CBIORecv; CallbackIOSend CBIOSend; #ifdef WOLFSSL_DTLS @@ -2775,6 +2931,7 @@ struct WOLFSSL_CTX { wc_psk_client_callback client_psk_cb; /* client callback */ wc_psk_server_callback server_psk_cb; /* server callback */ #ifdef WOLFSSL_TLS13 + wc_psk_client_cs_callback client_psk_cs_cb; /* client callback */ wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */ wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */ #endif @@ -2804,13 +2961,11 @@ struct WOLFSSL_CTX { #ifdef HAVE_EX_DATA WOLFSSL_CRYPTO_EX_DATA ex_data; #endif -#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) +#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)) CallbackALPNSelect alpnSelect; void* alpnSelectArg; #endif -#if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || \ - defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) || \ - defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_OPENSSH) )) +#ifdef HAVE_SNI CallbackSniRecv sniRecvCb; void* sniRecvCbArg; #endif @@ -2838,12 +2993,19 @@ struct WOLFSSL_CTX { #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) SessionTicketEncCb ticketEncCb; /* enc/dec session ticket Cb */ void* ticketEncCtx; /* session encrypt context */ + #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ + || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) + ticketCompatCb ticketEncWrapCb; /* callback for OpenSSL ticket key callback */ + #endif int ticketHint; /* ticket hint in seconds */ + #ifndef WOLFSSL_NO_DEF_TICKET_ENC_CB + TicketEncCbCtx ticketKeyCtx; + #endif + #endif #endif #ifdef HAVE_SUPPORTED_CURVES byte userCurves; /* indicates user called wolfSSL_CTX_UseSupportedCurve */ #endif -#endif #ifdef ATOMIC_USER CallbackMacEncrypt MacEncryptCb; /* Atomic User Mac/Encrypt Cb */ CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */ @@ -2858,31 +3020,31 @@ struct WOLFSSL_CTX { CallbackEccSign EccSignCb; /* User EccSign Callback handler */ CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */ CallbackEccSharedSecret EccSharedSecretCb; /* User EccVerify Callback handler */ - #ifdef HAVE_ED25519 - /* User Ed25519Sign Callback handler */ - CallbackEd25519Sign Ed25519SignCb; - /* User Ed25519Verify Callback handler */ - CallbackEd25519Verify Ed25519VerifyCb; - #endif - #ifdef HAVE_CURVE25519 - /* User X25519 KeyGen Callback Handler */ - CallbackX25519KeyGen X25519KeyGenCb; - /* User X25519 SharedSecret Callback handler */ - CallbackX25519SharedSecret X25519SharedSecretCb; - #endif - #ifdef HAVE_ED448 - /* User Ed448Sign Callback handler */ - CallbackEd448Sign Ed448SignCb; - /* User Ed448Verify Callback handler */ - CallbackEd448Verify Ed448VerifyCb; - #endif - #ifdef HAVE_CURVE448 - /* User X448 KeyGen Callback Handler */ - CallbackX448KeyGen X448KeyGenCb; - /* User X448 SharedSecret Callback handler */ - CallbackX448SharedSecret X448SharedSecretCb; - #endif #endif /* HAVE_ECC */ + #ifdef HAVE_ED25519 + /* User Ed25519Sign Callback handler */ + CallbackEd25519Sign Ed25519SignCb; + /* User Ed25519Verify Callback handler */ + CallbackEd25519Verify Ed25519VerifyCb; + #endif + #ifdef HAVE_CURVE25519 + /* User X25519 KeyGen Callback Handler */ + CallbackX25519KeyGen X25519KeyGenCb; + /* User X25519 SharedSecret Callback handler */ + CallbackX25519SharedSecret X25519SharedSecretCb; + #endif + #ifdef HAVE_ED448 + /* User Ed448Sign Callback handler */ + CallbackEd448Sign Ed448SignCb; + /* User Ed448Verify Callback handler */ + CallbackEd448Verify Ed448VerifyCb; + #endif + #ifdef HAVE_CURVE448 + /* User X448 KeyGen Callback Handler */ + CallbackX448KeyGen X448KeyGenCb; + /* User X448 SharedSecret Callback handler */ + CallbackX448SharedSecret X448SharedSecretCb; + #endif #ifndef NO_DH CallbackDhAgree DhAgreeCb; /* User DH Agree Callback handler */ #endif @@ -2903,7 +3065,7 @@ struct WOLFSSL_CTX { WOLF_EVENT_QUEUE event_queue; #endif /* HAVE_WOLF_EVENT */ #ifdef HAVE_EXT_CACHE - WOLFSSL_SESSION*(*get_sess_cb)(WOLFSSL*, unsigned char*, int, int*); + WOLFSSL_SESSION*(*get_sess_cb)(WOLFSSL*, const unsigned char*, int, int*); int (*new_sess_cb)(WOLFSSL*, WOLFSSL_SESSION*); void (*rem_sess_cb)(WOLFSSL_CTX*, WOLFSSL_SESSION*); #endif @@ -2911,6 +3073,9 @@ struct WOLFSSL_CTX { Srp* srp; /* TLS Secure Remote Password Protocol*/ byte* srp_password; #endif +#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) + wolfSSL_CTX_keylog_cb_func keyLogCb; +#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */ #ifdef WOLFSSL_STATIC_EPHEMERAL StaticKeyExchangeInfo_t staticKE; #endif @@ -2923,6 +3088,10 @@ void FreeSSL_Ctx(WOLFSSL_CTX*); WOLFSSL_LOCAL void SSL_CtxResourceFree(WOLFSSL_CTX*); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +void wolfSSL_CRYPTO_cleanup_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data); +#endif + WOLFSSL_LOCAL int DeriveTlsKeys(WOLFSSL* ssl); WOLFSSL_LOCAL @@ -3189,6 +3358,9 @@ struct WOLFSSL_SESSION { wolfSSL_Mutex refMutex; /* ref count mutex */ int refCount; /* reference count */ #endif +#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) + byte peerVerifyRet; /* cert verify error */ +#endif #ifdef WOLFSSL_TLS13 word16 namedGroup; #endif @@ -3214,17 +3386,19 @@ struct WOLFSSL_SESSION { #ifdef HAVE_EX_DATA WOLFSSL_CRYPTO_EX_DATA ex_data; #endif + byte side; /* Either WOLFSSL_CLIENT_END or + WOLFSSL_SERVER_END */ }; -WOLFSSL_LOCAL -WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte); -WOLFSSL_LOCAL -int SetSession(WOLFSSL*, WOLFSSL_SESSION*); +WOLFSSL_LOCAL WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte); +WOLFSSL_LOCAL int SetSession(WOLFSSL*, WOLFSSL_SESSION*); +WOLFSSL_LOCAL void FreeSession(WOLFSSL_SESSION*, int); typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int, int); #ifndef NO_CLIENT_CACHE + WOLFSSL_LOCAL WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int); #endif @@ -3312,8 +3486,9 @@ typedef struct Buffers { #ifndef NO_CERTS DerBuffer* certificate; /* WOLFSSL_CTX owns, unless we own */ DerBuffer* key; /* WOLFSSL_CTX owns, unless we own */ - byte keyType:7; /* Type of key: RSA, ECC, Ed25519 */ + byte keyType:6; /* Type of key: RSA, ECC, Ed25519 */ byte keyId:1; /* Key data is an id not data */ + byte keyLabel:1; /* Key data is a label not data */ int keySz; /* Size of RSA key */ int keyDevId; /* Device Id for key */ DerBuffer* certChain; /* WOLFSSL_CTX owns, unless we own */ @@ -3379,7 +3554,11 @@ typedef struct Options { #ifndef NO_PSK wc_psk_client_callback client_psk_cb; wc_psk_server_callback server_psk_cb; +#ifdef OPENSSL_EXTRA + wc_psk_use_session_cb_func session_psk_cb; +#endif #ifdef WOLFSSL_TLS13 + wc_psk_client_cs_callback client_psk_cs_cb; /* client callback */ wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */ wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */ #endif @@ -3440,13 +3619,12 @@ typedef struct Options { #ifdef HAVE_POLY1305 word16 oldPoly:1; /* set when to use old rfc way of poly*/ #endif -#ifdef HAVE_ANON word16 haveAnon:1; /* User wants to allow Anon suites */ -#endif #ifdef HAVE_SESSION_TICKET word16 createTicket:1; /* Server to create new Ticket */ word16 useTicket:1; /* Use Ticket not session cache */ word16 rejectTicket:1; /* Callback rejected ticket */ + word16 noTicketTls12:1; /* TLS 1.2 server won't send ticket */ #ifdef WOLFSSL_TLS13 word16 noTicketTls13:1; /* Server won't create new Ticket */ #endif @@ -3558,6 +3736,9 @@ typedef struct Arrays { byte sessionIDSz; #ifdef WOLFSSL_TLS13 byte secret[SECRET_LEN]; +#endif +#ifdef HAVE_KEYING_MATERIAL + byte exporterSecret[WC_MAX_DIGEST_SIZE]; #endif byte masterSecret[SECRET_LEN]; #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ @@ -3591,12 +3772,17 @@ typedef struct Arrays { #define STACK_TYPE_X509_NAME 9 #define STACK_TYPE_CONF_VALUE 10 #define STACK_TYPE_X509_INFO 11 +#define STACK_TYPE_BY_DIR_entry 12 +#define STACK_TYPE_BY_DIR_hash 13 +#define STACK_TYPE_X509_OBJ 14 struct WOLFSSL_STACK { unsigned long num; /* number of nodes in stack * (safety measure for freeing and shortcut for count) */ #if defined(OPENSSL_ALL) wolf_sk_compare_cb comp; + wolf_sk_hash_cb hash_fn; + unsigned long hash; #endif union { @@ -3608,10 +3794,15 @@ struct WOLFSSL_STACK { WOLFSSL_CIPHER cipher; WOLFSSL_ACCESS_DESCRIPTION* access; WOLFSSL_X509_EXTENSION* ext; +#ifdef OPENSSL_EXTRA WOLFSSL_CONF_VALUE* conf; +#endif void* generic; char* string; WOLFSSL_GENERAL_NAME* gn; + WOLFSSL_BY_DIR_entry* dir_entry; + WOLFSSL_BY_DIR_HASH* dir_hash; + WOLFSSL_X509_OBJECT* x509_obj; } data; void* heap; /* memory heap hint */ WOLFSSL_STACK* next; @@ -3629,7 +3820,7 @@ struct WOLFSSL_X509_NAME { WOLFSSL_X509_NAME_ENTRY entry[MAX_NAME_ENTRIES]; /* all entries i.e. CN */ WOLFSSL_X509* x509; /* x509 that struct belongs to */ #endif /* OPENSSL_EXTRA */ -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) byte raw[ASN_NAME_MAX]; int rawLen; #endif @@ -3662,6 +3853,7 @@ struct WOLFSSL_X509 { #endif /* (WOLFSSL_SEP || WOLFSSL_QT) && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) WOLFSSL_STACK* ext_sk; /* Store X509_EXTENSIONS from wolfSSL_X509_get_ext */ + WOLFSSL_STACK* ext_sk_full; /* Store X509_EXTENSIONS from wolfSSL_X509_get0_extensions */ WOLFSSL_STACK* ext_d2i;/* Store d2i extensions from wolfSSL_X509_get_ext_d2i */ #endif /* WOLFSSL_QT || OPENSSL_ALL */ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) @@ -3688,7 +3880,7 @@ struct WOLFSSL_X509 { char certPolicies[MAX_CERTPOL_NB][MAX_CERTPOL_SZ]; int certPoliciesNb; #endif /* WOLFSSL_CERT_EXT */ -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) +#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_EXTRA) wolfSSL_Mutex refMutex; /* ref count mutex */ int refCount; /* reference count */ #endif @@ -3731,10 +3923,17 @@ struct WOLFSSL_X509 { byte subjAltNameCrit:1; byte authKeyIdSet:1; byte authKeyIdCrit:1; + byte issuerSet:1; #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#ifdef WOLFSSL_CERT_REQ + byte isCSR:1; +#endif byte serial[EXTERNAL_SERIAL_SIZE]; char subjectCN[ASN_NAME_MAX]; /* common name short cut */ #ifdef WOLFSSL_CERT_REQ +#ifdef OPENSSL_ALL + WOLFSSL_X509_ATTRIBUTE* challengePwAttr; +#endif char challengePw[CTC_NAME_SIZE]; /* for REQ certs */ #endif WOLFSSL_X509_NAME issuer; @@ -3743,7 +3942,11 @@ struct WOLFSSL_X509 { WOLFSSL_X509_ALGOR algor; WOLFSSL_X509_PUBKEY key; #endif - byte issuerSet:1; +#if defined(OPENSSL_ALL) || defined(KEEP_OUR_CERT) || defined(KEEP_PEER_CERT) || \ + defined(SESSION_CERTS) + byte notBeforeData[CTC_DATE_SIZE]; + byte notAfterData[CTC_DATE_SIZE]; +#endif }; @@ -3934,6 +4137,12 @@ struct WOLFSSL { #ifdef OPENSSL_EXTRA byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */ #endif +#ifdef WOLFSSL_WOLFSENTRY_HOOKS + NetworkFilterCallback_t AcceptFilter; + void *AcceptFilter_arg; + NetworkFilterCallback_t ConnectFilter; + void *ConnectFilter_arg; +#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ CallbackIORecv CBIORecv; CallbackIOSend CBIOSend; #ifdef WOLFSSL_STATIC_MEMORY @@ -4077,6 +4286,9 @@ struct WOLFSSL { int dtls_timeout_init; /* starting timeout value */ int dtls_timeout_max; /* maximum timeout value */ int dtls_timeout; /* current timeout value, changes */ +#ifndef NO_ASN_TIME + word32 dtls_start_timeout; +#endif /* !NO_ASN_TIME */ word32 dtls_tx_msg_list_sz; word32 dtls_rx_msg_list_sz; DtlsMsg* dtls_tx_msg_list; @@ -4199,27 +4411,27 @@ struct WOLFSSL { #endif #ifdef HAVE_PK_CALLBACKS #ifdef HAVE_ECC - void* EccKeyGenCtx; /* EccKeyGen Callback Context */ - void* EccSignCtx; /* Ecc Sign Callback Context */ - void* EccVerifyCtx; /* Ecc Verify Callback Context */ - void* EccSharedSecretCtx; /* Ecc Pms Callback Context */ - #ifdef HAVE_ED25519 - void* Ed25519SignCtx; /* ED25519 Sign Callback Context */ - void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */ - #endif - #ifdef HAVE_CURVE25519 - void* X25519KeyGenCtx; /* X25519 KeyGen Callback Context */ - void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */ - #endif - #ifdef HAVE_ED448 - void* Ed448SignCtx; /* ED448 Sign Callback Context */ - void* Ed448VerifyCtx; /* ED448 Verify Callback Context */ - #endif - #ifdef HAVE_CURVE448 - void* X448KeyGenCtx; /* X448 KeyGen Callback Context */ - void* X448SharedSecretCtx; /* X448 Pms Callback Context */ - #endif + void* EccKeyGenCtx; /* EccKeyGen Callback Context */ + void* EccSignCtx; /* Ecc Sign Callback Context */ + void* EccVerifyCtx; /* Ecc Verify Callback Context */ + void* EccSharedSecretCtx; /* Ecc Pms Callback Context */ #endif /* HAVE_ECC */ + #ifdef HAVE_ED25519 + void* Ed25519SignCtx; /* ED25519 Sign Callback Context */ + void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */ + #endif + #ifdef HAVE_CURVE25519 + void* X25519KeyGenCtx; /* X25519 KeyGen Callback Context */ + void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */ + #endif + #ifdef HAVE_ED448 + void* Ed448SignCtx; /* ED448 Sign Callback Context */ + void* Ed448VerifyCtx; /* ED448 Verify Callback Context */ + #endif + #ifdef HAVE_CURVE448 + void* X448KeyGenCtx; /* X448 KeyGen Callback Context */ + void* X448SharedSecretCtx; /* X448 Pms Callback Context */ + #endif #ifndef NO_DH void* DhAgreeCtx; /* DH Pms Callback Context */ #endif /* !NO_DH */ @@ -4241,6 +4453,12 @@ struct WOLFSSL { Tls13SecretCb tls13SecretCb; void* tls13SecretCtx; #endif + #ifdef OPENSSL_EXTRA + SessionSecretCb keyLogCb; + #ifdef WOLFSSL_TLS13 + Tls13SecretCb tls13KeyLogCb; + #endif + #endif #endif /* HAVE_SECRET_CALLBACK */ #ifdef WOLFSSL_JNI void* jObjectRef; /* reference to WolfSSLSession in JNI wrapper */ @@ -4248,17 +4466,27 @@ struct WOLFSSL { #ifdef WOLFSSL_EARLY_DATA EarlyDataState earlyData; word32 earlyDataSz; + byte earlyDataStatus; #endif #ifdef OPENSSL_ALL long verifyCallbackResult; #endif -#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) +#if defined(OPENSSL_EXTRA) WOLFSSL_STACK* supportedCiphers; /* Used in wolfSSL_get_ciphers_compat */ WOLFSSL_STACK* peerCertChain; /* Used in wolfSSL_get_peer_cert_chain */ #endif #ifdef WOLFSSL_STATIC_EPHEMERAL StaticKeyExchangeInfo_t staticKE; #endif +#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) + /* Added in libest port: allow applications to get the 'tls-unique' Channel + * Binding Type (https://tools.ietf.org/html/rfc5929#section-3). This is + * used in the EST protocol to bind an enrollment to a TLS session through + * 'proof-of-possession' (https://tools.ietf.org/html/rfc7030#section-3.4 + * and https://tools.ietf.org/html/rfc7030#section-3.5). */ + byte clientFinished[TLS_FINISHED_SZ]; + byte serverFinished[TLS_FINISHED_SZ]; +#endif }; @@ -4418,6 +4646,7 @@ WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side); WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl); WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl); WOLFSSL_LOCAL int IsAtLeastTLSv1_3(const ProtocolVersion pv); +WOLFSSL_LOCAL int TLSv1_3_Capable(WOLFSSL* ssl); WOLFSSL_LOCAL void FreeHandshakeResources(WOLFSSL* ssl); WOLFSSL_LOCAL void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree); @@ -4559,11 +4788,14 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength); WOLFSSL_LOCAL int DtlsUseSCRKeys(WOLFSSL* ssl); WOLFSSL_LOCAL int DtlsCheckOrder(WOLFSSL* ssl, int order); #endif + WOLFSSL_LOCAL int IsSCR(WOLFSSL* ssl); WOLFSSL_LOCAL void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out); #if defined(WOLFSSL_TLS13) && (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)) WOLFSSL_LOCAL word32 TimeNowInMilliseconds(void); + + WOLFSSL_LOCAL int FindSuiteMac(WOLFSSL* ssl, byte* suite); #endif WOLFSSL_LOCAL word32 LowResTimer(void); @@ -4592,10 +4824,12 @@ typedef struct CipherSuiteInfo { #endif byte cipherSuite0; byte cipherSuite; -#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \ + defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX) byte minor; byte major; #endif + byte flags; } CipherSuiteInfo; WOLFSSL_LOCAL const CipherSuiteInfo* GetCipherNames(void); @@ -4617,7 +4851,8 @@ WOLFSSL_LOCAL const char* GetCipherNameIana(const byte cipherSuite0, const byte WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl); WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_iana(WOLFSSL* ssl); WOLFSSL_LOCAL int GetCipherSuiteFromName(const char* name, byte* cipherSuite0, - byte* cipherSuite); + byte* cipherSuite, int* flags); + enum encrypt_side { ENCRYPT_SIDE_ONLY = 1, @@ -4634,17 +4869,27 @@ WOLFSSL_LOCAL int SetDsaExternal(WOLFSSL_DSA* dsa); WOLFSSL_LOCAL int SetRsaExternal(WOLFSSL_RSA* rsa); WOLFSSL_LOCAL int SetRsaInternal(WOLFSSL_RSA* rsa); #endif + +typedef enum elem_set { + ELEMENT_P = 0x01, + ELEMENT_Q = 0x02, + ELEMENT_G = 0x04, + ELEMENT_PUB = 0x08, + ELEMENT_PRV = 0x10, +} Element_Set; +WOLFSSL_LOCAL int SetDhExternal_ex(WOLFSSL_DH *dh, int elm ); WOLFSSL_LOCAL int SetDhInternal(WOLFSSL_DH* dh); WOLFSSL_LOCAL int SetDhExternal(WOLFSSL_DH *dh); -#ifndef NO_DH +#if !defined(NO_DH) && (!defined(NO_CERTS) || !defined(NO_PSK)) WOLFSSL_LOCAL int DhGenKeyPair(WOLFSSL* ssl, DhKey* dhKey, byte* priv, word32* privSz, byte* pub, word32* pubSz); WOLFSSL_LOCAL int DhAgree(WOLFSSL* ssl, DhKey* dhKey, const byte* priv, word32 privSz, const byte* otherPub, word32 otherPubSz, - byte* agree, word32* agreeSz); + byte* agree, word32* agreeSz, + const byte* prime, word32 primeSz); #endif /* !NO_DH */ #ifdef HAVE_ECC @@ -4677,6 +4922,43 @@ WOLFSSL_LOCAL void FreeKey(WOLFSSL* ssl, int type, void** pKey); WOLFSSL_LOCAL int wolfSSL_AsyncPush(WOLFSSL* ssl, WC_ASYNC_DEV* asyncDev); #endif +#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \ + (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \ + !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) +WOLFSSL_LOCAL int LoadCertByIssuer(WOLFSSL_X509_STORE* store, + X509_NAME* issuer, int Type); +#endif +#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) +WOLFSSL_LOCAL WOLFSSL_BY_DIR_HASH* wolfSSL_BY_DIR_HASH_new(void); +WOLFSSL_LOCAL void wolfSSL_BY_DIR_HASH_free(WOLFSSL_BY_DIR_HASH* dir_hash); +WOLFSSL_LOCAL WOLFSSL_STACK* wolfSSL_sk_BY_DIR_HASH_new_null(void); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_HASH_find( + WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH)* sk, const WOLFSSL_BY_DIR_HASH* toFind); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_HASH_num(const WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *sk); +WOLFSSL_LOCAL WOLFSSL_BY_DIR_HASH* wolfSSL_sk_BY_DIR_HASH_value( + const WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *sk, int i); +WOLFSSL_LOCAL WOLFSSL_BY_DIR_HASH* wolfSSL_sk_BY_DIR_HASH_pop( + WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH)* sk); +WOLFSSL_LOCAL void wolfSSL_sk_BY_DIR_HASH_pop_free(WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH)* sk, + void (*f) (WOLFSSL_BY_DIR_HASH*)); +WOLFSSL_LOCAL void wolfSSL_sk_BY_DIR_HASH_free(WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *sk); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_HASH_push(WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH)* sk, + WOLFSSL_BY_DIR_HASH* in); +/* WOLFSSL_BY_DIR_entry stuff */ +WOLFSSL_LOCAL WOLFSSL_BY_DIR_entry* wolfSSL_BY_DIR_entry_new(void); +WOLFSSL_LOCAL void wolfSSL_BY_DIR_entry_free(WOLFSSL_BY_DIR_entry* entry); +WOLFSSL_LOCAL WOLFSSL_STACK* wolfSSL_sk_BY_DIR_entry_new_null(void); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_entry_num(const WOLF_STACK_OF(WOLFSSL_BY_DIR_entry) *sk); +WOLFSSL_LOCAL WOLFSSL_BY_DIR_entry* wolfSSL_sk_BY_DIR_entry_value( + const WOLF_STACK_OF(WOLFSSL_BY_DIR_entry) *sk, int i); +WOLFSSL_LOCAL WOLFSSL_BY_DIR_entry* wolfSSL_sk_BY_DIR_entry_pop( + WOLF_STACK_OF(WOLFSSL_BY_DIR_entry)* sk); +WOLFSSL_LOCAL void wolfSSL_sk_BY_DIR_entry_pop_free(WOLF_STACK_OF(wolfSSL_BY_DIR_entry)* sk, + void (*f) (WOLFSSL_BY_DIR_entry*)); +WOLFSSL_LOCAL void wolfSSL_sk_BY_DIR_entry_free(WOLF_STACK_OF(wolfSSL_BY_DIR_entry) *sk); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_entry_push(WOLF_STACK_OF(wolfSSL_BY_DIR_entry)* sk, + WOLFSSL_BY_DIR_entry* in); +#endif /* OPENSSL_ALL && !NO_FILESYSTEM && !NO_WOLFSSL_DIR */ #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libwolfssl/libwolfssl.a b/source/libwolfssl/libwolfssl.a index e98409f4..2aac649d 100644 Binary files a/source/libwolfssl/libwolfssl.a and b/source/libwolfssl/libwolfssl.a differ diff --git a/source/libwolfssl/ocsp.h b/source/libwolfssl/ocsp.h index e5c3a12f..8a8dcc53 100644 --- a/source/libwolfssl/ocsp.h +++ b/source/libwolfssl/ocsp.h @@ -1,6 +1,6 @@ /* ocsp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -28,8 +28,8 @@ #ifdef HAVE_OCSP -#include -#include +#include +#include #ifdef __cplusplus extern "C" { @@ -38,10 +38,12 @@ typedef struct WOLFSSL_OCSP WOLFSSL_OCSP; #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\ - defined(WOLFSSL_HAPROXY) + defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) typedef struct OcspResponse WOLFSSL_OCSP_BASICRESP; -typedef struct OcspRequest WOLFSSL_OCSP_CERTID; +typedef struct OcspEntry WOLFSSL_OCSP_CERTID; + +typedef struct OcspEntry WOLFSSL_OCSP_SINGLERESP; typedef struct OcspRequest WOLFSSL_OCSP_ONEREQ; @@ -62,7 +64,7 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp OcspEntry *entry, OcspRequest *ocspRequest); #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ - defined(WOLFSSL_APACHE_HTTPD) + defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY) WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, WOLFSSL_OCSP_CERTID *id, int *status, int *reason, @@ -82,8 +84,10 @@ WOLFSSL_API int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs, WOLF_STACK_OF(WOLFSSL_X509) *certs, WOLFSSL_X509_STORE *st, unsigned long flags); WOLFSSL_API void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response); +#ifndef NO_BIO WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio, OcspResponse** response); +#endif WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response, const unsigned char** data, int len); WOLFSSL_API int wolfSSL_i2d_OCSP_RESPONSE(OcspResponse* response, @@ -100,8 +104,21 @@ WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request, WOLFSSL_API WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req, WOLFSSL_OCSP_CERTID *cid); WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID*); +#ifndef NO_BIO WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out, WOLFSSL_OCSP_REQUEST *req); +#endif + +WOLFSSL_API int wolfSSL_i2d_OCSP_CERTID(WOLFSSL_OCSP_CERTID *, unsigned char **); +WOLFSSL_API const WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_SINGLERESP_get0_id(const WOLFSSL_OCSP_SINGLERESP *single); +WOLFSSL_API int wolfSSL_OCSP_id_cmp(WOLFSSL_OCSP_CERTID *a, WOLFSSL_OCSP_CERTID *b); +WOLFSSL_API int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single, + int *reason, + WOLFSSL_ASN1_TIME **revtime, + WOLFSSL_ASN1_TIME **thisupd, + WOLFSSL_ASN1_TIME **nextupd); +WOLFSSL_API int wolfSSL_OCSP_resp_count(WOLFSSL_OCSP_BASICRESP *bs); +WOLFSSL_API WOLFSSL_OCSP_SINGLERESP* wolfSSL_OCSP_resp_get0(WOLFSSL_OCSP_BASICRESP *bs, int idx); #endif #ifdef OPENSSL_EXTRA diff --git a/source/libwolfssl/openssl/aes.h b/source/libwolfssl/openssl/aes.h index 283aa9a5..afd6fcec 100644 --- a/source/libwolfssl/openssl/aes.h +++ b/source/libwolfssl/openssl/aes.h @@ -1,6 +1,6 @@ /* aes.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -29,10 +29,10 @@ #ifndef WOLFSSL_AES_H_ #define WOLFSSL_AES_H_ -#include +#include #ifndef NO_AES -#include /* for size_t */ +#include /* for size_t */ #ifdef __cplusplus extern "C" { @@ -42,26 +42,7 @@ * OpenSSL compatibility layer. This makes code working with an AES structure * to need the size of the structure. */ typedef struct WOLFSSL_AES_KEY { - /* aligned and big enough for Aes from wolfssl/wolfcrypt/aes.h */ - ALIGN16 void* holder[(376 + WC_ASYNC_DEV_SIZE)/ sizeof(void*)]; - #ifdef GCM_TABLE - /* key-based fast multiplication table. */ - ALIGN16 void* M0[4096 / sizeof(void*)]; - #endif /* GCM_TABLE */ - #if defined(WOLFSSL_DEVCRYPTO) && \ - (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)) - /* large enough for additional devcrypto information */ - void* devKey[288 / sizeof(void*)]; - #endif - #ifdef WOLFSSL_AFALG - void* afalg_holder[288 / sizeof(void*)]; - #endif - #ifdef HAVE_PKCS11 - void* pkcs11_holder[(AES_MAX_ID_LEN + sizeof(int)) / sizeof(void*)]; - #endif - #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB) - void* async_holder[128 / sizeof(void*)]; - #endif + ALIGN16 void *buf[(sizeof(Aes) / sizeof(void *)) + 1]; } WOLFSSL_AES_KEY; typedef WOLFSSL_AES_KEY AES_KEY; @@ -78,12 +59,20 @@ WOLFSSL_API void wolfSSL_AES_ecb_encrypt WOLFSSL_API void wolfSSL_AES_cfb128_encrypt (const unsigned char *in, unsigned char* out, size_t len, AES_KEY *key, unsigned char* iv, int* num, const int enc); +WOLFSSL_API int wolfSSL_AES_wrap_key(AES_KEY *key, const unsigned char *iv, + unsigned char *out, + const unsigned char *in, unsigned int inlen); +WOLFSSL_API int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv, + unsigned char *out, + const unsigned char *in, unsigned int inlen); #define AES_cbc_encrypt wolfSSL_AES_cbc_encrypt #define AES_ecb_encrypt wolfSSL_AES_ecb_encrypt #define AES_cfb128_encrypt wolfSSL_AES_cfb128_encrypt #define AES_set_encrypt_key wolfSSL_AES_set_encrypt_key #define AES_set_decrypt_key wolfSSL_AES_set_decrypt_key +#define AES_wrap_key wolfSSL_AES_wrap_key +#define AES_unwrap_key wolfSSL_AES_unwrap_key #ifdef WOLFSSL_AES_DIRECT WOLFSSL_API void wolfSSL_AES_encrypt diff --git a/source/libwolfssl/openssl/asn1.h b/source/libwolfssl/openssl/asn1.h index 37a0e9e5..14efe494 100644 --- a/source/libwolfssl/openssl/asn1.h +++ b/source/libwolfssl/openssl/asn1.h @@ -1,6 +1,6 @@ /* asn1.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,7 +24,7 @@ #ifndef WOLFSSL_ASN1_H_ #define WOLFSSL_ASN1_H_ -#include +#include #define ASN1_STRING_new wolfSSL_ASN1_STRING_new #define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new @@ -32,6 +32,10 @@ #define ASN1_STRING_set wolfSSL_ASN1_STRING_set #define ASN1_STRING_free wolfSSL_ASN1_STRING_free +#define ASN1_get_object wolfSSL_ASN1_get_object +#define d2i_ASN1_OBJECT wolfSSL_d2i_ASN1_OBJECT +#define c2i_ASN1_OBJECT wolfSSL_c2i_ASN1_OBJECT + #define V_ASN1_INTEGER 0x02 #define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */ #define V_ASN1_NEG 0x100 @@ -66,10 +70,21 @@ #define ASN1_TIME_diff wolfSSL_ASN1_TIME_diff #define ASN1_TIME_set wolfSSL_ASN1_TIME_set +#define V_ASN1_EOC 0 #define V_ASN1_OBJECT 6 +#define V_ASN1_UTF8STRING 12 +#define V_ASN1_SEQUENCE 16 +#define V_ASN1_SET 17 +#define V_ASN1_PRINTABLESTRING 19 +#define V_ASN1_T61STRING 20 +#define V_ASN1_IA5STRING 22 #define V_ASN1_UTCTIME 23 #define V_ASN1_GENERALIZEDTIME 24 -#define V_ASN1_PRINTABLESTRING 19 +#define V_ASN1_UNIVERSALSTRING 28 +#define V_ASN1_BMPSTRING 30 + + +#define V_ASN1_CONSTRUCTED 0x20 #define ASN1_STRING_FLAG_BITS_LEFT 0x008 #define ASN1_STRING_FLAG_NDEF 0x010 @@ -83,6 +98,12 @@ WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER( WOLFSSL_API void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value); +WOLFSSL_API int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag, + int *cls, long inLen); + +WOLFSSL_API WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a, + const unsigned char **pp, long len); + #ifdef OPENSSL_ALL /* IMPLEMENT_ASN1_FUNCTIONS is strictly for external use only. Internally * we don't use this. Some projects use OpenSSL to implement ASN1 types and diff --git a/source/libwolfssl/openssl/asn1t.h b/source/libwolfssl/openssl/asn1t.h index 006b0329..feafbf09 100644 --- a/source/libwolfssl/openssl/asn1t.h +++ b/source/libwolfssl/openssl/asn1t.h @@ -1,6 +1,6 @@ /* asn1t.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,7 +24,7 @@ #ifndef WOLFSSL_ASN1T_H_ #define WOLFSSL_ASN1T_H_ -#include -#include +#include +#include #endif /* WOLFSSL_ASN1T_H_ */ diff --git a/source/libwolfssl/openssl/bio.h b/source/libwolfssl/openssl/bio.h index cab7ec57..7f9b049a 100644 --- a/source/libwolfssl/openssl/bio.h +++ b/source/libwolfssl/openssl/bio.h @@ -1,6 +1,6 @@ /* bio.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,7 +25,7 @@ #ifndef WOLFSSL_BIO_H_ #define WOLFSSL_BIO_H_ -#include +#include #ifdef __cplusplus @@ -40,7 +40,14 @@ #define BIO_FLAGS_SHOULD_RETRY WOLFSSL_BIO_FLAG_RETRY #define BIO_new_fp wolfSSL_BIO_new_fp +#if defined(OPENSSL_ALL) \ + || defined(HAVE_STUNNEL) \ + || defined(HAVE_LIGHTY) \ + || defined(WOLFSSL_MYSQL_COMPATIBLE) \ + || defined(WOLFSSL_HAPROXY) \ + || defined(OPENSSL_EXTRA) #define BIO_new_file wolfSSL_BIO_new_file +#endif #define BIO_new_fp wolfSSL_BIO_new_fp #define BIO_ctrl wolfSSL_BIO_ctrl #define BIO_ctrl_pending wolfSSL_BIO_ctrl_pending @@ -57,9 +64,11 @@ #define BIO_set_write_buf_size wolfSSL_BIO_set_write_buf_size #define BIO_make_bio_pair wolfSSL_BIO_make_bio_pair +#define BIO_new_fd wolfSSL_BIO_new_fd #define BIO_set_fp wolfSSL_BIO_set_fp #define BIO_get_fp wolfSSL_BIO_get_fp #define BIO_seek wolfSSL_BIO_seek +#define BIO_tell wolfSSL_BIO_tell #define BIO_write_filename wolfSSL_BIO_write_filename #define BIO_set_mem_eof_return wolfSSL_BIO_set_mem_eof_return @@ -123,6 +132,7 @@ #define BIO_meth_set_create wolfSSL_BIO_meth_set_create #define BIO_meth_set_destroy wolfSSL_BIO_meth_set_destroy +#define BIO_snprintf XSNPRINTF /* BIO CTRL */ #define BIO_CTRL_RESET 1 @@ -149,6 +159,7 @@ #define BIO_CTRL_DGRAM_QUERY_MTU 40 +#define BIO_FP_TEXT 0x00 #define BIO_NOCLOSE 0x00 #define BIO_CLOSE 0x01 diff --git a/source/libwolfssl/openssl/bn.h b/source/libwolfssl/openssl/bn.h index fdfb4c98..474001d8 100644 --- a/source/libwolfssl/openssl/bn.h +++ b/source/libwolfssl/openssl/bn.h @@ -1,6 +1,6 @@ /* bn.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -30,8 +30,8 @@ #ifndef WOLFSSL_BN_H_ #define WOLFSSL_BN_H_ -#include -#include +#include +#include #ifdef __cplusplus extern "C" { @@ -40,7 +40,7 @@ typedef struct WOLFSSL_BIGNUM { int neg; /* openssh deference */ void *internal; /* our big num */ -#ifdef WOLFSSL_SP_MATH +#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL) sp_int fp; #elif defined(USE_FAST_MATH) && !defined(HAVE_WOLF_BIGINT) fp_int fp; @@ -49,7 +49,7 @@ typedef struct WOLFSSL_BIGNUM { #define BN_ULONG WOLFSSL_BN_ULONG -#define WOLFSSL_BN_ULONG mp_digit +#define WOLFSSL_BN_ULONG unsigned long typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX; typedef struct WOLFSSL_BN_GENCB WOLFSSL_BN_GENCB; @@ -113,7 +113,7 @@ WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG); WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM*, int); WOLFSSL_API int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM*, int); WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG); -WOLFSSL_API unsigned long wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*); +WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*); WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*); diff --git a/source/libwolfssl/openssl/buffer.h b/source/libwolfssl/openssl/buffer.h index d74e31ed..f090d19f 100644 --- a/source/libwolfssl/openssl/buffer.h +++ b/source/libwolfssl/openssl/buffer.h @@ -1,6 +1,6 @@ /* buffer.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,8 +23,8 @@ #ifndef WOLFSSL_BUFFER_H_ #define WOLFSSL_BUFFER_H_ -#include -#include +#include +#include #ifdef __cplusplus extern "C" { @@ -34,12 +34,18 @@ WOLFSSL_API WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void); WOLFSSL_API int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len); WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf); +WOLFSSL_API size_t wolfSSL_strlcpy(char *dst, const char *src, size_t dstSize); +WOLFSSL_API size_t wolfSSL_strlcat(char *dst, const char *src, size_t dstSize); #define BUF_MEM_new wolfSSL_BUF_MEM_new #define BUF_MEM_grow wolfSSL_BUF_MEM_grow #define BUF_MEM_free wolfSSL_BUF_MEM_free +#define BUF_strdup strdup +#define BUF_strlcpy wolfSSL_strlcpy +#define BUF_strlcat wolfSSL_strlcat + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libwolfssl/openssl/conf.h b/source/libwolfssl/openssl/conf.h index 373239ff..246fccca 100644 --- a/source/libwolfssl/openssl/conf.h +++ b/source/libwolfssl/openssl/conf.h @@ -1,6 +1,6 @@ /* conf.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -28,18 +28,83 @@ extern "C" { #endif -struct WOLFSSL_CONF_VALUE { +#include +#include + +typedef struct WOLFSSL_CONF_VALUE { char *section; char *name; char *value; -}; +} WOLFSSL_CONF_VALUE; -struct WOLFSSL_INIT_SETTINGS { - char* appname; -}; +/* ssl.h requires WOLFSSL_CONF_VALUE */ +#include -typedef struct WOLFSSL_CONF_VALUE CONF_VALUE; -typedef struct WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS; +typedef struct WOLFSSL_CONF { + void *meth_data; + WOLF_LHASH_OF(WOLFSSL_CONF_VALUE) *data; +} WOLFSSL_CONF; + +typedef WOLFSSL_CONF CONF; +typedef WOLFSSL_CONF_VALUE CONF_VALUE; + +#ifdef OPENSSL_EXTRA + +WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new(void); +WOLFSSL_API int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf, + WOLFSSL_CONF_VALUE *section, WOLFSSL_CONF_VALUE *value); +WOLFSSL_API void wolfSSL_X509V3_conf_free(WOLFSSL_CONF_VALUE *val); + +WOLFSSL_API WOLFSSL_CONF *wolfSSL_NCONF_new(void *meth); +WOLFSSL_API char *wolfSSL_NCONF_get_string(const WOLFSSL_CONF *conf, + const char *group, const char *name); +WOLFSSL_API int wolfSSL_NCONF_get_number(const CONF *conf, const char *group, + const char *name, long *result); +WOLFSSL_API WOLFSSL_STACK *wolfSSL_NCONF_get_section( + const WOLFSSL_CONF *conf, const char *section); +WOLFSSL_API int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline); +WOLFSSL_API void wolfSSL_NCONF_free(WOLFSSL_CONF *conf); + +WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve( + WOLF_LHASH_OF(WOLFSSL_CONF_VALUE) *sk, WOLFSSL_CONF_VALUE *data); + +WOLFSSL_API int wolfSSL_CONF_modules_load(const WOLFSSL_CONF *cnf, const char *appname, + unsigned long flags); +WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_new_section(WOLFSSL_CONF *conf, + const char *section); +WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_get_section(WOLFSSL_CONF *conf, + const char *section); + +WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_nconf_nid(WOLFSSL_CONF* conf, + WOLFSSL_X509V3_CTX *ctx, int nid, const char *value); +WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_nconf(WOLFSSL_CONF *conf, + WOLFSSL_X509V3_CTX *ctx, const char *sName, const char *value); + +#define sk_CONF_VALUE_new wolfSSL_sk_CONF_VALUE_new +#define sk_CONF_VALUE_free wolfSSL_sk_CONF_VALUE_free +#define sk_CONF_VALUE_pop_free(a,b) wolfSSL_sk_CONF_VALUE_free(a) +#define sk_CONF_VALUE_num wolfSSL_sk_CONF_VALUE_num +#define sk_CONF_VALUE_value wolfSSL_sk_CONF_VALUE_value + +#define lh_CONF_VALUE_retrieve wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve +#define lh_CONF_VALUE_insert wolfSSL_sk_CONF_VALUE_push + +#define NCONF_new wolfSSL_NCONF_new +#define NCONF_free wolfSSL_NCONF_free +#define NCONF_get_string wolfSSL_NCONF_get_string +#define NCONF_get_section wolfSSL_NCONF_get_section +#define NCONF_get_number wolfSSL_NCONF_get_number +#define NCONF_load wolfSSL_NCONF_load + +#define CONF_modules_load wolfSSL_CONF_modules_load +#define _CONF_new_section wolfSSL_CONF_new_section +#define _CONF_get_section wolfSSL_CONF_get_section + +#define X509V3_EXT_nconf_nid wolfSSL_X509V3_EXT_nconf_nid +#define X509V3_EXT_nconf wolfSSL_X509V3_EXT_nconf +#define X509V3_conf_free wolfSSL_X509V3_conf_free + +#endif /* OPENSSL_EXTRA */ #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libwolfssl/openssl/crypto.h b/source/libwolfssl/openssl/crypto.h index 8c27b594..9b804b43 100644 --- a/source/libwolfssl/openssl/crypto.h +++ b/source/libwolfssl/openssl/crypto.h @@ -1,6 +1,6 @@ /* crypto.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,15 +24,29 @@ #ifndef WOLFSSL_CRYPTO_H_ #define WOLFSSL_CRYPTO_H_ -#include +#include -#include +typedef struct WOLFSSL_INIT_SETTINGS { + char* appname; +} WOLFSSL_INIT_SETTINGS; +typedef WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS; + +typedef struct WOLFSSL_CRYPTO_THREADID { + int dummy; +} WOLFSSL_CRYPTO_THREADID; +typedef struct crypto_threadid_st CRYPTO_THREADID; + +typedef struct CRYPTO_EX_DATA CRYPTO_EX_DATA; +typedef void (CRYPTO_free_func)(void* parent, void* ptr, CRYPTO_EX_DATA* ad, int idx, + long argl, void* argp); + +#include +#include #ifdef WOLFSSL_PREFIX #include "prefix_crypto.h" #endif - WOLFSSL_API const char* wolfSSLeay_version(int type); WOLFSSL_API unsigned long wolfSSLeay(void); WOLFSSL_API unsigned long wolfSSL_OpenSSL_version_num(void); @@ -40,9 +54,14 @@ WOLFSSL_API unsigned long wolfSSL_OpenSSL_version_num(void); #ifdef OPENSSL_EXTRA WOLFSSL_API void wolfSSL_OPENSSL_free(void*); WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a); +WOLFSSL_API int wolfSSL_OPENSSL_hexchar2int(unsigned char c); +WOLFSSL_API unsigned char *wolfSSL_OPENSSL_hexstr2buf(const char *str, long *len); + +WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETTINGS *settings); #endif -#define CRYPTO_THREADID void +#define crypto_threadid_st WOLFSSL_CRYPTO_THREADID +#define CRYPTO_THREADID WOLFSSL_CRYPTO_THREADID #define SSLeay_version wolfSSLeay_version #define SSLeay wolfSSLeay @@ -61,23 +80,35 @@ WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a); #define OPENSSL_free wolfSSL_OPENSSL_free #define OPENSSL_malloc wolfSSL_OPENSSL_malloc +#define OPENSSL_hexchar2int wolfSSL_OPENSSL_hexchar2int +#define OPENSSL_hexstr2buf wolfSSL_OPENSSL_hexstr2buf -#ifdef WOLFSSL_QT - #define OPENSSL_INIT_ADD_ALL_CIPHERS 0x00000004L - #define OPENSSL_INIT_ADD_ALL_DIGESTS 0x00000008L - #define OPENSSL_INIT_LOAD_CONFIG 0x00000040L +#define OPENSSL_INIT_ENGINE_ALL_BUILTIN 0x00000001L +#define OPENSSL_INIT_ADD_ALL_CIPHERS 0x00000004L +#define OPENSSL_INIT_ADD_ALL_DIGESTS 0x00000008L +#define OPENSSL_INIT_LOAD_CONFIG 0x00000040L + +#define OPENSSL_init_crypto wolfSSL_OPENSSL_init_crypto + +#ifdef WOLFSSL_OPENVPN +# define OPENSSL_assert(e) \ + if (!(e)) { \ + fprintf(stderr, "%s:%d wolfSSL internal error: assertion failed: " #e, \ + __FILE__, __LINE__); \ + raise(SIGABRT); \ + _exit(3); \ + } #endif #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ - defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) + defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_EX_DATA) #define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions #define FIPS_mode wolfSSL_FIPS_mode #define FIPS_mode_set wolfSSL_FIPS_mode_set -typedef struct CRYPTO_EX_DATA CRYPTO_EX_DATA; -typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int idx, - long argl, void* argp); #define CRYPTO_THREADID_set_callback wolfSSL_THREADID_set_callback #define CRYPTO_THREADID_set_numeric wolfSSL_THREADID_set_numeric +#define CRYPTO_THREADID_current wolfSSL_THREADID_current +#define CRYPTO_THREADID_hash wolfSSL_THREADID_hash #define CRYPTO_r_lock wc_LockMutex_ex #define CRYPTO_unlock wc_LockMutex_ex @@ -86,6 +117,13 @@ typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int i #define CRYPTO_THREAD_r_lock wc_LockMutex #define CRYPTO_THREAD_unlock wc_UnLockMutex -#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ +#define CRYPTO_THREAD_lock_new wc_InitAndAllocMutex +#define CRYPTO_THREAD_read_lock wc_LockMutex +#define CRYPTO_THREAD_write_lock wc_LockMutex +#define CRYPTO_THREAD_lock_free wc_FreeMutex + +#define CRYPTO_set_ex_data wolfSSL_CRYPTO_set_ex_data + +#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_EX_DATA */ #endif /* header */ diff --git a/source/libwolfssl/openssl/des.h b/source/libwolfssl/openssl/des.h index 4e5953dc..a6bf3d7f 100644 --- a/source/libwolfssl/openssl/des.h +++ b/source/libwolfssl/openssl/des.h @@ -1,6 +1,6 @@ /* des.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -29,7 +29,7 @@ #ifndef WOLFSSL_DES_H_ #define WOLFSSL_DES_H_ -#include +#include #ifndef NO_DES3 diff --git a/source/libwolfssl/openssl/dh.h b/source/libwolfssl/openssl/dh.h index 5483bd2c..a18e78c1 100644 --- a/source/libwolfssl/openssl/dh.h +++ b/source/libwolfssl/openssl/dh.h @@ -1,6 +1,6 @@ /* dh.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,7 +25,8 @@ #ifndef WOLFSSL_DH_H_ #define WOLFSSL_DH_H_ -#include +#include +#include #ifdef __cplusplus extern "C" { @@ -58,16 +59,17 @@ WOLFSSL_API WOLFSSL_DH *wolfSSL_d2i_DHparams(WOLFSSL_DH **dh, WOLFSSL_API int wolfSSL_i2d_DHparams(const WOLFSSL_DH *dh, unsigned char **out); WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new(void); WOLFSSL_API void wolfSSL_DH_free(WOLFSSL_DH*); +WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_dup(WOLFSSL_DH* dh); WOLFSSL_API int wolfSSL_DH_check(const WOLFSSL_DH *dh, int *codes); WOLFSSL_API int wolfSSL_DH_size(WOLFSSL_DH*); WOLFSSL_API int wolfSSL_DH_generate_key(WOLFSSL_DH*); -WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, WOLFSSL_BIGNUM* pub, +WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* pub, WOLFSSL_DH*); WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*); - + #define DH_new wolfSSL_DH_new #define DH_free wolfSSL_DH_free @@ -78,9 +80,10 @@ WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*, #define DH_size wolfSSL_DH_size #define DH_generate_key wolfSSL_DH_generate_key #define DH_compute_key wolfSSL_DH_compute_key -#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L #define DH_set0_pqg wolfSSL_DH_set0_pqg -#endif +#define DH_get0_pqg wolfSSL_DH_get0_pqg +#define DH_get0_key wolfSSL_DH_get0_key +#define DH_set0_key wolfSSL_DH_set0_key #define DH_bits(x) (BN_num_bits(x->p)) #define DH_GENERATOR_2 2 diff --git a/source/libwolfssl/openssl/dsa.h b/source/libwolfssl/openssl/dsa.h index 7b7e667e..e34943aa 100644 --- a/source/libwolfssl/openssl/dsa.h +++ b/source/libwolfssl/openssl/dsa.h @@ -1,6 +1,6 @@ /* dsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,7 +25,7 @@ #ifndef WOLFSSL_DSA_H_ #define WOLFSSL_DSA_H_ -#include +#include #ifdef __cplusplus extern "C" { @@ -68,6 +68,17 @@ WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits, unsigned char* seed, int seedLen, int* counterRet, unsigned long* hRet, void* cb); +WOLFSSL_API void wolfSSL_DSA_get0_pqg(const WOLFSSL_DSA *d, const WOLFSSL_BIGNUM **p, + const WOLFSSL_BIGNUM **q, const WOLFSSL_BIGNUM **g); +WOLFSSL_API int wolfSSL_DSA_set0_pqg(WOLFSSL_DSA *d, WOLFSSL_BIGNUM *p, + WOLFSSL_BIGNUM *q, WOLFSSL_BIGNUM *g); + +WOLFSSL_API void wolfSSL_DSA_get0_key(const WOLFSSL_DSA *d, + const WOLFSSL_BIGNUM **pub_key, const WOLFSSL_BIGNUM **priv_key); +WOLFSSL_API int wolfSSL_DSA_set0_key(WOLFSSL_DSA *d, WOLFSSL_BIGNUM *pub_key, + WOLFSSL_BIGNUM *priv_key); + + WOLFSSL_API int wolfSSL_DSA_LoadDer(WOLFSSL_DSA*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_DSA_LoadDer_ex(WOLFSSL_DSA*, const unsigned char*, @@ -84,8 +95,17 @@ WOLFSSL_API int wolfSSL_DSA_bits(const WOLFSSL_DSA *d); WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_SIG_new(void); WOLFSSL_API void wolfSSL_DSA_SIG_free(WOLFSSL_DSA_SIG *sig); + +WOLFSSL_API void wolfSSL_DSA_SIG_get0(const WOLFSSL_DSA_SIG *sig, + const WOLFSSL_BIGNUM **r, const WOLFSSL_BIGNUM **s); +WOLFSSL_API int wolfSSL_DSA_SIG_set0(WOLFSSL_DSA_SIG *sig, WOLFSSL_BIGNUM *r, + WOLFSSL_BIGNUM *s); + +WOLFSSL_API int wolfSSL_i2d_DSA_SIG(const WOLFSSL_DSA_SIG *sig, byte **out); +WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_d2i_DSA_SIG(WOLFSSL_DSA_SIG **sig, + const unsigned char **pp, long length); WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_do_sign_ex(const unsigned char* digest, - int outLen, WOLFSSL_DSA* dsa); + int inLen, WOLFSSL_DSA* dsa); WOLFSSL_API int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest_len, WOLFSSL_DSA_SIG* sig, WOLFSSL_DSA* dsa); @@ -99,9 +119,17 @@ WOLFSSL_API int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest #define DSA_generate_key wolfSSL_DSA_generate_key #define DSA_generate_parameters wolfSSL_DSA_generate_parameters #define DSA_generate_parameters_ex wolfSSL_DSA_generate_parameters_ex +#define DSA_get0_pqg wolfSSL_DSA_get0_pqg +#define DSA_set0_pqg wolfSSL_DSA_set0_pqg +#define DSA_get0_key wolfSSL_DSA_get0_key +#define DSA_set0_key wolfSSL_DSA_set0_key #define DSA_SIG_new wolfSSL_DSA_SIG_new #define DSA_SIG_free wolfSSL_DSA_SIG_free +#define DSA_SIG_get0 wolfSSL_DSA_SIG_get0 +#define DSA_SIG_set0 wolfSSL_DSA_SIG_set0 +#define i2d_DSA_SIG wolfSSL_i2d_DSA_SIG +#define d2i_DSA_SIG wolfSSL_d2i_DSA_SIG #define DSA_do_sign wolfSSL_DSA_do_sign_ex #define DSA_do_verify wolfSSL_DSA_do_verify_ex diff --git a/source/libwolfssl/openssl/ec.h b/source/libwolfssl/openssl/ec.h index 8e58905f..77019dcc 100644 --- a/source/libwolfssl/openssl/ec.h +++ b/source/libwolfssl/openssl/ec.h @@ -1,6 +1,6 @@ /* ec.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,8 +24,9 @@ #ifndef WOLFSSL_EC_H_ #define WOLFSSL_EC_H_ -#include -#include +#include +#include +#include #ifdef __cplusplus extern "C" { @@ -68,6 +69,13 @@ enum { NID_brainpoolP512r1 = 933, #endif +#ifdef HAVE_ED448 + NID_ED448 = ED448k, +#endif +#ifdef HAVE_ED25519 + NID_ED25519 = ED25519k, +#endif + OPENSSL_EC_NAMED_CURVE = 0x001 }; @@ -109,10 +117,13 @@ struct WOLFSSL_EC_KEY { WOLFSSL_BIGNUM *priv_key; void* internal; /* our ECC Key */ - char inSet; /* internal set from external ? */ - char exSet; /* external set from internal ? */ char form; /* Either POINT_CONVERSION_UNCOMPRESSED or * POINT_CONVERSION_COMPRESSED */ + word16 pkcs8HeaderSz; + + /* option bits */ + byte inSet:1; /* internal set from external ? */ + byte exSet:1; /* external set from internal ? */ }; struct WOLFSSL_EC_BUILTIN_CURVE { @@ -146,6 +157,9 @@ int wolfSSL_EC_POINT_oct2point(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *p, const unsigned char *buf, size_t len, WOLFSSL_BN_CTX *ctx); WOLFSSL_API +WOLFSSL_EC_KEY *wolfSSL_o2i_ECPublicKey(WOLFSSL_EC_KEY **a, const unsigned char **in, + long len); +WOLFSSL_API int wolfSSL_i2o_ECPublicKey(const WOLFSSL_EC_KEY *in, unsigned char **out); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_d2i_ECPrivateKey(WOLFSSL_EC_KEY **key, const unsigned char **in, @@ -184,6 +198,7 @@ WOLFSSL_BIGNUM *wolfSSL_EC_KEY_get0_private_key(const WOLFSSL_EC_KEY *key); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_by_curve_name(int nid); WOLFSSL_API const char* wolfSSL_EC_curve_nid2nist(int nid); +WOLFSSL_API int wolfSSL_EC_curve_nist2nid(const char* name); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void); WOLFSSL_API @@ -195,6 +210,7 @@ void wolfSSL_EC_KEY_set_asn1_flag(WOLFSSL_EC_KEY *key, int asn1_flag); WOLFSSL_API int wolfSSL_EC_KEY_set_public_key(WOLFSSL_EC_KEY *key, const WOLFSSL_EC_POINT *pub); +WOLFSSL_API int wolfSSL_EC_KEY_check_key(const WOLFSSL_EC_KEY *key); WOLFSSL_API int wolfSSL_ECDSA_size(const WOLFSSL_EC_KEY *key); WOLFSSL_API int wolfSSL_ECDSA_sign(int type, const unsigned char *digest, int digestSz, unsigned char *sig, @@ -287,6 +303,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, #define EC_KEY_generate_key wolfSSL_EC_KEY_generate_key #define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag #define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key +#define EC_KEY_check_key wolfSSL_EC_KEY_check_key #define ECDSA_size wolfSSL_ECDSA_size #define ECDSA_sign wolfSSL_ECDSA_sign @@ -301,6 +318,9 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, #define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order #define EC_GROUP_order_bits wolfSSL_EC_GROUP_order_bits #define EC_GROUP_method_of wolfSSL_EC_GROUP_method_of +#ifndef NO_WOLFSSL_STUB +#define EC_GROUP_set_point_conversion_form(...) +#endif #define EC_METHOD_get_field_type wolfSSL_EC_METHOD_get_field_type @@ -326,6 +346,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, #define EC_POINT_oct2point wolfSSL_EC_POINT_oct2point #define EC_POINT_point2bn wolfSSL_EC_POINT_point2bn #define EC_POINT_is_on_curve wolfSSL_EC_POINT_is_on_curve +#define o2i_ECPublicKey wolfSSL_o2i_ECPublicKey #define i2o_ECPublicKey wolfSSL_i2o_ECPublicKey #define i2d_EC_PUBKEY wolfSSL_i2o_ECPublicKey #define d2i_ECPrivateKey wolfSSL_d2i_ECPrivateKey @@ -340,6 +361,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, #define EC_get_builtin_curves wolfSSL_EC_get_builtin_curves #define EC_curve_nid2nist wolfSSL_EC_curve_nid2nist +#define EC_curve_nist2nid wolfSSL_EC_curve_nist2nid #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libwolfssl/openssl/ec25519.h b/source/libwolfssl/openssl/ec25519.h index 180eb8e8..f9cf3c9f 100644 --- a/source/libwolfssl/openssl/ec25519.h +++ b/source/libwolfssl/openssl/ec25519.h @@ -1,6 +1,6 @@ /* ec25519.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/openssl/ec448.h b/source/libwolfssl/openssl/ec448.h index fb3b9005..3f0b1b7b 100644 --- a/source/libwolfssl/openssl/ec448.h +++ b/source/libwolfssl/openssl/ec448.h @@ -1,6 +1,6 @@ /* ec448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/openssl/ecdh.h b/source/libwolfssl/openssl/ecdh.h index 2652fcc1..b40f99c7 100644 --- a/source/libwolfssl/openssl/ecdh.h +++ b/source/libwolfssl/openssl/ecdh.h @@ -1,6 +1,6 @@ /* ecdh.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,8 +24,8 @@ #ifndef WOLFSSL_ECDH_H_ #define WOLFSSL_ECDH_H_ -#include -#include +#include +#include #ifdef __cplusplus extern "C" { diff --git a/source/libwolfssl/openssl/ecdsa.h b/source/libwolfssl/openssl/ecdsa.h index 8ed51b4c..a1383940 100644 --- a/source/libwolfssl/openssl/ecdsa.h +++ b/source/libwolfssl/openssl/ecdsa.h @@ -1,6 +1,6 @@ /* ecdsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,8 +24,8 @@ #ifndef WOLFSSL_ECDSA_H_ #define WOLFSSL_ECDSA_H_ -#include -#include +#include +#include #ifdef __cplusplus diff --git a/source/libwolfssl/openssl/ed25519.h b/source/libwolfssl/openssl/ed25519.h index 579c653f..50683d4b 100644 --- a/source/libwolfssl/openssl/ed25519.h +++ b/source/libwolfssl/openssl/ed25519.h @@ -1,6 +1,6 @@ /* ed25519.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/openssl/ed448.h b/source/libwolfssl/openssl/ed448.h index b9411e92..4ff184fb 100644 --- a/source/libwolfssl/openssl/ed448.h +++ b/source/libwolfssl/openssl/ed448.h @@ -1,6 +1,6 @@ /* ed448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/openssl/engine.h b/source/libwolfssl/openssl/engine.h index 3d2507f7..d097e146 100644 --- a/source/libwolfssl/openssl/engine.h +++ b/source/libwolfssl/openssl/engine.h @@ -1,8 +1,10 @@ /* engine.h for libcurl */ -#include +#include #undef HAVE_OPENSSL_ENGINE_H -#define ENGINE_load_builtin_engines() /*ENGINE_load_builtin_engines not needed*/ +/* ENGINE_load_builtin_engines not needed, as all builtin engines are already + loaded into memory and used on startup. */ +#define ENGINE_load_builtin_engines() diff --git a/source/libwolfssl/openssl/err.h b/source/libwolfssl/openssl/err.h index 57566dce..9debeeee 100644 --- a/source/libwolfssl/openssl/err.h +++ b/source/libwolfssl/openssl/err.h @@ -1,6 +1,6 @@ /* err.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,7 +22,7 @@ #ifndef WOLFSSL_OPENSSL_ERR_ #define WOLFSSL_OPENSSL_ERR_ -#include +#include /* err.h for openssl */ #define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings diff --git a/source/libwolfssl/openssl/evp.h b/source/libwolfssl/openssl/evp.h index 89cb26cf..4c29c3c2 100644 --- a/source/libwolfssl/openssl/evp.h +++ b/source/libwolfssl/openssl/evp.h @@ -1,6 +1,6 @@ /* evp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -30,34 +30,38 @@ #ifndef WOLFSSL_EVP_H_ #define WOLFSSL_EVP_H_ -#include +#include #ifdef WOLFSSL_PREFIX #include "prefix_evp.h" #endif #ifndef NO_MD4 - #include + #include #endif #ifndef NO_MD5 - #include + #include #endif -#include -#include -#include -#include -#include -#include -#include +#include +#include +#include +#include +#include +#include +#include -#include -#include -#include -#include +#include +#include +#include +#include #ifdef HAVE_IDEA - #include + #include +#endif +#include + +#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE) +#include #endif -#include #ifdef __cplusplus extern "C" { @@ -81,6 +85,7 @@ typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO; #ifndef NO_MD5 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void); #endif +WOLFSSL_API void wolfSSL_EVP_set_pw_prompt(const char *); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_mdc2(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void); @@ -286,6 +291,8 @@ enum { NID_sha3_256 = 1097, NID_sha3_384 = 1098, NID_sha3_512 = 1099, + NID_blake2b512 = 1056, + NID_blake2s256 = 1057, }; enum { @@ -372,6 +379,46 @@ struct WOLFSSL_EVP_PKEY_CTX { int nbits; }; +typedef +struct WOLFSSL_ASN1_PCTX { + int dummy; +} WOLFSSL_ASN1_PCTX; +#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE) + +#define BASE64_ENCODE_BLOCK_SIZE 48 +#define BASE64_ENCODE_RESULT_BLOCK_SIZE 64 +#define BASE64_DECODE_BLOCK_SIZE 4 + +struct WOLFSSL_EVP_ENCODE_CTX { + void* heap; + int remaining; /* num of bytes in data[] */ + byte data[BASE64_ENCODE_BLOCK_SIZE];/* storage for unprocessed raw data */ +}; +typedef struct WOLFSSL_EVP_ENCODE_CTX WOLFSSL_EVP_ENCODE_CTX; + +WOLFSSL_API struct WOLFSSL_EVP_ENCODE_CTX* wolfSSL_EVP_ENCODE_CTX_new(void); +WOLFSSL_API void wolfSSL_EVP_ENCODE_CTX_free(WOLFSSL_EVP_ENCODE_CTX* ctx); +#endif /* WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE */ + +#if defined(WOLFSSL_BASE64_ENCODE) +WOLFSSL_API void wolfSSL_EVP_EncodeInit(WOLFSSL_EVP_ENCODE_CTX* ctx); +WOLFSSL_API int wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx, + unsigned char*out, int *outl, const unsigned char*in, int inl); +WOLFSSL_API void wolfSSL_EVP_EncodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx, + unsigned char*out, int *outl); +#endif /* WOLFSSL_BASE64_ENCODE */ + +#if defined(WOLFSSL_BASE64_DECODE) +WOLFSSL_API void wolfSSL_EVP_DecodeInit(WOLFSSL_EVP_ENCODE_CTX* ctx); +WOLFSSL_API int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx, + unsigned char*out, int *outl, const unsigned char*in, int inl); +WOLFSSL_API int wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx, + unsigned char*out, int *outl); +#endif /* WOLFSSL_BASE64_DECODE */ + +WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2b512(void); +WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2s256(void); + typedef int WOLFSSL_ENGINE ; typedef WOLFSSL_ENGINE ENGINE; typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX; @@ -381,6 +428,8 @@ typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX; #define EVP_PKEY_OP_DECRYPT (1 << 7) #define EVP_PKEY_OP_DERIVE (1 << 8) +#define EVP_PKEY_PRINT_INDENT_MAX 128 + WOLFSSL_API void wolfSSL_EVP_init(void); WOLFSSL_API int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* md); WOLFSSL_API int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md); @@ -547,7 +596,11 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY **ppkey); WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey); +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +WOLFSSL_API void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); +#else WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); +#endif WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e); WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding); WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e); @@ -557,6 +610,9 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_derive_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_derive_set_peer(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY *peer); WOLFSSL_API int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); +WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_ctrl_str(WOLFSSL_EVP_PKEY_CTX *ctx, + const char *name, const char *value); + WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen); @@ -569,11 +625,13 @@ WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void); WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap); WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*); WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey); +WOLFSSL_API int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, const WOLFSSL_EVP_PKEY *from); WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b); WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type); -WOLFSSL_API int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey); -WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey); +WOLFSSL_API int wolfSSL_EVP_PKEY_id(const WOLFSSL_EVP_PKEY *pkey); +WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const WOLFSSL_EVP_PKEY *pkey); +WOLFSSL_API int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid); WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type); @@ -582,7 +640,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, WOLFSSL_ENGINE *impl); WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len); WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, - unsigned char* sig, unsigned int sig_len, WOLFSSL_EVP_PKEY *pkey); + const unsigned char* sig, unsigned int sig_len, WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API int wolfSSL_EVP_VerifyInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type); WOLFSSL_API int wolfSSL_EVP_VerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len); @@ -640,6 +698,8 @@ WOLFSSL_LOCAL int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp, #define EVP_CIPH_CCM_MODE WOLFSSL_EVP_CIPH_CCM_MODE #define EVP_CIPH_XTS_MODE WOLFSSL_EVP_CIPH_XTS_MODE +#define EVP_CIPH_FLAG_AEAD_CIPHER WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER + #define WOLFSSL_EVP_CIPH_MODE 0x0007 #define WOLFSSL_EVP_CIPH_STREAM_CIPHER 0x0 #define WOLFSSL_EVP_CIPH_ECB_MODE 0x1 @@ -650,6 +710,7 @@ WOLFSSL_LOCAL int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp, #define WOLFSSL_EVP_CIPH_GCM_MODE 0x6 #define WOLFSSL_EVP_CIPH_CCM_MODE 0x7 #define WOLFSSL_EVP_CIPH_XTS_MODE 0x10 +#define WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER 0x20 #define WOLFSSL_EVP_CIPH_NO_PADDING 0x100 #define EVP_CIPH_VARIABLE_LENGTH 0x200 #define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff @@ -660,6 +721,7 @@ typedef WOLFSSL_EVP_MD EVP_MD; typedef WOLFSSL_EVP_CIPHER EVP_CIPHER; typedef WOLFSSL_EVP_MD_CTX EVP_MD_CTX; typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; +typedef WOLFSSL_ASN1_PCTX ASN1_PCTX; #ifndef NO_MD4 #define EVP_md4 wolfSSL_EVP_md4 @@ -667,14 +729,15 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #ifndef NO_MD5 #define EVP_md5 wolfSSL_EVP_md5 #endif -#define EVP_sha1 wolfSSL_EVP_sha1 -#define EVP_mdc2 wolfSSL_EVP_mdc2 -#define EVP_dds1 wolfSSL_EVP_sha1 -#define EVP_sha224 wolfSSL_EVP_sha224 -#define EVP_sha256 wolfSSL_EVP_sha256 -#define EVP_sha384 wolfSSL_EVP_sha384 -#define EVP_sha512 wolfSSL_EVP_sha512 -#define EVP_ripemd160 wolfSSL_EVP_ripemd160 +#define EVP_sha1 wolfSSL_EVP_sha1 +#define EVP_mdc2 wolfSSL_EVP_mdc2 +#define EVP_dds1 wolfSSL_EVP_sha1 +#define EVP_sha224 wolfSSL_EVP_sha224 +#define EVP_sha256 wolfSSL_EVP_sha256 +#define EVP_sha384 wolfSSL_EVP_sha384 +#define EVP_sha512 wolfSSL_EVP_sha512 +#define EVP_ripemd160 wolfSSL_EVP_ripemd160 +#define EVP_set_pw_prompt wolfSSL_EVP_set_pw_prompt #define EVP_sha3_224 wolfSSL_EVP_sha3_224 #define EVP_sha3_256 wolfSSL_EVP_sha3_256 @@ -727,7 +790,11 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_MD_CTX_type wolfSSL_EVP_MD_CTX_type #define EVP_MD_CTX_size wolfSSL_EVP_MD_CTX_size #define EVP_MD_CTX_block_size wolfSSL_EVP_MD_CTX_block_size +#define EVP_MD_block_size wolfSSL_EVP_MD_block_size #define EVP_MD_type wolfSSL_EVP_MD_type +#ifndef NO_WOLFSSL_STUB +#define EVP_MD_CTX_set_flags(...) +#endif #define EVP_Digest wolfSSL_EVP_Digest #define EVP_DigestInit wolfSSL_EVP_DigestInit @@ -825,11 +892,14 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_PKEY_free wolfSSL_EVP_PKEY_free #define EVP_PKEY_up_ref wolfSSL_EVP_PKEY_up_ref #define EVP_PKEY_size wolfSSL_EVP_PKEY_size +#define EVP_PKEY_copy_parameters wolfSSL_EVP_PKEY_copy_parameters #define EVP_PKEY_missing_parameters wolfSSL_EVP_PKEY_missing_parameters #define EVP_PKEY_cmp wolfSSL_EVP_PKEY_cmp #define EVP_PKEY_type wolfSSL_EVP_PKEY_type #define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id +#define EVP_PKEY_get_default_digest_nid wolfSSL_EVP_PKEY_get_default_digest_nid #define EVP_PKEY_id wolfSSL_EVP_PKEY_id +#define EVP_PKEY_CTX_ctrl_str wolfSSL_EVP_PKEY_CTX_ctrl_str #define EVP_SignFinal wolfSSL_EVP_SignFinal #define EVP_SignInit wolfSSL_EVP_SignInit #define EVP_SignInit_ex wolfSSL_EVP_SignInit_ex @@ -887,6 +957,7 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG #define EVP_CTRL_GCM_SET_IV_FIXED EVP_CTRL_AEAD_SET_IV_FIXED +#define EVP_PKEY_print_public wolfSSL_EVP_PKEY_print_public #define EVP_PKEY_print_private(arg1, arg2, arg3, arg4) #ifndef EVP_MAX_MD_SIZE @@ -917,10 +988,8 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_R_PRIVATE_KEY_DECODE_ERROR (-MIN_CODE_E + 100 + 4) #define EVP_PKEY_NONE NID_undef -#define EVP_PKEY_RSA 6 -#define EVP_PKEY_RSA2 19 #define EVP_PKEY_DH 28 -#define EVP_CIPHER_mode WOLFSSL_CIPHER_mode +#define EVP_CIPHER_mode WOLFSSL_EVP_CIPHER_mode /* WOLFSSL_EVP_CIPHER is just the string name of the cipher */ #define EVP_CIPHER_name(x) x #define EVP_MD_CTX_reset wolfSSL_EVP_MD_CTX_cleanup @@ -928,6 +997,25 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_MD_name(x) x #define EVP_CIPHER_nid wolfSSL_EVP_CIPHER_nid +/* Base64 encoding/decoding APIs */ +#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE) +#define EVP_ENCODE_CTX WOLFSSL_EVP_ENCODE_CTX +#define EVP_ENCODE_CTX_new wolfSSL_EVP_ENCODE_CTX_new +#define EVP_ENCODE_CTX_free wolfSSL_EVP_ENCODE_CTX_free +#endif /* WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE*/ +#if defined(WOLFSSL_BASE64_ENCODE) +#define EVP_EncodeInit wolfSSL_EVP_EncodeInit +#define EVP_EncodeUpdate wolfSSL_EVP_EncodeUpdate +#define EVP_EncodeFinal wolfSSL_EVP_EncodeFinal +#endif /* WOLFSSL_BASE64_ENCODE */ +#if defined(WOLFSSL_BASE64_DECODE) +#define EVP_DecodeInit wolfSSL_EVP_DecodeInit +#define EVP_DecodeUpdate wolfSSL_EVP_DecodeUpdate +#define EVP_DecodeFinal wolfSSL_EVP_DecodeFinal +#endif /* WOLFSSL_BASE64_DECODE */ + +#define EVP_blake2b512 wolfSSL_EVP_blake2b512 +#define EVP_blake2s256 wolfSSL_EVP_blake2s256 WOLFSSL_API void printPKEY(WOLFSSL_EVP_PKEY *k); @@ -935,6 +1023,6 @@ WOLFSSL_API void printPKEY(WOLFSSL_EVP_PKEY *k); } /* extern "C" */ #endif -#include +#include #endif /* WOLFSSL_EVP_H_ */ diff --git a/source/libwolfssl/openssl/hmac.h b/source/libwolfssl/openssl/hmac.h index bf0e540b..a139343e 100644 --- a/source/libwolfssl/openssl/hmac.h +++ b/source/libwolfssl/openssl/hmac.h @@ -1,6 +1,6 @@ /* hmac.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -29,15 +29,23 @@ #ifndef WOLFSSL_HMAC_H_ #define WOLFSSL_HMAC_H_ -#include +#include #ifdef WOLFSSL_PREFIX #include "prefix_hmac.h" #endif -#include -#include -#include +#include + +typedef struct WOLFSSL_HMAC_CTX { + Hmac hmac; + int type; + word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ + word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; +} WOLFSSL_HMAC_CTX; + +#include +#include #ifdef __cplusplus extern "C" { @@ -49,22 +57,13 @@ WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const unsigned char* d, int n, unsigned char* md, unsigned int* md_len); - -typedef struct WOLFSSL_HMAC_CTX { - Hmac hmac; - int type; - word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ - word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; -} WOLFSSL_HMAC_CTX; - - WOLFSSL_API WOLFSSL_HMAC_CTX* wolfSSL_HMAC_CTX_new(void); WOLFSSL_API int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src); WOLFSSL_LOCAL int wolfSSL_HmacCopy(Hmac* des, Hmac* src); WOLFSSL_API int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, - int keylen, const EVP_MD* type); + int keylen, const WOLFSSL_EVP_MD* type); WOLFSSL_API int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e); WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, @@ -75,6 +74,7 @@ WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx); +WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_HMAC_CTX_get_md(const WOLFSSL_HMAC_CTX *ctx); typedef struct WOLFSSL_HMAC_CTX HMAC_CTX; @@ -92,6 +92,7 @@ typedef struct WOLFSSL_HMAC_CTX HMAC_CTX; #define HMAC_Final wolfSSL_HMAC_Final #define HMAC_cleanup wolfSSL_HMAC_cleanup #define HMAC_size wolfSSL_HMAC_size +#define HMAC_CTX_get_md wolfSSL_HMAC_CTX_get_md #ifdef __cplusplus diff --git a/source/libwolfssl/openssl/lhash.h b/source/libwolfssl/openssl/lhash.h index 01f8535f..cbf62991 100644 --- a/source/libwolfssl/openssl/lhash.h +++ b/source/libwolfssl/openssl/lhash.h @@ -1,2 +1,64 @@ +/* lhash.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + /* lhash.h for openSSL */ +#ifndef WOLFSSL_lhash_H_ +#define WOLFSSL_lhash_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include + +#ifdef OPENSSL_ALL +#define IMPLEMENT_LHASH_HASH_FN(name, type) \ + unsigned long wolfSSL_##name##_LHASH_HASH(const void *arg) \ + { \ + const type *a = arg; \ + return name##_hash(a); \ + } +#define IMPLEMENT_LHASH_COMP_FN(name, type) \ + int wolfSSL_##name##_LHASH_COMP(const void *p1, const void *p2) \ + { \ + const type *_p1 = p1; \ + const type *_p2 = p2; \ + return name##_cmp(_p1, _p2); \ + } + +#define LHASH_HASH_FN(name) wolfSSL_##name##_LHASH_HASH +#define LHASH_COMP_FN(name) wolfSSL_##name##_LHASH_COMP + +WOLFSSL_API unsigned long wolfSSL_LH_strhash(const char *str); + +WOLFSSL_API void *wolfSSL_lh_retrieve(WOLFSSL_STACK *sk, void *data); + +#define lh_strhash wolfSSL_LH_strhash + +#endif + + +#ifdef __cplusplus +} /* extern "C" */ +#endif + +#endif /* WOLFSSL_lhash_H_ */ diff --git a/source/libwolfssl/openssl/md4.h b/source/libwolfssl/openssl/md4.h index eb539eaa..52aaa082 100644 --- a/source/libwolfssl/openssl/md4.h +++ b/source/libwolfssl/openssl/md4.h @@ -1,6 +1,6 @@ /* md4.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,7 +23,7 @@ #ifndef WOLFSSL_MD4_H_ #define WOLFSSL_MD4_H_ -#include +#include #ifndef NO_MD4 diff --git a/source/libwolfssl/openssl/md5.h b/source/libwolfssl/openssl/md5.h index 9534091e..086fa800 100644 --- a/source/libwolfssl/openssl/md5.h +++ b/source/libwolfssl/openssl/md5.h @@ -1,6 +1,6 @@ /* md5.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,11 +25,11 @@ #ifndef WOLFSSL_MD5_H_ #define WOLFSSL_MD5_H_ -#include +#include #ifndef NO_MD5 -#include +#include #ifdef WOLFSSL_PREFIX #include "prefix_md5.h" @@ -52,13 +52,14 @@ typedef struct WOLFSSL_MD5_CTX { WOLFSSL_API int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX*); WOLFSSL_API int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX*, const void*, unsigned long); WOLFSSL_API int wolfSSL_MD5_Final(unsigned char*, WOLFSSL_MD5_CTX*); - +WOLFSSL_API int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX*, const unsigned char*); typedef WOLFSSL_MD5_CTX MD5_CTX; #define MD5_Init wolfSSL_MD5_Init #define MD5_Update wolfSSL_MD5_Update #define MD5_Final wolfSSL_MD5_Final +#define MD5_Transform wolfSSL_MD5_Transform #ifdef OPENSSL_EXTRA_BSD #define MD5Init wolfSSL_MD5_Init diff --git a/source/libwolfssl/openssl/obj_mac.h b/source/libwolfssl/openssl/obj_mac.h index 6d0f9004..0544d6b1 100644 --- a/source/libwolfssl/openssl/obj_mac.h +++ b/source/libwolfssl/openssl/obj_mac.h @@ -1,6 +1,6 @@ /* obj_mac.h * - * Copyright (C) 2006-2017 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -42,6 +42,8 @@ #define NID_sect571k1 733 #define NID_sect571r1 734 +/* the definition is for Qt Unit test */ +#define SN_jurisdictionCountryName "jurisdictionC" #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libwolfssl/openssl/objects.h b/source/libwolfssl/openssl/objects.h index 49a6c9d9..eedf5ecf 100644 --- a/source/libwolfssl/openssl/objects.h +++ b/source/libwolfssl/openssl/objects.h @@ -1,6 +1,6 @@ /* objects.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,11 +23,11 @@ #ifndef WOLFSSL_OBJECTS_H_ #define WOLFSSL_OBJECTS_H_ -#include -//#include +#include +//#include #ifndef OPENSSL_EXTRA_SSL_GUARD #define OPENSSL_EXTRA_SSL_GUARD -#include +#include #endif /* OPENSSL_EXTRA_SSL_GUARD */ #ifdef __cplusplus diff --git a/source/libwolfssl/openssl/ocsp.h b/source/libwolfssl/openssl/ocsp.h index 7e2e76f5..e0f97c16 100644 --- a/source/libwolfssl/openssl/ocsp.h +++ b/source/libwolfssl/openssl/ocsp.h @@ -1,6 +1,6 @@ /* ocsp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,11 +25,12 @@ #define WOLFSSL_OCSP_H_ #ifdef HAVE_OCSP -#include +#include #define OCSP_REQUEST OcspRequest #define OCSP_RESPONSE OcspResponse #define OCSP_BASICRESP WOLFSSL_OCSP_BASICRESP +#define OCSP_SINGLERESP WOLFSSL_OCSP_SINGLERESP #define OCSP_CERTID WOLFSSL_OCSP_CERTID #define OCSP_ONEREQ WOLFSSL_OCSP_ONEREQ @@ -76,6 +77,13 @@ #define i2d_OCSP_REQUEST_bio wolfSSL_i2d_OCSP_REQUEST_bio +#define i2d_OCSP_CERTID wolfSSL_i2d_OCSP_CERTID +#define OCSP_SINGLERESP_get0_id wolfSSL_OCSP_SINGLERESP_get0_id +#define OCSP_id_cmp wolfSSL_OCSP_id_cmp +#define OCSP_single_get0_status wolfSSL_OCSP_single_get0_status +#define OCSP_resp_count wolfSSL_OCSP_resp_count +#define OCSP_resp_get0 wolfSSL_OCSP_resp_get0 + #endif /* HAVE_OCSP */ #endif /* WOLFSSL_OCSP_H_ */ diff --git a/source/libwolfssl/openssl/opensslv.h b/source/libwolfssl/openssl/opensslv.h index 7f82800d..fb2fc0b8 100644 --- a/source/libwolfssl/openssl/opensslv.h +++ b/source/libwolfssl/openssl/opensslv.h @@ -1,6 +1,6 @@ /* opensslv.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,12 +26,19 @@ /* api version compatibility */ -#if defined(WOLFSSL_APACHE_HTTPD) +#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x0090810fL) ||\ + defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10100000L) ||\ + defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10001040L) + /* valid version */ +#elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST) || defined(WOLFSSL_BIND) /* For Apache httpd, Use 1.1.0 compatibility */ #define OPENSSL_VERSION_NUMBER 0x10100000L +#elif defined(WOLFSSL_QT) + #define OPENSSL_VERSION_NUMBER 0x10101000L +#elif defined(WOLFSSL_HAPROXY) + #define OPENSSL_VERSION_NUMBER 0x1010000fL #elif defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \ - defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ - defined(WOLFSSL_OPENSSH) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENVPN) + defined(WOLFSSL_NGINX) || defined(WOLFSSL_OPENSSH) || defined(WOLFSSL_OPENVPN) /* version number can be increased for Lighty after compatibility for ECDH is added */ #define OPENSSL_VERSION_NUMBER 0x10001040L diff --git a/source/libwolfssl/openssl/ossl_typ.h b/source/libwolfssl/openssl/ossl_typ.h index 6ed23a59..a6117356 100644 --- a/source/libwolfssl/openssl/ossl_typ.h +++ b/source/libwolfssl/openssl/ossl_typ.h @@ -1,6 +1,6 @@ /* ossl_typ.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,6 +27,6 @@ #ifndef WOLFSSL_OSSL_TYP_H_ #define WOLFSSL_OSSL_TYP_H_ -#include +#include #endif /* !WOLFSSL_OSSL_TYP_H_ */ diff --git a/source/libwolfssl/openssl/pem.h b/source/libwolfssl/openssl/pem.h index 02a22a85..50cfc276 100644 --- a/source/libwolfssl/openssl/pem.h +++ b/source/libwolfssl/openssl/pem.h @@ -1,6 +1,6 @@ /* pem.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -29,11 +29,11 @@ #ifndef WOLFSSL_PEM_H_ #define WOLFSSL_PEM_H_ -#include -#include -#include -#include -#include +#include +#include +#include +#include +#include #ifdef __cplusplus extern "C" { @@ -242,6 +242,9 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh); #define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey #define PEM_read_bio_ECPrivateKey wolfSSL_PEM_read_bio_ECPrivateKey #define PEM_read_bio_EC_PUBKEY wolfSSL_PEM_read_bio_EC_PUBKEY +#ifndef NO_WOLFSSL_STUB +#define PEM_write_bio_ECPKParameters(...) 0 +#endif /* EVP_KEY */ #define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey #define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY diff --git a/source/libwolfssl/openssl/pkcs12.h b/source/libwolfssl/openssl/pkcs12.h index 8a20f267..5eee8706 100644 --- a/source/libwolfssl/openssl/pkcs12.h +++ b/source/libwolfssl/openssl/pkcs12.h @@ -1,6 +1,6 @@ /* pkcs12.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,8 +22,8 @@ /* pkcs12.h for openssl */ -#include -#include +#include +#include #ifndef WOLFSSL_PKCS12_COMPAT_H_ #define WOLFSSL_PKCS12_COMPAT_H_ @@ -42,6 +42,7 @@ /* wolfSSL level using structs from ssl.h and calls down to wolfCrypt */ #define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio #define PKCS12_parse wolfSSL_PKCS12_parse +#define PKCS12_verify_mac wolfSSL_PKCS12_verify_mac #define PKCS12_create wolfSSL_PKCS12_create #define PKCS12_PBE_add wolfSSL_PKCS12_PBE_add diff --git a/source/libwolfssl/openssl/pkcs7.h b/source/libwolfssl/openssl/pkcs7.h index 43cbd4da..1ea4330c 100644 --- a/source/libwolfssl/openssl/pkcs7.h +++ b/source/libwolfssl/openssl/pkcs7.h @@ -1,6 +1,6 @@ /* pkcs7.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,8 +25,8 @@ #ifndef WOLFSSL_PKCS7_H_ #define WOLFSSL_PKCS7_H_ -#include -#include +#include +#include #ifdef __cplusplus extern "C" { @@ -37,12 +37,12 @@ #define PKCS7_NOINTERN 0x0010 #define PKCS7_NOVERIFY 0x0020 - typedef struct WOLFSSL_PKCS7 { PKCS7 pkcs7; unsigned char* data; int len; + WOLFSSL_STACK* certs; } WOLFSSL_PKCS7; @@ -52,12 +52,22 @@ WOLFSSL_API void wolfSSL_PKCS7_free(PKCS7* p7); WOLFSSL_API void wolfSSL_PKCS7_SIGNED_free(PKCS7_SIGNED* p7); WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in, int len); +WOLFSSL_LOCAL PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, + int len, byte* content, word32 contentSz); WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7); +WOLFSSL_API int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7); WOLFSSL_API int wolfSSL_PKCS7_verify(PKCS7* p7, WOLFSSL_STACK* certs, WOLFSSL_X509_STORE* store, WOLFSSL_BIO* in, WOLFSSL_BIO* out, int flags); +WOLFSSL_API int wolfSSL_PKCS7_encode_certs(PKCS7* p7, WOLFSSL_STACK* certs, + WOLFSSL_BIO* out); +WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7); WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* p7, WOLFSSL_STACK* certs, int flags); WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7); +#if defined(HAVE_SMIME) +WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in, WOLFSSL_BIO** bcont); +#endif /* HAVE_SMIME */ + #define PKCS7_new wolfSSL_PKCS7_new #define PKCS7_SIGNED_new wolfSSL_PKCS7_SIGNED_new @@ -65,9 +75,13 @@ WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7); #define PKCS7_SIGNED_free wolfSSL_PKCS7_SIGNED_free #define d2i_PKCS7 wolfSSL_d2i_PKCS7 #define d2i_PKCS7_bio wolfSSL_d2i_PKCS7_bio +#define i2d_PKCS7_bio wolfSSL_i2d_PKCS7_bio #define PKCS7_verify wolfSSL_PKCS7_verify #define PKCS7_get0_signers wolfSSL_PKCS7_get0_signers #define PEM_write_bio_PKCS7 wolfSSL_PEM_write_bio_PKCS7 +#if defined(HAVE_SMIME) +#define SMIME_read_PKCS7 wolfSSL_SMIME_read_PKCS7 +#endif /* HAVE_SMIME */ #endif /* OPENSSL_ALL && HAVE_PKCS7 */ diff --git a/source/libwolfssl/openssl/rand.h b/source/libwolfssl/openssl/rand.h index 27552c63..c4dca87d 100644 --- a/source/libwolfssl/openssl/rand.h +++ b/source/libwolfssl/openssl/rand.h @@ -1,6 +1,6 @@ /* rand.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -21,7 +21,9 @@ /* rand.h for openSSL */ -#include -#include +#include +#include + +typedef WOLFSSL_RAND_METHOD RAND_METHOD; #define RAND_set_rand_method wolfSSL_RAND_set_rand_method diff --git a/source/libwolfssl/openssl/rc4.h b/source/libwolfssl/openssl/rc4.h index 3dec6f27..91ac416a 100644 --- a/source/libwolfssl/openssl/rc4.h +++ b/source/libwolfssl/openssl/rc4.h @@ -1,6 +1,6 @@ /* rc4.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -28,8 +28,8 @@ #ifndef WOLFSSL_RC4_COMPAT_H_ #define WOLFSSL_RC4_COMPAT_H_ -#include -#include /* included for size_t */ +#include +#include /* included for size_t */ #ifdef __cplusplus extern "C" { diff --git a/source/libwolfssl/openssl/ripemd.h b/source/libwolfssl/openssl/ripemd.h index e159f8e8..73ae5ae5 100644 --- a/source/libwolfssl/openssl/ripemd.h +++ b/source/libwolfssl/openssl/ripemd.h @@ -1,6 +1,6 @@ /* ripemd.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,7 +25,7 @@ #ifndef WOLFSSL_RIPEMD_H_ #define WOLFSSL_RIPEMD_H_ -#include +#include #ifdef __cplusplus extern "C" { diff --git a/source/libwolfssl/openssl/rsa.h b/source/libwolfssl/openssl/rsa.h index ef4d977d..af3f2ddf 100644 --- a/source/libwolfssl/openssl/rsa.h +++ b/source/libwolfssl/openssl/rsa.h @@ -1,6 +1,6 @@ /* rsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,9 +25,9 @@ #ifndef WOLFSSL_RSA_H_ #define WOLFSSL_RSA_H_ -#include -#include -#include +#include +#include +#include #ifdef __cplusplus extern "C" { @@ -77,19 +77,22 @@ typedef struct WOLFSSL_RSA { WOLFSSL_BIGNUM* iqmp; /* u */ void* heap; void* internal; /* our RSA */ - char inSet; /* internal set from external ? */ - char exSet; /* external set from internal ? */ - char ownRng; /* flag for if the rng should be free'd */ #if defined(OPENSSL_EXTRA) WOLFSSL_RSA_METHOD* meth; #endif #if defined(HAVE_EX_DATA) WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data */ #endif -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) +#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_EXTRA) wolfSSL_Mutex refMutex; /* ref count mutex */ int refCount; /* reference count */ #endif + word16 pkcs8HeaderSz; + + /* bits */ + byte inSet:1; /* internal set from external ? */ + byte exSet:1; /* external set from internal ? */ + byte ownRng:1; /* flag for if the rng should be free'd */ } WOLFSSL_RSA; #endif @@ -107,19 +110,27 @@ WOLFSSL_API int wolfSSL_RSA_public_encrypt(int len, const unsigned char* fr, unsigned char* to, WOLFSSL_RSA*, int padding); WOLFSSL_API int wolfSSL_RSA_private_decrypt(int len, const unsigned char* fr, unsigned char* to, WOLFSSL_RSA*, int padding); -WOLFSSL_API int wolfSSL_RSA_private_encrypt(int len, unsigned char* in, +WOLFSSL_API int wolfSSL_RSA_private_encrypt(int len, const unsigned char* in, unsigned char* out, WOLFSSL_RSA* rsa, int padding); WOLFSSL_API int wolfSSL_RSA_size(const WOLFSSL_RSA*); +WOLFSSL_API int wolfSSL_RSA_bits(const WOLFSSL_RSA*); WOLFSSL_API int wolfSSL_RSA_sign(int type, const unsigned char* m, unsigned int mLen, unsigned char* sigRet, unsigned int* sigLen, WOLFSSL_RSA*); WOLFSSL_API int wolfSSL_RSA_sign_ex(int type, const unsigned char* m, unsigned int mLen, unsigned char* sigRet, unsigned int* sigLen, WOLFSSL_RSA*, int); +WOLFSSL_API int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m, + unsigned int mLen, unsigned char* sigRet, + unsigned int* sigLen, WOLFSSL_RSA*, int, int); WOLFSSL_API int wolfSSL_RSA_verify(int type, const unsigned char* m, unsigned int mLen, const unsigned char* sig, unsigned int sigLen, WOLFSSL_RSA*); +WOLFSSL_API int wolfSSL_RSA_verify_ex(int type, const unsigned char* m, + unsigned int mLen, const unsigned char* sig, + unsigned int sigLen, WOLFSSL_RSA* rsa, + int padding); WOLFSSL_API int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from, unsigned char* to, WOLFSSL_RSA*, int padding); WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA*); @@ -133,18 +144,35 @@ WOLFSSL_API int wolfSSL_RSA_set_method(WOLFSSL_RSA *rsa, WOLFSSL_RSA_METHOD *met WOLFSSL_API const WOLFSSL_RSA_METHOD* wolfSSL_RSA_get_method(const WOLFSSL_RSA *rsa); WOLFSSL_API const WOLFSSL_RSA_METHOD* wolfSSL_RSA_get_default_method(void); +WOLFSSL_API void wolfSSL_RSA_get0_crt_params(const WOLFSSL_RSA *r, + const WOLFSSL_BIGNUM **dmp1, + const WOLFSSL_BIGNUM **dmq1, + const WOLFSSL_BIGNUM **iqmp); +WOLFSSL_API int wolfSSL_RSA_set0_crt_params(WOLFSSL_RSA *r, WOLFSSL_BIGNUM *dmp1, + WOLFSSL_BIGNUM *dmq1, WOLFSSL_BIGNUM *iqmp); +WOLFSSL_API void wolfSSL_RSA_get0_factors(const WOLFSSL_RSA *r, const WOLFSSL_BIGNUM **p, + const WOLFSSL_BIGNUM **q); +WOLFSSL_API int wolfSSL_RSA_set0_factors(WOLFSSL_RSA *r, WOLFSSL_BIGNUM *p, WOLFSSL_BIGNUM *q); WOLFSSL_API void wolfSSL_RSA_get0_key(const WOLFSSL_RSA *r, const WOLFSSL_BIGNUM **n, const WOLFSSL_BIGNUM **e, const WOLFSSL_BIGNUM **d); WOLFSSL_API int wolfSSL_RSA_set0_key(WOLFSSL_RSA *r, WOLFSSL_BIGNUM *n, WOLFSSL_BIGNUM *e, WOLFSSL_BIGNUM *d); WOLFSSL_API int wolfSSL_RSA_flags(const WOLFSSL_RSA *r); WOLFSSL_API void wolfSSL_RSA_set_flags(WOLFSSL_RSA *r, int flags); +WOLFSSL_API void wolfSSL_RSA_clear_flags(WOLFSSL_RSA *r, int flags); +WOLFSSL_API int wolfSSL_RSA_test_flags(const WOLFSSL_RSA *r, int flags); WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSAPublicKey_dup(WOLFSSL_RSA *rsa); WOLFSSL_API void* wolfSSL_RSA_get_ex_data(const WOLFSSL_RSA *rsa, int idx); WOLFSSL_API int wolfSSL_RSA_set_ex_data(WOLFSSL_RSA *rsa, int idx, void *data); - +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup( + WOLFSSL_RSA *rsa, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif #define WOLFSSL_RSA_LOAD_PRIVATE 1 #define WOLFSSL_RSA_LOAD_PUBLIC 2 @@ -177,10 +205,16 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data(WOLFSSL_RSA *rsa, int idx, void *data); #define RSA_get_default_method wolfSSL_RSA_get_default_method #define RSA_get_method wolfSSL_RSA_get_method #define RSA_set_method wolfSSL_RSA_set_method +#define RSA_get0_crt_params wolfSSL_RSA_get0_crt_params +#define RSA_set0_crt_params wolfSSL_RSA_set0_crt_params +#define RSA_get0_factors wolfSSL_RSA_get0_factors +#define RSA_set0_factors wolfSSL_RSA_set0_factors #define RSA_get0_key wolfSSL_RSA_get0_key #define RSA_set0_key wolfSSL_RSA_set0_key #define RSA_flags wolfSSL_RSA_flags #define RSA_set_flags wolfSSL_RSA_set_flags +#define RSA_clear_flags wolfSSL_RSA_clear_flags +#define RSA_test_flags wolfSSL_RSA_test_flags #define RSAPublicKey_dup wolfSSL_RSAPublicKey_dup #define RSA_get_ex_data wolfSSL_RSA_get_ex_data diff --git a/source/libwolfssl/openssl/sha.h b/source/libwolfssl/openssl/sha.h index d589754b..172e07dc 100644 --- a/source/libwolfssl/openssl/sha.h +++ b/source/libwolfssl/openssl/sha.h @@ -1,6 +1,6 @@ /* sha.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,8 +25,8 @@ #ifndef WOLFSSL_SHA_H_ #define WOLFSSL_SHA_H_ -#include -#include +#include +#include #ifdef WOLFSSL_PREFIX #include "prefix_sha.h" @@ -52,12 +52,14 @@ typedef struct WOLFSSL_SHA_CTX { WOLFSSL_API int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX*); WOLFSSL_API int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long); WOLFSSL_API int wolfSSL_SHA_Final(unsigned char*, WOLFSSL_SHA_CTX*); - +WOLFSSL_API int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX*, + const unsigned char *data); /* SHA1 points to above, shouldn't use SHA0 ever */ WOLFSSL_API int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX*); WOLFSSL_API int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long); WOLFSSL_API int wolfSSL_SHA1_Final(unsigned char*, WOLFSSL_SHA_CTX*); - +WOLFSSL_API int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX*, + const unsigned char *data); enum { SHA_DIGEST_LENGTH = 20 }; @@ -68,11 +70,20 @@ typedef WOLFSSL_SHA_CTX SHA_CTX; #define SHA_Init wolfSSL_SHA_Init #define SHA_Update wolfSSL_SHA_Update #define SHA_Final wolfSSL_SHA_Final +#define SHA_Transform wolfSSL_SHA_Transform + +#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_SELFTEST) && \ + (!defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) + /* SHA is only available in non-fips mode or fips version > 2 mode + * because of SHA enum in FIPS build. */ + #define SHA wolfSSL_SHA1 +#endif #define SHA1_Init wolfSSL_SHA1_Init #define SHA1_Update wolfSSL_SHA1_Update #define SHA1_Final wolfSSL_SHA1_Final - +#define SHA1_Transform wolfSSL_SHA1_Transform #ifdef WOLFSSL_SHA224 @@ -99,6 +110,13 @@ typedef WOLFSSL_SHA224_CTX SHA224_CTX; #define SHA224_Init wolfSSL_SHA224_Init #define SHA224_Update wolfSSL_SHA224_Update #define SHA224_Final wolfSSL_SHA224_Final +#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_SELFTEST) && \ + (!defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) + /* SHA224 is only available in non-fips mode or fips version > 2 mode + * because of SHA224 enum in FIPS build. */ + #define SHA224 wolfSSL_SHA224 +#endif #endif /* WOLFSSL_SHA224 */ @@ -113,9 +131,10 @@ typedef struct WOLFSSL_SHA256_CTX { WOLFSSL_API int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX*); WOLFSSL_API int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX*, const void*, - unsigned long); + unsigned long); WOLFSSL_API int wolfSSL_SHA256_Final(unsigned char*, WOLFSSL_SHA256_CTX*); - +WOLFSSL_API int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX*, + const unsigned char *data); enum { SHA256_DIGEST_LENGTH = 32 }; @@ -126,6 +145,8 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX; #define SHA256_Init wolfSSL_SHA256_Init #define SHA256_Update wolfSSL_SHA256_Update #define SHA256_Final wolfSSL_SHA256_Final +#define SHA256_Transform wolfSSL_SHA256_Transform + #if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) /* SHA256 is only available in non-fips mode because of SHA256 enum in FIPS * build. */ @@ -137,7 +158,7 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX; typedef struct WOLFSSL_SHA384_CTX { /* big enough to hold wolfCrypt Sha384, but check on init */ - void* holder[(256 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; + void* holder[(268 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; } WOLFSSL_SHA384_CTX; WOLFSSL_API int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX*); @@ -171,9 +192,10 @@ typedef struct WOLFSSL_SHA512_CTX { WOLFSSL_API int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX*); WOLFSSL_API int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX*, const void*, - unsigned long); + unsigned long); WOLFSSL_API int wolfSSL_SHA512_Final(unsigned char*, WOLFSSL_SHA512_CTX*); - +WOLFSSL_API int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX*, + const unsigned char*); enum { SHA512_DIGEST_LENGTH = 64 }; @@ -184,6 +206,7 @@ typedef WOLFSSL_SHA512_CTX SHA512_CTX; #define SHA512_Init wolfSSL_SHA512_Init #define SHA512_Update wolfSSL_SHA512_Update #define SHA512_Final wolfSSL_SHA512_Final +#define SHA512_Transform wolfSSL_SHA512_Transform #if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) /* SHA512 is only available in non-fips mode because of SHA512 enum in FIPS * build. */ diff --git a/source/libwolfssl/openssl/sha3.h b/source/libwolfssl/openssl/sha3.h index c3b405b4..e906eefa 100644 --- a/source/libwolfssl/openssl/sha3.h +++ b/source/libwolfssl/openssl/sha3.h @@ -1,6 +1,6 @@ /* sha3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,8 +25,8 @@ #ifndef WOLFSSL_SHA3_H_ #define WOLFSSL_SHA3_H_ -#include -#include +#include +#include #ifdef WOLFSSL_PREFIX #include "prefix_sha.h" diff --git a/source/libwolfssl/openssl/ssl.h b/source/libwolfssl/openssl/ssl.h index 3062d994..5e406004 100644 --- a/source/libwolfssl/openssl/ssl.h +++ b/source/libwolfssl/openssl/ssl.h @@ -1,6 +1,6 @@ /* ssl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -32,26 +32,28 @@ /* wolfssl_openssl compatibility layer */ #ifndef OPENSSL_EXTRA_SSL_GUARD #define OPENSSL_EXTRA_SSL_GUARD -#include +#include #endif /* OPENSSL_EXTRA_SSL_GUARD */ -#include -#include -#include +#include +#include +#include #ifdef OPENSSL_EXTRA -#include +#include #endif #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) -#include -#include +#include +#include #endif /* need MIN_CODE_E to determine wolfSSL error range */ -#include +#include /* all NID_* values are in asn.h */ -#include +#include + +#include #ifdef __cplusplus extern "C" { @@ -67,6 +69,9 @@ #undef ASN1_INTEGER #endif +#ifdef OPENSSL_EXTRA +WOLFSSL_API int wolfSSL_OPENSSL_init_ssl(word64 opts, const OPENSSL_INIT_SETTINGS *settings); +#endif typedef WOLFSSL SSL; typedef WOLFSSL_SESSION SSL_SESSION; @@ -100,23 +105,33 @@ typedef WOLFSSL_ASN1_INTEGER ASN1_INTEGER; typedef WOLFSSL_ASN1_OBJECT ASN1_OBJECT; typedef WOLFSSL_ASN1_STRING ASN1_STRING; typedef WOLFSSL_ASN1_TYPE ASN1_TYPE; +typedef WOLFSSL_X509_ATTRIBUTE X509_ATTRIBUTE; typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING; typedef WOLFSSL_dynlock_value CRYPTO_dynlock_value; typedef WOLFSSL_BUF_MEM BUF_MEM; typedef WOLFSSL_GENERAL_NAMES GENERAL_NAMES; typedef WOLFSSL_GENERAL_NAME GENERAL_NAME; +#define X509_L_FILE_LOAD WOLFSSL_X509_L_FILE_LOAD +#define X509_L_ADD_DIR WOLFSSL_X509_L_ADD_DIR +#define X509_L_ADD_STORE WOLFSSL_X509_L_ADD_STORE +#define X509_L_LOAD_STORE WOLFSSL_X509_L_LOAD_STORE + #define ASN1_UTCTIME WOLFSSL_ASN1_TIME #define ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME typedef WOLFSSL_COMP_METHOD COMP_METHOD; typedef WOLFSSL_COMP SSL_COMP; typedef WOLFSSL_X509_REVOKED X509_REVOKED; +typedef WOLFSSL_X509_LOOKUP_TYPE X509_LOOKUP_TYPE; typedef WOLFSSL_X509_OBJECT X509_OBJECT; typedef WOLFSSL_X509_STORE X509_STORE; typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX; typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM; +typedef int OSSL_HANDSHAKE_STATE; +#define TLS_ST_BEFORE 0 /* NULL_STATE from enum states */ + #define EVP_CIPHER_INFO EncryptedInfo #define STACK_OF(x) WOLFSSL_STACK @@ -126,13 +141,15 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM; #define CONF_get1_default_config_file wolfSSL_CONF_get1_default_config_file typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; -#define CRYPTO_free(xp) XFREE(xp, NULL, DYNAMIC_TYPE_TMP_BUFFER) -#define CRYPTO_malloc(sz) XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER) +#define CRYPTO_free wolfSSL_CRYPTO_free +#define CRYPTO_malloc wolfSSL_CRYPTO_malloc #define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new #define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup #define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free #define CRYPTO_EX_DATA WOLFSSL_CRYPTO_EX_DATA +#define CRYPTO_set_mem_functions wolfSSL_CRYPTO_set_mem_functions + /* depreciated */ #define CRYPTO_thread_id wolfSSL_thread_id #define CRYPTO_set_id_callback wolfSSL_set_id_callback @@ -153,6 +170,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define set_ex_data wolfSSL_CRYPTO_set_ex_data #define get_ex_data wolfSSL_CRYPTO_get_ex_data #define CRYPTO_memcmp wolfSSL_CRYPTO_memcmp +#define CRYPTO_get_ex_new_index wolfSSL_CRYPTO_get_ex_new_index + +#define CRYPTO_get_ex_new_index wolfSSL_CRYPTO_get_ex_new_index /* this function was used to set the default malloc, free, and realloc */ #define CRYPTO_malloc_init() 0 /* CRYPTO_malloc_init is not needed */ @@ -167,11 +187,12 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; /* at the moment only returns ok */ #define SSL_get_verify_result wolfSSL_get_verify_result -#define SSL_get_verify_mode wolfSSL_SSL_get_mode +#define SSL_get_verify_mode wolfSSL_get_verify_mode #define SSL_get_verify_depth wolfSSL_get_verify_depth #define SSL_CTX_get_verify_mode wolfSSL_CTX_get_verify_mode #define SSL_CTX_get_verify_depth wolfSSL_CTX_get_verify_depth #define SSL_get_certificate wolfSSL_get_certificate +#define SSL_CTX_get0_certificate wolfSSL_CTX_get0_certificate #define SSL_use_certificate wolfSSL_use_certificate #define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1 #define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio @@ -179,6 +200,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define i2d_PKCS8PrivateKey_bio wolfSSL_PEM_write_bio_PKCS8PrivateKey #define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free #define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp +#define SSL_CTX_set_ecdh_auto wolfSSL_CTX_set_ecdh_auto #define i2d_PUBKEY wolfSSL_i2d_PUBKEY #define d2i_PUBKEY wolfSSL_d2i_PUBKEY @@ -279,24 +301,39 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_CTX_set_cert_verify_callback wolfSSL_CTX_set_cert_verify_callback #define SSL_set_verify wolfSSL_set_verify #define SSL_set_verify_result wolfSSL_set_verify_result +#define SSL_verify_client_post_handshake wolfSSL_verify_client_post_handshake +#define SSL_set_post_handshake_auth wolfSSL_set_post_handshake_auth +#define SSL_CTX_set_post_handshake_auth wolfSSL_CTX_set_post_handshake_auth #define SSL_pending wolfSSL_pending #define SSL_load_error_strings wolfSSL_load_error_strings #define SSL_library_init wolfSSL_library_init +#define OPENSSL_cleanup (void)wolfSSL_Cleanup +#define OPENSSL_init_ssl wolfSSL_OPENSSL_init_ssl #define OpenSSL_add_ssl_algorithms wolfSSL_library_init #define SSL_CTX_set_session_cache_mode wolfSSL_CTX_set_session_cache_mode #define SSL_CTX_set_cipher_list wolfSSL_CTX_set_cipher_list #define SSL_CTX_set_ciphersuites wolfSSL_CTX_set_cipher_list #define SSL_set_cipher_list wolfSSL_set_cipher_list /* wolfSSL does not support security levels */ -#define SSL_CTX_set_security_level(...) +#define SSL_CTX_set_security_level wolfSSL_CTX_set_security_level +#define SSL_CTX_get_security_level wolfSSL_CTX_get_security_level /* wolfSSL does not support exporting keying material */ -#define SSL_export_keying_material(...) 0 +#define SSL_export_keying_material wolfSSL_export_keying_material + +#define SSL_CTX_set1_sigalgs_list wolfSSL_CTX_set1_sigalgs_list +#define SSL_set1_sigalgs_list wolfSSL_set1_sigalgs_list +#define SSL_get_signature_nid wolfSSL_get_signature_nid + +#define SSL_CTX_set1_groups wolfSSL_CTX_set1_groups +#define SSL_set1_groups wolfSSL_set1_groups #define SSL_CTX_set1_groups_list wolfSSL_CTX_set1_groups_list #define SSL_set1_groups_list wolfSSL_set1_groups_list #define SSL_set_ex_data wolfSSL_set_ex_data #define SSL_get_shutdown wolfSSL_get_shutdown +#define SSL_get_finished wolfSSL_get_finished +#define SSL_get_peer_finished wolfSSL_get_peer_finished #define SSL_set_rfd wolfSSL_set_rfd #define SSL_set_wfd wolfSSL_set_wfd #define SSL_set_shutdown wolfSSL_set_shutdown @@ -307,6 +344,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_SESSION_up_ref wolfSSL_SESSION_up_ref #define SSL_SESSION_dup wolfSSL_SESSION_dup #define SSL_SESSION_free wolfSSL_SESSION_free +#define SSL_SESSION_set_cipher wolfSSL_SESSION_set_cipher #define SSL_is_init_finished wolfSSL_is_init_finished #define SSL_get_version wolfSSL_get_version @@ -333,6 +371,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_MODE_RELEASE_BUFFERS 0x00000010U #define ASN1_BOOLEAN WOLFSSL_ASN1_BOOLEAN #define X509_get_ext wolfSSL_X509_get_ext + #define X509_get_ext_by_OBJ wolfSSL_X509_get_ext_by_OBJ #define X509_cmp wolfSSL_X509_cmp #define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object #define X509_EXTENSION_get_critical wolfSSL_X509_EXTENSION_get_critical @@ -345,14 +384,19 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define DSA_dup_DH wolfSSL_DSA_dup_DH /* wolfSSL does not support DSA as the cert public key */ #define EVP_PKEY_get0_DSA wolfSSL_EVP_PKEY_get0_DSA +#define EVP_PKEY_param_check wolfSSL_EVP_PKEY_param_check +#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free #define DSA_bits wolfSSL_DSA_bits #define i2d_X509_bio wolfSSL_i2d_X509_bio +#define i2d_X509_REQ_bio wolfSSL_i2d_X509_REQ_bio #define d2i_X509_bio wolfSSL_d2i_X509_bio +#define d2i_X509_REQ_bio wolfSSL_d2i_X509_REQ_bio #define d2i_X509_fp wolfSSL_d2i_X509_fp #define i2d_X509 wolfSSL_i2d_X509 #define d2i_X509 wolfSSL_d2i_X509 #define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509 +#define PEM_read_bio_X509_REQ wolfSSL_PEM_read_bio_X509_REQ #define PEM_read_bio_X509_CRL wolfSSL_PEM_read_bio_X509_CRL #define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX #define PEM_read_X509 wolfSSL_PEM_read_X509 @@ -363,10 +407,18 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define i2d_PrivateKey wolfSSL_i2d_PrivateKey #define i2d_X509_REQ wolfSSL_i2d_X509_REQ +#define d2i_X509_REQ wolfSSL_d2i_X509_REQ #define X509_REQ_new wolfSSL_X509_REQ_new #define X509_REQ_free wolfSSL_X509_REQ_free #define X509_REQ_sign wolfSSL_X509_REQ_sign +#define X509_REQ_sign_ctx wolfSSL_X509_REQ_sign_ctx #define X509_REQ_add_extensions wolfSSL_X509_REQ_add_extensions +#define X509_REQ_add1_attr_by_NID wolfSSL_X509_REQ_add1_attr_by_NID +#define X509_REQ_add1_attr_by_txt wolfSSL_X509_REQ_add1_attr_by_txt +#define X509_REQ_get_attr_by_NID wolfSSL_X509_REQ_get_attr_by_NID +#define X509_REQ_get_attr wolfSSL_X509_REQ_get_attr +#define X509_ATTRIBUTE_get0_type wolfSSL_X509_ATTRIBUTE_get0_type +#define X509_to_X509_REQ wolfSSL_X509_to_X509_REQ #define X509_REQ_set_subject_name wolfSSL_X509_REQ_set_subject_name #define X509_REQ_set_pubkey wolfSSL_X509_REQ_set_pubkey #define PEM_write_bio_X509_REQ wolfSSL_PEM_write_bio_X509_REQ @@ -376,30 +428,36 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_free wolfSSL_X509_free #define X509_load_certificate_file wolfSSL_X509_load_certificate_file #define X509_digest wolfSSL_X509_digest +#define X509_pubkey_digest wolfSSL_X509_pubkey_digest #define X509_get_ext_count wolfSSL_X509_get_ext_count #define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i #define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d +#define X509_get0_extensions wolfSSL_X509_get0_extensions +#define X509_get_extensions wolfSSL_X509_get0_extensions +#define X509_REQ_get_extensions wolfSSL_X509_REQ_get_extensions #define X509_get_ext wolfSSL_X509_get_ext #define X509_get_ext_by_NID wolfSSL_X509_get_ext_by_NID #define X509_get_issuer_name wolfSSL_X509_get_issuer_name #define X509_issuer_name_hash wolfSSL_X509_issuer_name_hash -#define X509_get_subject_name wolfSSL_X509_get_subject_name #define X509_subject_name_hash wolfSSL_X509_subject_name_hash +#define X509_get_subject_name wolfSSL_X509_get_subject_name +#define X509_REQ_get_subject_name wolfSSL_X509_get_subject_name #define X509_get_pubkey wolfSSL_X509_get_pubkey #define X509_get0_pubkey wolfSSL_X509_get_pubkey +#define X509_REQ_get_pubkey wolfSSL_X509_get_pubkey #define X509_get_notBefore wolfSSL_X509_get_notBefore #define X509_get0_notBefore wolfSSL_X509_get_notBefore +#define X509_getm_notBefore wolfSSL_X509_get_notBefore #define X509_get_notAfter wolfSSL_X509_get_notAfter #define X509_get0_notAfter wolfSSL_X509_get_notAfter +#define X509_getm_notAfter wolfSSL_X509_get_notAfter #define X509_get_serialNumber wolfSSL_X509_get_serialNumber #define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr #define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index #define X509_get_ex_data wolfSSL_X509_get_ex_data #define X509_set_ex_data wolfSSL_X509_set_ex_data #define X509_get1_ocsp wolfSSL_X509_get1_ocsp -#ifndef WOLFSSL_HAPROXY #define X509_get_version wolfSSL_X509_get_version -#endif #define X509_get_signature_nid wolfSSL_X509_get_signature_nid #define X509_set_subject_name wolfSSL_X509_set_subject_name #define X509_set_issuer_name wolfSSL_X509_set_issuer_name @@ -408,19 +466,31 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_set_notBefore wolfSSL_X509_set_notBefore #define X509_set_serialNumber wolfSSL_X509_set_serialNumber #define X509_set_version wolfSSL_X509_set_version +#define X509_REQ_set_version wolfSSL_X509_set_version #define X509_sign wolfSSL_X509_sign +#define X509_sign_ctx wolfSSL_X509_sign_ctx #define X509_print wolfSSL_X509_print +#define X509_REQ_print wolfSSL_X509_print #define X509_print_ex wolfSSL_X509_print_ex +#define X509_print_fp wolfSSL_X509_print_fp +#define X509_REQ_print_fp wolfSSL_X509_print_fp +#define X509_signature_print wolfSSL_X509_signature_print +#define X509_get0_signature wolfSSL_X509_get0_signature #define X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string #define X509_verify_cert wolfSSL_X509_verify_cert +#define X509_verify wolfSSL_X509_verify +#define X509_REQ_verify wolfSSL_X509_REQ_verify #define X509_check_private_key wolfSSL_X509_check_private_key +#define X509_REQ_check_private_key wolfSSL_X509_check_private_key #define X509_check_ca wolfSSL_X509_check_ca #define X509_check_host wolfSSL_X509_check_host +#define X509_check_email wolfSSL_X509_check_email #define X509_check_ip_asc wolfSSL_X509_check_ip_asc #define X509_email_free wolfSSL_X509_email_free #define X509_check_issued wolfSSL_X509_check_issued #define X509_dup wolfSSL_X509_dup #define X509_add_ext wolfSSL_X509_add_ext +#define X509_delete_ext wolfSSL_X509_delete_ext #define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object #define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data @@ -435,6 +505,10 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define sk_X509_pop_free wolfSSL_sk_X509_pop_free #define sk_X509_dup wolfSSL_sk_dup #define sk_X509_free wolfSSL_sk_X509_free +#define X509_chain_up_ref wolfSSL_X509_chain_up_ref + +#define sk_X509_OBJECT_new wolfSSL_sk_X509_OBJECT_new +#define sk_X509_OBJECT_free wolfSSL_sk_X509_OBJECT_free #define sk_X509_EXTENSION_num wolfSSL_sk_X509_EXTENSION_num #define sk_X509_EXTENSION_value wolfSSL_sk_X509_EXTENSION_value @@ -452,6 +526,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define sk_X509_INFO_pop wolfSSL_sk_X509_INFO_pop #define sk_X509_INFO_pop_free wolfSSL_sk_X509_INFO_pop_free #define sk_X509_INFO_free wolfSSL_sk_X509_INFO_free +#define sk_X509_INFO_shift wolfSSL_sk_X509_INFO_pop #define i2d_X509_NAME wolfSSL_i2d_X509_NAME #define d2i_X509_NAME wolfSSL_d2i_X509_NAME @@ -468,9 +543,12 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_NAME_add_entry wolfSSL_X509_NAME_add_entry #define X509_NAME_add_entry_by_txt wolfSSL_X509_NAME_add_entry_by_txt #define X509_NAME_add_entry_by_NID wolfSSL_X509_NAME_add_entry_by_NID +#define X509_NAME_delete_entry wolfSSL_X509_NAME_delete_entry +#define X509_NAME_hash wolfSSL_X509_NAME_hash #define X509_NAME_oneline wolfSSL_X509_NAME_oneline #define X509_NAME_get_index_by_NID wolfSSL_X509_NAME_get_index_by_NID #define X509_NAME_print_ex wolfSSL_X509_NAME_print_ex +#define X509_NAME_print_ex_fp wolfSSL_X509_NAME_print_ex_fp #define X509_NAME_digest wolfSSL_X509_NAME_digest #define X509_cmp_current_time wolfSSL_X509_cmp_current_time #define X509_cmp_time wolfSSL_X509_cmp_time @@ -481,6 +559,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define sk_ACCESS_DESCRIPTION_value wolfSSL_sk_ACCESS_DESCRIPTION_value #define sk_X509_NAME_new wolfSSL_sk_X509_NAME_new +#define sk_X509_NAME_new_null() wolfSSL_sk_X509_NAME_new(NULL) #define sk_X509_NAME_push wolfSSL_sk_X509_NAME_push #define sk_X509_NAME_find wolfSSL_sk_X509_NAME_find #define sk_X509_NAME_set_cmp_func wolfSSL_sk_X509_NAME_set_cmp_func @@ -505,12 +584,20 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME #define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS +#define X509_VP_FLAG_DEFAULT WOLFSSL_VPARAM_DEFAULT +#define X509_VP_FLAG_OVERWRITE WOLFSSL_VPARAM_OVERWRITE +#define X509_VP_FLAG_RESET_FLAGS WOLFSSL_VPARAM_RESET_FLAGS +#define X509_VP_FLAG_LOCKED WOLFSSL_VPARAM_LOCKED +#define X509_VP_FLAG_ONCE WOLFSSL_VPARAM_ONCE + #define X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert #define X509_STORE_CTX_set_verify_cb wolfSSL_X509_STORE_CTX_set_verify_cb #define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new #define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free #define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain +#define X509_STORE_CTX_get0_chain wolfSSL_X509_STORE_CTX_get_chain #define X509_STORE_CTX_get1_chain wolfSSL_X509_STORE_CTX_get1_chain +#define X509_STORE_CTX_get0_parent_ctx wolfSSL_X509_STORE_CTX_get0_parent_ctx #define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error #define X509_STORE_CTX_get_error_depth wolfSSL_X509_STORE_CTX_get_error_depth #define X509_STORE_CTX_init wolfSSL_X509_STORE_CTX_init @@ -525,6 +612,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; wolfSSL_X509_STORE_CTX_get0_current_issuer #define X509_STORE_CTX_get0_store wolfSSL_X509_STORE_CTX_get0_store #define X509_STORE_CTX_get0_cert wolfSSL_X509_STORE_CTX_get0_cert +#define X509_STORE_CTX_trusted_stack wolfSSL_X509_STORE_CTX_trusted_stack #define X509_STORE_set_verify_cb(s, c) \ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_CTX_verify_cb)(c)) @@ -540,17 +628,26 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define X509_STORE_set_flags wolfSSL_X509_STORE_set_flags #define X509_STORE_get1_certs wolfSSL_X509_STORE_get1_certs #define X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject +#define X509_STORE_set_ex_data wolfSSL_X509_STORE_set_ex_data +#define X509_STORE_get_ex_data wolfSSL_X509_STORE_get_ex_data #define X509_STORE_CTX_get1_issuer wolfSSL_X509_STORE_CTX_get1_issuer #define X509_STORE_CTX_set_time wolfSSL_X509_STORE_CTX_set_time +#define X509_VERIFY_PARAM_new wolfSSL_X509_VERIFY_PARAM_new +#define X509_VERIFY_PARAM_free wolfSSL_X509_VERIFY_PARAM_free +#define X509_VERIFY_PARAM_set_flags wolfSSL_X509_VERIFY_PARAM_set_flags +#define X509_VERIFY_PARAM_get_flags wolfSSL_X509_VERIFY_PARAM_get_flags +#define X509_VERIFY_PARAM_clear_flags wolfSSL_X509_VERIFY_PARAM_clear_flags #define X509_VERIFY_PARAM_set_hostflags wolfSSL_X509_VERIFY_PARAM_set_hostflags #define X509_VERIFY_PARAM_set1_host wolfSSL_X509_VERIFY_PARAM_set1_host #define X509_VERIFY_PARAM_set1_ip_asc wolfSSL_X509_VERIFY_PARAM_set1_ip_asc +#define X509_VERIFY_PARAM_set1 wolfSSL_X509_VERIFY_PARAM_set1 #define X509_STORE_load_locations wolfSSL_X509_STORE_load_locations #define X509_LOOKUP_add_dir wolfSSL_X509_LOOKUP_add_dir #define X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file #define X509_LOOKUP_hash_dir wolfSSL_X509_LOOKUP_hash_dir #define X509_LOOKUP_file wolfSSL_X509_LOOKUP_file +#define X509_LOOKUP_ctrl wolfSSL_X509_LOOKUP_ctrl #define d2i_X509_CRL wolfSSL_d2i_X509_CRL #define d2i_X509_CRL_fp wolfSSL_d2i_X509_CRL_fp @@ -561,8 +658,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate #define X509_CRL_verify wolfSSL_X509_CRL_verify #define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED +#define X509_load_crl_file wolfSSL_X509_load_crl_file #define X509_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY +#define X509_REQ_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY #define X509_get0_tbs_sigalg wolfSSL_X509_get0_tbs_sigalg #define X509_PUBKEY_get0_param wolfSSL_X509_PUBKEY_get0_param #define X509_PUBKEY_get wolfSSL_X509_PUBKEY_get @@ -580,6 +679,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents +#define X509_OBJECT_get0_X509 wolfSSL_X509_OBJECT_get0_X509 +#define X509_OBJECT_get0_X509_CRL wolfSSL_X509_OBJECT_get0_X509_CRL + #define X509_check_purpose(...) 0 #define OCSP_parse_url wolfSSL_OCSP_parse_url @@ -610,6 +712,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define BIO_set_write_buffer_size wolfSSL_BIO_set_write_buffer_size #define BIO_f_ssl wolfSSL_BIO_f_ssl #define BIO_new_socket wolfSSL_BIO_new_socket +#define BIO_new_connect wolfSSL_BIO_new_connect +#define BIO_set_conn_port wolfSSL_BIO_set_conn_port +#define BIO_do_connect wolfSSL_BIO_do_connect +#define BIO_do_handshake wolfSSL_BIO_do_handshake #define SSL_set_bio wolfSSL_set_bio #define BIO_set_ssl wolfSSL_BIO_set_ssl #define BIO_eof wolfSSL_BIO_eof @@ -652,15 +758,22 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_ASN1_OBJECT_free wolfSSL_sk_ASN1_OBJECT_free +#define ASN1_TIME_new wolfSSL_ASN1_TIME_new +#define ASN1_UTCTIME_new wolfSSL_ASN1_TIME_new #define ASN1_TIME_free wolfSSL_ASN1_TIME_free +#define ASN1_UTCTIME_free wolfSSL_ASN1_TIME_free #define ASN1_TIME_adj wolfSSL_ASN1_TIME_adj #define ASN1_TIME_print wolfSSL_ASN1_TIME_print #define ASN1_TIME_to_generalizedtime wolfSSL_ASN1_TIME_to_generalizedtime +#define ASN1_TIME_set wolfSSL_ASN1_TIME_set +#define ASN1_TIME_set_string wolfSSL_ASN1_TIME_set_string +#define ASN1_TIME_to_string wolfSSL_ASN1_TIME_to_string #define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print #define ASN1_GENERALIZEDTIME_free wolfSSL_ASN1_GENERALIZEDTIME_free #define ASN1_tag2str wolfSSL_ASN1_tag2str +#define a2i_ASN1_INTEGER wolfSSL_a2i_ASN1_INTEGER #define i2a_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER #define i2c_ASN1_INTEGER wolfSSL_i2c_ASN1_INTEGER #define ASN1_INTEGER_new wolfSSL_ASN1_INTEGER_new @@ -673,13 +786,24 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define i2a_ASN1_OBJECT wolfSSL_i2a_ASN1_OBJECT #define i2d_ASN1_OBJECT wolfSSL_i2d_ASN1_OBJECT +#define ASN1_STRING_new wolfSSL_ASN1_STRING_new +#define ASN1_STRING_free wolfSSL_ASN1_STRING_free +#define ASN1_STRING_cmp wolfSSL_ASN1_STRING_cmp #define ASN1_STRING_data wolfSSL_ASN1_STRING_data -#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data +#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_get0_data #define ASN1_STRING_length wolfSSL_ASN1_STRING_length #define ASN1_STRING_to_UTF8 wolfSSL_ASN1_STRING_to_UTF8 +#define ASN1_UNIVERSALSTRING_to_string wolfSSL_ASN1_UNIVERSALSTRING_to_string #define ASN1_STRING_print_ex wolfSSL_ASN1_STRING_print_ex #define ASN1_STRING_print(x, y) wolfSSL_ASN1_STRING_print ((WOLFSSL_BIO*)(x), (WOLFSSL_ASN1_STRING*)(y)) #define d2i_DISPLAYTEXT wolfSSL_d2i_DISPLAYTEXT +#ifndef NO_WOLFSSL_STUB +#define ASN1_STRING_set_default_mask_asc(...) 1 +#endif + +#define ASN1_OCTET_STRING_free wolfSSL_ASN1_STRING_free + +#define ASN1_PRINTABLE_type(...) V_ASN1_PRINTABLESTRING #define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr @@ -707,6 +831,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback #define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos +#define SSL_CTX_keylog_cb_func wolfSSL_CTX_keylog_cb_func +#define SSL_CTX_set_keylog_callback wolfSSL_CTX_set_keylog_callback +#define SSL_CTX_get_keylog_callback wolfSSL_CTX_get_keylog_callback + #define SSL_alert_type_string wolfSSL_alert_type_string #define SSL_alert_desc_string wolfSSL_alert_desc_string #define SSL_state_string wolfSSL_state_string @@ -715,7 +843,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define RSA_generate_key wolfSSL_RSA_generate_key #define SSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback #define RSA_print wolfSSL_RSA_print -#define RSA_bits wolfSSL_RSA_size +#define RSA_bits wolfSSL_RSA_bits #define RSA_up_ref wolfSSL_RSA_up_ref #define RSA_padding_add_PKCS1_PSS wolfSSL_RSA_padding_add_PKCS1_PSS #define RSA_verify_PKCS1_PSS wolfSSL_RSA_verify_PKCS1_PSS @@ -791,6 +919,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define ERR_error_string wolfSSL_ERR_error_string #define ERR_error_string_n wolfSSL_ERR_error_string_n #define ERR_reason_error_string wolfSSL_ERR_reason_error_string +#define ERR_func_error_string wolfSSL_ERR_func_error_string +#define ERR_lib_error_string wolfSSL_ERR_lib_error_string #define ERR_load_BIO_strings wolfSSL_ERR_load_BIO_strings #ifndef WOLFCRYPT_ONLY @@ -800,6 +930,13 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define PEMerr(func, reason) WOLFSSL_ERROR_LINE((reason), \ NULL, __LINE__, __FILE__, NULL) #endif +#ifndef WOLFCRYPT_ONLY +#define EVPerr(func, reason) wolfSSL_ERR_put_error(ERR_LIB_EVP, \ + (func), (reason), __FILE__, __LINE__) +#else +#define EVPerr(func, reason) WOLFSSL_ERROR_LINE((reason), \ + NULL, __LINE__, __FILE__, NULL) +#endif #define SSLv23_server_method wolfSSLv23_server_method #define SSL_CTX_set_options wolfSSL_CTX_set_options @@ -807,6 +944,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_clear_options wolfSSL_CTX_clear_options #define SSL_CTX_check_private_key wolfSSL_CTX_check_private_key +#define SSL_CTX_get0_privatekey wolfSSL_CTX_get0_privatekey #define SSL_check_private_key wolfSSL_check_private_key #define SSL_CTX_set_mode wolfSSL_CTX_set_mode @@ -828,8 +966,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_num wolfSSL_sk_num #define sk_ASN1_OBJECT_num wolfSSL_sk_num +#define OPENSSL_sk_num wolfSSL_sk_num #define sk_value wolfSSL_sk_value #define sk_ASN1_OBJECT_value wolfSSL_sk_value +#define OPENSSL_sk_value wolfSSL_sk_value #define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio #define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp @@ -897,6 +1037,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_X509_NAME_find wolfSSL_sk_X509_NAME_find +#define DHparams_dup wolfSSL_DH_dup #define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams #define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams @@ -918,14 +1059,12 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \ || defined(WOLFSSL_NGINX) -#include +#include #define SSL_CTRL_CHAIN 88 #define ERR_LIB_SSL 20 #define SSL_R_SHORT_READ 10 #define ERR_R_PEM_LIB 9 -#define V_ASN1_IA5STRING 22 -#define V_ASN1_UTF8STRING 12 #define SSL_CTRL_MODE 33 #define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 @@ -982,13 +1121,22 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_set_min_proto_version wolfSSL_CTX_set_min_proto_version #define SSL_CTX_set_max_proto_version wolfSSL_CTX_set_max_proto_version +#define SSL_set_min_proto_version wolfSSL_set_min_proto_version +#define SSL_set_max_proto_version wolfSSL_set_max_proto_version +#define SSL_CTX_get_min_proto_version wolfSSL_CTX_get_min_proto_version #define SSL_get_tlsext_status_exts wolfSSL_get_tlsext_status_exts +#define SSL_CTX_get_tlsext_ticket_keys wolfSSL_CTX_get_tlsext_ticket_keys +#define SSL_CTX_set_tlsext_ticket_keys wolfSSL_CTX_set_tlsext_ticket_keys +#define SSL_CTX_get_tlsext_status_cb wolfSSL_CTX_get_tlsext_status_cb +#define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb + #define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11 #define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12 #define SSL_CTRL_SET_TMP_DH 3 #define SSL_CTRL_SET_TMP_ECDH 4 +#define SSL_CTRL_SET_SESS_CACHE_MODE 44 #define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 @@ -997,6 +1145,12 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 +#define SSL_CTRL_SET_GROUPS 91 +#define SSL_CTRL_GET_PEER_TMP_KEY 109 +#define SSL_CTRL_GET_SERVER_TMP_KEY SSL_CTRL_GET_PEER_TMP_KEY +#define SSL_CTRL_SET_MIN_PROTO_VERSION 123 +#define SSL_CTRL_SET_MAX_PROTO_VERSION 124 +#define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS #define SSL_CTRL_EXTRA_CHAIN_CERT 14 #define SSL_CTRL_OPTIONS 32 @@ -1026,15 +1180,35 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define DTLS1_VERSION 0xFEFF #define DTLS1_2_VERSION 0xFEFD +#define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L +#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L + +#define CRYPTO_EX_INDEX_SSL 0 +#define TLS_ANY_VERSION 0x10000 +#define DTLS1_2_VERSION 0xFEFD +#define DTLS_MAX_VERSION DTLS1_2_VERSION + +/* apache and lighty use SSL_CONF_FLAG_FILE to enable conf support */ +#if !defined(WOLFSSL_APACHE_HTTPD) && !defined(HAVE_LIGHTY) +#define SSL_CONF_FLAG_CMDLINE WOLFSSL_CONF_FLAG_CMDLINE +#define SSL_CONF_FLAG_FILE WOLFSSL_CONF_FLAG_FILE +#define SSL_CONF_FLAG_CERTIFICATE WOLFSSL_CONF_FLAG_CERTIFICATE +#define SSL_CONF_TYPE_STRING WOLFSSL_CONF_TYPE_STRING +#define SSL_CONF_TYPE_FILE WOLFSSL_CONF_TYPE_FILE +#endif + #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \ || defined(OPENSSL_ALL) -#include +#include #define SSL23_ST_SR_CLNT_HELLO_A (0x210|0x2000) #define SSL3_ST_SR_CLNT_HELLO_A (0x110|0x2000) #define SSL3_AD_BAD_CERTIFICATE bad_certificate #define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE +#define SSL_AD_UNRECOGNIZED_NAME unrecognized_name +#define SSL_AD_NO_RENEGOTIATION no_renegotiation +#define SSL_AD_INTERNAL_ERROR 80 #define ASN1_STRFLGS_ESC_MSB 4 @@ -1074,8 +1248,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL3_AL_FATAL 2 #define SSL_TLSEXT_ERR_OK 0 -#define SSL_TLSEXT_ERR_ALERT_FATAL alert_fatal -#define SSL_TLSEXT_ERR_NOACK alert_warning +#define SSL_TLSEXT_ERR_ALERT_WARNING warning_return +#define SSL_TLSEXT_ERR_ALERT_FATAL fatal_return +#define SSL_TLSEXT_ERR_NOACK noack_return #define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME #define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name @@ -1089,8 +1264,15 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define PSK_MAX_IDENTITY_LEN 128 #define SSL_CTX_clear_options wolfSSL_CTX_clear_options +#define SSL_CTX_add_server_custom_ext(...) 0 #endif /* HAVE_STUNNEL || WOLFSSL_NGINX */ + +#ifndef NO_WOLFSSL_STUB +#define b2i_PrivateKey_bio(...) NULL +#define b2i_PVK_bio(...) NULL +#endif + #define SSL_CTX_get_default_passwd_cb wolfSSL_CTX_get_default_passwd_cb #define SSL_CTX_get_default_passwd_cb_userdata wolfSSL_CTX_get_default_passwd_cb_userdata @@ -1123,11 +1305,12 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_ALL) || \ - defined(HAVE_LIGHTY) + defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) -#include +#include #define OPENSSL_STRING WOLFSSL_STRING +#define OPENSSL_CSTRING WOLFSSL_STRING #define TLSEXT_TYPE_application_layer_protocol_negotiation 16 @@ -1155,6 +1338,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_R_HTTPS_PROXY_REQUEST PARSE_ERROR #define SSL_R_HTTP_REQUEST PARSE_ERROR #define SSL_R_UNSUPPORTED_PROTOCOL VERSION_ERROR +#define SSL_R_CERTIFICATE_VERIFY_FAILED VERIFY_CERT_ERROR #ifdef HAVE_SESSION_TICKET @@ -1164,6 +1348,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define OPENSSL_config wolfSSL_OPENSSL_config #define OPENSSL_memdup wolfSSL_OPENSSL_memdup +#define OPENSSL_cleanse wolfSSL_OPENSSL_cleanse #define SSL_CTX_get_timeout wolfSSL_SSL_CTX_get_timeout #define SSL_CTX_set_tmp_ecdh wolfSSL_SSL_CTX_set_tmp_ecdh #define SSL_CTX_remove_session wolfSSL_SSL_CTX_remove_session @@ -1176,7 +1361,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb #define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb #define SSL_CTX_get_extra_chain_certs wolfSSL_CTX_get_extra_chain_certs +#define sk_OPENSSL_STRING_num wolfSSL_sk_WOLFSSL_STRING_num #define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value +#define sk_OPENSSL_PSTRING_num wolfSSL_sk_WOLFSSL_STRING_num +#define sk_OPENSSL_PSTRING_value (WOLFSSL_STRING*)wolfSSL_sk_WOLFSSL_STRING_value +#define sk_OPENSSL_STRING_free wolfSSL_sk_free #define SSL_get0_alpn_selected wolfSSL_get0_alpn_selected #define SSL_select_next_proto wolfSSL_select_next_proto #define SSL_CTX_set_alpn_select_cb wolfSSL_CTX_set_alpn_select_cb @@ -1198,8 +1387,12 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_add_client_CA wolfSSL_CTX_add_client_CA #define SSL_CTX_set_srp_password wolfSSL_CTX_set_srp_password #define SSL_CTX_set_srp_username wolfSSL_CTX_set_srp_username +#define SSL_CTX_set_srp_strength wolfSSL_CTX_set_srp_strength #define SSL_get_SSL_CTX wolfSSL_get_SSL_CTX #define SSL_get0_param wolfSSL_get0_param +#define SSL_CTX_get0_param wolfSSL_CTX_get0_param +#define SSL_CTX_set1_param wolfSSL_CTX_set1_param +#define SSL_get_srp_username wolfSSL_get_srp_username #define ERR_NUM_ERRORS 16 #define SN_pkcs9_emailAddress "Email" @@ -1210,6 +1403,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_get_rbio wolfSSL_SSL_get_rbio #define SSL_get_wbio wolfSSL_SSL_get_wbio #define SSL_do_handshake wolfSSL_SSL_do_handshake + +#if defined(WOLFSSL_EARLY_DATA) +#define SSL_get_early_data_status wolfSSL_get_early_data_status +#endif + #endif /* OPENSSL_EXTRA */ /* cipher suites for compatibility */ @@ -1226,10 +1424,29 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_X509_OBJECT_num wolfSSL_sk_X509_OBJECT_num #define sk_X509_OBJECT_value wolfSSL_sk_X509_OBJECT_value #define sk_X509_OBJECT_delete wolfSSL_sk_X509_OBJECT_delete +#define X509_OBJECT_new wolfSSL_X509_OBJECT_new #define X509_OBJECT_free wolfSSL_X509_OBJECT_free -#define X509_OBJECT_get_type(x) 0 - +#define X509_OBJECT_get_type wolfSSL_X509_OBJECT_get_type +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +#define OpenSSL_version(x) wolfSSL_OpenSSL_version(x) +#else #define OpenSSL_version(x) wolfSSL_OpenSSL_version() +#endif + +#ifndef NO_WOLFSSL_STUB +#define OBJ_create_objects(...) +#endif + +#define SSL_set_psk_use_session_callback wolfSSL_set_psk_use_session_callback +#define SSL_SESSION_is_resumable wolfSSL_SESSION_is_resumable +typedef WOLFSSL_CONF_CTX SSL_CONF_CTX; + +#define SSL_CONF_CTX_new wolfSSL_CONF_CTX_new +#define SSL_CONF_CTX_free wolfSSL_CONF_CTX_free +#define SSL_CONF_CTX_set_ssl_ctx wolfSSL_CONF_CTX_set_ssl_ctx +#define SSL_CONF_CTX_set_flags wolfSSL_CONF_CTX_set_flags +#define SSL_CONF_CTX_finish wolfSSL_CONF_CTX_finish +#define SSL_CONF_cmd wolfSSL_CONF_cmd #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libwolfssl/openssl/stack.h b/source/libwolfssl/openssl/stack.h index a27c46d4..8040574f 100644 --- a/source/libwolfssl/openssl/stack.h +++ b/source/libwolfssl/openssl/stack.h @@ -1,6 +1,6 @@ /* stack.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -28,15 +28,12 @@ extern "C" { #endif -#include - typedef void (*wolfSSL_sk_freefunc)(void *); WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc); WOLFSSL_API void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK *); WOLFSSL_API int wolfSSL_sk_GENERIC_push(WOLFSSL_STACK *sk, void *data); WOLFSSL_API void wolfSSL_sk_pop_free(WOLFSSL_STACK *st, void (*func) (void *)); -WOLFSSL_API void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk); WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_new_null(void); WOLFSSL_API int wolfSSL_sk_CIPHER_push(WOLFSSL_STACK *st,WOLFSSL_CIPHER *cipher); diff --git a/source/libwolfssl/openssl/tls1.h b/source/libwolfssl/openssl/tls1.h index b73a8b0a..51923f69 100644 --- a/source/libwolfssl/openssl/tls1.h +++ b/source/libwolfssl/openssl/tls1.h @@ -1,6 +1,6 @@ /* tls1.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/openssl/x509.h b/source/libwolfssl/openssl/x509.h index 483e77a3..5b151453 100644 --- a/source/libwolfssl/openssl/x509.h +++ b/source/libwolfssl/openssl/x509.h @@ -1,10 +1,11 @@ /* x509.h for openssl */ -#include -#include -#include -#include -#include +#include +#include +#include +#include +#include +#include /* wolfSSL_X509_print_ex flags */ #define X509_FLAG_COMPAT (0UL) @@ -23,4 +24,21 @@ #define X509_FLAG_NO_IDS (1UL << 12) #define XN_FLAG_FN_SN 0 -#define XN_FLAG_SEP_CPLUS_SPC 2 +#define XN_FLAG_ONELINE 0 +#define XN_FLAG_COMPAT 0 +#define XN_FLAG_RFC2253 1 +#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) +#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) +#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) +#define XN_FLAG_SEP_MULTILINE (4 << 16) +#define XN_FLAG_SEP_MASK (0xF << 16) +#define XN_FLAG_DN_REV (1 << 20) +#define XN_FLAG_FN_LN (1 << 21) +#define XN_FLAG_FN_OID (2 << 21) +#define XN_FLAG_FN_NONE (3 << 21) +#define XN_FLAG_FN_MASK (3 << 21) +#define XN_FLAG_SPC_EQ (1 << 23) +#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) +#define XN_FLAG_FN_ALIGN (1 << 25) + +#define XN_FLAG_MULTILINE 0xFFFF diff --git a/source/libwolfssl/openssl/x509_vfy.h b/source/libwolfssl/openssl/x509_vfy.h index b94b97a0..6642dd54 100644 --- a/source/libwolfssl/openssl/x509_vfy.h +++ b/source/libwolfssl/openssl/x509_vfy.h @@ -1,6 +1,6 @@ /* x509_vfy.h * - * Copyright (C) 2006-2017 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,7 +24,7 @@ #ifndef WOLFSSL_x509_vfy_H_ #define WOLFSSL_x509_vfy_H_ -#include +#include #ifdef __cplusplus extern "C" { diff --git a/source/libwolfssl/openssl/x509v3.h b/source/libwolfssl/openssl/x509v3.h index 4625624b..803777cf 100644 --- a/source/libwolfssl/openssl/x509v3.h +++ b/source/libwolfssl/openssl/x509v3.h @@ -1,6 +1,6 @@ /* x509v3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,8 +24,8 @@ #ifndef WOLFSSL_x509v3_H #define WOLFSSL_x509v3_H -#include -#include +#include +#include #ifdef __cplusplus extern "C" { @@ -83,6 +83,8 @@ struct WOLFSSL_X509_EXTENSION { #define X509V3_CTX WOLFSSL_X509V3_CTX +#define CTX_TEST 0x1 + typedef struct WOLFSSL_AUTHORITY_KEYID AUTHORITY_KEYID; typedef struct WOLFSSL_BASIC_CONSTRAINTS BASIC_CONSTRAINTS; typedef struct WOLFSSL_ACCESS_DESCRIPTION ACCESS_DESCRIPTION; @@ -99,6 +101,8 @@ WOLFSSL_API char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method, const WOLFSSL_ASN1_STRING *s); WOLFSSL_API int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext, unsigned long flag, int indent); +WOLFSSL_API int wolfSSL_X509V3_EXT_add_nconf(WOLFSSL_CONF *conf, WOLFSSL_X509V3_CTX *ctx, + const char *section, WOLFSSL_X509 *cert); #define BASIC_CONSTRAINTS_free wolfSSL_BASIC_CONSTRAINTS_free #define AUTHORITY_KEYID_free wolfSSL_AUTHORITY_KEYID_free @@ -107,11 +111,20 @@ WOLFSSL_API int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, #define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING #define X509V3_EXT_get wolfSSL_X509V3_EXT_get #define X509V3_EXT_d2i wolfSSL_X509V3_EXT_d2i +#define X509V3_EXT_add_nconf wolfSSL_X509V3_EXT_add_nconf +#ifndef NO_WOLFSSL_STUB +#define X509V3_parse_list(...) NULL +#endif #define i2s_ASN1_OCTET_STRING wolfSSL_i2s_ASN1_STRING #define X509V3_EXT_print wolfSSL_X509V3_EXT_print -#define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid -#define X509V3_set_ctx wolfSSL_X509V3_set_ctx -#define X509V3_set_ctx_nodb wolfSSL_X509V3_set_ctx_nodb +#define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid +#define X509V3_set_ctx wolfSSL_X509V3_set_ctx +#ifndef NO_WOLFSSL_STUB +#define X509V3_set_nconf(...) +#endif +#define X509V3_set_ctx_test(ctx) wolfSSL_X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) +#define X509V3_set_ctx_nodb wolfSSL_X509V3_set_ctx_nodb +#define X509v3_get_ext_count wolfSSL_sk_num #ifdef __cplusplus } diff --git a/source/libwolfssl/sniffer.h b/source/libwolfssl/sniffer.h index aa78fc26..beb3601a 100644 --- a/source/libwolfssl/sniffer.h +++ b/source/libwolfssl/sniffer.h @@ -1,6 +1,6 @@ /* sniffer.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,7 +24,8 @@ #ifndef WOLFSSL_SNIFFER_H #define WOLFSSL_SNIFFER_H -#include +#include +#include #ifdef _WIN32 #ifdef SSL_SNIFFER_EXPORTS @@ -182,8 +183,6 @@ typedef struct SSLStats unsigned long int sslDecryptedPackets; unsigned long int sslKeyMatches; unsigned long int sslEncryptedConns; - - unsigned long int sslResumptionValid; unsigned long int sslResumptionInserts; } SSLStats; @@ -199,7 +198,21 @@ SSL_SNIFFER_API int ssl_ReadStatistics(SSLStats* stats); WOLFSSL_API SSL_SNIFFER_API int ssl_ReadResetStatistics(SSLStats* stats); +typedef int (*SSLKeyCb)(void* vSniffer, int namedGroup, + const unsigned char* srvPub, unsigned int srvPubSz, + const unsigned char* cliPub, unsigned int cliPubSz, + DerBuffer* privKey, void* cbCtx, char* error); +#if defined(WOLFSSL_STATIC_EPHEMERAL) && defined(WOLFSSL_TLS13) +/* macro indicating support for key callback */ +#undef WOLFSSL_SNIFFER_KEY_CALLBACK +#define WOLFSSL_SNIFFER_KEY_CALLBACK +WOLFSSL_API +SSL_SNIFFER_API int ssl_SetKeyCallback(SSLKeyCb cb, void* cbCtx); +#endif + + +#ifdef WOLFSSL_SNIFFER_WATCH typedef int (*SSLWatchCb)(void* vSniffer, const unsigned char* certHash, unsigned int certHashSz, @@ -226,29 +239,37 @@ WOLFSSL_API SSL_SNIFFER_API int ssl_SetWatchKey_file(void* vSniffer, const char* keyFile, int keyType, const char* password, char* error); +#endif - +#ifdef WOLFSSL_SNIFFER_STORE_DATA_CB typedef int (*SSLStoreDataCb)(const unsigned char* decryptBuf, unsigned int decryptBufSz, unsigned int decryptBufOffset, void* ctx); WOLFSSL_API SSL_SNIFFER_API int ssl_SetStoreDataCallback(SSLStoreDataCb cb); +#endif +#ifdef WOLFSSL_SNIFFER_STORE_DATA_CB WOLFSSL_API SSL_SNIFFER_API int ssl_DecodePacketWithSessionInfoStoreData( const unsigned char* packet, int length, void* ctx, SSLInfo* sslInfo, char* error); +#endif - +#ifdef WOLFSSL_SNIFFER_CHAIN_INPUT WOLFSSL_API SSL_SNIFFER_API int ssl_DecodePacketWithChain(void* vChain, unsigned int chainSz, unsigned char** data, char* error); +#endif - +#if defined(WOLFSSL_SNIFFER_CHAIN_INPUT) && \ + defined(WOLFSSL_SNIFFER_STORE_DATA_CB) WOLFSSL_API SSL_SNIFFER_API int ssl_DecodePacketWithChainSessionInfoStoreData( void* vChain, unsigned int chainSz, void* ctx, SSLInfo* sslInfo, char* error); +#endif + #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libwolfssl/sniffer_error.h b/source/libwolfssl/sniffer_error.h index 882aaeae..a0788f9b 100644 --- a/source/libwolfssl/sniffer_error.h +++ b/source/libwolfssl/sniffer_error.h @@ -1,6 +1,6 @@ /* sniffer_error.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,6 +24,13 @@ #ifndef WOLFSSL_SNIFFER_ERROR_H #define WOLFSSL_SNIFFER_ERROR_H + +/* General Sniffer Error */ +#define WOLFSSL_SNIFFER_ERROR -1 + +/* Sniffer failed and is in Fatal state */ +#define WOLFSSL_SNIFFER_FATAL_ERROR -2 + /* need to have errors as #defines since .rc files can't handle enums */ /* need to start at 1 and go in order for same reason */ @@ -109,7 +116,6 @@ #define GOT_CERT_STATUS_STR 73 #define RSA_KEY_MISSING_STR 74 #define NO_SECURE_RENEGOTIATION 75 - #define BAD_SESSION_STATS 76 #define REASSEMBLY_MAX_STR 77 #define DROPPING_LOST_FRAG_STR 78 @@ -131,6 +137,7 @@ #define STORE_DATA_FAIL_STR 92 #define CHAIN_INPUT_STR 93 #define GOT_ENC_EXT_STR 94 +#define GOT_HELLO_RETRY_REQ_STR 95 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */ diff --git a/source/libwolfssl/ssl.h b/source/libwolfssl/ssl.h index 0f89d508..d3e0cde3 100644 --- a/source/libwolfssl/ssl.h +++ b/source/libwolfssl/ssl.h @@ -1,6 +1,6 @@ /* ssl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -35,11 +35,16 @@ #include #include #include +#include #ifdef HAVE_WOLF_EVENT #include #endif + #ifdef WOLF_CRYPTO_CB + #include +#endif + /* used internally by wolfSSL while OpenSSL types aren't */ #include @@ -82,8 +87,8 @@ #endif #elif (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) - #include - #include + #include + #include /* We need the old SSL names */ #ifdef NO_OLD_SSL_NAMES @@ -98,6 +103,19 @@ extern "C" { #endif +/* LHASH is implemented as a stack */ +typedef struct WOLFSSL_STACK WOLFSSL_LHASH; +#ifndef WOLF_LHASH_OF + #define WOLF_LHASH_OF(x) WOLFSSL_LHASH +#endif + +#ifndef WOLF_STACK_OF + #define WOLF_STACK_OF(x) WOLFSSL_STACK +#endif +#ifndef DECLARE_STACK_OF + #define DECLARE_STACK_OF(x) WOLF_STACK_OF(x); +#endif + #ifndef WOLFSSL_WOLFSSL_TYPE_DEFINED #define WOLFSSL_WOLFSSL_TYPE_DEFINED typedef struct WOLFSSL WOLFSSL; @@ -126,6 +144,10 @@ typedef struct WOLFSSL_X509_STORE_CTX WOLFSSL_X509_STORE_CTX; typedef int (*WOLFSSL_X509_STORE_CTX_verify_cb)(int, WOLFSSL_X509_STORE_CTX *); +typedef struct WOLFSSL_BY_DIR_HASH WOLFSSL_BY_DIR_HASH; +typedef struct WOLFSSL_BY_DIR_entry WOLFSSL_BY_DIR_entry; +typedef struct WOLFSSL_BY_DIR WOLFSSL_BY_DIR; + /* redeclare guard */ #define WOLFSSL_TYPES_DEFINED @@ -171,7 +193,6 @@ typedef struct WOLFSSL_X509_VERIFY_PARAM WOLFSSL_X509_VERIFY_PARAM; typedef struct WOLFSSL_BIO WOLFSSL_BIO; typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD; typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION; -typedef struct WOLFSSL_CONF_VALUE WOLFSSL_CONF_VALUE; typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT; typedef struct WOLFSSL_ASN1_OTHERNAME WOLFSSL_ASN1_OTHERNAME; typedef struct WOLFSSL_X509V3_CTX WOLFSSL_X509V3_CTX; @@ -185,12 +206,15 @@ typedef struct WOLFSSL_DH WOLFSSL_DH; #endif typedef struct WOLFSSL_ASN1_BIT_STRING WOLFSSL_ASN1_BIT_STRING; typedef struct WOLFSSL_ASN1_TYPE WOLFSSL_ASN1_TYPE; +typedef struct WOLFSSL_X509_ATTRIBUTE WOLFSSL_X509_ATTRIBUTE; typedef struct WOLFSSL_GENERAL_NAME WOLFSSL_GENERAL_NAME; typedef struct WOLFSSL_AUTHORITY_KEYID WOLFSSL_AUTHORITY_KEYID; typedef struct WOLFSSL_BASIC_CONSTRAINTS WOLFSSL_BASIC_CONSTRAINTS; typedef struct WOLFSSL_ACCESS_DESCRIPTION WOLFSSL_ACCESS_DESCRIPTION; +typedef struct WOLFSSL_CONF_CTX WOLFSSL_CONF_CTX; + #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) struct WOLFSSL_AUTHORITY_KEYID { @@ -259,8 +283,6 @@ struct WOLFSSL_X509V3_CTX { WOLFSSL_X509* x509; }; - - struct WOLFSSL_ASN1_OBJECT { void* heap; const unsigned char* obj; @@ -314,6 +336,12 @@ struct WOLFSSL_ASN1_TYPE { } value; }; +struct WOLFSSL_X509_ATTRIBUTE { + WOLFSSL_ASN1_OBJECT *object; + WOLFSSL_ASN1_TYPE *value; + WOLF_STACK_OF(WOLFSSL_ASN1_TYPE) *set; +}; + struct WOLFSSL_EVP_PKEY { void* heap; int type; /* openssh dereference */ @@ -325,28 +353,31 @@ struct WOLFSSL_EVP_PKEY { union { char* ptr; /* der format of key / or raw for NTRU */ } pkey; - #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) +#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) #ifndef NO_RSA - WOLFSSL_RSA* rsa; - byte ownRsa; /* if struct owns RSA and should free it */ + WOLFSSL_RSA* rsa; #endif #ifndef NO_DSA - WOLFSSL_DSA* dsa; - byte ownDsa; /* if struct owns DSA and should free it */ + WOLFSSL_DSA* dsa; #endif #ifdef HAVE_ECC - WOLFSSL_EC_KEY* ecc; - byte ownEcc; /* if struct owns ECC and should free it */ + WOLFSSL_EC_KEY* ecc; #endif #ifndef NO_DH - WOLFSSL_DH* dh; - byte ownDh; /* if struct owns DH and should free it */ + WOLFSSL_DH* dh; #endif WC_RNG rng; - #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ - #ifdef HAVE_ECC - int pkey_curve; - #endif +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#ifdef HAVE_ECC + int pkey_curve; +#endif + word16 pkcs8HeaderSz; + + /* option bits */ + byte ownDh:1; /* if struct owns DH and should free it */ + byte ownEcc:1; /* if struct owns ECC and should free it */ + byte ownDsa:1; /* if struct owns DSA and should free it */ + byte ownRsa:1; /* if struct owns RSA and should free it */ }; typedef struct WOLFSSL_EVP_PKEY WOLFSSL_PKCS8_PRIV_KEY_INFO; #ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */ @@ -468,6 +499,8 @@ struct WOLFSSL_BIO { void* heap; /* user heap hint */ void* ptr; /* WOLFSSL, file descriptor, MD, or mem buf */ void* usrCtx; /* user set pointer */ + const char* ip; /* IP address for wolfIO_TcpConnect */ + word16 port; /* Port for wolfIO_TcpConnect */ char* infoArg; /* BIO callback argument */ wolf_bio_info_cb infoCb; /* BIO callback */ int wrSz; /* write buffer size (mem) */ @@ -495,12 +528,19 @@ typedef struct WOLFSSL_COMP { WOLFSSL_COMP_METHOD *method; } WOLFSSL_COMP; +#define WOLFSSL_X509_L_FILE_LOAD 0x1 +#define WOLFSSL_X509_L_ADD_DIR 0x2 +#define WOLFSSL_X509_L_ADD_STORE 0x3 +#define WOLFSSL_X509_L_LOAD_STORE 0x4 + struct WOLFSSL_X509_LOOKUP_METHOD { int type; }; struct WOLFSSL_X509_LOOKUP { WOLFSSL_X509_STORE *store; + int type; + WOLFSSL_BY_DIR* dirs; }; struct WOLFSSL_X509_STORE { @@ -511,6 +551,9 @@ struct WOLFSSL_X509_STORE { int isDynamic; WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */ #endif +#ifdef OPENSSL_ALL + WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* objs; /* object stack cache */ +#endif #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) WOLFSSL_X509_STORE_CTX_verify_cb verify_cb; #endif @@ -523,13 +566,28 @@ struct WOLFSSL_X509_STORE { }; #define WOLFSSL_NO_WILDCARDS 0x4 + +#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ + defined(WOLFSSL_WPAS_SMALL) || defined(WOLFSSL_IP_ALT_NAME) + #define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */ + #define WOLFSSL_IP4_ADDR_LEN 4 + #define WOLFSSL_IP6_ADDR_LEN 16 +#endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */ + #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) #define WOLFSSL_USE_CHECK_TIME 0x2 #define WOLFSSL_NO_CHECK_TIME 0x200000 #define WOLFSSL_HOST_NAME_MAX 256 -#define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */ + +#define WOLFSSL_VPARAM_DEFAULT 0x1 +#define WOLFSSL_VPARAM_OVERWRITE 0x2 +#define WOLFSSL_VPARAM_RESET_FLAGS 0x4 +#define WOLFSSL_VPARAM_LOCKED 0x8 +#define WOLFSSL_VPARAM_ONCE 0x10 + struct WOLFSSL_X509_VERIFY_PARAM { time_t check_time; + unsigned int inherit_flags; unsigned long flags; char hostName[WOLFSSL_HOST_NAME_MAX]; unsigned int hostFlags; @@ -551,8 +609,14 @@ typedef struct WOLFSSL_X509_REVOKED { WOLFSSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */ } WOLFSSL_X509_REVOKED; +typedef enum { + WOLFSSL_X509_LU_NONE = 0, + WOLFSSL_X509_LU_X509, + WOLFSSL_X509_LU_CRL +} WOLFSSL_X509_LOOKUP_TYPE; typedef struct WOLFSSL_X509_OBJECT { + WOLFSSL_X509_LOOKUP_TYPE type; union { char* ptr; WOLFSSL_X509 *x509; @@ -596,6 +660,25 @@ struct WOLFSSL_X509_STORE_CTX { typedef char* WOLFSSL_STRING; +typedef struct WOLFSSL_RAND_METHOD { + /* seed = Data to mix into the random generator. + * len = Number of bytes to mix from seed. */ + int (*seed)(const void* seed, int len); + /* buf = Buffer to store random bytes in. + * len = Number of bytes to store in buf. */ + int (*bytes)(unsigned char* buf, int len); + void (*cleanup)(void); + /* add = Data to mix into the random generator. + * len = Number of bytes to mix from add. + * entropy = Estimate of randomness contained in seed. + * Should be between 0 and len. */ + int (*add)(const void* add, int len, double entropy); + /* buf = Buffer to store pseudorandom bytes in. + * len = Number of bytes to store in buf. */ + int (*pseudorand)(unsigned char *buf, int len); + int (*status)(void); +} WOLFSSL_RAND_METHOD; + /* Valid Alert types from page 16/17 * Add alert string to the function wolfSSL_alert_type_string_long in src/ssl.c */ @@ -639,6 +722,35 @@ enum AlertLevel { alert_fatal = 2 }; +enum SNICbReturn { + warning_return = alert_warning, + fatal_return = alert_fatal, + noack_return, +}; + +/* WS_RETURN_CODE macro + * Some OpenSSL APIs specify "0" as the return value when an error occurs. + * However, some corresponding wolfSSL APIs return negative values. Such + * functions should use this macro to fill this gap. Users who want them + * to return the same return value as OpenSSL can define + * WOLFSSL_ERR_CODE_OPENSSL. + * Give item1 a variable that contains the potentially negative + * wolfSSL-defined return value or the return value itself, and + * give item2 the openSSL-defined return value. + * Note that this macro replaces only negative return values with the + * specified value. + * Since wolfSSL 4.7.0, the following functions use this macro: + * - wolfSSL_CTX_load_verify_locations + * - wolfSSL_X509_LOOKUP_load_file + * - wolfSSL_EVP_PKEY_cmp + */ +#if defined(WOLFSSL_ERROR_CODE_OPENSSL) + #define WS_RETURN_CODE(item1,item2) \ + ((item1 < 0) ? item2 : item1) +#else + #define WS_RETURN_CODE(item1,item2) (item1) +#endif + /* Maximum master key length (SECRET_LEN) */ #define WOLFSSL_MAX_MASTER_KEY_LENGTH 48 /* Maximum number of groups that can be set */ @@ -785,12 +897,23 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, #define WOLFSSL_LOAD_FLAG_IGNORE_ERR 0x00000001 #define WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY 0x00000002 #define WOLFSSL_LOAD_FLAG_PEM_CA_ONLY 0x00000004 +#if defined(WOLFSSL_QT) +#define WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR 0x00000008 +#define WOLFSSL_LOAD_FLAG_IGNORE_ZEROFILE 0x00000010 +#endif #ifndef WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS #define WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS WOLFSSL_LOAD_FLAG_NONE #endif + +WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl); +WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx); +WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); #endif /* !NO_CERTS */ +#define WOLFSSL_CIPHER_SUITE_FLAG_NONE 0x0 +#define WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS 0x1 + #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) WOLFSSL_API int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX*, const char*, @@ -806,9 +929,6 @@ WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX *, const char *file, int format); WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int); -WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl); -WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx); -WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, int); WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*, @@ -835,10 +955,17 @@ WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap); WOLFSSL_ABI WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*); #ifdef OPENSSL_EXTRA WOLFSSL_API int wolfSSL_CTX_up_ref(WOLFSSL_CTX*); +WOLFSSL_API int wolfSSL_CTX_set_ecdh_auto(WOLFSSL_CTX* ctx, int onoff); +WOLFSSL_API int wolfSSL_get_signature_nid(WOLFSSL* ssl, int* nid); +WOLFSSL_API int wolfSSL_CTX_set1_sigalgs_list(WOLFSSL_CTX* ctx, + const char* list); +WOLFSSL_API int wolfSSL_set1_sigalgs_list(WOLFSSL* ssl, const char* list); #endif WOLFSSL_ABI WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl); +WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM* wolfSSL_CTX_get0_param(WOLFSSL_CTX* ctx); WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM* wolfSSL_get0_param(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_CTX_set1_param(WOLFSSL_CTX* ctx, WOLFSSL_X509_VERIFY_PARAM *vpm); WOLFSSL_API int wolfSSL_is_server(WOLFSSL*); WOLFSSL_API WOLFSSL* wolfSSL_write_dup(WOLFSSL*); WOLFSSL_ABI WOLFSSL_API int wolfSSL_set_fd (WOLFSSL*, int); @@ -853,6 +980,8 @@ WOLFSSL_API const char* wolfSSL_get_cipher_name_from_suite(const unsigned char, const unsigned char); WOLFSSL_API const char* wolfSSL_get_cipher_name_iana_from_suite( const unsigned char, const unsigned char); +WOLFSSL_API int wolfSSL_get_cipher_suite_from_name(const char* name, + byte* cipherSuite0, byte* cipherSuite, int* flags); WOLFSSL_API const char* wolfSSL_get_shared_ciphers(WOLFSSL* ssl, char* buf, int len); WOLFSSL_API const char* wolfSSL_get_curve_name(WOLFSSL* ssl); @@ -873,6 +1002,7 @@ WOLFSSL_API int wolfSSL_no_ticket_TLSv13(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX* ctx); WOLFSSL_API int wolfSSL_no_dhe_psk(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_update_keys(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_key_update_response(WOLFSSL* ssl, int* required); WOLFSSL_API int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx); WOLFSSL_API int wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_request_certificate(WOLFSSL* ssl); @@ -885,10 +1015,21 @@ WOLFSSL_API int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups, int count); WOLFSSL_API int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count); +#ifdef OPENSSL_EXTRA +WOLFSSL_API int wolfSSL_CTX_set1_groups(WOLFSSL_CTX* ctx, int* groups, + int count); +WOLFSSL_API int wolfSSL_set1_groups(WOLFSSL* ssl, int* groups, int count); +#endif + WOLFSSL_API int wolfSSL_connect_TLSv13(WOLFSSL*); WOLFSSL_API int wolfSSL_accept_TLSv13(WOLFSSL*); #ifdef WOLFSSL_EARLY_DATA + +#define WOLFSSL_EARLY_DATA_NOT_SENT 0 +#define WOLFSSL_EARLY_DATA_REJECTED 1 +#define WOLFSSL_EARLY_DATA_ACCEPTED 2 + WOLFSSL_API int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx, unsigned int sz); WOLFSSL_API int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz); @@ -896,6 +1037,7 @@ WOLFSSL_API int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data, int sz, int* outSz); WOLFSSL_API int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz, int* outSz); +WOLFSSL_API int wolfSSL_get_early_data_status(const WOLFSSL* ssl); #endif /* WOLFSSL_EARLY_DATA */ #endif /* WOLFSSL_TLS13 */ WOLFSSL_ABI WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX*); @@ -950,6 +1092,25 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_SESSION_get0_peer(WOLFSSL_SESSION* session); typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*); typedef void (CallbackInfoState)(const WOLFSSL*, int, int); +/* class index for wolfSSL_CRYPTO_get_ex_new_index */ +#define CRYPTO_EX_INDEX_SSL 0 +#define CRYPTO_EX_INDEX_SSL_CTX 1 +#define CRYPTO_EX_INDEX_SSL_SESSION 2 +#define CRYPTO_EX_INDEX_X509 3 +#define CRYPTO_EX_INDEX_X509_STORE 4 +#define CRYPTO_EX_INDEX_X509_STORE_CTX 5 +#define CRYPTO_EX_INDEX_DH 6 +#define CRYPTO_EX_INDEX_DSA 7 +#define CRYPTO_EX_INDEX_EC_KEY 8 +#define CRYPTO_EX_INDEX_RSA 9 +#define CRYPTO_EX_INDEX_ENGINE 10 +#define CRYPTO_EX_INDEX_UI 11 +#define CRYPTO_EX_INDEX_BIO 12 +#define CRYPTO_EX_INDEX_APP 13 +#define CRYPTO_EX_INDEX_UI_METHOD 14 +#define CRYPTO_EX_INDEX_DRBG 15 +#define CRYPTO_EX_INDEX__COUNT 16 + #if defined(HAVE_EX_DATA) || defined(FORTRESS) typedef int (WOLFSSL_CRYPTO_EX_new)(void* p, void* ptr, WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); @@ -961,9 +1122,10 @@ typedef void (WOLFSSL_CRYPTO_EX_free)(void* p, void* ptr, WOLFSSL_API int wolfSSL_get_ex_new_index(long argValue, void* arg, WOLFSSL_CRYPTO_EX_new* a, WOLFSSL_CRYPTO_EX_dup* b, WOLFSSL_CRYPTO_EX_free* c); + #endif -WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int, +WOLFSSL_ABI WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int, VerifyCallback verify_callback); #ifdef OPENSSL_ALL @@ -974,6 +1136,14 @@ WOLFSSL_API void wolfSSL_CTX_set_cert_verify_callback(WOLFSSL_CTX* ctx, WOLFSSL_API void wolfSSL_set_verify(WOLFSSL*, int, VerifyCallback verify_callback); WOLFSSL_API void wolfSSL_set_verify_result(WOLFSSL*, long); + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ + defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) +WOLFSSL_API int wolfSSL_verify_client_post_handshake(WOLFSSL*); +WOLFSSL_API int wolfSSL_CTX_set_post_handshake_auth(WOLFSSL_CTX*, int); +WOLFSSL_API int wolfSSL_set_post_handshake_auth(WOLFSSL*, int); +#endif + WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*); WOLFSSL_ABI WOLFSSL_API int wolfSSL_pending(WOLFSSL*); @@ -1013,6 +1183,46 @@ WOLFSSL_API int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX*, const char*); WOLFSSL_API int wolfSSL_set_cipher_list(WOLFSSL*, const char*); +#ifdef HAVE_KEYING_MATERIAL +/* Keying Material Exporter for TLS */ +WOLFSSL_API int wolfSSL_export_keying_material(WOLFSSL *ssl, + unsigned char *out, size_t outLen, + const char *label, size_t labelLen, + const unsigned char *context, size_t contextLen, + int use_context); +#endif /* HAVE_KEYING_MATERIAL */ + +#ifdef WOLFSSL_WOLFSENTRY_HOOKS + +typedef enum { + WOLFSSL_NETFILTER_PASS = 0, + WOLFSSL_NETFILTER_ACCEPT = 1, + WOLFSSL_NETFILTER_REJECT = 2 +} wolfSSL_netfilter_decision_t; + +typedef int (*NetworkFilterCallback_t)( + WOLFSSL *ssl, + void *AcceptFilter_arg, + wolfSSL_netfilter_decision_t *decision); +WOLFSSL_API int wolfSSL_CTX_set_AcceptFilter( + WOLFSSL_CTX *ctx, + NetworkFilterCallback_t AcceptFilter, + void *AcceptFilter_arg); +WOLFSSL_API int wolfSSL_set_AcceptFilter( + WOLFSSL *ssl, + NetworkFilterCallback_t AcceptFilter, + void *AcceptFilter_arg); +WOLFSSL_API int wolfSSL_CTX_set_ConnectFilter( + WOLFSSL_CTX *ctx, + NetworkFilterCallback_t ConnectFilter, + void *ConnectFilter_arg); +WOLFSSL_API int wolfSSL_set_ConnectFilter( + WOLFSSL *ssl, + NetworkFilterCallback_t ConnectFilter, + void *ConnectFilter_arg); + +#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ + /* Nonblocking DTLS helper functions */ WOLFSSL_API void wolfSSL_dtls_set_using_nonblock(WOLFSSL*, int); WOLFSSL_API int wolfSSL_dtls_get_using_nonblock(WOLFSSL*); @@ -1067,23 +1277,11 @@ WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*); WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long sz); WOLFSSL_API const char* wolfSSL_ERR_reason_error_string(unsigned long); +WOLFSSL_API const char* wolfSSL_ERR_func_error_string(unsigned long); +WOLFSSL_API const char* wolfSSL_ERR_lib_error_string(unsigned long); /* extras */ - -/* for now LHASH is not implemented */ -typedef int WOLFSSL_LHASH; -#ifndef WOLF_LHASH_OF - #define WOLF_LHASH_OF(x) WOLFSSL_LHASH -#endif - -#ifndef WOLF_STACK_OF - #define WOLF_STACK_OF(x) WOLFSSL_STACK -#endif -#ifndef DECLARE_STACK_OF - #define DECLARE_STACK_OF(x) WOLF_STACK_OF(x); -#endif - WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_node(void* heap); WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK* sk); WOLFSSL_API void wolfSSL_sk_free_node(WOLFSSL_STACK* in); @@ -1148,10 +1346,18 @@ WOLFSSL_API void wolfSSL_sk_ASN1_OBJECT_pop_free( WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk, void (*f)(WOLFSSL_ASN1_OBJECT*)); WOLFSSL_API int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *in); +WOLFSSL_API int wolfSSL_ASN1_UNIVERSALSTRING_to_string(WOLFSSL_ASN1_STRING *s); WOLFSSL_API int wolfSSL_sk_X509_EXTENSION_num(WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk); WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_sk_X509_EXTENSION_value( WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk, int idx); WOLFSSL_API int wolfSSL_set_ex_data(WOLFSSL*, int, void*); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_set_ex_data_with_cleanup( + WOLFSSL* ssl, + int idx, + void* data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API int wolfSSL_get_shutdown(const WOLFSSL*); WOLFSSL_API int wolfSSL_set_rfd(WOLFSSL*, int); WOLFSSL_API int wolfSSL_set_wfd(WOLFSSL*, int); @@ -1165,6 +1371,8 @@ WOLFSSL_API int wolfSSL_SESSION_up_ref(WOLFSSL_SESSION* session); WOLFSSL_API WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session); WOLFSSL_API WOLFSSL_SESSION* wolfSSL_SESSION_new(void); WOLFSSL_API void wolfSSL_SESSION_free(WOLFSSL_SESSION* session); +WOLFSSL_API int wolfSSL_SESSION_set_cipher(WOLFSSL_SESSION* session, + const WOLFSSL_CIPHER* cipher); WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL*); WOLFSSL_API const char* wolfSSL_get_version(const WOLFSSL*); @@ -1182,10 +1390,12 @@ WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl); /* what's ref count */ WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_new(void); -#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_ALL) +#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_EXTRA) WOLFSSL_API int wolfSSL_RSA_up_ref(WOLFSSL_RSA* rsa); WOLFSSL_API int wolfSSL_X509_up_ref(WOLFSSL_X509* x509); WOLFSSL_API int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey); +WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* + wolfSSL_X509_chain_up_ref(WOLF_STACK_OF(WOLFSSL_X509)* chain); #endif WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, @@ -1195,10 +1405,14 @@ WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD*); +#else WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); +#endif WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*); WOLFSSL_API void wolfSSL_BIO_vfree(WOLFSSL_BIO*); -WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*); +WOLFSSL_API void wolfSSL_BIO_free_all(WOLFSSL_BIO*); WOLFSSL_API int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz); WOLFSSL_API int wolfSSL_BIO_puts(WOLFSSL_BIO* bio, const char* buf); WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_next(WOLFSSL_BIO* bio); @@ -1230,6 +1444,13 @@ WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void); WOLFSSL_API void wolfSSL_BIO_set_flags(WOLFSSL_BIO*, int); WOLFSSL_API void wolfSSL_BIO_clear_flags(WOLFSSL_BIO *bio, int flags); WOLFSSL_API int wolfSSL_BIO_set_ex_data(WOLFSSL_BIO *bio, int idx, void *data); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_BIO_set_ex_data_with_cleanup( + WOLFSSL_BIO *bio, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API void *wolfSSL_BIO_get_ex_data(WOLFSSL_BIO *bio, int idx); WOLFSSL_API long wolfSSL_BIO_set_nbio(WOLFSSL_BIO*, long); @@ -1263,11 +1484,18 @@ WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr); #ifndef NO_FILESYSTEM WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_file(void); +WOLFSSL_API WOLFSSL_BIO *wolfSSL_BIO_new_fd(int fd, int close_flag); #endif WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_bio(void); WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void); +WOLFSSL_API WOLFSSL_BIO *wolfSSL_BIO_new_connect(const char *str); +WOLFSSL_API long wolfSSL_BIO_set_conn_port(WOLFSSL_BIO *b, char* port); +WOLFSSL_API long wolfSSL_BIO_do_connect(WOLFSSL_BIO *b); + +WOLFSSL_API long wolfSSL_BIO_do_handshake(WOLFSSL_BIO *b); + WOLFSSL_API long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, void *parg); WOLFSSL_API long wolfSSL_BIO_int_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, int iarg); @@ -1280,6 +1508,7 @@ WOLFSSL_API int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num); WOLFSSL_API int wolfSSL_BIO_reset(WOLFSSL_BIO *bio); WOLFSSL_API int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs); +WOLFSSL_API int wolfSSL_BIO_tell(WOLFSSL_BIO* bio); WOLFSSL_API int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name); WOLFSSL_API long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v); WOLFSSL_API long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m); @@ -1322,6 +1551,8 @@ WOLFSSL_API void wolfSSL_X509_STORE_set_verify_cb(WOLFSSL_X509_STORE *st, WOLFSSL_X509_STORE_CTX_verify_cb verify_cb); WOLFSSL_API int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* n, unsigned char** out); +WOLFSSL_API int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, + unsigned char** out); WOLFSSL_API WOLFSSL_X509_NAME *wolfSSL_d2i_X509_NAME(WOLFSSL_X509_NAME **name, unsigned char **in, long length); #ifndef NO_RSA @@ -1329,9 +1560,17 @@ WOLFSSL_API int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset #endif WOLFSSL_API int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, unsigned long nmflags, unsigned long cflag); +#ifndef NO_FILESYSTEM +WOLFSSL_API int wolfSSL_X509_print_fp(XFILE fp, WOLFSSL_X509 *x509); +#endif +WOLFSSL_API int wolfSSL_X509_signature_print(WOLFSSL_BIO *bp, + const WOLFSSL_X509_ALGOR *sigalg, const WOLFSSL_ASN1_STRING *sig); +WOLFSSL_API void wolfSSL_X509_get0_signature(const WOLFSSL_ASN1_BIT_STRING **psig, + const WOLFSSL_X509_ALGOR **palg, const WOLFSSL_X509 *x509); WOLFSSL_API int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); WOLFSSL_ABI WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, char*, int); +WOLFSSL_API unsigned long wolfSSL_X509_NAME_hash(WOLFSSL_X509_NAME*); #if defined(OPENSSL_EXTRA) && defined(XSNPRINTF) WOLFSSL_API char* wolfSSL_X509_get_name_oneline(WOLFSSL_X509_NAME*, char*, int); #endif @@ -1353,6 +1592,9 @@ WOLFSSL_API unsigned char* wolfSSL_X509_get_subjectKeyID( WOLFSSL_X509*, unsigned char*, int*); WOLFSSL_API int wolfSSL_X509_verify(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey); +#ifdef WOLFSSL_CERT_REQ +WOLFSSL_API int wolfSSL_X509_REQ_verify(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey); +#endif WOLFSSL_API int wolfSSL_X509_set_subject_name(WOLFSSL_X509*, WOLFSSL_X509_NAME*); WOLFSSL_API int wolfSSL_X509_set_issuer_name(WOLFSSL_X509*, @@ -1369,6 +1611,7 @@ WOLFSSL_API int wolfSSL_X509_set_serialNumber(WOLFSSL_X509* x509, WOLFSSL_API int wolfSSL_X509_set_version(WOLFSSL_X509* x509, long v); WOLFSSL_API int wolfSSL_X509_sign(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey, const WOLFSSL_EVP_MD* md); +WOLFSSL_API int wolfSSL_X509_sign_ctx(WOLFSSL_X509 *x509, WOLFSSL_EVP_MD_CTX *ctx); WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*); @@ -1383,11 +1626,16 @@ WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_dup(WOLFSSL_ASN1_STRING* as WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type); WOLFSSL_API int wolfSSL_ASN1_STRING_type(const WOLFSSL_ASN1_STRING* asn1); WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_d2i_DISPLAYTEXT(WOLFSSL_ASN1_STRING **asn, const unsigned char **in, long len); +WOLFSSL_API int wolfSSL_ASN1_STRING_cmp(const WOLFSSL_ASN1_STRING *a, const WOLFSSL_ASN1_STRING *b); WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, int dataSz); WOLFSSL_API unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); +WOLFSSL_API const unsigned char* wolfSSL_ASN1_STRING_get0_data( + const WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); +WOLFSSL_API int wolfSSL_ASN1_STRING_copy(WOLFSSL_ASN1_STRING* dst, + const WOLFSSL_ASN1_STRING* src); WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*); WOLFSSL_API const char* wolfSSL_X509_verify_cert_error_string(long); WOLFSSL_API int wolfSSL_X509_get_signature_type(WOLFSSL_X509*); @@ -1401,6 +1649,8 @@ WOLFSSL_API int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP*, const char*, long); WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_hash_dir(void); WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_file(void); +WOLFSSL_API int wolfSSL_X509_LOOKUP_ctrl(WOLFSSL_X509_LOOKUP *ctx, int cmd, + const char *argc, long argl, char **ret); WOLFSSL_API WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE*, WOLFSSL_X509_LOOKUP_METHOD*); @@ -1412,6 +1662,8 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get_chain( WOLFSSL_X509_STORE_CTX* ctx); WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get1_chain( WOLFSSL_X509_STORE_CTX* ctx); +WOLFSSL_API WOLFSSL_X509_STORE_CTX *wolfSSL_X509_STORE_CTX_get0_parent_ctx( + WOLFSSL_X509_STORE_CTX *ctx); WOLFSSL_API int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store, unsigned long flag); WOLFSSL_API int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE*); @@ -1422,10 +1674,12 @@ WOLFSSL_API int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_STORE*, WOLFSSL_X509*, WOLF_STACK_OF(WOLFSSL_X509)*); WOLFSSL_API void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX*); WOLFSSL_API void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX*); +WOLFSSL_API void wolfSSL_X509_STORE_CTX_trusted_stack(WOLFSSL_X509_STORE_CTX *ctx, + WOLF_STACK_OF(WOLFSSL_X509) *sk); WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL*); WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL*); -WOLFSSL_ASN1_TIME* wolfSSL_X509_gmtime_adj(WOLFSSL_ASN1_TIME *s, long adj); +WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_gmtime_adj(WOLFSSL_ASN1_TIME *s, long adj); WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509*); WOLFSSL_API int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKEY*); @@ -1443,6 +1697,11 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** key, unsigned char** in, long inSz); WOLFSSL_API int wolfSSL_i2d_PrivateKey(const WOLFSSL_EVP_PKEY* key, unsigned char** der); +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out, + const WOLFSSL_EVP_PKEY* pkey, + int indent, WOLFSSL_ASN1_PCTX* pctx); +#endif /* OPENSSL_EXTRA */ WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*); #ifdef OPENSSL_EXTRA WOLFSSL_API int wolfSSL_X509_cmp_time(const WOLFSSL_ASN1_TIME* asnTime, @@ -1455,6 +1714,13 @@ WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*); WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX*, unsigned long flags, time_t t); +WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM* wolfSSL_X509_VERIFY_PARAM_new(void); +WOLFSSL_API void wolfSSL_X509_VERIFY_PARAM_free(WOLFSSL_X509_VERIFY_PARAM *param); +WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set_flags(WOLFSSL_X509_VERIFY_PARAM *param, + unsigned long flags); +WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_get_flags(WOLFSSL_X509_VERIFY_PARAM *param); +WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_clear_flags(WOLFSSL_X509_VERIFY_PARAM *param, + unsigned long flags); WOLFSSL_API void wolfSSL_X509_VERIFY_PARAM_set_hostflags( WOLFSSL_X509_VERIFY_PARAM* param, unsigned int flags); WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1_host(WOLFSSL_X509_VERIFY_PARAM* pParam, @@ -1462,6 +1728,12 @@ WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1_host(WOLFSSL_X509_VERIFY_PARAM* p unsigned int nameSz); WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1_ip_asc( WOLFSSL_X509_VERIFY_PARAM *param, const char *ipasc); +WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1(WOLFSSL_X509_VERIFY_PARAM* to, + const WOLFSSL_X509_VERIFY_PARAM* from); +WOLFSSL_API int wolfSSL_X509_load_crl_file(WOLFSSL_X509_LOOKUP *ctx, + const char *file, int type); +WOLFSSL_API int wolfSSL_X509_load_cert_crl_file(WOLFSSL_X509_LOOKUP *ctx, + const char *file, int type); #endif WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*); WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value( @@ -1509,6 +1781,24 @@ WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data( WOLFSSL_X509_STORE_CTX* ctx, int idx); WOLFSSL_API int wolfSSL_X509_STORE_CTX_set_ex_data(WOLFSSL_X509_STORE_CTX* ctx, int idx, void *data); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_X509_STORE_CTX_set_ex_data_with_cleanup( + WOLFSSL_X509_STORE_CTX* ctx, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif +WOLFSSL_API void* wolfSSL_X509_STORE_get_ex_data( + WOLFSSL_X509_STORE* store, int idx); +WOLFSSL_API int wolfSSL_X509_STORE_set_ex_data(WOLFSSL_X509_STORE* store, + int idx, void *data); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_X509_STORE_set_ex_data_with_cleanup( + WOLFSSL_X509_STORE* store, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_depth(WOLFSSL_X509_STORE_CTX* ctx, int depth); WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get0_current_issuer( @@ -1580,6 +1870,9 @@ WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg( WOLFSSL_API int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX*, WOLFSSL_X509*); WOLFSSL_API int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX*, char*); WOLFSSL_API int wolfSSL_CTX_set_srp_username(WOLFSSL_CTX*, char*); +WOLFSSL_API int wolfSSL_CTX_set_srp_strength(WOLFSSL_CTX *ctx, int strength); + +WOLFSSL_API char* wolfSSL_get_srp_username(WOLFSSL *ssl); WOLFSSL_API long wolfSSL_set_options(WOLFSSL *s, long op); WOLFSSL_API long wolfSSL_get_options(const WOLFSSL *s); @@ -1730,33 +2023,33 @@ enum { * and auto retry */ SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */ - BIO_FLAGS_BASE64_NO_NL = 1, BIO_CLOSE = 1, BIO_NOCLOSE = 0, X509_FILETYPE_PEM = 8, - X509_LU_X509 = 9, - X509_LU_CRL = 12, + X509_LU_NONE = WOLFSSL_X509_LU_NONE, + X509_LU_X509 = WOLFSSL_X509_LU_X509, + X509_LU_CRL = WOLFSSL_X509_LU_CRL, X509_V_OK = 0, - X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, + X509_V_ERR_CRL_SIGNATURE_FAILURE = 8, + X509_V_ERR_CERT_HAS_EXPIRED = 10, X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, X509_V_ERR_CRL_HAS_EXPIRED = 15, - X509_V_ERR_CERT_REVOKED = 16, X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, X509_V_ERR_CERT_NOT_YET_VALID = 19, X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, - X509_V_ERR_CERT_HAS_EXPIRED = 21, X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, - X509_V_ERR_CERT_REJECTED = 23, + X509_V_ERR_CERT_REVOKED = 23, + X509_V_ERR_CERT_REJECTED = 24, /* Required for Nginx */ - X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 24, - X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN = 25, - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 26, - X509_V_ERR_CERT_UNTRUSTED = 27, - X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 28, - X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 29, + X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 25, + X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN = 26, + X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 27, + X509_V_ERR_CERT_UNTRUSTED = 28, + X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 29, + X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 30, /* additional X509_V_ERR_* enums not used in wolfSSL */ X509_V_ERR_UNABLE_TO_GET_CRL, X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE, @@ -1788,12 +2081,6 @@ enum { X509_R_CERT_ALREADY_IN_HASH_TABLE, - XN_FLAG_SPC_EQ = (1 << 23), - XN_FLAG_SEP_CPLUS_SPC = (2 << 16), - XN_FLAG_ONELINE = 0, - XN_FLAG_RFC2253 = 1, - XN_FLAG_DN_REV = (1 << 20), - CRYPTO_LOCK = 1, CRYPTO_NUM_LOCKS = 10, @@ -1806,7 +2093,11 @@ enum { #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) /* wolfSSL extension, provide last error from SSL_get_error since not using thread storage error queue */ -#include +#ifdef FUSION_RTOS + #include +#else + #include +#endif WOLFSSL_API void wolfSSL_ERR_print_errors_fp(XFILE, int err); #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) WOLFSSL_API void wolfSSL_ERR_dump_errors_fp(XFILE fp); @@ -1896,10 +2187,11 @@ enum { /* ssl Constants */ WOLFSSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ WOLFSSL_VERIFY_NONE = 0, - WOLFSSL_VERIFY_PEER = 1, - WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, - WOLFSSL_VERIFY_CLIENT_ONCE = 4, - WOLFSSL_VERIFY_FAIL_EXCEPT_PSK = 8, + WOLFSSL_VERIFY_PEER = 1 << 0, + WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT = 1 << 1, + WOLFSSL_VERIFY_CLIENT_ONCE = 1 << 2, + WOLFSSL_VERIFY_FAIL_EXCEPT_PSK = 1 << 3, + WOLFSSL_VERIFY_DEFAULT = 1 << 9, WOLFSSL_SESS_CACHE_OFF = 0x0000, WOLFSSL_SESS_CACHE_CLIENT = 0x0001, @@ -1935,16 +2227,30 @@ enum { /* ssl Constants */ typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*, unsigned int, unsigned char*, unsigned int); WOLFSSL_API void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX*, - wc_psk_client_callback); + wc_psk_client_callback); WOLFSSL_API void wolfSSL_set_psk_client_callback(WOLFSSL*, - wc_psk_client_callback); + wc_psk_client_callback); + #ifdef OPENSSL_EXTRA + typedef int (*wc_psk_use_session_cb_func)(WOLFSSL* ssl, + const WOLFSSL_EVP_MD* md, const unsigned char **id, + size_t* idlen, WOLFSSL_SESSION **sess); + WOLFSSL_API void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, + wc_psk_use_session_cb_func cb); + #endif #ifdef WOLFSSL_TLS13 + typedef unsigned int (*wc_psk_client_cs_callback)(WOLFSSL*, const char*, + char*, unsigned int, unsigned char*, unsigned int, const char*); + WOLFSSL_API void wolfSSL_CTX_set_psk_client_cs_callback(WOLFSSL_CTX*, + wc_psk_client_cs_callback); + WOLFSSL_API void wolfSSL_set_psk_client_cs_callback(WOLFSSL*, + wc_psk_client_cs_callback); + typedef unsigned int (*wc_psk_client_tls13_callback)(WOLFSSL*, const char*, - char*, unsigned int, unsigned char*, unsigned int, const char**); + char*, unsigned int, unsigned char*, unsigned int, const char**); WOLFSSL_API void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX*, - wc_psk_client_tls13_callback); + wc_psk_client_tls13_callback); WOLFSSL_API void wolfSSL_set_psk_client_tls13_callback(WOLFSSL*, - wc_psk_client_tls13_callback); + wc_psk_client_tls13_callback); #endif WOLFSSL_API const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*); @@ -1956,16 +2262,16 @@ enum { /* ssl Constants */ typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*, unsigned char*, unsigned int); WOLFSSL_API void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX*, - wc_psk_server_callback); + wc_psk_server_callback); WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL*, - wc_psk_server_callback); + wc_psk_server_callback); #ifdef WOLFSSL_TLS13 typedef unsigned int (*wc_psk_server_tls13_callback)(WOLFSSL*, const char*, - unsigned char*, unsigned int, const char**); + unsigned char*, unsigned int, const char**); WOLFSSL_API void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX*, - wc_psk_server_tls13_callback); + wc_psk_server_tls13_callback); WOLFSSL_API void wolfSSL_set_psk_server_tls13_callback(WOLFSSL*, - wc_psk_server_tls13_callback); + wc_psk_server_tls13_callback); #endif WOLFSSL_API void* wolfSSL_get_psk_callback_ctx(WOLFSSL*); WOLFSSL_API int wolfSSL_set_psk_callback_ctx(WOLFSSL*, void*); @@ -1974,6 +2280,11 @@ enum { /* ssl Constants */ WOLFSSL_API int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX*, void*); #define PSK_TYPES_DEFINED + +#ifdef WOLFSSL_TLS13 + WOLFSSL_API const char* wolfSSL_get_cipher_name_by_hash(WOLFSSL* ssl, + const char* hash); +#endif #endif /* NO_PSK */ @@ -2014,9 +2325,11 @@ WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long); WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx); WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long); -#if !defined(NO_FILESYSTEM) && !defined(NO_CHECK_PRIVATE_KEY) +#if !defined(NO_CHECK_PRIVATE_KEY) WOLFSSL_API int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX*); #endif +WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_CTX_get0_privatekey(const WOLFSSL_CTX*); + WOLFSSL_API void wolfSSL_ERR_free_strings(void); WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long); WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl); @@ -2033,8 +2346,8 @@ WOLFSSL_API int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX*, const unsigned char*, unsigned int); WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL*); +#ifdef OPENSSL_EXTRA WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*); -#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl); #endif @@ -2061,15 +2374,23 @@ WOLFSSL_API int wolfSSL_ASN1_TIME_diff(int *pday, int *psec, const WOLFSSL_ASN1_TIME *from, const WOLFSSL_ASN1_TIME *to); #ifdef OPENSSL_EXTRA WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_t t); +WOLFSSL_API int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *s, const char *str); #endif -WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_STACK* sk); -WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i); +WOLFSSL_API int wolfSSL_sk_num(const WOLFSSL_STACK* sk); +WOLFSSL_API void* wolfSSL_sk_value(const WOLFSSL_STACK* sk, int i); + +#if defined(HAVE_EX_DATA) || defined(FORTRESS) || defined(WOLFSSL_WPAS_SMALL) -#if (defined(HAVE_EX_DATA) || defined(FORTRESS)) && \ - (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) WOLFSSL_API void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data_with_cleanup( + WOLFSSL_CRYPTO_EX_DATA* ex_data, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx, void *data); #endif @@ -2077,8 +2398,15 @@ WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int /* stunnel 4.28 needs */ WOLFSSL_API void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX*, int); WOLFSSL_API int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX*, int, void*); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_CTX_set_ex_data_with_cleanup( + WOLFSSL_CTX* ctx, + int idx, + void* data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX*, - WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*)); + WOLFSSL_SESSION*(*f)(WOLFSSL*, const unsigned char*, int, int*)); WOLFSSL_API void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX*, int (*f)(WOLFSSL*, WOLFSSL_SESSION*)); WOLFSSL_API void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX*, @@ -2109,7 +2437,11 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_Cleanup(void); /* which library version do we have */ WOLFSSL_API const char* wolfSSL_lib_version(void); +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +WOLFSSL_API const char* wolfSSL_OpenSSL_version(int a); +#else WOLFSSL_API const char* wolfSSL_OpenSSL_version(void); +#endif /* which library version do we have in hex */ WOLFSSL_API word32 wolfSSL_lib_version_hex(void); @@ -2164,9 +2496,15 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509, const unsigned char** in, int len); WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len); +#ifdef WOLFSSL_CERT_REQ +WOLFSSL_API WOLFSSL_X509* + wolfSSL_X509_REQ_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len); +#endif WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out); WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl, const unsigned char *in, int len); +WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_bio(WOLFSSL_BIO *bp, + WOLFSSL_X509_CRL **crl); #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE file, WOLFSSL_X509_CRL **crl); #endif @@ -2182,6 +2520,10 @@ WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509* #endif WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_load_certificate_buffer( const unsigned char* buf, int sz, int format); +#ifdef WOLFSSL_CERT_REQ +WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_REQ_load_certificate_buffer( + const unsigned char* buf, int sz, int format); +#endif #ifdef WOLFSSL_SEP WOLFSSL_API unsigned char* @@ -2209,6 +2551,8 @@ WOLFSSL_API WOLFSSL_X509_PKCS12* wolfSSL_d2i_PKCS12_fp(XFILE fp, WOLFSSL_API int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, WOLF_STACK_OF(WOLFSSL_X509)** ca); +WOLFSSL_API int wolfSSL_PKCS12_verify_mac(WC_PKCS12 *pkcs12, const char *psw, + int pswLen); WOLFSSL_API WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name, WOLFSSL_EVP_PKEY* pkey, WOLFSSL_X509* cert, WOLF_STACK_OF(WOLFSSL_X509)* ca, @@ -2310,7 +2654,13 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX*, const unsigned char*, long, int); WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_id(WOLFSSL_CTX*, - const unsigned char*, long, int, long); + const unsigned char*, long, + int, long); + WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_Id(WOLFSSL_CTX*, + const unsigned char*, long, + int); + WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_Label(WOLFSSL_CTX*, const char*, + int); WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer_format(WOLFSSL_CTX*, const unsigned char*, long, int); WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX*, @@ -2324,7 +2674,10 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, WOLFSSL_API int wolfSSL_use_PrivateKey_buffer(WOLFSSL*, const unsigned char*, long, int); WOLFSSL_API int wolfSSL_use_PrivateKey_id(WOLFSSL*, const unsigned char*, - long, int, long); + long, int, long); + WOLFSSL_API int wolfSSL_use_PrivateKey_Id(WOLFSSL*, const unsigned char*, + long, int); + WOLFSSL_API int wolfSSL_use_PrivateKey_Label(WOLFSSL*, const char*, int); WOLFSSL_API int wolfSSL_use_certificate_chain_buffer_format(WOLFSSL*, const unsigned char*, long, int); WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL*, @@ -2334,6 +2687,7 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ defined(KEEP_OUR_CERT) WOLFSSL_API WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl); + WOLFSSL_API WOLFSSL_X509* wolfSSL_CTX_get0_certificate(WOLFSSL_CTX* ctx); #endif #endif @@ -2392,7 +2746,7 @@ WOLFSSL_API int wolfSSL_CTX_GetObjectSize(void); WOLFSSL_API int wolfSSL_METHOD_GetObjectSize(void); WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int); WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*); -WOLFSSL_API int wolfSSL_GetVersion(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_GetVersion(const WOLFSSL* ssl); WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version); /* moved to asn.c, old names kept for backwards compatibility */ @@ -2722,6 +3076,7 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl); WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap); WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void); WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*); + WOLFSSL_API int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER*); WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER*, const char* f, const char* d); @@ -2772,9 +3127,16 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl); WOLFSSL_CERT_MANAGER* cm); WOLFSSL_API int wolfSSL_CertManagerDisableOCSPStapling( WOLFSSL_CERT_MANAGER* cm); -#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && !defined(NO_FILESYSTEM) + WOLFSSL_API int wolfSSL_CertManagerEnableOCSPMustStaple( + WOLFSSL_CERT_MANAGER* cm); + WOLFSSL_API int wolfSSL_CertManagerDisableOCSPMustStaple( + WOLFSSL_CERT_MANAGER* cm); +#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && \ + !defined(NO_FILESYSTEM) WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm); -#endif +WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs( + WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_NAME*); +#endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */ WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options); WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int); @@ -2808,6 +3170,8 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm) CbOCSPIO, CbOCSPRespFree, void*); WOLFSSL_API int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_CTX_DisableOCSPStapling(WOLFSSL_CTX*); + WOLFSSL_API int wolfSSL_CTX_EnableOCSPMustStaple(WOLFSSL_CTX*); + WOLFSSL_API int wolfSSL_CTX_DisableOCSPMustStaple(WOLFSSL_CTX*); #endif /* !NO_CERTS */ @@ -2923,7 +3287,7 @@ enum { WOLFSSL_MAX_ALPN_NUMBER = 257 }; -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) typedef int (*CallbackALPNSelect)(WOLFSSL* ssl, const unsigned char** out, unsigned char* outLen, const unsigned char* in, unsigned int inLen, void *arg); @@ -3074,13 +3438,9 @@ enum { }; #ifdef HAVE_SUPPORTED_CURVES -#ifndef NO_WOLFSSL_CLIENT - WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name); WOLFSSL_API int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, word16 name); - -#endif #endif #ifdef WOLFSSL_TLS13 @@ -3094,16 +3454,46 @@ WOLFSSL_API int wolfSSL_NoKeyShares(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_CTX_UseSecureRenegotiation(WOLFSSL_CTX* ctx); -WOLFSSL_API int wolfSSL_StartSecureRenegotiation(WOLFSSL* ssl, int resume); WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_SecureResume(WOLFSSL* ssl); WOLFSSL_API long wolfSSL_SSL_get_secure_renegotiation_support(WOLFSSL* ssl); #endif +#if defined(HAVE_SELFTEST) && \ + (!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2)) + + /* Needed by session ticket stuff below */ + #ifndef WOLFSSL_AES_KEY_SIZE_ENUM + #define WOLFSSL_AES_KEY_SIZE_ENUM + enum SSL_Misc { + AES_IV_SIZE = 16, + AES_128_KEY_SIZE = 16, + AES_192_KEY_SIZE = 24, + AES_256_KEY_SIZE = 32 + }; + #endif +#endif + /* Session Ticket */ #ifdef HAVE_SESSION_TICKET +#if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(WOLFSSL_NO_SERVER) + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \ + !defined(WOLFSSL_TICKET_ENC_AES128_GCM) && \ + !defined(WOLFSSL_TICKET_ENC_AES256_GCM) + #define WOLFSSL_TICKET_KEY_SZ CHACHA20_POLY1305_AEAD_KEYSIZE + #elif defined(WOLFSSL_TICKET_ENC_AES256_GCM) + #define WOLFSSL_TICKET_KEY_SZ AES_256_KEY_SIZE + #else + #define WOLFSSL_TICKET_KEY_SZ AES_128_KEY_SIZE + #endif + + #define WOLFSSL_TICKET_KEYS_SZ (WOLFSSL_TICKET_NAME_SZ + \ + 2 * WOLFSSL_TICKET_KEY_SZ + \ + sizeof(word32) * 2) +#endif + #ifndef NO_WOLFSSL_CLIENT WOLFSSL_API int wolfSSL_UseSessionTicket(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx); @@ -3128,6 +3518,9 @@ enum TicketEncRet { #ifndef NO_WOLFSSL_SERVER +WOLFSSL_API int wolfSSL_CTX_NoTicketTLSv12(WOLFSSL_CTX* ctx); +WOLFSSL_API int wolfSSL_NoTicketTLSv12(WOLFSSL* ssl); + typedef int (*SessionTicketEncCb)(WOLFSSL*, unsigned char key_name[WOLFSSL_TICKET_NAME_SZ], unsigned char iv[WOLFSSL_TICKET_IV_SZ], @@ -3137,6 +3530,7 @@ WOLFSSL_API int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx, SessionTicketEncCb); WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int); WOLFSSL_API int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*); +WOLFSSL_API void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx); #endif /* NO_WOLFSSL_SERVER */ @@ -3231,9 +3625,9 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, /* Smaller subset of X509 compatibility functions. Avoid increasing the size of * this subset and its memory usage */ -#include +#include struct WOLFSSL_X509_NAME_ENTRY { - WOLFSSL_ASN1_OBJECT object; /* static object just for keeping grp, type */ + WOLFSSL_ASN1_OBJECT* object; /* static object just for keeping grp, type */ WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ int nid; /* i.e. ASN_COMMON_NAME */ int set; @@ -3290,7 +3684,6 @@ WOLFSSL_LOCAL int NIDToEccEnum(int n); /* end of object functions */ WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error_line(const char **file, int *line); -WOLFSSL_API long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt); WOLFSSL_API long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt,void* pt); WOLFSSL_API long wolfSSL_CTX_callback_ctrl(WOLFSSL_CTX* ctx, int cmd, void (*fp)(void)); WOLFSSL_API long wolfSSL_CTX_clear_extra_chain_certs(WOLFSSL_CTX* ctx); @@ -3310,6 +3703,8 @@ WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name, WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_NID(WOLFSSL_X509_NAME *name, int nid, int type, const unsigned char *bytes, int len, int loc, int set); +WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry( + WOLFSSL_X509_NAME *name, int loc); WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x, const WOLFSSL_X509_NAME* y); WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void); @@ -3320,9 +3715,9 @@ WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl); #endif /* !NO_CERTS */ #endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ -#ifdef WOLFSSL_WPAS_SMALL - /* WPA Supplicant requires GEN_ values */ - #include +#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \ + || defined(WOLFSSL_NGINX) || defined(WOLFSSL_QT) +WOLFSSL_API long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt); #endif #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) @@ -3337,6 +3732,7 @@ WOLFSSL_API int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509 *x, int nid, int WOLFSSL_API int wolfSSL_X509_add_ext(WOLFSSL_X509 *x, WOLFSSL_X509_EXTENSION *ex, int loc); WOLFSSL_API WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit, void *data); +WOLFSSL_API WOLFSSL_X509_EXTENSION *wolfSSL_X509_delete_ext(WOLFSSL_X509 *x509, int loc); WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_conf_nid( WOLF_LHASH_OF(CONF_VALUE)* conf, WOLFSSL_X509V3_CTX* ctx, int nid, char* value); @@ -3346,6 +3742,8 @@ WOLFSSL_API void wolfSSL_X509V3_set_ctx(WOLFSSL_X509V3_CTX* ctx, WOLFSSL_API void wolfSSL_X509V3_set_ctx_nodb(WOLFSSL_X509V3_CTX* ctx); WOLFSSL_API int wolfSSL_X509_digest(const WOLFSSL_X509* x509, const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len); +WOLFSSL_API int wolfSSL_X509_pubkey_digest(const WOLFSSL_X509 *x509, + const WOLFSSL_EVP_MD *digest, unsigned char* buf, unsigned int* len); WOLFSSL_API int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509); WOLFSSL_API int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey); WOLFSSL_API int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl, @@ -3360,7 +3758,11 @@ WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_ASN1(int pri, WOLFSSL_CTX* ctx, #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) WOLFSSL_API int wolfSSL_X509_cmp(const WOLFSSL_X509* a, const WOLFSSL_X509* b); +WOLFSSL_API const WOLFSSL_STACK *wolfSSL_X509_get0_extensions(const WOLFSSL_X509 *x); +WOLFSSL_API const WOLFSSL_STACK *wolfSSL_X509_REQ_get_extensions(const WOLFSSL_X509 *x); WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_get_ext(const WOLFSSL_X509* x, int loc); +WOLFSSL_API int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x, + const WOLFSSL_ASN1_OBJECT *obj, int lastpos); WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x, int loc); WOLFSSL_API int wolfSSL_X509_EXTENSION_get_critical(const WOLFSSL_X509_EXTENSION* ex); WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_EXTENSION_new(void); @@ -3382,6 +3784,9 @@ WOLFSSL_API int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses, WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses); WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); +#ifdef WOLFSSL_CERT_REQ +WOLFSSL_API int wolfSSL_i2d_X509_REQ_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); +#endif #if !defined(NO_FILESYSTEM) WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(XFILE fp, WOLFSSL_X509** x509); @@ -3389,29 +3794,44 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_GetCerts(WOLFSSL_X509_STORE_CTX* s #endif WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509); +#ifdef WOLFSSL_CERT_REQ +WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_REQ_bio(WOLFSSL_BIO* bio, + WOLFSSL_X509** x509); +#endif #endif /* OPENSSL_EXTRA || OPENSSL_ALL */ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str); WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx); +#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ +#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \ + defined(HAVE_SECRET_CALLBACK) WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out, size_t outlen); WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, size_t outSz); -#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ +#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL || HAVE_SECRET_CALLBACK */ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio); +/* non-standard API to determine if BIO supports "pending" */ +WOLFSSL_API int wolfSSL_BIO_supports_pending(const WOLFSSL_BIO *bio); WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b); WOLFSSL_API int wolfSSL_get_server_tmp_key(const WOLFSSL*, WOLFSSL_EVP_PKEY**); WOLFSSL_API int wolfSSL_CTX_set_min_proto_version(WOLFSSL_CTX*, int); WOLFSSL_API int wolfSSL_CTX_set_max_proto_version(WOLFSSL_CTX*, int); +WOLFSSL_API int wolfSSL_set_min_proto_version(WOLFSSL*, int); +WOLFSSL_API int wolfSSL_set_max_proto_version(WOLFSSL*, int); +WOLFSSL_API int wolfSSL_CTX_get_min_proto_version(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); +#ifdef WOLFSSL_CERT_REQ +WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_REQ(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); +#endif WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_bio_X509_CRL(WOLFSSL_BIO *bp, WOLFSSL_X509_CRL **x, pem_password_cb *cb, void *u); WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX @@ -3423,7 +3843,7 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_INFO)* wolfSSL_PEM_X509_INFO_read_bio( WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_X509_CRL(XFILE fp, WOLFSSL_X509_CRL **x, pem_password_cb *cb, void *u); #endif -WOLFSSL_API int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header, +WOLFSSL_API int wolfSSL_PEM_get_EVP_CIPHER_INFO(const char* header, EncryptedInfo* cipher); WOLFSSL_API int wolfSSL_PEM_do_header(EncryptedInfo* cipher, unsigned char* data, long* len, @@ -3441,6 +3861,12 @@ struct WOLFSSL_ASN1_BIT_STRING { long flags; }; +struct WOLFSSL_CONF_CTX { + unsigned int flags; + WOLFSSL_CTX* ctx; + WOLFSSL* ssl; +}; + WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc); #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ @@ -3467,6 +3893,7 @@ WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl); WOLFSSL_API int wolfSSL_set_app_data(WOLFSSL *ssl, void *arg); WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne); WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md); +WOLFSSL_API unsigned char *wolfSSL_SHA224(const unsigned char *d, size_t n, unsigned char *md); WOLFSSL_API unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, unsigned char *md); WOLFSSL_API unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n, unsigned char *md); WOLFSSL_API unsigned char *wolfSSL_SHA512(const unsigned char *d, size_t n, unsigned char *md); @@ -3477,13 +3904,22 @@ WOLFSSL_API int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509); #ifndef NO_FILESYSTEM WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c); WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp); -WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int c); #endif #endif /* OPENSSL_EXTRA || OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ #endif /* OPENSSL_EXTRA || OPENSSL_ALL */ +#if defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) \ + || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) +#ifndef NO_BIO +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, + const char *mode); +#ifndef NO_FILESYSTEM +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int c); +#endif /* !NO_FILESYSTEM */ +#endif /* !NO_BIO */ +#endif #if defined(OPENSSL_ALL) \ || defined(HAVE_STUNNEL) \ @@ -3491,8 +3927,8 @@ WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int c); || defined(WOLFSSL_MYSQL_COMPATIBLE) \ || defined(WOLFSSL_HAPROXY) \ || defined(OPENSSL_EXTRA) +#define X509_BUFFER_SZ 8192 -WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode); WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*); WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp, WOLFSSL_DH **x, pem_password_cb *cb, void *u); @@ -3510,23 +3946,43 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_REQ_new(void); WOLFSSL_API void wolfSSL_X509_REQ_free(WOLFSSL_X509* req); WOLFSSL_API int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey, const WOLFSSL_EVP_MD *md); +WOLFSSL_API int wolfSSL_X509_REQ_sign_ctx(WOLFSSL_X509 *req, + WOLFSSL_EVP_MD_CTX* md_ctx); WOLFSSL_API int wolfSSL_X509_REQ_add_extensions(WOLFSSL_X509* req, - WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* ext); + WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* ext_sk); WOLFSSL_API int wolfSSL_X509_REQ_set_subject_name(WOLFSSL_X509 *req, WOLFSSL_X509_NAME *name); WOLFSSL_API int wolfSSL_X509_REQ_set_pubkey(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey); +WOLFSSL_API int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req, + int nid, int type, + const unsigned char *bytes, + int len); +WOLFSSL_API int wolfSSL_X509_REQ_get_attr_by_NID(const WOLFSSL_X509 *req, + int nid, int lastpos); +WOLFSSL_API int wolfSSL_X509_REQ_add1_attr_by_txt(WOLFSSL_X509 *req, + const char *attrname, int type, + const unsigned char *bytes, int len); +WOLFSSL_API WOLFSSL_X509_ATTRIBUTE *wolfSSL_X509_REQ_get_attr( + const WOLFSSL_X509 *req, int loc); +WOLFSSL_API WOLFSSL_X509_ATTRIBUTE* wolfSSL_X509_ATTRIBUTE_new(void); +WOLFSSL_API void wolfSSL_X509_ATTRIBUTE_free(WOLFSSL_X509_ATTRIBUTE* attr); +WOLFSSL_API WOLFSSL_ASN1_TYPE *wolfSSL_X509_ATTRIBUTE_get0_type( + WOLFSSL_X509_ATTRIBUTE *attr, int idx); +WOLFSSL_API WOLFSSL_X509 *wolfSSL_X509_to_X509_REQ(WOLFSSL_X509 *x, + WOLFSSL_EVP_PKEY *pkey, const WOLFSSL_EVP_MD *md); #endif #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \ || defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) -#include - -/* SNI received callback type */ -typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg); +#include +WOLFSSL_API int wolfSSL_CRYPTO_set_mem_functions( + wolfSSL_Malloc_cb m, + wolfSSL_Realloc_cb r, + wolfSSL_Free_cb f); WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), void *(*r) (void *, size_t, const char *, int), void (*f) (void *)); @@ -3557,13 +4013,17 @@ WOLFSSL_API int wolfSSL_FIPS_mode(void); WOLFSSL_API int wolfSSL_FIPS_mode_set(int r); -WOLFSSL_API int wolfSSL_RAND_set_rand_method(const void *meth); +WOLFSSL_API int wolfSSL_RAND_set_rand_method(const WOLFSSL_RAND_METHOD *methods); WOLFSSL_API int wolfSSL_CIPHER_get_bits(const WOLFSSL_CIPHER *c, int *alg_bits); WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_new(void); WOLFSSL_API int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s); +WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_OBJECT_new(void); +WOLFSSL_API void wolfSSL_sk_X509_OBJECT_free(WOLFSSL_STACK* s); +WOLFSSL_API int wolfSSL_sk_X509_OBJECT_push(WOLFSSL_STACK* sk, WOLFSSL_X509_OBJECT* obj); + WOLFSSL_API WOLFSSL_X509_INFO *wolfSSL_X509_INFO_new(void); WOLFSSL_API void wolfSSL_X509_INFO_free(WOLFSSL_X509_INFO* info); @@ -3578,8 +4038,9 @@ WOLFSSL_API void wolfSSL_sk_X509_INFO_pop_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)* void (*f) (WOLFSSL_X509_INFO*)); WOLFSSL_API void wolfSSL_sk_X509_INFO_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*); -typedef int (*wolf_sk_compare_cb)(const void* const *a, - const void* const *b); +typedef int (*wolf_sk_compare_cb)(const void* a, + const void* b); +typedef unsigned long (*wolf_sk_hash_cb) (const void *v); WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_sk_X509_NAME_new( wolf_sk_compare_cb); WOLFSSL_API int wolfSSL_sk_X509_NAME_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)*, @@ -3599,6 +4060,18 @@ WOLFSSL_API int wolfSSL_sk_X509_OBJECT_num(const WOLF_STACK_OF(WOLFSSL_X509_OBJE WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int, unsigned long); +#ifndef NO_FILESYSTEM +WOLFSSL_API int wolfSSL_X509_NAME_print_ex_fp(XFILE,WOLFSSL_X509_NAME*,int, + unsigned long); +#endif + +WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_CONF_VALUE_new(wolf_sk_compare_cb compFunc); +WOLFSSL_API void wolfSSL_sk_CONF_VALUE_free(struct WOLFSSL_STACK *sk); +WOLFSSL_API int wolfSSL_sk_CONF_VALUE_num(const WOLFSSL_STACK *sk); +WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_sk_CONF_VALUE_value( + const struct WOLFSSL_STACK *sk, int i); +WOLFSSL_API int wolfSSL_sk_CONF_VALUE_push(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk, + WOLFSSL_CONF_VALUE* val); #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) @@ -3632,6 +4105,13 @@ WOLFSSL_API void* wolfSSL_sk_X509_OBJECT_value(WOLF_STACK_OF(WOLFSSL_X509_OBJECT WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int); WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_SESSION_set_ex_data_with_cleanup( + WOLFSSL_SESSION* session, + int idx, + void* data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \ @@ -3657,12 +4137,22 @@ WOLFSSL_API VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX*); WOLFSSL_API VerifyCallback wolfSSL_get_verify_callback(WOLFSSL*); +#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */ + +#ifdef HAVE_SNI +/* SNI received callback type */ +typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg); + WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *, CallbackSniRecv); WOLFSSL_API int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX *, CallbackSniRecv); WOLFSSL_API int wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*); +#endif + +#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \ + || defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) WOLFSSL_API void wolfSSL_ERR_remove_thread_state(void*); @@ -3676,18 +4166,24 @@ WOLFSSL_API void wolfSSL_print_all_errors_fp(XFILE fp); WOLFSSL_API void wolfSSL_THREADID_set_callback(void (*threadid_func)(void*)); WOLFSSL_API void wolfSSL_THREADID_set_numeric(void* id, unsigned long val); +WOLFSSL_API void wolfSSL_THREADID_current(WOLFSSL_CRYPTO_THREADID* id); +WOLFSSL_API unsigned long wolfSSL_THREADID_hash( + const WOLFSSL_CRYPTO_THREADID* id); -WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs( - WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_NAME*); +WOLFSSL_API WOLFSSL_X509_LOOKUP_TYPE wolfSSL_X509_OBJECT_get_type( + const WOLFSSL_X509_OBJECT*); WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(WOLFSSL_X509_STORE *); WOLFSSL_API WOLFSSL_X509_OBJECT* wolfSSL_sk_X509_OBJECT_delete(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* sk, int i); -WOLFSSL_API void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *a); +WOLFSSL_API WOLFSSL_X509_OBJECT* wolfSSL_X509_OBJECT_new(void); +WOLFSSL_API void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *obj); +WOLFSSL_API WOLFSSL_X509 *wolfSSL_X509_OBJECT_get0_X509(const WOLFSSL_X509_OBJECT *obj); +WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_X509_OBJECT_get0_X509_CRL(WOLFSSL_X509_OBJECT *obj); #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) -#include +#include WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*)); #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ @@ -3700,7 +4196,8 @@ WOLFSSL_API int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names); defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) -WOLFSSL_API int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx); +WOLFSSL_API int wolfSSL_get_verify_mode(const WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_CTX_get_verify_mode(const WOLFSSL_CTX* ctx); #endif @@ -3720,6 +4217,15 @@ WOLFSSL_API int wolfSSL_CTX_AsyncPoll(WOLFSSL_CTX* ctx, WOLF_EVENT** events, int typedef void (*SSL_Msg_Cb)(int write_p, int version, int content_type, const void *buf, size_t len, WOLFSSL *ssl, void *arg); +#if defined(HAVE_SECRET_CALLBACK) +typedef void (*wolfSSL_CTX_keylog_cb_func) + (const WOLFSSL* ssl, const char* line); +WOLFSSL_API void wolfSSL_CTX_set_keylog_callback(WOLFSSL_CTX* ctx, + wolfSSL_CTX_keylog_cb_func cb); +WOLFSSL_API wolfSSL_CTX_keylog_cb_func wolfSSL_CTX_get_keylog_callback( + const WOLFSSL_CTX* ctx); +#endif /* HAVE_SECRET_CALLBACK */ + WOLFSSL_API int wolfSSL_CTX_set_msg_callback(WOLFSSL_CTX *ctx, SSL_Msg_Cb cb); WOLFSSL_API int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb); WOLFSSL_API int wolfSSL_CTX_set_msg_callback_arg(WOLFSSL_CTX *ctx, void* arg); @@ -3732,7 +4238,15 @@ WOLFSSL_API int wolfSSL_set_alpn_protos(WOLFSSL* ssl, const unsigned char* protos, unsigned int protos_len); WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data, size_t siz, const char* file, int line); +WOLFSSL_API void wolfSSL_OPENSSL_cleanse(void *ptr, size_t len); WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); +WOLFSSL_API void wolfSSL_DH_get0_pqg(const WOLFSSL_DH* dh, + const WOLFSSL_BIGNUM** p, const WOLFSSL_BIGNUM** q, + const WOLFSSL_BIGNUM** g); +WOLFSSL_API void wolfSSL_DH_get0_key(const WOLFSSL_DH *dh, + const WOLFSSL_BIGNUM **pub_key, const WOLFSSL_BIGNUM **priv_key); +WOLFSSL_API int wolfSSL_DH_set0_key(WOLFSSL_DH *dh, WOLFSSL_BIGNUM *pub_key, + WOLFSSL_BIGNUM *priv_key); #endif #if defined(HAVE_OCSP) && !defined(NO_ASN_TIME) @@ -3748,7 +4262,8 @@ WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); #if defined(OPENSSL_ALL) \ || defined(WOLFSSL_NGINX) \ || defined(WOLFSSL_HAPROXY) \ - || defined(OPENSSL_EXTRA) + || defined(OPENSSL_EXTRA) \ + || defined(HAVE_STUNNEL) WOLFSSL_API void wolfSSL_OPENSSL_config(char *config_name); #endif @@ -3761,11 +4276,19 @@ WOLFSSL_LOCAL char* wolfSSL_get_ocsp_url(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url); #endif -#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) +#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) \ + || defined(WOLFSSL_WPAS_SMALL) WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx); WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx, void *data); -#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_X509_set_ex_data_with_cleanup( + X509 *x509, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) @@ -3785,7 +4308,11 @@ WOLFSSL_API int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *, WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s); WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s); WOLFSSL_API int wolfSSL_SSL_do_handshake(WOLFSSL *s); +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +WOLFSSL_API int wolfSSL_SSL_in_init(const WOLFSSL*); +#else WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL*); +#endif WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL*); #ifndef NO_SESSION_CACHE @@ -3796,17 +4323,18 @@ WOLFSSL_API int wolfSSL_i2a_ASN1_INTEGER(WOLFSSL_BIO *bp, const WOLFSSL_ASN1_INTEGER *a); #ifdef HAVE_SESSION_TICKET -WOLFSSL_API int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *, int (*)( - WOLFSSL *ssl, unsigned char *name, unsigned char *iv, - WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc)); +typedef int (*ticketCompatCb)(WOLFSSL *ssl, unsigned char *name, unsigned char *iv, + WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc); +WOLFSSL_API int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *, ticketCompatCb); #endif #if defined(HAVE_OCSP) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) || \ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) WOLFSSL_API int wolfSSL_CTX_get_extra_chain_certs(WOLFSSL_CTX* ctx, WOLF_STACK_OF(X509)** chain); -WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, - int(*)(WOLFSSL*, void*)); +typedef int(*tlsextStatusCb)(WOLFSSL*, void*); +WOLFSSL_API int wolfSSL_CTX_get_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb* cb); +WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb cb); WOLFSSL_API int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, WOLFSSL_X509_STORE_CTX *ctx, WOLFSSL_X509 *x); @@ -3817,8 +4345,12 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_STRING) *wolfSSL_X509_get1_ocsp(WOLFSSL_X509 * WOLFSSL_API int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer, WOLFSSL_X509 *subject); -WOLFSSL_API char* wolfSSL_sk_WOLFSSL_STRING_value( +WOLFSSL_API WOLF_STACK_OF(WOLFSSL_STRING)* wolfSSL_sk_WOLFSSL_STRING_new(void); +WOLFSSL_API void wolfSSL_sk_WOLFSSL_STRING_free(WOLF_STACK_OF(WOLFSSL_STRING)* sk); +WOLFSSL_API WOLFSSL_STRING wolfSSL_sk_WOLFSSL_STRING_value( WOLF_STACK_OF(WOLFSSL_STRING)* strings, int idx); +WOLFSSL_API int wolfSSL_sk_WOLFSSL_STRING_num( + WOLF_STACK_OF(WOLFSSL_STRING)* strings); #endif /* HAVE_OCSP || OPENSSL_EXTRA || OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio, @@ -3827,6 +4359,14 @@ WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio, #endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */ +#if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ + !defined(NO_WOLFSSL_SERVER) +WOLFSSL_API long wolfSSL_CTX_get_tlsext_ticket_keys(WOLFSSL_CTX *ctx, + unsigned char *keys, int keylen); +WOLFSSL_API long wolfSSL_CTX_set_tlsext_ticket_keys(WOLFSSL_CTX *ctx, + unsigned char *keys, int keylen); +#endif + WOLFSSL_API void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, const unsigned char **data, unsigned int *len); WOLFSSL_API int wolfSSL_select_next_proto(unsigned char **out, @@ -3862,13 +4402,17 @@ WOLFSSL_API int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk, WOLFSSL_API int wolfSSL_X509_check_ip_asc(WOLFSSL_X509 *x, const char *ipasc, unsigned int flags); #endif +#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) +WOLFSSL_API int wolfSSL_X509_check_email(WOLFSSL_X509 *x, const char *chk, + size_t chkLen, unsigned int flags); +#endif /* OPENSSL_EXTRA && WOLFSSL_CERT_GEN */ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context( const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length); -WOLFSSL_API size_t SSL_get_finished(const WOLFSSL *s, void *buf, size_t count); -WOLFSSL_API size_t SSL_get_peer_finished(const WOLFSSL *s, void *buf, size_t count); +WOLFSSL_API size_t wolfSSL_get_finished(const WOLFSSL *ssl, void *buf, size_t count); +WOLFSSL_API size_t wolfSSL_get_peer_finished(const WOLFSSL *ssl, void *buf, size_t count); #endif WOLFSSL_API int SSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid, unsigned int sid_len); @@ -3887,6 +4431,9 @@ WOLFSSL_API int wolfSSL_X509_PUBKEY_get0_param(WOLFSSL_ASN1_OBJECT **ppkalg, con WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_PUBKEY_get(WOLFSSL_X509_PUBKEY* key); WOLFSSL_API int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key); WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a); +WOLFSSL_API WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a, + const unsigned char **der, + long length); WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a); WOLFSSL_API int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp); WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength)); @@ -3899,7 +4446,7 @@ WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_find( WOLFSSL_API void wolfSSL_sk_SSL_CIPHER_free(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk); WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st); WOLFSSL_API int wolfSSL_sk_SSL_COMP_num(WOLF_STACK_OF(WOLFSSL_COMP)* sk); -WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx); +WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(WOLFSSL_STACK* sk, int i); WOLFSSL_API void ERR_load_SSL_strings(void); WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p); @@ -3911,6 +4458,8 @@ WOLFSSL_API unsigned char* wolfSSL_ASN1_TIME_get_data(WOLFSSL_ASN1_TIME *t); WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, WOLFSSL_ASN1_TIME **out); WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp); +WOLFSSL_API int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1, + char *buf, int size); WOLFSSL_API int wolfSSL_X509_CA_num(WOLFSSL_X509_STORE *store); WOLFSSL_API long wolfSSL_X509_get_version(const WOLFSSL_X509 *x); WOLFSSL_API int wolfSSL_X509_get_signature_nid(const WOLFSSL_X509* x); @@ -3943,8 +4492,45 @@ WOLFSSL_API int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, const char* key, unsigned int keySz, int format); WOLFSSL_API int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, const char* key, unsigned int keySz, int format); + +/* returns pointer to loaded key as ASN.1/DER */ +WOLFSSL_API int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, + const unsigned char** key, unsigned int* keySz); +WOLFSSL_API int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo, + const unsigned char** key, unsigned int* keySz); #endif +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx); +WOLFSSL_API void wolfSSL_CTX_set_security_level(WOLFSSL_CTX* ctx, int level); +WOLFSSL_API int wolfSSL_CTX_get_security_level(const WOLFSSL_CTX* ctx); + +WOLFSSL_API int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s); + +WOLFSSL_API void wolfSSL_CRYPTO_free(void *str, const char *file, int line); +WOLFSSL_API void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line); + +WOLFSSL_API WOLFSSL_CONF_CTX* wolfSSL_CONF_CTX_new(void); +WOLFSSL_API void wolfSSL_CONF_CTX_free(WOLFSSL_CONF_CTX* cctx); +WOLFSSL_API void wolfSSL_CONF_CTX_set_ssl_ctx(WOLFSSL_CONF_CTX* cctx, WOLFSSL_CTX *ctx); +WOLFSSL_API unsigned int wolfSSL_CONF_CTX_set_flags(WOLFSSL_CONF_CTX* cctx, unsigned int flags); +WOLFSSL_API int wolfSSL_CONF_CTX_finish(WOLFSSL_CONF_CTX* cctx); + +#define WOLFSSL_CONF_FLAG_CMDLINE 0x1 +#define WOLFSSL_CONF_FLAG_FILE 0x2 +#define WOLFSSL_CONF_FLAG_CERTIFICATE 0x20 + +#define WOLFSSL_CONF_TYPE_STRING 0x1 +#define WOLFSSL_CONF_TYPE_FILE 0x2 + +WOLFSSL_API int wolfSSL_CONF_cmd(WOLFSSL_CONF_CTX* cctx, const char* cmd, const char* value); +#endif /* OPENSSL_EXTRA */ +#if defined(HAVE_EX_DATA) || defined(FORTRESS) || defined(WOLFSSL_WPAS_SMALL) +WOLFSSL_API int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, + WOLFSSL_CRYPTO_EX_new* new_func, + WOLFSSL_CRYPTO_EX_dup* dup_func, + WOLFSSL_CRYPTO_EX_free* free_func); +#endif /* HAVE_EX_DATA || FORTRESS */ #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libwolfssl/version.h b/source/libwolfssl/version.h index fe258fcc..471f5636 100644 --- a/source/libwolfssl/version.h +++ b/source/libwolfssl/version.h @@ -1,6 +1,6 @@ /* wolfssl_version.h.in * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -28,8 +28,8 @@ extern "C" { #endif -#define LIBWOLFSSL_VERSION_STRING "4.5.0" -#define LIBWOLFSSL_VERSION_HEX 0x04005000 +#define LIBWOLFSSL_VERSION_STRING "4.8.1" +#define LIBWOLFSSL_VERSION_HEX 0x04008001 #ifdef __cplusplus } diff --git a/source/libwolfssl/wolfcrypt/aes.h b/source/libwolfssl/wolfcrypt/aes.h index b45ad78b..ed0a0dce 100644 --- a/source/libwolfssl/wolfcrypt/aes.h +++ b/source/libwolfssl/wolfcrypt/aes.h @@ -1,6 +1,6 @@ /* aes.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -34,13 +34,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits #ifndef WOLF_CRYPT_AES_H #define WOLF_CRYPT_AES_H -#include +#include #ifndef NO_AES #if defined(HAVE_FIPS) && \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - #include + #include #endif /* HAVE_FIPS_VERSION >= 2 */ /* included for fips @wc_fips */ @@ -56,10 +56,10 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits #endif #ifndef WC_NO_RNG - #include + #include #endif #ifdef STM32_CRYPTO - #include + #include #endif #ifdef WOLFSSL_IMXRT_DCP @@ -72,24 +72,29 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits #if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES) /* included for struct msghdr */ -#include +#include #endif #if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC) -#include +#include #endif +#ifdef WOLFSSL_SILABS_SE_ACCEL + #include +#endif + + #if defined(HAVE_AESGCM) && !defined(WC_NO_RNG) - #include + #include #endif #if defined(WOLFSSL_CRYPTOCELL) - #include + #include #endif #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) - #include + #include #endif #ifdef __cplusplus @@ -113,7 +118,7 @@ enum { (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif enum { @@ -143,7 +148,8 @@ enum { #endif #ifdef HAVE_PKCS11 - AES_MAX_ID_LEN = 32, + AES_MAX_ID_LEN = 32, + AES_MAX_LABEL_LEN = 32, #endif }; @@ -171,6 +177,12 @@ struct Aes { #ifdef GCM_TABLE /* key-based fast multiplication table. */ ALIGN16 byte M0[256][AES_BLOCK_SIZE]; +#elif defined(GCM_TABLE_4BIT) + #if defined(BIG_ENDIAN_ORDER) || defined(WC_16BIT_CPU) + ALIGN16 byte M0[16][AES_BLOCK_SIZE]; + #else + ALIGN16 byte M0[32][AES_BLOCK_SIZE]; + #endif #endif /* GCM_TABLE */ #ifdef HAVE_CAVIUM_OCTEON_SYNC word32 y0; @@ -186,6 +198,8 @@ struct Aes { #ifdef HAVE_PKCS11 byte id[AES_MAX_ID_LEN]; int idLen; + char label[AES_MAX_LABEL_LEN]; + int labelLen; #endif #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; @@ -231,8 +245,26 @@ struct Aes { #endif #if defined(WOLFSSL_IMXRT_DCP) dcp_handle_t handle; +#endif +#if defined(WOLFSSL_SILABS_SE_ACCEL) + silabs_aes_t ctx; #endif void* heap; /* memory hint to use */ +#ifdef WOLFSSL_AESGCM_STREAM +#if !defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_AESNI) + ALIGN16 byte streamData[5 * AES_BLOCK_SIZE]; +#else + byte* streamData; +#endif + word32 aSz; + word32 cSz; + byte over; + byte aOver; + byte cOver; + byte gcmKeySet:1; + byte nonceSet:1; + byte ctrSet:1; +#endif }; #ifndef WC_AES_TYPE_DEFINED @@ -344,6 +376,26 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz); +#ifdef WOLFSSL_AESGCM_STREAM +WOLFSSL_API int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, + const byte* iv, word32 ivSz); + +WOLFSSL_API int wc_AesGcmEncryptInit(Aes* aes, const byte* key, word32 len, + const byte* iv, word32 ivSz); +WOLFSSL_API int wc_AesGcmEncryptInit_ex(Aes* aes, const byte* key, word32 len, + byte* ivOut, word32 ivOutSz); +WOLFSSL_API int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, + word32 sz, const byte* authIn, word32 authInSz); +WOLFSSL_API int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, + word32 authTagSz); + +WOLFSSL_API int wc_AesGcmDecryptInit(Aes* aes, const byte* key, word32 len, + const byte* iv, word32 ivSz); +WOLFSSL_API int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in, + word32 sz, const byte* authIn, word32 authInSz); +WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, + word32 authTagSz); +#endif #ifndef WC_NO_RNG WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz); @@ -399,10 +451,18 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, byte* out, word32 outSz, const byte* iv); + WOLFSSL_API int wc_AesKeyWrap_ex(Aes *aes, + const byte* in, word32 inSz, + byte* out, word32 outSz, + const byte* iv); WOLFSSL_API int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, byte* out, word32 outSz, const byte* iv); + WOLFSSL_API int wc_AesKeyUnWrap_ex(Aes *aes, + const byte* in, word32 inSz, + byte* out, word32 outSz, + const byte* iv); #endif /* HAVE_AES_KEYWRAP */ #ifdef WOLFSSL_AES_XTS @@ -431,6 +491,8 @@ WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId); #ifdef HAVE_PKCS11 WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap, int devId); +WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap, + int devId); #endif WOLFSSL_API void wc_AesFree(Aes* aes); diff --git a/source/libwolfssl/wolfcrypt/arc4.h b/source/libwolfssl/wolfcrypt/arc4.h index db39e26d..cfc625f3 100644 --- a/source/libwolfssl/wolfcrypt/arc4.h +++ b/source/libwolfssl/wolfcrypt/arc4.h @@ -1,6 +1,6 @@ /* arc4.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,14 +26,14 @@ #ifndef WOLF_CRYPT_ARC4_H #define WOLF_CRYPT_ARC4_H -#include +#include #ifdef __cplusplus extern "C" { #endif #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif enum { diff --git a/source/libwolfssl/wolfcrypt/asn.h b/source/libwolfssl/wolfcrypt/asn.h index 0266cc79..d87d8682 100644 --- a/source/libwolfssl/wolfcrypt/asn.h +++ b/source/libwolfssl/wolfcrypt/asn.h @@ -1,6 +1,6 @@ /* asn.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -34,7 +34,7 @@ that can be serialized and deserialized in a cross-platform way. #ifndef WOLF_CRYPT_ASN_H #define WOLF_CRYPT_ASN_H -#include +#include #ifndef NO_ASN @@ -43,7 +43,7 @@ that can be serialized and deserialized in a cross-platform way. #define NO_ASN_TIME /* backwards compatibility with NO_TIME_H */ #endif -#include +#include /* fips declare of RsaPrivateKeyDecode @wc_fips */ #if defined(HAVE_FIPS) && !defined(NO_RSA) && \ @@ -52,19 +52,19 @@ that can be serialized and deserialized in a cross-platform way. #endif #ifndef NO_DH - #include + #include #endif #ifndef NO_DSA - #include + #include #endif #ifndef NO_SHA - #include + #include #endif #ifndef NO_MD5 - #include + #include #endif -#include -#include /* public interface */ +#include +#include /* public interface */ #if defined(NO_SHA) && defined(NO_SHA256) #define WC_SHA256_DIGEST_SIZE 32 @@ -100,6 +100,7 @@ enum ASN_Tags { ASN_SEQUENCE = 0x10, ASN_SET = 0x11, ASN_PRINTABLE_STRING = 0x13, + ASN_IA5_STRING = 0x16, ASN_UTC_TIME = 0x17, ASN_OTHER_TYPE = 0x00, ASN_RFC822_TYPE = 0x01, @@ -139,9 +140,13 @@ enum DN_Tags { /* pilot attribute types * OID values of 0.9.2342.19200300.100.1.* */ ASN_USER_ID = 0x01, /* UID */ + ASN_FAVOURITE_DRINK = 0x05, /* favouriteDrink */ ASN_DOMAIN_COMPONENT = 0x19 /* DC */ }; +/* This is the size of the smallest possible PEM header and footer */ +extern const int pem_struct_min_sz; + #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) typedef struct WOLFSSL_ObjectInfo { int nid; @@ -178,6 +183,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[]; #define WOLFSSL_USER_ID "/UID=" #define WOLFSSL_DOMAIN_COMPONENT "/DC=" +#define WOLFSSL_FAVOURITE_DRINK "/favouriteDrink=" #if defined(WOLFSSL_APACHE_HTTPD) /* otherName strings */ @@ -192,6 +198,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[]; #define WOLFSSL_TLS_FEATURE_SUM 92 #endif +#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) /* NIDs */ enum { @@ -202,6 +209,7 @@ enum NID_sha256 = 672, NID_sha384 = 673, NID_sha512 = 674, + NID_pkcs9_challengePassword = 54, NID_hw_name_oid = 73, NID_id_pkix_OCSP_basic = 74, NID_any_policy = 75, @@ -228,6 +236,7 @@ enum NID_inhibit_any_policy = 168, /* 2.5.29.54 */ NID_tlsfeature = 1020, /* id-pe 24 */ NID_commonName = 0x03, /* matches ASN_COMMON_NAME in asn.h */ + NID_buildingName = 1494, NID_surname = 0x04, /* SN */ @@ -241,6 +250,7 @@ enum NID_jurisdictionStateOrProvinceName = 0xd, NID_businessCategory = ASN_BUS_CAT, NID_domainComponent = ASN_DOMAIN_COMPONENT, + NID_favouriteDrink = 462, NID_userId = 458, NID_emailAddress = 0x30, /* emailAddress */ NID_id_on_dnsSRV = 82, /* 1.3.6.1.5.5.7.8.7 */ @@ -248,6 +258,7 @@ enum NID_X9_62_prime_field = 406 /* 1.2.840.10045.1.1 */ }; +#endif /* OPENSSL_EXTRA */ enum ECC_TYPES { @@ -299,12 +310,17 @@ enum Misc_ASN { KEYID_SIZE = WC_SHA_DIGEST_SIZE, #endif RSA_INTS = 8, /* RSA ints in private key */ + DSA_PARAM_INTS = 3, /* DSA paramater ints */ DSA_INTS = 5, /* DSA ints in private key */ - MIN_DATE_SIZE = 13, + MIN_DATE_SIZE = 12, MAX_DATE_SIZE = 32, ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */ #ifndef NO_RSA - MAX_ENCODED_SIG_SZ = 512, +#ifdef WOLFSSL_HAPROXY + MAX_ENCODED_SIG_SZ = 1024, /* Supports 8192 bit keys */ +#else + MAX_ENCODED_SIG_SZ = 512, /* Supports 4096 bit keys */ +#endif #elif defined(HAVE_ECC) MAX_ENCODED_SIG_SZ = 140, #elif defined(HAVE_CURVE448) @@ -324,7 +340,7 @@ enum Misc_ASN { MAX_ENCODED_DIG_ASN_SZ= 9, /* enum(bit or octet) + length(4) */ MAX_ENCODED_DIG_SZ = 64 + MAX_ENCODED_DIG_ASN_SZ, /* asn header + sha512 */ MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */ - MAX_DSA_INT_SZ = 261, /* DSA raw sz 2048 for bits + tag + len(4) */ + MAX_DSA_INT_SZ = 389, /* DSA raw sz 3072 for bits + tag + len(4) */ MAX_NTRU_KEY_SZ = 610, /* NTRU 112 bit public key */ MAX_NTRU_ENC_SZ = 628, /* NTRU 112 bit DER public encoding */ MAX_LENGTH_SZ = 4, /* Max length size for DER encoding */ @@ -382,6 +398,9 @@ enum Misc_ASN { MIN_VERSION_SZ = 3, /* Min bytes needed for GetMyVersion */ MAX_X509_VERSION = 3, /* Max X509 version allowed */ MIN_X509_VERSION = 0, /* Min X509 version allowed */ + WOLFSSL_X509_V1 = 0, + WOLFSSL_X509_V2 = 1, + WOLFSSL_X509_V3 = 2, #if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7) @@ -422,6 +441,7 @@ enum Oid_Types { oidCertNameType = 17, oidTlsExtType = 18, oidCrlExtType = 19, + oidCsrAttrType = 20, oidIgnoreType }; @@ -521,23 +541,23 @@ enum HMAC_Sum { enum Extensions_Sum { - BASIC_CA_OID = 133, - ALT_NAMES_OID = 131, - CRL_DIST_OID = 145, - AUTH_INFO_OID = 69, /* id-pe 1 */ - AUTH_KEY_OID = 149, - SUBJ_KEY_OID = 128, - CERT_POLICY_OID = 146, - KEY_USAGE_OID = 129, /* 2.5.29.15 */ - INHIBIT_ANY_OID = 168, /* 2.5.29.54 */ + BASIC_CA_OID = 133, /* 2.5.29.19 */ + ALT_NAMES_OID = 131, /* 2.5.29.17 */ + CRL_DIST_OID = 145, /* 2.5.29.31 */ + AUTH_INFO_OID = 69, /* 1.3.6.1.5.5.7.1.1 */ + AUTH_KEY_OID = 149, /* 2.5.29.35 */ + SUBJ_KEY_OID = 128, /* 2.5.29.14 */ + CERT_POLICY_OID = 146, /* 2.5.29.32 */ + KEY_USAGE_OID = 129, /* 2.5.29.15 */ + INHIBIT_ANY_OID = 168, /* 2.5.29.54 */ EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */ NAME_CONS_OID = 144, /* 2.5.29.30 */ PRIV_KEY_USAGE_PERIOD_OID = 130, /* 2.5.29.16 */ - SUBJECT_INFO_ACCESS = 79, /* id-pe 11 */ - POLICY_MAP_OID = 147, - POLICY_CONST_OID = 150, - ISSUE_ALT_NAMES_OID = 132, - TLS_FEATURE_OID = 92, /* id-pe 24 */ + SUBJECT_INFO_ACCESS = 79, /* 1.3.6.1.5.5.7.1.11 */ + POLICY_MAP_OID = 147, /* 2.5.29.33 */ + POLICY_CONST_OID = 150, /* 2.5.29.36 */ + ISSUE_ALT_NAMES_OID = 132, /* 2.5.29.18 */ + TLS_FEATURE_OID = 92, /* 1.3.6.1.5.5.7.1.24 */ NETSCAPE_CT_OID = 753, /* 2.16.840.1.113730.1.1 */ OCSP_NOCHECK_OID = 121 /* 1.3.6.1.5.5.7.48.1.5 id-pkix-ocsp-nocheck */ @@ -579,6 +599,7 @@ enum VerifyType { VERIFY_OCSP = 3, VERIFY_NAME = 4, VERIFY_SKIP_DATE = 5, + VERIFY_OCSP_CERT = 6, }; #ifdef WOLFSSL_CERT_EXT @@ -588,6 +609,14 @@ enum KeyIdType { }; #endif +#ifdef WOLFSSL_CERT_REQ +enum CsrAttrType { + CHALLENGE_PASSWORD_OID = 659, + SERIAL_NUMBER_OID = 94, + EXTENSION_REQUEST_OID = 666, +}; +#endif + /* Key usage extension bits (based on RFC 5280) */ #define KEYUSE_DIGITAL_SIG 0x0080 #define KEYUSE_CONTENT_COMMIT 0x0040 @@ -660,15 +689,21 @@ struct SignatureCtx { byte* digest; #ifndef NO_RSA byte* out; - byte* plain; #endif -#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) +#if !(defined(NO_RSA) && defined(NO_DSA)) + byte* sigCpy; +#endif +#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \ + !defined(NO_DSA) int verify; #endif union { #ifndef NO_RSA struct RsaKey* rsa; #endif + #ifndef NO_DSA + struct DsaKey* dsa; + #endif #ifdef HAVE_ECC struct ecc_key* ecc; #endif @@ -766,6 +801,7 @@ struct DecodedCert { DNS_entry* altNames; /* alt names list of dns entries */ #ifndef IGNORE_NAME_CONSTRAINTS DNS_entry* altEmailNames; /* alt names list of RFC822 entries */ + DNS_entry* altDirNames; /* alt names list of DIR entries */ Base_entry* permittedNames; /* Permitted name bases */ Base_entry* excludedNames; /* Excluded name bases */ #endif /* IGNORE_NAME_CONSTRAINTS */ @@ -805,6 +841,7 @@ struct DecodedCert { byte maxPathLen; /* max_path_len see RFC 5280 section * 6.1.2 "Initialization" - (k) for * description of max_path_len */ + byte policyConstSkip; /* Policy Constraints skip certs value */ word16 extKeyUsage; /* Key usage bitfield */ byte extExtKeyUsage; /* Extended Key usage bitfield */ @@ -888,6 +925,14 @@ struct DecodedCert { int extCertPoliciesNb; #endif /* defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT) */ +#ifdef WOLFSSL_CERT_REQ + /* CSR attributes */ + char* cPwd; /* challengePassword */ + int cPwdLen; + char* sNum; /* Serial Number */ + int sNumLen; +#endif /* WOLFSSL_CERT_REQ */ + Signer* ca; #ifndef NO_CERTS SignatureCtx sigCtx; @@ -917,6 +962,9 @@ struct DecodedCert { byte extCRLdistSet : 1; byte extAuthInfoSet : 1; byte extBasicConstSet : 1; + byte extPolicyConstSet : 1; + byte extPolicyConstRxpSet : 1; /* requireExplicitPolicy set */ + byte extPolicyConstIpmSet : 1; /* inhibitPolicyMapping set */ byte extSubjAltNameSet : 1; byte inhibitAnyOidSet : 1; byte selfSigned : 1; /* Indicates subject and issuer are same */ @@ -927,6 +975,7 @@ struct DecodedCert { byte extCRLdistCrit : 1; byte extAuthInfoCrit : 1; byte extBasicConstCrit : 1; + byte extPolicyConstCrit : 1; byte extSubjAltNameCrit : 1; byte extAuthKeyIdCrit : 1; #ifndef IGNORE_NAME_CONSTRAINTS @@ -939,9 +988,19 @@ struct DecodedCert { #if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT) byte extCertPolicyCrit : 1; #endif - +#ifdef WOLFSSL_CERT_REQ + byte isCSR : 1; /* Do we intend on parsing a CSR? */ +#endif }; +/* ASN Encoded Name field */ +typedef struct EncodedName { + int nameLen; /* actual string value length */ + int totalLen; /* total encoded length */ + int type; /* type of name */ + int used; /* are we actually using this one */ + byte encoded[CTC_NAME_SIZE * 2]; /* encoding */ +} EncodedName; #ifdef NO_SHA #define SIGNER_DIGEST_SIZE WC_SHA256_DIGEST_SIZE @@ -1015,6 +1074,42 @@ struct TrustedPeerCert { #define WOLFSSL_ASN_API WOLFSSL_LOCAL #endif +#ifdef HAVE_SMIME +#define MIME_HEADER_ASCII_MIN 33 +#define MIME_HEADER_ASCII_MAX 126 + +typedef struct MimeParam MimeParam; +typedef struct MimeHdr MimeHdr; + +struct MimeParam +{ + MimeParam* next; + char* attribute; + char* value; +}; + +struct MimeHdr +{ + MimeHdr* next; + MimeParam* params; + char* name; + char* body; +}; + +typedef enum MimeTypes +{ + MIME_HDR, + MIME_PARAM +} MimeTypes; + +typedef enum MimeStatus +{ + MIME_NAMEATTR, + MIME_BODYVAL +} MimeStatus; +#endif /* HAVE_SMIME */ + + WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash); WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx); @@ -1036,6 +1131,12 @@ WOLFSSL_LOCAL int EncodePolicyOID(byte *out, word32 *outSz, WOLFSSL_API int CheckCertSignature(const byte*,word32,void*,void* cm); WOLFSSL_LOCAL int CheckCertSignaturePubKey(const byte* cert, word32 certSz, void* heap, const byte* pubKey, word32 pubKeySz, int pubKeyOID); +#ifdef WOLFSSL_CERT_REQ +WOLFSSL_LOCAL int CheckCSRSignaturePubKey(const byte* cert, word32 certSz, void* heap, + const byte* pubKey, word32 pubKeySz, int pubKeyOID); +#endif /* WOLFSSL_CERT_REQ */ +WOLFSSL_LOCAL int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz, + int sigAlgoType); WOLFSSL_LOCAL int ParseCertRelative(DecodedCert*,int type,int verify,void* cm); WOLFSSL_LOCAL int DecodeToKey(DecodedCert*, int verify); WOLFSSL_LOCAL int wc_GetPubX509(DecodedCert* cert, int verify, int* badDate); @@ -1086,6 +1187,10 @@ WOLFSSL_LOCAL int DateGreaterThan(const struct tm* a, const struct tm* b); WOLFSSL_LOCAL int wc_ValidateDate(const byte* date, byte format, int dateType); WOLFSSL_LOCAL int wc_OBJ_sn2nid(const char *sn); +WOLFSSL_LOCAL int wc_EncodeName(EncodedName* name, const char* nameStr, + char nameType, byte type); +WOLFSSL_LOCAL int wc_EncodeNameCanonical(EncodedName* name, const char* nameStr, + char nameType, byte type); /* ASN.1 helper functions */ #ifdef WOLFSSL_CERT_GEN WOLFSSL_ASN_API int SetName(byte* output, word32 outputSz, CertName* name); @@ -1108,6 +1213,8 @@ WOLFSSL_LOCAL int GetSequence_ex(const byte* input, word32* inOutIdx, int* len, word32 maxIdx, int check); WOLFSSL_LOCAL int GetOctetString(const byte* input, word32* inOutIdx, int* len, word32 maxIdx); +WOLFSSL_LOCAL int CheckBitString(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx, int zeroBits, byte* unusedBits); WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len, word32 maxIdx); WOLFSSL_LOCAL int GetSet_ex(const byte* input, word32* inOutIdx, int* len, @@ -1136,12 +1243,7 @@ WOLFSSL_LOCAL int GetASNTag(const byte* input, word32* idx, byte* tag, WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output); WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output); WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output); -#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_DH) \ - || defined(WOLFSSL_OPENSSH) -WOLFSSL_LOCAL int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz); -WOLFSSL_LOCAL int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz); -WOLFSSL_LOCAL int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); -#endif +WOLFSSL_LOCAL int SetASNInt(int len, byte firstByte, byte* output); WOLFSSL_LOCAL word32 SetBitString(word32 len, byte unusedBits, byte* output); WOLFSSL_LOCAL word32 SetImplicit(byte tag,byte number,word32 len,byte* output); WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output); @@ -1154,14 +1256,20 @@ WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx, byte* serial, int* serialSz, word32 maxIdx); WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx); -WOLFSSL_LOCAL int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der); +WOLFSSL_LOCAL int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der); +WOLFSSL_LOCAL int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, + const byte* pubKey, word32 pubKeySz, enum Key_Sum ks); WOLFSSL_LOCAL int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g); WOLFSSL_LOCAL int FlattenAltNames( byte*, word32, const DNS_entry*); -#ifdef HAVE_ECC +#if defined(HAVE_ECC) || !defined(NO_DSA) /* ASN sig helpers */ WOLFSSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s); + WOLFSSL_LOCAL int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen, + const byte* r, word32 rLen, const byte* s, word32 sLen); + WOLFSSL_LOCAL int DecodeECC_DSA_Sig_Bin(const byte* sig, word32 sigLen, + byte* r, word32* rLen, byte* s, word32* sLen); WOLFSSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s); #endif @@ -1174,8 +1282,8 @@ WOLFSSL_LOCAL void FreeSignatureCtx(SignatureCtx* sigCtx); #ifndef NO_CERTS -WOLFSSL_LOCAL int wc_EncryptedInfoParse(EncryptedInfo* info, char** pBuffer, - size_t bufSz); +WOLFSSL_LOCAL int wc_EncryptedInfoParse(EncryptedInfo* info, + const char** pBuffer, size_t bufSz); WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type, DerBuffer** pDer, void* heap, EncryptedInfo* info, @@ -1185,6 +1293,17 @@ WOLFSSL_LOCAL void FreeDer(DerBuffer** der); #endif /* !NO_CERTS */ +#ifdef HAVE_SMIME +WOLFSSL_LOCAL int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** hdrs); +WOLFSSL_LOCAL int wc_MIME_header_strip(char* in, char** out, size_t start, size_t end); +WOLFSSL_LOCAL int wc_MIME_create_header(char* name, char* body, MimeHdr** hdr); +WOLFSSL_LOCAL int wc_MIME_create_parameter(char* attribute, char* value, MimeParam** param); +WOLFSSL_LOCAL MimeHdr* wc_MIME_find_header_name(const char* name, MimeHdr* hdr); +WOLFSSL_LOCAL MimeParam* wc_MIME_find_param_attr(const char* attribute, MimeParam* param); +WOLFSSL_LOCAL char* wc_MIME_canonicalize(const char* line); +WOLFSSL_LOCAL int wc_MIME_free_hdrs(MimeHdr* head); +#endif /* HAVE_SMIME */ + #ifdef WOLFSSL_CERT_GEN enum cert_enums { @@ -1200,7 +1319,8 @@ enum cert_enums { NTRU_KEY = 11, ECC_KEY = 12, ED25519_KEY = 13, - ED448_KEY = 14 + ED448_KEY = 14, + DSA_KEY = 15 }; #endif /* WOLFSSL_CERT_GEN */ @@ -1251,6 +1371,9 @@ struct CertStatus { byte serial[EXTERNAL_SERIAL_SIZE]; int serialSz; +#ifdef OPENSSL_EXTRA + WOLFSSL_ASN1_INTEGER* serialInt; +#endif int status; @@ -1258,7 +1381,7 @@ struct CertStatus { byte nextDate[MAX_DATE_SIZE]; byte thisDateFormat; byte nextDateFormat; -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) WOLFSSL_ASN1_TIME thisDateParsed; WOLFSSL_ASN1_TIME nextDateParsed; byte* thisDateAsn; @@ -1269,7 +1392,36 @@ struct CertStatus { word32 rawOcspResponseSz; }; +typedef struct OcspEntry OcspEntry; +#ifdef NO_SHA +#define OCSP_DIGEST_SIZE WC_SHA256_DIGEST_SIZE +#else +#define OCSP_DIGEST_SIZE WC_SHA_DIGEST_SIZE +#endif + +struct OcspEntry +{ + OcspEntry *next; /* next entry */ + word32 hashAlgoOID; /* hash algo ID */ + byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */ + byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */ + CertStatus *status; /* OCSP response list */ + int totalStatus; /* number on list */ + byte* rawCertId; /* raw bytes of the CertID */ + int rawCertIdSize; /* num bytes in raw CertID */ + /* option bits - using 32-bit for alignment */ + word32 ownStatus:1; /* do we need to free the status + * response list */ + word32 isDynamic:1; /* was dynamically allocated */ + +}; + +/* TODO: Long-term, it would be helpful if we made this struct and other OCSP + structs conform to the ASN spec as described in RFC 6960. It will help + with readability and with implementing OpenSSL compatibility API + functions, because OpenSSL's OCSP data structures conform to the + RFC. */ struct OcspResponse { int responseStatus; /* return code from Responder */ @@ -1279,8 +1431,6 @@ struct OcspResponse { byte producedDate[MAX_DATE_SIZE]; /* Date at which this response was signed */ byte producedDateFormat; /* format of the producedDate */ - byte* issuerHash; - byte* issuerKeyHash; byte* cert; word32 certSz; @@ -1289,7 +1439,7 @@ struct OcspResponse { word32 sigSz; /* Length in octets for the sig */ word32 sigOID; /* OID for hash used for sig */ - CertStatus* status; /* certificate status to fill out */ + OcspEntry* single; /* chain of OCSP single responses */ byte* nonce; /* pointer to nonce inside ASN.1 response */ int nonceSz; /* length of the nonce string */ @@ -1300,6 +1450,7 @@ struct OcspResponse { #ifdef OPENSSL_EXTRA int verifyError; #endif + void* heap; }; @@ -1320,25 +1471,9 @@ struct OcspRequest { void* ssl; }; -typedef struct OcspEntry OcspEntry; - -#ifdef NO_SHA -#define OCSP_DIGEST_SIZE WC_SHA256_DIGEST_SIZE -#else -#define OCSP_DIGEST_SIZE WC_SHA_DIGEST_SIZE -#endif - -struct OcspEntry -{ - OcspEntry *next; /* next entry */ - byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */ - byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */ - CertStatus *status; /* OCSP response list */ - int totalStatus; /* number on list */ -}; - -WOLFSSL_LOCAL void InitOcspResponse(OcspResponse*, CertStatus*, byte*, word32); -WOLFSSL_LOCAL int OcspResponseDecode(OcspResponse*, void*, void* heap, int); +WOLFSSL_LOCAL void InitOcspResponse(OcspResponse*, OcspEntry*, CertStatus*, byte*, word32, void*); +WOLFSSL_LOCAL void FreeOcspResponse(OcspResponse*); +WOLFSSL_LOCAL int OcspResponseDecode(OcspResponse*, void*, void* heap, int); WOLFSSL_LOCAL int InitOcspRequest(OcspRequest*, DecodedCert*, byte, void*); WOLFSSL_LOCAL void FreeOcspRequest(OcspRequest*); @@ -1416,12 +1551,13 @@ WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*); #endif enum PBESTypes { - PBE_MD5_DES = 0, - PBE_SHA1_RC4_128 = 1, - PBE_SHA1_DES = 2, - PBE_SHA1_DES3 = 3, - PBE_AES256_CBC = 4, - PBE_AES128_CBC = 5, + PBE_MD5_DES = 0, + PBE_SHA1_RC4_128 = 1, + PBE_SHA1_DES = 2, + PBE_SHA1_DES3 = 3, + PBE_AES256_CBC = 4, + PBE_AES128_CBC = 5, + PBE_SHA1_40RC2_CBC = 6, PBE_SHA1_RC4_128_SUM = 657, PBE_SHA1_DES3_SUM = 659, diff --git a/source/libwolfssl/wolfcrypt/asn_public.h b/source/libwolfssl/wolfcrypt/asn_public.h index 5caf1338..d85d6b07 100644 --- a/source/libwolfssl/wolfcrypt/asn_public.h +++ b/source/libwolfssl/wolfcrypt/asn_public.h @@ -1,6 +1,6 @@ /* asn_public.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -32,6 +32,7 @@ This library defines the interface APIs for X509 certificates. #define WOLF_CRYPT_ASN_PUBLIC_H #include +#include #ifdef __cplusplus extern "C" { @@ -58,6 +59,10 @@ This library defines the interface APIs for X509 certificates. typedef struct WC_RNG WC_RNG; #define WC_RNG_TYPE_DEFINED #endif +#ifndef WC_DH_TYPE_DEFINED + typedef struct DhKey DhKey; + #define WC_DH_TYPE_DEFINED +#endif enum Ecc_Sum { ECC_SECP112R1_OID = 182, @@ -126,6 +131,7 @@ enum CertType { /* Signature type, by OID sum */ enum Ctc_SigType { CTC_SHAwDSA = 517, + CTC_SHA256wDSA = 416, CTC_MD2wRSA = 646, CTC_MD5wRSA = 648, CTC_SHAwRSA = 649, @@ -138,6 +144,17 @@ enum Ctc_SigType { CTC_SHA384wECDSA = 525, CTC_SHA512wRSA = 657, CTC_SHA512wECDSA = 526, + + /* https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration */ + CTC_SHA3_224wECDSA = 423, + CTC_SHA3_256wECDSA = 424, + CTC_SHA3_384wECDSA = 425, + CTC_SHA3_512wECDSA = 426, + CTC_SHA3_224wRSA = 427, + CTC_SHA3_256wRSA = 428, + CTC_SHA3_384wRSA = 429, + CTC_SHA3_512wRSA = 430, + CTC_ED25519 = 256, CTC_ED448 = 257 }; @@ -331,7 +348,8 @@ typedef struct Cert { char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ]; word16 certPoliciesNb; /* Number of Cert Policy */ #endif -#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) +#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \ + defined(WOLFSSL_CERT_REQ) byte issRaw[sizeof(CertName)]; /* raw issuer info */ byte sbjRaw[sizeof(CertName)]; /* raw subject info */ #endif @@ -467,7 +485,7 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); #ifdef WOLFSSL_PEM_TO_DER WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type, - DerBuffer** pDer, void* heap, EncryptedInfo* info, int* eccKey); + DerBuffer** pDer, void* heap, EncryptedInfo* info, int* keyFormat); WOLFSSL_API int wc_KeyPemToDer(const unsigned char*, int, unsigned char*, int, const char*); @@ -507,6 +525,20 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); WOLFSSL_API int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header); #endif +#ifndef NO_DSA + /* DSA parameter DER helper functions */ + WOLFSSL_API int wc_DsaParamsDecode(const byte* input, word32* inOutIdx, + DsaKey*, word32); + WOLFSSL_API int wc_DsaKeyToParamsDer(DsaKey* key, byte* output, word32 inLen); +#endif + +#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) +WOLFSSL_LOCAL int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv); +WOLFSSL_API int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz); +WOLFSSL_API int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz); +WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); +#endif + #ifdef HAVE_ECC /* private key helpers */ WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*, @@ -514,8 +546,11 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen); WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, word32 inLen); + WOLFSSL_API int wc_EccKeyDerSize(ecc_key*, int pub); WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output, word32* outLen); + WOLFSSL_API int wc_EccKeyToPKCS8(ecc_key* key, byte* output, + word32* outLen); /* public key helper */ WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*, @@ -527,17 +562,24 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); #ifdef HAVE_ED25519 /* private key helpers */ +#ifdef HAVE_ED25519_KEY_IMPORT WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte*, word32*, ed25519_key*, word32); +#endif + +#ifdef HAVE_ED25519_KEY_EXPORT WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output, word32 inLen); WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output, word32 inLen); +#endif /* public key helper */ WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte*, word32*, ed25519_key*, word32); - #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) + #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) && \ + defined(HAVE_ED25519_KEY_EXPORT) + WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key*, byte* output, word32 inLen, int with_AlgCurve); #endif @@ -545,17 +587,23 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); #ifdef HAVE_ED448 /* private key helpers */ +#ifdef HAVE_ED448_KEY_IMPORT WOLFSSL_API int wc_Ed448PrivateKeyDecode(const byte*, word32*, ed448_key*, word32); +#endif + +#ifdef HAVE_ED448_KEY_EXPORT WOLFSSL_API int wc_Ed448KeyToDer(ed448_key* key, byte* output, word32 inLen); WOLFSSL_API int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output, word32 inLen); +#endif /* public key helper */ WOLFSSL_API int wc_Ed448PublicKeyDecode(const byte*, word32*, ed448_key*, word32); - #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) + #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) && \ + defined(HAVE_ED448_KEY_EXPORT) WOLFSSL_API int wc_Ed448PublicKeyToDer(ed448_key*, byte* output, word32 inLen, int with_AlgCurve); #endif @@ -569,7 +617,13 @@ WOLFSSL_API int wc_GetCTC_HashOID(int type); WOLFSSL_API int wc_GetPkcs8TraditionalOffset(byte* input, word32* inOutIdx, word32 sz); WOLFSSL_API int wc_CreatePKCS8Key(byte* out, word32* outSz, - byte* key, word32 keySz, int algoID, const byte* curveOID, word32 oidSz); + byte* key, word32 keySz, int algoID, const byte* curveOID, + word32 oidSz); +WOLFSSL_API int wc_EncryptPKCS8Key(byte*, word32, byte*, word32*, const char*, + int, int, int, int, byte*, word32, int, WC_RNG*, void*); +WOLFSSL_API int wc_DecryptPKCS8Key(byte*, word32, const char*, int); +WOLFSSL_API int wc_CreateEncryptedPKCS8Key(byte*, word32, byte*, word32*, + const char*, int, int, int, int, byte*, word32, int, WC_RNG*, void*); #ifndef NO_ASN_TIME /* Time */ diff --git a/source/libwolfssl/wolfcrypt/blake2-impl.h b/source/libwolfssl/wolfcrypt/blake2-impl.h index 3be93e12..72d2a510 100644 --- a/source/libwolfssl/wolfcrypt/blake2-impl.h +++ b/source/libwolfssl/wolfcrypt/blake2-impl.h @@ -12,7 +12,7 @@ */ /* blake2-impl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -36,7 +36,7 @@ #ifndef WOLFCRYPT_BLAKE2_IMPL_H #define WOLFCRYPT_BLAKE2_IMPL_H -#include +#include static WC_INLINE word32 load32( const void *src ) { @@ -85,7 +85,7 @@ static WC_INLINE void store32( void *dst, word32 w ) static WC_INLINE void store64( void *dst, word64 w ) { -#if defined(LITTLE_ENDIAN_ORDER) +#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_GENERAL_ALIGNMENT) *( word64 * )( dst ) = w; #else byte *p = ( byte * )dst; diff --git a/source/libwolfssl/wolfcrypt/blake2-int.h b/source/libwolfssl/wolfcrypt/blake2-int.h index 1118c090..a995e260 100644 --- a/source/libwolfssl/wolfcrypt/blake2-int.h +++ b/source/libwolfssl/wolfcrypt/blake2-int.h @@ -12,7 +12,7 @@ */ /* blake2-int.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -37,7 +37,7 @@ #ifndef WOLFCRYPT_BLAKE2_INT_H #define WOLFCRYPT_BLAKE2_INT_H -#include +#include #if defined(__cplusplus) extern "C" { @@ -77,7 +77,7 @@ byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */ } blake2s_param; - ALIGN32 typedef struct __blake2s_state + typedef struct ALIGN32 __blake2s_state { word32 h[8]; word32 t[2]; @@ -102,7 +102,7 @@ byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */ } blake2b_param; - ALIGN64 typedef struct __blake2b_state + typedef struct ALIGN64 __blake2b_state { word64 h[8]; word64 t[2]; diff --git a/source/libwolfssl/wolfcrypt/blake2.h b/source/libwolfssl/wolfcrypt/blake2.h index 3c57852a..f937acc9 100644 --- a/source/libwolfssl/wolfcrypt/blake2.h +++ b/source/libwolfssl/wolfcrypt/blake2.h @@ -1,6 +1,6 @@ /* blake2.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,11 +26,11 @@ #ifndef WOLF_CRYPT_BLAKE2_H #define WOLF_CRYPT_BLAKE2_H -#include +#include #if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S) -#include +#include /* call old functions if using fips for the sake of hmac @wc_fips */ #ifdef HAVE_FIPS diff --git a/source/libwolfssl/wolfcrypt/camellia.h b/source/libwolfssl/wolfcrypt/camellia.h index 445dde48..9b0c6cbe 100644 --- a/source/libwolfssl/wolfcrypt/camellia.h +++ b/source/libwolfssl/wolfcrypt/camellia.h @@ -27,7 +27,7 @@ /* camellia.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -54,7 +54,7 @@ #ifndef WOLF_CRYPT_CAMELLIA_H #define WOLF_CRYPT_CAMELLIA_H -#include +#include #ifdef HAVE_CAMELLIA diff --git a/source/libwolfssl/wolfcrypt/chacha.h b/source/libwolfssl/wolfcrypt/chacha.h index 40468e3c..b01feba2 100644 --- a/source/libwolfssl/wolfcrypt/chacha.h +++ b/source/libwolfssl/wolfcrypt/chacha.h @@ -1,6 +1,6 @@ /* chacha.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -32,7 +32,7 @@ This library contains implementation for the ChaCha20 stream cipher. #ifndef WOLF_CRYPT_CHACHA_H #define WOLF_CRYPT_CHACHA_H -#include +#include #ifdef HAVE_CHACHA @@ -55,6 +55,9 @@ Block counter is located at index 12. /* Size of IV in bytes*/ #define CHACHA_IV_BYTES 12 +#ifdef HAVE_XCHACHA +#define XCHACHA_NONCE_BYTES 24 +#endif /* Size of ChaCha chunks */ #define CHACHA_CHUNK_WORDS 16 @@ -92,8 +95,17 @@ WOLFSSL_API int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter); WOLFSSL_API int wc_Chacha_Process(ChaCha* ctx, byte* cipher, const byte* plain, word32 msglen); + +WOLFSSL_LOCAL void wc_Chacha_purge_current_block(ChaCha* ctx); + WOLFSSL_API int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz); +#ifdef HAVE_XCHACHA +WOLFSSL_API int wc_XChacha_SetKey(ChaCha *ctx, const byte *key, word32 keySz, + const byte *nonce, word32 nonceSz, + word32 counter); +#endif + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libwolfssl/wolfcrypt/chacha20_poly1305.h b/source/libwolfssl/wolfcrypt/chacha20_poly1305.h index d698300d..42a50eec 100644 --- a/source/libwolfssl/wolfcrypt/chacha20_poly1305.h +++ b/source/libwolfssl/wolfcrypt/chacha20_poly1305.h @@ -1,6 +1,6 @@ /* chacha20_poly1305.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -34,9 +34,9 @@ or Authenticated Encryption with Additional Data (AEAD) algorithm. #ifndef WOLF_CRYPT_CHACHA20_POLY1305_H #define WOLF_CRYPT_CHACHA20_POLY1305_H -#include -#include -#include +#include +#include +#include #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) @@ -48,6 +48,7 @@ or Authenticated Encryption with Additional Data (AEAD) algorithm. #define CHACHA20_POLY1305_AEAD_IV_SIZE 12 #define CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE 16 #define CHACHA20_POLY1305_MAX 4294967295U +#define XCHACHA20_POLY1305_AEAD_NONCE_SIZE 24 enum { CHACHA20_POLY_1305_ENC_TYPE = 8, /* cipher unique type */ @@ -123,6 +124,30 @@ WOLFSSL_API int wc_ChaCha20Poly1305_UpdateData(ChaChaPoly_Aead* aead, WOLFSSL_API int wc_ChaCha20Poly1305_Final(ChaChaPoly_Aead* aead, byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]); +#ifdef HAVE_XCHACHA + +WOLFSSL_API int wc_XChaCha20Poly1305_Init( + ChaChaPoly_Aead* aead, + const byte *ad, word32 ad_len, + const byte *inKey, word32 inKeySz, + const byte *inIV, word32 inIVSz, + int isEncrypt); + +WOLFSSL_API int wc_XChaCha20Poly1305_Encrypt( + byte *dst, const size_t dst_space, + const byte *src, const size_t src_len, + const byte *ad, const size_t ad_len, + const byte *nonce, const size_t nonce_len, + const byte *key, const size_t key_len); + +WOLFSSL_API int wc_XChaCha20Poly1305_Decrypt( + byte *dst, const size_t dst_space, + const byte *src, const size_t src_len, + const byte *ad, const size_t ad_len, + const byte *nonce, const size_t nonce_len, + const byte *key, const size_t key_len); + +#endif /* HAVE_XCHACHA */ #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libwolfssl/wolfcrypt/cmac.h b/source/libwolfssl/wolfcrypt/cmac.h index f9936c0d..6fd46ffc 100644 --- a/source/libwolfssl/wolfcrypt/cmac.h +++ b/source/libwolfssl/wolfcrypt/cmac.h @@ -1,6 +1,6 @@ /* cmac.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,14 +23,14 @@ #ifndef WOLF_CRYPT_CMAC_H #define WOLF_CRYPT_CMAC_H -#include -#include +#include +#include #if !defined(NO_AES) && defined(WOLFSSL_CMAC) #if defined(HAVE_FIPS) && \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - #include + #include #endif /* HAVE_FIPS_VERSION >= 2 */ #ifdef __cplusplus @@ -53,6 +53,16 @@ struct Cmac { byte k2[AES_BLOCK_SIZE]; word32 bufferSz; word32 totalSz; +#ifdef WOLF_CRYPTO_CB + int devId; + void* devCtx; + #ifdef WOLFSSL_QNX_CAAM + byte ctx[32]; /* hold state for save and return */ + word32 blackKey; + word32 keylen; + byte initialized; + #endif +#endif }; @@ -70,6 +80,12 @@ WOLFSSL_API int wc_InitCmac(Cmac* cmac, const byte* key, word32 keySz, int type, void* unused); + +WOLFSSL_API +int wc_InitCmac_ex(Cmac* cmac, + const byte* key, word32 keySz, + int type, void* unused, void* heap, int devId); + WOLFSSL_API int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz); diff --git a/source/libwolfssl/wolfcrypt/coding.h b/source/libwolfssl/wolfcrypt/coding.h index 886b5ba3..a5c2ba14 100644 --- a/source/libwolfssl/wolfcrypt/coding.h +++ b/source/libwolfssl/wolfcrypt/coding.h @@ -1,6 +1,6 @@ /* coding.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,7 +26,7 @@ #ifndef WOLF_CRYPT_CODING_H #define WOLF_CRYPT_CODING_H -#include +#include #ifdef __cplusplus extern "C" { @@ -79,6 +79,8 @@ WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out, int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen); #endif + WOLFSSL_LOCAL int Base64_SkipNewline(const byte* in, word32* inLen, + word32* outJ); #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libwolfssl/wolfcrypt/compress.h b/source/libwolfssl/wolfcrypt/compress.h index 9695c729..8f3eb737 100644 --- a/source/libwolfssl/wolfcrypt/compress.h +++ b/source/libwolfssl/wolfcrypt/compress.h @@ -1,6 +1,6 @@ /* compress.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ #ifndef WOLF_CRYPT_COMPRESS_H #define WOLF_CRYPT_COMPRESS_H -#include +#include #ifdef HAVE_LIBZ @@ -47,6 +47,8 @@ WOLFSSL_API int wc_Compress_ex(byte* out, word32 outSz, const byte* in, WOLFSSL_API int wc_DeCompress(byte*, word32, const byte*, word32); WOLFSSL_API int wc_DeCompress_ex(byte* out, word32 outSz, const byte* in, word32 inSz, int windowBits); +WOLFSSL_API int wc_DeCompressDynamic(byte** out, int max, int memoryType, + const byte* in, word32 inSz, int windowBits, void* heap); #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libwolfssl/wolfcrypt/cpuid.h b/source/libwolfssl/wolfcrypt/cpuid.h index 08e39483..4eadb638 100644 --- a/source/libwolfssl/wolfcrypt/cpuid.h +++ b/source/libwolfssl/wolfcrypt/cpuid.h @@ -1,6 +1,6 @@ /* cpuid.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,15 +25,17 @@ #define WOLF_CRYPT_CPUID_H -#include +#include #ifdef __cplusplus extern "C" { #endif -#if defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \ - defined(WOLFSSL_AESNI) +#if (defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \ + defined(WOLFSSL_AESNI) || defined(WOLFSSL_SP_X86_64_ASM)) && \ + !defined(WOLFSSL_NO_ASM) + #define CPUID_AVX1 0x0001 #define CPUID_AVX2 0x0002 #define CPUID_RDRAND 0x0004 @@ -59,6 +61,7 @@ WOLFSSL_API void cpuid_select_flags(word32 flags); WOLFSSL_API void cpuid_set_flag(word32 flag); WOLFSSL_API void cpuid_clear_flag(word32 flag); + #endif #ifdef __cplusplus diff --git a/source/libwolfssl/wolfcrypt/cryptocb.h b/source/libwolfssl/wolfcrypt/cryptocb.h index 04f4160a..249f2c11 100644 --- a/source/libwolfssl/wolfcrypt/cryptocb.h +++ b/source/libwolfssl/wolfcrypt/cryptocb.h @@ -1,6 +1,6 @@ /* cryptocb.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -15,13 +15,14 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program. If not, see . + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ #ifndef _WOLF_CRYPTO_CB_H_ #define _WOLF_CRYPTO_CB_H_ -#include +#include #ifdef __cplusplus extern "C" { @@ -35,30 +36,41 @@ #ifdef WOLF_CRYPTO_CB #ifndef NO_RSA - #include + #include #endif #ifdef HAVE_ECC - #include + #include #endif #ifndef NO_AES - #include + #include #endif #ifndef NO_SHA - #include + #include #endif #ifndef NO_SHA256 - #include + #include #endif #ifndef NO_HMAC - #include + #include #endif #ifndef WC_NO_RNG - #include + #include #endif #ifndef NO_DES3 - #include + #include +#endif +#ifdef WOLFSSL_CMAC + #include +#endif +#ifdef HAVE_ED25519 + #include +#endif +#ifdef HAVE_CURVE25519 + #include +#endif +#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) + #include #endif - /* Crypto Information Structure for callbacks */ typedef struct wc_CryptoInfo { @@ -85,6 +97,11 @@ typedef struct wc_CryptoInfo { WC_RNG* rng; } rsakg; #endif + struct { + RsaKey* key; + const byte* pubKey; + word32 pubKeySz; + } rsa_check; #endif #ifdef HAVE_ECC struct { @@ -115,6 +132,55 @@ typedef struct wc_CryptoInfo { int* res; ecc_key* key; } eccverify; + struct { + ecc_key* key; + const byte* pubKey; + word32 pubKeySz; + } ecc_check; + #endif + #ifdef HAVE_CURVE25519 + struct { + WC_RNG* rng; + int size; + curve25519_key* key; + int curveId; + } curve25519kg; + struct { + curve25519_key* private_key; + curve25519_key* public_key; + byte* out; + word32* outlen; + int endian; + } curve25519; + #endif + #ifdef HAVE_ED25519 + struct { + WC_RNG* rng; + int size; + ed25519_key* key; + int curveId; + } ed25519kg; + struct { + const byte* in; + word32 inLen; + byte* out; + word32* outLen; + ed25519_key* key; + byte type; + const byte* context; + byte contextLen; + } ed25519sign; + struct { + const byte* sig; + word32 sigLen; + const byte* msg; + word32 msgLen; + int* res; + ed25519_key* key; + byte type; + const byte* context; + byte contextLen; + } ed25519verify; #endif }; } pk; @@ -169,7 +235,8 @@ typedef struct wc_CryptoInfo { }; } cipher; #endif /* !NO_AES || !NO_DES3 */ -#if !defined(NO_SHA) || !defined(NO_SHA256) +#if !defined(NO_SHA) || !defined(NO_SHA256) || \ + defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) struct { int type; /* enum wc_HashType */ const byte* in; @@ -182,6 +249,12 @@ typedef struct wc_CryptoInfo { #ifndef NO_SHA256 wc_Sha256* sha256; #endif + #ifdef WOLFSSL_SHA384 + wc_Sha384* sha384; + #endif + #ifdef WOLFSSL_SHA512 + wc_Sha512* sha512; + #endif }; } hash; #endif /* !NO_SHA || !NO_SHA256 */ @@ -206,13 +279,26 @@ typedef struct wc_CryptoInfo { word32 sz; } seed; #endif +#ifdef WOLFSSL_CMAC + struct { + Cmac* cmac; + void* ctx; + const byte* key; + const byte* in; + byte* out; + word32* outSz; + word32 keySz; + word32 inSz; + int type; + } cmac; +#endif } wc_CryptoInfo; typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx); WOLFSSL_LOCAL void wc_CryptoCb_Init(void); - +WOLFSSL_LOCAL int wc_CryptoCb_GetDevIdAtIndex(int startIdx); WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx); WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId); @@ -229,6 +315,9 @@ WOLFSSL_LOCAL int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out, WOLFSSL_LOCAL int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng); #endif /* WOLFSSL_KEY_GEN */ + +WOLFSSL_LOCAL int wc_CryptoCb_RsaCheckPrivKey(RsaKey* key, const byte* pubKey, + word32 pubKeySz); #endif /* !NO_RSA */ #ifdef HAVE_ECC @@ -243,8 +332,30 @@ WOLFSSL_LOCAL int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out, WOLFSSL_LOCAL int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen, const byte* hash, word32 hashlen, int* res, ecc_key* key); + +WOLFSSL_LOCAL int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey, + word32 pubKeySz); #endif /* HAVE_ECC */ +#ifdef HAVE_CURVE25519 +WOLFSSL_LOCAL int wc_CryptoCb_Curve25519Gen(WC_RNG* rng, int keySize, + curve25519_key* key); + +WOLFSSL_LOCAL int wc_CryptoCb_Curve25519(curve25519_key* private_key, + curve25519_key* public_key, byte* out, word32* outlen, int endian); +#endif /* HAVE_CURVE25519 */ + +#ifdef HAVE_ED25519 +WOLFSSL_LOCAL int wc_CryptoCb_Ed25519Gen(WC_RNG* rng, int keySize, + ed25519_key* key); +WOLFSSL_LOCAL int wc_CryptoCb_Ed25519Sign(const byte* in, word32 inLen, + byte* out, word32 *outLen, ed25519_key* key, byte type, const byte* context, + byte contextLen); +WOLFSSL_LOCAL int wc_CryptoCb_Ed25519Verify(const byte* sig, word32 sigLen, + const byte* msg, word32 msgLen, int* res, ed25519_key* key, byte type, + const byte* context, byte contextLen); +#endif /* HAVE_ED25519 */ + #ifndef NO_AES #ifdef HAVE_AESGCM WOLFSSL_LOCAL int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out, @@ -280,6 +391,15 @@ WOLFSSL_LOCAL int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in, WOLFSSL_LOCAL int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in, word32 inSz, byte* digest); #endif /* !NO_SHA256 */ +#ifdef WOLFSSL_SHA384 +WOLFSSL_LOCAL int wc_CryptoCb_Sha384Hash(wc_Sha384* sha384, const byte* in, + word32 inSz, byte* digest); +#endif +#ifdef WOLFSSL_SHA512 +WOLFSSL_LOCAL int wc_CryptoCb_Sha512Hash(wc_Sha512* sha512, const byte* in, + word32 inSz, byte* digest); +#endif + #ifndef NO_HMAC WOLFSSL_LOCAL int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in, word32 inSz, byte* digest); @@ -290,6 +410,12 @@ WOLFSSL_LOCAL int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz); WOLFSSL_LOCAL int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz); #endif +#ifdef WOLFSSL_CMAC +WOLFSSL_LOCAL int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz, + const byte* in, word32 inSz, byte* out, word32* outSz, int type, + void* ctx); +#endif + #endif /* WOLF_CRYPTO_CB */ #ifdef __cplusplus diff --git a/source/libwolfssl/wolfcrypt/curve25519.h b/source/libwolfssl/wolfcrypt/curve25519.h index 08dee992..2193f23a 100644 --- a/source/libwolfssl/wolfcrypt/curve25519.h +++ b/source/libwolfssl/wolfcrypt/curve25519.h @@ -1,6 +1,6 @@ /* curve25519.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,15 +27,15 @@ #ifndef WOLF_CRYPT_CURVE25519_H #define WOLF_CRYPT_CURVE25519_H -#include +#include #ifdef HAVE_CURVE25519 -#include -#include +#include +#include #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif #ifdef __cplusplus @@ -79,6 +79,9 @@ typedef struct curve25519_key { #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif +#if defined(WOLF_CRYPTO_CB) + int devId; +#endif } curve25519_key; enum { @@ -113,6 +116,8 @@ int wc_curve25519_shared_secret_ex(curve25519_key* private_key, WOLFSSL_API int wc_curve25519_init(curve25519_key* key); +WOLFSSL_API +int wc_curve25519_init_ex(curve25519_key* key, void* heap, int devId); WOLFSSL_API void wc_curve25519_free(curve25519_key* key); diff --git a/source/libwolfssl/wolfcrypt/curve448.h b/source/libwolfssl/wolfcrypt/curve448.h index 7455ee0e..55e1ae1b 100644 --- a/source/libwolfssl/wolfcrypt/curve448.h +++ b/source/libwolfssl/wolfcrypt/curve448.h @@ -1,6 +1,6 @@ /* curve448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,15 +25,15 @@ #ifndef WOLF_CRYPT_CURVE448_H #define WOLF_CRYPT_CURVE448_H -#include +#include #ifdef HAVE_CURVE448 -#include -#include +#include +#include #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif #ifdef __cplusplus diff --git a/source/libwolfssl/wolfcrypt/des3.h b/source/libwolfssl/wolfcrypt/des3.h index 6b4ac501..438e72cf 100644 --- a/source/libwolfssl/wolfcrypt/des3.h +++ b/source/libwolfssl/wolfcrypt/des3.h @@ -1,6 +1,6 @@ /* des3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,13 +26,13 @@ #ifndef WOLF_CRYPT_DES3_H #define WOLF_CRYPT_DES3_H -#include +#include #ifndef NO_DES3 #if defined(HAVE_FIPS) && \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - #include + #include #endif /* HAVE_FIPS_VERSION >= 2 */ #if defined(HAVE_FIPS) && \ @@ -58,7 +58,7 @@ enum { (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif enum { diff --git a/source/libwolfssl/wolfcrypt/dh.h b/source/libwolfssl/wolfcrypt/dh.h index 38300c75..d41f125b 100644 --- a/source/libwolfssl/wolfcrypt/dh.h +++ b/source/libwolfssl/wolfcrypt/dh.h @@ -1,6 +1,6 @@ /* dh.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,31 +26,24 @@ #ifndef WOLF_CRYPT_DH_H #define WOLF_CRYPT_DH_H -#include +#include #ifndef NO_DH #if defined(HAVE_FIPS) && \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - #include + #include #endif /* HAVE_FIPS_VERSION >= 2 */ -#include -#include +#include +#include #ifdef __cplusplus extern "C" { #endif #ifdef WOLFSSL_ASYNC_CRYPT - #include -#endif - -/* Optional support extended DH public / private keys */ -#if !defined(WOLFSSL_DH_EXTRA) && (defined(WOLFSSL_QT) || \ - defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \ - defined(WOLFSSL_STATIC_EPHEMERAL)) - #define WOLFSSL_DH_EXTRA + #include #endif typedef struct DhParams { @@ -117,12 +110,14 @@ WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz, const byte* q, word32 qSz); #ifdef WOLFSSL_DH_EXTRA +WOLFSSL_API int wc_DhPublicKeyDecode(const byte* input, word32* inOutIdx, + DhKey* key, word32 inSz); WOLFSSL_API int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz, const byte* pub, word32 pubSz); WOLFSSL_API int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz, byte* pub, word32* pPubSz); -#endif /* WOLFSSL_DH_EXTRA */ - +WOLFSSL_LOCAL int wc_DhKeyCopy(DhKey* src, DhKey* dst); +#endif WOLFSSL_API int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz, const byte* q, word32 qSz, int trusted, WC_RNG* rng); diff --git a/source/libwolfssl/wolfcrypt/dsa.h b/source/libwolfssl/wolfcrypt/dsa.h index 868a4871..0a11642d 100644 --- a/source/libwolfssl/wolfcrypt/dsa.h +++ b/source/libwolfssl/wolfcrypt/dsa.h @@ -1,6 +1,6 @@ /* dsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -53,8 +53,20 @@ enum { }; enum { - DSA_HALF_SIZE = 20, /* r and s size */ - DSA_SIG_SIZE = 40 /* signature size */ + /* 160 bit q length */ + DSA_160_HALF_SIZE = 20, /* r and s size */ + DSA_160_SIG_SIZE = 40, /* signature size */ + DSA_HALF_SIZE = DSA_160_HALF_SIZE, /* kept for compatiblity */ + DSA_SIG_SIZE = DSA_160_SIG_SIZE, /* kept for compatiblity */ + /* 256 bit q length */ + DSA_256_HALF_SIZE = 32, /* r and s size */ + DSA_256_SIG_SIZE = 64, /* signature size */ + + DSA_MIN_HALF_SIZE = DSA_160_HALF_SIZE, + DSA_MIN_SIG_SIZE = DSA_160_SIG_SIZE, + + DSA_MAX_HALF_SIZE = DSA_256_HALF_SIZE, + DSA_MAX_SIG_SIZE = DSA_256_SIG_SIZE, }; /* DSA */ diff --git a/source/libwolfssl/wolfcrypt/ecc.h b/source/libwolfssl/wolfcrypt/ecc.h index 9ed42d76..a969d5cc 100644 --- a/source/libwolfssl/wolfcrypt/ecc.h +++ b/source/libwolfssl/wolfcrypt/ecc.h @@ -1,6 +1,6 @@ /* ecc.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,39 +27,43 @@ #ifndef WOLF_CRYPT_ECC_H #define WOLF_CRYPT_ECC_H -#include +#include #ifdef HAVE_ECC #if defined(HAVE_FIPS) && \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - #include + #include #endif /* HAVE_FIPS_VERSION >= 2 */ -#include -#include +#include +#include #ifdef HAVE_X963_KDF - #include + #include #endif #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #ifdef WOLFSSL_CERT_GEN - #include + #include #endif #endif #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) - #include + #include #endif /* WOLFSSL_ATECC508A */ #if defined(WOLFSSL_CRYPTOCELL) - #include + #include +#endif + +#ifdef WOLFSSL_SILABS_SE_ACCEL + #include #endif #ifdef WOLFSSL_HAVE_SP_ECC - #include + #include #endif @@ -81,30 +85,41 @@ /* Determine max ECC bits based on enabled curves */ -#if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) - #define MAX_ECC_BITS 521 +#if defined(WOLFCRYPT_HAVE_SAKKE) + #define MAX_ECC_BITS_NEEDED 1024 +#elif defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) + #define MAX_ECC_BITS_NEEDED 521 #elif defined(HAVE_ECC512) - #define MAX_ECC_BITS 512 + #define MAX_ECC_BITS_NEEDED 512 #elif defined(HAVE_ECC384) - #define MAX_ECC_BITS 384 + #define MAX_ECC_BITS_NEEDED 384 #elif defined(HAVE_ECC320) - #define MAX_ECC_BITS 320 + #define MAX_ECC_BITS_NEEDED 320 #elif !defined(NO_ECC256) - #define MAX_ECC_BITS 256 + #define MAX_ECC_BITS_NEEDED 256 #elif defined(HAVE_ECC239) - #define MAX_ECC_BITS 239 + #define MAX_ECC_BITS_NEEDED 239 #elif defined(HAVE_ECC224) - #define MAX_ECC_BITS 224 + #define MAX_ECC_BITS_NEEDED 224 #elif defined(HAVE_ECC192) - #define MAX_ECC_BITS 192 + #define MAX_ECC_BITS_NEEDED 192 #elif defined(HAVE_ECC160) - #define MAX_ECC_BITS 160 + #define MAX_ECC_BITS_NEEDED 160 #elif defined(HAVE_ECC128) - #define MAX_ECC_BITS 128 + #define MAX_ECC_BITS_NEEDED 128 #elif defined(HAVE_ECC112) - #define MAX_ECC_BITS 112 + #define MAX_ECC_BITS_NEEDED 112 #endif +#ifndef MAX_ECC_BITS + #define MAX_ECC_BITS MAX_ECC_BITS_NEEDED +#else + #if MAX_ECC_BITS_NEEDED > MAX_ECC_BITS + #error configured MAX_ECC_BITS is less than required by enabled curves. + #endif +#endif + + /* calculate max ECC bytes */ #if ((MAX_ECC_BITS * 2) % 8) == 0 #define MAX_ECC_BYTES (MAX_ECC_BITS / 8) @@ -124,10 +139,15 @@ enum { ECC_PRIVATEKEY_ONLY = 3, ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */ SIG_HEADER_SZ = 7, /* ECC signature header size (30 81 87 02 42 [R] 02 42 [S]) */ - ECC_BUFSIZE = 256, /* for exported keys temp buffer */ - ECC_MINSIZE = 20, /* MIN Private Key size */ + ECC_BUFSIZE = 257, /* for exported keys temp buffer */ + ECC_MINSIZE = ECC_MIN_KEY_SZ/8, /* MIN Private Key size */ +#ifdef WOLFCRYPT_HAVE_SAKKE + ECC_MAXSIZE = 128, /* MAX Private Key size */ + ECC_MAXSIZE_GEN = 128, /* MAX Buffer size required when generating ECC keys*/ +#else ECC_MAXSIZE = 66, /* MAX Private Key size */ ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/ +#endif ECC_MAX_OID_LEN = 16, ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ), @@ -137,6 +157,8 @@ enum { ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2), #elif defined(PLUTON_CRYPTO_ECC) ECC_MAX_CRYPTO_HW_SIZE = 32, +#elif defined(WOLFSSL_SILABS_SE_ACCEL) + ECC_MAX_CRYPTO_HW_SIZE = 32, #elif defined(WOLFSSL_CRYPTOCELL) #ifndef CRYPTOCELL_KEY_SIZE CRYPTOCELL_KEY_SIZE = ECC_MAXSIZE, @@ -152,8 +174,9 @@ enum { /* Shamir's dual add constants */ SHAMIR_PRECOMP_SZ = 16, -#ifdef HAVE_PKCS11 +#ifdef WOLF_CRYPTO_CB ECC_MAX_ID_LEN = 32, + ECC_MAX_LABEL_LEN = 32, #endif }; @@ -205,9 +228,14 @@ typedef enum ecc_curve_id { ECC_X448, #endif +#ifdef WOLFCRYPT_HAVE_SAKKE + ECC_SAKKE_1, +#endif + #ifdef WOLFSSL_CUSTOM_CURVES ECC_CURVE_CUSTOM, #endif + ECC_CURVE_MAX } ecc_curve_id; #ifdef HAVE_OID_ENCODING @@ -297,6 +325,9 @@ typedef struct ecc_set_type { #ifndef USE_FAST_MATH #error USE_FAST_MATH must be defined to use ALT_ECC_SIZE #endif +#ifdef WOLFSSL_NO_MALLOC + #error ALT_ECC_SIZE cannot be used with no malloc (WOLFSSL_NO_MALLOC) +#endif /* determine max bits required for ECC math */ #ifndef FP_MAX_BITS_ECC @@ -315,7 +346,8 @@ typedef struct ecc_set_type { #endif /* determine buffer size */ -#define FP_SIZE_ECC (FP_MAX_BITS_ECC/DIGIT_BIT) +/* Add one to accommodate extra digit used by sp_mul(), sp_mulmod(), sp_sqr(), and sp_sqrmod(). */ +#define FP_SIZE_ECC ((FP_MAX_BITS_ECC/DIGIT_BIT) + 1) /* This needs to match the size of the fp_int struct, except the @@ -388,6 +420,12 @@ struct ecc_key { void* heap; /* heap hint */ ecc_point pubkey; /* public key */ mp_int k; /* private key */ + +#ifdef WOLFSSL_QNX_CAAM + word32 blackKey; /* address of key encrypted and in secure memory */ + word32 securePubKey; /* address of public key in secure memory */ + int partNum; /* partition number*/ +#endif #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) int slot; /* Key Slot Number (-1 unknown) */ byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE]; @@ -395,6 +433,16 @@ struct ecc_key { #if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_CB) int devId; #endif +#ifdef WOLFSSL_SILABS_SE_ACCEL + sl_se_command_context_t cmd_ctx; + sl_se_key_descriptor_t key; + /* Used for SiLabs "plaintext" with public X, public Y, and + * private D concatenated. These are respectively at offset `0`, + * offset `keysize`, and offset `2 * keysize`. + */ + byte key_raw[3 * ECC_MAX_CRYPTO_HW_SIZE]; +#endif + #ifdef WOLFSSL_ASYNC_CRYPT mp_int* r; /* sign/verify temps */ mp_int* s; @@ -407,17 +455,23 @@ struct ecc_key { CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */ #endif #endif /* WOLFSSL_ASYNC_CRYPT */ -#ifdef HAVE_PKCS11 +#ifdef WOLF_CRYPTO_CB byte id[ECC_MAX_ID_LEN]; int idLen; + char label[ECC_MAX_LABEL_LEN]; + int labelLen; #endif #if defined(WOLFSSL_CRYPTOCELL) ecc_context_t ctx; #endif -#ifdef WOLFSSL_ECDSA_SET_K +#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \ + defined(WOLFSSL_ECDSA_DETERMINISTIC_K) mp_int *sign_k; #endif +#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) + byte deterministic:1; +#endif #ifdef WOLFSSL_SMALL_STACK_CACHE mp_int* t1; @@ -452,8 +506,6 @@ extern const size_t ecc_sets_count; WOLFSSL_API const char* wc_ecc_get_name(int curve_id); -#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) - #ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL #define ECC_API WOLFSSL_API #else @@ -474,8 +526,9 @@ ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a, WOLFSSL_LOCAL int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B, ecc_point* R, mp_int* a, mp_int* modulus, mp_digit mp, int* infinity); - -#endif +WOLFSSL_LOCAL +int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a, + mp_int* modulus, mp_digit mp); WOLFSSL_API int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key); @@ -522,7 +575,15 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, WOLFSSL_API int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, ecc_key* key, mp_int *r, mp_int *s); -#ifdef WOLFSSL_ECDSA_SET_K +#ifdef WOLFSSL_ECDSA_DETERMINISTIC_K +WOLFSSL_API +int wc_ecc_set_deterministic(ecc_key* key, byte flag); +WOLFSSL_API +int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz, + enum wc_HashType hashType, mp_int* priv, mp_int* k, mp_int* order, + void* heap); +#endif +#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) WOLFSSL_API int wc_ecc_sign_set_k(const byte* k, word32 klen, ecc_key* key); #endif @@ -541,10 +602,12 @@ WOLFSSL_API int wc_ecc_init(ecc_key* key); WOLFSSL_ABI WOLFSSL_API int wc_ecc_init_ex(ecc_key* key, void* heap, int devId); -#ifdef HAVE_PKCS11 +#ifdef WOLF_CRYPTO_CB WOLFSSL_API int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap, int devId); +WOLFSSL_API +int wc_ecc_init_label(ecc_key* key, const char* label, void* heap, int devId); #endif #ifdef WOLFSSL_CUSTOM_CURVES WOLFSSL_LOCAL @@ -604,7 +667,9 @@ void wc_ecc_del_point(ecc_point* p); WOLFSSL_API void wc_ecc_del_point_h(ecc_point* p, void* h); WOLFSSL_API -int wc_ecc_copy_point(ecc_point* p, ecc_point *r); +void wc_ecc_forcezero_point(ecc_point* p); +WOLFSSL_API +int wc_ecc_copy_point(const ecc_point* p, ecc_point *r); WOLFSSL_API int wc_ecc_cmp_point(ecc_point* a, ecc_point *b); WOLFSSL_API @@ -614,13 +679,13 @@ int wc_ecc_point_is_on_curve(ecc_point *p, int curve_idx); #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) WOLFSSL_API -int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, +int wc_ecc_mulmod(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, mp_int* modulus, int map); WOLFSSL_LOCAL -int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R, +int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, mp_int* modulus, int map, void* heap); WOLFSSL_LOCAL -int wc_ecc_mulmod_ex2(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, +int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, mp_int* modulus, mp_int* order, WC_RNG* rng, int map, void* heap); #endif /* !WOLFSSL_ATECC508A */ @@ -662,8 +727,8 @@ WOLFSSL_API int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy, const char* d, int curve_id); WOLFSSL_API -int wc_ecc_import_unsigned(ecc_key* key, byte* qx, byte* qy, - byte* d, int curve_id); +int wc_ecc_import_unsigned(ecc_key* key, const byte* qx, const byte* qy, + const byte* d, int curve_id); #endif /* HAVE_ECC_KEY_IMPORT */ #ifdef HAVE_ECC_KEY_EXPORT @@ -696,10 +761,11 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point, #ifdef HAVE_ECC_KEY_IMPORT WOLFSSL_API -int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx, - ecc_point* point, int shortKeySize); +int wc_ecc_import_point_der_ex(const byte* in, word32 inLen, + const int curve_idx, ecc_point* point, + int shortKeySize); WOLFSSL_API -int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, +int wc_ecc_import_point_der(const byte* in, word32 inLen, const int curve_idx, ecc_point* point); #endif /* HAVE_ECC_KEY_IMPORT */ @@ -709,7 +775,7 @@ int wc_ecc_size(ecc_key* key); WOLFSSL_API int wc_ecc_sig_size_calc(int sz); WOLFSSL_API -int wc_ecc_sig_size(ecc_key* key); +int wc_ecc_sig_size(const ecc_key* key); WOLFSSL_API int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz); @@ -742,6 +808,7 @@ enum { KEY_SIZE_256 = 32, IV_SIZE_64 = 8, IV_SIZE_128 = 16, + ECC_MAX_IV_SIZE = 16, EXCHANGE_SALT_SZ = 16, EXCHANGE_INFO_SZ = 23 }; diff --git a/source/libwolfssl/wolfcrypt/ed25519.h b/source/libwolfssl/wolfcrypt/ed25519.h index d16e1c89..6a41e6fd 100644 --- a/source/libwolfssl/wolfcrypt/ed25519.h +++ b/source/libwolfssl/wolfcrypt/ed25519.h @@ -1,6 +1,6 @@ /* ed25519.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,17 +27,20 @@ #ifndef WOLF_CRYPT_ED25519_H #define WOLF_CRYPT_ED25519_H -#include +#include #ifdef HAVE_ED25519 -#include -#include -#include -#include +#include +#include +#include +#ifndef WOLFSSL_SHA512 +#error ED25519 requires SHA512 +#endif +#include #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif #ifdef __cplusplus @@ -87,6 +90,14 @@ struct ed25519_key { #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif +#if defined(WOLF_CRYPTO_CB) + int devId; +#endif + void *heap; +#ifdef WOLFSSL_ED25519_PERSISTENT_SHA + wc_Sha512 sha; + int sha_clean_flag; +#endif }; @@ -95,6 +106,7 @@ int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey, word32 pubKeySz); WOLFSSL_API int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key); +#ifdef HAVE_ED25519_SIGN WOLFSSL_API int wc_ed25519_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen, ed25519_key* key); @@ -111,6 +123,12 @@ int wc_ed25519ph_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen, ed25519_key* key, const byte* context, byte contextLen); WOLFSSL_API +int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out, + word32 *outLen, ed25519_key* key, byte type, + const byte* context, byte contextLen); +#endif /* HAVE_ED25519_SIGN */ +#ifdef HAVE_ED25519_VERIFY +WOLFSSL_API int wc_ed25519_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* stat, ed25519_key* key); WOLFSSL_API @@ -125,10 +143,31 @@ WOLFSSL_API int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* stat, ed25519_key* key, const byte* context, byte contextLen); +WOLFSSL_API +int wc_ed25519_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg, + word32 msgLen, int* res, ed25519_key* key, + byte type, const byte* context, byte contextLen); +#ifdef WOLFSSL_ED25519_STREAMING_VERIFY +WOLFSSL_API +int wc_ed25519_verify_msg_init(const byte* sig, word32 sigLen, ed25519_key* key, + byte type, const byte* context, byte contextLen); +WOLFSSL_API +int wc_ed25519_verify_msg_update(const byte* msgSegment, word32 msgSegmentLen, + ed25519_key* key); +WOLFSSL_API +int wc_ed25519_verify_msg_final(const byte* sig, word32 sigLen, int* res, + ed25519_key* key); +#endif /* WOLFSSL_ED25519_STREAMING_VERIFY */ +#endif /* HAVE_ED25519_VERIFY */ + + WOLFSSL_API int wc_ed25519_init(ed25519_key* key); WOLFSSL_API +int wc_ed25519_init_ex(ed25519_key* key, void* heap, int devId); +WOLFSSL_API void wc_ed25519_free(ed25519_key* key); +#ifdef HAVE_ED25519_KEY_IMPORT WOLFSSL_API int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key); WOLFSSL_API @@ -137,6 +176,9 @@ int wc_ed25519_import_private_only(const byte* priv, word32 privSz, WOLFSSL_API int wc_ed25519_import_private_key(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ed25519_key* key); +#endif /* HAVE_ED25519_KEY_IMPORT */ + +#ifdef HAVE_ED25519_KEY_EXPORT WOLFSSL_API int wc_ed25519_export_public(ed25519_key*, byte* out, word32* outLen); WOLFSSL_API @@ -147,6 +189,7 @@ WOLFSSL_API int wc_ed25519_export_key(ed25519_key* key, byte* priv, word32 *privSz, byte* pub, word32 *pubSz); +#endif /* HAVE_ED25519_KEY_EXPORT */ WOLFSSL_API int wc_ed25519_check_key(ed25519_key* key); diff --git a/source/libwolfssl/wolfcrypt/ed448.h b/source/libwolfssl/wolfcrypt/ed448.h index d90d99a4..37602bf1 100644 --- a/source/libwolfssl/wolfcrypt/ed448.h +++ b/source/libwolfssl/wolfcrypt/ed448.h @@ -1,6 +1,6 @@ /* ed448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,17 +27,20 @@ #ifndef WOLF_CRYPT_ED448_H #define WOLF_CRYPT_ED448_H -#include +#include #ifdef HAVE_ED448 -#include -#include -#include -#include +#include +#include +#include +#ifndef WOLFSSL_SHAKE256 +#error ED448 requires SHAKE256 +#endif +#include #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif #ifdef __cplusplus @@ -62,6 +65,7 @@ /* both private and public key */ #define ED448_PRV_KEY_SIZE (ED448_PUB_KEY_SIZE+ED448_KEY_SIZE) +#define ED448_PREHASH_SIZE 64 enum { Ed448 = 0, @@ -86,6 +90,14 @@ struct ed448_key { #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif +#if defined(WOLF_CRYPTO_CB) + int devId; +#endif + void *heap; +#ifdef WOLFSSL_ED448_PERSISTENT_SHA + wc_Shake sha; + int sha_clean_flag; +#endif }; @@ -94,6 +106,7 @@ int wc_ed448_make_public(ed448_key* key, unsigned char* pubKey, word32 pubKeySz); WOLFSSL_API int wc_ed448_make_key(WC_RNG* rng, int keysize, ed448_key* key); +#ifdef HAVE_ED448_SIGN WOLFSSL_API int wc_ed448_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen, ed448_key* key, const byte* context, byte contextLen); @@ -102,9 +115,30 @@ int wc_ed448ph_sign_hash(const byte* hash, word32 hashLen, byte* out, word32 *outLen, ed448_key* key, const byte* context, byte contextLen); WOLFSSL_API +int wc_ed448_sign_msg_ex(const byte* in, word32 inLen, byte* out, + word32 *outLen, ed448_key* key, byte type, + const byte* context, byte contextLen); +WOLFSSL_API int wc_ed448ph_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen, ed448_key* key, const byte* context, byte contextLen); +#endif /* HAVE_ED448_SIGN */ +#ifdef HAVE_ED448_VERIFY +WOLFSSL_API +int wc_ed448_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg, + word32 msgLen, int* res, ed448_key* key, + byte type, const byte* context, byte contextLen); +#ifdef WOLFSSL_ED448_STREAMING_VERIFY +WOLFSSL_API +int wc_ed448_verify_msg_init(const byte* sig, word32 sigLen, ed448_key* key, + byte type, const byte* context, byte contextLen); +WOLFSSL_API +int wc_ed448_verify_msg_update(const byte* msgSegment, word32 msgSegmentLen, + ed448_key* key); +WOLFSSL_API +int wc_ed448_verify_msg_final(const byte* sig, word32 sigLen, + int* stat, ed448_key* key); +#endif /* WOLFSSL_ED448_STREAMING_VERIFY */ WOLFSSL_API int wc_ed448_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* stat, ed448_key* key, @@ -117,10 +151,15 @@ WOLFSSL_API int wc_ed448ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* stat, ed448_key* key, const byte* context, byte contextLen); +#endif /* HAVE_ED448_VERIFY */ +WOLFSSL_API +int wc_ed448_init_ex(ed448_key* key, void *heap, int devId); WOLFSSL_API int wc_ed448_init(ed448_key* key); WOLFSSL_API void wc_ed448_free(ed448_key* key); + +#ifdef HAVE_ED448_KEY_IMPORT WOLFSSL_API int wc_ed448_import_public(const byte* in, word32 inLen, ed448_key* key); WOLFSSL_API @@ -129,6 +168,9 @@ int wc_ed448_import_private_only(const byte* priv, word32 privSz, WOLFSSL_API int wc_ed448_import_private_key(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ed448_key* key); +#endif /* HAVE_ED448_KEY_IMPORT */ + +#ifdef HAVE_ED448_KEY_EXPORT WOLFSSL_API int wc_ed448_export_public(ed448_key*, byte* out, word32* outLen); WOLFSSL_API @@ -138,6 +180,7 @@ int wc_ed448_export_private(ed448_key* key, byte* out, word32* outLen); WOLFSSL_API int wc_ed448_export_key(ed448_key* key, byte* priv, word32 *privSz, byte* pub, word32 *pubSz); +#endif /* HAVE_ED448_KEY_EXPORT */ WOLFSSL_API int wc_ed448_check_key(ed448_key* key); diff --git a/source/libwolfssl/wolfcrypt/error-crypt.h b/source/libwolfssl/wolfcrypt/error-crypt.h index 5b226bd1..48af52ca 100644 --- a/source/libwolfssl/wolfcrypt/error-crypt.h +++ b/source/libwolfssl/wolfcrypt/error-crypt.h @@ -1,6 +1,6 @@ /* error-crypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -31,7 +31,7 @@ the error status. #ifndef WOLF_CRYPT_ERROR_H #define WOLF_CRYPT_ERROR_H -#include +#include #if defined(HAVE_FIPS) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) @@ -234,8 +234,12 @@ enum { PSS_SALTLEN_RECOVER_E=-273, /* PSS slat length not recoverable */ CHACHA_POLY_OVERFLOW =-274, /* ChaCha20Poly1305 limit overflow */ ASN_SELF_SIGNED_E = -275, /* ASN self-signed certificate error */ + SAKKE_VERIFY_FAIL_E = -276, /* SAKKE derivation verification error */ + MISSING_IV = -277, /* IV was not set */ + MISSING_KEY = -278, /* Key was not set */ + BAD_LENGTH_E = -279, /* Value of length parameter is invalid. */ - WC_LAST_E = -275, /* Update this to indicate last error */ + WC_LAST_E = -279, /* Update this to indicate last error */ MIN_CODE_E = -300 /* errors -101 - -299 */ /* add new companion error id strings for any new error codes diff --git a/source/libwolfssl/wolfcrypt/fe_448.h b/source/libwolfssl/wolfcrypt/fe_448.h index ff62521c..4664ce4b 100644 --- a/source/libwolfssl/wolfcrypt/fe_448.h +++ b/source/libwolfssl/wolfcrypt/fe_448.h @@ -1,6 +1,6 @@ /* fe448_448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,15 +23,11 @@ #ifndef WOLF_CRYPT_FE_448_H #define WOLF_CRYPT_FE_448_H -#include +#include #if defined(HAVE_CURVE448) || defined(HAVE_ED448) -#ifndef WOLFSSL_LINUXKM -#include -#endif - -#include +#include #if defined(HAVE___UINT128_T) && !defined(NO_CURVED448_128BIT) #define CURVED448_128BIT @@ -45,16 +41,23 @@ #if !defined(CURVE448_SMALL) && !defined(ED448_SMALL) #if defined(CURVED448_128BIT) - typedef int64_t fe448; - #ifdef __SIZEOF_INT128__ - typedef __uint128_t uint128_t; - typedef __int128_t int128_t; - #else - typedef unsigned long uint128_t __attribute__ ((mode(TI))); - typedef long int128_t __attribute__ ((mode(TI))); + typedef sword64 fe448; + #ifndef WOLFSSL_UINT128_T_DEFINED + #ifdef __SIZEOF_INT128__ + typedef __uint128_t uint128_t; + typedef __int128_t int128_t; + typedef __uint128_t word128; + typedef __int128_t sword128; + #else + typedef unsigned long uint128_t __attribute__ ((mode(TI))); + typedef long int128_t __attribute__ ((mode(TI))); + typedef uint128_t word128; + typedef int128_t sword128; + #endif + #define WOLFSSL_UINT128_T_DEFINED #endif #else - typedef int32_t fe448; + typedef sword32 fe448; #endif WOLFSSL_LOCAL void fe448_init(void); @@ -91,21 +94,21 @@ WOLFSSL_LOCAL void fe448_init(void); WOLFSSL_LOCAL int curve448(byte* r, const byte* n, const byte* a); #define fe448_reduce(a) -WOLFSSL_LOCAL void fe448_neg(uint8_t*,const uint8_t*); -WOLFSSL_LOCAL void fe448_add(uint8_t*, const uint8_t*, const uint8_t*); -WOLFSSL_LOCAL void fe448_sub(uint8_t*, const uint8_t*, const uint8_t*); -WOLFSSL_LOCAL void fe448_mul(uint8_t*,const uint8_t*,const uint8_t*); -WOLFSSL_LOCAL void fe448_sqr(uint8_t*, const uint8_t*); -WOLFSSL_LOCAL void fe448_mul39081(uint8_t*, const uint8_t*); -WOLFSSL_LOCAL void fe448_invert(uint8_t*, const uint8_t*); +WOLFSSL_LOCAL void fe448_neg(word8*,const word8*); +WOLFSSL_LOCAL void fe448_add(word8*, const word8*, const word8*); +WOLFSSL_LOCAL void fe448_sub(word8*, const word8*, const word8*); +WOLFSSL_LOCAL void fe448_mul(word8*,const word8*,const word8*); +WOLFSSL_LOCAL void fe448_sqr(word8*, const word8*); +WOLFSSL_LOCAL void fe448_mul39081(word8*, const word8*); +WOLFSSL_LOCAL void fe448_invert(word8*, const word8*); -WOLFSSL_LOCAL void fe448_copy(uint8_t*, const uint8_t*); -WOLFSSL_LOCAL int fe448_isnonzero(const uint8_t*); +WOLFSSL_LOCAL void fe448_copy(word8*, const word8*); +WOLFSSL_LOCAL int fe448_isnonzero(const word8*); WOLFSSL_LOCAL void fe448_norm(byte *a); -WOLFSSL_LOCAL void fe448_cmov(uint8_t*,const uint8_t*, int); -WOLFSSL_LOCAL void fe448_pow_2_446_222_1(uint8_t*,const uint8_t*); +WOLFSSL_LOCAL void fe448_cmov(word8*,const word8*, int); +WOLFSSL_LOCAL void fe448_pow_2_446_222_1(word8*,const word8*); #endif /* !CURVE448_SMALL || !ED448_SMALL */ diff --git a/source/libwolfssl/wolfcrypt/fe_operations.h b/source/libwolfssl/wolfcrypt/fe_operations.h index 666246c7..1f287a0e 100644 --- a/source/libwolfssl/wolfcrypt/fe_operations.h +++ b/source/libwolfssl/wolfcrypt/fe_operations.h @@ -1,6 +1,6 @@ /* fe_operations.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,17 +23,11 @@ #ifndef WOLF_CRYPT_FE_OPERATIONS_H #define WOLF_CRYPT_FE_OPERATIONS_H -#include +#include #if defined(HAVE_CURVE25519) || defined(HAVE_ED25519) -#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL) -#ifndef WOLFSSL_LINUXKM - #include -#endif -#endif - -#include +#include #if defined(USE_INTEL_SPEEDUP) && !defined(NO_CURVED25519_X64) #define CURVED25519_X64 @@ -88,13 +82,13 @@ WOLFSSL_LOCAL int curve25519(byte * q, const byte * n, const byte * p); #if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL) #ifdef CURVED25519_ASM_64BIT - typedef int64_t fe[4]; + typedef sword64 fe[4]; #elif defined(CURVED25519_ASM_32BIT) - typedef int32_t fe[8]; + typedef sword32 fe[8]; #elif defined(CURVED25519_128BIT) - typedef int64_t fe[5]; + typedef sword64 fe[5]; #else - typedef int32_t fe[10]; + typedef sword32 fe[10]; #endif WOLFSSL_LOCAL void fe_copy(fe, const fe); @@ -122,8 +116,8 @@ WOLFSSL_LOCAL void fe_cmov(fe,const fe, int); WOLFSSL_LOCAL void fe_pow22523(fe,const fe); /* 64 type needed for SHA512 */ -WOLFSSL_LOCAL uint64_t load_3(const unsigned char *in); -WOLFSSL_LOCAL uint64_t load_4(const unsigned char *in); +WOLFSSL_LOCAL word64 load_3(const unsigned char *in); +WOLFSSL_LOCAL word64 load_4(const unsigned char *in); #ifdef CURVED25519_ASM WOLFSSL_LOCAL void fe_ge_to_p2(fe rx, fe ry, fe rz, const fe px, const fe py, diff --git a/source/libwolfssl/wolfcrypt/fips_test.h b/source/libwolfssl/wolfcrypt/fips_test.h index 6de943f2..b488817c 100644 --- a/source/libwolfssl/wolfcrypt/fips_test.h +++ b/source/libwolfssl/wolfcrypt/fips_test.h @@ -1,6 +1,6 @@ /* fips_test.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,7 +24,7 @@ #ifndef WOLF_CRYPT_FIPS_TEST_H #define WOLF_CRYPT_FIPS_TEST_H -#include +#include #ifdef __cplusplus diff --git a/source/libwolfssl/wolfcrypt/ge_448.h b/source/libwolfssl/wolfcrypt/ge_448.h index 56f08d25..585ec541 100644 --- a/source/libwolfssl/wolfcrypt/ge_448.h +++ b/source/libwolfssl/wolfcrypt/ge_448.h @@ -1,6 +1,6 @@ /* ge_448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,11 +23,11 @@ #ifndef WOLF_CRYPT_GE_448_H #define WOLF_CRYPT_GE_448_H -#include +#include #ifdef HAVE_ED448 -#include +#include /* ge448 means group element. @@ -45,10 +45,10 @@ Representations: typedef byte ge448; #define GE448_WORDS 56 #elif defined(CURVED448_128BIT) - typedef int64_t ge448; + typedef sword64 ge448; #define GE448_WORDS 8 #else - typedef int32_t ge448; + typedef sword32 ge448; #define GE448_WORDS 16 #endif diff --git a/source/libwolfssl/wolfcrypt/ge_operations.h b/source/libwolfssl/wolfcrypt/ge_operations.h index 25af8085..9026c529 100644 --- a/source/libwolfssl/wolfcrypt/ge_operations.h +++ b/source/libwolfssl/wolfcrypt/ge_operations.h @@ -1,6 +1,6 @@ /* ge_operations.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,11 +25,11 @@ #ifndef WOLF_CRYPT_GE_OPERATIONS_H #define WOLF_CRYPT_GE_OPERATIONS_H -#include +#include #ifdef HAVE_ED25519 -#include +#include /* ge means group element. @@ -48,13 +48,13 @@ Representations: #ifdef ED25519_SMALL typedef byte ge[F25519_SIZE]; #elif defined(CURVED25519_ASM_64BIT) - typedef int64_t ge[4]; + typedef sword64 ge[4]; #elif defined(CURVED25519_ASM_32BIT) - typedef int32_t ge[8]; + typedef sword32 ge[8]; #elif defined(CURVED25519_128BIT) - typedef int64_t ge[5]; + typedef sword64 ge[5]; #else - typedef int32_t ge[10]; + typedef sword32 ge[10]; #endif typedef struct { diff --git a/source/libwolfssl/wolfcrypt/hash.h b/source/libwolfssl/wolfcrypt/hash.h index 32c60b3f..fb13fa9c 100644 --- a/source/libwolfssl/wolfcrypt/hash.h +++ b/source/libwolfssl/wolfcrypt/hash.h @@ -1,6 +1,6 @@ /* hash.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,34 +26,34 @@ #ifndef WOLF_CRYPT_HASH_H #define WOLF_CRYPT_HASH_H -#include +#include #ifndef NO_MD5 - #include + #include #endif #ifndef NO_SHA - #include + #include #endif #if defined(WOLFSSL_SHA224) || !defined(NO_SHA256) - #include + #include #endif #if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) - #include + #include #endif #ifdef HAVE_BLAKE2 - #include + #include #endif #ifdef WOLFSSL_SHA3 - #include + #include #endif #ifndef NO_MD4 - #include + #include #endif #ifdef WOLFSSL_MD2 - #include + #include #endif #if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S) - #include + #include #endif @@ -88,7 +88,7 @@ enum wc_HashFlags { #endif }; - +#ifndef NO_HASH_WRAPPER typedef union { #ifndef NO_MD5 wc_Md5 md5; @@ -112,6 +112,7 @@ typedef union { wc_Sha3 sha3; #endif } wc_HashAlg; +#endif /* !NO_HASH_WRAPPER */ /* Find largest possible digest size Note if this gets up to the size of 80 or over check smallstack build */ @@ -151,6 +152,8 @@ WOLFSSL_API enum wc_HashType wc_OidGetHash(int oid); WOLFSSL_API enum wc_HashType wc_HashTypeConvert(int hashType); +#ifndef NO_HASH_WRAPPER + WOLFSSL_API int wc_HashGetDigestSize(enum wc_HashType hash_type); WOLFSSL_API int wc_HashGetBlockSize(enum wc_HashType hash_type); WOLFSSL_API int wc_Hash(enum wc_HashType hash_type, @@ -175,37 +178,37 @@ WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); #endif #ifndef NO_MD5 -#include +#include WOLFSSL_API int wc_Md5Hash(const byte* data, word32 len, byte* hash); #endif #ifndef NO_SHA -#include +#include WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*); #endif #ifdef WOLFSSL_SHA224 -#include +#include WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*); #endif /* defined(WOLFSSL_SHA224) */ #ifndef NO_SHA256 -#include +#include WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*); #endif #ifdef WOLFSSL_SHA384 -#include +#include WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*); #endif /* defined(WOLFSSL_SHA384) */ #ifdef WOLFSSL_SHA512 -#include +#include WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*); #endif /* WOLFSSL_SHA512 */ #ifdef WOLFSSL_SHA3 -#include +#include WOLFSSL_API int wc_Sha3_224Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha3_256Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha3_384Hash(const byte*, word32, byte*); @@ -215,6 +218,8 @@ WOLFSSL_API int wc_Shake256Hash(const byte*, word32, byte*, word32); #endif #endif /* WOLFSSL_SHA3 */ +#endif /* !NO_HASH_WRAPPER */ + enum max_prf { #ifdef HAVE_FFDHE_8192 MAX_PRF_HALF = 516, /* Maximum half secret len */ diff --git a/source/libwolfssl/wolfcrypt/hc128.h b/source/libwolfssl/wolfcrypt/hc128.h index bf4b90c5..00b04000 100644 --- a/source/libwolfssl/wolfcrypt/hc128.h +++ b/source/libwolfssl/wolfcrypt/hc128.h @@ -1,6 +1,6 @@ /* hc128.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ #ifndef WOLF_CRYPT_HC128_H #define WOLF_CRYPT_HC128_H -#include +#include #ifndef NO_HC128 diff --git a/source/libwolfssl/wolfcrypt/hmac.h b/source/libwolfssl/wolfcrypt/hmac.h index 09095d40..76e0c510 100644 --- a/source/libwolfssl/wolfcrypt/hmac.h +++ b/source/libwolfssl/wolfcrypt/hmac.h @@ -1,6 +1,6 @@ /* hmac.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -28,7 +28,7 @@ #ifndef WOLF_CRYPT_HMAC_H #define WOLF_CRYPT_HMAC_H -#include +#include #if defined(HAVE_FIPS) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) @@ -40,7 +40,7 @@ #if defined(HAVE_FIPS) && \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - #include + #include #endif #ifdef __cplusplus @@ -52,7 +52,7 @@ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif #ifndef NO_OLD_WC_NAMES @@ -94,7 +94,8 @@ enum { WC_SHA3_512 = WC_HASH_TYPE_SHA3_512, #endif #ifdef HAVE_PKCS11 - HMAC_MAX_ID_LEN = 32, + HMAC_MAX_ID_LEN = 32, + HMAC_MAX_LABEL_LEN = 32, #endif }; @@ -153,6 +154,8 @@ struct Hmac { #ifdef HAVE_PKCS11 byte id[HMAC_MAX_ID_LEN]; int idLen; + char label[HMAC_MAX_LABEL_LEN]; + int labelLen; #endif #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB) word16 keyLen; /* hmac key length (key in ipad) */ @@ -174,8 +177,12 @@ WOLFSSL_API int wc_HmacFinal(Hmac*, byte*); WOLFSSL_API int wc_HmacSizeByType(int type); WOLFSSL_API int wc_HmacInit(Hmac* hmac, void* heap, int devId); +#ifdef HAVE_PKCS11 WOLFSSL_API int wc_HmacInit_Id(Hmac* hmac, byte* id, int len, void* heap, int devId); +WOLFSSL_API int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap, + int devId); +#endif WOLFSSL_API void wc_HmacFree(Hmac*); WOLFSSL_API int wolfSSL_GetHmacMaxSize(void); diff --git a/source/libwolfssl/wolfcrypt/idea.h b/source/libwolfssl/wolfcrypt/idea.h index c3710202..44b8c4a3 100644 --- a/source/libwolfssl/wolfcrypt/idea.h +++ b/source/libwolfssl/wolfcrypt/idea.h @@ -1,6 +1,6 @@ /* idea.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,7 +26,7 @@ #ifndef WOLF_CRYPT_IDEA_H #define WOLF_CRYPT_IDEA_H -#include +#include #ifdef HAVE_IDEA diff --git a/source/libwolfssl/wolfcrypt/integer.h b/source/libwolfssl/wolfcrypt/integer.h index d62c54c2..d0f33ccd 100644 --- a/source/libwolfssl/wolfcrypt/integer.h +++ b/source/libwolfssl/wolfcrypt/integer.h @@ -1,6 +1,6 @@ /* integer.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -33,7 +33,7 @@ may not be faster on all */ #include /* will set MP_xxBIT if not default */ -#ifdef WOLFSSL_SP_MATH +#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL) #include #elif defined(USE_FAST_MATH) #include @@ -72,7 +72,7 @@ extern "C" { /* detect 64-bit mode if possible */ -#if defined(__x86_64__) && !(defined (_MSC_VER) && defined(__clang__)) +#if (defined(__x86_64__) || defined(__aarch64__)) && !(defined (_MSC_VER) && defined(__clang__)) #if !(defined(MP_64BIT) && defined(MP_16BIT) && defined(MP_8BIT)) #define MP_64BIT #endif @@ -161,7 +161,7 @@ extern "C" { #define MP_OKAY 0 /* ok result */ #define MP_MEM -2 /* out of mem */ #define MP_VAL -3 /* invalid input */ -#define MP_NOT_INF -4 /* point not at infinity */ +#define MP_NOT_INF -4 /* point not at infinity */ #define MP_RANGE MP_NOT_INF #define MP_YES 1 /* yes response */ @@ -227,7 +227,8 @@ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat); /* ---> Basic Manipulations <--- */ #define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO) #define mp_isone(a) \ - (((((a)->used == 1)) && ((a)->dp[0] == 1u)) ? MP_YES : MP_NO) + (((((a)->used == 1)) && ((a)->dp[0] == 1u) && ((a)->sign == MP_ZPOS)) \ + ? MP_YES : MP_NO) #define mp_iseven(a) \ (((a)->used > 0 && (((a)->dp[0] & 1u) == 0u)) ? MP_YES : MP_NO) #define mp_isodd(a) \ @@ -255,9 +256,6 @@ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat); #define mp_prime_random(a, t, size, bbs, cb, dat) \ mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat) -#define mp_read_raw(mp, str, len) mp_read_signed_bin((mp), (str), (len)) -#define mp_raw_size(mp) mp_signed_bin_size(mp) -#define mp_toraw(mp, str) mp_to_signed_bin((mp), (str)) #define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len)) #define mp_mag_size(mp) mp_unsigned_bin_size(mp) #define mp_tomag(mp, str) mp_to_unsigned_bin((mp), (str)) @@ -285,7 +283,7 @@ MP_API int mp_init (mp_int * a); MP_API void mp_clear (mp_int * a); MP_API void mp_free (mp_int * a); MP_API void mp_forcezero(mp_int * a); -MP_API int mp_unsigned_bin_size(mp_int * a); +MP_API int mp_unsigned_bin_size(const mp_int * a); MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c); MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b); MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b); @@ -296,10 +294,10 @@ MP_API int mp_exptmod_ex (mp_int * G, mp_int * X, int digits, mp_int * P, /* end functions needed by Rsa */ /* functions added to support above needed, removed TOOM and KARATSUBA */ -MP_API int mp_count_bits (mp_int * a); +MP_API int mp_count_bits (const mp_int * a); MP_API int mp_leading_bit (mp_int * a); MP_API int mp_init_copy (mp_int * a, mp_int * b); -MP_API int mp_copy (mp_int * a, mp_int * b); +MP_API int mp_copy (const mp_int * a, mp_int * b); MP_API int mp_grow (mp_int * a, int size); MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d); MP_API void mp_zero (mp_int * a); diff --git a/source/libwolfssl/wolfcrypt/logging.h b/source/libwolfssl/wolfcrypt/logging.h index de9439a4..e3c2c53d 100644 --- a/source/libwolfssl/wolfcrypt/logging.h +++ b/source/libwolfssl/wolfcrypt/logging.h @@ -1,6 +1,6 @@ /* logging.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -100,6 +100,10 @@ WOLFSSL_API int wolfSSL_Debugging_ON(void); /* turn logging off */ WOLFSSL_API void wolfSSL_Debugging_OFF(void); +#ifdef HAVE_WC_INTROSPECTION + WOLFSSL_API const char *wolfSSL_configure_args(void); + WOLFSSL_API const char *wolfSSL_global_cflags(void); +#endif #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) WOLFSSL_LOCAL int wc_LoggingInit(void); @@ -187,6 +191,14 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void); #define WOLFSSL_ERROR_MSG(m) #endif +#ifdef HAVE_STACK_SIZE_VERBOSE + extern WOLFSSL_API THREAD_LS_T unsigned char *StackSizeCheck_myStack; + extern WOLFSSL_API THREAD_LS_T size_t StackSizeCheck_stackSize; + extern WOLFSSL_API THREAD_LS_T size_t StackSizeCheck_stackSizeHWM; + extern WOLFSSL_API THREAD_LS_T size_t *StackSizeCheck_stackSizeHWM_ptr; + extern WOLFSSL_API THREAD_LS_T void *StackSizeCheck_stackOffsetPointer; +#endif + #ifdef __cplusplus } #endif diff --git a/source/libwolfssl/wolfcrypt/md2.h b/source/libwolfssl/wolfcrypt/md2.h index ba13076b..d44b686c 100644 --- a/source/libwolfssl/wolfcrypt/md2.h +++ b/source/libwolfssl/wolfcrypt/md2.h @@ -1,6 +1,6 @@ /* md2.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ #ifndef WOLF_CRYPT_MD2_H #define WOLF_CRYPT_MD2_H -#include +#include #ifdef WOLFSSL_MD2 diff --git a/source/libwolfssl/wolfcrypt/md4.h b/source/libwolfssl/wolfcrypt/md4.h index 52fbbd60..2e37fdcb 100644 --- a/source/libwolfssl/wolfcrypt/md4.h +++ b/source/libwolfssl/wolfcrypt/md4.h @@ -1,6 +1,6 @@ /* md4.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,7 +26,7 @@ #ifndef WOLF_CRYPT_MD4_H #define WOLF_CRYPT_MD4_H -#include +#include #ifndef NO_MD4 diff --git a/source/libwolfssl/wolfcrypt/md5.h b/source/libwolfssl/wolfcrypt/md5.h index 5eb867b2..99a75ccc 100644 --- a/source/libwolfssl/wolfcrypt/md5.h +++ b/source/libwolfssl/wolfcrypt/md5.h @@ -1,6 +1,6 @@ /* md5.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ #ifndef WOLF_CRYPT_MD5_H #define WOLF_CRYPT_MD5_H -#include +#include #ifndef NO_MD5 @@ -42,9 +42,12 @@ extern "C" { #endif +#if !defined(NO_OLD_MD5_NAME) + #define MD5 WC_MD5 +#endif + #ifndef NO_OLD_WC_NAMES #define Md5 wc_Md5 - #define MD5 WC_MD5 #define MD5_BLOCK_SIZE WC_MD5_BLOCK_SIZE #define MD5_DIGEST_SIZE WC_MD5_DIGEST_SIZE #define WC_MD5_PAD_SIZE WC_MD5_PAD_SIZE @@ -60,18 +63,18 @@ enum { #ifdef WOLFSSL_MICROCHIP_PIC32MZ - #include + #include #endif #ifdef STM32_HASH - #include + #include #endif #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif #ifdef WOLFSSL_TI_HASH #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" -#elif defined(WOLFSSL_IMX6_CAAM) +#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM) #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" #else @@ -109,6 +112,9 @@ WOLFSSL_API int wc_InitMd5_ex(wc_Md5*, void*, int); WOLFSSL_API int wc_Md5Update(wc_Md5*, const byte*, word32); WOLFSSL_API int wc_Md5Final(wc_Md5*, byte*); WOLFSSL_API void wc_Md5Free(wc_Md5*); +#ifdef OPENSSL_EXTRA +WOLFSSL_API int wc_Md5Transform(wc_Md5*, const byte*); +#endif WOLFSSL_API int wc_Md5GetHash(wc_Md5*, byte*); WOLFSSL_API int wc_Md5Copy(wc_Md5*, wc_Md5*); diff --git a/source/libwolfssl/wolfcrypt/mem_track.h b/source/libwolfssl/wolfcrypt/mem_track.h index d33e90e6..362ef396 100644 --- a/source/libwolfssl/wolfcrypt/mem_track.h +++ b/source/libwolfssl/wolfcrypt/mem_track.h @@ -1,6 +1,6 @@ /* mem_track.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -76,6 +76,15 @@ long totalBytes; /* total number of bytes allocated */ long peakBytes; /* concurrent max bytes */ long currentBytes; /* total current bytes in use */ +#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE + long peakAllocsTripOdometer; /* peak number of concurrent allocations, + * subject to reset by + * wolfCrypt_heap_peak_checkpoint() + */ + long peakBytesTripOdometer; /* peak concurrent bytes, subject to reset + * by wolfCrypt_heap_peak_checkpoint() + */ +#endif } memoryStats; typedef struct memHint { @@ -170,8 +179,17 @@ ourMemStats.totalAllocs++; ourMemStats.totalBytes += sz; ourMemStats.currentBytes += sz; - if (ourMemStats.currentBytes > ourMemStats.peakBytes) - ourMemStats.peakBytes = ourMemStats.currentBytes; + #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE + if (ourMemStats.peakAllocsTripOdometer < ourMemStats.totalAllocs - ourMemStats.totalDeallocs) + ourMemStats.peakAllocsTripOdometer = ourMemStats.totalAllocs - ourMemStats.totalDeallocs; + if (ourMemStats.peakBytesTripOdometer < ourMemStats.currentBytes) { + ourMemStats.peakBytesTripOdometer = ourMemStats.currentBytes; + #endif + if (ourMemStats.currentBytes > ourMemStats.peakBytes) + ourMemStats.peakBytes = ourMemStats.currentBytes; + #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE + } + #endif #endif #ifdef DO_MEM_LIST if (pthread_mutex_lock(&memLock) == 0) { @@ -338,8 +356,12 @@ ourMemStats.totalBytes = 0; ourMemStats.peakBytes = 0; ourMemStats.currentBytes = 0; +#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE + ourMemStats.peakAllocsTripOdometer = 0; + ourMemStats.peakBytesTripOdometer = 0; +#endif #endif - + #ifdef DO_MEM_LIST XMEMSET(&ourMemList, 0, sizeof(ourMemList)); diff --git a/source/libwolfssl/wolfcrypt/memory.h b/source/libwolfssl/wolfcrypt/memory.h index 0014997c..4c1e4cc0 100644 --- a/source/libwolfssl/wolfcrypt/memory.h +++ b/source/libwolfssl/wolfcrypt/memory.h @@ -1,6 +1,6 @@ /* memory.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/wolfcrypt/misc.h b/source/libwolfssl/wolfcrypt/misc.h index 1521d5c2..b359650f 100644 --- a/source/libwolfssl/wolfcrypt/misc.h +++ b/source/libwolfssl/wolfcrypt/misc.h @@ -1,6 +1,6 @@ /* misc.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -29,7 +29,7 @@ masking and clearing memory logic. #define WOLF_CRYPT_MISC_H -#include +#include #ifdef __cplusplus @@ -43,11 +43,23 @@ word32 rotlFixed(word32, word32); WOLFSSL_LOCAL word32 rotrFixed(word32, word32); +#ifdef WC_RC2 +WOLFSSL_LOCAL +word16 rotlFixed16(word16, word16); +WOLFSSL_LOCAL +word16 rotrFixed16(word16, word16); +#endif + WOLFSSL_LOCAL word32 ByteReverseWord32(word32); WOLFSSL_LOCAL void ByteReverseWords(word32*, const word32*, word32); +WOLFSSL_LOCAL +void XorWordsOut(wolfssl_word* r, const wolfssl_word* a, const wolfssl_word* b, + word32 n); +WOLFSSL_LOCAL +void xorbufout(void*, const void*, const void*, word32); WOLFSSL_LOCAL void XorWords(wolfssl_word*, const wolfssl_word*, word32); WOLFSSL_LOCAL @@ -103,7 +115,9 @@ WOLFSSL_LOCAL byte ctMaskLT(int a, int b); WOLFSSL_LOCAL byte ctMaskLTE(int a, int b); WOLFSSL_LOCAL byte ctMaskEq(int a, int b); WOLFSSL_LOCAL word16 ctMask16GT(int a, int b); +WOLFSSL_LOCAL word16 ctMask16GTE(int a, int b); WOLFSSL_LOCAL word16 ctMask16LT(int a, int b); +WOLFSSL_LOCAL word16 ctMask16LTE(int a, int b); WOLFSSL_LOCAL word16 ctMask16Eq(int a, int b); WOLFSSL_LOCAL byte ctMaskNotEq(int a, int b); WOLFSSL_LOCAL byte ctMaskSel(byte m, byte a, byte b); diff --git a/source/libwolfssl/wolfcrypt/mpi_class.h b/source/libwolfssl/wolfcrypt/mpi_class.h index ae2fa830..e04acc26 100644 --- a/source/libwolfssl/wolfcrypt/mpi_class.h +++ b/source/libwolfssl/wolfcrypt/mpi_class.h @@ -1,6 +1,6 @@ /* mpi_class.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/wolfcrypt/mpi_superclass.h b/source/libwolfssl/wolfcrypt/mpi_superclass.h index 186ac750..91ebad82 100644 --- a/source/libwolfssl/wolfcrypt/mpi_superclass.h +++ b/source/libwolfssl/wolfcrypt/mpi_superclass.h @@ -1,6 +1,6 @@ /* mpi_superclass.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/wolfcrypt/pkcs11.h b/source/libwolfssl/wolfcrypt/pkcs11.h index bf1cb1ec..09e2e684 100644 --- a/source/libwolfssl/wolfcrypt/pkcs11.h +++ b/source/libwolfssl/wolfcrypt/pkcs11.h @@ -1,6 +1,6 @@ /* pkcs11.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/wolfcrypt/pkcs12.h b/source/libwolfssl/wolfcrypt/pkcs12.h index a9ab05f1..9d92f5ef 100644 --- a/source/libwolfssl/wolfcrypt/pkcs12.h +++ b/source/libwolfssl/wolfcrypt/pkcs12.h @@ -1,6 +1,6 @@ /* pkcs12.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,7 +23,7 @@ #ifndef WOLF_CRYPT_PKCS12_H #define WOLF_CRYPT_PKCS12_H -#include +#include #ifdef __cplusplus extern "C" { @@ -53,6 +53,8 @@ WOLFSSL_API int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz); WOLFSSL_API int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, byte** pkey, word32* pkeySz, byte** cert, word32* certSz, WC_DerCertList** ca); +WOLFSSL_LOCAL int wc_PKCS12_verify_ex(WC_PKCS12* pkcs12, + const byte* psw, word32 pswSz); WOLFSSL_API WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name, byte* key, word32 keySz, byte* cert, word32 certSz, WC_DerCertList* ca, int nidKey, int nidCert, int iter, int macIter, diff --git a/source/libwolfssl/wolfcrypt/pkcs7.h b/source/libwolfssl/wolfcrypt/pkcs7.h index d1b3f4f6..cbb66b30 100644 --- a/source/libwolfssl/wolfcrypt/pkcs7.h +++ b/source/libwolfssl/wolfcrypt/pkcs7.h @@ -1,6 +1,6 @@ /* pkcs7.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,21 +26,22 @@ #ifndef WOLF_CRYPT_PKCS7_H #define WOLF_CRYPT_PKCS7_H -#include +#include #ifdef HAVE_PKCS7 #ifndef NO_ASN - #include + #include #endif -#include -#include +#include +#include #ifndef NO_AES - #include + #include #endif #ifndef NO_DES3 - #include + #include #endif +#include #ifdef __cplusplus extern "C" { @@ -48,8 +49,12 @@ /* Max number of certificates that PKCS7 structure can parse */ #ifndef MAX_PKCS7_CERTS +#ifdef OPENSSL_ALL + #define MAX_PKCS7_CERTS 15 +#else #define MAX_PKCS7_CERTS 4 #endif +#endif #ifndef MAX_ORI_TYPE_SZ #define MAX_ORI_TYPE_SZ MAX_OID_SZ @@ -153,15 +158,6 @@ enum Pkcs7_Misc { MAX_RECIP_SZ = MAX_VERSION_SZ + MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ + MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ, -#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ - (HAVE_FIPS_VERSION >= 2)) || (defined(HAVE_SELFTEST) && \ - (!defined(HAVE_SELFTEST_VERSION) || HAVE_SELFTEST_VERSION < 2)) - /* In the event of fips cert 3389 or CAVP selftest v1 build, these enums are - * not in aes.h for use with pkcs7 so enumerate it here outside the fips - * boundary */ - GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */ - CCM_NONCE_MIN_SZ = 7, -#endif }; enum Cms_Options { diff --git a/source/libwolfssl/wolfcrypt/poly1305.h b/source/libwolfssl/wolfcrypt/poly1305.h index 7a37b040..9c71b790 100644 --- a/source/libwolfssl/wolfcrypt/poly1305.h +++ b/source/libwolfssl/wolfcrypt/poly1305.h @@ -1,6 +1,6 @@ /* poly1305.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,7 +26,7 @@ #ifndef WOLF_CRYPT_POLY1305_H #define WOLF_CRYPT_POLY1305_H -#include +#include #ifdef HAVE_POLY1305 @@ -109,15 +109,20 @@ typedef struct Poly1305 { /* does init */ WOLFSSL_API int wc_Poly1305SetKey(Poly1305* poly1305, const byte* key, - word32 kySz); + word32 kySz); WOLFSSL_API int wc_Poly1305Update(Poly1305* poly1305, const byte*, word32); WOLFSSL_API int wc_Poly1305Final(Poly1305* poly1305, byte* tag); /* AEAD Functions */ WOLFSSL_API int wc_Poly1305_Pad(Poly1305* ctx, word32 lenToPad); -WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz, word32 dataSz); -WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz, - byte* input, word32 sz, byte* tag, word32 tagSz); +WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz, + word32 dataSz); +#ifdef WORD64_AVAILABLE +WOLFSSL_API int wc_Poly1305_EncodeSizes64(Poly1305* ctx, word64 aadSz, + word64 dataSz); +#endif +WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, const byte* additional, + word32 addSz, const byte* input, word32 sz, byte* tag, word32 tagSz); #if defined(__aarch64__ ) && defined(WOLFSSL_ARMASM) void poly1305_blocks(Poly1305* ctx, const unsigned char *m, diff --git a/source/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h b/source/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h index 52624982..e3d2cc64 100644 --- a/source/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h +++ b/source/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h @@ -1,6 +1,6 @@ /* esp32-crypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -89,11 +89,13 @@ uint64_t wc_esp32elapsedTime(); /* RAW hash function APIs are not implemented with esp32 hardware acceleration*/ #define WOLFSSL_NO_HASH_RAW +#define SHA_CTX ETS_SHAContext #if ESP_IDF_VERSION_MAJOR >= 4 #include "esp32/rom/sha.h" #else #include "rom/sha.h" #endif +#undef SHA_CTX typedef enum { ESP32_SHA_INIT = 0, diff --git a/source/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h b/source/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h index 9ac47c82..d2214647 100644 --- a/source/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h +++ b/source/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h @@ -1,6 +1,6 @@ /* renesas-tsip-crypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -29,7 +29,7 @@ #endif #include "r_tsip_rx_if.h" -#include +#include #ifdef __cplusplus extern "C" { diff --git a/source/libwolfssl/wolfcrypt/port/af_alg/afalg_hash.h b/source/libwolfssl/wolfcrypt/port/af_alg/afalg_hash.h index 36c923b4..41a382a6 100644 --- a/source/libwolfssl/wolfcrypt/port/af_alg/afalg_hash.h +++ b/source/libwolfssl/wolfcrypt/port/af_alg/afalg_hash.h @@ -1,6 +1,6 @@ /* afalg_hash.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,7 +23,7 @@ #ifndef WOLF_CRYPT_AFALG_HASH_H #define WOLF_CRYPT_AFALG_HASH_H -#include +#include #undef WOLFSSL_NO_HASH_RAW #define WOLFSSL_NO_HASH_RAW diff --git a/source/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h b/source/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h index 38c1466c..87bff31f 100644 --- a/source/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h +++ b/source/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h @@ -1,6 +1,6 @@ /* wc_afalg.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,7 +23,7 @@ #ifndef WOLFSSL_AFALG_H #define WOLFSSL_AFALG_H -#include +#include #include #include diff --git a/source/libwolfssl/wolfcrypt/port/arm/cryptoCell.h b/source/libwolfssl/wolfcrypt/port/arm/cryptoCell.h index ae6b021f..387ecff1 100644 --- a/source/libwolfssl/wolfcrypt/port/arm/cryptoCell.h +++ b/source/libwolfssl/wolfcrypt/port/arm/cryptoCell.h @@ -1,6 +1,6 @@ /* cryptoCell.h * - * Copyright (C) 2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ extern "C" { #endif -#include +#include #include "sns_silib.h" diff --git a/source/libwolfssl/wolfcrypt/port/atmel/atmel.h b/source/libwolfssl/wolfcrypt/port/atmel/atmel.h index 273e1db8..950e9192 100644 --- a/source/libwolfssl/wolfcrypt/port/atmel/atmel.h +++ b/source/libwolfssl/wolfcrypt/port/atmel/atmel.h @@ -1,6 +1,6 @@ /* atmel.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,15 +24,13 @@ #include -#include -#include +#include +#include #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \ defined(WOLFSSL_ATECC_PKCB) - #undef SHA_BLOCK_SIZE - #define SHA_BLOCK_SIZE SHA_BLOCK_SIZE_REMAP - #include #undef SHA_BLOCK_SIZE + #include #endif /* ATECC508A/608A only supports ECC P-256 */ @@ -70,7 +68,7 @@ #endif /* ATECC_KEY_SIZE required for ecc.h */ -#include +#include struct WOLFSSL; struct WOLFSSL_CTX; @@ -121,7 +119,7 @@ int atmel_ecc_create_pms(int slotId, const uint8_t* peerKey, uint8_t* pms); int atmel_ecc_create_key(int slotId, byte* peerKey); int atmel_ecc_sign(int slotId, const byte* message, byte* signature); int atmel_ecc_verify(const byte* message, const byte* signature, - const byte* pubkey, int* verified); + const byte* pubkey, int* pVerified); #endif /* WOLFSSL_ATECC508A */ diff --git a/source/libwolfssl/wolfcrypt/port/caam/caam_driver.h b/source/libwolfssl/wolfcrypt/port/caam/caam_driver.h index cac1742c..8ab6cc34 100644 --- a/source/libwolfssl/wolfcrypt/port/caam/caam_driver.h +++ b/source/libwolfssl/wolfcrypt/port/caam/caam_driver.h @@ -1,6 +1,6 @@ /* caam_driver.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,11 +22,25 @@ #ifndef CAAM_DRIVER_H #define CAAM_DRIVER_H -#define CAAM_BASE 0xf2100000 +#if (defined(__QNX__) || defined(__QNXNTO__)) + int InitCAAM(void); + #include "caam_qnx.h" +#endif +#if (defined(__INTEGRITY) || defined(INTEGRITY)) + #define CAAM_BASE 0xf2100000 + #define CAAM_PAGE 0xf0100000 +#endif + -#define CAAM_PAGE 0xf0100000 #define CAAM_PAGE_MAX 6 +/* max size of 64 word32's */ +#define CAAM_DESC_MAX 256 + +#ifndef CAAM_JOBRING_SIZE +#define CAAM_JOBRING_SIZE 1 +#endif + /****************************************************************************** Basic Descriptors ****************************************************************************/ @@ -50,12 +64,16 @@ #define CAAM_HEAD 0xB0800000 #define CAAM_NWB 0x00200000 + /* PROTOCOL OPERATION command */ +#define CAAM_PROT_UNIDI 0 #define CAAM_BLOB_ENCAP 0x07000000 #define CAAM_BLOB_DECAP 0x06000000 +#define CAAM_PKHA_OP 0x01000000 + #define CAAM_OPID_BLOB 0x000D0000 /* algorithms modes and types */ -#define CAAM_CLASS1 0x02000000/* i.e. AES */ +#define CAAM_CLASS1 0x02000000/* i.e. AES, PKHA */ #define CAAM_CLASS2 0x04000000/* i.e. hash algos */ #define CAAM_ENC 0x00000001 @@ -90,6 +108,38 @@ #define CAAM_HMAC_SHA384 0x00440010 #define CAAM_HMAC_SHA512 0x00450010 +/* ECDSA ECDSEL (pre defined flags for ECDSA parameters i.e. order) */ +#define CAAM_ECDSEL_SHIFT 7 +#define CAAM_ECDSA_PD 0x00400000 +#define CAAM_ECDSA_KEYGEN_PD 0x02000000 +#define CAAM_ECDSA_P192 (0x00 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P224 (0x01 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P256 (0x02 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P384 (0x03 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P521 (0x04 << CAAM_ECDSEL_SHIFT) + +#define CAAM_ECDSA_BRAINPOOL_P256 (0x0B << CAAM_ECDSEL_SHIFT) + + /* PKHA Operation ID ECDSA */ +#define CAAM_ECDSA_KEYPAIR 0x00140000 +#define CAAM_ECDSA_SIGN 0x00150000 +#define CAAM_ECDSA_VERIFY 0x00160000 +#define CAAM_ECDSA_ECDH 0x00170000 + +#define CAAM_ECDSA_MESREP_HASHED (0x10 << 7) + + /* key encryption bit */ +#define CAAM_PKHA_ECC 0x00000002 +#define CAAM_PKHA_ENC_PRI_AESCBC 0x00000004 +#define CAAM_PKHA_ENC_PRI_AESCCM (0x00000010 | CAAM_PKHA_ENC_PRI_AESCBC) +#define CAAM_PKHA_NO_TIMING_RESISTANCE 0x40000000 +#define CAAM_LOAD_BLACK_KEY 0x500000 + + /* PKHA RSA */ +#define CAAM_OPID_RSA_ENCRYPT 0x00180000 +#define CAAM_OPID_RSA_DECRYPT 0x00190000 + + #define CAAM_MD5_CTXSZ (16 + 8) #define CAAM_SHA_CTXSZ (20 + 8) #define CAAM_SHA224_CTXSZ (32 + 8) @@ -117,71 +167,243 @@ #define CAAM_PAGE_SZ 4096 /* RNG Registers */ -#define CAAM_RTMCTL CAAM_BASE + 0X0600 -#define CAAM_RTSDCTL CAAM_BASE + 0X0610 -#define CAAM_RTFRQMIN CAAM_BASE + 0X0618 -#define CAAM_RTFRQMAX CAAM_BASE + 0X061C -#define CAAM_RDSTA CAAM_BASE + 0X06C0 -#define CAAM_RTSTATUS CAAM_BASE + 0x063C +#define CAAM_RTMCTL 0X0600 +#define CAAM_RTSDCTL 0X0610 +#define CAAM_RTFRQMIN 0X0618 +#define CAAM_RTFRQMAX 0X061C +#define CAAM_RDSTA 0X06C0 +#define CAAM_RTSTATUS 0x063C +#define CAAM_RDINT0 0x06D0 /* each of the following 11 RTENT registers are an offset of 4 from RTENT0 */ -#define CAAM_RTENT0 CAAM_BASE + 0x0640 -#define CAAM_RTENT11 CAAM_BASE + 0x066C /* Max RTENT register */ +#define CAAM_RTENT0 0x0640 +#define CAAM_RTENT11 0x066C /* Max RTENT register */ +#define CAAM_RTENT_MAX 0x067C /* RNG Masks/Values */ #ifndef CAAM_ENT_DLY - #define CAAM_ENT_DLY 1200 /* @TODO lower value may gain performance */ + /* Less than half the default value to try and increase entropy collection. + * Value is system clock cycles. */ + #define CAAM_ENT_DLY 1200 #endif +#ifndef CAAM_ENT_DLY_INCREMENT + #define CAAM_ENT_DLY_INCREMENT 500 +#endif +#ifndef CAAM_ENT_SAMPLE + /* default sample value from reference manual */ + #define CAAM_ENT_SAMPLE 0x09C4 +#endif +#ifndef CAAM_ENT_DLY_MAX + #define CAAM_ENT_DLY_MAX 12000 +#endif +#ifndef CAAM_ENT_MINSHIFT + /* default to the minimum entropy delay of 1/4 */ + #define CAAM_ENT_MINSHIFT 2 +#endif +#ifndef CAAM_ENT_MAXSHIFT + /* default to the maximum entropy delay of 16 times */ + #define CAAM_ENT_MAXSHIFT 4 +#endif + #define CAAM_PRGM 0x00010000 /* Set RTMCTL to program state */ #define CAAM_TRNG 0x00000020 /* Set TRNG access */ +#define CAAM_RTMCTL_RESET 0x40 /* TRNG reset to defaults */ #define CAAM_CTLERR 0x00001000 #define CAAM_ENTVAL 0x00000400 /* checking RTMCTL for entropy ready */ /* Input Job Ring Registers */ -#define CAAM_IRBAR0 CAAM_BASE + 0x1004 -#define CAAM_IRSR0 CAAM_BASE + 0x100C -#define CAAM_IRJAR0 CAAM_BASE + 0x101C +#define CAAM_IRBAR0 0x1004 + //0x1004 +#define CAAM_IRSR0 0x100C +#define CAAM_IRJAR0 0x101C + +#define CAAM_IRBAR2 0x3000 +#define CAAM_IRSR2 0x300C +#define CAAM_IRJAR2 0x301C +#define CAAM_IRSAR_JR2 0x3014 + + /* Output Job Ring Registers */ -#define CAAM_ORBAR0 CAAM_BASE + 0x1024 -#define CAAM_ORSR0 CAAM_BASE + 0x102C -#define CAAM_ORJAR0 CAAM_BASE + 0x103C +#define CAAM_ORBAR0 0x1024 + //0x1024 +#define CAAM_ORSR0 0x102C +#define CAAM_ORJAR0 0x103C +#define CAAM_ORBAR2 0x3024 + //0x1024 +#define CAAM_ORSR2 0x302C +#define CAAM_ORJAR2 0x303C + +#define JRCFGR_JR0_LS 0x1054 + /* Status Registers */ -#define CAAM_STATUS CAAM_BASE + 0x0FD4 -#define CAAM_VERSION_MS CAAM_BASE + 0x0FE8 -#define CAAM_VERSION_LS CAAM_BASE + 0x0FEC -#define CAMM_SUPPORT_MS CAAM_BASE + 0x0FF0 -#define CAMM_SUPPORT_LS CAAM_BASE + 0x0FF4 +#define CAAM_STATUS 0x0FD4 +#define CAAM_VERSION_MS 0x0FE8 +#define CAAM_VERSION_LS 0x0FEC +#define CAMM_SUPPORT_MS 0x0FF0 +#define CAMM_SUPPORT_LS 0x0FF4 +#define CAAM_SM_CMD 0x1BE4 +#define CAAM_SM_SMPO 0x1FBC +#define CAAM_SM_SMVID_MS 0x1FD8 +#define CAAM_SM_SMVID_LS 0x1FDC +#define CAAM_SM_STATUS 0x1BEC +#define CAAM_SM_CSP 0x00008000 +#define CAAM_SM_SMAP_LOCK 0x00002000 +#define CAAM_SM_SMAG_LOCK 0x00001000 +#define CAAM_SM_ALL_RW 0x000000FF -#define CAAM_C1DSR_LS CAAM_BASE + 0x8014 -#define CAAM_C1MR CAAM_BASE + 0x8004 +#define CAAM_C1DSR_LS 0x8014 +#define CAAM_C1MR 0x8004 /* output FIFO is 16 entries deep and each entry has a two 4 byte registers */ -#define CAAM_FIFOO_MS CAAM_BASE + 0x87F0 -#define CAAM_FIFOO_LS CAAM_BASE + 0x87F4 +#define CAAM_FIFOO_MS 0x87F0 +#define CAAM_FIFOO_LS 0x87F4 /* input FIFO is 16 entries deep with each entry having two 4 byte registers All data written to it from IP bus should be in big endian format */ -#define CAAM_FIFOI_LS CAAM_BASE + 0x87E0 +#define CAAM_FIFOI_LS 0x87E0 /* offset of 4 with range 0 .. 13 */ -#define CAAM_CTX1 CAAM_BASE + 0x8100 +#define CAAM_CTX1 0x8100 #define CAAM_CTRIV CAAM_CTX1 + 8 /* AES-CTR iv is in 2 and 3 */ #define CAAM_CBCIV CAAM_CTX1 /* AES-CBC iv is in 1 and 2 */ -/* instantiate RNG and create JDKEK, TDKEK, and TDSK key */ -static unsigned int wc_rng_start[] = { - CAAM_HEAD | 0x00000006, - CAAM_OP | CAAM_CLASS1 | CAAM_RNG | 0x00000004, /* Instantiate RNG handle 0 with TRNG */ - CAAM_JUMP | 0x02000001, /* wait for Class1 RNG and jump to next cmd */ - CAAM_LOAD | 0x00880004, /* Load to clear written register */ - 0x00000001, /* reset done interrupt */ - CAAM_OP | CAAM_CLASS1 | CAAM_RNG | 0x00001000 /* Generate secure keys */ + /* debugging registers */ +#define CAAM_DECORR 0x009C /* used to set DECO into debug mode */ +#define CAAM_DODJR 0x8E00 /* for hung operations */ +#define CAAM_DOJQCR_MS 0x8800 +#define CAAM_DOOPSTA_MS 0x8810 /* DECO operation status register */ +#define CAAM_DODAR 0x8808 /* address of current descriptor */ +#define CAAM_DODESB 0x8A00 /* 64 registers that hold the current descriptor buffer */ + + +#define JRINTR_JR0 0x104C +#define JRINTR_JR1 0x204C +#define JRINTR_JR2 0x304C + +#define CAAM_SINGLE_STEP_MODE 0x40000000 +#define CAAM_STEP 0x80000000 + +/* Port layer for CAAM driver, functions defined in caam_.c */ +unsigned int CAAM_READ(unsigned int reg); +void CAAM_WRITE(unsigned int reg, unsigned int in); +int CAAM_SET_BASEADDR(void); +void CAAM_UNSET_BASEADDR(void); +unsigned int CAAM_ADR_TO_PHYSICAL(void* in, int inSz); +void* CAAM_ADR_MAP(unsigned int in, int inSz, unsigned char copy); +void CAAM_ADR_UNMAP(void* vaddr, unsigned int out, int outSz, + unsigned char copy); +int CAAM_ADR_SYNC(void* vaddr, int sz); +CAAM_ADDRESS CAAM_ADR_TO_VIRTUAL(CAAM_ADDRESS in, int length); + +#ifndef WOLFSSL_CAAM_BUFFER +#define WOLFSSL_CAAM_BUFFER +typedef struct CAAM_BUFFER { + int BufferType; + CAAM_ADDRESS TheAddress; + int Length; +} CAAM_BUFFER; +#endif +unsigned int caamReadRegister(unsigned int reg); +void caamWriteRegister(unsigned int reg, unsigned int in); +int SynchronousSendRequest(int type, unsigned int args[4], CAAM_BUFFER *buf, int sz); +int CleanupCAAM(void); + + +/* Driver API that can be called by caam_.c port layers */ +typedef struct DESCSTRUCT DESCSTRUCT; + +int caamKeyCover(DESCSTRUCT *desc, int sz, unsigned int args[4]); +int caamTRNG(unsigned char *out, int outSz); +int caamECDSA_ECDH(DESCSTRUCT *desc, int sz, unsigned int args[4]); +int caamECDSASign(DESCSTRUCT *desc, int sz, unsigned int args[4]); +int caamECDSAVerify(DESCSTRUCT *desc, CAAM_BUFFER *buf, int sz, + unsigned int args[4]); +int caamECDSAMake(DESCSTRUCT *desc, CAAM_BUFFER *buf, unsigned int args[4]); + + +int caamAesCmac(DESCSTRUCT *desc, int sz, unsigned int args[4]); +int caamBlob(DESCSTRUCT *desc); + +CAAM_ADDRESS caamGetPartition(unsigned int part, int partSz, unsigned int flag); +int caamFreePart(unsigned int part); +int caamFindUnusuedPartition(void); + + + +void caamDescInit(DESCSTRUCT* desc, int type, unsigned int args[4], + CAAM_BUFFER* buf, int sz); + + +/* CAAM descriptor */ +#define DESC_COUNT 1 +#define MAX_BUF 20 +#define BUFFER_COUNT (MAX_BUF * DESC_COUNT) + +/* CAAM descriptors can only be 64 unsigned ints */ +#define MAX_DESC_SZ 64 + +/* 64 byte buffer for when data crosses a page boundary */ +#define ALIGN_BUF 16 + +/* MAX_CTX is 64 bytes (sha512 digest) + 8 bytes (CAAM length value) */ +#define MAX_CTX 18 + +#define MIN_READ_REG CAAM_BASE +#define MAX_READ_REG (CAAM_BASE + 0x00010000) + +struct buffer { + CAAM_ADDRESS data; + CAAM_ADDRESS dataSz; }; +struct DESCSTRUCT { +#if defined(__INTEGRITY) || defined(INTEGRITY) + struct IORequestStruct TheIORequest; +#endif + struct CAAM_DEVICE* caam; + struct buffer buf[MAX_BUF]; /* buffers holding data input address */ + unsigned int desc[MAX_DESC_SZ]; /* max size of 64 word32 */ + unsigned int aadSzBuf[4]; /* Formatted AAD size for CCM */ + unsigned int alignBuf[ALIGN_BUF]; /* 64 byte buffer for non page + align */ + unsigned int iv[MAX_CTX]; /* AES IV and also hash state */ + unsigned int ctxBuf[MAX_CTX]; /* key */ + CAAM_ADDRESS output; /* address to output buffer */ + CAAM_ADDRESS ctxOut; /* address to update buffer holding state */ + Value alignIdx;/* index for align buffer */ + Value idx; /* index for descriptor buffer */ + Value headIdx; /* for first portion of descriptor buffer */ + Value lastIdx; /* for last portion of descriptor buffer */ + Value outputIdx; /* idx to output buffer in "buf" */ + Value inputSz; /* size of input buffer */ + Value ctxSz; /* size of CTX/Key buffer */ + Value aadSz; /* AAD size for CCM */ + Value startIdx; /* for telling header where to start */ + Value lastFifo; + Value type; + Value state; + Value DescriptorCount; + Boolean running; /* True if building/running descriptor is + in process */ +}; + +/* wolfSSL specific flags */ +#define CAAM_FIND_PART 0xFFFFFFFF +#define CAAM_GET_PART 0xFFFFFFFE +#define CAAM_FREE_PART 0xFFFFFFFD +#define CAAM_READ_PART 0xFFFFFFFC +#define CAAM_WRITE_PART 0xFFFFFFFB + + +#define MAX_ECDSA_VERIFY_ADDR 8 +#define MAX_ECDSA_SIGN_ADDR 8 +#define BLACK_KEY_MAC_SZ 16 +#define BLACK_BLOB_KEYMOD_SZ 16 +#define RED_BLOB_KEYMOD_SZ 8 #endif /* CAAM_DRIVER_H */ diff --git a/source/libwolfssl/wolfcrypt/port/caam/wolfcaam.h b/source/libwolfssl/wolfcrypt/port/caam/wolfcaam.h index 159fec52..c306edea 100644 --- a/source/libwolfssl/wolfcrypt/port/caam/wolfcaam.h +++ b/source/libwolfssl/wolfcrypt/port/caam/wolfcaam.h @@ -1,6 +1,6 @@ /* wolfcaam.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,14 +22,21 @@ #ifndef WOLF_CRYPT_CAAM_INIT_H #define WOLF_CRYPT_CAAM_INIT_H -#include +#include +#include -#if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) +/* include for porting layer */ +#ifdef WOLFSSL_QNX_CAAM + #include +#endif + +#if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) || \ + defined(WOLFSSL_QNX_CAAM) -#include #if defined(__INTEGRITY) || defined(INTEGRITY) #include + typedef Buffer CAAM_BUFFER; #endif WOLFSSL_LOCAL int wc_caamInit(void); @@ -39,25 +46,107 @@ WOLFSSL_LOCAL int wc_caamFreeRng(void); WOLFSSL_LOCAL word32 wc_caamReadRegister(word32 reg); WOLFSSL_LOCAL void wc_caamWriteRegister(word32 reg, word32 value); -WOLFSSL_LOCAL int wc_caamAddAndWait(Buffer* buf, word32 arg[4], word32 type); +WOLFSSL_LOCAL int wc_caamAddAndWait(CAAM_BUFFER* buf, int sz, word32 arg[4], + word32 type); -WOLFSSL_API int wc_caamSetResource(IODevice ioDev); +WOLFSSL_LOCAL int caamFindUnusuedPartition(void); +WOLFSSL_LOCAL CAAM_ADDRESS caamGetPartition(int part, int sz); +WOLFSSL_LOCAL int caamFreePart(int partNum); +WOLFSSL_LOCAL int caamWriteToPartition(CAAM_ADDRESS addr, const unsigned char* in, int inSz); +WOLFSSL_LOCAL int caamReadPartition(CAAM_ADDRESS addr, unsigned char* out, int outSz); WOLFSSL_API int wc_caamOpenBlob(byte* data, word32 dataSz, byte* out, word32* outSz); WOLFSSL_API int wc_caamCreateBlob(byte* data, word32 dataSz, byte* out, word32* outSz); +WOLFSSL_API int wc_caamOpenBlob_ex(byte* data, word32 dataSz, byte* out, + word32* outSz, int type, byte* mod, word32 modSz); +WOLFSSL_API int wc_caamCreateBlob_ex(byte* data, word32 dataSz, byte* out, + word32* outSz, int type, byte* mod, word32 modSz); +WOLFSSL_API int wc_caamCoverKey(byte* in, word32 inSz, byte* out, word32* outSz, + int flag); + /* additional size that is added by CAAM when creating a blob */ #define WC_CAAM_BLOB_SZ 48 +#define WC_CAAM_MAC_SZ 16 +#define WC_CAAM_BLOB_RED 1 +#define WC_CAAM_BLOB_BLACK 2 +#define WC_CAAM_RED_KEYMOD_SZ 8 +#define WC_CAAM_BLACK_KEYMOD_SZ 16 +#define WC_CAAM_MAX_ENTROPY 44 -#ifndef WC_CAAM_READ - #define WC_CAAM_READ(reg) wc_caamReadRegister((reg)) -#endif -#ifndef WC_CAAM_WRITE - #define WC_CAAM_WRITE(reg, x) wc_caamWriteRegister((reg), (x)) +#ifndef WOLFSSL_QNX_CAAM + WOLFSSL_API int wc_caamSetResource(IODevice ioDev); + #ifndef WC_CAAM_READ + #define WC_CAAM_READ(reg) wc_caamReadRegister((reg)) + #endif + #ifndef WC_CAAM_WRITE + #define WC_CAAM_WRITE(reg, x) wc_caamWriteRegister((reg), (x)) + #endif #endif + +#define CAAM_AESCTR 0x00100000 +#define CAAM_AESCBC 0x00100100 +#define CAAM_AESECB 0x00100200 +#define CAAM_AESCFB 0x00100300 +#define CAAM_AESOFB 0x00100400 +#define CAAM_CMAC 0x00100600 +#define CAAM_AESCCM 0x00100800 + +#define CAAM_MD5 0x00400000 +#define CAAM_SHA 0x00410000 +#define CAAM_SHA224 0x00420000 +#define CAAM_SHA256 0x00430000 +#define CAAM_SHA384 0x00440000 +#define CAAM_SHA512 0x00450000 + +#define CAAM_HMAC_MD5 0x00400010 +#define CAAM_HMAC_SHA 0x00410010 +#define CAAM_HMAC_SHA224 0x00420010 +#define CAAM_HMAC_SHA256 0x00430010 +#define CAAM_HMAC_SHA384 0x00440010 +#define CAAM_HMAC_SHA512 0x00450010 + +#define CAAM_ECDSA_KEYPAIR 0x00140000 +#define CAAM_ECDSA_SIGN 0x00150000 +#define CAAM_ECDSA_VERIFY 0x00160000 +#define CAAM_ECDSA_ECDH 0x00170000 + +#define CAAM_BLOB_ENCAP 0x07000000 +#define CAAM_BLOB_DECAP 0x06000000 +#define CAAM_FIFO_S 0x60000000 +#define CAAM_FIFO_CCM_FLAG 0x00140000 + +#define CAAM_ENC 0x00000001 +#define CAAM_DEC 0x00000000 +#define CAAM_ALG_INIT 0x00000004 +#define CAAM_ALG_INITF 0x0000000C +#define CAAM_ALG_UPDATE 0x00000000 +#define CAAM_ALG_FINAL 0x00000008 + +/* ECDSA ECDSEL (pre defined flags for ECDSA parameters i.e. order) */ +#define CAAM_ECDSEL_SHIFT 7 +#define CAAM_ECDSA_PD 0x00400000 +#define CAAM_ECDSA_KEYGEN_PD 0x02000000 +#define CAAM_ECDSA_P192 (0x00 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P224 (0x01 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P256 (0x02 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P384 (0x03 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P521 (0x04 << CAAM_ECDSEL_SHIFT) + +#define CAAM_ECDSA_BRAINPOOL_P256 (0x0B << CAAM_ECDSEL_SHIFT) + +#define CAAM_ENTROPY 0x00500001 + +/* wolfSSL specific flags */ +#define CAAM_FIND_PART 0xFFFFFFFF +#define CAAM_GET_PART 0xFFFFFFFE +#define CAAM_FREE_PART 0xFFFFFFFD +#define CAAM_READ_PART 0xFFFFFFFC +#define CAAM_WRITE_PART 0xFFFFFFFB + #endif /* WOLFSSL_IMX6_CAAM */ #endif /* WOLF_CRYPT_CAAM_INIT_H */ diff --git a/source/libwolfssl/wolfcrypt/port/caam/wolfcaam_sha.h b/source/libwolfssl/wolfcrypt/port/caam/wolfcaam_sha.h index bf2b0d8d..88c3c9c3 100644 --- a/source/libwolfssl/wolfcrypt/port/caam/wolfcaam_sha.h +++ b/source/libwolfssl/wolfcrypt/port/caam/wolfcaam_sha.h @@ -1,6 +1,6 @@ /* wolfcaam_sha.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,11 +22,11 @@ #ifndef WOLF_CRYPT_CAAM_SHA_H #define WOLF_CRYPT_CAAM_SHA_H -#include +#include #ifdef WOLFSSL_IMX6_CAAM -#include +#include #define WOLFSSL_NO_HASH_RAW diff --git a/source/libwolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h b/source/libwolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h index f7914b8e..6a0d7604 100644 --- a/source/libwolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h +++ b/source/libwolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h @@ -1,8 +1,8 @@ /* cavium_octeon_sync.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * - * This file is part of wolfSSL. (formerly known as CyaSSL) + * This file is part of wolfSSL. * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ #ifndef _CAVIUM_OCTEON_SYNC_H_ diff --git a/source/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h b/source/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h index 0c7be377..d3e4a09e 100644 --- a/source/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h +++ b/source/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h @@ -1,6 +1,6 @@ /* psoc6_crypto.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,46 +22,26 @@ #ifndef _PSOC6_CRYPTO_PORT_H_ #define _PSOC6_CRYPTO_PORT_H_ -#include -#ifdef USE_FAST_MATH - #include -#elif defined WOLFSSL_SP_MATH - #include -#else - #include -#endif +#include #include "cy_crypto_core_sha.h" #include "cy_device_headers.h" #include "psoc6_02_config.h" #include "cy_crypto_common.h" #include "cy_crypto_core.h" -#ifdef WOLFSSL_SHA512 -typedef struct wc_Sha512 { - cy_stc_crypto_sha_state_t hash_state; - cy_en_crypto_sha_mode_t sha_mode; - cy_stc_crypto_v2_sha512_buffers_t sha_buffers; -} wc_Sha512; -#define WC_SHA512_TYPE_DEFINED -#include +#ifdef WOLFSSL_SHA512 +#include #endif #ifndef NO_SHA256 - -typedef struct wc_Sha256 { - cy_stc_crypto_sha_state_t hash_state; - cy_en_crypto_sha_mode_t sha_mode; - cy_stc_crypto_v2_sha256_buffers_t sha_buffers; -} wc_Sha256; - -#include -#include +#include +#include #endif /* !def NO_SHA256 */ #ifdef HAVE_ECC -#include +#include int psoc6_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, word32 hashlen, int* verif_res, ecc_key* key); #endif /* HAVE_ECC */ diff --git a/source/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h b/source/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h index 849f5ce9..0181784d 100644 --- a/source/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h +++ b/source/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h @@ -1,6 +1,6 @@ /* wc_devcrypto.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,7 +23,7 @@ #ifndef WOLFSSL_DEVCRYPTO_H #define WOLFSSL_DEVCRYPTO_H -#include +#include #ifdef WOLFSSL_DEVCRYPTO diff --git a/source/libwolfssl/wolfcrypt/port/intel/quickassist_sync.h b/source/libwolfssl/wolfcrypt/port/intel/quickassist_sync.h index 8eb9421f..f140f618 100644 --- a/source/libwolfssl/wolfcrypt/port/intel/quickassist_sync.h +++ b/source/libwolfssl/wolfcrypt/port/intel/quickassist_sync.h @@ -1,8 +1,8 @@ /* quickassist_sync.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * - * This file is part of wolfSSL. (formerly known as CyaSSL) + * This file is part of wolfSSL. * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ #ifndef _INTEL_QUICKASSIST_SYNC_H_ diff --git a/source/libwolfssl/wolfcrypt/port/nrf51.h b/source/libwolfssl/wolfcrypt/port/nrf51.h index 9c82099d..88996740 100644 --- a/source/libwolfssl/wolfcrypt/port/nrf51.h +++ b/source/libwolfssl/wolfcrypt/port/nrf51.h @@ -1,6 +1,6 @@ /* nrf51.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ extern "C" { #endif -#include +#include /* Public Functions */ int nrf51_random_generate(byte* output, word32 sz); diff --git a/source/libwolfssl/wolfcrypt/port/nxp/dcp_port.h b/source/libwolfssl/wolfcrypt/port/nxp/dcp_port.h index 87099da8..fb400ff9 100644 --- a/source/libwolfssl/wolfcrypt/port/nxp/dcp_port.h +++ b/source/libwolfssl/wolfcrypt/port/nxp/dcp_port.h @@ -1,6 +1,6 @@ /* dcp_port.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -21,24 +21,23 @@ #ifndef _DCP_PORT_H_ #define _DCP_PORT_H_ -#include -#ifdef USE_FAST_MATH - #include -#elif defined WOLFSSL_SP_MATH - #include -#else - #include +#include +#include "fsl_dcp.h" + +#ifndef NO_SHA256 +#include +void DCPSha256Free(wc_Sha256 *sha256); #endif -#include -#include -#include "fsl_device_registers.h" -#include "fsl_debug_console.h" -#include "fsl_dcp.h" +#ifndef NO_SHA +#include +void DCPShaFree(wc_Sha *sha); +#endif int wc_dcp_init(void); #ifndef NO_AES +#include int DCPAesInit(Aes* aes); void DCPAesFree(Aes *aes); @@ -53,25 +52,5 @@ int DCPAesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); int DCPAesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); #endif -#ifndef NO_SHA256 -typedef struct wc_Sha256_DCP { - dcp_handle_t handle; - dcp_hash_ctx_t ctx; -} wc_Sha256; -#define WC_SHA256_TYPE_DEFINED - -void DCPSha256Free(wc_Sha256 *sha256); - -#endif - -#ifndef NO_SHA -typedef struct wc_Sha_DCP { - dcp_handle_t handle; - dcp_hash_ctx_t ctx; -} wc_Sha; -#define WC_SHA_TYPE_DEFINED - -void DCPShaFree(wc_Sha *sha); -#endif #endif diff --git a/source/libwolfssl/wolfcrypt/port/nxp/ksdk_port.h b/source/libwolfssl/wolfcrypt/port/nxp/ksdk_port.h index 20dc8148..0c3e484a 100644 --- a/source/libwolfssl/wolfcrypt/port/nxp/ksdk_port.h +++ b/source/libwolfssl/wolfcrypt/port/nxp/ksdk_port.h @@ -1,6 +1,6 @@ /* ksdk_port.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,17 +22,17 @@ #ifndef _KSDK_PORT_H_ #define _KSDK_PORT_H_ -#include +#include #ifdef USE_FAST_MATH - #include + #include #elif defined WOLFSSL_SP_MATH - #include + #include #else - #include + #include #endif -#include -#include -#include +#include +#include +#include /* API to init required hardware */ @@ -46,6 +46,7 @@ int ksdk_port_init(void); int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c); int wolfcrypt_mp_invmod(mp_int *a, mp_int *b, mp_int *c); int wolfcrypt_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y); + int wolfcrypt_mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng); /* Exported mp_mulmod function */ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); diff --git a/source/libwolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h b/source/libwolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h index 1e1277ad..b5edceeb 100644 --- a/source/libwolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h +++ b/source/libwolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h @@ -1,6 +1,6 @@ /* pic32mz-crypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ extern "C" { #endif -#include +#include #ifdef WOLFSSL_MICROCHIP_PIC32MZ diff --git a/source/libwolfssl/wolfcrypt/port/st/stm32.h b/source/libwolfssl/wolfcrypt/port/st/stm32.h index f45d3e8b..0944472f 100644 --- a/source/libwolfssl/wolfcrypt/port/st/stm32.h +++ b/source/libwolfssl/wolfcrypt/port/st/stm32.h @@ -1,6 +1,6 @@ /* stm32.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,8 +25,8 @@ /* Generic STM32 Hashing and Crypto Functions */ /* Supports CubeMX HAL or Standard Peripheral Library */ -#include -#include +#include +#include #ifdef STM32_HASH diff --git a/source/libwolfssl/wolfcrypt/port/st/stsafe.h b/source/libwolfssl/wolfcrypt/port/st/stsafe.h index 16cd8f24..0809fcd3 100644 --- a/source/libwolfssl/wolfcrypt/port/st/stsafe.h +++ b/source/libwolfssl/wolfcrypt/port/st/stsafe.h @@ -1,6 +1,6 @@ /* stsafe.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,16 +22,16 @@ #ifndef _WOLFPORT_STSAFE_H_ #define _WOLFPORT_STSAFE_H_ -#include -#include -#include +#include +#include +#include #ifdef WOLF_CRYPTO_CB -#include +#include #endif #if !defined(WOLFCRYPT_ONLY) && defined(HAVE_PK_CALLBACKS) -#include +#include #endif #ifdef WOLFSSL_STSAFEA100 diff --git a/source/libwolfssl/wolfcrypt/port/ti/ti-ccm.h b/source/libwolfssl/wolfcrypt/port/ti/ti-ccm.h index a66bb61c..f14add29 100644 --- a/source/libwolfssl/wolfcrypt/port/ti/ti-ccm.h +++ b/source/libwolfssl/wolfcrypt/port/ti/ti-ccm.h @@ -1,6 +1,6 @@ /* port/ti/ti_ccm.c * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ #include #endif -#include +#include #if defined(WOLFSSL_TI_CRYPT) || defined(WOLFSSL_TI_HASH) diff --git a/source/libwolfssl/wolfcrypt/port/ti/ti-hash.h b/source/libwolfssl/wolfcrypt/port/ti/ti-hash.h index 8efdc5c0..93210186 100644 --- a/source/libwolfssl/wolfcrypt/port/ti/ti-hash.h +++ b/source/libwolfssl/wolfcrypt/port/ti/ti-hash.h @@ -1,6 +1,6 @@ /* port/ti/ti-hash.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,7 +23,7 @@ #ifndef WOLF_CRYPT_TI_HASH_H #define WOLF_CRYPT_TI_HASH_H -#include +#include #ifndef WOLFSSL_TI_INITBUFF #define WOLFSSL_TI_INITBUFF 64 diff --git a/source/libwolfssl/wolfcrypt/port/xilinx/xil-sha3.h b/source/libwolfssl/wolfcrypt/port/xilinx/xil-sha3.h index 47b46242..edaa4fa4 100644 --- a/source/libwolfssl/wolfcrypt/port/xilinx/xil-sha3.h +++ b/source/libwolfssl/wolfcrypt/port/xilinx/xil-sha3.h @@ -1,6 +1,6 @@ /* xil-sha3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libwolfssl/wolfcrypt/pwdbased.h b/source/libwolfssl/wolfcrypt/pwdbased.h index 6eb4a0f0..3705e672 100644 --- a/source/libwolfssl/wolfcrypt/pwdbased.h +++ b/source/libwolfssl/wolfcrypt/pwdbased.h @@ -1,6 +1,6 @@ /* pwdbased.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,7 +26,7 @@ #ifndef WOLF_CRYPT_PWDBASED_H #define WOLF_CRYPT_PWDBASED_H -#include +#include #ifndef NO_PWDBASED diff --git a/source/libwolfssl/wolfcrypt/rabbit.h b/source/libwolfssl/wolfcrypt/rabbit.h index c4d4475b..757945b0 100644 --- a/source/libwolfssl/wolfcrypt/rabbit.h +++ b/source/libwolfssl/wolfcrypt/rabbit.h @@ -1,6 +1,6 @@ /* rabbit.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ #ifndef WOLF_CRYPT_RABBIT_H #define WOLF_CRYPT_RABBIT_H -#include +#include #ifndef NO_RABBIT diff --git a/source/libwolfssl/wolfcrypt/random.h b/source/libwolfssl/wolfcrypt/random.h index 6e1f7e8d..4315b52b 100644 --- a/source/libwolfssl/wolfcrypt/random.h +++ b/source/libwolfssl/wolfcrypt/random.h @@ -1,6 +1,6 @@ /* random.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -220,12 +220,17 @@ WOLFSSL_ABI WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz); WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*); WOLFSSL_API int wc_FreeRng(WC_RNG*); #else -#include +#include #define wc_InitRng(rng) NOT_COMPILED_IN #define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN #define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN #define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN +#if defined(__ghs__) || defined(WC_NO_RNG_SIMPLE) +/* some older compilers do not like macro function in expression */ +#define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN +#else #define wc_RNG_GenerateBlock(rng, b, s) ({(void)rng; (void)b; (void)s; NOT_COMPILED_IN;}) +#endif #define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN #define wc_FreeRng(rng) (void)NOT_COMPILED_IN #endif diff --git a/source/libwolfssl/wolfcrypt/ripemd.h b/source/libwolfssl/wolfcrypt/ripemd.h index 6ea81651..170e5085 100644 --- a/source/libwolfssl/wolfcrypt/ripemd.h +++ b/source/libwolfssl/wolfcrypt/ripemd.h @@ -1,6 +1,6 @@ /* ripemd.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,7 +26,7 @@ #ifndef WOLF_CRYPT_RIPEMD_H #define WOLF_CRYPT_RIPEMD_H -#include +#include #ifdef WOLFSSL_RIPEMD diff --git a/source/libwolfssl/wolfcrypt/rsa.h b/source/libwolfssl/wolfcrypt/rsa.h index ea5dafb8..8dad0f26 100644 --- a/source/libwolfssl/wolfcrypt/rsa.h +++ b/source/libwolfssl/wolfcrypt/rsa.h @@ -1,6 +1,6 @@ /* rsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -33,7 +33,7 @@ RSA keys can be used to encrypt, decrypt, sign and verify data. #ifndef WOLF_CRYPT_RSA_H #define WOLF_CRYPT_RSA_H -#include +#include #ifndef NO_RSA @@ -71,42 +71,45 @@ RSA keys can be used to encrypt, decrypt, sign and verify data. #define WOLFSSL_KEY_GEN #endif #else - #include - #include + #include + #include #endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */ #if defined(HAVE_FIPS) && \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) -#include +#include #endif /* header file needed for OAEP padding */ -#include +#include #ifdef WOLFSSL_XILINX_CRYPT #include "xsecure_rsa.h" #endif #if defined(WOLFSSL_CRYPTOCELL) - #include + #include #endif #ifdef __cplusplus extern "C" { #endif -enum { - RSA_MIN_SIZE = 512, - RSA_MAX_SIZE = 4096, -}; +#ifndef RSA_MIN_SIZE +#define RSA_MIN_SIZE 512 +#endif + +#ifndef RSA_MAX_SIZE +#define RSA_MAX_SIZE 4096 +#endif /* avoid redefinition of structs */ #if !defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #ifdef WOLFSSL_CERT_GEN - #include + #include #endif #endif @@ -141,8 +144,9 @@ enum { RSA_PSS_SALT_LEN_DISCOVER = -2, #endif -#ifdef HAVE_PKCS11 +#ifdef WOLF_CRYPTO_CB RSA_MAX_ID_LEN = 32, + RSA_MAX_LABEL_LEN = 32, #endif }; @@ -184,9 +188,11 @@ struct RsaKey { byte* mod; XSecure_Rsa xRsa; #endif -#ifdef HAVE_PKCS11 +#ifdef WOLF_CRYPTO_CB byte id[RSA_MAX_ID_LEN]; int idLen; + char label[RSA_MAX_LABEL_LEN]; + int labelLen; #endif #if defined(WOLFSSL_ASYNC_CRYPT) || !defined(WOLFSSL_RSA_VERIFY_INLINE) byte dataIsAlloc; @@ -213,9 +219,11 @@ struct RsaKey { WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); -#ifdef HAVE_PKCS11 +#ifdef WOLF_CRYPTO_CB WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap, int devId); +WOLFSSL_API int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap, + int devId); #endif WOLFSSL_API int wc_CheckRsaKey(RsaKey* key); #ifdef WOLFSSL_XILINX_CRYPT @@ -246,6 +254,9 @@ WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen, RsaKey* key); WOLFSSL_API int wc_RsaSSL_Verify_ex(const byte* in, word32 inLen, byte* out, word32 outLen, RsaKey* key, int pad_type); +WOLFSSL_API int wc_RsaSSL_Verify_ex2(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key, int pad_type, + enum wc_HashType hash); WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out, enum wc_HashType hash, int mgf, RsaKey* key); @@ -275,7 +286,7 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen, enum wc_HashType hash, int mgf, RsaKey* key); -WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key); +WOLFSSL_API int wc_RsaEncryptSize(const RsaKey* key); #if !defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) @@ -286,7 +297,7 @@ WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32); WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e, word32 eSz, RsaKey* key); -#ifdef WOLFSSL_KEY_GEN +#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen); #endif @@ -367,6 +378,8 @@ WOLFSSL_LOCAL int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** ou int mgf, byte* optLabel, word32 labelLen, int saltLen, int bits, void* heap); +WOLFSSL_LOCAL int wc_hash2mgf(enum wc_HashType hType); + #endif /* HAVE_USER_RSA */ #ifdef __cplusplus diff --git a/source/libwolfssl/wolfcrypt/selftest.h b/source/libwolfssl/wolfcrypt/selftest.h index 91aa0349..da97d0d4 100644 --- a/source/libwolfssl/wolfcrypt/selftest.h +++ b/source/libwolfssl/wolfcrypt/selftest.h @@ -1,6 +1,6 @@ /* selftest.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,7 +24,7 @@ #ifndef WOLFCRYPT_SELF_TEST_H #define WOLFCRYPT_SELF_TEST_H -#include +#include #ifdef __cplusplus diff --git a/source/libwolfssl/wolfcrypt/settings.h b/source/libwolfssl/wolfcrypt/settings.h index a305cec7..b22343d7 100644 --- a/source/libwolfssl/wolfcrypt/settings.h +++ b/source/libwolfssl/wolfcrypt/settings.h @@ -1,6 +1,6 @@ /* settings.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -35,7 +35,7 @@ * projects do it themselves. This should *NEVER* be defined when building * wolfSSL as it can cause hard to debug problems. */ #ifdef EXTERNAL_OPTS_OPENVPN -#include +#include #endif /* Uncomment next line if using IPHONE */ @@ -218,6 +218,11 @@ /* Uncomment next line if building for Linux Kernel Module */ /* #define WOLFSSL_LINUXKM */ +/* Uncomment next line if building for devkitPro */ +/* #define DEVKITPRO */ + +/* Uncomment next line if building for Dolphin Emulator */ +/* #define DOLPHIN_EMULATOR */ #include @@ -225,10 +230,9 @@ #include "user_settings.h" #elif defined(USE_HAL_DRIVER) && !defined(HAVE_CONFIG_H) /* STM Configuration File (generated by CubeMX) */ - #include "wolfSSL.wolfSSL_conf.h" + #include "wolfSSL.I-CUBE-wolfSSL_conf.h" #endif - /* make sure old RNG name is used with CTaoCrypt FIPS */ #ifdef HAVE_FIPS #if !defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2) @@ -358,12 +362,13 @@ #define NO_FILESYSTEM #define USE_FAST_MATH #define TFM_TIMING_RESISTANT - #define WOLFSSL_HAVE_MIN - #define WOLFSSL_HAVE_MAX #define NO_BIG_INT #endif #ifdef WOLFSSL_MICROCHIP_PIC32MZ + #define WOLFSSL_HAVE_MIN + #define WOLFSSL_HAVE_MAX + #ifndef NO_PIC32MZ_CRYPT #define WOLFSSL_PIC32MZ_CRYPT #endif @@ -678,17 +683,17 @@ extern void uITRON4_free(void *p) ; /* static char* gets(char *buff); */ static char* fgets(char *buff, int sz, XFILE fp) { - char * p = buff; - *p = '\0'; + char * s = buff; + *s = '\0'; while (1) { - *p = tm_getchar(-1); - tm_putchar(*p); - if (*p == '\r') { + *s = tm_getchar(-1); + tm_putchar(*s); + if (*s == '\r') { tm_putchar('\n'); - *p = '\0'; + *s = '\0'; break; } - p++; + s++; } return buff; } @@ -721,18 +726,20 @@ extern void uITRON4_free(void *p) ; !defined(WOLFSSL_STATIC_MEMORY) #define XMALLOC(s, h, type) pvPortMalloc((s)) #define XFREE(p, h, type) vPortFree((p)) - #endif - /* FreeRTOS pvPortRealloc() implementation can be found here: - https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ - #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || defined(HAVE_ED448) - #if defined(WOLFSSL_ESPIDF) - /*In IDF, realloc(p, n) is equivalent to - heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */ - #define XREALLOC(p, n, h, t) realloc((p), (n)) - #else - #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) + /* FreeRTOS pvPortRealloc() implementation can be found here: + https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ + #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \ + defined(HAVE_ED448) + #if defined(WOLFSSL_ESPIDF) + /*In IDF, realloc(p, n) is equivalent to + heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */ + #define XREALLOC(p, n, h, t) realloc((p), (n)) + #else + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) + #endif #endif #endif + #ifndef NO_WRITEV #define NO_WRITEV #endif @@ -910,11 +917,13 @@ extern void uITRON4_free(void *p) ; !defined(WOLFSSL_STATIC_MEMORY) #define XMALLOC(s, h, type) pvPortMalloc((s)) #define XFREE(p, h, type) vPortFree((p)) - #endif - /* FreeRTOS pvPortRealloc() implementation can be found here: - https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ - #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || defined(HAVE_ED448) - #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) + + /* FreeRTOS pvPortRealloc() implementation can be found here: + https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ + #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \ + defined(HAVE_ED448) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) + #endif #endif #endif @@ -1070,7 +1079,9 @@ extern void uITRON4_free(void *p) ; #define ECC_TIMING_RESISTANT #undef HAVE_ECC + #ifndef WOLFCRYPT_FIPS_RAND #define HAVE_ECC + #endif #ifndef NO_AES #undef HAVE_AESCCM #define HAVE_AESCCM @@ -1165,13 +1176,18 @@ extern void uITRON4_free(void *p) ; #endif #if defined(FSL_FEATURE_LTC_HAS_PKHA) && FSL_FEATURE_LTC_HAS_PKHA + #ifndef WOLFCRYPT_FIPS_RAND #define FREESCALE_LTC_ECC + #endif #define FREESCALE_LTC_TFM /* the LTC PKHA hardware limit is 2048 bits (256 bytes) for integer arithmetic. the LTC_MAX_INT_BYTES defines the size of local variables that hold big integers. */ - #ifndef LTC_MAX_INT_BYTES - #define LTC_MAX_INT_BYTES (256) + /* size is multiplication of 2 big ints */ + #if !defined(NO_RSA) || !defined(NO_DH) + #define LTC_MAX_INT_BYTES (256*2) + #else + #define LTC_MAX_INT_BYTES (48*2) #endif /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined. @@ -1215,6 +1231,8 @@ extern void uITRON4_free(void *p) ; #define USE_CERT_BUFFERS_4096 #undef FP_MAX_BITS #define FP_MAX_BITS (8192) + #undef SP_INT_BITS + #define SP_INT_BITS (4096) #undef NO_DH #define NO_DH @@ -1230,7 +1248,8 @@ extern void uITRON4_free(void *p) ; #if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \ defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \ defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \ - defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7) + defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7) || \ + defined(WOLFSSL_STM32G0) #define SIZEOF_LONG_LONG 8 #ifndef CHAR_BIT @@ -1283,6 +1302,8 @@ extern void uITRON4_free(void *p) ; #include "stm32h7xx_hal.h" #elif defined(WOLFSSL_STM32WB) #include "stm32wbxx_hal.h" + #elif defined(WOLFSSL_STM32G0) + #include "stm32g0xx_hal.h" #endif #if defined(WOLFSSL_CUBEMX_USE_LL) && defined(WOLFSSL_STM32L4) #include "stm32l4xx_ll_rng.h" @@ -1333,7 +1354,8 @@ extern void uITRON4_free(void *p) ; #endif #endif /* WOLFSSL_STM32_CUBEMX */ #endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || - WOLFSSL_STM32L5 || WOLFSSL_STM32F7 || WOLFSSL_STMWB || WOLFSSL_STM32H7 */ + WOLFSSL_STM32L5 || WOLFSSL_STM32F7 || WOLFSSL_STMWB || + WOLFSSL_STM32H7 || WOLFSSL_STM32G0 */ #ifdef WOLFSSL_DEOS #include #include @@ -1365,7 +1387,6 @@ extern void uITRON4_free(void *p) ; #define WC_RSA_BLINDING #define HAVE_ECC - #define ALT_ECC_SIZE #define TFM_ECC192 #define TFM_ECC224 #define TFM_ECC256 @@ -1387,11 +1408,18 @@ extern void uITRON4_free(void *p) ; #ifdef MICRIUM #include #include - #include - #include - #include + #if defined(RTOS_MODULE_NET_AVAIL) || (APP_CFG_TCPIP_EN == DEF_ENABLED) + #include + #include + #if (OS_VERSION < 50000) + #include + #endif + #endif #include #include + #include + #include + #include #define USE_FAST_MATH #define TFM_TIMING_RESISTANT @@ -1415,7 +1443,7 @@ extern void uITRON4_free(void *p) ; #define NO_WOLFSSL_DIR #define NO_WRITEV - #ifndef CUSTOM_RAND_GENERATE + #if ! defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(CUSTOM_RAND_GENERATE) #define CUSTOM_RAND_TYPE RAND_NBR #define CUSTOM_RAND_GENERATE Math_Rand #endif @@ -1445,10 +1473,25 @@ extern void uITRON4_free(void *p) ; (CPU_SIZE_T)(size))) #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ (void *)(psrc), (CPU_SIZE_T)(size))) - #define XMEMCMP(pmem_1, pmem_2, size) \ - (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \ - (void *)(pmem_2), \ + + #if (OS_VERSION < 50000) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \ + (void *)(pmem_2), \ (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #else + /* Work around for Micrium OS version 5.8 change in behavior + * that returns DEF_NO for 0 size compare + */ + #define XMEMCMP(pmem_1, pmem_2, size) \ + (( (size < 1 ) || \ + ((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \ + (void *)(pmem_2), \ + (CPU_SIZE_T)(size)) == DEF_YES)) \ + ? 0 : 1) + #define XSNPRINTF snprintf + #endif + #define XMEMMOVE XMEMCPY #if (OS_CFG_MUTEX_EN == DEF_DISABLED) @@ -1582,12 +1625,11 @@ extern void uITRON4_free(void *p) ; #ifdef WOLFSSL_ZEPHYR #include - #include - #include + #include + #include #include #define WOLFSSL_DH_CONST - #define WOLFSSL_HAVE_MIN #define WOLFSSL_HAVE_MAX #define NO_WRITEV @@ -1599,7 +1641,9 @@ extern void uITRON4_free(void *p) ; void *z_realloc(void *ptr, size_t size); #define realloc z_realloc + #ifndef CONFIG_NET_SOCKETS_POSIX_NAMES #define CONFIG_NET_SOCKETS_POSIX_NAMES + #endif #endif #ifdef WOLFSSL_IMX6 @@ -1620,6 +1664,10 @@ extern void uITRON4_free(void *p) ; /* large performance gain with HAVE_AES_ECB defined */ #undef HAVE_AES_ECB #define HAVE_AES_ECB + + //@TODO used for now until plugging in caam aes use with qnx + #undef WOLFSSL_AES_DIRECT + #define WOLFSSL_AES_DIRECT #endif #endif @@ -1746,10 +1794,27 @@ extern void uITRON4_free(void *p) ; #endif #endif +/* The minimum allowed ECC key size */ +/* Note: 224-bits is equivelant to 2048-bit RSA */ +#ifndef ECC_MIN_KEY_SZ + #ifdef WOLFSSL_MIN_ECC_BITS + #define ECC_MIN_KEY_SZ WOLFSSL_MIN_ECC_BITS + #else + #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2 + /* FIPSv2 and ready (for now) includes 192-bit support */ + #define ECC_MIN_KEY_SZ 192 + #else + #define ECC_MIN_KEY_SZ 224 + #endif + #endif +#endif + /* ECC Configs */ #ifdef HAVE_ECC /* By default enable Sign, Verify, DHE, Key Import and Key Export unless explicitly disabled */ - #ifndef NO_ECC_SIGN + #if !defined(NO_ECC_SIGN) && \ + (!defined(ECC_TIMING_RESISTANT) || \ + (defined(ECC_TIMING_RESISTANT) && !defined(WC_NO_RNG))) #undef HAVE_ECC_SIGN #define HAVE_ECC_SIGN #endif @@ -1761,7 +1826,7 @@ extern void uITRON4_free(void *p) ; #undef HAVE_ECC_CHECK_KEY #define HAVE_ECC_CHECK_KEY #endif - #ifndef NO_ECC_DHE + #if !defined(NO_ECC_DHE) && !defined(WC_NO_RNG) #undef HAVE_ECC_DHE #define HAVE_ECC_DHE #endif @@ -1802,6 +1867,10 @@ extern void uITRON4_free(void *p) ; #ifndef NO_ED25519_VERIFY #undef HAVE_ED25519_VERIFY #define HAVE_ED25519_VERIFY + #ifdef WOLFSSL_ED25519_STREAMING_VERIFY + #undef WOLFSSL_ED25519_PERSISTENT_SHA + #define WOLFSSL_ED25519_PERSISTENT_SHA + #endif #endif #ifndef NO_ED25519_KEY_EXPORT #undef HAVE_ED25519_KEY_EXPORT @@ -1840,6 +1909,10 @@ extern void uITRON4_free(void *p) ; #ifndef NO_ED448_VERIFY #undef HAVE_ED448_VERIFY #define HAVE_ED448_VERIFY + #ifdef WOLFSSL_ED448_STREAMING_VERIFY + #undef WOLFSSL_ED448_PERSISTENT_SHA + #define WOLFSSL_ED448_PERSISTENT_SHA + #endif #endif #ifndef NO_ED448_KEY_EXPORT #undef HAVE_ED448_KEY_EXPORT @@ -1929,9 +2002,14 @@ extern void uITRON4_free(void *p) ; #error "FFDHE parameters are too large for FP_MAX_BIT as set" #endif #endif +#if defined(HAVE_FFDHE) && defined(SP_INT_BITS) + #if MIN_FFDHE_FP_MAX_BITS > SP_INT_BITS * 2 + #error "FFDHE parameters are too large for SP_INT_BIT as set" + #endif +#endif /* if desktop type system and fastmath increase default max bits */ -#ifdef WOLFSSL_X86_64_BUILD +#if defined(WOLFSSL_X86_64_BUILD) || defined(WOLFSSL_AARCH64_BUILD) #if defined(USE_FAST_MATH) && !defined(FP_MAX_BITS) #if MIN_FFDHE_FP_MAX_BITS <= 8192 #define FP_MAX_BITS 8192 @@ -1939,6 +2017,13 @@ extern void uITRON4_free(void *p) ; #define FP_MAX_BITS MIN_FFDHE_FP_MAX_BITS #endif #endif + #if defined(WOLFSSL_SP_MATH_ALL) && !defined(SP_INT_BITS) + #if MIN_FFDHE_FP_MAX_BITS <= 8192 + #define SP_INT_BITS 4096 + #else + #define PS_INT_BITS MIN_FFDHE_FP_MAX_BITS / 2 + #endif + #endif #endif /* If using the max strength build, ensure OLD TLS is disabled. */ @@ -2035,8 +2120,9 @@ extern void uITRON4_free(void *p) ; #if defined(HAVE_IO_POOL) || defined(XMALLOC_USER) || defined(NO_WOLFSSL_MEMORY) #error static memory cannot be used with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY #endif - #if !defined(USE_FAST_MATH) && !defined(NO_BIG_INT) - #error static memory requires fast math please define USE_FAST_MATH + #if !defined(WOLFSSL_SP_NO_MALLOC) && \ + !defined(USE_FAST_MATH) && !defined(NO_BIG_INT) + #error The static memory option is only supported for fast math or SP with no malloc #endif #ifdef WOLFSSL_SMALL_STACK #error static memory does not support small stack please undefine @@ -2118,12 +2204,15 @@ extern void uITRON4_free(void *p) ; #ifndef USE_WOLF_STRTOK #define USE_WOLF_STRTOK #endif - #ifndef WOLFSSL_SP_MOD_WORD_RP - #define WOLFSSL_SP_MOD_WORD_RP + #ifndef WOLFSSL_SP_DIV_WORD_HALF + #define WOLFSSL_SP_DIV_WORD_HALF #endif #ifndef WOLFSSL_OLD_PRIME_CHECK #define WOLFSSL_OLD_PRIME_CHECK #endif + #ifndef WOLFSSL_TEST_SUBROUTINE + #define WOLFSSL_TEST_SUBROUTINE static + #endif #undef HAVE_STRINGS_H #undef HAVE_ERRNO_H #undef HAVE_THREAD_LS @@ -2138,12 +2227,6 @@ extern void uITRON4_free(void *p) ; #ifndef WOLFSSL_SP_DIV_WORD_HALF #define WOLFSSL_SP_DIV_WORD_HALF #endif - #ifndef SP_HALF_SIZE - #define SP_HALF_SIZE 32 - #endif - #ifndef SP_HALF_MAX - #define SP_HALF_MAX 4294967295U - #endif #endif @@ -2154,18 +2237,23 @@ extern void uITRON4_free(void *p) ; #undef HAVE_GMTIME_R /* don't trust macro with windows */ #endif /* WOLFSSL_MYSQL_COMPATIBLE */ -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ + || defined(HAVE_LIGHTY) #define SSL_OP_NO_COMPRESSION SSL_OP_NO_COMPRESSION #define OPENSSL_NO_ENGINE #define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT #ifndef OPENSSL_EXTRA #define OPENSSL_EXTRA #endif - #ifndef HAVE_SESSION_TICKET + /* Session Tickets will be enabled when --enable-opensslall is used. + * Time is required for ticket expiration checking */ + #if !defined(HAVE_SESSION_TICKET) && !defined(NO_ASN_TIME) #define HAVE_SESSION_TICKET #endif + /* OCSP will be enabled in configure.ac when --enable-opensslall is used, + * but do not force all users to have it enabled. */ #ifndef HAVE_OCSP - #define HAVE_OCSP + /*#define HAVE_OCSP*/ #endif #ifndef KEEP_OUR_CERT #define KEEP_OUR_CERT @@ -2175,21 +2263,21 @@ extern void uITRON4_free(void *p) ; #endif #endif -#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_QT) || defined(OPENSSL_ALL) +#ifdef HAVE_SNI #define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 #endif /* both CURVE and ED small math should be enabled */ #ifdef CURVED25519_SMALL - #define CURVE25519_SMALL - #define ED25519_SMALL + #define CURVE25519_SMALL + #define ED25519_SMALL #endif /* both CURVE and ED small math should be enabled */ #ifdef CURVED448_SMALL - #define CURVE448_SMALL - #define ED448_SMALL + #define CURVE448_SMALL + #define ED448_SMALL #endif @@ -2214,9 +2302,14 @@ extern void uITRON4_free(void *p) ; #if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA) /* added to have compatibility with SHA256() */ - #if !defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) + #if !defined(NO_OLD_SHA_NAMES) && (!defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) #define NO_OLD_SHA_NAMES #endif + #if !defined(NO_OLD_MD5_NAME) && (!defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) + #define NO_OLD_MD5_NAME + #endif #endif /* switch for compatibility layer functionality. Has subparts i.e. BIO/X509 @@ -2242,23 +2335,29 @@ extern void uITRON4_free(void *p) ; #endif /* support for disabling PEM to DER */ -#if !defined(WOLFSSL_NO_PEM) +#if !defined(WOLFSSL_NO_PEM) && !defined(NO_CODING) #undef WOLFSSL_PEM_TO_DER #define WOLFSSL_PEM_TO_DER #endif /* Parts of the openssl compatibility layer require peer certs */ -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ + || defined(HAVE_LIGHTY) #undef KEEP_PEER_CERT #define KEEP_PEER_CERT #endif -/* RAW hash function APIs are not implemented with ARMv8 hardware acceleration*/ -#ifdef WOLFSSL_ARMASM +/* RAW hash function APIs are not implemented */ +#if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_AFALG_HASH) #undef WOLFSSL_NO_HASH_RAW #define WOLFSSL_NO_HASH_RAW #endif +/* XChacha not implemented with ARM assembly ChaCha */ +#if defined(WOLFSSL_ARMASM) + #undef HAVE_XCHACHA +#endif + #if !defined(WOLFSSL_SHA384) && !defined(WOLFSSL_SHA512) && defined(NO_AES) && \ !defined(WOLFSSL_SHA3) #undef WOLFSSL_NO_WORD64_OPS @@ -2297,7 +2396,8 @@ extern void uITRON4_free(void *p) ; #if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(WOLFSSL_SHA384) && \ !defined(WOLFSSL_SHA512) && defined(WC_NO_RNG) && \ - defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_RSA_PUBLIC_ONLY) + (defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \ + defined(WOLFSSL_RSA_PUBLIC_ONLY) #undef WOLFSSL_NO_FORCE_ZERO #define WOLFSSL_NO_FORCE_ZERO #endif @@ -2316,13 +2416,22 @@ extern void uITRON4_free(void *p) ; #endif #if defined(HAVE_EX_DATA) || defined(FORTRESS) + #ifndef MAX_EX_DATA #define MAX_EX_DATA 5 /* allow for five items of ex_data */ + #endif #endif #ifdef NO_WOLFSSL_SMALL_STACK #undef WOLFSSL_SMALL_STACK #endif +#ifdef WOLFSSL_SMALL_STACK_STATIC + #undef WOLFSSL_SMALL_STACK_STATIC + #define WOLFSSL_SMALL_STACK_STATIC static +#else + #define WOLFSSL_SMALL_STACK_STATIC +#endif + /* The client session cache requires time for timeout */ #if defined(NO_ASN_TIME) && !defined(NO_SESSION_CACHE) #define NO_SESSION_CACHE @@ -2350,6 +2459,60 @@ extern void uITRON4_free(void *p) ; #define NO_STRICT_ECDSA_LEN #endif +/* Do not allow using small stack with no malloc */ +#if defined(WOLFSSL_NO_MALLOC) && \ + (defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_SMALL_STACK_CACHE)) + #error Small stack cannot be used with no malloc (WOLFSSL_NO_MALLOC) +#endif + +/* Enable DH Extra for QT, openssl all, openssh and static ephemeral */ +/* Allows export/import of DH key and params as DER */ +#if !defined(NO_DH) && !defined(WOLFSSL_DH_EXTRA) && \ + (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \ + defined(WOLFSSL_STATIC_EPHEMERAL)) + #define WOLFSSL_DH_EXTRA +#endif + +/* DH Extra is not supported on FIPS v1 or v2 (is missing DhKey .pub/.priv) */ +#if defined(WOLFSSL_DH_EXTRA) && defined(HAVE_FIPS) && \ + (!defined(HAVE_FIPS_VERSION) || HAVE_FIPS_VERSION <= 2) + #undef WOLFSSL_DH_EXTRA +#endif + +/* Check for insecure build combination: + * secure renegotiation [enabled] + * extended master secret [disabled] + * session resumption [enabled] + */ +#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(HAVE_EXTENDED_MASTER) && \ + (defined(HAVE_SESSION_TICKET) || !defined(NO_SESSION_CACHE)) + /* secure renegotiation requires extended master secret with resumption */ + #ifndef _MSC_VER + #warning Extended master secret must be enabled with secure renegotiation and session resumption + #else + #pragma message("Warning: Extended master secret must be enabled with secure renegotiation and session resumption") + #endif + + /* Note: "--enable-renegotiation-indication" ("HAVE_RENEGOTIATION_INDICATION") + * only sends the secure renegotiation extension, but is not actually supported. + * This was added because some TLS peers required it even if not used, so we call + * this "(FAKE Secure Renegotiation)" + */ +#endif + + +/* --------------------------------------------------------------------------- + * Depricated Algorithm Handling + * Unless allowed via a build macro, disable support + * ---------------------------------------------------------------------------*/ + +/* RC4: Per RFC7465 Feb 2015, the cipher suite has been deprecated due to a + * number of exploits capable of decrypting portions of encrypted messages. */ +#ifndef WOLFSSL_ALLOW_RC4 + #undef NO_RC4 + #define NO_RC4 +#endif + #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libwolfssl/wolfcrypt/sha.h b/source/libwolfssl/wolfcrypt/sha.h index 61267b63..0df25749 100644 --- a/source/libwolfssl/wolfcrypt/sha.h +++ b/source/libwolfssl/wolfcrypt/sha.h @@ -1,6 +1,6 @@ /* sha.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,13 +27,13 @@ #ifndef WOLF_CRYPT_SHA_H #define WOLF_CRYPT_SHA_H -#include +#include #ifndef NO_SHA #if defined(HAVE_FIPS) && \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - #include + #include #endif /* HAVE_FIPS_VERSION >= 2 */ #if defined(HAVE_FIPS) && \ @@ -52,6 +52,10 @@ #include "fsl_ltc.h" #endif +#ifdef WOLFSSL_IMXRT_DCP + #include "fsl_dcp.h" +#endif + #ifdef __cplusplus extern "C" { #endif @@ -61,19 +65,19 @@ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifdef WOLFSSL_MICROCHIP_PIC32MZ - #include + #include #endif #ifdef STM32_HASH - #include + #include #endif #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif #ifdef WOLFSSL_ESP32WROOM32_CRYPT - #include + #include #endif -#ifdef WOLFSSL_IMXRT_DCP - #include +#if defined(WOLFSSL_SILABS_SE_ACCEL) + #include #endif #if !defined(NO_OLD_SHA_NAMES) @@ -99,13 +103,11 @@ enum { #if defined(WOLFSSL_TI_HASH) #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" -#elif defined(WOLFSSL_IMX6_CAAM) +#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM) #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" #elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) #include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h" -#elif defined(WOLFSSL_PSOC6_CRYPTO) - #include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h" #else /* Sha digest */ @@ -114,6 +116,11 @@ struct wc_Sha { ltc_hash_ctx_t ctx; #elif defined(STM32_HASH) STM32_HASH_Context stmCtx; +#elif defined(WOLFSSL_SILABS_SE_ACCEL) + wc_silabs_sha_t silabsCtx; +#elif defined(WOLFSSL_IMXRT_DCP) + dcp_handle_t handle; + dcp_hash_ctx_t ctx; #else word32 buffLen; /* in bytes */ word32 loLen; /* length in bytes */ @@ -164,6 +171,9 @@ WOLFSSL_API void wc_ShaFree(wc_Sha*); WOLFSSL_API int wc_ShaGetHash(wc_Sha*, byte*); WOLFSSL_API int wc_ShaCopy(wc_Sha*, wc_Sha*); +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wc_ShaTransform(wc_Sha*, const byte*); +#endif #ifdef WOLFSSL_PIC32MZ_HASH WOLFSSL_API void wc_ShaSizeSet(wc_Sha* sha, word32 len); diff --git a/source/libwolfssl/wolfcrypt/sha256.h b/source/libwolfssl/wolfcrypt/sha256.h index ee460d19..e85480d0 100644 --- a/source/libwolfssl/wolfcrypt/sha256.h +++ b/source/libwolfssl/wolfcrypt/sha256.h @@ -1,6 +1,6 @@ /* sha256.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -61,6 +61,16 @@ #include "fsl_ltc.h" #endif +#ifdef WOLFSSL_IMXRT_DCP + #include "fsl_dcp.h" +#endif + +#if defined(WOLFSSL_PSOC6_CRYPTO) +#include "cy_crypto_core_sha.h" +#include "cy_device_headers.h" +#include "cy_crypto_common.h" +#include "cy_crypto_core.h" +#endif #ifdef __cplusplus extern "C" { @@ -88,6 +98,9 @@ #if defined(WOLFSSL_CRYPTOCELL) #include #endif +#if defined(WOLFSSL_SILABS_SE_ACCEL) + #include +#endif #if defined(_MSC_VER) #define SHA256_NOINLINE __declspec(noinline) @@ -119,17 +132,13 @@ enum { #ifdef WOLFSSL_TI_HASH #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" -#elif defined(WOLFSSL_IMX6_CAAM) +#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM) #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" #elif defined(WOLFSSL_AFALG_HASH) #include "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h" #elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) #include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h" -#elif defined(WOLFSSL_PSOC6_CRYPTO) - #include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h" -#elif defined(WOLFSSL_IMXRT_DCP) - #include #else /* wc_Sha256 digest */ @@ -138,6 +147,15 @@ struct wc_Sha256 { ltc_hash_ctx_t ctx; #elif defined(STM32_HASH_SHA2) STM32_HASH_Context stmCtx; +#elif defined(WOLFSSL_SILABS_SE_ACCEL) + wc_silabs_sha_t silabsCtx; +#elif defined(WOLFSSL_IMXRT_DCP) + dcp_handle_t handle; + dcp_hash_ctx_t ctx; +#elif defined(WOLFSSL_PSOC6_CRYPTO) + cy_stc_crypto_sha_state_t hash_state; + cy_en_crypto_sha_mode_t sha_mode; + cy_stc_crypto_v2_sha256_buffers_t sha_buffers; #else /* alignment on digest and buffer speeds up ARMv8 crypto operations */ ALIGN16 word32 digest[WC_SHA256_DIGEST_SIZE / sizeof(word32)]; @@ -193,7 +211,9 @@ WOLFSSL_API int wc_Sha256Update(wc_Sha256*, const byte*, word32); WOLFSSL_API int wc_Sha256FinalRaw(wc_Sha256*, byte*); WOLFSSL_API int wc_Sha256Final(wc_Sha256*, byte*); WOLFSSL_API void wc_Sha256Free(wc_Sha256*); - +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wc_Sha256Transform(wc_Sha256*, const byte*); +#endif WOLFSSL_API int wc_Sha256GetHash(wc_Sha256*, byte*); WOLFSSL_API int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst); @@ -211,9 +231,12 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32); #if !defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) +#if !defined(NO_OLD_SHA_NAMES) + #define SHA224 WC_SHA224 +#endif + #ifndef NO_OLD_WC_NAMES #define Sha224 wc_Sha224 - #define SHA224 WC_SHA224 #define SHA224_BLOCK_SIZE WC_SHA224_BLOCK_SIZE #define SHA224_DIGEST_SIZE WC_SHA224_DIGEST_SIZE #define SHA224_PAD_SIZE WC_SHA224_PAD_SIZE diff --git a/source/libwolfssl/wolfcrypt/sha3.h b/source/libwolfssl/wolfcrypt/sha3.h index f3287381..b75351fa 100644 --- a/source/libwolfssl/wolfcrypt/sha3.h +++ b/source/libwolfssl/wolfcrypt/sha3.h @@ -1,6 +1,6 @@ /* sha3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,13 +23,13 @@ #ifndef WOLF_CRYPT_SHA3_H #define WOLF_CRYPT_SHA3_H -#include +#include #ifdef WOLFSSL_SHA3 #ifdef HAVE_FIPS /* for fips @wc_fips */ - #include + #include #endif #ifdef __cplusplus @@ -37,7 +37,7 @@ #endif #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif /* in bytes */ @@ -86,11 +86,11 @@ enum { #ifdef WOLFSSL_XILINX_CRYPT #include "wolfssl/wolfcrypt/port/xilinx/xil-sha3.h" #elif defined(WOLFSSL_AFALG_XILINX_SHA3) - #include + #include #else /* Sha3 digest */ -struct Sha3 { +struct wc_Sha3 { /* State data that is processed for each block. */ word64 s[25]; /* Unprocessed message data. */ @@ -109,7 +109,7 @@ struct Sha3 { }; #ifndef WC_SHA3_TYPE_DEFINED - typedef struct Sha3 wc_Sha3; + typedef struct wc_Sha3 wc_Sha3; #define WC_SHA3_TYPE_DEFINED #endif diff --git a/source/libwolfssl/wolfcrypt/sha512.h b/source/libwolfssl/wolfcrypt/sha512.h index e0244508..9547390a 100644 --- a/source/libwolfssl/wolfcrypt/sha512.h +++ b/source/libwolfssl/wolfcrypt/sha512.h @@ -1,6 +1,6 @@ /* sha512.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,14 +27,14 @@ #ifndef WOLF_CRYPT_SHA512_H #define WOLF_CRYPT_SHA512_H -#include +#include #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) #if defined(HAVE_FIPS) && \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - #include + #include #endif /* HAVE_FIPS_VERSION >= 2 */ #if defined(HAVE_FIPS) && \ @@ -71,11 +71,21 @@ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifdef WOLFSSL_ASYNC_CRYPT - #include + #include #endif #ifdef WOLFSSL_ESP32WROOM32_CRYPT - #include + #include #endif +#if defined(WOLFSSL_SILABS_SE_ACCEL) + #include +#endif +#if defined(WOLFSSL_PSOC6_CRYPTO) + #include "cy_crypto_core_sha.h" + #include "cy_device_headers.h" + #include "cy_crypto_common.h" + #include "cy_crypto_core.h" +#endif + #if defined(_MSC_VER) #define SHA512_NOINLINE __declspec(noinline) #elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__) @@ -110,13 +120,16 @@ enum { }; -#ifdef WOLFSSL_IMX6_CAAM +#if defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM) #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" -#elif defined (WOLFSSL_PSOC6_CRYPTO) - #include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h" #else /* wc_Sha512 digest */ struct wc_Sha512 { +#ifdef WOLFSSL_PSOC6_CRYPTO + cy_stc_crypto_sha_state_t hash_state; + cy_en_crypto_sha_mode_t sha_mode; + cy_stc_crypto_v2_sha512_buffers_t sha_buffers; +#else word64 digest[WC_SHA512_DIGEST_SIZE / sizeof(word64)]; word64 buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64)]; word32 buffLen; /* in bytes */ @@ -136,9 +149,17 @@ struct wc_Sha512 { !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) WC_ESP32SHA ctx; #endif +#if defined(WOLFSSL_SILABS_SE_ACCEL) + wc_silabs_sha_t silabsCtx; +#endif +#ifdef WOLF_CRYPTO_CB + int devId; + void* devCtx; /* generic crypto callback context */ +#endif #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) word32 flags; /* enum wc_HashFlags in hash.h */ #endif +#endif /* WOLFSSL_PSOC6_CRYPTO */ }; #ifndef WC_SHA512_TYPE_DEFINED @@ -172,6 +193,9 @@ WOLFSSL_API int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst); WOLFSSL_API int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags); #endif +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data); +#endif #endif /* WOLFSSL_SHA512 */ #if defined(WOLFSSL_SHA384) diff --git a/source/libwolfssl/wolfcrypt/signature.h b/source/libwolfssl/wolfcrypt/signature.h index f1f53887..39748070 100644 --- a/source/libwolfssl/wolfcrypt/signature.h +++ b/source/libwolfssl/wolfcrypt/signature.h @@ -1,6 +1,6 @@ /* signature.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,9 +27,9 @@ #ifndef WOLF_CRYPT_SIGNATURE_H #define WOLF_CRYPT_SIGNATURE_H -#include -#include -#include +#include +#include +#include #ifdef __cplusplus extern "C" { diff --git a/source/libwolfssl/wolfcrypt/sp.h b/source/libwolfssl/wolfcrypt/sp.h index 837792e8..052871c5 100644 --- a/source/libwolfssl/wolfcrypt/sp.h +++ b/source/libwolfssl/wolfcrypt/sp.h @@ -1,6 +1,6 @@ /* sp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,19 +23,25 @@ #ifndef WOLF_CRYPT_SP_H #define WOLF_CRYPT_SP_H -#include +#include #if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \ defined(WOLFSSL_HAVE_SP_ECC) - -#ifndef WOLFSSL_LINUXKM -#include +#ifdef _WIN32_WCE + typedef __int8 int8_t; + typedef __int32 int32_t; + typedef __int64 int64_t; + typedef unsigned __int8 uint8_t; + typedef unsigned __int32 uint32_t; + typedef unsigned __int64 uint64_t; +#elif !defined(WOLFSSL_LINUXKM) + #include #endif -#include -#include +#include +#include -#include +#include #ifdef noinline #define SP_NOINLINE noinline @@ -56,6 +62,10 @@ #ifdef WOLFSSL_HAVE_SP_RSA +/* non-const versions only needed for inlined ARM assembly */ +#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \ + && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) ) + WOLFSSL_LOCAL int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm, byte* out, word32* outLen); WOLFSSL_LOCAL int sp_RsaPrivate_2048(const byte* in, word32 inLen, @@ -74,10 +84,39 @@ WOLFSSL_LOCAL int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm, byte* out, word32* outLen); +#else + +WOLFSSL_LOCAL int sp_RsaPublic_2048(const byte* in, word32 inLen, + const mp_int* em, const mp_int* mm, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_RsaPrivate_2048(const byte* in, word32 inLen, + const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, + const mp_int* dqm, const mp_int* qim, const mp_int* mm, byte* out, + word32* outLen); + +WOLFSSL_LOCAL int sp_RsaPublic_3072(const byte* in, word32 inLen, + const mp_int* em, const mp_int* mm, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_RsaPrivate_3072(const byte* in, word32 inLen, + const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, + const mp_int* dqm, const mp_int* qim, const mp_int* mm, byte* out, + word32* outLen); + +WOLFSSL_LOCAL int sp_RsaPublic_4096(const byte* in, word32 inLen, + const mp_int* em, const mp_int* mm, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_RsaPrivate_4096(const byte* in, word32 inLen, + const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, + const mp_int* dqm, const mp_int* qim, const mp_int* mm, byte* out, + word32* outLen); + +#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */ + #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || defined(WOLFSSL_HAVE_SP_RSA) +/* non-const versions only needed for inlined ARM assembly */ +#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \ + && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) ) + WOLFSSL_LOCAL int sp_ModExp_1024(mp_int* base, mp_int* exp, mp_int* mod, mp_int* res); WOLFSSL_LOCAL int sp_ModExp_1536(mp_int* base, mp_int* exp, mp_int* mod, @@ -89,10 +128,29 @@ WOLFSSL_LOCAL int sp_ModExp_3072(mp_int* base, mp_int* exp, mp_int* mod, WOLFSSL_LOCAL int sp_ModExp_4096(mp_int* base, mp_int* exp, mp_int* mod, mp_int* res); +#else + +WOLFSSL_LOCAL int sp_ModExp_1024(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); +WOLFSSL_LOCAL int sp_ModExp_1536(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); +WOLFSSL_LOCAL int sp_ModExp_2048(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); +WOLFSSL_LOCAL int sp_ModExp_3072(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); +WOLFSSL_LOCAL int sp_ModExp_4096(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); + +#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */ + #endif #ifdef WOLFSSL_HAVE_SP_DH +/* non-const versions only needed for inlined ARM assembly */ +#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \ + && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) ) + WOLFSSL_LOCAL int sp_DhExp_2048(mp_int* base, const byte* exp, word32 expLen, mp_int* mod, byte* out, word32* outLen); WOLFSSL_LOCAL int sp_DhExp_3072(mp_int* base, const byte* exp, word32 expLen, @@ -100,10 +158,25 @@ WOLFSSL_LOCAL int sp_DhExp_3072(mp_int* base, const byte* exp, word32 expLen, WOLFSSL_LOCAL int sp_DhExp_4096(mp_int* base, const byte* exp, word32 expLen, mp_int* mod, byte* out, word32* outLen); +#else + +WOLFSSL_LOCAL int sp_DhExp_2048(const mp_int* base, const byte* exp, + word32 expLen, const mp_int* mod, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_DhExp_3072(const mp_int* base, const byte* exp, + word32 expLen, const mp_int* mod, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_DhExp_4096(const mp_int* base, const byte* exp, + word32 expLen, const mp_int* mod, byte* out, word32* outLen); + +#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */ + #endif /* WOLFSSL_HAVE_SP_DH */ #ifdef WOLFSSL_HAVE_SP_ECC +/* non-const versions only needed for inlined ARM assembly */ +#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \ + && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) ) + int sp_ecc_mulmod_256(mp_int* km, ecc_point* gm, ecc_point* rm, int map, void* heap); int sp_ecc_mulmod_base_256(mp_int* km, ecc_point* rm, int map, void* heap); @@ -147,15 +220,94 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ); int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym); +#else + +int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* rm, + int map, void* heap); +int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, + const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap); +int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* rm, int map, + void* heap); +int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, + int inMont, ecc_point* rm, int map, void* heap); + +int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap); +int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out, + word32* outlen, void* heap); +int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, + const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap); +int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX, + const mp_int* pY, const mp_int* pZ, const mp_int* r, const mp_int* sm, + int* res, void* heap); +int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY); +int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, + const mp_int* privm, void* heap); +int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, + mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY, mp_int* rZ); +int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, + mp_int* rX, mp_int* rY, mp_int* rZ); +int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ); +int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym); + +int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* rm, + int map, void* heap); +int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, + const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap); +int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* rm, int map, + void* heap); +int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, + int inMont, ecc_point* rm, int map, void* heap); + +int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap); +int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out, + word32* outlen, void* heap); +int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, + const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap); +int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX, + const mp_int* pY, const mp_int* pZ, const mp_int* r, const mp_int* sm, + int* res, void* heap); +int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY); +int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, + const mp_int* privm, void* heap); +int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, + mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY, mp_int* rZ); +int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, + mp_int* rX, mp_int* rY, mp_int* rZ); +int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ); +int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym); + +int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* rm, + int map, void* heap); +int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* rm, int map, + void* heap); +int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, + int inMont, ecc_point* rm, int map, void* heap); +int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, + void* heap); +int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, + ecc_point* r, int map, void* heap); +int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res); +int sp_Pairing_1024(const ecc_point* p, const ecc_point* q, mp_int* res); +int sp_Pairing_gen_precomp_1024(const ecc_point* p, byte* table, word32* len); +int sp_Pairing_precomp_1024(const ecc_point* p, const ecc_point* q, mp_int* res, + const byte* table, word32 len); +int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY); +int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY, + const mp_int* privm, void* heap); + +#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */ + #ifdef WOLFSSL_SP_NONBLOCK -int sp_ecc_sign_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, - mp_int* rm, mp_int* sm, mp_int* km, void* heap); -int sp_ecc_verify_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY, - mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap); -int sp_ecc_sign_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, - mp_int* rm, mp_int* sm, mp_int* km, void* heap); -int sp_ecc_verify_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY, - mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap); +int sp_ecc_sign_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, + WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap); +int sp_ecc_verify_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, + const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r, + const mp_int* sm, int* res, void* heap); +int sp_ecc_sign_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, + WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap); +int sp_ecc_verify_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, + const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r, + const mp_int* sm, int* res, void* heap); #endif /* WOLFSSL_SP_NONBLOCK */ #endif /* WOLFSSL_HAVE_SP_ECC */ diff --git a/source/libwolfssl/wolfcrypt/sp_int.h b/source/libwolfssl/wolfcrypt/sp_int.h index 694107e0..92672621 100644 --- a/source/libwolfssl/wolfcrypt/sp_int.h +++ b/source/libwolfssl/wolfcrypt/sp_int.h @@ -1,6 +1,6 @@ /* sp_int.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -28,9 +28,124 @@ This library provides single precision (SP) integer math functions. #define WOLF_CRYPT_SP_INT_H #ifndef WOLFSSL_LINUXKM -#include #include #endif +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* Find smallest type for smallest bits. */ +#if UCHAR_MAX == 255 + #define SP_UCHAR_BITS 8 + + typedef unsigned char sp_uint8; + typedef char sp_int8; +#elif UCHAR_MAX == 127 + #define SP_UCHAR_BITS 7 + + typedef unsigned char sp_uint7; + typedef char sp_int7; +#else + #error "Size of unsigned short not detected" +#endif + +#if USHRT_MAX == 65535 + #define SP_USHORT_BITS 16 + + typedef unsigned short sp_uint16; + typedef short sp_int16; +#elif USHRT_MAX == 255 + #define SP_USHORT_BITS 8 + + #if USHRT_MAX > UCHAR_MAX + typedef unsigned short sp_uint8; + typedef short sp_int8; + #endif +#else + #error "Size of unsigned short not detected" +#endif + +#if UINT_MAX == 4294967295UL + #define SP_UINT_BITS 32 + + typedef unsigned int sp_uint32; + typedef int sp_int32; +#elif UINT_MAX == 65535 + #define SP_UINT_BITS 16 + + #if UINT_MAX > USHRT_MAX + typedef unsigned int sp_uint16; + typedef int sp_int16; + #endif +#elif UINT_MAX == 255 + #define SP_UINT_BITS 8 + + #if UINT_MAX > USHRT_MAX + typedef unsigned int sp_uint8; + typedef int sp_int8; + #endif +#else + #error "Size of unsigned int not detected" +#endif + +#if ULONG_MAX == 18446744073709551615UL + #define SP_ULONG_BITS 64 + + typedef unsigned long sp_uint64; + typedef long sp_int64; +#elif ULONG_MAX == 4294967295UL + #define SP_ULONG_BITS 32 + + #if ULONG_MAX > UINT_MAX + typedef unsigned long sp_uint32; + typedef long sp_int32; + #endif +#elif ULONG_MAX == 65535 + #define SP_ULONG_BITS 16 + + #if ULONG_MAX > UINT_MAX + typedef unsigned long sp_uint16; + typedef long sp_int16; + #endif +#else + #error "Size of unsigned long not detected" +#endif + +#ifdef ULLONG_MAX + #if ULLONG_MAX == 18446744073709551615ULL + #define SP_ULLONG_BITS 64 + + #if SP_ULLONG_BITS > SP_ULONG_BITS + typedef unsigned long long sp_uint64; + typedef long long sp_int64; + #endif + #elif ULLONG_MAX == 4294967295UL + #define SP_ULLONG_BITS 32 + + #if SP_ULLONG_BITS > SP_ULONG_BITS + typedef unsigned long long sp_uint32; + typedef long long sp_int32; + #endif + #elif ULLONG_MAX == 65535 + #define SP_ULLONG_BITS 16 + + #if SP_ULLONG_BITS > SP_ULONG_BITS + typedef unsigned long long sp_uint16; + typedef long long sp_int16; + #endif + #else + #error "Size of unsigned long long not detected" + #endif +#else + #define SP_ULLONG_BITS 0 +#endif + + +#ifdef WOLFSSL_SP_DIV_32 +#define WOLFSSL_SP_DIV_WORD_HALF +#endif /* Make sure WOLFSSL_SP_ASM build option defined when requested */ #if !defined(WOLFSSL_SP_ASM) && ( \ @@ -41,19 +156,54 @@ This library provides single precision (SP) integer math functions. #endif -#ifdef WOLFSSL_SP_X86_64_ASM - #define SP_WORD_SIZE 64 - - #define HAVE_INTEL_AVX1 - #define HAVE_INTEL_AVX2 -#elif defined(WOLFSSL_SP_ARM64_ASM) - #define SP_WORD_SIZE 64 -#elif defined(WOLFSSL_SP_ARM32_ASM) +/* Determine the number of bits to use in each word. */ +#ifdef SP_WORD_SIZE +#elif defined(WOLFSSL_DSP_BUILD) #define SP_WORD_SIZE 32 -#elif defined(WOLFSSL_SP_ARM_THUMB_ASM) +#elif defined(WOLFSSL_SP_X86_64) && !defined(WOLFSSL_SP_X86_64_ASM) && \ + !defined(HAVE___UINT128_T) #define SP_WORD_SIZE 32 +#elif defined(WOLFSSL_SP_X86_64_ASM) || defined(WOLFSSL_SP_X86_64) + #if SP_ULONG_BITS == 64 || SP_ULLONG_BITS == 64 + #define SP_WORD_SIZE 64 + #define HAVE_INTEL_AVX1 + #ifndef NO_AVX2_SUPPORT + #define HAVE_INTEL_AVX2 + #endif + #elif SP_ULONG_BITS == 32 + #define SP_WORD_SIZE 32 + #undef WOLFSSL_SP_ASM + #elif SP_ULONG_BITS == 16 + #define SP_WORD_SIZE 16 + #undef WOLFSSL_SP_ASM + #endif +#elif defined(WOLFSSL_SP_X86) + #define SP_WORD_SIZE 32 +#elif defined(WOLFSSL_SP_ARM64_ASM) || defined(WOLFSSL_SP_ARM64) + #define SP_WORD_SIZE 64 +#elif defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM32) + #define SP_WORD_SIZE 32 +#elif defined(WOLFSSL_SP_ARM_THUMB_ASM) || defined(WOLFSSL_SP_ARM_THUMB) + #define SP_WORD_SIZE 32 +#elif defined(WOLFSSL_SP_PPC) + #define SP_WORD_SIZE 32 +#elif defined(WOLFSSL_SP_PPC64) + #define SP_WORD_SIZE 64 +#elif defined(WOLFSSL_SP_MIPS) + #define SP_WORD_SIZE 32 +#elif defined(WOLFSSL_SP_MIPS64) + #define SP_WORD_SIZE 64 +#elif defined(WOLFSSL_SP_RISCV32) + #define SP_WORD_SIZE 32 +#elif defined(WOLFSSL_SP_RISCV64) + #define SP_WORD_SIZE 64 +#elif defined(WOLFSSL_SP_S390X) + #define SP_WORD_SIZE 64 #endif +/* If no predefined or assembly required size then use maximum available + * with compiler. + */ #ifndef SP_WORD_SIZE #if defined(NO_64BIT) || !defined(HAVE___UINT128_T) #define SP_WORD_SIZE 32 @@ -62,63 +212,130 @@ This library provides single precision (SP) integer math functions. #endif #endif -#ifdef WOLFSSL_DSP_BUILD - typedef int32 sp_digit; - typedef uint32 sp_int_digit; - typedef uint64 sp_int_word; - typedef int64 sp_int_sword; - #undef SP_WORD_SIZE - #define SP_WORD_SIZE 32 -#elif !defined(WOLFSSL_SP_ASM) - #if SP_WORD_SIZE == 32 - typedef int32_t sp_digit; - typedef uint32_t sp_int_digit; - typedef uint64_t sp_int_word; - typedef int64_t sp_int_sword; - #elif SP_WORD_SIZE == 64 - typedef int64_t sp_digit; - typedef uint64_t sp_int_digit; +/* Number of bytes in each word. */ +#define SP_WORD_SIZEOF (SP_WORD_SIZE / 8) + +/* Define the types used. */ +#ifdef HAVE___UINT128_T #ifdef __SIZEOF_INT128__ - typedef __uint128_t uint128_t; - typedef __int128_t int128_t; + typedef __uint128_t sp_uint128; + typedef __int128_t sp_int128; #else - typedef unsigned long uint128_t __attribute__ ((mode(TI))); - typedef long int128_t __attribute__ ((mode(TI))); + typedef unsigned long sp_uint128 __attribute__ ((mode(TI))); + typedef long sp_int128 __attribute__ ((mode(TI))); #endif - typedef uint128_t sp_int_word; - typedef int128_t sp_int_sword; - #endif -#else - #if SP_WORD_SIZE == 32 - typedef uint32_t sp_digit; - typedef uint32_t sp_int_digit; - typedef uint64_t sp_int_word; - typedef int64_t sp_int_sword; - #elif SP_WORD_SIZE == 64 - typedef uint64_t sp_digit; - typedef uint64_t sp_int_digit; - #ifdef __SIZEOF_INT128__ - typedef __uint128_t uint128_t; - typedef __int128_t int128_t; - #else - typedef unsigned long uint128_t __attribute__ ((mode(TI))); - typedef long int128_t __attribute__ ((mode(TI))); + #ifndef WOLFSSL_UINT128_T_DEFINED + #ifdef __SIZEOF_INT128__ + typedef __uint128_t uint128_t; + typedef __int128_t int128_t; + #else + typedef unsigned long uint128_t __attribute__ ((mode(TI))); + typedef long int128_t __attribute__ ((mode(TI))); + #endif + #define WOLFSSL_UINT128_T_DEFINED #endif - typedef uint128_t sp_int_word; - typedef int128_t sp_int_sword; - #endif #endif -#if SP_WORD_SIZE == 32 - #define SP_MASK ((sp_int_digit)0xffffffffU) +#if SP_WORD_SIZE == 8 + typedef sp_uint8 sp_int_digit; + typedef sp_int8 sp_sint_digit; + typedef sp_uint16 sp_int_word; + typedef sp_int16 sp_int_sword; + + #define SP_MASK 0xffU +#elif SP_WORD_SIZE == 16 + typedef sp_uint16 sp_int_digit; + typedef sp_int16 sp_sint_digit; + typedef sp_uint32 sp_int_word; + typedef sp_int32 sp_int_sword; + + #define SP_MASK 0xffffU +#elif SP_WORD_SIZE == 32 + typedef sp_uint32 sp_int_digit; + typedef sp_int32 sp_sint_digit; + typedef sp_uint64 sp_int_word; + typedef sp_int64 sp_int_sword; + + #define SP_MASK 0xffffffffU #elif SP_WORD_SIZE == 64 - #define SP_MASK ((sp_int_digit)0xffffffffffffffffUL) + typedef sp_uint64 sp_int_digit; + typedef sp_int64 sp_sint_digit; +#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL) + typedef sp_uint128 sp_int_word; + typedef sp_int128 sp_int_sword; +#endif + + #define SP_MASK 0xffffffffffffffffUL #else #error Word size not defined #endif +/* Define an SP digit. */ +#ifndef WOLFSSL_SP_ASM + /* SP C code uses n/m bits and therefore needs a signed type. */ + #if SP_WORD_SIZE == 8 + typedef sp_int8 sp_digit; + #elif SP_WORD_SIZE == 16 + typedef sp_int16 sp_digit; + #elif SP_WORD_SIZE == 32 + typedef sp_int32 sp_digit; + #elif SP_WORD_SIZE == 64 + typedef sp_int64 sp_digit; + #endif +#else + /* SP ASM code uses full size and needs an unsigned type. */ + #if SP_WORD_SIZE == 8 + typedef sp_uint8 sp_digit; + #elif SP_WORD_SIZE == 16 + typedef sp_uint16 sp_digit; + #elif SP_WORD_SIZE == 32 + typedef sp_uint32 sp_digit; + #elif SP_WORD_SIZE == 64 + typedef sp_uint64 sp_digit; + #endif +#endif + +/** Number of bits in a half a word. */ +#define SP_HALF_SIZE (SP_WORD_SIZE / 2) +/** Maximum value that can be held in a half a word. */ +#define SP_HALF_MAX (((sp_digit)1 << SP_HALF_SIZE) - 1) +/** Maximum value that can be held in a word. */ +#define SP_DIGIT_MAX SP_MASK +/* Number of bits to shift to divide by word size. */ +#if SP_WORD_SIZE == 8 + #define SP_WORD_SHIFT 3 +#elif SP_WORD_SIZE == 16 + #define SP_WORD_SHIFT 4 +#elif SP_WORD_SIZE == 32 + #define SP_WORD_SHIFT 5 +#elif SP_WORD_SIZE == 64 + #define SP_WORD_SHIFT 6 +#endif +/* Mask of word size. */ +#define SP_WORD_MASK (SP_WORD_SIZE - 1) + +/* For debugging only - format string for different digit sizes. */ +#if SP_WORD_SIZE == 64 + #if SP_ULONG_BITS == 64 + #define SP_PRINT_FMT "%016lx" + #else + #define SP_PRINT_FMT "%016llx" + #endif +#elif SP_WORD_SIZE == 32 + #if SP_UINT_BITS == 32 + #define SP_PRINT_FMT "%08x" + #else + #define SP_PRINT_FMT "%08lx" + #endif +#elif SP_WORD_SIZE == 16 + #define SP_PRINT_FMT "%04x" +#elif SP_WORD_SIZE == 8 + #define SP_PRINT_FMT "%02x" +#endif + #if defined(WOLFSSL_HAVE_SP_ECC) && defined(WOLFSSL_SP_NONBLOCK) +/* Non-blocking ECC operation context. */ typedef struct sp_ecc_ctx { #ifdef WOLFSSL_SP_384 byte data[48*80]; /* stack data */ @@ -128,186 +345,658 @@ typedef struct sp_ecc_ctx { } sp_ecc_ctx_t; #endif -#ifdef WOLFSSL_SP_MATH -#include +#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL) +#include -#if !defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_HAVE_SP_DH) - #if !defined(NO_PWDBASED) && defined(WOLFSSL_SHA512) - #define SP_INT_DIGITS ((512 + SP_WORD_SIZE) / SP_WORD_SIZE) - #elif defined(WOLFSSL_SP_384) - #define SP_INT_DIGITS ((384 + SP_WORD_SIZE) / SP_WORD_SIZE) +#ifdef SP_INT_BITS + /* Calculate number of digits to have in an sp_int based maximum size of + * numbers in bits that will be used. + * Double the size to hold multiplication result. + * Add one to accommodate extra digit used by sp_mul(), sp_mulmod(), sp_sqr(), and sp_sqrmod(). + */ + #define SP_INT_DIGITS \ + ((((SP_INT_BITS + (SP_WORD_SIZE - 1)) * 2 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) +#endif + +#ifndef SP_INT_DIGITS + /* Calculate number of digits to have in an sp_int based on features + * compiled in. + */ + #if !defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_HAVE_SP_DH) && \ + !defined(WOLFSSL_HAVE_SP_ECC) + #if !defined(NO_RSA) || !defined(NO_DH) || !defined(NO_DSA) + #define SP_INT_DIGITS (((6144 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #elif defined(WOLFCRYPT_HAVE_SAKKE) + #define SP_INT_DIGITS \ + (((2 * (1024 + SP_WORD_SIZE) + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #elif defined(HAVE_ECC) + #define SP_INT_DIGITS \ + (((2 * ( 521 + SP_WORD_SIZE) + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #elif !defined(NO_PWDBASED) && defined(WOLFSSL_SHA512) + #define SP_INT_DIGITS ((( 512 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #else + #define SP_INT_DIGITS ((( 256 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #endif + #elif !defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_HAVE_SP_DH) + #if defined(WOLFCRYPT_HAVE_SAKKE) + #define SP_INT_DIGITS \ + (((2 * (1024 + SP_WORD_SIZE) + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #elif defined(WOLFSSL_SP_MATH_ALL) + #define SP_INT_DIGITS \ + (((2 * ( 521 + SP_WORD_SIZE) + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #elif defined(WOLFSSL_SP_384) + #define SP_INT_DIGITS ((( 768 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #else + #define SP_INT_DIGITS ((( 512 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #endif + #elif defined(WOLFSSL_SP_4096) + #if defined(WOLFSSL_HAVE_SP_DH) + #define SP_INT_DIGITS (((8192 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #else + #define SP_INT_DIGITS (((4096 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #endif + #elif !defined(WOLFSSL_SP_NO_3072) + #if defined(WOLFSSL_HAVE_SP_DH) + #define SP_INT_DIGITS (((6144 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #else + #define SP_INT_DIGITS (((3072 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #endif #else - #define SP_INT_DIGITS ((256 + SP_WORD_SIZE) / SP_WORD_SIZE) - #endif -#elif defined(WOLFSSL_SP_4096) - #if defined(WOLFSSL_HAVE_SP_DH) - #define SP_INT_DIGITS ((8192 + SP_WORD_SIZE) / SP_WORD_SIZE) - #else - #define SP_INT_DIGITS ((4096 + SP_WORD_SIZE) / SP_WORD_SIZE) - #endif -#elif !defined(WOLFSSL_SP_NO_3072) - #if defined(WOLFSSL_HAVE_SP_DH) - #define SP_INT_DIGITS ((6144 + SP_WORD_SIZE) / SP_WORD_SIZE) - #else - #define SP_INT_DIGITS ((3072 + SP_WORD_SIZE) / SP_WORD_SIZE) - #endif -#else - #if defined(WOLFSSL_HAVE_SP_DH) - #define SP_INT_DIGITS ((4096 + SP_WORD_SIZE) / SP_WORD_SIZE) - #else - #define SP_INT_DIGITS ((2048 + SP_WORD_SIZE) / SP_WORD_SIZE) + #if defined(WOLFSSL_HAVE_SP_DH) || \ + (defined(WOLFSSL_HAVE_SP_RSA) && defined(WOLFSSL_KEY_GEN)) + #define SP_INT_DIGITS (((4096 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #else + #define SP_INT_DIGITS (((2048 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #endif #endif #endif -#define sp_isodd(a) ((a)->used != 0 && ((a)->dp[0] & 1)) -#define sp_iseven(a) ((a)->used != 0 && ((a)->dp[0] & 1) == 0) -#define sp_iszero(a) ((a)->used == 0) -#define sp_isone(a) ((a)->used == 1 && (a)->dp[0] == 1) -#define sp_abs(a, b) sp_copy(a, b) +#ifndef SP_INT_MAX_BITS + /* Convert number digits to number of bits. */ + #define SP_INT_MAX_BITS (SP_INT_DIGITS * SP_WORD_SIZE) +#endif + +#if SP_WORD_SIZE < 32 + /* Maximum number of digits in a number to mul or sqr. */ + #define SP_MUL_SQR_DIGITS (SP_INT_MAX_BITS / 2 / SP_WORD_SIZE) + /* Maximum value of partial in mul/sqr. */ + #define SP_MUL_SQR_MAX_PARTIAL \ + (SP_MUL_SQR_DIGITS * ((1 << SP_WORD_SIZE) - 1)) + /* Maximim value in an sp_int_word. */ + #define SP_INT_WORD_MAX ((1 << (SP_WORD_SIZE * 2)) - 1) + + #if SP_MUL_SQR_MAX_PARTIAL > SP_INT_WORD_MAX + /* The sum of the partials in the multiplicaiton/square can exceed the + * size of a word. This will overflow the word and loose data. + * Use an implementation that handles carry after every add and uses an + * extra temporary word for overflowing high word. + */ + #define SP_WORD_OVERFLOW + #endif +#endif + + +#ifndef NO_FILESYSTEM +/* Output is formatted to be used with script that checks calculations. */ + +/* Print out a number in big endian. */ +#ifndef WOLFSSL_SP_INT_NEGATIVE +/* Print out a positive multi-precision number. + * + * @param [in] a SP integer to print. + * @param [in] s String that describes the use of the number. + */ +#define sp_print(a, s) \ + do { \ + int ii; \ + fprintf(stderr, "%s=0x0", s); \ + for (ii = (a)->used-1; ii >= 0; ii--) { \ + fprintf(stderr, SP_PRINT_FMT, (a)->dp[ii]); \ + } \ + fprintf(stderr, "\n"); \ + } \ + while (0) +#else +/* Print out a multi-precision number. + * + * @param [in] a SP integer to print. + * @param [in] s String that describes the use of the number. + */ +#define sp_print(a, s) \ + do { \ + int ii; \ + fprintf(stderr, "%s=0x", s); \ + if ((a)->sign == MP_NEG) { \ + fprintf(stderr, "-"); \ + } \ + fprintf(stderr, "0"); \ + for (ii = (a)->used-1; ii >= 0; ii--) { \ + fprintf(stderr, SP_PRINT_FMT, (a)->dp[ii]); \ + } \ + fprintf(stderr, "\n"); \ + } \ + while (0) +#endif + +/* Print out a single multi-precision digit. + * + * @param [in] a SP integer digit to print. + * @param [in] s String that describes the use of the number. + */ +#define sp_print_digit(a, s) \ + do { \ + fprintf(stderr, "%s=0x0", s); \ + fprintf(stderr, SP_PRINT_FMT, a); \ + fprintf(stderr, "\n"); \ + } \ + while (0) + +/* Print out an integer. + * + * @param [in] a Number to print. + * @param [in] s String that describes the use of the number. + */ +#define sp_print_int(a, s) \ + do { \ + fprintf(stderr, "%s=0x0%x\n", s, a); \ + } \ + while (0) + +#else + + /* No filesystem, no output + * TODO: Use logging API? + */ + #define sp_print(a, s) + #define sp_print_digit(a, s) + #define sp_print_int(a, s) + +#endif /* !NO_FILESYSTEM */ + +/* Returns whether multi-precision number is odd + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @return 1 when odd. + * @return 0 when even. + */ +#define sp_isodd(a) (((a)->used != 0) && ((a)->dp[0] & 1)) +/* Returns whether multi-precision number is even + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @return 1 when even. + * @return 0 when odd. + */ +#define sp_iseven(a) (((a)->used != 0) && (((a)->dp[0] & 1) == 0)) +/* Returns whether multi-precision number has the value zero. + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @return 1 when zero. + * @return 0 when not zero. + */ +#define sp_iszero(a) ((a)->used == 0) + +#ifndef WOLFSSL_SP_INT_NEGATIVE +/* Returns whether multi-precision number has the value one. + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @return 1 when one. + * @return 0 when not one. + */ +#define sp_isone(a) (((a)->used == 1) && ((a)->dp[0] == 1)) +#else +/* Returns whether multi-precision number has the value of positive one. + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @return 1 when one. + * @return 0 when not one. + */ +#define sp_isone(a) \ + (((a)->used == 1) && ((a)->dp[0] == 1) && ((a)->sign == MP_ZPOS)) +#endif + +#ifndef WOLFSSL_SP_INT_NEGATIVE +/* Returns whether multi-precision number has the value 'd'. + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @param [in] d SP integer digit. + * @return 1 when one. + * @return 0 when not one. + */ +#define sp_isword(a, d) \ + ((((d) == 0) && sp_iszero(a)) || (((a)->used == 1) && ((a)->dp[0] == (d)))) +#else +/* Returns whether multi-precision number has the value 'd'. + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @param [in] d SP integer digit. + * @return 1 when one. + * @return 0 when not one. + */ +#define sp_isword(a, d) \ + ((((d) == 0) && sp_iszero(a)) || \ + (((a)->used == 1) && ((a)->dp[0] == (d)) && ((a)->sign == MP_ZPOS))) +#endif + +#ifndef WOLFSSL_SP_INT_NEGATIVE +/* Calculate the absolute value of the multi-precision number. + * + * Negative support not compiled in so just copies. + * + * @param [in] a SP integer to calculate absolute value of. + * @param [out] r SP integer to hold result. + * + * @return MP_OKAY on success. + * @return MP_VAL when a or r is NULL. + */ +#define sp_abs(a, b) sp_copy(a, b) +/* Returns whether multi-precision number is negative. + * + * Negative support not compiled in so always returns 0 (false). + * + * @param [in] a SP integer to check. + * @param [in] d SP integer digit. + * @return 0 indicating not negative always. + */ +#define sp_isneg(a) (0) +#else +/* Returns whether multi-precision number is negative. + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @param [in] d SP integer digit. + * @return 1 when negative. + * @return 0 when not negative. + */ +#define sp_isneg(a) ((a)->sign == MP_NEG) +#endif + +/* Updates the used count to exclude leading zeros. + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to update. + */ +#define sp_clamp(a) \ + do { \ + int ii; \ + for (ii = a->used - 1; ii >= 0 && a->dp[ii] == 0; ii--) { \ + } \ + a->used = ii + 1; \ + } while (0) + +/* Check the compiled and linked math implementation are the same. + * Use the number of bits in a digit as indication of how code was compiled. + * + * @return 1 when the number of bits are the same. + * @return 0 when the number of bits are differnt. + */ +#define CheckFastMathSettings() (SP_WORD_SIZE == CheckRunTimeFastMath()) + + +/* The number of bytes to a sp_int with 'cnt' digits. + * Must have at least one digit. + */ +#define MP_INT_SIZEOF(cnt) \ + (sizeof(sp_int) - (SP_INT_DIGITS - (((cnt) == 0) ? 1 : (cnt))) * \ + sizeof(sp_int_digit)) +/* The address of the next sp_int after one with 'cnt' digits. */ +#define MP_INT_NEXT(t, cnt) \ + (sp_int*)(((byte*)(t)) + MP_INT_SIZEOF(cnt)) + +/** + * A reuslt of NO. + * e.g. Is prime? NO. + */ +#define MP_NO 0 +/** + * A reuslt of YES. + * e.g. Is prime? YES. + */ +#define MP_YES 1 + +#ifdef WOLFSSL_SP_INT_NEGATIVE +/** Number is 0/positive. */ +#define MP_ZPOS 0 +/** Number is negative. */ +#define MP_NEG 1 +#endif + +/** Radix is base 10 or decimal. */ +#define MP_RADIX_DEC 10 +/** Radix is base 16 or hexadecimal. */ +#define MP_RADIX_HEX 16 + +/** Result of comparison is that the first number is greater than second. */ +#define MP_GT 1 +/** Result of comparison is they are equal. */ +#define MP_EQ 0 +/** Result of comparison is that the first number is less than second. */ +#define MP_LT -1 + +/* ERROR VALUES */ +/** Error value on success. */ +#define MP_OKAY 0 +/** Error value when dynamic memory allocation fails. */ +#define MP_MEM -2 +/** Error value when value passed is not able to be used. */ +#define MP_VAL -3 +/** Error value when non-blocking operation is returning after partial + * completion. + */ +#define FP_WOULDBLOCK -4 +/* Unused error. Defined for backward compatability. */ +#define MP_NOT_INF -5 +/* Unused error. Defined for backward compatability. */ +#define MP_RANGE MP_NOT_INF + +/* Number of bits in each word/digit. */ +#define DIGIT_BIT SP_WORD_SIZE +/* Mask of all used bits in word/digit. */ +#define MP_MASK SP_MASK + #ifdef HAVE_WOLF_BIGINT - /* raw big integer */ + /* Raw big integer as a big-endian byte array. + * + * Useful for when using hardware - canonical format. + */ typedef struct WC_BIGINT { + /* Dynamically allocated buffer that is big-endian byte array. */ byte* buf; + /* Length of buffer in bytes. */ word32 len; + /* Hint for heap used to allocate buffer. */ void* heap; } WC_BIGINT; + + /* Ensure WC_BIGINT defined once. */ #define WOLF_BIGINT_DEFINED #endif + +/** + * SP integer. + * + * dp at end so user can allocate a smaller amount and set size. + */ typedef struct sp_int { + /** Number of words that contain data. */ int used; + /** Maximum number of words in data. */ int size; - sp_int_digit dp[SP_INT_DIGITS]; -#ifdef HAVE_WOLF_BIGINT - struct WC_BIGINT raw; /* unsigned binary (big endian) */ +#ifdef WOLFSSL_SP_INT_NEGATIVE + /** Indicates whether number is 0/positive or negative. */ + int sign; #endif +#ifdef HAVE_WOLF_BIGINT + /** Unsigned binary (big endian) representation of number. */ + struct WC_BIGINT raw; +#endif + /** Data of number. */ + sp_int_digit dp[SP_INT_DIGITS]; } sp_int; +/* Mulit-precision integer type is SP integer type. */ typedef sp_int mp_int; +/* Mulit-precision integer digit type is SP integer digit type. + * Type is unsigned. + */ typedef sp_int_digit mp_digit; -#include +/* Include the maths operations that are not implementation specific. */ +#include + +/* + * Function prototypes. + */ MP_API int sp_init(sp_int* a); -MP_API int sp_init_multi(sp_int* a, sp_int* b, sp_int* c, sp_int* d, - sp_int* e, sp_int* f); +MP_API int sp_init_size(sp_int* a, int size); +MP_API int sp_init_multi(sp_int* n1, sp_int* n2, sp_int* n3, sp_int* n4, + sp_int* n5, sp_int* n6); MP_API void sp_free(sp_int* a); -MP_API void sp_clear(sp_int* a); -MP_API int sp_unsigned_bin_size(sp_int* a); -MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz); -MP_API int sp_read_radix(sp_int* a, const char* in, int radix); -MP_API int sp_cmp(sp_int* a, sp_int* b); -MP_API int sp_count_bits(sp_int* a); -MP_API int sp_leading_bit(sp_int* a); -MP_API int sp_to_unsigned_bin(sp_int* a, byte* out); -MP_API int sp_to_unsigned_bin_len(sp_int* a, byte* out, int outSz); -MP_API void sp_forcezero(sp_int* a); -MP_API int sp_copy(sp_int* a, sp_int* r); -MP_API int sp_set(sp_int* a, sp_int_digit d); -MP_API void sp_clamp(sp_int* a); MP_API int sp_grow(sp_int* a, int l); -MP_API int sp_sub_d(sp_int* a, sp_int_digit d, sp_int* r); -MP_API int sp_cmp_d(sp_int* a, sp_int_digit d); -MP_API int sp_sub(sp_int* a, sp_int* b, sp_int* r); -MP_API int sp_mod(sp_int* a, sp_int* m, sp_int* r); + MP_API void sp_zero(sp_int* a); -MP_API int sp_add_d(sp_int* a, sp_int_digit d, sp_int* r); -MP_API int sp_lshd(sp_int* a, int s); -MP_API int sp_add(sp_int* a, sp_int* b, sp_int* r); -MP_API int sp_set_int(sp_int* a, unsigned long b); -MP_API int sp_tohex(sp_int* a, char* str); +MP_API void sp_clear(sp_int* a); +MP_API void sp_forcezero(sp_int* a); +MP_API int sp_init_copy (sp_int* r, sp_int* a); + +MP_API int sp_copy(const sp_int* a, sp_int* r); +MP_API int sp_exch(sp_int* a, sp_int* b); +MP_API int sp_cond_swap_ct(mp_int * a, mp_int * b, int c, int m); + +#ifdef WOLFSSL_SP_INT_NEGATIVE +MP_API int sp_abs(sp_int* a, sp_int* b); +#endif +#ifdef WOLFSSL_SP_MATH_ALL +MP_API int sp_cmp_mag(sp_int* a, sp_int* b); +#endif +MP_API int sp_cmp(sp_int* a, sp_int* b); + +MP_API int sp_is_bit_set(sp_int* a, unsigned int b); +MP_API int sp_count_bits(const sp_int* a); +#if defined(HAVE_ECC) && defined(HAVE_COMP_KEY) +MP_API int sp_cnt_lsb(sp_int* a); +#endif +MP_API int sp_leading_bit(sp_int* a); MP_API int sp_set_bit(sp_int* a, int i); MP_API int sp_2expt(sp_int* a, int e); -MP_API int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap); + +MP_API int sp_set(sp_int* a, sp_int_digit d); +MP_API int sp_set_int(sp_int* a, unsigned long n); +MP_API int sp_cmp_d(sp_int* a, sp_int_digit d); +MP_API int sp_add_d(sp_int* a, sp_int_digit d, sp_int* r); +MP_API int sp_sub_d(sp_int* a, sp_int_digit d, sp_int* r); +MP_API int sp_mul_d(sp_int* a, sp_int_digit d, sp_int* r); +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) +MP_API int sp_div_d(sp_int* a, sp_int_digit d, sp_int* r, sp_int_digit* rem); +#endif +#if defined(WOLFSSL_SP_MATH_ALL) || (defined(HAVE_ECC) && \ + defined(HAVE_COMP_KEY)) +MP_API int sp_mod_d(sp_int* a, const sp_int_digit d, sp_int_digit* r); +#endif +#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) +MP_API int sp_div_2_mod_ct (sp_int* a, sp_int* b, sp_int* c); +MP_API int sp_div_2(sp_int* a, sp_int* r); +#endif + +MP_API int sp_add(sp_int* a, sp_int* b, sp_int* r); +MP_API int sp_sub(sp_int* a, sp_int* b, sp_int* r); +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + (!defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_CUSTOM_CURVES)) || \ + defined(WOLFCRYPT_HAVE_ECCSI) || defined(WOLFCRYPT_HAVE_SAKKE) +MP_API int sp_addmod(sp_int* a, sp_int* b, sp_int* m, sp_int* r); +#endif +#if defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY) +MP_API int sp_submod(sp_int* a, sp_int* b, sp_int* m, sp_int* r); +#endif +#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) +MP_API int sp_submod_ct (sp_int* a, sp_int* b, sp_int* c, sp_int* d); +MP_API int sp_addmod_ct (sp_int* a, sp_int* b, sp_int* c, sp_int* d); +#endif + +MP_API int sp_lshd(sp_int* a, int s); +MP_API void sp_rshd(sp_int* a, int c); +MP_API void sp_rshb(sp_int* a, int n, sp_int* r); + +#ifdef WOLFSSL_SP_MATH_ALL +MP_API int sp_div(sp_int* a, sp_int* d, sp_int* r, sp_int* rem); +#endif +MP_API int sp_mod(sp_int* a, sp_int* m, sp_int* r); + MP_API int sp_mul(sp_int* a, sp_int* b, sp_int* r); MP_API int sp_mulmod(sp_int* a, sp_int* b, sp_int* m, sp_int* r); -MP_API int sp_gcd(sp_int* a, sp_int* b, sp_int* r); + MP_API int sp_invmod(sp_int* a, sp_int* m, sp_int* r); -MP_API int sp_lcm(sp_int* a, sp_int* b, sp_int* r); +#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) +MP_API int sp_invmod_mont_ct(sp_int* a, sp_int* m, sp_int* r, sp_int_digit mp); +#endif + +MP_API int sp_exptmod_ex(sp_int* b, sp_int* e, int digits, sp_int* m, + sp_int* r); MP_API int sp_exptmod(sp_int* b, sp_int* e, sp_int* m, sp_int* r); +#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) +MP_API int sp_exptmod_nct(sp_int* b, sp_int* e, sp_int* m, sp_int* r); +#endif + +#ifdef WOLFSSL_SP_MATH_ALL +MP_API int sp_div_2d(sp_int* a, int e, sp_int* r, sp_int* rem); +MP_API int sp_mod_2d(sp_int* a, int e, sp_int* r); +MP_API int sp_mul_2d(sp_int* a, int e, sp_int* r); +#endif + +MP_API int sp_sqr(sp_int* a, sp_int* r); +MP_API int sp_sqrmod(sp_int* a, sp_int* m, sp_int* r); + +MP_API int sp_mont_red(sp_int* a, sp_int* m, sp_int_digit mp); +MP_API int sp_mont_setup(sp_int* m, sp_int_digit* rho); +MP_API int sp_mont_norm(sp_int* norm, sp_int* m); + +MP_API int sp_unsigned_bin_size(const sp_int* a); +MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz); +MP_API int sp_to_unsigned_bin(sp_int* a, byte* out); +MP_API int sp_to_unsigned_bin_len(sp_int* a, byte* out, int outSz); +#ifdef WOLFSSL_SP_MATH_ALL +MP_API int sp_to_unsigned_bin_at_pos(int o, sp_int* a, unsigned char* out); +#endif + +MP_API int sp_read_radix(sp_int* a, const char* in, int radix); +MP_API int sp_tohex(sp_int* a, char* str); +MP_API int sp_todecimal(mp_int* a, char* str); +#if defined(WOLFSSL_SP_MATH_ALL) || defined(WC_MP_TO_RADIX) +MP_API int sp_toradix(mp_int* a, char* str, int radix); +MP_API int sp_radix_size(mp_int* a, int radix, int* size); +#endif + +MP_API int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap); MP_API int sp_prime_is_prime(mp_int* a, int t, int* result); MP_API int sp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng); -MP_API int sp_exch(sp_int* a, sp_int* b); -MP_API int sp_get_digit_count(sp_int *a); -MP_API int sp_init_copy (sp_int * a, sp_int * b); -MP_API void sp_rshb(sp_int* a, int n, sp_int* r); -MP_API int sp_mul_d(sp_int* a, sp_int_digit n, sp_int* r); +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) +MP_API int sp_gcd(sp_int* a, sp_int* b, sp_int* r); +#endif +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(WC_RSA_BLINDING) +MP_API int sp_lcm(sp_int* a, sp_int* b, sp_int* r); +#endif + +WOLFSSL_API word32 CheckRunTimeFastMath(void); -#define MP_NO 0 -#define MP_YES 1 +/* Map mp functions to SP math versions. */ +/* Different name or signature. */ +#define mp_mul_2(a, r) sp_mul_2d(a, 1, r) +#define mp_div_3(a, r, rem) sp_div_d(a, 3, r, rem) +#define mp_rshb(A,x) sp_rshb(A,x,A) +#define mp_is_bit_set(a,b) sp_is_bit_set(a,(unsigned int)b) +#define mp_montgomery_reduce sp_mont_red +#define mp_montgomery_setup sp_mont_setup +#define mp_montgomery_calc_normalization sp_mont_norm -#define MP_RADIX_HEX 16 +/* Macros mappings. */ +#define mp_isodd sp_isodd +#define mp_iseven sp_iseven +#define mp_iszero sp_iszero +#define mp_isone sp_isone +#define mp_isword sp_isword +#define mp_abs sp_abs +#define mp_isneg sp_isneg +#define mp_clamp sp_clamp -#define MP_GT 1 -#define MP_EQ 0 -#define MP_LT -1 +/* One to one mappings. */ +#define mp_init sp_init +#define mp_init_size sp_init_size +#define mp_init_multi sp_init_multi +#define mp_free sp_free +#define mp_grow sp_grow +#define mp_zero sp_zero +#define mp_clear sp_clear +#define mp_forcezero sp_forcezero +#define mp_copy sp_copy +#define mp_init_copy sp_init_copy +#define mp_exch sp_exch +#define mp_cond_swap_ct sp_cond_swap_ct +#define mp_cmp_mag sp_cmp_mag +#define mp_cmp sp_cmp +#define mp_count_bits sp_count_bits +#define mp_cnt_lsb sp_cnt_lsb +#define mp_leading_bit sp_leading_bit +#define mp_set_bit sp_set_bit +#define mp_2expt sp_2expt +#define mp_set sp_set +#define mp_set_int sp_set_int +#define mp_cmp_d sp_cmp_d +#define mp_add_d sp_add_d +#define mp_sub_d sp_sub_d +#define mp_mul_d sp_mul_d +#define mp_div_d sp_div_d +#define mp_mod_d sp_mod_d +#define mp_div_2_mod_ct sp_div_2_mod_ct +#define mp_div_2 sp_div_2 +#define mp_add sp_add +#define mp_sub sp_sub +#define mp_addmod sp_addmod +#define mp_submod sp_submod +#define mp_addmod_ct sp_addmod_ct +#define mp_submod_ct sp_submod_ct +#define mp_lshd sp_lshd +#define mp_rshd sp_rshd +#define mp_div sp_div +#define mp_mod sp_mod +#define mp_mul sp_mul +#define mp_mulmod sp_mulmod +#define mp_invmod sp_invmod +#define mp_invmod_mont_ct sp_invmod_mont_ct +#define mp_exptmod_ex sp_exptmod_ex +#define mp_exptmod sp_exptmod +#define mp_exptmod_nct sp_exptmod_nct +#define mp_div_2d sp_div_2d +#define mp_mod_2d sp_mod_2d +#define mp_mul_2d sp_mul_2d +#define mp_sqr sp_sqr +#define mp_sqrmod sp_sqrmod -#define MP_OKAY 0 -#define MP_MEM -2 -#define MP_VAL -3 -#define FP_WOULDBLOCK -4 +#define mp_unsigned_bin_size sp_unsigned_bin_size +#define mp_read_unsigned_bin sp_read_unsigned_bin +#define mp_to_unsigned_bin sp_to_unsigned_bin +#define mp_to_unsigned_bin_len sp_to_unsigned_bin_len +#define mp_to_unsigned_bin_at_pos sp_to_unsigned_bin_at_pos +#define mp_read_radix sp_read_radix +#define mp_tohex sp_tohex +#define mp_todecimal sp_todecimal +#define mp_toradix sp_toradix +#define mp_radix_size sp_radix_size -#define DIGIT_BIT SP_WORD_SIZE -#define MP_MASK SP_MASK +#define mp_rand_prime sp_rand_prime +#define mp_prime_is_prime sp_prime_is_prime +#define mp_prime_is_prime_ex sp_prime_is_prime_ex +#define mp_gcd sp_gcd +#define mp_lcm sp_lcm -#define CheckFastMathSettings() 1 +#ifdef WOLFSSL_DEBUG_MATH +#define mp_dump(d, a, v) sp_print(a, d) +#endif -#define mp_free sp_free - -#define mp_isodd sp_isodd -#define mp_iseven sp_iseven -#define mp_iszero sp_iszero -#define mp_isone sp_isone -#define mp_abs sp_abs - -#define mp_init sp_init -#define mp_init_multi sp_init_multi -#define mp_clear sp_clear -#define mp_read_unsigned_bin sp_read_unsigned_bin -#define mp_unsigned_bin_size sp_unsigned_bin_size -#define mp_read_radix sp_read_radix -#define mp_cmp sp_cmp -#define mp_count_bits sp_count_bits -#define mp_leading_bit sp_leading_bit -#define mp_to_unsigned_bin sp_to_unsigned_bin -#define mp_to_unsigned_bin_len sp_to_unsigned_bin_len -#define mp_forcezero sp_forcezero -#define mp_copy sp_copy -#define mp_set sp_set -#define mp_clamp sp_clamp -#define mp_grow sp_grow -#define mp_sub_d sp_sub_d -#define mp_cmp_d sp_cmp_d -#define mp_sub sp_sub -#define mp_mod sp_mod -#define mp_zero sp_zero -#define mp_add_d sp_add_d -#define mp_lshd sp_lshd -#define mp_add sp_add -#define mp_set_int sp_set_int -#define mp_tohex sp_tohex -#define mp_set_bit sp_set_bit -#define mp_2expt sp_2expt -#define mp_rand_prime sp_rand_prime -#define mp_mul sp_mul -#define mp_mulmod sp_mulmod -#define mp_gcd sp_gcd -#define mp_invmod sp_invmod -#define mp_lcm sp_lcm -#define mp_exptmod sp_exptmod -#define mp_exptmod_nct sp_exptmod -#define mp_prime_is_prime sp_prime_is_prime -#define mp_prime_is_prime_ex sp_prime_is_prime_ex -#define mp_exch sp_exch -#define get_digit_count sp_get_digit_count -#define mp_init_copy sp_init_copy -#define mp_rshb(A,x) sp_rshb(A,x,A) -#define mp_mul_d sp_mul_d +#endif /* WOLFSSL_SP_MATH || WOLFSSL_SP_MATH_ALL */ +#ifdef __cplusplus +} /* extern "C" */ #endif #endif /* WOLF_CRYPT_SP_H */ - diff --git a/source/libwolfssl/wolfcrypt/srp.h b/source/libwolfssl/wolfcrypt/srp.h index a03645cc..d5b9d181 100644 --- a/source/libwolfssl/wolfcrypt/srp.h +++ b/source/libwolfssl/wolfcrypt/srp.h @@ -1,6 +1,6 @@ /* srp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -28,11 +28,11 @@ #ifndef WOLFCRYPT_SRP_H #define WOLFCRYPT_SRP_H -#include -#include -#include -#include -#include +#include +#include +#include +#include +#include #ifdef __cplusplus extern "C" { @@ -246,7 +246,7 @@ WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size); * * The public ephemeral value is known as: * A at the client side. A = g ^ a % N - * B at the server side. B = (k * v + (g ˆ b % N)) % N + * B at the server side. B = (k * v + (g ^ b % N)) % N * This function MUST be called after wc_SrpSetPassword or wc_SrpSetVerifier. * * @param[in,out] srp the Srp structure. diff --git a/source/libwolfssl/wolfcrypt/tfm.h b/source/libwolfssl/wolfcrypt/tfm.h index f328f24b..1f080762 100644 --- a/source/libwolfssl/wolfcrypt/tfm.h +++ b/source/libwolfssl/wolfcrypt/tfm.h @@ -1,6 +1,6 @@ /* tfm.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -39,12 +39,12 @@ #ifndef WOLF_CRYPT_TFM_H #define WOLF_CRYPT_TFM_H -#include +#include #ifndef CHAR_BIT #include #endif -#include +#include #ifdef __cplusplus extern "C" { @@ -70,7 +70,12 @@ #define TFM_X86_64 #endif #endif -#if defined(TFM_X86_64) +#if defined(__aarch64__) && defined(__APPLE__) + #if !defined(TFM_AARCH_64) && !defined(TFM_NO_ASM) + #define TFM_AARCH_64 + #endif +#endif +#if defined(TFM_X86_64) || defined(TFM_AARCH_64) #if !defined(FP_64BIT) #define FP_64BIT #endif @@ -334,7 +339,7 @@ typedef fp_int mp_int; /* wolf big int and common functions */ -#include +#include /* externally define this symbol to ignore the default settings, useful for changing the build from the make process */ @@ -422,13 +427,16 @@ MP_API void fp_free(fp_int* a); /* zero/one/even/odd/neg/word ? */ #define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO) #define fp_isone(a) \ - ((((a)->used == 1) && ((a)->dp[0] == 1)) ? FP_YES : FP_NO) -#define fp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? FP_YES : FP_NO) -#define fp_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? FP_YES : FP_NO) -#define fp_isneg(a) (((a)->sign != 0) ? FP_YES : FP_NO) -#define fp_isword(a, w) \ - ((((a)->used == 1) && ((a)->dp[0] == w)) || ((w == 0) && ((a)->used == 0)) \ + ((((a)->used == 1) && ((a)->dp[0] == 1) && ((a)->sign == FP_ZPOS)) \ ? FP_YES : FP_NO) +#define fp_iseven(a) \ + (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? FP_YES : FP_NO) +#define fp_isodd(a) \ + (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? FP_YES : FP_NO) +#define fp_isneg(a) (((a)->sign != FP_ZPOS) ? FP_YES : FP_NO) +#define fp_isword(a, w) \ + (((((a)->used == 1) && ((a)->dp[0] == w)) || \ + ((w == 0) && ((a)->used == 0))) ? FP_YES : FP_NO) /* set to a small digit */ void fp_set(fp_int *a, fp_digit b); @@ -440,7 +448,7 @@ int fp_is_bit_set(fp_int *a, fp_digit b); int fp_set_bit (fp_int * a, fp_digit b); /* copy from a to b */ -void fp_copy(fp_int *a, fp_int *b); +void fp_copy(const fp_int *a, fp_int *b); void fp_init_copy(fp_int *a, fp_int *b); /* clamp digits */ @@ -643,19 +651,15 @@ int fp_exptmod_nb(exptModNb_t* nb, fp_int* G, fp_int* X, fp_int* P, fp_int* Y); /*int fp_prime_random_ex(fp_int *a, int t, int size, int flags, tfm_prime_callback cb, void *dat);*/ /* radix conversions */ -int fp_count_bits(fp_int *a); +int fp_count_bits(const fp_int *a); int fp_leading_bit(fp_int *a); -int fp_unsigned_bin_size(fp_int *a); +int fp_unsigned_bin_size(const fp_int *a); int fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c); int fp_to_unsigned_bin(fp_int *a, unsigned char *b); int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c); int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b); -/*int fp_signed_bin_size(fp_int *a);*/ -/*void fp_read_signed_bin(fp_int *a, const unsigned char *b, int c);*/ -/*void fp_to_signed_bin(fp_int *a, unsigned char *b);*/ - /*int fp_read_radix(fp_int *a, char *str, int radix);*/ /*int fp_toradix(fp_int *a, char *str, int radix);*/ /*int fp_toradix_n(fp_int * a, char *str, int radix, int maxlen);*/ @@ -771,17 +775,17 @@ MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d); MP_API int mp_cmp(mp_int *a, mp_int *b); MP_API int mp_cmp_d(mp_int *a, mp_digit b); -MP_API int mp_unsigned_bin_size(mp_int * a); +MP_API int mp_unsigned_bin_size(const mp_int * a); MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c); MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b); MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b); MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c); MP_API int mp_sub_d(fp_int *a, fp_digit b, fp_int *c); -MP_API int mp_copy(fp_int* a, fp_int* b); +MP_API int mp_copy(const fp_int* a, fp_int* b); MP_API int mp_isodd(mp_int* a); MP_API int mp_iszero(mp_int* a); -MP_API int mp_count_bits(mp_int *a); +MP_API int mp_count_bits(const mp_int *a); MP_API int mp_leading_bit(mp_int *a); MP_API int mp_set_int(mp_int *a, unsigned long b); MP_API int mp_is_bit_set (mp_int * a, mp_digit b); diff --git a/source/libwolfssl/wolfcrypt/types.h b/source/libwolfssl/wolfcrypt/types.h index 50304576..da4435d3 100644 --- a/source/libwolfssl/wolfcrypt/types.h +++ b/source/libwolfssl/wolfcrypt/types.h @@ -1,6 +1,6 @@ /* types.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -48,8 +48,14 @@ decouple library dependencies with standard string, memory and so on. * (with minimal depencencies). */ #if defined(HAVE_EX_DATA) || defined(FORTRESS) + #ifdef HAVE_EX_DATA_CLEANUP_HOOKS + typedef void (*wolfSSL_ex_data_cleanup_routine_t)(void *data); + #endif typedef struct WOLFSSL_CRYPTO_EX_DATA { void* ex_data[MAX_EX_DATA]; + #ifdef HAVE_EX_DATA_CLEANUP_HOOKS + wolfSSL_ex_data_cleanup_routine_t ex_data_cleanup_routines[MAX_EX_DATA]; + #endif } WOLFSSL_CRYPTO_EX_DATA; #endif @@ -64,12 +70,18 @@ decouple library dependencies with standard string, memory and so on. #ifndef WOLFSSL_TYPES #ifndef byte typedef unsigned char byte; + typedef signed char sword8; + typedef unsigned char word8; #endif #ifdef WC_16BIT_CPU + typedef int sword16; typedef unsigned int word16; + typedef long sword32; typedef unsigned long word32; #else + typedef short sword16; typedef unsigned short word16; + typedef int sword32; typedef unsigned int word32; #endif typedef byte word24[3]; @@ -86,12 +98,16 @@ decouple library dependencies with standard string, memory and so on. /* try to set SIZEOF_LONG or SIZEOF_LONG_LONG if user didn't */ #if defined(_MSC_VER) || defined(HAVE_LIMITS_H) - #if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG) + /* make sure both SIZEOF_LONG_LONG and SIZEOF_LONG are set, + * otherwise causes issues with CTC_SETTINGS */ + #if !defined(SIZEOF_LONG_LONG) || !defined(SIZEOF_LONG) #include - #if defined(ULONG_MAX) && (ULONG_MAX == 0xffffffffUL) + #if !defined(SIZEOF_LONG) && defined(ULONG_MAX) && \ + (ULONG_MAX == 0xffffffffUL) #define SIZEOF_LONG 4 #endif - #if defined(ULLONG_MAX) && (ULLONG_MAX == 0xffffffffffffffffULL) + #if !defined(SIZEOF_LONG_LONG) && defined(ULLONG_MAX) && \ + (ULLONG_MAX == 0xffffffffffffffffULL) #define SIZEOF_LONG_LONG 8 #endif #endif @@ -114,32 +130,36 @@ decouple library dependencies with standard string, memory and so on. #if defined(_MSC_VER) || defined(__BCPLUSPLUS__) #define WORD64_AVAILABLE #define W64LIT(x) x##ui64 + typedef __int64 sword64; typedef unsigned __int64 word64; #elif defined(__EMSCRIPTEN__) #define WORD64_AVAILABLE #define W64LIT(x) x##ull + typedef long long sword64; typedef unsigned long long word64; #elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL + typedef long sword64; typedef unsigned long word64; #elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL + typedef long long sword64; typedef unsigned long long word64; #elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL + typedef long long sword64; typedef unsigned long long word64; #endif -#if !defined(NO_64BIT) && defined(WORD64_AVAILABLE) && !defined(WC_16BIT_CPU) +#if defined(WORD64_AVAILABLE) && !defined(WC_16BIT_CPU) /* These platforms have 64-bit CPU registers. */ #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \ defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \ defined(__aarch64__) || defined(__sparc64__) || defined(__s390x__ ) || \ - (defined(__riscv_xlen) && (__riscv_xlen == 64)) - typedef word64 wolfssl_word; + (defined(__riscv_xlen) && (__riscv_xlen == 64)) || defined(_M_ARM64) #define WC_64BIT_CPU #elif (defined(sun) || defined(__sun)) && \ (defined(LP64) || defined(_LP64)) @@ -147,12 +167,22 @@ decouple library dependencies with standard string, memory and so on. * and int uses 32 bits. When using Solaris Studio sparc and __sparc are * available for 32 bit detection but __sparc64__ could be missed. This * uses LP64 for checking 64 bit CPU arch. */ - typedef word64 wolfssl_word; #define WC_64BIT_CPU #else - typedef word32 wolfssl_word; - #ifdef WORD64_AVAILABLE - #define WOLFCRYPT_SLOW_WORD64 + #define WC_32BIT_CPU + #endif + + #if defined(NO_64BIT) + typedef word32 wolfssl_word; + #undef WORD64_AVAILABLE + #else + #ifdef WC_64BIT_CPU + typedef word64 wolfssl_word; + #else + typedef word32 wolfssl_word; + #ifdef WORD64_AVAILABLE + #define WOLFCRYPT_SLOW_WORD64 + #endif #endif #endif @@ -169,6 +199,16 @@ decouple library dependencies with standard string, memory and so on. mp_digit, no 64 bit type so make mp_digit 16 bit */ #endif +#ifdef WC_PTR_TYPE /* Allow user suppied type */ + typedef WC_PTR_TYPE wc_ptr_t; +#elif defined(HAVE_UINTPTR_T) + #include + typedef uintptr_t wc_ptr_t; +#else /* fallback to architecture size_t for pointer size */ + #include /* included for getting size_t type */ + typedef size_t wc_ptr_t; +#endif + enum { WOLFSSL_WORD_SIZE = sizeof(wolfssl_word), WOLFSSL_BIT_SIZE = 8, @@ -198,6 +238,8 @@ decouple library dependencies with standard string, memory and so on. #else #define WC_INLINE inline #endif + #elif defined(__CCRX__) + #define WC_INLINE inline #else #define WC_INLINE #endif @@ -223,6 +265,8 @@ decouple library dependencies with standard string, memory and so on. #elif defined(__MWERKS__) && TARGET_CPU_PPC #define PPC_INTRINSICS #define FAST_ROTATE + #elif defined(__CCRX__) + #define FAST_ROTATE #elif defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) /* GCC does peephole optimizations which should result in using rotate instructions */ @@ -245,22 +289,23 @@ decouple library dependencies with standard string, memory and so on. #define THREAD_LS_T #endif - /* GCC 7 has new switch() fall-through detection */ - /* default to FALL_THROUGH stub */ #ifndef FALL_THROUGH - #define FALL_THROUGH - - #if defined(__GNUC__) - #if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1))) - #undef FALL_THROUGH - #if defined(WOLFSSL_LINUXKM) && defined(fallthrough) - #define FALL_THROUGH fallthrough - #else - #define FALL_THROUGH __attribute__ ((fallthrough)); + /* GCC 7 has new switch() fall-through detection */ + #if defined(__GNUC__) + #if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1))) + #if defined(WOLFSSL_LINUXKM) && defined(fallthrough) + #define FALL_THROUGH fallthrough + #else + #define FALL_THROUGH ; __attribute__ ((fallthrough)) + #endif #endif #endif - #endif #endif /* FALL_THROUGH */ + #if !defined(FALL_THROUGH) || defined(__XC32) + /* use stub for fall through by default or for Microchip compiler */ + #undef FALL_THROUGH + #define FALL_THROUGH + #endif /* Micrium will use Visual Studio for compilation but not the Win32 API */ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \ @@ -282,7 +327,7 @@ decouple library dependencies with standard string, memory and so on. #elif (defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_INTEL_QA)) || \ defined(HAVE_INTEL_QA_SYNC) #ifndef HAVE_INTEL_QA_SYNC - #include + #include #undef USE_WOLFSSL_MEMORY #ifdef WOLFSSL_DEBUG_MEMORY #define XMALLOC(s, h, t) IntelQaMalloc((s), (h), (t), __func__, __LINE__) @@ -294,7 +339,7 @@ decouple library dependencies with standard string, memory and so on. #define XREALLOC(p, n, h, t) IntelQaRealloc((p), (n), (h), (t)) #endif /* WOLFSSL_DEBUG_MEMORY */ #else - #include + #include #undef USE_WOLFSSL_MEMORY #ifdef WOLFSSL_DEBUG_MEMORY #define XMALLOC(s, h, t) wc_CryptoCb_IntelQaMalloc((s), (h), (t), __func__, __LINE__) @@ -399,15 +444,7 @@ decouple library dependencies with standard string, memory and so on. #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_SMALL_STACK) #define DECLARE_VAR_IS_HEAP_ALLOC #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ - VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); - #define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \ - VAR_TYPE* VAR_NAME = ({ \ - VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \ - if (ptr && INIT_VALUE) { \ - XMEMCPY(ptr, INIT_VALUE, sizeof(VAR_TYPE) * VAR_SIZE); \ - } \ - ptr; \ - }) + VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT) #define DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ VAR_TYPE* VAR_NAME[VAR_ITEMS]; \ int idx##VAR_NAME, inner_idx_##VAR_NAME; \ @@ -440,8 +477,6 @@ decouple library dependencies with standard string, memory and so on. #undef DECLARE_VAR_IS_HEAP_ALLOC #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ VAR_TYPE VAR_NAME[VAR_SIZE] - #define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \ - VAR_TYPE* VAR_NAME = (VAR_TYPE*)INIT_VALUE #define DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ VAR_TYPE VAR_NAME[VAR_ITEMS][VAR_SIZE] #define FREE_VAR(VAR_NAME, HEAP) /* nothing to free, its stack */ @@ -493,11 +528,12 @@ decouple library dependencies with standard string, memory and so on. #define XSTRLEN(s1) strlen((s1)) #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n)) - /* strstr, strncmp, and strncat only used by wolfSSL proper, + /* strstr, strncmp, strcmp, and strncat only used by wolfSSL proper, * not required for wolfCrypt only */ #define XSTRSTR(s1,s2) strstr((s1),(s2)) #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n)) #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n)) + #define XSTRCMP(s1,s2) strcmp((s1),(s2)) #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n)) #ifdef USE_WOLF_STRSEP @@ -520,6 +556,8 @@ decouple library dependencies with standard string, memory and so on. #endif #if defined(WOLFSSL_DEOS) #define XSTRNCASECMP(s1,s2,n) strnicmp((s1),(s2),(n)) + #elif defined(WOLFSSL_CMSIS_RTOSv2) + #define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n)) #else #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n)) #endif @@ -550,17 +588,17 @@ decouple library dependencies with standard string, memory and so on. { va_list ap; int ret; - + if ((int)n <= 0) return -1; - + va_start(ap, format); - - ret = vsnprintf(s, n, format, ap); + + ret = XVSNPRINTF(s, n, format, ap); if (ret < 0) ret = -1; - + va_end(ap); - + return ret; } #define XSNPRINTF _xsnprintf_ @@ -591,7 +629,7 @@ decouple library dependencies with standard string, memory and so on. if ((int)bufsize <= 0) return -1; va_start(ap, format); - ret = vsnprintf(buffer, bufsize, format, ap); + ret = XVSNPRINTF(buffer, bufsize, format, ap); if (ret >= (int)bufsize) ret = -1; va_end(ap); @@ -647,9 +685,14 @@ decouple library dependencies with standard string, memory and so on. #include #endif #if defined(HAVE_ECC) || defined(HAVE_OCSP) || \ - defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA) + defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA) || \ + defined(OPENSSL_EXTRA) #define XTOUPPER(c) toupper((c)) - #define XISALPHA(c) isalpha((c)) + #endif + #ifdef OPENSSL_ALL + #define XISALNUM(c) isalnum((c)) + #define XISASCII(c) isascii((c)) + #define XISSPACE(c) isspace((c)) #endif /* needed by wolfSSL_check_domain_name() */ #define XTOLOWER(c) tolower((c)) @@ -750,6 +793,8 @@ decouple library dependencies with standard string, memory and so on. DYNAMIC_TYPE_NAME_ENTRY = 90, DYNAMIC_TYPE_CURVE448 = 91, DYNAMIC_TYPE_ED448 = 92, + DYNAMIC_TYPE_AES = 93, + DYNAMIC_TYPE_CMAC = 94, DYNAMIC_TYPE_SNIFFER_SERVER = 1000, DYNAMIC_TYPE_SNIFFER_SESSION = 1001, DYNAMIC_TYPE_SNIFFER_PB = 1002, @@ -778,13 +823,15 @@ decouple library dependencies with standard string, memory and so on. WC_ALGO_TYPE_RNG = 4, WC_ALGO_TYPE_SEED = 5, WC_ALGO_TYPE_HMAC = 6, + WC_ALGO_TYPE_CMAC = 7, - WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_HMAC + WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_CMAC }; /* hash types */ enum wc_HashType { - #if defined(HAVE_SELFTEST) || defined(HAVE_FIPS) + #if defined(HAVE_SELFTEST) || defined(HAVE_FIPS) && \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2)) /* In selftest build, WC_* types are not mapped to WC_HASH_TYPE types. * Values here are based on old selftest hmac.h enum, with additions. * These values are fixed for backwards FIPS compatibility */ @@ -854,12 +901,18 @@ decouple library dependencies with standard string, memory and so on. WC_PK_TYPE_ECDH = 3, WC_PK_TYPE_ECDSA_SIGN = 4, WC_PK_TYPE_ECDSA_VERIFY = 5, - WC_PK_TYPE_ED25519 = 6, + WC_PK_TYPE_ED25519_SIGN = 6, WC_PK_TYPE_CURVE25519 = 7, WC_PK_TYPE_RSA_KEYGEN = 8, WC_PK_TYPE_EC_KEYGEN = 9, - - WC_PK_TYPE_MAX = WC_PK_TYPE_EC_KEYGEN + WC_PK_TYPE_RSA_CHECK_PRIV_KEY = 10, + WC_PK_TYPE_EC_CHECK_PRIV_KEY = 11, + WC_PK_TYPE_ED448 = 12, + WC_PK_TYPE_CURVE448 = 13, + WC_PK_TYPE_ED25519_VERIFY = 14, + WC_PK_TYPE_ED25519_KEYGEN = 15, + WC_PK_TYPE_CURVE25519_KEYGEN = 16, + WC_PK_TYPE_MAX = WC_PK_TYPE_CURVE25519_KEYGEN }; @@ -902,6 +955,12 @@ decouple library dependencies with standard string, memory and so on. * Xilinx RSA operations require alignment */ #if defined(WOLFSSL_AESNI) || defined(WOLFSSL_ARMASM) || \ defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_AFALG_XILINX) + #ifndef WOLFSSL_USE_ALIGN + #define WOLFSSL_USE_ALIGN + #endif + #endif /* WOLFSSL_AESNI || WOLFSSL_ARMASM || USE_INTEL_SPEEDUP || WOLFSSL_AFALG_XILINX */ + + #ifdef WOLFSSL_USE_ALIGN #if !defined(ALIGN16) #if defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__) #define ALIGN16 __attribute__ ( (aligned (16))) @@ -974,7 +1033,15 @@ decouple library dependencies with standard string, memory and so on. #ifndef ALIGN256 #define ALIGN256 #endif - #endif /* WOLFSSL_AESNI || WOLFSSL_ARMASM */ + #endif /* WOLFSSL_USE_ALIGN */ + + #if !defined(PEDANTIC_EXTENSION) + #if defined(__GNUC__) + #define PEDANTIC_EXTENSION __extension__ + #else + #define PEDANTIC_EXTENSION + #endif + #endif /* !PEDANTIC_EXTENSION */ #ifndef TRUE @@ -1022,6 +1089,14 @@ decouple library dependencies with standard string, memory and so on. #define WC_MP_TO_RADIX #endif + #if defined(__GNUC__) && __GNUC__ > 5 + #define PRAGMA_GCC_IGNORE(str) _Pragma(str); + #define PRAGMA_GCC_POP _Pragma("GCC diagnostic pop"); + #else + #define PRAGMA_GCC_IGNORE(str) + #define PRAGMA_GCC_POP + #endif + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libwolfssl/wolfcrypt/visibility.h b/source/libwolfssl/wolfcrypt/visibility.h index 8ed57fb9..46a31a44 100644 --- a/source/libwolfssl/wolfcrypt/visibility.h +++ b/source/libwolfssl/wolfcrypt/visibility.h @@ -1,6 +1,6 @@ /* visibility.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -43,7 +43,8 @@ */ #if defined(BUILDING_WOLFSSL) - #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) + #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) || \ + defined(_WIN32_WCE) #if defined(WOLFSSL_DLL) #define WOLFSSL_API __declspec(dllexport) #else @@ -61,7 +62,8 @@ #define WOLFSSL_LOCAL #endif /* HAVE_VISIBILITY */ #else /* BUILDING_WOLFSSL */ - #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) + #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) || \ + defined(_WIN32_WCE) #if defined(WOLFSSL_DLL) #define WOLFSSL_API __declspec(dllimport) #else diff --git a/source/libwolfssl/wolfcrypt/wc_encrypt.h b/source/libwolfssl/wolfcrypt/wc_encrypt.h index 5f1524f7..71487fba 100644 --- a/source/libwolfssl/wolfcrypt/wc_encrypt.h +++ b/source/libwolfssl/wolfcrypt/wc_encrypt.h @@ -1,6 +1,6 @@ /* wc_encrypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,18 +27,18 @@ #ifndef WOLF_CRYPT_ENCRYPT_H #define WOLF_CRYPT_ENCRYPT_H -#include +#include #ifndef NO_AES - #include + #include #endif #ifdef HAVE_CHACHA - #include + #include #endif #ifndef NO_DES3 - #include + #include #endif #ifndef NO_RC4 - #include + #include #endif #ifdef __cplusplus @@ -60,6 +60,22 @@ #endif +#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ + (HAVE_FIPS_VERSION <= 2)) || (defined(HAVE_SELFTEST) && \ + (!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2))) + /* In FIPS cert 3389 and CAVP selftest v1 build, these enums are + * not in aes.h. Define them here outside the fips boundary. + */ + #ifndef GCM_NONCE_MID_SZ + /* The usual default nonce size for AES-GCM. */ + #define GCM_NONCE_MID_SZ 12 + #endif + #ifndef CCM_NONCE_MIN_SZ + #define CCM_NONCE_MIN_SZ 7 + #endif +#endif + + #if !defined(NO_AES) && defined(HAVE_AES_CBC) WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz, const byte* key, word32 keySz, diff --git a/source/libwolfssl/wolfcrypt/wc_pkcs11.h b/source/libwolfssl/wolfcrypt/wc_pkcs11.h index 7c4066f3..65bf50a6 100644 --- a/source/libwolfssl/wolfcrypt/wc_pkcs11.h +++ b/source/libwolfssl/wolfcrypt/wc_pkcs11.h @@ -1,6 +1,6 @@ /* wc_pkcs11.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,7 +22,7 @@ #ifndef _WOLFPKCS11_H_ #define _WOLFPKCS11_H_ -#include +#include #ifdef HAVE_PKCS11 @@ -30,8 +30,8 @@ #error PKCS11 support requires ./configure --enable-cryptocb or WOLF_CRYPTO_CB to be defined #endif -#include -#include +#include +#include #ifdef __cplusplus extern "C" { @@ -67,7 +67,6 @@ enum Pkcs11KeyType { PKCS11_KEY_TYPE_EC, }; - WOLFSSL_API int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library, void* heap); WOLFSSL_API void wc_Pkcs11_Finalize(Pkcs11Dev* dev); diff --git a/source/libwolfssl/wolfcrypt/wc_port.h b/source/libwolfssl/wolfcrypt/wc_port.h index d5225309..5f84d3a5 100644 --- a/source/libwolfssl/wolfcrypt/wc_port.h +++ b/source/libwolfssl/wolfcrypt/wc_port.h @@ -1,6 +1,6 @@ /* wc_port.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -81,6 +81,11 @@ _Pragma("GCC diagnostic ignored \"-Wsign-compare\""); _Pragma("GCC diagnostic ignored \"-Wpointer-sign\""); _Pragma("GCC diagnostic ignored \"-Wbad-function-cast\""); + _Pragma("GCC diagnostic ignored \"-Wdiscarded-qualifiers\""); + _Pragma("GCC diagnostic ignored \"-Wtype-limits\""); + + /* suppress inclusion of stdint-gcc.h to avoid conflicts with Linux native include/linux/types.h: */ + #define _GCC_STDINT_H #include #include @@ -88,6 +93,7 @@ #include #include #include + #include #ifndef SINGLE_THREADED #include #endif @@ -99,19 +105,52 @@ #else #include #endif - #define SAVE_VECTOR_REGISTERS() kernel_fpu_begin() - #define RESTORE_VECTOR_REGISTERS() kernel_fpu_end() + #ifndef SAVE_VECTOR_REGISTERS + #define SAVE_VECTOR_REGISTERS() kernel_fpu_begin() + #endif + #ifndef RESTORE_VECTOR_REGISTERS + #define RESTORE_VECTOR_REGISTERS() kernel_fpu_end() + #endif #elif defined(WOLFSSL_ARMASM) #include - #define SAVE_VECTOR_REGISTERS() ({ preempt_disable(); fpsimd_preserve_current_state(); }) - #define RESTORE_VECTOR_REGISTERS() ({ fpsimd_restore_current_state(); preempt_enable(); }) + #ifndef SAVE_VECTOR_REGISTERS + #define SAVE_VECTOR_REGISTERS() ({ preempt_disable(); fpsimd_preserve_current_state(); }) + #endif + #ifndef RESTORE_VECTOR_REGISTERS + #define RESTORE_VECTOR_REGISTERS() ({ fpsimd_restore_current_state(); preempt_enable(); }) + #endif #else - #define SAVE_VECTOR_REGISTERS() ({}) - #define RESTORE_VECTOR_REGISTERS() ({}) + #ifndef SAVE_VECTOR_REGISTERS + #define SAVE_VECTOR_REGISTERS() ({}) + #endif + #ifndef RESTORE_VECTOR_REGISTERS + #define RESTORE_VECTOR_REGISTERS() ({}) + #endif #endif _Pragma("GCC diagnostic pop"); + /* Linux headers define these using C expressions, but we need + * them to be evaluable by the preprocessor, for use in sp_int.h. + */ + _Static_assert(sizeof(ULONG_MAX) == 8, "WOLFSSL_LINUXKM supported only on targets with 64 bit long words."); + #undef UCHAR_MAX + #define UCHAR_MAX 255 + #undef USHRT_MAX + #define USHRT_MAX 65535 + #undef UINT_MAX + #define UINT_MAX 4294967295U + #undef ULONG_MAX + #define ULONG_MAX 18446744073709551615UL + #undef ULLONG_MAX + #define ULLONG_MAX ULONG_MAX + #undef INT_MAX + #define INT_MAX 2147483647 + #undef LONG_MAX + #define LONG_MAX 9223372036854775807L + #undef LLONG_MAX + #define LLONG_MAX LONG_MAX + /* remove this multifariously conflicting macro, picked up from * Linux arch//include/asm/current.h. */ @@ -122,9 +161,17 @@ */ #define _MM_MALLOC_H_INCLUDED +#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0) + /* kvmalloc()/kvfree() and friends added in linux commit a7c3e901 */ + #define malloc(x) kvmalloc(x, GFP_KERNEL) + #define free(x) kvfree(x) + void *lkm_realloc(void *ptr, size_t newsize); + #define realloc(x, y) lkm_realloc(x, y) +#else #define malloc(x) kmalloc(x, GFP_KERNEL) #define free(x) kfree(x) #define realloc(x,y) krealloc(x, y, GFP_KERNEL) +#endif /* min() and max() in linux/kernel.h over-aggressively type-check, producing * myriad spurious -Werrors throughout the codebase. @@ -157,8 +204,10 @@ #else /* ! WOLFSSL_LINUXKM */ - #ifdef BUILDING_WOLFSSL + #ifndef SAVE_VECTOR_REGISTERS #define SAVE_VECTOR_REGISTERS() do{}while(0) + #endif + #ifndef RESTORE_VECTOR_REGISTERS #define RESTORE_VECTOR_REGISTERS() do{}while(0) #endif @@ -193,6 +242,8 @@ /* do nothing, just don't pick Unix */ #elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS) /* do nothing */ +#elif defined(RTTHREAD) + /* do nothing */ #elif defined(EBSNET) /* do nothing */ #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) @@ -276,7 +327,11 @@ #endif #if (defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)) && \ !defined(NO_FILESYSTEM) - #include /* for close of BIO */ + #ifdef FUSION_RTOS + #include + #else + #include /* for close of BIO */ + #endif #endif #endif @@ -298,6 +353,9 @@ #include "FreeRTOS.h" #include "semphr.h" typedef SemaphoreHandle_t wolfSSL_Mutex; + #elif defined (RTTHREAD) + #include "rtthread.h" + typedef rt_mutex_t wolfSSL_Mutex; #elif defined(WOLFSSL_SAFERTOS) typedef struct wolfSSL_Mutex { signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES]; @@ -409,6 +467,11 @@ WOLFSSL_API int wc_SetMutexCb(mutex_cb* cb); WOLFSSL_API int wolfCrypt_Init(void); WOLFSSL_API int wolfCrypt_Cleanup(void); +#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE + WOLFSSL_API long wolfCrypt_heap_peakAllocs_checkpoint(void); + WOLFSSL_API long wolfCrypt_heap_peakBytes_checkpoint(void); +#endif + /* FILESYSTEM SECTION */ /* filesystem abstraction layer, used by ssl.c */ @@ -432,6 +495,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END VSEEK_END #define XBADFILE -1 #define XFGETS(b,s,f) -2 /* Not ported yet */ + #elif defined(LSR_FS) #include #define XFILE struct fs_file* @@ -444,7 +508,8 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XFCLOSE fs_close #define XSEEK_END 0 #define XBADFILE NULL - #define XFGETS(b,s,f) -2 /* Not ported yet */ + #define XFGETS(b,s,f) -2 /* Not ported yet */ + #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) #define XFILE MQX_FILE_PTR #define XFOPEN fopen @@ -457,11 +522,10 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END IO_SEEK_END #define XBADFILE NULL #define XFGETS fgets + #elif defined(WOLFSSL_DEOS) #define NO_FILESYSTEM #warning "TODO - DDC-I Certifiable Fast File System for Deos is not integrated" - //#define XFILE bfd * - #elif defined(MICRIUM) #include #define XFILE FS_FILE* @@ -475,6 +539,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END FS_SEEK_END #define XBADFILE NULL #define XFGETS(b,s,f) -2 /* Not ported yet */ + #elif defined(WOLFSSL_NUCLEUS_1_2) #include "fal/inc/fal.h" #define XFILE FILE* @@ -487,6 +552,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XFCLOSE fclose #define XSEEK_END PSEEK_END #define XBADFILE NULL + #elif defined(WOLFSSL_APACHE_MYNEWT) #include #define XFILE struct fs_file* @@ -501,6 +567,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END 2 #define XBADFILE NULL #define XFGETS(b,s,f) -2 /* Not ported yet */ + #elif defined(WOLFSSL_ZEPHYR) #include @@ -551,6 +618,57 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END 0 #define XBADFILE NULL #define XFGETS(b,s,f) f_gets((b), (s), (f)) +#elif defined (_WIN32_WCE) + /* stdio, WINCE case */ + #include + #define XFILE FILE* + #define XFOPEN fopen + #define XFDOPEN fdopen + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND(F) XFSEEK(F, 0, SEEK_SET) + #define XFREAD fread + #define XFWRITE fwrite + #define XFCLOSE fclose + #define XSEEK_END SEEK_END + #define XBADFILE NULL + #define XFGETS fgets + #define XVSNPRINTF _vsnprintf + +#elif defined(FUSION_RTOS) + #include + #include + #include + #include + #include + #include + #define XFILE FCL_FILE* + #define XFOPEN FCL_FOPEN + #define XFSEEK FCL_FSEEK + #define XFTELL FCL_FTELL + #define XREWIND FCL_REWIND + #define XFREAD FCL_FREAD + #define XFWRITE FCL_FWRITE + #define XFCLOSE FCL_FCLOSE + #define XSEEK_END SEEK_END + #define XBADFILE NULL + #define XFGETS FCL_FGETS + #define XFPUTS FCL_FPUTS + #define XFPRINTF FCL_FPRINTF + #define XVFPRINTF FCL_VFPRINTF + #define XVSNPRINTF FCL_VSNPRINTF + #define XSNPRINTF FCL_SNPRINTF + #define XSPRINTF FCL_SPRINTF + #define DIR FCL_DIR + #define stat FCL_STAT + #define opendir FCL_OPENDIR + #define closedir FCL_CLOSEDIR + #define readdir FCL_READDIR + #define dirent fclDirent + #define strncasecmp FCL_STRNCASECMP + + /* FUSION SPECIFIC ERROR CODE */ + #define FUSION_IO_SEND_E FCL_EWOULDBLOCK #elif defined(WOLFSSL_USER_FILESYSTEM) /* To be defined in user_settings.h */ @@ -564,6 +682,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #else #define XFOPEN fopen #endif + #define XFDOPEN fdopen #define XFSEEK fseek #define XFTELL ftell #define XREWIND rewind @@ -573,13 +692,61 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END SEEK_END #define XBADFILE NULL #define XFGETS fgets + #define XFPRINTF fprintf - #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\ + #if !defined(NO_WOLFSSL_DIR)\ && !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2) + #if defined(USE_WINDOWS_API) + #include + #define XSTAT _stat + #define XS_ISREG(s) (s & _S_IFREG) + #define SEPARATOR_CHAR ';' + + #elif defined(INTIME_RTOS) + #include + #define XSTAT _stat64 + #define XS_ISREG(s) S_ISREG(s) + #define SEPARATOR_CHAR ';' + #define XWRITE write + #define XREAD read + #define XCLOSE close + + #elif defined(WOLFSSL_ZEPHYR) + #define XSTAT fs_stat + #define XS_ISREG(s) (s == FS_DIR_ENTRY_FILE) + #define SEPARATOR_CHAR ':' + #elif defined(WOLFSSL_TELIT_M2MB) + #define XSTAT m2mb_fs_stat + #define XS_ISREG(s) (s & M2MB_S_IFREG) + #define SEPARATOR_CHAR ':' + #else #include #include #include + #define XWRITE write + #define XREAD read + #define XCLOSE close + #define XSTAT stat + #define XS_ISREG(s) S_ISREG(s) + #define SEPARATOR_CHAR ':' #endif + #endif +#endif + +/* Defaults, user may over-ride with user_settings.h or in a porting section + * above + */ +#ifndef XVFPRINTF + #define XVFPRINTF vfprintf +#endif +#ifndef XVSNPRINTF + #define XVSNPRINTF vsnprintf +#endif +#ifndef XFPUTS + #define XFPUTS fputs +#endif +#ifndef XSPRINTF + #define XSPRINTF sprintf #endif #ifndef MAX_FILENAME_SZ @@ -598,6 +765,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #ifdef USE_WINDOWS_API WIN32_FIND_DATAA FindFileData; HANDLE hFind; + struct XSTAT s; #elif defined(WOLFSSL_ZEPHYR) struct fs_dirent entry; struct fs_dir_t dir; @@ -608,10 +776,17 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); M2MB_DIR_T* dir; struct M2MB_DIRENT* entry; struct M2MB_STAT s; + #elif defined(INTIME_RTOS) + struct stat64 s; + struct _find64 FindFileData; + #define IntimeFindFirst(name, data) (0 == _findfirst64(name, data)) + #define IntimeFindNext(data) (0 == _findnext64(data)) + #define IntimeFindClose(data) (0 == _findclose64(data)) + #define IntimeFilename(ctx) ctx->FindFileData.f_filename #else struct dirent* entry; DIR* dir; - struct stat s; + struct XSTAT s; #endif char name[MAX_FILENAME_SZ]; } ReadDirCtx; @@ -622,6 +797,9 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); WOLFSSL_API int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name); WOLFSSL_API void wc_ReadDirClose(ReadDirCtx* ctx); #endif /* !NO_WOLFSSL_DIR */ + #define WC_ISFILEEXIST_NOFILE -1 + + WOLFSSL_API int wc_FileExists(const char* fname); #endif /* !NO_FILESYSTEM */ @@ -637,6 +815,10 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #endif /* max */ #endif /* USE_WINDOWS_API */ +#ifdef __QNXNTO__ + #define WOLFSSL_HAVE_MIN + #define WOLFSSL_HAVE_MAX +#endif /* TIME SECTION */ /* Time functions */ @@ -683,10 +865,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XGMTIME(c, t) rtpsys_gmtime((c)) #elif defined(WOLFSSL_DEOS) - #define XTIME(t1) deos_time((t1)) - #define WOLFSSL_GMTIME - #define USE_WOLF_TM - #define USE_WOLF_TIME_T + #include #elif defined(MICRIUM) #include @@ -738,9 +917,32 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #elif defined(_WIN32_WCE) #include + #include /* For file system */ + + time_t windows_time(time_t* timer); + + #define FindNextFileA(h, d) FindNextFile(h, (LPWIN32_FIND_DATAW) d) + #define FindFirstFileA(fn, d) FindFirstFile((LPCWSTR) fn, \ + (LPWIN32_FIND_DATAW) d) #define XTIME(t1) windows_time((t1)) #define WOLFSSL_GMTIME + /* if struct tm is not defined in WINCE SDK */ + #ifndef _TM_DEFINED + struct tm { + int tm_sec; /* seconds */ + int tm_min; /* minutes */ + int tm_hour; /* hours */ + int tm_mday; /* day of month (month specific) */ + int tm_mon; /* month */ + int tm_year; /* year */ + int tm_wday; /* day of week (out of 1-7)*/ + int tm_yday; /* day of year (out of 365) */ + int tm_isdst; /* is it daylight savings */ + }; + #define _TM_DEFINED + #endif + #elif defined(WOLFSSL_APACHE_MYNEWT) #include "os/os_time.h" #define XTIME(t1) mynewt_time((t1)) @@ -786,7 +988,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #ifdef BUILDING_WOLFSSL /* includes are all above, with incompatible warnings masked out. */ - #if LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0) + #if LINUX_VERSION_CODE < KERNEL_VERSION(5, 5, 0) typedef __kernel_time_t time_t; #else typedef __kernel_time64_t time_t; diff --git a/source/libwolfssl/wolfcrypt/wolfevent.h b/source/libwolfssl/wolfcrypt/wolfevent.h index dee5dcaa..83df5cfd 100644 --- a/source/libwolfssl/wolfcrypt/wolfevent.h +++ b/source/libwolfssl/wolfcrypt/wolfevent.h @@ -1,6 +1,6 @@ /* wolfevent.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,7 +27,7 @@ #endif #ifndef SINGLE_THREADED - #include + #include #endif typedef struct WOLF_EVENT WOLF_EVENT; diff --git a/source/libwolfssl/wolfcrypt/wolfmath.h b/source/libwolfssl/wolfcrypt/wolfmath.h index 3d9830a1..3430033e 100644 --- a/source/libwolfssl/wolfcrypt/wolfmath.h +++ b/source/libwolfssl/wolfcrypt/wolfmath.h @@ -1,6 +1,6 @@ /* wolfmath.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -50,23 +50,23 @@ This library provides big integer math functions. ((defined(HAVE_ECC) && defined(ECC_TIMING_RESISTANT)) || \ (defined(USE_FAST_MATH) && defined(TFM_TIMING_RESISTANT))) - extern const wolfssl_word wc_off_on_addr[2]; + extern const wc_ptr_t wc_off_on_addr[2]; #endif /* common math functions */ -MP_API int get_digit_count(mp_int* a); -MP_API mp_digit get_digit(mp_int* a, int n); +MP_API int get_digit_count(const mp_int* a); +MP_API mp_digit get_digit(const mp_int* a, int n); MP_API int get_rand_digit(WC_RNG* rng, mp_digit* d); WOLFSSL_API int mp_cond_copy(mp_int* a, int copy, mp_int* b); WOLFSSL_API int mp_rand(mp_int* a, int digits, WC_RNG* rng); -enum { - /* format type */ - WC_TYPE_HEX_STR = 1, - WC_TYPE_UNSIGNED_BIN = 2, -}; +#define WC_TYPE_HEX_STR 1 +#define WC_TYPE_UNSIGNED_BIN 2 +#if defined(WOLFSSL_QNX_CAAM) + #define WC_TYPE_BLACK_KEY 3 +#endif WOLFSSL_API int wc_export_int(mp_int* mp, byte* buf, word32* len, word32 keySz, int encType); diff --git a/source/libwolfssl/wolfio.h b/source/libwolfssl/wolfio.h index 58abb969..d5b973dc 100644 --- a/source/libwolfssl/wolfio.h +++ b/source/libwolfssl/wolfio.h @@ -1,6 +1,6 @@ /* io.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -133,6 +133,10 @@ #elif defined(HAVE_NETX) #include "nx_api.h" #include "errno.h" + #elif defined(FUSION_RTOS) + #include + #include + #include #elif !defined(WOLFSSL_NO_SOCK) #include #include @@ -244,13 +248,17 @@ #define SOCKET_ECONNREFUSED NU_CONNECTION_REFUSED #define SOCKET_ECONNABORTED NU_NOT_CONNECTED #elif defined(WOLFSSL_DEOS) - #define SOCKET_EWOULDBLOCK EAGAIN - #define SOCKET_EAGAIN EAGAIN - #define SOCKET_ECONNRESET EINTR - #define SOCKET_EINTR EINTR - #define SOCKET_EPIPE EPIPE - #define SOCKET_ECONNREFUSED SOCKET_ERROR - #define SOCKET_ECONNABORTED SOCKET_ERROR + /* `sockaddr_storage` is not defined in DEOS. This workaround will + * work for IPV4, but not IPV6 + */ + #define sockaddr_storage sockaddr_in + #define SOCKET_EWOULDBLOCK EAGAIN + #define SOCKET_EAGAIN EAGAIN + #define SOCKET_ECONNRESET EINTR + #define SOCKET_EINTR EINTR + #define SOCKET_EPIPE EPIPE + #define SOCKET_ECONNREFUSED SOCKET_ERROR + #define SOCKET_ECONNABORTED SOCKET_ERROR #elif defined(HAVE_NETX) #define SOCKET_EWOULDBLOCK NX_NOT_CONNECTED #define SOCKET_EAGAIN NX_NOT_CONNECTED @@ -259,6 +267,14 @@ #define SOCKET_EPIPE NX_NOT_CONNECTED #define SOCKET_ECONNREFUSED NX_NOT_CONNECTED #define SOCKET_ECONNABORTED NX_NOT_CONNECTED +#elif defined(FUSION_RTOS) + #define SOCKET_EWOULDBLOCK FCL_EWOULDBLOCK + #define SOCKET_EAGAIN FCL_EAGAIN + #define SOCKET_ECONNRESET FNS_ECONNRESET + #define SOCKET_EINTR FCL_EINTR + #define SOCKET_EPIPE FCL_EPIPE + #define SOCKET_ECONNREFUSED FCL_ECONNREFUSED + #define SOCKET_ECONNABORTED FNS_ECONNABORTED #else #define SOCKET_EWOULDBLOCK EWOULDBLOCK #define SOCKET_EAGAIN EAGAIN @@ -290,6 +306,9 @@ #elif defined(WOLFSSL_NUCLEUS_1_2) #define SEND_FUNCTION NU_Send #define RECV_FUNCTION NU_Recv +#elif defined(FUSION_RTOS) + #define SEND_FUNCTION FNS_SEND + #define RECV_FUNCTION FNS_RECV #elif defined(WOLFSSL_ZEPHYR) #ifndef WOLFSSL_MAX_SEND_SZ #define WOLFSSL_MAX_SEND_SZ 256 @@ -372,6 +391,13 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags); #define CloseSocket(s) closesocket(s) #endif #define StartTCP() +#elif defined(FUSION_RTOS) + #ifndef CloseSocket + #define CloseSocket(s) do { \ + int err; \ + FNS_CLOSE(s, &err); \ + } while(0) + #endif #else #ifndef CloseSocket #define CloseSocket(s) close(s) @@ -502,9 +528,9 @@ WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags); } conn; WOLFSSL_CTX *ctx; WOLFSSL *ssl; - uint8_t *input_databuf; - uint8_t *output_databuf; - uint8_t *ssl_rx_databuf; + byte *input_databuf; + byte *output_databuf; + byte *ssl_rx_databuf; int ssl_rb_len; int ssl_rb_off; struct process *process; @@ -512,7 +538,7 @@ WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags); tcp_socket_event_callback_t event_callback; int closing; uip_ipaddr_t peer_addr; - uint16_t peer_port; + word16 peer_port; }; typedef struct uip_wolfssl_ctx uip_wolfssl_ctx; @@ -591,11 +617,30 @@ WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags); #define XINET_PTON(a,b,c) InetPton((a),(b),(c)) #endif #endif + #ifndef XHTONS - #define XHTONS(a) htons((a)) + #if !defined(WOLFSSL_NO_SOCK) && (defined(USE_WOLFSSL_IO) || defined(HAVE_HTTP_CLIENT)) + #define XHTONS(a) htons((a)) + #else + /* we don't have sockets, so define our own htons and ntohs */ + #ifdef BIG_ENDIAN_ORDER + #define XHTONS(a) (a) + #else + #define XHTONS(a) ((((a) >> 8) & 0xff) | (((a) & 0xff) << 8)) + #endif + #endif #endif #ifndef XNTOHS - #define XNTOHS(a) ntohs((a)) + #if !defined(WOLFSSL_NO_SOCK) && (defined(USE_WOLFSSL_IO) || defined(HAVE_HTTP_CLIENT)) + #define XNTOHS(a) ntohs((a)) + #else + /* we don't have sockets, so define our own htons and ntohs */ + #ifdef BIG_ENDIAN_ORDER + #define XNTOHS(a) (a) + #else + #define XNTOHS(a) ((((a) >> 8) & 0xff) | (((a) & 0xff) << 8)) + #endif + #endif #endif #ifndef WOLFSSL_IP4 diff --git a/source/list/ListGenerator.hpp b/source/list/ListGenerator.hpp index 7846aee0..6d56977a 100644 --- a/source/list/ListGenerator.hpp +++ b/source/list/ListGenerator.hpp @@ -29,9 +29,7 @@ #include "gui/GameTDB.hpp" #include "plugin/plugin.hpp" -using namespace std; - -class ListGenerator : public vector +class ListGenerator : public std::vector { public: void createSFList(u8 maxBtns, Config &m_sourceMenuCfg, const string& sourceDir); @@ -52,7 +50,7 @@ private: }; typedef void (*FileAdder)(char *Path); -void GetFiles(const char *Path, const vector& FileTypes, +void GetFiles(const char *Path, const std::vector& FileTypes, FileAdder AddFile, bool CompareFolders, u32 max_depth = 2, u32 depth = 1); extern ListGenerator m_cacheList; diff --git a/source/list/cache.hpp b/source/list/cache.hpp index 6ae1dbe1..f3979f53 100644 --- a/source/list/cache.hpp +++ b/source/list/cache.hpp @@ -8,7 +8,8 @@ #include "loader/disc.h" //#include "gecko.hpp" -using namespace std; +using std::string; +using std::vector; const char io[2][3] = { "wb", diff --git a/source/loader/gc_disc_dump.cpp b/source/loader/gc_disc_dump.cpp index e9cb3ef7..fce619ca 100644 --- a/source/loader/gc_disc_dump.cpp +++ b/source/loader/gc_disc_dump.cpp @@ -41,8 +41,6 @@ #include "memory/mem2.hpp" #include "menu/menu.hpp" -using namespace std; - static u8 *FSTable ATTRIBUTE_ALIGN(32); void GCDump::__AnalizeMultiDisc() diff --git a/source/menu/menu.hpp b/source/menu/menu.hpp index c933bd92..3fd64b08 100644 --- a/source/menu/menu.hpp +++ b/source/menu/menu.hpp @@ -32,7 +32,8 @@ #include "wupc/wupc.h" #include "wiidrc/wiidrc.h" -using namespace std; +using std::string; +using std::vector; class CMenu { @@ -808,8 +809,8 @@ private: WO_FORMAT, WO_COPY_GAME, }; - typedef map TexSet; - typedef map SoundSet; + typedef std::map TexSet; + typedef std::map SoundSet; struct SThemeData { TexSet texSet; @@ -1283,8 +1284,8 @@ private: static void * _gameSoundThread(void *obj); void _load_installed_cioses(); - map _installed_cios; - typedef map::iterator CIOSItr; + std::map _installed_cios; + typedef std::map::iterator CIOSItr; struct SOption { const char id[11]; const wchar_t text[16]; }; diff --git a/source/menu/menu_cftheme.cpp b/source/menu/menu_cftheme.cpp index 65695aa2..7fee85d5 100644 --- a/source/menu/menu_cftheme.cpp +++ b/source/menu/menu_cftheme.cpp @@ -1,8 +1,6 @@ #include "menu.hpp" -using namespace std; - const CMenu::SCFParamDesc CMenu::_cfParams[] = { { { CMenu::SCFParamDesc::PDT_V3D, CMenu::SCFParamDesc::PDT_V3D, CMenu::SCFParamDesc::PDT_V3D, CMenu::SCFParamDesc::PDT_V3D }, CMenu::SCFParamDesc::PDD_BOTH, true, "Camera", { "Position", "Aim", "Oscillation speed", "Oscillation scale" }, diff --git a/source/menu/menu_config7.cpp b/source/menu/menu_config7.cpp index 7c8813fc..e6bde39c 100644 --- a/source/menu/menu_config7.cpp +++ b/source/menu/menu_config7.cpp @@ -1,8 +1,6 @@ #include "menu.hpp" -using namespace std; - void CMenu::_hideConfig7(bool instant) { _hideConfigCommon(instant); diff --git a/source/menu/menu_config_adv.cpp b/source/menu/menu_config_adv.cpp index f90fa58b..e1ae5553 100644 --- a/source/menu/menu_config_adv.cpp +++ b/source/menu/menu_config_adv.cpp @@ -3,8 +3,6 @@ #include #include "menu.hpp" -using namespace std; - template static inline T loopNum(T i, T s) { return (i + s) % s; diff --git a/source/menu/menu_paths.cpp b/source/menu/menu_paths.cpp index 1832381a..13bd955c 100644 --- a/source/menu/menu_paths.cpp +++ b/source/menu/menu_paths.cpp @@ -1,8 +1,6 @@ #include "menu.hpp" -using namespace std; - s16 m_pathsLblTitle; s16 m_pathsLblPage; s16 m_pathsBtnPageM; diff --git a/source/menu/menu_source.cpp b/source/menu/menu_source.cpp index 9b22c7b3..434535ce 100644 --- a/source/menu/menu_source.cpp +++ b/source/menu/menu_source.cpp @@ -39,7 +39,7 @@ void CMenu::_sourceFlow() const dir_discHdr *hdr = CoverFlow.getHdr(); // save source number for return - sm_numbers[sm_numbers.size() - 1] = to_string(hdr->settings[0]); + sm_numbers[sm_numbers.size() - 1] = std::to_string(hdr->settings[0]); numbers = sm_numbers[0]; for(u8 i = 1; i < sm_numbers.size(); i++) numbers.append(',' + sm_numbers[i]); @@ -596,7 +596,7 @@ bool CMenu::_Source() { // save source number for return sm_numbers.pop_back(); - sm_numbers.push_back(to_string(i + j)); + sm_numbers.push_back(std::to_string(i + j)); string numbers = sm_numbers[0]; for(u8 i = 1; i < sm_numbers.size(); i++) numbers.append(',' + sm_numbers[i]); diff --git a/source/music/MusicPlayer.cpp b/source/music/MusicPlayer.cpp index 850b86e4..1e6cbb8c 100644 --- a/source/music/MusicPlayer.cpp +++ b/source/music/MusicPlayer.cpp @@ -76,17 +76,17 @@ void Musicplayer::Init(Config &cfg, const string& musicDir, const string& themeM int Musicplayer::InitPlaylist(Config &cfg, const char *playlist, u8 device) { - ifstream filestr; + std::ifstream filestr; filestr.open(playlist); if(filestr.fail()) return 0; - filestr.seekg(0,ios_base::end); + filestr.seekg(0, std::ios_base::end); int size = filestr.tellg(); if(size <= 0) return -1; - filestr.seekg(0,ios_base::beg); + filestr.seekg(0, std::ios_base::beg); string song; FileNames.clear(); diff --git a/source/music/MusicPlayer.hpp b/source/music/MusicPlayer.hpp index 1c84bad1..06db0ac6 100644 --- a/source/music/MusicPlayer.hpp +++ b/source/music/MusicPlayer.hpp @@ -22,8 +22,6 @@ #include "config/config.hpp" #include "wstringEx/wstringEx.hpp" -using namespace std; - class Musicplayer { public: diff --git a/source/music/gui_sound.cpp b/source/music/gui_sound.cpp index 6fcfc0dd..2c69dc8a 100644 --- a/source/music/gui_sound.cpp +++ b/source/music/gui_sound.cpp @@ -37,8 +37,6 @@ #define MAX_SND_VOICES 16 -using namespace std; - static bool VoiceUsed[MAX_SND_VOICES] = { false, false, false, false, false, false, diff --git a/source/plugin/plugin.hpp b/source/plugin/plugin.hpp index 2f5923cf..4828e117 100644 --- a/source/plugin/plugin.hpp +++ b/source/plugin/plugin.hpp @@ -25,7 +25,10 @@ #include "config/config.hpp" #include "loader/disc.h" -using namespace std; +using std::string; +using std::vector; +using std::ifstream; +using std::ios; #define TAG_GAME_ID "{gameid}" #define TAG_LOC "{loc}" diff --git a/source/wstringEx/wstringEx.cpp b/source/wstringEx/wstringEx.cpp index 4c607268..0f9599df 100644 --- a/source/wstringEx/wstringEx.cpp +++ b/source/wstringEx/wstringEx.cpp @@ -2,16 +2,16 @@ #include "wstringEx.hpp" wstringEx::wstringEx(const wchar_t *s) : - basic_string, allocator >(s) + std::basic_string, std::allocator >(s) { } -wstringEx::wstringEx(const basic_string, allocator > &ws) : - basic_string, allocator >(ws) +wstringEx::wstringEx(const std::basic_string, std::allocator > &ws) : + std::basic_string, std::allocator >(ws) { } -wstringEx::wstringEx(const string &s) +wstringEx::wstringEx(const std::string &s) { size_type size = s.size(); resize(size); @@ -19,7 +19,7 @@ wstringEx::wstringEx(const string &s) (*this)[i] = (unsigned char)s[i]; } -wstringEx &wstringEx::operator=(const string &s) +wstringEx &wstringEx::operator=(const std::string &s) { size_type size = s.size(); resize(size); @@ -28,7 +28,7 @@ wstringEx &wstringEx::operator=(const string &s) return *this; } -static inline size_t utf8Len(const string &s) +static inline size_t utf8Len(const std::string &s) { size_t len = 0; @@ -66,7 +66,7 @@ static inline size_t utf8Len(const string &s) return len; } -void wstringEx::fromUTF8(const string &s) +void wstringEx::fromUTF8(const std::string &s) { size_t len = utf8Len(s); @@ -99,9 +99,9 @@ void wstringEx::fromUTF8(const string &s) } } -string wstringEx::toUTF8(void) const +std::string wstringEx::toUTF8(void) const { - string s; + std::string s; size_t len = 0; wchar_t wc; diff --git a/source/wstringEx/wstringEx.hpp b/source/wstringEx/wstringEx.hpp index 50e884b4..1f858d93 100644 --- a/source/wstringEx/wstringEx.hpp +++ b/source/wstringEx/wstringEx.hpp @@ -3,18 +3,17 @@ #define __WSTRINGEX_HPP #include -using namespace std; -class wstringEx : public basic_string, allocator > +class wstringEx : public std::basic_string, std::allocator > { public: wstringEx(void) { } wstringEx(const wchar_t *s); - wstringEx(const basic_string, allocator > &ws); - wstringEx(const string &s); - wstringEx &operator=(const string &s); - void fromUTF8(const string &s); - string toUTF8(void) const; + wstringEx(const std::basic_string, std::allocator > &ws); + wstringEx(const std::string &s); + wstringEx &operator=(const std::string &s); + void fromUTF8(const std::string &s); + std::string toUTF8(void) const; }; #endif // !defined(__WSTRINGEX_HPP)