Add TLS support

This commit is contained in:
wiidev 2019-10-24 23:26:17 +01:00
parent 497f283a5e
commit cc715cf04a
155 changed files with 42418 additions and 413 deletions

View File

@ -67,7 +67,7 @@ endif
#---------------------------------------------------------------------------------
# any extra libraries we wish to link with the project
#---------------------------------------------------------------------------------
LIBS := -lcustomfat -lcustomntfs -lcustomext2fs -lpng -lturbojpeg -lm -lz -lwiiuse -lwupc -lwiidrc -lbte -lasnd -logc -lfreetype -lvorbisidec -lmad -lsicksaxis
LIBS := -lwolfssl -lcustomfat -lcustomntfs -lcustomext2fs -lpng -lturbojpeg -lm -lz -lwiiuse -lwupc -lwiidrc -lbte -lasnd -logc -lfreetype -lvorbisidec -lmad -lsicksaxis
#---------------------------------------------------------------------------------
# list of directories containing libraries, this must be the top level containing
@ -131,7 +131,7 @@ export INCLUDE := $(foreach dir,$(INCLUDES),-I$(CURDIR)/$(dir)) \
#---------------------------------------------------------------------------------
export LIBPATHS := $(foreach dir,$(LIBDIRS),-L$(dir)/lib) -L$(CURDIR)/source/libs/libfat/ \
-L$(CURDIR)/source/libs/libntfs/ -L$(CURDIR)/source/libs/libext2fs/ \
-L$(LIBOGC_LIB) -L$(PORTLIBS)/lib
-L$(CURDIR)/source/libwolfssl/ -L$(LIBOGC_LIB) -L$(PORTLIBS)/lib
export OUTPUT := $(CURDIR)/out/$(TARGET)
.PHONY: $(BUILD) all clean

View File

@ -0,0 +1,203 @@
/* sys/socket.h
netport
*/
#ifndef _SYS_SOCKET_H
#define _SYS_SOCKET_H
#include <inttypes.h>
#include <sys/types.h>
#include <gctypes.h>
#ifdef __cplusplus
extern "C"
{
#endif
#ifndef socklen_t
typedef uint8_t socklen_t;
#define socklen_t socklen_t
#endif
typedef uint8_t sa_family_t;
struct sockaddr {
u8 sa_len;
sa_family_t sa_family; /* address family, AF_xxx */
char sa_data[14]; /* 14 bytes of protocol address */
};
/* Definition of sockaddr_storage according to SUSv3. */
#define _SS_MAXSIZE 128 /* Maximum size. */
#define _SS_ALIGNSIZE (sizeof (int64_t))/* Desired alignment. */
#define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof (sa_family_t))
#define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (sa_family_t) \
+ _SS_PAD1SIZE + _SS_ALIGNSIZE))
struct sockaddr_storage {
sa_family_t ss_family;
char _ss_pad1[_SS_PAD1SIZE];
int64_t __ss_align;
char _ss_pad2[_SS_PAD2SIZE];
};
#include <sys/uio.h>
struct msghdr
{
void * msg_name; /* Socket name */
socklen_t msg_namelen; /* Length of name */
struct iovec * msg_iov; /* Data blocks */
int msg_iovlen; /* Number of blocks */
void * msg_control; /* Ancillary data */
socklen_t msg_controllen; /* Ancillary data buffer length */
int msg_flags; /* Received flags on recvmsg */
};
struct cmsghdr
{
socklen_t cmsg_len; /* Length of cmsghdr + data */
int cmsg_level; /* Protocol */
int cmsg_type; /* Protocol type */
};
#define CMSG_ALIGN(len) \
(((len) + sizeof (size_t) - 1) & ~(sizeof (size_t) - 1))
#define CMSG_LEN(len) \
(CMSG_ALIGN (sizeof (struct cmsghdr)) + (len))
#define CMSG_SPACE(len) \
(CMSG_ALIGN (sizeof (struct cmsghdr)) + CMSG_ALIGN(len))
#define CMSG_FIRSTHDR(mhdr) \
({ \
struct msghdr *_m = (struct msghdr *) mhdr; \
(unsigned) (_m)->msg_controllen >= sizeof (struct cmsghdr) \
? (struct cmsghdr *) (_m)->msg_control \
: (struct cmsghdr *) NULL; \
})
#define CMSG_NXTHDR(mhdr,cmsg) \
({ \
struct msghdr *_m = (struct msghdr *) mhdr; \
struct cmsghdr *_c = (struct cmsghdr *) cmsg; \
((char *) _c + CMSG_SPACE (_c->cmsg_len) \
> (char *) _m->msg_control + _m->msg_controllen) \
? (struct cmsghdr *) NULL \
: (struct cmsghdr *) ((char *) _c + CMSG_ALIGN (_c->cmsg_len)); \
})
#define CMSG_DATA(cmsg) \
((unsigned char *) ((struct cmsghdr *)(cmsg) + 1))
/* "Socket"-level control message types: */
#define SCM_RIGHTS 0x01 /* access rights (array of int) */
/*
* Structure used for manipulating linger option.
*/
struct linger {
int l_onoff; /* option on/off */
int l_linger; /* linger time */
};
#define SOCK_STREAM 1
#define SOCK_DGRAM 2
#define SOCK_RAW 3
#if(0)
#define SOCK_SEQPACKET 5
#endif
#define SOL_SOCKET 0xffff /* options for socket level */
/*
* Option flags per-socket.
*/
#define SO_DEBUG 0x0001 /* turn on debugging info recording */
#define SO_ACCEPTCONN 0x0002 /* socket has had listen() */
#define SO_REUSEADDR 0x0004 /* allow local address reuse */
#define SO_KEEPALIVE 0x0008 /* keep connections alive */
#define SO_DONTROUTE 0x0010 /* just use interface addresses */
#define SO_BROADCAST 0x0020 /* permit sending of broadcast msgs */
#define SO_USELOOPBACK 0x0040 /* bypass hardware when possible */
#define SO_LINGER 0x0080 /* linger on close if data present */
#define SO_OOBINLINE 0x0100 /* leave received OOB data in line */
#define SO_REUSEPORT 0x0200 /* allow local address & port reuse */
/*
* Additional options, not kept in so_options.
*/
#define SO_SNDBUF 0x1001 /* send buffer size */
#define SO_RCVBUF 0x1002 /* receive buffer size */
#define SO_SNDLOWAT 0x1003 /* send low-water mark */
#define SO_RCVLOWAT 0x1004 /* receive low-water mark */
#define SO_SNDTIMEO 0x1005 /* send timeout */
#define SO_RCVTIMEO 0x1006 /* receive timeout */
#define SO_ERROR 0x1007 /* get error status and clear */
#define SO_TYPE 0x1008 /* get socket type */
#if(0)
#define SOMAXCONN 0x7fffffff
#endif
/* Flags we can use with send/ and recv. */
// Flags that are made up
#define MSG_OOB 0x1 /* process out-of-band data */
#define MSG_PEEK 0x2 /* peek at incoming message */
#define MSG_DONTROUTE 0x4 /* send without using routing tables */
#define MSG_WINMASK 0x7 /* flags understood by WinSock calls */
#define MSG_NOSIGNAL 0x20 /* Don't raise SIGPIPE */
#define MSG_TRUNC 0x0100 /* Normal data truncated */
#define MSG_CTRUNC 0x0200 /* Control data truncated */
// Flag not made up
#define MSG_DONTWAIT 0x40 /* Nonblocking i/o for this operation only */
/* Supported address families. */
/*
* Address families.
*/
#define AF_UNSPEC 0
#define AF_INET 2
#if(0)
#define AF_UNIX 1 /* local to host (pipes, portals) */
#define AF_INET6 23 /* IP version 6 */
#endif
#if(0)
/* SUS symbolic values for the second parm to shutdown(2) */
#define SHUT_RD 0
#define SHUT_WR 1
#define SHUT_RDWR 2
#endif
int accept(int, struct sockaddr *__restrict__, socklen_t *__restrict__);
int bind(int, const struct sockaddr *, socklen_t);
int connect(int, const struct sockaddr *, socklen_t);
int getpeername(int, struct sockaddr *__restrict__, socklen_t *__restrict__);
int getsockname(int, struct sockaddr *__restrict__, socklen_t *__restrict__);
int getsockopt(int, int, int, void *__restrict__, socklen_t *__restrict__);
int listen(int, int);
ssize_t recv(int, void *, size_t, int);
ssize_t recvfrom(int, void *__restrict__, size_t, int,
struct sockaddr *__restrict__, socklen_t *__restrict__);
ssize_t recvmsg(int, struct msghdr *, int);
ssize_t send(int, const void *, size_t, int);
ssize_t sendmsg(int, const struct msghdr *, int);
ssize_t sendto(int, const void *, size_t, int, const struct sockaddr *,
socklen_t);
int setsockopt(int, int, int, const void *, socklen_t);
int close(int);
int shutdown(int, int);
int socket(int, int, int);
int sockatmark(int);
int socketpair(int, int, int, int[2]);
#ifdef __cplusplus
};
#endif
#endif /* _SYS_SOCKET_H */

View File

@ -0,0 +1,27 @@
/* sys/uio.h
netport
*/
#ifndef _UIO_H_
#define _UIO_H_
/* For size_t */
#include <stddef.h>
/* For ssize_t */
#include <sys/types.h>
/*
* Define the uio buffers used for writev, readv.
*/
struct iovec
{
void *iov_base;
size_t iov_len;
};
extern ssize_t readv (int filedes, const struct iovec *vector, int count);
extern ssize_t writev(int filedes, const struct iovec *vector, int count);
#endif /* _UIO_H_ */

View File

@ -33,7 +33,7 @@
#include "homebrew/homebrew.h"
#include "memory/mem2.hpp"
//#include "network/FTP_Dir.hpp"
#include "network/http.h"
#include "network/https.h"
#include "plugin/crc32.h"
/* External WiiFlow Game Booter */
@ -93,8 +93,6 @@ void WiiFlow_ExternalBooter(u8 vidMode, bool vipatch, bool countryString, u8 pat
*EXT_ADDR_CFG = ((u32)lowCFG);
/* Unmount devices etc */
ShutdownBeforeExit();
/* Wii Games will need it */
net_wc24cleanup();
/* Set proper time */
settime(secs_to_ticks(time(NULL) - 946684800));
/* Copy in booter */
@ -159,6 +157,8 @@ void ShutdownBeforeExit(void)
usleep(50);
WiFiDebugger.Close();
//ftp_endTread();
wolfSSL_Cleanup();
net_wc24cleanup();
net_deinit();
networkInit = false;
}

View File

@ -0,0 +1,91 @@
/* callbacks.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_CALLBACKS_H
#define WOLFSSL_CALLBACKS_H
#include <libwolfssl/wolfcrypt/wc_port.h>
#ifdef __cplusplus
extern "C" {
#endif
enum { /* CALLBACK CONTSTANTS */
MAX_PACKETNAME_SZ = 24,
MAX_CIPHERNAME_SZ = 24,
MAX_TIMEOUT_NAME_SZ = 24,
MAX_PACKETS_HANDSHAKE = 14, /* 12 for client auth plus 2 alerts */
MAX_VALUE_SZ = 128, /* all handshake packets but Cert should
fit here */
};
struct WOLFSSL;
typedef struct handShakeInfo_st {
struct WOLFSSL* ssl;
char cipherName[MAX_CIPHERNAME_SZ + 1]; /* negotiated cipher */
char packetNames[MAX_PACKETS_HANDSHAKE][MAX_PACKETNAME_SZ + 1];
/* SSL packet names */
int numberPackets; /* actual # of packets */
int negotiationError; /* cipher/parameter err */
} HandShakeInfo;
#if defined(HAVE_SYS_TIME_H) && !defined(NO_TIMEVAL)
typedef struct timeval Timeval;
#else /* HAVE_SYS_TIME_H */
/* Define the Timeval explicitly. */
typedef struct {
long tv_sec; /* Seconds. */
long tv_usec; /* Microseconds. */
} Timeval;
#endif /* HAVE_SYS_TIME_H */
typedef struct packetInfo_st {
char packetName[MAX_PACKETNAME_SZ + 1]; /* SSL packet name */
Timeval timestamp; /* when it occurred */
unsigned char value[MAX_VALUE_SZ]; /* if fits, it's here */
unsigned char* bufferValue; /* otherwise here (non 0) */
int valueSz; /* sz of value or buffer */
} PacketInfo;
typedef struct timeoutInfo_st {
char timeoutName[MAX_TIMEOUT_NAME_SZ + 1]; /* timeout Name */
int flags; /* for future use */
int numberPackets; /* actual # of packets */
PacketInfo packets[MAX_PACKETS_HANDSHAKE]; /* list of all packets */
Timeval timeoutValue; /* timer that caused it */
} TimeoutInfo;
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_CALLBACKS_H */

File diff suppressed because it is too large Load Diff

50
source/libwolfssl/crl.h Normal file
View File

@ -0,0 +1,50 @@
/* crl.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_CRL_H
#define WOLFSSL_CRL_H
#ifdef HAVE_CRL
#include <libwolfssl/ssl.h>
#include <libwolfssl/wolfcrypt/asn.h>
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_LOCAL int InitCRL(WOLFSSL_CRL*, WOLFSSL_CERT_MANAGER*);
WOLFSSL_LOCAL void FreeCRL(WOLFSSL_CRL*, int dynamic);
WOLFSSL_LOCAL int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int mon);
WOLFSSL_LOCAL int BufferLoadCRL(WOLFSSL_CRL*, const byte*, long, int, int);
WOLFSSL_LOCAL int CheckCertCRL(WOLFSSL_CRL*, DecodedCert*);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_CRL */
#endif /* WOLFSSL_CRL_H */

View File

@ -0,0 +1,201 @@
/* error-ssl.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_ERROR_H
#define WOLFSSL_ERROR_H
#include <libwolfssl/wolfcrypt/error-crypt.h> /* pull in wolfCrypt errors */
#ifdef __cplusplus
extern "C" {
#endif
enum wolfSSL_ErrorCodes {
INPUT_CASE_ERROR = -301, /* process input state error */
PREFIX_ERROR = -302, /* bad index to key rounds */
MEMORY_ERROR = -303, /* out of memory */
VERIFY_FINISHED_ERROR = -304, /* verify problem on finished */
VERIFY_MAC_ERROR = -305, /* verify mac problem */
PARSE_ERROR = -306, /* parse error on header */
UNKNOWN_HANDSHAKE_TYPE = -307, /* weird handshake type */
SOCKET_ERROR_E = -308, /* error state on socket */
SOCKET_NODATA = -309, /* expected data, not there */
INCOMPLETE_DATA = -310, /* don't have enough data to
complete task */
UNKNOWN_RECORD_TYPE = -311, /* unknown type in record hdr */
DECRYPT_ERROR = -312, /* error during decryption */
FATAL_ERROR = -313, /* recvd alert fatal error */
ENCRYPT_ERROR = -314, /* error during encryption */
FREAD_ERROR = -315, /* fread problem */
NO_PEER_KEY = -316, /* need peer's key */
NO_PRIVATE_KEY = -317, /* need the private key */
RSA_PRIVATE_ERROR = -318, /* error during rsa priv op */
NO_DH_PARAMS = -319, /* server missing DH params */
BUILD_MSG_ERROR = -320, /* build message failure */
BAD_HELLO = -321, /* client hello malformed */
DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */
WANT_READ = -323, /* want read, call again */
NOT_READY_ERROR = -324, /* handshake layer not ready */
VERSION_ERROR = -326, /* record layer version error */
WANT_WRITE = -327, /* want write, call again */
BUFFER_ERROR = -328, /* malformed buffer input */
VERIFY_CERT_ERROR = -329, /* verify cert error */
VERIFY_SIGN_ERROR = -330, /* verify sign error */
CLIENT_ID_ERROR = -331, /* psk client identity error */
SERVER_HINT_ERROR = -332, /* psk server hint error */
PSK_KEY_ERROR = -333, /* psk key error */
GETTIME_ERROR = -337, /* gettimeofday failed ??? */
GETITIMER_ERROR = -338, /* getitimer failed ??? */
SIGACT_ERROR = -339, /* sigaction failed ??? */
SETITIMER_ERROR = -340, /* setitimer failed ??? */
LENGTH_ERROR = -341, /* record layer length error */
PEER_KEY_ERROR = -342, /* can't decode peer key */
ZERO_RETURN = -343, /* peer sent close notify */
SIDE_ERROR = -344, /* wrong client/server type */
NO_PEER_CERT = -345, /* peer didn't send key */
NTRU_KEY_ERROR = -346, /* NTRU key error */
NTRU_DRBG_ERROR = -347, /* NTRU drbg error */
NTRU_ENCRYPT_ERROR = -348, /* NTRU encrypt error */
NTRU_DECRYPT_ERROR = -349, /* NTRU decrypt error */
ECC_CURVETYPE_ERROR = -350, /* Bad ECC Curve Type */
ECC_CURVE_ERROR = -351, /* Bad ECC Curve */
ECC_PEERKEY_ERROR = -352, /* Bad Peer ECC Key */
ECC_MAKEKEY_ERROR = -353, /* Bad Make ECC Key */
ECC_EXPORT_ERROR = -354, /* Bad ECC Export Key */
ECC_SHARED_ERROR = -355, /* Bad ECC Shared Secret */
NOT_CA_ERROR = -357, /* Not a CA cert error */
BAD_CERT_MANAGER_ERROR = -359, /* Bad Cert Manager */
OCSP_CERT_REVOKED = -360, /* OCSP Certificate revoked */
CRL_CERT_REVOKED = -361, /* CRL Certificate revoked */
CRL_MISSING = -362, /* CRL Not loaded */
MONITOR_SETUP_E = -363, /* CRL Monitor setup error */
THREAD_CREATE_E = -364, /* Thread Create Error */
OCSP_NEED_URL = -365, /* OCSP need an URL for lookup */
OCSP_CERT_UNKNOWN = -366, /* OCSP responder doesn't know */
OCSP_LOOKUP_FAIL = -367, /* OCSP lookup not successful */
MAX_CHAIN_ERROR = -368, /* max chain depth exceeded */
COOKIE_ERROR = -369, /* dtls cookie error */
SEQUENCE_ERROR = -370, /* dtls sequence error */
SUITES_ERROR = -371, /* suites pointer error */
OUT_OF_ORDER_E = -373, /* out of order message */
BAD_KEA_TYPE_E = -374, /* bad KEA type found */
SANITY_CIPHER_E = -375, /* sanity check on cipher error */
RECV_OVERFLOW_E = -376, /* RXCB returned more than rqed */
GEN_COOKIE_E = -377, /* Generate Cookie Error */
NO_PEER_VERIFY = -378, /* Need peer cert verify Error */
FWRITE_ERROR = -379, /* fwrite problem */
CACHE_MATCH_ERROR = -380, /* chache hdr match error */
UNKNOWN_SNI_HOST_NAME_E = -381, /* Unrecognized host name Error */
UNKNOWN_MAX_FRAG_LEN_E = -382, /* Unrecognized max frag len Error */
KEYUSE_SIGNATURE_E = -383, /* KeyUse digSignature error */
KEYUSE_ENCIPHER_E = -385, /* KeyUse keyEncipher error */
EXTKEYUSE_AUTH_E = -386, /* ExtKeyUse server|client_auth */
SEND_OOB_READ_E = -387, /* Send Cb out of bounds read */
SECURE_RENEGOTIATION_E = -388, /* Invalid Renegotiation Info */
SESSION_TICKET_LEN_E = -389, /* Session Ticket too large */
SESSION_TICKET_EXPECT_E = -390, /* Session Ticket missing */
SCR_DIFFERENT_CERT_E = -391, /* SCR Different cert error */
SESSION_SECRET_CB_E = -392, /* Session secret Cb fcn failure */
NO_CHANGE_CIPHER_E = -393, /* Finished before change cipher */
SANITY_MSG_E = -394, /* Sanity check on msg order error */
DUPLICATE_MSG_E = -395, /* Duplicate message error */
SNI_UNSUPPORTED = -396, /* SSL 3.0 does not support SNI */
SOCKET_PEER_CLOSED_E = -397, /* Underlying transport closed */
BAD_TICKET_KEY_CB_SZ = -398, /* Bad session ticket key cb size */
BAD_TICKET_MSG_SZ = -399, /* Bad session ticket msg size */
BAD_TICKET_ENCRYPT = -400, /* Bad user ticket encrypt */
DH_KEY_SIZE_E = -401, /* DH Key too small */
SNI_ABSENT_ERROR = -402, /* No SNI request. */
RSA_SIGN_FAULT = -403, /* RSA Sign fault */
HANDSHAKE_SIZE_ERROR = -404, /* Handshake message too large */
UNKNOWN_ALPN_PROTOCOL_NAME_E = -405, /* Unrecognized protocol name Error*/
BAD_CERTIFICATE_STATUS_ERROR = -406, /* Bad certificate status message */
OCSP_INVALID_STATUS = -407, /* Invalid OCSP Status */
OCSP_WANT_READ = -408, /* OCSP callback response WOLFSSL_CBIO_ERR_WANT_READ */
RSA_KEY_SIZE_E = -409, /* RSA key too small */
ECC_KEY_SIZE_E = -410, /* ECC key too small */
DTLS_EXPORT_VER_E = -411, /* export version error */
INPUT_SIZE_E = -412, /* input size too big error */
CTX_INIT_MUTEX_E = -413, /* initialize ctx mutex error */
EXT_MASTER_SECRET_NEEDED_E = -414, /* need EMS enabled to resume */
DTLS_POOL_SZ_E = -415, /* exceeded DTLS pool size */
DECODE_E = -416, /* decode handshake message error */
HTTP_TIMEOUT = -417, /* HTTP timeout for OCSP or CRL req */
WRITE_DUP_READ_E = -418, /* Write dup write side can't read */
WRITE_DUP_WRITE_E = -419, /* Write dup read side can't write */
INVALID_CERT_CTX_E = -420, /* TLS cert ctx not matching */
BAD_KEY_SHARE_DATA = -421, /* Key Share data invalid */
MISSING_HANDSHAKE_DATA = -422, /* Handshake message missing data */
BAD_BINDER = -423, /* Binder does not match */
EXT_NOT_ALLOWED = -424, /* Extension not allowed in msg */
INVALID_PARAMETER = -425, /* Security parameter invalid */
MCAST_HIGHWATER_CB_E = -426, /* Multicast highwater cb err */
ALERT_COUNT_E = -427, /* Alert Count exceeded err */
EXT_MISSING = -428, /* Required extension not found */
UNSUPPORTED_EXTENSION = -429, /* TLSX not requested by client */
PRF_MISSING = -430, /* PRF not compiled in */
DTLS_RETX_OVER_TX = -431, /* Retransmit DTLS flight over */
DH_PARAMS_NOT_FFDHE_E = -432, /* DH params from server not FFDHE */
TCA_INVALID_ID_TYPE = -433, /* TLSX TCA ID type invalid */
TCA_ABSENT_ERROR = -434, /* TLSX TCA ID no response */
TSIP_MAC_DIGSZ_E = -435, /* Invalid MAC size for TSIP */
CLIENT_CERT_CB_ERROR = -436, /* Client cert callback error */
/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */
/* begin negotiation parameter errors */
UNSUPPORTED_SUITE = -500, /* unsupported cipher suite */
MATCH_SUITE_ERROR = -501, /* can't match cipher suite */
COMPRESSION_ERROR = -502, /* compression mismatch */
KEY_SHARE_ERROR = -503, /* key share mismatch */
POST_HAND_AUTH_ERROR = -504, /* client won't do post-hand auth */
HRR_COOKIE_ERROR = -505 /* HRR msg cookie mismatch */
/* end negotiation parameter errors only 10 for now */
/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */
/* no error stings go down here, add above negotiation errors !!!! */
};
#if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
enum {
MIN_PARAM_ERR = UNSUPPORTED_SUITE,
MAX_PARAM_ERR = MIN_PARAM_ERR - 10
};
#endif
WOLFSSL_LOCAL
void SetErrorString(int err, char* buff);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* wolfSSL_ERROR_H */

4437
source/libwolfssl/internal.h Normal file

File diff suppressed because it is too large Load Diff

Binary file not shown.

133
source/libwolfssl/ocsp.h Normal file
View File

@ -0,0 +1,133 @@
/* ocsp.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* wolfSSL OCSP API */
#ifndef WOLFSSL_OCSP_H
#define WOLFSSL_OCSP_H
#ifdef HAVE_OCSP
#include <libwolfssl/ssl.h>
#include <libwolfssl/wolfcrypt/asn.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\
defined(WOLFSSL_HAPROXY)
typedef struct OcspResponse WOLFSSL_OCSP_BASICRESP;
typedef struct OcspRequest WOLFSSL_OCSP_CERTID;
typedef struct OcspRequest WOLFSSL_OCSP_ONEREQ;
typedef struct OcspRequest WOLFSSL_OCSP_REQUEST;
#endif
WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP*, WOLFSSL_CERT_MANAGER*);
WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP*, int dynamic);
WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*,
WOLFSSL_BUFFER_INFO* responseBuffer);
WOLFSSL_LOCAL int CheckCertOCSP_ex(WOLFSSL_OCSP*, DecodedCert*,
WOLFSSL_BUFFER_INFO* responseBuffer, WOLFSSL* ssl);
WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp,
OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer);
WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status,
OcspEntry *entry, OcspRequest *ocspRequest);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_APACHE_HTTPD)
WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs,
WOLFSSL_OCSP_CERTID *id, int *status, int *reason,
WOLFSSL_ASN1_TIME **revtime, WOLFSSL_ASN1_TIME **thisupd,
WOLFSSL_ASN1_TIME **nextupd);
WOLFSSL_API const char *wolfSSL_OCSP_cert_status_str(long s);
WOLFSSL_API int wolfSSL_OCSP_check_validity(WOLFSSL_ASN1_TIME* thisupd,
WOLFSSL_ASN1_TIME* nextupd, long sec, long maxsec);
WOLFSSL_API void wolfSSL_OCSP_CERTID_free(WOLFSSL_OCSP_CERTID* certId);
WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
const WOLFSSL_EVP_MD *dgst, const WOLFSSL_X509 *subject,
const WOLFSSL_X509 *issuer);
WOLFSSL_API void wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP* basicResponse);
WOLFSSL_API int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs,
WOLF_STACK_OF(WOLFSSL_X509) *certs, WOLFSSL_X509_STORE *st, unsigned long flags);
WOLFSSL_API void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response);
WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio,
OcspResponse** response);
WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response,
const unsigned char** data, int len);
WOLFSSL_API int wolfSSL_i2d_OCSP_RESPONSE(OcspResponse* response,
unsigned char** data);
WOLFSSL_API int wolfSSL_OCSP_response_status(OcspResponse *response);
WOLFSSL_API const char *wolfSSL_OCSP_response_status_str(long s);
WOLFSSL_API WOLFSSL_OCSP_BASICRESP* wolfSSL_OCSP_response_get1_basic(
OcspResponse* response);
WOLFSSL_API OcspRequest* wolfSSL_OCSP_REQUEST_new(void);
WOLFSSL_API void wolfSSL_OCSP_REQUEST_free(OcspRequest* request);
WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request,
unsigned char** data);
WOLFSSL_API WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req,
WOLFSSL_OCSP_CERTID *cid);
WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID*);
WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out,
WOLFSSL_OCSP_REQUEST *req);
#endif
#ifdef OPENSSL_EXTRA
WOLFSSL_API int wolfSSL_OCSP_REQUEST_add_ext(OcspRequest* req,
WOLFSSL_X509_EXTENSION* ext, int idx);
WOLFSSL_API OcspResponse* wolfSSL_OCSP_response_create(int status,
WOLFSSL_OCSP_BASICRESP* bs);
WOLFSSL_API const char* wolfSSL_OCSP_crl_reason_str(long s);
WOLFSSL_API int wolfSSL_OCSP_id_get0_info(WOLFSSL_ASN1_STRING**,
WOLFSSL_ASN1_OBJECT**, WOLFSSL_ASN1_STRING**,
WOLFSSL_ASN1_INTEGER**, WOLFSSL_OCSP_CERTID*);
WOLFSSL_API int wolfSSL_OCSP_request_add1_nonce(OcspRequest* req,
unsigned char* val, int sz);
WOLFSSL_API int wolfSSL_OCSP_check_nonce(OcspRequest* req,
WOLFSSL_OCSP_BASICRESP* bs);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_OCSP */
#endif /* WOLFSSL_OCSP_H */

View File

@ -0,0 +1,111 @@
/* aes.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* aes.h defines mini des openssl compatibility layer
*
*/
#ifndef WOLFSSL_AES_H_
#define WOLFSSL_AES_H_
#include <libwolfssl/wolfcrypt/settings.h>
#ifndef NO_AES
#include <libwolfssl/openssl/ssl.h> /* for size_t */
#ifdef __cplusplus
extern "C" {
#endif
/* This structure wrapper is done because there is no aes_new function with
* OpenSSL compatibility layer. This makes code working with an AES structure
* to need the size of the structure. */
typedef struct WOLFSSL_AES_KEY {
/* aligned and big enough for Aes from wolfssl/wolfcrypt/aes.h */
ALIGN16 void* holder[(376 + WC_ASYNC_DEV_SIZE)/ sizeof(void*)];
#ifdef GCM_TABLE
/* key-based fast multiplication table. */
ALIGN16 void* M0[4096 / sizeof(void*)];
#endif /* GCM_TABLE */
#if defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
/* large enough for additional devcrypto information */
void* devKey[288 / sizeof(void*)];
#endif
#ifdef WOLFSSL_AFALG
void* afalg_holder[288 / sizeof(void*)];
#endif
#ifdef HAVE_PKCS11
void* pkcs11_holder[(AES_MAX_ID_LEN + sizeof(int)) / sizeof(void*)];
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
void* async_holder[128 / sizeof(void*)];
#endif
} WOLFSSL_AES_KEY;
typedef WOLFSSL_AES_KEY AES_KEY;
WOLFSSL_API int wolfSSL_AES_set_encrypt_key
(const unsigned char *, const int bits, AES_KEY *);
WOLFSSL_API int wolfSSL_AES_set_decrypt_key
(const unsigned char *, const int bits, AES_KEY *);
WOLFSSL_API void wolfSSL_AES_cbc_encrypt
(const unsigned char *in, unsigned char* out, size_t len,
AES_KEY *key, unsigned char* iv, const int enc);
WOLFSSL_API void wolfSSL_AES_ecb_encrypt
(const unsigned char *in, unsigned char* out,
AES_KEY *key, const int enc);
WOLFSSL_API void wolfSSL_AES_cfb128_encrypt
(const unsigned char *in, unsigned char* out, size_t len,
AES_KEY *key, unsigned char* iv, int* num, const int enc);
#define AES_cbc_encrypt wolfSSL_AES_cbc_encrypt
#define AES_ecb_encrypt wolfSSL_AES_ecb_encrypt
#define AES_cfb128_encrypt wolfSSL_AES_cfb128_encrypt
#define AES_set_encrypt_key wolfSSL_AES_set_encrypt_key
#define AES_set_decrypt_key wolfSSL_AES_set_decrypt_key
#ifdef WOLFSSL_AES_DIRECT
WOLFSSL_API void wolfSSL_AES_encrypt
(const unsigned char* input, unsigned char* output, AES_KEY *);
WOLFSSL_API void wolfSSL_AES_decrypt
(const unsigned char* input, unsigned char* output, AES_KEY *);
#define AES_encrypt wolfSSL_AES_encrypt
#define AES_decrypt wolfSSL_AES_decrypt
#endif /* HAVE_AES_DIRECT */
#ifndef AES_ENCRYPT
#define AES_ENCRYPT AES_ENCRYPTION
#endif
#ifndef AES_DECRYPT
#define AES_DECRYPT AES_DECRYPTION
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_AES */
#endif /* WOLFSSL_AES_H_ */

View File

@ -0,0 +1,84 @@
/* asn1.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* asn1.h for openssl */
#ifndef WOLFSSL_ASN1_H_
#define WOLFSSL_ASN1_H_
#include <libwolfssl/openssl/ssl.h>
#define ASN1_STRING_new wolfSSL_ASN1_STRING_new
#define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new
#define ASN1_STRING_type wolfSSL_ASN1_STRING_type
#define ASN1_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
#define V_ASN1_INTEGER 0x02
#define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */
#define V_ASN1_NEG 0x100
#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
/* Type for ASN1_print_ex */
# define ASN1_STRFLGS_ESC_2253 1
# define ASN1_STRFLGS_ESC_CTRL 2
# define ASN1_STRFLGS_ESC_MSB 4
# define ASN1_STRFLGS_ESC_QUOTE 8
# define ASN1_STRFLGS_UTF8_CONVERT 0x10
# define ASN1_STRFLGS_IGNORE_TYPE 0x20
# define ASN1_STRFLGS_SHOW_TYPE 0x40
# define ASN1_STRFLGS_DUMP_ALL 0x80
# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
# define ASN1_STRFLGS_DUMP_DER 0x200
# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
ASN1_STRFLGS_ESC_CTRL | \
ASN1_STRFLGS_ESC_MSB | \
ASN1_STRFLGS_UTF8_CONVERT | \
ASN1_STRFLGS_DUMP_UNKNOWN | \
ASN1_STRFLGS_DUMP_DER)
#define MBSTRING_UTF8 0x1000
#define MBSTRING_ASC 0x1001
#define MBSTRING_BMP 0x1002
#define MBSTRING_UNIV 0x1004
#define ASN1_UTCTIME_print wolfSSL_ASN1_UTCTIME_print
#define ASN1_TIME_check wolfSSL_ASN1_TIME_check
#define ASN1_TIME_diff wolfSSL_ASN1_TIME_diff
#define ASN1_TIME_set wolfSSL_ASN1_TIME_set
#define V_ASN1_UTCTIME 23
#define V_ASN1_GENERALIZEDTIME 24
#define ASN1_STRING_FLAG_BITS_LEFT 0x008
#define ASN1_STRING_FLAG_NDEF 0x010
#define ASN1_STRING_FLAG_CONT 0x020
#define ASN1_STRING_FLAG_MSTRING 0x040
#define ASN1_STRING_FLAG_EMBED 0x080
WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER(
const WOLFSSL_BIGNUM*, WOLFSSL_ASN1_INTEGER*);
#define BN_to_ASN1_INTEGER wolfSSL_BN_to_ASN1_INTEGER
#endif /* WOLFSSL_ASN1_H_ */

View File

@ -0,0 +1,157 @@
/* bio.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* bio.h for openssl */
#ifndef WOLFSSL_BIO_H_
#define WOLFSSL_BIO_H_
#include <libwolfssl/openssl/ssl.h>
#ifdef __cplusplus
extern "C" {
#endif
#define BIO_FLAG_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL
#define BIO_FLAG_READ WOLFSSL_BIO_FLAG_READ
#define BIO_FLAG_WRITE WOLFSSL_BIO_FLAG_WRITE
#define BIO_FLAG_IO_SPECIAL WOLFSSL_BIO_FLAG_IO_SPECIAL
#define BIO_FLAG_RETRY WOLFSSL_BIO_FLAG_RETRY
#define BIO_new_fp wolfSSL_BIO_new_fp
#define BIO_new_file wolfSSL_BIO_new_file
#define BIO_new_fp wolfSSL_BIO_new_fp
#define BIO_ctrl wolfSSL_BIO_ctrl
#define BIO_ctrl_pending wolfSSL_BIO_ctrl_pending
#define BIO_wpending wolfSSL_BIO_wpending
#define BIO_get_mem_ptr wolfSSL_BIO_get_mem_ptr
#define BIO_int_ctrl wolfSSL_BIO_int_ctrl
#define BIO_reset wolfSSL_BIO_reset
#define BIO_s_file wolfSSL_BIO_s_file
#define BIO_s_bio wolfSSL_BIO_s_bio
#define BIO_s_socket wolfSSL_BIO_s_socket
#define BIO_set_fd wolfSSL_BIO_set_fd
#define BIO_ctrl_reset_read_request wolfSSL_BIO_ctrl_reset_read_request
#define BIO_set_write_buf_size wolfSSL_BIO_set_write_buf_size
#define BIO_make_bio_pair wolfSSL_BIO_make_bio_pair
#define BIO_set_fp wolfSSL_BIO_set_fp
#define BIO_get_fp wolfSSL_BIO_get_fp
#define BIO_seek wolfSSL_BIO_seek
#define BIO_write_filename wolfSSL_BIO_write_filename
#define BIO_set_mem_eof_return wolfSSL_BIO_set_mem_eof_return
#define BIO_find_type wolfSSL_BIO_find_type
#define BIO_next wolfSSL_BIO_next
#define BIO_gets wolfSSL_BIO_gets
#define BIO_puts wolfSSL_BIO_puts
#define BIO_TYPE_FILE WOLFSSL_BIO_FILE
#define BIO_TYPE_BIO WOLFSSL_BIO_BIO
#define BIO_TYPE_MEM WOLFSSL_BIO_MEMORY
#define BIO_TYPE_BASE64 WOLFSSL_BIO_BASE64
#define BIO_printf wolfSSL_BIO_printf
#define BIO_dump wolfSSL_BIO_dump
/* BIO info callback */
#define BIO_CB_FREE WOLFSSL_BIO_CB_FREE
#define BIO_CB_READ WOLFSSL_BIO_CB_READ
#define BIO_CB_WRITE WOLFSSL_BIO_CB_WRITE
#define BIO_CB_PUTS WOLFSSL_BIO_CB_PUTS
#define BIO_CB_GETS WOLFSSL_BIO_CB_GETS
#define BIO_CB_CTRL WOLFSSL_BIO_CB_CTRL
#define BIO_CB_RETURN WOLFSSL_BIO_CB_RETURN
#define BIO_set_callback wolfSSL_BIO_set_callback
#define BIO_get_callback wolfSSL_BIO_get_callback
#define BIO_set_callback_arg wolfSSL_BIO_set_callback_arg
#define BIO_get_callback_arg wolfSSL_BIO_get_callback_arg
/* BIO for 1.1.0 or later */
#define BIO_set_init wolfSSL_BIO_set_init
#define BIO_get_data wolfSSL_BIO_get_data
#define BIO_set_data wolfSSL_BIO_set_data
#define BIO_get_shutdown wolfSSL_BIO_get_shutdown
#define BIO_set_shutdown wolfSSL_BIO_set_shutdown
/* helper to set specific retry/read flags */
#define BIO_set_retry_read(bio)\
wolfSSL_BIO_set_flags((bio), WOLFSSL_BIO_FLAG_RETRY | WOLFSSL_BIO_FLAG_READ)
#define BIO_set_retry_write(bio)\
wolfSSL_BIO_set_flags((bio), WOLFSSL_BIO_FLAG_RETRY | WOLFSSL_BIO_FLAG_WRITE)
#define BIO_clear_retry_flags wolfSSL_BIO_clear_retry_flags
#define BIO_meth_new wolfSSL_BIO_meth_new
#define BIO_meth_set_write wolfSSL_BIO_meth_set_write
#define BIO_meth_free wolfSSL_BIO_meth_free
#define BIO_meth_set_write wolfSSL_BIO_meth_set_write
#define BIO_meth_set_read wolfSSL_BIO_meth_set_read
#define BIO_meth_set_puts wolfSSL_BIO_meth_set_puts
#define BIO_meth_set_gets wolfSSL_BIO_meth_set_gets
#define BIO_meth_set_ctrl wolfSSL_BIO_meth_set_ctrl
#define BIO_meth_set_create wolfSSL_BIO_meth_set_create
#define BIO_meth_set_destroy wolfSSL_BIO_meth_set_destroy
/* BIO CTRL */
#define BIO_CTRL_RESET 1
#define BIO_CTRL_EOF 2
#define BIO_CTRL_INFO 3
#define BIO_CTRL_PUSH 6
#define BIO_CTRL_POP 7
#define BIO_CTRL_GET_CLOSE 8
#define BIO_CTRL_SET_CLOSE 9
#define BIO_CTRL_PENDING 10
#define BIO_CTRL_FLUSH 11
#define BIO_CTRL_DUP 12
#define BIO_CTRL_WPENDING 13
#define BIO_C_SET_FILE_PTR 106
#define BIO_C_GET_FILE_PTR 107
#define BIO_C_SET_FILENAME 108
#define BIO_C_SET_BUF_MEM 114
#define BIO_C_GET_BUF_MEM_PTR 115
#define BIO_C_FILE_SEEK 128
#define BIO_C_SET_BUF_MEM_EOF_RETURN 130
#define BIO_C_SET_WRITE_BUF_SIZE 136
#define BIO_C_MAKE_BIO_PAIR 138
#define BIO_CTRL_DGRAM_QUERY_MTU 40
#define BIO_NOCLOSE 0x00
#define BIO_CLOSE 0x01
#define BIO_FP_WRITE 0x04
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_BIO_H_ */

View File

@ -0,0 +1,213 @@
/* bn.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* bn.h for openssl */
/*!
\file wolfssl/openssl/bn.h
\brief bn.h for openssl
*/
#ifndef WOLFSSL_BN_H_
#define WOLFSSL_BN_H_
#include <libwolfssl/wolfcrypt/settings.h>
#include <libwolfssl/wolfcrypt/integer.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct WOLFSSL_BIGNUM {
int neg; /* openssh deference */
void *internal; /* our big num */
#ifdef WOLFSSL_SP_MATH
sp_int fp;
#elif defined(USE_FAST_MATH) && !defined(HAVE_WOLF_BIGINT)
fp_int fp;
#endif
} WOLFSSL_BIGNUM;
#define WOLFSSL_BN_ULONG mp_digit
typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
typedef struct WOLFSSL_BN_GENCB WOLFSSL_BN_GENCB;
WOLFSSL_API WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void);
WOLFSSL_API void wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX*);
WOLFSSL_API void wolfSSL_BN_CTX_free(WOLFSSL_BN_CTX*);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_new(void);
#if defined(USE_FAST_MATH) && !defined(HAVE_WOLF_BIGINT)
WOLFSSL_API void wolfSSL_BN_init(WOLFSSL_BIGNUM *);
#endif
WOLFSSL_API void wolfSSL_BN_free(WOLFSSL_BIGNUM*);
WOLFSSL_API void wolfSSL_BN_clear_free(WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_sub(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*,
const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_mod(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*,
const WOLFSSL_BIGNUM*, const WOLFSSL_BN_CTX*);
WOLFSSL_API int wolfSSL_BN_mod_exp(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API int wolfSSL_BN_mod_mul(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *b, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API const WOLFSSL_BIGNUM* wolfSSL_BN_value_one(void);
WOLFSSL_API int wolfSSL_BN_num_bytes(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_num_bits(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_zero(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_one(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_negative(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_bn2bin(const WOLFSSL_BIGNUM*, unsigned char*);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char*, int len,
WOLFSSL_BIGNUM* ret);
WOLFSSL_API int wolfSSL_mask_bits(WOLFSSL_BIGNUM*, int n);
WOLFSSL_API int wolfSSL_BN_pseudo_rand(WOLFSSL_BIGNUM*, int bits, int top,
int bottom);
WOLFSSL_API int wolfSSL_BN_rand(WOLFSSL_BIGNUM*, int bits, int top, int bottom);
WOLFSSL_API int wolfSSL_BN_is_bit_set(const WOLFSSL_BIGNUM*, int n);
WOLFSSL_API int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM**, const char* str);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_dup(const WOLFSSL_BIGNUM*);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM*,
const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM**, const char* str);
WOLFSSL_API char* wolfSSL_BN_bn2dec(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_lshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM*, int);
WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
WOLFSSL_API unsigned long wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*,
WOLFSSL_BIGNUM*);
WOLFSSL_API char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM*, int,
WOLFSSL_BN_CTX*, WOLFSSL_BN_GENCB*);
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM*,
WOLFSSL_BN_ULONG);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_BN_print_fp(XFILE, const WOLFSSL_BIGNUM*);
#endif
WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx);
WOLFSSL_API void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*,
const WOLFSSL_BIGNUM*, WOLFSSL_BN_CTX *ctx);
typedef WOLFSSL_BIGNUM BIGNUM;
typedef WOLFSSL_BN_CTX BN_CTX;
typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_CTX_new wolfSSL_BN_CTX_new
#define BN_CTX_init wolfSSL_BN_CTX_init
#define BN_CTX_free wolfSSL_BN_CTX_free
#define BN_new wolfSSL_BN_new
#define BN_init wolfSSL_BN_init
#define BN_free wolfSSL_BN_free
#define BN_clear_free wolfSSL_BN_clear_free
#define BN_num_bytes wolfSSL_BN_num_bytes
#define BN_num_bits wolfSSL_BN_num_bits
#define BN_is_zero wolfSSL_BN_is_zero
#define BN_is_one wolfSSL_BN_is_one
#define BN_is_odd wolfSSL_BN_is_odd
#define BN_is_negative wolfSSL_BN_is_negative
#define BN_cmp wolfSSL_BN_cmp
#define BN_bn2bin wolfSSL_BN_bn2bin
#define BN_bin2bn wolfSSL_BN_bin2bn
#define BN_mod wolfSSL_BN_mod
#define BN_mod_exp wolfSSL_BN_mod_exp
#define BN_mod_mul wolfSSL_BN_mod_mul
#define BN_sub wolfSSL_BN_sub
#define BN_value_one wolfSSL_BN_value_one
#define BN_mask_bits wolfSSL_mask_bits
#define BN_pseudo_rand wolfSSL_BN_pseudo_rand
#define BN_rand wolfSSL_BN_rand
#define BN_is_bit_set wolfSSL_BN_is_bit_set
#define BN_hex2bn wolfSSL_BN_hex2bn
#define BN_dup wolfSSL_BN_dup
#define BN_copy wolfSSL_BN_copy
#define BN_get_word wolfSSL_BN_get_word
#define BN_set_word wolfSSL_BN_set_word
#define BN_dec2bn wolfSSL_BN_dec2bn
#define BN_bn2dec wolfSSL_BN_bn2dec
#define BN_bn2hex wolfSSL_BN_bn2hex
#define BN_lshift wolfSSL_BN_lshift
#define BN_add_word wolfSSL_BN_add_word
#define BN_add wolfSSL_BN_add
#define BN_set_word wolfSSL_BN_set_word
#define BN_set_bit wolfSSL_BN_set_bit
#define BN_is_prime_ex wolfSSL_BN_is_prime_ex
#define BN_print_fp wolfSSL_BN_print_fp
#define BN_rshift wolfSSL_BN_rshift
#define BN_mod_word wolfSSL_BN_mod_word
#define BN_CTX_get wolfSSL_BN_CTX_get
#define BN_CTX_start wolfSSL_BN_CTX_start
#define BN_mod_inverse wolfSSL_BN_mod_inverse
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
#define BN_get_rfc2409_prime_768 wolfSSL_DH_768_prime
#define BN_get_rfc2409_prime_1024 wolfSSL_DH_1024_prime
#define BN_get_rfc3526_prime_1536 wolfSSL_DH_1536_prime
#define BN_get_rfc3526_prime_2048 wolfSSL_DH_2048_prime
#define BN_get_rfc3526_prime_3072 wolfSSL_DH_3072_prime
#define BN_get_rfc3526_prime_4096 wolfSSL_DH_4096_prime
#define BN_get_rfc3526_prime_6144 wolfSSL_DH_6144_prime
#define BN_get_rfc3526_prime_8192 wolfSSL_DH_8192_prime
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL__H_ */

View File

@ -0,0 +1,51 @@
/* buffer.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_BUFFER_H_
#define WOLFSSL_BUFFER_H_
#include <libwolfssl/wolfcrypt/settings.h>
#include <libwolfssl/openssl/ssl.h>
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void);
WOLFSSL_API int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len);
WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf);
#define BUF_MEM_new wolfSSL_BUF_MEM_new
#define BUF_MEM_grow wolfSSL_BUF_MEM_grow
#define BUF_MEM_free wolfSSL_BUF_MEM_free
/* error codes */
#define ERR_R_MALLOC_FAILURE MEMORY_E
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_BUFFER_H_ */

View File

@ -0,0 +1,48 @@
/* conf.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* conf.h for openSSL */
#ifndef WOLFSSL_conf_H_
#define WOLFSSL_conf_H_
#ifdef __cplusplus
extern "C" {
#endif
struct WOLFSSL_CONF_VALUE {
char *section;
char *name;
char *value;
};
struct WOLFSSL_INIT_SETTINGS {
char* appname;
};
typedef struct WOLFSSL_CONF_VALUE CONF_VALUE;
typedef struct WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS;
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_conf_H_ */

View File

@ -0,0 +1,81 @@
/* crypto.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* crypto.h for openSSL */
#ifndef WOLFSSL_CRYPTO_H_
#define WOLFSSL_CRYPTO_H_
#include <libwolfssl/openssl/opensslv.h>
#include <libwolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_crypto.h"
#endif
WOLFSSL_API const char* wolfSSLeay_version(int type);
WOLFSSL_API unsigned long wolfSSLeay(void);
#ifdef OPENSSL_EXTRA
WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
#endif
#define CRYPTO_THREADID void
#define SSLeay_version wolfSSLeay_version
#define SSLeay wolfSSLeay
#define OpenSSL_version wolfSSLeay_version
#define SSLEAY_VERSION 0x0090600fL
#define SSLEAY_VERSION_NUMBER SSLEAY_VERSION
#define CRYPTO_lock wc_LockMutex_ex
/* this function was used to set the default malloc, free, and realloc */
#define CRYPTO_malloc_init() 0 /* CRYPTO_malloc_init is not needed */
#define OPENSSL_free wolfSSL_OPENSSL_free
#define OPENSSL_malloc wolfSSL_OPENSSL_malloc
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
#define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions
#define FIPS_mode wolfSSL_FIPS_mode
#define FIPS_mode_set wolfSSL_FIPS_mode_set
typedef struct CRYPTO_EX_DATA CRYPTO_EX_DATA;
typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int idx,
long argl, void* argp);
#define CRYPTO_THREADID_set_callback wolfSSL_THREADID_set_callback
#define CRYPTO_THREADID_set_numeric wolfSSL_THREADID_set_numeric
#define CRYPTO_r_lock wc_LockMutex_ex
#define CRYPTO_unlock wc_LockMutex_ex
#define CRYPTO_THREAD_lock wc_LockMutex
#define CRYPTO_THREAD_r_lock wc_LockMutex
#define CRYPTO_THREAD_unlock wc_UnLockMutex
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
#endif /* header */

View File

@ -0,0 +1,113 @@
/* des.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* des.h defines mini des openssl compatibility layer
*
*/
#ifndef WOLFSSL_DES_H_
#define WOLFSSL_DES_H_
#include <libwolfssl/wolfcrypt/settings.h>
#ifndef NO_DES3
#ifdef WOLFSSL_PREFIX
#include "prefix_des.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
typedef unsigned char WOLFSSL_DES_cblock[8];
typedef /* const */ WOLFSSL_DES_cblock WOLFSSL_const_DES_cblock;
typedef WOLFSSL_DES_cblock WOLFSSL_DES_key_schedule;
typedef unsigned int WOLFSSL_DES_LONG;
enum {
DES_ENCRYPT = 1,
DES_DECRYPT = 0
};
WOLFSSL_API int wolfSSL_DES_is_weak_key(WOLFSSL_const_DES_cblock* key);
WOLFSSL_API WOLFSSL_DES_LONG wolfSSL_DES_cbc_cksum(const unsigned char* in,
WOLFSSL_DES_cblock* out, long length, WOLFSSL_DES_key_schedule* sc,
WOLFSSL_const_DES_cblock* iv);
WOLFSSL_API int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
WOLFSSL_DES_key_schedule* key);
WOLFSSL_API int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
WOLFSSL_DES_key_schedule* key);
WOLFSSL_API void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock*,
WOLFSSL_DES_key_schedule*);
WOLFSSL_API int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key,
WOLFSSL_DES_key_schedule* schedule);
WOLFSSL_API void wolfSSL_DES_cbc_encrypt(const unsigned char* input,
unsigned char* output, long length,
WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
int enc);
WOLFSSL_API void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
unsigned char* output, long sz,
WOLFSSL_DES_key_schedule* ks1,
WOLFSSL_DES_key_schedule* ks2,
WOLFSSL_DES_key_schedule* ks3,
WOLFSSL_DES_cblock* ivec, int enc);
WOLFSSL_API void wolfSSL_DES_ncbc_encrypt(const unsigned char* input,
unsigned char* output, long length,
WOLFSSL_DES_key_schedule* schedule,
WOLFSSL_DES_cblock* ivec, int enc);
WOLFSSL_API void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock*);
WOLFSSL_API void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock*, WOLFSSL_DES_cblock*,
WOLFSSL_DES_key_schedule*, int);
typedef WOLFSSL_DES_cblock DES_cblock;
typedef WOLFSSL_const_DES_cblock const_DES_cblock;
typedef WOLFSSL_DES_key_schedule DES_key_schedule;
typedef WOLFSSL_DES_LONG DES_LONG;
#define DES_check_key(x) /* Define WOLFSSL_CHECK_DESKEY to check key */
#define DES_is_weak_key wolfSSL_DES_is_weak_key
#define DES_set_key wolfSSL_DES_set_key
#define DES_set_key_checked wolfSSL_DES_set_key_checked
#define DES_set_key_unchecked wolfSSL_DES_set_key_unchecked
#define DES_key_sched wolfSSL_DES_key_sched
#define DES_cbc_encrypt wolfSSL_DES_cbc_encrypt
#define DES_ncbc_encrypt wolfSSL_DES_ncbc_encrypt
#define DES_set_odd_parity wolfSSL_DES_set_odd_parity
#define DES_ecb_encrypt wolfSSL_DES_ecb_encrypt
#define DES_ede3_cbc_encrypt wolfSSL_DES_ede3_cbc_encrypt
#define DES_cbc_cksum wolfSSL_DES_cbc_cksum
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_DES3 */
#endif /* WOLFSSL_DES_H_ */

View File

@ -0,0 +1,93 @@
/* dh.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* dh.h for openSSL */
#ifndef WOLFSSL_DH_H_
#define WOLFSSL_DH_H_
#include <libwolfssl/openssl/ssl.h>
#include <libwolfssl/openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
struct WOLFSSL_DH {
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* g;
WOLFSSL_BIGNUM* q;
WOLFSSL_BIGNUM* pub_key; /* openssh deference g^x */
WOLFSSL_BIGNUM* priv_key; /* openssh deference x */
void* internal; /* our DH */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
/*added for lighttpd openssl compatibility, go back and add a getter in
* lighttpd src code.
*/
int length;
};
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new(void);
WOLFSSL_API void wolfSSL_DH_free(WOLFSSL_DH*);
WOLFSSL_API int wolfSSL_DH_size(WOLFSSL_DH*);
WOLFSSL_API int wolfSSL_DH_generate_key(WOLFSSL_DH*);
WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, WOLFSSL_BIGNUM* pub,
WOLFSSL_DH*);
WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*,
WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*);
typedef WOLFSSL_DH DH;
#define DH_new wolfSSL_DH_new
#define DH_free wolfSSL_DH_free
#define DH_size wolfSSL_DH_size
#define DH_generate_key wolfSSL_DH_generate_key
#define DH_compute_key wolfSSL_DH_compute_key
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
#define DH_set0_pqg wolfSSL_DH_set0_pqg
#endif
#define DH_bits(x) (BN_num_bits(x->p))
/* for pre 1.1.0 */
#define get_rfc2409_prime_768 wolfSSL_DH_768_prime
#define get_rfc2409_prime_1024 wolfSSL_DH_1024_prime
#define get_rfc3526_prime_1536 wolfSSL_DH_1536_prime
#define get_rfc3526_prime_2048 wolfSSL_DH_2048_prime
#define get_rfc3526_prime_3072 wolfSSL_DH_3072_prime
#define get_rfc3526_prime_4096 wolfSSL_DH_4096_prime
#define get_rfc3526_prime_6144 wolfSSL_DH_6144_prime
#define get_rfc3526_prime_8192 wolfSSL_DH_8192_prime
#ifdef __cplusplus
} /* extern "C" */
#endif
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL)
#define DH_generate_parameters wolfSSL_DH_generate_parameters
#define DH_generate_parameters_ex wolfSSL_DH_generate_parameters_ex
#endif /* OPENSSL_ALL || HAVE_STUNNEL */
#endif /* WOLFSSL_DH_H_ */

View File

@ -0,0 +1,87 @@
/* dsa.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* dsa.h for openSSL */
#ifndef WOLFSSL_DSA_H_
#define WOLFSSL_DSA_H_
#include <libwolfssl/openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifndef WOLFSSL_DSA_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_DSA WOLFSSL_DSA;
#define WOLFSSL_DSA_TYPE_DEFINED
#endif
typedef WOLFSSL_DSA DSA;
struct WOLFSSL_DSA {
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* q;
WOLFSSL_BIGNUM* g;
WOLFSSL_BIGNUM* pub_key; /* our y */
WOLFSSL_BIGNUM* priv_key; /* our x */
void* internal; /* our Dsa Key */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
};
WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_new(void);
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA*);
WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA*);
typedef void (*WOLFSSL_BN_CB)(int i, int j, void* exArg);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_generate_parameters(int bits,
unsigned char* seed, int seedLen, int* counterRet,
unsigned long* hRet, WOLFSSL_BN_CB cb, void* CBArg);
WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits,
unsigned char* seed, int seedLen, int* counterRet,
unsigned long* hRet, void* cb);
WOLFSSL_API int wolfSSL_DSA_LoadDer(WOLFSSL_DSA*, const unsigned char*, int sz);
WOLFSSL_API int wolfSSL_DSA_do_sign(const unsigned char* d,
unsigned char* sigRet, WOLFSSL_DSA* dsa);
WOLFSSL_API int wolfSSL_DSA_do_verify(const unsigned char* d,
unsigned char* sig,
WOLFSSL_DSA* dsa, int *dsacheck);
#define DSA_new wolfSSL_DSA_new
#define DSA_free wolfSSL_DSA_free
#define DSA_generate_key wolfSSL_DSA_generate_key
#define DSA_generate_parameters wolfSSL_DSA_generate_parameters
#define DSA_generate_parameters_ex wolfSSL_DSA_generate_parameters_ex
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */

View File

@ -0,0 +1,236 @@
/* ec.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* ec.h for openssl */
#ifndef WOLFSSL_EC_H_
#define WOLFSSL_EC_H_
#include <libwolfssl/openssl/bn.h>
#include <libwolfssl/wolfcrypt/ecc.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Map OpenSSL NID value */
enum {
POINT_CONVERSION_COMPRESSED = 2,
POINT_CONVERSION_UNCOMPRESSED = 4,
#ifdef HAVE_ECC
/* Use ecc_curve_type enum values for NID */
NID_X9_62_prime192v1 = ECC_SECP192R1,
NID_X9_62_prime256v1 = ECC_SECP256R1,
NID_secp112r1 = ECC_SECP112R1,
NID_secp112r2 = ECC_SECP112R2,
NID_secp128r1 = ECC_SECP128R1,
NID_secp128r2 = ECC_SECP128R2,
NID_secp160r1 = ECC_SECP160R1,
NID_secp160r2 = ECC_SECP160R2,
NID_secp224r1 = ECC_SECP224R1,
NID_secp384r1 = ECC_SECP384R1,
NID_secp521r1 = ECC_SECP521R1,
NID_secp160k1 = ECC_SECP160K1,
NID_secp192k1 = ECC_SECP192K1,
NID_secp224k1 = ECC_SECP224K1,
NID_secp256k1 = ECC_SECP256K1,
NID_brainpoolP160r1 = ECC_BRAINPOOLP160R1,
NID_brainpoolP192r1 = ECC_BRAINPOOLP192R1,
NID_brainpoolP224r1 = ECC_BRAINPOOLP224R1,
NID_brainpoolP256r1 = ECC_BRAINPOOLP256R1,
NID_brainpoolP320r1 = ECC_BRAINPOOLP320R1,
NID_brainpoolP384r1 = ECC_BRAINPOOLP384R1,
NID_brainpoolP512r1 = ECC_BRAINPOOLP512R1,
#endif
OPENSSL_EC_NAMED_CURVE = 0x001
};
#ifndef WOLFSSL_EC_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY;
typedef struct WOLFSSL_EC_POINT WOLFSSL_EC_POINT;
typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_GROUP;
#define WOLFSSL_EC_TYPE_DEFINED
#endif
typedef WOLFSSL_EC_KEY EC_KEY;
typedef WOLFSSL_EC_GROUP EC_GROUP;
typedef WOLFSSL_EC_POINT EC_POINT;
struct WOLFSSL_EC_POINT {
WOLFSSL_BIGNUM *X;
WOLFSSL_BIGNUM *Y;
WOLFSSL_BIGNUM *Z;
void* internal; /* our ECC point */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
};
struct WOLFSSL_EC_GROUP {
int curve_idx; /* index of curve, used by WolfSSL as reference */
int curve_nid; /* NID of curve, used by OpenSSL/OpenSSH as reference */
int curve_oid; /* OID of curve, used by OpenSSL/OpenSSH as reference */
};
struct WOLFSSL_EC_KEY {
WOLFSSL_EC_GROUP *group;
WOLFSSL_EC_POINT *pub_key;
WOLFSSL_BIGNUM *priv_key;
void* internal; /* our ECC Key */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
};
#define WOLFSSL_EC_KEY_LOAD_PRIVATE 1
#define WOLFSSL_EC_KEY_LOAD_PUBLIC 2
WOLFSSL_API
int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *curve,
const WOLFSSL_EC_POINT *p,
unsigned char *out, unsigned int *len);
WOLFSSL_API
int wolfSSL_ECPoint_d2i(unsigned char *in, unsigned int len,
const WOLFSSL_EC_GROUP *curve, WOLFSSL_EC_POINT *p);
WOLFSSL_API
int wolfSSL_EC_KEY_LoadDer(WOLFSSL_EC_KEY* key,
const unsigned char* der, int derSz);
WOLFSSL_API
int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key,
const unsigned char* der, int derSz, int opt);
WOLFSSL_API
void wolfSSL_EC_KEY_free(WOLFSSL_EC_KEY *key);
WOLFSSL_API
WOLFSSL_EC_POINT *wolfSSL_EC_KEY_get0_public_key(const WOLFSSL_EC_KEY *key);
WOLFSSL_API
const WOLFSSL_EC_GROUP *wolfSSL_EC_KEY_get0_group(const WOLFSSL_EC_KEY *key);
WOLFSSL_API
int wolfSSL_EC_KEY_set_private_key(WOLFSSL_EC_KEY *key,
const WOLFSSL_BIGNUM *priv_key);
WOLFSSL_API
WOLFSSL_BIGNUM *wolfSSL_EC_KEY_get0_private_key(const WOLFSSL_EC_KEY *key);
WOLFSSL_API
WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_by_curve_name(int nid);
WOLFSSL_API const char* wolfSSL_EC_curve_nid2nist(int nid);
WOLFSSL_API
WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void);
WOLFSSL_API
int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group);
WOLFSSL_API
int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key);
WOLFSSL_API
void wolfSSL_EC_KEY_set_asn1_flag(WOLFSSL_EC_KEY *key, int asn1_flag);
WOLFSSL_API
int wolfSSL_EC_KEY_set_public_key(WOLFSSL_EC_KEY *key,
const WOLFSSL_EC_POINT *pub);
WOLFSSL_API
void wolfSSL_EC_GROUP_set_asn1_flag(WOLFSSL_EC_GROUP *group, int flag);
WOLFSSL_API
WOLFSSL_EC_GROUP *wolfSSL_EC_GROUP_new_by_curve_name(int nid);
WOLFSSL_API
int wolfSSL_EC_GROUP_cmp(const WOLFSSL_EC_GROUP *a, const WOLFSSL_EC_GROUP *b,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
int wolfSSL_EC_GROUP_get_curve_name(const WOLFSSL_EC_GROUP *group);
WOLFSSL_API
int wolfSSL_EC_GROUP_get_degree(const WOLFSSL_EC_GROUP *group);
WOLFSSL_API
int wolfSSL_EC_GROUP_get_order(const WOLFSSL_EC_GROUP *group,
WOLFSSL_BIGNUM *order, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
void wolfSSL_EC_GROUP_free(WOLFSSL_EC_GROUP *group);
WOLFSSL_API
WOLFSSL_EC_POINT *wolfSSL_EC_POINT_new(const WOLFSSL_EC_GROUP *group);
WOLFSSL_API
int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *p,
WOLFSSL_BIGNUM *x,
WOLFSSL_BIGNUM *y,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
const WOLFSSL_BIGNUM *n,
const WOLFSSL_EC_POINT *q, const WOLFSSL_BIGNUM *m,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
void wolfSSL_EC_POINT_clear_free(WOLFSSL_EC_POINT *point);
WOLFSSL_API
int wolfSSL_EC_POINT_cmp(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *a, const WOLFSSL_EC_POINT *b,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API
void wolfSSL_EC_POINT_free(WOLFSSL_EC_POINT *point);
WOLFSSL_API
int wolfSSL_EC_POINT_is_at_infinity(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *a);
#ifndef HAVE_SELFTEST
WOLFSSL_API
char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
const WOLFSSL_EC_POINT* point, int form,
WOLFSSL_BN_CTX* ctx);
#endif
#define EC_KEY_new wolfSSL_EC_KEY_new
#define EC_KEY_free wolfSSL_EC_KEY_free
#define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key
#define EC_KEY_get0_group wolfSSL_EC_KEY_get0_group
#define EC_KEY_set_private_key wolfSSL_EC_KEY_set_private_key
#define EC_KEY_get0_private_key wolfSSL_EC_KEY_get0_private_key
#define EC_KEY_new_by_curve_name wolfSSL_EC_KEY_new_by_curve_name
#define EC_KEY_set_group wolfSSL_EC_KEY_set_group
#define EC_KEY_generate_key wolfSSL_EC_KEY_generate_key
#define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag
#define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key
#define EC_GROUP_free wolfSSL_EC_GROUP_free
#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
#define EC_GROUP_new_by_curve_name wolfSSL_EC_GROUP_new_by_curve_name
#define EC_GROUP_cmp wolfSSL_EC_GROUP_cmp
#define EC_GROUP_get_curve_name wolfSSL_EC_GROUP_get_curve_name
#define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree
#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
#define EC_POINT_new wolfSSL_EC_POINT_new
#define EC_POINT_free wolfSSL_EC_POINT_free
#define EC_POINT_get_affine_coordinates_GFp \
wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_mul wolfSSL_EC_POINT_mul
#define EC_POINT_clear_free wolfSSL_EC_POINT_clear_free
#define EC_POINT_cmp wolfSSL_EC_POINT_cmp
#define EC_POINT_is_at_infinity wolfSSL_EC_POINT_is_at_infinity
#ifndef HAVE_SELFTEST
#define EC_POINT_point2hex wolfSSL_EC_POINT_point2hex
#endif
#define EC_POINT_dump wolfSSL_EC_POINT_dump
#define EC_curve_nid2nist wolfSSL_EC_curve_nid2nist
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */

View File

@ -0,0 +1,44 @@
/* ec25519.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* ec25519.h */
#ifndef WOLFSSL_EC25519_H_
#define WOLFSSL_EC25519_H_
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API
int wolfSSL_EC25519_generate_key(unsigned char *priv, unsigned int *privSz,
unsigned char *pub, unsigned int *pubSz);
WOLFSSL_API
int wolfSSL_EC25519_shared_key(unsigned char *shared, unsigned int *sharedSz,
const unsigned char *priv, unsigned int privSz,
const unsigned char *pub, unsigned int pubSz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */

View File

@ -0,0 +1,49 @@
/* ecdh.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* ecdh.h for openssl */
#ifndef WOLFSSL_ECDH_H_
#define WOLFSSL_ECDH_H_
#include <libwolfssl/openssl/ssl.h>
#include <libwolfssl/openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API int wolfSSL_ECDH_compute_key(void *out, size_t outlen,
const WOLFSSL_EC_POINT *pub_key,
WOLFSSL_EC_KEY *ecdh,
void *(*KDF) (const void *in,
size_t inlen,
void *out,
size_t *outlen));
#define ECDH_compute_key wolfSSL_ECDH_compute_key
#ifdef __cplusplus
} /* extern C */
#endif
#endif /* header */

View File

@ -0,0 +1,74 @@
/* ecdsa.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* ecdsa.h for openssl */
#ifndef WOLFSSL_ECDSA_H_
#define WOLFSSL_ECDSA_H_
#include <libwolfssl/openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifndef WOLFSSL_ECDSA_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_ECDSA_SIG WOLFSSL_ECDSA_SIG;
#define WOLFSSL_ECDSA_TYPE_DEFINED
#endif
typedef WOLFSSL_ECDSA_SIG ECDSA_SIG;
struct WOLFSSL_ECDSA_SIG {
WOLFSSL_BIGNUM *r;
WOLFSSL_BIGNUM *s;
};
WOLFSSL_API void wolfSSL_ECDSA_SIG_free(WOLFSSL_ECDSA_SIG *sig);
WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_SIG_new(void);
WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *dgst,
int dgst_len,
WOLFSSL_EC_KEY *eckey);
WOLFSSL_API int wolfSSL_ECDSA_do_verify(const unsigned char *dgst,
int dgst_len,
const WOLFSSL_ECDSA_SIG *sig,
WOLFSSL_EC_KEY *eckey);
WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_d2i_ECDSA_SIG(WOLFSSL_ECDSA_SIG **sig,
const unsigned char **pp,
long len);
WOLFSSL_API int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig,
unsigned char **pp);
#define ECDSA_SIG_free wolfSSL_ECDSA_SIG_free
#define ECDSA_SIG_new wolfSSL_ECDSA_SIG_new
#define ECDSA_do_sign wolfSSL_ECDSA_do_sign
#define ECDSA_do_verify wolfSSL_ECDSA_do_verify
#define d2i_ECDSA_SIG wolfSSL_d2i_ECDSA_SIG
#define i2d_ECDSA_SIG wolfSSL_i2d_ECDSA_SIG
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */

View File

@ -0,0 +1,47 @@
/* ed25519.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* ed25519.h */
#ifndef WOLFSSL_ED25519_H_
#define WOLFSSL_ED25519_H_
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API
int wolfSSL_ED25519_generate_key(unsigned char *priv, unsigned int *privSz,
unsigned char *pub, unsigned int *pubSz);
WOLFSSL_API
int wolfSSL_ED25519_sign(const unsigned char *msg, unsigned int msgSz,
const unsigned char *priv, unsigned int privSz,
unsigned char *sig, unsigned int *sigSz);
WOLFSSL_API
int wolfSSL_ED25519_verify(const unsigned char *msg, unsigned int msgSz,
const unsigned char *pub, unsigned int pubSz,
const unsigned char *sig, unsigned int sigSz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */

View File

@ -0,0 +1,8 @@
/* engine.h for libcurl */
#include <libwolfssl/openssl/err.h>
#undef HAVE_OPENSSL_ENGINE_H
#define ENGINE_load_builtin_engines() /*ENGINE_load_builtin_engines not needed*/

View File

@ -0,0 +1,32 @@
/* err.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_OPENSSL_ERR_
#define WOLFSSL_OPENSSL_ERR_
#include <libwolfssl/openssl/ssl.h>
/* err.h for openssl */
#define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings
#define ERR_peek_last_error wolfSSL_ERR_peek_last_error
#endif /* WOLFSSL_OPENSSL_ERR_ */

View File

@ -0,0 +1,728 @@
/* evp.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/openssl/evp.h
\brief evp.h defines mini evp openssl compatibility layer
*/
#ifndef WOLFSSL_EVP_H_
#define WOLFSSL_EVP_H_
#include <libwolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_evp.h"
#endif
#ifndef NO_MD4
#include <libwolfssl/openssl/md4.h>
#endif
#ifndef NO_MD5
#include <libwolfssl/openssl/md5.h>
#endif
#include <libwolfssl/openssl/sha.h>
#include <libwolfssl/openssl/ripemd.h>
#include <libwolfssl/openssl/rsa.h>
#include <libwolfssl/openssl/dsa.h>
#include <libwolfssl/openssl/ec.h>
#include <libwolfssl/wolfcrypt/aes.h>
#include <libwolfssl/wolfcrypt/des3.h>
#include <libwolfssl/wolfcrypt/arc4.h>
#include <libwolfssl/wolfcrypt/hmac.h>
#ifdef HAVE_IDEA
#include <libwolfssl/wolfcrypt/idea.h>
#endif
#include <libwolfssl/wolfcrypt/pwdbased.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef char WOLFSSL_EVP_CIPHER;
#ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */
typedef char WOLFSSL_EVP_MD;
typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY;
#define WOLFSSL_EVP_TYPE_DEFINED
#endif
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
#ifndef NO_MD4
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void);
#endif
#ifndef NO_MD5
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void);
#endif
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void);
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void);
#endif
#if !defined(NO_AES) && defined(HAVE_AESGCM)
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_gcm(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_gcm(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_gcm(void);
#endif
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_idea_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void);
typedef union {
#ifndef NO_MD4
WOLFSSL_MD4_CTX md4;
#endif
#ifndef NO_MD5
WOLFSSL_MD5_CTX md5;
#endif
WOLFSSL_SHA_CTX sha;
#ifdef WOLFSSL_SHA224
WOLFSSL_SHA224_CTX sha224;
#endif
WOLFSSL_SHA256_CTX sha256;
#ifdef WOLFSSL_SHA384
WOLFSSL_SHA384_CTX sha384;
#endif
#ifdef WOLFSSL_SHA512
WOLFSSL_SHA512_CTX sha512;
#endif
#ifdef WOLFSSL_RIPEMD
WOLFSSL_RIPEMD_CTX ripemd;
#endif
} WOLFSSL_Hasher;
typedef struct WOLFSSL_EVP_PKEY_CTX WOLFSSL_EVP_PKEY_CTX;
typedef struct WOLFSSL_EVP_MD_CTX {
union {
WOLFSSL_Hasher digest;
Hmac hmac;
} hash;
unsigned char macType;
WOLFSSL_EVP_PKEY_CTX *pctx;
} WOLFSSL_EVP_MD_CTX;
typedef union {
#ifndef NO_AES
Aes aes;
#endif
#ifndef NO_DES3
Des des;
Des3 des3;
#endif
Arc4 arc4;
#ifdef HAVE_IDEA
Idea idea;
#endif
} WOLFSSL_Cipher;
enum {
AES_128_CBC_TYPE = 1,
AES_192_CBC_TYPE = 2,
AES_256_CBC_TYPE = 3,
AES_128_CTR_TYPE = 4,
AES_192_CTR_TYPE = 5,
AES_256_CTR_TYPE = 6,
AES_128_ECB_TYPE = 7,
AES_192_ECB_TYPE = 8,
AES_256_ECB_TYPE = 9,
DES_CBC_TYPE = 10,
DES_ECB_TYPE = 11,
DES_EDE3_CBC_TYPE = 12,
DES_EDE3_ECB_TYPE = 13,
ARC4_TYPE = 14,
NULL_CIPHER_TYPE = 15,
EVP_PKEY_RSA = 16,
EVP_PKEY_DSA = 17,
EVP_PKEY_EC = 18,
#ifdef HAVE_IDEA
IDEA_CBC_TYPE = 19,
#endif
AES_128_GCM_TYPE = 21,
AES_192_GCM_TYPE = 22,
AES_256_GCM_TYPE = 23,
NID_sha1 = 64,
NID_sha224 = 65,
NID_md2 = 77,
NID_md5 = 4,
NID_hmac = 855,
NID_dhKeyAgreement= 28,
EVP_PKEY_DH = NID_dhKeyAgreement,
EVP_PKEY_HMAC = NID_hmac
};
enum {
NID_md5WithRSA = 104,
NID_md5WithRSAEncryption = 8,
NID_dsaWithSHA1 = 113,
NID_dsaWithSHA1_2 = 70,
NID_sha1WithRSA = 115,
NID_sha1WithRSAEncryption = 65,
NID_sha224WithRSAEncryption = 671,
NID_sha256WithRSAEncryption = 668,
NID_sha384WithRSAEncryption = 669,
NID_sha512WithRSAEncryption = 670,
NID_ecdsa_with_SHA1 = 416,
NID_ecdsa_with_SHA224 = 793,
NID_ecdsa_with_SHA256 = 794,
NID_ecdsa_with_SHA384 = 795,
NID_ecdsa_with_SHA512 = 796,
NID_dsa_with_SHA224 = 802,
NID_dsa_with_SHA256 = 803,
};
enum {
NID_aes_128_cbc = 419,
NID_aes_192_cbc = 423,
NID_aes_256_cbc = 427,
NID_aes_128_gcm = 895,
NID_aes_192_gcm = 898,
NID_aes_256_gcm = 901,
NID_aes_128_ctr = 904,
NID_aes_192_ctr = 905,
NID_aes_256_ctr = 906,
NID_aes_128_ecb = 418,
NID_aes_192_ecb = 422,
NID_aes_256_ecb = 426,
NID_des_cbc = 31,
NID_des_ecb = 29,
NID_des_ede3_cbc= 44,
NID_des_ede3_ecb= 33,
NID_idea_cbc = 34,
};
#define WOLFSSL_EVP_BUF_SIZE 16
typedef struct WOLFSSL_EVP_CIPHER_CTX {
int keyLen; /* user may set for variable */
int block_size;
unsigned long flags;
unsigned char enc; /* if encrypt side, then true */
unsigned char cipherType;
#ifndef NO_AES
/* working iv pointer into cipher */
ALIGN16 unsigned char iv[AES_BLOCK_SIZE];
#elif !defined(NO_DES3)
/* working iv pointer into cipher */
ALIGN16 unsigned char iv[DES_BLOCK_SIZE];
#endif
WOLFSSL_Cipher cipher;
ALIGN16 byte buf[WOLFSSL_EVP_BUF_SIZE];
int bufUsed;
ALIGN16 byte lastBlock[WOLFSSL_EVP_BUF_SIZE];
int lastUsed;
#if defined(HAVE_AESGCM)
int ivSz;
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];
int authTagSz;
#endif
} WOLFSSL_EVP_CIPHER_CTX;
struct WOLFSSL_EVP_PKEY_CTX {
WOLFSSL_EVP_PKEY *pkey;
int op; /* operation */
int padding;
int nbits;
};
typedef int WOLFSSL_ENGINE ;
typedef WOLFSSL_ENGINE ENGINE;
typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX;
#define EVP_PKEY_OP_SIGN (1 << 3)
#define EVP_PKEY_OP_ENCRYPT (1 << 6)
#define EVP_PKEY_OP_DECRYPT (1 << 7)
WOLFSSL_API void wolfSSL_EVP_init(void);
WOLFSSL_API int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* md);
WOLFSSL_API int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md);
WOLFSSL_API int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD *md);
WOLFSSL_API WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new (void);
WOLFSSL_API void wolfSSL_EVP_MD_CTX_free(WOLFSSL_EVP_MD_CTX* ctx);
WOLFSSL_API void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_MD_CTX_cleanup(WOLFSSL_EVP_MD_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_MD_CTX_copy(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in);
WOLFSSL_API int wolfSSL_EVP_MD_CTX_copy_ex(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in);
WOLFSSL_API int wolfSSL_EVP_MD_CTX_type(const WOLFSSL_EVP_MD_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_MD_CTX_size(const WOLFSSL_EVP_MD_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_MD_CTX_block_size(const WOLFSSL_EVP_MD_CTX *ctx);
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_MD_CTX_md(const WOLFSSL_EVP_MD_CTX *ctx);
WOLFSSL_API const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name);
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_get_digestbyname(const char *name);
WOLFSSL_API int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
WOLFSSL_API int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data,
size_t sz);
WOLFSSL_API int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
unsigned int* s);
WOLFSSL_API int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx,
unsigned char* md, unsigned int* s);
WOLFSSL_API int wolfSSL_EVP_DigestSignInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx,
const void *d, unsigned int cnt);
WOLFSSL_API int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx,
unsigned char *sig, size_t *siglen);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx,
const void *d, size_t cnt);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
const unsigned char *sig,
size_t siglen);
WOLFSSL_API int wolfSSL_EVP_Digest(unsigned char* in, int inSz, unsigned char* out,
unsigned int* outSz, const WOLFSSL_EVP_MD* evp,
WOLFSSL_ENGINE* eng);
WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER*,
const WOLFSSL_EVP_MD*, const unsigned char*,
const unsigned char*, int, int, unsigned char*,
unsigned char*);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_ctrl(WOLFSSL_EVP_CIPHER_CTX *ctx, \
int type, int arg, void *ptr);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX*);
WOLFSSL_API int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER*);
WOLFSSL_API int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c);
WOLFSSL_API int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv,
int enc);
WOLFSSL_API int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv,
int enc);
WOLFSSL_API int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl,
const unsigned char *in, int inl);
WOLFSSL_API int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl);
WOLFSSL_API int wolfSSL_EVP_CipherFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl, int enc);
WOLFSSL_API int wolfSSL_EVP_EncryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl);
WOLFSSL_API int wolfSSL_EVP_EncryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl);
WOLFSSL_API int wolfSSL_EVP_DecryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl);
WOLFSSL_API int wolfSSL_EVP_DecryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl);
WOLFSSL_API int wolfSSL_EVP_DecryptFinal_legacy(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl);
WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_free(WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
int keylen);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_iv_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
int ivLen);
WOLFSSL_API int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx,
unsigned char* dst, unsigned char* src,
unsigned int len);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_get_cipherbynid(int);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_RSA(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_RSA* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_EC_KEY* key);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key);
WOLFSSL_API int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *key);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, ENGINE* e,
const unsigned char* key, int keylen);
WOLFSSL_API const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
size_t* len);
WOLFSSL_API int wolfSSL_EVP_PKEY_sign_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen);
WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx,
WOLFSSL_EVP_PKEY **ppkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding);
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(WOLFSSL_EVP_PKEY_CTX *ctx, int bits);
WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b);
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type);
WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len);
WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
unsigned char* sig, unsigned int sig_len, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_VerifyInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type);
WOLFSSL_API int wolfSSL_EVP_VerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len);
/* these next ones don't need real OpenSSL type, for OpenSSH compat only */
WOLFSSL_API void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API void wolfSSL_3des_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
unsigned char* iv, int len);
WOLFSSL_API void wolfSSL_aes_ctr_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
unsigned char* iv, int len);
WOLFSSL_API int wolfSSL_StoreExternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_SetInternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad);
WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest);
WOLFSSL_API int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API void wolfSSL_EVP_cleanup(void);
WOLFSSL_API int wolfSSL_add_all_algorithms(void);
WOLFSSL_API int wolfSSL_OpenSSL_add_all_algorithms_noconf(void);
WOLFSSL_API int wolfSSL_EVP_read_pw_string(char*, int, const char*, int);
WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char * pass, int passlen,
const unsigned char * salt,
int saltlen, int iter,
int keylen, unsigned char *out);
WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
const unsigned char *salt,
int saltlen, int iter,
const WOLFSSL_EVP_MD *digest,
int keylen, unsigned char *out);
#define EVP_CIPH_STREAM_CIPHER WOLFSSL_EVP_CIPH_STREAM_CIPHER
#define EVP_CIPH_ECB_MODE WOLFSSL_EVP_CIPH_ECB_MODE
#define EVP_CIPH_CBC_MODE WOLFSSL_EVP_CIPH_CBC_MODE
#define EVP_CIPH_CFB_MODE WOLFSSL_EVP_CIPH_CFB_MODE
#define EVP_CIPH_OFB_MODE WOLFSSL_EVP_CIPH_OFB_MODE
#define EVP_CIPH_CTR_MODE WOLFSSL_EVP_CIPH_CTR_MODE
#define EVP_CIPH_GCM_MODE WOLFSSL_EVP_CIPH_GCM_MODE
#define EVP_CIPH_CCM_MODE WOLFSSL_EVP_CIPH_CCM_MODE
#define WOLFSSL_EVP_CIPH_MODE 0x0007
#define WOLFSSL_EVP_CIPH_STREAM_CIPHER 0x0
#define WOLFSSL_EVP_CIPH_ECB_MODE 0x1
#define WOLFSSL_EVP_CIPH_CBC_MODE 0x2
#define WOLFSSL_EVP_CIPH_CFB_MODE 0x3
#define WOLFSSL_EVP_CIPH_OFB_MODE 0x4
#define WOLFSSL_EVP_CIPH_CTR_MODE 0x5
#define WOLFSSL_EVP_CIPH_GCM_MODE 0x6
#define WOLFSSL_EVP_CIPH_CCM_MODE 0x7
#define WOLFSSL_EVP_CIPH_NO_PADDING 0x100
#define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff
/* end OpenSSH compat */
typedef WOLFSSL_EVP_MD EVP_MD;
typedef WOLFSSL_EVP_CIPHER EVP_CIPHER;
typedef WOLFSSL_EVP_MD_CTX EVP_MD_CTX;
typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#ifndef NO_MD4
#define EVP_md4 wolfSSL_EVP_md4
#endif
#ifndef NO_MD5
#define EVP_md5 wolfSSL_EVP_md5
#endif
#define EVP_sha1 wolfSSL_EVP_sha1
#define EVP_dds1 wolfSSL_EVP_sha1
#define EVP_sha224 wolfSSL_EVP_sha224
#define EVP_sha256 wolfSSL_EVP_sha256
#define EVP_sha384 wolfSSL_EVP_sha384
#define EVP_sha512 wolfSSL_EVP_sha512
#define EVP_ripemd160 wolfSSL_EVP_ripemd160
#define EVP_aes_128_cbc wolfSSL_EVP_aes_128_cbc
#define EVP_aes_192_cbc wolfSSL_EVP_aes_192_cbc
#define EVP_aes_256_cbc wolfSSL_EVP_aes_256_cbc
#define EVP_aes_128_gcm wolfSSL_EVP_aes_128_gcm
#define EVP_aes_192_gcm wolfSSL_EVP_aes_192_gcm
#define EVP_aes_256_gcm wolfSSL_EVP_aes_256_gcm
#define EVP_aes_128_ecb wolfSSL_EVP_aes_128_ecb
#define EVP_aes_192_ecb wolfSSL_EVP_aes_192_ecb
#define EVP_aes_256_ecb wolfSSL_EVP_aes_256_ecb
#define EVP_aes_128_ctr wolfSSL_EVP_aes_128_ctr
#define EVP_aes_192_ctr wolfSSL_EVP_aes_192_ctr
#define EVP_aes_256_ctr wolfSSL_EVP_aes_256_ctr
#define EVP_des_cbc wolfSSL_EVP_des_cbc
#define EVP_des_ecb wolfSSL_EVP_des_ecb
#define EVP_des_ede3_cbc wolfSSL_EVP_des_ede3_cbc
#define EVP_des_ede3_ecb wolfSSL_EVP_des_ede3_ecb
#define EVP_rc4 wolfSSL_EVP_rc4
#define EVP_idea_cbc wolfSSL_EVP_idea_cbc
#define EVP_enc_null wolfSSL_EVP_enc_null
#define EVP_MD_size wolfSSL_EVP_MD_size
#define EVP_MD_CTX_new wolfSSL_EVP_MD_CTX_new
#define EVP_MD_CTX_create wolfSSL_EVP_MD_CTX_new
#define EVP_MD_CTX_free wolfSSL_EVP_MD_CTX_free
#define EVP_MD_CTX_destroy wolfSSL_EVP_MD_CTX_free
#define EVP_MD_CTX_init wolfSSL_EVP_MD_CTX_init
#define EVP_MD_CTX_cleanup wolfSSL_EVP_MD_CTX_cleanup
#define EVP_MD_CTX_md wolfSSL_EVP_MD_CTX_md
#define EVP_MD_CTX_type wolfSSL_EVP_MD_CTX_type
#define EVP_MD_CTX_size wolfSSL_EVP_MD_CTX_size
#define EVP_MD_CTX_block_size wolfSSL_EVP_MD_CTX_block_size
#define EVP_MD_type wolfSSL_EVP_MD_type
#define EVP_Digest wolfSSL_EVP_Digest
#define EVP_DigestInit wolfSSL_EVP_DigestInit
#define EVP_DigestInit_ex wolfSSL_EVP_DigestInit_ex
#define EVP_DigestUpdate wolfSSL_EVP_DigestUpdate
#define EVP_DigestFinal wolfSSL_EVP_DigestFinal
#define EVP_DigestFinal_ex wolfSSL_EVP_DigestFinal_ex
#define EVP_DigestSignInit wolfSSL_EVP_DigestSignInit
#define EVP_DigestSignUpdate wolfSSL_EVP_DigestSignUpdate
#define EVP_DigestSignFinal wolfSSL_EVP_DigestSignFinal
#define EVP_DigestVerifyInit wolfSSL_EVP_DigestVerifyInit
#define EVP_DigestVerifyUpdate wolfSSL_EVP_DigestVerifyUpdate
#define EVP_DigestVerifyFinal wolfSSL_EVP_DigestVerifyFinal
#define EVP_BytesToKey wolfSSL_EVP_BytesToKey
#define EVP_get_cipherbyname wolfSSL_EVP_get_cipherbyname
#define EVP_get_digestbyname wolfSSL_EVP_get_digestbyname
#define EVP_CIPHER_CTX_init wolfSSL_EVP_CIPHER_CTX_init
#define EVP_CIPHER_CTX_cleanup wolfSSL_EVP_CIPHER_CTX_cleanup
#define EVP_CIPHER_CTX_iv_length wolfSSL_EVP_CIPHER_CTX_iv_length
#define EVP_CIPHER_CTX_key_length wolfSSL_EVP_CIPHER_CTX_key_length
#define EVP_CIPHER_CTX_set_key_length wolfSSL_EVP_CIPHER_CTX_set_key_length
#define EVP_CIPHER_CTX_mode wolfSSL_EVP_CIPHER_CTX_mode
#define EVP_CIPHER_iv_length wolfSSL_EVP_CIPHER_iv_length
#define EVP_CIPHER_key_length wolfSSL_EVP_Cipher_key_length
#define EVP_CipherInit wolfSSL_EVP_CipherInit
#define EVP_CipherInit_ex wolfSSL_EVP_CipherInit_ex
#define EVP_EncryptInit wolfSSL_EVP_EncryptInit
#define EVP_EncryptInit_ex wolfSSL_EVP_EncryptInit_ex
#define EVP_DecryptInit wolfSSL_EVP_DecryptInit
#define EVP_DecryptInit_ex wolfSSL_EVP_DecryptInit_ex
#define EVP_Cipher wolfSSL_EVP_Cipher
#define EVP_CipherUpdate wolfSSL_EVP_CipherUpdate
#define EVP_EncryptUpdate wolfSSL_EVP_CipherUpdate
#define EVP_DecryptUpdate wolfSSL_EVP_CipherUpdate
#define EVP_CipherFinal wolfSSL_EVP_CipherFinal
#define EVP_CipherFinal_ex wolfSSL_EVP_CipherFinal
#define EVP_EncryptFinal wolfSSL_EVP_CipherFinal
#define EVP_EncryptFinal_ex wolfSSL_EVP_CipherFinal
#define EVP_DecryptFinal wolfSSL_EVP_CipherFinal
#define EVP_DecryptFinal_ex wolfSSL_EVP_CipherFinal
#define EVP_CIPHER_CTX_free wolfSSL_EVP_CIPHER_CTX_free
#define EVP_CIPHER_CTX_new wolfSSL_EVP_CIPHER_CTX_new
#define EVP_get_cipherbynid wolfSSL_EVP_get_cipherbynid
#define EVP_get_digestbynid wolfSSL_EVP_get_digestbynid
#define EVP_get_cipherbyname wolfSSL_EVP_get_cipherbyname
#define EVP_get_digestbyname wolfSSL_EVP_get_digestbyname
#define EVP_PKEY_assign_RSA wolfSSL_EVP_PKEY_assign_RSA
#define EVP_PKEY_assign_EC_KEY wolfSSL_EVP_PKEY_assign_EC_KEY
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
#define EVP_PKEY_get1_RSA wolfSSL_EVP_PKEY_get1_RSA
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
#define EVP_PKEY_set1_RSA wolfSSL_EVP_PKEY_set1_RSA
#define EVP_PKEY_get1_EC_KEY wolfSSL_EVP_PKEY_get1_EC_KEY
#define EVP_PKEY_get0_hmac wolfSSL_EVP_PKEY_get0_hmac
#define EVP_PKEY_new_mac_key wolfSSL_EVP_PKEY_new_mac_key
#define EVP_MD_CTX_copy wolfSSL_EVP_MD_CTX_copy
#define EVP_MD_CTX_copy_ex wolfSSL_EVP_MD_CTX_copy_ex
#define EVP_PKEY_sign_init wolfSSL_EVP_PKEY_sign_init
#define EVP_PKEY_sign wolfSSL_EVP_PKEY_sign
#define EVP_PKEY_keygen wolfSSL_EVP_PKEY_keygen
#define EVP_PKEY_keygen_init wolfSSL_EVP_PKEY_keygen_init
#define EVP_PKEY_bits wolfSSL_EVP_PKEY_bits
#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free
#define EVP_PKEY_CTX_new wolfSSL_EVP_PKEY_CTX_new
#define EVP_PKEY_CTX_set_rsa_padding wolfSSL_EVP_PKEY_CTX_set_rsa_padding
#define EVP_PKEY_CTX_new_id wolfSSL_EVP_PKEY_CTX_new_id
#define EVP_PKEY_CTX_set_rsa_keygen_bits wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits
#define EVP_PKEY_decrypt wolfSSL_EVP_PKEY_decrypt
#define EVP_PKEY_decrypt_init wolfSSL_EVP_PKEY_decrypt_init
#define EVP_PKEY_encrypt wolfSSL_EVP_PKEY_encrypt
#define EVP_PKEY_encrypt_init wolfSSL_EVP_PKEY_encrypt_init
#define EVP_PKEY_new wolfSSL_PKEY_new
#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
#define EVP_PKEY_up_ref wolfSSL_EVP_PKEY_up_ref
#define EVP_PKEY_size wolfSSL_EVP_PKEY_size
#define EVP_PKEY_missing_parameters wolfSSL_EVP_PKEY_missing_parameters
#define EVP_PKEY_cmp wolfSSL_EVP_PKEY_cmp
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id
#define EVP_PKEY_id wolfSSL_EVP_PKEY_id
#define EVP_SignFinal wolfSSL_EVP_SignFinal
#define EVP_SignInit wolfSSL_EVP_SignInit
#define EVP_SignInit_ex wolfSSL_EVP_SignInit_ex
#define EVP_SignUpdate wolfSSL_EVP_SignUpdate
#define EVP_VerifyFinal wolfSSL_EVP_VerifyFinal
#define EVP_VerifyInit wolfSSL_EVP_VerifyInit
#define EVP_VerifyUpdate wolfSSL_EVP_VerifyUpdate
#define EVP_CIPHER_CTX_ctrl wolfSSL_EVP_CIPHER_CTX_ctrl
#define EVP_CIPHER_CTX_block_size wolfSSL_EVP_CIPHER_CTX_block_size
#define EVP_CIPHER_block_size wolfSSL_EVP_CIPHER_block_size
#define EVP_CIPHER_flags wolfSSL_EVP_CIPHER_flags
#define EVP_CIPHER_CTX_set_flags wolfSSL_EVP_CIPHER_CTX_set_flags
#define EVP_CIPHER_CTX_clear_flags wolfSSL_EVP_CIPHER_CTX_clear_flags
#define EVP_CIPHER_CTX_set_padding wolfSSL_EVP_CIPHER_CTX_set_padding
#define EVP_CIPHER_CTX_flags wolfSSL_EVP_CIPHER_CTX_flags
#define EVP_add_digest wolfSSL_EVP_add_digest
#define EVP_add_cipher wolfSSL_EVP_add_cipher
#define EVP_cleanup wolfSSL_EVP_cleanup
#define EVP_read_pw_string wolfSSL_EVP_read_pw_string
#define OpenSSL_add_all_digests() wolfSSL_EVP_init()
#define OpenSSL_add_all_ciphers() wolfSSL_EVP_init()
#define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms
#define OpenSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf
#define wolfSSL_OPENSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf
#define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1
#define PKCS5_PBKDF2_HMAC wolfSSL_PKCS5_PBKDF2_HMAC
/* OpenSSL compat. ctrl values */
#define EVP_CTRL_INIT 0x0
#define EVP_CTRL_SET_KEY_LENGTH 0x1
#define EVP_CTRL_SET_RC2_KEY_BITS 0x3 /* needed for qt compilation */
#define EVP_CTRL_AEAD_SET_IVLEN 0x9
#define EVP_CTRL_AEAD_GET_TAG 0x10
#define EVP_CTRL_AEAD_SET_TAG 0x11
#define EVP_CTRL_AEAD_SET_IV_FIXED 0x12
#define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
#define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
#define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
#ifndef EVP_MAX_MD_SIZE
#define EVP_MAX_MD_SIZE 64 /* sha512 */
#endif
#ifndef EVP_MAX_BLOCK_LENGTH
#define EVP_MAX_BLOCK_LENGTH 32 /* 2 * blocklen(AES)? */
/* They define this as 32. Using the same value here. */
#endif
#ifndef EVP_MAX_IV_LENGTH
#define EVP_MAX_IV_LENGTH 16
#endif
WOLFSSL_API void printPKEY(WOLFSSL_EVP_PKEY *k);
#ifdef __cplusplus
} /* extern "C" */
#endif
#include <libwolfssl/openssl/objects.h>
#endif /* WOLFSSL_EVP_H_ */

View File

@ -0,0 +1,93 @@
/* hmac.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* hmac.h defines mini hamc openssl compatibility layer
*
*/
#ifndef WOLFSSL_HMAC_H_
#define WOLFSSL_HMAC_H_
#include <libwolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_hmac.h"
#endif
#include <libwolfssl/openssl/evp.h>
#include <libwolfssl/openssl/opensslv.h>
#include <libwolfssl/wolfcrypt/hmac.h>
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md,
const void* key, int key_len,
const unsigned char* d, int n, unsigned char* md,
unsigned int* md_len);
typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac;
int type;
word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
} WOLFSSL_HMAC_CTX;
WOLFSSL_API int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx);
WOLFSSL_API int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des,
WOLFSSL_HMAC_CTX* src);
WOLFSSL_LOCAL int wolfSSL_HmacCopy(Hmac* des, Hmac* src);
WOLFSSL_API int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key,
int keylen, const EVP_MD* type);
WOLFSSL_API int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key,
int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e);
WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,
const unsigned char* data, int len);
WOLFSSL_API int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
unsigned int* len);
WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx);
typedef struct WOLFSSL_HMAC_CTX HMAC_CTX;
#define HMAC(a,b,c,d,e,f,g) wolfSSL_HMAC((a),(b),(c),(d),(e),(f),(g))
#define HMAC_CTX_init wolfSSL_HMAC_CTX_Init
#define HMAC_CTX_copy wolfSSL_HMAC_CTX_copy
#define HMAC_Init_ex wolfSSL_HMAC_Init_ex
#define HMAC_Init wolfSSL_HMAC_Init
#define HMAC_Update wolfSSL_HMAC_Update
#define HMAC_Final wolfSSL_HMAC_Final
#define HMAC_cleanup wolfSSL_HMAC_cleanup
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_HMAC_H_ */

View File

@ -0,0 +1,2 @@
/* lhash.h for openSSL */

View File

@ -0,0 +1,62 @@
/* md4.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_MD4_H_
#define WOLFSSL_MD4_H_
#include <libwolfssl/wolfcrypt/settings.h>
#ifndef NO_MD4
#ifdef WOLFSSL_PREFIX
#include "prefix_md4.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
typedef struct WOLFSSL_MD4_CTX {
int buffer[32]; /* big enough to hold, check size in Init */
} WOLFSSL_MD4_CTX;
WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX*);
WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX*, const void*, unsigned long);
WOLFSSL_API void wolfSSL_MD4_Final(unsigned char*, WOLFSSL_MD4_CTX*);
typedef WOLFSSL_MD4_CTX MD4_CTX;
#define MD4_Init wolfSSL_MD4_Init
#define MD4_Update wolfSSL_MD4_Update
#define MD4_Final wolfSSL_MD4_Final
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_MD4 */
#endif /* WOLFSSL_MD4_H_ */

View File

@ -0,0 +1,81 @@
/* md5.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* md5.h for openssl */
#ifndef WOLFSSL_MD5_H_
#define WOLFSSL_MD5_H_
#include <libwolfssl/wolfcrypt/settings.h>
#ifndef NO_MD5
#include <libwolfssl/wolfcrypt/hash.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_md5.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
typedef struct WOLFSSL_MD5_CTX {
/* big enough to hold wolfcrypt md5, but check on init */
#ifdef STM32_HASH
void* holder[(112 + WC_ASYNC_DEV_SIZE + sizeof(STM32_HASH_Context)) / sizeof(void*)];
#else
void* holder[(112 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
#endif
} WOLFSSL_MD5_CTX;
WOLFSSL_API int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX*);
WOLFSSL_API int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX*, const void*, unsigned long);
WOLFSSL_API int wolfSSL_MD5_Final(unsigned char*, WOLFSSL_MD5_CTX*);
typedef WOLFSSL_MD5_CTX MD5_CTX;
#define MD5_Init wolfSSL_MD5_Init
#define MD5_Update wolfSSL_MD5_Update
#define MD5_Final wolfSSL_MD5_Final
#ifdef OPENSSL_EXTRA_BSD
#define MD5Init wolfSSL_MD5_Init
#define MD5Update wolfSSL_MD5_Update
#define MD5Final wolfSSL_MD5_Final
#endif
#ifndef MD5
#define MD5(d, n, md) wc_Md5Hash((d), (n), (md))
#endif
#define MD5_DIGEST_LENGTH MD5_DIGEST_SIZE
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_MD5 */
#endif /* WOLFSSL_MD5_H_ */

View File

@ -0,0 +1,62 @@
/* objects.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_OBJECTS_H_
#define WOLFSSL_OBJECTS_H_
#include <libwolfssl/wolfcrypt/settings.h>
//#include <libwolfssl/openssl/ssl.h>
#ifndef OPENSSL_EXTRA_SSL_GUARD
#define OPENSSL_EXTRA_SSL_GUARD
#include <libwolfssl/ssl.h>
#endif /* OPENSSL_EXTRA_SSL_GUARD */
#ifdef __cplusplus
extern "C" {
#endif
#define OBJ_nid2sn wolfSSL_OBJ_nid2sn
#define OBJ_obj2nid wolfSSL_OBJ_obj2nid
#define OBJ_sn2nid wolfSSL_OBJ_sn2nid
#define OBJ_nid2ln wolfSSL_OBJ_nid2ln
#define OBJ_txt2nid wolfSSL_OBJ_txt2nid
#define OBJ_txt2obj wolfSSL_OBJ_txt2obj
#define OBJ_nid2obj wolfSSL_OBJ_nid2obj
#define OBJ_obj2txt wolfSSL_OBJ_obj2txt
#define OBJ_cleanup wolfSSL_OBJ_cleanup
#define OBJ_cmp wolfSSL_OBJ_cmp
#define OBJ_create wolfSSL_OBJ_create
#define ASN1_OBJECT_free wolfSSL_ASN1_OBJECT_free
/* not required for wolfSSL */
#define OPENSSL_load_builtin_modules()
#define NID_ad_OCSP 178
#define NID_ad_ca_issuers 179
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_OBJECTS_H_ */

View File

@ -0,0 +1,82 @@
/* ocsp.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* ocsp.h for libcurl */
#ifndef WOLFSSL_OCSP_H_
#define WOLFSSL_OCSP_H_
#ifdef HAVE_OCSP
#include <libwolfssl/ocsp.h>
#define OCSP_REQUEST OcspRequest
#define OCSP_RESPONSE OcspResponse
#define OCSP_BASICRESP WOLFSSL_OCSP_BASICRESP
#define OCSP_CERTID WOLFSSL_OCSP_CERTID
#define OCSP_ONEREQ WOLFSSL_OCSP_ONEREQ
#define OCSP_REVOKED_STATUS_NOSTATUS -1
#define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
#define OCSP_RESPONSE_STATUS_TRYLATER 3
#define V_OCSP_CERTSTATUS_GOOD 0
#define V_OCSP_CERTSTATUS_REVOKED 1
#define V_OCSP_CERTSTATUS_UNKNOWN 2
#define OCSP_resp_find_status wolfSSL_OCSP_resp_find_status
#define OCSP_cert_status_str wolfSSL_OCSP_cert_status_str
#define OCSP_check_validity wolfSSL_OCSP_check_validity
#define OCSP_CERTID_free wolfSSL_OCSP_CERTID_free
#define OCSP_cert_to_id wolfSSL_OCSP_cert_to_id
#define OCSP_BASICRESP_free wolfSSL_OCSP_BASICRESP_free
#define OCSP_basic_verify wolfSSL_OCSP_basic_verify
#define OCSP_RESPONSE_free wolfSSL_OCSP_RESPONSE_free
#define d2i_OCSP_RESPONSE_bio wolfSSL_d2i_OCSP_RESPONSE_bio
#define d2i_OCSP_RESPONSE wolfSSL_d2i_OCSP_RESPONSE
#define i2d_OCSP_RESPONSE wolfSSL_i2d_OCSP_RESPONSE
#define OCSP_response_status wolfSSL_OCSP_response_status
#define OCSP_response_status_str wolfSSL_OCSP_response_status_str
#define OCSP_response_get1_basic wolfSSL_OCSP_response_get1_basic
#define OCSP_response_create wolfSSL_OCSP_response_create
#define OCSP_REQUEST_new wolfSSL_OCSP_REQUEST_new
#define OCSP_REQUEST_free wolfSSL_OCSP_REQUEST_free
#define i2d_OCSP_REQUEST wolfSSL_i2d_OCSP_REQUEST
#define OCSP_request_add0_id wolfSSL_OCSP_request_add0_id
#define OCSP_request_add1_nonce wolfSSL_OCSP_request_add1_nonce
#define OCSP_check_nonce wolfSSL_OCSP_check_nonce
#define OCSP_id_get0_info wolfSSL_OCSP_id_get0_info
#define OCSP_crl_reason_str wolfSSL_OCSP_crl_reason_str
#define OCSP_REQUEST_add_ext wolfSSL_OCSP_REQUEST_add_ext
#define OCSP_CERTID_dup wolfSSL_OCSP_CERTID_dup
#define i2d_OCSP_REQUEST_bio wolfSSL_i2d_OCSP_REQUEST_bio
#endif /* HAVE_OCSP */
#endif /* WOLFSSL_OCSP_H_ */

View File

@ -0,0 +1,8 @@
/* opensslconf.h for openSSL */
#ifndef OPENSSL_THREADS
#define OPENSSL_THREADS
#endif

View File

@ -0,0 +1,44 @@
/* opensslv.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* opensslv.h compatibility */
#ifndef WOLFSSL_OPENSSLV_H_
#define WOLFSSL_OPENSSLV_H_
/* api version compatibility */
#if defined(WOLFSSL_APACHE_HTTPD)
/* For Apache httpd, Use 1.1.0 compatibility */
#define OPENSSL_VERSION_NUMBER 0x10100000L
#elif defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
/* version number can be increased for Lighty after compatibility for ECDH
is added */
#define OPENSSL_VERSION_NUMBER 0x10001000L
#else
#define OPENSSL_VERSION_NUMBER 0x0090810fL
#endif
#define OPENSSL_VERSION_TEXT LIBWOLFSSL_VERSION_STRING
#define OPENSSL_VERSION 0
#endif /* header */

View File

@ -0,0 +1,2 @@
/* ossl_typ.h for openssl */

View File

@ -0,0 +1,224 @@
/* pem.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* pem.h for openssl */
/*!
\file wolfssl/openssl/pem.h
*/
#ifndef WOLFSSL_PEM_H_
#define WOLFSSL_PEM_H_
#include <libwolfssl/openssl/evp.h>
#include <libwolfssl/openssl/bio.h>
#include <libwolfssl/openssl/rsa.h>
#include <libwolfssl/openssl/dsa.h>
#include <libwolfssl/ssl.h>
#ifdef __cplusplus
extern "C" {
#endif
/* RSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb* cb, void* arg);
WOLFSSL_API
WOLFSSL_RSA* wolfSSL_PEM_read_bio_RSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_RSA**,
pem_password_cb* cb,
void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_bio_RSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa);
WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_bio_RSA_PUBKEY(WOLFSSL_BIO* bio,
WOLFSSL_RSA** rsa,
pem_password_cb* cb, void *u);
WOLFSSL_API
WOLFSSL_EC_GROUP* wolfSSL_PEM_read_bio_ECPKParameters(WOLFSSL_BIO* bio,
WOLFSSL_EC_GROUP** group,
pem_password_cb* cb,
void* pass);
WOLFSSL_API
int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa,
const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(XFILE fp, WOLFSSL_RSA **x,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_RSAPublicKey(XFILE fp, WOLFSSL_RSA *x);
WOLFSSL_API
int wolfSSL_PEM_write_RSA_PUBKEY(XFILE fp, WOLFSSL_RSA *x);
#endif /* NO_FILESYSTEM */
/* DSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb* cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_write_DSAPrivateKey(XFILE fp, WOLFSSL_DSA *dsa,
const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x);
#endif /* NO_FILESYSTEM */
/* ECC */
WOLFSSL_API
int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb* cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* key,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *key,
const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY *key);
#endif /* NO_FILESYSTEM */
/* EVP_KEY */
WOLFSSL_API
WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY**,
pem_password_cb* cb,
void* arg);
WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_bio_PUBKEY(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY **key,
pem_password_cb *cb, void *pass);
WOLFSSL_API
int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb* cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_bio_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key);
WOLFSSL_API
int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header,
unsigned char **data, long *len);
WOLFSSL_API
int wolfSSL_PEM_write_bio(WOLFSSL_BIO *bio, const char *name,
const char *header, const unsigned char *data,
long len);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_read(XFILE fp, char **name, char **header, unsigned char **data,
long *len);
WOLFSSL_API
int wolfSSL_PEM_write(XFILE fp, const char *name, const char *header,
const unsigned char *data, long len);
#endif
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
WOLFSSL_API
WOLFSSL_X509 *wolfSSL_PEM_read_X509(XFILE fp, WOLFSSL_X509 **x,
pem_password_cb *cb, void *u);
WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey(XFILE fp, WOLFSSL_EVP_PKEY **x,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509 *x);
WOLFSSL_API
int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh);
#endif /* NO_FILESYSTEM */
#define PEM_read wolfSSL_PEM_read
#define PEM_read_bio wolfSSL_PEM_read_bio
#define PEM_write wolfSSL_PEM_write
#define PEM_write_bio wolfSSL_PEM_write_bio
#define PEM_read_X509 wolfSSL_PEM_read_X509
#define PEM_read_PrivateKey wolfSSL_PEM_read_PrivateKey
#define PEM_write_X509 wolfSSL_PEM_write_X509
#define PEM_write_bio_PrivateKey wolfSSL_PEM_write_bio_PrivateKey
#define PEM_write_bio_PKCS8PrivateKey wolfSSL_PEM_write_bio_PKCS8PrivateKey
/* DH */
#define PEM_write_DHparams wolfSSL_PEM_write_DHparams
/* RSA */
#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
#define PEM_read_bio_RSAPrivateKey wolfSSL_PEM_read_bio_RSAPrivateKey
#define PEM_write_bio_RSA_PUBKEY wolfSSL_PEM_write_bio_RSA_PUBKEY
#define PEM_read_bio_RSA_PUBKEY wolfSSL_PEM_read_bio_RSA_PUBKEY
#define PEM_read_bio_ECPKParameters wolfSSL_PEM_read_bio_ECPKParameters
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
/* DSA */
#define PEM_write_bio_DSAPrivateKey wolfSSL_PEM_write_bio_DSAPrivateKey
#define PEM_write_DSAPrivateKey wolfSSL_PEM_write_DSAPrivateKey
#define PEM_write_DSA_PUBKEY wolfSSL_PEM_write_DSA_PUBKEY
/* ECC */
#define PEM_write_bio_ECPrivateKey wolfSSL_PEM_write_bio_ECPrivateKey
#define PEM_write_EC_PUBKEY wolfSSL_PEM_write_EC_PUBKEY
#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
/* EVP_KEY */
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
#define PEM_read_bio_PUBKEY wolfSSL_PEM_read_bio_PUBKEY
#define PEM_write_bio_PUBKEY wolfSSL_PEM_write_bio_PUBKEY
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_PEM_H_ */

View File

@ -0,0 +1,49 @@
/* pkcs12.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* pkcs12.h for openssl */
#include <libwolfssl/openssl/ssl.h>
#include <libwolfssl/wolfcrypt/pkcs12.h>
#ifndef WOLFSSL_PKCS12_COMPAT_H_
#define WOLFSSL_PKCS12_COMPAT_H_
#define NID_pbe_WithSHA1AndDES_CBC 2
#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 3
#define NID_pbe_WithSHA1And128BitRC4 1
#define PKCS12_DEFAULT_ITER WC_PKCS12_ITT_DEFAULT
/* wolfCrypt level does not make use of ssl.h */
#define PKCS12 WC_PKCS12
#define PKCS12_new wc_PKCS12_new
#define PKCS12_free wc_PKCS12_free
/* wolfSSL level using structs from ssl.h and calls down to wolfCrypt */
#define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio
#define PKCS12_parse wolfSSL_PKCS12_parse
#define PKCS12_create wolfSSL_PKCS12_create
#define PKCS12_PBE_add wolfSSL_PKCS12_PBE_add
#endif /* WOLFSSL_PKCS12_COMPAT_H_ */

View File

@ -0,0 +1,79 @@
/* pkcs7.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* pkcs7.h for openSSL */
#ifndef WOLFSSL_PKCS7_H_
#define WOLFSSL_PKCS7_H_
#include <libwolfssl/openssl/ssl.h>
#include <libwolfssl/wolfcrypt/pkcs7.h>
#ifdef __cplusplus
extern "C" {
#endif
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7)
#define PKCS7_NOINTERN 0x0010
#define PKCS7_NOVERIFY 0x0020
typedef struct WOLFSSL_PKCS7
{
PKCS7 pkcs7;
unsigned char* data;
int len;
} WOLFSSL_PKCS7;
WOLFSSL_API PKCS7* wolfSSL_PKCS7_new(void);
WOLFSSL_API PKCS7_SIGNED* wolfSSL_PKCS7_SIGNED_new(void);
WOLFSSL_API void wolfSSL_PKCS7_free(PKCS7* p7);
WOLFSSL_API void wolfSSL_PKCS7_SIGNED_free(PKCS7_SIGNED* p7);
WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in,
int len);
WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7);
WOLFSSL_API int wolfSSL_PKCS7_verify(PKCS7* p7, WOLFSSL_STACK* certs,
WOLFSSL_X509_STORE* store, WOLFSSL_BIO* in, WOLFSSL_BIO* out, int flags);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* p7,
WOLFSSL_STACK* certs, int flags);
WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7);
#define PKCS7_new wolfSSL_PKCS7_new
#define PKCS7_SIGNED_new wolfSSL_PKCS7_SIGNED_new
#define PKCS7_free wolfSSL_PKCS7_free
#define PKCS7_SIGNED_free wolfSSL_PKCS7_SIGNED_free
#define d2i_PKCS7 wolfSSL_d2i_PKCS7
#define d2i_PKCS7_bio wolfSSL_d2i_PKCS7_bio
#define PKCS7_verify wolfSSL_PKCS7_verify
#define PKCS7_get0_signers wolfSSL_PKCS7_get0_signers
#define PEM_write_bio_PKCS7 wolfSSL_PEM_write_bio_PKCS7
#endif /* OPENSSL_ALL && HAVE_PKCS7 */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_PKCS7_H_ */

View File

@ -0,0 +1,27 @@
/* rand.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* rand.h for openSSL */
#include <libwolfssl/openssl/ssl.h>
#include <libwolfssl/wolfcrypt/random.h>
#define RAND_set_rand_method wolfSSL_RAND_set_rand_method

View File

@ -0,0 +1,59 @@
/* rc4.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* rc4.h defines mini des openssl compatibility layer
*
*/
#ifndef WOLFSSL_RC4_COMPAT_H_
#define WOLFSSL_RC4_COMPAT_H_
#include <libwolfssl/wolfcrypt/settings.h>
#include <libwolfssl/openssl/ssl.h> /* included for size_t */
#ifdef __cplusplus
extern "C" {
#endif
/* applications including wolfssl/openssl/rc4.h are expecting to have access to
* the size of RC4_KEY structures. */
typedef struct WOLFSSL_RC4_KEY {
/* big enough for Arc4 from wolfssl/wolfcrypt/arc4.h */
void* holder[(272 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
} WOLFSSL_RC4_KEY;
typedef WOLFSSL_RC4_KEY RC4_KEY;
WOLFSSL_API void wolfSSL_RC4_set_key(WOLFSSL_RC4_KEY* key, int len,
const unsigned char* data);
WOLFSSL_API void wolfSSL_RC4(WOLFSSL_RC4_KEY* key, size_t len,
const unsigned char* in, unsigned char* out);
#define RC4 wolfSSL_RC4
#define RC4_set_key wolfSSL_RC4_set_key
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_RC4_COMPAT_H_ */

View File

@ -0,0 +1,58 @@
/* ripemd.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* ripemd.h for openssl */
#ifndef WOLFSSL_RIPEMD_H_
#define WOLFSSL_RIPEMD_H_
#include <libwolfssl/wolfcrypt/settings.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct WOLFSSL_RIPEMD_CTX {
int holder[32]; /* big enough to hold wolfcrypt, but check on init */
} WOLFSSL_RIPEMD_CTX;
WOLFSSL_API void wolfSSL_RIPEMD_Init(WOLFSSL_RIPEMD_CTX*);
WOLFSSL_API void wolfSSL_RIPEMD_Update(WOLFSSL_RIPEMD_CTX*, const void*,
unsigned long);
WOLFSSL_API void wolfSSL_RIPEMD_Final(unsigned char*, WOLFSSL_RIPEMD_CTX*);
typedef WOLFSSL_RIPEMD_CTX RIPEMD_CTX;
#define RIPEMD_Init wolfSSL_RIPEMD_Init
#define RIPEMD_Update wolfSSL_RIPEMD_Update
#define RIPEMD_Final wolfSSL_RIPEMD_Final
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_MD5_H_ */

View File

@ -0,0 +1,128 @@
/* rsa.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* rsa.h for openSSL */
#ifndef WOLFSSL_RSA_H_
#define WOLFSSL_RSA_H_
#include <libwolfssl/openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Padding types */
#define RSA_PKCS1_PADDING 0
#define RSA_PKCS1_OAEP_PADDING 1
#define RSA_PKCS1_PSS_PADDING 2
#define RSA_NO_PADDING 3
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_RSA WOLFSSL_RSA;
#define WOLFSSL_RSA_TYPE_DEFINED
#endif
typedef WOLFSSL_RSA RSA;
struct WOLFSSL_RSA {
#ifdef WC_RSA_BLINDING
WC_RNG* rng; /* for PrivateDecrypt blinding */
#endif
WOLFSSL_BIGNUM* n;
WOLFSSL_BIGNUM* e;
WOLFSSL_BIGNUM* d;
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* q;
WOLFSSL_BIGNUM* dmp1; /* dP */
WOLFSSL_BIGNUM* dmq1; /* dQ */
WOLFSSL_BIGNUM* iqmp; /* u */
void* heap;
void* internal; /* our RSA */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
char ownRng; /* flag for if the rng should be free'd */
};
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new(void);
WOLFSSL_API void wolfSSL_RSA_free(WOLFSSL_RSA*);
WOLFSSL_API int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA*, int bits, WOLFSSL_BIGNUM*,
void* cb);
WOLFSSL_API int wolfSSL_RSA_blinding_on(WOLFSSL_RSA*, WOLFSSL_BN_CTX*);
WOLFSSL_API int wolfSSL_RSA_public_encrypt(int len, const unsigned char* fr,
unsigned char* to, WOLFSSL_RSA*, int padding);
WOLFSSL_API int wolfSSL_RSA_private_decrypt(int len, const unsigned char* fr,
unsigned char* to, WOLFSSL_RSA*, int padding);
WOLFSSL_API int wolfSSL_RSA_private_encrypt(int len, unsigned char* in,
unsigned char* out, WOLFSSL_RSA* rsa, int padding);
WOLFSSL_API int wolfSSL_RSA_size(const WOLFSSL_RSA*);
WOLFSSL_API int wolfSSL_RSA_sign(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet,
unsigned int* sigLen, WOLFSSL_RSA*);
WOLFSSL_API int wolfSSL_RSA_sign_ex(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet,
unsigned int* sigLen, WOLFSSL_RSA*, int);
WOLFSSL_API int wolfSSL_RSA_verify(int type, const unsigned char* m,
unsigned int mLen, const unsigned char* sig,
unsigned int sigLen, WOLFSSL_RSA*);
WOLFSSL_API int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from,
unsigned char* to, WOLFSSL_RSA*, int padding);
WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA*);
WOLFSSL_API int wolfSSL_RSA_LoadDer(WOLFSSL_RSA*, const unsigned char*, int sz);
WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int sz, int opt);
WOLFSSL_API void wolfSSL_RSA_get0_key(const WOLFSSL_RSA *r,
const WOLFSSL_BIGNUM **n, const WOLFSSL_BIGNUM **e, const WOLFSSL_BIGNUM **d);
#define WOLFSSL_RSA_LOAD_PRIVATE 1
#define WOLFSSL_RSA_LOAD_PUBLIC 2
#define WOLFSSL_RSA_F4 0x10001L
#define RSA_new wolfSSL_RSA_new
#define RSA_free wolfSSL_RSA_free
#define RSA_generate_key_ex wolfSSL_RSA_generate_key_ex
#define RSA_blinding_on wolfSSL_RSA_blinding_on
#define RSA_public_encrypt wolfSSL_RSA_public_encrypt
#define RSA_private_decrypt wolfSSL_RSA_private_decrypt
#define RSA_private_encrypt wolfSSL_RSA_private_encrypt
#define RSA_size wolfSSL_RSA_size
#define RSA_sign wolfSSL_RSA_sign
#define RSA_verify wolfSSL_RSA_verify
#define RSA_public_decrypt wolfSSL_RSA_public_decrypt
#define RSA_get0_key wolfSSL_RSA_get0_key
#define RSA_F4 WOLFSSL_RSA_F4
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */

View File

@ -0,0 +1,203 @@
/* sha.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* sha.h for openssl */
#ifndef WOLFSSL_SHA_H_
#define WOLFSSL_SHA_H_
#include <libwolfssl/wolfcrypt/settings.h>
#include <libwolfssl/wolfcrypt/types.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_sha.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
typedef struct WOLFSSL_SHA_CTX {
/* big enough to hold wolfcrypt Sha, but check on init */
#if defined(STM32_HASH)
void* holder[(112 + WC_ASYNC_DEV_SIZE + sizeof(STM32_HASH_Context)) / sizeof(void*)];
#else
void* holder[(112 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
#endif
#ifdef WOLF_CRYPTO_CB
void* cryptocb_holder[(sizeof(int) + sizeof(void*) + 4) / sizeof(void*)];
#endif
} WOLFSSL_SHA_CTX;
WOLFSSL_API int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX*);
WOLFSSL_API int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long);
WOLFSSL_API int wolfSSL_SHA_Final(unsigned char*, WOLFSSL_SHA_CTX*);
/* SHA1 points to above, shouldn't use SHA0 ever */
WOLFSSL_API int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX*);
WOLFSSL_API int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long);
WOLFSSL_API int wolfSSL_SHA1_Final(unsigned char*, WOLFSSL_SHA_CTX*);
enum {
SHA_DIGEST_LENGTH = 20
};
typedef WOLFSSL_SHA_CTX SHA_CTX;
#define SHA_Init wolfSSL_SHA_Init
#define SHA_Update wolfSSL_SHA_Update
#define SHA_Final wolfSSL_SHA_Final
#define SHA1_Init wolfSSL_SHA1_Init
#define SHA1_Update wolfSSL_SHA1_Update
#define SHA1_Final wolfSSL_SHA1_Final
#ifdef WOLFSSL_SHA224
/* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha256
* struct are 16 byte aligned. Any derefrence to those elements after casting to
* Sha224, is expected to also be 16 byte aligned addresses. */
typedef struct WOLFSSL_SHA224_CTX {
/* big enough to hold wolfcrypt Sha224, but check on init */
ALIGN16 void* holder[(272 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
} WOLFSSL_SHA224_CTX;
WOLFSSL_API int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX*);
WOLFSSL_API int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA224_Final(unsigned char*, WOLFSSL_SHA224_CTX*);
enum {
SHA224_DIGEST_LENGTH = 28
};
typedef WOLFSSL_SHA224_CTX SHA224_CTX;
#define SHA224_Init wolfSSL_SHA224_Init
#define SHA224_Update wolfSSL_SHA224_Update
#define SHA224_Final wolfSSL_SHA224_Final
#endif /* WOLFSSL_SHA224 */
/* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha256
* struct are 16 byte aligned. Any derefrence to those elements after casting to
* Sha256, is expected to also be 16 byte aligned addresses. */
typedef struct WOLFSSL_SHA256_CTX {
/* big enough to hold wolfcrypt Sha256, but check on init */
ALIGN16 void* holder[(272 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
} WOLFSSL_SHA256_CTX;
WOLFSSL_API int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX*);
WOLFSSL_API int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA256_Final(unsigned char*, WOLFSSL_SHA256_CTX*);
enum {
SHA256_DIGEST_LENGTH = 32
};
typedef WOLFSSL_SHA256_CTX SHA256_CTX;
#define SHA256_Init wolfSSL_SHA256_Init
#define SHA256_Update wolfSSL_SHA256_Update
#define SHA256_Final wolfSSL_SHA256_Final
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA256 is only available in non-fips mode because of SHA256 enum in FIPS
* build. */
#define SHA256 wolfSSL_SHA256
#endif
#ifdef WOLFSSL_SHA384
typedef struct WOLFSSL_SHA384_CTX {
/* big enough to hold wolfCrypt Sha384, but check on init */
void* holder[(256 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
} WOLFSSL_SHA384_CTX;
WOLFSSL_API int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX*);
WOLFSSL_API int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA384_Final(unsigned char*, WOLFSSL_SHA384_CTX*);
enum {
SHA384_DIGEST_LENGTH = 48
};
typedef WOLFSSL_SHA384_CTX SHA384_CTX;
#define SHA384_Init wolfSSL_SHA384_Init
#define SHA384_Update wolfSSL_SHA384_Update
#define SHA384_Final wolfSSL_SHA384_Final
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA384 is only available in non-fips mode because of SHA384 enum in FIPS
* build. */
#define SHA384 wolfSSL_SHA384
#endif
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
typedef struct WOLFSSL_SHA512_CTX {
/* big enough to hold wolfCrypt Sha384, but check on init */
void* holder[(288 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
} WOLFSSL_SHA512_CTX;
WOLFSSL_API int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX*);
WOLFSSL_API int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA512_Final(unsigned char*, WOLFSSL_SHA512_CTX*);
enum {
SHA512_DIGEST_LENGTH = 64
};
typedef WOLFSSL_SHA512_CTX SHA512_CTX;
#define SHA512_Init wolfSSL_SHA512_Init
#define SHA512_Update wolfSSL_SHA512_Update
#define SHA512_Final wolfSSL_SHA512_Final
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA512 is only available in non-fips mode because of SHA512 enum in FIPS
* build. */
#define SHA512 wolfSSL_SHA512
#endif
#endif /* WOLFSSL_SHA512 */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_SHA_H_ */

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1 @@
/* ssl23.h for openssl */

View File

@ -0,0 +1,63 @@
/* stack.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* stack.h for openSSL */
#ifndef WOLFSSL_STACK_H_
#define WOLFSSL_STACK_H_
#ifdef __cplusplus
extern "C" {
#endif
typedef void (*wolfSSL_sk_freefunc)(void *);
WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK *);
WOLFSSL_API void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK *);
WOLFSSL_API int wolfSSL_sk_GENERIC_push(WOLFSSL_STACK *sk, void *data);
WOLFSSL_API void wolfSSL_sk_pop_free(WOLFSSL_STACK *st, void (*func) (void *));
WOLFSSL_API
void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk);
WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_new_null(void);
WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data);
WOLFSSL_API
int wolfSSL_sk_CIPHER_push(WOLFSSL_STACK *st,WOLFSSL_CIPHER *cipher);
WOLFSSL_API
WOLFSSL_CIPHER* wolfSSL_sk_CIPHER_pop(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_cipher(void);
#define OPENSSL_sk_free wolfSSL_sk_free
#define OPENSSL_sk_pop_free wolfSSL_sk_pop_free
#define OPENSSL_sk_new_null wolfSSL_sk_new_null
#define OPENSSL_sk_push wolfSSL_sk_push
/* provides older OpenSSL API compatibility */
#define sk_free OPENSSL_sk_free
#define sk_pop_free OPENSSL_sk_pop_free
#define sk_new_null OPENSSL_sk_new_null
#define sk_push OPENSSL_sk_push
#ifdef __cplusplus
}
#endif
#endif

View File

@ -0,0 +1,2 @@
/* ui.h for openssl */

View File

@ -0,0 +1,20 @@
/* x509.h for openssl */
#include <libwolfssl/openssl/ssl.h>
#include <libwolfssl/openssl/dh.h>
/* wolfSSL_X509_print_ex flags */
#define X509_FLAG_COMPAT (0UL)
#define X509_FLAG_NO_HEADER (1UL << 0)
#define X509_FLAG_NO_VERSION (1UL << 1)
#define X509_FLAG_NO_SERIAL (1UL << 2)
#define X509_FLAG_NO_SIGNAME (1UL << 3)
#define X509_FLAG_NO_ISSUER (1UL << 4)
#define X509_FLAG_NO_VALIDITY (1UL << 5)
#define X509_FLAG_NO_SUBJECT (1UL << 6)
#define X509_FLAG_NO_PUBKEY (1UL << 7)
#define X509_FLAG_NO_EXTENSIONS (1UL << 8)
#define X509_FLAG_NO_SIGDUMP (1UL << 9)
#define X509_FLAG_NO_AUX (1UL << 10)
#define X509_FLAG_NO_ATTRIBUTES (1UL << 11)
#define X509_FLAG_NO_IDS (1UL << 12)

View File

@ -0,0 +1 @@
/* x509_vfy.h for openssl */

View File

@ -0,0 +1,112 @@
/* x509v3.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* x509v3.h for openSSL */
#ifndef WOLFSSL_x509v3_H
#define WOLFSSL_x509v3_H
#include <libwolfssl/openssl/conf.h>
#include <libwolfssl/openssl/bio.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Forward reference */
typedef struct WOLFSSL_v3_ext_method WOLFSSL_v3_ext_method;
typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) (
struct WOLFSSL_v3_ext_method *method,
void *ext, STACK_OF(CONF_VALUE) *extlist);
typedef char *(*X509V3_EXT_I2S)(struct WOLFSSL_v3_ext_method *method, void *ext);
typedef int (*X509V3_EXT_I2R) (struct WOLFSSL_v3_ext_method *method,
void *ext, BIO *out, int indent);
typedef struct WOLFSSL_v3_ext_method X509V3_EXT_METHOD;
struct WOLFSSL_v3_ext_method {
int ext_nid;
int ext_flags;
void *usr_data;
X509V3_EXT_D2I d2i;
X509V3_EXT_I2V i2v;
X509V3_EXT_I2S i2s;
X509V3_EXT_I2R i2r;
};
#define WOLFSSL_ASN1_BOOLEAN int
#define GEN_OTHERNAME 0
#define GEN_EMAIL 1
#define GEN_DNS 2
#define GEN_X400 3
#define GEN_DIRNAME 4
#define GEN_EDIPARTY 5
#define GEN_URI 6
#define GEN_IPADD 7
#define GEN_RID 8
#define GENERAL_NAME WOLFSSL_GENERAL_NAME
#define X509V3_CTX WOLFSSL_X509V3_CTX
struct WOLFSSL_X509_EXTENSION {
WOLFSSL_ASN1_OBJECT *obj;
WOLFSSL_ASN1_BOOLEAN crit;
WOLFSSL_ASN1_STRING value;
WOLFSSL_v3_ext_method ext_method;
WOLFSSL_STACK* ext_sk; /* For extension specific data */
};
typedef struct WOLFSSL_AUTHORITY_KEYID AUTHORITY_KEYID;
typedef struct WOLFSSL_BASIC_CONSTRAINTS BASIC_CONSTRAINTS;
typedef struct WOLFSSL_ACCESS_DESCRIPTION ACCESS_DESCRIPTION;
typedef WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION) WOLFSSL_AUTHORITY_INFO_ACCESS;
WOLFSSL_API void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc);
WOLFSSL_API void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id);
WOLFSSL_API const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(
WOLFSSL_X509_EXTENSION* ex);
WOLFSSL_API void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ex);
WOLFSSL_API char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method,
const WOLFSSL_ASN1_STRING *s);
WOLFSSL_API int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out,
WOLFSSL_X509_EXTENSION *ext, unsigned long flag, int indent);
#define BASIC_CONSTRAINTS_free wolfSSL_BASIC_CONSTRAINTS_free
#define AUTHORITY_KEYID_free wolfSSL_AUTHORITY_KEYID_free
#define SSL_CTX_get_cert_store(x) wolfSSL_CTX_get_cert_store ((WOLFSSL_CTX*) (x))
#define ASN1_INTEGER WOLFSSL_ASN1_INTEGER
#define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING
#define X509V3_EXT_get wolfSSL_X509V3_EXT_get
#define X509V3_EXT_d2i wolfSSL_X509V3_EXT_d2i
#define X509V3_EXT_print wolfSSL_X509V3_EXT_print
#define i2s_ASN1_OCTET_STRING wolfSSL_i2s_ASN1_STRING
#define X509V3_EXT_print wolfSSL_X509V3_EXT_print
#define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid
#define X509V3_set_ctx wolfSSL_X509V3_set_ctx
#define X509V3_set_ctx_nodb wolfSSL_X509V3_set_ctx_nodb
#ifdef __cplusplus
}
#endif
#endif

228
source/libwolfssl/sniffer.h Normal file
View File

@ -0,0 +1,228 @@
/* sniffer.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_SNIFFER_H
#define WOLFSSL_SNIFFER_H
#include <libwolfssl/wolfcrypt/settings.h>
#ifdef _WIN32
#ifdef SSL_SNIFFER_EXPORTS
#define SSL_SNIFFER_API __declspec(dllexport)
#else
#define SSL_SNIFFER_API __declspec(dllimport)
#endif
#else
#define SSL_SNIFFER_API
#endif /* _WIN32 */
#ifdef __cplusplus
extern "C" {
#endif
/* @param typeK: (formerly keyType) was shadowing a global declaration in
* wolfssl/wolfcrypt/asn.h line 175
*/
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetPrivateKey(const char* address, int port,
const char* keyFile, int typeK,
const char* password, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetNamedPrivateKey(const char* name,
const char* address, int port,
const char* keyFile, int typeK,
const char* password, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
unsigned char** data, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_FreeDecodeBuffer(unsigned char** data, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_FreeZeroDecodeBuffer(unsigned char** data, int sz,
char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_EnableRecovery(int onOff, int maxMemory, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_GetSessionStats(unsigned int* active,
unsigned int* total,
unsigned int* peak,
unsigned int* maxSessions,
unsigned int* missedData,
unsigned int* reassemblyMemory,
char* error);
WOLFSSL_API void ssl_InitSniffer(void);
WOLFSSL_API void ssl_FreeSniffer(void);
/* ssl_SetPrivateKey typeKs */
enum {
FILETYPE_PEM = 1,
FILETYPE_DER = 2,
};
/*
* New Sniffer API that provides read-only access to the TLS and cipher
* information associated with the SSL session.
*/
#if defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
#define WOLFSSL_PACK __attribute__ ((packed))
#else
#define WOLFSSL_PACK
#endif
typedef struct SSLInfo
{
unsigned char isValid;
/* indicates if the info in this struct is valid: 0 = no, 1 = yes */
unsigned char protocolVersionMajor; /* SSL Version: major */
unsigned char protocolVersionMinor; /* SSL Version: minor */
unsigned char serverCipherSuite0; /* first byte, normally 0 */
unsigned char serverCipherSuite; /* second byte, actual suite */
unsigned char serverCipherSuiteName[256];
/* cipher name, e.g., "TLS_RSA_..." */
unsigned char serverNameIndication[128];
unsigned int keySize;
} WOLFSSL_PACK SSLInfo;
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacketWithSessionInfo(
const unsigned char* packet, int length,
unsigned char** data, SSLInfo* sslInfo, char* error);
typedef void (*SSLConnCb)(const void* session, SSLInfo* info, void* ctx);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetConnectionCb(SSLConnCb cb);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetConnectionCtx(void* ctx);
typedef struct SSLStats
{
unsigned long int sslStandardConns;
unsigned long int sslClientAuthConns;
unsigned long int sslResumedConns;
unsigned long int sslEphemeralMisses;
unsigned long int sslResumeMisses;
unsigned long int sslCiphersUnsupported;
unsigned long int sslKeysUnmatched;
unsigned long int sslKeyFails;
unsigned long int sslDecodeFails;
unsigned long int sslAlerts;
unsigned long int sslDecryptedBytes;
unsigned long int sslEncryptedBytes;
unsigned long int sslEncryptedPackets;
unsigned long int sslDecryptedPackets;
unsigned long int sslKeyMatches;
unsigned long int sslEncryptedConns;
unsigned long int sslResumptionValid;
unsigned long int sslResumptionInserts;
} SSLStats;
WOLFSSL_API
SSL_SNIFFER_API int ssl_ResetStatistics(void);
WOLFSSL_API
SSL_SNIFFER_API int ssl_ReadStatistics(SSLStats* stats);
WOLFSSL_API
SSL_SNIFFER_API int ssl_ReadResetStatistics(SSLStats* stats);
typedef int (*SSLWatchCb)(void* vSniffer,
const unsigned char* certHash,
unsigned int certHashSz,
const unsigned char* certChain,
unsigned int certChainSz,
void* ctx, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetWatchKeyCallback(SSLWatchCb cb, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetWatchKeyCallback_ex(SSLWatchCb cb, int devId,
char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetWatchKeyCtx(void* ctx, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetWatchKey_buffer(void* vSniffer,
const unsigned char* key, unsigned int keySz,
int keyType, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetWatchKey_file(void* vSniffer,
const char* keyFile, int keyType,
const char* password, char* error);
typedef int (*SSLStoreDataCb)(const unsigned char* decryptBuf,
unsigned int decryptBufSz, unsigned int decryptBufOffset, void* ctx);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetStoreDataCallback(SSLStoreDataCb cb);
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacketWithSessionInfoStoreData(
const unsigned char* packet, int length, void* ctx,
SSLInfo* sslInfo, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacketWithChain(void* vChain,
unsigned int chainSz, unsigned char** data, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacketWithChainSessionInfoStoreData(
void* vChain, unsigned int chainSz, void* ctx, SSLInfo* sslInfo,
char* error);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* wolfSSL_SNIFFER_H */

View File

@ -0,0 +1,137 @@
/* sniffer_error.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_SNIFFER_ERROR_H
#define WOLFSSL_SNIFFER_ERROR_H
/* need to have errors as #defines since .rc files can't handle enums */
/* need to start at 1 and go in order for same reason */
#define MEMORY_STR 1
#define NEW_SERVER_STR 2
#define IP_CHECK_STR 3
#define SERVER_NOT_REG_STR 4
#define TCP_CHECK_STR 5
#define SERVER_PORT_NOT_REG_STR 6
#define RSA_DECRYPT_STR 7
#define RSA_DECODE_STR 8
#define BAD_CIPHER_SPEC_STR 9
#define SERVER_HELLO_INPUT_STR 10
#define BAD_SESSION_RESUME_STR 11
#define SERVER_DID_RESUMPTION_STR 12
#define CLIENT_HELLO_INPUT_STR 13
#define CLIENT_RESUME_TRY_STR 14
#define HANDSHAKE_INPUT_STR 15
#define GOT_HELLO_VERIFY_STR 16
#define GOT_SERVER_HELLO_STR 17
#define GOT_CERT_REQ_STR 18
#define GOT_SERVER_KEY_EX_STR 19
#define GOT_CERT_STR 20
#define GOT_SERVER_HELLO_DONE_STR 21
#define GOT_FINISHED_STR 22
#define GOT_CLIENT_HELLO_STR 23
#define GOT_CLIENT_KEY_EX_STR 24
#define GOT_CERT_VER_STR 25
#define GOT_UNKNOWN_HANDSHAKE_STR 26
#define NEW_SESSION_STR 27
#define BAD_NEW_SSL_STR 28
#define GOT_PACKET_STR 29
#define NO_DATA_STR 30
#define BAD_SESSION_STR 31
#define GOT_OLD_CLIENT_HELLO_STR 32
#define OLD_CLIENT_INPUT_STR 33
#define OLD_CLIENT_OK_STR 34
#define BAD_OLD_CLIENT_STR 35
#define BAD_RECORD_HDR_STR 36
#define RECORD_INPUT_STR 37
#define GOT_HANDSHAKE_STR 38
#define BAD_HANDSHAKE_STR 39
#define GOT_CHANGE_CIPHER_STR 40
#define GOT_APP_DATA_STR 41
#define BAD_APP_DATA_STR 42
#define GOT_ALERT_STR 43
#define ANOTHER_MSG_STR 44
#define REMOVE_SESSION_STR 45
#define KEY_FILE_STR 46
#define BAD_IPVER_STR 47
#define BAD_PROTO_STR 48
#define PACKET_HDR_SHORT_STR 49
#define GOT_UNKNOWN_RECORD_STR 50
#define BAD_TRACE_FILE_STR 51
#define FATAL_ERROR_STR 52
#define PARTIAL_INPUT_STR 53
#define BUFFER_ERROR_STR 54
#define PARTIAL_ADD_STR 55
#define DUPLICATE_STR 56
#define OUT_OF_ORDER_STR 57
#define OVERLAP_DUPLICATE_STR 58
#define OVERLAP_REASSEMBLY_BEGIN_STR 59
#define OVERLAP_REASSEMBLY_END_STR 60
#define MISSED_CLIENT_HELLO_STR 61
#define GOT_HELLO_REQUEST_STR 62
#define GOT_SESSION_TICKET_STR 63
#define BAD_INPUT_STR 64
#define BAD_DECRYPT_TYPE 65
#define BAD_FINISHED_MSG 66
#define BAD_COMPRESSION_STR 67
#define BAD_DERIVE_STR 68
#define ACK_MISSED_STR 69
#define BAD_DECRYPT 70
#define DECRYPT_KEYS_NOT_SETUP 71
#define CLIENT_HELLO_LATE_KEY_STR 72
#define GOT_CERT_STATUS_STR 73
#define RSA_KEY_MISSING_STR 74
#define NO_SECURE_RENEGOTIATION 75
#define BAD_SESSION_STATS 76
#define REASSEMBLY_MAX_STR 77
#define DROPPING_LOST_FRAG_STR 78
#define DROPPING_PARTIAL_RECORD 79
#define CLEAR_ACK_FAULT 80
#define BAD_DECRYPT_SIZE 81
#define EXTENDED_MASTER_HASH_STR 82
#define SPLIT_HANDSHAKE_MSG_STR 83
#define ECC_DECODE_STR 84
#define ECC_PUB_DECODE_STR 85
#define WATCH_CB_MISSING_STR 86
#define WATCH_HASH_STR 87
#define WATCH_FAIL_STR 88
#define BAD_CERT_MSG_STR 89
#define STORE_DATA_CB_MISSING_STR 90
#define NO_DATA_DEST_STR 91
#define STORE_DATA_FAIL_STR 92
#define CHAIN_INPUT_STR 93
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
#endif /* wolfSSL_SNIFFER_ERROR_H */

3648
source/libwolfssl/ssl.h Normal file

File diff suppressed because it is too large Load Diff

3437
source/libwolfssl/test.h Normal file

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,40 @@
/* wolfssl_version.h.in
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_VERSION_H
#define WOLFSSL_VERSION_H
#ifdef __cplusplus
extern "C" {
#endif
#define LIBWOLFSSL_VERSION_STRING "4.2.0"
#define LIBWOLFSSL_VERSION_HEX 0x04002000
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_VERSION_H */

View File

@ -0,0 +1,402 @@
/* aes.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/aes.h
*/
#ifndef WOLF_CRYPT_AES_H
#define WOLF_CRYPT_AES_H
#include <libwolfssl/wolfcrypt/types.h>
#ifndef NO_AES
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <libwolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
/* included for fips @wc_fips */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#include <cyassl/ctaocrypt/aes.h>
#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
#define WOLFSSL_AES_COUNTER
#endif
#if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
#define WOLFSSL_AES_DIRECT
#endif
#endif
#ifndef WC_NO_RNG
#include <libwolfssl/wolfcrypt/random.h>
#endif
#ifdef STM32_CRYPTO
#include <libwolfssl/wolfcrypt/port/st/stm32.h>
#endif
#ifdef WOLFSSL_AESNI
#include <wmmintrin.h>
#include <emmintrin.h>
#include <smmintrin.h>
#endif /* WOLFSSL_AESNI */
#ifdef WOLFSSL_XILINX_CRYPT
#include "xsecure_aes.h"
#endif
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
/* included for struct msghdr */
#include <libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
#endif
#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
#include <libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
#if defined(HAVE_AESGCM) && !defined(WC_NO_RNG)
#include <libwolfssl/wolfcrypt/random.h>
#endif
#if defined(WOLFSSL_CRYPTOCELL)
#include <libwolfssl/wolfcrypt/port/arm/cryptoCell.h>
#endif
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
#include <libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* these are required for FIPS and non-FIPS */
enum {
AES_128_KEY_SIZE = 16, /* for 128 bit */
AES_192_KEY_SIZE = 24, /* for 192 bit */
AES_256_KEY_SIZE = 32, /* for 256 bit */
AES_IV_SIZE = 16, /* always block size */
};
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libwolfssl/wolfcrypt/async.h>
#endif
enum {
AES_ENC_TYPE = WC_CIPHER_AES, /* cipher unique type */
AES_ENCRYPTION = 0,
AES_DECRYPTION = 1,
AES_BLOCK_SIZE = 16,
KEYWRAP_BLOCK_SIZE = 8,
GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
CCM_NONCE_MIN_SZ = 7,
CCM_NONCE_MAX_SZ = 13,
CTR_SZ = 4,
AES_IV_FIXED_SZ = 4,
#ifdef HAVE_PKCS11
AES_MAX_ID_LEN = 32,
#endif
};
struct Aes {
/* AESNI needs key first, rounds 2nd, not sure why yet */
ALIGN16 word32 key[60];
word32 rounds;
int keylen;
ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
word32 invokeCtr[2];
word32 nonceSz;
#endif
#ifdef HAVE_AESGCM
ALIGN16 byte H[AES_BLOCK_SIZE];
#ifdef OPENSSL_EXTRA
word32 aadH[4]; /* additional authenticated data GHASH */
word32 aadLen; /* additional authenticated data len */
#endif
#ifdef GCM_TABLE
/* key-based fast multiplication table. */
ALIGN16 byte M0[256][AES_BLOCK_SIZE];
#endif /* GCM_TABLE */
#endif /* HAVE_AESGCM */
#ifdef WOLFSSL_AESNI
byte use_aesni;
#endif /* WOLFSSL_AESNI */
#ifdef WOLF_CRYPTO_CB
int devId;
void* devCtx;
#endif
#ifdef HAVE_PKCS11
byte id[AES_MAX_ID_LEN];
int idLen;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
word32 left; /* unused bytes left from last call */
#endif
#ifdef WOLFSSL_XILINX_CRYPT
XSecure_Aes xilAes;
XCsuDma dma;
word32 key_init[8];
word32 kup;
#endif
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
int alFd; /* server socket to bind to */
int rdFd; /* socket to read from */
struct msghdr msg;
int dir; /* flag for encrpyt or decrypt */
#ifdef WOLFSSL_AFALG_XILINX_AES
word32 msgBuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) +
GCM_NONCE_MID_SZ)];
#endif
#endif
#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
#endif
#if defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
WC_CRYPTODEV ctx;
#endif
#if defined(WOLFSSL_CRYPTOCELL)
aes_context_t ctx;
#endif
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
TSIP_AES_CTX ctx;
#endif
void* heap; /* memory hint to use */
};
#ifndef WC_AES_TYPE_DEFINED
typedef struct Aes Aes;
#define WC_AES_TYPE_DEFINED
#endif
#ifdef WOLFSSL_AES_XTS
typedef struct XtsAes {
Aes aes;
Aes tweak;
} XtsAes;
#endif
#ifdef HAVE_AESGCM
typedef struct Gmac {
Aes aes;
} Gmac;
#endif /* HAVE_AESGCM */
#endif /* HAVE_FIPS */
/* Authenticate cipher function prototypes */
typedef int (*wc_AesAuthEncryptFunc)(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
typedef int (*wc_AesAuthDecryptFunc)(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
/* AES-CBC */
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
#ifdef HAVE_AES_CBC
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif
#ifdef WOLFSSL_AES_CFB
WOLFSSL_API int wc_AesCfbEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#ifdef HAVE_AES_DECRYPT
WOLFSSL_API int wc_AesCfbDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* HAVE_AES_DECRYPT */
#endif /* WOLFSSL_AES_CFB */
#ifdef HAVE_AES_ECB
WOLFSSL_API int wc_AesEcbEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif
/* AES-CTR */
#ifdef WOLFSSL_AES_COUNTER
WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif
/* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT)
WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
#endif
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_XILINX_CRYPT
WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
word32 kup);
#elif defined(WOLFSSL_AFALG_XILINX_AES)
WOLFSSL_LOCAL int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
word32 kup);
#endif
WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#ifndef WC_NO_RNG
WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz);
WOLFSSL_API int wc_AesGcmSetIV(Aes* aes, word32 ivSz,
const byte* ivFixed, word32 ivFixedSz,
WC_RNG* rng);
WOLFSSL_API int wc_AesGcmEncrypt_ex(Aes* aes, byte* out,
const byte* in, word32 sz,
byte* ivOut, word32 ivOutSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* WC_NO_RNG */
WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz);
#ifndef WC_NO_RNG
WOLFSSL_API int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz, WC_RNG* rng);
WOLFSSL_API int wc_GmacVerify(const byte* key, word32 keySz,
const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
const byte* authTag, word32 authTagSz);
#endif /* WC_NO_RNG */
WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz);
#endif /* HAVE_AESGCM */
#ifdef HAVE_AESCCM
WOLFSSL_API int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
WOLFSSL_API int wc_AesCcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesCcmSetNonce(Aes* aes,
const byte* nonce, word32 nonceSz);
WOLFSSL_API int wc_AesCcmEncrypt_ex(Aes* aes, byte* out,
const byte* in, word32 sz,
byte* ivOut, word32 ivOutSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
#ifdef HAVE_AES_KEYWRAP
WOLFSSL_API int wc_AesKeyWrap(const byte* key, word32 keySz,
const byte* in, word32 inSz,
byte* out, word32 outSz,
const byte* iv);
WOLFSSL_API int wc_AesKeyUnWrap(const byte* key, word32 keySz,
const byte* in, word32 inSz,
byte* out, word32 outSz,
const byte* iv);
#endif /* HAVE_AES_KEYWRAP */
#ifdef WOLFSSL_AES_XTS
WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
word32 len, int dir, void* heap, int devId);
WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
#endif
WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
#ifdef HAVE_PKCS11
WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
int devId);
#endif
WOLFSSL_API void wc_AesFree(Aes* aes);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_AES */
#endif /* WOLF_CRYPT_AES_H */

View File

@ -0,0 +1,68 @@
/* arc4.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/arc4.h
*/
#ifndef WOLF_CRYPT_ARC4_H
#define WOLF_CRYPT_ARC4_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libwolfssl/wolfcrypt/async.h>
#endif
enum {
ARC4_ENC_TYPE = 4, /* cipher unique type */
ARC4_STATE_SIZE = 256,
RC4_KEY_SIZE = 16, /* always 128bit */
};
/* ARC4 encryption and decryption */
typedef struct Arc4 {
byte x;
byte y;
byte state[ARC4_STATE_SIZE];
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif
void* heap;
} Arc4;
WOLFSSL_API int wc_Arc4Process(Arc4*, byte*, const byte*, word32);
WOLFSSL_API int wc_Arc4SetKey(Arc4*, const byte*, word32);
WOLFSSL_API int wc_Arc4Init(Arc4*, void*, int);
WOLFSSL_API void wc_Arc4Free(Arc4*);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_ARC4_H */

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,577 @@
/* asn_public.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/asn_public.h
*/
#ifndef WOLF_CRYPT_ASN_PUBLIC_H
#define WOLF_CRYPT_ASN_PUBLIC_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
/* guard on redeclaration */
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#endif
#ifndef WC_ED25519KEY_TYPE_DEFINED
typedef struct ed25519_key ed25519_key;
#define WC_ED25519KEY_TYPE_DEFINED
#endif
#ifndef WC_RSAKEY_TYPE_DEFINED
typedef struct RsaKey RsaKey;
#define WC_RSAKEY_TYPE_DEFINED
#endif
#ifndef WC_RNG_TYPE_DEFINED
typedef struct WC_RNG WC_RNG;
#define WC_RNG_TYPE_DEFINED
#endif
enum Ecc_Sum {
ECC_SECP112R1_OID = 182,
ECC_SECP112R2_OID = 183,
ECC_SECP128R1_OID = 204,
ECC_SECP128R2_OID = 205,
ECC_SECP160R1_OID = 184,
ECC_SECP160R2_OID = 206,
ECC_SECP160K1_OID = 185,
ECC_BRAINPOOLP160R1_OID = 98,
ECC_SECP192R1_OID = 520,
ECC_PRIME192V2_OID = 521,
ECC_PRIME192V3_OID = 522,
ECC_SECP192K1_OID = 207,
ECC_BRAINPOOLP192R1_OID = 100,
ECC_SECP224R1_OID = 209,
ECC_SECP224K1_OID = 208,
ECC_BRAINPOOLP224R1_OID = 102,
ECC_PRIME239V1_OID = 523,
ECC_PRIME239V2_OID = 524,
ECC_PRIME239V3_OID = 525,
ECC_SECP256R1_OID = 526,
ECC_SECP256K1_OID = 186,
ECC_BRAINPOOLP256R1_OID = 104,
ECC_X25519_OID = 365,
ECC_ED25519_OID = 256,
ECC_BRAINPOOLP320R1_OID = 106,
ECC_SECP384R1_OID = 210,
ECC_BRAINPOOLP384R1_OID = 108,
ECC_BRAINPOOLP512R1_OID = 110,
ECC_SECP521R1_OID = 211,
};
/* Certificate file Type */
enum CertType {
CERT_TYPE = 0,
PRIVATEKEY_TYPE,
DH_PARAM_TYPE,
DSA_PARAM_TYPE,
CRL_TYPE,
CA_TYPE,
ECC_PRIVATEKEY_TYPE,
DSA_PRIVATEKEY_TYPE,
CERTREQ_TYPE,
DSA_TYPE,
ECC_TYPE,
RSA_TYPE,
PUBLICKEY_TYPE,
RSA_PUBLICKEY_TYPE,
ECC_PUBLICKEY_TYPE,
TRUSTED_PEER_TYPE,
EDDSA_PRIVATEKEY_TYPE,
ED25519_TYPE,
PKCS12_TYPE,
PKCS8_PRIVATEKEY_TYPE,
PKCS8_ENC_PRIVATEKEY_TYPE,
DETECT_CERT_TYPE,
DH_PRIVATEKEY_TYPE,
};
/* Signature type, by OID sum */
enum Ctc_SigType {
CTC_SHAwDSA = 517,
CTC_MD2wRSA = 646,
CTC_MD5wRSA = 648,
CTC_SHAwRSA = 649,
CTC_SHAwECDSA = 520,
CTC_SHA224wRSA = 658,
CTC_SHA224wECDSA = 523,
CTC_SHA256wRSA = 655,
CTC_SHA256wECDSA = 524,
CTC_SHA384wRSA = 656,
CTC_SHA384wECDSA = 525,
CTC_SHA512wRSA = 657,
CTC_SHA512wECDSA = 526,
CTC_ED25519 = 256
};
enum Ctc_Encoding {
CTC_UTF8 = 0x0c, /* utf8 */
CTC_PRINTABLE = 0x13 /* printable */
};
#ifndef WC_CTC_NAME_SIZE
#define WC_CTC_NAME_SIZE 64
#endif
#ifndef WC_CTC_MAX_ALT_SIZE
#define WC_CTC_MAX_ALT_SIZE 16384
#endif
enum Ctc_Misc {
CTC_COUNTRY_SIZE = 2,
CTC_NAME_SIZE = WC_CTC_NAME_SIZE,
CTC_DATE_SIZE = 32,
CTC_MAX_ALT_SIZE = WC_CTC_MAX_ALT_SIZE, /* may be huge, default: 16384 */
CTC_SERIAL_SIZE = 16,
#ifdef WOLFSSL_CERT_EXT
/* AKID could contains: hash + (Option) AuthCertIssuer,AuthCertSerialNum
* We support only hash */
CTC_MAX_SKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_AKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_CERTPOL_SZ = 64,
CTC_MAX_CERTPOL_NB = 2 /* Max number of Certificate Policy */
#endif /* WOLFSSL_CERT_EXT */
};
/* DER buffer */
typedef struct DerBuffer {
byte* buffer;
void* heap;
word32 length;
int type; /* enum CertType */
int dynType; /* DYNAMIC_TYPE_* */
} DerBuffer;
enum {
IV_SZ = 32, /* max iv sz */
NAME_SZ = 80, /* max one line */
PEM_PASS_READ = 0,
PEM_PASS_WRITE = 1,
};
typedef int (pem_password_cb)(char* passwd, int sz, int rw, void* userdata);
typedef struct EncryptedInfo {
pem_password_cb* passwd_cb;
void* passwd_userdata;
long consumed; /* tracks PEM bytes consumed */
int cipherType;
word32 keySz;
word32 ivSz; /* salt or encrypted IV size */
char name[NAME_SZ]; /* cipher name, such as "DES-CBC" */
byte iv[IV_SZ]; /* salt or encrypted IV */
word16 set:1; /* if encryption set */
} EncryptedInfo;
#define WOLFSSL_ASN1_INTEGER_MAX 20
typedef struct WOLFSSL_ASN1_INTEGER {
/* size can be increased set at 20 for tag, length then to hold at least 16
* byte type */
unsigned char intData[WOLFSSL_ASN1_INTEGER_MAX];
/* ASN_INTEGER | LENGTH | hex of number */
unsigned char negative; /* negative number flag */
unsigned char* data;
unsigned int dataMax; /* max size of data buffer */
unsigned int isDynamic:1; /* flag for if data pointer dynamic (1 is yes 0 is no) */
int length;
int type;
} WOLFSSL_ASN1_INTEGER;
#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT)
#ifdef WOLFSSL_EKU_OID
#ifndef CTC_MAX_EKU_NB
#define CTC_MAX_EKU_NB 1
#endif
#ifndef CTC_MAX_EKU_OID_SZ
#define CTC_MAX_EKU_OID_SZ 30
#endif
#else
#undef CTC_MAX_EKU_OID_SZ
#define CTC_MAX_EKU_OID_SZ 0
#endif
#endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_MULTI_ATTRIB
#ifndef CTC_MAX_ATTRIB
#define CTC_MAX_ATTRIB 4
#endif
/* ASN Encoded Name field */
typedef struct NameAttrib {
int sz; /* actual string value length */
int id; /* id of name */
int type; /* enc of name */
char value[CTC_NAME_SIZE]; /* name */
} NameAttrib;
#endif /* WOLFSSL_MULTI_ATTRIB */
typedef struct CertName {
char country[CTC_NAME_SIZE];
char countryEnc;
char state[CTC_NAME_SIZE];
char stateEnc;
char locality[CTC_NAME_SIZE];
char localityEnc;
char sur[CTC_NAME_SIZE];
char surEnc;
char org[CTC_NAME_SIZE];
char orgEnc;
char unit[CTC_NAME_SIZE];
char unitEnc;
char commonName[CTC_NAME_SIZE];
char commonNameEnc;
char serialDev[CTC_NAME_SIZE];
char serialDevEnc;
#ifdef WOLFSSL_CERT_EXT
char busCat[CTC_NAME_SIZE];
char busCatEnc;
char joiC[CTC_NAME_SIZE];
char joiCEnc;
char joiSt[CTC_NAME_SIZE];
char joiStEnc;
#endif
char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */
#ifdef WOLFSSL_MULTI_ATTRIB
NameAttrib name[CTC_MAX_ATTRIB];
#endif
} CertName;
/* for user to fill for certificate generation */
typedef struct Cert {
int version; /* x509 version */
byte serial[CTC_SERIAL_SIZE]; /* serial number */
int serialSz; /* serial size */
int sigType; /* signature algo type */
CertName issuer; /* issuer info */
int daysValid; /* validity days */
int selfSigned; /* self signed flag */
CertName subject; /* subject info */
int isCA; /* is this going to be a CA */
/* internal use only */
int bodySz; /* pre sign total size */
int keyType; /* public key type of subject */
#ifdef WOLFSSL_ALT_NAMES
byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
int altNamesSz; /* altNames size in bytes */
byte beforeDate[CTC_DATE_SIZE]; /* before date copy */
int beforeDateSz; /* size of copy */
byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */
#endif
#ifdef WOLFSSL_CERT_EXT
byte skid[CTC_MAX_SKID_SIZE]; /* Subject Key Identifier */
int skidSz; /* SKID size in bytes */
byte akid[CTC_MAX_AKID_SIZE]; /* Authority Key Identifier */
int akidSz; /* AKID size in bytes */
word16 keyUsage; /* Key Usage */
byte extKeyUsage; /* Extended Key Usage */
#ifdef WOLFSSL_EKU_OID
/* Extended Key Usage OIDs */
byte extKeyUsageOID[CTC_MAX_EKU_NB][CTC_MAX_EKU_OID_SZ];
byte extKeyUsageOIDSz[CTC_MAX_EKU_NB];
#endif
char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ];
word16 certPoliciesNb; /* Number of Cert Policy */
byte issRaw[sizeof(CertName)]; /* raw issuer info */
byte sbjRaw[sizeof(CertName)]; /* raw subject info */
#endif
#ifdef WOLFSSL_CERT_REQ
char challengePw[CTC_NAME_SIZE];
int challengePwPrintableString; /* encode as PrintableString */
#endif
void* decodedCert; /* internal DecodedCert allocated from heap */
byte* der; /* Pointer to buffer of current DecodedCert cache */
void* heap; /* heap hint */
} Cert;
/* Initialize and Set Certificate defaults:
version = 3 (0x2)
serial = 0 (Will be randomly generated)
sigType = SHA_WITH_RSA
issuer = blank
daysValid = 500
selfSigned = 1 (true) use subject as issuer
subject = blank
isCA = 0 (false)
keyType = RSA_KEY (default)
*/
WOLFSSL_API int wc_InitCert(Cert*);
WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz,
int keyType, void* key, WC_RNG* rng);
WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*, WC_RNG*);
#ifdef WOLFSSL_CERT_REQ
WOLFSSL_API int wc_MakeCertReq_ex(Cert*, byte* derBuffer, word32 derSz,
int, void*);
WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz,
RsaKey*, ecc_key*);
#endif
WOLFSSL_API int wc_SignCert_ex(int requestSz, int sType, byte* buffer,
word32 buffSz, int keyType, void* key,
WC_RNG* rng);
WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey*, ecc_key*, WC_RNG*);
WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
WC_RNG*);
WOLFSSL_API int wc_SetIssuer(Cert*, const char*);
WOLFSSL_API int wc_SetSubject(Cert*, const char*);
#ifdef WOLFSSL_ALT_NAMES
WOLFSSL_API int wc_SetAltNames(Cert*, const char*);
#endif
#ifdef WOLFSSL_CERT_GEN_CACHE
WOLFSSL_API void wc_SetCert_Free(Cert* cert);
#endif
WOLFSSL_API int wc_SetIssuerBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetSubjectBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetAltNamesBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
#ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetCertDates(Cert* cert, struct tm* before,
struct tm* after);
#endif
#ifdef WOLFSSL_CERT_EXT
WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey_ex(Cert *cert, int keyType,
void* key);
WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
ecc_key *eckey);
WOLFSSL_API int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz);
WOLFSSL_API int wc_SetAuthKeyId(Cert *cert, const char* file);
WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType,
void* key);
WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
ecc_key *eckey);
WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file);
WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert);
WOLFSSL_API int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz);
WOLFSSL_API int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz);
#ifdef HAVE_NTRU
WOLFSSL_API int wc_SetSubjectKeyIdFromNtruPublicKey(Cert *cert, byte *ntruKey,
word16 ntruKeySz);
#endif
/* Set the KeyUsage.
* Value is a string separated tokens with ','. Accepted tokens are :
* digitalSignature,nonRepudiation,contentCommitment,keyCertSign,cRLSign,
* dataEncipherment,keyAgreement,keyEncipherment,encipherOnly and decipherOnly.
*
* nonRepudiation and contentCommitment are for the same usage.
*/
WOLFSSL_API int wc_SetKeyUsage(Cert *cert, const char *value);
/* Set ExtendedKeyUsage
* Value is a string separated tokens with ','. Accepted tokens are :
* any,serverAuth,clientAuth,codeSigning,emailProtection,timeStamping,OCSPSigning
*/
WOLFSSL_API int wc_SetExtKeyUsage(Cert *cert, const char *value);
#ifdef WOLFSSL_EKU_OID
/* Set ExtendedKeyUsage with unique OID
* oid is expected to be in byte representation
*/
WOLFSSL_API int wc_SetExtKeyUsageOID(Cert *cert, const char *oid, word32 sz,
byte idx, void* heap);
#endif /* WOLFSSL_EKU_OID */
#endif /* WOLFSSL_CERT_EXT */
#ifdef HAVE_NTRU
WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
const byte* ntruKey, word16 keySz,
WC_RNG*);
#endif
#endif /* WOLFSSL_CERT_GEN */
WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz,
const byte** date, byte* format, int* length);
#ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetDateAsCalendarTime(const byte* date, int length,
byte format, struct tm* time);
#endif
#if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
WOLFSSL_API int wc_PemGetHeaderFooter(int type, const char** header,
const char** footer);
#endif
WOLFSSL_API int wc_AllocDer(DerBuffer** pDer, word32 length, int type, void* heap);
WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
#ifdef WOLFSSL_PEM_TO_DER
WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type,
DerBuffer** pDer, void* heap, EncryptedInfo* info, int* eccKey);
WOLFSSL_API int wc_KeyPemToDer(const unsigned char*, int,
unsigned char*, int, const char*);
WOLFSSL_API int wc_CertPemToDer(const unsigned char*, int,
unsigned char*, int, int);
#endif /* WOLFSSL_PEM_TO_DER */
#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
#ifndef NO_FILESYSTEM
WOLFSSL_API int wc_PemPubKeyToDer(const char* fileName,
unsigned char* derBuf, int derSz);
#endif
WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char*, int,
unsigned char*, int);
#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
#ifdef WOLFSSL_CERT_GEN
#ifndef NO_FILESYSTEM
WOLFSSL_API int wc_PemCertToDer(const char* fileName,
unsigned char* derBuf, int derSz);
#endif
#endif /* WOLFSSL_CERT_GEN */
#ifdef WOLFSSL_DER_TO_PEM
WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
word32 outputSz, byte *cipherIno, int type);
#endif
#ifndef NO_RSA
#if !defined(HAVE_USER_RSA)
WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx,
word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz);
#endif
WOLFSSL_API int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header);
#endif
#ifdef HAVE_ECC
/* private key helpers */
WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*,
ecc_key*, word32);
WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen);
WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output,
word32* outLen);
/* public key helper */
WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*,
ecc_key*, word32);
WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key*, byte* output,
word32 inLen, int with_AlgCurve);
WOLFSSL_API int wc_EccPublicKeyDerSize(ecc_key*, int with_AlgCurve);
#endif
#ifdef HAVE_ED25519
/* private key helpers */
WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte*, word32*,
ed25519_key*, word32);
WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output,
word32 inLen);
/* public key helper */
WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte*, word32*,
ed25519_key*, word32);
#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key*, byte* output,
word32 inLen, int with_AlgCurve);
#endif
#endif
/* DER encode signature */
WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest,
word32 digSz, int hashOID);
WOLFSSL_API int wc_GetCTC_HashOID(int type);
WOLFSSL_API int wc_GetPkcs8TraditionalOffset(byte* input,
word32* inOutIdx, word32 sz);
WOLFSSL_API int wc_CreatePKCS8Key(byte* out, word32* outSz,
byte* key, word32 keySz, int algoID, const byte* curveOID, word32 oidSz);
#ifndef NO_ASN_TIME
/* Time */
/* Returns seconds (Epoch/UTC)
* timePtr: is "time_t", which is typically "long"
* Example:
long lTime;
rc = wc_GetTime(&lTime, (word32)sizeof(lTime));
*/
WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize);
#endif
#ifdef WOLFSSL_ENCRYPTED_KEYS
WOLFSSL_API int wc_EncryptedInfoGet(EncryptedInfo* info,
const char* cipherInfo);
#endif
#ifdef WOLFSSL_CERT_PIV
typedef struct _wc_CertPIV {
const byte* cert;
word32 certSz;
const byte* certErrDet;
word32 certErrDetSz;
const byte* nonce; /* Identiv Only */
word32 nonceSz; /* Identiv Only */
const byte* signedNonce; /* Identiv Only */
word32 signedNonceSz; /* Identiv Only */
/* flags */
word16 compression:2;
word16 isX509:1;
word16 isIdentiv:1;
} wc_CertPIV;
WOLFSSL_API int wc_ParseCertPIV(wc_CertPIV* cert, const byte* buf, word32 totalSz);
#endif /* WOLFSSL_CERT_PIV */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_ASN_PUBLIC_H */

View File

@ -0,0 +1,155 @@
/*
BLAKE2 reference source code package - reference C implementations
Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
To the extent possible under law, the author(s) have dedicated all copyright
and related and neighboring rights to this software to the public domain
worldwide. This software is distributed without any warranty.
You should have received a copy of the CC0 Public Domain Dedication along with
this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
*/
/* blake2-impl.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFCRYPT_BLAKE2_IMPL_H
#define WOLFCRYPT_BLAKE2_IMPL_H
#include <libwolfssl/wolfcrypt/types.h>
static WC_INLINE word32 load32( const void *src )
{
#if defined(LITTLE_ENDIAN_ORDER)
return *( word32 * )( src );
#else
const byte *p = ( byte * )src;
word32 w = *p++;
w |= ( word32 )( *p++ ) << 8;
w |= ( word32 )( *p++ ) << 16;
w |= ( word32 )( *p++ ) << 24;
return w;
#endif
}
static WC_INLINE word64 load64( const void *src )
{
#if defined(LITTLE_ENDIAN_ORDER)
return *( word64 * )( src );
#else
const byte *p = ( byte * )src;
word64 w = *p++;
w |= ( word64 )( *p++ ) << 8;
w |= ( word64 )( *p++ ) << 16;
w |= ( word64 )( *p++ ) << 24;
w |= ( word64 )( *p++ ) << 32;
w |= ( word64 )( *p++ ) << 40;
w |= ( word64 )( *p++ ) << 48;
w |= ( word64 )( *p++ ) << 56;
return w;
#endif
}
static WC_INLINE void store32( void *dst, word32 w )
{
#if defined(LITTLE_ENDIAN_ORDER)
*( word32 * )( dst ) = w;
#else
byte *p = ( byte * )dst;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w;
#endif
}
static WC_INLINE void store64( void *dst, word64 w )
{
#if defined(LITTLE_ENDIAN_ORDER)
*( word64 * )( dst ) = w;
#else
byte *p = ( byte * )dst;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w;
#endif
}
static WC_INLINE word64 load48( const void *src )
{
const byte *p = ( const byte * )src;
word64 w = *p++;
w |= ( word64 )( *p++ ) << 8;
w |= ( word64 )( *p++ ) << 16;
w |= ( word64 )( *p++ ) << 24;
w |= ( word64 )( *p++ ) << 32;
w |= ( word64 )( *p++ ) << 40;
return w;
}
static WC_INLINE void store48( void *dst, word64 w )
{
byte *p = ( byte * )dst;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w; w >>= 8;
*p++ = ( byte )w;
}
static WC_INLINE word32 rotl32( const word32 w, const unsigned c )
{
return ( w << c ) | ( w >> ( 32 - c ) );
}
static WC_INLINE word64 rotl64( const word64 w, const unsigned c )
{
return ( w << c ) | ( w >> ( 64 - c ) );
}
static WC_INLINE word32 rotr32( const word32 w, const unsigned c )
{
return ( w >> c ) | ( w << ( 32 - c ) );
}
static WC_INLINE word64 rotr64( const word64 w, const unsigned c )
{
return ( w >> c ) | ( w << ( 64 - c ) );
}
/* prevents compiler optimizing out memset() */
static WC_INLINE void secure_zero_memory( void *v, word64 n )
{
volatile byte *p = ( volatile byte * )v;
while( n-- ) *p++ = 0;
}
#endif /* WOLFCRYPT_BLAKE2_IMPL_H */

View File

@ -0,0 +1,184 @@
/*
BLAKE2 reference source code package - reference C implementations
Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
To the extent possible under law, the author(s) have dedicated all copyright
and related and neighboring rights to this software to the public domain
worldwide. This software is distributed without any warranty.
You should have received a copy of the CC0 Public Domain Dedication along with
this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
*/
/* blake2-int.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFCRYPT_BLAKE2_INT_H
#define WOLFCRYPT_BLAKE2_INT_H
#include <libwolfssl/wolfcrypt/types.h>
#if defined(_MSC_VER)
#define ALIGN(x) __declspec(align(x))
#elif defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__)
#define ALIGN(x) __attribute__((aligned(x)))
#else
#define ALIGN(x)
#endif
#if defined(__cplusplus)
extern "C" {
#endif
enum blake2s_constant
{
BLAKE2S_BLOCKBYTES = 64,
BLAKE2S_OUTBYTES = 32,
BLAKE2S_KEYBYTES = 32,
BLAKE2S_SALTBYTES = 8,
BLAKE2S_PERSONALBYTES = 8
};
enum blake2b_constant
{
BLAKE2B_BLOCKBYTES = 128,
BLAKE2B_OUTBYTES = 64,
BLAKE2B_KEYBYTES = 64,
BLAKE2B_SALTBYTES = 16,
BLAKE2B_PERSONALBYTES = 16
};
#pragma pack(push, 1)
typedef struct __blake2s_param
{
byte digest_length; /* 1 */
byte key_length; /* 2 */
byte fanout; /* 3 */
byte depth; /* 4 */
word32 leaf_length; /* 8 */
byte node_offset[6];/* 14 */
byte node_depth; /* 15 */
byte inner_length; /* 16 */
/* byte reserved[0]; */
byte salt[BLAKE2B_SALTBYTES]; /* 24 */
byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */
} blake2s_param;
ALIGN( 32 ) typedef struct __blake2s_state
{
word32 h[8];
word32 t[2];
word32 f[2];
byte buf[2 * BLAKE2S_BLOCKBYTES];
word32 buflen;
byte last_node;
} blake2s_state ;
typedef struct __blake2b_param
{
byte digest_length; /* 1 */
byte key_length; /* 2 */
byte fanout; /* 3 */
byte depth; /* 4 */
word32 leaf_length; /* 8 */
word64 node_offset; /* 16 */
byte node_depth; /* 17 */
byte inner_length; /* 18 */
byte reserved[14]; /* 32 */
byte salt[BLAKE2B_SALTBYTES]; /* 48 */
byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */
} blake2b_param;
ALIGN( 64 ) typedef struct __blake2b_state
{
word64 h[8];
word64 t[2];
word64 f[2];
byte buf[2 * BLAKE2B_BLOCKBYTES];
word64 buflen;
byte last_node;
} blake2b_state;
typedef struct __blake2sp_state
{
blake2s_state S[8][1];
blake2s_state R[1];
byte buf[8 * BLAKE2S_BLOCKBYTES];
word32 buflen;
} blake2sp_state;
typedef struct __blake2bp_state
{
blake2b_state S[4][1];
blake2b_state R[1];
byte buf[4 * BLAKE2B_BLOCKBYTES];
word64 buflen;
} blake2bp_state;
#pragma pack(pop)
/* Streaming API */
int blake2s_init( blake2s_state *S, const byte outlen );
int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key, const byte keylen );
int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
int blake2s_update( blake2s_state *S, const byte *in, word32 inlen );
int blake2s_final( blake2s_state *S, byte *out, byte outlen );
int blake2b_init( blake2b_state *S, const byte outlen );
int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, const byte keylen );
int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
int blake2b_update( blake2b_state *S, const byte *in, word64 inlen );
int blake2b_final( blake2b_state *S, byte *out, byte outlen );
int blake2sp_init( blake2sp_state *S, const byte outlen );
int blake2sp_init_key( blake2sp_state *S, const byte outlen, const void *key, const byte keylen );
int blake2sp_update( blake2sp_state *S, const byte *in, word32 inlen );
int blake2sp_final( blake2sp_state *S, byte *out, byte outlen );
int blake2bp_init( blake2bp_state *S, const byte outlen );
int blake2bp_init_key( blake2bp_state *S, const byte outlen, const void *key, const byte keylen );
int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen );
int blake2bp_final( blake2bp_state *S, byte *out, byte outlen );
/* Simple API */
int blake2s( byte *out, const void *in, const void *key, const byte outlen, const word32 inlen, byte keylen );
int blake2b( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
int blake2sp( byte *out, const void *in, const void *key, const byte outlen, const word32 inlen, byte keylen );
int blake2bp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
static WC_INLINE int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen )
{
return blake2b( out, in, key, outlen, inlen, keylen );
}
#if defined(__cplusplus)
}
#endif
#endif /* WOLFCRYPT_BLAKE2_INT_H */

View File

@ -0,0 +1,96 @@
/* blake2.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/blake2.h
*/
#ifndef WOLF_CRYPT_BLAKE2_H
#define WOLF_CRYPT_BLAKE2_H
#include <libwolfssl/wolfcrypt/settings.h>
#if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)
#include <libwolfssl/wolfcrypt/blake2-int.h>
/* call old functions if using fips for the sake of hmac @wc_fips */
#ifdef HAVE_FIPS
/* Since hmac can call blake functions provide original calls */
#define wc_InitBlake2b InitBlake2b
#define wc_Blake2bUpdate Blake2bUpdate
#define wc_Blake2bFinal Blake2bFinal
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* in bytes, variable digest size up to 512 bits (64 bytes) */
enum {
#ifdef HAVE_BLAKE2B
BLAKE2B_ID = WC_HASH_TYPE_BLAKE2B,
BLAKE2B_256 = 32, /* 256 bit type, SSL default */
#endif
#ifdef HAVE_BLAKE2S
BLAKE2S_ID = WC_HASH_TYPE_BLAKE2S,
BLAKE2S_256 = 32 /* 256 bit type */
#endif
};
#ifdef HAVE_BLAKE2B
/* BLAKE2b digest */
typedef struct Blake2b {
blake2b_state S[1]; /* our state */
word32 digestSz; /* digest size used on init */
} Blake2b;
#endif
#ifdef HAVE_BLAKE2S
/* BLAKE2s digest */
typedef struct Blake2s {
blake2s_state S[1]; /* our state */
word32 digestSz; /* digest size used on init */
} Blake2s;
#endif
#ifdef HAVE_BLAKE2B
WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32);
WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32);
WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32);
#endif
#ifdef HAVE_BLAKE2S
WOLFSSL_API int wc_InitBlake2s(Blake2s*, word32);
WOLFSSL_API int wc_Blake2sUpdate(Blake2s*, const byte*, word32);
WOLFSSL_API int wc_Blake2sFinal(Blake2s*, byte*, word32);
#endif
#ifdef __cplusplus
}
#endif
#endif /* HAVE_BLAKE2 || HAVE_BLAKE2S */
#endif /* WOLF_CRYPT_BLAKE2_H */

View File

@ -0,0 +1,101 @@
/* camellia.h ver 1.2.0
*
* Copyright (c) 2006,2007
* NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer as
* the first lines of this file unmodified.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/* camellia.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/camellia.h
*/
#ifndef WOLF_CRYPT_CAMELLIA_H
#define WOLF_CRYPT_CAMELLIA_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_CAMELLIA
#ifdef __cplusplus
extern "C" {
#endif
enum {
CAMELLIA_BLOCK_SIZE = 16
};
#define CAMELLIA_TABLE_BYTE_LEN 272
#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / sizeof(word32))
typedef word32 KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN];
typedef struct Camellia {
word32 keySz;
KEY_TABLE_TYPE key;
word32 reg[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
} Camellia;
WOLFSSL_API int wc_CamelliaSetKey(Camellia* cam,
const byte* key, word32 len, const byte* iv);
WOLFSSL_API int wc_CamelliaSetIV(Camellia* cam, const byte* iv);
WOLFSSL_API int wc_CamelliaEncryptDirect(Camellia* cam, byte* out,
const byte* in);
WOLFSSL_API int wc_CamelliaDecryptDirect(Camellia* cam, byte* out,
const byte* in);
WOLFSSL_API int wc_CamelliaCbcEncrypt(Camellia* cam,
byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_CamelliaCbcDecrypt(Camellia* cam,
byte* out, const byte* in, word32 sz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_CAMELLIA */
#endif /* WOLF_CRYPT_CAMELLIA_H */

View File

@ -0,0 +1,82 @@
/* chacha.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/chacha.h
*/
#ifndef WOLF_CRYPT_CHACHA_H
#define WOLF_CRYPT_CHACHA_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_CHACHA
#ifdef __cplusplus
extern "C" {
#endif
/* Size of the IV */
#define CHACHA_IV_WORDS 3
#define CHACHA_IV_BYTES (CHACHA_IV_WORDS * sizeof(word32))
/* Size of ChaCha chunks */
#define CHACHA_CHUNK_WORDS 16
#define CHACHA_CHUNK_BYTES (CHACHA_CHUNK_WORDS * sizeof(word32))
#ifdef WOLFSSL_X86_64_BUILD
#if defined(USE_INTEL_SPEEDUP) && !defined(NO_CHACHA_ASM)
#define USE_INTEL_CHACHA_SPEEDUP
#define HAVE_INTEL_AVX1
#endif
#endif
enum {
CHACHA_ENC_TYPE = WC_CIPHER_CHACHA, /* cipher unique type */
CHACHA_MAX_KEY_SZ = 32,
};
typedef struct ChaCha {
word32 X[CHACHA_CHUNK_WORDS]; /* state of cipher */
#ifdef HAVE_INTEL_AVX1
/* vpshufd reads 16 bytes but we only use bottom 4. */
byte extra[12];
#endif
} ChaCha;
/**
* IV(nonce) changes with each record
* counter is for what value the block counter should start ... usually 0
*/
WOLFSSL_API int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter);
WOLFSSL_API int wc_Chacha_Process(ChaCha* ctx, byte* cipher, const byte* plain,
word32 msglen);
WOLFSSL_API int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_CHACHA */
#endif /* WOLF_CRYPT_CHACHA_H */

View File

@ -0,0 +1,84 @@
/* chacha20_poly1305.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* This implementation of the ChaCha20-Poly1305 AEAD is based on "ChaCha20
* and Poly1305 for IETF protocols" (draft-irtf-cfrg-chacha20-poly1305-10):
* https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-10
*/
/*!
\file wolfssl/wolfcrypt/chacha20_poly1305.h
*/
#ifndef WOLF_CRYPT_CHACHA20_POLY1305_H
#define WOLF_CRYPT_CHACHA20_POLY1305_H
#include <libwolfssl/wolfcrypt/types.h>
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
#ifdef __cplusplus
extern "C" {
#endif
#define CHACHA20_POLY1305_AEAD_KEYSIZE 32
#define CHACHA20_POLY1305_AEAD_IV_SIZE 12
#define CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE 16
enum {
CHACHA20_POLY_1305_ENC_TYPE = 8 /* cipher unique type */
};
/*
* The IV for this implementation is 96 bits to give the most flexibility.
*
* Some protocols may have unique per-invocation inputs that are not
* 96-bit in length. For example, IPsec may specify a 64-bit nonce. In
* such a case, it is up to the protocol document to define how to
* transform the protocol nonce into a 96-bit nonce, for example by
* concatenating a constant value.
*/
WOLFSSL_API
int wc_ChaCha20Poly1305_Encrypt(
const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte* inAAD, const word32 inAADLen,
const byte* inPlaintext, const word32 inPlaintextLen,
byte* outCiphertext,
byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
WOLFSSL_API
int wc_ChaCha20Poly1305_Decrypt(
const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte* inAAD, const word32 inAADLen,
const byte* inCiphertext, const word32 inCiphertextLen,
const byte inAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE],
byte* outPlaintext);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_CHACHA && HAVE_POLY1305 */
#endif /* WOLF_CRYPT_CHACHA20_POLY1305_H */

View File

@ -0,0 +1,97 @@
/* cmac.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLF_CRYPT_CMAC_H
#define WOLF_CRYPT_CMAC_H
#include <libwolfssl/wolfcrypt/types.h>
#include <libwolfssl/wolfcrypt/aes.h>
#if !defined(NO_AES) && defined(WOLFSSL_CMAC)
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <libwolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#ifdef __cplusplus
extern "C" {
#endif
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifndef WC_CMAC_TYPE_DEFINED
typedef struct Cmac Cmac;
#define WC_CMAC_TYPE_DEFINED
#endif
struct Cmac {
Aes aes;
byte buffer[AES_BLOCK_SIZE]; /* partially stored block */
byte digest[AES_BLOCK_SIZE]; /* running digest */
byte k1[AES_BLOCK_SIZE];
byte k2[AES_BLOCK_SIZE];
word32 bufferSz;
word32 totalSz;
};
typedef enum CmacType {
WC_CMAC_AES = 1
} CmacType;
#define WC_CMAC_TAG_MAX_SZ AES_BLOCK_SIZE
#define WC_CMAC_TAG_MIN_SZ (AES_BLOCK_SIZE/4)
#endif /* HAVE_FIPS */
WOLFSSL_API
int wc_InitCmac(Cmac* cmac,
const byte* key, word32 keySz,
int type, void* unused);
WOLFSSL_API
int wc_CmacUpdate(Cmac* cmac,
const byte* in, word32 inSz);
WOLFSSL_API
int wc_CmacFinal(Cmac* cmac,
byte* out, word32* outSz);
WOLFSSL_API
int wc_AesCmacGenerate(byte* out, word32* outSz,
const byte* in, word32 inSz,
const byte* key, word32 keySz);
WOLFSSL_API
int wc_AesCmacVerify(const byte* check, word32 checkSz,
const byte* in, word32 inSz,
const byte* key, word32 keySz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_AES && WOLFSSL_CMAC */
#endif /* WOLF_CRYPT_CMAC_H */

View File

@ -0,0 +1,88 @@
/* coding.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/coding.h
*/
#ifndef WOLF_CRYPT_CODING_H
#define WOLF_CRYPT_CODING_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out,
word32* outLen);
#if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(WOLFSSL_KEY_GEN) \
|| defined(WOLFSSL_CERT_GEN) || defined(HAVE_WEBSERVER) || !defined(NO_DSA)
#ifndef WOLFSSL_BASE64_ENCODE
#define WOLFSSL_BASE64_ENCODE
#endif
#endif
#ifdef WOLFSSL_BASE64_ENCODE
enum Escaped {
WC_STD_ENC = 0, /* normal \n line ending encoding */
WC_ESC_NL_ENC, /* use escape sequence encoding */
WC_NO_NL_ENC /* no encoding at all */
}; /* Encoding types */
/* encode isn't */
WOLFSSL_API
int Base64_Encode(const byte* in, word32 inLen, byte* out,
word32* outLen);
WOLFSSL_API
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out,
word32* outLen);
WOLFSSL_API
int Base64_Encode_NoNl(const byte* in, word32 inLen, byte* out,
word32* outLen);
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(HAVE_WEBSERVER) || defined(HAVE_FIPS) || \
defined(HAVE_ECC_CDH) || defined(HAVE_SELFTEST) || \
defined(WOLFSSL_ENCRYPTED_KEYS)
#ifndef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#endif
#endif
#ifdef WOLFSSL_BASE16
WOLFSSL_API
int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
WOLFSSL_API
int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_CODING_H */

View File

@ -0,0 +1,58 @@
/* compress.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/compress.h
*/
#ifndef WOLF_CRYPT_COMPRESS_H
#define WOLF_CRYPT_COMPRESS_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_LIBZ
#ifdef __cplusplus
extern "C" {
#endif
#define COMPRESS_FIXED 1
#define LIBZ_WINBITS_GZIP 16
WOLFSSL_API int wc_Compress(byte*, word32, const byte*, word32, word32);
WOLFSSL_API int wc_Compress_ex(byte* out, word32 outSz, const byte* in,
word32 inSz, word32 flags, word32 windowBits);
WOLFSSL_API int wc_DeCompress(byte*, word32, const byte*, word32);
WOLFSSL_API int wc_DeCompress_ex(byte* out, word32 outSz, const byte* in,
word32 inSz, int windowBits);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_LIBZ */
#endif /* WOLF_CRYPT_COMPRESS_H */

View File

@ -0,0 +1,62 @@
/* cpuid.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLF_CRYPT_CPUID_H
#define WOLF_CRYPT_CPUID_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
#if defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \
defined(WOLFSSL_AESNI)
#define CPUID_AVX1 0x0001
#define CPUID_AVX2 0x0002
#define CPUID_RDRAND 0x0004
#define CPUID_RDSEED 0x0008
#define CPUID_BMI2 0x0010 /* MULX, RORX */
#define CPUID_AESNI 0x0020
#define CPUID_ADX 0x0040 /* ADCX, ADOX */
#define IS_INTEL_AVX1(f) ((f) & CPUID_AVX1)
#define IS_INTEL_AVX2(f) ((f) & CPUID_AVX2)
#define IS_INTEL_RDRAND(f) ((f) & CPUID_RDRAND)
#define IS_INTEL_RDSEED(f) ((f) & CPUID_RDSEED)
#define IS_INTEL_BMI2(f) ((f) & CPUID_BMI2)
#define IS_INTEL_AESNI(f) ((f) & CPUID_AESNI)
#define IS_INTEL_ADX(f) ((f) & CPUID_ADX)
void cpuid_set_flags(void);
word32 cpuid_get_flags(void);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_CPUID_H */

View File

@ -0,0 +1,299 @@
/* cryptocb.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _WOLF_CRYPTO_CB_H_
#define _WOLF_CRYPTO_CB_H_
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Defines the Crypto Callback interface version, for compatibility */
/* Increment this when Crypto Callback interface changes are made */
#define CRYPTO_CB_VER 2
#ifdef WOLF_CRYPTO_CB
#ifndef NO_RSA
#include <libwolfssl/wolfcrypt/rsa.h>
#endif
#ifdef HAVE_ECC
#include <libwolfssl/wolfcrypt/ecc.h>
#endif
#ifndef NO_AES
#include <libwolfssl/wolfcrypt/aes.h>
#endif
#ifndef NO_SHA
#include <libwolfssl/wolfcrypt/sha.h>
#endif
#ifndef NO_SHA256
#include <libwolfssl/wolfcrypt/sha256.h>
#endif
#ifndef NO_HMAC
#include <libwolfssl/wolfcrypt/hmac.h>
#endif
#ifndef WC_NO_RNG
#include <libwolfssl/wolfcrypt/random.h>
#endif
#ifndef NO_DES3
#include <libwolfssl/wolfcrypt/des3.h>
#endif
/* Crypto Information Structure for callbacks */
typedef struct wc_CryptoInfo {
int algo_type; /* enum wc_AlgoType */
#if !defined(NO_RSA) || defined(HAVE_ECC)
struct {
int type; /* enum wc_PkType */
union {
#ifndef NO_RSA
struct {
const byte* in;
word32 inLen;
byte* out;
word32* outLen;
int type;
RsaKey* key;
WC_RNG* rng;
} rsa;
#ifdef WOLFSSL_KEY_GEN
struct {
RsaKey* key;
int size;
long e;
WC_RNG* rng;
} rsakg;
#endif
#endif
#ifdef HAVE_ECC
struct {
WC_RNG* rng;
int size;
ecc_key* key;
int curveId;
} eckg;
struct {
ecc_key* private_key;
ecc_key* public_key;
byte* out;
word32* outlen;
} ecdh;
struct {
const byte* in;
word32 inlen;
byte* out;
word32* outlen;
WC_RNG* rng;
ecc_key* key;
} eccsign;
struct {
const byte* sig;
word32 siglen;
const byte* hash;
word32 hashlen;
int* res;
ecc_key* key;
} eccverify;
#endif
};
} pk;
#endif /* !NO_RSA || HAVE_ECC */
#if !defined(NO_AES) || !defined(NO_DES3)
struct {
int type; /* enum wc_CipherType */
int enc;
union {
#ifdef HAVE_AESGCM
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
const byte* iv;
word32 ivSz;
byte* authTag;
word32 authTagSz;
const byte* authIn;
word32 authInSz;
} aesgcm_enc;
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
const byte* iv;
word32 ivSz;
const byte* authTag;
word32 authTagSz;
const byte* authIn;
word32 authInSz;
} aesgcm_dec;
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
} aescbc;
#endif /* HAVE_AES_CBC */
#ifndef NO_DES3
struct {
Des3* des;
byte* out;
const byte* in;
word32 sz;
} des3;
#endif
};
} cipher;
#endif /* !NO_AES || !NO_DES3 */
#if !defined(NO_SHA) || !defined(NO_SHA256)
struct {
int type; /* enum wc_HashType */
const byte* in;
word32 inSz;
byte* digest;
union {
#ifndef NO_SHA
wc_Sha* sha1;
#endif
#ifndef NO_SHA256
wc_Sha256* sha256;
#endif
};
} hash;
#endif /* !NO_SHA || !NO_SHA256 */
#ifndef NO_HMAC
struct {
int macType; /* enum wc_HashType */
const byte* in;
word32 inSz;
byte* digest;
Hmac* hmac;
} hmac;
#endif
#ifndef WC_NO_RNG
struct {
WC_RNG* rng;
byte* out;
word32 sz;
} rng;
struct {
OS_Seed* os;
byte* seed;
word32 sz;
} seed;
#endif
} wc_CryptoInfo;
typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
WOLFSSL_LOCAL void wc_CryptoCb_Init(void);
WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId);
/* old function names */
#define wc_CryptoDev_RegisterDevice wc_CryptoCb_RegisterDevice
#define wc_CryptoDev_UnRegisterDevice wc_CryptoCb_UnRegisterDevice
#ifndef NO_RSA
WOLFSSL_LOCAL int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng);
#ifdef WOLFSSL_KEY_GEN
WOLFSSL_LOCAL int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e,
WC_RNG* rng);
#endif /* WOLFSSL_KEY_GEN */
#endif /* !NO_RSA */
#ifdef HAVE_ECC
WOLFSSL_LOCAL int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize,
ecc_key* key, int curveId);
WOLFSSL_LOCAL int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key,
byte* out, word32* outlen);
WOLFSSL_LOCAL int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out,
word32 *outlen, WC_RNG* rng, ecc_key* key);
WOLFSSL_LOCAL int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen,
const byte* hash, word32 hashlen, int* res, ecc_key* key);
#endif /* HAVE_ECC */
#ifndef NO_AES
#ifdef HAVE_AESGCM
WOLFSSL_LOCAL int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz, const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz);
WOLFSSL_LOCAL int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz, const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
WOLFSSL_LOCAL int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_LOCAL int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES */
#ifndef NO_DES3
WOLFSSL_LOCAL int wc_CryptoCb_Des3Encrypt(Des3* des3, byte* out,
const byte* in, word32 sz);
WOLFSSL_LOCAL int wc_CryptoCb_Des3Decrypt(Des3* des3, byte* out,
const byte* in, word32 sz);
#endif /* !NO_DES3 */
#ifndef NO_SHA
WOLFSSL_LOCAL int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in,
word32 inSz, byte* digest);
#endif /* !NO_SHA */
#ifndef NO_SHA256
WOLFSSL_LOCAL int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in,
word32 inSz, byte* digest);
#endif /* !NO_SHA256 */
#ifndef NO_HMAC
WOLFSSL_LOCAL int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in,
word32 inSz, byte* digest);
#endif /* !NO_HMAC */
#ifndef WC_NO_RNG
WOLFSSL_LOCAL int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz);
WOLFSSL_LOCAL int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz);
#endif
#endif /* WOLF_CRYPTO_CB */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* _WOLF_CRYPTO_CB_H_ */

View File

@ -0,0 +1,159 @@
/* curve25519.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/curve25519.h
*/
#ifndef WOLF_CRYPT_CURVE25519_H
#define WOLF_CRYPT_CURVE25519_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_CURVE25519
#include <libwolfssl/wolfcrypt/fe_operations.h>
#include <libwolfssl/wolfcrypt/random.h>
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libwolfssl/wolfcrypt/async.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
#define CURVE25519_KEYSIZE 32
/* curve25519 set type */
typedef struct {
int size; /* The size of the curve in octets */
const char* name; /* name of this curve */
} curve25519_set_type;
/* ECC point, the internal structure is Little endian
* the mathematical functions used the endianess */
typedef struct {
byte point[CURVE25519_KEYSIZE];
#ifdef FREESCALE_LTC_ECC
byte pointY[CURVE25519_KEYSIZE];
#endif
} ECPoint;
/* A CURVE25519 Key */
typedef struct curve25519_key {
int idx; /* Index into the ecc_sets[] for the parameters of
this curve if -1, this key is using user supplied
curve in dp */
const curve25519_set_type* dp; /* domain parameters, either points to
curves (idx >= 0) or user supplied */
ECPoint p; /* public key */
ECPoint k; /* private key */
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif
} curve25519_key;
enum {
EC25519_LITTLE_ENDIAN=0,
EC25519_BIG_ENDIAN=1
};
WOLFSSL_API
int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key);
WOLFSSL_API
int wc_curve25519_shared_secret(curve25519_key* private_key,
curve25519_key* public_key,
byte* out, word32* outlen);
WOLFSSL_API
int wc_curve25519_shared_secret_ex(curve25519_key* private_key,
curve25519_key* public_key,
byte* out, word32* outlen, int endian);
WOLFSSL_API
int wc_curve25519_init(curve25519_key* key);
WOLFSSL_API
void wc_curve25519_free(curve25519_key* key);
/* raw key helpers */
WOLFSSL_API
int wc_curve25519_import_private(const byte* priv, word32 privSz,
curve25519_key* key);
WOLFSSL_API
int wc_curve25519_import_private_ex(const byte* priv, word32 privSz,
curve25519_key* key, int endian);
WOLFSSL_API
int wc_curve25519_import_private_raw(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, curve25519_key* key);
WOLFSSL_API
int wc_curve25519_import_private_raw_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz,
curve25519_key* key, int endian);
WOLFSSL_API
int wc_curve25519_export_private_raw(curve25519_key* key, byte* out,
word32* outLen);
WOLFSSL_API
int wc_curve25519_export_private_raw_ex(curve25519_key* key, byte* out,
word32* outLen, int endian);
WOLFSSL_API
int wc_curve25519_import_public(const byte* in, word32 inLen,
curve25519_key* key);
WOLFSSL_API
int wc_curve25519_import_public_ex(const byte* in, word32 inLen,
curve25519_key* key, int endian);
WOLFSSL_API
int wc_curve25519_check_public(const byte* pub, word32 pubSz, int endian);
WOLFSSL_API
int wc_curve25519_export_public(curve25519_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_curve25519_export_public_ex(curve25519_key* key, byte* out,
word32* outLen, int endian);
WOLFSSL_API
int wc_curve25519_export_key_raw(curve25519_key* key,
byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
WOLFSSL_API
int wc_curve25519_export_key_raw_ex(curve25519_key* key,
byte* priv, word32 *privSz,
byte* pub, word32 *pubSz,
int endian);
/* size helper */
WOLFSSL_API
int wc_curve25519_size(curve25519_key* key);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_CURVE25519 */
#endif /* WOLF_CRYPT_CURVE25519_H */

View File

@ -0,0 +1,158 @@
/* des3.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/des3.h
*/
#ifndef WOLF_CRYPT_DES3_H
#define WOLF_CRYPT_DES3_H
#include <libwolfssl/wolfcrypt/types.h>
#ifndef NO_DES3
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <libwolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* included for fips @wc_fips */
#include <cyassl/ctaocrypt/des3.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* these are required for FIPS and non-FIPS */
enum {
DES_KEY_SIZE = 8, /* des */
DES3_KEY_SIZE = 24, /* 3 des ede */
DES_IV_SIZE = 8, /* should be the same as DES_BLOCK_SIZE */
};
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libwolfssl/wolfcrypt/async.h>
#endif
enum {
DES_ENC_TYPE = WC_CIPHER_DES, /* cipher unique type */
DES3_ENC_TYPE = WC_CIPHER_DES3, /* cipher unique type */
DES_BLOCK_SIZE = 8,
DES_KS_SIZE = 32, /* internal DES key buffer size */
DES_ENCRYPTION = 0,
DES_DECRYPTION = 1
};
#define DES_IVLEN 8
#define DES_KEYLEN 8
#define DES3_IVLEN 8
#define DES3_KEYLEN 24
#if defined(STM32_CRYPTO)
enum {
DES_CBC = 0,
DES_ECB = 1
};
#endif
/* DES encryption and decryption */
typedef struct Des {
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
word32 key[DES_KS_SIZE];
} Des;
/* DES3 encryption and decryption */
struct Des3 {
word32 key[3][DES_KS_SIZE];
word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)
WC_ASYNC_DEV asyncDev;
#endif
#if defined(WOLF_CRYPTO_CB) || \
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES))
word32 devKey[DES3_KEYLEN/sizeof(word32)]; /* raw key */
#endif
#ifdef WOLF_CRYPTO_CB
int devId;
void* devCtx;
#endif
void* heap;
};
#ifndef WC_DES3_TYPE_DEFINED
typedef struct Des3 Des3;
#define WC_DES3_TYPE_DEFINED
#endif
#endif /* HAVE_FIPS */
WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key,
const byte* iv, int dir);
WOLFSSL_API void wc_Des_SetIV(Des* des, const byte* iv);
WOLFSSL_API int wc_Des_CbcEncrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des3_EcbEncrypt(Des3* des, byte* out,
const byte* in, word32 sz);
/* ECB decrypt same process as encrypt but with decrypt key */
#define wc_Des_EcbDecrypt wc_Des_EcbEncrypt
#define wc_Des3_EcbDecrypt wc_Des3_EcbEncrypt
WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key,
const byte* iv,int dir);
WOLFSSL_API int wc_Des3_SetIV(Des3* des, const byte* iv);
WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out,
const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out,
const byte* in,word32 sz);
/* These are only required when using either:
static memory (WOLFSSL_STATIC_MEMORY) or asynchronous (WOLFSSL_ASYNC_CRYPT) */
WOLFSSL_API int wc_Des3Init(Des3*, void*, int);
WOLFSSL_API void wc_Des3Free(Des3*);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_DES3 */
#endif /* WOLF_CRYPT_DES3_H */

View File

@ -0,0 +1,131 @@
/* dh.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/dh.h
*/
#ifndef WOLF_CRYPT_DH_H
#define WOLF_CRYPT_DH_H
#include <libwolfssl/wolfcrypt/types.h>
#ifndef NO_DH
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <libwolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#include <libwolfssl/wolfcrypt/integer.h>
#include <libwolfssl/wolfcrypt/random.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libwolfssl/wolfcrypt/async.h>
#endif
typedef struct DhParams {
#ifdef HAVE_FFDHE_Q
const byte* q;
word32 q_len;
#endif /* HAVE_FFDHE_Q */
const byte* p;
word32 p_len;
const byte* g;
word32 g_len;
} DhParams;
/* Diffie-Hellman Key */
struct DhKey {
mp_int p, g, q; /* group parameters */
void* heap;
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif
};
#ifndef WC_DH_TYPE_DEFINED
typedef struct DhKey DhKey;
#define WC_DH_TYPE_DEFINED
#endif
#ifdef HAVE_FFDHE_2048
WOLFSSL_API const DhParams* wc_Dh_ffdhe2048_Get(void);
#endif
#ifdef HAVE_FFDHE_3072
WOLFSSL_API const DhParams* wc_Dh_ffdhe3072_Get(void);
#endif
#ifdef HAVE_FFDHE_4096
WOLFSSL_API const DhParams* wc_Dh_ffdhe4096_Get(void);
#endif
#ifdef HAVE_FFDHE_6144
WOLFSSL_API const DhParams* wc_Dh_ffdhe6144_Get(void);
#endif
#ifdef HAVE_FFDHE_8192
WOLFSSL_API const DhParams* wc_Dh_ffdhe8192_Get(void);
#endif
WOLFSSL_API int wc_InitDhKey(DhKey* key);
WOLFSSL_API int wc_InitDhKey_ex(DhKey* key, void* heap, int devId);
WOLFSSL_API int wc_FreeDhKey(DhKey* key);
WOLFSSL_API int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng, byte* priv,
word32* privSz, byte* pub, word32* pubSz);
WOLFSSL_API int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz,
const byte* priv, word32 privSz, const byte* otherPub,
word32 pubSz);
WOLFSSL_API int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
word32);
WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
word32 gSz);
WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz,
const byte* g, word32 gSz, const byte* q, word32 qSz);
WOLFSSL_API int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz,
const byte* g, word32 gSz, const byte* q, word32 qSz,
int trusted, WC_RNG* rng);
WOLFSSL_API int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p,
word32* pInOutSz, byte* g, word32* gInOutSz);
WOLFSSL_API int wc_DhCheckPubKey(DhKey* key, const byte* pub, word32 pubSz);
WOLFSSL_API int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
const byte* prime, word32 primeSz);
WOLFSSL_API int wc_DhCheckPubValue(const byte* prime, word32 primeSz,
const byte* pub, word32 pubSz);
WOLFSSL_API int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 pubSz);
WOLFSSL_API int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 pubSz,
const byte* prime, word32 primeSz);
WOLFSSL_API int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz,
const byte* priv, word32 privSz);
WOLFSSL_API int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh);
WOLFSSL_API int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
byte* q, word32* qSz, byte* g, word32* gSz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_DH */
#endif /* WOLF_CRYPT_DH_H */

View File

@ -0,0 +1,97 @@
/* dsa.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/dsa.h
*/
#ifndef WOLF_CRYPT_DSA_H
#define WOLF_CRYPT_DSA_H
#include <libwolfssl/wolfcrypt/types.h>
#ifndef NO_DSA
#include <libwolfssl/wolfcrypt/integer.h>
#include <libwolfssl/wolfcrypt/random.h>
/* for DSA reverse compatibility */
#define InitDsaKey wc_InitDsaKey
#define FreeDsaKey wc_FreeDsaKey
#define DsaSign wc_DsaSign
#define DsaVerify wc_DsaVerify
#define DsaPublicKeyDecode wc_DsaPublicKeyDecode
#define DsaPrivateKeyDecode wc_DsaPrivateKeyDecode
#define DsaKeyToDer wc_DsaKeyToDer
#ifdef __cplusplus
extern "C" {
#endif
enum {
DSA_PUBLIC = 0,
DSA_PRIVATE = 1
};
/* DSA */
typedef struct DsaKey {
mp_int p, q, g, y, x;
int type; /* public or private */
void* heap; /* memory hint */
} DsaKey;
WOLFSSL_API int wc_InitDsaKey(DsaKey* key);
WOLFSSL_API int wc_InitDsaKey_h(DsaKey* key, void* h);
WOLFSSL_API void wc_FreeDsaKey(DsaKey* key);
WOLFSSL_API int wc_DsaSign(const byte* digest, byte* out,
DsaKey* key, WC_RNG* rng);
WOLFSSL_API int wc_DsaVerify(const byte* digest, const byte* sig,
DsaKey* key, int* answer);
WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx,
DsaKey*, word32);
WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
DsaKey*, word32);
WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
#ifdef WOLFSSL_KEY_GEN
WOLFSSL_API int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa);
WOLFSSL_API int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa);
#endif
/* raw export functions */
WOLFSSL_API int wc_DsaImportParamsRaw(DsaKey* dsa, const char* p,
const char* q, const char* g);
WOLFSSL_API int wc_DsaImportParamsRawCheck(DsaKey* dsa, const char* p,
const char* q, const char* g,
int trusted, WC_RNG* rng);
WOLFSSL_API int wc_DsaExportParamsRaw(DsaKey* dsa, byte* p, word32* pSz,
byte* q, word32* qSz, byte* g,
word32* gSz);
WOLFSSL_API int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y,
word32* ySz);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_DSA */
#endif /* WOLF_CRYPT_DSA_H */

View File

@ -0,0 +1,720 @@
/* ecc.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/ecc.h
*/
#ifndef WOLF_CRYPT_ECC_H
#define WOLF_CRYPT_ECC_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_ECC
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <libwolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#include <libwolfssl/wolfcrypt/integer.h>
#include <libwolfssl/wolfcrypt/random.h>
#ifdef HAVE_X963_KDF
#include <libwolfssl/wolfcrypt/hash.h>
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libwolfssl/wolfcrypt/async.h>
#ifdef WOLFSSL_CERT_GEN
#include <libwolfssl/wolfcrypt/asn.h>
#endif
#endif
#ifdef WOLFSSL_ATECC508A
#include <libwolfssl/wolfcrypt/port/atmel/atmel.h>
#endif /* WOLFSSL_ATECC508A */
#if defined(WOLFSSL_CRYPTOCELL)
#include <libwolfssl/wolfcrypt/port/arm/cryptoCell.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* Enable curve B parameter if needed */
#if defined(HAVE_COMP_KEY) || defined(ECC_CACHE_CURVE)
#ifndef USE_ECC_B_PARAM /* Allow someone to force enable */
#define USE_ECC_B_PARAM
#endif
#endif
/* Use this as the key->idx if a custom ecc_set is used for key->dp */
#define ECC_CUSTOM_IDX (-1)
/* Determine max ECC bits based on enabled curves */
#if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
#define MAX_ECC_BITS 521
#elif defined(HAVE_ECC512)
#define MAX_ECC_BITS 512
#elif defined(HAVE_ECC384)
#define MAX_ECC_BITS 384
#elif defined(HAVE_ECC320)
#define MAX_ECC_BITS 320
#elif !defined(NO_ECC256)
#define MAX_ECC_BITS 256
#elif defined(HAVE_ECC239)
#define MAX_ECC_BITS 239
#elif defined(HAVE_ECC224)
#define MAX_ECC_BITS 224
#elif defined(HAVE_ECC192)
#define MAX_ECC_BITS 192
#elif defined(HAVE_ECC160)
#define MAX_ECC_BITS 160
#elif defined(HAVE_ECC128)
#define MAX_ECC_BITS 128
#elif defined(HAVE_ECC112)
#define MAX_ECC_BITS 112
#endif
/* calculate max ECC bytes */
#if ((MAX_ECC_BITS * 2) % 8) == 0
#define MAX_ECC_BYTES (MAX_ECC_BITS / 8)
#else
/* add byte if not aligned */
#define MAX_ECC_BYTES ((MAX_ECC_BITS / 8) + 1)
#endif
#ifndef ECC_MAX_PAD_SZ
/* ECC maximum padding size (when MSB is set extra byte required for R and S) */
#define ECC_MAX_PAD_SZ 2
#endif
enum {
ECC_PUBLICKEY = 1,
ECC_PRIVATEKEY = 2,
ECC_PRIVATEKEY_ONLY = 3,
ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */
SIG_HEADER_SZ = 7, /* ECC signature header size (30 81 87 02 42 [R] 02 42 [S]) */
ECC_BUFSIZE = 256, /* for exported keys temp buffer */
ECC_MINSIZE = 20, /* MIN Private Key size */
ECC_MAXSIZE = 66, /* MAX Private Key size */
ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/
ECC_MAX_OID_LEN = 16,
ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ),
/* max crypto hardware size */
#ifdef WOLFSSL_ATECC508A
ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */
ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2),
#elif defined(PLUTON_CRYPTO_ECC)
ECC_MAX_CRYPTO_HW_SIZE = 32,
#elif defined(WOLFSSL_CRYPTOCELL)
#ifndef CRYPTOCELL_KEY_SIZE
CRYPTOCELL_KEY_SIZE = ECC_MAXSIZE,
#endif
ECC_MAX_CRYPTO_HW_SIZE = CRYPTOCELL_KEY_SIZE,
#endif
/* point compression type */
ECC_POINT_COMP_EVEN = 0x02,
ECC_POINT_COMP_ODD = 0x03,
ECC_POINT_UNCOMP = 0x04,
/* Shamir's dual add constants */
SHAMIR_PRECOMP_SZ = 16,
#ifdef HAVE_PKCS11
ECC_MAX_ID_LEN = 32,
#endif
};
/* Curve Types */
typedef enum ecc_curve_id {
ECC_CURVE_INVALID = -1,
ECC_CURVE_DEF = 0, /* NIST or SECP */
/* NIST Prime Curves */
ECC_SECP192R1,
ECC_PRIME192V2,
ECC_PRIME192V3,
ECC_PRIME239V1,
ECC_PRIME239V2,
ECC_PRIME239V3,
ECC_SECP256R1,
/* SECP Curves */
ECC_SECP112R1,
ECC_SECP112R2,
ECC_SECP128R1,
ECC_SECP128R2,
ECC_SECP160R1,
ECC_SECP160R2,
ECC_SECP224R1,
ECC_SECP384R1,
ECC_SECP521R1,
/* Koblitz */
ECC_SECP160K1,
ECC_SECP192K1,
ECC_SECP224K1,
ECC_SECP256K1,
/* Brainpool Curves */
ECC_BRAINPOOLP160R1,
ECC_BRAINPOOLP192R1,
ECC_BRAINPOOLP224R1,
ECC_BRAINPOOLP256R1,
ECC_BRAINPOOLP320R1,
ECC_BRAINPOOLP384R1,
ECC_BRAINPOOLP512R1,
/* Twisted Edwards Curves */
#ifdef HAVE_CURVE25519
ECC_X25519,
#endif
#ifdef HAVE_X448
ECC_X448,
#endif
#ifdef WOLFSSL_CUSTOM_CURVES
ECC_CURVE_CUSTOM,
#endif
} ecc_curve_id;
#ifdef HAVE_OID_ENCODING
typedef word16 ecc_oid_t;
#else
typedef byte ecc_oid_t;
/* OID encoded with ASN scheme:
first element = (oid[0] * 40) + oid[1]
if any element > 127 then MSB 0x80 indicates additional byte */
#endif
/* ECC set type defined a GF(p) curve */
#ifndef USE_WINDOWS_API
typedef struct ecc_set_type {
int size; /* The size of the curve in octets */
int id; /* id of this curve */
const char* name; /* name of this curve */
const char* prime; /* prime that defines the field, curve is in (hex) */
const char* Af; /* fields A param (hex) */
const char* Bf; /* fields B param (hex) */
const char* order; /* order of the curve (hex) */
const char* Gx; /* x coordinate of the base point on curve (hex) */
const char* Gy; /* y coordinate of the base point on curve (hex) */
const ecc_oid_t* oid;
word32 oidSz;
word32 oidSum; /* sum of encoded OID bytes */
int cofactor;
} ecc_set_type;
#else
/* MSC does something different with the pointers to the arrays than GCC,
* and it causes the FIPS checksum to fail. In the case of windows builds,
* store everything as arrays instead of pointers to strings. */
#define MAX_ECC_NAME 16
#define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 1)
/* The values are stored as text strings. */
typedef struct ecc_set_type {
int size; /* The size of the curve in octets */
int id; /* id of this curve */
const char name[MAX_ECC_NAME]; /* name of this curve */
const char prime[MAX_ECC_STRING]; /* prime that defines the field, curve is in (hex) */
const char Af[MAX_ECC_STRING]; /* fields A param (hex) */
const char Bf[MAX_ECC_STRING]; /* fields B param (hex) */
const char order[MAX_ECC_STRING]; /* order of the curve (hex) */
const char Gx[MAX_ECC_STRING]; /* x coordinate of the base point on curve (hex) */
const char Gy[MAX_ECC_STRING]; /* y coordinate of the base point on curve (hex) */
const ecc_oid_t oid[10];
word32 oidSz;
word32 oidSum; /* sum of encoded OID bytes */
int cofactor;
} ecc_set_type;
#endif
#ifdef ALT_ECC_SIZE
/* Note on ALT_ECC_SIZE:
* The fast math code uses an array of a fixed size to store the big integers.
* By default, the array is big enough for RSA keys. There is a size,
* FP_MAX_BITS which can be used to make the array smaller when one wants ECC
* but not RSA. Some people want fast math sized for both RSA and ECC, where
* ECC won't use as much as RSA. The flag ALT_ECC_SIZE switches in an alternate
* ecc_point structure that uses an alternate fp_int that has a shorter array
* of fp_digits.
*
* Now, without ALT_ECC_SIZE, the ecc_point has three single item arrays of
* mp_ints for the components of the point. With ALT_ECC_SIZE, the components
* of the point are pointers that are set to each of a three item array of
* alt_fp_ints. While an mp_int will have 4096 bits of digit inside the
* structure, the alt_fp_int will only have 528 bits. A size value was added
* in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The
* functions fp_zero() and fp_copy() use the size parameter. An int needs to
* be initialized before using it instead of just fp_zeroing it, the init will
* call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the
* number of bits used in the alternate FP_INT.
*
* Do not enable ALT_ECC_SIZE and disable fast math in the configuration.
*/
#ifndef USE_FAST_MATH
#error USE_FAST_MATH must be defined to use ALT_ECC_SIZE
#endif
/* determine max bits required for ECC math */
#ifndef FP_MAX_BITS_ECC
/* check alignment */
#if ((MAX_ECC_BITS * 2) % DIGIT_BIT) == 0
/* max bits is double */
#define FP_MAX_BITS_ECC (MAX_ECC_BITS * 2)
#else
/* max bits is doubled, plus one digit of fudge */
#define FP_MAX_BITS_ECC ((MAX_ECC_BITS * 2) + DIGIT_BIT)
#endif
#else
/* verify alignment */
#if FP_MAX_BITS_ECC % CHAR_BIT
#error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
#endif
#endif
/* determine buffer size */
#define FP_SIZE_ECC (FP_MAX_BITS_ECC/DIGIT_BIT)
/* This needs to match the size of the fp_int struct, except the
* fp_digit array will be shorter. */
typedef struct alt_fp_int {
int used, sign, size;
mp_digit dp[FP_SIZE_ECC];
} alt_fp_int;
#endif /* ALT_ECC_SIZE */
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#endif
/* A point on an ECC curve, stored in Jacbobian format such that (x,y,z) =>
(x/z^2, y/z^3, 1) when interpreted as affine */
typedef struct {
#ifndef ALT_ECC_SIZE
mp_int x[1]; /* The x coordinate */
mp_int y[1]; /* The y coordinate */
mp_int z[1]; /* The z coordinate */
#else
mp_int* x; /* The x coordinate */
mp_int* y; /* The y coordinate */
mp_int* z; /* The z coordinate */
alt_fp_int xyz[3];
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
ecc_key* key;
#endif
} ecc_point;
/* ECC Flags */
enum {
WC_ECC_FLAG_NONE = 0x00,
#ifdef HAVE_ECC_CDH
WC_ECC_FLAG_COFACTOR = 0x01,
#endif
};
/* An ECC Key */
struct ecc_key {
int type; /* Public or Private */
int idx; /* Index into the ecc_sets[] for the parameters of
this curve if -1, this key is using user supplied
curve in dp */
int state;
word32 flags;
const ecc_set_type* dp; /* domain parameters, either points to NIST
curves (idx >= 0) or user supplied */
#ifdef WOLFSSL_CUSTOM_CURVES
int deallocSet;
#endif
void* heap; /* heap hint */
ecc_point pubkey; /* public key */
mp_int k; /* private key */
#ifdef WOLFSSL_ATECC508A
int slot; /* Key Slot Number (-1 unknown) */
byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
#endif
#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_CB)
int devId;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
mp_int* r; /* sign/verify temps */
mp_int* s;
WC_ASYNC_DEV asyncDev;
#ifdef HAVE_CAVIUM_V
mp_int* e; /* Sign, Verify and Shared Secret */
mp_int* signK;
#endif
#ifdef WOLFSSL_CERT_GEN
CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef HAVE_PKCS11
byte id[ECC_MAX_ID_LEN];
int idLen;
#endif
#if defined(WOLFSSL_CRYPTOCELL)
ecc_context_t ctx;
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
mp_int* t1;
mp_int* t2;
#ifdef ALT_ECC_SIZE
mp_int* x;
mp_int* y;
mp_int* z;
#endif
#endif
};
/* ECC predefined curve sets */
extern const ecc_set_type ecc_sets[];
WOLFSSL_API
const char* wc_ecc_get_name(int curve_id);
#ifndef WOLFSSL_ATECC508A
#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
#define ECC_API WOLFSSL_API
#else
#define ECC_API WOLFSSL_LOCAL
#endif
ECC_API int ecc_mul2add(ecc_point* A, mp_int* kA,
ecc_point* B, mp_int* kB,
ecc_point* C, mp_int* a, mp_int* modulus, void* heap);
ECC_API int ecc_map(ecc_point*, mp_int*, mp_digit);
ECC_API int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
mp_int* a, mp_int* modulus, mp_digit mp);
ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a,
mp_int* modulus, mp_digit mp);
#endif
WOLFSSL_API
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
WOLFSSL_API
int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
int curve_id);
WOLFSSL_API
int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut);
WOLFSSL_API
int wc_ecc_check_key(ecc_key* key);
WOLFSSL_API
int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime);
#ifdef HAVE_ECC_DHE
WOLFSSL_API
int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
word32* outlen);
WOLFSSL_LOCAL
int wc_ecc_shared_secret_gen(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen);
WOLFSSL_API
int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen);
#if defined(WOLFSSL_ATECC508A) || defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL)
#define wc_ecc_shared_secret_ssh wc_ecc_shared_secret
#else
#define wc_ecc_shared_secret_ssh wc_ecc_shared_secret_ex /* For backwards compat */
#endif
#endif /* HAVE_ECC_DHE */
#ifdef HAVE_ECC_SIGN
WOLFSSL_API
int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
WC_RNG* rng, ecc_key* key);
WOLFSSL_API
int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
ecc_key* key, mp_int *r, mp_int *s);
#endif /* HAVE_ECC_SIGN */
#ifdef HAVE_ECC_VERIFY
WOLFSSL_API
int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
word32 hashlen, int* stat, ecc_key* key);
WOLFSSL_API
int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* stat, ecc_key* key);
#endif /* HAVE_ECC_VERIFY */
WOLFSSL_API
int wc_ecc_init(ecc_key* key);
WOLFSSL_API
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
#ifdef HAVE_PKCS11
WOLFSSL_API
int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
int devId);
#endif
#ifdef WOLFSSL_CUSTOM_CURVES
WOLFSSL_LOCAL
void wc_ecc_free_curve(const ecc_set_type* curve, void* heap);
#endif
WOLFSSL_API
int wc_ecc_free(ecc_key* key);
WOLFSSL_API
int wc_ecc_set_flags(ecc_key* key, word32 flags);
WOLFSSL_API
void wc_ecc_fp_free(void);
WOLFSSL_API
int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id);
WOLFSSL_API
int wc_ecc_is_valid_idx(int n);
WOLFSSL_API
int wc_ecc_get_curve_idx(int curve_id);
WOLFSSL_API
int wc_ecc_get_curve_id(int curve_idx);
#define wc_ecc_get_curve_name_from_id wc_ecc_get_name
WOLFSSL_API
int wc_ecc_get_curve_size_from_id(int curve_id);
WOLFSSL_API
int wc_ecc_get_curve_idx_from_name(const char* curveName);
WOLFSSL_API
int wc_ecc_get_curve_size_from_name(const char* curveName);
WOLFSSL_API
int wc_ecc_get_curve_id_from_name(const char* curveName);
WOLFSSL_API
int wc_ecc_get_curve_id_from_params(int fieldSize,
const byte* prime, word32 primeSz, const byte* Af, word32 AfSz,
const byte* Bf, word32 BfSz, const byte* order, word32 orderSz,
const byte* Gx, word32 GxSz, const byte* Gy, word32 GySz, int cofactor);
WOLFSSL_API
int wc_ecc_get_curve_id_from_dp_params(const ecc_set_type* dp);
WOLFSSL_API
int wc_ecc_get_curve_id_from_oid(const byte* oid, word32 len);
WOLFSSL_API const ecc_set_type* wc_ecc_get_curve_params(int curve_idx);
WOLFSSL_API
ecc_point* wc_ecc_new_point(void);
WOLFSSL_API
ecc_point* wc_ecc_new_point_h(void* h);
WOLFSSL_API
void wc_ecc_del_point(ecc_point* p);
WOLFSSL_API
void wc_ecc_del_point_h(ecc_point* p, void* h);
WOLFSSL_API
int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
WOLFSSL_API
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
WOLFSSL_API
int wc_ecc_point_is_at_infinity(ecc_point *p);
#ifndef WOLFSSL_ATECC508A
WOLFSSL_API
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map);
WOLFSSL_LOCAL
int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map, void* heap);
#endif /* !WOLFSSL_ATECC508A */
#ifdef HAVE_ECC_KEY_EXPORT
/* ASN key helpers */
WOLFSSL_API
int wc_ecc_export_x963(ecc_key*, byte* out, word32* outLen);
WOLFSSL_API
int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed);
/* extended functionality with compressed option */
#endif /* HAVE_ECC_KEY_EXPORT */
#ifdef HAVE_ECC_KEY_IMPORT
WOLFSSL_API
int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
WOLFSSL_API
int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
int curve_id);
WOLFSSL_API
int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
word32 pubSz, ecc_key* key);
WOLFSSL_API
int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ecc_key* key, int curve_id);
WOLFSSL_API
int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
WOLFSSL_API
int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz,
byte* out, word32* outlen);
WOLFSSL_API
int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen,
byte* s, word32* sLen);
WOLFSSL_API
int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
const char* d, const char* curveName);
WOLFSSL_API
int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy,
const char* d, int curve_id);
WOLFSSL_API
int wc_ecc_import_unsigned(ecc_key* key, byte* qx, byte* qy,
byte* d, int curve_id);
#endif /* HAVE_ECC_KEY_IMPORT */
#ifdef HAVE_ECC_KEY_EXPORT
WOLFSSL_API
int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
byte* qy, word32* qyLen, byte* d, word32* dLen,
int encType);
WOLFSSL_API
int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen,
byte* qy, word32* qyLen);
WOLFSSL_API
int wc_ecc_export_private_raw(ecc_key* key, byte* qx, word32* qxLen,
byte* qy, word32* qyLen, byte* d, word32* dLen);
#endif /* HAVE_ECC_KEY_EXPORT */
#ifdef HAVE_ECC_KEY_EXPORT
WOLFSSL_API
int wc_ecc_export_point_der(const int curve_idx, ecc_point* point,
byte* out, word32* outLen);
#endif /* HAVE_ECC_KEY_EXPORT */
#ifdef HAVE_ECC_KEY_IMPORT
WOLFSSL_API
int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
ecc_point* point);
#endif /* HAVE_ECC_KEY_IMPORT */
/* size helper */
WOLFSSL_API
int wc_ecc_size(ecc_key* key);
WOLFSSL_API
int wc_ecc_sig_size_calc(int sz);
WOLFSSL_API
int wc_ecc_sig_size(ecc_key* key);
WOLFSSL_API
int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz);
#ifdef WOLFSSL_CUSTOM_CURVES
WOLFSSL_API
int wc_ecc_set_custom_curve(ecc_key* key, const ecc_set_type* dp);
#endif
#ifdef HAVE_ECC_ENCRYPT
/* ecc encrypt */
enum ecEncAlgo {
ecAES_128_CBC = 1, /* default */
ecAES_256_CBC = 2
};
enum ecKdfAlgo {
ecHKDF_SHA256 = 1, /* default */
ecHKDF_SHA1 = 2
};
enum ecMacAlgo {
ecHMAC_SHA256 = 1, /* default */
ecHMAC_SHA1 = 2
};
enum {
KEY_SIZE_128 = 16,
KEY_SIZE_256 = 32,
IV_SIZE_64 = 8,
IV_SIZE_128 = 16,
EXCHANGE_SALT_SZ = 16,
EXCHANGE_INFO_SZ = 23
};
enum ecFlags {
REQ_RESP_CLIENT = 1,
REQ_RESP_SERVER = 2
};
typedef struct ecEncCtx ecEncCtx;
WOLFSSL_API
ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
WOLFSSL_API
ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap);
WOLFSSL_API
void wc_ecc_ctx_free(ecEncCtx*);
WOLFSSL_API
int wc_ecc_ctx_reset(ecEncCtx*, WC_RNG*); /* reset for use again w/o alloc/free */
WOLFSSL_API
const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
WOLFSSL_API
int wc_ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt);
WOLFSSL_API
int wc_ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz);
WOLFSSL_API
int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
WOLFSSL_API
int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
#endif /* HAVE_ECC_ENCRYPT */
#ifdef HAVE_X963_KDF
WOLFSSL_API int wc_X963_KDF(enum wc_HashType type, const byte* secret,
word32 secretSz, const byte* sinfo, word32 sinfoSz,
byte* out, word32 outSz);
#endif
#ifdef ECC_CACHE_CURVE
WOLFSSL_API int wc_ecc_curve_cache_init(void);
WOLFSSL_API void wc_ecc_curve_cache_free(void);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_ECC */
#endif /* WOLF_CRYPT_ECC_H */

View File

@ -0,0 +1,169 @@
/* ed25519.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/ed25519.h
*/
#ifndef WOLF_CRYPT_ED25519_H
#define WOLF_CRYPT_ED25519_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_ED25519
#include <libwolfssl/wolfcrypt/fe_operations.h>
#include <libwolfssl/wolfcrypt/ge_operations.h>
#include <libwolfssl/wolfcrypt/random.h>
#include <libwolfssl/wolfcrypt/sha512.h>
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libwolfssl/wolfcrypt/async.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* info about EdDSA curve specifically ed25519, defined as an elliptic curve
over GF(p) */
/*
32, key size
"ED25519", curve name
"2^255-19", prime number
"SHA512", hash function
"-121665/121666", value of d
*/
#define ED25519_KEY_SIZE 32 /* private key only */
#define ED25519_SIG_SIZE 64
#define ED25519_PUB_KEY_SIZE 32 /* compressed */
/* both private and public key */
#define ED25519_PRV_KEY_SIZE (ED25519_PUB_KEY_SIZE+ED25519_KEY_SIZE)
enum {
Ed25519 = -1,
Ed25519ctx = 0,
Ed25519ph = 1,
};
#ifndef WC_ED25519KEY_TYPE_DEFINED
typedef struct ed25519_key ed25519_key;
#define WC_ED25519KEY_TYPE_DEFINED
#endif
/* An ED25519 Key */
struct ed25519_key {
byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
byte k[ED25519_PRV_KEY_SIZE]; /* private key : 32 secret -- 32 public */
#ifdef FREESCALE_LTC_ECC
/* uncompressed point coordinates */
byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
#endif
word16 pubKeySet:1;
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif
};
WOLFSSL_API
int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
word32 pubKeySz);
WOLFSSL_API
int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key);
WOLFSSL_API
int wc_ed25519_sign_msg(const byte* in, word32 inLen, byte* out,
word32 *outLen, ed25519_key* key);
WOLFSSL_API
int wc_ed25519ctx_sign_msg(const byte* in, word32 inLen, byte* out,
word32 *outLen, ed25519_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed25519ph_sign_hash(const byte* hash, word32 hashLen, byte* out,
word32 *outLen, ed25519_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed25519ph_sign_msg(const byte* in, word32 inLen, byte* out,
word32 *outLen, ed25519_key* key, const byte* context,
byte contextLen);
WOLFSSL_API
int wc_ed25519_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed25519_key* key);
WOLFSSL_API
int wc_ed25519ctx_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed25519_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed25519ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash,
word32 hashLen, int* stat, ed25519_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed25519_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed25519_init(ed25519_key* key);
WOLFSSL_API
void wc_ed25519_free(ed25519_key* key);
WOLFSSL_API
int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
WOLFSSL_API
int wc_ed25519_import_private_only(const byte* priv, word32 privSz,
ed25519_key* key);
WOLFSSL_API
int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed25519_key* key);
WOLFSSL_API
int wc_ed25519_export_public(ed25519_key*, byte* out, word32* outLen);
WOLFSSL_API
int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ed25519_export_key(ed25519_key* key,
byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
int wc_ed25519_check_key(ed25519_key* key);
/* size helper */
WOLFSSL_API
int wc_ed25519_size(ed25519_key* key);
WOLFSSL_API
int wc_ed25519_priv_size(ed25519_key* key);
WOLFSSL_API
int wc_ed25519_pub_size(ed25519_key* key);
WOLFSSL_API
int wc_ed25519_sig_size(ed25519_key* key);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_ED25519 */
#endif /* WOLF_CRYPT_ED25519_H */

View File

@ -0,0 +1,252 @@
/* error-crypt.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/error-crypt.h
*/
#ifndef WOLF_CRYPT_ERROR_H
#define WOLF_CRYPT_ERROR_H
#include <libwolfssl/wolfcrypt/types.h>
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#include <cyassl/ctaocrypt/error-crypt.h>
#endif /* HAVE_FIPS V1 */
#ifdef __cplusplus
extern "C" {
#endif
/* error codes, add string for new errors !!! */
enum {
MAX_CODE_E = -100, /* errors -101 - -299 */
OPEN_RAN_E = -101, /* opening random device error */
READ_RAN_E = -102, /* reading random device error */
WINCRYPT_E = -103, /* windows crypt init error */
CRYPTGEN_E = -104, /* windows crypt generation error */
RAN_BLOCK_E = -105, /* reading random device would block */
BAD_MUTEX_E = -106, /* Bad mutex operation */
WC_TIMEOUT_E = -107, /* timeout error */
WC_PENDING_E = -108, /* wolfCrypt operation pending (would block) */
WC_NOT_PENDING_E = -109, /* wolfCrypt operation not pending */
MP_INIT_E = -110, /* mp_init error state */
MP_READ_E = -111, /* mp_read error state */
MP_EXPTMOD_E = -112, /* mp_exptmod error state */
MP_TO_E = -113, /* mp_to_xxx error state, can't convert */
MP_SUB_E = -114, /* mp_sub error state, can't subtract */
MP_ADD_E = -115, /* mp_add error state, can't add */
MP_MUL_E = -116, /* mp_mul error state, can't multiply */
MP_MULMOD_E = -117, /* mp_mulmod error state, can't multiply mod */
MP_MOD_E = -118, /* mp_mod error state, can't mod */
MP_INVMOD_E = -119, /* mp_invmod error state, can't inv mod */
MP_CMP_E = -120, /* mp_cmp error state */
MP_ZERO_E = -121, /* got a mp zero result, not expected */
MEMORY_E = -125, /* out of memory error */
VAR_STATE_CHANGE_E = -126, /* var state modified by different thread */
RSA_WRONG_TYPE_E = -130, /* RSA wrong block type for RSA function */
RSA_BUFFER_E = -131, /* RSA buffer error, output too small or
input too large */
BUFFER_E = -132, /* output buffer too small or input too large */
ALGO_ID_E = -133, /* setting algo id error */
PUBLIC_KEY_E = -134, /* setting public key error */
DATE_E = -135, /* setting date validity error */
SUBJECT_E = -136, /* setting subject name error */
ISSUER_E = -137, /* setting issuer name error */
CA_TRUE_E = -138, /* setting CA basic constraint true error */
EXTENSIONS_E = -139, /* setting extensions error */
ASN_PARSE_E = -140, /* ASN parsing error, invalid input */
ASN_VERSION_E = -141, /* ASN version error, invalid number */
ASN_GETINT_E = -142, /* ASN get big int error, invalid data */
ASN_RSA_KEY_E = -143, /* ASN key init error, invalid input */
ASN_OBJECT_ID_E = -144, /* ASN object id error, invalid id */
ASN_TAG_NULL_E = -145, /* ASN tag error, not null */
ASN_EXPECT_0_E = -146, /* ASN expect error, not zero */
ASN_BITSTR_E = -147, /* ASN bit string error, wrong id */
ASN_UNKNOWN_OID_E = -148, /* ASN oid error, unknown sum id */
ASN_DATE_SZ_E = -149, /* ASN date error, bad size */
ASN_BEFORE_DATE_E = -150, /* ASN date error, current date before */
ASN_AFTER_DATE_E = -151, /* ASN date error, current date after */
ASN_SIG_OID_E = -152, /* ASN signature error, mismatched oid */
ASN_TIME_E = -153, /* ASN time error, unknown time type */
ASN_INPUT_E = -154, /* ASN input error, not enough data */
ASN_SIG_CONFIRM_E = -155, /* ASN sig error, confirm failure */
ASN_SIG_HASH_E = -156, /* ASN sig error, unsupported hash type */
ASN_SIG_KEY_E = -157, /* ASN sig error, unsupported key type */
ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */
ASN_NTRU_KEY_E = -159, /* ASN ntru key decode error, invalid input */
ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */
ASN_ALT_NAME_E = -161, /* ASN alternate name error */
ASN_NO_PEM_HEADER = -162, /* ASN no PEM header found */
ECC_BAD_ARG_E = -170, /* ECC input argument of wrong type */
ASN_ECC_KEY_E = -171, /* ASN ECC bad input */
ECC_CURVE_OID_E = -172, /* Unsupported ECC OID curve type */
BAD_FUNC_ARG = -173, /* Bad function argument provided */
NOT_COMPILED_IN = -174, /* Feature not compiled in */
UNICODE_SIZE_E = -175, /* Unicode password too big */
NO_PASSWORD = -176, /* no password provided by user */
ALT_NAME_E = -177, /* alt name size problem, too big */
BAD_OCSP_RESPONDER = -178, /* missing key usage extensions */
AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */
AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */
ASYNC_INIT_E = -182, /* Async Init type error */
COMPRESS_INIT_E = -183, /* Compress init error */
COMPRESS_E = -184, /* Compress error */
DECOMPRESS_INIT_E = -185, /* DeCompress init error */
DECOMPRESS_E = -186, /* DeCompress error */
BAD_ALIGN_E = -187, /* Bad alignment for operation, no alloc */
ASN_NO_SIGNER_E = -188, /* ASN no signer to confirm failure */
ASN_CRL_CONFIRM_E = -189, /* ASN CRL signature confirm failure */
ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */
ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */
BAD_STATE_E = -192, /* Bad state operation */
BAD_PADDING_E = -193, /* Bad padding, msg not correct length */
REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */
PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */
PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */
FIPS_NOT_ALLOWED_E = -197, /* FIPS not allowed error */
ASN_NAME_INVALID_E = -198, /* ASN name constraint error */
RNG_FAILURE_E = -199, /* RNG Failed, Reinitialize */
HMAC_MIN_KEYLEN_E = -200, /* FIPS Mode HMAC Minimum Key Length error */
RSA_PAD_E = -201, /* RSA Padding Error */
LENGTH_ONLY_E = -202, /* Returning output length only */
IN_CORE_FIPS_E = -203, /* In Core Integrity check failure */
AES_KAT_FIPS_E = -204, /* AES KAT failure */
DES3_KAT_FIPS_E = -205, /* DES3 KAT failure */
HMAC_KAT_FIPS_E = -206, /* HMAC KAT failure */
RSA_KAT_FIPS_E = -207, /* RSA KAT failure */
DRBG_KAT_FIPS_E = -208, /* HASH DRBG KAT failure */
DRBG_CONT_FIPS_E = -209, /* HASH DRBG Continuous test failure */
AESGCM_KAT_FIPS_E = -210, /* AESGCM KAT failure */
THREAD_STORE_KEY_E = -211, /* Thread local storage key create failure */
THREAD_STORE_SET_E = -212, /* Thread local storage key set failure */
MAC_CMP_FAILED_E = -213, /* MAC comparison failed */
IS_POINT_E = -214, /* ECC is point on curve failed */
ECC_INF_E = -215, /* ECC point infinity error */
ECC_PRIV_KEY_E = -216, /* ECC private key not valid error */
ECC_OUT_OF_RANGE_E = -217, /* ECC key component out of range */
SRP_CALL_ORDER_E = -218, /* SRP function called in the wrong order. */
SRP_VERIFY_E = -219, /* SRP proof verification failed. */
SRP_BAD_KEY_E = -220, /* SRP bad ephemeral values. */
ASN_NO_SKID = -221, /* ASN no Subject Key Identifier found */
ASN_NO_AKID = -222, /* ASN no Authority Key Identifier found */
ASN_NO_KEYUSAGE = -223, /* ASN no Key Usage found */
SKID_E = -224, /* setting Subject Key Identifier error */
AKID_E = -225, /* setting Authority Key Identifier error */
KEYUSAGE_E = -226, /* Bad Key Usage value */
CERTPOLICIES_E = -227, /* setting Certificate Policies error */
WC_INIT_E = -228, /* wolfcrypt failed to initialize */
SIG_VERIFY_E = -229, /* wolfcrypt signature verify error */
BAD_COND_E = -230, /* Bad condition variable operation */
SIG_TYPE_E = -231, /* Signature Type not enabled/available */
HASH_TYPE_E = -232, /* Hash Type not enabled/available */
WC_KEY_SIZE_E = -234, /* Key size error, either too small or large */
ASN_COUNTRY_SIZE_E = -235, /* ASN Cert Gen, invalid country code size */
MISSING_RNG_E = -236, /* RNG required but not provided */
ASN_PATHLEN_SIZE_E = -237, /* ASN CA path length too large error */
ASN_PATHLEN_INV_E = -238, /* ASN CA path length inversion error */
BAD_KEYWRAP_ALG_E = -239,
BAD_KEYWRAP_IV_E = -240, /* Decrypted AES key wrap IV incorrect */
WC_CLEANUP_E = -241, /* wolfcrypt cleanup failed */
ECC_CDH_KAT_FIPS_E = -242, /* ECC CDH Known Answer Test failure */
DH_CHECK_PUB_E = -243, /* DH Check Pub Key error */
BAD_PATH_ERROR = -244, /* Bad path for opendir */
ASYNC_OP_E = -245, /* Async operation error */
ECC_PRIVATEONLY_E = -246, /* Invalid use of private only ECC key*/
EXTKEYUSAGE_E = -247, /* Bad Extended Key Usage value */
WC_HW_E = -248, /* Error with hardware crypto use */
WC_HW_WAIT_E = -249, /* Hardware waiting on resource */
PSS_SALTLEN_E = -250, /* PSS length of salt is to long for hash */
PRIME_GEN_E = -251, /* Failure finding a prime. */
BER_INDEF_E = -252, /* Cannot decode indefinite length BER. */
RSA_OUT_OF_RANGE_E = -253, /* Ciphertext to decrypt out of range. */
RSAPSS_PAT_FIPS_E = -254, /* RSA-PSS PAT failure */
ECDSA_PAT_FIPS_E = -255, /* ECDSA PAT failure */
DH_KAT_FIPS_E = -256, /* DH KAT failure */
AESCCM_KAT_FIPS_E = -257, /* AESCCM KAT failure */
SHA3_KAT_FIPS_E = -258, /* SHA-3 KAT failure */
ECDHE_KAT_FIPS_E = -259, /* ECDHE KAT failure */
AES_GCM_OVERFLOW_E = -260, /* AES-GCM invocation counter overflow. */
AES_CCM_OVERFLOW_E = -261, /* AES-CCM invocation counter overflow. */
RSA_KEY_PAIR_E = -262, /* RSA Key Pair-Wise Consistency check fail. */
DH_CHECK_PRIV_E = -263, /* DH Check Priv Key error */
WC_AFALG_SOCK_E = -264, /* AF_ALG socket error */
WC_DEVCRYPTO_E = -265, /* /dev/crypto error */
ZLIB_INIT_ERROR = -266, /* zlib init error */
ZLIB_COMPRESS_ERROR = -267, /* zlib compression error */
ZLIB_DECOMPRESS_ERROR = -268, /* zlib decompression error */
PKCS7_NO_SIGNER_E = -269, /* No signer in PKCS#7 signed data msg */
WC_PKCS7_WANT_READ_E= -270, /* PKCS7 operations wants more input */
CRYPTOCB_UNAVAILABLE= -271, /* Crypto callback unavailable */
PKCS7_SIGNEEDS_CHECK= -272, /* signature needs verified by caller */
WC_LAST_E = -272, /* Update this to indicate last error */
MIN_CODE_E = -300 /* errors -101 - -299 */
/* add new companion error id strings for any new error codes
wolfcrypt/src/error.c !!! */
};
#ifdef NO_ERROR_STRINGS
#define wc_GetErrorString(error) "no support for error strings built in"
#define wc_ErrorString(err, buf) \
(void)err; XSTRNCPY((buf), wc_GetErrorString((err)), \
WOLFSSL_MAX_ERROR_SZ);
#else
WOLFSSL_API void wc_ErrorString(int err, char* buff);
WOLFSSL_API const char* wc_GetErrorString(int error);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_ERROR_H */

View File

@ -0,0 +1,210 @@
/* fe_operations.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLF_CRYPT_FE_OPERATIONS_H
#define WOLF_CRYPT_FE_OPERATIONS_H
#include <libwolfssl/wolfcrypt/settings.h>
#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
#include <stdint.h>
#endif
#include <libwolfssl/wolfcrypt/types.h>
#if defined(USE_INTEL_SPEEDUP) && !defined(NO_CURVED25519_X64)
#define CURVED25519_X64
#elif defined(HAVE___UINT128_T) && !defined(NO_CURVED25519_128BIT)
#define CURVED25519_128BIT
#endif
#if defined(CURVED25519_X64)
#define CURVED25519_ASM_64BIT
#define CURVED25519_ASM
#endif
#if defined(WOLFSSL_ARMASM)
#ifdef __aarch64__
#define CURVED25519_ASM_64BIT
#else
#define CURVED25519_ASM_32BIT
#endif
#define CURVED25519_ASM
#endif
/*
fe means field element.
Here the field is \Z/(2^255-19).
An element t, entries t[0]...t[9], represents the integer
t[0]+2^26 t[1]+2^51 t[2]+2^77 t[3]+2^102 t[4]+...+2^230 t[9].
Bounds on each t[i] vary depending on context.
*/
#ifdef __cplusplus
extern "C" {
#endif
#if defined(CURVE25519_SMALL) || defined(ED25519_SMALL)
#define F25519_SIZE 32
WOLFSSL_LOCAL void lm_copy(byte*, const byte*);
WOLFSSL_LOCAL void lm_add(byte*, const byte*, const byte*);
WOLFSSL_LOCAL void lm_sub(byte*, const byte*, const byte*);
WOLFSSL_LOCAL void lm_neg(byte*,const byte*);
WOLFSSL_LOCAL void lm_invert(byte*, const byte*);
WOLFSSL_LOCAL void lm_mul(byte*,const byte*,const byte*);
#endif
#if !defined(FREESCALE_LTC_ECC)
WOLFSSL_LOCAL void fe_init(void);
WOLFSSL_LOCAL int curve25519(byte * q, byte * n, byte * p);
#endif
/* default to be faster but take more memory */
#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
#ifdef CURVED25519_ASM_64BIT
typedef int64_t fe[4];
#elif defined(CURVED25519_ASM_32BIT)
typedef int32_t fe[8];
#elif defined(CURVED25519_128BIT)
typedef int64_t fe[5];
#else
typedef int32_t fe[10];
#endif
WOLFSSL_LOCAL void fe_copy(fe, const fe);
WOLFSSL_LOCAL void fe_add(fe, const fe, const fe);
WOLFSSL_LOCAL void fe_neg(fe,const fe);
WOLFSSL_LOCAL void fe_sub(fe, const fe, const fe);
WOLFSSL_LOCAL void fe_invert(fe, const fe);
WOLFSSL_LOCAL void fe_mul(fe,const fe,const fe);
/* Based On Daniel J Bernstein's curve25519 and ed25519 Public Domain ref10
work. */
WOLFSSL_LOCAL void fe_0(fe);
WOLFSSL_LOCAL void fe_1(fe);
WOLFSSL_LOCAL int fe_isnonzero(const fe);
WOLFSSL_LOCAL int fe_isnegative(const fe);
WOLFSSL_LOCAL void fe_tobytes(unsigned char *, const fe);
WOLFSSL_LOCAL void fe_sq(fe, const fe);
WOLFSSL_LOCAL void fe_sq2(fe,const fe);
WOLFSSL_LOCAL void fe_frombytes(fe,const unsigned char *);
WOLFSSL_LOCAL void fe_cswap(fe, fe, int);
WOLFSSL_LOCAL void fe_mul121666(fe,fe);
WOLFSSL_LOCAL void fe_cmov(fe,const fe, int);
WOLFSSL_LOCAL void fe_pow22523(fe,const fe);
/* 64 type needed for SHA512 */
WOLFSSL_LOCAL uint64_t load_3(const unsigned char *in);
WOLFSSL_LOCAL uint64_t load_4(const unsigned char *in);
#ifdef CURVED25519_ASM
WOLFSSL_LOCAL void fe_ge_to_p2(fe rx, fe ry, fe rz, const fe px, const fe py,
const fe pz, const fe pt);
WOLFSSL_LOCAL void fe_ge_to_p3(fe rx, fe ry, fe rz, fe rt, const fe px,
const fe py, const fe pz, const fe pt);
WOLFSSL_LOCAL void fe_ge_dbl(fe rx, fe ry, fe rz, fe rt, const fe px,
const fe py, const fe pz);
WOLFSSL_LOCAL void fe_ge_madd(fe rx, fe ry, fe rz, fe rt, const fe px,
const fe py, const fe pz, const fe pt,
const fe qxy2d, const fe qyplusx,
const fe qyminusx);
WOLFSSL_LOCAL void fe_ge_msub(fe rx, fe ry, fe rz, fe rt, const fe px,
const fe py, const fe pz, const fe pt,
const fe qxy2d, const fe qyplusx,
const fe qyminusx);
WOLFSSL_LOCAL void fe_ge_add(fe rx, fe ry, fe rz, fe rt, const fe px,
const fe py, const fe pz, const fe pt, const fe qz,
const fe qt2d, const fe qyplusx,
const fe qyminusx);
WOLFSSL_LOCAL void fe_ge_sub(fe rx, fe ry, fe rz, fe rt, const fe px,
const fe py, const fe pz, const fe pt, const fe qz,
const fe qt2d, const fe qyplusx,
const fe qyminusx);
WOLFSSL_LOCAL void fe_cmov_table(fe* r, fe* base, signed char b);
#endif /* CURVED25519_ASM */
#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
/* Use less memory and only 32bit types or less, but is slower
Based on Daniel Beer's public domain work. */
#if defined(CURVE25519_SMALL) || defined(ED25519_SMALL)
static const byte c25519_base_x[F25519_SIZE] = {9};
static const byte f25519_zero[F25519_SIZE] = {0};
static const byte f25519_one[F25519_SIZE] = {1};
static const byte fprime_zero[F25519_SIZE] = {0};
static const byte fprime_one[F25519_SIZE] = {1};
WOLFSSL_LOCAL void fe_load(byte *x, word32 c);
WOLFSSL_LOCAL void fe_normalize(byte *x);
WOLFSSL_LOCAL void fe_inv__distinct(byte *r, const byte *x);
/* Conditional copy. If condition == 0, then zero is copied to dst. If
* condition == 1, then one is copied to dst. Any other value results in
* undefined behavior.
*/
WOLFSSL_LOCAL void fe_select(byte *dst, const byte *zero, const byte *one,
byte condition);
/* Multiply a point by a small constant. The two pointers are not
* required to be distinct.
*
* The constant must be less than 2^24.
*/
WOLFSSL_LOCAL void fe_mul_c(byte *r, const byte *a, word32 b);
WOLFSSL_LOCAL void fe_mul__distinct(byte *r, const byte *a, const byte *b);
/* Compute one of the square roots of the field element, if the element
* is square. The other square is -r.
*
* If the input is not square, the returned value is a valid field
* element, but not the correct answer. If you don't already know that
* your element is square, you should square the return value and test.
*/
WOLFSSL_LOCAL void fe_sqrt(byte *r, const byte *x);
/* Conditional copy. If condition == 0, then zero is copied to dst. If
* condition == 1, then one is copied to dst. Any other value results in
* undefined behavior.
*/
WOLFSSL_LOCAL void fprime_select(byte *dst, const byte *zero, const byte *one,
byte condition);
WOLFSSL_LOCAL void fprime_add(byte *r, const byte *a, const byte *modulus);
WOLFSSL_LOCAL void fprime_sub(byte *r, const byte *a, const byte *modulus);
WOLFSSL_LOCAL void fprime_mul(byte *r, const byte *a, const byte *b,
const byte *modulus);
WOLFSSL_LOCAL void fprime_copy(byte *x, const byte *a);
#endif /* CURVE25519_SMALL || ED25519_SMALL */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
#endif /* WOLF_CRYPT_FE_OPERATIONS_H */

View File

@ -0,0 +1,59 @@
/* fips_test.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLF_CRYPT_FIPS_TEST_H
#define WOLF_CRYPT_FIPS_TEST_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Known Answer Test string inputs are hex, internal */
WOLFSSL_LOCAL int DoKnownAnswerTests(char*, int);
/* FIPS failure callback */
typedef void(*wolfCrypt_fips_cb)(int ok, int err, const char* hash);
/* Public set function */
WOLFSSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf);
/* Public get status functions */
WOLFSSL_API int wolfCrypt_GetStatus_fips(void);
WOLFSSL_API const char* wolfCrypt_GetCoreHash_fips(void);
#ifdef HAVE_FORCE_FIPS_FAILURE
/* Public function to force failure mode for operational testing */
WOLFSSL_API int wolfCrypt_SetStatus_fips(int);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_FIPS_TEST_H */

View File

@ -0,0 +1,113 @@
/* ge_operations.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* Based On Daniel J Bernstein's ed25519 Public Domain ref10 work. */
#ifndef WOLF_CRYPT_GE_OPERATIONS_H
#define WOLF_CRYPT_GE_OPERATIONS_H
#include <libwolfssl/wolfcrypt/settings.h>
#ifdef HAVE_ED25519
#include <libwolfssl/wolfcrypt/fe_operations.h>
/*
ge means group element.
Here the group is the set of pairs (x,y) of field elements (see fe.h)
satisfying -x^2 + y^2 = 1 + d x^2y^2
where d = -121665/121666.
Representations:
ge_p2 (projective): (X:Y:Z) satisfying x=X/Z, y=Y/Z
ge_p3 (extended): (X:Y:Z:T) satisfying x=X/Z, y=Y/Z, XY=ZT
ge_p1p1 (completed): ((X:Z),(Y:T)) satisfying x=X/Z, y=Y/T
ge_precomp (Duif): (y+x,y-x,2dxy)
*/
#ifdef ED25519_SMALL
typedef byte ge[F25519_SIZE];
#elif defined(CURVED25519_ASM_64BIT)
typedef int64_t ge[4];
#elif defined(CURVED25519_ASM_32BIT)
typedef int32_t ge[8];
#elif defined(CURVED25519_128BIT)
typedef int64_t ge[5];
#else
typedef int32_t ge[10];
#endif
typedef struct {
ge X;
ge Y;
ge Z;
} ge_p2;
typedef struct {
ge X;
ge Y;
ge Z;
ge T;
} ge_p3;
WOLFSSL_LOCAL int ge_compress_key(byte* out, const byte* xIn, const byte* yIn,
word32 keySz);
WOLFSSL_LOCAL int ge_frombytes_negate_vartime(ge_p3 *,const unsigned char *);
WOLFSSL_LOCAL int ge_double_scalarmult_vartime(ge_p2 *,const unsigned char *,
const ge_p3 *,const unsigned char *);
WOLFSSL_LOCAL void ge_scalarmult_base(ge_p3 *,const unsigned char *);
WOLFSSL_LOCAL void sc_reduce(byte* s);
WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b,
const byte* c);
WOLFSSL_LOCAL void ge_tobytes(unsigned char *,const ge_p2 *);
WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *,const ge_p3 *);
#ifndef ED25519_SMALL
typedef struct {
ge X;
ge Y;
ge Z;
ge T;
} ge_p1p1;
typedef struct {
ge yplusx;
ge yminusx;
ge xy2d;
} ge_precomp;
typedef struct {
ge YplusX;
ge YminusX;
ge Z;
ge T2d;
} ge_cached;
#endif /* !ED25519_SMALL */
#endif /* HAVE_ED25519 */
#endif /* WOLF_CRYPT_GE_OPERATIONS_H */

View File

@ -0,0 +1,242 @@
/* hash.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/hash.h
*/
#ifndef WOLF_CRYPT_HASH_H
#define WOLF_CRYPT_HASH_H
#include <libwolfssl/wolfcrypt/types.h>
#ifndef NO_MD5
#include <libwolfssl/wolfcrypt/md5.h>
#endif
#ifndef NO_SHA
#include <libwolfssl/wolfcrypt/sha.h>
#endif
#if defined(WOLFSSL_SHA224) || !defined(NO_SHA256)
#include <libwolfssl/wolfcrypt/sha256.h>
#endif
#if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
#include <libwolfssl/wolfcrypt/sha512.h>
#endif
#ifdef HAVE_BLAKE2
#include <libwolfssl/wolfcrypt/blake2.h>
#endif
#ifdef WOLFSSL_SHA3
#include <libwolfssl/wolfcrypt/sha3.h>
#endif
#ifndef NO_MD4
#include <libwolfssl/wolfcrypt/md4.h>
#endif
#ifdef WOLFSSL_MD2
#include <libwolfssl/wolfcrypt/md2.h>
#endif
#if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)
#include <libwolfssl/wolfcrypt/blake2.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
#if !defined(HAVE_FIPS) && !defined(NO_OLD_WC_NAMES)
#define MAX_DIGEST_SIZE WC_MAX_DIGEST_SIZE
#endif
/* Supported Message Authentication Codes from page 43 */
enum wc_MACAlgorithm {
no_mac,
md5_mac,
sha_mac,
sha224_mac,
sha256_mac, /* needs to match external KDF_MacAlgorithm */
sha384_mac,
sha512_mac,
rmd_mac,
blake2b_mac
};
enum wc_HashFlags {
WC_HASH_FLAG_NONE = 0x00000000,
WC_HASH_FLAG_WILLCOPY = 0x00000001, /* flag to indicate hash will be copied */
WC_HASH_FLAG_ISCOPY = 0x00000002, /* hash is copy */
#ifdef WOLFSSL_SHA3
WC_HASH_SHA3_KECCAK256 =0x00010000, /* Older KECCAK256 */
#endif
};
typedef union {
#ifndef NO_MD5
wc_Md5 md5;
#endif
#ifndef NO_SHA
wc_Sha sha;
#endif
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
#endif
#ifndef NO_SHA256
wc_Sha256 sha256;
#endif
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
#endif
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
#endif
#ifdef WOLFSSL_SHA3
wc_Sha3 sha3;
#endif
} wc_HashAlg;
/* Find largest possible digest size
Note if this gets up to the size of 80 or over check smallstack build */
#if defined(WOLFSSL_SHA3)
#define WC_MAX_DIGEST_SIZE WC_SHA3_512_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA3_224_BLOCK_SIZE /* 224 is the largest block size */
#elif defined(WOLFSSL_SHA512)
#define WC_MAX_DIGEST_SIZE WC_SHA512_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA512_BLOCK_SIZE
#elif defined(HAVE_BLAKE2)
#define WC_MAX_DIGEST_SIZE BLAKE2B_OUTBYTES
#define WC_MAX_BLOCK_SIZE BLAKE2B_BLOCKBYTES
#elif defined(WOLFSSL_SHA384)
#define WC_MAX_DIGEST_SIZE WC_SHA384_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA384_BLOCK_SIZE
#elif !defined(NO_SHA256)
#define WC_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA256_BLOCK_SIZE
#elif defined(WOLFSSL_SHA224)
#define WC_MAX_DIGEST_SIZE WC_SHA224_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA224_BLOCK_SIZE
#elif !defined(NO_SHA)
#define WC_MAX_DIGEST_SIZE WC_SHA_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA_BLOCK_SIZE
#elif !defined(NO_MD5)
#define WC_MAX_DIGEST_SIZE WC_MD5_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_MD5_BLOCK_SIZE
#else
#define WC_MAX_DIGEST_SIZE 64 /* default to max size of 64 */
#define WC_MAX_BLOCK_SIZE 128
#endif
#if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC)
WOLFSSL_API int wc_HashGetOID(enum wc_HashType hash_type);
WOLFSSL_API enum wc_HashType wc_OidGetHash(int oid);
#endif
WOLFSSL_API enum wc_HashType wc_HashTypeConvert(int hashType);
WOLFSSL_API int wc_HashGetDigestSize(enum wc_HashType hash_type);
WOLFSSL_API int wc_HashGetBlockSize(enum wc_HashType hash_type);
WOLFSSL_API int wc_Hash(enum wc_HashType hash_type,
const byte* data, word32 data_len,
byte* hash, word32 hash_len);
/* generic hash operation wrappers */
WOLFSSL_API int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type);
WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type,
const byte* data, word32 dataSz);
WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type,
byte* out);
WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type);
#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
WOLFSSL_API int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type,
word32 flags);
WOLFSSL_API int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type,
word32* flags);
#endif
#ifndef NO_MD5
#include <libwolfssl/wolfcrypt/md5.h>
WOLFSSL_API int wc_Md5Hash(const byte* data, word32 len, byte* hash);
#endif
#ifndef NO_SHA
#include <libwolfssl/wolfcrypt/sha.h>
WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*);
#endif
#ifdef WOLFSSL_SHA224
#include <libwolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA224) */
#ifndef NO_SHA256
#include <libwolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*);
#endif
#ifdef WOLFSSL_SHA384
#include <libwolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA384) */
#ifdef WOLFSSL_SHA512
#include <libwolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
#include <libwolfssl/wolfcrypt/sha3.h>
WOLFSSL_API int wc_Sha3_224Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha3_256Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha3_384Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha3_512Hash(const byte*, word32, byte*);
#endif /* WOLFSSL_SHA3 */
enum max_prf {
#ifdef HAVE_FFDHE_8192
MAX_PRF_HALF = 516, /* Maximum half secret len */
#elif defined(HAVE_FFDHE_6144)
MAX_PRF_HALF = 388, /* Maximum half secret len */
#else
MAX_PRF_HALF = 260, /* Maximum half secret len */
#endif
MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
MAX_PRF_DIG = 224 /* Maximum digest len */
};
#ifdef WOLFSSL_HAVE_PRF
WOLFSSL_API int wc_PRF(byte* result, word32 resLen, const byte* secret,
word32 secLen, const byte* seed, word32 seedLen, int hash,
void* heap, int devId);
WOLFSSL_API int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, void* heap, int devId);
WOLFSSL_API int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, int useAtLeastSha256,
int hash_type, void* heap, int devId);
#endif /* WOLFSSL_HAVE_PRF */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_HASH_H */

View File

@ -0,0 +1,67 @@
/* hc128.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/hc128.h
*/
#ifndef WOLF_CRYPT_HC128_H
#define WOLF_CRYPT_HC128_H
#include <libwolfssl/wolfcrypt/types.h>
#ifndef NO_HC128
#ifdef __cplusplus
extern "C" {
#endif
enum {
HC128_ENC_TYPE = WC_CIPHER_HC128, /* cipher unique type */
};
/* HC-128 stream cipher */
typedef struct HC128 {
word32 T[1024]; /* P[i] = T[i]; Q[i] = T[1024 + i ]; */
word32 X[16];
word32 Y[16];
word32 counter1024; /* counter1024 = i mod 1024 at the ith step */
word32 key[8];
word32 iv[8];
#ifdef XSTREAM_ALIGN
void* heap; /* heap hint, currently XMALLOC only used with aligning */
#endif
} HC128;
WOLFSSL_API int wc_Hc128_Process(HC128*, byte*, const byte*, word32);
WOLFSSL_API int wc_Hc128_SetKey(HC128*, const byte* key, const byte* iv);
WOLFSSL_LOCAL int wc_Hc128_SetHeap(HC128* ctx, void* heap);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_HC128 */
#endif /* WOLF_CRYPT_HC128_H */

View File

@ -0,0 +1,216 @@
/* hmac.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/hmac.h
*/
#ifndef NO_HMAC
#ifndef WOLF_CRYPT_HMAC_H
#define WOLF_CRYPT_HMAC_H
#include <libwolfssl/wolfcrypt/hash.h>
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* for fips @wc_fips */
#include <cyassl/ctaocrypt/hmac.h>
#define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE
#endif
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <libwolfssl/wolfcrypt/fips.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libwolfssl/wolfcrypt/async.h>
#endif
#ifndef NO_OLD_WC_NAMES
#define HMAC_BLOCK_SIZE WC_HMAC_BLOCK_SIZE
#endif
#define WC_HMAC_INNER_HASH_KEYED_SW 1
#define WC_HMAC_INNER_HASH_KEYED_DEV 2
enum {
HMAC_FIPS_MIN_KEY = 14, /* 112 bit key length minimum */
IPAD = 0x36,
OPAD = 0x5C,
/* If any hash is not enabled, add the ID here. */
#ifdef NO_MD5
WC_MD5 = WC_HASH_TYPE_MD5,
#endif
#ifdef NO_SHA
WC_SHA = WC_HASH_TYPE_SHA,
#endif
#ifdef NO_SHA256
WC_SHA256 = WC_HASH_TYPE_SHA256,
#endif
#ifndef WOLFSSL_SHA512
WC_SHA512 = WC_HASH_TYPE_SHA512,
#endif
#ifndef WOLFSSL_SHA384
WC_SHA384 = WC_HASH_TYPE_SHA384,
#endif
#ifndef HAVE_BLAKE2B
BLAKE2B_ID = WC_HASH_TYPE_BLAKE2B,
#endif
#ifndef HAVE_BLAKE2S
BLAKE2S_ID = WC_HASH_TYPE_BLAKE2S,
#endif
#ifndef WOLFSSL_SHA224
WC_SHA224 = WC_HASH_TYPE_SHA224,
#endif
#ifndef WOLFSSL_SHA3
WC_SHA3_224 = WC_HASH_TYPE_SHA3_224,
WC_SHA3_256 = WC_HASH_TYPE_SHA3_256,
WC_SHA3_384 = WC_HASH_TYPE_SHA3_384,
WC_SHA3_512 = WC_HASH_TYPE_SHA3_512,
#endif
#ifdef HAVE_PKCS11
HMAC_MAX_ID_LEN = 32,
#endif
};
/* Select the largest available hash for the buffer size. */
#define WC_HMAC_BLOCK_SIZE WC_MAX_BLOCK_SIZE
#if !defined(WOLFSSL_SHA3) && !defined(WOLFSSL_SHA512) && !defined(HAVE_BLAKE2) && \
!defined(WOLFSSL_SHA384) && defined(NO_SHA256) && defined(WOLFSSL_SHA224) && \
defined(NO_SHA) && defined(NO_MD5)
#error "You have to have some kind of hash if you want to use HMAC."
#endif
/* hash union */
typedef union {
#ifndef NO_MD5
wc_Md5 md5;
#endif
#ifndef NO_SHA
wc_Sha sha;
#endif
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
#endif
#ifndef NO_SHA256
wc_Sha256 sha256;
#endif
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
#endif
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
#endif
#ifdef HAVE_BLAKE2
Blake2b blake2b;
#endif
#ifdef WOLFSSL_SHA3
wc_Sha3 sha3;
#endif
} Hash;
/* Hmac digest */
struct Hmac {
Hash hash;
word32 ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
word32 innerHash[WC_MAX_DIGEST_SIZE / sizeof(word32)];
void* heap; /* heap hint */
byte macType; /* md5 sha or sha256 */
byte innerHashKeyed; /* keyed flag */
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLF_CRYPTO_CB
int devId;
void* devCtx;
const byte* keyRaw;
#endif
#ifdef HAVE_PKCS11
byte id[HMAC_MAX_ID_LEN];
int idLen;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
word16 keyLen; /* hmac key length (key in ipad) */
#endif
};
#ifndef WC_HMAC_TYPE_DEFINED
typedef struct Hmac Hmac;
#define WC_HMAC_TYPE_DEFINED
#endif
#endif /* HAVE_FIPS */
/* does init */
WOLFSSL_API int wc_HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
WOLFSSL_API int wc_HmacUpdate(Hmac*, const byte*, word32);
WOLFSSL_API int wc_HmacFinal(Hmac*, byte*);
WOLFSSL_API int wc_HmacSizeByType(int type);
WOLFSSL_API int wc_HmacInit(Hmac* hmac, void* heap, int devId);
WOLFSSL_API int wc_HmacInit_Id(Hmac* hmac, byte* id, int len, void* heap,
int devId);
WOLFSSL_API void wc_HmacFree(Hmac*);
WOLFSSL_API int wolfSSL_GetHmacMaxSize(void);
WOLFSSL_LOCAL int _InitHmac(Hmac* hmac, int type, void* heap);
#ifdef HAVE_HKDF
WOLFSSL_API int wc_HKDF_Extract(int type, const byte* salt, word32 saltSz,
const byte* inKey, word32 inKeySz, byte* out);
WOLFSSL_API int wc_HKDF_Expand(int type, const byte* inKey, word32 inKeySz,
const byte* info, word32 infoSz,
byte* out, word32 outSz);
WOLFSSL_API int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
const byte* salt, word32 saltSz,
const byte* info, word32 infoSz,
byte* out, word32 outSz);
#endif /* HAVE_HKDF */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_HMAC_H */
#endif /* NO_HMAC */

View File

@ -0,0 +1,70 @@
/* idea.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/idea.h
*/
#ifndef WOLF_CRYPT_IDEA_H
#define WOLF_CRYPT_IDEA_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_IDEA
#ifdef __cplusplus
extern "C" {
#endif
enum {
IDEA_MODULO = 0x10001, /* 2^16+1 */
IDEA_2EXP16 = 0x10000, /* 2^16 */
IDEA_MASK = 0xFFFF, /* 16 bits set to one */
IDEA_ROUNDS = 8, /* number of rounds for IDEA */
IDEA_SK_NUM = (6*IDEA_ROUNDS + 4), /* number of subkeys */
IDEA_KEY_SIZE = 16, /* size of key in bytes */
IDEA_BLOCK_SIZE = 8, /* size of IDEA blocks in bytes */
IDEA_IV_SIZE = 8, /* size of IDEA IV in bytes */
IDEA_ENCRYPTION = 0,
IDEA_DECRYPTION = 1
};
/* IDEA encryption and decryption */
typedef struct Idea {
word32 reg[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word16 skey[IDEA_SK_NUM]; /* 832 bits expanded key */
} Idea;
WOLFSSL_API int wc_IdeaSetKey(Idea *idea, const byte* key, word16 keySz,
const byte *iv, int dir);
WOLFSSL_API int wc_IdeaSetIV(Idea *idea, const byte* iv);
WOLFSSL_API int wc_IdeaCipher(Idea *idea, byte* out, const byte* in);
WOLFSSL_API int wc_IdeaCbcEncrypt(Idea *idea, byte* out,
const byte* in, word32 len);
WOLFSSL_API int wc_IdeaCbcDecrypt(Idea *idea, byte* out,
const byte* in, word32 len);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_IDEA */
#endif /* WOLF_CRYPT_IDEA_H */

View File

@ -0,0 +1,405 @@
/* integer.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*
* Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
* http://math.libtomcrypt.com
*/
#ifndef WOLF_CRYPT_INTEGER_H
#define WOLF_CRYPT_INTEGER_H
/* may optionally use fast math instead, not yet supported on all platforms and
may not be faster on all
*/
#include <libwolfssl/wolfcrypt/types.h> /* will set MP_xxBIT if not default */
#ifdef WOLFSSL_SP_MATH
#include <libwolfssl/wolfcrypt/sp_int.h>
#elif defined(USE_FAST_MATH)
#include <libwolfssl/wolfcrypt/tfm.h>
#else
#include <libwolfssl/wolfcrypt/random.h>
#ifndef CHAR_BIT
#include <limits.h>
#endif
#include <libwolfssl/wolfcrypt/mpi_class.h>
#ifdef __cplusplus
extern "C" {
/* C++ compilers don't like assigning void * to mp_digit * */
#define OPT_CAST(x) (x *)
#elif defined(_SH3)
/* SuperH SH3 compiler doesn't like assigning voi* to mp_digit* */
#define OPT_CAST(x) (x *)
#else
/* C on the other hand doesn't care */
#define OPT_CAST(x)
#endif /* __cplusplus */
/* detect 64-bit mode if possible */
#if defined(__x86_64__) && !(defined (_MSC_VER) && defined(__clang__))
#if !(defined(MP_64BIT) && defined(MP_16BIT) && defined(MP_8BIT))
#define MP_64BIT
#endif
#endif
/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */
#if defined(MP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T)
#undef MP_64BIT
#endif
/* allow user to define on mp_digit, mp_word, DIGIT_BIT types */
#ifndef WOLFSSL_BIGINT_TYPES
/* some default configurations.
*
* A "mp_digit" must be able to hold DIGIT_BIT + 1 bits
* A "mp_word" must be able to hold 2*DIGIT_BIT + 1 bits
*
* At the very least a mp_digit must be able to hold 7 bits
* [any size beyond that is ok provided it doesn't overflow the data type]
*/
#ifdef MP_8BIT
/* 8-bit */
typedef unsigned char mp_digit;
typedef unsigned short mp_word;
/* don't define DIGIT_BIT, so its calculated below */
#elif defined(MP_16BIT)
/* 16-bit */
typedef unsigned int mp_digit;
typedef unsigned long mp_word;
/* don't define DIGIT_BIT, so its calculated below */
#elif defined(NO_64BIT)
/* 32-bit forced to 16-bit */
typedef unsigned short mp_digit;
typedef unsigned int mp_word;
#define DIGIT_BIT 12
#elif defined(MP_64BIT)
/* 64-bit */
/* for GCC only on supported platforms */
typedef unsigned long long mp_digit; /* 64 bit type, 128 uses mode(TI) */
typedef unsigned long mp_word __attribute__ ((mode(TI)));
#define DIGIT_BIT 60
#else
/* 32-bit default case */
#if defined(_MSC_VER) || defined(__BORLANDC__)
typedef unsigned __int64 ulong64;
#else
typedef unsigned long long ulong64;
#endif
typedef unsigned int mp_digit; /* long could be 64 now, changed TAO */
typedef ulong64 mp_word;
#ifdef MP_31BIT
/* this is an extension that uses 31-bit digits */
#define DIGIT_BIT 31
#else
/* default case is 28-bit digits, defines MP_28BIT as a handy test macro */
#define DIGIT_BIT 28
#define MP_28BIT
#endif
#endif
#endif /* WOLFSSL_BIGINT_TYPES */
/* otherwise the bits per digit is calculated automatically from the size of
a mp_digit */
#ifndef DIGIT_BIT
#define DIGIT_BIT ((int)((CHAR_BIT * sizeof(mp_digit) - 1)))
/* bits per digit */
#endif
#define MP_DIGIT_BIT DIGIT_BIT
#define MP_MASK ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1))
#define MP_DIGIT_MAX MP_MASK
/* equalities */
#define MP_LT -1 /* less than */
#define MP_EQ 0 /* equal to */
#define MP_GT 1 /* greater than */
#define MP_ZPOS 0 /* positive integer */
#define MP_NEG 1 /* negative */
#define MP_OKAY 0 /* ok result */
#define MP_MEM -2 /* out of mem */
#define MP_VAL -3 /* invalid input */
#define MP_NOT_INF -4 /* point not at infinity */
#define MP_RANGE MP_NOT_INF
#define MP_YES 1 /* yes response */
#define MP_NO 0 /* no response */
/* Primality generation flags */
#define LTM_PRIME_BBS 0x0001 /* BBS style prime */
#define LTM_PRIME_SAFE 0x0002 /* Safe prime (p-1)/2 == prime */
#define LTM_PRIME_2MSB_ON 0x0008 /* force 2nd MSB to 1 */
typedef int mp_err;
/* define this to use lower memory usage routines (exptmods mostly) */
#define MP_LOW_MEM
/* default precision */
#ifndef MP_PREC
#ifndef MP_LOW_MEM
#define MP_PREC 32 /* default digits of precision */
#else
#define MP_PREC 1 /* default digits of precision */
#endif
#endif
/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD -
BITS_PER_DIGIT*2) */
#define MP_WARRAY ((mp_word)1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
#ifdef HAVE_WOLF_BIGINT
/* raw big integer */
typedef struct WC_BIGINT {
byte* buf;
word32 len;
void* heap;
} WC_BIGINT;
#define WOLF_BIGINT_DEFINED
#endif
/* the mp_int structure */
typedef struct mp_int {
int used, alloc, sign;
mp_digit *dp;
#ifdef HAVE_WOLF_BIGINT
struct WC_BIGINT raw; /* unsigned binary (big endian) */
#endif
} mp_int;
/* wolf big int and common functions */
#include <libwolfssl/wolfcrypt/wolfmath.h>
/* callback for mp_prime_random, should fill dst with random bytes and return
how many read [up to len] */
typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
#define USED(m) ((m)->used)
#define DIGIT(m,k) ((m)->dp[(k)])
#define SIGN(m) ((m)->sign)
/* ---> Basic Manipulations <--- */
#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO)
#define mp_isone(a) \
(((((a)->used == 1)) && ((a)->dp[0] == 1u)) ? MP_YES : MP_NO)
#define mp_iseven(a) \
(((a)->used > 0 && (((a)->dp[0] & 1u) == 0u)) ? MP_YES : MP_NO)
#define mp_isodd(a) \
(((a)->used > 0 && (((a)->dp[0] & 1u) == 1u)) ? MP_YES : MP_NO)
#define mp_isneg(a) (((a)->sign != MP_ZPOS) ? MP_YES : MP_NO)
/* number of primes */
#ifdef MP_8BIT
#define PRIME_SIZE 31
#else
#define PRIME_SIZE 256
#endif
#ifndef MAX_INVMOD_SZ
#if defined(WOLFSSL_MYSQL_COMPATIBLE)
#define MAX_INVMOD_SZ 8192
#else
#define MAX_INVMOD_SZ 4096
#endif
#endif
#define mp_prime_random(a, t, size, bbs, cb, dat) \
mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat)
#define mp_read_raw(mp, str, len) mp_read_signed_bin((mp), (str), (len))
#define mp_raw_size(mp) mp_signed_bin_size(mp)
#define mp_toraw(mp, str) mp_to_signed_bin((mp), (str))
#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len))
#define mp_mag_size(mp) mp_unsigned_bin_size(mp)
#define mp_tomag(mp, str) mp_to_unsigned_bin((mp), (str))
#define MP_RADIX_BIN 2
#define MP_RADIX_OCT 8
#define MP_RADIX_DEC 10
#define MP_RADIX_HEX 16
#define MP_RADIX_MAX 64
#define mp_tobinary(M, S) mp_toradix((M), (S), MP_RADIX_BIN)
#define mp_tooctal(M, S) mp_toradix((M), (S), MP_RADIX_OCT)
#define mp_todecimal(M, S) mp_toradix((M), (S), MP_RADIX_DEC)
#define mp_tohex(M, S) mp_toradix((M), (S), MP_RADIX_HEX)
#define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1)
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \
defined(WOLFSSL_DEBUG_MATH) || defined(DEBUG_WOLFSSL)
extern const char *mp_s_rmap;
#endif
/* 6 functions needed by Rsa */
MP_API int mp_init (mp_int * a);
MP_API void mp_clear (mp_int * a);
MP_API void mp_free (mp_int * a);
MP_API void mp_forcezero(mp_int * a);
MP_API int mp_unsigned_bin_size(mp_int * a);
MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b);
MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
MP_API int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
MP_API int mp_exptmod_ex (mp_int * G, mp_int * X, int digits, mp_int * P,
mp_int * Y);
/* end functions needed by Rsa */
/* functions added to support above needed, removed TOOM and KARATSUBA */
MP_API int mp_count_bits (mp_int * a);
MP_API int mp_leading_bit (mp_int * a);
MP_API int mp_init_copy (mp_int * a, mp_int * b);
MP_API int mp_copy (mp_int * a, mp_int * b);
MP_API int mp_grow (mp_int * a, int size);
MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
MP_API void mp_zero (mp_int * a);
MP_API void mp_clamp (mp_int * a);
MP_API void mp_exch (mp_int * a, mp_int * b);
MP_API void mp_rshd (mp_int * a, int b);
MP_API void mp_rshb (mp_int * a, int b);
MP_API int mp_mod_2d (mp_int * a, int b, mp_int * c);
MP_API int mp_mul_2d (mp_int * a, int b, mp_int * c);
MP_API int mp_lshd (mp_int * a, int b);
MP_API int mp_abs (mp_int * a, mp_int * b);
MP_API int mp_invmod (mp_int * a, mp_int * b, mp_int * c);
int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_cmp_mag (mp_int * a, mp_int * b);
MP_API int mp_cmp (mp_int * a, mp_int * b);
MP_API int mp_cmp_d(mp_int * a, mp_digit b);
MP_API int mp_set (mp_int * a, mp_digit b);
MP_API int mp_is_bit_set (mp_int * a, mp_digit b);
MP_API int mp_mod (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
MP_API int mp_div_2(mp_int * a, mp_int * b);
MP_API int mp_add (mp_int * a, mp_int * b, mp_int * c);
int s_mp_add (mp_int * a, mp_int * b, mp_int * c);
int s_mp_sub (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_sub (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_reduce_is_2k_l(mp_int *a);
MP_API int mp_reduce_is_2k(mp_int *a);
MP_API int mp_dr_is_modulus(mp_int *a);
MP_API int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
int);
MP_API int mp_exptmod_base_2 (mp_int * X, mp_int * P, mp_int * Y);
MP_API int mp_montgomery_setup (mp_int * n, mp_digit * rho);
int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
MP_API int mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
MP_API void mp_dr_setup(mp_int *a, mp_digit *d);
MP_API int mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k);
MP_API int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
int s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
MP_API int mp_reduce_2k_setup_l(mp_int *a, mp_int *d);
MP_API int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d);
MP_API int mp_reduce (mp_int * x, mp_int * m, mp_int * mu);
MP_API int mp_reduce_setup (mp_int * a, mp_int * b);
int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode);
MP_API int mp_montgomery_calc_normalization (mp_int * a, mp_int * b);
int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
int s_mp_sqr (mp_int * a, mp_int * b);
int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
int fast_s_mp_sqr (mp_int * a, mp_int * b);
MP_API int mp_init_size (mp_int * a, int size);
MP_API int mp_div_3 (mp_int * a, mp_int *c, mp_digit * d);
MP_API int mp_mul_2(mp_int * a, mp_int * b);
MP_API int mp_mul (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_sqr (mp_int * a, mp_int * b);
MP_API int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
MP_API int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
MP_API int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
MP_API int mp_2expt (mp_int * a, int b);
MP_API int mp_set_bit (mp_int * a, int b);
MP_API int mp_reduce_2k_setup(mp_int *a, mp_digit *d);
MP_API int mp_add_d (mp_int* a, mp_digit b, mp_int* c);
MP_API int mp_set_int (mp_int * a, unsigned long b);
MP_API int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
/* end support added functions */
/* added */
MP_API int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
mp_int* f);
MP_API int mp_toradix (mp_int *a, char *str, int radix);
MP_API int mp_radix_size (mp_int * a, int radix, int *size);
#ifdef WOLFSSL_DEBUG_MATH
MP_API void mp_dump(const char* desc, mp_int* a, byte verbose);
#else
#define mp_dump(desc, a, verbose)
#endif
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \
!defined(NO_DSA) || !defined(NO_DH)
MP_API int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
#endif
#if !defined(NO_DSA) || defined(HAVE_ECC)
MP_API int mp_read_radix(mp_int* a, const char* str, int radix);
#endif
#if defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH)
MP_API int mp_prime_is_prime (mp_int * a, int t, int *result);
MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG*);
#endif /* WOLFSSL_KEY_GEN NO_RSA NO_DSA NO_DH */
#ifdef WOLFSSL_KEY_GEN
MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);
#endif
MP_API int mp_cnt_lsb(mp_int *a);
MP_API int mp_mod_d(mp_int* a, mp_digit b, mp_digit* c);
#ifdef __cplusplus
}
#endif
#endif /* USE_FAST_MATH */
#endif /* WOLF_CRYPT_INTEGER_H */

View File

@ -0,0 +1,188 @@
/* logging.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/logging.h
*/
/* submitted by eof */
#ifndef WOLFSSL_LOGGING_H
#define WOLFSSL_LOGGING_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
enum wc_LogLevels {
ERROR_LOG = 0,
INFO_LOG,
ENTER_LOG,
LEAVE_LOG,
OTHER_LOG
};
#ifdef WOLFSSL_FUNC_TIME
/* WARNING: This code is only to be used for debugging performance.
* The code is not thread-safe.
* Do not use WOLFSSL_FUNC_TIME in production code.
*/
enum wc_FuncNum {
WC_FUNC_HELLO_REQUEST_SEND = 0,
WC_FUNC_HELLO_REQUEST_DO,
WC_FUNC_CLIENT_HELLO_SEND,
WC_FUNC_CLIENT_HELLO_DO,
WC_FUNC_SERVER_HELLO_SEND,
WC_FUNC_SERVER_HELLO_DO,
WC_FUNC_ENCRYPTED_EXTENSIONS_SEND,
WC_FUNC_ENCRYPTED_EXTENSIONS_DO,
WC_FUNC_CERTIFICATE_REQUEST_SEND,
WC_FUNC_CERTIFICATE_REQUEST_DO,
WC_FUNC_CERTIFICATE_SEND,
WC_FUNC_CERTIFICATE_DO,
WC_FUNC_CERTIFICATE_VERIFY_SEND,
WC_FUNC_CERTIFICATE_VERIFY_DO,
WC_FUNC_FINISHED_SEND,
WC_FUNC_FINISHED_DO,
WC_FUNC_KEY_UPDATE_SEND,
WC_FUNC_KEY_UPDATE_DO,
WC_FUNC_EARLY_DATA_SEND,
WC_FUNC_EARLY_DATA_DO,
WC_FUNC_NEW_SESSION_TICKET_SEND,
WC_FUNC_NEW_SESSION_TICKET_DO,
WC_FUNC_SERVER_HELLO_DONE_SEND,
WC_FUNC_SERVER_HELLO_DONE_DO,
WC_FUNC_TICKET_SEND,
WC_FUNC_TICKET_DO,
WC_FUNC_CLIENT_KEY_EXCHANGE_SEND,
WC_FUNC_CLIENT_KEY_EXCHANGE_DO,
WC_FUNC_CERTIFICATE_STATUS_SEND,
WC_FUNC_CERTIFICATE_STATUS_DO,
WC_FUNC_SERVER_KEY_EXCHANGE_SEND,
WC_FUNC_SERVER_KEY_EXCHANGE_DO,
WC_FUNC_END_OF_EARLY_DATA_SEND,
WC_FUNC_END_OF_EARLY_DATA_DO,
WC_FUNC_COUNT
};
#endif
typedef void (*wolfSSL_Logging_cb)(const int logLevel,
const char *const logMessage);
WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function);
/* turn logging on, only if compiled in */
WOLFSSL_API int wolfSSL_Debugging_ON(void);
/* turn logging off */
WOLFSSL_API void wolfSSL_Debugging_OFF(void);
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
WOLFSSL_LOCAL int wc_LoggingInit(void);
WOLFSSL_LOCAL int wc_LoggingCleanup(void);
WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf,
char* file);
WOLFSSL_LOCAL int wc_PeekErrorNode(int index, const char **file,
const char **reason, int *line);
WOLFSSL_LOCAL void wc_RemoveErrorNode(int index);
WOLFSSL_LOCAL void wc_ClearErrorNodes(void);
WOLFSSL_LOCAL int wc_PullErrorNode(const char **file, const char **reason,
int *line);
WOLFSSL_API int wc_SetLoggingHeap(void* h);
WOLFSSL_API int wc_ERR_remove_state(void);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp);
#endif
#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */
#ifdef WOLFSSL_FUNC_TIME
/* WARNING: This code is only to be used for debugging performance.
* The code is not thread-safe.
* Do not use WOLFSSL_FUNC_TIME in production code.
*/
WOLFSSL_API void WOLFSSL_START(int funcNum);
WOLFSSL_API void WOLFSSL_END(int funcNum);
WOLFSSL_API void WOLFSSL_TIME(int count);
#else
#define WOLFSSL_START(n)
#define WOLFSSL_END(n)
#define WOLFSSL_TIME(n)
#endif
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_DEBUG_ERRORS_ONLY)
#if defined(_WIN32)
#if defined(INTIME_RTOS)
#define __func__ NULL
#else
#define __func__ __FUNCTION__
#endif
#endif
/* a is prepended to m and b is appended, creating a log msg a + m + b */
#define WOLFSSL_LOG_CAT(a, m, b) #a " " m " " #b
WOLFSSL_API void WOLFSSL_ENTER(const char* msg);
WOLFSSL_API void WOLFSSL_LEAVE(const char* msg, int ret);
#define WOLFSSL_STUB(m) \
WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented))
WOLFSSL_API void WOLFSSL_MSG(const char* msg);
WOLFSSL_API void WOLFSSL_BUFFER(const byte* buffer, word32 length);
#else
#define WOLFSSL_ENTER(m)
#define WOLFSSL_LEAVE(m, r)
#define WOLFSSL_STUB(m)
#define WOLFSSL_MSG(m)
#define WOLFSSL_BUFFER(b, l)
#endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */
#if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) ||\
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
#if (defined(OPENSSL_EXTRA) && !defined(_WIN32)) || defined(DEBUG_WOLFSSL_VERBOSE)
WOLFSSL_API void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line,
const char* file, void* ctx);
#define WOLFSSL_ERROR(x) \
WOLFSSL_ERROR_LINE((x), __func__, __LINE__, __FILE__, NULL)
#else
WOLFSSL_API void WOLFSSL_ERROR(int err);
#endif
WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg);
#else
#define WOLFSSL_ERROR(e)
#define WOLFSSL_ERROR_MSG(m)
#endif
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_LOGGING_H */

View File

@ -0,0 +1,69 @@
/* md2.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/md2.h
*/
#ifndef WOLF_CRYPT_MD2_H
#define WOLF_CRYPT_MD2_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef WOLFSSL_MD2
#ifdef __cplusplus
extern "C" {
#endif
/* in bytes */
enum {
MD2 = WC_HASH_TYPE_MD2,
MD2_BLOCK_SIZE = 16,
MD2_DIGEST_SIZE = 16,
MD2_PAD_SIZE = 16,
MD2_X_SIZE = 48
};
/* Md2 digest */
typedef struct Md2 {
word32 count; /* bytes % PAD_SIZE */
byte X[MD2_X_SIZE];
byte C[MD2_BLOCK_SIZE];
byte buffer[MD2_BLOCK_SIZE];
} Md2;
WOLFSSL_API void wc_InitMd2(Md2*);
WOLFSSL_API void wc_Md2Update(Md2*, const byte*, word32);
WOLFSSL_API void wc_Md2Final(Md2*, byte*);
WOLFSSL_API int wc_Md2Hash(const byte*, word32, byte*);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_MD2 */
#endif /* WOLF_CRYPT_MD2_H */

View File

@ -0,0 +1,67 @@
/* md4.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/md4.h
*/
#ifndef WOLF_CRYPT_MD4_H
#define WOLF_CRYPT_MD4_H
#include <libwolfssl/wolfcrypt/types.h>
#ifndef NO_MD4
#ifdef __cplusplus
extern "C" {
#endif
/* in bytes */
enum {
MD4 = WC_HASH_TYPE_MD4,
MD4_BLOCK_SIZE = 64,
MD4_DIGEST_SIZE = 16,
MD4_PAD_SIZE = 56
};
/* MD4 digest */
typedef struct Md4 {
word32 buffLen; /* in bytes */
word32 loLen; /* length in bytes */
word32 hiLen; /* length in bytes */
word32 digest[MD4_DIGEST_SIZE / sizeof(word32)];
word32 buffer[MD4_BLOCK_SIZE / sizeof(word32)];
} Md4;
WOLFSSL_API void wc_InitMd4(Md4*);
WOLFSSL_API void wc_Md4Update(Md4*, const byte*, word32);
WOLFSSL_API void wc_Md4Final(Md4*, byte*);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_MD4 */
#endif /* WOLF_CRYPT_MD4_H */

View File

@ -0,0 +1,130 @@
/* md5.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/md5.h
*/
#ifndef WOLF_CRYPT_MD5_H
#define WOLF_CRYPT_MD5_H
#include <libwolfssl/wolfcrypt/types.h>
#ifndef NO_MD5
#ifdef HAVE_FIPS
#define wc_InitMd5 InitMd5
#define wc_Md5Update Md5Update
#define wc_Md5Final Md5Final
#define wc_Md5Hash Md5Hash
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifndef NO_OLD_WC_NAMES
#define Md5 wc_Md5
#define MD5 WC_MD5
#define MD5_BLOCK_SIZE WC_MD5_BLOCK_SIZE
#define MD5_DIGEST_SIZE WC_MD5_DIGEST_SIZE
#define WC_MD5_PAD_SIZE WC_MD5_PAD_SIZE
#endif
/* in bytes */
enum {
WC_MD5 = WC_HASH_TYPE_MD5,
WC_MD5_BLOCK_SIZE = 64,
WC_MD5_DIGEST_SIZE = 16,
WC_MD5_PAD_SIZE = 56
};
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
#include <libwolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
#endif
#ifdef STM32_HASH
#include <libwolfssl/wolfcrypt/port/st/stm32.h>
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libwolfssl/wolfcrypt/async.h>
#endif
#ifdef WOLFSSL_TI_HASH
#include "wolfssl/wolfcrypt/port/ti/ti-hash.h"
#elif defined(WOLFSSL_IMX6_CAAM)
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
#else
/* MD5 digest */
typedef struct wc_Md5 {
#ifdef STM32_HASH
STM32_HASH_Context stmCtx;
#else
word32 buffLen; /* in bytes */
word32 loLen; /* length in bytes */
word32 hiLen; /* length in bytes */
word32 buffer[WC_MD5_BLOCK_SIZE / sizeof(word32)];
#ifdef WOLFSSL_PIC32MZ_HASH
word32 digest[PIC32_DIGEST_SIZE / sizeof(word32)];
#else
word32 digest[WC_MD5_DIGEST_SIZE / sizeof(word32)];
#endif
void* heap;
#ifdef WOLFSSL_PIC32MZ_HASH
hashUpdCache cache; /* cache for updates */
#endif
#endif /* STM32_HASH */
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
word32 flags; /* enum wc_HashFlags in hash.h */
#endif
} wc_Md5;
#endif /* WOLFSSL_TI_HASH */
WOLFSSL_API int wc_InitMd5(wc_Md5*);
WOLFSSL_API int wc_InitMd5_ex(wc_Md5*, void*, int);
WOLFSSL_API int wc_Md5Update(wc_Md5*, const byte*, word32);
WOLFSSL_API int wc_Md5Final(wc_Md5*, byte*);
WOLFSSL_API void wc_Md5Free(wc_Md5*);
WOLFSSL_API int wc_Md5GetHash(wc_Md5*, byte*);
WOLFSSL_API int wc_Md5Copy(wc_Md5*, wc_Md5*);
#ifdef WOLFSSL_PIC32MZ_HASH
WOLFSSL_API void wc_Md5SizeSet(wc_Md5* md5, word32 len);
#endif
#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
WOLFSSL_API int wc_Md5SetFlags(wc_Md5* md5, word32 flags);
WOLFSSL_API int wc_Md5GetFlags(wc_Md5* md5, word32* flags);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* NO_MD5 */
#endif /* WOLF_CRYPT_MD5_H */

View File

@ -0,0 +1,401 @@
/* mem_track.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* The memory tracker overrides the wolfSSL memory callback system and uses a
* static to track the total, peak and currently allocated bytes.
*
* If you are already using the memory callbacks then enabling this will
* override the memory callbacks and prevent your memory callbacks from
* working. This assumes malloc() and free() are available. Feel free to
* customize this for your needs.
* The enable this feature define the following:
* #define USE_WOLFSSL_MEMORY
* #define WOLFSSL_TRACK_MEMORY
*
* On startup call:
* InitMemoryTracker();
*
* When ready to dump the memory report call:
* ShowMemoryTracker();
*
* Report example:
* total Allocs = 228
* total Bytes = 93442
* peak Bytes = 8840
* current Bytes = 0
*
*
* You can also:
* #define WOLFSSL_DEBUG_MEMORY
*
* To print every alloc/free along with the function and line number.
* Example output:
* Alloc: 0x7fa14a500010 -> 120 at wc_InitRng:496
* Free: 0x7fa14a500010 -> 120 at wc_FreeRng:606
*/
#ifndef WOLFSSL_MEM_TRACK_H
#define WOLFSSL_MEM_TRACK_H
#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
#include "wolfssl/wolfcrypt/logging.h"
#if defined(WOLFSSL_TRACK_MEMORY)
#define DO_MEM_STATS
#if defined(__linux__) || defined(__MACH__)
#define DO_MEM_LIST
#endif
#endif
typedef struct memoryStats {
long totalAllocs; /* number of allocations */
long totalDeallocs; /* number of deallocations */
long totalBytes; /* total number of bytes allocated */
long peakBytes; /* concurrent max bytes */
long currentBytes; /* total current bytes in use */
} memoryStats;
typedef struct memHint {
size_t thisSize; /* size of this memory */
#ifdef DO_MEM_LIST
struct memHint* next;
struct memHint* prev;
#ifdef WOLFSSL_DEBUG_MEMORY
const char* func;
unsigned int line;
#endif
#endif
void* thisMemory; /* actual memory for user */
} memHint;
typedef struct memoryTrack {
union {
memHint hint;
byte alignit[sizeof(memHint) + ((16-1) & ~(16-1))]; /* make sure we have strong alignment */
} u;
} memoryTrack;
#ifdef DO_MEM_LIST
/* track allocations and report at end */
typedef struct memoryList {
memHint* head;
memHint* tail;
word32 count;
} memoryList;
#endif
#if defined(WOLFSSL_TRACK_MEMORY)
static memoryStats ourMemStats;
#ifdef DO_MEM_LIST
#include <pthread.h>
static memoryList ourMemList;
static pthread_mutex_t memLock = PTHREAD_MUTEX_INITIALIZER;
#endif
#endif
/* if defined to not using inline then declare function prototypes */
#ifdef NO_INLINE
#define WC_STATIC
#ifdef WOLFSSL_DEBUG_MEMORY
WOLFSSL_LOCAL void* TrackMalloc(size_t sz, const char* func, unsigned int line);
WOLFSSL_LOCAL void TrackFree(void* ptr, const char* func, unsigned int line);
WOLFSSL_LOCAL void* TrackRealloc(void* ptr, size_t sz, const char* func, unsigned int line);
#else
WOLFSSL_LOCAL void* TrackMalloc(size_t sz);
WOLFSSL_LOCAL void TrackFree(void* ptr);
WOLFSSL_LOCAL void* TrackRealloc(void* ptr, size_t sz);
#endif
WOLFSSL_LOCAL int InitMemoryTracker(void);
WOLFSSL_LOCAL void ShowMemoryTracker(void);
#else
#define WC_STATIC static
#endif
#ifdef WOLFSSL_DEBUG_MEMORY
WC_STATIC WC_INLINE void* TrackMalloc(size_t sz, const char* func, unsigned int line)
#else
WC_STATIC WC_INLINE void* TrackMalloc(size_t sz)
#endif
{
memoryTrack* mt;
memHint* header;
if (sz == 0)
return NULL;
mt = (memoryTrack*)malloc(sizeof(memoryTrack) + sz);
if (mt == NULL)
return NULL;
header = &mt->u.hint;
header->thisSize = sz;
header->thisMemory = (byte*)mt + sizeof(memoryTrack);
#ifdef WOLFSSL_DEBUG_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY_PRINT
printf("Alloc: %p -> %u at %s:%d\n", header->thisMemory, (word32)sz, func, line);
#else
(void)func;
(void)line;
#endif
#endif
#ifdef DO_MEM_STATS
ourMemStats.totalAllocs++;
ourMemStats.totalBytes += sz;
ourMemStats.currentBytes += sz;
if (ourMemStats.currentBytes > ourMemStats.peakBytes)
ourMemStats.peakBytes = ourMemStats.currentBytes;
#endif
#ifdef DO_MEM_LIST
if (pthread_mutex_lock(&memLock) == 0) {
#ifdef WOLFSSL_DEBUG_MEMORY
header->func = func;
header->line = line;
#endif
/* Setup event */
header->next = NULL;
if (ourMemList.tail == NULL) {
ourMemList.head = header;
header->prev = NULL;
}
else {
ourMemList.tail->next = header;
header->prev = ourMemList.tail;
}
ourMemList.tail = header; /* add to the end either way */
ourMemList.count++;
pthread_mutex_unlock(&memLock);
}
#endif
return header->thisMemory;
}
#ifdef WOLFSSL_DEBUG_MEMORY
WC_STATIC WC_INLINE void TrackFree(void* ptr, const char* func, unsigned int line)
#else
WC_STATIC WC_INLINE void TrackFree(void* ptr)
#endif
{
memoryTrack* mt;
memHint* header;
size_t sz;
if (ptr == NULL) {
return;
}
mt = (memoryTrack*)((byte*)ptr - sizeof(memoryTrack));
header = &mt->u.hint;
sz = header->thisSize;
#ifdef DO_MEM_LIST
if (pthread_mutex_lock(&memLock) == 0)
{
#endif
#ifdef DO_MEM_STATS
ourMemStats.currentBytes -= header->thisSize;
ourMemStats.totalDeallocs++;
#endif
#ifdef DO_MEM_LIST
if (header == ourMemList.head && header == ourMemList.tail) {
ourMemList.head = NULL;
ourMemList.tail = NULL;
}
else if (header == ourMemList.head) {
ourMemList.head = header->next;
ourMemList.head->prev = NULL;
}
else if (header == ourMemList.tail) {
ourMemList.tail = header->prev;
ourMemList.tail->next = NULL;
}
else {
memHint* next = header->next;
memHint* prev = header->prev;
if (next)
next->prev = prev;
if (prev)
prev->next = next;
}
ourMemList.count--;
pthread_mutex_unlock(&memLock);
}
#endif
#ifdef WOLFSSL_DEBUG_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY_PRINT
printf("Free: %p -> %u at %s:%d\n", ptr, (word32)sz, func, line);
#else
(void)func;
(void)line;
#endif
#endif
(void)sz;
free(mt);
}
#ifdef WOLFSSL_DEBUG_MEMORY
WC_STATIC WC_INLINE void* TrackRealloc(void* ptr, size_t sz, const char* func, unsigned int line)
#else
WC_STATIC WC_INLINE void* TrackRealloc(void* ptr, size_t sz)
#endif
{
#ifdef WOLFSSL_DEBUG_MEMORY
void* ret = TrackMalloc(sz, func, line);
#else
void* ret = TrackMalloc(sz);
#endif
if (ptr) {
/* if realloc is bigger, don't overread old ptr */
memoryTrack* mt;
memHint* header;
mt = (memoryTrack*)((byte*)ptr - sizeof(memoryTrack));
header = &mt->u.hint;
if (header->thisSize < sz)
sz = header->thisSize;
}
if (ret && ptr)
XMEMCPY(ret, ptr, sz);
if (ret) {
#ifdef WOLFSSL_DEBUG_MEMORY
TrackFree(ptr, func, line);
#else
TrackFree(ptr);
#endif
}
return ret;
}
#ifdef WOLFSSL_TRACK_MEMORY
static wolfSSL_Malloc_cb mfDefault = NULL;
static wolfSSL_Free_cb ffDefault = NULL;
static wolfSSL_Realloc_cb rfDefault = NULL;
WC_STATIC WC_INLINE int InitMemoryTracker(void)
{
int ret;
ret = wolfSSL_GetAllocators(&mfDefault, &ffDefault, &rfDefault);
if (ret < 0) {
printf("wolfSSL GetAllocators failed to get the defaults\n");
}
ret = wolfSSL_SetAllocators(TrackMalloc, TrackFree, TrackRealloc);
if (ret < 0) {
printf("wolfSSL SetAllocators failed for track memory\n");
return ret;
}
#ifdef DO_MEM_LIST
if (pthread_mutex_lock(&memLock) == 0)
{
#endif
#ifdef DO_MEM_STATS
ourMemStats.totalAllocs = 0;
ourMemStats.totalDeallocs = 0;
ourMemStats.totalBytes = 0;
ourMemStats.peakBytes = 0;
ourMemStats.currentBytes = 0;
#endif
#ifdef DO_MEM_LIST
XMEMSET(&ourMemList, 0, sizeof(ourMemList));
pthread_mutex_unlock(&memLock);
}
#endif
return ret;
}
WC_STATIC WC_INLINE void ShowMemoryTracker(void)
{
#ifdef DO_MEM_LIST
if (pthread_mutex_lock(&memLock) == 0)
{
#endif
#ifdef DO_MEM_STATS
printf("total Allocs = %9ld\n", ourMemStats.totalAllocs);
printf("total Deallocs = %9ld\n", ourMemStats.totalDeallocs);
printf("total Bytes = %9ld\n", ourMemStats.totalBytes);
printf("peak Bytes = %9ld\n", ourMemStats.peakBytes);
printf("current Bytes = %9ld\n", ourMemStats.currentBytes);
#endif
#ifdef DO_MEM_LIST
if (ourMemList.count > 0) {
/* print list of allocations */
memHint* header;
for (header = ourMemList.head; header != NULL; header = header->next) {
printf("Leak: Ptr %p, Size %u"
#ifdef WOLFSSL_DEBUG_MEMORY
", Func %s, Line %d"
#endif
"\n",
(byte*)header + sizeof(memHint), (unsigned int)header->thisSize
#ifdef WOLFSSL_DEBUG_MEMORY
, header->func, header->line
#endif
);
}
}
pthread_mutex_unlock(&memLock);
}
#endif
}
WC_STATIC WC_INLINE int CleanupMemoryTracker(void)
{
/* restore default allocators */
return wolfSSL_SetAllocators(mfDefault, ffDefault, rfDefault);
}
#endif
#endif /* USE_WOLFSSL_MEMORY */
#endif /* WOLFSSL_MEM_TRACK_H */

View File

@ -0,0 +1,233 @@
/* memory.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* submitted by eof */
/*!
\file wolfssl/wolfcrypt/memory.h
*/
#ifndef WOLFSSL_MEMORY_H
#define WOLFSSL_MEMORY_H
#ifndef STRING_USER
#include <stdlib.h>
#endif
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST
WOLFSSL_API void wolfSSL_SetMemFailCount(int memFailCount);
#endif
#ifdef WOLFSSL_STATIC_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY
typedef void *(*wolfSSL_Malloc_cb)(size_t size, void* heap, int type, const char* func, unsigned int line);
typedef void (*wolfSSL_Free_cb)(void *ptr, void* heap, int type, const char* func, unsigned int line);
typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size, void* heap, int type, const char* func, unsigned int line);
WOLFSSL_API void* wolfSSL_Malloc(size_t size, void* heap, int type, const char* func, unsigned int line);
WOLFSSL_API void wolfSSL_Free(void *ptr, void* heap, int type, const char* func, unsigned int line);
WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type, const char* func, unsigned int line);
#else
typedef void *(*wolfSSL_Malloc_cb)(size_t size, void* heap, int type);
typedef void (*wolfSSL_Free_cb)(void *ptr, void* heap, int type);
typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size, void* heap, int type);
WOLFSSL_API void* wolfSSL_Malloc(size_t size, void* heap, int type);
WOLFSSL_API void wolfSSL_Free(void *ptr, void* heap, int type);
WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type);
#endif /* WOLFSSL_DEBUG_MEMORY */
#else
#ifdef WOLFSSL_DEBUG_MEMORY
typedef void *(*wolfSSL_Malloc_cb)(size_t size, const char* func, unsigned int line);
typedef void (*wolfSSL_Free_cb)(void *ptr, const char* func, unsigned int line);
typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size, const char* func, unsigned int line);
/* Public in case user app wants to use XMALLOC/XFREE */
WOLFSSL_API void* wolfSSL_Malloc(size_t size, const char* func, unsigned int line);
WOLFSSL_API void wolfSSL_Free(void *ptr, const char* func, unsigned int line);
WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, const char* func, unsigned int line);
#else
typedef void *(*wolfSSL_Malloc_cb)(size_t size);
typedef void (*wolfSSL_Free_cb)(void *ptr);
typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size);
/* Public in case user app wants to use XMALLOC/XFREE */
WOLFSSL_API void* wolfSSL_Malloc(size_t size);
WOLFSSL_API void wolfSSL_Free(void *ptr);
WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size);
#endif /* WOLFSSL_DEBUG_MEMORY */
#endif /* WOLFSSL_STATIC_MEMORY */
/* Public get/set functions */
WOLFSSL_API int wolfSSL_SetAllocators(wolfSSL_Malloc_cb,
wolfSSL_Free_cb,
wolfSSL_Realloc_cb);
WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*,
wolfSSL_Free_cb*,
wolfSSL_Realloc_cb*);
#ifdef WOLFSSL_STATIC_MEMORY
#define WOLFSSL_STATIC_TIMEOUT 1
#ifndef WOLFSSL_STATIC_ALIGN
#define WOLFSSL_STATIC_ALIGN 16
#endif
#ifndef WOLFMEM_MAX_BUCKETS
#define WOLFMEM_MAX_BUCKETS 9
#endif
#define WOLFMEM_DEF_BUCKETS 9 /* number of default memory blocks */
#ifndef WOLFMEM_IO_SZ
#define WOLFMEM_IO_SZ 16992 /* 16 byte aligned */
#endif
#ifndef WOLFMEM_BUCKETS
#ifndef SESSION_CERTS
/* default size of chunks of memory to separate into */
#ifndef LARGEST_MEM_BUCKET
#define LARGEST_MEM_BUCKET 16128
#endif
#define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\
LARGEST_MEM_BUCKET
#elif defined (OPENSSL_EXTRA)
/* extra storage in structs for multiple attributes and order */
#ifndef LARGEST_MEM_BUCKET
#define LARGEST_MEM_BUCKET 25536
#endif
#define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,\
LARGEST_MEM_BUCKET
#elif defined (WOLFSSL_CERT_EXT)
/* certificate extensions requires 24k for the SSL struct */
#ifndef LARGEST_MEM_BUCKET
#define LARGEST_MEM_BUCKET 24576
#endif
#define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\
LARGEST_MEM_BUCKET
#else
/* increase 23k for object member of WOLFSSL_X509_NAME_ENTRY */
#ifndef LARGEST_MEM_BUCKET
#define LARGEST_MEM_BUCKET 23440
#endif
#define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\
LARGEST_MEM_BUCKET
#endif
#endif
#ifndef WOLFMEM_DIST
#ifndef WOLFSSL_STATIC_MEMORY_SMALL
#define WOLFMEM_DIST 49,10,6,14,5,6,9,1,1
#else
/* Low resource and not RSA */
#define WOLFMEM_DIST 29, 7,6, 9,4,4,0,0,0
#endif
#endif
/* flags for loading static memory (one hot bit) */
#define WOLFMEM_GENERAL 0x01
#define WOLFMEM_IO_POOL 0x02
#define WOLFMEM_IO_POOL_FIXED 0x04
#define WOLFMEM_TRACK_STATS 0x08
#ifndef WOLFSSL_MEM_GUARD
#define WOLFSSL_MEM_GUARD
typedef struct WOLFSSL_MEM_STATS WOLFSSL_MEM_STATS;
typedef struct WOLFSSL_MEM_CONN_STATS WOLFSSL_MEM_CONN_STATS;
#endif
struct WOLFSSL_MEM_CONN_STATS {
word32 peakMem; /* peak memory usage */
word32 curMem; /* current memory usage */
word32 peakAlloc; /* peak memory allocations */
word32 curAlloc; /* current memory allocations */
word32 totalAlloc;/* total memory allocations for lifetime */
word32 totalFr; /* total frees for lifetime */
};
struct WOLFSSL_MEM_STATS {
word32 curAlloc; /* current memory allocations */
word32 totalAlloc;/* total memory allocations for lifetime */
word32 totalFr; /* total frees for lifetime */
word32 totalUse; /* total amount of memory used in blocks */
word32 avaIO; /* available IO specific pools */
word32 maxHa; /* max number of concurent handshakes allowed */
word32 maxIO; /* max number of concurent IO connections allowed */
word32 blockSz[WOLFMEM_MAX_BUCKETS]; /* block sizes in stacks */
word32 avaBlock[WOLFMEM_MAX_BUCKETS];/* ava block sizes */
word32 usedBlock[WOLFMEM_MAX_BUCKETS];
int flag; /* flag used */
};
typedef struct wc_Memory wc_Memory; /* internal structure for mem bucket */
typedef struct WOLFSSL_HEAP {
wc_Memory* ava[WOLFMEM_MAX_BUCKETS];
wc_Memory* io; /* list of buffers to use for IO */
word32 maxHa; /* max concurent handshakes */
word32 curHa;
word32 maxIO; /* max concurrent IO connections */
word32 curIO;
word32 sizeList[WOLFMEM_MAX_BUCKETS];/* memory sizes in ava list */
word32 distList[WOLFMEM_MAX_BUCKETS];/* general distribution */
word32 inUse; /* amount of memory currently in use */
word32 ioUse;
word32 alloc; /* total number of allocs */
word32 frAlc; /* total number of frees */
int flag;
wolfSSL_Mutex memory_mutex;
} WOLFSSL_HEAP;
/* structure passed into XMALLOC as heap hint
* having this abstraction allows tracking statistics of individual ssl's
*/
typedef struct WOLFSSL_HEAP_HINT {
WOLFSSL_HEAP* memory;
WOLFSSL_MEM_CONN_STATS* stats; /* hold individual connection stats */
wc_Memory* outBuf; /* set if using fixed io buffers */
wc_Memory* inBuf;
byte haFlag; /* flag used for checking handshake count */
} WOLFSSL_HEAP_HINT;
WOLFSSL_API int wc_LoadStaticMemory(WOLFSSL_HEAP_HINT** pHint,
unsigned char* buf, unsigned int sz, int flag, int max);
WOLFSSL_LOCAL int wolfSSL_init_memory_heap(WOLFSSL_HEAP* heap);
WOLFSSL_LOCAL int wolfSSL_load_static_memory(byte* buffer, word32 sz,
int flag, WOLFSSL_HEAP* heap);
WOLFSSL_LOCAL int wolfSSL_GetMemStats(WOLFSSL_HEAP* heap,
WOLFSSL_MEM_STATS* stats);
WOLFSSL_LOCAL int SetFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io);
WOLFSSL_LOCAL int FreeFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io);
WOLFSSL_API int wolfSSL_StaticBufferSz(byte* buffer, word32 sz, int flag);
WOLFSSL_API int wolfSSL_MemoryPaddingSz(void);
#endif /* WOLFSSL_STATIC_MEMORY */
#ifdef WOLFSSL_STACK_LOG
WOLFSSL_API void __attribute__((no_instrument_function))
__cyg_profile_func_enter(void *func, void *caller);
WOLFSSL_API void __attribute__((no_instrument_function))
__cyg_profile_func_exit(void *func, void *caller);
#endif /* WOLFSSL_STACK_LOG */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_MEMORY_H */

View File

@ -0,0 +1,116 @@
/* misc.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLF_CRYPT_MISC_H
#define WOLF_CRYPT_MISC_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef NO_INLINE
WOLFSSL_LOCAL
word32 rotlFixed(word32, word32);
WOLFSSL_LOCAL
word32 rotrFixed(word32, word32);
WOLFSSL_LOCAL
word32 ByteReverseWord32(word32);
WOLFSSL_LOCAL
void ByteReverseWords(word32*, const word32*, word32);
WOLFSSL_LOCAL
void XorWords(wolfssl_word*, const wolfssl_word*, word32);
WOLFSSL_LOCAL
void xorbuf(void*, const void*, word32);
WOLFSSL_LOCAL
void ForceZero(const void*, word32);
WOLFSSL_LOCAL
int ConstantCompare(const byte*, const byte*, int);
#ifdef WORD64_AVAILABLE
WOLFSSL_LOCAL
word64 rotlFixed64(word64, word64);
WOLFSSL_LOCAL
word64 rotrFixed64(word64, word64);
WOLFSSL_LOCAL
word64 ByteReverseWord64(word64);
WOLFSSL_LOCAL
void ByteReverseWords64(word64*, const word64*, word32);
#endif /* WORD64_AVAILABLE */
#ifndef WOLFSSL_HAVE_MIN
#if defined(HAVE_FIPS) && !defined(min) /* so ifdef check passes */
#define min min
#endif
WOLFSSL_LOCAL word32 min(word32 a, word32 b);
#endif
#ifndef WOLFSSL_HAVE_MAX
#if defined(HAVE_FIPS) && !defined(max) /* so ifdef check passes */
#define max max
#endif
WOLFSSL_LOCAL word32 max(word32 a, word32 b);
#endif /* WOLFSSL_HAVE_MAX */
void c32to24(word32 in, word24 out);
void c16toa(word16 u16, byte* c);
void c32toa(word32 u32, byte* c);
void c24to32(const word24 u24, word32* u32);
void ato16(const byte* c, word16* u16);
void ato24(const byte* c, word32* u24);
void ato32(const byte* c, word32* u32);
word32 btoi(byte b);
WOLFSSL_LOCAL byte ctMaskGT(int a, int b);
WOLFSSL_LOCAL byte ctMaskGTE(int a, int b);
WOLFSSL_LOCAL int ctMaskIntGTE(int a, int b);
WOLFSSL_LOCAL byte ctMaskLT(int a, int b);
WOLFSSL_LOCAL byte ctMaskLTE(int a, int b);
WOLFSSL_LOCAL byte ctMaskEq(int a, int b);
WOLFSSL_LOCAL word16 ctMask16Eq(int a, int b);
WOLFSSL_LOCAL byte ctMaskNotEq(int a, int b);
WOLFSSL_LOCAL byte ctMaskSel(byte m, byte a, byte b);
WOLFSSL_LOCAL int ctMaskSelInt(byte m, int a, int b);
WOLFSSL_LOCAL byte ctSetLTE(int a, int b);
#endif /* NO_INLINE */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_MISC_H */

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,96 @@
/* mpi_superclass.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* super class file for PK algos */
/* default ... include all MPI */
#define LTM_ALL
/* RSA only (does not support DH/DSA/ECC) */
/* #define SC_RSA_1 */
/* For reference.... On an Athlon64 optimizing for speed...
LTM's mpi.o with all functions [striped] is 142KiB in size.
*/
/* Works for RSA only, mpi.o is 68KiB */
#ifdef SC_RSA_1
#define BN_MP_SHRINK_C
#define BN_MP_LCM_C
#define BN_MP_PRIME_RANDOM_EX_C
#define BN_MP_INVMOD_C
#define BN_MP_GCD_C
#define BN_MP_MOD_C
#define BN_MP_MULMOD_C
#define BN_MP_ADDMOD_C
#define BN_MP_EXPTMOD_C
#define BN_MP_SET_INT_C
#define BN_MP_INIT_MULTI_C
#define BN_MP_CLEAR_MULTI_C
#define BN_MP_UNSIGNED_BIN_SIZE_C
#define BN_MP_TO_UNSIGNED_BIN_C
#define BN_MP_MOD_D_C
#define BN_MP_PRIME_RABIN_MILLER_TRIALS_C
#define BN_REVERSE_C
#define BN_PRIME_TAB_C
/* other modifiers */
#define BN_MP_DIV_SMALL /* Slower division, not critical */
/* here we are on the last pass so we turn things off. The functions classes are still there
* but we remove them specifically from the build. This also invokes tweaks in functions
* like removing support for even moduli, etc...
*/
#ifdef LTM_LAST
#undef BN_MP_TOOM_MUL_C
#undef BN_MP_TOOM_SQR_C
#undef BN_MP_KARATSUBA_MUL_C
#undef BN_MP_KARATSUBA_SQR_C
#undef BN_MP_REDUCE_C
#undef BN_MP_REDUCE_SETUP_C
#undef BN_MP_DR_IS_MODULUS_C
#undef BN_MP_DR_SETUP_C
#undef BN_MP_DR_REDUCE_C
#undef BN_MP_REDUCE_IS_2K_C
#undef BN_MP_REDUCE_2K_SETUP_C
#undef BN_MP_REDUCE_2K_C
#undef BN_S_MP_EXPTMOD_C
#undef BN_MP_DIV_3_C
#undef BN_S_MP_MUL_HIGH_DIGS_C
#undef BN_FAST_S_MP_MUL_HIGH_DIGS_C
#undef BN_FAST_MP_INVMOD_C
/* To safely undefine these you have to make sure your RSA key won't exceed the Comba threshold
* which is roughly 255 digits [7140 bits for 32-bit machines, 15300 bits for 64-bit machines]
* which means roughly speaking you can handle up to 2536-bit RSA keys with these defined without
* trouble.
*/
#undef BN_S_MP_MUL_DIGS_C
#undef BN_S_MP_SQR_C
#undef BN_MP_MONTGOMERY_REDUCE_C
#endif
#endif

View File

@ -0,0 +1,537 @@
/* pkcs11.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _PKCS11_H_
#define _PKCS11_H_
#ifdef __cplusplus
extern "C" {
#endif
#ifndef NULL_PTR
#define NULL_PTR 0
#endif
#define CK_TRUE 1
#define CK_FALSE 0
#define CK_INVALID_HANDLE 0UL
#define CKN_SURRENDER 0UL
#define CKF_TOKEN_PRESENT 0x00000001UL
#define CKF_REMOVABLE_DEVICE 0x00000002UL
#define CKF_HW_SLOT 0x00000004UL
#define CKF_HW 0x00000001UL
#define CKF_ENCRYPT 0x00000100UL
#define CKF_DECRYPT 0x00000200UL
#define CKF_DIGEST 0x00000400UL
#define CKF_SIGN 0x00000800UL
#define CKF_SIGN_RECOVER 0x00001000UL
#define CKF_VERIFY 0x00002000UL
#define CKF_VERIFY_RECOVER 0x00004000UL
#define CKF_GENERATE 0x00008000UL
#define CKF_GENERATE_KEY_PAIR 0x00010000UL
#define CKF_WRAP 0x00020000UL
#define CKF_UNWRAP 0x00040000UL
#define CKF_DERIVE 0x00080000UL
#define CKF_EC_F_P 0x00100000UL
#define CKF_EC_F_2M 0x00200000UL
#define CKF_EC_ECPARAMETERS 0x00400000UL
#define CKF_EC_NAMEDCURVE 0x00800000UL
#define CKF_EC_UNCOMPRESS 0x01000000UL
#define CKF_EC_COMPRESS 0x02000000UL
#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001UL
#define CKF_OS_LOCKING_OK 0x00000002UL
#define CKU_SO 0UL
#define CKU_USER 1UL
#define CKU_CONTEXT_SPECIFIC 2UL
#define CKF_RW_SESSION 0x00000002UL
#define CKF_SERIAL_SESSION 0x00000004UL
#define CKO_PUBLIC_KEY 0x00000002UL
#define CKO_PRIVATE_KEY 0x00000003UL
#define CKO_SECRET_KEY 0x00000004UL
#define CKK_RSA 0x00000000UL
#define CKK_DH 0x00000002UL
#define CKK_EC 0x00000003UL
#define CKK_GENERIC_SECRET 0x00000010UL
#define CKK_AES 0x0000001FUL
#define CKK_MD5_HMAC 0x00000027UL
#define CKK_SHA_1_HMAC 0x00000028UL
#define CKK_SHA256_HMAC 0x0000002bUL
#define CKK_SHA384_HMAC 0x0000002cUL
#define CKK_SHA512_HMAC 0x0000002dUL
#define CKK_SHA224_HMAC 0x0000002eUL
#define CKA_CLASS 0x00000000UL
#define CKA_TOKEN 0x00000001UL
#define CKA_PRIVATE 0x00000002UL
#define CKA_LABEL 0x00000003UL
#define CKA_VALUE 0x00000011UL
#define CKA_OBJECT_ID 0x00000012UL
#define CKA_OWNER 0x00000084UL
#define CKA_TRUSTED 0x00000086UL
#define CKA_KEY_TYPE 0x00000100UL
#define CKA_ID 0x00000102UL
#define CKA_SENSITIVE 0x00000103UL
#define CKA_ENCRYPT 0x00000104UL
#define CKA_DECRYPT 0x00000105UL
#define CKA_WRAP 0x00000106UL
#define CKA_UNWRAP 0x00000107UL
#define CKA_SIGN 0x00000108UL
#define CKA_SIGN_RECOVER 0x00000109UL
#define CKA_VERIFY 0x0000010AUL
#define CKA_VERIFY_RECOVER 0x0000010BUL
#define CKA_DERIVE 0x0000010CUL
#define CKA_MODULUS 0x00000120UL
#define CKA_MODULUS_BITS 0x00000121UL
#define CKA_PUBLIC_EXPONENT 0x00000122UL
#define CKA_PRIVATE_EXPONENT 0x00000123UL
#define CKA_PRIME_1 0x00000124UL
#define CKA_PRIME_2 0x00000125UL
#define CKA_EXPONENT_1 0x00000126UL
#define CKA_EXPONENT_2 0x00000127UL
#define CKA_COEFFICIENT 0x00000128UL
#define CKA_PUBLIC_KEY_INFO 0x00000129UL
#define CKA_PRIME 0x00000130UL
#define CKA_BASE 0x00000132UL
#define CKA_PRIME_BITS 0x00000133UL
#define CKA_VALUE_BITS 0x00000160UL
#define CKA_VALUE_LEN 0x00000161UL
#define CKA_EXTRACTABLE 0x00000162UL
#define CKA_LOCAL 0x00000163UL
#define CKA_NEVER_EXTRACTABLE 0x00000164UL
#define CKA_ALWAYS_SENSITIVE 0x00000165UL
#define CKA_KEY_GEN_MECHANISM 0x00000166UL
#define CKA_MODIFIABLE 0x00000170UL
#define CKA_COPYABLE 0x00000171UL
#define CKA_DESTROYABLE 0x00000172UL
#define CKA_EC_PARAMS 0x00000180UL
#define CKA_EC_POINT 0x00000181UL
#define CKA_ALWAYS_AUTHENTICATE 0x00000202UL
#define CKA_HW_FEATURE_TYPE 0x00000300UL
#define CKA_RESET_ON_INIT 0x00000301UL
#define CKA_HAS_RESET 0x00000302UL
#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000UL
#define CKM_RSA_X_509 0x00000003UL
#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020UL
#define CKM_DH_PKCS_DERIVE 0x00000021UL
#define CKM_MD5_HMAC 0x00000211UL
#define CKM_SHA_1_HMAC 0x00000221UL
#define CKM_SHA256_HMAC 0x00000251UL
#define CKM_SHA224_HMAC 0x00000256UL
#define CKM_SHA384_HMAC 0x00000261UL
#define CKM_SHA512_HMAC 0x00000271UL
#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350UL
#define CKM_EC_KEY_PAIR_GEN 0x00001040UL
#define CKM_ECDSA 0x00001041UL
#define CKM_ECDH1_DERIVE 0x00001050UL
#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051UL
#define CKM_AES_KEY_GEN 0x00001080UL
#define CKM_AES_CBC 0x00001082UL
#define CKM_AES_GCM 0x00001087UL
#define CKR_OK 0x00000000UL
#define CKR_MECHANISM_INVALID 0x00000070UL
#define CKR_SIGNATURE_INVALID 0x000000C0UL
#define CKD_NULL 0x00000001UL
typedef unsigned char CK_BYTE;
typedef CK_BYTE CK_CHAR;
typedef CK_BYTE CK_UTF8CHAR;
typedef CK_BYTE CK_BBOOL;
typedef unsigned long int CK_ULONG;
typedef long int CK_LONG;
typedef CK_ULONG CK_FLAGS;
typedef CK_BYTE* CK_BYTE_PTR;
typedef CK_CHAR* CK_CHAR_PTR;
typedef CK_UTF8CHAR* CK_UTF8CHAR_PTR;
typedef CK_ULONG* CK_ULONG_PTR;
typedef void* CK_VOID_PTR;
typedef CK_VOID_PTR* CK_VOID_PTR_PTR;
typedef CK_ULONG CK_RV;
typedef struct CK_VERSION {
CK_BYTE major;
CK_BYTE minor;
} CK_VERSION;
typedef CK_VERSION* CK_VERSION_PTR;
/* Info Types */
typedef struct CK_INFO {
CK_VERSION cryptokiVersion;
CK_UTF8CHAR manufacturerID[32];
CK_FLAGS flags;
CK_UTF8CHAR libraryDescription[32];
CK_VERSION libraryVersion;
} CK_INFO;
typedef CK_INFO* CK_INFO_PTR;
/* Slot Types */
typedef CK_ULONG CK_SLOT_ID;
typedef CK_SLOT_ID* CK_SLOT_ID_PTR;
typedef struct CK_SLOT_INFO {
CK_UTF8CHAR slotDescription[64];
CK_UTF8CHAR manufacturerID[32];
CK_FLAGS flags;
CK_VERSION hardwareVersion;
CK_VERSION firmwareVersion;
} CK_SLOT_INFO;
typedef CK_SLOT_INFO* CK_SLOT_INFO_PTR;
/* Token Types */
typedef struct CK_TOKEN_INFO {
CK_UTF8CHAR label[32];
CK_UTF8CHAR manufacturerID[32];
CK_UTF8CHAR model[16];
CK_CHAR serialNumber[16];
CK_FLAGS flags;
CK_ULONG ulMaxSessionCount;
CK_ULONG ulSessionCount;
CK_ULONG ulMaxRwSessionCount;
CK_ULONG ulRwSessionCount;
CK_ULONG ulMaxPinLen;
CK_ULONG ulMinPinLen;
CK_ULONG ulTotalPublicMemory;
CK_ULONG ulFreePublicMemory;
CK_ULONG ulTotalPrivateMemory;
CK_ULONG ulFreePrivateMemory;
CK_VERSION hardwareVersion;
CK_VERSION firmwareVersion;
CK_CHAR utcTime[16];
} CK_TOKEN_INFO;
typedef CK_TOKEN_INFO* CK_TOKEN_INFO_PTR;
/* Session Types */
typedef CK_ULONG CK_SESSION_HANDLE;
typedef CK_SESSION_HANDLE* CK_SESSION_HANDLE_PTR;
typedef CK_ULONG CK_USER_TYPE;
typedef CK_ULONG CK_STATE;
typedef struct CK_SESSION_INFO {
CK_SLOT_ID slotID;
CK_STATE state;
CK_FLAGS flags;
CK_ULONG ulDeviceError;
} CK_SESSION_INFO;
typedef CK_SESSION_INFO* CK_SESSION_INFO_PTR;
/* Object Types */
typedef CK_ULONG CK_OBJECT_HANDLE;
typedef CK_OBJECT_HANDLE* CK_OBJECT_HANDLE_PTR;
typedef CK_ULONG CK_OBJECT_CLASS;
typedef CK_OBJECT_CLASS* CK_OBJECT_CLASS_PTR;
typedef CK_ULONG CK_KEY_TYPE;
typedef CK_ULONG CK_ATTRIBUTE_TYPE;
typedef struct CK_ATTRIBUTE {
CK_ATTRIBUTE_TYPE type;
CK_VOID_PTR pValue;
CK_ULONG ulValueLen;
} CK_ATTRIBUTE;
typedef CK_ATTRIBUTE* CK_ATTRIBUTE_PTR;
/* Mechanism Types */
typedef CK_ULONG CK_MECHANISM_TYPE;
typedef CK_MECHANISM_TYPE* CK_MECHANISM_TYPE_PTR;
typedef struct CK_MECHANISM {
CK_MECHANISM_TYPE mechanism;
CK_VOID_PTR pParameter;
CK_ULONG ulParameterLen;
} CK_MECHANISM;
typedef CK_MECHANISM* CK_MECHANISM_PTR;
typedef struct CK_MECHANISM_INFO {
CK_ULONG ulMinKeySize;
CK_ULONG ulMaxKeySize;
CK_FLAGS flags;
} CK_MECHANISM_INFO;
typedef CK_MECHANISM_INFO * CK_MECHANISM_INFO_PTR;
typedef CK_ULONG CK_NOTIFICATION;
typedef CK_RV (*CK_NOTIFY)(CK_SESSION_HANDLE hSession, CK_NOTIFICATION event,
CK_VOID_PTR pApplication);
/* Threading types. */
typedef CK_RV (*CK_CREATEMUTEX)(CK_VOID_PTR_PTR ppMutex);
typedef CK_RV (*CK_DESTROYMUTEX)(CK_VOID_PTR pMutex);
typedef CK_RV (*CK_LOCKMUTEX)(CK_VOID_PTR pMutex);
typedef CK_RV (*CK_UNLOCKMUTEX)(CK_VOID_PTR pMutex);
typedef struct CK_C_INITIALIZE_ARGS {
CK_CREATEMUTEX CreateMutex;
CK_DESTROYMUTEX DestroyMutex;
CK_LOCKMUTEX LockMutex;
CK_UNLOCKMUTEX UnlockMutex;
CK_FLAGS flags;
CK_VOID_PTR pReserved;
} CK_C_INITIALIZE_ARGS;
typedef CK_C_INITIALIZE_ARGS* CK_C_INITIALIZE_ARGS_PTR;
/* Cryptographic algorithm types. */
typedef CK_ULONG CK_EC_KDF_TYPE;
typedef struct CK_ECDH1_DERIVE_PARAMS {
CK_EC_KDF_TYPE kdf;
CK_ULONG ulSharedDataLen;
CK_BYTE_PTR pSharedData;
CK_ULONG ulPublicDataLen;
CK_BYTE_PTR pPublicData;
} CK_ECDH1_DERIVE_PARAMS;
typedef CK_ECDH1_DERIVE_PARAMS* CK_ECDH1_DERIVE_PARAMS_PTR;
typedef struct CK_GCM_PARAMS {
CK_BYTE_PTR pIv;
CK_ULONG ulIvLen;
CK_ULONG ulIvBits;
CK_BYTE_PTR pAAD;
CK_ULONG ulAADLen;
CK_ULONG ulTagBits;
} CK_GCM_PARAMS;
typedef CK_GCM_PARAMS* CK_GCM_PARAMS_PTR;
/* Function list types. */
typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
typedef CK_FUNCTION_LIST* CK_FUNCTION_LIST_PTR;
typedef CK_FUNCTION_LIST_PTR* CK_FUNCTION_LIST_PTR_PTR;
typedef CK_RV (*CK_C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
struct CK_FUNCTION_LIST {
CK_VERSION version;
CK_RV (*C_Initialize)(CK_VOID_PTR pInitArgs);
CK_RV (*C_Finalize)(CK_VOID_PTR pReserved);
CK_RV (*C_GetInfo)(CK_INFO_PTR pInfo);
CK_RV (*C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
CK_RV (*C_GetSlotList)(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList,
CK_ULONG_PTR pulCount);
CK_RV (*C_GetSlotInfo)(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo);
CK_RV (*C_GetTokenInfo)(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo);
CK_RV (*C_GetMechanismList)(CK_SLOT_ID slotID,
CK_MECHANISM_TYPE_PTR pMechanismList,
CK_ULONG_PTR pulCount);
CK_RV (*C_GetMechanismInfo)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
CK_MECHANISM_INFO_PTR pInfo);
CK_RV (*C_InitToken)(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin,
CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel);
CK_RV (*C_InitPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin,
CK_ULONG ulPinLen);
CK_RV (*C_SetPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin,
CK_ULONG ulOldLen, CK_UTF8CHAR_PTR pNewPin,
CK_ULONG ulNewLen);
CK_RV (*C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags,
CK_VOID_PTR pApplication, CK_NOTIFY Notify,
CK_SESSION_HANDLE_PTR phSession);
CK_RV (*C_CloseSession)(CK_SESSION_HANDLE hSession);
CK_RV (*C_CloseAllSessions)(CK_SLOT_ID slotID);
CK_RV (*C_GetSessionInfo)(CK_SESSION_HANDLE hSession,
CK_SESSION_INFO_PTR pInfo);
CK_RV (*C_GetOperationState)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pOperationState,
CK_ULONG_PTR pulOperationStateLen);
CK_RV (*C_SetOperationState)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pOperationState,
CK_ULONG ulOperationStateLen,
CK_OBJECT_HANDLE hEncryptionKey,
CK_OBJECT_HANDLE hAuthenticationKey);
CK_RV (*C_Login)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen);
CK_RV (*C_Logout)(CK_SESSION_HANDLE hSession);
CK_RV (*C_CreateObject)(CK_SESSION_HANDLE hSession,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
CK_OBJECT_HANDLE_PTR phObject);
CK_RV (*C_CopyObject)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
CK_OBJECT_HANDLE_PTR phNewObject);
CK_RV (*C_DestroyObject)(CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE hObject);
CK_RV (*C_GetObjectSize)(CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize);
CK_RV (*C_GetAttributeValue)(CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE hObject,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount);
CK_RV (*C_SetAttributeValue)(CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE hObject,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount);
CK_RV (*C_FindObjectsInit)(CK_SESSION_HANDLE hSession,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount);
CK_RV (*C_FindObjects)(CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE_PTR phObject,
CK_ULONG ulMaxObjectCount,
CK_ULONG_PTR pulObjectCount);
CK_RV (*C_FindObjectsFinal)(CK_SESSION_HANDLE hSession);
CK_RV (*C_EncryptInit)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
CK_RV (*C_Encrypt)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData,
CK_ULONG_PTR pulEncryptedDataLen);
CK_RV (*C_EncryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
CK_ULONG_PTR pulEncryptedPartLen);
CK_RV (*C_EncryptFinal)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pLastEncryptedPart,
CK_ULONG_PTR pulLastEncryptedPartLen);
CK_RV (*C_DecryptInit)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
CK_RV (*C_Decrypt)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData,
CK_ULONG_PTR pulDataLen);
CK_RV (*C_DecryptUpdate)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pEncryptedPart,
CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
CK_ULONG_PTR pulPartLen);
CK_RV (*C_DecryptFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart,
CK_ULONG_PTR pulLastPartLen);
CK_RV (*C_DigestInit)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism);
CK_RV (*C_Digest)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG ulDataLen, CK_BYTE_PTR pDigest,
CK_ULONG_PTR pulDigestLen);
CK_RV (*C_DigestUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG ulPartLen);
CK_RV (*C_DigestKey)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey);
CK_RV (*C_DigestFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest,
CK_ULONG_PTR pulDigestLen);
CK_RV (*C_SignInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hKey);
CK_RV (*C_Sign)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
CK_ULONG_PTR pulSignatureLen);
CK_RV (*C_SignUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG ulPartLen);
CK_RV (*C_SignFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
CK_ULONG_PTR pulSignatureLen);
CK_RV (*C_SignRecoverInit)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hKey);
CK_RV (*C_SignRecover)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
CK_ULONG_PTR pulSignatureLen);
CK_RV (*C_VerifyInit)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
CK_RV (*C_Verify)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
CK_ULONG ulSignatureLen);
CK_RV (*C_VerifyUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG ulPartLen);
CK_RV (*C_VerifyFinal)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen);
CK_RV (*C_VerifyRecoverInit)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hKey);
CK_RV (*C_VerifyRecover)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen,
CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen);
CK_RV (*C_DigestEncryptUpdate)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pPart, CK_ULONG ulPartLen,
CK_BYTE_PTR pEncryptedPart,
CK_ULONG_PTR pulEncryptedPartLen);
CK_RV (*C_DecryptDigestUpdate)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pEncryptedPart,
CK_ULONG ulEncryptedPartLen,
CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen);
CK_RV (*C_SignEncryptUpdate)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pPart, CK_ULONG ulPartLen,
CK_BYTE_PTR pEncryptedPart,
CK_ULONG_PTR pulEncryptedPartLen);
CK_RV (*C_DecryptVerifyUpdate)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pEncryptedPart,
CK_ULONG ulEncryptedPartLen,
CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen);
CK_RV (*C_GenerateKey)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
CK_OBJECT_HANDLE_PTR phKey);
CK_RV (*C_GenerateKeyPair)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pPublicKeyTemplate,
CK_ULONG ulPublicKeyAttributeCount,
CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
CK_ULONG ulPrivateKeyAttributeCount,
CK_OBJECT_HANDLE_PTR phPublicKey,
CK_OBJECT_HANDLE_PTR phPrivateKey);
CK_RV (*C_WrapKey)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
CK_BYTE_PTR pWrappedKey,
CK_ULONG_PTR pulWrappedKeyLen);
CK_RV (*C_UnwrapKey)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hUnwrappingKey,
CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount,
CK_OBJECT_HANDLE_PTR phKey);
CK_RV (*C_DeriveKey)(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hBaseKey,
CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount,
CK_OBJECT_HANDLE_PTR phKey);
CK_RV (*C_SeedRandom)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
CK_ULONG ulSeedLen);
CK_RV (*C_GenerateRandom)(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR RandomData, CK_ULONG ulRandomLen);
CK_RV (*C_GetFunctionStatus)(CK_SESSION_HANDLE hSession);
CK_RV (*C_CancelFunction)(CK_SESSION_HANDLE hSession);
CK_RV (*C_WaitForSlotEvent)(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
CK_VOID_PTR pRserved);
};
#ifdef __cplusplus
}
#endif
#endif /* _PKCS11_H_ */

View File

@ -0,0 +1,72 @@
/* pkcs12.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLF_CRYPT_PKCS12_H
#define WOLF_CRYPT_PKCS12_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifndef WOLFSSL_TYPES_DEFINED /* do not redeclare from ssl.h */
typedef struct WC_PKCS12 WC_PKCS12;
#endif
typedef struct WC_DerCertList { /* dereferenced in ssl.c */
byte* buffer;
word32 bufferSz;
struct WC_DerCertList* next;
} WC_DerCertList;
/* default values for creating PKCS12 */
enum {
WC_PKCS12_ITT_DEFAULT = 2048,
WC_PKCS12_VERSION_DEFAULT = 3,
WC_PKCS12_MAC_DEFAULT = 1,
};
WOLFSSL_API WC_PKCS12* wc_PKCS12_new(void);
WOLFSSL_API void wc_PKCS12_free(WC_PKCS12* pkcs12);
WOLFSSL_API int wc_d2i_PKCS12(const byte* der, word32 derSz, WC_PKCS12* pkcs12);
WOLFSSL_API int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz);
WOLFSSL_API int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
byte** pkey, word32* pkeySz, byte** cert, word32* certSz,
WC_DerCertList** ca);
WOLFSSL_API WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz,
char* name, byte* key, word32 keySz, byte* cert, word32 certSz,
WC_DerCertList* ca, int nidKey, int nidCert, int iter, int macIter,
int keyType, void* heap);
WOLFSSL_LOCAL int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap);
WOLFSSL_LOCAL void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12);
WOLFSSL_LOCAL void wc_FreeCertList(WC_DerCertList* list, void* heap);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_PKCS12_H */

View File

@ -0,0 +1,483 @@
/* pkcs7.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/pkcs7.h
*/
#ifndef WOLF_CRYPT_PKCS7_H
#define WOLF_CRYPT_PKCS7_H
#include <libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_PKCS7
#ifndef NO_ASN
#include <libwolfssl/wolfcrypt/asn.h>
#endif
#include <libwolfssl/wolfcrypt/asn_public.h>
#include <libwolfssl/wolfcrypt/random.h>
#ifndef NO_AES
#include <libwolfssl/wolfcrypt/aes.h>
#endif
#ifndef NO_DES3
#include <libwolfssl/wolfcrypt/des3.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* Max number of certificates that PKCS7 structure can parse */
#ifndef MAX_PKCS7_CERTS
#define MAX_PKCS7_CERTS 4
#endif
#ifndef MAX_ORI_TYPE_SZ
#define MAX_ORI_TYPE_SZ MAX_OID_SZ
#endif
#ifndef MAX_ORI_VALUE_SZ
#define MAX_ORI_VALUE_SZ 512
#endif
#ifndef MAX_SIGNED_ATTRIBS_SZ
#define MAX_SIGNED_ATTRIBS_SZ 7
#endif
#ifndef MAX_AUTH_ATTRIBS_SZ
#define MAX_AUTH_ATTRIBS_SZ 7
#endif
#ifndef MAX_UNAUTH_ATTRIBS_SZ
#define MAX_UNAUTH_ATTRIBS_SZ 7
#endif
/* PKCS#7 content types, ref RFC 2315 (Section 14) */
enum PKCS7_TYPES {
PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */
DATA = 651, /* 1.2.840.113549.1.7.1 */
SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */
ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */
SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */
DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */
ENCRYPTED_DATA = 656, /* 1.2.840.113549.1.7.6 */
#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
COMPRESSED_DATA = 678, /* 1.2.840.113549.1.9.16.1.9, RFC 3274 */
#endif
FIRMWARE_PKG_DATA = 685, /* 1.2.840.113549.1.9.16.1.16, RFC 4108 */
AUTH_ENVELOPED_DATA = 692 /* 1.2.840.113549.1.9.16.1.23, RFC 5083 */
};
enum PKCS7_STATE {
WC_PKCS7_START = 0,
/* decode encrypted */
WC_PKCS7_STAGE2,
WC_PKCS7_STAGE3,
WC_PKCS7_STAGE4,
WC_PKCS7_STAGE5,
WC_PKCS7_STAGE6,
WC_PKCS7_VERIFY_STAGE2,
WC_PKCS7_VERIFY_STAGE3,
WC_PKCS7_VERIFY_STAGE4,
WC_PKCS7_VERIFY_STAGE5,
WC_PKCS7_VERIFY_STAGE6,
/* parse info set */
WC_PKCS7_INFOSET_START,
WC_PKCS7_INFOSET_BER,
WC_PKCS7_INFOSET_STAGE1,
WC_PKCS7_INFOSET_STAGE2,
WC_PKCS7_INFOSET_END,
/* decode enveloped data */
WC_PKCS7_ENV_2,
WC_PKCS7_ENV_3,
WC_PKCS7_ENV_4,
WC_PKCS7_ENV_5,
/* decode auth enveloped */
WC_PKCS7_AUTHENV_2,
WC_PKCS7_AUTHENV_3,
WC_PKCS7_AUTHENV_4,
WC_PKCS7_AUTHENV_5,
WC_PKCS7_AUTHENV_6,
WC_PKCS7_AUTHENV_ATRB,
WC_PKCS7_AUTHENV_ATRBEND,
WC_PKCS7_AUTHENV_7,
/* decryption state types */
WC_PKCS7_DECRYPT_KTRI,
WC_PKCS7_DECRYPT_KTRI_2,
WC_PKCS7_DECRYPT_KTRI_3,
WC_PKCS7_DECRYPT_KARI,
WC_PKCS7_DECRYPT_KEKRI,
WC_PKCS7_DECRYPT_PWRI,
WC_PKCS7_DECRYPT_ORI,
WC_PKCS7_DECRYPT_DONE,
};
enum Pkcs7_Misc {
PKCS7_NONCE_SZ = 16,
MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */
MAX_CONTENT_KEY_LEN = 32, /* highest current cipher is AES-256-CBC */
MAX_CONTENT_IV_SIZE = 16, /* highest current is AES128 */
#ifndef NO_AES
MAX_CONTENT_BLOCK_LEN = AES_BLOCK_SIZE,
#else
MAX_CONTENT_BLOCK_LEN = DES_BLOCK_SIZE,
#endif
MAX_RECIP_SZ = MAX_VERSION_SZ +
MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ,
#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION >= 2)) || defined(HAVE_SELFTEST)
/* In the event of fips cert 3389 or CAVP selftest build, these enums are
* not in aes.h for use with pkcs7 so enumerate it here outside the fips
* boundary */
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
CCM_NONCE_MIN_SZ = 7,
#endif
};
enum Cms_Options {
CMS_SKID = 1,
CMS_ISSUER_AND_SERIAL_NUMBER = 2,
};
#define DEGENERATE_SID 3
/* CMS/PKCS#7 RecipientInfo types, RFC 5652, Section 6.2 */
enum Pkcs7_RecipientInfo_Types {
PKCS7_KTRI = 0,
PKCS7_KARI = 1,
PKCS7_KEKRI = 2,
PKCS7_PWRI = 3,
PKCS7_ORI = 4
};
typedef struct PKCS7Attrib {
const byte* oid;
word32 oidSz;
const byte* value;
word32 valueSz;
} PKCS7Attrib;
typedef struct PKCS7DecodedAttrib {
struct PKCS7DecodedAttrib* next;
byte* oid;
word32 oidSz;
byte* value;
word32 valueSz;
} PKCS7DecodedAttrib;
typedef struct PKCS7State PKCS7State;
typedef struct Pkcs7Cert Pkcs7Cert;
typedef struct Pkcs7EncodedRecip Pkcs7EncodedRecip;
typedef struct PKCS7 PKCS7;
typedef struct PKCS7 PKCS7_SIGNED;
typedef struct PKCS7SignerInfo PKCS7SignerInfo;
/* OtherRecipientInfo decrypt callback prototype */
typedef int (*CallbackOriDecrypt)(PKCS7* pkcs7, byte* oriType, word32 oriTypeSz,
byte* oriValue, word32 oriValueSz,
byte* decryptedKey, word32* decryptedKeySz,
void* ctx);
typedef int (*CallbackOriEncrypt)(PKCS7* pkcs7, byte* cek, word32 cekSz,
byte* oriType, word32* oriTypeSz,
byte* oriValue, word32* oriValueSz,
void* ctx);
typedef int (*CallbackDecryptContent)(PKCS7* pkcs7, int encryptOID,
byte* iv, int ivSz, byte* aad, word32 aadSz,
byte* authTag, word32 authTagSz, byte* in,
int inSz, byte* out, void* ctx);
typedef int (*CallbackWrapCEK)(PKCS7* pkcs7, byte* cek, word32 cekSz,
byte* keyId, word32 keyIdSz,
byte* originKey, word32 originKeySz,
byte* out, word32 outSz,
int keyWrapAlgo, int type, int dir);
/* Public Structure Warning:
* Existing members must not be changed to maintain backwards compatibility!
*/
struct PKCS7 {
WC_RNG* rng;
PKCS7Attrib* signedAttribs;
byte* content; /* inner content, not owner */
byte* contentDynamic; /* content if constructed OCTET_STRING */
byte* singleCert; /* recipient cert, DER, not owner */
const byte* issuer; /* issuer name of singleCert */
byte* privateKey; /* private key, DER, not owner */
void* heap; /* heap hint for dynamic memory */
#ifdef ASN_BER_TO_DER
byte* der; /* DER encoded version of message */
word32 derSz;
#endif
byte* cert[MAX_PKCS7_CERTS];
/* Encrypted-data Content Type */
byte* encryptionKey; /* block cipher encryption key */
PKCS7Attrib* unprotectedAttribs; /* optional */
PKCS7DecodedAttrib* decodedAttrib; /* linked list of decoded attribs */
/* Enveloped-data optional ukm, not owner */
byte* ukm;
word32 ukmSz;
word32 encryptionKeySz; /* size of key buffer, bytes */
word32 unprotectedAttribsSz;
word32 contentSz; /* content size */
word32 singleCertSz; /* size of recipient cert buffer, bytes */
word32 issuerSz; /* length of issuer name */
word32 issuerSnSz; /* length of serial number */
word32 publicKeySz;
word32 publicKeyOID; /* key OID (RSAk, ECDSAk, etc) */
word32 privateKeySz; /* size of private key buffer, bytes */
word32 signedAttribsSz;
int contentOID; /* PKCS#7 content type OID sum */
int hashOID;
int encryptOID; /* key encryption algorithm OID */
int keyWrapOID; /* key wrap algorithm OID */
int keyAgreeOID; /* key agreement algorithm OID */
int devId; /* device ID for HW based private key */
byte issuerHash[KEYID_SIZE]; /* hash of all alt Names */
byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */
byte publicKey[MAX_RSA_INT_SZ + MAX_RSA_E_SZ]; /* MAX RSA key size (m + e)*/
word32 certSz[MAX_PKCS7_CERTS];
/* flags - up to 16-bits */
word16 isDynamic:1;
word16 noDegenerate:1; /* allow degenerate case in verify function */
word16 detached:1; /* generate detached SignedData signature bundles */
byte contentType[MAX_OID_SZ]; /* custom contentType byte array */
word32 contentTypeSz; /* size of contentType, bytes */
int sidType; /* SignerIdentifier type to use, of type
Pkcs7_SignerIdentifier_Types, default to
SID_ISSUER_AND_SERIAL_NUMBER */
byte issuerSubjKeyId[KEYID_SIZE]; /* SubjectKeyIdentifier of singleCert */
Pkcs7Cert* certList; /* certificates list for SignedData set */
Pkcs7EncodedRecip* recipList; /* recipients list */
byte* cek; /* content encryption key, random, dynamic */
word32 cekSz; /* size of cek, bytes */
byte* pass; /* password, for PWRI decryption */
word32 passSz; /* size of pass, bytes */
int kekEncryptOID; /* KEK encryption algorithm OID */
CallbackOriEncrypt oriEncryptCb; /* ORI encrypt callback */
CallbackOriDecrypt oriDecryptCb; /* ORI decrypt callback */
void* oriEncryptCtx; /* ORI encrypt user context ptr */
void* oriDecryptCtx; /* ORI decrypt user context ptr */
PKCS7Attrib* authAttribs; /* authenticated attribs */
word32 authAttribsSz;
PKCS7Attrib* unauthAttribs; /* unauthenticated attribs */
word32 unauthAttribsSz;
#ifndef NO_PKCS7_STREAM
PKCS7State* stream;
#endif
word32 state;
word16 skipDefaultSignedAttribs:1; /* skip adding default signed attribs */
byte version; /* 1 for RFC 2315 and 3 for RFC 4108 */
PKCS7SignerInfo* signerInfo;
CallbackDecryptContent decryptionCb;
CallbackWrapCEK wrapCEKCb;
void* decryptionCtx;
byte* signature;
byte* plainDigest;
byte* pkcs7Digest;
word32 signatureSz;
word32 plainDigestSz;
word32 pkcs7DigestSz;
/* !! NEW DATA MEMBERS MUST BE ADDED AT END !! */
};
WOLFSSL_API PKCS7* wc_PKCS7_New(void* heap, int devId);
WOLFSSL_API int wc_PKCS7_Init(PKCS7* pkcs7, void* heap, int devId);
WOLFSSL_API int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* der, word32 derSz);
WOLFSSL_API int wc_PKCS7_AddCertificate(PKCS7* pkcs7, byte* der, word32 derSz);
WOLFSSL_API void wc_PKCS7_Free(PKCS7* pkcs7);
WOLFSSL_API int wc_PKCS7_GetAttributeValue(PKCS7* pkcs7, const byte* oid,
word32 oidSz, byte* out, word32* outSz);
WOLFSSL_API int wc_PKCS7_SetSignerIdentifierType(PKCS7* pkcs7, int type);
WOLFSSL_API int wc_PKCS7_SetContentType(PKCS7* pkcs7, byte* contentType,
word32 sz);
WOLFSSL_API int wc_PKCS7_GetPadSize(word32 inputSz, word32 blockSz);
WOLFSSL_API int wc_PKCS7_PadData(byte* in, word32 inSz, byte* out, word32 outSz,
word32 blockSz);
/* CMS/PKCS#7 Data */
WOLFSSL_API int wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output,
word32 outputSz);
/* CMS/PKCS#7 SignedData */
WOLFSSL_API int wc_PKCS7_SetDetached(PKCS7* pkcs7, word16 flag);
WOLFSSL_API int wc_PKCS7_NoDefaultSignedAttribs(PKCS7* pkcs7);
WOLFSSL_API int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
WOLFSSL_API int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf,
word32 hashSz, byte* outputHead,
word32* outputHeadSz,
byte* outputFoot,
word32* outputFootSz);
WOLFSSL_API void wc_PKCS7_AllowDegenerate(PKCS7* pkcs7, word16 flag);
WOLFSSL_API int wc_PKCS7_VerifySignedData(PKCS7* pkcs7,
byte* pkiMsg, word32 pkiMsgSz);
WOLFSSL_API int wc_PKCS7_VerifySignedData_ex(PKCS7* pkcs7, const byte* hashBuf,
word32 hashSz, byte* pkiMsgHead,
word32 pkiMsgHeadSz, byte* pkiMsgFoot,
word32 pkiMsgFootSz);
WOLFSSL_API int wc_PKCS7_GetSignerSID(PKCS7* pkcs7, byte* out, word32* outSz);
/* CMS single-shot API for Signed FirmwarePkgData */
WOLFSSL_API int wc_PKCS7_EncodeSignedFPD(PKCS7* pkcs7, byte* privateKey,
word32 privateKeySz, int signOID,
int hashOID, byte* content,
word32 contentSz,
PKCS7Attrib* signedAttribs,
word32 signedAttribsSz, byte* output,
word32 outputSz);
#ifndef NO_PKCS7_ENCRYPTED_DATA
/* CMS single-shot API for Signed Encrypted FirmwarePkgData */
WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedFPD(PKCS7* pkcs7,
byte* encryptKey, word32 encryptKeySz,
byte* privateKey, word32 privateKeySz,
int encryptOID, int signOID,
int hashOID, byte* content,
word32 contentSz,
PKCS7Attrib* unprotectedAttribs,
word32 unprotectedAttribsSz,
PKCS7Attrib* signedAttribs,
word32 signedAttribsSz,
byte* output, word32 outputSz);
#endif /* NO_PKCS7_ENCRYPTED_DATA */
#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
/* CMS single-shot API for Signed Compressed FirmwarePkgData */
WOLFSSL_API int wc_PKCS7_EncodeSignedCompressedFPD(PKCS7* pkcs7,
byte* privateKey, word32 privateKeySz,
int signOID, int hashOID,
byte* content, word32 contentSz,
PKCS7Attrib* signedAttribs,
word32 signedAttribsSz, byte* output,
word32 outputSz);
#ifndef NO_PKCS7_ENCRYPTED_DATA
/* CMS single-shot API for Signed Encrypted Compressed FirmwarePkgData */
WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(PKCS7* pkcs7,
byte* encryptKey, word32 encryptKeySz,
byte* privateKey, word32 privateKeySz,
int encryptOID, int signOID,
int hashOID, byte* content,
word32 contentSz,
PKCS7Attrib* unprotectedAttribs,
word32 unprotectedAttribsSz,
PKCS7Attrib* signedAttribs,
word32 signedAttribsSz,
byte* output, word32 outputSz);
#endif /* !NO_PKCS7_ENCRYPTED_DATA */
#endif /* HAVE_LIBZ && !NO_PKCS7_COMPRESSED_DATA */
/* EnvelopedData and AuthEnvelopedData RecipientInfo functions */
WOLFSSL_API int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert,
word32 certSz, int options);
WOLFSSL_API int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert,
word32 certSz, int keyWrapOID,
int keyAgreeOID, byte* ukm,
word32 ukmSz, int options);
WOLFSSL_API int wc_PKCS7_SetKey(PKCS7* pkcs7, byte* key, word32 keySz);
WOLFSSL_API int wc_PKCS7_AddRecipient_KEKRI(PKCS7* pkcs7, int keyWrapOID,
byte* kek, word32 kekSz,
byte* keyID, word32 keyIdSz,
void* timePtr, byte* otherOID,
word32 otherOIDSz, byte* other,
word32 otherSz, int options);
WOLFSSL_API int wc_PKCS7_SetPassword(PKCS7* pkcs7, byte* passwd, word32 pLen);
WOLFSSL_API int wc_PKCS7_AddRecipient_PWRI(PKCS7* pkcs7, byte* passwd,
word32 pLen, byte* salt,
word32 saltSz, int kdfOID,
int prfOID, int iterations,
int kekEncryptOID, int options);
WOLFSSL_API int wc_PKCS7_SetOriEncryptCtx(PKCS7* pkcs7, void* ctx);
WOLFSSL_API int wc_PKCS7_SetOriDecryptCtx(PKCS7* pkcs7, void* ctx);
WOLFSSL_API int wc_PKCS7_SetOriDecryptCb(PKCS7* pkcs7, CallbackOriDecrypt cb);
WOLFSSL_API int wc_PKCS7_AddRecipient_ORI(PKCS7* pkcs7, CallbackOriEncrypt cb,
int options);
WOLFSSL_API int wc_PKCS7_SetWrapCEKCb(PKCS7* pkcs7,
CallbackWrapCEK wrapCEKCb);
/* CMS/PKCS#7 EnvelopedData */
WOLFSSL_API int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
word32 pkiMsgSz, byte* output,
word32 outputSz);
/* CMS/PKCS#7 AuthEnvelopedData */
WOLFSSL_API int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
word32 pkiMsgSz, byte* output,
word32 outputSz);
/* CMS/PKCS#7 EncryptedData */
#ifndef NO_PKCS7_ENCRYPTED_DATA
WOLFSSL_API int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7,
byte* output, word32 outputSz);
WOLFSSL_API int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg,
word32 pkiMsgSz, byte* output,
word32 outputSz);
WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCb(PKCS7* pkcs7,
CallbackDecryptContent decryptionCb);
WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCtx(PKCS7* pkcs7, void* ctx);
#endif /* NO_PKCS7_ENCRYPTED_DATA */
/* CMS/PKCS#7 CompressedData */
#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
WOLFSSL_API int wc_PKCS7_EncodeCompressedData(PKCS7* pkcs7, byte* output,
word32 outputSz);
WOLFSSL_API int wc_PKCS7_DecodeCompressedData(PKCS7* pkcs7, byte* pkiMsg,
word32 pkiMsgSz, byte* output,
word32 outputSz);
#endif /* HAVE_LIBZ && !NO_PKCS7_COMPRESSED_DATA */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_PKCS7 */
#endif /* WOLF_CRYPT_PKCS7_H */

Some files were not shown because too many files have changed in this diff Show More