Update wolfSSL

This commit is contained in:
wiidev 2023-01-01 17:00:36 +00:00
parent df76e45150
commit 8e2da2585f
182 changed files with 19084 additions and 6027 deletions

View File

@ -1,6 +1,6 @@
/* callbacks.h /* callbacks.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
/* crl.h /* crl.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -34,12 +34,14 @@
extern "C" { extern "C" {
#endif #endif
WOLFSSL_LOCAL int InitCRL(WOLFSSL_CRL*, WOLFSSL_CERT_MANAGER*); WOLFSSL_LOCAL int InitCRL(WOLFSSL_CRL* crl, WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_LOCAL void FreeCRL(WOLFSSL_CRL*, int dynamic); WOLFSSL_LOCAL void FreeCRL(WOLFSSL_CRL* crl, int dynamic);
WOLFSSL_LOCAL int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int mon); WOLFSSL_LOCAL int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type,
WOLFSSL_LOCAL int BufferLoadCRL(WOLFSSL_CRL*, const byte*, long, int, int); int monitor);
WOLFSSL_LOCAL int CheckCertCRL(WOLFSSL_CRL*, DecodedCert*); WOLFSSL_LOCAL int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz,
int type, int verify);
WOLFSSL_LOCAL int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert);
#ifdef __cplusplus #ifdef __cplusplus

View File

@ -1,6 +1,6 @@
/* error-ssl.h /* error-ssl.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -52,7 +52,6 @@ enum wolfSSL_ErrorCodes {
RSA_PRIVATE_ERROR = -318, /* error during rsa priv op */ RSA_PRIVATE_ERROR = -318, /* error during rsa priv op */
NO_DH_PARAMS = -319, /* server missing DH params */ NO_DH_PARAMS = -319, /* server missing DH params */
BUILD_MSG_ERROR = -320, /* build message failure */ BUILD_MSG_ERROR = -320, /* build message failure */
BAD_HELLO = -321, /* client hello malformed */ BAD_HELLO = -321, /* client hello malformed */
DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */ DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */
WANT_READ = -323, /* want read, call again */ WANT_READ = -323, /* want read, call again */
@ -76,10 +75,6 @@ enum wolfSSL_ErrorCodes {
ZERO_RETURN = -343, /* peer sent close notify */ ZERO_RETURN = -343, /* peer sent close notify */
SIDE_ERROR = -344, /* wrong client/server type */ SIDE_ERROR = -344, /* wrong client/server type */
NO_PEER_CERT = -345, /* peer didn't send key */ NO_PEER_CERT = -345, /* peer didn't send key */
NTRU_KEY_ERROR = -346, /* NTRU key error */
NTRU_DRBG_ERROR = -347, /* NTRU drbg error */
NTRU_ENCRYPT_ERROR = -348, /* NTRU encrypt error */
NTRU_DECRYPT_ERROR = -349, /* NTRU decrypt error */
ECC_CURVETYPE_ERROR = -350, /* Bad ECC Curve Type */ ECC_CURVETYPE_ERROR = -350, /* Bad ECC Curve Type */
ECC_CURVE_ERROR = -351, /* Bad ECC Curve */ ECC_CURVE_ERROR = -351, /* Bad ECC Curve */
ECC_PEERKEY_ERROR = -352, /* Bad Peer ECC Key */ ECC_PEERKEY_ERROR = -352, /* Bad Peer ECC Key */
@ -113,6 +108,7 @@ enum wolfSSL_ErrorCodes {
UNKNOWN_SNI_HOST_NAME_E = -381, /* Unrecognized host name Error */ UNKNOWN_SNI_HOST_NAME_E = -381, /* Unrecognized host name Error */
UNKNOWN_MAX_FRAG_LEN_E = -382, /* Unrecognized max frag len Error */ UNKNOWN_MAX_FRAG_LEN_E = -382, /* Unrecognized max frag len Error */
KEYUSE_SIGNATURE_E = -383, /* KeyUse digSignature error */ KEYUSE_SIGNATURE_E = -383, /* KeyUse digSignature error */
KEYUSE_ENCIPHER_E = -385, /* KeyUse keyEncipher error */ KEYUSE_ENCIPHER_E = -385, /* KeyUse keyEncipher error */
EXTKEYUSE_AUTH_E = -386, /* ExtKeyUse server|client_auth */ EXTKEYUSE_AUTH_E = -386, /* ExtKeyUse server|client_auth */
SEND_OOB_READ_E = -387, /* Send Cb out of bounds read */ SEND_OOB_READ_E = -387, /* Send Cb out of bounds read */
@ -171,9 +167,22 @@ enum wolfSSL_ErrorCodes {
NO_CERT_ERROR = -440, /* TLS1.3 - no cert set error */ NO_CERT_ERROR = -440, /* TLS1.3 - no cert set error */
APP_DATA_READY = -441, /* DTLS1.2 application data ready for read */ APP_DATA_READY = -441, /* DTLS1.2 application data ready for read */
TOO_MUCH_EARLY_DATA = -442, /* Too much Early data */ TOO_MUCH_EARLY_DATA = -442, /* Too much Early data */
SOCKET_FILTERED_E = -443, /* Session stopped by network filter */ SOCKET_FILTERED_E = -443, /* Session stopped by network filter */
HTTP_RECV_ERR = -444, /* HTTP Receive error */
HTTP_HEADER_ERR = -445, /* HTTP Header error */
HTTP_PROTO_ERR = -446, /* HTTP Protocol error */
HTTP_STATUS_ERR = -447, /* HTTP Status error */
HTTP_VERSION_ERR = -448, /* HTTP Version error */
HTTP_APPSTR_ERR = -449, /* HTTP Application string error */
UNSUPPORTED_PROTO_VERSION = -450, /* bad/unsupported protocol version*/
FALCON_KEY_SIZE_E = -451, /* Wrong key size for Falcon. */
QUIC_TP_MISSING_E = -452, /* QUIC transport parameter missing */
DILITHIUM_KEY_SIZE_E = -453, /* Wrong key size for Dilithium. */
DTLS_CID_ERROR = -454, /* Wrong or missing CID */
DTLS_TOO_MANY_FRAGMENTS_E = -455, /* Received too many fragments */
QUIC_WRONG_ENC_LEVEL = -456, /* QUIC data received on wrong encryption level */
DUPLICATE_TLS_EXT_E = -457, /* Duplicate TLS extension in msg. */
/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */ /* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */
/* begin negotiation parameter errors */ /* begin negotiation parameter errors */

File diff suppressed because it is too large Load Diff

Binary file not shown.

View File

@ -1,6 +1,6 @@
/* ocsp.h /* ocsp.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -50,12 +50,12 @@ typedef struct OcspRequest WOLFSSL_OCSP_ONEREQ;
typedef struct OcspRequest WOLFSSL_OCSP_REQUEST; typedef struct OcspRequest WOLFSSL_OCSP_REQUEST;
#endif #endif
WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP*, WOLFSSL_CERT_MANAGER*); WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP* ocsp, WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP*, int dynamic); WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP* ocsp, int dynamic);
WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*, WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert,
WOLFSSL_BUFFER_INFO* responseBuffer); WOLFSSL_BUFFER_INFO* responseBuffer);
WOLFSSL_LOCAL int CheckCertOCSP_ex(WOLFSSL_OCSP*, DecodedCert*, WOLFSSL_LOCAL int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert,
WOLFSSL_BUFFER_INFO* responseBuffer, WOLFSSL* ssl); WOLFSSL_BUFFER_INFO* responseBuffer, WOLFSSL* ssl);
WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp, WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp,
OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer); OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer);
@ -103,14 +103,21 @@ WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request,
unsigned char** data); unsigned char** data);
WOLFSSL_API WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req, WOLFSSL_API WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req,
WOLFSSL_OCSP_CERTID *cid); WOLFSSL_OCSP_CERTID *cid);
WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID*); WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(
WOLFSSL_OCSP_CERTID* id);
#ifndef NO_BIO #ifndef NO_BIO
WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out, WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out,
WOLFSSL_OCSP_REQUEST *req); WOLFSSL_OCSP_REQUEST *req);
#endif #endif
WOLFSSL_API int wolfSSL_i2d_OCSP_CERTID(WOLFSSL_OCSP_CERTID *, unsigned char **); WOLFSSL_API int wolfSSL_i2d_OCSP_CERTID(WOLFSSL_OCSP_CERTID* id,
WOLFSSL_API const WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_SINGLERESP_get0_id(const WOLFSSL_OCSP_SINGLERESP *single); unsigned char** data);
WOLFSSL_API
WOLFSSL_OCSP_CERTID* wolfSSL_d2i_OCSP_CERTID(WOLFSSL_OCSP_CERTID** cidOut,
const unsigned char** derIn,
int length);
WOLFSSL_API const WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_SINGLERESP_get0_id(
const WOLFSSL_OCSP_SINGLERESP *single);
WOLFSSL_API int wolfSSL_OCSP_id_cmp(WOLFSSL_OCSP_CERTID *a, WOLFSSL_OCSP_CERTID *b); WOLFSSL_API int wolfSSL_OCSP_id_cmp(WOLFSSL_OCSP_CERTID *a, WOLFSSL_OCSP_CERTID *b);
WOLFSSL_API int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single, WOLFSSL_API int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single,
int *reason, int *reason,
@ -118,7 +125,8 @@ WOLFSSL_API int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single,
WOLFSSL_ASN1_TIME **thisupd, WOLFSSL_ASN1_TIME **thisupd,
WOLFSSL_ASN1_TIME **nextupd); WOLFSSL_ASN1_TIME **nextupd);
WOLFSSL_API int wolfSSL_OCSP_resp_count(WOLFSSL_OCSP_BASICRESP *bs); WOLFSSL_API int wolfSSL_OCSP_resp_count(WOLFSSL_OCSP_BASICRESP *bs);
WOLFSSL_API WOLFSSL_OCSP_SINGLERESP* wolfSSL_OCSP_resp_get0(WOLFSSL_OCSP_BASICRESP *bs, int idx); WOLFSSL_API WOLFSSL_OCSP_SINGLERESP* wolfSSL_OCSP_resp_get0(
WOLFSSL_OCSP_BASICRESP *bs, int idx);
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@ -128,9 +136,9 @@ WOLFSSL_API OcspResponse* wolfSSL_OCSP_response_create(int status,
WOLFSSL_OCSP_BASICRESP* bs); WOLFSSL_OCSP_BASICRESP* bs);
WOLFSSL_API const char* wolfSSL_OCSP_crl_reason_str(long s); WOLFSSL_API const char* wolfSSL_OCSP_crl_reason_str(long s);
WOLFSSL_API int wolfSSL_OCSP_id_get0_info(WOLFSSL_ASN1_STRING**, WOLFSSL_API int wolfSSL_OCSP_id_get0_info(WOLFSSL_ASN1_STRING **name,
WOLFSSL_ASN1_OBJECT**, WOLFSSL_ASN1_STRING**, WOLFSSL_ASN1_OBJECT **pmd, WOLFSSL_ASN1_STRING **keyHash,
WOLFSSL_ASN1_INTEGER**, WOLFSSL_OCSP_CERTID*); WOLFSSL_ASN1_INTEGER **serial, WOLFSSL_OCSP_CERTID *cid);
WOLFSSL_API int wolfSSL_OCSP_request_add1_nonce(OcspRequest* req, WOLFSSL_API int wolfSSL_OCSP_request_add1_nonce(OcspRequest* req,
unsigned char* val, int sz); unsigned char* val, int sz);

View File

@ -1,6 +1,6 @@
/* aes.h /* aes.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -46,24 +46,23 @@ typedef struct WOLFSSL_AES_KEY {
} WOLFSSL_AES_KEY; } WOLFSSL_AES_KEY;
typedef WOLFSSL_AES_KEY AES_KEY; typedef WOLFSSL_AES_KEY AES_KEY;
WOLFSSL_API int wolfSSL_AES_set_encrypt_key WOLFSSL_API int wolfSSL_AES_set_encrypt_key(
(const unsigned char *, const int bits, AES_KEY *); const unsigned char *key, const int bits, AES_KEY *aes);
WOLFSSL_API int wolfSSL_AES_set_decrypt_key WOLFSSL_API int wolfSSL_AES_set_decrypt_key(
(const unsigned char *, const int bits, AES_KEY *); const unsigned char *key, const int bits, AES_KEY *aes);
WOLFSSL_API void wolfSSL_AES_cbc_encrypt WOLFSSL_API void wolfSSL_AES_cbc_encrypt(
(const unsigned char *in, unsigned char* out, size_t len, const unsigned char *in, unsigned char* out, size_t len, AES_KEY *key,
AES_KEY *key, unsigned char* iv, const int enc); unsigned char* iv, const int enc);
WOLFSSL_API void wolfSSL_AES_ecb_encrypt WOLFSSL_API void wolfSSL_AES_ecb_encrypt(
(const unsigned char *in, unsigned char* out, const unsigned char *in, unsigned char* out, AES_KEY *key, const int enc);
AES_KEY *key, const int enc); WOLFSSL_API void wolfSSL_AES_cfb128_encrypt(
WOLFSSL_API void wolfSSL_AES_cfb128_encrypt const unsigned char *in, unsigned char* out, size_t len, AES_KEY *key,
(const unsigned char *in, unsigned char* out, size_t len, unsigned char* iv, int* num, const int enc);
AES_KEY *key, unsigned char* iv, int* num, const int enc); WOLFSSL_API int wolfSSL_AES_wrap_key(
WOLFSSL_API int wolfSSL_AES_wrap_key(AES_KEY *key, const unsigned char *iv, AES_KEY *key, const unsigned char *iv, unsigned char *out,
unsigned char *out,
const unsigned char *in, unsigned int inlen); const unsigned char *in, unsigned int inlen);
WOLFSSL_API int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv, WOLFSSL_API int wolfSSL_AES_unwrap_key(
unsigned char *out, AES_KEY *key, const unsigned char *iv, unsigned char *out,
const unsigned char *in, unsigned int inlen); const unsigned char *in, unsigned int inlen);
#define AES_cbc_encrypt wolfSSL_AES_cbc_encrypt #define AES_cbc_encrypt wolfSSL_AES_cbc_encrypt
@ -75,14 +74,14 @@ WOLFSSL_API int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
#define AES_unwrap_key wolfSSL_AES_unwrap_key #define AES_unwrap_key wolfSSL_AES_unwrap_key
#ifdef WOLFSSL_AES_DIRECT #ifdef WOLFSSL_AES_DIRECT
WOLFSSL_API void wolfSSL_AES_encrypt WOLFSSL_API void wolfSSL_AES_encrypt(
(const unsigned char* input, unsigned char* output, AES_KEY *); const unsigned char* input, unsigned char* output, AES_KEY *key);
WOLFSSL_API void wolfSSL_AES_decrypt WOLFSSL_API void wolfSSL_AES_decrypt(
(const unsigned char* input, unsigned char* output, AES_KEY *); const unsigned char* input, unsigned char* output, AES_KEY *key);
#define AES_encrypt wolfSSL_AES_encrypt #define AES_encrypt wolfSSL_AES_encrypt
#define AES_decrypt wolfSSL_AES_decrypt #define AES_decrypt wolfSSL_AES_decrypt
#endif /* HAVE_AES_DIRECT */ #endif /* WOLFSSL_AES_DIRECT */
#ifndef AES_ENCRYPT #ifndef AES_ENCRYPT
#define AES_ENCRYPT AES_ENCRYPTION #define AES_ENCRYPT AES_ENCRYPTION

View File

@ -1,6 +1,6 @@
/* asn1.h /* asn1.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -30,6 +30,7 @@
#define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new #define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new
#define ASN1_STRING_type wolfSSL_ASN1_STRING_type #define ASN1_STRING_type wolfSSL_ASN1_STRING_type
#define ASN1_STRING_set wolfSSL_ASN1_STRING_set #define ASN1_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_OCTET_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free #define ASN1_STRING_free wolfSSL_ASN1_STRING_free
#define ASN1_get_object wolfSSL_ASN1_get_object #define ASN1_get_object wolfSSL_ASN1_get_object
@ -68,9 +69,11 @@
#define ASN1_UTCTIME_print wolfSSL_ASN1_UTCTIME_print #define ASN1_UTCTIME_print wolfSSL_ASN1_UTCTIME_print
#define ASN1_TIME_check wolfSSL_ASN1_TIME_check #define ASN1_TIME_check wolfSSL_ASN1_TIME_check
#define ASN1_TIME_diff wolfSSL_ASN1_TIME_diff #define ASN1_TIME_diff wolfSSL_ASN1_TIME_diff
#define ASN1_TIME_compare wolfSSL_ASN1_TIME_compare
#define ASN1_TIME_set wolfSSL_ASN1_TIME_set #define ASN1_TIME_set wolfSSL_ASN1_TIME_set
#define V_ASN1_EOC 0 #define V_ASN1_EOC 0
#define V_ASN1_NULL 5
#define V_ASN1_OBJECT 6 #define V_ASN1_OBJECT 6
#define V_ASN1_UTF8STRING 12 #define V_ASN1_UTF8STRING 12
#define V_ASN1_SEQUENCE 16 #define V_ASN1_SEQUENCE 16
@ -92,9 +95,20 @@
#define ASN1_STRING_FLAG_MSTRING 0x040 #define ASN1_STRING_FLAG_MSTRING 0x040
#define ASN1_STRING_FLAG_EMBED 0x080 #define ASN1_STRING_FLAG_EMBED 0x080
/* X.509 PKI size limits from RFC2459 (appendix A) */
/* internally our limit is CTC_NAME_SIZE (64) - overriden with WC_CTC_NAME_SIZE */
#define ub_name CTC_NAME_SIZE /* 32768 */
#define ub_common_name CTC_NAME_SIZE /* 64 */
#define ub_locality_name CTC_NAME_SIZE /* 128 */
#define ub_state_name CTC_NAME_SIZE /* 128 */
#define ub_organization_name CTC_NAME_SIZE /* 64 */
#define ub_organization_unit_name CTC_NAME_SIZE /* 64 */
#define ub_title CTC_NAME_SIZE /* 64 */
#define ub_email_address CTC_NAME_SIZE /* 128 */
WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER( WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER(
const WOLFSSL_BIGNUM*, WOLFSSL_ASN1_INTEGER*); const WOLFSSL_BIGNUM *bn, WOLFSSL_ASN1_INTEGER *ai);
WOLFSSL_API void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value); WOLFSSL_API void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value);
@ -129,11 +143,10 @@ typedef enum {
} WOLFSSL_ASN1_TYPES; } WOLFSSL_ASN1_TYPES;
#define ASN1_SEQUENCE(type) \ #define ASN1_SEQUENCE(type) \
static type __##type##_dummy_struct;\
static const WOLFSSL_ASN1_TEMPLATE type##_member_data[] static const WOLFSSL_ASN1_TEMPLATE type##_member_data[]
#define ASN1_SIMPLE(type, member, member_type) \ #define ASN1_SIMPLE(type, member, member_type) \
{ (char*)&__##type##_dummy_struct.member - (char*)&__##type##_dummy_struct, \ { OFFSETOF(type, member), \
WOLFSSL_##member_type##_ASN1 } WOLFSSL_##member_type##_ASN1 }
#define ASN1_SEQUENCE_END(type) \ #define ASN1_SEQUENCE_END(type) \
@ -151,6 +164,7 @@ WOLFSSL_API int wolfSSL_ASN1_item_i2d(const void *src, byte **dest,
const WOLFSSL_ASN1_ITEM *tpl); const WOLFSSL_ASN1_ITEM *tpl);
/* Need function declaration otherwise compiler complains */ /* Need function declaration otherwise compiler complains */
/* // NOLINTBEGIN(readability-named-parameter) */
#define IMPLEMENT_ASN1_FUNCTIONS(type) \ #define IMPLEMENT_ASN1_FUNCTIONS(type) \
type *type##_new(void); \ type *type##_new(void); \
type *type##_new(void){ \ type *type##_new(void){ \
@ -165,6 +179,7 @@ WOLFSSL_API int wolfSSL_ASN1_item_i2d(const void *src, byte **dest,
{ \ { \
return wolfSSL_ASN1_item_i2d(src, dest, &type##_template_data);\ return wolfSSL_ASN1_item_i2d(src, dest, &type##_template_data);\
} }
/* // NOLINTEND(readability-named-parameter) */
#endif /* OPENSSL_ALL */ #endif /* OPENSSL_ALL */

View File

@ -1,6 +1,6 @@
/* asn1t.h /* asn1t.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* bio.h /* bio.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -25,13 +25,12 @@
#ifndef WOLFSSL_BIO_H_ #ifndef WOLFSSL_BIO_H_
#define WOLFSSL_BIO_H_ #define WOLFSSL_BIO_H_
#include <libs/libwolfssl/openssl/ssl.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define BIO_FLAGS_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL #define BIO_FLAGS_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL
#define BIO_FLAGS_READ WOLFSSL_BIO_FLAG_READ #define BIO_FLAGS_READ WOLFSSL_BIO_FLAG_READ
@ -58,11 +57,13 @@
#define BIO_s_file wolfSSL_BIO_s_file #define BIO_s_file wolfSSL_BIO_s_file
#define BIO_s_bio wolfSSL_BIO_s_bio #define BIO_s_bio wolfSSL_BIO_s_bio
#define BIO_s_socket wolfSSL_BIO_s_socket #define BIO_s_socket wolfSSL_BIO_s_socket
#define BIO_s_accept wolfSSL_BIO_s_socket
#define BIO_set_fd wolfSSL_BIO_set_fd #define BIO_set_fd wolfSSL_BIO_set_fd
#define BIO_set_close wolfSSL_BIO_set_close #define BIO_set_close wolfSSL_BIO_set_close
#define BIO_ctrl_reset_read_request wolfSSL_BIO_ctrl_reset_read_request #define BIO_ctrl_reset_read_request wolfSSL_BIO_ctrl_reset_read_request
#define BIO_set_write_buf_size wolfSSL_BIO_set_write_buf_size #define BIO_set_write_buf_size wolfSSL_BIO_set_write_buf_size
#define BIO_make_bio_pair wolfSSL_BIO_make_bio_pair #define BIO_make_bio_pair wolfSSL_BIO_make_bio_pair
#define BIO_up_ref wolfSSL_BIO_up_ref
#define BIO_new_fd wolfSSL_BIO_new_fd #define BIO_new_fd wolfSSL_BIO_new_fd
#define BIO_set_fp wolfSSL_BIO_set_fp #define BIO_set_fp wolfSSL_BIO_set_fp
@ -109,6 +110,8 @@
#define BIO_get_shutdown wolfSSL_BIO_get_shutdown #define BIO_get_shutdown wolfSSL_BIO_get_shutdown
#define BIO_set_shutdown wolfSSL_BIO_set_shutdown #define BIO_set_shutdown wolfSSL_BIO_set_shutdown
#define BIO_get_fd wolfSSL_BIO_get_fd
#define BIO_clear_flags wolfSSL_BIO_clear_flags #define BIO_clear_flags wolfSSL_BIO_clear_flags
#define BIO_set_ex_data wolfSSL_BIO_set_ex_data #define BIO_set_ex_data wolfSSL_BIO_set_ex_data
#define BIO_get_ex_data wolfSSL_BIO_get_ex_data #define BIO_get_ex_data wolfSSL_BIO_get_ex_data
@ -138,6 +141,8 @@
#define BIO_CTRL_RESET 1 #define BIO_CTRL_RESET 1
#define BIO_CTRL_EOF 2 #define BIO_CTRL_EOF 2
#define BIO_CTRL_INFO 3 #define BIO_CTRL_INFO 3
#define BIO_CTRL_SET 4
#define BIO_CTRL_GET 5
#define BIO_CTRL_PUSH 6 #define BIO_CTRL_PUSH 6
#define BIO_CTRL_POP 7 #define BIO_CTRL_POP 7
#define BIO_CTRL_GET_CLOSE 8 #define BIO_CTRL_GET_CLOSE 8
@ -165,11 +170,11 @@
#define BIO_FP_WRITE 0x04 #define BIO_FP_WRITE 0x04
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif
#endif /* WOLFSSL_BIO_H_ */ #endif /* WOLFSSL_BIO_H_ */

View File

@ -1,6 +1,6 @@
/* bn.h /* bn.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -47,92 +47,137 @@ typedef struct WOLFSSL_BIGNUM {
#endif #endif
} WOLFSSL_BIGNUM; } WOLFSSL_BIGNUM;
#define BN_ULONG WOLFSSL_BN_ULONG
#define WOLFSSL_BN_ULONG unsigned long #define WOLFSSL_BN_ULONG unsigned long
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define BN_ULONG WOLFSSL_BN_ULONG
#endif
#ifndef WOLFSSL_MAX_BN_BITS
#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_MATH)
/* SP implementation supports numbers of SP_INT_BITS bits. */
#define WOLFSSL_MAX_BN_BITS SP_INT_BITS
#elif defined(USE_FAST_MATH)
/* FP implementation support numbers up to FP_MAX_BITS / 2 bits. */
#define WOLFSSL_MAX_BN_BITS (FP_MAX_BITS / 2)
#else
#ifdef WOLFSSL_MYSQL_COMPATIBLE
/* Integer maths is dynamic but we only go up to 8192 bits. */
#define WOLFSSL_MAX_BN_BITS 8192
#else
/* Integer maths is dynamic but we only go up to 4096 bits. */
#define WOLFSSL_MAX_BN_BITS 4096
#endif
#endif
#endif
typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX; typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
typedef struct WOLFSSL_BN_GENCB WOLFSSL_BN_GENCB; typedef struct WOLFSSL_BN_GENCB WOLFSSL_BN_GENCB;
WOLFSSL_API WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void); WOLFSSL_API WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void);
WOLFSSL_API void wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX*); WOLFSSL_API void wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX* ctx);
WOLFSSL_API void wolfSSL_BN_CTX_free(WOLFSSL_BN_CTX*); WOLFSSL_API void wolfSSL_BN_CTX_free(WOLFSSL_BN_CTX* ctx);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_new(void); WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_new(void);
#if defined(USE_FAST_MATH) && !defined(HAVE_WOLF_BIGINT) #if defined(USE_FAST_MATH) && !defined(HAVE_WOLF_BIGINT)
WOLFSSL_API void wolfSSL_BN_init(WOLFSSL_BIGNUM *); WOLFSSL_API void wolfSSL_BN_init(WOLFSSL_BIGNUM* bn);
#endif #endif
WOLFSSL_API void wolfSSL_BN_free(WOLFSSL_BIGNUM*); WOLFSSL_API void wolfSSL_BN_free(WOLFSSL_BIGNUM* bn);
WOLFSSL_API void wolfSSL_BN_clear_free(WOLFSSL_BIGNUM*); WOLFSSL_API void wolfSSL_BN_clear_free(WOLFSSL_BIGNUM* bn);
WOLFSSL_API void wolfSSL_BN_clear(WOLFSSL_BIGNUM*); WOLFSSL_API void wolfSSL_BN_clear(WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_sub(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, WOLFSSL_API int wolfSSL_BN_sub(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* a,
const WOLFSSL_BIGNUM*); const WOLFSSL_BIGNUM* b);
WOLFSSL_API int wolfSSL_BN_mod(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, WOLFSSL_API int wolfSSL_BN_mul(WOLFSSL_BIGNUM *r, WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM*, const WOLFSSL_BN_CTX*); WOLFSSL_BIGNUM *b, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API int wolfSSL_BN_div(WOLFSSL_BIGNUM* dv, WOLFSSL_BIGNUM* rem,
const WOLFSSL_BIGNUM* a, const WOLFSSL_BIGNUM* d,
WOLFSSL_BN_CTX* ctx);
#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
WOLFSSL_API int wolfSSL_BN_gcd(WOLFSSL_BIGNUM* r, WOLFSSL_BIGNUM* a,
WOLFSSL_BIGNUM* b, WOLFSSL_BN_CTX* ctx);
#endif
WOLFSSL_API int wolfSSL_BN_mod(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* a,
const WOLFSSL_BIGNUM* b, const WOLFSSL_BN_CTX* c);
WOLFSSL_API int wolfSSL_BN_mod_exp(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a, WOLFSSL_API int wolfSSL_BN_mod_exp(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx); const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API int wolfSSL_BN_mod_mul(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a, WOLFSSL_API int wolfSSL_BN_mod_mul(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *b, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx); const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API const WOLFSSL_BIGNUM* wolfSSL_BN_value_one(void); WOLFSSL_API const WOLFSSL_BIGNUM* wolfSSL_BN_value_one(void);
WOLFSSL_API int wolfSSL_BN_num_bytes(const WOLFSSL_BIGNUM*); WOLFSSL_API int wolfSSL_BN_num_bytes(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_num_bits(const WOLFSSL_BIGNUM*); WOLFSSL_API int wolfSSL_BN_num_bits(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_zero(const WOLFSSL_BIGNUM*); WOLFSSL_API void wolfSSL_BN_zero(WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_one(const WOLFSSL_BIGNUM*); WOLFSSL_API int wolfSSL_BN_one(WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM*); WOLFSSL_API int wolfSSL_BN_is_zero(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_negative(const WOLFSSL_BIGNUM*); WOLFSSL_API int wolfSSL_BN_is_one(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG); WOLFSSL_API int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_negative(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w);
WOLFSSL_API int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*); WOLFSSL_API int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM* a, const WOLFSSL_BIGNUM* b);
WOLFSSL_API int wolfSSL_BN_bn2bin(const WOLFSSL_BIGNUM*, unsigned char*); WOLFSSL_API int wolfSSL_BN_bn2bin(const WOLFSSL_BIGNUM* bn, unsigned char* r);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char*, int len, WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char* str, int len,
WOLFSSL_BIGNUM* ret); WOLFSSL_BIGNUM* ret);
WOLFSSL_API int wolfSSL_mask_bits(WOLFSSL_BIGNUM*, int n); WOLFSSL_API int wolfSSL_mask_bits(WOLFSSL_BIGNUM* bn, int n);
WOLFSSL_API int wolfSSL_BN_pseudo_rand(WOLFSSL_BIGNUM*, int bits, int top, WOLFSSL_API int wolfSSL_BN_pseudo_rand(WOLFSSL_BIGNUM* bn, int bits, int top,
int bottom); int bottom);
WOLFSSL_API int wolfSSL_BN_rand(WOLFSSL_BIGNUM*, int bits, int top, int bottom); WOLFSSL_API int wolfSSL_BN_rand_range(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *range);
WOLFSSL_API int wolfSSL_BN_is_bit_set(const WOLFSSL_BIGNUM*, int n); WOLFSSL_API int wolfSSL_BN_rand(WOLFSSL_BIGNUM* bn, int bits, int top, int bottom);
WOLFSSL_API int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM**, const char* str); WOLFSSL_API int wolfSSL_BN_is_bit_set(const WOLFSSL_BIGNUM* bn, int n);
WOLFSSL_API int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM** bn, const char* str);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_dup(const WOLFSSL_BIGNUM*); WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_dup(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM*, WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM* r,
const WOLFSSL_BIGNUM*); const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM**, const char* str); WOLFSSL_API int wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM** bn, const char* str);
WOLFSSL_API char* wolfSSL_BN_bn2dec(const WOLFSSL_BIGNUM*); WOLFSSL_API char* wolfSSL_BN_bn2dec(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_lshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int); WOLFSSL_API int wolfSSL_BN_lshift(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* bn,
WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG); int n);
WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM*, int); WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w);
WOLFSSL_API int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM*, int); WOLFSSL_API int wolfSSL_BN_sub_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w);
WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG); WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM* bn, int n);
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*); WOLFSSL_API int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM* bn, int n);
WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w);
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_get_word(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM* r, WOLFSSL_BIGNUM* a,
WOLFSSL_BIGNUM*); WOLFSSL_BIGNUM* b);
WOLFSSL_API int wolfSSL_BN_mod_add(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a, WOLFSSL_API int wolfSSL_BN_mod_add(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *b, const WOLFSSL_BIGNUM *m, const WOLFSSL_BIGNUM *b, const WOLFSSL_BIGNUM *m,
WOLFSSL_BN_CTX *ctx); WOLFSSL_BN_CTX *ctx);
WOLFSSL_API char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM*); WOLFSSL_API char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM*, int, #if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || !defined(NO_DSA))
WOLFSSL_BN_CTX*, WOLFSSL_BN_GENCB*); WOLFSSL_API int wolfSSL_BN_generate_prime_ex(
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM* prime, int bits, int safe, const WOLFSSL_BIGNUM* add,
WOLFSSL_BN_ULONG); const WOLFSSL_BIGNUM* rem, WOLFSSL_BN_GENCB* cb);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) WOLFSSL_API int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM *bn, int nbchecks,
WOLFSSL_API int wolfSSL_BN_print_fp(XFILE, const WOLFSSL_BIGNUM*); WOLFSSL_BN_CTX *ctx, WOLFSSL_BN_GENCB *cb);
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM *bn,
WOLFSSL_BN_ULONG w);
#endif #endif
WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int); #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_BN_print_fp(XFILE fp, const WOLFSSL_BIGNUM *bn);
#endif
WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *bn,
int n);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx); WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx);
WOLFSSL_API void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx); WOLFSSL_API void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(
const WOLFSSL_BIGNUM*, WOLFSSL_BN_CTX *ctx); WOLFSSL_BIGNUM *r,
WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *n,
WOLFSSL_BN_CTX *ctx);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_BIGNUM BIGNUM; typedef WOLFSSL_BIGNUM BIGNUM;
typedef WOLFSSL_BN_CTX BN_CTX; typedef WOLFSSL_BN_CTX BN_CTX;
@ -151,6 +196,8 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_num_bytes wolfSSL_BN_num_bytes #define BN_num_bytes wolfSSL_BN_num_bytes
#define BN_num_bits wolfSSL_BN_num_bits #define BN_num_bits wolfSSL_BN_num_bits
#define BN_zero wolfSSL_BN_zero
#define BN_one wolfSSL_BN_one
#define BN_is_zero wolfSSL_BN_is_zero #define BN_is_zero wolfSSL_BN_is_zero
#define BN_is_one wolfSSL_BN_is_one #define BN_is_one wolfSSL_BN_is_one
#define BN_is_odd wolfSSL_BN_is_odd #define BN_is_odd wolfSSL_BN_is_odd
@ -166,12 +213,16 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_mod_exp wolfSSL_BN_mod_exp #define BN_mod_exp wolfSSL_BN_mod_exp
#define BN_mod_mul wolfSSL_BN_mod_mul #define BN_mod_mul wolfSSL_BN_mod_mul
#define BN_sub wolfSSL_BN_sub #define BN_sub wolfSSL_BN_sub
#define BN_mul wolfSSL_BN_mul
#define BN_div wolfSSL_BN_div
#define BN_gcd wolfSSL_BN_gcd
#define BN_value_one wolfSSL_BN_value_one #define BN_value_one wolfSSL_BN_value_one
#define BN_mask_bits wolfSSL_mask_bits #define BN_mask_bits wolfSSL_mask_bits
#define BN_pseudo_rand wolfSSL_BN_pseudo_rand #define BN_pseudo_rand wolfSSL_BN_pseudo_rand
#define BN_rand wolfSSL_BN_rand #define BN_rand wolfSSL_BN_rand
#define BN_rand_range wolfSSL_BN_rand_range
#define BN_is_bit_set wolfSSL_BN_is_bit_set #define BN_is_bit_set wolfSSL_BN_is_bit_set
#define BN_hex2bn wolfSSL_BN_hex2bn #define BN_hex2bn wolfSSL_BN_hex2bn
@ -187,16 +238,18 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_lshift wolfSSL_BN_lshift #define BN_lshift wolfSSL_BN_lshift
#define BN_add_word wolfSSL_BN_add_word #define BN_add_word wolfSSL_BN_add_word
#define BN_sub_word wolfSSL_BN_sub_word
#define BN_add wolfSSL_BN_add #define BN_add wolfSSL_BN_add
#define BN_mod_add wolfSSL_BN_mod_add #define BN_mod_add wolfSSL_BN_mod_add
#define BN_set_word wolfSSL_BN_set_word #define BN_set_word wolfSSL_BN_set_word
#define BN_set_bit wolfSSL_BN_set_bit #define BN_set_bit wolfSSL_BN_set_bit
#define BN_clear_bit wolfSSL_BN_clear_bit #define BN_clear_bit wolfSSL_BN_clear_bit
#define BN_generate_prime_ex wolfSSL_BN_generate_prime_ex
#define BN_is_prime_ex wolfSSL_BN_is_prime_ex #define BN_is_prime_ex wolfSSL_BN_is_prime_ex
#define BN_print_fp wolfSSL_BN_print_fp #define BN_print_fp wolfSSL_BN_print_fp
#define BN_rshift wolfSSL_BN_rshift #define BN_rshift wolfSSL_BN_rshift
#define BN_rshift1(r, a) wolfSSL_BN_rshift((r), (a), 1)
#define BN_mod_word wolfSSL_BN_mod_word #define BN_mod_word wolfSSL_BN_mod_word
#define BN_CTX_get wolfSSL_BN_CTX_get #define BN_CTX_get wolfSSL_BN_CTX_get
@ -217,6 +270,10 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_get_rfc3526_prime_8192 wolfSSL_DH_8192_prime #define BN_get_rfc3526_prime_8192 wolfSSL_DH_8192_prime
#endif #endif
#define BN_prime_checks 0
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

View File

@ -1,6 +1,6 @@
/* buffer.h /* buffer.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -33,9 +33,10 @@
WOLFSSL_API WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void); WOLFSSL_API WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void);
WOLFSSL_API int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len); WOLFSSL_API int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len);
WOLFSSL_API int wolfSSL_BUF_MEM_grow_ex(WOLFSSL_BUF_MEM* buf, size_t len,
char zeroFill);
WOLFSSL_API int wolfSSL_BUF_MEM_resize(WOLFSSL_BUF_MEM* buf, size_t len);
WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf); WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf);
WOLFSSL_API size_t wolfSSL_strlcpy(char *dst, const char *src, size_t dstSize);
WOLFSSL_API size_t wolfSSL_strlcat(char *dst, const char *src, size_t dstSize);
#define BUF_MEM_new wolfSSL_BUF_MEM_new #define BUF_MEM_new wolfSSL_BUF_MEM_new
@ -43,8 +44,8 @@ WOLFSSL_API size_t wolfSSL_strlcat(char *dst, const char *src, size_t dstSize);
#define BUF_MEM_free wolfSSL_BUF_MEM_free #define BUF_MEM_free wolfSSL_BUF_MEM_free
#define BUF_strdup strdup #define BUF_strdup strdup
#define BUF_strlcpy wolfSSL_strlcpy #define BUF_strlcpy wc_strlcpy
#define BUF_strlcat wolfSSL_strlcat #define BUF_strlcat wc_strlcat
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

View File

@ -0,0 +1,27 @@
/* camellia.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_CAMELLIA_H_
#define WOLFSSL_CAMELLIA_H_
#include <libs/libwolfssl/wolfcrypt/camellia.h>
#endif /* WOLFSSL_CAMELLIA_H_ */

View File

@ -0,0 +1,61 @@
/* cmac.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_CMAC_H_
#define WOLFSSL_CMAC_H_
#include <libs/libwolfssl/wolfcrypt/cmac.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct WOLFSSL_CMAC_CTX {
void* internal; /* internal Cmac object */
WOLFSSL_EVP_CIPHER_CTX* cctx;
} WOLFSSL_CMAC_CTX;
typedef WOLFSSL_CMAC_CTX CMAC_CTX;
WOLFSSL_API WOLFSSL_CMAC_CTX* wolfSSL_CMAC_CTX_new(void);
WOLFSSL_API void wolfSSL_CMAC_CTX_free(WOLFSSL_CMAC_CTX *ctx);
WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX* wolfSSL_CMAC_CTX_get0_cipher_ctx(
WOLFSSL_CMAC_CTX* ctx);
WOLFSSL_API int wolfSSL_CMAC_Init(
WOLFSSL_CMAC_CTX* ctx, const void *key, size_t keyLen,
const WOLFSSL_EVP_CIPHER* cipher, WOLFSSL_ENGINE* engine);
WOLFSSL_API int wolfSSL_CMAC_Update(
WOLFSSL_CMAC_CTX* ctx, const void* data, size_t len);
WOLFSSL_API int wolfSSL_CMAC_Final(
WOLFSSL_CMAC_CTX* ctx, unsigned char* out, size_t* len);
#define CMAC_CTX_new wolfSSL_CMAC_CTX_new
#define CMAC_CTX_free wolfSSL_CMAC_CTX_free
#define CMAC_CTX_get0_cipher_ctx wolfSSL_CMAC_CTX_get0_cipher_ctx
#define CMAC_Init wolfSSL_CMAC_Init
#define CMAC_Update wolfSSL_CMAC_Update
#define CMAC_Final wolfSSL_CMAC_Final
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_CMAC_H_ */

View File

@ -0,0 +1,66 @@
/* compat_types.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*
* Move types that cause cyclical dependency errors here.
*/
#ifndef WOLFSSL_OPENSSL_COMPAT_TYPES_H_
#define WOLFSSL_OPENSSL_COMPAT_TYPES_H_
#include <libs/libwolfssl/wolfcrypt/settings.h>
#include <libs/libwolfssl/wolfcrypt/types.h>
#include <libs/libwolfssl/wolfcrypt/hmac.h>
#ifndef NO_HMAC
typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac;
int type;
word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
} WOLFSSL_HMAC_CTX;
#endif
typedef char WOLFSSL_EVP_MD;
typedef char WOLFSSL_EVP_CIPHER;
typedef int WOLFSSL_ENGINE;
typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY;
typedef struct WOLFSSL_EVP_MD_CTX WOLFSSL_EVP_MD_CTX;
typedef struct WOLFSSL_EVP_PKEY WOLFSSL_PKCS8_PRIV_KEY_INFO;
typedef struct WOLFSSL_EVP_PKEY_CTX WOLFSSL_EVP_PKEY_CTX;
typedef struct WOLFSSL_EVP_CIPHER_CTX WOLFSSL_EVP_CIPHER_CTX;
typedef struct WOLFSSL_ASN1_PCTX WOLFSSL_ASN1_PCTX;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_EVP_MD EVP_MD;
typedef WOLFSSL_EVP_MD_CTX EVP_MD_CTX;
typedef WOLFSSL_EVP_CIPHER EVP_CIPHER;
typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
typedef WOLFSSL_ENGINE ENGINE;
typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX;
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFSSL_OPENSSL_COMPAT_TYPES_H_ */

View File

@ -1,6 +1,6 @@
/* conf.h /* conf.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* crypto.h /* crypto.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -47,12 +47,19 @@ typedef void (CRYPTO_free_func)(void* parent, void* ptr, CRYPTO_EX_DATA* ad, int
#include "prefix_crypto.h" #include "prefix_crypto.h"
#endif #endif
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API const char* wolfSSLeay_version(int type); WOLFSSL_API const char* wolfSSLeay_version(int type);
WOLFSSL_API unsigned long wolfSSLeay(void); WOLFSSL_API unsigned long wolfSSLeay(void);
WOLFSSL_API unsigned long wolfSSL_OpenSSL_version_num(void); WOLFSSL_API unsigned long wolfSSL_OpenSSL_version_num(void);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_API void wolfSSL_OPENSSL_free(void* p);
#endif
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a); WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
WOLFSSL_API int wolfSSL_OPENSSL_hexchar2int(unsigned char c); WOLFSSL_API int wolfSSL_OPENSSL_hexchar2int(unsigned char c);
WOLFSSL_API unsigned char *wolfSSL_OPENSSL_hexstr2buf(const char *str, long *len); WOLFSSL_API unsigned char *wolfSSL_OPENSSL_hexstr2buf(const char *str, long *len);
@ -60,6 +67,25 @@ WOLFSSL_API unsigned char *wolfSSL_OPENSSL_hexstr2buf(const char *str, long *len
WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETTINGS *settings); WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETTINGS *settings);
#endif #endif
/* class index for wolfSSL_CRYPTO_get_ex_new_index */
#define CRYPTO_EX_INDEX_SSL WOLF_CRYPTO_EX_INDEX_SSL
#define CRYPTO_EX_INDEX_SSL_CTX WOLF_CRYPTO_EX_INDEX_SSL_CTX
#define CRYPTO_EX_INDEX_SSL_SESSION WOLF_CRYPTO_EX_INDEX_SSL_SESSION
#define CRYPTO_EX_INDEX_X509 WOLF_CRYPTO_EX_INDEX_X509
#define CRYPTO_EX_INDEX_X509_STORE WOLF_CRYPTO_EX_INDEX_X509_STORE
#define CRYPTO_EX_INDEX_X509_STORE_CTX WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX
#define CRYPTO_EX_INDEX_DH WOLF_CRYPTO_EX_INDEX_DH
#define CRYPTO_EX_INDEX_DSA WOLF_CRYPTO_EX_INDEX_DSA
#define CRYPTO_EX_INDEX_EC_KEY WOLF_CRYPTO_EX_INDEX_EC_KEY
#define CRYPTO_EX_INDEX_RSA WOLF_CRYPTO_EX_INDEX_RSA
#define CRYPTO_EX_INDEX_ENGINE WOLF_CRYPTO_EX_INDEX_ENGINE
#define CRYPTO_EX_INDEX_UI WOLF_CRYPTO_EX_INDEX_UI
#define CRYPTO_EX_INDEX_BIO WOLF_CRYPTO_EX_INDEX_BIO
#define CRYPTO_EX_INDEX_APP WOLF_CRYPTO_EX_INDEX_APP
#define CRYPTO_EX_INDEX_UI_METHOD WOLF_CRYPTO_EX_INDEX_UI_METHOD
#define CRYPTO_EX_INDEX_DRBG WOLF_CRYPTO_EX_INDEX_DRBG
#define CRYPTO_EX_INDEX__COUNT WOLF_CRYPTO_EX_INDEX__COUNT
#define crypto_threadid_st WOLFSSL_CRYPTO_THREADID #define crypto_threadid_st WOLFSSL_CRYPTO_THREADID
#define CRYPTO_THREADID WOLFSSL_CRYPTO_THREADID #define CRYPTO_THREADID WOLFSSL_CRYPTO_THREADID
@ -126,4 +152,8 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETT
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_EX_DATA */ #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_EX_DATA */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */ #endif /* header */

View File

@ -1,6 +1,6 @@
/* des.h /* des.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -62,8 +62,8 @@ WOLFSSL_API int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
WOLFSSL_DES_key_schedule* key); WOLFSSL_DES_key_schedule* key);
WOLFSSL_API int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes, WOLFSSL_API int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
WOLFSSL_DES_key_schedule* key); WOLFSSL_DES_key_schedule* key);
WOLFSSL_API void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock*, WOLFSSL_API void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes,
WOLFSSL_DES_key_schedule*); WOLFSSL_DES_key_schedule* key);
WOLFSSL_API int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key, WOLFSSL_API int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key,
WOLFSSL_DES_key_schedule* schedule); WOLFSSL_DES_key_schedule* schedule);
WOLFSSL_API void wolfSSL_DES_cbc_encrypt(const unsigned char* input, WOLFSSL_API void wolfSSL_DES_cbc_encrypt(const unsigned char* input,
@ -81,10 +81,10 @@ WOLFSSL_API void wolfSSL_DES_ncbc_encrypt(const unsigned char* input,
WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_key_schedule* schedule,
WOLFSSL_DES_cblock* ivec, int enc); WOLFSSL_DES_cblock* ivec, int enc);
WOLFSSL_API void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock*); WOLFSSL_API void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes);
WOLFSSL_API void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock*, WOLFSSL_DES_cblock*, WOLFSSL_API void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* desa,
WOLFSSL_DES_key_schedule*, int); WOLFSSL_DES_cblock* desb, WOLFSSL_DES_key_schedule* key, int enc);
WOLFSSL_API int wolfSSL_DES_check_key_parity(WOLFSSL_DES_cblock*); WOLFSSL_API int wolfSSL_DES_check_key_parity(WOLFSSL_DES_cblock *myDes);
typedef WOLFSSL_DES_cblock DES_cblock; typedef WOLFSSL_DES_cblock DES_cblock;

View File

@ -1,6 +1,6 @@
/* dh.h /* dh.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -37,8 +37,6 @@ typedef struct WOLFSSL_DH WOLFSSL_DH;
#define WOLFSSL_DH_TYPE_DEFINED #define WOLFSSL_DH_TYPE_DEFINED
#endif #endif
typedef WOLFSSL_DH DH;
struct WOLFSSL_DH { struct WOLFSSL_DH {
WOLFSSL_BIGNUM* p; WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* g; WOLFSSL_BIGNUM* g;
@ -52,26 +50,39 @@ struct WOLFSSL_DH {
* lighttpd src code. * lighttpd src code.
*/ */
int length; int length;
wolfSSL_Ref ref; /* Reference count information. */
}; };
WOLFSSL_API WOLFSSL_DH *wolfSSL_d2i_DHparams(WOLFSSL_DH **dh, WOLFSSL_API WOLFSSL_DH *wolfSSL_d2i_DHparams(WOLFSSL_DH **dh,
const unsigned char **pp, long length); const unsigned char **pp, long length);
WOLFSSL_API int wolfSSL_i2d_DHparams(const WOLFSSL_DH *dh, unsigned char **out); WOLFSSL_API int wolfSSL_i2d_DHparams(const WOLFSSL_DH *dh, unsigned char **out);
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new(void); WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new(void);
WOLFSSL_API void wolfSSL_DH_free(WOLFSSL_DH*); WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new_by_nid(int nid);
WOLFSSL_API void wolfSSL_DH_free(WOLFSSL_DH* dh);
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_dup(WOLFSSL_DH* dh); WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_dup(WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_up_ref(WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_check(const WOLFSSL_DH *dh, int *codes); WOLFSSL_API int wolfSSL_DH_check(const WOLFSSL_DH *dh, int *codes);
WOLFSSL_API int wolfSSL_DH_size(WOLFSSL_DH*); WOLFSSL_API int wolfSSL_DH_size(WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_generate_key(WOLFSSL_DH*); WOLFSSL_API int wolfSSL_DH_generate_key(WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* pub, WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* pub,
WOLFSSL_DH*); WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH* dh, const unsigned char* derBuf,
WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*, int derSz);
WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*); WOLFSSL_API int wolfSSL_DH_set_length(WOLFSSL_DH* dh, long len);
WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH *dh, WOLFSSL_BIGNUM *p,
WOLFSSL_BIGNUM *q, WOLFSSL_BIGNUM *g);
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_get_2048_256(void);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_DH DH;
#define DH_new wolfSSL_DH_new #define DH_new wolfSSL_DH_new
#define DH_free wolfSSL_DH_free #define DH_free wolfSSL_DH_free
#define DH_up_ref wolfSSL_DH_up_ref
#define DH_new_by_nid wolfSSL_DH_new_by_nid
#define d2i_DHparams wolfSSL_d2i_DHparams #define d2i_DHparams wolfSSL_d2i_DHparams
#define i2d_DHparams wolfSSL_i2d_DHparams #define i2d_DHparams wolfSSL_i2d_DHparams
@ -80,11 +91,12 @@ WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*,
#define DH_size wolfSSL_DH_size #define DH_size wolfSSL_DH_size
#define DH_generate_key wolfSSL_DH_generate_key #define DH_generate_key wolfSSL_DH_generate_key
#define DH_compute_key wolfSSL_DH_compute_key #define DH_compute_key wolfSSL_DH_compute_key
#define DH_set_length wolfSSL_DH_set_length
#define DH_set0_pqg wolfSSL_DH_set0_pqg #define DH_set0_pqg wolfSSL_DH_set0_pqg
#define DH_get0_pqg wolfSSL_DH_get0_pqg #define DH_get0_pqg wolfSSL_DH_get0_pqg
#define DH_get0_key wolfSSL_DH_get0_key #define DH_get0_key wolfSSL_DH_get0_key
#define DH_set0_key wolfSSL_DH_set0_key #define DH_set0_key wolfSSL_DH_set0_key
#define DH_bits(x) (BN_num_bits(x->p)) #define DH_bits(x) (BN_num_bits((x)->p))
#define DH_GENERATOR_2 2 #define DH_GENERATOR_2 2
#define DH_CHECK_P_NOT_PRIME 0x01 #define DH_CHECK_P_NOT_PRIME 0x01
@ -106,13 +118,20 @@ WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*,
#define get_rfc3526_prime_6144 wolfSSL_DH_6144_prime #define get_rfc3526_prime_6144 wolfSSL_DH_6144_prime
#define get_rfc3526_prime_8192 wolfSSL_DH_8192_prime #define get_rfc3526_prime_8192 wolfSSL_DH_8192_prime
#ifdef __cplusplus #define DH_get_2048_256 wolfSSL_DH_get_2048_256
} /* extern "C" */
#endif
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL)
#define DH_generate_parameters wolfSSL_DH_generate_parameters #define DH_generate_parameters wolfSSL_DH_generate_parameters
#define DH_generate_parameters_ex wolfSSL_DH_generate_parameters_ex #define DH_generate_parameters_ex wolfSSL_DH_generate_parameters_ex
#endif /* OPENSSL_ALL || HAVE_STUNNEL */ #endif /* OPENSSL_ALL || HAVE_STUNNEL */
#define DH_GENERATOR_2 2
#define DH_GENERATOR_5 5
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_DH_H_ */ #endif /* WOLFSSL_DH_H_ */

View File

@ -1,6 +1,6 @@
/* dsa.h /* dsa.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -41,8 +41,6 @@ typedef struct WOLFSSL_DSA WOLFSSL_DSA;
#define WOLFSSL_DSA_TYPE_DEFINED #define WOLFSSL_DSA_TYPE_DEFINED
#endif #endif
typedef WOLFSSL_DSA DSA;
struct WOLFSSL_DSA { struct WOLFSSL_DSA {
WOLFSSL_BIGNUM* p; WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* q; WOLFSSL_BIGNUM* q;
@ -56,15 +54,18 @@ struct WOLFSSL_DSA {
WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_new(void); WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_new(void);
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA*); WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA* dsa);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_DSA_print_fp(XFILE fp, WOLFSSL_DSA* dsa, int indent);
#endif /* !NO_FILESYSTEM && NO_STDIO_FILESYSTEM */
WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA*); WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA* dsa);
typedef void (*WOLFSSL_BN_CB)(int i, int j, void* exArg); typedef void (*WOLFSSL_BN_CB)(int i, int j, void* exArg);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_generate_parameters(int bits, WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_generate_parameters(int bits,
unsigned char* seed, int seedLen, int* counterRet, unsigned char* seed, int seedLen, int* counterRet,
unsigned long* hRet, WOLFSSL_BN_CB cb, void* CBArg); unsigned long* hRet, WOLFSSL_BN_CB cb, void* CBArg);
WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits, WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA* dsa, int bits,
unsigned char* seed, int seedLen, int* counterRet, unsigned char* seed, int seedLen, int* counterRet,
unsigned long* hRet, void* cb); unsigned long* hRet, void* cb);
@ -79,17 +80,17 @@ WOLFSSL_API int wolfSSL_DSA_set0_key(WOLFSSL_DSA *d, WOLFSSL_BIGNUM *pub_key,
WOLFSSL_BIGNUM *priv_key); WOLFSSL_BIGNUM *priv_key);
WOLFSSL_API int wolfSSL_DSA_LoadDer(WOLFSSL_DSA*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_DSA_LoadDer(
WOLFSSL_DSA* dsa, const unsigned char* derBuf, int derSz);
WOLFSSL_API int wolfSSL_DSA_LoadDer_ex(WOLFSSL_DSA*, const unsigned char*, WOLFSSL_API int wolfSSL_DSA_LoadDer_ex(
int sz, int opt); WOLFSSL_DSA* dsa, const unsigned char* derBuf, int derSz, int opt);
WOLFSSL_API int wolfSSL_DSA_do_sign(const unsigned char* d, WOLFSSL_API int wolfSSL_DSA_do_sign(
unsigned char* sigRet, WOLFSSL_DSA* dsa); const unsigned char* d, unsigned char* sigRet, WOLFSSL_DSA* dsa);
WOLFSSL_API int wolfSSL_DSA_do_verify(const unsigned char* d, WOLFSSL_API int wolfSSL_DSA_do_verify(
unsigned char* sig, const unsigned char* d, unsigned char* sig, WOLFSSL_DSA* dsa, int *dsacheck);
WOLFSSL_DSA* dsa, int *dsacheck);
WOLFSSL_API int wolfSSL_DSA_bits(const WOLFSSL_DSA *d); WOLFSSL_API int wolfSSL_DSA_bits(const WOLFSSL_DSA *d);
@ -109,11 +110,21 @@ WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_do_sign_ex(const unsigned char* digest,
WOLFSSL_API int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest_len, WOLFSSL_API int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest_len,
WOLFSSL_DSA_SIG* sig, WOLFSSL_DSA* dsa); WOLFSSL_DSA_SIG* sig, WOLFSSL_DSA* dsa);
WOLFSSL_API int wolfSSL_i2d_DSAparams(
const WOLFSSL_DSA* dsa, unsigned char** out);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_d2i_DSAparams(
WOLFSSL_DSA** dsa, const unsigned char** der, long derLen);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_DSA DSA;
#define WOLFSSL_DSA_LOAD_PRIVATE 1 #define WOLFSSL_DSA_LOAD_PRIVATE 1
#define WOLFSSL_DSA_LOAD_PUBLIC 2 #define WOLFSSL_DSA_LOAD_PUBLIC 2
#define DSA_new wolfSSL_DSA_new #define DSA_new wolfSSL_DSA_new
#define DSA_free wolfSSL_DSA_free #define DSA_free wolfSSL_DSA_free
#define DSA_print_fp wolfSSL_DSA_print_fp
#define DSA_LoadDer wolfSSL_DSA_LoadDer #define DSA_LoadDer wolfSSL_DSA_LoadDer
#define DSA_generate_key wolfSSL_DSA_generate_key #define DSA_generate_key wolfSSL_DSA_generate_key
@ -132,10 +143,13 @@ WOLFSSL_API int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest
#define d2i_DSA_SIG wolfSSL_d2i_DSA_SIG #define d2i_DSA_SIG wolfSSL_d2i_DSA_SIG
#define DSA_do_sign wolfSSL_DSA_do_sign_ex #define DSA_do_sign wolfSSL_DSA_do_sign_ex
#define DSA_do_verify wolfSSL_DSA_do_verify_ex #define DSA_do_verify wolfSSL_DSA_do_verify_ex
#define i2d_DSAparams wolfSSL_i2d_DSAparams
#define d2i_DSAparams wolfSSL_d2i_DSAparams
#define DSA_SIG WOLFSSL_DSA_SIG #define DSA_SIG WOLFSSL_DSA_SIG
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

View File

@ -1,6 +1,6 @@
/* ec.h /* ec.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -32,6 +32,7 @@
extern "C" { extern "C" {
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* Map OpenSSL NID value */ /* Map OpenSSL NID value */
enum { enum {
POINT_CONVERSION_COMPRESSED = 2, POINT_CONVERSION_COMPRESSED = 2,
@ -45,7 +46,7 @@ enum {
NID_X9_62_prime192v3 = 411, NID_X9_62_prime192v3 = 411,
NID_X9_62_prime239v1 = 412, NID_X9_62_prime239v1 = 412,
NID_X9_62_prime239v2 = 413, NID_X9_62_prime239v2 = 413,
NID_X9_62_prime239v3 = 414, NID_X9_62_prime239v3 = 418, /* Previous value conflicted with AES128CBCb */
NID_X9_62_prime256v1 = 415, NID_X9_62_prime256v1 = 415,
NID_secp112r1 = 704, NID_secp112r1 = 704,
NID_secp112r2 = 705, NID_secp112r2 = 705,
@ -76,8 +77,10 @@ enum {
NID_ED25519 = ED25519k, NID_ED25519 = ED25519k,
#endif #endif
OPENSSL_EC_NAMED_CURVE = 0x001 OPENSSL_EC_EXPLICIT_CURVE = 0x000,
OPENSSL_EC_NAMED_CURVE = 0x001,
}; };
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifndef WOLFSSL_EC_TYPE_DEFINED /* guard on redeclaration */ #ifndef WOLFSSL_EC_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY; typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY;
@ -86,15 +89,10 @@ typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_GROUP;
typedef struct WOLFSSL_EC_BUILTIN_CURVE WOLFSSL_EC_BUILTIN_CURVE; typedef struct WOLFSSL_EC_BUILTIN_CURVE WOLFSSL_EC_BUILTIN_CURVE;
/* WOLFSSL_EC_METHOD is just an alias of WOLFSSL_EC_GROUP for now */ /* WOLFSSL_EC_METHOD is just an alias of WOLFSSL_EC_GROUP for now */
typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_METHOD; typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_METHOD;
#define WOLFSSL_EC_TYPE_DEFINED #define WOLFSSL_EC_TYPE_DEFINED
#endif #endif
typedef WOLFSSL_EC_KEY EC_KEY;
typedef WOLFSSL_EC_GROUP EC_GROUP;
typedef WOLFSSL_EC_GROUP EC_METHOD;
typedef WOLFSSL_EC_POINT EC_POINT;
typedef WOLFSSL_EC_BUILTIN_CURVE EC_builtin_curve;
struct WOLFSSL_EC_POINT { struct WOLFSSL_EC_POINT {
WOLFSSL_BIGNUM *X; WOLFSSL_BIGNUM *X;
WOLFSSL_BIGNUM *Y; WOLFSSL_BIGNUM *Y;
@ -117,6 +115,7 @@ struct WOLFSSL_EC_KEY {
WOLFSSL_BIGNUM *priv_key; WOLFSSL_BIGNUM *priv_key;
void* internal; /* our ECC Key */ void* internal; /* our ECC Key */
void* heap;
char form; /* Either POINT_CONVERSION_UNCOMPRESSED or char form; /* Either POINT_CONVERSION_UNCOMPRESSED or
* POINT_CONVERSION_COMPRESSED */ * POINT_CONVERSION_COMPRESSED */
word16 pkcs8HeaderSz; word16 pkcs8HeaderSz;
@ -124,6 +123,11 @@ struct WOLFSSL_EC_KEY {
/* option bits */ /* option bits */
byte inSet:1; /* internal set from external ? */ byte inSet:1; /* internal set from external ? */
byte exSet:1; /* external set from internal ? */ byte exSet:1; /* external set from internal ? */
#ifndef SINGLE_THREADED
wolfSSL_Mutex refMutex; /* ref count mutex */
#endif
int refCount; /* reference count */
}; };
struct WOLFSSL_EC_BUILTIN_CURVE { struct WOLFSSL_EC_BUILTIN_CURVE {
@ -134,11 +138,15 @@ struct WOLFSSL_EC_BUILTIN_CURVE {
#define WOLFSSL_EC_KEY_LOAD_PRIVATE 1 #define WOLFSSL_EC_KEY_LOAD_PRIVATE 1
#define WOLFSSL_EC_KEY_LOAD_PUBLIC 2 #define WOLFSSL_EC_KEY_LOAD_PUBLIC 2
typedef int point_conversion_form_t;
WOLFSSL_API WOLFSSL_API
size_t wolfSSL_EC_get_builtin_curves(WOLFSSL_EC_BUILTIN_CURVE *r,size_t nitems); size_t wolfSSL_EC_get_builtin_curves(WOLFSSL_EC_BUILTIN_CURVE *r,size_t nitems);
WOLFSSL_API WOLFSSL_API
WOLFSSL_EC_KEY *wolfSSL_EC_KEY_dup(const WOLFSSL_EC_KEY *src); WOLFSSL_EC_KEY *wolfSSL_EC_KEY_dup(const WOLFSSL_EC_KEY *src);
WOLFSSL_API
int wolfSSL_EC_KEY_up_ref(WOLFSSL_EC_KEY* key);
WOLFSSL_API WOLFSSL_API
int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *curve, int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *curve,
@ -169,6 +177,8 @@ int wolfSSL_i2d_ECPrivateKey(const WOLFSSL_EC_KEY *in, unsigned char **out);
WOLFSSL_API WOLFSSL_API
void wolfSSL_EC_KEY_set_conv_form(WOLFSSL_EC_KEY *eckey, char form); void wolfSSL_EC_KEY_set_conv_form(WOLFSSL_EC_KEY *eckey, char form);
WOLFSSL_API WOLFSSL_API
point_conversion_form_t wolfSSL_EC_KEY_get_conv_form(const WOLFSSL_EC_KEY* key);
WOLFSSL_API
WOLFSSL_BIGNUM *wolfSSL_EC_POINT_point2bn(const WOLFSSL_EC_GROUP *group, WOLFSSL_BIGNUM *wolfSSL_EC_POINT_point2bn(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *p, const WOLFSSL_EC_POINT *p,
char form, char form,
@ -200,6 +210,8 @@ WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_by_curve_name(int nid);
WOLFSSL_API const char* wolfSSL_EC_curve_nid2nist(int nid); WOLFSSL_API const char* wolfSSL_EC_curve_nid2nist(int nid);
WOLFSSL_API int wolfSSL_EC_curve_nist2nid(const char* name); WOLFSSL_API int wolfSSL_EC_curve_nist2nid(const char* name);
WOLFSSL_API WOLFSSL_API
WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_ex(void* heap, int devId);
WOLFSSL_API
WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void); WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void);
WOLFSSL_API WOLFSSL_API
int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group); int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group);
@ -211,10 +223,18 @@ WOLFSSL_API
int wolfSSL_EC_KEY_set_public_key(WOLFSSL_EC_KEY *key, int wolfSSL_EC_KEY_set_public_key(WOLFSSL_EC_KEY *key,
const WOLFSSL_EC_POINT *pub); const WOLFSSL_EC_POINT *pub);
WOLFSSL_API int wolfSSL_EC_KEY_check_key(const WOLFSSL_EC_KEY *key); WOLFSSL_API int wolfSSL_EC_KEY_check_key(const WOLFSSL_EC_KEY *key);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_EC_KEY_print_fp(XFILE fp, WOLFSSL_EC_KEY* key,
int indent);
#endif /* !NO_FILESYSTEM && !NO_STDIO_FILESYSTEM */
WOLFSSL_API int wolfSSL_ECDSA_size(const WOLFSSL_EC_KEY *key); WOLFSSL_API int wolfSSL_ECDSA_size(const WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_ECDSA_sign(int type, const unsigned char *digest, WOLFSSL_API int wolfSSL_ECDSA_sign(int type, const unsigned char *digest,
int digestSz, unsigned char *sig, int digestSz, unsigned char *sig,
unsigned int *sigSz, WOLFSSL_EC_KEY *key); unsigned int *sigSz, WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_ECDSA_verify(int type, const unsigned char *digest,
int digestSz, const unsigned char *sig,
int sigSz, WOLFSSL_EC_KEY *key);
WOLFSSL_API WOLFSSL_API
void wolfSSL_EC_GROUP_set_asn1_flag(WOLFSSL_EC_GROUP *group, int flag); void wolfSSL_EC_GROUP_set_asn1_flag(WOLFSSL_EC_GROUP *group, int flag);
WOLFSSL_API WOLFSSL_API
@ -287,12 +307,21 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
WOLFSSL_BN_CTX* ctx); WOLFSSL_BN_CTX* ctx);
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_EC_KEY EC_KEY;
typedef WOLFSSL_EC_GROUP EC_GROUP;
typedef WOLFSSL_EC_GROUP EC_METHOD;
typedef WOLFSSL_EC_POINT EC_POINT;
typedef WOLFSSL_EC_BUILTIN_CURVE EC_builtin_curve;
#ifndef HAVE_ECC #ifndef HAVE_ECC
#define OPENSSL_NO_EC #define OPENSSL_NO_EC
#endif #endif
#define EC_KEY_new wolfSSL_EC_KEY_new #define EC_KEY_new wolfSSL_EC_KEY_new
#define EC_KEY_free wolfSSL_EC_KEY_free #define EC_KEY_free wolfSSL_EC_KEY_free
#define EC_KEY_up_ref wolfSSL_EC_KEY_up_ref
#define EC_KEY_dup wolfSSL_EC_KEY_dup #define EC_KEY_dup wolfSSL_EC_KEY_dup
#define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key #define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key
#define EC_KEY_get0_group wolfSSL_EC_KEY_get0_group #define EC_KEY_get0_group wolfSSL_EC_KEY_get0_group
@ -304,9 +333,11 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag #define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag
#define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key #define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key
#define EC_KEY_check_key wolfSSL_EC_KEY_check_key #define EC_KEY_check_key wolfSSL_EC_KEY_check_key
#define EC_KEY_print_fp wolfSSL_EC_KEY_print_fp
#define ECDSA_size wolfSSL_ECDSA_size #define ECDSA_size wolfSSL_ECDSA_size
#define ECDSA_sign wolfSSL_ECDSA_sign #define ECDSA_sign wolfSSL_ECDSA_sign
#define ECDSA_verify wolfSSL_ECDSA_verify
#define EC_GROUP_free wolfSSL_EC_GROUP_free #define EC_GROUP_free wolfSSL_EC_GROUP_free
#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag #define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
@ -328,8 +359,12 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define EC_POINT_free wolfSSL_EC_POINT_free #define EC_POINT_free wolfSSL_EC_POINT_free
#define EC_POINT_get_affine_coordinates_GFp \ #define EC_POINT_get_affine_coordinates_GFp \
wolfSSL_EC_POINT_get_affine_coordinates_GFp wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_get_affine_coordinates \
wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_set_affine_coordinates_GFp \ #define EC_POINT_set_affine_coordinates_GFp \
wolfSSL_EC_POINT_set_affine_coordinates_GFp wolfSSL_EC_POINT_set_affine_coordinates_GFp
#define EC_POINT_set_affine_coordinates \
wolfSSL_EC_POINT_set_affine_coordinates_GFp
#define EC_POINT_add wolfSSL_EC_POINT_add #define EC_POINT_add wolfSSL_EC_POINT_add
#define EC_POINT_mul wolfSSL_EC_POINT_mul #define EC_POINT_mul wolfSSL_EC_POINT_mul
#define EC_POINT_invert wolfSSL_EC_POINT_invert #define EC_POINT_invert wolfSSL_EC_POINT_invert
@ -352,6 +387,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define d2i_ECPrivateKey wolfSSL_d2i_ECPrivateKey #define d2i_ECPrivateKey wolfSSL_d2i_ECPrivateKey
#define i2d_ECPrivateKey wolfSSL_i2d_ECPrivateKey #define i2d_ECPrivateKey wolfSSL_i2d_ECPrivateKey
#define EC_KEY_set_conv_form wolfSSL_EC_KEY_set_conv_form #define EC_KEY_set_conv_form wolfSSL_EC_KEY_set_conv_form
#define EC_KEY_get_conv_form wolfSSL_EC_KEY_get_conv_form
#ifndef HAVE_SELFTEST #ifndef HAVE_SELFTEST
#define EC_POINT_point2hex wolfSSL_EC_POINT_point2hex #define EC_POINT_point2hex wolfSSL_EC_POINT_point2hex
@ -363,6 +399,8 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define EC_curve_nid2nist wolfSSL_EC_curve_nid2nist #define EC_curve_nid2nist wolfSSL_EC_curve_nid2nist
#define EC_curve_nist2nid wolfSSL_EC_curve_nist2nid #define EC_curve_nist2nid wolfSSL_EC_curve_nist2nid
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

View File

@ -1,6 +1,6 @@
/* ec25519.h /* ec25519.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* ec448.h /* ec448.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* ecdh.h /* ecdh.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* ecdsa.h /* ecdsa.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -46,6 +46,10 @@ struct WOLFSSL_ECDSA_SIG {
WOLFSSL_API void wolfSSL_ECDSA_SIG_free(WOLFSSL_ECDSA_SIG *sig); WOLFSSL_API void wolfSSL_ECDSA_SIG_free(WOLFSSL_ECDSA_SIG *sig);
WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_SIG_new(void); WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_SIG_new(void);
WOLFSSL_API void wolfSSL_ECDSA_SIG_get0(const WOLFSSL_ECDSA_SIG* sig,
const WOLFSSL_BIGNUM** r, const WOLFSSL_BIGNUM** s);
WOLFSSL_API int wolfSSL_ECDSA_SIG_set0(WOLFSSL_ECDSA_SIG* sig, WOLFSSL_BIGNUM* r,
WOLFSSL_BIGNUM* s);
WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *dgst, WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *dgst,
int dgst_len, int dgst_len,
WOLFSSL_EC_KEY *eckey); WOLFSSL_EC_KEY *eckey);
@ -62,6 +66,8 @@ WOLFSSL_API int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig,
#define ECDSA_SIG_free wolfSSL_ECDSA_SIG_free #define ECDSA_SIG_free wolfSSL_ECDSA_SIG_free
#define ECDSA_SIG_new wolfSSL_ECDSA_SIG_new #define ECDSA_SIG_new wolfSSL_ECDSA_SIG_new
#define ECDSA_SIG_get0 wolfSSL_ECDSA_SIG_get0
#define ECDSA_SIG_set0 wolfSSL_ECDSA_SIG_set0
#define ECDSA_do_sign wolfSSL_ECDSA_do_sign #define ECDSA_do_sign wolfSSL_ECDSA_do_sign
#define ECDSA_do_verify wolfSSL_ECDSA_do_verify #define ECDSA_do_verify wolfSSL_ECDSA_do_verify
#define d2i_ECDSA_SIG wolfSSL_d2i_ECDSA_SIG #define d2i_ECDSA_SIG wolfSSL_d2i_ECDSA_SIG

View File

@ -1,6 +1,6 @@
/* ed25519.h /* ed25519.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* ed448.h /* ed448.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* err.h /* err.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -24,7 +24,9 @@
#include <libs/libwolfssl/wolfcrypt/logging.h> #include <libs/libwolfssl/wolfcrypt/logging.h>
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* err.h for openssl */ /* err.h for openssl */
#define ERR_load_ERR_strings wolfSSL_ERR_load_ERR_strings
#define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings #define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings
#define ERR_load_CRYPTO_strings wolfSSL_ERR_load_crypto_strings #define ERR_load_CRYPTO_strings wolfSSL_ERR_load_crypto_strings
#define ERR_peek_last_error wolfSSL_ERR_peek_last_error #define ERR_peek_last_error wolfSSL_ERR_peek_last_error
@ -35,9 +37,13 @@
#define ERR_R_DISABLED NOT_COMPILED_IN #define ERR_R_DISABLED NOT_COMPILED_IN
#define ERR_R_PASSED_INVALID_ARGUMENT BAD_FUNC_ARG #define ERR_R_PASSED_INVALID_ARGUMENT BAD_FUNC_ARG
#define RSA_R_UNKNOWN_PADDING_TYPE RSA_PAD_E #define RSA_R_UNKNOWN_PADDING_TYPE RSA_PAD_E
#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE WC_KEY_SIZE_E
#define EC_R_BUFFER_TOO_SMALL BUFFER_E #define EC_R_BUFFER_TOO_SMALL BUFFER_E
#define ERR_TXT_MALLOCED 1
/* SSL function codes */ /* SSL function codes */
#define RSA_F_RSA_PADDING_ADD_SSLV23 0
#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 1 #define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 1
#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 2 #define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 2
#define SSL_F_SSL_USE_PRIVATEKEY 3 #define SSL_F_SSL_USE_PRIVATEKEY 3
@ -51,5 +57,7 @@
#define SSLerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__) #define SSLerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__)
#define ECerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__) #define ECerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__)
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* WOLFSSL_OPENSSL_ERR_ */ #endif /* WOLFSSL_OPENSSL_ERR_ */

View File

@ -1,6 +1,6 @@
/* evp.h /* evp.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -49,14 +49,13 @@
#include <libs/libwolfssl/openssl/dsa.h> #include <libs/libwolfssl/openssl/dsa.h>
#include <libs/libwolfssl/openssl/ec.h> #include <libs/libwolfssl/openssl/ec.h>
#include <libs/libwolfssl/openssl/dh.h> #include <libs/libwolfssl/openssl/dh.h>
#include <libs/libwolfssl/openssl/compat_types.h>
#include <libs/libwolfssl/wolfcrypt/aes.h> #include <libs/libwolfssl/wolfcrypt/aes.h>
#include <libs/libwolfssl/wolfcrypt/des3.h> #include <libs/libwolfssl/wolfcrypt/des3.h>
#include <libs/libwolfssl/wolfcrypt/arc4.h> #include <libs/libwolfssl/wolfcrypt/arc4.h>
#include <libs/libwolfssl/wolfcrypt/chacha20_poly1305.h>
#include <libs/libwolfssl/wolfcrypt/hmac.h> #include <libs/libwolfssl/wolfcrypt/hmac.h>
#ifdef HAVE_IDEA
#include <libs/libwolfssl/wolfcrypt/idea.h>
#endif
#include <libs/libwolfssl/wolfcrypt/pwdbased.h> #include <libs/libwolfssl/wolfcrypt/pwdbased.h>
#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE) #if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE)
@ -68,30 +67,23 @@
#endif #endif
typedef char WOLFSSL_EVP_CIPHER;
#ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */
typedef char WOLFSSL_EVP_MD;
typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY;
typedef struct WOLFSSL_EVP_MD_CTX WOLFSSL_EVP_MD_CTX;
#define WOLFSSL_EVP_TYPE_DEFINED
#endif
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
#ifndef NO_MD4 #ifndef NO_MD4
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void);
#endif #endif
#ifndef NO_MD5 #ifndef NO_MD5
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void);
#endif #endif
WOLFSSL_API void wolfSSL_EVP_set_pw_prompt(const char *); WOLFSSL_API void wolfSSL_EVP_set_pw_prompt(const char *prompt);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_mdc2(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_mdc2(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_shake128(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_shake256(void);
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_sha512_224(void);
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_sha512_256(void);
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_ripemd160(void); WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_ripemd160(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_224(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_224(void);
@ -103,7 +95,7 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void);
#if !defined(NO_AES) && defined(HAVE_AES_CBC) #if !defined(NO_AES) && (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT))
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void);
#endif #endif
@ -142,9 +134,16 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_cbc(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_idea_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc2_cbc(void); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc2_cbc(void);
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_chacha20_poly1305(void);
#endif
#ifdef HAVE_CHACHA
/* ChaCha IV + counter is set as one IV in EVP */
#define WOLFSSL_EVP_CHACHA_IV_BYTES (CHACHA_IV_BYTES + sizeof(word32))
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_chacha20(void);
#endif
typedef union { typedef union {
@ -154,11 +153,15 @@ typedef union {
#ifndef NO_MD5 #ifndef NO_MD5
WOLFSSL_MD5_CTX md5; WOLFSSL_MD5_CTX md5;
#endif #endif
#ifndef NO_SHA
WOLFSSL_SHA_CTX sha; WOLFSSL_SHA_CTX sha;
#endif
#ifdef WOLFSSL_SHA224 #ifdef WOLFSSL_SHA224
WOLFSSL_SHA224_CTX sha224; WOLFSSL_SHA224_CTX sha224;
#endif #endif
#ifndef NO_SHA256
WOLFSSL_SHA256_CTX sha256; WOLFSSL_SHA256_CTX sha256;
#endif
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
WOLFSSL_SHA384_CTX sha384; WOLFSSL_SHA384_CTX sha384;
#endif #endif
@ -180,8 +183,6 @@ typedef union {
#endif #endif
} WOLFSSL_Hasher; } WOLFSSL_Hasher;
typedef struct WOLFSSL_EVP_PKEY_CTX WOLFSSL_EVP_PKEY_CTX;
typedef struct WOLFSSL_EVP_CIPHER_CTX WOLFSSL_EVP_CIPHER_CTX;
struct WOLFSSL_EVP_MD_CTX { struct WOLFSSL_EVP_MD_CTX {
union { union {
@ -210,14 +211,146 @@ typedef union {
Des3 des3; Des3 des3;
#endif #endif
Arc4 arc4; Arc4 arc4;
#ifdef HAVE_IDEA
Idea idea;
#endif
#ifdef WOLFSSL_QT #ifdef WOLFSSL_QT
int (*ctrl) (WOLFSSL_EVP_CIPHER_CTX *, int type, int arg, void *ptr); int (*ctrl) (WOLFSSL_EVP_CIPHER_CTX *, int type, int arg, void *ptr);
#endif #endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
ChaChaPoly_Aead chachaPoly;
#endif
#ifdef HAVE_CHACHA
ChaCha chacha;
#endif
} WOLFSSL_Cipher; } WOLFSSL_Cipher;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define NID_aes_128_cbc 419
#define NID_aes_192_cbc 423
#define NID_aes_256_cbc 427
#define NID_aes_128_ccm 896
#define NID_aes_256_ccm 902
#define NID_aes_128_gcm 895
#define NID_aes_192_gcm 898
#define NID_aes_256_gcm 901
#define NID_aes_128_ctr 904
#define NID_aes_192_ctr 905
#define NID_aes_256_ctr 906
#define NID_aes_128_ecb 418
#define NID_aes_192_ecb 422
#define NID_aes_256_ecb 426
#define NID_des_cbc 31
#define NID_des_ecb 29
#define NID_des_ede3_cbc 44
#define NID_des_ede3_ecb 33
#define NID_aes_128_cfb1 650
#define NID_aes_192_cfb1 651
#define NID_aes_256_cfb1 652
#define NID_aes_128_cfb8 653
#define NID_aes_192_cfb8 654
#define NID_aes_256_cfb8 655
#define NID_aes_128_cfb128 421
#define NID_aes_192_cfb128 425
#define NID_aes_256_cfb128 429
#define NID_aes_128_ofb 420
#define NID_aes_192_ofb 424
#define NID_aes_256_ofb 428
#define NID_aes_128_xts 913
#define NID_aes_256_xts 914
#define NID_camellia_128_cbc 751
#define NID_camellia_256_cbc 753
#define NID_chacha20_poly1305 1018
#define NID_chacha20 1019
#define NID_md5WithRSA 104
#define NID_md2WithRSAEncryption 9
#define NID_md5WithRSAEncryption 99
#define NID_dsaWithSHA1 113
#define NID_dsaWithSHA1_2 70
#define NID_sha1WithRSA 115
#define NID_sha1WithRSAEncryption 65
#define NID_sha224WithRSAEncryption 671
#define NID_sha256WithRSAEncryption 668
#define NID_sha384WithRSAEncryption 669
#define NID_sha512WithRSAEncryption 670
#define NID_RSA_SHA3_224 1116
#define NID_RSA_SHA3_256 1117
#define NID_RSA_SHA3_384 1118
#define NID_RSA_SHA3_512 1119
#define NID_ecdsa_with_SHA1 416
#define NID_ecdsa_with_SHA224 793
#define NID_ecdsa_with_SHA256 794
#define NID_ecdsa_with_SHA384 795
#define NID_ecdsa_with_SHA512 796
#define NID_ecdsa_with_SHA3_224 1112
#define NID_ecdsa_with_SHA3_256 1113
#define NID_ecdsa_with_SHA3_384 1114
#define NID_ecdsa_with_SHA3_512 1115
#define NID_dsa_with_SHA224 802
#define NID_dsa_with_SHA256 803
#define NID_sha3_224 1096
#define NID_sha3_256 1097
#define NID_sha3_384 1098
#define NID_sha3_512 1099
#define NID_blake2b512 1056
#define NID_blake2s256 1057
#define NID_shake128 1100
#define NID_shake256 1101
#define NID_sha1 64
#define NID_sha224 675
#define NID_md2 77
#define NID_md4 257
#define NID_md5 40
#define NID_hmac 855
#define NID_hmacWithSHA1 163
#define NID_hmacWithSHA224 798
#define NID_hmacWithSHA256 799
#define NID_hmacWithSHA384 800
#define NID_hmacWithSHA512 801
#define NID_hkdf 1036
#define NID_cmac 894
#define NID_dhKeyAgreement 28
#define NID_ffdhe2048 1126
#define NID_ffdhe3072 1127
#define NID_ffdhe4096 1128
#define NID_rc4 5
#define NID_bf_cbc 91
#define NID_bf_ecb 92
#define NID_bf_cfb64 93
#define NID_bf_ofb64 94
#define NID_cast5_cbc 108
#define NID_cast5_ecb 109
#define NID_cast5_cfb64 110
#define NID_cast5_ofb64 111
/* key exchange */
#define NID_kx_rsa 1037
#define NID_kx_ecdhe 1038
#define NID_kx_dhe 1039
#define NID_kx_ecdhe_psk 1040
#define NID_kx_dhe_psk 1041
#define NID_kx_rsa_psk 1042
#define NID_kx_psk 1043
#define NID_kx_srp 1044
#define NID_kx_gost 1045
#define NID_kx_any 1063
/* server authentication */
#define NID_auth_rsa 1046
#define NID_auth_ecdsa 1047
#define NID_auth_psk 1048
#define NID_auth_dss 1049
#define NID_auth_srp 1052
#define NID_auth_null 1054
#define NID_auth_any 1055
#define NID_X9_62_id_ecPublicKey EVP_PKEY_EC
#define NID_rsaEncryption EVP_PKEY_RSA
#define NID_dsa EVP_PKEY_DSA
#define EVP_PKEY_OP_SIGN (1 << 3)
#define EVP_PKEY_OP_VERIFY (1 << 5)
#define EVP_PKEY_OP_ENCRYPT (1 << 6)
#define EVP_PKEY_OP_DECRYPT (1 << 7)
#define EVP_PKEY_OP_DERIVE (1 << 8)
#define EVP_PKEY_PRINT_INDENT_MAX 128
enum { enum {
AES_128_CBC_TYPE = 1, AES_128_CBC_TYPE = 1,
@ -238,21 +371,15 @@ enum {
EVP_PKEY_RSA = 16, EVP_PKEY_RSA = 16,
EVP_PKEY_DSA = 17, EVP_PKEY_DSA = 17,
EVP_PKEY_EC = 18, EVP_PKEY_EC = 18,
#ifdef HAVE_IDEA
IDEA_CBC_TYPE = 19,
#endif
AES_128_GCM_TYPE = 21, AES_128_GCM_TYPE = 21,
AES_192_GCM_TYPE = 22, AES_192_GCM_TYPE = 22,
AES_256_GCM_TYPE = 23, AES_256_GCM_TYPE = 23,
NID_sha1 = 64,
NID_sha224 = 65,
NID_md2 = 77,
NID_md4 = 257,
NID_md5 = 4,
NID_hmac = 855,
NID_dhKeyAgreement= 28,
EVP_PKEY_DH = NID_dhKeyAgreement, EVP_PKEY_DH = NID_dhKeyAgreement,
EVP_PKEY_HMAC = NID_hmac, EVP_PKEY_HMAC = NID_hmac,
EVP_PKEY_CMAC = NID_cmac,
EVP_PKEY_HKDF = NID_hkdf,
EVP_PKEY_FALCON = 300, /* Randomly picked value. */
EVP_PKEY_DILITHIUM= 301, /* Randomly picked value. */
AES_128_CFB1_TYPE = 24, AES_128_CFB1_TYPE = 24,
AES_192_CFB1_TYPE = 25, AES_192_CFB1_TYPE = 25,
AES_256_CFB1_TYPE = 26, AES_256_CFB1_TYPE = 26,
@ -266,73 +393,13 @@ enum {
AES_192_OFB_TYPE = 34, AES_192_OFB_TYPE = 34,
AES_256_OFB_TYPE = 35, AES_256_OFB_TYPE = 35,
AES_128_XTS_TYPE = 36, AES_128_XTS_TYPE = 36,
AES_256_XTS_TYPE = 37 AES_256_XTS_TYPE = 37,
CHACHA20_POLY1305_TYPE = 38,
CHACHA20_TYPE = 39
}; };
enum { #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
NID_md5WithRSA = 104,
NID_md5WithRSAEncryption = 8,
NID_dsaWithSHA1 = 113,
NID_dsaWithSHA1_2 = 70,
NID_sha1WithRSA = 115,
NID_sha1WithRSAEncryption = 65,
NID_sha224WithRSAEncryption = 671,
NID_sha256WithRSAEncryption = 668,
NID_sha384WithRSAEncryption = 669,
NID_sha512WithRSAEncryption = 670,
NID_ecdsa_with_SHA1 = 416,
NID_ecdsa_with_SHA224 = 793,
NID_ecdsa_with_SHA256 = 794,
NID_ecdsa_with_SHA384 = 795,
NID_ecdsa_with_SHA512 = 796,
NID_dsa_with_SHA224 = 802,
NID_dsa_with_SHA256 = 803,
NID_sha3_224 = 1096,
NID_sha3_256 = 1097,
NID_sha3_384 = 1098,
NID_sha3_512 = 1099,
NID_blake2b512 = 1056,
NID_blake2s256 = 1057,
};
enum {
NID_aes_128_cbc = 419,
NID_aes_192_cbc = 423,
NID_aes_256_cbc = 427,
NID_aes_128_gcm = 895,
NID_aes_192_gcm = 898,
NID_aes_256_gcm = 901,
NID_aes_128_ctr = 904,
NID_aes_192_ctr = 905,
NID_aes_256_ctr = 906,
NID_aes_128_ecb = 418,
NID_aes_192_ecb = 422,
NID_aes_256_ecb = 426,
NID_des_cbc = 31,
NID_des_ecb = 29,
NID_des_ede3_cbc= 44,
NID_des_ede3_ecb= 33,
NID_idea_cbc = 34,
NID_aes_128_cfb1= 650,
NID_aes_192_cfb1= 651,
NID_aes_256_cfb1= 652,
NID_aes_128_cfb8= 653,
NID_aes_192_cfb8= 654,
NID_aes_256_cfb8= 655,
NID_aes_128_cfb128 = 421,
NID_aes_192_cfb128 = 425,
NID_aes_256_cfb128 = 429,
NID_aes_128_ofb = 420,
NID_aes_192_ofb = 424,
NID_aes_256_ofb = 428,
NID_aes_128_xts = 913,
NID_aes_256_xts = 914
};
#define NID_X9_62_id_ecPublicKey EVP_PKEY_EC
#define NID_dhKeyAgreement EVP_PKEY_DH
#define NID_rsaEncryption EVP_PKEY_RSA
#define NID_dsa EVP_PKEY_DSA
#define WOLFSSL_EVP_BUF_SIZE 16 #define WOLFSSL_EVP_BUF_SIZE 16
struct WOLFSSL_EVP_CIPHER_CTX { struct WOLFSSL_EVP_CIPHER_CTX {
@ -341,33 +408,45 @@ struct WOLFSSL_EVP_CIPHER_CTX {
unsigned long flags; unsigned long flags;
unsigned char enc; /* if encrypt side, then true */ unsigned char enc; /* if encrypt side, then true */
unsigned char cipherType; unsigned char cipherType;
#ifndef NO_AES #if !defined(NO_AES)
/* working iv pointer into cipher */ /* working iv pointer into cipher */
ALIGN16 unsigned char iv[AES_BLOCK_SIZE]; ALIGN16 unsigned char iv[AES_BLOCK_SIZE];
#elif defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
ALIGN16 unsigned char iv[CHACHA20_POLY1305_AEAD_IV_SIZE];
#elif !defined(NO_DES3) #elif !defined(NO_DES3)
/* working iv pointer into cipher */
ALIGN16 unsigned char iv[DES_BLOCK_SIZE]; ALIGN16 unsigned char iv[DES_BLOCK_SIZE];
#elif defined(HAVE_IDEA)
/* working iv pointer into cipher */
ALIGN16 unsigned char iv[IDEA_BLOCK_SIZE];
#endif #endif
WOLFSSL_Cipher cipher; WOLFSSL_Cipher cipher;
ALIGN16 byte buf[WOLFSSL_EVP_BUF_SIZE]; ALIGN16 byte buf[WOLFSSL_EVP_BUF_SIZE];
int bufUsed; int bufUsed;
ALIGN16 byte lastBlock[WOLFSSL_EVP_BUF_SIZE]; ALIGN16 byte lastBlock[WOLFSSL_EVP_BUF_SIZE];
int lastUsed; int lastUsed;
#if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_IDEA) || \ #if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_AESGCM) || \
defined(HAVE_AESGCM) || defined (WOLFSSL_AES_XTS) defined (WOLFSSL_AES_XTS) || (defined(HAVE_CHACHA) || \
defined(HAVE_POLY1305))
#define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV #define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
int ivSz; int ivSz;
#ifdef HAVE_AESGCM #ifdef HAVE_AESGCM
byte* gcmBuffer; byte* gcmBuffer;
int gcmBufferLen; int gcmBufferLen;
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];
int authTagSz;
byte* gcmAuthIn; byte* gcmAuthIn;
int gcmAuthInSz; int gcmAuthInSz;
#endif #endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
byte* key; /* used in partial Init()s */
#endif
#if defined(HAVE_AESGCM) || (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
#ifdef HAVE_AESGCM
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];
#else
ALIGN16 unsigned char authTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
#endif
int authTagSz;
#endif
#ifdef HAVE_AESGCM
byte gcmIvGenEnable:1;
byte gcmIncIv:1;
#endif
#endif #endif
}; };
@ -377,12 +456,17 @@ struct WOLFSSL_EVP_PKEY_CTX {
int op; /* operation */ int op; /* operation */
int padding; int padding;
int nbits; int nbits;
#ifdef HAVE_ECC
int curveNID;
#endif
#ifndef NO_RSA
const WOLFSSL_EVP_MD* md;
#endif
}; };
typedef
struct WOLFSSL_ASN1_PCTX { struct WOLFSSL_ASN1_PCTX {
int dummy; int dummy;
} WOLFSSL_ASN1_PCTX; };
#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE) #if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE)
#define BASE64_ENCODE_BLOCK_SIZE 48 #define BASE64_ENCODE_BLOCK_SIZE 48
@ -406,6 +490,10 @@ WOLFSSL_API int wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
unsigned char*out, int *outl, const unsigned char*in, int inl); unsigned char*out, int *outl, const unsigned char*in, int inl);
WOLFSSL_API void wolfSSL_EVP_EncodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx, WOLFSSL_API void wolfSSL_EVP_EncodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
unsigned char*out, int *outl); unsigned char*out, int *outl);
WOLFSSL_API int wolfSSL_EVP_EncodeBlock(unsigned char *out,
const unsigned char *in, int inLen);
WOLFSSL_API int wolfSSL_EVP_DecodeBlock(unsigned char *out,
const unsigned char *in, int inLen);
#endif /* WOLFSSL_BASE64_ENCODE */ #endif /* WOLFSSL_BASE64_ENCODE */
#if defined(WOLFSSL_BASE64_DECODE) #if defined(WOLFSSL_BASE64_DECODE)
@ -419,21 +507,11 @@ WOLFSSL_API int wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2b512(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2b512(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2s256(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2s256(void);
typedef int WOLFSSL_ENGINE ;
typedef WOLFSSL_ENGINE ENGINE;
typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX;
#define EVP_PKEY_OP_SIGN (1 << 3)
#define EVP_PKEY_OP_ENCRYPT (1 << 6)
#define EVP_PKEY_OP_DECRYPT (1 << 7)
#define EVP_PKEY_OP_DERIVE (1 << 8)
#define EVP_PKEY_PRINT_INDENT_MAX 128
WOLFSSL_API void wolfSSL_EVP_init(void); WOLFSSL_API void wolfSSL_EVP_init(void);
WOLFSSL_API int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* md); WOLFSSL_API int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md); WOLFSSL_API int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD *md); WOLFSSL_API int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_MD_pkey_type(const WOLFSSL_EVP_MD* type);
WOLFSSL_API WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new (void); WOLFSSL_API WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new (void);
WOLFSSL_API void wolfSSL_EVP_MD_CTX_free(WOLFSSL_EVP_MD_CTX* ctx); WOLFSSL_API void wolfSSL_EVP_MD_CTX_free(WOLFSSL_EVP_MD_CTX* ctx);
@ -451,52 +529,33 @@ WOLFSSL_API int wolfSSL_EVP_CIPHER_nid(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx, WOLFSSL_API int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type); const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
WOLFSSL_API int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data, WOLFSSL_API int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data,
size_t sz); size_t sz);
WOLFSSL_API int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md, WOLFSSL_API int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
unsigned int* s); unsigned int* s);
WOLFSSL_API int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx, WOLFSSL_API int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx,
unsigned char* md, unsigned int* s); unsigned char* md, unsigned int* s);
WOLFSSL_API int wolfSSL_EVP_DigestSignInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx, WOLFSSL_API int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx,
const void *d, unsigned int cnt); const void *d, unsigned int cnt);
WOLFSSL_API int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, WOLFSSL_API int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx,
unsigned char *sig, size_t *siglen); unsigned char *sig, size_t *siglen);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, WOLFSSL_API int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx,
const void *d, size_t cnt); const void *d, size_t cnt);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, WOLFSSL_API int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
const unsigned char *sig, const unsigned char *sig,
size_t siglen); size_t siglen);
WOLFSSL_API int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out,
unsigned int* outSz, const WOLFSSL_EVP_MD* evp,
WOLFSSL_ENGINE* eng);
WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER*, const WOLFSSL_EVP_MD* md, const byte* salt,
const WOLFSSL_EVP_MD*, const unsigned char*, const byte* data, int sz, int count, byte* key, byte* iv);
const unsigned char*, int, int, unsigned char*,
unsigned char*);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx); WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_ctrl(WOLFSSL_EVP_CIPHER_CTX *ctx, \ WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_ctrl(WOLFSSL_EVP_CIPHER_CTX *ctx, \
int type, int arg, void *ptr); int type, int arg, void *ptr);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX*); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_iv_length(
WOLFSSL_API int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER*); const WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher);
WOLFSSL_API int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c); WOLFSSL_API int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c);
@ -505,30 +564,6 @@ WOLFSSL_API int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const unsigned char* key, const unsigned char* key,
const unsigned char* iv, const unsigned char* iv,
int enc); int enc);
WOLFSSL_API int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv,
int enc);
WOLFSSL_API int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx, WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl, unsigned char *out, int *outl,
const unsigned char *in, int inl); const unsigned char *in, int inl);
@ -550,6 +585,7 @@ WOLFSSL_API int wolfSSL_EVP_DecryptFinal_legacy(WOLFSSL_EVP_CIPHER_CTX *ctx,
WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void); WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_free(WOLFSSL_EVP_CIPHER_CTX *ctx); WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_free(WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_reset(WOLFSSL_EVP_CIPHER_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_reset(WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_nid(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx, WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
int keylen); int keylen);
@ -557,24 +593,26 @@ WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_iv_length(WOLFSSL_EVP_CIPHER_CTX* ct
int ivLen); int ivLen);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* iv, WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* iv,
int ivLen); int ivLen);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_get_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* iv,
int ivLen);
WOLFSSL_API int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx, WOLFSSL_API int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx,
unsigned char* dst, unsigned char* src, unsigned char* dst, unsigned char* src,
unsigned int len); unsigned int len);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_get_cipherbynid(int); WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_get_cipherbynid(int id);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id);
WOLFSSL_API const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_CIPHER_CTX_cipher(const WOLFSSL_EVP_CIPHER_CTX *ctx); WOLFSSL_API const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_CIPHER_CTX_cipher(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_RSA(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_API int wolfSSL_EVP_PKEY_assign_RSA(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_RSA* key); WOLFSSL_RSA* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_EC_KEY* key); WOLFSSL_EC_KEY* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key); WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DSA(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_DSA* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key); WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DH(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_DH* key);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get0_RSA(struct WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get0_RSA(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get0_DSA(struct WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get0_DSA(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*); WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY* key);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*); WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY* key);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get0_EC_KEY(WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get0_EC_KEY(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key);
WOLFSSL_API WOLFSSL_DH* wolfSSL_EVP_PKEY_get0_DH(WOLFSSL_EVP_PKEY* key); WOLFSSL_API WOLFSSL_DH* wolfSSL_EVP_PKEY_get0_DH(WOLFSSL_EVP_PKEY* key);
@ -585,13 +623,21 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key
WOLFSSL_API int wolfSSL_EVP_PKEY_set1_EC_KEY(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_EC_KEY *key); WOLFSSL_API int wolfSSL_EVP_PKEY_set1_EC_KEY(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign(WOLFSSL_EVP_PKEY *pkey, int type, void *key); WOLFSSL_API int wolfSSL_EVP_PKEY_assign(WOLFSSL_EVP_PKEY *pkey, int type, void *key);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, ENGINE* e,
const unsigned char* key, int keylen);
WOLFSSL_API const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey, WOLFSSL_API const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
size_t* len); size_t* len);
WOLFSSL_API int wolfSSL_EVP_PKEY_sign_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_sign_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_API int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen); unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen);
WOLFSSL_API int wolfSSL_EVP_PKEY_verify_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_verify(WOLFSSL_EVP_PKEY_CTX *ctx, const unsigned char *sig,
size_t siglen, const unsigned char *tbs, size_t tbslen);
WOLFSSL_API int wolfSSL_EVP_PKEY_paramgen_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_ec_paramgen_curve_nid(WOLFSSL_EVP_PKEY_CTX *ctx,
int nid);
WOLFSSL_API int wolfSSL_EVP_PKEY_paramgen(WOLFSSL_EVP_PKEY_CTX* ctx,
WOLFSSL_EVP_PKEY** pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_ec_param_enc(WOLFSSL_EVP_PKEY_CTX *ctx,
int flag);
WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx,
WOLFSSL_EVP_PKEY **ppkey); WOLFSSL_EVP_PKEY **ppkey);
@ -601,9 +647,9 @@ WOLFSSL_API void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx);
#else #else
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx);
#endif #endif
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding); WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding);
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e); WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_signature_md(WOLFSSL_EVP_PKEY_CTX *ctx,
const WOLFSSL_EVP_MD* md);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(WOLFSSL_EVP_PKEY_CTX *ctx, int bits); WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(WOLFSSL_EVP_PKEY_CTX *ctx, int bits);
WOLFSSL_API int wolfSSL_EVP_PKEY_derive_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_derive_init(WOLFSSL_EVP_PKEY_CTX *ctx);
@ -623,7 +669,7 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void); WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap); WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*); WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, const WOLFSSL_EVP_PKEY *from); WOLFSSL_API int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, const WOLFSSL_EVP_PKEY *from);
WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey);
@ -632,12 +678,12 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API int wolfSSL_EVP_PKEY_id(const WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid); WOLFSSL_API int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKCS82PKEY(const WOLFSSL_PKCS8_PRIV_KEY_INFO* p8);
WOLFSSL_API WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_EVP_PKEY2PKCS8(const WOLFSSL_EVP_PKEY* pkey);
WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret, WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey); unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type); WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type);
WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len); WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len);
WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
const unsigned char* sig, unsigned int sig_len, WOLFSSL_EVP_PKEY *pkey); const unsigned char* sig, unsigned int sig_len, WOLFSSL_EVP_PKEY *pkey);
@ -664,6 +710,7 @@ WOLFSSL_API unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher); WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags); WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags); WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_flags(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx); WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad);
WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest); WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest);
@ -685,20 +732,35 @@ WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
const WOLFSSL_EVP_MD *digest, const WOLFSSL_EVP_MD *digest,
int keylen, unsigned char *out); int keylen, unsigned char *out);
#if defined(HAVE_SCRYPT) && defined(HAVE_PBKDF2) && !defined(NO_PWDBASED) && \
!defined(NO_SHA)
WOLFSSL_API int wolfSSL_EVP_PBE_scrypt(const char *pass, size_t passlen,
const unsigned char *salt, size_t saltlen,
word64 N, word64 r, word64 p,
word64 maxmem, unsigned char *key, size_t keylen);
#endif /* HAVE_SCRYPT && HAVE_PBKDF2 && !NO_PWDBASED && !NO_SHA */
WOLFSSL_LOCAL int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp, WOLFSSL_LOCAL int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp,
int* pHash, int* pHashSz); int* pHash, int* pHashSz);
#define EVP_CIPH_STREAM_CIPHER WOLFSSL_EVP_CIPH_STREAM_CIPHER WOLFSSL_API void wolfSSL_EVP_MD_do_all(void (*fn) (const WOLFSSL_EVP_MD *md,
#define EVP_CIPH_ECB_MODE WOLFSSL_EVP_CIPH_ECB_MODE const char* from, const char* to,
#define EVP_CIPH_CBC_MODE WOLFSSL_EVP_CIPH_CBC_MODE void* xx), void* args);
#define EVP_CIPH_CFB_MODE WOLFSSL_EVP_CIPH_CFB_MODE
#define EVP_CIPH_OFB_MODE WOLFSSL_EVP_CIPH_OFB_MODE
#define EVP_CIPH_CTR_MODE WOLFSSL_EVP_CIPH_CTR_MODE
#define EVP_CIPH_GCM_MODE WOLFSSL_EVP_CIPH_GCM_MODE
#define EVP_CIPH_CCM_MODE WOLFSSL_EVP_CIPH_CCM_MODE
#define EVP_CIPH_XTS_MODE WOLFSSL_EVP_CIPH_XTS_MODE
#define EVP_CIPH_FLAG_AEAD_CIPHER WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER #ifdef HAVE_HKDF
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_hkdf_md(WOLFSSL_EVP_PKEY_CTX* ctx,
const WOLFSSL_EVP_MD* md);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt(WOLFSSL_EVP_PKEY_CTX* ctx,
const byte* salt,
int saltSz);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set1_hkdf_key(WOLFSSL_EVP_PKEY_CTX* ctx,
const byte* key, int keySz);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(WOLFSSL_EVP_PKEY_CTX* ctx,
const byte* info,
int infoSz);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_hkdf_mode(WOLFSSL_EVP_PKEY_CTX* ctx,
int mode);
#endif
#define WOLFSSL_EVP_CIPH_MODE 0x0007 #define WOLFSSL_EVP_CIPH_MODE 0x0007
#define WOLFSSL_EVP_CIPH_STREAM_CIPHER 0x0 #define WOLFSSL_EVP_CIPH_STREAM_CIPHER 0x0
@ -712,16 +774,79 @@ WOLFSSL_LOCAL int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp,
#define WOLFSSL_EVP_CIPH_XTS_MODE 0x10 #define WOLFSSL_EVP_CIPH_XTS_MODE 0x10
#define WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER 0x20 #define WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER 0x20
#define WOLFSSL_EVP_CIPH_NO_PADDING 0x100 #define WOLFSSL_EVP_CIPH_NO_PADDING 0x100
#define EVP_CIPH_VARIABLE_LENGTH 0x200 #define WOLFSSL_EVP_CIPH_VARIABLE_LENGTH 0x200
#define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff #define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff
/* end OpenSSH compat */
typedef WOLFSSL_EVP_MD EVP_MD; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_EVP_CIPHER EVP_CIPHER;
typedef WOLFSSL_EVP_MD_CTX EVP_MD_CTX; /* EVP ENGINE API's */
typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, WOLFSSL_ENGINE* e,
typedef WOLFSSL_ASN1_PCTX ASN1_PCTX; const unsigned char* key, int keylen);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_CMAC_key(WOLFSSL_ENGINE* e,
const unsigned char* priv, size_t len,
const WOLFSSL_EVP_CIPHER* cipher);
WOLFSSL_API int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
WOLFSSL_API int wolfSSL_EVP_DigestSignInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out,
unsigned int* outSz, const WOLFSSL_EVP_MD* evp,
WOLFSSL_ENGINE* eng);
WOLFSSL_API int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv,
int enc);
WOLFSSL_API int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e);
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e);
WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
#define EVP_CIPH_STREAM_CIPHER WOLFSSL_EVP_CIPH_STREAM_CIPHER
#define EVP_CIPH_VARIABLE_LENGTH WOLFSSL_EVP_CIPH_VARIABLE_LENGTH
#define EVP_CIPH_ECB_MODE WOLFSSL_EVP_CIPH_ECB_MODE
#define EVP_CIPH_CBC_MODE WOLFSSL_EVP_CIPH_CBC_MODE
#define EVP_CIPH_CFB_MODE WOLFSSL_EVP_CIPH_CFB_MODE
#define EVP_CIPH_OFB_MODE WOLFSSL_EVP_CIPH_OFB_MODE
#define EVP_CIPH_CTR_MODE WOLFSSL_EVP_CIPH_CTR_MODE
#define EVP_CIPH_GCM_MODE WOLFSSL_EVP_CIPH_GCM_MODE
#define EVP_CIPH_CCM_MODE WOLFSSL_EVP_CIPH_CCM_MODE
#define EVP_CIPH_XTS_MODE WOLFSSL_EVP_CIPH_XTS_MODE
#define EVP_CIPH_FLAG_AEAD_CIPHER WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER
#ifndef NO_MD4 #ifndef NO_MD4
#define EVP_md4 wolfSSL_EVP_md4 #define EVP_md4 wolfSSL_EVP_md4
@ -736,7 +861,11 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_sha256 wolfSSL_EVP_sha256 #define EVP_sha256 wolfSSL_EVP_sha256
#define EVP_sha384 wolfSSL_EVP_sha384 #define EVP_sha384 wolfSSL_EVP_sha384
#define EVP_sha512 wolfSSL_EVP_sha512 #define EVP_sha512 wolfSSL_EVP_sha512
#define EVP_sha512_224 wolfSSL_EVP_sha512_224
#define EVP_sha512_256 wolfSSL_EVP_sha512_256
#define EVP_ripemd160 wolfSSL_EVP_ripemd160 #define EVP_ripemd160 wolfSSL_EVP_ripemd160
#define EVP_shake128 wolfSSL_EVP_shake128
#define EVP_shake256 wolfSSL_EVP_shake256
#define EVP_set_pw_prompt wolfSSL_EVP_set_pw_prompt #define EVP_set_pw_prompt wolfSSL_EVP_set_pw_prompt
#define EVP_sha3_224 wolfSSL_EVP_sha3_224 #define EVP_sha3_224 wolfSSL_EVP_sha3_224
@ -756,6 +885,9 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_aes_128_cfb128 wolfSSL_EVP_aes_128_cfb128 #define EVP_aes_128_cfb128 wolfSSL_EVP_aes_128_cfb128
#define EVP_aes_192_cfb128 wolfSSL_EVP_aes_192_cfb128 #define EVP_aes_192_cfb128 wolfSSL_EVP_aes_192_cfb128
#define EVP_aes_256_cfb128 wolfSSL_EVP_aes_256_cfb128 #define EVP_aes_256_cfb128 wolfSSL_EVP_aes_256_cfb128
#define EVP_aes_128_cfb wolfSSL_EVP_aes_128_cfb128
#define EVP_aes_192_cfb wolfSSL_EVP_aes_192_cfb128
#define EVP_aes_256_cfb wolfSSL_EVP_aes_256_cfb128
#define EVP_aes_128_ofb wolfSSL_EVP_aes_128_ofb #define EVP_aes_128_ofb wolfSSL_EVP_aes_128_ofb
#define EVP_aes_192_ofb wolfSSL_EVP_aes_192_ofb #define EVP_aes_192_ofb wolfSSL_EVP_aes_192_ofb
#define EVP_aes_256_ofb wolfSSL_EVP_aes_256_ofb #define EVP_aes_256_ofb wolfSSL_EVP_aes_256_ofb
@ -775,10 +907,12 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_des_ede3_cbc wolfSSL_EVP_des_ede3_cbc #define EVP_des_ede3_cbc wolfSSL_EVP_des_ede3_cbc
#define EVP_des_ede3_ecb wolfSSL_EVP_des_ede3_ecb #define EVP_des_ede3_ecb wolfSSL_EVP_des_ede3_ecb
#define EVP_rc4 wolfSSL_EVP_rc4 #define EVP_rc4 wolfSSL_EVP_rc4
#define EVP_idea_cbc wolfSSL_EVP_idea_cbc #define EVP_chacha20 wolfSSL_EVP_chacha20
#define EVP_chacha20_poly1305 wolfSSL_EVP_chacha20_poly1305
#define EVP_enc_null wolfSSL_EVP_enc_null #define EVP_enc_null wolfSSL_EVP_enc_null
#define EVP_MD_size wolfSSL_EVP_MD_size #define EVP_MD_size wolfSSL_EVP_MD_size
#define EVP_MD_pkey_type wolfSSL_EVP_MD_pkey_type
#define EVP_MD_CTX_new wolfSSL_EVP_MD_CTX_new #define EVP_MD_CTX_new wolfSSL_EVP_MD_CTX_new
#define EVP_MD_CTX_create wolfSSL_EVP_MD_CTX_new #define EVP_MD_CTX_create wolfSSL_EVP_MD_CTX_new
#define EVP_MD_CTX_free wolfSSL_EVP_MD_CTX_free #define EVP_MD_CTX_free wolfSSL_EVP_MD_CTX_free
@ -816,8 +950,10 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_CIPHER_CTX_init wolfSSL_EVP_CIPHER_CTX_init #define EVP_CIPHER_CTX_init wolfSSL_EVP_CIPHER_CTX_init
#define EVP_CIPHER_CTX_cleanup wolfSSL_EVP_CIPHER_CTX_cleanup #define EVP_CIPHER_CTX_cleanup wolfSSL_EVP_CIPHER_CTX_cleanup
#define EVP_CIPHER_CTX_iv_length wolfSSL_EVP_CIPHER_CTX_iv_length #define EVP_CIPHER_CTX_iv_length wolfSSL_EVP_CIPHER_CTX_iv_length
#define EVP_CIPHER_CTX_nid wolfSSL_EVP_CIPHER_CTX_nid
#define EVP_CIPHER_CTX_key_length wolfSSL_EVP_CIPHER_CTX_key_length #define EVP_CIPHER_CTX_key_length wolfSSL_EVP_CIPHER_CTX_key_length
#define EVP_CIPHER_CTX_set_key_length wolfSSL_EVP_CIPHER_CTX_set_key_length #define EVP_CIPHER_CTX_set_key_length wolfSSL_EVP_CIPHER_CTX_set_key_length
#define EVP_CIPHER_CTX_set_iv_length wolfSSL_EVP_CIPHER_CTX_set_iv_length
#define EVP_CIPHER_CTX_mode wolfSSL_EVP_CIPHER_CTX_mode #define EVP_CIPHER_CTX_mode wolfSSL_EVP_CIPHER_CTX_mode
#define EVP_CIPHER_CTX_cipher wolfSSL_EVP_CIPHER_CTX_cipher #define EVP_CIPHER_CTX_cipher wolfSSL_EVP_CIPHER_CTX_cipher
@ -848,8 +984,7 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_get_cipherbynid wolfSSL_EVP_get_cipherbynid #define EVP_get_cipherbynid wolfSSL_EVP_get_cipherbynid
#define EVP_get_digestbynid wolfSSL_EVP_get_digestbynid #define EVP_get_digestbynid wolfSSL_EVP_get_digestbynid
#define EVP_get_cipherbyname wolfSSL_EVP_get_cipherbyname #define EVP_MD_nid wolfSSL_EVP_MD_type
#define EVP_get_digestbyname wolfSSL_EVP_get_digestbyname
#define EVP_PKEY_assign wolfSSL_EVP_PKEY_assign #define EVP_PKEY_assign wolfSSL_EVP_PKEY_assign
#define EVP_PKEY_assign_RSA wolfSSL_EVP_PKEY_assign_RSA #define EVP_PKEY_assign_RSA wolfSSL_EVP_PKEY_assign_RSA
@ -869,16 +1004,24 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_PKEY_get0_EC_KEY wolfSSL_EVP_PKEY_get0_EC_KEY #define EVP_PKEY_get0_EC_KEY wolfSSL_EVP_PKEY_get0_EC_KEY
#define EVP_PKEY_get0_hmac wolfSSL_EVP_PKEY_get0_hmac #define EVP_PKEY_get0_hmac wolfSSL_EVP_PKEY_get0_hmac
#define EVP_PKEY_new_mac_key wolfSSL_EVP_PKEY_new_mac_key #define EVP_PKEY_new_mac_key wolfSSL_EVP_PKEY_new_mac_key
#define EVP_PKEY_new_CMAC_key wolfSSL_EVP_PKEY_new_CMAC_key
#define EVP_MD_CTX_copy wolfSSL_EVP_MD_CTX_copy #define EVP_MD_CTX_copy wolfSSL_EVP_MD_CTX_copy
#define EVP_MD_CTX_copy_ex wolfSSL_EVP_MD_CTX_copy_ex #define EVP_MD_CTX_copy_ex wolfSSL_EVP_MD_CTX_copy_ex
#define EVP_PKEY_sign_init wolfSSL_EVP_PKEY_sign_init #define EVP_PKEY_sign_init wolfSSL_EVP_PKEY_sign_init
#define EVP_PKEY_sign wolfSSL_EVP_PKEY_sign #define EVP_PKEY_sign wolfSSL_EVP_PKEY_sign
#define EVP_PKEY_verify_init wolfSSL_EVP_PKEY_verify_init
#define EVP_PKEY_verify wolfSSL_EVP_PKEY_verify
#define EVP_PKEY_paramgen_init wolfSSL_EVP_PKEY_paramgen_init
#define EVP_PKEY_CTX_set_ec_param_enc wolfSSL_EVP_PKEY_CTX_set_ec_param_enc
#define EVP_PKEY_CTX_set_ec_paramgen_curve_nid wolfSSL_EVP_PKEY_CTX_set_ec_paramgen_curve_nid
#define EVP_PKEY_paramgen wolfSSL_EVP_PKEY_paramgen
#define EVP_PKEY_keygen wolfSSL_EVP_PKEY_keygen #define EVP_PKEY_keygen wolfSSL_EVP_PKEY_keygen
#define EVP_PKEY_keygen_init wolfSSL_EVP_PKEY_keygen_init #define EVP_PKEY_keygen_init wolfSSL_EVP_PKEY_keygen_init
#define EVP_PKEY_bits wolfSSL_EVP_PKEY_bits #define EVP_PKEY_bits wolfSSL_EVP_PKEY_bits
#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free #define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free
#define EVP_PKEY_CTX_new wolfSSL_EVP_PKEY_CTX_new #define EVP_PKEY_CTX_new wolfSSL_EVP_PKEY_CTX_new
#define EVP_PKEY_CTX_set_rsa_padding wolfSSL_EVP_PKEY_CTX_set_rsa_padding #define EVP_PKEY_CTX_set_rsa_padding wolfSSL_EVP_PKEY_CTX_set_rsa_padding
#define EVP_PKEY_CTX_set_signature_md wolfSSL_EVP_PKEY_CTX_set_signature_md
#define EVP_PKEY_CTX_new_id wolfSSL_EVP_PKEY_CTX_new_id #define EVP_PKEY_CTX_new_id wolfSSL_EVP_PKEY_CTX_new_id
#define EVP_PKEY_CTX_set_rsa_keygen_bits wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits #define EVP_PKEY_CTX_set_rsa_keygen_bits wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits
#define EVP_PKEY_derive_init wolfSSL_EVP_PKEY_derive_init #define EVP_PKEY_derive_init wolfSSL_EVP_PKEY_derive_init
@ -900,6 +1043,8 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_PKEY_get_default_digest_nid wolfSSL_EVP_PKEY_get_default_digest_nid #define EVP_PKEY_get_default_digest_nid wolfSSL_EVP_PKEY_get_default_digest_nid
#define EVP_PKEY_id wolfSSL_EVP_PKEY_id #define EVP_PKEY_id wolfSSL_EVP_PKEY_id
#define EVP_PKEY_CTX_ctrl_str wolfSSL_EVP_PKEY_CTX_ctrl_str #define EVP_PKEY_CTX_ctrl_str wolfSSL_EVP_PKEY_CTX_ctrl_str
#define EVP_PKCS82PKEY wolfSSL_EVP_PKCS82PKEY
#define EVP_PKEY2PKCS8 wolfSSL_EVP_PKEY2PKCS8
#define EVP_SignFinal wolfSSL_EVP_SignFinal #define EVP_SignFinal wolfSSL_EVP_SignFinal
#define EVP_SignInit wolfSSL_EVP_SignInit #define EVP_SignInit wolfSSL_EVP_SignInit
#define EVP_SignInit_ex wolfSSL_EVP_SignInit_ex #define EVP_SignInit_ex wolfSSL_EVP_SignInit_ex
@ -917,6 +1062,7 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_CIPHER_CTX_set_padding wolfSSL_EVP_CIPHER_CTX_set_padding #define EVP_CIPHER_CTX_set_padding wolfSSL_EVP_CIPHER_CTX_set_padding
#define EVP_CIPHER_CTX_flags wolfSSL_EVP_CIPHER_CTX_flags #define EVP_CIPHER_CTX_flags wolfSSL_EVP_CIPHER_CTX_flags
#define EVP_CIPHER_CTX_set_iv wolfSSL_EVP_CIPHER_CTX_set_iv #define EVP_CIPHER_CTX_set_iv wolfSSL_EVP_CIPHER_CTX_set_iv
#define EVP_CIPHER_CTX_get_iv wolfSSL_EVP_CIPHER_CTX_get_iv
#define EVP_add_digest wolfSSL_EVP_add_digest #define EVP_add_digest wolfSSL_EVP_add_digest
#define EVP_add_cipher wolfSSL_EVP_add_cipher #define EVP_add_cipher wolfSSL_EVP_add_cipher
#define EVP_cleanup wolfSSL_EVP_cleanup #define EVP_cleanup wolfSSL_EVP_cleanup
@ -941,6 +1087,7 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1 #define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1
#define PKCS5_PBKDF2_HMAC wolfSSL_PKCS5_PBKDF2_HMAC #define PKCS5_PBKDF2_HMAC wolfSSL_PKCS5_PBKDF2_HMAC
#define EVP_PBE_scrypt wolfSSL_EVP_PBE_scrypt
/* OpenSSL compat. ctrl values */ /* OpenSSL compat. ctrl values */
#define EVP_CTRL_INIT 0x0 #define EVP_CTRL_INIT 0x0
@ -1007,6 +1154,8 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_EncodeInit wolfSSL_EVP_EncodeInit #define EVP_EncodeInit wolfSSL_EVP_EncodeInit
#define EVP_EncodeUpdate wolfSSL_EVP_EncodeUpdate #define EVP_EncodeUpdate wolfSSL_EVP_EncodeUpdate
#define EVP_EncodeFinal wolfSSL_EVP_EncodeFinal #define EVP_EncodeFinal wolfSSL_EVP_EncodeFinal
#define EVP_EncodeBlock wolfSSL_EVP_EncodeBlock
#define EVP_DecodeBlock wolfSSL_EVP_DecodeBlock
#endif /* WOLFSSL_BASE64_ENCODE */ #endif /* WOLFSSL_BASE64_ENCODE */
#if defined(WOLFSSL_BASE64_DECODE) #if defined(WOLFSSL_BASE64_DECODE)
#define EVP_DecodeInit wolfSSL_EVP_DecodeInit #define EVP_DecodeInit wolfSSL_EVP_DecodeInit
@ -1016,9 +1165,20 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_blake2b512 wolfSSL_EVP_blake2b512 #define EVP_blake2b512 wolfSSL_EVP_blake2b512
#define EVP_blake2s256 wolfSSL_EVP_blake2s256 #define EVP_blake2s256 wolfSSL_EVP_blake2s256
#define EVP_MD_do_all wolfSSL_EVP_MD_do_all
#ifdef HAVE_HKDF
#define EVP_PKEY_CTX_set_hkdf_md wolfSSL_EVP_PKEY_CTX_set_hkdf_md
#define EVP_PKEY_CTX_set1_hkdf_salt wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt
#define EVP_PKEY_CTX_set1_hkdf_key wolfSSL_EVP_PKEY_CTX_set1_hkdf_key
#define EVP_PKEY_CTX_add1_hkdf_info wolfSSL_EVP_PKEY_CTX_add1_hkdf_info
#define EVP_PKEY_CTX_hkdf_mode wolfSSL_EVP_PKEY_CTX_hkdf_mode
#endif
WOLFSSL_API void printPKEY(WOLFSSL_EVP_PKEY *k); WOLFSSL_API void printPKEY(WOLFSSL_EVP_PKEY *k);
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

View File

@ -1,6 +1,6 @@
/* hmac.h /* hmac.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -21,7 +21,7 @@
/* hmac.h defines mini hamc openssl compatibility layer /* hmac.h defines mini hmac openssl compatibility layer
* *
*/ */
@ -35,16 +35,7 @@
#include "prefix_hmac.h" #include "prefix_hmac.h"
#endif #endif
#include <libs/libwolfssl/wolfcrypt/hmac.h> #include <libs/libwolfssl/openssl/compat_types.h>
typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac;
int type;
word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
} WOLFSSL_HMAC_CTX;
#include <libs/libwolfssl/openssl/evp.h>
#include <libs/libwolfssl/openssl/opensslv.h> #include <libs/libwolfssl/openssl/opensslv.h>
#ifdef __cplusplus #ifdef __cplusplus

View File

@ -1,6 +1,6 @@
/* nrf51.h /* kdf.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -19,26 +19,19 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/ */
#ifndef WOLFSSL_KDF_H_
#ifndef WOLFSSL_NRF51_PORT_H #define WOLFSSL_KDF_H_
#define WOLFSSL_NRF51_PORT_H
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#include <libs/libwolfssl/wolfcrypt/types.h> #define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0
#define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1
/* Public Functions */ #define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2
int nrf51_random_generate(byte* output, word32 sz);
int nrf51_aes_set_key(const byte* key);
int nrf51_aes_encrypt(const byte* in, const byte* key, word32 rounds, byte* out);
double current_time(int reset);
#ifdef __cplusplus #ifdef __cplusplus
} } /* extern "C" */
#endif #endif
#endif /* WOLFSSL_NRF51_PORT_H */ #endif /* WOLFSSL_KDF_H_ */

View File

@ -1,6 +1,6 @@
/* lhash.h /* lhash.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* md4.h /* md4.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -41,9 +41,10 @@ typedef struct WOLFSSL_MD4_CTX {
} WOLFSSL_MD4_CTX; } WOLFSSL_MD4_CTX;
WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX*); WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX* md4);
WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX*, const void*, unsigned long); WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX* md4, const void* data,
WOLFSSL_API void wolfSSL_MD4_Final(unsigned char*, WOLFSSL_MD4_CTX*); unsigned long len);
WOLFSSL_API void wolfSSL_MD4_Final(unsigned char* digest, WOLFSSL_MD4_CTX* md4);
typedef WOLFSSL_MD4_CTX MD4_CTX; typedef WOLFSSL_MD4_CTX MD4_CTX;

View File

@ -1,6 +1,6 @@
/* md5.h /* md5.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -49,10 +49,14 @@ typedef struct WOLFSSL_MD5_CTX {
#endif #endif
} WOLFSSL_MD5_CTX; } WOLFSSL_MD5_CTX;
WOLFSSL_API int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX*); WOLFSSL_API int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX* md5);
WOLFSSL_API int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX*, const void*, unsigned long); WOLFSSL_API int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX* md5, const void* input,
WOLFSSL_API int wolfSSL_MD5_Final(unsigned char*, WOLFSSL_MD5_CTX*); unsigned long sz);
WOLFSSL_API int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX*, const unsigned char*); WOLFSSL_API int wolfSSL_MD5_Final(unsigned char* output, WOLFSSL_MD5_CTX* md5);
WOLFSSL_API int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX* md5, const unsigned char* data);
WOLFSSL_API unsigned char *wolfSSL_MD5(const unsigned char* data, size_t len,
unsigned char* hash);
typedef WOLFSSL_MD5_CTX MD5_CTX; typedef WOLFSSL_MD5_CTX MD5_CTX;
@ -67,11 +71,29 @@ typedef WOLFSSL_MD5_CTX MD5_CTX;
#define MD5Final wolfSSL_MD5_Final #define MD5Final wolfSSL_MD5_Final
#endif #endif
#ifndef MD5 /* "MD5" has some conflicts
#define MD5(d, n, md) wc_Md5Hash((d), (n), (md)) * If not FIPS and NO_OLD_SHA_NAMES defined
* If FIPS V2 or higher and NO_OLD_MD5_NAME defined
* If FIPS V2 and NO_OLD_WC_NAMES defined
* If FIPS v1 not allowed
*/
#if (defined(NO_OLD_MD5_NAME) && !defined(HAVE_FIPS)) || \
(defined(NO_OLD_MD5_NAME) && defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2) || \
(defined(NO_OLD_WC_NAMES) && defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2)
#define MD5 wolfSSL_MD5
#endif #endif
/* FIPS v1 uses old MD5_DIGEST_SIZE naming */
#if (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2)) && \
defined(OPENSSL_EXTRA)
#define MD5_DIGEST_LENGTH WC_MD5_DIGEST_SIZE
#else
#define MD5_DIGEST_LENGTH MD5_DIGEST_SIZE #define MD5_DIGEST_LENGTH MD5_DIGEST_SIZE
#endif
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

View File

@ -1,6 +1,6 @@
/* obj_mac.h /* obj_mac.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* objects.h /* objects.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -24,7 +24,6 @@
#define WOLFSSL_OBJECTS_H_ #define WOLFSSL_OBJECTS_H_
#include <libs/libwolfssl/wolfcrypt/settings.h> #include <libs/libwolfssl/wolfcrypt/settings.h>
//#include <libs/libwolfssl/openssl/ssl.h>
#ifndef OPENSSL_EXTRA_SSL_GUARD #ifndef OPENSSL_EXTRA_SSL_GUARD
#define OPENSSL_EXTRA_SSL_GUARD #define OPENSSL_EXTRA_SSL_GUARD
#include <libs/libwolfssl/ssl.h> #include <libs/libwolfssl/ssl.h>
@ -34,9 +33,21 @@
extern "C" { extern "C" {
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define OBJ_NAME_TYPE_UNDEF WOLFSSL_OBJ_NAME_TYPE_UNDEF
#define OBJ_NAME_TYPE_MD_METH WOLFSSL_OBJ_NAME_TYPE_MD_METH
#define OBJ_NAME_TYPE_CIPHER_METH WOLFSSL_OBJ_NAME_TYPE_CIPHER_METH
#define OBJ_NAME_TYPE_PKEY_METH WOLFSSL_OBJ_NAME_TYPE_PKEY_METH
#define OBJ_NAME_TYPE_COMP_METH WOLFSSL_OBJ_NAME_TYPE_COMP_METH
#define OBJ_NAME_TYPE_NUM WOLFSSL_OBJ_NAME_TYPE_NUM
#define OBJ_NAME_ALIAS WOLFSSL_OBJ_NAME_ALIAS
#define OBJ_nid2sn wolfSSL_OBJ_nid2sn #define OBJ_nid2sn wolfSSL_OBJ_nid2sn
#define OBJ_obj2nid wolfSSL_OBJ_obj2nid #define OBJ_obj2nid wolfSSL_OBJ_obj2nid
#define OBJ_sn2nid wolfSSL_OBJ_sn2nid #define OBJ_sn2nid wolfSSL_OBJ_sn2nid
#define OBJ_length wolfSSL_OBJ_length
#define OBJ_get0_data wolfSSL_OBJ_get0_data
#define OBJ_nid2ln wolfSSL_OBJ_nid2ln #define OBJ_nid2ln wolfSSL_OBJ_nid2ln
#define OBJ_ln2nid wolfSSL_OBJ_ln2nid #define OBJ_ln2nid wolfSSL_OBJ_ln2nid
#define OBJ_txt2nid wolfSSL_OBJ_txt2nid #define OBJ_txt2nid wolfSSL_OBJ_txt2nid
@ -47,6 +58,8 @@
#define OBJ_cmp wolfSSL_OBJ_cmp #define OBJ_cmp wolfSSL_OBJ_cmp
#define OBJ_create wolfSSL_OBJ_create #define OBJ_create wolfSSL_OBJ_create
#define ASN1_OBJECT_free wolfSSL_ASN1_OBJECT_free #define ASN1_OBJECT_free wolfSSL_ASN1_OBJECT_free
#define OBJ_NAME_do_all wolfSSL_OBJ_NAME_do_all
#define i2t_ASN1_OBJECT wolfSSL_i2t_ASN1_OBJECT
/* not required for wolfSSL */ /* not required for wolfSSL */
#define OPENSSL_load_builtin_modules() #define OPENSSL_load_builtin_modules()
@ -55,6 +68,8 @@
#define NID_ad_OCSP 178 #define NID_ad_OCSP 178
#define NID_ad_ca_issuers 179 #define NID_ad_ca_issuers 179
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

View File

@ -1,6 +1,6 @@
/* ocsp.h /* ocsp.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -34,7 +34,7 @@
#define OCSP_CERTID WOLFSSL_OCSP_CERTID #define OCSP_CERTID WOLFSSL_OCSP_CERTID
#define OCSP_ONEREQ WOLFSSL_OCSP_ONEREQ #define OCSP_ONEREQ WOLFSSL_OCSP_ONEREQ
#define OCSP_REVOKED_STATUS_NOSTATUS -1 #define OCSP_REVOKED_STATUS_NOSTATUS (-1)
#define OCSP_RESPONSE_STATUS_SUCCESSFUL 0 #define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
@ -78,6 +78,7 @@
#define i2d_OCSP_REQUEST_bio wolfSSL_i2d_OCSP_REQUEST_bio #define i2d_OCSP_REQUEST_bio wolfSSL_i2d_OCSP_REQUEST_bio
#define i2d_OCSP_CERTID wolfSSL_i2d_OCSP_CERTID #define i2d_OCSP_CERTID wolfSSL_i2d_OCSP_CERTID
#define d2i_OCSP_CERTID wolfSSL_d2i_OCSP_CERTID
#define OCSP_SINGLERESP_get0_id wolfSSL_OCSP_SINGLERESP_get0_id #define OCSP_SINGLERESP_get0_id wolfSSL_OCSP_SINGLERESP_get0_id
#define OCSP_id_cmp wolfSSL_OCSP_id_cmp #define OCSP_id_cmp wolfSSL_OCSP_id_cmp
#define OCSP_single_get0_status wolfSSL_OCSP_single_get0_status #define OCSP_single_get0_status wolfSSL_OCSP_single_get0_status

View File

@ -1,6 +1,6 @@
/* opensslv.h /* opensslv.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -24,20 +24,25 @@
#ifndef WOLFSSL_OPENSSLV_H_ #ifndef WOLFSSL_OPENSSLV_H_
#define WOLFSSL_OPENSSLV_H_ #define WOLFSSL_OPENSSLV_H_
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* api version compatibility */ /* api version compatibility */
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x0090810fL) ||\ #if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x009070dfL) ||\
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x0090810fL) ||\
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10100000L) ||\ defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10100000L) ||\
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10001040L) defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10001040L)
/* valid version */ /* valid version */
#elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST) || defined(WOLFSSL_BIND) #elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST) || \
defined(WOLFSSL_BIND) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_RSYSLOG) || defined(WOLFSSL_KRB) || defined(HAVE_STUNNEL)
/* For Apache httpd, Use 1.1.0 compatibility */ /* For Apache httpd, Use 1.1.0 compatibility */
#define OPENSSL_VERSION_NUMBER 0x10100000L #define OPENSSL_VERSION_NUMBER 0x10100003L
#elif defined(WOLFSSL_QT) #elif defined(WOLFSSL_QT) || defined(WOLFSSL_PYTHON)
/* For Qt and Python 3.8.5 compatibility */
#define OPENSSL_VERSION_NUMBER 0x10101000L #define OPENSSL_VERSION_NUMBER 0x10101000L
#elif defined(WOLFSSL_HAPROXY) #elif defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_FFMPEG)
#define OPENSSL_VERSION_NUMBER 0x1010000fL #define OPENSSL_VERSION_NUMBER 0x1010000fL
#elif defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \ #elif defined(OPENSSL_ALL) || defined(HAVE_LIGHTY) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_OPENSSH) || defined(WOLFSSL_OPENVPN) defined(WOLFSSL_NGINX) || defined(WOLFSSL_OPENSSH) || defined(WOLFSSL_OPENVPN)
/* version number can be increased for Lighty after compatibility for ECDH /* version number can be increased for Lighty after compatibility for ECDH
is added */ is added */
@ -46,7 +51,9 @@
#define OPENSSL_VERSION_NUMBER 0x0090810fL #define OPENSSL_VERSION_NUMBER 0x0090810fL
#endif #endif
#define OPENSSL_VERSION_TEXT LIBWOLFSSL_VERSION_STRING #define OPENSSL_VERSION_TEXT "wolfSSL " LIBWOLFSSL_VERSION_STRING
#define OPENSSL_VERSION 0 #define OPENSSL_VERSION 0
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* header */ #endif /* header */

View File

@ -1,6 +1,6 @@
/* ossl_typ.h /* ossl_typ.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* pem.h /* pem.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -42,14 +42,12 @@
/* RSA */ /* RSA */
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
const EVP_CIPHER* cipher, const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,
pem_password_cb* cb, void* arg); wc_pem_password_cb* cb, void* arg);
WOLFSSL_API WOLFSSL_API
WOLFSSL_RSA* wolfSSL_PEM_read_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* wolfSSL_PEM_read_bio_RSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_RSA**, WOLFSSL_RSA** rsa, wc_pem_password_cb* cb, void* pass);
pem_password_cb* cb,
void* arg);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_bio_RSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa); int wolfSSL_PEM_write_bio_RSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa);
@ -57,64 +55,77 @@ int wolfSSL_PEM_write_bio_RSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa);
WOLFSSL_API WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_bio_RSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_RSA *wolfSSL_PEM_read_bio_RSA_PUBKEY(WOLFSSL_BIO* bio,
WOLFSSL_RSA** rsa, WOLFSSL_RSA** rsa,
pem_password_cb* cb, void *u); wc_pem_password_cb* cb, void *u);
WOLFSSL_API WOLFSSL_API
WOLFSSL_EC_GROUP* wolfSSL_PEM_read_bio_ECPKParameters(WOLFSSL_BIO* bio, WOLFSSL_EC_GROUP* wolfSSL_PEM_read_bio_ECPKParameters(WOLFSSL_BIO* bio,
WOLFSSL_EC_GROUP** group, WOLFSSL_EC_GROUP** group,
pem_password_cb* cb, wc_pem_password_cb* cb,
void* pass); void* pass);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher, int wolfSSL_PEM_write_mem_RSAPrivateKey(WOLFSSL_RSA* rsa,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,
unsigned char **pem, int *plen); unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM) #if !defined(NO_FILESYSTEM)
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa, int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa,
const EVP_CIPHER *enc, const WOLFSSL_EVP_CIPHER *enc,
unsigned char *kstr, int klen, unsigned char *kstr, int klen,
pem_password_cb *cb, void *u); wc_pem_password_cb *cb, void *u);
WOLFSSL_API
WOLFSSL_RSA* wolfSSL_PEM_read_RSAPrivateKey(XFILE fp, WOLFSSL_RSA** rsa,
wc_pem_password_cb* cb, void* pass);
WOLFSSL_API WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(XFILE fp, WOLFSSL_RSA **x, WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(XFILE fp, WOLFSSL_RSA **x,
pem_password_cb *cb, void *u); wc_pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_RSAPublicKey(XFILE fp, WOLFSSL_RSA *x); int wolfSSL_PEM_write_RSAPublicKey(XFILE fp, WOLFSSL_RSA* key);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_RSA_PUBKEY(XFILE fp, WOLFSSL_RSA *x); int wolfSSL_PEM_write_RSA_PUBKEY(XFILE fp, WOLFSSL_RSA *x);
WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_RSA_PUBKEY(XFILE fp, WOLFSSL_RSA** rsa,
wc_pem_password_cb* cb, void *pass);
#endif /* NO_FILESYSTEM */ #endif /* NO_FILESYSTEM */
/* DSA */ /* DSA */
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_DSA* dsa, WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher, const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,
pem_password_cb* cb, void* arg); wc_pem_password_cb* cb, void* arg);
WOLFSSL_API WOLFSSL_API
WOLFSSL_DSA* wolfSSL_PEM_read_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* wolfSSL_PEM_read_bio_DSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_DSA** dsa, WOLFSSL_DSA** dsa,
pem_password_cb* cb,void *pass); wc_pem_password_cb* cb,
void *pass);
WOLFSSL_API WOLFSSL_API
WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSA_PUBKEY(WOLFSSL_BIO* bio,WOLFSSL_DSA** dsa, WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSA_PUBKEY(WOLFSSL_BIO* bio,
pem_password_cb* cb, void *pass); WOLFSSL_DSA** dsa,
wc_pem_password_cb* cb,
void *pass);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_bio_DSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa); int wolfSSL_PEM_write_bio_DSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa, int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher, const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,
unsigned char **pem, int *plen); unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM) #if !defined(NO_FILESYSTEM)
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_DSAPrivateKey(XFILE fp, WOLFSSL_DSA *dsa, int wolfSSL_PEM_write_DSAPrivateKey(XFILE fp, WOLFSSL_DSA *dsa,
const EVP_CIPHER *enc, const WOLFSSL_EVP_CIPHER *enc,
unsigned char *kstr, int klen, unsigned char *kstr, int klen,
pem_password_cb *cb, void *u); wc_pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x); int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x);
#endif /* NO_FILESYSTEM */ #endif /* NO_FILESYSTEM */
@ -122,52 +133,54 @@ int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x);
/* ECC */ /* ECC */
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec, int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
const EVP_CIPHER* cipher, const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,
pem_password_cb* cb, void* arg); wc_pem_password_cb* cb, void* arg);
WOLFSSL_API WOLFSSL_API
WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_ECPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EC_KEY** ec, WOLFSSL_EC_KEY** ec,
pem_password_cb* cb, wc_pem_password_cb* cb,
void *pass); void *pass);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_bio_EC_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec); int wolfSSL_PEM_write_bio_EC_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* key, int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* key,
const EVP_CIPHER* cipher, const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,
unsigned char **pem, int *plen); unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM) #if !defined(NO_FILESYSTEM)
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *key, int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *key,
const EVP_CIPHER *enc, const WOLFSSL_EVP_CIPHER *enc,
unsigned char *kstr, int klen, unsigned char *kstr, int klen,
pem_password_cb *cb, void *u); wc_pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY* key); int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY* key);
WOLFSSL_API WOLFSSL_API
WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_EC_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_EC_PUBKEY(WOLFSSL_BIO* bio,
WOLFSSL_EC_KEY** ec, WOLFSSL_EC_KEY** ec,
pem_password_cb* cb, void *pass); wc_pem_password_cb* cb,
void *pass);
#endif /* NO_FILESYSTEM */ #endif /* NO_FILESYSTEM */
/* EVP_KEY */ /* EVP_KEY */
WOLFSSL_API WOLFSSL_API
WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY**, WOLFSSL_EVP_PKEY** key,
pem_password_cb* cb, wc_pem_password_cb* cb,
void* arg); void* pass);
WOLFSSL_API WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_bio_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_bio_PUBKEY(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY **key, WOLFSSL_EVP_PKEY **key,
pem_password_cb *cb, void *pass); wc_pem_password_cb *cb,
void *pass);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key, int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key,
const WOLFSSL_EVP_CIPHER* cipher, const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,
pem_password_cb* cb, void* arg); wc_pem_password_cb* cb, void* arg);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_bio_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key); int wolfSSL_PEM_write_bio_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key);
@ -190,14 +203,14 @@ int wolfSSL_PEM_write(XFILE fp, const char *name, const char *header,
#if !defined(NO_FILESYSTEM) #if !defined(NO_FILESYSTEM)
WOLFSSL_API WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x, WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, WOLFSSL_EVP_PKEY **x,
pem_password_cb *cb, void *u); wc_pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_API
WOLFSSL_X509 *wolfSSL_PEM_read_X509(XFILE fp, WOLFSSL_X509 **x, WOLFSSL_X509 *wolfSSL_PEM_read_X509(XFILE fp, WOLFSSL_X509 **x,
pem_password_cb *cb, void *u); wc_pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey(XFILE fp, WOLFSSL_EVP_PKEY **x, WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey(XFILE fp, WOLFSSL_EVP_PKEY **x,
pem_password_cb *cb, void *u); wc_pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509 *x); int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509 *x);
@ -215,17 +228,21 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh);
#define PEM_write_X509 wolfSSL_PEM_write_X509 #define PEM_write_X509 wolfSSL_PEM_write_X509
#define PEM_write_bio_PrivateKey wolfSSL_PEM_write_bio_PrivateKey #define PEM_write_bio_PrivateKey wolfSSL_PEM_write_bio_PrivateKey
#define PEM_write_bio_PKCS8PrivateKey wolfSSL_PEM_write_bio_PKCS8PrivateKey #define PEM_write_bio_PKCS8PrivateKey wolfSSL_PEM_write_bio_PKCS8PrivateKey
#define PEM_write_PKCS8PrivateKey wolfSSL_PEM_write_PKCS8PrivateKey
/* DH */ /* DH */
#define PEM_write_DHparams wolfSSL_PEM_write_DHparams #define PEM_write_DHparams wolfSSL_PEM_write_DHparams
/* RSA */ /* RSA */
#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey #define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
#define PEM_read_bio_RSAPrivateKey wolfSSL_PEM_read_bio_RSAPrivateKey #define PEM_read_bio_RSAPrivateKey wolfSSL_PEM_read_bio_RSAPrivateKey
#define PEM_read_RSAPrivateKey wolfSSL_PEM_read_RSAPrivateKey
#define PEM_write_bio_RSA_PUBKEY wolfSSL_PEM_write_bio_RSA_PUBKEY #define PEM_write_bio_RSA_PUBKEY wolfSSL_PEM_write_bio_RSA_PUBKEY
#define PEM_read_bio_RSA_PUBKEY wolfSSL_PEM_read_bio_RSA_PUBKEY #define PEM_read_bio_RSA_PUBKEY wolfSSL_PEM_read_bio_RSA_PUBKEY
#define PEM_read_bio_RSAPublicKey wolfSSL_PEM_read_bio_RSA_PUBKEY
#define PEM_read_bio_ECPKParameters wolfSSL_PEM_read_bio_ECPKParameters #define PEM_read_bio_ECPKParameters wolfSSL_PEM_read_bio_ECPKParameters
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey #define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY #define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
#define PEM_read_RSA_PUBKEY wolfSSL_PEM_read_RSA_PUBKEY
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey #define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey #define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
/* DSA */ /* DSA */

View File

@ -1,6 +1,6 @@
/* pkcs12.h /* pkcs12.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* pkcs7.h /* pkcs7.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -34,14 +34,21 @@
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7)
#define PKCS7_TEXT 0x1
#define PKCS7_NOCERTS 0x2
#define PKCS7_DETACHED 0x40
#define PKCS7_BINARY 0x80
#define PKCS7_NOINTERN 0x0010 #define PKCS7_NOINTERN 0x0010
#define PKCS7_NOVERIFY 0x0020 #define PKCS7_NOVERIFY 0x0020
#define PKCS7_STREAM 0x1000
#define PKCS7_PARTIAL 0x4000
typedef struct WOLFSSL_PKCS7 typedef struct WOLFSSL_PKCS7
{ {
PKCS7 pkcs7; PKCS7 pkcs7;
unsigned char* data; unsigned char* data;
int len; int len;
int type; /* from PKCS7_TYPES, for PKCS7_final() */
WOLFSSL_STACK* certs; WOLFSSL_STACK* certs;
} WOLFSSL_PKCS7; } WOLFSSL_PKCS7;
@ -56,8 +63,12 @@ WOLFSSL_LOCAL PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in,
int len, byte* content, word32 contentSz); int len, byte* content, word32 contentSz);
WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7); WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7);
WOLFSSL_API int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7); WOLFSSL_API int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7);
WOLFSSL_API int wolfSSL_i2d_PKCS7(PKCS7 *p7, unsigned char **out);
WOLFSSL_API PKCS7* wolfSSL_PKCS7_sign(WOLFSSL_X509* signer,
WOLFSSL_EVP_PKEY* pkey, WOLFSSL_STACK* certs, WOLFSSL_BIO* in, int flags);
WOLFSSL_API int wolfSSL_PKCS7_verify(PKCS7* p7, WOLFSSL_STACK* certs, WOLFSSL_API int wolfSSL_PKCS7_verify(PKCS7* p7, WOLFSSL_STACK* certs,
WOLFSSL_X509_STORE* store, WOLFSSL_BIO* in, WOLFSSL_BIO* out, int flags); WOLFSSL_X509_STORE* store, WOLFSSL_BIO* in, WOLFSSL_BIO* out, int flags);
WOLFSSL_API int wolfSSL_PKCS7_final(PKCS7* pkcs7, WOLFSSL_BIO* in, int flags);
WOLFSSL_API int wolfSSL_PKCS7_encode_certs(PKCS7* p7, WOLFSSL_STACK* certs, WOLFSSL_API int wolfSSL_PKCS7_encode_certs(PKCS7* p7, WOLFSSL_STACK* certs,
WOLFSSL_BIO* out); WOLFSSL_BIO* out);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7); WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7);
@ -66,6 +77,8 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* p7,
WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7); WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7);
#if defined(HAVE_SMIME) #if defined(HAVE_SMIME)
WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in, WOLFSSL_BIO** bcont); WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in, WOLFSSL_BIO** bcont);
WOLFSSL_API int wolfSSL_SMIME_write_PKCS7(WOLFSSL_BIO* out, PKCS7* pkcs7,
WOLFSSL_BIO* in, int flags);
#endif /* HAVE_SMIME */ #endif /* HAVE_SMIME */
@ -76,11 +89,15 @@ WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in, WOLFSSL_BIO** bcont
#define d2i_PKCS7 wolfSSL_d2i_PKCS7 #define d2i_PKCS7 wolfSSL_d2i_PKCS7
#define d2i_PKCS7_bio wolfSSL_d2i_PKCS7_bio #define d2i_PKCS7_bio wolfSSL_d2i_PKCS7_bio
#define i2d_PKCS7_bio wolfSSL_i2d_PKCS7_bio #define i2d_PKCS7_bio wolfSSL_i2d_PKCS7_bio
#define i2d_PKCS7 wolfSSL_i2d_PKCS7
#define PKCS7_sign wolfSSL_PKCS7_sign
#define PKCS7_verify wolfSSL_PKCS7_verify #define PKCS7_verify wolfSSL_PKCS7_verify
#define PKCS7_final wolfSSL_PKCS7_final
#define PKCS7_get0_signers wolfSSL_PKCS7_get0_signers #define PKCS7_get0_signers wolfSSL_PKCS7_get0_signers
#define PEM_write_bio_PKCS7 wolfSSL_PEM_write_bio_PKCS7 #define PEM_write_bio_PKCS7 wolfSSL_PEM_write_bio_PKCS7
#if defined(HAVE_SMIME) #if defined(HAVE_SMIME)
#define SMIME_read_PKCS7 wolfSSL_SMIME_read_PKCS7 #define SMIME_read_PKCS7 wolfSSL_SMIME_read_PKCS7
#define SMIME_write_PKCS7 wolfSSL_SMIME_write_PKCS7
#endif /* HAVE_SMIME */ #endif /* HAVE_SMIME */
#endif /* OPENSSL_ALL && HAVE_PKCS7 */ #endif /* OPENSSL_ALL && HAVE_PKCS7 */

View File

@ -1,6 +1,6 @@
/* rand.h /* rand.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* rc4.h /* rc4.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* ripemd.h /* ripemd.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* rsa.h /* rsa.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -33,6 +33,7 @@
extern "C" { extern "C" {
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* Padding types */ /* Padding types */
#define RSA_PKCS1_PADDING 0 #define RSA_PKCS1_PADDING 0
#define RSA_PKCS1_OAEP_PADDING 1 #define RSA_PKCS1_OAEP_PADDING 1
@ -50,92 +51,103 @@
#define RSA_FLAG_NO_CONSTTIME (1 << 8) #define RSA_FLAG_NO_CONSTTIME (1 << 8)
/* Salt length same as digest length */ /* Salt length same as digest length */
#define RSA_PSS_SALTLEN_DIGEST -1 #define RSA_PSS_SALTLEN_DIGEST (-1)
/* Old max salt length */ /* Old max salt length */
#define RSA_PSS_SALTLEN_MAX_SIGN -2 #define RSA_PSS_SALTLEN_MAX_SIGN (-2)
/* Max salt length */ /* Max salt length */
#define RSA_PSS_SALTLEN_MAX -3 #define RSA_PSS_SALTLEN_MAX (-3)
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
typedef struct WOLFSSL_RSA_METHOD { typedef struct WOLFSSL_RSA_METHOD {
/* Flags of RSA key implementation. */
int flags; int flags;
/* Name of RSA key implementation. */
char *name; char *name;
/* RSA method dynamically allocated. */
word16 dynamic:1;
} WOLFSSL_RSA_METHOD; } WOLFSSL_RSA_METHOD;
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */ #ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
#define WOLFSSL_RSA_TYPE_DEFINED #define WOLFSSL_RSA_TYPE_DEFINED
/* RSA key compatable with OpenSSL. */
typedef struct WOLFSSL_RSA { typedef struct WOLFSSL_RSA {
#ifdef WC_RSA_BLINDING WOLFSSL_BIGNUM* n; /* Modulus. */
WC_RNG* rng; /* for PrivateDecrypt blinding */ WOLFSSL_BIGNUM* e; /* Public exponent. */
#endif WOLFSSL_BIGNUM* d; /* Private exponent. */
WOLFSSL_BIGNUM* n; WOLFSSL_BIGNUM* p; /* First prime. */
WOLFSSL_BIGNUM* e; WOLFSSL_BIGNUM* q; /* Second prime. */
WOLFSSL_BIGNUM* d; WOLFSSL_BIGNUM* dmp1; /* dP = d mod (p - 1) */
WOLFSSL_BIGNUM* p; WOLFSSL_BIGNUM* dmq1; /* dQ = d mod (q - 1) */
WOLFSSL_BIGNUM* q; WOLFSSL_BIGNUM* iqmp; /* u = (1 / q) mod p */
WOLFSSL_BIGNUM* dmp1; /* dP */ void* heap; /* Heap used for memory allocations. */
WOLFSSL_BIGNUM* dmq1; /* dQ */ void* internal; /* wolfCrypt RSA key. */
WOLFSSL_BIGNUM* iqmp; /* u */
void* heap;
void* internal; /* our RSA */
#if defined(OPENSSL_EXTRA) #if defined(OPENSSL_EXTRA)
WOLFSSL_RSA_METHOD* meth; const WOLFSSL_RSA_METHOD* meth; /* RSA method. */
#endif #endif
#if defined(HAVE_EX_DATA) #ifdef HAVE_EX_DATA
WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data */ WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data */
#endif #endif
#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_EXTRA) wolfSSL_Ref ref; /* Reference count information. */
wolfSSL_Mutex refMutex; /* ref count mutex */ word16 pkcs8HeaderSz; /* Size of PKCS#8 header from decode. */
int refCount; /* reference count */ int flags; /* Flags of implementation. */
#endif
word16 pkcs8HeaderSz;
/* bits */ /* bits */
byte inSet:1; /* internal set from external ? */ byte inSet:1; /* Internal set from external. */
byte exSet:1; /* external set from internal ? */ byte exSet:1; /* External set from internal. */
byte ownRng:1; /* flag for if the rng should be free'd */ byte ownRng:1; /* Rng needs to be free'd. */
} WOLFSSL_RSA; } WOLFSSL_RSA;
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_RSA RSA; typedef WOLFSSL_RSA RSA;
typedef WOLFSSL_RSA_METHOD RSA_METHOD; typedef WOLFSSL_RSA_METHOD RSA_METHOD;
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new_ex(void* heap, int devId);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new(void); WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new(void);
WOLFSSL_API void wolfSSL_RSA_free(WOLFSSL_RSA*); WOLFSSL_API void wolfSSL_RSA_free(WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA*, int bits, WOLFSSL_BIGNUM*, WOLFSSL_API int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits,
void* cb); WOLFSSL_BIGNUM* bn, void* cb);
WOLFSSL_API int wolfSSL_RSA_blinding_on(WOLFSSL_RSA*, WOLFSSL_BN_CTX*); WOLFSSL_API int wolfSSL_RSA_blinding_on(WOLFSSL_RSA* rsa, WOLFSSL_BN_CTX* bn);
WOLFSSL_API int wolfSSL_RSA_check_key(const WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_public_encrypt(int len, const unsigned char* fr, WOLFSSL_API int wolfSSL_RSA_public_encrypt(int len, const unsigned char* fr,
unsigned char* to, WOLFSSL_RSA*, int padding); unsigned char* to, WOLFSSL_RSA* rsa,
int padding);
WOLFSSL_API int wolfSSL_RSA_private_decrypt(int len, const unsigned char* fr, WOLFSSL_API int wolfSSL_RSA_private_decrypt(int len, const unsigned char* fr,
unsigned char* to, WOLFSSL_RSA*, int padding); unsigned char* to, WOLFSSL_RSA* rsa,
int padding);
WOLFSSL_API int wolfSSL_RSA_private_encrypt(int len, const unsigned char* in, WOLFSSL_API int wolfSSL_RSA_private_encrypt(int len, const unsigned char* in,
unsigned char* out, WOLFSSL_RSA* rsa, int padding); unsigned char* out, WOLFSSL_RSA* rsa, int padding);
WOLFSSL_API int wolfSSL_RSA_size(const WOLFSSL_RSA*); WOLFSSL_API int wolfSSL_RSA_size(const WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_bits(const WOLFSSL_RSA*); WOLFSSL_API int wolfSSL_RSA_bits(const WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_sign(int type, const unsigned char* m, WOLFSSL_API int wolfSSL_RSA_sign(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet, unsigned int mLen, unsigned char* sigRet,
unsigned int* sigLen, WOLFSSL_RSA*); unsigned int* sigLen, WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_sign_ex(int type, const unsigned char* m, WOLFSSL_API int wolfSSL_RSA_sign_ex(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet, unsigned int mLen, unsigned char* sigRet,
unsigned int* sigLen, WOLFSSL_RSA*, int); unsigned int* sigLen, WOLFSSL_RSA* rsa,
int flag);
WOLFSSL_API int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m, WOLFSSL_API int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet, unsigned int mLen, unsigned char* sigRet,
unsigned int* sigLen, WOLFSSL_RSA*, int, int); unsigned int* sigLen, WOLFSSL_RSA* rsa, int flag,
int padding);
WOLFSSL_API int wolfSSL_RSA_verify(int type, const unsigned char* m, WOLFSSL_API int wolfSSL_RSA_verify(int type, const unsigned char* m,
unsigned int mLen, const unsigned char* sig, unsigned int mLen, const unsigned char* sig,
unsigned int sigLen, WOLFSSL_RSA*); unsigned int sigLen, WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_verify_ex(int type, const unsigned char* m, WOLFSSL_API int wolfSSL_RSA_verify_ex(int type, const unsigned char* m,
unsigned int mLen, const unsigned char* sig, unsigned int mLen, const unsigned char* sig,
unsigned int sigLen, WOLFSSL_RSA* rsa, unsigned int sigLen, WOLFSSL_RSA* rsa,
int padding); int padding);
WOLFSSL_API int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from, WOLFSSL_API int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from,
unsigned char* to, WOLFSSL_RSA*, int padding); unsigned char* to, WOLFSSL_RSA* rsa, int padding);
WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA*); WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_LoadDer(WOLFSSL_RSA*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_RSA_LoadDer(WOLFSSL_RSA* rsa,
WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int sz, int opt); const unsigned char* derBuf, int derSz);
WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA* rsa,
const unsigned char* derBuf, int derSz, int opt);
WOLFSSL_API WOLFSSL_RSA_METHOD *wolfSSL_RSA_meth_new(const char *name, int flags); WOLFSSL_API WOLFSSL_RSA_METHOD *wolfSSL_RSA_meth_new(const char *name, int flags);
WOLFSSL_API void wolfSSL_RSA_meth_free(WOLFSSL_RSA_METHOD *meth); WOLFSSL_API void wolfSSL_RSA_meth_free(WOLFSSL_RSA_METHOD *meth);
@ -174,6 +186,7 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup(
wolfSSL_ex_data_cleanup_routine_t cleanup_routine); wolfSSL_ex_data_cleanup_routine_t cleanup_routine);
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define WOLFSSL_RSA_LOAD_PRIVATE 1 #define WOLFSSL_RSA_LOAD_PRIVATE 1
#define WOLFSSL_RSA_LOAD_PUBLIC 2 #define WOLFSSL_RSA_LOAD_PUBLIC 2
#define WOLFSSL_RSA_F4 0x10001L #define WOLFSSL_RSA_F4 0x10001L
@ -184,6 +197,7 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup(
#define RSA_generate_key_ex wolfSSL_RSA_generate_key_ex #define RSA_generate_key_ex wolfSSL_RSA_generate_key_ex
#define RSA_blinding_on wolfSSL_RSA_blinding_on #define RSA_blinding_on wolfSSL_RSA_blinding_on
#define RSA_check_key wolfSSL_RSA_check_key
#define RSA_public_encrypt wolfSSL_RSA_public_encrypt #define RSA_public_encrypt wolfSSL_RSA_public_encrypt
#define RSA_private_decrypt wolfSSL_RSA_private_decrypt #define RSA_private_decrypt wolfSSL_RSA_private_decrypt
#define RSA_private_encrypt wolfSSL_RSA_private_encrypt #define RSA_private_encrypt wolfSSL_RSA_private_encrypt
@ -224,6 +238,8 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup(
#define RSA_F4 WOLFSSL_RSA_F4 #define RSA_F4 WOLFSSL_RSA_F4
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

View File

@ -1,6 +1,6 @@
/* sha.h /* sha.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -36,35 +36,40 @@
extern "C" { extern "C" {
#endif #endif
#ifndef NO_SHA
typedef struct WOLFSSL_SHA_CTX { typedef struct WOLFSSL_SHA_CTX {
/* big enough to hold wolfcrypt Sha, but check on init */ /* big enough to hold wolfcrypt Sha, but check on init */
#if defined(STM32_HASH) #if defined(STM32_HASH)
void* holder[(112 + WC_ASYNC_DEV_SIZE + sizeof(STM32_HASH_Context)) / sizeof(void*)]; void* holder[(112 + WC_ASYNC_DEV_SIZE + sizeof(STM32_HASH_Context)) / sizeof(void*)];
#else #else
void* holder[(112 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; void* holder[(112 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
#endif
#if defined(WOLFSSL_DEVCRYPTO_HASH) || defined(WOLFSSL_HASH_KEEP)
void* keephash_holder[sizeof(void*) + (2 * sizeof(unsigned int))];
#endif #endif
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_CRYPTO_CB
void* cryptocb_holder[(sizeof(int) + sizeof(void*) + 4) / sizeof(void*)]; void* cryptocb_holder[(sizeof(int) + sizeof(void*) + 4) / sizeof(void*)];
#endif #endif
} WOLFSSL_SHA_CTX; } WOLFSSL_SHA_CTX;
WOLFSSL_API int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX*); WOLFSSL_API int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX* sha);
WOLFSSL_API int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long); WOLFSSL_API int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX* sha, const void* input,
WOLFSSL_API int wolfSSL_SHA_Final(unsigned char*, WOLFSSL_SHA_CTX*); unsigned long sz);
WOLFSSL_API int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX*, WOLFSSL_API int wolfSSL_SHA_Final(byte* input, WOLFSSL_SHA_CTX* sha);
WOLFSSL_API int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX* sha,
const unsigned char* data); const unsigned char* data);
/* SHA1 points to above, shouldn't use SHA0 ever */ /* SHA1 points to above, shouldn't use SHA0 ever */
WOLFSSL_API int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX*); WOLFSSL_API int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX* sha);
WOLFSSL_API int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long); WOLFSSL_API int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX* sha, const void* input,
WOLFSSL_API int wolfSSL_SHA1_Final(unsigned char*, WOLFSSL_SHA_CTX*); unsigned long sz);
WOLFSSL_API int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX*, WOLFSSL_API int wolfSSL_SHA1_Final(byte* output, WOLFSSL_SHA_CTX* sha);
WOLFSSL_API int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX* sha,
const unsigned char *data); const unsigned char *data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum { enum {
SHA_DIGEST_LENGTH = 20 SHA_DIGEST_LENGTH = 20
}; };
typedef WOLFSSL_SHA_CTX SHA_CTX; typedef WOLFSSL_SHA_CTX SHA_CTX;
#define SHA_Init wolfSSL_SHA_Init #define SHA_Init wolfSSL_SHA_Init
@ -85,6 +90,16 @@ typedef WOLFSSL_SHA_CTX SHA_CTX;
#define SHA1_Final wolfSSL_SHA1_Final #define SHA1_Final wolfSSL_SHA1_Final
#define SHA1_Transform wolfSSL_SHA1_Transform #define SHA1_Transform wolfSSL_SHA1_Transform
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !NO_SHA */
/* adder for HW crypto */
#ifdef STM32_HASH
#define CTX_SHA2_HW_ADDER 34
#else
#define CTX_SHA2_HW_ADDER 0
#endif
#ifdef WOLFSSL_SHA224 #ifdef WOLFSSL_SHA224
/* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha256 /* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha256
@ -92,19 +107,19 @@ typedef WOLFSSL_SHA_CTX SHA_CTX;
* to Sha224, is expected to also be 16 byte aligned addresses. */ * to Sha224, is expected to also be 16 byte aligned addresses. */
typedef struct WOLFSSL_SHA224_CTX { typedef struct WOLFSSL_SHA224_CTX {
/* big enough to hold wolfcrypt Sha224, but check on init */ /* big enough to hold wolfcrypt Sha224, but check on init */
ALIGN16 void* holder[(272 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; ALIGN16 void* holder[(274 + CTX_SHA2_HW_ADDER + WC_ASYNC_DEV_SIZE) /
sizeof(void*)];
} WOLFSSL_SHA224_CTX; } WOLFSSL_SHA224_CTX;
WOLFSSL_API int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX*); WOLFSSL_API int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX* sha);
WOLFSSL_API int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX*, const void*, WOLFSSL_API int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX* sha, const void* input,
unsigned long); unsigned long sz);
WOLFSSL_API int wolfSSL_SHA224_Final(unsigned char*, WOLFSSL_SHA224_CTX*); WOLFSSL_API int wolfSSL_SHA224_Final(byte* output, WOLFSSL_SHA224_CTX* sha);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum { enum {
SHA224_DIGEST_LENGTH = 28 SHA224_DIGEST_LENGTH = 28
}; };
typedef WOLFSSL_SHA224_CTX SHA224_CTX; typedef WOLFSSL_SHA224_CTX SHA224_CTX;
#define SHA224_Init wolfSSL_SHA224_Init #define SHA224_Init wolfSSL_SHA224_Init
@ -117,29 +132,30 @@ typedef WOLFSSL_SHA224_CTX SHA224_CTX;
* because of SHA224 enum in FIPS build. */ * because of SHA224 enum in FIPS build. */
#define SHA224 wolfSSL_SHA224 #define SHA224 wolfSSL_SHA224
#endif #endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* WOLFSSL_SHA224 */ #endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
/* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha256 /* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha256
* struct are 16 byte aligned. Any dereference to those elements after casting * struct are 16 byte aligned. Any dereference to those elements after casting
* to Sha256, is expected to also be 16 byte aligned addresses. */ * to Sha256, is expected to also be 16 byte aligned addresses. */
typedef struct WOLFSSL_SHA256_CTX { typedef struct WOLFSSL_SHA256_CTX {
/* big enough to hold wolfcrypt Sha256, but check on init */ /* big enough to hold wolfcrypt Sha256, but check on init */
ALIGN16 void* holder[(272 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; ALIGN16 void* holder[(274 + CTX_SHA2_HW_ADDER + WC_ASYNC_DEV_SIZE) /
sizeof(void*)];
} WOLFSSL_SHA256_CTX; } WOLFSSL_SHA256_CTX;
WOLFSSL_API int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX*); WOLFSSL_API int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX* sha256);
WOLFSSL_API int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX*, const void*, WOLFSSL_API int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX* sha, const void* input,
unsigned long); unsigned long sz);
WOLFSSL_API int wolfSSL_SHA256_Final(unsigned char*, WOLFSSL_SHA256_CTX*); WOLFSSL_API int wolfSSL_SHA256_Final(byte* output, WOLFSSL_SHA256_CTX* sha);
WOLFSSL_API int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX*, WOLFSSL_API int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256,
const unsigned char *data); const unsigned char *data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum { enum {
SHA256_DIGEST_LENGTH = 32 SHA256_DIGEST_LENGTH = 32
}; };
typedef WOLFSSL_SHA256_CTX SHA256_CTX; typedef WOLFSSL_SHA256_CTX SHA256_CTX;
#define SHA256_Init wolfSSL_SHA256_Init #define SHA256_Init wolfSSL_SHA256_Init
@ -147,30 +163,40 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX;
#define SHA256_Final wolfSSL_SHA256_Final #define SHA256_Final wolfSSL_SHA256_Final
#define SHA256_Transform wolfSSL_SHA256_Transform #define SHA256_Transform wolfSSL_SHA256_Transform
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) /* "SHA256" has some conflicts
/* SHA256 is only available in non-fips mode because of SHA256 enum in FIPS * If not FIPS and NO_OLD_SHA_NAMES defined
* build. */ * If FIPS V3 or higher and NO_OLD_SHA_NAMES defined
* If FIPS V2 and NO_OLD_SHA256_NAMES defined
* If FIPS v1 not allowed
* If HAVE_SELFTEST not allowed
*/
#if !defined(HAVE_SELFTEST) && \
(defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS)) || \
(defined(NO_OLD_SHA_NAMES) && defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 3) || \
(defined(NO_OLD_SHA256_NAMES) && defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2)
#define SHA256 wolfSSL_SHA256 #define SHA256 wolfSSL_SHA256
#endif #endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
typedef struct WOLFSSL_SHA384_CTX { typedef struct WOLFSSL_SHA384_CTX {
/* big enough to hold wolfCrypt Sha384, but check on init */ /* big enough to hold wolfCrypt Sha384, but check on init */
void* holder[(268 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; void* holder[(268 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
} WOLFSSL_SHA384_CTX; } WOLFSSL_SHA384_CTX;
WOLFSSL_API int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX*); WOLFSSL_API int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX* sha);
WOLFSSL_API int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX*, const void*, WOLFSSL_API int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX* sha, const void* input,
unsigned long); unsigned long sz);
WOLFSSL_API int wolfSSL_SHA384_Final(unsigned char*, WOLFSSL_SHA384_CTX*); WOLFSSL_API int wolfSSL_SHA384_Final(byte* output, WOLFSSL_SHA384_CTX* sha);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum { enum {
SHA384_DIGEST_LENGTH = 48 SHA384_DIGEST_LENGTH = 48
}; };
typedef WOLFSSL_SHA384_CTX SHA384_CTX; typedef WOLFSSL_SHA384_CTX SHA384_CTX;
#define SHA384_Init wolfSSL_SHA384_Init #define SHA384_Init wolfSSL_SHA384_Init
@ -181,26 +207,27 @@ typedef WOLFSSL_SHA384_CTX SHA384_CTX;
* build. */ * build. */
#define SHA384 wolfSSL_SHA384 #define SHA384 wolfSSL_SHA384
#endif #endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* WOLFSSL_SHA384 */ #endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512 #ifdef WOLFSSL_SHA512
typedef struct WOLFSSL_SHA512_CTX { typedef struct WOLFSSL_SHA512_CTX {
/* big enough to hold wolfCrypt Sha384, but check on init */ /* big enough to hold wolfCrypt Sha384, but check on init */
void* holder[(288 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; void* holder[(288 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
} WOLFSSL_SHA512_CTX; } WOLFSSL_SHA512_CTX;
WOLFSSL_API int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX*); WOLFSSL_API int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX*, const void*, WOLFSSL_API int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX* sha,
unsigned long); const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA512_Final(unsigned char*, WOLFSSL_SHA512_CTX*); WOLFSSL_API int wolfSSL_SHA512_Final(byte* output, WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX*, WOLFSSL_API int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX* sha512,
const unsigned char*); const unsigned char* data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum { enum {
SHA512_DIGEST_LENGTH = 64 SHA512_DIGEST_LENGTH = 64
}; };
typedef WOLFSSL_SHA512_CTX SHA512_CTX; typedef WOLFSSL_SHA512_CTX SHA512_CTX;
#define SHA512_Init wolfSSL_SHA512_Init #define SHA512_Init wolfSSL_SHA512_Init
@ -212,6 +239,56 @@ typedef WOLFSSL_SHA512_CTX SHA512_CTX;
* build. */ * build. */
#define SHA512 wolfSSL_SHA512 #define SHA512 wolfSSL_SHA512
#endif #endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if !defined(WOLFSSL_NOSHA512_224)
typedef struct WOLFSSL_SHA512_CTX WOLFSSL_SHA512_224_CTX;
typedef WOLFSSL_SHA512_224_CTX SHA512_224_CTX;
WOLFSSL_API int wolfSSL_SHA512_224_Init(WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_224_Update(WOLFSSL_SHA512_224_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA512_224_Final(byte* output,
WOLFSSL_SHA512_224_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX* sha512,
const unsigned char* data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define SHA512_224_Init wolfSSL_SHA512_224_Init
#define SHA512_224_Update wolfSSL_SHA512_224_Update
#define SHA512_224_Final wolfSSL_SHA512_224_Final
#define SHA512_224_Transform wolfSSL_SHA512_224_Transform
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#define SHA512_224 wolfSSL_SHA512_224
#endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFSSL_NOSHA512_224 */
#if !defined(WOLFSSL_NOSHA512_256)
typedef struct WOLFSSL_SHA512_CTX WOLFSSL_SHA512_256_CTX;
typedef WOLFSSL_SHA512_256_CTX SHA512_256_CTX;
WOLFSSL_API int wolfSSL_SHA512_256_Init(WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_256_Update(WOLFSSL_SHA512_256_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA512_256_Final(byte* output, WOLFSSL_SHA512_256_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512,
const unsigned char* data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define SHA512_256_Init wolfSSL_SHA512_256_Init
#define SHA512_256_Update wolfSSL_SHA512_256_Update
#define SHA512_256_Final wolfSSL_SHA512_256_Final
#define SHA512_256_Transform wolfSSL_SHA512_256_Transform
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#define SHA512_256 wolfSSL_SHA512_256
#endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFSSL_NOSHA512_256 */
#endif /* WOLFSSL_SHA512 */ #endif /* WOLFSSL_SHA512 */

View File

@ -1,6 +1,6 @@
/* sha3.h /* sha3.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -36,7 +36,6 @@
extern "C" { extern "C" {
#endif #endif
/* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha3 /* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha3
* struct are 16 byte aligned. Any dereference to those elements after casting * struct are 16 byte aligned. Any dereference to those elements after casting
* to Sha3 is expected to also be 16 byte aligned addresses. */ * to Sha3 is expected to also be 16 byte aligned addresses. */
@ -48,10 +47,11 @@ struct WOLFSSL_SHA3_CTX {
#ifndef WOLFSSL_NOSHA3_224 #ifndef WOLFSSL_NOSHA3_224
typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_224_CTX; typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_224_CTX;
WOLFSSL_API int wolfSSL_SHA3_224_Init(WOLFSSL_SHA3_224_CTX*); WOLFSSL_API int wolfSSL_SHA3_224_Init(WOLFSSL_SHA3_224_CTX* sha);
WOLFSSL_API int wolfSSL_SHA3_224_Update(WOLFSSL_SHA3_224_CTX*, const void*, WOLFSSL_API int wolfSSL_SHA3_224_Update(WOLFSSL_SHA3_224_CTX* sha, const void* input,
unsigned long); unsigned long sz);
WOLFSSL_API int wolfSSL_SHA3_224_Final(unsigned char*, WOLFSSL_SHA3_224_CTX*); WOLFSSL_API int wolfSSL_SHA3_224_Final(unsigned char* output,
WOLFSSL_SHA3_224_CTX* sha);
enum { enum {
SHA3_224_DIGEST_LENGTH = 28 SHA3_224_DIGEST_LENGTH = 28
@ -72,10 +72,11 @@ typedef WOLFSSL_SHA3_224_CTX SHA3_224_CTX;
typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_256_CTX; typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_256_CTX;
WOLFSSL_API int wolfSSL_SHA3_256_Init(WOLFSSL_SHA3_256_CTX*); WOLFSSL_API int wolfSSL_SHA3_256_Init(WOLFSSL_SHA3_256_CTX* sha);
WOLFSSL_API int wolfSSL_SHA3_256_Update(WOLFSSL_SHA3_256_CTX*, const void*, WOLFSSL_API int wolfSSL_SHA3_256_Update(WOLFSSL_SHA3_256_CTX* sha,
unsigned long); const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA3_256_Final(unsigned char*, WOLFSSL_SHA3_256_CTX*); WOLFSSL_API int wolfSSL_SHA3_256_Final(unsigned char* output,
WOLFSSL_SHA3_256_CTX* sha);
enum { enum {
SHA3_256_DIGEST_LENGTH = 32 SHA3_256_DIGEST_LENGTH = 32
@ -95,10 +96,11 @@ typedef WOLFSSL_SHA3_256_CTX SHA3_256_CTX;
typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_384_CTX; typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_384_CTX;
WOLFSSL_API int wolfSSL_SHA3_384_Init(WOLFSSL_SHA3_384_CTX*); WOLFSSL_API int wolfSSL_SHA3_384_Init(WOLFSSL_SHA3_384_CTX* sha);
WOLFSSL_API int wolfSSL_SHA3_384_Update(WOLFSSL_SHA3_384_CTX*, const void*, WOLFSSL_API int wolfSSL_SHA3_384_Update(WOLFSSL_SHA3_384_CTX* sha,
unsigned long); const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA3_384_Final(unsigned char*, WOLFSSL_SHA3_384_CTX*); WOLFSSL_API int wolfSSL_SHA3_384_Final(unsigned char* output,
WOLFSSL_SHA3_384_CTX* sha);
enum { enum {
SHA3_384_DIGEST_LENGTH = 48 SHA3_384_DIGEST_LENGTH = 48
@ -118,10 +120,11 @@ typedef WOLFSSL_SHA3_384_CTX SHA3_384_CTX;
typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_512_CTX; typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_512_CTX;
WOLFSSL_API int wolfSSL_SHA3_512_Init(WOLFSSL_SHA3_512_CTX*); WOLFSSL_API int wolfSSL_SHA3_512_Init(WOLFSSL_SHA3_512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA3_512_Update(WOLFSSL_SHA3_512_CTX*, const void*, WOLFSSL_API int wolfSSL_SHA3_512_Update(WOLFSSL_SHA3_512_CTX* sha,
unsigned long); const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA3_512_Final(unsigned char*, WOLFSSL_SHA3_512_CTX*); WOLFSSL_API int wolfSSL_SHA3_512_Final(unsigned char* output,
WOLFSSL_SHA3_512_CTX* sha);
enum { enum {
SHA3_512_DIGEST_LENGTH = 64 SHA3_512_DIGEST_LENGTH = 64

View File

@ -1,6 +1,6 @@
/* srp.h /* srp.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* ssl.h /* ssl.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -36,7 +36,9 @@
#endif /* OPENSSL_EXTRA_SSL_GUARD */ #endif /* OPENSSL_EXTRA_SSL_GUARD */
#include <libs/libwolfssl/openssl/tls1.h> #include <libs/libwolfssl/openssl/tls1.h>
#ifndef WOLFCRYPT_ONLY
#include <libs/libwolfssl/openssl/evp.h> #include <libs/libwolfssl/openssl/evp.h>
#endif
#include <libs/libwolfssl/openssl/bio.h> #include <libs/libwolfssl/openssl/bio.h>
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
#include <libs/libwolfssl/openssl/crypto.h> #include <libs/libwolfssl/openssl/crypto.h>
@ -69,9 +71,7 @@
#undef ASN1_INTEGER #undef ASN1_INTEGER
#endif #endif
#ifdef OPENSSL_EXTRA #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_API int wolfSSL_OPENSSL_init_ssl(word64 opts, const OPENSSL_INIT_SETTINGS *settings);
#endif
typedef WOLFSSL SSL; typedef WOLFSSL SSL;
typedef WOLFSSL_SESSION SSL_SESSION; typedef WOLFSSL_SESSION SSL_SESSION;
@ -111,6 +111,9 @@ typedef WOLFSSL_dynlock_value CRYPTO_dynlock_value;
typedef WOLFSSL_BUF_MEM BUF_MEM; typedef WOLFSSL_BUF_MEM BUF_MEM;
typedef WOLFSSL_GENERAL_NAMES GENERAL_NAMES; typedef WOLFSSL_GENERAL_NAMES GENERAL_NAMES;
typedef WOLFSSL_GENERAL_NAME GENERAL_NAME; typedef WOLFSSL_GENERAL_NAME GENERAL_NAME;
typedef WOLFSSL_OBJ_NAME OBJ_NAME;
typedef WOLFSSL_DIST_POINT_NAME DIST_POINT_NAME;
typedef WOLFSSL_DIST_POINT DIST_POINT;
#define X509_L_FILE_LOAD WOLFSSL_X509_L_FILE_LOAD #define X509_L_FILE_LOAD WOLFSSL_X509_L_FILE_LOAD
#define X509_L_ADD_DIR WOLFSSL_X509_L_ADD_DIR #define X509_L_ADD_DIR WOLFSSL_X509_L_ADD_DIR
@ -146,7 +149,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new #define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new
#define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup #define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup
#define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free #define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free
#ifdef HAVE_EX_DATA
#define CRYPTO_EX_DATA WOLFSSL_CRYPTO_EX_DATA #define CRYPTO_EX_DATA WOLFSSL_CRYPTO_EX_DATA
#endif
#define CRYPTO_set_mem_functions wolfSSL_CRYPTO_set_mem_functions #define CRYPTO_set_mem_functions wolfSSL_CRYPTO_set_mem_functions
@ -196,6 +201,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_use_certificate wolfSSL_use_certificate #define SSL_use_certificate wolfSSL_use_certificate
#define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1 #define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1
#define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio #define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio
#define d2i_PKCS8_PRIV_KEY_INFO wolfSSL_d2i_PKCS8_PKEY
#define i2d_PKCS8_PRIV_KEY_INFO wolfSSL_i2d_PrivateKey
#define d2i_PKCS8PrivateKey_bio wolfSSL_d2i_PKCS8PrivateKey_bio #define d2i_PKCS8PrivateKey_bio wolfSSL_d2i_PKCS8PrivateKey_bio
#define i2d_PKCS8PrivateKey_bio wolfSSL_PEM_write_bio_PKCS8PrivateKey #define i2d_PKCS8PrivateKey_bio wolfSSL_PEM_write_bio_PKCS8PrivateKey
#define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free #define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free
@ -205,6 +212,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define i2d_PUBKEY wolfSSL_i2d_PUBKEY #define i2d_PUBKEY wolfSSL_i2d_PUBKEY
#define d2i_PUBKEY wolfSSL_d2i_PUBKEY #define d2i_PUBKEY wolfSSL_d2i_PUBKEY
#define d2i_PUBKEY_bio wolfSSL_d2i_PUBKEY_bio #define d2i_PUBKEY_bio wolfSSL_d2i_PUBKEY_bio
#define d2i_PublicKey wolfSSL_d2i_PublicKey
#define d2i_PrivateKey wolfSSL_d2i_PrivateKey #define d2i_PrivateKey wolfSSL_d2i_PrivateKey
#define d2i_AutoPrivateKey wolfSSL_d2i_AutoPrivateKey #define d2i_AutoPrivateKey wolfSSL_d2i_AutoPrivateKey
#define SSL_use_PrivateKey wolfSSL_use_PrivateKey #define SSL_use_PrivateKey wolfSSL_use_PrivateKey
@ -235,7 +243,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define TLSv1_3_client_method wolfTLSv1_3_client_method #define TLSv1_3_client_method wolfTLSv1_3_client_method
#define TLS_method wolfSSLv23_method #define TLS_method wolfSSLv23_method
#define X509_FILETYPE_ASN1 SSL_FILETYPE_ASN1 #define X509_FILETYPE_PEM WOLFSSL_FILETYPE_PEM
#define X509_FILETYPE_ASN1 WOLFSSL_FILETYPE_ASN1
#define X509_FILETYPE_DEFAULT WOLFSSL_FILETYPE_DEFAULT
#define X509_F_X509_CHECK_PRIVATE_KEY 128 #define X509_F_X509_CHECK_PRIVATE_KEY 128
@ -258,6 +268,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#else #else
#define SSL_CTX_load_verify_locations wolfSSL_CTX_load_verify_locations #define SSL_CTX_load_verify_locations wolfSSL_CTX_load_verify_locations
#endif #endif
#define SSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths
#define SSL_CTX_use_certificate_chain_file wolfSSL_CTX_use_certificate_chain_file #define SSL_CTX_use_certificate_chain_file wolfSSL_CTX_use_certificate_chain_file
#define SSL_CTX_use_RSAPrivateKey_file wolfSSL_CTX_use_RSAPrivateKey_file #define SSL_CTX_use_RSAPrivateKey_file wolfSSL_CTX_use_RSAPrivateKey_file
@ -277,6 +288,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_connect wolfSSL_connect #define SSL_connect wolfSSL_connect
#define SSL_clear wolfSSL_clear #define SSL_clear wolfSSL_clear
#define SSL_state wolfSSL_state #define SSL_state wolfSSL_state
#define SSL_read_early_data(ssl, d, dLen, len) wolfSSL_read_early_data(ssl, d, (int)(dLen), (int *)(len))
#define SSL_write_early_data(ssl, d, dLen, len) wolfSSL_write_early_data(ssl, d, (int)(dLen), (int *)(len))
#define SSL_write wolfSSL_write #define SSL_write wolfSSL_write
#define SSL_read wolfSSL_read #define SSL_read wolfSSL_read
@ -285,7 +298,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_CTX_free wolfSSL_CTX_free #define SSL_CTX_free wolfSSL_CTX_free
#define SSL_free wolfSSL_free #define SSL_free wolfSSL_free
#define SSL_shutdown wolfSSL_shutdown #define SSL_shutdown wolfSSL_shutdown
#define SSL_set_timeout wolfSSL_set_timeout #define SSL_set_timeout wolfSSL_SSL_SESSION_set_timeout
#define SSL_CTX_set_quiet_shutdown wolfSSL_CTX_set_quiet_shutdown #define SSL_CTX_set_quiet_shutdown wolfSSL_CTX_set_quiet_shutdown
#define SSL_set_quiet_shutdown wolfSSL_set_quiet_shutdown #define SSL_set_quiet_shutdown wolfSSL_set_quiet_shutdown
@ -294,17 +307,19 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_get_session(x) wolfSSL_get_session((WOLFSSL*) (x)) #define SSL_get_session(x) wolfSSL_get_session((WOLFSSL*) (x))
#define SSL_SESSION_get0_peer wolfSSL_SESSION_get0_peer #define SSL_SESSION_get0_peer wolfSSL_SESSION_get0_peer
#define SSL_flush_sessions wolfSSL_flush_sessions #define SSL_flush_sessions wolfSSL_flush_sessions
/* assume unlimited temporarily */ #define SSL_CTX_get_session_cache_mode(ctx) \
#define SSL_CTX_get_session_cache_mode(ctx) 0 wolfSSL_CTX_get_session_cache_mode((ctx))
#define SSL_CTX_set_verify wolfSSL_CTX_set_verify #define SSL_CTX_set_verify wolfSSL_CTX_set_verify
#define SSL_CTX_set_cert_verify_callback wolfSSL_CTX_set_cert_verify_callback #define SSL_CTX_set_cert_verify_callback wolfSSL_CTX_set_cert_verify_callback
#define SSL_CTX_set_cert_cb wolfSSL_CTX_set_cert_cb
#define SSL_set_verify wolfSSL_set_verify #define SSL_set_verify wolfSSL_set_verify
#define SSL_set_verify_result wolfSSL_set_verify_result #define SSL_set_verify_result wolfSSL_set_verify_result
#define SSL_verify_client_post_handshake wolfSSL_verify_client_post_handshake #define SSL_verify_client_post_handshake wolfSSL_verify_client_post_handshake
#define SSL_set_post_handshake_auth wolfSSL_set_post_handshake_auth #define SSL_set_post_handshake_auth wolfSSL_set_post_handshake_auth
#define SSL_CTX_set_post_handshake_auth wolfSSL_CTX_set_post_handshake_auth #define SSL_CTX_set_post_handshake_auth wolfSSL_CTX_set_post_handshake_auth
#define SSL_pending wolfSSL_pending #define SSL_pending(x) wolfSSL_pending((WOLFSSL*)(x))
#define SSL_has_pending wolfSSL_has_pending
#define SSL_load_error_strings wolfSSL_load_error_strings #define SSL_load_error_strings wolfSSL_load_error_strings
#define SSL_library_init wolfSSL_library_init #define SSL_library_init wolfSSL_library_init
#define OPENSSL_cleanup (void)wolfSSL_Cleanup #define OPENSSL_cleanup (void)wolfSSL_Cleanup
@ -317,7 +332,6 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
/* wolfSSL does not support security levels */ /* wolfSSL does not support security levels */
#define SSL_CTX_set_security_level wolfSSL_CTX_set_security_level #define SSL_CTX_set_security_level wolfSSL_CTX_set_security_level
#define SSL_CTX_get_security_level wolfSSL_CTX_get_security_level #define SSL_CTX_get_security_level wolfSSL_CTX_get_security_level
/* wolfSSL does not support exporting keying material */
#define SSL_export_keying_material wolfSSL_export_keying_material #define SSL_export_keying_material wolfSSL_export_keying_material
#define SSL_CTX_set1_sigalgs_list wolfSSL_CTX_set1_sigalgs_list #define SSL_CTX_set1_sigalgs_list wolfSSL_CTX_set1_sigalgs_list
@ -340,6 +354,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_set_session_id_context wolfSSL_set_session_id_context #define SSL_set_session_id_context wolfSSL_set_session_id_context
#define SSL_set_connect_state wolfSSL_set_connect_state #define SSL_set_connect_state wolfSSL_set_connect_state
#define SSL_set_accept_state wolfSSL_set_accept_state #define SSL_set_accept_state wolfSSL_set_accept_state
#define SSL_SESSION_new wolfSSL_SESSION_new
#define SSL_session_reused wolfSSL_session_reused #define SSL_session_reused wolfSSL_session_reused
#define SSL_SESSION_up_ref wolfSSL_SESSION_up_ref #define SSL_SESSION_up_ref wolfSSL_SESSION_up_ref
#define SSL_SESSION_dup wolfSSL_SESSION_dup #define SSL_SESSION_dup wolfSSL_SESSION_dup
@ -358,6 +373,11 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_CIPHER_get_id wolfSSL_CIPHER_get_id #define SSL_CIPHER_get_id wolfSSL_CIPHER_get_id
#define SSL_CIPHER_get_rfc_name wolfSSL_CIPHER_get_name #define SSL_CIPHER_get_rfc_name wolfSSL_CIPHER_get_name
#define SSL_CIPHER_standard_name wolfSSL_CIPHER_get_name #define SSL_CIPHER_standard_name wolfSSL_CIPHER_get_name
#define SSL_CIPHER_get_auth_nid wolfSSL_CIPHER_get_auth_nid
#define SSL_CIPHER_get_cipher_nid wolfSSL_CIPHER_get_cipher_nid
#define SSL_CIPHER_get_digest_nid wolfSSL_CIPHER_get_digest_nid
#define SSL_CIPHER_get_kx_nid wolfSSL_CIPHER_get_kx_nid
#define SSL_CIPHER_is_aead wolfSSL_CIPHER_is_aead
#define SSL_get_cipher_by_value wolfSSL_get_cipher_by_value #define SSL_get_cipher_by_value wolfSSL_get_cipher_by_value
#define SSL_get1_session wolfSSL_get1_session #define SSL_get1_session wolfSSL_get1_session
@ -366,6 +386,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_get_keys wolfSSL_get_keys #define SSL_get_keys wolfSSL_get_keys
#define SSL_SESSION_get_master_key wolfSSL_SESSION_get_master_key #define SSL_SESSION_get_master_key wolfSSL_SESSION_get_master_key
#define SSL_SESSION_get_master_key_length wolfSSL_SESSION_get_master_key_length #define SSL_SESSION_get_master_key_length wolfSSL_SESSION_get_master_key_length
#define SSL_SESSION_get_max_early_data wolfSSL_SESSION_get_max_early_data
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
#define SSL_MODE_RELEASE_BUFFERS 0x00000010U #define SSL_MODE_RELEASE_BUFFERS 0x00000010U
@ -378,7 +399,6 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data #define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data
#define X509_EXTENSION_new wolfSSL_X509_EXTENSION_new #define X509_EXTENSION_new wolfSSL_X509_EXTENSION_new
#define X509_EXTENSION_free wolfSSL_X509_EXTENSION_free #define X509_EXTENSION_free wolfSSL_X509_EXTENSION_free
#define X509_gmtime_adj wolfSSL_X509_gmtime_adj
#endif #endif
#define DSA_dup_DH wolfSSL_DSA_dup_DH #define DSA_dup_DH wolfSSL_DSA_dup_DH
@ -397,14 +417,16 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define d2i_X509 wolfSSL_d2i_X509 #define d2i_X509 wolfSSL_d2i_X509
#define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509 #define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509
#define PEM_read_bio_X509_REQ wolfSSL_PEM_read_bio_X509_REQ #define PEM_read_bio_X509_REQ wolfSSL_PEM_read_bio_X509_REQ
#define PEM_read_X509_REQ wolfSSL_PEM_read_X509_REQ
#define PEM_read_bio_X509_CRL wolfSSL_PEM_read_bio_X509_CRL #define PEM_read_bio_X509_CRL wolfSSL_PEM_read_bio_X509_CRL
#define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX #define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX
#define PEM_read_X509 wolfSSL_PEM_read_X509 #define PEM_read_X509 wolfSSL_PEM_read_X509
#define PEM_X509_INFO_read_bio wolfSSL_PEM_X509_INFO_read_bio
#define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509 #define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509
#define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX #define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX
#define PEM_X509_INFO_read_bio wolfSSL_PEM_X509_INFO_read_bio #define PEM_X509_INFO_read_bio wolfSSL_PEM_X509_INFO_read_bio
#define PEM_X509_INFO_read wolfSSL_PEM_X509_INFO_read
#define i2d_PrivateKey wolfSSL_i2d_PrivateKey #define i2d_PrivateKey wolfSSL_i2d_PrivateKey
#define i2d_PublicKey wolfSSL_i2d_PublicKey
#define i2d_X509_REQ wolfSSL_i2d_X509_REQ #define i2d_X509_REQ wolfSSL_i2d_X509_REQ
#define d2i_X509_REQ wolfSSL_d2i_X509_REQ #define d2i_X509_REQ wolfSSL_d2i_X509_REQ
@ -429,6 +451,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_load_certificate_file wolfSSL_X509_load_certificate_file #define X509_load_certificate_file wolfSSL_X509_load_certificate_file
#define X509_digest wolfSSL_X509_digest #define X509_digest wolfSSL_X509_digest
#define X509_pubkey_digest wolfSSL_X509_pubkey_digest #define X509_pubkey_digest wolfSSL_X509_pubkey_digest
#define X509_get_extension_flags wolfSSL_X509_get_extension_flags
#define X509_get_key_usage wolfSSL_X509_get_key_usage
#define X509_get_extended_key_usage wolfSSL_X509_get_extended_key_usage
#define X509_get_ext_count wolfSSL_X509_get_ext_count #define X509_get_ext_count wolfSSL_X509_get_ext_count
#define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i #define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i
#define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d #define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d
@ -440,7 +465,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_get_issuer_name wolfSSL_X509_get_issuer_name #define X509_get_issuer_name wolfSSL_X509_get_issuer_name
#define X509_issuer_name_hash wolfSSL_X509_issuer_name_hash #define X509_issuer_name_hash wolfSSL_X509_issuer_name_hash
#define X509_subject_name_hash wolfSSL_X509_subject_name_hash #define X509_subject_name_hash wolfSSL_X509_subject_name_hash
#define X509_get_subject_name wolfSSL_X509_get_subject_name #define X509_get_subject_name(x) wolfSSL_X509_get_subject_name((WOLFSSL_X509*)(x))
#define X509_REQ_get_subject_name wolfSSL_X509_get_subject_name #define X509_REQ_get_subject_name wolfSSL_X509_get_subject_name
#define X509_get_pubkey wolfSSL_X509_get_pubkey #define X509_get_pubkey wolfSSL_X509_get_pubkey
#define X509_get0_pubkey wolfSSL_X509_get_pubkey #define X509_get0_pubkey wolfSSL_X509_get_pubkey
@ -473,6 +498,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_REQ_print wolfSSL_X509_print #define X509_REQ_print wolfSSL_X509_print
#define X509_print_ex wolfSSL_X509_print_ex #define X509_print_ex wolfSSL_X509_print_ex
#define X509_print_fp wolfSSL_X509_print_fp #define X509_print_fp wolfSSL_X509_print_fp
#define X509_CRL_print wolfSSL_X509_CRL_print
#define X509_REQ_print_fp wolfSSL_X509_print_fp #define X509_REQ_print_fp wolfSSL_X509_print_fp
#define X509_signature_print wolfSSL_X509_signature_print #define X509_signature_print wolfSSL_X509_signature_print
#define X509_get0_signature wolfSSL_X509_get0_signature #define X509_get0_signature wolfSSL_X509_get0_signature
@ -494,9 +520,10 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object #define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object
#define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data #define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data
#define X509_EXTENSION_dup wolfSSL_X509_EXTENSION_dup
#define sk_X509_new wolfSSL_sk_X509_new #define sk_X509_new wolfSSL_sk_X509_new
#define sk_X509_new_null wolfSSL_sk_X509_new #define sk_X509_new_null wolfSSL_sk_X509_new_null
#define sk_X509_num wolfSSL_sk_X509_num #define sk_X509_num wolfSSL_sk_X509_num
#define sk_X509_value wolfSSL_sk_X509_value #define sk_X509_value wolfSSL_sk_X509_value
#define sk_X509_shift wolfSSL_sk_X509_shift #define sk_X509_shift wolfSSL_sk_X509_shift
@ -507,8 +534,16 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define sk_X509_free wolfSSL_sk_X509_free #define sk_X509_free wolfSSL_sk_X509_free
#define X509_chain_up_ref wolfSSL_X509_chain_up_ref #define X509_chain_up_ref wolfSSL_X509_chain_up_ref
#define sk_X509_CRL_new wolfSSL_sk_X509_CRL_new
#define sk_X509_CRL_pop_free wolfSSL_sk_X509_CRL_pop_free
#define sk_X509_CRL_free wolfSSL_sk_X509_CRL_free
#define sk_X509_CRL_push wolfSSL_sk_X509_CRL_push
#define sk_X509_CRL_value wolfSSL_sk_X509_CRL_value
#define sk_X509_CRL_num wolfSSL_sk_X509_CRL_num
#define sk_X509_OBJECT_new wolfSSL_sk_X509_OBJECT_new #define sk_X509_OBJECT_new wolfSSL_sk_X509_OBJECT_new
#define sk_X509_OBJECT_free wolfSSL_sk_X509_OBJECT_free #define sk_X509_OBJECT_free wolfSSL_sk_X509_OBJECT_free
#define sk_X509_OBJECT_pop_free wolfSSL_sk_X509_OBJECT_pop_free
#define sk_X509_EXTENSION_num wolfSSL_sk_X509_EXTENSION_num #define sk_X509_EXTENSION_num wolfSSL_sk_X509_EXTENSION_num
#define sk_X509_EXTENSION_value wolfSSL_sk_X509_EXTENSION_value #define sk_X509_EXTENSION_value wolfSSL_sk_X509_EXTENSION_value
@ -533,6 +568,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_NAME_new wolfSSL_X509_NAME_new #define X509_NAME_new wolfSSL_X509_NAME_new
#define X509_NAME_free wolfSSL_X509_NAME_free #define X509_NAME_free wolfSSL_X509_NAME_free
#define X509_NAME_dup wolfSSL_X509_NAME_dup #define X509_NAME_dup wolfSSL_X509_NAME_dup
#define X509_NAME_get_sz wolfSSL_X509_NAME_get_sz
#define X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID #define X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID
#define X509_NAME_get_index_by_OBJ wolfSSL_X509_NAME_get_index_by_OBJ #define X509_NAME_get_index_by_OBJ wolfSSL_X509_NAME_get_index_by_OBJ
#define X509_NAME_cmp wolfSSL_X509_NAME_cmp #define X509_NAME_cmp wolfSSL_X509_NAME_cmp
@ -554,6 +590,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_cmp_time wolfSSL_X509_cmp_time #define X509_cmp_time wolfSSL_X509_cmp_time
#define X509_time_adj wolfSSL_X509_time_adj #define X509_time_adj wolfSSL_X509_time_adj
#define X509_time_adj_ex wolfSSL_X509_time_adj_ex #define X509_time_adj_ex wolfSSL_X509_time_adj_ex
#define X509_gmtime_adj wolfSSL_X509_gmtime_adj
#define sk_ACCESS_DESCRIPTION_num wolfSSL_sk_ACCESS_DESCRIPTION_num #define sk_ACCESS_DESCRIPTION_num wolfSSL_sk_ACCESS_DESCRIPTION_num
#define sk_ACCESS_DESCRIPTION_value wolfSSL_sk_ACCESS_DESCRIPTION_value #define sk_ACCESS_DESCRIPTION_value wolfSSL_sk_ACCESS_DESCRIPTION_value
@ -572,17 +609,25 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define X509_NAME_entry_count wolfSSL_X509_NAME_entry_count #define X509_NAME_entry_count wolfSSL_X509_NAME_entry_count
#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object
#define X509_NAME_get_entry wolfSSL_X509_NAME_get_entry #define X509_NAME_get_entry wolfSSL_X509_NAME_get_entry
#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object
#define X509_NAME_ENTRY_get_data wolfSSL_X509_NAME_ENTRY_get_data #define X509_NAME_ENTRY_get_data wolfSSL_X509_NAME_ENTRY_get_data
#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object #define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object
#define sk_X509_NAME_ENTRY_new wolfSSL_sk_X509_NAME_ENTRY_new
#define sk_X509_NAME_ENTRY_push wolfSSL_sk_X509_NAME_ENTRY_push
#define sk_X509_NAME_ENTRY_num wolfSSL_sk_X509_NAME_ENTRY_num
#define sk_X509_NAME_ENTRY_value wolfSSL_sk_X509_NAME_ENTRY_value
#define sk_X509_NAME_ENTRY_free wolfSSL_sk_X509_NAME_ENTRY_free
#define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK #define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK
#define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL #define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL
#define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME #define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME
#define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME #define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME
#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT WOLFSSL_ALWAYS_CHECK_SUBJECT
#define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS #define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS
#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS WOLFSSL_NO_PARTIAL_WILDCARDS
#define X509_VP_FLAG_DEFAULT WOLFSSL_VPARAM_DEFAULT #define X509_VP_FLAG_DEFAULT WOLFSSL_VPARAM_DEFAULT
#define X509_VP_FLAG_OVERWRITE WOLFSSL_VPARAM_OVERWRITE #define X509_VP_FLAG_OVERWRITE WOLFSSL_VPARAM_OVERWRITE
@ -638,8 +683,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define X509_VERIFY_PARAM_get_flags wolfSSL_X509_VERIFY_PARAM_get_flags #define X509_VERIFY_PARAM_get_flags wolfSSL_X509_VERIFY_PARAM_get_flags
#define X509_VERIFY_PARAM_clear_flags wolfSSL_X509_VERIFY_PARAM_clear_flags #define X509_VERIFY_PARAM_clear_flags wolfSSL_X509_VERIFY_PARAM_clear_flags
#define X509_VERIFY_PARAM_set_hostflags wolfSSL_X509_VERIFY_PARAM_set_hostflags #define X509_VERIFY_PARAM_set_hostflags wolfSSL_X509_VERIFY_PARAM_set_hostflags
#define SSL_set1_host wolfSSL_set1_host
#define X509_VERIFY_PARAM_set1_host wolfSSL_X509_VERIFY_PARAM_set1_host #define X509_VERIFY_PARAM_set1_host wolfSSL_X509_VERIFY_PARAM_set1_host
#define X509_VERIFY_PARAM_set1_ip_asc wolfSSL_X509_VERIFY_PARAM_set1_ip_asc #define X509_VERIFY_PARAM_set1_ip_asc wolfSSL_X509_VERIFY_PARAM_set1_ip_asc
#define X509_VERIFY_PARAM_set1_ip wolfSSL_X509_VERIFY_PARAM_set1_ip
#define X509_VERIFY_PARAM_set1 wolfSSL_X509_VERIFY_PARAM_set1 #define X509_VERIFY_PARAM_set1 wolfSSL_X509_VERIFY_PARAM_set1
#define X509_STORE_load_locations wolfSSL_X509_STORE_load_locations #define X509_STORE_load_locations wolfSSL_X509_STORE_load_locations
@ -655,9 +702,14 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define X509_CRL_free wolfSSL_X509_CRL_free #define X509_CRL_free wolfSSL_X509_CRL_free
#define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate #define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
#define X509_CRL_get0_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
#define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate #define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
#define X509_CRL_get0_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
#define X509_CRL_verify wolfSSL_X509_CRL_verify #define X509_CRL_verify wolfSSL_X509_CRL_verify
#define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED #define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED
#define X509_CRL_get_issuer wolfSSL_X509_CRL_get_issuer_name
#define X509_CRL_get_signature_nid wolfSSL_X509_CRL_get_signature_nid
#define X509_CRL_get_version wolfSSL_X509_CRL_version
#define X509_load_crl_file wolfSSL_X509_load_crl_file #define X509_load_crl_file wolfSSL_X509_load_crl_file
#define X509_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY #define X509_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY
@ -682,6 +734,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define X509_OBJECT_get0_X509 wolfSSL_X509_OBJECT_get0_X509 #define X509_OBJECT_get0_X509 wolfSSL_X509_OBJECT_get0_X509
#define X509_OBJECT_get0_X509_CRL wolfSSL_X509_OBJECT_get0_X509_CRL #define X509_OBJECT_get0_X509_CRL wolfSSL_X509_OBJECT_get0_X509_CRL
#define X509_REVOKED_get0_serialNumber wolfSSL_X509_REVOKED_get0_serial_number
#define X509_REVOKED_get0_revocationDate wolfSSL_X509_REVOKED_get0_revocation_date
#define X509_check_purpose(...) 0 #define X509_check_purpose(...) 0
#define OCSP_parse_url wolfSSL_OCSP_parse_url #define OCSP_parse_url wolfSSL_OCSP_parse_url
@ -713,11 +768,18 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define BIO_f_ssl wolfSSL_BIO_f_ssl #define BIO_f_ssl wolfSSL_BIO_f_ssl
#define BIO_new_socket wolfSSL_BIO_new_socket #define BIO_new_socket wolfSSL_BIO_new_socket
#define BIO_new_connect wolfSSL_BIO_new_connect #define BIO_new_connect wolfSSL_BIO_new_connect
#define BIO_new_accept wolfSSL_BIO_new_accept
#define BIO_set_conn_port wolfSSL_BIO_set_conn_port #define BIO_set_conn_port wolfSSL_BIO_set_conn_port
#define BIO_do_connect wolfSSL_BIO_do_connect #define BIO_do_connect wolfSSL_BIO_do_connect
#define BIO_do_accept wolfSSL_BIO_do_accept
#define BIO_do_handshake wolfSSL_BIO_do_handshake #define BIO_do_handshake wolfSSL_BIO_do_handshake
#define BIO_ssl_shutdown wolfSSL_BIO_ssl_shutdown
#define SSL_set_bio wolfSSL_set_bio #define SSL_set_bio wolfSSL_set_bio
#define BIO_method_type wolfSSL_BIO_method_type
#define BIO_set_ssl wolfSSL_BIO_set_ssl #define BIO_set_ssl wolfSSL_BIO_set_ssl
#define BIO_get_ssl wolfSSL_BIO_get_ssl
#define BIO_new_ssl_connect wolfSSL_BIO_new_ssl_connect
#define BIO_set_conn_hostname wolfSSL_BIO_set_conn_hostname
#define BIO_eof wolfSSL_BIO_eof #define BIO_eof wolfSSL_BIO_eof
#define BIO_set_ss wolfSSL_BIO_set_ss #define BIO_set_ss wolfSSL_BIO_set_ss
@ -768,6 +830,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_TIME_set wolfSSL_ASN1_TIME_set #define ASN1_TIME_set wolfSSL_ASN1_TIME_set
#define ASN1_TIME_set_string wolfSSL_ASN1_TIME_set_string #define ASN1_TIME_set_string wolfSSL_ASN1_TIME_set_string
#define ASN1_TIME_to_string wolfSSL_ASN1_TIME_to_string #define ASN1_TIME_to_string wolfSSL_ASN1_TIME_to_string
#define ASN1_TIME_to_tm wolfSSL_ASN1_TIME_to_tm
#define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print #define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print
#define ASN1_GENERALIZEDTIME_free wolfSSL_ASN1_GENERALIZEDTIME_free #define ASN1_GENERALIZEDTIME_free wolfSSL_ASN1_GENERALIZEDTIME_free
@ -782,13 +845,17 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_INTEGER_get wolfSSL_ASN1_INTEGER_get #define ASN1_INTEGER_get wolfSSL_ASN1_INTEGER_get
#define ASN1_INTEGER_set wolfSSL_ASN1_INTEGER_set #define ASN1_INTEGER_set wolfSSL_ASN1_INTEGER_set
#define ASN1_INTEGER_to_BN wolfSSL_ASN1_INTEGER_to_BN #define ASN1_INTEGER_to_BN wolfSSL_ASN1_INTEGER_to_BN
#define d2i_ASN1_INTEGER wolfSSL_d2i_ASN1_INTEGER
#define i2d_ASN1_INTEGER wolfSSL_i2d_ASN1_INTEGER
#define i2a_ASN1_OBJECT wolfSSL_i2a_ASN1_OBJECT #define i2a_ASN1_OBJECT wolfSSL_i2a_ASN1_OBJECT
#define i2d_ASN1_OBJECT wolfSSL_i2d_ASN1_OBJECT #define i2d_ASN1_OBJECT wolfSSL_i2d_ASN1_OBJECT
#define ASN1_STRING_new wolfSSL_ASN1_STRING_new #define ASN1_STRING_new wolfSSL_ASN1_STRING_new
#define ASN1_OCTET_STRING_new wolfSSL_ASN1_STRING_new
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free #define ASN1_STRING_free wolfSSL_ASN1_STRING_free
#define ASN1_STRING_cmp wolfSSL_ASN1_STRING_cmp #define ASN1_STRING_cmp wolfSSL_ASN1_STRING_cmp
#define ASN1_OCTET_STRING_cmp wolfSSL_ASN1_STRING_cmp
#define ASN1_STRING_data wolfSSL_ASN1_STRING_data #define ASN1_STRING_data wolfSSL_ASN1_STRING_data
#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_get0_data #define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_get0_data
#define ASN1_STRING_length wolfSSL_ASN1_STRING_length #define ASN1_STRING_length wolfSSL_ASN1_STRING_length
@ -801,7 +868,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_STRING_set_default_mask_asc(...) 1 #define ASN1_STRING_set_default_mask_asc(...) 1
#endif #endif
#define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING
#define ASN1_OCTET_STRING_new wolfSSL_ASN1_STRING_new
#define ASN1_OCTET_STRING_free wolfSSL_ASN1_STRING_free #define ASN1_OCTET_STRING_free wolfSSL_ASN1_STRING_free
#define ASN1_OCTET_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_PRINTABLE_type(...) V_ASN1_PRINTABLESTRING #define ASN1_PRINTABLE_type(...) V_ASN1_PRINTABLESTRING
@ -809,7 +879,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_IA5STRING WOLFSSL_ASN1_STRING #define ASN1_IA5STRING WOLFSSL_ASN1_STRING
#define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING
#define ASN1_BOOLEAN WOLFSSL_ASN1_BOOLEAN #define ASN1_BOOLEAN WOLFSSL_ASN1_BOOLEAN
#define SSL_load_client_CA_file wolfSSL_load_client_CA_file #define SSL_load_client_CA_file wolfSSL_load_client_CA_file
@ -818,8 +887,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_client_CA_list wolfSSL_CTX_set_client_CA_list #define SSL_CTX_set_client_CA_list wolfSSL_CTX_set_client_CA_list
#define SSL_CTX_set_client_cert_cb wolfSSL_CTX_set_client_cert_cb #define SSL_CTX_set_client_cert_cb wolfSSL_CTX_set_client_cert_cb
#define SSL_CTX_set_cert_store wolfSSL_CTX_set_cert_store #define SSL_CTX_set_cert_store wolfSSL_CTX_set_cert_store
#define SSL_set0_verify_cert_store wolfSSL_set0_verify_cert_store
#define SSL_set1_verify_cert_store wolfSSL_set1_verify_cert_store
#define SSL_CTX_get_cert_store(x) wolfSSL_CTX_get_cert_store ((WOLFSSL_CTX*) (x)) #define SSL_CTX_get_cert_store(x) wolfSSL_CTX_get_cert_store ((WOLFSSL_CTX*) (x))
#define SSL_get_client_CA_list wolfSSL_get_client_CA_list #define SSL_get_client_CA_list wolfSSL_get_client_CA_list
#define SSL_set_client_CA_list wolfSSL_set_client_CA_list
#define SSL_get_ex_data_X509_STORE_CTX_idx wolfSSL_get_ex_data_X509_STORE_CTX_idx #define SSL_get_ex_data_X509_STORE_CTX_idx wolfSSL_get_ex_data_X509_STORE_CTX_idx
#define SSL_get_ex_data wolfSSL_get_ex_data #define SSL_get_ex_data wolfSSL_get_ex_data
@ -827,7 +899,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb #define SSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb
#define SSL_CTX_set_timeout(ctx, to) \ #define SSL_CTX_set_timeout(ctx, to) \
wolfSSL_CTX_set_timeout(ctx, (unsigned int) to) wolfSSL_CTX_set_timeout(ctx, (unsigned int)(to))
#define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback #define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback
#define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos #define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos
@ -843,6 +915,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define RSA_generate_key wolfSSL_RSA_generate_key #define RSA_generate_key wolfSSL_RSA_generate_key
#define SSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback #define SSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback
#define RSA_print wolfSSL_RSA_print #define RSA_print wolfSSL_RSA_print
#define RSA_print_fp wolfSSL_RSA_print_fp
#define RSA_bits wolfSSL_RSA_bits #define RSA_bits wolfSSL_RSA_bits
#define RSA_up_ref wolfSSL_RSA_up_ref #define RSA_up_ref wolfSSL_RSA_up_ref
#define RSA_padding_add_PKCS1_PSS wolfSSL_RSA_padding_add_PKCS1_PSS #define RSA_padding_add_PKCS1_PSS wolfSSL_RSA_padding_add_PKCS1_PSS
@ -948,11 +1021,16 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_check_private_key wolfSSL_check_private_key #define SSL_check_private_key wolfSSL_check_private_key
#define SSL_CTX_set_mode wolfSSL_CTX_set_mode #define SSL_CTX_set_mode wolfSSL_CTX_set_mode
#define SSL_CTX_clear_mode wolfSSL_CTX_clear_mode
#define SSL_CTX_get_mode wolfSSL_CTX_get_mode #define SSL_CTX_get_mode wolfSSL_CTX_get_mode
#define SSL_CTX_set_default_read_ahead wolfSSL_CTX_set_default_read_ahead #define SSL_CTX_set_default_read_ahead wolfSSL_CTX_set_default_read_ahead
#define SSL_CTX_sess_set_cache_size wolfSSL_CTX_sess_set_cache_size #define SSL_CTX_sess_set_cache_size wolfSSL_CTX_sess_set_cache_size
#define SSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths #define SSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths
#define X509_get_default_cert_file_env wolfSSL_X509_get_default_cert_file_env
#define X509_get_default_cert_file wolfSSL_X509_get_default_cert_file
#define X509_get_default_cert_dir_env wolfSSL_X509_get_default_cert_dir_env
#define X509_get_default_cert_dir wolfSSL_X509_get_default_cert_dir
#define SSL_CTX_set_session_id_context wolfSSL_CTX_set_session_id_context #define SSL_CTX_set_session_id_context wolfSSL_CTX_set_session_id_context
#define SSL_get_peer_certificate wolfSSL_get_peer_certificate #define SSL_get_peer_certificate wolfSSL_get_peer_certificate
@ -988,6 +1066,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define i2d_SSL_SESSION wolfSSL_i2d_SSL_SESSION #define i2d_SSL_SESSION wolfSSL_i2d_SSL_SESSION
#define d2i_SSL_SESSION wolfSSL_d2i_SSL_SESSION #define d2i_SSL_SESSION wolfSSL_d2i_SSL_SESSION
#define SSL_SESSION_has_ticket wolfSSL_SESSION_has_ticket
#define SSL_SESSION_get_ticket_lifetime_hint \
wolfSSL_SESSION_get_ticket_lifetime_hint
#define SSL_SESSION_set_timeout wolfSSL_SSL_SESSION_set_timeout #define SSL_SESSION_set_timeout wolfSSL_SSL_SESSION_set_timeout
#define SSL_SESSION_get_timeout wolfSSL_SESSION_get_timeout #define SSL_SESSION_get_timeout wolfSSL_SESSION_get_timeout
#define SSL_SESSION_get_time wolfSSL_SESSION_get_time #define SSL_SESSION_get_time wolfSSL_SESSION_get_time
@ -1019,12 +1100,24 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define DTLSv1_handle_timeout wolfSSL_DTLSv1_handle_timeout #define DTLSv1_handle_timeout wolfSSL_DTLSv1_handle_timeout
#define DTLSv1_set_initial_timeout_duration wolfSSL_DTLSv1_set_initial_timeout_duration #define DTLSv1_set_initial_timeout_duration wolfSSL_DTLSv1_set_initial_timeout_duration
/* DTLS SRTP */
#ifdef WOLFSSL_SRTP
typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#endif
#define SSL_CTX_set_tlsext_use_srtp wolfSSL_CTX_set_tlsext_use_srtp
#define SSL_set_tlsext_use_srtp wolfSSL_set_tlsext_use_srtp
#define SSL_get_selected_srtp_profile wolfSSL_get_selected_srtp_profile
#define SSL_get_srtp_profiles wolfSSL_get_srtp_profiles
#ifndef NO_WOLFSSL_STUB #ifndef NO_WOLFSSL_STUB
#define SSL_CTX_set_current_time_cb(ssl, cb) ({ (void)ssl; (void)cb; }) #define SSL_CTX_set_current_time_cb(ssl, cb) ({ (void)(ssl); (void)(cb); })
#endif #endif
#define SSL_CTX_use_certificate wolfSSL_CTX_use_certificate #define SSL_CTX_use_certificate wolfSSL_CTX_use_certificate
#define SSL_CTX_add0_chain_cert wolfSSL_CTX_add0_chain_cert
#define SSL_CTX_add1_chain_cert wolfSSL_CTX_add1_chain_cert #define SSL_CTX_add1_chain_cert wolfSSL_CTX_add1_chain_cert
#define SSL_add0_chain_cert wolfSSL_add0_chain_cert
#define SSL_add1_chain_cert wolfSSL_add1_chain_cert
#define SSL_CTX_use_PrivateKey wolfSSL_CTX_use_PrivateKey #define SSL_CTX_use_PrivateKey wolfSSL_CTX_use_PrivateKey
#define BIO_read_filename wolfSSL_BIO_read_filename #define BIO_read_filename wolfSSL_BIO_read_filename
#define SSL_CTX_set_verify_depth wolfSSL_CTX_set_verify_depth #define SSL_CTX_set_verify_depth wolfSSL_CTX_set_verify_depth
@ -1039,6 +1132,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define DHparams_dup wolfSSL_DH_dup #define DHparams_dup wolfSSL_DH_dup
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams #define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
#define PEM_read_DHparams wolfSSL_PEM_read_DHparams
#define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams #define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) #if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)
@ -1062,7 +1156,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#include <libs/libwolfssl/openssl/pem.h> #include <libs/libwolfssl/openssl/pem.h>
#define SSL_CTRL_CHAIN 88 #define SSL_CTRL_CHAIN 88
#define ERR_LIB_SSL 20
#define SSL_R_SHORT_READ 10 #define SSL_R_SHORT_READ 10
#define ERR_R_PEM_LIB 9 #define ERR_R_PEM_LIB 9
#define SSL_CTRL_MODE 33 #define SSL_CTRL_MODE 33
@ -1090,6 +1183,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define TLSEXT_STATUSTYPE_ocsp 1 #define TLSEXT_STATUSTYPE_ocsp 1
#define TLSEXT_max_fragment_length_512 WOLFSSL_MFL_2_9
#define TLSEXT_max_fragment_length_1024 WOLFSSL_MFL_2_10
#define TLSEXT_max_fragment_length_2048 WOLFSSL_MFL_2_11
#define TLSEXT_max_fragment_length_4096 WOLFSSL_MFL_2_12
#define SSL_set_options wolfSSL_set_options #define SSL_set_options wolfSSL_set_options
#define SSL_get_options wolfSSL_get_options #define SSL_get_options wolfSSL_get_options
#define SSL_clear_options wolfSSL_clear_options #define SSL_clear_options wolfSSL_clear_options
@ -1102,6 +1200,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_renegotiate_pending wolfSSL_SSL_renegotiate_pending #define SSL_renegotiate_pending wolfSSL_SSL_renegotiate_pending
#define SSL_set_tlsext_debug_arg wolfSSL_set_tlsext_debug_arg #define SSL_set_tlsext_debug_arg wolfSSL_set_tlsext_debug_arg
#define SSL_set_tlsext_status_type wolfSSL_set_tlsext_status_type #define SSL_set_tlsext_status_type wolfSSL_set_tlsext_status_type
#define SSL_get_tlsext_status_type wolfSSL_get_tlsext_status_type
#define SSL_set_tlsext_status_exts wolfSSL_set_tlsext_status_exts #define SSL_set_tlsext_status_exts wolfSSL_set_tlsext_status_exts
#define SSL_get_tlsext_status_ids wolfSSL_get_tlsext_status_ids #define SSL_get_tlsext_status_ids wolfSSL_get_tlsext_status_ids
#define SSL_set_tlsext_status_ids wolfSSL_set_tlsext_status_ids #define SSL_set_tlsext_status_ids wolfSSL_set_tlsext_status_ids
@ -1109,13 +1208,18 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_set_tlsext_status_ocsp_res wolfSSL_set_tlsext_status_ocsp_resp #define SSL_set_tlsext_status_ocsp_res wolfSSL_set_tlsext_status_ocsp_resp
#define SSL_set_tlsext_status_ocsp_resp wolfSSL_set_tlsext_status_ocsp_resp #define SSL_set_tlsext_status_ocsp_resp wolfSSL_set_tlsext_status_ocsp_resp
#define SSL_get_tlsext_status_ocsp_resp wolfSSL_get_tlsext_status_ocsp_resp #define SSL_get_tlsext_status_ocsp_resp wolfSSL_get_tlsext_status_ocsp_resp
#define SSL_set_tlsext_max_fragment_length wolfSSL_set_tlsext_max_fragment_length
#define SSL_CTX_add_extra_chain_cert wolfSSL_CTX_add_extra_chain_cert #define SSL_CTX_add_extra_chain_cert wolfSSL_CTX_add_extra_chain_cert
#define SSL_get_read_ahead wolfSSL_get_read_ahead
#define SSL_set_read_ahead wolfSSL_set_read_ahead
#define SSL_CTX_get_read_ahead wolfSSL_CTX_get_read_ahead #define SSL_CTX_get_read_ahead wolfSSL_CTX_get_read_ahead
#define SSL_CTX_set_read_ahead wolfSSL_CTX_set_read_ahead #define SSL_CTX_set_read_ahead wolfSSL_CTX_set_read_ahead
#define SSL_CTX_set_tlsext_status_arg wolfSSL_CTX_set_tlsext_status_arg #define SSL_CTX_set_tlsext_status_arg wolfSSL_CTX_set_tlsext_status_arg
#define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg \ #define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg \
wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg
#define SSL_CTX_set_tlsext_max_fragment_length \
wolfSSL_CTX_set_tlsext_max_fragment_length
#define SSL_get_server_random wolfSSL_get_server_random #define SSL_get_server_random wolfSSL_get_server_random
#define SSL_get_server_tmp_key wolfSSL_get_server_tmp_key #define SSL_get_server_tmp_key wolfSSL_get_server_tmp_key
@ -1124,6 +1228,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_set_min_proto_version wolfSSL_set_min_proto_version #define SSL_set_min_proto_version wolfSSL_set_min_proto_version
#define SSL_set_max_proto_version wolfSSL_set_max_proto_version #define SSL_set_max_proto_version wolfSSL_set_max_proto_version
#define SSL_CTX_get_min_proto_version wolfSSL_CTX_get_min_proto_version #define SSL_CTX_get_min_proto_version wolfSSL_CTX_get_min_proto_version
#define SSL_CTX_get_max_proto_version wolfSSL_CTX_get_max_proto_version
#define SSL_get_tlsext_status_exts wolfSSL_get_tlsext_status_exts #define SSL_get_tlsext_status_exts wolfSSL_get_tlsext_status_exts
@ -1131,6 +1236,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_tlsext_ticket_keys wolfSSL_CTX_set_tlsext_ticket_keys #define SSL_CTX_set_tlsext_ticket_keys wolfSSL_CTX_set_tlsext_ticket_keys
#define SSL_CTX_get_tlsext_status_cb wolfSSL_CTX_get_tlsext_status_cb #define SSL_CTX_get_tlsext_status_cb wolfSSL_CTX_get_tlsext_status_cb
#define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb #define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb
#define SSL_CTX_set_num_tickets wolfSSL_CTX_set_num_tickets
#define SSL_CTX_get_num_tickets wolfSSL_CTX_get_num_tickets
#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11 #define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12 #define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
@ -1139,6 +1246,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTRL_SET_SESS_CACHE_MODE 44 #define SSL_CTRL_SET_SESS_CACHE_MODE 44
#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 #define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE 651
#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
@ -1150,6 +1258,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTRL_GET_SERVER_TMP_KEY SSL_CTRL_GET_PEER_TMP_KEY #define SSL_CTRL_GET_SERVER_TMP_KEY SSL_CTRL_GET_PEER_TMP_KEY
#define SSL_CTRL_SET_MIN_PROTO_VERSION 123 #define SSL_CTRL_SET_MIN_PROTO_VERSION 123
#define SSL_CTRL_SET_MAX_PROTO_VERSION 124 #define SSL_CTRL_SET_MAX_PROTO_VERSION 124
#define SSL_CTRL_GET_MIN_PROTO_VERSION 125
#define SSL_CTRL_GET_MAX_PROTO_VERSION 126
#define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS #define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS
#define SSL_CTRL_EXTRA_CHAIN_CERT 14 #define SSL_CTRL_EXTRA_CHAIN_CERT 14
@ -1171,35 +1281,33 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL3_RANDOM_SIZE 32 /* same as RAN_LEN in internal.h */ #define SSL3_RANDOM_SIZE 32 /* same as RAN_LEN in internal.h */
#define SSL2_VERSION 0x0002 /* Used as message callback types */
#define SSL3_VERSION 0x0300 #define SSL3_RT_CHANGE_CIPHER_SPEC 20
#define TLS1_VERSION 0x0301 #define SSL3_RT_ALERT 21
#define TLS1_1_VERSION 0x0302 #define SSL3_RT_HANDSHAKE 22
#define TLS1_2_VERSION 0x0303 #define SSL3_RT_APPLICATION_DATA 23
#define TLS1_3_VERSION 0x0304
#define DTLS1_VERSION 0xFEFF
#define DTLS1_2_VERSION 0xFEFD
#define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L #define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L
#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L #define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L
#define CRYPTO_EX_INDEX_SSL 0
#define TLS_ANY_VERSION 0x10000 #define TLS_ANY_VERSION 0x10000
#define DTLS1_2_VERSION 0xFEFD #define DTLS1_2_VERSION 0xFEFD
#define DTLS_MAX_VERSION DTLS1_2_VERSION #define DTLS_MAX_VERSION DTLS1_2_VERSION
/* apache and lighty use SSL_CONF_FLAG_FILE to enable conf support */ /* apache and lighty use SSL_CONF_FLAG_FILE to enable conf support */
#if !defined(WOLFSSL_APACHE_HTTPD) && !defined(HAVE_LIGHTY)
#define SSL_CONF_FLAG_CMDLINE WOLFSSL_CONF_FLAG_CMDLINE #define SSL_CONF_FLAG_CMDLINE WOLFSSL_CONF_FLAG_CMDLINE
#define SSL_CONF_FLAG_FILE WOLFSSL_CONF_FLAG_FILE #define SSL_CONF_FLAG_FILE WOLFSSL_CONF_FLAG_FILE
#define SSL_CONF_FLAG_CERTIFICATE WOLFSSL_CONF_FLAG_CERTIFICATE #define SSL_CONF_FLAG_CERTIFICATE WOLFSSL_CONF_FLAG_CERTIFICATE
#define SSL_CONF_FLAG_SERVER WOLFSSL_CONF_FLAG_SERVER
#define SSL_CONF_FLAG_CLIENT WOLFSSL_CONF_FLAG_CLIENT
#define SSL_CONF_FLAG_SHOW_ERRORS WOLFSSL_CONF_FLAG_SHOW_ERRORS
#define SSL_CONF_TYPE_UNKNOWN WOLFSSL_CONF_TYPE_UNKNOWN
#define SSL_CONF_TYPE_STRING WOLFSSL_CONF_TYPE_STRING #define SSL_CONF_TYPE_STRING WOLFSSL_CONF_TYPE_STRING
#define SSL_CONF_TYPE_FILE WOLFSSL_CONF_TYPE_FILE #define SSL_CONF_TYPE_FILE WOLFSSL_CONF_TYPE_FILE
#endif #define SSL_CONF_TYPE_DIR WOLFSSL_CONF_TYPE_DIR
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \ #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
|| defined(OPENSSL_ALL) defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
#include <libs/libwolfssl/openssl/asn1.h>
#define SSL23_ST_SR_CLNT_HELLO_A (0x210|0x2000) #define SSL23_ST_SR_CLNT_HELLO_A (0x210|0x2000)
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|0x2000) #define SSL3_ST_SR_CLNT_HELLO_A (0x110|0x2000)
@ -1209,6 +1317,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_AD_UNRECOGNIZED_NAME unrecognized_name #define SSL_AD_UNRECOGNIZED_NAME unrecognized_name
#define SSL_AD_NO_RENEGOTIATION no_renegotiation #define SSL_AD_NO_RENEGOTIATION no_renegotiation
#define SSL_AD_INTERNAL_ERROR 80 #define SSL_AD_INTERNAL_ERROR 80
#define SSL_AD_NO_APPLICATION_PROTOCOL no_application_protocol
#define SSL_AD_MISSING_EXTENSION missing_extension
#define ASN1_STRFLGS_ESC_MSB 4 #define ASN1_STRFLGS_ESC_MSB 4
@ -1228,8 +1338,21 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define GENERAL_NAME_new wolfSSL_GENERAL_NAME_new #define GENERAL_NAME_new wolfSSL_GENERAL_NAME_new
#define GENERAL_NAME_free wolfSSL_GENERAL_NAME_free #define GENERAL_NAME_free wolfSSL_GENERAL_NAME_free
#define GENERAL_NAME_dup wolfSSL_GENERAL_NAME_dup
#define GENERAL_NAME_print wolfSSL_GENERAL_NAME_print
#define sk_GENERAL_NAME_push wolfSSL_sk_GENERAL_NAME_push #define sk_GENERAL_NAME_push wolfSSL_sk_GENERAL_NAME_push
#define sk_GENERAL_NAME_value wolfSSL_sk_GENERAL_NAME_value #define sk_GENERAL_NAME_value wolfSSL_sk_GENERAL_NAME_value
#define DIST_POINT_new wolfSSL_DIST_POINT_new
#define DIST_POINT_free wolfSSL_DIST_POINT_free
#define DIST_POINTS_free wolfSSL_DIST_POINTS_free
#define CRL_DIST_POINTS_free(cdp) wolfSSL_sk_DIST_POINT_pop_free((cdp), NULL)
#define sk_DIST_POINT_push wolfSSL_sk_DIST_POINT_push
#define sk_DIST_POINT_value wolfSSL_sk_DIST_POINT_value
#define sk_DIST_POINT_num wolfSSL_sk_DIST_POINT_num
#define sk_DIST_POINT_pop_free wolfSSL_sk_DIST_POINT_pop_free
#define sk_DIST_POINT_free wolfSSL_sk_DIST_POINT_free
#define SSL_SESSION_get_ex_data wolfSSL_SESSION_get_ex_data #define SSL_SESSION_get_ex_data wolfSSL_SESSION_get_ex_data
#define SSL_SESSION_set_ex_data wolfSSL_SESSION_set_ex_data #define SSL_SESSION_set_ex_data wolfSSL_SESSION_set_ex_data
#define SSL_SESSION_get_ex_new_index wolfSSL_SESSION_get_ex_new_index #define SSL_SESSION_get_ex_new_index wolfSSL_SESSION_get_ex_new_index
@ -1242,10 +1365,35 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define GENERAL_NAMES_free wolfSSL_GENERAL_NAMES_free #define GENERAL_NAMES_free wolfSSL_GENERAL_NAMES_free
#define AUTHORITY_INFO_ACCESS_free wolfSSL_AUTHORITY_INFO_ACCESS_free #define AUTHORITY_INFO_ACCESS_free wolfSSL_AUTHORITY_INFO_ACCESS_free
#define AUTHORITY_INFO_ACCESS_pop_free wolfSSL_AUTHORITY_INFO_ACCESS_pop_free
#define sk_ACCESS_DESCRIPTION_pop_free wolfSSL_sk_ACCESS_DESCRIPTION_pop_free #define sk_ACCESS_DESCRIPTION_pop_free wolfSSL_sk_ACCESS_DESCRIPTION_pop_free
#define sk_ACCESS_DESCRIPTION_free wolfSSL_sk_ACCESS_DESCRIPTION_free #define sk_ACCESS_DESCRIPTION_free wolfSSL_sk_ACCESS_DESCRIPTION_free
#define ACCESS_DESCRIPTION_free wolfSSL_ACCESS_DESCRIPTION_free #define ACCESS_DESCRIPTION_free wolfSSL_ACCESS_DESCRIPTION_free
/* Alert types, matched to AlertDescription enum in wolfssl/ssl.h */
#define SSL_AD_CLOSE_NOTIFY close_notify
#define SSL_AD_UNEXPECTED_MESSAGE unexpected_message
#define SSL_AD_BAD_RECORD_MAC bad_record_mac
#define SSL_AD_RECORD_OVERFLOW record_overflow
#define SSL_AD_DECOMPRESSION_FAILURE decompression_failure
#define SSL_AD_HANDSHAKE_FAILURE handshake_failure
#define SSL_AD_UNSUPPORTED_CERTIFICATE unsupported_certificate
#define SSL_AD_CERTIFICATE_REVOKED certificate_revoked
#define SSL_AD_CERTIFICATE_EXPIRED certificate_expired
#define SSL_AD_CERTIFICATE_UNKNOWN certificate_unknown
#define SSL_AD_ILLEGAL_PARAMETER illegal_parameter
#define SSL_AD_UNKNOWN_CA unknown_ca
#define SSL_AD_ACCESS_DENIED access_denied
#define SSL_AD_DECODE_ERROR decode_error
#define SSL_AD_DECRYPT_ERROR decrypt_error
#ifdef WOLFSSL_MYSQL_COMPATIBLE
#define SSL_AD_PROTOCOL_VERSION wc_protocol_version
#else
#define SSL_AD_PROTOCOL_VERSION protocol_version
#endif
#define SSL_AD_INSUFFICIENT_SECURITY insufficient_security
#define SSL_AD_USER_CANCELLED user_canceled
#define SSL3_AL_FATAL 2 #define SSL3_AL_FATAL 2
#define SSL_TLSEXT_ERR_OK 0 #define SSL_TLSEXT_ERR_OK 0
#define SSL_TLSEXT_ERR_ALERT_WARNING warning_return #define SSL_TLSEXT_ERR_ALERT_WARNING warning_return
@ -1266,6 +1414,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_add_server_custom_ext(...) 0 #define SSL_CTX_add_server_custom_ext(...) 0
#define SSL_get0_verified_chain wolfSSL_get0_verified_chain
#define X509_chain_up_ref wolfSSL_X509_chain_up_ref
#endif /* HAVE_STUNNEL || WOLFSSL_NGINX */ #endif /* HAVE_STUNNEL || WOLFSSL_NGINX */
#ifndef NO_WOLFSSL_STUB #ifndef NO_WOLFSSL_STUB
@ -1283,12 +1434,13 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_clear_extra_chain_certs wolfSSL_CTX_clear_extra_chain_certs #define SSL_CTX_clear_extra_chain_certs wolfSSL_CTX_clear_extra_chain_certs
#define SSL_certs_clear wolfSSL_certs_clear
/* Nginx uses this to determine if reached end of certs in file. /* Nginx uses this to determine if reached end of certs in file.
* PEM_read_bio_X509 is called and the return error is lost. * PEM_read_bio_X509 is called and the return error is lost.
* The error that needs to be detected is: SSL_NO_PEM_HEADER. * The error that needs to be detected is: SSL_NO_PEM_HEADER.
*/ */
#define ERR_GET_FUNC(l) (int)((((unsigned long)l) >> 12L) & 0xfffL) #define ERR_GET_FUNC(l) (int)((((unsigned long)(l)) >> 12L) & 0xfffL)
#define PEM_F_PEM_DEF_CALLBACK 100 #define PEM_F_PEM_DEF_CALLBACK 100
@ -1297,15 +1449,24 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define PEM_R_PROBLEMS_GETTING_PASSWORD (-MIN_CODE_E + 2) #define PEM_R_PROBLEMS_GETTING_PASSWORD (-MIN_CODE_E + 2)
#define PEM_R_BAD_PASSWORD_READ (-MIN_CODE_E + 3) #define PEM_R_BAD_PASSWORD_READ (-MIN_CODE_E + 3)
#define PEM_R_BAD_DECRYPT (-MIN_CODE_E + 4) #define PEM_R_BAD_DECRYPT (-MIN_CODE_E + 4)
#define ASN1_R_HEADER_TOO_LONG (-MIN_CODE_E + 5)
#define ERR_LIB_RSA 4
#define ERR_LIB_EC 16
#define ERR_LIB_SSL 20
#define ERR_LIB_PKCS12 35
#define ERR_LIB_PEM 9 #define ERR_LIB_PEM 9
#define ERR_LIB_X509 10 #define ERR_LIB_X509 10
#define ERR_LIB_EVP 11 #define ERR_LIB_EVP 11
#define ERR_LIB_ASN1 12 #define ERR_LIB_ASN1 12
#define ERR_LIB_DIGEST 13
#define ERR_LIB_CIPHER 14
#define ERR_LIB_USER 15
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_ALL) || \ defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) || \
defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) || \
defined(WOLFSSL_WPAS_SMALL)
#include <libs/libwolfssl/error-ssl.h> #include <libs/libwolfssl/error-ssl.h>
@ -1339,13 +1500,20 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_R_HTTP_REQUEST PARSE_ERROR #define SSL_R_HTTP_REQUEST PARSE_ERROR
#define SSL_R_UNSUPPORTED_PROTOCOL VERSION_ERROR #define SSL_R_UNSUPPORTED_PROTOCOL VERSION_ERROR
#define SSL_R_CERTIFICATE_VERIFY_FAILED VERIFY_CERT_ERROR #define SSL_R_CERTIFICATE_VERIFY_FAILED VERIFY_CERT_ERROR
#define SSL_R_CERT_CB_ERROR CLIENT_CERT_CB_ERROR
#define SSL_R_NULL_SSL_METHOD_PASSED BAD_FUNC_ARG
#ifdef HAVE_SESSION_TICKET #ifdef HAVE_SESSION_TICKET
#define SSL_OP_NO_TICKET SSL_OP_NO_TICKET
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72 #define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
#endif #endif
/* Some openssl consumers try to detect these options with ifdef, defining
* here since we use an enum internally instead */
#define SSL_OP_SINGLE_DH_USE WOLFSSL_OP_SINGLE_DH_USE
#define SSL_OP_SINGLE_ECDH_USE WOLFSSL_OP_SINGLE_ECDH_USE
#define SSL_OP_CIPHER_SERVER_PREFERENCE WOLFSSL_OP_CIPHER_SERVER_PREFERENCE
#define OPENSSL_config wolfSSL_OPENSSL_config #define OPENSSL_config wolfSSL_OPENSSL_config
#define OPENSSL_memdup wolfSSL_OPENSSL_memdup #define OPENSSL_memdup wolfSSL_OPENSSL_memdup
#define OPENSSL_cleanse wolfSSL_OPENSSL_cleanse #define OPENSSL_cleanse wolfSSL_OPENSSL_cleanse
@ -1361,6 +1529,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb #define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb
#define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb #define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb
#define SSL_CTX_get_extra_chain_certs wolfSSL_CTX_get_extra_chain_certs #define SSL_CTX_get_extra_chain_certs wolfSSL_CTX_get_extra_chain_certs
#define SSL_CTX_get0_chain_certs wolfSSL_CTX_get0_chain_certs
#define SSL_get0_chain_certs wolfSSL_get0_chain_certs
#define sk_OPENSSL_STRING_num wolfSSL_sk_WOLFSSL_STRING_num #define sk_OPENSSL_STRING_num wolfSSL_sk_WOLFSSL_STRING_num
#define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value #define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value
#define sk_OPENSSL_PSTRING_num wolfSSL_sk_WOLFSSL_STRING_num #define sk_OPENSSL_PSTRING_num wolfSSL_sk_WOLFSSL_STRING_num
@ -1400,12 +1570,25 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define NID_pkcs9_emailAddress 48 #define NID_pkcs9_emailAddress 48
#define OBJ_pkcs9_emailAddress 1L,2L,840L,113539L,1L,9L,1L #define OBJ_pkcs9_emailAddress 1L,2L,840L,113539L,1L,9L,1L
#define LN_basic_constraints "X509v3 Basic Constraints"
#define LN_key_usage "X509v3 Key Usage"
#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
#define LN_ext_key_usage "X509v3 Extended Key Usage"
#define SSL_get_rbio wolfSSL_SSL_get_rbio #define SSL_get_rbio wolfSSL_SSL_get_rbio
#define SSL_get_wbio wolfSSL_SSL_get_wbio #define SSL_get_wbio wolfSSL_SSL_get_wbio
#define SSL_do_handshake wolfSSL_SSL_do_handshake #define SSL_do_handshake wolfSSL_SSL_do_handshake
#if defined(WOLFSSL_EARLY_DATA) #if defined(WOLFSSL_EARLY_DATA)
#define SSL_EARLY_DATA_NOT_SENT WOLFSSL_EARLY_DATA_NOT_SENT
#define SSL_EARLY_DATA_REJECTED WOLFSSL_EARLY_DATA_REJECTED
#define SSL_EARLY_DATA_ACCEPTED WOLFSSL_EARLY_DATA_ACCEPTED
#define SSL_get_early_data_status wolfSSL_get_early_data_status #define SSL_get_early_data_status wolfSSL_get_early_data_status
#define SSL_set_max_early_data wolfSSL_set_max_early_data
#define SSL_get_max_early_data wolfSSL_get_max_early_data
#define SSL_CTX_set_max_early_data wolfSSL_CTX_set_max_early_data
#define SSL_CTX_get_max_early_data wolfSSL_CTX_get_max_early_data
#endif #endif
#endif /* OPENSSL_EXTRA */ #endif /* OPENSSL_EXTRA */
@ -1420,6 +1603,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) #define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
#define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9) #define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
#define X509_LU_NONE WOLFSSL_X509_LU_NONE
#define X509_LU_X509 WOLFSSL_X509_LU_X509
#define X509_LU_CRL WOLFSSL_X509_LU_CRL
#define X509_STORE_get0_objects wolfSSL_X509_STORE_get0_objects #define X509_STORE_get0_objects wolfSSL_X509_STORE_get0_objects
#define sk_X509_OBJECT_num wolfSSL_sk_X509_OBJECT_num #define sk_X509_OBJECT_num wolfSSL_sk_X509_OBJECT_num
#define sk_X509_OBJECT_value wolfSSL_sk_X509_OBJECT_value #define sk_X509_OBJECT_value wolfSSL_sk_X509_OBJECT_value
@ -1435,8 +1622,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#ifndef NO_WOLFSSL_STUB #ifndef NO_WOLFSSL_STUB
#define OBJ_create_objects(...) #define OBJ_create_objects(...)
#define sk_SSL_COMP_free(...)
#endif #endif
#define OBJ_dup wolfSSL_ASN1_OBJECT_dup
#define SSL_set_psk_use_session_callback wolfSSL_set_psk_use_session_callback #define SSL_set_psk_use_session_callback wolfSSL_set_psk_use_session_callback
#define SSL_SESSION_is_resumable wolfSSL_SESSION_is_resumable #define SSL_SESSION_is_resumable wolfSSL_SESSION_is_resumable
typedef WOLFSSL_CONF_CTX SSL_CONF_CTX; typedef WOLFSSL_CONF_CTX SSL_CONF_CTX;
@ -1447,9 +1637,74 @@ typedef WOLFSSL_CONF_CTX SSL_CONF_CTX;
#define SSL_CONF_CTX_set_flags wolfSSL_CONF_CTX_set_flags #define SSL_CONF_CTX_set_flags wolfSSL_CONF_CTX_set_flags
#define SSL_CONF_CTX_finish wolfSSL_CONF_CTX_finish #define SSL_CONF_CTX_finish wolfSSL_CONF_CTX_finish
#define SSL_CONF_cmd wolfSSL_CONF_cmd #define SSL_CONF_cmd wolfSSL_CONF_cmd
#define SSL_CONF_cmd_value_type wolfSSL_CONF_cmd_value_type
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef WOLFSSL_QUIC
#include <libs/libwolfssl/quic.h>
/* Used by Chromium/QUIC - according to quictls/openssl fork */
#define X25519_PRIVATE_KEY_LEN 32
#define X25519_PUBLIC_VALUE_LEN 32
/* TLSv1.3 cipher ids as defined in RFC 8446, returned by
* SSL_CIPHER_get_id(cipher)
* used by QUIC implementations, such as HAProxy
*/
#define TLS1_3_CK_AES_128_GCM_SHA256 0x1301
#define TLS1_3_CK_AES_256_GCM_SHA384 0x1302
#define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x1303
#define TLS1_3_CK_AES_128_CCM_SHA256 0x1304
#define TLS1_3_CK_AES_128_CCM_8_SHA256 0x1305
#define SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION QUIC_TP_MISSING_E
#define SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED QUIC_WRONG_ENC_LEVEL
#define ssl_quic_method_st wolfssl_quic_method_t
typedef WOLFSSL_QUIC_METHOD SSL_QUIC_METHOD;
#define ssl_encryption_level_t wolfssl_encryption_level_t
typedef WOLFSSL_ENCRYPTION_LEVEL OSSL_ENCRYPTION_LEVEL;
#define ssl_encryption_initial wolfssl_encryption_initial
#define ssl_encryption_early_data wolfssl_encryption_early_data
#define ssl_encryption_handshake wolfssl_encryption_handshake
#define ssl_encryption_application wolfssl_encryption_application
#define SSL_CTX_set_quic_method wolfSSL_CTX_set_quic_method
#define SSL_set_quic_method wolfSSL_set_quic_method
#define SSL_set_quic_transport_params wolfSSL_set_quic_transport_params
#define SSL_get_peer_quic_transport_params wolfSSL_get_peer_quic_transport_params
#define SSL_quic_max_handshake_flight_len wolfSSL_quic_max_handshake_flight_len
#define SSL_quic_read_level wolfSSL_quic_read_level
#define SSL_quic_write_level wolfSSL_quic_write_level
#define SSL_provide_quic_data wolfSSL_provide_quic_data
#define SSL_process_quic_post_handshake wolfSSL_process_quic_post_handshake
#define SSL_is_quic wolfSSL_is_quic
#define SSL_set_quic_transport_version wolfSSL_set_quic_transport_version
#define SSL_get_quic_transport_version wolfSSL_get_quic_transport_version
#define SSL_get_peer_quic_transport_version wolfSSL_get_peer_quic_transport_version
#define SSL_set_quic_early_data_enabled wolfSSL_set_quic_early_data_enabled
/* BoringSSL API - according to quictls/openssl fork */
#define SSL_set_quic_use_legacy_codepoint wolfSSL_set_quic_use_legacy_codepoint
/* TODO: we do not have this in our QUIC api and HAProxy does not use it
int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
*/
#endif /* WOLFSSL_QUIC */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif
#endif /* wolfSSL_openssl_h__ */ #endif /* !WOLFSSL_OPENSSL_H_ */

View File

@ -1,6 +1,6 @@
/* stack.h /* stack.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -30,8 +30,8 @@
typedef void (*wolfSSL_sk_freefunc)(void *); typedef void (*wolfSSL_sk_freefunc)(void *);
WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc); WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc f);
WOLFSSL_API void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK *); WOLFSSL_API void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK *sk);
WOLFSSL_API int wolfSSL_sk_GENERIC_push(WOLFSSL_STACK *sk, void *data); WOLFSSL_API int wolfSSL_sk_GENERIC_push(WOLFSSL_STACK *sk, void *data);
WOLFSSL_API void wolfSSL_sk_pop_free(WOLFSSL_STACK *st, void (*func) (void *)); WOLFSSL_API void wolfSSL_sk_pop_free(WOLFSSL_STACK *st, void (*func) (void *));
WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_new_null(void); WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_new_null(void);

View File

@ -1,6 +1,6 @@
/* tls1.h /* tls1.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -43,4 +43,10 @@
#define TLS_MAX_VERSION TLS1_3_VERSION #define TLS_MAX_VERSION TLS1_3_VERSION
#endif #endif
#ifdef WOLFSSL_QUIC
/* from rfc9001 */
#define TLSEXT_TYPE_quic_transport_parameters_draft 0xffa5
#define TLSEXT_TYPE_quic_transport_parameters 0x0039
#endif
#endif /* WOLFSSL_OPENSSL_TLS1_H_ */ #endif /* WOLFSSL_OPENSSL_TLS1_H_ */

View File

@ -1,5 +1,29 @@
/* x509.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* x509.h for openssl */ /* x509.h for openssl */
#ifndef WOLFSSL_OPENSSL_509_H_
#define WOLFSSL_OPENSSL_509_H_
#include <libs/libwolfssl/openssl/ssl.h> #include <libs/libwolfssl/openssl/ssl.h>
#include <libs/libwolfssl/openssl/crypto.h> #include <libs/libwolfssl/openssl/crypto.h>
#include <libs/libwolfssl/openssl/dh.h> #include <libs/libwolfssl/openssl/dh.h>
@ -7,6 +31,8 @@
#include <libs/libwolfssl/openssl/ecdsa.h> #include <libs/libwolfssl/openssl/ecdsa.h>
#include <libs/libwolfssl/openssl/pkcs7.h> #include <libs/libwolfssl/openssl/pkcs7.h>
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* wolfSSL_X509_print_ex flags */ /* wolfSSL_X509_print_ex flags */
#define X509_FLAG_COMPAT (0UL) #define X509_FLAG_COMPAT (0UL)
#define X509_FLAG_NO_HEADER (1UL << 0) #define X509_FLAG_NO_HEADER (1UL << 0)
@ -42,3 +68,11 @@
#define XN_FLAG_FN_ALIGN (1 << 25) #define XN_FLAG_FN_ALIGN (1 << 25)
#define XN_FLAG_MULTILINE 0xFFFF #define XN_FLAG_MULTILINE 0xFFFF
#define X509_EXTENSION_set_critical wolfSSL_X509_EXTENSION_set_critical
#define X509_EXTENSION_set_object wolfSSL_X509_EXTENSION_set_object
#define X509_EXTENSION_set_data wolfSSL_X509_EXTENSION_set_data
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* WOLFSSL_OPENSSL_509_H_ */

View File

@ -1,6 +1,6 @@
/* x509_vfy.h /* x509_vfy.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -32,11 +32,12 @@
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
WOLFSSL_API int wolfSSL_X509_STORE_CTX_set_purpose(WOLFSSL_X509_STORE_CTX *ctx, int purpose); WOLFSSL_API int wolfSSL_X509_STORE_CTX_set_purpose(WOLFSSL_X509_STORE_CTX *ctx, int purpose);
WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_flags(WOLFSSL_X509_STORE_CTX *ctx,
unsigned long flags);
#endif #endif
#ifdef WOLFSSL_QT
#define X509_STORE_CTX_set_purpose wolfSSL_X509_STORE_CTX_set_purpose #define X509_STORE_CTX_set_purpose wolfSSL_X509_STORE_CTX_set_purpose
#endif #define X509_STORE_CTX_set_flags wolfSSL_X509_STORE_CTX_set_flags
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

View File

@ -1,6 +1,6 @@
/* x509v3.h /* x509v3.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -31,15 +31,42 @@
extern "C" { extern "C" {
#endif #endif
#define EXFLAG_KUSAGE 0x2
#define EXFLAG_XKUSAGE 0x4
#define KU_DIGITAL_SIGNATURE KEYUSE_DIGITAL_SIG
#define KU_NON_REPUDIATION KEYUSE_CONTENT_COMMIT
#define KU_KEY_ENCIPHERMENT KEYUSE_KEY_ENCIPHER
#define KU_DATA_ENCIPHERMENT KEYUSE_DATA_ENCIPHER
#define KU_KEY_AGREEMENT KEYUSE_KEY_AGREE
#define KU_KEY_CERT_SIGN KEYUSE_KEY_CERT_SIGN
#define KU_CRL_SIGN KEYUSE_CRL_SIGN
#define KU_ENCIPHER_ONLY KEYUSE_ENCIPHER_ONLY
#define KU_DECIPHER_ONLY KEYUSE_DECIPHER_ONLY
#define XKU_SSL_SERVER 0x1
#define XKU_SSL_CLIENT 0x2
#define XKU_SMIME 0x4
#define XKU_CODE_SIGN 0x8
#define XKU_SGC 0x10
#define XKU_OCSP_SIGN 0x20
#define XKU_TIMESTAMP 0x40
#define XKU_DVCS 0x80
#define XKU_ANYEKU 0x100
#define X509_PURPOSE_SSL_CLIENT 0 #define X509_PURPOSE_SSL_CLIENT 0
#define X509_PURPOSE_SSL_SERVER 1 #define X509_PURPOSE_SSL_SERVER 1
#define NS_SSL_CLIENT 0 #define NS_SSL_CLIENT WC_NS_SSL_CLIENT
#define NS_SSL_SERVER 1 #define NS_SSL_SERVER WC_NS_SSL_SERVER
/* Forward reference */ /* Forward reference */
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x0090801fL
typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long); typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
#else
typedef void *(*X509V3_EXT_D2I)(void *, unsigned char **, long);
#endif
typedef int (*X509V3_EXT_I2D) (void *, unsigned char **); typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) ( typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) (
struct WOLFSSL_v3_ext_method *method, struct WOLFSSL_v3_ext_method *method,
@ -94,8 +121,13 @@ WOLFSSL_API WOLFSSL_BASIC_CONSTRAINTS* wolfSSL_BASIC_CONSTRAINTS_new(void);
WOLFSSL_API void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc); WOLFSSL_API void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc);
WOLFSSL_API WOLFSSL_AUTHORITY_KEYID* wolfSSL_AUTHORITY_KEYID_new(void); WOLFSSL_API WOLFSSL_AUTHORITY_KEYID* wolfSSL_AUTHORITY_KEYID_new(void);
WOLFSSL_API void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id); WOLFSSL_API void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id);
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
WOLFSSL_API const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get( WOLFSSL_API const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(
WOLFSSL_X509_EXTENSION* ex); WOLFSSL_X509_EXTENSION* ex);
#else
WOLFSSL_API WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(
WOLFSSL_X509_EXTENSION* ex);
#endif
WOLFSSL_API void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ex); WOLFSSL_API void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ex);
WOLFSSL_API char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method, WOLFSSL_API char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method,
const WOLFSSL_ASN1_STRING *s); const WOLFSSL_ASN1_STRING *s);
@ -103,6 +135,7 @@ WOLFSSL_API int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out,
WOLFSSL_X509_EXTENSION *ext, unsigned long flag, int indent); WOLFSSL_X509_EXTENSION *ext, unsigned long flag, int indent);
WOLFSSL_API int wolfSSL_X509V3_EXT_add_nconf(WOLFSSL_CONF *conf, WOLFSSL_X509V3_CTX *ctx, WOLFSSL_API int wolfSSL_X509V3_EXT_add_nconf(WOLFSSL_CONF *conf, WOLFSSL_X509V3_CTX *ctx,
const char *section, WOLFSSL_X509 *cert); const char *section, WOLFSSL_X509 *cert);
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_a2i_IPADDRESS(const char* ipa);
#define BASIC_CONSTRAINTS_free wolfSSL_BASIC_CONSTRAINTS_free #define BASIC_CONSTRAINTS_free wolfSSL_BASIC_CONSTRAINTS_free
#define AUTHORITY_KEYID_free wolfSSL_AUTHORITY_KEYID_free #define AUTHORITY_KEYID_free wolfSSL_AUTHORITY_KEYID_free
@ -116,11 +149,13 @@ WOLFSSL_API int wolfSSL_X509V3_EXT_add_nconf(WOLFSSL_CONF *conf, WOLFSSL_X509V3_
#define X509V3_parse_list(...) NULL #define X509V3_parse_list(...) NULL
#endif #endif
#define i2s_ASN1_OCTET_STRING wolfSSL_i2s_ASN1_STRING #define i2s_ASN1_OCTET_STRING wolfSSL_i2s_ASN1_STRING
#define a2i_IPADDRESS wolfSSL_a2i_IPADDRESS
#define X509V3_EXT_print wolfSSL_X509V3_EXT_print #define X509V3_EXT_print wolfSSL_X509V3_EXT_print
#define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid #define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid
#define X509V3_set_ctx wolfSSL_X509V3_set_ctx #define X509V3_set_ctx wolfSSL_X509V3_set_ctx
#ifndef NO_WOLFSSL_STUB #ifndef NO_WOLFSSL_STUB
#define X509V3_set_nconf(...) #define X509V3_set_nconf(...)
#define X509V3_EXT_cleanup(...)
#endif #endif
#define X509V3_set_ctx_test(ctx) wolfSSL_X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) #define X509V3_set_ctx_test(ctx) wolfSSL_X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
#define X509V3_set_ctx_nodb wolfSSL_X509V3_set_ctx_nodb #define X509V3_set_ctx_nodb wolfSSL_X509V3_set_ctx_nodb

View File

@ -0,0 +1,297 @@
/* quic.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* wolfSSL QUIC API */
#ifndef WOLFSSL_QUIC_H
#define WOLFSSL_QUIC_H
#ifdef __cplusplus
extern "C" {
#endif
#ifdef WOLFSSL_QUIC
/* QUIC operates on three encryption levels which determine
* which keys/algos are used for de-/encryption. These are
* kept separately for incoming and outgoing data and.
* Due to the nature of UDP, more than one might be in use
* at the same time due to resends or out-of-order arrivals.
*/
typedef enum wolfssl_encryption_level_t {
wolfssl_encryption_initial = 0,
wolfssl_encryption_early_data,
wolfssl_encryption_handshake,
wolfssl_encryption_application
} WOLFSSL_ENCRYPTION_LEVEL;
/* All QUIC related callbacks to the application.
*/
typedef struct wolfssl_quic_method_t WOLFSSL_QUIC_METHOD;
struct wolfssl_quic_method_t {
/**
* Provide secrets to the QUIC stack when they becaome available in the SSL
* instance during handshake processing. read/write secrets have the same
* length. A call may only provide one, passing NULL as the other.
*/
int (*set_encryption_secrets)(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t* read_secret,
const uint8_t* write_secret,
size_t secret_len);
/**
* Provide handshake packets to the QUIC stack to send to the peer. The
* QUIC stack will wrap these and take care of re-transmissions.
*/
int (*add_handshake_data)(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t* data, size_t len);
/**
* Flush any buffered packets during handshake.
*/
int (*flush_flight)(WOLFSSL* ssl);
/**
* Send a TLS alert that happend during handshake. In QUIC, such alerts
* lead to connection shutdown.
*/
int (*send_alert)(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
uint8_t alert);
};
/**
* Mark the given SSL context for QUIC protocol handling. Meaning all
* SSL instances derived from it will inherit this. Provides all callbacks
* to the QUIC application the SSL stack needs.
*/
WOLFSSL_API
int wolfSSL_CTX_set_quic_method(WOLFSSL_CTX* ctx,
const WOLFSSL_QUIC_METHOD* quic_method);
/**
* Mark extactly this SSL instance for QUIC protocol handling.
* Provides all callbacks to the QUIC application the SSL stack needs.
*/
WOLFSSL_API
int wolfSSL_set_quic_method(WOLFSSL* ssl,
const WOLFSSL_QUIC_METHOD* quic_method);
/**
* Check if QUIC handling has been installed on the given SSL instance.
*/
WOLFSSL_API int wolfSSL_is_quic(WOLFSSL* ssl);
/**
* Return the current encryption level of the SSL instance for READs.
*/
WOLFSSL_API
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_read_level(const WOLFSSL* ssl);
/**
* Return the current encryption level of the SSL instance for WRITEs.
*/
WOLFSSL_API
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_write_level(const WOLFSSL* ssl);
/**
* Configure the QUIC transport version to use. On `use_legacy` != 0,
* selects TLSX_KEY_QUIC_TP_PARAMS_DRAFT, otherwise TLSX_KEY_QUIC_TP_PARAMS.
* This method is part of the BoringSSL API and replicated here for app
* portability (as in quictls/openssl).
*/
WOLFSSL_API
void wolfSSL_set_quic_use_legacy_codepoint(WOLFSSL* ssl, int use_legacy);
/**
* Set the TLS extension for the transport parameter version to announce
* to the peer. Known values are TLSX_KEY_QUIC_TP_PARAMS (V1) and
* TLSX_KEY_QUIC_TP_PARAMS_DRAFT.
* Setting it to 0 will announce both V1 and draft versions to a server.
* Servers will, on 0, select the latest version seen from the client.
* Default is 0.
*/
WOLFSSL_API
void wolfSSL_set_quic_transport_version(WOLFSSL* ssl, int version);
/**
* Get the configured transport version.
*/
WOLFSSL_API int wolfSSL_get_quic_transport_version(const WOLFSSL* ssl);
/**
* Set the raw QUIC transport parameter that will be sent in the TLS extension
* to the peer, using the configured transport version(s).
*/
WOLFSSL_API int wolfSSL_set_quic_transport_params(WOLFSSL* ssl,
const uint8_t* params,
size_t params_len);
/**
* Get the raw QUIC transport parameter as retrieved via TLS Extension
* from the peer. If the peer announced several versions,
* return the latest one.
* If the extension has not arrived yet, initializes out parameter to
* NULL, resp. 0.
*/
WOLFSSL_API
void wolfSSL_get_peer_quic_transport_params(const WOLFSSL* ssl,
const uint8_t* *out_params,
size_t* out_params_len);
/**
* Get the QUIC version negotiated with the peer during the handshake.
*/
WOLFSSL_API int wolfSSL_get_peer_quic_transport_version(const WOLFSSL* ssl);
#ifdef WOLFSSL_EARLY_DATA
WOLFSSL_API void wolfSSL_set_quic_early_data_enabled(WOLFSSL* ssl, int enabled);
#endif
/**
* Advisory amount of the maximum data a QUIC protocol handler should have
* in flight. This varies during handshake processing, for example certficate
* exchange will increase the limit.
*/
WOLFSSL_API
size_t wolfSSL_quic_max_handshake_flight_len(const WOLFSSL* ssl,
WOLFSSL_ENCRYPTION_LEVEL level);
/**
* The QUIC protocol handler provides peer TLS records to the SSL instance
* during handshake to progress it. The SSL instance will use the registered
* callbacks to send packets to the peer.
* Encryption level is provided to indicate how to decrypt the data. Data may
* be added for levels not yet reached by the SSL instance. However, data
* may only be added in ever increasing levels and levels may only increase
* at TLS record boundaries. Any violation will make this function fail.
*/
WOLFSSL_API
int wolfSSL_provide_quic_data(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t* data, size_t len);
WOLFSSL_API
int wolfSSL_quic_do_handshake(WOLFSSL* ssl);
/**
* Process any CRYPTO data added post-handshake.
*/
WOLFSSL_API int wolfSSL_process_quic_post_handshake(WOLFSSL* ssl);
/**
* Process any pending input and flush all output. Can be invoked
* during and/or after handshake processing.
*/
WOLFSSL_API int wolfSSL_quic_read_write(WOLFSSL* ssl);
/**
* Get the AEAD cipher that is currently selected in the SSL instance.
* Will return NULL if none has been selected so far. This is used by the
* QUIC stack to encrypt/decrypt packets after the handshake.
*/
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl);
/**
* Use to classify the AEAD cipher for key reuse limits.
*/
WOLFSSL_API int wolfSSL_quic_aead_is_gcm(const WOLFSSL_EVP_CIPHER* aead_cipher);
WOLFSSL_API int wolfSSL_quic_aead_is_ccm(const WOLFSSL_EVP_CIPHER* aead_cipher);
WOLFSSL_API
int wolfSSL_quic_aead_is_chacha20(const WOLFSSL_EVP_CIPHER* aead_cipher);
/**
* Get the 'tag' length used by the AEAD cipher. Encryption buffer lengths
* are plaintext length plus this tag length.
*/
WOLFSSL_API
size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher);
/**
* The message digest currently selected in the SSL instance.
*/
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_quic_get_md(WOLFSSL* ssl);
/**
* The QUIC header protection cipher matching the AEAD cipher currently
* selected in the SSL instance.
*/
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_hp(WOLFSSL* ssl);
/**
* Create and initialize a cipher context for use in en- or decryption.
*/
WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX*
wolfSSL_quic_crypt_new(const WOLFSSL_EVP_CIPHER* cipher,
const uint8_t* key, const uint8_t* iv, int encrypt);
/**
* Use a previously created cipher context to encrypt the given plain text.
*/
WOLFSSL_API
int wolfSSL_quic_aead_encrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* aead_ctx,
const uint8_t* plain, size_t plainlen,
const uint8_t* iv, const uint8_t* aad,
size_t aadlen);
/**
* Use a previously created cipher context to decrypt the given encoded text.
*/
WOLFSSL_API
int wolfSSL_quic_aead_decrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* ctx,
const uint8_t* enc, size_t enclen,
const uint8_t* iv, const uint8_t* aad,
size_t aadlen);
/**
* Extract a pseudo-random key, using the given message digest, a secret
* and a salt. The key size is the size of the digest.
*/
WOLFSSL_API
int wolfSSL_quic_hkdf_extract(uint8_t* dest, const WOLFSSL_EVP_MD* md,
const uint8_t* secret, size_t secretlen,
const uint8_t* salt, size_t saltlen);
/**
* Expand a pseudo-random key (secret) into a new key, using the mesasge
* digest and the info bytes.
*/
WOLFSSL_API
int wolfSSL_quic_hkdf_expand(uint8_t* dest, size_t destlen,
const WOLFSSL_EVP_MD* md,
const uint8_t* secret, size_t secretlen,
const uint8_t* info, size_t infolen);
/**
* Extract and extpand secret, salt and info into a new key.
*/
WOLFSSL_API
int wolfSSL_quic_hkdf(uint8_t* dest, size_t destlen,
const WOLFSSL_EVP_MD* md,
const uint8_t* secret, size_t secretlen,
const uint8_t* salt, size_t saltlen,
const uint8_t* info, size_t infolen);
#endif /* WOLFSSL_QUIC */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_QUIC_H */

View File

@ -1,6 +1,6 @@
/* sniffer.h /* sniffer.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -27,6 +27,11 @@
#include <libs/libwolfssl/wolfcrypt/settings.h> #include <libs/libwolfssl/wolfcrypt/settings.h>
#include <libs/libwolfssl/wolfcrypt/asn_public.h> #include <libs/libwolfssl/wolfcrypt/asn_public.h>
#ifdef HAVE_WOLF_EVENT
#include <libs/libwolfssl/wolfcrypt/wolfevent.h>
#endif
#ifdef _WIN32 #ifdef _WIN32
#ifdef SSL_SNIFFER_EXPORTS #ifdef SSL_SNIFFER_EXPORTS
#define SSL_SNIFFER_API __declspec(dllexport) #define SSL_SNIFFER_API __declspec(dllexport)
@ -42,6 +47,22 @@
extern "C" { extern "C" {
#endif #endif
typedef struct IpAddrInfo {
int version;
union {
word32 ip4;
byte ip6[16];
};
} IpAddrInfo;
typedef struct SnifferStreamInfo {
IpAddrInfo src; /* server address in network byte order */
IpAddrInfo dst; /* client address in network byte order */
word16 dstPort; /* server port */
word16 srcPort; /* client port */
} SnifferStreamInfo;
/* @param typeK: (formerly keyType) was shadowing a global declaration in /* @param typeK: (formerly keyType) was shadowing a global declaration in
* wolfssl/wolfcrypt/asn.h line 175 * wolfssl/wolfcrypt/asn.h line 175
*/ */
@ -119,9 +140,15 @@ SSL_SNIFFER_API int ssl_GetSessionStats(unsigned int* active,
unsigned int* reassemblyMemory, unsigned int* reassemblyMemory,
char* error); char* error);
WOLFSSL_API void ssl_InitSniffer(void); WOLFSSL_API
SSL_SNIFFER_API void ssl_InitSniffer(void);
WOLFSSL_API
SSL_SNIFFER_API void ssl_InitSniffer_ex(int devId);
WOLFSSL_API
SSL_SNIFFER_API void ssl_InitSniffer_ex2(int threadNum);
WOLFSSL_API void ssl_FreeSniffer(void); WOLFSSL_API
SSL_SNIFFER_API void ssl_FreeSniffer(void);
/* ssl_SetPrivateKey typeKs */ /* ssl_SetPrivateKey typeKs */
@ -167,46 +194,45 @@ SSL_SNIFFER_API int ssl_SetConnectionCtx(void* ctx);
typedef struct SSLStats typedef struct SSLStats
{ {
unsigned long int sslStandardConns; unsigned long int sslStandardConns; /* server_hello count not including resumed sessions */
unsigned long int sslClientAuthConns; unsigned long int sslClientAuthConns; /* client's who have presented certificates (mutual authentication) */
unsigned long int sslResumedConns; unsigned long int sslResumedConns; /* resumed connections */
unsigned long int sslEphemeralMisses; unsigned long int sslEphemeralMisses; /* TLS v1.2 and older PFS / ephemeral connections missed (not able to decrypt) */
unsigned long int sslResumeMisses; unsigned long int sslResumeMisses; /* Resumption sessions not found */
unsigned long int sslCiphersUnsupported; unsigned long int sslCiphersUnsupported; /* No cipher suite match found when compared to supported */
unsigned long int sslKeysUnmatched; unsigned long int sslKeysUnmatched; /* Key callback failures (not found). Applies to WOLFSSL_SNIFFER_WATCH only */
unsigned long int sslKeyFails; unsigned long int sslKeyFails; /* Failures loading or using keys */
unsigned long int sslDecodeFails; unsigned long int sslDecodeFails; /* Dropped packets (not application_data or match protocol version) */
unsigned long int sslAlerts; unsigned long int sslAlerts; /* Number of decoded alert messages */
unsigned long int sslDecryptedBytes; unsigned long int sslDecryptedBytes; /* Number of decrypted bytes */
unsigned long int sslEncryptedBytes; unsigned long int sslEncryptedBytes; /* Number of encrypted bytes */
unsigned long int sslEncryptedPackets; unsigned long int sslEncryptedPackets; /* Number of encrypted packets */
unsigned long int sslDecryptedPackets; unsigned long int sslDecryptedPackets; /* Number of decrypted packets */
unsigned long int sslKeyMatches; unsigned long int sslKeyMatches; /* Key callback successes (failures tracked in sslKeysUnmatched). Applies to WOLFSSL_SNIFFER_WATCH only. */
unsigned long int sslEncryptedConns; unsigned long int sslEncryptedConns; /* Number of created sniffer sessions */
unsigned long int sslResumptionInserts; unsigned long int sslResumptionInserts; /* Number of sessions reused with resumption */
} SSLStats; } SSLStats;
WOLFSSL_API WOLFSSL_API
SSL_SNIFFER_API int ssl_ResetStatistics(void); SSL_SNIFFER_API int ssl_ResetStatistics(void);
WOLFSSL_API WOLFSSL_API
SSL_SNIFFER_API int ssl_ReadStatistics(SSLStats* stats); SSL_SNIFFER_API int ssl_ReadStatistics(SSLStats* stats);
WOLFSSL_API WOLFSSL_API
SSL_SNIFFER_API int ssl_ReadResetStatistics(SSLStats* stats); SSL_SNIFFER_API int ssl_ReadResetStatistics(SSLStats* stats);
#if defined(WOLFSSL_STATIC_EPHEMERAL) && defined(WOLFSSL_TLS13)
/* macro indicating support for key callback */
#undef WOLFSSL_SNIFFER_KEY_CALLBACK
#define WOLFSSL_SNIFFER_KEY_CALLBACK
typedef int (*SSLKeyCb)(void* vSniffer, int namedGroup, typedef int (*SSLKeyCb)(void* vSniffer, int namedGroup,
const unsigned char* srvPub, unsigned int srvPubSz, const unsigned char* srvPub, unsigned int srvPubSz,
const unsigned char* cliPub, unsigned int cliPubSz, const unsigned char* cliPub, unsigned int cliPubSz,
DerBuffer* privKey, void* cbCtx, char* error); DerBuffer* privKey, void* cbCtx, char* error);
#if defined(WOLFSSL_STATIC_EPHEMERAL) && defined(WOLFSSL_TLS13)
/* macro indicating support for key callback */
#undef WOLFSSL_SNIFFER_KEY_CALLBACK
#define WOLFSSL_SNIFFER_KEY_CALLBACK
WOLFSSL_API WOLFSSL_API
SSL_SNIFFER_API int ssl_SetKeyCallback(SSLKeyCb cb, void* cbCtx); SSL_SNIFFER_API int ssl_SetKeyCallback(SSLKeyCb cb, void* cbCtx);
#endif #endif
@ -270,6 +296,24 @@ SSL_SNIFFER_API int ssl_DecodePacketWithChainSessionInfoStoreData(
char* error); char* error);
#endif #endif
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacket_GetStream(SnifferStreamInfo* info,
const byte* packet, int length, char* error);
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacketAsync(void* packet, unsigned int packetSz,
int isChain, unsigned char** data, char* error, SSLInfo* sslInfo,
void* userCtx);
WOLFSSL_API
SSL_SNIFFER_API int ssl_PollSniffer(WOLF_EVENT** events, int maxEvents,
WOLF_EVENT_FLAG flags, int* eventCount);
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

View File

@ -1,6 +1,6 @@
/* sniffer_error.h /* sniffer_error.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -138,6 +138,10 @@
#define CHAIN_INPUT_STR 93 #define CHAIN_INPUT_STR 93
#define GOT_ENC_EXT_STR 94 #define GOT_ENC_EXT_STR 94
#define GOT_HELLO_RETRY_REQ_STR 95 #define GOT_HELLO_RETRY_REQ_STR 95
#define SNIFFER_KEY_SETUP_STR 96
#define UNSUPPORTED_TLS_VER_STR 97
#define KEY_MISMATCH_STR 98
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */ /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
/* wolfssl_version.h.in /* wolfssl_version.h.in
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -28,8 +28,8 @@
extern "C" { extern "C" {
#endif #endif
#define LIBWOLFSSL_VERSION_STRING "4.8.1" #define LIBWOLFSSL_VERSION_STRING "5.5.4"
#define LIBWOLFSSL_VERSION_HEX 0x04008001 #define LIBWOLFSSL_VERSION_HEX 0x05005004
#ifdef __cplusplus #ifdef __cplusplus
} }

View File

@ -1,6 +1,6 @@
/* aes.h /* aes.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -67,7 +67,24 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#endif #endif
#ifdef WOLFSSL_XILINX_CRYPT #ifdef WOLFSSL_XILINX_CRYPT
#include "xsecure_aes.h" #ifdef WOLFSSL_XILINX_CRYPT_VERSAL
#include <libs/libwolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h>
#include <xsecure_aesclient.h>
#define WOLFSSL_XILINX_AES_KEY_SRC XSECURE_AES_USER_KEY_0
#else /* versal */
#include <xsecure_aes.h>
#define WOLFSSL_XILINX_AES_KEY_SRC XSECURE_CSU_AES_KEY_SRC_KUP
#endif /* !versal */
#endif /* WOLFSSL_XILINX_CRYPT */
#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_AFALG_XILINX_AES)
#if !defined(WOLFSSL_XILINX_AES_KEY_SRC)
#define WOLFSSL_XILINX_AES_KEY_SRC 0
#endif /* !defined(WOLFSSL_XILINX_AES_KEY_SRC) */
#endif /* all Xilinx crypto */
#ifdef WOLFSSL_SE050
#include <libs/libwolfssl/wolfcrypt/port/nxp/se050_port.h>
#endif #endif
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES) #if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
@ -75,6 +92,10 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <libs/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h> #include <libs/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
#endif #endif
#if defined(WOLFSSL_KCAPI_AES)
#include <libs/libwolfssl/wolfcrypt/port/kcapi/wc_kcapi.h>
#endif
#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC) #if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
#include <libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h> #include <libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif #endif
@ -88,13 +109,21 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <libs/libwolfssl/wolfcrypt/random.h> #include <libs/libwolfssl/wolfcrypt/random.h>
#endif #endif
#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
#include <psa/crypto.h>
#endif
#if defined(WOLFSSL_CRYPTOCELL) #if defined(WOLFSSL_CRYPTOCELL)
#include <libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h> #include <libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h>
#endif #endif
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
#include <libs/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h> #include <libs/libwolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h>
#endif
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
#include <libs/libwolfssl/wolfcrypt/port/maxim/maxq10xx.h>
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
@ -131,7 +160,7 @@ enum {
KEYWRAP_BLOCK_SIZE = 8, KEYWRAP_BLOCK_SIZE = 8,
GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */ GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */ GCM_NONCE_MID_SZ = 12, /* The default nonce size for AES-GCM. */
GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */ GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
CCM_NONCE_MIN_SZ = 7, CCM_NONCE_MIN_SZ = 7,
CCM_NONCE_MAX_SZ = 13, CCM_NONCE_MAX_SZ = 13,
@ -147,7 +176,7 @@ enum {
AES_XTS_MODE = 3, AES_XTS_MODE = 3,
#endif #endif
#ifdef HAVE_PKCS11 #ifdef WOLF_PRIVATE_KEY_ID
AES_MAX_ID_LEN = 32, AES_MAX_ID_LEN = 32,
AES_MAX_LABEL_LEN = 32, AES_MAX_LABEL_LEN = 32,
#endif #endif
@ -174,6 +203,13 @@ struct Aes {
word32 aadLen; /* additional authenticated data len */ word32 aadLen; /* additional authenticated data len */
#endif #endif
#ifdef WOLFSSL_SE050
sss_symmetric_t aes_ctx; /* used as the function context */
int ctxInitDone;
word32 keyId;
byte keyIdSet;
byte useSWCrypt; /* Use SW crypt instead of SE050, before SCP03 auth */
#endif
#ifdef GCM_TABLE #ifdef GCM_TABLE
/* key-based fast multiplication table. */ /* key-based fast multiplication table. */
ALIGN16 byte M0[256][AES_BLOCK_SIZE]; ALIGN16 byte M0[256][AES_BLOCK_SIZE];
@ -188,6 +224,9 @@ struct Aes {
word32 y0; word32 y0;
#endif #endif
#endif /* HAVE_AESGCM */ #endif /* HAVE_AESGCM */
#ifdef WOLFSSL_CAAM
int blackKey; /* black key / hsm key id */
#endif
#ifdef WOLFSSL_AESNI #ifdef WOLFSSL_AESNI
byte use_aesni; byte use_aesni;
#endif /* WOLFSSL_AESNI */ #endif /* WOLFSSL_AESNI */
@ -195,7 +234,7 @@ struct Aes {
int devId; int devId;
void* devCtx; void* devCtx;
#endif #endif
#ifdef HAVE_PKCS11 #ifdef WOLF_PRIVATE_KEY_ID
byte id[AES_MAX_ID_LEN]; byte id[AES_MAX_ID_LEN];
int idLen; int idLen;
char label[AES_MAX_LABEL_LEN]; char label[AES_MAX_LABEL_LEN];
@ -209,9 +248,16 @@ struct Aes {
word32 left; /* unused bytes left from last call */ word32 left; /* unused bytes left from last call */
#endif #endif
#ifdef WOLFSSL_XILINX_CRYPT #ifdef WOLFSSL_XILINX_CRYPT
#ifdef WOLFSSL_XILINX_CRYPT_VERSAL
wc_Xsecure xSec;
XSecure_AesKeySize xKeySize;
int aadStyle;
byte keyInit[WOLFSSL_XSECURE_AES_KEY_SIZE] ALIGN64;
#else
XSecure_Aes xilAes; XSecure_Aes xilAes;
XCsuDma dma; XCsuDma dma;
word32 key_init[8]; word32 keyInit[8];
#endif
word32 kup; word32 kup;
#endif #endif
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES) #if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
@ -224,9 +270,14 @@ struct Aes {
GCM_NONCE_MID_SZ)]; GCM_NONCE_MID_SZ)];
#endif #endif
#endif #endif
#if defined(WOLFSSL_KCAPI_AES)
struct kcapi_handle* handle;
int init;
#endif
#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \ #if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \ (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)) (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)) || \
defined(WOLFSSL_KCAPI_AES)
word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */ word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
#ifdef HAVE_CAVIUM_OCTEON_SYNC #ifdef HAVE_CAVIUM_OCTEON_SYNC
int keySet; int keySet;
@ -243,11 +294,23 @@ struct Aes {
defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
TSIP_AES_CTX ctx; TSIP_AES_CTX ctx;
#endif #endif
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
SCE_AES_CTX ctx;
#endif
#if defined(WOLFSSL_IMXRT_DCP) #if defined(WOLFSSL_IMXRT_DCP)
dcp_handle_t handle; dcp_handle_t handle;
#endif #endif
#if defined(WOLFSSL_SILABS_SE_ACCEL) #if defined(WOLFSSL_SILABS_SE_ACCEL)
silabs_aes_t ctx; silabs_aes_t ctx;
#endif
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
maxq_aes_t maxq_ctx;
#endif
#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
psa_key_id_t key_id;
psa_cipher_operation_t psa_ctx;
int ctx_initialized;
int key_need_importing;
#endif #endif
void* heap; /* memory hint to use */ void* heap; /* memory hint to use */
#ifdef WOLFSSL_AESGCM_STREAM #ifdef WOLFSSL_AESGCM_STREAM
@ -351,10 +414,27 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
#endif #endif
/* AES-DIRECT */ /* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT) #if defined(WOLFSSL_AES_DIRECT)
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in); WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in); WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len, WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir); const byte* iv, int dir);
#elif defined(BUILDING_WOLFSSL)
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesEncryptDirect(Aes* aes, byte* out,
const byte* in);
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesDecryptDirect(Aes* aes, byte* out,
const byte* in);
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesSetKeyDirect(Aes* aes,
const byte* key,
word32 len,
const byte* iv, int dir);
#else
WOLFSSL_API int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
#endif
#endif #endif
#ifdef HAVE_AESGCM #ifdef HAVE_AESGCM
@ -488,7 +568,7 @@ WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize); WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId); WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
#ifdef HAVE_PKCS11 #ifdef WOLF_PRIVATE_KEY_ID
WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap, WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
int devId); int devId);
WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap, WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap,
@ -496,6 +576,17 @@ WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap,
#endif #endif
WOLFSSL_API void wc_AesFree(Aes* aes); WOLFSSL_API void wc_AesFree(Aes* aes);
#ifdef WOLFSSL_AES_SIV
WOLFSSL_API
int wc_AesSivEncrypt(const byte* key, word32 keySz, const byte* assoc,
word32 assocSz, const byte* nonce, word32 nonceSz,
const byte* in, word32 inSz, byte* siv, byte* out);
WOLFSSL_API
int wc_AesSivDecrypt(const byte* key, word32 keySz, const byte* assoc,
word32 assocSz, const byte* nonce, word32 nonceSz,
const byte* in, word32 inSz, byte* siv, byte* out);
#endif
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

View File

@ -1,6 +1,6 @@
/* arc4.h /* arc4.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -53,11 +53,12 @@ typedef struct Arc4 {
void* heap; void* heap;
} Arc4; } Arc4;
WOLFSSL_API int wc_Arc4Process(Arc4*, byte*, const byte*, word32); WOLFSSL_API int wc_Arc4Process(Arc4* arc4, byte* out, const byte* in,
WOLFSSL_API int wc_Arc4SetKey(Arc4*, const byte*, word32); word32 length);
WOLFSSL_API int wc_Arc4SetKey(Arc4* arc4, const byte* key, word32 length);
WOLFSSL_API int wc_Arc4Init(Arc4*, void*, int); WOLFSSL_API int wc_Arc4Init(Arc4* arc4, void* heap, int devId);
WOLFSSL_API void wc_Arc4Free(Arc4*); WOLFSSL_API void wc_Arc4Free(Arc4* arc4);
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
/* asn_public.h /* asn_public.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -33,6 +33,7 @@ This library defines the interface APIs for X509 certificates.
#include <libs/libwolfssl/wolfcrypt/types.h> #include <libs/libwolfssl/wolfcrypt/types.h>
#include <libs/libwolfssl/wolfcrypt/dsa.h> #include <libs/libwolfssl/wolfcrypt/dsa.h>
#include <libs/libwolfssl/wolfcrypt/random.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -47,22 +48,38 @@ This library defines the interface APIs for X509 certificates.
typedef struct ed25519_key ed25519_key; typedef struct ed25519_key ed25519_key;
#define WC_ED25519KEY_TYPE_DEFINED #define WC_ED25519KEY_TYPE_DEFINED
#endif #endif
#ifndef WC_CURVE25519KEY_TYPE_DEFINED
typedef struct curve25519_key curve25519_key;
#define WC_CURVE25519KEY_TYPE_DEFINED
#endif
#ifndef WC_ED448KEY_TYPE_DEFINED #ifndef WC_ED448KEY_TYPE_DEFINED
typedef struct ed448_key ed448_key; typedef struct ed448_key ed448_key;
#define WC_ED448KEY_TYPE_DEFINED #define WC_ED448KEY_TYPE_DEFINED
#endif #endif
#ifndef WC_CURVE448KEY_TYPE_DEFINED
typedef struct curve448_key curve448_key;
#define WC_CURVE448KEY_TYPE_DEFINED
#endif
#ifndef WC_RSAKEY_TYPE_DEFINED #ifndef WC_RSAKEY_TYPE_DEFINED
typedef struct RsaKey RsaKey; typedef struct RsaKey RsaKey;
#define WC_RSAKEY_TYPE_DEFINED #define WC_RSAKEY_TYPE_DEFINED
#endif #endif
#ifndef WC_RNG_TYPE_DEFINED
typedef struct WC_RNG WC_RNG;
#define WC_RNG_TYPE_DEFINED
#endif
#ifndef WC_DH_TYPE_DEFINED #ifndef WC_DH_TYPE_DEFINED
typedef struct DhKey DhKey; typedef struct DhKey DhKey;
#define WC_DH_TYPE_DEFINED #define WC_DH_TYPE_DEFINED
#endif #endif
#ifndef WC_FALCONKEY_TYPE_DEFINED
typedef struct falcon_key falcon_key;
#define WC_FALCONKEY_TYPE_DEFINED
#endif
#ifndef WC_DILITHIUMKEY_TYPE_DEFINED
typedef struct dilithium_key dilithium_key;
#define WC_DILITHIUMKEY_TYPE_DEFINED
#endif
#ifndef WC_SPHINCSKEY_TYPE_DEFINED
typedef struct sphincs_key sphincs_key;
#define WC_SPHINCSKEY_TYPE_DEFINED
#endif
enum Ecc_Sum { enum Ecc_Sum {
ECC_SECP112R1_OID = 182, ECC_SECP112R1_OID = 182,
@ -125,6 +142,22 @@ enum CertType {
PKCS8_ENC_PRIVATEKEY_TYPE, PKCS8_ENC_PRIVATEKEY_TYPE,
DETECT_CERT_TYPE, DETECT_CERT_TYPE,
DH_PRIVATEKEY_TYPE, DH_PRIVATEKEY_TYPE,
X942_PARAM_TYPE,
FALCON_LEVEL1_TYPE,
FALCON_LEVEL5_TYPE,
DILITHIUM_LEVEL2_TYPE,
DILITHIUM_LEVEL3_TYPE,
DILITHIUM_LEVEL5_TYPE,
DILITHIUM_AES_LEVEL2_TYPE,
DILITHIUM_AES_LEVEL3_TYPE,
DILITHIUM_AES_LEVEL5_TYPE,
SPHINCS_FAST_LEVEL1_TYPE,
SPHINCS_FAST_LEVEL3_TYPE,
SPHINCS_FAST_LEVEL5_TYPE,
SPHINCS_SMALL_LEVEL1_TYPE,
SPHINCS_SMALL_LEVEL3_TYPE,
SPHINCS_SMALL_LEVEL5_TYPE,
}; };
@ -155,8 +188,27 @@ enum Ctc_SigType {
CTC_SHA3_384wRSA = 429, CTC_SHA3_384wRSA = 429,
CTC_SHA3_512wRSA = 430, CTC_SHA3_512wRSA = 430,
CTC_RSASSAPSS = 654,
CTC_ED25519 = 256, CTC_ED25519 = 256,
CTC_ED448 = 257 CTC_ED448 = 257,
CTC_FALCON_LEVEL1 = 268,
CTC_FALCON_LEVEL5 = 271,
CTC_DILITHIUM_LEVEL2 = 213,
CTC_DILITHIUM_LEVEL3 = 216,
CTC_DILITHIUM_LEVEL5 = 220,
CTC_DILITHIUM_AES_LEVEL2 = 217,
CTC_DILITHIUM_AES_LEVEL3 = 221,
CTC_DILITHIUM_AES_LEVEL5 = 224,
CTC_SPHINCS_FAST_LEVEL1 = 281,
CTC_SPHINCS_FAST_LEVEL3 = 283,
CTC_SPHINCS_FAST_LEVEL5 = 282,
CTC_SPHINCS_SMALL_LEVEL1 = 287,
CTC_SPHINCS_SMALL_LEVEL3 = 285,
CTC_SPHINCS_SMALL_LEVEL5 = 286,
}; };
enum Ctc_Encoding { enum Ctc_Encoding {
@ -170,6 +222,11 @@ enum Ctc_Encoding {
#ifndef WC_CTC_MAX_ALT_SIZE #ifndef WC_CTC_MAX_ALT_SIZE
#define WC_CTC_MAX_ALT_SIZE 16384 #define WC_CTC_MAX_ALT_SIZE 16384
#endif #endif
#ifdef WOLFSSL_CERT_EXT
#ifndef WC_CTC_MAX_CRLINFO_SZ
#define WC_CTC_MAX_CRLINFO_SZ 200
#endif
#endif
enum Ctc_Misc { enum Ctc_Misc {
CTC_COUNTRY_SIZE = 2, CTC_COUNTRY_SIZE = 2,
@ -178,13 +235,19 @@ enum Ctc_Misc {
CTC_MAX_ALT_SIZE = WC_CTC_MAX_ALT_SIZE, /* may be huge, default: 16384 */ CTC_MAX_ALT_SIZE = WC_CTC_MAX_ALT_SIZE, /* may be huge, default: 16384 */
CTC_SERIAL_SIZE = 20, CTC_SERIAL_SIZE = 20,
CTC_GEN_SERIAL_SZ = 16, CTC_GEN_SERIAL_SZ = 16,
CTC_FILETYPE_ASN1 = 2,
CTC_FILETYPE_PEM = 1,
CTC_FILETYPE_DEFAULT = 2,
#ifdef WOLFSSL_CERT_EXT #ifdef WOLFSSL_CERT_EXT
/* AKID could contains: hash + (Option) AuthCertIssuer,AuthCertSerialNum /* AKID could contains: hash + (Option) AuthCertIssuer,AuthCertSerialNum
* We support only hash */ * We support only hash */
CTC_MAX_SKID_SIZE = 32, /* SHA256_DIGEST_SIZE */ CTC_MAX_SKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_AKID_SIZE = 32, /* SHA256_DIGEST_SIZE */ CTC_MAX_AKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_CERTPOL_SZ = 64, CTC_MAX_CERTPOL_SZ = 200, /* RFC 5280 Section 4.2.1.4 */
CTC_MAX_CERTPOL_NB = 2 /* Max number of Certificate Policy */ CTC_MAX_CERTPOL_NB = 2, /* Max number of Certificate Policy */
CTC_MAX_CRLINFO_SZ = WC_CTC_MAX_CRLINFO_SZ, /* Arbitrary size that should be
* enough for at least two
* distribution points. */
#endif /* WOLFSSL_CERT_EXT */ #endif /* WOLFSSL_CERT_EXT */
}; };
@ -205,21 +268,35 @@ typedef struct WOLFSSL_ASN1_TIME {
enum { enum {
IV_SZ = 32, /* max iv sz */ IV_SZ = 32, /* max iv sz */
#ifdef OPENSSL_ALL
NAME_SZ = 160, /* larger max one line, allows for longer
encryption password support */
#else
NAME_SZ = 80, /* max one line */ NAME_SZ = 80, /* max one line */
#endif
PEM_PASS_READ = 0, PEM_PASS_READ = 0,
PEM_PASS_WRITE = 1, PEM_PASS_WRITE = 1,
}; };
typedef int (wc_pem_password_cb)(char* passwd, int sz, int rw, void* userdata);
typedef int (pem_password_cb)(char* passwd, int sz, int rw, void* userdata); #ifndef OPENSSL_COEXIST
/* In the past, wc_pem_password_cb was called pem_password_cb, which is the same
* name as an identical typedef in OpenSSL. We don't want to break existing code
* that uses the name pem_password_cb, so we define it here as a macro alias for
* wc_pem_password_cb. In cases where a user needs to use both OpenSSL and
* wolfSSL headers in the same code, they should define OPENSSL_COEXIST to
* avoid errors stemming from the typedef being declared twice. */
#define pem_password_cb wc_pem_password_cb
#endif
typedef struct EncryptedInfo { typedef struct EncryptedInfo {
pem_password_cb* passwd_cb;
void* passwd_userdata;
long consumed; /* tracks PEM bytes consumed */ long consumed; /* tracks PEM bytes consumed */
#ifdef WOLFSSL_ENCRYPTED_KEYS
wc_pem_password_cb* passwd_cb;
void* passwd_userdata;
int cipherType; int cipherType;
word32 keySz; word32 keySz;
word32 ivSz; /* salt or encrypted IV size */ word32 ivSz; /* salt or encrypted IV size */
@ -228,6 +305,7 @@ typedef struct EncryptedInfo {
byte iv[IV_SZ]; /* salt or encrypted IV */ byte iv[IV_SZ]; /* salt or encrypted IV */
word16 set:1; /* if encryption set */ word16 set:1; /* if encryption set */
#endif
} EncryptedInfo; } EncryptedInfo;
@ -262,8 +340,7 @@ typedef struct WOLFSSL_ASN1_INTEGER {
#endif #endif
#endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */ #endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */
#ifdef WOLFSSL_CERT_GEN #if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#ifdef WOLFSSL_MULTI_ATTRIB #ifdef WOLFSSL_MULTI_ATTRIB
#ifndef CTC_MAX_ATTRIB #ifndef CTC_MAX_ATTRIB
#define CTC_MAX_ATTRIB 4 #define CTC_MAX_ATTRIB 4
@ -277,17 +354,49 @@ typedef struct NameAttrib {
char value[CTC_NAME_SIZE]; /* name */ char value[CTC_NAME_SIZE]; /* name */
} NameAttrib; } NameAttrib;
#endif /* WOLFSSL_MULTI_ATTRIB */ #endif /* WOLFSSL_MULTI_ATTRIB */
#endif /* WOLFSSL_CERT_GEN || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CUSTOM_OID
typedef struct CertOidField {
byte* oid;
byte* val;
int oidSz;
int valSz;
char enc;
} CertOidField;
typedef struct CertExtension {
const char* oid;
byte crit;
const byte* val;
int valSz;
} CertExtension;
#endif
#endif /* WOLFSSL_CERT_GEN */
#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef struct CertName { typedef struct CertName {
char country[CTC_NAME_SIZE]; char country[CTC_NAME_SIZE];
char countryEnc; char countryEnc;
char state[CTC_NAME_SIZE]; char state[CTC_NAME_SIZE];
char stateEnc; char stateEnc;
char street[CTC_NAME_SIZE];
char streetEnc;
char locality[CTC_NAME_SIZE]; char locality[CTC_NAME_SIZE];
char localityEnc; char localityEnc;
char sur[CTC_NAME_SIZE]; char sur[CTC_NAME_SIZE];
char surEnc; char surEnc;
#ifdef WOLFSSL_CERT_NAME_ALL
char givenName[CTC_NAME_SIZE];
char givenNameEnc;
char initials[CTC_NAME_SIZE];
char initialsEnc;
char dnQualifier[CTC_NAME_SIZE];
char dnQualifierEnc;
char dnName[CTC_NAME_SIZE];
char dnNameEnc;
#endif /* WOLFSSL_CERT_NAME_ALL */
char org[CTC_NAME_SIZE]; char org[CTC_NAME_SIZE];
char orgEnc; char orgEnc;
char unit[CTC_NAME_SIZE]; char unit[CTC_NAME_SIZE];
@ -296,6 +405,10 @@ typedef struct CertName {
char commonNameEnc; char commonNameEnc;
char serialDev[CTC_NAME_SIZE]; char serialDev[CTC_NAME_SIZE];
char serialDevEnc; char serialDevEnc;
char userId[CTC_NAME_SIZE];
char userIdEnc;
char postalCode[CTC_NAME_SIZE];
char postalCodeEnc;
#ifdef WOLFSSL_CERT_EXT #ifdef WOLFSSL_CERT_EXT
char busCat[CTC_NAME_SIZE]; char busCat[CTC_NAME_SIZE];
char busCatEnc; char busCatEnc;
@ -308,8 +421,17 @@ typedef struct CertName {
#ifdef WOLFSSL_MULTI_ATTRIB #ifdef WOLFSSL_MULTI_ATTRIB
NameAttrib name[CTC_MAX_ATTRIB]; NameAttrib name[CTC_MAX_ATTRIB];
#endif #endif
#ifdef WOLFSSL_CUSTOM_OID
CertOidField custom;
#endif
} CertName; } CertName;
#endif /* WOLFSSL_CERT_GEN || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL*/
#ifdef WOLFSSL_CERT_GEN
#ifndef NUM_CUSTOM_EXT
#define NUM_CUSTOM_EXT 16
#endif
/* for user to fill for certificate generation */ /* for user to fill for certificate generation */
typedef struct Cert { typedef struct Cert {
@ -322,24 +444,40 @@ typedef struct Cert {
int selfSigned; /* self signed flag */ int selfSigned; /* self signed flag */
CertName subject; /* subject info */ CertName subject; /* subject info */
int isCA; /* is this going to be a CA */ int isCA; /* is this going to be a CA */
byte pathLen; /* max depth of valid certification
* paths that include this cert */
/* internal use only */ /* internal use only */
int bodySz; /* pre sign total size */ int bodySz; /* pre sign total size */
int keyType; /* public key type of subject */ int keyType; /* public key type of subject */
#ifdef WOLFSSL_ALT_NAMES #ifdef WOLFSSL_ALT_NAMES
byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */ byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
int altNamesSz; /* altNames size in bytes */ int altNamesSz; /* altNames size in bytes */
#endif
byte beforeDate[CTC_DATE_SIZE]; /* before date copy */ byte beforeDate[CTC_DATE_SIZE]; /* before date copy */
int beforeDateSz; /* size of copy */ int beforeDateSz; /* size of copy */
byte afterDate[CTC_DATE_SIZE]; /* after date copy */ byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */ int afterDateSz; /* size of copy */
#endif
#ifdef WOLFSSL_CERT_EXT #ifdef WOLFSSL_CERT_EXT
byte skid[CTC_MAX_SKID_SIZE]; /* Subject Key Identifier */ byte skid[CTC_MAX_SKID_SIZE]; /* Subject Key Identifier */
int skidSz; /* SKID size in bytes */ int skidSz; /* SKID size in bytes */
byte akid[CTC_MAX_AKID_SIZE]; /* Authority Key Identifier */ byte akid[CTC_MAX_AKID_SIZE
#ifdef WOLFSSL_AKID_NAME
+ sizeof(CertName) + CTC_SERIAL_SIZE
#endif
]; /* Authority Key
* Identifier */
int akidSz; /* AKID size in bytes */ int akidSz; /* AKID size in bytes */
#ifdef WOLFSSL_AKID_NAME
byte rawAkid; /* Set to true if akid is a
* AuthorityKeyIdentifier object.
* Set to false if akid is just a
* KeyIdentifier object. */
#endif
word16 keyUsage; /* Key Usage */ word16 keyUsage; /* Key Usage */
byte extKeyUsage; /* Extended Key Usage */ byte extKeyUsage; /* Extended Key Usage */
#ifndef IGNORE_NETSCAPE_CERT_TYPE
byte nsCertType; /* Netscape Certificate Type */
#endif
#ifdef WOLFSSL_EKU_OID #ifdef WOLFSSL_EKU_OID
/* Extended Key Usage OIDs */ /* Extended Key Usage OIDs */
byte extKeyUsageOID[CTC_MAX_EKU_NB][CTC_MAX_EKU_OID_SZ]; byte extKeyUsageOID[CTC_MAX_EKU_NB][CTC_MAX_EKU_OID_SZ];
@ -347,6 +485,8 @@ typedef struct Cert {
#endif #endif
char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ]; char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ];
word16 certPoliciesNb; /* Number of Cert Policy */ word16 certPoliciesNb; /* Number of Cert Policy */
byte crlInfo[CTC_MAX_CRLINFO_SZ]; /* CRL Distribution points */
int crlInfoSz;
#endif #endif
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \ #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
defined(WOLFSSL_CERT_REQ) defined(WOLFSSL_CERT_REQ)
@ -355,11 +495,25 @@ typedef struct Cert {
#endif #endif
#ifdef WOLFSSL_CERT_REQ #ifdef WOLFSSL_CERT_REQ
char challengePw[CTC_NAME_SIZE]; char challengePw[CTC_NAME_SIZE];
char unstructuredName[CTC_NAME_SIZE];
int challengePwPrintableString; /* encode as PrintableString */ int challengePwPrintableString; /* encode as PrintableString */
#endif
#ifdef WOLFSSL_CUSTOM_OID
/* user oid and value to go in req extensions */
CertOidField extCustom;
/* Extensions to go into X.509 certificates */
CertExtension customCertExt[NUM_CUSTOM_EXT];
int customCertExtCount;
#endif #endif
void* decodedCert; /* internal DecodedCert allocated from heap */ void* decodedCert; /* internal DecodedCert allocated from heap */
byte* der; /* Pointer to buffer of current DecodedCert cache */ byte* der; /* Pointer to buffer of current DecodedCert cache */
void* heap; /* heap hint */ void* heap; /* heap hint */
byte basicConstSet:1; /* Indicator for when Basic Constaint is set */
byte pathLenSet:1; /* Indicator for when path length is set */
#ifdef WOLFSSL_ALT_NAMES
byte altNamesCrit:1; /* Indicator of criticality of SAN extension */
#endif
} Cert; } Cert;
@ -374,38 +528,48 @@ typedef struct Cert {
isCA = 0 (false) isCA = 0 (false)
keyType = RSA_KEY (default) keyType = RSA_KEY (default)
*/ */
WOLFSSL_API int wc_InitCert(Cert*); WOLFSSL_ABI WOLFSSL_API int wc_InitCert(Cert* cert);
WOLFSSL_ABI WOLFSSL_API Cert* wc_CertNew(void* heap);
WOLFSSL_ABI WOLFSSL_API void wc_CertFree(Cert* cert);
WOLFSSL_API int wc_InitCert_ex(Cert* cert, void* heap, int devId);
WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz, WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz,
int keyType, void* key, WC_RNG* rng); int keyType, void* key, WC_RNG* rng);
WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, WOLFSSL_ABI
ecc_key*, WC_RNG*); WOLFSSL_API int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz,
RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng);
#ifdef WOLFSSL_CERT_REQ #ifdef WOLFSSL_CERT_REQ
WOLFSSL_API int wc_MakeCertReq_ex(Cert*, byte* derBuffer, word32 derSz, WOLFSSL_API int wc_MakeCertReq_ex(Cert* cert, byte* derBuffer, word32 derSz,
int, void*); int keyType, void* key);
WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz, WOLFSSL_ABI
RsaKey*, ecc_key*); WOLFSSL_API int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
RsaKey* rsaKey, ecc_key* eccKey);
#endif #endif
WOLFSSL_API int wc_SignCert_ex(int requestSz, int sType, byte* buffer, WOLFSSL_API int wc_SignCert_ex(int requestSz, int sType, byte* buf,
word32 buffSz, int keyType, void* key, word32 buffSz, int keyType, void* key,
WC_RNG* rng); WC_RNG* rng);
WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer, WOLFSSL_API int wc_SignCert(int requestSz, int sType, byte* buf, word32 buffSz,
word32 derSz, RsaKey*, ecc_key*, WC_RNG*); RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng);
WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, WOLFSSL_ABI
WC_RNG*); WOLFSSL_API int wc_MakeSelfCert(Cert* cert, byte* buf, word32 buffSz,
WOLFSSL_API int wc_SetIssuer(Cert*, const char*); RsaKey* key, WC_RNG* rng);
WOLFSSL_API int wc_SetSubject(Cert*, const char*); WOLFSSL_ABI WOLFSSL_API int wc_SetIssuer(Cert* cert, const char* issuerFile);
WOLFSSL_ABI WOLFSSL_API int wc_SetSubject(Cert* cert, const char* subjectFile);
#ifdef WOLFSSL_ALT_NAMES #ifdef WOLFSSL_ALT_NAMES
WOLFSSL_API int wc_SetAltNames(Cert*, const char*); WOLFSSL_ABI WOLFSSL_API int wc_SetAltNames(Cert* cert, const char* file);
#endif #endif
#ifdef WOLFSSL_CERT_GEN_CACHE #ifdef WOLFSSL_CERT_GEN_CACHE
WOLFSSL_API void wc_SetCert_Free(Cert* cert); WOLFSSL_ABI WOLFSSL_API void wc_SetCert_Free(Cert* cert);
#endif #endif
WOLFSSL_API int wc_SetIssuerBuffer(Cert*, const byte*, int); WOLFSSL_ABI
WOLFSSL_API int wc_SetSubjectBuffer(Cert*, const byte*, int); WOLFSSL_API int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz);
WOLFSSL_API int wc_SetAltNamesBuffer(Cert*, const byte*, int); WOLFSSL_ABI
WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int); WOLFSSL_API int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz);
WOLFSSL_ABI
WOLFSSL_API int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz);
WOLFSSL_ABI
WOLFSSL_API int wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz);
#ifndef NO_ASN_TIME #ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetCertDates(Cert* cert, struct tm* before, WOLFSSL_API int wc_GetCertDates(Cert* cert, struct tm* before,
@ -424,15 +588,12 @@ WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType,
WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
ecc_key *eckey); ecc_key *eckey);
WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file); WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file);
WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert); WOLFSSL_ABI WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert);
WOLFSSL_ABI
WOLFSSL_API int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz); WOLFSSL_API int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz);
WOLFSSL_ABI
WOLFSSL_API int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz); WOLFSSL_API int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz);
#ifdef HAVE_NTRU
WOLFSSL_API int wc_SetSubjectKeyIdFromNtruPublicKey(Cert *cert, byte *ntruKey,
word16 ntruKeySz);
#endif
/* Set the KeyUsage. /* Set the KeyUsage.
* Value is a string separated tokens with ','. Accepted tokens are : * Value is a string separated tokens with ','. Accepted tokens are :
* digitalSignature,nonRepudiation,contentCommitment,keyCertSign,cRLSign, * digitalSignature,nonRepudiation,contentCommitment,keyCertSign,cRLSign,
@ -456,21 +617,21 @@ WOLFSSL_API int wc_SetExtKeyUsage(Cert *cert, const char *value);
WOLFSSL_API int wc_SetExtKeyUsageOID(Cert *cert, const char *oid, word32 sz, WOLFSSL_API int wc_SetExtKeyUsageOID(Cert *cert, const char *oid, word32 sz,
byte idx, void* heap); byte idx, void* heap);
#endif /* WOLFSSL_EKU_OID */ #endif /* WOLFSSL_EKU_OID */
#endif /* WOLFSSL_CERT_EXT */
#ifdef HAVE_NTRU #if defined(WOLFSSL_ASN_TEMPLATE) && defined(WOLFSSL_CUSTOM_OID) && \
WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, defined(HAVE_OID_ENCODING)
const byte* ntruKey, word16 keySz, WOLFSSL_API int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
WC_RNG*); const byte *der, word32 derSz);
#endif #endif
#endif /* WOLFSSL_CERT_EXT */
#endif /* WOLFSSL_CERT_GEN */ #endif /* WOLFSSL_CERT_GEN */
WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz, WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz,
const byte** date, byte* format, int* length); const byte** date, byte* format, int* length);
#ifndef NO_ASN_TIME #ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetDateAsCalendarTime(const byte* date, int length, WOLFSSL_API int wc_GetDateAsCalendarTime(const byte* date, int length,
byte format, struct tm* time); byte format, struct tm* timearg);
#endif #endif
#if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
@ -487,30 +648,33 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type, WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type,
DerBuffer** pDer, void* heap, EncryptedInfo* info, int* keyFormat); DerBuffer** pDer, void* heap, EncryptedInfo* info, int* keyFormat);
WOLFSSL_API int wc_KeyPemToDer(const unsigned char*, int, WOLFSSL_API int wc_KeyPemToDer(const unsigned char* pem, int pemSz,
unsigned char*, int, const char*); unsigned char* buff, int buffSz, const char* pass);
WOLFSSL_API int wc_CertPemToDer(const unsigned char*, int, WOLFSSL_API int wc_CertPemToDer(const unsigned char* pem, int pemSz,
unsigned char*, int, int); unsigned char* buff, int buffSz, int type);
#endif /* WOLFSSL_PEM_TO_DER */ #endif /* WOLFSSL_PEM_TO_DER */
#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER) #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
#ifndef NO_FILESYSTEM #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_PEM_TO_DER)
WOLFSSL_API int wc_PemPubKeyToDer(const char* fileName, WOLFSSL_API int wc_PemPubKeyToDer(const char* fileName,
unsigned char* derBuf, int derSz); unsigned char* derBuf, int derSz);
WOLFSSL_API int wc_PemPubKeyToDer_ex(const char* fileName, DerBuffer** der);
#endif #endif
WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char*, int, WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char* pem, int pemSz,
unsigned char*, int); unsigned char* buff, int buffSz);
#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */ #endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
#ifdef WOLFSSL_CERT_GEN #ifdef WOLFSSL_CERT_GEN
#ifndef NO_FILESYSTEM #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_PEM_TO_DER)
WOLFSSL_API int wc_PemCertToDer(const char* fileName, WOLFSSL_API int wc_PemCertToDer(const char* fileName,
unsigned char* derBuf, int derSz); unsigned char* derBuf, int derSz);
WOLFSSL_API int wc_PemCertToDer_ex(const char* fileName, DerBuffer** der);
#endif #endif
#endif /* WOLFSSL_CERT_GEN */ #endif /* WOLFSSL_CERT_GEN */
#ifdef WOLFSSL_DER_TO_PEM #ifdef WOLFSSL_DER_TO_PEM
WOLFSSL_ABI
WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output, WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type); word32 outputSz, int type);
WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
@ -521,15 +685,30 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
#if !defined(HAVE_USER_RSA) #if !defined(HAVE_USER_RSA)
WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx, WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx,
word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz); word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz);
/* For FIPS v1/v2 and selftest this is in rsa.h */
#if (!defined(HAVE_SELFTEST) || \
(defined(HAVE_SELFTEST) && defined(WOLFSSL_CERT_GEN) && \
!defined(WOLFSSL_KEY_GEN))) && \
(!defined(HAVE_FIPS) || \
!defined(HAVE_FIPS_VERSION) || \
((HAVE_FIPS_VERSION > 2) && \
(! ((HAVE_FIPS_VERSION == 5) && (HAVE_FIPS_VERSION_MINOR == 0)))))
WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen);
#endif
#endif #endif
WOLFSSL_API int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header); WOLFSSL_API int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header);
WOLFSSL_API int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
int with_header);
#endif #endif
#ifndef NO_DSA #ifndef NO_DSA
/* DSA parameter DER helper functions */ /* DSA parameter DER helper functions */
WOLFSSL_API int wc_DsaParamsDecode(const byte* input, word32* inOutIdx, WOLFSSL_API int wc_DsaParamsDecode(const byte* input, word32* inOutIdx, DsaKey* key,
DsaKey*, word32); word32 inSz);
WOLFSSL_API int wc_DsaKeyToParamsDer(DsaKey* key, byte* output, word32 inLen); WOLFSSL_API int wc_DsaKeyToParamsDer(DsaKey* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_DsaKeyToParamsDer_ex(DsaKey* key, byte* output,
word32* inLen);
#endif #endif
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
@ -541,73 +720,114 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
#ifdef HAVE_ECC #ifdef HAVE_ECC
/* private key helpers */ /* private key helpers */
WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*, WOLFSSL_ABI
ecc_key*, word32); WOLFSSL_API int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx,
WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen); ecc_key* key, word32 inSz);
WOLFSSL_ABI
WOLFSSL_API int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen);
WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output,
word32 inLen); word32 inLen);
WOLFSSL_API int wc_EccKeyDerSize(ecc_key*, int pub); WOLFSSL_API int wc_EccKeyDerSize(ecc_key* key, int pub);
WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output, WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output,
word32* outLen); word32* outLen);
WOLFSSL_API int wc_EccKeyToPKCS8(ecc_key* key, byte* output, WOLFSSL_API int wc_EccKeyToPKCS8(ecc_key* key, byte* output,
word32* outLen); word32* outLen);
/* public key helper */ /* public key helper */
WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*, WOLFSSL_ABI
ecc_key*, word32); WOLFSSL_API int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key*, byte* output, ecc_key* key, word32 inSz);
WOLFSSL_ABI WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key* key, byte* output,
word32 inLen, int with_AlgCurve); word32 inLen, int with_AlgCurve);
WOLFSSL_API int wc_EccPublicKeyDerSize(ecc_key*, int with_AlgCurve); WOLFSSL_API int wc_EccPublicKeyToDer_ex(ecc_key* key, byte* output,
word32 inLen, int with_AlgCurve,
int comp);
WOLFSSL_API int wc_EccPublicKeyDerSize(ecc_key* key, int with_AlgCurve);
#endif
/* RFC 5958 (Asymmetric Key Packages) */
#if !defined(WC_ENABLE_ASYM_KEY_EXPORT) && \
((defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)) || \
(defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)) || \
(defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)) || \
(defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_EXPORT)) || \
(defined(HAVE_PQC) && (defined(HAVE_FALCON) || \
defined(HAVE_DILITHIUM) || defined(HAVE_SPHINCS))))
#define WC_ENABLE_ASYM_KEY_EXPORT
#endif
#if !defined(WC_ENABLE_ASYM_KEY_IMPORT) && \
((defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)) || \
(defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_IMPORT)) || \
(defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)) || \
(defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_IMPORT)) || \
(defined(HAVE_PQC)))
#define WC_ENABLE_ASYM_KEY_IMPORT
#endif #endif
#ifdef HAVE_ED25519 #ifdef HAVE_ED25519
/* private key helpers */
#ifdef HAVE_ED25519_KEY_IMPORT #ifdef HAVE_ED25519_KEY_IMPORT
WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte*, word32*, WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte* input, word32* inOutIdx,
ed25519_key*, word32); ed25519_key* key, word32 inSz);
WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte* input, word32* inOutIdx,
ed25519_key* key, word32 inSz);
#endif #endif
#ifdef HAVE_ED25519_KEY_EXPORT #ifdef HAVE_ED25519_KEY_EXPORT
WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output, WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output,
word32 inLen); word32 inLen);
WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output, WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output,
word32 inLen); word32 inLen);
WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output,
word32 inLen, int withAlg);
#endif #endif
#endif /* HAVE_ED25519 */
/* public key helper */ #ifdef HAVE_CURVE25519
WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte*, word32*, #ifdef HAVE_CURVE25519_KEY_IMPORT
ed25519_key*, word32); WOLFSSL_API int wc_Curve25519PrivateKeyDecode(
#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) && \ const byte* input, word32* inOutIdx, curve25519_key* key, word32 inSz);
defined(HAVE_ED25519_KEY_EXPORT) WOLFSSL_API int wc_Curve25519PublicKeyDecode(
const byte* input, word32* inOutIdx, curve25519_key* key, word32 inSz);
WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key*, byte* output,
word32 inLen, int with_AlgCurve);
#endif #endif
#ifdef HAVE_CURVE25519_KEY_EXPORT
WOLFSSL_API int wc_Curve25519PrivateKeyToDer(
curve25519_key* key, byte* output, word32 inLen);
WOLFSSL_API int wc_Curve25519PublicKeyToDer(
curve25519_key* key, byte* output, word32 inLen, int withAlg);
#endif #endif
#endif /* HAVE_CURVE25519 */
#ifdef HAVE_ED448 #ifdef HAVE_ED448
/* private key helpers */
#ifdef HAVE_ED448_KEY_IMPORT #ifdef HAVE_ED448_KEY_IMPORT
WOLFSSL_API int wc_Ed448PrivateKeyDecode(const byte*, word32*, WOLFSSL_API int wc_Ed448PrivateKeyDecode(
ed448_key*, word32); const byte* input, word32* inOutIdx, ed448_key* key, word32 inSz);
WOLFSSL_API int wc_Ed448PublicKeyDecode(
const byte* input, word32* inOutIdx, ed448_key* key, word32 inSz);
#endif #endif
#ifdef HAVE_ED448_KEY_EXPORT #ifdef HAVE_ED448_KEY_EXPORT
WOLFSSL_API int wc_Ed448KeyToDer(ed448_key* key, byte* output, WOLFSSL_API int wc_Ed448KeyToDer(ed448_key* key, byte* output, word32 inLen);
word32 inLen); WOLFSSL_API int wc_Ed448PrivateKeyToDer(
WOLFSSL_API int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output, ed448_key* key, byte* output, word32 inLen);
word32 inLen); WOLFSSL_API int wc_Ed448PublicKeyToDer(
ed448_key* key, byte* output, word32 inLen, int withAlg);
#endif #endif
#endif /* HAVE_ED448 */
/* public key helper */ #ifdef HAVE_CURVE448
WOLFSSL_API int wc_Ed448PublicKeyDecode(const byte*, word32*, #ifdef HAVE_CURVE448_KEY_IMPORT
ed448_key*, word32); WOLFSSL_API int wc_Curve448PrivateKeyDecode(const byte* input, word32* inOutIdx,
#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) && \ curve448_key* key, word32 inSz);
defined(HAVE_ED448_KEY_EXPORT) WOLFSSL_API int wc_Curve448PublicKeyDecode(const byte* input, word32* inOutIdx,
WOLFSSL_API int wc_Ed448PublicKeyToDer(ed448_key*, byte* output, curve448_key* key, word32 inSz);
word32 inLen, int with_AlgCurve);
#endif #endif
#ifdef HAVE_CURVE448_KEY_EXPORT
WOLFSSL_API int wc_Curve448PrivateKeyToDer(curve448_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Curve448PublicKeyToDer(curve448_key* key, byte* output,
word32 inLen, int withAlg);
#endif #endif
#endif /* HAVE_CURVE448 */
/* DER encode signature */ /* DER encode signature */
WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest, WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest,
@ -619,11 +839,16 @@ WOLFSSL_API int wc_GetPkcs8TraditionalOffset(byte* input,
WOLFSSL_API int wc_CreatePKCS8Key(byte* out, word32* outSz, WOLFSSL_API int wc_CreatePKCS8Key(byte* out, word32* outSz,
byte* key, word32 keySz, int algoID, const byte* curveOID, byte* key, word32 keySz, int algoID, const byte* curveOID,
word32 oidSz); word32 oidSz);
WOLFSSL_API int wc_EncryptPKCS8Key(byte*, word32, byte*, word32*, const char*, WOLFSSL_API int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out, word32* outSz,
int, int, int, int, byte*, word32, int, WC_RNG*, void*); const char* password, int passwordSz, int vPKCS, int pbeOid,
WOLFSSL_API int wc_DecryptPKCS8Key(byte*, word32, const char*, int); int encAlgId, byte* salt, word32 saltSz, int itt, WC_RNG* rng,
WOLFSSL_API int wc_CreateEncryptedPKCS8Key(byte*, word32, byte*, word32*, void* heap);
const char*, int, int, int, int, byte*, word32, int, WC_RNG*, void*); WOLFSSL_API int wc_DecryptPKCS8Key(byte* input, word32 sz, const char* password,
int passwordSz);
WOLFSSL_API int wc_CreateEncryptedPKCS8Key(byte* key, word32 keySz, byte* out,
word32* outSz, const char* password, int passwordSz, int vPKCS,
int pbeOid, int encAlgId, byte* salt, word32 saltSz, int itt,
WC_RNG* rng, void* heap);
#ifndef NO_ASN_TIME #ifndef NO_ASN_TIME
/* Time */ /* Time */
@ -634,6 +859,10 @@ WOLFSSL_API int wc_CreateEncryptedPKCS8Key(byte*, word32, byte*, word32*,
rc = wc_GetTime(&lTime, (word32)sizeof(lTime)); rc = wc_GetTime(&lTime, (word32)sizeof(lTime));
*/ */
WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize); WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize);
typedef time_t (*wc_time_cb)(time_t* t);
WOLFSSL_API int wc_SetTimeCb(wc_time_cb f);
WOLFSSL_API time_t wc_Time(time_t* t);
#endif #endif
#ifdef WOLFSSL_ENCRYPTED_KEYS #ifdef WOLFSSL_ENCRYPTED_KEYS
@ -663,7 +892,24 @@ typedef struct _wc_CertPIV {
WOLFSSL_API int wc_ParseCertPIV(wc_CertPIV* cert, const byte* buf, word32 totalSz); WOLFSSL_API int wc_ParseCertPIV(wc_CertPIV* cert, const byte* buf, word32 totalSz);
#endif /* WOLFSSL_CERT_PIV */ #endif /* WOLFSSL_CERT_PIV */
/* Forward declaration needed, as DecodedCert is defined in asn.h.*/
struct DecodedCert;
WOLFSSL_API void wc_InitDecodedCert(
struct DecodedCert* cert, const byte* source, word32 inSz, void* heap);
WOLFSSL_API void wc_FreeDecodedCert(struct DecodedCert* cert);
WOLFSSL_API int wc_ParseCert(
struct DecodedCert* cert, int type, int verify, void* cm);
WOLFSSL_API int wc_GetPubKeyDerFromCert(struct DecodedCert* cert,
byte* derKey, word32* derKeySz);
#ifdef WOLFSSL_FPKI
WOLFSSL_API int wc_GetUUIDFromCert(struct DecodedCert* cert,
byte* uuid, word32* uuidSz);
WOLFSSL_API int wc_GetFASCNFromCert(struct DecodedCert* cert,
byte* fascn, word32* fascnSz);
#endif /* WOLFSSL_FPKI */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

View File

@ -12,7 +12,7 @@
*/ */
/* blake2-impl.h /* blake2-impl.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -12,7 +12,7 @@
*/ */
/* blake2-int.h /* blake2-int.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -73,11 +73,11 @@
byte node_depth; /* 15 */ byte node_depth; /* 15 */
byte inner_length; /* 16 */ byte inner_length; /* 16 */
/* byte reserved[0]; */ /* byte reserved[0]; */
byte salt[BLAKE2B_SALTBYTES]; /* 24 */ byte salt[BLAKE2S_SALTBYTES]; /* 24 */
byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */ byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */
} blake2s_param; } blake2s_param;
typedef struct ALIGN32 __blake2s_state typedef struct __blake2s_state
{ {
word32 h[8]; word32 h[8];
word32 t[2]; word32 t[2];
@ -102,7 +102,7 @@
byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */ byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */
} blake2b_param; } blake2b_param;
typedef struct ALIGN64 __blake2b_state typedef struct __blake2b_state
{ {
word64 h[8]; word64 h[8];
word64 t[2]; word64 t[2];
@ -130,36 +130,36 @@
#pragma pack(pop) #pragma pack(pop)
/* Streaming API */ /* Streaming API */
int blake2s_init( blake2s_state *S, const byte outlen ); int blake2s_init( blake2s_state *S, byte outlen );
int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key, const byte keylen ); int blake2s_init_key( blake2s_state *S, byte outlen, const void *key, byte keylen );
int blake2s_init_param( blake2s_state *S, const blake2s_param *P ); int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
int blake2s_update( blake2s_state *S, const byte *in, word32 inlen ); int blake2s_update( blake2s_state *S, const byte *in, word32 inlen );
int blake2s_final( blake2s_state *S, byte *out, byte outlen ); int blake2s_final( blake2s_state *S, byte *out, byte outlen );
int blake2b_init( blake2b_state *S, const byte outlen ); int blake2b_init( blake2b_state *S, byte outlen );
int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, const byte keylen ); int blake2b_init_key( blake2b_state *S, byte outlen, const void *key, byte keylen );
int blake2b_init_param( blake2b_state *S, const blake2b_param *P ); int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
int blake2b_update( blake2b_state *S, const byte *in, word64 inlen ); int blake2b_update( blake2b_state *S, const byte *in, word64 inlen );
int blake2b_final( blake2b_state *S, byte *out, byte outlen ); int blake2b_final( blake2b_state *S, byte *out, byte outlen );
int blake2sp_init( blake2sp_state *S, const byte outlen ); int blake2sp_init( blake2sp_state *S, byte outlen );
int blake2sp_init_key( blake2sp_state *S, const byte outlen, const void *key, const byte keylen ); int blake2sp_init_key( blake2sp_state *S, byte outlen, const void *key, byte keylen );
int blake2sp_update( blake2sp_state *S, const byte *in, word32 inlen ); int blake2sp_update( blake2sp_state *S, const byte *in, word32 inlen );
int blake2sp_final( blake2sp_state *S, byte *out, byte outlen ); int blake2sp_final( blake2sp_state *S, byte *out, byte outlen );
int blake2bp_init( blake2bp_state *S, const byte outlen ); int blake2bp_init( blake2bp_state *S, byte outlen );
int blake2bp_init_key( blake2bp_state *S, const byte outlen, const void *key, const byte keylen ); int blake2bp_init_key( blake2bp_state *S, byte outlen, const void *key, byte keylen );
int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen ); int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen );
int blake2bp_final( blake2bp_state *S, byte *out, byte outlen ); int blake2bp_final( blake2bp_state *S, byte *out, byte outlen );
/* Simple API */ /* Simple API */
int blake2s( byte *out, const void *in, const void *key, const byte outlen, const word32 inlen, byte keylen ); int blake2s( byte *out, const void *in, const void *key, byte outlen, word32 inlen, byte keylen );
int blake2b( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); int blake2b( byte *out, const void *in, const void *key, byte outlen, word64 inlen, byte keylen );
int blake2sp( byte *out, const void *in, const void *key, const byte outlen, const word32 inlen, byte keylen ); int blake2sp( byte *out, const void *in, const void *key, byte outlen, word32 inlen, byte keylen );
int blake2bp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); int blake2bp( byte *out, const void *in, const void *key, byte outlen, word64 inlen, byte keylen );
static WC_INLINE int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ) static WC_INLINE int blake2( byte *out, const void *in, const void *key, byte outlen, word64 inlen, byte keylen )
{ {
return blake2b( out, in, key, outlen, inlen, keylen ); return blake2b( out, in, key, outlen, inlen, keylen );
} }

View File

@ -1,6 +1,6 @@
/* blake2.h /* blake2.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -75,17 +75,19 @@ typedef struct Blake2s {
#ifdef HAVE_BLAKE2B #ifdef HAVE_BLAKE2B
WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32); WOLFSSL_API int wc_InitBlake2b(Blake2b* b2b, word32 digestSz);
WOLFSSL_API int wc_InitBlake2b_WithKey(Blake2b*, word32, const byte *, word32); WOLFSSL_API int wc_InitBlake2b_WithKey(Blake2b* b2b, word32 digestSz,
WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32); const byte *key, word32 keylen);
WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32); WOLFSSL_API int wc_Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz);
WOLFSSL_API int wc_Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz);
#endif #endif
#ifdef HAVE_BLAKE2S #ifdef HAVE_BLAKE2S
WOLFSSL_API int wc_InitBlake2s(Blake2s*, word32); WOLFSSL_API int wc_InitBlake2s(Blake2s* b2s, word32 digestSz);
WOLFSSL_API int wc_InitBlake2s_WithKey(Blake2s*, word32, const byte *, word32); WOLFSSL_API int wc_InitBlake2s_WithKey(Blake2s* b2s, word32 digestSz,
WOLFSSL_API int wc_Blake2sUpdate(Blake2s*, const byte*, word32); const byte *key, word32 keylen);
WOLFSSL_API int wc_Blake2sFinal(Blake2s*, byte*, word32); WOLFSSL_API int wc_Blake2sUpdate(Blake2s* b2s, const byte* data, word32 sz);
WOLFSSL_API int wc_Blake2sFinal(Blake2s* b2s, byte* final, word32 requestSz);
#endif #endif

View File

@ -27,7 +27,7 @@
/* camellia.h /* camellia.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* chacha.h /* chacha.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* chacha20_poly1305.h /* chacha20_poly1305.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -86,21 +86,21 @@ typedef struct ChaChaPoly_Aead {
* concatenating a constant value. * concatenating a constant value.
*/ */
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ChaCha20Poly1305_Encrypt( int wc_ChaCha20Poly1305_Encrypt(
const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte* inAAD, const word32 inAADLen, const byte* inAAD, word32 inAADLen,
const byte* inPlaintext, const word32 inPlaintextLen, const byte* inPlaintext, word32 inPlaintextLen,
byte* outCiphertext, byte* outCiphertext,
byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]); byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ChaCha20Poly1305_Decrypt( int wc_ChaCha20Poly1305_Decrypt(
const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte* inAAD, const word32 inAADLen, const byte* inAAD, word32 inAADLen,
const byte* inCiphertext, const word32 inCiphertextLen, const byte* inCiphertext, word32 inCiphertextLen,
const byte inAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE], const byte inAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE],
byte* outPlaintext); byte* outPlaintext);
@ -134,18 +134,18 @@ WOLFSSL_API int wc_XChaCha20Poly1305_Init(
int isEncrypt); int isEncrypt);
WOLFSSL_API int wc_XChaCha20Poly1305_Encrypt( WOLFSSL_API int wc_XChaCha20Poly1305_Encrypt(
byte *dst, const size_t dst_space, byte *dst, size_t dst_space,
const byte *src, const size_t src_len, const byte *src, size_t src_len,
const byte *ad, const size_t ad_len, const byte *ad, size_t ad_len,
const byte *nonce, const size_t nonce_len, const byte *nonce, size_t nonce_len,
const byte *key, const size_t key_len); const byte *key, size_t key_len);
WOLFSSL_API int wc_XChaCha20Poly1305_Decrypt( WOLFSSL_API int wc_XChaCha20Poly1305_Decrypt(
byte *dst, const size_t dst_space, byte *dst, size_t dst_space,
const byte *src, const size_t src_len, const byte *src, size_t src_len,
const byte *ad, const size_t ad_len, const byte *ad, size_t ad_len,
const byte *nonce, const size_t nonce_len, const byte *nonce, size_t nonce_len,
const byte *key, const size_t key_len); const byte *key, size_t key_len);
#endif /* HAVE_XCHACHA */ #endif /* HAVE_XCHACHA */

View File

@ -1,6 +1,6 @@
/* cmac.h /* cmac.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -56,13 +56,21 @@ struct Cmac {
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_CRYPTO_CB
int devId; int devId;
void* devCtx; void* devCtx;
#ifdef WOLFSSL_QNX_CAAM #ifdef WOLFSSL_CAAM
byte ctx[32]; /* hold state for save and return */ byte ctx[32]; /* hold state for save and return */
word32 blackKey; word32 blackKey;
word32 keylen; word32 keylen;
byte initialized; byte initialized;
#endif #endif
#endif #endif
#if defined(WOLFSSL_HASH_KEEP)
byte* msg;
word32 used;
word32 len;
#endif
#ifdef WOLFSSL_SE050
byte useSWCrypt; /* Use SW crypt instead of SE050, before SCP03 auth */
#endif
}; };
@ -103,6 +111,14 @@ int wc_AesCmacVerify(const byte* check, word32 checkSz,
const byte* in, word32 inSz, const byte* in, word32 inSz,
const byte* key, word32 keySz); const byte* key, word32 keySz);
WOLFSSL_LOCAL
void ShiftAndXorRb(byte* out, byte* in);
#ifdef WOLFSSL_HASH_KEEP
WOLFSSL_API
int wc_CMAC_Grow(Cmac* cmac, const byte* in, int inSz);
#endif
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

View File

@ -1,6 +1,6 @@
/* coding.h /* coding.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* compress.h /* compress.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *

View File

@ -1,6 +1,6 @@
/* cpuid.h /* cpuid.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -35,6 +35,11 @@
#if (defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \ #if (defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \
defined(WOLFSSL_AESNI) || defined(WOLFSSL_SP_X86_64_ASM)) && \ defined(WOLFSSL_AESNI) || defined(WOLFSSL_SP_X86_64_ASM)) && \
!defined(WOLFSSL_NO_ASM) !defined(WOLFSSL_NO_ASM)
#define HAVE_CPUID
#define HAVE_CPUID_INTEL
#endif
#ifdef HAVE_CPUID_INTEL
#define CPUID_AVX1 0x0001 #define CPUID_AVX1 0x0001
#define CPUID_AVX2 0x0002 #define CPUID_AVX2 0x0002
@ -44,6 +49,7 @@
#define CPUID_AESNI 0x0020 #define CPUID_AESNI 0x0020
#define CPUID_ADX 0x0040 /* ADCX, ADOX */ #define CPUID_ADX 0x0040 /* ADCX, ADOX */
#define CPUID_MOVBE 0x0080 /* Move and byte swap */ #define CPUID_MOVBE 0x0080 /* Move and byte swap */
#define CPUID_BMI1 0x0100 /* ANDN */
#define IS_INTEL_AVX1(f) ((f) & CPUID_AVX1) #define IS_INTEL_AVX1(f) ((f) & CPUID_AVX1)
#define IS_INTEL_AVX2(f) ((f) & CPUID_AVX2) #define IS_INTEL_AVX2(f) ((f) & CPUID_AVX2)
@ -53,7 +59,11 @@
#define IS_INTEL_AESNI(f) ((f) & CPUID_AESNI) #define IS_INTEL_AESNI(f) ((f) & CPUID_AESNI)
#define IS_INTEL_ADX(f) ((f) & CPUID_ADX) #define IS_INTEL_ADX(f) ((f) & CPUID_ADX)
#define IS_INTEL_MOVBE(f) ((f) & CPUID_MOVBE) #define IS_INTEL_MOVBE(f) ((f) & CPUID_MOVBE)
#define IS_INTEL_BMI1(f) ((f) & CPUID_BMI1)
#endif
#ifdef HAVE_CPUID
void cpuid_set_flags(void); void cpuid_set_flags(void);
word32 cpuid_get_flags(void); word32 cpuid_get_flags(void);

View File

@ -1,6 +1,6 @@
/* cryptocb.h /* cryptocb.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -75,10 +75,15 @@
/* Crypto Information Structure for callbacks */ /* Crypto Information Structure for callbacks */
typedef struct wc_CryptoInfo { typedef struct wc_CryptoInfo {
int algo_type; /* enum wc_AlgoType */ int algo_type; /* enum wc_AlgoType */
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
union {
#endif
#if !defined(NO_RSA) || defined(HAVE_ECC) #if !defined(NO_RSA) || defined(HAVE_ECC)
struct { struct {
int type; /* enum wc_PkType */ int type; /* enum wc_PkType */
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
union { union {
#endif
#ifndef NO_RSA #ifndef NO_RSA
struct { struct {
const byte* in; const byte* in;
@ -182,14 +187,18 @@ typedef struct wc_CryptoInfo {
byte contextLen; byte contextLen;
} ed25519verify; } ed25519verify;
#endif #endif
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
}; };
#endif
} pk; } pk;
#endif /* !NO_RSA || HAVE_ECC */ #endif /* !NO_RSA || HAVE_ECC */
#if !defined(NO_AES) || !defined(NO_DES3) #if !defined(NO_AES) || !defined(NO_DES3)
struct { struct {
int type; /* enum wc_CipherType */ int type; /* enum wc_CipherType */
int enc; int enc;
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
union { union {
#endif
#ifdef HAVE_AESGCM #ifdef HAVE_AESGCM
struct { struct {
Aes* aes; Aes* aes;
@ -216,7 +225,33 @@ typedef struct wc_CryptoInfo {
word32 authInSz; word32 authInSz;
} aesgcm_dec; } aesgcm_dec;
#endif /* HAVE_AESGCM */ #endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC #ifdef HAVE_AESCCM
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
const byte* nonce;
word32 nonceSz;
byte* authTag;
word32 authTagSz;
const byte* authIn;
word32 authInSz;
} aesccm_enc;
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
const byte* nonce;
word32 nonceSz;
const byte* authTag;
word32 authTagSz;
const byte* authIn;
word32 authInSz;
} aesccm_dec;
#endif /* HAVE_AESCCM */
#if defined(HAVE_AES_CBC)
struct { struct {
Aes* aes; Aes* aes;
byte* out; byte* out;
@ -224,6 +259,22 @@ typedef struct wc_CryptoInfo {
word32 sz; word32 sz;
} aescbc; } aescbc;
#endif /* HAVE_AES_CBC */ #endif /* HAVE_AES_CBC */
#if defined(WOLFSSL_AES_COUNTER)
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
} aesctr;
#endif /* WOLFSSL_AES_COUNTER */
#if defined(HAVE_AES_ECB)
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
} aesecb;
#endif /* HAVE_AES_ECB */
#ifndef NO_DES3 #ifndef NO_DES3
struct { struct {
Des3* des; Des3* des;
@ -232,7 +283,9 @@ typedef struct wc_CryptoInfo {
word32 sz; word32 sz;
} des3; } des3;
#endif #endif
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
}; };
#endif
} cipher; } cipher;
#endif /* !NO_AES || !NO_DES3 */ #endif /* !NO_AES || !NO_DES3 */
#if !defined(NO_SHA) || !defined(NO_SHA256) || \ #if !defined(NO_SHA) || !defined(NO_SHA256) || \
@ -242,10 +295,15 @@ typedef struct wc_CryptoInfo {
const byte* in; const byte* in;
word32 inSz; word32 inSz;
byte* digest; byte* digest;
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
union { union {
#endif
#ifndef NO_SHA #ifndef NO_SHA
wc_Sha* sha1; wc_Sha* sha1;
#endif #endif
#ifdef WOLFSSL_SHA224
wc_Sha224* sha224;
#endif
#ifndef NO_SHA256 #ifndef NO_SHA256
wc_Sha256* sha256; wc_Sha256* sha256;
#endif #endif
@ -255,7 +313,9 @@ typedef struct wc_CryptoInfo {
#ifdef WOLFSSL_SHA512 #ifdef WOLFSSL_SHA512
wc_Sha512* sha512; wc_Sha512* sha512;
#endif #endif
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
}; };
#endif
} hash; } hash;
#endif /* !NO_SHA || !NO_SHA256 */ #endif /* !NO_SHA || !NO_SHA256 */
#ifndef NO_HMAC #ifndef NO_HMAC
@ -292,6 +352,9 @@ typedef struct wc_CryptoInfo {
int type; int type;
} cmac; } cmac;
#endif #endif
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
};
#endif
} wc_CryptoInfo; } wc_CryptoInfo;
@ -301,6 +364,11 @@ WOLFSSL_LOCAL void wc_CryptoCb_Init(void);
WOLFSSL_LOCAL int wc_CryptoCb_GetDevIdAtIndex(int startIdx); WOLFSSL_LOCAL int wc_CryptoCb_GetDevIdAtIndex(int startIdx);
WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx); WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId); WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId);
WOLFSSL_API int wc_CryptoCb_DefaultDevID(void);
#ifdef DEBUG_CRYPTOCB
WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info);
#endif
/* old function names */ /* old function names */
#define wc_CryptoDev_RegisterDevice wc_CryptoCb_RegisterDevice #define wc_CryptoDev_RegisterDevice wc_CryptoCb_RegisterDevice
@ -367,12 +435,35 @@ WOLFSSL_LOCAL int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out,
const byte* authTag, word32 authTagSz, const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz); const byte* authIn, word32 authInSz);
#endif /* HAVE_AESGCM */ #endif /* HAVE_AESGCM */
#ifdef HAVE_AESCCM
WOLFSSL_LOCAL int wc_CryptoCb_AesCcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* nonce, word32 nonceSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_LOCAL int wc_CryptoCb_AesCcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
#ifdef HAVE_AES_CBC #ifdef HAVE_AES_CBC
WOLFSSL_LOCAL int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out, WOLFSSL_LOCAL int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz); const byte* in, word32 sz);
WOLFSSL_LOCAL int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out, WOLFSSL_LOCAL int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz); const byte* in, word32 sz);
#endif /* HAVE_AES_CBC */ #endif /* HAVE_AES_CBC */
#ifdef WOLFSSL_AES_COUNTER
WOLFSSL_LOCAL int wc_CryptoCb_AesCtrEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* WOLFSSL_AES_COUNTER */
#ifdef HAVE_AES_ECB
WOLFSSL_LOCAL int wc_CryptoCb_AesEcbEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_LOCAL int wc_CryptoCb_AesEcbDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* HAVE_AES_ECB */
#endif /* !NO_AES */ #endif /* !NO_AES */
#ifndef NO_DES3 #ifndef NO_DES3

View File

@ -1,6 +1,6 @@
/* curve25519.h /* curve25519.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -43,6 +43,7 @@
#endif #endif
#define CURVE25519_KEYSIZE 32 #define CURVE25519_KEYSIZE 32
#define CURVE25519_PUB_KEY_SIZE 32
#ifdef WOLFSSL_NAMES_STATIC #ifdef WOLFSSL_NAMES_STATIC
typedef char curve25519_str[12]; typedef char curve25519_str[12];
@ -59,22 +60,28 @@ typedef struct {
/* ECC point, the internal structure is Little endian /* ECC point, the internal structure is Little endian
* the mathematical functions used the endianness */ * the mathematical functions used the endianness */
typedef struct { typedef struct ECPoint {
byte point[CURVE25519_KEYSIZE]; byte point[CURVE25519_KEYSIZE];
#ifdef FREESCALE_LTC_ECC #ifdef FREESCALE_LTC_ECC
byte pointY[CURVE25519_KEYSIZE]; byte pointY[CURVE25519_KEYSIZE];
#endif #endif
byte pointSz;
} ECPoint; } ECPoint;
#ifndef WC_CURVE25519KEY_TYPE_DEFINED
typedef struct curve25519_key curve25519_key;
#define WC_CURVE25519KEY_TYPE_DEFINED
#endif
/* A CURVE25519 Key */ /* A CURVE25519 Key */
typedef struct curve25519_key { struct curve25519_key {
int idx; /* Index into the ecc_sets[] for the parameters of int idx; /* Index into the ecc_sets[] for the parameters of
this curve if -1, this key is using user supplied this curve if -1, this key is using user supplied
curve in dp */ curve in dp */
const curve25519_set_type* dp; /* domain parameters, either points to const curve25519_set_type* dp; /* domain parameters, either points to
curves (idx >= 0) or user supplied */ curves (idx >= 0) or user supplied */
ECPoint p; /* public key */ ECPoint p; /* public point for key */
ECPoint k; /* private key */ byte k[CURVE25519_KEYSIZE]; /* private scaler for key */
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev; WC_ASYNC_DEV asyncDev;
@ -82,7 +89,16 @@ typedef struct curve25519_key {
#if defined(WOLF_CRYPTO_CB) #if defined(WOLF_CRYPTO_CB)
int devId; int devId;
#endif #endif
} curve25519_key;
#ifdef WOLFSSL_SE050
word32 keyId;
byte keyIdSet;
#endif
/* bit fields */
byte pubSet:1;
byte privSet:1;
};
enum { enum {
EC25519_LITTLE_ENDIAN=0, EC25519_LITTLE_ENDIAN=0,
@ -179,4 +195,3 @@ int wc_curve25519_size(curve25519_key* key);
#endif /* HAVE_CURVE25519 */ #endif /* HAVE_CURVE25519 */
#endif /* WOLF_CRYPT_CURVE25519_H */ #endif /* WOLF_CRYPT_CURVE25519_H */

View File

@ -1,6 +1,6 @@
/* curve448.h /* curve448.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -43,16 +43,24 @@
#define CURVE448_KEY_SIZE 56 #define CURVE448_KEY_SIZE 56
#define CURVE448_PUB_KEY_SIZE 56 #define CURVE448_PUB_KEY_SIZE 56
#ifndef WC_CURVE448KEY_TYPE_DEFINED
typedef struct curve448_key curve448_key;
#define WC_CURVE448KEY_TYPE_DEFINED
#endif
/* A CURVE448 Key */ /* A CURVE448 Key */
typedef struct curve448_key { struct curve448_key {
byte p[CURVE448_PUB_KEY_SIZE]; /* public key */ byte p[CURVE448_PUB_KEY_SIZE]; /* public key */
byte k[CURVE448_KEY_SIZE]; /* private key */ byte k[CURVE448_KEY_SIZE]; /* private key */
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev; WC_ASYNC_DEV asyncDev;
#endif #endif
} curve448_key;
/* bit fields */
byte pubSet:1;
byte privSet:1;
};
enum { enum {
EC448_LITTLE_ENDIAN = 0, EC448_LITTLE_ENDIAN = 0,
@ -62,6 +70,10 @@ enum {
WOLFSSL_API WOLFSSL_API
int wc_curve448_make_key(WC_RNG* rng, int keysize, curve448_key* key); int wc_curve448_make_key(WC_RNG* rng, int keysize, curve448_key* key);
WOLFSSL_API
int wc_curve448_make_pub(int public_size, byte* pub, int private_size,
const byte* priv);
WOLFSSL_API WOLFSSL_API
int wc_curve448_shared_secret(curve448_key* private_key, int wc_curve448_shared_secret(curve448_key* private_key,
curve448_key* public_key, curve448_key* public_key,

View File

@ -1,6 +1,6 @@
/* des3.h /* des3.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -30,8 +30,8 @@
#ifndef NO_DES3 #ifndef NO_DES3
#if defined(HAVE_FIPS) && \ #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) (HAVE_FIPS_VERSION == 2 || HAVE_FIPS_VERSION == 3)
#include <libs/libwolfssl/wolfcrypt/fips.h> #include <libs/libwolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */ #endif /* HAVE_FIPS_VERSION >= 2 */
@ -54,13 +54,18 @@ enum {
/* avoid redefinition of structs */ /* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \ #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) HAVE_FIPS_VERSION >= 2)
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
#include <libs/libwolfssl/wolfcrypt/async.h> #include <libs/libwolfssl/wolfcrypt/async.h>
#endif #endif
#ifdef WOLFSSL_SE050
/* SE050 SDK also defines DES_BLOCK_SIZE */
#undef DES_BLOCK_SIZE
#endif
enum { enum {
DES_ENC_TYPE = WC_CIPHER_DES, /* cipher unique type */ DES_ENC_TYPE = WC_CIPHER_DES, /* cipher unique type */
DES3_ENC_TYPE = WC_CIPHER_DES3, /* cipher unique type */ DES3_ENC_TYPE = WC_CIPHER_DES3, /* cipher unique type */
@ -79,6 +84,9 @@ enum {
#if defined(STM32_CRYPTO) #if defined(STM32_CRYPTO)
#include <libs/libwolfssl/wolfcrypt/port/st/stm32.h>
enum { enum {
DES_CBC = 0, DES_CBC = 0,
DES_ECB = 1 DES_ECB = 1
@ -117,7 +125,7 @@ struct Des3 {
typedef struct Des3 Des3; typedef struct Des3 Des3;
#define WC_DES3_TYPE_DEFINED #define WC_DES3_TYPE_DEFINED
#endif #endif
#endif /* HAVE_FIPS */ #endif /* HAVE_FIPS && HAVE_FIPS_VERSION >= 2 */
WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key, WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key,
@ -146,8 +154,8 @@ WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out,
/* These are only required when using either: /* These are only required when using either:
static memory (WOLFSSL_STATIC_MEMORY) or asynchronous (WOLFSSL_ASYNC_CRYPT) */ static memory (WOLFSSL_STATIC_MEMORY) or asynchronous (WOLFSSL_ASYNC_CRYPT) */
WOLFSSL_API int wc_Des3Init(Des3*, void*, int); WOLFSSL_API int wc_Des3Init(Des3* des3, void* heap, int devId);
WOLFSSL_API void wc_Des3Free(Des3*); WOLFSSL_API void wc_Des3Free(Des3* des3);
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

View File

@ -1,6 +1,6 @@
/* dh.h /* dh.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -38,6 +38,10 @@
#include <libs/libwolfssl/wolfcrypt/integer.h> #include <libs/libwolfssl/wolfcrypt/integer.h>
#include <libs/libwolfssl/wolfcrypt/random.h> #include <libs/libwolfssl/wolfcrypt/random.h>
#ifdef WOLFSSL_KCAPI_DH
#include <libs/libwolfssl/wolfcrypt/port/kcapi/kcapi_dh.h>
#endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
@ -67,6 +71,10 @@ struct DhKey {
void* heap; void* heap;
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev; WC_ASYNC_DEV asyncDev;
#endif
int trustedGroup;
#ifdef WOLFSSL_KCAPI_DH
struct kcapi_handle* handle;
#endif #endif
}; };
@ -75,6 +83,44 @@ struct DhKey {
#define WC_DH_TYPE_DEFINED #define WC_DH_TYPE_DEFINED
#endif #endif
enum {
WC_FFDHE_2048 = 256,
WC_FFDHE_3072 = 257,
WC_FFDHE_4096 = 258,
WC_FFDHE_6144 = 259,
WC_FFDHE_8192 = 260,
};
/* DH Private Key size up to 8192 bit */
#ifndef WC_DH_PRIV_MAX_SZ
#define WC_DH_PRIV_MAX_SZ 52
#endif
#ifndef DH_MAX_SIZE
#ifdef USE_FAST_MATH
/* FP implementation support numbers up to FP_MAX_BITS / 2 bits. */
#define DH_MAX_SIZE (FP_MAX_BITS / 2)
#if defined(WOLFSSL_MYSQL_COMPATIBLE) && DH_MAX_SIZE < 8192
#error "MySQL needs FP_MAX_BITS at least at 16384"
#endif
#elif defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_MATH)
/* SP implementation supports numbers of SP_INT_BITS bits. */
#define DH_MAX_SIZE (((SP_INT_BITS + 7) / 8) * 8)
#if defined(WOLFSSL_MYSQL_COMPATIBLE) && DH_MAX_SIZE < 8192
#error "MySQL needs SP_INT_BITS at least at 8192"
#endif
#else
#ifdef WOLFSSL_MYSQL_COMPATIBLE
/* Integer maths is dynamic but we only go up to 8192 bits. */
#define DH_MAX_SIZE 8192
#else
/* Integer maths is dynamic but we only go up to 4096 bits. */
#define DH_MAX_SIZE 4096
#endif
#endif
#endif
#ifdef HAVE_PUBLIC_FFDHE
#ifdef HAVE_FFDHE_2048 #ifdef HAVE_FFDHE_2048
WOLFSSL_API const DhParams* wc_Dh_ffdhe2048_Get(void); WOLFSSL_API const DhParams* wc_Dh_ffdhe2048_Get(void);
#endif #endif
@ -90,6 +136,7 @@ WOLFSSL_API const DhParams* wc_Dh_ffdhe6144_Get(void);
#ifdef HAVE_FFDHE_8192 #ifdef HAVE_FFDHE_8192
WOLFSSL_API const DhParams* wc_Dh_ffdhe8192_Get(void); WOLFSSL_API const DhParams* wc_Dh_ffdhe8192_Get(void);
#endif #endif
#endif
WOLFSSL_API int wc_InitDhKey(DhKey* key); WOLFSSL_API int wc_InitDhKey(DhKey* key);
WOLFSSL_API int wc_InitDhKey_ex(DhKey* key, void* heap, int devId); WOLFSSL_API int wc_InitDhKey_ex(DhKey* key, void* heap, int devId);
@ -102,16 +149,24 @@ WOLFSSL_API int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz,
word32 pubSz); word32 pubSz);
WOLFSSL_API int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, WOLFSSL_API int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
word32); /* wc_DhKeyDecode is in asn.c */ word32 inSz); /* wc_DhKeyDecode is in asn.c */
WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
word32 gSz); word32 gSz);
WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz, WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz,
const byte* g, word32 gSz, const byte* q, word32 qSz); const byte* g, word32 gSz, const byte* q, word32 qSz);
WOLFSSL_API int wc_DhSetNamedKey(DhKey* key, int name);
WOLFSSL_API int wc_DhGetNamedKeyParamSize(int name,
word32* p, word32* g, word32* q);
WOLFSSL_API word32 wc_DhGetNamedKeyMinSize(int name);
WOLFSSL_API int wc_DhCmpNamedKey(int name, int noQ,
const byte* p, word32 pSz,
const byte* g, word32 gSz,
const byte* q, word32 qSz);
WOLFSSL_API int wc_DhCopyNamedKey(int name,
byte* p, word32* pSz, byte* g, word32* gSz, byte* q, word32* qSz);
#ifdef WOLFSSL_DH_EXTRA #ifdef WOLFSSL_DH_EXTRA
WOLFSSL_API int wc_DhPublicKeyDecode(const byte* input, word32* inOutIdx,
DhKey* key, word32 inSz);
WOLFSSL_API int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz, WOLFSSL_API int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz,
const byte* pub, word32 pubSz); const byte* pub, word32 pubSz);
WOLFSSL_API int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz, WOLFSSL_API int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz,

View File

@ -0,0 +1,155 @@
/* dilithium.h
*
* Copyright (C) 2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/dilithium.h
*/
/* Interfaces for Dilithium NIST Level 1 (Dilithium512) and Dilithium NIST Level 5
* (Dilithium1024). */
#ifndef WOLF_CRYPT_DILITHIUM_H
#define WOLF_CRYPT_DILITHIUM_H
#include <libs/libwolfssl/wolfcrypt/types.h>
#if defined(HAVE_PQC) && defined(HAVE_DILITHIUM)
#ifdef HAVE_LIBOQS
#include <oqs/oqs.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* Macros Definitions */
#ifdef HAVE_LIBOQS
#define DILITHIUM_LEVEL2_KEY_SIZE OQS_SIG_dilithium_2_length_secret_key
#define DILITHIUM_LEVEL2_SIG_SIZE OQS_SIG_dilithium_2_length_signature
#define DILITHIUM_LEVEL2_PUB_KEY_SIZE OQS_SIG_dilithium_2_length_public_key
#define DILITHIUM_LEVEL2_PRV_KEY_SIZE (DILITHIUM_LEVEL2_PUB_KEY_SIZE+DILITHIUM_LEVEL2_KEY_SIZE)
#define DILITHIUM_LEVEL3_KEY_SIZE OQS_SIG_dilithium_3_length_secret_key
#define DILITHIUM_LEVEL3_SIG_SIZE OQS_SIG_dilithium_3_length_signature
#define DILITHIUM_LEVEL3_PUB_KEY_SIZE OQS_SIG_dilithium_3_length_public_key
#define DILITHIUM_LEVEL3_PRV_KEY_SIZE (DILITHIUM_LEVEL3_PUB_KEY_SIZE+DILITHIUM_LEVEL3_KEY_SIZE)
#define DILITHIUM_LEVEL5_KEY_SIZE OQS_SIG_dilithium_5_length_secret_key
#define DILITHIUM_LEVEL5_SIG_SIZE OQS_SIG_dilithium_5_length_signature
#define DILITHIUM_LEVEL5_PUB_KEY_SIZE OQS_SIG_dilithium_5_length_public_key
#define DILITHIUM_LEVEL5_PRV_KEY_SIZE (DILITHIUM_LEVEL5_PUB_KEY_SIZE+DILITHIUM_LEVEL5_KEY_SIZE)
#endif
#define DILITHIUM_MAX_KEY_SIZE DILITHIUM_LEVEL5_PRV_KEY_SIZE
#define DILITHIUM_MAX_SIG_SIZE DILITHIUM_LEVEL5_SIG_SIZE
#define DILITHIUM_MAX_PUB_KEY_SIZE DILITHIUM_LEVEL5_PUB_KEY_SIZE
#define DILITHIUM_MAX_PRV_KEY_SIZE DILITHIUM_LEVEL5_PRV_KEY_SIZE
#define SHAKE_VARIANT 1
#define AES_VARIANT 2
/* Structs */
struct dilithium_key {
bool pubKeySet;
bool prvKeySet;
byte level; /* 2,3 or 5 */
byte sym; /* SHAKE_VARIANT or AES_VARIANT */
byte p[DILITHIUM_MAX_PUB_KEY_SIZE];
byte k[DILITHIUM_MAX_PRV_KEY_SIZE];
};
#ifndef WC_DILITHIUMKEY_TYPE_DEFINED
typedef struct dilithium_key dilithium_key;
#define WC_DILITHIUMKEY_TYPE_DEFINED
#endif
/* Functions */
WOLFSSL_API
int wc_dilithium_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
dilithium_key* key);
WOLFSSL_API
int wc_dilithium_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* res, dilithium_key* key);
WOLFSSL_API
int wc_dilithium_init(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_set_level_and_sym(dilithium_key* key, byte level, byte sym);
WOLFSSL_API
int wc_dilithium_get_level_and_sym(dilithium_key* key, byte* level, byte *sym);
WOLFSSL_API
void wc_dilithium_free(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_import_public(const byte* in, word32 inLen, dilithium_key* key);
WOLFSSL_API
int wc_dilithium_import_private_only(const byte* priv, word32 privSz,
dilithium_key* key);
WOLFSSL_API
int wc_dilithium_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz,
dilithium_key* key);
WOLFSSL_API
int wc_dilithium_export_public(dilithium_key*, byte* out, word32* outLen);
WOLFSSL_API
int wc_dilithium_export_private_only(dilithium_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_dilithium_export_private(dilithium_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_dilithium_export_key(dilithium_key* key, byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
WOLFSSL_API
int wc_dilithium_check_key(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_size(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_priv_size(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_pub_size(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_sig_size(dilithium_key* key);
WOLFSSL_API int wc_Dilithium_PrivateKeyDecode(const byte* input,
word32* inOutIdx,
dilithium_key* key, word32 inSz);
WOLFSSL_API int wc_Dilithium_PublicKeyDecode(const byte* input,
word32* inOutIdx,
dilithium_key* key, word32 inSz);
WOLFSSL_API int wc_Dilithium_KeyToDer(dilithium_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Dilithium_PrivateKeyToDer(dilithium_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Dilithium_PublicKeyToDer(dilithium_key* key, byte* output,
word32 inLen, int withAlg);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_PQC && HAVE_DILITHIUM */
#endif /* WOLF_CRYPT_DILITHIUM_H */

View File

@ -1,6 +1,6 @@
/* dsa.h /* dsa.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -84,9 +84,9 @@ WOLFSSL_API int wc_DsaSign(const byte* digest, byte* out,
WOLFSSL_API int wc_DsaVerify(const byte* digest, const byte* sig, WOLFSSL_API int wc_DsaVerify(const byte* digest, const byte* sig,
DsaKey* key, int* answer); DsaKey* key, int* answer);
WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx,
DsaKey*, word32); DsaKey* key, word32 inSz);
WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
DsaKey*, word32); DsaKey* key, word32 inSz);
WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen); WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
WOLFSSL_API int wc_SetDsaPublicKey(byte* output, DsaKey* key, WOLFSSL_API int wc_SetDsaPublicKey(byte* output, DsaKey* key,
int outLen, int with_header); int outLen, int with_header);

View File

@ -1,6 +1,6 @@
/* ecc.h /* ecc.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -62,6 +62,18 @@
#include <libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h> #include <libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h>
#endif #endif
#if defined(WOLFSSL_KCAPI_ECC)
#include <libs/libwolfssl/wolfcrypt/port/kcapi/kcapi_ecc.h>
#endif
#ifdef WOLFSSL_SE050
#include <libs/libwolfssl/wolfcrypt/port/nxp/se050_port.h>
#endif
#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
#include <libs/libwolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h>
#endif
#ifdef WOLFSSL_HAVE_SP_ECC #ifdef WOLFSSL_HAVE_SP_ECC
#include <libs/libwolfssl/wolfcrypt/sp_int.h> #include <libs/libwolfssl/wolfcrypt/sp_int.h>
#endif #endif
@ -164,8 +176,13 @@ enum {
CRYPTOCELL_KEY_SIZE = ECC_MAXSIZE, CRYPTOCELL_KEY_SIZE = ECC_MAXSIZE,
#endif #endif
ECC_MAX_CRYPTO_HW_SIZE = CRYPTOCELL_KEY_SIZE, ECC_MAX_CRYPTO_HW_SIZE = CRYPTOCELL_KEY_SIZE,
#elif defined(WOLFSSL_SE050)
ECC_MAX_CRYPTO_HW_SIZE = 66,
#elif defined(WOLFSSL_XILINX_CRYPT_VERSAL)
ECC_MAX_CRYPTO_HW_SIZE = MAX_ECC_BYTES,
#endif #endif
/* point compression type */ /* point compression type */
ECC_POINT_COMP_EVEN = 0x02, ECC_POINT_COMP_EVEN = 0x02,
ECC_POINT_COMP_ODD = 0x03, ECC_POINT_COMP_ODD = 0x03,
@ -174,12 +191,16 @@ enum {
/* Shamir's dual add constants */ /* Shamir's dual add constants */
SHAMIR_PRECOMP_SZ = 16, SHAMIR_PRECOMP_SZ = 16,
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_PRIVATE_KEY_ID
ECC_MAX_ID_LEN = 32, ECC_MAX_ID_LEN = 32,
ECC_MAX_LABEL_LEN = 32, ECC_MAX_LABEL_LEN = 32,
#endif #endif
}; };
#endif /* HAVE_ECC */
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \
defined(HAVE_CURVE448) || defined(WOLFCRYPT_HAVE_SAKKE)
/* Curve Types */ /* Curve Types */
typedef enum ecc_curve_id { typedef enum ecc_curve_id {
ECC_CURVE_INVALID = -1, ECC_CURVE_INVALID = -1,
@ -227,7 +248,6 @@ typedef enum ecc_curve_id {
#ifdef HAVE_CURVE448 #ifdef HAVE_CURVE448
ECC_X448, ECC_X448,
#endif #endif
#ifdef WOLFCRYPT_HAVE_SAKKE #ifdef WOLFCRYPT_HAVE_SAKKE
ECC_SAKKE_1, ECC_SAKKE_1,
#endif #endif
@ -237,6 +257,9 @@ typedef enum ecc_curve_id {
#endif #endif
ECC_CURVE_MAX ECC_CURVE_MAX
} ecc_curve_id; } ecc_curve_id;
#endif
#ifdef HAVE_ECC
#ifdef HAVE_OID_ENCODING #ifdef HAVE_OID_ENCODING
typedef word16 ecc_oid_t; typedef word16 ecc_oid_t;
@ -275,7 +298,7 @@ typedef struct ecc_set_type {
} ecc_set_type; } ecc_set_type;
#else #else
#define MAX_ECC_NAME 16 #define MAX_ECC_NAME 16
#define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 1) #define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 2)
/* The values are stored as text strings. */ /* The values are stored as text strings. */
typedef struct ecc_set_type { typedef struct ecc_set_type {
@ -322,7 +345,8 @@ typedef struct ecc_set_type {
* The ALT_ECC_SIZE option only applies to stack based fast math USE_FAST_MATH. * The ALT_ECC_SIZE option only applies to stack based fast math USE_FAST_MATH.
*/ */
#ifndef USE_FAST_MATH #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH_ALL) && \
!defined(WOLFSSL_SP_MATH)
#error USE_FAST_MATH must be defined to use ALT_ECC_SIZE #error USE_FAST_MATH must be defined to use ALT_ECC_SIZE
#endif #endif
#ifdef WOLFSSL_NO_MALLOC #ifdef WOLFSSL_NO_MALLOC
@ -341,6 +365,9 @@ typedef struct ecc_set_type {
#endif #endif
/* verify alignment */ /* verify alignment */
#if CHAR_BIT == 0
#error CHAR_BIT must be nonzero
#endif
#if FP_MAX_BITS_ECC % CHAR_BIT #if FP_MAX_BITS_ECC % CHAR_BIT
#error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT #error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
#endif #endif
@ -377,7 +404,7 @@ typedef struct {
mp_int* z; /* The z coordinate */ mp_int* z; /* The z coordinate */
alt_fp_int xyz[3]; alt_fp_int xyz[3];
#endif #endif
#ifdef WOLFSSL_SMALL_STACK_CACHE #if defined(WOLFSSL_SMALL_STACK_CACHE) && !defined(WOLFSSL_ECC_NO_SMALL_STACK)
ecc_key* key; ecc_key* key;
#endif #endif
} ecc_point; } ecc_point;
@ -385,9 +412,7 @@ typedef struct {
/* ECC Flags */ /* ECC Flags */
enum { enum {
WC_ECC_FLAG_NONE = 0x00, WC_ECC_FLAG_NONE = 0x00,
#ifdef HAVE_ECC_CDH
WC_ECC_FLAG_COFACTOR = 0x01, WC_ECC_FLAG_COFACTOR = 0x01,
#endif
WC_ECC_FLAG_DEC_SIGN = 0x02, WC_ECC_FLAG_DEC_SIGN = 0x02,
}; };
@ -421,11 +446,15 @@ struct ecc_key {
ecc_point pubkey; /* public key */ ecc_point pubkey; /* public key */
mp_int k; /* private key */ mp_int k; /* private key */
#ifdef WOLFSSL_QNX_CAAM #ifdef WOLFSSL_CAAM
word32 blackKey; /* address of key encrypted and in secure memory */ word32 blackKey; /* address of key encrypted and in secure memory */
word32 securePubKey; /* address of public key in secure memory */ word32 securePubKey; /* address of public key in secure memory */
int partNum; /* partition number*/ int partNum; /* partition number*/
#endif #endif
#ifdef WOLFSSL_SE050
word32 keyId;
byte keyIdSet;
#endif
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
int slot; /* Key Slot Number (-1 unknown) */ int slot; /* Key Slot Number (-1 unknown) */
byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE]; byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
@ -442,7 +471,18 @@ struct ecc_key {
*/ */
byte key_raw[3 * ECC_MAX_CRYPTO_HW_SIZE]; byte key_raw[3 * ECC_MAX_CRYPTO_HW_SIZE];
#endif #endif
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
maxq_ecc_t maxq_ctx;
#endif
#ifdef WOLFSSL_KCAPI_ECC
struct kcapi_handle* handle;
byte pubkey_raw[MAX_ECC_BYTES * 2];
#endif
#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
wc_Xsecure xSec;
byte keyRaw[3 * ECC_MAX_CRYPTO_HW_SIZE] ALIGN32;
byte* privKey;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
mp_int* r; /* sign/verify temps */ mp_int* r; /* sign/verify temps */
mp_int* s; mp_int* s;
@ -455,7 +495,7 @@ struct ecc_key {
CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */ CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
#endif #endif
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_PRIVATE_KEY_ID
byte id[ECC_MAX_ID_LEN]; byte id[ECC_MAX_ID_LEN];
int idLen; int idLen;
char label[ECC_MAX_LABEL_LEN]; char label[ECC_MAX_LABEL_LEN];
@ -466,14 +506,21 @@ struct ecc_key {
#endif #endif
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \ #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K) defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
#ifndef WOLFSSL_NO_MALLOC
mp_int* sign_k; mp_int* sign_k;
#else
mp_int sign_k[1];
byte sign_k_set:1;
#endif #endif
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) #endif
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
byte deterministic:1; byte deterministic:1;
#endif #endif
#ifdef WOLFSSL_SMALL_STACK_CACHE #if defined(WOLFSSL_SMALL_STACK_CACHE) && !defined(WOLFSSL_ECC_NO_SMALL_STACK)
mp_int* t1; mp_int* t1;
mp_int* t2; mp_int* t2;
#ifdef ALT_ECC_SIZE #ifdef ALT_ECC_SIZE
@ -495,8 +542,8 @@ struct ecc_key {
}; };
WOLFSSL_ABI WOLFSSL_API ecc_key* wc_ecc_key_new(void*); WOLFSSL_ABI WOLFSSL_API ecc_key* wc_ecc_key_new(void* heap);
WOLFSSL_ABI WOLFSSL_API void wc_ecc_key_free(ecc_key*); WOLFSSL_ABI WOLFSSL_API void wc_ecc_key_free(ecc_key* key);
/* ECC predefined curve sets */ /* ECC predefined curve sets */
@ -516,21 +563,19 @@ ECC_API int ecc_mul2add(ecc_point* A, mp_int* kA,
ecc_point* B, mp_int* kB, ecc_point* B, mp_int* kB,
ecc_point* C, mp_int* a, mp_int* modulus, void* heap); ecc_point* C, mp_int* a, mp_int* modulus, void* heap);
ECC_API int ecc_map(ecc_point*, mp_int*, mp_digit); ECC_API int ecc_map(ecc_point* P, mp_int* modulus, mp_digit mp);
ECC_API int ecc_map_ex(ecc_point*, mp_int*, mp_digit, int ct); ECC_API int ecc_map_ex(ecc_point* P, mp_int* modulus, mp_digit mp, int ct);
ECC_API int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R, ECC_API int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
mp_int* a, mp_int* modulus, mp_digit mp); mp_int* a, mp_int* modulus, mp_digit mp);
ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a, ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a,
mp_int* modulus, mp_digit mp); mp_int* modulus, mp_digit mp);
WOLFSSL_LOCAL ECC_API int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B,
int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B, ecc_point* R, ecc_point* R, mp_int* a, mp_int* modulus, mp_digit mp, int* infinity);
mp_int* a, mp_int* modulus, mp_digit mp, int* infinity); ECC_API int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a,
WOLFSSL_LOCAL
int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a,
mp_int* modulus, mp_digit mp); mp_int* modulus, mp_digit mp);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key); int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
WOLFSSL_ABI WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id); int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
@ -541,7 +586,7 @@ WOLFSSL_API
int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut); int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut);
WOLFSSL_API WOLFSSL_API
int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng); int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_check_key(ecc_key* key); int wc_ecc_check_key(ecc_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime); int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime);
@ -549,12 +594,10 @@ WOLFSSL_API
int wc_ecc_get_generator(ecc_point* ecp, int curve_idx); int wc_ecc_get_generator(ecc_point* ecp, int curve_idx);
#ifdef HAVE_ECC_DHE #ifdef HAVE_ECC_DHE
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
word32* outlen); word32* outlen);
WOLFSSL_LOCAL
int wc_ecc_shared_secret_gen(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen);
WOLFSSL_API WOLFSSL_API
int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point, int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen); byte* out, word32 *outlen);
@ -575,7 +618,8 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
WOLFSSL_API WOLFSSL_API
int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
ecc_key* key, mp_int *r, mp_int *s); ecc_key* key, mp_int *r, mp_int *s);
#ifdef WOLFSSL_ECDSA_DETERMINISTIC_K #if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
WOLFSSL_API WOLFSSL_API
int wc_ecc_set_deterministic(ecc_key* key, byte flag); int wc_ecc_set_deterministic(ecc_key* key, byte flag);
WOLFSSL_API WOLFSSL_API
@ -590,19 +634,19 @@ int wc_ecc_sign_set_k(const byte* k, word32 klen, ecc_key* key);
#endif /* HAVE_ECC_SIGN */ #endif /* HAVE_ECC_SIGN */
#ifdef HAVE_ECC_VERIFY #ifdef HAVE_ECC_VERIFY
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
word32 hashlen, int* stat, ecc_key* key); word32 hashlen, int* res, ecc_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* stat, ecc_key* key); word32 hashlen, int* res, ecc_key* key);
#endif /* HAVE_ECC_VERIFY */ #endif /* HAVE_ECC_VERIFY */
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_init(ecc_key* key); int wc_ecc_init(ecc_key* key);
WOLFSSL_ABI WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId); int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_PRIVATE_KEY_ID
WOLFSSL_API WOLFSSL_API
int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap, int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
int devId); int devId);
@ -617,14 +661,12 @@ WOLFSSL_ABI WOLFSSL_API
int wc_ecc_free(ecc_key* key); int wc_ecc_free(ecc_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ecc_set_flags(ecc_key* key, word32 flags); int wc_ecc_set_flags(ecc_key* key, word32 flags);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
void wc_ecc_fp_free(void); void wc_ecc_fp_free(void);
WOLFSSL_LOCAL WOLFSSL_LOCAL
void wc_ecc_fp_init(void); void wc_ecc_fp_init(void);
#ifdef ECC_TIMING_RESISTANT
WOLFSSL_API WOLFSSL_API
int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng); int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng);
#endif
WOLFSSL_API WOLFSSL_API
int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id); int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id);
@ -681,10 +723,10 @@ int wc_ecc_point_is_on_curve(ecc_point *p, int curve_idx);
WOLFSSL_API WOLFSSL_API
int wc_ecc_mulmod(const mp_int* k, ecc_point *G, ecc_point *R, int wc_ecc_mulmod(const mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map); mp_int* a, mp_int* modulus, int map);
WOLFSSL_LOCAL ECC_API
int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map, void* heap); mp_int* a, mp_int* modulus, int map, void* heap);
WOLFSSL_LOCAL ECC_API
int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
mp_int* modulus, mp_int* order, WC_RNG* rng, int map, mp_int* modulus, mp_int* order, WC_RNG* rng, int map,
void* heap); void* heap);
@ -693,10 +735,11 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
#ifdef HAVE_ECC_KEY_EXPORT #ifdef HAVE_ECC_KEY_EXPORT
/* ASN key helpers */ /* ASN key helpers */
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_export_x963(ecc_key*, byte* out, word32* outLen); int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed); int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen,
int compressed);
/* extended functionality with compressed option */ /* extended functionality with compressed option */
#endif /* HAVE_ECC_KEY_EXPORT */ #endif /* HAVE_ECC_KEY_EXPORT */
@ -706,13 +749,13 @@ int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
int curve_id); int curve_id);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
word32 pubSz, ecc_key* key); word32 pubSz, ecc_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ecc_key* key, int curve_id); const byte* pub, word32 pubSz, ecc_key* key, int curve_id);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen); int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
WOLFSSL_API WOLFSSL_API
int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz, int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz,
@ -720,7 +763,7 @@ int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz,
WOLFSSL_API WOLFSSL_API
int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen, int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen,
byte* s, word32* sLen); byte* s, word32* sLen);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy, int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
const char* d, const char* curveName); const char* d, const char* curveName);
WOLFSSL_API WOLFSSL_API
@ -736,7 +779,7 @@ WOLFSSL_API
int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen, int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
byte* qy, word32* qyLen, byte* d, word32* dLen, byte* qy, word32* qyLen, byte* d, word32* dLen,
int encType); int encType);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen); int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
WOLFSSL_API WOLFSSL_API
int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen, int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen,
@ -770,11 +813,11 @@ int wc_ecc_import_point_der(const byte* in, word32 inLen, const int curve_idx,
#endif /* HAVE_ECC_KEY_IMPORT */ #endif /* HAVE_ECC_KEY_IMPORT */
/* size helper */ /* size helper */
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_size(ecc_key* key); int wc_ecc_size(ecc_key* key);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_sig_size_calc(int sz); int wc_ecc_sig_size_calc(int sz);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_sig_size(const ecc_key* key); int wc_ecc_sig_size(const ecc_key* key);
WOLFSSL_API WOLFSSL_API
@ -790,7 +833,9 @@ int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz);
enum ecEncAlgo { enum ecEncAlgo {
ecAES_128_CBC = 1, /* default */ ecAES_128_CBC = 1, /* default */
ecAES_256_CBC = 2 ecAES_256_CBC = 2,
ecAES_128_CTR = 3,
ecAES_256_CTR = 4
}; };
enum ecKdfAlgo { enum ecKdfAlgo {
@ -818,29 +863,41 @@ enum ecFlags {
REQ_RESP_SERVER = 2 REQ_RESP_SERVER = 2
}; };
#ifndef WOLFSSL_ECIES_GEN_IV_SIZE
#define WOLFSSL_ECIES_GEN_IV_SIZE 12
#endif
typedef struct ecEncCtx ecEncCtx; typedef struct ecEncCtx ecEncCtx;
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng); ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
WOLFSSL_API WOLFSSL_API
ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap); ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
void wc_ecc_ctx_free(ecEncCtx*); void wc_ecc_ctx_free(ecEncCtx* ctx);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_ctx_reset(ecEncCtx*, WC_RNG*); /* reset for use again w/o alloc/free */ int wc_ecc_ctx_reset(ecEncCtx* ctx, WC_RNG* rng); /* reset for use again w/o alloc/free */
WOLFSSL_API WOLFSSL_API
const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*); int wc_ecc_ctx_set_algo(ecEncCtx* ctx, byte encAlgo, byte kdfAlgo,
byte macAlgo);
WOLFSSL_API WOLFSSL_API
int wc_ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt); const byte* wc_ecc_ctx_get_own_salt(ecEncCtx* ctx);
WOLFSSL_API WOLFSSL_API
int wc_ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz); int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt);
WOLFSSL_API
int wc_ecc_ctx_set_kdf_salt(ecEncCtx* ctx, const byte* salt, word32 sz);
WOLFSSL_API
int wc_ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz);
WOLFSSL_API WOLFSSL_ABI WOLFSSL_API
int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
WOLFSSL_API WOLFSSL_API
int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx, int compressed);
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
@ -868,6 +925,13 @@ int sp_dsp_ecc_verify_256(remote_handle64 handle, const byte* hash, word32 hashL
mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap); mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
#endif #endif
#ifdef WOLFSSL_SE050
WOLFSSL_API
int wc_ecc_use_key_id(ecc_key* key, word32 keyId, word32 flags);
WOLFSSL_API
int wc_ecc_get_key_id(ecc_key* key, word32* keyId);
#endif
#ifdef WC_ECC_NONBLOCK #ifdef WC_ECC_NONBLOCK
WOLFSSL_API int wc_ecc_set_nonblock(ecc_key *key, ecc_nb_ctx_t* ctx); WOLFSSL_API int wc_ecc_set_nonblock(ecc_key *key, ecc_nb_ctx_t* ctx);
#endif #endif

View File

@ -1,6 +1,6 @@
/* ed25519.h /* ed25519.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -77,6 +77,12 @@ enum {
#define WC_ED25519KEY_TYPE_DEFINED #define WC_ED25519KEY_TYPE_DEFINED
#endif #endif
/* ED25519 Flags */
enum {
WC_ED25519_FLAG_NONE = 0x00,
WC_ED25519_FLAG_DEC_SIGN = 0x01,
};
/* An ED25519 Key */ /* An ED25519 Key */
struct ed25519_key { struct ed25519_key {
byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */ byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
@ -86,6 +92,12 @@ struct ed25519_key {
byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */ byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */ byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
#endif #endif
#ifdef WOLFSSL_SE050
word32 keyId;
word32 flags;
byte keyIdSet;
#endif
word16 privKeySet:1;
word16 pubKeySet:1; word16 pubKeySet:1;
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev; WC_ASYNC_DEV asyncDev;
@ -130,18 +142,18 @@ int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
#ifdef HAVE_ED25519_VERIFY #ifdef HAVE_ED25519_VERIFY
WOLFSSL_API WOLFSSL_API
int wc_ed25519_verify_msg(const byte* sig, word32 sigLen, const byte* msg, int wc_ed25519_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed25519_key* key); word32 msgLen, int* res, ed25519_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ed25519ctx_verify_msg(const byte* sig, word32 sigLen, const byte* msg, int wc_ed25519ctx_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed25519_key* key, word32 msgLen, int* res, ed25519_key* key,
const byte* context, byte contextLen); const byte* context, byte contextLen);
WOLFSSL_API WOLFSSL_API
int wc_ed25519ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash, int wc_ed25519ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash,
word32 hashLen, int* stat, ed25519_key* key, word32 hashLen, int* res, ed25519_key* key,
const byte* context, byte contextLen); const byte* context, byte contextLen);
WOLFSSL_API WOLFSSL_API
int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed25519_key* key, word32 msgLen, int* res, ed25519_key* key,
const byte* context, byte contextLen); const byte* context, byte contextLen);
WOLFSSL_API WOLFSSL_API
int wc_ed25519_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg, int wc_ed25519_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg,
@ -171,16 +183,22 @@ void wc_ed25519_free(ed25519_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key); int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ed25519_import_public_ex(const byte* in, word32 inLen, ed25519_key* key,
int trusted);
WOLFSSL_API
int wc_ed25519_import_private_only(const byte* priv, word32 privSz, int wc_ed25519_import_private_only(const byte* priv, word32 privSz,
ed25519_key* key); ed25519_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ed25519_import_private_key(const byte* priv, word32 privSz, int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed25519_key* key); const byte* pub, word32 pubSz, ed25519_key* key);
WOLFSSL_API
int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed25519_key* key, int trusted);
#endif /* HAVE_ED25519_KEY_IMPORT */ #endif /* HAVE_ED25519_KEY_IMPORT */
#ifdef HAVE_ED25519_KEY_EXPORT #ifdef HAVE_ED25519_KEY_EXPORT
WOLFSSL_API WOLFSSL_API
int wc_ed25519_export_public(ed25519_key*, byte* out, word32* outLen); int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
WOLFSSL_API WOLFSSL_API
int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen); int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
WOLFSSL_API WOLFSSL_API

View File

@ -1,6 +1,6 @@
/* ed448.h /* ed448.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -86,6 +86,7 @@ struct ed448_key {
byte pointX[ED448_KEY_SIZE]; /* recovered X coordinate */ byte pointX[ED448_KEY_SIZE]; /* recovered X coordinate */
byte pointY[ED448_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */ byte pointY[ED448_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
#endif #endif
word16 privKeySet:1;
word16 pubKeySet:1; word16 pubKeySet:1;
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev; WC_ASYNC_DEV asyncDev;
@ -137,19 +138,19 @@ int wc_ed448_verify_msg_update(const byte* msgSegment, word32 msgSegmentLen,
ed448_key* key); ed448_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ed448_verify_msg_final(const byte* sig, word32 sigLen, int wc_ed448_verify_msg_final(const byte* sig, word32 sigLen,
int* stat, ed448_key* key); int* res, ed448_key* key);
#endif /* WOLFSSL_ED448_STREAMING_VERIFY */ #endif /* WOLFSSL_ED448_STREAMING_VERIFY */
WOLFSSL_API WOLFSSL_API
int wc_ed448_verify_msg(const byte* sig, word32 sigLen, const byte* msg, int wc_ed448_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed448_key* key, word32 msgLen, int* res, ed448_key* key,
const byte* context, byte contextLen); const byte* context, byte contextLen);
WOLFSSL_API WOLFSSL_API
int wc_ed448ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash, int wc_ed448ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash,
word32 hashLen, int* stat, ed448_key* key, word32 hashLen, int* res, ed448_key* key,
const byte* context, byte contextLen); const byte* context, byte contextLen);
WOLFSSL_API WOLFSSL_API
int wc_ed448ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, int wc_ed448ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed448_key* key, word32 msgLen, int* res, ed448_key* key,
const byte* context, byte contextLen); const byte* context, byte contextLen);
#endif /* HAVE_ED448_VERIFY */ #endif /* HAVE_ED448_VERIFY */
WOLFSSL_API WOLFSSL_API
@ -163,16 +164,22 @@ void wc_ed448_free(ed448_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ed448_import_public(const byte* in, word32 inLen, ed448_key* key); int wc_ed448_import_public(const byte* in, word32 inLen, ed448_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ed448_import_public_ex(const byte* in, word32 inLen, ed448_key* key,
int trusted);
WOLFSSL_API
int wc_ed448_import_private_only(const byte* priv, word32 privSz, int wc_ed448_import_private_only(const byte* priv, word32 privSz,
ed448_key* key); ed448_key* key);
WOLFSSL_API WOLFSSL_API
int wc_ed448_import_private_key(const byte* priv, word32 privSz, int wc_ed448_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed448_key* key); const byte* pub, word32 pubSz, ed448_key* key);
WOLFSSL_API
int wc_ed448_import_private_key_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed448_key* key, int trusted);
#endif /* HAVE_ED448_KEY_IMPORT */ #endif /* HAVE_ED448_KEY_IMPORT */
#ifdef HAVE_ED448_KEY_EXPORT #ifdef HAVE_ED448_KEY_EXPORT
WOLFSSL_API WOLFSSL_API
int wc_ed448_export_public(ed448_key*, byte* out, word32* outLen); int wc_ed448_export_public(ed448_key* key, byte* out, word32* outLen);
WOLFSSL_API WOLFSSL_API
int wc_ed448_export_private_only(ed448_key* key, byte* out, word32* outLen); int wc_ed448_export_private_only(ed448_key* key, byte* out, word32* outLen);
WOLFSSL_API WOLFSSL_API

View File

@ -1,6 +1,6 @@
/* error-crypt.h /* error-crypt.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -24,7 +24,7 @@
*/ */
/* /*
DESCRIPTION DESCRIPTION
This library defines error codes and contians routines for setting and examining This library defines error codes and contains routines for setting and examining
the error status. the error status.
*/ */
@ -103,7 +103,6 @@ enum {
ASN_SIG_HASH_E = -156, /* ASN sig error, unsupported hash type */ ASN_SIG_HASH_E = -156, /* ASN sig error, unsupported hash type */
ASN_SIG_KEY_E = -157, /* ASN sig error, unsupported key type */ ASN_SIG_KEY_E = -157, /* ASN sig error, unsupported key type */
ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */ ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */
ASN_NTRU_KEY_E = -159, /* ASN ntru key decode error, invalid input */
ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */ ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */
ASN_ALT_NAME_E = -161, /* ASN alternate name error */ ASN_ALT_NAME_E = -161, /* ASN alternate name error */
ASN_NO_PEM_HEADER = -162, /* ASN no PEM header found */ ASN_NO_PEM_HEADER = -162, /* ASN no PEM header found */
@ -117,6 +116,7 @@ enum {
NO_PASSWORD = -176, /* no password provided by user */ NO_PASSWORD = -176, /* no password provided by user */
ALT_NAME_E = -177, /* alt name size problem, too big */ ALT_NAME_E = -177, /* alt name size problem, too big */
BAD_OCSP_RESPONDER = -178, /* missing key usage extensions */ BAD_OCSP_RESPONDER = -178, /* missing key usage extensions */
CRL_CERT_DATE_ERR = -179, /* CRL date error */
AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */ AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */
AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */ AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */
@ -238,8 +238,26 @@ enum {
MISSING_IV = -277, /* IV was not set */ MISSING_IV = -277, /* IV was not set */
MISSING_KEY = -278, /* Key was not set */ MISSING_KEY = -278, /* Key was not set */
BAD_LENGTH_E = -279, /* Value of length parameter is invalid. */ BAD_LENGTH_E = -279, /* Value of length parameter is invalid. */
ECDSA_KAT_FIPS_E = -280, /* ECDSA KAT failure */
RSA_PAT_FIPS_E = -281, /* RSA Pairwise failure */
KDF_TLS12_KAT_FIPS_E = -282, /* TLS12 KDF KAT failure */
KDF_TLS13_KAT_FIPS_E = -283, /* TLS13 KDF KAT failure */
KDF_SSH_KAT_FIPS_E = -284, /* SSH KDF KAT failure */
DHE_PCT_E = -285, /* DHE Pairwise Consistency Test failure */
ECC_PCT_E = -286, /* ECDHE Pairwise Consistency Test failure */
FIPS_PRIVATE_KEY_LOCKED_E = -287, /* Cannot export private key. */
PROTOCOLCB_UNAVAILABLE = -288, /* Protocol callback unavailable */
AES_SIV_AUTH_E = -289, /* AES-SIV authentication failed */
NO_VALID_DEVID = -290, /* no valid device ID */
WC_LAST_E = -279, /* Update this to indicate last error */ IO_FAILED_E = -291, /* Input/output failure */
SYSLIB_FAILED_E = -292, /* System/library call failed */
USE_HW_PSK = -293, /* Callback return to indicate HW has PSK */
ENTROPY_RT_E = -294, /* Entropy Repetition Test failed */
ENTROPY_APT_E = -295, /* Entropy Adaptive Proportion Test failed */
WC_LAST_E = -295, /* Update this to indicate last error */
MIN_CODE_E = -300 /* errors -101 - -299 */ MIN_CODE_E = -300 /* errors -101 - -299 */
/* add new companion error id strings for any new error codes /* add new companion error id strings for any new error codes
@ -255,7 +273,7 @@ enum {
#else #else
WOLFSSL_API void wc_ErrorString(int err, char* buff); WOLFSSL_API void wc_ErrorString(int err, char* buff);
WOLFSSL_API const char* wc_GetErrorString(int error); WOLFSSL_ABI WOLFSSL_API const char* wc_GetErrorString(int error);
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

View File

@ -0,0 +1,144 @@
/* falcon.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/falcon.h
*/
/* Interfaces for Falcon NIST Level 1 (Falcon512) and Falcon NIST Level 5
* (Falcon1024). */
#ifndef WOLF_CRYPT_FALCON_H
#define WOLF_CRYPT_FALCON_H
#include <libs/libwolfssl/wolfcrypt/types.h>
#if defined(HAVE_PQC) && defined(HAVE_FALCON)
#ifdef HAVE_LIBOQS
#include <oqs/oqs.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* Macros Definitions */
#ifdef HAVE_LIBOQS
#define FALCON_LEVEL1_KEY_SIZE OQS_SIG_falcon_512_length_secret_key
#define FALCON_LEVEL1_SIG_SIZE OQS_SIG_falcon_512_length_signature
#define FALCON_LEVEL1_PUB_KEY_SIZE OQS_SIG_falcon_512_length_public_key
#define FALCON_LEVEL1_PRV_KEY_SIZE (FALCON_LEVEL1_PUB_KEY_SIZE+FALCON_LEVEL1_KEY_SIZE)
#define FALCON_LEVEL5_KEY_SIZE OQS_SIG_falcon_1024_length_secret_key
#define FALCON_LEVEL5_SIG_SIZE OQS_SIG_falcon_1024_length_signature
#define FALCON_LEVEL5_PUB_KEY_SIZE OQS_SIG_falcon_1024_length_public_key
#define FALCON_LEVEL5_PRV_KEY_SIZE (FALCON_LEVEL5_PUB_KEY_SIZE+FALCON_LEVEL5_KEY_SIZE)
#endif
#define FALCON_MAX_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE
#define FALCON_MAX_SIG_SIZE FALCON_LEVEL5_SIG_SIZE
#define FALCON_MAX_PUB_KEY_SIZE FALCON_LEVEL5_PUB_KEY_SIZE
#define FALCON_MAX_PRV_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE
/* Structs */
struct falcon_key {
bool pubKeySet;
bool prvKeySet;
byte level;
byte p[FALCON_MAX_PUB_KEY_SIZE];
byte k[FALCON_MAX_PRV_KEY_SIZE];
};
#ifndef WC_FALCONKEY_TYPE_DEFINED
typedef struct falcon_key falcon_key;
#define WC_FALCONKEY_TYPE_DEFINED
#endif
/* Functions */
WOLFSSL_API
int wc_falcon_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
falcon_key* key);
WOLFSSL_API
int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* res, falcon_key* key);
WOLFSSL_API
int wc_falcon_init(falcon_key* key);
WOLFSSL_API
int wc_falcon_set_level(falcon_key* key, byte level);
WOLFSSL_API
int wc_falcon_get_level(falcon_key* key, byte* level);
WOLFSSL_API
void wc_falcon_free(falcon_key* key);
WOLFSSL_API
int wc_falcon_import_public(const byte* in, word32 inLen, falcon_key* key);
WOLFSSL_API
int wc_falcon_import_private_only(const byte* priv, word32 privSz,
falcon_key* key);
WOLFSSL_API
int wc_falcon_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz,
falcon_key* key);
WOLFSSL_API
int wc_falcon_export_public(falcon_key*, byte* out, word32* outLen);
WOLFSSL_API
int wc_falcon_export_private_only(falcon_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_falcon_export_private(falcon_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_falcon_export_key(falcon_key* key, byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
WOLFSSL_API
int wc_falcon_check_key(falcon_key* key);
WOLFSSL_API
int wc_falcon_size(falcon_key* key);
WOLFSSL_API
int wc_falcon_priv_size(falcon_key* key);
WOLFSSL_API
int wc_falcon_pub_size(falcon_key* key);
WOLFSSL_API
int wc_falcon_sig_size(falcon_key* key);
WOLFSSL_API int wc_Falcon_PrivateKeyDecode(const byte* input, word32* inOutIdx,
falcon_key* key, word32 inSz);
WOLFSSL_API int wc_Falcon_PublicKeyDecode(const byte* input, word32* inOutIdx,
falcon_key* key, word32 inSz);
WOLFSSL_API int wc_Falcon_KeyToDer(falcon_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Falcon_PrivateKeyToDer(falcon_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Falcon_PublicKeyToDer(falcon_key* key, byte* output,
word32 inLen, int withAlg);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_PQC && HAVE_FALCON */
#endif /* WOLF_CRYPT_FALCON_H */

View File

@ -1,6 +1,6 @@
/* fe448_448.h /* fe448_448.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -68,25 +68,25 @@ WOLFSSL_LOCAL void fe448_reduce(fe448*);
#else #else
#define fe448_reduce(a) #define fe448_reduce(a)
#endif #endif
WOLFSSL_LOCAL void fe448_neg(fe448*,const fe448*); WOLFSSL_LOCAL void fe448_neg(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_add(fe448*, const fe448*, const fe448*); WOLFSSL_LOCAL void fe448_add(fe448* r, const fe448* a, const fe448* b);
WOLFSSL_LOCAL void fe448_sub(fe448*, const fe448*, const fe448*); WOLFSSL_LOCAL void fe448_sub(fe448* r, const fe448* a, const fe448* b);
WOLFSSL_LOCAL void fe448_mul(fe448*,const fe448*,const fe448*); WOLFSSL_LOCAL void fe448_mul(fe448* r, const fe448* a, const fe448* b);
WOLFSSL_LOCAL void fe448_sqr(fe448*, const fe448*); WOLFSSL_LOCAL void fe448_sqr(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_mul39081(fe448*, const fe448*); WOLFSSL_LOCAL void fe448_mul39081(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_invert(fe448*, const fe448*); WOLFSSL_LOCAL void fe448_invert(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_0(fe448*); WOLFSSL_LOCAL void fe448_0(fe448* a);
WOLFSSL_LOCAL void fe448_1(fe448*); WOLFSSL_LOCAL void fe448_1(fe448* a);
WOLFSSL_LOCAL void fe448_copy(fe448*, const fe448*); WOLFSSL_LOCAL void fe448_copy(fe448* d, const fe448* a);
WOLFSSL_LOCAL int fe448_isnonzero(const fe448*); WOLFSSL_LOCAL int fe448_isnonzero(const fe448* a);
WOLFSSL_LOCAL int fe448_isnegative(const fe448*); WOLFSSL_LOCAL int fe448_isnegative(const fe448* a);
WOLFSSL_LOCAL void fe448_from_bytes(fe448*,const unsigned char *); WOLFSSL_LOCAL void fe448_from_bytes(fe448* r, const unsigned char* b);
WOLFSSL_LOCAL void fe448_to_bytes(unsigned char *, const fe448*); WOLFSSL_LOCAL void fe448_to_bytes(unsigned char* b, const fe448* a);
WOLFSSL_LOCAL void fe448_cmov(fe448*,const fe448*, int); WOLFSSL_LOCAL void fe448_cmov(fe448* a, const fe448* b, int c);
WOLFSSL_LOCAL void fe448_pow_2_446_222_1(fe448*,const fe448*); WOLFSSL_LOCAL void fe448_pow_2_446_222_1(fe448* r, const fe448* a);
#else #else
@ -94,21 +94,21 @@ WOLFSSL_LOCAL void fe448_init(void);
WOLFSSL_LOCAL int curve448(byte* r, const byte* n, const byte* a); WOLFSSL_LOCAL int curve448(byte* r, const byte* n, const byte* a);
#define fe448_reduce(a) #define fe448_reduce(a)
WOLFSSL_LOCAL void fe448_neg(word8*,const word8*);
WOLFSSL_LOCAL void fe448_add(word8*, const word8*, const word8*);
WOLFSSL_LOCAL void fe448_sub(word8*, const word8*, const word8*);
WOLFSSL_LOCAL void fe448_mul(word8*,const word8*,const word8*);
WOLFSSL_LOCAL void fe448_sqr(word8*, const word8*);
WOLFSSL_LOCAL void fe448_mul39081(word8*, const word8*);
WOLFSSL_LOCAL void fe448_invert(word8*, const word8*);
WOLFSSL_LOCAL void fe448_copy(word8*, const word8*); WOLFSSL_LOCAL void fe448_neg(word8* r, const word8* a);
WOLFSSL_LOCAL int fe448_isnonzero(const word8*); WOLFSSL_LOCAL void fe448_add(word8* r, const word8* a, const word8* b);
WOLFSSL_LOCAL void fe448_sub(word8* r, const word8* a, const word8* b);
WOLFSSL_LOCAL void fe448_mul(word8* r, const word8* a, const word8* b);
WOLFSSL_LOCAL void fe448_sqr(word8* r, const word8* a);
WOLFSSL_LOCAL void fe448_mul39081(word8* r, const word8* a);
WOLFSSL_LOCAL void fe448_invert(word8* r, const word8* a);
WOLFSSL_LOCAL void fe448_norm(byte *a); WOLFSSL_LOCAL void fe448_norm(byte *a);
WOLFSSL_LOCAL void fe448_copy(word8* d, const word8* a);
WOLFSSL_LOCAL int fe448_isnonzero(const word8* a);
WOLFSSL_LOCAL void fe448_cmov(word8*,const word8*, int); WOLFSSL_LOCAL void fe448_cmov(word8* a, const word8* b, int c);
WOLFSSL_LOCAL void fe448_pow_2_446_222_1(word8*,const word8*); WOLFSSL_LOCAL void fe448_pow_2_446_222_1(word8* r, const word8* a);
#endif /* !CURVE448_SMALL || !ED448_SMALL */ #endif /* !CURVE448_SMALL || !ED448_SMALL */

View File

@ -1,6 +1,6 @@
/* fe_operations.h /* fe_operations.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -91,29 +91,29 @@ WOLFSSL_LOCAL int curve25519(byte * q, const byte * n, const byte * p);
typedef sword32 fe[10]; typedef sword32 fe[10];
#endif #endif
WOLFSSL_LOCAL void fe_copy(fe, const fe); WOLFSSL_LOCAL void fe_copy(fe h,const fe f);
WOLFSSL_LOCAL void fe_add(fe, const fe, const fe); WOLFSSL_LOCAL void fe_add(fe h,const fe f,const fe g);
WOLFSSL_LOCAL void fe_neg(fe,const fe); WOLFSSL_LOCAL void fe_neg(fe h,const fe f);
WOLFSSL_LOCAL void fe_sub(fe, const fe, const fe); WOLFSSL_LOCAL void fe_sub(fe h,const fe f,const fe g);
WOLFSSL_LOCAL void fe_invert(fe, const fe); WOLFSSL_LOCAL void fe_invert(fe out,const fe z);
WOLFSSL_LOCAL void fe_mul(fe,const fe,const fe); WOLFSSL_LOCAL void fe_mul(fe h,const fe f,const fe g);
/* Based On Daniel J Bernstein's curve25519 and ed25519 Public Domain ref10 /* Based On Daniel J Bernstein's curve25519 and ed25519 Public Domain ref10
work. */ work. */
WOLFSSL_LOCAL void fe_0(fe); WOLFSSL_LOCAL void fe_0(fe h);
WOLFSSL_LOCAL void fe_1(fe); WOLFSSL_LOCAL void fe_1(fe h);
WOLFSSL_LOCAL int fe_isnonzero(const fe); WOLFSSL_LOCAL int fe_isnonzero(const fe f);
WOLFSSL_LOCAL int fe_isnegative(const fe); WOLFSSL_LOCAL int fe_isnegative(const fe f);
WOLFSSL_LOCAL void fe_tobytes(unsigned char *, const fe); WOLFSSL_LOCAL void fe_tobytes(unsigned char *s,const fe h);
WOLFSSL_LOCAL void fe_sq(fe, const fe); WOLFSSL_LOCAL void fe_sq(fe h,const fe f);
WOLFSSL_LOCAL void fe_sq2(fe,const fe); WOLFSSL_LOCAL void fe_sq2(fe h,const fe f);
WOLFSSL_LOCAL void fe_frombytes(fe,const unsigned char *); WOLFSSL_LOCAL void fe_frombytes(fe h,const unsigned char *s);
WOLFSSL_LOCAL void fe_cswap(fe, fe, int); WOLFSSL_LOCAL void fe_cswap(fe f, fe g, int b);
WOLFSSL_LOCAL void fe_mul121666(fe,fe); WOLFSSL_LOCAL void fe_mul121666(fe h,fe f);
WOLFSSL_LOCAL void fe_cmov(fe,const fe, int); WOLFSSL_LOCAL void fe_cmov(fe f, const fe g, int b);
WOLFSSL_LOCAL void fe_pow22523(fe,const fe); WOLFSSL_LOCAL void fe_pow22523(fe out,const fe z);
/* 64 type needed for SHA512 */ /* 64 type needed for SHA512 */
WOLFSSL_LOCAL word64 load_3(const unsigned char *in); WOLFSSL_LOCAL word64 load_3(const unsigned char *in);

View File

@ -1,6 +1,6 @@
/* fips_test.h /* fips_test.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -31,8 +31,57 @@
extern "C" { extern "C" {
#endif #endif
/* Known Answer Test string inputs are hex, internal */ /* Added for FIPS v5.3 or later */
WOLFSSL_LOCAL int DoKnownAnswerTests(char*, int); #if defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)
/* Determine FIPS in core hash type and size */
#ifndef NO_SHA256
#define FIPS_IN_CORE_DIGEST_SIZE 32
#define FIPS_IN_CORE_HASH_TYPE WC_SHA256
#define FIPS_IN_CORE_KEY_SZ 32
#define FIPS_IN_CORE_VERIFY_SZ FIPS_IN_CORE_KEY_SZ
#elif defined(WOLFSSL_SHA384)
#define FIPS_IN_CORE_DIGEST_SIZE 48
#define FIPS_IN_CORE_HASH_TYPE WC_SHA384
#define FIPS_IN_CORE_KEY_SZ 48
#define FIPS_IN_CORE_VERIFY_SZ FIPS_IN_CORE_KEY_SZ
#else
#error No FIPS hash (SHA2-256 or SHA2-384)
#endif
#endif /* FIPS v5.3 or later */
enum FipsCastId {
FIPS_CAST_AES_CBC,
FIPS_CAST_AES_GCM,
FIPS_CAST_HMAC_SHA1,
FIPS_CAST_HMAC_SHA2_256,
FIPS_CAST_HMAC_SHA2_512,
FIPS_CAST_HMAC_SHA3_256,
FIPS_CAST_DRBG,
FIPS_CAST_RSA_SIGN_PKCS1v15,
FIPS_CAST_ECC_CDH,
FIPS_CAST_ECC_PRIMITIVE_Z,
FIPS_CAST_DH_PRIMITIVE_Z,
FIPS_CAST_ECDSA,
FIPS_CAST_KDF_TLS12,
FIPS_CAST_KDF_TLS13,
FIPS_CAST_KDF_SSH,
FIPS_CAST_COUNT
};
enum FipsCastStateId {
FIPS_CAST_STATE_INIT,
FIPS_CAST_STATE_PROCESSING,
FIPS_CAST_STATE_SUCCESS,
FIPS_CAST_STATE_FAILURE
};
enum FipsModeId {
FIPS_MODE_INIT,
FIPS_MODE_NORMAL,
FIPS_MODE_DEGRADED,
FIPS_MODE_FAILED
};
/* FIPS failure callback */ /* FIPS failure callback */
@ -47,9 +96,15 @@ WOLFSSL_API const char* wolfCrypt_GetCoreHash_fips(void);
#ifdef HAVE_FORCE_FIPS_FAILURE #ifdef HAVE_FORCE_FIPS_FAILURE
/* Public function to force failure mode for operational testing */ /* Public function to force failure mode for operational testing */
WOLFSSL_API int wolfCrypt_SetStatus_fips(int); WOLFSSL_API int wolfCrypt_SetStatus_fips(int status);
#endif #endif
WOLFSSL_LOCAL int DoPOST(char* base16_hash, int base16_hashSz);
WOLFSSL_LOCAL int DoCAST(int type);
WOLFSSL_LOCAL int DoKnownAnswerTests(char* base16_hash, int base16_hashSz); /* FIPSv1 and FIPSv2 */
WOLFSSL_API int wc_RunCast_fips(int type);
WOLFSSL_API int wc_GetCastStatus_fips(int type);
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

View File

@ -1,6 +1,6 @@
/* ge_448.h /* ge_448.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -59,18 +59,15 @@ typedef struct {
} ge448_p2; } ge448_p2;
WOLFSSL_LOCAL int ge448_compress_key(byte*, const byte*, const byte*); WOLFSSL_LOCAL int ge448_compress_key(byte* out, const byte* xIn, const byte* yIn);
WOLFSSL_LOCAL int ge448_from_bytes_negate_vartime(ge448_p2 *, WOLFSSL_LOCAL int ge448_from_bytes_negate_vartime(ge448_p2 *r, const byte *b);
const unsigned char *);
WOLFSSL_LOCAL int ge448_double_scalarmult_vartime(ge448_p2 *, WOLFSSL_LOCAL int ge448_double_scalarmult_vartime(ge448_p2 *r, const byte *a,
const unsigned char *, const ge448_p2 *A, const byte *b);
const ge448_p2 *, WOLFSSL_LOCAL void ge448_scalarmult_base(ge448_p2* h, const byte* a);
const unsigned char *); WOLFSSL_LOCAL void sc448_reduce(byte* b);
WOLFSSL_LOCAL void ge448_scalarmult_base(ge448_p2 *, const unsigned char *); WOLFSSL_LOCAL void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d);
WOLFSSL_LOCAL void sc448_reduce(byte*); WOLFSSL_LOCAL void ge448_to_bytes(byte *s, const ge448_p2 *h);
WOLFSSL_LOCAL void sc448_muladd(byte*, const byte*, const byte*, const byte*);
WOLFSSL_LOCAL void ge448_to_bytes(unsigned char *, const ge448_p2 *);
#ifndef ED448_SMALL #ifndef ED448_SMALL

View File

@ -1,6 +1,6 @@
/* ge_operations.h /* ge_operations.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -73,16 +73,16 @@ typedef struct {
WOLFSSL_LOCAL int ge_compress_key(byte* out, const byte* xIn, const byte* yIn, WOLFSSL_LOCAL int ge_compress_key(byte* out, const byte* xIn, const byte* yIn,
word32 keySz); word32 keySz);
WOLFSSL_LOCAL int ge_frombytes_negate_vartime(ge_p3 *,const unsigned char *); WOLFSSL_LOCAL int ge_frombytes_negate_vartime(ge_p3 *h,const unsigned char *s);
WOLFSSL_LOCAL int ge_double_scalarmult_vartime(ge_p2 *,const unsigned char *, WOLFSSL_LOCAL int ge_double_scalarmult_vartime(ge_p2 *r, const unsigned char *a,
const ge_p3 *,const unsigned char *); const ge_p3 *A, const unsigned char *b);
WOLFSSL_LOCAL void ge_scalarmult_base(ge_p3 *,const unsigned char *); WOLFSSL_LOCAL void ge_scalarmult_base(ge_p3 *h,const unsigned char *a);
WOLFSSL_LOCAL void sc_reduce(byte* s); WOLFSSL_LOCAL void sc_reduce(byte* s);
WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b, WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b,
const byte* c); const byte* c);
WOLFSSL_LOCAL void ge_tobytes(unsigned char *,const ge_p2 *); WOLFSSL_LOCAL void ge_tobytes(unsigned char *s,const ge_p2 *h);
WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *,const ge_p3 *); WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *s,const ge_p3 *h);
#ifndef ED25519_SMALL #ifndef ED25519_SMALL

View File

@ -1,6 +1,6 @@
/* hash.h /* hash.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -170,7 +170,7 @@ WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type,
byte* out); byte* out);
WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type);
#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) #ifdef WOLFSSL_HASH_FLAGS
WOLFSSL_API int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, WOLFSSL_API int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type,
word32 flags); word32 flags);
WOLFSSL_API int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, WOLFSSL_API int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type,
@ -184,66 +184,53 @@ WOLFSSL_API int wc_Md5Hash(const byte* data, word32 len, byte* hash);
#ifndef NO_SHA #ifndef NO_SHA
#include <libs/libwolfssl/wolfcrypt/sha.h> #include <libs/libwolfssl/wolfcrypt/sha.h>
WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*); WOLFSSL_API int wc_ShaHash(const byte* data, word32 len, byte* hash);
#endif #endif
#ifdef WOLFSSL_SHA224 #ifdef WOLFSSL_SHA224
#include <libs/libwolfssl/wolfcrypt/sha256.h> #include <libs/libwolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha224Hash(const byte* data, word32 len, byte* hash);
#endif /* defined(WOLFSSL_SHA224) */ #endif /* defined(WOLFSSL_SHA224) */
#ifndef NO_SHA256 #ifndef NO_SHA256
#include <libs/libwolfssl/wolfcrypt/sha256.h> #include <libs/libwolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha256Hash(const byte* data, word32 len, byte* hash);
#endif #endif
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
#include <libs/libwolfssl/wolfcrypt/sha512.h> #include <libs/libwolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha384Hash(const byte* data, word32 len, byte* hash);
#endif /* defined(WOLFSSL_SHA384) */ #endif /* defined(WOLFSSL_SHA384) */
#ifdef WOLFSSL_SHA512 #ifdef WOLFSSL_SHA512
#include <libs/libwolfssl/wolfcrypt/sha512.h> #include <libs/libwolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha512Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha512_224Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha512_256Hash(const byte* data, word32 len, byte* hash);
#endif /* WOLFSSL_SHA512 */ #endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3 #ifdef WOLFSSL_SHA3
#include <libs/libwolfssl/wolfcrypt/sha3.h> #include <libs/libwolfssl/wolfcrypt/sha3.h>
WOLFSSL_API int wc_Sha3_224Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha3_224Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha3_256Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha3_256Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha3_384Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha3_384Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha3_512Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha3_512Hash(const byte* data, word32 len, byte* hash);
#ifdef WOLFSSL_SHAKE128
WOLFSSL_API int wc_Shake128Hash(const byte* data, word32 len, byte* hash,
word32 hashLen);
#endif
#ifdef WOLFSSL_SHAKE256 #ifdef WOLFSSL_SHAKE256
WOLFSSL_API int wc_Shake256Hash(const byte*, word32, byte*, word32); WOLFSSL_API int wc_Shake256Hash(const byte* data, word32 len, byte* hash,
word32 hashLen);
#endif #endif
#endif /* WOLFSSL_SHA3 */ #endif /* WOLFSSL_SHA3 */
#endif /* !NO_HASH_WRAPPER */ #endif /* !NO_HASH_WRAPPER */
enum max_prf { #if defined(WOLFSSL_HASH_KEEP)
#ifdef HAVE_FFDHE_8192 WOLFSSL_LOCAL int _wc_Hash_Grow(byte** msg, word32* used, word32* len,
MAX_PRF_HALF = 516, /* Maximum half secret len */ const byte* in, int inSz, void* heap);
#elif defined(HAVE_FFDHE_6144)
MAX_PRF_HALF = 388, /* Maximum half secret len */
#else
MAX_PRF_HALF = 260, /* Maximum half secret len */
#endif #endif
MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
MAX_PRF_DIG = 224 /* Maximum digest len */
};
#ifdef WOLFSSL_HAVE_PRF
WOLFSSL_API int wc_PRF(byte* result, word32 resLen, const byte* secret,
word32 secLen, const byte* seed, word32 seedLen, int hash,
void* heap, int devId);
WOLFSSL_API int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, void* heap, int devId);
WOLFSSL_API int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, int useAtLeastSha256,
int hash_type, void* heap, int devId);
#endif /* WOLFSSL_HAVE_PRF */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

View File

@ -1,67 +0,0 @@
/* hc128.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/hc128.h
*/
#ifndef WOLF_CRYPT_HC128_H
#define WOLF_CRYPT_HC128_H
#include <libs/libwolfssl/wolfcrypt/types.h>
#ifndef NO_HC128
#ifdef __cplusplus
extern "C" {
#endif
enum {
HC128_ENC_TYPE = WC_CIPHER_HC128, /* cipher unique type */
};
/* HC-128 stream cipher */
typedef struct HC128 {
word32 T[1024]; /* P[i] = T[i]; Q[i] = T[1024 + i ]; */
word32 X[16];
word32 Y[16];
word32 counter1024; /* counter1024 = i mod 1024 at the ith step */
word32 key[8];
word32 iv[8];
#ifdef XSTREAM_ALIGN
void* heap; /* heap hint, currently XMALLOC only used with aligning */
#endif
} HC128;
WOLFSSL_API int wc_Hc128_Process(HC128*, byte*, const byte*, word32);
WOLFSSL_API int wc_Hc128_SetKey(HC128*, const byte* key, const byte* iv);
WOLFSSL_LOCAL int wc_Hc128_SetHeap(HC128* ctx, void* heap);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_HC128 */
#endif /* WOLF_CRYPT_HC128_H */

View File

@ -1,6 +1,6 @@
/* hmac.h /* hmac.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -23,13 +23,13 @@
\file wolfssl/wolfcrypt/hmac.h \file wolfssl/wolfcrypt/hmac.h
*/ */
#ifndef NO_HMAC
#ifndef WOLF_CRYPT_HMAC_H #ifndef WOLF_CRYPT_HMAC_H
#define WOLF_CRYPT_HMAC_H #define WOLF_CRYPT_HMAC_H
#include <libs/libwolfssl/wolfcrypt/hash.h> #include <libs/libwolfssl/wolfcrypt/hash.h>
#ifndef NO_HMAC
#if defined(HAVE_FIPS) && \ #if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* for fips @wc_fips */ /* for fips @wc_fips */
@ -55,6 +55,10 @@
#include <libs/libwolfssl/wolfcrypt/async.h> #include <libs/libwolfssl/wolfcrypt/async.h>
#endif #endif
#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_HMAC)
#include <libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
#ifndef NO_OLD_WC_NAMES #ifndef NO_OLD_WC_NAMES
#define HMAC_BLOCK_SIZE WC_HMAC_BLOCK_SIZE #define HMAC_BLOCK_SIZE WC_HMAC_BLOCK_SIZE
#endif #endif
@ -80,6 +84,12 @@ enum {
#endif #endif
#ifndef WOLFSSL_SHA512 #ifndef WOLFSSL_SHA512
WC_SHA512 = WC_HASH_TYPE_SHA512, WC_SHA512 = WC_HASH_TYPE_SHA512,
#ifndef WOLFSSL_NOSHA512_224
WC_SHA512_224 = WC_HASH_TYPE_SHA512_224,
#endif
#ifndef WOLFSSL_NOSHA512_256
WC_SHA512_256 = WC_HASH_TYPE_SHA512_256,
#endif
#endif #endif
#ifndef WOLFSSL_SHA384 #ifndef WOLFSSL_SHA384
WC_SHA384 = WC_HASH_TYPE_SHA384, WC_SHA384 = WC_HASH_TYPE_SHA384,
@ -93,7 +103,7 @@ enum {
WC_SHA3_384 = WC_HASH_TYPE_SHA3_384, WC_SHA3_384 = WC_HASH_TYPE_SHA3_384,
WC_SHA3_512 = WC_HASH_TYPE_SHA3_512, WC_SHA3_512 = WC_HASH_TYPE_SHA3_512,
#endif #endif
#ifdef HAVE_PKCS11 #ifdef WOLF_PRIVATE_KEY_ID
HMAC_MAX_ID_LEN = 32, HMAC_MAX_ID_LEN = 32,
HMAC_MAX_LABEL_LEN = 32, HMAC_MAX_LABEL_LEN = 32,
#endif #endif
@ -109,7 +119,7 @@ enum {
#endif #endif
/* hash union */ /* hmac hash union */
typedef union { typedef union {
#ifndef NO_MD5 #ifndef NO_MD5
wc_Md5 md5; wc_Md5 md5;
@ -132,26 +142,32 @@ typedef union {
#ifdef WOLFSSL_SHA3 #ifdef WOLFSSL_SHA3
wc_Sha3 sha3; wc_Sha3 sha3;
#endif #endif
} wc_Hmac_Hash; } wc_HmacHash;
/* Hmac digest */ /* Hmac digest */
struct Hmac { struct Hmac {
wc_Hmac_Hash hash; wc_HmacHash hash;
word32 ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ word32 ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; word32 opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
word32 innerHash[WC_MAX_DIGEST_SIZE / sizeof(word32)]; word32 innerHash[WC_MAX_DIGEST_SIZE / sizeof(word32)];
void* heap; /* heap hint */ void* heap; /* heap hint */
byte macType; /* md5 sha or sha256 */ byte macType; /* md5 sha or sha256 */
byte innerHashKeyed; /* keyed flag */ byte innerHashKeyed; /* keyed flag */
#ifdef WOLFSSL_KCAPI_HMAC
struct kcapi_handle* handle;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev; WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
#if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HMAC)
WC_CRYPTODEV ctx;
#endif
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_CRYPTO_CB
int devId; int devId;
void* devCtx; void* devCtx;
const byte* keyRaw; const byte* keyRaw;
#endif #endif
#ifdef HAVE_PKCS11 #ifdef WOLF_PRIVATE_KEY_ID
byte id[HMAC_MAX_ID_LEN]; byte id[HMAC_MAX_ID_LEN];
int idLen; int idLen;
char label[HMAC_MAX_LABEL_LEN]; char label[HMAC_MAX_LABEL_LEN];
@ -171,19 +187,25 @@ struct Hmac {
#endif /* HAVE_FIPS */ #endif /* HAVE_FIPS */
/* does init */ /* does init */
WOLFSSL_API int wc_HmacSetKey(Hmac*, int type, const byte* key, word32 keySz); WOLFSSL_API int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz);
WOLFSSL_API int wc_HmacUpdate(Hmac*, const byte*, word32); WOLFSSL_API int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz);
WOLFSSL_API int wc_HmacFinal(Hmac*, byte*); WOLFSSL_API int wc_HmacFinal(Hmac* hmac, byte* out);
#ifdef WOLFSSL_KCAPI_HMAC
WOLFSSL_API int wc_HmacSetKey_Software(Hmac* hmac, int type, const byte* key,
word32 keySz);
WOLFSSL_API int wc_HmacUpdate_Software(Hmac* hmac, const byte* in, word32 sz);
WOLFSSL_API int wc_HmacFinal_Software(Hmac* hmac, byte* out);
#endif
WOLFSSL_API int wc_HmacSizeByType(int type); WOLFSSL_API int wc_HmacSizeByType(int type);
WOLFSSL_API int wc_HmacInit(Hmac* hmac, void* heap, int devId); WOLFSSL_API int wc_HmacInit(Hmac* hmac, void* heap, int devId);
#ifdef HAVE_PKCS11 #ifdef WOLF_PRIVATE_KEY_ID
WOLFSSL_API int wc_HmacInit_Id(Hmac* hmac, byte* id, int len, void* heap, WOLFSSL_API int wc_HmacInit_Id(Hmac* hmac, byte* id, int len, void* heap,
int devId); int devId);
WOLFSSL_API int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap, WOLFSSL_API int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap,
int devId); int devId);
#endif #endif
WOLFSSL_API void wc_HmacFree(Hmac*); WOLFSSL_API void wc_HmacFree(Hmac* hmac);
WOLFSSL_API int wolfSSL_GetHmacMaxSize(void); WOLFSSL_API int wolfSSL_GetHmacMaxSize(void);
@ -208,7 +230,5 @@ WOLFSSL_API int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
} /* extern "C" */ } /* extern "C" */
#endif #endif
#endif /* WOLF_CRYPT_HMAC_H */
#endif /* NO_HMAC */ #endif /* NO_HMAC */
#endif /* WOLF_CRYPT_HMAC_H */

View File

@ -1,70 +0,0 @@
/* idea.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/idea.h
*/
#ifndef WOLF_CRYPT_IDEA_H
#define WOLF_CRYPT_IDEA_H
#include <libs/libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_IDEA
#ifdef __cplusplus
extern "C" {
#endif
enum {
IDEA_MODULO = 0x10001, /* 2^16+1 */
IDEA_2EXP16 = 0x10000, /* 2^16 */
IDEA_MASK = 0xFFFF, /* 16 bits set to one */
IDEA_ROUNDS = 8, /* number of rounds for IDEA */
IDEA_SK_NUM = (6*IDEA_ROUNDS + 4), /* number of subkeys */
IDEA_KEY_SIZE = 16, /* size of key in bytes */
IDEA_BLOCK_SIZE = 8, /* size of IDEA blocks in bytes */
IDEA_IV_SIZE = 8, /* size of IDEA IV in bytes */
IDEA_ENCRYPTION = 0,
IDEA_DECRYPTION = 1
};
/* IDEA encryption and decryption */
typedef struct Idea {
word32 reg[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word16 skey[IDEA_SK_NUM]; /* 832 bits expanded key */
} Idea;
WOLFSSL_API int wc_IdeaSetKey(Idea *idea, const byte* key, word16 keySz,
const byte *iv, int dir);
WOLFSSL_API int wc_IdeaSetIV(Idea *idea, const byte* iv);
WOLFSSL_API int wc_IdeaCipher(Idea *idea, byte* out, const byte* in);
WOLFSSL_API int wc_IdeaCbcEncrypt(Idea *idea, byte* out,
const byte* in, word32 len);
WOLFSSL_API int wc_IdeaCbcDecrypt(Idea *idea, byte* out,
const byte* in, word32 len);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_IDEA */
#endif /* WOLF_CRYPT_IDEA_H */

View File

@ -1,6 +1,6 @@
/* integer.h /* integer.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -151,7 +151,7 @@ extern "C" {
#define MP_DIGIT_MAX MP_MASK #define MP_DIGIT_MAX MP_MASK
/* equalities */ /* equalities */
#define MP_LT -1 /* less than */ #define MP_LT (-1) /* less than */
#define MP_EQ 0 /* equal to */ #define MP_EQ 0 /* equal to */
#define MP_GT 1 /* greater than */ #define MP_GT 1 /* greater than */
@ -159,9 +159,9 @@ extern "C" {
#define MP_NEG 1 /* negative */ #define MP_NEG 1 /* negative */
#define MP_OKAY 0 /* ok result */ #define MP_OKAY 0 /* ok result */
#define MP_MEM -2 /* out of mem */ #define MP_MEM (-2) /* out of mem */
#define MP_VAL -3 /* invalid input */ #define MP_VAL (-3) /* invalid input */
#define MP_NOT_INF -4 /* point not at infinity */ #define MP_NOT_INF (-4) /* point not at infinity */
#define MP_RANGE MP_NOT_INF #define MP_RANGE MP_NOT_INF
#define MP_YES 1 /* yes response */ #define MP_YES 1 /* yes response */
@ -235,7 +235,7 @@ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
(((a)->used > 0 && (((a)->dp[0] & 1u) == 1u)) ? MP_YES : MP_NO) (((a)->used > 0 && (((a)->dp[0] & 1u) == 1u)) ? MP_YES : MP_NO)
#define mp_isneg(a) (((a)->sign != MP_ZPOS) ? MP_YES : MP_NO) #define mp_isneg(a) (((a)->sign != MP_ZPOS) ? MP_YES : MP_NO)
#define mp_isword(a, w) \ #define mp_isword(a, w) \
((((a)->used == 1) && ((a)->dp[0] == w)) || ((w == 0) && ((a)->used == 0)) \ ((((a)->used == 1) && ((a)->dp[0] == (w))) || (((w) == 0) && ((a)->used == 0)) \
? MP_YES : MP_NO) ? MP_YES : MP_NO)
/* number of primes */ /* number of primes */
@ -254,7 +254,7 @@ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
#endif #endif
#define mp_prime_random(a, t, size, bbs, cb, dat) \ #define mp_prime_random(a, t, size, bbs, cb, dat) \
mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat) mp_prime_random_ex(a, t, ((size) * 8) + 1, ((bbs)==1)?LTM_PRIME_BBS:0, cb, dat)
#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len)) #define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len))
#define mp_mag_size(mp) mp_unsigned_bin_size(mp) #define mp_mag_size(mp) mp_unsigned_bin_size(mp)
@ -302,7 +302,7 @@ MP_API int mp_grow (mp_int * a, int size);
MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d); MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
MP_API void mp_zero (mp_int * a); MP_API void mp_zero (mp_int * a);
MP_API void mp_clamp (mp_int * a); MP_API void mp_clamp (mp_int * a);
MP_API void mp_exch (mp_int * a, mp_int * b); MP_API int mp_exch (mp_int * a, mp_int * b);
MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m); MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
MP_API void mp_rshd (mp_int * a, int b); MP_API void mp_rshd (mp_int * a, int b);
MP_API void mp_rshb (mp_int * a, int b); MP_API void mp_rshb (mp_int * a, int b);
@ -330,7 +330,7 @@ MP_API int mp_reduce_is_2k_l(mp_int *a);
MP_API int mp_reduce_is_2k(mp_int *a); MP_API int mp_reduce_is_2k(mp_int *a);
MP_API int mp_dr_is_modulus(mp_int *a); MP_API int mp_dr_is_modulus(mp_int *a);
MP_API int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, MP_API int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
int); int redmode);
MP_API int mp_exptmod_base_2 (mp_int * X, mp_int * P, mp_int * Y); MP_API int mp_exptmod_base_2 (mp_int * X, mp_int * P, mp_int * Y);
#define mp_exptmod_nct(G,X,P,Y) mp_exptmod_fast(G,X,P,Y,0) #define mp_exptmod_nct(G,X,P,Y) mp_exptmod_fast(G,X,P,Y,0)
MP_API int mp_montgomery_setup (mp_int * n, mp_digit * rho); MP_API int mp_montgomery_setup (mp_int * n, mp_digit * rho);
@ -393,12 +393,12 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
#if defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH) #if defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH)
MP_API int mp_prime_is_prime (mp_int * a, int t, int *result); MP_API int mp_prime_is_prime (mp_int * a, int t, int *result);
MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG*); MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG* rng);
#endif /* WOLFSSL_KEY_GEN NO_RSA NO_DSA NO_DH */ #endif /* WOLFSSL_KEY_GEN NO_RSA NO_DSA NO_DH */
#ifdef WOLFSSL_KEY_GEN #ifdef WOLFSSL_KEY_GEN
MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c); MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c); MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap); MP_API int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap);
#endif #endif
MP_API int mp_cnt_lsb(mp_int *a); MP_API int mp_cnt_lsb(mp_int *a);

View File

@ -0,0 +1,115 @@
/* kdf.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/kdf.h
*/
#ifndef NO_KDF
#ifndef WOLF_CRYPT_KDF_H
#define WOLF_CRYPT_KDF_H
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
#include <libs/libwolfssl/wolfcrypt/fips.h>
#endif
#include <libs/libwolfssl/wolfcrypt/hmac.h>
#ifdef __cplusplus
extern "C" {
#endif
enum max_prf {
#ifdef HAVE_FFDHE_8192
MAX_PRF_HALF = 516, /* Maximum half secret len */
#elif defined(HAVE_FFDHE_6144)
MAX_PRF_HALF = 388, /* Maximum half secret len */
#else
MAX_PRF_HALF = 260, /* Maximum half secret len */
#endif
MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
MAX_PRF_DIG = 224 /* Maximum digest len */
};
#ifdef WOLFSSL_HAVE_PRF
WOLFSSL_API int wc_PRF(byte* result, word32 resLen, const byte* secret,
word32 secLen, const byte* seed, word32 seedLen, int hash,
void* heap, int devId);
WOLFSSL_API int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, void* heap, int devId);
WOLFSSL_API int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, int useAtLeastSha256,
int hash_type, void* heap, int devId);
#endif /* WOLFSSL_HAVE_PRF */
#ifdef HAVE_HKDF
enum {
/*
MAX_HKDF_LABEL_SZ = OPAQUE16_LEN +
OPAQUE8_LEN + PROTOCOL_LABEL_SZ + MAX_LABEL_SZ +
OPAQUE8_LEN + WC_MAX_DIGEST_SIZE
*/
MAX_TLS13_HKDF_LABEL_SZ = 47 + WC_MAX_DIGEST_SIZE
};
WOLFSSL_API int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, int saltLen,
byte* ikm, int ikmLen, int digest);
WOLFSSL_API int wc_Tls13_HKDF_Expand_Label(byte* okm, word32 okmLen,
const byte* prk, word32 prkLen,
const byte* protocol, word32 protocolLen,
const byte* label, word32 labelLen,
const byte* info, word32 infoLen,
int digest);
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
WOLFSSL_API int wc_Tls13_HKDF_Expand_Label_Alloc(byte* okm, word32 okmLen,
const byte* prk, word32 prkLen, const byte* protocol, word32 protocolLen,
const byte* label, word32 labelLen, const byte* info, word32 infoLen,
int digest, void* heap);
#endif /* !defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3) */
#endif /* HAVE_HKDF */
#ifdef WOLFSSL_WOLFSSH
WOLFSSL_API int wc_SSH_KDF(byte hashId, byte keyId,
byte* key, word32 keySz,
const byte* k, word32 kSz,
const byte* h, word32 hSz,
const byte* sessionId, word32 sessionIdSz);
#endif /* WOLFSSL_WOLFSSH */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_KDF_H */
#endif /* NO_KDF */

View File

@ -1,6 +1,6 @@
/* logging.h /* logging.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -105,19 +105,29 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
WOLFSSL_API const char *wolfSSL_global_cflags(void); WOLFSSL_API const char *wolfSSL_global_cflags(void);
#endif #endif
#if (defined(OPENSSL_EXTRA) && !defined(_WIN32) && \
!defined(NO_ERROR_QUEUE)) || defined(DEBUG_WOLFSSL_VERBOSE)
#define WOLFSSL_HAVE_ERROR_QUEUE
#endif
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
WOLFSSL_LOCAL int wc_LoggingInit(void); WOLFSSL_LOCAL int wc_LoggingInit(void);
WOLFSSL_LOCAL int wc_LoggingCleanup(void); WOLFSSL_LOCAL int wc_LoggingCleanup(void);
WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf, WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf,
char* file); char* file);
WOLFSSL_LOCAL int wc_PeekErrorNode(int index, const char **file, WOLFSSL_LOCAL int wc_PeekErrorNode(int idx, const char **file,
const char **reason, int *line); const char **reason, int *line);
WOLFSSL_LOCAL void wc_RemoveErrorNode(int index); WOLFSSL_LOCAL void wc_RemoveErrorNode(int idx);
WOLFSSL_LOCAL void wc_ClearErrorNodes(void); WOLFSSL_LOCAL void wc_ClearErrorNodes(void);
WOLFSSL_LOCAL int wc_PullErrorNode(const char **file, const char **reason, WOLFSSL_LOCAL int wc_PullErrorNode(const char **file, const char **reason,
int *line); int *line);
WOLFSSL_API int wc_SetLoggingHeap(void* h); WOLFSSL_API int wc_SetLoggingHeap(void* h);
WOLFSSL_API int wc_ERR_remove_state(void); WOLFSSL_API int wc_ERR_remove_state(void);
WOLFSSL_LOCAL unsigned long wc_PeekErrorNodeLineData(
const char **file, int *line, const char **data, int *flags,
int (*ignore_err)(int err));
WOLFSSL_LOCAL unsigned long wc_GetErrorNodeErr(void);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp); WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp);
WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str, WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str,
@ -156,7 +166,12 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
#define WOLFSSL_STUB(m) \ #define WOLFSSL_STUB(m) \
WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented)) WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented))
WOLFSSL_API int WOLFSSL_IS_DEBUG_ON(void); WOLFSSL_API int WOLFSSL_IS_DEBUG_ON(void);
#if !defined(_WIN32) && defined(XVSNPRINTF)
WOLFSSL_API void WOLFSSL_MSG_EX(const char* fmt, ...);
#define HAVE_WOLFSSL_MSG_EX
#else
#define WOLFSSL_MSG_EX(...)
#endif
WOLFSSL_API void WOLFSSL_MSG(const char* msg); WOLFSSL_API void WOLFSSL_MSG(const char* msg);
WOLFSSL_API void WOLFSSL_BUFFER(const byte* buffer, word32 length); WOLFSSL_API void WOLFSSL_BUFFER(const byte* buffer, word32 length);
@ -167,29 +182,36 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
#define WOLFSSL_STUB(m) #define WOLFSSL_STUB(m)
#define WOLFSSL_IS_DEBUG_ON() 0 #define WOLFSSL_IS_DEBUG_ON() 0
#define WOLFSSL_MSG(m) #define WOLFSSL_MSG_EX(...) do{} while(0)
#define WOLFSSL_BUFFER(b, l) #define WOLFSSL_MSG(m) do{} while(0)
#define WOLFSSL_BUFFER(b, l) do{} while(0)
#endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */ #endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */
#if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) ||\ #if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) ||\
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
#if (!defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && !defined(_WIN32))\ #ifdef WOLFSSL_HAVE_ERROR_QUEUE
|| defined(DEBUG_WOLFSSL_VERBOSE)
WOLFSSL_API void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line, WOLFSSL_API void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line,
const char* file, void* ctx); const char* file, void* ctx);
#define WOLFSSL_ERROR(x) \ #define WOLFSSL_ERROR(x) \
WOLFSSL_ERROR_LINE((x), __func__, __LINE__, __FILE__, NULL) WOLFSSL_ERROR_LINE((x), __func__, __LINE__, __FILE__, NULL)
#else #else
WOLFSSL_API void WOLFSSL_ERROR(int err); WOLFSSL_API void WOLFSSL_ERROR(int err);
#endif #endif /* WOLFSSL_HAVE_ERROR_QUEUE */
WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg);
WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg);
#else #else
#define WOLFSSL_ERROR(e) #define WOLFSSL_ERROR(e)
#define WOLFSSL_ERROR_MSG(m) #define WOLFSSL_ERROR_MSG(m)
#endif #endif /* DEBUG_WOLFSSL | OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
OPENSSL_EXTRA */
#ifdef WOLFSSL_VERBOSE_ERRORS
#define WOLFSSL_ERROR_VERBOSE(e) WOLFSSL_ERROR(e)
#else
#define WOLFSSL_ERROR_VERBOSE(e) (void)(e)
#endif /* WOLFSSL_VERBOSE_ERRORS */
#ifdef HAVE_STACK_SIZE_VERBOSE #ifdef HAVE_STACK_SIZE_VERBOSE
extern WOLFSSL_API THREAD_LS_T unsigned char *StackSizeCheck_myStack; extern WOLFSSL_API THREAD_LS_T unsigned char *StackSizeCheck_myStack;

View File

@ -1,6 +1,6 @@
/* md2.h /* md2.h
* *
* Copyright (C) 2006-2021 wolfSSL Inc. * Copyright (C) 2006-2022 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@ -54,10 +54,10 @@ typedef struct Md2 {
} Md2; } Md2;
WOLFSSL_API void wc_InitMd2(Md2*); WOLFSSL_API void wc_InitMd2(Md2* md2);
WOLFSSL_API void wc_Md2Update(Md2*, const byte*, word32); WOLFSSL_API void wc_Md2Update(Md2* md2, const byte* data, word32 len);
WOLFSSL_API void wc_Md2Final(Md2*, byte*); WOLFSSL_API void wc_Md2Final(Md2* md2, byte* hash);
WOLFSSL_API int wc_Md2Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Md2Hash(const byte* data, word32 len, byte* hash);
#ifdef __cplusplus #ifdef __cplusplus

Some files were not shown because too many files have changed in this diff Show More