Update wolfSSL

This commit is contained in:
wiidev 2023-01-01 17:00:36 +00:00
parent df76e45150
commit 8e2da2585f
182 changed files with 19084 additions and 6027 deletions

View File

@ -1,6 +1,6 @@
/* callbacks.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
/* crl.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -34,12 +34,14 @@
extern "C" {
#endif
WOLFSSL_LOCAL int InitCRL(WOLFSSL_CRL*, WOLFSSL_CERT_MANAGER*);
WOLFSSL_LOCAL void FreeCRL(WOLFSSL_CRL*, int dynamic);
WOLFSSL_LOCAL int InitCRL(WOLFSSL_CRL* crl, WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_LOCAL void FreeCRL(WOLFSSL_CRL* crl, int dynamic);
WOLFSSL_LOCAL int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int mon);
WOLFSSL_LOCAL int BufferLoadCRL(WOLFSSL_CRL*, const byte*, long, int, int);
WOLFSSL_LOCAL int CheckCertCRL(WOLFSSL_CRL*, DecodedCert*);
WOLFSSL_LOCAL int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type,
int monitor);
WOLFSSL_LOCAL int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz,
int type, int verify);
WOLFSSL_LOCAL int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert);
#ifdef __cplusplus

View File

@ -1,6 +1,6 @@
/* error-ssl.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -52,7 +52,6 @@ enum wolfSSL_ErrorCodes {
RSA_PRIVATE_ERROR = -318, /* error during rsa priv op */
NO_DH_PARAMS = -319, /* server missing DH params */
BUILD_MSG_ERROR = -320, /* build message failure */
BAD_HELLO = -321, /* client hello malformed */
DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */
WANT_READ = -323, /* want read, call again */
@ -76,10 +75,6 @@ enum wolfSSL_ErrorCodes {
ZERO_RETURN = -343, /* peer sent close notify */
SIDE_ERROR = -344, /* wrong client/server type */
NO_PEER_CERT = -345, /* peer didn't send key */
NTRU_KEY_ERROR = -346, /* NTRU key error */
NTRU_DRBG_ERROR = -347, /* NTRU drbg error */
NTRU_ENCRYPT_ERROR = -348, /* NTRU encrypt error */
NTRU_DECRYPT_ERROR = -349, /* NTRU decrypt error */
ECC_CURVETYPE_ERROR = -350, /* Bad ECC Curve Type */
ECC_CURVE_ERROR = -351, /* Bad ECC Curve */
ECC_PEERKEY_ERROR = -352, /* Bad Peer ECC Key */
@ -113,6 +108,7 @@ enum wolfSSL_ErrorCodes {
UNKNOWN_SNI_HOST_NAME_E = -381, /* Unrecognized host name Error */
UNKNOWN_MAX_FRAG_LEN_E = -382, /* Unrecognized max frag len Error */
KEYUSE_SIGNATURE_E = -383, /* KeyUse digSignature error */
KEYUSE_ENCIPHER_E = -385, /* KeyUse keyEncipher error */
EXTKEYUSE_AUTH_E = -386, /* ExtKeyUse server|client_auth */
SEND_OOB_READ_E = -387, /* Send Cb out of bounds read */
@ -171,9 +167,22 @@ enum wolfSSL_ErrorCodes {
NO_CERT_ERROR = -440, /* TLS1.3 - no cert set error */
APP_DATA_READY = -441, /* DTLS1.2 application data ready for read */
TOO_MUCH_EARLY_DATA = -442, /* Too much Early data */
SOCKET_FILTERED_E = -443, /* Session stopped by network filter */
HTTP_RECV_ERR = -444, /* HTTP Receive error */
HTTP_HEADER_ERR = -445, /* HTTP Header error */
HTTP_PROTO_ERR = -446, /* HTTP Protocol error */
HTTP_STATUS_ERR = -447, /* HTTP Status error */
HTTP_VERSION_ERR = -448, /* HTTP Version error */
HTTP_APPSTR_ERR = -449, /* HTTP Application string error */
UNSUPPORTED_PROTO_VERSION = -450, /* bad/unsupported protocol version*/
FALCON_KEY_SIZE_E = -451, /* Wrong key size for Falcon. */
QUIC_TP_MISSING_E = -452, /* QUIC transport parameter missing */
DILITHIUM_KEY_SIZE_E = -453, /* Wrong key size for Dilithium. */
DTLS_CID_ERROR = -454, /* Wrong or missing CID */
DTLS_TOO_MANY_FRAGMENTS_E = -455, /* Received too many fragments */
QUIC_WRONG_ENC_LEVEL = -456, /* QUIC data received on wrong encryption level */
DUPLICATE_TLS_EXT_E = -457, /* Duplicate TLS extension in msg. */
/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */
/* begin negotiation parameter errors */

File diff suppressed because it is too large Load Diff

Binary file not shown.

View File

@ -1,6 +1,6 @@
/* ocsp.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -50,13 +50,13 @@ typedef struct OcspRequest WOLFSSL_OCSP_ONEREQ;
typedef struct OcspRequest WOLFSSL_OCSP_REQUEST;
#endif
WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP*, WOLFSSL_CERT_MANAGER*);
WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP*, int dynamic);
WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP* ocsp, WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP* ocsp, int dynamic);
WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*,
WOLFSSL_BUFFER_INFO* responseBuffer);
WOLFSSL_LOCAL int CheckCertOCSP_ex(WOLFSSL_OCSP*, DecodedCert*,
WOLFSSL_BUFFER_INFO* responseBuffer, WOLFSSL* ssl);
WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert,
WOLFSSL_BUFFER_INFO* responseBuffer);
WOLFSSL_LOCAL int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert,
WOLFSSL_BUFFER_INFO* responseBuffer, WOLFSSL* ssl);
WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp,
OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer);
WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
@ -103,14 +103,21 @@ WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request,
unsigned char** data);
WOLFSSL_API WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req,
WOLFSSL_OCSP_CERTID *cid);
WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID*);
WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(
WOLFSSL_OCSP_CERTID* id);
#ifndef NO_BIO
WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out,
WOLFSSL_OCSP_REQUEST *req);
#endif
WOLFSSL_API int wolfSSL_i2d_OCSP_CERTID(WOLFSSL_OCSP_CERTID *, unsigned char **);
WOLFSSL_API const WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_SINGLERESP_get0_id(const WOLFSSL_OCSP_SINGLERESP *single);
WOLFSSL_API int wolfSSL_i2d_OCSP_CERTID(WOLFSSL_OCSP_CERTID* id,
unsigned char** data);
WOLFSSL_API
WOLFSSL_OCSP_CERTID* wolfSSL_d2i_OCSP_CERTID(WOLFSSL_OCSP_CERTID** cidOut,
const unsigned char** derIn,
int length);
WOLFSSL_API const WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_SINGLERESP_get0_id(
const WOLFSSL_OCSP_SINGLERESP *single);
WOLFSSL_API int wolfSSL_OCSP_id_cmp(WOLFSSL_OCSP_CERTID *a, WOLFSSL_OCSP_CERTID *b);
WOLFSSL_API int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single,
int *reason,
@ -118,7 +125,8 @@ WOLFSSL_API int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single,
WOLFSSL_ASN1_TIME **thisupd,
WOLFSSL_ASN1_TIME **nextupd);
WOLFSSL_API int wolfSSL_OCSP_resp_count(WOLFSSL_OCSP_BASICRESP *bs);
WOLFSSL_API WOLFSSL_OCSP_SINGLERESP* wolfSSL_OCSP_resp_get0(WOLFSSL_OCSP_BASICRESP *bs, int idx);
WOLFSSL_API WOLFSSL_OCSP_SINGLERESP* wolfSSL_OCSP_resp_get0(
WOLFSSL_OCSP_BASICRESP *bs, int idx);
#endif
#ifdef OPENSSL_EXTRA
@ -128,9 +136,9 @@ WOLFSSL_API OcspResponse* wolfSSL_OCSP_response_create(int status,
WOLFSSL_OCSP_BASICRESP* bs);
WOLFSSL_API const char* wolfSSL_OCSP_crl_reason_str(long s);
WOLFSSL_API int wolfSSL_OCSP_id_get0_info(WOLFSSL_ASN1_STRING**,
WOLFSSL_ASN1_OBJECT**, WOLFSSL_ASN1_STRING**,
WOLFSSL_ASN1_INTEGER**, WOLFSSL_OCSP_CERTID*);
WOLFSSL_API int wolfSSL_OCSP_id_get0_info(WOLFSSL_ASN1_STRING **name,
WOLFSSL_ASN1_OBJECT **pmd, WOLFSSL_ASN1_STRING **keyHash,
WOLFSSL_ASN1_INTEGER **serial, WOLFSSL_OCSP_CERTID *cid);
WOLFSSL_API int wolfSSL_OCSP_request_add1_nonce(OcspRequest* req,
unsigned char* val, int sz);

View File

@ -1,6 +1,6 @@
/* aes.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -46,25 +46,24 @@ typedef struct WOLFSSL_AES_KEY {
} WOLFSSL_AES_KEY;
typedef WOLFSSL_AES_KEY AES_KEY;
WOLFSSL_API int wolfSSL_AES_set_encrypt_key
(const unsigned char *, const int bits, AES_KEY *);
WOLFSSL_API int wolfSSL_AES_set_decrypt_key
(const unsigned char *, const int bits, AES_KEY *);
WOLFSSL_API void wolfSSL_AES_cbc_encrypt
(const unsigned char *in, unsigned char* out, size_t len,
AES_KEY *key, unsigned char* iv, const int enc);
WOLFSSL_API void wolfSSL_AES_ecb_encrypt
(const unsigned char *in, unsigned char* out,
AES_KEY *key, const int enc);
WOLFSSL_API void wolfSSL_AES_cfb128_encrypt
(const unsigned char *in, unsigned char* out, size_t len,
AES_KEY *key, unsigned char* iv, int* num, const int enc);
WOLFSSL_API int wolfSSL_AES_wrap_key(AES_KEY *key, const unsigned char *iv,
unsigned char *out,
const unsigned char *in, unsigned int inlen);
WOLFSSL_API int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
unsigned char *out,
const unsigned char *in, unsigned int inlen);
WOLFSSL_API int wolfSSL_AES_set_encrypt_key(
const unsigned char *key, const int bits, AES_KEY *aes);
WOLFSSL_API int wolfSSL_AES_set_decrypt_key(
const unsigned char *key, const int bits, AES_KEY *aes);
WOLFSSL_API void wolfSSL_AES_cbc_encrypt(
const unsigned char *in, unsigned char* out, size_t len, AES_KEY *key,
unsigned char* iv, const int enc);
WOLFSSL_API void wolfSSL_AES_ecb_encrypt(
const unsigned char *in, unsigned char* out, AES_KEY *key, const int enc);
WOLFSSL_API void wolfSSL_AES_cfb128_encrypt(
const unsigned char *in, unsigned char* out, size_t len, AES_KEY *key,
unsigned char* iv, int* num, const int enc);
WOLFSSL_API int wolfSSL_AES_wrap_key(
AES_KEY *key, const unsigned char *iv, unsigned char *out,
const unsigned char *in, unsigned int inlen);
WOLFSSL_API int wolfSSL_AES_unwrap_key(
AES_KEY *key, const unsigned char *iv, unsigned char *out,
const unsigned char *in, unsigned int inlen);
#define AES_cbc_encrypt wolfSSL_AES_cbc_encrypt
#define AES_ecb_encrypt wolfSSL_AES_ecb_encrypt
@ -75,14 +74,14 @@ WOLFSSL_API int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
#define AES_unwrap_key wolfSSL_AES_unwrap_key
#ifdef WOLFSSL_AES_DIRECT
WOLFSSL_API void wolfSSL_AES_encrypt
(const unsigned char* input, unsigned char* output, AES_KEY *);
WOLFSSL_API void wolfSSL_AES_decrypt
(const unsigned char* input, unsigned char* output, AES_KEY *);
WOLFSSL_API void wolfSSL_AES_encrypt(
const unsigned char* input, unsigned char* output, AES_KEY *key);
WOLFSSL_API void wolfSSL_AES_decrypt(
const unsigned char* input, unsigned char* output, AES_KEY *key);
#define AES_encrypt wolfSSL_AES_encrypt
#define AES_decrypt wolfSSL_AES_decrypt
#endif /* HAVE_AES_DIRECT */
#endif /* WOLFSSL_AES_DIRECT */
#ifndef AES_ENCRYPT
#define AES_ENCRYPT AES_ENCRYPTION

View File

@ -1,6 +1,6 @@
/* asn1.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -26,15 +26,16 @@
#include <libs/libwolfssl/openssl/ssl.h>
#define ASN1_STRING_new wolfSSL_ASN1_STRING_new
#define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new
#define ASN1_STRING_type wolfSSL_ASN1_STRING_type
#define ASN1_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
#define ASN1_STRING_new wolfSSL_ASN1_STRING_new
#define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new
#define ASN1_STRING_type wolfSSL_ASN1_STRING_type
#define ASN1_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_OCTET_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
#define ASN1_get_object wolfSSL_ASN1_get_object
#define d2i_ASN1_OBJECT wolfSSL_d2i_ASN1_OBJECT
#define c2i_ASN1_OBJECT wolfSSL_c2i_ASN1_OBJECT
#define ASN1_get_object wolfSSL_ASN1_get_object
#define d2i_ASN1_OBJECT wolfSSL_d2i_ASN1_OBJECT
#define c2i_ASN1_OBJECT wolfSSL_c2i_ASN1_OBJECT
#define V_ASN1_INTEGER 0x02
#define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */
@ -68,9 +69,11 @@
#define ASN1_UTCTIME_print wolfSSL_ASN1_UTCTIME_print
#define ASN1_TIME_check wolfSSL_ASN1_TIME_check
#define ASN1_TIME_diff wolfSSL_ASN1_TIME_diff
#define ASN1_TIME_compare wolfSSL_ASN1_TIME_compare
#define ASN1_TIME_set wolfSSL_ASN1_TIME_set
#define V_ASN1_EOC 0
#define V_ASN1_NULL 5
#define V_ASN1_OBJECT 6
#define V_ASN1_UTF8STRING 12
#define V_ASN1_SEQUENCE 16
@ -92,9 +95,20 @@
#define ASN1_STRING_FLAG_MSTRING 0x040
#define ASN1_STRING_FLAG_EMBED 0x080
/* X.509 PKI size limits from RFC2459 (appendix A) */
/* internally our limit is CTC_NAME_SIZE (64) - overriden with WC_CTC_NAME_SIZE */
#define ub_name CTC_NAME_SIZE /* 32768 */
#define ub_common_name CTC_NAME_SIZE /* 64 */
#define ub_locality_name CTC_NAME_SIZE /* 128 */
#define ub_state_name CTC_NAME_SIZE /* 128 */
#define ub_organization_name CTC_NAME_SIZE /* 64 */
#define ub_organization_unit_name CTC_NAME_SIZE /* 64 */
#define ub_title CTC_NAME_SIZE /* 64 */
#define ub_email_address CTC_NAME_SIZE /* 128 */
WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER(
const WOLFSSL_BIGNUM*, WOLFSSL_ASN1_INTEGER*);
const WOLFSSL_BIGNUM *bn, WOLFSSL_ASN1_INTEGER *ai);
WOLFSSL_API void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value);
@ -129,11 +143,10 @@ typedef enum {
} WOLFSSL_ASN1_TYPES;
#define ASN1_SEQUENCE(type) \
static type __##type##_dummy_struct;\
static const WOLFSSL_ASN1_TEMPLATE type##_member_data[]
#define ASN1_SIMPLE(type, member, member_type) \
{ (char*)&__##type##_dummy_struct.member - (char*)&__##type##_dummy_struct, \
{ OFFSETOF(type, member), \
WOLFSSL_##member_type##_ASN1 }
#define ASN1_SEQUENCE_END(type) \
@ -151,6 +164,7 @@ WOLFSSL_API int wolfSSL_ASN1_item_i2d(const void *src, byte **dest,
const WOLFSSL_ASN1_ITEM *tpl);
/* Need function declaration otherwise compiler complains */
/* // NOLINTBEGIN(readability-named-parameter) */
#define IMPLEMENT_ASN1_FUNCTIONS(type) \
type *type##_new(void); \
type *type##_new(void){ \
@ -165,6 +179,7 @@ WOLFSSL_API int wolfSSL_ASN1_item_i2d(const void *src, byte **dest,
{ \
return wolfSSL_ASN1_item_i2d(src, dest, &type##_template_data);\
}
/* // NOLINTEND(readability-named-parameter) */
#endif /* OPENSSL_ALL */

View File

@ -1,6 +1,6 @@
/* asn1t.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* bio.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -25,13 +25,12 @@
#ifndef WOLFSSL_BIO_H_
#define WOLFSSL_BIO_H_
#include <libs/libwolfssl/openssl/ssl.h>
#ifdef __cplusplus
extern "C" {
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define BIO_FLAGS_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL
#define BIO_FLAGS_READ WOLFSSL_BIO_FLAG_READ
@ -58,11 +57,13 @@
#define BIO_s_file wolfSSL_BIO_s_file
#define BIO_s_bio wolfSSL_BIO_s_bio
#define BIO_s_socket wolfSSL_BIO_s_socket
#define BIO_s_accept wolfSSL_BIO_s_socket
#define BIO_set_fd wolfSSL_BIO_set_fd
#define BIO_set_close wolfSSL_BIO_set_close
#define BIO_ctrl_reset_read_request wolfSSL_BIO_ctrl_reset_read_request
#define BIO_set_write_buf_size wolfSSL_BIO_set_write_buf_size
#define BIO_make_bio_pair wolfSSL_BIO_make_bio_pair
#define BIO_up_ref wolfSSL_BIO_up_ref
#define BIO_new_fd wolfSSL_BIO_new_fd
#define BIO_set_fp wolfSSL_BIO_set_fp
@ -109,6 +110,8 @@
#define BIO_get_shutdown wolfSSL_BIO_get_shutdown
#define BIO_set_shutdown wolfSSL_BIO_set_shutdown
#define BIO_get_fd wolfSSL_BIO_get_fd
#define BIO_clear_flags wolfSSL_BIO_clear_flags
#define BIO_set_ex_data wolfSSL_BIO_set_ex_data
#define BIO_get_ex_data wolfSSL_BIO_get_ex_data
@ -138,6 +141,8 @@
#define BIO_CTRL_RESET 1
#define BIO_CTRL_EOF 2
#define BIO_CTRL_INFO 3
#define BIO_CTRL_SET 4
#define BIO_CTRL_GET 5
#define BIO_CTRL_PUSH 6
#define BIO_CTRL_POP 7
#define BIO_CTRL_GET_CLOSE 8
@ -165,11 +170,11 @@
#define BIO_FP_WRITE 0x04
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_BIO_H_ */

View File

@ -1,6 +1,6 @@
/* bn.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -47,95 +47,140 @@ typedef struct WOLFSSL_BIGNUM {
#endif
} WOLFSSL_BIGNUM;
#define BN_ULONG WOLFSSL_BN_ULONG
#define WOLFSSL_BN_ULONG unsigned long
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define BN_ULONG WOLFSSL_BN_ULONG
#endif
typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
#ifndef WOLFSSL_MAX_BN_BITS
#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_MATH)
/* SP implementation supports numbers of SP_INT_BITS bits. */
#define WOLFSSL_MAX_BN_BITS SP_INT_BITS
#elif defined(USE_FAST_MATH)
/* FP implementation support numbers up to FP_MAX_BITS / 2 bits. */
#define WOLFSSL_MAX_BN_BITS (FP_MAX_BITS / 2)
#else
#ifdef WOLFSSL_MYSQL_COMPATIBLE
/* Integer maths is dynamic but we only go up to 8192 bits. */
#define WOLFSSL_MAX_BN_BITS 8192
#else
/* Integer maths is dynamic but we only go up to 4096 bits. */
#define WOLFSSL_MAX_BN_BITS 4096
#endif
#endif
#endif
typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
typedef struct WOLFSSL_BN_GENCB WOLFSSL_BN_GENCB;
WOLFSSL_API WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void);
WOLFSSL_API void wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX*);
WOLFSSL_API void wolfSSL_BN_CTX_free(WOLFSSL_BN_CTX*);
WOLFSSL_API void wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX* ctx);
WOLFSSL_API void wolfSSL_BN_CTX_free(WOLFSSL_BN_CTX* ctx);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_new(void);
#if defined(USE_FAST_MATH) && !defined(HAVE_WOLF_BIGINT)
WOLFSSL_API void wolfSSL_BN_init(WOLFSSL_BIGNUM *);
WOLFSSL_API void wolfSSL_BN_init(WOLFSSL_BIGNUM* bn);
#endif
WOLFSSL_API void wolfSSL_BN_free(WOLFSSL_BIGNUM*);
WOLFSSL_API void wolfSSL_BN_clear_free(WOLFSSL_BIGNUM*);
WOLFSSL_API void wolfSSL_BN_clear(WOLFSSL_BIGNUM*);
WOLFSSL_API void wolfSSL_BN_free(WOLFSSL_BIGNUM* bn);
WOLFSSL_API void wolfSSL_BN_clear_free(WOLFSSL_BIGNUM* bn);
WOLFSSL_API void wolfSSL_BN_clear(WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_sub(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*,
const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_mod(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*,
const WOLFSSL_BIGNUM*, const WOLFSSL_BN_CTX*);
WOLFSSL_API int wolfSSL_BN_sub(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* a,
const WOLFSSL_BIGNUM* b);
WOLFSSL_API int wolfSSL_BN_mul(WOLFSSL_BIGNUM *r, WOLFSSL_BIGNUM *a,
WOLFSSL_BIGNUM *b, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API int wolfSSL_BN_div(WOLFSSL_BIGNUM* dv, WOLFSSL_BIGNUM* rem,
const WOLFSSL_BIGNUM* a, const WOLFSSL_BIGNUM* d,
WOLFSSL_BN_CTX* ctx);
#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
WOLFSSL_API int wolfSSL_BN_gcd(WOLFSSL_BIGNUM* r, WOLFSSL_BIGNUM* a,
WOLFSSL_BIGNUM* b, WOLFSSL_BN_CTX* ctx);
#endif
WOLFSSL_API int wolfSSL_BN_mod(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* a,
const WOLFSSL_BIGNUM* b, const WOLFSSL_BN_CTX* c);
WOLFSSL_API int wolfSSL_BN_mod_exp(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API int wolfSSL_BN_mod_mul(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *b, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
const WOLFSSL_BIGNUM *p, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API const WOLFSSL_BIGNUM* wolfSSL_BN_value_one(void);
WOLFSSL_API int wolfSSL_BN_num_bytes(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_num_bits(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_num_bytes(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_num_bits(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_zero(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_one(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_negative(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
WOLFSSL_API void wolfSSL_BN_zero(WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_one(WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_zero(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_one(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_negative(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w);
WOLFSSL_API int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM* a, const WOLFSSL_BIGNUM* b);
WOLFSSL_API int wolfSSL_BN_bn2bin(const WOLFSSL_BIGNUM*, unsigned char*);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char*, int len,
WOLFSSL_BIGNUM* ret);
WOLFSSL_API int wolfSSL_BN_bn2bin(const WOLFSSL_BIGNUM* bn, unsigned char* r);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char* str, int len,
WOLFSSL_BIGNUM* ret);
WOLFSSL_API int wolfSSL_mask_bits(WOLFSSL_BIGNUM*, int n);
WOLFSSL_API int wolfSSL_mask_bits(WOLFSSL_BIGNUM* bn, int n);
WOLFSSL_API int wolfSSL_BN_pseudo_rand(WOLFSSL_BIGNUM*, int bits, int top,
int bottom);
WOLFSSL_API int wolfSSL_BN_rand(WOLFSSL_BIGNUM*, int bits, int top, int bottom);
WOLFSSL_API int wolfSSL_BN_is_bit_set(const WOLFSSL_BIGNUM*, int n);
WOLFSSL_API int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM**, const char* str);
WOLFSSL_API int wolfSSL_BN_pseudo_rand(WOLFSSL_BIGNUM* bn, int bits, int top,
int bottom);
WOLFSSL_API int wolfSSL_BN_rand_range(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *range);
WOLFSSL_API int wolfSSL_BN_rand(WOLFSSL_BIGNUM* bn, int bits, int top, int bottom);
WOLFSSL_API int wolfSSL_BN_is_bit_set(const WOLFSSL_BIGNUM* bn, int n);
WOLFSSL_API int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM** bn, const char* str);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_dup(const WOLFSSL_BIGNUM*);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM*,
const WOLFSSL_BIGNUM*);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_dup(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM* r,
const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM**, const char* str);
WOLFSSL_API char* wolfSSL_BN_bn2dec(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM** bn, const char* str);
WOLFSSL_API char* wolfSSL_BN_bn2dec(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_lshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM*, int);
WOLFSSL_API int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM*, int);
WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_lshift(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* bn,
int n);
WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w);
WOLFSSL_API int wolfSSL_BN_sub_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w);
WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM* bn, int n);
WOLFSSL_API int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM* bn, int n);
WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w);
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_get_word(const WOLFSSL_BIGNUM* bn);
WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*,
WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM* r, WOLFSSL_BIGNUM* a,
WOLFSSL_BIGNUM* b);
WOLFSSL_API int wolfSSL_BN_mod_add(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *b, const WOLFSSL_BIGNUM *m,
WOLFSSL_BN_CTX *ctx);
WOLFSSL_API char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM*, int,
WOLFSSL_BN_CTX*, WOLFSSL_BN_GENCB*);
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM*,
WOLFSSL_BN_ULONG);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_BN_print_fp(XFILE, const WOLFSSL_BIGNUM*);
WOLFSSL_API char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM* bn);
#if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || !defined(NO_DSA))
WOLFSSL_API int wolfSSL_BN_generate_prime_ex(
WOLFSSL_BIGNUM* prime, int bits, int safe, const WOLFSSL_BIGNUM* add,
const WOLFSSL_BIGNUM* rem, WOLFSSL_BN_GENCB* cb);
WOLFSSL_API int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM *bn, int nbchecks,
WOLFSSL_BN_CTX *ctx, WOLFSSL_BN_GENCB *cb);
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM *bn,
WOLFSSL_BN_ULONG w);
#endif
WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_BN_print_fp(XFILE fp, const WOLFSSL_BIGNUM *bn);
#endif
WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM *r, const WOLFSSL_BIGNUM *bn,
int n);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx);
WOLFSSL_API void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*,
const WOLFSSL_BIGNUM*, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(
WOLFSSL_BIGNUM *r,
WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *n,
WOLFSSL_BN_CTX *ctx);
typedef WOLFSSL_BIGNUM BIGNUM;
typedef WOLFSSL_BN_CTX BN_CTX;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_BIGNUM BIGNUM;
typedef WOLFSSL_BN_CTX BN_CTX;
typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_CTX_new wolfSSL_BN_CTX_new
@ -151,11 +196,13 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_num_bytes wolfSSL_BN_num_bytes
#define BN_num_bits wolfSSL_BN_num_bits
#define BN_is_zero wolfSSL_BN_is_zero
#define BN_is_one wolfSSL_BN_is_one
#define BN_is_odd wolfSSL_BN_is_odd
#define BN_zero wolfSSL_BN_zero
#define BN_one wolfSSL_BN_one
#define BN_is_zero wolfSSL_BN_is_zero
#define BN_is_one wolfSSL_BN_is_one
#define BN_is_odd wolfSSL_BN_is_odd
#define BN_is_negative wolfSSL_BN_is_negative
#define BN_is_word wolfSSL_BN_is_word
#define BN_is_word wolfSSL_BN_is_word
#define BN_cmp wolfSSL_BN_cmp
@ -166,12 +213,16 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_mod_exp wolfSSL_BN_mod_exp
#define BN_mod_mul wolfSSL_BN_mod_mul
#define BN_sub wolfSSL_BN_sub
#define BN_mul wolfSSL_BN_mul
#define BN_div wolfSSL_BN_div
#define BN_gcd wolfSSL_BN_gcd
#define BN_value_one wolfSSL_BN_value_one
#define BN_mask_bits wolfSSL_mask_bits
#define BN_pseudo_rand wolfSSL_BN_pseudo_rand
#define BN_rand wolfSSL_BN_rand
#define BN_rand_range wolfSSL_BN_rand_range
#define BN_is_bit_set wolfSSL_BN_is_bit_set
#define BN_hex2bn wolfSSL_BN_hex2bn
@ -187,16 +238,18 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_lshift wolfSSL_BN_lshift
#define BN_add_word wolfSSL_BN_add_word
#define BN_sub_word wolfSSL_BN_sub_word
#define BN_add wolfSSL_BN_add
#define BN_mod_add wolfSSL_BN_mod_add
#define BN_set_word wolfSSL_BN_set_word
#define BN_set_bit wolfSSL_BN_set_bit
#define BN_clear_bit wolfSSL_BN_clear_bit
#define BN_generate_prime_ex wolfSSL_BN_generate_prime_ex
#define BN_is_prime_ex wolfSSL_BN_is_prime_ex
#define BN_print_fp wolfSSL_BN_print_fp
#define BN_rshift wolfSSL_BN_rshift
#define BN_rshift1(r, a) wolfSSL_BN_rshift((r), (a), 1)
#define BN_mod_word wolfSSL_BN_mod_word
#define BN_CTX_get wolfSSL_BN_CTX_get
@ -217,6 +270,10 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_get_rfc3526_prime_8192 wolfSSL_DH_8192_prime
#endif
#define BN_prime_checks 0
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus
} /* extern "C" */

View File

@ -1,6 +1,6 @@
/* buffer.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -33,9 +33,10 @@
WOLFSSL_API WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void);
WOLFSSL_API int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len);
WOLFSSL_API int wolfSSL_BUF_MEM_grow_ex(WOLFSSL_BUF_MEM* buf, size_t len,
char zeroFill);
WOLFSSL_API int wolfSSL_BUF_MEM_resize(WOLFSSL_BUF_MEM* buf, size_t len);
WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf);
WOLFSSL_API size_t wolfSSL_strlcpy(char *dst, const char *src, size_t dstSize);
WOLFSSL_API size_t wolfSSL_strlcat(char *dst, const char *src, size_t dstSize);
#define BUF_MEM_new wolfSSL_BUF_MEM_new
@ -43,8 +44,8 @@ WOLFSSL_API size_t wolfSSL_strlcat(char *dst, const char *src, size_t dstSize);
#define BUF_MEM_free wolfSSL_BUF_MEM_free
#define BUF_strdup strdup
#define BUF_strlcpy wolfSSL_strlcpy
#define BUF_strlcat wolfSSL_strlcat
#define BUF_strlcpy wc_strlcpy
#define BUF_strlcat wc_strlcat
#ifdef __cplusplus
} /* extern "C" */

View File

@ -0,0 +1,27 @@
/* camellia.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_CAMELLIA_H_
#define WOLFSSL_CAMELLIA_H_
#include <libs/libwolfssl/wolfcrypt/camellia.h>
#endif /* WOLFSSL_CAMELLIA_H_ */

View File

@ -0,0 +1,61 @@
/* cmac.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_CMAC_H_
#define WOLFSSL_CMAC_H_
#include <libs/libwolfssl/wolfcrypt/cmac.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct WOLFSSL_CMAC_CTX {
void* internal; /* internal Cmac object */
WOLFSSL_EVP_CIPHER_CTX* cctx;
} WOLFSSL_CMAC_CTX;
typedef WOLFSSL_CMAC_CTX CMAC_CTX;
WOLFSSL_API WOLFSSL_CMAC_CTX* wolfSSL_CMAC_CTX_new(void);
WOLFSSL_API void wolfSSL_CMAC_CTX_free(WOLFSSL_CMAC_CTX *ctx);
WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX* wolfSSL_CMAC_CTX_get0_cipher_ctx(
WOLFSSL_CMAC_CTX* ctx);
WOLFSSL_API int wolfSSL_CMAC_Init(
WOLFSSL_CMAC_CTX* ctx, const void *key, size_t keyLen,
const WOLFSSL_EVP_CIPHER* cipher, WOLFSSL_ENGINE* engine);
WOLFSSL_API int wolfSSL_CMAC_Update(
WOLFSSL_CMAC_CTX* ctx, const void* data, size_t len);
WOLFSSL_API int wolfSSL_CMAC_Final(
WOLFSSL_CMAC_CTX* ctx, unsigned char* out, size_t* len);
#define CMAC_CTX_new wolfSSL_CMAC_CTX_new
#define CMAC_CTX_free wolfSSL_CMAC_CTX_free
#define CMAC_CTX_get0_cipher_ctx wolfSSL_CMAC_CTX_get0_cipher_ctx
#define CMAC_Init wolfSSL_CMAC_Init
#define CMAC_Update wolfSSL_CMAC_Update
#define CMAC_Final wolfSSL_CMAC_Final
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_CMAC_H_ */

View File

@ -0,0 +1,66 @@
/* compat_types.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*
* Move types that cause cyclical dependency errors here.
*/
#ifndef WOLFSSL_OPENSSL_COMPAT_TYPES_H_
#define WOLFSSL_OPENSSL_COMPAT_TYPES_H_
#include <libs/libwolfssl/wolfcrypt/settings.h>
#include <libs/libwolfssl/wolfcrypt/types.h>
#include <libs/libwolfssl/wolfcrypt/hmac.h>
#ifndef NO_HMAC
typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac;
int type;
word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
} WOLFSSL_HMAC_CTX;
#endif
typedef char WOLFSSL_EVP_MD;
typedef char WOLFSSL_EVP_CIPHER;
typedef int WOLFSSL_ENGINE;
typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY;
typedef struct WOLFSSL_EVP_MD_CTX WOLFSSL_EVP_MD_CTX;
typedef struct WOLFSSL_EVP_PKEY WOLFSSL_PKCS8_PRIV_KEY_INFO;
typedef struct WOLFSSL_EVP_PKEY_CTX WOLFSSL_EVP_PKEY_CTX;
typedef struct WOLFSSL_EVP_CIPHER_CTX WOLFSSL_EVP_CIPHER_CTX;
typedef struct WOLFSSL_ASN1_PCTX WOLFSSL_ASN1_PCTX;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_EVP_MD EVP_MD;
typedef WOLFSSL_EVP_MD_CTX EVP_MD_CTX;
typedef WOLFSSL_EVP_CIPHER EVP_CIPHER;
typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
typedef WOLFSSL_ENGINE ENGINE;
typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX;
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFSSL_OPENSSL_COMPAT_TYPES_H_ */

View File

@ -1,6 +1,6 @@
/* conf.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* crypto.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -47,12 +47,19 @@ typedef void (CRYPTO_free_func)(void* parent, void* ptr, CRYPTO_EX_DATA* ad, int
#include "prefix_crypto.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_API const char* wolfSSLeay_version(int type);
WOLFSSL_API unsigned long wolfSSLeay(void);
WOLFSSL_API unsigned long wolfSSL_OpenSSL_version_num(void);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_API void wolfSSL_OPENSSL_free(void* p);
#endif
#ifdef OPENSSL_EXTRA
WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
WOLFSSL_API int wolfSSL_OPENSSL_hexchar2int(unsigned char c);
WOLFSSL_API unsigned char *wolfSSL_OPENSSL_hexstr2buf(const char *str, long *len);
@ -60,6 +67,25 @@ WOLFSSL_API unsigned char *wolfSSL_OPENSSL_hexstr2buf(const char *str, long *len
WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETTINGS *settings);
#endif
/* class index for wolfSSL_CRYPTO_get_ex_new_index */
#define CRYPTO_EX_INDEX_SSL WOLF_CRYPTO_EX_INDEX_SSL
#define CRYPTO_EX_INDEX_SSL_CTX WOLF_CRYPTO_EX_INDEX_SSL_CTX
#define CRYPTO_EX_INDEX_SSL_SESSION WOLF_CRYPTO_EX_INDEX_SSL_SESSION
#define CRYPTO_EX_INDEX_X509 WOLF_CRYPTO_EX_INDEX_X509
#define CRYPTO_EX_INDEX_X509_STORE WOLF_CRYPTO_EX_INDEX_X509_STORE
#define CRYPTO_EX_INDEX_X509_STORE_CTX WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX
#define CRYPTO_EX_INDEX_DH WOLF_CRYPTO_EX_INDEX_DH
#define CRYPTO_EX_INDEX_DSA WOLF_CRYPTO_EX_INDEX_DSA
#define CRYPTO_EX_INDEX_EC_KEY WOLF_CRYPTO_EX_INDEX_EC_KEY
#define CRYPTO_EX_INDEX_RSA WOLF_CRYPTO_EX_INDEX_RSA
#define CRYPTO_EX_INDEX_ENGINE WOLF_CRYPTO_EX_INDEX_ENGINE
#define CRYPTO_EX_INDEX_UI WOLF_CRYPTO_EX_INDEX_UI
#define CRYPTO_EX_INDEX_BIO WOLF_CRYPTO_EX_INDEX_BIO
#define CRYPTO_EX_INDEX_APP WOLF_CRYPTO_EX_INDEX_APP
#define CRYPTO_EX_INDEX_UI_METHOD WOLF_CRYPTO_EX_INDEX_UI_METHOD
#define CRYPTO_EX_INDEX_DRBG WOLF_CRYPTO_EX_INDEX_DRBG
#define CRYPTO_EX_INDEX__COUNT WOLF_CRYPTO_EX_INDEX__COUNT
#define crypto_threadid_st WOLFSSL_CRYPTO_THREADID
#define CRYPTO_THREADID WOLFSSL_CRYPTO_THREADID
@ -126,4 +152,8 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETT
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_EX_DATA */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */

View File

@ -1,6 +1,6 @@
/* des.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -62,8 +62,8 @@ WOLFSSL_API int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
WOLFSSL_DES_key_schedule* key);
WOLFSSL_API int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
WOLFSSL_DES_key_schedule* key);
WOLFSSL_API void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock*,
WOLFSSL_DES_key_schedule*);
WOLFSSL_API void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes,
WOLFSSL_DES_key_schedule* key);
WOLFSSL_API int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key,
WOLFSSL_DES_key_schedule* schedule);
WOLFSSL_API void wolfSSL_DES_cbc_encrypt(const unsigned char* input,
@ -81,10 +81,10 @@ WOLFSSL_API void wolfSSL_DES_ncbc_encrypt(const unsigned char* input,
WOLFSSL_DES_key_schedule* schedule,
WOLFSSL_DES_cblock* ivec, int enc);
WOLFSSL_API void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock*);
WOLFSSL_API void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock*, WOLFSSL_DES_cblock*,
WOLFSSL_DES_key_schedule*, int);
WOLFSSL_API int wolfSSL_DES_check_key_parity(WOLFSSL_DES_cblock*);
WOLFSSL_API void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes);
WOLFSSL_API void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* desa,
WOLFSSL_DES_cblock* desb, WOLFSSL_DES_key_schedule* key, int enc);
WOLFSSL_API int wolfSSL_DES_check_key_parity(WOLFSSL_DES_cblock *myDes);
typedef WOLFSSL_DES_cblock DES_cblock;

View File

@ -1,6 +1,6 @@
/* dh.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -33,45 +33,56 @@
#endif
#ifndef WOLFSSL_DH_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_DH WOLFSSL_DH;
#define WOLFSSL_DH_TYPE_DEFINED
typedef struct WOLFSSL_DH WOLFSSL_DH;
#define WOLFSSL_DH_TYPE_DEFINED
#endif
typedef WOLFSSL_DH DH;
struct WOLFSSL_DH {
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* g;
WOLFSSL_BIGNUM* q;
WOLFSSL_BIGNUM* pub_key; /* openssh deference g^x */
WOLFSSL_BIGNUM* priv_key; /* openssh deference x */
WOLFSSL_BIGNUM* pub_key; /* openssh deference g^x */
WOLFSSL_BIGNUM* priv_key; /* openssh deference x */
void* internal; /* our DH */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
/*added for lighttpd openssl compatibility, go back and add a getter in
* lighttpd src code.
*/
int length;
int length;
wolfSSL_Ref ref; /* Reference count information. */
};
WOLFSSL_API WOLFSSL_DH *wolfSSL_d2i_DHparams(WOLFSSL_DH **dh,
const unsigned char **pp, long length);
WOLFSSL_API int wolfSSL_i2d_DHparams(const WOLFSSL_DH *dh, unsigned char **out);
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new(void);
WOLFSSL_API void wolfSSL_DH_free(WOLFSSL_DH*);
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new_by_nid(int nid);
WOLFSSL_API void wolfSSL_DH_free(WOLFSSL_DH* dh);
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_dup(WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_up_ref(WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_check(const WOLFSSL_DH *dh, int *codes);
WOLFSSL_API int wolfSSL_DH_size(WOLFSSL_DH*);
WOLFSSL_API int wolfSSL_DH_generate_key(WOLFSSL_DH*);
WOLFSSL_API int wolfSSL_DH_size(WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_generate_key(WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* pub,
WOLFSSL_DH*);
WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH*, const unsigned char*, int sz);
WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*,
WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*);
WOLFSSL_DH* dh);
WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH* dh, const unsigned char* derBuf,
int derSz);
WOLFSSL_API int wolfSSL_DH_set_length(WOLFSSL_DH* dh, long len);
WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH *dh, WOLFSSL_BIGNUM *p,
WOLFSSL_BIGNUM *q, WOLFSSL_BIGNUM *g);
#define DH_new wolfSSL_DH_new
#define DH_free wolfSSL_DH_free
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_get_2048_256(void);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_DH DH;
#define DH_new wolfSSL_DH_new
#define DH_free wolfSSL_DH_free
#define DH_up_ref wolfSSL_DH_up_ref
#define DH_new_by_nid wolfSSL_DH_new_by_nid
#define d2i_DHparams wolfSSL_d2i_DHparams
#define i2d_DHparams wolfSSL_i2d_DHparams
@ -80,11 +91,12 @@ WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*,
#define DH_size wolfSSL_DH_size
#define DH_generate_key wolfSSL_DH_generate_key
#define DH_compute_key wolfSSL_DH_compute_key
#define DH_set_length wolfSSL_DH_set_length
#define DH_set0_pqg wolfSSL_DH_set0_pqg
#define DH_get0_pqg wolfSSL_DH_get0_pqg
#define DH_get0_key wolfSSL_DH_get0_key
#define DH_set0_key wolfSSL_DH_set0_key
#define DH_bits(x) (BN_num_bits(x->p))
#define DH_bits(x) (BN_num_bits((x)->p))
#define DH_GENERATOR_2 2
#define DH_CHECK_P_NOT_PRIME 0x01
@ -106,13 +118,20 @@ WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*,
#define get_rfc3526_prime_6144 wolfSSL_DH_6144_prime
#define get_rfc3526_prime_8192 wolfSSL_DH_8192_prime
#ifdef __cplusplus
} /* extern "C" */
#endif
#define DH_get_2048_256 wolfSSL_DH_get_2048_256
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL)
#define DH_generate_parameters wolfSSL_DH_generate_parameters
#define DH_generate_parameters_ex wolfSSL_DH_generate_parameters_ex
#endif /* OPENSSL_ALL || HAVE_STUNNEL */
#define DH_GENERATOR_2 2
#define DH_GENERATOR_5 5
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_DH_H_ */

View File

@ -1,6 +1,6 @@
/* dsa.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -41,8 +41,6 @@ typedef struct WOLFSSL_DSA WOLFSSL_DSA;
#define WOLFSSL_DSA_TYPE_DEFINED
#endif
typedef WOLFSSL_DSA DSA;
struct WOLFSSL_DSA {
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* q;
@ -56,15 +54,18 @@ struct WOLFSSL_DSA {
WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_new(void);
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA*);
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA* dsa);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_DSA_print_fp(XFILE fp, WOLFSSL_DSA* dsa, int indent);
#endif /* !NO_FILESYSTEM && NO_STDIO_FILESYSTEM */
WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA*);
WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA* dsa);
typedef void (*WOLFSSL_BN_CB)(int i, int j, void* exArg);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_generate_parameters(int bits,
unsigned char* seed, int seedLen, int* counterRet,
unsigned long* hRet, WOLFSSL_BN_CB cb, void* CBArg);
WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits,
WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA* dsa, int bits,
unsigned char* seed, int seedLen, int* counterRet,
unsigned long* hRet, void* cb);
@ -79,17 +80,17 @@ WOLFSSL_API int wolfSSL_DSA_set0_key(WOLFSSL_DSA *d, WOLFSSL_BIGNUM *pub_key,
WOLFSSL_BIGNUM *priv_key);
WOLFSSL_API int wolfSSL_DSA_LoadDer(WOLFSSL_DSA*, const unsigned char*, int sz);
WOLFSSL_API int wolfSSL_DSA_LoadDer(
WOLFSSL_DSA* dsa, const unsigned char* derBuf, int derSz);
WOLFSSL_API int wolfSSL_DSA_LoadDer_ex(WOLFSSL_DSA*, const unsigned char*,
int sz, int opt);
WOLFSSL_API int wolfSSL_DSA_LoadDer_ex(
WOLFSSL_DSA* dsa, const unsigned char* derBuf, int derSz, int opt);
WOLFSSL_API int wolfSSL_DSA_do_sign(const unsigned char* d,
unsigned char* sigRet, WOLFSSL_DSA* dsa);
WOLFSSL_API int wolfSSL_DSA_do_sign(
const unsigned char* d, unsigned char* sigRet, WOLFSSL_DSA* dsa);
WOLFSSL_API int wolfSSL_DSA_do_verify(const unsigned char* d,
unsigned char* sig,
WOLFSSL_DSA* dsa, int *dsacheck);
WOLFSSL_API int wolfSSL_DSA_do_verify(
const unsigned char* d, unsigned char* sig, WOLFSSL_DSA* dsa, int *dsacheck);
WOLFSSL_API int wolfSSL_DSA_bits(const WOLFSSL_DSA *d);
@ -109,11 +110,21 @@ WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_do_sign_ex(const unsigned char* digest,
WOLFSSL_API int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest_len,
WOLFSSL_DSA_SIG* sig, WOLFSSL_DSA* dsa);
WOLFSSL_API int wolfSSL_i2d_DSAparams(
const WOLFSSL_DSA* dsa, unsigned char** out);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_d2i_DSAparams(
WOLFSSL_DSA** dsa, const unsigned char** der, long derLen);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_DSA DSA;
#define WOLFSSL_DSA_LOAD_PRIVATE 1
#define WOLFSSL_DSA_LOAD_PUBLIC 2
#define DSA_new wolfSSL_DSA_new
#define DSA_free wolfSSL_DSA_free
#define DSA_print_fp wolfSSL_DSA_print_fp
#define DSA_LoadDer wolfSSL_DSA_LoadDer
#define DSA_generate_key wolfSSL_DSA_generate_key
@ -132,10 +143,13 @@ WOLFSSL_API int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest
#define d2i_DSA_SIG wolfSSL_d2i_DSA_SIG
#define DSA_do_sign wolfSSL_DSA_do_sign_ex
#define DSA_do_verify wolfSSL_DSA_do_verify_ex
#define i2d_DSAparams wolfSSL_i2d_DSAparams
#define d2i_DSAparams wolfSSL_d2i_DSAparams
#define DSA_SIG WOLFSSL_DSA_SIG
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus
} /* extern "C" */
#endif

View File

@ -1,6 +1,6 @@
/* ec.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -32,6 +32,7 @@
extern "C" {
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* Map OpenSSL NID value */
enum {
POINT_CONVERSION_COMPRESSED = 2,
@ -45,7 +46,7 @@ enum {
NID_X9_62_prime192v3 = 411,
NID_X9_62_prime239v1 = 412,
NID_X9_62_prime239v2 = 413,
NID_X9_62_prime239v3 = 414,
NID_X9_62_prime239v3 = 418, /* Previous value conflicted with AES128CBCb */
NID_X9_62_prime256v1 = 415,
NID_secp112r1 = 704,
NID_secp112r2 = 705,
@ -76,24 +77,21 @@ enum {
NID_ED25519 = ED25519k,
#endif
OPENSSL_EC_NAMED_CURVE = 0x001
OPENSSL_EC_EXPLICIT_CURVE = 0x000,
OPENSSL_EC_NAMED_CURVE = 0x001,
};
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifndef WOLFSSL_EC_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY;
typedef struct WOLFSSL_EC_POINT WOLFSSL_EC_POINT;
typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_GROUP;
typedef struct WOLFSSL_EC_BUILTIN_CURVE WOLFSSL_EC_BUILTIN_CURVE;
/* WOLFSSL_EC_METHOD is just an alias of WOLFSSL_EC_GROUP for now */
typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_METHOD;
#define WOLFSSL_EC_TYPE_DEFINED
#endif
typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY;
typedef struct WOLFSSL_EC_POINT WOLFSSL_EC_POINT;
typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_GROUP;
typedef struct WOLFSSL_EC_BUILTIN_CURVE WOLFSSL_EC_BUILTIN_CURVE;
/* WOLFSSL_EC_METHOD is just an alias of WOLFSSL_EC_GROUP for now */
typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_METHOD;
typedef WOLFSSL_EC_KEY EC_KEY;
typedef WOLFSSL_EC_GROUP EC_GROUP;
typedef WOLFSSL_EC_GROUP EC_METHOD;
typedef WOLFSSL_EC_POINT EC_POINT;
typedef WOLFSSL_EC_BUILTIN_CURVE EC_builtin_curve;
#define WOLFSSL_EC_TYPE_DEFINED
#endif
struct WOLFSSL_EC_POINT {
WOLFSSL_BIGNUM *X;
@ -117,6 +115,7 @@ struct WOLFSSL_EC_KEY {
WOLFSSL_BIGNUM *priv_key;
void* internal; /* our ECC Key */
void* heap;
char form; /* Either POINT_CONVERSION_UNCOMPRESSED or
* POINT_CONVERSION_COMPRESSED */
word16 pkcs8HeaderSz;
@ -124,6 +123,11 @@ struct WOLFSSL_EC_KEY {
/* option bits */
byte inSet:1; /* internal set from external ? */
byte exSet:1; /* external set from internal ? */
#ifndef SINGLE_THREADED
wolfSSL_Mutex refMutex; /* ref count mutex */
#endif
int refCount; /* reference count */
};
struct WOLFSSL_EC_BUILTIN_CURVE {
@ -134,11 +138,15 @@ struct WOLFSSL_EC_BUILTIN_CURVE {
#define WOLFSSL_EC_KEY_LOAD_PRIVATE 1
#define WOLFSSL_EC_KEY_LOAD_PUBLIC 2
typedef int point_conversion_form_t;
WOLFSSL_API
size_t wolfSSL_EC_get_builtin_curves(WOLFSSL_EC_BUILTIN_CURVE *r,size_t nitems);
WOLFSSL_API
WOLFSSL_EC_KEY *wolfSSL_EC_KEY_dup(const WOLFSSL_EC_KEY *src);
WOLFSSL_API
int wolfSSL_EC_KEY_up_ref(WOLFSSL_EC_KEY* key);
WOLFSSL_API
int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *curve,
@ -169,6 +177,8 @@ int wolfSSL_i2d_ECPrivateKey(const WOLFSSL_EC_KEY *in, unsigned char **out);
WOLFSSL_API
void wolfSSL_EC_KEY_set_conv_form(WOLFSSL_EC_KEY *eckey, char form);
WOLFSSL_API
point_conversion_form_t wolfSSL_EC_KEY_get_conv_form(const WOLFSSL_EC_KEY* key);
WOLFSSL_API
WOLFSSL_BIGNUM *wolfSSL_EC_POINT_point2bn(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *p,
char form,
@ -200,6 +210,8 @@ WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_by_curve_name(int nid);
WOLFSSL_API const char* wolfSSL_EC_curve_nid2nist(int nid);
WOLFSSL_API int wolfSSL_EC_curve_nist2nid(const char* name);
WOLFSSL_API
WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_ex(void* heap, int devId);
WOLFSSL_API
WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void);
WOLFSSL_API
int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group);
@ -211,10 +223,18 @@ WOLFSSL_API
int wolfSSL_EC_KEY_set_public_key(WOLFSSL_EC_KEY *key,
const WOLFSSL_EC_POINT *pub);
WOLFSSL_API int wolfSSL_EC_KEY_check_key(const WOLFSSL_EC_KEY *key);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API int wolfSSL_EC_KEY_print_fp(XFILE fp, WOLFSSL_EC_KEY* key,
int indent);
#endif /* !NO_FILESYSTEM && !NO_STDIO_FILESYSTEM */
WOLFSSL_API int wolfSSL_ECDSA_size(const WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_ECDSA_sign(int type, const unsigned char *digest,
int digestSz, unsigned char *sig,
unsigned int *sigSz, WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_ECDSA_verify(int type, const unsigned char *digest,
int digestSz, const unsigned char *sig,
int sigSz, WOLFSSL_EC_KEY *key);
WOLFSSL_API
void wolfSSL_EC_GROUP_set_asn1_flag(WOLFSSL_EC_GROUP *group, int flag);
WOLFSSL_API
@ -287,12 +307,21 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
WOLFSSL_BN_CTX* ctx);
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_EC_KEY EC_KEY;
typedef WOLFSSL_EC_GROUP EC_GROUP;
typedef WOLFSSL_EC_GROUP EC_METHOD;
typedef WOLFSSL_EC_POINT EC_POINT;
typedef WOLFSSL_EC_BUILTIN_CURVE EC_builtin_curve;
#ifndef HAVE_ECC
#define OPENSSL_NO_EC
#endif
#define EC_KEY_new wolfSSL_EC_KEY_new
#define EC_KEY_free wolfSSL_EC_KEY_free
#define EC_KEY_up_ref wolfSSL_EC_KEY_up_ref
#define EC_KEY_dup wolfSSL_EC_KEY_dup
#define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key
#define EC_KEY_get0_group wolfSSL_EC_KEY_get0_group
@ -304,9 +333,11 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag
#define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key
#define EC_KEY_check_key wolfSSL_EC_KEY_check_key
#define EC_KEY_print_fp wolfSSL_EC_KEY_print_fp
#define ECDSA_size wolfSSL_ECDSA_size
#define ECDSA_sign wolfSSL_ECDSA_sign
#define ECDSA_verify wolfSSL_ECDSA_verify
#define EC_GROUP_free wolfSSL_EC_GROUP_free
#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
@ -328,8 +359,12 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define EC_POINT_free wolfSSL_EC_POINT_free
#define EC_POINT_get_affine_coordinates_GFp \
wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_get_affine_coordinates \
wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_set_affine_coordinates_GFp \
wolfSSL_EC_POINT_set_affine_coordinates_GFp
#define EC_POINT_set_affine_coordinates \
wolfSSL_EC_POINT_set_affine_coordinates_GFp
#define EC_POINT_add wolfSSL_EC_POINT_add
#define EC_POINT_mul wolfSSL_EC_POINT_mul
#define EC_POINT_invert wolfSSL_EC_POINT_invert
@ -352,6 +387,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define d2i_ECPrivateKey wolfSSL_d2i_ECPrivateKey
#define i2d_ECPrivateKey wolfSSL_i2d_ECPrivateKey
#define EC_KEY_set_conv_form wolfSSL_EC_KEY_set_conv_form
#define EC_KEY_get_conv_form wolfSSL_EC_KEY_get_conv_form
#ifndef HAVE_SELFTEST
#define EC_POINT_point2hex wolfSSL_EC_POINT_point2hex
@ -363,6 +399,8 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
#define EC_curve_nid2nist wolfSSL_EC_curve_nid2nist
#define EC_curve_nist2nid wolfSSL_EC_curve_nist2nid
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus
} /* extern "C" */
#endif

View File

@ -1,6 +1,6 @@
/* ec25519.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* ec448.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* ecdh.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* ecdsa.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -46,6 +46,10 @@ struct WOLFSSL_ECDSA_SIG {
WOLFSSL_API void wolfSSL_ECDSA_SIG_free(WOLFSSL_ECDSA_SIG *sig);
WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_SIG_new(void);
WOLFSSL_API void wolfSSL_ECDSA_SIG_get0(const WOLFSSL_ECDSA_SIG* sig,
const WOLFSSL_BIGNUM** r, const WOLFSSL_BIGNUM** s);
WOLFSSL_API int wolfSSL_ECDSA_SIG_set0(WOLFSSL_ECDSA_SIG* sig, WOLFSSL_BIGNUM* r,
WOLFSSL_BIGNUM* s);
WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *dgst,
int dgst_len,
WOLFSSL_EC_KEY *eckey);
@ -62,6 +66,8 @@ WOLFSSL_API int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig,
#define ECDSA_SIG_free wolfSSL_ECDSA_SIG_free
#define ECDSA_SIG_new wolfSSL_ECDSA_SIG_new
#define ECDSA_SIG_get0 wolfSSL_ECDSA_SIG_get0
#define ECDSA_SIG_set0 wolfSSL_ECDSA_SIG_set0
#define ECDSA_do_sign wolfSSL_ECDSA_do_sign
#define ECDSA_do_verify wolfSSL_ECDSA_do_verify
#define d2i_ECDSA_SIG wolfSSL_d2i_ECDSA_SIG

View File

@ -1,6 +1,6 @@
/* ed25519.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* ed448.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* err.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -24,7 +24,9 @@
#include <libs/libwolfssl/wolfcrypt/logging.h>
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* err.h for openssl */
#define ERR_load_ERR_strings wolfSSL_ERR_load_ERR_strings
#define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings
#define ERR_load_CRYPTO_strings wolfSSL_ERR_load_crypto_strings
#define ERR_peek_last_error wolfSSL_ERR_peek_last_error
@ -35,9 +37,13 @@
#define ERR_R_DISABLED NOT_COMPILED_IN
#define ERR_R_PASSED_INVALID_ARGUMENT BAD_FUNC_ARG
#define RSA_R_UNKNOWN_PADDING_TYPE RSA_PAD_E
#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE WC_KEY_SIZE_E
#define EC_R_BUFFER_TOO_SMALL BUFFER_E
#define ERR_TXT_MALLOCED 1
/* SSL function codes */
#define RSA_F_RSA_PADDING_ADD_SSLV23 0
#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 1
#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 2
#define SSL_F_SSL_USE_PRIVATEKEY 3
@ -51,5 +57,7 @@
#define SSLerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__)
#define ECerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__)
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* WOLFSSL_OPENSSL_ERR_ */

View File

@ -1,6 +1,6 @@
/* evp.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -49,14 +49,13 @@
#include <libs/libwolfssl/openssl/dsa.h>
#include <libs/libwolfssl/openssl/ec.h>
#include <libs/libwolfssl/openssl/dh.h>
#include <libs/libwolfssl/openssl/compat_types.h>
#include <libs/libwolfssl/wolfcrypt/aes.h>
#include <libs/libwolfssl/wolfcrypt/des3.h>
#include <libs/libwolfssl/wolfcrypt/arc4.h>
#include <libs/libwolfssl/wolfcrypt/chacha20_poly1305.h>
#include <libs/libwolfssl/wolfcrypt/hmac.h>
#ifdef HAVE_IDEA
#include <libs/libwolfssl/wolfcrypt/idea.h>
#endif
#include <libs/libwolfssl/wolfcrypt/pwdbased.h>
#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE)
@ -68,31 +67,24 @@
#endif
typedef char WOLFSSL_EVP_CIPHER;
#ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */
typedef char WOLFSSL_EVP_MD;
typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY;
typedef struct WOLFSSL_EVP_MD_CTX WOLFSSL_EVP_MD_CTX;
#define WOLFSSL_EVP_TYPE_DEFINED
#endif
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
#ifndef NO_MD4
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void);
#endif
#ifndef NO_MD5
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void);
#endif
WOLFSSL_API void wolfSSL_EVP_set_pw_prompt(const char *);
WOLFSSL_API void wolfSSL_EVP_set_pw_prompt(const char *prompt);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_mdc2(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_shake128(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_shake256(void);
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_sha512_224(void);
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_sha512_256(void);
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_ripemd160(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_224(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_256(void);
@ -103,7 +95,7 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void);
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
#if !defined(NO_AES) && (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT))
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void);
#endif
@ -142,9 +134,16 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_idea_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc2_cbc(void);
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_chacha20_poly1305(void);
#endif
#ifdef HAVE_CHACHA
/* ChaCha IV + counter is set as one IV in EVP */
#define WOLFSSL_EVP_CHACHA_IV_BYTES (CHACHA_IV_BYTES + sizeof(word32))
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_chacha20(void);
#endif
typedef union {
@ -154,11 +153,15 @@ typedef union {
#ifndef NO_MD5
WOLFSSL_MD5_CTX md5;
#endif
WOLFSSL_SHA_CTX sha;
#ifndef NO_SHA
WOLFSSL_SHA_CTX sha;
#endif
#ifdef WOLFSSL_SHA224
WOLFSSL_SHA224_CTX sha224;
#endif
WOLFSSL_SHA256_CTX sha256;
#ifndef NO_SHA256
WOLFSSL_SHA256_CTX sha256;
#endif
#ifdef WOLFSSL_SHA384
WOLFSSL_SHA384_CTX sha384;
#endif
@ -180,8 +183,6 @@ typedef union {
#endif
} WOLFSSL_Hasher;
typedef struct WOLFSSL_EVP_PKEY_CTX WOLFSSL_EVP_PKEY_CTX;
typedef struct WOLFSSL_EVP_CIPHER_CTX WOLFSSL_EVP_CIPHER_CTX;
struct WOLFSSL_EVP_MD_CTX {
union {
@ -210,14 +211,146 @@ typedef union {
Des3 des3;
#endif
Arc4 arc4;
#ifdef HAVE_IDEA
Idea idea;
#endif
#ifdef WOLFSSL_QT
int (*ctrl) (WOLFSSL_EVP_CIPHER_CTX *, int type, int arg, void *ptr);
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
ChaChaPoly_Aead chachaPoly;
#endif
#ifdef HAVE_CHACHA
ChaCha chacha;
#endif
} WOLFSSL_Cipher;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define NID_aes_128_cbc 419
#define NID_aes_192_cbc 423
#define NID_aes_256_cbc 427
#define NID_aes_128_ccm 896
#define NID_aes_256_ccm 902
#define NID_aes_128_gcm 895
#define NID_aes_192_gcm 898
#define NID_aes_256_gcm 901
#define NID_aes_128_ctr 904
#define NID_aes_192_ctr 905
#define NID_aes_256_ctr 906
#define NID_aes_128_ecb 418
#define NID_aes_192_ecb 422
#define NID_aes_256_ecb 426
#define NID_des_cbc 31
#define NID_des_ecb 29
#define NID_des_ede3_cbc 44
#define NID_des_ede3_ecb 33
#define NID_aes_128_cfb1 650
#define NID_aes_192_cfb1 651
#define NID_aes_256_cfb1 652
#define NID_aes_128_cfb8 653
#define NID_aes_192_cfb8 654
#define NID_aes_256_cfb8 655
#define NID_aes_128_cfb128 421
#define NID_aes_192_cfb128 425
#define NID_aes_256_cfb128 429
#define NID_aes_128_ofb 420
#define NID_aes_192_ofb 424
#define NID_aes_256_ofb 428
#define NID_aes_128_xts 913
#define NID_aes_256_xts 914
#define NID_camellia_128_cbc 751
#define NID_camellia_256_cbc 753
#define NID_chacha20_poly1305 1018
#define NID_chacha20 1019
#define NID_md5WithRSA 104
#define NID_md2WithRSAEncryption 9
#define NID_md5WithRSAEncryption 99
#define NID_dsaWithSHA1 113
#define NID_dsaWithSHA1_2 70
#define NID_sha1WithRSA 115
#define NID_sha1WithRSAEncryption 65
#define NID_sha224WithRSAEncryption 671
#define NID_sha256WithRSAEncryption 668
#define NID_sha384WithRSAEncryption 669
#define NID_sha512WithRSAEncryption 670
#define NID_RSA_SHA3_224 1116
#define NID_RSA_SHA3_256 1117
#define NID_RSA_SHA3_384 1118
#define NID_RSA_SHA3_512 1119
#define NID_ecdsa_with_SHA1 416
#define NID_ecdsa_with_SHA224 793
#define NID_ecdsa_with_SHA256 794
#define NID_ecdsa_with_SHA384 795
#define NID_ecdsa_with_SHA512 796
#define NID_ecdsa_with_SHA3_224 1112
#define NID_ecdsa_with_SHA3_256 1113
#define NID_ecdsa_with_SHA3_384 1114
#define NID_ecdsa_with_SHA3_512 1115
#define NID_dsa_with_SHA224 802
#define NID_dsa_with_SHA256 803
#define NID_sha3_224 1096
#define NID_sha3_256 1097
#define NID_sha3_384 1098
#define NID_sha3_512 1099
#define NID_blake2b512 1056
#define NID_blake2s256 1057
#define NID_shake128 1100
#define NID_shake256 1101
#define NID_sha1 64
#define NID_sha224 675
#define NID_md2 77
#define NID_md4 257
#define NID_md5 40
#define NID_hmac 855
#define NID_hmacWithSHA1 163
#define NID_hmacWithSHA224 798
#define NID_hmacWithSHA256 799
#define NID_hmacWithSHA384 800
#define NID_hmacWithSHA512 801
#define NID_hkdf 1036
#define NID_cmac 894
#define NID_dhKeyAgreement 28
#define NID_ffdhe2048 1126
#define NID_ffdhe3072 1127
#define NID_ffdhe4096 1128
#define NID_rc4 5
#define NID_bf_cbc 91
#define NID_bf_ecb 92
#define NID_bf_cfb64 93
#define NID_bf_ofb64 94
#define NID_cast5_cbc 108
#define NID_cast5_ecb 109
#define NID_cast5_cfb64 110
#define NID_cast5_ofb64 111
/* key exchange */
#define NID_kx_rsa 1037
#define NID_kx_ecdhe 1038
#define NID_kx_dhe 1039
#define NID_kx_ecdhe_psk 1040
#define NID_kx_dhe_psk 1041
#define NID_kx_rsa_psk 1042
#define NID_kx_psk 1043
#define NID_kx_srp 1044
#define NID_kx_gost 1045
#define NID_kx_any 1063
/* server authentication */
#define NID_auth_rsa 1046
#define NID_auth_ecdsa 1047
#define NID_auth_psk 1048
#define NID_auth_dss 1049
#define NID_auth_srp 1052
#define NID_auth_null 1054
#define NID_auth_any 1055
#define NID_X9_62_id_ecPublicKey EVP_PKEY_EC
#define NID_rsaEncryption EVP_PKEY_RSA
#define NID_dsa EVP_PKEY_DSA
#define EVP_PKEY_OP_SIGN (1 << 3)
#define EVP_PKEY_OP_VERIFY (1 << 5)
#define EVP_PKEY_OP_ENCRYPT (1 << 6)
#define EVP_PKEY_OP_DECRYPT (1 << 7)
#define EVP_PKEY_OP_DERIVE (1 << 8)
#define EVP_PKEY_PRINT_INDENT_MAX 128
enum {
AES_128_CBC_TYPE = 1,
@ -238,21 +371,15 @@ enum {
EVP_PKEY_RSA = 16,
EVP_PKEY_DSA = 17,
EVP_PKEY_EC = 18,
#ifdef HAVE_IDEA
IDEA_CBC_TYPE = 19,
#endif
AES_128_GCM_TYPE = 21,
AES_192_GCM_TYPE = 22,
AES_256_GCM_TYPE = 23,
NID_sha1 = 64,
NID_sha224 = 65,
NID_md2 = 77,
NID_md4 = 257,
NID_md5 = 4,
NID_hmac = 855,
NID_dhKeyAgreement= 28,
EVP_PKEY_DH = NID_dhKeyAgreement,
EVP_PKEY_HMAC = NID_hmac,
EVP_PKEY_CMAC = NID_cmac,
EVP_PKEY_HKDF = NID_hkdf,
EVP_PKEY_FALCON = 300, /* Randomly picked value. */
EVP_PKEY_DILITHIUM= 301, /* Randomly picked value. */
AES_128_CFB1_TYPE = 24,
AES_192_CFB1_TYPE = 25,
AES_256_CFB1_TYPE = 26,
@ -266,73 +393,13 @@ enum {
AES_192_OFB_TYPE = 34,
AES_256_OFB_TYPE = 35,
AES_128_XTS_TYPE = 36,
AES_256_XTS_TYPE = 37
AES_256_XTS_TYPE = 37,
CHACHA20_POLY1305_TYPE = 38,
CHACHA20_TYPE = 39
};
enum {
NID_md5WithRSA = 104,
NID_md5WithRSAEncryption = 8,
NID_dsaWithSHA1 = 113,
NID_dsaWithSHA1_2 = 70,
NID_sha1WithRSA = 115,
NID_sha1WithRSAEncryption = 65,
NID_sha224WithRSAEncryption = 671,
NID_sha256WithRSAEncryption = 668,
NID_sha384WithRSAEncryption = 669,
NID_sha512WithRSAEncryption = 670,
NID_ecdsa_with_SHA1 = 416,
NID_ecdsa_with_SHA224 = 793,
NID_ecdsa_with_SHA256 = 794,
NID_ecdsa_with_SHA384 = 795,
NID_ecdsa_with_SHA512 = 796,
NID_dsa_with_SHA224 = 802,
NID_dsa_with_SHA256 = 803,
NID_sha3_224 = 1096,
NID_sha3_256 = 1097,
NID_sha3_384 = 1098,
NID_sha3_512 = 1099,
NID_blake2b512 = 1056,
NID_blake2s256 = 1057,
};
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
enum {
NID_aes_128_cbc = 419,
NID_aes_192_cbc = 423,
NID_aes_256_cbc = 427,
NID_aes_128_gcm = 895,
NID_aes_192_gcm = 898,
NID_aes_256_gcm = 901,
NID_aes_128_ctr = 904,
NID_aes_192_ctr = 905,
NID_aes_256_ctr = 906,
NID_aes_128_ecb = 418,
NID_aes_192_ecb = 422,
NID_aes_256_ecb = 426,
NID_des_cbc = 31,
NID_des_ecb = 29,
NID_des_ede3_cbc= 44,
NID_des_ede3_ecb= 33,
NID_idea_cbc = 34,
NID_aes_128_cfb1= 650,
NID_aes_192_cfb1= 651,
NID_aes_256_cfb1= 652,
NID_aes_128_cfb8= 653,
NID_aes_192_cfb8= 654,
NID_aes_256_cfb8= 655,
NID_aes_128_cfb128 = 421,
NID_aes_192_cfb128 = 425,
NID_aes_256_cfb128 = 429,
NID_aes_128_ofb = 420,
NID_aes_192_ofb = 424,
NID_aes_256_ofb = 428,
NID_aes_128_xts = 913,
NID_aes_256_xts = 914
};
#define NID_X9_62_id_ecPublicKey EVP_PKEY_EC
#define NID_dhKeyAgreement EVP_PKEY_DH
#define NID_rsaEncryption EVP_PKEY_RSA
#define NID_dsa EVP_PKEY_DSA
#define WOLFSSL_EVP_BUF_SIZE 16
struct WOLFSSL_EVP_CIPHER_CTX {
@ -341,33 +408,45 @@ struct WOLFSSL_EVP_CIPHER_CTX {
unsigned long flags;
unsigned char enc; /* if encrypt side, then true */
unsigned char cipherType;
#ifndef NO_AES
#if !defined(NO_AES)
/* working iv pointer into cipher */
ALIGN16 unsigned char iv[AES_BLOCK_SIZE];
#elif defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
ALIGN16 unsigned char iv[CHACHA20_POLY1305_AEAD_IV_SIZE];
#elif !defined(NO_DES3)
/* working iv pointer into cipher */
ALIGN16 unsigned char iv[DES_BLOCK_SIZE];
#elif defined(HAVE_IDEA)
/* working iv pointer into cipher */
ALIGN16 unsigned char iv[IDEA_BLOCK_SIZE];
#endif
WOLFSSL_Cipher cipher;
ALIGN16 byte buf[WOLFSSL_EVP_BUF_SIZE];
int bufUsed;
ALIGN16 byte lastBlock[WOLFSSL_EVP_BUF_SIZE];
int lastUsed;
#if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_IDEA) || \
defined(HAVE_AESGCM) || defined (WOLFSSL_AES_XTS)
#if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_AESGCM) || \
defined (WOLFSSL_AES_XTS) || (defined(HAVE_CHACHA) || \
defined(HAVE_POLY1305))
#define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
int ivSz;
#ifdef HAVE_AESGCM
byte* gcmBuffer;
int gcmBufferLen;
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];
int authTagSz;
byte* gcmAuthIn;
int gcmAuthInSz;
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
byte* key; /* used in partial Init()s */
#endif
#if defined(HAVE_AESGCM) || (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
#ifdef HAVE_AESGCM
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];
#else
ALIGN16 unsigned char authTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
#endif
int authTagSz;
#endif
#ifdef HAVE_AESGCM
byte gcmIvGenEnable:1;
byte gcmIncIv:1;
#endif
#endif
};
@ -377,12 +456,17 @@ struct WOLFSSL_EVP_PKEY_CTX {
int op; /* operation */
int padding;
int nbits;
#ifdef HAVE_ECC
int curveNID;
#endif
#ifndef NO_RSA
const WOLFSSL_EVP_MD* md;
#endif
};
typedef
struct WOLFSSL_ASN1_PCTX {
int dummy;
} WOLFSSL_ASN1_PCTX;
};
#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE)
#define BASE64_ENCODE_BLOCK_SIZE 48
@ -406,6 +490,10 @@ WOLFSSL_API int wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
unsigned char*out, int *outl, const unsigned char*in, int inl);
WOLFSSL_API void wolfSSL_EVP_EncodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
unsigned char*out, int *outl);
WOLFSSL_API int wolfSSL_EVP_EncodeBlock(unsigned char *out,
const unsigned char *in, int inLen);
WOLFSSL_API int wolfSSL_EVP_DecodeBlock(unsigned char *out,
const unsigned char *in, int inLen);
#endif /* WOLFSSL_BASE64_ENCODE */
#if defined(WOLFSSL_BASE64_DECODE)
@ -419,21 +507,11 @@ WOLFSSL_API int wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2b512(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2s256(void);
typedef int WOLFSSL_ENGINE ;
typedef WOLFSSL_ENGINE ENGINE;
typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX;
#define EVP_PKEY_OP_SIGN (1 << 3)
#define EVP_PKEY_OP_ENCRYPT (1 << 6)
#define EVP_PKEY_OP_DECRYPT (1 << 7)
#define EVP_PKEY_OP_DERIVE (1 << 8)
#define EVP_PKEY_PRINT_INDENT_MAX 128
WOLFSSL_API void wolfSSL_EVP_init(void);
WOLFSSL_API int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* md);
WOLFSSL_API int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md);
WOLFSSL_API int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD *md);
WOLFSSL_API int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_MD_pkey_type(const WOLFSSL_EVP_MD* type);
WOLFSSL_API WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new (void);
WOLFSSL_API void wolfSSL_EVP_MD_CTX_free(WOLFSSL_EVP_MD_CTX* ctx);
@ -451,52 +529,33 @@ WOLFSSL_API int wolfSSL_EVP_CIPHER_nid(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
WOLFSSL_API int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data,
size_t sz);
WOLFSSL_API int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
unsigned int* s);
WOLFSSL_API int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx,
unsigned char* md, unsigned int* s);
WOLFSSL_API int wolfSSL_EVP_DigestSignInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx,
const void *d, unsigned int cnt);
WOLFSSL_API int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx,
unsigned char *sig, size_t *siglen);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx,
const void *d, size_t cnt);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
const unsigned char *sig,
size_t siglen);
WOLFSSL_API int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out,
unsigned int* outSz, const WOLFSSL_EVP_MD* evp,
WOLFSSL_ENGINE* eng);
WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER*,
const WOLFSSL_EVP_MD*, const unsigned char*,
const unsigned char*, int, int, unsigned char*,
unsigned char*);
WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER* type,
const WOLFSSL_EVP_MD* md, const byte* salt,
const byte* data, int sz, int count, byte* key, byte* iv);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_ctrl(WOLFSSL_EVP_CIPHER_CTX *ctx, \
int type, int arg, void *ptr);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX*);
WOLFSSL_API int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER*);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_iv_length(
const WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher);
WOLFSSL_API int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c);
@ -505,30 +564,6 @@ WOLFSSL_API int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const unsigned char* key,
const unsigned char* iv,
int enc);
WOLFSSL_API int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv,
int enc);
WOLFSSL_API int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl,
const unsigned char *in, int inl);
@ -550,6 +585,7 @@ WOLFSSL_API int wolfSSL_EVP_DecryptFinal_legacy(WOLFSSL_EVP_CIPHER_CTX *ctx,
WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_free(WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_reset(WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_nid(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
int keylen);
@ -557,24 +593,26 @@ WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_iv_length(WOLFSSL_EVP_CIPHER_CTX* ct
int ivLen);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* iv,
int ivLen);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_get_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* iv,
int ivLen);
WOLFSSL_API int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx,
unsigned char* dst, unsigned char* src,
unsigned int len);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_get_cipherbynid(int);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_get_cipherbynid(int id);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id);
WOLFSSL_API const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_CIPHER_CTX_cipher(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_RSA(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_RSA* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey,
WOLFSSL_EC_KEY* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get0_RSA(struct WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get0_DSA(struct WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DSA(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_DSA* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_DH(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_DH* key);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get0_RSA(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get0_DSA(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY* key);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY* key);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get0_EC_KEY(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key);
WOLFSSL_API WOLFSSL_DH* wolfSSL_EVP_PKEY_get0_DH(WOLFSSL_EVP_PKEY* key);
@ -585,13 +623,21 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key
WOLFSSL_API int wolfSSL_EVP_PKEY_set1_EC_KEY(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_EVP_PKEY_assign(WOLFSSL_EVP_PKEY *pkey, int type, void *key);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, ENGINE* e,
const unsigned char* key, int keylen);
WOLFSSL_API const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
size_t* len);
WOLFSSL_API int wolfSSL_EVP_PKEY_sign_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen);
WOLFSSL_API int wolfSSL_EVP_PKEY_verify_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_verify(WOLFSSL_EVP_PKEY_CTX *ctx, const unsigned char *sig,
size_t siglen, const unsigned char *tbs, size_t tbslen);
WOLFSSL_API int wolfSSL_EVP_PKEY_paramgen_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_ec_paramgen_curve_nid(WOLFSSL_EVP_PKEY_CTX *ctx,
int nid);
WOLFSSL_API int wolfSSL_EVP_PKEY_paramgen(WOLFSSL_EVP_PKEY_CTX* ctx,
WOLFSSL_EVP_PKEY** pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_ec_param_enc(WOLFSSL_EVP_PKEY_CTX *ctx,
int flag);
WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx,
WOLFSSL_EVP_PKEY **ppkey);
@ -601,9 +647,9 @@ WOLFSSL_API void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx);
#else
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx);
#endif
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding);
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_signature_md(WOLFSSL_EVP_PKEY_CTX *ctx,
const WOLFSSL_EVP_MD* md);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(WOLFSSL_EVP_PKEY_CTX *ctx, int bits);
WOLFSSL_API int wolfSSL_EVP_PKEY_derive_init(WOLFSSL_EVP_PKEY_CTX *ctx);
@ -623,7 +669,7 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key);
WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, const WOLFSSL_EVP_PKEY *from);
WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey);
@ -632,12 +678,12 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKCS82PKEY(const WOLFSSL_PKCS8_PRIV_KEY_INFO* p8);
WOLFSSL_API WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_EVP_PKEY2PKCS8(const WOLFSSL_EVP_PKEY* pkey);
WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type);
WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len);
WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
const unsigned char* sig, unsigned int sig_len, WOLFSSL_EVP_PKEY *pkey);
@ -664,6 +710,7 @@ WOLFSSL_API unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_flags(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad);
WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest);
@ -685,22 +732,37 @@ WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
const WOLFSSL_EVP_MD *digest,
int keylen, unsigned char *out);
#if defined(HAVE_SCRYPT) && defined(HAVE_PBKDF2) && !defined(NO_PWDBASED) && \
!defined(NO_SHA)
WOLFSSL_API int wolfSSL_EVP_PBE_scrypt(const char *pass, size_t passlen,
const unsigned char *salt, size_t saltlen,
word64 N, word64 r, word64 p,
word64 maxmem, unsigned char *key, size_t keylen);
#endif /* HAVE_SCRYPT && HAVE_PBKDF2 && !NO_PWDBASED && !NO_SHA */
WOLFSSL_LOCAL int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp,
int* pHash, int* pHashSz);
#define EVP_CIPH_STREAM_CIPHER WOLFSSL_EVP_CIPH_STREAM_CIPHER
#define EVP_CIPH_ECB_MODE WOLFSSL_EVP_CIPH_ECB_MODE
#define EVP_CIPH_CBC_MODE WOLFSSL_EVP_CIPH_CBC_MODE
#define EVP_CIPH_CFB_MODE WOLFSSL_EVP_CIPH_CFB_MODE
#define EVP_CIPH_OFB_MODE WOLFSSL_EVP_CIPH_OFB_MODE
#define EVP_CIPH_CTR_MODE WOLFSSL_EVP_CIPH_CTR_MODE
#define EVP_CIPH_GCM_MODE WOLFSSL_EVP_CIPH_GCM_MODE
#define EVP_CIPH_CCM_MODE WOLFSSL_EVP_CIPH_CCM_MODE
#define EVP_CIPH_XTS_MODE WOLFSSL_EVP_CIPH_XTS_MODE
WOLFSSL_API void wolfSSL_EVP_MD_do_all(void (*fn) (const WOLFSSL_EVP_MD *md,
const char* from, const char* to,
void* xx), void* args);
#define EVP_CIPH_FLAG_AEAD_CIPHER WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER
#ifdef HAVE_HKDF
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_hkdf_md(WOLFSSL_EVP_PKEY_CTX* ctx,
const WOLFSSL_EVP_MD* md);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt(WOLFSSL_EVP_PKEY_CTX* ctx,
const byte* salt,
int saltSz);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set1_hkdf_key(WOLFSSL_EVP_PKEY_CTX* ctx,
const byte* key, int keySz);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(WOLFSSL_EVP_PKEY_CTX* ctx,
const byte* info,
int infoSz);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_hkdf_mode(WOLFSSL_EVP_PKEY_CTX* ctx,
int mode);
#endif
#define WOLFSSL_EVP_CIPH_MODE 0x0007
#define WOLFSSL_EVP_CIPH_MODE 0x0007
#define WOLFSSL_EVP_CIPH_STREAM_CIPHER 0x0
#define WOLFSSL_EVP_CIPH_ECB_MODE 0x1
#define WOLFSSL_EVP_CIPH_CBC_MODE 0x2
@ -712,16 +774,79 @@ WOLFSSL_LOCAL int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp,
#define WOLFSSL_EVP_CIPH_XTS_MODE 0x10
#define WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER 0x20
#define WOLFSSL_EVP_CIPH_NO_PADDING 0x100
#define EVP_CIPH_VARIABLE_LENGTH 0x200
#define WOLFSSL_EVP_CIPH_VARIABLE_LENGTH 0x200
#define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff
/* end OpenSSH compat */
typedef WOLFSSL_EVP_MD EVP_MD;
typedef WOLFSSL_EVP_CIPHER EVP_CIPHER;
typedef WOLFSSL_EVP_MD_CTX EVP_MD_CTX;
typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* EVP ENGINE API's */
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, WOLFSSL_ENGINE* e,
const unsigned char* key, int keylen);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_CMAC_key(WOLFSSL_ENGINE* e,
const unsigned char* priv, size_t len,
const WOLFSSL_EVP_CIPHER* cipher);
WOLFSSL_API int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
WOLFSSL_API int wolfSSL_EVP_DigestSignInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx,
WOLFSSL_EVP_PKEY_CTX **pctx,
const WOLFSSL_EVP_MD *type,
WOLFSSL_ENGINE *e,
WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out,
unsigned int* outSz, const WOLFSSL_EVP_MD* evp,
WOLFSSL_ENGINE* eng);
WOLFSSL_API int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv,
int enc);
WOLFSSL_API int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
WOLFSSL_ENGINE *impl,
const unsigned char* key,
const unsigned char* iv);
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e);
WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e);
WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type,
WOLFSSL_ENGINE *impl);
#define EVP_CIPH_STREAM_CIPHER WOLFSSL_EVP_CIPH_STREAM_CIPHER
#define EVP_CIPH_VARIABLE_LENGTH WOLFSSL_EVP_CIPH_VARIABLE_LENGTH
#define EVP_CIPH_ECB_MODE WOLFSSL_EVP_CIPH_ECB_MODE
#define EVP_CIPH_CBC_MODE WOLFSSL_EVP_CIPH_CBC_MODE
#define EVP_CIPH_CFB_MODE WOLFSSL_EVP_CIPH_CFB_MODE
#define EVP_CIPH_OFB_MODE WOLFSSL_EVP_CIPH_OFB_MODE
#define EVP_CIPH_CTR_MODE WOLFSSL_EVP_CIPH_CTR_MODE
#define EVP_CIPH_GCM_MODE WOLFSSL_EVP_CIPH_GCM_MODE
#define EVP_CIPH_CCM_MODE WOLFSSL_EVP_CIPH_CCM_MODE
#define EVP_CIPH_XTS_MODE WOLFSSL_EVP_CIPH_XTS_MODE
#define EVP_CIPH_FLAG_AEAD_CIPHER WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER
#ifndef NO_MD4
#define EVP_md4 wolfSSL_EVP_md4
@ -736,7 +861,11 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_sha256 wolfSSL_EVP_sha256
#define EVP_sha384 wolfSSL_EVP_sha384
#define EVP_sha512 wolfSSL_EVP_sha512
#define EVP_sha512_224 wolfSSL_EVP_sha512_224
#define EVP_sha512_256 wolfSSL_EVP_sha512_256
#define EVP_ripemd160 wolfSSL_EVP_ripemd160
#define EVP_shake128 wolfSSL_EVP_shake128
#define EVP_shake256 wolfSSL_EVP_shake256
#define EVP_set_pw_prompt wolfSSL_EVP_set_pw_prompt
#define EVP_sha3_224 wolfSSL_EVP_sha3_224
@ -744,41 +873,46 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_sha3_384 wolfSSL_EVP_sha3_384
#define EVP_sha3_512 wolfSSL_EVP_sha3_512
#define EVP_aes_128_cbc wolfSSL_EVP_aes_128_cbc
#define EVP_aes_192_cbc wolfSSL_EVP_aes_192_cbc
#define EVP_aes_256_cbc wolfSSL_EVP_aes_256_cbc
#define EVP_aes_128_cfb1 wolfSSL_EVP_aes_128_cfb1
#define EVP_aes_192_cfb1 wolfSSL_EVP_aes_192_cfb1
#define EVP_aes_256_cfb1 wolfSSL_EVP_aes_256_cfb1
#define EVP_aes_128_cfb8 wolfSSL_EVP_aes_128_cfb8
#define EVP_aes_192_cfb8 wolfSSL_EVP_aes_192_cfb8
#define EVP_aes_256_cfb8 wolfSSL_EVP_aes_256_cfb8
#define EVP_aes_128_cfb128 wolfSSL_EVP_aes_128_cfb128
#define EVP_aes_192_cfb128 wolfSSL_EVP_aes_192_cfb128
#define EVP_aes_256_cfb128 wolfSSL_EVP_aes_256_cfb128
#define EVP_aes_128_ofb wolfSSL_EVP_aes_128_ofb
#define EVP_aes_192_ofb wolfSSL_EVP_aes_192_ofb
#define EVP_aes_256_ofb wolfSSL_EVP_aes_256_ofb
#define EVP_aes_128_xts wolfSSL_EVP_aes_128_xts
#define EVP_aes_256_xts wolfSSL_EVP_aes_256_xts
#define EVP_aes_128_gcm wolfSSL_EVP_aes_128_gcm
#define EVP_aes_192_gcm wolfSSL_EVP_aes_192_gcm
#define EVP_aes_256_gcm wolfSSL_EVP_aes_256_gcm
#define EVP_aes_128_ecb wolfSSL_EVP_aes_128_ecb
#define EVP_aes_192_ecb wolfSSL_EVP_aes_192_ecb
#define EVP_aes_256_ecb wolfSSL_EVP_aes_256_ecb
#define EVP_aes_128_ctr wolfSSL_EVP_aes_128_ctr
#define EVP_aes_192_ctr wolfSSL_EVP_aes_192_ctr
#define EVP_aes_256_ctr wolfSSL_EVP_aes_256_ctr
#define EVP_des_cbc wolfSSL_EVP_des_cbc
#define EVP_des_ecb wolfSSL_EVP_des_ecb
#define EVP_des_ede3_cbc wolfSSL_EVP_des_ede3_cbc
#define EVP_des_ede3_ecb wolfSSL_EVP_des_ede3_ecb
#define EVP_rc4 wolfSSL_EVP_rc4
#define EVP_idea_cbc wolfSSL_EVP_idea_cbc
#define EVP_enc_null wolfSSL_EVP_enc_null
#define EVP_aes_128_cbc wolfSSL_EVP_aes_128_cbc
#define EVP_aes_192_cbc wolfSSL_EVP_aes_192_cbc
#define EVP_aes_256_cbc wolfSSL_EVP_aes_256_cbc
#define EVP_aes_128_cfb1 wolfSSL_EVP_aes_128_cfb1
#define EVP_aes_192_cfb1 wolfSSL_EVP_aes_192_cfb1
#define EVP_aes_256_cfb1 wolfSSL_EVP_aes_256_cfb1
#define EVP_aes_128_cfb8 wolfSSL_EVP_aes_128_cfb8
#define EVP_aes_192_cfb8 wolfSSL_EVP_aes_192_cfb8
#define EVP_aes_256_cfb8 wolfSSL_EVP_aes_256_cfb8
#define EVP_aes_128_cfb128 wolfSSL_EVP_aes_128_cfb128
#define EVP_aes_192_cfb128 wolfSSL_EVP_aes_192_cfb128
#define EVP_aes_256_cfb128 wolfSSL_EVP_aes_256_cfb128
#define EVP_aes_128_cfb wolfSSL_EVP_aes_128_cfb128
#define EVP_aes_192_cfb wolfSSL_EVP_aes_192_cfb128
#define EVP_aes_256_cfb wolfSSL_EVP_aes_256_cfb128
#define EVP_aes_128_ofb wolfSSL_EVP_aes_128_ofb
#define EVP_aes_192_ofb wolfSSL_EVP_aes_192_ofb
#define EVP_aes_256_ofb wolfSSL_EVP_aes_256_ofb
#define EVP_aes_128_xts wolfSSL_EVP_aes_128_xts
#define EVP_aes_256_xts wolfSSL_EVP_aes_256_xts
#define EVP_aes_128_gcm wolfSSL_EVP_aes_128_gcm
#define EVP_aes_192_gcm wolfSSL_EVP_aes_192_gcm
#define EVP_aes_256_gcm wolfSSL_EVP_aes_256_gcm
#define EVP_aes_128_ecb wolfSSL_EVP_aes_128_ecb
#define EVP_aes_192_ecb wolfSSL_EVP_aes_192_ecb
#define EVP_aes_256_ecb wolfSSL_EVP_aes_256_ecb
#define EVP_aes_128_ctr wolfSSL_EVP_aes_128_ctr
#define EVP_aes_192_ctr wolfSSL_EVP_aes_192_ctr
#define EVP_aes_256_ctr wolfSSL_EVP_aes_256_ctr
#define EVP_des_cbc wolfSSL_EVP_des_cbc
#define EVP_des_ecb wolfSSL_EVP_des_ecb
#define EVP_des_ede3_cbc wolfSSL_EVP_des_ede3_cbc
#define EVP_des_ede3_ecb wolfSSL_EVP_des_ede3_ecb
#define EVP_rc4 wolfSSL_EVP_rc4
#define EVP_chacha20 wolfSSL_EVP_chacha20
#define EVP_chacha20_poly1305 wolfSSL_EVP_chacha20_poly1305
#define EVP_enc_null wolfSSL_EVP_enc_null
#define EVP_MD_size wolfSSL_EVP_MD_size
#define EVP_MD_pkey_type wolfSSL_EVP_MD_pkey_type
#define EVP_MD_CTX_new wolfSSL_EVP_MD_CTX_new
#define EVP_MD_CTX_create wolfSSL_EVP_MD_CTX_new
#define EVP_MD_CTX_free wolfSSL_EVP_MD_CTX_free
@ -816,8 +950,10 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_CIPHER_CTX_init wolfSSL_EVP_CIPHER_CTX_init
#define EVP_CIPHER_CTX_cleanup wolfSSL_EVP_CIPHER_CTX_cleanup
#define EVP_CIPHER_CTX_iv_length wolfSSL_EVP_CIPHER_CTX_iv_length
#define EVP_CIPHER_CTX_nid wolfSSL_EVP_CIPHER_CTX_nid
#define EVP_CIPHER_CTX_key_length wolfSSL_EVP_CIPHER_CTX_key_length
#define EVP_CIPHER_CTX_set_key_length wolfSSL_EVP_CIPHER_CTX_set_key_length
#define EVP_CIPHER_CTX_set_iv_length wolfSSL_EVP_CIPHER_CTX_set_iv_length
#define EVP_CIPHER_CTX_mode wolfSSL_EVP_CIPHER_CTX_mode
#define EVP_CIPHER_CTX_cipher wolfSSL_EVP_CIPHER_CTX_cipher
@ -848,8 +984,7 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_get_cipherbynid wolfSSL_EVP_get_cipherbynid
#define EVP_get_digestbynid wolfSSL_EVP_get_digestbynid
#define EVP_get_cipherbyname wolfSSL_EVP_get_cipherbyname
#define EVP_get_digestbyname wolfSSL_EVP_get_digestbyname
#define EVP_MD_nid wolfSSL_EVP_MD_type
#define EVP_PKEY_assign wolfSSL_EVP_PKEY_assign
#define EVP_PKEY_assign_RSA wolfSSL_EVP_PKEY_assign_RSA
@ -869,16 +1004,24 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_PKEY_get0_EC_KEY wolfSSL_EVP_PKEY_get0_EC_KEY
#define EVP_PKEY_get0_hmac wolfSSL_EVP_PKEY_get0_hmac
#define EVP_PKEY_new_mac_key wolfSSL_EVP_PKEY_new_mac_key
#define EVP_PKEY_new_CMAC_key wolfSSL_EVP_PKEY_new_CMAC_key
#define EVP_MD_CTX_copy wolfSSL_EVP_MD_CTX_copy
#define EVP_MD_CTX_copy_ex wolfSSL_EVP_MD_CTX_copy_ex
#define EVP_PKEY_sign_init wolfSSL_EVP_PKEY_sign_init
#define EVP_PKEY_sign wolfSSL_EVP_PKEY_sign
#define EVP_PKEY_verify_init wolfSSL_EVP_PKEY_verify_init
#define EVP_PKEY_verify wolfSSL_EVP_PKEY_verify
#define EVP_PKEY_paramgen_init wolfSSL_EVP_PKEY_paramgen_init
#define EVP_PKEY_CTX_set_ec_param_enc wolfSSL_EVP_PKEY_CTX_set_ec_param_enc
#define EVP_PKEY_CTX_set_ec_paramgen_curve_nid wolfSSL_EVP_PKEY_CTX_set_ec_paramgen_curve_nid
#define EVP_PKEY_paramgen wolfSSL_EVP_PKEY_paramgen
#define EVP_PKEY_keygen wolfSSL_EVP_PKEY_keygen
#define EVP_PKEY_keygen_init wolfSSL_EVP_PKEY_keygen_init
#define EVP_PKEY_bits wolfSSL_EVP_PKEY_bits
#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free
#define EVP_PKEY_CTX_new wolfSSL_EVP_PKEY_CTX_new
#define EVP_PKEY_CTX_set_rsa_padding wolfSSL_EVP_PKEY_CTX_set_rsa_padding
#define EVP_PKEY_CTX_set_signature_md wolfSSL_EVP_PKEY_CTX_set_signature_md
#define EVP_PKEY_CTX_new_id wolfSSL_EVP_PKEY_CTX_new_id
#define EVP_PKEY_CTX_set_rsa_keygen_bits wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits
#define EVP_PKEY_derive_init wolfSSL_EVP_PKEY_derive_init
@ -900,6 +1043,8 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_PKEY_get_default_digest_nid wolfSSL_EVP_PKEY_get_default_digest_nid
#define EVP_PKEY_id wolfSSL_EVP_PKEY_id
#define EVP_PKEY_CTX_ctrl_str wolfSSL_EVP_PKEY_CTX_ctrl_str
#define EVP_PKCS82PKEY wolfSSL_EVP_PKCS82PKEY
#define EVP_PKEY2PKCS8 wolfSSL_EVP_PKEY2PKCS8
#define EVP_SignFinal wolfSSL_EVP_SignFinal
#define EVP_SignInit wolfSSL_EVP_SignInit
#define EVP_SignInit_ex wolfSSL_EVP_SignInit_ex
@ -917,6 +1062,7 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_CIPHER_CTX_set_padding wolfSSL_EVP_CIPHER_CTX_set_padding
#define EVP_CIPHER_CTX_flags wolfSSL_EVP_CIPHER_CTX_flags
#define EVP_CIPHER_CTX_set_iv wolfSSL_EVP_CIPHER_CTX_set_iv
#define EVP_CIPHER_CTX_get_iv wolfSSL_EVP_CIPHER_CTX_get_iv
#define EVP_add_digest wolfSSL_EVP_add_digest
#define EVP_add_cipher wolfSSL_EVP_add_cipher
#define EVP_cleanup wolfSSL_EVP_cleanup
@ -941,6 +1087,7 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1
#define PKCS5_PBKDF2_HMAC wolfSSL_PKCS5_PBKDF2_HMAC
#define EVP_PBE_scrypt wolfSSL_EVP_PBE_scrypt
/* OpenSSL compat. ctrl values */
#define EVP_CTRL_INIT 0x0
@ -1007,6 +1154,8 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_EncodeInit wolfSSL_EVP_EncodeInit
#define EVP_EncodeUpdate wolfSSL_EVP_EncodeUpdate
#define EVP_EncodeFinal wolfSSL_EVP_EncodeFinal
#define EVP_EncodeBlock wolfSSL_EVP_EncodeBlock
#define EVP_DecodeBlock wolfSSL_EVP_DecodeBlock
#endif /* WOLFSSL_BASE64_ENCODE */
#if defined(WOLFSSL_BASE64_DECODE)
#define EVP_DecodeInit wolfSSL_EVP_DecodeInit
@ -1016,9 +1165,20 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX;
#define EVP_blake2b512 wolfSSL_EVP_blake2b512
#define EVP_blake2s256 wolfSSL_EVP_blake2s256
#define EVP_MD_do_all wolfSSL_EVP_MD_do_all
#ifdef HAVE_HKDF
#define EVP_PKEY_CTX_set_hkdf_md wolfSSL_EVP_PKEY_CTX_set_hkdf_md
#define EVP_PKEY_CTX_set1_hkdf_salt wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt
#define EVP_PKEY_CTX_set1_hkdf_key wolfSSL_EVP_PKEY_CTX_set1_hkdf_key
#define EVP_PKEY_CTX_add1_hkdf_info wolfSSL_EVP_PKEY_CTX_add1_hkdf_info
#define EVP_PKEY_CTX_hkdf_mode wolfSSL_EVP_PKEY_CTX_hkdf_mode
#endif
WOLFSSL_API void printPKEY(WOLFSSL_EVP_PKEY *k);
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus
} /* extern "C" */
#endif

View File

@ -1,6 +1,6 @@
/* hmac.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -21,7 +21,7 @@
/* hmac.h defines mini hamc openssl compatibility layer
/* hmac.h defines mini hmac openssl compatibility layer
*
*/
@ -35,16 +35,7 @@
#include "prefix_hmac.h"
#endif
#include <libs/libwolfssl/wolfcrypt/hmac.h>
typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac;
int type;
word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
} WOLFSSL_HMAC_CTX;
#include <libs/libwolfssl/openssl/evp.h>
#include <libs/libwolfssl/openssl/compat_types.h>
#include <libs/libwolfssl/openssl/opensslv.h>
#ifdef __cplusplus

View File

@ -1,6 +1,6 @@
/* nrf51.h
/* kdf.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -19,26 +19,19 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_NRF51_PORT_H
#define WOLFSSL_NRF51_PORT_H
#ifndef WOLFSSL_KDF_H_
#define WOLFSSL_KDF_H_
#ifdef __cplusplus
extern "C" {
extern "C" {
#endif
#include <libs/libwolfssl/wolfcrypt/types.h>
/* Public Functions */
int nrf51_random_generate(byte* output, word32 sz);
int nrf51_aes_set_key(const byte* key);
int nrf51_aes_encrypt(const byte* in, const byte* key, word32 rounds, byte* out);
double current_time(int reset);
#define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0
#define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1
#define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2
#ifdef __cplusplus
}
} /* extern "C" */
#endif
#endif /* WOLFSSL_NRF51_PORT_H */
#endif /* WOLFSSL_KDF_H_ */

View File

@ -1,6 +1,6 @@
/* lhash.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* md4.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -41,9 +41,10 @@ typedef struct WOLFSSL_MD4_CTX {
} WOLFSSL_MD4_CTX;
WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX*);
WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX*, const void*, unsigned long);
WOLFSSL_API void wolfSSL_MD4_Final(unsigned char*, WOLFSSL_MD4_CTX*);
WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX* md4);
WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX* md4, const void* data,
unsigned long len);
WOLFSSL_API void wolfSSL_MD4_Final(unsigned char* digest, WOLFSSL_MD4_CTX* md4);
typedef WOLFSSL_MD4_CTX MD4_CTX;

View File

@ -1,6 +1,6 @@
/* md5.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -49,10 +49,14 @@ typedef struct WOLFSSL_MD5_CTX {
#endif
} WOLFSSL_MD5_CTX;
WOLFSSL_API int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX*);
WOLFSSL_API int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX*, const void*, unsigned long);
WOLFSSL_API int wolfSSL_MD5_Final(unsigned char*, WOLFSSL_MD5_CTX*);
WOLFSSL_API int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX*, const unsigned char*);
WOLFSSL_API int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX* md5);
WOLFSSL_API int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX* md5, const void* input,
unsigned long sz);
WOLFSSL_API int wolfSSL_MD5_Final(unsigned char* output, WOLFSSL_MD5_CTX* md5);
WOLFSSL_API int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX* md5, const unsigned char* data);
WOLFSSL_API unsigned char *wolfSSL_MD5(const unsigned char* data, size_t len,
unsigned char* hash);
typedef WOLFSSL_MD5_CTX MD5_CTX;
@ -67,11 +71,29 @@ typedef WOLFSSL_MD5_CTX MD5_CTX;
#define MD5Final wolfSSL_MD5_Final
#endif
#ifndef MD5
#define MD5(d, n, md) wc_Md5Hash((d), (n), (md))
/* "MD5" has some conflicts
* If not FIPS and NO_OLD_SHA_NAMES defined
* If FIPS V2 or higher and NO_OLD_MD5_NAME defined
* If FIPS V2 and NO_OLD_WC_NAMES defined
* If FIPS v1 not allowed
*/
#if (defined(NO_OLD_MD5_NAME) && !defined(HAVE_FIPS)) || \
(defined(NO_OLD_MD5_NAME) && defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2) || \
(defined(NO_OLD_WC_NAMES) && defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2)
#define MD5 wolfSSL_MD5
#endif
#define MD5_DIGEST_LENGTH MD5_DIGEST_SIZE
/* FIPS v1 uses old MD5_DIGEST_SIZE naming */
#if (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2)) && \
defined(OPENSSL_EXTRA)
#define MD5_DIGEST_LENGTH WC_MD5_DIGEST_SIZE
#else
#define MD5_DIGEST_LENGTH MD5_DIGEST_SIZE
#endif
#ifdef __cplusplus
} /* extern "C" */

View File

@ -1,6 +1,6 @@
/* obj_mac.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* objects.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -24,7 +24,6 @@
#define WOLFSSL_OBJECTS_H_
#include <libs/libwolfssl/wolfcrypt/settings.h>
//#include <libs/libwolfssl/openssl/ssl.h>
#ifndef OPENSSL_EXTRA_SSL_GUARD
#define OPENSSL_EXTRA_SSL_GUARD
#include <libs/libwolfssl/ssl.h>
@ -34,19 +33,33 @@
extern "C" {
#endif
#define OBJ_nid2sn wolfSSL_OBJ_nid2sn
#define OBJ_obj2nid wolfSSL_OBJ_obj2nid
#define OBJ_sn2nid wolfSSL_OBJ_sn2nid
#define OBJ_nid2ln wolfSSL_OBJ_nid2ln
#define OBJ_ln2nid wolfSSL_OBJ_ln2nid
#define OBJ_txt2nid wolfSSL_OBJ_txt2nid
#define OBJ_txt2obj wolfSSL_OBJ_txt2obj
#define OBJ_nid2obj wolfSSL_OBJ_nid2obj
#define OBJ_obj2txt wolfSSL_OBJ_obj2txt
#define OBJ_cleanup wolfSSL_OBJ_cleanup
#define OBJ_cmp wolfSSL_OBJ_cmp
#define OBJ_create wolfSSL_OBJ_create
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define OBJ_NAME_TYPE_UNDEF WOLFSSL_OBJ_NAME_TYPE_UNDEF
#define OBJ_NAME_TYPE_MD_METH WOLFSSL_OBJ_NAME_TYPE_MD_METH
#define OBJ_NAME_TYPE_CIPHER_METH WOLFSSL_OBJ_NAME_TYPE_CIPHER_METH
#define OBJ_NAME_TYPE_PKEY_METH WOLFSSL_OBJ_NAME_TYPE_PKEY_METH
#define OBJ_NAME_TYPE_COMP_METH WOLFSSL_OBJ_NAME_TYPE_COMP_METH
#define OBJ_NAME_TYPE_NUM WOLFSSL_OBJ_NAME_TYPE_NUM
#define OBJ_NAME_ALIAS WOLFSSL_OBJ_NAME_ALIAS
#define OBJ_nid2sn wolfSSL_OBJ_nid2sn
#define OBJ_obj2nid wolfSSL_OBJ_obj2nid
#define OBJ_sn2nid wolfSSL_OBJ_sn2nid
#define OBJ_length wolfSSL_OBJ_length
#define OBJ_get0_data wolfSSL_OBJ_get0_data
#define OBJ_nid2ln wolfSSL_OBJ_nid2ln
#define OBJ_ln2nid wolfSSL_OBJ_ln2nid
#define OBJ_txt2nid wolfSSL_OBJ_txt2nid
#define OBJ_txt2obj wolfSSL_OBJ_txt2obj
#define OBJ_nid2obj wolfSSL_OBJ_nid2obj
#define OBJ_obj2txt wolfSSL_OBJ_obj2txt
#define OBJ_cleanup wolfSSL_OBJ_cleanup
#define OBJ_cmp wolfSSL_OBJ_cmp
#define OBJ_create wolfSSL_OBJ_create
#define ASN1_OBJECT_free wolfSSL_ASN1_OBJECT_free
#define OBJ_NAME_do_all wolfSSL_OBJ_NAME_do_all
#define i2t_ASN1_OBJECT wolfSSL_i2t_ASN1_OBJECT
/* not required for wolfSSL */
#define OPENSSL_load_builtin_modules()
@ -55,6 +68,8 @@
#define NID_ad_OCSP 178
#define NID_ad_ca_issuers 179
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus
} /* extern "C" */

View File

@ -1,6 +1,6 @@
/* ocsp.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -34,7 +34,7 @@
#define OCSP_CERTID WOLFSSL_OCSP_CERTID
#define OCSP_ONEREQ WOLFSSL_OCSP_ONEREQ
#define OCSP_REVOKED_STATUS_NOSTATUS -1
#define OCSP_REVOKED_STATUS_NOSTATUS (-1)
#define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
@ -78,6 +78,7 @@
#define i2d_OCSP_REQUEST_bio wolfSSL_i2d_OCSP_REQUEST_bio
#define i2d_OCSP_CERTID wolfSSL_i2d_OCSP_CERTID
#define d2i_OCSP_CERTID wolfSSL_d2i_OCSP_CERTID
#define OCSP_SINGLERESP_get0_id wolfSSL_OCSP_SINGLERESP_get0_id
#define OCSP_id_cmp wolfSSL_OCSP_id_cmp
#define OCSP_single_get0_status wolfSSL_OCSP_single_get0_status

View File

@ -1,6 +1,6 @@
/* opensslv.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -24,20 +24,25 @@
#ifndef WOLFSSL_OPENSSLV_H_
#define WOLFSSL_OPENSSLV_H_
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* api version compatibility */
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x0090810fL) ||\
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x009070dfL) ||\
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x0090810fL) ||\
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10100000L) ||\
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10001040L)
/* valid version */
#elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST) || defined(WOLFSSL_BIND)
#elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST) || \
defined(WOLFSSL_BIND) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_RSYSLOG) || defined(WOLFSSL_KRB) || defined(HAVE_STUNNEL)
/* For Apache httpd, Use 1.1.0 compatibility */
#define OPENSSL_VERSION_NUMBER 0x10100000L
#elif defined(WOLFSSL_QT)
#define OPENSSL_VERSION_NUMBER 0x10100003L
#elif defined(WOLFSSL_QT) || defined(WOLFSSL_PYTHON)
/* For Qt and Python 3.8.5 compatibility */
#define OPENSSL_VERSION_NUMBER 0x10101000L
#elif defined(WOLFSSL_HAPROXY)
#elif defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_FFMPEG)
#define OPENSSL_VERSION_NUMBER 0x1010000fL
#elif defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \
#elif defined(OPENSSL_ALL) || defined(HAVE_LIGHTY) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_OPENSSH) || defined(WOLFSSL_OPENVPN)
/* version number can be increased for Lighty after compatibility for ECDH
is added */
@ -46,7 +51,9 @@
#define OPENSSL_VERSION_NUMBER 0x0090810fL
#endif
#define OPENSSL_VERSION_TEXT LIBWOLFSSL_VERSION_STRING
#define OPENSSL_VERSION_TEXT "wolfSSL " LIBWOLFSSL_VERSION_STRING
#define OPENSSL_VERSION 0
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* header */

View File

@ -1,6 +1,6 @@
/* ossl_typ.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* pem.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -42,14 +42,12 @@
/* RSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
const EVP_CIPHER* cipher,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb* cb, void* arg);
wc_pem_password_cb* cb, void* arg);
WOLFSSL_API
WOLFSSL_RSA* wolfSSL_PEM_read_bio_RSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_RSA**,
pem_password_cb* cb,
void* arg);
WOLFSSL_RSA** rsa, wc_pem_password_cb* cb, void* pass);
WOLFSSL_API
int wolfSSL_PEM_write_bio_RSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa);
@ -57,64 +55,77 @@ int wolfSSL_PEM_write_bio_RSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa);
WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_bio_RSA_PUBKEY(WOLFSSL_BIO* bio,
WOLFSSL_RSA** rsa,
pem_password_cb* cb, void *u);
wc_pem_password_cb* cb, void *u);
WOLFSSL_API
WOLFSSL_EC_GROUP* wolfSSL_PEM_read_bio_ECPKParameters(WOLFSSL_BIO* bio,
WOLFSSL_EC_GROUP** group,
pem_password_cb* cb,
wc_pem_password_cb* cb,
void* pass);
WOLFSSL_API
int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
int wolfSSL_PEM_write_mem_RSAPrivateKey(WOLFSSL_RSA* rsa,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa,
const EVP_CIPHER *enc,
const WOLFSSL_EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
wc_pem_password_cb *cb, void *u);
WOLFSSL_API
WOLFSSL_RSA* wolfSSL_PEM_read_RSAPrivateKey(XFILE fp, WOLFSSL_RSA** rsa,
wc_pem_password_cb* cb, void* pass);
WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(XFILE fp, WOLFSSL_RSA **x,
pem_password_cb *cb, void *u);
wc_pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_RSAPublicKey(XFILE fp, WOLFSSL_RSA *x);
int wolfSSL_PEM_write_RSAPublicKey(XFILE fp, WOLFSSL_RSA* key);
WOLFSSL_API
int wolfSSL_PEM_write_RSA_PUBKEY(XFILE fp, WOLFSSL_RSA *x);
WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_RSA_PUBKEY(XFILE fp, WOLFSSL_RSA** rsa,
wc_pem_password_cb* cb, void *pass);
#endif /* NO_FILESYSTEM */
/* DSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb* cb, void* arg);
wc_pem_password_cb* cb, void* arg);
WOLFSSL_API
WOLFSSL_DSA* wolfSSL_PEM_read_bio_DSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_DSA** dsa,
pem_password_cb* cb,void *pass);
wc_pem_password_cb* cb,
void *pass);
WOLFSSL_API
WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSA_PUBKEY(WOLFSSL_BIO* bio,WOLFSSL_DSA** dsa,
pem_password_cb* cb, void *pass);
WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSA_PUBKEY(WOLFSSL_BIO* bio,
WOLFSSL_DSA** dsa,
wc_pem_password_cb* cb,
void *pass);
WOLFSSL_API
int wolfSSL_PEM_write_bio_DSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa);
WOLFSSL_API
int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_write_DSAPrivateKey(XFILE fp, WOLFSSL_DSA *dsa,
const EVP_CIPHER *enc,
const WOLFSSL_EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
wc_pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x);
#endif /* NO_FILESYSTEM */
@ -122,52 +133,54 @@ int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x);
/* ECC */
WOLFSSL_API
int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
const EVP_CIPHER* cipher,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb* cb, void* arg);
wc_pem_password_cb* cb, void* arg);
WOLFSSL_API
WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_ECPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EC_KEY** ec,
pem_password_cb* cb,
wc_pem_password_cb* cb,
void *pass);
WOLFSSL_API
int wolfSSL_PEM_write_bio_EC_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec);
WOLFSSL_API
int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* key,
const EVP_CIPHER* cipher,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *key,
const EVP_CIPHER *enc,
const WOLFSSL_EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
wc_pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY *key);
int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY* key);
WOLFSSL_API
WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_EC_PUBKEY(WOLFSSL_BIO* bio,
WOLFSSL_EC_KEY** ec,
pem_password_cb* cb, void *pass);
wc_pem_password_cb* cb,
void *pass);
#endif /* NO_FILESYSTEM */
/* EVP_KEY */
WOLFSSL_API
WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY**,
pem_password_cb* cb,
void* arg);
WOLFSSL_EVP_PKEY** key,
wc_pem_password_cb* cb,
void* pass);
WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_bio_PUBKEY(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY **key,
pem_password_cb *cb, void *pass);
wc_pem_password_cb *cb,
void *pass);
WOLFSSL_API
int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key,
const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb* cb, void* arg);
wc_pem_password_cb* cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_bio_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key);
@ -190,14 +203,14 @@ int wolfSSL_PEM_write(XFILE fp, const char *name, const char *header,
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, WOLFSSL_EVP_PKEY **x,
wc_pem_password_cb *cb, void *u);
WOLFSSL_API
WOLFSSL_X509 *wolfSSL_PEM_read_X509(XFILE fp, WOLFSSL_X509 **x,
pem_password_cb *cb, void *u);
wc_pem_password_cb *cb, void *u);
WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey(XFILE fp, WOLFSSL_EVP_PKEY **x,
pem_password_cb *cb, void *u);
wc_pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509 *x);
@ -215,17 +228,21 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh);
#define PEM_write_X509 wolfSSL_PEM_write_X509
#define PEM_write_bio_PrivateKey wolfSSL_PEM_write_bio_PrivateKey
#define PEM_write_bio_PKCS8PrivateKey wolfSSL_PEM_write_bio_PKCS8PrivateKey
#define PEM_write_PKCS8PrivateKey wolfSSL_PEM_write_PKCS8PrivateKey
/* DH */
#define PEM_write_DHparams wolfSSL_PEM_write_DHparams
/* RSA */
#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
#define PEM_read_bio_RSAPrivateKey wolfSSL_PEM_read_bio_RSAPrivateKey
#define PEM_read_RSAPrivateKey wolfSSL_PEM_read_RSAPrivateKey
#define PEM_write_bio_RSA_PUBKEY wolfSSL_PEM_write_bio_RSA_PUBKEY
#define PEM_read_bio_RSA_PUBKEY wolfSSL_PEM_read_bio_RSA_PUBKEY
#define PEM_read_bio_RSAPublicKey wolfSSL_PEM_read_bio_RSA_PUBKEY
#define PEM_read_bio_ECPKParameters wolfSSL_PEM_read_bio_ECPKParameters
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
#define PEM_read_RSA_PUBKEY wolfSSL_PEM_read_RSA_PUBKEY
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
/* DSA */

View File

@ -1,6 +1,6 @@
/* pkcs12.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* pkcs7.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -34,14 +34,21 @@
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7)
#define PKCS7_TEXT 0x1
#define PKCS7_NOCERTS 0x2
#define PKCS7_DETACHED 0x40
#define PKCS7_BINARY 0x80
#define PKCS7_NOINTERN 0x0010
#define PKCS7_NOVERIFY 0x0020
#define PKCS7_STREAM 0x1000
#define PKCS7_PARTIAL 0x4000
typedef struct WOLFSSL_PKCS7
{
PKCS7 pkcs7;
unsigned char* data;
int len;
int type; /* from PKCS7_TYPES, for PKCS7_final() */
WOLFSSL_STACK* certs;
} WOLFSSL_PKCS7;
@ -56,8 +63,12 @@ WOLFSSL_LOCAL PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in,
int len, byte* content, word32 contentSz);
WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7);
WOLFSSL_API int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7);
WOLFSSL_API int wolfSSL_i2d_PKCS7(PKCS7 *p7, unsigned char **out);
WOLFSSL_API PKCS7* wolfSSL_PKCS7_sign(WOLFSSL_X509* signer,
WOLFSSL_EVP_PKEY* pkey, WOLFSSL_STACK* certs, WOLFSSL_BIO* in, int flags);
WOLFSSL_API int wolfSSL_PKCS7_verify(PKCS7* p7, WOLFSSL_STACK* certs,
WOLFSSL_X509_STORE* store, WOLFSSL_BIO* in, WOLFSSL_BIO* out, int flags);
WOLFSSL_API int wolfSSL_PKCS7_final(PKCS7* pkcs7, WOLFSSL_BIO* in, int flags);
WOLFSSL_API int wolfSSL_PKCS7_encode_certs(PKCS7* p7, WOLFSSL_STACK* certs,
WOLFSSL_BIO* out);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7);
@ -66,6 +77,8 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* p7,
WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7);
#if defined(HAVE_SMIME)
WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in, WOLFSSL_BIO** bcont);
WOLFSSL_API int wolfSSL_SMIME_write_PKCS7(WOLFSSL_BIO* out, PKCS7* pkcs7,
WOLFSSL_BIO* in, int flags);
#endif /* HAVE_SMIME */
@ -76,11 +89,15 @@ WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in, WOLFSSL_BIO** bcont
#define d2i_PKCS7 wolfSSL_d2i_PKCS7
#define d2i_PKCS7_bio wolfSSL_d2i_PKCS7_bio
#define i2d_PKCS7_bio wolfSSL_i2d_PKCS7_bio
#define i2d_PKCS7 wolfSSL_i2d_PKCS7
#define PKCS7_sign wolfSSL_PKCS7_sign
#define PKCS7_verify wolfSSL_PKCS7_verify
#define PKCS7_final wolfSSL_PKCS7_final
#define PKCS7_get0_signers wolfSSL_PKCS7_get0_signers
#define PEM_write_bio_PKCS7 wolfSSL_PEM_write_bio_PKCS7
#if defined(HAVE_SMIME)
#define SMIME_read_PKCS7 wolfSSL_SMIME_read_PKCS7
#define SMIME_write_PKCS7 wolfSSL_SMIME_write_PKCS7
#endif /* HAVE_SMIME */
#endif /* OPENSSL_ALL && HAVE_PKCS7 */

View File

@ -1,6 +1,6 @@
/* rand.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* rc4.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* ripemd.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* rsa.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -33,6 +33,7 @@
extern "C" {
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* Padding types */
#define RSA_PKCS1_PADDING 0
#define RSA_PKCS1_OAEP_PADDING 1
@ -50,92 +51,103 @@
#define RSA_FLAG_NO_CONSTTIME (1 << 8)
/* Salt length same as digest length */
#define RSA_PSS_SALTLEN_DIGEST -1
#define RSA_PSS_SALTLEN_DIGEST (-1)
/* Old max salt length */
#define RSA_PSS_SALTLEN_MAX_SIGN -2
#define RSA_PSS_SALTLEN_MAX_SIGN (-2)
/* Max salt length */
#define RSA_PSS_SALTLEN_MAX -3
#define RSA_PSS_SALTLEN_MAX (-3)
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
typedef struct WOLFSSL_RSA_METHOD {
/* Flags of RSA key implementation. */
int flags;
/* Name of RSA key implementation. */
char *name;
/* RSA method dynamically allocated. */
word16 dynamic:1;
} WOLFSSL_RSA_METHOD;
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
#define WOLFSSL_RSA_TYPE_DEFINED
/* RSA key compatable with OpenSSL. */
typedef struct WOLFSSL_RSA {
#ifdef WC_RSA_BLINDING
WC_RNG* rng; /* for PrivateDecrypt blinding */
#endif
WOLFSSL_BIGNUM* n;
WOLFSSL_BIGNUM* e;
WOLFSSL_BIGNUM* d;
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* q;
WOLFSSL_BIGNUM* dmp1; /* dP */
WOLFSSL_BIGNUM* dmq1; /* dQ */
WOLFSSL_BIGNUM* iqmp; /* u */
void* heap;
void* internal; /* our RSA */
WOLFSSL_BIGNUM* n; /* Modulus. */
WOLFSSL_BIGNUM* e; /* Public exponent. */
WOLFSSL_BIGNUM* d; /* Private exponent. */
WOLFSSL_BIGNUM* p; /* First prime. */
WOLFSSL_BIGNUM* q; /* Second prime. */
WOLFSSL_BIGNUM* dmp1; /* dP = d mod (p - 1) */
WOLFSSL_BIGNUM* dmq1; /* dQ = d mod (q - 1) */
WOLFSSL_BIGNUM* iqmp; /* u = (1 / q) mod p */
void* heap; /* Heap used for memory allocations. */
void* internal; /* wolfCrypt RSA key. */
#if defined(OPENSSL_EXTRA)
WOLFSSL_RSA_METHOD* meth;
const WOLFSSL_RSA_METHOD* meth; /* RSA method. */
#endif
#if defined(HAVE_EX_DATA)
#ifdef HAVE_EX_DATA
WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data */
#endif
#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_EXTRA)
wolfSSL_Mutex refMutex; /* ref count mutex */
int refCount; /* reference count */
#endif
word16 pkcs8HeaderSz;
wolfSSL_Ref ref; /* Reference count information. */
word16 pkcs8HeaderSz; /* Size of PKCS#8 header from decode. */
int flags; /* Flags of implementation. */
/* bits */
byte inSet:1; /* internal set from external ? */
byte exSet:1; /* external set from internal ? */
byte ownRng:1; /* flag for if the rng should be free'd */
byte inSet:1; /* Internal set from external. */
byte exSet:1; /* External set from internal. */
byte ownRng:1; /* Rng needs to be free'd. */
} WOLFSSL_RSA;
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL_RSA RSA;
typedef WOLFSSL_RSA_METHOD RSA_METHOD;
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new_ex(void* heap, int devId);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new(void);
WOLFSSL_API void wolfSSL_RSA_free(WOLFSSL_RSA*);
WOLFSSL_API void wolfSSL_RSA_free(WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA*, int bits, WOLFSSL_BIGNUM*,
void* cb);
WOLFSSL_API int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits,
WOLFSSL_BIGNUM* bn, void* cb);
WOLFSSL_API int wolfSSL_RSA_blinding_on(WOLFSSL_RSA*, WOLFSSL_BN_CTX*);
WOLFSSL_API int wolfSSL_RSA_blinding_on(WOLFSSL_RSA* rsa, WOLFSSL_BN_CTX* bn);
WOLFSSL_API int wolfSSL_RSA_check_key(const WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_public_encrypt(int len, const unsigned char* fr,
unsigned char* to, WOLFSSL_RSA*, int padding);
unsigned char* to, WOLFSSL_RSA* rsa,
int padding);
WOLFSSL_API int wolfSSL_RSA_private_decrypt(int len, const unsigned char* fr,
unsigned char* to, WOLFSSL_RSA*, int padding);
unsigned char* to, WOLFSSL_RSA* rsa,
int padding);
WOLFSSL_API int wolfSSL_RSA_private_encrypt(int len, const unsigned char* in,
unsigned char* out, WOLFSSL_RSA* rsa, int padding);
WOLFSSL_API int wolfSSL_RSA_size(const WOLFSSL_RSA*);
WOLFSSL_API int wolfSSL_RSA_bits(const WOLFSSL_RSA*);
WOLFSSL_API int wolfSSL_RSA_size(const WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_bits(const WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_sign(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet,
unsigned int* sigLen, WOLFSSL_RSA*);
unsigned int* sigLen, WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_sign_ex(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet,
unsigned int* sigLen, WOLFSSL_RSA*, int);
unsigned int* sigLen, WOLFSSL_RSA* rsa,
int flag);
WOLFSSL_API int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet,
unsigned int* sigLen, WOLFSSL_RSA*, int, int);
unsigned int* sigLen, WOLFSSL_RSA* rsa, int flag,
int padding);
WOLFSSL_API int wolfSSL_RSA_verify(int type, const unsigned char* m,
unsigned int mLen, const unsigned char* sig,
unsigned int sigLen, WOLFSSL_RSA*);
unsigned int sigLen, WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_verify_ex(int type, const unsigned char* m,
unsigned int mLen, const unsigned char* sig,
unsigned int sigLen, WOLFSSL_RSA* rsa,
int padding);
WOLFSSL_API int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from,
unsigned char* to, WOLFSSL_RSA*, int padding);
WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA*);
WOLFSSL_API int wolfSSL_RSA_LoadDer(WOLFSSL_RSA*, const unsigned char*, int sz);
WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int sz, int opt);
unsigned char* to, WOLFSSL_RSA* rsa, int padding);
WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA* rsa);
WOLFSSL_API int wolfSSL_RSA_LoadDer(WOLFSSL_RSA* rsa,
const unsigned char* derBuf, int derSz);
WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA* rsa,
const unsigned char* derBuf, int derSz, int opt);
WOLFSSL_API WOLFSSL_RSA_METHOD *wolfSSL_RSA_meth_new(const char *name, int flags);
WOLFSSL_API void wolfSSL_RSA_meth_free(WOLFSSL_RSA_METHOD *meth);
@ -174,6 +186,7 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup(
wolfSSL_ex_data_cleanup_routine_t cleanup_routine);
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define WOLFSSL_RSA_LOAD_PRIVATE 1
#define WOLFSSL_RSA_LOAD_PUBLIC 2
#define WOLFSSL_RSA_F4 0x10001L
@ -184,6 +197,7 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup(
#define RSA_generate_key_ex wolfSSL_RSA_generate_key_ex
#define RSA_blinding_on wolfSSL_RSA_blinding_on
#define RSA_check_key wolfSSL_RSA_check_key
#define RSA_public_encrypt wolfSSL_RSA_public_encrypt
#define RSA_private_decrypt wolfSSL_RSA_private_decrypt
#define RSA_private_encrypt wolfSSL_RSA_private_encrypt
@ -224,6 +238,8 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup(
#define RSA_F4 WOLFSSL_RSA_F4
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef __cplusplus
} /* extern "C" */
#endif

View File

@ -1,6 +1,6 @@
/* sha.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -36,7 +36,7 @@
extern "C" {
#endif
#ifndef NO_SHA
typedef struct WOLFSSL_SHA_CTX {
/* big enough to hold wolfcrypt Sha, but check on init */
#if defined(STM32_HASH)
@ -44,27 +44,32 @@ typedef struct WOLFSSL_SHA_CTX {
#else
void* holder[(112 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
#endif
#if defined(WOLFSSL_DEVCRYPTO_HASH) || defined(WOLFSSL_HASH_KEEP)
void* keephash_holder[sizeof(void*) + (2 * sizeof(unsigned int))];
#endif
#ifdef WOLF_CRYPTO_CB
void* cryptocb_holder[(sizeof(int) + sizeof(void*) + 4) / sizeof(void*)];
#endif
} WOLFSSL_SHA_CTX;
WOLFSSL_API int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX*);
WOLFSSL_API int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long);
WOLFSSL_API int wolfSSL_SHA_Final(unsigned char*, WOLFSSL_SHA_CTX*);
WOLFSSL_API int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX*,
const unsigned char *data);
WOLFSSL_API int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX* sha);
WOLFSSL_API int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX* sha, const void* input,
unsigned long sz);
WOLFSSL_API int wolfSSL_SHA_Final(byte* input, WOLFSSL_SHA_CTX* sha);
WOLFSSL_API int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX* sha,
const unsigned char* data);
/* SHA1 points to above, shouldn't use SHA0 ever */
WOLFSSL_API int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX*);
WOLFSSL_API int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long);
WOLFSSL_API int wolfSSL_SHA1_Final(unsigned char*, WOLFSSL_SHA_CTX*);
WOLFSSL_API int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX*,
WOLFSSL_API int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX* sha);
WOLFSSL_API int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX* sha, const void* input,
unsigned long sz);
WOLFSSL_API int wolfSSL_SHA1_Final(byte* output, WOLFSSL_SHA_CTX* sha);
WOLFSSL_API int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX* sha,
const unsigned char *data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum {
SHA_DIGEST_LENGTH = 20
};
typedef WOLFSSL_SHA_CTX SHA_CTX;
#define SHA_Init wolfSSL_SHA_Init
@ -85,6 +90,16 @@ typedef WOLFSSL_SHA_CTX SHA_CTX;
#define SHA1_Final wolfSSL_SHA1_Final
#define SHA1_Transform wolfSSL_SHA1_Transform
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !NO_SHA */
/* adder for HW crypto */
#ifdef STM32_HASH
#define CTX_SHA2_HW_ADDER 34
#else
#define CTX_SHA2_HW_ADDER 0
#endif
#ifdef WOLFSSL_SHA224
/* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha256
@ -92,19 +107,19 @@ typedef WOLFSSL_SHA_CTX SHA_CTX;
* to Sha224, is expected to also be 16 byte aligned addresses. */
typedef struct WOLFSSL_SHA224_CTX {
/* big enough to hold wolfcrypt Sha224, but check on init */
ALIGN16 void* holder[(272 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
ALIGN16 void* holder[(274 + CTX_SHA2_HW_ADDER + WC_ASYNC_DEV_SIZE) /
sizeof(void*)];
} WOLFSSL_SHA224_CTX;
WOLFSSL_API int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX*);
WOLFSSL_API int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA224_Final(unsigned char*, WOLFSSL_SHA224_CTX*);
WOLFSSL_API int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX* sha);
WOLFSSL_API int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX* sha, const void* input,
unsigned long sz);
WOLFSSL_API int wolfSSL_SHA224_Final(byte* output, WOLFSSL_SHA224_CTX* sha);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum {
SHA224_DIGEST_LENGTH = 28
};
typedef WOLFSSL_SHA224_CTX SHA224_CTX;
#define SHA224_Init wolfSSL_SHA224_Init
@ -117,29 +132,30 @@ typedef WOLFSSL_SHA224_CTX SHA224_CTX;
* because of SHA224 enum in FIPS build. */
#define SHA224 wolfSSL_SHA224
#endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
/* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha256
* struct are 16 byte aligned. Any dereference to those elements after casting
* to Sha256, is expected to also be 16 byte aligned addresses. */
typedef struct WOLFSSL_SHA256_CTX {
/* big enough to hold wolfcrypt Sha256, but check on init */
ALIGN16 void* holder[(272 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
ALIGN16 void* holder[(274 + CTX_SHA2_HW_ADDER + WC_ASYNC_DEV_SIZE) /
sizeof(void*)];
} WOLFSSL_SHA256_CTX;
WOLFSSL_API int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX*);
WOLFSSL_API int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA256_Final(unsigned char*, WOLFSSL_SHA256_CTX*);
WOLFSSL_API int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX*,
WOLFSSL_API int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX* sha256);
WOLFSSL_API int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX* sha, const void* input,
unsigned long sz);
WOLFSSL_API int wolfSSL_SHA256_Final(byte* output, WOLFSSL_SHA256_CTX* sha);
WOLFSSL_API int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256,
const unsigned char *data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum {
SHA256_DIGEST_LENGTH = 32
};
typedef WOLFSSL_SHA256_CTX SHA256_CTX;
#define SHA256_Init wolfSSL_SHA256_Init
@ -147,30 +163,40 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX;
#define SHA256_Final wolfSSL_SHA256_Final
#define SHA256_Transform wolfSSL_SHA256_Transform
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA256 is only available in non-fips mode because of SHA256 enum in FIPS
* build. */
/* "SHA256" has some conflicts
* If not FIPS and NO_OLD_SHA_NAMES defined
* If FIPS V3 or higher and NO_OLD_SHA_NAMES defined
* If FIPS V2 and NO_OLD_SHA256_NAMES defined
* If FIPS v1 not allowed
* If HAVE_SELFTEST not allowed
*/
#if !defined(HAVE_SELFTEST) && \
(defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS)) || \
(defined(NO_OLD_SHA_NAMES) && defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 3) || \
(defined(NO_OLD_SHA256_NAMES) && defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2)
#define SHA256 wolfSSL_SHA256
#endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
typedef struct WOLFSSL_SHA384_CTX {
/* big enough to hold wolfCrypt Sha384, but check on init */
void* holder[(268 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
} WOLFSSL_SHA384_CTX;
WOLFSSL_API int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX*);
WOLFSSL_API int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA384_Final(unsigned char*, WOLFSSL_SHA384_CTX*);
WOLFSSL_API int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX* sha);
WOLFSSL_API int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX* sha, const void* input,
unsigned long sz);
WOLFSSL_API int wolfSSL_SHA384_Final(byte* output, WOLFSSL_SHA384_CTX* sha);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum {
SHA384_DIGEST_LENGTH = 48
};
typedef WOLFSSL_SHA384_CTX SHA384_CTX;
#define SHA384_Init wolfSSL_SHA384_Init
@ -181,26 +207,27 @@ typedef WOLFSSL_SHA384_CTX SHA384_CTX;
* build. */
#define SHA384 wolfSSL_SHA384
#endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
typedef struct WOLFSSL_SHA512_CTX {
/* big enough to hold wolfCrypt Sha384, but check on init */
void* holder[(288 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
} WOLFSSL_SHA512_CTX;
WOLFSSL_API int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX*);
WOLFSSL_API int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA512_Final(unsigned char*, WOLFSSL_SHA512_CTX*);
WOLFSSL_API int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX*,
const unsigned char*);
WOLFSSL_API int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA512_Final(byte* output, WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX* sha512,
const unsigned char* data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
enum {
SHA512_DIGEST_LENGTH = 64
};
typedef WOLFSSL_SHA512_CTX SHA512_CTX;
#define SHA512_Init wolfSSL_SHA512_Init
@ -212,6 +239,56 @@ typedef WOLFSSL_SHA512_CTX SHA512_CTX;
* build. */
#define SHA512 wolfSSL_SHA512
#endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if !defined(WOLFSSL_NOSHA512_224)
typedef struct WOLFSSL_SHA512_CTX WOLFSSL_SHA512_224_CTX;
typedef WOLFSSL_SHA512_224_CTX SHA512_224_CTX;
WOLFSSL_API int wolfSSL_SHA512_224_Init(WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_224_Update(WOLFSSL_SHA512_224_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA512_224_Final(byte* output,
WOLFSSL_SHA512_224_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX* sha512,
const unsigned char* data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define SHA512_224_Init wolfSSL_SHA512_224_Init
#define SHA512_224_Update wolfSSL_SHA512_224_Update
#define SHA512_224_Final wolfSSL_SHA512_224_Final
#define SHA512_224_Transform wolfSSL_SHA512_224_Transform
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#define SHA512_224 wolfSSL_SHA512_224
#endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFSSL_NOSHA512_224 */
#if !defined(WOLFSSL_NOSHA512_256)
typedef struct WOLFSSL_SHA512_CTX WOLFSSL_SHA512_256_CTX;
typedef WOLFSSL_SHA512_256_CTX SHA512_256_CTX;
WOLFSSL_API int wolfSSL_SHA512_256_Init(WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_256_Update(WOLFSSL_SHA512_256_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA512_256_Final(byte* output, WOLFSSL_SHA512_256_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512,
const unsigned char* data);
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define SHA512_256_Init wolfSSL_SHA512_256_Init
#define SHA512_256_Update wolfSSL_SHA512_256_Update
#define SHA512_256_Final wolfSSL_SHA512_256_Final
#define SHA512_256_Transform wolfSSL_SHA512_256_Transform
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#define SHA512_256 wolfSSL_SHA512_256
#endif
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFSSL_NOSHA512_256 */
#endif /* WOLFSSL_SHA512 */

View File

@ -1,6 +1,6 @@
/* sha3.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -36,7 +36,6 @@
extern "C" {
#endif
/* Using ALIGN16 because when AES-NI is enabled digest and buffer in Sha3
* struct are 16 byte aligned. Any dereference to those elements after casting
* to Sha3 is expected to also be 16 byte aligned addresses. */
@ -48,10 +47,11 @@ struct WOLFSSL_SHA3_CTX {
#ifndef WOLFSSL_NOSHA3_224
typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_224_CTX;
WOLFSSL_API int wolfSSL_SHA3_224_Init(WOLFSSL_SHA3_224_CTX*);
WOLFSSL_API int wolfSSL_SHA3_224_Update(WOLFSSL_SHA3_224_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA3_224_Final(unsigned char*, WOLFSSL_SHA3_224_CTX*);
WOLFSSL_API int wolfSSL_SHA3_224_Init(WOLFSSL_SHA3_224_CTX* sha);
WOLFSSL_API int wolfSSL_SHA3_224_Update(WOLFSSL_SHA3_224_CTX* sha, const void* input,
unsigned long sz);
WOLFSSL_API int wolfSSL_SHA3_224_Final(unsigned char* output,
WOLFSSL_SHA3_224_CTX* sha);
enum {
SHA3_224_DIGEST_LENGTH = 28
@ -72,10 +72,11 @@ typedef WOLFSSL_SHA3_224_CTX SHA3_224_CTX;
typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_256_CTX;
WOLFSSL_API int wolfSSL_SHA3_256_Init(WOLFSSL_SHA3_256_CTX*);
WOLFSSL_API int wolfSSL_SHA3_256_Update(WOLFSSL_SHA3_256_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA3_256_Final(unsigned char*, WOLFSSL_SHA3_256_CTX*);
WOLFSSL_API int wolfSSL_SHA3_256_Init(WOLFSSL_SHA3_256_CTX* sha);
WOLFSSL_API int wolfSSL_SHA3_256_Update(WOLFSSL_SHA3_256_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA3_256_Final(unsigned char* output,
WOLFSSL_SHA3_256_CTX* sha);
enum {
SHA3_256_DIGEST_LENGTH = 32
@ -95,10 +96,11 @@ typedef WOLFSSL_SHA3_256_CTX SHA3_256_CTX;
typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_384_CTX;
WOLFSSL_API int wolfSSL_SHA3_384_Init(WOLFSSL_SHA3_384_CTX*);
WOLFSSL_API int wolfSSL_SHA3_384_Update(WOLFSSL_SHA3_384_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA3_384_Final(unsigned char*, WOLFSSL_SHA3_384_CTX*);
WOLFSSL_API int wolfSSL_SHA3_384_Init(WOLFSSL_SHA3_384_CTX* sha);
WOLFSSL_API int wolfSSL_SHA3_384_Update(WOLFSSL_SHA3_384_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA3_384_Final(unsigned char* output,
WOLFSSL_SHA3_384_CTX* sha);
enum {
SHA3_384_DIGEST_LENGTH = 48
@ -118,10 +120,11 @@ typedef WOLFSSL_SHA3_384_CTX SHA3_384_CTX;
typedef struct WOLFSSL_SHA3_CTX WOLFSSL_SHA3_512_CTX;
WOLFSSL_API int wolfSSL_SHA3_512_Init(WOLFSSL_SHA3_512_CTX*);
WOLFSSL_API int wolfSSL_SHA3_512_Update(WOLFSSL_SHA3_512_CTX*, const void*,
unsigned long);
WOLFSSL_API int wolfSSL_SHA3_512_Final(unsigned char*, WOLFSSL_SHA3_512_CTX*);
WOLFSSL_API int wolfSSL_SHA3_512_Init(WOLFSSL_SHA3_512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA3_512_Update(WOLFSSL_SHA3_512_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA3_512_Final(unsigned char* output,
WOLFSSL_SHA3_512_CTX* sha);
enum {
SHA3_512_DIGEST_LENGTH = 64

View File

@ -1,6 +1,6 @@
/* srp.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* ssl.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -36,7 +36,9 @@
#endif /* OPENSSL_EXTRA_SSL_GUARD */
#include <libs/libwolfssl/openssl/tls1.h>
#ifndef WOLFCRYPT_ONLY
#include <libs/libwolfssl/openssl/evp.h>
#endif
#include <libs/libwolfssl/openssl/bio.h>
#ifdef OPENSSL_EXTRA
#include <libs/libwolfssl/openssl/crypto.h>
@ -69,9 +71,7 @@
#undef ASN1_INTEGER
#endif
#ifdef OPENSSL_EXTRA
WOLFSSL_API int wolfSSL_OPENSSL_init_ssl(word64 opts, const OPENSSL_INIT_SETTINGS *settings);
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef WOLFSSL SSL;
typedef WOLFSSL_SESSION SSL_SESSION;
@ -111,6 +111,9 @@ typedef WOLFSSL_dynlock_value CRYPTO_dynlock_value;
typedef WOLFSSL_BUF_MEM BUF_MEM;
typedef WOLFSSL_GENERAL_NAMES GENERAL_NAMES;
typedef WOLFSSL_GENERAL_NAME GENERAL_NAME;
typedef WOLFSSL_OBJ_NAME OBJ_NAME;
typedef WOLFSSL_DIST_POINT_NAME DIST_POINT_NAME;
typedef WOLFSSL_DIST_POINT DIST_POINT;
#define X509_L_FILE_LOAD WOLFSSL_X509_L_FILE_LOAD
#define X509_L_ADD_DIR WOLFSSL_X509_L_ADD_DIR
@ -146,7 +149,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new
#define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup
#define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free
#define CRYPTO_EX_DATA WOLFSSL_CRYPTO_EX_DATA
#ifdef HAVE_EX_DATA
#define CRYPTO_EX_DATA WOLFSSL_CRYPTO_EX_DATA
#endif
#define CRYPTO_set_mem_functions wolfSSL_CRYPTO_set_mem_functions
@ -196,6 +201,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_use_certificate wolfSSL_use_certificate
#define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1
#define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio
#define d2i_PKCS8_PRIV_KEY_INFO wolfSSL_d2i_PKCS8_PKEY
#define i2d_PKCS8_PRIV_KEY_INFO wolfSSL_i2d_PrivateKey
#define d2i_PKCS8PrivateKey_bio wolfSSL_d2i_PKCS8PrivateKey_bio
#define i2d_PKCS8PrivateKey_bio wolfSSL_PEM_write_bio_PKCS8PrivateKey
#define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free
@ -205,6 +212,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define i2d_PUBKEY wolfSSL_i2d_PUBKEY
#define d2i_PUBKEY wolfSSL_d2i_PUBKEY
#define d2i_PUBKEY_bio wolfSSL_d2i_PUBKEY_bio
#define d2i_PublicKey wolfSSL_d2i_PublicKey
#define d2i_PrivateKey wolfSSL_d2i_PrivateKey
#define d2i_AutoPrivateKey wolfSSL_d2i_AutoPrivateKey
#define SSL_use_PrivateKey wolfSSL_use_PrivateKey
@ -235,7 +243,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define TLSv1_3_client_method wolfTLSv1_3_client_method
#define TLS_method wolfSSLv23_method
#define X509_FILETYPE_ASN1 SSL_FILETYPE_ASN1
#define X509_FILETYPE_PEM WOLFSSL_FILETYPE_PEM
#define X509_FILETYPE_ASN1 WOLFSSL_FILETYPE_ASN1
#define X509_FILETYPE_DEFAULT WOLFSSL_FILETYPE_DEFAULT
#define X509_F_X509_CHECK_PRIVATE_KEY 128
@ -258,6 +268,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#else
#define SSL_CTX_load_verify_locations wolfSSL_CTX_load_verify_locations
#endif
#define SSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths
#define SSL_CTX_use_certificate_chain_file wolfSSL_CTX_use_certificate_chain_file
#define SSL_CTX_use_RSAPrivateKey_file wolfSSL_CTX_use_RSAPrivateKey_file
@ -277,6 +288,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_connect wolfSSL_connect
#define SSL_clear wolfSSL_clear
#define SSL_state wolfSSL_state
#define SSL_read_early_data(ssl, d, dLen, len) wolfSSL_read_early_data(ssl, d, (int)(dLen), (int *)(len))
#define SSL_write_early_data(ssl, d, dLen, len) wolfSSL_write_early_data(ssl, d, (int)(dLen), (int *)(len))
#define SSL_write wolfSSL_write
#define SSL_read wolfSSL_read
@ -285,7 +298,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_CTX_free wolfSSL_CTX_free
#define SSL_free wolfSSL_free
#define SSL_shutdown wolfSSL_shutdown
#define SSL_set_timeout wolfSSL_set_timeout
#define SSL_set_timeout wolfSSL_SSL_SESSION_set_timeout
#define SSL_CTX_set_quiet_shutdown wolfSSL_CTX_set_quiet_shutdown
#define SSL_set_quiet_shutdown wolfSSL_set_quiet_shutdown
@ -294,17 +307,19 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_get_session(x) wolfSSL_get_session((WOLFSSL*) (x))
#define SSL_SESSION_get0_peer wolfSSL_SESSION_get0_peer
#define SSL_flush_sessions wolfSSL_flush_sessions
/* assume unlimited temporarily */
#define SSL_CTX_get_session_cache_mode(ctx) 0
#define SSL_CTX_get_session_cache_mode(ctx) \
wolfSSL_CTX_get_session_cache_mode((ctx))
#define SSL_CTX_set_verify wolfSSL_CTX_set_verify
#define SSL_CTX_set_cert_verify_callback wolfSSL_CTX_set_cert_verify_callback
#define SSL_CTX_set_cert_cb wolfSSL_CTX_set_cert_cb
#define SSL_set_verify wolfSSL_set_verify
#define SSL_set_verify_result wolfSSL_set_verify_result
#define SSL_verify_client_post_handshake wolfSSL_verify_client_post_handshake
#define SSL_set_post_handshake_auth wolfSSL_set_post_handshake_auth
#define SSL_CTX_set_post_handshake_auth wolfSSL_CTX_set_post_handshake_auth
#define SSL_pending wolfSSL_pending
#define SSL_pending(x) wolfSSL_pending((WOLFSSL*)(x))
#define SSL_has_pending wolfSSL_has_pending
#define SSL_load_error_strings wolfSSL_load_error_strings
#define SSL_library_init wolfSSL_library_init
#define OPENSSL_cleanup (void)wolfSSL_Cleanup
@ -317,7 +332,6 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
/* wolfSSL does not support security levels */
#define SSL_CTX_set_security_level wolfSSL_CTX_set_security_level
#define SSL_CTX_get_security_level wolfSSL_CTX_get_security_level
/* wolfSSL does not support exporting keying material */
#define SSL_export_keying_material wolfSSL_export_keying_material
#define SSL_CTX_set1_sigalgs_list wolfSSL_CTX_set1_sigalgs_list
@ -340,6 +354,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_set_session_id_context wolfSSL_set_session_id_context
#define SSL_set_connect_state wolfSSL_set_connect_state
#define SSL_set_accept_state wolfSSL_set_accept_state
#define SSL_SESSION_new wolfSSL_SESSION_new
#define SSL_session_reused wolfSSL_session_reused
#define SSL_SESSION_up_ref wolfSSL_SESSION_up_ref
#define SSL_SESSION_dup wolfSSL_SESSION_dup
@ -358,6 +373,11 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_CIPHER_get_id wolfSSL_CIPHER_get_id
#define SSL_CIPHER_get_rfc_name wolfSSL_CIPHER_get_name
#define SSL_CIPHER_standard_name wolfSSL_CIPHER_get_name
#define SSL_CIPHER_get_auth_nid wolfSSL_CIPHER_get_auth_nid
#define SSL_CIPHER_get_cipher_nid wolfSSL_CIPHER_get_cipher_nid
#define SSL_CIPHER_get_digest_nid wolfSSL_CIPHER_get_digest_nid
#define SSL_CIPHER_get_kx_nid wolfSSL_CIPHER_get_kx_nid
#define SSL_CIPHER_is_aead wolfSSL_CIPHER_is_aead
#define SSL_get_cipher_by_value wolfSSL_get_cipher_by_value
#define SSL_get1_session wolfSSL_get1_session
@ -366,6 +386,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_get_keys wolfSSL_get_keys
#define SSL_SESSION_get_master_key wolfSSL_SESSION_get_master_key
#define SSL_SESSION_get_master_key_length wolfSSL_SESSION_get_master_key_length
#define SSL_SESSION_get_max_early_data wolfSSL_SESSION_get_max_early_data
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
#define SSL_MODE_RELEASE_BUFFERS 0x00000010U
@ -378,7 +399,6 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data
#define X509_EXTENSION_new wolfSSL_X509_EXTENSION_new
#define X509_EXTENSION_free wolfSSL_X509_EXTENSION_free
#define X509_gmtime_adj wolfSSL_X509_gmtime_adj
#endif
#define DSA_dup_DH wolfSSL_DSA_dup_DH
@ -397,14 +417,16 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define d2i_X509 wolfSSL_d2i_X509
#define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509
#define PEM_read_bio_X509_REQ wolfSSL_PEM_read_bio_X509_REQ
#define PEM_read_X509_REQ wolfSSL_PEM_read_X509_REQ
#define PEM_read_bio_X509_CRL wolfSSL_PEM_read_bio_X509_CRL
#define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX
#define PEM_read_X509 wolfSSL_PEM_read_X509
#define PEM_X509_INFO_read_bio wolfSSL_PEM_X509_INFO_read_bio
#define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509
#define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX
#define PEM_X509_INFO_read_bio wolfSSL_PEM_X509_INFO_read_bio
#define PEM_X509_INFO_read wolfSSL_PEM_X509_INFO_read
#define i2d_PrivateKey wolfSSL_i2d_PrivateKey
#define i2d_PublicKey wolfSSL_i2d_PublicKey
#define i2d_X509_REQ wolfSSL_i2d_X509_REQ
#define d2i_X509_REQ wolfSSL_d2i_X509_REQ
@ -429,6 +451,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_load_certificate_file wolfSSL_X509_load_certificate_file
#define X509_digest wolfSSL_X509_digest
#define X509_pubkey_digest wolfSSL_X509_pubkey_digest
#define X509_get_extension_flags wolfSSL_X509_get_extension_flags
#define X509_get_key_usage wolfSSL_X509_get_key_usage
#define X509_get_extended_key_usage wolfSSL_X509_get_extended_key_usage
#define X509_get_ext_count wolfSSL_X509_get_ext_count
#define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i
#define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d
@ -440,7 +465,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_get_issuer_name wolfSSL_X509_get_issuer_name
#define X509_issuer_name_hash wolfSSL_X509_issuer_name_hash
#define X509_subject_name_hash wolfSSL_X509_subject_name_hash
#define X509_get_subject_name wolfSSL_X509_get_subject_name
#define X509_get_subject_name(x) wolfSSL_X509_get_subject_name((WOLFSSL_X509*)(x))
#define X509_REQ_get_subject_name wolfSSL_X509_get_subject_name
#define X509_get_pubkey wolfSSL_X509_get_pubkey
#define X509_get0_pubkey wolfSSL_X509_get_pubkey
@ -473,6 +498,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_REQ_print wolfSSL_X509_print
#define X509_print_ex wolfSSL_X509_print_ex
#define X509_print_fp wolfSSL_X509_print_fp
#define X509_CRL_print wolfSSL_X509_CRL_print
#define X509_REQ_print_fp wolfSSL_X509_print_fp
#define X509_signature_print wolfSSL_X509_signature_print
#define X509_get0_signature wolfSSL_X509_get0_signature
@ -494,9 +520,10 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object
#define X509_EXTENSION_get_data wolfSSL_X509_EXTENSION_get_data
#define X509_EXTENSION_dup wolfSSL_X509_EXTENSION_dup
#define sk_X509_new wolfSSL_sk_X509_new
#define sk_X509_new_null wolfSSL_sk_X509_new
#define sk_X509_new_null wolfSSL_sk_X509_new_null
#define sk_X509_num wolfSSL_sk_X509_num
#define sk_X509_value wolfSSL_sk_X509_value
#define sk_X509_shift wolfSSL_sk_X509_shift
@ -507,8 +534,16 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define sk_X509_free wolfSSL_sk_X509_free
#define X509_chain_up_ref wolfSSL_X509_chain_up_ref
#define sk_X509_CRL_new wolfSSL_sk_X509_CRL_new
#define sk_X509_CRL_pop_free wolfSSL_sk_X509_CRL_pop_free
#define sk_X509_CRL_free wolfSSL_sk_X509_CRL_free
#define sk_X509_CRL_push wolfSSL_sk_X509_CRL_push
#define sk_X509_CRL_value wolfSSL_sk_X509_CRL_value
#define sk_X509_CRL_num wolfSSL_sk_X509_CRL_num
#define sk_X509_OBJECT_new wolfSSL_sk_X509_OBJECT_new
#define sk_X509_OBJECT_free wolfSSL_sk_X509_OBJECT_free
#define sk_X509_OBJECT_pop_free wolfSSL_sk_X509_OBJECT_pop_free
#define sk_X509_EXTENSION_num wolfSSL_sk_X509_EXTENSION_num
#define sk_X509_EXTENSION_value wolfSSL_sk_X509_EXTENSION_value
@ -533,6 +568,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_NAME_new wolfSSL_X509_NAME_new
#define X509_NAME_free wolfSSL_X509_NAME_free
#define X509_NAME_dup wolfSSL_X509_NAME_dup
#define X509_NAME_get_sz wolfSSL_X509_NAME_get_sz
#define X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID
#define X509_NAME_get_index_by_OBJ wolfSSL_X509_NAME_get_index_by_OBJ
#define X509_NAME_cmp wolfSSL_X509_NAME_cmp
@ -554,6 +590,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define X509_cmp_time wolfSSL_X509_cmp_time
#define X509_time_adj wolfSSL_X509_time_adj
#define X509_time_adj_ex wolfSSL_X509_time_adj_ex
#define X509_gmtime_adj wolfSSL_X509_gmtime_adj
#define sk_ACCESS_DESCRIPTION_num wolfSSL_sk_ACCESS_DESCRIPTION_num
#define sk_ACCESS_DESCRIPTION_value wolfSSL_sk_ACCESS_DESCRIPTION_value
@ -572,17 +609,25 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define X509_NAME_entry_count wolfSSL_X509_NAME_entry_count
#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object
#define X509_NAME_get_entry wolfSSL_X509_NAME_get_entry
#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object
#define X509_NAME_ENTRY_get_data wolfSSL_X509_NAME_ENTRY_get_data
#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object
#define sk_X509_NAME_ENTRY_new wolfSSL_sk_X509_NAME_ENTRY_new
#define sk_X509_NAME_ENTRY_push wolfSSL_sk_X509_NAME_ENTRY_push
#define sk_X509_NAME_ENTRY_num wolfSSL_sk_X509_NAME_ENTRY_num
#define sk_X509_NAME_ENTRY_value wolfSSL_sk_X509_NAME_ENTRY_value
#define sk_X509_NAME_ENTRY_free wolfSSL_sk_X509_NAME_ENTRY_free
#define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK
#define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL
#define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME
#define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME
#define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS
#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT WOLFSSL_ALWAYS_CHECK_SUBJECT
#define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS
#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS WOLFSSL_NO_PARTIAL_WILDCARDS
#define X509_VP_FLAG_DEFAULT WOLFSSL_VPARAM_DEFAULT
#define X509_VP_FLAG_OVERWRITE WOLFSSL_VPARAM_OVERWRITE
@ -638,8 +683,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define X509_VERIFY_PARAM_get_flags wolfSSL_X509_VERIFY_PARAM_get_flags
#define X509_VERIFY_PARAM_clear_flags wolfSSL_X509_VERIFY_PARAM_clear_flags
#define X509_VERIFY_PARAM_set_hostflags wolfSSL_X509_VERIFY_PARAM_set_hostflags
#define SSL_set1_host wolfSSL_set1_host
#define X509_VERIFY_PARAM_set1_host wolfSSL_X509_VERIFY_PARAM_set1_host
#define X509_VERIFY_PARAM_set1_ip_asc wolfSSL_X509_VERIFY_PARAM_set1_ip_asc
#define X509_VERIFY_PARAM_set1_ip wolfSSL_X509_VERIFY_PARAM_set1_ip
#define X509_VERIFY_PARAM_set1 wolfSSL_X509_VERIFY_PARAM_set1
#define X509_STORE_load_locations wolfSSL_X509_STORE_load_locations
@ -655,9 +702,14 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define X509_CRL_free wolfSSL_X509_CRL_free
#define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
#define X509_CRL_get0_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
#define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
#define X509_CRL_get0_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
#define X509_CRL_verify wolfSSL_X509_CRL_verify
#define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED
#define X509_CRL_get_issuer wolfSSL_X509_CRL_get_issuer_name
#define X509_CRL_get_signature_nid wolfSSL_X509_CRL_get_signature_nid
#define X509_CRL_get_version wolfSSL_X509_CRL_version
#define X509_load_crl_file wolfSSL_X509_load_crl_file
#define X509_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY
@ -682,6 +734,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define X509_OBJECT_get0_X509 wolfSSL_X509_OBJECT_get0_X509
#define X509_OBJECT_get0_X509_CRL wolfSSL_X509_OBJECT_get0_X509_CRL
#define X509_REVOKED_get0_serialNumber wolfSSL_X509_REVOKED_get0_serial_number
#define X509_REVOKED_get0_revocationDate wolfSSL_X509_REVOKED_get0_revocation_date
#define X509_check_purpose(...) 0
#define OCSP_parse_url wolfSSL_OCSP_parse_url
@ -713,11 +768,18 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define BIO_f_ssl wolfSSL_BIO_f_ssl
#define BIO_new_socket wolfSSL_BIO_new_socket
#define BIO_new_connect wolfSSL_BIO_new_connect
#define BIO_new_accept wolfSSL_BIO_new_accept
#define BIO_set_conn_port wolfSSL_BIO_set_conn_port
#define BIO_do_connect wolfSSL_BIO_do_connect
#define BIO_do_accept wolfSSL_BIO_do_accept
#define BIO_do_handshake wolfSSL_BIO_do_handshake
#define BIO_ssl_shutdown wolfSSL_BIO_ssl_shutdown
#define SSL_set_bio wolfSSL_set_bio
#define BIO_method_type wolfSSL_BIO_method_type
#define BIO_set_ssl wolfSSL_BIO_set_ssl
#define BIO_get_ssl wolfSSL_BIO_get_ssl
#define BIO_new_ssl_connect wolfSSL_BIO_new_ssl_connect
#define BIO_set_conn_hostname wolfSSL_BIO_set_conn_hostname
#define BIO_eof wolfSSL_BIO_eof
#define BIO_set_ss wolfSSL_BIO_set_ss
@ -768,6 +830,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_TIME_set wolfSSL_ASN1_TIME_set
#define ASN1_TIME_set_string wolfSSL_ASN1_TIME_set_string
#define ASN1_TIME_to_string wolfSSL_ASN1_TIME_to_string
#define ASN1_TIME_to_tm wolfSSL_ASN1_TIME_to_tm
#define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print
#define ASN1_GENERALIZEDTIME_free wolfSSL_ASN1_GENERALIZEDTIME_free
@ -782,13 +845,17 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_INTEGER_get wolfSSL_ASN1_INTEGER_get
#define ASN1_INTEGER_set wolfSSL_ASN1_INTEGER_set
#define ASN1_INTEGER_to_BN wolfSSL_ASN1_INTEGER_to_BN
#define d2i_ASN1_INTEGER wolfSSL_d2i_ASN1_INTEGER
#define i2d_ASN1_INTEGER wolfSSL_i2d_ASN1_INTEGER
#define i2a_ASN1_OBJECT wolfSSL_i2a_ASN1_OBJECT
#define i2d_ASN1_OBJECT wolfSSL_i2d_ASN1_OBJECT
#define ASN1_STRING_new wolfSSL_ASN1_STRING_new
#define ASN1_OCTET_STRING_new wolfSSL_ASN1_STRING_new
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
#define ASN1_STRING_cmp wolfSSL_ASN1_STRING_cmp
#define ASN1_OCTET_STRING_cmp wolfSSL_ASN1_STRING_cmp
#define ASN1_STRING_data wolfSSL_ASN1_STRING_data
#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_get0_data
#define ASN1_STRING_length wolfSSL_ASN1_STRING_length
@ -801,7 +868,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_STRING_set_default_mask_asc(...) 1
#endif
#define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING
#define ASN1_OCTET_STRING_new wolfSSL_ASN1_STRING_new
#define ASN1_OCTET_STRING_free wolfSSL_ASN1_STRING_free
#define ASN1_OCTET_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_PRINTABLE_type(...) V_ASN1_PRINTABLESTRING
@ -809,7 +879,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_IA5STRING WOLFSSL_ASN1_STRING
#define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING
#define ASN1_BOOLEAN WOLFSSL_ASN1_BOOLEAN
#define SSL_load_client_CA_file wolfSSL_load_client_CA_file
@ -818,8 +887,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_client_CA_list wolfSSL_CTX_set_client_CA_list
#define SSL_CTX_set_client_cert_cb wolfSSL_CTX_set_client_cert_cb
#define SSL_CTX_set_cert_store wolfSSL_CTX_set_cert_store
#define SSL_set0_verify_cert_store wolfSSL_set0_verify_cert_store
#define SSL_set1_verify_cert_store wolfSSL_set1_verify_cert_store
#define SSL_CTX_get_cert_store(x) wolfSSL_CTX_get_cert_store ((WOLFSSL_CTX*) (x))
#define SSL_get_client_CA_list wolfSSL_get_client_CA_list
#define SSL_set_client_CA_list wolfSSL_set_client_CA_list
#define SSL_get_ex_data_X509_STORE_CTX_idx wolfSSL_get_ex_data_X509_STORE_CTX_idx
#define SSL_get_ex_data wolfSSL_get_ex_data
@ -827,7 +899,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb
#define SSL_CTX_set_timeout(ctx, to) \
wolfSSL_CTX_set_timeout(ctx, (unsigned int) to)
wolfSSL_CTX_set_timeout(ctx, (unsigned int)(to))
#define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback
#define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos
@ -843,6 +915,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define RSA_generate_key wolfSSL_RSA_generate_key
#define SSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback
#define RSA_print wolfSSL_RSA_print
#define RSA_print_fp wolfSSL_RSA_print_fp
#define RSA_bits wolfSSL_RSA_bits
#define RSA_up_ref wolfSSL_RSA_up_ref
#define RSA_padding_add_PKCS1_PSS wolfSSL_RSA_padding_add_PKCS1_PSS
@ -948,11 +1021,16 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_check_private_key wolfSSL_check_private_key
#define SSL_CTX_set_mode wolfSSL_CTX_set_mode
#define SSL_CTX_clear_mode wolfSSL_CTX_clear_mode
#define SSL_CTX_get_mode wolfSSL_CTX_get_mode
#define SSL_CTX_set_default_read_ahead wolfSSL_CTX_set_default_read_ahead
#define SSL_CTX_sess_set_cache_size wolfSSL_CTX_sess_set_cache_size
#define SSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths
#define X509_get_default_cert_file_env wolfSSL_X509_get_default_cert_file_env
#define X509_get_default_cert_file wolfSSL_X509_get_default_cert_file
#define X509_get_default_cert_dir_env wolfSSL_X509_get_default_cert_dir_env
#define X509_get_default_cert_dir wolfSSL_X509_get_default_cert_dir
#define SSL_CTX_set_session_id_context wolfSSL_CTX_set_session_id_context
#define SSL_get_peer_certificate wolfSSL_get_peer_certificate
@ -988,6 +1066,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define i2d_SSL_SESSION wolfSSL_i2d_SSL_SESSION
#define d2i_SSL_SESSION wolfSSL_d2i_SSL_SESSION
#define SSL_SESSION_has_ticket wolfSSL_SESSION_has_ticket
#define SSL_SESSION_get_ticket_lifetime_hint \
wolfSSL_SESSION_get_ticket_lifetime_hint
#define SSL_SESSION_set_timeout wolfSSL_SSL_SESSION_set_timeout
#define SSL_SESSION_get_timeout wolfSSL_SESSION_get_timeout
#define SSL_SESSION_get_time wolfSSL_SESSION_get_time
@ -1019,12 +1100,24 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define DTLSv1_handle_timeout wolfSSL_DTLSv1_handle_timeout
#define DTLSv1_set_initial_timeout_duration wolfSSL_DTLSv1_set_initial_timeout_duration
/* DTLS SRTP */
#ifdef WOLFSSL_SRTP
typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#endif
#define SSL_CTX_set_tlsext_use_srtp wolfSSL_CTX_set_tlsext_use_srtp
#define SSL_set_tlsext_use_srtp wolfSSL_set_tlsext_use_srtp
#define SSL_get_selected_srtp_profile wolfSSL_get_selected_srtp_profile
#define SSL_get_srtp_profiles wolfSSL_get_srtp_profiles
#ifndef NO_WOLFSSL_STUB
#define SSL_CTX_set_current_time_cb(ssl, cb) ({ (void)ssl; (void)cb; })
#define SSL_CTX_set_current_time_cb(ssl, cb) ({ (void)(ssl); (void)(cb); })
#endif
#define SSL_CTX_use_certificate wolfSSL_CTX_use_certificate
#define SSL_CTX_add0_chain_cert wolfSSL_CTX_add0_chain_cert
#define SSL_CTX_add1_chain_cert wolfSSL_CTX_add1_chain_cert
#define SSL_add0_chain_cert wolfSSL_add0_chain_cert
#define SSL_add1_chain_cert wolfSSL_add1_chain_cert
#define SSL_CTX_use_PrivateKey wolfSSL_CTX_use_PrivateKey
#define BIO_read_filename wolfSSL_BIO_read_filename
#define SSL_CTX_set_verify_depth wolfSSL_CTX_set_verify_depth
@ -1039,6 +1132,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define DHparams_dup wolfSSL_DH_dup
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
#define PEM_read_DHparams wolfSSL_PEM_read_DHparams
#define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)
@ -1062,7 +1156,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#include <libs/libwolfssl/openssl/pem.h>
#define SSL_CTRL_CHAIN 88
#define ERR_LIB_SSL 20
#define SSL_R_SHORT_READ 10
#define ERR_R_PEM_LIB 9
#define SSL_CTRL_MODE 33
@ -1090,6 +1183,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define TLSEXT_STATUSTYPE_ocsp 1
#define TLSEXT_max_fragment_length_512 WOLFSSL_MFL_2_9
#define TLSEXT_max_fragment_length_1024 WOLFSSL_MFL_2_10
#define TLSEXT_max_fragment_length_2048 WOLFSSL_MFL_2_11
#define TLSEXT_max_fragment_length_4096 WOLFSSL_MFL_2_12
#define SSL_set_options wolfSSL_set_options
#define SSL_get_options wolfSSL_get_options
#define SSL_clear_options wolfSSL_clear_options
@ -1102,6 +1200,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_renegotiate_pending wolfSSL_SSL_renegotiate_pending
#define SSL_set_tlsext_debug_arg wolfSSL_set_tlsext_debug_arg
#define SSL_set_tlsext_status_type wolfSSL_set_tlsext_status_type
#define SSL_get_tlsext_status_type wolfSSL_get_tlsext_status_type
#define SSL_set_tlsext_status_exts wolfSSL_set_tlsext_status_exts
#define SSL_get_tlsext_status_ids wolfSSL_get_tlsext_status_ids
#define SSL_set_tlsext_status_ids wolfSSL_set_tlsext_status_ids
@ -1109,13 +1208,18 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_set_tlsext_status_ocsp_res wolfSSL_set_tlsext_status_ocsp_resp
#define SSL_set_tlsext_status_ocsp_resp wolfSSL_set_tlsext_status_ocsp_resp
#define SSL_get_tlsext_status_ocsp_resp wolfSSL_get_tlsext_status_ocsp_resp
#define SSL_set_tlsext_max_fragment_length wolfSSL_set_tlsext_max_fragment_length
#define SSL_CTX_add_extra_chain_cert wolfSSL_CTX_add_extra_chain_cert
#define SSL_get_read_ahead wolfSSL_get_read_ahead
#define SSL_set_read_ahead wolfSSL_set_read_ahead
#define SSL_CTX_get_read_ahead wolfSSL_CTX_get_read_ahead
#define SSL_CTX_set_read_ahead wolfSSL_CTX_set_read_ahead
#define SSL_CTX_set_tlsext_status_arg wolfSSL_CTX_set_tlsext_status_arg
#define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg \
wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg
#define SSL_CTX_set_tlsext_max_fragment_length \
wolfSSL_CTX_set_tlsext_max_fragment_length
#define SSL_get_server_random wolfSSL_get_server_random
#define SSL_get_server_tmp_key wolfSSL_get_server_tmp_key
@ -1124,6 +1228,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_set_min_proto_version wolfSSL_set_min_proto_version
#define SSL_set_max_proto_version wolfSSL_set_max_proto_version
#define SSL_CTX_get_min_proto_version wolfSSL_CTX_get_min_proto_version
#define SSL_CTX_get_max_proto_version wolfSSL_CTX_get_max_proto_version
#define SSL_get_tlsext_status_exts wolfSSL_get_tlsext_status_exts
@ -1131,6 +1236,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_tlsext_ticket_keys wolfSSL_CTX_set_tlsext_ticket_keys
#define SSL_CTX_get_tlsext_status_cb wolfSSL_CTX_get_tlsext_status_cb
#define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb
#define SSL_CTX_set_num_tickets wolfSSL_CTX_set_num_tickets
#define SSL_CTX_get_num_tickets wolfSSL_CTX_get_num_tickets
#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
@ -1139,6 +1246,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTRL_SET_SESS_CACHE_MODE 44
#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE 651
#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
@ -1150,6 +1258,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTRL_GET_SERVER_TMP_KEY SSL_CTRL_GET_PEER_TMP_KEY
#define SSL_CTRL_SET_MIN_PROTO_VERSION 123
#define SSL_CTRL_SET_MAX_PROTO_VERSION 124
#define SSL_CTRL_GET_MIN_PROTO_VERSION 125
#define SSL_CTRL_GET_MAX_PROTO_VERSION 126
#define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS
#define SSL_CTRL_EXTRA_CHAIN_CERT 14
@ -1171,35 +1281,33 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL3_RANDOM_SIZE 32 /* same as RAN_LEN in internal.h */
#define SSL2_VERSION 0x0002
#define SSL3_VERSION 0x0300
#define TLS1_VERSION 0x0301
#define TLS1_1_VERSION 0x0302
#define TLS1_2_VERSION 0x0303
#define TLS1_3_VERSION 0x0304
#define DTLS1_VERSION 0xFEFF
#define DTLS1_2_VERSION 0xFEFD
/* Used as message callback types */
#define SSL3_RT_CHANGE_CIPHER_SPEC 20
#define SSL3_RT_ALERT 21
#define SSL3_RT_HANDSHAKE 22
#define SSL3_RT_APPLICATION_DATA 23
#define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L
#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L
#define CRYPTO_EX_INDEX_SSL 0
#define TLS_ANY_VERSION 0x10000
#define DTLS1_2_VERSION 0xFEFD
#define DTLS_MAX_VERSION DTLS1_2_VERSION
/* apache and lighty use SSL_CONF_FLAG_FILE to enable conf support */
#if !defined(WOLFSSL_APACHE_HTTPD) && !defined(HAVE_LIGHTY)
#define SSL_CONF_FLAG_CMDLINE WOLFSSL_CONF_FLAG_CMDLINE
#define SSL_CONF_FLAG_FILE WOLFSSL_CONF_FLAG_FILE
#define SSL_CONF_FLAG_CERTIFICATE WOLFSSL_CONF_FLAG_CERTIFICATE
#define SSL_CONF_FLAG_SERVER WOLFSSL_CONF_FLAG_SERVER
#define SSL_CONF_FLAG_CLIENT WOLFSSL_CONF_FLAG_CLIENT
#define SSL_CONF_FLAG_SHOW_ERRORS WOLFSSL_CONF_FLAG_SHOW_ERRORS
#define SSL_CONF_TYPE_UNKNOWN WOLFSSL_CONF_TYPE_UNKNOWN
#define SSL_CONF_TYPE_STRING WOLFSSL_CONF_TYPE_STRING
#define SSL_CONF_TYPE_FILE WOLFSSL_CONF_TYPE_FILE
#endif
#define SSL_CONF_TYPE_DIR WOLFSSL_CONF_TYPE_DIR
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \
|| defined(OPENSSL_ALL)
#include <libs/libwolfssl/openssl/asn1.h>
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
#define SSL23_ST_SR_CLNT_HELLO_A (0x210|0x2000)
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|0x2000)
@ -1209,6 +1317,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_AD_UNRECOGNIZED_NAME unrecognized_name
#define SSL_AD_NO_RENEGOTIATION no_renegotiation
#define SSL_AD_INTERNAL_ERROR 80
#define SSL_AD_NO_APPLICATION_PROTOCOL no_application_protocol
#define SSL_AD_MISSING_EXTENSION missing_extension
#define ASN1_STRFLGS_ESC_MSB 4
@ -1228,8 +1338,21 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define GENERAL_NAME_new wolfSSL_GENERAL_NAME_new
#define GENERAL_NAME_free wolfSSL_GENERAL_NAME_free
#define GENERAL_NAME_dup wolfSSL_GENERAL_NAME_dup
#define GENERAL_NAME_print wolfSSL_GENERAL_NAME_print
#define sk_GENERAL_NAME_push wolfSSL_sk_GENERAL_NAME_push
#define sk_GENERAL_NAME_value wolfSSL_sk_GENERAL_NAME_value
#define DIST_POINT_new wolfSSL_DIST_POINT_new
#define DIST_POINT_free wolfSSL_DIST_POINT_free
#define DIST_POINTS_free wolfSSL_DIST_POINTS_free
#define CRL_DIST_POINTS_free(cdp) wolfSSL_sk_DIST_POINT_pop_free((cdp), NULL)
#define sk_DIST_POINT_push wolfSSL_sk_DIST_POINT_push
#define sk_DIST_POINT_value wolfSSL_sk_DIST_POINT_value
#define sk_DIST_POINT_num wolfSSL_sk_DIST_POINT_num
#define sk_DIST_POINT_pop_free wolfSSL_sk_DIST_POINT_pop_free
#define sk_DIST_POINT_free wolfSSL_sk_DIST_POINT_free
#define SSL_SESSION_get_ex_data wolfSSL_SESSION_get_ex_data
#define SSL_SESSION_set_ex_data wolfSSL_SESSION_set_ex_data
#define SSL_SESSION_get_ex_new_index wolfSSL_SESSION_get_ex_new_index
@ -1242,10 +1365,35 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define GENERAL_NAMES_free wolfSSL_GENERAL_NAMES_free
#define AUTHORITY_INFO_ACCESS_free wolfSSL_AUTHORITY_INFO_ACCESS_free
#define AUTHORITY_INFO_ACCESS_pop_free wolfSSL_AUTHORITY_INFO_ACCESS_pop_free
#define sk_ACCESS_DESCRIPTION_pop_free wolfSSL_sk_ACCESS_DESCRIPTION_pop_free
#define sk_ACCESS_DESCRIPTION_free wolfSSL_sk_ACCESS_DESCRIPTION_free
#define ACCESS_DESCRIPTION_free wolfSSL_ACCESS_DESCRIPTION_free
/* Alert types, matched to AlertDescription enum in wolfssl/ssl.h */
#define SSL_AD_CLOSE_NOTIFY close_notify
#define SSL_AD_UNEXPECTED_MESSAGE unexpected_message
#define SSL_AD_BAD_RECORD_MAC bad_record_mac
#define SSL_AD_RECORD_OVERFLOW record_overflow
#define SSL_AD_DECOMPRESSION_FAILURE decompression_failure
#define SSL_AD_HANDSHAKE_FAILURE handshake_failure
#define SSL_AD_UNSUPPORTED_CERTIFICATE unsupported_certificate
#define SSL_AD_CERTIFICATE_REVOKED certificate_revoked
#define SSL_AD_CERTIFICATE_EXPIRED certificate_expired
#define SSL_AD_CERTIFICATE_UNKNOWN certificate_unknown
#define SSL_AD_ILLEGAL_PARAMETER illegal_parameter
#define SSL_AD_UNKNOWN_CA unknown_ca
#define SSL_AD_ACCESS_DENIED access_denied
#define SSL_AD_DECODE_ERROR decode_error
#define SSL_AD_DECRYPT_ERROR decrypt_error
#ifdef WOLFSSL_MYSQL_COMPATIBLE
#define SSL_AD_PROTOCOL_VERSION wc_protocol_version
#else
#define SSL_AD_PROTOCOL_VERSION protocol_version
#endif
#define SSL_AD_INSUFFICIENT_SECURITY insufficient_security
#define SSL_AD_USER_CANCELLED user_canceled
#define SSL3_AL_FATAL 2
#define SSL_TLSEXT_ERR_OK 0
#define SSL_TLSEXT_ERR_ALERT_WARNING warning_return
@ -1266,6 +1414,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_add_server_custom_ext(...) 0
#define SSL_get0_verified_chain wolfSSL_get0_verified_chain
#define X509_chain_up_ref wolfSSL_X509_chain_up_ref
#endif /* HAVE_STUNNEL || WOLFSSL_NGINX */
#ifndef NO_WOLFSSL_STUB
@ -1283,12 +1434,13 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_clear_extra_chain_certs wolfSSL_CTX_clear_extra_chain_certs
#define SSL_certs_clear wolfSSL_certs_clear
/* Nginx uses this to determine if reached end of certs in file.
* PEM_read_bio_X509 is called and the return error is lost.
* The error that needs to be detected is: SSL_NO_PEM_HEADER.
*/
#define ERR_GET_FUNC(l) (int)((((unsigned long)l) >> 12L) & 0xfffL)
#define ERR_GET_FUNC(l) (int)((((unsigned long)(l)) >> 12L) & 0xfffL)
#define PEM_F_PEM_DEF_CALLBACK 100
@ -1297,15 +1449,24 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define PEM_R_PROBLEMS_GETTING_PASSWORD (-MIN_CODE_E + 2)
#define PEM_R_BAD_PASSWORD_READ (-MIN_CODE_E + 3)
#define PEM_R_BAD_DECRYPT (-MIN_CODE_E + 4)
#define ASN1_R_HEADER_TOO_LONG (-MIN_CODE_E + 5)
#define ERR_LIB_RSA 4
#define ERR_LIB_EC 16
#define ERR_LIB_SSL 20
#define ERR_LIB_PKCS12 35
#define ERR_LIB_PEM 9
#define ERR_LIB_X509 10
#define ERR_LIB_EVP 11
#define ERR_LIB_ASN1 12
#define ERR_LIB_DIGEST 13
#define ERR_LIB_CIPHER 14
#define ERR_LIB_USER 15
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_ALL) || \
defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL)
defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) || \
defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) || \
defined(WOLFSSL_WPAS_SMALL)
#include <libs/libwolfssl/error-ssl.h>
@ -1339,14 +1500,21 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_R_HTTP_REQUEST PARSE_ERROR
#define SSL_R_UNSUPPORTED_PROTOCOL VERSION_ERROR
#define SSL_R_CERTIFICATE_VERIFY_FAILED VERIFY_CERT_ERROR
#define SSL_R_CERT_CB_ERROR CLIENT_CERT_CB_ERROR
#define SSL_R_NULL_SSL_METHOD_PASSED BAD_FUNC_ARG
#ifdef HAVE_SESSION_TICKET
#define SSL_OP_NO_TICKET SSL_OP_NO_TICKET
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
#endif
#define OPENSSL_config wolfSSL_OPENSSL_config
/* Some openssl consumers try to detect these options with ifdef, defining
* here since we use an enum internally instead */
#define SSL_OP_SINGLE_DH_USE WOLFSSL_OP_SINGLE_DH_USE
#define SSL_OP_SINGLE_ECDH_USE WOLFSSL_OP_SINGLE_ECDH_USE
#define SSL_OP_CIPHER_SERVER_PREFERENCE WOLFSSL_OP_CIPHER_SERVER_PREFERENCE
#define OPENSSL_config wolfSSL_OPENSSL_config
#define OPENSSL_memdup wolfSSL_OPENSSL_memdup
#define OPENSSL_cleanse wolfSSL_OPENSSL_cleanse
#define SSL_CTX_get_timeout wolfSSL_SSL_CTX_get_timeout
@ -1361,6 +1529,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb
#define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb
#define SSL_CTX_get_extra_chain_certs wolfSSL_CTX_get_extra_chain_certs
#define SSL_CTX_get0_chain_certs wolfSSL_CTX_get0_chain_certs
#define SSL_get0_chain_certs wolfSSL_get0_chain_certs
#define sk_OPENSSL_STRING_num wolfSSL_sk_WOLFSSL_STRING_num
#define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value
#define sk_OPENSSL_PSTRING_num wolfSSL_sk_WOLFSSL_STRING_num
@ -1400,12 +1570,25 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define NID_pkcs9_emailAddress 48
#define OBJ_pkcs9_emailAddress 1L,2L,840L,113539L,1L,9L,1L
#define LN_basic_constraints "X509v3 Basic Constraints"
#define LN_key_usage "X509v3 Key Usage"
#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
#define LN_ext_key_usage "X509v3 Extended Key Usage"
#define SSL_get_rbio wolfSSL_SSL_get_rbio
#define SSL_get_wbio wolfSSL_SSL_get_wbio
#define SSL_do_handshake wolfSSL_SSL_do_handshake
#if defined(WOLFSSL_EARLY_DATA)
#define SSL_EARLY_DATA_NOT_SENT WOLFSSL_EARLY_DATA_NOT_SENT
#define SSL_EARLY_DATA_REJECTED WOLFSSL_EARLY_DATA_REJECTED
#define SSL_EARLY_DATA_ACCEPTED WOLFSSL_EARLY_DATA_ACCEPTED
#define SSL_get_early_data_status wolfSSL_get_early_data_status
#define SSL_set_max_early_data wolfSSL_set_max_early_data
#define SSL_get_max_early_data wolfSSL_get_max_early_data
#define SSL_CTX_set_max_early_data wolfSSL_CTX_set_max_early_data
#define SSL_CTX_get_max_early_data wolfSSL_CTX_get_max_early_data
#endif
#endif /* OPENSSL_EXTRA */
@ -1420,6 +1603,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
#define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
#define X509_LU_NONE WOLFSSL_X509_LU_NONE
#define X509_LU_X509 WOLFSSL_X509_LU_X509
#define X509_LU_CRL WOLFSSL_X509_LU_CRL
#define X509_STORE_get0_objects wolfSSL_X509_STORE_get0_objects
#define sk_X509_OBJECT_num wolfSSL_sk_X509_OBJECT_num
#define sk_X509_OBJECT_value wolfSSL_sk_X509_OBJECT_value
@ -1435,8 +1622,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#ifndef NO_WOLFSSL_STUB
#define OBJ_create_objects(...)
#define sk_SSL_COMP_free(...)
#endif
#define OBJ_dup wolfSSL_ASN1_OBJECT_dup
#define SSL_set_psk_use_session_callback wolfSSL_set_psk_use_session_callback
#define SSL_SESSION_is_resumable wolfSSL_SESSION_is_resumable
typedef WOLFSSL_CONF_CTX SSL_CONF_CTX;
@ -1447,9 +1637,74 @@ typedef WOLFSSL_CONF_CTX SSL_CONF_CTX;
#define SSL_CONF_CTX_set_flags wolfSSL_CONF_CTX_set_flags
#define SSL_CONF_CTX_finish wolfSSL_CONF_CTX_finish
#define SSL_CONF_cmd wolfSSL_CONF_cmd
#define SSL_CONF_cmd_value_type wolfSSL_CONF_cmd_value_type
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef WOLFSSL_QUIC
#include <libs/libwolfssl/quic.h>
/* Used by Chromium/QUIC - according to quictls/openssl fork */
#define X25519_PRIVATE_KEY_LEN 32
#define X25519_PUBLIC_VALUE_LEN 32
/* TLSv1.3 cipher ids as defined in RFC 8446, returned by
* SSL_CIPHER_get_id(cipher)
* used by QUIC implementations, such as HAProxy
*/
#define TLS1_3_CK_AES_128_GCM_SHA256 0x1301
#define TLS1_3_CK_AES_256_GCM_SHA384 0x1302
#define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x1303
#define TLS1_3_CK_AES_128_CCM_SHA256 0x1304
#define TLS1_3_CK_AES_128_CCM_8_SHA256 0x1305
#define SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION QUIC_TP_MISSING_E
#define SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED QUIC_WRONG_ENC_LEVEL
#define ssl_quic_method_st wolfssl_quic_method_t
typedef WOLFSSL_QUIC_METHOD SSL_QUIC_METHOD;
#define ssl_encryption_level_t wolfssl_encryption_level_t
typedef WOLFSSL_ENCRYPTION_LEVEL OSSL_ENCRYPTION_LEVEL;
#define ssl_encryption_initial wolfssl_encryption_initial
#define ssl_encryption_early_data wolfssl_encryption_early_data
#define ssl_encryption_handshake wolfssl_encryption_handshake
#define ssl_encryption_application wolfssl_encryption_application
#define SSL_CTX_set_quic_method wolfSSL_CTX_set_quic_method
#define SSL_set_quic_method wolfSSL_set_quic_method
#define SSL_set_quic_transport_params wolfSSL_set_quic_transport_params
#define SSL_get_peer_quic_transport_params wolfSSL_get_peer_quic_transport_params
#define SSL_quic_max_handshake_flight_len wolfSSL_quic_max_handshake_flight_len
#define SSL_quic_read_level wolfSSL_quic_read_level
#define SSL_quic_write_level wolfSSL_quic_write_level
#define SSL_provide_quic_data wolfSSL_provide_quic_data
#define SSL_process_quic_post_handshake wolfSSL_process_quic_post_handshake
#define SSL_is_quic wolfSSL_is_quic
#define SSL_set_quic_transport_version wolfSSL_set_quic_transport_version
#define SSL_get_quic_transport_version wolfSSL_get_quic_transport_version
#define SSL_get_peer_quic_transport_version wolfSSL_get_peer_quic_transport_version
#define SSL_set_quic_early_data_enabled wolfSSL_set_quic_early_data_enabled
/* BoringSSL API - according to quictls/openssl fork */
#define SSL_set_quic_use_legacy_codepoint wolfSSL_set_quic_use_legacy_codepoint
/* TODO: we do not have this in our QUIC api and HAProxy does not use it
int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
*/
#endif /* WOLFSSL_QUIC */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* wolfSSL_openssl_h__ */
#endif /* !WOLFSSL_OPENSSL_H_ */

View File

@ -1,6 +1,6 @@
/* stack.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -30,8 +30,8 @@
typedef void (*wolfSSL_sk_freefunc)(void *);
WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc);
WOLFSSL_API void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK *);
WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc f);
WOLFSSL_API void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK *sk);
WOLFSSL_API int wolfSSL_sk_GENERIC_push(WOLFSSL_STACK *sk, void *data);
WOLFSSL_API void wolfSSL_sk_pop_free(WOLFSSL_STACK *st, void (*func) (void *));
WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_new_null(void);

View File

@ -1,6 +1,6 @@
/* tls1.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -43,4 +43,10 @@
#define TLS_MAX_VERSION TLS1_3_VERSION
#endif
#ifdef WOLFSSL_QUIC
/* from rfc9001 */
#define TLSEXT_TYPE_quic_transport_parameters_draft 0xffa5
#define TLSEXT_TYPE_quic_transport_parameters 0x0039
#endif
#endif /* WOLFSSL_OPENSSL_TLS1_H_ */

View File

@ -1,5 +1,29 @@
/* x509.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* x509.h for openssl */
#ifndef WOLFSSL_OPENSSL_509_H_
#define WOLFSSL_OPENSSL_509_H_
#include <libs/libwolfssl/openssl/ssl.h>
#include <libs/libwolfssl/openssl/crypto.h>
#include <libs/libwolfssl/openssl/dh.h>
@ -7,6 +31,8 @@
#include <libs/libwolfssl/openssl/ecdsa.h>
#include <libs/libwolfssl/openssl/pkcs7.h>
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* wolfSSL_X509_print_ex flags */
#define X509_FLAG_COMPAT (0UL)
#define X509_FLAG_NO_HEADER (1UL << 0)
@ -42,3 +68,11 @@
#define XN_FLAG_FN_ALIGN (1 << 25)
#define XN_FLAG_MULTILINE 0xFFFF
#define X509_EXTENSION_set_critical wolfSSL_X509_EXTENSION_set_critical
#define X509_EXTENSION_set_object wolfSSL_X509_EXTENSION_set_object
#define X509_EXTENSION_set_data wolfSSL_X509_EXTENSION_set_data
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* WOLFSSL_OPENSSL_509_H_ */

View File

@ -1,6 +1,6 @@
/* x509_vfy.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -32,11 +32,12 @@
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
WOLFSSL_API int wolfSSL_X509_STORE_CTX_set_purpose(WOLFSSL_X509_STORE_CTX *ctx, int purpose);
WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_flags(WOLFSSL_X509_STORE_CTX *ctx,
unsigned long flags);
#endif
#ifdef WOLFSSL_QT
#define X509_STORE_CTX_set_purpose wolfSSL_X509_STORE_CTX_set_purpose
#endif
#define X509_STORE_CTX_set_purpose wolfSSL_X509_STORE_CTX_set_purpose
#define X509_STORE_CTX_set_flags wolfSSL_X509_STORE_CTX_set_flags
#ifdef __cplusplus
} /* extern "C" */

View File

@ -1,6 +1,6 @@
/* x509v3.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -31,15 +31,42 @@
extern "C" {
#endif
#define EXFLAG_KUSAGE 0x2
#define EXFLAG_XKUSAGE 0x4
#define KU_DIGITAL_SIGNATURE KEYUSE_DIGITAL_SIG
#define KU_NON_REPUDIATION KEYUSE_CONTENT_COMMIT
#define KU_KEY_ENCIPHERMENT KEYUSE_KEY_ENCIPHER
#define KU_DATA_ENCIPHERMENT KEYUSE_DATA_ENCIPHER
#define KU_KEY_AGREEMENT KEYUSE_KEY_AGREE
#define KU_KEY_CERT_SIGN KEYUSE_KEY_CERT_SIGN
#define KU_CRL_SIGN KEYUSE_CRL_SIGN
#define KU_ENCIPHER_ONLY KEYUSE_ENCIPHER_ONLY
#define KU_DECIPHER_ONLY KEYUSE_DECIPHER_ONLY
#define XKU_SSL_SERVER 0x1
#define XKU_SSL_CLIENT 0x2
#define XKU_SMIME 0x4
#define XKU_CODE_SIGN 0x8
#define XKU_SGC 0x10
#define XKU_OCSP_SIGN 0x20
#define XKU_TIMESTAMP 0x40
#define XKU_DVCS 0x80
#define XKU_ANYEKU 0x100
#define X509_PURPOSE_SSL_CLIENT 0
#define X509_PURPOSE_SSL_SERVER 1
#define NS_SSL_CLIENT 0
#define NS_SSL_SERVER 1
#define NS_SSL_CLIENT WC_NS_SSL_CLIENT
#define NS_SSL_SERVER WC_NS_SSL_SERVER
/* Forward reference */
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x0090801fL
typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
#else
typedef void *(*X509V3_EXT_D2I)(void *, unsigned char **, long);
#endif
typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) (
struct WOLFSSL_v3_ext_method *method,
@ -94,8 +121,13 @@ WOLFSSL_API WOLFSSL_BASIC_CONSTRAINTS* wolfSSL_BASIC_CONSTRAINTS_new(void);
WOLFSSL_API void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc);
WOLFSSL_API WOLFSSL_AUTHORITY_KEYID* wolfSSL_AUTHORITY_KEYID_new(void);
WOLFSSL_API void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id);
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
WOLFSSL_API const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(
WOLFSSL_X509_EXTENSION* ex);
#else
WOLFSSL_API WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(
WOLFSSL_X509_EXTENSION* ex);
#endif
WOLFSSL_API void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ex);
WOLFSSL_API char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method,
const WOLFSSL_ASN1_STRING *s);
@ -103,6 +135,7 @@ WOLFSSL_API int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out,
WOLFSSL_X509_EXTENSION *ext, unsigned long flag, int indent);
WOLFSSL_API int wolfSSL_X509V3_EXT_add_nconf(WOLFSSL_CONF *conf, WOLFSSL_X509V3_CTX *ctx,
const char *section, WOLFSSL_X509 *cert);
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_a2i_IPADDRESS(const char* ipa);
#define BASIC_CONSTRAINTS_free wolfSSL_BASIC_CONSTRAINTS_free
#define AUTHORITY_KEYID_free wolfSSL_AUTHORITY_KEYID_free
@ -116,11 +149,13 @@ WOLFSSL_API int wolfSSL_X509V3_EXT_add_nconf(WOLFSSL_CONF *conf, WOLFSSL_X509V3_
#define X509V3_parse_list(...) NULL
#endif
#define i2s_ASN1_OCTET_STRING wolfSSL_i2s_ASN1_STRING
#define a2i_IPADDRESS wolfSSL_a2i_IPADDRESS
#define X509V3_EXT_print wolfSSL_X509V3_EXT_print
#define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid
#define X509V3_set_ctx wolfSSL_X509V3_set_ctx
#ifndef NO_WOLFSSL_STUB
#define X509V3_set_nconf(...)
#define X509V3_EXT_cleanup(...)
#endif
#define X509V3_set_ctx_test(ctx) wolfSSL_X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
#define X509V3_set_ctx_nodb wolfSSL_X509V3_set_ctx_nodb

View File

@ -0,0 +1,297 @@
/* quic.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* wolfSSL QUIC API */
#ifndef WOLFSSL_QUIC_H
#define WOLFSSL_QUIC_H
#ifdef __cplusplus
extern "C" {
#endif
#ifdef WOLFSSL_QUIC
/* QUIC operates on three encryption levels which determine
* which keys/algos are used for de-/encryption. These are
* kept separately for incoming and outgoing data and.
* Due to the nature of UDP, more than one might be in use
* at the same time due to resends or out-of-order arrivals.
*/
typedef enum wolfssl_encryption_level_t {
wolfssl_encryption_initial = 0,
wolfssl_encryption_early_data,
wolfssl_encryption_handshake,
wolfssl_encryption_application
} WOLFSSL_ENCRYPTION_LEVEL;
/* All QUIC related callbacks to the application.
*/
typedef struct wolfssl_quic_method_t WOLFSSL_QUIC_METHOD;
struct wolfssl_quic_method_t {
/**
* Provide secrets to the QUIC stack when they becaome available in the SSL
* instance during handshake processing. read/write secrets have the same
* length. A call may only provide one, passing NULL as the other.
*/
int (*set_encryption_secrets)(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t* read_secret,
const uint8_t* write_secret,
size_t secret_len);
/**
* Provide handshake packets to the QUIC stack to send to the peer. The
* QUIC stack will wrap these and take care of re-transmissions.
*/
int (*add_handshake_data)(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t* data, size_t len);
/**
* Flush any buffered packets during handshake.
*/
int (*flush_flight)(WOLFSSL* ssl);
/**
* Send a TLS alert that happend during handshake. In QUIC, such alerts
* lead to connection shutdown.
*/
int (*send_alert)(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
uint8_t alert);
};
/**
* Mark the given SSL context for QUIC protocol handling. Meaning all
* SSL instances derived from it will inherit this. Provides all callbacks
* to the QUIC application the SSL stack needs.
*/
WOLFSSL_API
int wolfSSL_CTX_set_quic_method(WOLFSSL_CTX* ctx,
const WOLFSSL_QUIC_METHOD* quic_method);
/**
* Mark extactly this SSL instance for QUIC protocol handling.
* Provides all callbacks to the QUIC application the SSL stack needs.
*/
WOLFSSL_API
int wolfSSL_set_quic_method(WOLFSSL* ssl,
const WOLFSSL_QUIC_METHOD* quic_method);
/**
* Check if QUIC handling has been installed on the given SSL instance.
*/
WOLFSSL_API int wolfSSL_is_quic(WOLFSSL* ssl);
/**
* Return the current encryption level of the SSL instance for READs.
*/
WOLFSSL_API
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_read_level(const WOLFSSL* ssl);
/**
* Return the current encryption level of the SSL instance for WRITEs.
*/
WOLFSSL_API
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_write_level(const WOLFSSL* ssl);
/**
* Configure the QUIC transport version to use. On `use_legacy` != 0,
* selects TLSX_KEY_QUIC_TP_PARAMS_DRAFT, otherwise TLSX_KEY_QUIC_TP_PARAMS.
* This method is part of the BoringSSL API and replicated here for app
* portability (as in quictls/openssl).
*/
WOLFSSL_API
void wolfSSL_set_quic_use_legacy_codepoint(WOLFSSL* ssl, int use_legacy);
/**
* Set the TLS extension for the transport parameter version to announce
* to the peer. Known values are TLSX_KEY_QUIC_TP_PARAMS (V1) and
* TLSX_KEY_QUIC_TP_PARAMS_DRAFT.
* Setting it to 0 will announce both V1 and draft versions to a server.
* Servers will, on 0, select the latest version seen from the client.
* Default is 0.
*/
WOLFSSL_API
void wolfSSL_set_quic_transport_version(WOLFSSL* ssl, int version);
/**
* Get the configured transport version.
*/
WOLFSSL_API int wolfSSL_get_quic_transport_version(const WOLFSSL* ssl);
/**
* Set the raw QUIC transport parameter that will be sent in the TLS extension
* to the peer, using the configured transport version(s).
*/
WOLFSSL_API int wolfSSL_set_quic_transport_params(WOLFSSL* ssl,
const uint8_t* params,
size_t params_len);
/**
* Get the raw QUIC transport parameter as retrieved via TLS Extension
* from the peer. If the peer announced several versions,
* return the latest one.
* If the extension has not arrived yet, initializes out parameter to
* NULL, resp. 0.
*/
WOLFSSL_API
void wolfSSL_get_peer_quic_transport_params(const WOLFSSL* ssl,
const uint8_t* *out_params,
size_t* out_params_len);
/**
* Get the QUIC version negotiated with the peer during the handshake.
*/
WOLFSSL_API int wolfSSL_get_peer_quic_transport_version(const WOLFSSL* ssl);
#ifdef WOLFSSL_EARLY_DATA
WOLFSSL_API void wolfSSL_set_quic_early_data_enabled(WOLFSSL* ssl, int enabled);
#endif
/**
* Advisory amount of the maximum data a QUIC protocol handler should have
* in flight. This varies during handshake processing, for example certficate
* exchange will increase the limit.
*/
WOLFSSL_API
size_t wolfSSL_quic_max_handshake_flight_len(const WOLFSSL* ssl,
WOLFSSL_ENCRYPTION_LEVEL level);
/**
* The QUIC protocol handler provides peer TLS records to the SSL instance
* during handshake to progress it. The SSL instance will use the registered
* callbacks to send packets to the peer.
* Encryption level is provided to indicate how to decrypt the data. Data may
* be added for levels not yet reached by the SSL instance. However, data
* may only be added in ever increasing levels and levels may only increase
* at TLS record boundaries. Any violation will make this function fail.
*/
WOLFSSL_API
int wolfSSL_provide_quic_data(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t* data, size_t len);
WOLFSSL_API
int wolfSSL_quic_do_handshake(WOLFSSL* ssl);
/**
* Process any CRYPTO data added post-handshake.
*/
WOLFSSL_API int wolfSSL_process_quic_post_handshake(WOLFSSL* ssl);
/**
* Process any pending input and flush all output. Can be invoked
* during and/or after handshake processing.
*/
WOLFSSL_API int wolfSSL_quic_read_write(WOLFSSL* ssl);
/**
* Get the AEAD cipher that is currently selected in the SSL instance.
* Will return NULL if none has been selected so far. This is used by the
* QUIC stack to encrypt/decrypt packets after the handshake.
*/
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl);
/**
* Use to classify the AEAD cipher for key reuse limits.
*/
WOLFSSL_API int wolfSSL_quic_aead_is_gcm(const WOLFSSL_EVP_CIPHER* aead_cipher);
WOLFSSL_API int wolfSSL_quic_aead_is_ccm(const WOLFSSL_EVP_CIPHER* aead_cipher);
WOLFSSL_API
int wolfSSL_quic_aead_is_chacha20(const WOLFSSL_EVP_CIPHER* aead_cipher);
/**
* Get the 'tag' length used by the AEAD cipher. Encryption buffer lengths
* are plaintext length plus this tag length.
*/
WOLFSSL_API
size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher);
/**
* The message digest currently selected in the SSL instance.
*/
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_quic_get_md(WOLFSSL* ssl);
/**
* The QUIC header protection cipher matching the AEAD cipher currently
* selected in the SSL instance.
*/
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_hp(WOLFSSL* ssl);
/**
* Create and initialize a cipher context for use in en- or decryption.
*/
WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX*
wolfSSL_quic_crypt_new(const WOLFSSL_EVP_CIPHER* cipher,
const uint8_t* key, const uint8_t* iv, int encrypt);
/**
* Use a previously created cipher context to encrypt the given plain text.
*/
WOLFSSL_API
int wolfSSL_quic_aead_encrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* aead_ctx,
const uint8_t* plain, size_t plainlen,
const uint8_t* iv, const uint8_t* aad,
size_t aadlen);
/**
* Use a previously created cipher context to decrypt the given encoded text.
*/
WOLFSSL_API
int wolfSSL_quic_aead_decrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* ctx,
const uint8_t* enc, size_t enclen,
const uint8_t* iv, const uint8_t* aad,
size_t aadlen);
/**
* Extract a pseudo-random key, using the given message digest, a secret
* and a salt. The key size is the size of the digest.
*/
WOLFSSL_API
int wolfSSL_quic_hkdf_extract(uint8_t* dest, const WOLFSSL_EVP_MD* md,
const uint8_t* secret, size_t secretlen,
const uint8_t* salt, size_t saltlen);
/**
* Expand a pseudo-random key (secret) into a new key, using the mesasge
* digest and the info bytes.
*/
WOLFSSL_API
int wolfSSL_quic_hkdf_expand(uint8_t* dest, size_t destlen,
const WOLFSSL_EVP_MD* md,
const uint8_t* secret, size_t secretlen,
const uint8_t* info, size_t infolen);
/**
* Extract and extpand secret, salt and info into a new key.
*/
WOLFSSL_API
int wolfSSL_quic_hkdf(uint8_t* dest, size_t destlen,
const WOLFSSL_EVP_MD* md,
const uint8_t* secret, size_t secretlen,
const uint8_t* salt, size_t saltlen,
const uint8_t* info, size_t infolen);
#endif /* WOLFSSL_QUIC */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_QUIC_H */

View File

@ -1,6 +1,6 @@
/* sniffer.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -27,6 +27,11 @@
#include <libs/libwolfssl/wolfcrypt/settings.h>
#include <libs/libwolfssl/wolfcrypt/asn_public.h>
#ifdef HAVE_WOLF_EVENT
#include <libs/libwolfssl/wolfcrypt/wolfevent.h>
#endif
#ifdef _WIN32
#ifdef SSL_SNIFFER_EXPORTS
#define SSL_SNIFFER_API __declspec(dllexport)
@ -42,6 +47,22 @@
extern "C" {
#endif
typedef struct IpAddrInfo {
int version;
union {
word32 ip4;
byte ip6[16];
};
} IpAddrInfo;
typedef struct SnifferStreamInfo {
IpAddrInfo src; /* server address in network byte order */
IpAddrInfo dst; /* client address in network byte order */
word16 dstPort; /* server port */
word16 srcPort; /* client port */
} SnifferStreamInfo;
/* @param typeK: (formerly keyType) was shadowing a global declaration in
* wolfssl/wolfcrypt/asn.h line 175
*/
@ -119,9 +140,15 @@ SSL_SNIFFER_API int ssl_GetSessionStats(unsigned int* active,
unsigned int* reassemblyMemory,
char* error);
WOLFSSL_API void ssl_InitSniffer(void);
WOLFSSL_API
SSL_SNIFFER_API void ssl_InitSniffer(void);
WOLFSSL_API
SSL_SNIFFER_API void ssl_InitSniffer_ex(int devId);
WOLFSSL_API
SSL_SNIFFER_API void ssl_InitSniffer_ex2(int threadNum);
WOLFSSL_API void ssl_FreeSniffer(void);
WOLFSSL_API
SSL_SNIFFER_API void ssl_FreeSniffer(void);
/* ssl_SetPrivateKey typeKs */
@ -167,46 +194,45 @@ SSL_SNIFFER_API int ssl_SetConnectionCtx(void* ctx);
typedef struct SSLStats
{
unsigned long int sslStandardConns;
unsigned long int sslClientAuthConns;
unsigned long int sslResumedConns;
unsigned long int sslEphemeralMisses;
unsigned long int sslResumeMisses;
unsigned long int sslCiphersUnsupported;
unsigned long int sslKeysUnmatched;
unsigned long int sslKeyFails;
unsigned long int sslDecodeFails;
unsigned long int sslAlerts;
unsigned long int sslDecryptedBytes;
unsigned long int sslEncryptedBytes;
unsigned long int sslEncryptedPackets;
unsigned long int sslDecryptedPackets;
unsigned long int sslKeyMatches;
unsigned long int sslEncryptedConns;
unsigned long int sslResumptionInserts;
unsigned long int sslStandardConns; /* server_hello count not including resumed sessions */
unsigned long int sslClientAuthConns; /* client's who have presented certificates (mutual authentication) */
unsigned long int sslResumedConns; /* resumed connections */
unsigned long int sslEphemeralMisses; /* TLS v1.2 and older PFS / ephemeral connections missed (not able to decrypt) */
unsigned long int sslResumeMisses; /* Resumption sessions not found */
unsigned long int sslCiphersUnsupported; /* No cipher suite match found when compared to supported */
unsigned long int sslKeysUnmatched; /* Key callback failures (not found). Applies to WOLFSSL_SNIFFER_WATCH only */
unsigned long int sslKeyFails; /* Failures loading or using keys */
unsigned long int sslDecodeFails; /* Dropped packets (not application_data or match protocol version) */
unsigned long int sslAlerts; /* Number of decoded alert messages */
unsigned long int sslDecryptedBytes; /* Number of decrypted bytes */
unsigned long int sslEncryptedBytes; /* Number of encrypted bytes */
unsigned long int sslEncryptedPackets; /* Number of encrypted packets */
unsigned long int sslDecryptedPackets; /* Number of decrypted packets */
unsigned long int sslKeyMatches; /* Key callback successes (failures tracked in sslKeysUnmatched). Applies to WOLFSSL_SNIFFER_WATCH only. */
unsigned long int sslEncryptedConns; /* Number of created sniffer sessions */
unsigned long int sslResumptionInserts; /* Number of sessions reused with resumption */
} SSLStats;
WOLFSSL_API
SSL_SNIFFER_API int ssl_ResetStatistics(void);
WOLFSSL_API
SSL_SNIFFER_API int ssl_ReadStatistics(SSLStats* stats);
WOLFSSL_API
SSL_SNIFFER_API int ssl_ReadResetStatistics(SSLStats* stats);
#if defined(WOLFSSL_STATIC_EPHEMERAL) && defined(WOLFSSL_TLS13)
/* macro indicating support for key callback */
#undef WOLFSSL_SNIFFER_KEY_CALLBACK
#define WOLFSSL_SNIFFER_KEY_CALLBACK
typedef int (*SSLKeyCb)(void* vSniffer, int namedGroup,
const unsigned char* srvPub, unsigned int srvPubSz,
const unsigned char* cliPub, unsigned int cliPubSz,
DerBuffer* privKey, void* cbCtx, char* error);
#if defined(WOLFSSL_STATIC_EPHEMERAL) && defined(WOLFSSL_TLS13)
/* macro indicating support for key callback */
#undef WOLFSSL_SNIFFER_KEY_CALLBACK
#define WOLFSSL_SNIFFER_KEY_CALLBACK
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetKeyCallback(SSLKeyCb cb, void* cbCtx);
#endif
@ -270,6 +296,24 @@ SSL_SNIFFER_API int ssl_DecodePacketWithChainSessionInfoStoreData(
char* error);
#endif
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacket_GetStream(SnifferStreamInfo* info,
const byte* packet, int length, char* error);
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacketAsync(void* packet, unsigned int packetSz,
int isChain, unsigned char** data, char* error, SSLInfo* sslInfo,
void* userCtx);
WOLFSSL_API
SSL_SNIFFER_API int ssl_PollSniffer(WOLF_EVENT** events, int maxEvents,
WOLF_EVENT_FLAG flags, int* eventCount);
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef __cplusplus
} /* extern "C" */

View File

@ -1,6 +1,6 @@
/* sniffer_error.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -138,6 +138,10 @@
#define CHAIN_INPUT_STR 93
#define GOT_ENC_EXT_STR 94
#define GOT_HELLO_RETRY_REQ_STR 95
#define SNIFFER_KEY_SETUP_STR 96
#define UNSUPPORTED_TLS_VER_STR 97
#define KEY_MISMATCH_STR 98
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
/* wolfssl_version.h.in
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -28,8 +28,8 @@
extern "C" {
#endif
#define LIBWOLFSSL_VERSION_STRING "4.8.1"
#define LIBWOLFSSL_VERSION_HEX 0x04008001
#define LIBWOLFSSL_VERSION_STRING "5.5.4"
#define LIBWOLFSSL_VERSION_HEX 0x05005004
#ifdef __cplusplus
}

View File

@ -1,6 +1,6 @@
/* aes.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -67,7 +67,24 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#endif
#ifdef WOLFSSL_XILINX_CRYPT
#include "xsecure_aes.h"
#ifdef WOLFSSL_XILINX_CRYPT_VERSAL
#include <libs/libwolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h>
#include <xsecure_aesclient.h>
#define WOLFSSL_XILINX_AES_KEY_SRC XSECURE_AES_USER_KEY_0
#else /* versal */
#include <xsecure_aes.h>
#define WOLFSSL_XILINX_AES_KEY_SRC XSECURE_CSU_AES_KEY_SRC_KUP
#endif /* !versal */
#endif /* WOLFSSL_XILINX_CRYPT */
#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_AFALG_XILINX_AES)
#if !defined(WOLFSSL_XILINX_AES_KEY_SRC)
#define WOLFSSL_XILINX_AES_KEY_SRC 0
#endif /* !defined(WOLFSSL_XILINX_AES_KEY_SRC) */
#endif /* all Xilinx crypto */
#ifdef WOLFSSL_SE050
#include <libs/libwolfssl/wolfcrypt/port/nxp/se050_port.h>
#endif
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
@ -75,6 +92,10 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <libs/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
#endif
#if defined(WOLFSSL_KCAPI_AES)
#include <libs/libwolfssl/wolfcrypt/port/kcapi/wc_kcapi.h>
#endif
#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
#include <libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
@ -88,13 +109,21 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <libs/libwolfssl/wolfcrypt/random.h>
#endif
#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
#include <psa/crypto.h>
#endif
#if defined(WOLFSSL_CRYPTOCELL)
#include <libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h>
#endif
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
#include <libs/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
#include <libs/libwolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h>
#endif
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
#include <libs/libwolfssl/wolfcrypt/port/maxim/maxq10xx.h>
#endif
#ifdef __cplusplus
@ -131,7 +160,7 @@ enum {
KEYWRAP_BLOCK_SIZE = 8,
GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
GCM_NONCE_MID_SZ = 12, /* The default nonce size for AES-GCM. */
GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
CCM_NONCE_MIN_SZ = 7,
CCM_NONCE_MAX_SZ = 13,
@ -147,7 +176,7 @@ enum {
AES_XTS_MODE = 3,
#endif
#ifdef HAVE_PKCS11
#ifdef WOLF_PRIVATE_KEY_ID
AES_MAX_ID_LEN = 32,
AES_MAX_LABEL_LEN = 32,
#endif
@ -174,6 +203,13 @@ struct Aes {
word32 aadLen; /* additional authenticated data len */
#endif
#ifdef WOLFSSL_SE050
sss_symmetric_t aes_ctx; /* used as the function context */
int ctxInitDone;
word32 keyId;
byte keyIdSet;
byte useSWCrypt; /* Use SW crypt instead of SE050, before SCP03 auth */
#endif
#ifdef GCM_TABLE
/* key-based fast multiplication table. */
ALIGN16 byte M0[256][AES_BLOCK_SIZE];
@ -188,6 +224,9 @@ struct Aes {
word32 y0;
#endif
#endif /* HAVE_AESGCM */
#ifdef WOLFSSL_CAAM
int blackKey; /* black key / hsm key id */
#endif
#ifdef WOLFSSL_AESNI
byte use_aesni;
#endif /* WOLFSSL_AESNI */
@ -195,7 +234,7 @@ struct Aes {
int devId;
void* devCtx;
#endif
#ifdef HAVE_PKCS11
#ifdef WOLF_PRIVATE_KEY_ID
byte id[AES_MAX_ID_LEN];
int idLen;
char label[AES_MAX_LABEL_LEN];
@ -209,9 +248,16 @@ struct Aes {
word32 left; /* unused bytes left from last call */
#endif
#ifdef WOLFSSL_XILINX_CRYPT
#ifdef WOLFSSL_XILINX_CRYPT_VERSAL
wc_Xsecure xSec;
XSecure_AesKeySize xKeySize;
int aadStyle;
byte keyInit[WOLFSSL_XSECURE_AES_KEY_SIZE] ALIGN64;
#else
XSecure_Aes xilAes;
XCsuDma dma;
word32 key_init[8];
word32 keyInit[8];
#endif
word32 kup;
#endif
#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
@ -224,9 +270,14 @@ struct Aes {
GCM_NONCE_MID_SZ)];
#endif
#endif
#if defined(WOLFSSL_KCAPI_AES)
struct kcapi_handle* handle;
int init;
#endif
#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
(defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)) || \
defined(WOLFSSL_KCAPI_AES)
word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
#ifdef HAVE_CAVIUM_OCTEON_SYNC
int keySet;
@ -243,11 +294,23 @@ struct Aes {
defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
TSIP_AES_CTX ctx;
#endif
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
SCE_AES_CTX ctx;
#endif
#if defined(WOLFSSL_IMXRT_DCP)
dcp_handle_t handle;
#endif
#if defined(WOLFSSL_SILABS_SE_ACCEL)
silabs_aes_t ctx;
#endif
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
maxq_aes_t maxq_ctx;
#endif
#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
psa_key_id_t key_id;
psa_cipher_operation_t psa_ctx;
int ctx_initialized;
int key_need_importing;
#endif
void* heap; /* memory hint to use */
#ifdef WOLFSSL_AESGCM_STREAM
@ -351,10 +414,27 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
#endif
/* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT)
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
#elif defined(BUILDING_WOLFSSL)
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesEncryptDirect(Aes* aes, byte* out,
const byte* in);
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesDecryptDirect(Aes* aes, byte* out,
const byte* in);
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesSetKeyDirect(Aes* aes,
const byte* key,
word32 len,
const byte* iv, int dir);
#else
WOLFSSL_API int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
#endif
#endif
#ifdef HAVE_AESGCM
@ -488,7 +568,7 @@ WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
#ifdef HAVE_PKCS11
#ifdef WOLF_PRIVATE_KEY_ID
WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
int devId);
WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap,
@ -496,6 +576,17 @@ WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap,
#endif
WOLFSSL_API void wc_AesFree(Aes* aes);
#ifdef WOLFSSL_AES_SIV
WOLFSSL_API
int wc_AesSivEncrypt(const byte* key, word32 keySz, const byte* assoc,
word32 assocSz, const byte* nonce, word32 nonceSz,
const byte* in, word32 inSz, byte* siv, byte* out);
WOLFSSL_API
int wc_AesSivDecrypt(const byte* key, word32 keySz, const byte* assoc,
word32 assocSz, const byte* nonce, word32 nonceSz,
const byte* in, word32 inSz, byte* siv, byte* out);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

View File

@ -1,6 +1,6 @@
/* arc4.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -37,9 +37,9 @@
#endif
enum {
ARC4_ENC_TYPE = 4, /* cipher unique type */
ARC4_ENC_TYPE = 4, /* cipher unique type */
ARC4_STATE_SIZE = 256,
RC4_KEY_SIZE = 16, /* always 128bit */
RC4_KEY_SIZE = 16, /* always 128bit */
};
/* ARC4 encryption and decryption */
@ -53,11 +53,12 @@ typedef struct Arc4 {
void* heap;
} Arc4;
WOLFSSL_API int wc_Arc4Process(Arc4*, byte*, const byte*, word32);
WOLFSSL_API int wc_Arc4SetKey(Arc4*, const byte*, word32);
WOLFSSL_API int wc_Arc4Process(Arc4* arc4, byte* out, const byte* in,
word32 length);
WOLFSSL_API int wc_Arc4SetKey(Arc4* arc4, const byte* key, word32 length);
WOLFSSL_API int wc_Arc4Init(Arc4*, void*, int);
WOLFSSL_API void wc_Arc4Free(Arc4*);
WOLFSSL_API int wc_Arc4Init(Arc4* arc4, void* heap, int devId);
WOLFSSL_API void wc_Arc4Free(Arc4* arc4);
#ifdef __cplusplus
} /* extern "C" */

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
/* asn_public.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -33,6 +33,7 @@ This library defines the interface APIs for X509 certificates.
#include <libs/libwolfssl/wolfcrypt/types.h>
#include <libs/libwolfssl/wolfcrypt/dsa.h>
#include <libs/libwolfssl/wolfcrypt/random.h>
#ifdef __cplusplus
extern "C" {
@ -47,22 +48,38 @@ This library defines the interface APIs for X509 certificates.
typedef struct ed25519_key ed25519_key;
#define WC_ED25519KEY_TYPE_DEFINED
#endif
#ifndef WC_CURVE25519KEY_TYPE_DEFINED
typedef struct curve25519_key curve25519_key;
#define WC_CURVE25519KEY_TYPE_DEFINED
#endif
#ifndef WC_ED448KEY_TYPE_DEFINED
typedef struct ed448_key ed448_key;
#define WC_ED448KEY_TYPE_DEFINED
#endif
#ifndef WC_CURVE448KEY_TYPE_DEFINED
typedef struct curve448_key curve448_key;
#define WC_CURVE448KEY_TYPE_DEFINED
#endif
#ifndef WC_RSAKEY_TYPE_DEFINED
typedef struct RsaKey RsaKey;
#define WC_RSAKEY_TYPE_DEFINED
#endif
#ifndef WC_RNG_TYPE_DEFINED
typedef struct WC_RNG WC_RNG;
#define WC_RNG_TYPE_DEFINED
#endif
#ifndef WC_DH_TYPE_DEFINED
typedef struct DhKey DhKey;
#define WC_DH_TYPE_DEFINED
#endif
#ifndef WC_FALCONKEY_TYPE_DEFINED
typedef struct falcon_key falcon_key;
#define WC_FALCONKEY_TYPE_DEFINED
#endif
#ifndef WC_DILITHIUMKEY_TYPE_DEFINED
typedef struct dilithium_key dilithium_key;
#define WC_DILITHIUMKEY_TYPE_DEFINED
#endif
#ifndef WC_SPHINCSKEY_TYPE_DEFINED
typedef struct sphincs_key sphincs_key;
#define WC_SPHINCSKEY_TYPE_DEFINED
#endif
enum Ecc_Sum {
ECC_SECP112R1_OID = 182,
@ -125,6 +142,22 @@ enum CertType {
PKCS8_ENC_PRIVATEKEY_TYPE,
DETECT_CERT_TYPE,
DH_PRIVATEKEY_TYPE,
X942_PARAM_TYPE,
FALCON_LEVEL1_TYPE,
FALCON_LEVEL5_TYPE,
DILITHIUM_LEVEL2_TYPE,
DILITHIUM_LEVEL3_TYPE,
DILITHIUM_LEVEL5_TYPE,
DILITHIUM_AES_LEVEL2_TYPE,
DILITHIUM_AES_LEVEL3_TYPE,
DILITHIUM_AES_LEVEL5_TYPE,
SPHINCS_FAST_LEVEL1_TYPE,
SPHINCS_FAST_LEVEL3_TYPE,
SPHINCS_FAST_LEVEL5_TYPE,
SPHINCS_SMALL_LEVEL1_TYPE,
SPHINCS_SMALL_LEVEL3_TYPE,
SPHINCS_SMALL_LEVEL5_TYPE,
};
@ -155,8 +188,27 @@ enum Ctc_SigType {
CTC_SHA3_384wRSA = 429,
CTC_SHA3_512wRSA = 430,
CTC_RSASSAPSS = 654,
CTC_ED25519 = 256,
CTC_ED448 = 257
CTC_ED448 = 257,
CTC_FALCON_LEVEL1 = 268,
CTC_FALCON_LEVEL5 = 271,
CTC_DILITHIUM_LEVEL2 = 213,
CTC_DILITHIUM_LEVEL3 = 216,
CTC_DILITHIUM_LEVEL5 = 220,
CTC_DILITHIUM_AES_LEVEL2 = 217,
CTC_DILITHIUM_AES_LEVEL3 = 221,
CTC_DILITHIUM_AES_LEVEL5 = 224,
CTC_SPHINCS_FAST_LEVEL1 = 281,
CTC_SPHINCS_FAST_LEVEL3 = 283,
CTC_SPHINCS_FAST_LEVEL5 = 282,
CTC_SPHINCS_SMALL_LEVEL1 = 287,
CTC_SPHINCS_SMALL_LEVEL3 = 285,
CTC_SPHINCS_SMALL_LEVEL5 = 286,
};
enum Ctc_Encoding {
@ -170,6 +222,11 @@ enum Ctc_Encoding {
#ifndef WC_CTC_MAX_ALT_SIZE
#define WC_CTC_MAX_ALT_SIZE 16384
#endif
#ifdef WOLFSSL_CERT_EXT
#ifndef WC_CTC_MAX_CRLINFO_SZ
#define WC_CTC_MAX_CRLINFO_SZ 200
#endif
#endif
enum Ctc_Misc {
CTC_COUNTRY_SIZE = 2,
@ -178,13 +235,19 @@ enum Ctc_Misc {
CTC_MAX_ALT_SIZE = WC_CTC_MAX_ALT_SIZE, /* may be huge, default: 16384 */
CTC_SERIAL_SIZE = 20,
CTC_GEN_SERIAL_SZ = 16,
CTC_FILETYPE_ASN1 = 2,
CTC_FILETYPE_PEM = 1,
CTC_FILETYPE_DEFAULT = 2,
#ifdef WOLFSSL_CERT_EXT
/* AKID could contains: hash + (Option) AuthCertIssuer,AuthCertSerialNum
* We support only hash */
CTC_MAX_SKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_AKID_SIZE = 32, /* SHA256_DIGEST_SIZE */
CTC_MAX_CERTPOL_SZ = 64,
CTC_MAX_CERTPOL_NB = 2 /* Max number of Certificate Policy */
CTC_MAX_CERTPOL_SZ = 200, /* RFC 5280 Section 4.2.1.4 */
CTC_MAX_CERTPOL_NB = 2, /* Max number of Certificate Policy */
CTC_MAX_CRLINFO_SZ = WC_CTC_MAX_CRLINFO_SZ, /* Arbitrary size that should be
* enough for at least two
* distribution points. */
#endif /* WOLFSSL_CERT_EXT */
};
@ -205,21 +268,35 @@ typedef struct WOLFSSL_ASN1_TIME {
enum {
IV_SZ = 32, /* max iv sz */
#ifdef OPENSSL_ALL
NAME_SZ = 160, /* larger max one line, allows for longer
encryption password support */
#else
NAME_SZ = 80, /* max one line */
#endif
PEM_PASS_READ = 0,
PEM_PASS_WRITE = 1,
};
typedef int (pem_password_cb)(char* passwd, int sz, int rw, void* userdata);
typedef int (wc_pem_password_cb)(char* passwd, int sz, int rw, void* userdata);
#ifndef OPENSSL_COEXIST
/* In the past, wc_pem_password_cb was called pem_password_cb, which is the same
* name as an identical typedef in OpenSSL. We don't want to break existing code
* that uses the name pem_password_cb, so we define it here as a macro alias for
* wc_pem_password_cb. In cases where a user needs to use both OpenSSL and
* wolfSSL headers in the same code, they should define OPENSSL_COEXIST to
* avoid errors stemming from the typedef being declared twice. */
#define pem_password_cb wc_pem_password_cb
#endif
typedef struct EncryptedInfo {
pem_password_cb* passwd_cb;
void* passwd_userdata;
long consumed; /* tracks PEM bytes consumed */
#ifdef WOLFSSL_ENCRYPTED_KEYS
wc_pem_password_cb* passwd_cb;
void* passwd_userdata;
int cipherType;
word32 keySz;
word32 ivSz; /* salt or encrypted IV size */
@ -228,6 +305,7 @@ typedef struct EncryptedInfo {
byte iv[IV_SZ]; /* salt or encrypted IV */
word16 set:1; /* if encryption set */
#endif
} EncryptedInfo;
@ -262,8 +340,7 @@ typedef struct WOLFSSL_ASN1_INTEGER {
#endif
#endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */
#ifdef WOLFSSL_CERT_GEN
#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#ifdef WOLFSSL_MULTI_ATTRIB
#ifndef CTC_MAX_ATTRIB
#define CTC_MAX_ATTRIB 4
@ -277,17 +354,49 @@ typedef struct NameAttrib {
char value[CTC_NAME_SIZE]; /* name */
} NameAttrib;
#endif /* WOLFSSL_MULTI_ATTRIB */
#endif /* WOLFSSL_CERT_GEN || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CUSTOM_OID
typedef struct CertOidField {
byte* oid;
byte* val;
int oidSz;
int valSz;
char enc;
} CertOidField;
typedef struct CertExtension {
const char* oid;
byte crit;
const byte* val;
int valSz;
} CertExtension;
#endif
#endif /* WOLFSSL_CERT_GEN */
#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typedef struct CertName {
char country[CTC_NAME_SIZE];
char countryEnc;
char state[CTC_NAME_SIZE];
char stateEnc;
char street[CTC_NAME_SIZE];
char streetEnc;
char locality[CTC_NAME_SIZE];
char localityEnc;
char sur[CTC_NAME_SIZE];
char surEnc;
#ifdef WOLFSSL_CERT_NAME_ALL
char givenName[CTC_NAME_SIZE];
char givenNameEnc;
char initials[CTC_NAME_SIZE];
char initialsEnc;
char dnQualifier[CTC_NAME_SIZE];
char dnQualifierEnc;
char dnName[CTC_NAME_SIZE];
char dnNameEnc;
#endif /* WOLFSSL_CERT_NAME_ALL */
char org[CTC_NAME_SIZE];
char orgEnc;
char unit[CTC_NAME_SIZE];
@ -296,6 +405,10 @@ typedef struct CertName {
char commonNameEnc;
char serialDev[CTC_NAME_SIZE];
char serialDevEnc;
char userId[CTC_NAME_SIZE];
char userIdEnc;
char postalCode[CTC_NAME_SIZE];
char postalCodeEnc;
#ifdef WOLFSSL_CERT_EXT
char busCat[CTC_NAME_SIZE];
char busCatEnc;
@ -308,8 +421,17 @@ typedef struct CertName {
#ifdef WOLFSSL_MULTI_ATTRIB
NameAttrib name[CTC_MAX_ATTRIB];
#endif
#ifdef WOLFSSL_CUSTOM_OID
CertOidField custom;
#endif
} CertName;
#endif /* WOLFSSL_CERT_GEN || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL*/
#ifdef WOLFSSL_CERT_GEN
#ifndef NUM_CUSTOM_EXT
#define NUM_CUSTOM_EXT 16
#endif
/* for user to fill for certificate generation */
typedef struct Cert {
@ -322,24 +444,40 @@ typedef struct Cert {
int selfSigned; /* self signed flag */
CertName subject; /* subject info */
int isCA; /* is this going to be a CA */
byte pathLen; /* max depth of valid certification
* paths that include this cert */
/* internal use only */
int bodySz; /* pre sign total size */
int keyType; /* public key type of subject */
#ifdef WOLFSSL_ALT_NAMES
byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
int altNamesSz; /* altNames size in bytes */
#endif
byte beforeDate[CTC_DATE_SIZE]; /* before date copy */
int beforeDateSz; /* size of copy */
byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */
#endif
#ifdef WOLFSSL_CERT_EXT
byte skid[CTC_MAX_SKID_SIZE]; /* Subject Key Identifier */
int skidSz; /* SKID size in bytes */
byte akid[CTC_MAX_AKID_SIZE]; /* Authority Key Identifier */
byte akid[CTC_MAX_AKID_SIZE
#ifdef WOLFSSL_AKID_NAME
+ sizeof(CertName) + CTC_SERIAL_SIZE
#endif
]; /* Authority Key
* Identifier */
int akidSz; /* AKID size in bytes */
#ifdef WOLFSSL_AKID_NAME
byte rawAkid; /* Set to true if akid is a
* AuthorityKeyIdentifier object.
* Set to false if akid is just a
* KeyIdentifier object. */
#endif
word16 keyUsage; /* Key Usage */
byte extKeyUsage; /* Extended Key Usage */
#ifndef IGNORE_NETSCAPE_CERT_TYPE
byte nsCertType; /* Netscape Certificate Type */
#endif
#ifdef WOLFSSL_EKU_OID
/* Extended Key Usage OIDs */
byte extKeyUsageOID[CTC_MAX_EKU_NB][CTC_MAX_EKU_OID_SZ];
@ -347,6 +485,8 @@ typedef struct Cert {
#endif
char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ];
word16 certPoliciesNb; /* Number of Cert Policy */
byte crlInfo[CTC_MAX_CRLINFO_SZ]; /* CRL Distribution points */
int crlInfoSz;
#endif
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
defined(WOLFSSL_CERT_REQ)
@ -355,11 +495,25 @@ typedef struct Cert {
#endif
#ifdef WOLFSSL_CERT_REQ
char challengePw[CTC_NAME_SIZE];
char unstructuredName[CTC_NAME_SIZE];
int challengePwPrintableString; /* encode as PrintableString */
#endif
void* decodedCert; /* internal DecodedCert allocated from heap */
byte* der; /* Pointer to buffer of current DecodedCert cache */
void* heap; /* heap hint */
#ifdef WOLFSSL_CUSTOM_OID
/* user oid and value to go in req extensions */
CertOidField extCustom;
/* Extensions to go into X.509 certificates */
CertExtension customCertExt[NUM_CUSTOM_EXT];
int customCertExtCount;
#endif
void* decodedCert; /* internal DecodedCert allocated from heap */
byte* der; /* Pointer to buffer of current DecodedCert cache */
void* heap; /* heap hint */
byte basicConstSet:1; /* Indicator for when Basic Constaint is set */
byte pathLenSet:1; /* Indicator for when path length is set */
#ifdef WOLFSSL_ALT_NAMES
byte altNamesCrit:1; /* Indicator of criticality of SAN extension */
#endif
} Cert;
@ -374,38 +528,48 @@ typedef struct Cert {
isCA = 0 (false)
keyType = RSA_KEY (default)
*/
WOLFSSL_API int wc_InitCert(Cert*);
WOLFSSL_ABI WOLFSSL_API int wc_InitCert(Cert* cert);
WOLFSSL_ABI WOLFSSL_API Cert* wc_CertNew(void* heap);
WOLFSSL_ABI WOLFSSL_API void wc_CertFree(Cert* cert);
WOLFSSL_API int wc_InitCert_ex(Cert* cert, void* heap, int devId);
WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz,
int keyType, void* key, WC_RNG* rng);
WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*, WC_RNG*);
int keyType, void* key, WC_RNG* rng);
WOLFSSL_ABI
WOLFSSL_API int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz,
RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng);
#ifdef WOLFSSL_CERT_REQ
WOLFSSL_API int wc_MakeCertReq_ex(Cert*, byte* derBuffer, word32 derSz,
int, void*);
WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz,
RsaKey*, ecc_key*);
WOLFSSL_API int wc_MakeCertReq_ex(Cert* cert, byte* derBuffer, word32 derSz,
int keyType, void* key);
WOLFSSL_ABI
WOLFSSL_API int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
RsaKey* rsaKey, ecc_key* eccKey);
#endif
WOLFSSL_API int wc_SignCert_ex(int requestSz, int sType, byte* buffer,
word32 buffSz, int keyType, void* key,
WC_RNG* rng);
WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey*, ecc_key*, WC_RNG*);
WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
WC_RNG*);
WOLFSSL_API int wc_SetIssuer(Cert*, const char*);
WOLFSSL_API int wc_SetSubject(Cert*, const char*);
WOLFSSL_API int wc_SignCert_ex(int requestSz, int sType, byte* buf,
word32 buffSz, int keyType, void* key,
WC_RNG* rng);
WOLFSSL_API int wc_SignCert(int requestSz, int sType, byte* buf, word32 buffSz,
RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng);
WOLFSSL_ABI
WOLFSSL_API int wc_MakeSelfCert(Cert* cert, byte* buf, word32 buffSz,
RsaKey* key, WC_RNG* rng);
WOLFSSL_ABI WOLFSSL_API int wc_SetIssuer(Cert* cert, const char* issuerFile);
WOLFSSL_ABI WOLFSSL_API int wc_SetSubject(Cert* cert, const char* subjectFile);
#ifdef WOLFSSL_ALT_NAMES
WOLFSSL_API int wc_SetAltNames(Cert*, const char*);
WOLFSSL_ABI WOLFSSL_API int wc_SetAltNames(Cert* cert, const char* file);
#endif
#ifdef WOLFSSL_CERT_GEN_CACHE
WOLFSSL_API void wc_SetCert_Free(Cert* cert);
WOLFSSL_ABI WOLFSSL_API void wc_SetCert_Free(Cert* cert);
#endif
WOLFSSL_API int wc_SetIssuerBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetSubjectBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetAltNamesBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
WOLFSSL_ABI
WOLFSSL_API int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz);
WOLFSSL_ABI
WOLFSSL_API int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz);
WOLFSSL_ABI
WOLFSSL_API int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz);
WOLFSSL_ABI
WOLFSSL_API int wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz);
#ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetCertDates(Cert* cert, struct tm* before,
@ -424,15 +588,12 @@ WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType,
WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
ecc_key *eckey);
WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file);
WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert);
WOLFSSL_ABI WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert);
WOLFSSL_ABI
WOLFSSL_API int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz);
WOLFSSL_ABI
WOLFSSL_API int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz);
#ifdef HAVE_NTRU
WOLFSSL_API int wc_SetSubjectKeyIdFromNtruPublicKey(Cert *cert, byte *ntruKey,
word16 ntruKeySz);
#endif
/* Set the KeyUsage.
* Value is a string separated tokens with ','. Accepted tokens are :
* digitalSignature,nonRepudiation,contentCommitment,keyCertSign,cRLSign,
@ -456,21 +617,21 @@ WOLFSSL_API int wc_SetExtKeyUsage(Cert *cert, const char *value);
WOLFSSL_API int wc_SetExtKeyUsageOID(Cert *cert, const char *oid, word32 sz,
byte idx, void* heap);
#endif /* WOLFSSL_EKU_OID */
#if defined(WOLFSSL_ASN_TEMPLATE) && defined(WOLFSSL_CUSTOM_OID) && \
defined(HAVE_OID_ENCODING)
WOLFSSL_API int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
const byte *der, word32 derSz);
#endif
#endif /* WOLFSSL_CERT_EXT */
#ifdef HAVE_NTRU
WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
const byte* ntruKey, word16 keySz,
WC_RNG*);
#endif
#endif /* WOLFSSL_CERT_GEN */
WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz,
const byte** date, byte* format, int* length);
#ifndef NO_ASN_TIME
WOLFSSL_API int wc_GetDateAsCalendarTime(const byte* date, int length,
byte format, struct tm* time);
byte format, struct tm* timearg);
#endif
#if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
@ -487,30 +648,33 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type,
DerBuffer** pDer, void* heap, EncryptedInfo* info, int* keyFormat);
WOLFSSL_API int wc_KeyPemToDer(const unsigned char*, int,
unsigned char*, int, const char*);
WOLFSSL_API int wc_CertPemToDer(const unsigned char*, int,
unsigned char*, int, int);
WOLFSSL_API int wc_KeyPemToDer(const unsigned char* pem, int pemSz,
unsigned char* buff, int buffSz, const char* pass);
WOLFSSL_API int wc_CertPemToDer(const unsigned char* pem, int pemSz,
unsigned char* buff, int buffSz, int type);
#endif /* WOLFSSL_PEM_TO_DER */
#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_PEM_TO_DER)
WOLFSSL_API int wc_PemPubKeyToDer(const char* fileName,
unsigned char* derBuf, int derSz);
WOLFSSL_API int wc_PemPubKeyToDer_ex(const char* fileName, DerBuffer** der);
#endif
WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char*, int,
unsigned char*, int);
WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char* pem, int pemSz,
unsigned char* buff, int buffSz);
#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
#ifdef WOLFSSL_CERT_GEN
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_PEM_TO_DER)
WOLFSSL_API int wc_PemCertToDer(const char* fileName,
unsigned char* derBuf, int derSz);
WOLFSSL_API int wc_PemCertToDer_ex(const char* fileName, DerBuffer** der);
#endif
#endif /* WOLFSSL_CERT_GEN */
#ifdef WOLFSSL_DER_TO_PEM
WOLFSSL_ABI
WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
@ -521,15 +685,30 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
#if !defined(HAVE_USER_RSA)
WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx,
word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz);
/* For FIPS v1/v2 and selftest this is in rsa.h */
#if (!defined(HAVE_SELFTEST) || \
(defined(HAVE_SELFTEST) && defined(WOLFSSL_CERT_GEN) && \
!defined(WOLFSSL_KEY_GEN))) && \
(!defined(HAVE_FIPS) || \
!defined(HAVE_FIPS_VERSION) || \
((HAVE_FIPS_VERSION > 2) && \
(! ((HAVE_FIPS_VERSION == 5) && (HAVE_FIPS_VERSION_MINOR == 0)))))
WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen);
#endif
#endif
WOLFSSL_API int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header);
WOLFSSL_API int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
int with_header);
#endif
#ifndef NO_DSA
/* DSA parameter DER helper functions */
WOLFSSL_API int wc_DsaParamsDecode(const byte* input, word32* inOutIdx,
DsaKey*, word32);
WOLFSSL_API int wc_DsaKeyToParamsDer(DsaKey* key, byte* output, word32 inLen);
WOLFSSL_API int wc_DsaParamsDecode(const byte* input, word32* inOutIdx, DsaKey* key,
word32 inSz);
WOLFSSL_API int wc_DsaKeyToParamsDer(DsaKey* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_DsaKeyToParamsDer_ex(DsaKey* key, byte* output,
word32* inLen);
#endif
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
@ -541,73 +720,114 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
#ifdef HAVE_ECC
/* private key helpers */
WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*,
ecc_key*, word32);
WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen);
WOLFSSL_ABI
WOLFSSL_API int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx,
ecc_key* key, word32 inSz);
WOLFSSL_ABI
WOLFSSL_API int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen);
WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_EccKeyDerSize(ecc_key*, int pub);
WOLFSSL_API int wc_EccKeyDerSize(ecc_key* key, int pub);
WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output,
word32* outLen);
WOLFSSL_API int wc_EccKeyToPKCS8(ecc_key* key, byte* output,
word32* outLen);
/* public key helper */
WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*,
ecc_key*, word32);
WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key*, byte* output,
WOLFSSL_ABI
WOLFSSL_API int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
ecc_key* key, word32 inSz);
WOLFSSL_ABI WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key* key, byte* output,
word32 inLen, int with_AlgCurve);
WOLFSSL_API int wc_EccPublicKeyDerSize(ecc_key*, int with_AlgCurve);
WOLFSSL_API int wc_EccPublicKeyToDer_ex(ecc_key* key, byte* output,
word32 inLen, int with_AlgCurve,
int comp);
WOLFSSL_API int wc_EccPublicKeyDerSize(ecc_key* key, int with_AlgCurve);
#endif
/* RFC 5958 (Asymmetric Key Packages) */
#if !defined(WC_ENABLE_ASYM_KEY_EXPORT) && \
((defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)) || \
(defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)) || \
(defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)) || \
(defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_EXPORT)) || \
(defined(HAVE_PQC) && (defined(HAVE_FALCON) || \
defined(HAVE_DILITHIUM) || defined(HAVE_SPHINCS))))
#define WC_ENABLE_ASYM_KEY_EXPORT
#endif
#if !defined(WC_ENABLE_ASYM_KEY_IMPORT) && \
((defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)) || \
(defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_IMPORT)) || \
(defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)) || \
(defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_IMPORT)) || \
(defined(HAVE_PQC)))
#define WC_ENABLE_ASYM_KEY_IMPORT
#endif
#ifdef HAVE_ED25519
/* private key helpers */
#ifdef HAVE_ED25519_KEY_IMPORT
WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte*, word32*,
ed25519_key*, word32);
WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte* input, word32* inOutIdx,
ed25519_key* key, word32 inSz);
WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte* input, word32* inOutIdx,
ed25519_key* key, word32 inSz);
#endif
#ifdef HAVE_ED25519_KEY_EXPORT
WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output,
word32 inLen, int withAlg);
#endif
#endif /* HAVE_ED25519 */
/* public key helper */
WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte*, word32*,
ed25519_key*, word32);
#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) && \
defined(HAVE_ED25519_KEY_EXPORT)
WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key*, byte* output,
word32 inLen, int with_AlgCurve);
#endif
#ifdef HAVE_CURVE25519
#ifdef HAVE_CURVE25519_KEY_IMPORT
WOLFSSL_API int wc_Curve25519PrivateKeyDecode(
const byte* input, word32* inOutIdx, curve25519_key* key, word32 inSz);
WOLFSSL_API int wc_Curve25519PublicKeyDecode(
const byte* input, word32* inOutIdx, curve25519_key* key, word32 inSz);
#endif
#ifdef HAVE_CURVE25519_KEY_EXPORT
WOLFSSL_API int wc_Curve25519PrivateKeyToDer(
curve25519_key* key, byte* output, word32 inLen);
WOLFSSL_API int wc_Curve25519PublicKeyToDer(
curve25519_key* key, byte* output, word32 inLen, int withAlg);
#endif
#endif /* HAVE_CURVE25519 */
#ifdef HAVE_ED448
/* private key helpers */
#ifdef HAVE_ED448_KEY_IMPORT
WOLFSSL_API int wc_Ed448PrivateKeyDecode(const byte*, word32*,
ed448_key*, word32);
WOLFSSL_API int wc_Ed448PrivateKeyDecode(
const byte* input, word32* inOutIdx, ed448_key* key, word32 inSz);
WOLFSSL_API int wc_Ed448PublicKeyDecode(
const byte* input, word32* inOutIdx, ed448_key* key, word32 inSz);
#endif
#ifdef HAVE_ED448_KEY_EXPORT
WOLFSSL_API int wc_Ed448KeyToDer(ed448_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed448KeyToDer(ed448_key* key, byte* output, word32 inLen);
WOLFSSL_API int wc_Ed448PrivateKeyToDer(
ed448_key* key, byte* output, word32 inLen);
WOLFSSL_API int wc_Ed448PublicKeyToDer(
ed448_key* key, byte* output, word32 inLen, int withAlg);
#endif
#endif /* HAVE_ED448 */
/* public key helper */
WOLFSSL_API int wc_Ed448PublicKeyDecode(const byte*, word32*,
ed448_key*, word32);
#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) && \
defined(HAVE_ED448_KEY_EXPORT)
WOLFSSL_API int wc_Ed448PublicKeyToDer(ed448_key*, byte* output,
word32 inLen, int with_AlgCurve);
#endif
#ifdef HAVE_CURVE448
#ifdef HAVE_CURVE448_KEY_IMPORT
WOLFSSL_API int wc_Curve448PrivateKeyDecode(const byte* input, word32* inOutIdx,
curve448_key* key, word32 inSz);
WOLFSSL_API int wc_Curve448PublicKeyDecode(const byte* input, word32* inOutIdx,
curve448_key* key, word32 inSz);
#endif
#ifdef HAVE_CURVE448_KEY_EXPORT
WOLFSSL_API int wc_Curve448PrivateKeyToDer(curve448_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Curve448PublicKeyToDer(curve448_key* key, byte* output,
word32 inLen, int withAlg);
#endif
#endif /* HAVE_CURVE448 */
/* DER encode signature */
WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest,
@ -619,11 +839,16 @@ WOLFSSL_API int wc_GetPkcs8TraditionalOffset(byte* input,
WOLFSSL_API int wc_CreatePKCS8Key(byte* out, word32* outSz,
byte* key, word32 keySz, int algoID, const byte* curveOID,
word32 oidSz);
WOLFSSL_API int wc_EncryptPKCS8Key(byte*, word32, byte*, word32*, const char*,
int, int, int, int, byte*, word32, int, WC_RNG*, void*);
WOLFSSL_API int wc_DecryptPKCS8Key(byte*, word32, const char*, int);
WOLFSSL_API int wc_CreateEncryptedPKCS8Key(byte*, word32, byte*, word32*,
const char*, int, int, int, int, byte*, word32, int, WC_RNG*, void*);
WOLFSSL_API int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out, word32* outSz,
const char* password, int passwordSz, int vPKCS, int pbeOid,
int encAlgId, byte* salt, word32 saltSz, int itt, WC_RNG* rng,
void* heap);
WOLFSSL_API int wc_DecryptPKCS8Key(byte* input, word32 sz, const char* password,
int passwordSz);
WOLFSSL_API int wc_CreateEncryptedPKCS8Key(byte* key, word32 keySz, byte* out,
word32* outSz, const char* password, int passwordSz, int vPKCS,
int pbeOid, int encAlgId, byte* salt, word32 saltSz, int itt,
WC_RNG* rng, void* heap);
#ifndef NO_ASN_TIME
/* Time */
@ -634,6 +859,10 @@ WOLFSSL_API int wc_CreateEncryptedPKCS8Key(byte*, word32, byte*, word32*,
rc = wc_GetTime(&lTime, (word32)sizeof(lTime));
*/
WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize);
typedef time_t (*wc_time_cb)(time_t* t);
WOLFSSL_API int wc_SetTimeCb(wc_time_cb f);
WOLFSSL_API time_t wc_Time(time_t* t);
#endif
#ifdef WOLFSSL_ENCRYPTED_KEYS
@ -663,7 +892,24 @@ typedef struct _wc_CertPIV {
WOLFSSL_API int wc_ParseCertPIV(wc_CertPIV* cert, const byte* buf, word32 totalSz);
#endif /* WOLFSSL_CERT_PIV */
/* Forward declaration needed, as DecodedCert is defined in asn.h.*/
struct DecodedCert;
WOLFSSL_API void wc_InitDecodedCert(
struct DecodedCert* cert, const byte* source, word32 inSz, void* heap);
WOLFSSL_API void wc_FreeDecodedCert(struct DecodedCert* cert);
WOLFSSL_API int wc_ParseCert(
struct DecodedCert* cert, int type, int verify, void* cm);
WOLFSSL_API int wc_GetPubKeyDerFromCert(struct DecodedCert* cert,
byte* derKey, word32* derKeySz);
#ifdef WOLFSSL_FPKI
WOLFSSL_API int wc_GetUUIDFromCert(struct DecodedCert* cert,
byte* uuid, word32* uuidSz);
WOLFSSL_API int wc_GetFASCNFromCert(struct DecodedCert* cert,
byte* fascn, word32* fascnSz);
#endif /* WOLFSSL_FPKI */
#ifdef __cplusplus
} /* extern "C" */
#endif

View File

@ -12,7 +12,7 @@
*/
/* blake2-impl.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -12,7 +12,7 @@
*/
/* blake2-int.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -73,11 +73,11 @@
byte node_depth; /* 15 */
byte inner_length; /* 16 */
/* byte reserved[0]; */
byte salt[BLAKE2B_SALTBYTES]; /* 24 */
byte salt[BLAKE2S_SALTBYTES]; /* 24 */
byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */
} blake2s_param;
typedef struct ALIGN32 __blake2s_state
typedef struct __blake2s_state
{
word32 h[8];
word32 t[2];
@ -102,7 +102,7 @@
byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */
} blake2b_param;
typedef struct ALIGN64 __blake2b_state
typedef struct __blake2b_state
{
word64 h[8];
word64 t[2];
@ -130,36 +130,36 @@
#pragma pack(pop)
/* Streaming API */
int blake2s_init( blake2s_state *S, const byte outlen );
int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key, const byte keylen );
int blake2s_init( blake2s_state *S, byte outlen );
int blake2s_init_key( blake2s_state *S, byte outlen, const void *key, byte keylen );
int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
int blake2s_update( blake2s_state *S, const byte *in, word32 inlen );
int blake2s_final( blake2s_state *S, byte *out, byte outlen );
int blake2b_init( blake2b_state *S, const byte outlen );
int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, const byte keylen );
int blake2b_init( blake2b_state *S, byte outlen );
int blake2b_init_key( blake2b_state *S, byte outlen, const void *key, byte keylen );
int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
int blake2b_update( blake2b_state *S, const byte *in, word64 inlen );
int blake2b_final( blake2b_state *S, byte *out, byte outlen );
int blake2sp_init( blake2sp_state *S, const byte outlen );
int blake2sp_init_key( blake2sp_state *S, const byte outlen, const void *key, const byte keylen );
int blake2sp_init( blake2sp_state *S, byte outlen );
int blake2sp_init_key( blake2sp_state *S, byte outlen, const void *key, byte keylen );
int blake2sp_update( blake2sp_state *S, const byte *in, word32 inlen );
int blake2sp_final( blake2sp_state *S, byte *out, byte outlen );
int blake2bp_init( blake2bp_state *S, const byte outlen );
int blake2bp_init_key( blake2bp_state *S, const byte outlen, const void *key, const byte keylen );
int blake2bp_init( blake2bp_state *S, byte outlen );
int blake2bp_init_key( blake2bp_state *S, byte outlen, const void *key, byte keylen );
int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen );
int blake2bp_final( blake2bp_state *S, byte *out, byte outlen );
/* Simple API */
int blake2s( byte *out, const void *in, const void *key, const byte outlen, const word32 inlen, byte keylen );
int blake2b( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
int blake2s( byte *out, const void *in, const void *key, byte outlen, word32 inlen, byte keylen );
int blake2b( byte *out, const void *in, const void *key, byte outlen, word64 inlen, byte keylen );
int blake2sp( byte *out, const void *in, const void *key, const byte outlen, const word32 inlen, byte keylen );
int blake2bp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
int blake2sp( byte *out, const void *in, const void *key, byte outlen, word32 inlen, byte keylen );
int blake2bp( byte *out, const void *in, const void *key, byte outlen, word64 inlen, byte keylen );
static WC_INLINE int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen )
static WC_INLINE int blake2( byte *out, const void *in, const void *key, byte outlen, word64 inlen, byte keylen )
{
return blake2b( out, in, key, outlen, inlen, keylen );
}

View File

@ -1,6 +1,6 @@
/* blake2.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -75,17 +75,19 @@ typedef struct Blake2s {
#ifdef HAVE_BLAKE2B
WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32);
WOLFSSL_API int wc_InitBlake2b_WithKey(Blake2b*, word32, const byte *, word32);
WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32);
WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32);
WOLFSSL_API int wc_InitBlake2b(Blake2b* b2b, word32 digestSz);
WOLFSSL_API int wc_InitBlake2b_WithKey(Blake2b* b2b, word32 digestSz,
const byte *key, word32 keylen);
WOLFSSL_API int wc_Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz);
WOLFSSL_API int wc_Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz);
#endif
#ifdef HAVE_BLAKE2S
WOLFSSL_API int wc_InitBlake2s(Blake2s*, word32);
WOLFSSL_API int wc_InitBlake2s_WithKey(Blake2s*, word32, const byte *, word32);
WOLFSSL_API int wc_Blake2sUpdate(Blake2s*, const byte*, word32);
WOLFSSL_API int wc_Blake2sFinal(Blake2s*, byte*, word32);
WOLFSSL_API int wc_InitBlake2s(Blake2s* b2s, word32 digestSz);
WOLFSSL_API int wc_InitBlake2s_WithKey(Blake2s* b2s, word32 digestSz,
const byte *key, word32 keylen);
WOLFSSL_API int wc_Blake2sUpdate(Blake2s* b2s, const byte* data, word32 sz);
WOLFSSL_API int wc_Blake2sFinal(Blake2s* b2s, byte* final, word32 requestSz);
#endif

View File

@ -27,7 +27,7 @@
/* camellia.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* chacha.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -71,7 +71,7 @@ Block counter is located at index 12.
#endif
enum {
CHACHA_ENC_TYPE = WC_CIPHER_CHACHA, /* cipher unique type */
CHACHA_ENC_TYPE = WC_CIPHER_CHACHA, /* cipher unique type */
CHACHA_MAX_KEY_SZ = 32,
};
@ -102,8 +102,8 @@ WOLFSSL_API int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz);
#ifdef HAVE_XCHACHA
WOLFSSL_API int wc_XChacha_SetKey(ChaCha *ctx, const byte *key, word32 keySz,
const byte *nonce, word32 nonceSz,
word32 counter);
const byte *nonce, word32 nonceSz,
word32 counter);
#endif
#ifdef __cplusplus

View File

@ -1,6 +1,6 @@
/* chacha20_poly1305.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -86,21 +86,21 @@ typedef struct ChaChaPoly_Aead {
* concatenating a constant value.
*/
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ChaCha20Poly1305_Encrypt(
const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte* inAAD, const word32 inAADLen,
const byte* inPlaintext, const word32 inPlaintextLen,
const byte* inAAD, word32 inAADLen,
const byte* inPlaintext, word32 inPlaintextLen,
byte* outCiphertext,
byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ChaCha20Poly1305_Decrypt(
const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte* inAAD, const word32 inAADLen,
const byte* inCiphertext, const word32 inCiphertextLen,
const byte* inAAD, word32 inAADLen,
const byte* inCiphertext, word32 inCiphertextLen,
const byte inAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE],
byte* outPlaintext);
@ -134,18 +134,18 @@ WOLFSSL_API int wc_XChaCha20Poly1305_Init(
int isEncrypt);
WOLFSSL_API int wc_XChaCha20Poly1305_Encrypt(
byte *dst, const size_t dst_space,
const byte *src, const size_t src_len,
const byte *ad, const size_t ad_len,
const byte *nonce, const size_t nonce_len,
const byte *key, const size_t key_len);
byte *dst, size_t dst_space,
const byte *src, size_t src_len,
const byte *ad, size_t ad_len,
const byte *nonce, size_t nonce_len,
const byte *key, size_t key_len);
WOLFSSL_API int wc_XChaCha20Poly1305_Decrypt(
byte *dst, const size_t dst_space,
const byte *src, const size_t src_len,
const byte *ad, const size_t ad_len,
const byte *nonce, const size_t nonce_len,
const byte *key, const size_t key_len);
byte *dst, size_t dst_space,
const byte *src, size_t src_len,
const byte *ad, size_t ad_len,
const byte *nonce, size_t nonce_len,
const byte *key, size_t key_len);
#endif /* HAVE_XCHACHA */

View File

@ -1,6 +1,6 @@
/* cmac.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -56,13 +56,21 @@ struct Cmac {
#ifdef WOLF_CRYPTO_CB
int devId;
void* devCtx;
#ifdef WOLFSSL_QNX_CAAM
#ifdef WOLFSSL_CAAM
byte ctx[32]; /* hold state for save and return */
word32 blackKey;
word32 keylen;
byte initialized;
#endif
#endif
#if defined(WOLFSSL_HASH_KEEP)
byte* msg;
word32 used;
word32 len;
#endif
#ifdef WOLFSSL_SE050
byte useSWCrypt; /* Use SW crypt instead of SE050, before SCP03 auth */
#endif
};
@ -103,6 +111,14 @@ int wc_AesCmacVerify(const byte* check, word32 checkSz,
const byte* in, word32 inSz,
const byte* key, word32 keySz);
WOLFSSL_LOCAL
void ShiftAndXorRb(byte* out, byte* in);
#ifdef WOLFSSL_HASH_KEEP
WOLFSSL_API
int wc_CMAC_Grow(Cmac* cmac, const byte* in, int inSz);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

View File

@ -1,6 +1,6 @@
/* coding.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* compress.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

View File

@ -1,6 +1,6 @@
/* cpuid.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -35,6 +35,11 @@
#if (defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \
defined(WOLFSSL_AESNI) || defined(WOLFSSL_SP_X86_64_ASM)) && \
!defined(WOLFSSL_NO_ASM)
#define HAVE_CPUID
#define HAVE_CPUID_INTEL
#endif
#ifdef HAVE_CPUID_INTEL
#define CPUID_AVX1 0x0001
#define CPUID_AVX2 0x0002
@ -44,6 +49,7 @@
#define CPUID_AESNI 0x0020
#define CPUID_ADX 0x0040 /* ADCX, ADOX */
#define CPUID_MOVBE 0x0080 /* Move and byte swap */
#define CPUID_BMI1 0x0100 /* ANDN */
#define IS_INTEL_AVX1(f) ((f) & CPUID_AVX1)
#define IS_INTEL_AVX2(f) ((f) & CPUID_AVX2)
@ -53,7 +59,11 @@
#define IS_INTEL_AESNI(f) ((f) & CPUID_AESNI)
#define IS_INTEL_ADX(f) ((f) & CPUID_ADX)
#define IS_INTEL_MOVBE(f) ((f) & CPUID_MOVBE)
#define IS_INTEL_BMI1(f) ((f) & CPUID_BMI1)
#endif
#ifdef HAVE_CPUID
void cpuid_set_flags(void);
word32 cpuid_get_flags(void);

View File

@ -1,6 +1,6 @@
/* cryptocb.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -75,10 +75,15 @@
/* Crypto Information Structure for callbacks */
typedef struct wc_CryptoInfo {
int algo_type; /* enum wc_AlgoType */
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
union {
#endif
#if !defined(NO_RSA) || defined(HAVE_ECC)
struct {
int type; /* enum wc_PkType */
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
union {
#endif
#ifndef NO_RSA
struct {
const byte* in;
@ -182,14 +187,18 @@ typedef struct wc_CryptoInfo {
byte contextLen;
} ed25519verify;
#endif
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
};
#endif
} pk;
#endif /* !NO_RSA || HAVE_ECC */
#if !defined(NO_AES) || !defined(NO_DES3)
struct {
int type; /* enum wc_CipherType */
int enc;
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
union {
#endif
#ifdef HAVE_AESGCM
struct {
Aes* aes;
@ -216,7 +225,33 @@ typedef struct wc_CryptoInfo {
word32 authInSz;
} aesgcm_dec;
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
#ifdef HAVE_AESCCM
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
const byte* nonce;
word32 nonceSz;
byte* authTag;
word32 authTagSz;
const byte* authIn;
word32 authInSz;
} aesccm_enc;
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
const byte* nonce;
word32 nonceSz;
const byte* authTag;
word32 authTagSz;
const byte* authIn;
word32 authInSz;
} aesccm_dec;
#endif /* HAVE_AESCCM */
#if defined(HAVE_AES_CBC)
struct {
Aes* aes;
byte* out;
@ -224,6 +259,22 @@ typedef struct wc_CryptoInfo {
word32 sz;
} aescbc;
#endif /* HAVE_AES_CBC */
#if defined(WOLFSSL_AES_COUNTER)
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
} aesctr;
#endif /* WOLFSSL_AES_COUNTER */
#if defined(HAVE_AES_ECB)
struct {
Aes* aes;
byte* out;
const byte* in;
word32 sz;
} aesecb;
#endif /* HAVE_AES_ECB */
#ifndef NO_DES3
struct {
Des3* des;
@ -232,7 +283,9 @@ typedef struct wc_CryptoInfo {
word32 sz;
} des3;
#endif
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
};
#endif
} cipher;
#endif /* !NO_AES || !NO_DES3 */
#if !defined(NO_SHA) || !defined(NO_SHA256) || \
@ -242,10 +295,15 @@ typedef struct wc_CryptoInfo {
const byte* in;
word32 inSz;
byte* digest;
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
union {
#endif
#ifndef NO_SHA
wc_Sha* sha1;
#endif
#ifdef WOLFSSL_SHA224
wc_Sha224* sha224;
#endif
#ifndef NO_SHA256
wc_Sha256* sha256;
#endif
@ -255,7 +313,9 @@ typedef struct wc_CryptoInfo {
#ifdef WOLFSSL_SHA512
wc_Sha512* sha512;
#endif
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
};
#endif
} hash;
#endif /* !NO_SHA || !NO_SHA256 */
#ifndef NO_HMAC
@ -292,6 +352,9 @@ typedef struct wc_CryptoInfo {
int type;
} cmac;
#endif
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
};
#endif
} wc_CryptoInfo;
@ -301,6 +364,11 @@ WOLFSSL_LOCAL void wc_CryptoCb_Init(void);
WOLFSSL_LOCAL int wc_CryptoCb_GetDevIdAtIndex(int startIdx);
WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId);
WOLFSSL_API int wc_CryptoCb_DefaultDevID(void);
#ifdef DEBUG_CRYPTOCB
WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info);
#endif
/* old function names */
#define wc_CryptoDev_RegisterDevice wc_CryptoCb_RegisterDevice
@ -367,12 +435,35 @@ WOLFSSL_LOCAL int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESGCM */
#ifdef HAVE_AESCCM
WOLFSSL_LOCAL int wc_CryptoCb_AesCcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* nonce, word32 nonceSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_LOCAL int wc_CryptoCb_AesCcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
#ifdef HAVE_AES_CBC
WOLFSSL_LOCAL int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_LOCAL int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* HAVE_AES_CBC */
#ifdef WOLFSSL_AES_COUNTER
WOLFSSL_LOCAL int wc_CryptoCb_AesCtrEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* WOLFSSL_AES_COUNTER */
#ifdef HAVE_AES_ECB
WOLFSSL_LOCAL int wc_CryptoCb_AesEcbEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_LOCAL int wc_CryptoCb_AesEcbDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* HAVE_AES_ECB */
#endif /* !NO_AES */
#ifndef NO_DES3

View File

@ -1,6 +1,6 @@
/* curve25519.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -43,6 +43,7 @@
#endif
#define CURVE25519_KEYSIZE 32
#define CURVE25519_PUB_KEY_SIZE 32
#ifdef WOLFSSL_NAMES_STATIC
typedef char curve25519_str[12];
@ -59,22 +60,28 @@ typedef struct {
/* ECC point, the internal structure is Little endian
* the mathematical functions used the endianness */
typedef struct {
typedef struct ECPoint {
byte point[CURVE25519_KEYSIZE];
#ifdef FREESCALE_LTC_ECC
byte pointY[CURVE25519_KEYSIZE];
#endif
#ifdef FREESCALE_LTC_ECC
byte pointY[CURVE25519_KEYSIZE];
#endif
byte pointSz;
} ECPoint;
#ifndef WC_CURVE25519KEY_TYPE_DEFINED
typedef struct curve25519_key curve25519_key;
#define WC_CURVE25519KEY_TYPE_DEFINED
#endif
/* A CURVE25519 Key */
typedef struct curve25519_key {
struct curve25519_key {
int idx; /* Index into the ecc_sets[] for the parameters of
this curve if -1, this key is using user supplied
curve in dp */
const curve25519_set_type* dp; /* domain parameters, either points to
curves (idx >= 0) or user supplied */
ECPoint p; /* public key */
ECPoint k; /* private key */
ECPoint p; /* public point for key */
byte k[CURVE25519_KEYSIZE]; /* private scaler for key */
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
@ -82,7 +89,16 @@ typedef struct curve25519_key {
#if defined(WOLF_CRYPTO_CB)
int devId;
#endif
} curve25519_key;
#ifdef WOLFSSL_SE050
word32 keyId;
byte keyIdSet;
#endif
/* bit fields */
byte pubSet:1;
byte privSet:1;
};
enum {
EC25519_LITTLE_ENDIAN=0,
@ -179,4 +195,3 @@ int wc_curve25519_size(curve25519_key* key);
#endif /* HAVE_CURVE25519 */
#endif /* WOLF_CRYPT_CURVE25519_H */

View File

@ -1,6 +1,6 @@
/* curve448.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -43,16 +43,24 @@
#define CURVE448_KEY_SIZE 56
#define CURVE448_PUB_KEY_SIZE 56
#ifndef WC_CURVE448KEY_TYPE_DEFINED
typedef struct curve448_key curve448_key;
#define WC_CURVE448KEY_TYPE_DEFINED
#endif
/* A CURVE448 Key */
typedef struct curve448_key {
struct curve448_key {
byte p[CURVE448_PUB_KEY_SIZE]; /* public key */
byte k[CURVE448_KEY_SIZE]; /* private key */
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif
} curve448_key;
/* bit fields */
byte pubSet:1;
byte privSet:1;
};
enum {
EC448_LITTLE_ENDIAN = 0,
@ -62,6 +70,10 @@ enum {
WOLFSSL_API
int wc_curve448_make_key(WC_RNG* rng, int keysize, curve448_key* key);
WOLFSSL_API
int wc_curve448_make_pub(int public_size, byte* pub, int private_size,
const byte* priv);
WOLFSSL_API
int wc_curve448_shared_secret(curve448_key* private_key,
curve448_key* public_key,

View File

@ -1,6 +1,6 @@
/* des3.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -30,15 +30,15 @@
#ifndef NO_DES3
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION == 2 || HAVE_FIPS_VERSION == 3)
#include <libs/libwolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* included for fips @wc_fips */
#include <cyassl/ctaocrypt/des3.h>
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* included for fips @wc_fips */
#include <cyassl/ctaocrypt/des3.h>
#endif
#ifdef __cplusplus
@ -54,13 +54,18 @@ enum {
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
HAVE_FIPS_VERSION >= 2)
#ifdef WOLFSSL_ASYNC_CRYPT
#include <libs/libwolfssl/wolfcrypt/async.h>
#endif
#ifdef WOLFSSL_SE050
/* SE050 SDK also defines DES_BLOCK_SIZE */
#undef DES_BLOCK_SIZE
#endif
enum {
DES_ENC_TYPE = WC_CIPHER_DES, /* cipher unique type */
DES3_ENC_TYPE = WC_CIPHER_DES3, /* cipher unique type */
@ -79,6 +84,9 @@ enum {
#if defined(STM32_CRYPTO)
#include <libs/libwolfssl/wolfcrypt/port/st/stm32.h>
enum {
DES_CBC = 0,
DES_ECB = 1
@ -117,7 +125,7 @@ struct Des3 {
typedef struct Des3 Des3;
#define WC_DES3_TYPE_DEFINED
#endif
#endif /* HAVE_FIPS */
#endif /* HAVE_FIPS && HAVE_FIPS_VERSION >= 2 */
WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key,
@ -146,8 +154,8 @@ WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out,
/* These are only required when using either:
static memory (WOLFSSL_STATIC_MEMORY) or asynchronous (WOLFSSL_ASYNC_CRYPT) */
WOLFSSL_API int wc_Des3Init(Des3*, void*, int);
WOLFSSL_API void wc_Des3Free(Des3*);
WOLFSSL_API int wc_Des3Init(Des3* des3, void* heap, int devId);
WOLFSSL_API void wc_Des3Free(Des3* des3);
#ifdef __cplusplus
} /* extern "C" */

View File

@ -1,6 +1,6 @@
/* dh.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -38,6 +38,10 @@
#include <libs/libwolfssl/wolfcrypt/integer.h>
#include <libs/libwolfssl/wolfcrypt/random.h>
#ifdef WOLFSSL_KCAPI_DH
#include <libs/libwolfssl/wolfcrypt/port/kcapi/kcapi_dh.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
@ -67,6 +71,10 @@ struct DhKey {
void* heap;
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif
int trustedGroup;
#ifdef WOLFSSL_KCAPI_DH
struct kcapi_handle* handle;
#endif
};
@ -75,6 +83,44 @@ struct DhKey {
#define WC_DH_TYPE_DEFINED
#endif
enum {
WC_FFDHE_2048 = 256,
WC_FFDHE_3072 = 257,
WC_FFDHE_4096 = 258,
WC_FFDHE_6144 = 259,
WC_FFDHE_8192 = 260,
};
/* DH Private Key size up to 8192 bit */
#ifndef WC_DH_PRIV_MAX_SZ
#define WC_DH_PRIV_MAX_SZ 52
#endif
#ifndef DH_MAX_SIZE
#ifdef USE_FAST_MATH
/* FP implementation support numbers up to FP_MAX_BITS / 2 bits. */
#define DH_MAX_SIZE (FP_MAX_BITS / 2)
#if defined(WOLFSSL_MYSQL_COMPATIBLE) && DH_MAX_SIZE < 8192
#error "MySQL needs FP_MAX_BITS at least at 16384"
#endif
#elif defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_MATH)
/* SP implementation supports numbers of SP_INT_BITS bits. */
#define DH_MAX_SIZE (((SP_INT_BITS + 7) / 8) * 8)
#if defined(WOLFSSL_MYSQL_COMPATIBLE) && DH_MAX_SIZE < 8192
#error "MySQL needs SP_INT_BITS at least at 8192"
#endif
#else
#ifdef WOLFSSL_MYSQL_COMPATIBLE
/* Integer maths is dynamic but we only go up to 8192 bits. */
#define DH_MAX_SIZE 8192
#else
/* Integer maths is dynamic but we only go up to 4096 bits. */
#define DH_MAX_SIZE 4096
#endif
#endif
#endif
#ifdef HAVE_PUBLIC_FFDHE
#ifdef HAVE_FFDHE_2048
WOLFSSL_API const DhParams* wc_Dh_ffdhe2048_Get(void);
#endif
@ -90,6 +136,7 @@ WOLFSSL_API const DhParams* wc_Dh_ffdhe6144_Get(void);
#ifdef HAVE_FFDHE_8192
WOLFSSL_API const DhParams* wc_Dh_ffdhe8192_Get(void);
#endif
#endif
WOLFSSL_API int wc_InitDhKey(DhKey* key);
WOLFSSL_API int wc_InitDhKey_ex(DhKey* key, void* heap, int devId);
@ -102,16 +149,24 @@ WOLFSSL_API int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz,
word32 pubSz);
WOLFSSL_API int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
word32); /* wc_DhKeyDecode is in asn.c */
word32 inSz); /* wc_DhKeyDecode is in asn.c */
WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
word32 gSz);
WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz,
const byte* g, word32 gSz, const byte* q, word32 qSz);
WOLFSSL_API int wc_DhSetNamedKey(DhKey* key, int name);
WOLFSSL_API int wc_DhGetNamedKeyParamSize(int name,
word32* p, word32* g, word32* q);
WOLFSSL_API word32 wc_DhGetNamedKeyMinSize(int name);
WOLFSSL_API int wc_DhCmpNamedKey(int name, int noQ,
const byte* p, word32 pSz,
const byte* g, word32 gSz,
const byte* q, word32 qSz);
WOLFSSL_API int wc_DhCopyNamedKey(int name,
byte* p, word32* pSz, byte* g, word32* gSz, byte* q, word32* qSz);
#ifdef WOLFSSL_DH_EXTRA
WOLFSSL_API int wc_DhPublicKeyDecode(const byte* input, word32* inOutIdx,
DhKey* key, word32 inSz);
WOLFSSL_API int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz,
const byte* pub, word32 pubSz);
WOLFSSL_API int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz,

View File

@ -0,0 +1,155 @@
/* dilithium.h
*
* Copyright (C) 2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/dilithium.h
*/
/* Interfaces for Dilithium NIST Level 1 (Dilithium512) and Dilithium NIST Level 5
* (Dilithium1024). */
#ifndef WOLF_CRYPT_DILITHIUM_H
#define WOLF_CRYPT_DILITHIUM_H
#include <libs/libwolfssl/wolfcrypt/types.h>
#if defined(HAVE_PQC) && defined(HAVE_DILITHIUM)
#ifdef HAVE_LIBOQS
#include <oqs/oqs.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* Macros Definitions */
#ifdef HAVE_LIBOQS
#define DILITHIUM_LEVEL2_KEY_SIZE OQS_SIG_dilithium_2_length_secret_key
#define DILITHIUM_LEVEL2_SIG_SIZE OQS_SIG_dilithium_2_length_signature
#define DILITHIUM_LEVEL2_PUB_KEY_SIZE OQS_SIG_dilithium_2_length_public_key
#define DILITHIUM_LEVEL2_PRV_KEY_SIZE (DILITHIUM_LEVEL2_PUB_KEY_SIZE+DILITHIUM_LEVEL2_KEY_SIZE)
#define DILITHIUM_LEVEL3_KEY_SIZE OQS_SIG_dilithium_3_length_secret_key
#define DILITHIUM_LEVEL3_SIG_SIZE OQS_SIG_dilithium_3_length_signature
#define DILITHIUM_LEVEL3_PUB_KEY_SIZE OQS_SIG_dilithium_3_length_public_key
#define DILITHIUM_LEVEL3_PRV_KEY_SIZE (DILITHIUM_LEVEL3_PUB_KEY_SIZE+DILITHIUM_LEVEL3_KEY_SIZE)
#define DILITHIUM_LEVEL5_KEY_SIZE OQS_SIG_dilithium_5_length_secret_key
#define DILITHIUM_LEVEL5_SIG_SIZE OQS_SIG_dilithium_5_length_signature
#define DILITHIUM_LEVEL5_PUB_KEY_SIZE OQS_SIG_dilithium_5_length_public_key
#define DILITHIUM_LEVEL5_PRV_KEY_SIZE (DILITHIUM_LEVEL5_PUB_KEY_SIZE+DILITHIUM_LEVEL5_KEY_SIZE)
#endif
#define DILITHIUM_MAX_KEY_SIZE DILITHIUM_LEVEL5_PRV_KEY_SIZE
#define DILITHIUM_MAX_SIG_SIZE DILITHIUM_LEVEL5_SIG_SIZE
#define DILITHIUM_MAX_PUB_KEY_SIZE DILITHIUM_LEVEL5_PUB_KEY_SIZE
#define DILITHIUM_MAX_PRV_KEY_SIZE DILITHIUM_LEVEL5_PRV_KEY_SIZE
#define SHAKE_VARIANT 1
#define AES_VARIANT 2
/* Structs */
struct dilithium_key {
bool pubKeySet;
bool prvKeySet;
byte level; /* 2,3 or 5 */
byte sym; /* SHAKE_VARIANT or AES_VARIANT */
byte p[DILITHIUM_MAX_PUB_KEY_SIZE];
byte k[DILITHIUM_MAX_PRV_KEY_SIZE];
};
#ifndef WC_DILITHIUMKEY_TYPE_DEFINED
typedef struct dilithium_key dilithium_key;
#define WC_DILITHIUMKEY_TYPE_DEFINED
#endif
/* Functions */
WOLFSSL_API
int wc_dilithium_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
dilithium_key* key);
WOLFSSL_API
int wc_dilithium_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* res, dilithium_key* key);
WOLFSSL_API
int wc_dilithium_init(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_set_level_and_sym(dilithium_key* key, byte level, byte sym);
WOLFSSL_API
int wc_dilithium_get_level_and_sym(dilithium_key* key, byte* level, byte *sym);
WOLFSSL_API
void wc_dilithium_free(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_import_public(const byte* in, word32 inLen, dilithium_key* key);
WOLFSSL_API
int wc_dilithium_import_private_only(const byte* priv, word32 privSz,
dilithium_key* key);
WOLFSSL_API
int wc_dilithium_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz,
dilithium_key* key);
WOLFSSL_API
int wc_dilithium_export_public(dilithium_key*, byte* out, word32* outLen);
WOLFSSL_API
int wc_dilithium_export_private_only(dilithium_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_dilithium_export_private(dilithium_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_dilithium_export_key(dilithium_key* key, byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
WOLFSSL_API
int wc_dilithium_check_key(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_size(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_priv_size(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_pub_size(dilithium_key* key);
WOLFSSL_API
int wc_dilithium_sig_size(dilithium_key* key);
WOLFSSL_API int wc_Dilithium_PrivateKeyDecode(const byte* input,
word32* inOutIdx,
dilithium_key* key, word32 inSz);
WOLFSSL_API int wc_Dilithium_PublicKeyDecode(const byte* input,
word32* inOutIdx,
dilithium_key* key, word32 inSz);
WOLFSSL_API int wc_Dilithium_KeyToDer(dilithium_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Dilithium_PrivateKeyToDer(dilithium_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Dilithium_PublicKeyToDer(dilithium_key* key, byte* output,
word32 inLen, int withAlg);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_PQC && HAVE_DILITHIUM */
#endif /* WOLF_CRYPT_DILITHIUM_H */

View File

@ -1,6 +1,6 @@
/* dsa.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -84,9 +84,9 @@ WOLFSSL_API int wc_DsaSign(const byte* digest, byte* out,
WOLFSSL_API int wc_DsaVerify(const byte* digest, const byte* sig,
DsaKey* key, int* answer);
WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx,
DsaKey*, word32);
DsaKey* key, word32 inSz);
WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
DsaKey*, word32);
DsaKey* key, word32 inSz);
WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
WOLFSSL_API int wc_SetDsaPublicKey(byte* output, DsaKey* key,
int outLen, int with_header);

View File

@ -1,6 +1,6 @@
/* ecc.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -62,6 +62,18 @@
#include <libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h>
#endif
#if defined(WOLFSSL_KCAPI_ECC)
#include <libs/libwolfssl/wolfcrypt/port/kcapi/kcapi_ecc.h>
#endif
#ifdef WOLFSSL_SE050
#include <libs/libwolfssl/wolfcrypt/port/nxp/se050_port.h>
#endif
#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
#include <libs/libwolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h>
#endif
#ifdef WOLFSSL_HAVE_SP_ECC
#include <libs/libwolfssl/wolfcrypt/sp_int.h>
#endif
@ -164,8 +176,13 @@ enum {
CRYPTOCELL_KEY_SIZE = ECC_MAXSIZE,
#endif
ECC_MAX_CRYPTO_HW_SIZE = CRYPTOCELL_KEY_SIZE,
#elif defined(WOLFSSL_SE050)
ECC_MAX_CRYPTO_HW_SIZE = 66,
#elif defined(WOLFSSL_XILINX_CRYPT_VERSAL)
ECC_MAX_CRYPTO_HW_SIZE = MAX_ECC_BYTES,
#endif
/* point compression type */
ECC_POINT_COMP_EVEN = 0x02,
ECC_POINT_COMP_ODD = 0x03,
@ -174,12 +191,16 @@ enum {
/* Shamir's dual add constants */
SHAMIR_PRECOMP_SZ = 16,
#ifdef WOLF_CRYPTO_CB
#ifdef WOLF_PRIVATE_KEY_ID
ECC_MAX_ID_LEN = 32,
ECC_MAX_LABEL_LEN = 32,
#endif
};
#endif /* HAVE_ECC */
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \
defined(HAVE_CURVE448) || defined(WOLFCRYPT_HAVE_SAKKE)
/* Curve Types */
typedef enum ecc_curve_id {
ECC_CURVE_INVALID = -1,
@ -227,7 +248,6 @@ typedef enum ecc_curve_id {
#ifdef HAVE_CURVE448
ECC_X448,
#endif
#ifdef WOLFCRYPT_HAVE_SAKKE
ECC_SAKKE_1,
#endif
@ -237,6 +257,9 @@ typedef enum ecc_curve_id {
#endif
ECC_CURVE_MAX
} ecc_curve_id;
#endif
#ifdef HAVE_ECC
#ifdef HAVE_OID_ENCODING
typedef word16 ecc_oid_t;
@ -275,7 +298,7 @@ typedef struct ecc_set_type {
} ecc_set_type;
#else
#define MAX_ECC_NAME 16
#define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 1)
#define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 2)
/* The values are stored as text strings. */
typedef struct ecc_set_type {
@ -322,7 +345,8 @@ typedef struct ecc_set_type {
* The ALT_ECC_SIZE option only applies to stack based fast math USE_FAST_MATH.
*/
#ifndef USE_FAST_MATH
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH_ALL) && \
!defined(WOLFSSL_SP_MATH)
#error USE_FAST_MATH must be defined to use ALT_ECC_SIZE
#endif
#ifdef WOLFSSL_NO_MALLOC
@ -341,6 +365,9 @@ typedef struct ecc_set_type {
#endif
/* verify alignment */
#if CHAR_BIT == 0
#error CHAR_BIT must be nonzero
#endif
#if FP_MAX_BITS_ECC % CHAR_BIT
#error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
#endif
@ -377,7 +404,7 @@ typedef struct {
mp_int* z; /* The z coordinate */
alt_fp_int xyz[3];
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
#if defined(WOLFSSL_SMALL_STACK_CACHE) && !defined(WOLFSSL_ECC_NO_SMALL_STACK)
ecc_key* key;
#endif
} ecc_point;
@ -385,9 +412,7 @@ typedef struct {
/* ECC Flags */
enum {
WC_ECC_FLAG_NONE = 0x00,
#ifdef HAVE_ECC_CDH
WC_ECC_FLAG_COFACTOR = 0x01,
#endif
WC_ECC_FLAG_DEC_SIGN = 0x02,
};
@ -421,11 +446,15 @@ struct ecc_key {
ecc_point pubkey; /* public key */
mp_int k; /* private key */
#ifdef WOLFSSL_QNX_CAAM
#ifdef WOLFSSL_CAAM
word32 blackKey; /* address of key encrypted and in secure memory */
word32 securePubKey; /* address of public key in secure memory */
int partNum; /* partition number*/
#endif
#ifdef WOLFSSL_SE050
word32 keyId;
byte keyIdSet;
#endif
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
int slot; /* Key Slot Number (-1 unknown) */
byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
@ -442,7 +471,18 @@ struct ecc_key {
*/
byte key_raw[3 * ECC_MAX_CRYPTO_HW_SIZE];
#endif
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
maxq_ecc_t maxq_ctx;
#endif
#ifdef WOLFSSL_KCAPI_ECC
struct kcapi_handle* handle;
byte pubkey_raw[MAX_ECC_BYTES * 2];
#endif
#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
wc_Xsecure xSec;
byte keyRaw[3 * ECC_MAX_CRYPTO_HW_SIZE] ALIGN32;
byte* privKey;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
mp_int* r; /* sign/verify temps */
mp_int* s;
@ -455,7 +495,7 @@ struct ecc_key {
CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLF_CRYPTO_CB
#ifdef WOLF_PRIVATE_KEY_ID
byte id[ECC_MAX_ID_LEN];
int idLen;
char label[ECC_MAX_LABEL_LEN];
@ -466,14 +506,21 @@ struct ecc_key {
#endif
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K)
mp_int *sign_k;
defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
#ifndef WOLFSSL_NO_MALLOC
mp_int* sign_k;
#else
mp_int sign_k[1];
byte sign_k_set:1;
#endif
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K)
#endif
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
byte deterministic:1;
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
#if defined(WOLFSSL_SMALL_STACK_CACHE) && !defined(WOLFSSL_ECC_NO_SMALL_STACK)
mp_int* t1;
mp_int* t2;
#ifdef ALT_ECC_SIZE
@ -495,8 +542,8 @@ struct ecc_key {
};
WOLFSSL_ABI WOLFSSL_API ecc_key* wc_ecc_key_new(void*);
WOLFSSL_ABI WOLFSSL_API void wc_ecc_key_free(ecc_key*);
WOLFSSL_ABI WOLFSSL_API ecc_key* wc_ecc_key_new(void* heap);
WOLFSSL_ABI WOLFSSL_API void wc_ecc_key_free(ecc_key* key);
/* ECC predefined curve sets */
@ -516,21 +563,19 @@ ECC_API int ecc_mul2add(ecc_point* A, mp_int* kA,
ecc_point* B, mp_int* kB,
ecc_point* C, mp_int* a, mp_int* modulus, void* heap);
ECC_API int ecc_map(ecc_point*, mp_int*, mp_digit);
ECC_API int ecc_map_ex(ecc_point*, mp_int*, mp_digit, int ct);
ECC_API int ecc_map(ecc_point* P, mp_int* modulus, mp_digit mp);
ECC_API int ecc_map_ex(ecc_point* P, mp_int* modulus, mp_digit mp, int ct);
ECC_API int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
mp_int* a, mp_int* modulus, mp_digit mp);
ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a,
mp_int* modulus, mp_digit mp);
WOLFSSL_LOCAL
int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B, ecc_point* R,
mp_int* a, mp_int* modulus, mp_digit mp, int* infinity);
WOLFSSL_LOCAL
int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a,
mp_int* modulus, mp_digit mp);
ECC_API int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B,
ecc_point* R, mp_int* a, mp_int* modulus, mp_digit mp, int* infinity);
ECC_API int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a,
mp_int* modulus, mp_digit mp);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
@ -541,7 +586,7 @@ WOLFSSL_API
int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut);
WOLFSSL_API
int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_check_key(ecc_key* key);
WOLFSSL_API
int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime);
@ -549,12 +594,10 @@ WOLFSSL_API
int wc_ecc_get_generator(ecc_point* ecp, int curve_idx);
#ifdef HAVE_ECC_DHE
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
word32* outlen);
WOLFSSL_LOCAL
int wc_ecc_shared_secret_gen(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen);
WOLFSSL_API
int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen);
@ -575,7 +618,8 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
WOLFSSL_API
int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
ecc_key* key, mp_int *r, mp_int *s);
#ifdef WOLFSSL_ECDSA_DETERMINISTIC_K
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
WOLFSSL_API
int wc_ecc_set_deterministic(ecc_key* key, byte flag);
WOLFSSL_API
@ -590,19 +634,19 @@ int wc_ecc_sign_set_k(const byte* k, word32 klen, ecc_key* key);
#endif /* HAVE_ECC_SIGN */
#ifdef HAVE_ECC_VERIFY
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
word32 hashlen, int* stat, ecc_key* key);
word32 hashlen, int* res, ecc_key* key);
WOLFSSL_API
int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* stat, ecc_key* key);
word32 hashlen, int* res, ecc_key* key);
#endif /* HAVE_ECC_VERIFY */
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_init(ecc_key* key);
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
#ifdef WOLF_CRYPTO_CB
#ifdef WOLF_PRIVATE_KEY_ID
WOLFSSL_API
int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
int devId);
@ -617,14 +661,12 @@ WOLFSSL_ABI WOLFSSL_API
int wc_ecc_free(ecc_key* key);
WOLFSSL_API
int wc_ecc_set_flags(ecc_key* key, word32 flags);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
void wc_ecc_fp_free(void);
WOLFSSL_LOCAL
void wc_ecc_fp_init(void);
#ifdef ECC_TIMING_RESISTANT
WOLFSSL_API
int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng);
#endif
WOLFSSL_API
int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id);
@ -681,10 +723,10 @@ int wc_ecc_point_is_on_curve(ecc_point *p, int curve_idx);
WOLFSSL_API
int wc_ecc_mulmod(const mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map);
WOLFSSL_LOCAL
ECC_API
int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map, void* heap);
WOLFSSL_LOCAL
ECC_API
int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
mp_int* modulus, mp_int* order, WC_RNG* rng, int map,
void* heap);
@ -693,10 +735,11 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
#ifdef HAVE_ECC_KEY_EXPORT
/* ASN key helpers */
WOLFSSL_API
int wc_ecc_export_x963(ecc_key*, byte* out, word32* outLen);
WOLFSSL_API
int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed);
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen);
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen,
int compressed);
/* extended functionality with compressed option */
#endif /* HAVE_ECC_KEY_EXPORT */
@ -706,13 +749,13 @@ int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
WOLFSSL_API
int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
int curve_id);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
word32 pubSz, ecc_key* key);
WOLFSSL_API
int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ecc_key* key, int curve_id);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
WOLFSSL_API
int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz,
@ -720,7 +763,7 @@ int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz,
WOLFSSL_API
int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen,
byte* s, word32* sLen);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
const char* d, const char* curveName);
WOLFSSL_API
@ -736,7 +779,7 @@ WOLFSSL_API
int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
byte* qy, word32* qyLen, byte* d, word32* dLen,
int encType);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen,
@ -770,11 +813,11 @@ int wc_ecc_import_point_der(const byte* in, word32 inLen, const int curve_idx,
#endif /* HAVE_ECC_KEY_IMPORT */
/* size helper */
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_size(ecc_key* key);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_sig_size_calc(int sz);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_sig_size(const ecc_key* key);
WOLFSSL_API
@ -790,7 +833,9 @@ int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz);
enum ecEncAlgo {
ecAES_128_CBC = 1, /* default */
ecAES_256_CBC = 2
ecAES_256_CBC = 2,
ecAES_128_CTR = 3,
ecAES_256_CTR = 4
};
enum ecKdfAlgo {
@ -818,31 +863,43 @@ enum ecFlags {
REQ_RESP_SERVER = 2
};
#ifndef WOLFSSL_ECIES_GEN_IV_SIZE
#define WOLFSSL_ECIES_GEN_IV_SIZE 12
#endif
typedef struct ecEncCtx ecEncCtx;
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
WOLFSSL_API
ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap);
WOLFSSL_API
void wc_ecc_ctx_free(ecEncCtx*);
WOLFSSL_API
int wc_ecc_ctx_reset(ecEncCtx*, WC_RNG*); /* reset for use again w/o alloc/free */
WOLFSSL_ABI WOLFSSL_API
void wc_ecc_ctx_free(ecEncCtx* ctx);
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_ctx_reset(ecEncCtx* ctx, WC_RNG* rng); /* reset for use again w/o alloc/free */
WOLFSSL_API
const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
int wc_ecc_ctx_set_algo(ecEncCtx* ctx, byte encAlgo, byte kdfAlgo,
byte macAlgo);
WOLFSSL_API
int wc_ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt);
const byte* wc_ecc_ctx_get_own_salt(ecEncCtx* ctx);
WOLFSSL_API
int wc_ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz);
int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt);
WOLFSSL_API
int wc_ecc_ctx_set_kdf_salt(ecEncCtx* ctx, const byte* salt, word32 sz);
WOLFSSL_API
int wc_ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz);
WOLFSSL_API
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
WOLFSSL_API
int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx, int compressed);
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
#endif /* HAVE_ECC_ENCRYPT */
@ -868,6 +925,13 @@ int sp_dsp_ecc_verify_256(remote_handle64 handle, const byte* hash, word32 hashL
mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
#endif
#ifdef WOLFSSL_SE050
WOLFSSL_API
int wc_ecc_use_key_id(ecc_key* key, word32 keyId, word32 flags);
WOLFSSL_API
int wc_ecc_get_key_id(ecc_key* key, word32* keyId);
#endif
#ifdef WC_ECC_NONBLOCK
WOLFSSL_API int wc_ecc_set_nonblock(ecc_key *key, ecc_nb_ctx_t* ctx);
#endif

View File

@ -1,6 +1,6 @@
/* ed25519.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -77,6 +77,12 @@ enum {
#define WC_ED25519KEY_TYPE_DEFINED
#endif
/* ED25519 Flags */
enum {
WC_ED25519_FLAG_NONE = 0x00,
WC_ED25519_FLAG_DEC_SIGN = 0x01,
};
/* An ED25519 Key */
struct ed25519_key {
byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
@ -86,6 +92,12 @@ struct ed25519_key {
byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
#endif
#ifdef WOLFSSL_SE050
word32 keyId;
word32 flags;
byte keyIdSet;
#endif
word16 privKeySet:1;
word16 pubKeySet:1;
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
@ -130,18 +142,18 @@ int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
#ifdef HAVE_ED25519_VERIFY
WOLFSSL_API
int wc_ed25519_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed25519_key* key);
word32 msgLen, int* res, ed25519_key* key);
WOLFSSL_API
int wc_ed25519ctx_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed25519_key* key,
word32 msgLen, int* res, ed25519_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed25519ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash,
word32 hashLen, int* stat, ed25519_key* key,
word32 hashLen, int* res, ed25519_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed25519_key* key,
word32 msgLen, int* res, ed25519_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed25519_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg,
@ -171,16 +183,22 @@ void wc_ed25519_free(ed25519_key* key);
WOLFSSL_API
int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
WOLFSSL_API
int wc_ed25519_import_public_ex(const byte* in, word32 inLen, ed25519_key* key,
int trusted);
WOLFSSL_API
int wc_ed25519_import_private_only(const byte* priv, word32 privSz,
ed25519_key* key);
WOLFSSL_API
int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed25519_key* key);
WOLFSSL_API
int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed25519_key* key, int trusted);
#endif /* HAVE_ED25519_KEY_IMPORT */
#ifdef HAVE_ED25519_KEY_EXPORT
WOLFSSL_API
int wc_ed25519_export_public(ed25519_key*, byte* out, word32* outLen);
int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
WOLFSSL_API

View File

@ -1,6 +1,6 @@
/* ed448.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -86,6 +86,7 @@ struct ed448_key {
byte pointX[ED448_KEY_SIZE]; /* recovered X coordinate */
byte pointY[ED448_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
#endif
word16 privKeySet:1;
word16 pubKeySet:1;
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
@ -137,19 +138,19 @@ int wc_ed448_verify_msg_update(const byte* msgSegment, word32 msgSegmentLen,
ed448_key* key);
WOLFSSL_API
int wc_ed448_verify_msg_final(const byte* sig, word32 sigLen,
int* stat, ed448_key* key);
int* res, ed448_key* key);
#endif /* WOLFSSL_ED448_STREAMING_VERIFY */
WOLFSSL_API
int wc_ed448_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed448_key* key,
word32 msgLen, int* res, ed448_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed448ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash,
word32 hashLen, int* stat, ed448_key* key,
word32 hashLen, int* res, ed448_key* key,
const byte* context, byte contextLen);
WOLFSSL_API
int wc_ed448ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* stat, ed448_key* key,
word32 msgLen, int* res, ed448_key* key,
const byte* context, byte contextLen);
#endif /* HAVE_ED448_VERIFY */
WOLFSSL_API
@ -163,16 +164,22 @@ void wc_ed448_free(ed448_key* key);
WOLFSSL_API
int wc_ed448_import_public(const byte* in, word32 inLen, ed448_key* key);
WOLFSSL_API
int wc_ed448_import_public_ex(const byte* in, word32 inLen, ed448_key* key,
int trusted);
WOLFSSL_API
int wc_ed448_import_private_only(const byte* priv, word32 privSz,
ed448_key* key);
WOLFSSL_API
int wc_ed448_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed448_key* key);
WOLFSSL_API
int wc_ed448_import_private_key_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed448_key* key, int trusted);
#endif /* HAVE_ED448_KEY_IMPORT */
#ifdef HAVE_ED448_KEY_EXPORT
WOLFSSL_API
int wc_ed448_export_public(ed448_key*, byte* out, word32* outLen);
int wc_ed448_export_public(ed448_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ed448_export_private_only(ed448_key* key, byte* out, word32* outLen);
WOLFSSL_API

View File

@ -1,6 +1,6 @@
/* error-crypt.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -24,7 +24,7 @@
*/
/*
DESCRIPTION
This library defines error codes and contians routines for setting and examining
This library defines error codes and contains routines for setting and examining
the error status.
*/
@ -35,7 +35,7 @@ the error status.
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
#include <cyassl/ctaocrypt/error-crypt.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#endif /* HAVE_FIPS V1 */
#ifdef __cplusplus
@ -103,7 +103,6 @@ enum {
ASN_SIG_HASH_E = -156, /* ASN sig error, unsupported hash type */
ASN_SIG_KEY_E = -157, /* ASN sig error, unsupported key type */
ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */
ASN_NTRU_KEY_E = -159, /* ASN ntru key decode error, invalid input */
ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */
ASN_ALT_NAME_E = -161, /* ASN alternate name error */
ASN_NO_PEM_HEADER = -162, /* ASN no PEM header found */
@ -117,6 +116,7 @@ enum {
NO_PASSWORD = -176, /* no password provided by user */
ALT_NAME_E = -177, /* alt name size problem, too big */
BAD_OCSP_RESPONDER = -178, /* missing key usage extensions */
CRL_CERT_DATE_ERR = -179, /* CRL date error */
AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */
AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */
@ -238,8 +238,26 @@ enum {
MISSING_IV = -277, /* IV was not set */
MISSING_KEY = -278, /* Key was not set */
BAD_LENGTH_E = -279, /* Value of length parameter is invalid. */
ECDSA_KAT_FIPS_E = -280, /* ECDSA KAT failure */
RSA_PAT_FIPS_E = -281, /* RSA Pairwise failure */
KDF_TLS12_KAT_FIPS_E = -282, /* TLS12 KDF KAT failure */
KDF_TLS13_KAT_FIPS_E = -283, /* TLS13 KDF KAT failure */
KDF_SSH_KAT_FIPS_E = -284, /* SSH KDF KAT failure */
DHE_PCT_E = -285, /* DHE Pairwise Consistency Test failure */
ECC_PCT_E = -286, /* ECDHE Pairwise Consistency Test failure */
FIPS_PRIVATE_KEY_LOCKED_E = -287, /* Cannot export private key. */
PROTOCOLCB_UNAVAILABLE = -288, /* Protocol callback unavailable */
AES_SIV_AUTH_E = -289, /* AES-SIV authentication failed */
NO_VALID_DEVID = -290, /* no valid device ID */
WC_LAST_E = -279, /* Update this to indicate last error */
IO_FAILED_E = -291, /* Input/output failure */
SYSLIB_FAILED_E = -292, /* System/library call failed */
USE_HW_PSK = -293, /* Callback return to indicate HW has PSK */
ENTROPY_RT_E = -294, /* Entropy Repetition Test failed */
ENTROPY_APT_E = -295, /* Entropy Adaptive Proportion Test failed */
WC_LAST_E = -295, /* Update this to indicate last error */
MIN_CODE_E = -300 /* errors -101 - -299 */
/* add new companion error id strings for any new error codes
@ -255,7 +273,7 @@ enum {
#else
WOLFSSL_API void wc_ErrorString(int err, char* buff);
WOLFSSL_API const char* wc_GetErrorString(int error);
WOLFSSL_ABI WOLFSSL_API const char* wc_GetErrorString(int error);
#endif
#ifdef __cplusplus

View File

@ -0,0 +1,144 @@
/* falcon.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/falcon.h
*/
/* Interfaces for Falcon NIST Level 1 (Falcon512) and Falcon NIST Level 5
* (Falcon1024). */
#ifndef WOLF_CRYPT_FALCON_H
#define WOLF_CRYPT_FALCON_H
#include <libs/libwolfssl/wolfcrypt/types.h>
#if defined(HAVE_PQC) && defined(HAVE_FALCON)
#ifdef HAVE_LIBOQS
#include <oqs/oqs.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* Macros Definitions */
#ifdef HAVE_LIBOQS
#define FALCON_LEVEL1_KEY_SIZE OQS_SIG_falcon_512_length_secret_key
#define FALCON_LEVEL1_SIG_SIZE OQS_SIG_falcon_512_length_signature
#define FALCON_LEVEL1_PUB_KEY_SIZE OQS_SIG_falcon_512_length_public_key
#define FALCON_LEVEL1_PRV_KEY_SIZE (FALCON_LEVEL1_PUB_KEY_SIZE+FALCON_LEVEL1_KEY_SIZE)
#define FALCON_LEVEL5_KEY_SIZE OQS_SIG_falcon_1024_length_secret_key
#define FALCON_LEVEL5_SIG_SIZE OQS_SIG_falcon_1024_length_signature
#define FALCON_LEVEL5_PUB_KEY_SIZE OQS_SIG_falcon_1024_length_public_key
#define FALCON_LEVEL5_PRV_KEY_SIZE (FALCON_LEVEL5_PUB_KEY_SIZE+FALCON_LEVEL5_KEY_SIZE)
#endif
#define FALCON_MAX_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE
#define FALCON_MAX_SIG_SIZE FALCON_LEVEL5_SIG_SIZE
#define FALCON_MAX_PUB_KEY_SIZE FALCON_LEVEL5_PUB_KEY_SIZE
#define FALCON_MAX_PRV_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE
/* Structs */
struct falcon_key {
bool pubKeySet;
bool prvKeySet;
byte level;
byte p[FALCON_MAX_PUB_KEY_SIZE];
byte k[FALCON_MAX_PRV_KEY_SIZE];
};
#ifndef WC_FALCONKEY_TYPE_DEFINED
typedef struct falcon_key falcon_key;
#define WC_FALCONKEY_TYPE_DEFINED
#endif
/* Functions */
WOLFSSL_API
int wc_falcon_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
falcon_key* key);
WOLFSSL_API
int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
word32 msgLen, int* res, falcon_key* key);
WOLFSSL_API
int wc_falcon_init(falcon_key* key);
WOLFSSL_API
int wc_falcon_set_level(falcon_key* key, byte level);
WOLFSSL_API
int wc_falcon_get_level(falcon_key* key, byte* level);
WOLFSSL_API
void wc_falcon_free(falcon_key* key);
WOLFSSL_API
int wc_falcon_import_public(const byte* in, word32 inLen, falcon_key* key);
WOLFSSL_API
int wc_falcon_import_private_only(const byte* priv, word32 privSz,
falcon_key* key);
WOLFSSL_API
int wc_falcon_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz,
falcon_key* key);
WOLFSSL_API
int wc_falcon_export_public(falcon_key*, byte* out, word32* outLen);
WOLFSSL_API
int wc_falcon_export_private_only(falcon_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_falcon_export_private(falcon_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_falcon_export_key(falcon_key* key, byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
WOLFSSL_API
int wc_falcon_check_key(falcon_key* key);
WOLFSSL_API
int wc_falcon_size(falcon_key* key);
WOLFSSL_API
int wc_falcon_priv_size(falcon_key* key);
WOLFSSL_API
int wc_falcon_pub_size(falcon_key* key);
WOLFSSL_API
int wc_falcon_sig_size(falcon_key* key);
WOLFSSL_API int wc_Falcon_PrivateKeyDecode(const byte* input, word32* inOutIdx,
falcon_key* key, word32 inSz);
WOLFSSL_API int wc_Falcon_PublicKeyDecode(const byte* input, word32* inOutIdx,
falcon_key* key, word32 inSz);
WOLFSSL_API int wc_Falcon_KeyToDer(falcon_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Falcon_PrivateKeyToDer(falcon_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Falcon_PublicKeyToDer(falcon_key* key, byte* output,
word32 inLen, int withAlg);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_PQC && HAVE_FALCON */
#endif /* WOLF_CRYPT_FALCON_H */

View File

@ -1,6 +1,6 @@
/* fe448_448.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -68,25 +68,25 @@ WOLFSSL_LOCAL void fe448_reduce(fe448*);
#else
#define fe448_reduce(a)
#endif
WOLFSSL_LOCAL void fe448_neg(fe448*,const fe448*);
WOLFSSL_LOCAL void fe448_add(fe448*, const fe448*, const fe448*);
WOLFSSL_LOCAL void fe448_sub(fe448*, const fe448*, const fe448*);
WOLFSSL_LOCAL void fe448_mul(fe448*,const fe448*,const fe448*);
WOLFSSL_LOCAL void fe448_sqr(fe448*, const fe448*);
WOLFSSL_LOCAL void fe448_mul39081(fe448*, const fe448*);
WOLFSSL_LOCAL void fe448_invert(fe448*, const fe448*);
WOLFSSL_LOCAL void fe448_neg(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_add(fe448* r, const fe448* a, const fe448* b);
WOLFSSL_LOCAL void fe448_sub(fe448* r, const fe448* a, const fe448* b);
WOLFSSL_LOCAL void fe448_mul(fe448* r, const fe448* a, const fe448* b);
WOLFSSL_LOCAL void fe448_sqr(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_mul39081(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_invert(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_0(fe448*);
WOLFSSL_LOCAL void fe448_1(fe448*);
WOLFSSL_LOCAL void fe448_copy(fe448*, const fe448*);
WOLFSSL_LOCAL int fe448_isnonzero(const fe448*);
WOLFSSL_LOCAL int fe448_isnegative(const fe448*);
WOLFSSL_LOCAL void fe448_0(fe448* a);
WOLFSSL_LOCAL void fe448_1(fe448* a);
WOLFSSL_LOCAL void fe448_copy(fe448* d, const fe448* a);
WOLFSSL_LOCAL int fe448_isnonzero(const fe448* a);
WOLFSSL_LOCAL int fe448_isnegative(const fe448* a);
WOLFSSL_LOCAL void fe448_from_bytes(fe448*,const unsigned char *);
WOLFSSL_LOCAL void fe448_to_bytes(unsigned char *, const fe448*);
WOLFSSL_LOCAL void fe448_from_bytes(fe448* r, const unsigned char* b);
WOLFSSL_LOCAL void fe448_to_bytes(unsigned char* b, const fe448* a);
WOLFSSL_LOCAL void fe448_cmov(fe448*,const fe448*, int);
WOLFSSL_LOCAL void fe448_pow_2_446_222_1(fe448*,const fe448*);
WOLFSSL_LOCAL void fe448_cmov(fe448* a, const fe448* b, int c);
WOLFSSL_LOCAL void fe448_pow_2_446_222_1(fe448* r, const fe448* a);
#else
@ -94,21 +94,21 @@ WOLFSSL_LOCAL void fe448_init(void);
WOLFSSL_LOCAL int curve448(byte* r, const byte* n, const byte* a);
#define fe448_reduce(a)
WOLFSSL_LOCAL void fe448_neg(word8*,const word8*);
WOLFSSL_LOCAL void fe448_add(word8*, const word8*, const word8*);
WOLFSSL_LOCAL void fe448_sub(word8*, const word8*, const word8*);
WOLFSSL_LOCAL void fe448_mul(word8*,const word8*,const word8*);
WOLFSSL_LOCAL void fe448_sqr(word8*, const word8*);
WOLFSSL_LOCAL void fe448_mul39081(word8*, const word8*);
WOLFSSL_LOCAL void fe448_invert(word8*, const word8*);
WOLFSSL_LOCAL void fe448_copy(word8*, const word8*);
WOLFSSL_LOCAL int fe448_isnonzero(const word8*);
WOLFSSL_LOCAL void fe448_neg(word8* r, const word8* a);
WOLFSSL_LOCAL void fe448_add(word8* r, const word8* a, const word8* b);
WOLFSSL_LOCAL void fe448_sub(word8* r, const word8* a, const word8* b);
WOLFSSL_LOCAL void fe448_mul(word8* r, const word8* a, const word8* b);
WOLFSSL_LOCAL void fe448_sqr(word8* r, const word8* a);
WOLFSSL_LOCAL void fe448_mul39081(word8* r, const word8* a);
WOLFSSL_LOCAL void fe448_invert(word8* r, const word8* a);
WOLFSSL_LOCAL void fe448_norm(byte *a);
WOLFSSL_LOCAL void fe448_copy(word8* d, const word8* a);
WOLFSSL_LOCAL int fe448_isnonzero(const word8* a);
WOLFSSL_LOCAL void fe448_cmov(word8*,const word8*, int);
WOLFSSL_LOCAL void fe448_pow_2_446_222_1(word8*,const word8*);
WOLFSSL_LOCAL void fe448_cmov(word8* a, const word8* b, int c);
WOLFSSL_LOCAL void fe448_pow_2_446_222_1(word8* r, const word8* a);
#endif /* !CURVE448_SMALL || !ED448_SMALL */

View File

@ -1,6 +1,6 @@
/* fe_operations.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -91,29 +91,29 @@ WOLFSSL_LOCAL int curve25519(byte * q, const byte * n, const byte * p);
typedef sword32 fe[10];
#endif
WOLFSSL_LOCAL void fe_copy(fe, const fe);
WOLFSSL_LOCAL void fe_add(fe, const fe, const fe);
WOLFSSL_LOCAL void fe_neg(fe,const fe);
WOLFSSL_LOCAL void fe_sub(fe, const fe, const fe);
WOLFSSL_LOCAL void fe_invert(fe, const fe);
WOLFSSL_LOCAL void fe_mul(fe,const fe,const fe);
WOLFSSL_LOCAL void fe_copy(fe h,const fe f);
WOLFSSL_LOCAL void fe_add(fe h,const fe f,const fe g);
WOLFSSL_LOCAL void fe_neg(fe h,const fe f);
WOLFSSL_LOCAL void fe_sub(fe h,const fe f,const fe g);
WOLFSSL_LOCAL void fe_invert(fe out,const fe z);
WOLFSSL_LOCAL void fe_mul(fe h,const fe f,const fe g);
/* Based On Daniel J Bernstein's curve25519 and ed25519 Public Domain ref10
work. */
WOLFSSL_LOCAL void fe_0(fe);
WOLFSSL_LOCAL void fe_1(fe);
WOLFSSL_LOCAL int fe_isnonzero(const fe);
WOLFSSL_LOCAL int fe_isnegative(const fe);
WOLFSSL_LOCAL void fe_tobytes(unsigned char *, const fe);
WOLFSSL_LOCAL void fe_sq(fe, const fe);
WOLFSSL_LOCAL void fe_sq2(fe,const fe);
WOLFSSL_LOCAL void fe_frombytes(fe,const unsigned char *);
WOLFSSL_LOCAL void fe_cswap(fe, fe, int);
WOLFSSL_LOCAL void fe_mul121666(fe,fe);
WOLFSSL_LOCAL void fe_cmov(fe,const fe, int);
WOLFSSL_LOCAL void fe_pow22523(fe,const fe);
WOLFSSL_LOCAL void fe_0(fe h);
WOLFSSL_LOCAL void fe_1(fe h);
WOLFSSL_LOCAL int fe_isnonzero(const fe f);
WOLFSSL_LOCAL int fe_isnegative(const fe f);
WOLFSSL_LOCAL void fe_tobytes(unsigned char *s,const fe h);
WOLFSSL_LOCAL void fe_sq(fe h,const fe f);
WOLFSSL_LOCAL void fe_sq2(fe h,const fe f);
WOLFSSL_LOCAL void fe_frombytes(fe h,const unsigned char *s);
WOLFSSL_LOCAL void fe_cswap(fe f, fe g, int b);
WOLFSSL_LOCAL void fe_mul121666(fe h,fe f);
WOLFSSL_LOCAL void fe_cmov(fe f, const fe g, int b);
WOLFSSL_LOCAL void fe_pow22523(fe out,const fe z);
/* 64 type needed for SHA512 */
WOLFSSL_LOCAL word64 load_3(const unsigned char *in);
@ -164,7 +164,7 @@ WOLFSSL_LOCAL void fe_inv__distinct(byte *r, const byte *x);
* undefined behavior.
*/
WOLFSSL_LOCAL void fe_select(byte *dst, const byte *zero, const byte *one,
byte condition);
byte condition);
/* Multiply a point by a small constant. The two pointers are not
* required to be distinct.
@ -188,11 +188,11 @@ WOLFSSL_LOCAL void fe_sqrt(byte *r, const byte *x);
* undefined behavior.
*/
WOLFSSL_LOCAL void fprime_select(byte *dst, const byte *zero, const byte *one,
byte condition);
byte condition);
WOLFSSL_LOCAL void fprime_add(byte *r, const byte *a, const byte *modulus);
WOLFSSL_LOCAL void fprime_sub(byte *r, const byte *a, const byte *modulus);
WOLFSSL_LOCAL void fprime_mul(byte *r, const byte *a, const byte *b,
const byte *modulus);
const byte *modulus);
WOLFSSL_LOCAL void fprime_copy(byte *x, const byte *a);
#endif /* CURVE25519_SMALL || ED25519_SMALL */

View File

@ -1,6 +1,6 @@
/* fips_test.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -31,8 +31,57 @@
extern "C" {
#endif
/* Known Answer Test string inputs are hex, internal */
WOLFSSL_LOCAL int DoKnownAnswerTests(char*, int);
/* Added for FIPS v5.3 or later */
#if defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)
/* Determine FIPS in core hash type and size */
#ifndef NO_SHA256
#define FIPS_IN_CORE_DIGEST_SIZE 32
#define FIPS_IN_CORE_HASH_TYPE WC_SHA256
#define FIPS_IN_CORE_KEY_SZ 32
#define FIPS_IN_CORE_VERIFY_SZ FIPS_IN_CORE_KEY_SZ
#elif defined(WOLFSSL_SHA384)
#define FIPS_IN_CORE_DIGEST_SIZE 48
#define FIPS_IN_CORE_HASH_TYPE WC_SHA384
#define FIPS_IN_CORE_KEY_SZ 48
#define FIPS_IN_CORE_VERIFY_SZ FIPS_IN_CORE_KEY_SZ
#else
#error No FIPS hash (SHA2-256 or SHA2-384)
#endif
#endif /* FIPS v5.3 or later */
enum FipsCastId {
FIPS_CAST_AES_CBC,
FIPS_CAST_AES_GCM,
FIPS_CAST_HMAC_SHA1,
FIPS_CAST_HMAC_SHA2_256,
FIPS_CAST_HMAC_SHA2_512,
FIPS_CAST_HMAC_SHA3_256,
FIPS_CAST_DRBG,
FIPS_CAST_RSA_SIGN_PKCS1v15,
FIPS_CAST_ECC_CDH,
FIPS_CAST_ECC_PRIMITIVE_Z,
FIPS_CAST_DH_PRIMITIVE_Z,
FIPS_CAST_ECDSA,
FIPS_CAST_KDF_TLS12,
FIPS_CAST_KDF_TLS13,
FIPS_CAST_KDF_SSH,
FIPS_CAST_COUNT
};
enum FipsCastStateId {
FIPS_CAST_STATE_INIT,
FIPS_CAST_STATE_PROCESSING,
FIPS_CAST_STATE_SUCCESS,
FIPS_CAST_STATE_FAILURE
};
enum FipsModeId {
FIPS_MODE_INIT,
FIPS_MODE_NORMAL,
FIPS_MODE_DEGRADED,
FIPS_MODE_FAILED
};
/* FIPS failure callback */
@ -47,9 +96,15 @@ WOLFSSL_API const char* wolfCrypt_GetCoreHash_fips(void);
#ifdef HAVE_FORCE_FIPS_FAILURE
/* Public function to force failure mode for operational testing */
WOLFSSL_API int wolfCrypt_SetStatus_fips(int);
WOLFSSL_API int wolfCrypt_SetStatus_fips(int status);
#endif
WOLFSSL_LOCAL int DoPOST(char* base16_hash, int base16_hashSz);
WOLFSSL_LOCAL int DoCAST(int type);
WOLFSSL_LOCAL int DoKnownAnswerTests(char* base16_hash, int base16_hashSz); /* FIPSv1 and FIPSv2 */
WOLFSSL_API int wc_RunCast_fips(int type);
WOLFSSL_API int wc_GetCastStatus_fips(int type);
#ifdef __cplusplus
} /* extern "C" */

View File

@ -1,6 +1,6 @@
/* ge_448.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -59,18 +59,15 @@ typedef struct {
} ge448_p2;
WOLFSSL_LOCAL int ge448_compress_key(byte*, const byte*, const byte*);
WOLFSSL_LOCAL int ge448_from_bytes_negate_vartime(ge448_p2 *,
const unsigned char *);
WOLFSSL_LOCAL int ge448_compress_key(byte* out, const byte* xIn, const byte* yIn);
WOLFSSL_LOCAL int ge448_from_bytes_negate_vartime(ge448_p2 *r, const byte *b);
WOLFSSL_LOCAL int ge448_double_scalarmult_vartime(ge448_p2 *,
const unsigned char *,
const ge448_p2 *,
const unsigned char *);
WOLFSSL_LOCAL void ge448_scalarmult_base(ge448_p2 *, const unsigned char *);
WOLFSSL_LOCAL void sc448_reduce(byte*);
WOLFSSL_LOCAL void sc448_muladd(byte*, const byte*, const byte*, const byte*);
WOLFSSL_LOCAL void ge448_to_bytes(unsigned char *, const ge448_p2 *);
WOLFSSL_LOCAL int ge448_double_scalarmult_vartime(ge448_p2 *r, const byte *a,
const ge448_p2 *A, const byte *b);
WOLFSSL_LOCAL void ge448_scalarmult_base(ge448_p2* h, const byte* a);
WOLFSSL_LOCAL void sc448_reduce(byte* b);
WOLFSSL_LOCAL void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d);
WOLFSSL_LOCAL void ge448_to_bytes(byte *s, const ge448_p2 *h);
#ifndef ED448_SMALL

View File

@ -1,6 +1,6 @@
/* ge_operations.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -73,16 +73,16 @@ typedef struct {
WOLFSSL_LOCAL int ge_compress_key(byte* out, const byte* xIn, const byte* yIn,
word32 keySz);
WOLFSSL_LOCAL int ge_frombytes_negate_vartime(ge_p3 *,const unsigned char *);
WOLFSSL_LOCAL int ge_frombytes_negate_vartime(ge_p3 *h,const unsigned char *s);
WOLFSSL_LOCAL int ge_double_scalarmult_vartime(ge_p2 *,const unsigned char *,
const ge_p3 *,const unsigned char *);
WOLFSSL_LOCAL void ge_scalarmult_base(ge_p3 *,const unsigned char *);
WOLFSSL_LOCAL int ge_double_scalarmult_vartime(ge_p2 *r, const unsigned char *a,
const ge_p3 *A, const unsigned char *b);
WOLFSSL_LOCAL void ge_scalarmult_base(ge_p3 *h,const unsigned char *a);
WOLFSSL_LOCAL void sc_reduce(byte* s);
WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b,
const byte* c);
WOLFSSL_LOCAL void ge_tobytes(unsigned char *,const ge_p2 *);
WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *,const ge_p3 *);
WOLFSSL_LOCAL void ge_tobytes(unsigned char *s,const ge_p2 *h);
WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *s,const ge_p3 *h);
#ifndef ED25519_SMALL

View File

@ -1,6 +1,6 @@
/* hash.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -170,7 +170,7 @@ WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type,
byte* out);
WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type);
#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
#ifdef WOLFSSL_HASH_FLAGS
WOLFSSL_API int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type,
word32 flags);
WOLFSSL_API int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type,
@ -184,66 +184,53 @@ WOLFSSL_API int wc_Md5Hash(const byte* data, word32 len, byte* hash);
#ifndef NO_SHA
#include <libs/libwolfssl/wolfcrypt/sha.h>
WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*);
WOLFSSL_API int wc_ShaHash(const byte* data, word32 len, byte* hash);
#endif
#ifdef WOLFSSL_SHA224
#include <libs/libwolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha224Hash(const byte* data, word32 len, byte* hash);
#endif /* defined(WOLFSSL_SHA224) */
#ifndef NO_SHA256
#include <libs/libwolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha256Hash(const byte* data, word32 len, byte* hash);
#endif
#ifdef WOLFSSL_SHA384
#include <libs/libwolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha384Hash(const byte* data, word32 len, byte* hash);
#endif /* defined(WOLFSSL_SHA384) */
#ifdef WOLFSSL_SHA512
#include <libs/libwolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha512Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha512_224Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha512_256Hash(const byte* data, word32 len, byte* hash);
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
#include <libs/libwolfssl/wolfcrypt/sha3.h>
WOLFSSL_API int wc_Sha3_224Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha3_256Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha3_384Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha3_512Hash(const byte*, word32, byte*);
WOLFSSL_API int wc_Sha3_224Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha3_256Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha3_384Hash(const byte* data, word32 len, byte* hash);
WOLFSSL_API int wc_Sha3_512Hash(const byte* data, word32 len, byte* hash);
#ifdef WOLFSSL_SHAKE128
WOLFSSL_API int wc_Shake128Hash(const byte* data, word32 len, byte* hash,
word32 hashLen);
#endif
#ifdef WOLFSSL_SHAKE256
WOLFSSL_API int wc_Shake256Hash(const byte*, word32, byte*, word32);
WOLFSSL_API int wc_Shake256Hash(const byte* data, word32 len, byte* hash,
word32 hashLen);
#endif
#endif /* WOLFSSL_SHA3 */
#endif /* !NO_HASH_WRAPPER */
enum max_prf {
#ifdef HAVE_FFDHE_8192
MAX_PRF_HALF = 516, /* Maximum half secret len */
#elif defined(HAVE_FFDHE_6144)
MAX_PRF_HALF = 388, /* Maximum half secret len */
#else
MAX_PRF_HALF = 260, /* Maximum half secret len */
#if defined(WOLFSSL_HASH_KEEP)
WOLFSSL_LOCAL int _wc_Hash_Grow(byte** msg, word32* used, word32* len,
const byte* in, int inSz, void* heap);
#endif
MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
MAX_PRF_DIG = 224 /* Maximum digest len */
};
#ifdef WOLFSSL_HAVE_PRF
WOLFSSL_API int wc_PRF(byte* result, word32 resLen, const byte* secret,
word32 secLen, const byte* seed, word32 seedLen, int hash,
void* heap, int devId);
WOLFSSL_API int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, void* heap, int devId);
WOLFSSL_API int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, int useAtLeastSha256,
int hash_type, void* heap, int devId);
#endif /* WOLFSSL_HAVE_PRF */
#ifdef __cplusplus
} /* extern "C" */

View File

@ -1,67 +0,0 @@
/* hc128.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/hc128.h
*/
#ifndef WOLF_CRYPT_HC128_H
#define WOLF_CRYPT_HC128_H
#include <libs/libwolfssl/wolfcrypt/types.h>
#ifndef NO_HC128
#ifdef __cplusplus
extern "C" {
#endif
enum {
HC128_ENC_TYPE = WC_CIPHER_HC128, /* cipher unique type */
};
/* HC-128 stream cipher */
typedef struct HC128 {
word32 T[1024]; /* P[i] = T[i]; Q[i] = T[1024 + i ]; */
word32 X[16];
word32 Y[16];
word32 counter1024; /* counter1024 = i mod 1024 at the ith step */
word32 key[8];
word32 iv[8];
#ifdef XSTREAM_ALIGN
void* heap; /* heap hint, currently XMALLOC only used with aligning */
#endif
} HC128;
WOLFSSL_API int wc_Hc128_Process(HC128*, byte*, const byte*, word32);
WOLFSSL_API int wc_Hc128_SetKey(HC128*, const byte* key, const byte* iv);
WOLFSSL_LOCAL int wc_Hc128_SetHeap(HC128* ctx, void* heap);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_HC128 */
#endif /* WOLF_CRYPT_HC128_H */

View File

@ -1,6 +1,6 @@
/* hmac.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -23,15 +23,15 @@
\file wolfssl/wolfcrypt/hmac.h
*/
#ifndef NO_HMAC
#ifndef WOLF_CRYPT_HMAC_H
#define WOLF_CRYPT_HMAC_H
#include <libs/libwolfssl/wolfcrypt/hash.h>
#ifndef NO_HMAC
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
/* for fips @wc_fips */
#include <cyassl/ctaocrypt/hmac.h>
#define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE
@ -39,8 +39,8 @@
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <libs/libwolfssl/wolfcrypt/fips.h>
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <libs/libwolfssl/wolfcrypt/fips.h>
#endif
#ifdef __cplusplus
@ -55,6 +55,10 @@
#include <libs/libwolfssl/wolfcrypt/async.h>
#endif
#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_HMAC)
#include <libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
#ifndef NO_OLD_WC_NAMES
#define HMAC_BLOCK_SIZE WC_HMAC_BLOCK_SIZE
#endif
@ -80,6 +84,12 @@ enum {
#endif
#ifndef WOLFSSL_SHA512
WC_SHA512 = WC_HASH_TYPE_SHA512,
#ifndef WOLFSSL_NOSHA512_224
WC_SHA512_224 = WC_HASH_TYPE_SHA512_224,
#endif
#ifndef WOLFSSL_NOSHA512_256
WC_SHA512_256 = WC_HASH_TYPE_SHA512_256,
#endif
#endif
#ifndef WOLFSSL_SHA384
WC_SHA384 = WC_HASH_TYPE_SHA384,
@ -93,7 +103,7 @@ enum {
WC_SHA3_384 = WC_HASH_TYPE_SHA3_384,
WC_SHA3_512 = WC_HASH_TYPE_SHA3_512,
#endif
#ifdef HAVE_PKCS11
#ifdef WOLF_PRIVATE_KEY_ID
HMAC_MAX_ID_LEN = 32,
HMAC_MAX_LABEL_LEN = 32,
#endif
@ -109,7 +119,7 @@ enum {
#endif
/* hash union */
/* hmac hash union */
typedef union {
#ifndef NO_MD5
wc_Md5 md5;
@ -132,26 +142,32 @@ typedef union {
#ifdef WOLFSSL_SHA3
wc_Sha3 sha3;
#endif
} wc_Hmac_Hash;
} wc_HmacHash;
/* Hmac digest */
struct Hmac {
wc_Hmac_Hash hash;
wc_HmacHash hash;
word32 ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)];
word32 innerHash[WC_MAX_DIGEST_SIZE / sizeof(word32)];
void* heap; /* heap hint */
byte macType; /* md5 sha or sha256 */
byte innerHashKeyed; /* keyed flag */
#ifdef WOLFSSL_KCAPI_HMAC
struct kcapi_handle* handle;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HMAC)
WC_CRYPTODEV ctx;
#endif
#ifdef WOLF_CRYPTO_CB
int devId;
void* devCtx;
const byte* keyRaw;
#endif
#ifdef HAVE_PKCS11
#ifdef WOLF_PRIVATE_KEY_ID
byte id[HMAC_MAX_ID_LEN];
int idLen;
char label[HMAC_MAX_LABEL_LEN];
@ -171,19 +187,25 @@ struct Hmac {
#endif /* HAVE_FIPS */
/* does init */
WOLFSSL_API int wc_HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
WOLFSSL_API int wc_HmacUpdate(Hmac*, const byte*, word32);
WOLFSSL_API int wc_HmacFinal(Hmac*, byte*);
WOLFSSL_API int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz);
WOLFSSL_API int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz);
WOLFSSL_API int wc_HmacFinal(Hmac* hmac, byte* out);
#ifdef WOLFSSL_KCAPI_HMAC
WOLFSSL_API int wc_HmacSetKey_Software(Hmac* hmac, int type, const byte* key,
word32 keySz);
WOLFSSL_API int wc_HmacUpdate_Software(Hmac* hmac, const byte* in, word32 sz);
WOLFSSL_API int wc_HmacFinal_Software(Hmac* hmac, byte* out);
#endif
WOLFSSL_API int wc_HmacSizeByType(int type);
WOLFSSL_API int wc_HmacInit(Hmac* hmac, void* heap, int devId);
#ifdef HAVE_PKCS11
#ifdef WOLF_PRIVATE_KEY_ID
WOLFSSL_API int wc_HmacInit_Id(Hmac* hmac, byte* id, int len, void* heap,
int devId);
WOLFSSL_API int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap,
int devId);
#endif
WOLFSSL_API void wc_HmacFree(Hmac*);
WOLFSSL_API void wc_HmacFree(Hmac* hmac);
WOLFSSL_API int wolfSSL_GetHmacMaxSize(void);
@ -195,7 +217,7 @@ WOLFSSL_API int wc_HKDF_Extract(int type, const byte* salt, word32 saltSz,
const byte* inKey, word32 inKeySz, byte* out);
WOLFSSL_API int wc_HKDF_Expand(int type, const byte* inKey, word32 inKeySz,
const byte* info, word32 infoSz,
byte* out, word32 outSz);
byte* out, word32 outSz);
WOLFSSL_API int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
const byte* salt, word32 saltSz,
@ -208,7 +230,5 @@ WOLFSSL_API int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_HMAC_H */
#endif /* NO_HMAC */
#endif /* WOLF_CRYPT_HMAC_H */

View File

@ -1,70 +0,0 @@
/* idea.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/idea.h
*/
#ifndef WOLF_CRYPT_IDEA_H
#define WOLF_CRYPT_IDEA_H
#include <libs/libwolfssl/wolfcrypt/types.h>
#ifdef HAVE_IDEA
#ifdef __cplusplus
extern "C" {
#endif
enum {
IDEA_MODULO = 0x10001, /* 2^16+1 */
IDEA_2EXP16 = 0x10000, /* 2^16 */
IDEA_MASK = 0xFFFF, /* 16 bits set to one */
IDEA_ROUNDS = 8, /* number of rounds for IDEA */
IDEA_SK_NUM = (6*IDEA_ROUNDS + 4), /* number of subkeys */
IDEA_KEY_SIZE = 16, /* size of key in bytes */
IDEA_BLOCK_SIZE = 8, /* size of IDEA blocks in bytes */
IDEA_IV_SIZE = 8, /* size of IDEA IV in bytes */
IDEA_ENCRYPTION = 0,
IDEA_DECRYPTION = 1
};
/* IDEA encryption and decryption */
typedef struct Idea {
word32 reg[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word32 tmp[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
word16 skey[IDEA_SK_NUM]; /* 832 bits expanded key */
} Idea;
WOLFSSL_API int wc_IdeaSetKey(Idea *idea, const byte* key, word16 keySz,
const byte *iv, int dir);
WOLFSSL_API int wc_IdeaSetIV(Idea *idea, const byte* iv);
WOLFSSL_API int wc_IdeaCipher(Idea *idea, byte* out, const byte* in);
WOLFSSL_API int wc_IdeaCbcEncrypt(Idea *idea, byte* out,
const byte* in, word32 len);
WOLFSSL_API int wc_IdeaCbcDecrypt(Idea *idea, byte* out,
const byte* in, word32 len);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_IDEA */
#endif /* WOLF_CRYPT_IDEA_H */

View File

@ -1,6 +1,6 @@
/* integer.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -151,7 +151,7 @@ extern "C" {
#define MP_DIGIT_MAX MP_MASK
/* equalities */
#define MP_LT -1 /* less than */
#define MP_LT (-1) /* less than */
#define MP_EQ 0 /* equal to */
#define MP_GT 1 /* greater than */
@ -159,9 +159,9 @@ extern "C" {
#define MP_NEG 1 /* negative */
#define MP_OKAY 0 /* ok result */
#define MP_MEM -2 /* out of mem */
#define MP_VAL -3 /* invalid input */
#define MP_NOT_INF -4 /* point not at infinity */
#define MP_MEM (-2) /* out of mem */
#define MP_VAL (-3) /* invalid input */
#define MP_NOT_INF (-4) /* point not at infinity */
#define MP_RANGE MP_NOT_INF
#define MP_YES 1 /* yes response */
@ -235,7 +235,7 @@ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
(((a)->used > 0 && (((a)->dp[0] & 1u) == 1u)) ? MP_YES : MP_NO)
#define mp_isneg(a) (((a)->sign != MP_ZPOS) ? MP_YES : MP_NO)
#define mp_isword(a, w) \
((((a)->used == 1) && ((a)->dp[0] == w)) || ((w == 0) && ((a)->used == 0)) \
((((a)->used == 1) && ((a)->dp[0] == (w))) || (((w) == 0) && ((a)->used == 0)) \
? MP_YES : MP_NO)
/* number of primes */
@ -254,7 +254,7 @@ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
#endif
#define mp_prime_random(a, t, size, bbs, cb, dat) \
mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat)
mp_prime_random_ex(a, t, ((size) * 8) + 1, ((bbs)==1)?LTM_PRIME_BBS:0, cb, dat)
#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len))
#define mp_mag_size(mp) mp_unsigned_bin_size(mp)
@ -302,7 +302,7 @@ MP_API int mp_grow (mp_int * a, int size);
MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
MP_API void mp_zero (mp_int * a);
MP_API void mp_clamp (mp_int * a);
MP_API void mp_exch (mp_int * a, mp_int * b);
MP_API int mp_exch (mp_int * a, mp_int * b);
MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
MP_API void mp_rshd (mp_int * a, int b);
MP_API void mp_rshb (mp_int * a, int b);
@ -330,7 +330,7 @@ MP_API int mp_reduce_is_2k_l(mp_int *a);
MP_API int mp_reduce_is_2k(mp_int *a);
MP_API int mp_dr_is_modulus(mp_int *a);
MP_API int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
int);
int redmode);
MP_API int mp_exptmod_base_2 (mp_int * X, mp_int * P, mp_int * Y);
#define mp_exptmod_nct(G,X,P,Y) mp_exptmod_fast(G,X,P,Y,0)
MP_API int mp_montgomery_setup (mp_int * n, mp_digit * rho);
@ -393,12 +393,12 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
#if defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH)
MP_API int mp_prime_is_prime (mp_int * a, int t, int *result);
MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG*);
MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG* rng);
#endif /* WOLFSSL_KEY_GEN NO_RSA NO_DSA NO_DH */
#ifdef WOLFSSL_KEY_GEN
MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);
MP_API int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap);
#endif
MP_API int mp_cnt_lsb(mp_int *a);

View File

@ -0,0 +1,115 @@
/* kdf.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/kdf.h
*/
#ifndef NO_KDF
#ifndef WOLF_CRYPT_KDF_H
#define WOLF_CRYPT_KDF_H
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
#include <libs/libwolfssl/wolfcrypt/fips.h>
#endif
#include <libs/libwolfssl/wolfcrypt/hmac.h>
#ifdef __cplusplus
extern "C" {
#endif
enum max_prf {
#ifdef HAVE_FFDHE_8192
MAX_PRF_HALF = 516, /* Maximum half secret len */
#elif defined(HAVE_FFDHE_6144)
MAX_PRF_HALF = 388, /* Maximum half secret len */
#else
MAX_PRF_HALF = 260, /* Maximum half secret len */
#endif
MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
MAX_PRF_DIG = 224 /* Maximum digest len */
};
#ifdef WOLFSSL_HAVE_PRF
WOLFSSL_API int wc_PRF(byte* result, word32 resLen, const byte* secret,
word32 secLen, const byte* seed, word32 seedLen, int hash,
void* heap, int devId);
WOLFSSL_API int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, void* heap, int devId);
WOLFSSL_API int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret,
word32 secLen, const byte* label, word32 labLen,
const byte* seed, word32 seedLen, int useAtLeastSha256,
int hash_type, void* heap, int devId);
#endif /* WOLFSSL_HAVE_PRF */
#ifdef HAVE_HKDF
enum {
/*
MAX_HKDF_LABEL_SZ = OPAQUE16_LEN +
OPAQUE8_LEN + PROTOCOL_LABEL_SZ + MAX_LABEL_SZ +
OPAQUE8_LEN + WC_MAX_DIGEST_SIZE
*/
MAX_TLS13_HKDF_LABEL_SZ = 47 + WC_MAX_DIGEST_SIZE
};
WOLFSSL_API int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, int saltLen,
byte* ikm, int ikmLen, int digest);
WOLFSSL_API int wc_Tls13_HKDF_Expand_Label(byte* okm, word32 okmLen,
const byte* prk, word32 prkLen,
const byte* protocol, word32 protocolLen,
const byte* label, word32 labelLen,
const byte* info, word32 infoLen,
int digest);
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
WOLFSSL_API int wc_Tls13_HKDF_Expand_Label_Alloc(byte* okm, word32 okmLen,
const byte* prk, word32 prkLen, const byte* protocol, word32 protocolLen,
const byte* label, word32 labelLen, const byte* info, word32 infoLen,
int digest, void* heap);
#endif /* !defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3) */
#endif /* HAVE_HKDF */
#ifdef WOLFSSL_WOLFSSH
WOLFSSL_API int wc_SSH_KDF(byte hashId, byte keyId,
byte* key, word32 keySz,
const byte* k, word32 kSz,
const byte* h, word32 hSz,
const byte* sessionId, word32 sessionIdSz);
#endif /* WOLFSSL_WOLFSSH */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_KDF_H */
#endif /* NO_KDF */

View File

@ -1,6 +1,6 @@
/* logging.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -105,19 +105,29 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
WOLFSSL_API const char *wolfSSL_global_cflags(void);
#endif
#if (defined(OPENSSL_EXTRA) && !defined(_WIN32) && \
!defined(NO_ERROR_QUEUE)) || defined(DEBUG_WOLFSSL_VERBOSE)
#define WOLFSSL_HAVE_ERROR_QUEUE
#endif
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
WOLFSSL_LOCAL int wc_LoggingInit(void);
WOLFSSL_LOCAL int wc_LoggingCleanup(void);
WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf,
char* file);
WOLFSSL_LOCAL int wc_PeekErrorNode(int index, const char **file,
WOLFSSL_LOCAL int wc_PeekErrorNode(int idx, const char **file,
const char **reason, int *line);
WOLFSSL_LOCAL void wc_RemoveErrorNode(int index);
WOLFSSL_LOCAL void wc_RemoveErrorNode(int idx);
WOLFSSL_LOCAL void wc_ClearErrorNodes(void);
WOLFSSL_LOCAL int wc_PullErrorNode(const char **file, const char **reason,
int *line);
WOLFSSL_API int wc_SetLoggingHeap(void* h);
WOLFSSL_API int wc_ERR_remove_state(void);
WOLFSSL_LOCAL unsigned long wc_PeekErrorNodeLineData(
const char **file, int *line, const char **data, int *flags,
int (*ignore_err)(int err));
WOLFSSL_LOCAL unsigned long wc_GetErrorNodeErr(void);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp);
WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str,
@ -156,7 +166,12 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
#define WOLFSSL_STUB(m) \
WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented))
WOLFSSL_API int WOLFSSL_IS_DEBUG_ON(void);
#if !defined(_WIN32) && defined(XVSNPRINTF)
WOLFSSL_API void WOLFSSL_MSG_EX(const char* fmt, ...);
#define HAVE_WOLFSSL_MSG_EX
#else
#define WOLFSSL_MSG_EX(...)
#endif
WOLFSSL_API void WOLFSSL_MSG(const char* msg);
WOLFSSL_API void WOLFSSL_BUFFER(const byte* buffer, word32 length);
@ -167,29 +182,36 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
#define WOLFSSL_STUB(m)
#define WOLFSSL_IS_DEBUG_ON() 0
#define WOLFSSL_MSG(m)
#define WOLFSSL_BUFFER(b, l)
#define WOLFSSL_MSG_EX(...) do{} while(0)
#define WOLFSSL_MSG(m) do{} while(0)
#define WOLFSSL_BUFFER(b, l) do{} while(0)
#endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */
#if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) ||\
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
#if (!defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && !defined(_WIN32))\
|| defined(DEBUG_WOLFSSL_VERBOSE)
#ifdef WOLFSSL_HAVE_ERROR_QUEUE
WOLFSSL_API void WOLFSSL_ERROR_LINE(int err, const char* func, unsigned int line,
const char* file, void* ctx);
#define WOLFSSL_ERROR(x) \
WOLFSSL_ERROR_LINE((x), __func__, __LINE__, __FILE__, NULL)
#else
WOLFSSL_API void WOLFSSL_ERROR(int err);
#endif
WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg);
#endif /* WOLFSSL_HAVE_ERROR_QUEUE */
WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg);
#else
#define WOLFSSL_ERROR(e)
#define WOLFSSL_ERROR_MSG(m)
#endif
#endif /* DEBUG_WOLFSSL | OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
OPENSSL_EXTRA */
#ifdef WOLFSSL_VERBOSE_ERRORS
#define WOLFSSL_ERROR_VERBOSE(e) WOLFSSL_ERROR(e)
#else
#define WOLFSSL_ERROR_VERBOSE(e) (void)(e)
#endif /* WOLFSSL_VERBOSE_ERRORS */
#ifdef HAVE_STACK_SIZE_VERBOSE
extern WOLFSSL_API THREAD_LS_T unsigned char *StackSizeCheck_myStack;

View File

@ -1,6 +1,6 @@
/* md2.h
*
* Copyright (C) 2006-2021 wolfSSL Inc.
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -54,10 +54,10 @@ typedef struct Md2 {
} Md2;
WOLFSSL_API void wc_InitMd2(Md2*);
WOLFSSL_API void wc_Md2Update(Md2*, const byte*, word32);
WOLFSSL_API void wc_Md2Final(Md2*, byte*);
WOLFSSL_API int wc_Md2Hash(const byte*, word32, byte*);
WOLFSSL_API void wc_InitMd2(Md2* md2);
WOLFSSL_API void wc_Md2Update(Md2* md2, const byte* data, word32 len);
WOLFSSL_API void wc_Md2Final(Md2* md2, byte* hash);
WOLFSSL_API int wc_Md2Hash(const byte* data, word32 len, byte* hash);
#ifdef __cplusplus

Some files were not shown because too many files have changed in this diff Show More