* Fixed some build configuration variations.
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist. * Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options. * Improved API unit test error case checking where `TEST_RES_CHECK` is not used. * Changed `TEST_SKIPPED` to unique value. * Added CI tests for enable-all, small stack, and user setting templates.
This commit is contained in:
parent
4f8edb312b
commit
023db01aca
2
.github/SECURITY.md
vendored
2
.github/SECURITY.md
vendored
@ -6,7 +6,7 @@ If you discover a vulnerability, please report it to support@wolfssl.com
|
||||
|
||||
1. Include a detailed description
|
||||
2. Include method to reproduce and/or method of discovery
|
||||
3. We will evaulate the report promptly and respond to you with findings.
|
||||
3. We will evaluate the report promptly and respond to you with findings.
|
||||
4. We will credit you with the report if you would like.
|
||||
|
||||
**Please keep the vulnerability private** until a fix has been released.
|
||||
|
127
.github/workflows/os-check.yml
vendored
127
.github/workflows/os-check.yml
vendored
@ -1,4 +1,4 @@
|
||||
name: Test MacOS/Ubuntu/Windows compilation
|
||||
name: GitHub Action Tests
|
||||
concurrency:
|
||||
group: ${{ github.ref }}
|
||||
|
||||
@ -13,35 +13,122 @@ jobs:
|
||||
name: macOS Build Test
|
||||
runs-on: macos-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: brew
|
||||
run: brew install automake libtool
|
||||
|
||||
- name: autogen
|
||||
run: ./autogen.sh
|
||||
- name: configure
|
||||
run: ./configure
|
||||
- name: make
|
||||
run: make
|
||||
- name: make check
|
||||
run: make check
|
||||
- name: make distcheck
|
||||
run: make distcheck
|
||||
|
||||
- name: configure make check
|
||||
run: |
|
||||
./configure
|
||||
make
|
||||
make check
|
||||
make distcheck
|
||||
|
||||
- name: configure all make check
|
||||
run: |
|
||||
./configure --enable-all
|
||||
make
|
||||
make check
|
||||
make distcheck
|
||||
|
||||
- name: configure all ASN template
|
||||
run: |
|
||||
./configure --enable-all --enable-asn=template
|
||||
make
|
||||
make check
|
||||
make distcheck
|
||||
|
||||
- name: make user_settings_all.h
|
||||
run: |
|
||||
cp ./examples/configs/user_settings_all.h user_settings.h
|
||||
./configure --enable-usersettings
|
||||
make
|
||||
make check
|
||||
|
||||
- name: user_settings_all.h with compatibility layer
|
||||
run: |
|
||||
cp ./examples/configs/user_settings_all.h user_settings.h
|
||||
sed -i -e "s/if 0/if 1/" user_settings.h
|
||||
./configure --enable-usersettings
|
||||
make
|
||||
make check
|
||||
|
||||
- name: user_settings_min_ecc.h
|
||||
run: |
|
||||
cp ./examples/configs/user_settings_min_ecc.h user_settings.h
|
||||
./configure --enable-usersettings --disable-examples
|
||||
make
|
||||
./wolfcrypt/test/testwolfcrypt
|
||||
|
||||
- name: user_settings_wolfboot_keytools.h
|
||||
run: |
|
||||
cp ./examples/configs/user_settings_wolfboot_keytools.h user_settings.h
|
||||
./configure --enable-usersettings --disable-examples
|
||||
make
|
||||
./wolfcrypt/test/testwolfcrypt
|
||||
|
||||
ubuntu_build:
|
||||
name: Ubuntu Build Test
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: autogen
|
||||
run: ./autogen.sh
|
||||
- name: configure
|
||||
run: ./configure
|
||||
- name: make
|
||||
run: make
|
||||
- name: make check
|
||||
run: make check
|
||||
- name: make distcheck
|
||||
run: make distcheck
|
||||
|
||||
- name: configure make check
|
||||
run: |
|
||||
./configure
|
||||
make
|
||||
make check
|
||||
make distcheck
|
||||
|
||||
- name: configure all make check
|
||||
run: |
|
||||
./configure --enable-all
|
||||
make
|
||||
make check
|
||||
make distcheck
|
||||
|
||||
- name: configure all ASN template
|
||||
run: |
|
||||
./configure --enable-all --enable-asn=template
|
||||
make
|
||||
make check
|
||||
make distcheck
|
||||
|
||||
- name: make user_settings_all.h
|
||||
run: |
|
||||
cp ./examples/configs/user_settings_all.h user_settings.h
|
||||
./configure --enable-usersettings
|
||||
make
|
||||
make check
|
||||
|
||||
- name: user_settings_all.h with compatibility layer
|
||||
run: |
|
||||
cp ./examples/configs/user_settings_all.h user_settings.h
|
||||
sed -i -e "s/if 0/if 1/" user_settings.h
|
||||
./configure --enable-usersettings
|
||||
make
|
||||
make check
|
||||
|
||||
- name: user_settings_min_ecc.h
|
||||
run: |
|
||||
cp ./examples/configs/user_settings_min_ecc.h user_settings.h
|
||||
./configure --enable-usersettings --disable-examples
|
||||
make
|
||||
./wolfcrypt/test/testwolfcrypt
|
||||
|
||||
- name: user_settings_wolfboot_keytools.h
|
||||
run: |
|
||||
cp ./examples/configs/user_settings_wolfboot_keytools.h user_settings.h
|
||||
./configure --enable-usersettings --disable-examples
|
||||
make
|
||||
./wolfcrypt/test/testwolfcrypt
|
||||
|
||||
windows_build:
|
||||
name: Windows Build Test
|
||||
@ -56,7 +143,7 @@ jobs:
|
||||
BUILD_CONFIGURATION: Release
|
||||
BUILD_PLATFORM: x64
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Add MSBuild to PATH
|
||||
uses: microsoft/setup-msbuild@v1
|
||||
|
@ -8447,10 +8447,10 @@ AM_CONDITIONAL([BUILD_HMAC],[test "x$ENABLED_HMAC" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_ERROR_STRINGS],[test "x$ENABLED_ERROR_STRINGS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_DO178],[test "x$ENABLED_DO178" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_PSA],[test "x$ENABLED_PSA" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_DTLS13],[test "x$ENABLED_DTLS13" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_DTLS13],[test "x$ENABLED_DTLS13" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_QUIC],[test "x$ENABLED_QUIC" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_DTLS_CID],[test "x$ENABLED_DTLS_CID" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_DTLS],[test "x$ENABLED_DTLS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_DTLS],[test "x$ENABLED_DTLS" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_MAXQ10XX],[test "x$ENABLED_MAXQ10XX" = "xyes"])
|
||||
|
||||
if test "$ENABLED_REPRODUCIBLE_BUILD" != "yes" &&
|
||||
|
@ -3662,7 +3662,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef HAVE_CRL
|
||||
#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
|
||||
if (disableCRL == 0 && !useVerifyCb) {
|
||||
#if defined(HAVE_IO_TIMEOUT) && defined(HAVE_HTTP_CLIENT)
|
||||
wolfIO_SetTimeout(DEFAULT_TIMEOUT_SEC);
|
||||
@ -4273,7 +4273,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_EXT_CACHE)
|
||||
#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
|
||||
defined(HAVE_EXT_CACHE))
|
||||
if (flatSession) {
|
||||
const byte* constFlatSession = flatSession;
|
||||
session = wolfSSL_d2i_SSL_SESSION(NULL,
|
||||
@ -4283,7 +4284,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
|
||||
wolfSSL_set_session(sslResume, session);
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_EXT_CACHE)
|
||||
#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
|
||||
defined(HAVE_EXT_CACHE))
|
||||
if (flatSession) {
|
||||
XFREE(flatSession, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
|
@ -50,22 +50,30 @@ extern "C" {
|
||||
#define HAVE_NULL_CIPHER /* Enable use of TLS cipher suites without cipher (clear text / no encryption) */
|
||||
#define WOLFSSL_HAVE_CERT_SERVICE
|
||||
#define WOLFSSL_JNI
|
||||
#define WOLFSSL_SEP
|
||||
#define WOLFSSL_SEP /* certificate policy set extension */
|
||||
#define WOLFCRYPT_HAVE_SRP
|
||||
#define WOLFSSL_HAVE_WOLFSCEP
|
||||
#define WOLFSSL_ENCRYPTED_KEYS /* Support for encrypted keys PKCS8 */
|
||||
#define HAVE_PKCS7
|
||||
#define WOLFSSL_MULTI_ATTRIB
|
||||
#define WOLFSSL_DER_LOAD
|
||||
#define ASN_BER_TO_DER /* BER to DER support */
|
||||
#define WOLFSSL_SIGNER_DER_CERT
|
||||
#define WOLFSSL_TRUST_PEER_CERT
|
||||
#define WOLFSSL_SYS_CA_CERTS /* Enable ability to load CA certs from OS */
|
||||
#define WOLFSSL_WOLFSSH
|
||||
#define WC_NO_ASYNC_THREADING
|
||||
//#define HAVE_THREAD_LS /* DG Commented: Thread local storage - may not be portable */
|
||||
//#define WOLFSSL_AEAD_ONLY /* automatically set if TLS v1.3 only, but can be enabled for TLS v1.2 manually */
|
||||
|
||||
/* TLS Features */
|
||||
#define WOLFSSL_DTLS
|
||||
#define WOLFSSL_TLS13
|
||||
#define WOLFSSL_EITHER_SIDE /* allow generic server/client method for WOLFSSL_CTX new */
|
||||
#define WOLFSSL_TLS13_NO_PEEK_HANDSHAKE_DONE
|
||||
|
||||
/* DTLS */
|
||||
#define WOLFSSL_DTLS
|
||||
#define WOLFSSL_MULTICAST
|
||||
|
||||
/* DTLS v1.3 is not yet included with enable-all */
|
||||
//#define WOLFSSL_DTLS13
|
||||
|
||||
/* DG Disabled SSLv3 and TLSv1.0 - should avoid using */
|
||||
//#define WOLFSSL_ALLOW_SSLV3
|
||||
@ -80,9 +88,17 @@ extern "C" {
|
||||
#define HAVE_MAX_FRAGMENT
|
||||
#define HAVE_TRUNCATED_HMAC
|
||||
#define HAVE_SESSION_TICKET
|
||||
#define WOLFSSL_TICKET_HAVE_ID
|
||||
#define WOLFSSL_FORCE_CACHE_ON_TICKET
|
||||
#define HAVE_EXTENDED_MASTER
|
||||
#define HAVE_TRUSTED_CA
|
||||
#define HAVE_ENCRYPT_THEN_MAC
|
||||
#define WOLFSSL_POST_HANDSHAKE_AUTH
|
||||
#define WOLFSSL_SEND_HRR_COOKIE /* Used by DTLS v1.3 */
|
||||
#define HAVE_ANON /* anon cipher suites */
|
||||
#define HAVE_FALLBACK_SCSV /* TLS_FALLBACK_SCSV */
|
||||
#define WOLFSSL_EARLY_DATA
|
||||
#define HAVE_SERVER_RENEGOTIATION_INFO
|
||||
|
||||
/* TLS Session Cache */
|
||||
#define SESSION_CERTS
|
||||
@ -94,6 +110,22 @@ extern "C" {
|
||||
#define WOLFSSL_CERT_GEN
|
||||
#define WOLFSSL_CERT_REQ
|
||||
#define WOLFSSL_CERT_EXT
|
||||
#define WOLFSSL_MULTI_ATTRIB
|
||||
#define HAVE_SMIME
|
||||
#define WOLFSSL_DER_LOAD
|
||||
#define ASN_BER_TO_DER /* BER to DER support */
|
||||
#define WOLFSSL_HAVE_ISSUER_NAMES /* Store pointers to issuer name components and their lengths and encodings */
|
||||
#define WOLFSSL_SUBJ_DIR_ATTR /* Enable support for SubjectDirectoryAttributes extension */
|
||||
#define WOLFSSL_SUBJ_INFO_ACC /* Enable support for SubjectInfoAccess extension */
|
||||
#define WOLFSSL_CERT_NAME_ALL /* Adds more certificate name capability at the cost of taking up more memory. Adds initials, givenname, dnQualifer for example */
|
||||
#define WOLFSSL_FPKI /* Enable support for FPKI (Federal PKI) extensions */
|
||||
#define WOLFSSL_AKID_NAME /* Enable support for full AuthorityKeyIdentifier extension. Only supports copying full AKID from an existing certificate */
|
||||
#define HAVE_CTS /* Ciphertext stealing interface */
|
||||
#define WOLFSSL_PEM_TO_DER
|
||||
#define WOLFSSL_DER_TO_PEM
|
||||
#define WOLFSSL_CUSTOM_OID
|
||||
#define HAVE_OID_ENCODING
|
||||
//#define WOLFSSL_ASN_TEMPLATE /* Not enabled yet by default */
|
||||
|
||||
/* Certificate Revocation */
|
||||
#define HAVE_OCSP
|
||||
@ -105,11 +137,21 @@ extern "C" {
|
||||
//#define HAVE_CRL_MONITOR /* DG Disabled (Monitors CRL files on filesystem) - not portable feature */
|
||||
|
||||
|
||||
/* Fast math key size 4096-bit max */
|
||||
#define USE_FAST_MATH
|
||||
#define FP_MAX_BITS 8192
|
||||
#if 1
|
||||
/* sp_int.c */
|
||||
#define WOLFSSL_SP_MATH_ALL
|
||||
#else
|
||||
/* Fast math key size 4096-bit max */
|
||||
#define USE_FAST_MATH
|
||||
#endif
|
||||
//#define HAVE___UINT128_T 1 /* DG commented: May not be portable */
|
||||
|
||||
/* Max Sizes */
|
||||
#define RSA_MAX_SIZE 4096
|
||||
#define FP_MAX_BITS 8192
|
||||
#define SP_INT_BITS 4096
|
||||
|
||||
|
||||
/* Timing Resistance */
|
||||
#define TFM_TIMING_RESISTANT
|
||||
#define ECC_TIMING_RESISTANT
|
||||
@ -118,6 +160,8 @@ extern "C" {
|
||||
/* DH Key Sizes */
|
||||
#define HAVE_FFDHE_2048
|
||||
#define HAVE_FFDHE_3072
|
||||
#define WOLFSSL_DH_EXTRA /* Enable additional DH key import/export */
|
||||
#define HAVE_DH_DEFAULT_PARAMS
|
||||
|
||||
/* ECC Features */
|
||||
#define HAVE_ECC
|
||||
@ -132,9 +176,14 @@ extern "C" {
|
||||
#define HAVE_COMP_KEY /* Compressed key support */
|
||||
#define FP_ECC /* Fixed point caching - speed repeated operations against same key */
|
||||
#define HAVE_ECC_ENCRYPT
|
||||
#define WOLFCRYPT_HAVE_ECCSI
|
||||
#define WOLFCRYPT_HAVE_SAKKE
|
||||
#define WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT
|
||||
|
||||
/* RSA */
|
||||
#define WC_RSA_PSS
|
||||
#define WOLFSSL_PSS_LONG_SALT
|
||||
#define WC_RSA_NO_PADDING
|
||||
|
||||
/* AES */
|
||||
#define HAVE_AES_DECRYPT
|
||||
@ -142,11 +191,16 @@ extern "C" {
|
||||
#define WOLFSSL_AES_DIRECT
|
||||
#define WOLFSSL_AES_COUNTER
|
||||
#define HAVE_AESGCM
|
||||
#define GCM_TABLE_4BIT
|
||||
#define WOLFSSL_AESGCM_STREAM
|
||||
#define HAVE_AESCCM
|
||||
#define WOLFSSL_AES_OFB
|
||||
#define WOLFSSL_AES_CFB
|
||||
#define WOLFSSL_AES_XTS
|
||||
#define HAVE_AES_KEYWRAP
|
||||
#define WOLFSSL_AES_CBC_LENGTH_CHECKS
|
||||
#define WOLFSSL_USE_ALIGN
|
||||
#define WOLFSSL_AES_SIV
|
||||
|
||||
/* Hashing */
|
||||
#define WOLFSSL_SHA224
|
||||
@ -155,29 +209,44 @@ extern "C" {
|
||||
#define WOLFSSL_SHAKE256
|
||||
#define WOLFSSL_SHA3
|
||||
#define WOLFSSL_HASH_FLAGS /* enable hash flag API's */
|
||||
#define WOLFSSL_SHAKE256
|
||||
|
||||
/* Additional Algorithms */
|
||||
#define HAVE_HASHDRBG
|
||||
#define HAVE_CURVE25519
|
||||
#define HAVE_ED25519
|
||||
#define WOLFSSL_ED25519_STREAMING_VERIFY
|
||||
#define CURVED25519_SMALL
|
||||
#define HAVE_ED448
|
||||
#define WOLFSSL_ED448_STREAMING_VERIFY
|
||||
#define HAVE_CURVE448
|
||||
#define HAVE_POLY1305
|
||||
#define HAVE_CHACHA
|
||||
#define HAVE_XCHACHA
|
||||
#define HAVE_HKDF
|
||||
#define HAVE_X963_KDF
|
||||
#define WOLFSSL_CMAC
|
||||
#define WOLFSSL_DES_ECB
|
||||
#define HAVE_BLAKE2
|
||||
#define HAVE_BLAKE2B
|
||||
#define HAVE_BLAKE2S
|
||||
#define WOLFSSL_SIPHASH
|
||||
#define HAVE_KEYING_MATERIAL
|
||||
#define WOLFSSL_HAVE_PRF
|
||||
|
||||
|
||||
/* Non-Standard Algorithms (DG disabled) */
|
||||
//#define HAVE_CAMELLIA
|
||||
//#define WOLFSSL_RIPEMD
|
||||
//#define HAVE_SCRYPT
|
||||
//#define WOLFSSL_MD2
|
||||
//#define WOLFSSL_ALLOW_RC4
|
||||
|
||||
/* Encoding */
|
||||
#define WOLFSSL_BASE16
|
||||
#define WOLFSSL_BASE64_ENCODE
|
||||
|
||||
|
||||
/* Openssl compatibility */
|
||||
#if 0 /* DG Disabled */
|
||||
/* Openssl compatibility API's */
|
||||
@ -192,6 +261,13 @@ extern "C" {
|
||||
#define NO_OLD_WC_NAMES
|
||||
#define NO_OLD_SSL_NAMES
|
||||
#define NO_OLD_SHA_NAMES
|
||||
#define NO_OLD_MD5_NAME
|
||||
#define OPENSSL_NO_EC /* macro to enable ECC in openssl */
|
||||
#define WOLFSSL_VERBOSE_ERRORS
|
||||
#define ERROR_QUEUE_PER_THREAD
|
||||
#define WOLFSSL_ERROR_CODE_OPENSSL
|
||||
#define HAVE_WOLFSSL_SSL_H 1
|
||||
#define OPENSSL_COMPATIBLE_DEFAULTS
|
||||
|
||||
/* Openssl compatibility application specific */
|
||||
#define WOLFSSL_LIBWEBSOCKETS
|
||||
@ -206,6 +282,9 @@ extern "C" {
|
||||
#define WOLFSSL_ASIO
|
||||
#define ASIO_USE_WOLFSSL
|
||||
#define BOOST_ASIO_USE_WOLFSSL
|
||||
#define WOLFSSL_OPENVPN
|
||||
|
||||
#define NO_WOLFSSL_STUB
|
||||
#endif
|
||||
|
||||
/* TLS static cipher support - off by default */
|
||||
@ -222,6 +301,68 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
/* Used to manually test disable edge cases */
|
||||
#ifdef TEST_DISABLES
|
||||
#define NO_SESSION_CACHE
|
||||
|
||||
//#define NO_ECC256
|
||||
//#define NO_ECC_KEY_EXPORT
|
||||
//#define NO_ECC_DHE
|
||||
//#define NO_ECC_SIGN
|
||||
//#define NO_ECC_VERIFY
|
||||
|
||||
//#define NO_RSA
|
||||
#define NO_DH
|
||||
#define NO_DSA
|
||||
|
||||
#define NO_SHA
|
||||
#define NO_SHA256
|
||||
#ifdef NO_SHA256
|
||||
#undef WOLFSSL_SHA224
|
||||
#endif
|
||||
#define NO_SHA512
|
||||
#ifdef NO_SHA512
|
||||
#undef WOLFSSL_SHA384
|
||||
#undef WOLFSSL_SHA512
|
||||
#undef HAVE_ED25519
|
||||
#endif
|
||||
#define NO_MD4
|
||||
#define NO_MD5
|
||||
//#define NO_KDF
|
||||
//#define NO_HMAC
|
||||
|
||||
#define NO_RC4
|
||||
#define NO_DES3
|
||||
//#define NO_AES
|
||||
#define NO_AES_CBC
|
||||
#define WOLFSSL_NO_SHAKE128
|
||||
|
||||
#define NO_PSK
|
||||
#define NO_PWDBASED
|
||||
#define NO_OLD_TLS
|
||||
//#define WOLFSSL_NO_TLS12
|
||||
|
||||
//#define NO_64BIT
|
||||
#define WOLFSSL_SP_NO_MALLOC
|
||||
#define NO_FILESYSTEM
|
||||
#define NO_WRITEV
|
||||
|
||||
#define NO_ERROR_STRINGS
|
||||
//#define NO_WOLFSSL_CLIENT
|
||||
//#define NO_WOLFSSL_SERVER
|
||||
|
||||
#define NO_MULTIBYTE_PRINT
|
||||
//#define NO_ASN_TIME
|
||||
//#define NO_ASN_CRYPT
|
||||
//#define NO_CODING
|
||||
#define NO_SIG_WRAPPER
|
||||
//#define NO_HASH_WRAPPER
|
||||
//#define WC_NO_HARDEN
|
||||
|
||||
//#define NO_CERTS
|
||||
//#define NO_ASN
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
@ -26,7 +26,7 @@
|
||||
#ifndef H_USER_SETTINGS_
|
||||
#define H_USER_SETTINGS_
|
||||
|
||||
#include <stdint.h>
|
||||
/* #include <stdint.h> */ /* DG: Removed, not needed for testing */
|
||||
|
||||
/* System */
|
||||
#define WOLFSSL_GENERAL_ALIGNMENT 4
|
||||
@ -35,8 +35,6 @@
|
||||
#define SIZEOF_LONG_LONG 8
|
||||
|
||||
/* Math */
|
||||
#define WOLFSSL_SP
|
||||
#define WOLFSSL_SP_NO_3072
|
||||
#define USE_FAST_MATH
|
||||
#define FP_MAX_BITS (4096 * 2)
|
||||
#define TFM_TIMING_RESISTANT
|
||||
@ -45,10 +43,18 @@
|
||||
#define HAVE_ECC
|
||||
#define WOLFSSL_HAVE_SP_ECC
|
||||
#define ECC_TIMING_RESISTANT
|
||||
#define HAVE_ECC256
|
||||
#define HAVE_ECC384
|
||||
#define HAVE_ECC521
|
||||
|
||||
/* ED25519 */
|
||||
#define HAVE_ED25519
|
||||
#define CURVED25519_SMALL
|
||||
/* DG: Added, since --enable-usersettings expects small version to be used */
|
||||
#define ED25519_SMALL
|
||||
|
||||
/* ED448 */
|
||||
#define HAVE_ED448
|
||||
#define WOLFSSL_SHAKE256
|
||||
|
||||
/* RSA */
|
||||
#define HAVE_RSA
|
||||
@ -58,14 +64,18 @@
|
||||
|
||||
/* Hashing */
|
||||
#define WOLFSSL_SHA512 /* Required for ED25519 */
|
||||
#define WOLFSSL_SHA384
|
||||
#define WOLFSSL_SHA3
|
||||
#undef NO_SHA256
|
||||
|
||||
/* Chacha stream cipher */
|
||||
#define HAVE_CHACHA
|
||||
|
||||
/* AES */
|
||||
#define WOLFSSL_AES_COUNTER
|
||||
#define WOLFSSL_AES_DIRECT
|
||||
|
||||
/* Disables */
|
||||
#define NO_AES
|
||||
#define NO_CMAC
|
||||
#define NO_HMAC
|
||||
#define NO_RC4
|
||||
@ -73,15 +83,16 @@
|
||||
#define NO_DH
|
||||
#define NO_DSA
|
||||
#define NO_MD4
|
||||
#define NO_RABBIT
|
||||
#define NO_MD5
|
||||
#define NO_SIG_WRAPPER
|
||||
#define NO_CERT
|
||||
#define NO_SESSION_CACHE
|
||||
#define NO_HC128
|
||||
#define NO_DES3
|
||||
#define NO_PWDBASED
|
||||
#define NO_WRITEV
|
||||
#define NO_FILESYSTEM
|
||||
//#define NO_MAIN_DRIVER
|
||||
#define NO_OLD_RNGNAME
|
||||
#define NO_WOLFSSL_DIR
|
||||
#define WOLFSSL_NO_SOCK
|
||||
@ -89,7 +100,10 @@
|
||||
#define NO_ERROR_STRINGS
|
||||
|
||||
#define BENCH_EMBEDDED
|
||||
#define NO_CRYPT_TEST
|
||||
#define NO_CRYPT_BENCHMARK
|
||||
|
||||
/* DG: Removed since we need it here for testing */
|
||||
/* #define NO_MAIN_DRIVER */
|
||||
/* #define NO_CRYPT_TEST */
|
||||
/* #define NO_CRYPT_BENCHMARK */
|
||||
|
||||
#endif /* !H_USER_SETTINGS_ */
|
||||
|
@ -2995,7 +2995,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
|
||||
#ifndef NO_HANDSHAKE_DONE_CB
|
||||
wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
|
||||
#endif
|
||||
#ifdef HAVE_CRL
|
||||
#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
|
||||
if (!disableCRL) {
|
||||
#ifdef HAVE_CRL_MONITOR
|
||||
crlFlags = WOLFSSL_CRL_MONITOR | WOLFSSL_CRL_START_MON;
|
||||
@ -3021,8 +3021,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
|
||||
}
|
||||
#ifndef NO_RSA
|
||||
/* All the OCSP Stapling test certs are RSA. */
|
||||
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
||||
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
||||
#if !defined(NO_FILESYSTEM) && (\
|
||||
defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
||||
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
|
||||
{ /* scope start */
|
||||
const char* ca1 = "certs/ocsp/intermediate1-ca-cert.pem";
|
||||
const char* ca2 = "certs/ocsp/intermediate2-ca-cert.pem";
|
||||
|
@ -77,8 +77,8 @@ if test -n "$WOLFSSL_OCSP_TEST"; then
|
||||
printf '%s\n' "Test Passed!"
|
||||
exit 0
|
||||
elif [ $GL_UNREACHABLE -eq 1 ] && [ $GR_RESULT -eq 0 ]; then
|
||||
printf '%s\n' "Global Sign is currently unreachable. Logging it but if"
|
||||
printf '%s\n' "this continues to occur should be investigated"
|
||||
printf '%s\n' "Global Sign is currently unreachable. Logging it but if"
|
||||
printf '%s\n' "this continues to occur should be investigated"
|
||||
exit 0
|
||||
else
|
||||
# Unlike other environment variables the intent of WOLFSSL_OCSP_TEST
|
||||
@ -96,7 +96,7 @@ else
|
||||
if [ $GL_RESULT -ne 0 ] && [ $GR_RESULT -ne 0 ]; then
|
||||
printf '\n\n%s\n' "Both OCSP connection to globalsign and google failed"
|
||||
printf '%s\n' "Test Failed!"
|
||||
exit 1
|
||||
exit 77
|
||||
else
|
||||
printf '\n\n%s\n' "WOLFSSL_OCSP_TEST NOT set, and 1 of the tests passed"
|
||||
printf '%s\n' "Test Passed!"
|
||||
|
162
src/ssl.c
162
src/ssl.c
@ -2727,8 +2727,8 @@ int wolfSSL_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz,
|
||||
|
||||
#ifdef HAVE_TRUSTED_CA
|
||||
|
||||
WOLFSSL_API int wolfSSL_UseTrustedCA(WOLFSSL* ssl, byte type,
|
||||
const byte* certId, word32 certIdSz)
|
||||
int wolfSSL_UseTrustedCA(WOLFSSL* ssl, byte type,
|
||||
const byte* certId, word32 certIdSz)
|
||||
{
|
||||
if (ssl == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
@ -3467,8 +3467,7 @@ int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx)
|
||||
return TLSX_UseSessionTicket(&ctx->extensions, NULL, ctx->heap);
|
||||
}
|
||||
|
||||
WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL* ssl,
|
||||
byte* buf, word32* bufSz)
|
||||
int wolfSSL_get_SessionTicket(WOLFSSL* ssl, byte* buf, word32* bufSz)
|
||||
{
|
||||
if (ssl == NULL || buf == NULL || bufSz == NULL || *bufSz == 0)
|
||||
return BAD_FUNC_ARG;
|
||||
@ -3483,7 +3482,7 @@ WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL* ssl,
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL* ssl, const byte* buf,
|
||||
int wolfSSL_set_SessionTicket(WOLFSSL* ssl, const byte* buf,
|
||||
word32 bufSz)
|
||||
{
|
||||
if (ssl == NULL || (buf == NULL && bufSz > 0))
|
||||
@ -3523,8 +3522,8 @@ WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL* ssl, const byte* buf,
|
||||
}
|
||||
|
||||
|
||||
WOLFSSL_API int wolfSSL_set_SessionTicket_cb(WOLFSSL* ssl,
|
||||
CallbackSessionTicket cb, void* ctx)
|
||||
int wolfSSL_set_SessionTicket_cb(WOLFSSL* ssl,
|
||||
CallbackSessionTicket cb, void* ctx)
|
||||
{
|
||||
if (ssl == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
@ -7573,9 +7572,9 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
|
||||
return ret == 0 ? WOLFSSL_SUCCESS : ret;
|
||||
}
|
||||
|
||||
WOLFSSL_API int wolfSSL_CertManagerCheckOCSPResponse(WOLFSSL_CERT_MANAGER *cm,
|
||||
byte *response, int responseSz, buffer *responseBuffer,
|
||||
CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest)
|
||||
int wolfSSL_CertManagerCheckOCSPResponse(WOLFSSL_CERT_MANAGER *cm,
|
||||
byte *response, int responseSz, buffer *responseBuffer,
|
||||
CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest)
|
||||
{
|
||||
int ret;
|
||||
|
||||
@ -11112,6 +11111,43 @@ long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode)
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
/* Get the session cache mode for CTX
|
||||
*
|
||||
* ctx WOLFSSL_CTX struct to get cache mode from
|
||||
*
|
||||
* Returns a bit mask that has the session cache mode */
|
||||
long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX* ctx)
|
||||
{
|
||||
long m = 0;
|
||||
|
||||
WOLFSSL_ENTER("SSL_CTX_set_session_cache_mode");
|
||||
|
||||
if (ctx == NULL) {
|
||||
return m;
|
||||
}
|
||||
|
||||
if (ctx->sessionCacheOff != 1) {
|
||||
m |= WOLFSSL_SESS_CACHE_SERVER;
|
||||
}
|
||||
|
||||
if (ctx->sessionCacheFlushOff == 1) {
|
||||
m |= WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR;
|
||||
}
|
||||
|
||||
#ifdef HAVE_EXT_CACHE
|
||||
if (ctx->internalCacheOff == 1) {
|
||||
m |= WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE;
|
||||
}
|
||||
if (ctx->internalCacheLookupOff == 1) {
|
||||
m |= WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP;
|
||||
}
|
||||
#endif
|
||||
|
||||
return m;
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#endif /* NO_SESSION_CACHE */
|
||||
|
||||
|
||||
@ -14279,7 +14315,7 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx, byte* serverI
|
||||
else
|
||||
return NULL;
|
||||
}
|
||||
#endif
|
||||
#endif /* !NO_CLIENT_CACHE */
|
||||
|
||||
/**
|
||||
* For backwards compatibility, this API needs to be used in *ALL* functions
|
||||
@ -17654,7 +17690,7 @@ static int GetMinProtoVersion(int minDowngrade)
|
||||
return ret;
|
||||
}
|
||||
|
||||
WOLFSSL_API int wolfSSL_CTX_get_min_proto_version(WOLFSSL_CTX* ctx)
|
||||
int wolfSSL_CTX_get_min_proto_version(WOLFSSL_CTX* ctx)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
@ -23573,7 +23609,7 @@ const unsigned char *SSL_SESSION_get0_id_context(const WOLFSSL_SESSION *sess, un
|
||||
|
||||
/*** TBD ***/
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st)
|
||||
int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st)
|
||||
{
|
||||
(void)st;
|
||||
WOLFSSL_STUB("wolfSSL_sk_SSL_COMP_zero");
|
||||
@ -23615,7 +23651,7 @@ long wolfSSL_get_tlsext_status_type(WOLFSSL *s)
|
||||
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
WOLFSSL_API long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg)
|
||||
long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg)
|
||||
{
|
||||
(void)s;
|
||||
(void)arg;
|
||||
@ -23626,7 +23662,7 @@ WOLFSSL_API long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg)
|
||||
|
||||
/*** TBD ***/
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
WOLFSSL_API long wolfSSL_set_tlsext_status_exts(WOLFSSL *s, void *arg)
|
||||
long wolfSSL_set_tlsext_status_exts(WOLFSSL *s, void *arg)
|
||||
{
|
||||
(void)s;
|
||||
(void)arg;
|
||||
@ -23637,7 +23673,7 @@ WOLFSSL_API long wolfSSL_set_tlsext_status_exts(WOLFSSL *s, void *arg)
|
||||
|
||||
/*** TBD ***/
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
WOLFSSL_API long wolfSSL_get_tlsext_status_ids(WOLFSSL *s, void *arg)
|
||||
long wolfSSL_get_tlsext_status_ids(WOLFSSL *s, void *arg)
|
||||
{
|
||||
(void)s;
|
||||
(void)arg;
|
||||
@ -23648,7 +23684,7 @@ WOLFSSL_API long wolfSSL_get_tlsext_status_ids(WOLFSSL *s, void *arg)
|
||||
|
||||
/*** TBD ***/
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
WOLFSSL_API long wolfSSL_set_tlsext_status_ids(WOLFSSL *s, void *arg)
|
||||
long wolfSSL_set_tlsext_status_ids(WOLFSSL *s, void *arg)
|
||||
{
|
||||
(void)s;
|
||||
(void)arg;
|
||||
@ -23659,7 +23695,8 @@ WOLFSSL_API long wolfSSL_set_tlsext_status_ids(WOLFSSL *s, void *arg)
|
||||
|
||||
/*** TBD ***/
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
WOLFSSL_API int SSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid, unsigned int sid_len)
|
||||
int wolfSSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid,
|
||||
unsigned int sid_len)
|
||||
{
|
||||
(void)s;
|
||||
(void)sid;
|
||||
@ -23671,7 +23708,8 @@ WOLFSSL_API int SSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
/*** TBD ***/
|
||||
WOLFSSL_API int SSL_SESSION_set1_id_context(WOLFSSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len)
|
||||
int wolfSSL_SESSION_set1_id_context(WOLFSSL_SESSION *s,
|
||||
const unsigned char *sid_ctx, unsigned int sid_ctx_len)
|
||||
{
|
||||
(void)s;
|
||||
(void)sid_ctx;
|
||||
@ -23782,7 +23820,7 @@ void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at)
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
/*** TBD ***/
|
||||
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_get_privatekey(const WOLFSSL *ssl)
|
||||
WOLFSSL_EVP_PKEY *wolfSSL_get_privatekey(const WOLFSSL *ssl)
|
||||
{
|
||||
(void)ssl;
|
||||
WOLFSSL_STUB("SSL_get_privatekey");
|
||||
@ -23801,8 +23839,7 @@ WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_get_privatekey(const WOLFSSL *ssl)
|
||||
*
|
||||
* return the string length written on success, WOLFSSL_FAILURE on failure.
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_i2t_ASN1_OBJECT(char *buf, int buf_len,
|
||||
WOLFSSL_ASN1_OBJECT *a)
|
||||
int wolfSSL_i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_i2t_ASN1_OBJECT");
|
||||
return wolfSSL_OBJ_obj2txt(buf, buf_len, a, 0);
|
||||
@ -23931,8 +23968,7 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
||||
|
||||
#ifndef NO_BIO
|
||||
/* Return number of bytes written to BIO on success. 0 on failure. */
|
||||
WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp,
|
||||
WOLFSSL_ASN1_OBJECT *a)
|
||||
int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a)
|
||||
{
|
||||
int length = 0;
|
||||
word32 idx = 0;
|
||||
@ -24009,7 +24045,8 @@ int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp)
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
/*** TBD ***/
|
||||
WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength))
|
||||
void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx,
|
||||
WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength))
|
||||
{
|
||||
(void)ctx;
|
||||
(void)dh;
|
||||
@ -24019,7 +24056,7 @@ WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh)
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
/*** TBD ***/
|
||||
WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
|
||||
WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
|
||||
{
|
||||
WOLFSSL_STUB("SSL_COMP_get_compression_methods");
|
||||
return NULL;
|
||||
@ -24036,21 +24073,21 @@ int wolfSSL_sk_SSL_CIPHER_num(const WOLF_STACK_OF(WOLFSSL_CIPHER)* p)
|
||||
return (int)p->num;
|
||||
}
|
||||
|
||||
WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(WOLFSSL_STACK* sk, int i)
|
||||
WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(WOLFSSL_STACK* sk, int i)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_sk_SSL_CIPHER_value");
|
||||
return (WOLFSSL_CIPHER*)wolfSSL_sk_value(sk, i);
|
||||
}
|
||||
|
||||
#if !defined(NETOS)
|
||||
WOLFSSL_API void ERR_load_SSL_strings(void)
|
||||
void ERR_load_SSL_strings(void)
|
||||
{
|
||||
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_OCSP
|
||||
WOLFSSL_API long wolfSSL_get_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char **resp)
|
||||
long wolfSSL_get_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char **resp)
|
||||
{
|
||||
if (s == NULL || resp == NULL)
|
||||
return 0;
|
||||
@ -24059,7 +24096,8 @@ WOLFSSL_API long wolfSSL_get_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *
|
||||
return s->ocspRespSz;
|
||||
}
|
||||
|
||||
WOLFSSL_API long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *resp, int len)
|
||||
long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *resp,
|
||||
int len)
|
||||
{
|
||||
if (s == NULL)
|
||||
return WOLFSSL_FAILURE;
|
||||
@ -24079,8 +24117,8 @@ WOLFSSL_API long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *
|
||||
* @param mode maximum fragment length mode
|
||||
* @return 1 on success, otherwise 0 or negative error code
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_CTX_set_tlsext_max_fragment_length(WOLFSSL_CTX *c,
|
||||
unsigned char mode)
|
||||
int wolfSSL_CTX_set_tlsext_max_fragment_length(WOLFSSL_CTX *c,
|
||||
unsigned char mode)
|
||||
{
|
||||
if (c == NULL || (mode < WOLFSSL_MFL_2_9 || mode > WOLFSSL_MFL_2_12 ))
|
||||
return BAD_FUNC_ARG;
|
||||
@ -24093,8 +24131,7 @@ WOLFSSL_API int wolfSSL_CTX_set_tlsext_max_fragment_length(WOLFSSL_CTX *c,
|
||||
* @param mode maximum fragment length mode
|
||||
* @return 1 on success, otherwise 0 or negative error code
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_set_tlsext_max_fragment_length(WOLFSSL *s,
|
||||
unsigned char mode)
|
||||
int wolfSSL_set_tlsext_max_fragment_length(WOLFSSL *s, unsigned char mode)
|
||||
{
|
||||
if (s == NULL || (mode < WOLFSSL_MFL_2_9 || mode > WOLFSSL_MFL_2_12 ))
|
||||
return BAD_FUNC_ARG;
|
||||
@ -24107,7 +24144,7 @@ WOLFSSL_API int wolfSSL_set_tlsext_max_fragment_length(WOLFSSL *s,
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#ifdef WOLFSSL_HAVE_TLS_UNIQUE
|
||||
WOLFSSL_API size_t wolfSSL_get_finished(const WOLFSSL *ssl, void *buf, size_t count)
|
||||
size_t wolfSSL_get_finished(const WOLFSSL *ssl, void *buf, size_t count)
|
||||
{
|
||||
byte len = 0;
|
||||
|
||||
@ -24129,7 +24166,7 @@ WOLFSSL_API size_t wolfSSL_get_finished(const WOLFSSL *ssl, void *buf, size_t co
|
||||
return len;
|
||||
}
|
||||
|
||||
WOLFSSL_API size_t wolfSSL_get_peer_finished(const WOLFSSL *ssl, void *buf, size_t count)
|
||||
size_t wolfSSL_get_peer_finished(const WOLFSSL *ssl, void *buf, size_t count)
|
||||
{
|
||||
byte len = 0;
|
||||
WOLFSSL_ENTER("SSL_get_peer_finished");
|
||||
@ -24400,44 +24437,7 @@ long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX* ctx, void* arg)
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
#endif /* NO_CERTS */
|
||||
|
||||
|
||||
/* Get the session cache mode for CTX
|
||||
*
|
||||
* ctx WOLFSSL_CTX struct to get cache mode from
|
||||
*
|
||||
* Returns a bit mask that has the session cache mode */
|
||||
WOLFSSL_API long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX* ctx)
|
||||
{
|
||||
long m = 0;
|
||||
|
||||
WOLFSSL_ENTER("SSL_CTX_set_session_cache_mode");
|
||||
|
||||
if (ctx == NULL) {
|
||||
return m;
|
||||
}
|
||||
|
||||
if (ctx->sessionCacheOff != 1) {
|
||||
m |= SSL_SESS_CACHE_SERVER;
|
||||
}
|
||||
|
||||
if (ctx->sessionCacheFlushOff == 1) {
|
||||
m |= SSL_SESS_CACHE_NO_AUTO_CLEAR;
|
||||
}
|
||||
|
||||
#ifdef HAVE_EXT_CACHE
|
||||
if (ctx->internalCacheOff == 1) {
|
||||
m |= SSL_SESS_CACHE_NO_INTERNAL_STORE;
|
||||
}
|
||||
if (ctx->internalCacheLookupOff == 1) {
|
||||
m |= SSL_SESS_CACHE_NO_INTERNAL_LOOKUP;
|
||||
}
|
||||
#endif
|
||||
|
||||
return m;
|
||||
}
|
||||
|
||||
#endif /* !NO_CERTS */
|
||||
|
||||
int wolfSSL_get_read_ahead(const WOLFSSL* ssl)
|
||||
{
|
||||
@ -25201,7 +25201,7 @@ int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a)
|
||||
/*
|
||||
* Convert time to Unix time (GMT).
|
||||
*/
|
||||
static long long TimeToUnixTime(int sec, int minute, int hour, int mday,
|
||||
static long long TimeToUnixTime(int sec, int minute, int hour, int mday,
|
||||
int mon, int year)
|
||||
{
|
||||
/* Number of cumulative days from the previous months, starting from
|
||||
@ -25218,7 +25218,7 @@ static long long TimeToUnixTime(int sec, int minute, int hour, int mday,
|
||||
1969 / 100 - 1969 / 400;
|
||||
|
||||
return ((((long long) (year - 1970) * 365 + leapDays +
|
||||
monthDaysCumulative[mon] + mday - 1) * 24 + hour) * 60 + minute) *
|
||||
monthDaysCumulative[mon] + mday - 1) * 24 + hour) * 60 + minute) *
|
||||
60 + sec;
|
||||
}
|
||||
|
||||
@ -35612,7 +35612,7 @@ int wolfSSL_BN_sub(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* a,
|
||||
return 0;
|
||||
}
|
||||
|
||||
WOLFSSL_API int wolfSSL_BN_mul(WOLFSSL_BIGNUM *r, WOLFSSL_BIGNUM *a, WOLFSSL_BIGNUM *b,
|
||||
int wolfSSL_BN_mul(WOLFSSL_BIGNUM *r, WOLFSSL_BIGNUM *a, WOLFSSL_BIGNUM *b,
|
||||
WOLFSSL_BN_CTX *ctx)
|
||||
{
|
||||
int ret = WOLFSSL_SUCCESS;
|
||||
@ -35827,7 +35827,7 @@ int wolfSSL_BN_is_negative(const WOLFSSL_BIGNUM* bn)
|
||||
return mp_isneg((mp_int*)bn->internal);
|
||||
}
|
||||
|
||||
WOLFSSL_API void wolfSSL_BN_zero(WOLFSSL_BIGNUM* bn)
|
||||
void wolfSSL_BN_zero(WOLFSSL_BIGNUM* bn)
|
||||
{
|
||||
if (bn == NULL || bn->internal == NULL) {
|
||||
return;
|
||||
@ -35836,7 +35836,7 @@ WOLFSSL_API void wolfSSL_BN_zero(WOLFSSL_BIGNUM* bn)
|
||||
mp_zero((mp_int*)bn->internal);
|
||||
}
|
||||
|
||||
WOLFSSL_API int wolfSSL_BN_one(WOLFSSL_BIGNUM* bn)
|
||||
int wolfSSL_BN_one(WOLFSSL_BIGNUM* bn)
|
||||
{
|
||||
int ret = WOLFSSL_SUCCESS;
|
||||
|
||||
@ -36633,7 +36633,7 @@ int wolfSSL_BN_add_word(WOLFSSL_BIGNUM *bn, WOLFSSL_BN_ULONG w)
|
||||
/* return code compliant with OpenSSL :
|
||||
* 1 if success, 0 else
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_BN_sub_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w)
|
||||
int wolfSSL_BN_sub_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w)
|
||||
{
|
||||
int ret;
|
||||
|
||||
@ -40554,7 +40554,7 @@ error:
|
||||
* RETURNS:
|
||||
* returns pointer to a PKCS7 structure on success, otherwise returns NULL
|
||||
*/
|
||||
WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in,
|
||||
PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in,
|
||||
WOLFSSL_BIO** bcont)
|
||||
{
|
||||
MimeHdr* allHdrs = NULL;
|
||||
|
40
src/tls.c
40
src/tls.c
@ -10058,7 +10058,7 @@ int TLSX_EarlyData_Use(WOLFSSL* ssl, word32 maxSz, int is_response)
|
||||
|
||||
extension->resp = is_response;
|
||||
/* In QUIC, earlydata size is either 0 or 0xffffffff.
|
||||
* Override any size between, possibly left from our intial value */
|
||||
* Override any size between, possibly left from our initial value */
|
||||
extension->val = (WOLFSSL_IS_QUIC(ssl) && is_response && maxSz > 0) ?
|
||||
WOLFSSL_MAX_32BIT : maxSz;
|
||||
|
||||
@ -11407,7 +11407,7 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength)
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
||||
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
||||
if (!SSL_CM(ssl)->ocspStaplingEnabled) {
|
||||
@ -11480,8 +11480,9 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset)
|
||||
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
|
||||
#endif
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (!IsAtLeastTLSv1_2(ssl))
|
||||
if (!IsAtLeastTLSv1_2(ssl)) {
|
||||
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS));
|
||||
}
|
||||
#if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS)
|
||||
if (!IsAtLeastTLSv1_3(ssl->version)) {
|
||||
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE));
|
||||
@ -11506,7 +11507,7 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset)
|
||||
*/
|
||||
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY));
|
||||
#endif
|
||||
#endif
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
||||
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
||||
/* mark already sent, so it won't send it */
|
||||
@ -11591,33 +11592,34 @@ int TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType, word16* pLength)
|
||||
#ifndef NO_WOLFSSL_SERVER
|
||||
case server_hello:
|
||||
PF_VALIDATE_RESPONSE(ssl, semaphore);
|
||||
#ifdef WOLFSSL_TLS13
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE);
|
||||
TURN_OFF(semaphore,
|
||||
TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS));
|
||||
#ifdef HAVE_SUPPORTED_CURVES
|
||||
if (!ssl->options.noPskDheKe)
|
||||
#ifdef HAVE_SUPPORTED_CURVES
|
||||
if (!ssl->options.noPskDheKe) {
|
||||
TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE));
|
||||
#endif
|
||||
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
|
||||
}
|
||||
#endif
|
||||
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
|
||||
TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY));
|
||||
#endif
|
||||
#ifdef WOLFSSL_DTLS_CID
|
||||
#endif
|
||||
#ifdef WOLFSSL_DTLS_CID
|
||||
TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_CONNECTION_ID));
|
||||
#endif /* WOLFSSL_DTLS_CID */
|
||||
#endif
|
||||
}
|
||||
#if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS)
|
||||
#if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS)
|
||||
else {
|
||||
#ifdef HAVE_SUPPORTED_CURVES
|
||||
#ifdef HAVE_SUPPORTED_CURVES
|
||||
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE));
|
||||
#endif
|
||||
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
|
||||
#endif
|
||||
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
|
||||
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY));
|
||||
#endif
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
break;
|
||||
|
||||
#ifdef WOLFSSL_TLS13
|
||||
|
55
tests/api.c
55
tests/api.c
@ -402,7 +402,7 @@ typedef struct testVector {
|
||||
/* Test failed. */
|
||||
#define TEST_FAIL (0)
|
||||
/* Test skipped - not run. */
|
||||
#define TEST_SKIPPED (-1)
|
||||
#define TEST_SKIPPED (-7777)
|
||||
|
||||
/* Returns the result based on whether check is true.
|
||||
*
|
||||
@ -2897,8 +2897,11 @@ static int test_wolfSSL_CertRsaPss(void)
|
||||
XFILE f;
|
||||
const char* rsaPssSha256Cert = "./certs/rsapss/ca-rsapss.der";
|
||||
const char* rsaPssRootSha256Cert = "./certs/rsapss/root-rsapss.pem";
|
||||
#if defined(WOLFSSL_SHA384) && RSA_MAX_SIZE >= 3072
|
||||
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_PSS_LONG_SALT) && \
|
||||
RSA_MAX_SIZE >= 3072
|
||||
const char* rsaPssSha384Cert = "./certs/rsapss/ca-3072-rsapss.der";
|
||||
#endif
|
||||
#if defined(WOLFSSL_SHA384) && RSA_MAX_SIZE >= 3072
|
||||
const char* rsaPssRootSha384Cert = "./certs/rsapss/root-3072-rsapss.pem";
|
||||
#endif
|
||||
DecodedCert cert;
|
||||
@ -3290,7 +3293,7 @@ static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void)
|
||||
static int test_wolfSSL_CTX_der_load_verify_locations(void)
|
||||
{
|
||||
int res = TEST_SKIPPED;
|
||||
#if defined(WOLFSSL_DER_LOAD) && \
|
||||
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_DER_LOAD) && \
|
||||
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
|
||||
WOLFSSL_CTX* ctx = NULL;
|
||||
const char* derCert = "./certs/server-cert.der";
|
||||
@ -7326,9 +7329,11 @@ static void test_wolfSSL_CTX_add_session_ctx_ready(WOLFSSL_CTX* ctx)
|
||||
/* Don't store sessions. Lookup is still enabled. */
|
||||
AssertIntEQ(wolfSSL_CTX_set_session_cache_mode(ctx,
|
||||
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE), WOLFSSL_SUCCESS);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
AssertIntEQ(wolfSSL_CTX_get_session_cache_mode(ctx) &
|
||||
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE,
|
||||
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE);
|
||||
#endif
|
||||
/* Require both peers to provide certs */
|
||||
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
|
||||
}
|
||||
@ -7391,9 +7396,11 @@ static void test_wolfSSL_CTX_add_session_on_result(WOLFSSL* ssl)
|
||||
AssertNotNull(peer);
|
||||
wolfSSL_X509_free(peer);
|
||||
AssertNotNull(wolfSSL_SESSION_get_peer_chain(*sess));
|
||||
AssertNotNull(wolfSSL_SESSION_get0_peer(*sess));
|
||||
#ifdef OPENSSL_EXTRA
|
||||
AssertNotNull(SSL_SESSION_get0_peer(*sess));
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
#endif /* SESSION_CERTS */
|
||||
}
|
||||
|
||||
static void test_wolfSSL_CTX_add_session_ssl_ready(WOLFSSL* ssl)
|
||||
@ -9229,7 +9236,8 @@ static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void)
|
||||
return res;
|
||||
}
|
||||
|
||||
#if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC))
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_SERVER) && \
|
||||
(!defined(NO_RSA) || defined(HAVE_ECC))
|
||||
/* Called when writing. */
|
||||
static int DummySend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
||||
{
|
||||
@ -9269,7 +9277,8 @@ static int BufferInfoRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
||||
static int test_tls_ext_duplicate(void)
|
||||
{
|
||||
int res = TEST_SKIPPED;
|
||||
#if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC))
|
||||
#if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC)) && \
|
||||
!defined(NO_FILESYSTEM)
|
||||
const unsigned char clientHelloDupTlsExt[] = {
|
||||
0x16, 0x03, 0x03, 0x00, 0x6a, 0x01, 0x00, 0x00,
|
||||
0x66, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe,
|
||||
@ -27326,7 +27335,7 @@ static int test_wc_Ed448PrivateKeyToDer(void)
|
||||
static int test_wc_SetSubjectBuffer(void)
|
||||
{
|
||||
int res = TEST_SKIPPED;
|
||||
#if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
|
||||
#if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
|
||||
Cert cert;
|
||||
FILE* file;
|
||||
byte* der;
|
||||
@ -28291,7 +28300,7 @@ static int test_wc_PKCS7_EncodeSignedData_ex(void)
|
||||
} /* END test_wc_PKCS7_EncodeSignedData_ex */
|
||||
|
||||
|
||||
#if defined(HAVE_PKCS7)
|
||||
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
|
||||
|
||||
/**
|
||||
* Loads certs/keys from files or buffers into the argument buffers,
|
||||
@ -28590,7 +28599,7 @@ static int CreatePKCS7SignedData(unsigned char* output, int outputSz,
|
||||
static int test_wc_PKCS7_VerifySignedData(void)
|
||||
{
|
||||
int res = TEST_SKIPPED;
|
||||
#if defined(HAVE_PKCS7)
|
||||
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
|
||||
PKCS7* pkcs7;
|
||||
byte output[6000]; /* Large size needed for bundles with int CA certs */
|
||||
word32 outputSz = sizeof(output);
|
||||
@ -29009,9 +29018,11 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
|
||||
#endif /* USE_CERT_BUFFERS_256 */
|
||||
#endif /* END HAVE_ECC */
|
||||
|
||||
#ifndef NO_FILESYSTEM
|
||||
/* Silence. */
|
||||
(void)keyFile;
|
||||
(void)certFile;
|
||||
#endif
|
||||
|
||||
{
|
||||
const pkcs7EnvelopedVector testVectors[] = {
|
||||
@ -31310,12 +31321,12 @@ static int test_wc_GetPubKeyDerFromCert(void)
|
||||
byte keyDer[TWOK_BUF]; /* large enough for up to RSA 2048 */
|
||||
word32 keyDerSz = (word32)sizeof(keyDer);
|
||||
DecodedCert decoded;
|
||||
#if !defined(NO_RSA) && defined(WOLFSSL_CERT_REQ)
|
||||
#if !defined(NO_RSA) && defined(WOLFSSL_CERT_REQ) && !defined(NO_FILESYSTEM)
|
||||
byte certBuf[6000]; /* for PEM and CSR, client-cert.pem is 5-6kB */
|
||||
word32 certBufSz = sizeof(certBuf);
|
||||
#endif
|
||||
#if ((!defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_1024)) || \
|
||||
defined(WOLFSSL_CERT_REQ)) && !defined(NO_RSA)
|
||||
defined(WOLFSSL_CERT_REQ)) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
|
||||
XFILE fp;
|
||||
#endif
|
||||
#ifndef NO_RSA
|
||||
@ -31390,7 +31401,7 @@ static int test_wc_GetPubKeyDerFromCert(void)
|
||||
wc_FreeDecodedCert(&decoded);
|
||||
|
||||
/* Certificate Request Tests */
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
#if defined(WOLFSSL_CERT_REQ) && !defined(NO_FILESYSTEM)
|
||||
{
|
||||
XMEMSET(certBuf, 0, sizeof(certBuf));
|
||||
fp = XFOPEN("./certs/csr.signed.der", "rb");
|
||||
@ -37597,9 +37608,10 @@ static int test_wolfSSL_X509_get_ext_count(void)
|
||||
static int test_wolfSSL_X509_sign2(void)
|
||||
{
|
||||
int res = TEST_SKIPPED;
|
||||
/* test requires WOLFSSL_AKID_NAME to match expected output */
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \
|
||||
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_ALT_NAMES) && \
|
||||
defined(WOLFSSL_CERT_EXT) && \
|
||||
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_AKID_NAME) && \
|
||||
(defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME))
|
||||
WOLFSSL_X509 *x509, *ca;
|
||||
const unsigned char *der;
|
||||
@ -55731,7 +55743,7 @@ static int test_ENGINE_cleanup(void)
|
||||
static int test_wolfSSL_CTX_LoadCRL(void)
|
||||
{
|
||||
int res = TEST_SKIPPED;
|
||||
#if defined(HAVE_CRL) && !defined(NO_RSA)
|
||||
#if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
|
||||
WOLFSSL_CTX* ctx = NULL;
|
||||
WOLFSSL* ssl = NULL;
|
||||
const char* badPath = "dummypath";
|
||||
@ -59088,7 +59100,10 @@ static int test_wolfSSL_DTLS_fragment_buckets(void)
|
||||
}
|
||||
|
||||
#endif
|
||||
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
|
||||
|
||||
|
||||
#if !defined(NO_FILESYSTEM) && \
|
||||
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
|
||||
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
|
||||
|
||||
static int test_wolfSSL_dtls_stateless2(void)
|
||||
@ -60537,7 +60552,8 @@ TEST_CASE testCases[] = {
|
||||
TEST_DECL(test_wolfSSL_DtlsUpdateWindow),
|
||||
TEST_DECL(test_wolfSSL_DTLS_fragment_buckets),
|
||||
#endif
|
||||
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
|
||||
#if !defined(NO_FILESYSTEM) && \
|
||||
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
|
||||
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
|
||||
#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
|
||||
TEST_DECL(test_wolfSSL_dtls_stateless_resume),
|
||||
@ -60713,7 +60729,10 @@ void ApiTest(void)
|
||||
printf(" %s\n", apitest_res_string(ret));
|
||||
}
|
||||
fflush(stdout);
|
||||
AssertIntNE(ret, TEST_FAIL);
|
||||
/* if return code is < 0 and not skipped then assert error */
|
||||
Assert((ret > 0 || ret == TEST_SKIPPED),
|
||||
("Test failed\n"),
|
||||
("ret %d", ret));
|
||||
|
||||
TestCleanup();
|
||||
}
|
||||
|
@ -13195,7 +13195,8 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
|
||||
cert->subjectEmail = (char*)&input[srcIdx];
|
||||
cert->subjectEmailLen = strLen;
|
||||
}
|
||||
#if defined(WOLFSSL_HAVE_ISSUER_NAMES)
|
||||
#if defined(WOLFSSL_HAVE_ISSUER_NAMES) && \
|
||||
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT))
|
||||
else if (nameType == ISSUER) {
|
||||
cert->issuerEmail = (char*)&input[srcIdx];
|
||||
cert->issuerEmailLen = strLen;
|
||||
@ -15059,7 +15060,7 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
|
||||
sigCtx->state = SIG_STATE_BEGIN;
|
||||
}
|
||||
|
||||
#ifndef NO_ASN_CRYPT
|
||||
#if !defined(NO_ASN_CRYPT) && !defined(NO_HASH_WRAPPER)
|
||||
static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID,
|
||||
byte* digest, int* typeH, int* digestSz, int verify)
|
||||
{
|
||||
@ -15226,7 +15227,7 @@ static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID,
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* !NO_ASN_CRYPT */
|
||||
#endif /* !NO_ASN_CRYPT && !NO_HASH_WRAPPER */
|
||||
|
||||
/* Return codes: 0=Success, Negative (see error-crypt.h), ASN_SIG_CONFIRM_E */
|
||||
static int ConfirmSignature(SignatureCtx* sigCtx,
|
||||
@ -15926,7 +15927,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
||||
break;
|
||||
}
|
||||
#endif /* !NO_DSA && !HAVE_SELFTEST */
|
||||
#if defined(HAVE_ECC)
|
||||
#if defined(HAVE_ECC) && defined(HAVE_ECC_VERIFY)
|
||||
case ECDSAk:
|
||||
{
|
||||
#if defined(HAVE_PK_CALLBACKS)
|
||||
@ -22343,6 +22344,7 @@ wcchar END_PUB_KEY = "-----END PUBLIC KEY-----";
|
||||
const int pem_struct_min_sz = XSTR_SIZEOF("-----BEGIN X509 CRL-----"
|
||||
"-----END X509 CRL-----");
|
||||
|
||||
#ifdef WOLFSSL_PEM_TO_DER
|
||||
static WC_INLINE const char* SkipEndOfLineChars(const char* line,
|
||||
const char* endOfLine)
|
||||
{
|
||||
@ -22353,6 +22355,7 @@ static WC_INLINE const char* SkipEndOfLineChars(const char* line,
|
||||
}
|
||||
return line;
|
||||
}
|
||||
#endif
|
||||
|
||||
int wc_PemGetHeaderFooter(int type, const char** header, const char** footer)
|
||||
{
|
||||
@ -27735,7 +27738,7 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, int sz,
|
||||
}
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN)
|
||||
if (!rsaKey && eccKey) {
|
||||
word32 outSz = sigSz;
|
||||
|
||||
@ -27744,7 +27747,7 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, int sz,
|
||||
if (ret == 0)
|
||||
ret = outSz;
|
||||
}
|
||||
#endif /* HAVE_ECC */
|
||||
#endif /* HAVE_ECC && HAVE_ECC_SIGN */
|
||||
|
||||
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_SIGN)
|
||||
if (!rsaKey && !eccKey && ed25519Key) {
|
||||
@ -35166,9 +35169,7 @@ static int GetRevoked(RevokedCert* rcert, const byte* buff, word32* idx,
|
||||
DecodedCRL* dcrl, int maxIdx)
|
||||
{
|
||||
#ifndef WOLFSSL_ASN_TEMPLATE
|
||||
#ifndef NO_ASN_TIME
|
||||
int ret;
|
||||
#endif
|
||||
int len;
|
||||
word32 end;
|
||||
RevokedCert* rc;
|
||||
|
@ -225,7 +225,8 @@ ECC Curve Sizes:
|
||||
/* forward declarations */
|
||||
static int wc_ecc_new_point_ex(ecc_point** point, void* heap);
|
||||
static void wc_ecc_del_point_ex(ecc_point* p, void* heap);
|
||||
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
|
||||
#if defined(HAVE_ECC_SIGN) && (defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
|
||||
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT))
|
||||
static int deterministic_sign_helper(const byte* in, word32 inlen, ecc_key* key);
|
||||
#endif
|
||||
|
||||
@ -1257,7 +1258,7 @@ const size_t ecc_sets_count = ECC_SET_COUNT - 1;
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef HAVE_COMP_KEY
|
||||
#if defined(HAVE_COMP_KEY) && defined(HAVE_ECC_KEY_EXPORT)
|
||||
static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen);
|
||||
#endif
|
||||
|
||||
@ -14373,7 +14374,7 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
|
||||
#endif /* !WOLFSSL_SP_MATH */
|
||||
#endif /* !WOLFSSL_ATECC508A && !WOLFSSL_ATECC608A && !WOLFSSL_CRYPTOCELL */
|
||||
|
||||
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
/* export public ECC key in ANSI X9.63 format compressed */
|
||||
static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen)
|
||||
{
|
||||
@ -14414,7 +14415,7 @@ static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif /* HAVE_ECC_KEY_EXPORT */
|
||||
#endif /* HAVE_COMP_KEY */
|
||||
|
||||
|
||||
@ -14479,7 +14480,7 @@ int wc_ecc_set_custom_curve(ecc_key* key, const ecc_set_type* dp)
|
||||
}
|
||||
#endif /* WOLFSSL_CUSTOM_CURVES */
|
||||
|
||||
#ifdef HAVE_X963_KDF
|
||||
#if defined(HAVE_X963_KDF) && !defined(NO_HASH_WRAPPER)
|
||||
|
||||
static WC_INLINE void IncrementX963KdfCounter(byte* inOutCtr)
|
||||
{
|
||||
@ -14581,7 +14582,7 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz,
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* HAVE_X963_KDF */
|
||||
#endif /* HAVE_X963_KDF && !NO_HASH_WRAPPER */
|
||||
|
||||
#ifdef WOLFSSL_SE050
|
||||
/* Use specified hardware key ID with ecc_key operations. Unlike devId,
|
||||
|
@ -54,7 +54,7 @@
|
||||
#include <wolfssl/wolfcrypt/kdf.h>
|
||||
|
||||
|
||||
#ifdef WOLFSSL_HAVE_PRF
|
||||
#if defined(WOLFSSL_HAVE_PRF) && !defined(NO_HMAC)
|
||||
|
||||
#ifdef WOLFSSL_SHA512
|
||||
#define P_HASH_MAX_SIZE WC_SHA512_DIGEST_SIZE
|
||||
@ -335,7 +335,7 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_HAVE_PRF */
|
||||
#endif /* WOLFSSL_HAVE_PRF && !NO_HMAC */
|
||||
|
||||
|
||||
#if defined(HAVE_HKDF) && !defined(NO_HMAC)
|
||||
|
@ -834,8 +834,8 @@ WC_STATIC WC_INLINE word32 MakeWordFromHash(const byte* hashID)
|
||||
#endif /* HAVE_SESSION_TICKET || !NO_CERTS || !NO_SESSION_CACHE */
|
||||
|
||||
|
||||
#if !defined(WOLFCRYPT_ONLY) && (!defined(NO_SESSION_CACHE) || \
|
||||
defined(HAVE_SESSION_TICKET))
|
||||
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_HASH_WRAPPER) && \
|
||||
(!defined(NO_SESSION_CACHE) || defined(HAVE_SESSION_TICKET))
|
||||
|
||||
#include <wolfssl/wolfcrypt/hash.h>
|
||||
|
||||
@ -856,7 +856,8 @@ WC_STATIC WC_INLINE word32 HashObject(const byte* o, word32 len, int* error)
|
||||
|
||||
return *error == 0 ? MakeWordFromHash(digest) : 0; /* 0 on failure */
|
||||
}
|
||||
#endif /* WOLFCRYPT_ONLY && (!NO_SESSION_CACHE || HAVE_SESSION_TICKET) */
|
||||
#endif /* WOLFCRYPT_ONLY && !NO_HASH_WRAPPER &&
|
||||
* (!NO_SESSION_CACHE || HAVE_SESSION_TICKET) */
|
||||
|
||||
#undef WC_STATIC
|
||||
|
||||
|
@ -1611,7 +1611,7 @@ int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
|
||||
|
||||
/* UnPadding */
|
||||
#ifndef WC_NO_RSA_OAEP
|
||||
#if !defined(WC_NO_RSA_OAEP) && !defined(NO_HASH_WRAPPER)
|
||||
/* UnPad plaintext, set start to *output, return length of plaintext,
|
||||
* < 0 on error */
|
||||
static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
|
||||
@ -1724,7 +1724,7 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
|
||||
*output = (byte*)(pkcsBlock + idx);
|
||||
return pkcsBlockLen - idx;
|
||||
}
|
||||
#endif /* WC_NO_RSA_OAEP */
|
||||
#endif /* !WC_NO_RSA_OAEP */
|
||||
|
||||
#ifdef WC_RSA_PSS
|
||||
/* 0x00 .. 0x00 0x01 | Salt | Gen Hash | 0xbc
|
||||
|
@ -13149,7 +13149,7 @@ WOLFSSL_TEST_SUBROUTINE int memory_test(void)
|
||||
static const char* certEccRsaDerFile = CERT_WRITE_TEMP_DIR "certeccrsa.der";
|
||||
#endif
|
||||
#if defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) && \
|
||||
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
|
||||
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(NO_ASN_CRYPT)
|
||||
static const char* eccCaKeyPemFile = CERT_WRITE_TEMP_DIR "ecc-key.pem";
|
||||
static const char* eccPubKeyDerFile = CERT_WRITE_TEMP_DIR "ecc-public-key.der";
|
||||
static const char* eccCaKeyTempFile = CERT_WRITE_TEMP_DIR "ecc-key.der";
|
||||
@ -22624,6 +22624,7 @@ static int ecc_test_vector_item(const eccVector* vector)
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ECC_VERIFY
|
||||
do {
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT)
|
||||
ret = wc_AsyncWait(ret, &userA->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
@ -22638,6 +22639,7 @@ static int ecc_test_vector_item(const eccVector* vector)
|
||||
|
||||
if (verify != 1)
|
||||
ret = -9812;
|
||||
#endif
|
||||
|
||||
done:
|
||||
|
||||
@ -23349,7 +23351,7 @@ done:
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ECC_CDH
|
||||
#if defined(HAVE_ECC_CDH) && defined(HAVE_ECC_DHE)
|
||||
static int ecc_test_cdh_vectors(WC_RNG* rng)
|
||||
{
|
||||
int ret;
|
||||
@ -23449,7 +23451,7 @@ done:
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* HAVE_ECC_CDH */
|
||||
#endif /* HAVE_ECC_CDH && HAVE_ECC_DHE */
|
||||
#endif /* HAVE_ECC_VECTOR_TEST */
|
||||
|
||||
#ifdef HAVE_ECC_KEY_IMPORT
|
||||
@ -23933,20 +23935,17 @@ done:
|
||||
static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
int curve_id, const ecc_set_type* dp)
|
||||
{
|
||||
#if (defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)) && !defined(WC_NO_RNG) && \
|
||||
#if defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) && \
|
||||
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
|
||||
WC_DECLARE_VAR(sharedA, byte, ECC_SHARED_SIZE, HEAP_HINT);
|
||||
WC_DECLARE_VAR(sharedB, byte, ECC_SHARED_SIZE, HEAP_HINT);
|
||||
word32 y;
|
||||
#endif
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
#define ECC_KEY_EXPORT_BUF_SIZE (MAX_ECC_BYTES * 2 + 32)
|
||||
WC_DECLARE_VAR(exportBuf, byte, ECC_KEY_EXPORT_BUF_SIZE, HEAP_HINT);
|
||||
#endif
|
||||
word32 x = 0;
|
||||
#if (defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)) && !defined(WC_NO_RNG) && \
|
||||
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
|
||||
word32 y;
|
||||
#endif
|
||||
#if defined(HAVE_ECC_SIGN) && !defined(WOLFSSL_KCAPI_ECC)
|
||||
WC_DECLARE_VAR(sig, byte, ECC_SIG_SIZE, HEAP_HINT);
|
||||
WC_DECLARE_VAR(digest, byte, ECC_DIGEST_SIZE, HEAP_HINT);
|
||||
@ -24108,7 +24107,6 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
if (XMEMCMP(sharedA, sharedB, x))
|
||||
ERROR_OUT(-9920, done);
|
||||
TEST_SLEEP();
|
||||
#endif /* HAVE_ECC_DHE */
|
||||
|
||||
#ifdef HAVE_ECC_CDH
|
||||
/* add cofactor flag */
|
||||
@ -24149,6 +24147,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
wc_ecc_set_flags(userA, 0);
|
||||
wc_ecc_set_flags(userB, 0);
|
||||
#endif /* HAVE_ECC_CDH */
|
||||
#endif /* HAVE_ECC_DHE */
|
||||
#endif /* !WOLFSSL_ATECC508A && WOLFSSL_ATECC608A */
|
||||
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
@ -26273,7 +26272,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
|
||||
goto done;
|
||||
}
|
||||
#endif
|
||||
#ifdef HAVE_ECC_CDH
|
||||
#if defined(HAVE_ECC_CDH) && defined(HAVE_ECC_DHE)
|
||||
ret = ecc_test_cdh_vectors(&rng);
|
||||
if (ret != 0) {
|
||||
printf("ecc_test_cdh_vectors failed! %d\n", ret);
|
||||
@ -44262,6 +44261,6 @@ WOLFSSL_TEST_SUBROUTINE int aes_siv_test(void)
|
||||
|
||||
#else
|
||||
#ifndef NO_MAIN_DRIVER
|
||||
int main() { return 0; }
|
||||
int main(void) { return 0; }
|
||||
#endif
|
||||
#endif /* NO_CRYPT_TEST */
|
||||
|
@ -3651,7 +3651,7 @@ typedef struct Ciphers {
|
||||
#ifdef HAVE_CHACHA
|
||||
ChaCha* chacha;
|
||||
#endif
|
||||
#if defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER)
|
||||
#if defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER) && !defined(NO_HMAC)
|
||||
Hmac* hmac;
|
||||
#endif
|
||||
#ifdef WOLFSSL_CIPHER_TEXT_CHECK
|
||||
|
@ -218,6 +218,8 @@ WOLFSSL_API
|
||||
int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh);
|
||||
#endif /* NO_FILESYSTEM */
|
||||
|
||||
#define PEM_BUFSIZE WOLF_PEM_BUFSIZE
|
||||
|
||||
#define PEM_read wolfSSL_PEM_read
|
||||
#define PEM_read_bio wolfSSL_PEM_read_bio
|
||||
#define PEM_write wolfSSL_PEM_write
|
||||
|
@ -362,6 +362,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
||||
#define SSL_SESSION_set_cipher wolfSSL_SESSION_set_cipher
|
||||
#define SSL_is_init_finished wolfSSL_is_init_finished
|
||||
|
||||
#define SSL_SESSION_set1_id wolfSSL_SESSION_set1_id
|
||||
#define SSL_SESSION_set1_id_context wolfSSL_SESSION_set1_id_context
|
||||
|
||||
#define SSL_get_version wolfSSL_get_version
|
||||
#define SSL_get_current_cipher wolfSSL_get_current_cipher
|
||||
|
||||
|
@ -2516,8 +2516,6 @@ WOLFSSL_API void wolfSSL_ERR_print_errors(WOLFSSL_BIO *bio);
|
||||
#define SSL_R_TLSV1_ALERT_UNKNOWN_CA WOLFSSL_R_TLSV1_ALERT_UNKNOWN_CA
|
||||
#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN WOLFSSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN
|
||||
#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE WOLFSSL_R_SSLV3_ALERT_BAD_CERTIFICATE
|
||||
|
||||
#define PEM_BUFSIZE WOLF_PEM_BUFSIZE
|
||||
#endif
|
||||
|
||||
enum { /* ssl Constants */
|
||||
@ -5009,8 +5007,8 @@ WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context(
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
WOLFSSL_API int SSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid, unsigned int sid_len);
|
||||
WOLFSSL_API int SSL_SESSION_set1_id_context(WOLFSSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
|
||||
WOLFSSL_API int wolfSSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid, unsigned int sid_len);
|
||||
WOLFSSL_API int wolfSSL_SESSION_set1_id_context(WOLFSSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
|
||||
WOLFSSL_API WOLFSSL_X509_ALGOR* wolfSSL_X509_ALGOR_new(void);
|
||||
WOLFSSL_API void wolfSSL_X509_ALGOR_free(WOLFSSL_X509_ALGOR *alg);
|
||||
WOLFSSL_API const WOLFSSL_X509_ALGOR* wolfSSL_X509_get0_tbs_sigalg(const WOLFSSL_X509 *x);
|
||||
|
@ -3681,7 +3681,7 @@ static WC_INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
|
||||
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#ifdef HAVE_HKDF
|
||||
#if defined(HAVE_HKDF) && !defined(NO_HMAC)
|
||||
static WC_INLINE int myHkdfExtract(byte* prk, const byte* salt, word32 saltLen,
|
||||
byte* ikm, word32 ikmLen, int digest, void* ctx)
|
||||
{
|
||||
@ -3722,7 +3722,7 @@ static WC_INLINE int myHkdfExtract(byte* prk, const byte* salt, word32 saltLen,
|
||||
ikmLen);
|
||||
return ret;
|
||||
}
|
||||
#endif /* HAVE_HKDF */
|
||||
#endif /* HAVE_HKDF && !NO_HMAC */
|
||||
|
||||
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
|
||||
#ifdef HAVE_ED25519_SIGN
|
||||
@ -4590,9 +4590,9 @@ static WC_INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx)
|
||||
wolfSSL_CTX_SetEccVerifyCb(ctx, myEccVerify);
|
||||
wolfSSL_CTX_SetEccSharedSecretCb(ctx, myEccSharedSecret);
|
||||
#endif /* HAVE_ECC */
|
||||
#ifdef HAVE_HKDF
|
||||
#if defined(HAVE_HKDF) && !defined(NO_HMAC)
|
||||
wolfSSL_CTX_SetHKDFExtractCb(ctx, myHkdfExtract);
|
||||
#endif /* HAVE_HKDF */
|
||||
#endif /* HAVE_HKDF && !NO_HMAC */
|
||||
#ifndef NO_DH
|
||||
wolfSSL_CTX_SetDhAgreeCb(ctx, myDhCallback);
|
||||
#endif
|
||||
@ -5131,12 +5131,14 @@ void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName);
|
||||
|
||||
#define DTLS_CID_BUFFER_SIZE 256
|
||||
|
||||
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
|
||||
#if !defined(NO_FILESYSTEM) && ( \
|
||||
defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
|
||||
&& defined(WOLFSSL_TLS13) && \
|
||||
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\
|
||||
|| \
|
||||
(defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
|
||||
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER))
|
||||
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)))
|
||||
|
||||
#define TEST_MEMIO_BUF_SZ (64 * 1024)
|
||||
struct test_memio_ctx
|
||||
{
|
||||
|
Loading…
x
Reference in New Issue
Block a user