diff --git a/.gitignore b/.gitignore
index b56e72cb6..6d4149397 100644
--- a/.gitignore
+++ b/.gitignore
@@ -208,14 +208,6 @@ TAGS
support/cyassl.pc
support/wolfssl.pc
cyassl/ctaocrypt/stamp-h1
-swig/_cyassl.so
-swig/_wolfssl.so
-swig/cyassl.py
-swig/wolfssl.py
-swig/cyassl.pyc
-swig/wolfssl.pyc
-swig/cyassl_wrap.c
-swig/wolfssl_wrap.c
stamp-h1
clang_output_*
internal.plist
diff --git a/ChangeLog.md b/ChangeLog.md
index 59e794c83..b5594f508 100644
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -1,3 +1,10 @@
+# wolfSSL Release 5.X.X (TBD)
+Release 5.X.X of wolfSSL embedded TLS has bug fixes and new features including:
+
+###### Wrappers
+* swig wrapper removed (./swig) - for Java wrappers, see wolfSSL JNI/JSSE and wolfCrypt JNI/JCE. For Python wrapper see wolfssl-py and wolfcrypt-py.
+
+
# wolfSSL Release 5.0.0 (Nov 01, 2021)
Release 5.0.0 of wolfSSL embedded TLS has bug fixes and new features including:
diff --git a/IDE/XilinxSDK/2018_2/.cproject b/IDE/XilinxSDK/2018_2/.cproject
index 32c36ab58..5a631067b 100644
--- a/IDE/XilinxSDK/2018_2/.cproject
+++ b/IDE/XilinxSDK/2018_2/.cproject
@@ -85,7 +85,7 @@
-
+
@@ -175,7 +175,7 @@
-
+
diff --git a/LPCExpresso.cproject b/LPCExpresso.cproject
index 1db9a198e..0bd59354c 100644
--- a/LPCExpresso.cproject
+++ b/LPCExpresso.cproject
@@ -66,7 +66,7 @@
-
+
@@ -152,7 +152,7 @@
-
+
diff --git a/Makefile.am b/Makefile.am
index dc7014d27..5ef6057cc 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -161,7 +161,6 @@ include cyassl/include.am
include wolfssl/include.am
include certs/include.am
include doc/include.am
-include swig/include.am
include src/include.am
include support/include.am
diff --git a/SCRIPTS-LIST b/SCRIPTS-LIST
index 8b03e778f..d0a781cf1 100644
--- a/SCRIPTS-LIST
+++ b/SCRIPTS-LIST
@@ -38,8 +38,6 @@ scripts/
ocsp-stapling2.test - example client test against example server, part of tests
sniffer-testsuite.test - runs snifftest on a pcap of testsuite, part of tests
in sniffer mode
-swig/
- PythonBuild.sh - builds and runs simple python example
valgrind-error.sh - deprecated, was used to detect valgrind errors before
automake switched to concurrent tests
diff --git a/swig/PythonBuild.sh b/swig/PythonBuild.sh
deleted file mode 100755
index ae4ac45f4..000000000
--- a/swig/PythonBuild.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-echo
-swig -python wolfssl.i
-pythonIncludes=`python-config --includes`
-pythonLibs=`python-config --libs`
-gcc -c -fpic wolfssl_wrap.c -I$pythonIncludes
-gcc -c -fpic wolfssl_adds.c
-gcc -shared -flat_namespace wolfssl_adds.o wolfssl_wrap.o -lwolfssl $pythonLibs -o _wolfssl.so
-python runme.py
diff --git a/swig/README b/swig/README
deleted file mode 100644
index 22f99c368..000000000
--- a/swig/README
+++ /dev/null
@@ -1,45 +0,0 @@
-
-
-Initial swig interface file
-
-Please send questions to support@wolfssl.com
-
-
-
-**Python Support**
-
- For Linux, OS X, or *nix
-
-1) build wolfSSL with fpic on Linux, not needed on OS X
- ./configure --disable-shared CFLAGS=-fpic
- make
- sudo make install
-
- NOTE: if you want to use pbkdf pkcs #12 algorithm you should build CyaSSL with --enable-pwdbased:
- ./configure --disable-shared --enable-pwdbased CFLAGS=-fpic
-
-2) start the example server from the root directory
- ./examples/server/server -d
-
-3) run ./PythonBuild.sh from this directory it will
- a) build the swig wrapper file
- b) compile the swig wrapper and wolfssl wrapper files
- c) place them into a wolfssl shared library for python
- d) run runme.py which will connect to the wolfSSL server, write a
- string, then read the result and output it
-
-
- Windows only
-
-1) Make sure the install path to wolfssl doesn't have any spaces anywhere in the
- directory path because swig doesn't like that
-2) Have python for Windows installed, note install directory
-3) Have swigwin installed, note install directory
-4) Make sure swigwin install directory is added to PATH env. variable
-5) Make sure env. variables PYTHON_INCLUDE and PYTHON_LIB are set correctly e.g.
- PYTHON_INCLUE="c:\Python26\include"
- PYTHON_LIB="c:\Python26\libs\python26.lib"
-6) Build python_wolfssl in Release mode only, Debug build fails to find a debug
- python library that isn't included by default
-7) The outputs _wolfssl.pyd and wolfssl.py are the wolfssl import library
-8) Can now run python runme.py from the swig directory
diff --git a/swig/include.am b/swig/include.am
deleted file mode 100644
index 3bd4c0920..000000000
--- a/swig/include.am
+++ /dev/null
@@ -1,12 +0,0 @@
-# vim:ft=automake
-# All paths should be given relative to the root
-
-EXTRA_DIST+= \
- swig/PythonBuild.sh \
- swig/README \
- swig/wolfssl.i \
- swig/wolfssl_adds.c \
- swig/python_wolfssl.vcproj \
- swig/rsasign.py \
- swig/runme.py
-
diff --git a/swig/pbkdf_pkcs12.py b/swig/pbkdf_pkcs12.py
deleted file mode 100644
index 586042ebe..000000000
--- a/swig/pbkdf_pkcs12.py
+++ /dev/null
@@ -1,44 +0,0 @@
-"""A simple example how to use PBKDF PKCS #12 algorithm."""
-
-import wolfssl
-import os
-import random
-import string
-
-
-PASSWORD_LENGTH = 16
-SALT_LENGTH = 8
-KEY_LENGTH = 16
-ITERATIONS = 256
-SHA256 = 2 # Hashtype, stands for Sha256 in wolfssl.
-
-
-def to_c_byte_array(content):
- output = wolfssl.byteArray(len(content))
- for i, ch in enumerate(content):
- output[i] = ord(ch)
- return output
-
-
-password = ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(PASSWORD_LENGTH))
-salt = os.urandom(SALT_LENGTH)
-key = wolfssl.byteArray(KEY_LENGTH)
-
-# params:
-# key :: bytearray output
-# passwd :: bytearray password that is used to derive the key
-# pLen :: password length
-# salt :: bytearray salt
-# sLen :: salt length
-# iterations :: number of iterations
-# kLen :: key length
-# hashType :: int, SHA256 stands for 2
-# purpose :: int, not really sure what it does, 1 was used in the tests
-wolfssl.wc_PKCS12_PBKDF(key, to_c_byte_array(password), PASSWORD_LENGTH, to_c_byte_array(salt), SALT_LENGTH, ITERATIONS,
- KEY_LENGTH, SHA256, 1)
-key = wolfssl.cdata(key, KEY_LENGTH)
-assert len(key) == KEY_LENGTH, "Generated key has length %s, whereas should have length %s" % (len(key), KEY_LENGTH)
-
-print 'Generated key: %s\nfor password: %s' % (key, password)
-print 'Bytes:'
-print [b for b in key]
diff --git a/swig/pbkdf_pkcs12_test.py b/swig/pbkdf_pkcs12_test.py
deleted file mode 100644
index 30a190f37..000000000
--- a/swig/pbkdf_pkcs12_test.py
+++ /dev/null
@@ -1,37 +0,0 @@
-# test data from test.c
-
-import wolfssl
-
-KEY_LENGTH = 24
-SHA256 = 2 # Hashtype, stands for Sha256 in wolfssl.
-
-
-def to_c_byte_array(content):
- output = wolfssl.byteArray(len(content))
- for i, ch in enumerate(content):
- output[i] = ord(ch)
- return output
-
-
-password = '\x00\x73\x00\x6d\x00\x65\x00\x67\x00\x00'
-salt = '\x0a\x58\xCF\x64\x53\x0d\x82\x3f'
-key = wolfssl.byteArray(KEY_LENGTH)
-verify = '\x27\xE9\x0D\x7E\xD5\xA1\xC4\x11\xBA\x87\x8B\xC0\x90\xF5\xCE\xBE\x5E\x9D\x5F\xE3\xD6\x2B\x73\xAA'
-
-wolfssl.wc_PKCS12_PBKDF(key, to_c_byte_array(password), len(password),
- to_c_byte_array(salt), len(salt), 1, KEY_LENGTH,
- SHA256, 1)
-key = wolfssl.cdata(key, KEY_LENGTH)
-assert key == verify
-
-
-password = '\x00\x71\x00\x75\x00\x65\x00\x65\x00\x67\x00\x00'
-salt = '\x16\x82\xC0\xfC\x5b\x3f\x7e\xc5'
-key = wolfssl.byteArray(KEY_LENGTH)
-verify = '\x90\x1B\x49\x70\xF0\x94\xF0\xF8\x45\xC0\xF3\xF3\x13\x59\x18\x6A\x35\xE3\x67\xFE\xD3\x21\xFD\x7C'
-
-wolfssl.wc_PKCS12_PBKDF(key, to_c_byte_array(password), len(password),
- to_c_byte_array(salt), len(salt), 1000, KEY_LENGTH,
- SHA256, 1)
-key = wolfssl.cdata(key, KEY_LENGTH)
-assert key == verify
diff --git a/swig/python_wolfssl.vcproj b/swig/python_wolfssl.vcproj
deleted file mode 100644
index 6af2d3675..000000000
--- a/swig/python_wolfssl.vcproj
+++ /dev/null
@@ -1,225 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/swig/rsasign.py b/swig/rsasign.py
deleted file mode 100644
index c1c69d09b..000000000
--- a/swig/rsasign.py
+++ /dev/null
@@ -1,35 +0,0 @@
-# file: rsasign.py
-
-import wolfssl
-
-
-# start Random Number Generator
-rng = wolfssl.GetRng()
-if rng == None:
- print "Couldn't get an RNG"
- exit(-1)
-
-# load RSA private key in DER format
-key = wolfssl.GetRsaPrivateKey("../certs/client-key.der")
-if key == None:
- print "Couldn't load DER private key file"
- exit(-1)
-
-# Make byte Arrays and fill input
-signOutput = wolfssl.byteArray(128) # 128 allows 1024 bit private key
-signStr = wolfssl.byteArray(25) # input can't be larger then key size
- # 64 for 512 bit 128 for 1024 bit
-wolfssl.FillSignStr(signStr, "Everybody gets Friday off", 25)
-
-# Do RSA Sign
-signedSize = wolfssl.RsaSSL_Sign(signStr, 25, signOutput, 128, key, rng)
-
-# Show output
-print "Signed Size = ", signedSize, " signed array = ", wolfssl.cdata(signOutput, signedSize)
-
-# let's verify this worked
-signVerify = wolfssl.byteArray(signedSize)
-verifySize = wolfssl.RsaSSL_Verify(signOutput, signedSize, signVerify, signedSize, key)
-
-print "Verify Size = ", verifySize, " verify array = ", wolfssl.cdata(signVerify, verifySize)
-
diff --git a/swig/runme.py b/swig/runme.py
deleted file mode 100644
index 90fc43159..000000000
--- a/swig/runme.py
+++ /dev/null
@@ -1,43 +0,0 @@
-# file: runme.py
-
-import wolfssl
-
-print ""
-print "Trying to connect to the example server -d..."
-
-wolfssl.wolfSSL_Init()
-#wolfssl.wolfSSL_Debugging_ON()
-ctx = wolfssl.wolfSSL_CTX_new(wolfssl.wolfTLSv1_2_client_method())
-if ctx == None:
- print "Couldn't get SSL CTX for TLSv1.2"
- exit(-1)
-
-ret = wolfssl.wolfSSL_CTX_load_verify_locations(ctx, "../certs/ca-cert.pem", None)
-if ret != wolfssl.SSL_SUCCESS:
- print "Couldn't do SSL_CTX_load_verify_locations "
- print "error string = ", ret
- exit(-1)
-
-ssl = wolfssl.wolfSSL_new(ctx)
-ret = wolfssl.wolfSSL_swig_connect(ssl, "localhost", 11111)
-
-if ret != wolfssl.SSL_SUCCESS:
- print "Couldn't do SSL connect"
- err = wolfssl.wolfSSL_get_error(ssl, 0)
- if ret == -2:
- print "tcp error, is example server running?"
- else:
- print "error string = ", wolfssl.wolfSSL_error_string(err)
- exit(-1)
-
-print "...Connected"
-written = wolfssl.wolfSSL_write(ssl, "hello from python\r\n", 19)
-
-if written > 0:
- print "Wrote ", written, " bytes"
-
-byteArray = wolfssl.byteArray(100)
-readBytes = wolfssl.wolfSSL_read(ssl, byteArray, 100)
-
-print "server reply: ", wolfssl.cdata(byteArray, readBytes)
-
diff --git a/swig/wolfssl.i b/swig/wolfssl.i
deleted file mode 100644
index 57c4ee7c6..000000000
--- a/swig/wolfssl.i
+++ /dev/null
@@ -1,68 +0,0 @@
-/* wolfssl.i
- *
- * Copyright (C) 2006-2021 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-%module wolfssl
-%{
- #include
- #include
- #include
-
- /* defn adds */
- char* wolfSSL_error_string(int err);
- int wolfSSL_swig_connect(WOLFSSL*, const char* server, int port);
- WC_RNG* GetRng(void);
- RsaKey* GetRsaPrivateKey(const char* file);
- void FillSignStr(unsigned char*, const char*, int);
-%}
-
-
-WOLFSSL_METHOD* wolfTLSv1_2_client_method(void);
-WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
-int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*, const char*);
-WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
-int wolfSSL_get_error(WOLFSSL*, int);
-int wolfSSL_write(WOLFSSL*, const char*, int);
-int wolfSSL_Debugging_ON(void);
-int wolfSSL_Init(void);
-char* wolfSSL_error_string(int);
-int wolfSSL_swig_connect(WOLFSSL*, const char* server, int port);
-
-int wc_PKCS12_PBKDF(unsigned char* output, const unsigned char* passwd, int pLen, const unsigned char* salt,
- int sLen, int iterations, int kLen, int hashType, int purpose);
-
-int wc_RsaSSL_Sign(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key, WC_RNG* rng);
-
-int wc_RsaSSL_Verify(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key);
-
-WC_RNG* GetRng(void);
-RsaKey* GetRsaPrivateKey(const char* file);
-void FillSignStr(unsigned char*, const char*, int);
-
-%include carrays.i
-%include cdata.i
-%array_class(unsigned char, byteArray);
-int wolfSSL_read(WOLFSSL*, unsigned char*, int);
-
-
-#define SSL_FAILURE 0
-#define SSL_SUCCESS 1
-
diff --git a/swig/wolfssl_adds.c b/swig/wolfssl_adds.c
deleted file mode 100644
index 080206f4e..000000000
--- a/swig/wolfssl_adds.c
+++ /dev/null
@@ -1,237 +0,0 @@
-/* wolfssl_adds.c
- *
- * Copyright (C) 2006-2021 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifdef HAVE_CONFIG_H
- #include
-#endif
-
-#include
-
-#ifndef _WIN32
- #define HAVE_CONFIG_H
-#endif
-
-#include
-#include
-#include
-
-#include
-#include
-#include
-#include
-
-#ifdef _WIN32
- #include
- #include
- #ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */
- #include
- #include
- #endif
- #define SOCKET_T int
-#else
- #include
- #include
- #include
- #include
- #include
- #include
- #include
- #include
- #include
- #include
- #ifdef NON_BLOCKING
- #include
- #endif
- #ifdef TEST_IPV6
- #include
- #endif
- #define SOCKET_T unsigned int
-#endif /* _WIN32 */
-
-#ifdef _MSC_VER
- /* disable conversion warning */
- /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
- #pragma warning(disable:4244 4996)
-#endif
-
-#if defined(__MACH__) || defined(_WIN32)
- #ifndef _SOCKLEN_T
- typedef int socklen_t;
- #endif
-#endif
-
-
-/* HPUX doesn't use socklent_t for third parameter to accept */
-#if !defined(__hpux__)
- typedef socklen_t* ACCEPT_THIRD_T;
-#else
- typedef int* ACCEPT_THIRD_T;
-#endif
-
-
-#ifdef _WIN32
- #define CloseSocket(s) closesocket(s)
- #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
-#else
- #define CloseSocket(s) close(s)
- #define StartTCP()
-#endif
-
-
-#ifdef TEST_IPV6
- typedef struct sockaddr_in6 SOCKADDR_IN_T;
- #define AF_INET_V AF_INET6
-#else
- typedef struct sockaddr_in SOCKADDR_IN_T;
- #define AF_INET_V AF_INET
-#endif
-
-
-enum {
- SSL_BLOCKING = 2,
- SSL_NONBLOCKING = 4
-};
-
-
-static int tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr, const char* peer,
- short port)
-{
- const char* host = peer;
-
- /* peer could be in human readable form */
- if (isalpha(peer[0])) {
- struct hostent* entry = gethostbyname(peer);
-
- if (entry) {
- struct sockaddr_in tmp;
- memset(&tmp, 0, sizeof(struct sockaddr_in));
- memcpy(&tmp.sin_addr.s_addr, entry->h_addr_list[0],entry->h_length);
- host = inet_ntoa(tmp.sin_addr);
- }
- else
- return -1; /* no entry for host */
- }
-
- *sockfd = socket(AF_INET, SOCK_STREAM, 0);
- memset(addr, 0, sizeof(SOCKADDR_IN_T));
-
- addr->sin_family = AF_INET;
- addr->sin_port = htons(port);
- addr->sin_addr.s_addr = inet_addr(host);
-
-#ifdef SO_NOSIGPIPE
- {
- int on = 1;
- socklen_t len = sizeof(on);
- setsockopt(*sockfd, SOL_SOCKET, SO_NOSIGPIPE, &on, len);
- }
-#endif
-
- return 0;
-}
-
-
-static int tcp_connect(SOCKET_T* sockfd, const char* ip, short port)
-{
- SOCKADDR_IN_T addr;
- int ret = tcp_socket(sockfd, &addr, ip, port);
- if (ret != 0) return ret;
-
- if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
- return -2; /* can't connect */
-
- return 0;
-}
-
-
-int wolfSSL_swig_connect(WOLFSSL* ssl, const char* server, int port)
-{
- SOCKET_T sockfd;
- int ret = tcp_connect(&sockfd, server, port);
- if (ret != 0) return ret;
-
- ret = wolfSSL_set_fd(ssl, sockfd);
- if (ret != SSL_SUCCESS) return ret;
-
- return wolfSSL_connect(ssl);
-}
-
-
-char* wolfSSL_error_string(int err)
-{
- static char buffer[WOLFSSL_MAX_ERROR_SZ];
-
- return wolfSSL_ERR_error_string(err, buffer);
-}
-
-
-WC_RNG* GetRng(void)
-{
- WC_RNG* rng = (WC_RNG*)malloc(sizeof(WC_RNG));
-
- if (rng)
- if (wc_InitRng(rng) != 0) {
- free(rng);
- rng = 0;
- }
-
- return rng;
-}
-
-
-RsaKey* GetRsaPrivateKey(const char* keyFile)
-{
- RsaKey* key = (RsaKey*)malloc(sizeof(RsaKey));
-
- if (key) {
- byte tmp[1024];
- size_t bytes;
- int ret;
- word32 idx = 0;
- XFILE file = XFOPEN(keyFile, "rb");
-
- if (file == XBADFILE)
- {
- free(key);
- return 0;
- }
-
- bytes = XFREAD(tmp, 1, sizeof(tmp), file);
- XFCLOSE(file);
- wc_InitRsaKey(key, 0);
-
- ret = wc_RsaPrivateKeyDecode(tmp, &idx, key, (word32)bytes);
- if (ret != 0) {
- wc_FreeRsaKey(key);
- free(key);
- return 0;
- }
- }
- return key;
-}
-
-
-void FillSignStr(unsigned char* dst, const char* src, int size)
-{
- memcpy(dst, src, size);
-}
-