mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added "--enable-asynccrypt" option for enabling asynchronous crypto. This includes a refactor of SendServerKeyExchange and DoClientKeyExchange to support WC_PENDING_E on key generation, signing and verification. Currently uses async simulator (WOLFSSL_ASYNC_CRYPT_TEST) if cavium not enabled. All of the examples have been updated to support WC_PENDING_E on accept and connect. A generic WOLF_EVENT infrastructure has been added to support other types of future events and is enabled using "HAVE_WOLF_EVENT". Refactor the ASN OID type (ex: hashType/sigType) to use a more unique name. The real "async.c" and "async.h" files are in a private repo.

Browse Source
This commit is contained in:
David Garske 2016-03-04 10:05:22 -08:00
parent 10e74f7200
commit e1787fe160
22 changed files with 2870 additions and 2681 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -39,6 +39,8 @@ cyassl.sublime*
fips.c
fips_test.c
fips
src/async.c
wolfssl/async.h
ctaocrypt/benchmark/benchmark
ctaocrypt/test/testctaocrypt
wolfcrypt/benchmark/benchmark

4
autogen.sh
View File

@ -18,6 +18,10 @@ if test -d .git; then
# touch fips files for non fips distribution
touch ./ctaocrypt/src/fips.c
touch ./ctaocrypt/src/fips_test.c
# touch async crypt files
touch ./src/async.c
touch ./wolfssl/async.h
else
WARNINGS="all"
fi

22
configure.ac
View File

@ -2505,6 +2505,27 @@ fi
AM_CONDITIONAL([BUILD_MCAPI], [test "x$ENABLED_MCAPI" = "xyes"])
# Asynchronous Crypto
AC_ARG_ENABLE([asynccrypt],
[ --enable-asynccrypt Enable Asynchronous Crypto (default: disabled)],
[ ENABLED_ASYNCCRYPT=$enableval ],
[ ENABLED_ASYNCCRYPT=no ]
)
if test "$ENABLED_ASYNCCRYPT" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT"
# if Cavium not enabled the use async simulator for testing
if test "x$ENABLED_CAVIUM" = "xno"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT_TEST"
fi
fi
AM_CONDITIONAL([BUILD_ASYNCCRYPT], [test "x$ENABLED_ASYNCCRYPT" = "xyes"])
# check if PSK was enabled for conditionally running psk.test script
AM_CONDITIONAL([BUILD_PSK], [test "x$ENABLED_PSK" = "xyes"])
@ -2836,5 +2857,6 @@ echo " * LIBZ: $ENABLED_LIBZ"
echo " * Examples: $ENABLED_EXAMPLES"
echo " * User Crypto: $ENABLED_USER_CRYPTO"
echo " * Fast RSA: $ENABLED_FAST_RSA"
echo " * Async Crypto: $ENABLED_ASYNCCRYPT"
echo ""
echo "---"

68
examples/client/client.c
View File

@ -68,7 +68,7 @@
#endif
static void NonBlockingSSL_Connect(WOLFSSL* ssl)
static void NonBlockingSSL_Connect(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
{
#ifndef WOLFSSL_CALLBACKS
int ret = wolfSSL_connect(ssl);
@ -79,14 +79,23 @@ static void NonBlockingSSL_Connect(WOLFSSL* ssl)
SOCKET_T sockfd = (SOCKET_T)wolfSSL_get_fd(ssl);
int select_ret;
(void)ctx;
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
error == SSL_ERROR_WANT_WRITE)) {
error == SSL_ERROR_WANT_WRITE ||
error == WC_PENDING_E)) {
int currTimeout = 1;
if (error == SSL_ERROR_WANT_READ)
printf("... client would read block\n");
else
else if (error == SSL_ERROR_WANT_WRITE)
printf("... client would write block\n");
#ifdef WOLFSSL_ASYNC_CRYPT
else if (error == WC_PENDING_E) {
ret = AsyncCryptPoll(ctx, ssl);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
#ifdef WOLFSSL_DTLS
currTimeout = wolfSSL_dtls_get_current_timeout(ssl);
@ -95,11 +104,11 @@ static void NonBlockingSSL_Connect(WOLFSSL* ssl)
if ((select_ret == TEST_RECV_READY) ||
(select_ret == TEST_ERROR_READY)) {
#ifndef WOLFSSL_CALLBACKS
ret = wolfSSL_connect(ssl);
#else
ret = wolfSSL_connect_ex(ssl,handShakeCB,timeoutCB,timeout);
#endif
#ifndef WOLFSSL_CALLBACKS
ret = wolfSSL_connect(ssl);
#else
ret = wolfSSL_connect_ex(ssl,handShakeCB,timeoutCB,timeout);
#endif
error = wolfSSL_get_error(ssl, 0);
}
else if (select_ret == TEST_TIMEOUT && !wolfSSL_dtls(ssl)) {
@ -107,7 +116,7 @@ static void NonBlockingSSL_Connect(WOLFSSL* ssl)
}
#ifdef WOLFSSL_DTLS
else if (select_ret == TEST_TIMEOUT && wolfSSL_dtls(ssl) &&
wolfSSL_dtls_got_timeout(ssl) >= 0) {
wolfSSL_dtls_got_timeout(ssl) >= 0) {
error = SSL_ERROR_WANT_READ;
}
#endif
@ -436,6 +445,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
int disableCRL = 0;
int externalTest = 0;
int ret;
int err = 0;
int scr = 0; /* allow secure renegotiation */
int forceScr = 0; /* force client initiaed scr */
int trackMemory = 0;
@ -1170,27 +1180,40 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (nonBlocking) {
wolfSSL_set_using_nonblock(ssl, 1);
tcp_set_nonblocking(&sockfd);
NonBlockingSSL_Connect(ssl);
NonBlockingSSL_Connect(ctx, ssl);
}
else if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
/* see note at top of README */
int err = wolfSSL_get_error(ssl, 0);
char buffer[WOLFSSL_MAX_ERROR_SZ];
printf("err = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
err_sys("SSL_connect failed");
/* if you're getting an error here */
else {
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = AsyncCryptPoll(ctx, ssl);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
err = 0; /* Reset error */
ret = wolfSSL_connect(ssl);
if (ret != SSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
}
} while (ret != SSL_SUCCESS && err == WC_PENDING_E);
if (ret != SSL_SUCCESS) {
char buffer[WOLFSSL_MAX_ERROR_SZ];
printf("err = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
err_sys("wolfSSL_connect failed");
/* see note at top of README */
/* if you're getting an error here */
}
}
#else
timeout.tv_sec = 2;
timeout.tv_usec = 0;
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
NonBlockingSSL_Connect(ctx, ssl); /* will keep retrying on timeout */
#endif
showPeer(ssl);
#ifdef HAVE_ALPN
if (alpnList != NULL) {
int err;
char *protocol_name = NULL;
word16 protocol_nameSz = 0;
@ -1315,14 +1338,14 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (nonBlocking) {
wolfSSL_set_using_nonblock(sslResume, 1);
tcp_set_nonblocking(&sockfd);
NonBlockingSSL_Connect(sslResume);
NonBlockingSSL_Connect(ctx, sslResume);
}
else if (wolfSSL_connect(sslResume) != SSL_SUCCESS)
err_sys("SSL resume failed");
#else
timeout.tv_sec = 2;
timeout.tv_usec = 0;
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
NonBlockingSSL_Connect(ctx, ssl); /* will keep retrying on timeout */
#endif
showPeer(sslResume);
@ -1333,7 +1356,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifdef HAVE_ALPN
if (alpnList != NULL) {
int err;
char *protocol_name = NULL;
word16 protocol_nameSz = 0;

21
examples/echoclient/echoclient.c
View File

@ -68,6 +68,7 @@ void echoclient_test(void* args)
SSL_CTX* ctx = 0;
SSL* ssl = 0;
int ret = 0, err = 0;
int doDTLS = 0;
int doPSK = 0;
int sendSz;
@ -173,7 +174,25 @@ void echoclient_test(void* args)
Sleep(100);
#endif
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = AsyncCryptPoll(ctx, ssl);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
err = 0; /* Reset error */
ret = SSL_connect(ssl);
if (ret != SSL_SUCCESS) {
err = SSL_get_error(ssl, 0);
}
} while (ret != SSL_SUCCESS && err == WC_PENDING_E);
if (ret != SSL_SUCCESS) {
char buffer[CYASSL_MAX_ERROR_SZ];
printf("err = %d, %s\n", err, ERR_error_string(err, buffer));
err_sys("SSL_connect failed");
}
while (fgets(msg, sizeof(msg), fin) != 0) {

22
examples/echoserver/echoserver.c
View File

@ -77,6 +77,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
CYASSL_METHOD* method = 0;
CYASSL_CTX* ctx = 0;
int ret = 0;
int doDTLS = 0;
int doPSK = 0;
int outCreated = 0;
@ -228,6 +229,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
int clientfd;
int firstRead = 1;
int gotFirstG = 0;
int err = 0;
SOCKADDR_IN_T client;
socklen_t client_len = sizeof(client);
#ifndef CYASSL_DTLS
@ -260,7 +262,25 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#elif !defined(NO_DH)
SetDH(ssl); /* will repick suites with DHE, higher than PSK */
#endif
if (CyaSSL_accept(ssl) != SSL_SUCCESS) {
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = AsyncCryptPoll(ctx, ssl);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
err = 0; /* Reset error */
ret = CyaSSL_accept(ssl);
if (ret != SSL_SUCCESS) {
err = CyaSSL_get_error(ssl, 0);
}
} while (ret != SSL_SUCCESS && err == WC_PENDING_E);
if (ret != SSL_SUCCESS) {
err = CyaSSL_get_error(ssl, 0);
char buffer[CYASSL_MAX_ERROR_SZ];
printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
printf("SSL_accept failed\n");
CyaSSL_free(ssl);
CloseSocket(clientfd);

44
examples/server/server.c
View File

@ -71,7 +71,7 @@
static void NonBlockingSSL_Accept(SSL* ssl)
static int NonBlockingSSL_Accept(SSL* ssl)
{
#ifndef CYASSL_CALLBACKS
int ret = SSL_accept(ssl);
@ -120,8 +120,8 @@ static void NonBlockingSSL_Accept(SSL* ssl)
error = SSL_FATAL_ERROR;
}
}
if (ret != SSL_SUCCESS)
err_sys("SSL_accept failed");
return ret;
}
/* Echo number of bytes specified by -e arg */
@ -279,6 +279,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
int doListen = 1;
int crlFlags = 0;
int ret;
int err = 0;
char* serverReadyFile = NULL;
char* alpnList = NULL;
unsigned char alpn_opt = 0;
@ -836,21 +837,44 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
if (nonBlocking) {
CyaSSL_set_using_nonblock(ssl, 1);
tcp_set_nonblocking(&clientfd);
NonBlockingSSL_Accept(ssl);
} else if (SSL_accept(ssl) != SSL_SUCCESS) {
int err = SSL_get_error(ssl, 0);
}
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = AsyncCryptPoll(ctx, ssl);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
err = 0; /* Reset error */
#ifndef CYASSL_CALLBACKS
if (nonBlocking) {
ret = NonBlockingSSL_Accept(ssl);
}
else {
ret = SSL_accept(ssl);
}
#else
ret = NonBlockingSSL_Accept(ssl);
#endif
if (ret != SSL_SUCCESS) {
err = SSL_get_error(ssl, 0);
}
} while (ret != SSL_SUCCESS && err == WC_PENDING_E);
if (ret != SSL_SUCCESS) {
err = SSL_get_error(ssl, 0);
char buffer[CYASSL_MAX_ERROR_SZ];
printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
err_sys("SSL_accept failed");
}
#else
NonBlockingSSL_Accept(ssl);
#endif
showPeer(ssl);
#ifdef HAVE_ALPN
if (alpnList != NULL) {
int err;
char *protocol_name = NULL, *list = NULL;
word16 protocol_nameSz = 0, listSz = 0;

4
src/include.am
View File

@ -250,4 +250,8 @@ if BUILD_SNIFFER
src_libwolfssl_la_SOURCES += src/sniffer.c
endif
if BUILD_ASYNCCRYPT
src_libwolfssl_la_SOURCES += src/async.c
endif
endif # !BUILD_CRYPTONLY

4943
src/internal.c Normal file → Executable file
View File

File diff suppressed because it is too large Load Diff

115
src/ssl.c
View File

@ -17826,4 +17826,119 @@ void* wolfSSL_get_jobject(WOLFSSL* ssl)
#endif /* WOLFSSL_JNI */
#ifdef HAVE_WOLF_EVENT
int wolfssl_CTX_poll_peek(WOLFSSL_CTX* ctx, int* eventCount)
{
WOLF_EVENT* event;
int count = 0;
if (ctx == NULL) {
return BAD_FUNC_ARG;
}
#ifndef SINGLE_THREADED
if (LockMutex(&ctx->event_queue.lock) != 0) {
return BAD_MUTEX_E;
}
#endif
/* Itterate event queue */
for (event = ctx->event_queue.head; event != NULL; event = event->next) {
count++;
}
#ifndef SINGLE_THREADED
UnLockMutex(&ctx->event_queue.lock);
#endif
if (eventCount) {
*eventCount = count;
}
return 0;
}
int wolfSSL_CTX_poll(WOLFSSL_CTX* ctx, WOLF_EVENT* events, int maxEvents,
unsigned char flags, int* eventCount)
{
WOLF_EVENT* event, *event_prev = NULL;
int count = 0, ret = SSL_ERROR_NONE;
if (ctx == NULL || events == NULL || maxEvents <= 0) {
return BAD_FUNC_ARG;
}
#ifndef SINGLE_THREADED
if (LockMutex(&ctx->event_queue.lock) != 0) {
return BAD_MUTEX_E;
}
#endif
/* Itterate event queue */
for (event = ctx->event_queue.head; event != NULL; event = event->next)
{
byte removeEvent = 0;
#ifdef WOLFSSL_ASYNC_CRYPT
if (event->type >= WOLF_EVENT_TYPE_ASYNC_FIRST &&
event->type <= WOLF_EVENT_TYPE_ASYNC_LAST)
{
ret = wolfSSL_async_poll(event, flags);
}
#endif /* WOLFSSL_ASYNC_CRYPT */
/* If event is done add to returned event data */
if (event->done) {
/* Check to make sure we have room for event */
if (count >= maxEvents) {
break; /* Exit for */
}
/* Copy event data to provided buffer */
XMEMCPY(&events[count], event, sizeof(WOLF_EVENT));
count++;
removeEvent = 1;
}
if (removeEvent) {
/* Remove from queue list */
if (event_prev == NULL) {
ctx->event_queue.head = event->next;
if (ctx->event_queue.head == NULL) {
ctx->event_queue.tail = NULL;
}
}
else {
event_prev->next = event->next;
}
}
else {
/* Leave in queue, save prev pointer */
event_prev = event;
}
/* Check for error */
if (ret < 0) {
break; /* Exit for */
}
}
#ifndef SINGLE_THREADED
UnLockMutex(&ctx->event_queue.lock);
#endif
/* Return number of poperly populated events */
if (eventCount) {
*eventCount = count;
}
/* Make sure success returns 0 */
if (ret > 0) {
ret = 0;
}
return ret;
}
#endif /* HAVE_WOLF_EVENT */
#endif /* WOLFCRYPT_ONLY */

84
wolfcrypt/src/asn.c
View File

@ -788,7 +788,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
switch (type) {
case hashType:
case oidHashType:
switch (id) {
case MD2h:
oid = hashMd2hOid;
@ -817,7 +817,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
}
break;
case sigType:
case oidSigType:
switch (id) {
#ifndef NO_DSA
case CTC_SHAwDSA:
@ -874,7 +874,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
}
break;
case keyType:
case oidKeyType:
switch (id) {
#ifndef NO_DSA
case DSAk:
@ -906,7 +906,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
break;
#ifdef HAVE_ECC
case curveType:
case oidCurveType:
switch (id) {
#if defined(HAVE_ALL_CURVES) || !defined(NO_ECC256)
case ECC_256R1:
@ -950,7 +950,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
break;
#endif /* HAVE_ECC */
case blkType:
case oidBlkType:
switch (id) {
case DESb:
oid = blkDesCbcOid;
@ -964,7 +964,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
break;
#ifdef HAVE_OCSP
case ocspType:
case oidOcspType:
switch (id) {
case OCSP_BASIC_OID:
oid = ocspBasicOid;
@ -978,7 +978,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
break;
#endif /* HAVE_OCSP */
case certExtType:
case oidCertExtType:
switch (id) {
case BASIC_CA_OID:
oid = extBasicCaOid;
@ -1027,7 +1027,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
}
break;
case certAuthInfoType:
case oidCertAuthInfoType:
switch (id) {
case AIA_OCSP_OID:
oid = extAuthInfoOcspOid;
@ -1040,7 +1040,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
}
break;
case certPolicyType:
case oidCertPolicyType:
switch (id) {
case CP_ANY_OID:
oid = extCertPolicyAnyOid;
@ -1049,7 +1049,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
}
break;
case certAltNameType:
case oidCertAltNameType:
switch (id) {
case HW_NAME_OID:
oid = extAltNamesHwNameOid;
@ -1058,7 +1058,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
}
break;
case certKeyUseType:
case oidCertKeyUseType:
switch (id) {
case EKU_ANY_OID:
oid = extExtKeyUsageAnyOid;
@ -1078,7 +1078,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
break;
}
case kdfType:
case oidKdfType:
switch (id) {
case PBKDF2_OID:
oid = pbkdf2Oid;
@ -1087,7 +1087,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
}
break;
case ignoreType:
case oidIgnoreType:
default:
break;
}
@ -1138,7 +1138,7 @@ WOLFSSL_LOCAL int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
const byte* checkOid = NULL;
word32 checkOidSz;
if (oidType != ignoreType) {
if (oidType != oidIgnoreType) {
checkOid = OidFromId(*oid, oidType, &checkOidSz);
if (checkOid != NULL &&
@ -1317,7 +1317,7 @@ int ToTraditional(byte* input, word32 sz)
if (GetMyVersion(input, &inOutIdx, &version) < 0)
return ASN_PARSE_E;
if (GetAlgoId(input, &inOutIdx, &oid, sigType, sz) < 0)
if (GetAlgoId(input, &inOutIdx, &oid, oidSigType, sz) < 0)
return ASN_PARSE_E;
if (input[inOutIdx] == ASN_OBJECT_ID) {
@ -1594,7 +1594,7 @@ int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
if (GetSequence(input, &inOutIdx, &length, sz) < 0)
return ASN_PARSE_E;
if (GetAlgoId(input, &inOutIdx, &oid, sigType, sz) < 0)
if (GetAlgoId(input, &inOutIdx, &oid, oidSigType, sz) < 0)
return ASN_PARSE_E;
first = input[inOutIdx - 2]; /* PKCS version always 2nd to last byte */
@ -1608,7 +1608,7 @@ int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
if (GetSequence(input, &inOutIdx, &length, sz) < 0)
return ASN_PARSE_E;
if (GetAlgoId(input, &inOutIdx, &oid, kdfType, sz) < 0)
if (GetAlgoId(input, &inOutIdx, &oid, oidKdfType, sz) < 0)
return ASN_PARSE_E;
if (oid != PBKDF2_OID)
@ -1654,7 +1654,7 @@ int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
if (version == PKCS5v2) {
/* get encryption algo */
/* JOHN: New type. Need a little more research. */
if (GetAlgoId(input, &inOutIdx, &oid, blkType, sz) < 0) {
if (GetAlgoId(input, &inOutIdx, &oid, oidBlkType, sz) < 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -2352,7 +2352,7 @@ static int GetKey(DecodedCert* cert)
return ASN_PARSE_E;
if (GetAlgoId(cert->source, &cert->srcIdx,
&cert->keyOID, keyType, cert->maxIdx) < 0)
&cert->keyOID, oidKeyType, cert->maxIdx) < 0)
return ASN_PARSE_E;
switch (cert->keyOID) {
@ -2443,7 +2443,7 @@ static int GetKey(DecodedCert* cert)
byte b;
if (GetObjectId(cert->source, &cert->srcIdx,
&cert->pkCurveOID, curveType, cert->maxIdx) < 0)
&cert->pkCurveOID, oidCurveType, cert->maxIdx) < 0)
return ASN_PARSE_E;
if (CheckCurve(cert->pkCurveOID) < 0)
@ -3146,7 +3146,7 @@ int DecodeToKey(DecodedCert* cert, int verify)
WOLFSSL_MSG("Got Cert Header");
if ( (ret = GetAlgoId(cert->source, &cert->srcIdx, &cert->signatureOID,
sigType, cert->maxIdx)) < 0)
oidSigType, cert->maxIdx)) < 0)
return ret;
WOLFSSL_MSG("Got Algo ID");
@ -3377,8 +3377,8 @@ WOLFSSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
byte ID_Length[MAX_LENGTH_SZ];
byte seqArray[MAX_SEQ_SZ + 1]; /* add object_id to end */
tagSz = (type == hashType || type == sigType ||
(type == keyType && algoOID == RSAk)) ? 2 : 0;
tagSz = (type == oidHashType || type == oidSigType ||
(type == oidKeyType && algoOID == RSAk)) ? 2 : 0;
algoName = OidFromId(algoOID, type, &algoSz);
@ -3414,7 +3414,7 @@ word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz,
word32 encDigSz, algoSz, seqSz;
encDigSz = SetDigest(digest, digSz, digArray);
algoSz = SetAlgoID(hashOID, algoArray, hashType, 0);
algoSz = SetAlgoID(hashOID, algoArray, oidHashType, 0);
seqSz = SetSequence(encDigSz + algoSz, seqArray);
XMEMCPY(out, seqArray, seqSz);
@ -3986,7 +3986,7 @@ static int DecodeAltNames(byte* input, int sz, DecodedCert* cert)
/* Consume the rest of this sequence. */
length -= (strLen + idx - lenStartIdx);
if (GetObjectId(input, &idx, &oid, certAltNameType, sz) < 0) {
if (GetObjectId(input, &idx, &oid, oidCertAltNameType, sz) < 0) {
WOLFSSL_MSG("\tbad OID");
return ASN_PARSE_E;
}
@ -4237,7 +4237,7 @@ static int DecodeAuthInfo(byte* input, int sz, DecodedCert* cert)
return ASN_PARSE_E;
oid = 0;
if (GetObjectId(input, &idx, &oid, certAuthInfoType, sz) < 0)
if (GetObjectId(input, &idx, &oid, oidCertAuthInfoType, sz) < 0)
return ASN_PARSE_E;
/* Only supporting URIs right now. */
@ -4383,7 +4383,7 @@ static int DecodeExtKeyUsage(byte* input, int sz, DecodedCert* cert)
#endif
while (idx < (word32)sz) {
if (GetObjectId(input, &idx, &oid, certKeyUseType, sz) < 0)
if (GetObjectId(input, &idx, &oid, oidCertKeyUseType, sz) < 0)
return ASN_PARSE_E;
switch (oid) {
@ -4718,7 +4718,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
}
oid = 0;
if (GetObjectId(input, &idx, &oid, certExtType, sz) < 0) {
if (GetObjectId(input, &idx, &oid, oidCertExtType, sz) < 0) {
WOLFSSL_MSG("\tfail: OBJECT ID");
return ASN_PARSE_E;
}
@ -4970,7 +4970,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
}
if ((ret = GetAlgoId(cert->source, &cert->srcIdx, &confirmOID,
sigType, cert->maxIdx)) < 0)
oidSigType, cert->maxIdx)) < 0)
return ret;
if ((ret = GetSignature(cert)) < 0)
@ -5522,7 +5522,7 @@ static int SetRsaPublicKey(byte* output, RsaKey* key,
#else
byte algo[MAX_ALGO_SZ];
#endif
algoSz = SetAlgoID(RSAk, algo, keyType, 0);
algoSz = SetAlgoID(RSAk, algo, oidKeyType, 0);
lenSz = SetLength(seqSz + nSz + eSz + 1, len);
len[lenSz++] = 0; /* trailing 0 */
@ -5938,7 +5938,7 @@ static int SetEccPublicKey(byte* output, ecc_key* key, int with_header)
return MEMORY_E;
}
#endif
algoSz = SetAlgoID(ECDSAk, algo, keyType, curveSz);
algoSz = SetAlgoID(ECDSAk, algo, oidKeyType, curveSz);
lenSz = SetLength(pubSz + 1, len);
len[lenSz++] = 0; /* trailing 0 */
@ -6787,7 +6787,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
der->serialSz = SetSerial(cert->serial, der->serial);
/* signature algo */
der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, sigType, 0);
der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, oidSigType, 0);
if (der->sigAlgoSz == 0)
return ALGO_ID_E;
@ -7179,7 +7179,7 @@ static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz,
int idx = bodySz, seqSz;
/* algo */
idx += SetAlgoID(sigAlgoType, buffer + idx, sigType, 0);
idx += SetAlgoID(sigAlgoType, buffer + idx, oidSigType, 0);
/* bit string */
buffer[idx++] = ASN_BIT_STRING;
/* length */
@ -7986,7 +7986,7 @@ static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
decoded->srcIdx = startIdx;
if (GetAlgoId(decoded->source, &decoded->srcIdx, &oid,
certExtType, decoded->maxIdx) < 0) {
oidCertExtType, decoded->maxIdx) < 0) {
ret = ASN_PARSE_E;
break;
}
@ -8745,7 +8745,7 @@ static int DecodeSingleResponse(byte* source,
if (GetSequence(source, &idx, &length, size) < 0)
return ASN_PARSE_E;
/* Skip the hash algorithm */
if (GetAlgoId(source, &idx, &oid, ignoreType, size) < 0)
if (GetAlgoId(source, &idx, &oid, oidIgnoreType, size) < 0)
return ASN_PARSE_E;
/* Save reference to the hash of CN */
if (source[idx++] != ASN_OCTET_STRING)
@ -8867,7 +8867,7 @@ static int DecodeOcspRespExtensions(byte* source,
}
oid = 0;
if (GetObjectId(source, &idx, &oid, ocspType, sz) < 0) {
if (GetObjectId(source, &idx, &oid, oidOcspType, sz) < 0) {
WOLFSSL_MSG("\tfail: OBJECT ID");
return ASN_PARSE_E;
}
@ -9020,7 +9020,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
return ASN_PARSE_E;
/* Get the signature algorithm */
if (GetAlgoId(source, &idx, &resp->sigOID, sigType, size) < 0)
if (GetAlgoId(source, &idx, &resp->sigOID, oidSigType, size) < 0)
return ASN_PARSE_E;
/* Obtain pointer to the start of the signature, and save the size */
@ -9126,7 +9126,7 @@ int OcspResponseDecode(OcspResponse* resp, void* cm)
return ASN_PARSE_E;
/* Check ObjectID for the resposeBytes */
if (GetObjectId(source, &idx, &oid, ocspType, size) < 0)
if (GetObjectId(source, &idx, &oid, oidOcspType, size) < 0)
return ASN_PARSE_E;
if (oid != OCSP_BASIC_OID)
return ASN_PARSE_E;
@ -9212,9 +9212,9 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
WOLFSSL_ENTER("EncodeOcspRequest");
#ifdef NO_SHA
algoSz = SetAlgoID(SHA256h, algoArray, hashType, 0);
algoSz = SetAlgoID(SHA256h, algoArray, oidHashType, 0);
#else
algoSz = SetAlgoID(SHAh, algoArray, hashType, 0);
algoSz = SetAlgoID(SHAh, algoArray, oidHashType, 0);
#endif
issuerSz = SetDigest(req->issuerHash, KEYID_SIZE, issuerArray);
@ -9604,7 +9604,7 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
return ASN_PARSE_E;
}
if (GetAlgoId(buff, &idx, &oid, ignoreType, sz) < 0)
if (GetAlgoId(buff, &idx, &oid, oidIgnoreType, sz) < 0)
return ASN_PARSE_E;
if (GetNameHash(buff, &idx, dcrl->issuerHash, sz) < 0)
@ -9648,7 +9648,7 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
if (idx != dcrl->sigIndex)
idx = dcrl->sigIndex; /* skip extensions */
if (GetAlgoId(buff, &idx, &dcrl->signatureOID, sigType, sz) < 0)
if (GetAlgoId(buff, &idx, &dcrl->signatureOID, oidSigType, sz) < 0)
return ASN_PARSE_E;
if (GetCRL_Signature(buff, &idx, dcrl, sz) < 0)

3
wolfcrypt/src/error.c
View File

@ -373,6 +373,9 @@ const char* wc_GetErrorString(int error)
case HASH_TYPE_E:
return "Hash type not enabled/available";
case WC_PENDING_E:
return "wolfCrypt Operation Pending (would block / eagain) error";
default:
return "unknown error number";

14
wolfcrypt/src/hash.c
View File

@ -44,6 +44,7 @@ int wc_HashGetOID(enum wc_HashType hash_type)
oid = MD2h;
#endif
break;
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_MD5:
#ifndef NO_MD5
oid = MD5h;
@ -110,6 +111,11 @@ int wc_HashGetDigestSize(enum wc_HashType hash_type)
case WC_HASH_TYPE_SHA512:
#ifdef WOLFSSL_SHA512
dig_size = SHA512_DIGEST_SIZE;
#endif
break;
case WC_HASH_TYPE_MD5_SHA:
#if !defined(NO_MD5) && !defined(NO_SHA)
dig_size = MD5_DIGEST_SIZE + SHA_DIGEST_SIZE;
#endif
break;
@ -168,6 +174,14 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data,
case WC_HASH_TYPE_SHA512:
#ifdef WOLFSSL_SHA512
ret = wc_Sha512Hash(data, data_len, hash);
#endif
break;
case WC_HASH_TYPE_MD5_SHA:
#if !defined(NO_MD5) && !defined(NO_SHA)
ret = wc_Md5Hash(data, data_len, hash);
if (ret == 0) {
ret = wc_ShaHash(data, data_len, &hash[MD5_DIGEST_SIZE]);
}
#endif
break;

16
wolfcrypt/src/pkcs7.c
View File

@ -130,7 +130,7 @@ int wc_GetContentType(const byte* input, word32* inOutIdx, word32* oid,
word32 maxIdx)
{
WOLFSSL_ENTER("wc_GetContentType");
if (GetObjectId(input, inOutIdx, oid, ignoreType, maxIdx) < 0)
if (GetObjectId(input, inOutIdx, oid, oidIgnoreType, maxIdx) < 0)
return ASN_PARSE_E;
return 0;
@ -396,10 +396,10 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
esd->signerVersionSz = SetMyVersion(1, esd->signerVersion, 0);
signerInfoSz += esd->signerVersionSz;
esd->signerDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd->signerDigAlgoId,
hashType, 0);
oidHashType, 0);
signerInfoSz += esd->signerDigAlgoIdSz;
esd->digEncAlgoIdSz = SetAlgoID(pkcs7->encryptOID, esd->digEncAlgoId,
keyType, 0);
oidKeyType, 0);
signerInfoSz += esd->digEncAlgoIdSz;
if (pkcs7->signedAttribsSz != 0) {
@ -576,7 +576,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
esd->certsSet);
esd->singleDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd->singleDigAlgoId,
hashType, 0);
oidHashType, 0);
esd->digAlgoIdSetSz = SetSet(esd->singleDigAlgoIdSz, esd->digAlgoIdSet);
@ -1033,7 +1033,7 @@ WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
return ALGO_ID_E;
}
keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, keyType, 0);
keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, oidKeyType, 0);
if (keyEncAlgSz == 0) {
FreeDecodedCert(decoded);
#ifdef WOLFSSL_SMALL_STACK
@ -1319,7 +1319,7 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
/* build up our ContentEncryptionAlgorithmIdentifier sequence,
* adding (ivOctetStringSz + DES_BLOCK_SIZE) for IV OCTET STRING */
contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo,
blkType, ivOctetStringSz + DES_BLOCK_SIZE);
oidBlkType, ivOctetStringSz + DES_BLOCK_SIZE);
if (contentEncAlgoSz == 0) {
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -1592,7 +1592,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
XFREE(serialNum, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (GetAlgoId(pkiMsg, &idx, &encOID, keyType, pkiMsgSz) < 0) {
if (GetAlgoId(pkiMsg, &idx, &encOID, oidKeyType, pkiMsgSz) < 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
@ -1653,7 +1653,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
return ASN_PARSE_E;
}
if (GetAlgoId(pkiMsg, &idx, &encOID, blkType, pkiMsgSz) < 0) {
if (GetAlgoId(pkiMsg, &idx, &encOID, oidBlkType, pkiMsgSz) < 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif

1
wolfssl/error-ssl.h
View File

@ -141,6 +141,7 @@ enum wolfSSL_ErrorCodes {
UNKNOWN_ALPN_PROTOCOL_NAME_E = -405, /* Unrecognized protocol name Error*/
BAD_CERTIFICATE_STATUS_ERROR = -406, /* Bad certificate status message */
OCSP_INVALID_STATUS = -407, /* Invalid OCSP Status */
ASYNC_NOT_PENDING = -408, /* Async operation not pending */
/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */

92
wolfssl/internal.h
View File

@ -153,6 +153,10 @@
#include "zlib.h"
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/async.h>
#endif
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
#pragma warning(disable: 4996)
@ -1818,6 +1822,22 @@ WOLFSSL_LOCAL int TLSX_ValidateQSHScheme(TLSX** extensions, word16 name);
#endif /* HAVE_QSH */
#ifdef HAVE_WOLF_EVENT
typedef struct {
WOLF_EVENT* head; /* head of queue */
WOLF_EVENT* tail; /* tail of queue */
#ifndef SINGLE_THREADED
wolfSSL_Mutex lock; /* queue lock */
#endif
} WOLF_EVENT_QUEUE;
WOLFSSL_LOCAL int wolfSSL_EventInit(WOLFSSL* ssl, WOLF_EVENT_TYPE type);
WOLFSSL_LOCAL int wolfSSL_CTX_EventPush(WOLFSSL_CTX* ctx, WOLF_EVENT* event);
#endif /* HAVE_WOLF_EVENT */
/* wolfSSL context type */
struct WOLFSSL_CTX {
WOLFSSL_METHOD* method;
@ -1924,6 +1944,9 @@ struct WOLFSSL_CTX {
CallbackRsaDec RsaDecCb; /* User Rsa Private Decrypt handler */
#endif /* NO_RSA */
#endif /* HAVE_PK_CALLBACKS */
#ifdef HAVE_WOLF_EVENT
WOLF_EVENT_QUEUE event_queue;
#endif /* HAVE_WOLF_EVENT */
};
@ -2188,12 +2211,22 @@ enum AcceptState {
ACCEPT_THIRD_REPLY_DONE
};
/* sub-states for send/do key share (key exchange) */
enum KeyShareState {
KEYSHARE_BEGIN = 0,
KEYSHARE_BUILD,
KEYSHARE_VERIFY,
KEYSHARE_FINALIZE,
KEYSHARE_END
};
/* buffers for struct WOLFSSL */
typedef struct Buffers {
bufferStatic inputBuffer;
bufferStatic outputBuffer;
buffer domainName; /* for client check */
buffer clearOutputBuffer;
buffer sig; /* signature data */
int prevSent; /* previous plain text bytes sent
when got WANT_WRITE */
int plainSz; /* plain text bytes in buffer to send
@ -2301,6 +2334,8 @@ typedef struct Options {
byte minDowngrade; /* minimum downgrade version */
byte connectState; /* nonblocking resume */
byte acceptState; /* nonblocking resume */
byte keyShareState; /* sub-state for key share (key exchange).
See enum KeyShareState. */
#ifndef NO_DH
word16 minDhKeySz; /* minimum DH key size */
word16 dhKeySz; /* actual DH key size */
@ -2535,6 +2570,12 @@ struct WOLFSSL {
HandShakeDoneCb hsDoneCb; /* notify user handshake done */
void* hsDoneCtx; /* user handshake cb context */
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
AsyncCrypt async;
#endif
void* sigKey; /* RsaKey or ecc_key allocated from heap */
word32 sigType; /* Type of sigKey */
word32 sigLen; /* Actual signature length */
WOLFSSL_CIPHER cipher;
hmacfp hmac;
Ciphers encrypt;
@ -2683,6 +2724,12 @@ struct WOLFSSL {
#ifdef WOLFSSL_JNI
void* jObjectRef; /* reference to WolfSSLSession in JNI wrapper */
#endif /* WOLFSSL_JNI */
#ifdef HAVE_WOLF_EVENT
WOLF_EVENT event;
#endif /* HAVE_WOLF_EVENT */
#ifdef WOLFSSL_ASYNC_CRYPT_TEST
AsyncCryptTests asyncCryptTest;
#endif /* WOLFSSL_ASYNC_CRYPT_TEST */
};
@ -2834,10 +2881,29 @@ WOLFSSL_LOCAL void ShrinkOutputBuffer(WOLFSSL* ssl);
WOLFSSL_LOCAL int VerifyClientSuite(WOLFSSL* ssl);
#ifndef NO_CERTS
#ifndef NO_RSA
WOLFSSL_LOCAL int VerifyRsaSign(const byte* sig, word32 sigSz,
WOLFSSL_LOCAL int VerifyRsaSign(WOLFSSL* ssl,
const byte* sig, word32 sigSz,
const byte* plain, word32 plainSz,
RsaKey* key);
#endif
WOLFSSL_LOCAL int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
word32* outSz, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx);
WOLFSSL_LOCAL int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz,
byte** out, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx);
WOLFSSL_LOCAL int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out,
word32* outSz, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx);
#endif /* !NO_RSA */
#ifdef HAVE_ECC
WOLFSSL_LOCAL int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, ecc_key* key, byte* keyBuf, word32 keySz,
void* ctx);
WOLFSSL_LOCAL int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32 outSz, ecc_key* key, byte* keyBuf, word32 keySz,
void* ctx);
WOLFSSL_LOCAL int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key,
ecc_key* pub_key, byte* out, word32* outSz);
#endif /* HAVE_ECC */
#ifdef WOLFSSL_TRUST_PEER_CERT
/* options for searching hash table for a matching trusted peer cert */
@ -2849,11 +2915,12 @@ WOLFSSL_LOCAL int VerifyClientSuite(WOLFSSL* ssl);
WOLFSSL_LOCAL int MatchTrustedPeer(TrustedPeerCert* tp,
DecodedCert* cert);
#endif
WOLFSSL_LOCAL Signer* GetCA(void* cm, byte* hash);
#ifndef NO_SKID
WOLFSSL_LOCAL Signer* GetCAByName(void* cm, byte* hash);
#endif
#endif
#endif /* !NO_CERTS */
WOLFSSL_LOCAL int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes,
const byte* sender);
WOLFSSL_LOCAL void FreeArrays(WOLFSSL* ssl, int keep);
@ -2928,6 +2995,25 @@ enum encrypt_side {
WOLFSSL_LOCAL int SetKeysSide(WOLFSSL*, enum encrypt_side);
#ifndef NO_DH
WOLFSSL_LOCAL int DhGenKeyPair(WOLFSSL* ssl,
byte* p, word32 pSz,
byte* g, word32 gSz,
byte* priv, word32* privSz,
byte* pub, word32* pubSz);
WOLFSSL_LOCAL int DhAgree(WOLFSSL* ssl,
byte* p, word32 pSz,
byte* g, word32 gSz,
byte* priv, word32* privSz,
byte* pub, word32* pubSz,
const byte* otherPub, word32 otherPubSz,
byte* agree, word32* agreeSz);
#endif
#ifdef HAVE_ECC
WOLFSSL_LOCAL int EccMakeTempKey(WOLFSSL* ssl);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

33
wolfssl/ssl.h
View File

@ -1780,6 +1780,39 @@ WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
WOLFSSL_API void* wolfSSL_get_jobject(WOLFSSL* ssl);
#endif /* WOLFSSL_JNI */
#ifdef HAVE_WOLF_EVENT
typedef enum WOLF_EVENT_TYPE {
WOLF_EVENT_TYPE_NONE,
#ifdef WOLFSSL_ASYNC_CRYPT
WOLF_EVENT_TYPE_ASYNC_ACCEPT,
WOLF_EVENT_TYPE_ASYNC_CONNECT,
WOLF_EVENT_TYPE_ASYNC_READ,
WOLF_EVENT_TYPE_ASYNC_WRITE,
WOLF_EVENT_TYPE_ASYNC_FIRST = WOLF_EVENT_TYPE_ASYNC_ACCEPT,
WOLF_EVENT_TYPE_ASYNC_LAST = WOLF_EVENT_TYPE_ASYNC_WRITE,
#endif
} WOLF_EVENT_TYPE;
typedef struct WOLF_EVENT WOLF_EVENT;
struct WOLF_EVENT {
WOLF_EVENT* next; /* To support event linked list */
WOLFSSL* ssl; /* Reference back to SSL object */
int ret; /* Async return code */
WOLF_EVENT_TYPE type;
unsigned short pending:1;
unsigned short done:1;
/* Future event flags can go here */
};
enum WOLF_POLL_FLAGS {
WOLF_POLL_FLAG_CHECK_HW = 0x01,
};
WOLFSSL_API int wolfssl_CTX_poll_peek(WOLFSSL_CTX* ctx, int* eventCount);
WOLFSSL_API int wolfSSL_CTX_poll(WOLFSSL_CTX* ctx, WOLF_EVENT* events, int maxEvents,
unsigned char flags, int* eventCount);
#endif /* HAVE_WOLF_EVENT */
#ifdef __cplusplus
} /* extern "C" */
#endif

20
wolfssl/test.h
View File

@ -1907,4 +1907,24 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
#endif /* HAVE_SESSION_TICKET && CHACHA20 && POLY1305 */
#ifdef WOLFSSL_ASYNC_CRYPT
static INLINE int AsyncCryptPoll(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
{
int ret, eventCount = 0;
WOLF_EVENT events[1];
printf("Connect/Accept got WC_PENDING_E\n");
ret = wolfSSL_CTX_poll(ctx, events, sizeof(events)/sizeof(WOLF_EVENT), WOLF_POLL_FLAG_CHECK_HW, &eventCount);
if (ret == 0 && eventCount > 0) {
/* Check the SSL context in the event matches ours */
if (events[0].ssl == ssl) {
ret = 1; /* Success */
}
}
return ret;
}
#endif
#endif /* wolfSSL_TEST_H */

26
wolfssl/wolfcrypt/asn.h
View File

@ -199,19 +199,19 @@ enum Misc_ASN {
enum Oid_Types {
hashType = 0,
sigType = 1,
keyType = 2,
curveType = 3,
blkType = 4,
ocspType = 5,
certExtType = 6,
certAuthInfoType = 7,
certPolicyType = 8,
certAltNameType = 9,
certKeyUseType = 10,
kdfType = 11,
ignoreType
oidHashType = 0,
oidSigType = 1,
oidKeyType = 2,
oidCurveType = 3,
oidBlkType = 4,
oidOcspType = 5,
oidCertExtType = 6,
oidCertAuthInfoType = 7,
oidCertPolicyType = 8,
oidCertAltNameType = 9,
oidCertKeyUseType = 10,
oidKdfType = 11,
oidIgnoreType
};

1
wolfssl/wolfcrypt/error-crypt.h
View File

@ -166,6 +166,7 @@ enum {
BAD_COND_E = -230, /* Bad condition variable operation */
SIG_TYPE_E = -231, /* Signature Type not enabled/available */
HASH_TYPE_E = -232, /* Hash Type not enabled/available */
WC_PENDING_E = -233, /* wolfCrypt operation pending (would block) */
MIN_CODE_E = -300 /* errors -101 - -299 */

1
wolfssl/wolfcrypt/hash.h
View File

@ -38,6 +38,7 @@ enum wc_HashType {
WC_HASH_TYPE_SHA256 = 5,
WC_HASH_TYPE_SHA384 = 6,
WC_HASH_TYPE_SHA512 = 7,
WC_HASH_TYPE_MD5_SHA = 8,
};
/* Find largest possible digest size

15
wolfssl/wolfcrypt/settings.h
View File

@ -135,6 +135,9 @@
/* Uncomment next line if building for ARDUINO */
/* #define WOLFSSL_ARDUINO */
/* Uncomment next line to enable asynchronous crypto WC_PENDING_E */
/* #define WOLFSSL_ASYNC_CRYPT */
#include <wolfssl/wolfcrypt/visibility.h>
#ifdef WOLFSSL_USER_SETTINGS
@ -1147,6 +1150,18 @@ static char *fgets(char *buff, int sz, FILE *fp)
#undef NO_DH
#endif
/* Asynchronous Crypto */
#ifdef WOLFSSL_ASYNC_CRYPT
/* Make sure wolf events are enabled */
#undef HAVE_WOLF_EVENT
#define HAVE_WOLF_EVENT
#else
#ifdef WOLFSSL_ASYNC_CRYPT_TEST
#error Must have WOLFSSL_ASYNC_CRYPT enabled with WOLFSSL_ASYNC_CRYPT_TEST
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
/* Place any other flags or defines here */