mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #461 from JacobBarthelmeh/bio

Browse Source 
Bio
This commit is contained in:
toddouska 2016-06-24 14:50:52 -07:00 committed by GitHub
commit fbef3c2523
28 changed files with 12486 additions and 2218 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -82,6 +82,7 @@ pkcs7envelopedData.der
diff
sslSniffer/sslSnifferTest/tracefile.txt
tracefile.txt
test_bio.txt
*.gz
*.zip
*.bak

2
examples/client/client.c
View File

@ -156,7 +156,7 @@ int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
/* time passed in number of connects give average */
int times = benchmark;
int loops = resumeSession ? 2 : 1;
int i = 0;
int i = 0;
#ifndef NO_SESSION_CACHE
WOLFSSL_SESSION* benchSession = NULL;
#endif

4
src/include.am
View File

@ -63,7 +63,9 @@ src_libwolfssl_la_SOURCES += \
wolfcrypt/src/hmac.c \
wolfcrypt/src/random.c \
wolfcrypt/src/sha256.c \
wolfcrypt/src/hash.c
wolfcrypt/src/hash.c \
wolfcrypt/src/compat-wolfcrypt.c \
wolfcrypt/src/bio.c
if !BUILD_USER_RSA
if BUILD_RSA

537
src/internal.c
View File

@ -33,6 +33,8 @@
#include <wolfssl/error-ssl.h>
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/dh.h>
#include <wolfssl/wolfcrypt/compat-wolfcrypt.h>
#include <wolfssl/wolfcrypt/bio.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
@ -1602,6 +1604,122 @@ void InitCiphers(WOLFSSL* ssl)
#endif
}
#ifdef OPENSSL_EXTRA
/* Set cipher pointers to null */
static void DupCiphers(WOLFSSL* ssl, WOLFSSL* ossl)
{
#ifdef BUILD_ARC4
if (ossl->encrypt.arc4 != NULL) {
ssl->encrypt.arc4 = (Arc4*)XMALLOC(sizeof(Arc4),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->encrypt.arc4, ossl->encrypt.arc4, sizeof(Arc4));
}
if (ossl->decrypt.arc4 != NULL) {
ssl->decrypt.arc4 = (Arc4*)XMALLOC(sizeof(Arc4),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->decrypt.arc4, ossl->decrypt.arc4, sizeof(Arc4));
}
#endif
#ifdef BUILD_DES3
if (ossl->encrypt.des3 != NULL) {
ssl->encrypt.des3 = (Des3*)XMALLOC(sizeof(Des3),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->encrypt.des3, ossl->encrypt.des3, sizeof(Des3));
}
if (ossl->decrypt.des3 != NULL) {
ssl->decrypt.des3 = (Des3*)XMALLOC(sizeof(Des3),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->decrypt.des3, ossl->decrypt.des3, sizeof(Des3));
}
#endif
#ifdef BUILD_AES
if (ossl->encrypt.aes != NULL) {
ssl->encrypt.aes = (Aes*)XMALLOC(sizeof(Aes),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->encrypt.aes, ossl->encrypt.aes, sizeof(Aes));
}
if (ossl->decrypt.aes != NULL) {
ssl->decrypt.aes = (Aes*)XMALLOC(sizeof(Aes),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->decrypt.aes, ossl->decrypt.aes, sizeof(Aes));
}
#endif
#ifdef HAVE_CAMELLIA
if (ossl->encrypt.cam != NULL) {
ssl->encrypt.cam = (Camellia*)XMALLOC(sizeof(Camellia),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->encrypt.cam, ossl->encrypt.cam, sizeof(Camellia));
}
if (ossl->decrypt.cam != NULL) {
ssl->decrypt.cam = (Camellia*)XMALLOC(sizeof(Camellia),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->decrypt.cam, ossl->decrypt.cam, sizeof(Camellia));
}
#endif
#ifdef HAVE_HC128
if (ossl->encrypt.hc128 != NULL) {
ssl->encrypt.hc128 = (HC128*)XMALLOC(sizeof(HC128),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->encrypt.hc128, ossl->encrypt.hc128, sizeof(HC128));
}
if (ossl->decrypt.hc128 != NULL) {
ssl->decrypt.hc128 = (HC128*)XMALLOC(sizeof(HC128),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->decrypt.hc128, ossl->decrypt.hc128, sizeof(HC128));
}
#endif
#ifdef BUILD_RABBIT
if (ossl->encrypt.rabbit != NULL) {
ssl->encrypt.rabbit = (Rabbit*)XMALLOC(sizeof(Rabbit),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->encrypt.rabbit, ossl->encrypt.rabbit, sizeof(Rabbit));
}
if (ossl->decrypt.rabbit != NULL) {
ssl->decrypt.rabbit = (Rabbit*)XMALLOC(sizeof(Rabbit),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->decrypt.rabbit, ossl->decrypt.rabbit, sizeof(Rabbit));
}
#endif
#ifdef HAVE_CHACHA
if (ossl->encrypt.chacha != NULL) {
ssl->encrypt.chacha = (ChaCha*)XMALLOC(sizeof(ChaCha),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->encrypt.chacha, ossl->encrypt.chacha, sizeof(ChaCha));
}
if (ossl->decrypt.chacha != NULL) {
ssl->decrypt.chacha = (ChaCha*)XMALLOC(sizeof(ChaCha),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->decrypt.chacha, ossl->decrypt.chacha, sizeof(ChaCha));
}
#endif
#ifdef HAVE_IDEA
if (ossl->encrypt.idea != NULL) {
ssl->encrypt.idea = (Idea*)XMALLOC(sizeof(Idea),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->encrypt.idea, ossl->encrypt.idea, sizeof(Idea));
}
if (ossl->decrypt.idea != NULL) {
ssl->decrypt.idea = (Idea*)XMALLOC(sizeof(Idea),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->decrypt.idea, ossl->decrypt.idea, sizeof(Idea));
}
#endif
#ifdef HAVE_POLY1305
if (ossl->auth.poly1305 != NULL) {
ssl->auth.poly1305 = (Poly1305*)XMALLOC(sizeof(Poly1305),
ssl->heap, DYNAMIC_TYPE_CIPHER);
XMEMCPY(ssl->auth.poly1305, ossl->auth.poly1305, sizeof(Poly1305));
}
#endif
ssl->encrypt.setup = ossl->encrypt.setup;
ssl->decrypt.setup = ossl->decrypt.setup;
#ifdef HAVE_ONE_TIME_AUTH
ssl->auth.setup = ossl->auth.setup;
#endif
}
#endif /* OPENSSL_EXTRA */
/* Free ciphers */
void FreeCiphers(WOLFSSL* ssl)
@ -1678,6 +1796,23 @@ void InitCipherSpecs(CipherSpecs* cs)
cs->block_size = 0;
}
#ifdef OPENSSL_EXTRA
static void DupCipherSpecs(CipherSpecs* cs, CipherSpecs* ocs)
{
cs->bulk_cipher_algorithm = ocs->bulk_cipher_algorithm;
cs->cipher_type = ocs->cipher_type;
cs->mac_algorithm = ocs->mac_algorithm;
cs->kea = ocs->kea;
cs->sig_algo = ocs->sig_algo;
cs->hash_size = ocs->hash_size;
cs->static_ecdh = ocs->static_ecdh;
cs->key_size = ocs->key_size;
cs->iv_size = ocs->iv_size;
cs->block_size = ocs->block_size;
}
#endif /* OPENSSL_EXTRA */
static void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig,
int haveRSAsig, int haveAnon)
{
@ -2569,6 +2704,20 @@ void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag)
}
}
#ifdef OPENSSL_EXTRA
static int DupX509Name(WOLFSSL_X509_NAME* name, WOLFSSL_X509_NAME* oname)
{
if (name == NULL || oname == NULL)
return BAD_FUNC_ARG;
name->name = name->staticName;
XMEMCPY(name->staticName, oname->staticName, sizeof(oname->staticName));
name->dynamicName = oname->dynamicName;
XMEMCPY(&name->fullName, &oname->fullName, sizeof(DecodedName));
return 0;
}
#endif /* OPENSSL_EXTRA */
void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
{
@ -2626,6 +2775,79 @@ void InitX509(WOLFSSL_X509* x509, int dynamicFlag, void* heap)
#endif /* OPENSSL_EXTRA */
}
#ifdef OPENSSL_EXTRA
static int DupX509(WOLFSSL_X509* x509, WOLFSSL_X509* ox509)
{
if (x509 == NULL || ox509 == NULL) {
WOLFSSL_ERROR(BAD_FUNC_ARG);
return BAD_FUNC_ARG;
}
DupX509Name(&x509->issuer, &ox509->issuer);
DupX509Name(&x509->subject, &ox509->subject);
x509->version = ox509->version;
if (ox509->pubKey.buffer != NULL)
XMEMCPY(x509->pubKey.buffer, ox509->pubKey.buffer, sizeof(Buffers));
if (ox509->sig.buffer != NULL)
XMEMCPY(x509->sig.buffer, ox509->sig.buffer, sizeof(Buffers));
if (ox509->derCert->buffer != NULL)
XMEMCPY(x509->derCert->buffer, ox509->derCert->buffer, sizeof(Buffers));
if (ox509->altNames != NULL)
XMEMCPY(x509->altNames, ox509->altNames, sizeof(DNS_entry));
if (ox509->altNamesNext != NULL)
XMEMCPY(x509->altNamesNext, ox509->altNamesNext, sizeof(DNS_entry));
x509->dynamicMemory = ox509->dynamicMemory;
x509->isCa = ox509->isCa;
#ifdef HAVE_ECC
x509->pkCurveOID = ox509->pkCurveOID;
#endif /* HAVE_ECC */
x509->pathLength = ox509->pathLength;
x509->basicConstSet = ox509->basicConstSet;
x509->basicConstCrit = ox509->basicConstCrit;
x509->basicConstPlSet = ox509->basicConstPlSet;
x509->subjAltNameSet = ox509->subjAltNameSet;
x509->subjAltNameCrit = ox509->subjAltNameCrit;
x509->authKeyIdSet = ox509->authKeyIdSet;
x509->authKeyIdCrit = ox509->authKeyIdCrit;
if (ox509->authKeyId != NULL && ox509->authKeyIdSz) {
x509->authKeyId = (byte*)XMALLOC(ox509->authKeyIdSz, NULL,
DYNAMIC_TYPE_X509_EXT);
if (x509->authKeyId == NULL)
return MEMORY_E;
XMEMCPY(x509->authKeyId, ox509->authKeyId, ox509->authKeyIdSz);
x509->authKeyIdSz = ox509->authKeyIdSz;
}
x509->subjKeyIdSet = ox509->subjKeyIdSet;
x509->subjKeyIdCrit = ox509->subjKeyIdCrit;
if (ox509->subjKeyId != NULL && ox509->subjKeyIdSz) {
x509->subjKeyId = (byte*)XMALLOC(ox509->subjKeyIdSz, NULL,
DYNAMIC_TYPE_X509_EXT);
if (x509->subjKeyId == NULL)
return MEMORY_E;
XMEMCPY(x509->subjKeyId, ox509->subjKeyId, ox509->subjKeyIdSz);
x509->subjKeyIdSz = ox509->subjKeyIdSz;
}
x509->keyUsageSet = ox509->keyUsageSet;
x509->keyUsageCrit = ox509->keyUsageCrit;
x509->keyUsage = ox509->keyUsage;
#ifdef WOLFSSL_SEP
x509->certPolicySet = ox509->certPolicySet;
x509->certPolicyCrit = ox509->certPolicyCrit;
#endif /* WOLFSSL_SEP */
return 0;
}
#endif /* OPENSSL_EXTRA */
/* Free wolfSSL X509 type */
void FreeX509(WOLFSSL_X509* x509)
@ -3471,6 +3693,317 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
}
#ifdef OPENSSL_EXTRA
static int DupArrays(Arrays *arrays, Arrays *oarrays, void *heap)
{
if (arrays == NULL || oarrays == NULL) {
WOLFSSL_MSG("need valid arrays objects");
return BAD_FUNC_ARG;
}
if (oarrays->pendingMsg != NULL && oarrays->pendingMsgSz) {
arrays->pendingMsg = (byte *)XMALLOC(oarrays->pendingMsgSz, heap, DYNAMIC_TYPE_SSL);
if (arrays->pendingMsg == NULL)
return MEMORY_E;
XMEMCPY(arrays->pendingMsg, oarrays->pendingMsg, oarrays->pendingMsgSz);
arrays->pendingMsgSz = oarrays->pendingMsgSz;
}
arrays->pendingMsgOffset = oarrays->pendingMsgOffset;
arrays->preMasterSz = oarrays->preMasterSz;
#ifndef NO_PSK
arrays->psk_keySz = oarrays->psk_keySz;
XMEMCPY(arrays->client_identity, oarrays->client_identity,
sizeof(oarrays->client_identity));
XMEMCPY(arrays->server_hint, oarrays->server_hint,
sizeof(oarrays->server_hint));
XMEMCPY(arrays->psk_key, oarrays->psk_key,
sizeof(oarrays->psk_key));
#endif
XMEMCPY(arrays->clientRandom, oarrays->clientRandom,
sizeof(oarrays->clientRandom));
XMEMCPY(arrays->serverRandom, oarrays->serverRandom,
sizeof(oarrays->serverRandom));
XMEMCPY(arrays->sessionID, oarrays->sessionID,
sizeof(oarrays->sessionID));
XMEMCPY(arrays->preMasterSecret, oarrays->preMasterSecret,
sizeof(oarrays->preMasterSecret));
XMEMCPY(arrays->masterSecret, oarrays->masterSecret,
sizeof(oarrays->masterSecret));
arrays->sessionIDSz = oarrays->sessionIDSz;
#ifdef WOLFSSL_DTLS
XMEMCPY(arrays->cookie, oarrays->cookie, sizeof(oarrays->cookie));
arrays->cookieSz = oarrays->cookieSz;
#endif
arrays->pendingMsgType = oarrays->pendingMsgType;
return 0;
}
static int DupBufferStatic(bufferStatic *buf, bufferStatic *obuf,
void *heap, int type)
{
if (buf == NULL || obuf == NULL) {
WOLFSSL_MSG("need valid BufferStatic objects");
return BAD_FUNC_ARG;
}
buf->dynamicFlag = obuf->dynamicFlag;
buf->bufferSize = obuf->bufferSize;
buf->length = obuf->length;
buf->idx = obuf->idx;
buf->offset = obuf->offset;
XMEMCPY(buf->staticBuffer, obuf->staticBuffer, sizeof(obuf->staticBuffer));
if (buf->dynamicFlag) {
buf->buffer = (byte *)XMALLOC(buf->bufferSize, heap, type);
if (buf->buffer == NULL)
return MEMORY_E;
XMEMCPY(buf->buffer, obuf->buffer, obuf->bufferSize);
}
else
buf->buffer = buf->staticBuffer;
return 0;
}
static int DupBuffer(buffer *buf, buffer *obuf, void *heap)
{
if (buf == NULL || obuf == NULL) {
WOLFSSL_MSG("need valid Buffer objects");
return BAD_FUNC_ARG;
}
buf->length = obuf->length;
if (obuf->buffer != NULL && obuf->length) {
buf->buffer = (byte *)XMALLOC(buf->length,
heap, DYNAMIC_TYPE_TMP_BUFFER);
if (buf->buffer == NULL)
return MEMORY_E;
XMEMCPY(buf->buffer, obuf->buffer, obuf->length);
}
return 0;
}
static int DupBuffers(Buffers *buf, Buffers *obuf, void *heap)
{
int ret;
if (buf == NULL || obuf == NULL) {
WOLFSSL_MSG("need valid Buffers objects");
return BAD_FUNC_ARG;
}
ret = DupBufferStatic(&buf->inputBuffer, &obuf->inputBuffer,
heap, DYNAMIC_TYPE_IN_BUFFER);
if (ret != 0)
return ret;
ret = DupBufferStatic(&buf->outputBuffer, &obuf->outputBuffer,
heap, DYNAMIC_TYPE_OUT_BUFFER);
if (ret != 0)
return ret;
ret = DupBuffer(&buf->domainName, &obuf->domainName, heap);
if (ret != 0)
return ret;
buf->clearOutputBuffer = obuf->clearOutputBuffer;
buf->prevSent = obuf->prevSent;
buf->plainSz = obuf->plainSz;
buf->weOwnCert = obuf->weOwnCert;
buf->weOwnCertChain = obuf->weOwnCertChain;
buf->weOwnDH = obuf->weOwnDH;
buf->weOwnKey = obuf->weOwnKey;
#ifndef NO_DH
ret = DupBuffer(&buf->serverDH_Pub, &obuf->serverDH_Pub, heap);
if (ret != 0)
return ret;
ret = DupBuffer(&buf->serverDH_Priv, &obuf->serverDH_Priv, heap);
if (ret != 0)
return ret;
#endif
#ifndef NO_CERTS
/* ctx still owns certificate, certChain, key, dh, and cm */
buf->certificate = obuf->certificate;
buf->certChain = obuf->certChain;
buf->key = obuf->key;
#endif
#ifdef WOLFSSL_DTLS
XMEMCPY(&buf->dtlsCtx, &obuf->dtlsCtx, sizeof(WOLFSSL_DTLS_CTX));
#ifndef NO_WOLFSSL_SERVER
ret = DupBuffer(&buf->dtlsCookieSecret, &obuf->dtlsCookieSecret, heap);
if (ret != 0)
return ret;
#endif /* NO_WOLFSSL_SERVER */
#endif
#ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC
ret = DupBuffer(&buf->peerEccDsaKey, &obuf->peerEccDsaKey, heap);
if (ret != 0)
return ret;
#endif /* HAVE_ECC */
#ifndef NO_RSA
ret = DupBuffer(&buf->peerRsaKey, &obuf->peerRsaKey, heap);
if (ret != 0)
return ret;
#endif /* NO_RSA */
#endif /* HAVE_PK_CALLBACKS */
return 0;
}
/* init everything to 0, NULL, default values before calling anything that may
fail so that destructor has a "good" state to cleanup
0 on success */
int DupSSL(WOLFSSL* ssl, WOLFSSL* ossl)
{
int ret;
if (ssl == NULL || ossl == NULL) {
WOLFSSL_MSG("need valid ssl objects");
return BAD_FUNC_ARG;
}
ret = DupBuffers(&ssl->buffers, &ossl->buffers, ssl->heap);
if (ret != 0)
return ret;
#ifndef NO_DH
/* Don't copy if (p,g) owned by ctx */
if (ssl->buffers.weOwnDH || ssl->options.side == WOLFSSL_CLIENT_END) {
ret = DupBuffer(&ssl->buffers.serverDH_P,
&ossl->buffers.serverDH_P, ssl->heap);
if (ret != 0)
return ret;
ret = DupBuffer(&ssl->buffers.serverDH_G,
&ossl->buffers.serverDH_G, ssl->heap);
if (ret != 0)
return ret;
}
#endif
#ifdef KEEP_PEER_CERT
ret = DupX509(&ssl->peerCert, &ossl->peerCert);
if (ret != 0)
return ret;
#endif
ssl->rfd = ossl->rfd;
ssl->wfd = ossl->wfd;
ssl->IOCB_ReadCtx = &ssl->rfd;
ssl->IOCB_WriteCtx = &ssl->wfd;
#ifdef HAVE_NETX
ssl->IOCB_ReadCtx = &ssl->nxCtx;
ssl->IOCB_WriteCtx = &ssl->nxCtx;
#endif
#ifdef WOLFSSL_DTLS
ssl->dtls_expected_rx = ossl->dtls_expected_rx;
#endif
/* options */
XMEMCPY(&ssl->options, &ossl->options, sizeof(Options));
#ifdef WOLFSSL_DTLS
ssl->dtls_timeout_init = ossl->dtls_timeout_init;
ssl->dtls_timeout_max = ossl->dtls_timeout_max;
ssl->dtls_timeout = ossl->dtls_timeout;
#endif
ssl->hmac = ossl->hmac;
#ifdef WOLFSSL_DTLS
ssl->buffers.dtlsCtx.fd = ossl->buffers.dtlsCtx.fd;
#endif
ssl->cipher.ssl = ssl;
#ifdef HAVE_TLS_EXTENSIONS
#ifdef HAVE_MAX_FRAGMENT
ssl->max_fragment = ossl->max_fragment;
#endif
#ifdef HAVE_ALPN
ssl->alpn_client_list = ossl->alpn_client_list;
#endif
#endif
/* default alert state (none) */
ssl->alert_history.last_rx.code = ossl->alert_history.last_rx.code;
ssl->alert_history.last_rx.level = ossl->alert_history.last_rx.level;
ssl->alert_history.last_tx.code = ossl->alert_history.last_tx.code;
ssl->alert_history.last_tx.level = ossl->alert_history.last_tx.level;
DupCiphers(ssl, ossl);
DupCipherSpecs(&ssl->specs, &ossl->specs);
/* arrays */
ret = DupArrays(ssl->arrays, ossl->arrays, ssl->heap);
if (ret != 0)
return ret;
/* suites */
XMEMCPY(ssl->suites, ossl->suites, sizeof(Suites));
/* versions */
XMEMCPY(&ssl->version, &ossl->version, sizeof(ProtocolVersion));
XMEMCPY(&ssl->chVersion, &ossl->chVersion, sizeof(ProtocolVersion));
/* hsHashes */
XMEMCPY(&ssl->hsHashes->verifyHashes, &ossl->hsHashes->verifyHashes,
sizeof(Hashes));
XMEMCPY(&ssl->hsHashes->certHashes, &ossl->hsHashes->certHashes,
sizeof(Hashes));
#ifndef NO_OLD_TLS
#ifndef NO_MD5
XMEMCPY(&ssl->hsHashes->hashMd5, &ossl->hsHashes->hashMd5, sizeof(Md5));
#endif
#ifndef NO_SHA
XMEMCPY(&ssl->hsHashes->hashSha, &ossl->hsHashes->hashSha, sizeof(Sha));
#endif
#endif
#ifndef NO_SHA256
XMEMCPY(&ssl->hsHashes->hashSha256, &ossl->hsHashes->hashSha256, sizeof(Sha256));
#endif
#ifdef WOLFSSL_SHA384
XMEMCPY(&ssl->hsHashes->hashSha384, &ossl->hsHashes->hashSha384, sizeof(Sha384));
#endif
#ifdef WOLFSSL_SHA512
XMEMCPY(&ssl->hsHashes->hashSha512, &ossl->hsHashes->hashSha512, sizeof(Sha512));
#endif
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
if (ssl->options.dtls && ssl->options.side == WOLFSSL_SERVER_END) {
ssl->buffers.dtlsCookieSecret.length = ossl->buffers.dtlsCookieSecret.length;
XMEMCPY(ssl->buffers.dtlsCookieSecret.buffer,
ossl->buffers.dtlsCookieSecret.buffer,
ossl->buffers.dtlsCookieSecret.length);
}
#endif /* WOLFSSL_DTLS && !NO_WOLFSSL_SERVER */
#ifdef HAVE_SECRET_CALLBACK
ssl->sessionSecretCb = ossl->sessionSecretCb;
ssl->sessionSecretCtx = ossl->sessionSecretCtx;
#endif
return 0;
}
#endif /* OPENSSL_EXTRA */
/* free use of temporary arrays */
void FreeArrays(WOLFSSL* ssl, int keep)
{
@ -3589,8 +4122,8 @@ void SSL_ResourceFree(WOLFSSL* ssl)
#endif /* WOLFSSL_DTLS */
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
if (ssl->biord != ssl->biowr) /* only free write if different */
wolfSSL_BIO_free(ssl->biowr);
wolfSSL_BIO_free(ssl->biord); /* always free read bio */
wc_BioFree(ssl->biowr);
wc_BioFree(ssl->biord); /* always free read bio */
#endif
#ifdef HAVE_LIBZ
FreeStreams(ssl);

2402
src/ssl.c
View File

File diff suppressed because it is too large Load Diff

8
src/tls.c
View File

@ -3077,10 +3077,10 @@ int TLSX_UseSecureRenegotiation(TLSX** extensions, void* heap)
}
#define SCR_FREE_ALL(data, heap) XFREE(data, (heap), DYNAMIC_TYPE_TLSX)
#define SCR_GET_SIZE TLSX_SecureRenegotiation_GetSize
#define SCR_WRITE TLSX_SecureRenegotiation_Write
#define SCR_PARSE TLSX_SecureRenegotiation_Parse
#define SCR_FREE_ALL(data, heap) XFREE((data), (heap), DYNAMIC_TYPE_TLSX)
#define SCR_GET_SIZE TLSX_SecureRenegotiation_GetSize
#define SCR_WRITE TLSX_SecureRenegotiation_Write
#define SCR_PARSE TLSX_SecureRenegotiation_Parse
#else

762
tests/api.c
View File

@ -39,6 +39,7 @@
#include <stdlib.h>
#include <wolfssl/ssl.h> /* compatibility layer */
#include <wolfssl/wolfcrypt/bio.h>
#include <wolfssl/test.h>
#include <tests/unit.h>
@ -742,6 +743,588 @@ done2:
return;
}
/* BIO test */
#if defined(OPENSSL_EXTRA)
static THREAD_RETURN WOLFSSL_THREAD test_server_bio(void* args)
{
SOCKET_T sockfd = 0;
SOCKET_T clientfd = 0;
word16 port = wolfSSLPort;
WOLFCRYPT_BIO *bio = 0;
char msg[] = "Server BIO, I hear you fa shizzle!";
char input[1024];
int idx;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
((func_args*)args)->return_code = TEST_FAIL;
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 1);
CloseSocket(sockfd);
bio = wc_BioNew(wc_Bio_s_socket());
if (bio == NULL) {
printf("wc_BioNew failed\n");
goto done;
}
wc_BioSetFd(bio, clientfd, BIO_NOCLOSE);
read_again:
idx = wc_BioRead(bio, input, sizeof(input)-1);
if (idx <= 0) {
if (wc_BioShouldRetry(bio)) {
printf("Retry read\n");
goto read_again;
}
printf("wc_BioWrite failed\n");
goto done;
}
input[idx] = 0;
printf("BioSrv, Client message: %s\n", input);
if (wc_BioWrite(bio, msg, sizeof(msg)) != sizeof(msg)) {
printf("wc_BioWrite failed\n");
#ifdef WOLFSSL_TIRTOS
return;
#else
return 0;
#endif
}
#ifdef WOLFSSL_TIRTOS
Task_yield();
#endif
done:
if (bio != 0)
wc_BioFreeAll(bio);
CloseSocket(clientfd);
((func_args*)args)->return_code = TEST_SUCCESS;
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#ifndef WOLFSSL_TIRTOS
return 0;
#endif
}
static void test_client_bio(void* args)
{
WOLFCRYPT_BIO* bio = 0;
char msg[64] = "Client BIO, hello wolfssl!";
char reply[1024];
#ifdef TEST_IPV6
SOCKET_T sockfd = 0;
#else
char ip[] = {127, 0, 0, 1};
#endif
int input, port;
int msgSz = (int)strlen(msg);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
((func_args*)args)->return_code = TEST_FAIL;
#ifdef TEST_IPV6
bio = wc_BioNew(wc_Bio_s_socket());
#else
bio = wc_BioNew(wc_Bio_s_connect());
#endif
if (bio == NULL) {
printf("wc_BioNew failed\n");
goto done2;
}
port = ((func_args*)args)->signal->port;
#ifdef TEST_IPV6
tcp_connect(&sockfd, wolfSSLIP, port, 0, NULL);
wc_BioSetFd(bio, sockfd, BIO_NOCLOSE);
#else
wc_BioSetConnIp(bio, ip);
wc_BioSetConnIntPort(bio, &port);
/* start connection */
input = (int)wc_BioDoConnect(bio);
if (input <= 0) {
printf("wc_BioDoConnect failed : %d\n", input);
goto done2;
}
#endif
if (wc_BioWrite(bio, msg, msgSz) != msgSz) {
printf("wc_BioWrite failed");
goto done2;
}
read_again:
input = wc_BioRead(bio, reply, sizeof(reply)-1);
if (input <= 0) {
if (wc_BioShouldRetry(bio)) {
printf("Retry read\n");
goto read_again;
}
printf("wc_BioRead failed");
goto done2;
}
reply[input] = 0;
printf("BioCli, Server response: %s\n", reply);
done2:
if (bio != 0)
wc_BioFreeAll(bio);
((func_args*)args)->return_code = TEST_SUCCESS;
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
return;
}
#ifndef TEST_IPV6
static THREAD_RETURN WOLFSSL_THREAD test_server_full_bio(void* args)
{
WOLFCRYPT_BIO *abio = 0, *cbio = 0;
char buf[256];
char msg[] = "I hear you fa shizzle!";
int r;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
((func_args*)args)->return_code = TEST_FAIL;
abio = wc_BioNew(wc_Bio_s_accept());
if (abio == NULL) {
printf("wc_Bio_s_accept failed\n");
goto done;
}
snprintf(buf, sizeof(buf), "%s:%d", wolfSSLIP, wolfSSLPort);
if (wc_BioSetAcceptPort(abio, buf) <= 0) {
printf("wc_BioSetAcceptPort failed\n");
goto done;
}
XMEMSET(buf, 0, sizeof(buf));
/* force SO_REUSEADDR */
wc_BioSetBindMode(abio, BIO_BIND_REUSEADDR);
/* force NO_SIGPIPE and TCP_NODELAY */
wc_BioSetSocketOptions(abio, BIO_OPT_TCP_NO_DELAY|BIO_OPT_IGN_SIGPIPE);
/* First call to wc_BioAccept() sets up accept BIO */
if (wc_BioDoAccept(abio) <= 0) {
printf("Error setting up accept\n");
goto done;
}
/* activate Thread */
tcp_set_ready(args, wolfSSLPort, 0);
/* Wait for incoming connection */
if (wc_BioDoAccept(abio) <= 0) {
printf("Error accepting connection\n");
goto done;
}
/* Retrieve BIO for connection */
cbio = wc_BioPop(abio);
wc_BioPuts(cbio, msg);
/* Close accept BIO to refuse further connections */
wc_BioFree(abio);
abio = 0;
/* Read msg, send ack */
do {
XMEMSET(buf, 0, sizeof(buf));
r = wc_BioRead(cbio, buf, sizeof(buf));
if (r <= 0) {
if (wc_BioShouldRetry(cbio)) {
printf("Retry read\n");
continue;
}
printf("wc_BioRead failed\n");
break;
}
if (r >= 3 && !XSTRNCMP("end", buf, 3)) {
printf("BioFullSrv, Client close connection\n");
break;
}
buf[r] = 0;
printf("BioFullSrv, Client sent: %s\n", buf);
wc_BioPuts(cbio, "Server ACK");
} while (1);
done:
if (abio != 0)
wc_BioFree(abio);
if (cbio != 0)
wc_BioFree(cbio);
((func_args*)args)->return_code = TEST_SUCCESS;
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#ifndef WOLFSSL_TIRTOS
return 0;
#endif
}
static void test_client_full_bio(void* args)
{
WOLFCRYPT_BIO* bio = 0;
char msg[64] = "Hello wolfssl!";
char reply[1024];
#ifdef TEST_IPV6
SOCKET_T sockfd = 0;
#else
char ip[] = {127, 0, 0, 1};
#endif
int input, port;
int msgSz = (int)strlen(msg);
printf("client\n");
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
((func_args*)args)->return_code = TEST_FAIL;
#ifdef TEST_IPV6
bio = wc_BioNew(wc_Bio_s_socket());
#else
bio = wc_BioNew(wc_Bio_s_connect());
#endif
if (bio == NULL) {
printf("wc_BioNew failed\n");
goto done;
}
port = ((func_args*)args)->signal->port;
#ifdef TEST_IPV6
tcp_connect(&sockfd, wolfSSLIP, port, 0, NULL);
wc_BioSetFd(bio, sockfd, BIO_NOCLOSE);
#else
wc_BioSetConnIp(bio, ip);
wc_BioSetConnIntPort(bio, &port);
printf("client do connect\n");
/* start connection */
input = (int)wc_BioDoConnect(bio);
if (input <= 0) {
printf("wc_BioDoConnect failed : %d\n", input);
goto done;
}
printf("done\n");
#endif
read_again:
input = wc_BioRead(bio, reply, sizeof(reply)-1);
if (input <= 0) {
if (wc_BioShouldRetry(bio)) {
printf("Retry read\n");
goto read_again;
}
printf("wc_BioRead failed");
goto done;
}
reply[input] = 0;
printf("BioFullCli, Server sent: %s\n", reply);
if (wc_BioWrite(bio, msg, msgSz) != msgSz) {
printf("wc_BioWrite failed");
goto done;
}
read_again2:
input = wc_BioRead(bio, reply, sizeof(reply)-1);
if (input <= 0) {
if (wc_BioShouldRetry(bio)) {
printf("Retry read\n");
goto read_again2;
}
printf("wc_BioRead failed");
goto done;
}
reply[input] = 0;
printf("BioFullCli, Server response: %s\n", reply);
/* close */
if (wc_BioWrite(bio, "end", 3) != 3) {
printf("wc_BioWrite failed");
goto done;
}
done:
if (bio != 0)
wc_BioFreeAll(bio);
((func_args*)args)->return_code = TEST_SUCCESS;
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
}
#endif /* TEST_IPV6 */
/* BIO SSL test */
static THREAD_RETURN WOLFSSL_THREAD test_server_bio_ssl(void* args)
{
SOCKET_T sockfd = 0;
SOCKET_T clientfd = 0;
word16 port = wolfSSLPort;
WOLFCRYPT_BIO *ssl_bio = 0;
WOLFSSL_METHOD* method = 0;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
char msg[] = "Server BIO_SSL, I hear you fa shizzle!";
char input[1024];
int idx;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
((func_args*)args)->return_code = TEST_FAIL;
method = wolfSSLv23_server_method();
ctx = wolfSSL_CTX_new(method);
wolfSSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
#ifdef OPENSSL_EXTRA
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
if (wolfSSL_CTX_load_verify_locations(ctx, cliCert, 0) != SSL_SUCCESS)
{
/*err_sys("can't load ca file, Please run from wolfSSL home dir");*/
goto done;
}
if (wolfSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
{
/*err_sys("can't load server cert chain file, "
"Please run from wolfSSL home dir");*/
goto done;
}
if (wolfSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
{
/*err_sys("can't load server key file, "
"Please run from wolfSSL home dir");*/
goto done;
}
ssl = wolfSSL_new(ctx);
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 1);
CloseSocket(sockfd);
wolfSSL_set_fd(ssl, clientfd);
#ifdef NO_PSK
#if !defined(NO_FILESYSTEM) && !defined(NO_DH)
wolfSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
#elif !defined(NO_DH)
SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
#endif
#endif
ssl_bio = wc_BioNew(wc_Bio_f_ssl());
if (ssl_bio == NULL) {
printf("wc_BioNew failed\n");
goto done;
}
wc_BioSetSSL(ssl_bio, ssl, BIO_NOCLOSE);
/* Setup accept BIO */
if (wc_BioDoAccept(ssl_bio) <= 0) {
printf("wc_BioDoAccept failed\n");
goto done;
}
/* Now wait for incoming connection */
if (wc_BioDoHandshake(ssl_bio) <= 0) {
printf("wc_BioDoHandshake failed\n");
goto done;
}
read_again:
idx = wc_BioRead(ssl_bio, input, sizeof(input)-1);
if (idx <= 0) {
if (wc_BioShouldRetry(ssl_bio)) {
printf("Retry read\n");
goto read_again;
}
printf("wc_BioRead failed\n");
goto done;
}
input[idx] = 0;
printf("BioSrvSSL, Client message: %s\n", input);
if (wc_BioWrite(ssl_bio, msg, sizeof(msg)) != sizeof(msg)) {
printf("wc_BioWrite failed\n");
goto done;
}
#ifdef WOLFSSL_TIRTOS
Task_yield();
#endif
done:
if (ssl_bio != 0)
wc_BioFreeAll(ssl_bio);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(clientfd);
((func_args*)args)->return_code = TEST_SUCCESS;
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
&& defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
#ifndef WOLFSSL_TIRTOS
return 0;
#endif
}
static void test_client_bio_ssl(void* args)
{
SOCKET_T sockfd = 0;
WOLFCRYPT_BIO* ssl_bio = 0;
WOLFSSL_METHOD* method = 0;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
char msg[64] = "Client BIO_SSL, hello wolfssl!";
char reply[1024];
int input;
int msgSz = (int)strlen(msg);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
((func_args*)args)->return_code = TEST_FAIL;
method = wolfSSLv23_client_method();
ctx = wolfSSL_CTX_new(method);
#ifdef OPENSSL_EXTRA
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
if (wolfSSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
{
/* err_sys("can't load ca file, Please run from wolfSSL home dir");*/
goto done2;
}
if (wolfSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
{
/*err_sys("can't load client cert file, "
"Please run from wolfSSL home dir");*/
goto done2;
}
if (wolfSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
{
/*err_sys("can't load client key file, "
"Please run from wolfSSL home dir");*/
goto done2;
}
ssl = wolfSSL_new(ctx);
tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, ssl);
wolfSSL_set_fd(ssl, sockfd);
ssl_bio = wc_BioNew(wc_Bio_f_ssl());
if (ssl_bio == NULL) {
printf("wc_BioNew failed\n");
goto done2;
}
wc_BioSetSSL(ssl_bio, ssl, BIO_NOCLOSE);
/* start connection */
if (wc_BioDoConnect(ssl_bio) <= 0) {
printf("wc_BioDoConnect failed\n");
goto done2;
}
if (wc_BioWrite(ssl_bio, msg, msgSz) != msgSz) {
printf("wc_BioWrite failed");
goto done2;
}
read_again:
input = wc_BioRead(ssl_bio, reply, sizeof(reply)-1);
if (input <= 0) {
if (wc_BioShouldRetry(ssl_bio)) {
printf("Retry read\n");
goto read_again;
}
printf("wc_BioRead failed");
goto done2;
}
reply[input] = 0;
printf("BioCliSSL, Server response: %s\n", reply);
done2:
if (ssl_bio != 0)
wc_BioFreeAll(ssl_bio);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(sockfd);
((func_args*)args)->return_code = TEST_SUCCESS;
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
return;
}
#endif /* OPENSSL_EXTRA */
/* SNI / ALPN / session export helper functions */
#if defined(HAVE_SNI) || defined(HAVE_ALPN) || defined(WOLFSSL_SESSION_EXPORT)
@ -1019,6 +1602,179 @@ static void test_wolfSSL_read_write(void)
}
static void test_wolfSSL_read_write_bio(void)
{
#if defined(OPENSSL_EXTRA)
#ifdef HAVE_IO_TESTS_DEPENDENCIES
/* The unit testing for read and write shall happen simutaneously, since
* one can't do anything with one without the other. (Except for a failure
* test case.) This function will call all the others that will set up,
* execute, and report their test findings.
*
* Set up the success case first. This function will become the template
* for the other tests. This should eventually be renamed
*
* The success case isn't interesting, how can this fail?
* - Do not give the client context a CA certificate. The connect should
* fail. Do not need server for this?
* - Using NULL for the ssl object on server. Do not need client for this.
* - Using NULL for the ssl object on client. Do not need server for this.
* - Good ssl objects for client and server. Client write() without server
* read().
* - Good ssl objects for client and server. Server write() without client
* read().
* - Forgetting the password callback?
*/
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
server_args.signal = &ready;
client_args.signal = &ready;
start_thread(test_server_bio, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_bio(&client_args);
join_thread(serverThread);
AssertTrue(client_args.return_code);
AssertTrue(server_args.return_code);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
#endif /* HAVE_IO_TESTS_DEPENDENCIES */
#endif /* OPENSSL_EXTRA */
}
static void test_wolfSSL_read_write_bio_full(void)
{
#if defined(OPENSSL_EXTRA)
#ifdef TEST_IPV6
/* nothing to do */
#else
#ifdef HAVE_IO_TESTS_DEPENDENCIES
/* The unit testing for read and write shall happen simutaneously, since
* one can't do anything with one without the other. (Except for a failure
* test case.) This function will call all the others that will set up,
* execute, and report their test findings.
*
* Set up the success case first. This function will become the template
* for the other tests. This should eventually be renamed
*
* The success case isn't interesting, how can this fail?
* - Do not give the client context a CA certificate. The connect should
* fail. Do not need server for this?
* - Using NULL for the ssl object on server. Do not need client for this.
* - Using NULL for the ssl object on client. Do not need server for this.
* - Good ssl objects for client and server. Client write() without server
* read().
* - Good ssl objects for client and server. Server write() without client
* read().
* - Forgetting the password callback?
*/
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
server_args.signal = &ready;
client_args.signal = &ready;
start_thread(test_server_full_bio, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_full_bio(&client_args);
join_thread(serverThread);
AssertTrue(client_args.return_code);
AssertTrue(server_args.return_code);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
#endif /* HAVE_IO_TESTS_DEPENDENCIES */
#endif /* TEST_IPV6 */
#endif /* OPENSSL_EXTRA */
}
static void test_wolfSSL_read_write_bio_ssl(void)
{
#if defined(OPENSSL_EXTRA)
#ifdef HAVE_IO_TESTS_DEPENDENCIES
/* The unit testing for read and write shall happen simutaneously, since
* one can't do anything with one without the other. (Except for a failure
* test case.) This function will call all the others that will set up,
* execute, and report their test findings.
*
* Set up the success case first. This function will become the template
* for the other tests. This should eventually be renamed
*
* The success case isn't interesting, how can this fail?
* - Do not give the client context a CA certificate. The connect should
* fail. Do not need server for this?
* - Using NULL for the ssl object on server. Do not need client for this.
* - Using NULL for the ssl object on client. Do not need server for this.
* - Good ssl objects for client and server. Client write() without server
* read().
* - Good ssl objects for client and server. Server write() without client
* read().
* - Forgetting the password callback?
*/
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
server_args.signal = &ready;
client_args.signal = &ready;
start_thread(test_server_bio_ssl, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_bio_ssl(&client_args);
join_thread(serverThread);
AssertTrue(client_args.return_code);
AssertTrue(server_args.return_code);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
#endif /* HAVE_IO_TESTS_DEPENDENCIES */
#endif /* OPENSSL_EXTRA */
}
static void test_wolfSSL_dtls_export(void)
{
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) && \
@ -1850,6 +2606,12 @@ void ApiTest(void)
test_wolfSSL_SetTmpDH_file();
test_wolfSSL_SetTmpDH_buffer();
test_wolfSSL_read_write();
/* BIO tests */
test_wolfSSL_read_write_bio_full();
test_wolfSSL_read_write_bio();
test_wolfSSL_read_write_bio_ssl();
test_wolfSSL_dtls_export();
/* TLS extensions tests */

6352
wolfcrypt/src/bio.c Normal file
View File

File diff suppressed because it is too large Load Diff

1592
wolfcrypt/src/compat-wolfcrypt.c Normal file
View File

File diff suppressed because it is too large Load Diff

93
wolfcrypt/src/error.c
View File

@ -386,6 +386,99 @@ const char* wc_GetErrorString(int error)
case ASN_COUNTRY_SIZE_E:
return "Country code size error, either too small or large";
case BIO_CALLBACK_E:
return "BIO callback function failed";
case BIO_CREATE_METHOD_E:
return "BIO method create function failed";
case BIO_FIND_TYPE_E:
return "BIO find type failed";
case BIO_CTRL_E:
return "BIO Control function failed";
case BIO_UNINITIALIZED_E:
return "BIO is not initialized";
case BIO_PUTS_E:
return "BIO puts failed";
case BIO_FILE_READ_E:
return "BIO file read failed";
case BIO_FILE_WRITE_E:
return "BIO file write failed";
case BIO_FILE_MODE_E:
return "BIO file bad open mode";
case BIO_FILE_OPEN_E:
return "BIO file open failed";
case BIO_FILE_GETS_E:
return "BIO file gets failed";
case BIO_MEM_WRITE_E:
return "BIO memory write failed";
case BIO_B64_ENCODE_E:
return "BIO filter base64 encode failed";
case BIO_B64_DECODE_E:
return "BIO filter base64 decode failed";
case BIO_DGST_INIT_E:
return "BIO filter digest init failed";
case BIO_DGST_UPDATE_E:
return "BIO filter digest update failed";
case BIO_DGST_FINAL_E:
return "BIO filter digest final failed";
case BIO_NO_HOSTNAME_E:
return "BIO connect, no hostname provided";
case BIO_NO_PORT_E:
return "BIO connect, no port provided";
case BIO_CREATE_SOCKET_E:
return "BIO connect, create socket failed";
case BIO_NBIO_E:
return "BIO connect, NBIO error";
case BIO_CONNECT_E:
return "BIO connect, connect failed";
case BIO_ADDR_AF_INET_E:
return "BIO connect, address not AF_INET type";
case BIO_SRV_PROTO_E:
return "BIO connect, bad server protocol";
case BIO_WSASTARTUP_E:
return "BIO connect, WSA Startup failed";
case BIO_BIND_SOCKET_E:
return "BIO connect, Bind socket failed";
case BIO_LISTEN_SOCKET_E:
return "BIO connect, Listen socket failed";
case BIO_ACCEPT_E:
return "BIO connect, Accept failed";
case BIO_KEEPALIVE_E:
return "BIO connect, Keep ALive failed";
case BIO_OPTIONS_E:
return "BIO connect, Options error";
case BIO_BAD_REF:
return "BIO, Bad reference number";
default:
return "unknown error number";

1059
wolfcrypt/test/test.c
View File

File diff suppressed because it is too large Load Diff

14
wolfssl-ntru.vcproj
View File

@ -165,7 +165,11 @@
<File
RelativePath=".\wolfcrypt\src\asn.c"
>
</File>
</File>
<File
RelativePath=".\wolfcrypt\src\bio.c"
>
</File>
<File
RelativePath=".\wolfcrypt\src\blake2b.c"
>
@ -175,8 +179,12 @@
>
</File>
<File
RelativePath=".\wolfcrypt\src\coding.c"
>
RelativePath=".\wolfcrypt\src\coding.c"
>
</File>
<File
RelativePath=".\wolfcrypt\src\compat-wolfcrypt.c"
>
</File>
<File
RelativePath=".\wolfcrypt\src\chacha.c"

8
wolfssl.vcproj
View File

@ -162,6 +162,10 @@
<File
RelativePath=".\wolfcrypt\src\asn.c"
>
</File>
<File
RelativePath=".\wolfcrypt\src\bio.c"
>
</File>
<File
RelativePath=".\wolfcrypt\src\blake2b.c"
@ -174,6 +178,10 @@
<File
RelativePath=".\wolfcrypt\src\coding.c"
>
</File>
<File
RelativePath=".\wolfcrypt\src\compat-wolfcrypt.c"
>
</File>
<File
RelativePath=".\wolfcrypt\src\chacha.c"

2
wolfssl.vcxproj
View File

@ -286,11 +286,13 @@
<ClCompile Include="wolfcrypt\src\aes.c" />
<ClCompile Include="wolfcrypt\src\arc4.c" />
<ClCompile Include="wolfcrypt\src\asn.c" />
<ClCompile Include="wolfcrypt\src\bio.c" />
<ClCompile Include="wolfcrypt\src\blake2b.c" />
<ClCompile Include="wolfcrypt\src\camellia.c" />
<ClCompile Include="wolfcrypt\src\chacha.c" />
<ClCompile Include="wolfcrypt\src\chacha20_poly1305.c" />
<ClCompile Include="wolfcrypt\src\coding.c" />
<ClCompile Include="wolfcrypt\src\compat-wolfcrypt.c" />
<ClCompile Include="wolfcrypt\src\des3.c" />
<ClCompile Include="wolfcrypt\src\dh.c" />
<ClCompile Include="wolfcrypt\src\dsa.c" />

48
wolfssl/internal.h
View File

@ -27,6 +27,8 @@
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/compat-wolfcrypt.h>
#ifdef HAVE_CRL
#include <wolfssl/crl.h>
#endif
@ -971,15 +973,6 @@ enum Misc {
MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */
SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */
RC4_KEY_SIZE = 16, /* always 128bit */
DES_KEY_SIZE = 8, /* des */
DES3_KEY_SIZE = 24, /* 3 des ede */
DES_IV_SIZE = DES_BLOCK_SIZE,
AES_256_KEY_SIZE = 32, /* for 256 bit */
AES_192_KEY_SIZE = 24, /* for 192 bit */
AES_IV_SIZE = 16, /* always block size */
AES_128_KEY_SIZE = 16, /* for 128 bit */
AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */
AEAD_TYPE_OFFSET = 8, /* Auth Data: Type */
AEAD_VMAJ_OFFSET = 9, /* Auth Data: Major Version */
@ -1017,7 +1010,6 @@ enum Misc {
RABBIT_KEY_SIZE = 16, /* 128 bits */
RABBIT_IV_SIZE = 8, /* 64 bits for iv */
EVP_SALT_SIZE = 8, /* evp salt size 64 bits */
ECDHE_SIZE = 32, /* ECHDE server size defaults to 256 bit */
MAX_EXPORT_ECC_SZ = 256, /* Export ANS X9.62 max future size */
@ -1224,35 +1216,6 @@ WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_2(void);
#endif
#endif
enum BIO_TYPE {
BIO_BUFFER = 1,
BIO_SOCKET = 2,
BIO_SSL = 3,
BIO_MEMORY = 4
};
/* wolfSSL BIO_METHOD type */
struct WOLFSSL_BIO_METHOD {
byte type; /* method type */
};
/* wolfSSL BIO type */
struct WOLFSSL_BIO {
byte type; /* method type */
byte close; /* close flag */
byte eof; /* eof flag */
WOLFSSL* ssl; /* possible associated ssl */
byte* mem; /* memory buffer */
int memLen; /* memory buffer length */
int fd; /* possible file descriptor */
WOLFSSL_BIO* prev; /* previous in chain */
WOLFSSL_BIO* next; /* next in chain */
};
/* wolfSSL method type */
struct WOLFSSL_METHOD {
ProtocolVersion version;
@ -2268,6 +2231,7 @@ WOLFSSL_LOCAL
WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte);
WOLFSSL_LOCAL
int SetSession(WOLFSSL*, WOLFSSL_SESSION*);
WOLFSSL_LOCAL int DupSession(WOLFSSL* ssl, WOLFSSL* ossl);
typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int);
@ -2709,8 +2673,8 @@ struct WOLFSSL {
Keys keys;
Options options;
#ifdef OPENSSL_EXTRA
WOLFSSL_BIO* biord; /* socket bio read to free/close */
WOLFSSL_BIO* biowr; /* socket bio write to free/close */
WOLFCRYPT_BIO* biord; /* socket bio read to free/close */
WOLFCRYPT_BIO* biowr; /* socket bio write to free/close */
#endif
#ifndef NO_RSA
RsaKey* peerRsaKey;
@ -2859,6 +2823,8 @@ void FreeSSL(WOLFSSL*, void* heap);
WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */
WOLFSSL_LOCAL int DupSSL(WOLFSSL* ssl, WOLFSSL* ossl);
enum {
IV_SZ = 32, /* max iv sz */
NAME_SZ = 80 /* max one line */

253
wolfssl/openssl/evp.h
View File

@ -21,7 +21,7 @@
/* evp.h defines mini evp openssl compatibility layer
/* evp.h defines mini evp openssl compatibility layer
*
*/
@ -31,6 +31,10 @@
#include <wolfssl/wolfcrypt/settings.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef WOLFSSL_PREFIX
#include "prefix_evp.h"
#endif
@ -44,224 +48,87 @@
#include <wolfssl/openssl/dsa.h>
#include <wolfssl/openssl/ec.h>
#include <wolfssl/wolfcrypt/compat-wolfcrypt.h>
#include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/des3.h>
#include <wolfssl/wolfcrypt/arc4.h>
#include <wolfssl/wolfcrypt/idea.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef char WOLFSSL_EVP_MD;
typedef char WOLFSSL_EVP_CIPHER;
#ifndef NO_MD5
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void);
#endif
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_idea_cbc(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void);
typedef union {
#ifndef NO_MD5
WOLFSSL_MD5_CTX md5;
#endif
WOLFSSL_SHA_CTX sha;
WOLFSSL_SHA256_CTX sha256;
#ifdef WOLFSSL_SHA384
WOLFSSL_SHA384_CTX sha384;
#endif
#ifdef WOLFSSL_SHA512
WOLFSSL_SHA512_CTX sha512;
#endif
#ifdef WOLFSSL_RIPEMD
WOLFSSL_RIPEMD_CTX ripemd;
#endif
} WOLFSSL_Hasher;
typedef struct WOLFSSL_EVP_MD_CTX {
unsigned char macType;
WOLFSSL_Hasher hash;
} WOLFSSL_EVP_MD_CTX;
typedef union {
#ifndef NO_AES
Aes aes;
#endif
#ifndef NO_DES3
Des des;
Des3 des3;
#endif
Arc4 arc4;
#ifdef HAVE_IDEA
Idea idea;
#endif
} WOLFSSL_Cipher;
enum {
AES_128_CBC_TYPE = 1,
AES_192_CBC_TYPE = 2,
AES_256_CBC_TYPE = 3,
AES_128_CTR_TYPE = 4,
AES_192_CTR_TYPE = 5,
AES_256_CTR_TYPE = 6,
DES_CBC_TYPE = 7,
DES_EDE3_CBC_TYPE = 8,
ARC4_TYPE = 9,
NULL_CIPHER_TYPE = 10,
EVP_PKEY_RSA = 11,
EVP_PKEY_DSA = 12,
EVP_PKEY_EC = 13,
IDEA_CBC_TYPE = 14,
NID_sha1 = 64,
NID_md2 = 3,
NID_md5 = 4
};
typedef struct WOLFSSL_EVP_CIPHER_CTX {
int keyLen; /* user may set for variable */
unsigned char enc; /* if encrypt side, then true */
unsigned char cipherType;
#ifndef NO_AES
unsigned char iv[AES_BLOCK_SIZE]; /* working iv pointer into cipher */
#elif !defined(NO_DES3)
unsigned char iv[DES_BLOCK_SIZE]; /* working iv pointer into cipher */
#endif
WOLFSSL_Cipher cipher;
} WOLFSSL_EVP_CIPHER_CTX;
WOLFSSL_API int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* md);
WOLFSSL_API void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_MD_CTX_cleanup(WOLFSSL_EVP_MD_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx,
const WOLFSSL_EVP_MD* type);
WOLFSSL_API int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data,
unsigned long sz);
WOLFSSL_API int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
unsigned int* s);
WOLFSSL_API int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx,
unsigned char* md, unsigned int* s);
#ifndef NO_MD5
WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER*,
const WOLFSSL_EVP_MD*, const unsigned char*,
const unsigned char*, int, int, unsigned char*,
unsigned char*);
#endif
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX*);
WOLFSSL_API int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type,
unsigned char* key, unsigned char* iv,
int enc);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
int keylen);
WOLFSSL_API int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx,
unsigned char* dst, unsigned char* src,
unsigned int len);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key);
/* these next ones don't need real OpenSSL type, for OpenSSH compat only */
WOLFSSL_API void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API void wolfSSL_3des_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
WOLFSSL_API void* wolfSSL_EVP_X_STATE(const WOLFCRYPT_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_EVP_X_STATE_LEN(const WOLFCRYPT_EVP_CIPHER_CTX* ctx);
WOLFSSL_API void wolfSSL_3des_iv(WOLFCRYPT_EVP_CIPHER_CTX* ctx, int doset,
unsigned char* iv, int len);
WOLFSSL_API void wolfSSL_aes_ctr_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
WOLFSSL_API void wolfSSL_aes_ctr_iv(WOLFCRYPT_EVP_CIPHER_CTX* ctx, int doset,
unsigned char* iv, int len);
WOLFSSL_API int wolfSSL_StoreExternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_SetInternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_StoreExternalIV(WOLFCRYPT_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wolfSSL_SetInternalIV(WOLFCRYPT_EVP_CIPHER_CTX* ctx);
/* end OpenSSH compat */
typedef WOLFSSL_EVP_MD EVP_MD;
typedef WOLFSSL_EVP_CIPHER EVP_CIPHER;
typedef WOLFSSL_EVP_MD_CTX EVP_MD_CTX;
typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#ifndef NO_MD5
#define EVP_md5 wolfSSL_EVP_md5
#endif
#define EVP_sha1 wolfSSL_EVP_sha1
#define EVP_sha256 wolfSSL_EVP_sha256
#define EVP_sha384 wolfSSL_EVP_sha384
#define EVP_sha512 wolfSSL_EVP_sha512
#define EVP_ripemd160 wolfSSL_EVP_ripemd160
/* OpenSSL compat */
typedef WOLFCRYPT_EVP_MD EVP_MD;
typedef WOLFCRYPT_EVP_CIPHER EVP_CIPHER;
typedef WOLFCRYPT_EVP_MD_CTX EVP_MD_CTX;
typedef WOLFCRYPT_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_aes_128_cbc wolfSSL_EVP_aes_128_cbc
#define EVP_aes_192_cbc wolfSSL_EVP_aes_192_cbc
#define EVP_aes_256_cbc wolfSSL_EVP_aes_256_cbc
#define EVP_aes_128_ctr wolfSSL_EVP_aes_128_ctr
#define EVP_aes_192_ctr wolfSSL_EVP_aes_192_ctr
#define EVP_aes_256_ctr wolfSSL_EVP_aes_256_ctr
#define EVP_des_cbc wolfSSL_EVP_des_cbc
#define EVP_des_ede3_cbc wolfSSL_EVP_des_ede3_cbc
#define EVP_rc4 wolfSSL_EVP_rc4
#define EVP_idea_cbc wolfSSL_EVP_idea_cbc
#define EVP_enc_null wolfSSL_EVP_enc_null
#define EVP_md5 wc_EVP_md5
#define EVP_sha1 wc_EVP_sha1
#define EVP_sha256 wc_EVP_sha256
#define EVP_sha384 wc_EVP_sha384
#define EVP_sha512 wc_EVP_sha512
#define EVP_ripemd160 wc_EVP_ripemd160
#define EVP_MD_size wolfSSL_EVP_MD_size
#define EVP_MD_CTX_init wolfSSL_EVP_MD_CTX_init
#define EVP_MD_CTX_cleanup wolfSSL_EVP_MD_CTX_cleanup
#define EVP_DigestInit wolfSSL_EVP_DigestInit
#define EVP_DigestUpdate wolfSSL_EVP_DigestUpdate
#define EVP_DigestFinal wolfSSL_EVP_DigestFinal
#define EVP_DigestFinal_ex wolfSSL_EVP_DigestFinal_ex
#define EVP_BytesToKey wolfSSL_EVP_BytesToKey
#define EVP_aes_128_cbc wc_EVP_aes_128_cbc
#define EVP_aes_192_cbc wc_EVP_aes_192_cbc
#define EVP_aes_256_cbc wc_EVP_aes_256_cbc
#define EVP_aes_128_ctr wc_EVP_aes_128_ctr
#define EVP_aes_192_ctr wc_EVP_aes_192_ctr
#define EVP_aes_256_ctr wc_EVP_aes_256_ctr
#define EVP_des_cbc wc_EVP_des_cbc
#define EVP_des_ede3_cbc wc_EVP_des_ede3_cbc
#define EVP_rc4 wc_EVP_rc4
#define EVP_idea_cbc wc_EVP_idea_cbc
#define EVP_enc_null wc_EVP_enc_null
#define EVP_CIPHER_CTX_init wolfSSL_EVP_CIPHER_CTX_init
#define EVP_CIPHER_CTX_cleanup wolfSSL_EVP_CIPHER_CTX_cleanup
#define EVP_CIPHER_CTX_iv_length wolfSSL_EVP_CIPHER_CTX_iv_length
#define EVP_CIPHER_CTX_key_length wolfSSL_EVP_CIPHER_CTX_key_length
#define EVP_CIPHER_CTX_set_key_length wolfSSL_EVP_CIPHER_CTX_set_key_length
#define EVP_CipherInit wolfSSL_EVP_CipherInit
#define EVP_Cipher wolfSSL_EVP_Cipher
#define EVP_MD_CTX_init wc_EVP_MD_CTX_init
#define EVP_MD_CTX_cleanup wc_EVP_MD_CTX_cleanup
#define EVP_MD_CTX_copy wc_EVP_MD_CTX_copy
#define EVP_MD_size wc_EVP_MD_size
#define EVP_get_digestbynid wolfSSL_EVP_get_digestbynid
#define EVP_DigestInit wc_EVP_DigestInit
#define EVP_DigestUpdate wc_EVP_DigestUpdate
#define EVP_DigestFinal wc_EVP_DigestFinal
#define EVP_DigestFinal_ex wc_EVP_DigestFinal_ex
#define EVP_CIPHER_CTX_init wc_EVP_CIPHER_CTX_init
#define EVP_CIPHER_CTX_cleanup wc_EVP_CIPHER_CTX_cleanup
#define EVP_CIPHER_CTX_iv_length wc_EVP_CIPHER_CTX_iv_length
#define EVP_CIPHER_CTX_key_length wc_EVP_CIPHER_CTX_key_length
#define EVP_CIPHER_CTX_copy wc_EVP_CIPHER_CTX_copy
#define EVP_CIPHER_CTX_set_key_length wc_EVP_CIPHER_CTX_set_key_length
#define EVP_CipherInit wc_EVP_CipherInit
#define EVP_CipherUpdate wc_EVP_CipherUpdate
#define EVP_CipherFinal wc_EVP_CipherFinal
#define EVP_Cipher wc_EVP_Cipher
#define EVP_get_digestbynid wc_EVP_get_digestbynid
#define EVP_PKEY_get1_RSA wolfSSL_EVP_PKEY_get1_RSA
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
#define EVP_PKEY_get1_EC_KEY wolfSSL_EVP_PKEY_get1_EC_KEY
#ifndef EVP_MAX_MD_SIZE
#define EVP_MAX_MD_SIZE 64 /* sha512 */
#ifndef NO_MD5
#define EVP_BytesToKey wc_EVP_BytesToKey
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

40
wolfssl/openssl/hmac.h
View File

@ -21,7 +21,7 @@
/* hmac.h defines mini hamc openssl compatibility layer
/* hmac.h defines mini hamc openssl compatibility layer
*
*/
@ -35,44 +35,20 @@
#include "prefix_hmac.h"
#endif
#include <wolfssl/openssl/evp.h>
#include <wolfssl/wolfcrypt/hmac.h>
#include <wolfssl/wolfcrypt/compat-wolfcrypt.h>
#ifdef __cplusplus
extern "C" {
#endif
//typedef struct WOLFCRYPT_HMAC_CTX HMAC_CTX;
WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md,
const void* key, int key_len,
const unsigned char* d, int n, unsigned char* md,
unsigned int* md_len);
typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac;
int type;
} WOLFSSL_HMAC_CTX;
WOLFSSL_API void wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key,
int keylen, const EVP_MD* type);
WOLFSSL_API void wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,
const unsigned char* data, int len);
WOLFSSL_API void wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
unsigned int* len);
WOLFSSL_API void wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx);
typedef struct WOLFSSL_HMAC_CTX HMAC_CTX;
#define HMAC(a,b,c,d,e,f,g) wolfSSL_HMAC((a),(b),(c),(d),(e),(f),(g))
#define HMAC_Init wolfSSL_HMAC_Init
#define HMAC_Update wolfSSL_HMAC_Update
#define HMAC_Final wolfSSL_HMAC_Final
#define HMAC_cleanup wolfSSL_HMAC_cleanup
#define HMAC(a,b,c,d,e,f,g) wc_HMAC((a),(b),(c),(d),(e),(f),(g))
#define HMAC_Init wc_HMAC_Init
#define HMAC_Update wc_HMAC_Update
#define HMAC_Final wc_HMAC_Final
#define HMAC_cleanup wc_HMAC_cleanup
#ifdef __cplusplus
} /* extern "C" */

24
wolfssl/openssl/md5.h
View File

@ -12,31 +12,23 @@
#include "prefix_md5.h"
#endif
#include <wolfssl/wolfcrypt/compat-wolfcrypt.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef WOLFCRYPT_MD5_CTX WOLFSSL_MD5_CTX;
typedef WOLFCRYPT_MD5_CTX MD5_CTX;
typedef struct WOLFSSL_MD5_CTX {
int holder[24]; /* big enough to hold wolfcrypt md5, but check on init */
} WOLFSSL_MD5_CTX;
WOLFSSL_API void wolfSSL_MD5_Init(WOLFSSL_MD5_CTX*);
WOLFSSL_API void wolfSSL_MD5_Update(WOLFSSL_MD5_CTX*, const void*, unsigned long);
WOLFSSL_API void wolfSSL_MD5_Final(unsigned char*, WOLFSSL_MD5_CTX*);
typedef WOLFSSL_MD5_CTX MD5_CTX;
#define MD5_Init wolfSSL_MD5_Init
#define MD5_Update wolfSSL_MD5_Update
#define MD5_Final wolfSSL_MD5_Final
#define MD5_Init wc_MD5_Init
#define MD5_Update wc_MD5_Update
#define MD5_Final wc_MD5_Final
#ifdef __cplusplus
} /* extern "C" */
} /* extern "C" */
#endif
#endif /* NO_MD5 */
#endif /* WOLFSSL_MD5_H_ */

31
wolfssl/openssl/pem.h
View File

@ -4,7 +4,7 @@
#ifndef WOLFSSL_PEM_H_
#define WOLFSSL_PEM_H_
#include <wolfssl/openssl/evp.h>
#include <wolfssl/wolfcrypt/compat-wolfcrypt.h>
#include <wolfssl/openssl/bio.h>
#include <wolfssl/openssl/rsa.h>
#include <wolfssl/openssl/dsa.h>
@ -16,18 +16,19 @@
/* RSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
const EVP_CIPHER* cipher,
int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFCRYPT_BIO* bio, WOLFSSL_RSA* rsa,
const WOLFCRYPT_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa,
const WOLFCRYPT_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa,
const EVP_CIPHER *enc,
const WOLFCRYPT_EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
@ -42,20 +43,20 @@ int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x);
/* DSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio,
int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFCRYPT_BIO* bio,
WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
const WOLFCRYPT_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
const WOLFCRYPT_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_write_DSAPrivateKey(FILE *fp, WOLFSSL_DSA *dsa,
const EVP_CIPHER *enc,
const WOLFCRYPT_EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
@ -64,19 +65,19 @@ int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x);
/* ECC */
WOLFSSL_API
int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
const EVP_CIPHER* cipher,
int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFCRYPT_BIO* bio, WOLFSSL_EC_KEY* ec,
const WOLFCRYPT_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* key,
const EVP_CIPHER* cipher,
const WOLFCRYPT_EVP_CIPHER* cipher,
unsigned char* passwd, int len,
unsigned char **pem, int *plen);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
int wolfSSL_PEM_write_ECPrivateKey(FILE *fp, WOLFSSL_EC_KEY *key,
const EVP_CIPHER *enc,
const WOLFCRYPT_EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
@ -85,7 +86,7 @@ int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *key);
/* EVP_KEY */
WOLFSSL_API
WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFCRYPT_BIO* bio,
WOLFSSL_EVP_PKEY**,
pem_password_cb cb,
void* arg);
@ -118,7 +119,7 @@ WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#ifdef __cplusplus
} /* extern "C" */
} /* extern "C" */
#endif
#endif /* WOLFSSL_PEM_H_ */

22
wolfssl/openssl/ripemd.h
View File

@ -10,23 +10,15 @@
extern "C" {
#endif
#ifdef WOLFSSL_RIPEMD
typedef struct WOLFSSL_RIPEMD_CTX {
int holder[32]; /* big enough to hold wolfcrypt, but check on init */
} WOLFSSL_RIPEMD_CTX;
WOLFSSL_API void wolfSSL_RIPEMD_Init(WOLFSSL_RIPEMD_CTX*);
WOLFSSL_API void wolfSSL_RIPEMD_Update(WOLFSSL_RIPEMD_CTX*, const void*,
unsigned long);
WOLFSSL_API void wolfSSL_RIPEMD_Final(unsigned char*, WOLFSSL_RIPEMD_CTX*);
typedef WOLFSSL_RIPEMD_CTX RIPEMD_CTX;
#define RIPEMD_Init wolfSSL_RIPEMD_Init
#define RIPEMD_Update wolfSSL_RIPEMD_Update
#define RIPEMD_Final wolfSSL_RIPEMD_Final
typedef WOLFCRYPT_RIPEMD_CTX RIPEMD_CTX;
#define RIPEMD_Init wc_RIPEMD_Init
#define RIPEMD_Update wc_RIPEMD_Update
#define RIPEMD_Final wc_RIPEMD_Final
#endif /* WOLFSSL_RIPEMD */
#ifdef __cplusplus
} /* extern "C" */

112
wolfssl/openssl/sha.h
View File

@ -10,116 +10,48 @@
#include "prefix_sha.h"
#endif
#include <wolfssl/wolfcrypt/compat-wolfcrypt.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef WOLFCRYPT_SHA_CTX SHA_CTX;
typedef struct WOLFSSL_SHA_CTX {
int holder[24]; /* big enough to hold wolfcrypt sha, but check on init */
} WOLFSSL_SHA_CTX;
#define SHA_Init wc_SHA_Init
#define SHA_Update wc_SHA_Update
#define SHA_Final wc_SHA_Final
WOLFSSL_API void wolfSSL_SHA_Init(WOLFSSL_SHA_CTX*);
WOLFSSL_API void wolfSSL_SHA_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long);
WOLFSSL_API void wolfSSL_SHA_Final(unsigned char*, WOLFSSL_SHA_CTX*);
#define SHA1_Init wc_SHA1_Init
#define SHA1_Update wc_SHA1_Update
#define SHA1_Final wc_SHA1_Final
/* SHA1 points to above, shouldn't use SHA0 ever */
WOLFSSL_API void wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX*);
WOLFSSL_API void wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long);
WOLFSSL_API void wolfSSL_SHA1_Final(unsigned char*, WOLFSSL_SHA_CTX*);
typedef WOLFCRYPT_SHA256_CTX SHA256_CTX;
enum {
SHA_DIGEST_LENGTH = 20
};
typedef WOLFSSL_SHA_CTX SHA_CTX;
#define SHA_Init wolfSSL_SHA_Init
#define SHA_Update wolfSSL_SHA_Update
#define SHA_Final wolfSSL_SHA_Final
#define SHA1_Init wolfSSL_SHA1_Init
#define SHA1_Update wolfSSL_SHA1_Update
#define SHA1_Final wolfSSL_SHA1_Final
typedef struct WOLFSSL_SHA256_CTX {
int holder[28]; /* big enough to hold wolfcrypt sha, but check on init */
} WOLFSSL_SHA256_CTX;
WOLFSSL_API void wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX*);
WOLFSSL_API void wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX*, const void*,
unsigned long);
WOLFSSL_API void wolfSSL_SHA256_Final(unsigned char*, WOLFSSL_SHA256_CTX*);
enum {
SHA256_DIGEST_LENGTH = 32
};
typedef WOLFSSL_SHA256_CTX SHA256_CTX;
#define SHA256_Init wolfSSL_SHA256_Init
#define SHA256_Update wolfSSL_SHA256_Update
#define SHA256_Final wolfSSL_SHA256_Final
#define SHA256_Init wc_SHA256_Init
#define SHA256_Update wc_SHA256_Update
#define SHA256_Final wc_SHA256_Final
#ifdef WOLFSSL_SHA384
typedef WOLFCRYPT_SHA384_CTX SHA384_CTX;
typedef struct WOLFSSL_SHA384_CTX {
long long holder[32]; /* big enough, but check on init */
} WOLFSSL_SHA384_CTX;
WOLFSSL_API void wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX*);
WOLFSSL_API void wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX*, const void*,
unsigned long);
WOLFSSL_API void wolfSSL_SHA384_Final(unsigned char*, WOLFSSL_SHA384_CTX*);
enum {
SHA384_DIGEST_LENGTH = 48
};
typedef WOLFSSL_SHA384_CTX SHA384_CTX;
#define SHA384_Init wolfSSL_SHA384_Init
#define SHA384_Update wolfSSL_SHA384_Update
#define SHA384_Final wolfSSL_SHA384_Final
#define SHA384_Init wc_SHA384_Init
#define SHA384_Update wc_SHA384_Update
#define SHA384_Final wc_SHA384_Final
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
typedef WOLFCRYPT_SHA512_CTX SHA512_CTX;
typedef struct WOLFSSL_SHA512_CTX {
long long holder[36]; /* big enough, but check on init */
} WOLFSSL_SHA512_CTX;
WOLFSSL_API void wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX*);
WOLFSSL_API void wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX*, const void*,
unsigned long);
WOLFSSL_API void wolfSSL_SHA512_Final(unsigned char*, WOLFSSL_SHA512_CTX*);
enum {
SHA512_DIGEST_LENGTH = 64
};
typedef WOLFSSL_SHA512_CTX SHA512_CTX;
#define SHA512_Init wolfSSL_SHA512_Init
#define SHA512_Update wolfSSL_SHA512_Update
#define SHA512_Final wolfSSL_SHA512_Final
#define SHA512_Init wc_SHA512_Init
#define SHA512_Update wc_SHA512_Update
#define SHA512_Final wc_SHA512_Final
#endif /* WOLFSSL_SHA512 */
#ifdef __cplusplus
} /* extern "C" */
} /* extern "C" */
#endif
#endif /* WOLFSSL_SHA_H_ */

226
wolfssl/openssl/ssl.h
View File

@ -60,7 +60,6 @@ typedef WOLFSSL_X509_CHAIN X509_CHAIN;
/* redeclare guard */
#define WOLFSSL_TYPES_DEFINED
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_RSA RSA;
typedef WOLFSSL_DSA DSA;
@ -68,8 +67,8 @@ typedef WOLFSSL_EC_KEY EC_KEY;
typedef WOLFSSL_EC_GROUP EC_GROUP;
typedef WOLFSSL_EC_POINT EC_POINT;
typedef WOLFSSL_ECDSA_SIG ECDSA_SIG;
typedef WOLFSSL_BIO BIO;
typedef WOLFSSL_BIO_METHOD BIO_METHOD;
typedef WOLFCRYPT_BIO BIO;
typedef WOLFCRYPT_BIO_METHOD BIO_METHOD;
typedef WOLFSSL_CIPHER SSL_CIPHER;
typedef WOLFSSL_X509_LOOKUP X509_LOOKUP;
typedef WOLFSSL_X509_LOOKUP_METHOD X509_LOOKUP_METHOD;
@ -209,31 +208,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define MD4_Update wolfSSL_MD4_Update
#define MD4_Final wolfSSL_MD4_Final
#define BIO_new wolfSSL_BIO_new
#define BIO_free wolfSSL_BIO_free
#define BIO_free_all wolfSSL_BIO_free_all
#define BIO_read wolfSSL_BIO_read
#define BIO_write wolfSSL_BIO_write
#define BIO_push wolfSSL_BIO_push
#define BIO_pop wolfSSL_BIO_pop
#define BIO_flush wolfSSL_BIO_flush
#define BIO_pending wolfSSL_BIO_pending
#define BIO_get_mem_data wolfSSL_BIO_get_mem_data
#define BIO_new_mem_buf wolfSSL_BIO_new_mem_buf
#define BIO_f_buffer wolfSSL_BIO_f_buffer
#define BIO_set_write_buffer_size wolfSSL_BIO_set_write_buffer_size
#define BIO_f_ssl wolfSSL_BIO_f_ssl
#define BIO_new_socket wolfSSL_BIO_new_socket
#define SSL_set_bio wolfSSL_set_bio
#define BIO_eof wolfSSL_BIO_eof
#define BIO_set_ss wolfSSL_BIO_set_ss
#define BIO_s_mem wolfSSL_BIO_s_mem
#define BIO_f_base64 wolfSSL_BIO_f_base64
#define BIO_set_flags wolfSSL_BIO_set_flags
#define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms
#define SSLeay_add_ssl_algorithms wolfSSL_add_all_algorithms
#define SSLeay_add_all_algorithms wolfSSL_add_all_algorithms
@ -387,7 +361,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_want_read wolfSSL_want_read
#define SSL_want_write wolfSSL_want_write
#define BIO_prf wolfSSL_BIO_prf
#define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr
#define sk_num wolfSSL_sk_num
@ -418,8 +391,6 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define X509_NAME_free wolfSSL_X509_NAME_free
#define SSL_CTX_use_certificate wolfSSL_CTX_use_certificate
#define SSL_CTX_use_PrivateKey wolfSSL_CTX_use_PrivateKey
#define BIO_read_filename wolfSSL_BIO_read_filename
#define BIO_s_file wolfSSL_BIO_s_file
#define OBJ_nid2sn wolf_OBJ_nid2sn
#define OBJ_obj2nid wolf_OBJ_obj2nid
#define OBJ_sn2nid wolf_OBJ_sn2nid
@ -450,7 +421,6 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
#define PEM_write_bio_X509 PEM_write_bio_WOLFSSL_X509
#define SSL_CTX_set_tmp_dh wolfSSL_CTX_set_tmp_dh
#define BIO_new_file wolfSSL_BIO_new_file
#endif /* HAVE_STUNNEL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE */
@ -516,6 +486,198 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#endif /* HAVE_STUNNEL */
#ifdef OPENSSL_EXTRA
#define BIO_method_name wc_BioMethodName
#define BIO_method_type wc_BioMethodType
#define BIO_clear_flags wc_BioClearFlags
#define BIO_set_flags wc_BioSetFlags
#define BIO_test_flags wc_BioTestFlags
#define BIO_get_flags wc_BioGetFlags
#define BIO_set_retry_special wc_BioSetRetrySpecial
#define BIO_set_retry_read wc_BioSetRetryRead
#define BIO_set_retry_write wc_BioSetRetryWrite
#define BIO_clear_retry_flags wc_BioClearRetryFlags
#define BIO_get_retry_flags wc_BioGetRetryFlags
#define BIO_should_read wc_BioShouldRead
#define BIO_should_write wc_BioShouldWrite
#define BIO_should_io_special wc_BioShouldIoSpecial
#define BIO_retry_type wc_BioRetryType
#define BIO_should_retry_type wc_BioShouldRetry
#define BIO_get_callback wc_BioGetCallback
#define BIO_set_callback wc_BioSetCallback
#define BIO_get_callback_arg wc_BioSetCallbackArg
#define BIO_set_callback_arg wc_BioGetCallbackArg
#define BIO_new wc_BioNew
#define BIO_free wc_BioFree
#define BIO_vfree wc_BioFree
#define BIO_free_all wc_BioFreeAll
#define BIO_set wc_BioSet
#define BIO_read wc_BioRead
#define BIO_wrie wc_BioWrite
#define BIO_puts wc_BioPuts
#define BIO_gets wc_BioGets
#define BIO_indent wc_BioIndent
#define BIO_ctrl wc_BioCtrl
#define BIO_callback_ctrl wc_BioCallbackCtrl
#define BIO_push wc_BioPush
#define BIO_pop wc_BioPop
#define BIO_next wc_BioNext
#define BIO_find_type wc_BioFindType
#define BIO_dup_chain wc_BioDupChain
#define BIO_dup_state wc_BioDupState
#define BIO_get_retry_BIO wc_BioGetRetryBio
#define BIO_get_retry_reason wc_BioGetRetryReason
#define BIO_int_ctrl wc_BioIntCtrl
#define BIO_ptr_ctrl wc_BioPtrCtrl
#define BIO_ctrl_pending wc_BioCtrlPending
#define BIO_ctrl_wpending wc_BioCtrlWpending
#define BIO_number_read wc_BioNumberRead
#define BIO_number_written wc_BioNumberWritten
#define BIO_reset wc_BioReset
#define BIO_eof wc_BioEof
#define BIO_set_close wc_BioSetClose
#define BIO_get_close wc_BioGetClose
#define BIO_pending wc_BioPending
#define BIO_wpending wc_BioWpending
#define BIO_flush wc_BioFlush
#define BIO_set_info_callback wc_BioSetInfoCallback
#define BIO_get_info_callback wc_BioGetInfoCallback
#define BIO_copy_next_retry wc_BioCopyNextRetry
#define BIO_printf wc_BioPrintf
/* BIO file */
#define BIO_s_file wc_Bio_s_file
#define BIO_new_fp wc_BioNewFp
#define BIO_new_file wc_BioNewFile
#define BIO_set_fp wc_BioSetFp
#define BIO_get_fp wc_BioGetFp
#define BIO_seek wc_BioSeek
#define BIO_tell wc_BioTell
#define BIO_read_filename wc_BioReadFilename
#define BIO_write_filename wc_BioWriteFilename
#define BIO_append_filename wc_BioAppendFilename
#define BIO_rw_filename wc_BioRwFilename
/* BIO memory */
#define BIO_s_mem wc_Bio_s_mem
#define BIO_new_mem_buf wc_BioNewMemBuf
/* BIO fd */
#define BIO_s_fd wc_Bio_s_fd
#define BIO_new_fd wc_BioNewFd
/* BIO null */
#define BIO_s_null wc_Bio_s_null
/* BIO socket */
#define BIO_s_socket wc_Bio_s_socket
#define BIO_new_socket wc_BioNewSocket
#define BIO_sock_should_retry wc_BioSockShouldRetry
#define BIO_sock_non_fatal_error wc_BioSockNonFatalError
#define BIO_set_fd wc_BioSetFd
#define BIO_get_fd wc_BioGetFd
/* BIO connect */
#define BIO_s_connect wc_Bio_s_connect
#define BIO_new_connect wc_BioNewConnect
#define BIO_set_conn_hostname wc_BioSetConnHostname
#define BIO_set_conn_port wc_BioSetConnPort
#define BIO_set_conn_ip wc_BioSetConnIp(bio, ip)
#define BIO_set_conn_int_port wc_BioSetConnIntPort
#define BIO_get_conn_hostname wc_BioGetConnHostname
#define BIO_get_conn_port wc_BioGetConnPort
#define BIO_get_conn_ip wc_BioGetConnIp
#define BIO_get_conn_int_port wc_BioGetConnIntPort
#define BIO_set_nbio wc_BioSetNbio
#define BIO_do_handshake wc_BioDoHandshake
#define BIO_do_connect wc_BioDoConnect
#define BIO_do_accept wc_BioDoAccept
/* BIO accept */
#define BIO_s_accept wc_Bio_s_accept
#define BIO_new_accept wc_BioNewAccept
#define BIO_set_accept_port wc_BioSetAcceptPort
#define BIO_get_accept_port wc_BioGetAcceptPort
#define BIO_set_nbio_accept wc_BioSetNbioAccept
#define BIO_set_accept_bios wc_BioSetAcceptBios
#define BIO_set_bind_mode wc_BioSetBindMode
#define BIO_get_bind_mode wc_BioGetBindMode
/* BIO datagram */
#define BIO_s_datagram wc_Bio_s_datagram
#define BIO_new_dgram wc_BioNewDgram
/* BIO filter buffer */
#define BIO_f_buffer wc_Bio_f_buffer
#define BIO_get_mem_data wc_BioGetMemData
#define BIO_set_mem_buf wc_BioSetMemBuf
#define BIO_get_mem_ptr wc_BioGetMemPtr
#define BIO_set_mem_eof_return wc_BioSetMemEofReturn
#define BIO_get_buffer_num_lines wc_BioGetBufferNumLines
#define BIO_set_buffer_size wc_BioSetBufferSize
#define BIO_set_read_buffer_size wc_BioSetReadBufferSize
#define BIO_set_write_buffer_size wc_BioSetWriteBufferSize
#define BIO_set_buffer_read_data wc_BioSetBufferReadData
/* BIO filter cipher */
#define BIO_f_cipher wc_Bio_f_cipher
#define BIO_set_cipher wc_BioSetCipher
#define BIO_get_cipher_status wc_BioGetCipherStatus
#define BIO_get_cipher_ctx wc_BioGetCipherCtx
/* BIO filter base64 */
#define BIO_f_base64 wc_Bio_f_base64
/* BIO filter digest */
#define BIO_f_md wc_Bio_f_md
#define BIO_set_md wc_BioSetMd
#define BIO_get_md wc_BioGetMd
#define BIO_get_md_ctx wc_BioGetmdCtx
#define BIO_set_md_ctx wc_BioSetMdCtx
/* BIO filter SSL */
WOLFSSL_API WOLFCRYPT_BIO *wolfSSL_BioNewBufferSSLConnect(WOLFSSL_CTX *ctx);
WOLFSSL_API WOLFCRYPT_BIO *wolfSSL_BioNewSSLConnect(WOLFSSL_CTX *ctx);
WOLFSSL_API WOLFCRYPT_BIO *wolfSSL_BioNewSSL(WOLFSSL_CTX *ctx, int client);
#define BIO_f_ssl wc_Bio_f_ssl
#define BIO_new_buffer_ssl_connect wolfSSL_BioNewBufferSSLConnect
#define BIO_new_ssl_connect wolfSSL_BioNewSSLConnect
#define BIO_new_ssl wolfSSL_BioNewSSL
#define BIO_ssl_shutdown wc_BioSSLShutdown
#define BIO_set_ssl wc_BioSetSSL
#define BIO_get_ssl wc_BioGetSSL
#define BIO_set_ssl_mode wc_BIOSetSSLMode
#define BIO_set_ssl_renegotiate_bytes wc_BIOSetSSLRenegotiateBytes
#define BIO_get_num_renegotiates wc_BIOGetNumRenegotiates
#define BIO_set_ssl_renegotiate_timeout wc_BIOSetSSLRenegotiateTimeout
/* BIO socket internal functions */
#define BIO_get_host_ip wc_BioGetHostIp
#define BIO_get_port wc_BioGetPort
#define BIO_sock_error wc_BioSockError
#define BIO_sock_init wc_BioSockInit
#define BIO_sock_cleanup wc_BioSockCleanup
#define BIO_get_accept_socket wc_BioGetAcceptSocket
#define BIO_accept wc_BioAccept
#define BIO_set_tcp_ndelay wc_BioSetTcpNdelay
#define BIO_socket_nbio wc_BioSocketNbio
#endif /* OPENSSL_EXTRA */
#ifdef __cplusplus
} /* extern "C" */
#endif

53
wolfssl/ssl.h
View File

@ -92,8 +92,8 @@ typedef struct WOLFSSL_CIPHER WOLFSSL_CIPHER;
typedef struct WOLFSSL_X509_LOOKUP WOLFSSL_X509_LOOKUP;
typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD;
typedef struct WOLFSSL_X509_CRL WOLFSSL_X509_CRL;
typedef struct WOLFSSL_BIO WOLFSSL_BIO;
typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD;
typedef struct WOLFCRYPT_BIO WOLFCRYPT_BIO;
typedef struct WOLFCRYPT_BIO_METHOD WOLFCRYPT_BIO_METHOD;
typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION;
typedef struct WOLFSSL_ASN1_TIME WOLFSSL_ASN1_TIME;
typedef struct WOLFSSL_ASN1_INTEGER WOLFSSL_ASN1_INTEGER;
@ -310,6 +310,7 @@ WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int);
WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
WOLFSSL_API WOLFSSL* wolfSSL_dup(WOLFSSL*);
WOLFSSL_API int wolfSSL_set_fd (WOLFSSL*, int);
WOLFSSL_API char* wolfSSL_get_cipher_list(int priority);
WOLFSSL_API int wolfSSL_get_ciphers(char*, int);
@ -447,34 +448,6 @@ WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX*);
WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX*, const void*, unsigned long);
WOLFSSL_API void wolfSSL_MD4_Final(unsigned char*, WOLFSSL_MD4_CTX*);
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*);
WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*);
WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*);
WOLFSSL_API int wolfSSL_BIO_read(WOLFSSL_BIO*, void*, int);
WOLFSSL_API int wolfSSL_BIO_write(WOLFSSL_BIO*, const void*, int);
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO*, WOLFSSL_BIO* append);
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO*);
WOLFSSL_API int wolfSSL_BIO_flush(WOLFSSL_BIO*);
WOLFSSL_API int wolfSSL_BIO_pending(WOLFSSL_BIO*);
WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void);
WOLFSSL_API long wolfSSL_BIO_set_write_buffer_size(WOLFSSL_BIO*, long size);
WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void);
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int flag);
WOLFSSL_API int wolfSSL_BIO_eof(WOLFSSL_BIO*);
WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void);
WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void);
WOLFSSL_API void wolfSSL_BIO_set_flags(WOLFSSL_BIO*, int);
WOLFSSL_API int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,const unsigned char** p);
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len);
WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag);
WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr);
WOLFSSL_API int wolfSSL_add_all_algorithms(void);
WOLFSSL_API void wolfSSL_RAND_screen(void);
@ -571,7 +544,7 @@ WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value(
WOLFSSL_X509_REVOKED*,int);
WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509*);
WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO*, const WOLFSSL_ASN1_TIME*);
WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFCRYPT_BIO*, const WOLFSSL_ASN1_TIME*);
WOLFSSL_API int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER*,
const WOLFSSL_ASN1_INTEGER*);
@ -691,10 +664,6 @@ enum {
SSL_MODE_ENABLE_PARTIAL_WRITE = 2,
BIO_FLAGS_BASE64_NO_NL = 1,
BIO_CLOSE = 1,
BIO_NOCLOSE = 0,
NID_undef = 0,
X509_FILETYPE_PEM = 8,
@ -861,8 +830,7 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_want_read(WOLFSSL*);
WOLFSSL_API int wolfSSL_want_write(WOLFSSL*);
WOLFSSL_API int wolfSSL_BIO_printf(WOLFSSL_BIO*, const char*, ...);
WOLFSSL_API int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO*,
WOLFSSL_API int wolfSSL_ASN1_UTCTIME_print(WOLFCRYPT_BIO*,
const WOLFSSL_ASN1_UTCTIME*);
WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_X509_REVOKED*);
WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_X509_REVOKED*, int);
@ -1736,13 +1704,11 @@ struct WOLFSSL_X509_NAME_ENTRY {
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name);
WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x);
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name);
WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_file(void);
/* These are to be merged shortly */
WOLFSSL_API const char * wolf_OBJ_nid2sn(int n);
WOLFSSL_API int wolf_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o);
WOLFSSL_API int wolf_OBJ_sn2nid(const char *sn);
WOLFSSL_API WOLFSSL_X509 *PEM_read_bio_WOLFSSL_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_X509 *PEM_read_bio_WOLFSSL_X509(WOLFCRYPT_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u);
WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth);
WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl);
WOLFSSL_API void wolfSSL_set_app_data(WOLFSSL *ssl, void *arg);
@ -1762,11 +1728,10 @@ WOLFSSL_API STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( STACK_OF(WOLFSSL_X
WOLFSSL_API char * wolf_OBJ_nid2ln(int n);
WOLFSSL_API int wolf_OBJ_txt2nid(const char *sn);
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode);
WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*);
WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp,
WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFCRYPT_BIO *bp,
WOLFSSL_DH **x, pem_password_cb *cb, void *u);
WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x);
WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFCRYPT_BIO *bp, WOLFSSL_X509 *x);
#endif /* HAVE_STUNNEL || HAVE_LIGHTY */
@ -1804,7 +1769,7 @@ WOLFSSL_API int wolfSSL_sk_X509_NAME_num(const STACK_OF(WOLFSSL_X509_NAME) *s);
WOLFSSL_API int wolfSSL_sk_X509_num(const STACK_OF(WOLFSSL_X509) *s);
WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,
WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFCRYPT_BIO*,WOLFSSL_X509_NAME*,int,
unsigned long);
WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(

100
wolfssl/test.h
View File

@ -858,6 +858,61 @@ static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
*clientfd = *sockfd;
}
static INLINE void tcp_set_ready(func_args* args, word16 port, int ready_file)
{
tcp_ready* ready = NULL;
(void) ready; /* Account for case when "ready" is not used */
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
/* signal ready to tcp_accept */
if (args)
ready = args->signal;
if (ready) {
pthread_mutex_lock(&ready->mutex);
ready->ready = 1;
ready->port = port;
pthread_cond_signal(&ready->cond);
pthread_mutex_unlock(&ready->mutex);
}
#elif defined (WOLFSSL_TIRTOS)
/* Need mutex? */
if (args)
ready = args->signal;
if (ready) {
ready->ready = 1;
ready->port = port;
}
#endif
if (ready_file) {
#ifndef NO_FILESYSTEM
FILE* srf = NULL;
if (args)
ready = args->signal;
if (ready) {
srf = fopen(ready->srfName, "w");
if (srf) {
/* let's write port sever is listening on to ready file
external monitor can then do ephemeral ports by passing
-p 0 to server on supported platforms with -R ready_file
client can then wait for existence of ready_file and see
which port the server is listening on. */
fprintf(srf, "%d\n", (int)port);
fclose(srf);
}
}
#endif
}
(void)port;
(void)ready_file;
(void)args;
}
static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
func_args* args, word16 port, int useAnyAddr,
int udp, int ready_file, int do_listen)
@ -875,49 +930,7 @@ static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
if(do_listen) {
tcp_listen(sockfd, &port, useAnyAddr, udp);
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
/* signal ready to tcp_accept */
if (args)
ready = args->signal;
if (ready) {
pthread_mutex_lock(&ready->mutex);
ready->ready = 1;
ready->port = port;
pthread_cond_signal(&ready->cond);
pthread_mutex_unlock(&ready->mutex);
}
#elif defined (WOLFSSL_TIRTOS)
/* Need mutex? */
if (args)
ready = args->signal;
if (ready) {
ready->ready = 1;
ready->port = port;
}
#endif
if (ready_file) {
#ifndef NO_FILESYSTEM
FILE* srf = NULL;
if (args)
ready = args->signal;
if (ready) {
srf = fopen(ready->srfName, "w");
if (srf) {
/* let's write port sever is listening on to ready file
external monitor can then do ephemeral ports by passing
-p 0 to server on supported platforms with -R ready_file
client can then wait for existence of ready_file and see
which port the server is listening on. */
fprintf(srf, "%d\n", (int)port);
fclose(srf);
}
}
#endif
}
tcp_set_ready(args, port, ready_file);
}
*clientfd = accept(*sockfd, (struct sockaddr*)&client,
@ -927,7 +940,6 @@ static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
}
}
static INLINE void tcp_set_nonblocking(SOCKET_T* sockfd)
{
#ifdef USE_WINDOWS_API

571
wolfssl/wolfcrypt/bio.h Normal file
View File

@ -0,0 +1,571 @@
#ifndef WOLF_CRYPT_BIO_H
#define WOLF_CRYPT_BIO_H
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/compat-wolfcrypt.h>
#ifdef OPENSSL_EXTRA
#ifdef __cplusplus
extern "C" {
#endif
/* BIO types */
enum WS_BIO_TYPE {
BIO_TYPE_NONE = 0,
BIO_TYPE_SSL = 1,
BIO_TYPE_MD = 2, /* passive */
BIO_TYPE_BUFFER = 3,
BIO_TYPE_CIPHER = 4,
BIO_TYPE_BASE64 = 5,
BIO_TYPE_LINEBUFFER = 6,
BIO_TYPE_ASN1 = 7,
BIO_TYPE_COMP = 8,
BIO_TYPE_PROXY_CLIENT = 9, /* client proxy BIO */
BIO_TYPE_PROXY_SERVER = 10, /* server proxy BIO */
BIO_TYPE_NULL_FILTER = 11,
BIO_TYPE_BER = 12, /* BER -> bin filter */
BIO_TYPE_MEM = 13,
BIO_TYPE_FILE = 14,
BIO_TYPE_NULL = 15,
BIO_TYPE_BIO = 16, /* (half a) BIO pair */
/* socket, fd, connect or accept */
BIO_TYPE_DESCRIPTOR = 0x100,
BIO_TYPE_FD = 17|BIO_TYPE_DESCRIPTOR,
BIO_TYPE_SOCKET = 18|BIO_TYPE_DESCRIPTOR,
/* socket - connect */
BIO_TYPE_CONNECT = 19|BIO_TYPE_DESCRIPTOR,
/* socket for accept */
BIO_TYPE_ACCEPT = 20|BIO_TYPE_DESCRIPTOR,
BIO_TYPE_DGRAM = 21|BIO_TYPE_DESCRIPTOR,
};
/*
* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
* BIO_set_fp(in,stdin,BIO_NOCLOSE);
*/
#define BIO_CLOSE 1
#define BIO_NOCLOSE 0
/*
* These are used in the following macros and are passed to BIO_ctrl()
*/
enum WS_BIO_CTRL {
BIO_CTRL_RESET = 1, /* opt - rewind/zero etc */
BIO_CTRL_EOF = 2, /* opt - are we at the eof */
BIO_CTRL_INFO = 3, /* opt - extra tit-bits */
BIO_CTRL_SET = 4, /* man - set the 'IO' type */
BIO_CTRL_GET = 5, /* man - get the 'IO' type */
BIO_CTRL_PUSH = 6, /* opt - internal, used to signify change */
BIO_CTRL_POP = 7, /* opt - internal, used to signify change */
BIO_CTRL_GET_CLOSE = 8, /* man - set the 'close' on free */
BIO_CTRL_SET_CLOSE = 9, /* man - set the 'close' on free */
BIO_CTRL_PENDING = 10, /* opt - is their more data buffered */
BIO_CTRL_FLUSH = 11, /* opt - 'flush' buffered output */
BIO_CTRL_DUP = 12, /* man - extra stuff for 'duped' BIO */
BIO_CTRL_WPENDING = 13, /* opt - number of bytes still to write */
/* callback is int cb(BIO *bio,state,ret); */
BIO_CTRL_SET_CALLBACK = 14, /* opt - set callback function */
BIO_CTRL_GET_CALLBACK = 15, /* opt - set callback function */
BIO_CTRL_SET_FILENAME = 30, /* BIO_s_file special */
/* dgram BIO stuff */
BIO_CTRL_DGRAM_CONNECT = 31, /* BIO dgram special */
BIO_CTRL_DGRAM_SET_CONNECTED = 32, /* allow for an externally connected
* socket to be passed in */
BIO_CTRL_DGRAM_SET_RECV_TIMEOUT = 33, /* setsockopt, essentially */
BIO_CTRL_DGRAM_GET_RECV_TIMEOUT = 34, /* getsockopt, essentially */
BIO_CTRL_DGRAM_SET_SEND_TIMEOUT = 35, /* setsockopt, essentially */
BIO_CTRL_DGRAM_GET_SEND_TIMEOUT = 36, /* getsockopt, essentially */
BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP = 37, /* flag whether the last */
BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP = 38, /* I/O operation tiemd out */
/* #ifdef IP_MTU_DISCOVER */
BIO_CTRL_DGRAM_MTU_DISCOVER = 39, /* set DF bit on egress packets */
/* #endif */
BIO_CTRL_DGRAM_QUERY_MTU = 40, /* as kernel for current MTU */
BIO_CTRL_DGRAM_GET_FALLBACK_MTU = 47,
BIO_CTRL_DGRAM_GET_MTU = 41, /* get cached value for MTU */
BIO_CTRL_DGRAM_SET_MTU = 42, /* set cached value for MTU.
* want to use this if asking
* the kernel fails */
BIO_CTRL_DGRAM_MTU_EXCEEDED = 43, /* check whether the MTU was
* exceed in the previous write
* operation */
BIO_CTRL_DGRAM_GET_PEER = 46,
BIO_CTRL_DGRAM_SET_PEER = 44, /* Destination for the data */
BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT = 45, /* Next DTLS handshake timeout
* to adjust socket timeouts */
BIO_CTRL_DGRAM_SET_DONT_FRAG = 48,
BIO_CTRL_DGRAM_GET_MTU_OVERHEAD = 49,
};
/* modifiers */
enum WS_BIO_MOD {
BIO_FP_READ = 0x02,
BIO_FP_WRITE = 0x04,
BIO_FP_APPEND = 0x08,
BIO_FP_TEXT = 0x10,
};
/* flags */
enum WS_BIO_FLAGS {
BIO_FLAGS_READ = 0x01,
BIO_FLAGS_WRITE = 0x02,
BIO_FLAGS_IO_SPECIAL = 0x04,
BIO_FLAGS_RWS = BIO_FLAGS_READ|
BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL,
BIO_FLAGS_SHOULD_RETRY = 0x08,
BIO_FLAGS_BASE64_NO_NL = 0x100,
/* Used with memory BIOs: shouldn't free up or change the data in any way.
*/
BIO_FLAGS_MEM_RDONLY = 0x200,
};
enum WS_BIO_RR {
/* Returned from the SSL bio when the certificate retrieval code had an error */
BIO_RR_SSL_X509_LOOKUP = 0x01,
/* Returned from the connect BIO when a connect would have blocked */
BIO_RR_CONNECT = 0x02,
/* Returned from the accept BIO when an accept would have blocked */
BIO_RR_ACCEPT = 0x03,
};
/* These are passed by the BIO callback */
enum WS_BIO_CB_FLAGS {
BIO_CB_FREE = 0x01,
BIO_CB_READ = 0x02,
BIO_CB_WRITE = 0x03,
BIO_CB_PUTS = 0x04,
BIO_CB_GETS = 0x05,
BIO_CB_CTRL = 0x06,
BIO_CB_RETURN = 0x80,
};
#define BIO_CB_return(a) ((a) | BIO_CB_RETURN)
#define BIO_cb_post(a) ((a) & BIO_CB_RETURN)
#define BIO_cb_pre(a) (!BIO_cb_post((a)))
typedef struct WOLFCRYPT_BIO WOLFCRYPT_BIO;
typedef struct WOLFCRYPT_BIO_METHOD WOLFCRYPT_BIO_METHOD;
typedef void WOLFCRYPT_BIO_info_cb (WOLFCRYPT_BIO *, int, const char *,
int, long, long);
/* Compatibility with previous name */
#define WOLFSSL_BIO WOLFCRYPT_BIO
/* wolfSSL BIO_METHOD type */
struct WOLFCRYPT_BIO_METHOD {
int type; /* method type */
const char *name;
int (*bwrite) (WOLFCRYPT_BIO *, const char *, int);
int (*bread) (WOLFCRYPT_BIO *, char *, int);
int (*bputs) (WOLFCRYPT_BIO *, const char *);
int (*bgets) (WOLFCRYPT_BIO *, char *, int);
long (*ctrl) (WOLFCRYPT_BIO *, int, long, void *);
int (*create) (WOLFCRYPT_BIO *);
int (*destroy) (WOLFCRYPT_BIO *);
long (*callback_ctrl) (WOLFCRYPT_BIO *, int, WOLFCRYPT_BIO_info_cb *);
};
struct WOLFCRYPT_BIO {
WOLFCRYPT_BIO_METHOD *method;
/* bio, mode, argp, argi, argl, ret */
long (*callback) (WOLFCRYPT_BIO *, int, const char *, int, long, long);
char *cb_arg; /* first argument for the callback */
int init;
int shutdown;
int flags; /* extra storage */
int retry_reason;
int num;
void *ptr;
WOLFCRYPT_BIO *next_bio; /* used by filter BIOs */
WOLFCRYPT_BIO *prev_bio; /* used by filter BIOs */
int references;
wolfSSL_Mutex refMutex; /* to lock r/w on references */
unsigned long num_read;
unsigned long num_write;
};
enum WS_BIO_C_FLAGS {
BIO_C_SET_CONNECT = 100,
BIO_C_DO_STATE_MACHINE = 101,
BIO_C_SET_NBIO = 102,
BIO_C_SET_PROXY_PARAM = 103,
BIO_C_SET_FD = 104,
BIO_C_GET_FD = 105,
BIO_C_SET_FILE_PTR = 106,
BIO_C_GET_FILE_PTR = 107,
BIO_C_SET_FILENAME = 108,
BIO_C_SET_SSL = 109,
BIO_C_GET_SSL = 110,
BIO_C_SET_MD = 111,
BIO_C_GET_MD = 112,
BIO_C_GET_CIPHER_STATUS = 113,
BIO_C_SET_BUF_MEM = 114,
BIO_C_GET_BUF_MEM_PTR = 115,
BIO_C_GET_BUFF_NUM_LINES = 116,
BIO_C_SET_BUFF_SIZE = 117,
BIO_C_SET_ACCEPT = 118,
BIO_C_SSL_MODE = 119,
BIO_C_GET_MD_CTX = 120,
BIO_C_GET_PROXY_PARAM = 121,
BIO_C_SET_BUFF_READ_DATA = 122, /* data to read first */
BIO_C_GET_CONNECT = 123,
BIO_C_GET_ACCEPT = 124,
BIO_C_SET_SSL_RENEGOTIATE_BYTES = 125,
BIO_C_GET_SSL_NUM_RENEGOTIATES = 126,
BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT = 127,
BIO_C_FILE_SEEK = 128,
BIO_C_GET_CIPHER_CTX = 129,
BIO_C_SET_BUF_MEM_EOF_RETURN = 130, /* return end of input
* value */
BIO_C_SET_BIND_MODE = 131,
BIO_C_GET_BIND_MODE = 132,
BIO_C_FILE_TELL = 133,
BIO_C_GET_SOCKS = 134,
BIO_C_SET_SOCKS = 135,
BIO_C_SET_WRITE_BUF_SIZE = 136, /* for BIO_s_bio */
BIO_C_GET_WRITE_BUF_SIZE = 137,
BIO_C_MAKE_BIO_PAIR = 138,
BIO_C_DESTROY_BIO_PAIR = 139,
BIO_C_GET_WRITE_GUARANTEE = 140,
BIO_C_GET_READ_REQUEST = 141,
BIO_C_SHUTDOWN_WR = 142,
BIO_C_NREAD0 = 143,
BIO_C_NREAD = 144,
BIO_C_NWRITE0 = 145,
BIO_C_NWRITE = 146,
BIO_C_RESET_READ_REQUEST = 147,
BIO_C_SET_MD_CTX = 148,
BIO_C_SET_PREFIX = 149,
BIO_C_GET_PREFIX = 150,
BIO_C_SET_SUFFIX = 151,
BIO_C_GET_SUFFIX = 152,
BIO_C_SET_EX_ARG = 153,
BIO_C_GET_EX_ARG = 154,
};
/* connect BIO */
enum WS_BIO_CONN {
BIO_CONN_S_BEFORE = 1,
BIO_CONN_S_GET_IP = 2,
BIO_CONN_S_GET_PORT = 3,
BIO_CONN_S_CREATE_SOCKET = 4,
BIO_CONN_S_CONNECT = 5,
BIO_CONN_S_OK = 6,
BIO_CONN_S_BLOCKED_CONNECT = 7,
BIO_CONN_S_NBIO = 8,
};
enum WS_BIO_BIND {
BIO_BIND_NORMAL = 0,
BIO_BIND_REUSEADDR_IF_UNUSED = 1,
BIO_BIND_REUSEADDR = 2,
};
enum WC_BIO_OPT {
BIO_OPT_NONE = 0,
BIO_OPT_TCP_NO_DELAY = 1,
BIO_OPT_IGN_SIGPIPE = 2,
};
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNew(WOLFCRYPT_BIO_METHOD *method);
WOLFSSL_API int wc_BioFree(WOLFCRYPT_BIO *bio);
WOLFSSL_API void wc_BioFreeAll(WOLFCRYPT_BIO *bio);
WOLFSSL_API const char *wc_BioMethodName(const WOLFCRYPT_BIO *bio);
WOLFSSL_API int wc_BioMethodType(const WOLFCRYPT_BIO *bio);
WOLFSSL_API int wc_BioSet(WOLFCRYPT_BIO *bio,
WOLFCRYPT_BIO_METHOD *method);
WOLFSSL_API void wc_BioClearFlags(WOLFCRYPT_BIO *bio, int flags);
WOLFSSL_API void wc_BioSetFlags(WOLFCRYPT_BIO *bio, int flags);
WOLFSSL_API int wc_BioTestFlags(const WOLFCRYPT_BIO *bio, int flags);
#define wc_BioGetFlags(bio) wc_BioTestFlags(bio, ~(0x0))
#define wc_BioSetRetrySpecial(bio) \
wc_BioSetFlags(bio, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
#define wc_BioSetRetryRead(bio) \
wc_BioSetFlags(bio, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
#define wc_BioSetRetryWrite(bio) \
wc_BioSetFlags(bio, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
#define wc_BioClearRetryFlags(bio) \
wc_BioClearFlags(bio, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
#define wc_BioGetRetryFlags(bio) \
wc_BioTestFlags(bio, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
/* These should be used by the application to tell why we should retry */
#define wc_BioShouldRead(bio) wc_BioTestFlags(bio, BIO_FLAGS_READ)
#define wc_BioShouldWrite(bio) wc_BioTestFlags(bio, BIO_FLAGS_WRITE)
#define wc_BioShouldIoSpecial(bio) wc_BioTestFlags(bio, BIO_FLAGS_IO_SPECIAL)
#define wc_BioRetryType(bio) wc_BioTestFlags(bio, BIO_FLAGS_RWS)
#define wc_BioShouldRetry(bio) wc_BioTestFlags(bio, BIO_FLAGS_SHOULD_RETRY)
WOLFSSL_API long (*wc_BioGetCallback(const WOLFCRYPT_BIO *bio))
(WOLFCRYPT_BIO *, int, const char *, int, long, long);
WOLFSSL_API void wc_BioSetCallback(WOLFCRYPT_BIO *bio,
long (*cb) (WOLFCRYPT_BIO *, int,
const char *, int, long, long));
WOLFSSL_API void wc_BioSetCallbackArg(WOLFCRYPT_BIO *bio, char *arg);
WOLFSSL_API char *wc_BioGetCallbackArg(const WOLFCRYPT_BIO *bio);
WOLFSSL_API int wc_BioRead(WOLFCRYPT_BIO *bio, void *out, int outl);
WOLFSSL_API int wc_BioWrite(WOLFCRYPT_BIO *bio, const void *in, int inl);
WOLFSSL_API int wc_BioPuts(WOLFCRYPT_BIO *bio, const char *in);
WOLFSSL_API int wc_BioGets(WOLFCRYPT_BIO *bio, char *in, int inl);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioPush(WOLFCRYPT_BIO *top,
WOLFCRYPT_BIO *next);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioPop(WOLFCRYPT_BIO *bio);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNext(WOLFCRYPT_BIO *bio);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioGetRetryBio(WOLFCRYPT_BIO *bio,
int *reason);
WOLFSSL_API int wc_BioGetRetryReason(WOLFCRYPT_BIO *bio);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioFindType(WOLFCRYPT_BIO *bio, int type);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioDupChain(WOLFCRYPT_BIO *bio);
#define wc_BioDupState(bio, ret) \
wc_BioCtrl(bio, BIO_CTRL_DUP, 0, ret)
WOLFSSL_API long wc_BioCtrl(WOLFCRYPT_BIO *bio, int cmd,
long larg, void *parg);
WOLFSSL_API long wc_BioCallbackCtrl(WOLFCRYPT_BIO *bio, int cmd,
void (*fp) (WOLFCRYPT_BIO *, int,
const char *, int, long, long));
WOLFSSL_API long wc_BioIntCtrl(WOLFCRYPT_BIO *bio, int cmd,
long larg, int iarg);
WOLFSSL_API char *wc_BioPtrCtrl(WOLFCRYPT_BIO *bio, int cmd, long larg);
WOLFSSL_API size_t wc_BioCtrlPending(WOLFCRYPT_BIO *bio);
WOLFSSL_API size_t wc_BioCtrlWpending(WOLFCRYPT_BIO *bio);
WOLFSSL_API int wc_BioIndent(WOLFCRYPT_BIO *bio, int indent, int max);
WOLFSSL_API unsigned long wc_BioNumberRead(WOLFCRYPT_BIO *bio);
WOLFSSL_API unsigned long wc_BioNumberWritten(WOLFCRYPT_BIO *bio);
#define wc_BioReset(bio) \
(int)wc_BioCtrl(bio, BIO_CTRL_RESET, 0, NULL)
#define wc_BioEof(bio) \
(int)wc_BioCtrl(bio, BIO_CTRL_EOF, 0, NULL)
#define wc_BioSetClose(bio,c) \
(int)wc_BioCtrl(bio, BIO_CTRL_SET_CLOSE, (c), NULL)
#define wc_BioGetClose(bio) \
(int)wc_BioCtrl(bio, BIO_CTRL_GET_CLOSE, 0, NULL)
#define wc_BioPending(bio) \
(int)wc_BioCtrl(bio, BIO_CTRL_PENDING, 0, NULL)
#define wc_BioWpending(bio) \
(int)wc_BioCtrl(bio, BIO_CTRL_WPENDING, 0, NULL)
#define wc_BioFlush(bio) \
(int)wc_BioCtrl(bio, BIO_CTRL_FLUSH, 0, NULL)
#define wc_BioSetInfoCallback(bio, cb) \
(int)wc_BioCallbackCtrl(bio, BIO_CTRL_SET_CALLBACK, cb)
#define wc_BioGetInfoCallback(bio, cb) \
(int)wc_BioCallbackCtrl(bio, BIO_CTRL_GET_CALLBACK, 0, cb)
WOLFSSL_API void wc_BioCopyNextRetry(WOLFCRYPT_BIO *b);
#ifndef NO_STDIO_FILESYSTEM
WOLFSSL_API int wc_BioPrintf(WOLFCRYPT_BIO *bio, const char *format, ...);
#endif
/* BIO file */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_s_file(void);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNewFp(XFILE f, int close_flag);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNewFile(const char *name,
const char *mode);
#define wc_BioSetFp(bio, f, c) \
wc_BioCtrl(bio, BIO_C_SET_FILE_PTR, c, (char *)f)
#define wc_BioGetFp(bio, f) \
wc_BioCtrl(bio, BIO_C_GET_FILE_PTR, 0, (char *)f)
#define wc_BioSeek(bio, ofs) \
(int)wc_BioCtrl(bio, BIO_C_FILE_SEEK, ofs, NULL)
#define wc_BioTell(bio) \
(int)wc_BioCtrl(bio, BIO_C_FILE_TELL, 0, NULL)
#define wc_BioReadFilename(bio, name) \
wc_BioCtrl(bio, BIO_C_SET_FILENAME, BIO_CLOSE|BIO_FP_READ, name)
#define wc_BioWriteFilename(bio, name) \
wc_BioCtrl(bio,BIO_C_SET_FILENAME, BIO_CLOSE|BIO_FP_WRITE, name)
#define wc_BioAppendFilename(bio, name) \
wc_BioCtrl(bio, BIO_C_SET_FILENAME, BIO_CLOSE|BIO_FP_APPEND, name)
#define wc_BioRwFilename(bio, name) \
wc_BioCtrl(bio, BIO_C_SET_FILENAME, \
BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
/* BIO memory */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_s_mem(void);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNewMemBuf(void *data, int len);
/* BIO fd */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_s_fd(void);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNewFd(int fd, int close_flag);
/* BIO null */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_s_null(void);
/* BIO socket */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_s_socket(void);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNewSocket(int fd, int close_flag);
WOLFSSL_API int wc_BioSockShouldRetry(int i);
WOLFSSL_API int wc_BioSockNonFatalError(int err);
#define wc_BioSetFd(bio, fd, c) \
wc_BioIntCtrl(bio, BIO_C_SET_FD, c, fd)
#define wc_BioGetFd(bio, c) \
wc_BioCtrl(bio, BIO_C_GET_FD, 0, (char *)c)
/* BIO connect */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_s_connect(void);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNewConnect(const char *host_port);
#define wc_BioSetConnHostname(bio, hname) \
wc_BioCtrl(bio, BIO_C_SET_CONNECT, 0, (char *)hname)
#define wc_BioSetConnPort(bio, port) \
wc_BioCtrl(bio, BIO_C_SET_CONNECT, 1, (char *)port)
#define wc_BioSetConnIp(bio, ip) \
wc_BioCtrl(bio, BIO_C_SET_CONNECT, 2, (char *)ip)
#define wc_BioSetConnIntPort(bio, port) \
wc_BioCtrl(bio, BIO_C_SET_CONNECT, 3, (int *)port)
#define wc_BioGetConnHostname(bio) \
wc_BioPtrCtrl(bio, BIO_C_GET_CONNECT, 0)
#define wc_BioGetConnPort(bio) \
wc_BioPtrCtrl(bio, BIO_C_GET_CONNECT, 1)
#define wc_BioGetConnIp(bio) \
wc_BioPtrCtrl(bio, BIO_C_GET_CONNECT, 2)
#define wc_BioGetConnIntPort(bio) \
wc_BioIntCtrl(bio, BIO_C_GET_CONNECT, 3, 0)
#define wc_BioSetNbio(bio, n) \
wc_BioCtrl(bio, BIO_C_SET_NBIO, n, NULL)
#define wc_BioDoHandshake(bio) \
wc_BioCtrl(bio, BIO_C_DO_STATE_MACHINE, 0, NULL)
#define wc_BioDoConnect(bio) wc_BioDoHandshake(bio)
#define wc_BioDoAccept(bio) wc_BioDoHandshake(bio)
/* BIO accept */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_s_accept(void);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNewAccept(const char *str);
#define wc_BioSetAcceptPort(bio, name) \
wc_BioCtrl(bio, BIO_C_SET_ACCEPT, 0, (char *)name)
#define wc_BioGetAcceptPort(bio) \
wc_BioPtrCtrl(bio, BIO_C_GET_ACCEPT, 0)
#define wc_BioSetNbioAccept(bio, name) \
wc_BioCtrl(bio, BIO_C_SET_ACCEPT, 1, name ? (void *)"a" : NULL)
#define wc_BioSetAcceptBios(bio, nbio) \
wc_BioCtrl(bio, BIO_C_SET_ACCEPT, 2, nbio)
#define wc_BioSetBindMode(bio, mode) \
wc_BioCtrl(bio, BIO_C_SET_BIND_MODE, mode, NULL)
#define wc_BioGetBindMode(bio, mode) \
wc_BioCtrl(bio, BIO_C_GET_BIND_MODE, 0, NULL)
#define wc_BioSetSocketOptions(bio, opt) \
wc_BioCtrl(bio, BIO_C_SET_EX_ARG, opt, NULL)
/* BIO datagram */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_s_datagram(void);
WOLFSSL_API WOLFCRYPT_BIO *wc_BioNewDgram(int fd, int close_flag);
/* BIO filter buffer */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_f_buffer(void);
#define wc_BioGetMemData(bio, data) \
wc_BioCtrl(bio, BIO_CTRL_INFO, 0, data)
#define wc_BioSetMemBuf(bio, data, c) \
wc_BioCtrl(bio, BIO_C_SET_BUF_MEM, c, data)
#define wc_BioGetMemPtr(b, ptr) \
wc_BioCtrl(bio, BIO_C_GET_BUF_MEM_PTR,0, (char *)ptr)
#define wc_BioSetMemEofReturn(bio, v) \
wc_BioCtrl(bio, BIO_C_SET_BUF_MEM_EOF_RETURN, v, NULL)
#define wc_BioGetBufferNumLines(bio) \
wc_BioCtrl(bio, BIO_C_GET_BUFF_NUM_LINES, 0, NULL)
#define wc_BioSetBufferSize(bio, size) \
wc_BioCtrl(bio, BIO_C_SET_BUFF_SIZE, size, NULL)
#define wc_BioSetReadBufferSize(bio, size) \
wc_BioIntCtrl(bio, BIO_C_SET_BUFF_SIZE, size, 0)
#define wc_BioSetWriteBufferSize(bio, size) \
wc_BioIntCtrl(bio, BIO_C_SET_BUFF_SIZE, size, 1)
#define wc_BioSetBufferReadData(bio, buf, num) \
wc_BioCtrl(bio, BIO_C_SET_BUFF_READ_DATA, num, buf)
/* BIO filter cipher */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_f_cipher(void);
WOLFSSL_API void wc_BioSetCipher(WOLFCRYPT_BIO *bio,
const WOLFCRYPT_EVP_CIPHER *cipher,
const unsigned char *key,
const unsigned char *iv, int enc);
#define wc_BioGetCipherStatus(bio) \
wc_BioCtrl(bio, BIO_C_GET_CIPHER_STATUS, 0, NULL)
#define wc_BioGetCipherCtx(bio, ctx) \
wc_BioCtrl(bio, BIO_C_GET_CIPHER_CTX, 0, ctx)
/* BIO filter base64 */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_f_base64(void);
/* BIO filter digest */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_f_md(void);
#define wc_BioSetMd(bio, md) \
wc_BioCtrl(bio, BIO_C_SET_MD, 0, (WOLFCRYPT_EVP_MD *)md)
#define wc_BioGetMd(bio,md) \
wc_BioCtrl(bio, BIO_C_GET_MD, 0, (WOLFCRYPT_EVP_MD *)md)
#define wc_BioGetmdCtx(bio,ctx) \
wc_BioCtrl(bio, BIO_C_GET_MD_CTX, 0, (WOLFCRYPT_EVP_MD_CTX *)ctx)
#define wc_BioSetMdCtx(bio, ctx) \
wc_BioCtrl(bio, BIO_C_SET_MD_CTX, 0, (WOLFCRYPT_EVP_MD_CTX *)ctx)
/* BIO filter SSL */
WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_f_ssl(void);
WOLFSSL_API void wc_BioSSLShutdown(WOLFCRYPT_BIO *bio);
#define wc_BioSetSSL(bio, ssl, mode) \
wc_BioCtrl(bio, BIO_C_SET_SSL, mode, ssl)
#define wc_BioGetSSL(bio, ssl) \
wc_BioCtrl(bio, BIO_C_GET_SSL, 0, ssl)
#define wc_BIOSetSSLMode(bio, client) \
wc_BioCtrl(bio, BIO_C_SSL_MODE, client, NULL)
#define wc_BIOSetSSLRenegotiateBytes(bio, num) \
wc_BIOCtrl(bio, BIO_C_SET_SSL_RENEGOTIATE_BYTES, num, NULL);
#define wc_BIOGetNumRenegotiates(bio) \
wc_BIOCtrl(bio, BIO_C_GET_SSL_NUM_RENEGOTIATES, 0, NULL);
#define wc_BIOSetSSLRenegotiateTimeout(bio, seconds) \
wc_BIOCtrl(bio, BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT, seconds, NULL);
/* BIO socket internal functions */
int wc_BioGetHostIp(const char *str, unsigned char *ip);
int wc_BioGetPort(const char *str, unsigned short *port_ptr);
int wc_BioSockError(int sock);
int wc_BioSockInit(void);
void wc_BioSockCleanup(void);
int wc_BioGetAcceptSocket(char *host, int bind_mode);
int wc_BioAccept(int sock, char **addr);
int wc_BioSetTcpNdelay(int s, int on);
int wc_BioSetTcpNsigpipe(int s, int on);
int wc_BioSocketNbio(int s, int mode);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* OPENSSL_EXTRA */
#endif /* WOLF_CRYPT_BIO_H */

352
wolfssl/wolfcrypt/compat-wolfcrypt.h Normal file
View File

@ -0,0 +1,352 @@
/* evp.h
*
* Copyright (C) 2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef WOLF_CRYPT_COMPAT_WOLFSSL_H
#define WOLF_CRYPT_COMPAT_WOLFSSL_H
#include <wolfssl/wolfcrypt/settings.h>
#ifndef NO_MD5
#include <wolfssl/wolfcrypt/md5.h>
#endif
#include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/des3.h>
#include <wolfssl/wolfcrypt/arc4.h>
#include <wolfssl/wolfcrypt/idea.h>
#include <wolfssl/wolfcrypt/hmac.h>
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/sha512.h>
#ifdef __cplusplus
extern "C" {
#endif
/* EVP digest */
typedef char WOLFCRYPT_EVP_MD;
#ifndef NO_MD5
WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_md5(void);
#endif
#ifndef NO_SHA
WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_sha1(void);
#endif
WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_sha256(void);
#ifdef WOLFSSL_SHA384
WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_sha384(void);
#endif
#ifdef WOLFSSL_SHA512
WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_sha512(void);
#endif
#ifdef WOLFSSL_RIPEMD
WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_ripemd160(void);
#endif
/* EVP Cipher */
typedef char WOLFCRYPT_EVP_CIPHER;
#ifndef NO_AES
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_128_cbc(void);
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_192_cbc(void);
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_256_cbc(void);
#ifdef WOLFSSL_AES_COUNTER
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_128_ctr(void);
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_192_ctr(void);
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_256_ctr(void);
#endif /* WOLFSSL_AES_COUNTER */
#endif /* NO_AES */
#ifndef NO_DES3
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_des_cbc(void);
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_des_ede3_cbc(void);
#endif
#ifdef HAVE_IDEA
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_idea_cbc(void);
#endif
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_rc4(void);
WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_enc_null(void);
enum WC_Digest {
MD5_DIGEST_LENGTH = 16,
SHA_DIGEST_LENGTH = 20,
SHA256_DIGEST_LENGTH = 32,
SHA384_DIGEST_LENGTH = 48,
SHA512_DIGEST_LENGTH = 64
};
#ifndef EVP_MAX_MD_SIZE
#define EVP_MAX_MD_SIZE 64 /* sha512 */
#endif
enum WC_Cipher {
RC4_KEY_SIZE = 16, /* always 128bit */
DES_KEY_SIZE = 8, /* des */
DES3_KEY_SIZE = 24, /* 3 des ede */
DES_IV_SIZE = 8, /* des */
AES_256_KEY_SIZE = 32, /* for 256 bit */
AES_192_KEY_SIZE = 24, /* for 192 bit */
AES_IV_SIZE = 16, /* always block size */
AES_128_KEY_SIZE = 16, /* for 128 bit */
EVP_SALT_SIZE = 8, /* evp salt size 64 bits */
};
#ifndef NO_MD5
typedef struct {
int holder[24]; /* big enough, but check on init */
} WOLFCRYPT_MD5_CTX;
WOLFSSL_API void wc_MD5_Init(WOLFCRYPT_MD5_CTX*);
WOLFSSL_API void wc_MD5_Update(WOLFCRYPT_MD5_CTX*, const void*, unsigned long);
WOLFSSL_API void wc_MD5_Final(unsigned char*, WOLFCRYPT_MD5_CTX*);
#endif /* NO_MD5 */
typedef struct {
int holder[24]; /* big enough, but check on init */
} WOLFCRYPT_SHA_CTX;
WOLFSSL_API void wc_SHA_Init(WOLFCRYPT_SHA_CTX*);
WOLFSSL_API void wc_SHA_Update(WOLFCRYPT_SHA_CTX*, const void*, unsigned long);
WOLFSSL_API void wc_SHA_Final(unsigned char*, WOLFCRYPT_SHA_CTX*);
/* SHA1 points to above, shouldn't use SHA0 ever */
WOLFSSL_API void wc_SHA1_Init(WOLFCRYPT_SHA_CTX*);
WOLFSSL_API void wc_SHA1_Update(WOLFCRYPT_SHA_CTX*, const void*, unsigned long);
WOLFSSL_API void wc_SHA1_Final(unsigned char*, WOLFCRYPT_SHA_CTX*);
typedef struct {
int holder[28]; /* big enough, but check on init */
} WOLFCRYPT_SHA256_CTX;
WOLFSSL_API void wc_SHA256_Init(WOLFCRYPT_SHA256_CTX*);
WOLFSSL_API void wc_SHA256_Update(WOLFCRYPT_SHA256_CTX*,
const void*, unsigned long);
WOLFSSL_API void wc_SHA256_Final(unsigned char*, WOLFCRYPT_SHA256_CTX*);
#ifdef WOLFSSL_SHA384
typedef struct {
long long holder[32]; /* big enough, but check on init */
} WOLFCRYPT_SHA384_CTX;
WOLFSSL_API void wc_SHA384_Init(WOLFCRYPT_SHA384_CTX*);
WOLFSSL_API void wc_SHA384_Update(WOLFCRYPT_SHA384_CTX*,
const void*, unsigned long);
WOLFSSL_API void wc_SHA384_Final(unsigned char*, WOLFCRYPT_SHA384_CTX*);
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
typedef struct {
long long holder[36]; /* big enough, but check on init */
} WOLFCRYPT_SHA512_CTX;
WOLFSSL_API void wc_SHA512_Init(WOLFCRYPT_SHA512_CTX*);
WOLFSSL_API void wc_SHA512_Update(WOLFCRYPT_SHA512_CTX*,
const void*, unsigned long);
WOLFSSL_API void wc_SHA512_Final(unsigned char*, WOLFCRYPT_SHA512_CTX*);
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_RIPEMD
typedef struct {
int holder[32]; /* big enough, but check on init */
} WOLFCRYPT_RIPEMD_CTX;
WOLFSSL_API void wc_RIPEMD_Init(WOLFCRYPT_RIPEMD_CTX*);
WOLFSSL_API void wc_RIPEMD_Update(WOLFCRYPT_RIPEMD_CTX*,
const void*, unsigned long);
WOLFSSL_API void wc_RIPEMD_Final(unsigned char*, WOLFCRYPT_RIPEMD_CTX*);
#endif /* WOLFSSL_RIPEMD */
typedef struct {
Hmac hmac;
int type;
} WOLFCRYPT_HMAC_CTX;
WOLFSSL_API void wc_HMAC_Init(WOLFCRYPT_HMAC_CTX* ctx, const void* key,
int keylen, const WOLFCRYPT_EVP_MD* type);
WOLFSSL_API void wc_HMAC_Update(WOLFCRYPT_HMAC_CTX* ctx,
const unsigned char* data, int len);
WOLFSSL_API void wc_HMAC_Final(WOLFCRYPT_HMAC_CTX* ctx, unsigned char* hash,
unsigned int* len);
WOLFSSL_API void wc_HMAC_cleanup(WOLFCRYPT_HMAC_CTX* ctx);
WOLFSSL_API unsigned char* wc_HMAC(const WOLFCRYPT_EVP_MD* evp_md,
const void* key, int key_len,
const unsigned char* d, int n,
unsigned char* md, unsigned int* md_len);
typedef union {
#ifndef NO_MD5
WOLFCRYPT_MD5_CTX md5;
#endif
WOLFCRYPT_SHA_CTX sha;
WOLFCRYPT_SHA256_CTX sha256;
#ifdef WOLFSSL_SHA384
WOLFCRYPT_SHA384_CTX sha384;
#endif
#ifdef WOLFSSL_SHA512
WOLFCRYPT_SHA512_CTX sha512;
#endif
#ifdef WOLFSSL_RIPEMD
WOLFCRYPT_RIPEMD_CTX ripemd;
#endif
} WOLFCRYPT_Hasher;
typedef struct WOLFCRYPT_EVP_MD_CTX {
unsigned char macType;
int macSize;
const WOLFCRYPT_EVP_MD *digest;
WOLFCRYPT_Hasher hash;
} WOLFCRYPT_EVP_MD_CTX;
typedef union {
#ifndef NO_AES
Aes aes;
#endif
#ifndef NO_DES3
Des des;
Des3 des3;
#endif
Arc4 arc4;
#ifdef HAVE_IDEA
Idea idea;
#endif
} WOLFCRYPT_Cipher;
enum {
AES_128_CBC_TYPE = 1,
AES_192_CBC_TYPE = 2,
AES_256_CBC_TYPE = 3,
AES_128_CTR_TYPE = 4,
AES_192_CTR_TYPE = 5,
AES_256_CTR_TYPE = 6,
DES_CBC_TYPE = 7,
DES_EDE3_CBC_TYPE = 8,
ARC4_TYPE = 9,
NULL_CIPHER_TYPE = 10,
EVP_PKEY_RSA = 11,
EVP_PKEY_DSA = 12,
EVP_PKEY_EC = 13,
IDEA_CBC_TYPE = 14,
NID_sha1 = 64,
NID_md2 = 3,
NID_md5 = 4
};
typedef struct {
int keyLen; /* user may set for variable */
int blockSize;
int bufLen;
unsigned char enc; /* if encrypt side, then true */
unsigned char cipherType;
unsigned char final_used;
unsigned char ivUpdate;
unsigned char padding;
#ifndef NO_AES
unsigned char iv[AES_BLOCK_SIZE]; /* working iv pointer into cipher */
unsigned char buf[AES_BLOCK_SIZE];
unsigned char final[AES_BLOCK_SIZE];
#elif !defined(NO_DES3) || defined(HAVE_IDEA)
unsigned char iv[DES_BLOCK_SIZE]; /* working iv pointer into cipher */
unsigned char buf[DES_BLOCK_SIZE];
unsigned char final[DES_BLOCK_SIZE];
#endif
WOLFCRYPT_Cipher cipher;
} WOLFCRYPT_EVP_CIPHER_CTX;
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
extern const char *EVP_AES_128_CBC;
extern const char *EVP_AES_192_CBC;
extern const char *EVP_AES_256_CBC;
#if defined(OPENSSL_EXTRA)
extern const char *EVP_AES_128_CTR;
extern const char *EVP_AES_192_CTR;
extern const char *EVP_AES_256_CTR;
#endif
extern const int EVP_AES_SIZE;
extern const char *EVP_DES_CBC;
extern const int EVP_DES_SIZE;
extern const char *EVP_DES_EDE3_CBC;
extern const int EVP_DES_EDE3_SIZE;
#ifdef HAVE_IDEA
extern const char *EVP_IDEA_CBC;
extern const int EVP_IDEA_SIZE;
#endif
#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */
WOLFSSL_API int wc_EVP_MD_size(const WOLFCRYPT_EVP_MD* md);
WOLFSSL_API void wc_EVP_MD_CTX_init(WOLFCRYPT_EVP_MD_CTX* ctx);
WOLFSSL_API int wc_EVP_MD_CTX_cleanup(WOLFCRYPT_EVP_MD_CTX* ctx);
WOLFSSL_API int wc_EVP_MD_CTX_copy(WOLFCRYPT_EVP_MD_CTX *out,
const WOLFCRYPT_EVP_MD_CTX *in);
WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_get_digestbynid(int);
WOLFSSL_API int wc_EVP_DigestInit(WOLFCRYPT_EVP_MD_CTX* ctx,
const WOLFCRYPT_EVP_MD* type);
WOLFSSL_API int wc_EVP_DigestUpdate(WOLFCRYPT_EVP_MD_CTX* ctx,
const void* data, unsigned long sz);
WOLFSSL_API int wc_EVP_DigestFinal(WOLFCRYPT_EVP_MD_CTX* ctx,
unsigned char* md, unsigned int* s);
WOLFSSL_API int wc_EVP_DigestFinal_ex(WOLFCRYPT_EVP_MD_CTX* ctx,
unsigned char* md, unsigned int* s);
#ifndef NO_MD5
WOLFSSL_API int wc_EVP_BytesToKey(const WOLFCRYPT_EVP_CIPHER*,
const WOLFCRYPT_EVP_MD*,
const unsigned char*, const unsigned char*,
int, int, unsigned char*, unsigned char*);
#endif
WOLFSSL_API void wc_EVP_CIPHER_CTX_init(WOLFCRYPT_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wc_EVP_CIPHER_CTX_cleanup(WOLFCRYPT_EVP_CIPHER_CTX* ctx);
WOLFSSL_API int wc_EVP_CIPHER_CTX_iv_length(const WOLFCRYPT_EVP_CIPHER_CTX*);
WOLFSSL_API int wc_EVP_CipherInit(WOLFCRYPT_EVP_CIPHER_CTX* ctx,
const WOLFCRYPT_EVP_CIPHER* type,
unsigned char* key, unsigned char* iv,
int enc);
WOLFSSL_API int wc_EVP_CipherUpdate(WOLFCRYPT_EVP_CIPHER_CTX *ctx,
unsigned char *dst, int *dstLen,
const unsigned char *src, int len);
WOLFSSL_API int wc_EVP_CipherFinal(WOLFCRYPT_EVP_CIPHER_CTX *ctx,
unsigned char *dst, int *dstLen);
WOLFSSL_API int wc_EVP_CIPHER_CTX_key_length(WOLFCRYPT_EVP_CIPHER_CTX*);
WOLFSSL_API int wc_EVP_CIPHER_CTX_set_key_length(WOLFCRYPT_EVP_CIPHER_CTX*,
int);
WOLFSSL_API int wc_EVP_CIPHER_CTX_copy(WOLFCRYPT_EVP_CIPHER_CTX *out,
const WOLFCRYPT_EVP_CIPHER_CTX *in);
WOLFSSL_API int wc_EVP_Cipher(WOLFCRYPT_EVP_CIPHER_CTX* ctx,
unsigned char* dst, unsigned char* src,
unsigned int len);
#ifndef EVP_MAX_MD_SIZE
#define EVP_MAX_MD_SIZE 64 /* sha512 */
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_COMPAT_WOLFSSL_H */

34
wolfssl/wolfcrypt/error-crypt.h
View File

@ -174,7 +174,39 @@ enum {
WC_KEY_SIZE_E = -234, /* Key size error, either too small or large */
ASN_COUNTRY_SIZE_E = -235, /* ASN Cert Gen, invalid country code size */
MIN_CODE_E = -300 /* errors -101 - -299 */
BIO_CALLBACK_E = -250, /* BIO callback function failed */
BIO_CREATE_METHOD_E = -251, /* BIO method create function failed */
BIO_FIND_TYPE_E = -252, /* BIO find type failed */
BIO_CTRL_E = -253, /* BIO Control function failed */
BIO_UNINITIALIZED_E = -254, /* BIO is not initialized */
BIO_PUTS_E = -255, /* BIO puts function failed */
BIO_FILE_READ_E = -256, /* BIO file read failed */
BIO_FILE_WRITE_E = -257, /* BIO file write failed */
BIO_FILE_MODE_E = -258, /* BIO file bad open mode */
BIO_FILE_OPEN_E = -259, /* BIO file open failed */
BIO_FILE_GETS_E = -260, /* BIO file gets failed */
BIO_MEM_WRITE_E = -261, /* BIO memory write failed */
BIO_B64_ENCODE_E = -262, /* BIO filter base64 encode failed */
BIO_B64_DECODE_E = -263, /* BIO filter base64 decode failed */
BIO_DGST_INIT_E = -264, /* BIO filter digest init failed */
BIO_DGST_UPDATE_E = -265, /* BIO filter digest update failed */
BIO_DGST_FINAL_E = -266, /* BIO filter digest final failed */
BIO_NO_HOSTNAME_E = -267, /* BIO connect, no hostname provided */
BIO_NO_PORT_E = -268, /* BIO connect, no port provided */
BIO_CREATE_SOCKET_E = -269, /* BIO connect, create socket failed */
BIO_NBIO_E = -270, /* BIO connect, NBIO error */
BIO_CONNECT_E = -271, /* BIO connect, connect failed */
BIO_ADDR_AF_INET_E = -272, /* BIO connect, address not AF_INET type */
BIO_SRV_PROTO_E = -273, /* BIO connect, bad server protocol */
BIO_WSASTARTUP_E = -274, /* BIO connect, WSA Startup failed */
BIO_BIND_SOCKET_E = -275, /* BIO connect, Bind socket failed */
BIO_LISTEN_SOCKET_E = -276, /* BIO connect, Listen socket failed */
BIO_ACCEPT_E = -277, /* BIO connect, Accept failed */
BIO_KEEPALIVE_E = -278, /* BIO connect, Keep ALive failed */
BIO_OPTIONS_E = -279, /* BIO connect, Options error */
BIO_BAD_REF = -280, /* BIO, Bad reference number */
MIN_CODE_E = -300 /* errors -101 - -299 */
/* add new companion error id strings for any new error codes
wolfcrypt/src/error.c !!! */

2
wolfssl/wolfcrypt/include.am
View File

@ -15,6 +15,8 @@ nobase_include_HEADERS+= \
wolfssl/wolfcrypt/dh.h \
wolfssl/wolfcrypt/dsa.h \
wolfssl/wolfcrypt/ecc.h \
wolfssl/wolfcrypt/bio.h \
wolfssl/wolfcrypt/compat-wolfcrypt.h \
wolfssl/wolfcrypt/curve25519.h \
wolfssl/wolfcrypt/ed25519.h \
wolfssl/wolfcrypt/fe_operations.h \