forked from wolfSSL/wolfssl
wolfSSL Compatibility support for OpenVPN
* Adds compatibility API's for: * `sk_ASN1_OBJECT_free` * `sk_ASN1_OBJECT_num` * `sk_ASN1_OBJECT_value` * `sk_X509_OBJECT_num` * `sk_X509_OBJECT_value` * `sk_X509_OBJECT_delete` * `sk_X509_NAME_find` * `sk_X509_INFO_free` * `BIO_get_len` * `BIO_set_ssl` * `BIO_should_retry` (stub) * `X509_OBJECT_free` * `X509_NAME_get_index_by_OBJ` * `X509_INFO_free` * `X509_STORE_get0_objects` * `X509_check_purpose` (stub) * `PEM_read_bio_X509_CRL` * `PEM_X509_INFO_read_bio` * `ASN1_BIT_STRING_new` * `ASN1_BIT_STRING_free` * `ASN1_BIT_STRING_get_bit` * `ASN1_BIT_STRING_set_bit` * `DES_check_key_parity` * `EC_GROUP_order_bits` * `EC_get_builtin_curves` * `EVP_CIPHER_CTX_cipher` * `EVP_PKEY_get0_EC_KEY` * `EVP_PKEY_get0_RSA` * `EVP_PKEY_get0_DSA` (stub) * `HMAC_CTX_new` * `HMAC_CTX_free` * `HMAC_CTX_reset` * `HMAC_size` * `OBJ_txt2obj` * `RSA_meth_new` * `RSA_meth_free` * `RSA_meth_set_pub_enc` * `RSA_meth_set_pub_dec` * `RSA_meth_set_priv_enc` * `RSA_meth_set_priv_dec` * `RSA_meth_set_init` * `RSA_meth_set_finish` * `RSA_meth_set0_app_data` * `RSA_get_method_data` * `RSA_set_method` * `RSA_get0_key` * `RSA_set0_key` * `RSA_flags` * `RSA_set_flags` * `RSA_bits` * `SSL_CTX_set_ciphersuites` * `SSL_CTX_set_security_level` (stub) * `SSL_export_keying_material` (stub) * `DSA_bits` (stub) * Changes to support password callback trial and NO_PASSWORD. Replaces PR #2505. * Renamed `wolfSSL_SSL_CTX_get_client_CA_list` to `wolfSSL_CTX_get_client_CA_list`. * Cleanup of "sk" compatibility.
This commit is contained in:
David Garske
3
.gitignore
vendored
3
.gitignore
vendored
@ -324,10 +324,11 @@ doc/pdf
|
||||
# XCODE Index
|
||||
IDE/XCODE/Index
|
||||
|
||||
# ARM DS-5
|
||||
# ARM DS-5 && Eclipse
|
||||
\.settings/
|
||||
\.cproject
|
||||
\.project
|
||||
\.autotools
|
||||
|
||||
# Renesas e2studio
|
||||
/IDE/Renesas/e2studio/Projects/test/src/smc_gen
|
||||
|
||||
BIN
certs/client-cert-ext.der
Normal file
BIN
certs/client-cert-ext.der
Normal file
Binary file not shown.
93
certs/client-cert-ext.pem
Normal file
93
certs/client-cert-ext.pem
Normal file
@ -0,0 +1,93 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number:
|
||||
7e:ff:c6:42:4f:83:8b:1f:1a:9d:4e:2f:ba:27:9f:97:d7:e2:ea:ab
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
|
||||
Validity
|
||||
Not Before: Sep 20 14:13:15 2019 GMT
|
||||
Not After : Jun 16 14:13:15 2022 GMT
|
||||
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
RSA Public-Key: (2048 bit)
|
||||
Modulus:
|
||||
00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b:
|
||||
2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07:
|
||||
32:8e:d0:ba:69:7b:c6:c3:44:9e:d4:81:48:fd:2d:
|
||||
68:a2:8b:67:bb:a1:75:c8:36:2c:4a:d2:1b:f7:8b:
|
||||
ba:cf:0d:f9:ef:ec:f1:81:1e:7b:9b:03:47:9a:bf:
|
||||
65:cc:7f:65:24:69:a6:e8:14:89:5b:e4:34:f7:c5:
|
||||
b0:14:93:f5:67:7b:3a:7a:78:e1:01:56:56:91:a6:
|
||||
13:42:8d:d2:3c:40:9c:4c:ef:d1:86:df:37:51:1b:
|
||||
0c:a1:3b:f5:f1:a3:4a:35:e4:e1:ce:96:df:1b:7e:
|
||||
bf:4e:97:d0:10:e8:a8:08:30:81:af:20:0b:43:14:
|
||||
c5:74:67:b4:32:82:6f:8d:86:c2:88:40:99:36:83:
|
||||
ba:1e:40:72:22:17:d7:52:65:24:73:b0:ce:ef:19:
|
||||
cd:ae:ff:78:6c:7b:c0:12:03:d4:4e:72:0d:50:6d:
|
||||
3b:a3:3b:a3:99:5e:9d:c8:d9:0c:85:b3:d9:8a:d9:
|
||||
54:26:db:6d:fa:ac:bb:ff:25:4c:c4:d1:79:f4:71:
|
||||
d3:86:40:18:13:b0:63:b5:72:4e:30:c4:97:84:86:
|
||||
2d:56:2f:d7:15:f7:7f:c0:ae:f5:fc:5b:e5:fb:a1:
|
||||
ba:d3
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Subject Key Identifier:
|
||||
33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
|
||||
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
|
||||
serial:7E:FF:C6:42:4F:83:8B:1F:1A:9D:4E:2F:BA:27:9F:97:D7:E2:EA:AB
|
||||
|
||||
X509v3 Basic Constraints:
|
||||
CA:TRUE
|
||||
X509v3 Subject Alternative Name:
|
||||
DNS:example.com
|
||||
X509v3 Key Usage: critical
|
||||
Digital Signature, Certificate Sign, CRL Sign
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
46:c2:a5:a6:32:84:b0:68:03:41:de:37:da:c3:b8:46:71:3a:
|
||||
31:aa:1a:f0:81:28:c3:07:37:61:17:7d:10:45:ee:ef:cd:c0:
|
||||
19:2f:9e:95:01:5d:d6:09:13:8e:19:ea:da:27:75:66:21:e1:
|
||||
bd:f8:97:a0:b5:8b:9e:71:13:26:75:50:34:f5:ac:8e:f8:d3:
|
||||
89:d7:52:0a:f2:5f:3e:07:c2:02:e0:36:73:75:30:a9:5a:ba:
|
||||
24:ef:fb:28:08:0d:31:53:84:3d:fd:1d:92:f9:15:da:01:7c:
|
||||
20:70:d5:b6:0d:ea:3a:f1:85:90:b1:c3:b7:71:20:cb:03:22:
|
||||
f3:8f:e5:02:4f:b1:77:1c:97:17:2c:3b:e9:41:1a:18:7c:89:
|
||||
d9:8e:5f:34:6c:66:9c:61:79:f5:bd:df:68:2e:14:cc:11:d7:
|
||||
e5:ce:9f:8a:0d:86:94:15:86:fa:32:0f:90:18:d1:2d:df:16:
|
||||
56:58:09:25:91:21:c2:d3:f6:7e:c8:49:aa:00:d7:61:c7:9d:
|
||||
d2:23:b1:7f:96:b0:79:6e:8b:09:38:2f:13:e1:48:9e:9a:28:
|
||||
d4:08:44:73:29:52:49:eb:9d:fb:a6:f8:1f:2e:c5:d3:31:52:
|
||||
86:ea:18:99:1d:73:ab:4b:f3:7c:6f:f5:84:c3:96:fb:02:36:
|
||||
d9:13:64:8b
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFCDCCA/CgAwIBAgIUfv/GQk+Dix8anU4vuiefl9fi6qswDQYJKoZIhvcNAQEL
|
||||
BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
|
||||
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t
|
||||
aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
|
||||
ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0xOTA5MjAxNDEzMTVaFw0yMjA2MTYxNDEz
|
||||
MTVaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
|
||||
Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt
|
||||
bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
|
||||
CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||
AoIBAQDDA9Er/jmkMkU7U8iEKyp8dJq9qipSB0fWpjayBzKO0Lppe8bDRJ7UgUj9
|
||||
LWiii2e7oXXINixK0hv3i7rPDfnv7PGBHnubA0eav2XMf2UkaaboFIlb5DT3xbAU
|
||||
k/Vnezp6eOEBVlaRphNCjdI8QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ
|
||||
6KgIMIGvIAtDFMV0Z7Qygm+NhsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8AS
|
||||
A9ROcg1QbTujO6OZXp3I2QyFs9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4w
|
||||
xJeEhi1WL9cV93/ArvX8W+X7obrTAgMBAAGjggE6MIIBNjAdBgNVHQ4EFgQUM9hF
|
||||
Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH
|
||||
JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
|
||||
DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM
|
||||
EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
|
||||
CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfv/GQk+Dix8anU4vuiefl9fi
|
||||
6qswDAYDVR0TBAUwAwEB/zAWBgNVHREEDzANggtleGFtcGxlLmNvbTAOBgNVHQ8B
|
||||
Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAEbCpaYyhLBoA0HeN9rDuEZxOjGq
|
||||
GvCBKMMHN2EXfRBF7u/NwBkvnpUBXdYJE44Z6tondWYh4b34l6C1i55xEyZ1UDT1
|
||||
rI7404nXUgryXz4HwgLgNnN1MKlauiTv+ygIDTFThD39HZL5FdoBfCBw1bYN6jrx
|
||||
hZCxw7dxIMsDIvOP5QJPsXcclxcsO+lBGhh8idmOXzRsZpxhefW932guFMwR1+XO
|
||||
n4oNhpQVhvoyD5AY0S3fFlZYCSWRIcLT9n7ISaoA12HHndIjsX+WsHluiwk4LxPh
|
||||
SJ6aKNQIRHMpUknrnfum+B8uxdMxUobqGJkdc6tL83xv9YTDlvsCNtkTZIs=
|
||||
-----END CERTIFICATE-----
|
||||
@ -51,7 +51,9 @@ EXTRA_DIST += \
|
||||
certs/ecc-privOnlyCert.pem \
|
||||
certs/dh3072.pem \
|
||||
certs/client-cert-3072.pem \
|
||||
certs/client-key-3072.pem
|
||||
certs/client-key-3072.pem \
|
||||
certs/client-cert-ext.pem
|
||||
|
||||
EXTRA_DIST += \
|
||||
certs/ca-key.der \
|
||||
certs/ca-cert.der \
|
||||
@ -75,7 +77,8 @@ EXTRA_DIST += \
|
||||
certs/server-ecc.der \
|
||||
certs/server-ecc-self.der \
|
||||
certs/server-ecc-rsa.der \
|
||||
certs/server-cert-chain.der
|
||||
certs/server-cert-chain.der \
|
||||
certs/client-cert-ext.der
|
||||
|
||||
# ECC CA prime256v1
|
||||
EXTRA_DIST += \
|
||||
|
||||
@ -124,6 +124,7 @@ authorityKeyIdentifier=keyid,issuer
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
basicConstraints=CA:true
|
||||
subjectAltName=DNS:example.com
|
||||
|
||||
#wolfssl extensions for intermediate CAs
|
||||
[wolfssl_opts_ICA]
|
||||
|
||||
36
src/bio.c
36
src/bio.c
@ -1306,6 +1306,42 @@ long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v)
|
||||
return 0;
|
||||
}
|
||||
|
||||
int wolfSSL_BIO_get_len(WOLFSSL_BIO *bio)
|
||||
{
|
||||
int len;
|
||||
#ifndef NO_FILESYSTEM
|
||||
long memSz;
|
||||
XFILE file;
|
||||
long curr = 0;
|
||||
#endif
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_BIO_get_len");
|
||||
|
||||
if ((len = wolfSSL_BIO_pending(bio)) > 0) {
|
||||
}
|
||||
#ifndef NO_FILESYSTEM
|
||||
else if (bio->type == WOLFSSL_BIO_FILE) {
|
||||
if (wolfSSL_BIO_get_fp(bio, &file) != WOLFSSL_SUCCESS)
|
||||
len = BAD_FUNC_ARG;
|
||||
if (len == 0) {
|
||||
curr = XFTELL(file);
|
||||
if (curr < 0) {
|
||||
len = WOLFSSL_BAD_FILE;
|
||||
}
|
||||
if (XFSEEK(file, 0, XSEEK_END) != 0)
|
||||
len = WOLFSSL_BAD_FILE;
|
||||
}
|
||||
if (len == 0) {
|
||||
memSz = XFTELL(file) - curr;
|
||||
len = (int)memSz;
|
||||
if (XFSEEK(file, curr, SEEK_SET) != 0)
|
||||
len = WOLFSSL_BAD_FILE;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
return len;
|
||||
}
|
||||
|
||||
|
||||
void wolfSSL_BIO_set_callback(WOLFSSL_BIO *bio, wolf_bio_info_cb callback_func)
|
||||
{
|
||||
|
||||
559
tests/api.c
559
tests/api.c
@ -1837,7 +1837,7 @@ static void test_wolfSSL_ECDSA_SIG(void)
|
||||
/* Test function for wolfSSL_EVP_get_cipherbynid.
|
||||
*/
|
||||
|
||||
# if defined(OPENSSL_EXTRA)
|
||||
#ifdef OPENSSL_EXTRA
|
||||
static void test_wolfSSL_EVP_get_cipherbynid(void)
|
||||
{
|
||||
#ifndef NO_AES
|
||||
@ -1914,7 +1914,7 @@ static void test_wolfSSL_EVP_get_cipherbynid(void)
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
#endif
|
||||
#endif /* !NO_AES */
|
||||
|
||||
#ifndef NO_DES3
|
||||
AssertNotNull(strcmp("EVP_DES_CBC", wolfSSL_EVP_get_cipherbynid(31)));
|
||||
@ -1925,7 +1925,7 @@ static void test_wolfSSL_EVP_get_cipherbynid(void)
|
||||
#ifdef WOLFSSL_DES_ECB
|
||||
AssertNotNull(strcmp("EVP_DES_EDE3_ECB", wolfSSL_EVP_get_cipherbynid(33)));
|
||||
#endif
|
||||
#endif /*NO_DES3*/
|
||||
#endif /* !NO_DES3 */
|
||||
|
||||
#ifdef HAVE_IDEA
|
||||
AssertNotNull(strcmp("EVP_IDEA_CBC", wolfSSL_EVP_get_cipherbynid(34)));
|
||||
@ -1935,7 +1935,27 @@ static void test_wolfSSL_EVP_get_cipherbynid(void)
|
||||
AssertNull(wolfSSL_EVP_get_cipherbynid(1));
|
||||
|
||||
}
|
||||
#endif
|
||||
|
||||
static void test_wolfSSL_EVP_CIPHER_CTX()
|
||||
{
|
||||
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
|
||||
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
|
||||
const EVP_CIPHER *init = EVP_aes_128_cbc();
|
||||
const EVP_CIPHER *test = NULL;
|
||||
byte key[AES_128_KEY_SIZE] = {0};
|
||||
byte iv[AES_IV_SIZE] = {0};
|
||||
|
||||
AssertNotNull(ctx);
|
||||
wolfSSL_EVP_CIPHER_CTX_init(ctx);
|
||||
AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
|
||||
test = EVP_CIPHER_CTX_cipher(ctx);
|
||||
AssertTrue(init == test);
|
||||
AssertIntEQ(EVP_CIPHER_nid(test), NID_aes_128_cbc);
|
||||
|
||||
EVP_CIPHER_CTX_free(ctx);
|
||||
#endif /* !NO_AES && HAVE_AES_CBC && WOLFSSL_AES_128 */
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
/*----------------------------------------------------------------------------*
|
||||
| IO
|
||||
@ -4337,7 +4357,7 @@ static void test_wolfSSL_PKCS12(void)
|
||||
WOLFSSL_X509 *cert;
|
||||
WOLFSSL_X509 *x509;
|
||||
WOLFSSL_X509 *tmp;
|
||||
WOLF_STACK_OF(WOLFSSL_X509) *ca;
|
||||
STACK_OF(WOLFSSL_X509) *ca;
|
||||
|
||||
printf(testingFmt, "wolfSSL_PKCS12()");
|
||||
|
||||
@ -4568,6 +4588,61 @@ static void test_wolfSSL_PKCS12(void)
|
||||
#define TEST_PKCS8_ENC
|
||||
#endif
|
||||
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \
|
||||
&& defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS)
|
||||
static WC_INLINE int FailTestCallBack(char* passwd, int sz, int rw, void* userdata)
|
||||
{
|
||||
(void)passwd;
|
||||
(void)sz;
|
||||
(void)rw;
|
||||
(void)userdata;
|
||||
Fail(("Password callback should not be called by default"),
|
||||
("Password callback was called without attempting "
|
||||
"to first decipher private key without password."));
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
static void test_wolfSSL_no_password_cb(void)
|
||||
{
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \
|
||||
&& defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS)
|
||||
WOLFSSL_CTX* ctx;
|
||||
byte buffer[FOURK_BUF];
|
||||
const char eccPkcs8PrivKeyDerFile[] = "./certs/ecc-privkeyPkcs8.der";
|
||||
const char eccPkcs8PrivKeyPemFile[] = "./certs/ecc-privkeyPkcs8.pem";
|
||||
XFILE f;
|
||||
int bytes;
|
||||
|
||||
printf(testingFmt, "test_wolfSSL_no_password_cb()");
|
||||
|
||||
#ifndef NO_WOLFSSL_CLIENT
|
||||
AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLS_client_method()));
|
||||
#else
|
||||
AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLS_server_method()));
|
||||
#endif
|
||||
wolfSSL_CTX_set_default_passwd_cb(ctx, FailTestCallBack);
|
||||
|
||||
AssertTrue((f = XFOPEN(eccPkcs8PrivKeyDerFile, "rb")) != XBADFILE);
|
||||
bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f);
|
||||
XFCLOSE(f);
|
||||
AssertIntLE(bytes, sizeof(buffer));
|
||||
AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes,
|
||||
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
|
||||
|
||||
AssertTrue((f = XFOPEN(eccPkcs8PrivKeyPemFile, "rb")) != XBADFILE);
|
||||
bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f);
|
||||
XFCLOSE(f);
|
||||
AssertIntLE(bytes, sizeof(buffer));
|
||||
AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes,
|
||||
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
|
||||
|
||||
wolfSSL_CTX_free(ctx);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifdef TEST_PKCS8_ENC
|
||||
/* for PKCS8 test case */
|
||||
static WC_INLINE int PKCS8TestCallBack(char* passwd, int sz, int rw, void* userdata)
|
||||
@ -18447,11 +18522,46 @@ static void test_wolfSSL_X509_NAME(void)
|
||||
AssertIntGT((sz = i2d_X509_NAME((X509_NAME*)b, &tmp)), 0);
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
|
||||
|
||||
AssertNotNull(b = X509_NAME_dup((X509_NAME*)a));
|
||||
AssertIntEQ(X509_NAME_cmp(a, b), 0);
|
||||
X509_NAME_free((X509_NAME*)b);
|
||||
|
||||
X509_free(x509);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */
|
||||
}
|
||||
|
||||
static void test_wolfSSL_X509_INFO(void)
|
||||
{
|
||||
#if defined(OPENSSL_ALL)
|
||||
STACK_OF(X509_INFO) *info_stack;
|
||||
X509_INFO *info;
|
||||
BIO *cert;
|
||||
int i;
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509_INFO");
|
||||
|
||||
AssertNotNull(cert = BIO_new_file(cliCertFileExt, "r"));
|
||||
AssertNotNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL));
|
||||
for (i = 0; i < sk_X509_INFO_num(info_stack); i++) {
|
||||
AssertNotNull(info = sk_X509_INFO_value(info_stack, i));
|
||||
AssertNotNull(info->x509);
|
||||
AssertNull(info->crl);
|
||||
}
|
||||
sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
|
||||
BIO_free(cert);
|
||||
|
||||
AssertNotNull(cert = BIO_new_file(cliCertFileExt, "r"));
|
||||
AssertNotNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL));
|
||||
sk_X509_INFO_free(info_stack);
|
||||
BIO_free(cert);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_wolfSSL_X509_subject_name_hash(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
|
||||
@ -18501,6 +18611,7 @@ static void test_wolfSSL_DES(void)
|
||||
|
||||
/* set odd parity for success case */
|
||||
DES_set_odd_parity(&myDes);
|
||||
AssertIntEQ(DES_check_key_parity(&myDes), 1);
|
||||
printf("%02x %02x %02x %02x", myDes[0], myDes[1], myDes[2], myDes[3]);
|
||||
AssertIntEQ(DES_set_key_checked(&myDes, &key), 0);
|
||||
for (i = 0; i < sizeof(DES_key_schedule); i++) {
|
||||
@ -18685,7 +18796,8 @@ static void test_wolfSSL_certs(void)
|
||||
X509* x509;
|
||||
WOLFSSL* ssl;
|
||||
WOLFSSL_CTX* ctx;
|
||||
WOLF_STACK_OF(ASN1_OBJECT)* sk;
|
||||
STACK_OF(ASN1_OBJECT)* sk;
|
||||
ASN1_BIT_STRING* bit_str;
|
||||
int crit;
|
||||
|
||||
printf(testingFmt, "wolfSSL_certs()");
|
||||
@ -18712,7 +18824,7 @@ static void test_wolfSSL_certs(void)
|
||||
#endif /* HAVE_PK_CALLBACKS */
|
||||
|
||||
/* create and use x509 */
|
||||
x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM);
|
||||
x509 = wolfSSL_X509_load_certificate_file(cliCertFileExt, WOLFSSL_FILETYPE_PEM);
|
||||
AssertNotNull(x509);
|
||||
AssertIntEQ(SSL_use_certificate(ssl, x509), WOLFSSL_SUCCESS);
|
||||
|
||||
@ -18746,101 +18858,101 @@ static void test_wolfSSL_certs(void)
|
||||
#endif /* !NO_SHA && !NO_SHA256*/
|
||||
|
||||
/* test and checkout X509 extensions */
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_basic_constraints,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_basic_constraints,
|
||||
&crit, NULL);
|
||||
AssertNotNull(sk);
|
||||
AssertIntEQ(crit, 0);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_key_usage,
|
||||
&crit, NULL);
|
||||
/* AssertNotNull(sk); NID not yet supported */
|
||||
AssertIntEQ(crit, -1);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
bit_str = (ASN1_BIT_STRING*)X509_get_ext_d2i(x509, NID_key_usage, &crit, NULL);
|
||||
AssertNotNull(bit_str);
|
||||
AssertIntEQ(crit, 1);
|
||||
AssertIntEQ(bit_str->type, NID_key_usage);
|
||||
ASN1_BIT_STRING_free(bit_str);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_ext_key_usage,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_ext_key_usage,
|
||||
&crit, NULL);
|
||||
/* AssertNotNull(sk); no extension set */
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
|
||||
NID_authority_key_identifier, &crit, NULL);
|
||||
AssertNotNull(sk);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
|
||||
NID_private_key_usage_period, &crit, NULL);
|
||||
/* AssertNotNull(sk); NID not yet supported */
|
||||
AssertIntEQ(crit, -1);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_subject_alt_name,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_subject_alt_name,
|
||||
&crit, NULL);
|
||||
/* AssertNotNull(sk); no alt names set */
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_GENERAL_NAME_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_issuer_alt_name,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_issuer_alt_name,
|
||||
&crit, NULL);
|
||||
/* AssertNotNull(sk); NID not yet supported */
|
||||
AssertIntEQ(crit, -1);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_info_access, &crit,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_info_access, &crit,
|
||||
NULL);
|
||||
/* AssertNotNull(sk); no auth info set */
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_sinfo_access,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_sinfo_access,
|
||||
&crit, NULL);
|
||||
/* AssertNotNull(sk); NID not yet supported */
|
||||
AssertIntEQ(crit, -1);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_name_constraints,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_name_constraints,
|
||||
&crit, NULL);
|
||||
/* AssertNotNull(sk); NID not yet supported */
|
||||
AssertIntEQ(crit, -1);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
|
||||
NID_certificate_policies, &crit, NULL);
|
||||
#if !defined(WOLFSSL_SEP) && !defined(WOLFSSL_CERT_EXT)
|
||||
AssertNull(sk);
|
||||
#else
|
||||
/* AssertNotNull(sk); no cert policy set */
|
||||
#endif
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_policy_mappings,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_policy_mappings,
|
||||
&crit, NULL);
|
||||
/* AssertNotNull(sk); NID not yet supported */
|
||||
AssertIntEQ(crit, -1);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_policy_constraints,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_policy_constraints,
|
||||
&crit, NULL);
|
||||
/* AssertNotNull(sk); NID not yet supported */
|
||||
AssertIntEQ(crit, -1);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_inhibit_any_policy,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_inhibit_any_policy,
|
||||
&crit, NULL);
|
||||
/* AssertNotNull(sk); NID not yet supported */
|
||||
AssertIntEQ(crit, -1);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_tlsfeature, &crit,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_tlsfeature, &crit,
|
||||
NULL);
|
||||
/* AssertNotNull(sk); NID not yet supported */
|
||||
AssertIntEQ(crit, -1);
|
||||
wolfSSL_sk_ASN1_OBJECT_free(sk);
|
||||
sk_ASN1_OBJECT_free(sk);
|
||||
|
||||
/* test invalid cases */
|
||||
crit = 0;
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, -1, &crit, NULL);
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, -1, &crit, NULL);
|
||||
AssertNull(sk);
|
||||
AssertIntEQ(crit, -1);
|
||||
sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(NULL, NID_tlsfeature,
|
||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(NULL, NID_tlsfeature,
|
||||
NULL, NULL);
|
||||
AssertNull(sk);
|
||||
|
||||
@ -20196,7 +20308,7 @@ static void test_wolfSSL_X509_STORE_CTX(void)
|
||||
/* test X509_STORE_CTX_get/set_ex_data */
|
||||
{
|
||||
int i = 0, tmpData = 5;
|
||||
int* tmpDataRet;
|
||||
void* tmpDataRet;
|
||||
AssertNotNull(ctx = X509_STORE_CTX_new());
|
||||
#if defined(HAVE_EX_DATA) || defined(FORTRESS)
|
||||
for (i = 0; i < MAX_EX_DATA; i++) {
|
||||
@ -20204,7 +20316,7 @@ static void test_wolfSSL_X509_STORE_CTX(void)
|
||||
WOLFSSL_SUCCESS);
|
||||
tmpDataRet = (int*)X509_STORE_CTX_get_ex_data(ctx, i);
|
||||
AssertNotNull(tmpDataRet);
|
||||
AssertIntEQ(tmpData, *tmpDataRet);
|
||||
AssertIntEQ(tmpData, *(int*)tmpDataRet);
|
||||
}
|
||||
#else
|
||||
AssertIntEQ(X509_STORE_CTX_set_ex_data(ctx, i, &tmpData),
|
||||
@ -20387,18 +20499,27 @@ static void test_wolfSSL_X509_STORE_CTX_get0_store(void)
|
||||
|
||||
static void test_wolfSSL_CTX_set_client_CA_list(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \
|
||||
#if defined(OPENSSL_ALL) && !defined(NO_RSA) && !defined(NO_CERTS) && \
|
||||
!defined(NO_WOLFSSL_CLIENT)
|
||||
WOLFSSL_CTX* ctx;
|
||||
WOLF_STACK_OF(WOLFSSL_X509_NAME)* names = NULL;
|
||||
WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_list = NULL;
|
||||
X509_NAME* name = NULL;
|
||||
STACK_OF(X509_NAME)* names = NULL;
|
||||
STACK_OF(X509_NAME)* ca_list = NULL;
|
||||
int i, names_len;
|
||||
|
||||
printf(testingFmt, "wolfSSL_CTX_set_client_CA_list()");
|
||||
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
|
||||
names = wolfSSL_load_client_CA_file(cliCertFile);
|
||||
names = SSL_load_client_CA_file(cliCertFile);
|
||||
AssertNotNull(names);
|
||||
wolfSSL_CTX_set_client_CA_list(ctx,names);
|
||||
AssertNotNull(ca_list = wolfSSL_SSL_CTX_get_client_CA_list(ctx));
|
||||
SSL_CTX_set_client_CA_list(ctx,names);
|
||||
AssertNotNull(ca_list = SSL_CTX_get_client_CA_list(ctx));
|
||||
|
||||
AssertIntGT((names_len = sk_X509_NAME_num(names)), 0);
|
||||
for (i=0; i<names_len; i++) {
|
||||
AssertNotNull(name = sk_X509_NAME_value(names, i));
|
||||
AssertIntEQ(sk_X509_NAME_find(names, name), i);
|
||||
}
|
||||
|
||||
wolfSSL_CTX_free(ctx);
|
||||
printf(resultFmt, passed);
|
||||
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT */
|
||||
@ -20411,25 +20532,25 @@ static void test_wolfSSL_CTX_add_client_CA(void)
|
||||
WOLFSSL_CTX* ctx;
|
||||
WOLFSSL_X509* x509;
|
||||
WOLFSSL_X509* x509_a;
|
||||
WOLF_STACK_OF(WOLFSSLX509_NAME)* ca_list;
|
||||
STACK_OF(X509_NAME)* ca_list;
|
||||
int ret = 0;
|
||||
|
||||
printf(testingFmt, "wolfSSL_CTX_add_client_CA()");
|
||||
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
|
||||
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
|
||||
/* Add client cert */
|
||||
AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
|
||||
AssertNotNull(x509 = X509_load_certificate_file(cliCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
ret = wolfSSL_CTX_add_client_CA(ctx, x509);
|
||||
AssertIntEQ(ret ,SSL_SUCCESS);
|
||||
AssertNotNull(ca_list = wolfSSL_SSL_CTX_get_client_CA_list(ctx));
|
||||
ret = SSL_CTX_add_client_CA(ctx, x509);
|
||||
AssertIntEQ(ret, SSL_SUCCESS);
|
||||
AssertNotNull(ca_list = SSL_CTX_get_client_CA_list(ctx));
|
||||
/* Add another client cert */
|
||||
AssertNotNull(x509_a = wolfSSL_X509_load_certificate_file(cliCertFile,
|
||||
AssertNotNull(x509_a = X509_load_certificate_file(cliCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
AssertIntEQ(wolfSSL_CTX_add_client_CA(ctx, x509_a),SSL_SUCCESS);
|
||||
AssertIntEQ(SSL_CTX_add_client_CA(ctx, x509_a), SSL_SUCCESS);
|
||||
|
||||
wolfSSL_X509_free(x509);
|
||||
wolfSSL_X509_free(x509_a);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
X509_free(x509);
|
||||
X509_free(x509_a);
|
||||
SSL_CTX_free(ctx);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT */
|
||||
@ -21493,6 +21614,26 @@ static void test_wolfSSL_ASN1_STRING(void)
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_wolfSSL_ASN1_BIT_STRING(void)
|
||||
{
|
||||
#ifdef OPENSSL_ALL
|
||||
ASN1_BIT_STRING* str;
|
||||
|
||||
printf(testingFmt, "test_wolfSSL_ASN1_BIT_STRING()");
|
||||
AssertNotNull(str = ASN1_BIT_STRING_new());
|
||||
|
||||
AssertIntEQ(ASN1_BIT_STRING_set_bit(str, 42, 1), 1);
|
||||
AssertIntEQ(ASN1_BIT_STRING_get_bit(str, 42), 1);
|
||||
AssertIntEQ(ASN1_BIT_STRING_get_bit(str, 41), 0);
|
||||
AssertIntEQ(ASN1_BIT_STRING_set_bit(str, 84, 1), 1);
|
||||
AssertIntEQ(ASN1_BIT_STRING_get_bit(str, 84), 1);
|
||||
AssertIntEQ(ASN1_BIT_STRING_get_bit(str, 83), 0);
|
||||
|
||||
ASN1_BIT_STRING_free(str);
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
static void test_wolfSSL_DES_ecb_encrypt(void)
|
||||
{
|
||||
@ -22331,7 +22472,7 @@ static void test_wolfSSL_ERR_print_errors(void)
|
||||
static void test_wolfSSL_HMAC(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
|
||||
HMAC_CTX hmac;
|
||||
HMAC_CTX* hmac;
|
||||
ENGINE* e = NULL;
|
||||
const unsigned char key[] = "simple test key";
|
||||
unsigned char hash[WC_MAX_DIGEST_SIZE];
|
||||
@ -22340,17 +22481,20 @@ static void test_wolfSSL_HMAC(void)
|
||||
|
||||
printf(testingFmt, "wolfSSL_HMAC()");
|
||||
|
||||
HMAC_CTX_init(&hmac);
|
||||
AssertIntEQ(HMAC_Init_ex(&hmac, (void*)key, (int)sizeof(key),
|
||||
AssertNotNull(hmac = HMAC_CTX_new());
|
||||
HMAC_CTX_init(hmac);
|
||||
AssertIntEQ(HMAC_Init_ex(hmac, (void*)key, (int)sizeof(key),
|
||||
EVP_sha256(), e), SSL_SUCCESS);
|
||||
|
||||
/* re-using test key as data to hash */
|
||||
AssertIntEQ(HMAC_Update(&hmac, key, (int)sizeof(key)), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&hmac, NULL, 0), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&hmac, hash, &len), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(hmac, key, (int)sizeof(key)), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(hmac, NULL, 0), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(hmac, hash, &len), SSL_SUCCESS);
|
||||
AssertIntEQ(len, (int)WC_SHA256_DIGEST_SIZE);
|
||||
AssertIntEQ(HMAC_size(hmac), WC_SHA256_DIGEST_SIZE);
|
||||
|
||||
HMAC_cleanup(&hmac);
|
||||
HMAC_cleanup(hmac);
|
||||
HMAC_CTX_free(hmac);
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
|
||||
@ -22385,7 +22529,8 @@ static void test_wolfSSL_OBJ(void)
|
||||
* mode
|
||||
*/
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_ASN) && \
|
||||
!defined(HAVE_FIPS) && !defined(NO_SHA)
|
||||
!defined(HAVE_FIPS) && !defined(NO_SHA) && defined(WOLFSSL_CERT_EXT) && \
|
||||
defined(WOLFSSL_CERT_GEN)
|
||||
ASN1_OBJECT *obj = NULL;
|
||||
char buf[50];
|
||||
|
||||
@ -22407,6 +22552,11 @@ static void test_wolfSSL_OBJ(void)
|
||||
"./certs/ca-ecc384-cert.der",
|
||||
#endif
|
||||
NULL};
|
||||
ASN1_OBJECT *field_name_obj = NULL;
|
||||
int lastpos = -1;
|
||||
int tmp = -1;
|
||||
ASN1_STRING *asn1 = NULL;
|
||||
unsigned char *buf_dyn = NULL;
|
||||
|
||||
PKCS12 *p12;
|
||||
int boolRet;
|
||||
@ -22442,6 +22592,26 @@ static void test_wolfSSL_OBJ(void)
|
||||
XFCLOSE(fp);
|
||||
AssertNotNull(x509Name = X509_get_issuer_name(x509));
|
||||
AssertIntNE((numNames = X509_NAME_entry_count(x509Name)), 0);
|
||||
|
||||
/* Get the Common Name by using OBJ_txt2obj */
|
||||
AssertNotNull(field_name_obj = OBJ_txt2obj("CN", 0));
|
||||
do
|
||||
{
|
||||
lastpos = tmp;
|
||||
tmp = X509_NAME_get_index_by_OBJ(x509Name, field_name_obj, lastpos);
|
||||
} while (tmp > -1);
|
||||
AssertIntNE(lastpos, -1);
|
||||
ASN1_OBJECT_free(field_name_obj);
|
||||
AssertNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, lastpos));
|
||||
AssertNotNull(asn1 = X509_NAME_ENTRY_get_data(x509NameEntry));
|
||||
AssertIntGE(ASN1_STRING_to_UTF8(&buf_dyn, asn1), 0);
|
||||
/*
|
||||
* All Common Names should be www.wolfssl.com
|
||||
* This makes testing easier as we can test for the expected value.
|
||||
*/
|
||||
AssertStrEQ((char*)buf_dyn, "www.wolfssl.com");
|
||||
OPENSSL_free(buf_dyn);
|
||||
|
||||
AssertTrue((bio = BIO_new(BIO_s_mem())) != NULL);
|
||||
for (j = 0; j < numNames; j++)
|
||||
{
|
||||
@ -22620,8 +22790,8 @@ static void test_wolfSSL_OBJ_txt2obj(void)
|
||||
|
||||
static void test_wolfSSL_X509_NAME_ENTRY(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) \
|
||||
&& !defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
|
||||
!defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)
|
||||
X509* x509;
|
||||
BIO* bio;
|
||||
X509_NAME* nm;
|
||||
@ -22658,10 +22828,11 @@ static void test_wolfSSL_X509_NAME_ENTRY(void)
|
||||
0x0c, cn, (int)sizeof(cn)));
|
||||
AssertIntEQ(X509_NAME_add_entry(nm, entry, -1, 0), SSL_SUCCESS);
|
||||
|
||||
#ifdef WOLFSSL_CERT_EXT
|
||||
AssertIntEQ(X509_NAME_add_entry_by_txt(nm, "emailAddress", MBSTRING_UTF8,
|
||||
(byte*)"support@wolfssl.com", 19, -1,
|
||||
1), WOLFSSL_SUCCESS);
|
||||
|
||||
#endif
|
||||
X509_NAME_ENTRY_free(entry);
|
||||
|
||||
/* Test add entry by NID */
|
||||
@ -22672,7 +22843,7 @@ static void test_wolfSSL_X509_NAME_ENTRY(void)
|
||||
X509_free(x509); /* free's nm */
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
@ -23382,15 +23553,16 @@ static void test_wolfSSL_sk_GENERAL_NAME(void)
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
|
||||
!defined(NO_RSA)
|
||||
X509* x509;
|
||||
GENERAL_NAME* gn;
|
||||
unsigned char buf[4096];
|
||||
const unsigned char* bufPt;
|
||||
int bytes;
|
||||
int bytes, i;
|
||||
XFILE f;
|
||||
STACK_OF(GENERAL_NAME)* sk;
|
||||
|
||||
printf(testingFmt, "wolfSSL_sk_GENERAL_NAME()");
|
||||
|
||||
f = XFOPEN(cliCertDerFile, "rb");
|
||||
f = XFOPEN(cliCertDerFileExt, "rb");
|
||||
AssertTrue((f != XBADFILE));
|
||||
AssertIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
|
||||
XFCLOSE(f);
|
||||
@ -23398,38 +23570,25 @@ static void test_wolfSSL_sk_GENERAL_NAME(void)
|
||||
bufPt = buf;
|
||||
AssertNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
|
||||
|
||||
/* current cert has no alt names */
|
||||
AssertNull(sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
|
||||
AssertNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
|
||||
NID_subject_alt_name, NULL, NULL));
|
||||
|
||||
AssertIntEQ(sk_GENERAL_NAME_num(sk), -1);
|
||||
#if 0
|
||||
AssertIntEQ(sk_GENERAL_NAME_num(sk), 1);
|
||||
for (i = 0; i < sk_GENERAL_NAME_num(sk); i++) {
|
||||
GENERAL_NAME* gn = sk_GENERAL_NAME_value(sk, i);
|
||||
if (gn == NULL) {
|
||||
printf("massive failure\n");
|
||||
return -1;
|
||||
}
|
||||
AssertNotNull(gn = sk_GENERAL_NAME_value(sk, i));
|
||||
|
||||
if (gn->type == GEN_DNS) {
|
||||
switch (gn->type) {
|
||||
case GEN_DNS:
|
||||
printf("found type GEN_DNS\n");
|
||||
printf("length = %d\n", gn->d.ia5->length);
|
||||
printf("data = %s\n", (char*)gn->d.ia5->data);
|
||||
}
|
||||
|
||||
if (gn->type == GEN_EMAIL) {
|
||||
break;
|
||||
case GEN_EMAIL:
|
||||
printf("found type GEN_EMAIL\n");
|
||||
printf("length = %d\n", gn->d.ia5->length);
|
||||
printf("data = %s\n", (char*)gn->d.ia5->data);
|
||||
}
|
||||
|
||||
if (gn->type == GEN_URI) {
|
||||
break;
|
||||
case GEN_URI:
|
||||
printf("found type GEN_URI\n");
|
||||
printf("length = %d\n", gn->d.ia5->length);
|
||||
printf("data = %s\n", (char*)gn->d.ia5->data);
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
X509_free(x509);
|
||||
sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free);
|
||||
|
||||
@ -23463,13 +23622,28 @@ static void test_wolfSSL_MD4(void)
|
||||
|
||||
static void test_wolfSSL_RSA(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
|
||||
defined(WOLFSSL_KEY_GEN)
|
||||
RSA* rsa;
|
||||
const BIGNUM *n;
|
||||
const BIGNUM *e;
|
||||
const BIGNUM *d;
|
||||
|
||||
printf(testingFmt, "wolfSSL_RSA()");
|
||||
|
||||
AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
|
||||
AssertIntEQ(RSA_size(rsa), 256);
|
||||
RSA_get0_key(rsa, &n, &e, &d);
|
||||
AssertPtrEq(rsa->n, n);
|
||||
AssertPtrEq(rsa->e, e);
|
||||
AssertPtrEq(rsa->d, d);
|
||||
AssertNotNull(n = BN_new());
|
||||
AssertNotNull(e = BN_new());
|
||||
AssertNotNull(d = BN_new());
|
||||
AssertIntEQ(RSA_set0_key(rsa, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 1);
|
||||
AssertPtrEq(rsa->n, n);
|
||||
AssertPtrEq(rsa->e, e);
|
||||
AssertPtrEq(rsa->d, d);
|
||||
RSA_free(rsa);
|
||||
|
||||
#if !defined(USE_FAST_MATH) || (FP_MAX_BITS >= (3072*2))
|
||||
@ -23608,6 +23782,45 @@ static void test_wolfSSL_RSA_get0_key(void)
|
||||
|
||||
RSA_free(rsa);
|
||||
}
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_wolfSSL_RSA_meth(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
|
||||
RSA *rsa;
|
||||
RSA_METHOD *rsa_meth;
|
||||
|
||||
printf(testingFmt, "test_wolfSSL_RSA_meth");
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
|
||||
RSA_free(rsa);
|
||||
#else
|
||||
AssertNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
|
||||
#endif
|
||||
|
||||
AssertNotNull(rsa_meth =
|
||||
RSA_meth_new("placeholder RSA method", RSA_METHOD_FLAG_NO_CHECK));
|
||||
|
||||
AssertIntEQ(RSA_meth_set_pub_enc(rsa_meth, NULL), 1);
|
||||
AssertIntEQ(RSA_meth_set_pub_dec(rsa_meth, NULL), 1);
|
||||
AssertIntEQ(RSA_meth_set_priv_enc(rsa_meth, NULL), 1);
|
||||
AssertIntEQ(RSA_meth_set_priv_dec(rsa_meth, NULL), 1);
|
||||
AssertIntEQ(RSA_meth_set_init(rsa_meth, NULL), 1);
|
||||
AssertIntEQ(RSA_meth_set_finish(rsa_meth, NULL), 1);
|
||||
AssertIntEQ(RSA_meth_set0_app_data(rsa_meth, NULL), 1);
|
||||
|
||||
AssertNotNull(rsa = RSA_new());
|
||||
AssertIntEQ(RSA_set_method(rsa, rsa_meth), 1);
|
||||
AssertPtrEq(RSA_get_method(rsa), rsa_meth);
|
||||
AssertIntEQ(RSA_flags(rsa), RSA_METHOD_FLAG_NO_CHECK);
|
||||
RSA_set_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
|
||||
AssertIntEQ(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC);
|
||||
|
||||
/* rsa_meth is freed here */
|
||||
RSA_free(rsa);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
@ -25061,35 +25274,76 @@ static void test_wolfSSL_X509_EXTENSION_get_critical(void)
|
||||
static void test_wolfSSL_X509V3_EXT_print(void)
|
||||
{
|
||||
#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL)
|
||||
FILE* f;
|
||||
WOLFSSL_X509* x509;
|
||||
X509_EXTENSION * ext = NULL;
|
||||
int loc;
|
||||
BIO *bio = NULL;
|
||||
printf(testingFmt, "wolfSSL_X509V3_EXT_print");
|
||||
|
||||
AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
|
||||
AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
|
||||
fclose(f);
|
||||
{
|
||||
FILE* f;
|
||||
WOLFSSL_X509* x509;
|
||||
X509_EXTENSION * ext = NULL;
|
||||
int loc;
|
||||
BIO *bio = NULL;
|
||||
|
||||
AssertNotNull(bio = wolfSSL_BIO_new(BIO_s_mem()));
|
||||
AssertNotNull(f = fopen(svrCertFile, "rb"));
|
||||
AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
|
||||
fclose(f);
|
||||
|
||||
loc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -1);
|
||||
AssertIntGT(loc, -1);
|
||||
AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
|
||||
AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
|
||||
AssertNotNull(bio = wolfSSL_BIO_new(BIO_s_mem()));
|
||||
|
||||
loc = wolfSSL_X509_get_ext_by_NID(x509, NID_subject_key_identifier, -1);
|
||||
AssertIntGT(loc, -1);
|
||||
AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
|
||||
AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
|
||||
loc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -1);
|
||||
AssertIntGT(loc, -1);
|
||||
AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
|
||||
AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
|
||||
|
||||
loc = wolfSSL_X509_get_ext_by_NID(x509, NID_authority_key_identifier, -1);
|
||||
AssertIntGT(loc, -1);
|
||||
AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
|
||||
AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
|
||||
loc = wolfSSL_X509_get_ext_by_NID(x509, NID_subject_key_identifier, -1);
|
||||
AssertIntGT(loc, -1);
|
||||
AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
|
||||
AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
|
||||
|
||||
wolfSSL_BIO_free(bio);
|
||||
wolfSSL_X509_free(x509);
|
||||
loc = wolfSSL_X509_get_ext_by_NID(x509, NID_authority_key_identifier, -1);
|
||||
AssertIntGT(loc, -1);
|
||||
AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
|
||||
AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
|
||||
|
||||
wolfSSL_BIO_free(bio);
|
||||
wolfSSL_X509_free(x509);
|
||||
}
|
||||
|
||||
{
|
||||
X509 *x509;
|
||||
BIO *bio;
|
||||
X509_EXTENSION *ext;
|
||||
unsigned int i;
|
||||
unsigned int idx;
|
||||
/* Some NIDs to test with */
|
||||
int nids[] = {
|
||||
/* NID_key_usage, currently X509_get_ext returns this as a bit
|
||||
* string, which messes up X509V3_EXT_print */
|
||||
/* NID_ext_key_usage, */
|
||||
NID_subject_alt_name,
|
||||
};
|
||||
int* n;
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509V3_EXT_print");
|
||||
AssertNotNull(bio = BIO_new_fp(stderr, BIO_NOCLOSE));
|
||||
|
||||
AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFileExt,
|
||||
WOLFSSL_FILETYPE_PEM));
|
||||
|
||||
printf("\nPrinting extension values:\n");
|
||||
|
||||
for (i = 0, n = nids; i<(sizeof(nids)/sizeof(int)); i++, n++) {
|
||||
/* X509_get_ext_by_NID should return 3 for now. If that changes then
|
||||
* update the index */
|
||||
AssertIntEQ((idx = X509_get_ext_by_NID(x509, *n, -1)), 3);
|
||||
AssertNotNull(ext = X509_get_ext(x509, idx));
|
||||
AssertIntEQ(X509V3_EXT_print(bio, ext, 0, 0), 1);
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
BIO_free(bio);
|
||||
X509_free(x509);
|
||||
}
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -25253,6 +25507,31 @@ static void test_wolfSSL_OCSP_get0_info()
|
||||
#endif /* OPENSSL_EXTRA & HAVE_OCSP */
|
||||
}
|
||||
|
||||
static void test_wolfSSL_EC_get_builtin_curves(void)
|
||||
{
|
||||
#if defined(HAVE_ECC) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL))
|
||||
EC_builtin_curve* curves = NULL;
|
||||
size_t crv_len = 0;
|
||||
size_t i = 0;
|
||||
|
||||
printf(testingFmt, "wolfSSL_EC_get_builtin_curves");
|
||||
|
||||
AssertIntGT((crv_len = EC_get_builtin_curves(NULL, 0)), 0);
|
||||
AssertNotNull(curves = (EC_builtin_curve*)
|
||||
XMALLOC(sizeof(EC_builtin_curve)*crv_len, NULL,
|
||||
DYNAMIC_TYPE_TMP_BUFFER));
|
||||
AssertIntEQ(EC_get_builtin_curves(curves, crv_len), crv_len);
|
||||
|
||||
for (i = 0; i < crv_len; i++)
|
||||
{
|
||||
AssertStrEQ(OBJ_nid2sn(curves[i].nid), curves[i].comment);
|
||||
}
|
||||
|
||||
XFREE(curves, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
printf(resultFmt, passed);
|
||||
#endif /* defined(HAVE_ECC) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */
|
||||
}
|
||||
|
||||
static void test_no_op_functions(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA)
|
||||
@ -25881,9 +26160,11 @@ static void test_EVP_PKEY_rsa(void)
|
||||
AssertIntEQ(EVP_PKEY_assign_RSA(NULL, rsa), WOLFSSL_FAILURE);
|
||||
AssertIntEQ(EVP_PKEY_assign_RSA(pkey, NULL), WOLFSSL_FAILURE);
|
||||
AssertIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
|
||||
AssertPtrEq(EVP_PKEY_get0_RSA(pkey), rsa);
|
||||
wolfSSL_EVP_PKEY_free(pkey);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -27069,6 +27350,7 @@ static void test_wolfSSL_X509_CRL(void)
|
||||
"./certs/crl/eccSrvCRL.pem",
|
||||
""
|
||||
};
|
||||
BIO *bio;
|
||||
|
||||
#ifdef HAVE_TEST_d2i_X509_CRL_fp
|
||||
char der[][100] = {
|
||||
@ -27098,6 +27380,14 @@ static void test_wolfSSL_X509_CRL(void)
|
||||
XFCLOSE(fp);
|
||||
}
|
||||
|
||||
for (i = 0; pem[i][0] != '\0'; i++)
|
||||
{
|
||||
AssertNotNull(bio = BIO_new_file(pem[i], "r"));
|
||||
AssertNotNull(crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL));
|
||||
X509_CRL_free(crl);
|
||||
BIO_free(bio);
|
||||
}
|
||||
|
||||
#ifdef HAVE_TEST_d2i_X509_CRL_fp
|
||||
for(i = 0; der[i][0] != '\0'; i++){
|
||||
fp = XFOPEN(der[i], "rb");
|
||||
@ -27661,6 +27951,23 @@ static void test_wolfSSL_RSA_print()
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_wolfSSL_BIO_get_len()
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA)
|
||||
BIO *bio;
|
||||
const char txt[] = "Some example text to push to the BIO.";
|
||||
printf(testingFmt, "wolfSSL_BIO_get_len");
|
||||
|
||||
AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
|
||||
AssertIntEQ(wolfSSL_BIO_write(bio, txt, sizeof(txt)), sizeof(txt));
|
||||
AssertIntEQ(wolfSSL_BIO_get_len(bio), sizeof(txt));
|
||||
|
||||
BIO_free(bio);
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_wolfSSL_ASN1_STRING_print(void){
|
||||
#if defined(OPENSSL_ALL) && !defined(NO_ASN) && !defined(NO_CERTS)
|
||||
ASN1_STRING* asnStr = NULL;
|
||||
@ -28310,6 +28617,7 @@ void ApiTest(void)
|
||||
/* X509 tests */
|
||||
test_wolfSSL_X509_NAME_get_entry();
|
||||
test_wolfSSL_PKCS12();
|
||||
test_wolfSSL_no_password_cb();
|
||||
test_wolfSSL_PKCS8();
|
||||
test_wolfSSL_PKCS5();
|
||||
test_wolfSSL_URI();
|
||||
@ -28331,6 +28639,7 @@ void ApiTest(void)
|
||||
|
||||
/* compatibility tests */
|
||||
test_wolfSSL_X509_NAME();
|
||||
test_wolfSSL_X509_INFO();
|
||||
test_wolfSSL_X509_subject_name_hash();
|
||||
test_wolfSSL_DES();
|
||||
test_wolfSSL_certs();
|
||||
@ -28374,6 +28683,7 @@ void ApiTest(void)
|
||||
test_wolfSSL_PEM_read_bio();
|
||||
test_wolfSSL_BIO();
|
||||
test_wolfSSL_ASN1_STRING();
|
||||
test_wolfSSL_ASN1_BIT_STRING();
|
||||
test_wolfSSL_X509();
|
||||
test_wolfSSL_X509_VERIFY_PARAM();
|
||||
test_wolfSSL_X509_sign();
|
||||
@ -28419,6 +28729,7 @@ void ApiTest(void)
|
||||
test_wolfSSL_RSA();
|
||||
test_wolfSSL_RSA_DER();
|
||||
test_wolfSSL_RSA_get0_key();
|
||||
test_wolfSSL_RSA_meth();
|
||||
test_wolfSSL_verify_depth();
|
||||
test_wolfSSL_HMAC_CTX();
|
||||
test_wolfSSL_msg_callback();
|
||||
@ -28456,6 +28767,7 @@ void ApiTest(void)
|
||||
test_wolfSSL_X509_CA_num();
|
||||
test_wolfSSL_X509_get_version();
|
||||
test_wolfSSL_X509_print();
|
||||
test_wolfSSL_BIO_get_len();
|
||||
test_wolfSSL_RSA_verify();
|
||||
test_wolfSSL_X509V3_EXT_get();
|
||||
test_wolfSSL_X509V3_EXT_d2i();
|
||||
@ -28472,6 +28784,8 @@ void ApiTest(void)
|
||||
test_wolfSSL_ASN1_STRING_print();
|
||||
test_openssl_generate_key_and_cert();
|
||||
|
||||
test_wolfSSL_EC_get_builtin_curves();
|
||||
|
||||
/* test the no op functions for compatibility */
|
||||
test_no_op_functions();
|
||||
|
||||
@ -28653,6 +28967,7 @@ void ApiTest(void)
|
||||
#ifdef OPENSSL_EXTRA
|
||||
/*wolfSSL_EVP_get_cipherbynid test*/
|
||||
test_wolfSSL_EVP_get_cipherbynid();
|
||||
test_wolfSSL_EVP_CIPHER_CTX();
|
||||
test_wolfSSL_EC();
|
||||
test_wolfSSL_ECDSA_SIG();
|
||||
#endif
|
||||
|
||||
13
tests/unit.h
13
tests/unit.h
@ -89,6 +89,19 @@
|
||||
#define AssertStrGE(x, y) AssertStr(x, y, >=, <)
|
||||
#define AssertStrLE(x, y) AssertStr(x, y, <=, >)
|
||||
|
||||
#define AssertPtr(x, y, op, er) do { \
|
||||
void* _x = (void*)x; \
|
||||
void* _y = (void*)y; \
|
||||
Assert(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y)); \
|
||||
} while(0)
|
||||
|
||||
#define AssertPtrEq(x, y) AssertPtr(x, y, ==, !=)
|
||||
#define AssertPtrNE(x, y) AssertInt(x, y, !=, ==)
|
||||
#define AssertPtrGT(x, y) AssertInt(x, y, >, <=)
|
||||
#define AssertPtrLT(x, y) AssertInt(x, y, <, >=)
|
||||
#define AssertPtrGE(x, y) AssertInt(x, y, >=, <)
|
||||
#define AssertPtrLE(x, y) AssertInt(x, y, <=, >)
|
||||
|
||||
|
||||
void ApiTest(void);
|
||||
int SuiteTest(int argc, char** argv);
|
||||
|
||||
@ -489,6 +489,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
|
||||
unsigned char *out, int *outl)
|
||||
{
|
||||
int fl;
|
||||
int ret = WOLFSSL_SUCCESS;
|
||||
if (ctx == NULL || out == NULL || outl == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
@ -512,48 +513,56 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
|
||||
if (ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) {
|
||||
if (ctx->bufUsed != 0) return WOLFSSL_FAILURE;
|
||||
*outl = 0;
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
if (ctx->enc) {
|
||||
else if (ctx->enc) {
|
||||
if (ctx->block_size == 1) {
|
||||
*outl = 0;
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
if ((ctx->bufUsed >= 0) && (ctx->block_size != 1)) {
|
||||
else if ((ctx->bufUsed >= 0) && (ctx->block_size != 1)) {
|
||||
padBlock(ctx);
|
||||
PRINT_BUF(ctx->buf, ctx->block_size);
|
||||
if (evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0)
|
||||
return WOLFSSL_FAILURE;
|
||||
|
||||
PRINT_BUF(out, ctx->block_size);
|
||||
*outl = ctx->block_size;
|
||||
if (evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0) {
|
||||
ret = WOLFSSL_FAILURE;
|
||||
}
|
||||
else {
|
||||
PRINT_BUF(out, ctx->block_size);
|
||||
*outl = ctx->block_size;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
if (ctx->block_size == 1) {
|
||||
*outl = 0;
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
if ((ctx->bufUsed % ctx->block_size) != 0) {
|
||||
else if ((ctx->bufUsed % ctx->block_size) != 0) {
|
||||
*outl = 0;
|
||||
/* not enough padding for decrypt */
|
||||
return WOLFSSL_FAILURE;
|
||||
ret = WOLFSSL_FAILURE;
|
||||
}
|
||||
if (ctx->lastUsed) {
|
||||
else if (ctx->lastUsed) {
|
||||
PRINT_BUF(ctx->lastBlock, ctx->block_size);
|
||||
if ((fl = checkPad(ctx, ctx->lastBlock)) >= 0) {
|
||||
XMEMCPY(out, ctx->lastBlock, fl);
|
||||
*outl = fl;
|
||||
if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
|
||||
/* return error in cases where the block length is incorrect */
|
||||
ret = WOLFSSL_FAILURE;
|
||||
}
|
||||
}
|
||||
else {
|
||||
return WOLFSSL_FAILURE;
|
||||
ret = WOLFSSL_FAILURE;
|
||||
}
|
||||
}
|
||||
/* return error in cases where the block length is incorrect */
|
||||
if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
|
||||
return WOLFSSL_FAILURE;
|
||||
else if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
|
||||
/* return error in cases where the block length is incorrect */
|
||||
ret = WOLFSSL_FAILURE;
|
||||
}
|
||||
}
|
||||
return WOLFSSL_SUCCESS;
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
/* reset cipher state after final */
|
||||
wolfSSL_EVP_CipherInit(ctx, NULL, NULL, NULL, -1);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
@ -2046,7 +2055,8 @@ int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
|
||||
if (pass == NULL) {
|
||||
passlen = 0;
|
||||
pass = nostring;
|
||||
} else if (passlen == -1) {
|
||||
}
|
||||
else if (passlen == -1) {
|
||||
passlen = (int)XSTRLEN(pass);
|
||||
}
|
||||
|
||||
|
||||
@ -3455,6 +3455,7 @@ typedef struct Arrays {
|
||||
#define STACK_TYPE_NULL 8
|
||||
#define STACK_TYPE_X509_NAME 9
|
||||
#define STACK_TYPE_CONF_VALUE 10
|
||||
#define STACK_TYPE_X509_INFO 11
|
||||
|
||||
struct WOLFSSL_STACK {
|
||||
unsigned long num; /* number of nodes in stack
|
||||
@ -3462,6 +3463,7 @@ struct WOLFSSL_STACK {
|
||||
#if defined(OPENSSL_ALL)
|
||||
wolf_sk_compare_cb comp;
|
||||
#endif
|
||||
|
||||
union {
|
||||
WOLFSSL_X509* x509;
|
||||
WOLFSSL_X509_NAME* name;
|
||||
@ -3474,7 +3476,7 @@ struct WOLFSSL_STACK {
|
||||
WOLFSSL_CONF_VALUE* conf;
|
||||
void* generic;
|
||||
char* string;
|
||||
WOLFSSL_GENERAL_NAME* gn;
|
||||
WOLFSSL_GENERAL_NAME* gn;
|
||||
} data;
|
||||
void* heap; /* memory heap hint */
|
||||
WOLFSSL_STACK* next;
|
||||
|
||||
@ -68,6 +68,8 @@
|
||||
#define BIO_gets wolfSSL_BIO_gets
|
||||
#define BIO_puts wolfSSL_BIO_puts
|
||||
|
||||
#define BIO_should_retry(...) 1
|
||||
|
||||
#define BIO_TYPE_FILE WOLFSSL_BIO_FILE
|
||||
#define BIO_TYPE_BIO WOLFSSL_BIO_BIO
|
||||
#define BIO_TYPE_MEM WOLFSSL_BIO_MEMORY
|
||||
|
||||
@ -40,10 +40,6 @@ WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf);
|
||||
#define BUF_MEM_grow wolfSSL_BUF_MEM_grow
|
||||
#define BUF_MEM_free wolfSSL_BUF_MEM_free
|
||||
|
||||
/* error codes */
|
||||
#define ERR_R_MALLOC_FAILURE MEMORY_E
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
@ -46,8 +46,6 @@ WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
|
||||
#define SSLeay_version wolfSSLeay_version
|
||||
#define SSLeay wolfSSLeay
|
||||
|
||||
#define OpenSSL_version wolfSSLeay_version
|
||||
|
||||
#define SSLEAY_VERSION 0x0090600fL
|
||||
#define SSLEAY_VERSION_NUMBER SSLEAY_VERSION
|
||||
#define CRYPTO_lock wc_LockMutex_ex
|
||||
|
||||
@ -84,6 +84,7 @@ WOLFSSL_API void wolfSSL_DES_ncbc_encrypt(const unsigned char* input,
|
||||
WOLFSSL_API void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock*);
|
||||
WOLFSSL_API void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock*, WOLFSSL_DES_cblock*,
|
||||
WOLFSSL_DES_key_schedule*, int);
|
||||
WOLFSSL_API int wolfSSL_DES_check_key_parity(WOLFSSL_DES_cblock*);
|
||||
|
||||
|
||||
typedef WOLFSSL_DES_cblock DES_cblock;
|
||||
@ -103,6 +104,7 @@ typedef WOLFSSL_DES_LONG DES_LONG;
|
||||
#define DES_ecb_encrypt wolfSSL_DES_ecb_encrypt
|
||||
#define DES_ede3_cbc_encrypt wolfSSL_DES_ede3_cbc_encrypt
|
||||
#define DES_cbc_cksum wolfSSL_DES_cbc_cksum
|
||||
#define DES_check_key_parity wolfSSL_DES_check_key_parity
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
||||
@ -102,6 +102,12 @@ struct WOLFSSL_EC_KEY {
|
||||
char exSet; /* external set from internal ? */
|
||||
};
|
||||
|
||||
typedef struct WOLFSSL_EC_builtin_curve{
|
||||
int nid;
|
||||
const char *comment;
|
||||
} WOLFSSL_EC_builtin_curve;
|
||||
|
||||
typedef WOLFSSL_EC_builtin_curve EC_builtin_curve;
|
||||
|
||||
#define WOLFSSL_EC_KEY_LOAD_PRIVATE 1
|
||||
#define WOLFSSL_EC_KEY_LOAD_PUBLIC 2
|
||||
@ -159,6 +165,8 @@ WOLFSSL_API
|
||||
int wolfSSL_EC_GROUP_get_order(const WOLFSSL_EC_GROUP *group,
|
||||
WOLFSSL_BIGNUM *order, WOLFSSL_BN_CTX *ctx);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EC_GROUP_order_bits(const WOLFSSL_EC_GROUP *group);
|
||||
WOLFSSL_API
|
||||
void wolfSSL_EC_GROUP_free(WOLFSSL_EC_GROUP *group);
|
||||
WOLFSSL_API
|
||||
WOLFSSL_EC_POINT *wolfSSL_EC_POINT_new(const WOLFSSL_EC_GROUP *group);
|
||||
@ -185,6 +193,9 @@ WOLFSSL_API
|
||||
int wolfSSL_EC_POINT_is_at_infinity(const WOLFSSL_EC_GROUP *group,
|
||||
const WOLFSSL_EC_POINT *a);
|
||||
|
||||
WOLFSSL_API
|
||||
size_t wolfSSL_EC_get_builtin_curves(WOLFSSL_EC_builtin_curve *r, size_t nitems);
|
||||
|
||||
#ifndef HAVE_SELFTEST
|
||||
WOLFSSL_API
|
||||
char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
|
||||
@ -192,6 +203,10 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
|
||||
WOLFSSL_BN_CTX* ctx);
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_ECC
|
||||
#define OPENSSL_NO_EC
|
||||
#endif
|
||||
|
||||
#define EC_KEY_new wolfSSL_EC_KEY_new
|
||||
#define EC_KEY_free wolfSSL_EC_KEY_free
|
||||
#define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key
|
||||
@ -211,6 +226,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
|
||||
#define EC_GROUP_get_curve_name wolfSSL_EC_GROUP_get_curve_name
|
||||
#define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree
|
||||
#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
|
||||
#define EC_GROUP_order_bits wolfSSL_EC_GROUP_order_bits
|
||||
|
||||
#define EC_POINT_new wolfSSL_EC_POINT_new
|
||||
#define EC_POINT_free wolfSSL_EC_POINT_free
|
||||
@ -226,6 +242,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group,
|
||||
#endif
|
||||
|
||||
#define EC_POINT_dump wolfSSL_EC_POINT_dump
|
||||
#define EC_get_builtin_curves wolfSSL_EC_get_builtin_curves
|
||||
|
||||
#define EC_curve_nid2nist wolfSSL_EC_curve_nid2nist
|
||||
|
||||
|
||||
@ -28,5 +28,24 @@
|
||||
#define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings
|
||||
#define ERR_peek_last_error wolfSSL_ERR_peek_last_error
|
||||
|
||||
/* fatal error */
|
||||
#define ERR_R_MALLOC_FAILURE MEMORY_E
|
||||
#define ERR_R_PASSED_NULL_PARAMETER BAD_FUNC_ARG
|
||||
#define ERR_R_DISABLED NOT_COMPILED_IN
|
||||
#define ERR_R_PASSED_INVALID_ARGUMENT BAD_FUNC_ARG
|
||||
#define RSA_R_UNKNOWN_PADDING_TYPE RSA_PAD_E
|
||||
|
||||
/* SSL function codes */
|
||||
#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 1
|
||||
#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 2
|
||||
#define SSL_F_SSL_USE_PRIVATEKEY 3
|
||||
|
||||
/* reasons */
|
||||
#define ERR_R_SYS_LIB 1
|
||||
#define PKCS12_R_MAC_VERIFY_FAILURE 2
|
||||
|
||||
#define RSAerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__)
|
||||
#define SSLerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__)
|
||||
|
||||
#endif /* WOLFSSL_OPENSSL_ERR_ */
|
||||
|
||||
|
||||
@ -293,6 +293,7 @@ WOLFSSL_API int wolfSSL_EVP_MD_CTX_block_size(const WOLFSSL_EVP_MD_CTX *ctx);
|
||||
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_MD_CTX_md(const WOLFSSL_EVP_MD_CTX *ctx);
|
||||
WOLFSSL_API const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name);
|
||||
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_get_digestbyname(const char *name);
|
||||
WOLFSSL_API int wolfSSL_EVP_CIPHER_nid(const WOLFSSL_EVP_CIPHER *cipher);
|
||||
|
||||
WOLFSSL_API int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx,
|
||||
const WOLFSSL_EVP_MD* type);
|
||||
@ -326,7 +327,7 @@ WOLFSSL_API int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx,
|
||||
WOLFSSL_API int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
|
||||
const unsigned char *sig,
|
||||
size_t siglen);
|
||||
WOLFSSL_API int wolfSSL_EVP_Digest(unsigned char* in, int inSz, unsigned char* out,
|
||||
WOLFSSL_API int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out,
|
||||
unsigned int* outSz, const WOLFSSL_EVP_MD* evp,
|
||||
WOLFSSL_ENGINE* eng);
|
||||
|
||||
@ -405,14 +406,17 @@ WOLFSSL_API int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx,
|
||||
|
||||
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_get_cipherbynid(int);
|
||||
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int);
|
||||
WOLFSSL_API const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_CIPHER_CTX_cipher(const WOLFSSL_EVP_CIPHER_CTX *ctx);
|
||||
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_RSA(WOLFSSL_EVP_PKEY* pkey,
|
||||
WOLFSSL_RSA* key);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey,
|
||||
WOLFSSL_EC_KEY* key);
|
||||
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get0_RSA(struct WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
|
||||
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
|
||||
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key);
|
||||
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get0_EC_KEY(WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *key);
|
||||
|
||||
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, ENGINE* e,
|
||||
@ -518,6 +522,7 @@ WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
||||
#define WOLFSSL_EVP_CIPH_GCM_MODE 0x6
|
||||
#define WOLFSSL_EVP_CIPH_CCM_MODE 0x7
|
||||
#define WOLFSSL_EVP_CIPH_NO_PADDING 0x100
|
||||
#define EVP_CIPH_VARIABLE_LENGTH 0x200
|
||||
#define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff
|
||||
|
||||
/* end OpenSSH compat */
|
||||
@ -597,6 +602,7 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
|
||||
#define EVP_CIPHER_CTX_key_length wolfSSL_EVP_CIPHER_CTX_key_length
|
||||
#define EVP_CIPHER_CTX_set_key_length wolfSSL_EVP_CIPHER_CTX_set_key_length
|
||||
#define EVP_CIPHER_CTX_mode wolfSSL_EVP_CIPHER_CTX_mode
|
||||
#define EVP_CIPHER_CTX_cipher wolfSSL_EVP_CIPHER_CTX_cipher
|
||||
|
||||
#define EVP_CIPHER_iv_length wolfSSL_EVP_CIPHER_iv_length
|
||||
#define EVP_CIPHER_key_length wolfSSL_EVP_Cipher_key_length
|
||||
@ -633,6 +639,7 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
|
||||
#define EVP_PKEY_get1_RSA wolfSSL_EVP_PKEY_get1_RSA
|
||||
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
|
||||
#define EVP_PKEY_set1_RSA wolfSSL_EVP_PKEY_set1_RSA
|
||||
#define EVP_PKEY_get0_EC_KEY wolfSSL_EVP_PKEY_get0_EC_KEY
|
||||
#define EVP_PKEY_get1_EC_KEY wolfSSL_EVP_PKEY_get1_EC_KEY
|
||||
#define EVP_PKEY_get0_hmac wolfSSL_EVP_PKEY_get0_hmac
|
||||
#define EVP_PKEY_new_mac_key wolfSSL_EVP_PKEY_new_mac_key
|
||||
@ -688,6 +695,8 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
|
||||
#define OpenSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf
|
||||
#define wolfSSL_OPENSSL_add_all_algorithms_noconf wolfSSL_OpenSSL_add_all_algorithms_noconf
|
||||
|
||||
#define NO_PADDING_BLOCK_SIZE 1
|
||||
|
||||
#define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1
|
||||
#define PKCS5_PBKDF2_HMAC wolfSSL_PKCS5_PBKDF2_HMAC
|
||||
|
||||
@ -708,6 +717,14 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
|
||||
#define EVP_MAX_MD_SIZE 64 /* sha512 */
|
||||
#endif
|
||||
|
||||
#ifndef EVP_MAX_KEY_LENGTH
|
||||
#define EVP_MAX_KEY_LENGTH 64
|
||||
#endif
|
||||
|
||||
#ifndef EVP_MAX_IV_LENGTH
|
||||
#define EVP_MAX_IV_LENGTH 16
|
||||
#endif
|
||||
|
||||
#ifndef EVP_MAX_BLOCK_LENGTH
|
||||
#define EVP_MAX_BLOCK_LENGTH 32 /* 2 * blocklen(AES)? */
|
||||
/* They define this as 32. Using the same value here. */
|
||||
|
||||
@ -58,6 +58,7 @@ typedef struct WOLFSSL_HMAC_CTX {
|
||||
} WOLFSSL_HMAC_CTX;
|
||||
|
||||
|
||||
WOLFSSL_API WOLFSSL_HMAC_CTX* wolfSSL_HMAC_CTX_new(void);
|
||||
WOLFSSL_API int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx);
|
||||
WOLFSSL_API int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des,
|
||||
WOLFSSL_HMAC_CTX* src);
|
||||
@ -71,18 +72,24 @@ WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,
|
||||
WOLFSSL_API int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
|
||||
unsigned int* len);
|
||||
WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx);
|
||||
WOLFSSL_API void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx);
|
||||
WOLFSSL_API size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx);
|
||||
|
||||
typedef struct WOLFSSL_HMAC_CTX HMAC_CTX;
|
||||
|
||||
#define HMAC(a,b,c,d,e,f,g) wolfSSL_HMAC((a),(b),(c),(d),(e),(f),(g))
|
||||
|
||||
#define HMAC_CTX_new wolfSSL_HMAC_CTX_new
|
||||
#define HMAC_CTX_init wolfSSL_HMAC_CTX_Init
|
||||
#define HMAC_CTX_copy wolfSSL_HMAC_CTX_copy
|
||||
#define HMAC_CTX_free wolfSSL_HMAC_CTX_free
|
||||
#define HMAC_CTX_reset wolfSSL_HMAC_cleanup
|
||||
#define HMAC_Init_ex wolfSSL_HMAC_Init_ex
|
||||
#define HMAC_Init wolfSSL_HMAC_Init
|
||||
#define HMAC_Update wolfSSL_HMAC_Update
|
||||
#define HMAC_Final wolfSSL_HMAC_Final
|
||||
#define HMAC_cleanup wolfSSL_HMAC_cleanup
|
||||
#define HMAC_size wolfSSL_HMAC_size
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
||||
@ -39,6 +39,7 @@ nobase_include_HEADERS+= \
|
||||
wolfssl/openssl/ssl23.h \
|
||||
wolfssl/openssl/ssl.h \
|
||||
wolfssl/openssl/stack.h \
|
||||
wolfssl/openssl/tls1.h \
|
||||
wolfssl/openssl/ui.h \
|
||||
wolfssl/openssl/x509.h \
|
||||
wolfssl/openssl/x509_vfy.h \
|
||||
|
||||
@ -27,7 +27,6 @@
|
||||
|
||||
#include <wolfssl/openssl/bn.h>
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
@ -38,6 +37,16 @@
|
||||
#define RSA_PKCS1_PSS_PADDING 2
|
||||
#define RSA_NO_PADDING 3
|
||||
|
||||
/* Emulate OpenSSL flags */
|
||||
#define RSA_METHOD_FLAG_NO_CHECK (1 << 1)
|
||||
#define RSA_FLAG_CACHE_PUBLIC (1 << 2)
|
||||
#define RSA_FLAG_CACHE_PRIVATE (1 << 3)
|
||||
#define RSA_FLAG_BLINDING (1 << 4)
|
||||
#define RSA_FLAG_THREAD_SAFE (1 << 5)
|
||||
#define RSA_FLAG_EXT_PKEY (1 << 6)
|
||||
#define RSA_FLAG_NO_BLINDING (1 << 7)
|
||||
#define RSA_FLAG_NO_CONSTTIME (1 << 8)
|
||||
|
||||
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
|
||||
typedef struct WOLFSSL_RSA WOLFSSL_RSA;
|
||||
#define WOLFSSL_RSA_TYPE_DEFINED
|
||||
@ -45,6 +54,13 @@ typedef struct WOLFSSL_RSA WOLFSSL_RSA;
|
||||
|
||||
typedef WOLFSSL_RSA RSA;
|
||||
|
||||
typedef struct WOLFSSL_RSA_METHOD {
|
||||
int flags;
|
||||
char *name;
|
||||
} WOLFSSL_RSA_METHOD;
|
||||
|
||||
typedef WOLFSSL_RSA_METHOD RSA_METHOD;
|
||||
|
||||
struct WOLFSSL_RSA {
|
||||
#ifdef WC_RSA_BLINDING
|
||||
WC_RNG* rng; /* for PrivateDecrypt blinding */
|
||||
@ -62,9 +78,11 @@ struct WOLFSSL_RSA {
|
||||
char inSet; /* internal set from external ? */
|
||||
char exSet; /* external set from internal ? */
|
||||
char ownRng; /* flag for if the rng should be free'd */
|
||||
#if defined(OPENSSL_EXTRA)
|
||||
WOLFSSL_RSA_METHOD* meth;
|
||||
#endif
|
||||
};
|
||||
|
||||
|
||||
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new(void);
|
||||
WOLFSSL_API void wolfSSL_RSA_free(WOLFSSL_RSA*);
|
||||
|
||||
@ -95,8 +113,17 @@ WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA*);
|
||||
WOLFSSL_API int wolfSSL_RSA_LoadDer(WOLFSSL_RSA*, const unsigned char*, int sz);
|
||||
WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int sz, int opt);
|
||||
|
||||
WOLFSSL_API void wolfSSL_RSA_get0_key(const WOLFSSL_RSA *r,
|
||||
const WOLFSSL_BIGNUM **n, const WOLFSSL_BIGNUM **e, const WOLFSSL_BIGNUM **d);
|
||||
WOLFSSL_API WOLFSSL_RSA_METHOD *wolfSSL_RSA_meth_new(const char *name, int flags);
|
||||
WOLFSSL_API void wolfSSL_RSA_meth_free(WOLFSSL_RSA_METHOD *meth);
|
||||
WOLFSSL_API int wolfSSL_RSA_meth_set(WOLFSSL_RSA_METHOD *rsa, void* p);
|
||||
WOLFSSL_API int wolfSSL_RSA_set_method(WOLFSSL_RSA *rsa, WOLFSSL_RSA_METHOD *meth);
|
||||
WOLFSSL_API const WOLFSSL_RSA_METHOD* wolfSSL_RSA_get_method(const WOLFSSL_RSA *rsa);
|
||||
WOLFSSL_API void wolfSSL_RSA_get0_key(const WOLFSSL_RSA *r, const WOLFSSL_BIGNUM **n,
|
||||
const WOLFSSL_BIGNUM **e, const WOLFSSL_BIGNUM **d);
|
||||
WOLFSSL_API int wolfSSL_RSA_set0_key(WOLFSSL_RSA *r, WOLFSSL_BIGNUM *n, WOLFSSL_BIGNUM *e,
|
||||
WOLFSSL_BIGNUM *d);
|
||||
WOLFSSL_API int wolfSSL_RSA_flags(const WOLFSSL_RSA *r);
|
||||
WOLFSSL_API void wolfSSL_RSA_set_flags(WOLFSSL_RSA *r, int flags);
|
||||
|
||||
#define WOLFSSL_RSA_LOAD_PRIVATE 1
|
||||
#define WOLFSSL_RSA_LOAD_PUBLIC 2
|
||||
@ -116,6 +143,23 @@ WOLFSSL_API void wolfSSL_RSA_get0_key(const WOLFSSL_RSA *r,
|
||||
#define RSA_sign wolfSSL_RSA_sign
|
||||
#define RSA_verify wolfSSL_RSA_verify
|
||||
#define RSA_public_decrypt wolfSSL_RSA_public_decrypt
|
||||
#define EVP_PKEY_get0_RSA wolfSSL_EVP_PKEY_get0_RSA
|
||||
|
||||
#define RSA_meth_new wolfSSL_RSA_meth_new
|
||||
#define RSA_meth_free wolfSSL_RSA_meth_free
|
||||
#define RSA_meth_set_pub_enc wolfSSL_RSA_meth_set
|
||||
#define RSA_meth_set_pub_dec wolfSSL_RSA_meth_set
|
||||
#define RSA_meth_set_priv_enc wolfSSL_RSA_meth_set
|
||||
#define RSA_meth_set_priv_dec wolfSSL_RSA_meth_set
|
||||
#define RSA_meth_set_init wolfSSL_RSA_meth_set
|
||||
#define RSA_meth_set_finish wolfSSL_RSA_meth_set
|
||||
#define RSA_meth_set0_app_data wolfSSL_RSA_meth_set
|
||||
#define RSA_get_method wolfSSL_RSA_get_method
|
||||
#define RSA_set_method wolfSSL_RSA_set_method
|
||||
#define RSA_get0_key wolfSSL_RSA_get0_key
|
||||
#define RSA_set0_key wolfSSL_RSA_set0_key
|
||||
#define RSA_flags wolfSSL_RSA_flags
|
||||
#define RSA_set_flags wolfSSL_RSA_set_flags
|
||||
|
||||
#define RSA_get0_key wolfSSL_RSA_get0_key
|
||||
|
||||
|
||||
@ -35,7 +35,9 @@
|
||||
#include <wolfssl/ssl.h>
|
||||
#endif /* OPENSSL_EXTRA_SSL_GUARD */
|
||||
|
||||
#include <wolfssl/openssl/tls1.h>
|
||||
#include <wolfssl/openssl/evp.h>
|
||||
#include <wolfssl/openssl/bio.h>
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#include <wolfssl/openssl/crypto.h>
|
||||
#endif
|
||||
@ -89,6 +91,7 @@ typedef WOLFSSL_ASN1_INTEGER ASN1_INTEGER;
|
||||
typedef WOLFSSL_ASN1_OBJECT ASN1_OBJECT;
|
||||
typedef WOLFSSL_ASN1_STRING ASN1_STRING;
|
||||
typedef WOLFSSL_ASN1_TYPE ASN1_TYPE;
|
||||
typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
|
||||
typedef WOLFSSL_dynlock_value CRYPTO_dynlock_value;
|
||||
typedef WOLFSSL_BUF_MEM BUF_MEM;
|
||||
typedef WOLFSSL_GENERAL_NAMES GENERAL_NAMES;
|
||||
@ -249,7 +252,12 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
|
||||
#define SSL_library_init wolfSSL_library_init
|
||||
#define SSL_CTX_set_session_cache_mode wolfSSL_CTX_set_session_cache_mode
|
||||
#define SSL_CTX_set_cipher_list wolfSSL_CTX_set_cipher_list
|
||||
#define SSL_CTX_set_ciphersuites wolfSSL_CTX_set_cipher_list
|
||||
#define SSL_set_cipher_list wolfSSL_set_cipher_list
|
||||
/* wolfSSL does not support security levels */
|
||||
#define SSL_CTX_set_security_level(...)
|
||||
/* wolfSSL does not support expoting keying material */
|
||||
#define SSL_export_keying_material(...) 0
|
||||
|
||||
#define SSL_set_ex_data wolfSSL_set_ex_data
|
||||
#define SSL_get_shutdown wolfSSL_get_shutdown
|
||||
@ -294,6 +302,9 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
|
||||
#endif
|
||||
|
||||
#define DSA_dup_DH wolfSSL_DSA_dup_DH
|
||||
/* wolfSSL does not support DSA as the cert public key */
|
||||
#define EVP_PKEY_get0_DSA(...) NULL
|
||||
#define DSA_bits(...) 0
|
||||
|
||||
#define i2d_X509_bio wolfSSL_i2d_X509_bio
|
||||
#define d2i_X509_bio wolfSSL_d2i_X509_bio
|
||||
@ -301,11 +312,13 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
|
||||
#define i2d_X509 wolfSSL_i2d_X509
|
||||
#define d2i_X509 wolfSSL_d2i_X509
|
||||
#define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509
|
||||
#define PEM_read_bio_X509_CRL wolfSSL_PEM_read_bio_X509_CRL
|
||||
#define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX
|
||||
#define PEM_read_X509 wolfSSL_PEM_read_X509
|
||||
#define PEM_X509_INFO_read_bio wolfSSL_PEM_X509_INFO_read_bio
|
||||
#define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509
|
||||
#define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX
|
||||
#define PEM_X509_INFO_read_bio wolfSSL_PEM_X509_INFO_read_bio
|
||||
#define i2d_PrivateKey wolfSSL_i2d_PrivateKey
|
||||
|
||||
#define i2d_X509_REQ wolfSSL_i2d_X509_REQ
|
||||
@ -324,13 +337,12 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
|
||||
#define X509_digest wolfSSL_X509_digest
|
||||
#define X509_get_ext_count wolfSSL_X509_get_ext_count
|
||||
#define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i
|
||||
#define X509_get_ext_by_NID wolfSSL_X509_get_ext_by_NID
|
||||
#define X509_get_ext wolfSSL_X509_get_ext
|
||||
#define X509_get_ext_by_NID wolfSSL_X509_get_ext_by_NID
|
||||
#define X509_add_ext wolfSSL_X509_add_ext
|
||||
#define X509_get_issuer_name wolfSSL_X509_get_issuer_name
|
||||
#define X509_get_subject_name wolfSSL_X509_get_subject_name
|
||||
#define X509_get_pubkey wolfSSL_X509_get_pubkey
|
||||
#define X509_get0_pubkey wolfSSL_X509_get_pubkey
|
||||
#define X509_get_notBefore wolfSSL_X509_get_notBefore
|
||||
#define X509_get_notAfter wolfSSL_X509_get_notAfter
|
||||
#define X509_get_serialNumber wolfSSL_X509_get_serialNumber
|
||||
@ -399,6 +411,7 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
|
||||
#define X509_NAME_free wolfSSL_X509_NAME_free
|
||||
#define X509_NAME_dup wolfSSL_X509_NAME_dup
|
||||
#define X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID
|
||||
#define X509_NAME_get_index_by_OBJ wolfSSL_X509_NAME_get_index_by_OBJ
|
||||
#define X509_NAME_cmp wolfSSL_X509_NAME_cmp
|
||||
#define X509_NAME_ENTRY_free wolfSSL_X509_NAME_ENTRY_free
|
||||
#define X509_NAME_ENTRY_create_by_NID wolfSSL_X509_NAME_ENTRY_create_by_NID
|
||||
@ -501,6 +514,8 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
|
||||
#define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
|
||||
#define X509_subject_name_hash wolfSSL_X509_subject_name_hash
|
||||
|
||||
#define X509_check_purpose(...) 0
|
||||
|
||||
#define OCSP_parse_url wolfSSL_OCSP_parse_url
|
||||
|
||||
#define MD4_Init wolfSSL_MD4_Init
|
||||
@ -530,6 +545,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
|
||||
#define BIO_f_ssl wolfSSL_BIO_f_ssl
|
||||
#define BIO_new_socket wolfSSL_BIO_new_socket
|
||||
#define SSL_set_bio wolfSSL_set_bio
|
||||
#define BIO_set_ssl wolfSSL_BIO_set_ssl
|
||||
#define BIO_eof wolfSSL_BIO_eof
|
||||
#define BIO_set_ss wolfSSL_BIO_set_ss
|
||||
|
||||
@ -560,8 +576,12 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
|
||||
|
||||
#define SSL_get_ex_new_index wolfSSL_get_ex_new_index
|
||||
|
||||
#define ASN1_BIT_STRING_new wolfSSL_ASN1_BIT_STRING_new
|
||||
#define ASN1_BIT_STRING_free wolfSSL_ASN1_BIT_STRING_free
|
||||
#define ASN1_BIT_STRING_get_bit wolfSSL_ASN1_BIT_STRING_get_bit
|
||||
#define ASN1_BIT_STRING_set_bit wolfSSL_ASN1_BIT_STRING_set_bit
|
||||
|
||||
typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
|
||||
#define sk_ASN1_OBJECT_free wolfSSL_sk_ASN1_OBJECT_free
|
||||
|
||||
#define ASN1_TIME_adj wolfSSL_ASN1_TIME_adj
|
||||
#define ASN1_TIME_print wolfSSL_ASN1_TIME_print
|
||||
@ -599,7 +619,7 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
|
||||
|
||||
#define SSL_load_client_CA_file wolfSSL_load_client_CA_file
|
||||
|
||||
#define SSL_CTX_get_client_CA_list wolfSSL_SSL_CTX_get_client_CA_list
|
||||
#define SSL_CTX_get_client_CA_list wolfSSL_CTX_get_client_CA_list
|
||||
#define SSL_CTX_set_client_CA_list wolfSSL_CTX_set_client_CA_list
|
||||
#define SSL_CTX_set_client_cert_cb wolfSSL_CTX_set_client_cert_cb
|
||||
#define SSL_CTX_set_cert_store wolfSSL_CTX_set_cert_store
|
||||
@ -624,6 +644,7 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
|
||||
#define RSA_generate_key wolfSSL_RSA_generate_key
|
||||
#define SSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback
|
||||
#define RSA_print wolfSSL_RSA_print
|
||||
#define RSA_bits wolfSSL_RSA_size
|
||||
|
||||
#define PEM_def_callback wolfSSL_PEM_def_callback
|
||||
|
||||
@ -725,7 +746,9 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
|
||||
#define BIO_prf wolfSSL_BIO_prf
|
||||
|
||||
#define sk_num wolfSSL_sk_num
|
||||
#define sk_ASN1_OBJECT_num wolfSSL_sk_num
|
||||
#define sk_value wolfSSL_sk_value
|
||||
#define sk_ASN1_OBJECT_value wolfSSL_sk_value
|
||||
|
||||
#define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio
|
||||
#define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp
|
||||
@ -790,6 +813,8 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
|
||||
|
||||
#define SSL_dup_CA_list wolfSSL_dup_CA_list
|
||||
|
||||
#define sk_X509_NAME_find wolfSSL_sk_X509_NAME_find
|
||||
|
||||
enum {
|
||||
GEN_DNS = 0x02, /* ASN_DNS_TYPE */
|
||||
GEN_EMAIL = 0x01, /* ASN_RFC822_TYPE */
|
||||
@ -958,11 +983,14 @@ enum {
|
||||
#define SSL_SESSION_get_id wolfSSL_SESSION_get_id
|
||||
#define SSL_SESSION_print wolfSSL_SESSION_print
|
||||
#define sk_GENERAL_NAME_pop_free wolfSSL_sk_GENERAL_NAME_pop_free
|
||||
#define sk_GENERAL_NAME_free wolfSSL_sk_GENERAL_NAME_free
|
||||
#define sk_ASN1_OBJECT_pop_free wolfSSL_sk_ASN1_OBJECT_pop_free
|
||||
#define GENERAL_NAME_free wolfSSL_GENERAL_NAME_free
|
||||
#define GENERAL_NAMES_free wolfSSL_GENERAL_NAMES_free
|
||||
|
||||
#define AUTHORITY_INFO_ACCESS_free wolfSSL_AUTHORITY_INFO_ACCESS_free
|
||||
#define sk_ACCESS_DESCRIPTION_pop_free wolfSSL_sk_ACCESS_DESCRIPTION_pop_free
|
||||
#define sk_ACCESS_DESCRIPTION_free wolfSSL_sk_ACCESS_DESCRIPTION_free
|
||||
#define ACCESS_DESCRIPTION_free NULL
|
||||
|
||||
#define SSL3_AL_FATAL 2
|
||||
@ -1110,6 +1138,22 @@ enum {
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
|
||||
|
||||
#define EVP_CIPHER_mode WOLFSSL_CIPHER_mode
|
||||
/* WOLFSSL_EVP_CIPHER is just the string name of the cipher */
|
||||
#define EVP_CIPHER_name(x) x
|
||||
#define EVP_MD_CTX_reset wolfSSL_EVP_MD_CTX_cleanup
|
||||
/* WOLFSSL_EVP_MD is just the string name of the digest */
|
||||
#define EVP_MD_name(x) x
|
||||
#define X509_STORE_get0_objects wolfSSL_X509_STORE_get0_objects
|
||||
#define sk_X509_OBJECT_num wolfSSL_sk_X509_OBJECT_num
|
||||
#define sk_X509_OBJECT_value wolfSSL_sk_X509_OBJECT_value
|
||||
#define sk_X509_OBJECT_delete wolfSSL_sk_X509_OBJECT_delete
|
||||
#define X509_OBJECT_free wolfSSL_X509_OBJECT_free
|
||||
#define X509_OBJECT_get_type(x) 0
|
||||
#define EVP_CIPHER_nid wolfSSL_EVP_CIPHER_nid
|
||||
|
||||
#define OpenSSL_version(x) wolfSSL_lib_version()
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
@ -30,19 +30,15 @@
|
||||
|
||||
typedef void (*wolfSSL_sk_freefunc)(void *);
|
||||
|
||||
WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK *);
|
||||
WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc);
|
||||
WOLFSSL_API void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK *);
|
||||
WOLFSSL_API int wolfSSL_sk_GENERIC_push(WOLFSSL_STACK *sk, void *data);
|
||||
WOLFSSL_API void wolfSSL_sk_pop_free(WOLFSSL_STACK *st, void (*func) (void *));
|
||||
WOLFSSL_API
|
||||
void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk);
|
||||
WOLFSSL_API void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk);
|
||||
WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_new_null(void);
|
||||
WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data);
|
||||
|
||||
WOLFSSL_API
|
||||
int wolfSSL_sk_CIPHER_push(WOLFSSL_STACK *st,WOLFSSL_CIPHER *cipher);
|
||||
WOLFSSL_API
|
||||
WOLFSSL_CIPHER* wolfSSL_sk_CIPHER_pop(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk);
|
||||
WOLFSSL_API int wolfSSL_sk_CIPHER_push(WOLFSSL_STACK *st,WOLFSSL_CIPHER *cipher);
|
||||
WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_CIPHER_pop(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk);
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_cipher(void);
|
||||
|
||||
#define OPENSSL_sk_free wolfSSL_sk_free
|
||||
|
||||
46
wolfssl/openssl/tls1.h
Normal file
46
wolfssl/openssl/tls1.h
Normal file
@ -0,0 +1,46 @@
|
||||
/* tls1.h
|
||||
*
|
||||
* Copyright (C) 2006-2019 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
|
||||
#ifndef WOLFSSL_OPENSSL_TLS1_H_
|
||||
#define WOLFSSL_OPENSSL_TLS1_H_
|
||||
|
||||
#ifndef TLS1_VERSION
|
||||
#define TLS1_VERSION 0x0301
|
||||
#endif
|
||||
|
||||
#ifndef TLS1_1_VERSION
|
||||
#define TLS1_1_VERSION 0x0302
|
||||
#endif
|
||||
|
||||
#ifndef TLS1_2_VERSION
|
||||
#define TLS1_2_VERSION 0x0303
|
||||
#endif
|
||||
|
||||
#ifndef TLS1_3_VERSION
|
||||
#define TLS1_3_VERSION 0x0304
|
||||
#endif
|
||||
|
||||
#ifndef TLS_MAX_VERSION
|
||||
#define TLS_MAX_VERSION TLS1_3_VERSION
|
||||
#endif
|
||||
|
||||
#endif /* WOLFSSL_OPENSSL_TLS1_H_ */
|
||||
@ -18,3 +18,6 @@
|
||||
#define X509_FLAG_NO_AUX (1UL << 10)
|
||||
#define X509_FLAG_NO_ATTRIBUTES (1UL << 11)
|
||||
#define X509_FLAG_NO_IDS (1UL << 12)
|
||||
|
||||
#define XN_FLAG_FN_SN 0
|
||||
#define XN_FLAG_SEP_CPLUS_SPC 2
|
||||
|
||||
@ -31,8 +31,13 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define X509_PURPOSE_SSL_CLIENT 0
|
||||
#define X509_PURPOSE_SSL_SERVER 1
|
||||
|
||||
#define NS_SSL_CLIENT 0
|
||||
#define NS_SSL_SERVER 1
|
||||
|
||||
/* Forward reference */
|
||||
typedef struct WOLFSSL_v3_ext_method WOLFSSL_v3_ext_method;
|
||||
|
||||
typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
|
||||
typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) (
|
||||
@ -53,6 +58,14 @@ struct WOLFSSL_v3_ext_method {
|
||||
X509V3_EXT_I2R i2r;
|
||||
};
|
||||
|
||||
struct WOLFSSL_X509_EXTENSION {
|
||||
WOLFSSL_ASN1_OBJECT *obj;
|
||||
WOLFSSL_ASN1_BOOLEAN crit;
|
||||
WOLFSSL_ASN1_STRING value;
|
||||
WOLFSSL_v3_ext_method ext_method;
|
||||
WOLFSSL_STACK* ext_sk; /* For extension specific data */
|
||||
};
|
||||
|
||||
#define WOLFSSL_ASN1_BOOLEAN int
|
||||
#define GEN_OTHERNAME 0
|
||||
#define GEN_EMAIL 1
|
||||
@ -68,14 +81,6 @@ struct WOLFSSL_v3_ext_method {
|
||||
|
||||
#define X509V3_CTX WOLFSSL_X509V3_CTX
|
||||
|
||||
struct WOLFSSL_X509_EXTENSION {
|
||||
WOLFSSL_ASN1_OBJECT *obj;
|
||||
WOLFSSL_ASN1_BOOLEAN crit;
|
||||
WOLFSSL_ASN1_STRING value;
|
||||
WOLFSSL_v3_ext_method ext_method;
|
||||
WOLFSSL_STACK* ext_sk; /* For extension specific data */
|
||||
};
|
||||
|
||||
typedef struct WOLFSSL_AUTHORITY_KEYID AUTHORITY_KEYID;
|
||||
typedef struct WOLFSSL_BASIC_CONSTRAINTS BASIC_CONSTRAINTS;
|
||||
typedef struct WOLFSSL_ACCESS_DESCRIPTION ACCESS_DESCRIPTION;
|
||||
@ -98,7 +103,6 @@ WOLFSSL_API int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out,
|
||||
#define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING
|
||||
#define X509V3_EXT_get wolfSSL_X509V3_EXT_get
|
||||
#define X509V3_EXT_d2i wolfSSL_X509V3_EXT_d2i
|
||||
#define X509V3_EXT_print wolfSSL_X509V3_EXT_print
|
||||
#define i2s_ASN1_OCTET_STRING wolfSSL_i2s_ASN1_STRING
|
||||
#define X509V3_EXT_print wolfSSL_X509V3_EXT_print
|
||||
#define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid
|
||||
|
||||
@ -126,6 +126,7 @@ typedef struct WOLFSSL_X509_PUBKEY WOLFSSL_X509_PUBKEY;
|
||||
typedef struct WOLFSSL_X509_ALGOR WOLFSSL_X509_ALGOR;
|
||||
typedef struct WOLFSSL_X509_CHAIN WOLFSSL_X509_CHAIN;
|
||||
typedef struct WC_PKCS12 WOLFSSL_X509_PKCS12;
|
||||
typedef struct WOLFSSL_X509_INFO WOLFSSL_X509_INFO;
|
||||
|
||||
typedef struct WOLFSSL_CERT_MANAGER WOLFSSL_CERT_MANAGER;
|
||||
typedef struct WOLFSSL_SOCKADDR WOLFSSL_SOCKADDR;
|
||||
@ -180,6 +181,7 @@ typedef struct WOLFSSL_ASN1_TIME WOLFSSL_ASN1_TIME;
|
||||
typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT;
|
||||
typedef struct WOLFSSL_ASN1_OTHERNAME WOLFSSL_ASN1_OTHERNAME;
|
||||
typedef struct WOLFSSL_X509V3_CTX WOLFSSL_X509V3_CTX;
|
||||
typedef struct WOLFSSL_v3_ext_method WOLFSSL_v3_ext_method;
|
||||
|
||||
typedef struct WOLFSSL_ASN1_STRING WOLFSSL_ASN1_STRING;
|
||||
typedef struct WOLFSSL_dynlock_value WOLFSSL_dynlock_value;
|
||||
@ -282,7 +284,7 @@ struct WOLFSSL_ASN1_OBJECT {
|
||||
int grp; /* type of OID, i.e. oidCertPolicyType */
|
||||
int nid;
|
||||
unsigned int objSz;
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_APACHE_HTTPD)
|
||||
int ca;
|
||||
WOLFSSL_ASN1_INTEGER *pathlen;
|
||||
#endif
|
||||
@ -374,7 +376,6 @@ struct WOLFSSL_X509_INFO {
|
||||
char *enc_data;
|
||||
int num;
|
||||
};
|
||||
typedef struct WOLFSSL_X509_INFO WOLFSSL_X509_INFO;
|
||||
|
||||
#define WOLFSSL_EVP_PKEY_DEFAULT EVP_PKEY_RSA /* default key type */
|
||||
|
||||
@ -1020,8 +1021,11 @@ typedef int WOLFSSL_LHASH;
|
||||
#endif
|
||||
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_node(void* heap);
|
||||
WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void wolfSSL_sk_free_node(WOLFSSL_STACK* in);
|
||||
WOLFSSL_API int wolfSSL_sk_push_node(WOLFSSL_STACK** stack, WOLFSSL_STACK* in);
|
||||
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_get_node(WOLFSSL_STACK* sk, int idx);
|
||||
WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data);
|
||||
|
||||
#if defined(HAVE_OCSP)
|
||||
#include "wolfssl/ocsp.h"
|
||||
@ -1049,15 +1053,17 @@ WOLFSSL_API WOLFSSL_GENERAL_NAME* wolfSSL_sk_GENERAL_NAME_value(
|
||||
WOLFSSL_STACK* sk, int i);
|
||||
WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_num(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void wolfSSL_sk_GENERAL_NAME_pop_free(WOLFSSL_STACK* sk,
|
||||
void f (WOLFSSL_GENERAL_NAME*));
|
||||
void (*f) (WOLFSSL_GENERAL_NAME*));
|
||||
WOLFSSL_API void wolfSSL_sk_GENERAL_NAME_free(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void wolfSSL_GENERAL_NAMES_free(WOLFSSL_GENERAL_NAMES* name);
|
||||
WOLFSSL_API int wolfSSL_sk_ACCESS_DESCRIPTION_num(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void wolfSSL_AUTHORITY_INFO_ACCESS_free(
|
||||
WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION)* sk);
|
||||
WOLFSSL_API WOLFSSL_ACCESS_DESCRIPTION* wolfSSL_sk_ACCESS_DESCRIPTION_value(
|
||||
WOLFSSL_STACK* sk, int idx);
|
||||
WOLFSSL_API void wolfSSL_sk_ACCESS_DESCRIPTION_free(WOLFSSL_STACK* sk);
|
||||
WOLFSSL_API void wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(WOLFSSL_STACK* sk,
|
||||
void f (WOLFSSL_ACCESS_DESCRIPTION*));
|
||||
void (*f) (WOLFSSL_ACCESS_DESCRIPTION*));
|
||||
WOLFSSL_API void wolfSSL_sk_X509_EXTENSION_pop_free(
|
||||
WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk,
|
||||
void f (WOLFSSL_X509_EXTENSION*));
|
||||
@ -1072,7 +1078,7 @@ WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_sk_ASN1_OBJECT_pop(
|
||||
WOLFSSL_API void wolfSSL_sk_ASN1_OBJECT_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk);
|
||||
WOLFSSL_API void wolfSSL_sk_ASN1_OBJECT_pop_free(
|
||||
WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk,
|
||||
void (*func)(WOLFSSL_ASN1_OBJECT*));
|
||||
void (*f)(WOLFSSL_ASN1_OBJECT*));
|
||||
WOLFSSL_API int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *in);
|
||||
WOLFSSL_API int wolfSSL_sk_X509_EXTENSION_num(WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk);
|
||||
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_sk_X509_EXTENSION_value(
|
||||
@ -1197,6 +1203,7 @@ WOLFSSL_API int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs);
|
||||
WOLFSSL_API int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name);
|
||||
WOLFSSL_API long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v);
|
||||
WOLFSSL_API long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m);
|
||||
WOLFSSL_API int wolfSSL_BIO_get_len(WOLFSSL_BIO *bio);
|
||||
|
||||
WOLFSSL_API void wolfSSL_RAND_screen(void);
|
||||
WOLFSSL_API const char* wolfSSL_RAND_file_name(char*, unsigned long);
|
||||
@ -1263,8 +1270,8 @@ WOLFSSL_API int wolfSSL_X509_set_notAfter(WOLFSSL_X509* x509,
|
||||
const WOLFSSL_ASN1_TIME* t);
|
||||
WOLFSSL_API int wolfSSL_X509_set_notBefore(WOLFSSL_X509* x509,
|
||||
const WOLFSSL_ASN1_TIME* t);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(WOLFSSL_X509* x509);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notAfter(WOLFSSL_X509* x509);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(const WOLFSSL_X509* x509);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notAfter(const WOLFSSL_X509* x509);
|
||||
WOLFSSL_API int wolfSSL_X509_set_serialNumber(WOLFSSL_X509* x509,
|
||||
WOLFSSL_ASN1_INTEGER* s);
|
||||
WOLFSSL_API int wolfSSL_X509_set_version(WOLFSSL_X509* x509, long v);
|
||||
@ -1389,8 +1396,11 @@ WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME*, time_t,
|
||||
#endif
|
||||
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*);
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list(
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_CTX_get_client_CA_list(
|
||||
const WOLFSSL_CTX *s);
|
||||
/* depricated function name */
|
||||
#define wolfSSL_SSL_CTX_get_client_CA_list wolfSSL_CTX_get_client_CA_list
|
||||
|
||||
WOLFSSL_API void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX*,
|
||||
WOLF_STACK_OF(WOLFSSL_X509_NAME)*);
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_get_client_CA_list(
|
||||
@ -3039,6 +3049,11 @@ struct WOLFSSL_X509_NAME_ENTRY {
|
||||
int set;
|
||||
int size;
|
||||
};
|
||||
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_OBJ(WOLFSSL_X509_NAME *name,
|
||||
const WOLFSSL_ASN1_OBJECT *obj,
|
||||
int idx);
|
||||
|
||||
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
|
||||
@ -3064,7 +3079,7 @@ enum {
|
||||
};
|
||||
|
||||
/* Object functions */
|
||||
WOLFSSL_API const char * wolfSSL_OBJ_nid2sn(int n);
|
||||
WOLFSSL_API const char* wolfSSL_OBJ_nid2sn(int n);
|
||||
WOLFSSL_API int wolfSSL_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o);
|
||||
WOLFSSL_API int wolfSSL_OBJ_sn2nid(const char *sn);
|
||||
|
||||
@ -3102,7 +3117,8 @@ WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_NID(WOLFSSL_X509_NAME *name, int
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
|
||||
const WOLFSSL_X509_NAME* y);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
|
||||
WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME* name);
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509*);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME*);
|
||||
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
|
||||
WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
|
||||
int nid, int* c, int* idx);
|
||||
@ -3178,6 +3194,8 @@ WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl,
|
||||
unsigned char* out, size_t outSz);
|
||||
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u);
|
||||
WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_bio_X509_CRL(WOLFSSL_BIO *bp,
|
||||
WOLFSSL_X509_CRL **x, pem_password_cb *cb, void *u);
|
||||
WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX
|
||||
(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u);
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_INFO)* wolfSSL_PEM_X509_INFO_read_bio(
|
||||
@ -3232,6 +3250,7 @@ WOLFSSL_API int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509);
|
||||
#ifndef NO_FILESYSTEM
|
||||
WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c);
|
||||
WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp);
|
||||
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int c);
|
||||
#endif
|
||||
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
|
||||
@ -3247,9 +3266,6 @@ WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp);
|
||||
|| defined(OPENSSL_EXTRA)
|
||||
|
||||
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode);
|
||||
#ifndef NO_FILESYSTEM
|
||||
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int close_flag);
|
||||
#endif
|
||||
WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*);
|
||||
WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp,
|
||||
WOLFSSL_DH **x, pem_password_cb *cb, void *u);
|
||||
@ -3334,7 +3350,7 @@ WOLFSSL_API int wolfSSL_sk_X509_INFO_push(WOLF_STACK_OF(WOLFSSL_X509_INFO)*,
|
||||
WOLFSSL_X509_INFO*);
|
||||
WOLFSSL_API WOLFSSL_X509_INFO* wolfSSL_sk_X509_INFO_pop(WOLF_STACK_OF(WOLFSSL_X509_INFO)*);
|
||||
WOLFSSL_API void wolfSSL_sk_X509_INFO_pop_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*,
|
||||
void f (WOLFSSL_X509_INFO*));
|
||||
void (*f) (WOLFSSL_X509_INFO*));
|
||||
WOLFSSL_API void wolfSSL_sk_X509_INFO_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*);
|
||||
|
||||
typedef int (*wolf_sk_compare_cb)(const void* const *a,
|
||||
@ -3351,14 +3367,22 @@ WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_sk_X509_NAME_value(const WOLF_STACK_OF(WO
|
||||
WOLFSSL_API int wolfSSL_sk_X509_NAME_num(const WOLF_STACK_OF(WOLFSSL_X509_NAME)*);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_sk_X509_NAME_pop(WOLF_STACK_OF(WOLFSSL_X509_NAME)*);
|
||||
WOLFSSL_API void wolfSSL_sk_X509_NAME_pop_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)*,
|
||||
void f (WOLFSSL_X509_NAME*));
|
||||
void (*f) (WOLFSSL_X509_NAME*));
|
||||
WOLFSSL_API void wolfSSL_sk_X509_NAME_free(WOLF_STACK_OF(WOLFSSL_X509_NAME) *);
|
||||
|
||||
WOLFSSL_API int wolfSSL_sk_X509_OBJECT_num(const WOLF_STACK_OF(WOLFSSL_X509_OBJECT) *s);
|
||||
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,
|
||||
unsigned long);
|
||||
|
||||
WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_ASN1_BIT_STRING_new(void);
|
||||
WOLFSSL_API void wolfSSL_ASN1_BIT_STRING_free(WOLFSSL_ASN1_BIT_STRING*);
|
||||
WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(
|
||||
const WOLFSSL_X509*);
|
||||
WOLFSSL_API int wolfSSL_ASN1_BIT_STRING_get_bit(
|
||||
const WOLFSSL_ASN1_BIT_STRING*, int);
|
||||
WOLFSSL_API int wolfSSL_ASN1_BIT_STRING_set_bit(
|
||||
WOLFSSL_ASN1_BIT_STRING*, int, int);
|
||||
|
||||
WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*);
|
||||
|
||||
@ -3366,9 +3390,11 @@ WOLFSSL_API int wolfSSL_version(WOLFSSL*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_get_state(const WOLFSSL*);
|
||||
|
||||
WOLFSSL_API void* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)*, int);
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)*, int);
|
||||
|
||||
WOLFSSL_API void* wolfSSL_sk_X509_shift(WOLF_STACK_OF(WOLFSSL_X509)*);
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_shift(WOLF_STACK_OF(WOLFSSL_X509)*);
|
||||
|
||||
WOLFSSL_API void* wolfSSL_sk_X509_OBJECT_value(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)*, int);
|
||||
|
||||
WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int);
|
||||
|
||||
@ -3417,8 +3443,13 @@ WOLFSSL_API void wolfSSL_THREADID_set_numeric(void* id, unsigned long val);
|
||||
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs(
|
||||
WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_NAME*);
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_OBJECT)*
|
||||
wolfSSL_X509_STORE_get0_objects(WOLFSSL_X509_STORE *);
|
||||
WOLFSSL_API WOLFSSL_X509_OBJECT*
|
||||
wolfSSL_sk_X509_OBJECT_delete(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* sk, int i);
|
||||
WOLFSSL_API void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *a);
|
||||
|
||||
WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void f (WOLFSSL_X509*));
|
||||
WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*));
|
||||
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */
|
||||
|
||||
#if defined(OPENSSL_ALL) || \
|
||||
@ -3533,8 +3564,6 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_STRING) *wolfSSL_X509_get1_ocsp(WOLFSSL_X509 *
|
||||
WOLFSSL_API int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer,
|
||||
WOLFSSL_X509 *subject);
|
||||
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x);
|
||||
|
||||
WOLFSSL_API char* wolfSSL_sk_WOLFSSL_STRING_value(
|
||||
WOLF_STACK_OF(WOLFSSL_STRING)* strings, int idx);
|
||||
#endif /* HAVE_OCSP */
|
||||
|
||||
@ -298,6 +298,8 @@
|
||||
#define svrKeyFile "certs/server-key.pem"
|
||||
#define cliCertFile "certs/client-cert.pem"
|
||||
#define cliCertDerFile "certs/client-cert.der"
|
||||
#define cliCertFileExt "certs/client-cert-ext.pem"
|
||||
#define cliCertDerFileExt "certs/client-cert-ext.der"
|
||||
#define cliKeyFile "certs/client-key.pem"
|
||||
#define ntruCertFile "certs/ntru-cert.pem"
|
||||
#define ntruKeyFile "certs/ntru-key.raw"
|
||||
@ -324,6 +326,8 @@
|
||||
#define svrKeyFile "./certs/server-key.pem"
|
||||
#define cliCertFile "./certs/client-cert.pem"
|
||||
#define cliCertDerFile "./certs/client-cert.der"
|
||||
#define cliCertFileExt "./certs/client-cert-ext.pem"
|
||||
#define cliCertDerFileExt "./certs/client-cert-ext.der"
|
||||
#define cliKeyFile "./certs/client-key.pem"
|
||||
#define ntruCertFile "./certs/ntru-cert.pem"
|
||||
#define ntruKeyFile "./certs/ntru-key.raw"
|
||||
|
||||
@ -112,6 +112,7 @@ enum ASN_Tags {
|
||||
#define ASN_GENERALIZED_TIME_MAX 68
|
||||
|
||||
enum DN_Tags {
|
||||
ASN_DN_NULL = 0x00,
|
||||
ASN_COMMON_NAME = 0x03, /* CN */
|
||||
ASN_SUR_NAME = 0x04, /* SN */
|
||||
ASN_SERIAL_NUMBER = 0x05, /* serialNumber */
|
||||
@ -164,6 +165,7 @@ enum DN_Tags {
|
||||
enum
|
||||
{
|
||||
NID_undef = 0,
|
||||
NID_netscape_cert_type = NID_undef,
|
||||
NID_des = 66,
|
||||
NID_des3 = 67,
|
||||
NID_sha256 = 672,
|
||||
@ -617,7 +619,7 @@ struct DecodedName {
|
||||
int dcLen[DOMAIN_COMPONENT_MAX];
|
||||
int dcNum;
|
||||
int dcMode;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
/* hold the location / order with which each of the DN tags was found
|
||||
*
|
||||
* example of ASN_DOMAIN_COMPONENT at index 0 if first found and so on.
|
||||
|
||||
Reference in New Issue
Block a user