feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fixes for data types, cast warnings and shift operations when using 16-bit platform. Added new --enable-16bit build option, which defines WC_16BIT_CPU. Fix build error when using WOLFSSL_LEANPSK and NO_WOLFSSL_MEMORY.

Browse Source 
Tested using `avr-gcc` version 8.3.0 with: `./configure --host=avr --enable-16bit --disable-filesystem --enable-singlethreaded CFLAGS="-DWOLFSSL_GENSEED_FORTEST -DWOLFSSL_USER_CURRTIME -DWOLFSSL_USER_IO -DWOLFSSL_NO_SOCK -DNO_WRITEV -DUSER_TICKS" --enable-tls13 --enable-compkey --enable-certgen --enable-certext --enable-keygen --enable-session-ticket --enable-maxfragment`. Also with `--enable-fastmath`.
This commit is contained in:
David Garske
2019-03-01 15:54:08 -08:00
parent 809c30a5b9
commit 621e1656b4
17 changed files with 178 additions and 141 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
doc/dox_comments/header_files/ssl.h
View File

@@ -896,7 +896,7 @@ WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, const char*, int);
as NULL if not needed. If path is specified and NO_WOLFSSL_DIR was not
defined when building the library, wolfSSL will load all CA certificates
located in the given directory. This function will attempt to load all
files in the directory. This function expects PEM formatted CERT_TYPE
files in the directory. This function expects PEM formatted CERT_TYPE
file with header “-----BEGIN CERTIFICATE-----”.
\return SSL_SUCCESS up success.
@@ -962,7 +962,7 @@ WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*,
as NULL if not needed. If path is specified and NO_WOLFSSL_DIR was not
defined when building the library, wolfSSL will load all CA certificates
located in the given directory. This function will attempt to load all
files in the directory based on flags specified. This function expects PEM
files in the directory based on flags specified. This function expects PEM
formatted CERT_TYPE files with header “-----BEGIN CERTIFICATE-----”.
\return SSL_SUCCESS up success.
@@ -983,7 +983,7 @@ WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*,
certificates.
\param path pointer to the name of a directory to load PEM-formatted
certificates from.
\param flags possible mask values are: WOLFSSL_LOAD_FLAG_IGNORE_ERR,
\param flags possible mask values are: WOLFSSL_LOAD_FLAG_IGNORE_ERR,
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY and WOLFSSL_LOAD_FLAG_PEM_CA_ONLY
_Example_
@@ -991,7 +991,7 @@ WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*,
int ret = 0;
WOLFSSL_CTX* ctx;
...
ret = wolfSSL_CTX_load_verify_locations_ex(ctx, NUULL, “./certs/external",
ret = wolfSSL_CTX_load_verify_locations_ex(ctx, NUULL, “./certs/external",
WOLFSSL_LOAD_FLAG_PEM_CA_ONLY);
if (ret != WOLFSSL_SUCCESS) {
// error loading CA certs
@@ -2781,7 +2781,7 @@ WOLFSSL_API int wolfSSL_set_session_secret_cb(WOLFSSL*, SessionSecretCb, void*)
\code
const char* fname;
...
if(wolfSSL_save_session_cache(fname) != SSL_SUCCESS){
if(wolfSSL_save_session_cache(fname) != SSL_SUCCESS){
// Fail to write to file.
}
\endcode
@@ -5133,7 +5133,7 @@ WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL*,
wolfSSL_CTX_allow_anon_cipher(ctx);
if(wolfSSL_CTX_set_cipher_list(ctx, “ADH_AES128_SHA”) != SSL_SUCCESS){
// failure case
}
}
}
#endif
\endcode
@@ -5418,7 +5418,7 @@ WOLFSSL_API const char* wolfSSL_lib_version(void);
\sa wolfSSL_lib_version
*/
WOLFSSL_API unsigned int wolfSSL_lib_version_hex(void);
WOLFSSL_API word32 wolfSSL_lib_version_hex(void);
/*!
\ingroup IO
@@ -6479,7 +6479,7 @@ WOLFSSL_API int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX*, const char* f,
\sa wolfSSL_GetDhKey_Sz
\sa wolfSSL_CTX_SetTMpDH_file
*/
WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, unsigned short);
WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, word16);
/*!
\ingroup CertsKeys
@@ -6507,7 +6507,7 @@ WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, unsigned short);
\sa wolfSSL_CTX_SetMinDhKey_Sz
\sa wolfSSL_GetDhKey_Sz
*/
WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, unsigned short);
WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, word16);
/*!
\ingroup CertsKeys
@@ -6536,7 +6536,7 @@ WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, unsigned short);
\sa wolfSSL_GetDhKey_Sz
\sa wolfSSL_CTX_SetTMpDH_file
*/
WOLFSSL_API int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX*, unsigned short);
WOLFSSL_API int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX*, word16);
/*!
\ingroup CertsKeys
@@ -6564,7 +6564,7 @@ WOLFSSL_API int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX*, unsigned short);
\sa wolfSSL_CTX_SetMaxDhKey_Sz
\sa wolfSSL_GetDhKey_Sz
*/
WOLFSSL_API int wolfSSL_SetMaxDhKey_Sz(WOLFSSL*, unsigned short);
WOLFSSL_API int wolfSSL_SetMaxDhKey_Sz(WOLFSSL*, word16);
/*!
\ingroup CertsKeys
@@ -8082,7 +8082,7 @@ WOLFSSL_API int wolfSSL_GetCipherType(WOLFSSL*);
\sa wolfSSL_GetHmacType
*/
WOLFSSL_API int wolfSSL_SetTlsHmacInner(WOLFSSL*, unsigned char*,
unsigned int, int, int);
word32, int, int);
/*!
\brief Allows caller to set the Public Key Callback for ECC Signing.
@@ -9568,7 +9568,7 @@ WOLFSSL_API int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX*, const char*, int, int);
\param cb a pointer to a callback function of type CbMissingCRL.
Signature requirement:
void (*CbMissingCRL)(const char* url);
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -10379,7 +10379,7 @@ WOLFSSL_API int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx);
WOLFSSL* ssl = wolfSSL_new(ctx);
if (wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR2_OCSP,
WOLFSSL_CSR2_OCSP_USE_NONCE) != SSL_SUCCESS){
WOLFSSL_CSR2_OCSP_USE_NONCE) != SSL_SUCCESS){
// Failed case.
}
\endcode
@@ -10537,7 +10537,7 @@ WOLFSSL_API int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx,
\sa wolfSSL_CTX_new
\sa wolfSSL_CTX_UseSupportedCurve
*/
WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, unsigned short name);
WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name);
/*!
\brief This function is called on the client side to enable the use of
@@ -10576,7 +10576,7 @@ WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, unsigned short name);
\sa wolfSSL_UseSupportedCurve
*/
WOLFSSL_API int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx,
unsigned short name);
word16 name);
/*!
\ingroup IO
@@ -10737,7 +10737,7 @@ WOLFSSL_API int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx);
\sa wolfSSL_UseSessionTicket
\sa wolfSSL_set_SessionTicket
*/
WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL*, unsigned char*, unsigned int*);
WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL*, unsigned char*, word32*);
/*!
\ingroup IO
@@ -10771,7 +10771,7 @@ WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL*, unsigned char*, unsigned int
\sa wolfSSL_set_SessionTicket_cb
*/
WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL*, const unsigned char*, unsigned int);
WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL*, const unsigned char*, word32);
/*!
\brief This function sets the session ticket callback. The type
@@ -11123,8 +11123,8 @@ WOLFSSL_API int wolfSSL_get_session_stats(unsigned int* active,
\sa MakeTlsMasterSecret
*/
WOLFSSL_API
int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, unsigned int msLen,
const unsigned char* pms, unsigned int pmsLen,
int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, word32 msLen,
const unsigned char* pms, word32 pmsLen,
const unsigned char* cr, const unsigned char* sr,
int tls1_2, int hash_type);
@@ -11170,8 +11170,8 @@ int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, unsigned int msLen,
\sa IsAtLeastTLSv1_2
*/
WOLFSSL_API
int wolfSSL_DeriveTlsKeys(unsigned char* key_data, unsigned int keyLen,
const unsigned char* ms, unsigned int msLen,
int wolfSSL_DeriveTlsKeys(unsigned char* key_data, word32 keyLen,
const unsigned char* ms, word32 msLen,
const unsigned char* sr, const unsigned char* cr,
int tls1_2, int hash_type);