diff --git a/src/ssl.c b/src/ssl.c index 7f0d835c7..c7c7c7a76 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -55432,6 +55432,148 @@ void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line) (void)line; return XMALLOC(num, 0, DYNAMIC_TYPE_TMP_BUFFER); } +/** + * Allocate WOLFSSL_CONF_CTX instance + * @return pointer to WOLFSSL_CONF_CTX structure on success and NULL on fail + */ +WOLFSSL_CONF_CTX* wolfSSL_CONF_CTX_new(void) +{ + WOLFSSL_CONF_CTX* cctx; + + WOLFSSL_ENTER("wolfSSL_CONF_CTX_new"); + + cctx = (WOLFSSL_CONF_CTX*)XMALLOC(sizeof(WOLFSSL_CONF_CTX), NULL, + DYNAMIC_TYPE_OPENSSL); + if (!cctx) { + WOLFSSL_MSG("malloc error"); + return NULL; + } + XMEMSET(cctx, 0, sizeof(WOLFSSL_CONF_CTX)); + + return cctx; +} +/** + * Release WOLFSSL_CONF_CTX instance + * @param cctx a pointer to WOLFSSL_CONF_CTX structure to be freed + * @return none + */ +void wolfSSL_CONF_CTX_free(WOLFSSL_CONF_CTX* cctx) +{ + WOLFSSL_ENTER("wolfSSL_CONF_CTX_free"); + + if (cctx) { + XFREE(cctx, NULL, DYNAMIC_TYPE_OPENSSL); + } +} +/** + * Release WOLFSSL_CONF_CTX instance + * @param cctx a pointer to WOLFSSL_CONF_CTX structure to set a pointer + * to WOLFSSL_CTX + * @param ctx a pointer to WOLFSSL_CTX structure to be set + * @return none + */ +void wolfSSL_CONF_CTX_set_ssl_ctx(WOLFSSL_CONF_CTX* cctx, WOLFSSL_CTX *ctx) +{ + WOLFSSL_ENTER("wolfSSL_CONF_CTX_set_ssl_ctx"); + + //sanity check + if (cctx == NULL) { + WOLFSSL_MSG("cctx is null"); + return; + } + + if (ctx != NULL) { + cctx->ctx = ctx; + } else { + cctx->ctx = NULL; + } +} +/** + * set flag value into WOLFSSL_CONF_CTX + * @param cctx a pointer to WOLFSSL_CONF_CTX structure to be set + * @param flags falg value to be OR'sd + * @return OR'd flag value, otherwise 0 + */ +unsigned int wolfSSL_CONF_CTX_set_flags(WOLFSSL_CONF_CTX* cctx, unsigned int flags) +{ + //sanity check + if (cctx == NULL) return 0; + + cctx->flags |= flags; + return cctx->flags; +} +#ifndef NO_WOLFSSL_STUB +/** + * finish configuration command operation + * @param cctx a pointer to WOLFSSL_CONF_CTX structure to be set + * @return WOLFSSL_FAILURE for now + */ +int wolfSSL_CONF_CTX_finish(WOLFSSL_CONF_CTX* cctx) +{ + WOLFSSL_STUB("wolfSSL_CONF_CTX_finish"); + (void)cctx; + return WOLFSSL_FAILURE; +} +/** + * send configuration command + * @param cctx a pointer to WOLFSSL_CONF_CTX structure + * @param cmd configuration command + * @param value arguments for cmd + * @return WOLFSSL_FAILURE for now + */ +int wolfSSL_CONF_cmd(WOLFSSL_CONF_CTX* cctx, const char* cmd, const char* value) +{ + WOLFSSL_STUB("wolfSSL_CONF_cmd"); + (void)cctx; + (void)cmd; + (void)value; + return WOLFSSL_FAILURE; +} + +/** + * returns a new idex or -1 on failure + * @param class index one of CRYPTO_EX_INDEX_xxx + * @param argp parameters to be saved + * @param argl parameters to be saved + * @param new_func a pointer to WOLFSSL_CRYPTO_EX_new + * @param dup_func a pointer to WOLFSSL_CRYPTO_EX_dup + * @param free_func a pointer to WOLFSSL_CRYPTO_EX_free + * @return WOLFSSL_FAILURE for now + */ +#ifdef HAVE_EX_DATA +int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, + WOLFSSL_CRYPTO_EX_new* new_func, + WOLFSSL_CRYPTO_EX_dup* dup_func, + WOLFSSL_CRYPTO_EX_free* free_func) +{ + WOLFSSL_STUB("wolfSSL_CRYPTO_get_ex_new_index"); + (void)class_index; + (void)argl; + (void)argp; + (void)new_func; + (void)dup_func; + (void)free_func; + return WOLFSSL_FAILURE; +} +#endif + +/** + * retrive p, q and g parameter + * @param dh a pointer to WOLFSSL_DH + * @param p a pointer to WOLFSSL_BIGNUM to be obtained dh + * @param q a pointer to WOLFSSL_BIGNUM to be obtained dh + * @param q a pointer to WOLFSSL_BIGNUM to be obtained dh + */ +void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh, const WOLFSSL_BIGNUM **p, + const WOLFSSL_BIGNUM **q, const WOLFSSL_BIGNUM **g) +{ + WOLFSSL_STUB("wolfSSL_DH_get0_pqg"); + (void)dh; + (void)p; + (void)q; + (void)g; +} +#endif /* NO_WOLFSSL_STUB */ #endif /* OPENSSL_EXTRA */ #endif /* !WOLFCRYPT_ONLY */ diff --git a/tests/api.c b/tests/api.c index 8af9d0bb1..4db52e38c 100644 --- a/tests/api.c +++ b/tests/api.c @@ -42427,7 +42427,63 @@ static void test_wolfSSL_OpenSSL_version() #endif AssertIntEQ(XMEMCMP(ver, "wolfSSL " LIBWOLFSSL_VERSION_STRING, XSTRLEN("wolfSSL " LIBWOLFSSL_VERSION_STRING)), 0); + printf(resultFmt, passed); +#endif +} + +static void test_CONF_CTX(void) +{ +#if defined(OPENSSL_ALL) + printf(testingFmt, "test_CONF_CTX"); + SSL_CTX* ctx = NULL; + SSL_CONF_CTX* cctx = NULL; + + AssertNotNull(cctx = SSL_CONF_CTX_new()); + + #ifndef NO_OLD_TLS + #ifdef WOLFSSL_ALLOW_SSLV3 + #ifdef NO_WOLFSSL_SERVER + AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); + #else + AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); + #endif + SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); + AssertTrue(1); + #endif + #endif + + AssertIntEQ(SSL_CONF_CTX_set_flags(cctx, 0x1), 0x1); + + /* STUB */ + #if !defined(NO_WOLFSSL_STUB) + AssertIntEQ(SSL_CONF_cmd(cctx, "TEST", "TEST1"), WOLFSSL_FAILURE); + AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_FAILURE); + #endif + + SSL_CTX_free(ctx); + SSL_CONF_CTX_free(cctx); + + printf(resultFmt, passed); +#endif /* OPENSSL_EXTRA */ +} + +static void test_wolfSSL_CRYPTO_get_ex_new_index(void) +{ +#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB) + printf(testingFmt, "test_wolfSSL_CRYPTO_get_ex_new_index"); + + int class_index = 0; + long argl = 0; + void* argp = NULL; + CRYPTO_EX_new* nfunc = NULL; + CRYPTO_EX_dup* dfunc = NULL; + CRYPTO_EX_free* ffunc = NULL; + + AssertIntEQ(CRYPTO_get_ex_new_index(class_index, + argl, argp, + nfunc, dfunc, ffunc), + WOLFSSL_FAILURE); printf(resultFmt, passed); #endif } @@ -42481,6 +42537,24 @@ static void test_wolfSSL_set_psk_use_session_callback() #endif } +static void test_wolfSSL_DH_get0_pqg(void) +{ +#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB) + printf(testingFmt, "test_wolfSSL_DH_get0_pqg"); + + DH *dh = NULL; + BIGNUM* p; + BIGNUM* q; + BIGNUM* g; + + DH_get0_pqg(dh, (const BIGNUM**)&p, + (const BIGNUM**)&q, + (const BIGNUM**)&g); + AssertTrue(1); + printf(resultFmt, passed); +#endif +} + /*----------------------------------------------------------------------------* | Main *----------------------------------------------------------------------------*/ @@ -42934,6 +43008,10 @@ void ApiTest(void) test_wolfSSL_OpenSSL_version(); test_wolfSSL_set_psk_use_session_callback(); + test_CONF_CTX(); + test_wolfSSL_CRYPTO_get_ex_new_index(); + test_wolfSSL_DH_get0_pqg(); + /*wolfcrypt */ printf("\n-----------------wolfcrypt unit tests------------------\n"); AssertFalse(test_wolfCrypt_Init()); diff --git a/wolfssl/openssl/dh.h b/wolfssl/openssl/dh.h index de21ab7fe..42362d07f 100644 --- a/wolfssl/openssl/dh.h +++ b/wolfssl/openssl/dh.h @@ -69,7 +69,10 @@ WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, WOLFSSL_BIGNUM* pub, WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*); - +WOLFSSL_API void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh, + const WOLFSSL_BIGNUM **p, const WOLFSSL_BIGNUM **q, + const WOLFSSL_BIGNUM **g); + #define DH_new wolfSSL_DH_new #define DH_free wolfSSL_DH_free @@ -83,6 +86,7 @@ WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*, #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L #define DH_set0_pqg wolfSSL_DH_set0_pqg #endif +#define DH_get0_pqg wolfSSL_DH_get0_pqg #define DH_bits(x) (BN_num_bits(x->p)) #define DH_GENERATOR_2 2 diff --git a/wolfssl/openssl/opensslv.h b/wolfssl/openssl/opensslv.h index 017f41778..fb1514f2c 100644 --- a/wolfssl/openssl/opensslv.h +++ b/wolfssl/openssl/opensslv.h @@ -28,7 +28,8 @@ /* api version compatibility */ #if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x0090810fL) ||\ defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10100000L) ||\ - defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10001040L) + defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10001040L) ||\ + defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10101000L) /* valid version */ #elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST) /* For Apache httpd, Use 1.1.0 compatibility */ diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index eedb0440d..3a485e0e9 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -164,6 +164,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define set_ex_data wolfSSL_CRYPTO_set_ex_data #define get_ex_data wolfSSL_CRYPTO_get_ex_data #define CRYPTO_memcmp wolfSSL_CRYPTO_memcmp +#define CRYPTO_get_ex_new_index wolfSSL_CRYPTO_get_ex_new_index /* this function was used to set the default malloc, free, and realloc */ #define CRYPTO_malloc_init() 0 /* CRYPTO_malloc_init is not needed */ @@ -1394,6 +1395,15 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_set_psk_use_session_callback wolfSSL_set_psk_use_session_callback #define SSL_SESSION_is_resumable wolfSSL_SESSION_is_resumable +typedef WOLFSSL_CONF_CTX SSL_CONF_CTX; + +#define SSL_CONF_CTX_new wolfSSL_CONF_CTX_new +#define SSL_CONF_CTX_free wolfSSL_CONF_CTX_free +#define SSL_CONF_CTX_set_ssl_ctx wolfSSL_CONF_CTX_set_ssl_ctx +#define SSL_CONF_CTX_set_flags wolfSSL_CONF_CTX_set_flags +#define SSL_CONF_CTX_finish wolfSSL_CONF_CTX_finish +#define SSL_CONF_cmd wolfSSL_CONF_cmd + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index ff31dd662..bf0fe1201 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -212,6 +212,8 @@ typedef struct WOLFSSL_AUTHORITY_KEYID WOLFSSL_AUTHORITY_KEYID; typedef struct WOLFSSL_BASIC_CONSTRAINTS WOLFSSL_BASIC_CONSTRAINTS; typedef struct WOLFSSL_ACCESS_DESCRIPTION WOLFSSL_ACCESS_DESCRIPTION; +typedef struct WOLFSSL_CONF_CTX WOLFSSL_CONF_CTX; + #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) struct WOLFSSL_AUTHORITY_KEYID { @@ -3682,6 +3684,12 @@ struct WOLFSSL_ASN1_BIT_STRING { long flags; }; +struct WOLFSSL_CONF_CTX { + unsigned int flags; + WOLFSSL_CTX* ctx; + WOLFSSL* ssl; +}; + WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc); #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ @@ -4271,6 +4279,18 @@ WOLFSSL_API int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s); WOLFSSL_API void wolfSSL_CRYPTO_free(void *str, const char *file, int line); WOLFSSL_API void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line); +WOLFSSL_API WOLFSSL_CONF_CTX* wolfSSL_CONF_CTX_new(void); +WOLFSSL_API void wolfSSL_CONF_CTX_free(WOLFSSL_CONF_CTX* cctx); +WOLFSSL_API void wolfSSL_CONF_CTX_set_ssl_ctx(WOLFSSL_CONF_CTX* cctx, WOLFSSL_CTX *ctx); +WOLFSSL_API unsigned int wolfSSL_CONF_CTX_set_flags(WOLFSSL_CONF_CTX* cctx, unsigned int flags); +WOLFSSL_API int wolfSSL_CONF_CTX_finish(WOLFSSL_CONF_CTX* cctx); +WOLFSSL_API int wolfSSL_CONF_cmd(WOLFSSL_CONF_CTX* cctx, const char* cmd, const char* value); +#ifdef HAVE_EX_DATA +WOLFSSL_API int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, + WOLFSSL_CRYPTO_EX_new* new_func, + WOLFSSL_CRYPTO_EX_dup* dup_func, + WOLFSSL_CRYPTO_EX_free* free_func); +#endif #endif /* OPENSSL_EXTRA */ #ifdef __cplusplus } /* extern "C" */