feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

sanity checks, remove some magic numbers, TLS read ahead

Browse Source
This commit is contained in:
Jacob Barthelmeh
2016-12-08 19:05:35 -07:00
parent ed5ff77e4f
commit aabe456592
8 changed files with 262 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
examples/client/client.c
View File

@ -1288,6 +1288,13 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
#endif
#if defined(OPENSSL_EXTRA)
if (wolfSSL_CTX_get_read_ahead(ctx) != 0) {
err_sys("bad read ahead default value");
}
/* wolfSSL_CTX_set_read_ahead(ctx, 1); use not recommended */
#endif
ssl = wolfSSL_new(ctx);
if (ssl == NULL)
err_sys("unable to get SSL object");

49
src/internal.c
View File

@ -3332,6 +3332,10 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
#endif
#endif
#ifdef OPENSSL_EXTRA
ssl->readAhead = ctx->readAhead;
#endif
return SSL_SUCCESS;
}
@ -9380,6 +9384,15 @@ static int GetInputData(WOLFSSL *ssl, word32 size)
return MEMORY_E;
}
#ifdef OPENSSL_EXTRA
/* if read ahead then try to read the full buffer size */
if (ssl->readAhead != 0 && ssl->options.usingNonblock) {
if (maxLength > inSz) {
inSz = maxLength;
}
}
#endif /* OPENSSL_EXTRA */
/* Put buffer data at start if not there */
if (usedLength > 0 && ssl->buffers.inputBuffer.idx != 0)
XMEMMOVE(ssl->buffers.inputBuffer.buffer,
@ -9491,7 +9504,7 @@ int ProcessReply(WOLFSSL* ssl)
int ret = 0, type, readSz;
int atomicUser = 0;
word32 startIdx = 0;
#ifdef WOLFSSL_DTLS
#if defined(WOLFSSL_DTLS) || defined(OPENSSL_EXTRA)
int used;
#endif
@ -9522,6 +9535,18 @@ int ProcessReply(WOLFSSL* ssl)
/* get header or return error */
if (!ssl->options.dtls) {
#ifdef OPENSSL_EXTRA
(void)used;
if (ssl->readAhead != 0 && ssl->options.usingNonblock) {
/* read ahead may already have header */
used = ssl->buffers.inputBuffer.length -
ssl->buffers.inputBuffer.idx;
if (used < readSz)
if ((ret = GetInputData(ssl, readSz)) < 0)
return ret;
}
else
#endif /* OPENSSL_EXTRA */
if ((ret = GetInputData(ssl, readSz)) < 0)
return ret;
} else {
@ -9578,6 +9603,17 @@ int ProcessReply(WOLFSSL* ssl)
/* get sz bytes or return error */
if (!ssl->options.dtls) {
#ifdef OPENSSL_EXTRA
if (ssl->readAhead != 0 && ssl->options.usingNonblock) {
/* read ahead may already have */
used = ssl->buffers.inputBuffer.length -
ssl->buffers.inputBuffer.idx;
if (used < ssl->curSize)
if ((ret = GetInputData(ssl, ssl->curSize)) < 0)
return ret;
}
else
#endif /* OPENSSL_EXTRA */
if ((ret = GetInputData(ssl, ssl->curSize)) < 0)
return ret;
} else {
@ -9639,6 +9675,17 @@ int ProcessReply(WOLFSSL* ssl)
/* get sz bytes or return error */
if (!ssl->options.dtls) {
#ifdef OPENSSL_EXTRA
if (ssl->readAhead != 0 && ssl->options.usingNonblock) {
/* read ahead may already have header */
used = ssl->buffers.inputBuffer.length -
ssl->buffers.inputBuffer.idx;
if (used < ssl->curSize)
if ((ret = GetInputData(ssl, ssl->curSize)) < 0)
return ret;
}
else
#endif /* OPENSSL_EXTRA */
if ((ret = GetInputData(ssl, ssl->curSize)) < 0)
return ret;
} else {

297
src/ssl.c
View File

@ -6352,79 +6352,6 @@ int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char* file)
}
#if !defined(NO_WOLFSSL_SERVER)
size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out,
size_t outSz)
{
size_t size;
/* return max size of buffer */
if (outSz == 0) {
return RAN_LEN;
}
if (ssl == NULL || out == NULL) {
return 0;
}
if (ssl->options.saveArrays == 0 || ssl->arrays == NULL) {
WOLFSSL_MSG("Arrays struct not saved after handshake");
return 0;
}
if (outSz > RAN_LEN) {
size = RAN_LEN;
}
else {
size = outSz;
}
XMEMCPY(out, ssl->arrays->serverRandom, size);
return size;
}
#endif /* !defined(NO_WOLFSSL_SERVER) */
#if !defined(NO_WOLFSSL_CLIENT)
/* Return the amount of random bytes copied over or error case.
* ssl : ssl struct after handshake
* out : buffer to hold random bytes
* outSz : either 0 (return max buffer sz) or size of out buffer
*
* NOTE: wolfSSL_KeepArrays(ssl) must be called to retain handshake information.
*/
size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
size_t outSz)
{
size_t size;
/* return max size of buffer */
if (outSz == 0) {
return RAN_LEN;
}
if (ssl == NULL || out == NULL) {
return 0;
}
if (ssl->options.saveArrays == 0 || ssl->arrays == NULL) {
WOLFSSL_MSG("Arrays struct not saved after handshake");
return 0;
}
if (outSz > RAN_LEN) {
size = RAN_LEN;
}
else {
size = outSz;
}
XMEMCPY(out, ssl->arrays->clientRandom, size);
return size;
}
#endif /* !defined(NO_WOLFSSL_CLIENT) */
#ifdef HAVE_ECC
/* Set Temp CTX EC-DHE size in octets, should be 20 - 66 for 160 - 521 bit */
@ -9981,6 +9908,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
}
#ifndef NO_CERTS
void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str)
{
if (ctx == NULL || str == NULL) {
@ -10022,6 +9950,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return ctx->error_depth;
return SSL_FATAL_ERROR;
}
#endif
WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void)
@ -10120,9 +10049,12 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
long wolfSSL_BIO_set_ssl(WOLFSSL_BIO* b, WOLFSSL* ssl, int closeF)
{
WOLFSSL_ENTER("wolfSSL_BIO_set_ssl");
b->ssl = ssl;
b->close = (byte)closeF;
if (b != NULL) {
b->ssl = ssl;
b->close = closeF;
/* add to ssl for bio free if SSL_free called before/instead of free_all? */
}
return 0;
}
@ -10131,8 +10063,11 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int closeF)
{
WOLFSSL_ENTER("wolfSSL_BIO_set_fd");
b->fd = fd;
b->close = (byte)closeF;
if (b != NULL) {
b->fd = fd;
b->close = closeF;
}
return SSL_SUCCESS;
}
@ -10539,6 +10474,79 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#ifdef OPENSSL_EXTRA
#if !defined(NO_WOLFSSL_SERVER)
size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out,
size_t outSz)
{
size_t size;
/* return max size of buffer */
if (outSz == 0) {
return RAN_LEN;
}
if (ssl == NULL || out == NULL) {
return 0;
}
if (ssl->options.saveArrays == 0 || ssl->arrays == NULL) {
WOLFSSL_MSG("Arrays struct not saved after handshake");
return 0;
}
if (outSz > RAN_LEN) {
size = RAN_LEN;
}
else {
size = outSz;
}
XMEMCPY(out, ssl->arrays->serverRandom, size);
return size;
}
#endif /* !defined(NO_WOLFSSL_SERVER) */
#if !defined(NO_WOLFSSL_CLIENT)
/* Return the amount of random bytes copied over or error case.
* ssl : ssl struct after handshake
* out : buffer to hold random bytes
* outSz : either 0 (return max buffer sz) or size of out buffer
*
* NOTE: wolfSSL_KeepArrays(ssl) must be called to retain handshake information.
*/
size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
size_t outSz)
{
size_t size;
/* return max size of buffer */
if (outSz == 0) {
return RAN_LEN;
}
if (ssl == NULL || out == NULL) {
return 0;
}
if (ssl->options.saveArrays == 0 || ssl->arrays == NULL) {
WOLFSSL_MSG("Arrays struct not saved after handshake");
return 0;
}
if (outSz > RAN_LEN) {
size = RAN_LEN;
}
else {
size = outSz;
}
XMEMCPY(out, ssl->arrays->clientRandom, size);
return size;
}
#endif /* !defined(NO_WOLFSSL_CLIENT) */
unsigned long wolfSSLeay(void)
{
return SSLEAY_VERSION_NUMBER;
@ -11100,7 +11108,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_AES_128_CBC);
ctx->cipherType = AES_128_CBC_TYPE;
ctx->keyLen = 16;
ctx->block_size = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11120,7 +11128,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_AES_192_CBC);
ctx->cipherType = AES_192_CBC_TYPE;
ctx->keyLen = 24;
ctx->block_size = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11140,7 +11148,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_AES_256_CBC);
ctx->cipherType = AES_256_CBC_TYPE;
ctx->keyLen = 32;
ctx->block_size = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11161,7 +11169,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_AES_128_CTR);
ctx->cipherType = AES_128_CTR_TYPE;
ctx->keyLen = 16;
ctx->block_size = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11181,7 +11189,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_AES_192_CTR);
ctx->cipherType = AES_192_CTR_TYPE;
ctx->keyLen = 24;
ctx->block_size = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11201,7 +11209,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_AES_256_CTR);
ctx->cipherType = AES_256_CTR_TYPE;
ctx->keyLen = 32;
ctx->block_size = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11222,7 +11230,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_AES_128_ECB);
ctx->cipherType = AES_128_ECB_TYPE;
ctx->keyLen = 16;
ctx->block_size = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11237,7 +11245,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_AES_192_ECB);
ctx->cipherType = AES_192_ECB_TYPE;
ctx->keyLen = 24;
ctx->block_size = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11253,7 +11261,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_AES_256_ECB);
ctx->cipherType = AES_256_ECB_TYPE;
ctx->keyLen = 32;
ctx->block_size = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11271,7 +11279,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_DES_CBC);
ctx->cipherType = DES_CBC_TYPE;
ctx->keyLen = 8;
ctx->block_size = 8;
ctx->block_size = DES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11290,7 +11298,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_DES_ECB);
ctx->cipherType = DES_ECB_TYPE;
ctx->keyLen = 8;
ctx->block_size = 8;
ctx->block_size = DES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11307,7 +11315,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_DES_EDE3_CBC);
ctx->cipherType = DES_EDE3_CBC_TYPE;
ctx->keyLen = 24;
ctx->block_size = 8;
ctx->block_size = DES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -11329,7 +11337,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG(EVP_DES_EDE3_ECB);
ctx->cipherType = DES_EDE3_ECB_TYPE;
ctx->keyLen = 24;
ctx->block_size = 8;
ctx->block_size = DES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
@ -13148,6 +13156,7 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_sk_ASN1_OBJCET_pop(
}
#ifndef NO_ASN
WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void)
{
WOLFSSL_ASN1_OBJECT* obj;
@ -13206,6 +13215,7 @@ void wolfSSL_sk_ASN1_OBJECT_free(STACK_OF(WOLFSSL_ASN1_OBJECT)* sk)
}
XFREE(sk, NULL, DYNAMIC_TYPE_ASN1);
}
#endif /* NO_ASN */
int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id,
@ -14316,15 +14326,6 @@ long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* i)
return 0;
}
/*** TBC ***/
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
WOLFSSL_BIGNUM *bn)
{
(void)ai;
(void)bn;
return 0;
}
void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX* ctx, int idx)
{
@ -14689,6 +14690,7 @@ long wolfSSL_CTX_sess_number(WOLFSSL_CTX* ctx)
}
#ifndef NO_CERTS
long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509)
{
byte* chain;
@ -14746,6 +14748,19 @@ long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509)
}
long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX* ctx, void* arg)
{
if (ctx == NULL || ctx->cm == NULL) {
return SSL_FAILURE;
}
ctx->cm->ocspIOCtx = arg;
return SSL_SUCCESS;
}
#endif /* NO_CERTS */
/*** TBC ***/
WOLFSSL_API long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX* ctx)
{
@ -14753,33 +14768,40 @@ WOLFSSL_API long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX* ctx)
return 0;
}
/*** TBC ***/
WOLFSSL_API long wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX* ctx)
int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX* ctx)
{
(void)ctx;
return 0;
if (ctx == NULL) {
return SSL_FAILURE;
}
return ctx->readAhead;
}
/*** TBC ***/
WOLFSSL_API long wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX* ctx)
int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX* ctx, int v)
{
(void)ctx;
return 0;
if (ctx == NULL) {
return SSL_FAILURE;
}
ctx->readAhead = v;
return SSL_SUCCESS;
}
/*** TBC ***/
WOLFSSL_API long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX* ctx)
long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX* ctx,
void* arg)
{
(void)ctx;
return 0;
if (ctx == NULL) {
return SSL_FAILURE;
}
ctx->userPRFArg = arg;
return SSL_SUCCESS;
}
/*** TBC ***/
WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX* ctx)
{
(void)ctx;
return 0;
}
#ifndef NO_DES3
void wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
@ -15972,7 +15994,7 @@ char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM *bn)
{
(void)bn;
WOLFSSL_MSG("wolfSSL_BN_bn2hex not implemented");
WOLFSSL_MSG("wolfSSL_BN_bn2hex need WOLFSSL_KEY_GEN or HAVE_COMP_KEY");
return (char*)"";
}
@ -16457,8 +16479,10 @@ void wolfSSL_RSA_free(WOLFSSL_RSA* rsa)
#endif /* NO_RSA */
#if (!defined(NO_RSA) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA)) \
|| !defined(NO_DSA) || defined(HAVE_ECC)
/* these defines are to make sure the functions SetIndividualExternal is not
* declared and then not used. */
#if !defined(NO_ASN) || !defined(NO_DSA) || defined(HAVE_ECC) || \
(!defined(NO_RSA) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA))
static int SetIndividualExternal(WOLFSSL_BIGNUM** bn, mp_int* mpi)
{
WOLFSSL_MSG("Entering SetIndividualExternal");
@ -16507,6 +16531,34 @@ static int SetIndividualInternal(WOLFSSL_BIGNUM* bn, mp_int* mpi)
}
#ifndef NO_ASN
WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
WOLFSSL_BIGNUM *bn)
{
mp_int mpi;
word32 idx = 0;
int ret;
WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_to_BN");
if (ai == NULL) {
return NULL;
}
if ((ret = GetInt(&mpi, ai->data, &idx, sizeof(ai->data))) != 0) {
/* expecting ASN1 format for INTEGER */
WOLFSSL_LEAVE("wolfSSL_ASN1_INTEGER_to_BN", ret);
return NULL;
}
if (SetIndividualExternal(&bn, &mpi) != SSL_SUCCESS) {
return NULL;
}
return bn;
}
#endif /* !NO_ASN */
#if !defined(NO_DSA) && !defined(NO_DH)
WOLFSSL_DH *wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *dsa)
{
@ -20153,6 +20205,7 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl)
#ifdef OPENSSL_EXTRA /*Lighttp compatibility*/
#ifndef NO_CERTS
WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x,
pem_password_cb *cb, void *u) {
WOLFSSL_X509* x509 = NULL;
@ -20205,6 +20258,7 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl)
* root CA. */
return wolfSSL_PEM_read_bio_X509(bp, x, cb, u);
}
#endif /* ifndef NO_CERTS */
#if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL)
@ -20397,6 +20451,7 @@ unsigned long wolfSSL_ERR_peek_last_error_line(const char **file, int *line)
}
#ifndef NO_CERTS
int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey)
{
WOLFSSL_ENTER("wolfSSL_CTX_use_PrivateKey");
@ -20409,6 +20464,8 @@ int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey)
(const unsigned char*)pkey->pkey.ptr,
pkey->pkey_sz, PRIVATEKEY_TYPE);
}
#endif /* !NO_CERTS */
void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX* ctx, int idx)
{

15
tests/api.c
View File

@ -2719,22 +2719,28 @@ static void test_wolfSSL_X509_STORE_set_flags(void)
static void test_wolfSSL_BN(void)
{
#if defined(OPENSSL_EXTRA)
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
BIGNUM* a;
BIGNUM* b;
BIGNUM* c;
BIGNUM* d;
ASN1_INTEGER ai;
unsigned char value[1];
printf(testingFmt, "wolfSSL_BN()");
AssertNotNull(a = BN_new());
AssertNotNull(b = BN_new());
AssertNotNull(c = BN_new());
AssertNotNull(d = BN_new());
value[0] = 0x03;
AssertNotNull(BN_bin2bn(value, sizeof(value), a));
/* at the moment hard setting since no set function */
ai.data[0] = 0x02; /* tag for ASN_INTEGER */
ai.data[1] = 0x01; /* length of integer */
ai.data[2] = value[0];
AssertNotNull(a = ASN1_INTEGER_to_BN(&ai, NULL));
value[0] = 0x02;
AssertNotNull(BN_bin2bn(value, sizeof(value), b));
@ -2757,7 +2763,7 @@ static void test_wolfSSL_BN(void)
BN_clear_free(d);
printf(resultFmt, passed);
#endif /* defined(OPENSSL_EXTRA) */
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
}
@ -2882,6 +2888,7 @@ static void test_wolfSSL_BIO(void)
AssertIntEQ((int)bufPt[i], i);
}
AssertIntEQ(BIO_nread(bio1, &bufPt, 1), WOLFSSL_BIO_ERROR);
AssertIntEQ(BIO_ctrl_reset_read_request(bio1), 1);
/* new pair */
AssertIntEQ(BIO_make_bio_pair(bio1, bio3), SSL_FAILURE);

4
wolfcrypt/src/evp.c
View File

@ -484,7 +484,9 @@ WOLFSSL_API unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *ciph
WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
{
ctx->flags = flags;
if (ctx != NULL) {
ctx->flags = flags;
}
}
WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher)

3
wolfssl/internal.h
View File

@ -2013,6 +2013,8 @@ struct WOLFSSL_CTX {
pem_password_cb passwd_cb;
void* userdata;
WOLFSSL_X509_STORE x509_store; /* points to ctx->cm */
byte readAhead;
void* userPRFArg; /* passed to prf callback */
#endif /* OPENSSL_EXTRA */
#ifdef HAVE_STUNNEL
void* ex_data[MAX_EX_DATA];
@ -2765,6 +2767,7 @@ struct WOLFSSL {
WOLFSSL_BIO* biord; /* socket bio read to free/close */
WOLFSSL_BIO* biowr; /* socket bio write to free/close */
unsigned long peerVerifyRet;
byte readAhead;
#ifdef HAVE_PK_CALLBACKS
void* loggingCtx; /* logging callback argument */
#endif

1
wolfssl/openssl/ssl.h
View File

@ -525,6 +525,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define BIO_s_bio wolfSSL_BIO_s_bio
#define BIO_s_socket wolfSSL_BIO_s_socket
#define BIO_set_fd wolfSSL_BIO_set_fd
#define BIO_ctrl_reset_read_request wolfSSL_BIO_ctrl_reset_read_request
#define BIO_set_write_buf_size wolfSSL_BIO_set_write_buf_size
#define BIO_make_bio_pair wolfSSL_BIO_make_bio_pair

16
wolfssl/ssl.h
View File

@ -119,6 +119,13 @@ typedef unsigned char* WOLFSSL_BUF_MEM;
#define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME
struct WOLFSSL_ASN1_INTEGER {
/* size can be increased set at 20 for tag, length then to hold at least 16
* byte type */
unsigned char data[20];
/* ASN_INTEGER | LENGTH | hex of number */
};
typedef char WOLFSSL_EVP_MD;
typedef struct WOLFSSL_EVP_PKEY {
int type; /* openssh dereference */
@ -701,10 +708,11 @@ WOLFSSL_API long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX*, long);
WOLFSSL_API long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX*);
WOLFSSL_API long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX*);
WOLFSSL_API long wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
WOLFSSL_API long wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX*);
WOLFSSL_API long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX*);
WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX*);
WOLFSSL_API int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
WOLFSSL_API int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX*, int v);
WOLFSSL_API long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX*, void* arg);
WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(
WOLFSSL_CTX*, void* arg);
WOLFSSL_API unsigned long wolfSSL_set_options(WOLFSSL *s, unsigned long op);
WOLFSSL_API unsigned long wolfSSL_get_options(const WOLFSSL *s);