From ad6f8e424626b9a658cdf4b01b50e66152dc5132 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Mon, 22 Mar 2021 18:15:12 +0900 Subject: [PATCH] added and modified compatibility layer APIs for Qt v5.15.2 part1 --- src/ssl.c | 130 ++++++++++++++++++++++- tests/api.c | 232 +++++++++++++++++++++++++++++++++++++++++- wolfcrypt/src/evp.c | 13 ++- wolfcrypt/test/test.c | 8 ++ wolfssl/openssl/ec.h | 2 + wolfssl/openssl/evp.h | 4 + wolfssl/openssl/ssl.h | 43 +++++++- wolfssl/ssl.h | 33 ++++++ wolfssl/test.h | 13 +++ 9 files changed, 470 insertions(+), 8 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index cd184ffc7..c5472e5a7 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -16179,8 +16179,11 @@ int wolfSSL_set_compression(WOLFSSL* ssl) return WOLFSSL_SUCCESS; } - +#if defined(WOLFSSL_QT) + WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD* method) +#else WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD* method) +#endif { WOLFSSL_BIO* bio; @@ -16195,7 +16198,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) if (bio) { XMEMSET(bio, 0, sizeof(WOLFSSL_BIO)); bio->type = (byte)method->type; - bio->method = method; + bio->method = (WOLFSSL_BIO_METHOD*)method; bio->shutdown = BIO_CLOSE; /* default to close things */ bio->num = -1; /* Default to invalid socket */ bio->init = 1; @@ -22029,10 +22032,18 @@ const char* wolfSSL_lib_version(void) } #ifdef OPENSSL_EXTRA +#ifdef WOLFSSL_QT +const char* wolfSSL_OpenSSL_version(int a) +{ + (void)a; + return "wolfSSL " LIBWOLFSSL_VERSION_STRING; +} +#else const char* wolfSSL_OpenSSL_version(void) { return "wolfSSL " LIBWOLFSSL_VERSION_STRING; } +#endif /* WOLFSSL_QT */ #endif @@ -23339,7 +23350,19 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b) #ifndef NO_CERTS #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) - +#if defined(WOLFSSL_QT) + const unsigned char* wolfSSL_ASN1_STRING_get0_data( + const WOLFSSL_ASN1_STRING* asn) + { + WOLFSSL_ENTER("wolfSSL_ASN1_STRING_get0_data"); + + if (asn) { + return (const unsigned char*)asn->data; + } else { + return NULL; + } + } +#endif unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn) { WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data"); @@ -36304,12 +36327,28 @@ const char* wolfSSL_EC_curve_nid2nist(int nid) const WOLF_EC_NIST_NAME* nist_name; for (nist_name = kNistCurves; nist_name->name != NULL; nist_name++) { if (nist_name->nid == nid) { - return kNistCurves->name; + return nist_name->name; } } return NULL; } +/** + * return nist curve id + * @param name nist curve name + * @return nist curve id when find, 0 when not find + */ +int wolfSSL_EC_curve_nist2nid(const char* name) +{ + const WOLF_EC_NIST_NAME* nist_name; + for (nist_name = kNistCurves; nist_name->name != NULL; nist_name++) { + if (XSTRCMP(nist_name->name, name) == 0) { + return nist_name->nid; + } + } + return 0; +} + #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) static int populate_groups(int* groups, int max_count, char *list) { @@ -48858,7 +48897,11 @@ int wolfSSL_SSL_do_handshake(WOLFSSL *s) #endif } +#if defined(WOLFSSL_QT) +int wolfSSL_SSL_in_init(const WOLFSSL *ssl) +#else int wolfSSL_SSL_in_init(WOLFSSL *ssl) +#endif { WOLFSSL_ENTER("SSL_in_init"); @@ -55284,6 +55327,85 @@ int wolfSSL_CTX_set_ecdh_auto(WOLFSSL_CTX* ctx, int onoff) (void)onoff; return WOLFSSL_SUCCESS; } + +/** + * set security level(wolfSSL doesn't suppor security level) + * @param ctx a pointer to WOLFSSL_EVP_PKEY_CTX structure + * @param level security level + */ +void wolfSSL_CTX_set_security_level(WOLFSSL_CTX* ctx, int level) +{ + WOLFSSL_ENTER("wolfSSL_CTX_set_security_level"); + (void)ctx; + (void)level; +} +/** + * get security level(wolfSSL doesn't suppor security level) + * @param ctx a pointer to WOLFSSL_EVP_PKEY_CTX structure + * @return always 0(level 0) + */ +int wolfSSL_CTX_get_security_level(const WOLFSSL_CTX* ctx) +{ + WOLFSSL_ENTER("wolfSSL_CTX_get_security_level"); + (void)ctx; + return 0; +} + +#ifndef NO_WOLFSSL_STUB + +/** + * validate the algorithm parameters of the key-pair + * @param ctx a pointer to WOLFSSL_EVP_PKEY_CTX structure + * @return WOLFSSL_FAILURE for now + */ +int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx) +{ + WOLFSSL_STUB("wolfSSL_EVP_PKEY_param_check"); + (void)ctx; + return WOLFSSL_FAILURE; +} + +/** + * get call back function for psk session use + * @param ssl a pointer to WOLFSSL structure + * @return none + */ +void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, + wolfSSL_psk_use_session_cb_func cb) +{ + WOLFSSL_STUB("wolfSSL_set_psk_use_session_callback"); + (void)ssl; + (void)cb; +} +/** + * Determine whether an WOLFSSL_SESSION object can be used for resumption + * @param s a pointer to WOLFSSL_SESSION structure + * @return always 0 cannot + */ +int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s) +{ + WOLFSSL_STUB("wolfSSL_SESSION_is_resumable"); + (void)s; + return 0; +} + +#endif /* NO_WOLFSSL_STUB */ + +#ifdef WOLFSSL_QT +void wolfSSL_CRYPTO_free(void *str, const char *file, int line) +{ + (void)file; + (void)line; + XFREE(str, 0, DYNAMIC_TYPE_TMP_BUFFER); +} + +void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line) +{ + (void)file; + (void)line; + return XMALLOC(num, 0, DYNAMIC_TYPE_TMP_BUFFER); +} +#endif /* WOLFSSL_QT */ #endif /* OPENSSL_EXTRA */ #endif /* !WOLFCRYPT_ONLY */ diff --git a/tests/api.c b/tests/api.c index 6de313719..f26809b58 100644 --- a/tests/api.c +++ b/tests/api.c @@ -32854,6 +32854,14 @@ static void test_wolfSSL_SESSION(void) AssertIntEQ(wolfSSL_read(ssl, msg, sizeof(msg)), 23); sess = wolfSSL_get_session(ssl); + + /* STUB */ + #if defined(OPENSSL_EXTRA) + AssertIntEQ(SSL_SESSION_is_resumable(sess), 0); + #else + AssertIntEQ(wolfSSL_SESSION_is_resumable(sess), 0); + #endif + wolfSSL_shutdown(ssl); wolfSSL_free(ssl); @@ -36681,6 +36689,48 @@ static void test_wolfSSL_EVP_PKEY_assign_DH(void) printf(resultFmt, passed); #endif } + +static void test_wolfSSL_EVP_PKEY_param_check(void) +{ +#if defined(OPENSSL_EXTRA) + EVP_PKEY* pkey; + EVP_PKEY_CTX* ctx; + + printf(testingFmt, "test_wolfSSL_EVP_PKEY_param_check"); + + AssertNotNull(pkey = wolfSSL_EVP_PKEY_new()); + AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); + + /* STUB */ + AssertIntEQ(EVP_PKEY_param_check(ctx), WOLFSSL_FAILURE); + + EVP_PKEY_CTX_free(ctx); + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_QT_EVP_PKEY_CTX_free(void) +{ +#if defined(OPENSSL_EXTRA) + EVP_PKEY* pkey; + EVP_PKEY_CTX* ctx; + + printf(testingFmt, "test_wolfSSL_QT_EVP_PKEY_CTX_free"); + + AssertNotNull(pkey = wolfSSL_EVP_PKEY_new()); + AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); + + #if defined(WOLFSSL_QT) + /* void */ + EVP_PKEY_CTX_free(ctx); + AssertTrue(1); + #else + /* int */ + AssertIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS); + #endif + printf(resultFmt, passed); +#endif +} static void test_wolfSSL_EVP_BytesToKey(void) { #if defined(OPENSSL_ALL) && !defined(NO_DES3) @@ -37062,7 +37112,11 @@ static void test_wolfSSL_X509V3_EXT(void) { AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_key_usage); AssertNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext)); + #if defined(WOLFSSL_QT) + AssertNotNull(data = (unsigned char*)ASN1_STRING_get0_data(asn1str)); + #else AssertNotNull(data = wolfSSL_ASN1_STRING_data(asn1str)); + #endif expected = KEYUSE_KEY_CERT_SIGN | KEYUSE_CRL_SIGN; #ifdef BIG_ENDIAN_ORDER actual = data[1]; @@ -37080,10 +37134,17 @@ static void test_wolfSSL_X509V3_EXT(void) { AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_info_access); AssertNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext)); +#if defined(WOLFSSL_QT) + AssertIntEQ(OPENSSL_sk_num(aia), 1); /* Only one URI entry for this cert */ +#else AssertIntEQ(wolfSSL_sk_num(aia), 1); /* Only one URI entry for this cert */ - +#endif /* URI entry is an ACCESS_DESCRIPTION type */ +#if defined(WOLFSSL_QT) AssertNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)wolfSSL_sk_value(aia, 0)); +#else + AssertNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)OPENSSL_sk_value(aia, 0)); +#endif AssertNotNull(adObj = ad->method); /* Make sure nid is OCSP */ AssertIntEQ(wolfSSL_OBJ_obj2nid(adObj), AIA_OCSP_OID); @@ -37093,7 +37154,11 @@ static void test_wolfSSL_X509V3_EXT(void) { AssertIntEQ(gn->type, GEN_URI); /* Type should always be GEN_URI */ AssertNotNull(asn1str = gn->d.uniformResourceIdentifier); AssertIntEQ(wolfSSL_ASN1_STRING_length(asn1str), 22); + #if defined(WOLFSSL_QT) + str = (char*)ASN1_STRING_get0_data(asn1str); + #else str = (char*)wolfSSL_ASN1_STRING_data(asn1str); + #endif actual = strcmp(str, "http://127.0.0.1:22220"); AssertIntEQ(actual, 0); @@ -42188,6 +42253,163 @@ static void test_wolfSSL_CTX_get_min_proto_version(void) #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */ } +static void test_wolfSSL_security_level() +{ +#if defined(OPENSSL_EXTRA) + printf(testingFmt, "test_wolfSSL_security_level()"); + + SSL_CTX *ctx; + + #ifdef WOLFSSL_TLS13 + #ifdef NO_WOLFSSL_SERVER + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); + #else + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); + #endif + SSL_CTX_set_security_level(ctx, 1); + AssertTrue(1); + + AssertIntEQ(SSL_CTX_get_security_level(ctx), 0); + + SSL_CTX_free(ctx); + #else + (void)ctx; + #endif + + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_SSL_in_init() +{ +#if defined(OPENSSL_ALL) && !defined(NO_BIO) + printf(testingFmt, "test_wolfSSL_SSL_in_init()"); + + SSL_CTX* ctx; + SSL* ssl; + const char* testCertFile; + const char* testKeyFile; + + #ifdef WOLFSSL_TLS13 + #ifdef NO_WOLFSSL_SERVER + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); + #else + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); + #endif +#ifndef NO_RSA + testCertFile = svrCertFile; + testKeyFile = svrKeyFile; +#elif defined(HAVE_ECC) + testCertFile = eccCertFile; + testKeyFile = eccKeyFile; +#endif + if (testCertFile != NULL && testKeyFile != NULL) { + AssertTrue(SSL_CTX_use_certificate_file(ctx, testCertFile, + SSL_FILETYPE_PEM)); + AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile, + SSL_FILETYPE_PEM)); + } + + ssl = SSL_new(ctx); + AssertNotNull(ssl); + AssertIntEQ(SSL_in_init(ssl), 1); + + SSL_CTX_free(ctx); + SSL_free(ssl); + #else + (void)ctx; + (void)ssl; + (void)testCertFile; + (void)testKeyFile; + #endif + + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_EC_curve() +{ +#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) + printf(testingFmt, "test_wolfSSL_EC_curve()"); + int nid = NID_secp160k1; + const char* nid_name; + + AssertNotNull(nid_name = EC_curve_nid2nist(nid)); + AssertIntEQ(XMEMCMP(nid_name, "K-160", XSTRLEN("K-160")), 0); + + AssertIntEQ(EC_curve_nist2nid(nid_name), nid); + + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_OpenSSL_version() +{ +#if defined(OPENSSL_EXTRA) + printf(testingFmt, "test_wolfSSL_OpenSSL_version()"); + const char* ver; + + #if defined(WOLFSSL_QT) + AssertNotNull(ver = OpenSSL_version(0)); + #else + AssertNotNull(ver = OpenSSL_version()); + #endif + AssertIntEQ(XMEMCMP(ver, "wolfSSL " LIBWOLFSSL_VERSION_STRING, + XSTRLEN("wolfSSL " LIBWOLFSSL_VERSION_STRING)), 0); + + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_set_psk_use_session_callback() +{ +#if defined(OPENSSL_EXTRA) && !defined(NO_PSK) + printf(testingFmt, "test_wolfSSL_set_psk_use_session_callback()"); + SSL_CTX* ctx; + SSL* ssl; + const char* testCertFile; + const char* testKeyFile; + + #ifdef WOLFSSL_TLS13 + #ifdef NO_WOLFSSL_SERVER + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); + #else + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); + #endif +#ifndef NO_RSA + testCertFile = svrCertFile; + testKeyFile = svrKeyFile; +#elif defined(HAVE_ECC) + testCertFile = eccCertFile; + testKeyFile = eccKeyFile; +#endif + if (testCertFile != NULL && testKeyFile != NULL) { + AssertTrue(SSL_CTX_use_certificate_file(ctx, testCertFile, + SSL_FILETYPE_PEM)); + AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile, + SSL_FILETYPE_PEM)); + } + + ssl = SSL_new(ctx); + AssertNotNull(ssl); + + /* STUB */ + SSL_set_psk_use_session_callback(ssl, + my_psk_use_session_cb); + AssertTrue(1); + + SSL_CTX_free(ctx); + SSL_free(ssl); + #else + (void)ctx; + (void)ssl; + (void)testCertFile; + (void)testKeyFile; + #endif + printf(resultFmt, passed); +#endif +} + /*----------------------------------------------------------------------------* | Main *----------------------------------------------------------------------------*/ @@ -42522,6 +42744,8 @@ void ApiTest(void) test_wolfSSL_EVP_DigestFinal_ex(); test_wolfSSL_EVP_PKEY_assign_DH(); test_wolfSSL_EVP_BytesToKey(); + test_wolfSSL_EVP_PKEY_param_check(); + test_wolfSSL_QT_EVP_PKEY_CTX_free(); test_IncCtr(); test_wolfSSL_OBJ_ln(); test_wolfSSL_OBJ_sn(); @@ -42632,6 +42856,12 @@ void ApiTest(void) test_wolfSSL_CTX_get_min_proto_version(); + test_wolfSSL_security_level(); + test_wolfSSL_SSL_in_init(); + test_wolfSSL_EC_curve(); + test_wolfSSL_OpenSSL_version(); + test_wolfSSL_set_psk_use_session_callback(); + /*wolfcrypt */ printf("\n-----------------wolfcrypt unit tests------------------\n"); AssertFalse(test_wolfCrypt_Init()); diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 8f3041170..890a6baa9 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -1366,16 +1366,27 @@ int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest) * * return WOLFSSL_SUCCESS on success */ +#ifdef WOLFSSL_QT +void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx) +#else int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx) +#endif { - if (ctx == NULL) return 0; + if (ctx == NULL) +#ifdef WOLFSSL_QT + return; +#else + return 0; +#endif WOLFSSL_ENTER("EVP_PKEY_CTX_free"); if (ctx->pkey != NULL) wolfSSL_EVP_PKEY_free(ctx->pkey); if (ctx->peerKey != NULL) wolfSSL_EVP_PKEY_free(ctx->peerKey); XFREE(ctx, NULL, DYNAMIC_TYPE_PUBLIC_KEY); +#ifndef WOLFSSL_QT return WOLFSSL_SUCCESS; +#endif } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 2d4e74046..5ad7a29ed 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -18013,12 +18013,20 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void) /* test malloc / free , 10 is an arbitrary amount of memory chosen */ { byte* p; +#ifdef WOLFSSL_QT + p = (byte*)CRYPTO_malloc(10, "", 0); +#else p = (byte*)CRYPTO_malloc(10); +#endif if (p == NULL) { return -8600; } XMEMSET(p, 0, 10); +#ifdef WOLFSSL_QT + CRYPTO_free(p, "", 0); +#else CRYPTO_free(p); +#endif } #ifndef NO_MD5 diff --git a/wolfssl/openssl/ec.h b/wolfssl/openssl/ec.h index db407610c..aed85c63a 100644 --- a/wolfssl/openssl/ec.h +++ b/wolfssl/openssl/ec.h @@ -192,6 +192,7 @@ WOLFSSL_BIGNUM *wolfSSL_EC_KEY_get0_private_key(const WOLFSSL_EC_KEY *key); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_by_curve_name(int nid); WOLFSSL_API const char* wolfSSL_EC_curve_nid2nist(int nid); +WOLFSSL_API int wolfSSL_EC_curve_nist2nid(const char* name); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void); WOLFSSL_API @@ -351,6 +352,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, #define EC_get_builtin_curves wolfSSL_EC_get_builtin_curves #define EC_curve_nid2nist wolfSSL_EC_curve_nid2nist +#define EC_curve_nist2nid wolfSSL_EC_curve_nist2nid #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index 118553c88..cee512d2c 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -547,7 +547,11 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY **ppkey); WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey); +#ifdef WOLFSSL_QT +WOLFSSL_API void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); +#else WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); +#endif WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e); WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding); WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e); diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index bdbd9df91..3c1421116 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -137,8 +137,13 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM; #define CONF_get1_default_config_file wolfSSL_CONF_get1_default_config_file typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; +#ifdef WOLFSSL_QT +#define CRYPTO_free wolfSSL_CRYPTO_free +#define CRYPTO_malloc wolfSSL_CRYPTO_malloc +#else #define CRYPTO_free(xp) XFREE(xp, NULL, DYNAMIC_TYPE_TMP_BUFFER) #define CRYPTO_malloc(sz) XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER) +#endif #define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new #define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup #define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free @@ -305,7 +310,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_CTX_set_ciphersuites wolfSSL_CTX_set_cipher_list #define SSL_set_cipher_list wolfSSL_set_cipher_list /* wolfSSL does not support security levels */ -#define SSL_CTX_set_security_level(...) +#define SSL_CTX_set_security_level wolfSSL_CTX_set_security_level +#define SSL_CTX_get_security_level wolfSSL_CTX_get_security_level /* wolfSSL does not support exporting keying material */ #define SSL_export_keying_material wolfSSL_export_keying_material @@ -368,6 +374,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define DSA_dup_DH wolfSSL_DSA_dup_DH /* wolfSSL does not support DSA as the cert public key */ #define EVP_PKEY_get0_DSA wolfSSL_EVP_PKEY_get0_DSA +#define EVP_PKEY_param_check wolfSSL_EVP_PKEY_param_check +#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free #define DSA_bits wolfSSL_DSA_bits #define i2d_X509_bio wolfSSL_i2d_X509_bio @@ -429,8 +437,10 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_REQ_get_pubkey wolfSSL_X509_get_pubkey #define X509_get_notBefore wolfSSL_X509_get_notBefore #define X509_get0_notBefore wolfSSL_X509_get_notBefore +#define X509_getm_notBefore wolfSSL_X509_get_notBefore #define X509_get_notAfter wolfSSL_X509_get_notAfter #define X509_get0_notAfter wolfSSL_X509_get_notAfter +#define X509_getm_notAfter wolfSSL_X509_get_notAfter #define X509_get_serialNumber wolfSSL_X509_get_serialNumber #define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr #define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index @@ -570,6 +580,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new #define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free #define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain +#define X509_STORE_CTX_get0_chain wolfSSL_X509_STORE_CTX_get_chain #define X509_STORE_CTX_get1_chain wolfSSL_X509_STORE_CTX_get1_chain #define X509_STORE_CTX_get0_parent_ctx wolfSSL_X509_STORE_CTX_get0_parent_ctx #define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error @@ -761,7 +772,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define ASN1_STRING_free wolfSSL_ASN1_STRING_free #define ASN1_STRING_cmp wolfSSL_ASN1_STRING_cmp #define ASN1_STRING_data wolfSSL_ASN1_STRING_data +#if defined(WOLFSSL_QT) +#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_get0_data +#else #define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data +#endif #define ASN1_STRING_length wolfSSL_ASN1_STRING_length #define ASN1_STRING_to_UTF8 wolfSSL_ASN1_STRING_to_UTF8 #define ASN1_UNIVERSALSTRING_to_string wolfSSL_ASN1_UNIVERSALSTRING_to_string @@ -928,8 +943,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_num wolfSSL_sk_num #define sk_ASN1_OBJECT_num wolfSSL_sk_num +#define OPENSSL_sk_num wolfSSL_sk_num #define sk_value wolfSSL_sk_value #define sk_ASN1_OBJECT_value wolfSSL_sk_value +#define OPENSSL_sk_value wolfSSL_sk_value #define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio #define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp @@ -1092,6 +1109,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12 #define SSL_CTRL_SET_TMP_DH 3 #define SSL_CTRL_SET_TMP_ECDH 4 +#define SSL_CTRL_SET_SESS_CACHE_MODE 44 #define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 @@ -1100,6 +1118,12 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 +#define SSL_CTRL_SET_GROUPS 91 +#define SSL_CTRL_GET_PEER_TMP_KEY 109 +#define SSL_CTRL_GET_SERVER_TMP_KEY SSL_CTRL_GET_PEER_TMP_KEY +#define SSL_CTRL_SET_MIN_PROTO_VERSION 123 +#define SSL_CTRL_SET_MAX_PROTO_VERSION 124 +#define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS #define SSL_CTRL_EXTRA_CHAIN_CERT 14 #define SSL_CTRL_OPTIONS 32 @@ -1129,6 +1153,16 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define DTLS1_VERSION 0xFEFF #define DTLS1_2_VERSION 0xFEFD +#define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L +#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L + +#define CRYPTO_EX_INDEX_SSL 0 +#define TLS_ANY_VERSION 0x10000 +#define DTLS1_2_VERSION 0xFEFD +#define DTLS_MAX_VERSION DTLS1_2_VERSION + +#define SSL_CONF_FLAG_FILE 0x2 + #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \ || defined(OPENSSL_ALL) #include @@ -1357,13 +1391,18 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_X509_OBJECT_delete wolfSSL_sk_X509_OBJECT_delete #define X509_OBJECT_free wolfSSL_X509_OBJECT_free #define X509_OBJECT_get_type(x) 0 - +#ifdef WOLFSSL_QT +#define OpenSSL_version(x) wolfSSL_OpenSSL_version(x) +#else #define OpenSSL_version(x) wolfSSL_OpenSSL_version() +#endif #ifndef NO_WOLFSSL_STUB #define OBJ_create_objects(...) #endif +#define SSL_set_psk_use_session_callback wolfSSL_set_psk_use_session_callback +#define SSL_SESSION_is_resumable wolfSSL_SESSION_is_resumable #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 6c608cd0d..755c264c4 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1310,7 +1310,11 @@ WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); +#if defined(WOLFSSL_QT) +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD*); +#else WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); +#endif WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*); WOLFSSL_API void wolfSSL_BIO_vfree(WOLFSSL_BIO*); WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*); @@ -1524,6 +1528,10 @@ WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, int dataSz); WOLFSSL_API unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); +#ifdef WOLFSSL_QT +WOLFSSL_API const unsigned char* wolfSSL_ASN1_STRING_get0_data( + const WOLFSSL_ASN1_STRING*); +#endif WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_ASN1_STRING_copy(WOLFSSL_ASN1_STRING* dst, const WOLFSSL_ASN1_STRING* src); @@ -2272,7 +2280,11 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_Cleanup(void); /* which library version do we have */ WOLFSSL_API const char* wolfSSL_lib_version(void); +#ifdef WOLFSSL_QT +WOLFSSL_API const char* wolfSSL_OpenSSL_version(int a); +#else WOLFSSL_API const char* wolfSSL_OpenSSL_version(void); +#endif /* which library version do we have in hex */ WOLFSSL_API word32 wolfSSL_lib_version_hex(void); @@ -4063,7 +4075,11 @@ WOLFSSL_API int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *, WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s); WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s); WOLFSSL_API int wolfSSL_SSL_do_handshake(WOLFSSL *s); +#if defined(WOLFSSL_QT) +WOLFSSL_API int wolfSSL_SSL_in_init(const WOLFSSL*); +#else WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL*); +#endif WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL*); #ifndef NO_SESSION_CACHE @@ -4240,8 +4256,25 @@ WOLFSSL_API int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, const char* key, unsigned int keySz, int format); #endif +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx); +WOLFSSL_API void wolfSSL_CTX_set_security_level(WOLFSSL_CTX* ctx, int level); +WOLFSSL_API int wolfSSL_CTX_get_security_level(const WOLFSSL_CTX* ctx); +typedef int (*wolfSSL_psk_use_session_cb_func)(WOLFSSL* ssl, const WOLFSSL_EVP_MD* md, + const unsigned char **id, + size_t* idlen, + WOLFSSL_SESSION **sess); +WOLFSSL_API void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, + wolfSSL_psk_use_session_cb_func cb); +WOLFSSL_API int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s); + +#ifdef WOLFSSL_QT +WOLFSSL_API void wolfSSL_CRYPTO_free(void *str, const char *file, int line); +WOLFSSL_API void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line); +#endif /* WOLFSSL_QT */ +#endif /* OPENSSL_EXTRA */ #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/test.h b/wolfssl/test.h index 7fba781f1..4a4f815bd 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -1516,6 +1516,19 @@ static WC_INLINE unsigned int my_psk_server_tls13_cb(WOLFSSL* ssl, return 32; /* length of key in octets or 0 for error */ } +static WC_INLINE int my_psk_use_session_cb(WOLFSSL* ssl, + const WOLFSSL_EVP_MD* md, const unsigned char **id, + size_t* idlen, WOLFSSL_SESSION **sess) +{ + (void)ssl; + (void)md; + (void)id; + (void)idlen; + (void)sess; + + return 0; +} + #endif /* !NO_PSK */