From ad6f8e424626b9a658cdf4b01b50e66152dc5132 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Mon, 22 Mar 2021 18:15:12 +0900 Subject: [PATCH 1/5] added and modified compatibility layer APIs for Qt v5.15.2 part1 --- src/ssl.c | 130 ++++++++++++++++++++++- tests/api.c | 232 +++++++++++++++++++++++++++++++++++++++++- wolfcrypt/src/evp.c | 13 ++- wolfcrypt/test/test.c | 8 ++ wolfssl/openssl/ec.h | 2 + wolfssl/openssl/evp.h | 4 + wolfssl/openssl/ssl.h | 43 +++++++- wolfssl/ssl.h | 33 ++++++ wolfssl/test.h | 13 +++ 9 files changed, 470 insertions(+), 8 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index cd184ffc7..c5472e5a7 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -16179,8 +16179,11 @@ int wolfSSL_set_compression(WOLFSSL* ssl) return WOLFSSL_SUCCESS; } - +#if defined(WOLFSSL_QT) + WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD* method) +#else WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD* method) +#endif { WOLFSSL_BIO* bio; @@ -16195,7 +16198,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) if (bio) { XMEMSET(bio, 0, sizeof(WOLFSSL_BIO)); bio->type = (byte)method->type; - bio->method = method; + bio->method = (WOLFSSL_BIO_METHOD*)method; bio->shutdown = BIO_CLOSE; /* default to close things */ bio->num = -1; /* Default to invalid socket */ bio->init = 1; @@ -22029,10 +22032,18 @@ const char* wolfSSL_lib_version(void) } #ifdef OPENSSL_EXTRA +#ifdef WOLFSSL_QT +const char* wolfSSL_OpenSSL_version(int a) +{ + (void)a; + return "wolfSSL " LIBWOLFSSL_VERSION_STRING; +} +#else const char* wolfSSL_OpenSSL_version(void) { return "wolfSSL " LIBWOLFSSL_VERSION_STRING; } +#endif /* WOLFSSL_QT */ #endif @@ -23339,7 +23350,19 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b) #ifndef NO_CERTS #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) - +#if defined(WOLFSSL_QT) + const unsigned char* wolfSSL_ASN1_STRING_get0_data( + const WOLFSSL_ASN1_STRING* asn) + { + WOLFSSL_ENTER("wolfSSL_ASN1_STRING_get0_data"); + + if (asn) { + return (const unsigned char*)asn->data; + } else { + return NULL; + } + } +#endif unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn) { WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data"); @@ -36304,12 +36327,28 @@ const char* wolfSSL_EC_curve_nid2nist(int nid) const WOLF_EC_NIST_NAME* nist_name; for (nist_name = kNistCurves; nist_name->name != NULL; nist_name++) { if (nist_name->nid == nid) { - return kNistCurves->name; + return nist_name->name; } } return NULL; } +/** + * return nist curve id + * @param name nist curve name + * @return nist curve id when find, 0 when not find + */ +int wolfSSL_EC_curve_nist2nid(const char* name) +{ + const WOLF_EC_NIST_NAME* nist_name; + for (nist_name = kNistCurves; nist_name->name != NULL; nist_name++) { + if (XSTRCMP(nist_name->name, name) == 0) { + return nist_name->nid; + } + } + return 0; +} + #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) static int populate_groups(int* groups, int max_count, char *list) { @@ -48858,7 +48897,11 @@ int wolfSSL_SSL_do_handshake(WOLFSSL *s) #endif } +#if defined(WOLFSSL_QT) +int wolfSSL_SSL_in_init(const WOLFSSL *ssl) +#else int wolfSSL_SSL_in_init(WOLFSSL *ssl) +#endif { WOLFSSL_ENTER("SSL_in_init"); @@ -55284,6 +55327,85 @@ int wolfSSL_CTX_set_ecdh_auto(WOLFSSL_CTX* ctx, int onoff) (void)onoff; return WOLFSSL_SUCCESS; } + +/** + * set security level(wolfSSL doesn't suppor security level) + * @param ctx a pointer to WOLFSSL_EVP_PKEY_CTX structure + * @param level security level + */ +void wolfSSL_CTX_set_security_level(WOLFSSL_CTX* ctx, int level) +{ + WOLFSSL_ENTER("wolfSSL_CTX_set_security_level"); + (void)ctx; + (void)level; +} +/** + * get security level(wolfSSL doesn't suppor security level) + * @param ctx a pointer to WOLFSSL_EVP_PKEY_CTX structure + * @return always 0(level 0) + */ +int wolfSSL_CTX_get_security_level(const WOLFSSL_CTX* ctx) +{ + WOLFSSL_ENTER("wolfSSL_CTX_get_security_level"); + (void)ctx; + return 0; +} + +#ifndef NO_WOLFSSL_STUB + +/** + * validate the algorithm parameters of the key-pair + * @param ctx a pointer to WOLFSSL_EVP_PKEY_CTX structure + * @return WOLFSSL_FAILURE for now + */ +int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx) +{ + WOLFSSL_STUB("wolfSSL_EVP_PKEY_param_check"); + (void)ctx; + return WOLFSSL_FAILURE; +} + +/** + * get call back function for psk session use + * @param ssl a pointer to WOLFSSL structure + * @return none + */ +void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, + wolfSSL_psk_use_session_cb_func cb) +{ + WOLFSSL_STUB("wolfSSL_set_psk_use_session_callback"); + (void)ssl; + (void)cb; +} +/** + * Determine whether an WOLFSSL_SESSION object can be used for resumption + * @param s a pointer to WOLFSSL_SESSION structure + * @return always 0 cannot + */ +int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s) +{ + WOLFSSL_STUB("wolfSSL_SESSION_is_resumable"); + (void)s; + return 0; +} + +#endif /* NO_WOLFSSL_STUB */ + +#ifdef WOLFSSL_QT +void wolfSSL_CRYPTO_free(void *str, const char *file, int line) +{ + (void)file; + (void)line; + XFREE(str, 0, DYNAMIC_TYPE_TMP_BUFFER); +} + +void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line) +{ + (void)file; + (void)line; + return XMALLOC(num, 0, DYNAMIC_TYPE_TMP_BUFFER); +} +#endif /* WOLFSSL_QT */ #endif /* OPENSSL_EXTRA */ #endif /* !WOLFCRYPT_ONLY */ diff --git a/tests/api.c b/tests/api.c index 6de313719..f26809b58 100644 --- a/tests/api.c +++ b/tests/api.c @@ -32854,6 +32854,14 @@ static void test_wolfSSL_SESSION(void) AssertIntEQ(wolfSSL_read(ssl, msg, sizeof(msg)), 23); sess = wolfSSL_get_session(ssl); + + /* STUB */ + #if defined(OPENSSL_EXTRA) + AssertIntEQ(SSL_SESSION_is_resumable(sess), 0); + #else + AssertIntEQ(wolfSSL_SESSION_is_resumable(sess), 0); + #endif + wolfSSL_shutdown(ssl); wolfSSL_free(ssl); @@ -36681,6 +36689,48 @@ static void test_wolfSSL_EVP_PKEY_assign_DH(void) printf(resultFmt, passed); #endif } + +static void test_wolfSSL_EVP_PKEY_param_check(void) +{ +#if defined(OPENSSL_EXTRA) + EVP_PKEY* pkey; + EVP_PKEY_CTX* ctx; + + printf(testingFmt, "test_wolfSSL_EVP_PKEY_param_check"); + + AssertNotNull(pkey = wolfSSL_EVP_PKEY_new()); + AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); + + /* STUB */ + AssertIntEQ(EVP_PKEY_param_check(ctx), WOLFSSL_FAILURE); + + EVP_PKEY_CTX_free(ctx); + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_QT_EVP_PKEY_CTX_free(void) +{ +#if defined(OPENSSL_EXTRA) + EVP_PKEY* pkey; + EVP_PKEY_CTX* ctx; + + printf(testingFmt, "test_wolfSSL_QT_EVP_PKEY_CTX_free"); + + AssertNotNull(pkey = wolfSSL_EVP_PKEY_new()); + AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); + + #if defined(WOLFSSL_QT) + /* void */ + EVP_PKEY_CTX_free(ctx); + AssertTrue(1); + #else + /* int */ + AssertIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS); + #endif + printf(resultFmt, passed); +#endif +} static void test_wolfSSL_EVP_BytesToKey(void) { #if defined(OPENSSL_ALL) && !defined(NO_DES3) @@ -37062,7 +37112,11 @@ static void test_wolfSSL_X509V3_EXT(void) { AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_key_usage); AssertNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext)); + #if defined(WOLFSSL_QT) + AssertNotNull(data = (unsigned char*)ASN1_STRING_get0_data(asn1str)); + #else AssertNotNull(data = wolfSSL_ASN1_STRING_data(asn1str)); + #endif expected = KEYUSE_KEY_CERT_SIGN | KEYUSE_CRL_SIGN; #ifdef BIG_ENDIAN_ORDER actual = data[1]; @@ -37080,10 +37134,17 @@ static void test_wolfSSL_X509V3_EXT(void) { AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_info_access); AssertNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext)); +#if defined(WOLFSSL_QT) + AssertIntEQ(OPENSSL_sk_num(aia), 1); /* Only one URI entry for this cert */ +#else AssertIntEQ(wolfSSL_sk_num(aia), 1); /* Only one URI entry for this cert */ - +#endif /* URI entry is an ACCESS_DESCRIPTION type */ +#if defined(WOLFSSL_QT) AssertNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)wolfSSL_sk_value(aia, 0)); +#else + AssertNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)OPENSSL_sk_value(aia, 0)); +#endif AssertNotNull(adObj = ad->method); /* Make sure nid is OCSP */ AssertIntEQ(wolfSSL_OBJ_obj2nid(adObj), AIA_OCSP_OID); @@ -37093,7 +37154,11 @@ static void test_wolfSSL_X509V3_EXT(void) { AssertIntEQ(gn->type, GEN_URI); /* Type should always be GEN_URI */ AssertNotNull(asn1str = gn->d.uniformResourceIdentifier); AssertIntEQ(wolfSSL_ASN1_STRING_length(asn1str), 22); + #if defined(WOLFSSL_QT) + str = (char*)ASN1_STRING_get0_data(asn1str); + #else str = (char*)wolfSSL_ASN1_STRING_data(asn1str); + #endif actual = strcmp(str, "http://127.0.0.1:22220"); AssertIntEQ(actual, 0); @@ -42188,6 +42253,163 @@ static void test_wolfSSL_CTX_get_min_proto_version(void) #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */ } +static void test_wolfSSL_security_level() +{ +#if defined(OPENSSL_EXTRA) + printf(testingFmt, "test_wolfSSL_security_level()"); + + SSL_CTX *ctx; + + #ifdef WOLFSSL_TLS13 + #ifdef NO_WOLFSSL_SERVER + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); + #else + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); + #endif + SSL_CTX_set_security_level(ctx, 1); + AssertTrue(1); + + AssertIntEQ(SSL_CTX_get_security_level(ctx), 0); + + SSL_CTX_free(ctx); + #else + (void)ctx; + #endif + + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_SSL_in_init() +{ +#if defined(OPENSSL_ALL) && !defined(NO_BIO) + printf(testingFmt, "test_wolfSSL_SSL_in_init()"); + + SSL_CTX* ctx; + SSL* ssl; + const char* testCertFile; + const char* testKeyFile; + + #ifdef WOLFSSL_TLS13 + #ifdef NO_WOLFSSL_SERVER + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); + #else + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); + #endif +#ifndef NO_RSA + testCertFile = svrCertFile; + testKeyFile = svrKeyFile; +#elif defined(HAVE_ECC) + testCertFile = eccCertFile; + testKeyFile = eccKeyFile; +#endif + if (testCertFile != NULL && testKeyFile != NULL) { + AssertTrue(SSL_CTX_use_certificate_file(ctx, testCertFile, + SSL_FILETYPE_PEM)); + AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile, + SSL_FILETYPE_PEM)); + } + + ssl = SSL_new(ctx); + AssertNotNull(ssl); + AssertIntEQ(SSL_in_init(ssl), 1); + + SSL_CTX_free(ctx); + SSL_free(ssl); + #else + (void)ctx; + (void)ssl; + (void)testCertFile; + (void)testKeyFile; + #endif + + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_EC_curve() +{ +#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) + printf(testingFmt, "test_wolfSSL_EC_curve()"); + int nid = NID_secp160k1; + const char* nid_name; + + AssertNotNull(nid_name = EC_curve_nid2nist(nid)); + AssertIntEQ(XMEMCMP(nid_name, "K-160", XSTRLEN("K-160")), 0); + + AssertIntEQ(EC_curve_nist2nid(nid_name), nid); + + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_OpenSSL_version() +{ +#if defined(OPENSSL_EXTRA) + printf(testingFmt, "test_wolfSSL_OpenSSL_version()"); + const char* ver; + + #if defined(WOLFSSL_QT) + AssertNotNull(ver = OpenSSL_version(0)); + #else + AssertNotNull(ver = OpenSSL_version()); + #endif + AssertIntEQ(XMEMCMP(ver, "wolfSSL " LIBWOLFSSL_VERSION_STRING, + XSTRLEN("wolfSSL " LIBWOLFSSL_VERSION_STRING)), 0); + + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_set_psk_use_session_callback() +{ +#if defined(OPENSSL_EXTRA) && !defined(NO_PSK) + printf(testingFmt, "test_wolfSSL_set_psk_use_session_callback()"); + SSL_CTX* ctx; + SSL* ssl; + const char* testCertFile; + const char* testKeyFile; + + #ifdef WOLFSSL_TLS13 + #ifdef NO_WOLFSSL_SERVER + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); + #else + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); + #endif +#ifndef NO_RSA + testCertFile = svrCertFile; + testKeyFile = svrKeyFile; +#elif defined(HAVE_ECC) + testCertFile = eccCertFile; + testKeyFile = eccKeyFile; +#endif + if (testCertFile != NULL && testKeyFile != NULL) { + AssertTrue(SSL_CTX_use_certificate_file(ctx, testCertFile, + SSL_FILETYPE_PEM)); + AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile, + SSL_FILETYPE_PEM)); + } + + ssl = SSL_new(ctx); + AssertNotNull(ssl); + + /* STUB */ + SSL_set_psk_use_session_callback(ssl, + my_psk_use_session_cb); + AssertTrue(1); + + SSL_CTX_free(ctx); + SSL_free(ssl); + #else + (void)ctx; + (void)ssl; + (void)testCertFile; + (void)testKeyFile; + #endif + printf(resultFmt, passed); +#endif +} + /*----------------------------------------------------------------------------* | Main *----------------------------------------------------------------------------*/ @@ -42522,6 +42744,8 @@ void ApiTest(void) test_wolfSSL_EVP_DigestFinal_ex(); test_wolfSSL_EVP_PKEY_assign_DH(); test_wolfSSL_EVP_BytesToKey(); + test_wolfSSL_EVP_PKEY_param_check(); + test_wolfSSL_QT_EVP_PKEY_CTX_free(); test_IncCtr(); test_wolfSSL_OBJ_ln(); test_wolfSSL_OBJ_sn(); @@ -42632,6 +42856,12 @@ void ApiTest(void) test_wolfSSL_CTX_get_min_proto_version(); + test_wolfSSL_security_level(); + test_wolfSSL_SSL_in_init(); + test_wolfSSL_EC_curve(); + test_wolfSSL_OpenSSL_version(); + test_wolfSSL_set_psk_use_session_callback(); + /*wolfcrypt */ printf("\n-----------------wolfcrypt unit tests------------------\n"); AssertFalse(test_wolfCrypt_Init()); diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 8f3041170..890a6baa9 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -1366,16 +1366,27 @@ int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest) * * return WOLFSSL_SUCCESS on success */ +#ifdef WOLFSSL_QT +void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx) +#else int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx) +#endif { - if (ctx == NULL) return 0; + if (ctx == NULL) +#ifdef WOLFSSL_QT + return; +#else + return 0; +#endif WOLFSSL_ENTER("EVP_PKEY_CTX_free"); if (ctx->pkey != NULL) wolfSSL_EVP_PKEY_free(ctx->pkey); if (ctx->peerKey != NULL) wolfSSL_EVP_PKEY_free(ctx->peerKey); XFREE(ctx, NULL, DYNAMIC_TYPE_PUBLIC_KEY); +#ifndef WOLFSSL_QT return WOLFSSL_SUCCESS; +#endif } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 2d4e74046..5ad7a29ed 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -18013,12 +18013,20 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void) /* test malloc / free , 10 is an arbitrary amount of memory chosen */ { byte* p; +#ifdef WOLFSSL_QT + p = (byte*)CRYPTO_malloc(10, "", 0); +#else p = (byte*)CRYPTO_malloc(10); +#endif if (p == NULL) { return -8600; } XMEMSET(p, 0, 10); +#ifdef WOLFSSL_QT + CRYPTO_free(p, "", 0); +#else CRYPTO_free(p); +#endif } #ifndef NO_MD5 diff --git a/wolfssl/openssl/ec.h b/wolfssl/openssl/ec.h index db407610c..aed85c63a 100644 --- a/wolfssl/openssl/ec.h +++ b/wolfssl/openssl/ec.h @@ -192,6 +192,7 @@ WOLFSSL_BIGNUM *wolfSSL_EC_KEY_get0_private_key(const WOLFSSL_EC_KEY *key); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_by_curve_name(int nid); WOLFSSL_API const char* wolfSSL_EC_curve_nid2nist(int nid); +WOLFSSL_API int wolfSSL_EC_curve_nist2nid(const char* name); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void); WOLFSSL_API @@ -351,6 +352,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, #define EC_get_builtin_curves wolfSSL_EC_get_builtin_curves #define EC_curve_nid2nist wolfSSL_EC_curve_nid2nist +#define EC_curve_nist2nid wolfSSL_EC_curve_nist2nid #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index 118553c88..cee512d2c 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -547,7 +547,11 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY **ppkey); WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey); +#ifdef WOLFSSL_QT +WOLFSSL_API void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); +#else WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); +#endif WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e); WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding); WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e); diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index bdbd9df91..3c1421116 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -137,8 +137,13 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM; #define CONF_get1_default_config_file wolfSSL_CONF_get1_default_config_file typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; +#ifdef WOLFSSL_QT +#define CRYPTO_free wolfSSL_CRYPTO_free +#define CRYPTO_malloc wolfSSL_CRYPTO_malloc +#else #define CRYPTO_free(xp) XFREE(xp, NULL, DYNAMIC_TYPE_TMP_BUFFER) #define CRYPTO_malloc(sz) XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER) +#endif #define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new #define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup #define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free @@ -305,7 +310,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_CTX_set_ciphersuites wolfSSL_CTX_set_cipher_list #define SSL_set_cipher_list wolfSSL_set_cipher_list /* wolfSSL does not support security levels */ -#define SSL_CTX_set_security_level(...) +#define SSL_CTX_set_security_level wolfSSL_CTX_set_security_level +#define SSL_CTX_get_security_level wolfSSL_CTX_get_security_level /* wolfSSL does not support exporting keying material */ #define SSL_export_keying_material wolfSSL_export_keying_material @@ -368,6 +374,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define DSA_dup_DH wolfSSL_DSA_dup_DH /* wolfSSL does not support DSA as the cert public key */ #define EVP_PKEY_get0_DSA wolfSSL_EVP_PKEY_get0_DSA +#define EVP_PKEY_param_check wolfSSL_EVP_PKEY_param_check +#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free #define DSA_bits wolfSSL_DSA_bits #define i2d_X509_bio wolfSSL_i2d_X509_bio @@ -429,8 +437,10 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_REQ_get_pubkey wolfSSL_X509_get_pubkey #define X509_get_notBefore wolfSSL_X509_get_notBefore #define X509_get0_notBefore wolfSSL_X509_get_notBefore +#define X509_getm_notBefore wolfSSL_X509_get_notBefore #define X509_get_notAfter wolfSSL_X509_get_notAfter #define X509_get0_notAfter wolfSSL_X509_get_notAfter +#define X509_getm_notAfter wolfSSL_X509_get_notAfter #define X509_get_serialNumber wolfSSL_X509_get_serialNumber #define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr #define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index @@ -570,6 +580,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new #define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free #define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain +#define X509_STORE_CTX_get0_chain wolfSSL_X509_STORE_CTX_get_chain #define X509_STORE_CTX_get1_chain wolfSSL_X509_STORE_CTX_get1_chain #define X509_STORE_CTX_get0_parent_ctx wolfSSL_X509_STORE_CTX_get0_parent_ctx #define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error @@ -761,7 +772,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define ASN1_STRING_free wolfSSL_ASN1_STRING_free #define ASN1_STRING_cmp wolfSSL_ASN1_STRING_cmp #define ASN1_STRING_data wolfSSL_ASN1_STRING_data +#if defined(WOLFSSL_QT) +#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_get0_data +#else #define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data +#endif #define ASN1_STRING_length wolfSSL_ASN1_STRING_length #define ASN1_STRING_to_UTF8 wolfSSL_ASN1_STRING_to_UTF8 #define ASN1_UNIVERSALSTRING_to_string wolfSSL_ASN1_UNIVERSALSTRING_to_string @@ -928,8 +943,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_num wolfSSL_sk_num #define sk_ASN1_OBJECT_num wolfSSL_sk_num +#define OPENSSL_sk_num wolfSSL_sk_num #define sk_value wolfSSL_sk_value #define sk_ASN1_OBJECT_value wolfSSL_sk_value +#define OPENSSL_sk_value wolfSSL_sk_value #define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio #define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp @@ -1092,6 +1109,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12 #define SSL_CTRL_SET_TMP_DH 3 #define SSL_CTRL_SET_TMP_ECDH 4 +#define SSL_CTRL_SET_SESS_CACHE_MODE 44 #define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 @@ -1100,6 +1118,12 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 +#define SSL_CTRL_SET_GROUPS 91 +#define SSL_CTRL_GET_PEER_TMP_KEY 109 +#define SSL_CTRL_GET_SERVER_TMP_KEY SSL_CTRL_GET_PEER_TMP_KEY +#define SSL_CTRL_SET_MIN_PROTO_VERSION 123 +#define SSL_CTRL_SET_MAX_PROTO_VERSION 124 +#define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS #define SSL_CTRL_EXTRA_CHAIN_CERT 14 #define SSL_CTRL_OPTIONS 32 @@ -1129,6 +1153,16 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define DTLS1_VERSION 0xFEFF #define DTLS1_2_VERSION 0xFEFD +#define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L +#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L + +#define CRYPTO_EX_INDEX_SSL 0 +#define TLS_ANY_VERSION 0x10000 +#define DTLS1_2_VERSION 0xFEFD +#define DTLS_MAX_VERSION DTLS1_2_VERSION + +#define SSL_CONF_FLAG_FILE 0x2 + #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \ || defined(OPENSSL_ALL) #include @@ -1357,13 +1391,18 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_X509_OBJECT_delete wolfSSL_sk_X509_OBJECT_delete #define X509_OBJECT_free wolfSSL_X509_OBJECT_free #define X509_OBJECT_get_type(x) 0 - +#ifdef WOLFSSL_QT +#define OpenSSL_version(x) wolfSSL_OpenSSL_version(x) +#else #define OpenSSL_version(x) wolfSSL_OpenSSL_version() +#endif #ifndef NO_WOLFSSL_STUB #define OBJ_create_objects(...) #endif +#define SSL_set_psk_use_session_callback wolfSSL_set_psk_use_session_callback +#define SSL_SESSION_is_resumable wolfSSL_SESSION_is_resumable #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 6c608cd0d..755c264c4 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1310,7 +1310,11 @@ WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); +#if defined(WOLFSSL_QT) +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD*); +#else WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); +#endif WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*); WOLFSSL_API void wolfSSL_BIO_vfree(WOLFSSL_BIO*); WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*); @@ -1524,6 +1528,10 @@ WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, int dataSz); WOLFSSL_API unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); +#ifdef WOLFSSL_QT +WOLFSSL_API const unsigned char* wolfSSL_ASN1_STRING_get0_data( + const WOLFSSL_ASN1_STRING*); +#endif WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_ASN1_STRING_copy(WOLFSSL_ASN1_STRING* dst, const WOLFSSL_ASN1_STRING* src); @@ -2272,7 +2280,11 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_Cleanup(void); /* which library version do we have */ WOLFSSL_API const char* wolfSSL_lib_version(void); +#ifdef WOLFSSL_QT +WOLFSSL_API const char* wolfSSL_OpenSSL_version(int a); +#else WOLFSSL_API const char* wolfSSL_OpenSSL_version(void); +#endif /* which library version do we have in hex */ WOLFSSL_API word32 wolfSSL_lib_version_hex(void); @@ -4063,7 +4075,11 @@ WOLFSSL_API int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *, WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s); WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s); WOLFSSL_API int wolfSSL_SSL_do_handshake(WOLFSSL *s); +#if defined(WOLFSSL_QT) +WOLFSSL_API int wolfSSL_SSL_in_init(const WOLFSSL*); +#else WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL*); +#endif WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL*); #ifndef NO_SESSION_CACHE @@ -4240,8 +4256,25 @@ WOLFSSL_API int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, const char* key, unsigned int keySz, int format); #endif +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx); +WOLFSSL_API void wolfSSL_CTX_set_security_level(WOLFSSL_CTX* ctx, int level); +WOLFSSL_API int wolfSSL_CTX_get_security_level(const WOLFSSL_CTX* ctx); +typedef int (*wolfSSL_psk_use_session_cb_func)(WOLFSSL* ssl, const WOLFSSL_EVP_MD* md, + const unsigned char **id, + size_t* idlen, + WOLFSSL_SESSION **sess); +WOLFSSL_API void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, + wolfSSL_psk_use_session_cb_func cb); +WOLFSSL_API int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s); + +#ifdef WOLFSSL_QT +WOLFSSL_API void wolfSSL_CRYPTO_free(void *str, const char *file, int line); +WOLFSSL_API void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line); +#endif /* WOLFSSL_QT */ +#endif /* OPENSSL_EXTRA */ #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/test.h b/wolfssl/test.h index 7fba781f1..4a4f815bd 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -1516,6 +1516,19 @@ static WC_INLINE unsigned int my_psk_server_tls13_cb(WOLFSSL* ssl, return 32; /* length of key in octets or 0 for error */ } +static WC_INLINE int my_psk_use_session_cb(WOLFSSL* ssl, + const WOLFSSL_EVP_MD* md, const unsigned char **id, + size_t* idlen, WOLFSSL_SESSION **sess) +{ + (void)ssl; + (void)md; + (void)id; + (void)idlen; + (void)sess; + + return 0; +} + #endif /* !NO_PSK */ From 501de37cad791a4bcfb02ee83e36c50d110e6e38 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Sat, 3 Apr 2021 14:27:46 +0900 Subject: [PATCH 2/5] fixed memory leak in unit test --- tests/api.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/api.c b/tests/api.c index f26809b58..ec6c57bef 100644 --- a/tests/api.c +++ b/tests/api.c @@ -36705,6 +36705,7 @@ static void test_wolfSSL_EVP_PKEY_param_check(void) AssertIntEQ(EVP_PKEY_param_check(ctx), WOLFSSL_FAILURE); EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(pkey); printf(resultFmt, passed); #endif } @@ -36728,6 +36729,8 @@ static void test_wolfSSL_QT_EVP_PKEY_CTX_free(void) /* int */ AssertIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS); #endif + + EVP_PKEY_free(pkey); printf(resultFmt, passed); #endif } From 03cfc3dc8fbedad7c69c780553e7ce1acd004955 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Wed, 14 Apr 2021 11:15:23 +0900 Subject: [PATCH 3/5] addressed review comments part1 --- src/ssl.c | 44 +++++++++++++++++++++++++------------- tests/api.c | 2 +- wolfcrypt/src/evp.c | 6 +++--- wolfcrypt/test/test.c | 10 ++------- wolfssl/openssl/evp.h | 2 +- wolfssl/openssl/opensslv.h | 4 +++- wolfssl/openssl/ssl.h | 11 +--------- wolfssl/ssl.h | 11 ++++------ 8 files changed, 44 insertions(+), 46 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index c5472e5a7..056bc03ef 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -16179,7 +16179,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) return WOLFSSL_SUCCESS; } -#if defined(WOLFSSL_QT) +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD* method) #else WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD* method) @@ -16198,7 +16198,11 @@ int wolfSSL_set_compression(WOLFSSL* ssl) if (bio) { XMEMSET(bio, 0, sizeof(WOLFSSL_BIO)); bio->type = (byte)method->type; +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L bio->method = (WOLFSSL_BIO_METHOD*)method; +#else + bio->method = method; +#endif bio->shutdown = BIO_CLOSE; /* default to close things */ bio->num = -1; /* Default to invalid socket */ bio->init = 1; @@ -22032,7 +22036,7 @@ const char* wolfSSL_lib_version(void) } #ifdef OPENSSL_EXTRA -#ifdef WOLFSSL_QT +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L const char* wolfSSL_OpenSSL_version(int a) { (void)a; @@ -23350,7 +23354,6 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b) #ifndef NO_CERTS #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) -#if defined(WOLFSSL_QT) const unsigned char* wolfSSL_ASN1_STRING_get0_data( const WOLFSSL_ASN1_STRING* asn) { @@ -23362,7 +23365,7 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b) return NULL; } } -#endif + unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn) { WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data"); @@ -36336,7 +36339,7 @@ const char* wolfSSL_EC_curve_nid2nist(int nid) /** * return nist curve id * @param name nist curve name - * @return nist curve id when find, 0 when not find + * @return nist curve id when found, 0 when not found */ int wolfSSL_EC_curve_nist2nid(const char* name) { @@ -48897,7 +48900,7 @@ int wolfSSL_SSL_do_handshake(WOLFSSL *s) #endif } -#if defined(WOLFSSL_QT) +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L int wolfSSL_SSL_in_init(const WOLFSSL *ssl) #else int wolfSSL_SSL_in_init(WOLFSSL *ssl) @@ -55329,7 +55332,7 @@ int wolfSSL_CTX_set_ecdh_auto(WOLFSSL_CTX* ctx, int onoff) } /** - * set security level(wolfSSL doesn't suppor security level) + * set security level (wolfSSL doesn't support security level) * @param ctx a pointer to WOLFSSL_EVP_PKEY_CTX structure * @param level security level */ @@ -55340,7 +55343,7 @@ void wolfSSL_CTX_set_security_level(WOLFSSL_CTX* ctx, int level) (void)level; } /** - * get security level(wolfSSL doesn't suppor security level) + * get security level (wolfSSL doesn't support security level) * @param ctx a pointer to WOLFSSL_EVP_PKEY_CTX structure * @return always 0(level 0) */ @@ -55366,21 +55369,22 @@ int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx) } /** - * get call back function for psk session use + * set call back function for psk session use * @param ssl a pointer to WOLFSSL structure * @return none */ void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, - wolfSSL_psk_use_session_cb_func cb) + wolfSSL_psk_use_session_cb_func cb) { WOLFSSL_STUB("wolfSSL_set_psk_use_session_callback"); (void)ssl; (void)cb; } /** - * Determine whether an WOLFSSL_SESSION object can be used for resumption + * Determine whether a WOLFSSL_SESSION object can be used for resumption * @param s a pointer to WOLFSSL_SESSION structure - * @return always 0 cannot + * @return return 1 if session is resumable, + * otherwise 0 (currently always 0 with stub) */ int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s) { @@ -55391,21 +55395,31 @@ int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s) #endif /* NO_WOLFSSL_STUB */ -#ifdef WOLFSSL_QT +/** + * free allocated memory resouce + * @param str a pointer to resource to be freed + * @param file dummy argument + * @param line dummy argument + */ void wolfSSL_CRYPTO_free(void *str, const char *file, int line) { (void)file; (void)line; XFREE(str, 0, DYNAMIC_TYPE_TMP_BUFFER); } - +/** + * allocate memory with size of num + * @param num size of memory allocation to be malloced + * @param file dummy argument + * @param line dummy argument + * @return a pointer to allocated memory on succssesful, otherwise NULL + */ void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line) { (void)file; (void)line; return XMALLOC(num, 0, DYNAMIC_TYPE_TMP_BUFFER); } -#endif /* WOLFSSL_QT */ #endif /* OPENSSL_EXTRA */ #endif /* !WOLFCRYPT_ONLY */ diff --git a/tests/api.c b/tests/api.c index ec6c57bef..37bc6896a 100644 --- a/tests/api.c +++ b/tests/api.c @@ -42352,7 +42352,7 @@ static void test_wolfSSL_OpenSSL_version() printf(testingFmt, "test_wolfSSL_OpenSSL_version()"); const char* ver; - #if defined(WOLFSSL_QT) + #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L AssertNotNull(ver = OpenSSL_version(0)); #else AssertNotNull(ver = OpenSSL_version()); diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 890a6baa9..3f849f1b1 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -1366,14 +1366,14 @@ int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest) * * return WOLFSSL_SUCCESS on success */ -#ifdef WOLFSSL_QT +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx) #else int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx) #endif { if (ctx == NULL) -#ifdef WOLFSSL_QT +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L return; #else return 0; @@ -1384,7 +1384,7 @@ int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx) if (ctx->peerKey != NULL) wolfSSL_EVP_PKEY_free(ctx->peerKey); XFREE(ctx, NULL, DYNAMIC_TYPE_PUBLIC_KEY); -#ifndef WOLFSSL_QT +#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L return WOLFSSL_SUCCESS; #endif } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 5ad7a29ed..e5381cce1 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -18013,20 +18013,14 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void) /* test malloc / free , 10 is an arbitrary amount of memory chosen */ { byte* p; -#ifdef WOLFSSL_QT + p = (byte*)CRYPTO_malloc(10, "", 0); -#else - p = (byte*)CRYPTO_malloc(10); -#endif + if (p == NULL) { return -8600; } XMEMSET(p, 0, 10); -#ifdef WOLFSSL_QT CRYPTO_free(p, "", 0); -#else - CRYPTO_free(p); -#endif } #ifndef NO_MD5 diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index cee512d2c..367eb7f5f 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -547,7 +547,7 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY **ppkey); WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey); -#ifdef WOLFSSL_QT +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L WOLFSSL_API void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); #else WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); diff --git a/wolfssl/openssl/opensslv.h b/wolfssl/openssl/opensslv.h index 0605a3e8b..017f41778 100644 --- a/wolfssl/openssl/opensslv.h +++ b/wolfssl/openssl/opensslv.h @@ -33,9 +33,11 @@ #elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST) /* For Apache httpd, Use 1.1.0 compatibility */ #define OPENSSL_VERSION_NUMBER 0x10100000L +#elif defined(WOLFSSL_QT) + #define OPENSSL_VERSION_NUMBER 0x10100000L #elif defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ - defined(WOLFSSL_OPENSSH) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENVPN) + defined(WOLFSSL_OPENSSH) || defined(WOLFSSL_OPENVPN) /* version number can be increased for Lighty after compatibility for ECDH is added */ #define OPENSSL_VERSION_NUMBER 0x10001040L diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 3c1421116..eedb0440d 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -137,13 +137,8 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM; #define CONF_get1_default_config_file wolfSSL_CONF_get1_default_config_file typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; -#ifdef WOLFSSL_QT #define CRYPTO_free wolfSSL_CRYPTO_free #define CRYPTO_malloc wolfSSL_CRYPTO_malloc -#else -#define CRYPTO_free(xp) XFREE(xp, NULL, DYNAMIC_TYPE_TMP_BUFFER) -#define CRYPTO_malloc(sz) XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER) -#endif #define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new #define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup #define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free @@ -772,11 +767,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define ASN1_STRING_free wolfSSL_ASN1_STRING_free #define ASN1_STRING_cmp wolfSSL_ASN1_STRING_cmp #define ASN1_STRING_data wolfSSL_ASN1_STRING_data -#if defined(WOLFSSL_QT) #define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_get0_data -#else -#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data -#endif #define ASN1_STRING_length wolfSSL_ASN1_STRING_length #define ASN1_STRING_to_UTF8 wolfSSL_ASN1_STRING_to_UTF8 #define ASN1_UNIVERSALSTRING_to_string wolfSSL_ASN1_UNIVERSALSTRING_to_string @@ -1391,7 +1382,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_X509_OBJECT_delete wolfSSL_sk_X509_OBJECT_delete #define X509_OBJECT_free wolfSSL_X509_OBJECT_free #define X509_OBJECT_get_type(x) 0 -#ifdef WOLFSSL_QT +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L #define OpenSSL_version(x) wolfSSL_OpenSSL_version(x) #else #define OpenSSL_version(x) wolfSSL_OpenSSL_version() diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 755c264c4..0c602c7bd 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1310,7 +1310,7 @@ WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); -#if defined(WOLFSSL_QT) +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD*); #else WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); @@ -1528,10 +1528,8 @@ WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, int dataSz); WOLFSSL_API unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); -#ifdef WOLFSSL_QT WOLFSSL_API const unsigned char* wolfSSL_ASN1_STRING_get0_data( const WOLFSSL_ASN1_STRING*); -#endif WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_ASN1_STRING_copy(WOLFSSL_ASN1_STRING* dst, const WOLFSSL_ASN1_STRING* src); @@ -2280,7 +2278,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_Cleanup(void); /* which library version do we have */ WOLFSSL_API const char* wolfSSL_lib_version(void); -#ifdef WOLFSSL_QT +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L WOLFSSL_API const char* wolfSSL_OpenSSL_version(int a); #else WOLFSSL_API const char* wolfSSL_OpenSSL_version(void); @@ -4075,7 +4073,7 @@ WOLFSSL_API int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *, WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s); WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s); WOLFSSL_API int wolfSSL_SSL_do_handshake(WOLFSSL *s); -#if defined(WOLFSSL_QT) +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L WOLFSSL_API int wolfSSL_SSL_in_init(const WOLFSSL*); #else WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL*); @@ -4270,10 +4268,9 @@ WOLFSSL_API void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, WOLFSSL_API int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s); -#ifdef WOLFSSL_QT WOLFSSL_API void wolfSSL_CRYPTO_free(void *str, const char *file, int line); WOLFSSL_API void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line); -#endif /* WOLFSSL_QT */ + #endif /* OPENSSL_EXTRA */ #ifdef __cplusplus } /* extern "C" */ From 5a1d171236745a07c455e10f7500ddb597dae81f Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Wed, 14 Apr 2021 21:25:50 +0900 Subject: [PATCH 4/5] fixed unit test failure --- tests/api.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/api.c b/tests/api.c index 37bc6896a..13df2f064 100644 --- a/tests/api.c +++ b/tests/api.c @@ -36721,7 +36721,7 @@ static void test_wolfSSL_QT_EVP_PKEY_CTX_free(void) AssertNotNull(pkey = wolfSSL_EVP_PKEY_new()); AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); - #if defined(WOLFSSL_QT) + #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L /* void */ EVP_PKEY_CTX_free(ctx); AssertTrue(1); From cc0359accbea89d514dce468cb63ebf1629daabc Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Fri, 16 Apr 2021 08:20:12 +0900 Subject: [PATCH 5/5] changed callback func name corresponding other cb func name convention --- src/ssl.c | 2 +- wolfssl/ssl.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 056bc03ef..36a0207af 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -55374,7 +55374,7 @@ int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx) * @return none */ void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, - wolfSSL_psk_use_session_cb_func cb) + wc_psk_use_session_cb_func cb) { WOLFSSL_STUB("wolfSSL_set_psk_use_session_callback"); (void)ssl; diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 0c602c7bd..ff31dd662 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -4259,12 +4259,12 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx); WOLFSSL_API void wolfSSL_CTX_set_security_level(WOLFSSL_CTX* ctx, int level); WOLFSSL_API int wolfSSL_CTX_get_security_level(const WOLFSSL_CTX* ctx); -typedef int (*wolfSSL_psk_use_session_cb_func)(WOLFSSL* ssl, const WOLFSSL_EVP_MD* md, +typedef int (*wc_psk_use_session_cb_func)(WOLFSSL* ssl, const WOLFSSL_EVP_MD* md, const unsigned char **id, size_t* idlen, WOLFSSL_SESSION **sess); WOLFSSL_API void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, - wolfSSL_psk_use_session_cb_func cb); + wc_psk_use_session_cb_func cb); WOLFSSL_API int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s);