feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #8211 from douzzer/20241121-fixes

Browse Source 
20241121-fixes
This commit is contained in:
JacobBarthelmeh
2024-11-22 09:49:59 -07:00
committed by GitHub
parent 92f587c84f d85c108952
commit c5d7dc3df6
14 changed files with 123 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
configure.ac
View File

@ -4662,6 +4662,11 @@ fi
if test "$ENABLED_WOLFSENTRY" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WOLFSENTRY_HOOKS -DHAVE_EX_DATA -DHAVE_EX_DATA_CLEANUP_HOOKS"
if test "$ENABLED_OPENSSLEXTRA" = "no"
then
ENABLED_OPENSSLEXTRA="yes"
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
fi
WOLFSENTRY_LIB="$WOLFSENTRY_LIB -lwolfsentry"
fi

24
linuxkm/linuxkm_wc_port.h
View File

@ -471,6 +471,16 @@
unsigned int serialSz);
#endif
#endif /* NO_SKID */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
struct WOLFSSL_X509_NAME;
extern int wolfSSL_X509_NAME_add_entry_by_NID(struct WOLFSSL_X509_NAME *name, int nid,
int type, const unsigned char *bytes,
int len, int loc, int set);
extern void wolfSSL_X509_NAME_free(struct WOLFSSL_X509_NAME* name);
extern struct WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap);
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
#if defined(__PIE__) && !defined(USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE)
@ -645,6 +655,13 @@
#ifdef WOLFSSL_AKID_NAME
typeof(GetCAByAKID) *GetCAByAKID;
#endif /* WOLFSSL_AKID_NAME */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
typeof(wolfSSL_X509_NAME_add_entry_by_NID) *wolfSSL_X509_NAME_add_entry_by_NID;
typeof(wolfSSL_X509_NAME_free) *wolfSSL_X509_NAME_free;
typeof(wolfSSL_X509_NAME_new_ex) *wolfSSL_X509_NAME_new_ex;
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
@ -800,6 +817,13 @@
#ifdef WOLFSSL_AKID_NAME
#define GetCAByAKID (wolfssl_linuxkm_get_pie_redirect_table()->GetCAByAKID)
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#define wolfSSL_X509_NAME_add_entry_by_NID (wolfssl_linuxkm_get_pie_redirect_table()->wolfSSL_X509_NAME_add_entry_by_NID)
#define wolfSSL_X509_NAME_free (wolfssl_linuxkm_get_pie_redirect_table()->wolfSSL_X509_NAME_free)
#define wolfSSL_X509_NAME_new_ex (wolfssl_linuxkm_get_pie_redirect_table()->wolfSSL_X509_NAME_new_ex)
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES

8
linuxkm/lkcapi_glue.c
View File

@ -26,6 +26,14 @@
#error lkcapi_glue.c included in non-LINUXKM_LKCAPI_REGISTER project.
#endif
/* kernel crypto self-test includes test setups that have different expected
* results FIPS vs non-FIPS.
*/
#if defined(CONFIG_CRYPTO_MANAGER) && \
(defined(CONFIG_CRYPTO_FIPS) != defined(HAVE_FIPS))
#error CONFIG_CRYPTO_MANAGER requires that CONFIG_CRYPTO_FIPS match HAVE_FIPS.
#endif
#ifndef WOLFSSL_LINUXKM_LKCAPI_PRIORITY
/* Larger number means higher priority. The highest in-tree priority is 4001,
* in the Cavium driver.

5
linuxkm/module_hooks.c
View File

@ -584,6 +584,11 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
#ifdef WOLFSSL_AKID_NAME
wolfssl_linuxkm_pie_redirect_table.GetCAByAKID = GetCAByAKID;
#endif /* WOLFSSL_AKID_NAME */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_add_entry_by_NID = wolfSSL_X509_NAME_add_entry_by_NID;
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_free = wolfSSL_X509_NAME_free;
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_new_ex = wolfSSL_X509_NAME_new_ex;
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES

10
src/ssl_crypto.c
View File

@ -2614,7 +2614,7 @@ void wolfSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output,
WOLFSSL_ENTER("wolfSSL_DES_cbc_encrypt");
#ifdef WOLFSSL_SMALL_STACK
des = XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
des = (Des*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
if (des == NULL) {
WOLFSSL_MSG("Failed to allocate memory for Des object");
}
@ -2732,7 +2732,7 @@ void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt");
#ifdef WOLFSSL_SMALL_STACK
des3 = XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
if (des3 == NULL) {
WOLFSSL_MSG("Failed to allocate memory for Des3 object");
sz = 0;
@ -2862,7 +2862,9 @@ void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* in, WOLFSSL_DES_cblock* out,
WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_ecb_encrypt");
}
#ifdef WOLFSSL_SMALL_STACK
else if ((des = XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_CIPHER)) == NULL) {
else if ((des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_CIPHER))
== NULL)
{
WOLFSSL_MSG("Failed to allocate memory for Des object");
}
#endif
@ -3039,7 +3041,7 @@ void wolfSSL_AES_decrypt(const unsigned char* input, unsigned char* output,
}
else
#if !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION3_GE(5,2,1)))
/* Decrypt a block with wolfCrypt AES. */
if (wc_AesDecryptDirect((Aes*)key, output, input) != 0) {
WOLFSSL_MSG("wc_AesDecryptDirect failed");

21
tests/api.c
View File

@ -34962,7 +34962,7 @@ static int test_wc_dilithium_der(void)
int pubDerLen;
int privDerLen;
int keyDerLen;
word32 idx;
word32 idx = 0;
#ifndef WOLFSSL_NO_ML_DSA_44
pubLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE;
@ -34989,6 +34989,9 @@ static int test_wc_dilithium_der(void)
if (key != NULL) {
XMEMSET(key, 0, sizeof(*key));
}
if (der != NULL) {
XMEMSET(der, 0, sizeof(*der));
}
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_dilithium_init(key), 0);
@ -35002,21 +35005,21 @@ static int test_wc_dilithium_der(void)
/* When security level is not set, we attempt to parse it from DER. Since
* the supplied DER is invalid, this should fail with ASN parsing error */
idx = 0;
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der, &idx, key, pubDerLen),
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
WC_NO_ERR_TRACE(BAD_FUNC_ARG)
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#else
WC_NO_ERR_TRACE(ASN_PARSE_E)
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der, &idx, key, pubDerLen),
WC_NO_ERR_TRACE(ASN_PARSE_E));
#endif
);
idx = 0;
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der, &idx, key, privDerLen),
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
WC_NO_ERR_TRACE(BAD_FUNC_ARG)
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der, &idx, key, privDerLen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#else
WC_NO_ERR_TRACE(ASN_PARSE_E)
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der, &idx, key, privDerLen),
WC_NO_ERR_TRACE(ASN_PARSE_E));
#endif
);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);

3
wolfcrypt/src/error.c
View File

@ -44,6 +44,9 @@ const char* wc_GetErrorString(int error)
{
switch ((enum wolfCrypt_ErrorCodes)error) {
case WC_FAILURE:
return "wolfCrypt generic failure";
case MP_MEM :
return "MP integer dynamic memory allocation failed";

8
wolfcrypt/src/wc_lms.c
View File

@ -765,7 +765,7 @@ int wc_LmsKey_MakeKey(LmsKey* key, WC_RNG* rng)
#ifdef WOLFSSL_SMALL_STACK
/* Allocate memory for working state. */
state = XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (state == NULL) {
ret = MEMORY_E;
}
@ -880,7 +880,7 @@ int wc_LmsKey_Reload(LmsKey* key)
#ifdef WOLFSSL_SMALL_STACK
/* Allocate memory for working state. */
state = XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (state == NULL) {
ret = MEMORY_E;
}
@ -978,7 +978,7 @@ int wc_LmsKey_Sign(LmsKey* key, byte* sig, word32* sigSz, const byte* msg,
#ifdef WOLFSSL_SMALL_STACK
/* Allocate memory for working state. */
state = XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (state == NULL) {
ret = MEMORY_E;
}
@ -1239,7 +1239,7 @@ int wc_LmsKey_Verify(LmsKey* key, const byte* sig, word32 sigSz,
#ifdef WOLFSSL_SMALL_STACK
/* Allocate memory for working state. */
state = XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (state == NULL) {
ret = MEMORY_E;
}

4
wolfcrypt/src/wc_lms_impl.c
View File

@ -1962,7 +1962,7 @@ static int wc_lms_treehash_init(LmsState* state, LmsPrivState* privState,
#ifdef WOLFSSL_SMALL_STACK
/* Allocate stack of left side hashes. */
stack = XMALLOC((params->height + 1) * params->hash_len, NULL,
stack = (byte*)XMALLOC((params->height + 1) * params->hash_len, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (stack == NULL) {
ret = MEMORY_E;
@ -2088,7 +2088,7 @@ static int wc_lms_treehash_update(LmsState* state, LmsPrivState* privState,
#ifdef WOLFSSL_SMALL_STACK
/* Allocate stack of left side hashes. */
stack = XMALLOC((params->height + 1) * params->hash_len, NULL,
stack = (byte*)XMALLOC((params->height + 1) * params->hash_len, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (stack == NULL) {
ret = MEMORY_E;

6
wolfcrypt/src/wc_xmss.c
View File

@ -738,7 +738,7 @@ static WC_INLINE int wc_xmsskey_signupdate(XmssKey* key, byte* sig,
#endif
#ifdef WOLFSSL_SMALL_STACK
state = XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
state = (XmssState*)XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (state == NULL) {
ret = MEMORY_E;
}
@ -1109,7 +1109,7 @@ int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng)
#endif
#ifdef WOLFSSL_SMALL_STACK
state = XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
state = (XmssState*)XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (state == NULL) {
ret = MEMORY_E;
}
@ -1645,7 +1645,7 @@ int wc_XmssKey_Verify(XmssKey* key, const byte* sig, word32 sigLen,
#endif
#ifdef WOLFSSL_SMALL_STACK
state = XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
state = (XmssState*)XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (state == NULL) {
ret = MEMORY_E;
}

63
wolfcrypt/test/test.c
View File

@ -33733,9 +33733,9 @@ static wc_test_ret_t ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
int bInit = 0;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
plaintext = XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
encrypted = XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
decrypted = XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
plaintext = (byte*)XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
encrypted = (byte*)XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
decrypted = (byte*)XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
wc_ecc_free(a);
@ -45867,8 +45867,12 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
int expectedLevel,
int isPublicOnlyKey)
{
int ret;
dilithium_key key;
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
dilithium_key *key = NULL;
#else
dilithium_key key[1];
#endif
word32 idx;
byte* der;
word32 derSz;
@ -45882,23 +45886,31 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
return MEMORY_E;
}
#ifdef WOLFSSL_SMALL_STACK
key = (dilithium_key *)XMALLOC(sizeof(*key), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (key == NULL)
ret = MEMORY_E;
#endif
/* Initialize key */
ret = wc_dilithium_init(&key);
if (ret == 0) {
ret = wc_dilithium_init(key);
}
/* Import raw key, setting the security level */
if (ret == 0) {
ret = wc_dilithium_set_level(&key, expectedLevel);
ret = wc_dilithium_set_level(key, expectedLevel);
}
if (ret == 0) {
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
if (isPublicOnlyKey) {
ret = wc_dilithium_import_public(rawKey, rawKeySz, &key);
ret = wc_dilithium_import_public(rawKey, rawKeySz, key);
}
#endif
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
if (!isPublicOnlyKey) {
ret = wc_dilithium_import_private(rawKey, rawKeySz, &key);
ret = wc_dilithium_import_private(rawKey, rawKeySz, key);
}
#endif
}
@ -45907,12 +45919,12 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
if (ret == 0) {
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
if (isPublicOnlyKey) {
ret = wc_Dilithium_PublicKeyToDer(&key, der, maxDerSz, 1);
ret = wc_Dilithium_PublicKeyToDer(key, der, maxDerSz, 1);
}
#endif
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
if (!isPublicOnlyKey) {
ret = wc_Dilithium_PrivateKeyToDer(&key, der, maxDerSz);
ret = wc_Dilithium_PrivateKeyToDer(key, der, maxDerSz);
}
#endif
if (ret >= 0) {
@ -45923,33 +45935,33 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
/* Free and reinit key to test fresh decode */
if (ret == 0) {
wc_dilithium_free(&key);
ret = wc_dilithium_init(&key);
wc_dilithium_free(key);
ret = wc_dilithium_init(key);
}
/* First test decoding when security level is set externally */
if (ret == 0) {
ret = wc_dilithium_set_level(&key, expectedLevel);
ret = wc_dilithium_set_level(key, expectedLevel);
}
if (ret == 0) {
idx = 0;
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
if (isPublicOnlyKey) {
ret = wc_Dilithium_PublicKeyDecode(der, &idx, &key, derSz);
ret = wc_Dilithium_PublicKeyDecode(der, &idx, key, derSz);
}
#endif
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
if (!isPublicOnlyKey) {
ret = wc_Dilithium_PrivateKeyDecode(der, &idx, &key, derSz);
ret = wc_Dilithium_PrivateKeyDecode(der, &idx, key, derSz);
}
#endif
}
/* Free and reinit key to test fresh decode */
if (ret == 0) {
wc_dilithium_free(&key);
ret = wc_dilithium_init(&key);
wc_dilithium_free(key);
ret = wc_dilithium_init(key);
}
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
@ -45958,28 +45970,31 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
idx = 0;
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
if (isPublicOnlyKey) {
ret = wc_Dilithium_PublicKeyDecode(der, &idx, &key, derSz);
ret = wc_Dilithium_PublicKeyDecode(der, &idx, key, derSz);
}
#endif
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
if (!isPublicOnlyKey) {
ret = wc_Dilithium_PrivateKeyDecode(der, &idx, &key, derSz);
ret = wc_Dilithium_PrivateKeyDecode(der, &idx, key, derSz);
}
#endif
}
/* Verify auto-detected security level */
if (ret == 0 && key.level != expectedLevel) {
if (ret == 0 && key->level != expectedLevel) {
printf("Dilithium key decode failed to detect level.\n"
"\tExpected level=%d\n\tGot level=%d\n",
expectedLevel, key.level);
expectedLevel, key->level);
ret = WC_TEST_RET_ENC_NC;
}
#endif /* !WOLFSSL_DILITHIUM_FIPS204_DRAFT */
/* Cleanup */
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_dilithium_free(&key);
wc_dilithium_free(key);
#ifdef WOLFSSL_SMALL_STACK
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
@ -46827,7 +46842,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test(void)
unsigned char priv[HSS_MAX_PRIVATE_KEY_LEN];
unsigned char old_priv[HSS_MAX_PRIVATE_KEY_LEN];
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
byte * sig = XMALLOC(WC_TEST_LMS_SIG_LEN, HEAP_HINT,
byte * sig = (byte*)XMALLOC(WC_TEST_LMS_SIG_LEN, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
if (sig == NULL) {
return WC_TEST_RET_ENC_ERRNO;

6
wolfssl/ssl.h
View File

@ -4793,15 +4793,19 @@ WOLFSSL_API int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name,
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name,
const char *field, int type, const unsigned char *bytes, int len, int loc,
int set);
#ifndef wolfSSL_X509_NAME_add_entry_by_NID
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_NID(WOLFSSL_X509_NAME *name, int nid,
int type, const unsigned char *bytes,
int len, int loc, int set);
#endif
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry(
WOLFSSL_X509_NAME *name, int loc);
WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
const WOLFSSL_X509_NAME* y);
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
#ifndef wolfSSL_X509_NAME_new_ex
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap);
#endif
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME* name);
WOLFSSL_API int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to);
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
@ -5012,7 +5016,9 @@ WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NA
|| defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne);
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void);
#ifndef wolfSSL_X509_NAME_free
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name);
#endif
WOLFSSL_API int wolfSSL_CTX_use_certificate(WOLFSSL_CTX* ctx, WOLFSSL_X509* x);
WOLFSSL_API int wolfSSL_CTX_add0_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
WOLFSSL_API int wolfSSL_CTX_add1_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);

4
wolfssl/wolfcrypt/error-crypt.h
View File

@ -46,6 +46,10 @@ enum wolfCrypt_ErrorCodes {
/* note that WOLFSSL_FATAL_ERROR is defined as -1 in error-ssl.h, for
* reasons of backward compatibility.
*/
WC_FAILURE = -1, /* Generic but traceable back compat errcode.
* Note, not reflected in MAX_CODE_E or
* WC_FIRST_E.
*/
MAX_CODE_E = -96, /* WC_FIRST_E + 1, for backward compat. */
WC_FIRST_E = -97, /* First code used for wolfCrypt */

3
wolfssl/wolfcrypt/settings.h
View File

@ -3736,7 +3736,8 @@ extern void uITRON4_free(void *p) ;
(defined(OPENSSL_ALL) || defined(WOLFSSL_WPAS_SMALL) || \
defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB))
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB) || \
defined(WOLFSSL_WOLFSENTRY_HOOKS))
#define HAVE_EX_DATA_CRYPTO
#endif