feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

OpenSSL Compat layer

Browse Source 
Implment/stub:
- wolfSSL_X509_NAME_delete_entry
- wolfSSL_X509_get_ext_by_OBJ
- wolfSSL_a2i_ASN1_INTEGER
- X509V3_parse_list
- wolfSSL_TXT_DB_write
- wolfSSL_TXT_DB_insert
- wolfSSL_EVP_PKEY_get_default_digest_nid
This commit is contained in:
Juliusz Sosinowicz
2020-07-29 23:46:08 +02:00
parent 753a3babc8
commit ff2574b3cb
10 changed files with 347 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
configure.ac
View File

@@ -702,7 +702,7 @@ AC_ARG_ENABLE([mcast],
# signal (--enable-signal)
# lighty (--enable-lighty) HAVE_LIGHTY
# stunnel (--enable-stunnel) HAVE_STUNNEL
# libest (--enable-libest)
# libest (--enable-libest) HAVE_LIBEST
# asio (--enable-asio) WOLFSSL_ASIO
# libwebsockets (--enable-libwebsockets) WOLFSSL_LIBWEBSOCKETS
# qt (--enable-qt) WOLFSSL_QT
@@ -4250,7 +4250,7 @@ AC_ARG_ENABLE([libest],
if test "$ENABLED_LIBEST" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA"
AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA -DHAVE_LIBEST"
# Requires opensslextra and opensslall
if test "x$ENABLED_OPENSSLALL" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno"

350
src/ssl.c
View File

@@ -8290,6 +8290,30 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_get_ext(const WOLFSSL_X509* x509, int loc)
return ext;
}
int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x,
const WOLFSSL_ASN1_OBJECT *obj, int lastpos)
{
const WOLF_STACK_OF(WOLFSSL_X509_EXTENSION) *sk;
if (!x || !obj) {
WOLFSSL_MSG("Bad parameter");
return -1;
}
sk = wolfSSL_X509_get0_extensions(x);
if (!sk) {
WOLFSSL_MSG("No extensions");
return -1;
}
lastpos++;
if (lastpos < 0)
lastpos = 0;
for (; lastpos < wolfSSL_sk_num(sk); lastpos++)
if (wolfSSL_OBJ_cmp(wolfSSL_sk_value(sk, lastpos), obj) == 0)
return lastpos;
return -1;
}
/* Pushes a new X509_EXTENSION* ext onto the stack inside WOLFSSL_X509* x509.
* This is currently a helper function for wolfSSL_X509_get_ext
* Caller does not free the returned WOLFSSL_X509_EXTENSION*
@@ -21164,7 +21188,8 @@ WOLFSSL_TXT_DB *wolfSSL_TXT_DB_read(WOLFSSL_BIO *in, int num)
fieldCheckIdx = strBuf + fieldsSz;
fieldPtr[fieldPtrIdx++] = fieldCheckIdx;
while (*fieldCheckIdx != '\0') {
if (*fieldCheckIdx == '\t') {
/* Handle escaped tabs */
if (*fieldCheckIdx == '\t' && fieldCheckIdx[-1] != '\\') {
fieldPtr[fieldPtrIdx++] = fieldCheckIdx + 1;
*fieldCheckIdx = '\0';
if (fieldPtrIdx > num) {
@@ -21199,8 +21224,94 @@ error:
return ret;
}
long wolfSSL_TXT_DB_write(WOLFSSL_BIO *out, WOLFSSL_TXT_DB *db)
{
const WOLF_STACK_OF(WOLFSSL_STRING)* data;
long totalLen = 0;
char buf[512]; /* Should be more than enough for a single row */
char* bufEnd = buf + sizeof(buf);
int sz;
int i;
WOLFSSL_ENTER("wolfSSL_TXT_DB_write");
if (!out || !db || !db->num_fields) {
WOLFSSL_MSG("Bad parameter");
return WOLFSSL_FAILURE;
}
data = db->data;
while (data) {
char** fields = (char**)data->data.string;
char* idx = buf;
if (!fields) {
WOLFSSL_MSG("Missing row");
return WOLFSSL_FAILURE;
}
for (i = 0; i < db->num_fields; i++) {
char* fieldValue = fields[i];
if (!fieldValue) {
WOLFSSL_MSG("Missing fields ptr");
return WOLFSSL_FAILURE;
}
/* Copy over field escaping tabs */
while (*fieldValue != '\0') {
if (idx+1 < bufEnd) {
if (*fieldValue == '\t')
*idx++ = '\\';
*idx++ = *fieldValue++;
}
else {
WOLFSSL_MSG("Data row is too big");
return WOLFSSL_FAILURE;
}
}
if (idx < bufEnd) {
*idx++ = '\t';
}
else {
WOLFSSL_MSG("Data row is too big");
return WOLFSSL_FAILURE;
}
}
idx[-1] = '\n';
sz = idx - buf;
if (wolfSSL_BIO_write(out, buf, sz) != sz) {
WOLFSSL_MSG("wolfSSL_BIO_write error");
return WOLFSSL_FAILURE;
}
totalLen += sz;
data = data->next;
}
return totalLen;
}
int wolfSSL_TXT_DB_insert(WOLFSSL_TXT_DB *db, WOLFSSL_STRING *row)
{
WOLFSSL_ENTER("wolfSSL_TXT_DB_insert");
if (!db || !row || !db->data) {
WOLFSSL_MSG("Bad parameter");
return WOLFSSL_FAILURE;
}
if (wolfSSL_sk_push(db->data, row) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("wolfSSL_sk_push error");
return WOLFSSL_FAILURE;
}
return WOLFSSL_SUCCESS;
}
void wolfSSL_TXT_DB_free(WOLFSSL_TXT_DB *db)
{
WOLFSSL_ENTER("wolfSSL_TXT_DB_free");
if (db) {
if (db->data) {
wolfSSL_sk_free(db->data);
@@ -40711,6 +40822,7 @@ err:
{
int ret;
WOLFSSL_X509_NAME_ENTRY* entry;
WOLFSSL_ENTER("wolfSSL_X509_NAME_add_entry_by_NID");
entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes,
len);
if (entry == NULL)
@@ -40719,6 +40831,40 @@ err:
wolfSSL_X509_NAME_ENTRY_free(entry);
return ret;
}
WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry(
WOLFSSL_X509_NAME *name, int loc)
{
WOLFSSL_X509_NAME_ENTRY* ret;
WOLFSSL_ENTER("wolfSSL_X509_NAME_delete_entry");
if (!name) {
WOLFSSL_MSG("Bad parameter");
return NULL;
}
ret = wolfSSL_X509_NAME_get_entry(name, loc);
if (!ret) {
WOLFSSL_MSG("loc entry not found");
return NULL;
}
if (loc <= DN_NAMES_MAX + name->fullName.dcNum) {
name->fullName.loc[loc] = ASN_DN_NULL;
}
else if (name->fullName.dcMode) {
if (name->fullName.fullName != NULL) {
if (loc == name->fullName.dcNum) {
name->fullName.dcNum = 0;
}
else {
name->fullName.dcIdx[loc] = -1;
}
}
}
return ret;
}
#endif /* !NO_CERTS */
@@ -41583,7 +41729,37 @@ err:
if (name->entry[loc].set) {
return &name->entry[loc];
}
else {
/* DC component */
if (name->fullName.dcMode) {
if (name->fullName.fullName != NULL){
if (loc == name->fullName.dcNum){
name->cnEntry.data.data
= &name->fullName.fullName[name->fullName.cIdx];
name->cnEntry.data.length = name->fullName.cLen;
name->cnEntry.nid = ASN_COUNTRY_NAME;
}
else if (name->fullName.dcIdx[loc] >= 0) {
name->cnEntry.data.data
= &name->fullName.fullName[name->fullName.dcIdx[loc]];
name->cnEntry.data.length = name->fullName.dcLen[loc];
name->cnEntry.nid = ASN_DOMAIN_COMPONENT;
}
else {
WOLFSSL_MSG("loc passed in is not in range of parsed DN's");
return NULL;
}
}
name->cnEntry.data.type = CTC_UTF8;
/* common name index case */
} else if (loc == name->fullName.cnIdx && name->x509 != NULL) {
/* get CN shortcut from x509 since it has null terminator */
name->cnEntry.data.data = name->x509->subjectCN;
name->cnEntry.data.length = name->fullName.cnLen;
name->cnEntry.data.type = CTC_UTF8;
name->cnEntry.nid = ASN_COMMON_NAME;
name->cnEntry.set = 1;
} else {
WOLFSSL_MSG("loc passed in is not in range of parsed DN's");
return NULL;
}
}
@@ -45861,14 +46037,138 @@ WOLFSSL_SESSION *wolfSSL_SSL_get0_session(const WOLFSSL *ssl)
#endif /* NO_SESSION_CACHE */
int wolfSSL_X509_check_host(X509 *x, const char *chk, size_t chklen,
unsigned int flags, char **peername)
{
int ret;
DecodedCert dCert;
WOLFSSL_ENTER("wolfSSL_X509_check_host");
/* flags and peername not needed for Nginx. */
(void)flags;
(void)peername;
if (flags == WOLFSSL_NO_WILDCARDS) {
WOLFSSL_MSG("X509_CHECK_FLAG_NO_WILDCARDS not yet implemented");
return WOLFSSL_FAILURE;
}
InitDecodedCert(&dCert, x->derCert->buffer, x->derCert->length, NULL);
ret = ParseCertRelative(&dCert, CERT_TYPE, 0, NULL);
if (ret != 0) {
FreeDecodedCert(&dCert);
return WOLFSSL_FAILURE;
}
ret = CheckHostName(&dCert, (char *)chk, chklen);
FreeDecodedCert(&dCert);
if (ret != 0)
return WOLFSSL_FAILURE;
return WOLFSSL_SUCCESS;
}
#ifndef NO_BIO
int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1,
char *buf, int size)
{
int readNextLine;
int lineLen;
int len;
byte isNumCheck;
word32 outLen;
const int extraTagSz = MAX_LENGTH_SZ - 1;
WOLFSSL_ENTER("wolfSSL_a2i_ASN1_INTEGER");
if (!bio || !asn1 || !buf || size <= 0) {
WOLFSSL_MSG("Bad parameter");
return WOLFSSL_FAILURE;
}
/* Reset asn1 */
if (asn1->isDynamic && asn1->data) {
XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL);
asn1->isDynamic = 0;
}
XMEMSET(asn1->intData, 0, sizeof(WOLFSSL_ASN1_INTEGER));
asn1->data = asn1->intData;
asn1->length = 0;
asn1->negative = 0;
asn1->type = V_ASN1_INTEGER;
lineLen = wolfSSL_BIO_gets(bio, buf, size);
do {
readNextLine = 0;
if (lineLen <= 0) {
WOLFSSL_MSG("wolfSSL_BIO_gets error");
return WOLFSSL_FAILURE;
}
while (lineLen && buf[lineLen-1] == '\n' && buf[lineLen-1] == '\r')
lineLen--;
if (buf[lineLen-1] == '\\')
readNextLine = 1;
/* Ignore none-hex chars at the end of the line */
outLen = 1;
while (lineLen && Base16_Decode((byte*)buf + lineLen - 1, 1,
&isNumCheck, &outLen) == ASN_INPUT_E)
lineLen--;
if (!lineLen || lineLen % 2) {
WOLFSSL_MSG("Invalid line length");
return WOLFSSL_FAILURE;
}
len = asn1->length + (lineLen/2);
/* Check if it will fit in static memory and
* save space for the ASN tag in front */
if (len > (int)(sizeof(asn1->intData) - extraTagSz)) {
/* Allocate mem for data */
if (asn1->isDynamic) {
byte* tmp = XREALLOC(asn1->data, len + extraTagSz, NULL,
DYNAMIC_TYPE_OPENSSL);
if (!tmp) {
WOLFSSL_MSG("realloc error");
return WOLFSSL_FAILURE;
}
asn1->data = tmp;
}
else {
asn1->data = XMALLOC(len + extraTagSz, NULL,
DYNAMIC_TYPE_OPENSSL);
if (!asn1->data) {
WOLFSSL_MSG("malloc error");
return WOLFSSL_FAILURE;
}
XMEMCPY(asn1->data, asn1->intData, asn1->length);
}
}
len = lineLen/2;
if (Base16_Decode((byte*)buf, lineLen, asn1->data + asn1->length,
(word32*)&len) != 0) {
WOLFSSL_MSG("Base16_Decode error");
return WOLFSSL_FAILURE;
}
asn1->length += len;
} while (readNextLine);
/* Write ASN tag */
outLen = SetLength(asn1->length, NULL);
if (asn1->data[0] == 0x80)
outLen++; /* Special ASN integer case */
XMEMMOVE(asn1->data + outLen + 1, asn1->data, asn1->length);
asn1->data[0] = ASN_INTEGER;
(void)SetLength(asn1->length, asn1->data + 1);
if (asn1->data[outLen+1] == 0x80)
asn1->data[outLen] = 0;
return WOLFSSL_SUCCESS;
}
int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
{
static char num[16] = { '0', '1', '2', '3', '4', '5', '6', '7',
'8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
int i;
word32 j;
word32 len = 0;
word32 idx = 1;
int len = 0;
byte buf[512];
word32 bufLen = 512;
WOLFSSL_ENTER("wolfSSL_i2a_ASN1_INTEGER");
@@ -45876,32 +46176,9 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
return WOLFSSL_FAILURE;
/* Skip ASN.1 INTEGER (type) byte. */
i = 1;
/* When indefinite length, can't determine length with data available. */
if (a->data[i] == 0x80)
if (a->data[idx] == 0x80 || /* Indefinite length, can't determine length */
GetLength(a->data, &idx, &len, a->length) < 0) {
return 0;
/* One length byte if less than 0x80. */
if (a->data[i] < 0x80)
len = a->data[i++];
/* Multiple length byte if greater than 0x80. */
else if (a->data[i] > 0x80) {
switch (a->data[i++] - 0x80) {
case 4:
len |= a->data[i++] << 24;
FALL_THROUGH;
case 3:
len |= a->data[i++] << 16;
FALL_THROUGH;
case 2:
len |= a->data[i++] << 8;
FALL_THROUGH;
case 1:
len |= a->data[i++];
break;
default:
/* Not supporting greater than 4 bytes of length. */
return 0;
}
}
/* Zero length integer is the value zero. */
@@ -45910,14 +46187,11 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
return 2;
}
/* Don't do negative - just write out every byte. */
for (j = 0; j < len; i++,j++) {
wolfSSL_BIO_write(bp, &num[a->data[i] >> 4], 1);
wolfSSL_BIO_write(bp, &num[a->data[i] & 0xf], 1);
if (Base16_Encode(a->data + idx, len, buf, &bufLen) != 0) {
return 0;
}
/* Two nibbles written for each byte. */
return len * 2;
return wolfSSL_BIO_write(bp, buf, bufLen);
}
#endif /* !NO_BIO */

16
wolfcrypt/src/evp.c
View File

@@ -6494,7 +6494,7 @@ int wolfSSL_EVP_PKEY_type(int type)
}
int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey)
int wolfSSL_EVP_PKEY_id(const WOLFSSL_EVP_PKEY *pkey)
{
if (pkey != NULL)
return pkey->type;
@@ -6502,13 +6502,25 @@ int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey)
}
int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey)
int wolfSSL_EVP_PKEY_base_id(const WOLFSSL_EVP_PKEY *pkey)
{
if (pkey == NULL)
return NID_undef;
return wolfSSL_EVP_PKEY_type(pkey->type);
}
int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid)
{
(void)pkey;
#ifndef NO_SHA256
if (pnid) {
*pnid = NID_sha256;
}
return WOLFSSL_SUCCESS;
#else
return -2;
#endif
}
/* increments ref count of WOLFSSL_EVP_PKEY. Return 1 on success, 0 on error */
int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey)

1
wolfssl/openssl/dh.h
View File

@@ -26,6 +26,7 @@
#define WOLFSSL_DH_H_
#include <wolfssl/openssl/bn.h>
#include <wolfssl/openssl/opensslv.h>
#ifdef __cplusplus
extern "C" {

6
wolfssl/openssl/evp.h
View File

@@ -575,8 +575,9 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b);
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid);
WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type);
@@ -832,6 +833,7 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_PKEY_cmp wolfSSL_EVP_PKEY_cmp
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id
#define EVP_PKEY_get_default_digest_nid wolfSSL_EVP_PKEY_get_default_digest_nid
#define EVP_PKEY_id wolfSSL_EVP_PKEY_id
#define EVP_PKEY_CTX_ctrl_str wolfSSL_EVP_PKEY_CTX_ctrl_str
#define EVP_SignFinal wolfSSL_EVP_SignFinal

2
wolfssl/openssl/opensslv.h
View File

@@ -30,7 +30,7 @@
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10100000L) ||\
defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10001040L)
/* valid version */
#elif defined(WOLFSSL_APACHE_HTTPD)
#elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST)
/* For Apache httpd, Use 1.1.0 compatibility */
#define OPENSSL_VERSION_NUMBER 0x10100000L
#elif defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \

2
wolfssl/openssl/ssl.h
View File

@@ -346,6 +346,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define SSL_MODE_RELEASE_BUFFERS 0x00000010U
#define ASN1_BOOLEAN WOLFSSL_ASN1_BOOLEAN
#define X509_get_ext wolfSSL_X509_get_ext
#define X509_get_ext_by_OBJ wolfSSL_X509_get_ext_by_OBJ
#define X509_cmp wolfSSL_X509_cmp
#define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object
#define X509_EXTENSION_get_critical wolfSSL_X509_EXTENSION_get_critical
@@ -705,6 +706,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_tag2str wolfSSL_ASN1_tag2str
#define a2i_ASN1_INTEGER wolfSSL_a2i_ASN1_INTEGER
#define i2a_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER
#define i2c_ASN1_INTEGER wolfSSL_i2c_ASN1_INTEGER
#define ASN1_INTEGER_new wolfSSL_ASN1_INTEGER_new

4
wolfssl/openssl/txt_db.h
View File

@@ -39,6 +39,8 @@ struct WOLFSSL_TXT_DB {
typedef struct WOLFSSL_TXT_DB WOLFSSL_TXT_DB;
WOLFSSL_API WOLFSSL_TXT_DB *wolfSSL_TXT_DB_read(WOLFSSL_BIO *in, int num);
WOLFSSL_API long wolfSSL_TXT_DB_write(WOLFSSL_BIO *out, WOLFSSL_TXT_DB *db);
WOLFSSL_API int wolfSSL_TXT_DB_insert(WOLFSSL_TXT_DB *db, WOLFSSL_STRING *row);
WOLFSSL_API void wolfSSL_TXT_DB_free(WOLFSSL_TXT_DB *db);
WOLFSSL_API int wolfSSL_TXT_DB_create_index(WOLFSSL_TXT_DB *db, int field,
void* qual, wolf_sk_hash_cb hash, wolf_sk_compare_cb cmp);
@@ -48,6 +50,8 @@ WOLFSSL_API WOLFSSL_STRING *wolfSSL_TXT_DB_get_by_index(WOLFSSL_TXT_DB *db,
#define TXT_DB WOLFSSL_TXT_DB
#define TXT_DB_read wolfSSL_TXT_DB_read
#define TXT_DB_write wolfSSL_TXT_DB_write
#define TXT_DB_insert wolfSSL_TXT_DB_insert
#define TXT_DB_free wolfSSL_TXT_DB_free
#define TXT_DB_create_index wolfSSL_TXT_DB_create_index
#define TXT_DB_get_by_index wolfSSL_TXT_DB_get_by_index

1
wolfssl/openssl/x509v3.h
View File

@@ -111,6 +111,7 @@ WOLFSSL_API int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out,
#define X509V3_EXT_d2i wolfSSL_X509V3_EXT_d2i
#ifndef NO_WOLFSSL_STUB
#define X509V3_EXT_add_nconf(...) 0
#define X509V3_parse_list(...) NULL
#endif
#define i2s_ASN1_OCTET_STRING wolfSSL_i2s_ASN1_STRING
#define X509V3_EXT_print wolfSSL_X509V3_EXT_print

6
wolfssl/ssl.h
View File

@@ -3360,6 +3360,8 @@ WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name,
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_NID(WOLFSSL_X509_NAME *name, int nid,
int type, const unsigned char *bytes,
int len, int loc, int set);
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry(
WOLFSSL_X509_NAME *name, int loc);
WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
const WOLFSSL_X509_NAME* y);
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
@@ -3418,6 +3420,8 @@ WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_ASN1(int pri, WOLFSSL_CTX* ctx,
WOLFSSL_API int wolfSSL_X509_cmp(const WOLFSSL_X509* a, const WOLFSSL_X509* b);
WOLFSSL_API const WOLFSSL_STACK *wolfSSL_X509_get0_extensions(const WOLFSSL_X509 *x);
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_get_ext(const WOLFSSL_X509* x, int loc);
WOLFSSL_API int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x,
const WOLFSSL_ASN1_OBJECT *obj, int lastpos);
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x, int loc);
WOLFSSL_API int wolfSSL_X509_EXTENSION_get_critical(const WOLFSSL_X509_EXTENSION* ex);
WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_EXTENSION_new(void);
@@ -4008,6 +4012,8 @@ WOLFSSL_API unsigned char* wolfSSL_ASN1_TIME_get_data(WOLFSSL_ASN1_TIME *t);
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
WOLFSSL_ASN1_TIME **out);
WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp);
WOLFSSL_API int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1,
char *buf, int size);
WOLFSSL_API int wolfSSL_X509_CA_num(WOLFSSL_X509_STORE *store);
WOLFSSL_API long wolfSSL_X509_get_version(const WOLFSSL_X509 *x);
WOLFSSL_API int wolfSSL_X509_get_signature_nid(const WOLFSSL_X509* x);