mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-08 14:10:53 +02:00
Merge pull request #1373 from JacobBarthelmeh/Optimizations
Some memory optimizations
This commit is contained in:
+6
-1
@@ -511,9 +511,14 @@ fi
|
||||
|
||||
if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes"
|
||||
then
|
||||
AC_MSG_ERROR([cannot enable small and opensslextra, only one or the other.])
|
||||
AC_MSG_ERROR([cannot enable small and opensslextra, only one or the other.])
|
||||
fi
|
||||
|
||||
if test "$ENABLED_OPENSSLEXTRA" = "x509small"
|
||||
then
|
||||
AC_MSG_NOTICE([Enabling only a subset of X509 opensslextra])
|
||||
AM_CFLAGS="-DOPENSSL_EXTRA_X509_SMALL"
|
||||
fi
|
||||
|
||||
# High Strength Build
|
||||
AC_ARG_ENABLE([maxstrength],
|
||||
|
||||
+17
-48
@@ -2750,7 +2750,7 @@ void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag)
|
||||
if (name != NULL) {
|
||||
name->name = name->staticName;
|
||||
name->dynamicName = 0;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
XMEMSET(&name->fullName, 0, sizeof(DecodedName));
|
||||
XMEMSET(&name->cnEntry, 0, sizeof(WOLFSSL_X509_NAME_ENTRY));
|
||||
XMEMSET(&name->extra, 0, sizeof(name->extra));
|
||||
@@ -2767,7 +2767,7 @@ void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
|
||||
if (name != NULL) {
|
||||
if (name->dynamicName)
|
||||
XFREE(name->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
{
|
||||
int i;
|
||||
if (name->fullName.fullName != NULL) {
|
||||
@@ -2781,7 +2781,7 @@ void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
}
|
||||
(void)heap;
|
||||
}
|
||||
@@ -2800,40 +2800,7 @@ void InitX509(WOLFSSL_X509* x509, int dynamicFlag, void* heap)
|
||||
x509->heap = heap;
|
||||
InitX509Name(&x509->issuer, 0);
|
||||
InitX509Name(&x509->subject, 0);
|
||||
x509->version = 0;
|
||||
x509->pubKey.buffer = NULL;
|
||||
x509->sig.buffer = NULL;
|
||||
x509->derCert = NULL;
|
||||
x509->altNames = NULL;
|
||||
x509->altNamesNext = NULL;
|
||||
x509->dynamicMemory = (byte)dynamicFlag;
|
||||
x509->isCa = 0;
|
||||
#ifdef HAVE_ECC
|
||||
x509->pkCurveOID = 0;
|
||||
#endif /* HAVE_ECC */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
x509->pathLength = 0;
|
||||
x509->basicConstSet = 0;
|
||||
x509->basicConstCrit = 0;
|
||||
x509->basicConstPlSet = 0;
|
||||
x509->subjAltNameSet = 0;
|
||||
x509->subjAltNameCrit = 0;
|
||||
x509->authKeyIdSet = 0;
|
||||
x509->authKeyIdCrit = 0;
|
||||
x509->authKeyId = NULL;
|
||||
x509->authKeyIdSz = 0;
|
||||
x509->subjKeyIdSet = 0;
|
||||
x509->subjKeyIdCrit = 0;
|
||||
x509->subjKeyId = NULL;
|
||||
x509->subjKeyIdSz = 0;
|
||||
x509->keyUsageSet = 0;
|
||||
x509->keyUsageCrit = 0;
|
||||
x509->keyUsage = 0;
|
||||
#ifdef WOLFSSL_SEP
|
||||
x509->certPolicySet = 0;
|
||||
x509->certPolicyCrit = 0;
|
||||
#endif /* WOLFSSL_SEP */
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
}
|
||||
|
||||
|
||||
@@ -2849,7 +2816,7 @@ void FreeX509(WOLFSSL_X509* x509)
|
||||
XFREE(x509->pubKey.buffer, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
FreeDer(&x509->derCert);
|
||||
XFREE(x509->sig.buffer, x509->heap, DYNAMIC_TYPE_SIGNATURE);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
XFREE(x509->authKeyId, x509->heap, DYNAMIC_TYPE_X509_EXT);
|
||||
XFREE(x509->subjKeyId, x509->heap, DYNAMIC_TYPE_X509_EXT);
|
||||
if (x509->authInfo != NULL) {
|
||||
@@ -2858,7 +2825,7 @@ void FreeX509(WOLFSSL_X509* x509)
|
||||
if (x509->extKeyUsageSrc != NULL) {
|
||||
XFREE(x509->extKeyUsageSrc, x509->heap, DYNAMIC_TYPE_X509_EXT);
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
if (x509->altNames)
|
||||
FreeAltNames(x509->altNames, x509->heap);
|
||||
}
|
||||
@@ -7509,7 +7476,8 @@ static void AddSessionCertToChain(WOLFSSL_X509_CHAIN* chain,
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
|
||||
#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \
|
||||
defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
/* Copy parts X509 needs from Decoded cert, 0 on success */
|
||||
int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
{
|
||||
@@ -7524,7 +7492,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
XSTRNCPY(x509->issuer.name, dCert->issuer, ASN_NAME_MAX);
|
||||
x509->issuer.name[ASN_NAME_MAX - 1] = '\0';
|
||||
x509->issuer.sz = (int)XSTRLEN(x509->issuer.name) + 1;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
if (dCert->issuerName.fullName != NULL) {
|
||||
XMEMCPY(&x509->issuer.fullName,
|
||||
&dCert->issuerName, sizeof(DecodedName));
|
||||
@@ -7536,12 +7504,12 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
dCert->issuerName.fullName, dCert->issuerName.fullNameLen);
|
||||
}
|
||||
x509->issuer.x509 = x509;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
XSTRNCPY(x509->subject.name, dCert->subject, ASN_NAME_MAX);
|
||||
x509->subject.name[ASN_NAME_MAX - 1] = '\0';
|
||||
x509->subject.sz = (int)XSTRLEN(x509->subject.name) + 1;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
if (dCert->subjectName.fullName != NULL) {
|
||||
XMEMCPY(&x509->subject.fullName,
|
||||
&dCert->subjectName, sizeof(DecodedName));
|
||||
@@ -7552,7 +7520,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
dCert->subjectName.fullName, dCert->subjectName.fullNameLen);
|
||||
}
|
||||
x509->subject.x509 = x509;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
#ifdef WOLFSSL_NGINX
|
||||
XMEMCPY(x509->subject.raw, dCert->subjectRaw, dCert->subjectRawLen);
|
||||
x509->subject.rawLen = dCert->subjectRawLen;
|
||||
@@ -7647,7 +7615,8 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
dCert->weOwnAltNames = 0;
|
||||
x509->altNamesNext = x509->altNames; /* index hint */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && !defined(IGNORE_NAME_CONSTRAINTS)
|
||||
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
|
||||
!defined(IGNORE_NAME_CONSTRAINTS)
|
||||
/* add copies of alternate emails from dCert to X509 */
|
||||
if (dCert->altEmailNames != NULL) {
|
||||
DNS_entry* cur = dCert->altEmailNames;
|
||||
@@ -7682,10 +7651,10 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
cur = cur->next;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
x509->isCa = dCert->isCA;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
x509->pathLength = dCert->pathLength;
|
||||
x509->keyUsage = dCert->extKeyUsage;
|
||||
|
||||
@@ -7766,7 +7735,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
x509->certPoliciesNb = dCert->extCertPoliciesNb;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_EXT */
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
#ifdef HAVE_ECC
|
||||
x509->pkCurveOID = dCert->pkCurveOID;
|
||||
#endif /* HAVE_ECC */
|
||||
@@ -7800,7 +7769,7 @@ typedef struct ProcPeerCertArgs {
|
||||
#ifdef WOLFSSL_TRUST_PEER_CERT
|
||||
byte haveTrustPeer; /* was cert verified by loaded trusted peer cert */
|
||||
#endif
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
char untrustedDepth;
|
||||
#endif
|
||||
} ProcPeerCertArgs;
|
||||
|
||||
+4
-14
@@ -102,6 +102,7 @@ static INLINE int wolfSSL_LastError(void)
|
||||
#endif /* USE_WOLFSSL_IO || HAVE_HTTP_CLIENT */
|
||||
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
/* Use the WOLFSSL read BIO for receiving data. This is set by the fucntion wolfSSL_set_bio and can also be set by wolfSSL_SetIORecv.
|
||||
*
|
||||
* ssl WOLFSSL struct passed in that has this function set as the receive callback.
|
||||
@@ -116,7 +117,7 @@ int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
||||
int recvd = WOLFSSL_CBIO_ERR_GENERAL;
|
||||
|
||||
WOLFSSL_ENTER("BioReceive");
|
||||
#ifdef OPENSSL_EXTRA
|
||||
|
||||
if (ssl->biord == NULL) {
|
||||
WOLFSSL_MSG("WOLFSSL biord not set");
|
||||
return WOLFSSL_CBIO_ERR_GENERAL;
|
||||
@@ -137,12 +138,7 @@ int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
||||
WOLFSSL_MSG("This BIO type is unknown / unsupported");
|
||||
return WOLFSSL_CBIO_ERR_GENERAL;
|
||||
}
|
||||
#else
|
||||
(void)ssl;
|
||||
(void)buf;
|
||||
(void)sz;
|
||||
WOLFSSL_MSG("OPENSSL_EXTRA not compiled in");
|
||||
#endif
|
||||
|
||||
(void)ctx;
|
||||
return recvd;
|
||||
}
|
||||
@@ -161,7 +157,6 @@ int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx)
|
||||
{
|
||||
int sent = WOLFSSL_CBIO_ERR_GENERAL;
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
if (ssl->biowr == NULL) {
|
||||
WOLFSSL_MSG("WOLFSSL biowr not set\n");
|
||||
return WOLFSSL_CBIO_ERR_GENERAL;
|
||||
@@ -179,16 +174,11 @@ int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx)
|
||||
WOLFSSL_MSG("This BIO type is unknown / unsupported");
|
||||
return WOLFSSL_CBIO_ERR_GENERAL;
|
||||
}
|
||||
#else
|
||||
(void)ssl;
|
||||
(void)buf;
|
||||
(void)sz;
|
||||
WOLFSSL_MSG("OPENSSL_EXTRA not compiled in");
|
||||
#endif
|
||||
(void)ctx;
|
||||
|
||||
return sent;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef USE_WOLFSSL_IO
|
||||
|
||||
+204
-54
@@ -247,9 +247,15 @@
|
||||
#include <wolfssl/wolfcrypt/ed25519.h>
|
||||
#endif
|
||||
|
||||
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
|
||||
#include <wolfssl/openssl/ssl.h>
|
||||
#ifndef NO_ASN
|
||||
/* for ASN_COMMON_NAME DN_tags enum */
|
||||
#include <wolfssl/wolfcrypt/asn.h>
|
||||
#endif
|
||||
#endif
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#include <wolfssl/openssl/asn1.h>
|
||||
#include <wolfssl/openssl/ssl.h>
|
||||
#include <wolfssl/openssl/crypto.h>
|
||||
#include <wolfssl/openssl/pkcs12.h>
|
||||
#include <wolfssl/openssl/evp.h>
|
||||
@@ -265,10 +271,6 @@
|
||||
#ifndef NO_DES3
|
||||
#include <wolfssl/openssl/des.h>
|
||||
#endif
|
||||
#ifndef NO_ASN
|
||||
/* for ASN_COMMON_NAME DN_tags enum */
|
||||
#include <wolfssl/wolfcrypt/asn.h>
|
||||
#endif
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
|
||||
@@ -955,15 +957,79 @@ static void test_wolfSSL_EC(void)
|
||||
static void test_wolfSSL_EVP_get_cipherbynid(void)
|
||||
{
|
||||
#ifndef NO_AES
|
||||
AssertNotNull(strcmp("EVP_AES_128_CBC", wolfSSL_EVP_get_cipherbynid(419)));
|
||||
AssertNotNull(strcmp("EVP_AES_192_CBC", wolfSSL_EVP_get_cipherbynid(423)));
|
||||
AssertNotNull(strcmp("EVP_AES_256_CBC", wolfSSL_EVP_get_cipherbynid(427)));
|
||||
AssertNotNull(strcmp("EVP_AES_128_CTR", wolfSSL_EVP_get_cipherbynid(904)));
|
||||
AssertNotNull(strcmp("EVP_AES_192_CTR", wolfSSL_EVP_get_cipherbynid(905)));
|
||||
AssertNotNull(strcmp("EVP_AES_256_CTR", wolfSSL_EVP_get_cipherbynid(906)));
|
||||
AssertNotNull(strcmp("EVP_AES_128_ECB", wolfSSL_EVP_get_cipherbynid(418)));
|
||||
AssertNotNull(strcmp("EVP_AES_192_ECB", wolfSSL_EVP_get_cipherbynid(422)));
|
||||
AssertNotNull(strcmp("EVP_AES_256_ECB", wolfSSL_EVP_get_cipherbynid(426)));
|
||||
const WOLFSSL_EVP_CIPHER* c;
|
||||
|
||||
c = wolfSSL_EVP_get_cipherbynid(419);
|
||||
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
|
||||
AssertNotNull(c);
|
||||
AssertNotNull(strcmp("EVP_AES_128_CBC", c));
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
|
||||
c = wolfSSL_EVP_get_cipherbynid(423);
|
||||
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_192)
|
||||
AssertNotNull(c);
|
||||
AssertNotNull(strcmp("EVP_AES_192_CBC", c));
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
|
||||
c = wolfSSL_EVP_get_cipherbynid(427);
|
||||
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
|
||||
AssertNotNull(c);
|
||||
AssertNotNull(strcmp("EVP_AES_256_CBC", c));
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
|
||||
c = wolfSSL_EVP_get_cipherbynid(904);
|
||||
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
|
||||
AssertNotNull(c);
|
||||
AssertNotNull(strcmp("EVP_AES_128_CTR", c));
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
|
||||
c = wolfSSL_EVP_get_cipherbynid(905);
|
||||
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_192)
|
||||
AssertNotNull(c);
|
||||
AssertNotNull(strcmp("EVP_AES_192_CTR", c));
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
|
||||
c = wolfSSL_EVP_get_cipherbynid(906);
|
||||
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
|
||||
AssertNotNull(c);
|
||||
AssertNotNull(strcmp("EVP_AES_256_CTR", c));
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
|
||||
c = wolfSSL_EVP_get_cipherbynid(418);
|
||||
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_128)
|
||||
AssertNotNull(c);
|
||||
AssertNotNull(strcmp("EVP_AES_128_ECB", c));
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
|
||||
c = wolfSSL_EVP_get_cipherbynid(422);
|
||||
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_192)
|
||||
AssertNotNull(c);
|
||||
AssertNotNull(strcmp("EVP_AES_192_ECB", c));
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
|
||||
c = wolfSSL_EVP_get_cipherbynid(426);
|
||||
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256)
|
||||
AssertNotNull(c);
|
||||
AssertNotNull(strcmp("EVP_AES_256_ECB", c));
|
||||
#else
|
||||
AssertNull(c);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifndef NO_DES3
|
||||
@@ -6811,13 +6877,18 @@ static int test_wc_InitCmac (void)
|
||||
|
||||
printf(testingFmt, "wc_InitCmac()");
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = wc_InitCmac(&cmac1, key1, key1Sz, type, NULL);
|
||||
if (ret == 0) {
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
if (ret == 0)
|
||||
ret = wc_InitCmac(&cmac2, key2, key2Sz, type, NULL);
|
||||
}
|
||||
if (ret == 0) {
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
if (ret == 0)
|
||||
ret = wc_InitCmac(&cmac3, key3, key3Sz, type, NULL);
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Test bad args. */
|
||||
if (ret == 0) {
|
||||
ret = wc_InitCmac(NULL, key3, key3Sz, type, NULL);
|
||||
@@ -6837,6 +6908,13 @@ static int test_wc_InitCmac (void)
|
||||
}
|
||||
}
|
||||
|
||||
(void)key1;
|
||||
(void)key1Sz;
|
||||
(void)key2;
|
||||
(void)key2Sz;
|
||||
(void)cmac1;
|
||||
(void)cmac2;
|
||||
|
||||
printf(resultFmt, ret == 0 ? passed : failed);
|
||||
|
||||
#endif
|
||||
@@ -6852,7 +6930,7 @@ static int test_wc_CmacUpdate (void)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
#if defined(WOLFSSL_CMAC) && !defined(NO_AES)
|
||||
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
|
||||
Cmac cmac;
|
||||
byte key[] =
|
||||
{
|
||||
@@ -6906,7 +6984,7 @@ static int test_wc_CmacFinal (void)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
#if defined(WOLFSSL_CMAC) && !defined(NO_AES)
|
||||
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
|
||||
Cmac cmac;
|
||||
byte key[] =
|
||||
{
|
||||
@@ -6982,7 +7060,7 @@ static int test_wc_CmacFinal (void)
|
||||
static int test_wc_AesCmacGenerate (void)
|
||||
{
|
||||
int ret = 0;
|
||||
#if defined(WOLFSSL_CMAC) && !defined(NO_AES)
|
||||
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
|
||||
Cmac cmac;
|
||||
byte key[] =
|
||||
{
|
||||
@@ -7660,7 +7738,7 @@ static int test_wc_ChaCha20Poly1305_aead (void)
|
||||
static int test_wc_AesSetIV (void)
|
||||
{
|
||||
int ret = 0;
|
||||
#ifndef NO_AES
|
||||
#if !defined(NO_AES) && defined(WOLFSSL_AES_128)
|
||||
Aes aes;
|
||||
byte key16[] =
|
||||
{
|
||||
@@ -7714,12 +7792,15 @@ static int test_wc_AesSetKey (void)
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
|
||||
};
|
||||
#ifdef WOLFSSL_AES_192
|
||||
byte key24[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
byte key32[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
@@ -7727,6 +7808,7 @@ static int test_wc_AesSetKey (void)
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
|
||||
};
|
||||
#endif
|
||||
byte badKey16[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
@@ -7740,16 +7822,23 @@ static int test_wc_AesSetKey (void)
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte),
|
||||
iv, AES_ENCRYPTION);
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
if (ret == 0) {
|
||||
ret = wc_AesSetKey (&aes, key24, (word32) sizeof(key24) / sizeof(byte),
|
||||
iv, AES_ENCRYPTION);
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
if (ret == 0) {
|
||||
ret = wc_AesSetKey (&aes, key32, (word32) sizeof(key32) / sizeof(byte),
|
||||
iv, AES_ENCRYPTION);
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Pass in bad args. */
|
||||
if (ret == 0) {
|
||||
ret = wc_AesSetKey (NULL, key16, (word32) sizeof(key16) / sizeof(byte),
|
||||
@@ -7783,7 +7872,8 @@ static int test_wc_AesSetKey (void)
|
||||
static int test_wc_AesCbcEncryptDecrypt (void)
|
||||
{
|
||||
int ret = 0;
|
||||
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)
|
||||
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)&& \
|
||||
defined(WOLFSSL_AES_256)
|
||||
Aes aes;
|
||||
byte key32[] =
|
||||
{
|
||||
@@ -7929,7 +8019,7 @@ static int test_wc_AesCbcEncryptDecrypt (void)
|
||||
static int test_wc_AesCtrEncryptDecrypt (void)
|
||||
{
|
||||
int ret = 0;
|
||||
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
|
||||
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
|
||||
Aes aesEnc, aesDec;
|
||||
byte key32[] =
|
||||
{
|
||||
@@ -8016,17 +8106,22 @@ static int test_wc_AesGcmSetKey (void)
|
||||
#if !defined(NO_AES) && defined(HAVE_AESGCM)
|
||||
|
||||
Aes aes;
|
||||
#ifdef WOLFSSL_AES_128
|
||||
byte key16[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
byte key24[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
byte key32[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
@@ -8034,6 +8129,7 @@ static int test_wc_AesGcmSetKey (void)
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
|
||||
};
|
||||
#endif
|
||||
byte badKey16[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
@@ -8059,13 +8155,19 @@ static int test_wc_AesGcmSetKey (void)
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte));
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
if (ret == 0) {
|
||||
ret = wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte));
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
if (ret == 0) {
|
||||
ret = wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte));
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Pass in bad args. */
|
||||
if (ret == 0) {
|
||||
@@ -8097,7 +8199,7 @@ static int test_wc_AesGcmSetKey (void)
|
||||
static int test_wc_AesGcmEncryptDecrypt (void)
|
||||
{
|
||||
int ret = 0;
|
||||
#if !defined(NO_AES) && defined(HAVE_AESGCM)
|
||||
#if !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256)
|
||||
|
||||
Aes aes;
|
||||
byte key32[] =
|
||||
@@ -8248,12 +8350,15 @@ static int test_wc_GmacSetKey (void)
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
|
||||
};
|
||||
#ifdef WOLFSSL_AES_192
|
||||
byte key24[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
byte key32[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
@@ -8261,6 +8366,7 @@ static int test_wc_GmacSetKey (void)
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
|
||||
};
|
||||
#endif
|
||||
byte badKey16[] =
|
||||
{
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
@@ -8286,13 +8392,19 @@ static int test_wc_GmacSetKey (void)
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte));
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
if (ret == 0) {
|
||||
ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
if (ret == 0) {
|
||||
ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Pass in bad args. */
|
||||
if (ret == 0) {
|
||||
@@ -8333,17 +8445,22 @@ static int test_wc_GmacUpdate (void)
|
||||
int ret = 0;
|
||||
#if !defined(NO_AES) && defined(HAVE_AESGCM)
|
||||
Gmac gmac;
|
||||
#ifdef WOLFSSL_AES_128
|
||||
const byte key16[] =
|
||||
{
|
||||
0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
|
||||
0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
byte key24[] =
|
||||
{
|
||||
0x41, 0xc5, 0xda, 0x86, 0x67, 0xef, 0x72, 0x52,
|
||||
0x20, 0xff, 0xe3, 0x9a, 0xe0, 0xac, 0x59, 0x0a,
|
||||
0xc9, 0xfc, 0xa7, 0x29, 0xab, 0x60, 0xad, 0xa0
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
byte key32[] =
|
||||
{
|
||||
0x78, 0xdc, 0x4e, 0x0a, 0xaf, 0x52, 0xd9, 0x35,
|
||||
@@ -8351,46 +8468,59 @@ static int test_wc_GmacUpdate (void)
|
||||
0xca, 0x1f, 0xd4, 0x75, 0xf5, 0xda, 0x86, 0xa4,
|
||||
0x9c, 0x8d, 0xd7, 0x3d, 0x68, 0xc8, 0xe2, 0x23
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_128
|
||||
const byte authIn[] =
|
||||
{
|
||||
0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
|
||||
0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
const byte authIn2[] =
|
||||
{
|
||||
0x8b, 0x5c, 0x12, 0x4b, 0xef, 0x6e, 0x2f, 0x0f,
|
||||
0xe4, 0xd8, 0xc9, 0x5c, 0xd5, 0xfa, 0x4c, 0xf1
|
||||
};
|
||||
#endif
|
||||
const byte authIn3[] =
|
||||
{
|
||||
0xb9, 0x6b, 0xaa, 0x8c, 0x1c, 0x75, 0xa6, 0x71,
|
||||
0xbf, 0xb2, 0xd0, 0x8d, 0x06, 0xbe, 0x5f, 0x36
|
||||
};
|
||||
#ifdef WOLFSSL_AES_128
|
||||
const byte tag1[] = /* Known. */
|
||||
{
|
||||
0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
|
||||
0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
const byte tag2[] = /* Known */
|
||||
{
|
||||
0x20, 0x4b, 0xdb, 0x1b, 0xd6, 0x21, 0x54, 0xbf,
|
||||
0x08, 0x92, 0x2a, 0xaa, 0x54, 0xee, 0xd7, 0x05
|
||||
};
|
||||
#endif
|
||||
const byte tag3[] = /* Known */
|
||||
{
|
||||
0x3e, 0x5d, 0x48, 0x6a, 0xa2, 0xe3, 0x0b, 0x22,
|
||||
0xe0, 0x40, 0xb8, 0x57, 0x23, 0xa0, 0x6e, 0x76
|
||||
};
|
||||
#ifdef WOLFSSL_AES_128
|
||||
const byte iv[] =
|
||||
{
|
||||
0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
|
||||
0xe2, 0x8c, 0x8f, 0x16
|
||||
};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
const byte iv2[] =
|
||||
{
|
||||
0x05, 0xad, 0x13, 0xa5, 0xe2, 0xc2, 0xab, 0x66,
|
||||
0x7e, 0x1a, 0x6f, 0xbc
|
||||
};
|
||||
#endif
|
||||
const byte iv3[] =
|
||||
{
|
||||
0xd7, 0x9c, 0xf2, 0x2d, 0x50, 0x4c, 0xc7, 0x93,
|
||||
@@ -8411,6 +8541,7 @@ static int test_wc_GmacUpdate (void)
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = wc_GmacSetKey(&gmac, key16, sizeof(key16));
|
||||
if (ret == 0) {
|
||||
ret = wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn),
|
||||
@@ -8418,29 +8549,36 @@ static int test_wc_GmacUpdate (void)
|
||||
if (ret == 0) {
|
||||
ret = XMEMCMP(tag1, tagOut, sizeof(tag1));
|
||||
}
|
||||
if (ret == 0) {
|
||||
XMEMSET(&gmac, 0, sizeof(Gmac));
|
||||
ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2,
|
||||
sizeof(authIn2), tagOut2, sizeof(tag2));
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = XMEMCMP(tagOut2, tag2, sizeof(tag2));
|
||||
}
|
||||
if (ret == 0) {
|
||||
XMEMSET(&gmac, 0, sizeof(Gmac));
|
||||
ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
|
||||
sizeof(authIn3), tagOut3, sizeof(tag3));
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = XMEMCMP(tag3, tagOut3, sizeof(tag3));
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AES_192
|
||||
if (ret == 0) {
|
||||
XMEMSET(&gmac, 0, sizeof(Gmac));
|
||||
ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2,
|
||||
sizeof(authIn2), tagOut2, sizeof(tag2));
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = XMEMCMP(tagOut2, tag2, sizeof(tag2));
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AES_256
|
||||
if (ret == 0) {
|
||||
XMEMSET(&gmac, 0, sizeof(Gmac));
|
||||
ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
|
||||
sizeof(authIn3), tagOut3, sizeof(tag3));
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = XMEMCMP(tag3, tagOut3, sizeof(tag3));
|
||||
}
|
||||
#endif
|
||||
|
||||
/*Pass bad args. */
|
||||
if (ret == 0) {
|
||||
@@ -10139,13 +10277,19 @@ static int test_wc_AesCcmSetKey (void)
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16));
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
if (ret == 0) {
|
||||
ret = wc_AesCcmSetKey(&aes, key24, sizeof(key24));
|
||||
if (ret == 0) {
|
||||
ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32));
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
if (ret == 0) {
|
||||
ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32));
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Test bad args. */
|
||||
if (ret == 0) {
|
||||
@@ -10178,7 +10322,7 @@ static int test_wc_AesCcmSetKey (void)
|
||||
static int test_wc_AesCcmEncryptDecrypt (void)
|
||||
{
|
||||
int ret = 0;
|
||||
#ifdef HAVE_AESCCM
|
||||
#if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
|
||||
Aes aes;
|
||||
const byte key16[] =
|
||||
{
|
||||
@@ -12881,7 +13025,7 @@ static int test_wc_ecc_encryptDecrypt (void)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT)
|
||||
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && defined(WOLFSSL_AES_128)
|
||||
ecc_key srvKey, cliKey;
|
||||
WC_RNG rng;
|
||||
const char* msg = "EccBlock Size 16";
|
||||
@@ -14659,8 +14803,8 @@ static void test_wolfSSL_CTX_add_client_CA(void)
|
||||
|
||||
static void test_wolfSSL_X509_NID(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)\
|
||||
&& defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN)
|
||||
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
|
||||
!defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN)
|
||||
int sigType;
|
||||
int nameSz;
|
||||
|
||||
@@ -17005,8 +17149,14 @@ static int my_DhCallback(WOLFSSL* ssl, struct DhKey* key,
|
||||
|
||||
static void test_dh_ctx_setup(WOLFSSL_CTX* ctx) {
|
||||
wolfSSL_CTX_SetDhAgreeCb(ctx, my_DhCallback);
|
||||
#ifdef WOLFSSL_AES_128
|
||||
AssertIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES128-SHA256"),
|
||||
WOLFSSL_SUCCESS);
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
AssertIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES256-SHA256"),
|
||||
WOLFSSL_SUCCESS);
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -1694,6 +1694,7 @@ exit_aes_dec:
|
||||
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
|
||||
(void)decLabel;
|
||||
exit:
|
||||
|
||||
for (i = 0; i < BENCH_MAX_PENDING; i++) {
|
||||
@@ -1703,12 +1704,18 @@ exit:
|
||||
|
||||
void bench_aescbc(int doAsync)
|
||||
{
|
||||
#ifdef WOLFSSL_AES_128
|
||||
bench_aescbc_internal(doAsync, bench_key, 16, bench_iv,
|
||||
"AES-128-CBC-enc", "AES-128-CBC-dec");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
bench_aescbc_internal(doAsync, bench_key, 24, bench_iv,
|
||||
"AES-192-CBC-enc", "AES-192-CBC-dec");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
bench_aescbc_internal(doAsync, bench_key, 32, bench_iv,
|
||||
"AES-256-CBC-enc", "AES-256-CBC-dec");
|
||||
#endif
|
||||
}
|
||||
|
||||
#endif /* HAVE_AES_CBC */
|
||||
@@ -1775,6 +1782,7 @@ static void bench_aesgcm_internal(int doAsync, const byte* key, word32 keySz,
|
||||
exit_aes_gcm:
|
||||
bench_stats_sym_finish(encLabel, doAsync, count, bench_size, start, ret);
|
||||
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
/* GCM uses same routine in backend for both encrypt and decrypt */
|
||||
bench_stats_start(&count, &start);
|
||||
do {
|
||||
@@ -1798,6 +1806,9 @@ exit_aes_gcm:
|
||||
} while (bench_stats_sym_check(start));
|
||||
exit_aes_gcm_dec:
|
||||
bench_stats_sym_finish(decLabel, doAsync, count, bench_size, start, ret);
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
|
||||
(void)decLabel;
|
||||
|
||||
exit:
|
||||
|
||||
@@ -1815,12 +1826,18 @@ exit:
|
||||
|
||||
void bench_aesgcm(int doAsync)
|
||||
{
|
||||
#ifdef WOLFSSL_AES_128
|
||||
bench_aesgcm_internal(doAsync, bench_key, 16, bench_iv, 12,
|
||||
"AES-128-GCM-enc", "AES-128-GCM-dec");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
bench_aesgcm_internal(doAsync, bench_key, 24, bench_iv, 12,
|
||||
"AES-192-GCM-enc", "AES-192-GCM-dec");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
bench_aesgcm_internal(doAsync, bench_key, 32, bench_iv, 12,
|
||||
"AES-256-GCM-enc", "AES-256-GCM-dec");
|
||||
#endif
|
||||
}
|
||||
#endif /* HAVE_AESGCM */
|
||||
|
||||
@@ -1917,12 +1934,18 @@ exit:
|
||||
|
||||
void bench_aesecb(int doAsync)
|
||||
{
|
||||
#ifdef WOLFSSL_AES_128
|
||||
bench_aesecb_internal(doAsync, bench_key, 16,
|
||||
"AES-128-ECB-enc", "AES-128-ECB-dec");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
bench_aesecb_internal(doAsync, bench_key, 24,
|
||||
"AES-192-ECB-enc", "AES-192-ECB-dec");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
bench_aesecb_internal(doAsync, bench_key, 32,
|
||||
"AES-256-ECB-enc", "AES-256-ECB-dec");
|
||||
#endif
|
||||
}
|
||||
#endif /* WOLFSSL_AES_DIRECT */
|
||||
|
||||
@@ -1956,9 +1979,15 @@ static void bench_aescfb_internal(const byte* key, word32 keySz, const byte* iv,
|
||||
|
||||
void bench_aescfb(void)
|
||||
{
|
||||
#ifdef WOLFSSL_AES_128
|
||||
bench_aescfb_internal(bench_key, 16, bench_iv, "AES-128-CFB");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
bench_aescfb_internal(bench_key, 24, bench_iv, "AES-192-CFB");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
bench_aescfb_internal(bench_key, 32, bench_iv, "AES-256-CFB");
|
||||
#endif
|
||||
}
|
||||
#endif /* WOLFSSL_AES_CFB */
|
||||
|
||||
@@ -2053,9 +2082,15 @@ static void bench_aesctr_internal(const byte* key, word32 keySz, const byte* iv,
|
||||
|
||||
void bench_aesctr(void)
|
||||
{
|
||||
#ifdef WOLFSSL_AES_128
|
||||
bench_aesctr_internal(bench_key, 16, bench_iv, "AES-128-CTR");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
bench_aesctr_internal(bench_key, 24, bench_iv, "AES-192-CTR");
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
bench_aesctr_internal(bench_key, 32, bench_iv, "AES-256-CTR");
|
||||
#endif
|
||||
}
|
||||
#endif /* WOLFSSL_AES_COUNTER */
|
||||
|
||||
|
||||
+6
-3
@@ -2031,7 +2031,8 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
#ifdef NEED_AES_TABLES
|
||||
|
||||
switch (keylen) {
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
|
||||
defined(WOLFSSL_AES_128)
|
||||
case 16:
|
||||
while (1)
|
||||
{
|
||||
@@ -2052,7 +2053,8 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
break;
|
||||
#endif /* 128 */
|
||||
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \
|
||||
defined(WOLFSSL_AES_192)
|
||||
case 24:
|
||||
/* for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack */
|
||||
while (1)
|
||||
@@ -2076,7 +2078,8 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
break;
|
||||
#endif /* 192 */
|
||||
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \
|
||||
defined(WOLFSSL_AES_256)
|
||||
case 32:
|
||||
while (1)
|
||||
{
|
||||
|
||||
+319
-98
@@ -395,24 +395,48 @@ static int GetInteger7Bit(const byte* input, word32* inOutIdx, word32 maxIdx)
|
||||
}
|
||||
|
||||
|
||||
#ifndef NO_DSA
|
||||
#if !defined(NO_DSA) && !defined(NO_SHA)
|
||||
static char sigSha1wDsaName[] = "SHAwDSA";
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
static char sigMd2wRsaName[] = "MD2wRSA";
|
||||
static char sigMd5wRsaName[] = "MD5wRSA";
|
||||
static char sigSha1wRsaName[] = "SHAwRSA";
|
||||
static char sigSha224wRsaName[] = "SHA224wRSA";
|
||||
static char sigSha256wRsaName[] = "SHA256wRSA";
|
||||
static char sigSha384wRsaName[] = "SHA384wRSA";
|
||||
static char sigSha512wRsaName[] = "SHA512wRSA";
|
||||
#ifdef WOLFSSL_MD2
|
||||
static char sigMd2wRsaName[] = "MD2wRSA";
|
||||
#endif
|
||||
#ifndef NO_MD5
|
||||
static char sigMd5wRsaName[] = "MD5wRSA";
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
static char sigSha1wRsaName[] = "SHAwRSA";
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
static char sigSha224wRsaName[] = "SHA224wRSA";
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
static char sigSha256wRsaName[] = "SHA256wRSA";
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
static char sigSha384wRsaName[] = "SHA384wRSA";
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
static char sigSha512wRsaName[] = "SHA512wRSA";
|
||||
#endif
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
static char sigSha1wEcdsaName[] = "SHAwECDSA";
|
||||
static char sigSha224wEcdsaName[] = "SHA224wECDSA";
|
||||
static char sigSha256wEcdsaName[] = "SHA256wECDSA";
|
||||
static char sigSha384wEcdsaName[] = "SHA384wECDSA";
|
||||
static char sigSha512wEcdsaName[] = "SHA512wECDSA";
|
||||
#ifndef NO_SHA
|
||||
static char sigSha1wEcdsaName[] = "SHAwECDSA";
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
static char sigSha224wEcdsaName[] = "SHA224wECDSA";
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
static char sigSha256wEcdsaName[] = "SHA256wECDSA";
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
static char sigSha384wEcdsaName[] = "SHA384wECDSA";
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
static char sigSha512wEcdsaName[] = "SHA512wECDSA";
|
||||
#endif
|
||||
#endif /* HAVE_ECC */
|
||||
static char sigUnknownName[] = "Unknown";
|
||||
|
||||
@@ -423,38 +447,62 @@ static char sigUnknownName[] = "Unknown";
|
||||
*/
|
||||
char* GetSigName(int oid) {
|
||||
switch (oid) {
|
||||
#ifndef NO_DSA
|
||||
#if !defined(NO_DSA) && !defined(NO_SHA)
|
||||
case CTC_SHAwDSA:
|
||||
return sigSha1wDsaName;
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
#endif /* NO_DSA && NO_SHA */
|
||||
#ifndef NO_RSA
|
||||
#ifdef WOLFSSL_MD2
|
||||
case CTC_MD2wRSA:
|
||||
return sigMd2wRsaName;
|
||||
#endif
|
||||
#ifndef NO_MD5
|
||||
case CTC_MD5wRSA:
|
||||
return sigMd5wRsaName;
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
case CTC_SHAwRSA:
|
||||
return sigSha1wRsaName;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case CTC_SHA224wRSA:
|
||||
return sigSha224wRsaName;
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
case CTC_SHA256wRSA:
|
||||
return sigSha256wRsaName;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case CTC_SHA384wRSA:
|
||||
return sigSha384wRsaName;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
case CTC_SHA512wRSA:
|
||||
return sigSha512wRsaName;
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
#endif
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
#ifndef NO_SHA
|
||||
case CTC_SHAwECDSA:
|
||||
return sigSha1wEcdsaName;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case CTC_SHA224wECDSA:
|
||||
return sigSha224wEcdsaName;
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
case CTC_SHA256wECDSA:
|
||||
return sigSha256wEcdsaName;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case CTC_SHA384wECDSA:
|
||||
return sigSha384wEcdsaName;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
case CTC_SHA512wECDSA:
|
||||
return sigSha512wEcdsaName;
|
||||
#endif /* HAVE_ECC */
|
||||
#endif
|
||||
#endif /* HAVE_ECC */
|
||||
default:
|
||||
return sigUnknownName;
|
||||
}
|
||||
@@ -783,39 +831,87 @@ static word32 SetBitString16Bit(word16 val, byte* output)
|
||||
|
||||
|
||||
/* hashType */
|
||||
static const byte hashMd2hOid[] = {42, 134, 72, 134, 247, 13, 2, 2};
|
||||
static const byte hashMd5hOid[] = {42, 134, 72, 134, 247, 13, 2, 5};
|
||||
static const byte hashSha1hOid[] = {43, 14, 3, 2, 26};
|
||||
static const byte hashSha224hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 4};
|
||||
static const byte hashSha256hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 1};
|
||||
static const byte hashSha384hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 2};
|
||||
static const byte hashSha512hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 3};
|
||||
#ifdef WOLFSSL_MD2
|
||||
static const byte hashMd2hOid[] = {42, 134, 72, 134, 247, 13, 2, 2};
|
||||
#endif
|
||||
#ifndef NO_MD5
|
||||
static const byte hashMd5hOid[] = {42, 134, 72, 134, 247, 13, 2, 5};
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
static const byte hashSha1hOid[] = {43, 14, 3, 2, 26};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
static const byte hashSha224hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 4};
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
static const byte hashSha256hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 1};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
static const byte hashSha384hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 2};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
static const byte hashSha512hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 3};
|
||||
#endif
|
||||
|
||||
/* hmacType */
|
||||
static const byte hmacSha224Oid[] = {42, 134, 72, 134, 247, 13, 2, 8};
|
||||
static const byte hmacSha256Oid[] = {42, 134, 72, 134, 247, 13, 2, 9};
|
||||
static const byte hmacSha384Oid[] = {42, 134, 72, 134, 247, 13, 2, 10};
|
||||
static const byte hmacSha512Oid[] = {42, 134, 72, 134, 247, 13, 2, 11};
|
||||
#ifndef NO_HMAC
|
||||
#ifdef WOLFSSL_SHA224
|
||||
static const byte hmacSha224Oid[] = {42, 134, 72, 134, 247, 13, 2, 8};
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
static const byte hmacSha256Oid[] = {42, 134, 72, 134, 247, 13, 2, 9};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
static const byte hmacSha384Oid[] = {42, 134, 72, 134, 247, 13, 2, 10};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
static const byte hmacSha512Oid[] = {42, 134, 72, 134, 247, 13, 2, 11};
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* sigType */
|
||||
#ifndef NO_DSA
|
||||
#if !defined(NO_DSA) && !defined(NO_SHA)
|
||||
static const byte sigSha1wDsaOid[] = {42, 134, 72, 206, 56, 4, 3};
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
#ifdef WOLFSSL_MD2
|
||||
static const byte sigMd2wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 2};
|
||||
#endif
|
||||
#ifndef NO_MD5
|
||||
static const byte sigMd5wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 4};
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
static const byte sigSha1wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 5};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
static const byte sigSha224wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,14};
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
static const byte sigSha256wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,11};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
static const byte sigSha384wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,12};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
static const byte sigSha512wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,13};
|
||||
#endif
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
#ifndef NO_SHA
|
||||
static const byte sigSha1wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 1};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
static const byte sigSha224wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 1};
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
static const byte sigSha256wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 2};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
static const byte sigSha384wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 3};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
static const byte sigSha512wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 4};
|
||||
#endif
|
||||
#endif /* HAVE_ECC */
|
||||
#ifdef HAVE_ED25519
|
||||
static const byte sigEd25519Oid[] = {43, 101, 112};
|
||||
@@ -843,25 +939,52 @@ static const byte hmacSha512Oid[] = {42, 134, 72, 134, 247, 13, 2, 11};
|
||||
/* See "ecc_sets" table in ecc.c */
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#ifdef HAVE_AES_CBC
|
||||
/* blkType */
|
||||
static const byte blkAes128CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 2};
|
||||
static const byte blkAes192CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 22};
|
||||
static const byte blkAes256CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 42};
|
||||
static const byte blkDesCbcOid[] = {43, 14, 3, 2, 7};
|
||||
static const byte blkDes3CbcOid[] = {42, 134, 72, 134, 247, 13, 3, 7};
|
||||
#ifdef WOLFSSL_AES_128
|
||||
static const byte blkAes128CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 2};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
static const byte blkAes192CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 22};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
static const byte blkAes256CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 42};
|
||||
#endif
|
||||
#endif /* HAVE_AES_CBC */
|
||||
|
||||
#ifndef NO_DES3
|
||||
static const byte blkDesCbcOid[] = {43, 14, 3, 2, 7};
|
||||
static const byte blkDes3CbcOid[] = {42, 134, 72, 134, 247, 13, 3, 7};
|
||||
#endif
|
||||
|
||||
/* keyWrapType */
|
||||
static const byte wrapAes128Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 5};
|
||||
static const byte wrapAes192Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 25};
|
||||
static const byte wrapAes256Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 45};
|
||||
#ifdef WOLFSSL_AES_128
|
||||
static const byte wrapAes128Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 5};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
static const byte wrapAes192Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 25};
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
static const byte wrapAes256Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 45};
|
||||
#endif
|
||||
|
||||
/* cmsKeyAgreeType */
|
||||
static const byte dhSinglePass_stdDH_sha1kdf_Oid[] =
|
||||
#ifndef NO_SHA
|
||||
static const byte dhSinglePass_stdDH_sha1kdf_Oid[] =
|
||||
{43, 129, 5, 16, 134, 72, 63, 0, 2};
|
||||
static const byte dhSinglePass_stdDH_sha224kdf_Oid[] = {43, 129, 4, 1, 11, 0};
|
||||
static const byte dhSinglePass_stdDH_sha256kdf_Oid[] = {43, 129, 4, 1, 11, 1};
|
||||
static const byte dhSinglePass_stdDH_sha384kdf_Oid[] = {43, 129, 4, 1, 11, 2};
|
||||
static const byte dhSinglePass_stdDH_sha512kdf_Oid[] = {43, 129, 4, 1, 11, 3};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
static const byte dhSinglePass_stdDH_sha224kdf_Oid[] = {43, 129, 4, 1, 11, 0};
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
static const byte dhSinglePass_stdDH_sha256kdf_Oid[] = {43, 129, 4, 1, 11, 1};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
static const byte dhSinglePass_stdDH_sha384kdf_Oid[] = {43, 129, 4, 1, 11, 2};
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
static const byte dhSinglePass_stdDH_sha512kdf_Oid[] = {43, 129, 4, 1, 11, 3};
|
||||
#endif
|
||||
|
||||
/* ocspType */
|
||||
#ifdef HAVE_OCSP
|
||||
@@ -905,11 +1028,17 @@ static const byte extExtKeyUsageOcspSignOid[] = {43, 6, 1, 5, 5, 7, 3, 9};
|
||||
static const byte pbkdf2Oid[] = {42, 134, 72, 134, 247, 13, 1, 5, 12};
|
||||
|
||||
/* PKCS5 */
|
||||
#if !defined(NO_DES3) && !defined(NO_SHA)
|
||||
static const byte pbeSha1Des[] = {42, 134, 72, 134, 247, 13, 1, 5, 10};
|
||||
#endif
|
||||
|
||||
/* PKCS12 */
|
||||
#if !defined(NO_RC4) && !defined(NO_SHA)
|
||||
static const byte pbeSha1RC4128[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 1};
|
||||
#endif
|
||||
#if !defined(NO_DES3) && !defined(NO_SHA)
|
||||
static const byte pbeSha1Des3[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 3};
|
||||
#endif
|
||||
|
||||
|
||||
/* returns a pointer to the OID string on success and NULL on fail */
|
||||
@@ -923,96 +1052,134 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
|
||||
|
||||
case oidHashType:
|
||||
switch (id) {
|
||||
#ifdef WOLFSSL_MD2
|
||||
case MD2h:
|
||||
oid = hashMd2hOid;
|
||||
*oidSz = sizeof(hashMd2hOid);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_MD5
|
||||
case MD5h:
|
||||
oid = hashMd5hOid;
|
||||
*oidSz = sizeof(hashMd5hOid);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
case SHAh:
|
||||
oid = hashSha1hOid;
|
||||
*oidSz = sizeof(hashSha1hOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case SHA224h:
|
||||
oid = hashSha224hOid;
|
||||
*oidSz = sizeof(hashSha224hOid);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
case SHA256h:
|
||||
oid = hashSha256hOid;
|
||||
*oidSz = sizeof(hashSha256hOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case SHA384h:
|
||||
oid = hashSha384hOid;
|
||||
*oidSz = sizeof(hashSha384hOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
case SHA512h:
|
||||
oid = hashSha512hOid;
|
||||
*oidSz = sizeof(hashSha512hOid);
|
||||
break;
|
||||
#endif
|
||||
}
|
||||
break;
|
||||
|
||||
case oidSigType:
|
||||
switch (id) {
|
||||
#ifndef NO_DSA
|
||||
#if !defined(NO_DSA) && !defined(NO_SHA)
|
||||
case CTC_SHAwDSA:
|
||||
oid = sigSha1wDsaOid;
|
||||
*oidSz = sizeof(sigSha1wDsaOid);
|
||||
break;
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
#ifdef WOLFSSL_MD2
|
||||
case CTC_MD2wRSA:
|
||||
oid = sigMd2wRsaOid;
|
||||
*oidSz = sizeof(sigMd2wRsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_MD5
|
||||
case CTC_MD5wRSA:
|
||||
oid = sigMd5wRsaOid;
|
||||
*oidSz = sizeof(sigMd5wRsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
case CTC_SHAwRSA:
|
||||
oid = sigSha1wRsaOid;
|
||||
*oidSz = sizeof(sigSha1wRsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case CTC_SHA224wRSA:
|
||||
oid = sigSha224wRsaOid;
|
||||
*oidSz = sizeof(sigSha224wRsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
case CTC_SHA256wRSA:
|
||||
oid = sigSha256wRsaOid;
|
||||
*oidSz = sizeof(sigSha256wRsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case CTC_SHA384wRSA:
|
||||
oid = sigSha384wRsaOid;
|
||||
*oidSz = sizeof(sigSha384wRsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
case CTC_SHA512wRSA:
|
||||
oid = sigSha512wRsaOid;
|
||||
*oidSz = sizeof(sigSha512wRsaOid);
|
||||
break;
|
||||
#endif /* WOLFSSL_SHA512 */
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
#ifndef NO_SHA
|
||||
case CTC_SHAwECDSA:
|
||||
oid = sigSha1wEcdsaOid;
|
||||
*oidSz = sizeof(sigSha1wEcdsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case CTC_SHA224wECDSA:
|
||||
oid = sigSha224wEcdsaOid;
|
||||
*oidSz = sizeof(sigSha224wEcdsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
case CTC_SHA256wECDSA:
|
||||
oid = sigSha256wEcdsaOid;
|
||||
*oidSz = sizeof(sigSha256wEcdsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case CTC_SHA384wECDSA:
|
||||
oid = sigSha384wEcdsaOid;
|
||||
*oidSz = sizeof(sigSha384wEcdsaOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
case CTC_SHA512wECDSA:
|
||||
oid = sigSha512wEcdsaOid;
|
||||
*oidSz = sizeof(sigSha512wEcdsaOid);
|
||||
break;
|
||||
#endif
|
||||
#endif /* HAVE_ECC */
|
||||
#ifdef HAVE_ED25519
|
||||
case CTC_ED25519:
|
||||
@@ -1072,18 +1239,27 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
|
||||
|
||||
case oidBlkType:
|
||||
switch (id) {
|
||||
#ifdef HAVE_AES_CBC
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case AES128CBCb:
|
||||
oid = blkAes128CbcOid;
|
||||
*oidSz = sizeof(blkAes128CbcOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case AES192CBCb:
|
||||
oid = blkAes192CbcOid;
|
||||
*oidSz = sizeof(blkAes192CbcOid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case AES256CBCb:
|
||||
oid = blkAes256CbcOid;
|
||||
*oidSz = sizeof(blkAes256CbcOid);
|
||||
break;
|
||||
#endif
|
||||
#endif /* HAVE_AES_CBC */
|
||||
#ifndef NO_DES3
|
||||
case DESb:
|
||||
oid = blkDesCbcOid;
|
||||
*oidSz = sizeof(blkDesCbcOid);
|
||||
@@ -1092,6 +1268,7 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
|
||||
oid = blkDes3CbcOid;
|
||||
*oidSz = sizeof(blkDes3CbcOid);
|
||||
break;
|
||||
#endif /* !NO_DES3 */
|
||||
}
|
||||
break;
|
||||
|
||||
@@ -1234,85 +1411,116 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
|
||||
|
||||
case oidPBEType:
|
||||
switch (id) {
|
||||
#if !defined(NO_SHA) && !defined(NO_RC4)
|
||||
case PBE_SHA1_RC4_128:
|
||||
oid = pbeSha1RC4128;
|
||||
*oidSz = sizeof(pbeSha1RC4128);
|
||||
break;
|
||||
|
||||
#endif
|
||||
#if !defined(NO_SHA) && !defined(NO_DES3)
|
||||
case PBE_SHA1_DES:
|
||||
oid = pbeSha1Des;
|
||||
*oidSz = sizeof(pbeSha1Des);
|
||||
break;
|
||||
|
||||
#endif
|
||||
#if !defined(NO_SHA) && !defined(NO_DES3)
|
||||
case PBE_SHA1_DES3:
|
||||
oid = pbeSha1Des3;
|
||||
*oidSz = sizeof(pbeSha1Des3);
|
||||
break;
|
||||
#endif
|
||||
}
|
||||
break;
|
||||
|
||||
case oidKeyWrapType:
|
||||
switch (id) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case AES128_WRAP:
|
||||
oid = wrapAes128Oid;
|
||||
*oidSz = sizeof(wrapAes128Oid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case AES192_WRAP:
|
||||
oid = wrapAes192Oid;
|
||||
*oidSz = sizeof(wrapAes192Oid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case AES256_WRAP:
|
||||
oid = wrapAes256Oid;
|
||||
*oidSz = sizeof(wrapAes256Oid);
|
||||
break;
|
||||
#endif
|
||||
}
|
||||
break;
|
||||
|
||||
case oidCmsKeyAgreeType:
|
||||
switch (id) {
|
||||
#ifndef NO_SHA
|
||||
case dhSinglePass_stdDH_sha1kdf_scheme:
|
||||
oid = dhSinglePass_stdDH_sha1kdf_Oid;
|
||||
*oidSz = sizeof(dhSinglePass_stdDH_sha1kdf_Oid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case dhSinglePass_stdDH_sha224kdf_scheme:
|
||||
oid = dhSinglePass_stdDH_sha224kdf_Oid;
|
||||
*oidSz = sizeof(dhSinglePass_stdDH_sha224kdf_Oid);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
case dhSinglePass_stdDH_sha256kdf_scheme:
|
||||
oid = dhSinglePass_stdDH_sha256kdf_Oid;
|
||||
*oidSz = sizeof(dhSinglePass_stdDH_sha256kdf_Oid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case dhSinglePass_stdDH_sha384kdf_scheme:
|
||||
oid = dhSinglePass_stdDH_sha384kdf_Oid;
|
||||
*oidSz = sizeof(dhSinglePass_stdDH_sha384kdf_Oid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
case dhSinglePass_stdDH_sha512kdf_scheme:
|
||||
oid = dhSinglePass_stdDH_sha512kdf_Oid;
|
||||
*oidSz = sizeof(dhSinglePass_stdDH_sha512kdf_Oid);
|
||||
break;
|
||||
#endif
|
||||
}
|
||||
break;
|
||||
|
||||
#ifndef NO_HMAC
|
||||
case oidHmacType:
|
||||
switch (id) {
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case HMAC_SHA224_OID:
|
||||
oid = hmacSha224Oid;
|
||||
*oidSz = sizeof(hmacSha224Oid);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
case HMAC_SHA256_OID:
|
||||
oid = hmacSha256Oid;
|
||||
*oidSz = sizeof(hmacSha256Oid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case HMAC_SHA384_OID:
|
||||
oid = hmacSha384Oid;
|
||||
*oidSz = sizeof(hmacSha384Oid);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
case HMAC_SHA512_OID:
|
||||
oid = hmacSha512Oid;
|
||||
*oidSz = sizeof(hmacSha512Oid);
|
||||
break;
|
||||
#endif
|
||||
}
|
||||
break;
|
||||
#endif /* !NO_HMAC */
|
||||
|
||||
case oidIgnoreType:
|
||||
default:
|
||||
@@ -3426,7 +3634,7 @@ void FreeDecodedCert(DecodedCert* cert)
|
||||
XFREE(cert->hwType, cert->heap, DYNAMIC_TYPE_X509_EXT);
|
||||
XFREE(cert->hwSerialNum, cert->heap, DYNAMIC_TYPE_X509_EXT);
|
||||
#endif /* WOLFSSL_SEP */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
if (cert->issuerName.fullName != NULL)
|
||||
XFREE(cert->issuerName.fullName, cert->heap, DYNAMIC_TYPE_X509);
|
||||
if (cert->subjectName.fullName != NULL)
|
||||
@@ -3664,7 +3872,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
char* full;
|
||||
byte* hash;
|
||||
word32 idx;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
DecodedName* dName =
|
||||
(nameType == ISSUER) ? &cert->issuerName : &cert->subjectName;
|
||||
int dcnum = 0;
|
||||
@@ -3776,7 +3984,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
idx += 4;
|
||||
copy = TRUE;
|
||||
}
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->cnIdx = cert->srcIdx;
|
||||
dName->cnLen = strLen;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -3794,7 +4002,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
cert->subjectSNEnc = b;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->snIdx = cert->srcIdx;
|
||||
dName->snLen = strLen;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -3812,7 +4020,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
cert->subjectCEnc = b;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->cIdx = cert->srcIdx;
|
||||
dName->cLen = strLen;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -3830,7 +4038,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
cert->subjectLEnc = b;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->lIdx = cert->srcIdx;
|
||||
dName->lLen = strLen;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -3848,7 +4056,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
cert->subjectSTEnc = b;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->stIdx = cert->srcIdx;
|
||||
dName->stLen = strLen;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -3866,7 +4074,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
cert->subjectOEnc = b;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->oIdx = cert->srcIdx;
|
||||
dName->oLen = strLen;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -3884,7 +4092,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
cert->subjectOUEnc = b;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->ouIdx = cert->srcIdx;
|
||||
dName->ouLen = strLen;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -3895,7 +4103,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
idx += 14;
|
||||
copy = TRUE;
|
||||
}
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->snIdx = cert->srcIdx;
|
||||
dName->snLen = strLen;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -3949,7 +4157,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
cert->subjectEmailLen = adv;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->emailIdx = cert->srcIdx;
|
||||
dName->emailLen = adv;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -3995,7 +4203,8 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
case ASN_USER_ID:
|
||||
XMEMCPY(&full[idx], "/UID=", 5);
|
||||
idx += 5;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || \
|
||||
defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->uidIdx = cert->srcIdx;
|
||||
dName->uidLen = adv;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -4004,7 +4213,8 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
case ASN_DOMAIN_COMPONENT:
|
||||
XMEMCPY(&full[idx], "/DC=", 4);
|
||||
idx += 4;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || \
|
||||
defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
dName->dcIdx[dcnum] = cert->srcIdx;
|
||||
dName->dcLen[dcnum] = adv;
|
||||
dName->dcNum = dcnum + 1;
|
||||
@@ -4026,7 +4236,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
}
|
||||
full[idx++] = 0;
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
{
|
||||
int totalLen = 0;
|
||||
int i = 0;
|
||||
@@ -5760,7 +5970,7 @@ static int DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert)
|
||||
return ASN_PARSE_E;
|
||||
}
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extAuthKeyIdSrc = &input[idx];
|
||||
cert->extAuthKeyIdSz = length;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -5794,7 +6004,7 @@ static int DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert)
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extSubjKeyIdSrc = &input[idx];
|
||||
cert->extSubjKeyIdSz = length;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -5845,7 +6055,7 @@ static int DecodeExtKeyUsage(byte* input, int sz, DecodedCert* cert)
|
||||
return ASN_PARSE_E;
|
||||
}
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extExtKeyUsageSrc = input + idx;
|
||||
cert->extExtKeyUsageSz = length;
|
||||
#endif
|
||||
@@ -5878,7 +6088,7 @@ static int DecodeExtKeyUsage(byte* input, int sz, DecodedCert* cert)
|
||||
break;
|
||||
}
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extExtKeyUsageCount++;
|
||||
#endif
|
||||
}
|
||||
@@ -6262,7 +6472,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
switch (oid) {
|
||||
case BASIC_CA_OID:
|
||||
VERIFY_AND_SET_OID(cert->extBasicConstSet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extBasicConstCrit = critical;
|
||||
#endif
|
||||
if (DecodeBasicCaConstraint(&input[idx], length, cert) < 0)
|
||||
@@ -6271,7 +6481,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
|
||||
case CRL_DIST_OID:
|
||||
VERIFY_AND_SET_OID(cert->extCRLdistSet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extCRLdistCrit = critical;
|
||||
#endif
|
||||
if (DecodeCrlDist(&input[idx], length, cert) < 0)
|
||||
@@ -6280,7 +6490,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
|
||||
case AUTH_INFO_OID:
|
||||
VERIFY_AND_SET_OID(cert->extAuthInfoSet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extAuthInfoCrit = critical;
|
||||
#endif
|
||||
if (DecodeAuthInfo(&input[idx], length, cert) < 0)
|
||||
@@ -6289,7 +6499,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
|
||||
case ALT_NAMES_OID:
|
||||
VERIFY_AND_SET_OID(cert->extSubjAltNameSet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extSubjAltNameCrit = critical;
|
||||
#endif
|
||||
ret = DecodeAltNames(&input[idx], length, cert);
|
||||
@@ -6299,7 +6509,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
|
||||
case AUTH_KEY_OID:
|
||||
VERIFY_AND_SET_OID(cert->extAuthKeyIdSet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extAuthKeyIdCrit = critical;
|
||||
#endif
|
||||
if (DecodeAuthKeyId(&input[idx], length, cert) < 0)
|
||||
@@ -6308,7 +6518,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
|
||||
case SUBJ_KEY_OID:
|
||||
VERIFY_AND_SET_OID(cert->extSubjKeyIdSet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extSubjKeyIdCrit = critical;
|
||||
#endif
|
||||
#ifndef WOLFSSL_ALLOW_CRIT_SKID
|
||||
@@ -6330,7 +6540,8 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
case CERT_POLICY_OID:
|
||||
#ifdef WOLFSSL_SEP
|
||||
VERIFY_AND_SET_OID(cert->extCertPolicySet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || \
|
||||
defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extCertPolicyCrit = critical;
|
||||
#endif
|
||||
#endif
|
||||
@@ -6345,7 +6556,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
|
||||
case KEY_USAGE_OID:
|
||||
VERIFY_AND_SET_OID(cert->extKeyUsageSet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extKeyUsageCrit = critical;
|
||||
#endif
|
||||
if (DecodeKeyUsage(&input[idx], length, cert) < 0)
|
||||
@@ -6354,7 +6565,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
|
||||
case EXT_KEY_USAGE_OID:
|
||||
VERIFY_AND_SET_OID(cert->extExtKeyUsageSet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extExtKeyUsageCrit = critical;
|
||||
#endif
|
||||
if (DecodeExtKeyUsage(&input[idx], length, cert) < 0)
|
||||
@@ -6373,7 +6584,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
|
||||
}
|
||||
#endif
|
||||
VERIFY_AND_SET_OID(cert->extNameConstraintSet);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extNameConstraintCrit = critical;
|
||||
#endif
|
||||
if (DecodeNameConstraints(&input[idx], length, cert) < 0)
|
||||
@@ -6864,30 +7075,40 @@ WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx,
|
||||
|
||||
|
||||
|
||||
const char* BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
|
||||
const char* END_CERT = "-----END CERTIFICATE-----";
|
||||
const char* BEGIN_CERT_REQ = "-----BEGIN CERTIFICATE REQUEST-----";
|
||||
const char* END_CERT_REQ = "-----END CERTIFICATE REQUEST-----";
|
||||
const char* BEGIN_DH_PARAM = "-----BEGIN DH PARAMETERS-----";
|
||||
const char* END_DH_PARAM = "-----END DH PARAMETERS-----";
|
||||
const char* BEGIN_DSA_PARAM = "-----BEGIN DSA PARAMETERS-----";
|
||||
const char* END_DSA_PARAM = "-----END DSA PARAMETERS-----";
|
||||
const char* BEGIN_X509_CRL = "-----BEGIN X509 CRL-----";
|
||||
const char* END_X509_CRL = "-----END X509 CRL-----";
|
||||
const char* BEGIN_RSA_PRIV = "-----BEGIN RSA PRIVATE KEY-----";
|
||||
const char* END_RSA_PRIV = "-----END RSA PRIVATE KEY-----";
|
||||
const char* BEGIN_PRIV_KEY = "-----BEGIN PRIVATE KEY-----";
|
||||
const char* END_PRIV_KEY = "-----END PRIVATE KEY-----";
|
||||
const char* BEGIN_ENC_PRIV_KEY = "-----BEGIN ENCRYPTED PRIVATE KEY-----";
|
||||
const char* END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
|
||||
const char* BEGIN_EC_PRIV = "-----BEGIN EC PRIVATE KEY-----";
|
||||
const char* END_EC_PRIV = "-----END EC PRIVATE KEY-----";
|
||||
const char* BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
|
||||
const char* END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
|
||||
const char* BEGIN_PUB_KEY = "-----BEGIN PUBLIC KEY-----";
|
||||
const char* END_PUB_KEY = "-----END PUBLIC KEY-----";
|
||||
const char* BEGIN_EDDSA_PRIV = "-----BEGIN EDDSA PRIVATE KEY-----";
|
||||
const char* END_EDDSA_PRIV = "-----END EDDSA PRIVATE KEY-----";
|
||||
const char* const BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
|
||||
const char* const END_CERT = "-----END CERTIFICATE-----";
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
const char* const BEGIN_CERT_REQ = "-----BEGIN CERTIFICATE REQUEST-----";
|
||||
const char* const END_CERT_REQ = "-----END CERTIFICATE REQUEST-----";
|
||||
#endif
|
||||
#ifndef NO_DH
|
||||
const char* const BEGIN_DH_PARAM = "-----BEGIN DH PARAMETERS-----";
|
||||
const char* const END_DH_PARAM = "-----END DH PARAMETERS-----";
|
||||
#endif
|
||||
#ifndef NO_DSA
|
||||
const char* const BEGIN_DSA_PARAM = "-----BEGIN DSA PARAMETERS-----";
|
||||
const char* const END_DSA_PARAM = "-----END DSA PARAMETERS-----";
|
||||
#endif
|
||||
const char* const BEGIN_X509_CRL = "-----BEGIN X509 CRL-----";
|
||||
const char* const END_X509_CRL = "-----END X509 CRL-----";
|
||||
const char* const BEGIN_RSA_PRIV = "-----BEGIN RSA PRIVATE KEY-----";
|
||||
const char* const END_RSA_PRIV = "-----END RSA PRIVATE KEY-----";
|
||||
const char* const BEGIN_PRIV_KEY = "-----BEGIN PRIVATE KEY-----";
|
||||
const char* const END_PRIV_KEY = "-----END PRIVATE KEY-----";
|
||||
const char* const BEGIN_ENC_PRIV_KEY = "-----BEGIN ENCRYPTED PRIVATE KEY-----";
|
||||
const char* const END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
|
||||
#ifdef HAVE_ECC
|
||||
const char* const BEGIN_EC_PRIV = "-----BEGIN EC PRIVATE KEY-----";
|
||||
const char* const END_EC_PRIV = "-----END EC PRIVATE KEY-----";
|
||||
#endif
|
||||
const char* const BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
|
||||
const char* const END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
|
||||
const char* const BEGIN_PUB_KEY = "-----BEGIN PUBLIC KEY-----";
|
||||
const char* const END_PUB_KEY = "-----END PUBLIC KEY-----";
|
||||
#ifdef HAVE_ED25519
|
||||
const char* const BEGIN_EDDSA_PRIV = "-----BEGIN EDDSA PRIVATE KEY-----";
|
||||
const char* const END_EDDSA_PRIV = "-----END EDDSA PRIVATE KEY-----";
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA)
|
||||
|
||||
|
||||
@@ -493,28 +493,46 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
|
||||
#endif
|
||||
|
||||
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
|
||||
#ifdef WOLFSSL_AES_128
|
||||
else if (XSTRNCMP(cipher, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
|
||||
return AES_128_CBC_TYPE;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
else if (XSTRNCMP(cipher, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
|
||||
return AES_192_CBC_TYPE;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
else if (XSTRNCMP(cipher, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
|
||||
return AES_256_CBC_TYPE;
|
||||
#endif
|
||||
#endif /* !NO_AES && HAVE_AES_CBC */
|
||||
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
|
||||
#ifdef WOLFSSL_AES_128
|
||||
else if (XSTRNCMP(cipher, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)
|
||||
return AES_128_CTR_TYPE;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
else if (XSTRNCMP(cipher, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)
|
||||
return AES_192_CTR_TYPE;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
else if (XSTRNCMP(cipher, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)
|
||||
return AES_256_CTR_TYPE;
|
||||
#endif
|
||||
#endif /* !NO_AES && HAVE_AES_CBC */
|
||||
#if !defined(NO_AES) && defined(HAVE_AES_ECB)
|
||||
#ifdef WOLFSSL_AES_128
|
||||
else if (XSTRNCMP(cipher, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)
|
||||
return AES_128_ECB_TYPE;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
else if (XSTRNCMP(cipher, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)
|
||||
return AES_192_ECB_TYPE;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
else if (XSTRNCMP(cipher, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)
|
||||
return AES_256_ECB_TYPE;
|
||||
#endif
|
||||
#endif /* !NO_AES && HAVE_AES_CBC */
|
||||
else return 0;
|
||||
}
|
||||
|
||||
@@ -181,7 +181,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
|
||||
|
||||
switch(keylen)
|
||||
{
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
|
||||
defined(WOLFSSL_AES_128)
|
||||
case 16:
|
||||
while (1)
|
||||
{
|
||||
@@ -199,7 +200,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
|
||||
break;
|
||||
#endif /* 128 */
|
||||
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \
|
||||
defined(WOLFSSL_AES_192)
|
||||
case 24:
|
||||
/* for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack */
|
||||
while (1)
|
||||
@@ -220,7 +222,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
|
||||
break;
|
||||
#endif /* 192 */
|
||||
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256
|
||||
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \
|
||||
defined(WOLFSSL_AES_256)
|
||||
case 32:
|
||||
while (1)
|
||||
{
|
||||
@@ -492,6 +495,7 @@ void wc_AesFree(Aes* aes)
|
||||
note: grouping AESE & AESMC together as pairs reduces latency
|
||||
*/
|
||||
switch(aes->rounds) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case 10: /* AES 128 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -542,7 +546,8 @@ void wc_AesFree(Aes* aes)
|
||||
"v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_128 */
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case 12: /* AES 192 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -599,7 +604,8 @@ void wc_AesFree(Aes* aes)
|
||||
"v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_192*/
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case 14: /* AES 256 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -662,7 +668,7 @@ void wc_AesFree(Aes* aes)
|
||||
"v16"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
default:
|
||||
WOLFSSL_MSG("Bad AES-CBC round value");
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -688,6 +694,7 @@ void wc_AesFree(Aes* aes)
|
||||
word32* reg = aes->reg;
|
||||
|
||||
switch(aes->rounds) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case 10: /* AES 128 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -739,7 +746,8 @@ void wc_AesFree(Aes* aes)
|
||||
"v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_128 */
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case 12: /* AES 192 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -797,7 +805,8 @@ void wc_AesFree(Aes* aes)
|
||||
"v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_192 */
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case 14: /* AES 256 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -860,7 +869,7 @@ void wc_AesFree(Aes* aes)
|
||||
"v16", "v17"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
default:
|
||||
WOLFSSL_MSG("Bad AES-CBC round value");
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -914,6 +923,7 @@ void wc_AesFree(Aes* aes)
|
||||
byte* keyPt = (byte*)aes->key;
|
||||
sz -= numBlocks * AES_BLOCK_SIZE;
|
||||
switch(aes->rounds) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case 10: /* AES 128 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -1053,7 +1063,8 @@ void wc_AesFree(Aes* aes)
|
||||
"v6", "v7", "v8", "v9", "v10","v11","v12","v13","v14","v15"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_128 */
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case 12: /* AES 192 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -1209,7 +1220,8 @@ void wc_AesFree(Aes* aes)
|
||||
"v16", "v17"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_192 */
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case 14: /* AES 256 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -1378,7 +1390,7 @@ void wc_AesFree(Aes* aes)
|
||||
"v16", "v17", "v18", "v19"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
default:
|
||||
WOLFSSL_MSG("Bad AES-CTR round value");
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -1517,6 +1529,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz,
|
||||
}
|
||||
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
/* internal function : see wc_AesGcmEncrypt */
|
||||
static int Aes128GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
@@ -1832,8 +1845,9 @@ static int Aes128GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
#endif /* WOLFSSL_AES_128 */
|
||||
|
||||
|
||||
#ifdef WOLFSSL_AES_192
|
||||
/* internal function : see wc_AesGcmEncrypt */
|
||||
static int Aes192GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
@@ -2164,8 +2178,9 @@ static int Aes192GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif /* WOLFSSL_AES_192 */
|
||||
|
||||
|
||||
#ifdef WOLFSSL_AES_256
|
||||
/* internal function : see wc_AesGcmEncrypt */
|
||||
static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
@@ -2508,6 +2523,7 @@ static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
|
||||
|
||||
/* aarch64 with PMULL and PMULL2
|
||||
@@ -2552,18 +2568,21 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
}
|
||||
|
||||
switch (aes->rounds) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case 10:
|
||||
return Aes128GcmEncrypt(aes, out, in, sz, iv, ivSz,
|
||||
authTag, authTagSz, authIn, authInSz);
|
||||
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case 12:
|
||||
return Aes192GcmEncrypt(aes, out, in, sz, iv, ivSz,
|
||||
authTag, authTagSz, authIn, authInSz);
|
||||
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case 14:
|
||||
return Aes256GcmEncrypt(aes, out, in, sz, iv, ivSz,
|
||||
authTag, authTagSz, authIn, authInSz);
|
||||
|
||||
#endif
|
||||
default:
|
||||
WOLFSSL_MSG("AES-GCM invalid round number");
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -2644,6 +2663,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
* an issue with call to encrypt/decrypt leftovers */
|
||||
byte* keyPt = (byte*)aes->key;
|
||||
switch(aes->rounds) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case 10: /* AES 128 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -2707,7 +2727,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case 12: /* AES 192 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -2777,6 +2798,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"v16"
|
||||
);
|
||||
break;
|
||||
#endif /* WOLFSSL_AES_192 */
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case 14: /* AES 256 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV w11, %w[blocks] \n"
|
||||
@@ -2850,7 +2873,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"v16", "v17", "v18", "v19"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
default:
|
||||
WOLFSSL_MSG("Bad AES-GCM round value");
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -3057,6 +3080,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
note: grouping AESE & AESMC together as pairs reduces latency
|
||||
*/
|
||||
switch(aes->rounds) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case 10: /* AES 128 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV r11, %[blocks] \n"
|
||||
@@ -3116,7 +3140,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"q6", "q7", "q8", "q9", "q10", "q11", "q12"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_128 */
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case 12: /* AES 192 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV r11, %[blocks] \n"
|
||||
@@ -3182,7 +3207,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13", "q14"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_192 */
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case 14: /* AES 256 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV r11, %[blocks] \n"
|
||||
@@ -3255,7 +3281,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
default:
|
||||
WOLFSSL_MSG("Bad AES-CBC round value");
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -3280,6 +3306,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
word32* keyPt = aes->key;
|
||||
word32* regPt = aes->reg;
|
||||
switch(aes->rounds) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case 10: /* AES 128 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV r11, %[blocks] \n"
|
||||
@@ -3341,7 +3368,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_128 */
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case 12: /* AES 192 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV r11, %[blocks] \n"
|
||||
@@ -3409,7 +3437,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_192 */
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case 14: /* AES 256 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV r11, %[blocks] \n"
|
||||
@@ -3484,7 +3513,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
default:
|
||||
WOLFSSL_MSG("Bad AES-CBC round value");
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -3539,6 +3568,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
word32* regPt = aes->reg;
|
||||
sz -= numBlocks * AES_BLOCK_SIZE;
|
||||
switch(aes->rounds) {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
case 10: /* AES 128 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV r11, %[blocks] \n"
|
||||
@@ -3674,7 +3704,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"q6", "q7", "q8", "q9", "q10","q11","q12","q13","q14", "q15"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_128 */
|
||||
#ifdef WOLFSSL_AES_192
|
||||
case 12: /* AES 192 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV r11, %[blocks] \n"
|
||||
@@ -3833,7 +3864,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"q6", "q7", "q8", "q9", "q10","q11","q12","q13","q14"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_192 */
|
||||
#ifdef WOLFSSL_AES_256
|
||||
case 14: /* AES 256 BLOCK */
|
||||
__asm__ __volatile__ (
|
||||
"MOV r11, %[blocks] \n"
|
||||
@@ -4009,7 +4041,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"q6", "q7", "q8", "q9", "q10","q11","q12","q13","q14"
|
||||
);
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
default:
|
||||
WOLFSSL_MSG("Bad AES-CTR round qalue");
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
+256
-73
File diff suppressed because it is too large
Load Diff
+167
-94
@@ -277,32 +277,54 @@
|
||||
#if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS)
|
||||
#if !defined(NO_SHA)
|
||||
#if defined(WOLFSSL_STATIC_RSA)
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
#endif
|
||||
#if defined(HAVE_NTRU) && defined(WOLFSSL_STATIC_RSA)
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#if defined(WOLFSSL_STATIC_RSA)
|
||||
#if !defined (NO_SHA256)
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
|
||||
#endif
|
||||
#endif
|
||||
#if defined (HAVE_AESGCM)
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
#if defined (WOLFSSL_SHA384)
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
#endif
|
||||
#if defined (WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
#if defined (HAVE_AESCCM)
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_CCM_8
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_CCM_8
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_CCM_8
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_CCM_8
|
||||
#endif
|
||||
#endif
|
||||
#if defined(HAVE_BLAKE2)
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
@@ -335,22 +357,32 @@
|
||||
#if defined(WOLFSSL_STATIC_PSK)
|
||||
#if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS)
|
||||
#if !defined(NO_SHA)
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
|
||||
#ifdef HAVE_AESGCM
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
|
||||
#endif
|
||||
#endif /* WOLFSSL_AES_128 */
|
||||
#ifdef HAVE_AESCCM
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_CCM_8
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_CCM_8
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_CCM
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_CCM
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_CCM_8
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_CCM
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_CCM_8
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_CCM
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
|
||||
#ifdef HAVE_AESGCM
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
|
||||
@@ -407,26 +439,34 @@
|
||||
!defined(NO_RSA)
|
||||
|
||||
#if !defined(NO_SHA)
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
#if !defined(NO_DES3)
|
||||
#define BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
#endif
|
||||
#endif
|
||||
#if !defined(NO_SHA256)
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
|
||||
#if !defined(NO_SHA256) && defined(HAVE_AES_CBC)
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \
|
||||
!defined(NO_AES) && !defined(NO_SHA)
|
||||
!defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128)
|
||||
#define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
|
||||
#endif
|
||||
|
||||
#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
|
||||
#ifndef NO_SHA256
|
||||
#ifndef NO_AES
|
||||
#if !defined(NO_AES) && defined(WOLFSSL_AES_128)
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
#endif
|
||||
#ifdef HAVE_NULL_CIPHER
|
||||
@@ -434,7 +474,7 @@
|
||||
#endif
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
#ifndef NO_AES
|
||||
#if !defined(NO_AES) && defined(WOLFSSL_AES_256)
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
#endif
|
||||
#ifdef HAVE_NULL_CIPHER
|
||||
@@ -447,23 +487,39 @@
|
||||
#if !defined(NO_AES)
|
||||
#if !defined(NO_SHA)
|
||||
#if !defined(NO_RSA)
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
#if defined(WOLFSSL_STATIC_DH)
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_STATIC_DH)
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
#endif
|
||||
#endif /* NO_SHA */
|
||||
#ifndef NO_SHA256
|
||||
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
|
||||
#if !defined(NO_RSA)
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
#if defined(WOLFSSL_STATIC_DH)
|
||||
@@ -476,7 +532,7 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SHA384
|
||||
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
|
||||
#if !defined(NO_RSA)
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
|
||||
#if defined(WOLFSSL_STATIC_DH)
|
||||
@@ -492,21 +548,25 @@
|
||||
#if defined (HAVE_AESGCM)
|
||||
#if !defined(NO_RSA)
|
||||
#if defined(WOLFSSL_STATIC_DH)
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
|
||||
#endif
|
||||
#endif
|
||||
#if defined(WOLFSSL_SHA384)
|
||||
#if defined(WOLFSSL_STATIC_DH)
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_STATIC_DH)
|
||||
#if defined(WOLFSSL_STATIC_DH) && defined(WOLFSSL_AES_128)
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_SHA384)
|
||||
#if defined(WOLFSSL_STATIC_DH)
|
||||
#if defined(WOLFSSL_STATIC_DH) && defined(WOLFSSL_AES_256)
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
@@ -550,7 +610,8 @@
|
||||
#define BUILD_TLS_ECDHE_PSK_WITH_NULL_SHA256
|
||||
#endif
|
||||
#endif
|
||||
#if !defined(NO_PSK) && !defined(NO_SHA256) && !defined(NO_AES)
|
||||
#if !defined(NO_PSK) && !defined(NO_SHA256) && !defined(NO_AES) && \
|
||||
defined(WOLFSSL_AES_128)
|
||||
#define BUILD_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
#endif
|
||||
#endif
|
||||
@@ -582,39 +643,44 @@
|
||||
#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
|
||||
!defined(NO_RSA) && defined(HAVE_AESGCM)
|
||||
|
||||
#ifndef NO_SHA256
|
||||
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SHA384
|
||||
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
|
||||
#ifndef NO_SHA256
|
||||
#ifdef HAVE_AESGCM
|
||||
#if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128)
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
#endif
|
||||
#ifdef HAVE_AESCCM
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM)
|
||||
#if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM) && \
|
||||
defined(WOLFSSL_AES_256)
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC) && !defined(NO_TLS) && !defined(NO_AES)
|
||||
#ifdef HAVE_AESGCM
|
||||
#ifndef NO_SHA256
|
||||
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
#ifndef NO_RSA
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
#endif
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
#ifndef NO_RSA
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
@@ -622,9 +688,13 @@
|
||||
#endif
|
||||
#endif
|
||||
#if defined(HAVE_AESCCM) && !defined(NO_SHA256)
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
|
||||
#ifdef WOLFSSL_AES_128
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
@@ -642,10 +712,10 @@
|
||||
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
#ifdef HAVE_AESGCM
|
||||
#ifndef NO_SHA256
|
||||
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
|
||||
#define BUILD_TLS_AES_128_GCM_SHA256
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
|
||||
#define BUILD_TLS_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
@@ -657,7 +727,7 @@
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_AESCCM
|
||||
#ifndef NO_SHA256
|
||||
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
|
||||
#define BUILD_TLS_AES_128_CCM_SHA256
|
||||
#define BUILD_TLS_AES_128_CCM_8_SHA256
|
||||
#endif
|
||||
@@ -3044,10 +3114,11 @@ struct WOLFSSL_STACK {
|
||||
|
||||
struct WOLFSSL_X509_NAME {
|
||||
char *name;
|
||||
char staticName[ASN_NAME_MAX];
|
||||
int dynamicName;
|
||||
int sz;
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
|
||||
char staticName[ASN_NAME_MAX];
|
||||
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
|
||||
!defined(NO_ASN)
|
||||
DecodedName fullName;
|
||||
WOLFSSL_X509_NAME_ENTRY cnEntry;
|
||||
WOLFSSL_X509_NAME_ENTRY extra[MAX_NAME_ENTRIES]; /* extra entries added */
|
||||
@@ -3069,83 +3140,85 @@ struct WOLFSSL_X509_NAME {
|
||||
|
||||
struct WOLFSSL_X509 {
|
||||
int version;
|
||||
WOLFSSL_X509_NAME issuer;
|
||||
WOLFSSL_X509_NAME subject;
|
||||
int serialSz;
|
||||
byte serial[EXTERNAL_SERIAL_SIZE];
|
||||
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
char challengePw[CTC_NAME_SIZE]; /* for REQ certs */
|
||||
#endif
|
||||
#ifdef WOLFSSL_SEP
|
||||
int deviceTypeSz;
|
||||
byte deviceType[EXTERNAL_SERIAL_SIZE];
|
||||
int hwTypeSz;
|
||||
byte deviceType[EXTERNAL_SERIAL_SIZE];
|
||||
byte hwType[EXTERNAL_SERIAL_SIZE];
|
||||
int hwSerialNumSz;
|
||||
byte hwSerialNum[EXTERNAL_SERIAL_SIZE];
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
byte certPolicySet;
|
||||
byte certPolicyCrit;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif
|
||||
int notBeforeSz;
|
||||
byte notBefore[MAX_DATE_SZ];
|
||||
int notAfterSz;
|
||||
byte notBefore[MAX_DATE_SZ];
|
||||
byte notAfter[MAX_DATE_SZ];
|
||||
int sigOID;
|
||||
buffer sig;
|
||||
int pubKeyOID;
|
||||
int sigOID;
|
||||
DNS_entry* altNames; /* alt names list */
|
||||
buffer pubKey;
|
||||
int pubKeyOID;
|
||||
DNS_entry* altNamesNext; /* hint for retrieval */
|
||||
#ifdef HAVE_ECC
|
||||
word32 pkCurveOID;
|
||||
#endif /* HAVE_ECC */
|
||||
#ifndef NO_CERTS
|
||||
DerBuffer* derCert; /* may need */
|
||||
#endif
|
||||
DNS_entry* altNames; /* alt names list */
|
||||
DNS_entry* altNamesNext; /* hint for retrieval */
|
||||
void* heap; /* heap hint */
|
||||
byte dynamicMemory; /* dynamic memory flag */
|
||||
byte isCa;
|
||||
byte isCa:1;
|
||||
#ifdef WOLFSSL_CERT_EXT
|
||||
char certPolicies[MAX_CERTPOL_NB][MAX_CERTPOL_SZ];
|
||||
int certPoliciesNb;
|
||||
#endif /* WOLFSSL_CERT_EXT */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
#ifdef HAVE_EX_DATA
|
||||
void* ex_data[MAX_EX_DATA];
|
||||
#endif
|
||||
byte* authKeyId;
|
||||
byte* subjKeyId;
|
||||
byte* extKeyUsageSrc;
|
||||
byte* CRLInfo;
|
||||
byte* authInfo;
|
||||
word32 pathLength;
|
||||
word16 keyUsage;
|
||||
byte CRLdistSet;
|
||||
byte CRLdistCrit;
|
||||
byte* CRLInfo;
|
||||
int CRLInfoSz;
|
||||
byte authInfoSet;
|
||||
byte authInfoCrit;
|
||||
byte* authInfo;
|
||||
int authInfoSz;
|
||||
byte basicConstSet;
|
||||
byte basicConstCrit;
|
||||
byte basicConstPlSet;
|
||||
byte subjAltNameSet;
|
||||
byte subjAltNameCrit;
|
||||
byte authKeyIdSet;
|
||||
byte authKeyIdCrit;
|
||||
byte* authKeyId;
|
||||
word32 authKeyIdSz;
|
||||
byte subjKeyIdSet;
|
||||
byte subjKeyIdCrit;
|
||||
byte* subjKeyId;
|
||||
word32 subjKeyIdSz;
|
||||
byte keyUsageSet;
|
||||
byte keyUsageCrit;
|
||||
byte extKeyUsageCrit;
|
||||
byte* extKeyUsageSrc;
|
||||
word32 extKeyUsageSz;
|
||||
word32 extKeyUsageCount;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
byte CRLdistSet:1;
|
||||
byte CRLdistCrit:1;
|
||||
byte authInfoSet:1;
|
||||
byte authInfoCrit:1;
|
||||
byte keyUsageSet:1;
|
||||
byte keyUsageCrit:1;
|
||||
byte extKeyUsageCrit:1;
|
||||
byte subjKeyIdSet:1;
|
||||
|
||||
byte subjKeyIdCrit:1;
|
||||
byte basicConstSet:1;
|
||||
byte basicConstCrit:1;
|
||||
byte basicConstPlSet:1;
|
||||
byte subjAltNameSet:1;
|
||||
byte subjAltNameCrit:1;
|
||||
byte authKeyIdSet:1;
|
||||
byte authKeyIdCrit:1;
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
byte serial[EXTERNAL_SERIAL_SIZE];
|
||||
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
char challengePw[CTC_NAME_SIZE]; /* for REQ certs */
|
||||
#endif
|
||||
WOLFSSL_X509_NAME issuer;
|
||||
WOLFSSL_X509_NAME subject;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@@ -165,7 +165,9 @@ enum {
|
||||
EVP_PKEY_RSA = 16,
|
||||
EVP_PKEY_DSA = 17,
|
||||
EVP_PKEY_EC = 18,
|
||||
#ifdef HAVE_IDEA
|
||||
IDEA_CBC_TYPE = 19,
|
||||
#endif
|
||||
NID_sha1 = 64,
|
||||
NID_sha224 = 65,
|
||||
NID_md2 = 77,
|
||||
|
||||
+22
-15
@@ -84,7 +84,7 @@
|
||||
#define NO_OLD_WC_NAMES
|
||||
#endif
|
||||
|
||||
#elif defined(OPENSSL_EXTRA)
|
||||
#elif (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
|
||||
#include <wolfssl/openssl/bn.h>
|
||||
#include <wolfssl/openssl/hmac.h>
|
||||
|
||||
@@ -223,7 +223,7 @@ struct WOLFSSL_EVP_PKEY {
|
||||
union {
|
||||
char* ptr; /* der format of key / or raw for NTRU */
|
||||
} pkey;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
|
||||
#ifndef NO_RSA
|
||||
WOLFSSL_RSA* rsa;
|
||||
byte ownRsa; /* if struct owns RSA and should free it */
|
||||
@@ -233,7 +233,7 @@ struct WOLFSSL_EVP_PKEY {
|
||||
byte ownEcc; /* if struct owns ECC and should free it */
|
||||
#endif
|
||||
WC_RNG rng;
|
||||
#endif
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
#ifdef HAVE_ECC
|
||||
int pkey_curve;
|
||||
#endif
|
||||
@@ -733,7 +733,6 @@ WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
|
||||
/* what's ref count */
|
||||
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_new(void);
|
||||
WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*);
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
|
||||
@@ -1470,7 +1469,8 @@ WOLFSSL_API unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN*, int idx);
|
||||
/* index cert in X509 */
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN*, int idx);
|
||||
/* free X509 */
|
||||
WOLFSSL_API void wolfSSL_FreeX509(WOLFSSL_X509*);
|
||||
#define wolfSSL_FreeX509(x509) wolfSSL_X509_free((x509))
|
||||
WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*);
|
||||
/* get index cert in PEM */
|
||||
WOLFSSL_API int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN*, int idx,
|
||||
unsigned char* buf, int inLen, int* outLen);
|
||||
@@ -1775,7 +1775,9 @@ enum BulkCipherAlgorithm {
|
||||
wolfssl_des,
|
||||
wolfssl_triple_des, /* leading 3 (3des) not valid identifier */
|
||||
wolfssl_des40,
|
||||
#ifdef HAVE_IDEA
|
||||
wolfssl_idea,
|
||||
#endif
|
||||
wolfssl_aes,
|
||||
wolfssl_aes_gcm,
|
||||
wolfssl_aes_ccm,
|
||||
@@ -2414,6 +2416,21 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
|
||||
WOLFSSL_API void wolfSSL_cert_service(void);
|
||||
#endif
|
||||
|
||||
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
|
||||
/* Smaller subset of X509 compatibility functions. Avoid increasing the size of
|
||||
* this subset and its memory usage */
|
||||
|
||||
#include <wolfssl/openssl/asn1.h>
|
||||
struct WOLFSSL_X509_NAME_ENTRY {
|
||||
WOLFSSL_ASN1_OBJECT* object; /* not defined yet */
|
||||
WOLFSSL_ASN1_STRING data;
|
||||
WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */
|
||||
int nid; /* i.e. ASN_COMMON_NAME */
|
||||
int set;
|
||||
int size;
|
||||
};
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
|
||||
enum {
|
||||
@@ -2520,16 +2537,6 @@ struct WOLFSSL_ASN1_BIT_STRING {
|
||||
};
|
||||
|
||||
|
||||
#include <wolfssl/openssl/asn1.h>
|
||||
struct WOLFSSL_X509_NAME_ENTRY {
|
||||
WOLFSSL_ASN1_OBJECT* object; /* not defined yet */
|
||||
WOLFSSL_ASN1_STRING data;
|
||||
WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */
|
||||
int nid; /* i.e. ASN_COMMON_NAME */
|
||||
int set;
|
||||
int size;
|
||||
};
|
||||
|
||||
#if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) \
|
||||
|| defined(HAVE_STUNNEL) \
|
||||
|| defined(WOLFSSL_NGINX) \
|
||||
|
||||
+29
-28
@@ -571,7 +571,7 @@ struct DecodedCert {
|
||||
word16 extKeyUsage; /* Key usage bitfield */
|
||||
byte extExtKeyUsage; /* Extended Key usage bitfield */
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
byte* extExtKeyUsageSrc;
|
||||
word32 extExtKeyUsageSz;
|
||||
word32 extExtKeyUsageCount;
|
||||
@@ -619,7 +619,7 @@ struct DecodedCert {
|
||||
char* subjectEmail;
|
||||
int subjectEmailLen;
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
DecodedName issuerName;
|
||||
DecodedName subjectName;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
@@ -659,7 +659,7 @@ struct DecodedCert {
|
||||
#ifdef WOLFSSL_SEP
|
||||
byte extCertPolicySet : 1;
|
||||
#endif
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
byte extCRLdistCrit : 1;
|
||||
byte extAuthInfoCrit : 1;
|
||||
byte extBasicConstCrit : 1;
|
||||
@@ -679,30 +679,30 @@ struct DecodedCert {
|
||||
};
|
||||
|
||||
|
||||
extern const char* BEGIN_CERT;
|
||||
extern const char* END_CERT;
|
||||
extern const char* BEGIN_CERT_REQ;
|
||||
extern const char* END_CERT_REQ;
|
||||
extern const char* BEGIN_DSA_PARAM;
|
||||
extern const char* END_DSA_PARAM;
|
||||
extern const char* BEGIN_DH_PARAM;
|
||||
extern const char* END_DH_PARAM;
|
||||
extern const char* BEGIN_X509_CRL;
|
||||
extern const char* END_X509_CRL;
|
||||
extern const char* BEGIN_RSA_PRIV;
|
||||
extern const char* END_RSA_PRIV;
|
||||
extern const char* BEGIN_PRIV_KEY;
|
||||
extern const char* END_PRIV_KEY;
|
||||
extern const char* BEGIN_ENC_PRIV_KEY;
|
||||
extern const char* END_ENC_PRIV_KEY;
|
||||
extern const char* BEGIN_EC_PRIV;
|
||||
extern const char* END_EC_PRIV;
|
||||
extern const char* BEGIN_DSA_PRIV;
|
||||
extern const char* END_DSA_PRIV;
|
||||
extern const char* BEGIN_PUB_KEY;
|
||||
extern const char* END_PUB_KEY;
|
||||
extern const char* BEGIN_EDDSA_PRIV;
|
||||
extern const char* END_EDDSA_PRIV;
|
||||
extern const char* const BEGIN_CERT;
|
||||
extern const char* const END_CERT;
|
||||
extern const char* const BEGIN_CERT_REQ;
|
||||
extern const char* const END_CERT_REQ;
|
||||
extern const char* const BEGIN_DSA_PARAM;
|
||||
extern const char* const END_DSA_PARAM;
|
||||
extern const char* const BEGIN_DH_PARAM;
|
||||
extern const char* const END_DH_PARAM;
|
||||
extern const char* const BEGIN_X509_CRL;
|
||||
extern const char* const END_X509_CRL;
|
||||
extern const char* const BEGIN_RSA_PRIV;
|
||||
extern const char* const END_RSA_PRIV;
|
||||
extern const char* const BEGIN_PRIV_KEY;
|
||||
extern const char* const END_PRIV_KEY;
|
||||
extern const char* const BEGIN_ENC_PRIV_KEY;
|
||||
extern const char* const END_ENC_PRIV_KEY;
|
||||
extern const char* const BEGIN_EC_PRIV;
|
||||
extern const char* const END_EC_PRIV;
|
||||
extern const char* const BEGIN_DSA_PRIV;
|
||||
extern const char* const END_DSA_PRIV;
|
||||
extern const char* const BEGIN_PUB_KEY;
|
||||
extern const char* const END_PUB_KEY;
|
||||
extern const char* const BEGIN_EDDSA_PRIV;
|
||||
extern const char* const END_EDDSA_PRIV;
|
||||
|
||||
#ifdef NO_SHA
|
||||
#define SIGNER_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
|
||||
@@ -758,7 +758,8 @@ struct TrustedPeerCert {
|
||||
|
||||
|
||||
/* for testing or custom openssl wrappers */
|
||||
#if defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA)
|
||||
#if defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
|
||||
defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
#define WOLFSSL_ASN_API WOLFSSL_API
|
||||
#else
|
||||
#define WOLFSSL_ASN_API WOLFSSL_LOCAL
|
||||
|
||||
+30
-33
@@ -84,56 +84,53 @@ typedef struct PKCS7Attrib {
|
||||
|
||||
|
||||
typedef struct PKCS7DecodedAttrib {
|
||||
struct PKCS7DecodedAttrib* next;
|
||||
byte* oid;
|
||||
word32 oidSz;
|
||||
byte* value;
|
||||
word32 valueSz;
|
||||
struct PKCS7DecodedAttrib* next;
|
||||
} PKCS7DecodedAttrib;
|
||||
|
||||
|
||||
typedef struct PKCS7 {
|
||||
byte* content; /* inner content, not owner */
|
||||
word32 contentSz; /* content size */
|
||||
int contentOID; /* PKCS#7 content type OID sum */
|
||||
|
||||
WC_RNG* rng;
|
||||
|
||||
int hashOID;
|
||||
int encryptOID; /* key encryption algorithm OID */
|
||||
int keyWrapOID; /* key wrap algorithm OID */
|
||||
int keyAgreeOID; /* key agreement algorithm OID */
|
||||
|
||||
PKCS7Attrib* signedAttribs;
|
||||
byte* content; /* inner content, not owner */
|
||||
byte* singleCert; /* recipient cert, DER, not owner */
|
||||
byte* issuer; /* issuer name of singleCert */
|
||||
byte* privateKey; /* private key, DER, not owner */
|
||||
void* heap; /* heap hint for dynamic memory */
|
||||
byte* cert[MAX_PKCS7_CERTS];
|
||||
word32 certSz[MAX_PKCS7_CERTS];
|
||||
byte* singleCert; /* recipient cert, DER, not owner */
|
||||
word32 singleCertSz; /* size of recipient cert buffer, bytes */
|
||||
byte issuerHash[KEYID_SIZE]; /* hash of all alt Names */
|
||||
byte* issuer; /* issuer name of singleCert */
|
||||
word32 issuerSz; /* length of issuer name */
|
||||
byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */
|
||||
word32 issuerSnSz; /* length of serial number */
|
||||
|
||||
byte publicKey[MAX_RSA_INT_SZ + MAX_RSA_E_SZ ];/*MAX RSA key size (m + e)*/
|
||||
word32 publicKeySz;
|
||||
word32 publicKeyOID; /* key OID (RSAk, ECDSAk, etc) */
|
||||
byte* privateKey; /* private key, DER, not owner */
|
||||
word32 privateKeySz; /* size of private key buffer, bytes */
|
||||
|
||||
PKCS7Attrib* signedAttribs;
|
||||
word32 signedAttribsSz;
|
||||
/* Encrypted-data Content Type */
|
||||
byte* encryptionKey; /* block cipher encryption key */
|
||||
PKCS7Attrib* unprotectedAttribs; /* optional */
|
||||
PKCS7DecodedAttrib* decodedAttrib; /* linked list of decoded attribs */
|
||||
|
||||
/* Enveloped-data optional ukm, not owner */
|
||||
byte* ukm;
|
||||
word32 ukmSz;
|
||||
|
||||
/* Encrypted-data Content Type */
|
||||
byte* encryptionKey; /* block cipher encryption key */
|
||||
word32 encryptionKeySz; /* size of key buffer, bytes */
|
||||
PKCS7Attrib* unprotectedAttribs; /* optional */
|
||||
word32 unprotectedAttribsSz;
|
||||
PKCS7DecodedAttrib* decodedAttrib; /* linked list of decoded attribs */
|
||||
word32 encryptionKeySz; /* size of key buffer, bytes */
|
||||
word32 unprotectedAttribsSz;
|
||||
word32 contentSz; /* content size */
|
||||
word32 singleCertSz; /* size of recipient cert buffer, bytes */
|
||||
word32 issuerSz; /* length of issuer name */
|
||||
word32 issuerSnSz; /* length of serial number */
|
||||
|
||||
word32 publicKeySz;
|
||||
word32 publicKeyOID; /* key OID (RSAk, ECDSAk, etc) */
|
||||
word32 privateKeySz; /* size of private key buffer, bytes */
|
||||
word32 signedAttribsSz;
|
||||
int contentOID; /* PKCS#7 content type OID sum */
|
||||
int hashOID;
|
||||
int encryptOID; /* key encryption algorithm OID */
|
||||
int keyWrapOID; /* key wrap algorithm OID */
|
||||
int keyAgreeOID; /* key agreement algorithm OID */
|
||||
byte issuerHash[KEYID_SIZE]; /* hash of all alt Names */
|
||||
byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */
|
||||
byte publicKey[MAX_RSA_INT_SZ + MAX_RSA_E_SZ ];/*MAX RSA key size (m + e)*/
|
||||
word32 certSz[MAX_PKCS7_CERTS];
|
||||
} PKCS7;
|
||||
|
||||
|
||||
|
||||
@@ -1399,6 +1399,23 @@ extern void uITRON4_free(void *p) ;
|
||||
#undef AES_MAX_KEY_SIZE
|
||||
#define AES_MAX_KEY_SIZE 256
|
||||
#endif
|
||||
|
||||
#ifndef NO_AES_128
|
||||
#undef WOLFSSL_AES_128
|
||||
#define WOLFSSL_AES_128
|
||||
#endif
|
||||
#if !defined(NO_AES_192) && AES_MAX_KEY_SIZE >= 192
|
||||
#undef WOLFSSL_AES_192
|
||||
#define WOLFSSL_AES_192
|
||||
#endif
|
||||
#if !defined(NO_AES_256) && AES_MAX_KEY_SIZE >= 256
|
||||
#undef WOLFSSL_AES_256
|
||||
#define WOLFSSL_AES_256
|
||||
#endif
|
||||
#if !defined(WOLFSSL_AES_128) && defined(HAVE_ECC_ENCRYPT)
|
||||
#warning HAVE_ECC_ENCRYPT uses AES 128 bit keys
|
||||
#endif
|
||||
|
||||
#ifndef NO_AES_DECRYPT
|
||||
#undef HAVE_AES_DECRYPT
|
||||
#define HAVE_AES_DECRYPT
|
||||
@@ -1616,6 +1633,13 @@ extern void uITRON4_free(void *p) ;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* switch for compatibility layer functionality. Has subparts i.e. BIO/X509
|
||||
* When opensslextra is enabled all subparts should be turned on. */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#undef OPENSSL_EXTRA_X509_SMALL
|
||||
#define OPENSSL_EXTRA_X509_SMALL
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user