mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 21:00:52 +02:00
@@ -637,6 +637,7 @@ USE_TLSV13
|
||||
USE_WINDOWS_API
|
||||
USE_WOLF_STRNSTR
|
||||
USS_API
|
||||
W64LIT_FORCE_LONG_LONG
|
||||
WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING
|
||||
WC_AES_BS_WORD_SIZE
|
||||
WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH
|
||||
|
||||
+10
-10
@@ -34131,7 +34131,7 @@ enum {
|
||||
SINGLERESPONSEASN_IDX_THISUPDATE_GT,
|
||||
SINGLERESPONSEASN_IDX_NEXTUPDATE,
|
||||
SINGLERESPONSEASN_IDX_NEXTUPDATE_GT,
|
||||
SINGLERESPONSEASN_IDX_EXT,
|
||||
SINGLERESPONSEASN_IDX_EXT
|
||||
};
|
||||
|
||||
/* Number of items in ASN.1 template for OCSP single response. */
|
||||
@@ -34156,7 +34156,7 @@ enum {
|
||||
CERTIDASN_IDX_CID_HASHALGO_NULL,
|
||||
CERTIDASN_IDX_CID_ISSUERHASH,
|
||||
CERTIDASN_IDX_CID_ISSUERKEYHASH,
|
||||
CERTIDASN_IDX_CID_SERIAL,
|
||||
CERTIDASN_IDX_CID_SERIAL
|
||||
};
|
||||
|
||||
#define certidasn_Length (sizeof(certIDASNItems) / sizeof(ASNItem))
|
||||
@@ -34531,7 +34531,7 @@ static const ASNItem respExtHdrASN[] = {
|
||||
};
|
||||
enum {
|
||||
RESPEXTHDRASN_IDX_EXT = 0,
|
||||
RESPEXTHDRASN_IDX_EXT_SEQ,
|
||||
RESPEXTHDRASN_IDX_EXT_SEQ
|
||||
};
|
||||
|
||||
/* Number of items in ASN.1 template for OCSP response extension header. */
|
||||
@@ -34625,7 +34625,7 @@ enum {
|
||||
OCSPNONCEEXTASN_IDX_EXT,
|
||||
OCSPNONCEEXTASN_IDX_EXT_OID,
|
||||
OCSPNONCEEXTASN_IDX_EXT_VAL,
|
||||
OCSPNONCEEXTASN_IDX_EXT_NONCE,
|
||||
OCSPNONCEEXTASN_IDX_EXT_NONCE
|
||||
};
|
||||
|
||||
/* Number of items in ASN.1 template for OCSP nonce extension. */
|
||||
@@ -34702,7 +34702,7 @@ enum {
|
||||
OCSPRESPDATAASN_IDX_BYKEY_OCT,
|
||||
OCSPRESPDATAASN_IDX_PA,
|
||||
OCSPRESPDATAASN_IDX_RESP,
|
||||
OCSPRESPDATAASN_IDX_RESPEXT,
|
||||
OCSPRESPDATAASN_IDX_RESPEXT
|
||||
};
|
||||
|
||||
/* Number of items in ASN.1 template for OCSP ResponseData. */
|
||||
@@ -34985,7 +34985,7 @@ enum {
|
||||
#endif
|
||||
OCSPBASICRESPASN_IDX_SIGNATURE,
|
||||
OCSPBASICRESPASN_IDX_CERTS,
|
||||
OCSPBASICRESPASN_IDX_CERTS_SEQ,
|
||||
OCSPBASICRESPASN_IDX_CERTS_SEQ
|
||||
};
|
||||
|
||||
/* Number of items in ASN.1 template for BasicOCSPResponse. */
|
||||
@@ -35438,7 +35438,7 @@ enum {
|
||||
|
||||
OCSPRESPONSEASN_IDX_BYTES_TYPE,
|
||||
|
||||
OCSPRESPONSEASN_IDX_BYTES_VAL,
|
||||
OCSPRESPONSEASN_IDX_BYTES_VAL
|
||||
};
|
||||
|
||||
/* Number of items in ASN.1 template for OCSPResponse. */
|
||||
@@ -35715,7 +35715,7 @@ enum {
|
||||
OCSPREQUESTASN_IDX_TBS_REQ_ISSUERKEY,
|
||||
OCSPREQUESTASN_IDX_TBS_REQ_SERIAL,
|
||||
OCSPREQUESTASN_IDX_TBS_REQEXT,
|
||||
OCSPREQUESTASN_IDX_OPT_SIG,
|
||||
OCSPREQUESTASN_IDX_OPT_SIG
|
||||
};
|
||||
|
||||
/* Number of items in ASN.1 template for OCSPRequest. */
|
||||
@@ -36278,7 +36278,7 @@ enum {
|
||||
REVOKEDASN_IDX_CERT,
|
||||
REVOKEDASN_IDX_TIME_UTC,
|
||||
REVOKEDASN_IDX_TIME_GT,
|
||||
REVOKEDASN_IDX_TIME_EXT,
|
||||
REVOKEDASN_IDX_TIME_EXT
|
||||
};
|
||||
|
||||
/* Number of items in ASN.1 template for revoked certificates. */
|
||||
@@ -36875,7 +36875,7 @@ enum {
|
||||
#ifdef WC_RSA_PSS
|
||||
CRLASN_IDX_SIGALGO_PARAMS,
|
||||
#endif
|
||||
CRLASN_IDX_SIGNATURE,
|
||||
CRLASN_IDX_SIGNATURE
|
||||
};
|
||||
|
||||
/* Number of items in ASN.1 template for a CRL- CertificateList. */
|
||||
|
||||
@@ -34,6 +34,9 @@
|
||||
#ifndef WOLFSSL_IGNORE_FILE_WARN
|
||||
#warning asn_orig.c does not need to be compiled separately from asn.c
|
||||
#endif
|
||||
/* An empty translation unit is a constraint violation in C89, so emit a
|
||||
* harmless typedef to keep it well-formed. */
|
||||
typedef int wolfssl_asn_orig_dummy_decl;
|
||||
#else
|
||||
|
||||
/* Forward declarations for static functions defined later in this file. */
|
||||
|
||||
+21
-19
@@ -2090,7 +2090,7 @@ enum states {
|
||||
#ifdef WOLFSSL_DTLS13
|
||||
SERVER_FINISHED_ACKED,
|
||||
#endif /* WOLFSSL_DTLS13 */
|
||||
|
||||
WOLF_ENUM_DUMMY_LAST_ELEMENT(states)
|
||||
};
|
||||
|
||||
/* SSL Version */
|
||||
@@ -3086,10 +3086,10 @@ typedef enum {
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_DUAL_ALG_CERTS)
|
||||
TLSX_CKS = TLSXT_CKS,
|
||||
#endif
|
||||
TLSX_RENEGOTIATION_INFO = TLSXT_RENEGOTIATION_INFO,
|
||||
#ifdef WOLFSSL_QUIC
|
||||
TLSX_KEY_QUIC_TP_PARAMS_DRAFT = TLSXT_KEY_QUIC_TP_PARAMS_DRAFT,
|
||||
#endif
|
||||
TLSX_RENEGOTIATION_INFO = TLSXT_RENEGOTIATION_INFO
|
||||
} TLSX_Type;
|
||||
|
||||
/* TLS Certificate type defined RFC7250
|
||||
@@ -3450,7 +3450,8 @@ typedef struct SignatureAlgorithms {
|
||||
#ifdef _MSC_VER
|
||||
#pragma warning(disable: 4200)
|
||||
#endif
|
||||
byte hashSigAlgo[]; /* sig/algo to offer */
|
||||
/* sig/algo to offer */
|
||||
byte hashSigAlgo[WC_FLEXIBLE_ARRAY_SIZE];
|
||||
} SignatureAlgorithms;
|
||||
|
||||
WOLFSSL_LOCAL SignatureAlgorithms* TLSX_SignatureAlgorithms_New(
|
||||
@@ -3630,11 +3631,11 @@ typedef struct InternalTicket {
|
||||
/* RFC 5077 defines this for session tickets. All members need to be a byte or
|
||||
* array of byte to avoid alignment issues */
|
||||
typedef struct ExternalTicket {
|
||||
byte key_name[WOLFSSL_TICKET_NAME_SZ]; /* key context name - 16 */
|
||||
byte iv[WOLFSSL_TICKET_IV_SZ]; /* this ticket's iv - 16 */
|
||||
byte enc_len[OPAQUE16_LEN]; /* encrypted length - 2 */
|
||||
byte enc_ticket[]; /* encrypted ticket - var length
|
||||
* + total mac - 32 */
|
||||
byte key_name[WOLFSSL_TICKET_NAME_SZ]; /* key context name - 16 */
|
||||
byte iv[WOLFSSL_TICKET_IV_SZ]; /* this ticket's iv - 16 */
|
||||
byte enc_len[OPAQUE16_LEN]; /* encrypted length - 2 */
|
||||
byte enc_ticket[WC_FLEXIBLE_ARRAY_SIZE]; /* encrypted ticket - var length
|
||||
* + total mac - 32 */
|
||||
} ExternalTicket;
|
||||
|
||||
/* Fixed portion of external ticket (key_name + iv + enc_len) */
|
||||
@@ -3718,7 +3719,7 @@ typedef struct Cookie {
|
||||
#ifdef _MSC_VER
|
||||
#pragma warning(disable: 4200)
|
||||
#endif
|
||||
byte data[];
|
||||
byte data[WC_FLEXIBLE_ARRAY_SIZE];
|
||||
} Cookie;
|
||||
|
||||
WOLFSSL_LOCAL int TLSX_Cookie_Use(const WOLFSSL* ssl, const byte* data,
|
||||
@@ -3781,7 +3782,7 @@ enum PskDecryptReturn {
|
||||
PSK_DECRYPT_NONE = 0,
|
||||
PSK_DECRYPT_OK,
|
||||
PSK_DECRYPT_CREATE,
|
||||
PSK_DECRYPT_FAIL,
|
||||
PSK_DECRYPT_FAIL
|
||||
};
|
||||
|
||||
#ifdef HAVE_SESSION_TICKET
|
||||
@@ -4513,7 +4514,7 @@ enum SignatureAlgorithm {
|
||||
enum SigAlgRsaPss {
|
||||
pss_sha256 = 0x09,
|
||||
pss_sha384 = 0x0a,
|
||||
pss_sha512 = 0x0b,
|
||||
pss_sha512 = 0x0b
|
||||
};
|
||||
|
||||
#ifdef WOLFSSL_SM2
|
||||
@@ -4548,7 +4549,7 @@ enum ClientCertificateType {
|
||||
rsa_fixed_ecdh = 65,
|
||||
ecdsa_fixed_ecdh = 66,
|
||||
falcon_sign = 67,
|
||||
mldsa_sign = 68,
|
||||
mldsa_sign = 68
|
||||
};
|
||||
|
||||
/* Maximum number of ClientCertificateType bytes the server emits in a
|
||||
@@ -5094,14 +5095,14 @@ enum buildMsgState {
|
||||
BUILD_MSG_HASH,
|
||||
BUILD_MSG_VERIFY_MAC,
|
||||
BUILD_MSG_ENCRYPT,
|
||||
BUILD_MSG_ENCRYPTED_VERIFY_MAC,
|
||||
BUILD_MSG_ENCRYPTED_VERIFY_MAC
|
||||
};
|
||||
|
||||
/* sub-states for cipher operations */
|
||||
enum cipherState {
|
||||
CIPHER_STATE_BEGIN = 0,
|
||||
CIPHER_STATE_DO,
|
||||
CIPHER_STATE_END,
|
||||
CIPHER_STATE_END
|
||||
};
|
||||
|
||||
struct Options {
|
||||
@@ -5458,7 +5459,7 @@ typedef enum {
|
||||
STACK_TYPE_X509_NAME_ENTRY = 17,
|
||||
STACK_TYPE_X509_REQ_ATTR = 18,
|
||||
STACK_TYPE_GENERAL_SUBTREE = 19,
|
||||
STACK_TYPE_X509_REVOKED = 20,
|
||||
STACK_TYPE_X509_REVOKED = 20
|
||||
} WOLF_STACK_TYPE;
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
@@ -5769,7 +5770,7 @@ typedef struct DtlsFragBucket {
|
||||
#ifdef _MSC_VER
|
||||
#pragma warning(disable: 4200)
|
||||
#endif
|
||||
byte buf[];
|
||||
byte buf[WC_FLEXIBLE_ARRAY_SIZE];
|
||||
} DtlsFragBucket;
|
||||
|
||||
typedef struct DtlsMsg {
|
||||
@@ -6796,6 +6797,7 @@ enum ContentType {
|
||||
#ifdef WOLFSSL_DTLS13
|
||||
ack = 26,
|
||||
#endif /* WOLFSSL_DTLS13 */
|
||||
WOLF_ENUM_DUMMY_LAST_ELEMENT(ContentType)
|
||||
};
|
||||
|
||||
|
||||
@@ -6955,7 +6957,7 @@ WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side);
|
||||
WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int IsTLS_ex(const ProtocolVersion pv);
|
||||
WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int IsAtLeastTLSv1_3(ProtocolVersion pv);
|
||||
WOLFSSL_LOCAL int IsAtLeastTLSv1_3(const ProtocolVersion pv);
|
||||
WOLFSSL_LOCAL int IsEncryptionOn(const WOLFSSL* ssl, int isSend);
|
||||
WOLFSSL_LOCAL int TLSv1_3_Capable(WOLFSSL* ssl);
|
||||
|
||||
@@ -7265,7 +7267,7 @@ typedef struct CipherSuiteInfo {
|
||||
#endif
|
||||
WOLFSSL_TEST_VIS const CipherSuiteInfo* GetCipherNames(void);
|
||||
WOLFSSL_TEST_VIS int GetCipherNamesSize(void);
|
||||
WOLFSSL_LOCAL const char* GetCipherNameInternal(byte cipherSuite0, byte cipherSuite);
|
||||
WOLFSSL_LOCAL const char* GetCipherNameInternal(const byte cipherSuite0, const byte cipherSuite);
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
|
||||
/* used in wolfSSL_sk_CIPHER_description */
|
||||
#define MAX_SEGMENTS 5
|
||||
@@ -7281,7 +7283,7 @@ WOLFSSL_LOCAL const char* GetCipherMacStr(char n[][MAX_SEGMENT_SZ]);
|
||||
WOLFSSL_LOCAL int SetCipherBits(const char* enc);
|
||||
WOLFSSL_LOCAL int IsCipherAEAD(char n[][MAX_SEGMENT_SZ]);
|
||||
#endif
|
||||
WOLFSSL_LOCAL const char* GetCipherNameIana(byte cipherSuite0, byte cipherSuite);
|
||||
WOLFSSL_LOCAL const char* GetCipherNameIana(const byte cipherSuite0, const byte cipherSuite);
|
||||
WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_iana(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int GetCipherSuiteFromName(const char* name, byte* cipherSuite0,
|
||||
|
||||
@@ -221,6 +221,29 @@ typedef const char wcchar[];
|
||||
#define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix) /* null expansion */
|
||||
#endif
|
||||
|
||||
#if defined(WC_FLEXIBLE_ARRAY_SIZE)
|
||||
/* keep override value. */
|
||||
#elif defined(__cplusplus)
|
||||
/* No C++ standard has FAMs; [] and [0] are vendor extensions.
|
||||
* Use the struct hack. */
|
||||
#define WC_FLEXIBLE_ARRAY_SIZE 1
|
||||
#elif defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L)
|
||||
/* Standard C99+ flexible array member -- valid even under
|
||||
* __STRICT_ANSI__ / -pedantic. */
|
||||
#define WC_FLEXIBLE_ARRAY_SIZE
|
||||
#elif defined(__STRICT_ANSI__) || defined(WOLF_C89)
|
||||
/* C89 "struct hack" fallback.
|
||||
* See http://c-faq.com/struct/structhack.html */
|
||||
#define WC_FLEXIBLE_ARRAY_SIZE 1
|
||||
#elif defined(__GNUC__) || defined(__clang__) || \
|
||||
(defined(_MSC_VER) && !defined(__cplusplus))
|
||||
/* gnu89 etc.: [] accepted as an extension without -pedantic;
|
||||
* MSVC C mode accepts it too (C4200, off by default at /W3). */
|
||||
#define WC_FLEXIBLE_ARRAY_SIZE
|
||||
#else
|
||||
#define WC_FLEXIBLE_ARRAY_SIZE 1
|
||||
#endif
|
||||
|
||||
/* try to set SIZEOF_LONG or SIZEOF_LONG_LONG if user didn't */
|
||||
#if defined(_WIN32) || defined(HAVE_LIMITS_H)
|
||||
#include <limits.h>
|
||||
@@ -299,7 +322,7 @@ typedef const char wcchar[];
|
||||
typedef unsigned long long word64;
|
||||
#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
|
||||
#define WORD64_AVAILABLE
|
||||
#ifdef WOLF_C89
|
||||
#if defined(WOLF_C89) && !defined(W64LIT_FORCE_LONG_LONG)
|
||||
#define W64LIT(x) x##UL
|
||||
#define SW64LIT(x) x##L
|
||||
#else
|
||||
@@ -310,7 +333,7 @@ typedef const char wcchar[];
|
||||
typedef unsigned long word64;
|
||||
#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
|
||||
#define WORD64_AVAILABLE
|
||||
#ifdef WOLF_C89
|
||||
#if defined(WOLF_C89) && !defined(W64LIT_FORCE_LONG_LONG)
|
||||
#define W64LIT(x) x##UL
|
||||
#define SW64LIT(x) x##L
|
||||
#else
|
||||
@@ -321,7 +344,7 @@ typedef const char wcchar[];
|
||||
typedef unsigned long long word64;
|
||||
#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
|
||||
#define WORD64_AVAILABLE
|
||||
#ifdef WOLF_C89
|
||||
#if defined(WOLF_C89) && !defined(W64LIT_FORCE_LONG_LONG)
|
||||
#define W64LIT(x) x##UL
|
||||
#define SW64LIT(x) x##L
|
||||
#else
|
||||
|
||||
Reference in New Issue
Block a user