diff --git a/src/internal.c b/src/internal.c index 305abda6c..726195950 100755 --- a/src/internal.c +++ b/src/internal.c @@ -3668,6 +3668,7 @@ int DupSSL(WOLFSSL* ssl, WOLFSSL* ossl) if (ret != 0) return ret; +#ifndef NO_DH /* Don't copy if (p,g) owned by ctx */ if (ssl->buffers.weOwnDH || ssl->options.side == WOLFSSL_CLIENT_END) { ret = DupBuffer(&ssl->buffers.serverDH_P, @@ -3680,6 +3681,7 @@ int DupSSL(WOLFSSL* ssl, WOLFSSL* ossl) if (ret != 0) return ret; } +#endif #ifdef KEEP_PEER_CERT ret = DupX509(&ssl->peerCert, &ossl->peerCert); diff --git a/src/ssl.c b/src/ssl.c index de77d497c..e8bc2f1b9 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -88,6 +88,7 @@ #include #endif #include + #include #endif #ifdef NO_ASN @@ -15880,13 +15881,6 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl) return 0; } - WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_file(void) { - WOLFSSL_ENTER("wolfSSL_BIO_s_file"); - WOLFSSL_STUB("wolfSSL_BIO_s_file"); - - return NULL; - } - const char * wolf_OBJ_nid2sn(int n) { (void)n; WOLFSSL_ENTER("wolf_OBJ_nid2sn"); diff --git a/tests/api.c b/tests/api.c index b6954cd90..b0bedbe9b 100644 --- a/tests/api.c +++ b/tests/api.c @@ -1012,7 +1012,7 @@ static void test_client_full_bio(void* args) #endif if (bio == NULL) { printf("wc_BioNew failed\n"); - goto done2; + goto done; } port = ((func_args*)args)->signal->port; @@ -1029,7 +1029,7 @@ static void test_client_full_bio(void* args) input = (int)wc_BioDoConnect(bio); if (input <= 0) { printf("wc_BioDoConnect failed : %d\n", input); - goto done2; + goto done; } printf("done\n"); #endif @@ -1042,14 +1042,14 @@ read_again: goto read_again; } printf("wc_BioRead failed"); - goto done2; + goto done; } reply[input] = 0; printf("BioFullCli, Server sent: %s\n", reply); if (wc_BioWrite(bio, msg, msgSz) != msgSz) { printf("wc_BioWrite failed"); - goto done2; + goto done; } read_again2: @@ -1060,7 +1060,7 @@ read_again2: goto read_again2; } printf("wc_BioRead failed"); - goto done2; + goto done; } reply[input] = 0; @@ -1069,10 +1069,10 @@ read_again2: /* close */ if (wc_BioWrite(bio, "end", 3) != 3) { printf("wc_BioWrite failed"); - goto done2; + goto done; } -done2: +done: if (bio != 0) wc_BioFreeAll(bio); @@ -1178,7 +1178,7 @@ read_again: printf("Retry read\n"); goto read_again; } - printf("wc_BioWrite failed\n"); + printf("wc_BioRead failed\n"); goto done; } @@ -1187,11 +1187,7 @@ read_again: if (wc_BioWrite(ssl_bio, msg, sizeof(msg)) != sizeof(msg)) { printf("wc_BioWrite failed\n"); -#ifdef WOLFSSL_TIRTOS - return; -#else - return 0; -#endif + goto done; } #ifdef WOLFSSL_TIRTOS diff --git a/wolfcrypt/src/bio.c b/wolfcrypt/src/bio.c index aece1cdd1..3fa6133e0 100644 --- a/wolfcrypt/src/bio.c +++ b/wolfcrypt/src/bio.c @@ -26,17 +26,21 @@ #include #ifdef OPENSSL_EXTRA - +#include #include + #ifndef NO_STDIO_FILESYSTEM #include #endif #include +#ifdef HAVE_ERRNO_H #include +#endif #ifdef USE_WINDOWS_API #include +#include #include #include #include @@ -827,7 +831,12 @@ int wc_BioPrintf(WOLFCRYPT_BIO *bio, const char *format, ...) XMEMSET(buffer, 0, size+1); +#if defined(USE_WINDOWS_API) + ret = vsnprintf_s(buffer, size+1, size+1, format, args2); +#else ret = vsnprintf(buffer, size+1, format, args2); +#endif + va_end(args2); if (ret != size) { @@ -2906,10 +2915,12 @@ int wc_BioGetAcceptSocket(char *host, int bind_mode) if (wc_BioSockInit() != 1) return WOLFSSL_SOCKET_INVALID; - str = strdup(host); + str = XMALLOC(strlen(host)+1, 0, DYNAMIC_TYPE_TMP_BUFFER); if (str == NULL) return WOLFSSL_SOCKET_INVALID; + XSTRNCPY(str, host, strlen(host)+1); + h = p = NULL; h = str; for (e = str; *e; e++) { @@ -2969,9 +2980,14 @@ again: if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) && (err_num == WSAEADDRINUSE)) #else +#ifdef HAVE_ERRNO_H err_num = errno; - if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) && - (err_num == EADDRINUSE)) +#endif + if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) +#ifdef HAVE_ERRNO_H + && (err_num == EADDRINUSE) +#endif + ) #endif /* USE_WINDOWS_API */ { client = server; @@ -3023,7 +3039,7 @@ again: err: if (str != NULL) - free(str); + XFREE(str, 0, DYNAMIC_TYPE_TMP_BUFFER); if (!ret && (s != WOLFSSL_SOCKET_INVALID)) { #ifdef USE_WINDOWS_API @@ -4013,7 +4029,9 @@ static int wc_BioConn_read(WOLFCRYPT_BIO *bio, char *data, int size) WSASetLastError(0); ret = (int)recv(bio->num, data, size, 0); #else +#ifdef HAVE_ERRNO_H errno = 0; +#endif ret = (int)read(bio->num, data, size); #endif @@ -4049,7 +4067,9 @@ static int wc_BioConn_write(WOLFCRYPT_BIO *bio, const char *data, int size) WSASetLastError(0); ret = (int)send(bio->num, data, size, 0); #else +#ifdef HAVE_ERRNO_H errno = 0; +#endif ret = (int)write(bio->num, data, size); #endif @@ -4405,7 +4425,11 @@ static int wc_BioDgram_should_retry(int i) #ifdef USE_WINDOWS_API ret = WSAGetLastError(); #else +#ifdef HAVE_ERRNO_H ret = errno; +#else + ret = -1; +#endif #endif return wc_BioSockNonFatalError(ret); } @@ -4646,7 +4670,9 @@ static int wc_BioDgram_read(WOLFCRYPT_BIO *bio, char *data, int size) #ifdef USE_WINDOWS_API WSASetLastError(0); #else +#ifdef HAVE_ERRNO_H errno = 0; +#endif #endif XMEMSET(&sa.peer, 0, sizeof(sa.peer)); @@ -4671,7 +4697,11 @@ static int wc_BioDgram_read(WOLFCRYPT_BIO *bio, char *data, int size) #ifdef USE_WINDOWS_API dgram->_errno = WSAGetLastError(); #else +#ifdef HAVE_ERRNO_H dgram->_errno = errno; +#else + dgram->_errno = -1; +#endif #endif } } @@ -4697,7 +4727,9 @@ static int wc_BioDgram_write(WOLFCRYPT_BIO *bio, #ifdef USE_WINDOWS_API WSASetLastError(0); #else +#ifdef HAVE_ERRNO_H errno = 0; +#endif #endif if (dgram->connected) @@ -4725,7 +4757,11 @@ static int wc_BioDgram_write(WOLFCRYPT_BIO *bio, #ifdef USE_WINDOWS_API dgram->_errno = WSAGetLastError(); #else +#ifdef HAVE_ERRNO_H dgram->_errno = errno; +#else + dgram->_errno = -1; +#endif #endif } @@ -6088,7 +6124,9 @@ static int wc_BioSock_read(WOLFCRYPT_BIO *bio, char *data, int size) WSASetLastError(0); ret = (int)recv(bio->num, data, size, 0); #else +#ifdef HAVE_ERRNO_H errno = 0; +#endif ret = (int)read(bio->num, data, size); #endif @@ -6114,7 +6152,9 @@ static int wc_BioSock_write(WOLFCRYPT_BIO *bio, const char *data, int size) WSASetLastError(0); ret = (int)send(bio->num, data, size, 0); #else +#ifdef HAVE_ERRNO_H errno = 0; +#endif ret = (int)write(bio->num, data, size); #endif @@ -6244,7 +6284,11 @@ int wc_BioSockShouldRetry(int i) #ifdef USE_WINDOWS_API ret = WSAGetLastError(); #else +#ifdef HAVE_ERRNO_H ret = errno; +#else + ret = -1; +#endif #endif return wc_BioSockNonFatalError(ret); } diff --git a/wolfcrypt/src/compat-wolfssl.c b/wolfcrypt/src/compat-wolfssl.c index eae28cb95..112f877ed 100644 --- a/wolfcrypt/src/compat-wolfssl.c +++ b/wolfcrypt/src/compat-wolfssl.c @@ -39,7 +39,9 @@ #include -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + +#ifndef NO_MD5 #ifndef WOLFSSL_HAVE_MIN #define WOLFSSL_HAVE_MIN @@ -48,10 +50,8 @@ static INLINE word32 min(word32 a, word32 b) { return a > b ? b : a; } - #endif /* WOLFSSSL_HAVE_MIN */ -#ifndef NO_MD5 void wc_MD5_Init(WOLFCRYPT_MD5_CTX* md5) { typedef char md5_test[sizeof(WOLFCRYPT_MD5_CTX) >= sizeof(Md5) ? 1 : -1]; @@ -260,14 +260,16 @@ void wc_HMAC_Final(WOLFCRYPT_HMAC_CTX* ctx, unsigned char* hash, if (len) { WOLFSSL_MSG("setting output len"); switch (ctx->type) { +#ifndef NO_MD5 case MD5: *len = MD5_DIGEST_SIZE; break; - +#endif +#ifndef NO_SHA case SHA: *len = SHA_DIGEST_SIZE; break; - +#endif case SHA256: *len = SHA256_DIGEST_SIZE; break; @@ -291,7 +293,7 @@ unsigned char* wc_HMAC(const WOLFCRYPT_EVP_MD* evp_md, const void* key, int key_len, const unsigned char* d, int n, unsigned char* md, unsigned int* md_len) { - int type; + int type = -1; unsigned char* ret = NULL; #ifdef WOLFSSL_SMALL_STACK Hmac* hmac = NULL; @@ -303,11 +305,16 @@ unsigned char* wc_HMAC(const WOLFCRYPT_EVP_MD* evp_md, const void* key, if (!md) return NULL; /* no static buffer support */ +#ifndef NO_MD5 if (XSTRNCMP(evp_md, "MD5", 3) == 0) type = MD5; +#endif +#ifndef NO_SHA else if (XSTRNCMP(evp_md, "SHA", 3) == 0) type = SHA; - else +#endif + + if (type == -1) return NULL; #ifdef WOLFSSL_SMALL_STACK @@ -319,9 +326,16 @@ unsigned char* wc_HMAC(const WOLFCRYPT_EVP_MD* evp_md, const void* key, if (wc_HmacSetKey(hmac, type, (const byte*)key, key_len) == 0) if (wc_HmacUpdate(hmac, d, n) == 0) if (wc_HmacFinal(hmac, md) == 0) { - if (md_len) - *md_len = (type == MD5) ? (int)MD5_DIGEST_SIZE - : (int)SHA_DIGEST_SIZE; + if (md_len) { +#ifndef NO_MD5 + if (type == MD5) + *md_len = (int)MD5_DIGEST_SIZE; +#endif +#ifndef NO_SHA + if (type == SHA) + *md_len = (int)SHA_DIGEST_SIZE; +#endif + } ret = md; } @@ -332,10 +346,6 @@ unsigned char* wc_HMAC(const WOLFCRYPT_EVP_MD* evp_md, const void* key, return ret; } -#endif /* OPENSSL_EXTRA */ - -#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - const char *EVP_AES_128_CBC = "AES-128-CBC"; const char *EVP_AES_192_CBC = "AES-192-CBC"; const char *EVP_AES_256_CBC = "AES-256-CBC"; @@ -359,6 +369,7 @@ const char *EVP_IDEA_CBC = "IDEA-CBC"; const int EVP_IDEA_SIZE = 8; #endif /* HAVE_IDEA */ +#ifndef NO_AES const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_128_cbc(void) { WOLFSSL_ENTER("wc_EVP_aes_128_cbc"); @@ -377,7 +388,7 @@ const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_256_cbc(void) return EVP_AES_256_CBC; } -#if defined(OPENSSL_EXTRA) +#ifdef WOLFSSL_AES_COUNTER const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_128_ctr(void) { WOLFSSL_ENTER("wc_EVP_aes_128_ctr"); @@ -395,8 +406,10 @@ const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_256_ctr(void) WOLFSSL_ENTER("wc_EVP_aes_256_ctr"); return EVP_AES_256_CTR; } -#endif /* OPENSSL_EXTRA */ +#endif /* WOLFSSL_AES_COUNTER */ +#endif /* NO_AES */ +#ifndef NO_DES3 const WOLFCRYPT_EVP_CIPHER* wc_EVP_des_cbc(void) { WOLFSSL_ENTER("wc_EVP_des_cbc"); @@ -408,6 +421,7 @@ const WOLFCRYPT_EVP_CIPHER* wc_EVP_des_ede3_cbc(void) WOLFSSL_ENTER("wc_EVP_des_ede3_cbc"); return EVP_DES_EDE3_CBC; } +#endif /* NO_DES3 */ const WOLFCRYPT_EVP_CIPHER* wc_EVP_rc4(void) { @@ -1529,7 +1543,7 @@ int wc_EVP_CIPHER_CTX_iv_length(const WOLFCRYPT_EVP_CIPHER_CTX* ctx) WOLFSSL_MSG("wc_EVP_CIPHER_CTX_iv_length"); switch (ctx->cipherType) { - +#ifndef NO_AES case AES_128_CBC_TYPE : case AES_192_CBC_TYPE : case AES_256_CBC_TYPE : @@ -1543,7 +1557,9 @@ int wc_EVP_CIPHER_CTX_iv_length(const WOLFCRYPT_EVP_CIPHER_CTX* ctx) WOLFSSL_MSG("AES CTR"); return AES_BLOCK_SIZE; #endif +#endif /* NO_AES */ +#ifndef NO_DES3 case DES_CBC_TYPE : WOLFSSL_MSG("DES CBC"); return DES_BLOCK_SIZE; @@ -1551,6 +1567,8 @@ int wc_EVP_CIPHER_CTX_iv_length(const WOLFCRYPT_EVP_CIPHER_CTX* ctx) case DES_EDE3_CBC_TYPE : WOLFSSL_MSG("DES EDE3 CBC"); return DES_BLOCK_SIZE; +#endif + #ifdef HAVE_IDEA case IDEA_CBC_TYPE : WOLFSSL_MSG("IDEA CBC"); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index b0977d973..ef8de46c1 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -6306,7 +6306,7 @@ int bio_md_test(void) { WOLFCRYPT_BIO *bmd, *bnull; int i, size, total, w; - char digest[SHA512_DIGEST_SIZE]; + char digest[64]; /* SHA512_DIGEST_SIZE */ struct bio_digest { const WOLFCRYPT_EVP_MD *type; diff --git a/wolfssl/wolfcrypt/compat-wolfssl.h b/wolfssl/wolfcrypt/compat-wolfssl.h index a1c196dae..801518d8a 100644 --- a/wolfssl/wolfcrypt/compat-wolfssl.h +++ b/wolfssl/wolfcrypt/compat-wolfssl.h @@ -45,8 +45,9 @@ typedef char WOLFCRYPT_EVP_MD; #ifndef NO_MD5 WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_md5(void); #endif +#ifndef NO_SHA WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_sha1(void); - +#endif WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_sha256(void); #ifdef WOLFSSL_SHA384 WOLFSSL_API const WOLFCRYPT_EVP_MD* wc_EVP_sha384(void); @@ -64,10 +65,12 @@ typedef char WOLFCRYPT_EVP_CIPHER; WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_128_cbc(void); WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_192_cbc(void); WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_256_cbc(void); +#ifdef WOLFSSL_AES_COUNTER WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_128_ctr(void); WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_192_ctr(void); WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_aes_256_ctr(void); -#endif +#endif /* WOLFSSL_AES_COUNTER */ +#endif /* NO_AES */ #ifndef NO_DES3 WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_des_cbc(void); WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_des_ede3_cbc(void); @@ -94,7 +97,7 @@ enum WC_Cipher { RC4_KEY_SIZE = 16, /* always 128bit */ DES_KEY_SIZE = 8, /* des */ DES3_KEY_SIZE = 24, /* 3 des ede */ - DES_IV_SIZE = DES_BLOCK_SIZE, + DES_IV_SIZE = 8, /* des */ AES_256_KEY_SIZE = 32, /* for 256 bit */ AES_192_KEY_SIZE = 24, /* for 192 bit */ AES_IV_SIZE = 16, /* always block size */