wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 05:39:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1655 from MJSPollard/wolfASIO

Browse Source 
Added wolfSSL compatability for Asio C++ library
This commit is contained in:
JacobBarthelmeh
2018-07-19 13:44:07 -06:00
committed by GitHub
parent 70dfb9af72 19dd08e191
commit a58d1cf030
7 changed files with 771 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
configure.ac
View File

@@ -180,6 +180,7 @@ then
enable_haproxy=yes
enable_stunnel=yes
enable_nginx=yes
enable_asio=yes
enable_pwdbased=yes
enable_aeskeywrap=yes
enable_x963kdf=yes
@@ -428,6 +429,7 @@ AM_CONDITIONAL([BUILD_RNG], [test "x$ENABLED_RNG" = "xyes"])
# signal (--enable-signal)
# lighty (--enable-lighty) HAVE_LIGHTY
# stunnel (--enable-stunnel) HAVE_STUNNEL
# asio (--enable-asio) WOLFSSL_ASIO
# HAVE_POCO_LIB
# WOLFSSL_MYSQL_COMPATIBLE
# web server (--enable-webserver) HAVE_WEBSERVER
@@ -3012,6 +3014,36 @@ then
AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE -DHAVE_EX_DATA"
fi
# Asio Support
AC_ARG_ENABLE([asio],
[AS_HELP_STRING([--enable-asio],[Enable asio (default: disabled)])],
[ ENABLED_ASIO=$enableval ],
[ ENABLED_ASIO=no ]
)
if test "$ENABLED_ASIO" = "yes"
then
# Requires opensslall make sure on
if test "x$ENABLED_OPENSSLALL" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno"
then
ENABLED_OPENSSLALL="yes"
AM_CFLAGS="-DOPENSSL_ALL $AM_CFLAGS"
fi
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASIO -DASIO_USE_WOLFSSL -DWOLFSSL_KEY_GEN"
AM_CFLAGS="$AM_CFLAGS -DSSL_TXT_TLSV1_2 -DSSL_TXT_TLSV1_1"
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_NO_SSL2 -DOPENSSL_NO_SSL3"
if test "$ENABLED_TLSV10" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DSSL_TXT_TLSV1"
fi
# Requires OCSP make sure on
if test "x$ENABLED_OCSP" = "xno"
then
ENABLED_OCSP="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
fi
fi
# stunnel Support
AC_ARG_ENABLE([stunnel],
@@ -3159,9 +3191,9 @@ AC_ARG_ENABLE([pwdbased],
if test "$ENABLED_PWDBASED" = "no"
then
if test "$ENABLED_OPENSSLEXTRA" = "yes" || test "$ENABLED_WEBSERVER" = "yes" || test "$ENABLED_ENCKEYS" = "yes"
if test "$ENABLED_OPENSSLEXTRA" = "yes" || test "$ENABLED_OPENSSLALL" = "yes" || test "$ENABLED_WEBSERVER" = "yes" || test "$ENABLED_ENCKEYS" = "yes"
then
# opensslextra, webserver and enckeys needs pwdbased
# opensslextra, opensslall, webserver, and enckeys needs pwdbased
ENABLED_PWDBASED=yes
else
AM_CFLAGS="$AM_CFLAGS -DNO_PWDBASED"
@@ -4429,6 +4461,7 @@ echo " * LIGHTY: $ENABLED_LIGHTY"
echo " * HAPROXY: $ENABLED_HAPROXY"
echo " * STUNNEL: $ENABLED_STUNNEL"
echo " * NGINX: $ENABLED_NGINX"
echo " * ASIO: $ENABLED_ASIO"
echo " * SIGNAL: $ENABLED_SIGNAL"
echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS"
echo " * DTLS: $ENABLED_DTLS"

481
src/ssl.c
View File

@@ -19780,7 +19780,7 @@ WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st)
{
(void)st;
WOLFSSL_STUB("wolfSSL_sk_SSL_COMP_zero");
//wolfSSL_set_options(ssl, SSL_OP_NO_COMPRESSION);
/* wolfSSL_set_options(ssl, SSL_OP_NO_COMPRESSION); */
return WOLFSSL_FAILURE;
}
#endif
@@ -24878,7 +24878,6 @@ int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
return WOLFSSL_SUCCESS;
}
#if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
@@ -27903,6 +27902,7 @@ WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r, const unsigned char **pp,
WOLFSSL_RSA *rsa = NULL;
WOLFSSL_ENTER("d2i_RSAPublicKey");
if(pp == NULL){
WOLFSSL_MSG("Bad argument");
return NULL;
@@ -27915,6 +27915,8 @@ WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r, const unsigned char **pp,
if(wolfSSL_RSA_LoadDer_ex(rsa, *pp, (int)len, WOLFSSL_RSA_LOAD_PUBLIC)
!= WOLFSSL_SUCCESS){
WOLFSSL_MSG("RSA_LoadDer failed");
wolfSSL_RSA_free(rsa);
rsa = NULL;
return NULL;
}
if(r != NULL)
@@ -27922,7 +27924,94 @@ WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r, const unsigned char **pp,
return rsa;
}
/* Converts an rsa private key from der format to an rsa structure.
Returns pointer to the rsa structure on succcess and NULL if error. */
WOLFSSL_RSA *wolfSSL_d2i_RSAPrivateKey(WOLFSSL_RSA **r,
const unsigned char **derBuf, long derSz)
{
WOLFSSL_RSA *rsa = NULL;
WOLFSSL_ENTER("wolfSSL_d2i_RSAPrivateKey");
/* check for bad functions arguments */
if (derBuf == NULL) {
WOLFSSL_MSG("Bad argument");
return NULL;
}
if ((rsa = wolfSSL_RSA_new()) == NULL) {
WOLFSSL_MSG("RSA_new failed");
return NULL;
}
if (wolfSSL_RSA_LoadDer_ex(rsa, *derBuf, (int)derSz,
WOLFSSL_RSA_LOAD_PRIVATE) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("RSA_LoadDer failed");
wolfSSL_RSA_free(rsa);
rsa = NULL;
return NULL;
}
if(r != NULL)
*r = rsa;
return rsa;
}
#if !defined(HAVE_FAST_RSA)
#if defined(WOLFSSL_KEY_GEN)
/* Converts an internal rsa structure to der format.
Returns size of der on success and WOLFSSL_FAILURE if error */
int wolfSSL_i2d_RSAPrivateKey(WOLFSSL_RSA *rsa, unsigned char **pp)
{
byte* der = NULL;
int derMax;
int ret;
int i;
WOLFSSL_ENTER("wolfSSL_i2d_RSAPrivateKey");
/* check for bad functions arguments */
if ((rsa == NULL) || (pp == NULL)) {
WOLFSSL_MSG("Bad Function Arguments");
return BAD_FUNC_ARG;
}
if ((ret = SetRsaInternal(rsa)) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("SetRsaInternal() Failed");
return ret;
}
/* 5 > size of n, d, p, q, d%(p-1), d(q-1), 1/q%p, e + ASN.1 additional
* informations
*/
derMax = 5 * wolfSSL_RSA_size(rsa) + AES_BLOCK_SIZE;
der = (byte*)XMALLOC(derMax, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (der == NULL) {
WOLFSSL_MSG("Malloc failed");
return WOLFSSL_FAILURE;
}
/* RSA key to DER */
if ((ret = wc_RsaKeyToDer((RsaKey *)rsa->internal, der, derMax)) < 0) {
WOLFSSL_MSG("wc_RsaKeyToDer() failed");
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
der = NULL;
return ret;
}
/* ret is the size of the der buffer */
for (i = 0; i < ret; i++) {
*(*pp + i) = *(der + i);
}
*pp += ret;
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret; /* returns size of der if successful */
}
#endif /* WOLFSSL_KEY_GEN */
int wolfSSL_i2d_RSAPublicKey(WOLFSSL_RSA *rsa, const unsigned char **pp)
{
byte *der;
@@ -27930,19 +28019,19 @@ int wolfSSL_i2d_RSAPublicKey(WOLFSSL_RSA *rsa, const unsigned char **pp)
int ret;
WOLFSSL_ENTER("i2d_RSAPublicKey");
if((rsa == NULL) || (pp == NULL))
if ((rsa == NULL) || (pp == NULL))
return WOLFSSL_FATAL_ERROR;
if((ret = SetRsaInternal(rsa)) != WOLFSSL_SUCCESS) {
if ((ret = SetRsaInternal(rsa)) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("SetRsaInternal Failed");
return ret;
}
if((derLen = RsaPublicKeyDerSize((RsaKey *)rsa->internal, 1)) < 0)
if ((derLen = RsaPublicKeyDerSize((RsaKey *)rsa->internal, 1)) < 0)
return WOLFSSL_FATAL_ERROR;
der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (der == NULL) {
return WOLFSSL_FATAL_ERROR;
}
if((ret = wc_RsaKeyToPublicDer((RsaKey *)rsa->internal, der, derLen)) < 0){
if ((ret = wc_RsaKeyToPublicDer((RsaKey *)rsa->internal, der, derLen)) < 0){
WOLFSSL_MSG("RsaKeyToPublicDer failed");
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
@@ -28765,7 +28854,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
{
CertName cName;
unsigned char buf[256]; //ASN_MAX_NAME
unsigned char buf[256]; /* ASN_MAX_NAME */
int sz;
if (out == NULL || name == NULL) {
@@ -31067,6 +31156,384 @@ int wolfSSL_get_state(const WOLFSSL* ssl)
}
#endif /* HAVE_LIGHTY || HAVE_STUNNEL || WOLFSSL_MYSQL_COMPATIBLE */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)
/* Returns the verifyCallback from the ssl structure if successful.
Returns NULL otherwise. */
VerifyCallback wolfSSL_get_verify_callback(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_get_verify_callback()");
if (ssl) {
return ssl->verifyCallback;
}
return NULL;
}
/* Creates a new bio pair.
Returns WOLFSSL_SUCCESS if no error, WOLFSSL_FAILURE otherwise.*/
int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO **bio1_p, size_t writebuf1,
WOLFSSL_BIO **bio2_p, size_t writebuf2)
{
WOLFSSL_BIO *bio1 = NULL, *bio2 = NULL;
int ret = 1;
WOLFSSL_ENTER("wolfSSL_BIO_new_bio_pair()");
if (bio1_p == NULL || bio2_p == NULL) {
WOLFSSL_MSG("Bad Function Argument");
return BAD_FUNC_ARG;
}
/* set up the new bio structures and write buf sizes */
if ((bio1 = wolfSSL_BIO_new(wolfSSL_BIO_s_bio())) == NULL) {
WOLFSSL_MSG("Bio allocation failed");
ret = WOLFSSL_FAILURE;
}
if (ret) {
if ((bio2 = wolfSSL_BIO_new(wolfSSL_BIO_s_bio())) == NULL) {
WOLFSSL_MSG("Bio allocation failed");
ret = WOLFSSL_FAILURE;
}
}
if (ret && writebuf1) {
if (!(ret = wolfSSL_BIO_set_write_buf_size(bio1, writebuf1))) {
WOLFSSL_MSG("wolfSSL_BIO_set_write_buf() failure");
}
}
if (ret && writebuf2) {
if (!(ret = wolfSSL_BIO_set_write_buf_size(bio2, writebuf2))) {
WOLFSSL_MSG("wolfSSL_BIO_set_write_buf() failure");
}
}
if (ret) {
if ((ret = wolfSSL_BIO_make_bio_pair(bio1, bio2))) {
*bio1_p = bio1;
*bio2_p = bio2;
}
}
if (!ret) {
wolfSSL_BIO_free(bio1);
bio1 = NULL;
wolfSSL_BIO_free(bio2);
bio2 = NULL;
}
return ret;
}
#if !defined(NO_RSA)
/* Converts an rsa key from a bio buffer into an internal rsa structure.
Returns a pointer to the new WOLFSSL_RSA structure. */
WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO *bio, WOLFSSL_RSA **out)
{
const unsigned char* bioMem = NULL;
int bioMemSz = 0;
WOLFSSL_RSA* key = NULL;
unsigned char maxKeyBuf[4096];
unsigned char* bufPtr = NULL;
unsigned char* extraBioMem = NULL;
int extraBioMemSz = 0;
int derLength = 0;
int j = 0, i = 0;
WOLFSSL_ENTER("wolfSSL_d2i_RSAPrivateKey_bio()");
if (bio == NULL) {
WOLFSSL_MSG("Bad Function Argument");
return NULL;
}
(void)out;
bioMemSz = wolfSSL_BIO_pending(bio);
if (bioMemSz <= 0) {
WOLFSSL_MSG("wolfSSL_BIO_pending() failure");
return NULL;
}
bioMem = (unsigned char*)XMALLOC(bioMemSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (bioMem == NULL) {
WOLFSSL_MSG("Malloc failure");
return NULL;
}
bufPtr = maxKeyBuf;
if (wolfSSL_BIO_read(bio, (unsigned char*)bioMem, (int)bioMemSz) == bioMemSz) {
if ((key = wolfSSL_d2i_RSAPrivateKey(NULL, &bioMem, bioMemSz)) == NULL) {
XFREE((unsigned char*)bioMem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
/* This function is used to get the total length of the rsa key. */
derLength = wolfSSL_i2d_RSAPrivateKey(key, &bufPtr);
/* Write extra data back into bio object if necessary. */
extraBioMemSz = (bioMemSz - derLength);
if (extraBioMemSz > 0) {
extraBioMem = XMALLOC(extraBioMemSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (extraBioMem == NULL) {
WOLFSSL_MSG("Malloc failure");;
XFREE((unsigned char*)extraBioMem, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
XFREE((unsigned char*)bioMem, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
for (i = derLength; i < bioMemSz; i++) {
*(extraBioMem + j) = *(bioMem + i);
j++;
}
wolfSSL_BIO_write(bio, extraBioMem, extraBioMemSz);
if (wolfSSL_BIO_pending(bio) <= 0) {
WOLFSSL_MSG("Failed to write memory to bio");
XFREE((unsigned char*)extraBioMem, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
XFREE((unsigned char*)bioMem, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
XFREE((unsigned char*)extraBioMem, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
}
if (out != NULL && key != NULL) {
*out = key;
}
}
XFREE((unsigned char*)bioMem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
return key;
}
#endif
/* Adds the ASN1 certificate to the user ctx.
Returns WOLFSSL_SUCCESS if no error, returns WOLFSSL_FAILURE otherwise.*/
int wolfSSL_CTX_use_certificate_ASN1(WOLFSSL_CTX *ctx, int derSz,
const unsigned char *der)
{
WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_ASN1()");
if (der != NULL && ctx != NULL) {
if (wolfSSL_CTX_use_certificate_buffer(ctx, der, derSz,
WOLFSSL_FILETYPE_ASN1) == WOLFSSL_SUCCESS) {
return WOLFSSL_SUCCESS;
}
}
return WOLFSSL_FAILURE;
}
#if !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
/* Adds the rsa private key to the user ctx.
Returns WOLFSSL_SUCCESS if no error, returns WOLFSSL_FAILURE otherwise.*/
int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL_RSA* rsa)
{
int ret;
int derSize;
unsigned char maxDerBuf[4096];
unsigned char* key = NULL;
WOLFSSL_ENTER("wolfSSL_CTX_use_RSAPrivateKey()");
if (ctx == NULL || rsa == NULL) {
WOLFSSL_MSG("one or more inputs were NULL");
return BAD_FUNC_ARG;
}
key = maxDerBuf;
/* convert RSA struct to der encoded buffer and get the size */
if ((derSize = wolfSSL_i2d_RSAPrivateKey(rsa, &key)) <= 0) {
WOLFSSL_MSG("wolfSSL_i2d_RSAPrivateKey() failure");
return WOLFSSL_FAILURE;
}
ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, (const unsigned char*)maxDerBuf,
derSize, SSL_FILETYPE_ASN1);
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("wolfSSL_CTX_USE_PrivateKey_buffer() failure");
return WOLFSSL_FAILURE;
}
return ret;
}
#endif /* NO_RSA && !HAVE_FAST_RSA */
/* Converts EVP_PKEY data from a bio buffer to a WOLFSSL_EVP_PKEY structure.
Returns pointer to private EVP_PKEY struct upon success, NULL if there
is a failure.*/
WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY** out)
{
unsigned char* mem = NULL;
int memSz = 0;
WOLFSSL_EVP_PKEY* key = NULL;
int i = 0, j = 0;
unsigned char* extraBioMem = NULL;
int extraBioMemSz = 0;
int derLength = 0;
WOLFSSL_ENTER("wolfSSL_d2i_PrivateKey_bio()");
if (bio == NULL) {
return NULL;
}
(void)out;
memSz = wolfSSL_BIO_pending(bio);
if (memSz <= 0) {
WOLFSSL_MSG("wolfSSL_BIO_pending() failure");
return NULL;
}
mem = (unsigned char*)XMALLOC(memSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (mem == NULL) {
WOLFSSL_MSG("Malloc failure");
return NULL;
}
if (wolfSSL_BIO_read(bio, (unsigned char*)mem, memSz) == memSz) {
/* Determines key type and returns the new private EVP_PKEY object */
if ((key = wolfSSL_d2i_PrivateKey_EVP(NULL, &mem, (long)memSz)) == NULL) {
WOLFSSL_MSG("wolfSSL_d2i_PrivateKey_EVP() failure");
XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
/* Write extra data back into bio object if necessary. */
derLength = key->pkey_sz;
extraBioMemSz = (memSz - derLength);
if (extraBioMemSz > 0) {
extraBioMem = XMALLOC(extraBioMemSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (extraBioMem == NULL) {
WOLFSSL_MSG("Malloc failure");
XFREE((unsigned char*)extraBioMem, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
for (i = derLength; i < memSz; i++) {
*(extraBioMem + j) = *(mem + i);
j++;
}
wolfSSL_BIO_write(bio, extraBioMem, extraBioMemSz);
if (wolfSSL_BIO_pending(bio) <= 0) {
WOLFSSL_MSG("Failed to write memory to bio");
XFREE((unsigned char*)extraBioMem, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
XFREE((unsigned char*)extraBioMem, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
}
if (out != NULL && key != NULL) {
*out = key;
}
}
XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
return key;
}
/* Converts a DER encoded private key to a WOLFSSL_EVP_PKEY structure.
* returns a pointer to a new WOLFSSL_EVP_PKEY structure on success and NULL
* on fail */
WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** out,
unsigned char** in, long inSz)
{
WOLFSSL_EVP_PKEY* pkey = NULL;
const unsigned char* mem;
long memSz = inSz;
WOLFSSL_ENTER("wolfSSL_d2i_PrivateKey_EVP()");
if (in == NULL || inSz < 0) {
WOLFSSL_MSG("Bad argument");
return NULL;
}
mem = *in;
#if !defined(NO_RSA)
{
RsaKey rsa;
word32 keyIdx = 0;
/* test if RSA key */
if (wc_InitRsaKey(&rsa, NULL) == 0 &&
wc_RsaPrivateKeyDecode(mem, &keyIdx, &rsa, (word32)memSz) == 0) {
wc_FreeRsaKey(&rsa);
pkey = wolfSSL_PKEY_new();
if (pkey != NULL) {
pkey->pkey_sz = keyIdx;
pkey->pkey.ptr = (char*)XMALLOC(memSz, NULL,
DYNAMIC_TYPE_PRIVATE_KEY);
if (pkey->pkey.ptr == NULL) {
wolfSSL_EVP_PKEY_free(pkey);
return NULL;
}
XMEMCPY(pkey->pkey.ptr, mem, keyIdx);
pkey->type = EVP_PKEY_RSA;
if (out != NULL) {
*out = pkey;
}
pkey->ownRsa = 1;
pkey->rsa = wolfSSL_RSA_new();
if (pkey->rsa == NULL) {
wolfSSL_EVP_PKEY_free(pkey);
return NULL;
}
if (wolfSSL_RSA_LoadDer_ex(pkey->rsa,
(const unsigned char*)pkey->pkey.ptr,
pkey->pkey_sz, WOLFSSL_RSA_LOAD_PRIVATE) != 1) {
wolfSSL_EVP_PKEY_free(pkey);
return NULL;
}
return pkey;
}
}
wc_FreeRsaKey(&rsa);
}
#endif /* NO_RSA */
#ifdef HAVE_ECC
{
word32 keyIdx = 0;
ecc_key ecc;
/* test if ecc key */
if (wc_ecc_init(&ecc) == 0 &&
wc_EccPrivateKeyDecode(mem, &keyIdx, &ecc, (word32)memSz) == 0) {
wc_ecc_free(&ecc);
pkey = wolfSSL_PKEY_new();
if (pkey != NULL) {
pkey->pkey_sz = keyIdx;
pkey->pkey.ptr = (char*)XMALLOC(keyIdx, NULL,
DYNAMIC_TYPE_PRIVATE_KEY);
if (pkey->pkey.ptr == NULL) {
wolfSSL_EVP_PKEY_free(pkey);
return NULL;
}
XMEMCPY(pkey->pkey.ptr, mem, keyIdx);
pkey->type = EVP_PKEY_EC;
if (out != NULL) {
*out = pkey;
}
return pkey;
}
}
wc_ecc_free(&ecc);
}
#endif /* HAVE_ECC */
return pkey;
}
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
/* stunnel compatibility functions*/
#if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) \

44
src/tls.c
View File

@@ -10006,7 +10006,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType,
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_TLSV10
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
/* Gets a WOLFSL_METHOD type that is not set as client or server
*
* Returns a pointer to a WOLFSSL_METHOD struct
@@ -10025,7 +10025,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType,
return m;
}
#endif /* OPENSSL_EXTRA */
#endif /* OPENSSL_EXTRA || OPENSSL_ALL*/
WOLFSSL_METHOD* wolfTLSv1_client_method(void)
{
@@ -10167,6 +10167,26 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType,
return method;
}
#endif /* WOLFSSL_ALLOW_TLSV10 */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
/* Gets a WOLFSL_METHOD type that is not set as client or server
*
* Returns a pointer to a WOLFSSL_METHOD struct
*/
WOLFSSL_METHOD* wolfTLSv1_1_method(void) {
WOLFSSL_METHOD* m;
WOLFSSL_ENTER("wolfTLSv1_1_method");
#ifndef NO_WOLFSSL_CLIENT
m = wolfTLSv1_1_client_method();
#else
m = wolfTLSv1_1_server_method();
#endif
if (m != NULL) {
m->side = WOLFSSL_NEITHER_END;
}
return m;
}
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
WOLFSSL_METHOD* wolfTLSv1_1_server_method(void)
{
@@ -10189,6 +10209,26 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType,
#ifndef WOLFSSL_NO_TLS12
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
/* Gets a WOLFSL_METHOD type that is not set as client or server
*
* Returns a pointer to a WOLFSSL_METHOD struct
*/
WOLFSSL_METHOD* wolfTLSv1_2_method(void) {
WOLFSSL_METHOD* m;
WOLFSSL_ENTER("wolfTLSv1_2_method");
#ifndef NO_WOLFSSL_CLIENT
m = wolfTLSv1_2_client_method();
#else
m = wolfTLSv1_2_server_method();
#endif
if (m != NULL) {
m->side = WOLFSSL_NEITHER_END;
}
return m;
}
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
WOLFSSL_METHOD* wolfTLSv1_2_server_method(void)
{
return wolfTLSv1_2_server_method_ex(NULL);

2
src/wolfio.c
View File

@@ -127,6 +127,7 @@ int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx)
switch (ssl->biord->type) {
case WOLFSSL_BIO_MEMORY:
case WOLFSSL_BIO_BIO:
if (wolfSSL_BIO_ctrl_pending(ssl->biord) == 0) {
return WOLFSSL_CBIO_ERR_WANT_READ;
}
@@ -167,6 +168,7 @@ int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx)
switch (ssl->biowr->type) {
case WOLFSSL_BIO_MEMORY:
case WOLFSSL_BIO_BIO:
sent = wolfSSL_BIO_write(ssl->biowr, buf, sz);
if (sent < 0) {
return WOLFSSL_CBIO_ERR_GENERAL;

154
tests/api.c
View File

@@ -283,7 +283,7 @@
#include <wolfssl/wolfcrypt/curve25519.h>
#endif
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_ALL))
#include <wolfssl/openssl/ssl.h>
#ifndef NO_ASN
/* for ASN_COMMON_NAME DN_tags enum */
@@ -554,6 +554,29 @@ static void test_wolfSSL_CTX_use_certificate_file(void)
#endif
}
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)
static int test_wolfSSL_CTX_use_certificate_ASN1(void)
{
#if !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) && !defined(NO_ASN)
WOLFSSL_CTX* ctx;
int ret;
printf(testingFmt, "wolfSSL_CTX_use_certificate_ASN1()");
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ret = SSL_CTX_use_certificate_ASN1(ctx, sizeof_server_cert_der_2048,
server_cert_der_2048);
printf(resultFmt, ret == WOLFSSL_SUCCESS ? passed : failed);
wolfSSL_CTX_free(ctx);
return ret;
#else
return WOLFSSL_SUCCESS;
#endif
}
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
/* Test function for wolfSSL_CTX_use_certificate_buffer. Load cert into
* context using buffer.
* PRE: NO_CERTS not defined; USE_CERT_BUFFERS_2048 defined; compile with
@@ -17238,6 +17261,19 @@ static void test_wolfSSL_BIO(void)
BIO_free(bio1);
BIO_free(bio3);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)
{
BIO* bioA = NULL;
BIO* bioB = NULL;
AssertIntEQ(BIO_new_bio_pair(NULL, 256, NULL, 256), BAD_FUNC_ARG);
AssertIntEQ(BIO_new_bio_pair(&bioA, 256, &bioB, 256), WOLFSSL_SUCCESS);
BIO_free(bioA);
bioA = NULL;
BIO_free(bioB);
bioB = NULL;
}
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
/* BIOs with file pointers */
#if !defined(NO_FILESYSTEM)
{
@@ -18084,6 +18120,111 @@ static void test_wolfSSL_d2i_PUBKEY(void)
#endif
}
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)
static void test_wolfSSL_d2i_PrivateKeys_bio(void)
{
BIO* bio = NULL;
EVP_PKEY* pkey = NULL;
RSA* rsa = NULL;
WOLFSSL_CTX* ctx;
unsigned char buffer[4096];
unsigned char* bufPtr;
printf(testingFmt, "wolfSSL_d2i_PrivateKeys_bio()");
/* test creating new EVP_PKEY with bad arg */
AssertNull((pkey = d2i_PrivateKey_bio(NULL, NULL)));
/* test loading RSA key using BIO */
#if !defined(NO_RSA) && !defined(NO_FILESYSTEM)
{
XFILE file;
const char* fname = "./certs/server-key.der";
size_t sz;
byte* buf;
file = XFOPEN(fname, "rb");
AssertTrue((file != XBADFILE));
XFSEEK(file, 0, XSEEK_END);
sz = XFTELL(file);
XREWIND(file);
AssertNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
AssertIntEQ(XFREAD(buf, 1, sz, file), sz);
XFCLOSE(file);
/* Test using BIO new mem and loading DER private key */
AssertNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
AssertNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE);
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
}
#endif
/* test loading ECC key using BIO */
#if defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
{
XFILE file;
const char* fname = "./certs/ecc-key.der";
size_t sz;
byte* buf;
file = XFOPEN(fname, "rb");
AssertTrue((file != XBADFILE));
XFSEEK(file, 0, XSEEK_END);
sz = XFTELL(file);
XREWIND(file);
AssertNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
AssertIntEQ(XFREAD(buf, 1, sz, file), sz);
XFCLOSE(file);
/* Test using BIO new mem and loading DER private key */
AssertNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
AssertNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE);
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
}
#endif
AssertNotNull(bio = BIO_new(BIO_s_mem()));
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
/* Tests bad parameters */
AssertNull(d2i_RSAPrivateKey_bio(NULL, NULL));
/* RSA not set yet, expecting to fail*/
AssertIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), BAD_FUNC_ARG);
#if defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
/* set RSA using bio*/
AssertIntGT(BIO_write(bio, client_key_der_2048,
sizeof_client_key_der_2048), 0);
AssertNotNull(rsa = d2i_RSAPrivateKey_bio(bio, NULL));
AssertIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), WOLFSSL_SUCCESS);
/*i2d RSAprivate key tests */
bufPtr = buffer;
AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(NULL, NULL), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
sizeof_client_key_der_2048);
RSA_free(rsa);
#endif
SSL_CTX_free(ctx);
ctx = NULL;
BIO_free(bio);
bio = NULL;
(void)rsa;
printf(resultFmt, passed);
}
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
static void test_wolfSSL_sk_GENERAL_NAME(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
@@ -18230,6 +18371,12 @@ static void test_wolfSSL_RSA_DER(void)
AssertNotNull(rsa);
RSA_free(rsa);
}
for (i = 0; tbl[i].der != NULL; i++)
{
AssertNotNull(d2i_RSAPrivateKey(&rsa, &tbl[i].der, tbl[i].sz));
AssertNotNull(rsa);
RSA_free(rsa);
}
printf(resultFmt, passed);
#endif
@@ -20113,6 +20260,11 @@ void ApiTest(void)
test_wolfSSL_i2c_ASN1_INTEGER();
test_wolfSSL_X509_check_ca();
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)
AssertIntEQ(test_wolfSSL_CTX_use_certificate_ASN1(), WOLFSSL_SUCCESS);
test_wolfSSL_d2i_PrivateKeys_bio();
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
/* test the no op functions for compatibility */
test_no_op_functions();

41
wolfssl/openssl/ssl.h
View File

@@ -143,8 +143,10 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define TLSv1_method wolfTLSv1_method
#define TLSv1_server_method wolfTLSv1_server_method
#define TLSv1_client_method wolfTLSv1_client_method
#define TLSv1_1_method wolfTLSv1_1_method
#define TLSv1_1_server_method wolfTLSv1_1_server_method
#define TLSv1_1_client_method wolfTLSv1_1_client_method
#define TLSv1_2_method wolfTLSv1_2_method
#define TLSv1_2_server_method wolfTLSv1_2_server_method
#define TLSv1_2_client_method wolfTLSv1_2_client_method
@@ -514,6 +516,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio
#define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp
#define d2i_RSAPublicKey wolfSSL_d2i_RSAPublicKey
#define d2i_RSAPrivateKey wolfSSL_d2i_RSAPrivateKey
#define i2d_RSAPrivateKey wolfSSL_i2d_RSAPrivateKey
#define i2d_RSAPublicKey wolfSSL_i2d_RSAPublicKey
#define d2i_X509_CRL wolfSSL_d2i_X509_CRL
#define d2i_X509_CRL_fp wolfSSL_d2i_X509_CRL_fp
@@ -621,6 +625,39 @@ enum {
#define sk_SSL_CIPHER_value wolfSSL_sk_SSL_CIPHER_value
#endif /* OPENSSL_ALL || WOLFSSL_HAPROXY */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)
#include <wolfssl/openssl/pem.h>
typedef STACK_OF(WOLFSSL_ASN1_OBJECT) GENERAL_NAMES;
#define SSL_CTRL_CHAIN 88
#define BIO_CTRL_WPENDING 13
#define GEN_IPADD 7
#define ERR_LIB_SSL 20
#define SSL_R_SHORT_READ 10
#define ERR_R_PEM_LIB 9
#define V_ASN1_IA5STRING 22
#define SSL_CTRL_MODE 33
#define SSL_CTX_clear_chain_certs(ctx) SSL_CTX_set0_chain(ctx,NULL)
#define d2i_RSAPrivateKey_bio wolfSSL_d2i_RSAPrivateKey_bio
#define SSL_CTX_use_RSAPrivateKey wolfSSL_CTX_use_RSAPrivateKey
#define d2i_PrivateKey_bio wolfSSL_d2i_PrivateKey_bio
#define ASN1_IA5STRING WOLFSSL_ASN1_STRING
#define ASN1_OCTET_STRING WOLFSSL_ASN1_STRING
#define BIO_new_bio_pair wolfSSL_BIO_new_bio_pair
#define SSL_get_verify_callback wolfSSL_get_verify_callback
#define GENERAL_NAMES_free(GENERAL_NAMES)NULL
#define SSL_set_mode(ssl,op) wolfSSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
#define BIO_wpending(b) wolfSSL_BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
#define SSL_CTX_use_certificate_ASN1 wolfSSL_CTX_use_certificate_ASN1
#define SSL_CTX_set0_chain(ctx,sk) \
wolfSSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)(sk))
#define SSL_CTX_get_app_data(ctx) wolfSSL_CTX_get_ex_data(ctx,0)
#define SSL_CTX_set_app_data(ctx,arg) wolfSSL_CTX_set_ex_data(ctx,0, \
(char *)(arg))
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
#define SSL_CTX_set_tmp_dh wolfSSL_CTX_set_tmp_dh
#define BIO_new_file wolfSSL_BIO_new_file
@@ -719,7 +756,8 @@ enum {
#define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS
#define SSL3_RANDOM_SIZE 32 /* same as RAN_LEN in internal.h */
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA)
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \
|| defined(OPENSSL_ALL)
#include <wolfssl/openssl/asn1.h>
#define SSL2_VERSION 0x0002
@@ -920,5 +958,4 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
} /* extern "C" */
#endif
#endif /* wolfSSL_openssl_h__ */

27
wolfssl/ssl.h
View File

@@ -222,6 +222,8 @@ struct WOLFSSL_ASN1_OBJECT {
struct d { /* derefrenced */
WOLFSSL_ASN1_STRING ia5_internal;
WOLFSSL_ASN1_STRING* ia5; /* points to ia5_internal */
WOLFSSL_ASN1_STRING* dNSName;
WOLFSSL_ASN1_STRING* iPAddress;
} d;
};
@@ -348,6 +350,7 @@ typedef struct WOLFSSL_BUFFER_INFO {
typedef struct WOLFSSL_X509_STORE_CTX {
WOLFSSL_X509_STORE* store; /* Store full of a CA cert chain */
WOLFSSL_X509* current_cert; /* stunnel dereference */
WOLFSSL_X509* current_issuer; /* asio dereference */
WOLFSSL_X509_CHAIN* sesChain; /* pointer to WOLFSSL_SESSION peer chain */
WOLFSSL_STACK* chain;
#ifdef OPENSSL_EXTRA
@@ -438,8 +441,10 @@ WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method(void);
WOLFSSL_API WOLFSSL_METHOD* wolfTLSv1_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
#ifdef WOLFSSL_TLS13
@@ -599,6 +604,17 @@ WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL*);
WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX*, long);
WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL*, const unsigned char*, int, int);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)
WOLFSSL_API int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO**, size_t,
WOLFSSL_BIO**, size_t);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO*, WOLFSSL_RSA**);
WOLFSSL_API int wolfSSL_CTX_use_certificate_ASN1(WOLFSSL_CTX*,
int, const unsigned char*);
WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX*, WOLFSSL_RSA*);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO*, WOLFSSL_EVP_PKEY**);
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
#ifdef SESSION_INDEX
WOLFSSL_API int wolfSSL_GetSessionIndex(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
@@ -930,6 +946,8 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** key,
unsigned char** in, long inSz);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type,
WOLFSSL_EVP_PKEY** out, const unsigned char **in, long inSz);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** key,
unsigned char** in, long inSz);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new_ex(void* heap);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new(void);
WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*);
@@ -991,8 +1009,12 @@ WOLFSSL_API const char* wolfSSL_state_string_long(const WOLFSSL*);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long,
void(*)(int, int, void*), void*);
WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r, const unsigned char **pp, long len);
WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r,
const unsigned char **pp, long len);
WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPrivateKey(WOLFSSL_RSA**,
const unsigned char**, long);
WOLFSSL_API int wolfSSL_i2d_RSAPublicKey(WOLFSSL_RSA *r, const unsigned char **pp);
WOLFSSL_API int wolfSSL_i2d_RSAPrivateKey(WOLFSSL_RSA *r, unsigned char **pp);
WOLFSSL_API void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX *,
WOLFSSL_RSA *(*)(WOLFSSL *, int, int));
@@ -2735,6 +2757,8 @@ WOLFSSL_API WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL*,WOLFSSL_CTX*);
WOLFSSL_API VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX*);
WOLFSSL_API VerifyCallback wolfSSL_get_verify_callback(WOLFSSL*);
WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *,
CallbackSniRecv);
WOLFSSL_API int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX *,
@@ -2743,6 +2767,7 @@ WOLFSSL_API int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX *,
WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*);
WOLFSSL_API void wolfSSL_ERR_remove_thread_state(void*);
/* support for depricated old name */
#define WOLFSSL_ERR_remove_thread_state wolfSSL_ERR_remove_thread_state