diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 703e31c3a..8b003f90a 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -22300,6 +22300,7 @@ static int wc_EncryptedInfoAppend(char* dest, int destSz, char* cipherInfo) #ifdef WOLFSSL_DER_TO_PEM /* Used for compatibility API */ +WOLFSSL_ABI int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz, int type) { @@ -23756,11 +23757,41 @@ int wc_InitCert_ex(Cert* cert, void* heap, int devId) return 0; } +WOLFSSL_ABI int wc_InitCert(Cert* cert) { return wc_InitCert_ex(cert, NULL, INVALID_DEVID); } +WOLFSSL_ABI +Cert* wc_CertNew(void* heap) +{ + Cert* certNew; + + certNew = (Cert*)XMALLOC(sizeof(Cert), heap, DYNAMIC_TYPE_CERT); + + if (certNew) { + if (wc_InitCert_ex(certNew, heap, INVALID_DEVID) != 0) { + XFREE(certNew, heap, DYNAMIC_TYPE_CERT); + certNew = NULL; + } + } + + return certNew; +} + +WOLFSSL_ABI +void wc_CertFree(Cert* cert) +{ + if (cert) { + void* heap = cert->heap; + + ForceZero(cert, sizeof(Cert)); + XFREE(cert, heap, DYNAMIC_TYPE_CERT); + (void)heap; + } +} + /* DER encoded x509 Certificate */ typedef struct DerCert { byte size[MAX_LENGTH_SZ]; /* length encoded */ @@ -23856,6 +23887,7 @@ static word32 SetUTF8String(word32 len, byte* output) /* wc_SetCert_Free is only public when WOLFSSL_CERT_GEN_CACHE is not defined */ static #endif +WOLFSSL_ABI void wc_SetCert_Free(Cert* cert) { if (cert != NULL) { @@ -24133,6 +24165,7 @@ static int SetEccPublicKey(byte* output, ecc_key* key, int outLen, * @return BAD_FUNC_ARG when key or key's parameters is NULL. * @return MEMORY_E when dynamic memory allocation failed. */ +WOLFSSL_ABI int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen, int with_AlgCurve) { @@ -27888,6 +27921,7 @@ int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType, } /* Make an x509 Certificate v3 RSA or ECC from cert input, write to buffer */ +WOLFSSL_ABI int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng) { @@ -28782,6 +28816,7 @@ int wc_MakeCertReq_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType, ed25519Key, ed448Key, falconKey, dilithiumKey); } +WOLFSSL_ABI int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, ecc_key* eccKey) { @@ -28917,6 +28952,7 @@ int wc_SignCert(int requestSz, int sType, byte* buf, word32 buffSz, NULL, NULL, rng); } +WOLFSSL_ABI int wc_MakeSelfCert(Cert* cert, byte* buf, word32 buffSz, RsaKey* key, WC_RNG* rng) { @@ -28935,6 +28971,7 @@ int wc_MakeSelfCert(Cert* cert, byte* buf, word32 buffSz, /* Get raw subject from cert, which may contain OIDs not parsed by Decode. The raw subject pointer will only be valid while "cert" is valid. */ +WOLFSSL_ABI int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert) { int rc = BAD_FUNC_ARG; @@ -29731,6 +29768,7 @@ static int SetNameFromCert(CertName* cn, const byte* der, int derSz) } /* Set cert issuer from issuerFile in PEM */ +WOLFSSL_ABI int wc_SetIssuer(Cert* cert, const char* issuerFile) { int ret; @@ -29752,6 +29790,7 @@ int wc_SetIssuer(Cert* cert, const char* issuerFile) /* Set cert subject from subjectFile in PEM */ +WOLFSSL_ABI int wc_SetSubject(Cert* cert, const char* subjectFile) { int ret; @@ -29773,6 +29812,7 @@ int wc_SetSubject(Cert* cert, const char* subjectFile) #ifdef WOLFSSL_ALT_NAMES /* Set alt names from file in PEM */ +WOLFSSL_ABI int wc_SetAltNames(Cert* cert, const char* file) { int ret; @@ -29797,6 +29837,7 @@ int wc_SetAltNames(Cert* cert, const char* file) #endif /* !NO_FILESYSTEM */ /* Set cert issuer from DER buffer */ +WOLFSSL_ABI int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz) { int ret = 0; @@ -29825,6 +29866,7 @@ int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz) } /* Set cert subject from DER buffer */ +WOLFSSL_ABI int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz) { int ret = 0; @@ -29851,6 +29893,7 @@ int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz) } #ifdef WOLFSSL_CERT_EXT /* Set cert raw subject from DER buffer */ +WOLFSSL_ABI int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz) { int ret = 0; @@ -29883,6 +29926,7 @@ int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz) } /* Set cert raw issuer from DER buffer */ +WOLFSSL_ABI int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz) { int ret = 0; @@ -29918,6 +29962,7 @@ int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz) #ifdef WOLFSSL_ALT_NAMES /* Set cert alt names from DER buffer */ +WOLFSSL_ABI int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz) { int ret = 0; @@ -29944,6 +29989,7 @@ int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz) } /* Set cert dates from DER buffer */ +WOLFSSL_ABI int wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz) { int ret = 0; @@ -30770,6 +30816,7 @@ enum { #define eccKeyASN_Length (sizeof(eccKeyASN) / sizeof(ASNItem)) #endif +WOLFSSL_ABI int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, word32 inSz) { @@ -31046,6 +31093,7 @@ static int EccKeyParamCopy(char** dst, char* src) #endif /* !WOLFSSL_ASN_TEMPLATE */ #endif /* WOLFSSL_CUSTOM_CURVES */ +WOLFSSL_ABI int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, word32 inSz) { @@ -31659,6 +31707,7 @@ static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen, /* Write a Private ecc key, including public to DER format, * length on success else < 0 */ +WOLFSSL_ABI int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen) { return wc_BuildEccKeyDer(key, output, &inLen, 1, 1); diff --git a/wolfcrypt/src/chacha20_poly1305.c b/wolfcrypt/src/chacha20_poly1305.c index c8ae19d47..701687e5b 100644 --- a/wolfcrypt/src/chacha20_poly1305.c +++ b/wolfcrypt/src/chacha20_poly1305.c @@ -47,6 +47,7 @@ or Authenticated Encryption with Additional Data (AEAD) algorithm. #endif #define CHACHA20_POLY1305_AEAD_INITIAL_COUNTER 0 +WOLFSSL_ABI int wc_ChaCha20Poly1305_Encrypt( const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], @@ -79,6 +80,7 @@ int wc_ChaCha20Poly1305_Encrypt( return ret; } +WOLFSSL_ABI int wc_ChaCha20Poly1305_Decrypt( const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 14683e3ec..8ad7583eb 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -4219,6 +4219,7 @@ static void wc_ecc_free_async(ecc_key* key) outlen [in/out] The max size and resulting size of the shared secret return MP_OKAY if successful */ +WOLFSSL_ABI int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, word32* outlen) { @@ -5438,6 +5439,7 @@ void wc_ecc_key_free(ecc_key* key) return MP_OKAY if successful, upon error all allocated memory will be freed */ +WOLFSSL_ABI int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key) { return wc_ecc_make_key_ex(rng, keysize, key, ECC_CURVE_DEF); @@ -5518,6 +5520,7 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId) return ret; } +WOLFSSL_ABI int wc_ecc_init(ecc_key* key) { #ifdef WOLFSSL_QNX_CAAM @@ -7456,6 +7459,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, key The corresponding public ECC key return MP_OKAY if successful (even if the signature is not valid) */ +WOLFSSL_ABI int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, word32 hashlen, int* res, ecc_key* key) { @@ -8601,6 +8605,7 @@ done: #endif /* HAVE_COMP_KEY */ /* export public ECC key in ANSI X9.63 format */ +WOLFSSL_ABI int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen) { int ret = MP_OKAY; @@ -8698,6 +8703,7 @@ done: /* export public ECC key in ANSI X9.63 format, extended with * compression option */ +WOLFSSL_ABI int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen, int compressed) { @@ -9389,6 +9395,7 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv) /* perform sanity checks on ecc key validity, 0 on success */ +WOLFSSL_ABI int wc_ecc_check_key(ecc_key* key) { int ret; @@ -9771,6 +9778,7 @@ int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen, /* export ecc private key only raw, outLen is in/out size as unsigned bin return MP_OKAY on success */ +WOLFSSL_ABI int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen) { if (out == NULL || outLen == NULL) { @@ -10000,6 +10008,7 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, } /* ecc private key import, public key in ANSI X9.63 format, private raw */ +WOLFSSL_ABI int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ecc_key* key) { @@ -10017,6 +10026,7 @@ int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, outlen [in/out] output buffer size, output signature size return MP_OKAY on success */ +WOLFSSL_ABI int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen) { int err; @@ -10392,6 +10402,7 @@ int wc_ecc_import_unsigned(ecc_key* key, const byte* qx, const byte* qy, curveName ECC curve name, from ecc_sets[] return MP_OKAY on success */ +WOLFSSL_ABI int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy, const char* d, const char* curveName) { @@ -10437,6 +10448,7 @@ static int ecc_public_key_size(ecc_key* key, word32* sz) #endif /* key size in octets */ +WOLFSSL_ABI int wc_ecc_size(ecc_key* key) { if (key == NULL || key->dp == NULL) @@ -10446,6 +10458,7 @@ int wc_ecc_size(ecc_key* key) } /* maximum signature size based on key size */ +WOLFSSL_ABI int wc_ecc_sig_size_calc(int sz) { int maxSigSz = 0; @@ -10463,6 +10476,7 @@ int wc_ecc_sig_size_calc(int sz) } /* maximum signature size based on actual key curve */ +WOLFSSL_ABI int wc_ecc_sig_size(const ecc_key* key) { int maxSigSz; @@ -12305,6 +12319,7 @@ void wc_ecc_fp_init(void) /** Free the Fixed Point cache */ +WOLFSSL_ABI void wc_ecc_fp_free(void) { #if !defined(WOLFSSL_SP_MATH) @@ -12568,6 +12583,7 @@ static void ecc_ctx_init(ecEncCtx* ctx, int flags, WC_RNG* rng) /* allow ecc context reset so user doesn't have to init/free for reuse */ +WOLFSSL_ABI int wc_ecc_ctx_reset(ecEncCtx* ctx, WC_RNG* rng) { if (ctx == NULL || rng == NULL) @@ -12600,6 +12616,7 @@ ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap) /* alloc/init and set defaults, return new Context */ +WOLFSSL_ABI ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng) { return wc_ecc_ctx_new_ex(flags, rng, NULL); @@ -12607,6 +12624,7 @@ ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng) /* free any resources, clear any keys */ +WOLFSSL_ABI void wc_ecc_ctx_free(ecEncCtx* ctx) { if (ctx) { @@ -13015,6 +13033,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg, ctx holds non default algos and inputs msgSz should be the right size for encAlgo, i.e., already padded return 0 on success */ +WOLFSSL_ABI int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx) { @@ -13024,6 +13043,7 @@ int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, /* ecc decrypt with shared secret run through kdf ctx holds non default algos and inputs return 0 on success */ +WOLFSSL_ABI int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx) { diff --git a/wolfcrypt/src/error.c b/wolfcrypt/src/error.c index 49ae1bcc7..b301ef919 100644 --- a/wolfcrypt/src/error.c +++ b/wolfcrypt/src/error.c @@ -34,6 +34,7 @@ #endif #ifndef NO_ERROR_STRINGS +WOLFSSL_ABI const char* wc_GetErrorString(int error) { switch (error) { diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 2407e805b..05de07d80 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -70,6 +70,7 @@ int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId) return InitRng_fips(rng); } +WOLFSSL_ABI int wc_InitRng(WC_RNG* rng) { return InitRng_fips(rng); @@ -951,7 +952,7 @@ void wc_rng_free(WC_RNG* rng) } } - +WOLFSSL_ABI int wc_InitRng(WC_RNG* rng) { return _InitRng(rng, NULL, 0, NULL, INVALID_DEVID); diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 6764cd7ac..dcafa1da4 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -126,6 +126,7 @@ static volatile int initRefCount = 0; /* Used to initialize state for wolfcrypt return 0 on success */ +WOLFSSL_ABI int wolfCrypt_Init(void) { int ret = 0; @@ -361,6 +362,7 @@ long wolfCrypt_heap_peakBytes_checkpoint(void) { #endif /* return success value is the same as wolfCrypt_Init */ +WOLFSSL_ABI int wolfCrypt_Cleanup(void) { int ret = 0; diff --git a/wolfssl/wolfcrypt/asn_public.h b/wolfssl/wolfcrypt/asn_public.h index 0d927fc2f..a96db0bff 100644 --- a/wolfssl/wolfcrypt/asn_public.h +++ b/wolfssl/wolfcrypt/asn_public.h @@ -497,15 +497,19 @@ typedef struct Cert { isCA = 0 (false) keyType = RSA_KEY (default) */ -WOLFSSL_API int wc_InitCert(Cert* cert); +WOLFSSL_ABI WOLFSSL_API int wc_InitCert(Cert* cert); +WOLFSSL_ABI WOLFSSL_API Cert* wc_CertNew(void* heap); +WOLFSSL_ABI WOLFSSL_API void wc_CertFree(Cert* cert); WOLFSSL_API int wc_InitCert_ex(Cert* cert, void* heap, int devId); WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType, void* key, WC_RNG* rng); +WOLFSSL_ABI WOLFSSL_API int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng); #ifdef WOLFSSL_CERT_REQ WOLFSSL_API int wc_MakeCertReq_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType, void* key); + WOLFSSL_ABI WOLFSSL_API int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, ecc_key* eccKey); #endif @@ -514,21 +518,26 @@ WOLFSSL_API int wc_SignCert_ex(int requestSz, int sType, byte* buf, WC_RNG* rng); WOLFSSL_API int wc_SignCert(int requestSz, int sType, byte* buf, word32 buffSz, RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng); +WOLFSSL_ABI WOLFSSL_API int wc_MakeSelfCert(Cert* cert, byte* buf, word32 buffSz, RsaKey* key, WC_RNG* rng); -WOLFSSL_API int wc_SetIssuer(Cert* cert, const char* issuerFile); -WOLFSSL_API int wc_SetSubject(Cert* cert, const char* subjectFile); +WOLFSSL_ABI WOLFSSL_API int wc_SetIssuer(Cert* cert, const char* issuerFile); +WOLFSSL_ABI WOLFSSL_API int wc_SetSubject(Cert* cert, const char* subjectFile); #ifdef WOLFSSL_ALT_NAMES - WOLFSSL_API int wc_SetAltNames(Cert* cert, const char* file); + WOLFSSL_ABI WOLFSSL_API int wc_SetAltNames(Cert* cert, const char* file); #endif #ifdef WOLFSSL_CERT_GEN_CACHE -WOLFSSL_API void wc_SetCert_Free(Cert* cert); +WOLFSSL_ABI WOLFSSL_API void wc_SetCert_Free(Cert* cert); #endif +WOLFSSL_ABI WOLFSSL_API int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz); +WOLFSSL_ABI WOLFSSL_API int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz); +WOLFSSL_ABI WOLFSSL_API int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz); +WOLFSSL_ABI WOLFSSL_API int wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz); #ifndef NO_ASN_TIME @@ -548,8 +557,10 @@ WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType, WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey); WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file); -WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert); +WOLFSSL_ABI WOLFSSL_API int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert); +WOLFSSL_ABI WOLFSSL_API int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz); +WOLFSSL_ABI WOLFSSL_API int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz); /* Set the KeyUsage. @@ -632,6 +643,7 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); #endif /* WOLFSSL_CERT_GEN */ #ifdef WOLFSSL_DER_TO_PEM + WOLFSSL_ABI WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outputSz, int type); WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, @@ -677,8 +689,10 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); #ifdef HAVE_ECC /* private key helpers */ + WOLFSSL_ABI WOLFSSL_API int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, word32 inSz); + WOLFSSL_ABI WOLFSSL_API int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen); WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, word32 inLen); @@ -689,9 +703,10 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); word32* outLen); /* public key helper */ + WOLFSSL_ABI WOLFSSL_API int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, word32 inSz); - WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key* key, byte* output, + WOLFSSL_ABI WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen, int with_AlgCurve); WOLFSSL_API int wc_EccPublicKeyToDer_ex(ecc_key* key, byte* output, word32 inLen, int with_AlgCurve, diff --git a/wolfssl/wolfcrypt/chacha20_poly1305.h b/wolfssl/wolfcrypt/chacha20_poly1305.h index fdeb3aa87..1d3510e81 100644 --- a/wolfssl/wolfcrypt/chacha20_poly1305.h +++ b/wolfssl/wolfcrypt/chacha20_poly1305.h @@ -86,7 +86,7 @@ typedef struct ChaChaPoly_Aead { * concatenating a constant value. */ -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ChaCha20Poly1305_Encrypt( const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], @@ -95,7 +95,7 @@ int wc_ChaCha20Poly1305_Encrypt( byte* outCiphertext, byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ChaCha20Poly1305_Decrypt( const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], diff --git a/wolfssl/wolfcrypt/ecc.h b/wolfssl/wolfcrypt/ecc.h index cf7ede4ff..d25e4fb4b 100644 --- a/wolfssl/wolfcrypt/ecc.h +++ b/wolfssl/wolfcrypt/ecc.h @@ -558,7 +558,7 @@ WOLFSSL_LOCAL int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a, mp_int* modulus, mp_digit mp); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key); WOLFSSL_ABI WOLFSSL_API int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id); @@ -569,7 +569,7 @@ WOLFSSL_API int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut); WOLFSSL_API int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_check_key(ecc_key* key); WOLFSSL_API int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime); @@ -577,7 +577,7 @@ WOLFSSL_API int wc_ecc_get_generator(ecc_point* ecp, int curve_idx); #ifdef HAVE_ECC_DHE -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, word32* outlen); WOLFSSL_LOCAL @@ -619,7 +619,7 @@ int wc_ecc_sign_set_k(const byte* k, word32 klen, ecc_key* key); #endif /* HAVE_ECC_SIGN */ #ifdef HAVE_ECC_VERIFY -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, word32 hashlen, int* res, ecc_key* key); WOLFSSL_API @@ -627,7 +627,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, word32 hashlen, int* res, ecc_key* key); #endif /* HAVE_ECC_VERIFY */ -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_init(ecc_key* key); WOLFSSL_ABI WOLFSSL_API int wc_ecc_init_ex(ecc_key* key, void* heap, int devId); @@ -646,7 +646,7 @@ WOLFSSL_ABI WOLFSSL_API int wc_ecc_free(ecc_key* key); WOLFSSL_API int wc_ecc_set_flags(ecc_key* key, word32 flags); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API void wc_ecc_fp_free(void); WOLFSSL_LOCAL void wc_ecc_fp_init(void); @@ -722,9 +722,9 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, #ifdef HAVE_ECC_KEY_EXPORT /* ASN key helpers */ -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen, int compressed); /* extended functionality with compressed option */ @@ -736,13 +736,13 @@ int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key); WOLFSSL_API int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, int curve_id); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ecc_key* key); WOLFSSL_API int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ecc_key* key, int curve_id); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen); WOLFSSL_API int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz, @@ -750,7 +750,7 @@ int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz, WOLFSSL_API int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen, byte* s, word32* sLen); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy, const char* d, const char* curveName); WOLFSSL_API @@ -766,7 +766,7 @@ WOLFSSL_API int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen, byte* qy, word32* qyLen, byte* d, word32* dLen, int encType); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen); WOLFSSL_API int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen, @@ -800,11 +800,11 @@ int wc_ecc_import_point_der(const byte* in, word32 inLen, const int curve_idx, #endif /* HAVE_ECC_KEY_IMPORT */ /* size helper */ -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_size(ecc_key* key); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_sig_size_calc(int sz); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_sig_size(const ecc_key* key); WOLFSSL_API @@ -857,13 +857,13 @@ enum ecFlags { typedef struct ecEncCtx ecEncCtx; -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng); WOLFSSL_API ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API void wc_ecc_ctx_free(ecEncCtx* ctx); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_ctx_reset(ecEncCtx* ctx, WC_RNG* rng); /* reset for use again w/o alloc/free */ WOLFSSL_API @@ -878,13 +878,13 @@ int wc_ecc_ctx_set_kdf_salt(ecEncCtx* ctx, const byte* salt, word32 sz); WOLFSSL_API int wc_ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); WOLFSSL_API int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg, word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx, int compressed); -WOLFSSL_API +WOLFSSL_ABI WOLFSSL_API int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); diff --git a/wolfssl/wolfcrypt/error-crypt.h b/wolfssl/wolfcrypt/error-crypt.h index 9bcc08785..6b841d7cd 100644 --- a/wolfssl/wolfcrypt/error-crypt.h +++ b/wolfssl/wolfcrypt/error-crypt.h @@ -269,7 +269,7 @@ enum { #else WOLFSSL_API void wc_ErrorString(int err, char* buff); -WOLFSSL_API const char* wc_GetErrorString(int error); +WOLFSSL_ABI WOLFSSL_API const char* wc_GetErrorString(int error); #endif #ifdef __cplusplus diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index 1b12dd850..28ac8f640 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -216,7 +216,7 @@ WOLFSSL_ABI WOLFSSL_API void wc_rng_free(WC_RNG* rng); #ifndef WC_NO_RNG -WOLFSSL_API int wc_InitRng(WC_RNG* rng); +WOLFSSL_ABI WOLFSSL_API int wc_InitRng(WC_RNG* rng); WOLFSSL_API int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId); WOLFSSL_API int wc_InitRngNonce(WC_RNG* rng, byte* nonce, word32 nonceSz); WOLFSSL_API int wc_InitRngNonce_ex(WC_RNG* rng, byte* nonce, word32 nonceSz, diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 14f31fef7..322ecf547 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -39,9 +39,6 @@ decouple library dependencies with standard string, memory and so on. #endif - #define WOLFSSL_ABI - /* Tag for all the APIs that are a part of the fixed ABI. */ - /* * This struct is used multiple time by other structs and * needs to be defined somewhere that all structs can import diff --git a/wolfssl/wolfcrypt/visibility.h b/wolfssl/wolfcrypt/visibility.h index b93e6859c..7db963a57 100644 --- a/wolfssl/wolfcrypt/visibility.h +++ b/wolfssl/wolfcrypt/visibility.h @@ -77,5 +77,11 @@ #endif /* BUILDING_WOLFSSL */ #endif /* HAVE_FIPS */ -#endif /* WOLF_CRYPT_VISIBILITY_H */ +/* WOLFSSL_ABI is used for public API symbols that must not change + * their signature. This tag is used for all APIs that are a + * part of the fixed ABI. + */ +#define WOLFSSL_ABI + +#endif /* WOLF_CRYPT_VISIBILITY_H */ diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index 0dd9cc75c..51ed220ea 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -359,8 +359,8 @@ WOLFSSL_API int wc_SetMutexCb(mutex_cb* cb); #endif /* main crypto initialization function */ -WOLFSSL_API int wolfCrypt_Init(void); -WOLFSSL_API int wolfCrypt_Cleanup(void); +WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Init(void); +WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void); #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE WOLFSSL_API long wolfCrypt_heap_peakAllocs_checkpoint(void);