diff --git a/src/ssl.c b/src/ssl.c index 60fb21260..d21327452 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -18906,8 +18906,10 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, return wolfSSL_OpenSSL_version(); #endif } +#endif /* OPENSSL_EXTRA */ +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) #ifndef NO_MD5 int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX* md5) { @@ -19704,6 +19706,9 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, } #endif /* WOLFSSL_NOSHA3_512 */ #endif /* WOLFSSL_SHA3 */ +#endif + +#ifdef OPENSSL_EXTRA unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const void* key, int key_len, const unsigned char* d, int n, @@ -20082,11 +20087,14 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, #endif /* OPENSSL_EXTRA */ -#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) +#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) || \ + defined(HAVE_CURL) void wolfSSL_ERR_clear_error(void) { WOLFSSL_ENTER("wolfSSL_ERR_clear_error"); + #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) wc_ClearErrorNodes(); + #endif } #endif @@ -33421,16 +33429,15 @@ void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char ** #endif /* WOLFSSL_NGINX / WOLFSSL_HAPROXY */ -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) int wolfSSL_curve_is_disabled(const WOLFSSL* ssl, word16 curve_id) { return (curve_id <= WOLFSSL_ECC_MAX && ssl->disabledCurves && ssl->disabledCurves & (1 << curve_id)); } -#endif -#if defined(OPENSSL_EXTRA) && (defined(HAVE_ECC) || \ +#if (defined(HAVE_ECC) || \ defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) static int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names) { @@ -33607,7 +33614,8 @@ int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names) } return set_curves_list(ssl, NULL, names); } -#endif /* OPENSSL_EXTRA && (HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448) */ +#endif /* (HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448) */ +#endif /* OPENSSL_EXTRA || HAVE_CURL */ #ifdef OPENSSL_EXTRA /* Sets a callback for when sending and receiving protocol messages. diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 8f8f7b869..1df7edacb 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -33,7 +33,7 @@ #elif defined(WOLFCRYPT_ONLY) #else -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) #if !defined(HAVE_PKCS7) && \ ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ @@ -47,6 +47,8 @@ #include #include +#ifdef OPENSSL_EXTRA + #ifndef NO_AES #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) #ifdef WOLFSSL_AES_128 @@ -419,16 +421,6 @@ int wolfSSL_EVP_DecryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx, } } - -int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx, - const WOLFSSL_EVP_MD* type, - WOLFSSL_ENGINE *impl) -{ - (void) impl; - WOLFSSL_ENTER("wolfSSL_EVP_DigestInit_ex"); - return wolfSSL_EVP_DigestInit(ctx, type); -} - #ifdef DEBUG_WOLFSSL_EVP #define PRINT_BUF(b, sz) { int _i; for(_i=0; _i<(sz); _i++) { \ printf("%02x(%c),", (b)[_i], (b)[_i]); if ((_i+1)%8==0)printf("\n");}} @@ -3342,6 +3334,7 @@ int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len WOLFSSL_ENTER("EVP_SignUpdate("); return wolfSSL_EVP_DigestUpdate(ctx, data, len); } +#endif /* OPENSSL_EXTRA */ static const struct s_ent { const enum wc_HashType macType; @@ -3424,6 +3417,7 @@ static enum wc_HashType EvpMd2MacType(const WOLFSSL_EVP_MD *md) return WC_HASH_TYPE_NONE; } +#ifdef OPENSSL_EXTRA static const WOLFSSL_EVP_MD* wolfSSL_macType2EVP_md(enum wc_HashType type) { const struct s_ent *ent ; @@ -4039,6 +4033,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig, ForceZero(digest, sizeof(digest)); return ret; } + int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx, WOLFSSL_EVP_PKEY_CTX **pctx, const WOLFSSL_EVP_MD *type, @@ -4734,6 +4729,17 @@ void wolfSSL_EVP_init(void) /* Does nothing. */ } +#endif /* OPENSSL_EXTRA */ + +int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx, + const WOLFSSL_EVP_MD* type, + WOLFSSL_ENGINE *impl) +{ + (void) impl; + WOLFSSL_ENTER("wolfSSL_EVP_DigestInit_ex"); + return wolfSSL_EVP_DigestInit(ctx, type); +} + /* this function makes the assumption that out buffer is big enough for digest*/ int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out, unsigned int* outSz, const WOLFSSL_EVP_MD* evp, @@ -5058,11 +5064,13 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) } +#ifdef OPENSSL_EXTRA /* returns WOLFSSL_SUCCESS on success */ int wolfSSL_EVP_MD_CTX_copy(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in) { return wolfSSL_EVP_MD_CTX_copy_ex(out, in); } +#endif /* returns digest size */ int wolfSSL_EVP_MD_CTX_size(const WOLFSSL_EVP_MD_CTX *ctx) { @@ -5073,6 +5081,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) return(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(ctx))); } +#ifdef OPENSSL_EXTRA /* Deep copy of EVP_MD hasher * return WOLFSSL_SUCCESS on success */ static int wolfSSL_EVP_MD_Copy_Hasher(WOLFSSL_EVP_MD_CTX* des, @@ -5223,6 +5232,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) } return wolfSSL_EVP_MD_Copy_Hasher(out, (WOLFSSL_EVP_MD_CTX*)in); } +#endif void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx) { @@ -5351,6 +5361,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) } } +#ifdef OPENSSL_EXTRA #ifndef NO_AES #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) @@ -5666,13 +5677,16 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) WOLFSSL_ENTER("wolfSSL_EVP_enc_null"); return EVP_NULL; } +#endif int wolfSSL_EVP_MD_CTX_cleanup(WOLFSSL_EVP_MD_CTX* ctx) { int ret = WOLFSSL_SUCCESS; WOLFSSL_ENTER("wolfSSL_EVP_MD_CTX_cleanup"); + #ifdef OPENSSL_EXTRA if (ctx->pctx != NULL) wolfSSL_EVP_PKEY_CTX_free(ctx->pctx); + #endif if (ctx->isHMAC) { wc_HmacFree(&ctx->hash.hmac); @@ -5770,6 +5784,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) return ret; } +#ifdef OPENSSL_EXTRA void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx) { WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_init"); @@ -7776,7 +7791,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) WOLFSSL_MSG("wolfSSL_EVP_Cipher success"); return ret; } - +#endif /* WOLFSSL_SUCCESS on ok */ int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx, const WOLFSSL_EVP_MD* md) @@ -8158,6 +8173,7 @@ const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id) return NULL; } +#ifdef OPENSSL_EXTRA static void clearEVPPkeyKeys(WOLFSSL_EVP_PKEY *pkey) { if(pkey == NULL) @@ -8874,6 +8890,7 @@ const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void) #endif +#endif int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD* type) { WOLFSSL_MSG("wolfSSL_EVP_MD_block_size"); @@ -9024,6 +9041,7 @@ int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type) return BAD_FUNC_ARG; } +#ifdef OPENSSL_EXTRA int wolfSSL_EVP_MD_pkey_type(const WOLFSSL_EVP_MD* type) { int ret = BAD_FUNC_ARG; @@ -9465,6 +9483,7 @@ int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key) +#endif /* OPENSSL_EXTRA */ #endif /* OPENSSL_EXTRA */ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) diff --git a/wolfcrypt/src/md5.c b/wolfcrypt/src/md5.c index 66296108e..1f6130264 100644 --- a/wolfcrypt/src/md5.c +++ b/wolfcrypt/src/md5.c @@ -557,7 +557,7 @@ int wc_Md5Copy(wc_Md5* src, wc_Md5* dst) return ret; } -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) /* Apply MD5 transformation to the data */ /* @param md5 a pointer to wc_MD5 structure */ /* @param data data to be applied MD5 transformation */ diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c index 71fae7c8e..0f2b13414 100644 --- a/wolfcrypt/src/sha.c +++ b/wolfcrypt/src/sha.c @@ -884,7 +884,7 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash) return ret; } -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) /* Apply SHA1 transformation to the data */ /* @param sha a pointer to wc_Sha structure */ /* @param data data to be applied SHA1 transformation */ diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 0d9681504..75b84d7dc 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -1424,7 +1424,7 @@ static int InitSha256(wc_Sha256* sha256) return InitSha256(sha256); /* reset state */ } -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) /* Apply SHA256 transformation to the data */ /* @param sha a pointer to wc_Sha256 structure */ /* @param data data to be applied SHA256 transformation */ diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 5172e60f0..131175376 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -1221,8 +1221,8 @@ void wc_Sha512Free(wc_Sha512* sha512) wolfAsync_DevCtxFree(&sha512->asyncDev, WOLFSSL_ASYNC_MARKER_SHA512); #endif /* WOLFSSL_ASYNC_CRYPT */ } - -#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_KCAPI_HASH) +#if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) \ + && !defined(WOLFSSL_KCAPI_HASH) /* Apply SHA512 transformation to the data */ /* @param sha a pointer to wc_Sha512 structure */ /* @param data data to be applied SHA512 transformation */ @@ -1715,7 +1715,7 @@ int wc_Sha512_224GetFlags(wc_Sha512* sha, word32* flags) } #endif /* WOLFSSL_HASH_FLAGS */ -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) int wc_Sha512_224Transform(wc_Sha512* sha, const unsigned char* data) { return wc_Sha512Transform(sha, data); @@ -1784,7 +1784,7 @@ int wc_Sha512_256GetFlags(wc_Sha512* sha, word32* flags) } #endif /* WOLFSSL_HASH_FLAGS */ -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) int wc_Sha512_256Transform(wc_Sha512* sha, const unsigned char* data) { return wc_Sha512Transform(sha, data); diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 89bf9a46f..8a8dafb57 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -3475,9 +3475,11 @@ struct WOLFSSL_CTX { short minDilithiumKeySz;/* minimum Dilithium key size */ #endif unsigned long mask; /* store SSL_OP_ flags */ +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) + word32 disabledCurves; /* curves disabled by user */ +#endif #ifdef OPENSSL_EXTRA byte sessionCtx[ID_LEN]; /* app session context ID */ - word32 disabledCurves; /* curves disabled by user */ const unsigned char *alpn_cli_protos;/* ALPN client protocol list */ unsigned int alpn_cli_protos_len; byte sessionCtxSz; @@ -5224,7 +5226,9 @@ struct WOLFSSL { WOLFSSL_BIO* biowr; /* socket bio write to free/close */ byte sessionCtx[ID_LEN]; /* app session context ID */ WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/ - word32 disabledCurves; /* curves disabled by user */ +#endif +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) + word32 disabledCurves; /* curves disabled by user */ #endif #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) unsigned long peerVerifyRet; @@ -5840,7 +5844,7 @@ WOLFSSL_LOCAL int SetECKeyInternal(WOLFSSL_EC_KEY* eckey); WOLFSSL_LOCAL int SetECKeyExternal(WOLFSSL_EC_KEY* eckey); #endif -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) WOLFSSL_LOCAL int wolfSSL_curve_is_disabled(const WOLFSSL* ssl, word16 named_curve); #else diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 815759081..d9ada762b 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -1564,7 +1564,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE; #endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || WOLFSSL_MYSQL_COMPATIBLE || OPENSSL_ALL || HAVE_LIGHTY */ -#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) +#if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) && defined(HAVE_ECC) #define SSL_CTX_set1_curves_list wolfSSL_CTX_set1_curves_list #define SSL_set1_curves_list wolfSSL_set1_curves_list #endif diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index fe74ac944..caa328a52 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -228,7 +228,7 @@ typedef struct WOLFSSL_DIST_POINT WOLFSSL_DIST_POINT; typedef struct WOLFSSL_CONF_CTX WOLFSSL_CONF_CTX; -#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) +#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || defined(HAVE_CURL) struct WOLFSSL_OBJ_NAME { int type; @@ -2628,11 +2628,12 @@ enum { /* ssl Constants */ /* extra begins */ -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) enum { /* ERR Constants */ ERR_TXT_STRING = 1 }; - +#endif +#ifdef OPENSSL_EXTRA /* bio misc */ enum { WOLFSSL_BIO_ERROR = -1, @@ -4760,10 +4761,10 @@ WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_X509_OBJECT_get0_X509_CRL(WOLFSSL_X509_OBJ WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*)); #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ -#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) +#if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) && defined(HAVE_ECC) WOLFSSL_API int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names); WOLFSSL_API int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names); -#endif /* OPENSSL_EXTRA && HAVE_ECC */ +#endif /* (OPENSSL_EXTRA || HAVE_CURL) && HAVE_ECC */ #if defined(OPENSSL_ALL) || \ defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ diff --git a/wolfssl/wolfcrypt/md5.h b/wolfssl/wolfcrypt/md5.h index f73129085..6506be989 100644 --- a/wolfssl/wolfcrypt/md5.h +++ b/wolfssl/wolfcrypt/md5.h @@ -112,7 +112,7 @@ WOLFSSL_API int wc_InitMd5_ex(wc_Md5* md5, void* heap, int devId); WOLFSSL_API int wc_Md5Update(wc_Md5* md5, const byte* data, word32 len); WOLFSSL_API int wc_Md5Final(wc_Md5* md5, byte* hash); WOLFSSL_API void wc_Md5Free(wc_Md5* md5); -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) WOLFSSL_API int wc_Md5Transform(wc_Md5* md5, const byte* data); #endif diff --git a/wolfssl/wolfcrypt/sha.h b/wolfssl/wolfcrypt/sha.h index a6362660f..1b181f525 100644 --- a/wolfssl/wolfcrypt/sha.h +++ b/wolfssl/wolfcrypt/sha.h @@ -201,7 +201,7 @@ WOLFSSL_API void wc_ShaFree(wc_Sha* sha); WOLFSSL_API int wc_ShaGetHash(wc_Sha* sha, byte* hash); WOLFSSL_API int wc_ShaCopy(wc_Sha* src, wc_Sha* dst); -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) WOLFSSL_API int wc_ShaTransform(wc_Sha* sha, const unsigned char* data); #endif diff --git a/wolfssl/wolfcrypt/sha256.h b/wolfssl/wolfcrypt/sha256.h index ccdee8540..c6665c90b 100644 --- a/wolfssl/wolfcrypt/sha256.h +++ b/wolfssl/wolfcrypt/sha256.h @@ -254,7 +254,7 @@ WOLFSSL_API int wc_Sha256Update(wc_Sha256* sha, const byte* data, word32 len); WOLFSSL_API int wc_Sha256FinalRaw(wc_Sha256* sha256, byte* hash); WOLFSSL_API int wc_Sha256Final(wc_Sha256* sha256, byte* hash); WOLFSSL_API void wc_Sha256Free(wc_Sha256* sha256); -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) WOLFSSL_API int wc_Sha256Transform(wc_Sha256* sha, const unsigned char* data); #endif #if defined(WOLFSSL_HASH_KEEP) diff --git a/wolfssl/wolfcrypt/sha512.h b/wolfssl/wolfcrypt/sha512.h index 6338700d2..07411b01d 100644 --- a/wolfssl/wolfcrypt/sha512.h +++ b/wolfssl/wolfcrypt/sha512.h @@ -236,7 +236,7 @@ WOLFSSL_API int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst); WOLFSSL_API int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags); #endif -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) WOLFSSL_API int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data); #endif @@ -255,7 +255,7 @@ WOLFSSL_API int wc_Sha512_224Copy(wc_Sha512* src, wc_Sha512* dst); WOLFSSL_API int wc_Sha512_224GetFlags(wc_Sha512* sha512, word32* flags); #endif -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) WOLFSSL_API int wc_Sha512_224Transform(wc_Sha512* sha, const unsigned char* data); #endif /* OPENSSL_EXTRA */ @@ -276,7 +276,7 @@ WOLFSSL_API int wc_Sha512_256Copy(wc_Sha512* src, wc_Sha512* dst); WOLFSSL_API int wc_Sha512_256GetFlags(wc_Sha512* sha512, word32* flags); #endif -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) WOLFSSL_API int wc_Sha512_256Transform(wc_Sha512* sha, const unsigned char* data); #endif /* OPENSSL_EXTRA */