diff --git a/src/ssl.c b/src/ssl.c index 287713272..b945c1999 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -3083,6 +3083,19 @@ int wolfSSL_inject(WOLFSSL* ssl, const void* data, int sz) return WOLFSSL_SUCCESS; } + +int wolfSSL_write_ex(WOLFSSL* ssl, const void* data, int sz, size_t* wr) +{ + int ret; + + ret = wolfSSL_write(ssl, data, sz); + if (ret > 0 && wr != NULL) { + *wr = (size_t)ret; + } + return ret; +} + + static int wolfSSL_read_internal(WOLFSSL* ssl, void* data, int sz, int peek) { int ret; @@ -3189,6 +3202,17 @@ int wolfSSL_read(WOLFSSL* ssl, void* data, int sz) } +int wolfSSL_read_ex(WOLFSSL* ssl, void* data, int sz, size_t* rd) +{ + int ret; + + ret = wolfSSL_read(ssl, data, sz); + if (ret > 0 && rd != NULL) { + *rd = (size_t)ret; + } + return ret; +} + #ifdef WOLFSSL_MULTICAST int wolfSSL_mcast_read(WOLFSSL* ssl, word16* id, void* data, int sz) @@ -15013,6 +15037,15 @@ word32 wolfSSL_lib_version_hex(void) } +#ifdef OPENSSL_EXTRA +WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers(WOLFSSL* ssl) +{ + WOLFSSL_STUB("wolfSSL_get_client_ciphers"); + return NULL; +} +#endif + + int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl) { WOLFSSL_ENTER("wolfSSL_get_current_cipher_suite"); diff --git a/src/x509.c b/src/x509.c index d23825cd4..bd05a84ba 100644 --- a/src/x509.c +++ b/src/x509.c @@ -481,6 +481,19 @@ int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x, return WOLFSSL_FATAL_ERROR; } + +int wolfSSL_X509_OBJECT_set1_X509(WOLFSSL_X509_OBJECT *a, WOLFSSL_X509 *obj) +{ + WOLFSSL_STUB("wolfSSL_X509_OBJECT_set1_X509"); + return 1; +} + +int wolfSSL_X509_OBJECT_set1_X509_CRL(WOLFSSL_X509_OBJECT *a, WOLFSSL_X509_CRL *obj) +{ + WOLFSSL_STUB("wolfSSL_X509_OBJECT_set1_X509_CRL"); + return 1; +} + #endif /* OPENSSL_ALL || OPENSSL_EXTRA */ #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ @@ -10356,6 +10369,19 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref( } #endif +#if defined(OPENSSL_EXTRA) + +WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_sk_X509_OBJECT_deep_copy( + const WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* sk, + WOLFSSL_X509_OBJECT* (*c)(const WOLFSSL_X509_OBJECT*), + void (*f)(WOLFSSL_X509_OBJECT*)) +{ + (void)f; /* free function */ + (void)c; /* copy function */ + return wolfSSL_sk_dup(sk); +} +#endif + #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name) { @@ -12684,6 +12710,7 @@ err: return ne; } + static void wolfssl_x509_name_entry_set(WOLFSSL_X509_NAME_ENTRY* ne, int nid, int type, const unsigned char *data, int dataSz) { @@ -13088,6 +13115,17 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_X509_NAME_ENTRY_get_object( #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \ defined(OPENSSL_EXTRA_X509_SMALL) +#ifdef OPENSSL_EXTRA + int wolfSSL_X509_NAME_ENTRY_set(const WOLFSSL_X509_NAME_ENTRY *ne) + { + if (ne != NULL) { + return ne->set; + } + return 0; + } +#endif + + /* returns a pointer to the internal entry at location 'loc' on success, * a null pointer is returned in fail cases */ WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry( diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index da0a46a77..852e905dc 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -10874,6 +10874,26 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) return wolfSSL_EVP_DigestFinal(ctx, md, s); } + + /* XOF stands for extendable-output functions. This is used for algos such + * as SHAKE256. + * + * returns 1 (WOLFSSL_SUCCESS) on success and 0 (WOLFSSL_FAILURE) on fail */ + int wolfSSL_EVP_DigestFinalXOF(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *md, + size_t sz) + { + WOLFSSL_ENTER("wolfSSL_EVP_DigestFinalXOF"); + //@TODO + return WOLFSSL_SUCCESS; + } + + + unsigned long wolfSSL_EVP_MD_flags(const WOLFSSL_EVP_MD *md) + { + return 0; + } + + void wolfSSL_EVP_cleanup(void) { /* nothing to do here */ diff --git a/wolfssl/openssl/asn1.h b/wolfssl/openssl/asn1.h index 6049e8088..b54fa4cd2 100644 --- a/wolfssl/openssl/asn1.h +++ b/wolfssl/openssl/asn1.h @@ -39,6 +39,7 @@ #define d2i_ASN1_OBJECT wolfSSL_d2i_ASN1_OBJECT #define c2i_ASN1_OBJECT wolfSSL_c2i_ASN1_OBJECT +#define V_ASN1_BIT_STRING WOLFSSL_V_ASN1_BIT_STRING #define V_ASN1_INTEGER WOLFSSL_V_ASN1_INTEGER #define V_ASN1_NEG WOLFSSL_V_ASN1_NEG #define V_ASN1_NEG_INTEGER WOLFSSL_V_ASN1_NEG_INTEGER diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index e3d83b071..cfee00d26 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -798,6 +798,7 @@ WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2s256(void); WOLFSSL_API void wolfSSL_EVP_init(void); WOLFSSL_API int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type); WOLFSSL_API int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type); +WOLFSSL_API unsigned long wolfSSL_EVP_MD_flags(const WOLFSSL_EVP_MD *md); WOLFSSL_API int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD* type); WOLFSSL_API int wolfSSL_EVP_MD_pkey_type(const WOLFSSL_EVP_MD* type); @@ -823,6 +824,8 @@ WOLFSSL_API int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* unsigned int* s); WOLFSSL_API int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md, unsigned int* s); +WOLFSSL_API int wolfSSL_EVP_DigestFinalXOF(WOLFSSL_EVP_MD_CTX* ctx, + unsigned char* md, size_t sz); WOLFSSL_API int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *d, unsigned int cnt); WOLFSSL_API int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, @@ -1256,12 +1259,15 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, #define EVP_MD_CTX_set_flags(ctx, flags) WC_DO_NOTHING #endif +#define EVP_MD_FLAG_XOF 0x2 + #define EVP_Digest wolfSSL_EVP_Digest #define EVP_DigestInit wolfSSL_EVP_DigestInit #define EVP_DigestInit_ex wolfSSL_EVP_DigestInit_ex #define EVP_DigestUpdate wolfSSL_EVP_DigestUpdate #define EVP_DigestFinal wolfSSL_EVP_DigestFinal #define EVP_DigestFinal_ex wolfSSL_EVP_DigestFinal_ex +#define EVP_DigestFinalXOF wolfSSL_EVP_DigestFinalXOF #define EVP_DigestSignInit wolfSSL_EVP_DigestSignInit #define EVP_DigestSignUpdate wolfSSL_EVP_DigestSignUpdate #define EVP_DigestSignFinal wolfSSL_EVP_DigestSignFinal @@ -1311,6 +1317,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, #define EVP_get_cipherbynid wolfSSL_EVP_get_cipherbynid #define EVP_get_digestbynid wolfSSL_EVP_get_digestbynid #define EVP_MD_nid wolfSSL_EVP_MD_type +#define EVP_MD_flags wolfSSL_EVP_MD_flags #define EVP_PKEY_assign wolfSSL_EVP_PKEY_assign #define EVP_PKEY_assign_RSA wolfSSL_EVP_PKEY_assign_RSA diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index c4ac73159..a35c61b82 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -289,6 +289,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSLv23_client_method wolfSSLv23_client_method #define SSLv2_client_method wolfSSLv2_client_method #define SSLv2_server_method wolfSSLv2_server_method +#define SSLv3_method wolfSSLv3_method #define SSLv3_server_method wolfSSLv3_server_method #define SSLv3_client_method wolfSSLv3_client_method #define TLS_client_method wolfTLS_client_method @@ -352,7 +353,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_write_early_data(ssl, d, dLen, len) wolfSSL_write_early_data(ssl, d, (int)(dLen), (int *)(len)) #define SSL_write wolfSSL_write +#define SSL_write_ex wolfSSL_write_ex #define SSL_read wolfSSL_read +#define SSL_read_ex wolfSSL_read_ex #define SSL_peek wolfSSL_peek #define SSL_accept wolfSSL_accept #define SSL_CTX_free wolfSSL_CTX_free @@ -432,6 +435,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_get_version wolfSSL_get_version #define SSL_get_current_cipher wolfSSL_get_current_cipher +#define SSL_get_client_ciphers wolfSSL_get_client_ciphers /* use wolfSSL_get_cipher_name for its return format */ #define SSL_get_cipher wolfSSL_get_cipher_name @@ -461,6 +465,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define ASN1_BOOLEAN WOLFSSL_ASN1_BOOLEAN #define X509_get_ext wolfSSL_X509_get_ext #define X509_get_ext_by_OBJ wolfSSL_X509_get_ext_by_OBJ + #define X509_OBJECT_set1_X509 wolfSSL_X509_OBJECT_set1_X509 + #define X509_OBJECT_set1_X509_CRL wolfSSL_X509_OBJECT_set1_X509_CRL + #define sk_X509_OBJECT_deep_copy wolfSSL_sk_X509_OBJECT_deep_copy #define X509_cmp wolfSSL_X509_cmp #define X509_EXTENSION_get_object wolfSSL_X509_EXTENSION_get_object #define X509_EXTENSION_get_critical wolfSSL_X509_EXTENSION_get_critical @@ -688,6 +695,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define X509_NAME_entry_count wolfSSL_X509_NAME_entry_count #define X509_NAME_get_entry wolfSSL_X509_NAME_get_entry +#define X509_NAME_ENTRY_set wolfSSL_X509_NAME_ENTRY_set #define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object #define X509_NAME_ENTRY_get_data wolfSSL_X509_NAME_ENTRY_get_data #define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object @@ -717,6 +725,9 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define X509_VP_FLAG_LOCKED WOLFSSL_VPARAM_LOCKED #define X509_VP_FLAG_ONCE WOLFSSL_VPARAM_ONCE +#define X509_STORE_lock(x) 1 +#define X509_STORE_unlock(x) 1 + #define X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert #define X509_STORE_CTX_set_verify_cb wolfSSL_X509_STORE_CTX_set_verify_cb #define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new @@ -1104,6 +1115,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_set_psk_server_callback wolfSSL_CTX_set_psk_server_callback #define SSL_set_psk_server_callback wolfSSL_set_psk_server_callback +#ifndef INVALID_SOCKET + #define INVALID_SOCKET (-1) +#endif + /* system file ints for ERR_put_error */ #define SYS_F_ACCEPT WOLFSSL_SYS_ACCEPT #define SYS_F_BIND WOLFSSL_SYS_BIND @@ -1430,6 +1445,11 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE; #define SSL3_RANDOM_SIZE 32 /* same as RAN_LEN in internal.h */ +#ifndef WOLFSSL_ALLOW_SSLV3 + #undef OPENSSL_NO_SSL3 + #define OPENSSL_NO_SSL3 +#endif + /* Used as message callback types */ #define SSL3_RT_CHANGE_CIPHER_SPEC 20 #define SSL3_RT_ALERT 21 diff --git a/wolfssl/openssl/x509.h b/wolfssl/openssl/x509.h index e929ff0c8..768d0893d 100644 --- a/wolfssl/openssl/x509.h +++ b/wolfssl/openssl/x509.h @@ -111,6 +111,8 @@ #define X509_V_ERR_UNABLE_TO_GET_CRL WOLFSSL_X509_V_ERR_UNABLE_TO_GET_CRL #define X509_V_ERR_CRL_HAS_EXPIRED WOLFSSL_X509_V_ERR_CRL_HAS_EXPIRED +#define X509_V_FLAG_ALLOW_PROXY_CERTS 0 +#define X509_V_FLAG_X509_STRICT 0 /* * Not all of these X509_V_ERR values are used in wolfSSL. Some are included to diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 50e3d5107..a826e4998 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -327,6 +327,7 @@ typedef int (*WOLFSSL_X509_STORE_CTX_get_crl_cb)(WOLFSSL_X509_STORE_CTX *, typedef int (*WOLFSSL_X509_STORE_CTX_check_crl_cb)(WOLFSSL_X509_STORE_CTX *, WOLFSSL_X509_CRL *); +#define WOLFSSL_V_ASN1_BIT_STRING 0x03 #define WOLFSSL_V_ASN1_INTEGER 0x02 #define WOLFSSL_V_ASN1_NEG 0x100 #define WOLFSSL_V_ASN1_NEG_INTEGER (2 | WOLFSSL_V_ASN1_NEG) @@ -1364,7 +1365,10 @@ WOLFSSL_API int wolfSSL_get_wfd(const WOLFSSL* ssl); WOLFSSL_ABI WOLFSSL_API int wolfSSL_connect(WOLFSSL* ssl); WOLFSSL_ABI WOLFSSL_API int wolfSSL_write( WOLFSSL* ssl, const void* data, int sz); +WOLFSSL_API int wolfSSL_write_ex(WOLFSSL* ssl, const void* data, int sz, + size_t* wr); WOLFSSL_ABI WOLFSSL_API int wolfSSL_read(WOLFSSL* ssl, void* data, int sz); +WOLFSSL_API int wolfSSL_read_ex(WOLFSSL* ssl, void* data, int sz, size_t* rd); WOLFSSL_API int wolfSSL_peek(WOLFSSL* ssl, void* data, int sz); WOLFSSL_ABI WOLFSSL_API int wolfSSL_accept(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_inject(WOLFSSL* ssl, const void* data, int sz); @@ -2814,6 +2818,10 @@ WOLFSSL_API int wolfSSL_SESSION_set_cipher(WOLFSSL_SESSION* session, WOLFSSL_API int wolfSSL_is_init_finished(const WOLFSSL* ssl); WOLFSSL_API const char* wolfSSL_get_version(const WOLFSSL* ssl); +#ifdef OPENSSL_EXTRA +WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers( + WOLFSSL* ssl); +#endif WOLFSSL_API int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl); WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL* ssl); WOLFSSL_API char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER* cipher, char* in, int len); @@ -5001,6 +5009,10 @@ WOLFSSL_API const WOLFSSL_STACK *wolfSSL_X509_REQ_get_extensions(const WOLFSSL_X WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_get_ext(const WOLFSSL_X509* x, int loc); WOLFSSL_API int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x, const WOLFSSL_ASN1_OBJECT *obj, int lastpos); +WOLFSSL_API int wolfSSL_X509_OBJECT_set1_X509(WOLFSSL_X509_OBJECT *a, + WOLFSSL_X509 *obj); +WOLFSSL_API int wolfSSL_X509_OBJECT_set1_X509_CRL(WOLFSSL_X509_OBJECT *a, + WOLFSSL_X509_CRL *obj); WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x, int loc); WOLFSSL_API int wolfSSL_X509_EXTENSION_get_critical(const WOLFSSL_X509_EXTENSION* ex); WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_EXTENSION_new(void); @@ -5142,6 +5154,7 @@ struct WOLFSSL_CONF_CTX { }; WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc); +WOLFSSL_API int wolfSSL_X509_NAME_ENTRY_set(const WOLFSSL_X509_NAME_ENTRY *ne); #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ #if defined(OPENSSL_EXTRA) \ @@ -5313,6 +5326,12 @@ WOLFSSL_API void wolfSSL_sk_X509_OBJECT_pop_free(WOLFSSL_STACK* s, void (*f) (WOLFSSL_X509_OBJECT*)); WOLFSSL_API int wolfSSL_sk_X509_OBJECT_push(WOLFSSL_STACK* sk, WOLFSSL_X509_OBJECT* obj); +WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* + wolfSSL_sk_X509_OBJECT_deep_copy( + const WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* sk, + WOLFSSL_X509_OBJECT* (*c)(const WOLFSSL_X509_OBJECT*), + void (*f)(WOLFSSL_X509_OBJECT*)); + WOLFSSL_API WOLFSSL_X509_INFO *wolfSSL_X509_INFO_new(void); WOLFSSL_API void wolfSSL_X509_INFO_free(WOLFSSL_X509_INFO* info);