summaryrefslogtreecommitdiff
path: root/FreeRTOS-Plus/Source/WolfSSL/wolfssl/internal.h
diff options
context:
space:
mode:
authorlundinc <lundinc@1d2547de-c912-0410-9cb9-b8ca96c0e9e2>2020-08-12 19:11:51 +0000
committerlundinc <lundinc@1d2547de-c912-0410-9cb9-b8ca96c0e9e2>2020-08-12 19:11:51 +0000
commit42255af1e27a3157d541f0812eaca447c569ca49 (patch)
tree5c8702c2f0dc1cb9be1a4d5ff285897d96b97dd2 /FreeRTOS-Plus/Source/WolfSSL/wolfssl/internal.h
parentf5221dff43de249079c2da081723cb7a456f981f (diff)
downloadfreertos-master.tar.gz
commit 70dcbe4527a45ab4fea6d58c016e7d3032f31e8cHEADmaster
Author: Ming Yue <mingyue86010@gmail.com> Date: Tue Aug 11 17:06:59 2020 -0700 Remove unused wolfSSL files. (#197) * Remove unused wolfSSL files. * Add back some removed ciphers. * Update VS project file. commit 0e0edd96e8236b2ea4a6e6018812807be828c77f Author: RichardBarry <3073890+RichardBarry@users.noreply.github.com> Date: Tue Aug 11 10:50:30 2020 -0700 Use new QEMU test project to improve stream/message buffer tests (#168) * Add Eclipse/GCC project that targets the LM3S8962 QEMU model. * Get the Cortex-M QEMU project working. * Continue working on making stream buffer demo more robust and QEMU project. * Rename directory CORTEX_LM3S8986_QEMU to CORTEX_LM3S6965_QEMU. Work on making the Stream Buffer tests more robust. Check in before adding in the trace recorder. * Rename CORTEX_LM3S6969_QEMU to CORTEX_LM3S6969_GCC_QEMU. * Make the StreamBufferDemo.c common demo file (test file) more robust to other test tasks running at an equally high priority. * Work in progress checkin only - comments in main.c are incorrect. * Correct comments at the top of FreeRTOS/Demo/CORTEX_LM3S6965_GCC_QEMU/main.c Make the message buffer tests more robust in the case the a message buffer becomes full when prvSenderTask() has a higher priority than the reader task. * Disable trace recorder in the LM3S6965 QEMU demo. * I'm dropping FreeRTOS-Kernel reference update, since this seems to break the CMBC CI. Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit 157a7fc39f19583ac8481e93fa3e1c91b1e1860c Author: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com> Date: Sun Aug 9 22:21:44 2020 -0700 Use chacheable RAM in IAR project for MPU_M7_NUCLEO_H743ZI2 project (#193) This change updates the IAR project for Nucleo H743ZI2 to use the cacheable DTC RAM and enables L1 cache. In order to ensure the correct functioning of cache, the project sets configTEX_S_C_B_SRAM in FreeRTOSConfig.h to not mark the RAM as shareable. Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com> commit f3e43556f90f01b82918ad533b0c616489331919 Author: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com> Date: Sun Aug 9 16:23:53 2020 -0700 Add MPU demo projects for NUCLEO-H743ZI2 board (#155) * Add MPU demo projects for NUCLEO-H743ZI2 board It contains projects for Keil uVision, STM32CubeIDE and IAR EW. This demo shows the use of newly added support for 16 MPU regions. Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com> * Delete not needed CMSIS files Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com> commit 94aa31c3cbae7c929b8a412768b74631f4a6b461 Author: TakayukiMatsuo <62984531+TakayukiMatsuo@users.noreply.github.com> Date: Sat Aug 8 07:58:14 2020 +0900 Update wolfSSL to the latest version(v.4.4.0) (#186) * deleted old version wolfSSL before updating * updated wolfSSL to the latest version(v4.4.0) * updated wolfSSL to the latest version(v4.4.0) * added macros for timing resistance Co-authored-by: RichardBarry <3073890+RichardBarry@users.noreply.github.com> Co-authored-by: Ming Yue <mingyue86010@gmail.com> commit 68518f5866aac58793c737d9a46dd07a6a816aaf Author: RichardBarry <3073890+RichardBarry@users.noreply.github.com> Date: Fri Aug 7 14:59:24 2020 -0700 Removed a 16MByte flash image file that was checked in by mistake (several years ago). (#173) Remove the copies of lwIP that are no longer reference from demo projects. Co-authored-by: Carl Lundin <53273776+lundinc2@users.noreply.github.com> commit d4bf09480a2c77b1a25cce35b32293be61ab586f Author: m17336 <45935231+m17336@users.noreply.github.com> Date: Thu Aug 6 22:37:08 2020 +0300 Update previous AVR ATmega0 and AVR Dx projecs + addition of equivalent projects in MPLAB.X and IAR (#180) * Updated indentation in AVR_ATMega4809_Atmel_Studio and AVR_Dx_Atmel_Studio projects, plus small fixes in their readme files. * Added AVR_ATMega4809_IAR, AVR_ATMega4809_MPLAB.X, AVR_Dx_IAR and AVR_Dx_MPLAB.X demo projects. * Removed build artefacts and added .gitignore files in AVR_ATMega4809_MPLAB.X and AVR_Dx_MPLAB.X projects. Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit f32a0647c8228ddd066f5d69a85b2e49086e4c95 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Mon Aug 3 16:45:10 2020 -0700 Remove CBMC patch which is not used anymore (#187) * Delete 0002-Change-FreeRTOS_IP_Private.h-union-to-struct.patch * Delete 0002-Change-FreeRTOS_IP_Private.h-union-to-struct.patch commit 08af68ef9049279b265c3d00e9c48fb9594129a8 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Sat Aug 1 16:38:23 2020 -0700 Remove dependency of CBMC on Patches (#181) * Changes to DHCP * CBMC DNS changes * Changes for TCP_IP * Changes to TCP_WIN * Define away static to nothing * Remove patches * Changes after Mark's comments v1 * Update MakefileCommon.json * Correction! commit a7fec906a415363338449447daf10d7517b78848 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Jul 29 17:39:36 2020 -0700 Misc changes (#183) commit 07cf5e07e4a05d6775a2f9e753269f43f82cf6ba Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Jul 29 16:15:38 2020 -0700 MISRA compliance changes for FreeRTOS+TCP headers (#165) * misra changes * Update FreeRTOS_IP_Private.h * Update FreeRTOS_IP_Private.h commit e903ac0fed7ce59916899e404f3e5ae5b08d1478 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Jul 29 16:03:14 2020 -0700 UPD MISRA changes (#164) Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit 97551bf44e7dc7dc1e4484a8fd30f699255e8569 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Jul 29 15:52:00 2020 -0700 MISRA changes in FreeRTOS_TCP_WIN.c (#162) commit f2611cc5e5999c4c87e040a8c2d2e6b5e77a16a6 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Jul 29 15:38:37 2020 -0700 MISRA compliance changes in FreeRTOS_Sockets{.c/.h} (#161) * MISRA changes Sockets * add other changes * Update FreeRTOSIPConfig.h * Update FreeRTOSIPConfig.h * Update FreeRTOSIPConfig.h * Update FreeRTOSIPConfig.h * correction * Add 'U' * Update FreeRTOS_Sockets.h * Update FreeRTOS_Sockets.h * Update FreeRTOS_Sockets.c * Update FreeRTOS_Sockets.h * Update after Gary's comments * Correction reverted commit ae4d4d38d9b2685bae159b4c87619cdb157c0bf7 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Jul 29 13:56:57 2020 -0700 MISRA compliance changes for FreeRTOS_TCP_IP.c (#160) * MISRA tcp-ip changes * Changes after Hein's comments on original PR * Update FreeRTOS_TCP_IP.c Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit a457f43c66eb0f4be9d8f8678c0e3fb8d7ebd57b Author: Carl Lundin <53273776+lundinc2@users.noreply.github.com> Date: Tue Jul 28 13:01:38 2020 -0700 Add missing error state assignment. (#166) commit 915af50524e15a78ceb6c62b3d33f6562621ee46 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Mon Jul 27 17:30:53 2020 -0700 Add Atmel Studio projects for ATMega4809 and AVR128DA48 (#159) * Added explicit cast to allow roll over and avoid integer promotion during cycles counters comparison in recmutex.c. * Fixed type mismatch between declaration and definition of function xAreSemaphoreTasksStillRunning( void ). * Added Atmel Studio demo projects for ATMega4809 and AVR128DA48. * Per https://www.freertos.org/upgrading-to-FreeRTOS-V8.html, I'm updating portBASE_TYPE to BaseType_t. Signed-off-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> * Update register test for ATmega4809 - to cover r28, r29, r31. - call public API taskYIELD() instead of portYIELD(). * Update ATmega4809 readme.md to include info for serial port setup, and minor wording fix. Co-authored-by: Alexandru Niculae - M17336 <alexandru.niculae@microchip.com> commit 4a7a48790d64127f85cc763721b575c51c452833 Author: Carl Lundin <53273776+lundinc2@users.noreply.github.com> Date: Thu Jul 23 10:22:33 2020 -0700 Add Uncrustify file used for Kernel. (#163) commit e0d62163b08769fd74f020709c398f994088ca96 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Jul 22 18:06:23 2020 -0700 Sync with +TCP amazon-FreeRTOS (#158) * DNS.c commit * IP.c commit * Add various source & header files commit 8e36bee30eef2107e128edb58e83ee46e8241a91 Author: Nathan Chong <52972368+nchong-at-aws@users.noreply.github.com> Date: Tue Jul 21 12:51:20 2020 -0400 Prove buffer lemmas (#124) * Prove buffer lemmas * Update queue proofs to latest kernel source All changes were syntactic due to uncrustify code-formatting * Strengthen prvCopyDataToQueue proof * Add extract script for diff comparison Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit c720c18ada40b502436ea811e8d03dca919726d8 Author: Hein Tibosch <hein_tibosch@yahoo.es> Date: Tue Jul 14 05:35:44 2020 +0800 FreeRTOS+TCP Adding the combined driver for SAM4E and SAME70 v2 (#78) * Adding a combined +TCP driver for SAM4E and SAME70 * Changes after review from Aniruddha Co-authored-by: Hein Tibosch <hein@htibosch.net> Co-authored-by: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> commit 4237049b12d9bb6b03694fecf6ea26a353e637c8 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Mon Jul 13 12:07:56 2020 -0700 Add changes from 2225-2227 amazon-FreeRTOS (#134) commit 7caa32863458c4470d3c620945c30824199f524c Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Fri Jul 10 23:32:30 2020 -0700 Add Full TCP test suite - not using secure sockets (#131) * Add Full-TCP suite * delete unnecessary files * Change after Joshua's comments commit d7667a0034841f2968f9f9f805030cc608bfbce1 Author: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com> Date: Fri Jul 3 15:45:44 2020 -0700 Remove unnecessary semicolon from the linker file (#121) This was creating problem with the onboard LPCLink debug probe. Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com> commit 529c481c39506d0b331bfd0cdea35e5d1aeaaad0 Author: Nathan Chong <52972368+nchong-at-aws@users.noreply.github.com> Date: Thu Jul 2 15:55:20 2020 -0400 Add VeriFast kernel queue proofs (#117) commit d5fedeaa96b5b1d3c0f6b9b52a8064ab72ff2821 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Jul 1 13:56:27 2020 -0700 Add checks in FreeRTOS_Socket.c (#104) * Add fail-safes to FreeRTOS_Socket.c * Use all 'pd' errors * Correction after Hein's comments * Correction after Hein's comments v2 * Changes after Hein's comments * Update after Gary's comments commit a9b2aac4e9fda2a259380156df9cc0af51384d2d Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Fri Jun 26 12:09:36 2020 -0700 Folder structure change + Fix broken Projects (#103) * Update folder structure * Correct project files * Move test folder * Some changes after Yuki's comments commit 98bfc38bf3404414878dc68ea41753bea4e24c8e Author: Hein Tibosch <hein_tibosch@yahoo.es> Date: Thu Jun 25 13:01:45 2020 +0800 FreeRTOS+TCP : add memory statistics and dump packets, v3 (#83) * FreeRTOS+TCP : add memory statistics and dump packets, v3 * Two changes as requested by Aniruddha Co-authored-by: Hein Tibosch <hein@htibosch.net> Co-authored-by: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> commit 072a173c9df31c75ff64bde440f3f316cedb9033 Author: S.Burch <8697966+wholl0p@users.noreply.github.com> Date: Mon Jun 22 23:39:26 2020 +0200 Fixed Imports for Infineon XMC1100 Board (#88) Co-authored-by: RichardBarry <3073890+RichardBarry@users.noreply.github.com> commit 2df5eeef5763045c4c74ff0e2a4091b7d19bea89 Author: RichardBarry <3073890+RichardBarry@users.noreply.github.com> Date: Mon Jun 8 14:22:46 2020 -0700 Feature/multiple direct to task notifications (#73) * Add TaskNotifyArray.c with the single task tests updated to use the task notification array up to the point where the timer is created. * Continue working on TaskNotifyArray.c to test the new task notification indexes. Next TaskNotifyArray.c will be refactored to break the tests up a bit. * Refactor and update the comments in TaskNotifyArray.c - no functional changes. * Change from the task notify "array" to task notification "indexed" nomenclature in the new task notification API functions that work on one particular task notification with the array of task notifications. * Update the implementation of the taskNOTIFY_TAKE() and taskNOTIFY_WAIT() trace macros to take the array index of the task notification they are acting on. Rename configNUMBER_OF_TASK_NOTIFICATIONS to configTASK_NOTIFICATION_ARRAY_ENTRIES. Add FreeRTOS/Demo/Common/Minimal/TaskNotifyArray.c to the Visual Studio project - the file implements tests specific to the behaviour of the indexed task notification functions and should be used in addition to the tests already provided in FreeRTOS/Demo/Common/Minimal/TaskNotify.c. commit b9e4ecfaf7286d8493d4a96a93fbb325534ad97b Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Fri Jun 5 11:10:58 2020 -0700 Remove Empty and Un-referenced folder from Demo (#86) commit f11bcc8acc57a23fb03603762e758c25b9d0efb7 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Jun 3 16:52:31 2020 -0700 Fix a Bug and corresponding CBMC patch (#84) * Update remove-static-in-freertos-tcp-ip.patch * Update FreeRTOS_TCP_IP.c * Update remove-static-in-freertos-tcp-ip.patch * Update remove-static-in-freertos-tcp-ip.patch Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit bb9f92f771e5f6ea2b9b09c7e89130a75e562eb7 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Wed Jun 3 10:46:55 2020 -0700 Submodule FreeRTOS/Source 10bbbcf0b..6199b72fb (#82) commit 6efc39f44be5b269168836e95aebbdb8ae77dce3 Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Tue Jun 2 15:09:25 2020 -0700 Add Project for running integration tests v2 (#80) * Project for integration tests * relative paths in project files * relative paths in project files-1 * relative paths in project files-2 * addressed comments * addressed comments v2 Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit 0eb5909fb02bac9dc074ff1bc2fe338d77f73764 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Thu May 28 17:05:24 2020 -0700 readme.md for ATmega328PB Xplained Mini. (#76) readme.md to get users jump started. commit cb7edd2323a77f3dbea144c1f48f95582becc99e Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Thu May 28 10:11:58 2020 -0700 Sync with a:FR (#75) * AFR sync * AFR sync: CBMC * AFR sync: CBMC: remove .bak files * AFR sync: CBMC: more cleanup * Corrected CBMC proofs * Corrected CBMC patches * Corrected CBMC patches-1 * Corrected CBMC patches-2 * remove .bak files (3) Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit 6557291e5407ca7ec6beca53fced1aaa620c5c02 Author: alfred gedeon <alfred2g@hotmail.com> Date: Wed May 27 14:44:33 2020 -0700 Test: Add Linux Networking support with demo application (#71) * Test: Add Linux Networking support with demo application * Test: revert files affected by uncrustify * Test: revert files affected by uncrustify Co-authored-by: Alfred Gedeon <gedeonag@amazon.com> Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit 8b079bc394e7b205d72210ce9e052404d782938f Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Wed May 27 10:44:03 2020 -0700 ATmega328PB Xplained Mini -- demo project for ATmega port. (#70) * Bootstrap a demo from START. No driver is added in this commit. * Add FreeRTOS source code to project. Remove unnecessary folder nesting. Heap_4 is used here. * Copy over main.c, FreeRTOSConfig.h, and regtest.{c, h}. This commit compiles, but will need some work on timer used. * This port has 2KB RAM. We are using 1KB for heap. Further decreasing minimum stack size, and also use stack overflow check 1 to save some stack space. * Preserve EEPROM set to false. * End of the line. * Reduce register test stack size. 32 8-bit register + 10 bytes for stack frame cost. Round up to 50. * Adding Queue test in Integer test. - g3 to easy debugging. - mainCHECK_PERIOD is set to 1000 ticks. Note that this port for now use WDT as tick timer, and period is set to 15ms. - vErrorChecks, is of highest priority. So if this task gets run before other tasks, the very first check will fail. * Avoid false alarm. Since we don't know in which order the tasks are scheduled, clearing any error for the first entry of vErrorChecks. Signed-off-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> * ParTest.c to init, set, toggle onboard user LED at PB5. * Added a task to blink onboard user LED. Need a magic number for stack size. Signed-off-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> * Explicitly setting timing slicing to 0. This is to avoid unecessary context switch when multiple tasks are of the same priority. Signed-off-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> * Add taskYIELD() at the end of the loop in each register test task. This is to give other tasks of the same priority a chance to run, regardless of scheduling algorithm. Signed-off-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> * minor, update comment in main.c. commit 95a3a02f95749fb7a600723076e291f9dee7426c Author: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Fri May 22 16:26:59 2020 -0700 FreeRTOS-Plus: Unit testing Infrastructure and examples (#72) * Added CMock as submodule * Makefile added * Removed TEMP from Makefile * Added configuration files and header files * Update Makefile * Test runner working * make clean * Example added with README * Update README.md * Restored +TCP files * Cleared +TCP changes * removed comments from Makefile * Update README.md * Update README.md * Update README.md * Updated Test/Unit-test/readme.md commit 5003d17feda25490e655c0f1c15d2b13e395c9f7 Author: Hein Tibosch <hein_tibosch@yahoo.es> Date: Wed May 6 14:16:56 2020 -0400 FreeRTOS+TCP : renewing DHCP lease while network is down (#53) Co-authored-by: Hein Tibosch <hein@htibosch.net> Co-authored-by: Gary Wicker <14828980+gkwicker@users.noreply.github.com> commit d95624c5d6ba95ec0474867d7165de2c28ed41b7 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Tue May 5 09:57:18 2020 -0700 Move CBMC proofs to FreeRTOS+ directory (#64) * move CBMC proofs to FreeRTOS+ directory * Failing proofs corrected * ParseDNSReply proof added back * removed queue_init.h from -Plus/Test Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit 95ae7c65758a9473ea16ab08182f056f72331de2 Author: markrtuttle <tuttle@acm.org> Date: Wed Apr 29 04:27:45 2020 +0000 Change cbmc-viewer invocation in CBMC makefile (#63) * Exclude FreeRTOS/Demo from CBMC proof reports. The script cbmc-viewer generates the CBMC proof reports. The script searches source files for symbol definitions and annotates source files with coverage information. This patch causes cbmc-viewer to ignore the directory FreeRTOS/Demo containing 348M of data. The script now terminates in a few seconds. * Make report default target for CBMC Makefile. Modify the Makefile for CBMC proofs to generate the report by default (and not just property checking) and modify property checking to ignore failures (due to property assertions failing) and terminating report generation. Co-authored-by: Mark R. Tuttle <mrtuttle@amazon.com> commit d421ccc89f6f6473dfdd566a00567b0e1fd4cfc3 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Sat Apr 25 16:57:35 2020 -0700 Reword readme.md under ./Test. (#61) commit 38412865985235b90dbd9da9708b68c4de5918f5 Author: Carl Lundin <53273776+lundinc2@users.noreply.github.com> Date: Sat Apr 25 16:56:54 2020 -0700 Removed a:FR reference. (#60) commit 4db195c916c7b13c82ab3a34a499fe606f266810 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Tue Apr 21 15:40:08 2020 -0700 Adding FreeRTOS+TCP CBMC proofs to FreeRTOS/FreeRTOS (#56) ParseDNSReply is to be added in the next PR. commit 40a31b6d35a866a3a6c551d95bf08dae855da5bd Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Mon Apr 13 13:58:33 2020 -0700 'uL' -> 'UL' commit 5b3a289b69fc92089aa8bd4d1b44ab816f326f73 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Mon Apr 13 13:50:53 2020 -0700 Changes after Gary's comments commit edf68637dd22470a8d4f59fecc15b51379bcfeda Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Fri Apr 10 16:26:03 2020 -0700 Update FreeRTOS_ARP.c commit 35f3ac32a8899dd714a8a48952a4224fbcebc4aa Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Fri Apr 10 15:56:18 2020 -0700 correct debug output commit 5e12a70db4b6a8e68a434489683306f040252efa Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Fri Apr 10 15:44:45 2020 -0700 Debugging flag check added commit 4e8ac8de25ac4088b9c789b88a77cd39df4d9167 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Thu Apr 9 16:57:19 2020 -0700 Comment style consistency and Yuhui's suggestions commit e43f7cd086096ad60491fedba69927a1e1a82f20 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Thu Apr 9 16:47:41 2020 -0700 Cleanup commit ab3b51c7a0d880a6bf453ec63ae604e15050f310 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Thu Apr 9 16:33:03 2020 -0700 Update after Gary's comments commit 97f7009699ffb972c0745dfdb526d1fa4e0faf84 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Apr 8 14:30:15 2020 -0700 Update after richard's comments commit a9fcafc074cec559dd67961ef44273df6180c2db Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Apr 8 14:07:39 2020 -0700 Corrected the formatting - visual studio had messed up the formatting commit c381861014a8043ce30723fc5a8cf5107719c8df Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Apr 8 13:01:12 2020 -0700 commit 2 after gary's comments commit 75677a8d85fa802cca9058d6e23796d5043a0982 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Apr 8 12:51:10 2020 -0700 Commit after Gary's comments commit 666c0da366030109db2c0c5e7253cebb2f899db7 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Apr 8 10:56:01 2020 -0700 Update after Yuhui's comments - removed (void) from before memcpy, memset etc. - corrected memcpy style as suggested by Yuhui - Added logging for xNetworkInterfaceOutput. No need to configASSERT commit 4a1148d15b6b8169d2412f8179f734683b179795 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Apr 1 16:05:36 2020 -0700 Coverity + MISRA compliance Modified code to conform to the MISRA directives more closely. commit fa74f7dccf6b1a356993c6a894f8e1173b8c8157 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Thu Apr 2 20:26:10 2020 -0700 Removing writes to read-only PLIC interrupt pending registers. Signed-off-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> commit 5b9777e11e16609648fb98d2f9a47553ab238950 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Tue Mar 31 10:45:23 2020 -0700 A readme file to introduce what ./Test directory is about. commit 211bb4cbd9ae6dfa95e8d8501f37d272bde5ab26 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Tue Mar 24 15:14:24 2020 -0700 Ignore whitespace when working with patches. commit 8156f64d1c45dd59ef12279f19a99f03e79e1f8a Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Tue Feb 25 18:04:23 2020 -0800 Copying CBMC proofs from aws/amazon-freertos repo ./tools/cbmc to this repo ./FreeRTOS/Test/CBMC as is. The commit ID in aws/amazon-freertos is 0c8e0217f2a43bdeb364b58ae01c6c259e03ef1b. commit 9f316c246baafa15c542a5aea81a94f26e3d6507 Author: David Vrabel <david.vrabel@cambridgeconsultants.com> Date: Mon Mar 16 11:21:46 2020 +0000 Demo/Posix_GCC: add demo application for Posix port using GCC This is largely a copy of the Windows demo application with a few key changes: - heap_3 (use malloc()/free()) so tools like valgrind "just work". - printf() wrapped in a mutex to prevent deadlocks on the internal pthread mutexes inside printf(). SCons (https://scons.org/) is used as the build system. This will be built as a 64-bit application, but note that the memory allocation trace points only record the lower 32-bits of the address. commit f78f919b3e2f0d707531a301a8ca07cd02bc4778 Author: Markus Rinne <markus.ka.rinne@gmail.com> Date: Thu Mar 19 21:00:24 2020 +0200 Fix function comments commit 1cd2d38d960a3576addb224582c88489bade5141 Author: David Chalco <david@chalco.io> Date: Fri Mar 20 10:29:05 2020 -0700 unix separators for path and remove .exe suffix from risc compiler (works on windows/mac) commit 938b19419eded12817737ab0644e94ed2ba7e95d Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Thu Mar 19 18:23:09 2020 -0700 Removing ./FreeRTOS-Labs directory, since: - IoT libraries are now in LTS branch. - FAT/POSIX/Light-weight MQTT are in https://github.com/FreeRTOS/FreeRTOS-Labs. commit 1a4abbc9e91b13fd6394464ade59d5e048320c7c Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Tue Mar 17 19:30:02 2020 -0700 Maintenance -- clean up readme.txt and add url to GitHub. (#38) * Removing readme.txt, as now we have README.md in place. The only information missing from README.md is about FAQ. * Adding FAQ information in README.md. * Adding a .url to root to redict user to FreeRTOS github home page. commit 47bb466aa19395b7785bcb830e2e4dd35f6bafc5 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Tue Mar 17 13:07:44 2020 -0700 Update issue templates Template maintenance. - adding title prefix. - adding examples to "additional context" section. commit f506290041f56867765f8efa70ed2862125bdb7c Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Tue Mar 17 10:15:07 2020 -0700 Create SECURITY.md Apply the recommended SECURITY.md from AWS to our repo. commit 8982a2f80a80a2a0a47cf82de07b52101bd9d606 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Fri Mar 13 12:50:10 2020 -0700 Add ./lib directory to make sure Zynq project compiles. commit ecf0f12aa14ad6fdafe1ef37257cbb4e03e2abd5 Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Wed Mar 11 10:19:48 2020 -0700 Sync up with Amazon-freertos repo (10th March 2020) (#34) * Sync up with amazon-freertos * Sync up with amazon-freertos * Sync up with amazon-freertos commit 0acffef047973e2e61c2201fd69cd9bbd317f674 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Tue Mar 10 10:20:48 2020 -0700 GitHub PR template. (#29) commit c40a6da2e4cb8042b56d1b174051cbbe9813781a Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Mon Mar 9 11:18:48 2020 -0700 pass payload length when calling UDP callback (#30) * pass payload length when calling UDP callback commit 12d580e93d4d9074b9a867632f0681a511b4ad12 Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Fri Mar 6 18:16:51 2020 -0800 Update issue templates Initial issue template. Created following https://help.github.com/en/github/building-a-strong-community/configuring-issue-templates-for-your-repository#configuring-the-template-chooser. If change is needed, we could go another round. commit 9debffb5e0e42ff716f58b2270b3af09652294af Author: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Fri Mar 6 17:27:46 2020 -0800 Update README.md to remove dead link. See the conversation https://github.com/FreeRTOS/FreeRTOS/commit/42c627b2b88cb3b487fea983d8b566a8bbae54fa#comments . Linkage for both ```./FreeRTOS/Source``` and ```./FreeRTOS/Demo``` are removed, since it looks weird to only provide linkage to Demo. commit 7e1a4bf563240501fc45167aee9d929c533939dd Author: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com> Date: Fri Mar 6 15:18:09 2020 -0800 Fix DHCP option Client-identifier (#28) commit 42c627b2b88cb3b487fea983d8b566a8bbae54fa Author: Yuhui.Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Fri Mar 6 09:15:11 2020 -0800 Update readme and revert relative URL. (#27) * Reordering: bumping cloning instruction up. * Rewording readme.md to be clear kernel code is a submodule of this repository. * Reverting relative URL, since user cannot click through on GitHub page. (With URL, user could still download the correct version of the code. Reverting simply due to UI issue.) commit 5751ae9b60e248ebd0b4dd7c58df54364d2bb9d5 Author: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com> Date: Fri Mar 6 09:11:42 2020 -0800 Update CORTEX_MPU_M33F_NXP_LPC55S69_MCUXpresso project (#26) This commit updates the project for LPC55S69 so that it works with the latest version of MCUXpresso and SDK. Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com> commit a9ffffe1f01f45f79e127c15727784984077932f Author: Carl Lundin <53273776+lundinc2@users.noreply.github.com> Date: Thu Mar 5 17:16:13 2020 -0800 Using Relative URL For Submoduling. (#24) commit 52c82076b38fe73d1dc46c97abf74ae9b803696c Author: Carl Lundin <53273776+lundinc2@users.noreply.github.com> Date: Thu Mar 5 09:16:31 2020 -0800 use relative path to point to bundled toolchain instead (#25) commit b877e4ec478de2c24d07ab46241070d7c66f375c Author: lundinc2 <53273776+lundinc2@users.noreply.github.com> Date: Tue Feb 25 13:18:38 2020 -0800 Moved vulnerability reporting and code of conduct to top of CONTRIBUTING.md (#20) commit bef165d46799fb8faa58aaa224f80c16b6538e69 Author: Yuhui.Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Tue Feb 18 22:06:38 2020 -0800 Linking test source file from relative path. (#19) commit 89e7bbe292afd3912d1f0b2402cc506878bad869 Author: Yuhui.Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Tue Feb 18 17:47:55 2020 -0800 A preliminary .gitignore file, to prevent us checking in files unnecessary. (#18) https://github.com/github/gitignore. commit c2a98127acb48c4562233230e66ca5c282688579 Author: RichardBarry <3073890+RichardBarry@users.noreply.github.com> Date: Sun Feb 16 13:19:53 2020 -0800 Minor wording changes in the 'previous releases' section of the readme.me file. (#17) commit 24c772d1439e5c291c0a29fce0a46996ca8afaa9 Author: Yuhui.Zheng <10982575+yuhui-zheng@users.noreply.github.com> Date: Fri Feb 14 12:47:01 2020 -0800 Submodule kernel directory. (#16) * Removing FreeRTOS/Source in readiness for submoduling. * Submoduling kernel. * README.md update due to submoduling. When releasing, please follow these steps: 1. in local directory, clean directory and check "git status" shows "nothing to commit, working tree clean" for ALL subdirectories. 2. copy source code and instructions only to an empty folder. Git related should not be in this folder -- this covers .git, .gitignore, .github, .gitmodules, gitmessages, ...... 3. zip the folder from step 2. (create both .zip and .7z) 4. attach .zip and .7z to the release. (e.g. attach these two in new release -- https://github.com/FreeRTOS/FreeRTOS/releases/new) 5. PLEASE download both, unzip, diff with your local git repo. (should not see any difference other than git related.) And, sanity check a couple of projects. commit c3f8b91652392dc55e0d7067b90a40de5f5f0837 Author: Rashed Talukder <9218468+rashedtalukder@users.noreply.github.com> Date: Thu Feb 13 17:47:14 2020 -0800 Update readme. Fixed typos and cli commands (#14) commit 4723b825f2989213c1cdb2ebf4d6793e0292e363 Author: Julian Poidevin <julian-poidevin@users.noreply.github.com> Date: Fri Feb 14 02:43:36 2020 +0100 Fixed wrong git clone SSH command (#13) Replaced bad https URL with proper SSH URL commit fc819b821715c42602819e58499846147a6394f5 Author: RichardBarry <3073890+RichardBarry@users.noreply.github.com> Date: Thu Feb 13 17:42:22 2020 -0800 Correct the xTimerCreate() documentation which said NULL was returned if the timer period was passed into the function as 0, whereas that is not the case. (#15) Add a note to the documentation for both the xTimerCreate() and xTimerCreateStatic() functions that the timer period must be greater than 0. commit 1c711ab530b5f0dbd811d7d62e0a3763706ffff4 Author: Rashed Talukder <9218468+rashedtalukder@users.noreply.github.com> Date: Wed Feb 12 23:00:18 2020 -0800 Updated contributions guidelines (#12) commit 84fcc0d5317d96c6b086034093c8c1c83e050819 Author: Cobus van Eeden <35851496+cobusve@users.noreply.github.com> Date: Wed Feb 12 15:05:06 2020 -0800 Updates to Markdown files and readme.txt (#11) git-svn-id: http://svn.code.sf.net/p/freertos/code/trunk@2826 1d2547de-c912-0410-9cb9-b8ca96c0e9e2
Diffstat (limited to 'FreeRTOS-Plus/Source/WolfSSL/wolfssl/internal.h')
-rw-r--r--FreeRTOS-Plus/Source/WolfSSL/wolfssl/internal.h3490
1 files changed, 2795 insertions, 695 deletions
diff --git a/FreeRTOS-Plus/Source/WolfSSL/wolfssl/internal.h b/FreeRTOS-Plus/Source/WolfSSL/wolfssl/internal.h
index 99d3e9a95..ab04b3ded 100644
--- a/FreeRTOS-Plus/Source/WolfSSL/wolfssl/internal.h
+++ b/FreeRTOS-Plus/Source/WolfSSL/wolfssl/internal.h
@@ -1,8 +1,8 @@
/* internal.h
*
- * Copyright (C) 2006-2015 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
*
- * This file is part of wolfSSL. (formerly known as wolfSSL)
+ * This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -16,10 +16,11 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+
#ifndef WOLFSSL_INT_H
#define WOLFSSL_INT_H
@@ -44,6 +45,7 @@
#endif
#ifndef NO_ASN
#include <wolfssl/wolfcrypt/asn.h>
+ #include <wolfssl/wolfcrypt/pkcs12.h>
#endif
#ifndef NO_MD5
#include <wolfssl/wolfcrypt/md5.h>
@@ -67,31 +69,56 @@
#ifndef NO_RC4
#include <wolfssl/wolfcrypt/arc4.h>
#endif
-#ifdef HAVE_ECC
- #include <wolfssl/wolfcrypt/ecc.h>
-#endif
#ifndef NO_SHA256
#include <wolfssl/wolfcrypt/sha256.h>
#endif
#ifdef HAVE_OCSP
#include <wolfssl/ocsp.h>
#endif
+#ifdef WOLFSSL_SHA384
+ #include <wolfssl/wolfcrypt/sha512.h>
+#endif
#ifdef WOLFSSL_SHA512
#include <wolfssl/wolfcrypt/sha512.h>
#endif
-
#ifdef HAVE_AESGCM
#include <wolfssl/wolfcrypt/sha512.h>
#endif
-
#ifdef WOLFSSL_RIPEMD
#include <wolfssl/wolfcrypt/ripemd.h>
#endif
+#ifdef HAVE_IDEA
+ #include <wolfssl/wolfcrypt/idea.h>
+#endif
+#ifndef NO_RSA
+ #include <wolfssl/wolfcrypt/rsa.h>
+#endif
+#ifdef HAVE_ECC
+ #include <wolfssl/wolfcrypt/ecc.h>
+#endif
+#ifndef NO_DH
+ #include <wolfssl/wolfcrypt/dh.h>
+#endif
+#ifdef HAVE_ED25519
+ #include <wolfssl/wolfcrypt/ed25519.h>
+#endif
+#ifdef HAVE_CURVE25519
+ #include <wolfssl/wolfcrypt/curve25519.h>
+#endif
+#ifdef HAVE_ED448
+ #include <wolfssl/wolfcrypt/ed448.h>
+#endif
+#ifdef HAVE_CURVE448
+ #include <wolfssl/wolfcrypt/curve448.h>
+#endif
+#include <wolfssl/wolfcrypt/wc_encrypt.h>
#include <wolfssl/wolfcrypt/hash.h>
-#ifdef WOLFSSL_CALLBACKS
+#if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
#include <wolfssl/callbacks.h>
+#endif
+#ifdef WOLFSSL_CALLBACKS
#include <signal.h>
#endif
@@ -109,59 +136,96 @@
#ifndef SINGLE_THREADED
#include "tx_api.h"
#endif
+
+#elif defined(WOLFSSL_DEOS)
+ /* do nothing, just don't pick Unix */
#elif defined(MICRIUM)
/* do nothing, just don't pick Unix */
-#elif defined(FREERTOS) || defined(WOLFSSL_SAFERTOS)
+#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS)
/* do nothing */
#elif defined(EBSNET)
/* do nothing */
-#elif defined(FREESCALE_MQX)
+#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
/* do nothing */
+#elif defined(FREESCALE_FREE_RTOS)
+ #include "fsl_os_abstraction.h"
+#elif defined(WOLFSSL_uITRON4)
+ /* do nothing */
+#elif defined(WOLFSSL_uTKERNEL2)
+ /* do nothing */
+#elif defined(WOLFSSL_CMSIS_RTOS)
+ #include "cmsis_os.h"
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+ #include "cmsis_os2.h"
#elif defined(WOLFSSL_MDK_ARM)
#if defined(WOLFSSL_MDK5)
- #include "cmsis_os.h"
+ #include "cmsis_os.h"
#else
#include <rtl.h>
#endif
#elif defined(MBED)
#elif defined(WOLFSSL_TIRTOS)
/* do nothing */
+#elif defined(INTIME_RTOS)
+ #include <rt.h>
+#elif defined(WOLFSSL_NUCLEUS_1_2)
+ /* do nothing */
+#elif defined(WOLFSSL_APACHE_MYNEWT)
+ #if !defined(WOLFSSL_LWIP)
+ void mynewt_ctx_clear(void *ctx);
+ void* mynewt_ctx_new();
+ #endif
+#elif defined(WOLFSSL_ZEPHYR)
+ #ifndef SINGLE_THREADED
+ #include <kernel.h>
+ #endif
+#elif defined(WOLFSSL_TELIT_M2MB)
+ /* do nothing */
#else
#ifndef SINGLE_THREADED
#define WOLFSSL_PTHREADS
#include <pthread.h>
#endif
- #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
+ #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
#include <unistd.h> /* for close of BIO */
#endif
#endif
+#ifndef CHAR_BIT
+ /* Needed for DTLS without big math */
+ #include <limits.h>
+#endif
+
#ifdef HAVE_LIBZ
#include "zlib.h"
#endif
-#ifdef _MSC_VER
- /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
- #pragma warning(disable: 4996)
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
#endif
-#ifdef NO_AES
- #if !defined (ALIGN16)
- #define ALIGN16
+#ifdef OPENSSL_EXTRA
+ #ifdef WOLFCRYPT_HAVE_SRP
+ #include <wolfssl/wolfcrypt/srp.h>
#endif
#endif
+#ifdef _MSC_VER
+ /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+ #pragma warning(disable: 4996)
+#endif
+
#ifdef NO_SHA
- #define SHA_DIGEST_SIZE 20
+ #define WC_SHA_DIGEST_SIZE 20
#endif
#ifdef NO_SHA256
- #define SHA256_DIGEST_SIZE 32
+ #define WC_SHA256_DIGEST_SIZE 32
#endif
#ifdef NO_MD5
- #define MD5_DIGEST_SIZE 16
+ #define WC_MD5_DIGEST_SIZE 16
#endif
@@ -169,16 +233,6 @@
extern "C" {
#endif
-
-#ifdef USE_WINDOWS_API
- typedef unsigned int SOCKET_T;
-#else
- typedef int SOCKET_T;
-#endif
-
-
-typedef byte word24[3];
-
/* Define or comment out the cipher suites you'd like to be compiled in
make sure to use at least one BUILD_SSL_xxx or BUILD_TLS_xxx is defined
@@ -203,68 +257,114 @@ typedef byte word24[3];
#error "You are trying to build max strength with requirements disabled."
#endif
+/* Have QSH : Quantum-safe Handshake */
+#if defined(HAVE_QSH)
+ #define BUILD_TLS_QSH
+#endif
+
+#ifndef WOLFSSL_NO_TLS12
+
#ifndef WOLFSSL_MAX_STRENGTH
+#ifdef WOLFSSL_AEAD_ONLY
+ /* AES CBC ciphers are not allowed in AEAD only mode */
+ #undef HAVE_AES_CBC
+#endif
+
+#ifndef WOLFSSL_AEAD_ONLY
#if !defined(NO_RSA) && !defined(NO_RC4)
- #if !defined(NO_SHA)
- #define BUILD_SSL_RSA_WITH_RC4_128_SHA
- #endif
- #if !defined(NO_MD5)
- #define BUILD_SSL_RSA_WITH_RC4_128_MD5
+ #if defined(WOLFSSL_STATIC_RSA)
+ #if !defined(NO_SHA)
+ #define BUILD_SSL_RSA_WITH_RC4_128_SHA
+ #endif
+ #if !defined(NO_MD5)
+ #define BUILD_SSL_RSA_WITH_RC4_128_MD5
+ #endif
#endif
- #if !defined(NO_TLS) && defined(HAVE_NTRU) && !defined(NO_SHA)
+ #if !defined(NO_TLS) && defined(HAVE_NTRU) && !defined(NO_SHA) \
+ && defined(WOLFSSL_STATIC_RSA)
#define BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
#endif
#endif
#if !defined(NO_RSA) && !defined(NO_DES3)
#if !defined(NO_SHA)
- #define BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
- #if !defined(NO_TLS) && defined(HAVE_NTRU)
+ #if defined(WOLFSSL_STATIC_RSA)
+ #define BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ #endif
+ #if !defined(NO_TLS) && defined(HAVE_NTRU) \
+ && defined(WOLFSSL_STATIC_RSA)
#define BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
#endif
#endif
#endif
+ #if !defined(NO_RSA) && defined(HAVE_IDEA)
+ #if !defined(NO_SHA) && defined(WOLFSSL_STATIC_RSA)
+ #define BUILD_SSL_RSA_WITH_IDEA_CBC_SHA
+ #endif
+ #endif
+#endif /* !WOLFSSL_AEAD_ONLY */
+
#if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS)
- #if !defined(NO_SHA)
- #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
- #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
- #if defined(HAVE_NTRU)
+ #if !defined(NO_SHA) && defined(HAVE_AES_CBC)
+ #if defined(WOLFSSL_STATIC_RSA)
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
+ #endif
+ #endif
+ #if defined(HAVE_NTRU) && defined(WOLFSSL_STATIC_RSA)
+ #ifdef WOLFSSL_AES_128
#define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
+ #endif
+ #ifdef WOLFSSL_AES_256
#define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
+ #endif
#endif
#endif
- #if !defined (NO_SHA256)
- #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
- #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
- #endif
- #if defined (HAVE_AESGCM)
- #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
- #if defined (WOLFSSL_SHA384)
- #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
+ #if defined(WOLFSSL_STATIC_RSA)
+ #if !defined (NO_SHA256) && defined(HAVE_AES_CBC)
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
+ #endif
+ #endif
+ #if defined (HAVE_AESGCM)
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
+ #endif
+ #if defined (WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
+ #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
+ #endif
+ #endif
+ #if defined (HAVE_AESCCM)
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_RSA_WITH_AES_128_CCM_8
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_RSA_WITH_AES_256_CCM_8
+ #endif
#endif
- #endif
- #if defined (HAVE_AESCCM)
- #define BUILD_TLS_RSA_WITH_AES_128_CCM_8
- #define BUILD_TLS_RSA_WITH_AES_256_CCM_8
- #endif
- #if defined(HAVE_BLAKE2)
- #define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
- #define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
#endif
#endif
- #if defined(HAVE_CAMELLIA) && !defined(NO_TLS)
+ #if defined(HAVE_CAMELLIA) && !defined(NO_TLS) && !defined(NO_CAMELLIA_CBC)
#ifndef NO_RSA
- #if !defined(NO_SHA)
- #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- #endif
+ #if defined(WOLFSSL_STATIC_RSA)
+ #if !defined(NO_SHA)
+ #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ #endif
#ifndef NO_SHA256
#define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
#define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
#endif
+ #endif
#if !defined(NO_DH)
#if !defined(NO_SHA)
#define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
@@ -278,41 +378,62 @@ typedef byte word24[3];
#endif
#endif
+#if defined(WOLFSSL_STATIC_PSK)
#if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS)
#if !defined(NO_SHA)
- #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
- #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
+ #endif
#endif
#ifndef NO_SHA256
- #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
- #ifdef HAVE_AESGCM
- #define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
- #endif
+ #ifdef WOLFSSL_AES_128
+ #ifdef HAVE_AES_CBC
+ #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
+ #endif
+ #ifdef HAVE_AESGCM
+ #define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
+ #endif
+ #endif /* WOLFSSL_AES_128 */
#ifdef HAVE_AESCCM
- #define BUILD_TLS_PSK_WITH_AES_128_CCM_8
- #define BUILD_TLS_PSK_WITH_AES_256_CCM_8
- #define BUILD_TLS_PSK_WITH_AES_128_CCM
- #define BUILD_TLS_PSK_WITH_AES_256_CCM
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_PSK_WITH_AES_128_CCM_8
+ #define BUILD_TLS_PSK_WITH_AES_128_CCM
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_PSK_WITH_AES_256_CCM_8
+ #define BUILD_TLS_PSK_WITH_AES_256_CCM
+ #endif
#endif
#endif
- #ifdef WOLFSSL_SHA384
- #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
+ #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
+ #ifdef HAVE_AES_CBC
+ #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
+ #endif
#ifdef HAVE_AESGCM
#define BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
#endif
#endif
#endif
+#endif
#if !defined(NO_TLS) && defined(HAVE_NULL_CIPHER)
#if !defined(NO_RSA)
- #if !defined(NO_SHA)
- #define BUILD_TLS_RSA_WITH_NULL_SHA
- #endif
- #ifndef NO_SHA256
- #define BUILD_TLS_RSA_WITH_NULL_SHA256
+ #if defined(WOLFSSL_STATIC_RSA)
+ #ifndef NO_MD5
+ #define BUILD_TLS_RSA_WITH_NULL_MD5
+ #endif
+ #if !defined(NO_SHA)
+ #define BUILD_TLS_RSA_WITH_NULL_SHA
+ #endif
+ #ifndef NO_SHA256
+ #define BUILD_TLS_RSA_WITH_NULL_SHA256
+ #endif
#endif
#endif
- #if !defined(NO_PSK)
+ #if !defined(NO_PSK) && defined(WOLFSSL_STATIC_PSK)
#if !defined(NO_SHA)
#define BUILD_TLS_PSK_WITH_NULL_SHA
#endif
@@ -325,14 +446,14 @@ typedef byte word24[3];
#endif
#endif
+#if defined(WOLFSSL_STATIC_RSA)
#if !defined(NO_HC128) && !defined(NO_RSA) && !defined(NO_TLS)
- #define BUILD_TLS_RSA_WITH_HC_128_MD5
+ #ifndef NO_MD5
+ #define BUILD_TLS_RSA_WITH_HC_128_MD5
+ #endif
#if !defined(NO_SHA)
#define BUILD_TLS_RSA_WITH_HC_128_SHA
#endif
- #if defined(HAVE_BLAKE2)
- #define BUILD_TLS_RSA_WITH_HC_128_B2B256
- #endif
#endif
#if !defined(NO_RABBIT) && !defined(NO_TLS) && !defined(NO_RSA)
@@ -340,111 +461,253 @@ typedef byte word24[3];
#define BUILD_TLS_RSA_WITH_RABBIT_SHA
#endif
#endif
+#endif
#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
!defined(NO_RSA)
#if !defined(NO_SHA)
- #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ #if defined(WOLFSSL_AES_128) && defined(HAVE_AES_CBC)
+ #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ #endif
+ #if defined(WOLFSSL_AES_256) && defined(HAVE_AES_CBC)
+ #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ #endif
+ #if !defined(NO_DES3)
+ #define BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ #endif
#endif
- #if !defined(NO_SHA256)
- #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ #if !defined(NO_SHA256) && defined(HAVE_AES_CBC)
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ #endif
#endif
#endif
#if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \
- !defined(NO_AES) && !defined(NO_SHA)
- #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
+ !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128)
+ #ifdef HAVE_AES_CBC
+ #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
+ #endif
+
+ #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM)
+ #define BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384
+ #endif
#endif
#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
#ifndef NO_SHA256
- #define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ #if !defined(NO_AES) && defined(WOLFSSL_AES_128) && \
+ defined(HAVE_AES_CBC)
+ #define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ #endif
#ifdef HAVE_NULL_CIPHER
#define BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
#endif
#endif
#ifdef WOLFSSL_SHA384
- #define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ #if !defined(NO_AES) && defined(WOLFSSL_AES_256) && \
+ defined(HAVE_AES_CBC)
+ #define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ #endif
#ifdef HAVE_NULL_CIPHER
#define BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
#endif
#endif
#endif
- #if defined(HAVE_ECC) && !defined(NO_TLS)
+ #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \
+ defined(HAVE_CURVE448)) && !defined(NO_TLS)
#if !defined(NO_AES)
- #if !defined(NO_SHA)
+ #if !defined(NO_SHA) && defined(HAVE_AES_CBC)
#if !defined(NO_RSA)
- #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ #endif
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ #endif
+ #endif
#endif
- #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ #endif
+ #endif
- #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ #endif
+ #endif
#endif /* NO_SHA */
- #ifndef NO_SHA256
+ #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \
+ defined(HAVE_AES_CBC)
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ #endif
+ #endif
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ #endif
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
#endif
- #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
#endif
- #ifdef WOLFSSL_SHA384
+ #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \
+ defined(HAVE_AES_CBC)
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ #endif
+ #endif
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ #endif
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
#endif
- #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
#endif
#if defined (HAVE_AESGCM)
#if !defined(NO_RSA)
- #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ #endif
+ #endif
#if defined(WOLFSSL_SHA384)
- #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ #endif
+ #endif
#endif
#endif
- #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ #if defined(WOLFSSL_STATIC_DH) && defined(WOLFSSL_AES_128) && \
+ defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ #endif
#if defined(WOLFSSL_SHA384)
- #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ #if defined(WOLFSSL_STATIC_DH) && \
+ defined(WOLFSSL_AES_256) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ #endif
#endif
#endif
#endif /* NO_AES */
#if !defined(NO_RC4)
#if !defined(NO_SHA)
#if !defined(NO_RSA)
- #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
- #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ #ifndef WOLFSSL_AEAD_ONLY
+ #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ #endif
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ #endif
#endif
- #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #ifndef WOLFSSL_AEAD_ONLY
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ #endif
+ #endif
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ #endif
#endif
#endif
#if !defined(NO_DES3)
#ifndef NO_SHA
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ #endif
#endif
- #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- #define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ #endif
+ #if defined(WOLFSSL_STATIC_DH) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ #endif
#endif /* NO_SHA */
#endif
+ #if defined(HAVE_NULL_CIPHER)
+ #if !defined(NO_SHA)
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_NULL_SHA
+ #endif
+ #endif
+ #if !defined(NO_PSK) && !defined(NO_SHA256)
+ #define BUILD_TLS_ECDHE_PSK_WITH_NULL_SHA256
+ #endif
+ #endif
+ #if !defined(NO_PSK) && !defined(NO_SHA256) && !defined(NO_AES) && \
+ defined(WOLFSSL_AES_128) && defined(HAVE_AES_CBC)
+ #define BUILD_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ #endif
+ #endif
+ #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_SHA256)
+ #if !defined(NO_OLD_POLY1305)
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256
+ #endif
+ #if !defined(NO_RSA) && defined(HAVE_ECC)
+ #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256
+ #endif
+ #if !defined(NO_DH) && !defined(NO_RSA)
+ #define BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256
+ #endif
+ #endif /* NO_OLD_POLY1305 */
+ #if !defined(NO_PSK)
+ #define BUILD_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256
+ #if defined(HAVE_ECC) || defined(HAVE_ED25519) || \
+ defined(HAVE_ED448)
+ #define BUILD_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
+ #endif
+ #ifndef NO_DH
+ #define BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256
+ #endif
+ #endif /* !NO_PSK */
#endif
#endif /* !WOLFSSL_MAX_STRENGTH */
@@ -452,54 +715,81 @@ typedef byte word24[3];
#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
!defined(NO_RSA) && defined(HAVE_AESGCM)
- #ifndef NO_SHA256
+ #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
#endif
- #ifdef WOLFSSL_SHA384
+ #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
#define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
#ifndef NO_SHA256
- #ifdef HAVE_AESGCM
+ #if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
#endif
#ifdef HAVE_AESCCM
- #define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
- #define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
+ #endif
#endif
#endif
- #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM)
+ #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM) && \
+ defined(WOLFSSL_AES_256)
#define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
#endif
#endif
-#if defined(HAVE_ECC) && !defined(NO_TLS) && !defined(NO_AES)
+#if (defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) \
+ && !defined(NO_TLS) && !defined(NO_AES)
#ifdef HAVE_AESGCM
- #ifndef NO_SHA256
- #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ #endif
#ifndef NO_RSA
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
#endif
#endif
- #ifdef WOLFSSL_SHA384
- #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ #endif
#ifndef NO_RSA
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#endif
#if defined(HAVE_AESCCM) && !defined(NO_SHA256)
- #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
- #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #ifdef WOLFSSL_AES_128
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
+ #endif
+ #ifdef WOLFSSL_AES_256
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
+ #endif
+ #endif
#endif
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_SHA256)
- #ifdef HAVE_ECC
- #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+ #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
+ #if defined(HAVE_ECC) || \
+ (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
+ (defined(HAVE_CURVE448) && defined(HAVE_ED448))
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+ #endif
#ifndef NO_RSA
#define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
#endif
@@ -509,6 +799,45 @@ typedef byte word24[3];
#endif
#endif
+#endif
+
+#if defined(WOLFSSL_TLS13)
+ #ifdef HAVE_AESGCM
+ #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
+ #define BUILD_TLS_AES_128_GCM_SHA256
+ #endif
+ #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
+ #define BUILD_TLS_AES_256_GCM_SHA384
+ #endif
+ #endif
+
+ #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+ #ifndef NO_SHA256
+ #define BUILD_TLS_CHACHA20_POLY1305_SHA256
+ #endif
+ #endif
+
+ #ifdef HAVE_AESCCM
+ #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
+ #define BUILD_TLS_AES_128_CCM_SHA256
+ #define BUILD_TLS_AES_128_CCM_8_SHA256
+ #endif
+ #endif
+ #ifdef HAVE_NULL_CIPHER
+ #ifndef NO_SHA256
+ #define BUILD_TLS_SHA256_SHA256
+ #endif
+ #ifdef WOLFSSL_SHA384
+ #define BUILD_TLS_SHA384_SHA384
+ #endif
+ #endif
+#endif
+
+#ifdef WOLFSSL_MULTICAST
+ #if defined(HAVE_NULL_CIPHER) && !defined(NO_SHA256)
+ #define BUILD_WDM_WITH_NULL_SHA256
+ #endif
+#endif
#if defined(BUILD_SSL_RSA_WITH_RC4_128_SHA) || \
defined(BUILD_SSL_RSA_WITH_RC4_128_MD5)
@@ -521,7 +850,8 @@ typedef byte word24[3];
#if defined(BUILD_TLS_RSA_WITH_AES_128_CBC_SHA) || \
defined(BUILD_TLS_RSA_WITH_AES_256_CBC_SHA) || \
- defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
+ defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256) || \
+ defined(BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256)
#undef BUILD_AES
#define BUILD_AES
#endif
@@ -529,13 +859,39 @@ typedef byte word24[3];
#if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) || \
defined(BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) || \
defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) || \
- defined(BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256)
+ defined(BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256) || \
+ defined(BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256) || \
+ defined(BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384) || \
+ defined(BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) || \
+ defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) || \
+ defined(BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384) || \
+ defined(BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384) || \
+ defined(BUILD_TLS_AES_128_GCM_SHA256) || \
+ defined(BUILD_TLS_AES_256_GCM_SHA384)
#define BUILD_AESGCM
+#else
+ /* No AES-GCM cipher suites available with build */
+ #define NO_AESGCM_AEAD
+#endif
+
+#if defined(BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) || \
+ defined(BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256) || \
+ defined(BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256) || \
+ defined(BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256) || \
+ defined(BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256) || \
+ defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) || \
+ defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256) || \
+ defined(BUILD_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256) || \
+ defined(BUILD_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256) || \
+ defined(BUILD_TLS_CHACHA20_POLY1305_SHA256)
+ /* Have an available ChaCha Poly cipher suite */
+#else
+ /* No ChaCha Poly cipher suites available with build */
+ #define NO_CHAPOL_AEAD
#endif
#if defined(BUILD_TLS_RSA_WITH_HC_128_SHA) || \
- defined(BUILD_TLS_RSA_WITH_HC_128_MD5) || \
- defined(BUILD_TLS_RSA_WITH_HC_128_B2B256)
+ defined(BUILD_TLS_RSA_WITH_HC_128_MD5)
#define BUILD_HC128
#endif
@@ -550,8 +906,9 @@ typedef byte word24[3];
#define BUILD_DES3
#endif
-#ifdef NO_AES
+#if defined(NO_AES) || defined(NO_AES_DECRYPT)
#define AES_BLOCK_SIZE 16
+ #undef BUILD_AES
#else
#undef BUILD_AES
#define BUILD_AES
@@ -567,8 +924,11 @@ typedef byte word24[3];
#endif
#if defined(WOLFSSL_MAX_STRENGTH) || \
- defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
- (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
+ (defined(HAVE_AESGCM) && !defined(NO_AESGCM_AEAD)) || \
+ defined(HAVE_AESCCM) || \
+ (defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
+ !defined(NO_CHAPOL_AEAD)) || \
+ (defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER))
#define HAVE_AEAD
#endif
@@ -579,14 +939,19 @@ typedef byte word24[3];
#define HAVE_PFS
#endif
+#if defined(BUILD_SSL_RSA_WITH_IDEA_CBC_SHA)
+ #define BUILD_IDEA
+#endif
/* actual cipher values, 2nd byte */
enum {
+ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x16,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x39,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x33,
TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x34,
TLS_RSA_WITH_AES_256_CBC_SHA = 0x35,
TLS_RSA_WITH_AES_128_CBC_SHA = 0x2F,
+ TLS_RSA_WITH_NULL_MD5 = 0x01,
TLS_RSA_WITH_NULL_SHA = 0x02,
TLS_PSK_WITH_AES_256_CBC_SHA = 0x8d,
TLS_PSK_WITH_AES_128_CBC_SHA256 = 0xae,
@@ -598,6 +963,7 @@ enum {
SSL_RSA_WITH_RC4_128_SHA = 0x05,
SSL_RSA_WITH_RC4_128_MD5 = 0x04,
SSL_RSA_WITH_3DES_EDE_CBC_SHA = 0x0A,
+ SSL_RSA_WITH_IDEA_CBC_SHA = 0x07,
/* ECC suites, first byte is 0xC0 (ECC_BYTE) */
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0x14,
@@ -612,6 +978,9 @@ enum {
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0x23,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0x28,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0x24,
+ TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0x06,
+ TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0x3a,
+ TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0x37,
/* static ECDH, first byte is 0xC0 (ECC_BYTE) */
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0x0F,
@@ -631,11 +1000,7 @@ enum {
TLS_RSA_WITH_HC_128_MD5 = 0xFB,
TLS_RSA_WITH_HC_128_SHA = 0xFC,
TLS_RSA_WITH_RABBIT_SHA = 0xFD,
-
- /* wolfSSL extension - Blake2b 256 */
- TLS_RSA_WITH_AES_128_CBC_B2B256 = 0xF8,
- TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9,
- TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */
+ WDM_WITH_NULL_SHA256 = 0xFE, /* wolfSSL DTLS Multicast */
/* wolfSSL extension - NTRU */
TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5,
@@ -643,6 +1008,10 @@ enum {
TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0xe7, /* clashes w/official SHA-256 */
TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0xe8,
+ /* wolfSSL extension - NTRU , Quantum-safe Handshake
+ first byte is 0xD0 (QSH_BYTE) */
+ TLS_QSH = 0x01,
+
/* SHA256 */
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x6b,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x67,
@@ -661,6 +1030,7 @@ enum {
TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x9d,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x9e,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f,
+ TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0xa7,
TLS_PSK_WITH_AES_128_GCM_SHA256 = 0xa8,
TLS_PSK_WITH_AES_256_GCM_SHA384 = 0xa9,
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0xaa,
@@ -682,6 +1052,7 @@ enum {
* with non-ECC AES-GCM */
TLS_RSA_WITH_AES_128_CCM_8 = 0xa0,
TLS_RSA_WITH_AES_256_CCM_8 = 0xa1,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xac,
TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xae,
TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xaf,
TLS_PSK_WITH_AES_128_CCM = 0xa4,
@@ -701,10 +1072,32 @@ enum {
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4,
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x13,
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0x14,
- TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x15,
-
+ /* chacha20-poly1305 suites first byte is 0xCC (CHACHA_BYTE) */
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xa8,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xa9,
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xaa,
+ TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xac,
+ TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xab,
+ TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xad,
+
+ /* chacha20-poly1305 earlier version of nonce and padding (CHACHA_BYTE) */
+ TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 = 0x13,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256 = 0x14,
+ TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 = 0x15,
+
+ /* TLS v1.3 cipher suites */
+ TLS_AES_128_GCM_SHA256 = 0x01,
+ TLS_AES_256_GCM_SHA384 = 0x02,
+ TLS_CHACHA20_POLY1305_SHA256 = 0x03,
+ TLS_AES_128_CCM_SHA256 = 0x04,
+ TLS_AES_128_CCM_8_SHA256 = 0x05,
+
+ /* TLS v1.3 Integity only cipher suites - 0xC0 (ECC) first byte */
+ TLS_SHA256_SHA256 = 0xB4,
+ TLS_SHA384_SHA384 = 0xB5,
+
+ /* Fallback SCSV (Signaling Cipher Suite Value) */
+ TLS_FALLBACK_SCSV = 0x56,
/* Renegotiation Indication Extension Special Suite */
TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff
};
@@ -716,9 +1109,79 @@ enum {
#endif
+#ifndef WOLFSSL_DTLS_WINDOW_WORDS
+ #define WOLFSSL_DTLS_WINDOW_WORDS 2
+#endif /* WOLFSSL_DTLS_WINDOW_WORDS */
+#define DTLS_WORD_BITS (sizeof(word32) * CHAR_BIT)
+#define DTLS_SEQ_BITS (WOLFSSL_DTLS_WINDOW_WORDS * DTLS_WORD_BITS)
+#define DTLS_SEQ_SZ (sizeof(word32) * WOLFSSL_DTLS_WINDOW_WORDS)
+
+#ifndef WOLFSSL_MULTICAST
+ #define WOLFSSL_DTLS_PEERSEQ_SZ 1
+#else
+ #ifndef WOLFSSL_MULTICAST_PEERS
+ /* max allowed multicast group peers */
+ #define WOLFSSL_MULTICAST_PEERS 100
+ #endif
+ #define WOLFSSL_DTLS_PEERSEQ_SZ WOLFSSL_MULTICAST_PEERS
+#endif /* WOLFSSL_MULTICAST */
+
+#ifndef WOLFSSL_MAX_MTU
+ #define WOLFSSL_MAX_MTU 1500
+#endif /* WOLFSSL_MAX_MTU */
+
+
+/* set minimum DH key size allowed */
+#ifndef WOLFSSL_MIN_DHKEY_BITS
+ #ifdef WOLFSSL_MAX_STRENGTH
+ #define WOLFSSL_MIN_DHKEY_BITS 2048
+ #else
+ #define WOLFSSL_MIN_DHKEY_BITS 1024
+ #endif
+#endif
+#if (WOLFSSL_MIN_DHKEY_BITS % 8)
+ #error DH minimum bit size must be multiple of 8
+#endif
+#if (WOLFSSL_MIN_DHKEY_BITS > 16000)
+ #error DH minimum bit size must not be greater than 16000
+#endif
+#define MIN_DHKEY_SZ (WOLFSSL_MIN_DHKEY_BITS / 8)
+/* set maximum DH key size allowed */
+#ifndef WOLFSSL_MAX_DHKEY_BITS
+ #if (defined(USE_FAST_MATH) && defined(FP_MAX_BITS) && FP_MAX_BITS >= 16384)
+ #define WOLFSSL_MAX_DHKEY_BITS 8192
+ #else
+ #define WOLFSSL_MAX_DHKEY_BITS 4096
+ #endif
+#endif
+#if (WOLFSSL_MAX_DHKEY_BITS % 8)
+ #error DH maximum bit size must be multiple of 8
+#endif
+#if (WOLFSSL_MAX_DHKEY_BITS > 16000)
+ #error DH maximum bit size must not be greater than 16000
+#endif
+#define MAX_DHKEY_SZ (WOLFSSL_MAX_DHKEY_BITS / 8)
+
+#ifndef MAX_PSK_ID_LEN
+ /* max psk identity/hint supported */
+ #if defined(WOLFSSL_TLS13)
+ #define MAX_PSK_ID_LEN 256
+ #else
+ #define MAX_PSK_ID_LEN 128
+ #endif
+#endif
+
+#ifndef MAX_EARLY_DATA_SZ
+ /* maximum early data size */
+ #define MAX_EARLY_DATA_SZ 4096
+#endif
+
enum Misc {
- ECC_BYTE = 0xC0, /* ECC first cipher suite byte */
+ CIPHER_BYTE = 0x00, /* Default ciphers */
+ ECC_BYTE = 0xC0, /* ECC first cipher suite byte */
+ QSH_BYTE = 0xD0, /* Quantum-safe Handshake cipher suite */
CHACHA_BYTE = 0xCC, /* ChaCha first cipher suite */
+ TLS13_BYTE = 0x13, /* TLS v1.3 first byte of cipher suite */
SEND_CERT = 1,
SEND_BLANK_CERT = 2,
@@ -731,49 +1194,90 @@ enum Misc {
TLSv1_MINOR = 1, /* TLSv1 minor version number */
TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */
TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */
+ TLSv1_3_MINOR = 4, /* TLSv1_3 minor version number */
+ TLS_DRAFT_MAJOR = 0x7f, /* Draft TLS major version number */
+#ifdef WOLFSSL_TLS13_DRAFT
+#ifdef WOLFSSL_TLS13_DRAFT_18
+ TLS_DRAFT_MINOR = 0x12, /* Minor version number of TLS draft */
+#elif defined(WOLFSSL_TLS13_DRAFT_22)
+ TLS_DRAFT_MINOR = 0x16, /* Minor version number of TLS draft */
+#elif defined(WOLFSSL_TLS13_DRAFT_23)
+ TLS_DRAFT_MINOR = 0x17, /* Minor version number of TLS draft */
+#elif defined(WOLFSSL_TLS13_DRAFT_26)
+ TLS_DRAFT_MINOR = 0x1a, /* Minor version number of TLS draft */
+#else
+ TLS_DRAFT_MINOR = 0x1c, /* Minor version number of TLS draft */
+#endif
+#endif
OLD_HELLO_ID = 0x01, /* SSLv2 Client Hello Indicator */
INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */
NO_COMPRESSION = 0,
ZLIB_COMPRESSION = 221, /* wolfSSL zlib compression */
HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */
- SECRET_LEN = 48, /* pre RSA and all master */
+ HELLO_EXT_EXTMS = 0x0017, /* ID for the extended master secret ext */
+ SECRET_LEN = WOLFSSL_MAX_MASTER_KEY_LENGTH,
+ /* pre RSA and all master */
+#if defined(WOLFSSL_MYSQL_COMPATIBLE) || \
+ (defined(USE_FAST_MATH) && defined(FP_MAX_BITS) && FP_MAX_BITS > 8192)
+#ifndef NO_PSK
+ ENCRYPT_LEN = 1024 + MAX_PSK_ID_LEN + 2, /* 8192 bit static buffer */
+#else
+ ENCRYPT_LEN = 1024, /* allow 8192 bit static buffer */
+#endif
+#else
+#ifndef NO_PSK
+ ENCRYPT_LEN = 512 + MAX_PSK_ID_LEN + 2, /* 4096 bit static buffer */
+#else
ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */
+#endif
+#endif
SIZEOF_SENDER = 4, /* clnt or srvr */
- FINISHED_SZ = 36, /* MD5_DIGEST_SIZE + SHA_DIGEST_SIZE */
+ FINISHED_SZ = 36, /* WC_MD5_DIGEST_SIZE + WC_SHA_DIGEST_SIZE */
MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */
- MAX_MSG_EXTRA = 38 + MAX_DIGEST_SIZE,
+ MAX_PLAINTEXT_SZ = (1 << 14), /* Max plaintext sz */
+ MAX_TLS_CIPHER_SZ = (1 << 14) + 2048, /* Max TLS encrypted data sz */
+#ifdef WOLFSSL_TLS13
+ MAX_TLS13_PLAIN_SZ = (1 << 14) + 1, /* Max unencrypted data sz */
+ MAX_TLS13_ENC_SZ = (1 << 14) + 256, /* Max encrypted data sz */
+#endif
+ MAX_MSG_EXTRA = 38 + WC_MAX_DIGEST_SIZE,
/* max added to msg, mac + pad from */
/* RECORD_HEADER_SZ + BLOCK_SZ (pad) + Max
digest sz + BLOC_SZ (iv) + pad byte (1) */
MAX_COMP_EXTRA = 1024, /* max compression extra */
- MAX_MTU = 1500, /* max expected MTU */
+ MAX_MTU = WOLFSSL_MAX_MTU, /* max expected MTU */
MAX_UDP_SIZE = 8192 - 100, /* was MAX_MTU - 100 */
- MAX_DH_SZ = 1036, /* 4096 p, pub, g + 2 byte size for each */
+ MAX_DH_SZ = (MAX_DHKEY_SZ * 3) + 12, /* DH_P, DH_G and DH_Pub */
+ /* 4096 p, pub, g + 2 byte size for each */
MAX_STR_VERSION = 8, /* string rep of protocol version */
PAD_MD5 = 48, /* pad length for finished */
PAD_SHA = 40, /* pad length for finished */
MAX_PAD_SIZE = 256, /* maximum length of padding */
- COMPRESS_DUMMY_SIZE = 64, /* compression dummy round size */
- COMPRESS_CONSTANT = 13, /* compression calc constant */
- COMPRESS_UPPER = 55, /* compression calc numerator */
- COMPRESS_LOWER = 64, /* compression calc denominator */
- PEM_LINE_LEN = 80, /* PEM line max + fudge */
LENGTH_SZ = 2, /* length field for HMAC, data only */
VERSION_SZ = 2, /* length of proctocol version */
SEQ_SZ = 8, /* 64 bit sequence number */
- BYTE3_LEN = 3, /* up to 24 bit byte lengths */
ALERT_SIZE = 2, /* level + description */
VERIFY_HEADER = 2, /* always use 2 bytes */
+ EXTS_SZ = 2, /* always use 2 bytes */
EXT_ID_SZ = 2, /* always use 2 bytes */
- MAX_DH_SIZE = 513, /* 4096 bit plus possible leading 0 */
+ MAX_DH_SIZE = MAX_DHKEY_SZ+1,
+ /* Max size plus possible leading 0 */
+ NAMED_DH_MASK = 0x100, /* Named group mask for DH parameters */
+ MIN_FFHDE_GROUP = 0x100, /* Named group minimum for FFDHE parameters */
+ MAX_FFHDE_GROUP = 0x1FF, /* Named group maximum for FFDHE parameters */
SESSION_HINT_SZ = 4, /* session timeout hint */
+ SESSION_ADD_SZ = 4, /* session age add */
+ TICKET_NONCE_LEN_SZ = 1, /* Ticket nonce length size */
+ DEF_TICKET_NONCE_SZ = 1, /* Default ticket nonce size */
+ MAX_TICKET_NONCE_SZ = 8, /* maximum ticket nonce size */
+ MAX_LIFETIME = 604800, /* maximum ticket lifetime */
- MAX_SUITE_SZ = 200, /* 100 suites for now! */
RAN_LEN = 32, /* random length */
SEED_LEN = RAN_LEN * 2, /* tls prf seed length */
ID_LEN = 32, /* session id length */
+ COOKIE_SECRET_SZ = 14, /* dtls cookie secret size */
MAX_COOKIE_LEN = 32, /* max dtls cookie size */
COOKIE_SZ = 20, /* use a 20 byte cookie */
SUITE_LEN = 2, /* cipher suite sz length */
@@ -782,21 +1286,22 @@ enum Misc {
OPAQUE16_LEN = 2, /* 2 bytes */
OPAQUE24_LEN = 3, /* 3 bytes */
OPAQUE32_LEN = 4, /* 4 bytes */
+ OPAQUE64_LEN = 8, /* 8 bytes */
COMP_LEN = 1, /* compression length */
CURVE_LEN = 2, /* ecc named curve length */
+ KE_GROUP_LEN = 2, /* key exchange group length */
SERVER_ID_LEN = 20, /* server session id length */
-
+
HANDSHAKE_HEADER_SZ = 4, /* type + length(3) */
RECORD_HEADER_SZ = 5, /* type + version + len(2) */
CERT_HEADER_SZ = 3, /* always 3 bytes */
REQ_HEADER_SZ = 2, /* cert request header sz */
HINT_LEN_SZ = 2, /* length of hint size field */
TRUNCATED_HMAC_SZ = 10, /* length of hmac w/ truncated hmac extension */
+ HELLO_EXT_SZ = 4, /* base length of a hello extension */
HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */
- HELLO_EXT_SZ = 8, /* total length of the lazy hello extensions */
- HELLO_EXT_LEN = 6, /* length of the lazy hello extensions */
- HELLO_EXT_SIGALGO_SZ = 2, /* length of signature algo extension */
- HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */
+ HELLO_EXT_SZ_SZ = 2, /* length of a hello extension size */
+ HELLO_EXT_SIGALGO_SZ = 2, /* length of number of items in sigalgo list */
DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */
DTLS_RECORD_HEADER_SZ = 13, /* normal + epoch(2) + seq_num(6) */
@@ -804,40 +1309,77 @@ enum Misc {
DTLS_RECORD_EXTRA = 8, /* diff from normal */
DTLS_HANDSHAKE_SEQ_SZ = 2, /* handshake header sequence number */
DTLS_HANDSHAKE_FRAG_SZ = 3, /* fragment offset and length are 24 bit */
- DTLS_POOL_SZ = 5, /* buffers to hold in the retry pool */
-
+ DTLS_POOL_SZ = 255,/* allowed number of list items in TX pool */
+ DTLS_EXPORT_PRO = 165,/* wolfSSL protocol for serialized session */
+ DTLS_EXPORT_STATE_PRO = 166,/* wolfSSL protocol for serialized state */
+ DTLS_EXPORT_VERSION = 4, /* wolfSSL version for serialized session */
+ DTLS_EXPORT_OPT_SZ = 60, /* amount of bytes used from Options */
+ DTLS_EXPORT_VERSION_3 = 3, /* wolfSSL version before TLS 1.3 addition */
+ DTLS_EXPORT_OPT_SZ_3 = 59, /* amount of bytes used from Options */
+ DTLS_EXPORT_KEY_SZ = 325 + (DTLS_SEQ_SZ * 2),
+ /* max amount of bytes used from Keys */
+ DTLS_EXPORT_MIN_KEY_SZ = 85 + (DTLS_SEQ_SZ * 2),
+ /* min amount of bytes used from Keys */
+ DTLS_EXPORT_SPC_SZ = 16, /* amount of bytes used from CipherSpecs */
+ DTLS_EXPORT_LEN = 2, /* 2 bytes for length and protocol */
+ DTLS_EXPORT_IP = 46, /* max ip size IPv4 mapped IPv6 */
+ MAX_EXPORT_BUFFER = 514, /* max size of buffer for exporting */
+ MAX_EXPORT_STATE_BUFFER = (DTLS_EXPORT_MIN_KEY_SZ) + (3 * DTLS_EXPORT_LEN),
+ /* max size of buffer for exporting state */
FINISHED_LABEL_SZ = 15, /* TLS finished label size */
TLS_FINISHED_SZ = 12, /* TLS has a shorter size */
+ EXT_MASTER_LABEL_SZ = 22, /* TLS extended master secret label sz */
MASTER_LABEL_SZ = 13, /* TLS master secret label sz */
KEY_LABEL_SZ = 13, /* TLS key block expansion sz */
- MAX_PRF_HALF = 256, /* Maximum half secret len */
- MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
- MAX_PRF_DIG = 224, /* Maximum digest len */
+ PROTOCOL_LABEL_SZ = 9, /* Length of the protocol label */
+ MAX_LABEL_SZ = 34, /* Maximum length of a label */
+ MAX_HKDF_LABEL_SZ = OPAQUE16_LEN +
+ OPAQUE8_LEN + PROTOCOL_LABEL_SZ + MAX_LABEL_SZ +
+ OPAQUE8_LEN + WC_MAX_DIGEST_SIZE,
MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */
- SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */
-
- RC4_KEY_SIZE = 16, /* always 128bit */
- DES_KEY_SIZE = 8, /* des */
- DES3_KEY_SIZE = 24, /* 3 des ede */
- DES_IV_SIZE = DES_BLOCK_SIZE,
- AES_256_KEY_SIZE = 32, /* for 256 bit */
- AES_192_KEY_SIZE = 24, /* for 192 bit */
- AES_IV_SIZE = 16, /* always block size */
- AES_128_KEY_SIZE = 16, /* for 128 bit */
-
- AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */
- AEAD_TYPE_OFFSET = 8, /* Auth Data: Type */
- AEAD_VMAJ_OFFSET = 9, /* Auth Data: Major Version */
- AEAD_VMIN_OFFSET = 10, /* Auth Data: Minor Version */
- AEAD_LEN_OFFSET = 11, /* Auth Data: Length */
- AEAD_AUTH_DATA_SZ = 13, /* Size of the data to authenticate */
- AEAD_IMP_IV_SZ = 4, /* Size of the implicit IV */
- AEAD_EXP_IV_SZ = 8, /* Size of the explicit IV */
- AEAD_NONCE_SZ = AEAD_EXP_IV_SZ + AEAD_IMP_IV_SZ,
+ SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */
+ TLS_MAX_PAD_SZ = 255, /* Max padding in TLS */
+
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+ MAX_SYM_KEY_SIZE = AES_256_KEY_SIZE,
+#else
+ MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
+#endif
+
+#ifdef HAVE_SELFTEST
+ #ifndef WOLFSSL_AES_KEY_SIZE_ENUM
+ #define WOLFSSL_AES_KEY_SIZE_ENUM
+ AES_IV_SIZE = 16,
+ AES_128_KEY_SIZE = 16,
+ AES_192_KEY_SIZE = 24,
+ AES_256_KEY_SIZE = 32,
+ #endif
+#endif
+
+ MAX_IV_SZ = AES_BLOCK_SIZE,
+
+ AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */
+ AEAD_TYPE_OFFSET = 8, /* Auth Data: Type */
+ AEAD_VMAJ_OFFSET = 9, /* Auth Data: Major Version */
+ AEAD_VMIN_OFFSET = 10, /* Auth Data: Minor Version */
+ AEAD_LEN_OFFSET = 11, /* Auth Data: Length */
+ AEAD_AUTH_DATA_SZ = 13, /* Size of the data to authenticate */
+ AEAD_NONCE_SZ = 12,
+ AESGCM_IMP_IV_SZ = 4, /* Size of GCM/CCM AEAD implicit IV */
+ AESGCM_EXP_IV_SZ = 8, /* Size of GCM/CCM AEAD explicit IV */
+ AESGCM_NONCE_SZ = AESGCM_EXP_IV_SZ + AESGCM_IMP_IV_SZ,
+
+ CHACHA20_IMP_IV_SZ = 12, /* Size of ChaCha20 AEAD implicit IV */
+ CHACHA20_NONCE_SZ = 12, /* Size of ChacCha20 nonce */
+ CHACHA20_OLD_OFFSET = 4, /* Offset for seq # in old poly1305 */
+
+ /* For any new implicit/explicit IV size adjust AEAD_MAX_***_SZ */
AES_GCM_AUTH_SZ = 16, /* AES-GCM Auth Tag length */
AES_CCM_16_AUTH_SZ = 16, /* AES-CCM-16 Auth Tag length */
AES_CCM_8_AUTH_SZ = 8, /* AES-CCM-8 Auth Tag Length */
+ AESCCM_NONCE_SZ = 12,
CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */
CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */
@@ -846,10 +1388,12 @@ enum Misc {
CHACHA20_256_KEY_SIZE = 32, /* for 256 bit */
CHACHA20_128_KEY_SIZE = 16, /* for 128 bit */
- CHACHA20_IV_SIZE = 8, /* 64 bits for iv */
+ CHACHA20_IV_SIZE = 12, /* 96 bits for iv */
POLY1305_AUTH_SZ = 16, /* 128 bits */
+ HMAC_NONCE_SZ = 12, /* Size of HMAC nonce */
+
HC_128_KEY_SIZE = 16, /* 128 bits */
HC_128_IV_SIZE = 16, /* also 128 bits */
@@ -858,11 +1402,32 @@ enum Misc {
EVP_SALT_SIZE = 8, /* evp salt size 64 bits */
+#ifndef ECDHE_SIZE /* allow this to be overridden at compile-time */
ECDHE_SIZE = 32, /* ECHDE server size defaults to 256 bit */
+#endif
MAX_EXPORT_ECC_SZ = 256, /* Export ANS X9.62 max future size */
+ MAX_CURVE_NAME_SZ = 16, /* Maximum size of curve name string */
+
+ NEW_SA_MAJOR = 8, /* Most significant byte used with new sig algos */
+ ED25519_SA_MAJOR = 8, /* Most significant byte for ED25519 */
+ ED25519_SA_MINOR = 7, /* Least significant byte for ED25519 */
+ ED448_SA_MAJOR = 8, /* Most significant byte for ED448 */
+ ED448_SA_MINOR = 8, /* Least significant byte for ED448 */
+
+ MIN_RSA_SHA512_PSS_BITS = 512 * 2 + 8 * 8, /* Min key size */
+ MIN_RSA_SHA384_PSS_BITS = 384 * 2 + 8 * 8, /* Min key size */
- MAX_HELLO_SZ = 128, /* max client or server hello */
- MAX_CERT_VERIFY_SZ = 1024, /* max */
+#ifndef NO_RSA
+ MAX_CERT_VERIFY_SZ = 4096 / 8, /* max RSA - default 4096-bits */
+#elif defined(HAVE_ECC)
+ MAX_CERT_VERIFY_SZ = ECC_MAX_SIG_SIZE, /* max ECC */
+#elif defined(HAVE_ED448)
+ MAX_CERT_VERIFY_SZ = ED448_SIG_SIZE, /* max Ed448 */
+#elif defined(HAVE_ED25519)
+ MAX_CERT_VERIFY_SZ = ED25519_SIG_SIZE, /* max Ed25519 */
+#else
+ MAX_CERT_VERIFY_SZ = 1024, /* max default */
+#endif
CLIENT_HELLO_FIRST = 35, /* Protocol + RAN_LEN + sizeof(id_len) */
MAX_SUITE_NAME = 48, /* maximum length of cipher suite string */
@@ -870,20 +1435,18 @@ enum Misc {
DTLS_TIMEOUT_MAX = 64, /* default max timeout for DTLS receive */
DTLS_TIMEOUT_MULTIPLIER = 2, /* default timeout multiplier for DTLS recv */
- MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */
+ NULL_TERM_LEN = 1, /* length of null '\0' termination character */
MAX_PSK_KEY_LEN = 64, /* max psk key supported */
+ MIN_PSK_ID_LEN = 6, /* min length of identities */
+ MIN_PSK_BINDERS_LEN= 33, /* min length of binders */
+ MAX_TICKET_AGE_SECS= 10, /* maximum ticket age in seconds */
- MAX_WOLFSSL_FILE_SIZE = 1024 * 1024 * 4, /* 4 mb file size alloc limit */
-
-#ifdef FORTRESS
- MAX_EX_DATA = 3, /* allow for three items of ex_data */
+#ifndef MAX_WOLFSSL_FILE_SIZE
+ MAX_WOLFSSL_FILE_SIZE = 1024ul * 1024ul * 4, /* 4 mb file size alloc limit */
#endif
MAX_X509_SIZE = 2048, /* max static x509 buffer size */
CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */
- MAX_FILENAME_SZ = 256, /* max file name length */
- FILE_BUFFER_SIZE = 1024, /* default static file buffer size for input,
- will use dynamic buffer if not big enough */
MAX_NTRU_PUB_KEY_SZ = 1027, /* NTRU max for now */
MAX_NTRU_ENCRYPT_SZ = 1027, /* NTRU max for now */
@@ -893,29 +1456,78 @@ enum Misc {
HASH_SIG_SIZE = 2, /* default SHA1 RSA */
- NO_CAVIUM_DEVICE = -2, /* invalid cavium device id */
-
NO_COPY = 0, /* should we copy static buffer for write */
- COPY = 1 /* should we copy static buffer for write */
-};
+ COPY = 1, /* should we copy static buffer for write */
+ INVALID_PEER_ID = 0xFFFF, /* Initialize value for peer ID. */
-#ifndef WOLFSSL_MIN_DHKEY_BITS
- #ifdef WOLFSSL_MAX_STRENGTH
- #define WOLFSSL_MIN_DHKEY_BITS 2048
+ PREV_ORDER = -1, /* Sequence number is in previous epoch. */
+ PEER_ORDER = 1, /* Peer sequence number for verify. */
+ CUR_ORDER = 0, /* Current sequence number. */
+ WRITE_PROTO = 1, /* writing a protocol message */
+ READ_PROTO = 0 /* reading a protocol message */
+};
+
+/* minimum Downgrade Minor version */
+#ifndef WOLFSSL_MIN_DOWNGRADE
+ #ifndef NO_OLD_TLS
+ #define WOLFSSL_MIN_DOWNGRADE TLSv1_MINOR
#else
- #define WOLFSSL_MIN_DHKEY_BITS 1024
+ #define WOLFSSL_MIN_DOWNGRADE TLSv1_2_MINOR
#endif
#endif
-#if (WOLFSSL_MIN_DHKEY_BITS % 8)
- #error DH minimum bit size must be multiple of 8
+
+/* Set max implicit IV size for AEAD cipher suites */
+#define AEAD_MAX_IMP_SZ 12
+
+/* Set max explicit IV size for AEAD cipher suites */
+#define AEAD_MAX_EXP_SZ 8
+
+
+#ifndef WOLFSSL_MAX_SUITE_SZ
+ #define WOLFSSL_MAX_SUITE_SZ 300
+ /* 150 suites for now! */
#endif
-#if (WOLFSSL_MIN_DHKEY_BITS > 16000)
- #error DH minimum bit size must not be greater than 16000
+
+/* number of items in the signature algo list */
+#ifndef WOLFSSL_MAX_SIGALGO
+ #define WOLFSSL_MAX_SIGALGO 32
#endif
-#define MIN_DHKEY_SZ (WOLFSSL_MIN_DHKEY_BITS / 8)
+/* set minimum ECC key size allowed */
+#ifndef WOLFSSL_MIN_ECC_BITS
+ #ifdef WOLFSSL_MAX_STRENGTH
+ #define WOLFSSL_MIN_ECC_BITS 256
+ #else
+ #define WOLFSSL_MIN_ECC_BITS 224
+ #endif
+#endif /* WOLFSSL_MIN_ECC_BITS */
+#if (WOLFSSL_MIN_ECC_BITS % 8)
+ /* Some ECC keys are not divisible by 8 such as prime239v1 or sect131r1.
+ In these cases round down to the nearest value divisible by 8. The
+ restriction of being divisible by 8 is in place to match wc_ecc_size
+ function from wolfSSL.
+ */
+ #error ECC minimum bit size must be a multiple of 8
+#endif
+#define MIN_ECCKEY_SZ (WOLFSSL_MIN_ECC_BITS / 8)
+
+/* set minimum RSA key size allowed */
+#ifndef WOLFSSL_MIN_RSA_BITS
+ #ifdef WOLFSSL_MAX_STRENGTH
+ #define WOLFSSL_MIN_RSA_BITS 2048
+ #else
+ #define WOLFSSL_MIN_RSA_BITS 1024
+ #endif
+#endif /* WOLFSSL_MIN_RSA_BITS */
+#if (WOLFSSL_MIN_RSA_BITS % 8)
+ /* This is to account for the example case of a min size of 2050 bits but
+ still allows 2049 bit key. So we need the measurement to be in bytes. */
+ #error RSA minimum bit size must be a multiple of 8
+#endif
+#define MIN_RSAKEY_SZ (WOLFSSL_MIN_RSA_BITS / 8)
+
#ifdef SESSION_INDEX
/* Shift values for making a session index */
#define SESSIDX_ROW_SHIFT 4
@@ -928,6 +1540,19 @@ enum Misc {
#define MAX_CHAIN_DEPTH 9
#endif
+/* max size of a certificate message payload */
+/* assumes MAX_CHAIN_DEPTH number of certificates at 2kb per certificate */
+#ifndef MAX_CERTIFICATE_SZ
+ #define MAX_CERTIFICATE_SZ \
+ CERT_HEADER_SZ + \
+ (MAX_X509_SIZE + CERT_HEADER_SZ) * MAX_CHAIN_DEPTH
+#endif
+
+/* max size of a handshake message, currently set to the certificate */
+#ifndef MAX_HANDSHAKE_SZ
+ #define MAX_HANDSHAKE_SZ MAX_CERTIFICATE_SZ
+#endif
+
#ifndef SESSION_TICKET_LEN
#define SESSION_TICKET_LEN 256
#endif
@@ -950,26 +1575,24 @@ enum states {
NULL_STATE = 0,
SERVER_HELLOVERIFYREQUEST_COMPLETE,
+ SERVER_HELLO_RETRY_REQUEST_COMPLETE,
SERVER_HELLO_COMPLETE,
+ SERVER_ENCRYPTED_EXTENSIONS_COMPLETE,
SERVER_CERT_COMPLETE,
SERVER_KEYEXCHANGE_COMPLETE,
SERVER_HELLODONE_COMPLETE,
+ SERVER_CHANGECIPHERSPEC_COMPLETE,
SERVER_FINISHED_COMPLETE,
+ CLIENT_HELLO_RETRY,
CLIENT_HELLO_COMPLETE,
CLIENT_KEYEXCHANGE_COMPLETE,
+ CLIENT_CHANGECIPHERSPEC_COMPLETE,
CLIENT_FINISHED_COMPLETE,
HANDSHAKE_DONE
};
-
-#if defined(__GNUC__)
- #define WOLFSSL_PACK __attribute__ ((packed))
-#else
- #define WOLFSSL_PACK
-#endif
-
/* SSL Version */
typedef struct ProtocolVersion {
byte major;
@@ -981,39 +1604,24 @@ WOLFSSL_LOCAL ProtocolVersion MakeSSLv3(void);
WOLFSSL_LOCAL ProtocolVersion MakeTLSv1(void);
WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_1(void);
WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_2(void);
+WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_3(void);
#ifdef WOLFSSL_DTLS
WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1(void);
WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1_2(void);
-#endif
-
-
-enum BIO_TYPE {
- BIO_BUFFER = 1,
- BIO_SOCKET = 2,
- BIO_SSL = 3,
- BIO_MEMORY = 4
-};
-
-/* wolfSSL BIO_METHOD type */
-struct WOLFSSL_BIO_METHOD {
- byte type; /* method type */
-};
-
-
-/* wolfSSL BIO type */
-struct WOLFSSL_BIO {
- byte type; /* method type */
- byte close; /* close flag */
- byte eof; /* eof flag */
- WOLFSSL* ssl; /* possible associated ssl */
- byte* mem; /* memory buffer */
- int memLen; /* memory buffer length */
- int fd; /* possible file descriptor */
- WOLFSSL_BIO* prev; /* previous in chain */
- WOLFSSL_BIO* next; /* next in chain */
-};
+ #ifdef WOLFSSL_SESSION_EXPORT
+ WOLFSSL_LOCAL int wolfSSL_dtls_import_internal(WOLFSSL* ssl, byte* buf,
+ word32 sz);
+ WOLFSSL_LOCAL int wolfSSL_dtls_export_internal(WOLFSSL* ssl, byte* buf,
+ word32 sz);
+ WOLFSSL_LOCAL int wolfSSL_dtls_export_state_internal(WOLFSSL* ssl,
+ byte* buf, word32 sz);
+ WOLFSSL_LOCAL int wolfSSL_dtls_import_state_internal(WOLFSSL* ssl,
+ byte* buf, word32 sz);
+ WOLFSSL_LOCAL int wolfSSL_send_session(WOLFSSL* ssl);
+ #endif
+#endif
/* wolfSSL method type */
@@ -1023,21 +1631,79 @@ struct WOLFSSL_METHOD {
byte downgrade; /* whether to downgrade version, default no */
};
+/* wolfSSL buffer type - internal uses "buffer" type */
+typedef WOLFSSL_BUFFER_INFO buffer;
+
+typedef struct Suites Suites;
+
-/* defautls to client */
+/* defaults to client */
WOLFSSL_LOCAL void InitSSL_Method(WOLFSSL_METHOD*, ProtocolVersion);
+WOLFSSL_LOCAL int InitSSL_Suites(WOLFSSL* ssl);
+WOLFSSL_LOCAL int InitSSL_Side(WOLFSSL* ssl, word16 side);
+
/* for sniffer */
WOLFSSL_LOCAL int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 size, word32 totalSz, int sniff);
WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx);
-
-
-/* wolfSSL buffer type */
-typedef struct buffer {
- byte* buffer;
- word32 length;
-} buffer;
+/* TLS v1.3 needs these */
+WOLFSSL_LOCAL int HandleTlsResumption(WOLFSSL* ssl, int bogusID,
+ Suites* clSuites);
+#ifdef WOLFSSL_TLS13
+WOLFSSL_LOCAL int FindSuite(Suites* suites, byte first, byte second);
+#endif
+WOLFSSL_LOCAL int DoClientHello(WOLFSSL* ssl, const byte* input, word32*,
+ word32);
+#ifdef WOLFSSL_TLS13
+WOLFSSL_LOCAL int DoTls13ClientHello(WOLFSSL* ssl, const byte* input,
+ word32* inOutIdx, word32 helloSz);
+#endif
+WOLFSSL_LOCAL int DoServerHello(WOLFSSL* ssl, const byte* input, word32*,
+ word32);
+WOLFSSL_LOCAL int CompleteServerHello(WOLFSSL *ssl);
+WOLFSSL_LOCAL int CheckVersion(WOLFSSL *ssl, ProtocolVersion pv);
+WOLFSSL_LOCAL int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo,
+ word32 hashSigAlgoSz);
+WOLFSSL_LOCAL int DecodePrivateKey(WOLFSSL *ssl, word16* length);
+#ifdef HAVE_PK_CALLBACKS
+WOLFSSL_LOCAL int GetPrivateKeySigSize(WOLFSSL* ssl);
+#ifndef NO_ASN
+ WOLFSSL_LOCAL int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx);
+#endif
+#endif
+WOLFSSL_LOCAL void FreeKeyExchange(WOLFSSL* ssl);
+WOLFSSL_LOCAL void FreeSuites(WOLFSSL* ssl);
+WOLFSSL_LOCAL int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 size);
+WOLFSSL_LOCAL int MatchDomainName(const char* pattern, int len, const char* str);
+#ifndef NO_CERTS
+WOLFSSL_LOCAL int CheckAltNames(DecodedCert* dCert, char* domain);
+#ifdef OPENSSL_EXTRA
+WOLFSSL_LOCAL int CheckIPAddr(DecodedCert* dCert, char* ipasc);
+#endif
+#endif
+WOLFSSL_LOCAL int CreateTicket(WOLFSSL* ssl);
+WOLFSSL_LOCAL int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz);
+WOLFSSL_LOCAL int HashOutput(WOLFSSL* ssl, const byte* output, int sz,
+ int ivSz);
+WOLFSSL_LOCAL int HashInput(WOLFSSL* ssl, const byte* input, int sz);
+#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+WOLFSSL_LOCAL int SNI_Callback(WOLFSSL* ssl);
+#endif
+#ifdef WOLFSSL_TLS13
+WOLFSSL_LOCAL int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
+ word16 sz, const byte* aad, word16 aadSz);
+WOLFSSL_LOCAL int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input,
+ word32* inOutIdx, byte type,
+ word32 size, word32 totalSz);
+WOLFSSL_LOCAL int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input,
+ word32* inOutIdx, word32 totalSz);
+WOLFSSL_LOCAL int DoTls13ServerHello(WOLFSSL* ssl, const byte* input,
+ word32* inOutIdx, word32 helloSz,
+ byte* extMsgType);
+#endif
+int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int t,
+ int pLen, int content);
enum {
@@ -1055,7 +1721,7 @@ enum {
/* only the sniffer needs space in the buffer for extra MTU record(s) */
#ifdef WOLFSSL_SNIFFER
- #define MTU_EXTRA MAX_MTU * 3
+ #define MTU_EXTRA MAX_MTU * 3
#else
#define MTU_EXTRA 0
#endif
@@ -1073,9 +1739,9 @@ enum {
#define RECORD_SIZE MAX_RECORD_SIZE
#else
#ifdef WOLFSSL_DTLS
- #define RECORD_SIZE MAX_MTU
+ #define RECORD_SIZE MAX_MTU
#else
- #define RECORD_SIZE 128
+ #define RECORD_SIZE 128
#endif
#endif
@@ -1083,7 +1749,7 @@ enum {
/* user option to turn off 16K output option */
/* if using small static buffers (default) and SSL_write tries to write data
larger than the record we have, dynamically get it, unless user says only
- write in static buffer chuncks */
+ write in static buffer chunks */
#ifndef STATIC_CHUNKS_ONLY
#define OUTPUT_RECORD_SIZE MAX_RECORD_SIZE
#else
@@ -1117,75 +1783,88 @@ typedef struct {
} bufferStatic;
/* Cipher Suites holder */
-typedef struct Suites {
+struct Suites {
word16 suiteSz; /* suite length in bytes */
word16 hashSigAlgoSz; /* SigAlgo extension length in bytes */
- byte suites[MAX_SUITE_SZ];
- byte hashSigAlgo[HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */
+ byte suites[WOLFSSL_MAX_SUITE_SZ];
+ byte hashSigAlgo[WOLFSSL_MAX_SIGALGO]; /* sig/algo to offer */
byte setSuites; /* user set suites from default */
byte hashAlgo; /* selected hash algorithm */
byte sigAlgo; /* selected sig algorithm */
-} Suites;
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+ WOLF_STACK_OF(WOLFSSL_CIPHER)* stack; /* stack of available cipher suites */
+#endif
+};
-WOLFSSL_LOCAL
-void InitSuites(Suites*, ProtocolVersion, word16, word16, word16, word16,
- word16, word16, int);
-WOLFSSL_LOCAL
-int SetCipherList(Suites*, const char* list);
+WOLFSSL_LOCAL void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig,
+ int haveRSAsig, int haveAnon,
+ int tls1_2, int keySz);
+WOLFSSL_LOCAL void InitSuites(Suites*, ProtocolVersion, int, word16, word16,
+ word16, word16, word16, word16, word16, int);
+WOLFSSL_LOCAL int MatchSuite(WOLFSSL* ssl, Suites* peerSuites);
+WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list);
#ifndef PSK_TYPES_DEFINED
- typedef unsigned int (*psk_client_callback)(WOLFSSL*, const char*, char*,
+ typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*,
unsigned int, unsigned char*, unsigned int);
- typedef unsigned int (*psk_server_callback)(WOLFSSL*, const char*,
+ typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*,
unsigned char*, unsigned int);
+#ifdef WOLFSSL_TLS13
+ typedef unsigned int (*wc_psk_client_tls13_callback)(WOLFSSL*, const char*,
+ char*, unsigned int, unsigned char*, unsigned int,
+ const char**);
+ typedef unsigned int (*wc_psk_server_tls13_callback)(WOLFSSL*, const char*,
+ unsigned char*, unsigned int, const char**);
+#endif
#endif /* PSK_TYPES_DEFINED */
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \
+ !defined(WOLFSSL_DTLS_EXPORT_TYPES)
+ typedef int (*wc_dtls_export)(WOLFSSL* ssl,
+ unsigned char* exportBuffer, unsigned int sz, void* userCtx);
+#define WOLFSSL_DTLS_EXPORT_TYPES
+#endif /* WOLFSSL_DTLS_EXPORT_TYPES */
-#ifdef HAVE_NETX
- WOLFSSL_LOCAL int NetX_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx);
- WOLFSSL_LOCAL int NetX_Send(WOLFSSL *ssl, char *buf, int sz, void *ctx);
-#endif /* HAVE_NETX */
-
-
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+#define MAX_DESCRIPTION_SZ 255
+#endif
/* wolfSSL Cipher type just points back to SSL */
struct WOLFSSL_CIPHER {
+ byte cipherSuite0;
+ byte cipherSuite;
WOLFSSL* ssl;
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+ char description[MAX_DESCRIPTION_SZ];
+ unsigned long offset;
+ unsigned int in_stack; /* TRUE if added to stack in wolfSSL_get_ciphers_compat */
+ int bits;
+#endif
};
-typedef struct OCSP_Entry OCSP_Entry;
-
-#ifdef NO_SHA
- #define OCSP_DIGEST_SIZE SHA256_DIGEST_SIZE
-#else
- #define OCSP_DIGEST_SIZE SHA_DIGEST_SIZE
-#endif
-
-#ifdef NO_ASN
+#ifdef NO_ASN
/* no_asn won't have */
typedef struct CertStatus CertStatus;
#endif
-struct OCSP_Entry {
- OCSP_Entry* next; /* next entry */
- byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */
- byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */
- CertStatus* status; /* OCSP response list */
- int totalStatus; /* number on list */
-};
-
-
#ifndef HAVE_OCSP
typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
#endif
/* wolfSSL OCSP controller */
+#ifdef HAVE_OCSP
struct WOLFSSL_OCSP {
WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */
- OCSP_Entry* ocspList; /* OCSP response list */
+ OcspEntry* ocspList; /* OCSP response list */
wolfSSL_Mutex ocspLock; /* OCSP list lock */
+ int error;
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
+ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+ int(*statusCb)(WOLFSSL*, void*);
+#endif
};
+#endif
#ifndef MAX_DATE_SIZE
#define MAX_DATE_SIZE 32
@@ -1194,20 +1873,20 @@ struct WOLFSSL_OCSP {
typedef struct CRL_Entry CRL_Entry;
#ifdef NO_SHA
- #define CRL_DIGEST_SIZE SHA256_DIGEST_SIZE
+ #define CRL_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
#else
- #define CRL_DIGEST_SIZE SHA_DIGEST_SIZE
+ #define CRL_DIGEST_SIZE WC_SHA_DIGEST_SIZE
#endif
-#ifdef NO_ASN
+#ifdef NO_ASN
typedef struct RevokedCert RevokedCert;
#endif
/* Complete CRL */
struct CRL_Entry {
CRL_Entry* next; /* next entry */
- byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */
- /* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */
+ byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */
+ /* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */
/* restore the hash here if needed for optimized comparisons */
byte lastDate[MAX_DATE_SIZE]; /* last date updated */
byte nextDate[MAX_DATE_SIZE]; /* next update date */
@@ -1215,6 +1894,16 @@ struct CRL_Entry {
byte nextDateFormat; /* next date format */
RevokedCert* certs; /* revoked cert list */
int totalCerts; /* number on list */
+ int verified;
+ byte* toBeSigned;
+ word32 tbsSz;
+ byte* signature;
+ word32 signatureSz;
+ word32 signatureOID;
+#if !defined(NO_SKID) && !defined(NO_ASN)
+ byte extAuthKeyIdSet;
+ byte extAuthKeyId[KEYID_SIZE];
+#endif
};
@@ -1227,51 +1916,82 @@ struct CRL_Monitor {
};
-#ifndef HAVE_CRL
- typedef struct WOLFSSL_CRL WOLFSSL_CRL;
+#if defined(HAVE_CRL) && defined(NO_FILESYSTEM)
+ #undef HAVE_CRL_MONITOR
#endif
/* wolfSSL CRL controller */
struct WOLFSSL_CRL {
WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */
- CRL_Entry* crlList; /* our CRL list */
+ CRL_Entry* crlList; /* our CRL list */
+#ifdef HAVE_CRL_IO
+ CbCrlIO crlIOCb;
+#endif
wolfSSL_Mutex crlLock; /* CRL list lock */
- CRL_Monitor monitors[2]; /* PEM and DER possible */
+ CRL_Monitor monitors[2]; /* PEM and DER possible */
#ifdef HAVE_CRL_MONITOR
- pthread_t tid; /* monitoring thread */
- int mfd; /* monitor fd, -1 if no init yet */
+ pthread_cond_t cond; /* condition to signal setup */
+ pthread_t tid; /* monitoring thread */
+ int mfd; /* monitor fd, -1 if no init yet */
+ int setup; /* thread is setup predicate */
#endif
+ void* heap; /* heap hint for dynamic memory */
};
-#ifdef NO_ASN
+#ifdef NO_ASN
typedef struct Signer Signer;
+#ifdef WOLFSSL_TRUST_PEER_CERT
+ typedef struct TrustedPeerCert TrustedPeerCert;
+#endif
#endif
#ifndef CA_TABLE_SIZE
#define CA_TABLE_SIZE 11
#endif
+#ifdef WOLFSSL_TRUST_PEER_CERT
+ #define TP_TABLE_SIZE 11
+#endif
/* wolfSSL Certificate Manager */
struct WOLFSSL_CERT_MANAGER {
Signer* caTable[CA_TABLE_SIZE]; /* the CA signer table */
- void* heap; /* heap helper */
- WOLFSSL_CRL* crl; /* CRL checker */
- WOLFSSL_OCSP* ocsp; /* OCSP checker */
- char* ocspOverrideURL; /* use this responder */
- void* ocspIOCtx; /* I/O callback CTX */
- CallbackCACache caCacheCallback; /* CA cache addition callback */
- CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */
- CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */
- CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */
- wolfSSL_Mutex caLock; /* CA list lock */
- byte crlEnabled; /* is CRL on ? */
- byte crlCheckAll; /* always leaf, but all ? */
- byte ocspEnabled; /* is OCSP on ? */
- byte ocspCheckAll; /* always leaf, but all ? */
- byte ocspSendNonce; /* send the OCSP nonce ? */
- byte ocspUseOverrideURL; /* ignore cert's responder, override */
+ void* heap; /* heap helper */
+#ifdef WOLFSSL_TRUST_PEER_CERT
+ TrustedPeerCert* tpTable[TP_TABLE_SIZE]; /* table of trusted peer certs */
+ wolfSSL_Mutex tpLock; /* trusted peer list lock */
+#endif
+ WOLFSSL_CRL* crl; /* CRL checker */
+ WOLFSSL_OCSP* ocsp; /* OCSP checker */
+#if !defined(NO_WOLFSSL_SERVER) && (defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
+ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
+ WOLFSSL_OCSP* ocsp_stapling; /* OCSP checker for OCSP stapling */
+#endif
+ char* ocspOverrideURL; /* use this responder */
+ void* ocspIOCtx; /* I/O callback CTX */
+#ifndef NO_WOLFSSL_CM_VERIFY
+ VerifyCallback verifyCallback; /* Verify callback */
+#endif
+ CallbackCACache caCacheCallback; /* CA cache addition callback */
+ CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */
+ CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */
+ CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */
+ wolfSSL_Mutex caLock; /* CA list lock */
+ byte crlEnabled; /* is CRL on ? */
+ byte crlCheckAll; /* always leaf, but all ? */
+ byte ocspEnabled; /* is OCSP on ? */
+ byte ocspCheckAll; /* always leaf, but all ? */
+ byte ocspSendNonce; /* send the OCSP nonce ? */
+ byte ocspUseOverrideURL; /* ignore cert's responder, override */
+ byte ocspStaplingEnabled; /* is OCSP Stapling on ? */
+
+#ifndef NO_RSA
+ short minRsaKeySz; /* minimum allowed RSA key size */
+#endif
+#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
+ short minEccKeySz; /* minimum allowed ECC key size */
+#endif
};
WOLFSSL_LOCAL int CM_SaveCertCache(WOLFSSL_CERT_MANAGER*, const char*);
@@ -1279,6 +1999,42 @@ WOLFSSL_LOCAL int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER*, const char*);
WOLFSSL_LOCAL int CM_MemSaveCertCache(WOLFSSL_CERT_MANAGER*, void*, int, int*);
WOLFSSL_LOCAL int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER*, const void*, int);
WOLFSSL_LOCAL int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER*);
+WOLFSSL_LOCAL int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
+ long sz, int format, int err_val);
+
+
+#ifndef NO_CERTS
+#if !defined NOCERTS &&\
+ (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
+typedef struct ProcPeerCertArgs {
+ buffer* certs;
+#ifdef WOLFSSL_TLS13
+ buffer* exts; /* extensions */
+#endif
+ DecodedCert* dCert;
+ word32 idx;
+ word32 begin;
+ int totalCerts; /* number of certs in certs buffer */
+ int count;
+ int certIdx;
+ int lastErr;
+#ifdef WOLFSSL_TLS13
+ byte ctxSz;
+#endif
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+ char untrustedDepth;
+#endif
+ word16 fatal:1;
+ word16 verifyErr:1;
+ word16 dCertInit:1;
+#ifdef WOLFSSL_TRUST_PEER_CERT
+ word16 haveTrustPeer:1; /* was cert verified by loaded trusted peer cert */
+#endif
+} ProcPeerCertArgs;
+WOLFSSL_LOCAL int DoVerifyCallback(WOLFSSL_CERT_MANAGER* cm, WOLFSSL* ssl,
+ int ret, ProcPeerCertArgs* args);
+#endif /* !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) */
+#endif /* !defined NO_CERTS */
/* wolfSSL Sock Addr */
struct WOLFSSL_SOCKADDR {
@@ -1288,58 +2044,71 @@ struct WOLFSSL_SOCKADDR {
typedef struct WOLFSSL_DTLS_CTX {
WOLFSSL_SOCKADDR peer;
- int fd;
+ int rfd;
+ int wfd;
} WOLFSSL_DTLS_CTX;
-#ifdef WOLFSSL_DTLS
-
- #ifdef WORD64_AVAILABLE
- typedef word64 DtlsSeq;
- #else
- typedef word32 DtlsSeq;
- #endif
- #define DTLS_SEQ_BITS (sizeof(DtlsSeq) * CHAR_BIT)
-
- typedef struct DtlsState {
- DtlsSeq window; /* Sliding window for current epoch */
- word16 nextEpoch; /* Expected epoch in next record */
- word32 nextSeq; /* Expected sequence in next record */
+typedef struct WOLFSSL_DTLS_PEERSEQ {
+ word32 window[WOLFSSL_DTLS_WINDOW_WORDS];
+ /* Sliding window for current epoch */
+ word16 nextEpoch; /* Expected epoch in next record */
+ word16 nextSeq_hi; /* Expected sequence in next record */
+ word32 nextSeq_lo;
- word16 curEpoch; /* Received epoch in current record */
- word32 curSeq; /* Received sequence in current record */
+ word32 prevWindow[WOLFSSL_DTLS_WINDOW_WORDS];
+ /* Sliding window for old epoch */
+ word32 prevSeq_lo;
+ word16 prevSeq_hi; /* Next sequence in allowed old epoch */
- DtlsSeq prevWindow; /* Sliding window for old epoch */
- word32 prevSeq; /* Next sequence in allowed old epoch */
- } DtlsState;
+#ifdef WOLFSSL_MULTICAST
+ word16 peerId;
+ word32 highwaterMark;
+#endif
+} WOLFSSL_DTLS_PEERSEQ;
-#endif /* WOLFSSL_DTLS */
+#define MAX_WRITE_IV_SZ 16 /* max size of client/server write_IV */
-/* keys and secrets */
+/* keys and secrets
+ * keep as a constant size (no additional ifdefs) for session export */
typedef struct Keys {
- byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */
- byte server_write_MAC_secret[MAX_DIGEST_SIZE];
- byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */
- byte server_write_key[AES_256_KEY_SIZE];
- byte client_write_IV[AES_IV_SIZE]; /* max sizes */
- byte server_write_IV[AES_IV_SIZE];
-#ifdef HAVE_AEAD
- byte aead_exp_IV[AEAD_EXP_IV_SZ];
- byte aead_enc_imp_IV[AEAD_IMP_IV_SZ];
- byte aead_dec_imp_IV[AEAD_IMP_IV_SZ];
+#if !defined(WOLFSSL_AEAD_ONLY) || defined(WOLFSSL_TLS13)
+ byte client_write_MAC_secret[WC_MAX_DIGEST_SIZE]; /* max sizes */
+ byte server_write_MAC_secret[WC_MAX_DIGEST_SIZE];
+#endif
+ byte client_write_key[MAX_SYM_KEY_SIZE]; /* max sizes */
+ byte server_write_key[MAX_SYM_KEY_SIZE];
+ byte client_write_IV[MAX_WRITE_IV_SZ]; /* max sizes */
+ byte server_write_IV[MAX_WRITE_IV_SZ];
+#if defined(HAVE_AEAD) || defined(WOLFSSL_SESSION_EXPORT)
+ byte aead_exp_IV[AEAD_MAX_EXP_SZ];
+ byte aead_enc_imp_IV[AEAD_MAX_IMP_SZ];
+ byte aead_dec_imp_IV[AEAD_MAX_IMP_SZ];
#endif
- word32 peer_sequence_number;
- word32 sequence_number;
+ word32 peer_sequence_number_hi;
+ word32 peer_sequence_number_lo;
+ word32 sequence_number_hi;
+ word32 sequence_number_lo;
#ifdef WOLFSSL_DTLS
- DtlsState dtls_state; /* Peer's state */
+ word16 curEpoch; /* Received epoch in current record */
+ word16 curSeq_hi; /* Received sequence in current record */
+ word32 curSeq_lo;
+#ifdef WOLFSSL_MULTICAST
+ byte curPeerId; /* Received peer group ID in current record */
+#endif
+ WOLFSSL_DTLS_PEERSEQ peerSeq[WOLFSSL_DTLS_PEERSEQ_SZ];
+
word16 dtls_peer_handshake_number;
word16 dtls_expected_peer_handshake_number;
- word16 dtls_epoch; /* Current tx epoch */
- word32 dtls_sequence_number; /* Current tx sequence */
+ word16 dtls_epoch; /* Current epoch */
+ word16 dtls_sequence_number_hi; /* Current epoch */
+ word32 dtls_sequence_number_lo;
+ word16 dtls_prev_sequence_number_hi; /* Previous epoch */
+ word32 dtls_prev_sequence_number_lo;
word16 dtls_handshake_number; /* Current tx handshake seq */
#endif
@@ -1347,115 +2116,275 @@ typedef struct Keys {
word32 padSz; /* how much to advance after decrypt part */
byte encryptionOn; /* true after change cipher spec */
byte decryptedCur; /* only decrypt current record once */
+#ifdef WOLFSSL_TLS13
+ byte updateResponseReq:1; /* KeyUpdate response from peer required. */
+ byte keyUpdateRespond:1; /* KeyUpdate is to be responded to. */
+#endif
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
+ byte tsip_client_write_MAC_secret[TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE];
+ byte tsip_server_write_MAC_secret[TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE];
+#endif
} Keys;
-/* RFC 6066 TLS Extensions */
+/** TLS Extensions - RFC 6066 */
#ifdef HAVE_TLS_EXTENSIONS
typedef enum {
- SERVER_NAME_INDICATION = 0x0000,
- MAX_FRAGMENT_LENGTH = 0x0001,
- TRUNCATED_HMAC = 0x0004,
- ELLIPTIC_CURVES = 0x000a,
- SESSION_TICKET = 0x0023,
- SECURE_RENEGOTIATION = 0xff01
+ TLSX_SERVER_NAME = 0x0000, /* a.k.a. SNI */
+ TLSX_MAX_FRAGMENT_LENGTH = 0x0001,
+ TLSX_TRUSTED_CA_KEYS = 0x0003,
+ TLSX_TRUNCATED_HMAC = 0x0004,
+ TLSX_STATUS_REQUEST = 0x0005, /* a.k.a. OCSP stapling */
+ TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */
+ TLSX_EC_POINT_FORMATS = 0x000b,
+#if !defined(WOLFSSL_NO_SIGALG)
+ TLSX_SIGNATURE_ALGORITHMS = 0x000d,
+#endif
+ TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */
+ TLSX_STATUS_REQUEST_V2 = 0x0011, /* a.k.a. OCSP stapling v2 */
+#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
+ TLSX_ENCRYPT_THEN_MAC = 0x0016, /* RFC 7366 */
+#endif
+ TLSX_QUANTUM_SAFE_HYBRID = 0x0018, /* a.k.a. QSH */
+ TLSX_SESSION_TICKET = 0x0023,
+#ifdef WOLFSSL_TLS13
+ #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
+ TLSX_PRE_SHARED_KEY = 0x0029,
+ #endif
+ #ifdef WOLFSSL_EARLY_DATA
+ TLSX_EARLY_DATA = 0x002a,
+ #endif
+ TLSX_SUPPORTED_VERSIONS = 0x002b,
+ TLSX_COOKIE = 0x002c,
+ #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
+ TLSX_PSK_KEY_EXCHANGE_MODES = 0x002d,
+ #endif
+ #ifdef WOLFSSL_POST_HANDSHAKE_AUTH
+ TLSX_POST_HANDSHAKE_AUTH = 0x0031,
+ #endif
+ #if defined(WOLFSSL_TLS13_DRAFT_18) || defined(WOLFSSL_TLS13_DRAFT_22)
+ TLSX_KEY_SHARE = 0x0028,
+ #else
+ TLSX_SIGNATURE_ALGORITHMS_CERT = 0x0032,
+ TLSX_KEY_SHARE = 0x0033,
+ #endif
+#endif
+ TLSX_RENEGOTIATION_INFO = 0xff01
} TLSX_Type;
typedef struct TLSX {
TLSX_Type type; /* Extension Type */
void* data; /* Extension Data */
+ word32 val; /* Extension Value */
byte resp; /* IsResponse Flag */
struct TLSX* next; /* List Behavior */
} TLSX;
-WOLFSSL_LOCAL TLSX* TLSX_Find(TLSX* list, TLSX_Type type);
-WOLFSSL_LOCAL void TLSX_FreeAll(TLSX* list);
-WOLFSSL_LOCAL int TLSX_SupportExtensions(WOLFSSL* ssl);
-
-#ifndef NO_WOLFSSL_CLIENT
-WOLFSSL_LOCAL word16 TLSX_GetRequestSize(WOLFSSL* ssl);
-WOLFSSL_LOCAL word16 TLSX_WriteRequest(WOLFSSL* ssl, byte* output);
-#endif
-
-#ifndef NO_WOLFSSL_SERVER
-WOLFSSL_LOCAL word16 TLSX_GetResponseSize(WOLFSSL* ssl);
-WOLFSSL_LOCAL word16 TLSX_WriteResponse(WOLFSSL* ssl, byte* output);
-#endif
-
-WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length,
- byte isRequest, Suites *suites);
-
-#elif defined(HAVE_SNI) \
- || defined(HAVE_MAX_FRAGMENT) \
- || defined(HAVE_TRUNCATED_HMAC) \
- || defined(HAVE_SUPPORTED_CURVES) \
- || defined(HAVE_SECURE_RENEGOTIATION) \
- || defined(HAVE_SESSION_TICKET)
+WOLFSSL_LOCAL TLSX* TLSX_Find(TLSX* list, TLSX_Type type);
+WOLFSSL_LOCAL void TLSX_Remove(TLSX** list, TLSX_Type type, void* heap);
+WOLFSSL_LOCAL void TLSX_FreeAll(TLSX* list, void* heap);
+WOLFSSL_LOCAL int TLSX_SupportExtensions(WOLFSSL* ssl);
+WOLFSSL_LOCAL int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isRequest);
+
+#if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_CLIENT)
+WOLFSSL_LOCAL int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType,
+ word16* pLength);
+WOLFSSL_LOCAL int TLSX_WriteRequest(WOLFSSL* ssl, byte* output,
+ byte msgType, word16* pOffset);
+#endif
+
+#if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_SERVER)
+/* TLS 1.3 Certificate messages have extensions. */
+WOLFSSL_LOCAL int TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType,
+ word16* pLength);
+WOLFSSL_LOCAL int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType,
+ word16* pOffset);
+#endif
+
+WOLFSSL_LOCAL int TLSX_ParseVersion(WOLFSSL* ssl, byte* input, word16 length,
+ byte msgType, int* found);
+WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length,
+ byte msgType, Suites *suites);
+
+#elif defined(HAVE_SNI) \
+ || defined(HAVE_MAX_FRAGMENT) \
+ || defined(HAVE_TRUSTED_CA) \
+ || defined(HAVE_TRUNCATED_HMAC) \
+ || defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
+ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) \
+ || defined(HAVE_SUPPORTED_CURVES) \
+ || defined(HAVE_ALPN) \
+ || defined(HAVE_QSH) \
+ || defined(HAVE_SESSION_TICKET) \
+ || defined(HAVE_SECURE_RENEGOTIATION) \
+ || defined(HAVE_SERVER_RENEGOTIATION_INFO)
#error Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined.
#endif /* HAVE_TLS_EXTENSIONS */
-/* Server Name Indication */
+/** Server Name Indication - RFC 6066 (session 3) */
#ifdef HAVE_SNI
typedef struct SNI {
- byte type; /* SNI Type */
- union { char* host_name; } data; /* SNI Data */
- struct SNI* next; /* List Behavior */
+ byte type; /* SNI Type */
+ union { char* host_name; } data; /* SNI Data */
+ struct SNI* next; /* List Behavior */
+ byte status; /* Matching result */
#ifndef NO_WOLFSSL_SERVER
- byte options; /* Behaviour options */
- byte status; /* Matching result */
+ byte options; /* Behavior options */
#endif
} SNI;
WOLFSSL_LOCAL int TLSX_UseSNI(TLSX** extensions, byte type, const void* data,
- word16 size);
+ word16 size, void* heap);
+WOLFSSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type);
+WOLFSSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type,
+ void** data);
#ifndef NO_WOLFSSL_SERVER
WOLFSSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type,
byte options);
-WOLFSSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type);
-WOLFSSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type,
- void** data);
WOLFSSL_LOCAL int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz,
byte type, byte* sni, word32* inOutSz);
#endif
#endif /* HAVE_SNI */
-/* Maximum Fragment Length */
+/* Trusted CA Key Indication - RFC 6066 (section 6) */
+#ifdef HAVE_TRUSTED_CA
+
+typedef struct TCA {
+ byte type; /* TCA Type */
+ byte* id; /* TCA identifier */
+ word16 idSz; /* TCA identifier size */
+ struct TCA* next; /* List Behavior */
+} TCA;
+
+WOLFSSL_LOCAL int TLSX_UseTrustedCA(TLSX** extensions, byte type,
+ const byte* id, word16 idSz, void* heap);
+
+#endif /* HAVE_TRUSTED_CA */
+
+/* Application-Layer Protocol Negotiation - RFC 7301 */
+#ifdef HAVE_ALPN
+typedef struct ALPN {
+ char* protocol_name; /* ALPN protocol name */
+ struct ALPN* next; /* List Behavior */
+ byte options; /* Behavior options */
+ byte negotiated; /* ALPN protocol negotiated or not */
+} ALPN;
+
+WOLFSSL_LOCAL int TLSX_ALPN_GetRequest(TLSX* extensions,
+ void** data, word16 *dataSz);
+
+WOLFSSL_LOCAL int TLSX_UseALPN(TLSX** extensions, const void* data,
+ word16 size, byte options, void* heap);
+
+WOLFSSL_LOCAL int TLSX_ALPN_SetOptions(TLSX** extensions, const byte option);
+
+#endif /* HAVE_ALPN */
+
+/** Maximum Fragment Length Negotiation - RFC 6066 (session 4) */
#ifdef HAVE_MAX_FRAGMENT
-WOLFSSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl);
+WOLFSSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl, void* heap);
#endif /* HAVE_MAX_FRAGMENT */
+/** Truncated HMAC - RFC 6066 (session 7) */
#ifdef HAVE_TRUNCATED_HMAC
-WOLFSSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions);
+WOLFSSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions, void* heap);
#endif /* HAVE_TRUNCATED_HMAC */
+/** Certificate Status Request - RFC 6066 (session 8) */
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
+
+typedef struct {
+ byte status_type;
+ byte options;
+ WOLFSSL* ssl;
+ union {
+ OcspRequest ocsp;
+ } request;
+#if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER)
+ buffer response;
+#endif
+} CertificateStatusRequest;
+
+WOLFSSL_LOCAL int TLSX_UseCertificateStatusRequest(TLSX** extensions,
+ byte status_type, byte options, WOLFSSL* ssl, void* heap, int devId);
+#ifndef NO_CERTS
+WOLFSSL_LOCAL int TLSX_CSR_InitRequest(TLSX* extensions, DecodedCert* cert,
+ void* heap);
+#endif
+WOLFSSL_LOCAL void* TLSX_CSR_GetRequest(TLSX* extensions);
+WOLFSSL_LOCAL int TLSX_CSR_ForceRequest(WOLFSSL* ssl);
+
+#endif
+
+/** Certificate Status Request v2 - RFC 6961 */
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
+
+typedef struct CSRIv2 {
+ byte status_type;
+ byte options;
+ word16 requests;
+ union {
+ OcspRequest ocsp[1 + MAX_CHAIN_DEPTH];
+ } request;
+ struct CSRIv2* next;
+} CertificateStatusRequestItemV2;
+
+WOLFSSL_LOCAL int TLSX_UseCertificateStatusRequestV2(TLSX** extensions,
+ byte status_type, byte options, void* heap, int devId);
+#ifndef NO_CERTS
+WOLFSSL_LOCAL int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert,
+ byte isPeer, void* heap);
+#endif
+WOLFSSL_LOCAL void* TLSX_CSR2_GetRequest(TLSX* extensions, byte status_type,
+ byte index);
+WOLFSSL_LOCAL int TLSX_CSR2_ForceRequest(WOLFSSL* ssl);
+
+#endif
+
+/** Supported Elliptic Curves - RFC 4492 (session 4) */
#ifdef HAVE_SUPPORTED_CURVES
-typedef struct EllipticCurve {
- word16 name; /* CurveNames */
- struct EllipticCurve* next; /* List Behavior */
-} EllipticCurve;
+typedef struct SupportedCurve {
+ word16 name; /* Curve Names */
+ struct SupportedCurve* next; /* List Behavior */
+} SupportedCurve;
+
+typedef struct PointFormat {
+ byte format; /* PointFormat */
+ struct PointFormat* next; /* List Behavior */
+} PointFormat;
+
+WOLFSSL_LOCAL int TLSX_UseSupportedCurve(TLSX** extensions, word16 name,
+ void* heap);
-WOLFSSL_LOCAL int TLSX_UseSupportedCurve(TLSX** extensions, word16 name);
+WOLFSSL_LOCAL int TLSX_UsePointFormat(TLSX** extensions, byte point,
+ void* heap);
#ifndef NO_WOLFSSL_SERVER
-WOLFSSL_LOCAL int TLSX_ValidateEllipticCurves(WOLFSSL* ssl, byte first,
+WOLFSSL_LOCAL int TLSX_ValidateSupportedCurves(WOLFSSL* ssl, byte first,
byte second);
+WOLFSSL_LOCAL int TLSX_SupportedCurve_CheckPriority(WOLFSSL* ssl);
+WOLFSSL_LOCAL int TLSX_SupportedFFDHE_Set(WOLFSSL* ssl);
#endif
+WOLFSSL_LOCAL int TLSX_SupportedCurve_Preferred(WOLFSSL* ssl,
+ int checkSupported);
#endif /* HAVE_SUPPORTED_CURVES */
-#ifdef HAVE_SECURE_RENEGOTIATION
+/** Renegotiation Indication - RFC 5746 */
+#if defined(HAVE_SECURE_RENEGOTIATION) \
+ || defined(HAVE_SERVER_RENEGOTIATION_INFO)
enum key_cache_state {
SCR_CACHE_NULL = 0, /* empty / begin state */
@@ -1465,132 +2394,492 @@ enum key_cache_state {
SCR_CACHE_COMPLETE /* complete restore to real keys */
};
-
-/* Additional Conection State according to rfc5746 section 3.1 */
+/* Additional Connection State according to rfc5746 section 3.1 */
typedef struct SecureRenegotiation {
byte enabled; /* secure_renegotiation flag in rfc */
+ byte verifySet;
byte startScr; /* server requested client to start scr */
enum key_cache_state cache_status; /* track key cache state */
byte client_verify_data[TLS_FINISHED_SZ]; /* cached */
byte server_verify_data[TLS_FINISHED_SZ]; /* cached */
- byte subject_hash[SHA_DIGEST_SIZE]; /* peer cert hash */
+ byte subject_hash_set; /* if peer cert hash is set */
+ byte subject_hash[KEYID_SIZE]; /* peer cert hash */
Keys tmp_keys; /* can't overwrite real keys yet */
} SecureRenegotiation;
-WOLFSSL_LOCAL int TLSX_UseSecureRenegotiation(TLSX** extensions);
+WOLFSSL_LOCAL int TLSX_UseSecureRenegotiation(TLSX** extensions, void* heap);
+
+#ifdef HAVE_SERVER_RENEGOTIATION_INFO
+WOLFSSL_LOCAL int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions, void* heap);
+#endif
#endif /* HAVE_SECURE_RENEGOTIATION */
+/** Session Ticket - RFC 5077 (session 3.2) */
#ifdef HAVE_SESSION_TICKET
typedef struct SessionTicket {
word32 lifetime;
+#ifdef WOLFSSL_TLS13
+ word64 seen;
+ word32 ageAdd;
+#endif
byte* data;
word16 size;
} SessionTicket;
-WOLFSSL_LOCAL int TLSX_UseSessionTicket(TLSX** extensions,
- SessionTicket* ticket);
+WOLFSSL_LOCAL int TLSX_UseSessionTicket(TLSX** extensions,
+ SessionTicket* ticket, void* heap);
WOLFSSL_LOCAL SessionTicket* TLSX_SessionTicket_Create(word32 lifetime,
- byte* data, word16 size);
-WOLFSSL_LOCAL void TLSX_SessionTicket_Free(SessionTicket* ticket);
+ byte* data, word16 size, void* heap);
+WOLFSSL_LOCAL void TLSX_SessionTicket_Free(SessionTicket* ticket, void* heap);
+
#endif /* HAVE_SESSION_TICKET */
+/** Quantum-Safe-Hybrid - draft-whyte-qsh-tls12-00 */
+#ifdef HAVE_QSH
+
+typedef struct QSHScheme {
+ struct QSHScheme* next; /* List Behavior */
+ byte* PK;
+ word16 name; /* QSHScheme Names */
+ word16 PKLen;
+} QSHScheme;
+
+typedef struct QSHkey {
+ struct QSHKey* next;
+ word16 name;
+ buffer pub;
+ buffer pri;
+} QSHKey;
+
+typedef struct QSHSecret {
+ QSHScheme* list;
+ buffer* SerSi;
+ buffer* CliSi;
+} QSHSecret;
+
+/* used in key exchange during handshake */
+WOLFSSL_LOCAL int TLSX_QSHCipher_Parse(WOLFSSL* ssl, const byte* input,
+ word16 length, byte isServer);
+WOLFSSL_LOCAL word16 TLSX_QSHPK_Write(QSHScheme* list, byte* output);
+WOLFSSL_LOCAL word16 TLSX_QSH_GetSize(QSHScheme* list, byte isRequest);
+
+/* used by api for setting a specific QSH scheme */
+WOLFSSL_LOCAL int TLSX_UseQSHScheme(TLSX** extensions, word16 name,
+ byte* pKey, word16 pKeySz, void* heap);
+
+/* used when parsing in QSHCipher structs */
+WOLFSSL_LOCAL int QSH_Decrypt(QSHKey* key, byte* in, word32 szIn,
+ byte* out, word16* szOut);
+#ifndef NO_WOLFSSL_SERVER
+WOLFSSL_LOCAL int TLSX_ValidateQSHScheme(TLSX** extensions, word16 name);
+#endif
+
+#endif /* HAVE_QSH */
+
+#ifdef WOLFSSL_TLS13
+/* Cookie extension information - cookie data. */
+typedef struct Cookie {
+ word16 len;
+ byte data;
+} Cookie;
+
+WOLFSSL_LOCAL int TLSX_Cookie_Use(WOLFSSL* ssl, byte* data, word16 len,
+ byte* mac, byte macSz, int resp);
+
+
+/* Key Share - TLS v1.3 Specification */
+
+/* The KeyShare extension information - entry in a linked list. */
+typedef struct KeyShareEntry {
+ word16 group; /* NamedGroup */
+ byte* ke; /* Key exchange data */
+ word32 keLen; /* Key exchange data length */
+ void* key; /* Private key */
+ word32 keyLen; /* Private key length */
+ byte* pubKey; /* Public key */
+ word32 pubKeyLen; /* Public key length */
+ struct KeyShareEntry* next; /* List pointer */
+} KeyShareEntry;
+
+WOLFSSL_LOCAL int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len,
+ byte* data, KeyShareEntry **kse);
+WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl);
+WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl);
+WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* ssl);
+
+
+#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
+#ifndef WOLFSSL_TLS13_DRAFT_18
+/* Ticket nonce - for deriving PSK.
+ * Length allowed to be: 1..255. Only support 4 bytes.
+ */
+typedef struct TicketNonce {
+ byte len;
+ byte data[MAX_TICKET_NONCE_SZ];
+} TicketNonce;
+#endif
+
+/* The PreSharedKey extension information - entry in a linked list. */
+typedef struct PreSharedKey {
+ word16 identityLen; /* Length of identity */
+ byte* identity; /* PSK identity */
+ word32 ticketAge; /* Age of the ticket */
+ byte cipherSuite0; /* Cipher Suite */
+ byte cipherSuite; /* Cipher Suite */
+ word32 binderLen; /* Length of HMAC */
+ byte binder[WC_MAX_DIGEST_SIZE]; /* HMAC of handshake */
+ byte hmac; /* HMAC algorithm */
+ byte resumption:1; /* Resumption PSK */
+ byte chosen:1; /* Server's choice */
+ struct PreSharedKey* next; /* List pointer */
+} PreSharedKey;
+
+WOLFSSL_LOCAL int TLSX_PreSharedKey_WriteBinders(PreSharedKey* list,
+ byte* output, byte msgType,
+ word16* pSz);
+WOLFSSL_LOCAL int TLSX_PreSharedKey_GetSizeBinders(PreSharedKey* list,
+ byte msgType, word16* pSz);
+WOLFSSL_LOCAL int TLSX_PreSharedKey_Use(WOLFSSL* ssl, byte* identity,
+ word16 len, word32 age, byte hmac,
+ byte cipherSuite0, byte cipherSuite,
+ byte resumption,
+ PreSharedKey **preSharedKey);
+
+/* The possible Pre-Shared Key key exchange modes. */
+enum PskKeyExchangeMode {
+ PSK_KE,
+ PSK_DHE_KE
+};
+
+/* User can define this. */
+#ifndef WOLFSSL_DEF_PSK_CIPHER
+#define WOLFSSL_DEF_PSK_CIPHER TLS_AES_128_GCM_SHA256
+#endif
+
+WOLFSSL_LOCAL int TLSX_PskKeModes_Use(WOLFSSL* ssl, byte modes);
+
+#ifdef WOLFSSL_EARLY_DATA
+WOLFSSL_LOCAL int TLSX_EarlyData_Use(WOLFSSL* ssl, word32 max);
+#endif
+#endif /* HAVE_SESSION_TICKET || !NO_PSK */
+
+
+/* The types of keys to derive for. */
+enum DeriveKeyType {
+ no_key,
+ early_data_key,
+ handshake_key,
+ traffic_key,
+ update_traffic_key
+};
+
+/* The key update request values for KeyUpdate message. */
+enum KeyUpdateRequest {
+ update_not_requested,
+ update_requested
+};
+#endif /* WOLFSSL_TLS13 */
+
+
+#ifdef OPENSSL_EXTRA
+enum SetCBIO {
+ WOLFSSL_CBIO_NONE = 0,
+ WOLFSSL_CBIO_RECV = 0x1,
+ WOLFSSL_CBIO_SEND = 0x2,
+};
+#endif
+
/* wolfSSL context type */
struct WOLFSSL_CTX {
WOLFSSL_METHOD* method;
- wolfSSL_Mutex countMutex; /* reference count mutex */
+#ifdef SINGLE_THREADED
+ WC_RNG* rng; /* to be shared with WOLFSSL w/o locking */
+#endif
+ wolfSSL_Mutex countMutex; /* reference count mutex */
int refCount; /* reference count */
+ int err; /* error code in case of mutex not created */
#ifndef NO_DH
buffer serverDH_P;
buffer serverDH_G;
#endif
#ifndef NO_CERTS
- buffer certificate;
- buffer certChain;
+ DerBuffer* certificate;
+ DerBuffer* certChain;
/* chain after self, in DER, with leading size for each cert */
- buffer privateKey;
+ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
+ WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names;
+ #endif
+ #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
+ defined(WOLFSSL_NGINX) || defined (WOLFSSL_HAPROXY)
+ WOLF_STACK_OF(WOLFSSL_X509)* x509Chain;
+ client_cert_cb CBClientCert; /* client certificate callback */
+ #endif
+#ifdef WOLFSSL_TLS13
+ int certChainCnt;
+#endif
+ DerBuffer* privateKey;
+ byte privateKeyType:7;
+ byte privateKeyId:1;
+ int privateKeySz;
+ int privateKeyDevId;
WOLFSSL_CERT_MANAGER* cm; /* our cert manager, ctx owns SSL will use */
#endif
+#ifdef KEEP_OUR_CERT
+ WOLFSSL_X509* ourCert; /* keep alive a X509 struct of cert */
+ int ownOurCert; /* Dispose of certificate if we own */
+#endif
Suites* suites; /* make dynamic, user may not need/set */
void* heap; /* for user memory overrides */
- byte verifyPeer;
- byte verifyNone;
- byte failNoCert;
- byte sessionCacheOff;
- byte sessionCacheFlushOff;
- byte sendVerify; /* for client side */
- byte haveRSA; /* RSA available */
- byte haveDH; /* server DH parms set by user */
- byte haveNTRU; /* server private NTRU key loaded */
- byte haveECDSAsig; /* server cert signed w/ ECDSA */
- byte haveStaticECC; /* static server ECC private key */
- byte partialWrite; /* only one msg per write call */
- byte quietShutdown; /* don't send close notify */
- byte groupMessages; /* group handshake messages before sending */
+ byte verifyDepth;
+ byte verifyPeer:1;
+ byte verifyNone:1;
+ byte failNoCert:1;
+ byte failNoCertxPSK:1; /* fail if no cert with the exception of PSK*/
+ byte sessionCacheOff:1;
+ byte sessionCacheFlushOff:1;
+#ifdef HAVE_EXT_CACHE
+ byte internalCacheOff:1;
+#endif
+ byte sendVerify:2; /* for client side (can not be single bit) */
+ byte haveRSA:1; /* RSA available */
+ byte haveECC:1; /* ECC available */
+ byte haveDH:1; /* server DH parms set by user */
+ byte haveNTRU:1; /* server private NTRU key loaded */
+ byte haveECDSAsig:1; /* server cert signed w/ ECDSA */
+ byte haveStaticECC:1; /* static server ECC private key */
+ byte partialWrite:1; /* only one msg per write call */
+ byte quietShutdown:1; /* don't send close notify */
+ byte groupMessages:1; /* group handshake messages before sending */
byte minDowngrade; /* minimum downgrade version */
+ byte haveEMS:1; /* have extended master secret extension */
+ byte useClientOrder:1; /* Use client's cipher preference order */
+#ifdef WOLFSSL_TLS13
+ byte noTicketTls13:1; /* Server won't create new Ticket */
+ byte noPskDheKe:1; /* Don't use (EC)DHE with PSK */
+#endif
+ byte mutualAuth:1; /* Mutual authentication required */
+#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
+ byte postHandshakeAuth:1; /* Post-handshake auth supported. */
+#endif
+#ifndef NO_DH
+ #if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \
+ !defined(HAVE_SELFTEST)
+ byte dhKeyTested:1; /* Set when key has been tested. */
+ #endif
+#endif
+#ifdef HAVE_SECURE_RENEGOTIATION
+ byte useSecureReneg:1; /* when set will set WOLFSSL objects generated to enable */
+#endif
+#ifdef HAVE_ENCRYPT_THEN_MAC
+ byte disallowEncThenMac:1; /* Don't do Encrypt-Then-MAC */
+#endif
+#ifdef WOLFSSL_STATIC_MEMORY
+ byte onHeap:1; /* whether the ctx/method is put on heap hint */
+#endif
+#ifdef WOLFSSL_MULTICAST
+ byte haveMcast; /* multicast requested */
+ byte mcastID; /* multicast group ID */
+#endif
+#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
+ byte dtlsSctp; /* DTLS-over-SCTP mode */
+#endif
+#if (defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)) && \
+ defined(WOLFSSL_DTLS)
+ word16 dtlsMtuSz; /* DTLS MTU size */
+#endif
#ifndef NO_DH
word16 minDhKeySz; /* minimum DH key size */
+ word16 maxDhKeySz; /* maximum DH key size */
+#endif
+#ifndef NO_RSA
+ short minRsaKeySz; /* minimum RSA key size */
+#endif
+#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
+ short minEccKeySz; /* minimum ECC key size */
+#endif
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+ unsigned long mask; /* store SSL_OP_ flags */
+#endif
+#ifdef OPENSSL_EXTRA
+ byte sessionCtx[ID_LEN]; /* app session context ID */
+ word32 disabledCurves; /* curves disabled by user */
+ const unsigned char *alpn_cli_protos;/* ALPN client protocol list */
+ unsigned int alpn_cli_protos_len;
+ byte sessionCtxSz;
+ byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */
+ CallbackInfoState* CBIS; /* used to get info about SSL state */
#endif
CallbackIORecv CBIORecv;
CallbackIOSend CBIOSend;
#ifdef WOLFSSL_DTLS
CallbackGenCookie CBIOCookie; /* gen cookie callback */
+#ifdef WOLFSSL_SESSION_EXPORT
+ wc_dtls_export dtls_export; /* export function for DTLS session */
+ CallbackGetPeer CBGetPeer;
+ CallbackSetPeer CBSetPeer;
#endif
+#endif /* WOLFSSL_DTLS */
VerifyCallback verifyCallback; /* cert verification callback */
+#ifdef OPENSSL_ALL
+ CertVerifyCallback verifyCertCb;
+ void* verifyCertCbArg;
+#endif /* OPENSSL_ALL */
word32 timeout; /* session timeout */
+#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_ED448)
+ word32 ecdhCurveOID; /* curve Ecc_Sum */
+#endif
#ifdef HAVE_ECC
word16 eccTempKeySz; /* in octets 20 - 66 */
+#endif
+#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
word32 pkCurveOID; /* curve Ecc_Sum */
#endif
-#ifndef NO_PSK
+#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
byte havePSK; /* psk key set by user */
- psk_client_callback client_psk_cb; /* client callback */
- psk_server_callback server_psk_cb; /* server callback */
- char server_hint[MAX_PSK_ID_LEN];
-#endif /* NO_PSK */
+ wc_psk_client_callback client_psk_cb; /* client callback */
+ wc_psk_server_callback server_psk_cb; /* server callback */
+#ifdef WOLFSSL_TLS13
+ wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */
+ wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */
+#endif
+ char server_hint[MAX_PSK_ID_LEN + NULL_TERM_LEN];
+#endif /* HAVE_SESSION_TICKET || !NO_PSK */
+#ifdef WOLFSSL_TLS13
+ word16 group[WOLFSSL_MAX_GROUP_COUNT];
+ byte numGroups;
+#endif
+#ifdef WOLFSSL_EARLY_DATA
+ word32 maxEarlyDataSz;
+#endif
#ifdef HAVE_ANON
byte haveAnon; /* User wants to allow Anon suites */
#endif /* HAVE_ANON */
+#ifdef WOLFSSL_ENCRYPTED_KEYS
+ pem_password_cb* passwd_cb;
+ void* passwd_userdata;
+#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
- pem_password_cb passwd_cb;
- void* userdata;
-#endif /* OPENSSL_EXTRA */
+ WOLFSSL_X509_STORE x509_store; /* points to ctx->cm */
+ WOLFSSL_X509_STORE* x509_store_pt; /* take ownership of external store */
+ byte readAhead;
+ void* userPRFArg; /* passed to prf callback */
+#endif
+#ifdef HAVE_EX_DATA
+ WOLFSSL_CRYPTO_EX_DATA ex_data;
+#endif
+#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY))
+ CallbackALPNSelect alpnSelect;
+ void* alpnSelectArg;
+#endif
+#if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || \
+ defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) || \
+ defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_OPENSSH) ))
+ CallbackSniRecv sniRecvCb;
+ void* sniRecvCbArg;
+#endif
+#if defined(WOLFSSL_MULTICAST) && defined(WOLFSSL_DTLS)
+ CallbackMcastHighwater mcastHwCb; /* Sequence number highwater callback */
+ word32 mcastFirstSeq; /* first trigger level */
+ word32 mcastSecondSeq; /* second trigger level */
+ word32 mcastMaxSeq; /* max level */
+#endif
#ifdef HAVE_OCSP
WOLFSSL_OCSP ocsp;
#endif
-#ifdef HAVE_CAVIUM
- int devId; /* cavium device id to use */
-#endif
+ int devId; /* async device id to use */
#ifdef HAVE_TLS_EXTENSIONS
TLSX* extensions; /* RFC 6066 TLS Extensions data */
- #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SEVER)
+ #ifndef NO_WOLFSSL_SERVER
+ #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
+ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ OcspRequest* certOcspRequest;
+ #endif
+ #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ OcspRequest* chainOcspRequest[MAX_CHAIN_DEPTH];
+ #endif
+ #endif
+ #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)
SessionTicketEncCb ticketEncCb; /* enc/dec session ticket Cb */
void* ticketEncCtx; /* session encrypt context */
int ticketHint; /* ticket hint in seconds */
#endif
+ #ifdef HAVE_SUPPORTED_CURVES
+ byte userCurves; /* indicates user called wolfSSL_CTX_UseSupportedCurve */
+ #endif
#endif
#ifdef ATOMIC_USER
CallbackMacEncrypt MacEncryptCb; /* Atomic User Mac/Encrypt Cb */
CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */
+ #ifdef HAVE_ENCRYPT_THEN_MAC
+ CallbackEncryptMac EncryptMacCb; /* Atomic User Mac/Enc Cb */
+ CallbackVerifyDecrypt VerifyDecryptCb; /* Atomic User Dec/Verify Cb */
+ #endif
#endif
#ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC
+ CallbackEccKeyGen EccKeyGenCb; /* User EccKeyGen Callback Handler */
CallbackEccSign EccSignCb; /* User EccSign Callback handler */
CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */
+ CallbackEccSharedSecret EccSharedSecretCb; /* User EccVerify Callback handler */
+ #ifdef HAVE_ED25519
+ /* User Ed25519Sign Callback handler */
+ CallbackEd25519Sign Ed25519SignCb;
+ /* User Ed25519Verify Callback handler */
+ CallbackEd25519Verify Ed25519VerifyCb;
+ #endif
+ #ifdef HAVE_CURVE25519
+ /* User X25519 KeyGen Callback Handler */
+ CallbackX25519KeyGen X25519KeyGenCb;
+ /* User X25519 SharedSecret Callback handler */
+ CallbackX25519SharedSecret X25519SharedSecretCb;
+ #endif
+ #ifdef HAVE_ED448
+ /* User Ed448Sign Callback handler */
+ CallbackEd448Sign Ed448SignCb;
+ /* User Ed448Verify Callback handler */
+ CallbackEd448Verify Ed448VerifyCb;
+ #endif
+ #ifdef HAVE_CURVE448
+ /* User X448 KeyGen Callback Handler */
+ CallbackX448KeyGen X448KeyGenCb;
+ /* User X448 SharedSecret Callback handler */
+ CallbackX448SharedSecret X448SharedSecretCb;
+ #endif
#endif /* HAVE_ECC */
- #ifndef NO_RSA
- CallbackRsaSign RsaSignCb; /* User RsaSign Callback handler */
- CallbackRsaVerify RsaVerifyCb; /* User RsaVerify Callback handler */
+ #ifndef NO_DH
+ CallbackDhAgree DhAgreeCb; /* User DH Agree Callback handler */
+ #endif
+ #ifndef NO_RSA
+ CallbackRsaSign RsaSignCb; /* User RsaSign Callback handler (priv key) */
+ CallbackRsaVerify RsaVerifyCb; /* User RsaVerify Callback handler (pub key) */
+ CallbackRsaVerify RsaSignCheckCb; /* User VerifyRsaSign Callback handler (priv key) */
+ #ifdef WC_RSA_PSS
+ CallbackRsaPssSign RsaPssSignCb; /* User RsaSign (priv key) */
+ CallbackRsaPssVerify RsaPssVerifyCb; /* User RsaVerify (pub key) */
+ CallbackRsaPssVerify RsaPssSignCheckCb; /* User VerifyRsaSign (priv key) */
+ #endif
CallbackRsaEnc RsaEncCb; /* User Rsa Public Encrypt handler */
CallbackRsaDec RsaDecCb; /* User Rsa Private Decrypt handler */
#endif /* NO_RSA */
#endif /* HAVE_PK_CALLBACKS */
+#ifdef HAVE_WOLF_EVENT
+ WOLF_EVENT_QUEUE event_queue;
+#endif /* HAVE_WOLF_EVENT */
+#ifdef HAVE_EXT_CACHE
+ WOLFSSL_SESSION*(*get_sess_cb)(WOLFSSL*, unsigned char*, int, int*);
+ int (*new_sess_cb)(WOLFSSL*, WOLFSSL_SESSION*);
+ void (*rem_sess_cb)(WOLFSSL_CTX*, WOLFSSL_SESSION*);
+#endif
+#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256)
+ Srp* srp; /* TLS Secure Remote Password Protocol*/
+ byte* srp_password;
+#endif
};
-
WOLFSSL_LOCAL
-int InitSSL_Ctx(WOLFSSL_CTX*, WOLFSSL_METHOD*);
+int InitSSL_Ctx(WOLFSSL_CTX*, WOLFSSL_METHOD*, void* heap);
WOLFSSL_LOCAL
void FreeSSL_Ctx(WOLFSSL_CTX*);
WOLFSSL_LOCAL
@@ -1601,14 +2890,22 @@ int DeriveTlsKeys(WOLFSSL* ssl);
WOLFSSL_LOCAL
int ProcessOldClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 inSz, word16 sz);
+
#ifndef NO_CERTS
WOLFSSL_LOCAL
- int AddCA(WOLFSSL_CERT_MANAGER* ctx, buffer der, int type, int verify);
+ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify);
WOLFSSL_LOCAL
int AlreadySigner(WOLFSSL_CERT_MANAGER* cm, byte* hash);
+#ifdef WOLFSSL_TRUST_PEER_CERT
+ WOLFSSL_LOCAL
+ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify);
+ WOLFSSL_LOCAL
+ int AlreadyTrustedPeer(WOLFSSL_CERT_MANAGER* cm, byte* hash);
+#endif
#endif
-/* All cipher suite related info */
+/* All cipher suite related info
+ * Keep as a constant size (no ifdefs) for session export */
typedef struct CipherSpecs {
word16 key_size;
word16 iv_size;
@@ -1628,28 +2925,15 @@ typedef struct CipherSpecs {
void InitCipherSpecs(CipherSpecs* cs);
-/* Supported Message Authentication Codes from page 43 */
-enum MACAlgorithm {
- no_mac,
- md5_mac,
- sha_mac,
- sha224_mac,
- sha256_mac, /* needs to match external KDF_MacAlgorithm */
- sha384_mac,
- sha512_mac,
- rmd_mac,
- blake2b_mac
-};
-
-
/* Supported Key Exchange Protocols */
-enum KeyExchangeAlgorithm {
+enum KeyExchangeAlgorithm {
no_kea,
- rsa_kea,
- diffie_hellman_kea,
+ rsa_kea,
+ diffie_hellman_kea,
fortezza_kea,
psk_kea,
dhe_psk_kea,
+ ecdhe_psk_kea,
ntru_kea,
ecc_diffie_hellman_kea,
ecc_static_diffie_hellman_kea /* for verify suite only */
@@ -1658,10 +2942,26 @@ enum KeyExchangeAlgorithm {
/* Supported Authentication Schemes */
enum SignatureAlgorithm {
- anonymous_sa_algo,
- rsa_sa_algo,
- dsa_sa_algo,
- ecc_dsa_sa_algo
+ anonymous_sa_algo = 0,
+ rsa_sa_algo = 1,
+ dsa_sa_algo = 2,
+ ecc_dsa_sa_algo = 3,
+ rsa_pss_sa_algo = 8,
+ ed25519_sa_algo = 9,
+ rsa_pss_pss_algo = 10,
+ ed448_sa_algo = 11
+};
+
+#define PSS_RSAE_TO_PSS_PSS(macAlgo) \
+ (macAlgo + (pss_sha256 - sha256_mac))
+
+#define PSS_PSS_HASH_TO_MAC(macAlgo) \
+ (macAlgo - (pss_sha256 - sha256_mac))
+
+enum SigAlgRsaPss {
+ pss_sha256 = 0x09,
+ pss_sha384 = 0x0a,
+ pss_sha512 = 0x0b,
};
@@ -1672,8 +2972,8 @@ enum EccCurves {
/* Valid client certificate request types from page 27 */
-enum ClientCertificateType {
- rsa_sign = 1,
+enum ClientCertificateType {
+ rsa_sign = 1,
dss_sign = 2,
rsa_fixed_dh = 3,
dss_fixed_dh = 4,
@@ -1686,11 +2986,17 @@ enum ClientCertificateType {
};
+#ifndef WOLFSSL_AEAD_ONLY
enum CipherType { stream, block, aead };
+#else
+enum CipherType { aead };
+#endif
-
-
+#if defined(BUILD_AES) || defined(BUILD_AESGCM) || (defined(HAVE_CHACHA) && \
+ defined(HAVE_POLY1305)) || defined(WOLFSSL_TLS13)
+ #define CIPHER_NONCE
+#endif
/* cipher for now */
@@ -1703,6 +3009,13 @@ typedef struct Ciphers {
#endif
#if defined(BUILD_AES) || defined(BUILD_AESGCM)
Aes* aes;
+ #if (defined(BUILD_AESGCM) || defined(HAVE_AESCCM)) && \
+ !defined(WOLFSSL_NO_TLS12)
+ byte* additional;
+ #endif
+#endif
+#ifdef CIPHER_NONCE
+ byte* nonce;
#endif
#ifdef HAVE_CAMELLIA
Camellia* cam;
@@ -1716,6 +3029,13 @@ typedef struct Ciphers {
#ifdef BUILD_RABBIT
Rabbit* rabbit;
#endif
+#ifdef HAVE_IDEA
+ Idea* idea;
+#endif
+#if defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER)
+ Hmac* hmac;
+#endif
+ byte state;
byte setup; /* have we set it up flag for detection */
} Ciphers;
@@ -1738,21 +3058,38 @@ WOLFSSL_LOCAL void FreeCiphers(WOLFSSL* ssl);
/* hashes type */
typedef struct Hashes {
- #ifndef NO_OLD_TLS
- byte md5[MD5_DIGEST_SIZE];
+ #if !defined(NO_MD5) && !defined(NO_OLD_TLS)
+ byte md5[WC_MD5_DIGEST_SIZE];
+ #endif
+ #if !defined(NO_SHA)
+ byte sha[WC_SHA_DIGEST_SIZE];
#endif
- byte sha[SHA_DIGEST_SIZE];
#ifndef NO_SHA256
- byte sha256[SHA256_DIGEST_SIZE];
+ byte sha256[WC_SHA256_DIGEST_SIZE];
#endif
#ifdef WOLFSSL_SHA384
- byte sha384[SHA384_DIGEST_SIZE];
+ byte sha384[WC_SHA384_DIGEST_SIZE];
#endif
#ifdef WOLFSSL_SHA512
- byte sha512[SHA512_DIGEST_SIZE];
+ byte sha512[WC_SHA512_DIGEST_SIZE];
#endif
} Hashes;
+WOLFSSL_LOCAL int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes);
+
+#ifdef WOLFSSL_TLS13
+typedef union Digest {
+#ifndef NO_WOLFSSL_SHA256
+ wc_Sha256 sha256;
+#endif
+#ifdef WOLFSSL_SHA384
+ wc_Sha384 sha384;
+#endif
+#ifdef WOLFSSL_SHA512
+ wc_Sha512 sha512;
+#endif
+} Digest;
+#endif
/* Static x509 buffer */
typedef struct x509_buffer {
@@ -1770,34 +3107,74 @@ struct WOLFSSL_X509_CHAIN {
/* wolfSSL session type */
struct WOLFSSL_SESSION {
- word32 bornOn; /* create time in seconds */
- word32 timeout; /* timeout in seconds */
- byte sessionID[ID_LEN]; /* id for protocol */
- byte sessionIDSz;
- byte masterSecret[SECRET_LEN]; /* stored secret */
+ word32 bornOn; /* create time in seconds */
+ word32 timeout; /* timeout in seconds */
+ byte sessionID[ID_LEN]; /* id for protocol */
+ byte sessionIDSz;
+ byte masterSecret[SECRET_LEN]; /* stored secret */
+ word16 haveEMS; /* ext master secret flag */
#ifdef SESSION_CERTS
- WOLFSSL_X509_CHAIN chain; /* peer cert chain, static */
- ProtocolVersion version; /* which version was used */
- byte cipherSuite0; /* first byte, normally 0 */
- byte cipherSuite; /* 2nd byte, actual suite */
+#ifdef OPENSSL_EXTRA
+ WOLFSSL_X509* peer; /* peer cert */
+#endif
+ WOLFSSL_X509_CHAIN chain; /* peer cert chain, static */
+ #ifdef WOLFSSL_ALT_CERT_CHAINS
+ WOLFSSL_X509_CHAIN altChain; /* peer alt cert chain, static */
+ #endif
+#endif
+#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
+ defined(HAVE_SESSION_TICKET))
+ ProtocolVersion version; /* which version was used */
+#endif
+#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
+ (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
+ byte cipherSuite0; /* first byte, normally 0 */
+ byte cipherSuite; /* 2nd byte, actual suite */
#endif
#ifndef NO_CLIENT_CACHE
- word16 idLen; /* serverID length */
- byte serverID[SERVER_ID_LEN]; /* for easier client lookup */
+ word16 idLen; /* serverID length */
+ byte serverID[SERVER_ID_LEN]; /* for easier client lookup */
+#endif
+#ifdef OPENSSL_EXTRA
+ byte sessionCtxSz; /* sessionCtx length */
+ byte sessionCtx[ID_LEN]; /* app specific context id */
+#endif
+#ifdef WOLFSSL_TLS13
+ word16 namedGroup;
+#endif
+#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
+ #ifdef WOLFSSL_TLS13
+ word32 ticketSeen; /* Time ticket seen (ms) */
+ word32 ticketAdd; /* Added by client */
+ #ifndef WOLFSSL_TLS13_DRAFT_18
+ TicketNonce ticketNonce; /* Nonce used to derive PSK */
+ #endif
+ #endif
+ #ifdef WOLFSSL_EARLY_DATA
+ word32 maxEarlyDataSz;
+ #endif
#endif
#ifdef HAVE_SESSION_TICKET
- word16 ticketLen;
- byte ticket[SESSION_TICKET_LEN];
+ byte* ticket;
+ word16 ticketLen;
+ byte staticTicket[SESSION_TICKET_LEN];
+ byte isDynamic;
+#endif
+#ifdef HAVE_EXT_CACHE
+ byte isAlloced;
+#endif
+#ifdef HAVE_EX_DATA
+ WOLFSSL_CRYPTO_EX_DATA ex_data;
#endif
};
WOLFSSL_LOCAL
-WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*);
+WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte);
WOLFSSL_LOCAL
int SetSession(WOLFSSL*, WOLFSSL_SESSION*);
-typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int);
+typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int);
#ifndef NO_CLIENT_CACHE
WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int);
@@ -1822,11 +3199,15 @@ enum ConnectState {
/* server accept state for nonblocking restart */
enum AcceptState {
ACCEPT_BEGIN = 0,
+ ACCEPT_BEGIN_RENEG,
ACCEPT_CLIENT_HELLO_DONE,
- HELLO_VERIFY_SENT,
+ ACCEPT_HELLO_RETRY_REQUEST_DONE,
ACCEPT_FIRST_REPLY_DONE,
SERVER_HELLO_SENT,
+ SERVER_EXTENSIONS_SENT,
CERT_SENT,
+ CERT_VERIFY_SENT,
+ CERT_STATUS_SENT,
KEY_EXCHANGE_SENT,
CERT_REQ_SENT,
SERVER_HELLO_DONE,
@@ -1837,12 +3218,34 @@ enum AcceptState {
ACCEPT_THIRD_REPLY_DONE
};
+/* TLS 1.3 server accept state for nonblocking restart */
+enum AcceptStateTls13 {
+ TLS13_ACCEPT_BEGIN = 0,
+ TLS13_ACCEPT_BEGIN_RENEG,
+ TLS13_ACCEPT_CLIENT_HELLO_DONE,
+ TLS13_ACCEPT_HELLO_RETRY_REQUEST_DONE,
+ TLS13_ACCEPT_FIRST_REPLY_DONE,
+ TLS13_ACCEPT_SECOND_REPLY_DONE,
+ TLS13_SERVER_HELLO_SENT,
+ TLS13_ACCEPT_THIRD_REPLY_DONE,
+ TLS13_SERVER_EXTENSIONS_SENT,
+ TLS13_CERT_REQ_SENT,
+ TLS13_CERT_SENT,
+ TLS13_CERT_VERIFY_SENT,
+ TLS13_ACCEPT_FINISHED_SENT,
+ TLS13_PRE_TICKET_SENT,
+ TLS13_ACCEPT_FINISHED_DONE,
+ TLS13_TICKET_SENT
+};
+/* buffers for struct WOLFSSL */
typedef struct Buffers {
bufferStatic inputBuffer;
bufferStatic outputBuffer;
- buffer domainName; /* for client check */
+ buffer domainName; /* for client check */
buffer clearOutputBuffer;
+ buffer sig; /* signature data */
+ buffer digest; /* digest data */
int prevSent; /* previous plain text bytes sent
when got WANT_WRITE */
int plainSz; /* plain text bytes in buffer to send
@@ -1856,69 +3259,135 @@ typedef struct Buffers {
buffer serverDH_G; /* WOLFSSL_CTX owns, unless we own */
buffer serverDH_Pub;
buffer serverDH_Priv;
+ DhKey* serverDH_Key;
#endif
#ifndef NO_CERTS
- buffer certificate; /* WOLFSSL_CTX owns, unless we own */
- buffer key; /* WOLFSSL_CTX owns, unless we own */
- buffer certChain; /* WOLFSSL_CTX owns, unless we own */
+ DerBuffer* certificate; /* WOLFSSL_CTX owns, unless we own */
+ DerBuffer* key; /* WOLFSSL_CTX owns, unless we own */
+ byte keyType:7; /* Type of key: RSA, ECC, Ed25519 */
+ byte keyId:1; /* Key data is an id not data */
+ int keySz; /* Size of RSA key */
+ int keyDevId; /* Device Id for key */
+ DerBuffer* certChain; /* WOLFSSL_CTX owns, unless we own */
/* chain after self, in DER, with leading size for each cert */
+#ifdef WOLFSSL_TLS13
+ int certChainCnt;
+ DerBuffer* certExts;
+#endif
+#endif
+#ifdef WOLFSSL_SEND_HRR_COOKIE
+ buffer tls13CookieSecret; /* HRR cookie secret */
#endif
#ifdef WOLFSSL_DTLS
- WOLFSSL_DTLS_CTX dtlsCtx; /* DTLS connection context */
+ WOLFSSL_DTLS_CTX dtlsCtx; /* DTLS connection context */
+ #ifndef NO_WOLFSSL_SERVER
+ buffer dtlsCookieSecret; /* DTLS cookie secret */
+ #endif /* NO_WOLFSSL_SERVER */
#endif
#ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC
buffer peerEccDsaKey; /* we own for Ecc Verify Callbacks */
#endif /* HAVE_ECC */
+ #ifdef HAVE_ED25519
+ buffer peerEd25519Key; /* for Ed25519 Verify Callbacks */
+ #endif /* HAVE_ED25519 */
+ #ifdef HAVE_ED448
+ buffer peerEd448Key; /* for Ed448 Verify Callbacks */
+ #endif /* HAVE_ED448 */
#ifndef NO_RSA
buffer peerRsaKey; /* we own for Rsa Verify Callbacks */
#endif /* NO_RSA */
#endif /* HAVE_PK_CALLBACKS */
} Buffers;
+/* sub-states for send/do key share (key exchange) */
+enum asyncState {
+ TLS_ASYNC_BEGIN = 0,
+ TLS_ASYNC_BUILD,
+ TLS_ASYNC_DO,
+ TLS_ASYNC_VERIFY,
+ TLS_ASYNC_FINALIZE,
+ TLS_ASYNC_END
+};
+
+/* sub-states for build message */
+enum buildMsgState {
+ BUILD_MSG_BEGIN = 0,
+ BUILD_MSG_SIZE,
+ BUILD_MSG_HASH,
+ BUILD_MSG_VERIFY_MAC,
+ BUILD_MSG_ENCRYPT,
+ BUILD_MSG_ENCRYPTED_VERIFY_MAC,
+};
+
+/* sub-states for cipher operations */
+enum cipherState {
+ CIPHER_STATE_BEGIN = 0,
+ CIPHER_STATE_DO,
+ CIPHER_STATE_END,
+};
+
typedef struct Options {
#ifndef NO_PSK
- psk_client_callback client_psk_cb;
- psk_server_callback server_psk_cb;
- word16 havePSK:1; /* psk key set by user */
+ wc_psk_client_callback client_psk_cb;
+ wc_psk_server_callback server_psk_cb;
+#ifdef WOLFSSL_TLS13
+ wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */
+ wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */
+#endif
#endif /* NO_PSK */
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+ unsigned long mask; /* store SSL_OP_ flags */
+#endif
/* on/off or small bit flags, optimize layout */
+#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
+ word16 havePSK:1; /* psk key set by user */
+#endif /* HAVE_SESSION_TICKET || !NO_PSK */
word16 sendVerify:2; /* false = 0, true = 1, sendBlank = 2 */
word16 sessionCacheOff:1;
word16 sessionCacheFlushOff:1;
- word16 side:1; /* client or server end */
+#ifdef HAVE_EXT_CACHE
+ word16 internalCacheOff:1;
+#endif
+ word16 side:2; /* client, server or neither end */
word16 verifyPeer:1;
word16 verifyNone:1;
word16 failNoCert:1;
+ word16 failNoCertxPSK:1; /* fail for no cert except with PSK */
word16 downgrade:1; /* allow downgrade of versions */
word16 resuming:1;
word16 haveSessionId:1; /* server may not send */
word16 tls:1; /* using TLS ? */
word16 tls1_1:1; /* using TLSv1.1+ ? */
+ word16 tls1_3:1; /* using TLSv1.3+ ? */
word16 dtls:1; /* using datagrams ? */
word16 connReset:1; /* has the peer reset */
word16 isClosed:1; /* if we consider conn closed */
- word16 closeNotify:1; /* we've recieved a close notify */
+ word16 closeNotify:1; /* we've received a close notify */
word16 sentNotify:1; /* we've sent a close notify */
word16 usingCompression:1; /* are we using compression */
word16 haveRSA:1; /* RSA available */
+ word16 haveECC:1; /* ECC available */
word16 haveDH:1; /* server DH parms set by user */
word16 haveNTRU:1; /* server NTRU private key loaded */
+ word16 haveQSH:1; /* have QSH ability */
word16 haveECDSAsig:1; /* server ECDSA signed cert */
word16 haveStaticECC:1; /* static server ECC private key */
word16 havePeerCert:1; /* do we have peer's cert */
word16 havePeerVerify:1; /* and peer's cert verify */
word16 usingPSK_cipher:1; /* are using psk as cipher */
word16 usingAnon_cipher:1; /* are we using an anon cipher */
+ word16 noPskDheKe:1; /* Don't use (EC)DHE with PSK */
word16 sendAlertState:1; /* nonblocking resume */
word16 partialWrite:1; /* only one msg per write call */
word16 quietShutdown:1; /* don't send close notify */
word16 certOnly:1; /* stop once we get cert */
word16 groupMessages:1; /* group handshake messages */
- word16 usingNonblock:1; /* are we using nonblocking socket */
word16 saveArrays:1; /* save array Memory for user get keys
or psk */
+ word16 weOwnRng:1; /* will be true unless CTX owns */
+ word16 haveEMS:1; /* using extended master secret */
#ifdef HAVE_POLY1305
word16 oldPoly:1; /* set when to use old rfc way of poly*/
#endif
@@ -1928,6 +3397,58 @@ typedef struct Options {
#ifdef HAVE_SESSION_TICKET
word16 createTicket:1; /* Server to create new Ticket */
word16 useTicket:1; /* Use Ticket not session cache */
+ word16 rejectTicket:1; /* Callback rejected ticket */
+#ifdef WOLFSSL_TLS13
+ word16 noTicketTls13:1; /* Server won't create new Ticket */
+#endif
+#endif
+#ifdef WOLFSSL_DTLS
+ word16 dtlsUseNonblock:1; /* are we using nonblocking socket */
+ word16 dtlsHsRetain:1; /* DTLS retaining HS data */
+ word16 haveMcast:1; /* using multicast ? */
+#ifdef WOLFSSL_SCTP
+ word16 dtlsSctp:1; /* DTLS-over-SCTP mode */
+#endif
+#endif
+#if defined(HAVE_TLS_EXTENSIONS) && defined(HAVE_SUPPORTED_CURVES)
+ word16 userCurves:1; /* indicates user called wolfSSL_UseSupportedCurve */
+#endif
+ word16 keepResources:1; /* Keep resources after handshake */
+ word16 useClientOrder:1; /* Use client's cipher order */
+ word16 mutualAuth:1; /* Mutual authentication is rquired */
+#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
+ word16 postHandshakeAuth:1;/* Client send post_handshake_auth
+ * extension */
+#endif
+#if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER)
+ word16 sendCookie:1; /* Server creates a Cookie in HRR */
+#endif
+#ifdef WOLFSSL_ALT_CERT_CHAINS
+ word16 usingAltCertChain:1;/* Alternate cert chain was used */
+#endif
+#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT)
+ word16 sentChangeCipher:1; /* Change Cipher Spec sent */
+#endif
+#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
+ ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+ (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
+ word16 cacheMessages:1; /* Cache messages for sign/verify */
+#endif
+#ifndef NO_DH
+ #if !defined(WOLFSSL_OLD_PRIME_CHECK) && \
+ !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
+ word16 dhDoKeyTest:1; /* Need to do the DH Key prime test */
+ word16 dhKeyTested:1; /* Set when key has been tested. */
+ #endif
+#endif
+#ifdef SINGLE_THREADED
+ word16 ownSuites:1; /* if suites are malloced in ssl object */
+#endif
+#ifdef HAVE_ENCRYPT_THEN_MAC
+ word16 disallowEncThenMac:1; /* Don't do Encrypt-Then-MAC */
+ word16 encThenMac:1; /* Doing Encrypt-Then-MAC */
+ word16 startedETMRead:1; /* Doing Encrypt-Then-MAC read */
+ word16 startedETMWrite:1; /* Doing Encrypt-Then-MAC write */
#endif
/* need full byte values for this section */
@@ -1941,31 +3462,64 @@ typedef struct Options {
byte minDowngrade; /* minimum downgrade version */
byte connectState; /* nonblocking resume */
byte acceptState; /* nonblocking resume */
+ byte asyncState; /* sub-state for enum asyncState */
+ byte buildMsgState; /* sub-state for enum buildMsgState */
+ byte alertCount; /* detect warning dos attempt */
+#ifdef WOLFSSL_MULTICAST
+ word16 mcastID; /* Multicast group ID */
+#endif
#ifndef NO_DH
word16 minDhKeySz; /* minimum DH key size */
+ word16 maxDhKeySz; /* minimum DH key size */
word16 dhKeySz; /* actual DH key size */
#endif
-
+#ifndef NO_RSA
+ short minRsaKeySz; /* minimum RSA key size */
+#endif
+#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
+ short minEccKeySz; /* minimum ECC key size */
+#endif
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+ byte verifyDepth; /* maximum verification depth */
+#endif
+#ifdef WOLFSSL_EARLY_DATA
+ word16 pskIdIndex;
+ word32 maxEarlyDataSz;
+#endif
+#ifdef WOLFSSL_TLS13
+ byte oldMinor; /* client preferred version < TLS 1.3 */
+#endif
} Options;
typedef struct Arrays {
+ byte* pendingMsg; /* defrag buffer */
+ byte* preMasterSecret;
word32 preMasterSz; /* differs for DH, actual size */
-#ifndef NO_PSK
- word32 psk_keySz; /* acutal size */
- char client_identity[MAX_PSK_ID_LEN];
- char server_hint[MAX_PSK_ID_LEN];
+ word32 pendingMsgSz; /* defrag buffer size */
+ word32 pendingMsgOffset; /* current offset into defrag buffer */
+#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
+ word32 psk_keySz; /* actual size */
+ char client_identity[MAX_PSK_ID_LEN + NULL_TERM_LEN];
+ char server_hint[MAX_PSK_ID_LEN + NULL_TERM_LEN];
byte psk_key[MAX_PSK_KEY_LEN];
#endif
byte clientRandom[RAN_LEN];
byte serverRandom[RAN_LEN];
byte sessionID[ID_LEN];
byte sessionIDSz;
- byte preMasterSecret[ENCRYPT_LEN];
+#ifdef WOLFSSL_TLS13
+ byte secret[SECRET_LEN];
+#endif
byte masterSecret[SECRET_LEN];
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION)
+ byte tsip_masterSecret[TSIP_TLS_MASTERSECRET_SIZE];
+#endif
#ifdef WOLFSSL_DTLS
byte cookie[MAX_COOKIE_LEN];
byte cookieSz;
#endif
+ byte pendingMsgType; /* defrag buffer message type */
} Arrays;
#ifndef ASN_NAME_MAX
@@ -1976,78 +3530,171 @@ typedef struct Arrays {
#define MAX_DATE_SZ 32
#endif
+#define STACK_TYPE_X509 0
+#define STACK_TYPE_GEN_NAME 1
+#define STACK_TYPE_BIO 2
+#define STACK_TYPE_OBJ 3
+#define STACK_TYPE_STRING 4
+#define STACK_TYPE_CIPHER 5
+#define STACK_TYPE_ACCESS_DESCRIPTION 6
+#define STACK_TYPE_X509_EXT 7
+#define STACK_TYPE_NULL 8
+#define STACK_TYPE_X509_NAME 9
+#define STACK_TYPE_CONF_VALUE 10
+#define STACK_TYPE_X509_INFO 11
+
+struct WOLFSSL_STACK {
+ unsigned long num; /* number of nodes in stack
+ * (safety measure for freeing and shortcut for count) */
+ #if defined(OPENSSL_ALL)
+ wolf_sk_compare_cb comp;
+ #endif
+
+ union {
+ WOLFSSL_X509* x509;
+ WOLFSSL_X509_NAME* name;
+ WOLFSSL_X509_INFO* info;
+ WOLFSSL_BIO* bio;
+ WOLFSSL_ASN1_OBJECT* obj;
+ WOLFSSL_CIPHER cipher;
+ WOLFSSL_ACCESS_DESCRIPTION* access;
+ WOLFSSL_X509_EXTENSION* ext;
+ WOLFSSL_CONF_VALUE* conf;
+ void* generic;
+ char* string;
+ WOLFSSL_GENERAL_NAME* gn;
+ } data;
+ void* heap; /* memory heap hint */
+ WOLFSSL_STACK* next;
+ byte type; /* Identifies type of stack. */
+};
+
struct WOLFSSL_X509_NAME {
char *name;
- char staticName[ASN_NAME_MAX];
int dynamicName;
int sz;
-#ifdef OPENSSL_EXTRA
+ char staticName[ASN_NAME_MAX];
+#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
+ !defined(NO_ASN)
DecodedName fullName;
+ WOLFSSL_X509_NAME_ENTRY cnEntry;
+ WOLFSSL_X509_NAME_ENTRY extra[MAX_NAME_ENTRIES]; /* extra entries added */
+ WOLFSSL_X509* x509; /* x509 that struct belongs to */
#endif /* OPENSSL_EXTRA */
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
+ byte raw[ASN_NAME_MAX];
+ int rawLen;
+#endif
};
#ifndef EXTERNAL_SERIAL_SIZE
#define EXTERNAL_SERIAL_SIZE 32
#endif
-#ifdef NO_ASN
+#ifdef NO_ASN
typedef struct DNS_entry DNS_entry;
#endif
struct WOLFSSL_X509 {
int version;
- WOLFSSL_X509_NAME issuer;
- WOLFSSL_X509_NAME subject;
int serialSz;
- byte serial[EXTERNAL_SERIAL_SIZE];
- char subjectCN[ASN_NAME_MAX]; /* common name short cut */
#ifdef WOLFSSL_SEP
int deviceTypeSz;
- byte deviceType[EXTERNAL_SERIAL_SIZE];
int hwTypeSz;
+ byte deviceType[EXTERNAL_SERIAL_SIZE];
byte hwType[EXTERNAL_SERIAL_SIZE];
int hwSerialNumSz;
byte hwSerialNum[EXTERNAL_SERIAL_SIZE];
- #ifdef OPENSSL_EXTRA
- byte certPolicySet;
- byte certPolicyCrit;
- #endif /* OPENSSL_EXTRA */
-#endif
- int notBeforeSz;
- byte notBefore[MAX_DATE_SZ];
- int notAfterSz;
- byte notAfter[MAX_DATE_SZ];
- int sigOID;
+#endif /* WOLFSSL_SEP */
+#if (defined(WOLFSSL_SEP) || defined(WOLFSSL_QT) || defined (OPENSSL_ALL)) && \
+ (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
+ byte certPolicySet;
+ byte certPolicyCrit;
+#endif /* (WOLFSSL_SEP || WOLFSSL_QT) && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */
+#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
+ WOLFSSL_STACK* ext_sk; /* Store X509_EXTENSIONS from wolfSSL_X509_get_ext */
+ WOLFSSL_STACK* ext_d2i;/* Store d2i extensions from wolfSSL_X509_get_ext_d2i */
+#endif /* WOLFSSL_QT || OPENSSL_ALL */
+#ifdef OPENSSL_EXTRA
+ WOLFSSL_ASN1_INTEGER* serialNumber; /* Stores SN from wolfSSL_X509_get_serialNumber */
+#endif
+ WOLFSSL_ASN1_TIME notBefore;
+ WOLFSSL_ASN1_TIME notAfter;
buffer sig;
- int pubKeyOID;
- buffer pubKey;
- #ifdef HAVE_ECC
- word32 pkCurveOID;
- #endif /* HAVE_ECC */
- buffer derCert; /* may need */
+ int sigOID;
DNS_entry* altNames; /* alt names list */
+ buffer pubKey;
+ int pubKeyOID;
DNS_entry* altNamesNext; /* hint for retrieval */
+#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
+ word32 pkCurveOID;
+#endif /* HAVE_ECC */
+#ifndef NO_CERTS
+ DerBuffer* derCert; /* may need */
+#endif
+ void* heap; /* heap hint */
byte dynamicMemory; /* dynamic memory flag */
- byte isCa;
-#ifdef OPENSSL_EXTRA
+ byte isCa:1;
+#ifdef WOLFSSL_CERT_EXT
+ char certPolicies[MAX_CERTPOL_NB][MAX_CERTPOL_SZ];
+ int certPoliciesNb;
+#endif /* WOLFSSL_CERT_EXT */
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
+ wolfSSL_Mutex refMutex; /* ref count mutex */
+ int refCount; /* reference count */
+#endif
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+#ifdef HAVE_EX_DATA
+ WOLFSSL_CRYPTO_EX_DATA ex_data;
+#endif
+ byte* authKeyId;
+ byte* subjKeyId;
+ byte* extKeyUsageSrc;
+ const byte* CRLInfo;
+ byte* authInfo;
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+ byte* authInfoCaIssuer;
+ int authInfoCaIssuerSz;
+#endif
word32 pathLength;
word16 keyUsage;
- byte basicConstSet;
- byte basicConstCrit;
- byte basicConstPlSet;
- byte subjAltNameSet;
- byte subjAltNameCrit;
- byte authKeyIdSet;
- byte authKeyIdCrit;
- byte* authKeyId;
+ int CRLInfoSz;
+ int authInfoSz;
word32 authKeyIdSz;
- byte subjKeyIdSet;
- byte subjKeyIdCrit;
- byte* subjKeyId;
word32 subjKeyIdSz;
- byte keyUsageSet;
- byte keyUsageCrit;
-#endif /* OPENSSL_EXTRA */
+ word32 extKeyUsageSz;
+ word32 extKeyUsageCount;
+
+ byte CRLdistSet:1;
+ byte CRLdistCrit:1;
+ byte authInfoSet:1;
+ byte authInfoCrit:1;
+ byte keyUsageSet:1;
+ byte keyUsageCrit:1;
+ byte extKeyUsageCrit:1;
+ byte subjKeyIdSet:1;
+
+ byte subjKeyIdCrit:1;
+ byte basicConstSet:1;
+ byte basicConstCrit:1;
+ byte basicConstPlSet:1;
+ byte subjAltNameSet:1;
+ byte subjAltNameCrit:1;
+ byte authKeyIdSet:1;
+ byte authKeyIdCrit:1;
+#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
+ byte serial[EXTERNAL_SERIAL_SIZE];
+ char subjectCN[ASN_NAME_MAX]; /* common name short cut */
+#ifdef WOLFSSL_CERT_REQ
+ char challengePw[CTC_NAME_SIZE]; /* for REQ certs */
+#endif
+ WOLFSSL_X509_NAME issuer;
+ WOLFSSL_X509_NAME subject;
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS)
+ WOLFSSL_X509_ALGOR algor;
+ WOLFSSL_X509_PUBKEY key;
+#endif
+ byte issuerSet:1;
};
@@ -2065,25 +3712,27 @@ typedef struct DtlsRecordLayerHeader {
byte type;
byte pvMajor;
byte pvMinor;
- byte epoch[2]; /* increment on cipher state change */
- byte sequence_number[6]; /* per record */
+ byte sequence_number[8]; /* per record */
byte length[2];
} DtlsRecordLayerHeader;
-typedef struct DtlsPool {
- buffer buf[DTLS_POOL_SZ];
- int used;
-} DtlsPool;
+typedef struct DtlsFrag {
+ word32 begin;
+ word32 end;
+ struct DtlsFrag* next;
+} DtlsFrag;
+
typedef struct DtlsMsg {
struct DtlsMsg* next;
- word32 seq; /* Handshake sequence number */
- word32 sz; /* Length of whole mesage */
- word32 fragSz; /* Length of fragments received */
- byte type;
byte* buf;
byte* msg;
+ DtlsFrag* fragList;
+ word32 fragSz; /* Length of fragments received */
+ word32 seq; /* Handshake sequence number */
+ word32 sz; /* Length of whole message */
+ byte type;
} DtlsMsg;
@@ -2099,21 +3748,25 @@ typedef struct DtlsMsg {
#endif
-
-/* Handshake messages recevied from peer (plus change cipher */
+/* Handshake messages received from peer (plus change cipher */
typedef struct MsgsReceived {
word16 got_hello_request:1;
- word16 got_client_hello:1;
- word16 got_server_hello:1;
+ word16 got_client_hello:2;
+ word16 got_server_hello:2;
word16 got_hello_verify_request:1;
word16 got_session_ticket:1;
+ word16 got_end_of_early_data:1;
+ word16 got_hello_retry_request:1;
+ word16 got_encrypted_extensions:1;
word16 got_certificate:1;
+ word16 got_certificate_status:1;
word16 got_server_key_exchange:1;
word16 got_certificate_request:1;
word16 got_server_hello_done:1;
word16 got_certificate_verify:1;
word16 got_client_key_exchange:1;
word16 got_finished:1;
+ word16 got_key_update:1;
word16 got_change_cipher:1;
} MsgsReceived;
@@ -2122,48 +3775,127 @@ typedef struct MsgsReceived {
typedef struct HS_Hashes {
Hashes verifyHashes;
Hashes certHashes; /* for cert verify */
-#ifndef NO_OLD_TLS
#ifndef NO_SHA
- Sha hashSha; /* sha hash of handshake msgs */
+ wc_Sha hashSha; /* sha hash of handshake msgs */
#endif
-#ifndef NO_MD5
- Md5 hashMd5; /* md5 hash of handshake msgs */
+#if !defined(NO_MD5) && !defined(NO_OLD_TLS)
+ wc_Md5 hashMd5; /* md5 hash of handshake msgs */
#endif
-#endif /* NO_OLD_TLS */
#ifndef NO_SHA256
- Sha256 hashSha256; /* sha256 hash of handshake msgs */
+ wc_Sha256 hashSha256; /* sha256 hash of handshake msgs */
#endif
#ifdef WOLFSSL_SHA384
- Sha384 hashSha384; /* sha384 hash of handshake msgs */
+ wc_Sha384 hashSha384; /* sha384 hash of handshake msgs */
#endif
#ifdef WOLFSSL_SHA512
- Sha512 hashSha512; /* sha512 hash of handshake msgs */
+ wc_Sha512 hashSha512; /* sha512 hash of handshake msgs */
+#endif
+#if (defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
+ !defined(WOLFSSL_NO_CLIENT_AUTH)
+ byte* messages; /* handshake messages */
+ int length; /* length of handshake messages' data */
+ int prevLen; /* length of messages but last */
#endif
} HS_Hashes;
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #define MAX_ASYNC_ARGS 18
+ typedef void (*FreeArgsCb)(struct WOLFSSL* ssl, void* pArgs);
+
+ struct WOLFSSL_ASYNC {
+ WC_ASYNC_DEV* dev;
+ FreeArgsCb freeArgs; /* function pointer to cleanup args */
+ word32 args[MAX_ASYNC_ARGS]; /* holder for current args */
+ };
+#endif
+
+#ifdef HAVE_WRITE_DUP
+
+ #define WRITE_DUP_SIDE 1
+ #define READ_DUP_SIDE 2
+
+ typedef struct WriteDup {
+ wolfSSL_Mutex dupMutex; /* reference count mutex */
+ int dupCount; /* reference count */
+ int dupErr; /* under dupMutex, pass to other side */
+ } WriteDup;
+
+ WOLFSSL_LOCAL void FreeWriteDup(WOLFSSL* ssl);
+ WOLFSSL_LOCAL int NotifyWriteSide(WOLFSSL* ssl, int err);
+#endif /* HAVE_WRITE_DUP */
+
+#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
+typedef struct CertReqCtx CertReqCtx;
+
+struct CertReqCtx {
+ CertReqCtx* next;
+ byte len;
+ byte ctx;
+};
+#endif
+
+#ifdef WOLFSSL_EARLY_DATA
+typedef enum EarlyDataState {
+ no_early_data,
+ early_data_ext,
+ expecting_early_data,
+ process_early_data,
+ done_early_data
+} EarlyDataState;
+#endif
+
/* wolfSSL ssl type */
struct WOLFSSL {
WOLFSSL_CTX* ctx;
Suites* suites; /* only need during handshake */
Arrays* arrays;
+#ifdef WOLFSSL_TLS13
+ byte clientSecret[SECRET_LEN];
+ byte serverSecret[SECRET_LEN];
+#endif
HS_Hashes* hsHashes;
void* IOCB_ReadCtx;
void* IOCB_WriteCtx;
- RNG* rng;
+ WC_RNG* rng;
void* verifyCbCtx; /* cert verify callback user ctx*/
VerifyCallback verifyCallback; /* cert verification callback */
void* heap; /* for user overrides */
+#ifdef HAVE_WRITE_DUP
+ WriteDup* dupWrite; /* valid pointer indicates ON */
+ /* side that decrements dupCount to zero frees overall structure */
+ byte dupSide; /* write side or read side */
+#endif
+#ifdef OPENSSL_EXTRA
+ byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */
+#endif
+ CallbackIORecv CBIORecv;
+ CallbackIOSend CBIOSend;
+#ifdef WOLFSSL_STATIC_MEMORY
+ WOLFSSL_HEAP_HINT heap_hint;
+#endif
#ifndef NO_HANDSHAKE_DONE_CB
HandShakeDoneCb hsDoneCb; /* notify user handshake done */
void* hsDoneCtx; /* user handshake cb context */
#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ struct WOLFSSL_ASYNC async;
+#elif defined(WOLFSSL_NONBLOCK_OCSP)
+ void* nonblockarg; /* dynamic arg for handling non-block resume */
+#endif
+ void* hsKey; /* Handshake key (RsaKey or ecc_key) allocated from heap */
+ word32 hsType; /* Type of Handshake key (hsKey) */
WOLFSSL_CIPHER cipher;
+#ifndef WOLFSSL_AEAD_ONLY
hmacfp hmac;
+#endif
Ciphers encrypt;
Ciphers decrypt;
Buffers buffers;
WOLFSSL_SESSION session;
+#ifdef HAVE_EXT_CACHE
+ WOLFSSL_SESSION* extSession;
+#endif
WOLFSSL_ALERT_HISTORY alert_history;
int error;
int rfd; /* read file descriptor */
@@ -2171,7 +3903,9 @@ struct WOLFSSL {
int rflags; /* user read flags */
int wflags; /* user write flags */
word32 timeout; /* session timeout */
+ word32 fragOffset; /* fragment offset */
word16 curSize;
+ byte verifyDepth;
RecordLayerHeader curRL;
MsgsReceived msgsReceived; /* peer messages received */
ProtocolVersion version; /* negotiated version */
@@ -2180,27 +3914,96 @@ struct WOLFSSL {
Keys keys;
Options options;
#ifdef OPENSSL_EXTRA
+ CallbackInfoState* CBIS; /* used to get info about SSL state */
+ int cbmode; /* read or write on info callback */
+ int cbtype; /* event type in info callback */
WOLFSSL_BIO* biord; /* socket bio read to free/close */
WOLFSSL_BIO* biowr; /* socket bio write to free/close */
+ byte sessionCtx[ID_LEN]; /* app session context ID */
+ WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/
+#endif
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+ unsigned long peerVerifyRet;
#endif
+#ifdef OPENSSL_EXTRA
+ byte readAhead;
+ byte sessionCtxSz; /* size of sessionCtx stored */
+#ifdef HAVE_PK_CALLBACKS
+ void* loggingCtx; /* logging callback argument */
+#endif
+#endif /* OPENSSL_EXTRA */
#ifndef NO_RSA
RsaKey* peerRsaKey;
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
+ byte *peerTsipEncRsaKeyIndex;
+#endif
byte peerRsaKeyPresent;
#endif
+#ifdef HAVE_QSH
+ QSHKey* QSH_Key;
+ QSHKey* peerQSHKey;
+ QSHSecret* QSH_secret;
+ byte isQSH; /* is the handshake a QSH? */
+ byte sendQSHKeys; /* flag for if the client should sen
+ public keys */
+ byte peerQSHKeyPresent;
+ byte minRequest;
+ byte maxRequest;
+ byte user_set_QSHSchemes;
+#endif
+#if defined(WOLFSSL_TLS13) || defined(HAVE_FFDHE)
+ word16 namedGroup;
+#endif
+#ifdef WOLFSSL_TLS13
+ word16 group[WOLFSSL_MAX_GROUP_COUNT];
+ byte numGroups;
+#endif
+ word16 pssAlgo;
+#ifdef WOLFSSL_TLS13
+ #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22)
+ word16 certHashSigAlgoSz; /* SigAlgoCert ext length in bytes */
+ byte certHashSigAlgo[WOLFSSL_MAX_SIGALGO]; /* cert sig/algo to
+ * offer */
+ #endif /* !WOLFSSL_TLS13_DRAFT_18 && !WOLFSSL_TLS13_DRAFT_22 */
+#endif
#ifdef HAVE_NTRU
word16 peerNtruKeyLen;
byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ];
byte peerNtruKeyPresent;
#endif
+#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
+ int eccVerifyRes;
+#endif
+#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
+ word32 ecdhCurveOID; /* curve Ecc_Sum */
+ ecc_key* eccTempKey; /* private ECDHE key */
+ byte eccTempKeyPresent; /* also holds type */
+ byte peerEccKeyPresent;
+#endif
#ifdef HAVE_ECC
ecc_key* peerEccKey; /* peer's ECDHE key */
ecc_key* peerEccDsaKey; /* peer's ECDSA key */
- ecc_key* eccTempKey; /* private ECDHE key */
- word32 pkCurveOID; /* curve Ecc_Sum */
word16 eccTempKeySz; /* in octets 20 - 66 */
- byte peerEccKeyPresent;
byte peerEccDsaKeyPresent;
- byte eccTempKeyPresent;
+#endif
+#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_CURVE448)
+ word32 pkCurveOID; /* curve Ecc_Sum */
+#endif
+#ifdef HAVE_ED25519
+ ed25519_key* peerEd25519Key;
+ byte peerEd25519KeyPresent;
+#endif
+#ifdef HAVE_CURVE25519
+ curve25519_key* peerX25519Key;
+ byte peerX25519KeyPresent;
+#endif
+#ifdef HAVE_ED448
+ ed448_key* peerEd448Key;
+ byte peerEd448KeyPresent;
+#endif
+#ifdef HAVE_CURVE448
+ curve448_key* peerX448Key;
+ byte peerX448KeyPresent;
#endif
#ifdef HAVE_LIBZ
z_stream c_stream; /* compression stream */
@@ -2208,17 +4011,39 @@ struct WOLFSSL {
byte didStreamInit; /* for stream init and end */
#endif
#ifdef WOLFSSL_DTLS
- int dtls_timeout_init; /* starting timeout vaule */
+ int dtls_timeout_init; /* starting timeout value */
int dtls_timeout_max; /* maximum timeout value */
int dtls_timeout; /* current timeout value, changes */
- DtlsPool* dtls_pool;
- DtlsMsg* dtls_msg_list;
+ word32 dtls_tx_msg_list_sz;
+ word32 dtls_rx_msg_list_sz;
+ DtlsMsg* dtls_tx_msg_list;
+ DtlsMsg* dtls_tx_msg;
+ DtlsMsg* dtls_rx_msg_list;
void* IOCB_CookieCtx; /* gen cookie ctx */
word32 dtls_expected_rx;
-#endif
+#ifdef WOLFSSL_SESSION_EXPORT
+ wc_dtls_export dtls_export; /* export function for session */
+#endif
+#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
+ word16 dtlsMtuSz;
+#endif /* WOLFSSL_SCTP || WOLFSSL_DTLS_MTU */
+#ifdef WOLFSSL_MULTICAST
+ void* mcastHwCbCtx; /* Multicast highwater callback ctx */
+#endif /* WOLFSSL_MULTICAST */
+#ifdef WOLFSSL_DTLS_DROP_STATS
+ word32 macDropCount;
+ word32 replayDropCount;
+#endif /* WOLFSSL_DTLS_DROP_STATS */
+#endif /* WOLFSSL_DTLS */
#ifdef WOLFSSL_CALLBACKS
- HandShakeInfo handShakeInfo; /* info saved during handshake */
TimeoutInfo timeoutInfo; /* info saved during handshake */
+ HandShakeInfo handShakeInfo; /* info saved during handshake */
+#endif
+#ifdef OPENSSL_EXTRA
+ SSL_Msg_Cb protoMsgCb; /* inspect protocol message callback */
+ void* protoMsgCtx; /* user set context with msg callback */
+#endif
+#if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
byte hsInfoOn; /* track handshake info */
byte toInfoOn; /* track timeout info */
#endif
@@ -2226,15 +4051,22 @@ struct WOLFSSL {
CallbackFuzzer fuzzerCb; /* for testing with using fuzzer */
void* fuzzerCtx; /* user defined pointer */
#endif
+#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
+ CertReqCtx* certReqCtx;
+#endif
#ifdef KEEP_PEER_CERT
WOLFSSL_X509 peerCert; /* X509 peer cert */
#endif
-#ifdef FORTRESS
- void* ex_data[MAX_EX_DATA]; /* external data, for Fortress */
+#ifdef KEEP_OUR_CERT
+ WOLFSSL_X509* ourCert; /* keep alive a X509 struct of cert.
+ points to ctx if not owned (owned
+ flag found in buffers.weOwnCert) */
#endif
-#ifdef HAVE_CAVIUM
- int devId; /* cavium device id to use */
+ byte keepCert; /* keep certificate after handshake */
+#if defined(HAVE_EX_DATA) || defined(FORTRESS)
+ WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data, for Fortress */
#endif
+ int devId; /* async device id to use */
#ifdef HAVE_ONE_TIME_AUTH
OneTimeAuth auth;
#endif
@@ -2246,33 +4078,93 @@ struct WOLFSSL {
#ifdef HAVE_TRUNCATED_HMAC
byte truncated_hmac;
#endif
- #ifdef HAVE_SECURE_RENEGOTIATION
+ #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
+ byte status_request;
+ #endif
+ #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
+ byte status_request_v2;
+ #endif
+ #if defined(HAVE_SECURE_RENEGOTIATION) \
+ || defined(HAVE_SERVER_RENEGOTIATION_INFO)
+ int secure_rene_count; /* how many times */
SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */
#endif /* user turned on */
+ #ifdef HAVE_ALPN
+ char* alpn_client_list; /* keep the client's list */
+ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+ CallbackALPNSelect alpnSelect;
+ void* alpnSelectArg;
+ #endif
+ #endif /* of accepted protocols */
#if !defined(NO_WOLFSSL_CLIENT) && defined(HAVE_SESSION_TICKET)
CallbackSessionTicket session_ticket_cb;
void* session_ticket_ctx;
byte expect_session_ticket;
#endif
#endif /* HAVE_TLS_EXTENSIONS */
+#ifdef HAVE_OCSP
+ void* ocspIOCtx;
+ #ifdef OPENSSL_EXTRA
+ byte* ocspResp;
+ int ocspRespSz;
+ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+ char* url;
+ #endif
+ #endif
+#endif
#ifdef HAVE_NETX
NetX_Ctx nxCtx; /* NetX IO Context */
#endif
+#if defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP)
+ void* mnCtx; /* mynewt mn_socket IO Context */
+#endif /* defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) */
+#ifdef WOLFSSL_GNRC
+ struct gnrc_wolfssl_ctx *gnrcCtx; /* Riot-OS GNRC UDP/IP context */
+#endif
#ifdef SESSION_INDEX
int sessionIndex; /* Session's location in the cache. */
#endif
#ifdef ATOMIC_USER
void* MacEncryptCtx; /* Atomic User Mac/Encrypt Callback Context */
void* DecryptVerifyCtx; /* Atomic User Decrypt/Verify Callback Context */
+ #ifdef HAVE_ENCRYPT_THEN_MAC
+ void* EncryptMacCtx; /* Atomic User Encrypt/Mac Callback Ctx */
+ void* VerifyDecryptCtx; /* Atomic User Verify/Decrypt Callback Ctx */
+ #endif
#endif
#ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC
- void* EccSignCtx; /* Ecc Sign Callback Context */
- void* EccVerifyCtx; /* Ecc Verify Callback Context */
+ void* EccKeyGenCtx; /* EccKeyGen Callback Context */
+ void* EccSignCtx; /* Ecc Sign Callback Context */
+ void* EccVerifyCtx; /* Ecc Verify Callback Context */
+ void* EccSharedSecretCtx; /* Ecc Pms Callback Context */
+ #ifdef HAVE_ED25519
+ void* Ed25519SignCtx; /* ED25519 Sign Callback Context */
+ void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */
+ #endif
+ #ifdef HAVE_CURVE25519
+ void* X25519KeyGenCtx; /* X25519 KeyGen Callback Context */
+ void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */
+ #endif
+ #ifdef HAVE_ED448
+ void* Ed448SignCtx; /* ED448 Sign Callback Context */
+ void* Ed448VerifyCtx; /* ED448 Verify Callback Context */
+ #endif
+ #ifdef HAVE_CURVE448
+ void* X448KeyGenCtx; /* X448 KeyGen Callback Context */
+ void* X448SharedSecretCtx; /* X448 Pms Callback Context */
+ #endif
#endif /* HAVE_ECC */
+ #ifndef NO_DH
+ void* DhAgreeCtx; /* DH Pms Callback Context */
+ #endif /* !NO_DH */
#ifndef NO_RSA
void* RsaSignCtx; /* Rsa Sign Callback Context */
void* RsaVerifyCtx; /* Rsa Verify Callback Context */
+ #ifdef WC_RSA_PSS
+ void* RsaPssSignCtx; /* Rsa PSS Sign Callback Context */
+ void* RsaPssVerifyCtx; /* Rsa PSS Verify Callback Context */
+ #endif
void* RsaEncCtx; /* Rsa Public Encrypt Callback Context */
void* RsaDecCtx; /* Rsa Private Decrypt Callback Context */
#endif /* NO_RSA */
@@ -2280,61 +4172,69 @@ struct WOLFSSL {
#ifdef HAVE_SECRET_CALLBACK
SessionSecretCb sessionSecretCb;
void* sessionSecretCtx;
+ #ifdef WOLFSSL_TLS13
+ Tls13SecretCb tls13SecretCb;
+ void* tls13SecretCtx;
+ #endif
#endif /* HAVE_SECRET_CALLBACK */
+#ifdef WOLFSSL_JNI
+ void* jObjectRef; /* reference to WolfSSLSession in JNI wrapper */
+#endif /* WOLFSSL_JNI */
+#ifdef WOLFSSL_EARLY_DATA
+ EarlyDataState earlyData;
+ word32 earlyDataSz;
+#endif
+#ifdef OPENSSL_ALL
+ long verifyCallbackResult;
+#endif
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+ WOLFSSL_STACK* supportedCiphers; /* Used in wolfSSL_get_ciphers_compat */
+ WOLFSSL_STACK* peerCertChain; /* Used in wolfSSL_get_peer_cert_chain */
+#endif
};
-WOLFSSL_LOCAL
-int InitSSL(WOLFSSL*, WOLFSSL_CTX*);
-WOLFSSL_LOCAL
-void FreeSSL(WOLFSSL*);
-WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */
-
-
-enum {
- IV_SZ = 32, /* max iv sz */
- NAME_SZ = 80 /* max one line */
-};
-
-
-typedef struct EncryptedInfo {
- char name[NAME_SZ]; /* encryption name */
- byte iv[IV_SZ]; /* encrypted IV */
- word32 ivSz; /* encrypted IV size */
- long consumed; /* tracks PEM bytes consumed */
- byte set; /* if encryption set */
- WOLFSSL_CTX* ctx; /* CTX owner */
-} EncryptedInfo;
+WOLFSSL_LOCAL int SSL_CTX_RefCount(WOLFSSL_CTX* ctx, int incr);
+WOLFSSL_LOCAL int SetSSL_CTX(WOLFSSL*, WOLFSSL_CTX*, int);
+WOLFSSL_LOCAL int InitSSL(WOLFSSL*, WOLFSSL_CTX*, int);
+WOLFSSL_LOCAL void FreeSSL(WOLFSSL*, void* heap);
+WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */
#ifndef NO_CERTS
- WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type,
- buffer* der, void* heap, EncryptedInfo* info,
- int* eccKey);
+ WOLFSSL_LOCAL int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
+ long sz, int format, int type, WOLFSSL* ssl,
+ long* used, int userChain, int verify);
WOLFSSL_LOCAL int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format,
int type, WOLFSSL* ssl, int userChain,
- WOLFSSL_CRL* crl);
+ WOLFSSL_CRL* crl, int verify);
+
+ #ifdef OPENSSL_EXTRA
+ WOLFSSL_LOCAL int CheckHostName(DecodedCert* dCert, char *domainName,
+ size_t domainNameLen);
+ #endif
#endif
-#ifdef WOLFSSL_CALLBACKS
+#if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
WOLFSSL_LOCAL
- void InitHandShakeInfo(HandShakeInfo*);
- WOLFSSL_LOCAL
- void FinishHandShakeInfo(HandShakeInfo*, const WOLFSSL*);
- WOLFSSL_LOCAL
- void AddPacketName(const char*, HandShakeInfo*);
+ void InitHandShakeInfo(HandShakeInfo*, WOLFSSL*);
+ WOLFSSL_LOCAL
+ void FinishHandShakeInfo(HandShakeInfo*);
+ WOLFSSL_LOCAL
+ void AddPacketName(WOLFSSL* ssl, const char* name);
WOLFSSL_LOCAL
void InitTimeoutInfo(TimeoutInfo*);
- WOLFSSL_LOCAL
+ WOLFSSL_LOCAL
void FreeTimeoutInfo(TimeoutInfo*, void*);
- WOLFSSL_LOCAL
- void AddPacketInfo(const char*, TimeoutInfo*, const byte*, int, void*);
- WOLFSSL_LOCAL
+ WOLFSSL_LOCAL
+ void AddPacketInfo(WOLFSSL* ssl, const char* name, int type,
+ const byte* data, int sz, int write, void* heap);
+ WOLFSSL_LOCAL
void AddLateName(const char*, TimeoutInfo*);
- WOLFSSL_LOCAL
+ WOLFSSL_LOCAL
void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info);
#endif
@@ -2342,10 +4242,10 @@ typedef struct EncryptedInfo {
/* Record Layer Header identifier from page 12 */
enum ContentType {
no_type = 0,
- change_cipher_spec = 20,
- alert = 21,
- handshake = 22,
- application_data = 23
+ change_cipher_spec = 20,
+ alert = 21,
+ handshake = 22,
+ application_data = 23
};
@@ -2360,30 +4260,41 @@ typedef struct HandShakeHeader {
typedef struct DtlsHandShakeHeader {
byte type;
word24 length;
- byte message_seq[2]; /* start at 0, restransmit gets same # */
+ byte message_seq[2]; /* start at 0, retransmit gets same # */
word24 fragment_offset; /* bytes in previous fragments */
word24 fragment_length; /* length of this fragment */
} DtlsHandShakeHeader;
enum HandShakeType {
- no_shake = -1,
- hello_request = 0,
- client_hello = 1,
- server_hello = 2,
- hello_verify_request = 3, /* DTLS addition */
- session_ticket = 4,
- certificate = 11,
- server_key_exchange = 12,
- certificate_request = 13,
- server_hello_done = 14,
- certificate_verify = 15,
- client_key_exchange = 16,
- finished = 20,
- certificate_status = 22,
- change_cipher_hs = 55 /* simulate unique handshake type for sanity
- checks. record layer change_cipher
- conflicts with handshake finished */
+ hello_request = 0,
+ client_hello = 1,
+ server_hello = 2,
+ hello_verify_request = 3, /* DTLS addition */
+ session_ticket = 4,
+ end_of_early_data = 5,
+ hello_retry_request = 6,
+ encrypted_extensions = 8,
+ certificate = 11,
+ server_key_exchange = 12,
+ certificate_request = 13,
+ server_hello_done = 14,
+ certificate_verify = 15,
+ client_key_exchange = 16,
+ finished = 20,
+ certificate_status = 22,
+ key_update = 24,
+ change_cipher_hs = 55, /* simulate unique handshake type for sanity
+ checks. record layer change_cipher
+ conflicts with handshake finished */
+ message_hash = 254, /* synthetic message type for TLS v1.3 */
+ no_shake = 255 /* used to initialize the DtlsMsg record */
+};
+
+enum ProvisionSide {
+ PROVISION_CLIENT = 1,
+ PROVISION_SERVER = 2,
+ PROVISION_CLIENT_SERVER = 3
};
@@ -2393,14 +4304,41 @@ static const byte server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 };
static const byte tls_client[FINISHED_LABEL_SZ + 1] = "client finished";
static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished";
+#ifdef OPENSSL_EXTRA
+typedef struct {
+ int name_len;
+ const char *name;
+ int nid;
+} WOLF_EC_NIST_NAME;
+extern const WOLF_EC_NIST_NAME kNistCurves[];
+/* This is the longest and shortest curve name in the kNistCurves list */
+#define kNistCurves_MIN_NAME_LEN 5
+#define kNistCurves_MAX_NAME_LEN 7
+#endif
/* internal functions */
WOLFSSL_LOCAL int SendChangeCipher(WOLFSSL*);
WOLFSSL_LOCAL int SendTicket(WOLFSSL*);
WOLFSSL_LOCAL int DoClientTicket(WOLFSSL*, const byte*, word32);
WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int);
+#ifdef WOLFSSL_TLS13
+#ifdef WOLFSSL_TLS13_DRAFT_18
+WOLFSSL_LOCAL int SendTls13HelloRetryRequest(WOLFSSL*);
+#else
+WOLFSSL_LOCAL int SendTls13ServerHello(WOLFSSL*, byte);
+#endif
+#endif
WOLFSSL_LOCAL int SendCertificate(WOLFSSL*);
WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*);
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
+ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+WOLFSSL_LOCAL int CreateOcspResponse(WOLFSSL*, OcspRequest**, buffer*);
+#endif
+#if defined(HAVE_SECURE_RENEGOTIATION) && \
+ defined(HAVE_SERVER_RENEGOTIATION_INFO)
+WOLFSSL_LOCAL int SendHelloRequest(WOLFSSL*);
+#endif
+WOLFSSL_LOCAL int SendCertificateStatus(WOLFSSL*);
WOLFSSL_LOCAL int SendServerKeyExchange(WOLFSSL*);
WOLFSSL_LOCAL int SendBuffered(WOLFSSL*);
WOLFSSL_LOCAL int ReceiveData(WOLFSSL*, byte*, int, int);
@@ -2411,24 +4349,100 @@ WOLFSSL_LOCAL int ProcessReply(WOLFSSL*);
WOLFSSL_LOCAL int SetCipherSpecs(WOLFSSL*);
WOLFSSL_LOCAL int MakeMasterSecret(WOLFSSL*);
-WOLFSSL_LOCAL int AddSession(WOLFSSL*);
-WOLFSSL_LOCAL int DeriveKeys(WOLFSSL* ssl);
-WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData);
+WOLFSSL_LOCAL int AddSession(WOLFSSL*);
+WOLFSSL_LOCAL int DeriveKeys(WOLFSSL* ssl);
+WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side);
WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl);
WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl);
+WOLFSSL_LOCAL int IsAtLeastTLSv1_3(const ProtocolVersion pv);
WOLFSSL_LOCAL void FreeHandshakeResources(WOLFSSL* ssl);
WOLFSSL_LOCAL void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree);
WOLFSSL_LOCAL void ShrinkOutputBuffer(WOLFSSL* ssl);
WOLFSSL_LOCAL int VerifyClientSuite(WOLFSSL* ssl);
+
+WOLFSSL_LOCAL int SetTicket(WOLFSSL*, const byte*, word32);
+WOLFSSL_LOCAL int wolfSSL_GetMaxRecordSize(WOLFSSL* ssl, int maxFragment);
+
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
+WOLFSSL_LOCAL int SetECKeyInternal(WOLFSSL_EC_KEY* eckey);
+WOLFSSL_LOCAL int SetECKeyExternal(WOLFSSL_EC_KEY* eckey);
+#endif
+
+WOLFSSL_LOCAL WC_RNG* WOLFSSL_RSA_GetRNG(WOLFSSL_RSA *rsa, WC_RNG **tmpRNG,
+ int *initTmpRng);
+
#ifndef NO_CERTS
+ #ifndef NO_RSA
+ #ifdef WC_RSA_PSS
+ WOLFSSL_LOCAL int CheckRsaPssPadding(const byte* plain, word32 plainSz,
+ byte* out, word32 sigSz, enum wc_HashType hashType);
+ WOLFSSL_LOCAL int ConvertHashPss(int hashAlgo,
+ enum wc_HashType* hashType, int* mgf);
+ #endif
+ WOLFSSL_LOCAL int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig,
+ word32 sigSz, const byte* plain, word32 plainSz, int sigAlgo,
+ int hashAlgo, RsaKey* key, DerBuffer* keyBufInfo);
+ WOLFSSL_LOCAL int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,
+ byte* out, word32* outSz, int sigAlgo, int hashAlgo, RsaKey* key,
+ DerBuffer* keyBufInfo);
+ WOLFSSL_LOCAL int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz,
+ byte** out, int sigAlgo, int hashAlgo, RsaKey* key,
+ buffer* keyBufInfo);
+ WOLFSSL_LOCAL int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out,
+ word32* outSz, RsaKey* key, DerBuffer* keyBufInfo);
+ WOLFSSL_LOCAL int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
+ word32* outSz, RsaKey* key, buffer* keyBufInfo);
+ #endif /* !NO_RSA */
+
+ #ifdef HAVE_ECC
+ WOLFSSL_LOCAL int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
+ byte* out, word32* outSz, ecc_key* key, DerBuffer* keyBufInfo);
+ WOLFSSL_LOCAL int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz,
+ const byte* out, word32 outSz, ecc_key* key, buffer* keyBufInfo);
+ WOLFSSL_LOCAL int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key,
+ ecc_key* pub_key, byte* pubKeyDer, word32* pubKeySz, byte* out,
+ word32* outlen, int side);
+ #endif /* HAVE_ECC */
+ #ifdef HAVE_ED25519
+ WOLFSSL_LOCAL int Ed25519CheckPubKey(WOLFSSL* ssl);
+ WOLFSSL_LOCAL int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
+ byte* out, word32* outSz, ed25519_key* key, DerBuffer* keyBufInfo);
+ WOLFSSL_LOCAL int Ed25519Verify(WOLFSSL* ssl, const byte* in,
+ word32 inSz, const byte* msg, word32 msgSz, ed25519_key* key,
+ buffer* keyBufInfo);
+ #endif /* HAVE_ED25519 */
+ #ifdef HAVE_ED448
+ WOLFSSL_LOCAL int Ed448CheckPubKey(WOLFSSL* ssl);
+ WOLFSSL_LOCAL int Ed448Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
+ byte* out, word32* outSz, ed448_key* key, DerBuffer* keyBufInfo);
+ WOLFSSL_LOCAL int Ed448Verify(WOLFSSL* ssl, const byte* in,
+ word32 inSz, const byte* msg, word32 msgSz, ed448_key* key,
+ buffer* keyBufInfo);
+ #endif /* HAVE_ED448 */
+
+
+ #ifdef WOLFSSL_TRUST_PEER_CERT
+
+ /* options for searching hash table for a matching trusted peer cert */
+ #define WC_MATCH_SKID 0
+ #define WC_MATCH_NAME 1
+
+ WOLFSSL_LOCAL TrustedPeerCert* GetTrustedPeer(void* vp, byte* hash,
+ int type);
+ WOLFSSL_LOCAL int MatchTrustedPeer(TrustedPeerCert* tp,
+ DecodedCert* cert);
+ #endif
+
WOLFSSL_LOCAL Signer* GetCA(void* cm, byte* hash);
#ifndef NO_SKID
WOLFSSL_LOCAL Signer* GetCAByName(void* cm, byte* hash);
#endif
-#endif
+#endif /* !NO_CERTS */
+WOLFSSL_LOCAL int BuildTlsHandshakeHash(WOLFSSL* ssl, byte* hash,
+ word32* hashLen);
WOLFSSL_LOCAL int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes,
const byte* sender);
WOLFSSL_LOCAL void FreeArrays(WOLFSSL* ssl, int keep);
@@ -2437,12 +4451,17 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
#ifndef NO_TLS
WOLFSSL_LOCAL int MakeTlsMasterSecret(WOLFSSL*);
+#ifndef WOLFSSL_AEAD_ONLY
WOLFSSL_LOCAL int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in,
- word32 sz, int content, int verify);
+ word32 sz, int padSz, int content, int verify);
+#endif
#endif
#ifndef NO_WOLFSSL_CLIENT
WOLFSSL_LOCAL int SendClientHello(WOLFSSL*);
+ #ifdef WOLFSSL_TLS13
+ WOLFSSL_LOCAL int SendTls13ClientHello(WOLFSSL*);
+ #endif
WOLFSSL_LOCAL int SendClientKeyExchange(WOLFSSL*);
WOLFSSL_LOCAL int SendCertificateVerify(WOLFSSL*);
#endif /* NO_WOLFSSL_CLIENT */
@@ -2450,51 +4469,87 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
#ifndef NO_WOLFSSL_SERVER
WOLFSSL_LOCAL int SendServerHello(WOLFSSL*);
WOLFSSL_LOCAL int SendServerHelloDone(WOLFSSL*);
- #ifdef WOLFSSL_DTLS
- WOLFSSL_LOCAL int SendHelloVerifyRequest(WOLFSSL*);
- #endif
#endif /* NO_WOLFSSL_SERVER */
#ifdef WOLFSSL_DTLS
- WOLFSSL_LOCAL int DtlsPoolInit(WOLFSSL*);
- WOLFSSL_LOCAL int DtlsPoolSave(WOLFSSL*, const byte*, int);
- WOLFSSL_LOCAL int DtlsPoolTimeout(WOLFSSL*);
- WOLFSSL_LOCAL int DtlsPoolSend(WOLFSSL*);
- WOLFSSL_LOCAL void DtlsPoolReset(WOLFSSL*);
-
WOLFSSL_LOCAL DtlsMsg* DtlsMsgNew(word32, void*);
WOLFSSL_LOCAL void DtlsMsgDelete(DtlsMsg*, void*);
WOLFSSL_LOCAL void DtlsMsgListDelete(DtlsMsg*, void*);
- WOLFSSL_LOCAL void DtlsMsgSet(DtlsMsg*, word32, const byte*, byte,
- word32, word32);
+ WOLFSSL_LOCAL int DtlsMsgSet(DtlsMsg*, word32, const byte*, byte,
+ word32, word32, void*);
WOLFSSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32);
- WOLFSSL_LOCAL DtlsMsg* DtlsMsgStore(DtlsMsg*, word32, const byte*, word32,
+ WOLFSSL_LOCAL void DtlsMsgStore(WOLFSSL*, word32, const byte*, word32,
byte, word32, word32, void*);
WOLFSSL_LOCAL DtlsMsg* DtlsMsgInsert(DtlsMsg*, DtlsMsg*);
+
+ WOLFSSL_LOCAL int DtlsMsgPoolSave(WOLFSSL*, const byte*, word32);
+ WOLFSSL_LOCAL int DtlsMsgPoolTimeout(WOLFSSL*);
+ WOLFSSL_LOCAL int VerifyForDtlsMsgPoolSend(WOLFSSL*, byte, word32);
+ WOLFSSL_LOCAL void DtlsMsgPoolReset(WOLFSSL*);
+ WOLFSSL_LOCAL int DtlsMsgPoolSend(WOLFSSL*, int);
#endif /* WOLFSSL_DTLS */
#ifndef NO_TLS
-
-#endif /* NO_TLS */
+#endif /* NO_TLS */
+#if defined(WOLFSSL_TLS13) && (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK))
+ WOLFSSL_LOCAL word32 TimeNowInMilliseconds(void);
+#endif
WOLFSSL_LOCAL word32 LowResTimer(void);
-WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int);
-WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name);
-WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int);
-WOLFSSL_LOCAL void FreeX509(WOLFSSL_X509*);
#ifndef NO_CERTS
+ WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int);
+ WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap);
+ WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int, void* heap);
+ WOLFSSL_LOCAL void FreeX509(WOLFSSL_X509*);
WOLFSSL_LOCAL int CopyDecodedToX509(WOLFSSL_X509*, DecodedCert*);
#endif
-/* used by ssl.c and wolfssl_int.c */
-WOLFSSL_LOCAL void c32to24(word32 in, word24 out);
+#ifndef MAX_CIPHER_NAME
+#define MAX_CIPHER_NAME 50
+#endif
+
+#ifdef WOLFSSL_NAMES_STATIC
+typedef char cipher_name[MAX_CIPHER_NAME];
+#else
+typedef const char* cipher_name;
+#endif
-WOLFSSL_LOCAL const char* const* GetCipherNames(void);
-WOLFSSL_LOCAL int GetCipherNamesSize(void);
+typedef struct CipherSuiteInfo {
+ cipher_name name;
+#ifndef NO_ERROR_STRINGS
+ cipher_name name_iana;
+#endif
+ byte cipherSuite0;
+ byte cipherSuite;
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+ byte minor;
+ byte major;
+#endif
+} CipherSuiteInfo;
+WOLFSSL_LOCAL const CipherSuiteInfo* GetCipherNames(void);
+WOLFSSL_LOCAL int GetCipherNamesSize(void);
+WOLFSSL_LOCAL const char* GetCipherNameInternal(const byte cipherSuite0, const byte cipherSuite);
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+/* used in wolfSSL_sk_CIPHER_description */
+#define MAX_SEGMENTS 5
+#define MAX_SEGMENT_SZ 20
+WOLFSSL_LOCAL int wolfSSL_sk_CIPHER_description(WOLFSSL_CIPHER*);
+WOLFSSL_LOCAL const char* GetCipherProtocol(const byte minor);
+WOLFSSL_LOCAL const char* GetCipherKeaStr(char n[][MAX_SEGMENT_SZ]);
+WOLFSSL_LOCAL const char* GetCipherAuthStr(char n[][MAX_SEGMENT_SZ]);
+WOLFSSL_LOCAL const char* GetCipherEncStr(char n[][MAX_SEGMENT_SZ]);
+WOLFSSL_LOCAL const char* GetCipherMacStr(char n[][MAX_SEGMENT_SZ]);
+WOLFSSL_LOCAL int SetCipherBits(const char* enc);
+#endif
+WOLFSSL_LOCAL const char* GetCipherNameIana(const byte cipherSuite0, const byte cipherSuite);
+WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl);
+WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_iana(WOLFSSL* ssl);
+WOLFSSL_LOCAL int GetCipherSuiteFromName(const char* name, byte* cipherSuite0,
+ byte* cipherSuite);
enum encrypt_side {
ENCRYPT_SIDE_ONLY = 1,
@@ -2504,10 +4559,55 @@ enum encrypt_side {
WOLFSSL_LOCAL int SetKeysSide(WOLFSSL*, enum encrypt_side);
+/* Set*Internal and Set*External functions */
+WOLFSSL_LOCAL int SetDsaInternal(WOLFSSL_DSA* dsa);
+WOLFSSL_LOCAL int SetDsaExternal(WOLFSSL_DSA* dsa);
+#ifndef HAVE_USER_RSA
+WOLFSSL_LOCAL int SetRsaExternal(WOLFSSL_RSA* rsa);
+WOLFSSL_LOCAL int SetRsaInternal(WOLFSSL_RSA* rsa);
+#endif
+WOLFSSL_LOCAL int SetDhInternal(WOLFSSL_DH* dh);
+WOLFSSL_LOCAL int SetDhExternal(WOLFSSL_DH *dh);
+
+#ifndef NO_DH
+ WOLFSSL_LOCAL int DhGenKeyPair(WOLFSSL* ssl, DhKey* dhKey,
+ byte* priv, word32* privSz,
+ byte* pub, word32* pubSz);
+ WOLFSSL_LOCAL int DhAgree(WOLFSSL* ssl, DhKey* dhKey,
+ const byte* priv, word32 privSz,
+ const byte* otherPub, word32 otherPubSz,
+ byte* agree, word32* agreeSz);
+#endif /* !NO_DH */
+
+#ifdef HAVE_ECC
+ WOLFSSL_LOCAL int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer);
+ WOLFSSL_LOCAL word16 GetCurveByOID(int oidSum);
+#endif
+
+WOLFSSL_LOCAL int InitHandshakeHashes(WOLFSSL* ssl);
+WOLFSSL_LOCAL void FreeHandshakeHashes(WOLFSSL* ssl);
+
+WOLFSSL_LOCAL int BuildMessage(WOLFSSL* ssl, byte* output, int outSz,
+ const byte* input, int inSz, int type, int hashOutput,
+ int sizeOnly, int asyncOkay);
+
+#ifdef WOLFSSL_TLS13
+int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
+ int inSz, int type, int hashOutput, int sizeOnly, int asyncOkay);
+#endif
+
+WOLFSSL_LOCAL int AllocKey(WOLFSSL* ssl, int type, void** pKey);
+WOLFSSL_LOCAL void FreeKey(WOLFSSL* ssl, int type, void** pKey);
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WOLFSSL_LOCAL int wolfSSL_AsyncInit(WOLFSSL* ssl, WC_ASYNC_DEV* asyncDev, word32 flags);
+ WOLFSSL_LOCAL int wolfSSL_AsyncPop(WOLFSSL* ssl, byte* state);
+ WOLFSSL_LOCAL int wolfSSL_AsyncPush(WOLFSSL* ssl, WC_ASYNC_DEV* asyncDev);
+#endif
+
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* wolfSSL_INT_H */
-
View Lorry Controller Status