diff --git a/cmake/options.h.in b/cmake/options.h.in index f63953627b..a496dda8d4 100644 --- a/cmake/options.h.in +++ b/cmake/options.h.in @@ -65,7 +65,7 @@ extern "C" { #undef GCM_WORD32 #cmakedefine GCM_WORD32 #undef HAVE___UINT128_T -#cmakedefine HAVE___UINT128_T +#cmakedefine HAVE___UINT128_T 1 #undef HAVE_AES_KEYWRAP #cmakedefine HAVE_AES_KEYWRAP #undef HAVE_AESCCM diff --git a/configure.ac b/configure.ac index 3ee0bf20a5..2ffa6d14d5 100644 --- a/configure.ac +++ b/configure.ac @@ -896,8 +896,7 @@ then fi - -# ALL FEATURES +# All features, except conflicting or experimental: AC_ARG_ENABLE([all], [AS_HELP_STRING([--enable-all],[Enable all wolfSSL features, except SSLv3 (default: disabled)])], [ ENABLED_ALL=$enableval ], @@ -905,13 +904,14 @@ AC_ARG_ENABLE([all], ) if test "$ENABLED_ALL" = "yes" then - enable_all_crypto=yes + test "$enable_all_crypto" = "" && enable_all_crypto=yes + + test "$enable_all_osp" = "" && test "$ENABLED_LINUXKM_DEFAULTS" != "yes" && enable_all_osp=yes test "$enable_dtls" = "" && enable_dtls=yes if test "x$FIPS_VERSION" != "xv1" then test "$enable_tls13" = "" && enable_tls13=yes - test "$enable_rsapss" = "" && enable_rsapss=yes fi test "$enable_savesession" = "" && enable_savesession=yes @@ -919,13 +919,12 @@ then test "$enable_postauth" = "" && enable_postauth=yes test "$enable_hrrcookie" = "" && enable_hrrcookie=yes test "$enable_fallback_scsv" = "" && enable_fallback_scsv=yes - test "$enable_webserver" = "" && enable_webserver=yes test "$enable_crl_monitor" = "" && enable_crl_monitor=yes test "$enable_sni" = "" && enable_sni=yes test "$enable_maxfragment" = "" && enable_maxfragment=yes test "$enable_alpn" = "" && enable_alpn=yes test "$enable_truncatedhmac" = "" && enable_truncatedhmac=yes - test "$enable_trusted_ca" = "" && enable_trusted_ca=yes + test "$enable_trustedca" = "" && enable_trustedca=yes test "$enable_session_ticket" = "" && enable_session_ticket=yes test "$enable_earlydata" = "" && enable_earlydata=yes test "$enable_ech" = "" && enable_ech=yes @@ -942,26 +941,9 @@ then # linuxkm is incompatible with opensslextra and its dependents. if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" then - if test "$ENABLED_FIPS" = "no" - then - if test "$ENABLED_32BIT" != "yes" - then - test "$enable_openssh" = "" && enable_openssh=yes - fi - # S/MIME support requires PKCS7, which requires no FIPS. - test "$enable_smime" = "" && enable_smime=yes - fi test "$enable_opensslextra" = "" && enable_opensslextra=yes test "$enable_opensslall" = "" && enable_opensslall=yes test "$enable_certservice" = "" && enable_certservice=yes - test "$enable_lighty" = "" && enable_lighty=yes - test "$enable_nginx" = "" && enable_nginx=yes - test "$enable_openvpn" = "" && enable_openvpn=yes - test "$enable_asio" = "" && enable_asio=yes - test "$enable_libwebsockets" = "" && enable_libwebsockets=yes - if test "$ENABLED_FIPS" = "no" || test "$HAVE_FIPS_VERSION" -le 5; then - test "$enable_qt" = "" && enable_qt=yes - fi fi fi @@ -969,14 +951,6 @@ then then test "$enable_scep" = "" && enable_scep=yes test "$enable_mcast" = "" && enable_mcast=yes - - if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" - then - # these use DES3: - test "$enable_stunnel" = "" && enable_stunnel=yes - test "$enable_curl" = "" && enable_curl=yes - test "$enable_tcpdump" = "" && enable_tcpdump=yes - fi fi if test "$ENABLED_FIPS" = "no" || test "$HAVE_FIPS_VERSION" -ge 6 @@ -997,6 +971,57 @@ then fi +# All OSP meta-features: +AC_ARG_ENABLE([all-osp], + [AS_HELP_STRING([--enable-all-osp],[Enable all OSP meta feature sets (default: disabled)])], + [ ENABLED_ALL_OSP=$enableval ], + [ ENABLED_ALL_OSP=no] + ) + +if test "$ENABLED_ALL_OSP" = "yes" +then + if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" + then + AC_MSG_ERROR([--enable-all-osp is incompatible with --enable-linuxkm-defaults]) + fi + + test "$enable_webserver" = "" && enable_webserver=yes + + if test "$ENABLED_SP_MATH" = "no" + then + if test "$ENABLED_FIPS" = "no" + then + # S/MIME support requires PKCS7, which requires no FIPS. + test "$enable_smime" = "" && enable_smime=yes + if test "$ENABLED_32BIT" != "yes" + then + test "$enable_openssh" = "" && enable_openssh=yes + fi + fi + + if test "$ENABLED_ALL_OSP" != "no" + then + test "$enable_lighty" = "" && enable_lighty=yes + test "$enable_nginx" = "" && enable_nginx=yes + test "$enable_openvpn" = "" && enable_openvpn=yes + test "$enable_asio" = "" && enable_asio=yes + test "$enable_libwebsockets" = "" && enable_libwebsockets=yes + if test "$ENABLED_FIPS" = "no" || test "$HAVE_FIPS_VERSION" -le 5; then + test "$enable_qt" = "" && enable_qt=yes + fi + fi + fi + + if test "$ENABLED_FIPS" = "no" + then + # these use DES3: + test "$enable_stunnel" = "" && enable_stunnel=yes + test "$enable_curl" = "" && enable_curl=yes + test "$enable_tcpdump" = "" && enable_tcpdump=yes + fi +fi + + # Auto-selected activation of all applicable asm accelerations # Enable asm automatically only if the compiler advertises itself as full Gnu C. @@ -1093,7 +1118,7 @@ then fi -# ALL CRYPTO FEATURES +# All wolfCrypt features: AC_ARG_ENABLE([all-crypto], [AS_HELP_STRING([--enable-all-crypto],[Enable all wolfcrypt algorithms (default: disabled)])], [ ENABLED_ALL_CRYPT=$enableval ], @@ -1152,6 +1177,11 @@ then test "$enable_anon" = "" && enable_anon=yes test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes + if test "x$FIPS_VERSION" != "xv1" + then + test "$enable_rsapss" = "" && enable_rsapss=yes + fi + # sp-math is incompatible with opensslextra, ECC custom curves, and DSA. if test "$ENABLED_SP_MATH" = "no" then @@ -9354,7 +9384,7 @@ then AM_CFLAGS="$AM_CFLAGS -DNO_HMAC" fi -if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" +if test "$ENABLED_OPENSSLEXTRA" = "yes" then AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA" fi @@ -9575,9 +9605,6 @@ if test "x$ENABLED_OPENSSLCOEXIST" = "xyes"; then if test "x$ENABLED_OPENSSLALL" = "xyes"; then AC_MSG_ERROR([Cannot use --enable-opensslcoexist with --enable-opensslall]) fi - if test "x$ENABLED_OPENSSLEXTRA" = "xyes"; then - AC_MSG_ERROR([Cannot use --enable-opensslcoexist with --enable-opensslextra]) - fi fi if test "$ENABLED_WOLFSSH" = "yes" && test "$ENABLED_HMAC" = "no" diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index 609481a3e0..e7e4344fc7 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -32,7 +32,6 @@ Or bench_tls(args); */ - #ifdef HAVE_CONFIG_H #include #endif @@ -40,6 +39,10 @@ Or #include #endif #include + +#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */ +#undef OPENSSL_COEXIST /* can't use this option with this example */ + #include #include #include diff --git a/examples/client/client.c b/examples/client/client.c index f50f67fbb4..e8f4c53c6d 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -32,6 +32,9 @@ #endif #include +#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */ +#undef OPENSSL_COEXIST /* can't use this option with this example */ + #include #ifdef WOLFSSL_WOLFSENTRY_HOOKS diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index ec01e756be..a7dd0ad2f9 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -25,11 +25,19 @@ #endif #include -/* let's use cyassl layer AND cyassl openssl layer */ -#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */ -#include +#ifndef WOLFSSL_USER_SETTINGS + #include +#endif /* Force enable the compatibility macros for this example */ +#undef TEST_OPENSSL_COEXIST +#undef OPENSSL_COEXIST +#ifndef OPENSSL_EXTRA_X509_SMALL +#define OPENSSL_EXTRA_X509_SMALL +#endif + +#include + #ifdef WOLFSSL_DTLS #include #endif @@ -45,9 +53,6 @@ #include -#ifndef OPENSSL_EXTRA_X509_SMALL -#define OPENSSL_EXTRA_X509_SMALL -#endif #include #include diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index 2f4d004cbf..bf649ab52b 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -24,6 +24,14 @@ #include #endif +#ifndef WOLFSSL_USER_SETTINGS + #include +#endif +#include + +#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */ +#undef OPENSSL_COEXIST /* can't use this option with this example */ + #include /* name change portability layer */ #include #ifdef HAVE_ECC diff --git a/examples/server/server.c b/examples/server/server.c index bc3e1509f7..02b8b92b6e 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -33,6 +33,8 @@ #include #undef TEST_OPENSSL_COEXIST /* can't use this option with this example */ +#undef OPENSSL_COEXIST /* can't use this option with this example */ + #include /* name change portability layer */ #ifdef HAVE_ECC diff --git a/src/bio.c b/src/bio.c index ac4eb0332f..d32ee46e91 100644 --- a/src/bio.c +++ b/src/bio.c @@ -146,7 +146,7 @@ static int wolfSSL_BIO_MEMORY_read(WOLFSSL_BIO* bio, void* buf, int len) bio->rdIdx += sz; if (bio->rdIdx >= bio->wrSz) { - if (bio->flags & BIO_FLAGS_MEM_RDONLY) { + if (bio->flags & WOLFSSL_BIO_FLAG_MEM_RDONLY) { bio->wrSz = bio->wrSzReset; } else { @@ -163,7 +163,7 @@ static int wolfSSL_BIO_MEMORY_read(WOLFSSL_BIO* bio, void* buf, int len) bio->ptr.mem_buf_data = (byte *)bio->mem_buf->data; } else if (bio->rdIdx >= WOLFSSL_BIO_RESIZE_THRESHOLD && - !(bio->flags & BIO_FLAGS_MEM_RDONLY)) { + !(bio->flags & WOLFSSL_BIO_FLAG_MEM_RDONLY)) { /* Resize the memory so we are not taking up more than necessary. * memmove reverts internally to memcpy if areas don't overlap */ XMEMMOVE(bio->mem_buf->data, bio->mem_buf->data + bio->rdIdx, @@ -234,7 +234,7 @@ static int wolfSSL_BIO_SSL_read(WOLFSSL_BIO* bio, void* buf, static int wolfSSL_BIO_MD_read(WOLFSSL_BIO* bio, void* buf, int sz) { - if (wolfSSL_EVP_MD_CTX_type(bio->ptr.md_ctx) == NID_hmac) { + if (wolfSSL_EVP_MD_CTX_type(bio->ptr.md_ctx) == WC_NID_hmac) { if (wolfSSL_EVP_DigestSignUpdate(bio->ptr.md_ctx, buf, (unsigned int)sz) != WOLFSSL_SUCCESS) { @@ -601,7 +601,7 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data, WOLFSSL_MSG("one of input parameters is null"); return WOLFSSL_FAILURE; } - if (bio->flags & BIO_FLAGS_MEM_RDONLY) { + if (bio->flags & WOLFSSL_BIO_FLAG_MEM_RDONLY) { return WOLFSSL_FAILURE; } @@ -642,7 +642,7 @@ static int wolfSSL_BIO_MD_write(WOLFSSL_BIO* bio, const void* data, int len) return BAD_FUNC_ARG; } - if (wolfSSL_EVP_MD_CTX_type(bio->ptr.md_ctx) == NID_hmac) { + if (wolfSSL_EVP_MD_CTX_type(bio->ptr.md_ctx) == WC_NID_hmac) { if (wolfSSL_EVP_DigestSignUpdate(bio->ptr.md_ctx, data, (unsigned int)len) != WOLFSSL_SUCCESS) { ret = WOLFSSL_BIO_ERROR; @@ -866,23 +866,23 @@ long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bio, int cmd, long larg, void *parg) } switch(cmd) { - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: + case WOLFSSL_BIO_CTRL_PENDING: + case WOLFSSL_BIO_CTRL_WPENDING: ret = (long)wolfSSL_BIO_ctrl_pending(bio); break; - case BIO_CTRL_INFO: + case WOLFSSL_BIO_CTRL_INFO: ret = (long)wolfSSL_BIO_get_mem_data(bio, parg); break; - case BIO_CTRL_FLUSH: + case WOLFSSL_BIO_CTRL_FLUSH: ret = (long)wolfSSL_BIO_flush(bio); break; - case BIO_CTRL_RESET: + case WOLFSSL_BIO_CTRL_RESET: ret = (long)wolfSSL_BIO_reset(bio); break; #ifdef WOLFSSL_HAVE_BIO_ADDR - case BIO_CTRL_DGRAM_CONNECT: - case BIO_CTRL_DGRAM_SET_PEER: + case WOLFSSL_BIO_CTRL_DGRAM_CONNECT: + case WOLFSSL_BIO_CTRL_DGRAM_SET_PEER: { socklen_t addr_size; if (parg == NULL) { @@ -899,7 +899,7 @@ long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bio, int cmd, long larg, void *parg) break; } - case BIO_CTRL_DGRAM_SET_CONNECTED: + case WOLFSSL_BIO_CTRL_DGRAM_SET_CONNECTED: if (parg == NULL) { wolfSSL_BIO_ADDR_clear(&bio->peer_addr); bio->connected = 0; @@ -916,7 +916,7 @@ long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bio, int cmd, long larg, void *parg) ret = WOLFSSL_SUCCESS; break; - case BIO_CTRL_DGRAM_QUERY_MTU: + case WOLFSSL_BIO_CTRL_DGRAM_QUERY_MTU: ret = 0; /* not implemented */ break; @@ -1717,7 +1717,7 @@ int wolfSSL_BIO_reset(WOLFSSL_BIO *bio) case WOLFSSL_BIO_MEMORY: bio->rdIdx = 0; - if (bio->flags & BIO_FLAGS_MEM_RDONLY) { + if (bio->flags & WOLFSSL_BIO_FLAG_MEM_RDONLY) { bio->wrIdx = bio->wrSzReset; bio->wrSz = bio->wrSzReset; } @@ -1826,7 +1826,7 @@ int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name) } if (bio->type == WOLFSSL_BIO_FILE) { - if (bio->ptr.fh != XBADFILE && bio->shutdown == BIO_CLOSE) { + if (bio->ptr.fh != XBADFILE && bio->shutdown == WOLFSSL_BIO_CLOSE) { XFCLOSE(bio->ptr.fh); } @@ -1839,7 +1839,7 @@ int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name) if (bio->ptr.fh == XBADFILE) { return WOLFSSL_FAILURE; } - bio->shutdown = BIO_CLOSE; + bio->shutdown = WOLFSSL_BIO_CLOSE; return WOLFSSL_SUCCESS; } @@ -2201,7 +2201,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) if (bio->method != NULL && bio->method->ctrlCb != NULL) { WOLFSSL_MSG("Calling custom BIO flush callback"); - return (int)bio->method->ctrlCb(bio, BIO_CTRL_FLUSH, 0, NULL); + return (int)bio->method->ctrlCb(bio, WOLFSSL_BIO_CTRL_FLUSH, 0, NULL); } else if (bio->type == WOLFSSL_BIO_FILE) { #if !defined(NO_FILESYSTEM) && defined(XFFLUSH) @@ -2387,7 +2387,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) bio->type = WOLFSSL_BIO_SOCKET; } else { - BIO_free(bio); + wolfSSL_BIO_free(bio); bio = NULL; } } @@ -2477,7 +2477,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) } b->num.fd = sfd; - b->shutdown = BIO_CLOSE; + b->shutdown = WOLFSSL_BIO_CLOSE; return WOLFSSL_SUCCESS; } @@ -2506,7 +2506,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) return WOLFSSL_FAILURE; } b->num.fd = sfd; - b->shutdown = BIO_CLOSE; + b->shutdown = WOLFSSL_BIO_CLOSE; } else { WOLFSSL_BIO* new_bio; @@ -2516,7 +2516,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) return WOLFSSL_FAILURE; } /* Create a socket BIO for using the accept'ed connection */ - new_bio = wolfSSL_BIO_new_socket(newfd, BIO_CLOSE); + new_bio = wolfSSL_BIO_new_socket(newfd, WOLFSSL_BIO_CLOSE); if (new_bio == NULL) { WOLFSSL_MSG("wolfSSL_BIO_new_socket error"); CloseSocket(newfd); @@ -2595,7 +2595,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) if (b->ptr.ssl != NULL) { int rc = wolfSSL_shutdown(b->ptr.ssl); - if (rc == SSL_SHUTDOWN_NOT_DONE) { + if (rc == WOLFSSL_SHUTDOWN_NOT_DONE) { /* In this case, call again to give us a chance to read the * close notify alert from the other end. */ wolfSSL_shutdown(b->ptr.ssl); @@ -2682,7 +2682,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) else wolfSSL_set_connect_state(ssl); } - if (err == 0 && wolfSSL_BIO_set_ssl(sslBio, ssl, BIO_CLOSE) != + if (err == 0 && wolfSSL_BIO_set_ssl(sslBio, ssl, WOLFSSL_BIO_CLOSE) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("Failed to set SSL pointer in BIO."); err = 1; @@ -2831,7 +2831,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) #else bio->method = method; #endif - bio->shutdown = BIO_CLOSE; /* default to close things */ + bio->shutdown = WOLFSSL_BIO_CLOSE; /* default to close things */ if ((bio->type == WOLFSSL_BIO_SOCKET) || (bio->type == WOLFSSL_BIO_DGRAM)) @@ -2916,7 +2916,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) bio->ptr.mem_buf_data = (byte *)bio->mem_buf->data; if (len > 0 && bio->ptr.mem_buf_data != NULL) { XMEMCPY(bio->ptr.mem_buf_data, buf, len); - bio->flags |= BIO_FLAGS_MEM_RDONLY; + bio->flags |= WOLFSSL_BIO_FLAG_MEM_RDONLY; bio->wrSzReset = bio->wrSz; } @@ -2994,7 +2994,9 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) } #ifndef NO_FILESYSTEM - if (bio->type == WOLFSSL_BIO_FILE && bio->shutdown == BIO_CLOSE) { + if (bio->type == WOLFSSL_BIO_FILE && + bio->shutdown == WOLFSSL_BIO_CLOSE) + { if (bio->ptr.fh) { XFCLOSE(bio->ptr.fh); } @@ -3007,7 +3009,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) } #endif - if (bio->shutdown != BIO_NOCLOSE) { + if (bio->shutdown != WOLFSSL_BIO_NOCLOSE) { if (bio->type == WOLFSSL_BIO_MEMORY && bio->ptr.mem_buf_data != NULL) { @@ -3409,7 +3411,7 @@ int wolfSSL_BIO_dump(WOLFSSL_BIO *bio, const char *buf, int length) if (fp == XBADFILE) return WOLFSSL_BAD_FILE; - if (wolfSSL_BIO_set_fp(b, fp, BIO_CLOSE) != WOLFSSL_SUCCESS) { + if (wolfSSL_BIO_set_fp(b, fp, WOLFSSL_BIO_CLOSE) != WOLFSSL_SUCCESS) { XFCLOSE(fp); return WOLFSSL_BAD_FILE; } @@ -3446,7 +3448,7 @@ WOLFSSL_BIO *wolfSSL_BIO_new_file(const char *filename, const char *mode) return bio; } - if (wolfSSL_BIO_set_fp(bio, fp, BIO_CLOSE) != WOLFSSL_SUCCESS) { + if (wolfSSL_BIO_set_fp(bio, fp, WOLFSSL_BIO_CLOSE) != WOLFSSL_SUCCESS) { XFCLOSE(fp); wolfSSL_BIO_free(bio); bio = NULL; diff --git a/src/conf.c b/src/conf.c index c9a35c12d2..8f92fe465e 100644 --- a/src/conf.c +++ b/src/conf.c @@ -603,7 +603,7 @@ char *wolfSSL_NCONF_get_string(const WOLFSSL_CONF *conf, return NULL; } -int wolfSSL_NCONF_get_number(const CONF *conf, const char *group, +int wolfSSL_NCONF_get_number(const WOLFSSL_CONF *conf, const char *group, const char *name, long *result) { char *str; @@ -1582,7 +1582,7 @@ int wolfSSL_CONF_cmd_value_type(WOLFSSL_CONF_CTX *cctx, const char *cmd) confcmd = wolfssl_conf_find_cmd(cctx, cmd); if (confcmd == NULL) - return SSL_CONF_TYPE_UNKNOWN; + return WOLFSSL_CONF_TYPE_UNKNOWN; return (int)confcmd->data_type; } @@ -1594,21 +1594,21 @@ int wolfSSL_CONF_cmd_value_type(WOLFSSL_CONF_CTX *cctx, const char *cmd) ******************************************************************************/ #if defined(OPENSSL_EXTRA) -OPENSSL_INIT_SETTINGS* wolfSSL_OPENSSL_INIT_new(void) +WOLFSSL_INIT_SETTINGS* wolfSSL_OPENSSL_INIT_new(void) { - OPENSSL_INIT_SETTINGS* init = (OPENSSL_INIT_SETTINGS*)XMALLOC( - sizeof(OPENSSL_INIT_SETTINGS), NULL, DYNAMIC_TYPE_OPENSSL); + WOLFSSL_INIT_SETTINGS* init = (WOLFSSL_INIT_SETTINGS*)XMALLOC( + sizeof(WOLFSSL_INIT_SETTINGS), NULL, DYNAMIC_TYPE_OPENSSL); return init; } -void wolfSSL_OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS* init) +void wolfSSL_OPENSSL_INIT_free(WOLFSSL_INIT_SETTINGS* init) { XFREE(init, NULL, DYNAMIC_TYPE_OPENSSL); } #ifndef NO_WOLFSSL_STUB -int wolfSSL_OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS* init, +int wolfSSL_OPENSSL_INIT_set_config_appname(WOLFSSL_INIT_SETTINGS* init, char* appname) { (void)init; diff --git a/src/internal.c b/src/internal.c index 550a124d82..38529d3c5d 100644 --- a/src/internal.c +++ b/src/internal.c @@ -6627,7 +6627,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) #ifdef OPENSSL_EXTRA #ifdef WOLFSSL_TLS13 if (ssl->version.minor == TLSv1_3_MINOR && - (ssl->options.mask & SSL_OP_NO_TLSv1_3) == SSL_OP_NO_TLSv1_3) { + (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_3) == WOLFSSL_OP_NO_TLSv1_3) { if (!ctx->method->downgrade) { WOLFSSL_MSG("\tInconsistent protocol options. TLS 1.3 set but not " "allowed and downgrading disabled."); @@ -6639,7 +6639,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) } #endif if (ssl->version.minor == TLSv1_2_MINOR && - (ssl->options.mask & SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2) { + (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_2) == WOLFSSL_OP_NO_TLSv1_2) { if (!ctx->method->downgrade) { WOLFSSL_MSG("\tInconsistent protocol options. TLS 1.2 set but not " "allowed and downgrading disabled."); @@ -6650,7 +6650,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) ssl->version.minor = TLSv1_1_MINOR; } if (ssl->version.minor == TLSv1_1_MINOR && - (ssl->options.mask & SSL_OP_NO_TLSv1_1) == SSL_OP_NO_TLSv1_1) { + (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_1) == WOLFSSL_OP_NO_TLSv1_1) { if (!ctx->method->downgrade) { WOLFSSL_MSG("\tInconsistent protocol options. TLS 1.1 set but not " "allowed and downgrading disabled."); @@ -6662,7 +6662,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) ssl->version.minor = TLSv1_MINOR; } if (ssl->version.minor == TLSv1_MINOR && - (ssl->options.mask & SSL_OP_NO_TLSv1) == SSL_OP_NO_TLSv1) { + (ssl->options.mask & WOLFSSL_OP_NO_TLSv1) == WOLFSSL_OP_NO_TLSv1) { if (!ctx->method->downgrade) { WOLFSSL_MSG("\tInconsistent protocol options. TLS 1 set but not " "allowed and downgrading disabled."); @@ -6675,7 +6675,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) ssl->version.minor = SSLv3_MINOR; } if (ssl->version.minor == SSLv3_MINOR && - (ssl->options.mask & SSL_OP_NO_SSLv3) == SSL_OP_NO_SSLv3) { + (ssl->options.mask & WOLFSSL_OP_NO_SSLv3) == WOLFSSL_OP_NO_SSLv3) { WOLFSSL_MSG("\tError, option set to not allow SSLv3"); WOLFSSL_ERROR_VERBOSE(VERSION_ERROR); return VERSION_ERROR; @@ -8163,7 +8163,7 @@ void FreeSuites(WOLFSSL* ssl) /* In case holding SSL object in array and don't want to free actual ssl */ -void SSL_ResourceFree(WOLFSSL* ssl) +void wolfSSL_ResourceFree(WOLFSSL* ssl) { /* Note: any resources used during the handshake should be released in the * function FreeHandshakeResources(). Be careful with the special cases @@ -8799,7 +8799,7 @@ void FreeHandshakeResources(WOLFSSL* ssl) void FreeSSL(WOLFSSL* ssl, void* heap) { WOLFSSL_CTX* ctx = ssl->ctx; - SSL_ResourceFree(ssl); + wolfSSL_ResourceFree(ssl); XFREE(ssl, heap, DYNAMIC_TYPE_SSL); if (ctx) FreeSSL_Ctx(ctx); /* will decrement and free underlying CTX if 0 */ @@ -12917,7 +12917,7 @@ static int CopyREQAttributes(WOLFSSL_X509* x509, DecodedCert* dCert) x509->challengePw[dCert->cPwdLen] = '\0'; #if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) if (wolfSSL_X509_REQ_add1_attr_by_NID(x509, - NID_pkcs9_challengePassword, + WC_NID_pkcs9_challengePassword, MBSTRING_ASC, (const byte*)dCert->cPwd, dCert->cPwdLen) != WOLFSSL_SUCCESS) { @@ -12939,7 +12939,7 @@ static int CopyREQAttributes(WOLFSSL_X509* x509, DecodedCert* dCert) } #if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) if (wolfSSL_X509_REQ_add1_attr_by_NID(x509, - NID_pkcs9_contentType, + WC_NID_pkcs9_contentType, MBSTRING_ASC, (const byte*)dCert->contentType, dCert->contentTypeLen) != @@ -12953,7 +12953,7 @@ static int CopyREQAttributes(WOLFSSL_X509* x509, DecodedCert* dCert) #if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) if (dCert->sNum) { if (wolfSSL_X509_REQ_add1_attr_by_NID(x509, - NID_serialNumber, + WC_NID_serialNumber, MBSTRING_ASC, (const byte*)dCert->sNum, dCert->sNumLen) != WOLFSSL_SUCCESS) { @@ -12963,7 +12963,7 @@ static int CopyREQAttributes(WOLFSSL_X509* x509, DecodedCert* dCert) } if (dCert->unstructuredName) { if (wolfSSL_X509_REQ_add1_attr_by_NID(x509, - NID_pkcs9_unstructuredName, + WC_NID_pkcs9_unstructuredName, MBSTRING_ASC, (const byte*)dCert->unstructuredName, dCert->unstructuredNameLen) @@ -12974,7 +12974,7 @@ static int CopyREQAttributes(WOLFSSL_X509* x509, DecodedCert* dCert) } if (dCert->surname) { if (wolfSSL_X509_REQ_add1_attr_by_NID(x509, - NID_surname, + WC_NID_surname, MBSTRING_ASC, (const byte*)dCert->surname, dCert->surnameLen) != WOLFSSL_SUCCESS) { @@ -12984,7 +12984,7 @@ static int CopyREQAttributes(WOLFSSL_X509* x509, DecodedCert* dCert) } if (dCert->givenName) { if (wolfSSL_X509_REQ_add1_attr_by_NID(x509, - NID_givenName, + WC_NID_givenName, MBSTRING_ASC, (const byte*)dCert->givenName, dCert->givenNameLen) != WOLFSSL_SUCCESS) { @@ -12994,7 +12994,7 @@ static int CopyREQAttributes(WOLFSSL_X509* x509, DecodedCert* dCert) } if (dCert->dnQualifier) { if (wolfSSL_X509_REQ_add1_attr_by_NID(x509, - NID_dnQualifier, + WC_NID_dnQualifier, MBSTRING_ASC, (const byte*)dCert->dnQualifier, dCert->dnQualifierLen) != WOLFSSL_SUCCESS) { @@ -13004,7 +13004,7 @@ static int CopyREQAttributes(WOLFSSL_X509* x509, DecodedCert* dCert) } if (dCert->initials) { if (wolfSSL_X509_REQ_add1_attr_by_NID(x509, - NID_initials, + WC_NID_initials, MBSTRING_ASC, (const byte*)dCert->initials, dCert->initialsLen) != WOLFSSL_SUCCESS) { @@ -16833,13 +16833,13 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size, if (ssl->options.side == WOLFSSL_CLIENT_END) { ssl->options.serverState = SERVER_FINISHED_COMPLETE; #ifdef OPENSSL_EXTRA - ssl->cbmode = SSL_CB_MODE_WRITE; + ssl->cbmode = WOLFSSL_CB_MODE_WRITE; ssl->options.clientState = CLIENT_FINISHED_COMPLETE; #endif if (!ssl->options.resuming) { #ifdef OPENSSL_EXTRA if (ssl->CBIS != NULL) { - ssl->CBIS(ssl, SSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS); } #endif ssl->options.handShakeState = HANDSHAKE_DONE; @@ -16852,13 +16852,13 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size, else { ssl->options.clientState = CLIENT_FINISHED_COMPLETE; #ifdef OPENSSL_EXTRA - ssl->cbmode = SSL_CB_MODE_READ; + ssl->cbmode = WOLFSSL_CB_MODE_READ; ssl->options.serverState = SERVER_FINISHED_COMPLETE; #endif if (ssl->options.resuming) { #ifdef OPENSSL_EXTRA if (ssl->CBIS != NULL) { - ssl->CBIS(ssl, SSL_CB_ACCEPT_LOOP, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_ACCEPT_LOOP, WOLFSSL_SUCCESS); } #endif ssl->options.handShakeState = HANDSHAKE_DONE; @@ -17519,9 +17519,9 @@ int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, #ifdef OPENSSL_EXTRA if (ssl->CBIS != NULL){ - ssl->cbmode = SSL_CB_MODE_READ; + ssl->cbmode = WOLFSSL_CB_MODE_READ; ssl->cbtype = type; - ssl->CBIS(ssl, SSL_CB_ACCEPT_LOOP, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_ACCEPT_LOOP, WOLFSSL_SUCCESS); } #endif @@ -22474,17 +22474,17 @@ int SendChangeCipher(WOLFSSL* ssl) int ret; #ifdef OPENSSL_EXTRA - ssl->cbmode = SSL_CB_MODE_WRITE; + ssl->cbmode = WOLFSSL_CB_MODE_WRITE; if (ssl->options.side == WOLFSSL_SERVER_END){ ssl->options.serverState = SERVER_CHANGECIPHERSPEC_COMPLETE; if (ssl->CBIS != NULL) - ssl->CBIS(ssl, SSL_CB_ACCEPT_LOOP, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_ACCEPT_LOOP, WOLFSSL_SUCCESS); } else{ ssl->options.clientState = CLIENT_CHANGECIPHERSPEC_COMPLETE; if (ssl->CBIS != NULL) - ssl->CBIS(ssl, SSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS); } #endif @@ -23563,9 +23563,9 @@ int SendFinished(WOLFSSL* ssl) if (ssl->options.side == WOLFSSL_SERVER_END) { #ifdef OPENSSL_EXTRA ssl->options.serverState = SERVER_FINISHED_COMPLETE; - ssl->cbmode = SSL_CB_MODE_WRITE; + ssl->cbmode = WOLFSSL_CB_MODE_WRITE; if (ssl->CBIS != NULL) - ssl->CBIS(ssl, SSL_CB_HANDSHAKE_DONE, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_HANDSHAKE_DONE, WOLFSSL_SUCCESS); #endif ssl->options.handShakeState = HANDSHAKE_DONE; ssl->options.handShakeDone = 1; @@ -23578,9 +23578,9 @@ int SendFinished(WOLFSSL* ssl) if (ssl->options.side == WOLFSSL_CLIENT_END) { #ifdef OPENSSL_EXTRA ssl->options.clientState = CLIENT_FINISHED_COMPLETE; - ssl->cbmode = SSL_CB_MODE_WRITE; + ssl->cbmode = WOLFSSL_CB_MODE_WRITE; if (ssl->CBIS != NULL) - ssl->CBIS(ssl, SSL_CB_HANDSHAKE_DONE, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_HANDSHAKE_DONE, WOLFSSL_SUCCESS); #endif ssl->options.handShakeState = HANDSHAKE_DONE; ssl->options.handShakeDone = 1; @@ -25464,7 +25464,7 @@ static int SendAlert_ex(WOLFSSL* ssl, int severity, int type) #ifdef OPENSSL_EXTRA if (ssl->CBIS != NULL) { - ssl->CBIS(ssl, SSL_CB_ALERT, type); + ssl->CBIS(ssl, WOLFSSL_CB_ALERT, type); } #endif #ifdef WOLFSSL_DTLS @@ -26195,6 +26195,33 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e) case WOLFSSL_FATAL_ERROR: return "fatal error"; + + case WOLFSSL_PEM_R_NO_START_LINE_E: + return "No more matching objects found (PEM)"; + + case WOLFSSL_PEM_R_PROBLEMS_GETTING_PASSWORD_E: + return "Error getting password (PEM)"; + + case WOLFSSL_PEM_R_BAD_PASSWORD_READ_E: + return "Bad password (PEM)"; + + case WOLFSSL_PEM_R_BAD_DECRYPT_E : + return "Decryption failed (PEM)"; + + case WOLFSSL_ASN1_R_HEADER_TOO_LONG_E: + return "ASN header too long (compat)"; + + case WOLFSSL_EVP_R_BAD_DECRYPT_E : + return "Decryption failed (EVP)"; + + case WOLFSSL_EVP_R_BN_DECODE_ERROR: + return "Bignum decode error (EVP)"; + + case WOLFSSL_EVP_R_DECODE_ERROR : + return "Decode error (EVP)"; + + case WOLFSSL_EVP_R_PRIVATE_KEY_DECODE_ERROR: + return "Private key decode error (EVP)"; } #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ @@ -26279,9 +26306,9 @@ const char* wolfSSL_ERR_lib_error_string(unsigned long e) #if defined(OPENSSL_EXTRA) libe = wolfSSL_ERR_GET_LIB(e); switch (libe) { - case ERR_LIB_PEM: + case WOLFSSL_ERR_LIB_PEM: return "wolfSSL PEM routines"; - case ERR_LIB_EVP: + case WOLFSSL_ERR_LIB_EVP: return "wolfSSL digital envelope routines"; default: return ""; @@ -30150,9 +30177,9 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, ssl->options.clientState = CLIENT_HELLO_COMPLETE; #ifdef OPENSSL_EXTRA - ssl->cbmode = SSL_CB_MODE_WRITE; + ssl->cbmode = WOLFSSL_CB_MODE_WRITE; if (ssl->CBIS != NULL) - ssl->CBIS(ssl, SSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS); #endif #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) @@ -30288,7 +30315,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, #ifdef OPENSSL_EXTRA if (ssl->CBIS != NULL) { - ssl->CBIS(ssl, SSL_CB_HANDSHAKE_START, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_HANDSHAKE_START, WOLFSSL_SUCCESS); } #endif @@ -32455,9 +32482,9 @@ int SendClientKeyExchange(WOLFSSL* ssl) #ifdef OPENSSL_EXTRA ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; - ssl->cbmode = SSL_CB_MODE_WRITE; + ssl->cbmode = WOLFSSL_CB_MODE_WRITE; if (ssl->CBIS != NULL) - ssl->CBIS(ssl, SSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS); + ssl->CBIS(ssl, WOLFSSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS); #endif #ifdef WOLFSSL_ASYNC_IO @@ -34944,7 +34971,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, goto exit_sske; if (ssl->buffers.serverDH_Pub.buffer == NULL) { - /* Free'd in SSL_ResourceFree and + /* Free'd in wolfSSL_ResourceFree and * FreeHandshakeResources */ ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC( pSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); @@ -34958,7 +34985,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, pSz = wc_DhGetNamedKeyMinSize(ssl->namedGroup); if (ssl->buffers.serverDH_Priv.buffer == NULL) { - /* Free'd in SSL_ResourceFree and + /* Free'd in wolfSSL_ResourceFree and * FreeHandshakeResources */ ssl->buffers.serverDH_Priv.buffer = (byte*)XMALLOC( pSz, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); @@ -35027,7 +35054,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } if (ssl->buffers.serverDH_Pub.buffer == NULL) { - /* Free'd in SSL_ResourceFree and FreeHandshakeResources */ + /* Free'd in wolfSSL_ResourceFree + * and FreeHandshakeResources + */ ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC( ssl->buffers.serverDH_P.length, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); @@ -35039,7 +35068,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } if (ssl->buffers.serverDH_Priv.buffer == NULL) { - /* Free'd in SSL_ResourceFree and FreeHandshakeResources */ + /* Free'd in wolfSSL_ResourceFree + * and FreeHandshakeResources + */ ssl->buffers.serverDH_Priv.buffer = (byte*)XMALLOC( ssl->buffers.serverDH_P.length, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); @@ -36876,7 +36907,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->options.usingCompression = 0; /* turn off */ ssl->options.clientState = CLIENT_HELLO_COMPLETE; - ssl->cbmode = SSL_CB_MODE_WRITE; + ssl->cbmode = WOLFSSL_CB_MODE_WRITE; *inOutIdx = idx; ssl->options.haveSessionId = 1; @@ -38474,7 +38505,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ssl->ctx->ticketEncCb == NULL #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(WOLFSSL_WPAS_SMALL) || - /* SSL_OP_NO_TICKET turns off tickets in <= 1.2. Forces + /* WOLFSSL_OP_NO_TICKET turns off tickets in <= 1.2. Forces * "stateful" tickets for 1.3 so just use the regular * stateless ones. */ (!IsAtLeastTLSv1_3(ssl->version) && @@ -38598,7 +38629,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ssl->ctx->ticketEncCb == NULL #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(WOLFSSL_WPAS_SMALL) || - /* SSL_OP_NO_TICKET turns off tickets in < 1.2. Forces + /* WOLFSSL_OP_NO_TICKET turns off tickets in < 1.2. Forces * "stateful" tickets for 1.3 so just use the regular * stateless ones. */ (!IsAtLeastTLSv1_3(ssl->version) && @@ -41309,7 +41340,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ], WOLFSSL_EXTRA_ALERTS is defined, indicating user is OK with potential information disclosure from alerts. */ #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_EXTRA_ALERTS) - ad = SSL_AD_UNRECOGNIZED_NAME; + ad = WOLFSSL_AD_UNRECOGNIZED_NAME; #endif /* Stunnel supports a custom sni callback to switch an SSL's ctx * when SNI is received. Call it now if exists */ diff --git a/src/ocsp.c b/src/ocsp.c index 493d8268f7..f2d12ef60a 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -866,7 +866,7 @@ int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs, (void)certs; - if (flags & OCSP_NOVERIFY) + if (flags & WOLFSSL_OCSP_NOVERIFY) return WOLFSSL_SUCCESS; #ifdef WOLFSSL_SMALL_STACK @@ -880,7 +880,7 @@ int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs, if (bs->verifyError != OCSP_VERIFY_ERROR_NONE) goto out; - if (flags & OCSP_TRUSTOTHER) { + if (flags & WOLFSSL_OCSP_TRUSTOTHER) { for (idx = 0; idx < wolfSSL_sk_X509_num(certs); idx++) { WOLFSSL_X509* x = wolfSSL_sk_X509_value(certs, idx); int derSz = 0; @@ -898,7 +898,7 @@ int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs, if (ParseCertRelative(cert, CERT_TYPE, VERIFY, st->cm, NULL) < 0) goto out; - if (!(flags & OCSP_NOCHECKS)) { + if (!(flags & WOLFSSL_OCSP_NOCHECKS)) { if (CheckOcspResponder(bs, cert, st->cm) != 0) goto out; } diff --git a/src/pk.c b/src/pk.c index d8fdf2d85f..dfc5b680c7 100644 --- a/src/pk.c +++ b/src/pk.c @@ -367,7 +367,7 @@ static int der_write_to_file_as_pem(const unsigned char* der, int derSz, * @return 1 on success. * @return 0 on error. */ -int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher, +int EncryptDerKey(byte *der, int *derSz, const WOLFSSL_EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, byte **cipherInfo, int maxDerSz) { int ret = 0; @@ -501,8 +501,8 @@ int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher, * @return 0 on failure. */ static int der_to_enc_pem_alloc(unsigned char* der, int derSz, - const EVP_CIPHER *cipher, unsigned char *passwd, int passwdSz, int type, - void* heap, byte** out, int* outSz) + const WOLFSSL_EVP_CIPHER *cipher, unsigned char *passwd, int passwdSz, + int type, void* heap, byte** out, int* outSz) { int ret = 1; byte* tmp = NULL; @@ -2174,8 +2174,9 @@ WOLFSSL_RSA* wolfSSL_PEM_read_RSAPublicKey(XFILE fp, WOLFSSL_RSA** rsa, * @return 1 on success. * @return 0 on failure. */ -int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher, - unsigned char* passwd, int passwdSz, unsigned char **pem, int *pLen) +int wolfSSL_PEM_write_mem_RSAPrivateKey(WOLFSSL_RSA* rsa, + const WOLFSSL_EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, + unsigned char **pem, int *pLen) { int ret = 1; byte* derBuf = NULL; @@ -2280,7 +2281,7 @@ int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, * @return 0 on failure. */ int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa, - const EVP_CIPHER *cipher, unsigned char *passwd, int passwdSz, + const WOLFSSL_EVP_CIPHER *cipher, unsigned char *passwd, int passwdSz, wc_pem_password_cb *cb, void *arg) { int ret = 1; @@ -3876,15 +3877,15 @@ static int wolfssl_rsa_sig_encode(int hashAlg, const unsigned char* hash, ret = 0; } - if ((ret == 1) && (hashAlg != NID_undef) && - (padding == RSA_PKCS1_PADDING)) { + if ((ret == 1) && (hashAlg != WC_NID_undef) && + (padding == WC_RSA_PKCS1_PADDING)) { /* Convert hash algorithm to hash type for PKCS#1.5 padding. */ hType = (int)nid2oid(hashAlg, oidHashType); if (hType == -1) { ret = 0; } } - if ((ret == 1) && (padding == RSA_PKCS1_PADDING)) { + if ((ret == 1) && (padding == WC_RSA_PKCS1_PADDING)) { /* PKCS#1.5 encoding. */ word32 encSz = wc_EncodeSignature(enc, hash, hLen, hType); if (encSz == 0) { @@ -3896,7 +3897,7 @@ static int wolfssl_rsa_sig_encode(int hashAlg, const unsigned char* hash, } } /* Other padding schemes require the hash as is. */ - if ((ret == 1) && (padding != RSA_PKCS1_PADDING)) { + if ((ret == 1) && (padding != WC_RSA_PKCS1_PADDING)) { XMEMCPY(enc, hash, hLen); *encLen = hLen; } @@ -3924,7 +3925,7 @@ int wolfSSL_RSA_sign(int hashAlg, const unsigned char* hash, unsigned int hLen, } /* flag is 1: output complete signature. */ return wolfSSL_RSA_sign_generic_padding(hashAlg, hash, hLen, sigRet, - sigLen, rsa, 1, RSA_PKCS1_PADDING); + sigLen, rsa, 1, WC_RSA_PKCS1_PADDING); } /* Sign the message hash using hash algorithm and RSA key. @@ -3954,7 +3955,7 @@ int wolfSSL_RSA_sign_ex(int hashAlg, const unsigned char* hash, *sigLen = RSA_MAX_SIZE / CHAR_BIT; } ret = wolfSSL_RSA_sign_generic_padding(hashAlg, hash, hLen, sigRet, - sigLen, rsa, flag, RSA_PKCS1_PADDING); + sigLen, rsa, flag, WC_RSA_PKCS1_PADDING); } return ret; @@ -3976,7 +3977,7 @@ int wolfSSL_RSA_sign_ex(int hashAlg, const unsigned char* hash, * 0: Output the value that the unpadded signature * should be compared to. * @param [in] padding Padding to use. Only RSA_PKCS1_PSS_PADDING and - * RSA_PKCS1_PADDING are currently supported for + * WC_RSA_PKCS1_PADDING are currently supported for * signing. * @return 1 on success. * @return 0 on failure. @@ -4065,7 +4066,7 @@ int wolfSSL_RSA_sign_generic_padding(int hashAlg, const unsigned char* hash, if (ret == 1) { switch (padding) { #if defined(WC_RSA_NO_PADDING) || defined(WC_RSA_DIRECT) - case RSA_NO_PADDING: + case WC_RSA_NO_PAD: if ((signSz = wc_RsaDirect(encodedSig, encSz, sigRet, &outLen, (RsaKey*)rsa->internal, RSA_PRIVATE_ENCRYPT, rng)) <= 0) { WOLFSSL_ERROR_MSG("Bad Rsa Sign no pad"); @@ -4075,7 +4076,7 @@ int wolfSSL_RSA_sign_generic_padding(int hashAlg, const unsigned char* hash, #endif #if defined(WC_RSA_PSS) && !defined(HAVE_SELFTEST) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,1)) - case RSA_PKCS1_PSS_PADDING: + case WC_RSA_PKCS1_PSS_PADDING: { enum wc_HashType hType = wc_OidGetHash((int)nid2oid(hashAlg, oidHashType)); @@ -4094,14 +4095,14 @@ int wolfSSL_RSA_sign_generic_padding(int hashAlg, const unsigned char* hash, } #endif #ifndef WC_NO_RSA_OAEP - case RSA_PKCS1_OAEP_PADDING: + case WC_RSA_PKCS1_OAEP_PADDING: /* Not a signature padding scheme. */ WOLFSSL_ERROR_MSG("RSA_PKCS1_OAEP_PADDING not supported for " "signing"); ret = 0; break; #endif - case RSA_PKCS1_PADDING: + case WC_RSA_PKCS1_PADDING: { /* Sign (private encrypt) PKCS#1 encoded signature. */ if ((signSz = wc_RsaSSL_Sign(encodedSig, encSz, sigRet, outLen, @@ -4154,7 +4155,7 @@ int wolfSSL_RSA_verify(int hashAlg, const unsigned char* hash, WOLFSSL_RSA* rsa) { return wolfSSL_RSA_verify_ex(hashAlg, hash, hLen, sig, sigLen, rsa, - RSA_PKCS1_PADDING); + WC_RSA_PKCS1_PADDING); } /** @@ -4169,7 +4170,7 @@ int wolfSSL_RSA_verify(int hashAlg, const unsigned char* hash, * @param [in] sigLen Length of signature data. * @param [in] rsa RSA key used to sign the input * @param [in] padding Padding to use. Only RSA_PKCS1_PSS_PADDING and - * RSA_PKCS1_PADDING are currently supported for + * WC_RSA_PKCS1_PADDING are currently supported for * signing. * @return 1 on success. * @return 0 on failure. @@ -4209,7 +4210,7 @@ int wolfSSL_RSA_verify_ex(int hashAlg, const unsigned char* hash, } } #ifdef WOLFSSL_SMALL_STACK - if ((ret == 1) && (padding != RSA_PKCS1_PSS_PADDING)) { + if ((ret == 1) && (padding != WC_RSA_PKCS1_PSS_PADDING)) { /* Allocate memory for encoded signature. */ encodedSig = (unsigned char *)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -4219,7 +4220,7 @@ int wolfSSL_RSA_verify_ex(int hashAlg, const unsigned char* hash, } } #endif - if ((ret == 1) && (padding != RSA_PKCS1_PSS_PADDING)) { + if ((ret == 1) && (padding != WC_RSA_PKCS1_PSS_PADDING)) { /* Make encoded signature to compare with decrypted signature. */ if (wolfssl_rsa_sig_encode(hashAlg, hash, hLen, encodedSig, &len, padding) <= 0) { @@ -4248,7 +4249,7 @@ int wolfSSL_RSA_verify_ex(int hashAlg, const unsigned char* hash, if (ret == 1) { #if defined(WC_RSA_PSS) && !defined(HAVE_SELFTEST) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 1)) - if (padding == RSA_PKCS1_PSS_PADDING) { + if (padding == WC_RSA_PKCS1_PSS_PADDING) { /* Check PSS padding is valid. */ if (wc_RsaPSS_CheckPadding_ex(hash, hLen, sigDec, (word32)verLen, hType, DEF_PSS_SALT_LEN, @@ -4324,15 +4325,15 @@ int wolfSSL_RSA_public_encrypt(int len, const unsigned char* from, #if !defined(HAVE_FIPS) /* Convert to wolfCrypt padding, hash and MGF. */ switch (padding) { - case RSA_PKCS1_PADDING: + case WC_RSA_PKCS1_PADDING: pad_type = WC_RSA_PKCSV15_PAD; break; - case RSA_PKCS1_OAEP_PADDING: + case WC_RSA_PKCS1_OAEP_PADDING: pad_type = WC_RSA_OAEP_PAD; hash = WC_HASH_TYPE_SHA; mgf = WC_MGF1SHA1; break; - case RSA_NO_PADDING: + case WC_RSA_NO_PAD: pad_type = WC_RSA_NO_PAD; break; default: @@ -4343,7 +4344,7 @@ int wolfSSL_RSA_public_encrypt(int len, const unsigned char* from, #else /* Check for supported padding schemes in FIPS. */ /* TODO: Do we support more schemes in later versions of FIPS? */ - if (padding != RSA_PKCS1_PADDING) { + if (padding != WC_RSA_PKCS1_PADDING) { WOLFSSL_ERROR_MSG("RSA_public_encrypt pad type not supported in " "FIPS"); ret = WOLFSSL_FATAL_ERROR; @@ -4436,15 +4437,15 @@ int wolfSSL_RSA_private_decrypt(int len, const unsigned char* from, if (ret == 0) { #if !defined(HAVE_FIPS) switch (padding) { - case RSA_PKCS1_PADDING: + case WC_RSA_PKCS1_PADDING: pad_type = WC_RSA_PKCSV15_PAD; break; - case RSA_PKCS1_OAEP_PADDING: + case WC_RSA_PKCS1_OAEP_PADDING: pad_type = WC_RSA_OAEP_PAD; hash = WC_HASH_TYPE_SHA; mgf = WC_MGF1SHA1; break; - case RSA_NO_PADDING: + case WC_RSA_NO_PAD: pad_type = WC_RSA_NO_PAD; break; default: @@ -4454,7 +4455,7 @@ int wolfSSL_RSA_private_decrypt(int len, const unsigned char* from, #else /* Check for supported padding schemes in FIPS. */ /* TODO: Do we support more schemes in later versions of FIPS? */ - if (padding != RSA_PKCS1_PADDING) { + if (padding != WC_RSA_PKCS1_PADDING) { WOLFSSL_ERROR_MSG("RSA_public_encrypt pad type not supported in " "FIPS"); ret = WOLFSSL_FATAL_ERROR; @@ -4527,10 +4528,10 @@ int wolfSSL_RSA_public_decrypt(int len, const unsigned char* from, if (ret == 0) { #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) switch (padding) { - case RSA_PKCS1_PADDING: + case WC_RSA_PKCS1_PADDING: pad_type = WC_RSA_PKCSV15_PAD; break; - case RSA_NO_PADDING: + case WC_RSA_NO_PAD: pad_type = WC_RSA_NO_PAD; break; /* TODO: RSA_X931_PADDING not supported */ @@ -4539,7 +4540,7 @@ int wolfSSL_RSA_public_decrypt(int len, const unsigned char* from, ret = WOLFSSL_FATAL_ERROR; } #else - if (padding != RSA_PKCS1_PADDING) { + if (padding != WC_RSA_PKCS1_PADDING) { WOLFSSL_ERROR_MSG("RSA_public_decrypt pad type not supported in " "FIPS"); ret = WOLFSSL_FATAL_ERROR; @@ -4618,9 +4619,9 @@ int wolfSSL_RSA_private_encrypt(int len, const unsigned char* from, if (ret == 0) { switch (padding) { - case RSA_PKCS1_PADDING: + case WC_RSA_PKCS1_PADDING: #ifdef WC_RSA_NO_PADDING - case RSA_NO_PADDING: + case WC_RSA_NO_PAD: #endif break; /* TODO: RSA_X931_PADDING not supported */ @@ -4646,12 +4647,12 @@ int wolfSSL_RSA_private_encrypt(int len, const unsigned char* from, if (ret == 0) { /* Use wolfCrypt to private-encrypt with RSA key. * Size of output buffer must be size of RSA key. */ - if (padding == RSA_PKCS1_PADDING) { + if (padding == WC_RSA_PKCS1_PADDING) { ret = wc_RsaSSL_Sign(from, (word32)len, to, (word32)wolfSSL_RSA_size(rsa), (RsaKey*)rsa->internal, rng); } #ifdef WC_RSA_NO_PADDING - else if (padding == RSA_NO_PADDING) { + else if (padding == WC_RSA_NO_PAD) { word32 outLen = (word32)wolfSSL_RSA_size(rsa); ret = wc_RsaFunction(from, (word32)len, to, &outLen, RSA_PRIVATE_ENCRYPT, (RsaKey*)rsa->internal, rng); @@ -5843,7 +5844,7 @@ WOLFSSL_DSA* wolfSSL_d2i_DSAparams(WOLFSSL_DSA** dsa, const unsigned char** der, * Returns 1 or 0 */ int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa, - const EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, + const WOLFSSL_EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, wc_pem_password_cb* cb, void* arg) { int ret = 1; @@ -5961,7 +5962,7 @@ int wolfSSL_PEM_write_bio_DSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa) * 1 if success, 0 if error */ int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa, - const EVP_CIPHER* cipher, + const WOLFSSL_EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, unsigned char **pem, int *pLen) { @@ -6081,7 +6082,7 @@ int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa, * 1 if success, 0 if error */ int wolfSSL_PEM_write_DSAPrivateKey(XFILE fp, WOLFSSL_DSA *dsa, - const EVP_CIPHER *enc, + const WOLFSSL_EVP_CIPHER *enc, unsigned char *kstr, int klen, wc_pem_password_cb *cb, void *u) { @@ -6527,17 +6528,17 @@ static int wolfssl_dh_set_nid(WOLFSSL_DH* dh, int nid) * FIPS v2 module */ switch (nid) { #ifdef HAVE_FFDHE_2048 - case NID_ffdhe2048: + case WC_NID_ffdhe2048: params = wc_Dh_ffdhe2048_Get(); break; #endif /* HAVE_FFDHE_2048 */ #ifdef HAVE_FFDHE_3072 - case NID_ffdhe3072: + case WC_NID_ffdhe3072: params = wc_Dh_ffdhe3072_Get(); break; #endif /* HAVE_FFDHE_3072 */ #ifdef HAVE_FFDHE_4096 - case NID_ffdhe4096: + case WC_NID_ffdhe4096: params = wc_Dh_ffdhe4096_Get(); break; #endif /* HAVE_FFDHE_4096 */ @@ -6623,17 +6624,17 @@ static int wolfssl_dh_set_nid(WOLFSSL_DH* dh, int nid) switch (nid) { #ifdef HAVE_FFDHE_2048 - case NID_ffdhe2048: + case WC_NID_ffdhe2048: name = WC_FFDHE_2048; break; #endif /* HAVE_FFDHE_2048 */ #ifdef HAVE_FFDHE_3072 - case NID_ffdhe3072: + case WC_NID_ffdhe3072: name = WC_FFDHE_3072; break; #endif /* HAVE_FFDHE_3072 */ #ifdef HAVE_FFDHE_4096 - case NID_ffdhe4096: + case WC_NID_ffdhe4096: name = WC_FFDHE_4096; break; #endif /* HAVE_FFDHE_4096 */ @@ -8782,7 +8783,7 @@ static int _DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* otherPub, ret = WOLFSSL_FATAL_ERROR; } /* Get the maximum size of computed DH key. */ - if ((ret == 0) && ((keySz = (word32)DH_size(dh)) == 0)) { + if ((ret == 0) && ((keySz = (word32)wolfSSL_DH_size(dh)) == 0)) { WOLFSSL_ERROR_MSG("Bad DH_size"); ret = WOLFSSL_FATAL_ERROR; } @@ -9047,7 +9048,7 @@ int wolfSSL_EC_METHOD_get_field_type(const WOLFSSL_EC_METHOD *meth) if (meth != NULL) { /* Only field type supported by code base. */ - nid = NID_X9_62_prime_field; + nid = WC_NID_X9_62_prime_field; } return nid; @@ -9071,62 +9072,62 @@ int EccEnumToNID(int n) switch(n) { case ECC_SECP192R1: - return NID_X9_62_prime192v1; + return WC_NID_X9_62_prime192v1; case ECC_PRIME192V2: - return NID_X9_62_prime192v2; + return WC_NID_X9_62_prime192v2; case ECC_PRIME192V3: - return NID_X9_62_prime192v3; + return WC_NID_X9_62_prime192v3; case ECC_PRIME239V1: - return NID_X9_62_prime239v1; + return WC_NID_X9_62_prime239v1; case ECC_PRIME239V2: - return NID_X9_62_prime239v2; + return WC_NID_X9_62_prime239v2; case ECC_PRIME239V3: - return NID_X9_62_prime239v3; + return WC_NID_X9_62_prime239v3; case ECC_SECP256R1: - return NID_X9_62_prime256v1; + return WC_NID_X9_62_prime256v1; case ECC_SECP112R1: - return NID_secp112r1; + return WC_NID_secp112r1; case ECC_SECP112R2: - return NID_secp112r2; + return WC_NID_secp112r2; case ECC_SECP128R1: - return NID_secp128r1; + return WC_NID_secp128r1; case ECC_SECP128R2: - return NID_secp128r2; + return WC_NID_secp128r2; case ECC_SECP160R1: - return NID_secp160r1; + return WC_NID_secp160r1; case ECC_SECP160R2: - return NID_secp160r2; + return WC_NID_secp160r2; case ECC_SECP224R1: - return NID_secp224r1; + return WC_NID_secp224r1; case ECC_SECP384R1: - return NID_secp384r1; + return WC_NID_secp384r1; case ECC_SECP521R1: - return NID_secp521r1; + return WC_NID_secp521r1; case ECC_SECP160K1: - return NID_secp160k1; + return WC_NID_secp160k1; case ECC_SECP192K1: - return NID_secp192k1; + return WC_NID_secp192k1; case ECC_SECP224K1: - return NID_secp224k1; + return WC_NID_secp224k1; case ECC_SECP256K1: - return NID_secp256k1; + return WC_NID_secp256k1; case ECC_BRAINPOOLP160R1: - return NID_brainpoolP160r1; + return WC_NID_brainpoolP160r1; case ECC_BRAINPOOLP192R1: - return NID_brainpoolP192r1; + return WC_NID_brainpoolP192r1; case ECC_BRAINPOOLP224R1: - return NID_brainpoolP224r1; + return WC_NID_brainpoolP224r1; case ECC_BRAINPOOLP256R1: - return NID_brainpoolP256r1; + return WC_NID_brainpoolP256r1; case ECC_BRAINPOOLP320R1: - return NID_brainpoolP320r1; + return WC_NID_brainpoolP320r1; case ECC_BRAINPOOLP384R1: - return NID_brainpoolP384r1; + return WC_NID_brainpoolP384r1; case ECC_BRAINPOOLP512R1: - return NID_brainpoolP512r1; + return WC_NID_brainpoolP512r1; #ifdef WOLFSSL_SM2 case ECC_SM2P256V1: - return NID_sm2; + return WC_NID_sm2; #endif default: WOLFSSL_MSG("NID not found"); @@ -9151,85 +9152,85 @@ int NIDToEccEnum(int nid) WOLFSSL_ENTER("NIDToEccEnum"); switch (nid) { - case NID_X9_62_prime192v1: + case WC_NID_X9_62_prime192v1: id = ECC_SECP192R1; break; - case NID_X9_62_prime192v2: + case WC_NID_X9_62_prime192v2: id = ECC_PRIME192V2; break; - case NID_X9_62_prime192v3: + case WC_NID_X9_62_prime192v3: id = ECC_PRIME192V3; break; - case NID_X9_62_prime239v1: + case WC_NID_X9_62_prime239v1: id = ECC_PRIME239V1; break; - case NID_X9_62_prime239v2: + case WC_NID_X9_62_prime239v2: id = ECC_PRIME239V2; break; - case NID_X9_62_prime239v3: + case WC_NID_X9_62_prime239v3: id = ECC_PRIME239V3; break; - case NID_X9_62_prime256v1: + case WC_NID_X9_62_prime256v1: id = ECC_SECP256R1; break; - case NID_secp112r1: + case WC_NID_secp112r1: id = ECC_SECP112R1; break; - case NID_secp112r2: + case WC_NID_secp112r2: id = ECC_SECP112R2; break; - case NID_secp128r1: + case WC_NID_secp128r1: id = ECC_SECP128R1; break; - case NID_secp128r2: + case WC_NID_secp128r2: id = ECC_SECP128R2; break; - case NID_secp160r1: + case WC_NID_secp160r1: id = ECC_SECP160R1; break; - case NID_secp160r2: + case WC_NID_secp160r2: id = ECC_SECP160R2; break; - case NID_secp224r1: + case WC_NID_secp224r1: id = ECC_SECP224R1; break; - case NID_secp384r1: + case WC_NID_secp384r1: id = ECC_SECP384R1; break; - case NID_secp521r1: + case WC_NID_secp521r1: id = ECC_SECP521R1; break; - case NID_secp160k1: + case WC_NID_secp160k1: id = ECC_SECP160K1; break; - case NID_secp192k1: + case WC_NID_secp192k1: id = ECC_SECP192K1; break; - case NID_secp224k1: + case WC_NID_secp224k1: id = ECC_SECP224K1; break; - case NID_secp256k1: + case WC_NID_secp256k1: id = ECC_SECP256K1; break; - case NID_brainpoolP160r1: + case WC_NID_brainpoolP160r1: id = ECC_BRAINPOOLP160R1; break; - case NID_brainpoolP192r1: + case WC_NID_brainpoolP192r1: id = ECC_BRAINPOOLP192R1; break; - case NID_brainpoolP224r1: + case WC_NID_brainpoolP224r1: id = ECC_BRAINPOOLP224R1; break; - case NID_brainpoolP256r1: + case WC_NID_brainpoolP256r1: id = ECC_BRAINPOOLP256R1; break; - case NID_brainpoolP320r1: + case WC_NID_brainpoolP320r1: id = ECC_BRAINPOOLP320R1; break; - case NID_brainpoolP384r1: + case WC_NID_brainpoolP384r1: id = ECC_BRAINPOOLP384R1; break; - case NID_brainpoolP512r1: + case WC_NID_brainpoolP512r1: id = ECC_BRAINPOOLP512R1; break; default: @@ -9641,53 +9642,53 @@ int wolfSSL_EC_GROUP_get_degree(const WOLFSSL_EC_GROUP *group) } else { switch (group->curve_nid) { - case NID_secp112r1: - case NID_secp112r2: + case WC_NID_secp112r1: + case WC_NID_secp112r2: degree = 112; break; - case NID_secp128r1: - case NID_secp128r2: + case WC_NID_secp128r1: + case WC_NID_secp128r2: degree = 128; break; - case NID_secp160k1: - case NID_secp160r1: - case NID_secp160r2: - case NID_brainpoolP160r1: + case WC_NID_secp160k1: + case WC_NID_secp160r1: + case WC_NID_secp160r2: + case WC_NID_brainpoolP160r1: degree = 160; break; - case NID_secp192k1: - case NID_brainpoolP192r1: - case NID_X9_62_prime192v1: - case NID_X9_62_prime192v2: - case NID_X9_62_prime192v3: + case WC_NID_secp192k1: + case WC_NID_brainpoolP192r1: + case WC_NID_X9_62_prime192v1: + case WC_NID_X9_62_prime192v2: + case WC_NID_X9_62_prime192v3: degree = 192; break; - case NID_secp224k1: - case NID_secp224r1: - case NID_brainpoolP224r1: + case WC_NID_secp224k1: + case WC_NID_secp224r1: + case WC_NID_brainpoolP224r1: degree = 224; break; - case NID_X9_62_prime239v1: - case NID_X9_62_prime239v2: - case NID_X9_62_prime239v3: + case WC_NID_X9_62_prime239v1: + case WC_NID_X9_62_prime239v2: + case WC_NID_X9_62_prime239v3: degree = 239; break; - case NID_secp256k1: - case NID_brainpoolP256r1: - case NID_X9_62_prime256v1: + case WC_NID_secp256k1: + case WC_NID_brainpoolP256r1: + case WC_NID_X9_62_prime256v1: degree = 256; break; - case NID_brainpoolP320r1: + case WC_NID_brainpoolP320r1: degree = 320; break; - case NID_secp384r1: - case NID_brainpoolP384r1: + case WC_NID_secp384r1: + case WC_NID_brainpoolP384r1: degree = 384; break; - case NID_brainpoolP512r1: + case WC_NID_brainpoolP512r1: degree = 512; break; - case NID_secp521r1: + case WC_NID_secp521r1: degree = 521; break; } @@ -10158,7 +10159,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, if (!err) { /* [] */ len = sz + 1; - if (form == POINT_CONVERSION_UNCOMPRESSED) { + if (form == WC_POINT_CONVERSION_UNCOMPRESSED) { /* Include y ordinate when uncompressed. */ len += sz; } @@ -10184,7 +10185,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, } } if (!err) { - if (form == POINT_CONVERSION_COMPRESSED) { + if (form == WC_POINT_CONVERSION_COMPRESSED) { /* Compressed format byte value dependent on whether y-ordinate is * odd. */ @@ -10241,13 +10242,13 @@ static size_t hex_to_bytes(const char *hex, unsigned char *output, size_t sz) return sz; } -WOLFSSL_EC_POINT* wolfSSL_EC_POINT_hex2point(const EC_GROUP *group, +WOLFSSL_EC_POINT* wolfSSL_EC_POINT_hex2point(const WOLFSSL_EC_GROUP *group, const char *hex, WOLFSSL_EC_POINT*p, WOLFSSL_BN_CTX *ctx) { /* for uncompressed mode */ size_t str_sz; - BIGNUM *Gx = NULL; - BIGNUM *Gy = NULL; + WOLFSSL_BIGNUM *Gx = NULL; + WOLFSSL_BIGNUM *Gy = NULL; char strGx[MAX_ECC_BYTES * 2 + 1]; /* for compressed mode */ @@ -10314,7 +10315,7 @@ WOLFSSL_EC_POINT* wolfSSL_EC_POINT_hex2point(const EC_GROUP *group, wolfSSL_BN_free(Gx); wolfSSL_BN_free(Gy); if (p_alloc) { - EC_POINT_free(p); + wolfSSL_EC_POINT_free(p); } return NULL; @@ -10492,7 +10493,7 @@ size_t wolfSSL_EC_POINT_point2oct(const WOLFSSL_EC_GROUP *group, int err = 0; word32 enc_len = (word32)len; #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) - int compressed = ((form == POINT_CONVERSION_COMPRESSED) ? 1 : 0); + int compressed = ((form == WC_POINT_CONVERSION_COMPRESSED) ? 1 : 0); #endif /* !HAVE_SELFTEST */ WOLFSSL_ENTER("wolfSSL_EC_POINT_point2oct"); @@ -10517,7 +10518,7 @@ size_t wolfSSL_EC_POINT_point2oct(const WOLFSSL_EC_GROUP *group, if (buf != NULL) { /* Check whether buffer has space. */ if (len < 1) { - ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL); + wolfSSL_ECerr(WOLFSSL_EC_F_EC_GFP_SIMPLE_POINT2OCT, BUFFER_E); err = 1; } else { @@ -10529,9 +10530,9 @@ size_t wolfSSL_EC_POINT_point2oct(const WOLFSSL_EC_GROUP *group, /* Not infinity. */ else if (!err) { /* Validate format. */ - if (form != POINT_CONVERSION_UNCOMPRESSED + if (form != WC_POINT_CONVERSION_UNCOMPRESSED #ifndef HAVE_SELFTEST - && form != POINT_CONVERSION_COMPRESSED + && form != WC_POINT_CONVERSION_COMPRESSED #endif /* !HAVE_SELFTEST */ ) { WOLFSSL_MSG("Unsupported point form"); @@ -10612,8 +10613,8 @@ int wolfSSL_EC_POINT_oct2point(const WOLFSSL_EC_GROUP *group, * @param [in] group EC group. * @param [in] point EC point. * @param [in] form Format of encoding. Valid values: - * POINT_CONVERSION_UNCOMPRESSED, - * POINT_CONVERSION_COMPRESSED. + * WC_POINT_CONVERSION_UNCOMPRESSED, + * WC_POINT_CONVERSION_COMPRESSED. * @param [in, out] bn BN to hold point value. * When NULL a new BN is allocated otherwise this is * returned on success. @@ -10830,10 +10831,10 @@ int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP* group, } /* Copy the externally set x and y ordinates. */ - if ((ret == 1) && (BN_copy(x, point->X) == NULL)) { + if ((ret == 1) && (wolfSSL_BN_copy(x, point->X) == NULL)) { ret = 0; } - if ((ret == 1) && (BN_copy(y, point->Y) == NULL)) { + if ((ret == 1) && (wolfSSL_BN_copy(y, point->Y) == NULL)) { ret = 0; } @@ -11850,7 +11851,7 @@ WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_ex(void* heap, int devId) /* Cache heap hint. */ key->heap = heap; /* Initialize fields to defaults. */ - key->form = POINT_CONVERSION_UNCOMPRESSED; + key->form = WC_POINT_CONVERSION_UNCOMPRESSED; /* Initialize reference count. */ wolfSSL_RefInit(&key->ref, &err); @@ -11876,7 +11877,7 @@ WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_ex(void* heap, int devId) if (!err) { /* Group unknown at creation */ - key->group = wolfSSL_EC_GROUP_new_by_curve_name(NID_undef); + key->group = wolfSSL_EC_GROUP_new_by_curve_name(WC_NID_undef); if (key->group == NULL) { WOLFSSL_MSG("wolfSSL_EC_KEY_new malloc WOLFSSL_EC_GROUP failure"); err = 1; @@ -12213,7 +12214,7 @@ int wolfSSL_i2o_ECPublicKey(const WOLFSSL_EC_KEY *key, unsigned char **out) { int ret = 1; size_t len = 0; - int form = POINT_CONVERSION_UNCOMPRESSED; + int form = WC_POINT_CONVERSION_UNCOMPRESSED; WOLFSSL_ENTER("wolfSSL_i2o_ECPublicKey"); @@ -12233,9 +12234,9 @@ int wolfSSL_i2o_ECPublicKey(const WOLFSSL_EC_KEY *key, unsigned char **out) if (ret == 1) { #ifdef HAVE_COMP_KEY /* Default to compressed form if not set */ - form = (key->form != POINT_CONVERSION_UNCOMPRESSED) ? - POINT_CONVERSION_UNCOMPRESSED : - POINT_CONVERSION_COMPRESSED; + form = (key->form != WC_POINT_CONVERSION_UNCOMPRESSED) ? + WC_POINT_CONVERSION_UNCOMPRESSED : + WC_POINT_CONVERSION_COMPRESSED; #endif /* Calculate length of point encoding. */ @@ -12899,7 +12900,7 @@ int wolfSSL_PEM_write_bio_EC_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec) * @return 0 on error. */ int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec, - const EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, + const WOLFSSL_EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, wc_pem_password_cb* cb, void* arg) { int ret = 1; @@ -12947,7 +12948,7 @@ int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec, * @return 0 on error. */ int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* ec, - const EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, + const WOLFSSL_EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, unsigned char **pem, int *pLen) { #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) @@ -13036,7 +13037,7 @@ int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* ec, * @return 0 on error. */ int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *ec, - const EVP_CIPHER *cipher, unsigned char *passwd, int passwdSz, + const WOLFSSL_EVP_CIPHER *cipher, unsigned char *passwd, int passwdSz, wc_pem_password_cb *cb, void *pass) { int ret = 1; @@ -13139,7 +13140,7 @@ int wolfSSL_EC_KEY_print_fp(XFILE fp, WOLFSSL_EC_KEY* key, int indent) if ((ret == 1) && (key->pub_key != NULL) && (key->pub_key->exSet)) { /* Get the public key point as one BN. */ WOLFSSL_BIGNUM* pubBn = wolfSSL_EC_POINT_point2bn(key->group, - key->pub_key, POINT_CONVERSION_UNCOMPRESSED, NULL, NULL); + key->pub_key, WC_POINT_CONVERSION_UNCOMPRESSED, NULL, NULL); if (pubBn == NULL) { WOLFSSL_MSG("wolfSSL_EC_POINT_point2bn failed."); ret = 0; @@ -13330,7 +13331,8 @@ int SetECKeyInternal(WOLFSSL_EC_KEY* eckey) * @return Point conversion format on success. * @return -1 on error. */ -point_conversion_form_t wolfSSL_EC_KEY_get_conv_form(const WOLFSSL_EC_KEY* key) +wc_point_conversion_form_t wolfSSL_EC_KEY_get_conv_form( + const WOLFSSL_EC_KEY* key) { if (key == NULL) return WOLFSSL_FATAL_ERROR; @@ -13341,17 +13343,17 @@ point_conversion_form_t wolfSSL_EC_KEY_get_conv_form(const WOLFSSL_EC_KEY* key) * * @param [in, out] key EC key to set format into. * @param [in] form Point conversion format. Valid values: - * POINT_CONVERSION_UNCOMPRESSED, - * POINT_CONVERSION_COMPRESSED (when HAVE_COMP_KEY) + * WC_POINT_CONVERSION_UNCOMPRESSED, + * WC_POINT_CONVERSION_COMPRESSED (when HAVE_COMP_KEY) */ void wolfSSL_EC_KEY_set_conv_form(WOLFSSL_EC_KEY *key, int form) { if (key == NULL) { WOLFSSL_MSG("Key passed in NULL"); } - else if (form == POINT_CONVERSION_UNCOMPRESSED + else if (form == WC_POINT_CONVERSION_UNCOMPRESSED #ifdef HAVE_COMP_KEY - || form == POINT_CONVERSION_COMPRESSED + || form == WC_POINT_CONVERSION_COMPRESSED #endif ) { key->form = (unsigned char)form; @@ -14060,7 +14062,7 @@ int wolfSSL_ECDSA_size(const WOLFSSL_EC_KEY *key) { int err = 0; int len = 0; - const EC_GROUP *group = NULL; + const WOLFSSL_EC_GROUP *group = NULL; int bits = 0; /* Validate parameter. */ @@ -15497,24 +15499,24 @@ int wolfSSL_PEM_write_bio_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key) if ((bio != NULL) && (key != NULL)) { switch (key->type) { #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: ret = wolfSSL_PEM_write_bio_RSA_PUBKEY(bio, key->rsa); break; #endif /* WOLFSSL_KEY_GEN && !NO_RSA */ #if !defined(NO_DSA) && !defined(HAVE_SELFTEST) && \ (defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)) - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: ret = wolfSSL_PEM_write_bio_DSA_PUBKEY(bio, key->dsa); break; #endif /* !NO_DSA && !HAVE_SELFTEST && (WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN) */ #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && \ defined(WOLFSSL_KEY_GEN) - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: ret = wolfSSL_PEM_write_bio_EC_PUBKEY(bio, key->ecc); break; #endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */ #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: /* DH public key not supported. */ WOLFSSL_MSG("Writing DH PUBKEY not supported!"); break; @@ -15565,21 +15567,21 @@ int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key, #ifdef WOLFSSL_KEY_GEN switch (key->type) { #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: /* Write using RSA specific API. */ ret = wolfSSL_PEM_write_bio_RSAPrivateKey(bio, key->rsa, cipher, passwd, len, cb, arg); break; #endif #ifndef NO_DSA - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: /* Write using DSA specific API. */ ret = wolfSSL_PEM_write_bio_DSAPrivateKey(bio, key->dsa, cipher, passwd, len, cb, arg); break; #endif #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: #if defined(HAVE_ECC_KEY_EXPORT) /* Write using EC specific API. */ ret = wolfSSL_PEM_write_bio_ECPrivateKey(bio, key->ecc, @@ -15591,7 +15593,7 @@ int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key, break; #endif #ifndef NO_DH - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: /* Write using generic API with DH type. */ ret = der_write_to_bio_as_pem((byte*)key->pkey.ptr, key->pkey_sz, bio, DH_PRIVATEKEY_TYPE); @@ -15607,22 +15609,22 @@ int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key, switch (key->type) { #ifndef NO_DSA - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: type = DSA_PRIVATEKEY_TYPE; break; #endif #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: type = ECC_PRIVATEKEY_TYPE; break; #endif #ifndef NO_DH - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: type = DH_PRIVATEKEY_TYPE; break; #endif #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: type = PRIVATEKEY_TYPE; break; #endif @@ -15738,16 +15740,16 @@ WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio, /* No key format set - default to RSA. */ case 0: case RSAk: - type = EVP_PKEY_RSA; + type = WC_EVP_PKEY_RSA; break; case DSAk: - type = EVP_PKEY_DSA; + type = WC_EVP_PKEY_DSA; break; case ECDSAk: - type = EVP_PKEY_EC; + type = WC_EVP_PKEY_EC; break; case DHk: - type = EVP_PKEY_DH; + type = WC_EVP_PKEY_DH; break; default: type = WOLFSSL_FATAL_ERROR; @@ -15780,8 +15782,9 @@ WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio, } -PKCS8_PRIV_KEY_INFO* wolfSSL_PEM_read_bio_PKCS8_PRIV_KEY_INFO(WOLFSSL_BIO* bio, - PKCS8_PRIV_KEY_INFO** key, wc_pem_password_cb* cb, void* arg) +WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_PEM_read_bio_PKCS8_PRIV_KEY_INFO( + WOLFSSL_BIO* bio, WOLFSSL_PKCS8_PRIV_KEY_INFO** key, wc_pem_password_cb* cb, + void* arg) { return wolfSSL_PEM_read_bio_PrivateKey(bio, key, cb, arg); } @@ -15884,16 +15887,16 @@ WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_PrivateKey(XFILE fp, WOLFSSL_EVP_PKEY **key, /* No key format set - default to RSA. */ case 0: case RSAk: - type = EVP_PKEY_RSA; + type = WC_EVP_PKEY_RSA; break; case DSAk: - type = EVP_PKEY_DSA; + type = WC_EVP_PKEY_DSA; break; case ECDSAk: - type = EVP_PKEY_EC; + type = WC_EVP_PKEY_EC; break; case DHk: - type = EVP_PKEY_DH; + type = WC_EVP_PKEY_DH; break; default: type = WOLFSSL_FATAL_ERROR; @@ -16503,7 +16506,7 @@ int pkcs8_encode(WOLFSSL_EVP_PKEY* pkey, byte* key, word32* keySz) /* Get the details of the private key. */ #ifdef HAVE_ECC - if (pkey->type == EVP_PKEY_EC) { + if (pkey->type == WC_EVP_PKEY_EC) { /* ECC private and get curve OID information. */ algId = ECDSAk; ret = wc_ecc_get_oid(pkey->ecc->group->curve_oid, &curveOid, @@ -16511,19 +16514,19 @@ int pkcs8_encode(WOLFSSL_EVP_PKEY* pkey, byte* key, word32* keySz) } else #endif - if (pkey->type == EVP_PKEY_RSA) { + if (pkey->type == WC_EVP_PKEY_RSA) { /* RSA private has no curve information. */ algId = RSAk; curveOid = NULL; oidSz = 0; } - else if (pkey->type == EVP_PKEY_DSA) { + else if (pkey->type == WC_EVP_PKEY_DSA) { /* DSA has no curve information. */ algId = DSAk; curveOid = NULL; oidSz = 0; } - else if (pkey->type == EVP_PKEY_DH) { + else if (pkey->type == WC_EVP_PKEY_DH) { if (pkey->dh == NULL) return BAD_FUNC_ARG; diff --git a/src/quic.c b/src/quic.c index f709ea6935..64cf14fc86 100644 --- a/src/quic.c +++ b/src/quic.c @@ -1193,7 +1193,7 @@ int wolfSSL_quic_hkdf_extract(uint8_t* dest, const WOLFSSL_EVP_MD* md, WOLFSSL_ENTER("wolfSSL_quic_hkdf_extract"); - pctx = wolfSSL_EVP_PKEY_CTX_new_id(NID_hkdf, NULL); + pctx = wolfSSL_EVP_PKEY_CTX_new_id(WC_NID_hkdf, NULL); if (pctx == NULL) { ret = WOLFSSL_FAILURE; goto cleanup; @@ -1201,7 +1201,7 @@ int wolfSSL_quic_hkdf_extract(uint8_t* dest, const WOLFSSL_EVP_MD* md, if (wolfSSL_EVP_PKEY_derive_init(pctx) != WOLFSSL_SUCCESS || wolfSSL_EVP_PKEY_CTX_hkdf_mode( - pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) != WOLFSSL_SUCCESS + pctx, WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) != WOLFSSL_SUCCESS || wolfSSL_EVP_PKEY_CTX_set_hkdf_md(pctx, md) != WOLFSSL_SUCCESS || wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt( pctx, (byte*)salt, (int)saltlen) != WOLFSSL_SUCCESS @@ -1230,7 +1230,7 @@ int wolfSSL_quic_hkdf_expand(uint8_t* dest, size_t destlen, WOLFSSL_ENTER("wolfSSL_quic_hkdf_expand"); - pctx = wolfSSL_EVP_PKEY_CTX_new_id(NID_hkdf, NULL); + pctx = wolfSSL_EVP_PKEY_CTX_new_id(WC_NID_hkdf, NULL); if (pctx == NULL) { ret = WOLFSSL_FAILURE; goto cleanup; @@ -1238,7 +1238,7 @@ int wolfSSL_quic_hkdf_expand(uint8_t* dest, size_t destlen, if (wolfSSL_EVP_PKEY_derive_init(pctx) != WOLFSSL_SUCCESS || wolfSSL_EVP_PKEY_CTX_hkdf_mode( - pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) != WOLFSSL_SUCCESS + pctx, WOLFSSL_EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) != WOLFSSL_SUCCESS || wolfSSL_EVP_PKEY_CTX_set_hkdf_md(pctx, md) != WOLFSSL_SUCCESS || wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt( pctx, (byte*)"", 0) != WOLFSSL_SUCCESS @@ -1253,7 +1253,7 @@ int wolfSSL_quic_hkdf_expand(uint8_t* dest, size_t destlen, cleanup: if (pctx) - EVP_PKEY_CTX_free(pctx); + wolfSSL_EVP_PKEY_CTX_free(pctx); WOLFSSL_LEAVE("wolfSSL_quic_hkdf_expand", ret); return ret; } @@ -1270,7 +1270,7 @@ int wolfSSL_quic_hkdf(uint8_t* dest, size_t destlen, WOLFSSL_ENTER("wolfSSL_quic_hkdf"); - pctx = wolfSSL_EVP_PKEY_CTX_new_id(NID_hkdf, NULL); + pctx = wolfSSL_EVP_PKEY_CTX_new_id(WC_NID_hkdf, NULL); if (pctx == NULL) { ret = WOLFSSL_FAILURE; goto cleanup; @@ -1278,7 +1278,7 @@ int wolfSSL_quic_hkdf(uint8_t* dest, size_t destlen, if (wolfSSL_EVP_PKEY_derive_init(pctx) != WOLFSSL_SUCCESS || wolfSSL_EVP_PKEY_CTX_hkdf_mode( - pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND) != WOLFSSL_SUCCESS + pctx, WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND) != WOLFSSL_SUCCESS || wolfSSL_EVP_PKEY_CTX_set_hkdf_md(pctx, md) != WOLFSSL_SUCCESS || wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt( pctx, (byte*)salt, (int)saltlen) != WOLFSSL_SUCCESS @@ -1293,7 +1293,7 @@ int wolfSSL_quic_hkdf(uint8_t* dest, size_t destlen, cleanup: if (pctx) - EVP_PKEY_CTX_free(pctx); + wolfSSL_EVP_PKEY_CTX_free(pctx); WOLFSSL_LEAVE("wolfSSL_quic_hkdf", ret); return ret; } @@ -1346,7 +1346,7 @@ int wolfSSL_quic_aead_encrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* ctx, ctx, dest, &len, plain, (int)plainlen) != WOLFSSL_SUCCESS || wolfSSL_EVP_CipherFinal(ctx, dest + len, &len) != WOLFSSL_SUCCESS || wolfSSL_EVP_CIPHER_CTX_ctrl( - ctx, EVP_CTRL_AEAD_GET_TAG, ctx->authTagSz, dest + plainlen) + ctx, WOLFSSL_EVP_CTRL_AEAD_GET_TAG, ctx->authTagSz, dest + plainlen) != WOLFSSL_SUCCESS) { return WOLFSSL_FAILURE; } @@ -1373,7 +1373,7 @@ int wolfSSL_quic_aead_decrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* ctx, if (wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 0) != WOLFSSL_SUCCESS || wolfSSL_EVP_CIPHER_CTX_ctrl( - ctx, EVP_CTRL_AEAD_SET_TAG, ctx->authTagSz, (uint8_t*)tag) + ctx, WOLFSSL_EVP_CTRL_AEAD_SET_TAG, ctx->authTagSz, (uint8_t*)tag) != WOLFSSL_SUCCESS || wolfSSL_EVP_CipherUpdate(ctx, NULL, &len, aad, (int)aadlen) != WOLFSSL_SUCCESS diff --git a/src/ssl.c b/src/ssl.c index 4c3e361a79..e70b95ffe3 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -53,7 +53,7 @@ #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(WOLFSSL_STATIC_RSA) \ && !defined(WOLFSSL_STATIC_DH) && !defined(WOLFSSL_STATIC_PSK) \ && !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) - #error "No cipher suites defined because DH disabled, ECC disabled, " + #error "No cipher suites defined because DH disabled, ECC disabled, " \ "and no static suites defined. Please see top of README" #endif #ifdef WOLFSSL_CERT_GEN @@ -208,7 +208,7 @@ * * @param [in] sn Short name of OID. * @return NID corresponding to shortname on success. - * @return NID_undef when not recognized. + * @return WC_NID_undef when not recognized. */ int wc_OBJ_sn2nid(const char *sn) { @@ -217,21 +217,21 @@ int wc_OBJ_sn2nid(const char *sn) int nid; } sn2nid[] = { #ifndef NO_CERTS - {WOLFSSL_COMMON_NAME, NID_commonName}, - {WOLFSSL_COUNTRY_NAME, NID_countryName}, - {WOLFSSL_LOCALITY_NAME, NID_localityName}, - {WOLFSSL_STATE_NAME, NID_stateOrProvinceName}, - {WOLFSSL_ORG_NAME, NID_organizationName}, - {WOLFSSL_ORGUNIT_NAME, NID_organizationalUnitName}, + {WOLFSSL_COMMON_NAME, WC_NID_commonName}, + {WOLFSSL_COUNTRY_NAME, WC_NID_countryName}, + {WOLFSSL_LOCALITY_NAME, WC_NID_localityName}, + {WOLFSSL_STATE_NAME, WC_NID_stateOrProvinceName}, + {WOLFSSL_ORG_NAME, WC_NID_organizationName}, + {WOLFSSL_ORGUNIT_NAME, WC_NID_organizationalUnitName}, #ifdef WOLFSSL_CERT_NAME_ALL - {WOLFSSL_NAME, NID_name}, - {WOLFSSL_INITIALS, NID_initials}, - {WOLFSSL_GIVEN_NAME, NID_givenName}, - {WOLFSSL_DNQUALIFIER, NID_dnQualifier}, + {WOLFSSL_NAME, WC_NID_name}, + {WOLFSSL_INITIALS, WC_NID_initials}, + {WOLFSSL_GIVEN_NAME, WC_NID_givenName}, + {WOLFSSL_DNQUALIFIER, WC_NID_dnQualifier}, #endif - {WOLFSSL_EMAIL_ADDR, NID_emailAddress}, + {WOLFSSL_EMAIL_ADDR, WC_NID_emailAddress}, #endif - {"SHA1", NID_sha1}, + {"SHA1", WC_NID_sha1}, {NULL, -1}}; int i; #ifdef HAVE_ECC @@ -249,7 +249,7 @@ int wc_OBJ_sn2nid(const char *sn) #ifdef HAVE_ECC if (XSTRLEN(sn) > ECC_MAXNAME) - return NID_undef; + return WC_NID_undef; /* Nginx uses this OpenSSL string. */ if (XSTRCMP(sn, "prime256v1") == 0) @@ -275,7 +275,7 @@ int wc_OBJ_sn2nid(const char *sn) } #endif /* HAVE_ECC */ - return NID_undef; + return WC_NID_undef; } #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ @@ -1976,9 +1976,9 @@ int wolfSSL_dtls_set_mtu(WOLFSSL* ssl, word16 newMtu) #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) int wolfSSL_set_mtu_compat(WOLFSSL* ssl, unsigned short mtu) { if (wolfSSL_dtls_set_mtu(ssl, mtu) == 0) - return SSL_SUCCESS; + return WOLFSSL_SUCCESS; else - return SSL_FAILURE; + return WOLFSSL_FAILURE; } #endif /* OPENSSL_ALL || OPENSSL_EXTRA */ @@ -2860,8 +2860,8 @@ int wolfSSL_write(WOLFSSL* ssl, const void* data, int sz) #ifdef OPENSSL_EXTRA if (ssl->CBIS != NULL) { - ssl->CBIS(ssl, SSL_CB_WRITE, WOLFSSL_SUCCESS); - ssl->cbmode = SSL_CB_WRITE; + ssl->CBIS(ssl, WOLFSSL_CB_WRITE, WOLFSSL_SUCCESS); + ssl->cbmode = WOLFSSL_CB_WRITE; } #endif ret = SendData(ssl, data, sz); @@ -2972,8 +2972,8 @@ int wolfSSL_read(WOLFSSL* ssl, void* data, int sz) return BAD_FUNC_ARG; } if (ssl->CBIS != NULL) { - ssl->CBIS(ssl, SSL_CB_READ, WOLFSSL_SUCCESS); - ssl->cbmode = SSL_CB_READ; + ssl->CBIS(ssl, WOLFSSL_CB_READ, WOLFSSL_SUCCESS); + ssl->cbmode = WOLFSSL_CB_READ; } #endif return wolfSSL_read_internal(ssl, data, sz, FALSE); @@ -4156,12 +4156,12 @@ int wolfSSL_get_alert_history(WOLFSSL* ssl, WOLFSSL_ALERT_HISTORY *h) /* returns SSL_WRITING, SSL_READING or SSL_NOTHING */ int wolfSSL_want(WOLFSSL* ssl) { - int rw_state = SSL_NOTHING; + int rw_state = WOLFSSL_NOTHING; if (ssl) { if (ssl->error == WC_NO_ERR_TRACE(WANT_READ)) - rw_state = SSL_READING; + rw_state = WOLFSSL_READING; else if (ssl->error == WC_NO_ERR_TRACE(WANT_WRITE)) - rw_state = SSL_WRITING; + rw_state = WOLFSSL_WRITING; } return rw_state; } @@ -6512,17 +6512,17 @@ WOLFSSL_EVP_PKEY* wolfSSL_CTX_get0_privatekey(const WOLFSSL_CTX* ctx) switch (ctx->privateKeyType) { #ifndef NO_RSA case rsa_sa_algo: - type = EVP_PKEY_RSA; + type = WC_EVP_PKEY_RSA; break; #endif #ifdef HAVE_ECC case ecc_dsa_sa_algo: - type = EVP_PKEY_EC; + type = WC_EVP_PKEY_EC; break; #endif #ifdef WOLFSSL_SM2 case sm2_sa_algo: - type = EVP_PKEY_EC; + type = WC_EVP_PKEY_EC; break; #endif default: @@ -6617,7 +6617,7 @@ static int d2iTryRsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, } if (ret == 1) { XMEMCPY(pkey->pkey.ptr, mem, keyIdx); - pkey->type = EVP_PKEY_RSA; + pkey->type = WC_EVP_PKEY_RSA; pkey->ownRsa = 1; pkey->rsa = wolfssl_rsa_d2i(NULL, mem, memSz, @@ -6701,7 +6701,7 @@ static int d2iTryEccKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, } if (ret == 1) { XMEMCPY(pkey->pkey.ptr, mem, keyIdx); - pkey->type = EVP_PKEY_EC; + pkey->type = WC_EVP_PKEY_EC; pkey->ownEcc = 1; pkey->ecc = wolfSSL_EC_KEY_new(); @@ -6789,7 +6789,7 @@ static int d2iTryDsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, } if (ret == 1) { XMEMCPY(pkey->pkey.ptr, mem, keyIdx); - pkey->type = EVP_PKEY_DSA; + pkey->type = WC_EVP_PKEY_DSA; pkey->ownDsa = 1; pkey->dsa = wolfSSL_DSA_new(); @@ -6873,7 +6873,7 @@ static int d2iTryDhKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, } if (ret == 1) { XMEMCPY(pkey->pkey.ptr, mem, memSz); - pkey->type = EVP_PKEY_DH; + pkey->type = WC_EVP_PKEY_DH; pkey->ownDh = 1; pkey->dh = wolfSSL_DH_new(); @@ -6948,7 +6948,7 @@ static int d2iTryAltDhKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, } ret = 1; - pkey->type = EVP_PKEY_DH; + pkey->type = WC_EVP_PKEY_DH; pkey->pkey_sz = (int)memSz; pkey->pkey.ptr = (char*)XMALLOC(memSz, NULL, priv ? DYNAMIC_TYPE_PRIVATE_KEY : @@ -7064,7 +7064,7 @@ static int d2iTryFalconKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, return 0; } } - pkey->type = EVP_PKEY_FALCON; + pkey->type = WC_EVP_PKEY_FALCON; pkey->pkey.ptr = NULL; pkey->pkey_sz = 0; @@ -7149,7 +7149,7 @@ static int d2iTryDilithiumKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, return 0; } } - pkey->type = EVP_PKEY_DILITHIUM; + pkey->type = WC_EVP_PKEY_DILITHIUM; pkey->pkey.ptr = NULL; pkey->pkey_sz = 0; @@ -7543,14 +7543,14 @@ static WOLFSSL_EVP_PKEY* _d2i_PublicKey(int type, WOLFSSL_EVP_PKEY** out, WOLFSSL_MSG("Found PKCS8 header"); pkcs8HeaderSz = (word16)idx; - if ((type == EVP_PKEY_RSA && algId != RSAk + if ((type == WC_EVP_PKEY_RSA && algId != RSAk #ifdef WC_RSA_PSS && algId != RSAPSSk #endif ) || - (type == EVP_PKEY_EC && algId != ECDSAk) || - (type == EVP_PKEY_DSA && algId != DSAk) || - (type == EVP_PKEY_DH && algId != DHk)) { + (type == WC_EVP_PKEY_EC && algId != ECDSAk) || + (type == WC_EVP_PKEY_DSA && algId != DSAk) || + (type == WC_EVP_PKEY_DH && algId != DHk)) { WOLFSSL_MSG("PKCS8 does not match EVP key type"); return NULL; } @@ -7590,7 +7590,7 @@ static WOLFSSL_EVP_PKEY* _d2i_PublicKey(int type, WOLFSSL_EVP_PKEY** out, switch (type) { #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: opt = priv ? WOLFSSL_RSA_LOAD_PRIVATE : WOLFSSL_RSA_LOAD_PUBLIC; local->ownRsa = 1; local->rsa = wolfssl_rsa_d2i(NULL, @@ -7602,7 +7602,7 @@ static WOLFSSL_EVP_PKEY* _d2i_PublicKey(int type, WOLFSSL_EVP_PKEY** out, break; #endif /* NO_RSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: local->ownEcc = 1; local->ecc = wolfSSL_EC_KEY_new(); if (local->ecc == NULL) { @@ -7622,7 +7622,7 @@ static WOLFSSL_EVP_PKEY* _d2i_PublicKey(int type, WOLFSSL_EVP_PKEY** out, #endif /* HAVE_ECC */ #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) #ifndef NO_DSA - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: local->ownDsa = 1; local->dsa = wolfSSL_DSA_new(); if (local->dsa == NULL) { @@ -7641,7 +7641,7 @@ static WOLFSSL_EVP_PKEY* _d2i_PublicKey(int type, WOLFSSL_EVP_PKEY** out, #endif /* NO_DSA */ #ifndef NO_DH #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: local->ownDh = 1; local->dh = wolfSSL_DH_new(); if (local->dh == NULL) { @@ -7726,7 +7726,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_id(int type, WOLFSSL_EVP_PKEY** out, switch (type) { #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: { RsaKey* key; local->ownRsa = 1; @@ -7745,7 +7745,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_id(int type, WOLFSSL_EVP_PKEY** out, } #endif /* !NO_RSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: { ecc_key* key; local->ownEcc = 1; @@ -9342,8 +9342,8 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #ifdef OPENSSL_EXTRA if (ssl->CBIS != NULL) { - ssl->CBIS(ssl, SSL_ST_CONNECT, WOLFSSL_SUCCESS); - ssl->cbmode = SSL_CB_WRITE; + ssl->CBIS(ssl, WOLFSSL_ST_CONNECT, WOLFSSL_SUCCESS); + ssl->cbmode = WOLFSSL_CB_WRITE; } #endif #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ @@ -11191,11 +11191,11 @@ int wolfSSL_set_compression(WOLFSSL* ssl) /* User programs should always retry reading from these BIOs */ if (rd) { /* User writes to rd */ - BIO_set_retry_write(rd); + wolfSSL_BIO_set_retry_write(rd); } if (wr) { /* User reads from wr */ - BIO_set_retry_read(wr); + wolfSSL_BIO_set_retry_read(wr); } } @@ -13140,7 +13140,11 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, unsigned long wolfSSLeay(void) { +#ifdef SSLEAY_VERSION_NUMBER return SSLEAY_VERSION_NUMBER; +#else + return OPENSSL_VERSION_NUMBER; +#endif } unsigned long wolfSSL_OpenSSL_version_num(void) @@ -13297,7 +13301,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, WOLFSSL_ENTER("wolfSSL_CTX_set_mode"); switch(mode) { - case SSL_MODE_ENABLE_PARTIAL_WRITE: + case WOLFSSL_MODE_ENABLE_PARTIAL_WRITE: ctx->partialWrite = 1; break; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) @@ -13305,14 +13309,14 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, WOLFSSL_MSG("SSL_MODE_RELEASE_BUFFERS not implemented."); break; #endif - case SSL_MODE_AUTO_RETRY: + case WOLFSSL_MODE_AUTO_RETRY: ctx->autoRetry = 1; break; default: WOLFSSL_MSG("Mode Not Implemented"); } - /* SSL_MODE_AUTO_RETRY + /* WOLFSSL_MODE_AUTO_RETRY * Should not return WOLFSSL_FATAL_ERROR with renegotiation on read/write */ return mode; @@ -13324,7 +13328,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, WOLFSSL_ENTER("wolfSSL_CTX_clear_mode"); switch(mode) { - case SSL_MODE_ENABLE_PARTIAL_WRITE: + case WOLFSSL_MODE_ENABLE_PARTIAL_WRITE: ctx->partialWrite = 0; break; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) @@ -13332,14 +13336,14 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, WOLFSSL_MSG("SSL_MODE_RELEASE_BUFFERS not implemented."); break; #endif - case SSL_MODE_AUTO_RETRY: + case WOLFSSL_MODE_AUTO_RETRY: ctx->autoRetry = 0; break; default: WOLFSSL_MSG("Mode Not Implemented"); } - /* SSL_MODE_AUTO_RETRY + /* WOLFSSL_MODE_AUTO_RETRY * Should not return WOLFSSL_FATAL_ERROR with renegotiation on read/write */ return 0; @@ -13485,7 +13489,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, * * file output pointer to file where error happened * line output to line number of error - * data output data. Is a string if ERR_TXT_STRING flag is used + * data output data. Is a string if WOLFSSL_ERR_TXT_STRING flag is used * flags output format of output * * Returns the error value or 0 if no errors are in the queue @@ -13499,7 +13503,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, WOLFSSL_ENTER("wolfSSL_ERR_get_error_line_data"); if (flags != NULL) - *flags = ERR_TXT_STRING; /* Clear the flags */ + *flags = WOLFSSL_ERR_TXT_STRING; /* Clear the flags */ ret = wc_PullErrorNode(file, data, line); if (ret < 0) { @@ -14611,7 +14615,7 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl) #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) /* return authentication NID corresponding to cipher suite * @param cipher a pointer to WOLFSSL_CIPHER - * return NID if found, NID_undef if not found + * return NID if found, WC_NID_undef if not found */ int wolfSSL_CIPHER_get_auth_nid(const WOLFSSL_CIPHER* cipher) { @@ -14619,12 +14623,12 @@ int wolfSSL_CIPHER_get_auth_nid(const WOLFSSL_CIPHER* cipher) const char* alg_name; const int nid; } authnid_tbl[] = { - {"RSA", NID_auth_rsa}, - {"PSK", NID_auth_psk}, - {"SRP", NID_auth_srp}, - {"ECDSA", NID_auth_ecdsa}, - {"None", NID_auth_null}, - {NULL, NID_undef} + {"RSA", WC_NID_auth_rsa}, + {"PSK", WC_NID_auth_psk}, + {"SRP", WC_NID_auth_srp}, + {"ECDSA", WC_NID_auth_ecdsa}, + {"None", WC_NID_auth_null}, + {NULL, WC_NID_undef} }; const char* authStr; @@ -14632,7 +14636,7 @@ int wolfSSL_CIPHER_get_auth_nid(const WOLFSSL_CIPHER* cipher) if (GetCipherSegment(cipher, n) == NULL) { WOLFSSL_MSG("no suitable cipher name found"); - return NID_undef; + return WC_NID_undef; } authStr = GetCipherAuthStr(n); @@ -14646,11 +14650,11 @@ int wolfSSL_CIPHER_get_auth_nid(const WOLFSSL_CIPHER* cipher) } } - return NID_undef; + return WC_NID_undef; } /* return cipher NID corresponding to cipher suite * @param cipher a pointer to WOLFSSL_CIPHER - * return NID if found, NID_undef if not found + * return NID if found, WC_NID_undef if not found */ int wolfSSL_CIPHER_get_cipher_nid(const WOLFSSL_CIPHER* cipher) { @@ -14658,18 +14662,18 @@ int wolfSSL_CIPHER_get_cipher_nid(const WOLFSSL_CIPHER* cipher) const char* alg_name; const int nid; } ciphernid_tbl[] = { - {"AESGCM(256)", NID_aes_256_gcm}, - {"AESGCM(128)", NID_aes_128_gcm}, - {"AESCCM(128)", NID_aes_128_ccm}, - {"AES(128)", NID_aes_128_cbc}, - {"AES(256)", NID_aes_256_cbc}, - {"CAMELLIA(256)", NID_camellia_256_cbc}, - {"CAMELLIA(128)", NID_camellia_128_cbc}, - {"RC4", NID_rc4}, - {"3DES", NID_des_ede3_cbc}, - {"CHACHA20/POLY1305(256)", NID_chacha20_poly1305}, - {"None", NID_undef}, - {NULL, NID_undef} + {"AESGCM(256)", WC_NID_aes_256_gcm}, + {"AESGCM(128)", WC_NID_aes_128_gcm}, + {"AESCCM(128)", WC_NID_aes_128_ccm}, + {"AES(128)", WC_NID_aes_128_cbc}, + {"AES(256)", WC_NID_aes_256_cbc}, + {"CAMELLIA(256)", WC_NID_camellia_256_cbc}, + {"CAMELLIA(128)", WC_NID_camellia_128_cbc}, + {"RC4", WC_NID_rc4}, + {"3DES", WC_NID_des_ede3_cbc}, + {"CHACHA20/POLY1305(256)", WC_NID_chacha20_poly1305}, + {"None", WC_NID_undef}, + {NULL, WC_NID_undef} }; const char* encStr; @@ -14679,7 +14683,7 @@ int wolfSSL_CIPHER_get_cipher_nid(const WOLFSSL_CIPHER* cipher) if (GetCipherSegment(cipher, n) == NULL) { WOLFSSL_MSG("no suitable cipher name found"); - return NID_undef; + return WC_NID_undef; } encStr = GetCipherEncStr(n); @@ -14693,11 +14697,11 @@ int wolfSSL_CIPHER_get_cipher_nid(const WOLFSSL_CIPHER* cipher) } } - return NID_undef; + return WC_NID_undef; } /* return digest NID corresponding to cipher suite * @param cipher a pointer to WOLFSSL_CIPHER - * return NID if found, NID_undef if not found + * return NID if found, WC_NID_undef if not found */ int wolfSSL_CIPHER_get_digest_nid(const WOLFSSL_CIPHER* cipher) { @@ -14705,10 +14709,10 @@ int wolfSSL_CIPHER_get_digest_nid(const WOLFSSL_CIPHER* cipher) const char* alg_name; const int nid; } macnid_tbl[] = { - {"SHA1", NID_sha1}, - {"SHA256", NID_sha256}, - {"SHA384", NID_sha384}, - {NULL, NID_undef} + {"SHA1", WC_NID_sha1}, + {"SHA256", WC_NID_sha256}, + {"SHA384", WC_NID_sha384}, + {NULL, WC_NID_undef} }; const char* name; @@ -14720,12 +14724,12 @@ int wolfSSL_CIPHER_get_digest_nid(const WOLFSSL_CIPHER* cipher) if ((name = GetCipherSegment(cipher, n)) == NULL) { WOLFSSL_MSG("no suitable cipher name found"); - return NID_undef; + return WC_NID_undef; } - /* in MD5 case, NID will be NID_md5 */ + /* in MD5 case, NID will be WC_NID_md5 */ if (XSTRSTR(name, "MD5") != NULL) { - return NID_md5; + return WC_NID_md5; } macStr = GetCipherMacStr(n); @@ -14739,11 +14743,11 @@ int wolfSSL_CIPHER_get_digest_nid(const WOLFSSL_CIPHER* cipher) } } - return NID_undef; + return WC_NID_undef; } /* return key exchange NID corresponding to cipher suite * @param cipher a pointer to WOLFSSL_CIPHER - * return NID if found, NID_undef if not found + * return NID if found, WC_NID_undef if not found */ int wolfSSL_CIPHER_get_kx_nid(const WOLFSSL_CIPHER* cipher) { @@ -14751,15 +14755,15 @@ int wolfSSL_CIPHER_get_kx_nid(const WOLFSSL_CIPHER* cipher) const char* name; const int nid; } kxnid_table[] = { - {"ECDHEPSK", NID_kx_ecdhe_psk}, - {"ECDH", NID_kx_ecdhe}, - {"DHEPSK", NID_kx_dhe_psk}, - {"DH", NID_kx_dhe}, - {"RSAPSK", NID_kx_rsa_psk}, - {"SRP", NID_kx_srp}, - {"EDH", NID_kx_dhe}, - {"RSA", NID_kx_rsa}, - {NULL, NID_undef} + {"ECDHEPSK", WC_NID_kx_ecdhe_psk}, + {"ECDH", WC_NID_kx_ecdhe}, + {"DHEPSK", WC_NID_kx_dhe_psk}, + {"DH", WC_NID_kx_dhe}, + {"RSAPSK", WC_NID_kx_rsa_psk}, + {"SRP", WC_NID_kx_srp}, + {"EDH", WC_NID_kx_dhe}, + {"RSA", WC_NID_kx_rsa}, + {NULL, WC_NID_undef} }; const char* keaStr; @@ -14769,12 +14773,12 @@ int wolfSSL_CIPHER_get_kx_nid(const WOLFSSL_CIPHER* cipher) if (GetCipherSegment(cipher, n) == NULL) { WOLFSSL_MSG("no suitable cipher name found"); - return NID_undef; + return WC_NID_undef; } - /* in TLS 1.3 case, NID will be NID_kx_any */ + /* in TLS 1.3 case, NID will be WC_NID_kx_any */ if (XSTRCMP(n[0], "TLS13") == 0) { - return NID_kx_any; + return WC_NID_kx_any; } keaStr = GetCipherKeaStr(n); @@ -14788,7 +14792,7 @@ int wolfSSL_CIPHER_get_kx_nid(const WOLFSSL_CIPHER* cipher) } } - return NID_undef; + return WC_NID_undef; } /* check if cipher suite is AEAD * @param cipher a pointer to WOLFSSL_CIPHER @@ -14802,7 +14806,7 @@ int wolfSSL_CIPHER_is_aead(const WOLFSSL_CIPHER* cipher) if (GetCipherSegment(cipher, n) == NULL) { WOLFSSL_MSG("no suitable cipher name found"); - return NID_undef; + return WC_NID_undef; } return IsCipherAEAD(n); @@ -15387,12 +15391,12 @@ int wolfSSL_i2d_PublicKey(const WOLFSSL_EVP_PKEY *key, unsigned char **der) } key_type = key->type; - if ((key_type != EVP_PKEY_EC) && (key_type != EVP_PKEY_RSA)) { + if ((key_type != WC_EVP_PKEY_EC) && (key_type != WC_EVP_PKEY_RSA)) { return WOLFSSL_FATAL_ERROR; } #ifndef NO_RSA - if (key_type == EVP_PKEY_RSA) { + if (key_type == WC_EVP_PKEY_RSA) { return wolfSSL_i2d_RSAPublicKey(key->rsa, der); } #endif @@ -15614,32 +15618,40 @@ unsigned long wolfSSL_ERR_peek_error(void) return wolfSSL_ERR_peek_error_line_data(NULL, NULL, NULL, NULL); } +#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H +#include +#endif + int wolfSSL_ERR_GET_LIB(unsigned long err) { unsigned long value; value = (err & 0xFFFFFFL); switch (value) { - case -WC_NO_ERR_TRACE(PARSE_ERROR): - return ERR_LIB_SSL; - case -WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER): - case PEM_R_NO_START_LINE: - case PEM_R_PROBLEMS_GETTING_PASSWORD: - case PEM_R_BAD_PASSWORD_READ: - case PEM_R_BAD_DECRYPT: - return ERR_LIB_PEM; - case EVP_R_BAD_DECRYPT: - case EVP_R_BN_DECODE_ERROR: - case EVP_R_DECODE_ERROR: - case EVP_R_PRIVATE_KEY_DECODE_ERROR: - return ERR_LIB_EVP; - case ASN1_R_HEADER_TOO_LONG: - return ERR_LIB_ASN1; + case -PARSE_ERROR: + return WOLFSSL_ERR_LIB_SSL; + case -ASN_NO_PEM_HEADER: + case -WOLFSSL_PEM_R_NO_START_LINE_E: + case -WOLFSSL_PEM_R_PROBLEMS_GETTING_PASSWORD_E: + case -WOLFSSL_PEM_R_BAD_PASSWORD_READ_E: + case -WOLFSSL_PEM_R_BAD_DECRYPT_E: + return WOLFSSL_ERR_LIB_PEM; + case -WOLFSSL_EVP_R_BAD_DECRYPT_E: + case -WOLFSSL_EVP_R_BN_DECODE_ERROR: + case -WOLFSSL_EVP_R_DECODE_ERROR: + case -WOLFSSL_EVP_R_PRIVATE_KEY_DECODE_ERROR: + return WOLFSSL_ERR_LIB_EVP; + case -WOLFSSL_ASN1_R_HEADER_TOO_LONG_E: + return WOLFSSL_ERR_LIB_ASN1; default: return 0; } } +#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES +#include +#endif + /* This function is to find global error values that are the same through out * all library version. With wolfSSL having only one set of error codes the * return value is pretty straight forward. The only thing needed is all wolfSSL @@ -15851,10 +15863,10 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl) } /* Get state of callback */ - if (ssl->cbmode == SSL_CB_MODE_WRITE) { + if (ssl->cbmode == WOLFSSL_CB_MODE_WRITE) { cbmode = SS_WRITE; } - else if (ssl->cbmode == SSL_CB_MODE_READ) { + else if (ssl->cbmode == WOLFSSL_CB_MODE_READ) { cbmode = SS_READ; } else { @@ -15904,7 +15916,7 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl) } /* accept process */ - if (ssl->cbmode == SSL_CB_MODE_READ) { + if (ssl->cbmode == WOLFSSL_CB_MODE_READ) { state = ssl->cbtype; switch (state) { case hello_request: @@ -16352,7 +16364,7 @@ long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type) return BAD_FUNC_ARG; } - if (type == TLSEXT_STATUSTYPE_ocsp){ + if (type == WOLFSSL_TLSEXT_STATUSTYPE_ocsp){ int r = TLSX_UseCertificateStatusRequest(&s->extensions, (byte)type, 0, s, s->heap, s->devId); return (long)r; @@ -16371,7 +16383,7 @@ long wolfSSL_get_tlsext_status_type(WOLFSSL *s) if (s == NULL) return WOLFSSL_FATAL_ERROR; extension = TLSX_Find(s->extensions, TLSX_STATUS_REQUEST); - return extension != NULL ? TLSEXT_STATUSTYPE_ocsp : WOLFSSL_FATAL_ERROR; + return extension != NULL ? WOLFSSL_TLSEXT_STATUSTYPE_ocsp : WOLFSSL_FATAL_ERROR; } #endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ @@ -16430,20 +16442,20 @@ WOLFSSL_EVP_PKEY *wolfSSL_get_privatekey(const WOLFSSL *ssl) #ifndef NO_WOLFSSL_STUB /*** TBD ***/ -void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, +void WOLFSSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength)) { (void)ctx; (void)dh; - WOLFSSL_STUB("SSL_CTX_set_tmp_dh_callback"); + WOLFSSL_STUB("WOLFSSL_CTX_set_tmp_dh_callback"); } #endif #ifndef NO_WOLFSSL_STUB /*** TBD ***/ -WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) +WOLF_STACK_OF(WOLFSSL_COMP) *WOLFSSL_COMP_get_compression_methods(void) { - WOLFSSL_STUB("SSL_COMP_get_compression_methods"); + WOLFSSL_STUB("WOLFSSL_COMP_get_compression_methods"); return NULL; } #endif @@ -16465,7 +16477,7 @@ WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(WOLFSSL_STACK* sk, int i) } #if !defined(NETOS) -void ERR_load_SSL_strings(void) +void wolfSSL_ERR_load_SSL_strings(void) { } @@ -17292,44 +17304,44 @@ int wolfSSL_cmp_peer_cert_to_file(WOLFSSL* ssl, const char *fname) const WOLFSSL_ObjectInfo wolfssl_object_info[] = { #ifndef NO_CERTS /* oidCertExtType */ - { NID_basic_constraints, BASIC_CA_OID, oidCertExtType, "basicConstraints", + { WC_NID_basic_constraints, BASIC_CA_OID, oidCertExtType, "basicConstraints", "X509v3 Basic Constraints"}, - { NID_subject_alt_name, ALT_NAMES_OID, oidCertExtType, "subjectAltName", + { WC_NID_subject_alt_name, ALT_NAMES_OID, oidCertExtType, "subjectAltName", "X509v3 Subject Alternative Name"}, - { NID_crl_distribution_points, CRL_DIST_OID, oidCertExtType, + { WC_NID_crl_distribution_points, CRL_DIST_OID, oidCertExtType, "crlDistributionPoints", "X509v3 CRL Distribution Points"}, - { NID_info_access, AUTH_INFO_OID, oidCertExtType, "authorityInfoAccess", + { WC_NID_info_access, AUTH_INFO_OID, oidCertExtType, "authorityInfoAccess", "Authority Information Access"}, - { NID_authority_key_identifier, AUTH_KEY_OID, oidCertExtType, + { WC_NID_authority_key_identifier, AUTH_KEY_OID, oidCertExtType, "authorityKeyIdentifier", "X509v3 Authority Key Identifier"}, - { NID_subject_key_identifier, SUBJ_KEY_OID, oidCertExtType, + { WC_NID_subject_key_identifier, SUBJ_KEY_OID, oidCertExtType, "subjectKeyIdentifier", "X509v3 Subject Key Identifier"}, - { NID_key_usage, KEY_USAGE_OID, oidCertExtType, "keyUsage", + { WC_NID_key_usage, KEY_USAGE_OID, oidCertExtType, "keyUsage", "X509v3 Key Usage"}, - { NID_inhibit_any_policy, INHIBIT_ANY_OID, oidCertExtType, + { WC_NID_inhibit_any_policy, INHIBIT_ANY_OID, oidCertExtType, "inhibitAnyPolicy", "X509v3 Inhibit Any Policy"}, - { NID_ext_key_usage, EXT_KEY_USAGE_OID, oidCertExtType, + { WC_NID_ext_key_usage, EXT_KEY_USAGE_OID, oidCertExtType, "extendedKeyUsage", "X509v3 Extended Key Usage"}, - { NID_name_constraints, NAME_CONS_OID, oidCertExtType, + { WC_NID_name_constraints, NAME_CONS_OID, oidCertExtType, "nameConstraints", "X509v3 Name Constraints"}, - { NID_certificate_policies, CERT_POLICY_OID, oidCertExtType, + { WC_NID_certificate_policies, CERT_POLICY_OID, oidCertExtType, "certificatePolicies", "X509v3 Certificate Policies"}, /* oidCertAuthInfoType */ - { NID_ad_OCSP, AIA_OCSP_OID, oidCertAuthInfoType, "OCSP", + { WC_NID_ad_OCSP, AIA_OCSP_OID, oidCertAuthInfoType, "OCSP", "OCSP"}, - { NID_ad_ca_issuers, AIA_CA_ISSUER_OID, oidCertAuthInfoType, + { WC_NID_ad_ca_issuers, AIA_CA_ISSUER_OID, oidCertAuthInfoType, "caIssuers", "CA Issuers"}, /* oidCertPolicyType */ - { NID_any_policy, CP_ANY_OID, oidCertPolicyType, "anyPolicy", + { WC_NID_any_policy, CP_ANY_OID, oidCertPolicyType, "anyPolicy", "X509v3 Any Policy"}, /* oidCertAltNameType */ - { NID_hw_name_oid, HW_NAME_OID, oidCertAltNameType, "Hardware name",""}, + { WC_NID_hw_name_oid, HW_NAME_OID, oidCertAltNameType, "Hardware name",""}, /* oidCertKeyUseType */ - { NID_anyExtendedKeyUsage, EKU_ANY_OID, oidCertKeyUseType, + { WC_NID_anyExtendedKeyUsage, EKU_ANY_OID, oidCertKeyUseType, "anyExtendedKeyUsage", "Any Extended Key Usage"}, { EKU_SERVER_AUTH_OID, EKU_SERVER_AUTH_OID, oidCertKeyUseType, "serverAuth", "TLS Web Server Authentication"}, @@ -17339,192 +17351,192 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { "OCSPSigning", "OCSP Signing"}, /* oidCertNameType */ - { NID_commonName, NID_commonName, oidCertNameType, "CN", "commonName"}, + { WC_NID_commonName, WC_NID_commonName, oidCertNameType, "CN", "commonName"}, #if !defined(WOLFSSL_CERT_REQ) - { NID_surname, NID_surname, oidCertNameType, "SN", "surname"}, + { WC_NID_surname, WC_NID_surname, oidCertNameType, "SN", "surname"}, #endif - { NID_serialNumber, NID_serialNumber, oidCertNameType, "serialNumber", + { WC_NID_serialNumber, WC_NID_serialNumber, oidCertNameType, "serialNumber", "serialNumber"}, - { NID_userId, NID_userId, oidCertNameType, "UID", "userid"}, - { NID_countryName, NID_countryName, oidCertNameType, "C", "countryName"}, - { NID_localityName, NID_localityName, oidCertNameType, "L", "localityName"}, - { NID_stateOrProvinceName, NID_stateOrProvinceName, oidCertNameType, "ST", + { WC_NID_userId, WC_NID_userId, oidCertNameType, "UID", "userid"}, + { WC_NID_countryName, WC_NID_countryName, oidCertNameType, "C", "countryName"}, + { WC_NID_localityName, WC_NID_localityName, oidCertNameType, "L", "localityName"}, + { WC_NID_stateOrProvinceName, WC_NID_stateOrProvinceName, oidCertNameType, "ST", "stateOrProvinceName"}, - { NID_streetAddress, NID_streetAddress, oidCertNameType, "street", + { WC_NID_streetAddress, WC_NID_streetAddress, oidCertNameType, "street", "streetAddress"}, - { NID_organizationName, NID_organizationName, oidCertNameType, "O", + { WC_NID_organizationName, WC_NID_organizationName, oidCertNameType, "O", "organizationName"}, - { NID_organizationalUnitName, NID_organizationalUnitName, oidCertNameType, + { WC_NID_organizationalUnitName, WC_NID_organizationalUnitName, oidCertNameType, "OU", "organizationalUnitName"}, - { NID_emailAddress, NID_emailAddress, oidCertNameType, "emailAddress", + { WC_NID_emailAddress, WC_NID_emailAddress, oidCertNameType, "emailAddress", "emailAddress"}, - { NID_domainComponent, NID_domainComponent, oidCertNameType, "DC", + { WC_NID_domainComponent, WC_NID_domainComponent, oidCertNameType, "DC", "domainComponent"}, - { NID_favouriteDrink, NID_favouriteDrink, oidCertNameType, "favouriteDrink", + { WC_NID_favouriteDrink, WC_NID_favouriteDrink, oidCertNameType, "favouriteDrink", "favouriteDrink"}, - { NID_businessCategory, NID_businessCategory, oidCertNameType, + { WC_NID_businessCategory, WC_NID_businessCategory, oidCertNameType, "businessCategory", "businessCategory"}, - { NID_jurisdictionCountryName, NID_jurisdictionCountryName, oidCertNameType, + { WC_NID_jurisdictionCountryName, WC_NID_jurisdictionCountryName, oidCertNameType, "jurisdictionC", "jurisdictionCountryName"}, - { NID_jurisdictionStateOrProvinceName, NID_jurisdictionStateOrProvinceName, + { WC_NID_jurisdictionStateOrProvinceName, WC_NID_jurisdictionStateOrProvinceName, oidCertNameType, "jurisdictionST", "jurisdictionStateOrProvinceName"}, - { NID_postalCode, NID_postalCode, oidCertNameType, "postalCode", + { WC_NID_postalCode, WC_NID_postalCode, oidCertNameType, "postalCode", "postalCode"}, - { NID_userId, NID_userId, oidCertNameType, "UID", "userId"}, + { WC_NID_userId, WC_NID_userId, oidCertNameType, "UID", "userId"}, #if defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_NAME_ALL) - { NID_pkcs9_challengePassword, CHALLENGE_PASSWORD_OID, + { WC_NID_pkcs9_challengePassword, CHALLENGE_PASSWORD_OID, oidCsrAttrType, "challengePassword", "challengePassword"}, - { NID_pkcs9_contentType, PKCS9_CONTENT_TYPE_OID, + { WC_NID_pkcs9_contentType, PKCS9_CONTENT_TYPE_OID, oidCsrAttrType, "contentType", "contentType" }, - { NID_pkcs9_unstructuredName, UNSTRUCTURED_NAME_OID, + { WC_NID_pkcs9_unstructuredName, UNSTRUCTURED_NAME_OID, oidCsrAttrType, "unstructuredName", "unstructuredName" }, - { NID_name, NAME_OID, oidCsrAttrType, "name", "name" }, - { NID_surname, SURNAME_OID, + { WC_NID_name, NAME_OID, oidCsrAttrType, "name", "name" }, + { WC_NID_surname, SURNAME_OID, oidCsrAttrType, "surname", "surname" }, - { NID_givenName, GIVEN_NAME_OID, + { WC_NID_givenName, GIVEN_NAME_OID, oidCsrAttrType, "givenName", "givenName" }, - { NID_initials, INITIALS_OID, + { WC_NID_initials, INITIALS_OID, oidCsrAttrType, "initials", "initials" }, - { NID_dnQualifier, DNQUALIFIER_OID, + { WC_NID_dnQualifier, DNQUALIFIER_OID, oidCsrAttrType, "dnQualifer", "dnQualifier" }, #endif #endif #ifdef OPENSSL_EXTRA /* OPENSSL_EXTRA_X509_SMALL only needs the above */ /* oidHashType */ #ifdef WOLFSSL_MD2 - { NID_md2, MD2h, oidHashType, "MD2", "md2"}, + { WC_NID_md2, MD2h, oidHashType, "MD2", "md2"}, #endif #ifdef WOLFSSL_MD5 - { NID_md5, MD5h, oidHashType, "MD5", "md5"}, + { WC_NID_md5, MD5h, oidHashType, "MD5", "md5"}, #endif #ifndef NO_SHA - { NID_sha1, SHAh, oidHashType, "SHA1", "sha1"}, + { WC_NID_sha1, SHAh, oidHashType, "SHA1", "sha1"}, #endif #ifdef WOLFSSL_SHA224 - { NID_sha224, SHA224h, oidHashType, "SHA224", "sha224"}, + { WC_NID_sha224, SHA224h, oidHashType, "SHA224", "sha224"}, #endif #ifndef NO_SHA256 - { NID_sha256, SHA256h, oidHashType, "SHA256", "sha256"}, + { WC_NID_sha256, SHA256h, oidHashType, "SHA256", "sha256"}, #endif #ifdef WOLFSSL_SHA384 - { NID_sha384, SHA384h, oidHashType, "SHA384", "sha384"}, + { WC_NID_sha384, SHA384h, oidHashType, "SHA384", "sha384"}, #endif #ifdef WOLFSSL_SHA512 - { NID_sha512, SHA512h, oidHashType, "SHA512", "sha512"}, + { WC_NID_sha512, SHA512h, oidHashType, "SHA512", "sha512"}, #endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 - { NID_sha3_224, SHA3_224h, oidHashType, "SHA3-224", "sha3-224"}, + { WC_NID_sha3_224, SHA3_224h, oidHashType, "SHA3-224", "sha3-224"}, #endif #ifndef WOLFSSL_NOSHA3_256 - { NID_sha3_256, SHA3_256h, oidHashType, "SHA3-256", "sha3-256"}, + { WC_NID_sha3_256, SHA3_256h, oidHashType, "SHA3-256", "sha3-256"}, #endif #ifndef WOLFSSL_NOSHA3_384 - { NID_sha3_384, SHA3_384h, oidHashType, "SHA3-384", "sha3-384"}, + { WC_NID_sha3_384, SHA3_384h, oidHashType, "SHA3-384", "sha3-384"}, #endif #ifndef WOLFSSL_NOSHA3_512 - { NID_sha3_512, SHA3_512h, oidHashType, "SHA3-512", "sha3-512"}, + { WC_NID_sha3_512, SHA3_512h, oidHashType, "SHA3-512", "sha3-512"}, #endif #endif /* WOLFSSL_SHA3 */ #ifdef WOLFSSL_SM3 - { NID_sm3, SM3h, oidHashType, "SM3", "sm3"}, + { WC_NID_sm3, SM3h, oidHashType, "SM3", "sm3"}, #endif /* oidSigType */ #ifndef NO_DSA #ifndef NO_SHA - { NID_dsaWithSHA1, CTC_SHAwDSA, oidSigType, "DSA-SHA1", "dsaWithSHA1"}, - { NID_dsa_with_SHA256, CTC_SHA256wDSA, oidSigType, "dsa_with_SHA256", + { WC_NID_dsaWithSHA1, CTC_SHAwDSA, oidSigType, "DSA-SHA1", "dsaWithSHA1"}, + { WC_NID_dsa_with_SHA256, CTC_SHA256wDSA, oidSigType, "dsa_with_SHA256", "dsa_with_SHA256"}, #endif #endif /* NO_DSA */ #ifndef NO_RSA #ifdef WOLFSSL_MD2 - { NID_md2WithRSAEncryption, CTC_MD2wRSA, oidSigType, "RSA-MD2", + { WC_NID_md2WithRSAEncryption, CTC_MD2wRSA, oidSigType, "RSA-MD2", "md2WithRSAEncryption"}, #endif #ifndef NO_MD5 - { NID_md5WithRSAEncryption, CTC_MD5wRSA, oidSigType, "RSA-MD5", + { WC_NID_md5WithRSAEncryption, CTC_MD5wRSA, oidSigType, "RSA-MD5", "md5WithRSAEncryption"}, #endif #ifndef NO_SHA - { NID_sha1WithRSAEncryption, CTC_SHAwRSA, oidSigType, "RSA-SHA1", + { WC_NID_sha1WithRSAEncryption, CTC_SHAwRSA, oidSigType, "RSA-SHA1", "sha1WithRSAEncryption"}, #endif #ifdef WOLFSSL_SHA224 - { NID_sha224WithRSAEncryption, CTC_SHA224wRSA, oidSigType, "RSA-SHA224", + { WC_NID_sha224WithRSAEncryption, CTC_SHA224wRSA, oidSigType, "RSA-SHA224", "sha224WithRSAEncryption"}, #endif #ifndef NO_SHA256 - { NID_sha256WithRSAEncryption, CTC_SHA256wRSA, oidSigType, "RSA-SHA256", + { WC_NID_sha256WithRSAEncryption, CTC_SHA256wRSA, oidSigType, "RSA-SHA256", "sha256WithRSAEncryption"}, #endif #ifdef WOLFSSL_SHA384 - { NID_sha384WithRSAEncryption, CTC_SHA384wRSA, oidSigType, "RSA-SHA384", + { WC_NID_sha384WithRSAEncryption, CTC_SHA384wRSA, oidSigType, "RSA-SHA384", "sha384WithRSAEncryption"}, #endif #ifdef WOLFSSL_SHA512 - { NID_sha512WithRSAEncryption, CTC_SHA512wRSA, oidSigType, "RSA-SHA512", + { WC_NID_sha512WithRSAEncryption, CTC_SHA512wRSA, oidSigType, "RSA-SHA512", "sha512WithRSAEncryption"}, #endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 - { NID_RSA_SHA3_224, CTC_SHA3_224wRSA, oidSigType, "RSA-SHA3-224", + { WC_NID_RSA_SHA3_224, CTC_SHA3_224wRSA, oidSigType, "RSA-SHA3-224", "sha3-224WithRSAEncryption"}, #endif #ifndef WOLFSSL_NOSHA3_256 - { NID_RSA_SHA3_256, CTC_SHA3_256wRSA, oidSigType, "RSA-SHA3-256", + { WC_NID_RSA_SHA3_256, CTC_SHA3_256wRSA, oidSigType, "RSA-SHA3-256", "sha3-256WithRSAEncryption"}, #endif #ifndef WOLFSSL_NOSHA3_384 - { NID_RSA_SHA3_384, CTC_SHA3_384wRSA, oidSigType, "RSA-SHA3-384", + { WC_NID_RSA_SHA3_384, CTC_SHA3_384wRSA, oidSigType, "RSA-SHA3-384", "sha3-384WithRSAEncryption"}, #endif #ifndef WOLFSSL_NOSHA3_512 - { NID_RSA_SHA3_512, CTC_SHA3_512wRSA, oidSigType, "RSA-SHA3-512", + { WC_NID_RSA_SHA3_512, CTC_SHA3_512wRSA, oidSigType, "RSA-SHA3-512", "sha3-512WithRSAEncryption"}, #endif #endif #ifdef WC_RSA_PSS - { NID_rsassaPss, CTC_RSASSAPSS, oidSigType, "RSASSA-PSS", "rsassaPss" }, + { WC_NID_rsassaPss, CTC_RSASSAPSS, oidSigType, "RSASSA-PSS", "rsassaPss" }, #endif #endif /* NO_RSA */ #ifdef HAVE_ECC #ifndef NO_SHA - { NID_ecdsa_with_SHA1, CTC_SHAwECDSA, oidSigType, "ecdsa-with-SHA1", + { WC_NID_ecdsa_with_SHA1, CTC_SHAwECDSA, oidSigType, "ecdsa-with-SHA1", "shaWithECDSA"}, #endif #ifdef WOLFSSL_SHA224 - { NID_ecdsa_with_SHA224, CTC_SHA224wECDSA, oidSigType, + { WC_NID_ecdsa_with_SHA224, CTC_SHA224wECDSA, oidSigType, "ecdsa-with-SHA224","sha224WithECDSA"}, #endif #ifndef NO_SHA256 - { NID_ecdsa_with_SHA256, CTC_SHA256wECDSA, oidSigType, + { WC_NID_ecdsa_with_SHA256, CTC_SHA256wECDSA, oidSigType, "ecdsa-with-SHA256","sha256WithECDSA"}, #endif #ifdef WOLFSSL_SHA384 - { NID_ecdsa_with_SHA384, CTC_SHA384wECDSA, oidSigType, + { WC_NID_ecdsa_with_SHA384, CTC_SHA384wECDSA, oidSigType, "ecdsa-with-SHA384","sha384WithECDSA"}, #endif #ifdef WOLFSSL_SHA512 - { NID_ecdsa_with_SHA512, CTC_SHA512wECDSA, oidSigType, + { WC_NID_ecdsa_with_SHA512, CTC_SHA512wECDSA, oidSigType, "ecdsa-with-SHA512","sha512WithECDSA"}, #endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 - { NID_ecdsa_with_SHA3_224, CTC_SHA3_224wECDSA, oidSigType, + { WC_NID_ecdsa_with_SHA3_224, CTC_SHA3_224wECDSA, oidSigType, "id-ecdsa-with-SHA3-224", "ecdsa_with_SHA3-224"}, #endif #ifndef WOLFSSL_NOSHA3_256 - { NID_ecdsa_with_SHA3_256, CTC_SHA3_256wECDSA, oidSigType, + { WC_NID_ecdsa_with_SHA3_256, CTC_SHA3_256wECDSA, oidSigType, "id-ecdsa-with-SHA3-256", "ecdsa_with_SHA3-256"}, #endif #ifndef WOLFSSL_NOSHA3_384 - { NID_ecdsa_with_SHA3_384, CTC_SHA3_384wECDSA, oidSigType, + { WC_NID_ecdsa_with_SHA3_384, CTC_SHA3_384wECDSA, oidSigType, "id-ecdsa-with-SHA3-384", "ecdsa_with_SHA3-384"}, #endif #ifndef WOLFSSL_NOSHA3_512 - { NID_ecdsa_with_SHA3_512, CTC_SHA3_512wECDSA, oidSigType, + { WC_NID_ecdsa_with_SHA3_512, CTC_SHA3_512wECDSA, oidSigType, "id-ecdsa-with-SHA3-512", "ecdsa_with_SHA3-512"}, #endif #endif @@ -17532,28 +17544,28 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { /* oidKeyType */ #ifndef NO_DSA - { NID_dsa, DSAk, oidKeyType, "DSA", "dsaEncryption"}, + { WC_NID_dsa, DSAk, oidKeyType, "DSA", "dsaEncryption"}, #endif /* NO_DSA */ #ifndef NO_RSA - { NID_rsaEncryption, RSAk, oidKeyType, "rsaEncryption", + { WC_NID_rsaEncryption, RSAk, oidKeyType, "rsaEncryption", "rsaEncryption"}, #ifdef WC_RSA_PSS - { NID_rsassaPss, RSAPSSk, oidKeyType, "RSASSA-PSS", "rsassaPss"}, + { WC_NID_rsassaPss, RSAPSSk, oidKeyType, "RSASSA-PSS", "rsassaPss"}, #endif #endif /* NO_RSA */ #ifdef HAVE_ECC - { NID_X9_62_id_ecPublicKey, ECDSAk, oidKeyType, "id-ecPublicKey", + { WC_NID_X9_62_id_ecPublicKey, ECDSAk, oidKeyType, "id-ecPublicKey", "id-ecPublicKey"}, #endif /* HAVE_ECC */ #ifndef NO_DH - { NID_dhKeyAgreement, DHk, oidKeyType, "dhKeyAgreement", + { WC_NID_dhKeyAgreement, DHk, oidKeyType, "dhKeyAgreement", "dhKeyAgreement"}, #endif #ifdef HAVE_ED448 - { NID_ED448, ED448k, oidKeyType, "ED448", "ED448"}, + { WC_NID_ED448, ED448k, oidKeyType, "ED448", "ED448"}, #endif #ifdef HAVE_ED25519 - { NID_ED25519, ED25519k, oidKeyType, "ED25519", "ED25519"}, + { WC_NID_ED25519, ED25519k, oidKeyType, "ED25519", "ED25519"}, #endif #ifdef HAVE_FALCON { CTC_FALCON_LEVEL1, FALCON_LEVEL1k, oidKeyType, "Falcon Level 1", @@ -17572,71 +17584,71 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { /* oidCurveType */ #ifdef HAVE_ECC - { NID_X9_62_prime192v1, ECC_SECP192R1_OID, oidCurveType, "prime192v1", + { WC_NID_X9_62_prime192v1, ECC_SECP192R1_OID, oidCurveType, "prime192v1", "prime192v1"}, - { NID_X9_62_prime192v2, ECC_PRIME192V2_OID, oidCurveType, "prime192v2", + { WC_NID_X9_62_prime192v2, ECC_PRIME192V2_OID, oidCurveType, "prime192v2", "prime192v2"}, - { NID_X9_62_prime192v3, ECC_PRIME192V3_OID, oidCurveType, "prime192v3", + { WC_NID_X9_62_prime192v3, ECC_PRIME192V3_OID, oidCurveType, "prime192v3", "prime192v3"}, - { NID_X9_62_prime239v1, ECC_PRIME239V1_OID, oidCurveType, "prime239v1", + { WC_NID_X9_62_prime239v1, ECC_PRIME239V1_OID, oidCurveType, "prime239v1", "prime239v1"}, - { NID_X9_62_prime239v2, ECC_PRIME239V2_OID, oidCurveType, "prime239v2", + { WC_NID_X9_62_prime239v2, ECC_PRIME239V2_OID, oidCurveType, "prime239v2", "prime239v2"}, - { NID_X9_62_prime239v3, ECC_PRIME239V3_OID, oidCurveType, "prime239v3", + { WC_NID_X9_62_prime239v3, ECC_PRIME239V3_OID, oidCurveType, "prime239v3", "prime239v3"}, - { NID_X9_62_prime256v1, ECC_SECP256R1_OID, oidCurveType, "prime256v1", + { WC_NID_X9_62_prime256v1, ECC_SECP256R1_OID, oidCurveType, "prime256v1", "prime256v1"}, - { NID_secp112r1, ECC_SECP112R1_OID, oidCurveType, "secp112r1", + { WC_NID_secp112r1, ECC_SECP112R1_OID, oidCurveType, "secp112r1", "secp112r1"}, - { NID_secp112r2, ECC_SECP112R2_OID, oidCurveType, "secp112r2", + { WC_NID_secp112r2, ECC_SECP112R2_OID, oidCurveType, "secp112r2", "secp112r2"}, - { NID_secp128r1, ECC_SECP128R1_OID, oidCurveType, "secp128r1", + { WC_NID_secp128r1, ECC_SECP128R1_OID, oidCurveType, "secp128r1", "secp128r1"}, - { NID_secp128r2, ECC_SECP128R2_OID, oidCurveType, "secp128r2", + { WC_NID_secp128r2, ECC_SECP128R2_OID, oidCurveType, "secp128r2", "secp128r2"}, - { NID_secp160r1, ECC_SECP160R1_OID, oidCurveType, "secp160r1", + { WC_NID_secp160r1, ECC_SECP160R1_OID, oidCurveType, "secp160r1", "secp160r1"}, - { NID_secp160r2, ECC_SECP160R2_OID, oidCurveType, "secp160r2", + { WC_NID_secp160r2, ECC_SECP160R2_OID, oidCurveType, "secp160r2", "secp160r2"}, - { NID_secp224r1, ECC_SECP224R1_OID, oidCurveType, "secp224r1", + { WC_NID_secp224r1, ECC_SECP224R1_OID, oidCurveType, "secp224r1", "secp224r1"}, - { NID_secp384r1, ECC_SECP384R1_OID, oidCurveType, "secp384r1", + { WC_NID_secp384r1, ECC_SECP384R1_OID, oidCurveType, "secp384r1", "secp384r1"}, - { NID_secp521r1, ECC_SECP521R1_OID, oidCurveType, "secp521r1", + { WC_NID_secp521r1, ECC_SECP521R1_OID, oidCurveType, "secp521r1", "secp521r1"}, - { NID_secp160k1, ECC_SECP160K1_OID, oidCurveType, "secp160k1", + { WC_NID_secp160k1, ECC_SECP160K1_OID, oidCurveType, "secp160k1", "secp160k1"}, - { NID_secp192k1, ECC_SECP192K1_OID, oidCurveType, "secp192k1", + { WC_NID_secp192k1, ECC_SECP192K1_OID, oidCurveType, "secp192k1", "secp192k1"}, - { NID_secp224k1, ECC_SECP224K1_OID, oidCurveType, "secp224k1", + { WC_NID_secp224k1, ECC_SECP224K1_OID, oidCurveType, "secp224k1", "secp224k1"}, - { NID_secp256k1, ECC_SECP256K1_OID, oidCurveType, "secp256k1", + { WC_NID_secp256k1, ECC_SECP256K1_OID, oidCurveType, "secp256k1", "secp256k1"}, - { NID_brainpoolP160r1, ECC_BRAINPOOLP160R1_OID, oidCurveType, + { WC_NID_brainpoolP160r1, ECC_BRAINPOOLP160R1_OID, oidCurveType, "brainpoolP160r1", "brainpoolP160r1"}, - { NID_brainpoolP192r1, ECC_BRAINPOOLP192R1_OID, oidCurveType, + { WC_NID_brainpoolP192r1, ECC_BRAINPOOLP192R1_OID, oidCurveType, "brainpoolP192r1", "brainpoolP192r1"}, - { NID_brainpoolP224r1, ECC_BRAINPOOLP224R1_OID, oidCurveType, + { WC_NID_brainpoolP224r1, ECC_BRAINPOOLP224R1_OID, oidCurveType, "brainpoolP224r1", "brainpoolP224r1"}, - { NID_brainpoolP256r1, ECC_BRAINPOOLP256R1_OID, oidCurveType, + { WC_NID_brainpoolP256r1, ECC_BRAINPOOLP256R1_OID, oidCurveType, "brainpoolP256r1", "brainpoolP256r1"}, - { NID_brainpoolP320r1, ECC_BRAINPOOLP320R1_OID, oidCurveType, + { WC_NID_brainpoolP320r1, ECC_BRAINPOOLP320R1_OID, oidCurveType, "brainpoolP320r1", "brainpoolP320r1"}, - { NID_brainpoolP384r1, ECC_BRAINPOOLP384R1_OID, oidCurveType, + { WC_NID_brainpoolP384r1, ECC_BRAINPOOLP384R1_OID, oidCurveType, "brainpoolP384r1", "brainpoolP384r1"}, - { NID_brainpoolP512r1, ECC_BRAINPOOLP512R1_OID, oidCurveType, + { WC_NID_brainpoolP512r1, ECC_BRAINPOOLP512R1_OID, oidCurveType, "brainpoolP512r1", "brainpoolP512r1"}, #ifdef WOLFSSL_SM2 - { NID_sm2, ECC_SM2P256V1_OID, oidCurveType, "sm2", "sm2"}, + { WC_NID_sm2, ECC_SM2P256V1_OID, oidCurveType, "sm2", "sm2"}, #endif #endif /* HAVE_ECC */ @@ -17651,17 +17663,17 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { { AES256CBCb, AES256CBCb, oidBlkType, "AES-256-CBC", "aes-256-cbc"}, #endif #ifndef NO_DES3 - { NID_des, DESb, oidBlkType, "DES-CBC", "des-cbc"}, - { NID_des3, DES3b, oidBlkType, "DES-EDE3-CBC", "des-ede3-cbc"}, + { WC_NID_des, DESb, oidBlkType, "DES-CBC", "des-cbc"}, + { WC_NID_des3, DES3b, oidBlkType, "DES-EDE3-CBC", "des-ede3-cbc"}, #endif /* !NO_DES3 */ #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - { NID_chacha20_poly1305, NID_chacha20_poly1305, oidBlkType, + { WC_NID_chacha20_poly1305, WC_NID_chacha20_poly1305, oidBlkType, "ChaCha20-Poly1305", "chacha20-poly1305"}, #endif /* oidOcspType */ #ifdef HAVE_OCSP - { NID_id_pkix_OCSP_basic, OCSP_BASIC_OID, oidOcspType, + { WC_NID_id_pkix_OCSP_basic, OCSP_BASIC_OID, oidOcspType, "basicOCSPResponse", "Basic OCSP Response"}, { OCSP_NONCE_OID, OCSP_NONCE_OID, oidOcspType, "Nonce", "OCSP Nonce"}, #endif /* HAVE_OCSP */ @@ -17729,15 +17741,15 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { #endif #if defined(WOLFSSL_APACHE_HTTPD) /* "1.3.6.1.5.5.7.8.7" */ - { NID_id_on_dnsSRV, NID_id_on_dnsSRV, oidCertNameType, + { WC_NID_id_on_dnsSRV, WC_NID_id_on_dnsSRV, oidCertNameType, WOLFSSL_SN_DNS_SRV, WOLFSSL_LN_DNS_SRV }, /* "1.3.6.1.4.1.311.20.2.3" */ - { NID_ms_upn, WOLFSSL_MS_UPN_SUM, oidCertExtType, WOLFSSL_SN_MS_UPN, + { WC_NID_ms_upn, WOLFSSL_MS_UPN_SUM, oidCertExtType, WOLFSSL_SN_MS_UPN, WOLFSSL_LN_MS_UPN }, /* "1.3.6.1.5.5.7.1.24" */ - { NID_tlsfeature, WOLFSSL_TLS_FEATURE_SUM, oidTlsExtType, + { WC_NID_tlsfeature, WOLFSSL_TLS_FEATURE_SUM, oidTlsExtType, WOLFSSL_SN_TLS_FEATURE, WOLFSSL_LN_TLS_FEATURE }, #endif #endif /* OPENSSL_EXTRA */ @@ -17813,7 +17825,7 @@ unsigned char *wolfSSL_OPENSSL_hexstr2buf(const char *str, long *len) return targetBuf; } -int wolfSSL_OPENSSL_init_ssl(word64 opts, const OPENSSL_INIT_SETTINGS *settings) +int wolfSSL_OPENSSL_init_ssl(word64 opts, const WOLFSSL_INIT_SETTINGS *settings) { (void)opts; (void)settings; @@ -17821,7 +17833,7 @@ int wolfSSL_OPENSSL_init_ssl(word64 opts, const OPENSSL_INIT_SETTINGS *settings) } int wolfSSL_OPENSSL_init_crypto(word64 opts, - const OPENSSL_INIT_SETTINGS* settings) + const WOLFSSL_INIT_SETTINGS* settings) { (void)opts; (void)settings; @@ -17872,31 +17884,31 @@ static int HashToNid(byte hashAlgo, int* nid) switch ((enum wc_MACAlgorithm)hashAlgo) { case no_mac: case rmd_mac: - *nid = NID_undef; + *nid = WC_NID_undef; break; case md5_mac: - *nid = NID_md5; + *nid = WC_NID_md5; break; case sha_mac: - *nid = NID_sha1; + *nid = WC_NID_sha1; break; case sha224_mac: - *nid = NID_sha224; + *nid = WC_NID_sha224; break; case sha256_mac: - *nid = NID_sha256; + *nid = WC_NID_sha256; break; case sha384_mac: - *nid = NID_sha384; + *nid = WC_NID_sha384; break; case sha512_mac: - *nid = NID_sha512; + *nid = WC_NID_sha512; break; case blake2b_mac: - *nid = NID_blake2b512; + *nid = WC_NID_blake2b512; break; case sm3_mac: - *nid = NID_sm3; + *nid = WC_NID_sm3; break; default: ret = WOLFSSL_FAILURE; @@ -17912,33 +17924,33 @@ static int SaToNid(byte sa, int* nid) /* Cast for compiler to check everything is implemented */ switch ((enum SignatureAlgorithm)sa) { case anonymous_sa_algo: - *nid = NID_undef; + *nid = WC_NID_undef; break; case rsa_sa_algo: - *nid = NID_rsaEncryption; + *nid = WC_NID_rsaEncryption; break; case dsa_sa_algo: - *nid = NID_dsa; + *nid = WC_NID_dsa; break; case ecc_dsa_sa_algo: - *nid = NID_X9_62_id_ecPublicKey; + *nid = WC_NID_X9_62_id_ecPublicKey; break; case rsa_pss_sa_algo: - *nid = NID_rsassaPss; + *nid = WC_NID_rsassaPss; break; case ed25519_sa_algo: #ifdef HAVE_ED25519 - *nid = NID_ED25519; + *nid = WC_NID_ED25519; #else ret = WOLFSSL_FAILURE; #endif break; case rsa_pss_pss_algo: - *nid = NID_rsassaPss; + *nid = WC_NID_rsassaPss; break; case ed448_sa_algo: #ifdef HAVE_ED448 - *nid = NID_ED448; + *nid = WC_NID_ED448; #else ret = WOLFSSL_FAILURE; #endif @@ -17959,7 +17971,7 @@ static int SaToNid(byte sa, int* nid) *nid = CTC_DILITHIUM_LEVEL5; break; case sm2_sa_algo: - *nid = NID_sm2; + *nid = WC_NID_sm2; break; case invalid_sa_algo: default: @@ -19061,8 +19073,8 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) if (bufSz) { XMEMCPY(buf, name, bufSz); } - else if (a->type == GEN_DNS || a->type == GEN_EMAIL || - a->type == GEN_URI) { + else if (a->type == WOLFSSL_GEN_DNS || a->type == WOLFSSL_GEN_EMAIL || + a->type == WOLFSSL_GEN_URI) { bufSz = (int)XSTRLEN((const char*)a->obj); XMEMCPY(buf, a->obj, min((word32)bufSz, (word32)bufLen)); } @@ -19117,10 +19129,10 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) size_t i; WOLFSSL_ENTER("wolfSSL_OBJ_nid2sn"); - if (n == NID_md5) { - /* NID_surname == NID_md5 and NID_surname comes before NID_md5 in + if (n == WC_NID_md5) { + /* WC_NID_surname == WC_NID_md5 and WC_NID_surname comes before WC_NID_md5 in * wolfssl_object_info. As a result, the loop below will incorrectly - * return "SN" instead of "MD5." NID_surname isn't the true OpenSSL + * return "SN" instead of "MD5." WC_NID_surname isn't the true OpenSSL * NID, but other functions rely on this table and modifying it to * conform with OpenSSL's NIDs isn't trivial. */ return "MD5"; @@ -19138,7 +19150,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) int wolfSSL_OBJ_sn2nid(const char *sn) { WOLFSSL_ENTER("wolfSSL_OBJ_sn2nid"); if (sn == NULL) - return NID_undef; + return WC_NID_undef; return wc_OBJ_sn2nid(sn); } #endif @@ -19218,9 +19230,9 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) #ifdef WOLFSSL_QT if (o->grp == oidCertExtType) { - /* If nid is an unknown extension, return NID_undef */ + /* If nid is an unknown extension, return WC_NID_undef */ if (wolfSSL_OBJ_nid2sn(o->nid) == NULL) - return NID_undef; + return WC_NID_undef; } #endif @@ -19255,7 +19267,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) } /* Return the corresponding NID for the long name - * or NID_undef if NID can't be found. + * or WC_NID_undef if NID can't be found. */ int wolfSSL_OBJ_ln2nid(const char *ln) { @@ -19282,7 +19294,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) } } } - return NID_undef; + return WC_NID_undef; } /* compares two objects, return 0 if equal */ @@ -19334,7 +19346,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) /* Gets the NID value that is related to the OID string passed in. Example * string would be "2.5.29.14" for subject key ID. * - * returns NID value on success and NID_undef on error + * returns NID value on success and WC_NID_undef on error */ int wolfSSL_OBJ_txt2nid(const char* s) { @@ -19349,7 +19361,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) WOLFSSL_ENTER("wolfSSL_OBJ_txt2nid"); if (s == NULL) { - return NID_undef; + return WC_NID_undef; } #ifdef WOLFSSL_CERT_EXT @@ -19388,7 +19400,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) } } - return NID_undef; + return WC_NID_undef; } #endif #if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \ @@ -19407,7 +19419,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_txt2obj(const char* s, int no_name) { int i, ret; - int nid = NID_undef; + int nid = WC_NID_undef; unsigned int outSz = MAX_OID_SZ; unsigned char out[MAX_OID_SZ]; WOLFSSL_ASN1_OBJECT* obj; @@ -19454,7 +19466,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) } } - if (nid != NID_undef) + if (nid != WC_NID_undef) return wolfSSL_OBJ_nid2obj(nid); return NULL; @@ -20702,10 +20714,10 @@ unsigned long wolfSSL_ERR_peek_last_error(void) return 0; } if (ret == -WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)) - return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE; + return (WOLFSSL_ERR_LIB_PEM << 24) | -WC_NO_ERR_TRACE(WOLFSSL_PEM_R_NO_START_LINE_E); #if defined(WOLFSSL_PYTHON) if (ret == WC_NO_ERR_TRACE(ASN1_R_HEADER_TOO_LONG)) - return (ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG; + return (WOLFSSL_ERR_LIB_ASN1 << 24) | -WC_NO_ERR_TRACE(WOLFSSL_ASN1_R_HEADER_TOO_LONG_E); #endif return (unsigned long)ret; } @@ -20908,15 +20920,15 @@ unsigned long wolfSSL_ERR_peek_error_line_data(const char **file, int *line, err = wc_PeekErrorNodeLineData(file, line, data, flags, peek_ignore_err); if (err == -WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)) - return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE; + return (WOLFSSL_ERR_LIB_PEM << 24) | -WC_NO_ERR_TRACE(WOLFSSL_PEM_R_NO_START_LINE_E); #ifdef OPENSSL_ALL /* PARSE_ERROR is returned if an HTTP request is detected. */ else if (err == -WC_NO_ERR_TRACE(PARSE_ERROR)) - return (ERR_LIB_SSL << 24) | -SSL_R_HTTP_REQUEST; + return (WOLFSSL_ERR_LIB_SSL << 24) | -WC_NO_ERR_TRACE(PARSE_ERROR) /* SSL_R_HTTP_REQUEST */; #endif #if defined(OPENSSL_ALL) && defined(WOLFSSL_PYTHON) else if (err == WC_NO_ERR_TRACE(ASN1_R_HEADER_TOO_LONG)) - return (ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG; + return (WOLFSSL_ERR_LIB_ASN1 << 24) | -WC_NO_ERR_TRACE(WOLFSSL_ASN1_R_HEADER_TOO_LONG_E); #endif return err; } @@ -21134,7 +21146,7 @@ int wolfSSL_SSL_CTX_set_tmp_ecdh(WOLFSSL_CTX *ctx, WOLFSSL_EC_KEY *ecdh) } #endif #ifndef NO_BIO -BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s) +WOLFSSL_BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s) { WOLFSSL_ENTER("wolfSSL_SSL_get_rbio"); /* Nginx sets the buffer size if the read BIO is different to write BIO. @@ -21145,7 +21157,7 @@ BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s) return s->biord; } -BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s) +WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s) { WOLFSSL_ENTER("wolfSSL_SSL_get_wbio"); (void)s; @@ -21753,7 +21765,7 @@ int wolfSSL_select_next_proto(unsigned char **out, unsigned char *outLen, byte lenIn, lenClient; if (out == NULL || outLen == NULL || in == NULL || clientNames == NULL) - return OPENSSL_NPN_UNSUPPORTED; + return WOLFSSL_NPN_UNSUPPORTED; for (i = 0; i < inLen; i += lenIn) { lenIn = in[i++]; @@ -21766,14 +21778,14 @@ int wolfSSL_select_next_proto(unsigned char **out, unsigned char *outLen, if (XMEMCMP(in + i, clientNames + j, lenIn) == 0) { *out = (unsigned char *)(in + i); *outLen = lenIn; - return OPENSSL_NPN_NEGOTIATED; + return WOLFSSL_NPN_NEGOTIATED; } } } *out = (unsigned char *)clientNames + 1; *outLen = clientNames[0]; - return OPENSSL_NPN_NO_OVERLAP; + return WOLFSSL_NPN_NO_OVERLAP; } void wolfSSL_set_alpn_select_cb(WOLFSSL *ssl, @@ -21877,26 +21889,26 @@ int wolfSSL_curve_is_disabled(const WOLFSSL* ssl, word16 curve_id) const WOLF_EC_NIST_NAME kNistCurves[] = { #ifdef HAVE_ECC - {CURVE_NAME("P-160"), NID_secp160r1, WOLFSSL_ECC_SECP160R1}, - {CURVE_NAME("P-160-2"), NID_secp160r2, WOLFSSL_ECC_SECP160R2}, - {CURVE_NAME("P-192"), NID_X9_62_prime192v1, WOLFSSL_ECC_SECP192R1}, - {CURVE_NAME("P-224"), NID_secp224r1, WOLFSSL_ECC_SECP224R1}, - {CURVE_NAME("P-256"), NID_X9_62_prime256v1, WOLFSSL_ECC_SECP256R1}, - {CURVE_NAME("P-384"), NID_secp384r1, WOLFSSL_ECC_SECP384R1}, - {CURVE_NAME("P-521"), NID_secp521r1, WOLFSSL_ECC_SECP521R1}, - {CURVE_NAME("K-160"), NID_secp160k1, WOLFSSL_ECC_SECP160K1}, - {CURVE_NAME("K-192"), NID_secp192k1, WOLFSSL_ECC_SECP192K1}, - {CURVE_NAME("K-224"), NID_secp224k1, WOLFSSL_ECC_SECP224R1}, - {CURVE_NAME("K-256"), NID_secp256k1, WOLFSSL_ECC_SECP256K1}, - {CURVE_NAME("B-256"), NID_brainpoolP256r1, WOLFSSL_ECC_BRAINPOOLP256R1}, - {CURVE_NAME("B-384"), NID_brainpoolP384r1, WOLFSSL_ECC_BRAINPOOLP384R1}, - {CURVE_NAME("B-512"), NID_brainpoolP512r1, WOLFSSL_ECC_BRAINPOOLP512R1}, + {CURVE_NAME("P-160"), WC_NID_secp160r1, WOLFSSL_ECC_SECP160R1}, + {CURVE_NAME("P-160-2"), WC_NID_secp160r2, WOLFSSL_ECC_SECP160R2}, + {CURVE_NAME("P-192"), WC_NID_X9_62_prime192v1, WOLFSSL_ECC_SECP192R1}, + {CURVE_NAME("P-224"), WC_NID_secp224r1, WOLFSSL_ECC_SECP224R1}, + {CURVE_NAME("P-256"), WC_NID_X9_62_prime256v1, WOLFSSL_ECC_SECP256R1}, + {CURVE_NAME("P-384"), WC_NID_secp384r1, WOLFSSL_ECC_SECP384R1}, + {CURVE_NAME("P-521"), WC_NID_secp521r1, WOLFSSL_ECC_SECP521R1}, + {CURVE_NAME("K-160"), WC_NID_secp160k1, WOLFSSL_ECC_SECP160K1}, + {CURVE_NAME("K-192"), WC_NID_secp192k1, WOLFSSL_ECC_SECP192K1}, + {CURVE_NAME("K-224"), WC_NID_secp224k1, WOLFSSL_ECC_SECP224R1}, + {CURVE_NAME("K-256"), WC_NID_secp256k1, WOLFSSL_ECC_SECP256K1}, + {CURVE_NAME("B-256"), WC_NID_brainpoolP256r1, WOLFSSL_ECC_BRAINPOOLP256R1}, + {CURVE_NAME("B-384"), WC_NID_brainpoolP384r1, WOLFSSL_ECC_BRAINPOOLP384R1}, + {CURVE_NAME("B-512"), WC_NID_brainpoolP512r1, WOLFSSL_ECC_BRAINPOOLP512R1}, #endif #ifdef HAVE_CURVE25519 - {CURVE_NAME("X25519"), NID_X25519, WOLFSSL_ECC_X25519}, + {CURVE_NAME("X25519"), WC_NID_X25519, WOLFSSL_ECC_X25519}, #endif #ifdef HAVE_CURVE448 - {CURVE_NAME("X448"), NID_X448, WOLFSSL_ECC_X448}, + {CURVE_NAME("X448"), WC_NID_X448, WOLFSSL_ECC_X448}, #endif #ifdef WOLFSSL_HAVE_KYBER {CURVE_NAME("KYBER_LEVEL1"), WOLFSSL_KYBER_LEVEL1, WOLFSSL_KYBER_LEVEL1}, @@ -21909,17 +21921,17 @@ const WOLF_EC_NIST_NAME kNistCurves[] = { #endif #endif #ifdef WOLFSSL_SM2 - {CURVE_NAME("SM2"), NID_sm2, WOLFSSL_ECC_SM2P256V1}, + {CURVE_NAME("SM2"), WC_NID_sm2, WOLFSSL_ECC_SM2P256V1}, #endif #ifdef HAVE_ECC /* Alternative curve names */ - {CURVE_NAME("prime256v1"), NID_X9_62_prime256v1, WOLFSSL_ECC_SECP256R1}, - {CURVE_NAME("secp256r1"), NID_X9_62_prime256v1, WOLFSSL_ECC_SECP256R1}, - {CURVE_NAME("secp384r1"), NID_secp384r1, WOLFSSL_ECC_SECP384R1}, - {CURVE_NAME("secp521r1"), NID_secp521r1, WOLFSSL_ECC_SECP521R1}, + {CURVE_NAME("prime256v1"), WC_NID_X9_62_prime256v1, WOLFSSL_ECC_SECP256R1}, + {CURVE_NAME("secp256r1"), WC_NID_X9_62_prime256v1, WOLFSSL_ECC_SECP256R1}, + {CURVE_NAME("secp384r1"), WC_NID_secp384r1, WOLFSSL_ECC_SECP384R1}, + {CURVE_NAME("secp521r1"), WC_NID_secp521r1, WOLFSSL_ECC_SECP521R1}, #endif #ifdef WOLFSSL_SM2 - {CURVE_NAME("sm2p256v1"), NID_sm2, WOLFSSL_ECC_SM2P256V1}, + {CURVE_NAME("sm2p256v1"), WC_NID_sm2, WOLFSSL_ECC_SM2P256V1}, #endif {0, NULL, 0, 0}, }; @@ -22175,7 +22187,7 @@ void *wolfSSL_OPENSSL_memdup(const void *data, size_t siz, const char* file, if (data == NULL || siz >= INT_MAX) return NULL; - ret = OPENSSL_malloc(siz); + ret = wolfSSL_OPENSSL_malloc(siz); if (ret == NULL) { return NULL; } @@ -22330,45 +22342,45 @@ word32 nid2oid(int nid, int grp) case oidHashType: switch (nid) { #ifdef WOLFSSL_MD2 - case NID_md2: + case WC_NID_md2: return MD2h; #endif #ifndef NO_MD5 - case NID_md5: + case WC_NID_md5: return MD5h; #endif #ifndef NO_SHA - case NID_sha1: + case WC_NID_sha1: return SHAh; #endif - case NID_sha224: + case WC_NID_sha224: return SHA224h; #ifndef NO_SHA256 - case NID_sha256: + case WC_NID_sha256: return SHA256h; #endif #ifdef WOLFSSL_SHA384 - case NID_sha384: + case WC_NID_sha384: return SHA384h; #endif #ifdef WOLFSSL_SHA512 - case NID_sha512: + case WC_NID_sha512: return SHA512h; #endif #ifndef WOLFSSL_NOSHA3_224 - case NID_sha3_224: + case WC_NID_sha3_224: return SHA3_224h; #endif #ifndef WOLFSSL_NOSHA3_256 - case NID_sha3_256: + case WC_NID_sha3_256: return SHA3_256h; #endif #ifndef WOLFSSL_NOSHA3_384 - case NID_sha3_384: + case WC_NID_sha3_384: return SHA3_384h; #endif #ifndef WOLFSSL_NOSHA3_512 - case NID_sha3_512: + case WC_NID_sha3_512: return SHA3_512h; #endif } @@ -22378,56 +22390,56 @@ word32 nid2oid(int nid, int grp) case oidSigType: switch (nid) { #ifndef NO_DSA - case NID_dsaWithSHA1: + case WC_NID_dsaWithSHA1: return CTC_SHAwDSA; - case NID_dsa_with_SHA256: + case WC_NID_dsa_with_SHA256: return CTC_SHA256wDSA; #endif /* NO_DSA */ #ifndef NO_RSA - case NID_md2WithRSAEncryption: + case WC_NID_md2WithRSAEncryption: return CTC_MD2wRSA; - case NID_md5WithRSAEncryption: + case WC_NID_md5WithRSAEncryption: return CTC_MD5wRSA; - case NID_sha1WithRSAEncryption: + case WC_NID_sha1WithRSAEncryption: return CTC_SHAwRSA; - case NID_sha224WithRSAEncryption: + case WC_NID_sha224WithRSAEncryption: return CTC_SHA224wRSA; - case NID_sha256WithRSAEncryption: + case WC_NID_sha256WithRSAEncryption: return CTC_SHA256wRSA; - case NID_sha384WithRSAEncryption: + case WC_NID_sha384WithRSAEncryption: return CTC_SHA384wRSA; - case NID_sha512WithRSAEncryption: + case WC_NID_sha512WithRSAEncryption: return CTC_SHA512wRSA; #ifdef WOLFSSL_SHA3 - case NID_RSA_SHA3_224: + case WC_NID_RSA_SHA3_224: return CTC_SHA3_224wRSA; - case NID_RSA_SHA3_256: + case WC_NID_RSA_SHA3_256: return CTC_SHA3_256wRSA; - case NID_RSA_SHA3_384: + case WC_NID_RSA_SHA3_384: return CTC_SHA3_384wRSA; - case NID_RSA_SHA3_512: + case WC_NID_RSA_SHA3_512: return CTC_SHA3_512wRSA; #endif #endif /* NO_RSA */ #ifdef HAVE_ECC - case NID_ecdsa_with_SHA1: + case WC_NID_ecdsa_with_SHA1: return CTC_SHAwECDSA; - case NID_ecdsa_with_SHA224: + case WC_NID_ecdsa_with_SHA224: return CTC_SHA224wECDSA; - case NID_ecdsa_with_SHA256: + case WC_NID_ecdsa_with_SHA256: return CTC_SHA256wECDSA; - case NID_ecdsa_with_SHA384: + case WC_NID_ecdsa_with_SHA384: return CTC_SHA384wECDSA; - case NID_ecdsa_with_SHA512: + case WC_NID_ecdsa_with_SHA512: return CTC_SHA512wECDSA; #ifdef WOLFSSL_SHA3 - case NID_ecdsa_with_SHA3_224: + case WC_NID_ecdsa_with_SHA3_224: return CTC_SHA3_224wECDSA; - case NID_ecdsa_with_SHA3_256: + case WC_NID_ecdsa_with_SHA3_256: return CTC_SHA3_256wECDSA; - case NID_ecdsa_with_SHA3_384: + case WC_NID_ecdsa_with_SHA3_384: return CTC_SHA3_384wECDSA; - case NID_ecdsa_with_SHA3_512: + case WC_NID_ecdsa_with_SHA3_512: return CTC_SHA3_512wECDSA; #endif #endif /* HAVE_ECC */ @@ -22438,15 +22450,15 @@ word32 nid2oid(int nid, int grp) case oidKeyType: switch (nid) { #ifndef NO_DSA - case NID_dsa: + case WC_NID_dsa: return DSAk; #endif /* NO_DSA */ #ifndef NO_RSA - case NID_rsaEncryption: + case WC_NID_rsaEncryption: return RSAk; #endif /* NO_RSA */ #ifdef HAVE_ECC - case NID_X9_62_id_ecPublicKey: + case WC_NID_X9_62_id_ecPublicKey: return ECDSAk; #endif /* HAVE_ECC */ } @@ -22456,59 +22468,59 @@ word32 nid2oid(int nid, int grp) #ifdef HAVE_ECC case oidCurveType: switch (nid) { - case NID_X9_62_prime192v1: + case WC_NID_X9_62_prime192v1: return ECC_SECP192R1_OID; - case NID_X9_62_prime192v2: + case WC_NID_X9_62_prime192v2: return ECC_PRIME192V2_OID; - case NID_X9_62_prime192v3: + case WC_NID_X9_62_prime192v3: return ECC_PRIME192V3_OID; - case NID_X9_62_prime239v1: + case WC_NID_X9_62_prime239v1: return ECC_PRIME239V1_OID; - case NID_X9_62_prime239v2: + case WC_NID_X9_62_prime239v2: return ECC_PRIME239V2_OID; - case NID_X9_62_prime239v3: + case WC_NID_X9_62_prime239v3: return ECC_PRIME239V3_OID; - case NID_X9_62_prime256v1: + case WC_NID_X9_62_prime256v1: return ECC_SECP256R1_OID; - case NID_secp112r1: + case WC_NID_secp112r1: return ECC_SECP112R1_OID; - case NID_secp112r2: + case WC_NID_secp112r2: return ECC_SECP112R2_OID; - case NID_secp128r1: + case WC_NID_secp128r1: return ECC_SECP128R1_OID; - case NID_secp128r2: + case WC_NID_secp128r2: return ECC_SECP128R2_OID; - case NID_secp160r1: + case WC_NID_secp160r1: return ECC_SECP160R1_OID; - case NID_secp160r2: + case WC_NID_secp160r2: return ECC_SECP160R2_OID; - case NID_secp224r1: + case WC_NID_secp224r1: return ECC_SECP224R1_OID; - case NID_secp384r1: + case WC_NID_secp384r1: return ECC_SECP384R1_OID; - case NID_secp521r1: + case WC_NID_secp521r1: return ECC_SECP521R1_OID; - case NID_secp160k1: + case WC_NID_secp160k1: return ECC_SECP160K1_OID; - case NID_secp192k1: + case WC_NID_secp192k1: return ECC_SECP192K1_OID; - case NID_secp224k1: + case WC_NID_secp224k1: return ECC_SECP224K1_OID; - case NID_secp256k1: + case WC_NID_secp256k1: return ECC_SECP256K1_OID; - case NID_brainpoolP160r1: + case WC_NID_brainpoolP160r1: return ECC_BRAINPOOLP160R1_OID; - case NID_brainpoolP192r1: + case WC_NID_brainpoolP192r1: return ECC_BRAINPOOLP192R1_OID; - case NID_brainpoolP224r1: + case WC_NID_brainpoolP224r1: return ECC_BRAINPOOLP224R1_OID; - case NID_brainpoolP256r1: + case WC_NID_brainpoolP256r1: return ECC_BRAINPOOLP256R1_OID; - case NID_brainpoolP320r1: + case WC_NID_brainpoolP320r1: return ECC_BRAINPOOLP320R1_OID; - case NID_brainpoolP384r1: + case WC_NID_brainpoolP384r1: return ECC_BRAINPOOLP384R1_OID; - case NID_brainpoolP512r1: + case WC_NID_brainpoolP512r1: return ECC_BRAINPOOLP512R1_OID; } break; @@ -22530,9 +22542,9 @@ word32 nid2oid(int nid, int grp) return AES256CBCb; #endif #ifndef NO_DES3 - case NID_des: + case WC_NID_des: return DESb; - case NID_des3: + case WC_NID_des3: return DES3b; #endif } @@ -22541,7 +22553,7 @@ word32 nid2oid(int nid, int grp) #ifdef HAVE_OCSP case oidOcspType: switch (nid) { - case NID_id_pkix_OCSP_basic: + case WC_NID_id_pkix_OCSP_basic: return OCSP_BASIC_OID; case OCSP_NONCE_OID: return OCSP_NONCE_OID; @@ -22552,27 +22564,27 @@ word32 nid2oid(int nid, int grp) /* oidCertExtType */ case oidCertExtType: switch (nid) { - case NID_basic_constraints: + case WC_NID_basic_constraints: return BASIC_CA_OID; - case NID_subject_alt_name: + case WC_NID_subject_alt_name: return ALT_NAMES_OID; - case NID_crl_distribution_points: + case WC_NID_crl_distribution_points: return CRL_DIST_OID; - case NID_info_access: + case WC_NID_info_access: return AUTH_INFO_OID; - case NID_authority_key_identifier: + case WC_NID_authority_key_identifier: return AUTH_KEY_OID; - case NID_subject_key_identifier: + case WC_NID_subject_key_identifier: return SUBJ_KEY_OID; - case NID_inhibit_any_policy: + case WC_NID_inhibit_any_policy: return INHIBIT_ANY_OID; - case NID_key_usage: + case WC_NID_key_usage: return KEY_USAGE_OID; - case NID_name_constraints: + case WC_NID_name_constraints: return NAME_CONS_OID; - case NID_certificate_policies: + case WC_NID_certificate_policies: return CERT_POLICY_OID; - case NID_ext_key_usage: + case WC_NID_ext_key_usage: return EXT_KEY_USAGE_OID; } break; @@ -22580,9 +22592,9 @@ word32 nid2oid(int nid, int grp) /* oidCertAuthInfoType */ case oidCertAuthInfoType: switch (nid) { - case NID_ad_OCSP: + case WC_NID_ad_OCSP: return AIA_OCSP_OID; - case NID_ad_ca_issuers: + case WC_NID_ad_ca_issuers: return AIA_CA_ISSUER_OID; } break; @@ -22590,7 +22602,7 @@ word32 nid2oid(int nid, int grp) /* oidCertPolicyType */ case oidCertPolicyType: switch (nid) { - case NID_any_policy: + case WC_NID_any_policy: return CP_ANY_OID; } break; @@ -22598,7 +22610,7 @@ word32 nid2oid(int nid, int grp) /* oidCertAltNameType */ case oidCertAltNameType: switch (nid) { - case NID_hw_name_oid: + case WC_NID_hw_name_oid: return HW_NAME_OID; } break; @@ -22606,7 +22618,7 @@ word32 nid2oid(int nid, int grp) /* oidCertKeyUseType */ case oidCertKeyUseType: switch (nid) { - case NID_anyExtendedKeyUsage: + case WC_NID_anyExtendedKeyUsage: return EKU_ANY_OID; case EKU_SERVER_AUTH_OID: return EKU_SERVER_AUTH_OID; @@ -22685,15 +22697,15 @@ word32 nid2oid(int nid, int grp) #ifdef WOLFSSL_CERT_REQ case oidCsrAttrType: switch (nid) { - case NID_pkcs9_contentType: + case WC_NID_pkcs9_contentType: return PKCS9_CONTENT_TYPE_OID; - case NID_pkcs9_challengePassword: + case WC_NID_pkcs9_challengePassword: return CHALLENGE_PASSWORD_OID; - case NID_serialNumber: + case WC_NID_serialNumber: return SERIAL_NUMBER_OID; - case NID_userId: + case WC_NID_userId: return USER_ID_OID; - case NID_surname: + case WC_NID_surname: return SURNAME_OID; } break; @@ -22719,29 +22731,29 @@ int oid2nid(word32 oid, int grp) switch (oid) { #ifdef WOLFSSL_MD2 case MD2h: - return NID_md2; + return WC_NID_md2; #endif #ifndef NO_MD5 case MD5h: - return NID_md5; + return WC_NID_md5; #endif #ifndef NO_SHA case SHAh: - return NID_sha1; + return WC_NID_sha1; #endif case SHA224h: - return NID_sha224; + return WC_NID_sha224; #ifndef NO_SHA256 case SHA256h: - return NID_sha256; + return WC_NID_sha256; #endif #ifdef WOLFSSL_SHA384 case SHA384h: - return NID_sha384; + return WC_NID_sha384; #endif #ifdef WOLFSSL_SHA512 case SHA512h: - return NID_sha512; + return WC_NID_sha512; #endif } break; @@ -22751,60 +22763,60 @@ int oid2nid(word32 oid, int grp) switch (oid) { #ifndef NO_DSA case CTC_SHAwDSA: - return NID_dsaWithSHA1; + return WC_NID_dsaWithSHA1; case CTC_SHA256wDSA: - return NID_dsa_with_SHA256; + return WC_NID_dsa_with_SHA256; #endif /* NO_DSA */ #ifndef NO_RSA case CTC_MD2wRSA: - return NID_md2WithRSAEncryption; + return WC_NID_md2WithRSAEncryption; case CTC_MD5wRSA: - return NID_md5WithRSAEncryption; + return WC_NID_md5WithRSAEncryption; case CTC_SHAwRSA: - return NID_sha1WithRSAEncryption; + return WC_NID_sha1WithRSAEncryption; case CTC_SHA224wRSA: - return NID_sha224WithRSAEncryption; + return WC_NID_sha224WithRSAEncryption; case CTC_SHA256wRSA: - return NID_sha256WithRSAEncryption; + return WC_NID_sha256WithRSAEncryption; case CTC_SHA384wRSA: - return NID_sha384WithRSAEncryption; + return WC_NID_sha384WithRSAEncryption; case CTC_SHA512wRSA: - return NID_sha512WithRSAEncryption; + return WC_NID_sha512WithRSAEncryption; #ifdef WOLFSSL_SHA3 case CTC_SHA3_224wRSA: - return NID_RSA_SHA3_224; + return WC_NID_RSA_SHA3_224; case CTC_SHA3_256wRSA: - return NID_RSA_SHA3_256; + return WC_NID_RSA_SHA3_256; case CTC_SHA3_384wRSA: - return NID_RSA_SHA3_384; + return WC_NID_RSA_SHA3_384; case CTC_SHA3_512wRSA: - return NID_RSA_SHA3_512; + return WC_NID_RSA_SHA3_512; #endif #ifdef WC_RSA_PSS case CTC_RSASSAPSS: - return NID_rsassaPss; + return WC_NID_rsassaPss; #endif #endif /* NO_RSA */ #ifdef HAVE_ECC case CTC_SHAwECDSA: - return NID_ecdsa_with_SHA1; + return WC_NID_ecdsa_with_SHA1; case CTC_SHA224wECDSA: - return NID_ecdsa_with_SHA224; + return WC_NID_ecdsa_with_SHA224; case CTC_SHA256wECDSA: - return NID_ecdsa_with_SHA256; + return WC_NID_ecdsa_with_SHA256; case CTC_SHA384wECDSA: - return NID_ecdsa_with_SHA384; + return WC_NID_ecdsa_with_SHA384; case CTC_SHA512wECDSA: - return NID_ecdsa_with_SHA512; + return WC_NID_ecdsa_with_SHA512; #ifdef WOLFSSL_SHA3 case CTC_SHA3_224wECDSA: - return NID_ecdsa_with_SHA3_224; + return WC_NID_ecdsa_with_SHA3_224; case CTC_SHA3_256wECDSA: - return NID_ecdsa_with_SHA3_256; + return WC_NID_ecdsa_with_SHA3_256; case CTC_SHA3_384wECDSA: - return NID_ecdsa_with_SHA3_384; + return WC_NID_ecdsa_with_SHA3_384; case CTC_SHA3_512wECDSA: - return NID_ecdsa_with_SHA3_512; + return WC_NID_ecdsa_with_SHA3_512; #endif #endif /* HAVE_ECC */ } @@ -22815,19 +22827,19 @@ int oid2nid(word32 oid, int grp) switch (oid) { #ifndef NO_DSA case DSAk: - return NID_dsa; + return WC_NID_dsa; #endif /* NO_DSA */ #ifndef NO_RSA case RSAk: - return NID_rsaEncryption; + return WC_NID_rsaEncryption; #ifdef WC_RSA_PSS case RSAPSSk: - return NID_rsassaPss; + return WC_NID_rsassaPss; #endif #endif /* NO_RSA */ #ifdef HAVE_ECC case ECDSAk: - return NID_X9_62_id_ecPublicKey; + return WC_NID_X9_62_id_ecPublicKey; #endif /* HAVE_ECC */ } break; @@ -22837,59 +22849,59 @@ int oid2nid(word32 oid, int grp) case oidCurveType: switch (oid) { case ECC_SECP192R1_OID: - return NID_X9_62_prime192v1; + return WC_NID_X9_62_prime192v1; case ECC_PRIME192V2_OID: - return NID_X9_62_prime192v2; + return WC_NID_X9_62_prime192v2; case ECC_PRIME192V3_OID: - return NID_X9_62_prime192v3; + return WC_NID_X9_62_prime192v3; case ECC_PRIME239V1_OID: - return NID_X9_62_prime239v1; + return WC_NID_X9_62_prime239v1; case ECC_PRIME239V2_OID: - return NID_X9_62_prime239v2; + return WC_NID_X9_62_prime239v2; case ECC_PRIME239V3_OID: - return NID_X9_62_prime239v3; + return WC_NID_X9_62_prime239v3; case ECC_SECP256R1_OID: - return NID_X9_62_prime256v1; + return WC_NID_X9_62_prime256v1; case ECC_SECP112R1_OID: - return NID_secp112r1; + return WC_NID_secp112r1; case ECC_SECP112R2_OID: - return NID_secp112r2; + return WC_NID_secp112r2; case ECC_SECP128R1_OID: - return NID_secp128r1; + return WC_NID_secp128r1; case ECC_SECP128R2_OID: - return NID_secp128r2; + return WC_NID_secp128r2; case ECC_SECP160R1_OID: - return NID_secp160r1; + return WC_NID_secp160r1; case ECC_SECP160R2_OID: - return NID_secp160r2; + return WC_NID_secp160r2; case ECC_SECP224R1_OID: - return NID_secp224r1; + return WC_NID_secp224r1; case ECC_SECP384R1_OID: - return NID_secp384r1; + return WC_NID_secp384r1; case ECC_SECP521R1_OID: - return NID_secp521r1; + return WC_NID_secp521r1; case ECC_SECP160K1_OID: - return NID_secp160k1; + return WC_NID_secp160k1; case ECC_SECP192K1_OID: - return NID_secp192k1; + return WC_NID_secp192k1; case ECC_SECP224K1_OID: - return NID_secp224k1; + return WC_NID_secp224k1; case ECC_SECP256K1_OID: - return NID_secp256k1; + return WC_NID_secp256k1; case ECC_BRAINPOOLP160R1_OID: - return NID_brainpoolP160r1; + return WC_NID_brainpoolP160r1; case ECC_BRAINPOOLP192R1_OID: - return NID_brainpoolP192r1; + return WC_NID_brainpoolP192r1; case ECC_BRAINPOOLP224R1_OID: - return NID_brainpoolP224r1; + return WC_NID_brainpoolP224r1; case ECC_BRAINPOOLP256R1_OID: - return NID_brainpoolP256r1; + return WC_NID_brainpoolP256r1; case ECC_BRAINPOOLP320R1_OID: - return NID_brainpoolP320r1; + return WC_NID_brainpoolP320r1; case ECC_BRAINPOOLP384R1_OID: - return NID_brainpoolP384r1; + return WC_NID_brainpoolP384r1; case ECC_BRAINPOOLP512R1_OID: - return NID_brainpoolP512r1; + return WC_NID_brainpoolP512r1; } break; #endif /* HAVE_ECC */ @@ -22911,9 +22923,9 @@ int oid2nid(word32 oid, int grp) #endif #ifndef NO_DES3 case DESb: - return NID_des; + return WC_NID_des; case DES3b: - return NID_des3; + return WC_NID_des3; #endif } break; @@ -22922,7 +22934,7 @@ int oid2nid(word32 oid, int grp) case oidOcspType: switch (oid) { case OCSP_BASIC_OID: - return NID_id_pkix_OCSP_basic; + return WC_NID_id_pkix_OCSP_basic; case OCSP_NONCE_OID: return OCSP_NONCE_OID; } @@ -22933,27 +22945,27 @@ int oid2nid(word32 oid, int grp) case oidCertExtType: switch (oid) { case BASIC_CA_OID: - return NID_basic_constraints; + return WC_NID_basic_constraints; case ALT_NAMES_OID: - return NID_subject_alt_name; + return WC_NID_subject_alt_name; case CRL_DIST_OID: - return NID_crl_distribution_points; + return WC_NID_crl_distribution_points; case AUTH_INFO_OID: - return NID_info_access; + return WC_NID_info_access; case AUTH_KEY_OID: - return NID_authority_key_identifier; + return WC_NID_authority_key_identifier; case SUBJ_KEY_OID: - return NID_subject_key_identifier; + return WC_NID_subject_key_identifier; case INHIBIT_ANY_OID: - return NID_inhibit_any_policy; + return WC_NID_inhibit_any_policy; case KEY_USAGE_OID: - return NID_key_usage; + return WC_NID_key_usage; case NAME_CONS_OID: - return NID_name_constraints; + return WC_NID_name_constraints; case CERT_POLICY_OID: - return NID_certificate_policies; + return WC_NID_certificate_policies; case EXT_KEY_USAGE_OID: - return NID_ext_key_usage; + return WC_NID_ext_key_usage; } break; @@ -22961,9 +22973,9 @@ int oid2nid(word32 oid, int grp) case oidCertAuthInfoType: switch (oid) { case AIA_OCSP_OID: - return NID_ad_OCSP; + return WC_NID_ad_OCSP; case AIA_CA_ISSUER_OID: - return NID_ad_ca_issuers; + return WC_NID_ad_ca_issuers; } break; @@ -22971,7 +22983,7 @@ int oid2nid(word32 oid, int grp) case oidCertPolicyType: switch (oid) { case CP_ANY_OID: - return NID_any_policy; + return WC_NID_any_policy; } break; @@ -22979,7 +22991,7 @@ int oid2nid(word32 oid, int grp) case oidCertAltNameType: switch (oid) { case HW_NAME_OID: - return NID_hw_name_oid; + return WC_NID_hw_name_oid; } break; @@ -22987,7 +22999,7 @@ int oid2nid(word32 oid, int grp) case oidCertKeyUseType: switch (oid) { case EKU_ANY_OID: - return NID_anyExtendedKeyUsage; + return WC_NID_anyExtendedKeyUsage; case EKU_SERVER_AUTH_OID: return EKU_SERVER_AUTH_OID; case EKU_CLIENT_AUTH_OID: @@ -23065,13 +23077,13 @@ int oid2nid(word32 oid, int grp) case oidCsrAttrType: switch (oid) { case PKCS9_CONTENT_TYPE_OID: - return NID_pkcs9_contentType; + return WC_NID_pkcs9_contentType; case CHALLENGE_PASSWORD_OID: - return NID_pkcs9_challengePassword; + return WC_NID_pkcs9_challengePassword; case SERIAL_NUMBER_OID: - return NID_serialNumber; + return WC_NID_serialNumber; case USER_ID_OID: - return NID_userId; + return WC_NID_userId; } break; #endif @@ -23231,9 +23243,9 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(WOLFSSL_EVP_PKEY** pkey, int type; /* ECC includes version, private[, curve][, public key] */ if (cnt >= 2 && cnt <= 4) - type = EVP_PKEY_EC; + type = WC_EVP_PKEY_EC; else - type = EVP_PKEY_RSA; + type = WC_EVP_PKEY_RSA; key = wolfSSL_d2i_PrivateKey(type, pkey, &der, keyLen); *pp = der; @@ -24802,150 +24814,150 @@ int wolfSSL_RAND_load_file(const char* fname, long len) switch (ctx->cipherType) { #ifndef NO_AES #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) - case AES_128_CBC_TYPE : - case AES_192_CBC_TYPE : - case AES_256_CBC_TYPE : + case WC_AES_128_CBC_TYPE : + case WC_AES_192_CBC_TYPE : + case WC_AES_256_CBC_TYPE : WOLFSSL_MSG("AES CBC"); XMEMCPY(ctx->iv, &ctx->cipher.aes.reg, ctx->ivSz); break; #endif #ifdef HAVE_AESGCM - case AES_128_GCM_TYPE : - case AES_192_GCM_TYPE : - case AES_256_GCM_TYPE : + case WC_AES_128_GCM_TYPE : + case WC_AES_192_GCM_TYPE : + case WC_AES_256_GCM_TYPE : WOLFSSL_MSG("AES GCM"); XMEMCPY(ctx->iv, &ctx->cipher.aes.reg, ctx->ivSz); break; #endif /* HAVE_AESGCM */ #ifdef HAVE_AESCCM - case AES_128_CCM_TYPE : - case AES_192_CCM_TYPE : - case AES_256_CCM_TYPE : + case WC_AES_128_CCM_TYPE : + case WC_AES_192_CCM_TYPE : + case WC_AES_256_CCM_TYPE : WOLFSSL_MSG("AES CCM"); XMEMCPY(ctx->iv, &ctx->cipher.aes.reg, ctx->ivSz); break; #endif /* HAVE_AESCCM */ #ifdef HAVE_AES_ECB - case AES_128_ECB_TYPE : - case AES_192_ECB_TYPE : - case AES_256_ECB_TYPE : + case WC_AES_128_ECB_TYPE : + case WC_AES_192_ECB_TYPE : + case WC_AES_256_ECB_TYPE : WOLFSSL_MSG("AES ECB"); break; #endif #ifdef WOLFSSL_AES_COUNTER - case AES_128_CTR_TYPE : - case AES_192_CTR_TYPE : - case AES_256_CTR_TYPE : + case WC_AES_128_CTR_TYPE : + case WC_AES_192_CTR_TYPE : + case WC_AES_256_CTR_TYPE : WOLFSSL_MSG("AES CTR"); XMEMCPY(ctx->iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE); break; #endif /* WOLFSSL_AES_COUNTER */ #ifdef WOLFSSL_AES_CFB #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - case AES_128_CFB1_TYPE: - case AES_192_CFB1_TYPE: - case AES_256_CFB1_TYPE: + case WC_AES_128_CFB1_TYPE: + case WC_AES_192_CFB1_TYPE: + case WC_AES_256_CFB1_TYPE: WOLFSSL_MSG("AES CFB1"); break; - case AES_128_CFB8_TYPE: - case AES_192_CFB8_TYPE: - case AES_256_CFB8_TYPE: + case WC_AES_128_CFB8_TYPE: + case WC_AES_192_CFB8_TYPE: + case WC_AES_256_CFB8_TYPE: WOLFSSL_MSG("AES CFB8"); break; #endif /* !HAVE_SELFTEST && !HAVE_FIPS */ - case AES_128_CFB128_TYPE: - case AES_192_CFB128_TYPE: - case AES_256_CFB128_TYPE: + case WC_AES_128_CFB128_TYPE: + case WC_AES_192_CFB128_TYPE: + case WC_AES_256_CFB128_TYPE: WOLFSSL_MSG("AES CFB128"); break; #endif /* WOLFSSL_AES_CFB */ #if defined(WOLFSSL_AES_OFB) - case AES_128_OFB_TYPE: - case AES_192_OFB_TYPE: - case AES_256_OFB_TYPE: + case WC_AES_128_OFB_TYPE: + case WC_AES_192_OFB_TYPE: + case WC_AES_256_OFB_TYPE: WOLFSSL_MSG("AES OFB"); break; #endif /* WOLFSSL_AES_OFB */ #ifdef WOLFSSL_AES_XTS - case AES_128_XTS_TYPE: - case AES_256_XTS_TYPE: + case WC_AES_128_XTS_TYPE: + case WC_AES_256_XTS_TYPE: WOLFSSL_MSG("AES XTS"); break; #endif /* WOLFSSL_AES_XTS */ #endif /* NO_AES */ #ifdef HAVE_ARIA - case ARIA_128_GCM_TYPE : - case ARIA_192_GCM_TYPE : - case ARIA_256_GCM_TYPE : + case WC_ARIA_128_GCM_TYPE : + case WC_ARIA_192_GCM_TYPE : + case WC_ARIA_256_GCM_TYPE : WOLFSSL_MSG("ARIA GCM"); XMEMCPY(ctx->iv, &ctx->cipher.aria.nonce, ARIA_BLOCK_SIZE); break; #endif /* HAVE_ARIA */ #ifndef NO_DES3 - case DES_CBC_TYPE : + case WC_DES_CBC_TYPE : WOLFSSL_MSG("DES CBC"); XMEMCPY(ctx->iv, &ctx->cipher.des.reg, DES_BLOCK_SIZE); break; - case DES_EDE3_CBC_TYPE : + case WC_DES_EDE3_CBC_TYPE : WOLFSSL_MSG("DES EDE3 CBC"); XMEMCPY(ctx->iv, &ctx->cipher.des3.reg, DES_BLOCK_SIZE); break; #endif #ifdef WOLFSSL_DES_ECB - case DES_ECB_TYPE : + case WC_DES_ECB_TYPE : WOLFSSL_MSG("DES ECB"); break; - case DES_EDE3_ECB_TYPE : + case WC_DES_EDE3_ECB_TYPE : WOLFSSL_MSG("DES3 ECB"); break; #endif - case ARC4_TYPE : + case WC_ARC4_TYPE : WOLFSSL_MSG("ARC4"); break; #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case CHACHA20_POLY1305_TYPE: + case WC_CHACHA20_POLY1305_TYPE: break; #endif #ifdef HAVE_CHACHA - case CHACHA20_TYPE: + case WC_CHACHA20_TYPE: break; #endif #ifdef WOLFSSL_SM4_ECB - case SM4_ECB_TYPE: + case WC_SM4_ECB_TYPE: break; #endif #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE: + case WC_SM4_CBC_TYPE: WOLFSSL_MSG("SM4 CBC"); XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE); break; #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE: + case WC_SM4_CTR_TYPE: WOLFSSL_MSG("SM4 CTR"); XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE); break; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: + case WC_SM4_GCM_TYPE: WOLFSSL_MSG("SM4 GCM"); XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE); break; #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: + case WC_SM4_CCM_TYPE: WOLFSSL_MSG("SM4 CCM"); XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE); break; #endif - case NULL_CIPHER_TYPE : + case WC_NULL_CIPHER_TYPE : WOLFSSL_MSG("NULL"); break; @@ -24972,32 +24984,32 @@ int wolfSSL_RAND_load_file(const char* fname, long len) #ifndef NO_AES #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) - case AES_128_CBC_TYPE : - case AES_192_CBC_TYPE : - case AES_256_CBC_TYPE : + case WC_AES_128_CBC_TYPE : + case WC_AES_192_CBC_TYPE : + case WC_AES_256_CBC_TYPE : WOLFSSL_MSG("AES CBC"); XMEMCPY(&ctx->cipher.aes.reg, ctx->iv, AES_BLOCK_SIZE); break; #endif #ifdef HAVE_AESGCM - case AES_128_GCM_TYPE : - case AES_192_GCM_TYPE : - case AES_256_GCM_TYPE : + case WC_AES_128_GCM_TYPE : + case WC_AES_192_GCM_TYPE : + case WC_AES_256_GCM_TYPE : WOLFSSL_MSG("AES GCM"); XMEMCPY(&ctx->cipher.aes.reg, ctx->iv, AES_BLOCK_SIZE); break; #endif #ifdef HAVE_AES_ECB - case AES_128_ECB_TYPE : - case AES_192_ECB_TYPE : - case AES_256_ECB_TYPE : + case WC_AES_128_ECB_TYPE : + case WC_AES_192_ECB_TYPE : + case WC_AES_256_ECB_TYPE : WOLFSSL_MSG("AES ECB"); break; #endif #ifdef WOLFSSL_AES_COUNTER - case AES_128_CTR_TYPE : - case AES_192_CTR_TYPE : - case AES_256_CTR_TYPE : + case WC_AES_128_CTR_TYPE : + case WC_AES_192_CTR_TYPE : + case WC_AES_256_CTR_TYPE : WOLFSSL_MSG("AES CTR"); XMEMCPY(&ctx->cipher.aes.reg, ctx->iv, AES_BLOCK_SIZE); break; @@ -25006,78 +25018,78 @@ int wolfSSL_RAND_load_file(const char* fname, long len) #endif /* NO_AES */ #ifdef HAVE_ARIA - case ARIA_128_GCM_TYPE : - case ARIA_192_GCM_TYPE : - case ARIA_256_GCM_TYPE : + case WC_ARIA_128_GCM_TYPE : + case WC_ARIA_192_GCM_TYPE : + case WC_ARIA_256_GCM_TYPE : WOLFSSL_MSG("ARIA GCM"); XMEMCPY(&ctx->cipher.aria.nonce, ctx->iv, ARIA_BLOCK_SIZE); break; #endif /* HAVE_ARIA */ #ifndef NO_DES3 - case DES_CBC_TYPE : + case WC_DES_CBC_TYPE : WOLFSSL_MSG("DES CBC"); XMEMCPY(&ctx->cipher.des.reg, ctx->iv, DES_BLOCK_SIZE); break; - case DES_EDE3_CBC_TYPE : + case WC_DES_EDE3_CBC_TYPE : WOLFSSL_MSG("DES EDE3 CBC"); XMEMCPY(&ctx->cipher.des3.reg, ctx->iv, DES_BLOCK_SIZE); break; #endif #ifdef WOLFSSL_DES_ECB - case DES_ECB_TYPE : + case WC_DES_ECB_TYPE : WOLFSSL_MSG("DES ECB"); break; - case DES_EDE3_ECB_TYPE : + case WC_DES_EDE3_ECB_TYPE : WOLFSSL_MSG("DES3 ECB"); break; #endif - case ARC4_TYPE : + case WC_ARC4_TYPE : WOLFSSL_MSG("ARC4"); break; #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case CHACHA20_POLY1305_TYPE: + case WC_CHACHA20_POLY1305_TYPE: break; #endif #ifdef HAVE_CHACHA - case CHACHA20_TYPE: + case WC_CHACHA20_TYPE: break; #endif #ifdef WOLFSSL_SM4_ECB - case SM4_ECB_TYPE: + case WC_SM4_ECB_TYPE: break; #endif #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE: + case WC_SM4_CBC_TYPE: WOLFSSL_MSG("SM4 CBC"); XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz); break; #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE: + case WC_SM4_CTR_TYPE: WOLFSSL_MSG("SM4 CTR"); XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz); break; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: + case WC_SM4_GCM_TYPE: WOLFSSL_MSG("SM4 GCM"); XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz); break; #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: + case WC_SM4_CCM_TYPE: WOLFSSL_MSG("SM4 CCM"); XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz); break; #endif - case NULL_CIPHER_TYPE : + case WC_NULL_CIPHER_TYPE : WOLFSSL_MSG("NULL"); break; diff --git a/src/ssl_asn1.c b/src/ssl_asn1.c index 95f9cca156..be6fa14de6 100644 --- a/src/ssl_asn1.c +++ b/src/ssl_asn1.c @@ -1019,7 +1019,7 @@ static void wolfssl_asn1_integer_reset_data(WOLFSSL_ASN1_INTEGER* a) /* No data, not negative. */ a->negative = 0; /* Set type to positive INTEGER. */ - a->type = V_ASN1_INTEGER; + a->type = WOLFSSL_V_ASN1_INTEGER; } #endif /* OPENSSL_EXTRA */ @@ -1318,7 +1318,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_d2i_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER** a, } if (!err) { /* Set type. */ - ret->type = V_ASN1_INTEGER; + ret->type = WOLFSSL_V_ASN1_INTEGER; /* Copy DER encoding and length. */ XMEMCPY(ret->data, *in, (size_t)(idx + (word32)len)); @@ -1331,7 +1331,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_d2i_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER** a, } if ((!err) && ret->negative) { /* Update type if number was negative. */ - ret->type |= V_ASN1_NEG_INTEGER; + ret->type |= WOLFSSL_V_ASN1_NEG_INTEGER; } if (err) { @@ -1490,7 +1490,7 @@ int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1, * @return 0 when bp or a is NULL. * @return 0 DER header in data is invalid. */ -int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) +int wolfSSL_i2a_ASN1_INTEGER(WOLFSSL_BIO *bp, const WOLFSSL_ASN1_INTEGER *a) { int err = 0; word32 idx = 1; /* Skip ASN.1 INTEGER tag byte. */ @@ -1751,10 +1751,10 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_BN_to_ASN1_INTEGER(const WOLFSSL_BIGNUM *bn, int length; /* Set type and negative. */ - a->type = V_ASN1_INTEGER; + a->type = WOLFSSL_V_ASN1_INTEGER; if (wolfSSL_BN_is_negative(bn) && !wolfSSL_BN_is_zero(bn)) { a->negative = 1; - a->type |= V_ASN1_NEG_INTEGER; + a->type |= WOLFSSL_V_ASN1_NEG_INTEGER; } /* Get length in bytes of encoded number. */ @@ -1883,7 +1883,7 @@ int wolfSSL_ASN1_INTEGER_set(WOLFSSL_ASN1_INTEGER *a, long v) if (v < 0) { /* Set negative and 2's complement the value. */ a->negative = 1; - a->type |= V_ASN1_NEG; + a->type |= WOLFSSL_V_ASN1_NEG; v = -v; } @@ -2345,7 +2345,7 @@ int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a) length = wolfSSL_BIO_write(bp, null_str, (int)XSTRLEN(null_str)); } /* Try getting text version and write it out. */ - else if ((length = i2t_ASN1_OBJECT(buf, sizeof(buf), a)) > 0) { + else if ((length = wolfSSL_i2t_ASN1_OBJECT(buf, sizeof(buf), a)) > 0) { length = wolfSSL_BIO_write(bp, buf, length); } /* Look for DER header. */ @@ -2651,7 +2651,7 @@ int wolfSSL_ASN1_UNIVERSALSTRING_to_string(WOLFSSL_ASN1_STRING *s) } /* Check type of ASN.1 STRING. */ - if ((ret == 1) && (s->type != V_ASN1_UNIVERSALSTRING)) { + if ((ret == 1) && (s->type != WOLFSSL_V_ASN1_UNIVERSALSTRING)) { WOLFSSL_MSG("Input is not a universal string"); ret = 0; } @@ -2685,7 +2685,7 @@ int wolfSSL_ASN1_UNIVERSALSTRING_to_string(WOLFSSL_ASN1_STRING *s) *copy = '\0'; /* Update length and type. */ s->length /= 4; - s->type = V_ASN1_PRINTABLESTRING; + s->type = WOLFSSL_V_ASN1_PRINTABLESTRING; } return ret; @@ -3207,10 +3207,10 @@ int wolfSSL_ASN1_STRING_canon(WOLFSSL_ASN1_STRING* asn_out, if (ret == 1) { switch (asn_in->type) { - case MBSTRING_UTF8: - case V_ASN1_PRINTABLESTRING: + case WOLFSSL_MBSTRING_UTF8: + case WOLFSSL_V_ASN1_PRINTABLESTRING: /* Set type to UTF8. */ - asn_out->type = MBSTRING_UTF8; + asn_out->type = WOLFSSL_MBSTRING_UTF8; /* Dispose of any dynamic data already in asn_out. */ if (asn_out->isDynamic) { XFREE(asn_out->data, NULL, DYNAMIC_TYPE_OPENSSL); @@ -3327,8 +3327,8 @@ const char* wolfSSL_ASN1_tag2str(int tag) const char* str = "(unknown)"; /* Clear negative flag. */ - if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED)) { - tag &= ~V_ASN1_NEG; + if ((tag == WOLFSSL_V_ASN1_NEG_INTEGER) || (tag == WOLFSSL_V_ASN1_NEG_ENUMERATED)) { + tag &= ~WOLFSSL_V_ASN1_NEG; } /* Check for known basic types. */ if ((tag >= 0) && (tag <= 30)) { @@ -3514,7 +3514,7 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *bio, WOLFSSL_ASN1_STRING *str, err = 1; } /* Check if ASN.1 type is to be printed. */ - if ((!err) && (flags & ASN1_STRFLGS_SHOW_TYPE)) { + if ((!err) && (flags & WOLFSSL_ASN1_STRFLGS_SHOW_TYPE)) { /* Print type and colon to BIO. */ type_len = wolfssl_string_print_type(bio, str); if (type_len == 0) { @@ -3523,12 +3523,12 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *bio, WOLFSSL_ASN1_STRING *str, } if (!err) { - if (flags & ASN1_STRFLGS_DUMP_ALL) { + if (flags & WOLFSSL_ASN1_STRFLGS_DUMP_ALL) { /* Dump hex. */ str_len = wolfssl_asn1_string_dump_hex(bio, str, - flags & ASN1_STRFLGS_DUMP_DER); + flags & WOLFSSL_ASN1_STRFLGS_DUMP_DER); } - else if (flags & ASN1_STRFLGS_ESC_2253) { + else if (flags & WOLFSSL_ASN1_STRFLGS_ESC_2253) { /* Print out string with escaping. */ str_len = wolfssl_asn1_string_print_esc_2253(bio, str); } @@ -3621,7 +3621,7 @@ int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio, ret = BAD_FUNC_ARG; } /* Check type is GENERALIZED TIME. */ - if ((ret == 1) && (asnTime->type != V_ASN1_GENERALIZEDTIME)) { + if ((ret == 1) && (asnTime->type != WOLFSSL_V_ASN1_GENERALIZEDTIME)) { WOLFSSL_MSG("Error, not GENERALIZED_TIME"); ret = 0; } @@ -4036,8 +4036,8 @@ int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *t, const char *str) /* Do not include NUL terminator in length. */ t->length = slen - 1; /* Set ASN.1 type based on string length. */ - t->type = ((slen == ASN_UTC_TIME_SIZE) ? V_ASN1_UTCTIME : - V_ASN1_GENERALIZEDTIME); + t->type = ((slen == ASN_UTC_TIME_SIZE) ? WOLFSSL_V_ASN1_UTCTIME : + WOLFSSL_V_ASN1_GENERALIZEDTIME); } return ret; @@ -4078,8 +4078,8 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, WOLFSSL_MSG("Invalid ASN_TIME value"); } /* Ensure ASN.1 type is one that is supported. */ - else if ((t->type != V_ASN1_UTCTIME) && - (t->type != V_ASN1_GENERALIZEDTIME)) { + else if ((t->type != WOLFSSL_V_ASN1_UTCTIME) && + (t->type != WOLFSSL_V_ASN1_GENERALIZEDTIME)) { WOLFSSL_MSG("Invalid ASN_TIME type."); } /* Check for ASN.1 GENERALIZED TIME object being passed in. */ @@ -4097,9 +4097,9 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, if (ret != NULL) { /* Set the ASN.1 type and length of string. */ - ret->type = V_ASN1_GENERALIZEDTIME; + ret->type = WOLFSSL_V_ASN1_GENERALIZEDTIME; - if (t->type == V_ASN1_GENERALIZEDTIME) { + if (t->type == WOLFSSL_V_ASN1_GENERALIZEDTIME) { ret->length = ASN_GENERALIZED_TIME_SIZE; /* Just copy as data already appropriately formatted. */ @@ -4151,7 +4151,7 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_UTCTIME_set(WOLFSSL_ASN1_TIME *s, time_t t) ret = NULL; } else { - ret->type = V_ASN1_UTCTIME; + ret->type = WOLFSSL_V_ASN1_UTCTIME; } return ret; @@ -4311,7 +4311,7 @@ static int wolfssl_asn1_time_to_tm(const WOLFSSL_ASN1_TIME* asnTime, /* Zero out values in broken-down time. */ XMEMSET(tm, 0, sizeof(struct tm)); - if (asnTime->type == V_ASN1_UTCTIME) { + if (asnTime->type == WOLFSSL_V_ASN1_UTCTIME) { /* Get year from UTC TIME string. */ int tm_year; if ((ret = wolfssl_utctime_year(asn1TimeBuf, asn1TimeBufLen, @@ -4321,7 +4321,7 @@ static int wolfssl_asn1_time_to_tm(const WOLFSSL_ASN1_TIME* asnTime, i = 2; } } - else if (asnTime->type == V_ASN1_GENERALIZEDTIME) { + else if (asnTime->type == WOLFSSL_V_ASN1_GENERALIZEDTIME) { /* Get year from GENERALIZED TIME string. */ int tm_year; if ((ret = wolfssl_gentime_year(asn1TimeBuf, asn1TimeBufLen, @@ -4522,7 +4522,7 @@ int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a) ret = 0; } /* Validate ASN.1 UTC TIME object is of type UTC_TIME. */ - if ((ret == 1) && (a->type != V_ASN1_UTCTIME)) { + if ((ret == 1) && (a->type != WOLFSSL_V_ASN1_UTCTIME)) { WOLFSSL_MSG("Error, not UTC_TIME"); ret = 0; } @@ -4574,28 +4574,28 @@ WOLFSSL_ASN1_TYPE* wolfSSL_ASN1_TYPE_new(void) static void wolfssl_asn1_type_free_value(WOLFSSL_ASN1_TYPE* at) { switch (at->type) { - case V_ASN1_NULL: + case WOLFSSL_V_ASN1_NULL: break; - case V_ASN1_OBJECT: + case WOLFSSL_V_ASN1_OBJECT: wolfSSL_ASN1_OBJECT_free(at->value.object); break; - case V_ASN1_UTCTIME: + case WOLFSSL_V_ASN1_UTCTIME: #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA) wolfSSL_ASN1_TIME_free(at->value.utctime); #endif break; - case V_ASN1_GENERALIZEDTIME: + case WOLFSSL_V_ASN1_GENERALIZEDTIME: #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA) wolfSSL_ASN1_TIME_free(at->value.generalizedtime); #endif break; - case V_ASN1_UTF8STRING: - case V_ASN1_OCTET_STRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - case V_ASN1_IA5STRING: - case V_ASN1_UNIVERSALSTRING: - case V_ASN1_SEQUENCE: + case WOLFSSL_V_ASN1_UTF8STRING: + case WOLFSSL_V_ASN1_OCTET_STRING: + case WOLFSSL_V_ASN1_PRINTABLESTRING: + case WOLFSSL_V_ASN1_T61STRING: + case WOLFSSL_V_ASN1_IA5STRING: + case WOLFSSL_V_ASN1_UNIVERSALSTRING: + case WOLFSSL_V_ASN1_SEQUENCE: wolfSSL_ASN1_STRING_free(at->value.asn1_string); break; default: @@ -4626,25 +4626,25 @@ int wolfSSL_i2d_ASN1_TYPE(WOLFSSL_ASN1_TYPE* at, unsigned char** pp) return WOLFSSL_FATAL_ERROR; switch (at->type) { - case V_ASN1_NULL: + case WOLFSSL_V_ASN1_NULL: break; - case V_ASN1_OBJECT: + case WOLFSSL_V_ASN1_OBJECT: ret = wolfSSL_i2d_ASN1_OBJECT(at->value.object, pp); break; - case V_ASN1_UTF8STRING: + case WOLFSSL_V_ASN1_UTF8STRING: ret = wolfSSL_i2d_ASN1_UTF8STRING(at->value.utf8string, pp); break; - case V_ASN1_GENERALIZEDTIME: + case WOLFSSL_V_ASN1_GENERALIZEDTIME: ret = wolfSSL_i2d_ASN1_GENERALSTRING(at->value.utf8string, pp); break; - case V_ASN1_SEQUENCE: + case WOLFSSL_V_ASN1_SEQUENCE: ret = wolfSSL_i2d_ASN1_SEQUENCE(at->value.sequence, pp); break; - case V_ASN1_UTCTIME: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - case V_ASN1_IA5STRING: - case V_ASN1_UNIVERSALSTRING: + case WOLFSSL_V_ASN1_UTCTIME: + case WOLFSSL_V_ASN1_PRINTABLESTRING: + case WOLFSSL_V_ASN1_T61STRING: + case WOLFSSL_V_ASN1_IA5STRING: + case WOLFSSL_V_ASN1_UNIVERSALSTRING: default: WOLFSSL_MSG("asn1 i2d type not supported"); break; @@ -4661,16 +4661,16 @@ int wolfSSL_i2d_ASN1_TYPE(WOLFSSL_ASN1_TYPE* at, unsigned char** pp) * Set ASN.1 TYPE object with a type and value. * * Type of value for different types: - * V_ASN1_NULL : Value should be NULL. - * V_ASN1_OBJECT : WOLFSSL_ASN1_OBJECT. - * V_ASN1_UTCTIME : WOLFSSL_ASN1_TIME. - * V_ASN1_GENERALIZEDTIME : WOLFSSL_ASN1_TIME. - * V_ASN1_UTF8STRING : WOLFSSL_ASN1_STRING. - * V_ASN1_PRINTABLESTRING : WOLFSSL_ASN1_STRING. - * V_ASN1_T61STRING : WOLFSSL_ASN1_STRING. - * V_ASN1_IA5STRING : WOLFSSL_ASN1_STRING. - * V_ASN1_UNINVERSALSTRING: WOLFSSL_ASN1_STRING. - * V_ASN1_SEQUENCE : WOLFSSL_ASN1_STRING. + * WOLFSSL_V_ASN1_NULL : Value should be NULL. + * WOLFSSL_V_ASN1_OBJECT : WOLFSSL_ASN1_OBJECT. + * WOLFSSL_V_ASN1_UTCTIME : WOLFSSL_ASN1_TIME. + * WOLFSSL_V_ASN1_GENERALIZEDTIME : WOLFSSL_ASN1_TIME. + * WOLFSSL_V_ASN1_UTF8STRING : WOLFSSL_ASN1_STRING. + * WOLFSSL_V_ASN1_PRINTABLESTRING : WOLFSSL_ASN1_STRING. + * WOLFSSL_V_ASN1_T61STRING : WOLFSSL_ASN1_STRING. + * WOLFSSL_V_ASN1_IA5STRING : WOLFSSL_ASN1_STRING. + * WOLFSSL_V_ASN1_UNINVERSALSTRING: WOLFSSL_ASN1_STRING. + * WOLFSSL_V_ASN1_SEQUENCE : WOLFSSL_ASN1_STRING. * * @param [in, out] a ASN.1 TYPE object to set. * @param [in] type ASN.1 type of value. @@ -4680,22 +4680,22 @@ void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value) { if (a != NULL) { switch (type) { - case V_ASN1_NULL: + case WOLFSSL_V_ASN1_NULL: if (value != NULL) { WOLFSSL_MSG("NULL tag meant to be always empty!"); /* No way to return error - value will not be used. */ } FALL_THROUGH; - case V_ASN1_OBJECT: - case V_ASN1_UTCTIME: - case V_ASN1_GENERALIZEDTIME: - case V_ASN1_UTF8STRING: - case V_ASN1_OCTET_STRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - case V_ASN1_IA5STRING: - case V_ASN1_UNIVERSALSTRING: - case V_ASN1_SEQUENCE: + case WOLFSSL_V_ASN1_OBJECT: + case WOLFSSL_V_ASN1_UTCTIME: + case WOLFSSL_V_ASN1_GENERALIZEDTIME: + case WOLFSSL_V_ASN1_UTF8STRING: + case WOLFSSL_V_ASN1_OCTET_STRING: + case WOLFSSL_V_ASN1_PRINTABLESTRING: + case WOLFSSL_V_ASN1_T61STRING: + case WOLFSSL_V_ASN1_IA5STRING: + case WOLFSSL_V_ASN1_UNIVERSALSTRING: + case WOLFSSL_V_ASN1_SEQUENCE: /* Dispose of any value currently set. */ wolfssl_asn1_type_free_value(a); /* Assign anonymously typed input to anonymously typed field. */ @@ -4712,7 +4712,7 @@ void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value) int wolfSSL_ASN1_TYPE_get(const WOLFSSL_ASN1_TYPE *a) { - if (a != NULL && (a->type == V_ASN1_BOOLEAN || a->type == V_ASN1_NULL + if (a != NULL && (a->type == WOLFSSL_V_ASN1_BOOLEAN || a->type == WOLFSSL_V_ASN1_NULL || a->value.ptr != NULL)) return a->type; return 0; diff --git a/src/ssl_bn.c b/src/ssl_bn.c index 227fc71606..1c05b14799 100644 --- a/src/ssl_bn.c +++ b/src/ssl_bn.c @@ -166,7 +166,7 @@ int wolfssl_bn_set_value(WOLFSSL_BIGNUM** bn, mp_int* mpi) /* Dispose of any allocated big number on error. */ if ((ret == -1) && (a != NULL)) { - BN_free(a); + wolfSSL_BN_free(a); *bn = NULL; } return ret; diff --git a/src/ssl_crypto.c b/src/ssl_crypto.c index 58fca44995..4eda76b220 100644 --- a/src/ssl_crypto.c +++ b/src/ssl_crypto.c @@ -293,7 +293,7 @@ int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX* sha) { WOLFSSL_ENTER("SHA1_Init"); - return SHA_Init(sha); + return wolfSSL_SHA_Init(sha); } @@ -310,7 +310,7 @@ int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX* sha, const void* input, { WOLFSSL_ENTER("SHA1_Update"); - return SHA_Update(sha, input, sz); + return wolfSSL_SHA_Update(sha, input, sz); } /* Finalize SHA-1 hash and return output. @@ -325,7 +325,7 @@ int wolfSSL_SHA1_Final(byte* output, WOLFSSL_SHA_CTX* sha) { WOLFSSL_ENTER("SHA1_Final"); - return SHA_Final(output, sha); + return wolfSSL_SHA_Final(output, sha); } #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ @@ -359,7 +359,7 @@ int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX* sha, const unsigned char* data) int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX* sha224) { /* Ensure WOLFSSL_SHA224_CTX is big enough for wolfCrypt wc_Sha224. */ - WOLFSSL_ASSERT_SIZEOF_GE(SHA224_CTX, wc_Sha224); + WOLFSSL_ASSERT_SIZEOF_GE(WOLFSSL_SHA224_CTX, wc_Sha224); WOLFSSL_ENTER("SHA224_Init"); @@ -418,7 +418,7 @@ int wolfSSL_SHA224_Final(byte* output, WOLFSSL_SHA224_CTX* sha224) int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX* sha256) { /* Ensure WOLFSSL_SHA256_CTX is big enough for wolfCrypt wc_Sha256. */ - WOLFSSL_ASSERT_SIZEOF_GE(SHA256_CTX, wc_Sha256); + WOLFSSL_ASSERT_SIZEOF_GE(WOLFSSL_SHA256_CTX, wc_Sha256); WOLFSSL_ENTER("SHA256_Init"); @@ -507,7 +507,7 @@ int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256, int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX* sha384) { /* Ensure WOLFSSL_SHA384_CTX is big enough for wolfCrypt wc_Sha384. */ - WOLFSSL_ASSERT_SIZEOF_GE(SHA384_CTX, wc_Sha384); + WOLFSSL_ASSERT_SIZEOF_GE(WOLFSSL_SHA384_CTX, wc_Sha384); WOLFSSL_ENTER("SHA384_Init"); @@ -566,7 +566,7 @@ int wolfSSL_SHA384_Final(byte* output, WOLFSSL_SHA384_CTX* sha384) int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX* sha512) { /* Ensure WOLFSSL_SHA512_CTX is big enough for wolfCrypt wc_Sha512. */ - WOLFSSL_ASSERT_SIZEOF_GE(SHA512_CTX, wc_Sha512); + WOLFSSL_ASSERT_SIZEOF_GE(WOLFSSL_SHA512_CTX, wc_Sha512); WOLFSSL_ENTER("SHA512_Init"); @@ -802,7 +802,7 @@ int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512, int wolfSSL_SHA3_224_Init(WOLFSSL_SHA3_224_CTX* sha3_224) { /* Ensure WOLFSSL_SHA3_224_CTX is big enough for wolfCrypt wc_Sha3. */ - WOLFSSL_ASSERT_SIZEOF_GE(SHA3_224_CTX, wc_Sha3); + WOLFSSL_ASSERT_SIZEOF_GE(WOLFSSL_SHA3_224_CTX, wc_Sha3); WOLFSSL_ENTER("SHA3_224_Init"); @@ -861,7 +861,7 @@ int wolfSSL_SHA3_224_Final(byte* output, WOLFSSL_SHA3_224_CTX* sha3) int wolfSSL_SHA3_256_Init(WOLFSSL_SHA3_256_CTX* sha3_256) { /* Ensure WOLFSSL_SHA3_256_CTX is big enough for wolfCrypt wc_Sha3. */ - WOLFSSL_ASSERT_SIZEOF_GE(SHA3_256_CTX, wc_Sha3); + WOLFSSL_ASSERT_SIZEOF_GE(WOLFSSL_SHA3_256_CTX, wc_Sha3); WOLFSSL_ENTER("SHA3_256_Init"); @@ -920,7 +920,7 @@ int wolfSSL_SHA3_256_Final(byte* output, WOLFSSL_SHA3_256_CTX* sha3) int wolfSSL_SHA3_384_Init(WOLFSSL_SHA3_384_CTX* sha3_384) { /* Ensure WOLFSSL_SHA3_384_CTX is big enough for wolfCrypt wc_Sha3. */ - WOLFSSL_ASSERT_SIZEOF_GE(SHA3_384_CTX, wc_Sha3); + WOLFSSL_ASSERT_SIZEOF_GE(WOLFSSL_SHA3_384_CTX, wc_Sha3); WOLFSSL_ENTER("SHA3_384_Init"); @@ -979,7 +979,7 @@ int wolfSSL_SHA3_384_Final(byte* output, WOLFSSL_SHA3_384_CTX* sha3) int wolfSSL_SHA3_512_Init(WOLFSSL_SHA3_512_CTX* sha3_512) { /* Ensure WOLFSSL_SHA3_512_CTX is big enough for wolfCrypt wc_Sha3. */ - WOLFSSL_ASSERT_SIZEOF_GE(SHA3_512_CTX, wc_Sha3); + WOLFSSL_ASSERT_SIZEOF_GE(WOLFSSL_SHA3_512_CTX, wc_Sha3); WOLFSSL_ENTER("SHA3_512_Init"); @@ -1722,7 +1722,7 @@ const WOLFSSL_EVP_MD* wolfSSL_HMAC_CTX_get_md(const WOLFSSL_HMAC_CTX* ctx) * @return 0 on failure. */ int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, int keySz, - const EVP_MD* type, WOLFSSL_ENGINE* e) + const WOLFSSL_EVP_MD* type, WOLFSSL_ENGINE* e) { WOLFSSL_ENTER("wolfSSL_HMAC_Init_ex"); @@ -1746,7 +1746,7 @@ int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, int keySz, * @return 0 on failure. */ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, - const EVP_MD* type) + const WOLFSSL_EVP_MD* type) { int ret = 1; void* heap = NULL; @@ -2248,7 +2248,7 @@ int wolfSSL_CMAC_Final(WOLFSSL_CMAC_CTX* ctx, unsigned char* out, size_t* len) if (ret == 1) { /* Get the expected output size. */ - blockSize = EVP_CIPHER_CTX_block_size(ctx->cctx); + blockSize = wolfSSL_EVP_CIPHER_CTX_block_size(ctx->cctx); /* Check value is valid. */ if (blockSize <= 0) { ret = 0; diff --git a/src/ssl_load.c b/src/ssl_load.c index 0361edbdf5..f2b5907e93 100644 --- a/src/ssl_load.c +++ b/src/ssl_load.c @@ -1397,7 +1397,7 @@ static int ProcessBufferPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl, #ifdef OPENSSL_EXTRA /* Decryption password is probably wrong. */ if (info->passwd_cb) { - EVPerr(0, EVP_R_BAD_DECRYPT); + WOLFSSL_EVPerr(0, -WOLFSSL_EVP_R_BAD_DECRYPT_E); } #endif WOLFSSL_ERROR(WOLFSSL_BAD_FILE); @@ -4946,19 +4946,19 @@ int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey) if (ret == 1) { switch (pkey->type) { #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: WOLFSSL_MSG("populating RSA key"); ret = PopulateRSAEvpPkeyDer(pkey); break; #endif /* (WOLFSSL_KEY_GEN || OPENSSL_EXTRA) && !NO_RSA */ #if !defined(HAVE_SELFTEST) && (defined(WOLFSSL_KEY_GEN) || \ defined(WOLFSSL_CERT_GEN)) && !defined(NO_DSA) - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: break; #endif /* !HAVE_SELFTEST && (WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN) && * !NO_DSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: WOLFSSL_MSG("populating ECC key"); ret = ECC_populate_EVP_PKEY(pkey, pkey->ecc); break; @@ -4972,7 +4972,7 @@ int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey) /* ptr for WOLFSSL_EVP_PKEY struct is expected to be DER format */ ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, (const unsigned char*)pkey->pkey.ptr, pkey->pkey_sz, - SSL_FILETYPE_ASN1); + WOLFSSL_FILETYPE_ASN1); } return ret; diff --git a/src/ssl_p7p12.c b/src/ssl_p7p12.c index fba27676db..9f51fa84f5 100644 --- a/src/ssl_p7p12.c +++ b/src/ssl_p7p12.c @@ -2012,7 +2012,7 @@ int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, #ifndef NO_RSA { const unsigned char* pt = pk; - if (wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, pkey, &pt, pkSz) != + if (wolfSSL_d2i_PrivateKey(WC_EVP_PKEY_RSA, pkey, &pt, pkSz) != NULL) { ret = 0; } @@ -2022,7 +2022,7 @@ int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, #ifdef HAVE_ECC if (ret != 0) { /* if is in fail state check if ECC key */ const unsigned char* pt = pk; - if (wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, pkey, &pt, pkSz) != + if (wolfSSL_d2i_PrivateKey(WC_EVP_PKEY_EC, pkey, &pt, pkSz) != NULL) { ret = 0; } diff --git a/src/tls.c b/src/tls.c index a42db1d516..02ef33b97a 100644 --- a/src/tls.c +++ b/src/tls.c @@ -6450,7 +6450,7 @@ static int TLSX_SupportedVersions_GetSize(void* data, byte msgType, word16* pSz) if (versionIsLessEqual(isDtls, ssl->options.minDowngrade, tls13Minor) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \ defined(WOLFSSL_WPAS_SMALL) - && (ssl->options.mask & SSL_OP_NO_TLSv1_3) == 0 + && (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_3) == 0 #endif ) { cnt++; @@ -6462,7 +6462,7 @@ static int TLSX_SupportedVersions_GetSize(void* data, byte msgType, word16* pSz) isDtls, ssl->options.minDowngrade, tls12Minor) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \ defined(WOLFSSL_WPAS_SMALL) - && (ssl->options.mask & SSL_OP_NO_TLSv1_2) == 0 + && (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_2) == 0 #endif ) { cnt++; @@ -6473,7 +6473,7 @@ static int TLSX_SupportedVersions_GetSize(void* data, byte msgType, word16* pSz) isDtls, ssl->options.minDowngrade, tls11Minor) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \ defined(WOLFSSL_WPAS_SMALL) - && (ssl->options.mask & SSL_OP_NO_TLSv1_1) == 0 + && (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_1) == 0 #endif ) { cnt++; @@ -6482,7 +6482,7 @@ static int TLSX_SupportedVersions_GetSize(void* data, byte msgType, word16* pSz) if (!ssl->options.dtls && (ssl->options.minDowngrade <= TLSv1_MINOR) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \ defined(WOLFSSL_WPAS_SMALL) - && (ssl->options.mask & SSL_OP_NO_TLSv1) == 0 + && (ssl->options.mask & WOLFSSL_OP_NO_TLSv1) == 0 #endif ) { cnt++; @@ -6547,7 +6547,7 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output, if (versionIsLessEqual(isDtls, ssl->options.minDowngrade, tls13minor) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \ defined(WOLFSSL_WPAS_SMALL) - && (ssl->options.mask & SSL_OP_NO_TLSv1_3) == 0 + && (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_3) == 0 #endif ) { *cnt += OPAQUE16_LEN; @@ -6567,7 +6567,7 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output, if (versionIsLessEqual(isDtls, ssl->options.minDowngrade, tls12minor) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \ defined(WOLFSSL_WPAS_SMALL) - && (ssl->options.mask & SSL_OP_NO_TLSv1_2) == 0 + && (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_2) == 0 #endif ) { *cnt += OPAQUE16_LEN; @@ -6580,7 +6580,7 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output, if (versionIsLessEqual(isDtls, ssl->options.minDowngrade, tls11minor) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \ defined(WOLFSSL_WPAS_SMALL) - && (ssl->options.mask & SSL_OP_NO_TLSv1_1) == 0 + && (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_1) == 0 #endif ) { *cnt += OPAQUE16_LEN; @@ -6591,7 +6591,7 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output, if (!ssl->options.dtls && (ssl->options.minDowngrade <= TLSv1_MINOR) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \ defined(WOLFSSL_WPAS_SMALL) - && (ssl->options.mask & SSL_OP_NO_TLSv1) == 0 + && (ssl->options.mask & WOLFSSL_OP_NO_TLSv1) == 0 #endif ) { *cnt += OPAQUE16_LEN; diff --git a/src/tls13.c b/src/tls13.c index e8268939ba..3cea7ae541 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -5285,7 +5285,9 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, defined(WOLFSSL_WPAS_SMALL) /* Check if client has disabled TLS 1.2 */ if (args->pv.minor == TLSv1_2_MINOR && - (ssl->options.mask & SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2) { + (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_2) + == WOLFSSL_OP_NO_TLSv1_2) + { WOLFSSL_MSG("\tOption set to not allow TLSv1.2"); WOLFSSL_ERROR_VERBOSE(VERSION_ERROR); return VERSION_ERROR; diff --git a/src/wolfio.c b/src/wolfio.c index a632ff8431..bb137e5518 100644 --- a/src/wolfio.c +++ b/src/wolfio.c @@ -260,12 +260,12 @@ static int TranslateIoReturnCode(int err, SOCKET_T sd, int direction) #ifdef OPENSSL_EXTRA #ifndef NO_BIO -int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx) +int wolfSSL_BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx) { return SslBioSend(ssl, buf, sz, ctx); } -int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx) +int wolfSSL_BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx) { return SslBioReceive(ssl, buf, sz, ctx); } @@ -1032,7 +1032,7 @@ int EmbedGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx) } ((SOCKADDR_IN*)&addr)->sin_port = XHTONS(port); - /* peer sa is free'd in SSL_ResourceFree */ + /* peer sa is free'd in wolfSSL_ResourceFree */ if ((ret = wolfSSL_dtls_set_peer(ssl, (SOCKADDR_IN*)&addr, sizeof(SOCKADDR_IN)))!= WOLFSSL_SUCCESS) { WOLFSSL_MSG("Import DTLS peer info error"); @@ -1049,7 +1049,7 @@ int EmbedGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx) } ((SOCKADDR_IN6*)&addr)->sin6_port = XHTONS(port); - /* peer sa is free'd in SSL_ResourceFree */ + /* peer sa is free'd in wolfSSL_ResourceFree */ if ((ret = wolfSSL_dtls_set_peer(ssl, (SOCKADDR_IN6*)&addr, sizeof(SOCKADDR_IN6)))!= WOLFSSL_SUCCESS) { WOLFSSL_MSG("Import DTLS peer info error"); diff --git a/src/x509.c b/src/x509.c index 18feff0225..5848329fe8 100644 --- a/src/x509.c +++ b/src/x509.c @@ -532,7 +532,7 @@ static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns, goto err; } - tag = V_ASN1_UTF8STRING; + tag = WOLFSSL_V_ASN1_UTF8STRING; } else #endif @@ -555,7 +555,7 @@ static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns, len -= idx; /* Set the tag to object so that it gets output in raw form */ - tag = V_ASN1_SEQUENCE; + tag = WOLFSSL_V_ASN1_SEQUENCE; } @@ -625,7 +625,7 @@ static int wolfssl_x509_alt_names_to_gn(WOLFSSL_X509* x509, } gn->type = dns->type; - if (gn->type == GEN_OTHERNAME) { + if (gn->type == WOLFSSL_GEN_OTHERNAME) { if (!wolfssl_dns_entry_othername_to_gn(dns, gn)) { WOLFSSL_MSG("OTHERNAME set failed"); wolfSSL_GENERAL_NAME_free(gn); @@ -922,7 +922,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) obj->obj = (byte*)x509->authInfoCaIssuer; obj->objSz = (unsigned int)x509->authInfoCaIssuerSz; obj->grp = oidCertAuthInfoType; - obj->nid = NID_ad_ca_issuers; + obj->nid = WC_NID_ad_ca_issuers; ret = wolfSSL_sk_ASN1_OBJECT_push(sk, obj) > 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; @@ -958,7 +958,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) obj->obj = x509->authInfo; obj->objSz = (unsigned int)x509->authInfoSz; obj->grp = oidCertAuthInfoType; - obj->nid = NID_ad_OCSP; + obj->nid = WC_NID_ad_OCSP; ret = wolfSSL_sk_ASN1_OBJECT_push(sk, obj) > 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; @@ -1256,7 +1256,7 @@ int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int lo nid = (ext->obj != NULL) ? ext->obj->type : ext->value.nid; switch (nid) { - case NID_authority_key_identifier: + case WC_NID_authority_key_identifier: if (x509->authKeyIdSrc != NULL) { /* If authKeyId points into authKeyIdSrc then free it and * revert to old functionality */ @@ -1271,7 +1271,7 @@ int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int lo } x509->authKeyIdCrit = (byte)ext->crit; break; - case NID_subject_key_identifier: + case WC_NID_subject_key_identifier: if (asn1_string_copy_to_buffer(&ext->value, &x509->subjKeyId, &x509->subjKeyIdSz, x509->heap) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("asn1_string_copy_to_buffer error"); @@ -1279,7 +1279,7 @@ int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int lo } x509->subjKeyIdCrit = (byte)ext->crit; break; - case NID_subject_alt_name: + case WC_NID_subject_alt_name: { WOLFSSL_GENERAL_NAMES* gns = ext->ext_sk; while (gns) { @@ -1323,7 +1323,7 @@ int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int lo x509->subjAltNameCrit = (byte)ext->crit; break; } - case NID_key_usage: + case WC_NID_key_usage: if (ext && ext->value.data) { if (ext->value.length == sizeof(word16)) { /* if ext->value is already word16, set directly */ @@ -1345,7 +1345,7 @@ int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int lo } } break; - case NID_ext_key_usage: + case WC_NID_ext_key_usage: if (ext && ext->value.data) { if (ext->value.length == sizeof(byte)) { /* if ext->value is already word16, set directly */ @@ -1365,7 +1365,7 @@ int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int lo } } break; - case NID_basic_constraints: + case WC_NID_basic_constraints: if (ext->obj) { x509->isCa = (byte)ext->obj->ca; x509->basicConstCrit = (byte)ext->crit; @@ -1438,8 +1438,8 @@ int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int lo int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext, unsigned long flag, int indent) { - ASN1_OBJECT* obj; - ASN1_STRING* str; + WOLFSSL_ASN1_OBJECT* obj; + WOLFSSL_ASN1_STRING* str; int nid; int rc = WC_NO_ERR_TRACE(WOLFSSL_FAILURE); char tmp[CTC_NAME_SIZE*2 + 1]; @@ -1593,7 +1593,7 @@ int wolfSSL_X509_EXTENSION_set_critical(WOLFSSL_X509_EXTENSION* ex, int crit) * Returns NULL on error or pointer to the v3_ext_method populated with extension * type-specific X509V3_EXT_* function(s). * - * NOTE: NID_subject_key_identifier is currently the only extension implementing + * NOTE: WC_NID_subject_key_identifier is currently the only extension implementing * the X509V3_EXT_* functions, as it is the only type called directly by QT. The * other extension types return a pointer to a v3_ext_method struct that contains * only the NID. @@ -1622,30 +1622,30 @@ WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(WOLFSSL_X509_EXTENSION* ex) } XMEMSET(&method, 0, sizeof(WOLFSSL_v3_ext_method)); switch (nid) { - case NID_basic_constraints: + case WC_NID_basic_constraints: break; - case NID_subject_key_identifier: + case WC_NID_subject_key_identifier: method.i2s = (X509V3_EXT_I2S)wolfSSL_i2s_ASN1_STRING; break; - case NID_subject_alt_name: + case WC_NID_subject_alt_name: WOLFSSL_MSG("i2v function not yet implemented for Subject Alternative Name"); break; - case NID_key_usage: + case WC_NID_key_usage: WOLFSSL_MSG("i2v function not yet implemented for Key Usage"); break; - case NID_authority_key_identifier: + case WC_NID_authority_key_identifier: WOLFSSL_MSG("i2v function not yet implemented for Auth Key Id"); break; - case NID_info_access: + case WC_NID_info_access: WOLFSSL_MSG("i2v function not yet implemented for Info Access"); break; - case NID_ext_key_usage: + case WC_NID_ext_key_usage: WOLFSSL_MSG("i2v function not yet implemented for Ext Key Usage"); break; - case NID_certificate_policies: + case WC_NID_certificate_policies: WOLFSSL_MSG("r2i function not yet implemented for Cert Policies"); break; - case NID_crl_distribution_points: + case WC_NID_crl_distribution_points: WOLFSSL_MSG("r2i function not yet implemented for CRL Dist Points"); break; default: @@ -1748,7 +1748,7 @@ static WOLFSSL_AUTHORITY_INFO_ACCESS* wolfssl_x509v3_ext_aia_d2i( } /* Set the type of general name to URI (only type supported). */ - ret = wolfSSL_GENERAL_NAME_set_type(ad->location, GEN_URI); + ret = wolfSSL_GENERAL_NAME_set_type(ad->location, WOLFSSL_GEN_URI); if (ret != WOLFSSL_SUCCESS) { err = 1; break; @@ -1832,7 +1832,7 @@ void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ext) /* Return pointer to proper internal structure based on NID */ switch (object->type) { /* basicConstraints */ - case (NID_basic_constraints): + case (WC_NID_basic_constraints): WOLFSSL_MSG("basicConstraints"); /* Allocate new BASIC_CONSTRAINTS structure */ bc = wolfSSL_BASIC_CONSTRAINTS_new(); @@ -1855,7 +1855,7 @@ void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ext) return bc; /* subjectKeyIdentifier */ - case (NID_subject_key_identifier): + case (WC_NID_subject_key_identifier): WOLFSSL_MSG("subjectKeyIdentifier"); asn1String = wolfSSL_X509_EXTENSION_get_data(ext); if (asn1String == NULL) { @@ -1878,7 +1878,7 @@ void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ext) return newString; /* authorityKeyIdentifier */ - case (NID_authority_key_identifier): + case (WC_NID_authority_key_identifier): WOLFSSL_MSG("AuthorityKeyIdentifier"); akey = (WOLFSSL_AUTHORITY_KEYID*) @@ -1921,7 +1921,7 @@ void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ext) return akey; /* keyUsage */ - case (NID_key_usage): + case (WC_NID_key_usage): WOLFSSL_MSG("keyUsage"); /* This may need to be updated for future use. The i2v method for keyUsage is not currently set. For now, return the ASN1_STRING @@ -1947,21 +1947,21 @@ void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ext) return newString; /* extKeyUsage */ - case (NID_ext_key_usage): + case (WC_NID_ext_key_usage): WOLFSSL_MSG("extKeyUsage not supported yet"); return NULL; /* certificatePolicies */ - case (NID_certificate_policies): + case (WC_NID_certificate_policies): WOLFSSL_MSG("certificatePolicies not supported yet"); return NULL; /* cRLDistributionPoints */ - case (NID_crl_distribution_points): + case (WC_NID_crl_distribution_points): WOLFSSL_MSG("cRLDistributionPoints not supported yet"); return NULL; - case NID_subject_alt_name: + case WC_NID_subject_alt_name: if (ext->ext_sk == NULL) { WOLFSSL_MSG("Subject alt name stack NULL"); return NULL; @@ -1974,7 +1974,7 @@ void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ext) return sk; /* authorityInfoAccess */ - case NID_info_access: + case WC_NID_info_access: WOLFSSL_MSG("AuthorityInfoAccess"); return wolfssl_x509v3_ext_aia_d2i(ext); @@ -2258,7 +2258,7 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c, WOLFSSL_MSG("ASN1_STRING_set failed"); goto err; } - gn->d.dNSName->type = V_ASN1_IA5STRING; + gn->d.dNSName->type = WOLFSSL_V_ASN1_IA5STRING; } dns = dns->next; @@ -2296,7 +2296,7 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c, goto err; } - if (wolfSSL_GENERAL_NAME_set_type(gn, GEN_URI) != + if (wolfSSL_GENERAL_NAME_set_type(gn, WOLFSSL_GEN_URI) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("Error setting GENERAL_NAME type"); goto err; @@ -2754,8 +2754,8 @@ static WOLFSSL_X509_EXTENSION* createExtFromStr(int nid, const char *value) ext->value.nid = nid; switch (nid) { - case NID_subject_key_identifier: - case NID_authority_key_identifier: + case WC_NID_subject_key_identifier: + case WC_NID_authority_key_identifier: if (wolfSSL_ASN1_STRING_set(&ext->value, value, -1) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("wolfSSL_ASN1_STRING_set error"); @@ -2763,7 +2763,7 @@ static WOLFSSL_X509_EXTENSION* createExtFromStr(int nid, const char *value) } ext->value.type = CTC_UTF8; break; - case NID_subject_alt_name: + case WC_NID_subject_alt_name: { WOLFSSL_GENERAL_NAMES* gns; WOLFSSL_GENERAL_NAME* gn; @@ -2802,7 +2802,7 @@ static WOLFSSL_X509_EXTENSION* createExtFromStr(int nid, const char *value) gn->type = ASN_DNS_TYPE; break; } - case NID_key_usage: + case WC_NID_key_usage: if (wolfSSL_ASN1_STRING_set(&ext->value, value, -1) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("wolfSSL_ASN1_STRING_set error"); @@ -2810,7 +2810,7 @@ static WOLFSSL_X509_EXTENSION* createExtFromStr(int nid, const char *value) } ext->value.type = KEY_USAGE_OID; break; - case NID_ext_key_usage: + case WC_NID_ext_key_usage: if (wolfSSL_ASN1_STRING_set(&ext->value, value, -1) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("wolfSSL_ASN1_STRING_set error"); @@ -2901,22 +2901,22 @@ static void wolfSSL_X509V3_EXT_METHOD_populate(WOLFSSL_v3_ext_method *method, WOLFSSL_ENTER("wolfSSL_X509V3_EXT_METHOD_populate"); switch (nid) { - case NID_subject_key_identifier: + case WC_NID_subject_key_identifier: method->i2s = (X509V3_EXT_I2S)wolfSSL_i2s_ASN1_STRING; FALL_THROUGH; - case NID_authority_key_identifier: - case NID_key_usage: - case NID_certificate_policies: - case NID_policy_mappings: - case NID_subject_alt_name: - case NID_issuer_alt_name: - case NID_basic_constraints: - case NID_name_constraints: - case NID_policy_constraints: - case NID_ext_key_usage: - case NID_crl_distribution_points: - case NID_inhibit_any_policy: - case NID_info_access: + case WC_NID_authority_key_identifier: + case WC_NID_key_usage: + case WC_NID_certificate_policies: + case WC_NID_policy_mappings: + case WC_NID_subject_alt_name: + case WC_NID_issuer_alt_name: + case WC_NID_basic_constraints: + case WC_NID_name_constraints: + case WC_NID_policy_constraints: + case WC_NID_ext_key_usage: + case WC_NID_crl_distribution_points: + case WC_NID_inhibit_any_policy: + case WC_NID_info_access: WOLFSSL_MSG("Nothing to populate for current NID"); break; default: @@ -2928,7 +2928,7 @@ static void wolfSSL_X509V3_EXT_METHOD_populate(WOLFSSL_v3_ext_method *method, } /** - * @param nid One of the NID_* constants defined in asn.h + * @param nid One of the WC_NID_* constants defined in asn.h * @param crit * @param data This data is copied to the returned extension. * @return @@ -2952,9 +2952,9 @@ WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit, wolfSSL_X509V3_EXT_METHOD_populate(&ext->ext_method, nid); switch (nid) { - case NID_subject_key_identifier: + case WC_NID_subject_key_identifier: /* WOLFSSL_ASN1_STRING */ - case NID_key_usage: + case WC_NID_key_usage: /* WOLFSSL_ASN1_STRING */ { asn1str = (WOLFSSL_ASN1_STRING*)data; @@ -2981,13 +2981,13 @@ WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit, break; } - case NID_subject_alt_name: + case WC_NID_subject_alt_name: /* typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES */ - case NID_issuer_alt_name: + case WC_NID_issuer_alt_name: /* typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES */ - case NID_ext_key_usage: + case WC_NID_ext_key_usage: /* typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE */ - case NID_info_access: + case WC_NID_info_access: /* typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS */ { WOLFSSL_STACK* sk = (WOLFSSL_STACK*)data; @@ -3008,7 +3008,7 @@ WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit, break; } - case NID_basic_constraints: + case WC_NID_basic_constraints: { /* WOLFSSL_BASIC_CONSTRAINTS */ WOLFSSL_BASIC_CONSTRAINTS* bc = (WOLFSSL_BASIC_CONSTRAINTS*)data; @@ -3028,7 +3028,7 @@ WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit, } break; } - case NID_authority_key_identifier: + case WC_NID_authority_key_identifier: { /* AUTHORITY_KEYID */ WOLFSSL_AUTHORITY_KEYID* akey = (WOLFSSL_AUTHORITY_KEYID*)data; @@ -3055,22 +3055,22 @@ WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit, } } else { - WOLFSSL_MSG("NID_authority_key_identifier empty data"); + WOLFSSL_MSG("WC_NID_authority_key_identifier empty data"); goto err_cleanup; } break; } - case NID_inhibit_any_policy: + case WC_NID_inhibit_any_policy: /* ASN1_INTEGER */ - case NID_certificate_policies: + case WC_NID_certificate_policies: /* STACK_OF(POLICYINFO) */ - case NID_policy_mappings: + case WC_NID_policy_mappings: /* STACK_OF(POLICY_MAPPING) */ - case NID_name_constraints: + case WC_NID_name_constraints: /* NAME_CONSTRAINTS */ - case NID_policy_constraints: + case WC_NID_policy_constraints: /* POLICY_CONSTRAINTS */ - case NID_crl_distribution_points: + case WC_NID_crl_distribution_points: /* typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS */ default: WOLFSSL_MSG("Unknown or unsupported NID"); @@ -4128,7 +4128,7 @@ WOLFSSL_X509* wolfSSL_sk_X509_pop(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk) * returns a pointer to a WOLFSSL_X509 structure on success and NULL on * fail */ -WOLFSSL_X509* wolfSSL_sk_X509_value(STACK_OF(WOLFSSL_X509)* sk, int i) +WOLFSSL_X509* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)* sk, int i) { WOLFSSL_ENTER("wolfSSL_sk_X509_value"); @@ -4187,7 +4187,7 @@ WOLFSSL_X509* wolfSSL_sk_X509_shift(WOLF_STACK_OF(WOLFSSL_X509)* sk) * sk stack to free nodes in * f X509 free function */ -void wolfSSL_sk_X509_pop_free(STACK_OF(WOLFSSL_X509)* sk, +void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*)) { WOLFSSL_ENTER("wolfSSL_sk_X509_pop_free"); @@ -4338,7 +4338,7 @@ WOLFSSL_GENERAL_NAME* wolfSSL_GENERAL_NAME_new(void) wolfSSL_GENERAL_NAME_free(gn); return NULL; } - gn->type = GEN_IA5; + gn->type = WOLFSSL_GEN_IA5; return gn; } @@ -4362,33 +4362,33 @@ WOLFSSL_GENERAL_NAME* wolfSSL_GENERAL_NAME_dup(WOLFSSL_GENERAL_NAME* gn) dupl->d.ia5 = NULL; switch (gn->type) { /* WOLFSSL_ASN1_STRING types */ - case GEN_DNS: + case WOLFSSL_GEN_DNS: if (!(dupl->d.dNSName = wolfSSL_ASN1_STRING_dup(gn->d.dNSName))) { WOLFSSL_MSG("wolfSSL_ASN1_STRING_dup error"); goto error; } break; - case GEN_IPADD: + case WOLFSSL_GEN_IPADD: if (!(dupl->d.iPAddress = wolfSSL_ASN1_STRING_dup(gn->d.iPAddress))) { WOLFSSL_MSG("wolfSSL_ASN1_STRING_dup error"); goto error; } break; - case GEN_EMAIL: + case WOLFSSL_GEN_EMAIL: if (!(dupl->d.rfc822Name = wolfSSL_ASN1_STRING_dup(gn->d.rfc822Name))) { WOLFSSL_MSG("wolfSSL_ASN1_STRING_dup error"); goto error; } break; - case GEN_URI: + case WOLFSSL_GEN_URI: if (!(dupl->d.uniformResourceIdentifier = wolfSSL_ASN1_STRING_dup(gn->d.uniformResourceIdentifier))) { WOLFSSL_MSG("wolfSSL_ASN1_STRING_dup error"); goto error; } break; - case GEN_OTHERNAME: - if (gn->d.otherName->value->type != V_ASN1_UTF8STRING) { + case WOLFSSL_GEN_OTHERNAME: + if (gn->d.otherName->value->type != WOLFSSL_V_ASN1_UTF8STRING) { WOLFSSL_MSG("Unsupported othername value type"); goto error; } @@ -4419,10 +4419,10 @@ WOLFSSL_GENERAL_NAME* wolfSSL_GENERAL_NAME_dup(WOLFSSL_GENERAL_NAME* gn) goto error; } break; - case GEN_X400: - case GEN_DIRNAME: - case GEN_EDIPARTY: - case GEN_RID: + case WOLFSSL_GEN_X400: + case WOLFSSL_GEN_DIRNAME: + case WOLFSSL_GEN_EDIPARTY: + case WOLFSSL_GEN_RID: default: WOLFSSL_MSG("Unrecognized or unsupported GENERAL_NAME type"); goto error; @@ -4446,7 +4446,7 @@ WOLFSSL_GENERAL_NAME* wolfSSL_GENERAL_NAME_dup(WOLFSSL_GENERAL_NAME* gn) * WOLFSSL_SUCCESS otherwise. */ int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen, - ASN1_OBJECT* oid, ASN1_TYPE* value) + WOLFSSL_ASN1_OBJECT* oid, WOLFSSL_ASN1_TYPE* value) { WOLFSSL_ASN1_OBJECT *x = NULL; @@ -4460,7 +4460,7 @@ int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen, return WOLFSSL_FAILURE; } - gen->type = GEN_OTHERNAME; + gen->type = WOLFSSL_GEN_OTHERNAME; gen->d.otherName->type_id = x; gen->d.otherName->value = value; return WOLFSSL_SUCCESS; @@ -4742,35 +4742,35 @@ static void wolfSSL_GENERAL_NAME_type_free(WOLFSSL_GENERAL_NAME* name) { if (name != NULL) { switch (name->type) { - case GEN_IA5: + case WOLFSSL_GEN_IA5: wolfSSL_ASN1_STRING_free(name->d.ia5); name->d.ia5 = NULL; break; - case GEN_EMAIL: + case WOLFSSL_GEN_EMAIL: wolfSSL_ASN1_STRING_free(name->d.rfc822Name); name->d.rfc822Name = NULL; break; - case GEN_DNS: + case WOLFSSL_GEN_DNS: wolfSSL_ASN1_STRING_free(name->d.dNSName); name->d.dNSName = NULL; break; - case GEN_DIRNAME: + case WOLFSSL_GEN_DIRNAME: wolfSSL_X509_NAME_free(name->d.dirn); name->d.dirn = NULL; break; - case GEN_URI: + case WOLFSSL_GEN_URI: wolfSSL_ASN1_STRING_free(name->d.uniformResourceIdentifier); name->d.uniformResourceIdentifier = NULL; break; - case GEN_IPADD: + case WOLFSSL_GEN_IPADD: wolfSSL_ASN1_STRING_free(name->d.iPAddress); name->d.iPAddress = NULL; break; - case GEN_RID: + case WOLFSSL_GEN_RID: wolfSSL_ASN1_OBJECT_free(name->d.registeredID); name->d.registeredID = NULL; break; - case GEN_OTHERNAME: + case WOLFSSL_GEN_OTHERNAME: if (name->d.otherName != NULL) { wolfSSL_ASN1_OBJECT_free(name->d.otherName->type_id); wolfSSL_ASN1_TYPE_free(name->d.otherName->value); @@ -4778,9 +4778,9 @@ static void wolfSSL_GENERAL_NAME_type_free(WOLFSSL_GENERAL_NAME* name) name->d.otherName = NULL; } break; - case GEN_X400: + case WOLFSSL_GEN_X400: /* Unsupported: fall through */ - case GEN_EDIPARTY: + case WOLFSSL_GEN_EDIPARTY: /* Unsupported: fall through */ default: WOLFSSL_MSG("wolfSSL_GENERAL_NAME_type_free: possible leak"); @@ -4801,13 +4801,13 @@ int wolfSSL_GENERAL_NAME_set_type(WOLFSSL_GENERAL_NAME* name, int typ) name->type = typ; switch (typ) { - case GEN_URI: + case WOLFSSL_GEN_URI: name->d.uniformResourceIdentifier = wolfSSL_ASN1_STRING_new(); if (name->d.uniformResourceIdentifier == NULL) ret = MEMORY_E; break; default: - name->type = GEN_IA5; + name->type = WOLFSSL_GEN_IA5; name->d.ia5 = wolfSSL_ASN1_STRING_new(); if (name->d.ia5 == NULL) ret = MEMORY_E; @@ -4842,14 +4842,14 @@ void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a, int type, return; } - if (type != GEN_DNS) { - WOLFSSL_MSG("Only GEN_DNS is supported"); + if (type != WOLFSSL_GEN_DNS) { + WOLFSSL_MSG("Only WOLFSSL_GEN_DNS is supported"); return; } wolfSSL_GENERAL_NAME_type_free(a); a->type = type; - if (type == GEN_DNS) { + if (type == WOLFSSL_GEN_DNS) { a->d.dNSName = val; } } @@ -5454,13 +5454,13 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509) key = wolfSSL_EVP_PKEY_new_ex(x509->heap); if (key != NULL) { if (x509->pubKeyOID == RSAk) { - key->type = EVP_PKEY_RSA; + key->type = WC_EVP_PKEY_RSA; } else if (x509->pubKeyOID == DSAk) { - key->type = EVP_PKEY_DSA; + key->type = WC_EVP_PKEY_DSA; } else { - key->type = EVP_PKEY_EC; + key->type = WC_EVP_PKEY_EC; } key->save_type = 0; key->pkey.ptr = (char*)XMALLOC( @@ -5479,7 +5479,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509) /* decode RSA key */ #ifndef NO_RSA - if (key->type == EVP_PKEY_RSA) { + if (key->type == WC_EVP_PKEY_RSA) { key->ownRsa = 1; key->rsa = wolfSSL_RSA_new(); if (key->rsa == NULL) { @@ -5498,7 +5498,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509) /* decode ECC key */ #if defined(HAVE_ECC) && defined(OPENSSL_EXTRA) - if (key->type == EVP_PKEY_EC) { + if (key->type == WC_EVP_PKEY_EC) { word32 idx = 0; key->ownEcc = 1; @@ -5531,7 +5531,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509) #endif /* HAVE_ECC && OPENSSL_EXTRA */ #ifndef NO_DSA - if (key->type == EVP_PKEY_DSA) { + if (key->type == WC_EVP_PKEY_DSA) { key->ownDsa = 1; key->dsa = wolfSSL_DSA_new(); if (key->dsa == NULL) { @@ -5606,17 +5606,17 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b) if (x509 != NULL) { switch (nid) { - case NID_basic_constraints: isSet = x509->basicConstSet; break; - case NID_subject_alt_name: isSet = x509->subjAltNameSet; break; - case NID_authority_key_identifier: isSet = x509->authKeyIdSet; break; - case NID_subject_key_identifier: isSet = x509->subjKeyIdSet; break; - case NID_key_usage: isSet = x509->keyUsageSet; break; - case NID_crl_distribution_points: isSet = x509->CRLdistSet; break; - case NID_ext_key_usage: isSet = ((x509->extKeyUsageSrc) ? 1 : 0); + case WC_NID_basic_constraints: isSet = x509->basicConstSet; break; + case WC_NID_subject_alt_name: isSet = x509->subjAltNameSet; break; + case WC_NID_authority_key_identifier: isSet = x509->authKeyIdSet; break; + case WC_NID_subject_key_identifier: isSet = x509->subjKeyIdSet; break; + case WC_NID_key_usage: isSet = x509->keyUsageSet; break; + case WC_NID_crl_distribution_points: isSet = x509->CRLdistSet; break; + case WC_NID_ext_key_usage: isSet = ((x509->extKeyUsageSrc) ? 1 : 0); break; - case NID_info_access: isSet = x509->authInfoSet; break; + case WC_NID_info_access: isSet = x509->authInfoSet; break; #if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT) - case NID_certificate_policies: isSet = x509->certPolicySet; break; + case WC_NID_certificate_policies: isSet = x509->certPolicySet; break; #endif /* WOLFSSL_SEP || WOLFSSL_QT */ default: WOLFSSL_MSG("NID not in table"); @@ -5637,15 +5637,15 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b) if (x509 != NULL) { switch (nid) { - case NID_basic_constraints: crit = x509->basicConstCrit; break; - case NID_subject_alt_name: crit = x509->subjAltNameCrit; break; - case NID_authority_key_identifier: crit = x509->authKeyIdCrit; break; - case NID_subject_key_identifier: crit = x509->subjKeyIdCrit; break; - case NID_key_usage: crit = x509->keyUsageCrit; break; - case NID_crl_distribution_points: crit= x509->CRLdistCrit; break; - case NID_ext_key_usage: crit= x509->extKeyUsageCrit; break; + case WC_NID_basic_constraints: crit = x509->basicConstCrit; break; + case WC_NID_subject_alt_name: crit = x509->subjAltNameCrit; break; + case WC_NID_authority_key_identifier: crit = x509->authKeyIdCrit; break; + case WC_NID_subject_key_identifier: crit = x509->subjKeyIdCrit; break; + case WC_NID_key_usage: crit = x509->keyUsageCrit; break; + case WC_NID_crl_distribution_points: crit= x509->CRLdistCrit; break; + case WC_NID_ext_key_usage: crit= x509->extKeyUsageCrit; break; #ifdef WOLFSSL_SEP - case NID_certificate_policies: crit = x509->certPolicyCrit; break; + case WC_NID_certificate_policies: crit = x509->certPolicyCrit; break; #endif /* WOLFSSL_SEP */ } } @@ -6534,11 +6534,11 @@ static int X509PrintExtensions(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent) } nid = wolfSSL_OBJ_obj2nid(obj); switch (nid) { - case NID_subject_alt_name: + case WC_NID_subject_alt_name: ret = X509PrintSubjAltName(bio, x509, indent + 8); break; - case NID_subject_key_identifier: + case WC_NID_subject_key_identifier: if (!x509->subjKeyIdSet || x509->subjKeyId == NULL || x509->subjKeyIdSz == 0) { @@ -6583,7 +6583,7 @@ static int X509PrintExtensions(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent) } break; - case NID_authority_key_identifier: + case WC_NID_authority_key_identifier: if (!x509->authKeyIdSet || x509->authKeyId == NULL || x509->authKeyIdSz == 0) { ret = WOLFSSL_FAILURE; @@ -6632,7 +6632,7 @@ static int X509PrintExtensions(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent) } break; - case NID_basic_constraints: + case WC_NID_basic_constraints: if (!x509->basicConstSet) { ret = WOLFSSL_FAILURE; break; @@ -6653,11 +6653,11 @@ static int X509PrintExtensions(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent) } break; - case NID_key_usage: + case WC_NID_key_usage: ret = X509PrintKeyUsage(bio, x509, indent + 8); break; - case NID_ext_key_usage: + case WC_NID_ext_key_usage: ret = X509PrintExtendedKeyUsage(bio, x509, indent + 8); break; @@ -7423,7 +7423,7 @@ int wolfSSL_X509_print_fp(XFILE fp, WOLFSSL_X509 *x509) return WOLFSSL_FAILURE; } - if (wolfSSL_BIO_set_fp(bio, fp, BIO_NOCLOSE) != WOLFSSL_SUCCESS) { + if (wolfSSL_BIO_set_fp(bio, fp, WOLFSSL_BIO_NOCLOSE) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("wolfSSL_BIO_set_fp error"); wolfSSL_BIO_free(bio); return WOLFSSL_FAILURE; @@ -8013,7 +8013,7 @@ static WOLFSSL_X509* d2i_X509orX509REQ_bio(WOLFSSL_BIO* bio, size = wolfSSL_BIO_get_len(bio); if (size <= 0) { WOLFSSL_MSG("wolfSSL_BIO_get_len error. Possibly no pending data."); - WOLFSSL_ERROR(ASN1_R_HEADER_TOO_LONG); + WOLFSSL_ERROR(WOLFSSL_ASN1_R_HEADER_TOO_LONG_E); return NULL; } @@ -8091,15 +8091,15 @@ static int verifyX509orX509REQ(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey, int r } switch (pkey->type) { - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: type = RSAk; break; - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: type = ECDSAk; break; - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: type = DSAk; break; @@ -9733,8 +9733,8 @@ void wolfSSL_X509_ALGOR_get0(const WOLFSSL_ASN1_OBJECT **paobj, int *pptype, *pptype = algor->parameter->type; } else { - /* Default to V_ASN1_OBJECT */ - *pptype = V_ASN1_OBJECT; + /* Default to WOLFSSL_V_ASN1_OBJECT */ + *pptype = WOLFSSL_V_ASN1_OBJECT; } } } @@ -10006,14 +10006,14 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key) switch (key->type) { #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: pval = NULL; - ptype = V_ASN1_NULL; + ptype = WOLFSSL_V_ASN1_NULL; pk->pubKeyOID = RSAk; break; #endif #ifndef NO_DSA - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: if (!key->dsa->p || !key->dsa->q || !key->dsa->g) goto error; @@ -10030,12 +10030,12 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key) str->isDynamic = 1; pval = str; - ptype = V_ASN1_SEQUENCE; + ptype = WOLFSSL_V_ASN1_SEQUENCE; pk->pubKeyOID = DSAk; break; #endif #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: group = wolfSSL_EC_KEY_get0_group(key->ecc); if (!group) goto error; @@ -10051,7 +10051,7 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key) if (!pval) goto error; - ptype = V_ASN1_OBJECT; + ptype = WOLFSSL_V_ASN1_OBJECT; pk->pubKeyOID = ECDSAk; break; #endif @@ -10062,7 +10062,7 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key) keyTypeObj = wolfSSL_OBJ_nid2obj(key->type); if (keyTypeObj == NULL) { - if (ptype == V_ASN1_OBJECT) + if (ptype == WOLFSSL_V_ASN1_OBJECT) ASN1_OBJECT_free((WOLFSSL_ASN1_OBJECT *)pval); else ASN1_STRING_free((WOLFSSL_ASN1_STRING *)pval); @@ -10071,7 +10071,7 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key) if (!wolfSSL_X509_ALGOR_set0(pk->algor, keyTypeObj, ptype, pval)) { WOLFSSL_MSG("Failed to create algorithm object"); ASN1_OBJECT_free(keyTypeObj); - if (ptype == V_ASN1_OBJECT) + if (ptype == WOLFSSL_V_ASN1_OBJECT) ASN1_OBJECT_free((WOLFSSL_ASN1_OBJECT *)pval); else ASN1_STRING_free((WOLFSSL_ASN1_STRING *)pval); @@ -10347,7 +10347,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref( #if defined(OPENSSL_ALL) idx = wolfSSL_X509_REQ_get_attr_by_NID(req, - NID_pkcs9_unstructuredName, -1); + WC_NID_pkcs9_unstructuredName, -1); if (idx != WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR)) { WOLFSSL_X509_ATTRIBUTE *attr; attr = wolfSSL_X509_REQ_get_attr(req, idx); @@ -10638,7 +10638,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref( return WOLFSSL_FAILURE; } - if (pkey->type == EVP_PKEY_RSA) { + if (pkey->type == WC_EVP_PKEY_RSA) { switch (hashType) { case WC_HASH_TYPE_SHA: sigType = CTC_SHAwRSA; @@ -10673,7 +10673,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref( return WOLFSSL_FAILURE; } } - else if (pkey->type == EVP_PKEY_EC) { + else if (pkey->type == WC_EVP_PKEY_EC) { switch (hashType) { case WC_HASH_TYPE_SHA: sigType = CTC_SHAwECDSA; @@ -11181,13 +11181,13 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref( /* Get the private key object and type from pkey. */ #ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) { + if (pkey->type == WC_EVP_PKEY_RSA) { type = RSA_TYPE; key = pkey->rsa->internal; } #endif #ifdef HAVE_ECC - if (pkey->type == EVP_PKEY_EC) { + if (pkey->type == WC_EVP_PKEY_EC) { type = ECC_TYPE; key = pkey->ecc->internal; } @@ -11326,7 +11326,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref( #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL) || defined(WOLFSSL_WPAS_SMALL) -/* Converts from NID_* value to wolfSSL value if needed. +/* Converts from WC_NID_* value to wolfSSL value if needed. * * @param [in] nid Numeric Id of a domain name component. * @return Domain name tag values - wolfSSL internal values. @@ -11335,28 +11335,28 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref( static int ConvertNIDToWolfSSL(int nid) { switch (nid) { - case NID_commonName : return ASN_COMMON_NAME; + case WC_NID_commonName : return ASN_COMMON_NAME; #ifdef WOLFSSL_CERT_NAME_ALL - case NID_name : return ASN_NAME; - case NID_givenName: return ASN_GIVEN_NAME; - case NID_dnQualifier : return ASN_DNQUALIFIER; - case NID_initials: return ASN_INITIALS; + case WC_NID_name : return ASN_NAME; + case WC_NID_givenName: return ASN_GIVEN_NAME; + case WC_NID_dnQualifier : return ASN_DNQUALIFIER; + case WC_NID_initials: return ASN_INITIALS; #endif /* WOLFSSL_CERT_NAME_ALL */ - case NID_surname : return ASN_SUR_NAME; - case NID_countryName: return ASN_COUNTRY_NAME; - case NID_localityName: return ASN_LOCALITY_NAME; - case NID_stateOrProvinceName: return ASN_STATE_NAME; - case NID_streetAddress: return ASN_STREET_ADDR; - case NID_organizationName: return ASN_ORG_NAME; - case NID_organizationalUnitName: return ASN_ORGUNIT_NAME; - case NID_emailAddress: return ASN_EMAIL_NAME; - case NID_pkcs9_contentType: return ASN_CONTENT_TYPE; - case NID_serialNumber: return ASN_SERIAL_NUMBER; - case NID_userId: return ASN_USER_ID; - case NID_businessCategory: return ASN_BUS_CAT; - case NID_domainComponent: return ASN_DOMAIN_COMPONENT; - case NID_postalCode: return ASN_POSTAL_CODE; - case NID_favouriteDrink: return ASN_FAVOURITE_DRINK; + case WC_NID_surname : return ASN_SUR_NAME; + case WC_NID_countryName: return ASN_COUNTRY_NAME; + case WC_NID_localityName: return ASN_LOCALITY_NAME; + case WC_NID_stateOrProvinceName: return ASN_STATE_NAME; + case WC_NID_streetAddress: return ASN_STREET_ADDR; + case WC_NID_organizationName: return ASN_ORG_NAME; + case WC_NID_organizationalUnitName: return ASN_ORGUNIT_NAME; + case WC_NID_emailAddress: return ASN_EMAIL_NAME; + case WC_NID_pkcs9_contentType: return ASN_CONTENT_TYPE; + case WC_NID_serialNumber: return ASN_SERIAL_NUMBER; + case WC_NID_userId: return ASN_USER_ID; + case WC_NID_businessCategory: return ASN_BUS_CAT; + case WC_NID_domainComponent: return ASN_DOMAIN_COMPONENT; + case WC_NID_postalCode: return ASN_POSTAL_CODE; + case WC_NID_favouriteDrink: return ASN_FAVOURITE_DRINK; default: WOLFSSL_MSG("Attribute NID not found"); return WOLFSSL_FATAL_ERROR; @@ -11555,11 +11555,11 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) type = wolfSSL_ASN1_STRING_type(data); switch (type) { - case MBSTRING_UTF8: + case WOLFSSL_MBSTRING_UTF8: type = CTC_UTF8; break; - case MBSTRING_ASC: - case V_ASN1_PRINTABLESTRING: + case WOLFSSL_MBSTRING_ASC: + case WOLFSSL_V_ASN1_PRINTABLESTRING: type = CTC_PRINTABLE; break; default: @@ -11939,7 +11939,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) err = 1; } } - if (err == 0 && wolfSSL_BIO_set_fp(bio, fp, BIO_CLOSE) + if (err == 0 && wolfSSL_BIO_set_fp(bio, fp, WOLFSSL_BIO_CLOSE) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("Failed to set BIO file pointer."); err = 1; @@ -12127,7 +12127,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) if (bio == NULL) return 0; - if (wolfSSL_BIO_set_fp(bio, fp, BIO_NOCLOSE) != WOLFSSL_SUCCESS) { + if (wolfSSL_BIO_set_fp(bio, fp, WOLFSSL_BIO_NOCLOSE) != WOLFSSL_SUCCESS) { wolfSSL_BIO_free(bio); bio = NULL; } @@ -12373,7 +12373,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) XFILE fp, WOLF_STACK_OF(WOLFSSL_X509_INFO)* sk, pem_password_cb* cb, void* u) { - WOLFSSL_BIO* fileBio = wolfSSL_BIO_new_fp(fp, BIO_NOCLOSE); + WOLFSSL_BIO* fileBio = wolfSSL_BIO_new_fp(fp, WOLFSSL_BIO_NOCLOSE); WOLF_STACK_OF(WOLFSSL_X509_INFO)* ret = NULL; WOLFSSL_ENTER("wolfSSL_PEM_X509_INFO_read"); @@ -12579,7 +12579,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) } nid = wolfSSL_OBJ_txt2nid(txt); - if (nid == NID_undef) { + if (nid == WC_NID_undef) { WOLFSSL_MSG("Unable to find text"); ne = NULL; } @@ -12856,7 +12856,7 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_X509_NAME_ENTRY_get_object( if (name == NULL || field == NULL) return WOLFSSL_FAILURE; - if ((nid = wolfSSL_OBJ_txt2nid(field)) == NID_undef) { + if ((nid = wolfSSL_OBJ_txt2nid(field)) == WC_NID_undef) { WOLFSSL_MSG("Unable convert text to NID"); return WOLFSSL_FAILURE; } @@ -13196,7 +13196,7 @@ int wolfSSL_sk_X509_NAME_num(const WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk) * returns a pointer to a WOLFSSL_X509_NAME structure on success and NULL on * fail */ -WOLFSSL_X509_NAME* wolfSSL_sk_X509_NAME_value(const STACK_OF(WOLFSSL_X509_NAME)* sk, +WOLFSSL_X509_NAME* wolfSSL_sk_X509_NAME_value(const WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, int i) { WOLFSSL_ENTER("wolfSSL_sk_X509_NAME_value"); @@ -13506,79 +13506,79 @@ static int get_dn_attr_by_nid(int n, const char** buf) switch(n) { - case NID_commonName : + case WC_NID_commonName : str = "CN"; len = 2; break; - case NID_countryName: + case WC_NID_countryName: str = "C"; len = 1; break; - case NID_localityName: + case WC_NID_localityName: str = "L"; len = 1; break; - case NID_stateOrProvinceName: + case WC_NID_stateOrProvinceName: str = "ST"; len = 2; break; - case NID_streetAddress: + case WC_NID_streetAddress: str = "street"; len = 6; break; - case NID_organizationName: + case WC_NID_organizationName: str = "O"; len = 1; break; - case NID_organizationalUnitName: + case WC_NID_organizationalUnitName: str = "OU"; len = 2; break; - case NID_postalCode: + case WC_NID_postalCode: str = "postalCode"; len = 10; break; - case NID_emailAddress: + case WC_NID_emailAddress: str = "emailAddress"; len = 12; break; - case NID_surname: + case WC_NID_surname: str = "SN"; len = 2; break; - case NID_givenName: + case WC_NID_givenName: str = "GN"; len = 2; break; - case NID_dnQualifier: + case WC_NID_dnQualifier: str = "dnQualifier"; len = 11; break; - case NID_name: + case WC_NID_name: str = "name"; len = 4; break; - case NID_initials: + case WC_NID_initials: str = "initials"; len = 8; break; - case NID_domainComponent: + case WC_NID_domainComponent: str = "DC"; len = 2; break; - case NID_pkcs9_contentType: + case WC_NID_pkcs9_contentType: str = "contentType"; len = 11; break; - case NID_userId: + case WC_NID_userId: str = "UID"; len = 3; break; - case NID_serialNumber: + case WC_NID_serialNumber: str = "serialNumber"; len = 12; break; - case NID_title: + case WC_NID_title: str = "title"; len = 5; break; @@ -13684,7 +13684,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, return WOLFSSL_FAILURE; XMEMSET(eqStr, 0, sizeof(eqStr)); - if (flags & XN_FLAG_SPC_EQ) { + if (flags & WOLFSSL_XN_FLAG_SPC_EQ) { eqSpace = 2; XSTRNCPY(eqStr, " = ", 4); } @@ -13704,7 +13704,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, int tmpSz; /* reverse name order for RFC2253 and DN_REV */ - if ((flags & XN_FLAG_RFC2253) || (flags & XN_FLAG_DN_REV)) { + if ((flags & WOLFSSL_XN_FLAG_RFC2253) || (flags & WOLFSSL_XN_FLAG_DN_REV)) { ne = wolfSSL_X509_NAME_get_entry(name, count - i - 1); } else { ne = wolfSSL_X509_NAME_get_entry(name, i); @@ -13716,7 +13716,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, if (str == NULL) return WOLFSSL_FAILURE; - if (flags & XN_FLAG_RFC2253) { + if (flags & WOLFSSL_XN_FLAG_RFC2253) { /* escape string for RFC 2253, ret sz not counting null term */ escapeSz = wolfSSL_EscapeString_RFC2253(str->data, str->length, escaped, sizeof(escaped)); @@ -13789,7 +13789,7 @@ int wolfSSL_X509_NAME_print_ex_fp(XFILE file, WOLFSSL_X509_NAME* name, WOLFSSL_ENTER("wolfSSL_X509_NAME_print_ex_fp"); - if (!(bio = wolfSSL_BIO_new_fp(file, BIO_NOCLOSE))) { + if (!(bio = wolfSSL_BIO_new_fp(file, WOLFSSL_BIO_NOCLOSE))) { WOLFSSL_MSG("wolfSSL_BIO_new_fp error"); return WOLFSSL_FAILURE; } @@ -13926,14 +13926,14 @@ int wolfSSL_X509_get_ex_new_index(int idx, void *arg, { WOLFSSL_ENTER("wolfSSL_X509_get_ex_new_index"); - return wolfssl_get_ex_new_index(CRYPTO_EX_INDEX_X509, idx, arg, + return wolfssl_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509, idx, arg, new_func, dup_func, free_func); } #endif #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ defined(WOLFSSL_WPAS_SMALL) -void *wolfSSL_X509_get_ex_data(X509 *x509, int idx) +void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx) { WOLFSSL_ENTER("wolfSSL_X509_get_ex_data"); #ifdef HAVE_EX_DATA @@ -13947,7 +13947,7 @@ void *wolfSSL_X509_get_ex_data(X509 *x509, int idx) return NULL; } -int wolfSSL_X509_set_ex_data(X509 *x509, int idx, void *data) +int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx, void *data) { WOLFSSL_ENTER("wolfSSL_X509_set_ex_data"); #ifdef HAVE_EX_DATA @@ -13965,7 +13965,7 @@ int wolfSSL_X509_set_ex_data(X509 *x509, int idx, void *data) #ifdef HAVE_EX_DATA_CLEANUP_HOOKS int wolfSSL_X509_set_ex_data_with_cleanup( - X509 *x509, + WOLFSSL_X509 *x509, int idx, void *data, wolfSSL_ex_data_cleanup_routine_t cleanup_routine) @@ -14147,7 +14147,7 @@ int wolfSSL_X509_check_email(WOLFSSL_X509 *x, const char *chk, size_t chkLen, return WOLFSSL_FAILURE; /* Call with NULL buffer to get required length. */ - emailLen = wolfSSL_X509_NAME_get_text_by_NID(subjName, NID_emailAddress, + emailLen = wolfSSL_X509_NAME_get_text_by_NID(subjName, WC_NID_emailAddress, NULL, 0); if (emailLen < 0) return WOLFSSL_FAILURE; @@ -14158,7 +14158,7 @@ int wolfSSL_X509_check_email(WOLFSSL_X509 *x, const char *chk, size_t chkLen, if (emailBuf == NULL) return WOLFSSL_FAILURE; - emailLen = wolfSSL_X509_NAME_get_text_by_NID(subjName, NID_emailAddress, + emailLen = wolfSSL_X509_NAME_get_text_by_NID(subjName, WC_NID_emailAddress, emailBuf, emailLen); if (emailLen < 0) { XFREE(emailBuf, x->heap, DYNAMIC_TYPE_OPENSSL); @@ -14633,7 +14633,7 @@ int wolfSSL_X509_set_pubkey(WOLFSSL_X509 *cert, WOLFSSL_EVP_PKEY *pkey) /* Regenerate since pkey->pkey.ptr may contain private key */ switch (pkey->type) { #if (defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)) && !defined(NO_RSA) - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: { RsaKey* rsa; @@ -14659,7 +14659,7 @@ int wolfSSL_X509_set_pubkey(WOLFSSL_X509 *cert, WOLFSSL_EVP_PKEY *pkey) #endif /* (WOLFSSL_KEY_GEN || OPENSSL_EXTRA) && !NO_RSA */ #if !defined(HAVE_SELFTEST) && (defined(WOLFSSL_KEY_GEN) || \ defined(WOLFSSL_CERT_GEN)) && !defined(NO_DSA) - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: { DsaKey* dsa; @@ -14682,7 +14682,7 @@ int wolfSSL_X509_set_pubkey(WOLFSSL_X509 *cert, WOLFSSL_EVP_PKEY *pkey) break; #endif /* !HAVE_SELFTEST && (WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN) && !NO_DSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: { ecc_key* ecc; @@ -15041,13 +15041,13 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req, WOLFSSL_ENTER("wolfSSL_X509_REQ_add1_attr_by_NID"); - if (!req || !bytes || type != MBSTRING_ASC) { + if (!req || !bytes || type != WOLFSSL_MBSTRING_ASC) { WOLFSSL_MSG("Bad parameter"); return WOLFSSL_FAILURE; } switch (nid) { - case NID_pkcs9_challengePassword: + case WC_NID_pkcs9_challengePassword: if (len < 0) len = (int)XSTRLEN((char*)bytes); if (len < CTC_NAME_SIZE) { @@ -15060,7 +15060,7 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req, return WOLFSSL_FAILURE; } break; - case NID_serialNumber: + case WC_NID_serialNumber: if (len < 0) len = (int)XSTRLEN((char*)bytes); if (len + 1 > EXTERNAL_SERIAL_SIZE) { @@ -15072,12 +15072,12 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req, req->serialSz = len; break; - case NID_pkcs9_unstructuredName: - case NID_pkcs9_contentType: - case NID_surname: - case NID_initials: - case NID_givenName: - case NID_dnQualifier: + case WC_NID_pkcs9_unstructuredName: + case WC_NID_pkcs9_contentType: + case WC_NID_surname: + case WC_NID_initials: + case WC_NID_givenName: + case WC_NID_dnQualifier: break; default: @@ -15087,7 +15087,7 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req, attr = wolfSSL_X509_ATTRIBUTE_new(); ret = wolfSSL_X509_ATTRIBUTE_set(attr, (const char*)bytes, len, - V_ASN1_PRINTABLESTRING, nid); + WOLFSSL_V_ASN1_PRINTABLESTRING, nid); if (ret != WOLFSSL_SUCCESS) { wolfSSL_X509_ATTRIBUTE_free(attr); } @@ -15512,15 +15512,15 @@ int wolfSSL_X509_ACERT_verify(WOLFSSL_X509_ACERT* x509, WOLFSSL_EVP_PKEY* pkey) } switch (pkey->type) { - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: pkey_type = RSAk; break; - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: pkey_type = ECDSAk; break; - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: pkey_type = DSAk; break; diff --git a/src/x509_str.c b/src/x509_str.c index c3d33b85fb..78ba945947 100644 --- a/src/x509_str.c +++ b/src/x509_str.c @@ -221,11 +221,11 @@ int GetX509Error(int e) /* We can't disambiguate if its the before or after date that caused * the error. Assume expired. */ case WC_NO_ERR_TRACE(CRL_CERT_DATE_ERR): - return X509_V_ERR_CRL_HAS_EXPIRED; + return WOLFSSL_X509_V_ERR_CRL_HAS_EXPIRED; case WC_NO_ERR_TRACE(CRL_CERT_REVOKED): return WOLFSSL_X509_V_ERR_CERT_REVOKED; case WC_NO_ERR_TRACE(CRL_MISSING): - return X509_V_ERR_UNABLE_TO_GET_CRL; + return WOLFSSL_X509_V_ERR_UNABLE_TO_GET_CRL; case 0: case 1: return 0; diff --git a/tests/api.c b/tests/api.c index b18aaeb849..74bb2c4040 100644 --- a/tests/api.c +++ b/tests/api.c @@ -29,12 +29,7 @@ | Includes *----------------------------------------------------------------------------*/ -#ifdef HAVE_CONFIG_H - #include -#endif - -#include -#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */ +#include #include #include @@ -60,7 +55,6 @@ #include #include -#include #include /* for testing compatibility layer callbacks */ diff --git a/tests/hash.c b/tests/hash.c index 1ebbc61998..75c8011aae 100644 --- a/tests/hash.c +++ b/tests/hash.c @@ -20,11 +20,7 @@ */ -#ifdef HAVE_CONFIG_H - #include -#endif - -#include +#include #include @@ -36,8 +32,6 @@ #include #include -#include - typedef struct testVector { const char* input; const char* output; diff --git a/tests/suites.c b/tests/suites.c index 7328789f46..52a9a23c64 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -20,11 +20,7 @@ */ -#ifdef HAVE_CONFIG_H - #include -#endif - -#include +#include #ifdef NO_INLINE #include @@ -37,7 +33,7 @@ #include #include #include -#include + #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) \ && (defined(NO_MAIN_DRIVER) || defined(HAVE_STACK_SIZE)) #include diff --git a/tests/unit.c b/tests/unit.c index 870be9875c..2028768d5b 100644 --- a/tests/unit.c +++ b/tests/unit.c @@ -22,15 +22,11 @@ /* Name change compatibility layer no longer need to be included here */ -#ifdef HAVE_CONFIG_H - #include -#endif +#include -#include #include #include -#include #include diff --git a/tests/unit.h b/tests/unit.h index 87e80ce847..e93ef60374 100644 --- a/tests/unit.h +++ b/tests/unit.h @@ -23,6 +23,19 @@ #ifndef TESTS_UNIT_H #define TESTS_UNIT_H +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#ifndef WOLFSSL_USER_SETTINGS + #include +#endif + +#undef TEST_OPENSSL_COEXIST /* can't use this option with unit tests */ +#undef OPENSSL_COEXIST /* can't use this option with unit tests */ + #include #include /* thread and tcp stuff */ diff --git a/tests/w64wrapper.c b/tests/w64wrapper.c index ffaa57cad8..caf50f0011 100644 --- a/tests/w64wrapper.c +++ b/tests/w64wrapper.c @@ -18,11 +18,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ -#ifdef HAVE_CONFIG_H - #include -#endif -#include #include #ifdef WOLFSSL_W64_WRAPPER diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index 3e0986e155..186a4f9e50 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -25,6 +25,13 @@ #endif #include +#ifndef WOLFSSL_USER_SETTINGS + #include +#endif + +#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */ +#undef OPENSSL_COEXIST /* can't use this option with this example */ + #include #include diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 7b54d51dab..537bf5ef8d 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -5549,7 +5549,7 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz) #ifdef WOLFSSL_APACHE_HTTPD case oidCertNameType: switch (id) { - case NID_id_on_dnsSRV: + case WC_NID_id_on_dnsSRV: oid = dnsSRVOid; *oidSz = sizeof(dnsSRVOid); break; @@ -13102,7 +13102,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_commonName + WC_NID_commonName #endif }, /* Surname */ @@ -13119,7 +13119,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_surname + WC_NID_surname #endif }, /* Serial Number */ @@ -13136,7 +13136,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_serialNumber + WC_NID_serialNumber #endif }, /* Country Name */ @@ -13153,7 +13153,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_countryName + WC_NID_countryName #endif }, /* Locality Name */ @@ -13170,7 +13170,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_localityName + WC_NID_localityName #endif }, /* State Name */ @@ -13187,7 +13187,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_stateOrProvinceName + WC_NID_stateOrProvinceName #endif }, /* Street Address */ @@ -13204,7 +13204,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_streetAddress + WC_NID_streetAddress #endif }, /* Organization Name */ @@ -13221,7 +13221,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_organizationName + WC_NID_organizationName #endif }, /* Organization Unit Name */ @@ -13238,7 +13238,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_organizationalUnitName + WC_NID_organizationalUnitName #endif }, /* Title */ @@ -13306,7 +13306,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_businessCategory + WC_NID_businessCategory #endif }, /* Undefined */ @@ -13340,7 +13340,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_postalCode + WC_NID_postalCode #endif }, /* User Id */ @@ -13357,7 +13357,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_userId + WC_NID_userId #endif }, #ifdef WOLFSSL_CERT_NAME_ALL @@ -13375,7 +13375,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_name + WC_NID_name #endif }, /* Given Name, id 42 */ @@ -13392,7 +13392,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_givenName + WC_NID_givenName #endif }, /* initials, id 43 */ @@ -13409,7 +13409,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_initials + WC_NID_initials #endif }, /* DN Qualifier Name, id 46 */ @@ -13426,7 +13426,7 @@ static const CertNameData certNameSubject[] = { #endif #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE - NID_dnQualifier + WC_NID_dnQualifier #endif }, #endif /* WOLFSSL_CERT_NAME_ALL */ @@ -13863,7 +13863,7 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid, typeStr = WOLFSSL_EMAIL_ADDR; typeStrLen = sizeof(WOLFSSL_EMAIL_ADDR) - 1; #ifdef WOLFSSL_X509_NAME_AVAILABLE - *nid = NID_emailAddress; + *nid = WC_NID_emailAddress; #endif } else if (oidSz == sizeof(uidOid) && XMEMCMP(oid, uidOid, oidSz) == 0) { @@ -13872,7 +13872,7 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid, typeStr = WOLFSSL_USER_ID; typeStrLen = sizeof(WOLFSSL_USER_ID) - 1; #ifdef WOLFSSL_X509_NAME_AVAILABLE - *nid = NID_userId; + *nid = WC_NID_userId; #endif } else if (oidSz == sizeof(dcOid) && XMEMCMP(oid, dcOid, oidSz) == 0) { @@ -13881,7 +13881,7 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid, typeStr = WOLFSSL_DOMAIN_COMPONENT; typeStrLen = sizeof(WOLFSSL_DOMAIN_COMPONENT) - 1; #ifdef WOLFSSL_X509_NAME_AVAILABLE - *nid = NID_domainComponent; + *nid = WC_NID_domainComponent; #endif } else if (oidSz == sizeof(fvrtDrk) && XMEMCMP(oid, fvrtDrk, oidSz) == 0) { @@ -13890,7 +13890,7 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid, typeStr = WOLFSSL_FAVOURITE_DRINK; typeStrLen = sizeof(WOLFSSL_FAVOURITE_DRINK) - 1; #ifdef WOLFSSL_X509_NAME_AVAILABLE - *nid = NID_favouriteDrink; + *nid = WC_NID_favouriteDrink; #endif } #ifdef WOLFSSL_CERT_REQ @@ -13901,7 +13901,7 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid, typeStr = WOLFSSL_CONTENT_TYPE; typeStrLen = sizeof(WOLFSSL_CONTENT_TYPE) - 1; #ifdef WOLFSSL_X509_NAME_AVAILABLE - *nid = NID_pkcs9_contentType; + *nid = WC_NID_pkcs9_contentType; #endif } #endif @@ -13921,14 +13921,14 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid, typeStr = WOLFSSL_JOI_C; typeStrLen = sizeof(WOLFSSL_JOI_C) - 1; #ifdef WOLFSSL_X509_NAME_AVAILABLE - *nid = NID_jurisdictionCountryName; + *nid = WC_NID_jurisdictionCountryName; #endif /* WOLFSSL_X509_NAME_AVAILABLE */ } else if (oid[ASN_JOI_PREFIX_SZ] == ASN_JOI_ST) { typeStr = WOLFSSL_JOI_ST; typeStrLen = sizeof(WOLFSSL_JOI_ST) - 1; #ifdef WOLFSSL_X509_NAME_AVAILABLE - *nid = NID_jurisdictionStateOrProvinceName; + *nid = WC_NID_jurisdictionStateOrProvinceName; #endif /* WOLFSSL_X509_NAME_AVAILABLE */ } else { @@ -14063,7 +14063,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, byte id = 0; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - int nid = NID_undef; + int nid = WC_NID_undef; int enc; #endif /* OPENSSL_EXTRA */ @@ -14146,7 +14146,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, copyLen = sizeof(WOLFSSL_COMMON_NAME) - 1; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_commonName; + nid = WC_NID_commonName; #endif /* OPENSSL_EXTRA */ } #ifdef WOLFSSL_CERT_NAME_ALL @@ -14163,7 +14163,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_name; + nid = WC_NID_name; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_INITIALS) { @@ -14179,7 +14179,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_initials; + nid = WC_NID_initials; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_GIVEN_NAME) { @@ -14195,7 +14195,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_givenName; + nid = WC_NID_givenName; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_DNQUALIFIER) { @@ -14211,7 +14211,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_dnQualifier; + nid = WC_NID_dnQualifier; #endif /* OPENSSL_EXTRA */ } #endif /* WOLFSSL_CERT_NAME_ALL */ @@ -14235,7 +14235,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_surname; + nid = WC_NID_surname; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_COUNTRY_NAME) { @@ -14258,7 +14258,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_countryName; + nid = WC_NID_countryName; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_LOCALITY_NAME) { @@ -14281,7 +14281,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_localityName; + nid = WC_NID_localityName; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_STATE_NAME) { @@ -14304,7 +14304,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_stateOrProvinceName; + nid = WC_NID_stateOrProvinceName; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_ORG_NAME) { @@ -14327,7 +14327,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_organizationName; + nid = WC_NID_organizationName; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_ORGUNIT_NAME) { @@ -14350,7 +14350,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_organizationalUnitName; + nid = WC_NID_organizationalUnitName; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_SERIAL_NUMBER) { @@ -14373,7 +14373,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_serialNumber; + nid = WC_NID_serialNumber; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_USER_ID) { @@ -14389,7 +14389,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_userId; + nid = WC_NID_userId; #endif /* OPENSSL_EXTRA */ } #ifdef WOLFSSL_CERT_EXT @@ -14406,7 +14406,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_streetAddress; + nid = WC_NID_streetAddress; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_BUS_CAT) { @@ -14421,7 +14421,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */ #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_businessCategory; + nid = WC_NID_businessCategory; #endif /* OPENSSL_EXTRA */ } else if (id == ASN_POSTAL_CODE) { @@ -14437,7 +14437,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_postalCode; + nid = WC_NID_postalCode; #endif /* OPENSSL_EXTRA */ } #endif /* WOLFSSL_CERT_EXT */ @@ -14476,7 +14476,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_jurisdictionCountryName; + nid = WC_NID_jurisdictionCountryName; #endif /* OPENSSL_EXTRA */ } @@ -14494,7 +14494,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_jurisdictionStateOrProvinceName; + nid = WC_NID_jurisdictionStateOrProvinceName; #endif /* OPENSSL_EXTRA */ } @@ -14564,7 +14564,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_emailAddress; + nid = WC_NID_emailAddress; #endif /* OPENSSL_EXTRA */ } @@ -14576,7 +14576,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_userId; + nid = WC_NID_userId; #endif /* OPENSSL_EXTRA */ break; case ASN_DOMAIN_COMPONENT: @@ -14585,7 +14585,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_domainComponent; + nid = WC_NID_domainComponent; #endif /* OPENSSL_EXTRA */ break; case ASN_FAVOURITE_DRINK: @@ -14594,7 +14594,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_favouriteDrink; + nid = WC_NID_favouriteDrink; #endif /* OPENSSL_EXTRA */ break; case ASN_CONTENT_TYPE: @@ -14603,7 +14603,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #if (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) \ && !defined(WOLFCRYPT_ONLY) - nid = NID_pkcs9_contentType; + nid = WC_NID_pkcs9_contentType; #endif /* OPENSSL_EXTRA */ break; default: @@ -14632,17 +14632,17 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, !defined(WOLFCRYPT_ONLY) switch (b) { case CTC_UTF8: - enc = MBSTRING_UTF8; + enc = WOLFSSL_MBSTRING_UTF8; break; case CTC_PRINTABLE: - enc = V_ASN1_PRINTABLESTRING; + enc = WOLFSSL_V_ASN1_PRINTABLESTRING; break; default: WOLFSSL_MSG("Unknown encoding type, using UTF8 by default"); - enc = MBSTRING_UTF8; + enc = WOLFSSL_MBSTRING_UTF8; } - if (nid != NID_undef) { + if (nid != WC_NID_undef) { if (wolfSSL_X509_NAME_add_entry_by_NID(dName, nid, enc, &input[srcIdx], strLen, -1, -1) != WOLFSSL_SUCCESS) { @@ -14772,14 +14772,14 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, /* Convert BER tag to a OpenSSL type. */ switch (tag) { case CTC_UTF8: - enc = MBSTRING_UTF8; + enc = WOLFSSL_MBSTRING_UTF8; break; case CTC_PRINTABLE: - enc = V_ASN1_PRINTABLESTRING; + enc = WOLFSSL_V_ASN1_PRINTABLESTRING; break; default: WOLFSSL_MSG("Unknown encoding type, default UTF8"); - enc = MBSTRING_UTF8; + enc = WOLFSSL_MBSTRING_UTF8; } if (nid != 0) { /* Add an entry to the X509_NAME. */ @@ -25817,14 +25817,14 @@ int PemToDer(const unsigned char* buff, long longSz, int type, } #ifdef OPENSSL_EXTRA if (ret) { - PEMerr(0, PEM_R_BAD_DECRYPT); + WOLFSSL_PEMerr(0, WOLFSSL_PEM_R_BAD_DECRYPT_E); } #endif ForceZero(password, (word32)passwordSz); } #ifdef OPENSSL_EXTRA else { - PEMerr(0, PEM_R_BAD_PASSWORD_READ); + WOLFSSL_PEMerr(0, WOLFSSL_PEM_R_BAD_PASSWORD_READ_E); } #endif diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 808aa0461d..87e8e57d9f 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -41,7 +41,6 @@ #include #endif - #include #include #include @@ -53,67 +52,67 @@ static const struct s_ent { const char *name; } md_tbl[] = { #ifndef NO_MD4 - {WC_HASH_TYPE_MD4, NID_md4, "MD4"}, + {WC_HASH_TYPE_MD4, WC_NID_md4, "MD4"}, #endif /* NO_MD4 */ #ifndef NO_MD5 - {WC_HASH_TYPE_MD5, NID_md5, "MD5"}, + {WC_HASH_TYPE_MD5, WC_NID_md5, "MD5"}, #endif /* NO_MD5 */ #ifndef NO_SHA - {WC_HASH_TYPE_SHA, NID_sha1, "SHA1"}, - {WC_HASH_TYPE_SHA, NID_sha1, "SHA"}, /* Leave for backwards compatibility */ + {WC_HASH_TYPE_SHA, WC_NID_sha1, "SHA1"}, + {WC_HASH_TYPE_SHA, WC_NID_sha1, "SHA"}, /* Leave for backwards compatibility */ #endif /* NO_SHA */ #ifdef WOLFSSL_SHA224 - {WC_HASH_TYPE_SHA224, NID_sha224, "SHA224"}, + {WC_HASH_TYPE_SHA224, WC_NID_sha224, "SHA224"}, #endif /* WOLFSSL_SHA224 */ #ifndef NO_SHA256 - {WC_HASH_TYPE_SHA256, NID_sha256, "SHA256"}, + {WC_HASH_TYPE_SHA256, WC_NID_sha256, "SHA256"}, #endif #ifdef WOLFSSL_SHA384 - {WC_HASH_TYPE_SHA384, NID_sha384, "SHA384"}, + {WC_HASH_TYPE_SHA384, WC_NID_sha384, "SHA384"}, #endif /* WOLFSSL_SHA384 */ #ifdef WOLFSSL_SHA512 - {WC_HASH_TYPE_SHA512, NID_sha512, "SHA512"}, + {WC_HASH_TYPE_SHA512, WC_NID_sha512, "SHA512"}, #endif /* WOLFSSL_SHA512 */ #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) - {WC_HASH_TYPE_SHA512_224, NID_sha512_224, "SHA512_224"}, + {WC_HASH_TYPE_SHA512_224, WC_NID_sha512_224, "SHA512_224"}, #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) - {WC_HASH_TYPE_SHA512_256, NID_sha512_256, "SHA512_256"}, + {WC_HASH_TYPE_SHA512_256, WC_NID_sha512_256, "SHA512_256"}, #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */ #ifndef WOLFSSL_NOSHA3_224 - {WC_HASH_TYPE_SHA3_224, NID_sha3_224, "SHA3_224"}, + {WC_HASH_TYPE_SHA3_224, WC_NID_sha3_224, "SHA3_224"}, #endif #ifndef WOLFSSL_NOSHA3_256 - {WC_HASH_TYPE_SHA3_256, NID_sha3_256, "SHA3_256"}, + {WC_HASH_TYPE_SHA3_256, WC_NID_sha3_256, "SHA3_256"}, #endif #ifndef WOLFSSL_NOSHA3_384 - {WC_HASH_TYPE_SHA3_384, NID_sha3_384, "SHA3_384"}, + {WC_HASH_TYPE_SHA3_384, WC_NID_sha3_384, "SHA3_384"}, #endif #ifndef WOLFSSL_NOSHA3_512 - {WC_HASH_TYPE_SHA3_512, NID_sha3_512, "SHA3_512"}, + {WC_HASH_TYPE_SHA3_512, WC_NID_sha3_512, "SHA3_512"}, #endif #ifdef WOLFSSL_SM3 - {WC_HASH_TYPE_SM3, NID_sm3, "SM3"}, + {WC_HASH_TYPE_SM3, WC_NID_sm3, "SM3"}, #endif /* WOLFSSL_SHA512 */ #ifdef HAVE_BLAKE2 - {WC_HASH_TYPE_BLAKE2B, NID_blake2b512, "BLAKE2B512"}, + {WC_HASH_TYPE_BLAKE2B, WC_NID_blake2b512, "BLAKE2B512"}, #endif #ifdef HAVE_BLAKE2S - {WC_HASH_TYPE_BLAKE2S, NID_blake2s256, "BLAKE2S256"}, + {WC_HASH_TYPE_BLAKE2S, WC_NID_blake2s256, "BLAKE2S256"}, #endif #ifdef WOLFSSL_SHAKE128 - {WC_HASH_TYPE_SHAKE128, NID_shake128, "SHAKE128"}, + {WC_HASH_TYPE_SHAKE128, WC_NID_shake128, "SHAKE128"}, #endif #ifdef WOLFSSL_SHAKE256 - {WC_HASH_TYPE_SHAKE256, NID_shake256, "SHAKE256"}, + {WC_HASH_TYPE_SHAKE256, WC_NID_shake256, "SHAKE256"}, #endif {WC_HASH_TYPE_NONE, 0, NULL} }; @@ -287,21 +286,21 @@ static const struct pkey_type_name_ent { int type; const char *name; } pkey_type_names[] = { - { EVP_PKEY_RSA, "RSA" }, - { EVP_PKEY_EC, "EC" }, - { EVP_PKEY_DH, "DH" }, - { EVP_PKEY_DSA, "DSA" } + { WC_EVP_PKEY_RSA, "RSA" }, + { WC_EVP_PKEY_EC, "EC" }, + { WC_EVP_PKEY_DH, "DH" }, + { WC_EVP_PKEY_DSA, "DSA" } }; static int pkey_type_by_name(const char *name) { unsigned int i; if (name == NULL) - return EVP_PKEY_NONE; + return WC_EVP_PKEY_NONE; for (i = 0; i < XELEM_CNT(pkey_type_names); ++i) { if (XSTRCMP(name, pkey_type_names[i].name) == 0) return pkey_type_names[i].type; } - return EVP_PKEY_NONE; + return WC_EVP_PKEY_NONE; } int wolfSSL_EVP_PKEY_is_a(const WOLFSSL_EVP_PKEY *pkey, const char *name) { @@ -311,7 +310,7 @@ int wolfSSL_EVP_PKEY_is_a(const WOLFSSL_EVP_PKEY *pkey, const char *name) { return WOLFSSL_FAILURE; type = pkey_type_by_name(name); - if (type == EVP_PKEY_NONE) + if (type == WC_EVP_PKEY_NONE) return WOLFSSL_FAILURE; return (pkey->type == type) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; @@ -319,8 +318,8 @@ int wolfSSL_EVP_PKEY_is_a(const WOLFSSL_EVP_PKEY *pkey, const char *name) { #define EVP_CIPHER_TYPE_MATCHES(x, y) (XSTRCMP(x,y) == 0) -#define EVP_PKEY_PRINT_LINE_WIDTH_MAX 80 -#define EVP_PKEY_PRINT_DIGITS_PER_LINE 15 +#define WOLFSSL_EVP_PKEY_PRINT_LINE_WIDTH_MAX 80 +#define WOLFSSL_EVP_PKEY_PRINT_DIGITS_PER_LINE 15 static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher); @@ -346,81 +345,81 @@ int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c) switch (cipherType(c)) { #if !defined(NO_AES) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) - case AES_128_CBC_TYPE: return 16; - case AES_192_CBC_TYPE: return 24; - case AES_256_CBC_TYPE: return 32; + case WC_AES_128_CBC_TYPE: return 16; + case WC_AES_192_CBC_TYPE: return 24; + case WC_AES_256_CBC_TYPE: return 32; #endif #if defined(WOLFSSL_AES_CFB) - case AES_128_CFB1_TYPE: return 16; - case AES_192_CFB1_TYPE: return 24; - case AES_256_CFB1_TYPE: return 32; - case AES_128_CFB8_TYPE: return 16; - case AES_192_CFB8_TYPE: return 24; - case AES_256_CFB8_TYPE: return 32; - case AES_128_CFB128_TYPE: return 16; - case AES_192_CFB128_TYPE: return 24; - case AES_256_CFB128_TYPE: return 32; + case WC_AES_128_CFB1_TYPE: return 16; + case WC_AES_192_CFB1_TYPE: return 24; + case WC_AES_256_CFB1_TYPE: return 32; + case WC_AES_128_CFB8_TYPE: return 16; + case WC_AES_192_CFB8_TYPE: return 24; + case WC_AES_256_CFB8_TYPE: return 32; + case WC_AES_128_CFB128_TYPE: return 16; + case WC_AES_192_CFB128_TYPE: return 24; + case WC_AES_256_CFB128_TYPE: return 32; #endif #if defined(WOLFSSL_AES_OFB) - case AES_128_OFB_TYPE: return 16; - case AES_192_OFB_TYPE: return 24; - case AES_256_OFB_TYPE: return 32; + case WC_AES_128_OFB_TYPE: return 16; + case WC_AES_192_OFB_TYPE: return 24; + case WC_AES_256_OFB_TYPE: return 32; #endif #if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) /* Two keys for XTS. */ - case AES_128_XTS_TYPE: return 16 * 2; - case AES_256_XTS_TYPE: return 32 * 2; + case WC_AES_128_XTS_TYPE: return 16 * 2; + case WC_AES_256_XTS_TYPE: return 32 * 2; #endif #if defined(HAVE_AESGCM) - case AES_128_GCM_TYPE: return 16; - case AES_192_GCM_TYPE: return 24; - case AES_256_GCM_TYPE: return 32; + case WC_AES_128_GCM_TYPE: return 16; + case WC_AES_192_GCM_TYPE: return 24; + case WC_AES_256_GCM_TYPE: return 32; #endif #if defined(HAVE_AESCCM) - case AES_128_CCM_TYPE: return 16; - case AES_192_CCM_TYPE: return 24; - case AES_256_CCM_TYPE: return 32; + case WC_AES_128_CCM_TYPE: return 16; + case WC_AES_192_CCM_TYPE: return 24; + case WC_AES_256_CCM_TYPE: return 32; #endif #if defined(WOLFSSL_AES_COUNTER) - case AES_128_CTR_TYPE: return 16; - case AES_192_CTR_TYPE: return 24; - case AES_256_CTR_TYPE: return 32; + case WC_AES_128_CTR_TYPE: return 16; + case WC_AES_192_CTR_TYPE: return 24; + case WC_AES_256_CTR_TYPE: return 32; #endif #if defined(HAVE_AES_ECB) - case AES_128_ECB_TYPE: return 16; - case AES_192_ECB_TYPE: return 24; - case AES_256_ECB_TYPE: return 32; + case WC_AES_128_ECB_TYPE: return 16; + case WC_AES_192_ECB_TYPE: return 24; + case WC_AES_256_ECB_TYPE: return 32; #endif #endif /* !NO_AES */ #ifndef NO_DES3 - case DES_CBC_TYPE: return 8; - case DES_EDE3_CBC_TYPE: return 24; - case DES_ECB_TYPE: return 8; - case DES_EDE3_ECB_TYPE: return 24; + case WC_DES_CBC_TYPE: return 8; + case WC_DES_EDE3_CBC_TYPE: return 24; + case WC_DES_ECB_TYPE: return 8; + case WC_DES_EDE3_ECB_TYPE: return 24; #endif #ifndef NO_RC4 - case ARC4_TYPE: return 16; + case WC_ARC4_TYPE: return 16; #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case CHACHA20_POLY1305_TYPE: return 32; + case WC_CHACHA20_POLY1305_TYPE: return 32; #endif #ifdef HAVE_CHACHA - case CHACHA20_TYPE: return CHACHA_MAX_KEY_SZ; + case WC_CHACHA20_TYPE: return CHACHA_MAX_KEY_SZ; #endif #ifdef WOLFSSL_SM4_ECB - case SM4_ECB_TYPE: return 16; + case WC_SM4_ECB_TYPE: return 16; #endif #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE: return 16; + case WC_SM4_CBC_TYPE: return 16; #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE: return 16; + case WC_SM4_CTR_TYPE: return 16; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: return 16; + case WC_SM4_GCM_TYPE: return 16; #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: return 16; + case WC_SM4_CCM_TYPE: return 16; #endif default: return 0; @@ -603,9 +602,9 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, switch (ctx->cipherType) { #if !defined(NO_AES) #if defined(HAVE_AES_CBC) - case AES_128_CBC_TYPE: - case AES_192_CBC_TYPE: - case AES_256_CBC_TYPE: + case WC_AES_128_CBC_TYPE: + case WC_AES_192_CBC_TYPE: + case WC_AES_256_CBC_TYPE: if (ctx->enc) ret = wc_AesCbcEncrypt(&ctx->cipher.aes, out, in, inl); else @@ -613,16 +612,16 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, break; #endif #if defined(WOLFSSL_AES_COUNTER) - case AES_128_CTR_TYPE: - case AES_192_CTR_TYPE: - case AES_256_CTR_TYPE: + case WC_AES_128_CTR_TYPE: + case WC_AES_192_CTR_TYPE: + case WC_AES_256_CTR_TYPE: ret = wc_AesCtrEncrypt(&ctx->cipher.aes, out, in, inl); break; #endif #if defined(HAVE_AES_ECB) - case AES_128_ECB_TYPE: - case AES_192_ECB_TYPE: - case AES_256_ECB_TYPE: + case WC_AES_128_ECB_TYPE: + case WC_AES_192_ECB_TYPE: + case WC_AES_256_ECB_TYPE: if (ctx->enc) ret = wc_AesEcbEncrypt(&ctx->cipher.aes, out, in, inl); else @@ -630,9 +629,9 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, break; #endif #if defined(WOLFSSL_AES_OFB) - case AES_128_OFB_TYPE: - case AES_192_OFB_TYPE: - case AES_256_OFB_TYPE: + case WC_AES_128_OFB_TYPE: + case WC_AES_192_OFB_TYPE: + case WC_AES_256_OFB_TYPE: if (ctx->enc) ret = wc_AesOfbEncrypt(&ctx->cipher.aes, out, in, inl); else @@ -641,9 +640,9 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, #endif #if defined(WOLFSSL_AES_CFB) #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - case AES_128_CFB1_TYPE: - case AES_192_CFB1_TYPE: - case AES_256_CFB1_TYPE: + case WC_AES_128_CFB1_TYPE: + case WC_AES_192_CFB1_TYPE: + case WC_AES_256_CFB1_TYPE: if (ctx->enc) ret = wc_AesCfb1Encrypt(&ctx->cipher.aes, out, in, inl * WOLFSSL_BIT_SIZE); @@ -652,9 +651,9 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, inl * WOLFSSL_BIT_SIZE); break; - case AES_128_CFB8_TYPE: - case AES_192_CFB8_TYPE: - case AES_256_CFB8_TYPE: + case WC_AES_128_CFB8_TYPE: + case WC_AES_192_CFB8_TYPE: + case WC_AES_256_CFB8_TYPE: if (ctx->enc) ret = wc_AesCfb8Encrypt(&ctx->cipher.aes, out, in, inl); else @@ -662,9 +661,9 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, break; #endif /* !HAVE_SELFTEST && !HAVE_FIPS */ - case AES_128_CFB128_TYPE: - case AES_192_CFB128_TYPE: - case AES_256_CFB128_TYPE: + case WC_AES_128_CFB128_TYPE: + case WC_AES_192_CFB128_TYPE: + case WC_AES_256_CFB128_TYPE: if (ctx->enc) ret = wc_AesCfbEncrypt(&ctx->cipher.aes, out, in, inl); else @@ -672,8 +671,8 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, break; #endif #if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) - case AES_128_XTS_TYPE: - case AES_256_XTS_TYPE: + case WC_AES_128_XTS_TYPE: + case WC_AES_256_XTS_TYPE: if (ctx->enc) ret = wc_AesXtsEncrypt(&ctx->cipher.xts, out, in, inl, ctx->iv, (word32)ctx->ivSz); @@ -684,34 +683,34 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, #endif #endif /* !NO_AES */ #ifndef NO_DES3 - case DES_CBC_TYPE: + case WC_DES_CBC_TYPE: if (ctx->enc) ret = wc_Des_CbcEncrypt(&ctx->cipher.des, out, in, inl); else ret = wc_Des_CbcDecrypt(&ctx->cipher.des, out, in, inl); break; - case DES_EDE3_CBC_TYPE: + case WC_DES_EDE3_CBC_TYPE: if (ctx->enc) ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, out, in, inl); else ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, out, in, inl); break; #if defined(WOLFSSL_DES_ECB) - case DES_ECB_TYPE: + case WC_DES_ECB_TYPE: ret = wc_Des_EcbEncrypt(&ctx->cipher.des, out, in, inl); break; - case DES_EDE3_ECB_TYPE: + case WC_DES_EDE3_ECB_TYPE: ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, out, in, inl); break; #endif #endif #ifndef NO_RC4 - case ARC4_TYPE: + case WC_ARC4_TYPE: wc_Arc4Process(&ctx->cipher.arc4, out, in, inl); break; #endif #if defined(WOLFSSL_SM4_ECB) - case SM4_ECB_TYPE: + case WC_SM4_ECB_TYPE: if (ctx->enc) wc_Sm4EcbEncrypt(&ctx->cipher.sm4, out, in, inl); else @@ -719,7 +718,7 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, break; #endif #if defined(WOLFSSL_SM4_CBC) - case SM4_CBC_TYPE: + case WC_SM4_CBC_TYPE: if (ctx->enc) wc_Sm4CbcEncrypt(&ctx->cipher.sm4, out, in, inl); else @@ -727,7 +726,7 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx, break; #endif #if defined(WOLFSSL_SM4_CTR) - case SM4_CTR_TYPE: + case WC_SM4_CTR_TYPE: wc_Sm4CtrEncrypt(&ctx->cipher.sm4, out, in, inl); break; #endif @@ -783,7 +782,7 @@ static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx, #if defined(WOLFSSL_SM4_GCM) || !defined(WOLFSSL_AESGCM_STREAM) #if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_AESGCM_STREAM) - if (ctx->cipherType == SM4_GCM_TYPE) + if (ctx->cipherType == WC_SM4_GCM_TYPE) #endif { int ret = 0; @@ -1059,29 +1058,29 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx, switch (ctx->cipherType) { #if !defined(NO_AES) && defined(HAVE_AESGCM) - case AES_128_GCM_TYPE: - case AES_192_GCM_TYPE: - case AES_256_GCM_TYPE: + case WC_AES_128_GCM_TYPE: + case WC_AES_192_GCM_TYPE: + case WC_AES_256_GCM_TYPE: /* if out == NULL, in/inl contains the additional auth data */ return wolfSSL_EVP_CipherUpdate_GCM(ctx, out, outl, in, inl); #endif /* !defined(NO_AES) && defined(HAVE_AESGCM) */ #if !defined(NO_AES) && defined(HAVE_AESCCM) - case AES_128_CCM_TYPE: - case AES_192_CCM_TYPE: - case AES_256_CCM_TYPE: + case WC_AES_128_CCM_TYPE: + case WC_AES_192_CCM_TYPE: + case WC_AES_256_CCM_TYPE: /* if out == NULL, in/inl contains the * additional auth data */ return wolfSSL_EVP_CipherUpdate_CCM(ctx, out, outl, in, inl); #endif /* !defined(NO_AES) && defined(HAVE_AESCCM) */ #if defined(HAVE_ARIA) - case ARIA_128_GCM_TYPE: - case ARIA_192_GCM_TYPE: - case ARIA_256_GCM_TYPE: + case WC_ARIA_128_GCM_TYPE: + case WC_ARIA_192_GCM_TYPE: + case WC_ARIA_256_GCM_TYPE: /* if out == NULL, in/inl contains the additional auth data */ return wolfSSL_EVP_CipherUpdate_AriaGCM(ctx, out, outl, in, inl); #endif /* defined(HAVE_ARIA) */ #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case CHACHA20_POLY1305_TYPE: + case WC_CHACHA20_POLY1305_TYPE: if (out == NULL) { if (wc_ChaCha20Poly1305_UpdateAad(&ctx->cipher.chachaPoly, in, (word32)inl) != 0) { @@ -1106,7 +1105,7 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx, } #endif #ifdef HAVE_CHACHA - case CHACHA20_TYPE: + case WC_CHACHA20_TYPE: if (wc_Chacha_Process(&ctx->cipher.chacha, out, in, (word32)inl) != 0) { WOLFSSL_MSG("wc_ChaCha_Process failed"); @@ -1116,12 +1115,12 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx, return WOLFSSL_SUCCESS; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: + case WC_SM4_GCM_TYPE: /* if out == NULL, in/inl contains the additional auth data */ return wolfSSL_EVP_CipherUpdate_GCM(ctx, out, outl, in, inl); #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: + case WC_SM4_CCM_TYPE: /* if out == NULL, in/inl contains the * additional auth data */ return wolfSSL_EVP_CipherUpdate_CCM(ctx, out, outl, in, inl); @@ -1274,9 +1273,9 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out, switch (ctx->cipherType) { #if defined(HAVE_AESGCM) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \ || FIPS_VERSION_GE(2,0)) - case AES_128_GCM_TYPE: - case AES_192_GCM_TYPE: - case AES_256_GCM_TYPE: + case WC_AES_128_GCM_TYPE: + case WC_AES_192_GCM_TYPE: + case WC_AES_256_GCM_TYPE: #ifndef WOLFSSL_AESGCM_STREAM if ((ctx->authBuffer && ctx->authBufferLen > 0) || (ctx->authBufferLen == 0)) { @@ -1358,9 +1357,9 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out, * HAVE_FIPS_VERSION >= 2 */ #if defined(HAVE_AESCCM) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \ || FIPS_VERSION_GE(2,0)) - case AES_128_CCM_TYPE: - case AES_192_CCM_TYPE: - case AES_256_CCM_TYPE: + case WC_AES_128_CCM_TYPE: + case WC_AES_192_CCM_TYPE: + case WC_AES_256_CCM_TYPE: if ((ctx->authBuffer && ctx->authBufferLen > 0) || (ctx->authBufferLen == 0)) { if (ctx->enc) { @@ -1417,9 +1416,9 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out, * HAVE_FIPS_VERSION >= 2 */ #if defined(HAVE_ARIA) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \ || FIPS_VERSION_GE(2,0)) - case ARIA_128_GCM_TYPE: - case ARIA_192_GCM_TYPE: - case ARIA_256_GCM_TYPE: + case WC_ARIA_128_GCM_TYPE: + case WC_ARIA_192_GCM_TYPE: + case WC_ARIA_256_GCM_TYPE: if ((ctx->authBuffer && ctx->authBufferLen > 0) || (ctx->authBufferLen == 0)) { if (ctx->enc) @@ -1471,7 +1470,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out, #endif /* HAVE_AESGCM && ((!HAVE_FIPS && !HAVE_SELFTEST) || * HAVE_FIPS_VERSION >= 2 */ #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case CHACHA20_POLY1305_TYPE: + case WC_CHACHA20_POLY1305_TYPE: if (wc_ChaCha20Poly1305_Final(&ctx->cipher.chachaPoly, ctx->authTag) != 0) { WOLFSSL_MSG("wc_ChaCha20Poly1305_Final failed"); @@ -1484,7 +1483,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out, break; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: + case WC_SM4_GCM_TYPE: if ((ctx->authBuffer && ctx->authBufferLen > 0) || (ctx->authBufferLen == 0)) { if (ctx->enc) @@ -1535,7 +1534,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out, break; #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: + case WC_SM4_CCM_TYPE: if ((ctx->authBuffer && ctx->authBufferLen > 0) || (ctx->authBufferLen == 0)) { if (ctx->enc) @@ -1660,20 +1659,20 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out, */ if (FALSE #ifdef HAVE_AESGCM - || ctx->cipherType == AES_128_GCM_TYPE || - ctx->cipherType == AES_192_GCM_TYPE || - ctx->cipherType == AES_256_GCM_TYPE + || ctx->cipherType == WC_AES_128_GCM_TYPE || + ctx->cipherType == WC_AES_192_GCM_TYPE || + ctx->cipherType == WC_AES_256_GCM_TYPE #endif #ifdef HAVE_AESCCM - || ctx->cipherType == AES_128_CCM_TYPE || - ctx->cipherType == AES_192_CCM_TYPE || - ctx->cipherType == AES_256_CCM_TYPE + || ctx->cipherType == WC_AES_128_CCM_TYPE || + ctx->cipherType == WC_AES_192_CCM_TYPE || + ctx->cipherType == WC_AES_256_CCM_TYPE #endif #ifdef WOLFSSL_SM4_GCM - || ctx->cipherType == SM4_GCM_TYPE + || ctx->cipherType == WC_SM4_GCM_TYPE #endif #ifdef WOLFSSL_SM4_CCM - || ctx->cipherType == SM4_CCM_TYPE + || ctx->cipherType == WC_SM4_CCM_TYPE #endif ) { tmp = ctx->authIvGenEnable; @@ -1688,20 +1687,20 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out, ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || FIPS_VERSION_GE(2,0)) if (FALSE #ifdef HAVE_AESGCM - || ctx->cipherType == AES_128_GCM_TYPE || - ctx->cipherType == AES_192_GCM_TYPE || - ctx->cipherType == AES_256_GCM_TYPE + || ctx->cipherType == WC_AES_128_GCM_TYPE || + ctx->cipherType == WC_AES_192_GCM_TYPE || + ctx->cipherType == WC_AES_256_GCM_TYPE #endif #ifdef HAVE_AESCCM - || ctx->cipherType == AES_128_CCM_TYPE || - ctx->cipherType == AES_192_CCM_TYPE || - ctx->cipherType == AES_256_CCM_TYPE + || ctx->cipherType == WC_AES_128_CCM_TYPE || + ctx->cipherType == WC_AES_192_CCM_TYPE || + ctx->cipherType == WC_AES_256_CCM_TYPE #endif #ifdef WOLFSSL_SM4_GCM - || ctx->cipherType == SM4_GCM_TYPE + || ctx->cipherType == WC_SM4_GCM_TYPE #endif #ifdef WOLFSSL_SM4_CCM - || ctx->cipherType == SM4_CCM_TYPE + || ctx->cipherType == WC_SM4_CCM_TYPE #endif ) { ctx->authIvGenEnable = (tmp == 1); @@ -1769,75 +1768,75 @@ int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx) #if !defined(NO_AES) || !defined(NO_DES3) || defined(WOLFSSL_SM4) #if !defined(NO_AES) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) - case AES_128_CBC_TYPE: - case AES_192_CBC_TYPE: - case AES_256_CBC_TYPE: + case WC_AES_128_CBC_TYPE: + case WC_AES_192_CBC_TYPE: + case WC_AES_256_CBC_TYPE: #endif #if defined(HAVE_AESGCM) - case AES_128_GCM_TYPE: - case AES_192_GCM_TYPE: - case AES_256_GCM_TYPE: + case WC_AES_128_GCM_TYPE: + case WC_AES_192_GCM_TYPE: + case WC_AES_256_GCM_TYPE: #endif #if defined(HAVE_AESCCM) - case AES_128_CCM_TYPE: - case AES_192_CCM_TYPE: - case AES_256_CCM_TYPE: + case WC_AES_128_CCM_TYPE: + case WC_AES_192_CCM_TYPE: + case WC_AES_256_CCM_TYPE: #endif #if defined(WOLFSSL_AES_COUNTER) - case AES_128_CTR_TYPE: - case AES_192_CTR_TYPE: - case AES_256_CTR_TYPE: + case WC_AES_128_CTR_TYPE: + case WC_AES_192_CTR_TYPE: + case WC_AES_256_CTR_TYPE: #endif #if defined(WOLFSSL_AES_CFB) - case AES_128_CFB1_TYPE: - case AES_192_CFB1_TYPE: - case AES_256_CFB1_TYPE: - case AES_128_CFB8_TYPE: - case AES_192_CFB8_TYPE: - case AES_256_CFB8_TYPE: - case AES_128_CFB128_TYPE: - case AES_192_CFB128_TYPE: - case AES_256_CFB128_TYPE: + case WC_AES_128_CFB1_TYPE: + case WC_AES_192_CFB1_TYPE: + case WC_AES_256_CFB1_TYPE: + case WC_AES_128_CFB8_TYPE: + case WC_AES_192_CFB8_TYPE: + case WC_AES_256_CFB8_TYPE: + case WC_AES_128_CFB128_TYPE: + case WC_AES_192_CFB128_TYPE: + case WC_AES_256_CFB128_TYPE: #endif #if defined(WOLFSSL_AES_OFB) - case AES_128_OFB_TYPE: - case AES_192_OFB_TYPE: - case AES_256_OFB_TYPE: + case WC_AES_128_OFB_TYPE: + case WC_AES_192_OFB_TYPE: + case WC_AES_256_OFB_TYPE: #endif #if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) - case AES_128_XTS_TYPE: - case AES_256_XTS_TYPE: + case WC_AES_128_XTS_TYPE: + case WC_AES_256_XTS_TYPE: #endif #if defined(HAVE_ARIA) - case ARIA_128_GCM_TYPE: - case ARIA_192_GCM_TYPE: - case ARIA_256_GCM_TYPE: + case WC_ARIA_128_GCM_TYPE: + case WC_ARIA_192_GCM_TYPE: + case WC_ARIA_256_GCM_TYPE: #endif - case AES_128_ECB_TYPE: - case AES_192_ECB_TYPE: - case AES_256_ECB_TYPE: + case WC_AES_128_ECB_TYPE: + case WC_AES_192_ECB_TYPE: + case WC_AES_256_ECB_TYPE: #endif /* !NO_AES */ #ifndef NO_DES3 - case DES_CBC_TYPE: - case DES_ECB_TYPE: - case DES_EDE3_CBC_TYPE: - case DES_EDE3_ECB_TYPE: + case WC_DES_CBC_TYPE: + case WC_DES_ECB_TYPE: + case WC_DES_EDE3_CBC_TYPE: + case WC_DES_EDE3_ECB_TYPE: #endif #ifdef WOLFSSL_SM4_ECB - case SM4_ECB_TYPE: + case WC_SM4_ECB_TYPE: #endif #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE: + case WC_SM4_CBC_TYPE: #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE: + case WC_SM4_CTR_TYPE: #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: + case WC_SM4_GCM_TYPE: #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: + case WC_SM4_CCM_TYPE: #endif return ctx->block_size; #endif /* !NO_AES || !NO_DES3 || WOLFSSL_SM4 */ @@ -1851,193 +1850,193 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher) if (cipher == NULL) return 0; /* dummy for #ifdef */ #ifndef NO_DES3 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_CBC)) - return DES_CBC_TYPE; + return WC_DES_CBC_TYPE; else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_EDE3_CBC)) - return DES_EDE3_CBC_TYPE; + return WC_DES_EDE3_CBC_TYPE; #if !defined(NO_DES3) else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_ECB)) - return DES_ECB_TYPE; + return WC_DES_ECB_TYPE; else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_EDE3_ECB)) - return DES_EDE3_ECB_TYPE; + return WC_DES_EDE3_ECB_TYPE; #endif /* NO_DES3 && HAVE_AES_ECB */ #endif #if !defined(NO_AES) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CBC)) - return AES_128_CBC_TYPE; + return WC_AES_128_CBC_TYPE; #endif #ifdef WOLFSSL_AES_192 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CBC)) - return AES_192_CBC_TYPE; + return WC_AES_192_CBC_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CBC)) - return AES_256_CBC_TYPE; + return WC_AES_256_CBC_TYPE; #endif #endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */ #if defined(HAVE_AESGCM) #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_GCM)) - return AES_128_GCM_TYPE; + return WC_AES_128_GCM_TYPE; #endif #ifdef WOLFSSL_AES_192 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_GCM)) - return AES_192_GCM_TYPE; + return WC_AES_192_GCM_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_GCM)) - return AES_256_GCM_TYPE; + return WC_AES_256_GCM_TYPE; #endif #endif /* HAVE_AESGCM */ #if defined(HAVE_AESCCM) #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CCM)) - return AES_128_CCM_TYPE; + return WC_AES_128_CCM_TYPE; #endif #ifdef WOLFSSL_AES_192 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CCM)) - return AES_192_CCM_TYPE; + return WC_AES_192_CCM_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CCM)) - return AES_256_CCM_TYPE; + return WC_AES_256_CCM_TYPE; #endif #endif /* HAVE_AESCCM */ #if defined(WOLFSSL_AES_COUNTER) #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CTR)) - return AES_128_CTR_TYPE; + return WC_AES_128_CTR_TYPE; #endif #ifdef WOLFSSL_AES_192 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CTR)) - return AES_192_CTR_TYPE; + return WC_AES_192_CTR_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CTR)) - return AES_256_CTR_TYPE; + return WC_AES_256_CTR_TYPE; #endif #endif /* HAVE_AES_CBC */ #if defined(HAVE_AES_ECB) #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_ECB)) - return AES_128_ECB_TYPE; + return WC_AES_128_ECB_TYPE; #endif #ifdef WOLFSSL_AES_192 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_ECB)) - return AES_192_ECB_TYPE; + return WC_AES_192_ECB_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_ECB)) - return AES_256_ECB_TYPE; + return WC_AES_256_ECB_TYPE; #endif #endif /*HAVE_AES_CBC */ #if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_XTS)) - return AES_128_XTS_TYPE; + return WC_AES_128_XTS_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_XTS)) - return AES_256_XTS_TYPE; + return WC_AES_256_XTS_TYPE; #endif #endif /* WOLFSSL_AES_XTS */ #if defined(WOLFSSL_AES_CFB) #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB1)) - return AES_128_CFB1_TYPE; + return WC_AES_128_CFB1_TYPE; #endif #ifdef WOLFSSL_AES_192 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CFB1)) - return AES_192_CFB1_TYPE; + return WC_AES_192_CFB1_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB1)) - return AES_256_CFB1_TYPE; + return WC_AES_256_CFB1_TYPE; #endif #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB8)) - return AES_128_CFB8_TYPE; + return WC_AES_128_CFB8_TYPE; #endif #ifdef WOLFSSL_AES_192 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CFB8)) - return AES_192_CFB8_TYPE; + return WC_AES_192_CFB8_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB8)) - return AES_256_CFB8_TYPE; + return WC_AES_256_CFB8_TYPE; #endif #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB128)) - return AES_128_CFB128_TYPE; + return WC_AES_128_CFB128_TYPE; #endif #ifdef WOLFSSL_AES_192 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CFB128)) - return AES_192_CFB128_TYPE; + return WC_AES_192_CFB128_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB128)) - return AES_256_CFB128_TYPE; + return WC_AES_256_CFB128_TYPE; #endif #endif /*HAVE_AES_CBC */ #if defined(WOLFSSL_AES_OFB) #ifdef WOLFSSL_AES_128 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_OFB)) - return AES_128_OFB_TYPE; + return WC_AES_128_OFB_TYPE; #endif #ifdef WOLFSSL_AES_192 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_OFB)) - return AES_192_OFB_TYPE; + return WC_AES_192_OFB_TYPE; #endif #ifdef WOLFSSL_AES_256 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_OFB)) - return AES_256_OFB_TYPE; + return WC_AES_256_OFB_TYPE; #endif #endif #endif /* !NO_AES */ #if defined(HAVE_ARIA) else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARIA_128_GCM)) - return ARIA_128_GCM_TYPE; + return WC_ARIA_128_GCM_TYPE; else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARIA_192_GCM)) - return ARIA_192_GCM_TYPE; + return WC_ARIA_192_GCM_TYPE; else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARIA_256_GCM)) - return ARIA_256_GCM_TYPE; + return WC_ARIA_256_GCM_TYPE; #endif /* HAVE_ARIA */ #ifndef NO_RC4 else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARC4)) - return ARC4_TYPE; + return WC_ARC4_TYPE; #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_CHACHA20_POLY1305)) - return CHACHA20_POLY1305_TYPE; + return WC_CHACHA20_POLY1305_TYPE; #endif #ifdef HAVE_CHACHA else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_CHACHA20)) - return CHACHA20_TYPE; + return WC_CHACHA20_TYPE; #endif #ifdef WOLFSSL_SM4_ECB else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_ECB)) - return SM4_ECB_TYPE; + return WC_SM4_ECB_TYPE; #endif #ifdef WOLFSSL_SM4_CBC else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_CBC)) - return SM4_CBC_TYPE; + return WC_SM4_CBC_TYPE; #endif #ifdef WOLFSSL_SM4_CTR else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_CTR)) - return SM4_CTR_TYPE; + return WC_SM4_CTR_TYPE; #endif #ifdef WOLFSSL_SM4_GCM else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_GCM)) - return SM4_GCM_TYPE; + return WC_SM4_GCM_TYPE; #endif #ifdef WOLFSSL_SM4_CCM else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_CCM)) - return SM4_CCM_TYPE; + return WC_SM4_CCM_TYPE; #endif else return 0; @@ -2051,107 +2050,107 @@ int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher) switch (cipherType(cipher)) { #if !defined(NO_AES) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) - case AES_128_CBC_TYPE: - case AES_192_CBC_TYPE: - case AES_256_CBC_TYPE: + case WC_AES_128_CBC_TYPE: + case WC_AES_192_CBC_TYPE: + case WC_AES_256_CBC_TYPE: return AES_BLOCK_SIZE; #endif #if defined(HAVE_AESGCM) - case AES_128_GCM_TYPE: - case AES_192_GCM_TYPE: - case AES_256_GCM_TYPE: + case WC_AES_128_GCM_TYPE: + case WC_AES_192_GCM_TYPE: + case WC_AES_256_GCM_TYPE: return 1; #endif #if defined(HAVE_AESCCM) - case AES_128_CCM_TYPE: - case AES_192_CCM_TYPE: - case AES_256_CCM_TYPE: + case WC_AES_128_CCM_TYPE: + case WC_AES_192_CCM_TYPE: + case WC_AES_256_CCM_TYPE: return 1; #endif #if defined(WOLFSSL_AES_COUNTER) - case AES_128_CTR_TYPE: - case AES_192_CTR_TYPE: - case AES_256_CTR_TYPE: + case WC_AES_128_CTR_TYPE: + case WC_AES_192_CTR_TYPE: + case WC_AES_256_CTR_TYPE: return 1; #endif #if defined(HAVE_AES_ECB) - case AES_128_ECB_TYPE: - case AES_192_ECB_TYPE: - case AES_256_ECB_TYPE: + case WC_AES_128_ECB_TYPE: + case WC_AES_192_ECB_TYPE: + case WC_AES_256_ECB_TYPE: return AES_BLOCK_SIZE; #endif #if defined(WOLFSSL_AES_CFB) - case AES_128_CFB1_TYPE: - case AES_192_CFB1_TYPE: - case AES_256_CFB1_TYPE: - case AES_128_CFB8_TYPE: - case AES_192_CFB8_TYPE: - case AES_256_CFB8_TYPE: - case AES_128_CFB128_TYPE: - case AES_192_CFB128_TYPE: - case AES_256_CFB128_TYPE: + case WC_AES_128_CFB1_TYPE: + case WC_AES_192_CFB1_TYPE: + case WC_AES_256_CFB1_TYPE: + case WC_AES_128_CFB8_TYPE: + case WC_AES_192_CFB8_TYPE: + case WC_AES_256_CFB8_TYPE: + case WC_AES_128_CFB128_TYPE: + case WC_AES_192_CFB128_TYPE: + case WC_AES_256_CFB128_TYPE: return 1; #endif #if defined(WOLFSSL_AES_OFB) - case AES_128_OFB_TYPE: - case AES_192_OFB_TYPE: - case AES_256_OFB_TYPE: + case WC_AES_128_OFB_TYPE: + case WC_AES_192_OFB_TYPE: + case WC_AES_256_OFB_TYPE: return 1; #endif #if defined(WOLFSSL_AES_XTS) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) - case AES_128_XTS_TYPE: - case AES_256_XTS_TYPE: + case WC_AES_128_XTS_TYPE: + case WC_AES_256_XTS_TYPE: return 1; #endif #endif /* NO_AES */ #ifndef NO_RC4 - case ARC4_TYPE: + case WC_ARC4_TYPE: return 1; #endif #if defined(HAVE_ARIA) - case ARIA_128_GCM_TYPE: - case ARIA_192_GCM_TYPE: - case ARIA_256_GCM_TYPE: + case WC_ARIA_128_GCM_TYPE: + case WC_ARIA_192_GCM_TYPE: + case WC_ARIA_256_GCM_TYPE: return 1; #endif #ifndef NO_DES3 - case DES_CBC_TYPE: return 8; - case DES_EDE3_CBC_TYPE: return 8; - case DES_ECB_TYPE: return 8; - case DES_EDE3_ECB_TYPE: return 8; + case WC_DES_CBC_TYPE: return 8; + case WC_DES_EDE3_CBC_TYPE: return 8; + case WC_DES_ECB_TYPE: return 8; + case WC_DES_EDE3_ECB_TYPE: return 8; #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case CHACHA20_POLY1305_TYPE: + case WC_CHACHA20_POLY1305_TYPE: return 1; #endif #ifdef HAVE_CHACHA - case CHACHA20_TYPE: + case WC_CHACHA20_TYPE: return 1; #endif #ifdef WOLFSSL_SM4_ECB - case SM4_ECB_TYPE: + case WC_SM4_ECB_TYPE: return SM4_BLOCK_SIZE; #endif #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE: + case WC_SM4_CBC_TYPE: return SM4_BLOCK_SIZE; #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE: + case WC_SM4_CTR_TYPE: return 1; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: + case WC_SM4_GCM_TYPE: return 1; #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: + case WC_SM4_CCM_TYPE: return 1; #endif @@ -2165,107 +2164,107 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher) switch (cipherType(cipher)) { #if !defined(NO_AES) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) - case AES_128_CBC_TYPE: - case AES_192_CBC_TYPE: - case AES_256_CBC_TYPE: + case WC_AES_128_CBC_TYPE: + case WC_AES_192_CBC_TYPE: + case WC_AES_256_CBC_TYPE: return WOLFSSL_EVP_CIPH_CBC_MODE; #endif #if defined(HAVE_AESGCM) - case AES_128_GCM_TYPE: - case AES_192_GCM_TYPE: - case AES_256_GCM_TYPE: + case WC_AES_128_GCM_TYPE: + case WC_AES_192_GCM_TYPE: + case WC_AES_256_GCM_TYPE: return WOLFSSL_EVP_CIPH_GCM_MODE | WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; #endif #if defined(HAVE_AESCCM) - case AES_128_CCM_TYPE: - case AES_192_CCM_TYPE: - case AES_256_CCM_TYPE: + case WC_AES_128_CCM_TYPE: + case WC_AES_192_CCM_TYPE: + case WC_AES_256_CCM_TYPE: return WOLFSSL_EVP_CIPH_CCM_MODE | WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; #endif #if defined(WOLFSSL_AES_COUNTER) - case AES_128_CTR_TYPE: - case AES_192_CTR_TYPE: - case AES_256_CTR_TYPE: + case WC_AES_128_CTR_TYPE: + case WC_AES_192_CTR_TYPE: + case WC_AES_256_CTR_TYPE: return WOLFSSL_EVP_CIPH_CTR_MODE; #endif #if defined(WOLFSSL_AES_CFB) - case AES_128_CFB1_TYPE: - case AES_192_CFB1_TYPE: - case AES_256_CFB1_TYPE: - case AES_128_CFB8_TYPE: - case AES_192_CFB8_TYPE: - case AES_256_CFB8_TYPE: - case AES_128_CFB128_TYPE: - case AES_192_CFB128_TYPE: - case AES_256_CFB128_TYPE: + case WC_AES_128_CFB1_TYPE: + case WC_AES_192_CFB1_TYPE: + case WC_AES_256_CFB1_TYPE: + case WC_AES_128_CFB8_TYPE: + case WC_AES_192_CFB8_TYPE: + case WC_AES_256_CFB8_TYPE: + case WC_AES_128_CFB128_TYPE: + case WC_AES_192_CFB128_TYPE: + case WC_AES_256_CFB128_TYPE: return WOLFSSL_EVP_CIPH_CFB_MODE; #endif #if defined(WOLFSSL_AES_OFB) - case AES_128_OFB_TYPE: - case AES_192_OFB_TYPE: - case AES_256_OFB_TYPE: + case WC_AES_128_OFB_TYPE: + case WC_AES_192_OFB_TYPE: + case WC_AES_256_OFB_TYPE: return WOLFSSL_EVP_CIPH_OFB_MODE; #endif #if defined(WOLFSSL_AES_XTS) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) - case AES_128_XTS_TYPE: - case AES_256_XTS_TYPE: + case WC_AES_128_XTS_TYPE: + case WC_AES_256_XTS_TYPE: return WOLFSSL_EVP_CIPH_XTS_MODE; #endif - case AES_128_ECB_TYPE: - case AES_192_ECB_TYPE: - case AES_256_ECB_TYPE: + case WC_AES_128_ECB_TYPE: + case WC_AES_192_ECB_TYPE: + case WC_AES_256_ECB_TYPE: return WOLFSSL_EVP_CIPH_ECB_MODE; #endif /* !NO_AES */ #if defined(HAVE_ARIA) - case ARIA_128_GCM_TYPE: - case ARIA_192_GCM_TYPE: - case ARIA_256_GCM_TYPE: + case WC_ARIA_128_GCM_TYPE: + case WC_ARIA_192_GCM_TYPE: + case WC_ARIA_256_GCM_TYPE: return WOLFSSL_EVP_CIPH_GCM_MODE | WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; #endif #ifndef NO_DES3 - case DES_CBC_TYPE: - case DES_EDE3_CBC_TYPE: + case WC_DES_CBC_TYPE: + case WC_DES_EDE3_CBC_TYPE: return WOLFSSL_EVP_CIPH_CBC_MODE; - case DES_ECB_TYPE: - case DES_EDE3_ECB_TYPE: + case WC_DES_ECB_TYPE: + case WC_DES_EDE3_ECB_TYPE: return WOLFSSL_EVP_CIPH_ECB_MODE; #endif #ifndef NO_RC4 - case ARC4_TYPE: - return EVP_CIPH_STREAM_CIPHER; + case WC_ARC4_TYPE: + return WOLFSSL_EVP_CIPH_STREAM_CIPHER; #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case CHACHA20_POLY1305_TYPE: + case WC_CHACHA20_POLY1305_TYPE: return WOLFSSL_EVP_CIPH_STREAM_CIPHER | WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; #endif #ifdef HAVE_CHACHA - case CHACHA20_TYPE: + case WC_CHACHA20_TYPE: return WOLFSSL_EVP_CIPH_STREAM_CIPHER; #endif #ifdef WOLFSSL_SM4_ECB - case SM4_ECB_TYPE: + case WC_SM4_ECB_TYPE: return WOLFSSL_EVP_CIPH_ECB_MODE; #endif #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE: + case WC_SM4_CBC_TYPE: return WOLFSSL_EVP_CIPH_CBC_MODE; #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE: + case WC_SM4_CTR_TYPE: return WOLFSSL_EVP_CIPH_CTR_MODE; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: + case WC_SM4_GCM_TYPE: return WOLFSSL_EVP_CIPH_GCM_MODE | WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: + case WC_SM4_CCM_TYPE: return WOLFSSL_EVP_CIPH_CCM_MODE | WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; #endif @@ -2374,7 +2373,7 @@ WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_E XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_PKEY_CTX)); ctx->pkey = pkey; #if !defined(NO_RSA) - ctx->padding = RSA_PKCS1_PADDING; + ctx->padding = WC_RSA_PKCS1_PADDING; ctx->md = NULL; #endif #ifdef HAVE_ECC @@ -2416,7 +2415,7 @@ int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding) * returns WOLFSSL_SUCCESS on success. */ int wolfSSL_EVP_PKEY_CTX_set_signature_md(WOLFSSL_EVP_PKEY_CTX *ctx, - const EVP_MD* md) + const WOLFSSL_EVP_MD* md) { if (ctx == NULL) return 0; WOLFSSL_ENTER("wolfSSL_EVP_PKEY_CTX_set_signature_md"); @@ -2468,7 +2467,7 @@ int wolfSSL_EVP_PKEY_derive_init(WOLFSSL_EVP_PKEY_CTX *ctx) return WOLFSSL_FAILURE; } wolfSSL_EVP_PKEY_free(ctx->peerKey); - ctx->op = EVP_PKEY_OP_DERIVE; + ctx->op = WC_EVP_PKEY_OP_DERIVE; ctx->padding = 0; ctx->nbits = 0; return WOLFSSL_SUCCESS; @@ -2478,7 +2477,7 @@ int wolfSSL_EVP_PKEY_derive_set_peer(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY { WOLFSSL_ENTER("wolfSSL_EVP_PKEY_derive_set_peer"); - if (!ctx || ctx->op != EVP_PKEY_OP_DERIVE) { + if (!ctx || ctx->op != WC_EVP_PKEY_OP_DERIVE) { return WOLFSSL_FAILURE; } wolfSSL_EVP_PKEY_free(ctx->peerKey); @@ -2513,14 +2512,14 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_ WOLFSSL_ENTER("wolfSSL_EVP_PKEY_derive"); - if (!ctx || ctx->op != EVP_PKEY_OP_DERIVE || !ctx->pkey || (!ctx->peerKey - && ctx->pkey->type != EVP_PKEY_HKDF) || !keylen || (ctx->pkey->type - != EVP_PKEY_HKDF && ctx->pkey->type != ctx->peerKey->type)) { + if (!ctx || ctx->op != WC_EVP_PKEY_OP_DERIVE || !ctx->pkey || (!ctx->peerKey + && ctx->pkey->type != WC_EVP_PKEY_HKDF) || !keylen || (ctx->pkey->type + != WC_EVP_PKEY_HKDF && ctx->pkey->type != ctx->peerKey->type)) { return WOLFSSL_FAILURE; } switch (ctx->pkey->type) { #ifndef NO_DH - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: /* Use DH */ if (!ctx->pkey->dh || !ctx->peerKey->dh) { return WOLFSSL_FAILURE; @@ -2553,7 +2552,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_ break; #endif #if defined(HAVE_ECC) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: /* Use ECDH */ if (!ctx->pkey->ecc || !ctx->peerKey->ecc) { return WOLFSSL_FAILURE; @@ -2621,7 +2620,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_ break; #endif #ifdef HAVE_HKDF - case EVP_PKEY_HKDF: + case WC_EVP_PKEY_HKDF: (void)len; hkdfHashType = EvpMd2MacType(ctx->pkey->hkdfMd); @@ -2629,7 +2628,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_ WOLFSSL_MSG("Invalid hash type for HKDF."); return WOLFSSL_FAILURE; } - if (ctx->pkey->hkdfMode == EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND) { + if (ctx->pkey->hkdfMode == WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND) { if (wc_HKDF(hkdfHashType, ctx->pkey->hkdfKey, ctx->pkey->hkdfKeySz, ctx->pkey->hkdfSalt, ctx->pkey->hkdfSaltSz, ctx->pkey->hkdfInfo, ctx->pkey->hkdfInfoSz, key, @@ -2638,7 +2637,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_ return WOLFSSL_FAILURE; } } - else if (ctx->pkey->hkdfMode == EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) { + else if (ctx->pkey->hkdfMode == WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) { if (wc_HKDF_Extract(hkdfHashType, ctx->pkey->hkdfSalt, ctx->pkey->hkdfSaltSz, ctx->pkey->hkdfKey, ctx->pkey->hkdfKeySz, key) != 0) { @@ -2655,7 +2654,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_ *keylen = (size_t)hkdfHashSz; } } - else if (ctx->pkey->hkdfMode == EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) { + else if (ctx->pkey->hkdfMode == WOLFSSL_EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) { if (wc_HKDF_Expand(hkdfHashType, ctx->pkey->hkdfKey, ctx->pkey->hkdfKeySz, ctx->pkey->hkdfInfo, ctx->pkey->hkdfInfoSz, key, @@ -2711,7 +2710,7 @@ int wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt(WOLFSSL_EVP_PKEY_CTX* ctx, WOLFSSL_MSG("Bad argument."); ret = WOLFSSL_FAILURE; } - if (ret == WOLFSSL_SUCCESS && ctx->pkey->type != EVP_PKEY_HKDF) { + if (ret == WOLFSSL_SUCCESS && ctx->pkey->type != WC_EVP_PKEY_HKDF) { WOLFSSL_MSG("WOLFSSL_EVP_PKEY type is not HKDF."); ret = WOLFSSL_FAILURE; } @@ -2746,7 +2745,7 @@ int wolfSSL_EVP_PKEY_CTX_set1_hkdf_key(WOLFSSL_EVP_PKEY_CTX* ctx, WOLFSSL_MSG("Bad argument."); ret = WOLFSSL_FAILURE; } - if (ret == WOLFSSL_SUCCESS && ctx->pkey->type != EVP_PKEY_HKDF) { + if (ret == WOLFSSL_SUCCESS && ctx->pkey->type != WC_EVP_PKEY_HKDF) { WOLFSSL_MSG("WOLFSSL_EVP_PKEY type is not HKDF."); ret = WOLFSSL_FAILURE; } @@ -2781,7 +2780,7 @@ int wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(WOLFSSL_EVP_PKEY_CTX* ctx, WOLFSSL_MSG("Bad argument."); ret = WOLFSSL_FAILURE; } - if (ret == WOLFSSL_SUCCESS && ctx->pkey->type != EVP_PKEY_HKDF) { + if (ret == WOLFSSL_SUCCESS && ctx->pkey->type != WC_EVP_PKEY_HKDF) { WOLFSSL_MSG("WOLFSSL_EVP_PKEY type is not HKDF."); ret = WOLFSSL_FAILURE; } @@ -2831,9 +2830,10 @@ int wolfSSL_EVP_PKEY_CTX_hkdf_mode(WOLFSSL_EVP_PKEY_CTX* ctx, int mode) } if (ret == WOLFSSL_SUCCESS && - mode != EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND && - mode != EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY && - mode != EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) { + mode != WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND && + mode != WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY && + mode != WOLFSSL_EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) + { WOLFSSL_MSG("Invalid HKDF mode."); ret = WOLFSSL_FAILURE; } @@ -2881,7 +2881,7 @@ int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx, switch (ctx->pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: if (out == NULL) { if (ctx->pkey->rsa == NULL) { WOLFSSL_MSG("Internal wolfCrypt RSA object is NULL."); @@ -2910,8 +2910,8 @@ int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx, } #endif /* NO_RSA */ - case EVP_PKEY_EC: - WOLFSSL_MSG("EVP_PKEY_EC not implemented."); + case WC_EVP_PKEY_EC: + WOLFSSL_MSG("WC_EVP_PKEY_EC not implemented."); FALL_THROUGH; default: break; @@ -2932,10 +2932,10 @@ int wolfSSL_EVP_PKEY_decrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx) if (ctx == NULL) return WOLFSSL_FAILURE; WOLFSSL_ENTER("wolfSSL_EVP_PKEY_decrypt_init"); switch (ctx->pkey->type) { - case EVP_PKEY_RSA: - ctx->op = EVP_PKEY_OP_DECRYPT; + case WC_EVP_PKEY_RSA: + ctx->op = WC_EVP_PKEY_OP_DECRYPT; return WOLFSSL_SUCCESS; - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: WOLFSSL_MSG("not implemented"); FALL_THROUGH; default: @@ -2970,8 +2970,8 @@ int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx, return 0; } - if (ctx->op != EVP_PKEY_OP_ENCRYPT) { - WOLFSSL_MSG("ctx->op must be set to EVP_PKEY_OP_ENCRYPT. Use " + if (ctx->op != WC_EVP_PKEY_OP_ENCRYPT) { + WOLFSSL_MSG("ctx->op must be set to WC_EVP_PKEY_OP_ENCRYPT. Use " "wolfSSL_EVP_PKEY_encrypt_init."); return WOLFSSL_FAILURE; } @@ -2984,7 +2984,7 @@ int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx, switch (ctx->pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: if (out == NULL) { if (ctx->pkey->rsa == NULL) { WOLFSSL_MSG("Internal wolfCrypt RSA object is NULL."); @@ -3014,8 +3014,8 @@ int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx, } #endif /* NO_RSA */ - case EVP_PKEY_EC: - WOLFSSL_MSG("EVP_PKEY_EC not implemented"); + case WC_EVP_PKEY_EC: + WOLFSSL_MSG("WC_EVP_PKEY_EC not implemented"); FALL_THROUGH; default: break; @@ -3037,10 +3037,10 @@ int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx) WOLFSSL_ENTER("wolfSSL_EVP_PKEY_encrypt_init"); switch (ctx->pkey->type) { - case EVP_PKEY_RSA: - ctx->op = EVP_PKEY_OP_ENCRYPT; + case WC_EVP_PKEY_RSA: + ctx->op = WC_EVP_PKEY_OP_ENCRYPT; return WOLFSSL_SUCCESS; - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: WOLFSSL_MSG("not implemented"); FALL_THROUGH; default: @@ -3065,22 +3065,22 @@ int wolfSSL_EVP_PKEY_sign_init(WOLFSSL_EVP_PKEY_CTX *ctx) switch (ctx->pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: - ctx->op = EVP_PKEY_OP_SIGN; + case WC_EVP_PKEY_RSA: + ctx->op = WC_EVP_PKEY_OP_SIGN; ret = WOLFSSL_SUCCESS; break; #endif /* NO_RSA */ #ifndef NO_DSA - case EVP_PKEY_DSA: - ctx->op = EVP_PKEY_OP_SIGN; + case WC_EVP_PKEY_DSA: + ctx->op = WC_EVP_PKEY_OP_SIGN; ret = WOLFSSL_SUCCESS; break; #endif /* NO_DSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: - ctx->op = EVP_PKEY_OP_SIGN; + case WC_EVP_PKEY_EC: + ctx->op = WC_EVP_PKEY_OP_SIGN; ret = WOLFSSL_SUCCESS; break; #endif /* HAVE_ECC */ @@ -3103,7 +3103,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig, { WOLFSSL_MSG("wolfSSL_EVP_PKEY_sign"); - if (!ctx || ctx->op != EVP_PKEY_OP_SIGN || !ctx->pkey || !siglen) + if (!ctx || ctx->op != WC_EVP_PKEY_OP_SIGN || !ctx->pkey || !siglen) return WOLFSSL_FAILURE; (void)sig; @@ -3113,7 +3113,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig, switch (ctx->pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: { + case WC_EVP_PKEY_RSA: { unsigned int usiglen = (unsigned int)*siglen; if (!sig) { int len; @@ -3138,7 +3138,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig, #endif /* NO_RSA */ #ifndef NO_DSA - case EVP_PKEY_DSA: { + case WC_EVP_PKEY_DSA: { int bytes; int ret; if (!ctx->pkey->dsa) @@ -3165,7 +3165,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig, #endif /* NO_DSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: { + case WC_EVP_PKEY_EC: { int ret; WOLFSSL_ECDSA_SIG *ecdsaSig; if (!sig) { @@ -3227,20 +3227,20 @@ int wolfSSL_EVP_PKEY_verify_init(WOLFSSL_EVP_PKEY_CTX *ctx) switch (ctx->pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: - ctx->op = EVP_PKEY_OP_VERIFY; + case WC_EVP_PKEY_RSA: + ctx->op = WC_EVP_PKEY_OP_VERIFY; return WOLFSSL_SUCCESS; #endif /* NO_RSA */ #ifndef NO_DSA - case EVP_PKEY_DSA: - ctx->op = EVP_PKEY_OP_VERIFY; + case WC_EVP_PKEY_DSA: + ctx->op = WC_EVP_PKEY_OP_VERIFY; return WOLFSSL_SUCCESS; #endif /* NO_DSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: - ctx->op = EVP_PKEY_OP_VERIFY; + case WC_EVP_PKEY_EC: + ctx->op = WC_EVP_PKEY_OP_VERIFY; return WOLFSSL_SUCCESS; #endif /* HAVE_ECC */ @@ -3264,19 +3264,19 @@ int wolfSSL_EVP_PKEY_verify(WOLFSSL_EVP_PKEY_CTX *ctx, const unsigned char *sig, { WOLFSSL_MSG("wolfSSL_EVP_PKEY_verify"); - if (!ctx || ctx->op != EVP_PKEY_OP_VERIFY || !ctx->pkey) + if (!ctx || ctx->op != WC_EVP_PKEY_OP_VERIFY || !ctx->pkey) return WOLFSSL_FAILURE; switch (ctx->pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: return wolfSSL_RSA_verify_ex(WC_HASH_TYPE_NONE, tbs, (unsigned int)tbslen, sig, (unsigned int)siglen, ctx->pkey->rsa, ctx->padding); #endif /* NO_RSA */ #ifndef NO_DSA - case EVP_PKEY_DSA: { + case WC_EVP_PKEY_DSA: { int dsacheck = 0; if (wolfSSL_DSA_do_verify(tbs, (unsigned char *)sig, ctx->pkey->dsa, &dsacheck) != WOLFSSL_SUCCESS || dsacheck != 1) @@ -3286,7 +3286,7 @@ int wolfSSL_EVP_PKEY_verify(WOLFSSL_EVP_PKEY_CTX *ctx, const unsigned char *sig, #endif /* NO_DSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: { + case WC_EVP_PKEY_EC: { int ret; WOLFSSL_ECDSA_SIG *ecdsaSig = wolfSSL_d2i_ECDSA_SIG( NULL, (const unsigned char **)&sig, (long)siglen); @@ -3334,7 +3334,7 @@ int wolfSSL_EVP_PKEY_CTX_set_ec_paramgen_curve_nid(WOLFSSL_EVP_PKEY_CTX *ctx, { WOLFSSL_ENTER("wolfSSL_EVP_PKEY_CTX_set_ec_paramgen_curve_nid"); #ifdef HAVE_ECC - if (ctx != NULL && ctx->pkey != NULL && ctx->pkey->type == EVP_PKEY_EC) { + if (ctx != NULL && ctx->pkey != NULL && ctx->pkey->type == WC_EVP_PKEY_EC) { ctx->curveNID = nid; return WOLFSSL_SUCCESS; } @@ -3367,7 +3367,7 @@ int wolfSSL_EVP_PKEY_paramgen(WOLFSSL_EVP_PKEY_CTX* ctx, if (ret == WOLFSSL_SUCCESS && *pkey == NULL) { /* Only ECC is supported currently. */ - if (ctx->pkey == NULL || ctx->pkey->type != EVP_PKEY_EC) { + if (ctx->pkey == NULL || ctx->pkey->type != WC_EVP_PKEY_EC) { WOLFSSL_MSG("Key not set or key type not supported."); ret = WOLFSSL_FAILURE; } @@ -3388,7 +3388,7 @@ int wolfSSL_EVP_PKEY_paramgen(WOLFSSL_EVP_PKEY_CTX* ctx, #ifdef HAVE_ECC /* For ECC parameter generation we just need to set the group, which * wolfSSL_EC_KEY_new_by_curve_name will do. */ - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: (*pkey)->ecc = wolfSSL_EC_KEY_new_by_curve_name(ctx->curveNID); if ((*pkey)->ecc == NULL) { WOLFSSL_MSG("Failed to create WOLFSSL_EC_KEY."); @@ -3451,9 +3451,9 @@ int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, pkey = *ppkey; if (pkey == NULL) { if (ctx->pkey == NULL || - (ctx->pkey->type != EVP_PKEY_EC && - ctx->pkey->type != EVP_PKEY_RSA && - ctx->pkey->type != EVP_PKEY_DH)) { + (ctx->pkey->type != WC_EVP_PKEY_EC && + ctx->pkey->type != WC_EVP_PKEY_RSA && + ctx->pkey->type != WC_EVP_PKEY_DH)) { WOLFSSL_MSG("Key not set or key type not supported"); return WOLFSSL_FAILURE; } @@ -3467,7 +3467,7 @@ int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, switch (pkey->type) { #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: pkey->rsa = wolfSSL_RSA_generate_key(ctx->nbits, WC_RSA_EXPONENT, NULL, NULL); if (pkey->rsa) { @@ -3479,7 +3479,7 @@ int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, break; #endif #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: /* pkey->ecc may not be NULL, if, for example, it was populated by a * prior call to wolfSSL_EVP_PKEY_paramgen. */ if (pkey->ecc == NULL) { @@ -3494,7 +3494,7 @@ int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, break; #endif #if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: pkey->dh = wolfSSL_DH_new(); if (pkey->dh) { pkey->ownDh = 1; @@ -3540,12 +3540,12 @@ int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey) switch (pkey->type) { #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: return (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(pkey->rsa)); #endif /* !NO_RSA */ #ifndef NO_DSA - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: if (pkey->dsa == NULL || (!pkey->dsa->exSet && SetDsaExternal(pkey->dsa) != WOLFSSL_SUCCESS)) @@ -3554,7 +3554,7 @@ int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey) #endif #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: if (pkey->ecc == NULL || pkey->ecc->internal == NULL) { WOLFSSL_MSG("No ECC key has been set"); break; @@ -3579,7 +3579,7 @@ int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, return WOLFSSL_FAILURE; } - if (to->type == EVP_PKEY_NONE) { + if (to->type == WC_EVP_PKEY_NONE) { to->type = from->type; } else if (to->type != from->type) { @@ -3589,7 +3589,7 @@ int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, switch(from->type) { #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: if (from->ecc) { if (!to->ecc) { if ((to->ecc = wolfSSL_EC_KEY_new()) == NULL) { @@ -3609,7 +3609,7 @@ int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, break; #endif #ifndef NO_DSA - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: if (from->dsa) { WOLFSSL_BIGNUM* cpy; if (!to->dsa) { @@ -3651,7 +3651,7 @@ int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, break; #endif #ifndef NO_DH - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: if (from->dh) { WOLFSSL_BIGNUM* cpy; if (!to->dh) { @@ -3693,7 +3693,7 @@ int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to, break; #endif #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: #endif default: WOLFSSL_MSG("Copy parameters not available for this key type"); @@ -3740,13 +3740,13 @@ int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b) /* get size based on key type */ switch (a->type) { #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: a_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(a->rsa)); b_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(b->rsa)); break; #endif /* !NO_RSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: if (a->ecc == NULL || a->ecc->internal == NULL || b->ecc == NULL || b->ecc->internal == NULL) { return ret; @@ -3885,23 +3885,23 @@ int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx) type = wolfSSL_EVP_PKEY_type(wolfSSL_EVP_PKEY_base_id(ctx->pkey)); switch (type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: - WOLFSSL_MSG("EVP_PKEY_RSA not yet implemented"); + case WC_EVP_PKEY_RSA: + WOLFSSL_MSG("WC_EVP_PKEY_RSA not yet implemented"); return WOLFSSL_FAILURE; #endif #if defined(HAVE_ECC) - case EVP_PKEY_EC: - WOLFSSL_MSG("EVP_PKEY_EC not yet implemented"); + case WC_EVP_PKEY_EC: + WOLFSSL_MSG("WC_EVP_PKEY_EC not yet implemented"); return WOLFSSL_FAILURE; #endif #if !defined(NO_DSA) - case EVP_PKEY_DSA: - WOLFSSL_MSG("EVP_PKEY_DSA not yet implemented"); + case WC_EVP_PKEY_DSA: + WOLFSSL_MSG("WC_EVP_PKEY_DSA not yet implemented"); return WOLFSSL_FAILURE; #endif #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH) #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM) - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: dh_key = wolfSSL_EVP_PKEY_get1_DH(ctx->pkey); if (dh_key != NULL) { ret = DH_param_check(dh_key); @@ -4001,7 +4001,7 @@ int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret, switch (pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: { + case WC_EVP_PKEY_RSA: { int nid; const WOLFSSL_EVP_MD *ctxmd; @@ -4017,7 +4017,7 @@ int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret, } #endif /* NO_RSA */ #ifndef NO_DSA - case EVP_PKEY_DSA: { + case WC_EVP_PKEY_DSA: { int bytes; ret = wolfSSL_DSA_do_sign(md, sigret, pkey->dsa); /* wolfSSL_DSA_do_sign() can return WOLFSSL_FATAL_ERROR */ @@ -4034,7 +4034,7 @@ int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret, } #endif #ifdef HAVE_ECC - case EVP_PKEY_EC: { + case WC_EVP_PKEY_EC: { WOLFSSL_ECDSA_SIG *ecdsaSig = wolfSSL_ECDSA_do_sign(md, (int)mdsize, pkey->ecc); if (ecdsaSig == NULL) @@ -4115,7 +4115,7 @@ int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, switch (pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: { + case WC_EVP_PKEY_RSA: { int nid; const WOLFSSL_EVP_MD *ctxmd = wolfSSL_EVP_MD_CTX_md(ctx); if (ctxmd == NULL) break; @@ -4126,7 +4126,7 @@ int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, } #endif /* NO_RSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: { + case WC_EVP_PKEY_EC: { WOLFSSL_ECDSA_SIG *ecdsaSig = wolfSSL_d2i_ECDSA_SIG( NULL, (const unsigned char **)&sig, (long)siglen); if (ecdsaSig == NULL) @@ -4137,7 +4137,7 @@ int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, return ret; } #endif - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: WOLFSSL_MSG("not implemented"); FALL_THROUGH; default: @@ -4162,7 +4162,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, WOLFSSL_ENGINE* e, (void)e; - if (type != EVP_PKEY_HMAC || (key == NULL && keylen != 0)) + if (type != WC_EVP_PKEY_HMAC || (key == NULL && keylen != 0)) return NULL; pkey = wolfSSL_EVP_PKEY_new(); @@ -4228,7 +4228,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_CMAC_key(WOLFSSL_ENGINE* e, XMEMCPY(pkey->pkey.ptr, priv, (size_t)len); } pkey->pkey_sz = (int)len; - pkey->type = pkey->save_type = EVP_PKEY_CMAC; + pkey->type = pkey->save_type = WC_EVP_PKEY_CMAC; pkey->cmacCtx = ctx; } } @@ -4354,7 +4354,7 @@ static int wolfSSL_evp_digest_pk_init(WOLFSSL_EVP_MD_CTX *ctx, } } - if (pkey->type == EVP_PKEY_HMAC) { + if (pkey->type == WC_EVP_PKEY_HMAC) { int hashType; int ret; size_t keySz = 0; @@ -4581,7 +4581,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig, } } #ifndef NO_RSA - else if (ctx->pctx->pkey->type == EVP_PKEY_RSA) { + else if (ctx->pctx->pkey->type == WC_EVP_PKEY_RSA) { if (sig == NULL) { *siglen = (size_t)wolfSSL_RSA_size(ctx->pctx->pkey->rsa); return WOLFSSL_SUCCESS; @@ -4589,7 +4589,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig, } #endif /* !NO_RSA */ #ifdef HAVE_ECC - else if (ctx->pctx->pkey->type == EVP_PKEY_EC) { + else if (ctx->pctx->pkey->type == WC_EVP_PKEY_EC) { if (sig == NULL) { /* SEQ + INT + INT */ *siglen = (size_t)ecc_sets[ctx->pctx->pkey->ecc->group->curve_idx]. @@ -4615,7 +4615,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig, /* Sign the digest. */ switch (ctx->pctx->pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: { + case WC_EVP_PKEY_RSA: { unsigned int sigSz = (unsigned int)*siglen; int nid; const WOLFSSL_EVP_MD *md = wolfSSL_EVP_MD_CTX_md(ctx); @@ -4633,7 +4633,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig, #endif /* NO_RSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: { + case WC_EVP_PKEY_EC: { int len; WOLFSSL_ECDSA_SIG *ecdsaSig; ecdsaSig = wolfSSL_ECDSA_do_sign(digest, (int)hashLen, @@ -4718,7 +4718,7 @@ int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, /* Verify the signature with the digest. */ switch (ctx->pctx->pkey->type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: { + case WC_EVP_PKEY_RSA: { int nid; const WOLFSSL_EVP_MD *md = wolfSSL_EVP_MD_CTX_md(ctx); if (md == NULL) @@ -4733,7 +4733,7 @@ int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, #endif /* NO_RSA */ #ifdef HAVE_ECC - case EVP_PKEY_EC: { + case WC_EVP_PKEY_EC: { int ret; WOLFSSL_ECDSA_SIG *ecdsaSig; ecdsaSig = wolfSSL_d2i_ECDSA_SIG(NULL, &sig, (long)siglen); @@ -4955,159 +4955,159 @@ static const struct cipher{ #ifndef NO_AES #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) #ifdef WOLFSSL_AES_128 - {AES_128_CBC_TYPE, EVP_AES_128_CBC, NID_aes_128_cbc}, + {WC_AES_128_CBC_TYPE, EVP_AES_128_CBC, WC_NID_aes_128_cbc}, #endif #ifdef WOLFSSL_AES_192 - {AES_192_CBC_TYPE, EVP_AES_192_CBC, NID_aes_192_cbc}, + {WC_AES_192_CBC_TYPE, EVP_AES_192_CBC, WC_NID_aes_192_cbc}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_CBC_TYPE, EVP_AES_256_CBC, NID_aes_256_cbc}, + {WC_AES_256_CBC_TYPE, EVP_AES_256_CBC, WC_NID_aes_256_cbc}, #endif #endif #ifdef WOLFSSL_AES_CFB #ifdef WOLFSSL_AES_128 - {AES_128_CFB1_TYPE, EVP_AES_128_CFB1, NID_aes_128_cfb1}, + {WC_AES_128_CFB1_TYPE, EVP_AES_128_CFB1, WC_NID_aes_128_cfb1}, #endif #ifdef WOLFSSL_AES_192 - {AES_192_CFB1_TYPE, EVP_AES_192_CFB1, NID_aes_192_cfb1}, + {WC_AES_192_CFB1_TYPE, EVP_AES_192_CFB1, WC_NID_aes_192_cfb1}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_CFB1_TYPE, EVP_AES_256_CFB1, NID_aes_256_cfb1}, + {WC_AES_256_CFB1_TYPE, EVP_AES_256_CFB1, WC_NID_aes_256_cfb1}, #endif #ifdef WOLFSSL_AES_128 - {AES_128_CFB8_TYPE, EVP_AES_128_CFB8, NID_aes_128_cfb8}, + {WC_AES_128_CFB8_TYPE, EVP_AES_128_CFB8, WC_NID_aes_128_cfb8}, #endif #ifdef WOLFSSL_AES_192 - {AES_192_CFB8_TYPE, EVP_AES_192_CFB8, NID_aes_192_cfb8}, + {WC_AES_192_CFB8_TYPE, EVP_AES_192_CFB8, WC_NID_aes_192_cfb8}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_CFB8_TYPE, EVP_AES_256_CFB8, NID_aes_256_cfb8}, + {WC_AES_256_CFB8_TYPE, EVP_AES_256_CFB8, WC_NID_aes_256_cfb8}, #endif #ifdef WOLFSSL_AES_128 - {AES_128_CFB128_TYPE, EVP_AES_128_CFB128, NID_aes_128_cfb128}, + {WC_AES_128_CFB128_TYPE, EVP_AES_128_CFB128, WC_NID_aes_128_cfb128}, #endif #ifdef WOLFSSL_AES_192 - {AES_192_CFB128_TYPE, EVP_AES_192_CFB128, NID_aes_192_cfb128}, + {WC_AES_192_CFB128_TYPE, EVP_AES_192_CFB128, WC_NID_aes_192_cfb128}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_CFB128_TYPE, EVP_AES_256_CFB128, NID_aes_256_cfb128}, + {WC_AES_256_CFB128_TYPE, EVP_AES_256_CFB128, WC_NID_aes_256_cfb128}, #endif #endif #ifdef WOLFSSL_AES_OFB #ifdef WOLFSSL_AES_128 - {AES_128_OFB_TYPE, EVP_AES_128_OFB, NID_aes_128_ofb}, + {WC_AES_128_OFB_TYPE, EVP_AES_128_OFB, WC_NID_aes_128_ofb}, #endif #ifdef WOLFSSL_AES_192 - {AES_192_OFB_TYPE, EVP_AES_192_OFB, NID_aes_192_ofb}, + {WC_AES_192_OFB_TYPE, EVP_AES_192_OFB, WC_NID_aes_192_ofb}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_OFB_TYPE, EVP_AES_256_OFB, NID_aes_256_ofb}, + {WC_AES_256_OFB_TYPE, EVP_AES_256_OFB, WC_NID_aes_256_ofb}, #endif #endif #if defined(WOLFSSL_AES_XTS) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) #ifdef WOLFSSL_AES_128 - {AES_128_XTS_TYPE, EVP_AES_128_XTS, NID_aes_128_xts}, + {WC_AES_128_XTS_TYPE, EVP_AES_128_XTS, WC_NID_aes_128_xts}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_XTS_TYPE, EVP_AES_256_XTS, NID_aes_256_xts}, + {WC_AES_256_XTS_TYPE, EVP_AES_256_XTS, WC_NID_aes_256_xts}, #endif #endif #ifdef HAVE_AESGCM #ifdef WOLFSSL_AES_128 - {AES_128_GCM_TYPE, EVP_AES_128_GCM, NID_aes_128_gcm}, + {WC_AES_128_GCM_TYPE, EVP_AES_128_GCM, WC_NID_aes_128_gcm}, #endif #ifdef WOLFSSL_AES_192 - {AES_192_GCM_TYPE, EVP_AES_192_GCM, NID_aes_192_gcm}, + {WC_AES_192_GCM_TYPE, EVP_AES_192_GCM, WC_NID_aes_192_gcm}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_GCM_TYPE, EVP_AES_256_GCM, NID_aes_256_gcm}, + {WC_AES_256_GCM_TYPE, EVP_AES_256_GCM, WC_NID_aes_256_gcm}, #endif #endif #ifdef HAVE_AESCCM #ifdef WOLFSSL_AES_128 - {AES_128_CCM_TYPE, EVP_AES_128_CCM, NID_aes_128_ccm}, + {WC_AES_128_CCM_TYPE, EVP_AES_128_CCM, WC_NID_aes_128_ccm}, #endif #ifdef WOLFSSL_AES_192 - {AES_192_CCM_TYPE, EVP_AES_192_CCM, NID_aes_192_ccm}, + {WC_AES_192_CCM_TYPE, EVP_AES_192_CCM, WC_NID_aes_192_ccm}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_CCM_TYPE, EVP_AES_256_CCM, NID_aes_256_ccm}, + {WC_AES_256_CCM_TYPE, EVP_AES_256_CCM, WC_NID_aes_256_ccm}, #endif #endif #ifdef WOLFSSL_AES_COUNTER #ifdef WOLFSSL_AES_128 - {AES_128_CTR_TYPE, EVP_AES_128_CTR, NID_aes_128_ctr}, + {WC_AES_128_CTR_TYPE, EVP_AES_128_CTR, WC_NID_aes_128_ctr}, #endif #ifdef WOLFSSL_AES_192 - {AES_192_CTR_TYPE, EVP_AES_192_CTR, NID_aes_192_ctr}, + {WC_AES_192_CTR_TYPE, EVP_AES_192_CTR, WC_NID_aes_192_ctr}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_CTR_TYPE, EVP_AES_256_CTR, NID_aes_256_ctr}, + {WC_AES_256_CTR_TYPE, EVP_AES_256_CTR, WC_NID_aes_256_ctr}, #endif #endif #ifdef HAVE_AES_ECB #ifdef WOLFSSL_AES_128 - {AES_128_ECB_TYPE, EVP_AES_128_ECB, NID_aes_128_ecb}, + {WC_AES_128_ECB_TYPE, EVP_AES_128_ECB, WC_NID_aes_128_ecb}, #endif #ifdef WOLFSSL_AES_192 - {AES_192_ECB_TYPE, EVP_AES_192_ECB, NID_aes_192_ecb}, + {WC_AES_192_ECB_TYPE, EVP_AES_192_ECB, WC_NID_aes_192_ecb}, #endif #ifdef WOLFSSL_AES_256 - {AES_256_ECB_TYPE, EVP_AES_256_ECB, NID_aes_256_ecb}, + {WC_AES_256_ECB_TYPE, EVP_AES_256_ECB, WC_NID_aes_256_ecb}, #endif #endif #endif #ifdef HAVE_ARIA - {ARIA_128_GCM_TYPE, EVP_ARIA_128_GCM, NID_aria_128_gcm}, - {ARIA_192_GCM_TYPE, EVP_ARIA_192_GCM, NID_aria_192_gcm}, - {ARIA_256_GCM_TYPE, EVP_ARIA_256_GCM, NID_aria_256_gcm}, + {WC_ARIA_128_GCM_TYPE, EVP_ARIA_128_GCM, WC_NID_aria_128_gcm}, + {WC_ARIA_192_GCM_TYPE, EVP_ARIA_192_GCM, WC_NID_aria_192_gcm}, + {WC_ARIA_256_GCM_TYPE, EVP_ARIA_256_GCM, WC_NID_aria_256_gcm}, #endif #ifndef NO_DES3 - {DES_CBC_TYPE, EVP_DES_CBC, NID_des_cbc}, - {DES_ECB_TYPE, EVP_DES_ECB, NID_des_ecb}, + {WC_DES_CBC_TYPE, EVP_DES_CBC, WC_NID_des_cbc}, + {WC_DES_ECB_TYPE, EVP_DES_ECB, WC_NID_des_ecb}, - {DES_EDE3_CBC_TYPE, EVP_DES_EDE3_CBC, NID_des_ede3_cbc}, - {DES_EDE3_ECB_TYPE, EVP_DES_EDE3_ECB, NID_des_ede3_ecb}, + {WC_DES_EDE3_CBC_TYPE, EVP_DES_EDE3_CBC, WC_NID_des_ede3_cbc}, + {WC_DES_EDE3_ECB_TYPE, EVP_DES_EDE3_ECB, WC_NID_des_ede3_ecb}, #endif #ifndef NO_RC4 - {ARC4_TYPE, EVP_ARC4, NID_undef}, + {WC_ARC4_TYPE, EVP_ARC4, WC_NID_undef}, #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - {CHACHA20_POLY1305_TYPE, EVP_CHACHA20_POLY1305, NID_chacha20_poly1305}, + {WC_CHACHA20_POLY1305_TYPE, EVP_CHACHA20_POLY1305, WC_NID_chacha20_poly1305}, #endif #ifdef HAVE_CHACHA - {CHACHA20_TYPE, EVP_CHACHA20, NID_chacha20}, + {WC_CHACHA20_TYPE, EVP_CHACHA20, WC_NID_chacha20}, #endif #ifdef WOLFSSL_SM4_ECB - {SM4_ECB_TYPE, EVP_SM4_ECB, NID_sm4_ecb}, + {WC_SM4_ECB_TYPE, EVP_SM4_ECB, WC_NID_sm4_ecb}, #endif #ifdef WOLFSSL_SM4_CBC - {SM4_CBC_TYPE, EVP_SM4_CBC, NID_sm4_cbc}, + {WC_SM4_CBC_TYPE, EVP_SM4_CBC, WC_NID_sm4_cbc}, #endif #ifdef WOLFSSL_SM4_CTR - {SM4_CTR_TYPE, EVP_SM4_CTR, NID_sm4_ctr}, + {WC_SM4_CTR_TYPE, EVP_SM4_CTR, WC_NID_sm4_ctr}, #endif #ifdef WOLFSSL_SM4_GCM - {SM4_GCM_TYPE, EVP_SM4_GCM, NID_sm4_gcm}, + {WC_SM4_GCM_TYPE, EVP_SM4_GCM, WC_NID_sm4_gcm}, #endif #ifdef WOLFSSL_SM4_CCM - {SM4_CCM_TYPE, EVP_SM4_CCM, NID_sm4_ccm}, + {WC_SM4_CCM_TYPE, EVP_SM4_CCM, WC_NID_sm4_ccm}, #endif { 0, NULL, 0} @@ -5293,128 +5293,128 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id) #ifndef NO_AES #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) #ifdef WOLFSSL_AES_128 - case NID_aes_128_cbc: + case WC_NID_aes_128_cbc: return wolfSSL_EVP_aes_128_cbc(); #endif #ifdef WOLFSSL_AES_192 - case NID_aes_192_cbc: + case WC_NID_aes_192_cbc: return wolfSSL_EVP_aes_192_cbc(); #endif #ifdef WOLFSSL_AES_256 - case NID_aes_256_cbc: + case WC_NID_aes_256_cbc: return wolfSSL_EVP_aes_256_cbc(); #endif #endif #ifdef WOLFSSL_AES_COUNTER #ifdef WOLFSSL_AES_128 - case NID_aes_128_ctr: + case WC_NID_aes_128_ctr: return wolfSSL_EVP_aes_128_ctr(); #endif #ifdef WOLFSSL_AES_192 - case NID_aes_192_ctr: + case WC_NID_aes_192_ctr: return wolfSSL_EVP_aes_192_ctr(); #endif #ifdef WOLFSSL_AES_256 - case NID_aes_256_ctr: + case WC_NID_aes_256_ctr: return wolfSSL_EVP_aes_256_ctr(); #endif #endif /* WOLFSSL_AES_COUNTER */ #ifdef HAVE_AES_ECB #ifdef WOLFSSL_AES_128 - case NID_aes_128_ecb: + case WC_NID_aes_128_ecb: return wolfSSL_EVP_aes_128_ecb(); #endif #ifdef WOLFSSL_AES_192 - case NID_aes_192_ecb: + case WC_NID_aes_192_ecb: return wolfSSL_EVP_aes_192_ecb(); #endif #ifdef WOLFSSL_AES_256 - case NID_aes_256_ecb: + case WC_NID_aes_256_ecb: return wolfSSL_EVP_aes_256_ecb(); #endif #endif /* HAVE_AES_ECB */ #ifdef HAVE_AESGCM #ifdef WOLFSSL_AES_128 - case NID_aes_128_gcm: + case WC_NID_aes_128_gcm: return wolfSSL_EVP_aes_128_gcm(); #endif #ifdef WOLFSSL_AES_192 - case NID_aes_192_gcm: + case WC_NID_aes_192_gcm: return wolfSSL_EVP_aes_192_gcm(); #endif #ifdef WOLFSSL_AES_256 - case NID_aes_256_gcm: + case WC_NID_aes_256_gcm: return wolfSSL_EVP_aes_256_gcm(); #endif #endif #ifdef HAVE_AESCCM #ifdef WOLFSSL_AES_128 - case NID_aes_128_ccm: + case WC_NID_aes_128_ccm: return wolfSSL_EVP_aes_128_ccm(); #endif #ifdef WOLFSSL_AES_192 - case NID_aes_192_ccm: + case WC_NID_aes_192_ccm: return wolfSSL_EVP_aes_192_ccm(); #endif #ifdef WOLFSSL_AES_256 - case NID_aes_256_ccm: + case WC_NID_aes_256_ccm: return wolfSSL_EVP_aes_256_ccm(); #endif #endif #endif #ifdef HAVE_ARIA - case NID_aria_128_gcm: + case WC_NID_aria_128_gcm: return wolfSSL_EVP_aria_128_gcm(); - case NID_aria_192_gcm: + case WC_NID_aria_192_gcm: return wolfSSL_EVP_aria_192_gcm(); - case NID_aria_256_gcm: + case WC_NID_aria_256_gcm: return wolfSSL_EVP_aria_256_gcm(); #endif #ifndef NO_DES3 - case NID_des_cbc: + case WC_NID_des_cbc: return wolfSSL_EVP_des_cbc(); #ifdef WOLFSSL_DES_ECB - case NID_des_ecb: + case WC_NID_des_ecb: return wolfSSL_EVP_des_ecb(); #endif - case NID_des_ede3_cbc: + case WC_NID_des_ede3_cbc: return wolfSSL_EVP_des_ede3_cbc(); #ifdef WOLFSSL_DES_ECB - case NID_des_ede3_ecb: + case WC_NID_des_ede3_ecb: return wolfSSL_EVP_des_ede3_ecb(); #endif #endif /*NO_DES3*/ #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case NID_chacha20_poly1305: + case WC_NID_chacha20_poly1305: return wolfSSL_EVP_chacha20_poly1305(); #endif #ifdef HAVE_CHACHA - case NID_chacha20: + case WC_NID_chacha20: return wolfSSL_EVP_chacha20(); #endif #ifdef WOLFSSL_SM4_ECB - case NID_sm4_ecb: + case WC_NID_sm4_ecb: return wolfSSL_EVP_sm4_ecb(); #endif #ifdef WOLFSSL_SM4_CBC - case NID_sm4_cbc: + case WC_NID_sm4_cbc: return wolfSSL_EVP_sm4_cbc(); #endif #ifdef WOLFSSL_SM4_CTR - case NID_sm4_ctr: + case WC_NID_sm4_ctr: return wolfSSL_EVP_sm4_ctr(); #endif #ifdef WOLFSSL_SM4_GCM - case NID_sm4_gcm: + case WC_NID_sm4_gcm: return wolfSSL_EVP_sm4_gcm(); #endif #ifdef WOLFSSL_SM4_CCM - case NID_sm4_ccm: + case WC_NID_sm4_ccm: return wolfSSL_EVP_sm4_ccm(); #endif @@ -5992,22 +5992,22 @@ void wolfSSL_EVP_init(void) WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_ctrl"); switch(type) { - case EVP_CTRL_INIT: + case WOLFSSL_EVP_CTRL_INIT: wolfSSL_EVP_CIPHER_CTX_init(ctx); if(ctx) ret = WOLFSSL_SUCCESS; break; - case EVP_CTRL_SET_KEY_LENGTH: + case WOLFSSL_EVP_CTRL_SET_KEY_LENGTH: ret = wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, arg); break; #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA) || \ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM) || \ (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) - case EVP_CTRL_AEAD_SET_IVLEN: + case WOLFSSL_EVP_CTRL_AEAD_SET_IVLEN: if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0) break; #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - if (ctx->cipherType == CHACHA20_POLY1305_TYPE) { + if (ctx->cipherType == WC_CHACHA20_POLY1305_TYPE) { if (arg != CHACHA20_POLY1305_AEAD_IV_SIZE) { break; } @@ -6015,7 +6015,7 @@ void wolfSSL_EVP_init(void) else #endif /* HAVE_CHACHA && HAVE_POLY1305 */ #if defined(WOLFSSL_SM4_GCM) - if (ctx->cipherType == SM4_GCM_TYPE) { + if (ctx->cipherType == WC_SM4_GCM_TYPE) { if (arg <= 0 || arg > SM4_BLOCK_SIZE) { break; } @@ -6023,7 +6023,7 @@ void wolfSSL_EVP_init(void) else #endif #if defined(WOLFSSL_SM4_CCM) - if (ctx->cipherType == SM4_CCM_TYPE) { + if (ctx->cipherType == WC_SM4_CCM_TYPE) { if (arg <= 0 || arg > SM4_BLOCK_SIZE) { break; } @@ -6039,7 +6039,7 @@ void wolfSSL_EVP_init(void) #if defined(HAVE_AESGCM) || defined(WOLFSSL_SM4_GCM) || \ (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) - case EVP_CTRL_AEAD_SET_IV_FIXED: + case WOLFSSL_EVP_CTRL_AEAD_SET_IV_FIXED: if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0) break; if (arg == -1) { @@ -6098,7 +6098,7 @@ void wolfSSL_EVP_init(void) * EVP_CipherInit between each iteration. The IV is incremented for * each subsequent EVP_Cipher call to prevent IV reuse. */ - case EVP_CTRL_GCM_IV_GEN: + case WOLFSSL_EVP_CTRL_GCM_IV_GEN: if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0) break; if (!ctx->authIvGenEnable) { @@ -6134,11 +6134,11 @@ void wolfSSL_EVP_init(void) break; #endif /* (HAVE_AESGCM || WOLFSSL_SM4_GCM) && !_WIN32 && !HAVE_SELFTEST && * !HAVE_FIPS || FIPS_VERSION >= 2)*/ - case EVP_CTRL_AEAD_SET_TAG: + case WOLFSSL_EVP_CTRL_AEAD_SET_TAG: if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0) break; #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - if (ctx->cipherType == CHACHA20_POLY1305_TYPE) { + if (ctx->cipherType == WC_CHACHA20_POLY1305_TYPE) { if (arg != CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE) { break; } @@ -6152,7 +6152,7 @@ void wolfSSL_EVP_init(void) else #endif /* HAVE_CHACHA && HAVE_POLY1305 */ #if defined(WOLFSSL_SM4_GCM) - if (ctx->cipherType == SM4_GCM_TYPE) { + if (ctx->cipherType == WC_SM4_GCM_TYPE) { if ((arg <= 0) || (arg > SM4_BLOCK_SIZE) || (ptr == NULL)) { break; } @@ -6165,7 +6165,7 @@ void wolfSSL_EVP_init(void) else #endif #if defined(WOLFSSL_SM4_CCM) - if (ctx->cipherType == SM4_CCM_TYPE) { + if (ctx->cipherType == WC_SM4_CCM_TYPE) { if ((arg <= 0) || (arg > SM4_BLOCK_SIZE) || (ptr == NULL)) { break; } @@ -6186,12 +6186,12 @@ void wolfSSL_EVP_init(void) ret = WOLFSSL_SUCCESS; break; } - case EVP_CTRL_AEAD_GET_TAG: + case WOLFSSL_EVP_CTRL_AEAD_GET_TAG: if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0) break; #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - if (ctx->cipherType == CHACHA20_POLY1305_TYPE) { + if (ctx->cipherType == WC_CHACHA20_POLY1305_TYPE) { if (arg != CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE) { break; } @@ -6199,7 +6199,7 @@ void wolfSSL_EVP_init(void) else #endif /* HAVE_CHACHA && HAVE_POLY1305 */ #if defined(WOLFSSL_SM4_GCM) - if (ctx->cipherType == SM4_GCM_TYPE) { + if (ctx->cipherType == WC_SM4_GCM_TYPE) { if (arg <= 0 || arg > SM4_BLOCK_SIZE) { break; } @@ -6207,7 +6207,7 @@ void wolfSSL_EVP_init(void) else #endif #if defined(WOLFSSL_SM4_CCM) - if (ctx->cipherType == SM4_CCM_TYPE) { + if (ctx->cipherType == WC_SM4_CCM_TYPE) { if (arg <= 0 || arg > SM4_BLOCK_SIZE) { break; } @@ -6252,62 +6252,62 @@ void wolfSSL_EVP_init(void) defined(WOLFSSL_AES_XTS) #if defined(HAVE_AESGCM) - case AES_128_GCM_TYPE: - case AES_192_GCM_TYPE: - case AES_256_GCM_TYPE: + case WC_AES_128_GCM_TYPE: + case WC_AES_192_GCM_TYPE: + case WC_AES_256_GCM_TYPE: #endif /* HAVE_AESGCM */ #if defined(HAVE_AESCCM) - case AES_128_CCM_TYPE: - case AES_192_CCM_TYPE: - case AES_256_CCM_TYPE: + case WC_AES_128_CCM_TYPE: + case WC_AES_192_CCM_TYPE: + case WC_AES_256_CCM_TYPE: #endif /* HAVE_AESCCM */ #ifdef HAVE_AES_CBC - case AES_128_CBC_TYPE: - case AES_192_CBC_TYPE: - case AES_256_CBC_TYPE: + case WC_AES_128_CBC_TYPE: + case WC_AES_192_CBC_TYPE: + case WC_AES_256_CBC_TYPE: #endif #ifdef WOLFSSL_AES_COUNTER - case AES_128_CTR_TYPE: - case AES_192_CTR_TYPE: - case AES_256_CTR_TYPE: + case WC_AES_128_CTR_TYPE: + case WC_AES_192_CTR_TYPE: + case WC_AES_256_CTR_TYPE: #endif #ifdef HAVE_AES_ECB - case AES_128_ECB_TYPE: - case AES_192_ECB_TYPE: - case AES_256_ECB_TYPE: + case WC_AES_128_ECB_TYPE: + case WC_AES_192_ECB_TYPE: + case WC_AES_256_ECB_TYPE: #endif #ifdef WOLFSSL_AES_CFB - case AES_128_CFB1_TYPE: - case AES_192_CFB1_TYPE: - case AES_256_CFB1_TYPE: - case AES_128_CFB8_TYPE: - case AES_192_CFB8_TYPE: - case AES_256_CFB8_TYPE: - case AES_128_CFB128_TYPE: - case AES_192_CFB128_TYPE: - case AES_256_CFB128_TYPE: + case WC_AES_128_CFB1_TYPE: + case WC_AES_192_CFB1_TYPE: + case WC_AES_256_CFB1_TYPE: + case WC_AES_128_CFB8_TYPE: + case WC_AES_192_CFB8_TYPE: + case WC_AES_256_CFB8_TYPE: + case WC_AES_128_CFB128_TYPE: + case WC_AES_192_CFB128_TYPE: + case WC_AES_256_CFB128_TYPE: #endif #ifdef WOLFSSL_AES_OFB - case AES_128_OFB_TYPE: - case AES_192_OFB_TYPE: - case AES_256_OFB_TYPE: + case WC_AES_128_OFB_TYPE: + case WC_AES_192_OFB_TYPE: + case WC_AES_256_OFB_TYPE: #endif wc_AesFree(&ctx->cipher.aes); ctx->flags &= ~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED; break; #if defined(WOLFSSL_AES_XTS) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) - case AES_128_XTS_TYPE: - case AES_256_XTS_TYPE: + case WC_AES_128_XTS_TYPE: + case WC_AES_256_XTS_TYPE: wc_AesXtsFree(&ctx->cipher.xts); ctx->flags &= ~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED; break; #endif #endif /* AES */ #ifdef HAVE_ARIA - case ARIA_128_GCM_TYPE: - case ARIA_192_GCM_TYPE: - case ARIA_256_GCM_TYPE: + case WC_ARIA_128_GCM_TYPE: + case WC_ARIA_192_GCM_TYPE: + case WC_ARIA_256_GCM_TYPE: { int result = wc_AriaFreeCrypt(&ctx->cipher.aria); if (result != 0) { @@ -6324,19 +6324,19 @@ void wolfSSL_EVP_init(void) #ifdef WOLFSSL_SM4 switch (ctx->cipherType) { #ifdef WOLFSSL_SM4_ECB - case SM4_ECB_TYPE: + case WC_SM4_ECB_TYPE: #endif #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE: + case WC_SM4_CBC_TYPE: #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE: + case WC_SM4_CTR_TYPE: #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: + case WC_SM4_GCM_TYPE: #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: + case WC_SM4_CCM_TYPE: #endif wc_Sm4Free(&ctx->cipher.sm4); } @@ -6505,26 +6505,26 @@ void wolfSSL_EVP_init(void) } #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_GCM_TYPE || + if (ctx->cipherType == WC_AES_128_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_GCM))) { WOLFSSL_MSG("EVP_AES_128_GCM"); - ctx->cipherType = AES_128_GCM_TYPE; + ctx->cipherType = WC_AES_128_GCM_TYPE; ctx->keyLen = AES_128_KEY_SIZE; } #endif #ifdef WOLFSSL_AES_192 - if (ctx->cipherType == AES_192_GCM_TYPE || + if (ctx->cipherType == WC_AES_192_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_GCM))) { WOLFSSL_MSG("EVP_AES_192_GCM"); - ctx->cipherType = AES_192_GCM_TYPE; + ctx->cipherType = WC_AES_192_GCM_TYPE; ctx->keyLen = AES_192_KEY_SIZE; } #endif #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_GCM_TYPE || + if (ctx->cipherType == WC_AES_256_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_GCM))) { WOLFSSL_MSG("EVP_AES_256_GCM"); - ctx->cipherType = AES_256_GCM_TYPE; + ctx->cipherType = WC_AES_256_GCM_TYPE; ctx->keyLen = AES_256_KEY_SIZE; } #endif @@ -6710,26 +6710,26 @@ void wolfSSL_EVP_init(void) } #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_CCM_TYPE || + if (ctx->cipherType == WC_AES_128_CCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CCM))) { WOLFSSL_MSG("EVP_AES_128_CCM"); - ctx->cipherType = AES_128_CCM_TYPE; + ctx->cipherType = WC_AES_128_CCM_TYPE; ctx->keyLen = AES_128_KEY_SIZE; } #endif #ifdef WOLFSSL_AES_192 - if (ctx->cipherType == AES_192_CCM_TYPE || + if (ctx->cipherType == WC_AES_192_CCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CCM))) { WOLFSSL_MSG("EVP_AES_192_CCM"); - ctx->cipherType = AES_192_CCM_TYPE; + ctx->cipherType = WC_AES_192_CCM_TYPE; ctx->keyLen = AES_192_KEY_SIZE; } #endif #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_CCM_TYPE || + if (ctx->cipherType == WC_AES_256_CCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CCM))) { WOLFSSL_MSG("EVP_AES_256_CCM"); - ctx->cipherType = AES_256_CCM_TYPE; + ctx->cipherType = WC_AES_256_CCM_TYPE; ctx->keyLen = AES_256_KEY_SIZE; } #endif @@ -6822,20 +6822,20 @@ void wolfSSL_EVP_init(void) { int ret = WOLFSSL_SUCCESS; - if (ctx->cipherType == ARIA_128_GCM_TYPE || + if (ctx->cipherType == WC_ARIA_128_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_128_GCM))) { WOLFSSL_MSG("EVP_ARIA_128_GCM"); - ctx->cipherType = ARIA_128_GCM_TYPE; + ctx->cipherType = WC_ARIA_128_GCM_TYPE; ctx->keyLen = ARIA_128_KEY_SIZE; - } else if (ctx->cipherType == ARIA_192_GCM_TYPE || + } else if (ctx->cipherType == WC_ARIA_192_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_192_GCM))) { WOLFSSL_MSG("EVP_ARIA_192_GCM"); - ctx->cipherType = ARIA_192_GCM_TYPE; + ctx->cipherType = WC_ARIA_192_GCM_TYPE; ctx->keyLen = ARIA_192_KEY_SIZE; - } else if (ctx->cipherType == ARIA_256_GCM_TYPE || + } else if (ctx->cipherType == WC_ARIA_256_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_256_GCM))) { WOLFSSL_MSG("EVP_ARIA_256_GCM"); - ctx->cipherType = ARIA_256_GCM_TYPE; + ctx->cipherType = WC_ARIA_256_GCM_TYPE; ctx->keyLen = ARIA_256_KEY_SIZE; } else { WOLFSSL_MSG("Unrecognized cipher type"); @@ -6859,13 +6859,13 @@ void wolfSSL_EVP_init(void) } switch(ctx->cipherType) { - case ARIA_128_GCM_TYPE: + case WC_ARIA_128_GCM_TYPE: ret = wc_AriaInitCrypt(&ctx->cipher.aria, MC_ALGID_ARIA_128BITKEY); break; - case ARIA_192_GCM_TYPE: + case WC_ARIA_192_GCM_TYPE: ret = wc_AriaInitCrypt(&ctx->cipher.aria, MC_ALGID_ARIA_192BITKEY); break; - case ARIA_256_GCM_TYPE: + case WC_ARIA_256_GCM_TYPE: ret = wc_AriaInitCrypt(&ctx->cipher.aria, MC_ALGID_ARIA_256BITKEY); break; default: @@ -6931,10 +6931,10 @@ void wolfSSL_EVP_init(void) #ifndef NO_AES #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_CBC_TYPE || + if (ctx->cipherType == WC_AES_128_CBC_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CBC))) { WOLFSSL_MSG("EVP_AES_128_CBC"); - ctx->cipherType = AES_128_CBC_TYPE; + ctx->cipherType = WC_AES_128_CBC_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; ctx->keyLen = 16; @@ -6961,10 +6961,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 - if (ctx->cipherType == AES_192_CBC_TYPE || + if (ctx->cipherType == WC_AES_192_CBC_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CBC))) { WOLFSSL_MSG("EVP_AES_192_CBC"); - ctx->cipherType = AES_192_CBC_TYPE; + ctx->cipherType = WC_AES_192_CBC_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; ctx->keyLen = 24; @@ -6991,10 +6991,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_CBC_TYPE || + if (ctx->cipherType == WC_AES_256_CBC_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CBC))) { WOLFSSL_MSG("EVP_AES_256_CBC"); - ctx->cipherType = AES_256_CBC_TYPE; + ctx->cipherType = WC_AES_256_CBC_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; ctx->keyLen = 32; @@ -7029,15 +7029,15 @@ void wolfSSL_EVP_init(void) || FIPS_VERSION_GE(2,0)) if (FALSE #ifdef WOLFSSL_AES_128 - || ctx->cipherType == AES_128_GCM_TYPE || + || ctx->cipherType == WC_AES_128_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_GCM)) #endif #ifdef WOLFSSL_AES_192 - || ctx->cipherType == AES_192_GCM_TYPE || + || ctx->cipherType == WC_AES_192_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_GCM)) #endif #ifdef WOLFSSL_AES_256 - || ctx->cipherType == AES_256_GCM_TYPE || + || ctx->cipherType == WC_AES_256_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_GCM)) #endif ) { @@ -7053,15 +7053,15 @@ void wolfSSL_EVP_init(void) || FIPS_VERSION_GE(2,0)) if (FALSE #ifdef WOLFSSL_AES_128 - || ctx->cipherType == AES_128_CCM_TYPE || + || ctx->cipherType == WC_AES_128_CCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CCM)) #endif #ifdef WOLFSSL_AES_192 - || ctx->cipherType == AES_192_CCM_TYPE || + || ctx->cipherType == WC_AES_192_CCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CCM)) #endif #ifdef WOLFSSL_AES_256 - || ctx->cipherType == AES_256_CCM_TYPE || + || ctx->cipherType == WC_AES_256_CCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CCM)) #endif ) @@ -7075,14 +7075,14 @@ void wolfSSL_EVP_init(void) * HAVE_FIPS_VERSION >= 2 */ #ifdef WOLFSSL_AES_COUNTER #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_CTR_TYPE || + if (ctx->cipherType == WC_AES_128_CTR_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CTR))) { WOLFSSL_MSG("EVP_AES_128_CTR"); ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; - ctx->cipherType = AES_128_CTR_TYPE; + ctx->cipherType = WC_AES_128_CTR_TYPE; ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE; ctx->keyLen = 16; - ctx->block_size = NO_PADDING_BLOCK_SIZE; + ctx->block_size = WOLFSSL_NO_PADDING_BLOCK_SIZE; ctx->ivSz = AES_BLOCK_SIZE; #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) ctx->cipher.aes.left = 0; @@ -7108,14 +7108,14 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 - if (ctx->cipherType == AES_192_CTR_TYPE || + if (ctx->cipherType == WC_AES_192_CTR_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CTR))) { WOLFSSL_MSG("EVP_AES_192_CTR"); - ctx->cipherType = AES_192_CTR_TYPE; + ctx->cipherType = WC_AES_192_CTR_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE; ctx->keyLen = 24; - ctx->block_size = NO_PADDING_BLOCK_SIZE; + ctx->block_size = WOLFSSL_NO_PADDING_BLOCK_SIZE; ctx->ivSz = AES_BLOCK_SIZE; #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) ctx->cipher.aes.left = 0; @@ -7141,14 +7141,14 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_CTR_TYPE || + if (ctx->cipherType == WC_AES_256_CTR_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CTR))) { WOLFSSL_MSG("EVP_AES_256_CTR"); - ctx->cipherType = AES_256_CTR_TYPE; + ctx->cipherType = WC_AES_256_CTR_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE; ctx->keyLen = 32; - ctx->block_size = NO_PADDING_BLOCK_SIZE; + ctx->block_size = WOLFSSL_NO_PADDING_BLOCK_SIZE; ctx->ivSz = AES_BLOCK_SIZE; #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) ctx->cipher.aes.left = 0; @@ -7176,10 +7176,10 @@ void wolfSSL_EVP_init(void) #endif /* WOLFSSL_AES_COUNTER */ #ifdef HAVE_AES_ECB #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_ECB_TYPE || + if (ctx->cipherType == WC_AES_128_ECB_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_ECB))) { WOLFSSL_MSG("EVP_AES_128_ECB"); - ctx->cipherType = AES_128_ECB_TYPE; + ctx->cipherType = WC_AES_128_ECB_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; ctx->keyLen = 16; @@ -7200,10 +7200,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 - if (ctx->cipherType == AES_192_ECB_TYPE || + if (ctx->cipherType == WC_AES_192_ECB_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_ECB))) { WOLFSSL_MSG("EVP_AES_192_ECB"); - ctx->cipherType = AES_192_ECB_TYPE; + ctx->cipherType = WC_AES_192_ECB_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; ctx->keyLen = 24; @@ -7224,10 +7224,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_ECB_TYPE || + if (ctx->cipherType == WC_AES_256_ECB_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_ECB))) { WOLFSSL_MSG("EVP_AES_256_ECB"); - ctx->cipherType = AES_256_ECB_TYPE; + ctx->cipherType = WC_AES_256_ECB_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; ctx->keyLen = 32; @@ -7250,10 +7250,10 @@ void wolfSSL_EVP_init(void) #endif /* HAVE_AES_ECB */ #ifdef WOLFSSL_AES_CFB #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_CFB1_TYPE || + if (ctx->cipherType == WC_AES_128_CFB1_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB1))) { WOLFSSL_MSG("EVP_AES_128_CFB1"); - ctx->cipherType = AES_128_CFB1_TYPE; + ctx->cipherType = WC_AES_128_CFB1_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE; ctx->keyLen = 16; @@ -7279,10 +7279,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 - if (ctx->cipherType == AES_192_CFB1_TYPE || + if (ctx->cipherType == WC_AES_192_CFB1_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB1))) { WOLFSSL_MSG("EVP_AES_192_CFB1"); - ctx->cipherType = AES_192_CFB1_TYPE; + ctx->cipherType = WC_AES_192_CFB1_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE; ctx->keyLen = 24; @@ -7308,10 +7308,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_CFB1_TYPE || + if (ctx->cipherType == WC_AES_256_CFB1_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB1))) { WOLFSSL_MSG("EVP_AES_256_CFB1"); - ctx->cipherType = AES_256_CFB1_TYPE; + ctx->cipherType = WC_AES_256_CFB1_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE; ctx->keyLen = 32; @@ -7341,10 +7341,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_256 */ #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_CFB8_TYPE || + if (ctx->cipherType == WC_AES_128_CFB8_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB8))) { WOLFSSL_MSG("EVP_AES_128_CFB8"); - ctx->cipherType = AES_128_CFB8_TYPE; + ctx->cipherType = WC_AES_128_CFB8_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE; ctx->keyLen = 16; @@ -7370,10 +7370,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 - if (ctx->cipherType == AES_192_CFB8_TYPE || + if (ctx->cipherType == WC_AES_192_CFB8_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB8))) { WOLFSSL_MSG("EVP_AES_192_CFB8"); - ctx->cipherType = AES_192_CFB8_TYPE; + ctx->cipherType = WC_AES_192_CFB8_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE; ctx->keyLen = 24; @@ -7399,10 +7399,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_CFB8_TYPE || + if (ctx->cipherType == WC_AES_256_CFB8_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB8))) { WOLFSSL_MSG("EVP_AES_256_CFB8"); - ctx->cipherType = AES_256_CFB8_TYPE; + ctx->cipherType = WC_AES_256_CFB8_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE; ctx->keyLen = 32; @@ -7432,10 +7432,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_256 */ #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_CFB128_TYPE || + if (ctx->cipherType == WC_AES_128_CFB128_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB128))) { WOLFSSL_MSG("EVP_AES_128_CFB128"); - ctx->cipherType = AES_128_CFB128_TYPE; + ctx->cipherType = WC_AES_128_CFB128_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE; ctx->keyLen = 16; @@ -7461,10 +7461,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 - if (ctx->cipherType == AES_192_CFB128_TYPE || + if (ctx->cipherType == WC_AES_192_CFB128_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB128))) { WOLFSSL_MSG("EVP_AES_192_CFB128"); - ctx->cipherType = AES_192_CFB128_TYPE; + ctx->cipherType = WC_AES_192_CFB128_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE; ctx->keyLen = 24; @@ -7490,10 +7490,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_CFB128_TYPE || + if (ctx->cipherType == WC_AES_256_CFB128_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB128))) { WOLFSSL_MSG("EVP_AES_256_CFB128"); - ctx->cipherType = AES_256_CFB128_TYPE; + ctx->cipherType = WC_AES_256_CFB128_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE; ctx->keyLen = 32; @@ -7525,10 +7525,10 @@ void wolfSSL_EVP_init(void) #endif /* WOLFSSL_AES_CFB */ #ifdef WOLFSSL_AES_OFB #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_OFB_TYPE || + if (ctx->cipherType == WC_AES_128_OFB_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_OFB))) { WOLFSSL_MSG("EVP_AES_128_OFB"); - ctx->cipherType = AES_128_OFB_TYPE; + ctx->cipherType = WC_AES_128_OFB_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE; ctx->keyLen = 16; @@ -7554,10 +7554,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 - if (ctx->cipherType == AES_192_OFB_TYPE || + if (ctx->cipherType == WC_AES_192_OFB_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_OFB))) { WOLFSSL_MSG("EVP_AES_192_OFB"); - ctx->cipherType = AES_192_OFB_TYPE; + ctx->cipherType = WC_AES_192_OFB_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE; ctx->keyLen = 24; @@ -7583,10 +7583,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_OFB_TYPE || + if (ctx->cipherType == WC_AES_256_OFB_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_OFB))) { WOLFSSL_MSG("EVP_AES_256_OFB"); - ctx->cipherType = AES_256_OFB_TYPE; + ctx->cipherType = WC_AES_256_OFB_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE; ctx->keyLen = 32; @@ -7619,10 +7619,10 @@ void wolfSSL_EVP_init(void) #if defined(WOLFSSL_AES_XTS) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) #ifdef WOLFSSL_AES_128 - if (ctx->cipherType == AES_128_XTS_TYPE || + if (ctx->cipherType == WC_AES_128_XTS_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_XTS))) { WOLFSSL_MSG("EVP_AES_128_XTS"); - ctx->cipherType = AES_128_XTS_TYPE; + ctx->cipherType = WC_AES_128_XTS_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE; ctx->keyLen = 32; @@ -7660,10 +7660,10 @@ void wolfSSL_EVP_init(void) } #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_256 - if (ctx->cipherType == AES_256_XTS_TYPE || + if (ctx->cipherType == WC_AES_256_XTS_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_XTS))) { WOLFSSL_MSG("EVP_AES_256_XTS"); - ctx->cipherType = AES_256_XTS_TYPE; + ctx->cipherType = WC_AES_256_XTS_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE; ctx->keyLen = 64; @@ -7704,11 +7704,11 @@ void wolfSSL_EVP_init(void) (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */ #endif /* NO_AES */ #if defined(HAVE_ARIA) - if (ctx->cipherType == ARIA_128_GCM_TYPE || + if (ctx->cipherType == WC_ARIA_128_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_128_GCM)) - || ctx->cipherType == ARIA_192_GCM_TYPE || + || ctx->cipherType == WC_ARIA_192_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_192_GCM)) - || ctx->cipherType == ARIA_256_GCM_TYPE || + || ctx->cipherType == WC_ARIA_256_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_256_GCM)) ) { if (EvpCipherInitAriaGCM(ctx, type, key, iv, enc) @@ -7721,10 +7721,10 @@ void wolfSSL_EVP_init(void) #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - if (ctx->cipherType == CHACHA20_POLY1305_TYPE || + if (ctx->cipherType == WC_CHACHA20_POLY1305_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_CHACHA20_POLY1305))) { WOLFSSL_MSG("EVP_CHACHA20_POLY1305"); - ctx->cipherType = CHACHA20_POLY1305_TYPE; + ctx->cipherType = WC_CHACHA20_POLY1305_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; ctx->keyLen = CHACHA20_POLY1305_AEAD_KEYSIZE; @@ -7758,10 +7758,10 @@ void wolfSSL_EVP_init(void) } #endif #ifdef HAVE_CHACHA - if (ctx->cipherType == CHACHA20_TYPE || + if (ctx->cipherType == WC_CHACHA20_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_CHACHA20))) { WOLFSSL_MSG("EVP_CHACHA20"); - ctx->cipherType = CHACHA20_TYPE; + ctx->cipherType = WC_CHACHA20_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->keyLen = CHACHA_MAX_KEY_SZ; ctx->block_size = 1; @@ -7791,10 +7791,10 @@ void wolfSSL_EVP_init(void) } #endif #ifdef WOLFSSL_SM4_ECB - if (ctx->cipherType == SM4_ECB_TYPE || + if (ctx->cipherType == WC_SM4_ECB_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_ECB))) { WOLFSSL_MSG("EVP_SM4_ECB"); - ctx->cipherType = SM4_ECB_TYPE; + ctx->cipherType = WC_SM4_ECB_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; ctx->keyLen = SM4_KEY_SIZE; @@ -7810,10 +7810,10 @@ void wolfSSL_EVP_init(void) } #endif #ifdef WOLFSSL_SM4_CBC - if (ctx->cipherType == SM4_CBC_TYPE || + if (ctx->cipherType == WC_SM4_CBC_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_CBC))) { WOLFSSL_MSG("EVP_SM4_CBC"); - ctx->cipherType = SM4_CBC_TYPE; + ctx->cipherType = WC_SM4_CBC_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; ctx->keyLen = SM4_KEY_SIZE; @@ -7836,14 +7836,14 @@ void wolfSSL_EVP_init(void) } #endif #ifdef WOLFSSL_SM4_CTR - if (ctx->cipherType == SM4_CTR_TYPE || + if (ctx->cipherType == WC_SM4_CTR_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_CTR))) { WOLFSSL_MSG("EVP_SM4_CTR"); - ctx->cipherType = SM4_CTR_TYPE; + ctx->cipherType = WC_SM4_CTR_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE; ctx->keyLen = SM4_KEY_SIZE; - ctx->block_size = NO_PADDING_BLOCK_SIZE; + ctx->block_size = WOLFSSL_NO_PADDING_BLOCK_SIZE; ctx->ivSz = SM4_BLOCK_SIZE; if (enc == 0 || enc == 1) ctx->enc = enc ? 1 : 0; @@ -7862,14 +7862,14 @@ void wolfSSL_EVP_init(void) } #endif #ifdef WOLFSSL_SM4_GCM - if (ctx->cipherType == SM4_GCM_TYPE || + if (ctx->cipherType == WC_SM4_GCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_GCM))) { WOLFSSL_MSG("EVP_SM4_GCM"); - ctx->cipherType = SM4_GCM_TYPE; + ctx->cipherType = WC_SM4_GCM_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE | WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; - ctx->block_size = NO_PADDING_BLOCK_SIZE; + ctx->block_size = WOLFSSL_NO_PADDING_BLOCK_SIZE; ctx->keyLen = SM4_KEY_SIZE; if (ctx->ivSz == 0) { ctx->ivSz = GCM_NONCE_MID_SZ; @@ -7892,14 +7892,14 @@ void wolfSSL_EVP_init(void) } #endif #ifdef WOLFSSL_SM4_CCM - if (ctx->cipherType == SM4_CCM_TYPE || + if (ctx->cipherType == WC_SM4_CCM_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_CCM))) { WOLFSSL_MSG("EVP_SM4_CCM"); - ctx->cipherType = SM4_CCM_TYPE; + ctx->cipherType = WC_SM4_CCM_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CCM_MODE | WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; - ctx->block_size = NO_PADDING_BLOCK_SIZE; + ctx->block_size = WOLFSSL_NO_PADDING_BLOCK_SIZE; ctx->keyLen = SM4_KEY_SIZE; if (ctx->ivSz == 0) { ctx->ivSz = GCM_NONCE_MID_SZ; @@ -7922,10 +7922,10 @@ void wolfSSL_EVP_init(void) } #endif #ifndef NO_DES3 - if (ctx->cipherType == DES_CBC_TYPE || + if (ctx->cipherType == WC_DES_CBC_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_CBC))) { WOLFSSL_MSG("EVP_DES_CBC"); - ctx->cipherType = DES_CBC_TYPE; + ctx->cipherType = WC_DES_CBC_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; ctx->keyLen = 8; @@ -7944,10 +7944,10 @@ void wolfSSL_EVP_init(void) wc_Des_SetIV(&ctx->cipher.des, iv); } #ifdef WOLFSSL_DES_ECB - else if (ctx->cipherType == DES_ECB_TYPE || + else if (ctx->cipherType == WC_DES_ECB_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_ECB))) { WOLFSSL_MSG("EVP_DES_ECB"); - ctx->cipherType = DES_ECB_TYPE; + ctx->cipherType = WC_DES_ECB_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; ctx->keyLen = 8; @@ -7963,11 +7963,11 @@ void wolfSSL_EVP_init(void) } } #endif - else if (ctx->cipherType == DES_EDE3_CBC_TYPE || + else if (ctx->cipherType == WC_DES_EDE3_CBC_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_CBC))) { WOLFSSL_MSG("EVP_DES_EDE3_CBC"); - ctx->cipherType = DES_EDE3_CBC_TYPE; + ctx->cipherType = WC_DES_EDE3_CBC_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE; ctx->keyLen = 24; @@ -7988,11 +7988,11 @@ void wolfSSL_EVP_init(void) return WOLFSSL_FAILURE; } } - else if (ctx->cipherType == DES_EDE3_ECB_TYPE || + else if (ctx->cipherType == WC_DES_EDE3_ECB_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_ECB))) { WOLFSSL_MSG("EVP_DES_EDE3_ECB"); - ctx->cipherType = DES_EDE3_ECB_TYPE; + ctx->cipherType = WC_DES_EDE3_ECB_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE; ctx->keyLen = 24; @@ -8008,10 +8008,10 @@ void wolfSSL_EVP_init(void) } #endif /* NO_DES3 */ #ifndef NO_RC4 - if (ctx->cipherType == ARC4_TYPE || + if (ctx->cipherType == WC_ARC4_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARC4))) { WOLFSSL_MSG("ARC4"); - ctx->cipherType = ARC4_TYPE; + ctx->cipherType = WC_ARC4_TYPE; ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_STREAM_CIPHER; ctx->block_size = 1; @@ -8021,10 +8021,10 @@ void wolfSSL_EVP_init(void) wc_Arc4SetKey(&ctx->cipher.arc4, key, (word32)ctx->keyLen); } #endif /* NO_RC4 */ - if (ctx->cipherType == NULL_CIPHER_TYPE || + if (ctx->cipherType == WC_NULL_CIPHER_TYPE || (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_NULL))) { WOLFSSL_MSG("NULL cipher"); - ctx->cipherType = NULL_CIPHER_TYPE; + ctx->cipherType = WC_NULL_CIPHER_TYPE; ctx->keyLen = 0; ctx->block_size = 16; } @@ -8045,120 +8045,120 @@ void wolfSSL_EVP_init(void) WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_nid"); if (ctx == NULL) { WOLFSSL_ERROR_MSG("Bad parameters"); - return NID_undef; + return WC_NID_undef; } switch (ctx->cipherType) { #ifndef NO_AES #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) - case AES_128_CBC_TYPE : - return NID_aes_128_cbc; - case AES_192_CBC_TYPE : - return NID_aes_192_cbc; - case AES_256_CBC_TYPE : - return NID_aes_256_cbc; + case WC_AES_128_CBC_TYPE : + return WC_NID_aes_128_cbc; + case WC_AES_192_CBC_TYPE : + return WC_NID_aes_192_cbc; + case WC_AES_256_CBC_TYPE : + return WC_NID_aes_256_cbc; #endif #ifdef HAVE_AESGCM - case AES_128_GCM_TYPE : - return NID_aes_128_gcm; - case AES_192_GCM_TYPE : - return NID_aes_192_gcm; - case AES_256_GCM_TYPE : - return NID_aes_256_gcm; + case WC_AES_128_GCM_TYPE : + return WC_NID_aes_128_gcm; + case WC_AES_192_GCM_TYPE : + return WC_NID_aes_192_gcm; + case WC_AES_256_GCM_TYPE : + return WC_NID_aes_256_gcm; #endif #ifdef HAVE_AESCCM - case AES_128_CCM_TYPE : - return NID_aes_128_ccm; - case AES_192_CCM_TYPE : - return NID_aes_192_ccm; - case AES_256_CCM_TYPE : - return NID_aes_256_ccm; + case WC_AES_128_CCM_TYPE : + return WC_NID_aes_128_ccm; + case WC_AES_192_CCM_TYPE : + return WC_NID_aes_192_ccm; + case WC_AES_256_CCM_TYPE : + return WC_NID_aes_256_ccm; #endif #ifdef HAVE_AES_ECB - case AES_128_ECB_TYPE : - return NID_aes_128_ecb; - case AES_192_ECB_TYPE : - return NID_aes_192_ecb; - case AES_256_ECB_TYPE : - return NID_aes_256_ecb; + case WC_AES_128_ECB_TYPE : + return WC_NID_aes_128_ecb; + case WC_AES_192_ECB_TYPE : + return WC_NID_aes_192_ecb; + case WC_AES_256_ECB_TYPE : + return WC_NID_aes_256_ecb; #endif #ifdef WOLFSSL_AES_COUNTER - case AES_128_CTR_TYPE : - return NID_aes_128_ctr; - case AES_192_CTR_TYPE : - return NID_aes_192_ctr; - case AES_256_CTR_TYPE : - return NID_aes_256_ctr; + case WC_AES_128_CTR_TYPE : + return WC_NID_aes_128_ctr; + case WC_AES_192_CTR_TYPE : + return WC_NID_aes_192_ctr; + case WC_AES_256_CTR_TYPE : + return WC_NID_aes_256_ctr; #endif #endif /* NO_AES */ #ifdef HAVE_ARIA - case ARIA_128_GCM_TYPE : - return NID_aria_128_gcm; - case ARIA_192_GCM_TYPE : - return NID_aria_192_gcm; - case ARIA_256_GCM_TYPE : - return NID_aria_256_gcm; + case WC_ARIA_128_GCM_TYPE : + return WC_NID_aria_128_gcm; + case WC_ARIA_192_GCM_TYPE : + return WC_NID_aria_192_gcm; + case WC_ARIA_256_GCM_TYPE : + return WC_NID_aria_256_gcm; #endif #ifndef NO_DES3 - case DES_CBC_TYPE : - return NID_des_cbc; + case WC_DES_CBC_TYPE : + return WC_NID_des_cbc; - case DES_EDE3_CBC_TYPE : - return NID_des_ede3_cbc; + case WC_DES_EDE3_CBC_TYPE : + return WC_NID_des_ede3_cbc; #endif #ifdef WOLFSSL_DES_ECB - case DES_ECB_TYPE : - return NID_des_ecb; - case DES_EDE3_ECB_TYPE : - return NID_des_ede3_ecb; + case WC_DES_ECB_TYPE : + return WC_NID_des_ecb; + case WC_DES_EDE3_ECB_TYPE : + return WC_NID_des_ede3_ecb; #endif - case ARC4_TYPE : - return NID_rc4; + case WC_ARC4_TYPE : + return WC_NID_rc4; #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case CHACHA20_POLY1305_TYPE: - return NID_chacha20_poly1305; + case WC_CHACHA20_POLY1305_TYPE: + return WC_NID_chacha20_poly1305; #endif #ifdef HAVE_CHACHA - case CHACHA20_TYPE: - return NID_chacha20; + case WC_CHACHA20_TYPE: + return WC_NID_chacha20; #endif #ifdef WOLFSSL_SM4_ECB - case SM4_ECB_TYPE: - return NID_sm4_ecb; + case WC_SM4_ECB_TYPE: + return WC_NID_sm4_ecb; #endif #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE: - return NID_sm4_cbc; + case WC_SM4_CBC_TYPE: + return WC_NID_sm4_cbc; #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE: - return NID_sm4_ctr; + case WC_SM4_CTR_TYPE: + return WC_NID_sm4_ctr; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE: - return NID_sm4_gcm; + case WC_SM4_GCM_TYPE: + return WC_NID_sm4_gcm; #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE: - return NID_sm4_ccm; + case WC_SM4_CCM_TYPE: + return WC_NID_sm4_ccm; #endif - case NULL_CIPHER_TYPE : + case WC_NULL_CIPHER_TYPE : WOLFSSL_ERROR_MSG("Null cipher has no NID"); FALL_THROUGH; default: - return NID_undef; + return WC_NID_undef; } } @@ -8253,17 +8253,17 @@ void wolfSSL_EVP_init(void) static int IsCipherTypeAEAD(unsigned char cipherType) { switch (cipherType) { - case AES_128_GCM_TYPE: - case AES_192_GCM_TYPE: - case AES_256_GCM_TYPE: - case AES_128_CCM_TYPE: - case AES_192_CCM_TYPE: - case AES_256_CCM_TYPE: - case ARIA_128_GCM_TYPE: - case ARIA_192_GCM_TYPE: - case ARIA_256_GCM_TYPE: - case SM4_GCM_TYPE: - case SM4_CCM_TYPE: + case WC_AES_128_GCM_TYPE: + case WC_AES_192_GCM_TYPE: + case WC_AES_256_GCM_TYPE: + case WC_AES_128_CCM_TYPE: + case WC_AES_192_CCM_TYPE: + case WC_AES_256_CCM_TYPE: + case WC_ARIA_128_GCM_TYPE: + case WC_ARIA_192_GCM_TYPE: + case WC_ARIA_256_GCM_TYPE: + case WC_SM4_GCM_TYPE: + case WC_SM4_CCM_TYPE: return 1; default: return 0; @@ -8303,9 +8303,9 @@ void wolfSSL_EVP_init(void) #ifndef NO_AES #ifdef HAVE_AES_CBC - case AES_128_CBC_TYPE : - case AES_192_CBC_TYPE : - case AES_256_CBC_TYPE : + case WC_AES_128_CBC_TYPE : + case WC_AES_192_CBC_TYPE : + case WC_AES_256_CBC_TYPE : WOLFSSL_MSG("AES CBC"); if (ctx->enc) ret = wc_AesCbcEncrypt(&ctx->cipher.aes, dst, src, len); @@ -8318,9 +8318,9 @@ void wolfSSL_EVP_init(void) #ifdef WOLFSSL_AES_CFB #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - case AES_128_CFB1_TYPE: - case AES_192_CFB1_TYPE: - case AES_256_CFB1_TYPE: + case WC_AES_128_CFB1_TYPE: + case WC_AES_192_CFB1_TYPE: + case WC_AES_256_CFB1_TYPE: WOLFSSL_MSG("AES CFB1"); if (ctx->enc) ret = wc_AesCfb1Encrypt(&ctx->cipher.aes, dst, src, len); @@ -8329,9 +8329,9 @@ void wolfSSL_EVP_init(void) if (ret == 0) ret = (int)len; break; - case AES_128_CFB8_TYPE: - case AES_192_CFB8_TYPE: - case AES_256_CFB8_TYPE: + case WC_AES_128_CFB8_TYPE: + case WC_AES_192_CFB8_TYPE: + case WC_AES_256_CFB8_TYPE: WOLFSSL_MSG("AES CFB8"); if (ctx->enc) ret = wc_AesCfb8Encrypt(&ctx->cipher.aes, dst, src, len); @@ -8341,9 +8341,9 @@ void wolfSSL_EVP_init(void) ret = (int)len; break; #endif /* !HAVE_SELFTEST && !HAVE_FIPS */ - case AES_128_CFB128_TYPE: - case AES_192_CFB128_TYPE: - case AES_256_CFB128_TYPE: + case WC_AES_128_CFB128_TYPE: + case WC_AES_192_CFB128_TYPE: + case WC_AES_256_CFB128_TYPE: WOLFSSL_MSG("AES CFB128"); if (ctx->enc) ret = wc_AesCfbEncrypt(&ctx->cipher.aes, dst, src, len); @@ -8354,9 +8354,9 @@ void wolfSSL_EVP_init(void) break; #endif /* WOLFSSL_AES_CFB */ #if defined(WOLFSSL_AES_OFB) - case AES_128_OFB_TYPE: - case AES_192_OFB_TYPE: - case AES_256_OFB_TYPE: + case WC_AES_128_OFB_TYPE: + case WC_AES_192_OFB_TYPE: + case WC_AES_256_OFB_TYPE: WOLFSSL_MSG("AES OFB"); if (ctx->enc) ret = wc_AesOfbEncrypt(&ctx->cipher.aes, dst, src, len); @@ -8367,8 +8367,8 @@ void wolfSSL_EVP_init(void) break; #endif /* WOLFSSL_AES_OFB */ #if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) - case AES_128_XTS_TYPE: - case AES_256_XTS_TYPE: + case WC_AES_128_XTS_TYPE: + case WC_AES_256_XTS_TYPE: WOLFSSL_MSG("AES XTS"); if (ctx->enc) ret = wc_AesXtsEncrypt(&ctx->cipher.xts, dst, src, len, @@ -8383,9 +8383,9 @@ void wolfSSL_EVP_init(void) #if defined(HAVE_AESGCM) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \ || FIPS_VERSION_GE(2,0)) - case AES_128_GCM_TYPE : - case AES_192_GCM_TYPE : - case AES_256_GCM_TYPE : + case WC_AES_128_GCM_TYPE : + case WC_AES_192_GCM_TYPE : + case WC_AES_256_GCM_TYPE : WOLFSSL_MSG("AES GCM"); ret = EvpCipherAesGCM(ctx, dst, src, len); break; @@ -8393,18 +8393,18 @@ void wolfSSL_EVP_init(void) * HAVE_FIPS_VERSION >= 2 */ #if defined(HAVE_AESCCM) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \ || FIPS_VERSION_GE(2,0)) - case AES_128_CCM_TYPE : - case AES_192_CCM_TYPE : - case AES_256_CCM_TYPE : + case WC_AES_128_CCM_TYPE : + case WC_AES_192_CCM_TYPE : + case WC_AES_256_CCM_TYPE : WOLFSSL_MSG("AES CCM"); ret = EvpCipherAesCCM(ctx, dst, src, len); break; #endif /* HAVE_AESCCM && ((!HAVE_FIPS && !HAVE_SELFTEST) || * HAVE_FIPS_VERSION >= 2 */ #ifdef HAVE_AES_ECB - case AES_128_ECB_TYPE : - case AES_192_ECB_TYPE : - case AES_256_ECB_TYPE : + case WC_AES_128_ECB_TYPE : + case WC_AES_192_ECB_TYPE : + case WC_AES_256_ECB_TYPE : WOLFSSL_MSG("AES ECB"); if (ctx->enc) ret = wc_AesEcbEncrypt(&ctx->cipher.aes, dst, src, len); @@ -8415,9 +8415,9 @@ void wolfSSL_EVP_init(void) break; #endif #ifdef WOLFSSL_AES_COUNTER - case AES_128_CTR_TYPE : - case AES_192_CTR_TYPE : - case AES_256_CTR_TYPE : + case WC_AES_128_CTR_TYPE : + case WC_AES_192_CTR_TYPE : + case WC_AES_256_CTR_TYPE : WOLFSSL_MSG("AES CTR"); ret = wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len); if (ret == 0) @@ -8428,9 +8428,9 @@ void wolfSSL_EVP_init(void) #if defined(HAVE_ARIA) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \ || FIPS_VERSION_GE(2,0)) - case ARIA_128_GCM_TYPE : - case ARIA_192_GCM_TYPE : - case ARIA_256_GCM_TYPE : + case WC_ARIA_128_GCM_TYPE : + case WC_ARIA_192_GCM_TYPE : + case WC_ARIA_256_GCM_TYPE : WOLFSSL_MSG("ARIA GCM"); if (ctx->enc) { ret = wc_AriaEncrypt(&ctx->cipher.aria, dst, src, len, @@ -8447,7 +8447,7 @@ void wolfSSL_EVP_init(void) * HAVE_FIPS_VERSION >= 2 */ #ifndef NO_DES3 - case DES_CBC_TYPE : + case WC_DES_CBC_TYPE : WOLFSSL_MSG("DES CBC"); if (ctx->enc) wc_Des_CbcEncrypt(&ctx->cipher.des, dst, src, len); @@ -8456,7 +8456,7 @@ void wolfSSL_EVP_init(void) if (ret == 0) ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE); break; - case DES_EDE3_CBC_TYPE : + case WC_DES_EDE3_CBC_TYPE : WOLFSSL_MSG("DES3 CBC"); if (ctx->enc) ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, dst, src, len); @@ -8466,13 +8466,13 @@ void wolfSSL_EVP_init(void) ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE); break; #ifdef WOLFSSL_DES_ECB - case DES_ECB_TYPE : + case WC_DES_ECB_TYPE : WOLFSSL_MSG("DES ECB"); ret = wc_Des_EcbEncrypt(&ctx->cipher.des, dst, src, len); if (ret == 0) ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE); break; - case DES_EDE3_ECB_TYPE : + case WC_DES_EDE3_ECB_TYPE : WOLFSSL_MSG("DES3 ECB"); ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, dst, src, len); if (ret == 0) @@ -8482,7 +8482,7 @@ void wolfSSL_EVP_init(void) #endif /* !NO_DES3 */ #ifndef NO_RC4 - case ARC4_TYPE : + case WC_ARC4_TYPE : WOLFSSL_MSG("ARC4"); wc_Arc4Process(&ctx->cipher.arc4, dst, src, len); if (ret == 0) @@ -8493,7 +8493,7 @@ void wolfSSL_EVP_init(void) /* TODO: Chacha??? */ #ifdef WOLFSSL_SM4_ECB - case SM4_ECB_TYPE : + case WC_SM4_ECB_TYPE : WOLFSSL_MSG("Sm4 ECB"); if (ctx->enc) ret = wc_Sm4EcbEncrypt(&ctx->cipher.sm4, dst, src, len); @@ -8504,7 +8504,7 @@ void wolfSSL_EVP_init(void) break; #endif #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE : + case WC_SM4_CBC_TYPE : WOLFSSL_MSG("Sm4 CBC"); if (ctx->enc) ret = wc_Sm4CbcEncrypt(&ctx->cipher.sm4, dst, src, len); @@ -8515,7 +8515,7 @@ void wolfSSL_EVP_init(void) break; #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE : + case WC_SM4_CTR_TYPE : WOLFSSL_MSG("AES CTR"); ret = wc_Sm4CtrEncrypt(&ctx->cipher.sm4, dst, src, len); if (ret == 0) @@ -8523,7 +8523,7 @@ void wolfSSL_EVP_init(void) break; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE : + case WC_SM4_GCM_TYPE : WOLFSSL_MSG("SM4 GCM"); /* No destination means only AAD. */ if (src != NULL && dst == NULL) { @@ -8551,7 +8551,7 @@ void wolfSSL_EVP_init(void) break; #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE : + case WC_SM4_CCM_TYPE : WOLFSSL_MSG("SM4 CCM"); /* No destination means only AAD. */ if (src != NULL && dst == NULL) { @@ -8592,7 +8592,7 @@ void wolfSSL_EVP_init(void) break; #endif - case NULL_CIPHER_TYPE : + case WC_NULL_CIPHER_TYPE : WOLFSSL_MSG("NULL CIPHER"); XMEMCPY(dst, src, (size_t)len); ret = (int)len; @@ -8805,7 +8805,7 @@ int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *key) clearEVPPkeyKeys(pkey); pkey->rsa = key; pkey->ownRsa = 1; /* pkey does not own RSA but needs to call free on it */ - pkey->type = EVP_PKEY_RSA; + pkey->type = WC_EVP_PKEY_RSA; pkey->pkcs8HeaderSz = key->pkcs8HeaderSz; if (key->inSet == 0) { if (SetRsaInternal(key) != WOLFSSL_SUCCESS) { @@ -8851,7 +8851,7 @@ int wolfSSL_EVP_PKEY_set1_DSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DSA *key) clearEVPPkeyKeys(pkey); pkey->dsa = key; pkey->ownDsa = 0; /* pkey does not own DSA */ - pkey->type = EVP_PKEY_DSA; + pkey->type = WC_EVP_PKEY_DSA; if (key->inSet == 0) { if (SetDsaInternal(key) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("SetDsaInternal failed"); @@ -8929,13 +8929,13 @@ WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY* key) return NULL; } - if (key->type == EVP_PKEY_DSA) { + if (key->type == WC_EVP_PKEY_DSA) { if (wolfSSL_DSA_LoadDer(local, (const unsigned char*)key->pkey.ptr, - key->pkey_sz) != SSL_SUCCESS) { + key->pkey_sz) != WOLFSSL_SUCCESS) { /* now try public key */ if (wolfSSL_DSA_LoadDer_ex(local, (const unsigned char*)key->pkey.ptr, key->pkey_sz, - WOLFSSL_DSA_LOAD_PUBLIC) != SSL_SUCCESS) { + WOLFSSL_DSA_LOAD_PUBLIC) != WOLFSSL_SUCCESS) { wolfSSL_DSA_free(local); local = NULL; } @@ -8954,7 +8954,7 @@ WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY* key) WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get0_EC_KEY(WOLFSSL_EVP_PKEY *pkey) { WOLFSSL_EC_KEY *eckey = NULL; - if (pkey && pkey->type == EVP_PKEY_EC) { + if (pkey && pkey->type == WC_EVP_PKEY_EC) { #ifdef HAVE_ECC eckey = pkey->ecc; #endif @@ -8967,10 +8967,10 @@ WOLFSSL_EC_KEY* wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY* key) WOLFSSL_EC_KEY* local = NULL; WOLFSSL_ENTER("wolfSSL_EVP_PKEY_get1_EC_KEY"); - if (key == NULL || key->type != EVP_PKEY_EC) { + if (key == NULL || key->type != WC_EVP_PKEY_EC) { return NULL; } - if (key->type == EVP_PKEY_EC) { + if (key->type == WC_EVP_PKEY_EC) { if (key->ecc != NULL) { if (wolfSSL_EC_KEY_up_ref(key->ecc) != WOLFSSL_SUCCESS) { return NULL; @@ -9035,7 +9035,7 @@ int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key) pkey->dh = key; pkey->ownDh = 1; /* pkey does not own DH but needs to call free on it */ - pkey->type = EVP_PKEY_DH; + pkey->type = WC_EVP_PKEY_DH; if (key->inSet == 0) { if (SetDhInternal(key) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("SetDhInternal failed"); @@ -9109,7 +9109,7 @@ WOLFSSL_DH* wolfSSL_EVP_PKEY_get1_DH(WOLFSSL_EVP_PKEY* key) return NULL; } - if (key->type == EVP_PKEY_DH) { + if (key->type == WC_EVP_PKEY_DH) { /* if key->dh already exists copy instead of re-importing from DER */ if (key->dh != NULL) { if (wolfSSL_DH_up_ref(key->dh) != WOLFSSL_SUCCESS) { @@ -9126,7 +9126,7 @@ WOLFSSL_DH* wolfSSL_EVP_PKEY_get1_DH(WOLFSSL_EVP_PKEY* key) return NULL; } if (wolfSSL_DH_LoadDer(local, (const unsigned char*)key->pkey.ptr, - key->pkey_sz) != SSL_SUCCESS) { + key->pkey_sz) != WOLFSSL_SUCCESS) { wolfSSL_DH_free(local); WOLFSSL_MSG("Error wolfSSL_DH_LoadDer"); local = NULL; @@ -9156,22 +9156,22 @@ int wolfSSL_EVP_PKEY_assign(WOLFSSL_EVP_PKEY *pkey, int type, void *key) /* pkey and key checked if NULL in subsequent assign functions */ switch(type) { #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: ret = wolfSSL_EVP_PKEY_assign_RSA(pkey, (WOLFSSL_RSA*)key); break; #endif #ifndef NO_DSA - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: ret = wolfSSL_EVP_PKEY_assign_DSA(pkey, (WOLFSSL_DSA*)key); break; #endif #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: ret = wolfSSL_EVP_PKEY_assign_EC_KEY(pkey, (WOLFSSL_EC_KEY*)key); break; #endif #ifndef NO_DH - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: ret = wolfSSL_EVP_PKEY_assign_DH(pkey, (WOLFSSL_DH*)key); break; #endif @@ -9186,7 +9186,7 @@ int wolfSSL_EVP_PKEY_assign(WOLFSSL_EVP_PKEY *pkey, int type, void *key) #if defined(HAVE_ECC) /* try and populate public pkey_sz and pkey.ptr */ -static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key) +static int ECC_populate_EVP_PKEY(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_EC_KEY *key) { int derSz = 0; byte* derBuf = NULL; @@ -9295,7 +9295,7 @@ int wolfSSL_EVP_PKEY_set1_EC_KEY(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_EC_KEY *key) } pkey->ecc = key; pkey->ownEcc = 1; /* pkey needs to call free on key */ - pkey->type = EVP_PKEY_EC; + pkey->type = WC_EVP_PKEY_EC; return ECC_populate_EVP_PKEY(pkey, key); #else (void)pkey; @@ -9310,7 +9310,7 @@ void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx) if (ctx) { switch (ctx->cipherType) { - case ARC4_TYPE: + case WC_ARC4_TYPE: WOLFSSL_MSG("returning arc4 state"); return (void*)&ctx->cipher.arc4.x; @@ -9322,7 +9322,7 @@ void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx) return NULL; } -int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key) +int wolfSSL_EVP_PKEY_assign_EC_KEY(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_EC_KEY* key) { int ret; @@ -9334,7 +9334,7 @@ int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key) if (ret == WOLFSSL_SUCCESS) { /* take ownership of key if can be used */ clearEVPPkeyKeys(pkey); /* clear out any previous keys */ - pkey->type = EVP_PKEY_EC; + pkey->type = WC_EVP_PKEY_EC; pkey->ecc = key; pkey->ownEcc = 1; } @@ -9360,22 +9360,22 @@ int wolfSSL_EVP_MD_pkey_type(const WOLFSSL_EVP_MD* type) if (type != NULL) { if (XSTRCMP(type, "MD5") == 0) { - ret = NID_md5WithRSAEncryption; + ret = WC_NID_md5WithRSAEncryption; } else if (XSTRCMP(type, "SHA1") == 0) { - ret = NID_sha1WithRSAEncryption; + ret = WC_NID_sha1WithRSAEncryption; } else if (XSTRCMP(type, "SHA224") == 0) { - ret = NID_sha224WithRSAEncryption; + ret = WC_NID_sha224WithRSAEncryption; } else if (XSTRCMP(type, "SHA256") == 0) { - ret = NID_sha256WithRSAEncryption; + ret = WC_NID_sha256WithRSAEncryption; } else if (XSTRCMP(type, "SHA384") == 0) { - ret = NID_sha384WithRSAEncryption; + ret = WC_NID_sha384WithRSAEncryption; } else if (XSTRCMP(type, "SHA512") == 0) { - ret = NID_sha512WithRSAEncryption; + ret = WC_NID_sha512WithRSAEncryption; } } else { @@ -9401,18 +9401,18 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx) switch (ctx->cipherType) { #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) - case AES_128_CBC_TYPE : - case AES_192_CBC_TYPE : - case AES_256_CBC_TYPE : + case WC_AES_128_CBC_TYPE : + case WC_AES_192_CBC_TYPE : + case WC_AES_256_CBC_TYPE : WOLFSSL_MSG("AES CBC"); return AES_BLOCK_SIZE; #endif #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifdef HAVE_AESGCM - case AES_128_GCM_TYPE : - case AES_192_GCM_TYPE : - case AES_256_GCM_TYPE : + case WC_AES_128_GCM_TYPE : + case WC_AES_192_GCM_TYPE : + case WC_AES_256_GCM_TYPE : WOLFSSL_MSG("AES GCM"); if (ctx->ivSz != 0) { return ctx->ivSz; @@ -9420,9 +9420,9 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx) return GCM_NONCE_MID_SZ; #endif #ifdef HAVE_AESCCM - case AES_128_CCM_TYPE : - case AES_192_CCM_TYPE : - case AES_256_CCM_TYPE : + case WC_AES_128_CCM_TYPE : + case WC_AES_192_CCM_TYPE : + case WC_AES_256_CCM_TYPE : WOLFSSL_MSG("AES CCM"); if (ctx->ivSz != 0) { return ctx->ivSz; @@ -9431,62 +9431,62 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx) #endif #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION >= 2 */ #ifdef WOLFSSL_AES_COUNTER - case AES_128_CTR_TYPE : - case AES_192_CTR_TYPE : - case AES_256_CTR_TYPE : + case WC_AES_128_CTR_TYPE : + case WC_AES_192_CTR_TYPE : + case WC_AES_256_CTR_TYPE : WOLFSSL_MSG("AES CTR"); return AES_BLOCK_SIZE; #endif #ifndef NO_DES3 - case DES_CBC_TYPE : + case WC_DES_CBC_TYPE : WOLFSSL_MSG("DES CBC"); return DES_BLOCK_SIZE; - case DES_EDE3_CBC_TYPE : + case WC_DES_EDE3_CBC_TYPE : WOLFSSL_MSG("DES EDE3 CBC"); return DES_BLOCK_SIZE; #endif #ifndef NO_RC4 - case ARC4_TYPE : + case WC_ARC4_TYPE : WOLFSSL_MSG("ARC4"); return 0; #endif #ifdef WOLFSSL_AES_CFB #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - case AES_128_CFB1_TYPE: - case AES_192_CFB1_TYPE: - case AES_256_CFB1_TYPE: + case WC_AES_128_CFB1_TYPE: + case WC_AES_192_CFB1_TYPE: + case WC_AES_256_CFB1_TYPE: WOLFSSL_MSG("AES CFB1"); return AES_BLOCK_SIZE; - case AES_128_CFB8_TYPE: - case AES_192_CFB8_TYPE: - case AES_256_CFB8_TYPE: + case WC_AES_128_CFB8_TYPE: + case WC_AES_192_CFB8_TYPE: + case WC_AES_256_CFB8_TYPE: WOLFSSL_MSG("AES CFB8"); return AES_BLOCK_SIZE; #endif /* !HAVE_SELFTEST && !HAVE_FIPS */ - case AES_128_CFB128_TYPE: - case AES_192_CFB128_TYPE: - case AES_256_CFB128_TYPE: + case WC_AES_128_CFB128_TYPE: + case WC_AES_192_CFB128_TYPE: + case WC_AES_256_CFB128_TYPE: WOLFSSL_MSG("AES CFB128"); return AES_BLOCK_SIZE; #endif /* WOLFSSL_AES_CFB */ #if defined(WOLFSSL_AES_OFB) - case AES_128_OFB_TYPE: - case AES_192_OFB_TYPE: - case AES_256_OFB_TYPE: + case WC_AES_128_OFB_TYPE: + case WC_AES_192_OFB_TYPE: + case WC_AES_256_OFB_TYPE: WOLFSSL_MSG("AES OFB"); return AES_BLOCK_SIZE; #endif /* WOLFSSL_AES_OFB */ #if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) - case AES_128_XTS_TYPE: - case AES_256_XTS_TYPE: + case WC_AES_128_XTS_TYPE: + case WC_AES_256_XTS_TYPE: WOLFSSL_MSG("AES XTS"); return AES_BLOCK_SIZE; #endif /* WOLFSSL_AES_XTS && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */ #ifdef HAVE_ARIA - case ARIA_128_GCM_TYPE : - case ARIA_192_GCM_TYPE : - case ARIA_256_GCM_TYPE : + case WC_ARIA_128_GCM_TYPE : + case WC_ARIA_192_GCM_TYPE : + case WC_ARIA_256_GCM_TYPE : WOLFSSL_MSG("ARIA GCM"); if (ctx->ivSz != 0) { return ctx->ivSz; @@ -9494,27 +9494,27 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx) return GCM_NONCE_MID_SZ; #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - case CHACHA20_POLY1305_TYPE: + case WC_CHACHA20_POLY1305_TYPE: WOLFSSL_MSG("CHACHA20 POLY1305"); return CHACHA20_POLY1305_AEAD_IV_SIZE; #endif /* HAVE_CHACHA HAVE_POLY1305 */ #ifdef HAVE_CHACHA - case CHACHA20_TYPE: + case WC_CHACHA20_TYPE: WOLFSSL_MSG("CHACHA20"); return WOLFSSL_EVP_CHACHA_IV_BYTES; #endif /* HAVE_CHACHA */ #ifdef WOLFSSL_SM4_CBC - case SM4_CBC_TYPE : + case WC_SM4_CBC_TYPE : WOLFSSL_MSG("SM4 CBC"); return SM4_BLOCK_SIZE; #endif #ifdef WOLFSSL_SM4_CTR - case SM4_CTR_TYPE : + case WC_SM4_CTR_TYPE : WOLFSSL_MSG("SM4 CTR"); return SM4_BLOCK_SIZE; #endif #ifdef WOLFSSL_SM4_GCM - case SM4_GCM_TYPE : + case WC_SM4_GCM_TYPE : WOLFSSL_MSG("SM4 GCM"); if (ctx->ivSz != 0) { return ctx->ivSz; @@ -9522,7 +9522,7 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx) return GCM_NONCE_MID_SZ; #endif #ifdef WOLFSSL_SM4_CCM - case SM4_CCM_TYPE : + case WC_SM4_CCM_TYPE : WOLFSSL_MSG("SM4 CCM"); if (ctx->ivSz != 0) { return ctx->ivSz; @@ -9530,7 +9530,7 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx) return CCM_NONCE_MIN_SZ; #endif - case NULL_CIPHER_TYPE : + case WC_NULL_CIPHER_TYPE : WOLFSSL_MSG("NULL"); return 0; @@ -9674,7 +9674,7 @@ int wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx) if (ctx) { switch (ctx->cipherType) { - case ARC4_TYPE: + case WC_ARC4_TYPE: WOLFSSL_MSG("returning arc4 state size"); return sizeof(Arc4); @@ -9688,27 +9688,27 @@ int wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx) } -/* return of pkey->type which will be EVP_PKEY_RSA for example. +/* return of pkey->type which will be WC_EVP_PKEY_RSA for example. * * type type of EVP_PKEY * - * returns type or if type is not found then NID_undef + * returns type or if type is not found then WC_NID_undef */ int wolfSSL_EVP_PKEY_type(int type) { WOLFSSL_MSG("wolfSSL_EVP_PKEY_type"); switch (type) { - case EVP_PKEY_RSA: - return EVP_PKEY_RSA; - case EVP_PKEY_DSA: - return EVP_PKEY_DSA; - case EVP_PKEY_EC: - return EVP_PKEY_EC; - case EVP_PKEY_DH: - return EVP_PKEY_DH; + case WC_EVP_PKEY_RSA: + return WC_EVP_PKEY_RSA; + case WC_EVP_PKEY_DSA: + return WC_EVP_PKEY_DSA; + case WC_EVP_PKEY_EC: + return WC_EVP_PKEY_EC; + case WC_EVP_PKEY_DH: + return WC_EVP_PKEY_DH; default: - return NID_undef; + return WC_NID_undef; } } @@ -9724,7 +9724,7 @@ int wolfSSL_EVP_PKEY_id(const WOLFSSL_EVP_PKEY *pkey) int wolfSSL_EVP_PKEY_base_id(const WOLFSSL_EVP_PKEY *pkey) { if (pkey == NULL) - return NID_undef; + return WC_NID_undef; return wolfSSL_EVP_PKEY_type(pkey->type); } @@ -9738,17 +9738,17 @@ int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid) } switch (pkey->type) { - case EVP_PKEY_HMAC: + case WC_EVP_PKEY_HMAC: #ifndef NO_DSA - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: #endif #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: #endif #ifdef HAVE_ECC - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: #endif - *pnid = NID_sha256; + *pnid = WC_NID_sha256; return WOLFSSL_SUCCESS; default: return WOLFSSL_FAILURE; @@ -9800,13 +9800,13 @@ int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey) } #ifndef NO_RSA -int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key) +int wolfSSL_EVP_PKEY_assign_RSA(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_RSA* key) { if (pkey == NULL || key == NULL) return WOLFSSL_FAILURE; clearEVPPkeyKeys(pkey); - pkey->type = EVP_PKEY_RSA; + pkey->type = WC_EVP_PKEY_RSA; pkey->rsa = key; pkey->ownRsa = 1; @@ -9837,13 +9837,13 @@ int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key) #endif /* !NO_RSA */ #ifndef NO_DSA -int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key) +int wolfSSL_EVP_PKEY_assign_DSA(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_DSA* key) { if (pkey == NULL || key == NULL) return WOLFSSL_FAILURE; clearEVPPkeyKeys(pkey); - pkey->type = EVP_PKEY_DSA; + pkey->type = WC_EVP_PKEY_DSA; pkey->dsa = key; pkey->ownDsa = 1; @@ -9852,13 +9852,13 @@ int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key) #endif /* !NO_DSA */ #ifndef NO_DH -int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key) +int wolfSSL_EVP_PKEY_assign_DH(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_DH* key) { if (pkey == NULL || key == NULL) return WOLFSSL_FAILURE; clearEVPPkeyKeys(pkey); - pkey->type = EVP_PKEY_DH; + pkey->type = WC_EVP_PKEY_DH; pkey->dh = key; pkey->ownDh = 1; @@ -9974,7 +9974,7 @@ const WOLFSSL_EVP_MD *wolfSSL_EVP_get_digestbyname(const char *name) for (ent = md_tbl; ent->name != NULL; ent++) if(XSTRCMP(name, ent->name) == 0) { - return (EVP_MD *)ent->name; + return (WOLFSSL_EVP_MD *)ent->name; } return NULL; } @@ -9983,7 +9983,7 @@ const WOLFSSL_EVP_MD *wolfSSL_EVP_get_digestbyname(const char *name) * * type - pointer to WOLFSSL_EVP_MD for which to return NID value * - * Returns NID on success, or NID_undef if none exists. + * Returns NID on success, or WC_NID_undef if none exists. */ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) { @@ -9992,7 +9992,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) if (type == NULL) { WOLFSSL_MSG("MD type arg is NULL"); - return NID_undef; + return WC_NID_undef; } for( ent = md_tbl; ent->name != NULL; ent++){ @@ -10000,7 +10000,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) return ent->nid; } } - return NID_undef; + return WC_NID_undef; } #ifndef NO_MD4 @@ -10009,7 +10009,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void) { WOLFSSL_ENTER("EVP_md4"); - return EVP_get_digestbyname("MD4"); + return wolfSSL_EVP_get_digestbyname("MD4"); } #endif /* !NO_MD4 */ @@ -10020,7 +10020,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void) { WOLFSSL_ENTER("EVP_md5"); - return EVP_get_digestbyname("MD5"); + return wolfSSL_EVP_get_digestbyname("MD5"); } #endif /* !NO_MD5 */ @@ -10033,7 +10033,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2b512(void) { WOLFSSL_ENTER("EVP_blake2b512"); - return EVP_get_digestbyname("BLAKE2b512"); + return wolfSSL_EVP_get_digestbyname("BLAKE2b512"); } #endif @@ -10046,7 +10046,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2s256(void) { WOLFSSL_ENTER("EVP_blake2s256"); - return EVP_get_digestbyname("BLAKE2s256"); + return wolfSSL_EVP_get_digestbyname("BLAKE2s256"); } #endif @@ -10072,7 +10072,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void) { WOLFSSL_ENTER("EVP_sha1"); - return EVP_get_digestbyname("SHA1"); + return wolfSSL_EVP_get_digestbyname("SHA1"); } #endif /* NO_SHA */ @@ -10081,7 +10081,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void) { WOLFSSL_ENTER("EVP_sha224"); - return EVP_get_digestbyname("SHA224"); + return wolfSSL_EVP_get_digestbyname("SHA224"); } #endif /* WOLFSSL_SHA224 */ @@ -10090,7 +10090,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void) { WOLFSSL_ENTER("EVP_sha256"); - return EVP_get_digestbyname("SHA256"); + return wolfSSL_EVP_get_digestbyname("SHA256"); } #ifdef WOLFSSL_SHA384 @@ -10098,7 +10098,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void) { WOLFSSL_ENTER("EVP_sha384"); - return EVP_get_digestbyname("SHA384"); + return wolfSSL_EVP_get_digestbyname("SHA384"); } #endif /* WOLFSSL_SHA384 */ @@ -10108,7 +10108,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void) { WOLFSSL_ENTER("EVP_sha512"); - return EVP_get_digestbyname("SHA512"); + return wolfSSL_EVP_get_digestbyname("SHA512"); } #ifndef WOLFSSL_NOSHA512_224 @@ -10116,7 +10116,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512_224(void) { WOLFSSL_ENTER("EVP_sha512_224"); - return EVP_get_digestbyname("SHA512_224"); + return wolfSSL_EVP_get_digestbyname("SHA512_224"); } #endif /* !WOLFSSL_NOSHA512_224 */ @@ -10125,7 +10125,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512_256(void) { WOLFSSL_ENTER("EVP_sha512_256"); - return EVP_get_digestbyname("SHA512_256"); + return wolfSSL_EVP_get_digestbyname("SHA512_256"); } #endif /* !WOLFSSL_NOSHA512_224 */ @@ -10137,7 +10137,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_224(void) { WOLFSSL_ENTER("EVP_sha3_224"); - return EVP_get_digestbyname("SHA3_224"); + return wolfSSL_EVP_get_digestbyname("SHA3_224"); } #endif /* WOLFSSL_NOSHA3_224 */ @@ -10146,7 +10146,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_256(void) { WOLFSSL_ENTER("EVP_sha3_256"); - return EVP_get_digestbyname("SHA3_256"); + return wolfSSL_EVP_get_digestbyname("SHA3_256"); } #endif /* WOLFSSL_NOSHA3_256 */ @@ -10154,7 +10154,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_384(void) { WOLFSSL_ENTER("EVP_sha3_384"); - return EVP_get_digestbyname("SHA3_384"); + return wolfSSL_EVP_get_digestbyname("SHA3_384"); } #endif /* WOLFSSL_NOSHA3_384 */ @@ -10162,7 +10162,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_512(void) { WOLFSSL_ENTER("EVP_sha3_512"); - return EVP_get_digestbyname("SHA3_512"); + return wolfSSL_EVP_get_digestbyname("SHA3_512"); } #endif /* WOLFSSL_NOSHA3_512 */ @@ -10170,7 +10170,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_shake128(void) { WOLFSSL_ENTER("EVP_shake128"); - return EVP_get_digestbyname("SHAKE128"); + return wolfSSL_EVP_get_digestbyname("SHAKE128"); } #endif /* WOLFSSL_SHAKE128 */ @@ -10178,7 +10178,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_shake256(void) { WOLFSSL_ENTER("EVP_shake256"); - return EVP_get_digestbyname("SHAKE256"); + return wolfSSL_EVP_get_digestbyname("SHAKE256"); } #endif /* WOLFSSL_SHAKE256 */ @@ -10188,7 +10188,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const WOLFSSL_EVP_MD* wolfSSL_EVP_sm3(void) { WOLFSSL_ENTER("EVP_sm3"); - return EVP_get_digestbyname("SM3"); + return wolfSSL_EVP_get_digestbyname("SM3"); } #endif /* WOLFSSL_SM3 */ @@ -10223,7 +10223,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const struct s_ent *ent; if (ctx->isHMAC) { - return NID_hmac; + return WC_NID_hmac; } for(ent = md_tbl; ent->name != NULL; ent++) { @@ -10313,7 +10313,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) if (nm->alias) md->fn(NULL, nm->name, nm->data, md->arg); else - md->fn((const EVP_MD *)nm->data, nm->name, NULL, md->arg); + md->fn((const WOLFSSL_EVP_MD *)nm->data, nm->name, NULL, md->arg); } /* call md_do_all function to do all md algorithm via a callback function @@ -10614,7 +10614,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) WOLFSSL_ENTER("EVP_DigestUpdate"); - macType = EvpMd2MacType(EVP_MD_CTX_md(ctx)); + macType = EvpMd2MacType(wolfSSL_EVP_MD_CTX_md(ctx)); switch (macType) { case WC_HASH_TYPE_MD4: #ifndef NO_MD4 @@ -10631,31 +10631,31 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) break; case WC_HASH_TYPE_SHA: #ifndef NO_SHA - ret = wolfSSL_SHA_Update((SHA_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA_Update((WOLFSSL_SHA_CTX*)&ctx->hash, data, (unsigned long)sz); #endif break; case WC_HASH_TYPE_SHA224: #ifdef WOLFSSL_SHA224 - ret = wolfSSL_SHA224_Update((SHA224_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA224_Update((WOLFSSL_SHA224_CTX*)&ctx->hash, data, (unsigned long)sz); #endif break; case WC_HASH_TYPE_SHA256: #ifndef NO_SHA256 - ret = wolfSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA256_Update((WOLFSSL_SHA256_CTX*)&ctx->hash, data, (unsigned long)sz); #endif /* !NO_SHA256 */ break; case WC_HASH_TYPE_SHA384: #ifdef WOLFSSL_SHA384 - ret = wolfSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA384_Update((WOLFSSL_SHA384_CTX*)&ctx->hash, data, (unsigned long)sz); #endif break; case WC_HASH_TYPE_SHA512: #ifdef WOLFSSL_SHA512 - ret = wolfSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA512_Update((WOLFSSL_SHA512_CTX*)&ctx->hash, data, (unsigned long)sz); #endif /* WOLFSSL_SHA512 */ break; @@ -10664,7 +10664,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) case WC_HASH_TYPE_SHA512_224: #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ defined(WOLFSSL_SHA512) - ret = wolfSSL_SHA512_224_Update((SHA512_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA512_224_Update((WOLFSSL_SHA512_CTX*)&ctx->hash, data, (unsigned long)sz); #endif break; @@ -10674,7 +10674,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) case WC_HASH_TYPE_SHA512_256: #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ defined(WOLFSSL_SHA512) - ret = wolfSSL_SHA512_256_Update((SHA512_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA512_256_Update((WOLFSSL_SHA512_CTX*)&ctx->hash, data, (unsigned long)sz); #endif /* WOLFSSL_SHA512 */ break; @@ -10682,25 +10682,25 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) - ret = wolfSSL_SHA3_224_Update((SHA3_224_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA3_224_Update((WOLFSSL_SHA3_224_CTX*)&ctx->hash, data, (unsigned long)sz); #endif break; case WC_HASH_TYPE_SHA3_256: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) - ret = wolfSSL_SHA3_256_Update((SHA3_256_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA3_256_Update((WOLFSSL_SHA3_256_CTX*)&ctx->hash, data, (unsigned long)sz); #endif break; case WC_HASH_TYPE_SHA3_384: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384) - ret = wolfSSL_SHA3_384_Update((SHA3_384_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA3_384_Update((WOLFSSL_SHA3_384_CTX*)&ctx->hash, data, (unsigned long)sz); #endif break; case WC_HASH_TYPE_SHA3_512: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) - ret = wolfSSL_SHA3_512_Update((SHA3_512_CTX*)&ctx->hash, data, + ret = wolfSSL_SHA3_512_Update((WOLFSSL_SHA3_512_CTX*)&ctx->hash, data, (unsigned long)sz); #endif break; @@ -10741,7 +10741,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) enum wc_HashType macType; WOLFSSL_ENTER("EVP_DigestFinal"); - macType = EvpMd2MacType(EVP_MD_CTX_md(ctx)); + macType = EvpMd2MacType(wolfSSL_EVP_MD_CTX_md(ctx)); switch (macType) { case WC_HASH_TYPE_MD4: #ifndef NO_MD4 @@ -10758,31 +10758,31 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) break; case WC_HASH_TYPE_SHA: #ifndef NO_SHA - ret = wolfSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash); + ret = wolfSSL_SHA_Final(md, (WOLFSSL_SHA_CTX*)&ctx->hash); if (s) *s = WC_SHA_DIGEST_SIZE; #endif break; case WC_HASH_TYPE_SHA224: #ifdef WOLFSSL_SHA224 - ret = wolfSSL_SHA224_Final(md, (SHA224_CTX*)&ctx->hash); + ret = wolfSSL_SHA224_Final(md, (WOLFSSL_SHA224_CTX*)&ctx->hash); if (s) *s = WC_SHA224_DIGEST_SIZE; #endif break; case WC_HASH_TYPE_SHA256: #ifndef NO_SHA256 - ret = wolfSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash); + ret = wolfSSL_SHA256_Final(md, (WOLFSSL_SHA256_CTX*)&ctx->hash); if (s) *s = WC_SHA256_DIGEST_SIZE; #endif /* !NO_SHA256 */ break; case WC_HASH_TYPE_SHA384: #ifdef WOLFSSL_SHA384 - ret = wolfSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash); + ret = wolfSSL_SHA384_Final(md, (WOLFSSL_SHA384_CTX*)&ctx->hash); if (s) *s = WC_SHA384_DIGEST_SIZE; #endif break; case WC_HASH_TYPE_SHA512: #ifdef WOLFSSL_SHA512 - ret = wolfSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash); + ret = wolfSSL_SHA512_Final(md, (WOLFSSL_SHA512_CTX*)&ctx->hash); if (s) *s = WC_SHA512_DIGEST_SIZE; #endif /* WOLFSSL_SHA512 */ break; @@ -10790,7 +10790,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) case WC_HASH_TYPE_SHA512_224: #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ defined(WOLFSSL_SHA512) - ret = wolfSSL_SHA512_224_Final(md, (SHA512_CTX*)&ctx->hash); + ret = wolfSSL_SHA512_224_Final(md, (WOLFSSL_SHA512_CTX*)&ctx->hash); if (s) *s = WC_SHA512_224_DIGEST_SIZE; #endif break; @@ -10799,32 +10799,32 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) case WC_HASH_TYPE_SHA512_256: #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ defined(WOLFSSL_SHA512) - ret = wolfSSL_SHA512_256_Final(md, (SHA512_CTX*)&ctx->hash); + ret = wolfSSL_SHA512_256_Final(md, (WOLFSSL_SHA512_CTX*)&ctx->hash); if (s) *s = WC_SHA512_256_DIGEST_SIZE; #endif break; #endif /* !WOLFSSL_NOSHA512_256 */ case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) - ret = wolfSSL_SHA3_224_Final(md, (SHA3_224_CTX*)&ctx->hash); + ret = wolfSSL_SHA3_224_Final(md, (WOLFSSL_SHA3_224_CTX*)&ctx->hash); if (s) *s = WC_SHA3_224_DIGEST_SIZE; #endif break; case WC_HASH_TYPE_SHA3_256: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) - ret = wolfSSL_SHA3_256_Final(md, (SHA3_256_CTX*)&ctx->hash); + ret = wolfSSL_SHA3_256_Final(md, (WOLFSSL_SHA3_256_CTX*)&ctx->hash); if (s) *s = WC_SHA3_256_DIGEST_SIZE; #endif break; case WC_HASH_TYPE_SHA3_384: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384) - ret = wolfSSL_SHA3_384_Final(md, (SHA3_384_CTX*)&ctx->hash); + ret = wolfSSL_SHA3_384_Final(md, (WOLFSSL_SHA3_384_CTX*)&ctx->hash); if (s) *s = WC_SHA3_384_DIGEST_SIZE; #endif break; case WC_HASH_TYPE_SHA3_512: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) - ret = wolfSSL_SHA3_512_Final(md, (SHA3_512_CTX*)&ctx->hash); + ret = wolfSSL_SHA3_512_Final(md, (WOLFSSL_SHA3_512_CTX*)&ctx->hash); if (s) *s = WC_SHA3_512_DIGEST_SIZE; #endif break; @@ -10863,7 +10863,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) unsigned int* s) { WOLFSSL_ENTER("EVP_DigestFinal_ex"); - return EVP_DigestFinal(ctx, md, s); + return wolfSSL_EVP_DigestFinal(ctx, md, s); } void wolfSSL_EVP_cleanup(void) @@ -10877,31 +10877,31 @@ const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id) switch(id) { #ifndef NO_MD5 - case NID_md5: + case WC_NID_md5: return wolfSSL_EVP_md5(); #endif #ifndef NO_SHA - case NID_sha1: + case WC_NID_sha1: return wolfSSL_EVP_sha1(); #endif #ifdef WOLFSSL_SHA224 - case NID_sha224: + case WC_NID_sha224: return wolfSSL_EVP_sha224(); #endif #ifndef NO_SHA256 - case NID_sha256: + case WC_NID_sha256: return wolfSSL_EVP_sha256(); #endif #ifdef WOLFSSL_SHA384 - case NID_sha384: + case WC_NID_sha384: return wolfSSL_EVP_sha384(); #endif #ifdef WOLFSSL_SHA512 - case NID_sha512: + case WC_NID_sha512: return wolfSSL_EVP_sha512(); #endif #ifdef WOLFSSL_SM3 - case NID_sm3: + case WC_NID_sm3: return wolfSSL_EVP_sm3(); #endif default: @@ -11147,7 +11147,7 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) switch(key->type) { #ifndef NO_RSA - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: if (key->rsa != NULL && key->ownRsa == 1) { wolfSSL_RSA_free(key->rsa); key->rsa = NULL; @@ -11156,7 +11156,7 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) #endif /* NO_RSA */ #if defined(HAVE_ECC) && defined(OPENSSL_EXTRA) - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: if (key->ecc != NULL && key->ownEcc == 1) { wolfSSL_EC_KEY_free(key->ecc); key->ecc = NULL; @@ -11165,7 +11165,7 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) #endif /* HAVE_ECC && OPENSSL_EXTRA */ #ifndef NO_DSA - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: if (key->dsa != NULL && key->ownDsa == 1) { wolfSSL_DSA_free(key->dsa); key->dsa = NULL; @@ -11175,7 +11175,7 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) #if !defined(NO_DH) && (defined(WOLFSSL_QT) || \ defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: if (key->dh != NULL && key->ownDh == 1) { wolfSSL_DH_free(key->dh); key->dh = NULL; @@ -11184,7 +11184,7 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) #endif /* ! NO_DH ... */ #ifdef HAVE_HKDF - case EVP_PKEY_HKDF: + case WC_EVP_PKEY_HKDF: XFREE(key->hkdfSalt, NULL, DYNAMIC_TYPE_SALT); key->hkdfSalt = NULL; XFREE(key->hkdfKey, NULL, DYNAMIC_TYPE_KEY); @@ -11199,7 +11199,7 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) #if defined(WOLFSSL_CMAC) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_AES_DIRECT) - case EVP_PKEY_CMAC: + case WC_EVP_PKEY_CMAC: if (key->cmacCtx != NULL) { wolfSSL_CMAC_CTX_free(key->cmacCtx); key->cmacCtx = NULL; @@ -11230,8 +11230,8 @@ static int Indent(WOLFSSL_BIO* out, int indents) if (out == NULL) { return 0; } - if (indents > EVP_PKEY_PRINT_INDENT_MAX) { - indents = EVP_PKEY_PRINT_INDENT_MAX; + if (indents > WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX) { + indents = WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX; } for (i = 0; i < indents; i++) { if (wolfSSL_BIO_write(out, &space, 1) < 0) { @@ -11259,7 +11259,7 @@ static int PrintHexWithColon(WOLFSSL_BIO* out, const byte* input, #ifdef WOLFSSL_SMALL_STACK byte* buff = NULL; #else - byte buff[EVP_PKEY_PRINT_LINE_WIDTH_MAX] = { 0 }; + byte buff[WOLFSSL_EVP_PKEY_PRINT_LINE_WIDTH_MAX] = { 0 }; #endif /* WOLFSSL_SMALL_STACK */ int ret = WOLFSSL_SUCCESS; word32 in = 0; @@ -11276,14 +11276,14 @@ static int PrintHexWithColon(WOLFSSL_BIO* out, const byte* input, if (indent < 0) { indent = 0; } - if (indent > EVP_PKEY_PRINT_INDENT_MAX) { - indent = EVP_PKEY_PRINT_INDENT_MAX; + if (indent > WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX) { + indent = WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX; } data = input; #ifdef WOLFSSL_SMALL_STACK - buff = (byte*)XMALLOC(EVP_PKEY_PRINT_LINE_WIDTH_MAX, NULL, + buff = (byte*)XMALLOC(WOLFSSL_EVP_PKEY_PRINT_LINE_WIDTH_MAX, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (!buff) { return WOLFSSL_FAILURE; @@ -11294,9 +11294,9 @@ static int PrintHexWithColon(WOLFSSL_BIO* out, const byte* input, idx = 0; for (in = 0; in < (word32)inlen && ret == WOLFSSL_SUCCESS; in += - EVP_PKEY_PRINT_DIGITS_PER_LINE ) { + WOLFSSL_EVP_PKEY_PRINT_DIGITS_PER_LINE ) { Indent(out, indent); - for (i = 0; (i < EVP_PKEY_PRINT_DIGITS_PER_LINE) && + for (i = 0; (i < WOLFSSL_EVP_PKEY_PRINT_DIGITS_PER_LINE) && (in + i < (word32)inlen); i++) { if (ret == WOLFSSL_SUCCESS) { @@ -11325,7 +11325,7 @@ static int PrintHexWithColon(WOLFSSL_BIO* out, const byte* input, ret = wolfSSL_BIO_write(out, "\n", 1) > 0; } if (ret == WOLFSSL_SUCCESS) { - XMEMSET(buff, 0, EVP_PKEY_PRINT_LINE_WIDTH_MAX); + XMEMSET(buff, 0, WOLFSSL_EVP_PKEY_PRINT_LINE_WIDTH_MAX); idx = 0; } } @@ -11347,7 +11347,7 @@ static int PrintHexWithColon(WOLFSSL_BIO* out, const byte* input, * Returns 1 on success, 0 on failure. */ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, - int indent, int bitlen, ASN1_PCTX* pctx) + int indent, int bitlen, WOLFSSL_ASN1_PCTX* pctx) { byte buff[8] = { 0 }; int res = WC_NO_ERR_TRACE(WOLFSSL_FAILURE); @@ -11383,8 +11383,8 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (indent < 0) { indent = 0; } - if (indent > EVP_PKEY_PRINT_INDENT_MAX) { - indent = EVP_PKEY_PRINT_INDENT_MAX; + if (indent > WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX) { + indent = WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX; } do { @@ -11501,7 +11501,7 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, * Returns 1 on success, 0 on failure. */ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, - int indent, int bitlen, ASN1_PCTX* pctx) + int indent, int bitlen, WOLFSSL_ASN1_PCTX* pctx) { byte* pub = NULL; word32 pubSz = 0; @@ -11563,8 +11563,8 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (indent < 0) { indent = 0; } - else if (indent > EVP_PKEY_PRINT_INDENT_MAX) { - indent = EVP_PKEY_PRINT_INDENT_MAX; + else if (indent > WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX) { + indent = WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX; } if (res == WOLFSSL_SUCCESS) { @@ -11697,7 +11697,7 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, * Returns 1 on success, 0 on failure. */ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, - int indent, int bitlen, ASN1_PCTX* pctx) + int indent, int bitlen, WOLFSSL_ASN1_PCTX* pctx) { byte buff[8] = { 0 }; @@ -11733,8 +11733,8 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (indent < 0) { indent = 0; } - if (indent > EVP_PKEY_PRINT_INDENT_MAX) { - indent = EVP_PKEY_PRINT_INDENT_MAX; + if (indent > WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX) { + indent = WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX; } do { @@ -11916,7 +11916,7 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, * Returns 1 on success, 0 on failure. */ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, - int indent, int bitlen, ASN1_PCTX* pctx) + int indent, int bitlen, WOLFSSL_ASN1_PCTX* pctx) { byte buff[8] = { 0 }; @@ -11957,8 +11957,8 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (indent < 0) { indent = 0; } - if (indent > EVP_PKEY_PRINT_INDENT_MAX) { - indent = EVP_PKEY_PRINT_INDENT_MAX; + if (indent > WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX) { + indent = WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX; } do { @@ -12147,7 +12147,7 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, * Can handle RSA, ECC, DSA and DH public keys. */ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out, - const WOLFSSL_EVP_PKEY* pkey, int indent, ASN1_PCTX* pctx) + const WOLFSSL_EVP_PKEY* pkey, int indent, WOLFSSL_ASN1_PCTX* pctx) { int res; #if !defined(NO_RSA) || defined(HAVE_ECC) || !defined(NO_DSA) || \ @@ -12165,13 +12165,13 @@ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out, if (indent < 0) { indent = 0; } - if (indent > EVP_PKEY_PRINT_INDENT_MAX) { - indent = EVP_PKEY_PRINT_INDENT_MAX; + if (indent > WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX) { + indent = WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX; } #endif switch (pkey->type) { - case EVP_PKEY_RSA: + case WC_EVP_PKEY_RSA: #if !defined(NO_RSA) keybits = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey) * 8; @@ -12187,7 +12187,7 @@ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out, #endif break; - case EVP_PKEY_EC: + case WC_EVP_PKEY_EC: #if defined(HAVE_ECC) keybits = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey) * 8; @@ -12203,7 +12203,7 @@ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out, #endif break; - case EVP_PKEY_DSA: + case WC_EVP_PKEY_DSA: #if !defined(NO_DSA) keybits = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey) * 8; @@ -12219,7 +12219,7 @@ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out, #endif break; - case EVP_PKEY_DH: + case WC_EVP_PKEY_DH: #if defined(WOLFSSL_DH_EXTRA) keybits = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey) * 8; diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index bb370540e1..a2b5132980 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -128,7 +128,7 @@ struct PKCS7State { /* creates a PKCS7State structure and returns 0 on success */ -static int wc_PKCS7_CreateStream(PKCS7* pkcs7) +static int wc_PKCS7_CreateStream(wc_PKCS7* pkcs7) { WOLFSSL_MSG("creating PKCS7 stream structure"); pkcs7->stream = (PKCS7State*)XMALLOC(sizeof(PKCS7State), pkcs7->heap, @@ -144,7 +144,7 @@ static int wc_PKCS7_CreateStream(PKCS7* pkcs7) } -static void wc_PKCS7_ResetStream(PKCS7* pkcs7) +static void wc_PKCS7_ResetStream(wc_PKCS7* pkcs7) { if (pkcs7 != NULL && pkcs7->stream != NULL) { #ifdef WC_PKCS7_STREAM_DEBUG @@ -211,7 +211,7 @@ static void wc_PKCS7_ResetStream(PKCS7* pkcs7) } -static void wc_PKCS7_FreeStream(PKCS7* pkcs7) +static void wc_PKCS7_FreeStream(wc_PKCS7* pkcs7) { if (pkcs7 != NULL && pkcs7->stream != NULL) { wc_PKCS7_ResetStream(pkcs7); @@ -228,7 +228,7 @@ static void wc_PKCS7_FreeStream(PKCS7* pkcs7) /* used to increase the max size for internal buffer * returns 0 on success */ -static int wc_PKCS7_GrowStream(PKCS7* pkcs7, word32 newSz) +static int wc_PKCS7_GrowStream(wc_PKCS7* pkcs7, word32 newSz) { byte* pt; pt = (byte*)XMALLOC(newSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7); @@ -257,7 +257,7 @@ static int wc_PKCS7_GrowStream(PKCS7* pkcs7, word32 newSz) * Sets idx to be the current offset into "pt" buffer * returns 0 on success */ -static int wc_PKCS7_AddDataToStream(PKCS7* pkcs7, byte* in, word32 inSz, +static int wc_PKCS7_AddDataToStream(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32 expected, byte** pt, word32* idx) { word32 rdSz = pkcs7->stream->idx; @@ -335,7 +335,7 @@ static int wc_PKCS7_AddDataToStream(PKCS7* pkcs7, byte* in, word32 inSz, /* setter function for stored variables */ -static void wc_PKCS7_StreamStoreVar(PKCS7* pkcs7, word32 var1, int var2, +static void wc_PKCS7_StreamStoreVar(wc_PKCS7* pkcs7, word32 var1, int var2, int var3) { if (pkcs7 != NULL && pkcs7->stream != NULL) { @@ -348,7 +348,7 @@ static void wc_PKCS7_StreamStoreVar(PKCS7* pkcs7, word32 var1, int var2, /* Tries to peek at the SEQ and get the length * returns 0 on success */ -static int wc_PKCS7_SetMaxStream(PKCS7* pkcs7, byte* in, word32 defSz) +static int wc_PKCS7_SetMaxStream(wc_PKCS7* pkcs7, byte* in, word32 defSz) { /* check there is a buffer to read from */ if (pkcs7) { @@ -397,7 +397,7 @@ static int wc_PKCS7_SetMaxStream(PKCS7* pkcs7, byte* in, word32 defSz) /* getter function for stored variables */ -static void wc_PKCS7_StreamGetVar(PKCS7* pkcs7, word32* var1, int* var2, +static void wc_PKCS7_StreamGetVar(wc_PKCS7* pkcs7, word32* var1, int* var2, int* var3) { if (pkcs7 != NULL && pkcs7->stream != NULL) { @@ -410,7 +410,7 @@ static void wc_PKCS7_StreamGetVar(PKCS7* pkcs7, word32* var1, int* var2, /* common update of index and total read after section complete * returns 0 on success */ -static int wc_PKCS7_StreamEndCase(PKCS7* pkcs7, word32* tmpIdx, word32* idx) +static int wc_PKCS7_StreamEndCase(wc_PKCS7* pkcs7, word32* tmpIdx, word32* idx) { int ret = 0; @@ -497,7 +497,7 @@ static const char* wc_PKCS7_GetStateName(int in) /* Used to change the PKCS7 state. Having state change as a function allows * for easier debugging */ -static void wc_PKCS7_ChangeState(PKCS7* pkcs7, int newState) +static void wc_PKCS7_ChangeState(wc_PKCS7* pkcs7, int newState) { #ifdef WC_PKCS7_STREAM_DEBUG printf("\tChanging from state [%02d] %s to [%02d] %s\n", @@ -782,11 +782,11 @@ static int wc_PKCS7_GetOIDKeySize(int oid) } -PKCS7* wc_PKCS7_New(void* heap, int devId) +wc_PKCS7* wc_PKCS7_New(void* heap, int devId) { - PKCS7* pkcs7 = (PKCS7*)XMALLOC(sizeof(PKCS7), heap, DYNAMIC_TYPE_PKCS7); + wc_PKCS7* pkcs7 = (wc_PKCS7*)XMALLOC(sizeof(wc_PKCS7), heap, DYNAMIC_TYPE_PKCS7); if (pkcs7) { - XMEMSET(pkcs7, 0, sizeof(PKCS7)); + XMEMSET(pkcs7, 0, sizeof(wc_PKCS7)); if (wc_PKCS7_Init(pkcs7, heap, devId) == 0) { pkcs7->isDynamic = 1; } @@ -807,7 +807,7 @@ PKCS7* wc_PKCS7_New(void* heap, int devId) * * returns 0 on success or a negative value for failure */ -int wc_PKCS7_Init(PKCS7* pkcs7, void* heap, int devId) +int wc_PKCS7_Init(wc_PKCS7* pkcs7, void* heap, int devId) { word16 isDynamic; @@ -818,7 +818,7 @@ int wc_PKCS7_Init(PKCS7* pkcs7, void* heap, int devId) } isDynamic = pkcs7->isDynamic; - XMEMSET(pkcs7, 0, sizeof(PKCS7)); + XMEMSET(pkcs7, 0, sizeof(wc_PKCS7)); pkcs7->isDynamic = (isDynamic != 0); #ifdef WOLFSSL_HEAP_TEST pkcs7->heap = (void*)WOLFSSL_HEAP_TEST; @@ -831,7 +831,7 @@ int wc_PKCS7_Init(PKCS7* pkcs7, void* heap, int devId) } #ifdef WC_ASN_UNKNOWN_EXT_CB -void wc_PKCS7_SetUnknownExtCallback(PKCS7* pkcs7, wc_UnknownExtCallback cb) +void wc_PKCS7_SetUnknownExtCallback(wc_PKCS7* pkcs7, wc_UnknownExtCallback cb) { if (pkcs7 != NULL) { pkcs7->unknownExtCallback = cb; @@ -860,7 +860,7 @@ struct Pkcs7EncodedRecip { /* free all members of Pkcs7Cert linked list */ -static void wc_PKCS7_FreeCertSet(PKCS7* pkcs7) +static void wc_PKCS7_FreeCertSet(wc_PKCS7* pkcs7) { Pkcs7Cert* curr = NULL; Pkcs7Cert* next = NULL; @@ -885,7 +885,7 @@ static void wc_PKCS7_FreeCertSet(PKCS7* pkcs7) /* Get total size of all recipients in recipient list. * * Returns total size of recipients, or negative upon error */ -static int wc_PKCS7_GetRecipientListSize(PKCS7* pkcs7) +static int wc_PKCS7_GetRecipientListSize(wc_PKCS7* pkcs7) { word32 totalSz = 0; Pkcs7EncodedRecip* tmp = NULL; @@ -905,7 +905,7 @@ static int wc_PKCS7_GetRecipientListSize(PKCS7* pkcs7) /* free all members of Pkcs7EncodedRecip linked list */ -static void wc_PKCS7_FreeEncodedRecipientSet(PKCS7* pkcs7) +static void wc_PKCS7_FreeEncodedRecipientSet(wc_PKCS7* pkcs7) { Pkcs7EncodedRecip* curr = NULL; Pkcs7EncodedRecip* next = NULL; @@ -930,7 +930,7 @@ static void wc_PKCS7_FreeEncodedRecipientSet(PKCS7* pkcs7) /* search through RecipientInfo list for specific type. * return 1 if ANY recipient of type specified is present, otherwise * return 0 */ -static int wc_PKCS7_RecipientListIncludesType(PKCS7* pkcs7, int type) +static int wc_PKCS7_RecipientListIncludesType(wc_PKCS7* pkcs7, int type) { Pkcs7EncodedRecip* tmp = NULL; @@ -952,7 +952,7 @@ static int wc_PKCS7_RecipientListIncludesType(PKCS7* pkcs7, int type) /* searches through RecipientInfo list, returns 1 if all structure * versions are set to 0, otherwise returns 0 */ -static int wc_PKCS7_RecipientListVersionsAllZero(PKCS7* pkcs7) +static int wc_PKCS7_RecipientListVersionsAllZero(wc_PKCS7* pkcs7) { Pkcs7EncodedRecip* tmp = NULL; @@ -979,7 +979,7 @@ static int wc_PKCS7_RecipientListVersionsAllZero(PKCS7* pkcs7) * keySz - size of key, octets * * Returns 0 on success, negative on error */ -static int wc_PKCS7_CheckPublicKeyDer(PKCS7* pkcs7, int keyOID, +static int wc_PKCS7_CheckPublicKeyDer(wc_PKCS7* pkcs7, int keyOID, const byte* key, word32 keySz) { int ret = 0; @@ -1075,7 +1075,7 @@ static int wc_PKCS7_CheckPublicKeyDer(PKCS7* pkcs7, int keyOID, /* Init PKCS7 struct with recipient cert, decode into DecodedCert * NOTE: keeps previously set pkcs7 heap hint, devId and isDynamic */ -int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* derCert, word32 derCertSz) +int wc_PKCS7_InitWithCert(wc_PKCS7* pkcs7, byte* derCert, word32 derCertSz) { int ret = 0; void* heap; @@ -1226,7 +1226,7 @@ int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* derCert, word32 derCertSz) * This API does not currently validate certificates. * * Returns 0 on success, negative upon error */ -int wc_PKCS7_AddCertificate(PKCS7* pkcs7, byte* derCert, word32 derCertSz) +int wc_PKCS7_AddCertificate(wc_PKCS7* pkcs7, byte* derCert, word32 derCertSz) { Pkcs7Cert* cert; @@ -1276,7 +1276,7 @@ static void wc_PKCS7_FreeDecodedAttrib(PKCS7DecodedAttrib* attrib, void* heap) /* return 0 on success */ -static int wc_PKCS7_SignerInfoNew(PKCS7* pkcs7) +static int wc_PKCS7_SignerInfoNew(wc_PKCS7* pkcs7) { XFREE(pkcs7->signerInfo, pkcs7->heap, DYNAMIC_TYPE_PKCS7); pkcs7->signerInfo = NULL; @@ -1292,7 +1292,7 @@ static int wc_PKCS7_SignerInfoNew(PKCS7* pkcs7) } -static void wc_PKCS7_SignerInfoFree(PKCS7* pkcs7) +static void wc_PKCS7_SignerInfoFree(wc_PKCS7* pkcs7) { if (pkcs7->signerInfo != NULL) { XFREE(pkcs7->signerInfo->sid, pkcs7->heap, DYNAMIC_TYPE_PKCS7); @@ -1306,7 +1306,7 @@ static void wc_PKCS7_SignerInfoFree(PKCS7* pkcs7) /* free's any current SID and sets it to "in" * returns 0 on success */ -static int wc_PKCS7_SignerInfoSetSID(PKCS7* pkcs7, byte* in, int inSz) +static int wc_PKCS7_SignerInfoSetSID(wc_PKCS7* pkcs7, byte* in, int inSz) { if (pkcs7 == NULL || in == NULL || inSz < 0) { return BAD_FUNC_ARG; @@ -1326,7 +1326,7 @@ static int wc_PKCS7_SignerInfoSetSID(PKCS7* pkcs7, byte* in, int inSz) /* releases any memory allocated by a PKCS7 initializer */ -void wc_PKCS7_Free(PKCS7* pkcs7) +void wc_PKCS7_Free(wc_PKCS7* pkcs7) { if (pkcs7 == NULL) return; @@ -1391,7 +1391,7 @@ void wc_PKCS7_Free(PKCS7* pkcs7) /* helper function for parsing through attributes and finding a specific one. * returns PKCS7DecodedAttrib pointer on success */ -static PKCS7DecodedAttrib* findAttrib(PKCS7* pkcs7, const byte* oid, word32 oidSz) +static PKCS7DecodedAttrib* findAttrib(wc_PKCS7* pkcs7, const byte* oid, word32 oidSz) { PKCS7DecodedAttrib* list; @@ -1446,7 +1446,7 @@ static PKCS7DecodedAttrib* findAttrib(PKCS7* pkcs7, const byte* oid, word32 oidS * * returns size of value on success */ -int wc_PKCS7_GetAttributeValue(PKCS7* pkcs7, const byte* oid, word32 oidSz, +int wc_PKCS7_GetAttributeValue(wc_PKCS7* pkcs7, const byte* oid, word32 oidSz, byte* out, word32* outSz) { PKCS7DecodedAttrib* attrib; @@ -1475,7 +1475,7 @@ int wc_PKCS7_GetAttributeValue(PKCS7* pkcs7, const byte* oid, word32 oidSz, /* build PKCS#7 data content type */ -int wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz) +int wc_PKCS7_EncodeData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) { static const byte oid[] = { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, @@ -1615,7 +1615,7 @@ static FlatAttrib* NewAttrib(void* heap) } /* Free FlatAttrib array and memory allocated to internal struct members */ -static void FreeAttribArray(PKCS7* pkcs7, FlatAttrib** arr, int rows) +static void FreeAttribArray(wc_PKCS7* pkcs7, FlatAttrib** arr, int rows) { int i; @@ -1675,7 +1675,7 @@ static int SortAttribArray(FlatAttrib** arr, int rows) /* Build up array of FlatAttrib structs from EncodedAttrib ones. FlatAttrib * holds flattened DER encoding of each attribute */ -static int FlattenEncodedAttribs(PKCS7* pkcs7, FlatAttrib** derArr, int rows, +static int FlattenEncodedAttribs(wc_PKCS7* pkcs7, FlatAttrib** derArr, int rows, EncodedAttrib* ea, int eaSz) { int i; @@ -1720,7 +1720,7 @@ static int FlattenEncodedAttribs(PKCS7* pkcs7, FlatAttrib** derArr, int rows, /* Sort and Flatten EncodedAttrib attributes into output buffer */ -static int FlattenAttributes(PKCS7* pkcs7, byte* output, EncodedAttrib* ea, +static int FlattenAttributes(wc_PKCS7* pkcs7, byte* output, EncodedAttrib* ea, int eaSz) { int i, ret; @@ -1779,7 +1779,7 @@ static int FlattenAttributes(PKCS7* pkcs7, byte* output, EncodedAttrib* ea, #ifndef NO_RSA -static int wc_PKCS7_ImportRSA(PKCS7* pkcs7, RsaKey* privKey) +static int wc_PKCS7_ImportRSA(wc_PKCS7* pkcs7, RsaKey* privKey) { int ret; word32 idx; @@ -1822,7 +1822,7 @@ static int wc_PKCS7_ImportRSA(PKCS7* pkcs7, RsaKey* privKey) /* returns size of signature put into out, negative on error */ -static int wc_PKCS7_RsaSign(PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) +static int wc_PKCS7_RsaSign(wc_PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) { int ret; #ifdef WOLFSSL_SMALL_STACK @@ -1873,7 +1873,7 @@ static int wc_PKCS7_RsaSign(PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) #ifdef HAVE_ECC -static int wc_PKCS7_ImportECC(PKCS7* pkcs7, ecc_key* privKey) +static int wc_PKCS7_ImportECC(wc_PKCS7* pkcs7, ecc_key* privKey) { int ret; word32 idx; @@ -1912,7 +1912,7 @@ static int wc_PKCS7_ImportECC(PKCS7* pkcs7, ecc_key* privKey) /* returns size of signature put into out, negative on error */ -static int wc_PKCS7_EcdsaSign(PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) +static int wc_PKCS7_EcdsaSign(wc_PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) { int ret; word32 outSz; @@ -1964,7 +1964,7 @@ static int wc_PKCS7_EcdsaSign(PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) #endif /* HAVE_ECC */ /* returns encContentDigestSz based on the signature set to be used */ -static int wc_PKCS7_GetSignSize(PKCS7* pkcs7) +static int wc_PKCS7_GetSignSize(wc_PKCS7* pkcs7) { int ret = 0; @@ -2031,7 +2031,7 @@ static int wc_PKCS7_GetSignSize(PKCS7* pkcs7) * esd - pointer to initialized ESD structure, used for output * * return 0 on success, negative on error */ -static int wc_PKCS7_BuildSignedAttributes(PKCS7* pkcs7, ESD* esd, +static int wc_PKCS7_BuildSignedAttributes(wc_PKCS7* pkcs7, ESD* esd, const byte* contentType, word32 contentTypeSz, const byte* contentTypeOid, word32 contentTypeOidSz, const byte* messageDigestOid, word32 messageDigestOidSz, @@ -2138,7 +2138,7 @@ static int wc_PKCS7_BuildSignedAttributes(PKCS7* pkcs7, ESD* esd, * digEncAlgoType - [OUT] output for algo ID type * * return 0 on success, negative on error */ -static int wc_PKCS7_SignedDataGetEncAlgoId(PKCS7* pkcs7, int* digEncAlgoId, +static int wc_PKCS7_SignedDataGetEncAlgoId(wc_PKCS7* pkcs7, int* digEncAlgoId, int* digEncAlgoType) { int algoId = 0; @@ -2281,7 +2281,7 @@ static int wc_PKCS7_SignedDataGetEncAlgoId(PKCS7* pkcs7, int* digEncAlgoId, * digestInfoSz - [IN/OUT] - input size of array, size of digestInfo * * return 0 on success, negative on error */ -static int wc_PKCS7_BuildDigestInfo(PKCS7* pkcs7, byte* flatSignedAttribs, +static int wc_PKCS7_BuildDigestInfo(wc_PKCS7* pkcs7, byte* flatSignedAttribs, word32 flatSignedAttribsSz, ESD* esd, byte* digestInfo, word32* digestInfoSz) { @@ -2367,7 +2367,7 @@ static int wc_PKCS7_BuildDigestInfo(PKCS7* pkcs7, byte* flatSignedAttribs, * esd - pointer to initialized ESD struct * * returns length of signature on success, negative on error */ -static int wc_PKCS7_SignedDataBuildSignature(PKCS7* pkcs7, +static int wc_PKCS7_SignedDataBuildSignature(wc_PKCS7* pkcs7, byte* flatSignedAttribs, word32 flatSignedAttribsSz, ESD* esd) @@ -2487,7 +2487,7 @@ static int wc_PKCS7_SignedDataBuildSignature(PKCS7* pkcs7, * @param esd Pointer to an ESD structure for digest calculation. * @return Returns 0 on success, and a negative value on failure. */ -static int wc_PKCS7_EncodeContentStreamHelper(PKCS7* pkcs7, int cipherType, +static int wc_PKCS7_EncodeContentStreamHelper(wc_PKCS7* pkcs7, int cipherType, Aes* aes, byte* encContentOut, byte* contentData, int contentDataSz, byte* out, word32* outIdx, ESD* esd) { @@ -2553,10 +2553,10 @@ static int wc_PKCS7_EncodeContentStreamHelper(PKCS7* pkcs7, int cipherType, * * Returns 0 on success */ #ifndef NO_AES -static int wc_PKCS7_EncodeContentStream(PKCS7* pkcs7, ESD* esd, Aes* aes, +static int wc_PKCS7_EncodeContentStream(wc_PKCS7* pkcs7, ESD* esd, Aes* aes, byte* in, int inSz, byte* out, int cipherType) #else -static int wc_PKCS7_EncodeContentStream(PKCS7* pkcs7, ESD* esd, void* aes, +static int wc_PKCS7_EncodeContentStream(wc_PKCS7* pkcs7, ESD* esd, void* aes, byte* in, int inSz, byte* out, int cipherType) #endif { @@ -2749,7 +2749,7 @@ static int wc_PKCS7_EncodeContentStream(PKCS7* pkcs7, ESD* esd, void* aes, /* build PKCS#7 signedData content type */ /* To get the output size then set output = 0 and *outputSz = 0 */ -static int PKCS7_EncodeSigned(PKCS7* pkcs7, +static int PKCS7_EncodeSigned(wc_PKCS7* pkcs7, const byte* hashBuf, word32 hashSz, byte* output, word32* outputSz, byte* output2, word32* output2Sz) { @@ -3413,7 +3413,7 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, * pkcs7->contentSz: Must be provided as actual sign of raw data * return codes: 0=success, negative=error */ -int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf, +int wc_PKCS7_EncodeSignedData_ex(wc_PKCS7* pkcs7, const byte* hashBuf, word32 hashSz, byte* outputHead, word32* outputHeadSz, byte* outputFoot, word32* outputFootSz) { @@ -3443,7 +3443,7 @@ int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf, /* Sets a custom SKID in PKCS7 struct, used before calling an encode operation * Returns 0 on success, negative upon error. */ -int wc_PKCS7_SetCustomSKID(PKCS7* pkcs7, const byte* in, word16 inSz) +int wc_PKCS7_SetCustomSKID(wc_PKCS7* pkcs7, const byte* in, word16 inSz) { int ret = 0; @@ -3487,7 +3487,7 @@ int wc_PKCS7_SetCustomSKID(PKCS7* pkcs7, const byte* in, word16 inSz) * flag - turn on/off detached signature generation (1 or 0) * * Returns 0 on success, negative upon error. */ -int wc_PKCS7_SetDetached(PKCS7* pkcs7, word16 flag) +int wc_PKCS7_SetDetached(wc_PKCS7* pkcs7, word16 flag) { if (pkcs7 == NULL || (flag != 0 && flag != 1)) return BAD_FUNC_ARG; @@ -3508,7 +3508,7 @@ int wc_PKCS7_SetDetached(PKCS7* pkcs7, word16 flag) * pkcs7 - pointer to initialized PKCS7 structure * * Returns 0 on success, negative upon error. */ -int wc_PKCS7_NoDefaultSignedAttribs(PKCS7* pkcs7) +int wc_PKCS7_NoDefaultSignedAttribs(wc_PKCS7* pkcs7) { return wc_PKCS7_SetDefaultSignedAttribs(pkcs7, WOLFSSL_NO_ATTRIBUTES); } @@ -3525,7 +3525,7 @@ int wc_PKCS7_NoDefaultSignedAttribs(PKCS7* pkcs7) * pkcs7 - pointer to initialized PKCS7 structure * * Returns 0 on success, negative upon error. */ -int wc_PKCS7_SetDefaultSignedAttribs(PKCS7* pkcs7, word16 flag) +int wc_PKCS7_SetDefaultSignedAttribs(wc_PKCS7* pkcs7, word16 flag) { if (pkcs7 == NULL) { return BAD_FUNC_ARG; @@ -3554,7 +3554,7 @@ int wc_PKCS7_SetDefaultSignedAttribs(PKCS7* pkcs7, word16 flag) /* return codes: >0: Size of signed PKCS7 output buffer, negative: error */ -int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) +int wc_PKCS7_EncodeSignedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) { int ret; @@ -3623,7 +3623,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) * outputSz - size of output buffer, octets * * Returns length of generated bundle on success, negative upon error. */ -int wc_PKCS7_EncodeSignedFPD(PKCS7* pkcs7, byte* privateKey, +int wc_PKCS7_EncodeSignedFPD(wc_PKCS7* pkcs7, byte* privateKey, word32 privateKeySz, int signOID, int hashOID, byte* content, word32 contentSz, PKCS7Attrib* signedAttribs, word32 signedAttribsSz, @@ -3692,7 +3692,7 @@ int wc_PKCS7_EncodeSignedFPD(PKCS7* pkcs7, byte* privateKey, * outputSz - size of output buffer, octets * * Returns length of generated bundle on success, negative upon error. */ -int wc_PKCS7_EncodeSignedEncryptedFPD(PKCS7* pkcs7, byte* encryptKey, +int wc_PKCS7_EncodeSignedEncryptedFPD(wc_PKCS7* pkcs7, byte* encryptKey, word32 encryptKeySz, byte* privateKey, word32 privateKeySz, int encryptOID, int signOID, int hashOID, @@ -3800,7 +3800,7 @@ int wc_PKCS7_EncodeSignedEncryptedFPD(PKCS7* pkcs7, byte* encryptKey, * outputSz - size of output buffer, octets * * Returns length of generated bundle on success, negative upon error. */ -int wc_PKCS7_EncodeSignedCompressedFPD(PKCS7* pkcs7, byte* privateKey, +int wc_PKCS7_EncodeSignedCompressedFPD(wc_PKCS7* pkcs7, byte* privateKey, word32 privateKeySz, int signOID, int hashOID, byte* content, word32 contentSz, @@ -3904,7 +3904,7 @@ int wc_PKCS7_EncodeSignedCompressedFPD(PKCS7* pkcs7, byte* privateKey, * outputSz - size of output buffer, octets * * Returns length of generated bundle on success, negative upon error. */ -int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(PKCS7* pkcs7, byte* encryptKey, +int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(wc_PKCS7* pkcs7, byte* encryptKey, word32 encryptKeySz, byte* privateKey, word32 privateKeySz, int encryptOID, int signOID, int hashOID, byte* content, @@ -4018,7 +4018,7 @@ int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(PKCS7* pkcs7, byte* encryptKey, #ifdef HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK /* register raw RSA sign digest callback */ -int wc_PKCS7_SetRsaSignRawDigestCb(PKCS7* pkcs7, CallbackRsaSignRawDigest cb) +int wc_PKCS7_SetRsaSignRawDigestCb(wc_PKCS7* pkcs7, CallbackRsaSignRawDigest cb) { if (pkcs7 == NULL || cb == NULL) { return BAD_FUNC_ARG; @@ -4031,7 +4031,7 @@ int wc_PKCS7_SetRsaSignRawDigestCb(PKCS7* pkcs7, CallbackRsaSignRawDigest cb) #endif /* returns size of signature put into out, negative on error */ -static int wc_PKCS7_RsaVerify(PKCS7* pkcs7, byte* sig, int sigSz, +static int wc_PKCS7_RsaVerify(wc_PKCS7* pkcs7, byte* sig, int sigSz, byte* hash, word32 hashSz) { int ret = 0, i; @@ -4163,7 +4163,7 @@ static int wc_PKCS7_RsaVerify(PKCS7* pkcs7, byte* sig, int sigSz, #ifdef HAVE_ECC /* returns size of signature put into out, negative on error */ -static int wc_PKCS7_EcdsaVerify(PKCS7* pkcs7, byte* sig, int sigSz, +static int wc_PKCS7_EcdsaVerify(wc_PKCS7* pkcs7, byte* sig, int sigSz, byte* hash, word32 hashSz) { int ret = 0, i; @@ -4302,7 +4302,7 @@ static int wc_PKCS7_EcdsaVerify(PKCS7* pkcs7, byte* sig, int sigSz, * plainDigestSz - [OUT] size of digest at plainDigest * * returns 0 on success, negative on error */ -static int wc_PKCS7_BuildSignedDataDigest(PKCS7* pkcs7, byte* signedAttrib, +static int wc_PKCS7_BuildSignedDataDigest(wc_PKCS7* pkcs7, byte* signedAttrib, word32 signedAttribSz, byte* pkcs7Digest, word32* pkcs7DigestSz, byte** plainDigest, word32* plainDigestSz, @@ -4441,7 +4441,7 @@ static int wc_PKCS7_BuildSignedDataDigest(PKCS7* pkcs7, byte* signedAttrib, * hashBufSz - size of hashBuf, octets * * return 0 on success, negative on error */ -static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7, +static int wc_PKCS7_VerifyContentMessageDigest(wc_PKCS7* pkcs7, const byte* hashBuf, word32 hashSz) { @@ -4586,7 +4586,7 @@ static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7, * signedAttribSz - size of signedAttributes * * return 0 on success, negative on error */ -static int wc_PKCS7_SignedDataVerifySignature(PKCS7* pkcs7, byte* sig, +static int wc_PKCS7_SignedDataVerifySignature(wc_PKCS7* pkcs7, byte* sig, word32 sigSz, byte* signedAttrib, word32 signedAttribSz, const byte* hashBuf, word32 hashSz) @@ -4742,7 +4742,7 @@ static int wc_PKCS7_SignedDataVerifySignature(PKCS7* pkcs7, byte* sig, /* set correct public key OID based on signature OID, stores in * pkcs7->publicKeyOID and returns same value */ -static int wc_PKCS7_SetPublicKeyOID(PKCS7* pkcs7, int sigOID) +static int wc_PKCS7_SetPublicKeyOID(wc_PKCS7* pkcs7, int sigOID) { if (pkcs7 == NULL) return BAD_FUNC_ARG; @@ -4830,7 +4830,7 @@ static int wc_PKCS7_SetPublicKeyOID(PKCS7* pkcs7, int sigOID) * * returns the number of attributes parsed on success */ -static int wc_PKCS7_ParseAttribs(PKCS7* pkcs7, byte* in, int inSz) +static int wc_PKCS7_ParseAttribs(wc_PKCS7* pkcs7, byte* in, int inSz) { int found = 0; word32 idx = 0; @@ -4914,7 +4914,7 @@ static int wc_PKCS7_ParseAttribs(PKCS7* pkcs7, byte* in, int inSz) * * by default support for SignedData degenerate cases is on */ -void wc_PKCS7_AllowDegenerate(PKCS7* pkcs7, word16 flag) +void wc_PKCS7_AllowDegenerate(wc_PKCS7* pkcs7, word16 flag) { if (pkcs7) { if (flag) { /* flag of 1 turns on support for degenerate */ @@ -4936,7 +4936,7 @@ void wc_PKCS7_AllowDegenerate(PKCS7* pkcs7, word16 flag) * * returns 0 on success */ -static int wc_PKCS7_ParseSignerInfo(PKCS7* pkcs7, byte* in, word32 inSz, +static int wc_PKCS7_ParseSignerInfo(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32* idxIn, int degenerate, byte** signedAttrib, int* signedAttribSz) { int ret = 0; @@ -5110,7 +5110,7 @@ static int wc_PKCS7_ParseSignerInfo(PKCS7* pkcs7, byte* in, word32 inSz, * pkcs7->stream->content and stores its size in pkcs7->stream->contentSz. */ #ifndef NO_PKCS7_STREAM -static int wc_PKCS7_HandleOctetStrings(PKCS7* pkcs7, byte* in, word32 inSz, +static int wc_PKCS7_HandleOctetStrings(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32* tmpIdx, word32* idx, int keepContent) { int ret, length; @@ -5341,7 +5341,7 @@ static int wc_PKCS7_HandleOctetStrings(PKCS7* pkcs7, byte* in, word32 inSz, * When adding support for the case of SignedAndEnvelopedData content types a * signer is required. In this case the PKCS7 flag noDegenerate could be set. */ -static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf, +static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, word32 hashSz, byte* in, word32 inSz, byte* in2, word32 in2Sz) { @@ -6630,7 +6630,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf, * return 0 on success and LENGTH_ONLY_E if just setting "outSz" for buffer * length needed. */ -int wc_PKCS7_GetSignerSID(PKCS7* pkcs7, byte* out, word32* outSz) +int wc_PKCS7_GetSignerSID(wc_PKCS7* pkcs7, byte* out, word32* outSz) { if (outSz == NULL || pkcs7 == NULL) { return BAD_FUNC_ARG; @@ -6683,7 +6683,7 @@ int wc_PKCS7_GetSignerSID(PKCS7* pkcs7, byte* out, word32* outSz) * Returns 0 on success, negative upon error. * */ -int wc_PKCS7_VerifySignedData_ex(PKCS7* pkcs7, const byte* hashBuf, +int wc_PKCS7_VerifySignedData_ex(wc_PKCS7* pkcs7, const byte* hashBuf, word32 hashSz, byte* pkiMsgHead, word32 pkiMsgHeadSz, byte* pkiMsgFoot, word32 pkiMsgFootSz) { @@ -6691,7 +6691,7 @@ int wc_PKCS7_VerifySignedData_ex(PKCS7* pkcs7, const byte* hashBuf, pkiMsgHead, pkiMsgHeadSz, pkiMsgFoot, pkiMsgFootSz); } -int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) +int wc_PKCS7_VerifySignedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) { return PKCS7_VerifySignedData(pkcs7, NULL, 0, pkiMsg, pkiMsgSz, NULL, 0); } @@ -6704,7 +6704,7 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) * len - length of key to be generated * * Returns 0 on success, negative upon error */ -static int PKCS7_GenerateContentEncryptionKey(PKCS7* pkcs7, word32 len) +static int PKCS7_GenerateContentEncryptionKey(wc_PKCS7* pkcs7, word32 len) { int ret; WC_RNG rng; @@ -6837,7 +6837,7 @@ typedef struct WC_PKCS7_KARI { /* allocate and create new WC_PKCS7_KARI struct, * returns struct pointer on success, NULL on failure */ -static WC_PKCS7_KARI* wc_PKCS7_KariNew(PKCS7* pkcs7, byte direction) +static WC_PKCS7_KARI* wc_PKCS7_KariNew(wc_PKCS7* pkcs7, byte direction) { WC_PKCS7_KARI* kari = NULL; @@ -7312,7 +7312,7 @@ static int wc_PKCS7_KariGenerateKEK(WC_PKCS7_KARI* kari, WC_RNG* rng, * to CMS/PKCS#7 EnvelopedData structure. * * Returns 0 on success, negative upon error */ -int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz, +int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, int keyWrapOID, int keyAgreeOID, byte* ukm, word32 ukmSz, int options) { @@ -7682,7 +7682,7 @@ int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz, * to CMS/PKCS#7 EnvelopedData structure. * * Returns 0 on success, negative upon error */ -int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz, +int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, int options) { Pkcs7EncodedRecip* recip = NULL; @@ -8119,7 +8119,7 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz, /* abstraction for writing out PKCS7 bundle during creation returns 0 on success */ -int wc_PKCS7_WriteOut(PKCS7* pkcs7, byte* output, const byte* input, +int wc_PKCS7_WriteOut(wc_PKCS7* pkcs7, byte* output, const byte* input, word32 inputSz) { int ret = 0; @@ -8157,7 +8157,7 @@ int wc_PKCS7_WriteOut(PKCS7* pkcs7, byte* output, const byte* input, /* encrypt content using encryptOID algo */ -static int wc_PKCS7_EncryptContent(PKCS7* pkcs7, int encryptOID, byte* key, +static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, int keySz, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, word32 authTagSz, byte* in, @@ -8402,7 +8402,7 @@ static int wc_PKCS7_EncryptContent(PKCS7* pkcs7, int encryptOID, byte* key, /* decrypt content using encryptOID algo * returns 0 on success */ -static int wc_PKCS7_DecryptContent(PKCS7* pkcs7, int encryptOID, byte* key, +static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, int keySz, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, word32 authTagSz, byte* in, int inSz, byte* out, int devId, void* heap) { @@ -8605,7 +8605,7 @@ static int wc_PKCS7_DecryptContent(PKCS7* pkcs7, int encryptOID, byte* key, /* Generate random block, place in out, return 0 on success negative on error. * Used for generation of IV, nonce, etc */ -static int wc_PKCS7_GenerateBlock(PKCS7* pkcs7, WC_RNG* rng, byte* out, +static int wc_PKCS7_GenerateBlock(wc_PKCS7* pkcs7, WC_RNG* rng, byte* out, word32 outSz) { int ret; @@ -8653,7 +8653,7 @@ static int wc_PKCS7_GenerateBlock(PKCS7* pkcs7, WC_RNG* rng, byte* out, * type - either CMS_ISSUER_AND_SERIAL_NUMBER, CMS_SKID or DEGENERATE_SID * * return 0 on success, negative upon error */ -int wc_PKCS7_SetSignerIdentifierType(PKCS7* pkcs7, int type) +int wc_PKCS7_SetSignerIdentifierType(wc_PKCS7* pkcs7, int type) { if (pkcs7 == NULL) return BAD_FUNC_ARG; @@ -8677,7 +8677,7 @@ int wc_PKCS7_SetSignerIdentifierType(PKCS7* pkcs7, int type) * sz - length of contentType array, octets * * return 0 on success, negative upon error */ -int wc_PKCS7_SetContentType(PKCS7* pkcs7, byte* contentType, word32 sz) +int wc_PKCS7_SetContentType(wc_PKCS7* pkcs7, byte* contentType, word32 sz) { if (pkcs7 == NULL || contentType == NULL || sz == 0) return BAD_FUNC_ARG; @@ -8742,7 +8742,7 @@ int wc_PKCS7_PadData(byte* in, word32 inSz, byte* out, word32 outSz, * to CMS/PKCS#7 EnvelopedData structure. * * Return 0 on success, negative upon error */ -int wc_PKCS7_AddRecipient_ORI(PKCS7* pkcs7, CallbackOriEncrypt oriEncryptCb, +int wc_PKCS7_AddRecipient_ORI(wc_PKCS7* pkcs7, CallbackOriEncrypt oriEncryptCb, int options) { int oriTypeLenSz, blockKeySz, ret; @@ -8836,7 +8836,7 @@ int wc_PKCS7_AddRecipient_ORI(PKCS7* pkcs7, CallbackOriEncrypt oriEncryptCb, #if !defined(NO_PWDBASED) && !defined(NO_SHA) -static int wc_PKCS7_GenerateKEK_PWRI(PKCS7* pkcs7, byte* passwd, word32 pLen, +static int wc_PKCS7_GenerateKEK_PWRI(wc_PKCS7* pkcs7, byte* passwd, word32 pLen, byte* salt, word32 saltSz, int kdfOID, int prfOID, int iterations, byte* out, word32 outSz) @@ -8870,7 +8870,7 @@ static int wc_PKCS7_GenerateKEK_PWRI(PKCS7* pkcs7, byte* passwd, word32 pLen, /* RFC3211 (Section 2.3.1) key wrap algorithm (id-alg-PWRI-KEK). * * Returns output size on success, negative upon error */ -static int wc_PKCS7_PwriKek_KeyWrap(PKCS7* pkcs7, const byte* kek, word32 kekSz, +static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek, word32 kekSz, const byte* cek, word32 cekSz, byte* out, word32 *outSz, const byte* iv, word32 ivSz, int algID) @@ -8953,7 +8953,7 @@ static int wc_PKCS7_PwriKek_KeyWrap(PKCS7* pkcs7, const byte* kek, word32 kekSz, /* RFC3211 (Section 2.3.2) key unwrap algorithm (id-alg-PWRI-KEK). * * Returns cek size on success, negative upon error */ -static int wc_PKCS7_PwriKek_KeyUnWrap(PKCS7* pkcs7, const byte* kek, +static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek, word32 kekSz, const byte* in, word32 inSz, byte* out, word32 outSz, const byte* iv, word32 ivSz, int algID) @@ -9056,7 +9056,7 @@ static int wc_PKCS7_PwriKek_KeyUnWrap(PKCS7* pkcs7, const byte* kek, * to CMS/PKCS#7 EnvelopedData structure. * * Return 0 on success, negative upon error */ -int wc_PKCS7_AddRecipient_PWRI(PKCS7* pkcs7, byte* passwd, word32 pLen, +int wc_PKCS7_AddRecipient_PWRI(wc_PKCS7* pkcs7, byte* passwd, word32 pLen, byte* salt, word32 saltSz, int kdfOID, int hashOID, int iterations, int kekEncryptOID, int options) @@ -9327,7 +9327,7 @@ int wc_PKCS7_AddRecipient_PWRI(PKCS7* pkcs7, byte* passwd, word32 pLen, * the password info for decryption a EnvelopedData PWRI RecipientInfo. * * Returns 0 on success, negative upon error */ -int wc_PKCS7_SetPassword(PKCS7* pkcs7, byte* passwd, word32 pLen) +int wc_PKCS7_SetPassword(wc_PKCS7* pkcs7, byte* passwd, word32 pLen) { if (pkcs7 == NULL || passwd == NULL || pLen == 0) return BAD_FUNC_ARG; @@ -9357,7 +9357,7 @@ int wc_PKCS7_SetPassword(PKCS7* pkcs7, byte* passwd, word32 pLen) * otherSz - size of other (OPTIONAL) * * Returns 0 on success, negative upon error */ -int wc_PKCS7_AddRecipient_KEKRI(PKCS7* pkcs7, int keyWrapOID, byte* kek, +int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek, word32 kekSz, byte* keyId, word32 keyIdSz, void* timePtr, byte* otherOID, word32 otherOIDSz, byte* other, word32 otherSz, @@ -9564,7 +9564,7 @@ int wc_PKCS7_AddRecipient_KEKRI(PKCS7* pkcs7, int keyWrapOID, byte* kek, } -static int wc_PKCS7_GetCMSVersion(PKCS7* pkcs7, int cmsContentType) +static int wc_PKCS7_GetCMSVersion(wc_PKCS7* pkcs7, int cmsContentType) { int version = -1; @@ -9606,7 +9606,7 @@ static int wc_PKCS7_GetCMSVersion(PKCS7* pkcs7, int cmsContentType) /* build PKCS#7 envelopedData content type, return enveloped size */ -int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz) +int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) { int ret, idx = 0; int totalSz, padSz, encryptedOutSz; @@ -10013,7 +10013,7 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz) #ifndef NO_RSA /* decode KeyTransRecipientInfo (ktri), return 0 on success, <0 on error */ -static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz, +static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32* idx, byte* decryptedKey, word32* decryptedKeySz, int* recipFound) { @@ -10841,7 +10841,7 @@ static int wc_PKCS7_KariGetRecipientEncryptedKeys(WC_PKCS7_KARI* kari, #endif /* HAVE_ECC */ -int wc_PKCS7_SetOriEncryptCtx(PKCS7* pkcs7, void* ctx) +int wc_PKCS7_SetOriEncryptCtx(wc_PKCS7* pkcs7, void* ctx) { if (pkcs7 == NULL) return BAD_FUNC_ARG; @@ -10852,7 +10852,7 @@ int wc_PKCS7_SetOriEncryptCtx(PKCS7* pkcs7, void* ctx) } -int wc_PKCS7_SetOriDecryptCtx(PKCS7* pkcs7, void* ctx) +int wc_PKCS7_SetOriDecryptCtx(wc_PKCS7* pkcs7, void* ctx) { if (pkcs7 == NULL) @@ -10864,7 +10864,7 @@ int wc_PKCS7_SetOriDecryptCtx(PKCS7* pkcs7, void* ctx) } -int wc_PKCS7_SetOriDecryptCb(PKCS7* pkcs7, CallbackOriDecrypt cb) +int wc_PKCS7_SetOriDecryptCb(wc_PKCS7* pkcs7, CallbackOriDecrypt cb) { if (pkcs7 == NULL) return BAD_FUNC_ARG; @@ -10876,7 +10876,7 @@ int wc_PKCS7_SetOriDecryptCb(PKCS7* pkcs7, CallbackOriDecrypt cb) /* return 0 on success */ -int wc_PKCS7_SetWrapCEKCb(PKCS7* pkcs7, CallbackWrapCEK cb) +int wc_PKCS7_SetWrapCEKCb(wc_PKCS7* pkcs7, CallbackWrapCEK cb) { if (pkcs7 == NULL) return BAD_FUNC_ARG; @@ -10902,7 +10902,7 @@ int wc_PKCS7_SetWrapCEKCb(PKCS7* pkcs7, CallbackWrapCEK cb) * * Return 0 on success, negative upon error. */ -static int wc_PKCS7_DecryptOri(PKCS7* pkcs7, byte* in, word32 inSz, +static int wc_PKCS7_DecryptOri(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32* idx, byte* decryptedKey, word32* decryptedKeySz, int* recipFound) { @@ -10988,7 +10988,7 @@ static int wc_PKCS7_DecryptOri(PKCS7* pkcs7, byte* in, word32 inSz, /* decode ASN.1 PasswordRecipientInfo (pwri), return 0 on success, * < 0 on error */ -static int wc_PKCS7_DecryptPwri(PKCS7* pkcs7, byte* in, word32 inSz, +static int wc_PKCS7_DecryptPwri(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32* idx, byte* decryptedKey, word32* decryptedKeySz, int* recipFound) { @@ -11222,7 +11222,7 @@ static int wc_PKCS7_DecryptPwri(PKCS7* pkcs7, byte* in, word32 inSz, /* decode ASN.1 KEKRecipientInfo (kekri), return 0 on success, * < 0 on error */ -static int wc_PKCS7_DecryptKekri(PKCS7* pkcs7, byte* in, word32 inSz, +static int wc_PKCS7_DecryptKekri(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32* idx, byte* decryptedKey, word32* decryptedKeySz, int* recipFound) { @@ -11364,7 +11364,7 @@ static int wc_PKCS7_DecryptKekri(PKCS7* pkcs7, byte* in, word32 inSz, /* decode ASN.1 KeyAgreeRecipientInfo (kari), return 0 on success, * < 0 on error */ -static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz, +static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32* idx, byte* decryptedKey, word32* decryptedKeySz, int* recipFound) { @@ -11631,7 +11631,7 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz, /* decode ASN.1 RecipientInfos SET, return 0 on success, < 0 on error */ -static int wc_PKCS7_DecryptRecipientInfos(PKCS7* pkcs7, byte* in, +static int wc_PKCS7_DecryptRecipientInfos(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32* idx, byte* decryptedKey, word32* decryptedKeySz, int* recipFound) { @@ -11868,7 +11868,7 @@ static int wc_PKCS7_DecryptRecipientInfos(PKCS7* pkcs7, byte* in, /* Parse encoded EnvelopedData bundle up to RecipientInfo set. * * return size of RecipientInfo SET on success, negative upon error */ -static int wc_PKCS7_ParseToRecipientInfoSet(PKCS7* pkcs7, byte* in, +static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32* idx, int type) { @@ -12125,7 +12125,7 @@ static int wc_PKCS7_ParseToRecipientInfoSet(PKCS7* pkcs7, byte* in, * the secret key for decryption a EnvelopedData KEKRI RecipientInfo. * * Returns 0 on success, negative upon error */ -WOLFSSL_API int wc_PKCS7_SetKey(PKCS7* pkcs7, byte* key, word32 keySz) +WOLFSSL_API int wc_PKCS7_SetKey(wc_PKCS7* pkcs7, byte* key, word32 keySz) { if (pkcs7 == NULL || key == NULL || keySz == 0) return BAD_FUNC_ARG; @@ -12139,7 +12139,7 @@ WOLFSSL_API int wc_PKCS7_SetKey(PKCS7* pkcs7, byte* key, word32 keySz) /* append data to encrypted content cache in PKCS7 structure * return 0 on success, negative on error */ -static int PKCS7_CacheEncryptedContent(PKCS7* pkcs7, byte* in, word32 inSz) +static int PKCS7_CacheEncryptedContent(wc_PKCS7* pkcs7, byte* in, word32 inSz) { byte* oldCache; word32 oldCacheSz; @@ -12173,7 +12173,7 @@ static int PKCS7_CacheEncryptedContent(PKCS7* pkcs7, byte* in, word32 inSz) /* unwrap and decrypt PKCS#7 envelopedData object, return decoded size */ -WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* in, +WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, word32 inSz, byte* output, word32 outputSz) { @@ -12566,7 +12566,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* in, /* build PKCS#7 authEnvelopedData content type, return enveloped size */ -int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output, +int wc_PKCS7_EncodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) { #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) @@ -13118,7 +13118,7 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output, /* unwrap and decrypt PKCS#7 AuthEnvelopedData object, return decoded size */ -WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in, +WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, word32 inSz, byte* output, word32 outputSz) { @@ -13760,7 +13760,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_ENCRYPTED_DATA /* build PKCS#7 encryptedData content type, return encrypted size */ -int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz) +int wc_PKCS7_EncodeEncryptedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) { int ret, idx = 0; int totalSz, padSz, encryptedOutSz; @@ -14022,7 +14022,7 @@ int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz) /* decode and store unprotected attributes in PKCS7->decodedAttrib. Return * 0 on success, negative on error. User must call wc_PKCS7_Free(). */ -static int wc_PKCS7_DecodeUnprotectedAttributes(PKCS7* pkcs7, byte* pkiMsg, +static int wc_PKCS7_DecodeUnprotectedAttributes(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, word32* inOutIdx) { int ret, attribLen; @@ -14056,7 +14056,7 @@ static int wc_PKCS7_DecodeUnprotectedAttributes(PKCS7* pkcs7, byte* pkiMsg, /* unwrap and decrypt PKCS#7/CMS encrypted-data object, returned decoded size */ -int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* in, word32 inSz, +int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz, byte* output, word32 outputSz) { int ret = 0, version, length = 0, haveAttribs = 0; @@ -14427,7 +14427,7 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* in, word32 inSz, * on the parsed bundle so far. * returns 0 on success */ -int wc_PKCS7_SetDecodeEncryptedCb(PKCS7* pkcs7, +int wc_PKCS7_SetDecodeEncryptedCb(wc_PKCS7* pkcs7, CallbackDecryptContent decryptionCb) { if (pkcs7 != NULL) { @@ -14440,7 +14440,7 @@ int wc_PKCS7_SetDecodeEncryptedCb(PKCS7* pkcs7, /* Set an optional user context that gets passed to callback * returns 0 on success */ -int wc_PKCS7_SetDecodeEncryptedCtx(PKCS7* pkcs7, void* ctx) +int wc_PKCS7_SetDecodeEncryptedCtx(wc_PKCS7* pkcs7, void* ctx) { if (pkcs7 != NULL) { pkcs7->decryptionCtx = ctx; @@ -14452,7 +14452,7 @@ int wc_PKCS7_SetDecodeEncryptedCtx(PKCS7* pkcs7, void* ctx) /* set stream mode for encoding and signing * returns 0 on success */ -int wc_PKCS7_SetStreamMode(PKCS7* pkcs7, byte flag, +int wc_PKCS7_SetStreamMode(wc_PKCS7* pkcs7, byte flag, CallbackGetContent getContentCb, CallbackStreamOut streamOutCb, void* ctx) { @@ -14476,7 +14476,7 @@ int wc_PKCS7_SetStreamMode(PKCS7* pkcs7, byte flag, /* returns to current stream mode flag on success, negative values on fail */ -int wc_PKCS7_GetStreamMode(PKCS7* pkcs7) +int wc_PKCS7_GetStreamMode(wc_PKCS7* pkcs7) { if (pkcs7 == NULL) { return BAD_FUNC_ARG; @@ -14491,7 +14491,7 @@ int wc_PKCS7_GetStreamMode(PKCS7* pkcs7) /* set option to not include certificates when creating a bundle * returns 0 on success */ -int wc_PKCS7_SetNoCerts(PKCS7* pkcs7, byte flag) +int wc_PKCS7_SetNoCerts(wc_PKCS7* pkcs7, byte flag) { if (pkcs7 == NULL) { return BAD_FUNC_ARG; @@ -14502,7 +14502,7 @@ int wc_PKCS7_SetNoCerts(PKCS7* pkcs7, byte flag) /* returns the current noCerts flag value on success, negative values on fail */ -int wc_PKCS7_GetNoCerts(PKCS7* pkcs7) +int wc_PKCS7_GetNoCerts(wc_PKCS7* pkcs7) { if (pkcs7 == NULL) { return BAD_FUNC_ARG; @@ -14514,7 +14514,7 @@ int wc_PKCS7_GetNoCerts(PKCS7* pkcs7) #if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA) /* build PKCS#7 compressedData content type, return encrypted size */ -int wc_PKCS7_EncodeCompressedData(PKCS7* pkcs7, byte* output, word32 outputSz) +int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) { byte contentInfoSeq[MAX_SEQ_SZ]; byte contentInfoTypeOid[MAX_OID_SZ]; @@ -14686,7 +14686,7 @@ int wc_PKCS7_EncodeCompressedData(PKCS7* pkcs7, byte* output, word32 outputSz) /* unwrap and decompress PKCS#7/CMS compressedData object, * Handles content wrapped compressed data and raw compressed data packet * returned decoded size */ -int wc_PKCS7_DecodeCompressedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, +int wc_PKCS7_DecodeCompressedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, byte* output, word32 outputSz) { int length, version, ret; diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 9e34599caf..f124f18b1d 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -2924,7 +2924,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out, } #endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_RSA */ -#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING) +#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) /* Performs direct RSA computation without padding. The input and output must * match the key size (ex: 2048-bits = 256 bytes). Returns the size of the * output on success or negative value on failure. */ @@ -3010,7 +3010,7 @@ int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz, return ret; } -#endif /* WC_RSA_DIRECT || WC_RSA_NO_PADDING */ +#endif /* WC_RSA_DIRECT || WC_RSA_NO_PADDING || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ #if defined(WOLFSSL_CRYPTOCELL) static int cc310_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, diff --git a/wolfcrypt/src/wolfmath.c b/wolfcrypt/src/wolfmath.c index ce36b602cd..4c3b45a7f6 100644 --- a/wolfcrypt/src/wolfmath.c +++ b/wolfcrypt/src/wolfmath.c @@ -167,8 +167,6 @@ int get_rand_digit(WC_RNG* rng, mp_digit* d) return wc_RNG_GenerateBlock(rng, (byte*)d, sizeof(mp_digit)); } -#if defined(WC_RSA_BLINDING) || defined(WOLFCRYPT_HAVE_SAKKE) || \ - defined(WOLFSSL_ECC_BLIND_K) int mp_rand(mp_int* a, int digits, WC_RNG* rng) { int ret = 0; @@ -222,7 +220,6 @@ int mp_rand(mp_int* a, int digits, WC_RNG* rng) return ret; } -#endif /* WC_RSA_BLINDING || WOLFCRYPT_HAVE_SAKKE || WOLFSSL_ECC_BLIND_K */ #endif /* !WC_NO_RNG */ #if defined(HAVE_ECC) || defined(WOLFSSL_EXPORT_INT) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 4da05c864a..10dabe7960 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -9118,9 +9118,9 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, const byte* expected, int expectedSz) { #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *ctx = NULL; + WOLFSSL_EVP_CIPHER_CTX *ctx = NULL; #else - EVP_CIPHER_CTX ctx[1]; + WOLFSSL_EVP_CIPHER_CTX ctx[1]; #endif int ctx_inited = 0; int idx, cipherSz; @@ -9139,20 +9139,20 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, } /* test encrypt */ - EVP_CIPHER_CTX_init(ctx); + wolfSSL_EVP_CIPHER_CTX_init(ctx); ctx_inited = 1; - if (EVP_CipherInit(ctx, type, key, iv, 1) == 0) { + if (wolfSSL_EVP_CipherInit(ctx, type, key, iv, 1) == 0) { ret = WC_TEST_RET_ENC_NC; goto EVP_TEST_END; } - if (EVP_CipherUpdate(ctx, cipher, &idx, plain, expectedSz) == 0) { + if (wolfSSL_EVP_CipherUpdate(ctx, cipher, &idx, plain, expectedSz) == 0) { ret = WC_TEST_RET_ENC_NC; goto EVP_TEST_END; } cipherSz = idx; - if (EVP_CipherFinal(ctx, cipher + cipherSz, &idx) == 0) { + if (wolfSSL_EVP_CipherFinal(ctx, cipher + cipherSz, &idx) == 0) { ret = WC_TEST_RET_ENC_NC; goto EVP_TEST_END; } @@ -9173,20 +9173,20 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, } /* test decrypt */ - EVP_CIPHER_CTX_init(ctx); + wolfSSL_EVP_CIPHER_CTX_init(ctx); ctx_inited = 1; - if (EVP_CipherInit(ctx, type, key, iv, 0) == 0) { + if (wolfSSL_EVP_CipherInit(ctx, type, key, iv, 0) == 0) { ret = WC_TEST_RET_ENC_NC; goto EVP_TEST_END; } - if (EVP_CipherUpdate(ctx, cipher, &idx, cipher, expectedSz) == 0) { + if (wolfSSL_EVP_CipherUpdate(ctx, cipher, &idx, cipher, expectedSz) == 0) { ret = WC_TEST_RET_ENC_NC; goto EVP_TEST_END; } cipherSz = idx; - if (EVP_CipherFinal(ctx, cipher + cipherSz, &idx) == 0) { + if (wolfSSL_EVP_CipherFinal(ctx, cipher + cipherSz, &idx) == 0) { ret = WC_TEST_RET_ENC_NC; goto EVP_TEST_END; } @@ -9348,7 +9348,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, /* 128 key size test */ #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) \ && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - ret = EVP_test(EVP_aes_128_ofb(), key2, iv2, plain2, sizeof(plain2), + ret = EVP_test(wolfSSL_EVP_aes_128_ofb(), key2, iv2, plain2, sizeof(plain2), cipher2, sizeof(cipher2)); if (ret != 0) { goto out; @@ -9387,7 +9387,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, /* 192 key size test */ #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) \ && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - ret = EVP_test(EVP_aes_192_ofb(), key3, iv3, plain3, sizeof(plain3), + ret = EVP_test(wolfSSL_EVP_aes_192_ofb(), key3, iv3, plain3, sizeof(plain3), cipher3, sizeof(cipher3)); if (ret != 0) { goto out; @@ -9426,7 +9426,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, /* 256 key size test */ #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) \ && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - ret = EVP_test(EVP_aes_256_ofb(), key1, iv1, plain1, sizeof(plain1), + ret = EVP_test(wolfSSL_EVP_aes_256_ofb(), key1, iv1, plain1, sizeof(plain1), cipher1, sizeof(cipher1)); if (ret != 0) { goto out; @@ -9749,7 +9749,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, /* 128 key tests */ #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) \ && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - ret = EVP_test(EVP_aes_128_cfb128(), key1, iv, msg1, sizeof(msg1), + ret = EVP_test(wolfSSL_EVP_aes_128_cfb128(), key1, iv, msg1, sizeof(msg1), cipher1, sizeof(cipher1)); if (ret != 0) { return ret; @@ -9798,7 +9798,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, /* 192 key size test */ #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) \ && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - ret = EVP_test(EVP_aes_192_cfb128(), key2, iv, msg2, sizeof(msg2), + ret = EVP_test(wolfSSL_EVP_aes_192_cfb128(), key2, iv, msg2, sizeof(msg2), cipher2, sizeof(cipher2)); if (ret != 0) { return ret; @@ -9837,7 +9837,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, /* 256 key size test */ #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) \ && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - ret = EVP_test(EVP_aes_256_cfb128(), key3, iv, msg3, sizeof(msg3), + ret = EVP_test(wolfSSL_EVP_aes_256_cfb128(), key3, iv, msg3, sizeof(msg3), cipher3, sizeof(cipher3)); if (ret != 0) { return ret; @@ -10092,7 +10092,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifndef WOLFCRYPT_ONLY - ret = EVP_test(EVP_aes_128_cfb1(), key1, iv, msg1, sizeof(msg1), + ret = EVP_test(wolfSSL_EVP_aes_128_cfb1(), key1, iv, msg1, sizeof(msg1), cipher, sizeof(msg1)); if (ret != 0) { goto out; @@ -10125,7 +10125,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifndef WOLFCRYPT_ONLY - ret = EVP_test(EVP_aes_192_cfb1(), key2, iv2, msg2, sizeof(msg2), + ret = EVP_test(wolfSSL_EVP_aes_192_cfb1(), key2, iv2, msg2, sizeof(msg2), cipher, sizeof(msg2)); if (ret != 0) { goto out; @@ -10159,7 +10159,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifndef WOLFCRYPT_ONLY - ret = EVP_test(EVP_aes_256_cfb1(), key3, iv3, msg3, sizeof(msg3), + ret = EVP_test(wolfSSL_EVP_aes_256_cfb1(), key3, iv3, msg3, sizeof(msg3), cipher, sizeof(msg3)); if (ret != 0) { goto out; @@ -10303,7 +10303,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, #ifdef WOLFSSL_AES_128 /* 128 key tests */ #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) - ret = EVP_test(EVP_aes_128_cfb8(), key1, iv, msg1, sizeof(msg1), + ret = EVP_test(wolfSSL_EVP_aes_128_cfb8(), key1, iv, msg1, sizeof(msg1), cipher1, sizeof(cipher1)); if (ret != 0) { return ret; @@ -10349,7 +10349,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, if (XMEMCMP(cipher, cipher2, sizeof(msg2)) != 0) ERROR_OUT(WC_TEST_RET_ENC_NC, out); #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) - ret = EVP_test(EVP_aes_192_cfb8(), key2, iv2, msg2, sizeof(msg2), + ret = EVP_test(wolfSSL_EVP_aes_192_cfb8(), key2, iv2, msg2, sizeof(msg2), cipher2, sizeof(msg2)); if (ret != 0) { return ret; @@ -10372,7 +10372,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, ERROR_OUT(WC_TEST_RET_ENC_NC, out); #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) - ret = EVP_test(EVP_aes_256_cfb8(), key3, iv3, msg3, sizeof(msg3), + ret = EVP_test(wolfSSL_EVP_aes_256_cfb8(), key3, iv3, msg3, sizeof(msg3), cipher3, sizeof(msg3)); if (ret != 0) { goto out; @@ -10661,7 +10661,7 @@ static wc_test_ret_t aes_xts_128_test(void) #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) \ && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - ret = EVP_test(EVP_aes_128_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2)); + ret = EVP_test(wolfSSL_EVP_aes_128_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2)); if (ret != 0) { printf("EVP_aes_128_xts failed!\n"); goto out; @@ -12049,7 +12049,7 @@ static wc_test_ret_t aes_xts_256_test(void) #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) \ && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) - ret = EVP_test(EVP_aes_256_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2)); + ret = EVP_test(wolfSSL_EVP_aes_256_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2)); if (ret != 0) { printf("EVP_aes_256_xts failed\n"); goto out; @@ -23720,11 +23720,11 @@ static wc_test_ret_t openssl_aes_test(void) byte cipher[AES_BLOCK_SIZE * 4]; byte plain [AES_BLOCK_SIZE * 4]; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); - EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); #else - EVP_CIPHER_CTX en[1]; - EVP_CIPHER_CTX de[1]; + WOLFSSL_EVP_CIPHER_CTX en[1]; + WOLFSSL_EVP_CIPHER_CTX de[1]; #endif int outlen ; int total = 0; @@ -23735,25 +23735,25 @@ static wc_test_ret_t openssl_aes_test(void) return MEMORY_E; #endif - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 1) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(en, (byte*)cipher, &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)cipher, &outlen, (byte*)cbcPlain, 9) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 0) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherUpdate(en, (byte*)&cipher[total], &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)&cipher[total], &outlen, (byte*)&cbcPlain[9] , 9) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) return WC_TEST_RET_ENC_NC; @@ -23761,34 +23761,34 @@ static wc_test_ret_t openssl_aes_test(void) if (total != 32) return 3408; - EVP_CIPHER_CTX_cleanup(en); + wolfSSL_EVP_CIPHER_CTX_cleanup(en); total = 0; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, 6) == 0) + if (wolfSSL_EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, 6) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 0) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, + if (wolfSSL_EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[6], 12) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 0) total += outlen; - if (EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, + if (wolfSSL_EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[6+12], 14) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherFinal(de, (byte*)&plain[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(de, (byte*)&plain[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 2) return WC_TEST_RET_ENC_NC; @@ -23800,29 +23800,29 @@ static wc_test_ret_t openssl_aes_test(void) if (XMEMCMP(plain, cbcPlain, 18)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(de); + wolfSSL_EVP_CIPHER_CTX_cleanup(de); /* test with encrypting/decrypting more than 16 bytes at once */ total = 0; - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 1) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(en, (byte*)cipher, &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)cipher, &outlen, (byte*)cbcPlain, 17) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherUpdate(en, (byte*)&cipher[total], &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)&cipher[total], &outlen, (byte*)&cbcPlain[17] , 1) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 0) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) return WC_TEST_RET_ENC_NC; @@ -23830,38 +23830,38 @@ static wc_test_ret_t openssl_aes_test(void) if (total != 32) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(en); + wolfSSL_EVP_CIPHER_CTX_cleanup(en); total = 0; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, 17) == 0) + if (wolfSSL_EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, 17) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; /* final call on non block size should fail */ - if (EVP_CipherFinal(de, (byte*)&plain[total], &outlen) != 0) + if (wolfSSL_EVP_CipherFinal(de, (byte*)&plain[total], &outlen) != 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, + if (wolfSSL_EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[17], 1) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 0) total += outlen; - if (EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, + if (wolfSSL_EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[17+1], 14) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 0) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherFinal(de, (byte*)&plain[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(de, (byte*)&plain[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 2) return WC_TEST_RET_ENC_NC; @@ -23878,21 +23878,21 @@ static wc_test_ret_t openssl_aes_test(void) plain[i] = i; } - EVP_CIPHER_CTX_cleanup(de); + wolfSSL_EVP_CIPHER_CTX_cleanup(de); total = 0; - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 1) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(en, (byte*)cipher, &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)cipher, &outlen, (byte*)plain, AES_BLOCK_SIZE * 3) == 0) return WC_TEST_RET_ENC_NC; if (outlen != AES_BLOCK_SIZE * 3) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if (outlen != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; @@ -23900,16 +23900,16 @@ static wc_test_ret_t openssl_aes_test(void) if (total != sizeof(plain)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(en); + wolfSSL_EVP_CIPHER_CTX_cleanup(en); total = 0; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 0) == 0) return WC_TEST_RET_ENC_NC; for (i = 0; i < AES_BLOCK_SIZE * 4; i++) { - if (EVP_CipherUpdate(de, (byte*)plain + total, &outlen, + if (wolfSSL_EVP_CipherUpdate(de, (byte*)plain + total, &outlen, (byte*)cipher + i, 1) == 0) return WC_TEST_RET_ENC_NC; @@ -23925,7 +23925,7 @@ static wc_test_ret_t openssl_aes_test(void) } } - if (EVP_CipherFinal(de, (byte*)&plain[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(de, (byte*)&plain[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; total += outlen; if (total != AES_BLOCK_SIZE * 3) { @@ -23937,7 +23937,7 @@ static wc_test_ret_t openssl_aes_test(void) } } - EVP_CIPHER_CTX_cleanup(de); + wolfSSL_EVP_CIPHER_CTX_cleanup(de); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) wolfSSL_EVP_CIPHER_CTX_free(en); @@ -23971,11 +23971,11 @@ static wc_test_ret_t openssl_aes_test(void) byte plain [EVP_TEST_BUF_SZ]; byte padded[EVP_TEST_BUF_PAD]; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); - EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); #else - EVP_CIPHER_CTX en[1]; - EVP_CIPHER_CTX de[1]; + WOLFSSL_EVP_CIPHER_CTX en[1]; + WOLFSSL_EVP_CIPHER_CTX de[1]; #endif int outlen ; int total = 0; @@ -23985,13 +23985,13 @@ static wc_test_ret_t openssl_aes_test(void) return MEMORY_E; #endif - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 1) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_CTX_set_padding(en, 0) != 1) + if (wolfSSL_EVP_CIPHER_CTX_set_padding(en, 0) != 1) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(en, (byte*)cipher, &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)cipher, &outlen, (byte*)cbcPlain, EVP_TEST_BUF_SZ) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) @@ -23999,45 +23999,45 @@ static wc_test_ret_t openssl_aes_test(void) total += outlen; /* should fail here */ - if (EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) != 0) + if (wolfSSL_EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) != 0) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(en); + wolfSSL_EVP_CIPHER_CTX_cleanup(en); /* turn padding back on and do successful encrypt */ total = 0; - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 1) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_CTX_set_padding(en, 1) != 1) + if (wolfSSL_EVP_CIPHER_CTX_set_padding(en, 1) != 1) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(en, (byte*)padded, &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)padded, &outlen, (byte*)cbcPlain, EVP_TEST_BUF_SZ) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherFinal(en, (byte*)&padded[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(en, (byte*)&padded[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; total += outlen; if (total != 32) return WC_TEST_RET_ENC_NC; XMEMCPY(cipher, padded, EVP_TEST_BUF_SZ); - EVP_CIPHER_CTX_cleanup(en); + wolfSSL_EVP_CIPHER_CTX_cleanup(en); /* test out of bounds read on buffers w/o padding during decryption */ total = 0; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_CTX_set_padding(de, 0) != 1) + if (wolfSSL_EVP_CIPHER_CTX_set_padding(de, 0) != 1) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, + if (wolfSSL_EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, EVP_TEST_BUF_SZ) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) @@ -24045,31 +24045,31 @@ static wc_test_ret_t openssl_aes_test(void) total += outlen; /* should fail since not using padding */ - if (EVP_CipherFinal(de, (byte*)&plain[total], &outlen) != 0) + if (wolfSSL_EVP_CipherFinal(de, (byte*)&plain[total], &outlen) != 0) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(de); + wolfSSL_EVP_CIPHER_CTX_cleanup(de); total = 0; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_CTX_set_padding(de, 1) != 1) + if (wolfSSL_EVP_CIPHER_CTX_set_padding(de, 1) != 1) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(de, (byte*)padded, &outlen, (byte*)padded, + if (wolfSSL_EVP_CipherUpdate(de, (byte*)padded, &outlen, (byte*)padded, EVP_TEST_BUF_PAD) == 0) return WC_TEST_RET_ENC_NC; if (outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherFinal(de, (byte*)&padded[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(de, (byte*)&padded[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if (XMEMCMP(padded, cbcPlain, EVP_TEST_BUF_SZ)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(de); + wolfSSL_EVP_CIPHER_CTX_cleanup(de); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) wolfSSL_EVP_CIPHER_CTX_free(en); @@ -24079,9 +24079,9 @@ static wc_test_ret_t openssl_aes_test(void) { /* evp_cipher test: EVP_aes_128_cbc */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new(); #else - EVP_CIPHER_CTX ctx[1]; + WOLFSSL_EVP_CIPHER_CTX ctx[1]; #endif WOLFSSL_SMALL_STACK_STATIC const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ @@ -24109,29 +24109,29 @@ static wc_test_ret_t openssl_aes_test(void) return MEMORY_E; #endif - EVP_CIPHER_CTX_init(ctx); - if (EVP_CipherInit(ctx, EVP_aes_128_cbc(), key, iv, 1) == 0) + wolfSSL_EVP_CIPHER_CTX_init(ctx); + if (wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_128_cbc(), key, iv, 1) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(ctx, cipher, (byte*)msg, 16) != 16) + if (wolfSSL_EVP_Cipher(ctx, cipher, (byte*)msg, 16) != 16) return WC_TEST_RET_ENC_NC; if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(ctx); + wolfSSL_EVP_CIPHER_CTX_cleanup(ctx); - EVP_CIPHER_CTX_init(ctx); - if (EVP_CipherInit(ctx, EVP_aes_128_cbc(), key, iv, 0) == 0) + wolfSSL_EVP_CIPHER_CTX_init(ctx); + if (wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_128_cbc(), key, iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(ctx, plain, cipher, 16) != 16) + if (wolfSSL_EVP_Cipher(ctx, plain, cipher, 16) != 16) return WC_TEST_RET_ENC_NC; if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(ctx); + wolfSSL_EVP_CIPHER_CTX_cleanup(ctx); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) wolfSSL_EVP_CIPHER_CTX_free(ctx); @@ -24145,9 +24145,9 @@ static wc_test_ret_t openssl_aes_test(void) #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256) { /* evp_cipher test: EVP_aes_256_ecb*/ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new(); #else - EVP_CIPHER_CTX ctx[1]; + WOLFSSL_EVP_CIPHER_CTX ctx[1]; #endif WOLFSSL_SMALL_STACK_STATIC const byte msg[] = { @@ -24178,21 +24178,21 @@ static wc_test_ret_t openssl_aes_test(void) return MEMORY_E; #endif - EVP_CIPHER_CTX_init(ctx); - if (EVP_CipherInit(ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 1) == 0) + wolfSSL_EVP_CIPHER_CTX_init(ctx); + if (wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_256_ecb(), (unsigned char*)key, NULL, 1) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(ctx, cipher, (byte*)msg, 16) != 16) + if (wolfSSL_EVP_Cipher(ctx, cipher, (byte*)msg, 16) != 16) return WC_TEST_RET_ENC_NC; if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(ctx); - if (EVP_CipherInit(ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 0) == 0) + wolfSSL_EVP_CIPHER_CTX_init(ctx); + if (wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_256_ecb(), (unsigned char*)key, NULL, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(ctx, plain, cipher, 16) != 16) + if (wolfSSL_EVP_Cipher(ctx, plain, cipher, 16) != 16) return WC_TEST_RET_ENC_NC; if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) @@ -24390,17 +24390,17 @@ static wc_test_ret_t openssl_aes_test(void) #endif /* WOLFSSL_AES_256 */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); - EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); #else - EVP_CIPHER_CTX en[1]; - EVP_CIPHER_CTX de[1]; + WOLFSSL_EVP_CIPHER_CTX en[1]; + WOLFSSL_EVP_CIPHER_CTX de[1]; #endif #ifdef WOLFSSL_AES_128 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *p_en; - EVP_CIPHER_CTX *p_de; + WOLFSSL_EVP_CIPHER_CTX *p_en; + WOLFSSL_EVP_CIPHER_CTX *p_de; #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) @@ -24408,19 +24408,19 @@ static wc_test_ret_t openssl_aes_test(void) return MEMORY_E; #endif - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return WC_TEST_RET_ENC_NC; @@ -24442,17 +24442,17 @@ static wc_test_ret_t openssl_aes_test(void) if (p_de == NULL) return WC_TEST_RET_ENC_ERRNO; - if (EVP_CipherInit(p_en, EVP_aes_128_ctr(), + if (wolfSSL_EVP_CipherInit(p_en, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(p_en, (byte*)cipherBuff, (byte*)ctrPlain, + if (wolfSSL_EVP_Cipher(p_en, (byte*)cipherBuff, (byte*)ctrPlain, AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return WC_TEST_RET_ENC_NC; - if (EVP_CipherInit(p_de, EVP_aes_128_ctr(), + if (wolfSSL_EVP_CipherInit(p_de, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(p_de, (byte*)plainBuff, (byte*)cipherBuff, + if (wolfSSL_EVP_Cipher(p_de, (byte*)plainBuff, (byte*)cipherBuff, AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return WC_TEST_RET_ENC_NC; @@ -24470,19 +24470,19 @@ static wc_test_ret_t openssl_aes_test(void) if (XMEMCMP(plainBuff, ctrPlain, AES_BLOCK_SIZE*4)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) return WC_TEST_RET_ENC_NC; if (XMEMCMP(plainBuff, ctrPlain, 9)) @@ -24490,9 +24490,9 @@ static wc_test_ret_t openssl_aes_test(void) if (XMEMCMP(cipherBuff, ctrCipher, 9)) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) return WC_TEST_RET_ENC_NC; if (XMEMCMP(plainBuff, ctrPlain, 9)) @@ -24507,20 +24507,20 @@ static wc_test_ret_t openssl_aes_test(void) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_192_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_192_ctr(), (unsigned char*)ctr192Key, (unsigned char*)ctr192Iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctr192Plain, + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctr192Plain, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_192_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_192_ctr(), (unsigned char*)ctr192Key, (unsigned char*)ctr192Iv, 0) == 0) return WC_TEST_RET_ENC_NC; XMEMSET(plainBuff, 0, sizeof(plainBuff)); - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; @@ -24536,20 +24536,20 @@ static wc_test_ret_t openssl_aes_test(void) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_256_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_256_ctr(), (unsigned char*)ctr256Key, (unsigned char*)ctr256Iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctr256Plain, + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctr256Plain, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_256_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_256_ctr(), (unsigned char*)ctr256Key, (unsigned char*)ctr256Iv, 0) == 0) return WC_TEST_RET_ENC_NC; XMEMSET(plainBuff, 0, sizeof(plainBuff)); - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; @@ -24662,9 +24662,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) { wc_test_ret_t ret; #ifdef WOLFSSL_SMALL_STACK - EVP_MD_CTX *md_ctx = (EVP_MD_CTX *)XMALLOC(sizeof(EVP_MD_CTX), NULL, DYNAMIC_TYPE_OPENSSL); + WOLFSSL_EVP_MD_CTX *md_ctx = (WOLFSSL_EVP_MD_CTX *)XMALLOC(sizeof(WOLFSSL_EVP_MD_CTX), NULL, DYNAMIC_TYPE_OPENSSL); #else - EVP_MD_CTX md_ctx[1]; + WOLFSSL_EVP_MD_CTX md_ctx[1]; #endif testVector a, b, c, d, e, f; byte hash[WC_SHA256_DIGEST_SIZE*2]; /* max size */ @@ -24690,13 +24690,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) { byte* p; - p = (byte*)CRYPTO_malloc(10, "", 0); + p = (byte*)wolfSSL_CRYPTO_malloc(10, "", 0); if (p == NULL) { return WC_TEST_RET_ENC_NC; } XMEMSET(p, 0, 10); - CRYPTO_free(p, "", 0); + wolfSSL_CRYPTO_free(p, "", 0); } #ifndef NO_MD5 @@ -24707,15 +24707,15 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) a.inLen = XSTRLEN(a.input); a.outLen = WC_MD5_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_md5()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_md5()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, a.input, (unsigned long)a.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, a.input, (unsigned long)a.inLen); } if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) @@ -24731,14 +24731,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) b.inLen = XSTRLEN(b.input); b.outLen = WC_SHA_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha1()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha1()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, b.input, (unsigned long)b.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, b.input, (unsigned long)b.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; if (XMEMCMP(hash, b.output, b.outLen) != 0) @@ -24753,14 +24753,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) e.inLen = XSTRLEN(e.input); e.outLen = WC_SHA224_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha224()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha224()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, e.output, e.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -24774,14 +24774,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) d.inLen = XSTRLEN(d.input); d.outLen = WC_SHA256_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha256()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha256()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, d.input, (unsigned long)d.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, d.input, (unsigned long)d.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, d.output, d.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -24797,14 +24797,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) e.inLen = XSTRLEN(e.input); e.outLen = WC_SHA384_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha384()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha384()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, e.output, e.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -24821,14 +24821,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) f.inLen = XSTRLEN(f.input); f.outLen = WC_SHA512_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha512()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha512()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, f.output, f.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -24843,14 +24843,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) f.inLen = XSTRLEN(f.input); f.outLen = WC_SHA512_224_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha512_224()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha512_224()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, f.output, f.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -24866,14 +24866,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) f.inLen = XSTRLEN(f.input); f.outLen = WC_SHA512_256_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha512_256()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha512_256()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, f.output, f.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -24889,14 +24889,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) e.inLen = XSTRLEN(e.input); e.outLen = WC_SHA3_224_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha3_224()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha3_224()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, e.output, e.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -24911,14 +24911,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) d.inLen = XSTRLEN(d.input); d.outLen = WC_SHA3_256_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha3_256()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha3_256()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, d.input, (unsigned long)d.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, d.input, (unsigned long)d.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, d.output, d.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -24933,14 +24933,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) e.inLen = XSTRLEN(e.input); e.outLen = WC_SHA3_384_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha3_384()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha3_384()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, e.output, e.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -24956,14 +24956,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) f.inLen = XSTRLEN(f.input); f.outLen = WC_SHA3_512_DIGEST_SIZE; - EVP_MD_CTX_init(md_ctx); - ret = EVP_DigestInit(md_ctx, EVP_sha3_512()); + wolfSSL_EVP_MD_CTX_init(md_ctx); + ret = wolfSSL_EVP_DigestInit(md_ctx, wolfSSL_EVP_sha3_512()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); + ret = wolfSSL_EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(md_ctx, hash, 0); + ret = wolfSSL_EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(md_ctx); + wolfSSL_EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, f.output, f.outLen) != 0) { return WC_TEST_RET_ENC_NC; @@ -24977,7 +24977,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) #endif #ifndef WC_NO_RNG - if (RAND_bytes(hash, sizeof(hash)) != WOLFSSL_SUCCESS) + if (wolfSSL_RAND_bytes(hash, sizeof(hash)) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; #endif @@ -24993,7 +24993,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (HMAC(EVP_md5(), "JefeJefeJefeJefe", 16, (byte*)c.input, (int)c.inLen, hash, 0) != NULL) #else - if (HMAC(EVP_md5(), "JefeJefeJefeJefe", 16, (byte*)c.input, (int)c.inLen, + if (wolfSSL_HMAC(wolfSSL_EVP_md5(), "JefeJefeJefeJefe", 16, (byte*)c.input, (int)c.inLen, hash, 0) == NULL || XMEMCMP(hash, c.output, c.outLen) != 0) #endif @@ -25052,9 +25052,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) #if defined(WOLFSSL_AES_128) && defined(HAVE_AES_CBC) { /* evp_cipher test: EVP_aes_128_cbc */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new(); #else - EVP_CIPHER_CTX ctx[1]; + WOLFSSL_EVP_CIPHER_CTX ctx[1]; #endif int idx, cipherSz, plainSz; WOLFSSL_SMALL_STACK_STATIC const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ @@ -25087,19 +25087,19 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) #endif cipherSz = 0; - EVP_CIPHER_CTX_init(ctx); - ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), key, iv, 1); + wolfSSL_EVP_CIPHER_CTX_init(ctx); + ret = wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_128_cbc(), key, iv, 1); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_CipherUpdate(ctx, cipher, &idx, (byte*)msg, sizeof(msg)); + ret = wolfSSL_EVP_CipherUpdate(ctx, cipher, &idx, (byte*)msg, sizeof(msg)); if (ret == WOLFSSL_SUCCESS) cipherSz += idx; } if (ret == WOLFSSL_SUCCESS) { - ret = EVP_CipherFinal(ctx, cipher + cipherSz, &idx); + ret = wolfSSL_EVP_CipherFinal(ctx, cipher + cipherSz, &idx); if (ret == WOLFSSL_SUCCESS) cipherSz += idx; } - EVP_CIPHER_CTX_cleanup(ctx); + wolfSSL_EVP_CIPHER_CTX_cleanup(ctx); if (ret != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; if (cipherSz != (int)sizeof(verify) || XMEMCMP(cipher, verify, cipherSz)) @@ -25107,16 +25107,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) /* check partial decrypt (not enough padding for full block) */ plainSz = 0; - EVP_CIPHER_CTX_init(ctx); - ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), key, iv, 0); + wolfSSL_EVP_CIPHER_CTX_init(ctx); + ret = wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_128_cbc(), key, iv, 0); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_CipherUpdate(ctx, plain, &idx, cipher, 1); + ret = wolfSSL_EVP_CipherUpdate(ctx, plain, &idx, cipher, 1); if (ret == WOLFSSL_SUCCESS) plainSz += idx; } if (ret == WOLFSSL_SUCCESS) { /* this test should fail... not enough padding for full block */ - ret = EVP_CipherFinal(ctx, plain + plainSz, &idx); + ret = wolfSSL_EVP_CipherFinal(ctx, plain + plainSz, &idx); if (plainSz == 0 && ret != WOLFSSL_SUCCESS) ret = WOLFSSL_SUCCESS; else @@ -25124,43 +25124,43 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) } else ret = WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(ctx); + wolfSSL_EVP_CIPHER_CTX_cleanup(ctx); if (ret != WOLFSSL_SUCCESS) return ret; plainSz = 0; - EVP_CIPHER_CTX_init(ctx); - ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), key, iv, 0); + wolfSSL_EVP_CIPHER_CTX_init(ctx); + ret = wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_128_cbc(), key, iv, 0); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_CipherUpdate(ctx, plain, &idx, cipher, cipherSz); + ret = wolfSSL_EVP_CipherUpdate(ctx, plain, &idx, cipher, cipherSz); if (ret == WOLFSSL_SUCCESS) plainSz += idx; } if (ret == WOLFSSL_SUCCESS) { - ret = EVP_CipherFinal(ctx, plain + plainSz, &idx); + ret = wolfSSL_EVP_CipherFinal(ctx, plain + plainSz, &idx); if (ret == WOLFSSL_SUCCESS) plainSz += idx; } - EVP_CIPHER_CTX_cleanup(ctx); + wolfSSL_EVP_CIPHER_CTX_cleanup(ctx); if (ret != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; if (plainSz != (int)sizeof(msg) || XMEMCMP(plain, msg, sizeof(msg))) return WC_TEST_RET_ENC_NC; cipherSz = 0; - EVP_CIPHER_CTX_init(ctx); - ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), key, iv, 1); + wolfSSL_EVP_CIPHER_CTX_init(ctx); + ret = wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_128_cbc(), key, iv, 1); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_CipherUpdate(ctx, cipher, &idx, msg, AES_BLOCK_SIZE); + ret = wolfSSL_EVP_CipherUpdate(ctx, cipher, &idx, msg, AES_BLOCK_SIZE); if (ret == WOLFSSL_SUCCESS) cipherSz += idx; } if (ret == WOLFSSL_SUCCESS) { - ret = EVP_CipherFinal(ctx, cipher + cipherSz, &idx); + ret = wolfSSL_EVP_CipherFinal(ctx, cipher + cipherSz, &idx); if (ret == WOLFSSL_SUCCESS) cipherSz += idx; } - EVP_CIPHER_CTX_cleanup(ctx); + wolfSSL_EVP_CIPHER_CTX_cleanup(ctx); if (ret != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; if (cipherSz != (int)sizeof(verify2) || XMEMCMP(cipher, verify2, cipherSz)) @@ -25175,9 +25175,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256) { /* evp_cipher test: EVP_aes_256_ecb*/ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new(); #else - EVP_CIPHER_CTX ctx[1]; + WOLFSSL_EVP_CIPHER_CTX ctx[1]; #endif WOLFSSL_SMALL_STACK_STATIC const byte msg[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, @@ -25201,21 +25201,21 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) return MEMORY_E; #endif - EVP_CIPHER_CTX_init(ctx); - ret = EVP_CipherInit(ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 1); + wolfSSL_EVP_CIPHER_CTX_init(ctx); + ret = wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_256_ecb(), (unsigned char*)key, NULL, 1); if (ret == WOLFSSL_SUCCESS) - ret = EVP_Cipher(ctx, cipher, (byte*)msg, 16); - EVP_CIPHER_CTX_cleanup(ctx); + ret = wolfSSL_EVP_Cipher(ctx, cipher, (byte*)msg, 16); + wolfSSL_EVP_CIPHER_CTX_cleanup(ctx); if (ret != 16) return WC_TEST_RET_ENC_NC; if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(ctx); - ret = EVP_CipherInit(ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 0); + wolfSSL_EVP_CIPHER_CTX_init(ctx); + ret = wolfSSL_EVP_CipherInit(ctx, wolfSSL_EVP_aes_256_ecb(), (unsigned char*)key, NULL, 0); if (ret == WOLFSSL_SUCCESS) - ret = EVP_Cipher(ctx, plain, cipher, 16); - EVP_CIPHER_CTX_cleanup(ctx); + ret = wolfSSL_EVP_Cipher(ctx, plain, cipher, 16); + wolfSSL_EVP_CIPHER_CTX_cleanup(ctx); if (ret != 16) return WC_TEST_RET_ENC_NC; if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) @@ -25356,8 +25356,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) }; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *p_en; - EVP_CIPHER_CTX *p_de; + WOLFSSL_EVP_CIPHER_CTX *p_en; + WOLFSSL_EVP_CIPHER_CTX *p_de; #endif #endif /* WOLFSSL_AES_128 */ @@ -25424,30 +25424,30 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) #endif /* WOLFSSL_AES_256 */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); - EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); if ((en == NULL) || (de == NULL)) return MEMORY_E; #else - EVP_CIPHER_CTX en[1]; - EVP_CIPHER_CTX de[1]; + WOLFSSL_EVP_CIPHER_CTX en[1]; + WOLFSSL_EVP_CIPHER_CTX de[1]; #endif #ifdef WOLFSSL_AES_128 - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return WC_TEST_RET_ENC_NC; @@ -25456,8 +25456,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (XMEMCMP(plainBuff, ctrPlain, AES_BLOCK_SIZE*4)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(en); - EVP_CIPHER_CTX_cleanup(de); + wolfSSL_EVP_CIPHER_CTX_cleanup(en); + wolfSSL_EVP_CIPHER_CTX_cleanup(de); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) p_en = wolfSSL_EVP_CIPHER_CTX_new(); @@ -25467,22 +25467,22 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (p_de == NULL) return WC_TEST_RET_ENC_ERRNO; - if (EVP_CipherInit(p_en, EVP_aes_128_ctr(), + if (wolfSSL_EVP_CipherInit(p_en, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(p_en, (byte*)cipherBuff, (byte*)ctrPlain, + if (wolfSSL_EVP_Cipher(p_en, (byte*)cipherBuff, (byte*)ctrPlain, AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return WC_TEST_RET_ENC_NC; - if (EVP_CipherInit(p_de, EVP_aes_128_ctr(), + if (wolfSSL_EVP_CipherInit(p_de, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(p_de, (byte*)plainBuff, (byte*)cipherBuff, + if (wolfSSL_EVP_Cipher(p_de, (byte*)plainBuff, (byte*)cipherBuff, AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(p_en); - EVP_CIPHER_CTX_cleanup(p_de); + wolfSSL_EVP_CIPHER_CTX_cleanup(p_en); + wolfSSL_EVP_CIPHER_CTX_cleanup(p_de); wolfSSL_EVP_CIPHER_CTX_free(p_en); wolfSSL_EVP_CIPHER_CTX_free(p_de); @@ -25493,19 +25493,19 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (XMEMCMP(plainBuff, ctrPlain, AES_BLOCK_SIZE*4)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) return WC_TEST_RET_ENC_NC; if (XMEMCMP(plainBuff, ctrPlain, 9)) @@ -25513,9 +25513,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (XMEMCMP(cipherBuff, ctrCipher, 9)) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) return WC_TEST_RET_ENC_NC; if (XMEMCMP(plainBuff, ctrPlain, 9)) @@ -25523,25 +25523,25 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (XMEMCMP(cipherBuff, oddCipher, 9)) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(en); - EVP_CIPHER_CTX_cleanup(de); + wolfSSL_EVP_CIPHER_CTX_cleanup(en); + wolfSSL_EVP_CIPHER_CTX_cleanup(de); #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_192_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_192_ctr(), (unsigned char*)ctr192Key, (unsigned char*)ctr192Iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctr192Plain, + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctr192Plain, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_192_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_192_ctr(), (unsigned char*)ctr192Key, (unsigned char*)ctr192Iv, 0) == 0) return WC_TEST_RET_ENC_NC; XMEMSET(plainBuff, 0, sizeof(plainBuff)); - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; @@ -25550,25 +25550,25 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (XMEMCMP(ctr192Cipher, cipherBuff, sizeof(ctr192Cipher))) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(en); - EVP_CIPHER_CTX_cleanup(de); + wolfSSL_EVP_CIPHER_CTX_cleanup(en); + wolfSSL_EVP_CIPHER_CTX_cleanup(de); #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_256_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_256_ctr(), (unsigned char*)ctr256Key, (unsigned char*)ctr256Iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctr256Plain, + if (wolfSSL_EVP_Cipher(en, (byte*)cipherBuff, (byte*)ctr256Plain, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_256_ctr(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_256_ctr(), (unsigned char*)ctr256Key, (unsigned char*)ctr256Iv, 0) == 0) return WC_TEST_RET_ENC_NC; XMEMSET(plainBuff, 0, sizeof(plainBuff)); - if (EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, + if (wolfSSL_EVP_Cipher(de, (byte*)plainBuff, (byte*)cipherBuff, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; @@ -25577,8 +25577,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (XMEMCMP(ctr256Cipher, cipherBuff, sizeof(ctr256Cipher))) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_cleanup(en); - EVP_CIPHER_CTX_cleanup(de); + wolfSSL_EVP_CIPHER_CTX_cleanup(en); + wolfSSL_EVP_CIPHER_CTX_cleanup(de); #endif /* WOLFSSL_AES_256 */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) @@ -25611,11 +25611,11 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) byte cipher[AES_BLOCK_SIZE * 4]; byte plain [AES_BLOCK_SIZE * 4]; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); - EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *en = wolfSSL_EVP_CIPHER_CTX_new(); + WOLFSSL_EVP_CIPHER_CTX *de = wolfSSL_EVP_CIPHER_CTX_new(); #else - EVP_CIPHER_CTX en[1]; - EVP_CIPHER_CTX de[1]; + WOLFSSL_EVP_CIPHER_CTX en[1]; + WOLFSSL_EVP_CIPHER_CTX de[1]; #endif int outlen ; int total = 0; @@ -25625,36 +25625,36 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) return MEMORY_E; #endif - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 1) == 0) return WC_TEST_RET_ENC_NC; /* openSSL compatibility, if(inlen == 0)return 1; */ - if (EVP_CipherUpdate(en, (byte*)cipher, &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)cipher, &outlen, (byte*)cbcPlain, 0) != 1) return WC_TEST_RET_ENC_NC; if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit(en, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit(en, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 1) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(en, (byte*)cipher, &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)cipher, &outlen, (byte*)cbcPlain, 9) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 0) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherUpdate(en, (byte*)&cipher[total], &outlen, + if (wolfSSL_EVP_CipherUpdate(en, (byte*)&cipher[total], &outlen, (byte*)&cbcPlain[9] , 9) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 16) return WC_TEST_RET_ENC_NC; @@ -25663,31 +25663,31 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) return WC_TEST_RET_ENC_NC; total = 0; - EVP_CIPHER_CTX_init(de); - if (EVP_CipherInit(de, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_CipherInit(de, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv, 0) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, 6) == 0) + if (wolfSSL_EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, 6) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 0) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, + if (wolfSSL_EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[6], 12) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 0) total += outlen; - if (EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, + if (wolfSSL_EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[6+12], 14) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherFinal(de, (byte*)&plain[total], &outlen) == 0) + if (wolfSSL_EVP_CipherFinal(de, (byte*)&plain[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 2) return WC_TEST_RET_ENC_NC; @@ -25702,23 +25702,23 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) total = 0; if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(en); - if (EVP_EncryptInit(en, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_EncryptInit(en, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(en, (byte*)cipher, &outlen, (byte*)cbcPlain, 9) == 0) + if (wolfSSL_EVP_CipherUpdate(en, (byte*)cipher, &outlen, (byte*)cbcPlain, 9) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 0) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherUpdate(en, (byte*)&cipher[total], &outlen, (byte*)&cbcPlain[9] , 9) == 0) + if (wolfSSL_EVP_CipherUpdate(en, (byte*)&cipher[total], &outlen, (byte*)&cbcPlain[9] , 9) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_EncryptFinal(en, (byte*)&cipher[total], &outlen) == 0) + if (wolfSSL_EVP_EncryptFinal(en, (byte*)&cipher[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 16) return WC_TEST_RET_ENC_NC; @@ -25729,29 +25729,29 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) total = 0; if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_DecryptInit(de, EVP_aes_128_cbc(), + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_DecryptInit(de, wolfSSL_EVP_aes_128_cbc(), (unsigned char*)key, (unsigned char*)iv) == 0) return WC_TEST_RET_ENC_NC; - if (EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, 6) == 0) + if (wolfSSL_EVP_CipherUpdate(de, (byte*)plain, &outlen, (byte*)cipher, 6) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 0) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[6], 12) == 0) + if (wolfSSL_EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[6], 12) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 0) total += outlen; - if (EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[6+12], 14) == 0) + if (wolfSSL_EVP_CipherUpdate(de, (byte*)&plain[total], &outlen, (byte*)&cipher[6+12], 14) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 16) return WC_TEST_RET_ENC_NC; total += outlen; - if (EVP_DecryptFinal(de, (byte*)&plain[total], &outlen) == 0) + if (wolfSSL_EVP_DecryptFinal(de, (byte*)&plain[total], &outlen) == 0) return WC_TEST_RET_ENC_NC; if(outlen != 2) return WC_TEST_RET_ENC_NC; @@ -25763,29 +25763,29 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (XMEMCMP(plain, cbcPlain, 18)) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_key_length(NULL) != 0) + if (wolfSSL_EVP_Cipher_key_length(NULL) != 0) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_key_length(EVP_aes_128_cbc()) != 16) + if (wolfSSL_EVP_Cipher_key_length(wolfSSL_EVP_aes_128_cbc()) != 16) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_CTX_mode(NULL) != 0) + if (wolfSSL_EVP_CIPHER_CTX_mode(NULL) != 0) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_CTX_mode(en) != (en->flags & WOLFSSL_EVP_CIPH_MODE)) + if (wolfSSL_EVP_CIPHER_CTX_mode(en) != (en->flags & WOLFSSL_EVP_CIPH_MODE)) return WC_TEST_RET_ENC_NC; if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(en); - if (EVP_CipherInit_ex(en, EVP_aes_128_cbc(), NULL, + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_CipherInit_ex(en, wolfSSL_EVP_aes_128_cbc(), NULL, (unsigned char*)key, (unsigned char*)iv, 0) == 0) return WC_TEST_RET_ENC_NC; if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(en); - if (EVP_EncryptInit_ex(en, EVP_aes_128_cbc(), NULL, + wolfSSL_EVP_CIPHER_CTX_init(en); + if (wolfSSL_EVP_EncryptInit_ex(en, wolfSSL_EVP_aes_128_cbc(), NULL, (unsigned char*)key, (unsigned char*)iv) == 0) return WC_TEST_RET_ENC_NC; @@ -25806,8 +25806,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(de); - if (EVP_DecryptInit_ex(de, EVP_aes_128_cbc(), NULL, + wolfSSL_EVP_CIPHER_CTX_init(de); + if (wolfSSL_EVP_DecryptInit_ex(de, wolfSSL_EVP_aes_128_cbc(), NULL, (unsigned char*)key, (unsigned char*)iv) == 0) return WC_TEST_RET_ENC_NC; @@ -25823,40 +25823,40 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) return WC_TEST_RET_ENC_NC; } - if (EVP_CIPHER_CTX_block_size(NULL) != WC_NO_ERR_TRACE(WOLFSSL_FAILURE)) + if (wolfSSL_EVP_CIPHER_CTX_block_size(NULL) != WC_NO_ERR_TRACE(WOLFSSL_FAILURE)) return WC_TEST_RET_ENC_NC; if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_init(en); - EVP_EncryptInit_ex(en, EVP_aes_128_cbc(), NULL, + wolfSSL_EVP_CIPHER_CTX_init(en); + wolfSSL_EVP_EncryptInit_ex(en, wolfSSL_EVP_aes_128_cbc(), NULL, (unsigned char*)key, (unsigned char*)iv); - if (EVP_CIPHER_CTX_block_size(en) != en->block_size) + if (wolfSSL_EVP_CIPHER_CTX_block_size(en) != en->block_size) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_block_size(NULL) != WC_NO_ERR_TRACE(WOLFSSL_FAILURE)) + if (wolfSSL_EVP_CIPHER_block_size(NULL) != WC_NO_ERR_TRACE(WOLFSSL_FAILURE)) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_block_size(EVP_aes_128_cbc()) != AES_BLOCK_SIZE) + if (wolfSSL_EVP_CIPHER_block_size(wolfSSL_EVP_aes_128_cbc()) != AES_BLOCK_SIZE) return WC_TEST_RET_ENC_NC; if (WOLFSSL_EVP_CIPHER_mode(NULL) != 0) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_flags(EVP_aes_128_cbc()) != WOLFSSL_EVP_CIPH_CBC_MODE) + if (wolfSSL_EVP_CIPHER_flags(wolfSSL_EVP_aes_128_cbc()) != WOLFSSL_EVP_CIPH_CBC_MODE) return WC_TEST_RET_ENC_NC; - EVP_CIPHER_CTX_clear_flags(en, 0xFFFFFFFF); - EVP_CIPHER_CTX_set_flags(en, 42); + wolfSSL_EVP_CIPHER_CTX_clear_flags(en, 0xFFFFFFFF); + wolfSSL_EVP_CIPHER_CTX_set_flags(en, 42); if (en->flags != 42) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_CTX_set_padding(NULL, 0) != + if (wolfSSL_EVP_CIPHER_CTX_set_padding(NULL, 0) != WC_NO_ERR_TRACE(WOLFSSL_FAILURE)) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_CTX_set_padding(en, 0) != WOLFSSL_SUCCESS) + if (wolfSSL_EVP_CIPHER_CTX_set_padding(en, 0) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; - if (EVP_CIPHER_CTX_set_padding(en, 1) != WOLFSSL_SUCCESS) + if (wolfSSL_EVP_CIPHER_CTX_set_padding(en, 1) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS) @@ -25882,59 +25882,59 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openSSL_evpMD_test(void) WOLFSSL_EVP_MD_CTX* ctx2; WOLFSSL_ENTER("openSSL_evpMD_test"); - ctx = EVP_MD_CTX_create(); - ctx2 = EVP_MD_CTX_create(); + ctx = wolfSSL_EVP_MD_CTX_new(); + ctx2 = wolfSSL_EVP_MD_CTX_new(); - ret = EVP_DigestInit(ctx, EVP_sha256()); - if (ret != SSL_SUCCESS) { + ret = wolfSSL_EVP_DigestInit(ctx, wolfSSL_EVP_sha256()); + if (ret != WOLFSSL_SUCCESS) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } - ret = EVP_MD_CTX_copy(ctx2, ctx); - if (ret != SSL_SUCCESS) { + ret = wolfSSL_EVP_MD_CTX_copy(ctx2, ctx); + if (ret != WOLFSSL_SUCCESS) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } - if (EVP_MD_type(EVP_sha256()) != EVP_MD_CTX_type(ctx2)) { + if (wolfSSL_EVP_MD_type(wolfSSL_EVP_sha256()) != wolfSSL_EVP_MD_CTX_type(ctx2)) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } - ret = EVP_DigestInit(ctx, EVP_sha1()); - if (ret != SSL_SUCCESS) { + ret = wolfSSL_EVP_DigestInit(ctx, wolfSSL_EVP_sha1()); + if (ret != WOLFSSL_SUCCESS) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } - if (EVP_MD_type(EVP_sha256()) != EVP_MD_CTX_type(ctx2)) { + if (wolfSSL_EVP_MD_type(wolfSSL_EVP_sha256()) != wolfSSL_EVP_MD_CTX_type(ctx2)) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } - ret = EVP_MD_CTX_copy_ex(ctx2, ctx); - if (ret != SSL_SUCCESS) { + ret = wolfSSL_EVP_MD_CTX_copy_ex(ctx2, ctx); + if (ret != WOLFSSL_SUCCESS) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } - if (EVP_MD_type(EVP_sha256()) == EVP_MD_CTX_type(ctx2)) { + if (wolfSSL_EVP_MD_type(wolfSSL_EVP_sha256()) == wolfSSL_EVP_MD_CTX_type(ctx2)) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } - if (EVP_MD_type(EVP_sha1()) != EVP_MD_CTX_type(ctx2)) { + if (wolfSSL_EVP_MD_type(wolfSSL_EVP_sha1()) != wolfSSL_EVP_MD_CTX_type(ctx2)) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } - if (EVP_DigestInit_ex(ctx, EVP_sha1(), NULL) != SSL_SUCCESS) { + if (wolfSSL_EVP_DigestInit_ex(ctx, wolfSSL_EVP_sha1(), NULL) != WOLFSSL_SUCCESS) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } - if (EVP_add_digest(NULL) != 0) { + if (wolfSSL_EVP_add_digest(NULL) != 0) { ret = WC_TEST_RET_ENC_NC; goto openSSL_evpMD_test_done; } @@ -25947,8 +25947,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openSSL_evpMD_test(void) ret = 0; /* got to success state without jumping to end with a fail */ openSSL_evpMD_test_done: - EVP_MD_CTX_destroy(ctx); - EVP_MD_CTX_destroy(ctx2); + wolfSSL_EVP_MD_CTX_free(ctx); + wolfSSL_EVP_MD_CTX_free(ctx2); #endif /* NO_SHA256 */ return ret; @@ -25977,12 +25977,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void) byte* pubTmp; int prvBytes; int pubBytes; - RSA *prvRsa = NULL; - RSA *pubRsa = NULL; - EVP_PKEY *prvPkey = NULL; - EVP_PKEY *pubPkey = NULL; - EVP_PKEY_CTX *enc = NULL; - EVP_PKEY_CTX *dec = NULL; + WOLFSSL_RSA *prvRsa = NULL; + WOLFSSL_RSA *pubRsa = NULL; + WOLFSSL_EVP_PKEY *prvPkey = NULL; + WOLFSSL_EVP_PKEY *pubPkey = NULL; + WOLFSSL_EVP_PKEY_CTX *enc = NULL; + WOLFSSL_EVP_PKEY_CTX *dec = NULL; byte in[] = TEST_STRING; byte out[256]; @@ -26059,19 +26059,19 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void) } ret = wolfSSL_RSA_LoadDer_ex(prvRsa, prvTmp, prvBytes, WOLFSSL_RSA_LOAD_PRIVATE); - if(ret != SSL_SUCCESS){ + if(ret != WOLFSSL_SUCCESS){ printf("error with RSA_LoadDer_ex\n"); ret = WC_TEST_RET_ENC_EC(ret); goto openssl_pkey0_test_done; } ret = wolfSSL_RSA_LoadDer_ex(pubRsa, pubTmp, pubBytes, WOLFSSL_RSA_LOAD_PUBLIC); - if(ret != SSL_SUCCESS){ + if(ret != WOLFSSL_SUCCESS){ printf("error with RSA_LoadDer_ex\n"); ret = WC_TEST_RET_ENC_EC(ret); goto openssl_pkey0_test_done; } - keySz = (size_t)RSA_size(pubRsa); + keySz = (size_t)wolfSSL_RSA_size(pubRsa); prvPkey = wolfSSL_EVP_PKEY_new(); pubPkey = wolfSSL_EVP_PKEY_new(); @@ -26088,28 +26088,28 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void) goto openssl_pkey0_test_done; } - dec = EVP_PKEY_CTX_new(prvPkey, NULL); - enc = EVP_PKEY_CTX_new(pubPkey, NULL); + dec = wolfSSL_EVP_PKEY_CTX_new(prvPkey, NULL); + enc = wolfSSL_EVP_PKEY_CTX_new(pubPkey, NULL); if((dec == NULL)||(enc==NULL)){ printf("error with EVP_PKEY_CTX_new\n"); ret = WC_TEST_RET_ENC_NC; goto openssl_pkey0_test_done; } - ret = EVP_PKEY_decrypt_init(dec); + ret = wolfSSL_EVP_PKEY_decrypt_init(dec); if (ret != 1) { printf("error with decrypt init\n"); ret = WC_TEST_RET_ENC_NC; goto openssl_pkey0_test_done; } - ret = EVP_PKEY_encrypt_init(enc); + ret = wolfSSL_EVP_PKEY_encrypt_init(enc); if (ret != 1) { printf("error with encrypt init\n"); ret = WC_TEST_RET_ENC_NC; goto openssl_pkey0_test_done; } XMEMSET(out, 0, sizeof(out)); - ret = EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in)); + ret = wolfSSL_EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in)); if (ret != 1) { printf("error encrypting msg\n"); ret = WC_TEST_RET_ENC_NC; @@ -26119,7 +26119,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void) show("encrypted msg", out, outlen); XMEMSET(plain, 0, sizeof(plain)); - ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz); + ret = wolfSSL_EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz); if (ret != 1) { printf("error decrypting msg\n"); ret = WC_TEST_RET_ENC_NC; @@ -26128,33 +26128,33 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void) show("decrypted msg", plain, outlen); /* RSA_PKCS1_OAEP_PADDING test */ - ret = EVP_PKEY_decrypt_init(dec); + ret = wolfSSL_EVP_PKEY_decrypt_init(dec); if (ret != 1) { printf("error with decrypt init\n"); ret = WC_TEST_RET_ENC_NC; goto openssl_pkey0_test_done; } - ret = EVP_PKEY_encrypt_init(enc); + ret = wolfSSL_EVP_PKEY_encrypt_init(enc); if (ret != 1) { printf("error with encrypt init\n"); ret = WC_TEST_RET_ENC_NC; goto openssl_pkey0_test_done; } - if (EVP_PKEY_CTX_set_rsa_padding(dec, RSA_PKCS1_PADDING) <= 0) { + if (wolfSSL_EVP_PKEY_CTX_set_rsa_padding(dec, WC_RSA_PKCS1_PADDING) <= 0) { printf("first set rsa padding error\n"); ret = WC_TEST_RET_ENC_EC(ret); goto openssl_pkey0_test_done; } #ifndef HAVE_FIPS - if (EVP_PKEY_CTX_set_rsa_padding(dec, RSA_PKCS1_OAEP_PADDING) <= 0){ + if (wolfSSL_EVP_PKEY_CTX_set_rsa_padding(dec, WC_RSA_PKCS1_OAEP_PADDING) <= 0){ printf("second set rsa padding error\n"); ret = WC_TEST_RET_ENC_EC(ret); goto openssl_pkey0_test_done; } - if (EVP_PKEY_CTX_set_rsa_padding(enc, RSA_PKCS1_OAEP_PADDING) <= 0) { + if (wolfSSL_EVP_PKEY_CTX_set_rsa_padding(enc, WC_RSA_PKCS1_OAEP_PADDING) <= 0) { printf("third set rsa padding error\n"); ret = WC_TEST_RET_ENC_EC(ret); goto openssl_pkey0_test_done; @@ -26162,7 +26162,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void) #endif XMEMSET(out, 0, sizeof(out)); - ret = EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in)); + ret = wolfSSL_EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in)); if (ret != 1) { printf("error encrypting msg\n"); ret = WC_TEST_RET_ENC_NC; @@ -26172,7 +26172,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void) show("encrypted msg", out, outlen); XMEMSET(plain, 0, sizeof(plain)); - ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz); + ret = wolfSSL_EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz); if (ret != 1) { printf("error decrypting msg\n"); ret = WC_TEST_RET_ENC_NC; @@ -26186,10 +26186,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void) wolfSSL_RSA_free(prvRsa); wolfSSL_RSA_free(pubRsa); - EVP_PKEY_free(pubPkey); - EVP_PKEY_free(prvPkey); - EVP_PKEY_CTX_free(dec); - EVP_PKEY_CTX_free(enc); + wolfSSL_EVP_PKEY_free(pubPkey); + wolfSSL_EVP_PKEY_free(prvPkey); + wolfSSL_EVP_PKEY_CTX_free(dec); + wolfSSL_EVP_PKEY_CTX_free(enc); XFREE(prvTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif /* NO_RSA */ @@ -26202,11 +26202,11 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey1_test(void) { wc_test_ret_t ret = 0; #if !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_SHA) - EVP_PKEY_CTX* dec = NULL; - EVP_PKEY_CTX* enc = NULL; - EVP_PKEY* pubKey = NULL; - EVP_PKEY* prvKey = NULL; - X509* x509 = NULL; + WOLFSSL_EVP_PKEY_CTX* dec = NULL; + WOLFSSL_EVP_PKEY_CTX* enc = NULL; + WOLFSSL_EVP_PKEY* pubKey = NULL; + WOLFSSL_EVP_PKEY* prvKey = NULL; + WOLFSSL_X509* x509 = NULL; WOLFSSL_SMALL_STACK_STATIC const unsigned char msg[] = "sugar slapped"; const unsigned char* clikey; @@ -26279,15 +26279,15 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey1_test(void) } /* using existing wolfSSL api to get public and private key */ - x509 = wolfSSL_X509_load_certificate_file(clientCert, SSL_FILETYPE_ASN1); + x509 = wolfSSL_X509_load_certificate_file(clientCert, WOLFSSL_FILETYPE_ASN1); #endif /* USE_CERT_BUFFERS */ clikey = tmp; - if ((prvKey = EVP_PKEY_new()) == NULL) { + if ((prvKey = wolfSSL_EVP_PKEY_new()) == NULL) { ret = WC_TEST_RET_ENC_ERRNO; goto openssl_pkey1_test_done; } - EVP_PKEY_free(prvKey); + wolfSSL_EVP_PKEY_free(prvKey); prvKey = NULL; if (x509 == NULL) { @@ -26295,58 +26295,58 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey1_test(void) goto openssl_pkey1_test_done; } - pubKey = X509_get_pubkey(x509); + pubKey = wolfSSL_X509_get_pubkey(x509); if (pubKey == NULL) { ret = WC_TEST_RET_ENC_NC; goto openssl_pkey1_test_done; } - prvKey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &clikey, cliKeySz); + prvKey = wolfSSL_d2i_PrivateKey(WC_EVP_PKEY_RSA, NULL, &clikey, cliKeySz); if (prvKey == NULL) { ret = WC_TEST_RET_ENC_NC; goto openssl_pkey1_test_done; } - /* phase 2 API to create EVP_PKEY_CTX and encrypt/decrypt */ - if (EVP_PKEY_bits(prvKey) != keyLenBits) { + /* phase 2 API to create WOLFSSL_EVP_PKEY_CTX and encrypt/decrypt */ + if (wolfSSL_EVP_PKEY_bits(prvKey) != keyLenBits) { ret = WC_TEST_RET_ENC_NC; goto openssl_pkey1_test_done; } - if (EVP_PKEY_size(prvKey) != keyLenBits/8) { + if (wolfSSL_EVP_PKEY_size(prvKey) != keyLenBits/8) { ret = WC_TEST_RET_ENC_NC; goto openssl_pkey1_test_done; } - dec = EVP_PKEY_CTX_new(prvKey, NULL); - enc = EVP_PKEY_CTX_new(pubKey, NULL); + dec = wolfSSL_EVP_PKEY_CTX_new(prvKey, NULL); + enc = wolfSSL_EVP_PKEY_CTX_new(pubKey, NULL); if (dec == NULL || enc == NULL) { ret = WC_TEST_RET_ENC_ERRNO; goto openssl_pkey1_test_done; } - if (EVP_PKEY_decrypt_init(dec) != 1) { + if (wolfSSL_EVP_PKEY_decrypt_init(dec) != 1) { ret = WC_TEST_RET_ENC_NC; goto openssl_pkey1_test_done; } - if (EVP_PKEY_encrypt_init(enc) != 1) { + if (wolfSSL_EVP_PKEY_encrypt_init(enc) != 1) { ret = WC_TEST_RET_ENC_NC; goto openssl_pkey1_test_done; } - if (EVP_PKEY_CTX_set_rsa_padding(dec, RSA_PKCS1_PADDING) <= 0) { + if (wolfSSL_EVP_PKEY_CTX_set_rsa_padding(dec, WC_RSA_PKCS1_PADDING) <= 0) { ret = WC_TEST_RET_ENC_NC; goto openssl_pkey1_test_done; } #ifndef HAVE_FIPS - if (EVP_PKEY_CTX_set_rsa_padding(dec, RSA_PKCS1_OAEP_PADDING) <= 0){ + if (wolfSSL_EVP_PKEY_CTX_set_rsa_padding(dec, WC_RSA_PKCS1_OAEP_PADDING) <= 0){ ret = WC_TEST_RET_ENC_EC(ret); goto openssl_pkey1_test_done; } - if (EVP_PKEY_CTX_set_rsa_padding(enc, RSA_PKCS1_OAEP_PADDING) <= 0) { + if (wolfSSL_EVP_PKEY_CTX_set_rsa_padding(enc, WC_RSA_PKCS1_OAEP_PADDING) <= 0) { ret = WC_TEST_RET_ENC_EC(ret); goto openssl_pkey1_test_done; } @@ -26354,32 +26354,32 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey1_test(void) XMEMSET(cipher, 0, RSA_TEST_BYTES); outlen = (size_t)(keyLenBits/8); - if (EVP_PKEY_encrypt(enc, cipher, &outlen, msg, sizeof(msg)) < 0) { + if (wolfSSL_EVP_PKEY_encrypt(enc, cipher, &outlen, msg, sizeof(msg)) < 0) { ret = WC_TEST_RET_ENC_EC(ret); goto openssl_pkey1_test_done; } XMEMSET(plain, 0, RSA_TEST_BYTES); - if (EVP_PKEY_decrypt(dec, plain, &outlen, cipher, outlen) != 1) { + if (wolfSSL_EVP_PKEY_decrypt(dec, plain, &outlen, cipher, outlen) != 1) { ret = WC_TEST_RET_ENC_NC; goto openssl_pkey1_test_done; } openssl_pkey1_test_done: if (pubKey != NULL) { - EVP_PKEY_free(pubKey); + wolfSSL_EVP_PKEY_free(pubKey); } if (prvKey != NULL) { - EVP_PKEY_free(prvKey); + wolfSSL_EVP_PKEY_free(prvKey); } if (dec != NULL) { - EVP_PKEY_CTX_free(dec); + wolfSSL_EVP_PKEY_CTX_free(dec); } if (enc != NULL) { - EVP_PKEY_CTX_free(enc); + wolfSSL_EVP_PKEY_CTX_free(enc); } if (x509 != NULL) { - X509_free(x509); + wolfSSL_X509_free(x509); } #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) @@ -26400,13 +26400,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void) byte* pubTmp; int prvBytes; int pubBytes; - RSA *prvRsa; - RSA *pubRsa; - EVP_PKEY *prvPkey; - EVP_PKEY *pubPkey; + WOLFSSL_RSA *prvRsa; + WOLFSSL_RSA *pubRsa; + WOLFSSL_EVP_PKEY *prvPkey; + WOLFSSL_EVP_PKEY *pubPkey; - EVP_MD_CTX* sign; - EVP_MD_CTX* verf; + WOLFSSL_EVP_MD_CTX* sign; + WOLFSSL_EVP_MD_CTX* verf; char msg[] = "see spot run"; unsigned char sig[256]; unsigned int sigSz; @@ -26485,7 +26485,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void) ret1 = wolfSSL_RSA_LoadDer_ex(prvRsa, prvTmp, prvBytes, WOLFSSL_RSA_LOAD_PRIVATE); ret2 = wolfSSL_RSA_LoadDer_ex(pubRsa, pubTmp, pubBytes, WOLFSSL_RSA_LOAD_PUBLIC); - if((ret1 != SSL_SUCCESS) || (ret2 != SSL_SUCCESS)){ + if((ret1 != WOLFSSL_SUCCESS) || (ret2 != WOLFSSL_SUCCESS)){ printf("error with RSA_LoadDer_ex\n"); return WC_TEST_RET_ENC_NC; } @@ -26503,25 +26503,25 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void) if((ret1 != 1) || (ret2 != 1)){ XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(prvTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - printf("error with EVP_PKEY_set1_RSA\n"); + printf("error with WOLFSSL_EVP_PKEY_set1_RSA\n"); return WC_TEST_RET_ENC_NC; } /****************** sign and verify *******************/ - sign = EVP_MD_CTX_create(); - verf = EVP_MD_CTX_create(); + sign = wolfSSL_EVP_MD_CTX_new(); + verf = wolfSSL_EVP_MD_CTX_new(); if((sign == NULL)||(verf == NULL)){ - printf("error with EVP_MD_CTX_create\n"); - EVP_MD_CTX_destroy(sign); - EVP_MD_CTX_destroy(verf); + printf("error with WOLFSSL_EVP_MD_CTX_create\n"); + wolfSSL_EVP_MD_CTX_free(sign); + wolfSSL_EVP_MD_CTX_free(verf); return WC_TEST_RET_ENC_NC; } - ret = EVP_SignInit(sign, EVP_sha1()); - if (ret != SSL_SUCCESS){ + ret = wolfSSL_EVP_SignInit(sign, wolfSSL_EVP_sha1()); + if (ret != WOLFSSL_SUCCESS){ printf("error with EVP_SignInit\n"); - EVP_MD_CTX_destroy(sign); - EVP_MD_CTX_destroy(verf); + wolfSSL_EVP_MD_CTX_free(sign); + wolfSSL_EVP_MD_CTX_free(verf); return WC_TEST_RET_ENC_NC; } @@ -26531,59 +26531,59 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void) /* sign */ XMEMSET(sig, 0, sizeof(sig)); pt = (const void*)msg; - ret1 = EVP_SignUpdate(sign, pt, count); - ret2 = EVP_SignFinal(sign, sig, &sigSz, prvPkey); - if((ret1 != SSL_SUCCESS) || (ret2 != SSL_SUCCESS)){ + ret1 = wolfSSL_EVP_SignUpdate(sign, pt, count); + ret2 = wolfSSL_EVP_SignFinal(sign, sig, &sigSz, prvPkey); + if((ret1 != WOLFSSL_SUCCESS) || (ret2 != WOLFSSL_SUCCESS)){ XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(prvTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - EVP_MD_CTX_destroy(sign); - EVP_MD_CTX_destroy(verf); - printf("error with EVP_MD_CTX_create\n"); + wolfSSL_EVP_MD_CTX_free(sign); + wolfSSL_EVP_MD_CTX_free(verf); + printf("error with WOLFSSL_EVP_MD_CTX_create\n"); return WC_TEST_RET_ENC_NC; } show("signature = ", (char *)sig, sigSz); /* verify */ pt = (const void*)msg; - ret1 = EVP_VerifyInit(verf, EVP_sha1()); - ret2 = EVP_VerifyUpdate(verf, pt, count); - if((ret1 != SSL_SUCCESS) || (ret2 != SSL_SUCCESS)){ + ret1 = wolfSSL_EVP_VerifyInit(verf, wolfSSL_EVP_sha1()); + ret2 = wolfSSL_EVP_VerifyUpdate(verf, pt, count); + if((ret1 != WOLFSSL_SUCCESS) || (ret2 != WOLFSSL_SUCCESS)){ XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(prvTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - EVP_MD_CTX_destroy(sign); - EVP_MD_CTX_destroy(verf); + wolfSSL_EVP_MD_CTX_free(sign); + wolfSSL_EVP_MD_CTX_free(verf); printf("error with EVP_Verify\n"); return WC_TEST_RET_ENC_NC; } - if (EVP_VerifyFinal(verf, sig, sigSz, pubPkey) != 1) { + if (wolfSSL_EVP_VerifyFinal(verf, sig, sigSz, pubPkey) != 1) { XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(prvTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - EVP_MD_CTX_destroy(sign); - EVP_MD_CTX_destroy(verf); + wolfSSL_EVP_MD_CTX_free(sign); + wolfSSL_EVP_MD_CTX_free(verf); printf("error with EVP_VerifyFinal\n"); return WC_TEST_RET_ENC_NC; } /* expect fail without update */ - EVP_VerifyInit(verf, EVP_sha1()); - if (EVP_VerifyFinal(verf, sig, sigSz, pubPkey) == 1) { + wolfSSL_EVP_VerifyInit(verf, wolfSSL_EVP_sha1()); + if (wolfSSL_EVP_VerifyFinal(verf, sig, sigSz, pubPkey) == 1) { XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(prvTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - EVP_MD_CTX_destroy(sign); - EVP_MD_CTX_destroy(verf); + wolfSSL_EVP_MD_CTX_free(sign); + wolfSSL_EVP_MD_CTX_free(verf); printf("EVP_VerifyInit without update not detected\n"); return WC_TEST_RET_ENC_NC; } XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(prvTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - EVP_MD_CTX_destroy(sign); - EVP_MD_CTX_destroy(verf); + wolfSSL_EVP_MD_CTX_free(sign); + wolfSSL_EVP_MD_CTX_free(verf); wolfSSL_RSA_free(prvRsa); wolfSSL_RSA_free(pubRsa); - EVP_PKEY_free(pubPkey); - EVP_PKEY_free(prvPkey); + wolfSSL_EVP_PKEY_free(pubPkey); + wolfSSL_EVP_PKEY_free(prvPkey); #endif /* NO_RSA */ return 0; @@ -50342,7 +50342,7 @@ static const byte asnDataOid[] = { * OtherRecipientInfo. * * Returns 0 on success, negative upon error. */ -static int myOriEncryptCb(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* oriType, +static int myOriEncryptCb(wc_PKCS7* pkcs7, byte* cek, word32 cekSz, byte* oriType, word32* oriTypeSz, byte* oriValue, word32* oriValueSz, void* ctx) { @@ -50379,7 +50379,7 @@ static int myOriEncryptCb(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* oriType, * in decrypting the encrypted CEK. * * Returns 0 on success, negative upon error. */ -static int myOriDecryptCb(PKCS7* pkcs7, byte* oriType, word32 oriTypeSz, +static int myOriDecryptCb(wc_PKCS7* pkcs7, byte* oriType, word32 oriTypeSz, byte* oriValue, word32 oriValueSz, byte* decryptedKey, word32* decryptedKeySz, void* ctx) { @@ -50413,7 +50413,7 @@ static int myOriDecryptCb(PKCS7* pkcs7, byte* oriType, word32 oriTypeSz, #if !defined(NO_AES) && defined(HAVE_AES_CBC) /* returns 0 on success */ -static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz, +static int myDecryptionFunc(wc_PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, word32 authTagSz, byte* in, int inSz, byte* out, void* usrCtx) { @@ -50562,7 +50562,7 @@ static wc_test_ret_t pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, byte *enveloped = NULL; byte *decoded = NULL; - PKCS7* pkcs7 = NULL; + wc_PKCS7* pkcs7 = NULL; #ifdef ECC_TIMING_RESISTANT WC_RNG rng; #endif @@ -51182,7 +51182,7 @@ static wc_test_ret_t pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCer byte *enveloped = NULL; byte *decoded = NULL; WC_RNG rng; - PKCS7* pkcs7; + wc_PKCS7* pkcs7; #ifdef PKCS7_OUTPUT_TEST_BUNDLES XFILE pkcs7File; #endif @@ -51835,7 +51835,7 @@ static const byte p7AltKey[] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 }; -static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId, +static int myCEKwrapFunc(wc_PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId, word32 keyIdSz, byte* orginKey, word32 orginKeySz, byte* out, word32 outSz, int keyWrapAlgo, int type, int direction) { @@ -51879,7 +51879,7 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId, /* returns key size on success */ -static wc_test_ret_t getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz) +static wc_test_ret_t getFirmwareKey(wc_PKCS7* pkcs7, byte* key, word32 keySz) { wc_test_ret_t ret; word32 atrSz; @@ -51905,7 +51905,7 @@ static wc_test_ret_t getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz) /* keyIdRaw[1] Length */ if (ret > 0) { - PKCS7* envPkcs7; + wc_PKCS7* envPkcs7; envPkcs7 = wc_PKCS7_New(NULL, 0); if (envPkcs7 == NULL) { @@ -51938,7 +51938,7 @@ static wc_test_ret_t envelopedData_encrypt(byte* in, word32 inSz, byte* out, word32 outSz) { wc_test_ret_t ret; - PKCS7* pkcs7; + wc_PKCS7* pkcs7; WOLFSSL_SMALL_STACK_STATIC const byte keyId[] = { 0x00 }; pkcs7 = wc_PKCS7_New(NULL, INVALID_DEVID); @@ -51987,7 +51987,7 @@ static wc_test_ret_t generateBundle(byte* out, word32 *outSz, const byte* encryp { wc_test_ret_t ret; int attribNum = 1; - PKCS7* pkcs7; + wc_PKCS7* pkcs7; /* KEY ID * fwDecryptKeyID OID 1.2.840.113549.1.9.16.2.37 @@ -52081,7 +52081,7 @@ static wc_test_ret_t verifyBundle(byte* derBuf, word32 derSz, int keyHint) { wc_test_ret_t ret = 0; int usrCtx = 1; /* test value to pass as user context to callback */ - PKCS7* pkcs7 = NULL; + wc_PKCS7* pkcs7 = NULL; byte* sid = NULL; word32 sidSz; byte key[256]; @@ -52275,7 +52275,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7encrypted_test(void) wc_test_ret_t ret = 0; int i, testSz; int encryptedSz, decodedSz, attribIdx; - PKCS7* pkcs7; + wc_PKCS7* pkcs7; byte *encrypted; byte *decoded; #ifdef PKCS7_OUTPUT_TEST_BUNDLES @@ -52544,7 +52544,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7compressed_test(void) wc_test_ret_t ret = 0; int i, testSz; int compressedSz, decodedSz; - PKCS7* pkcs7; + wc_PKCS7* pkcs7; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) byte *compressed; byte *decoded; @@ -52700,7 +52700,7 @@ static wc_test_ret_t pkcs7signed_run_vectors( byte* out = NULL; word32 outSz; WC_RNG rng; - PKCS7* pkcs7 = NULL; + wc_PKCS7* pkcs7 = NULL; #ifdef PKCS7_OUTPUT_TEST_BUNDLES XFILE file; #endif @@ -53212,7 +53212,7 @@ static wc_test_ret_t pkcs7signed_run_SingleShotVectors( byte* out = NULL; word32 outSz; WC_RNG rng; - PKCS7* pkcs7 = NULL; + wc_PKCS7* pkcs7 = NULL; #ifdef PKCS7_OUTPUT_TEST_BUNDLES XFILE file; #endif @@ -57911,13 +57911,13 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) #endif #ifdef OPENSSL_EXTRA - EVP_PKEY* privKey = NULL; - EVP_PKEY* pubKey = NULL; + WOLFSSL_EVP_PKEY* privKey = NULL; + WOLFSSL_EVP_PKEY* pubKey = NULL; #ifdef USE_CERT_BUFFERS_256 ecc_key* pkey; const unsigned char* cp; #endif - EVP_MD_CTX mdCtx; + WOLFSSL_EVP_MD_CTX mdCtx; const char testData[] = "Hi There"; size_t checkSz = -1; const unsigned char* p; @@ -58052,7 +58052,7 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) (void)pkey; cp = ecc_clikey_der_256; - privKey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &cp, + privKey = d2i_PrivateKey(WC_EVP_PKEY_EC, NULL, &cp, sizeof_ecc_clikey_der_256); if (privKey == NULL) { ERROR_OUT(WC_TEST_RET_ENC_NC, exit_onlycb); @@ -58069,9 +58069,9 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) pkey->devId = devId; /* sign */ - EVP_MD_CTX_init(&mdCtx); + wolfSSL_EVP_MD_CTX_init(&mdCtx); - ret = EVP_DigestSignInit(&mdCtx, NULL, EVP_sha256(), NULL, privKey); + ret = EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, privKey); if (ret != WOLFSSL_SUCCESS) { ERROR_OUT(WC_TEST_RET_ENC_NC, exit_onlycb); } @@ -58104,17 +58104,17 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) /* restore checkSz for verify */ checkSz = 71; - ret = EVP_MD_CTX_cleanup(&mdCtx); - if (ret != SSL_SUCCESS) { + ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); + if (ret != WOLFSSL_SUCCESS) { ERROR_OUT(WC_TEST_RET_ENC_NC, exit_onlycb); } /* verify */ - EVP_MD_CTX_init(&mdCtx); + wolfSSL_EVP_MD_CTX_init(&mdCtx); - if (ret == SSL_SUCCESS) { - ret = EVP_DigestVerifyInit(&mdCtx, NULL, EVP_sha256(), NULL, pubKey); + if (ret == WOLFSSL_SUCCESS) { + ret = EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, pubKey); } if (ret != WOLFSSL_SUCCESS) { ERROR_OUT(WC_TEST_RET_ENC_NC, exit_onlycb); @@ -58141,8 +58141,8 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) if (ret != -1) { ERROR_OUT(WC_TEST_RET_ENC_NC, exit_onlycb); } - ret = EVP_MD_CTX_cleanup(&mdCtx); - if (ret != SSL_SUCCESS) { + ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); + if (ret != WOLFSSL_SUCCESS) { ERROR_OUT(WC_TEST_RET_ENC_NC, exit_onlycb); } else ret = 0; @@ -58182,9 +58182,9 @@ static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx) wc_ecc_free(key); #ifdef OPENSSL_EXTRA if (privKey) - EVP_PKEY_free(privKey); + wolfSSL_EVP_PKEY_free(privKey); if (pubKey) - EVP_PKEY_free(pubKey); + wolfSSL_EVP_PKEY_free(pubKey); #endif #endif diff --git a/wolfssl/error-ssl.h b/wolfssl/error-ssl.h index 31307806fd..fe6ee78d04 100644 --- a/wolfssl/error-ssl.h +++ b/wolfssl/error-ssl.h @@ -221,7 +221,18 @@ enum wolfSSL_ErrorCodes { HRR_COOKIE_ERROR = -505, /* HRR msg cookie mismatch */ UNSUPPORTED_CERTIFICATE = -506, /* unsupported certificate type */ - WOLFSSL_LAST_E = -506 + WOLFSSL_PEM_R_NO_START_LINE_E = -507, + WOLFSSL_PEM_R_PROBLEMS_GETTING_PASSWORD_E = -508, + WOLFSSL_PEM_R_BAD_PASSWORD_READ_E = -509, + WOLFSSL_PEM_R_BAD_DECRYPT_E = -510, + WOLFSSL_ASN1_R_HEADER_TOO_LONG_E = -511, + + WOLFSSL_EVP_R_BAD_DECRYPT_E = -512, + WOLFSSL_EVP_R_BN_DECODE_ERROR = -513, + WOLFSSL_EVP_R_DECODE_ERROR = -514, + WOLFSSL_EVP_R_PRIVATE_KEY_DECODE_ERROR = -515, + + WOLFSSL_LAST_E = -515 }; /* I/O Callback default errors */ diff --git a/wolfssl/internal.h b/wolfssl/internal.h index c62ef351c9..c7fe5342da 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -6271,8 +6271,8 @@ struct WOLFSSL { #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_HAVE_ERROR_QUEUE) #define CLEAR_ASN_NO_PEM_HEADER_ERROR(err) \ (err) = wolfSSL_ERR_peek_last_error(); \ - if (ERR_GET_LIB(err) == ERR_LIB_PEM && \ - ERR_GET_REASON(err) == PEM_R_NO_START_LINE) { \ + if (wolfSSL_ERR_GET_LIB(err) == WOLFSSL_ERR_LIB_PEM && \ + wolfSSL_ERR_GET_REASON(err) == -WOLFSSL_PEM_R_NO_START_LINE_E) { \ wc_RemoveErrorNode(-1); \ } #else @@ -6308,7 +6308,10 @@ WOLFSSL_LOCAL int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup); WOLFSSL_LOCAL int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup); WOLFSSL_LOCAL int ReinitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup); WOLFSSL_LOCAL void FreeSSL(WOLFSSL* ssl, void* heap); -WOLFSSL_API void SSL_ResourceFree(WOLFSSL* ssl); /* Micrium uses */ +WOLFSSL_API void wolfSSL_ResourceFree(WOLFSSL* ssl); /* Micrium uses */ +#ifndef OPENSSL_COEXIST +#define SSL_ResourceFree wolfSSL_ResourceFree +#endif #ifndef NO_CERTS @@ -7045,7 +7048,7 @@ WOLFSSL_LOCAL WC_RNG* wolfssl_make_global_rng(void); #if !defined(WOLFCRYPT_ONLY) && defined(OPENSSL_EXTRA) #if defined(WOLFSSL_KEY_GEN) && defined(WOLFSSL_PEM_TO_DER) -WOLFSSL_LOCAL int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher, +WOLFSSL_LOCAL int EncryptDerKey(byte *der, int *derSz, const WOLFSSL_EVP_CIPHER* cipher, unsigned char* passwd, int passwdSz, byte **cipherInfo, int maxDerSz); #endif #endif diff --git a/wolfssl/openssl/asn1.h b/wolfssl/openssl/asn1.h index 5fbb726c5c..5b4f25a96a 100644 --- a/wolfssl/openssl/asn1.h +++ b/wolfssl/openssl/asn1.h @@ -26,6 +26,8 @@ #include +#ifndef OPENSSL_COEXIST + #define ASN1_STRING_new wolfSSL_ASN1_STRING_new #define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new #define ASN1_STRING_type wolfSSL_ASN1_STRING_type @@ -37,33 +39,28 @@ #define d2i_ASN1_OBJECT wolfSSL_d2i_ASN1_OBJECT #define c2i_ASN1_OBJECT wolfSSL_c2i_ASN1_OBJECT -#define V_ASN1_INTEGER 0x02 -#define V_ASN1_NEG 0x100 -#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG) -#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG) +#define V_ASN1_INTEGER WOLFSSL_V_ASN1_INTEGER +#define V_ASN1_NEG WOLFSSL_V_ASN1_NEG +#define V_ASN1_NEG_INTEGER WOLFSSL_V_ASN1_NEG_INTEGER +#define V_ASN1_NEG_ENUMERATED WOLFSSL_V_ASN1_NEG_ENUMERATED /* Type for ASN1_print_ex */ -# define ASN1_STRFLGS_ESC_2253 1 -# define ASN1_STRFLGS_ESC_CTRL 2 -# define ASN1_STRFLGS_ESC_MSB 4 -# define ASN1_STRFLGS_ESC_QUOTE 8 -# define ASN1_STRFLGS_UTF8_CONVERT 0x10 -# define ASN1_STRFLGS_IGNORE_TYPE 0x20 -# define ASN1_STRFLGS_SHOW_TYPE 0x40 -# define ASN1_STRFLGS_DUMP_ALL 0x80 -# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100 -# define ASN1_STRFLGS_DUMP_DER 0x200 -# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \ - ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - ASN1_STRFLGS_UTF8_CONVERT | \ - ASN1_STRFLGS_DUMP_UNKNOWN | \ - ASN1_STRFLGS_DUMP_DER) - -#define MBSTRING_UTF8 0x1000 -#define MBSTRING_ASC 0x1001 -#define MBSTRING_BMP 0x1002 -#define MBSTRING_UNIV 0x1004 +#define ASN1_STRFLGS_ESC_2253 WOLFSSL_ASN1_STRFLGS_ESC_2253 +#define ASN1_STRFLGS_ESC_CTRL WOLFSSL_ASN1_STRFLGS_ESC_CTRL +#define ASN1_STRFLGS_ESC_MSB WOLFSSL_ASN1_STRFLGS_ESC_MSB +#define ASN1_STRFLGS_ESC_QUOTE WOLFSSL_ASN1_STRFLGS_ESC_QUOTE +#define ASN1_STRFLGS_UTF8_CONVERT WOLFSSL_ASN1_STRFLGS_UTF8_CONVERT +#define ASN1_STRFLGS_IGNORE_TYPE WOLFSSL_ASN1_STRFLGS_IGNORE_TYPE +#define ASN1_STRFLGS_SHOW_TYPE WOLFSSL_ASN1_STRFLGS_SHOW_TYPE +#define ASN1_STRFLGS_DUMP_ALL WOLFSSL_ASN1_STRFLGS_DUMP_ALL +#define ASN1_STRFLGS_DUMP_UNKNOWN WOLFSSL_ASN1_STRFLGS_DUMP_UNKNOWN +#define ASN1_STRFLGS_DUMP_DER WOLFSSL_ASN1_STRFLGS_DUMP_DER +#define ASN1_STRFLGS_RFC2253 WOLFSSL_ASN1_STRFLGS_RFC2253 + +#define MBSTRING_UTF8 WOLFSSL_MBSTRING_UTF8 +#define MBSTRING_ASC WOLFSSL_MBSTRING_ASC +#define MBSTRING_BMP WOLFSSL_MBSTRING_BMP +#define MBSTRING_UNIV WOLFSSL_MBSTRING_UNIV #define ASN1_UTCTIME_print wolfSSL_ASN1_UTCTIME_print #define ASN1_TIME_check wolfSSL_ASN1_TIME_check @@ -71,42 +68,42 @@ #define ASN1_TIME_compare wolfSSL_ASN1_TIME_compare #define ASN1_TIME_set wolfSSL_ASN1_TIME_set -#define V_ASN1_EOC 0 -#define V_ASN1_BOOLEAN 1 -#define V_ASN1_OCTET_STRING 4 -#define V_ASN1_NULL 5 -#define V_ASN1_OBJECT 6 -#define V_ASN1_UTF8STRING 12 -#define V_ASN1_SEQUENCE 16 -#define V_ASN1_SET 17 -#define V_ASN1_PRINTABLESTRING 19 -#define V_ASN1_T61STRING 20 -#define V_ASN1_IA5STRING 22 -#define V_ASN1_UTCTIME 23 -#define V_ASN1_GENERALIZEDTIME 24 -#define V_ASN1_UNIVERSALSTRING 28 -#define V_ASN1_BMPSTRING 30 - - -#define V_ASN1_CONSTRUCTED 0x20 - -#define ASN1_STRING_FLAG_BITS_LEFT 0x008 -#define ASN1_STRING_FLAG_NDEF 0x010 -#define ASN1_STRING_FLAG_CONT 0x020 -#define ASN1_STRING_FLAG_MSTRING 0x040 -#define ASN1_STRING_FLAG_EMBED 0x080 +#define V_ASN1_EOC WOLFSSL_V_ASN1_EOC +#define V_ASN1_BOOLEAN WOLFSSL_V_ASN1_BOOLEAN +#define V_ASN1_OCTET_STRING WOLFSSL_V_ASN1_OCTET_STRING +#define V_ASN1_NULL WOLFSSL_V_ASN1_NULL +#define V_ASN1_OBJECT WOLFSSL_V_ASN1_OBJECT +#define V_ASN1_UTF8STRING WOLFSSL_V_ASN1_UTF8STRING +#define V_ASN1_SEQUENCE WOLFSSL_V_ASN1_SEQUENCE +#define V_ASN1_SET WOLFSSL_V_ASN1_SET +#define V_ASN1_PRINTABLESTRING WOLFSSL_V_ASN1_PRINTABLESTRING +#define V_ASN1_T61STRING WOLFSSL_V_ASN1_T61STRING +#define V_ASN1_IA5STRING WOLFSSL_V_ASN1_IA5STRING +#define V_ASN1_UTCTIME WOLFSSL_V_ASN1_UTCTIME +#define V_ASN1_GENERALIZEDTIME WOLFSSL_V_ASN1_GENERALIZEDTIME +#define V_ASN1_UNIVERSALSTRING WOLFSSL_V_ASN1_UNIVERSALSTRING +#define V_ASN1_BMPSTRING WOLFSSL_V_ASN1_BMPSTRING + +#define V_ASN1_CONSTRUCTED WOLFSSL_V_ASN1_CONSTRUCTED + +#define ASN1_STRING_FLAG_BITS_LEFT WOLFSSL_ASN1_STRING_FLAG_BITS_LEFT +#define ASN1_STRING_FLAG_NDEF WOLFSSL_ASN1_STRING_FLAG_NDEF +#define ASN1_STRING_FLAG_CONT WOLFSSL_ASN1_STRING_FLAG_CONT +#define ASN1_STRING_FLAG_MSTRING WOLFSSL_ASN1_STRING_FLAG_MSTRING +#define ASN1_STRING_FLAG_EMBED WOLFSSL_ASN1_STRING_FLAG_EMBED /* X.509 PKI size limits from RFC2459 (appendix A) */ /* internally our limit is CTC_NAME_SIZE (64) - overridden with WC_CTC_NAME_SIZE */ -#define ub_name CTC_NAME_SIZE /* 32768 */ -#define ub_common_name CTC_NAME_SIZE /* 64 */ -#define ub_locality_name CTC_NAME_SIZE /* 128 */ -#define ub_state_name CTC_NAME_SIZE /* 128 */ -#define ub_organization_name CTC_NAME_SIZE /* 64 */ -#define ub_organization_unit_name CTC_NAME_SIZE /* 64 */ -#define ub_title CTC_NAME_SIZE /* 64 */ -#define ub_email_address CTC_NAME_SIZE /* 128 */ - +#define ub_name WOLFSSL_ub_name +#define ub_common_name WOLFSSL_ub_common_name +#define ub_locality_name WOLFSSL_ub_locality_name +#define ub_state_name WOLFSSL_ub_state_name +#define ub_organization_name WOLFSSL_ub_organization_name +#define ub_organization_unit_name WOLFSSL_ub_organization_unit_name +#define ub_title WOLFSSL_ub_title +#define ub_email_address WOLFSSL_ub_email_address + +#endif /* !OPENSSL_COEXIST */ WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER( const WOLFSSL_BIGNUM *bn, WOLFSSL_ASN1_INTEGER *ai); diff --git a/wolfssl/openssl/bio.h b/wolfssl/openssl/bio.h index 198ca4ebda..cf6571bd32 100644 --- a/wolfssl/openssl/bio.h +++ b/wolfssl/openssl/bio.h @@ -33,11 +33,57 @@ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +/* helper to set specific retry/read flags */ +#define wolfSSL_BIO_set_retry_read(bio)\ + wolfSSL_BIO_set_flags((bio), WOLFSSL_BIO_FLAG_RETRY | WOLFSSL_BIO_FLAG_READ) +#define wolfSSL_BIO_set_retry_write(bio)\ + wolfSSL_BIO_set_flags((bio), WOLFSSL_BIO_FLAG_RETRY | WOLFSSL_BIO_FLAG_WRITE) + +/* BIO CTRL */ +#define WOLFSSL_BIO_CTRL_RESET 1 +#define WOLFSSL_BIO_CTRL_EOF 2 +#define WOLFSSL_BIO_CTRL_INFO 3 +#define WOLFSSL_BIO_CTRL_SET 4 +#define WOLFSSL_BIO_CTRL_GET 5 +#define WOLFSSL_BIO_CTRL_PUSH 6 +#define WOLFSSL_BIO_CTRL_POP 7 +#define WOLFSSL_BIO_CTRL_GET_CLOSE 8 +#define WOLFSSL_BIO_CTRL_SET_CLOSE 9 +#define WOLFSSL_BIO_CTRL_PENDING 10 +#define WOLFSSL_BIO_CTRL_FLUSH 11 +#define WOLFSSL_BIO_CTRL_DUP 12 +#define WOLFSSL_BIO_CTRL_WPENDING 13 + +#define WOLFSSL_BIO_C_SET_FILE_PTR 106 +#define WOLFSSL_BIO_C_GET_FILE_PTR 107 +#define WOLFSSL_BIO_C_SET_FILENAME 108 +#define WOLFSSL_BIO_C_SET_BUF_MEM 114 +#define WOLFSSL_BIO_C_GET_BUF_MEM_PTR 115 +#define WOLFSSL_BIO_C_FILE_SEEK 128 +#define WOLFSSL_BIO_C_SET_BUF_MEM_EOF_RETURN 130 +#define WOLFSSL_BIO_C_SET_WRITE_BUF_SIZE 136 +#define WOLFSSL_BIO_C_MAKE_WOLFSSL_BIO_PAIR 138 + +#define WOLFSSL_BIO_CTRL_DGRAM_CONNECT 31 +#define WOLFSSL_BIO_CTRL_DGRAM_SET_CONNECTED 32 +#define WOLFSSL_BIO_CTRL_DGRAM_QUERY_MTU 40 +#define WOLFSSL_BIO_CTRL_DGRAM_SET_PEER 44 + +#define WOLFSSL_BIO_FP_TEXT 0x00 +#define WOLFSSL_BIO_NOCLOSE 0x00 +#define WOLFSSL_BIO_CLOSE 0x01 + +#define WOLFSSL_BIO_FP_WRITE 0x04 + +#ifndef OPENSSL_COEXIST + #define BIO_FLAGS_BASE64_NO_NL WOLFSSL_BIO_FLAG_BASE64_NO_NL #define BIO_FLAGS_READ WOLFSSL_BIO_FLAG_READ #define BIO_FLAGS_WRITE WOLFSSL_BIO_FLAG_WRITE #define BIO_FLAGS_IO_SPECIAL WOLFSSL_BIO_FLAG_IO_SPECIAL #define BIO_FLAGS_SHOULD_RETRY WOLFSSL_BIO_FLAG_RETRY +/* You shouldn't free up or change the data if BIO_FLAGS_MEM_RDONLY is set */ +#define BIO_FLAGS_MEM_RDONLY WOLFSSL_BIO_FLAG_MEM_RDONLY #define BIO_new_fp wolfSSL_BIO_new_fp #if defined(OPENSSL_ALL) \ @@ -124,10 +170,8 @@ #define BIO_get_ex_data wolfSSL_BIO_get_ex_data /* helper to set specific retry/read flags */ -#define BIO_set_retry_read(bio)\ - wolfSSL_BIO_set_flags((bio), WOLFSSL_BIO_FLAG_RETRY | WOLFSSL_BIO_FLAG_READ) -#define BIO_set_retry_write(bio)\ - wolfSSL_BIO_set_flags((bio), WOLFSSL_BIO_FLAG_RETRY | WOLFSSL_BIO_FLAG_WRITE) +#define BIO_set_retry_read(bio) wolfSSL_BIO_set_retry_read(bio) +#define BIO_set_retry_write(bio) wolfSSL_BIO_set_retry_write(bio) #define BIO_clear_retry_flags wolfSSL_BIO_clear_retry_flags @@ -145,43 +189,42 @@ #define BIO_snprintf XSNPRINTF /* BIO CTRL */ -#define BIO_CTRL_RESET 1 -#define BIO_CTRL_EOF 2 -#define BIO_CTRL_INFO 3 -#define BIO_CTRL_SET 4 -#define BIO_CTRL_GET 5 -#define BIO_CTRL_PUSH 6 -#define BIO_CTRL_POP 7 -#define BIO_CTRL_GET_CLOSE 8 -#define BIO_CTRL_SET_CLOSE 9 -#define BIO_CTRL_PENDING 10 -#define BIO_CTRL_FLUSH 11 -#define BIO_CTRL_DUP 12 -#define BIO_CTRL_WPENDING 13 - -#define BIO_C_SET_FILE_PTR 106 -#define BIO_C_GET_FILE_PTR 107 -#define BIO_C_SET_FILENAME 108 -#define BIO_C_SET_BUF_MEM 114 -#define BIO_C_GET_BUF_MEM_PTR 115 -#define BIO_C_FILE_SEEK 128 -#define BIO_C_SET_BUF_MEM_EOF_RETURN 130 -#define BIO_C_SET_WRITE_BUF_SIZE 136 -#define BIO_C_MAKE_BIO_PAIR 138 - -#define BIO_CTRL_DGRAM_CONNECT 31 -#define BIO_CTRL_DGRAM_SET_CONNECTED 32 -#define BIO_CTRL_DGRAM_QUERY_MTU 40 -#define BIO_CTRL_DGRAM_SET_PEER 44 - -#define BIO_FP_TEXT 0x00 -#define BIO_NOCLOSE 0x00 -#define BIO_CLOSE 0x01 - -#define BIO_FP_WRITE 0x04 - -/* You shouldn't free up or change the data if BIO_FLAGS_MEM_RDONLY is set */ -#define BIO_FLAGS_MEM_RDONLY 0x200 +#define BIO_CTRL_RESET WOLFSSL_BIO_CTRL_RESET +#define BIO_CTRL_EOF WOLFSSL_BIO_CTRL_EOF +#define BIO_CTRL_INFO WOLFSSL_BIO_CTRL_INFO +#define BIO_CTRL_SET WOLFSSL_BIO_CTRL_SET +#define BIO_CTRL_GET WOLFSSL_BIO_CTRL_GET +#define BIO_CTRL_PUSH WOLFSSL_BIO_CTRL_PUSH +#define BIO_CTRL_POP WOLFSSL_BIO_CTRL_POP +#define BIO_CTRL_GET_CLOSE WOLFSSL_BIO_CTRL_GET_CLOSE +#define BIO_CTRL_SET_CLOSE WOLFSSL_BIO_CTRL_SET_CLOSE +#define BIO_CTRL_PENDING WOLFSSL_BIO_CTRL_PENDING +#define BIO_CTRL_FLUSH WOLFSSL_BIO_CTRL_FLUSH +#define BIO_CTRL_DUP WOLFSSL_BIO_CTRL_DUP +#define BIO_CTRL_WPENDING WOLFSSL_BIO_CTRL_WPENDING + +#define BIO_C_SET_FILE_PTR WOLFSSL_BIO_C_SET_FILE_PTR +#define BIO_C_GET_FILE_PTR WOLFSSL_BIO_C_GET_FILE_PTR +#define BIO_C_SET_FILENAME WOLFSSL_BIO_C_SET_FILENAME +#define BIO_C_SET_BUF_MEM WOLFSSL_BIO_C_SET_BUF_MEM +#define BIO_C_GET_BUF_MEM_PTR WOLFSSL_BIO_C_GET_BUF_MEM_PTR +#define BIO_C_FILE_SEEK WOLFSSL_BIO_C_FILE_SEEK +#define BIO_C_SET_BUF_MEM_EOF_RETURN WOLFSSL_BIO_C_SET_BUF_MEM_EOF_RETURN +#define BIO_C_SET_WRITE_BUF_SIZE WOLFSSL_BIO_C_SET_WRITE_BUF_SIZE +#define BIO_C_MAKE_BIO_PAIR WOLFSSL_BIO_C_MAKE_BIO_PAIR + +#define BIO_CTRL_DGRAM_CONNECT WOLFSSL_BIO_CTRL_DGRAM_CONNECT +#define BIO_CTRL_DGRAM_SET_CONNECTED WOLFSSL_BIO_CTRL_DGRAM_SET_CONNECTED +#define BIO_CTRL_DGRAM_QUERY_MTU WOLFSSL_BIO_CTRL_DGRAM_QUERY_MTU +#define BIO_CTRL_DGRAM_SET_PEER WOLFSSL_BIO_CTRL_DGRAM_SET_PEER + +#define BIO_FP_TEXT WOLFSSL_BIO_FP_TEXT +#define BIO_NOCLOSE WOLFSSL_BIO_NOCLOSE +#define BIO_CLOSE WOLFSSL_BIO_CLOSE + +#define BIO_FP_WRITE WOLFSSL_BIO_FP_WRITE + +#endif /* !OPENSSL_COEXIST */ #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ diff --git a/wolfssl/openssl/bn.h b/wolfssl/openssl/bn.h index a3afd61ff4..ed8ae43990 100644 --- a/wolfssl/openssl/bn.h +++ b/wolfssl/openssl/bn.h @@ -185,7 +185,7 @@ WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse( WOLFSSL_BN_CTX *ctx); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) #define BN_RAND_TOP_ANY WOLFSSL_BN_RAND_TOP_ANY #define BN_RAND_TOP_ONE WOLFSSL_BN_RAND_TOP_ONE @@ -290,7 +290,7 @@ typedef WOLFSSL_BN_GENCB BN_GENCB; #define BN_prime_checks 0 -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #ifdef __cplusplus diff --git a/wolfssl/openssl/buffer.h b/wolfssl/openssl/buffer.h index c9f2790203..c4195cf831 100644 --- a/wolfssl/openssl/buffer.h +++ b/wolfssl/openssl/buffer.h @@ -38,6 +38,7 @@ WOLFSSL_API int wolfSSL_BUF_MEM_grow_ex(WOLFSSL_BUF_MEM* buf, size_t len, WOLFSSL_API int wolfSSL_BUF_MEM_resize(WOLFSSL_BUF_MEM* buf, size_t len); WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf); +#ifndef OPENSSL_COEXIST #define BUF_MEM_new wolfSSL_BUF_MEM_new #define BUF_MEM_grow wolfSSL_BUF_MEM_grow @@ -47,6 +48,8 @@ WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf); #define BUF_strlcpy wc_strlcpy #define BUF_strlcat wc_strlcat +#endif /* !OPENSSL_COEXIST */ + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/openssl/compat_types.h b/wolfssl/openssl/compat_types.h index 61cc80aeb1..00bfde19be 100644 --- a/wolfssl/openssl/compat_types.h +++ b/wolfssl/openssl/compat_types.h @@ -52,7 +52,7 @@ typedef struct WOLFSSL_ASN1_PCTX WOLFSSL_ASN1_PCTX; typedef struct WOLFSSL_BIO WOLFSSL_BIO; -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) typedef WOLFSSL_EVP_MD EVP_MD; typedef WOLFSSL_EVP_MD_CTX EVP_MD_CTX; typedef WOLFSSL_EVP_CIPHER EVP_CIPHER; @@ -63,7 +63,7 @@ typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO; typedef WOLFSSL_ENGINE ENGINE; typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX; -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ typedef unsigned long (*wolf_sk_hash_cb) (const void *v); diff --git a/wolfssl/openssl/conf.h b/wolfssl/openssl/conf.h index 4e9115f95f..411a3e09b4 100644 --- a/wolfssl/openssl/conf.h +++ b/wolfssl/openssl/conf.h @@ -45,8 +45,10 @@ typedef struct WOLFSSL_CONF { WOLF_LHASH_OF(WOLFSSL_CONF_VALUE) *data; } WOLFSSL_CONF; +#ifndef OPENSSL_COEXIST typedef WOLFSSL_CONF CONF; typedef WOLFSSL_CONF_VALUE CONF_VALUE; +#endif #ifdef OPENSSL_EXTRA @@ -58,7 +60,7 @@ WOLFSSL_API void wolfSSL_X509V3_conf_free(WOLFSSL_CONF_VALUE *val); WOLFSSL_API WOLFSSL_CONF *wolfSSL_NCONF_new(void *meth); WOLFSSL_API char *wolfSSL_NCONF_get_string(const WOLFSSL_CONF *conf, const char *group, const char *name); -WOLFSSL_API int wolfSSL_NCONF_get_number(const CONF *conf, const char *group, +WOLFSSL_API int wolfSSL_NCONF_get_number(const WOLFSSL_CONF *conf, const char *group, const char *name, long *result); WOLFSSL_API WOLFSSL_STACK *wolfSSL_NCONF_get_section( const WOLFSSL_CONF *conf, const char *section); @@ -80,6 +82,7 @@ WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_nconf_nid(WOLFSSL_CONF* c WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_nconf(WOLFSSL_CONF *conf, WOLFSSL_X509V3_CTX *ctx, const char *sName, const char *value); +#ifndef OPENSSL_COEXIST #define sk_CONF_VALUE_new wolfSSL_sk_CONF_VALUE_new #define sk_CONF_VALUE_free wolfSSL_sk_CONF_VALUE_free #define sk_CONF_VALUE_pop_free(a,b) wolfSSL_sk_CONF_VALUE_free(a) @@ -103,6 +106,7 @@ WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_nconf(WOLFSSL_CONF *conf, #define X509V3_EXT_nconf_nid wolfSSL_X509V3_EXT_nconf_nid #define X509V3_EXT_nconf wolfSSL_X509V3_EXT_nconf #define X509V3_conf_free wolfSSL_X509V3_conf_free +#endif /* !OPENSSL_COEXIST */ #endif /* OPENSSL_EXTRA */ diff --git a/wolfssl/openssl/crypto.h b/wolfssl/openssl/crypto.h index e436e938c8..33a279a431 100644 --- a/wolfssl/openssl/crypto.h +++ b/wolfssl/openssl/crypto.h @@ -29,14 +29,20 @@ typedef struct WOLFSSL_INIT_SETTINGS { char* appname; } WOLFSSL_INIT_SETTINGS; -typedef WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS; +#ifndef OPENSSL_COEXIST +#define OPENSSL_INIT_SETTINGS WOLFSSL_INIT_SETTINGS +#endif typedef struct WOLFSSL_CRYPTO_THREADID { int dummy; } WOLFSSL_CRYPTO_THREADID; +#ifndef OPENSSL_COEXIST typedef struct crypto_threadid_st CRYPTO_THREADID; +#endif +#ifndef OPENSSL_COEXIST typedef struct CRYPTO_EX_DATA CRYPTO_EX_DATA; +#endif #ifdef HAVE_EX_DATA typedef WOLFSSL_CRYPTO_EX_new CRYPTO_new_func; @@ -68,10 +74,13 @@ WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a); WOLFSSL_API int wolfSSL_OPENSSL_hexchar2int(unsigned char c); WOLFSSL_API unsigned char *wolfSSL_OPENSSL_hexstr2buf(const char *str, long *len); -WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETTINGS *settings); +WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const WOLFSSL_INIT_SETTINGS *settings); #endif /* class index for wolfSSL_CRYPTO_get_ex_new_index */ + +#ifndef OPENSSL_COEXIST + #define CRYPTO_EX_INDEX_SSL WOLF_CRYPTO_EX_INDEX_SSL #define CRYPTO_EX_INDEX_SSL_CTX WOLF_CRYPTO_EX_INDEX_SSL_CTX #define CRYPTO_EX_INDEX_SSL_SESSION WOLF_CRYPTO_EX_INDEX_SSL_SESSION @@ -153,6 +162,8 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETT #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_EX_DATA */ +#endif /* !OPENSSL_COEXIST */ + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/openssl/dh.h b/wolfssl/openssl/dh.h index 7ea0f6223c..60fe59f5c4 100644 --- a/wolfssl/openssl/dh.h +++ b/wolfssl/openssl/dh.h @@ -79,7 +79,7 @@ WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH *dh, WOLFSSL_BIGNUM *p, WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_get_2048_256(void); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) typedef WOLFSSL_DH DH; @@ -135,7 +135,7 @@ typedef WOLFSSL_DH DH; #define DH_GENERATOR_2 2 #define DH_GENERATOR_5 5 -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/openssl/dsa.h b/wolfssl/openssl/dsa.h index 6acb59e00c..1d24ceb8d4 100644 --- a/wolfssl/openssl/dsa.h +++ b/wolfssl/openssl/dsa.h @@ -118,13 +118,15 @@ WOLFSSL_API WOLFSSL_DSA* wolfSSL_d2i_DSAparams( #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#define WOLFSSL_DSA_LOAD_PRIVATE 1 +#define WOLFSSL_DSA_LOAD_PUBLIC 2 + +#ifndef OPENSSL_COEXIST + typedef WOLFSSL_DSA DSA; #define OPENSSL_DSA_MAX_MODULUS_BITS 3072 -#define WOLFSSL_DSA_LOAD_PRIVATE 1 -#define WOLFSSL_DSA_LOAD_PUBLIC 2 - #define DSA_new wolfSSL_DSA_new #define DSA_free wolfSSL_DSA_free #define DSA_print_fp wolfSSL_DSA_print_fp @@ -151,6 +153,8 @@ typedef WOLFSSL_DSA DSA; #define DSA_SIG WOLFSSL_DSA_SIG +#endif /* !OPENSSL_COEXIST */ + #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ #ifdef __cplusplus diff --git a/wolfssl/openssl/ec.h b/wolfssl/openssl/ec.h index bd81894e8d..fb02641844 100644 --- a/wolfssl/openssl/ec.h +++ b/wolfssl/openssl/ec.h @@ -36,59 +36,114 @@ extern "C" { #endif #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) + /* Map OpenSSL NID value */ enum { - POINT_CONVERSION_COMPRESSED = 2, - POINT_CONVERSION_UNCOMPRESSED = 4, + WC_POINT_CONVERSION_COMPRESSED = 2, + WC_POINT_CONVERSION_UNCOMPRESSED = 4, #ifdef HAVE_ECC /* Use OpenSSL NIDs. NIDs can be mapped to ecc_curve_id enum values by calling NIDToEccEnum() in ssl.c */ - NID_X9_62_prime192v1 = 409, - NID_X9_62_prime192v2 = 410, - NID_X9_62_prime192v3 = 411, - NID_X9_62_prime239v1 = 412, - NID_X9_62_prime239v2 = 413, - NID_X9_62_prime239v3 = 418, /* Previous value conflicted with AES128CBCb */ - NID_X9_62_prime256v1 = 415, - NID_secp112r1 = 704, - NID_secp112r2 = 705, - NID_secp128r1 = 706, - NID_secp128r2 = 707, - NID_secp160r1 = 709, - NID_secp160r2 = 710, - NID_secp224r1 = 713, - NID_secp384r1 = 715, - NID_secp521r1 = 716, - NID_secp160k1 = 708, - NID_secp192k1 = 711, - NID_secp224k1 = 712, - NID_secp256k1 = 714, - NID_brainpoolP160r1 = 921, - NID_brainpoolP192r1 = 923, - NID_brainpoolP224r1 = 925, - NID_brainpoolP256r1 = 927, - NID_brainpoolP320r1 = 929, - NID_brainpoolP384r1 = 931, - NID_brainpoolP512r1 = 933, + WC_NID_X9_62_prime192v1 = 409, + WC_NID_X9_62_prime192v2 = 410, + WC_NID_X9_62_prime192v3 = 411, + WC_NID_X9_62_prime239v1 = 412, + WC_NID_X9_62_prime239v2 = 413, + WC_NID_X9_62_prime239v3 = 418, /* Previous value conflicted with AES128CBCb */ + WC_NID_X9_62_prime256v1 = 415, + WC_NID_secp112r1 = 704, + WC_NID_secp112r2 = 705, + WC_NID_secp128r1 = 706, + WC_NID_secp128r2 = 707, + WC_NID_secp160r1 = 709, + WC_NID_secp160r2 = 710, + WC_NID_secp224r1 = 713, + WC_NID_secp384r1 = 715, + WC_NID_secp521r1 = 716, + WC_NID_secp160k1 = 708, + WC_NID_secp192k1 = 711, + WC_NID_secp224k1 = 712, + WC_NID_secp256k1 = 714, + WC_NID_brainpoolP160r1 = 921, + WC_NID_brainpoolP192r1 = 923, + WC_NID_brainpoolP224r1 = 925, + WC_NID_brainpoolP256r1 = 927, + WC_NID_brainpoolP320r1 = 929, + WC_NID_brainpoolP384r1 = 931, + WC_NID_brainpoolP512r1 = 933, #endif #ifdef HAVE_ED448 - NID_ED448 = ED448k, + WC_NID_ED448 = ED448k, #endif #ifdef HAVE_CURVE448 - NID_X448 = X448k, + WC_NID_X448 = X448k, #endif #ifdef HAVE_ED25519 - NID_ED25519 = ED25519k, + WC_NID_ED25519 = ED25519k, #endif #ifdef HAVE_CURVE25519 - NID_X25519 = X25519k, + WC_NID_X25519 = X25519k, #endif - OPENSSL_EC_EXPLICIT_CURVE = 0x000, - OPENSSL_EC_NAMED_CURVE = 0x001, + WOLFSSL_EC_EXPLICIT_CURVE = 0x000, + WOLFSSL_EC_NAMED_CURVE = 0x001, }; + +#ifndef OPENSSL_COEXIST + +#define POINT_CONVERSION_COMPRESSED WC_POINT_CONVERSION_COMPRESSED +#define POINT_CONVERSION_UNCOMPRESSED WC_POINT_CONVERSION_UNCOMPRESSED + +#ifdef HAVE_ECC +#define NID_X9_62_prime192v1 WC_NID_X9_62_prime192v1 +#define NID_X9_62_prime192v2 WC_NID_X9_62_prime192v2 +#define NID_X9_62_prime192v3 WC_NID_X9_62_prime192v3 +#define NID_X9_62_prime239v1 WC_NID_X9_62_prime239v1 +#define NID_X9_62_prime239v2 WC_NID_X9_62_prime239v2 +#define NID_X9_62_prime239v3 WC_NID_X9_62_prime239v3 +#define NID_X9_62_prime256v1 WC_NID_X9_62_prime256v1 +#define NID_secp112r1 WC_NID_secp112r1 +#define NID_secp112r2 WC_NID_secp112r2 +#define NID_secp128r1 WC_NID_secp128r1 +#define NID_secp128r2 WC_NID_secp128r2 +#define NID_secp160r1 WC_NID_secp160r1 +#define NID_secp160r2 WC_NID_secp160r2 +#define NID_secp224r1 WC_NID_secp224r1 +#define NID_secp384r1 WC_NID_secp384r1 +#define NID_secp521r1 WC_NID_secp521r1 +#define NID_secp160k1 WC_NID_secp160k1 +#define NID_secp192k1 WC_NID_secp192k1 +#define NID_secp224k1 WC_NID_secp224k1 +#define NID_secp256k1 WC_NID_secp256k1 +#define NID_brainpoolP160r1 WC_NID_brainpoolP160r1 +#define NID_brainpoolP192r1 WC_NID_brainpoolP192r1 +#define NID_brainpoolP224r1 WC_NID_brainpoolP224r1 +#define NID_brainpoolP256r1 WC_NID_brainpoolP256r1 +#define NID_brainpoolP320r1 WC_NID_brainpoolP320r1 +#define NID_brainpoolP384r1 WC_NID_brainpoolP384r1 +#define NID_brainpoolP512r1 WC_NID_brainpoolP512r1 +#endif + +#ifdef HAVE_ED448 +#define NID_ED448 WC_NID_ED448 +#endif +#ifdef HAVE_CURVE448 +#define NID_X448 WC_NID_X448 +#endif +#ifdef HAVE_ED25519 +#define NID_ED25519 WC_NID_ED25519 +#endif +#ifdef HAVE_CURVE25519 +#define NID_X25519 WC_NID_X25519 +#endif + +#define OPENSSL_EC_EXPLICIT_CURVE WOLFSSL_EC_EXPLICIT_CURVE +#define OPENSSL_EC_NAMED_CURVE WOLFSSL_EC_NAMED_CURVE + +#endif /* !OPENSSL_COEXIST */ + #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ #ifndef WOLFSSL_EC_TYPE_DEFINED /* guard on redeclaration */ @@ -144,7 +199,10 @@ struct WOLFSSL_EC_BUILTIN_CURVE { #define WOLFSSL_EC_KEY_LOAD_PRIVATE 1 #define WOLFSSL_EC_KEY_LOAD_PUBLIC 2 -typedef int point_conversion_form_t; +typedef int wc_point_conversion_form_t; +#ifndef OPENSSL_COEXIST +#define point_conversion_form_t wc_point_conversion_form_t +#endif typedef struct WOLFSSL_EC_KEY_METHOD { /* Not implemented */ @@ -189,7 +247,7 @@ int wolfSSL_i2d_ECPrivateKey(const WOLFSSL_EC_KEY *in, unsigned char **out); WOLFSSL_API void wolfSSL_EC_KEY_set_conv_form(WOLFSSL_EC_KEY *eckey, int form); WOLFSSL_API -point_conversion_form_t wolfSSL_EC_KEY_get_conv_form(const WOLFSSL_EC_KEY* key); +wc_point_conversion_form_t wolfSSL_EC_KEY_get_conv_form(const WOLFSSL_EC_KEY* key); WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_EC_POINT_point2bn(const WOLFSSL_EC_GROUP *group, const WOLFSSL_EC_POINT *p, @@ -347,7 +405,7 @@ WOLFSSL_API const WOLFSSL_EC_KEY_METHOD *wolfSSL_EC_KEY_get_method( WOLFSSL_API int wolfSSL_EC_KEY_set_method(WOLFSSL_EC_KEY *key, const WOLFSSL_EC_KEY_METHOD *meth); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) typedef WOLFSSL_EC_KEY EC_KEY; typedef WOLFSSL_EC_GROUP EC_GROUP; @@ -451,7 +509,7 @@ typedef WOLFSSL_EC_KEY_METHOD EC_KEY_METHOD; #define EC_KEY_get_method wolfSSL_EC_KEY_get_method #define EC_KEY_set_method wolfSSL_EC_KEY_set_method -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/openssl/ecdsa.h b/wolfssl/openssl/ecdsa.h index 704f56d00f..f9ba1ec700 100644 --- a/wolfssl/openssl/ecdsa.h +++ b/wolfssl/openssl/ecdsa.h @@ -37,7 +37,9 @@ typedef struct WOLFSSL_ECDSA_SIG WOLFSSL_ECDSA_SIG; #define WOLFSSL_ECDSA_TYPE_DEFINED #endif +#ifndef OPENSSL_COEXIST typedef WOLFSSL_ECDSA_SIG ECDSA_SIG; +#endif struct WOLFSSL_ECDSA_SIG { WOLFSSL_BIGNUM *r; @@ -64,6 +66,8 @@ WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_d2i_ECDSA_SIG(WOLFSSL_ECDSA_SIG **sig, WOLFSSL_API int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig, unsigned char **pp); +#ifndef OPENSSL_COEXIST + #define ECDSA_SIG_free wolfSSL_ECDSA_SIG_free #define ECDSA_SIG_new wolfSSL_ECDSA_SIG_new #define ECDSA_SIG_get0 wolfSSL_ECDSA_SIG_get0 @@ -73,6 +77,8 @@ WOLFSSL_API int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig, #define d2i_ECDSA_SIG wolfSSL_d2i_ECDSA_SIG #define i2d_ECDSA_SIG wolfSSL_i2d_ECDSA_SIG +#endif /* !OPENSSL_COEXIST */ + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/openssl/err.h b/wolfssl/openssl/err.h index 2af6407848..708498ae7b 100644 --- a/wolfssl/openssl/err.h +++ b/wolfssl/openssl/err.h @@ -25,6 +25,26 @@ #include #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) + +#define wolfSSL_RSAerr(f,r) wolfSSL_ERR_put_error(0,(f),(r),__FILE__,__LINE__) +#define wolfSSL_SSLerr(f,r) wolfSSL_ERR_put_error(0,(f),(r),__FILE__,__LINE__) +#define wolfSSL_ECerr(f,r) wolfSSL_ERR_put_error(0,(f),(r),__FILE__,__LINE__) + +#define WOLFSSL_ERR_TXT_MALLOCED 1 + +/* SSL function codes */ +#define WOLFSSL_RSA_F_RSA_PADDING_ADD_SSLV23 0 +#define WOLFSSL_RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 1 +#define WOLFSSL_SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 2 +#define WOLFSSL_SSL_F_SSL_USE_PRIVATEKEY 3 +#define WOLFSSL_EC_F_EC_GFP_SIMPLE_POINT2OCT 4 + +/* reasons */ +#define WOLFSSL_ERR_R_SYS_LIB 1 +#define WOLFSSL_PKCS12_R_MAC_VERIFY_FAILURE 2 + +#ifndef OPENSSL_COEXIST + /* err.h for openssl */ #define ERR_load_ERR_strings wolfSSL_ERR_load_ERR_strings #define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings @@ -40,24 +60,25 @@ #define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE WC_KEY_SIZE_E #define EC_R_BUFFER_TOO_SMALL BUFFER_E -#define ERR_TXT_MALLOCED 1 +#define ERR_TXT_MALLOCED WOLFSSL_ERR_TXT_MALLOCED /* SSL function codes */ -#define RSA_F_RSA_PADDING_ADD_SSLV23 0 -#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 1 -#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 2 -#define SSL_F_SSL_USE_PRIVATEKEY 3 -#define EC_F_EC_GFP_SIMPLE_POINT2OCT 4 +#define RSA_F_RSA_PADDING_ADD_SSLV23 WOLFSSL_RSA_F_RSA_PADDING_ADD_SSLV23 +#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT WOLFSSL_RSA_F_RSA_OSSL_PRIVATE_ENCRYPT +#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE WOLFSSL_SSL_F_SSL_CTX_USE_CERTIFICATE_FILE +#define SSL_F_SSL_USE_PRIVATEKEY WOLFSSL_SSL_F_SSL_USE_PRIVATEKEY +#define EC_F_EC_GFP_SIMPLE_POINT2OCT WOLFSSL_EC_F_EC_GFP_SIMPLE_POINT2OCT /* reasons */ -#define ERR_R_SYS_LIB 1 -#define PKCS12_R_MAC_VERIFY_FAILURE 2 +#define ERR_R_SYS_LIB WOLFSSL_ERR_R_SYS_LIB +#define PKCS12_R_MAC_VERIFY_FAILURE WOLFSSL_PKCS12_R_MAC_VERIFY_FAILURE -#define RSAerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__) -#define SSLerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__) -#define ECerr(f,r) ERR_put_error(0,(f),(r),__FILE__,__LINE__) +#define RSAerr(f,r) wolfSSL_RSAerr(f,r) +#define SSLerr(f,r) wolfSSL_SSLerr(f,r) +#define ECerr(f,r) wolfSSL_ECerr(f,r) + +#endif /* !OPENSSL_COEXIST */ #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ #endif /* WOLFSSL_OPENSSL_ERR_ */ - diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index fbfea201a1..5d66164e6a 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -270,205 +270,413 @@ typedef union { #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) -#define NID_aes_128_cbc 419 -#define NID_aes_192_cbc 423 -#define NID_aes_256_cbc 427 -#define NID_aes_128_ccm 896 -#define NID_aes_192_ccm 899 -#define NID_aes_256_ccm 902 -#define NID_aes_128_gcm 895 -#define NID_aes_192_gcm 898 -#define NID_aes_256_gcm 901 -#define NID_aes_128_ctr 904 -#define NID_aes_192_ctr 905 -#define NID_aes_256_ctr 906 -#define NID_aes_128_ecb 418 -#define NID_aes_192_ecb 422 -#define NID_aes_256_ecb 426 -#define NID_des_cbc 31 -#define NID_des_ecb 29 -#define NID_des_ede3_cbc 44 -#define NID_des_ede3_ecb 33 -#define NID_aes_128_cfb1 650 -#define NID_aes_192_cfb1 651 -#define NID_aes_256_cfb1 652 -#define NID_aes_128_cfb8 653 -#define NID_aes_192_cfb8 654 -#define NID_aes_256_cfb8 655 -#define NID_aes_128_cfb128 421 -#define NID_aes_192_cfb128 425 -#define NID_aes_256_cfb128 429 -#define NID_aes_128_ofb 420 -#define NID_aes_192_ofb 424 -#define NID_aes_256_ofb 428 -#define NID_aes_128_xts 913 -#define NID_aes_256_xts 914 -#define NID_camellia_128_cbc 751 -#define NID_camellia_256_cbc 753 -#define NID_chacha20_poly1305 1018 -#define NID_chacha20 1019 -#define NID_sm4_ecb 1133 -#define NID_sm4_cbc 1134 -#define NID_sm4_ctr 1139 -#define NID_sm4_gcm 1248 -#define NID_sm4_ccm 1249 -#define NID_md5WithRSA 104 -#define NID_md2WithRSAEncryption 9 -#define NID_md5WithRSAEncryption 99 -#define NID_dsaWithSHA1 113 -#define NID_dsaWithSHA1_2 70 -#define NID_sha1WithRSA 115 -#define NID_sha1WithRSAEncryption 65 -#define NID_sha224WithRSAEncryption 671 -#define NID_sha256WithRSAEncryption 668 -#define NID_sha384WithRSAEncryption 669 -#define NID_sha512WithRSAEncryption 670 -#define NID_RSA_SHA3_224 1116 -#define NID_RSA_SHA3_256 1117 -#define NID_RSA_SHA3_384 1118 -#define NID_RSA_SHA3_512 1119 -#define NID_rsassaPss 912 -#define NID_ecdsa_with_SHA1 416 -#define NID_ecdsa_with_SHA224 793 -#define NID_ecdsa_with_SHA256 794 -#define NID_ecdsa_with_SHA384 795 -#define NID_ecdsa_with_SHA512 796 -#define NID_ecdsa_with_SHA3_224 1112 -#define NID_ecdsa_with_SHA3_256 1113 -#define NID_ecdsa_with_SHA3_384 1114 -#define NID_ecdsa_with_SHA3_512 1115 -#define NID_dsa_with_SHA224 802 -#define NID_dsa_with_SHA256 803 -#define NID_sha3_224 1096 -#define NID_sha3_256 1097 -#define NID_sha3_384 1098 -#define NID_sha3_512 1099 -#define NID_blake2b512 1056 -#define NID_blake2s256 1057 -#define NID_shake128 1100 -#define NID_shake256 1101 -#define NID_sha1 64 -#define NID_sha224 675 -#define NID_sm3 1143 -#define NID_md2 77 -#define NID_md4 257 -#define NID_md5 40 -#define NID_hmac 855 -#define NID_hmacWithSHA1 163 -#define NID_hmacWithSHA224 798 -#define NID_hmacWithSHA256 799 -#define NID_hmacWithSHA384 800 -#define NID_hmacWithSHA512 801 -#define NID_hkdf 1036 -#define NID_cmac 894 -#define NID_dhKeyAgreement 28 -#define NID_ffdhe2048 1126 -#define NID_ffdhe3072 1127 -#define NID_ffdhe4096 1128 -#define NID_rc4 5 -#define NID_bf_cbc 91 -#define NID_bf_ecb 92 -#define NID_bf_cfb64 93 -#define NID_bf_ofb64 94 -#define NID_cast5_cbc 108 -#define NID_cast5_ecb 109 -#define NID_cast5_cfb64 110 -#define NID_cast5_ofb64 111 +/* note, this WC_NID_undef definition duplicates the definition in + * wolfcrypt/asn.h, which is gated out when -DNO_ASN. + */ +#define WC_NID_undef 0 + +#define WC_NID_aes_128_cbc 419 +#define WC_NID_aes_192_cbc 423 +#define WC_NID_aes_256_cbc 427 +#define WC_NID_aes_128_ccm 896 +#define WC_NID_aes_192_ccm 899 +#define WC_NID_aes_256_ccm 902 +#define WC_NID_aes_128_gcm 895 +#define WC_NID_aes_192_gcm 898 +#define WC_NID_aes_256_gcm 901 +#define WC_NID_aes_128_ctr 904 +#define WC_NID_aes_192_ctr 905 +#define WC_NID_aes_256_ctr 906 +#define WC_NID_aes_128_ecb 418 +#define WC_NID_aes_192_ecb 422 +#define WC_NID_aes_256_ecb 426 +#define WC_NID_des_cbc 31 +#define WC_NID_des_ecb 29 +#define WC_NID_des_ede3_cbc 44 +#define WC_NID_des_ede3_ecb 33 +#define WC_NID_aes_128_cfb1 650 +#define WC_NID_aes_192_cfb1 651 +#define WC_NID_aes_256_cfb1 652 +#define WC_NID_aes_128_cfb8 653 +#define WC_NID_aes_192_cfb8 654 +#define WC_NID_aes_256_cfb8 655 +#define WC_NID_aes_128_cfb128 421 +#define WC_NID_aes_192_cfb128 425 +#define WC_NID_aes_256_cfb128 429 +#define WC_NID_aes_128_ofb 420 +#define WC_NID_aes_192_ofb 424 +#define WC_NID_aes_256_ofb 428 +#define WC_NID_aes_128_xts 913 +#define WC_NID_aes_256_xts 914 +#define WC_NID_camellia_128_cbc 751 +#define WC_NID_camellia_256_cbc 753 +#define WC_NID_chacha20_poly1305 1018 +#define WC_NID_chacha20 1019 +#define WC_NID_sm4_ecb 1133 +#define WC_NID_sm4_cbc 1134 +#define WC_NID_sm4_ctr 1139 +#define WC_NID_sm4_gcm 1248 +#define WC_NID_sm4_ccm 1249 +#define WC_NID_md5WithRSA 104 +#define WC_NID_md2WithRSAEncryption 9 +#define WC_NID_md5WithRSAEncryption 99 +#define WC_NID_dsaWithSHA1 113 +#define WC_NID_dsaWithSHA1_2 70 +#define WC_NID_sha1WithRSA 115 +#define WC_NID_sha1WithRSAEncryption 65 +#define WC_NID_sha224WithRSAEncryption 671 +#define WC_NID_sha256WithRSAEncryption 668 +#define WC_NID_sha384WithRSAEncryption 669 +#define WC_NID_sha512WithRSAEncryption 670 +#define WC_NID_RSA_SHA3_224 1116 +#define WC_NID_RSA_SHA3_256 1117 +#define WC_NID_RSA_SHA3_384 1118 +#define WC_NID_RSA_SHA3_512 1119 +#define WC_NID_rsassaPss 912 +#define WC_NID_ecdsa_with_SHA1 416 +#define WC_NID_ecdsa_with_SHA224 793 +#define WC_NID_ecdsa_with_SHA256 794 +#define WC_NID_ecdsa_with_SHA384 795 +#define WC_NID_ecdsa_with_SHA512 796 +#define WC_NID_ecdsa_with_SHA3_224 1112 +#define WC_NID_ecdsa_with_SHA3_256 1113 +#define WC_NID_ecdsa_with_SHA3_384 1114 +#define WC_NID_ecdsa_with_SHA3_512 1115 +#define WC_NID_dsa_with_SHA224 802 +#define WC_NID_dsa_with_SHA256 803 +#define WC_NID_sha3_224 1096 +#define WC_NID_sha3_256 1097 +#define WC_NID_sha3_384 1098 +#define WC_NID_sha3_512 1099 +#define WC_NID_blake2b512 1056 +#define WC_NID_blake2s256 1057 +#define WC_NID_shake128 1100 +#define WC_NID_shake256 1101 +#define WC_NID_sha1 64 +#define WC_NID_sha224 675 +#define WC_NID_sm3 1143 +#define WC_NID_md2 77 +#define WC_NID_md4 257 +#define WC_NID_md5 40 +#define WC_NID_hmac 855 +#define WC_NID_hmacWithSHA1 163 +#define WC_NID_hmacWithSHA224 798 +#define WC_NID_hmacWithSHA256 799 +#define WC_NID_hmacWithSHA384 800 +#define WC_NID_hmacWithSHA512 801 +#define WC_NID_hkdf 1036 +#define WC_NID_cmac 894 +#define WC_NID_dhKeyAgreement 28 +#define WC_NID_ffdhe2048 1126 +#define WC_NID_ffdhe3072 1127 +#define WC_NID_ffdhe4096 1128 +#define WC_NID_rc4 5 +#define WC_NID_bf_cbc 91 +#define WC_NID_bf_ecb 92 +#define WC_NID_bf_cfb64 93 +#define WC_NID_bf_ofb64 94 +#define WC_NID_cast5_cbc 108 +#define WC_NID_cast5_ecb 109 +#define WC_NID_cast5_cfb64 110 +#define WC_NID_cast5_ofb64 111 /* key exchange */ -#define NID_kx_rsa 1037 -#define NID_kx_ecdhe 1038 -#define NID_kx_dhe 1039 -#define NID_kx_ecdhe_psk 1040 -#define NID_kx_dhe_psk 1041 -#define NID_kx_rsa_psk 1042 -#define NID_kx_psk 1043 -#define NID_kx_srp 1044 -#define NID_kx_gost 1045 -#define NID_kx_any 1063 +#define WC_NID_kx_rsa 1037 +#define WC_NID_kx_ecdhe 1038 +#define WC_NID_kx_dhe 1039 +#define WC_NID_kx_ecdhe_psk 1040 +#define WC_NID_kx_dhe_psk 1041 +#define WC_NID_kx_rsa_psk 1042 +#define WC_NID_kx_psk 1043 +#define WC_NID_kx_srp 1044 +#define WC_NID_kx_gost 1045 +#define WC_NID_kx_any 1063 /* server authentication */ -#define NID_auth_rsa 1046 -#define NID_auth_ecdsa 1047 -#define NID_auth_psk 1048 -#define NID_auth_dss 1049 -#define NID_auth_srp 1052 -#define NID_auth_null 1054 -#define NID_auth_any 1055 +#define WC_NID_auth_rsa 1046 +#define WC_NID_auth_ecdsa 1047 +#define WC_NID_auth_psk 1048 +#define WC_NID_auth_dss 1049 +#define WC_NID_auth_srp 1052 +#define WC_NID_auth_null 1054 +#define WC_NID_auth_any 1055 /* Curve */ -#define NID_aria_128_gcm 1123 -#define NID_aria_192_gcm 1124 -#define NID_aria_256_gcm 1125 -#define NID_sm2 1172 - -#define NID_X9_62_id_ecPublicKey EVP_PKEY_EC -#define NID_rsaEncryption EVP_PKEY_RSA -#define NID_rsa EVP_PKEY_RSA -#define NID_dsa EVP_PKEY_DSA +#define WC_NID_aria_128_gcm 1123 +#define WC_NID_aria_192_gcm 1124 +#define WC_NID_aria_256_gcm 1125 +#define WC_NID_sm2 1172 -#define EVP_PKEY_OP_SIGN (1 << 3) -#define EVP_PKEY_OP_VERIFY (1 << 5) -#define EVP_PKEY_OP_ENCRYPT (1 << 6) -#define EVP_PKEY_OP_DECRYPT (1 << 7) -#define EVP_PKEY_OP_DERIVE (1 << 8) - -#define EVP_PKEY_PRINT_INDENT_MAX 128 +#define WC_NID_X9_62_id_ecPublicKey WC_EVP_PKEY_EC +#define WC_NID_rsaEncryption WC_EVP_PKEY_RSA +#define WC_NID_rsa WC_EVP_PKEY_RSA +#define WC_NID_dsa WC_EVP_PKEY_DSA enum { - AES_128_CBC_TYPE = 1, - AES_192_CBC_TYPE = 2, - AES_256_CBC_TYPE = 3, - AES_128_CTR_TYPE = 4, - AES_192_CTR_TYPE = 5, - AES_256_CTR_TYPE = 6, - AES_128_ECB_TYPE = 7, - AES_192_ECB_TYPE = 8, - AES_256_ECB_TYPE = 9, - DES_CBC_TYPE = 10, - DES_ECB_TYPE = 11, - DES_EDE3_CBC_TYPE = 12, - DES_EDE3_ECB_TYPE = 13, - ARC4_TYPE = 14, - NULL_CIPHER_TYPE = 15, - EVP_PKEY_RSA = 16, - EVP_PKEY_DSA = 17, - EVP_PKEY_EC = 18, - AES_128_GCM_TYPE = 21, - AES_192_GCM_TYPE = 22, - AES_256_GCM_TYPE = 23, - EVP_PKEY_DH = NID_dhKeyAgreement, - EVP_PKEY_HMAC = NID_hmac, - EVP_PKEY_CMAC = NID_cmac, - EVP_PKEY_HKDF = NID_hkdf, - EVP_PKEY_FALCON = 300, /* Randomly picked value. */ - EVP_PKEY_DILITHIUM = 301, /* Randomly picked value. */ - AES_128_CFB1_TYPE = 24, - AES_192_CFB1_TYPE = 25, - AES_256_CFB1_TYPE = 26, - AES_128_CFB8_TYPE = 27, - AES_192_CFB8_TYPE = 28, - AES_256_CFB8_TYPE = 29, - AES_128_CFB128_TYPE = 30, - AES_192_CFB128_TYPE = 31, - AES_256_CFB128_TYPE = 32, - AES_128_OFB_TYPE = 33, - AES_192_OFB_TYPE = 34, - AES_256_OFB_TYPE = 35, - AES_128_XTS_TYPE = 36, - AES_256_XTS_TYPE = 37, - CHACHA20_POLY1305_TYPE = 38, - CHACHA20_TYPE = 39, - AES_128_CCM_TYPE = 40, - AES_192_CCM_TYPE = 41, - AES_256_CCM_TYPE = 42, - SM4_ECB_TYPE = 43, - SM4_CBC_TYPE = 44, - SM4_CTR_TYPE = 45, - SM4_GCM_TYPE = 46, - SM4_CCM_TYPE = 47, - ARIA_128_GCM_TYPE = 48, - ARIA_192_GCM_TYPE = 49, - ARIA_256_GCM_TYPE = 50 + WC_EVP_PKEY_NONE = WC_NID_undef, + WC_AES_128_CBC_TYPE = 1, + WC_AES_192_CBC_TYPE = 2, + WC_AES_256_CBC_TYPE = 3, + WC_AES_128_CTR_TYPE = 4, + WC_AES_192_CTR_TYPE = 5, + WC_AES_256_CTR_TYPE = 6, + WC_AES_128_ECB_TYPE = 7, + WC_AES_192_ECB_TYPE = 8, + WC_AES_256_ECB_TYPE = 9, + WC_DES_CBC_TYPE = 10, + WC_DES_ECB_TYPE = 11, + WC_DES_EDE3_CBC_TYPE = 12, + WC_DES_EDE3_ECB_TYPE = 13, + WC_ARC4_TYPE = 14, + WC_NULL_CIPHER_TYPE = 15, + WC_EVP_PKEY_RSA = 16, + WC_EVP_PKEY_DSA = 17, + WC_EVP_PKEY_EC = 18, + WC_AES_128_GCM_TYPE = 21, + WC_AES_192_GCM_TYPE = 22, + WC_AES_256_GCM_TYPE = 23, + WC_EVP_PKEY_DH = WC_NID_dhKeyAgreement, + WC_EVP_PKEY_HMAC = WC_NID_hmac, + WC_EVP_PKEY_CMAC = WC_NID_cmac, + WC_EVP_PKEY_HKDF = WC_NID_hkdf, + WC_EVP_PKEY_FALCON = 300, /* Randomly picked value. */ + WC_EVP_PKEY_DILITHIUM = 301, /* Randomly picked value. */ + WC_AES_128_CFB1_TYPE = 24, + WC_AES_192_CFB1_TYPE = 25, + WC_AES_256_CFB1_TYPE = 26, + WC_AES_128_CFB8_TYPE = 27, + WC_AES_192_CFB8_TYPE = 28, + WC_AES_256_CFB8_TYPE = 29, + WC_AES_128_CFB128_TYPE = 30, + WC_AES_192_CFB128_TYPE = 31, + WC_AES_256_CFB128_TYPE = 32, + WC_AES_128_OFB_TYPE = 33, + WC_AES_192_OFB_TYPE = 34, + WC_AES_256_OFB_TYPE = 35, + WC_AES_128_XTS_TYPE = 36, + WC_AES_256_XTS_TYPE = 37, + WC_CHACHA20_POLY1305_TYPE = 38, + WC_CHACHA20_TYPE = 39, + WC_AES_128_CCM_TYPE = 40, + WC_AES_192_CCM_TYPE = 41, + WC_AES_256_CCM_TYPE = 42, + WC_SM4_ECB_TYPE = 43, + WC_SM4_CBC_TYPE = 44, + WC_SM4_CTR_TYPE = 45, + WC_SM4_GCM_TYPE = 46, + WC_SM4_CCM_TYPE = 47, + WC_ARIA_128_GCM_TYPE = 48, + WC_ARIA_192_GCM_TYPE = 49, + WC_ARIA_256_GCM_TYPE = 50 }; +#define WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX 128 + +#define WC_EVP_PKEY_OP_SIGN (1 << 3) +#define WC_EVP_PKEY_OP_VERIFY (1 << 5) +#define WC_EVP_PKEY_OP_ENCRYPT (1 << 6) +#define WC_EVP_PKEY_OP_DECRYPT (1 << 7) +#define WC_EVP_PKEY_OP_DERIVE (1 << 8) + +#ifndef OPENSSL_COEXIST + +#define EVP_PKEY_NONE WC_EVP_PKEY_NONE +#define AES_128_CBC_TYPE WC_AES_128_CBC_TYPE +#define AES_192_CBC_TYPE WC_AES_192_CBC_TYPE +#define AES_256_CBC_TYPE WC_AES_256_CBC_TYPE +#define AES_128_CTR_TYPE WC_AES_128_CTR_TYPE +#define AES_192_CTR_TYPE WC_AES_192_CTR_TYPE +#define AES_256_CTR_TYPE WC_AES_256_CTR_TYPE +#define AES_128_ECB_TYPE WC_AES_128_ECB_TYPE +#define AES_192_ECB_TYPE WC_AES_192_ECB_TYPE +#define AES_256_ECB_TYPE WC_AES_256_ECB_TYPE +#define DES_CBC_TYPE WC_DES_CBC_TYPE +#define DES_ECB_TYPE WC_DES_ECB_TYPE +#define DES_EDE3_CBC_TYPE WC_DES_EDE3_CBC_TYPE +#define DES_EDE3_ECB_TYPE WC_DES_EDE3_ECB_TYPE +#define ARC4_TYPE WC_ARC4_TYPE +#define NULL_CIPHER_TYPE WC_NULL_CIPHER_TYPE +#define EVP_PKEY_RSA WC_EVP_PKEY_RSA +#define EVP_PKEY_DSA WC_EVP_PKEY_DSA +#define EVP_PKEY_EC WC_EVP_PKEY_EC +#define AES_128_GCM_TYPE WC_AES_128_GCM_TYPE +#define AES_192_GCM_TYPE WC_AES_192_GCM_TYPE +#define AES_256_GCM_TYPE WC_AES_256_GCM_TYPE +#define EVP_PKEY_DH WC_EVP_PKEY_DH +#define EVP_PKEY_HMAC WC_EVP_PKEY_HMAC +#define EVP_PKEY_CMAC WC_EVP_PKEY_CMAC +#define EVP_PKEY_HKDF WC_EVP_PKEY_HKDF +#define EVP_PKEY_FALCON WC_EVP_PKEY_FALCON +#define EVP_PKEY_DILITHIUM WC_EVP_PKEY_DILITHIUM +#define AES_128_CFB1_TYPE WC_AES_128_CFB1_TYPE +#define AES_192_CFB1_TYPE WC_AES_192_CFB1_TYPE +#define AES_256_CFB1_TYPE WC_AES_256_CFB1_TYPE +#define AES_128_CFB8_TYPE WC_AES_128_CFB8_TYPE +#define AES_192_CFB8_TYPE WC_AES_192_CFB8_TYPE +#define AES_256_CFB8_TYPE WC_AES_256_CFB8_TYPE +#define AES_128_CFB128_TYPE WC_AES_128_CFB128_TYPE +#define AES_192_CFB128_TYPE WC_AES_192_CFB128_TYPE +#define AES_256_CFB128_TYPE WC_AES_256_CFB128_TYPE +#define AES_128_OFB_TYPE WC_AES_128_OFB_TYPE +#define AES_192_OFB_TYPE WC_AES_192_OFB_TYPE +#define AES_256_OFB_TYPE WC_AES_256_OFB_TYPE +#define AES_128_XTS_TYPE WC_AES_128_XTS_TYPE +#define AES_256_XTS_TYPE WC_AES_256_XTS_TYPE +#define CHACHA20_POLY1305_TYPE WC_CHACHA20_POLY1305_TYPE +#define CHACHA20_TYPE WC_CHACHA20_TYPE +#define AES_128_CCM_TYPE WC_AES_128_CCM_TYPE +#define AES_192_CCM_TYPE WC_AES_192_CCM_TYPE +#define AES_256_CCM_TYPE WC_AES_256_CCM_TYPE +#define SM4_ECB_TYPE WC_SM4_ECB_TYPE +#define SM4_CBC_TYPE WC_SM4_CBC_TYPE +#define SM4_CTR_TYPE WC_SM4_CTR_TYPE +#define SM4_GCM_TYPE WC_SM4_GCM_TYPE +#define SM4_CCM_TYPE WC_SM4_CCM_TYPE +#define ARIA_128_GCM_TYPE WC_ARIA_128_GCM_TYPE +#define ARIA_192_GCM_TYPE WC_ARIA_192_GCM_TYPE +#define ARIA_256_GCM_TYPE WC_ARIA_256_GCM_TYPE + +#define NID_aes_128_cbc WC_NID_aes_128_cbc +#define NID_aes_192_cbc WC_NID_aes_192_cbc +#define NID_aes_256_cbc WC_NID_aes_256_cbc +#define NID_aes_128_ccm WC_NID_aes_128_ccm +#define NID_aes_192_ccm WC_NID_aes_192_ccm +#define NID_aes_256_ccm WC_NID_aes_256_ccm +#define NID_aes_128_gcm WC_NID_aes_128_gcm +#define NID_aes_192_gcm WC_NID_aes_192_gcm +#define NID_aes_256_gcm WC_NID_aes_256_gcm +#define NID_aes_128_ctr WC_NID_aes_128_ctr +#define NID_aes_192_ctr WC_NID_aes_192_ctr +#define NID_aes_256_ctr WC_NID_aes_256_ctr +#define NID_aes_128_ecb WC_NID_aes_128_ecb +#define NID_aes_192_ecb WC_NID_aes_192_ecb +#define NID_aes_256_ecb WC_NID_aes_256_ecb +#define NID_des_cbc WC_NID_des_cbc +#define NID_des_ecb WC_NID_des_ecb +#define NID_des_ede3_cbc WC_NID_des_ede3_cbc +#define NID_des_ede3_ecb WC_NID_des_ede3_ecb +#define NID_aes_128_cfb1 WC_NID_aes_128_cfb1 +#define NID_aes_192_cfb1 WC_NID_aes_192_cfb1 +#define NID_aes_256_cfb1 WC_NID_aes_256_cfb1 +#define NID_aes_128_cfb8 WC_NID_aes_128_cfb8 +#define NID_aes_192_cfb8 WC_NID_aes_192_cfb8 +#define NID_aes_256_cfb8 WC_NID_aes_256_cfb8 +#define NID_aes_128_cfb128 WC_NID_aes_128_cfb128 +#define NID_aes_192_cfb128 WC_NID_aes_192_cfb128 +#define NID_aes_256_cfb128 WC_NID_aes_256_cfb128 +#define NID_aes_128_ofb WC_NID_aes_128_ofb +#define NID_aes_192_ofb WC_NID_aes_192_ofb +#define NID_aes_256_ofb WC_NID_aes_256_ofb +#define NID_aes_128_xts WC_NID_aes_128_xts +#define NID_aes_256_xts WC_NID_aes_256_xts +#define NID_camellia_128_cbc WC_NID_camellia_128_cbc +#define NID_camellia_256_cbc WC_NID_camellia_256_cbc +#define NID_chacha20_poly1305 WC_NID_chacha20_poly1305 +#define NID_chacha20 WC_NID_chacha20 +#define NID_sm4_ecb WC_NID_sm4_ecb +#define NID_sm4_cbc WC_NID_sm4_cbc +#define NID_sm4_ctr WC_NID_sm4_ctr +#define NID_sm4_gcm WC_NID_sm4_gcm +#define NID_sm4_ccm WC_NID_sm4_ccm +#define NID_md5WithRSA WC_NID_md5WithRSA +#define NID_md2WithRSAEncryption WC_NID_md2WithRSAEncryption +#define NID_md5WithRSAEncryption WC_NID_md5WithRSAEncryption +#define NID_dsaWithSHA1 WC_NID_dsaWithSHA1 +#define NID_dsaWithSHA1_2 WC_NID_dsaWithSHA1_2 +#define NID_sha1WithRSA WC_NID_sha1WithRSA +#define NID_sha1WithRSAEncryption WC_NID_sha1WithRSAEncryption +#define NID_sha224WithRSAEncryption WC_NID_sha224WithRSAEncryption +#define NID_sha256WithRSAEncryption WC_NID_sha256WithRSAEncryption +#define NID_sha384WithRSAEncryption WC_NID_sha384WithRSAEncryption +#define NID_sha512WithRSAEncryption WC_NID_sha512WithRSAEncryption +#define NID_RSA_SHA3_224 WC_NID_RSA_SHA3_224 +#define NID_RSA_SHA3_256 WC_NID_RSA_SHA3_256 +#define NID_RSA_SHA3_384 WC_NID_RSA_SHA3_384 +#define NID_RSA_SHA3_512 WC_NID_RSA_SHA3_512 +#define NID_rsassaPss WC_NID_rsassaPss +#define NID_ecdsa_with_SHA1 WC_NID_ecdsa_with_SHA1 +#define NID_ecdsa_with_SHA224 WC_NID_ecdsa_with_SHA224 +#define NID_ecdsa_with_SHA256 WC_NID_ecdsa_with_SHA256 +#define NID_ecdsa_with_SHA384 WC_NID_ecdsa_with_SHA384 +#define NID_ecdsa_with_SHA512 WC_NID_ecdsa_with_SHA512 +#define NID_ecdsa_with_SHA3_224 WC_NID_ecdsa_with_SHA3_224 +#define NID_ecdsa_with_SHA3_256 WC_NID_ecdsa_with_SHA3_256 +#define NID_ecdsa_with_SHA3_384 WC_NID_ecdsa_with_SHA3_384 +#define NID_ecdsa_with_SHA3_512 WC_NID_ecdsa_with_SHA3_512 +#define NID_dsa_with_SHA224 WC_NID_dsa_with_SHA224 +#define NID_dsa_with_SHA256 WC_NID_dsa_with_SHA256 +#define NID_sha3_224 WC_NID_sha3_224 +#define NID_sha3_256 WC_NID_sha3_256 +#define NID_sha3_384 WC_NID_sha3_384 +#define NID_sha3_512 WC_NID_sha3_512 +#define NID_blake2b512 WC_NID_blake2b512 +#define NID_blake2s256 WC_NID_blake2s256 +#define NID_shake128 WC_NID_shake128 +#define NID_shake256 WC_NID_shake256 +#define NID_sha1 WC_NID_sha1 +#define NID_sha224 WC_NID_sha224 +#define NID_sm3 WC_NID_sm3 +#define NID_md2 WC_NID_md2 +#define NID_md4 WC_NID_md4 +#define NID_md5 WC_NID_md5 +#define NID_hmac WC_NID_hmac +#define NID_hmacWithSHA1 WC_NID_hmacWithSHA1 +#define NID_hmacWithSHA224 WC_NID_hmacWithSHA224 +#define NID_hmacWithSHA256 WC_NID_hmacWithSHA256 +#define NID_hmacWithSHA384 WC_NID_hmacWithSHA384 +#define NID_hmacWithSHA512 WC_NID_hmacWithSHA512 +#define NID_hkdf WC_NID_hkdf +#define NID_cmac WC_NID_cmac +#define NID_dhKeyAgreement WC_NID_dhKeyAgreement +#define NID_ffdhe2048 WC_NID_ffdhe2048 +#define NID_ffdhe3072 WC_NID_ffdhe3072 +#define NID_ffdhe4096 WC_NID_ffdhe4096 +#define NID_rc4 WC_NID_rc4 +#define NID_bf_cbc WC_NID_bf_cbc +#define NID_bf_ecb WC_NID_bf_ecb +#define NID_bf_cfb64 WC_NID_bf_cfb64 +#define NID_bf_ofb64 WC_NID_bf_ofb64 +#define NID_cast5_cbc WC_NID_cast5_cbc +#define NID_cast5_ecb WC_NID_cast5_ecb +#define NID_cast5_cfb64 WC_NID_cast5_cfb64 +#define NID_cast5_ofb64 WC_NID_cast5_ofb64 +/* key exchange */ +#define NID_kx_rsa WC_NID_kx_rsa +#define NID_kx_ecdhe WC_NID_kx_ecdhe +#define NID_kx_dhe WC_NID_kx_dhe +#define NID_kx_ecdhe_psk WC_NID_kx_ecdhe_psk +#define NID_kx_dhe_psk WC_NID_kx_dhe_psk +#define NID_kx_rsa_psk WC_NID_kx_rsa_psk +#define NID_kx_psk WC_NID_kx_psk +#define NID_kx_srp WC_NID_kx_srp +#define NID_kx_gost WC_NID_kx_gost +#define NID_kx_any WC_NID_kx_any +/* server authentication */ +#define NID_auth_rsa WC_NID_auth_rsa +#define NID_auth_ecdsa WC_NID_auth_ecdsa +#define NID_auth_psk WC_NID_auth_psk +#define NID_auth_dss WC_NID_auth_dss +#define NID_auth_srp WC_NID_auth_srp +#define NID_auth_null WC_NID_auth_null +#define NID_auth_any WC_NID_auth_any +/* Curve */ +#define NID_aria_128_gcm WC_NID_aria_128_gcm +#define NID_aria_192_gcm WC_NID_aria_192_gcm +#define NID_aria_256_gcm WC_NID_aria_256_gcm +#define NID_sm2 WC_NID_sm2 + +#define NID_X9_62_id_ecPublicKey WC_NID_X9_62_id_ecPublicKey +#define NID_rsaEncryption WC_NID_rsaEncryption +#define NID_rsa WC_NID_rsa +#define NID_dsa WC_NID_dsa + +#define EVP_PKEY_OP_SIGN WC_EVP_PKEY_OP_SIGN +#define EVP_PKEY_OP_VERIFY WC_EVP_PKEY_OP_VERIFY +#define EVP_PKEY_OP_ENCRYPT WC_EVP_PKEY_OP_ENCRYPT +#define EVP_PKEY_OP_DECRYPT WC_EVP_PKEY_OP_DECRYPT +#define EVP_PKEY_OP_DERIVE WC_EVP_PKEY_OP_DERIVE + +#define EVP_PKEY_PRINT_INDENT_MAX WOLFSSL_EVP_PKEY_PRINT_INDENT_MAX + +#endif /* !OPENSSL_COEXIST */ + #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ @@ -918,6 +1126,29 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, const WOLFSSL_EVP_MD* type, WOLFSSL_ENGINE *impl); +#define WOLFSSL_EVP_CTRL_INIT 0x0 +#define WOLFSSL_EVP_CTRL_SET_KEY_LENGTH 0x1 +#define WOLFSSL_EVP_CTRL_SET_RC2_KEY_BITS 0x3 /* needed for qt compilation */ + +#define WOLFSSL_EVP_CTRL_AEAD_SET_IVLEN 0x9 +#define WOLFSSL_EVP_CTRL_AEAD_GET_TAG 0x10 +#define WOLFSSL_EVP_CTRL_AEAD_SET_TAG 0x11 +#define WOLFSSL_EVP_CTRL_AEAD_SET_IV_FIXED 0x12 +#define WOLFSSL_EVP_CTRL_GCM_IV_GEN 0x13 +#define WOLFSSL_EVP_CTRL_GCM_SET_IVLEN WOLFSSL_EVP_CTRL_AEAD_SET_IVLEN +#define WOLFSSL_EVP_CTRL_GCM_GET_TAG WOLFSSL_EVP_CTRL_AEAD_GET_TAG +#define WOLFSSL_EVP_CTRL_GCM_SET_TAG WOLFSSL_EVP_CTRL_AEAD_SET_TAG +#define WOLFSSL_EVP_CTRL_GCM_SET_IV_FIXED WOLFSSL_EVP_CTRL_AEAD_SET_IV_FIXED +#define WOLFSSL_EVP_CTRL_CCM_SET_IVLEN WOLFSSL_EVP_CTRL_AEAD_SET_IVLEN +#define WOLFSSL_EVP_CTRL_CCM_GET_TAG WOLFSSL_EVP_CTRL_AEAD_GET_TAG +#define WOLFSSL_EVP_CTRL_CCM_SET_TAG WOLFSSL_EVP_CTRL_AEAD_SET_TAG +#define WOLFSSL_EVP_CTRL_CCM_SET_L 0x14 +#define WOLFSSL_EVP_CTRL_CCM_SET_MSGLEN 0x15 + +#define WOLFSSL_NO_PADDING_BLOCK_SIZE 1 + +#ifndef OPENSSL_COEXIST + #define EVP_CIPH_STREAM_CIPHER WOLFSSL_EVP_CIPH_STREAM_CIPHER #define EVP_CIPH_VARIABLE_LENGTH WOLFSSL_EVP_CIPH_VARIABLE_LENGTH #define EVP_CIPH_ECB_MODE WOLFSSL_EVP_CIPH_ECB_MODE @@ -1179,7 +1410,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, #define OPENSSL_add_all_algorithms_noconf OpenSSL_add_all_algorithms_noconf #define OPENSSL_add_all_algorithms_conf OpenSSL_add_all_algorithms_conf -#define NO_PADDING_BLOCK_SIZE 1 +#define NO_PADDING_BLOCK_SIZE WOLFSSL_NO_PADDING_BLOCK_SIZE #define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1 #define PKCS5_PBKDF2_HMAC wolfSSL_PKCS5_PBKDF2_HMAC @@ -1190,20 +1421,20 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, #define EVP_CTRL_SET_KEY_LENGTH 0x1 #define EVP_CTRL_SET_RC2_KEY_BITS 0x3 /* needed for qt compilation */ -#define EVP_CTRL_AEAD_SET_IVLEN 0x9 -#define EVP_CTRL_AEAD_GET_TAG 0x10 -#define EVP_CTRL_AEAD_SET_TAG 0x11 -#define EVP_CTRL_AEAD_SET_IV_FIXED 0x12 -#define EVP_CTRL_GCM_IV_GEN 0x13 -#define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN -#define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG -#define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG -#define EVP_CTRL_GCM_SET_IV_FIXED EVP_CTRL_AEAD_SET_IV_FIXED -#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN -#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_AEAD_GET_TAG -#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_AEAD_SET_TAG -#define EVP_CTRL_CCM_SET_L 0x14 -#define EVP_CTRL_CCM_SET_MSGLEN 0x15 +#define EVP_CTRL_AEAD_SET_IVLEN WOLFSSL_EVP_CTRL_AEAD_SET_IVLEN +#define EVP_CTRL_AEAD_GET_TAG WOLFSSL_EVP_CTRL_AEAD_GET_TAG +#define EVP_CTRL_AEAD_SET_TAG WOLFSSL_EVP_CTRL_AEAD_SET_TAG +#define EVP_CTRL_AEAD_SET_IV_FIXED WOLFSSL_EVP_CTRL_AEAD_SET_IV_FIXED +#define EVP_CTRL_GCM_IV_GEN WOLFSSL_EVP_CTRL_GCM_IV_GEN +#define EVP_CTRL_GCM_SET_IVLEN WOLFSSL_EVP_CTRL_GCM_SET_IVLEN +#define EVP_CTRL_GCM_GET_TAG WOLFSSL_EVP_CTRL_GCM_GET_TAG +#define EVP_CTRL_GCM_SET_TAG WOLFSSL_EVP_CTRL_GCM_SET_TAG +#define EVP_CTRL_GCM_SET_IV_FIXED WOLFSSL_EVP_CTRL_GCM_SET_IV_FIXED +#define EVP_CTRL_CCM_SET_IVLEN WOLFSSL_EVP_CTRL_CCM_SET_IVLEN +#define EVP_CTRL_CCM_GET_TAG WOLFSSL_EVP_CTRL_CCM_GET_TAG +#define EVP_CTRL_CCM_SET_TAG WOLFSSL_EVP_CTRL_CCM_SET_TAG +#define EVP_CTRL_CCM_SET_L WOLFSSL_EVP_CTRL_CCM_SET_L +#define EVP_CTRL_CCM_SET_MSGLEN WOLFSSL_EVP_CTRL_CCM_SET_MSGLEN #define EVP_PKEY_print_public wolfSSL_EVP_PKEY_print_public #define EVP_PKEY_print_private(arg1, arg2, arg3, arg4) WC_DO_NOTHING @@ -1230,13 +1461,11 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, #endif -#define EVP_R_BAD_DECRYPT (-MIN_CODE_E + 100 + 1) -#define EVP_R_BN_DECODE_ERROR (-MIN_CODE_E + 100 + 2) -#define EVP_R_DECODE_ERROR (-MIN_CODE_E + 100 + 3) -#define EVP_R_PRIVATE_KEY_DECODE_ERROR (-MIN_CODE_E + 100 + 4) +#define EVP_R_BAD_DECRYPT (-WOLFSSL_EVP_R_BAD_DECRYPT_E) +#define EVP_R_BN_DECODE_ERROR (-WOLFSSL_EVP_R_BN_DECODE_ERROR) +#define EVP_R_DECODE_ERROR (-WOLFSSL_EVP_R_DECODE_ERROR) +#define EVP_R_PRIVATE_KEY_DECODE_ERROR (-WOLFSSL_EVP_R_PRIVATE_KEY_DECODE_ERROR) -#define EVP_PKEY_NONE NID_undef -#define EVP_PKEY_DH 28 #define EVP_CIPHER_mode WOLFSSL_EVP_CIPHER_mode /* WOLFSSL_EVP_CIPHER is just the string name of the cipher */ #define EVP_CIPHER_name(x) x @@ -1278,6 +1507,8 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, WOLFSSL_API void printPKEY(WOLFSSL_EVP_PKEY *k); +#endif /* !OPENSSL_COEXIST */ + #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ #ifdef __cplusplus diff --git a/wolfssl/openssl/hmac.h b/wolfssl/openssl/hmac.h index 71a473b4fc..1a2c30448f 100644 --- a/wolfssl/openssl/hmac.h +++ b/wolfssl/openssl/hmac.h @@ -67,6 +67,8 @@ WOLFSSL_API void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx); WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_HMAC_CTX_get_md(const WOLFSSL_HMAC_CTX *ctx); +#ifndef OPENSSL_COEXIST + typedef struct WOLFSSL_HMAC_CTX HMAC_CTX; #define HMAC wolfSSL_HMAC @@ -85,6 +87,7 @@ typedef struct WOLFSSL_HMAC_CTX HMAC_CTX; #define HMAC_size wolfSSL_HMAC_size #define HMAC_CTX_get_md wolfSSL_HMAC_CTX_get_md +#endif /* !OPENSSL_COEXIST */ #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/openssl/kdf.h b/wolfssl/openssl/kdf.h index 08d8327a77..295c99fced 100644 --- a/wolfssl/openssl/kdf.h +++ b/wolfssl/openssl/kdf.h @@ -26,9 +26,17 @@ extern "C" { #endif -#define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0 -#define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1 -#define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2 +#define WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0 +#define WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1 +#define WOLFSSL_EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2 + +#ifndef OPENSSL_COEXIST + +#define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND +#define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY +#define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY WOLFSSL_EVP_PKEY_HKDEF_MODE_EXPAND_ONLY + +#endif /* !OPENSSL_COEXIST */ #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/openssl/obj_mac.h b/wolfssl/openssl/obj_mac.h index b083f049dc..b4d4013c9a 100644 --- a/wolfssl/openssl/obj_mac.h +++ b/wolfssl/openssl/obj_mac.h @@ -27,20 +27,39 @@ extern "C" { #endif -#define NID_sect163k1 721 -#define NID_sect163r1 722 -#define NID_sect163r2 723 -#define NID_sect193r1 724 -#define NID_sect193r2 725 -#define NID_sect233k1 726 -#define NID_sect233r1 727 -#define NID_sect239k1 728 -#define NID_sect283k1 729 -#define NID_sect283r1 730 -#define NID_sect409k1 731 -#define NID_sect409r1 732 -#define NID_sect571k1 733 -#define NID_sect571r1 734 +#define WC_NID_sect163k1 721 +#define WC_NID_sect163r1 722 +#define WC_NID_sect163r2 723 +#define WC_NID_sect193r1 724 +#define WC_NID_sect193r2 725 +#define WC_NID_sect233k1 726 +#define WC_NID_sect233r1 727 +#define WC_NID_sect239k1 728 +#define WC_NID_sect283k1 729 +#define WC_NID_sect283r1 730 +#define WC_NID_sect409k1 731 +#define WC_NID_sect409r1 732 +#define WC_NID_sect571k1 733 +#define WC_NID_sect571r1 734 + +#ifndef OPENSSL_COEXIST + +#define NID_sect163k1 WC_NID_sect163k1 +#define NID_sect163r1 WC_NID_sect163r1 +#define NID_sect163r2 WC_NID_sect163r2 +#define NID_sect193r1 WC_NID_sect193r1 +#define NID_sect193r2 WC_NID_sect193r2 +#define NID_sect233k1 WC_NID_sect233k1 +#define NID_sect233r1 WC_NID_sect233r1 +#define NID_sect239k1 WC_NID_sect239k1 +#define NID_sect283k1 WC_NID_sect283k1 +#define NID_sect283r1 WC_NID_sect283r1 +#define NID_sect409k1 WC_NID_sect409k1 +#define NID_sect409r1 WC_NID_sect409r1 +#define NID_sect571k1 WC_NID_sect571k1 +#define NID_sect571r1 WC_NID_sect571r1 + +#endif /* !OPENSSL_COEXIST */ /* the definition is for Qt Unit test */ #define SN_jurisdictionCountryName "jurisdictionC" diff --git a/wolfssl/openssl/objects.h b/wolfssl/openssl/objects.h index 08640fbf67..1b6ce8043b 100644 --- a/wolfssl/openssl/objects.h +++ b/wolfssl/openssl/objects.h @@ -35,6 +35,11 @@ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#define WC_NID_ad_OCSP 178 +#define WC_NID_ad_ca_issuers 179 + +#ifndef OPENSSL_COEXIST + #define OBJ_NAME_TYPE_UNDEF WOLFSSL_OBJ_NAME_TYPE_UNDEF #define OBJ_NAME_TYPE_MD_METH WOLFSSL_OBJ_NAME_TYPE_MD_METH #define OBJ_NAME_TYPE_CIPHER_METH WOLFSSL_OBJ_NAME_TYPE_CIPHER_METH @@ -64,9 +69,10 @@ /* not required for wolfSSL */ #define OPENSSL_load_builtin_modules() WC_DO_NOTHING +#define NID_ad_OCSP WC_NID_ad_OCSP +#define NID_ad_ca_issuers WC_NID_ad_ca_issuers -#define NID_ad_OCSP 178 -#define NID_ad_ca_issuers 179 +#endif /* !OPENSSL_COEXIST */ #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ diff --git a/wolfssl/openssl/ocsp.h b/wolfssl/openssl/ocsp.h index 28eb1597aa..a6bae6684c 100644 --- a/wolfssl/openssl/ocsp.h +++ b/wolfssl/openssl/ocsp.h @@ -27,6 +27,8 @@ #ifdef HAVE_OCSP #include +#ifndef OPENSSL_COEXIST + #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\ defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) typedef OcspRequest OCSP_REQUEST; @@ -98,6 +100,8 @@ typedef WOLFSSL_OCSP_REQ_CTX OCSP_REQ_CTX; #define OCSP_REQ_CTX_nbio wolfSSL_OCSP_REQ_CTX_nbio #define OCSP_sendreq_nbio wolfSSL_OCSP_sendreq_nbio +#endif /* !OPENSSL_COEXIST */ + #endif /* HAVE_OCSP */ #endif /* WOLFSSL_OCSP_H_ */ diff --git a/wolfssl/openssl/pem.h b/wolfssl/openssl/pem.h index 8ecc02c6b1..8a7a6326ad 100644 --- a/wolfssl/openssl/pem.h +++ b/wolfssl/openssl/pem.h @@ -183,8 +183,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio, void* pass); #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) WOLFSSL_API -PKCS8_PRIV_KEY_INFO* wolfSSL_PEM_read_bio_PKCS8_PRIV_KEY_INFO(WOLFSSL_BIO* bio, - PKCS8_PRIV_KEY_INFO** key, wc_pem_password_cb* cb, void* arg); +WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_PEM_read_bio_PKCS8_PRIV_KEY_INFO(WOLFSSL_BIO* bio, + WOLFSSL_PKCS8_PRIV_KEY_INFO** key, wc_pem_password_cb* cb, void* arg); #endif WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_bio_PUBKEY(WOLFSSL_BIO* bio, @@ -233,6 +233,8 @@ WOLFSSL_API int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh); #endif /* NO_FILESYSTEM */ +#ifndef OPENSSL_COEXIST + #define PEM_BUFSIZE WOLF_PEM_BUFSIZE #define PEM_read wolfSSL_PEM_read @@ -289,6 +291,8 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh); #define PEM_write_bio_PKCS8_PRIV_KEY_INFO wolfSSL_PEM_write_bio_PKCS8_PRIV_KEY_INFO #define PEM_read_bio_PKCS8_PRIV_KEY_INFO wolfSSL_PEM_read_bio_PKCS8_PRIV_KEY_INFO +#endif /* !OPENSSL_COEXIST */ + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/wolfssl/openssl/pkcs12.h b/wolfssl/openssl/pkcs12.h index d82954da99..7da2b9833d 100644 --- a/wolfssl/openssl/pkcs12.h +++ b/wolfssl/openssl/pkcs12.h @@ -28,9 +28,15 @@ #ifndef WOLFSSL_PKCS12_COMPAT_H_ #define WOLFSSL_PKCS12_COMPAT_H_ -#define NID_pbe_WithSHA1AndDES_CBC 2 -#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 3 -#define NID_pbe_WithSHA1And128BitRC4 1 +#define WC_NID_pbe_WithSHA1AndDES_CBC 2 +#define WC_NID_pbe_WithSHA1And3_Key_TripleDES_CBC 3 +#define WC_NID_pbe_WithSHA1And128BitRC4 1 + +#ifndef OPENSSL_COEXIST + +#define NID_pbe_WithSHA1AndDES_CBC WC_NID_pbe_WithSHA1AndDES_CBC +#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC WC_NID_pbe_WithSHA1And3_Key_TripleDES_CBC +#define NID_pbe_WithSHA1And128BitRC4 WC_NID_pbe_WithSHA1And128BitRC4 #define PKCS12_DEFAULT_ITER WC_PKCS12_ITT_DEFAULT @@ -46,5 +52,6 @@ #define PKCS12_create wolfSSL_PKCS12_create #define PKCS12_PBE_add wolfSSL_PKCS12_PBE_add -#endif /* WOLFSSL_PKCS12_COMPAT_H_ */ +#endif /* !OPENSSL_COEXIST */ +#endif /* WOLFSSL_PKCS12_COMPAT_H_ */ diff --git a/wolfssl/openssl/rand.h b/wolfssl/openssl/rand.h index c88cd128f7..71d68101ef 100644 --- a/wolfssl/openssl/rand.h +++ b/wolfssl/openssl/rand.h @@ -21,9 +21,18 @@ /* rand.h for openSSL */ +#ifndef WOLFSSL_RAND_COMPAT_H_ +#define WOLFSSL_RAND_COMPAT_H_ + #include #include +#ifndef OPENSSL_COEXIST + typedef WOLFSSL_RAND_METHOD RAND_METHOD; #define RAND_set_rand_method wolfSSL_RAND_set_rand_method + +#endif /* !OPENSSL_COEXIST */ + +#endif /* WOLFSSL_RAND_COMPAT_H_ */ diff --git a/wolfssl/openssl/rsa.h b/wolfssl/openssl/rsa.h index 9311283976..6e5dcfa232 100644 --- a/wolfssl/openssl/rsa.h +++ b/wolfssl/openssl/rsa.h @@ -36,11 +36,19 @@ #endif #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) + +/* Padding types */ +#define WC_RSA_PKCS1_PADDING 0 +#define WC_RSA_PKCS1_OAEP_PADDING 1 +#define WC_RSA_PKCS1_PSS_PADDING 2 + +#ifndef OPENSSL_COEXIST + /* Padding types */ -#define RSA_PKCS1_PADDING 0 -#define RSA_PKCS1_OAEP_PADDING 1 -#define RSA_PKCS1_PSS_PADDING 2 -#define RSA_NO_PADDING 3 +#define RSA_PKCS1_PADDING WC_RSA_PKCS1_PADDING +#define RSA_PKCS1_OAEP_PADDING WC_RSA_PKCS1_OAEP_PADDING +#define RSA_PKCS1_PSS_PADDING WC_RSA_PKCS1_PSS_PADDING +#define RSA_NO_PADDING WC_RSA_NO_PAD /* Emulate OpenSSL flags */ #define RSA_METHOD_FLAG_NO_CHECK (1 << 1) @@ -62,6 +70,8 @@ #define RSA_PSS_SALTLEN_MAX (-3) #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST */ + typedef struct WOLFSSL_RSA_METHOD { /* Flags of RSA key implementation. */ int flags; @@ -102,10 +112,10 @@ typedef struct WOLFSSL_RSA { } WOLFSSL_RSA; #endif -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) typedef WOLFSSL_RSA RSA; typedef WOLFSSL_RSA_METHOD RSA_METHOD; -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new_ex(void* heap, int devId); WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new(void); @@ -191,12 +201,15 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup( #endif #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) -#define OPENSSL_RSA_MAX_MODULUS_BITS RSA_MAX_SIZE #define WOLFSSL_RSA_LOAD_PRIVATE 1 #define WOLFSSL_RSA_LOAD_PUBLIC 2 #define WOLFSSL_RSA_F4 0x10001L +#ifndef OPENSSL_COEXIST + +#define OPENSSL_RSA_MAX_MODULUS_BITS RSA_MAX_SIZE + #define RSA_new wolfSSL_RSA_new #define RSA_free wolfSSL_RSA_free @@ -247,6 +260,8 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup( #define OPENSSL_RSA_MAX_MODULUS_BITS RSA_MAX_SIZE #define OPENSSL_RSA_MAX_PUBEXP_BITS RSA_MAX_SIZE +#endif /* !OPENSSL_COEXIST */ + #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ #ifdef __cplusplus diff --git a/wolfssl/openssl/sha.h b/wolfssl/openssl/sha.h index f9bc1a5869..34a1962515 100644 --- a/wolfssl/openssl/sha.h +++ b/wolfssl/openssl/sha.h @@ -74,7 +74,7 @@ WOLFSSL_API int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX* sha, const void* input, WOLFSSL_API int wolfSSL_SHA1_Final(byte* output, WOLFSSL_SHA_CTX* sha); WOLFSSL_API int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX* sha, const unsigned char *data); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) enum { SHA_DIGEST_LENGTH = 20 }; @@ -99,7 +99,7 @@ typedef WOLFSSL_SHA_CTX SHA_CTX; #define SHA1_Final wolfSSL_SHA1_Final #define SHA1_Transform wolfSSL_SHA1_Transform -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #endif /* !NO_SHA */ @@ -125,7 +125,7 @@ WOLFSSL_API int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX* sha); WOLFSSL_API int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX* sha, const void* input, unsigned long sz); WOLFSSL_API int wolfSSL_SHA224_Final(byte* output, WOLFSSL_SHA224_CTX* sha); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) enum { SHA224_DIGEST_LENGTH = 28 }; @@ -142,7 +142,7 @@ typedef WOLFSSL_SHA224_CTX SHA224_CTX; * because of SHA224 enum in FIPS build. */ #define SHA224 wolfSSL_SHA224 #endif -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #endif /* WOLFSSL_SHA224 */ #ifndef NO_SHA256 @@ -168,7 +168,7 @@ WOLFSSL_API int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX* sha, const void* input WOLFSSL_API int wolfSSL_SHA256_Final(byte* output, WOLFSSL_SHA256_CTX* sha); WOLFSSL_API int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256, const unsigned char *data); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) enum { SHA256_DIGEST_LENGTH = 32 }; @@ -196,7 +196,7 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX; #define SHA256 wolfSSL_SHA256 #endif -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #endif /* !NO_SHA256 */ #ifdef WOLFSSL_SHA384 @@ -215,7 +215,7 @@ WOLFSSL_API int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX* sha); WOLFSSL_API int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX* sha, const void* input, unsigned long sz); WOLFSSL_API int wolfSSL_SHA384_Final(byte* output, WOLFSSL_SHA384_CTX* sha); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) enum { SHA384_DIGEST_LENGTH = 48 }; @@ -230,7 +230,7 @@ typedef WOLFSSL_SHA384_CTX SHA384_CTX; * build. */ #define SHA384 wolfSSL_SHA384 #endif -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #endif /* WOLFSSL_SHA384 */ @@ -252,7 +252,7 @@ WOLFSSL_API int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX* sha, WOLFSSL_API int wolfSSL_SHA512_Final(byte* output, WOLFSSL_SHA512_CTX* sha); WOLFSSL_API int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX* sha512, const unsigned char* data); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) enum { SHA512_DIGEST_LENGTH = 64 }; @@ -268,7 +268,7 @@ typedef WOLFSSL_SHA512_CTX SHA512_CTX; * build. */ #define SHA512 wolfSSL_SHA512 #endif -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #if !defined(WOLFSSL_NOSHA512_224) typedef struct WOLFSSL_SHA512_CTX WOLFSSL_SHA512_224_CTX; @@ -282,7 +282,7 @@ WOLFSSL_API int wolfSSL_SHA512_224_Final(byte* output, WOLFSSL_API int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX* sha512, const unsigned char* data); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) #define SHA512_224_Init wolfSSL_SHA512_224_Init #define SHA512_224_Update wolfSSL_SHA512_224_Update #define SHA512_224_Final wolfSSL_SHA512_224_Final @@ -291,7 +291,7 @@ WOLFSSL_API int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX* sha512, #if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #define SHA512_224 wolfSSL_SHA512_224 #endif -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #endif /* !WOLFSSL_NOSHA512_224 */ #if !defined(WOLFSSL_NOSHA512_256) @@ -305,7 +305,7 @@ WOLFSSL_API int wolfSSL_SHA512_256_Final(byte* output, WOLFSSL_SHA512_256_CTX* s WOLFSSL_API int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512, const unsigned char* data); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) #define SHA512_256_Init wolfSSL_SHA512_256_Init #define SHA512_256_Update wolfSSL_SHA512_256_Update #define SHA512_256_Final wolfSSL_SHA512_256_Final @@ -314,7 +314,7 @@ WOLFSSL_API int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512, #if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #define SHA512_256 wolfSSL_SHA512_256 #endif -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #endif /* !WOLFSSL_NOSHA512_256 */ diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index f6d29f0b75..8133a42ef1 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -75,6 +75,60 @@ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#ifndef WOLFCRYPT_ONLY + +#define WOLFSSL_ERR_LIB_SYS 2 +#define WOLFSSL_ERR_LIB_RSA 4 +#define WOLFSSL_ERR_LIB_PEM 9 +#define WOLFSSL_ERR_LIB_X509 10 +#define WOLFSSL_ERR_LIB_EVP 11 +#define WOLFSSL_ERR_LIB_ASN1 12 +#define WOLFSSL_ERR_LIB_DIGEST 13 +#define WOLFSSL_ERR_LIB_CIPHER 14 +#define WOLFSSL_ERR_LIB_USER 15 +#define WOLFSSL_ERR_LIB_EC 16 +#define WOLFSSL_ERR_LIB_SSL 20 +#define WOLFSSL_ERR_LIB_PKCS12 35 + +#endif + +#ifndef WOLFCRYPT_ONLY +#define WOLFSSL_PEMerr(func, reason) wolfSSL_ERR_put_error(WOLFSSL_ERR_LIB_PEM, \ + (func), (reason), __FILE__, __LINE__) +#else +#define WOLFSSL_PEMerr(func, reason) WOLFSSL_ERROR_LINE((reason), \ + NULL, __LINE__, __FILE__, NULL) +#endif +#ifndef WOLFCRYPT_ONLY +#define WOLFSSL_EVPerr(func, reason) wolfSSL_ERR_put_error(WOLFSSL_ERR_LIB_EVP, \ + (func), (reason), __FILE__, __LINE__) +#else +#define WOLFSSL_EVPerr(func, reason) WOLFSSL_ERROR_LINE((reason), \ + NULL, __LINE__, __FILE__, NULL) +#endif + +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ + +#define WOLFSSL_AD_UNRECOGNIZED_NAME unrecognized_name + +#define WOLFSSL_TLSEXT_STATUSTYPE_ocsp 1 + +#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ + defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) || \ + defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) || \ + defined(WOLFSSL_WPAS_SMALL) + +#define WOLFSSL_NPN_UNSUPPORTED 0 +#define WOLFSSL_NPN_NEGOTIATED 1 +#define WOLFSSL_NPN_NO_OVERLAP 2 + +#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || \ + WOLFSSL_MYSQL_COMPATIBLE || OPENSSL_EXTRA || \ + HAVE_LIGHTY || HAVE_STUNNEL || \ + WOLFSSL_WPAS_SMALL */ + +#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) + typedef WOLFSSL SSL; typedef WOLFSSL_SESSION SSL_SESSION; typedef WOLFSSL_METHOD SSL_METHOD; @@ -159,11 +213,11 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define CRYPTO_set_mem_functions wolfSSL_CRYPTO_set_mem_functions -/* depreciated */ +/* deprecated */ #define CRYPTO_thread_id wolfSSL_thread_id #define CRYPTO_set_id_callback wolfSSL_set_id_callback -#define CRYPTO_LOCK 0x01 +/* compat CRYPTO_LOCK is defined in wolfssl/ssl.h */ #define CRYPTO_UNLOCK 0x02 #define CRYPTO_READ 0x04 #define CRYPTO_WRITE 0x08 @@ -400,7 +454,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_SESSION_get_max_early_data wolfSSL_SESSION_get_max_early_data #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) - #define SSL_MODE_RELEASE_BUFFERS 0x00000010U + /* compat SSL_MODE_RELEASE_BUFFERS is defined in wolfssl/ssl.h */ #define ASN1_BOOLEAN WOLFSSL_ASN1_BOOLEAN #define X509_get_ext wolfSSL_X509_get_ext #define X509_get_ext_by_OBJ wolfSSL_X509_get_ext_by_OBJ @@ -1089,20 +1143,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define ERR_lib_error_string wolfSSL_ERR_lib_error_string #define ERR_load_BIO_strings wolfSSL_ERR_load_BIO_strings -#ifndef WOLFCRYPT_ONLY -#define PEMerr(func, reason) wolfSSL_ERR_put_error(ERR_LIB_PEM, \ - (func), (reason), __FILE__, __LINE__) -#else -#define PEMerr(func, reason) WOLFSSL_ERROR_LINE((reason), \ - NULL, __LINE__, __FILE__, NULL) -#endif -#ifndef WOLFCRYPT_ONLY -#define EVPerr(func, reason) wolfSSL_ERR_put_error(ERR_LIB_EVP, \ - (func), (reason), __FILE__, __LINE__) -#else -#define EVPerr(func, reason) WOLFSSL_ERROR_LINE((reason), \ - NULL, __LINE__, __FILE__, NULL) -#endif +#define PEMerr(func, reason) WOLFSSL_PEMerr(func, reason) +#define EVPerr(func, reason) WOLFSSL_EVPerr(func, reason) #define SSLv23_server_method wolfSSLv23_server_method #define SSL_CTX_set_options wolfSSL_CTX_set_options @@ -1280,7 +1322,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE; #define SSL_CTX_set_dh_auto wolfSSL_CTX_set_dh_auto #define SSL_CTX_set_tmp_dh wolfSSL_CTX_set_tmp_dh -#define TLSEXT_STATUSTYPE_ocsp 1 +#define TLSEXT_STATUSTYPE_ocsp WOLFSSL_TLSEXT_STATUSTYPE_ocsp #define TLSEXT_max_fragment_length_DISABLED WOLFSSL_MFL_DISABLED #define TLSEXT_max_fragment_length_512 WOLFSSL_MFL_2_9 @@ -1420,14 +1462,12 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE; #define SSL3_AD_BAD_CERTIFICATE bad_certificate #define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE -#define SSL_AD_UNRECOGNIZED_NAME unrecognized_name +#define SSL_AD_UNRECOGNIZED_NAME WOLFSSL_AD_UNRECOGNIZED_NAME #define SSL_AD_NO_RENEGOTIATION no_renegotiation #define SSL_AD_INTERNAL_ERROR 80 #define SSL_AD_NO_APPLICATION_PROTOCOL no_application_protocol #define SSL_AD_MISSING_EXTENSION missing_extension -#define ASN1_STRFLGS_ESC_MSB 4 - #define SSL_MAX_MASTER_KEY_LENGTH WOLFSSL_MAX_MASTER_KEY_LENGTH #define SSL_alert_desc_string_long wolfSSL_alert_desc_string_long @@ -1557,42 +1597,41 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE; #define PEM_F_PEM_DEF_CALLBACK 100 -/* Avoid wolfSSL error code range */ -#define PEM_R_NO_START_LINE (-MIN_CODE_E + 1) -#define PEM_R_PROBLEMS_GETTING_PASSWORD (-MIN_CODE_E + 2) -#define PEM_R_BAD_PASSWORD_READ (-MIN_CODE_E + 3) -#define PEM_R_BAD_DECRYPT (-MIN_CODE_E + 4) -#define ASN1_R_HEADER_TOO_LONG (-MIN_CODE_E + 5) - -#define ERR_LIB_SYS 2 -#define ERR_LIB_RSA 4 -#define ERR_LIB_PEM 9 -#define ERR_LIB_X509 10 -#define ERR_LIB_EVP 11 -#define ERR_LIB_ASN1 12 -#define ERR_LIB_DIGEST 13 -#define ERR_LIB_CIPHER 14 -#define ERR_LIB_USER 15 -#define ERR_LIB_EC 16 -#define ERR_LIB_SSL 20 -#define ERR_LIB_PKCS12 35 +#include + +#define PEM_R_NO_START_LINE (-WOLFSSL_PEM_R_NO_START_LINE_E) +#define PEM_R_PROBLEMS_GETTING_PASSWORD (-WOLFSSL_PEM_R_PROBLEMS_GETTING_PASSWORD_E) +#define PEM_R_BAD_PASSWORD_READ (-WOLFSSL_PEM_R_BAD_PASSWORD_READ_E) +#define PEM_R_BAD_DECRYPT (-WOLFSSL_PEM_R_BAD_DECRYPT_E) +#define ASN1_R_HEADER_TOO_LONG (-WOLFSSL_ASN1_R_HEADER_TOO_LONG_E) + +#define ERR_LIB_SYS WOLFSSL_ERR_LIB_SYS +#define ERR_LIB_RSA WOLFSSL_ERR_LIB_RSA +#define ERR_LIB_PEM WOLFSSL_ERR_LIB_PEM +#define ERR_LIB_X509 WOLFSSL_ERR_LIB_X509 +#define ERR_LIB_EVP WOLFSSL_ERR_LIB_EVP +#define ERR_LIB_ASN1 WOLFSSL_ERR_LIB_ASN1 +#define ERR_LIB_DIGEST WOLFSSL_ERR_LIB_DIGEST +#define ERR_LIB_CIPHER WOLFSSL_ERR_LIB_CIPHER +#define ERR_LIB_USER WOLFSSL_ERR_LIB_USER +#define ERR_LIB_EC WOLFSSL_ERR_LIB_EC +#define ERR_LIB_SSL WOLFSSL_ERR_LIB_SSL +#define ERR_LIB_PKCS12 WOLFSSL_ERR_LIB_PKCS12 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) || \ defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) || \ defined(WOLFSSL_WPAS_SMALL) -#include - #define OPENSSL_STRING WOLFSSL_STRING #define OPENSSL_CSTRING WOLFSSL_STRING #define TLSEXT_TYPE_application_layer_protocol_negotiation \ TLSXT_APPLICATION_LAYER_PROTOCOL -#define OPENSSL_NPN_UNSUPPORTED 0 -#define OPENSSL_NPN_NEGOTIATED 1 -#define OPENSSL_NPN_NO_OVERLAP 2 +#define OPENSSL_NPN_UNSUPPORTED WOLFSSL_NPN_UNSUPPORTED +#define OPENSSL_NPN_NEGOTIATED WOLFSSL_NPN_NEGOTIATED +#define OPENSSL_NPN_NO_OVERLAP WOLFSSL_NPN_NO_OVERLAP /* Nginx checks these to see if the error was a handshake error. */ #define SSL_R_BAD_CHANGE_CIPHER_SPEC LENGTH_ERROR @@ -1689,7 +1728,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE; #define ERR_NUM_ERRORS 16 #define SN_pkcs9_emailAddress "Email" #define LN_pkcs9_emailAddress "emailAddress" -#define NID_pkcs9_emailAddress 48 +#define NID_pkcs9_emailAddress WC_NID_pkcs9_emailAddress #define OBJ_pkcs9_emailAddress 1L,2L,840L,113539L,1L,9L,1L #define LN_basic_constraints "X509v3 Basic Constraints" @@ -1766,7 +1805,7 @@ typedef WOLFSSL_CONF_CTX SSL_CONF_CTX; #define SSL_CONF_cmd wolfSSL_CONF_cmd #define SSL_CONF_cmd_value_type wolfSSL_CONF_cmd_value_type -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#endif /* !OPENSSL_COEXIST && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #ifdef WOLFSSL_QUIC @@ -1781,11 +1820,19 @@ typedef WOLFSSL_CONF_CTX SSL_CONF_CTX; * SSL_CIPHER_get_id(cipher) * used by QUIC implementations, such as HAProxy */ -#define TLS1_3_CK_AES_128_GCM_SHA256 0x1301 -#define TLS1_3_CK_AES_256_GCM_SHA384 0x1302 -#define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x1303 -#define TLS1_3_CK_AES_128_CCM_SHA256 0x1304 -#define TLS1_3_CK_AES_128_CCM_8_SHA256 0x1305 +#define WOLF_TLS1_3_CK_AES_128_GCM_SHA256 0x1301 +#define WOLF_TLS1_3_CK_AES_256_GCM_SHA384 0x1302 +#define WOLF_TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x1303 +#define WOLF_TLS1_3_CK_AES_128_CCM_SHA256 0x1304 +#define WOLF_TLS1_3_CK_AES_128_CCM_8_SHA256 0x1305 + +#ifndef OPENSSL_COEXIST + +#define TLS1_3_CK_AES_128_GCM_SHA256 WOLF_TLS1_3_CK_AES_128_GCM_SHA256 +#define TLS1_3_CK_AES_256_GCM_SHA384 WOLF_TLS1_3_CK_AES_256_GCM_SHA384 +#define TLS1_3_CK_CHACHA20_POLY1305_SHA256 WOLF_TLS1_3_CK_CHACHA20_POLY1305_SHA256 +#define TLS1_3_CK_AES_128_CCM_SHA256 WOLF_TLS1_3_CK_AES_128_CCM_SHA256 +#define TLS1_3_CK_AES_128_CCM_8_SHA256 WOLF_TLS1_3_CK_AES_128_CCM_8_SHA256 #define SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION QUIC_TP_MISSING_E #define SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED QUIC_WRONG_ENC_LEVEL @@ -1827,6 +1874,8 @@ typedef WOLFSSL_ENCRYPTION_LEVEL OSSL_ENCRYPTION_LEVEL; int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c); */ +#endif /* !OPENSSL_COEXIST */ + #endif /* WOLFSSL_QUIC */ diff --git a/wolfssl/openssl/tls1.h b/wolfssl/openssl/tls1.h index 933ed5d093..1f8895c98c 100644 --- a/wolfssl/openssl/tls1.h +++ b/wolfssl/openssl/tls1.h @@ -45,10 +45,20 @@ #ifdef WOLFSSL_QUIC /* from rfc9001 */ +#define WOLFSSL_TLSEXT_TYPE_quic_transport_parameters_draft \ + TLSXT_KEY_QUIC_TP_PARAMS_DRAFT +#define WOLFSSL_TLSEXT_TYPE_quic_transport_parameters \ + TLSXT_KEY_QUIC_TP_PARAMS + +#ifndef OPENSSL_COEXIST + #define TLSEXT_TYPE_quic_transport_parameters_draft \ TLSXT_KEY_QUIC_TP_PARAMS_DRAFT #define TLSEXT_TYPE_quic_transport_parameters \ TLSXT_KEY_QUIC_TP_PARAMS -#endif + +#endif /* !OPENSSL_COEXIST */ + +#endif /* WOLFSSL_QUIC */ #endif /* WOLFSSL_OPENSSL_TLS1_H_ */ diff --git a/wolfssl/openssl/x509.h b/wolfssl/openssl/x509.h index eb03578e0c..1ba7d4ae28 100644 --- a/wolfssl/openssl/x509.h +++ b/wolfssl/openssl/x509.h @@ -33,41 +33,81 @@ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#define WOLFSSL_X509_FLAG_COMPAT (0UL) +#define WOLFSSL_X509_FLAG_NO_HEADER (1UL << 0) +#define WOLFSSL_X509_FLAG_NO_VERSION (1UL << 1) +#define WOLFSSL_X509_FLAG_NO_SERIAL (1UL << 2) +#define WOLFSSL_X509_FLAG_NO_SIGNAME (1UL << 3) +#define WOLFSSL_X509_FLAG_NO_ISSUER (1UL << 4) +#define WOLFSSL_X509_FLAG_NO_VALIDITY (1UL << 5) +#define WOLFSSL_X509_FLAG_NO_SUBJECT (1UL << 6) +#define WOLFSSL_X509_FLAG_NO_PUBKEY (1UL << 7) +#define WOLFSSL_X509_FLAG_NO_EXTENSIONS (1UL << 8) +#define WOLFSSL_X509_FLAG_NO_SIGDUMP (1UL << 9) +#define WOLFSSL_X509_FLAG_NO_AUX (1UL << 10) +#define WOLFSSL_X509_FLAG_NO_ATTRIBUTES (1UL << 11) +#define WOLFSSL_X509_FLAG_NO_IDS (1UL << 12) + +#define WOLFSSL_XN_FLAG_FN_SN 0 +#define WOLFSSL_XN_FLAG_COMPAT 0 +#define WOLFSSL_XN_FLAG_RFC2253 1 +#define WOLFSSL_XN_FLAG_SEP_COMMA_PLUS (1 << 16) +#define WOLFSSL_XN_FLAG_SEP_CPLUS_SPC (2 << 16) +#define WOLFSSL_XN_FLAG_SEP_SPLUS_SPC (3 << 16) +#define WOLFSSL_XN_FLAG_SEP_MULTILINE (4 << 16) +#define WOLFSSL_XN_FLAG_SEP_MASK (0xF << 16) +#define WOLFSSL_XN_FLAG_DN_REV (1 << 20) +#define WOLFSSL_XN_FLAG_FN_LN (1 << 21) +#define WOLFSSL_XN_FLAG_FN_OID (2 << 21) +#define WOLFSSL_XN_FLAG_FN_NONE (3 << 21) +#define WOLFSSL_XN_FLAG_FN_MASK (3 << 21) +#define WOLFSSL_XN_FLAG_SPC_EQ (1 << 23) +#define WOLFSSL_XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) +#define WOLFSSL_XN_FLAG_FN_ALIGN (1 << 25) + +#define WOLFSSL_XN_FLAG_MULTILINE 0xFFFF +#define WOLFSSL_XN_FLAG_ONELINE (WOLFSSL_XN_FLAG_SEP_CPLUS_SPC | WOLFSSL_XN_FLAG_SPC_EQ | WOLFSSL_XN_FLAG_FN_SN) + +#define WOLFSSL_X509_V_ERR_CRL_HAS_EXPIRED 12 +#define WOLFSSL_X509_V_ERR_UNABLE_TO_GET_CRL 3 + +#ifndef OPENSSL_COEXIST + /* wolfSSL_X509_print_ex flags */ -#define X509_FLAG_COMPAT (0UL) -#define X509_FLAG_NO_HEADER (1UL << 0) -#define X509_FLAG_NO_VERSION (1UL << 1) -#define X509_FLAG_NO_SERIAL (1UL << 2) -#define X509_FLAG_NO_SIGNAME (1UL << 3) -#define X509_FLAG_NO_ISSUER (1UL << 4) -#define X509_FLAG_NO_VALIDITY (1UL << 5) -#define X509_FLAG_NO_SUBJECT (1UL << 6) -#define X509_FLAG_NO_PUBKEY (1UL << 7) -#define X509_FLAG_NO_EXTENSIONS (1UL << 8) -#define X509_FLAG_NO_SIGDUMP (1UL << 9) -#define X509_FLAG_NO_AUX (1UL << 10) -#define X509_FLAG_NO_ATTRIBUTES (1UL << 11) -#define X509_FLAG_NO_IDS (1UL << 12) - -#define XN_FLAG_FN_SN 0 -#define XN_FLAG_COMPAT 0 -#define XN_FLAG_RFC2253 1 -#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) -#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) -#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) -#define XN_FLAG_SEP_MULTILINE (4 << 16) -#define XN_FLAG_SEP_MASK (0xF << 16) -#define XN_FLAG_DN_REV (1 << 20) -#define XN_FLAG_FN_LN (1 << 21) -#define XN_FLAG_FN_OID (2 << 21) -#define XN_FLAG_FN_NONE (3 << 21) -#define XN_FLAG_FN_MASK (3 << 21) -#define XN_FLAG_SPC_EQ (1 << 23) -#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) -#define XN_FLAG_FN_ALIGN (1 << 25) - -#define XN_FLAG_MULTILINE 0xFFFF -#define XN_FLAG_ONELINE (XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ | XN_FLAG_FN_SN) +#define X509_FLAG_COMPAT WOLFSSL_X509_FLAG_COMPAT +#define X509_FLAG_NO_HEADER WOLFSSL_X509_FLAG_NO_HEADER +#define X509_FLAG_NO_VERSION WOLFSSL_X509_FLAG_NO_VERSION +#define X509_FLAG_NO_SERIAL WOLFSSL_X509_FLAG_NO_SERIAL +#define X509_FLAG_NO_SIGNAME WOLFSSL_X509_FLAG_NO_SIGNAME +#define X509_FLAG_NO_ISSUER WOLFSSL_X509_FLAG_NO_ISSUER +#define X509_FLAG_NO_VALIDITY WOLFSSL_X509_FLAG_NO_VALIDITY +#define X509_FLAG_NO_SUBJECT WOLFSSL_X509_FLAG_NO_SUBJECT +#define X509_FLAG_NO_PUBKEY WOLFSSL_X509_FLAG_NO_PUBKEY +#define X509_FLAG_NO_EXTENSIONS WOLFSSL_X509_FLAG_NO_EXTENSIONS +#define X509_FLAG_NO_SIGDUMP WOLFSSL_X509_FLAG_NO_SIGDUMP +#define X509_FLAG_NO_AUX WOLFSSL_X509_FLAG_NO_AUX +#define X509_FLAG_NO_ATTRIBUTES WOLFSSL_X509_FLAG_NO_ATTRIBUTES +#define X509_FLAG_NO_IDS WOLFSSL_X509_FLAG_NO_IDS + +#define XN_FLAG_FN_SN WOLFSSL_XN_FLAG_FN_SN +#define XN_FLAG_COMPAT WOLFSSL_XN_FLAG_COMPAT +#define XN_FLAG_RFC2253 WOLFSSL_XN_FLAG_RFC2253 +#define XN_FLAG_SEP_COMMA_PLUS WOLFSSL_XN_FLAG_SEP_COMMA_PLUS +#define XN_FLAG_SEP_CPLUS_SPC WOLFSSL_XN_FLAG_SEP_CPLUS_SPC +#define XN_FLAG_SEP_SPLUS_SPC WOLFSSL_XN_FLAG_SEP_SPLUS_SPC +#define XN_FLAG_SEP_MULTILINE WOLFSSL_XN_FLAG_SEP_MULTILINE +#define XN_FLAG_SEP_MASK WOLFSSL_XN_FLAG_SEP_MASK +#define XN_FLAG_DN_REV WOLFSSL_XN_FLAG_DN_REV +#define XN_FLAG_FN_LN WOLFSSL_XN_FLAG_FN_LN +#define XN_FLAG_FN_OID WOLFSSL_XN_FLAG_FN_OID +#define XN_FLAG_FN_NONE WOLFSSL_XN_FLAG_FN_NONE +#define XN_FLAG_FN_MASK WOLFSSL_XN_FLAG_FN_MASK +#define XN_FLAG_SPC_EQ WOLFSSL_XN_FLAG_SPC_EQ +#define XN_FLAG_DUMP_UNKNOWN_FIELDS WOLFSSL_XN_FLAG_DUMP_UNKNOWN_FIELDS +#define XN_FLAG_FN_ALIGN WOLFSSL_XN_FLAG_FN_ALIGN + +#define XN_FLAG_MULTILINE WOLFSSL_XN_FLAG_MULTILINE +#define XN_FLAG_ONELINE WOLFSSL_XN_FLAG_ONELINE /* * All of these aren't actually used in wolfSSL. Some are included to @@ -80,7 +120,7 @@ #define X509_V_OK 0 #define X509_V_ERR_UNSPECIFIED 1 #define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 -#define X509_V_ERR_UNABLE_TO_GET_CRL 3 +#define X509_V_ERR_UNABLE_TO_GET_CRL WOLFSSL_X509_V_ERR_UNABLE_TO_GET_CRL #define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 #define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 #define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 @@ -89,7 +129,7 @@ #define X509_V_ERR_CERT_NOT_YET_VALID 9 #define X509_V_ERR_CERT_HAS_EXPIRED 10 #define X509_V_ERR_CRL_NOT_YET_VALID 11 -#define X509_V_ERR_CRL_HAS_EXPIRED 12 +#define X509_V_ERR_CRL_HAS_EXPIRED WOLFSSL_X509_V_ERR_CRL_HAS_EXPIRED #define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 #define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 #define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 @@ -194,6 +234,8 @@ #define X509_EXTENSION_set_object wolfSSL_X509_EXTENSION_set_object #define X509_EXTENSION_set_data wolfSSL_X509_EXTENSION_set_data +#endif /* !OPENSSL_COEXIST */ + #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ #endif /* WOLFSSL_OPENSSL_509_H_ */ diff --git a/wolfssl/openssl/x509v3.h b/wolfssl/openssl/x509v3.h index 401f8e83f1..e5d2574f4d 100644 --- a/wolfssl/openssl/x509v3.h +++ b/wolfssl/openssl/x509v3.h @@ -73,12 +73,12 @@ typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long); typedef void *(*X509V3_EXT_D2I)(void *, unsigned char **, long); #endif typedef int (*X509V3_EXT_I2D) (void *, unsigned char **); -typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) ( +typedef WOLF_STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) ( struct WOLFSSL_v3_ext_method *method, - void *ext, STACK_OF(CONF_VALUE) *extlist); + void *ext, WOLF_STACK_OF(CONF_VALUE) *extlist); typedef char *(*X509V3_EXT_I2S)(struct WOLFSSL_v3_ext_method *method, void *ext); typedef int (*X509V3_EXT_I2R) (struct WOLFSSL_v3_ext_method *method, - void *ext, BIO *out, int indent); + void *ext, WOLFSSL_BIO *out, int indent); typedef struct WOLFSSL_v3_ext_method X509V3_EXT_METHOD; struct WOLFSSL_v3_ext_method { @@ -95,22 +95,36 @@ struct WOLFSSL_v3_ext_method { struct WOLFSSL_X509_EXTENSION { WOLFSSL_ASN1_OBJECT *obj; WOLFSSL_ASN1_BOOLEAN crit; - ASN1_OCTET_STRING value; /* DER format of extension */ + WOLFSSL_ASN1_STRING value; /* DER format of extension */ WOLFSSL_v3_ext_method ext_method; WOLFSSL_STACK* ext_sk; /* For extension specific data */ }; #define WOLFSSL_ASN1_BOOLEAN int -#define GEN_OTHERNAME 0 -#define GEN_EMAIL 1 -#define GEN_DNS 2 -#define GEN_X400 3 -#define GEN_DIRNAME 4 -#define GEN_EDIPARTY 5 -#define GEN_URI 6 -#define GEN_IPADD 7 -#define GEN_RID 8 -#define GEN_IA5 9 + +#define WOLFSSL_GEN_OTHERNAME 0 +#define WOLFSSL_GEN_EMAIL 1 +#define WOLFSSL_GEN_DNS 2 +#define WOLFSSL_GEN_X400 3 +#define WOLFSSL_GEN_DIRNAME 4 +#define WOLFSSL_GEN_EDIPARTY 5 +#define WOLFSSL_GEN_URI 6 +#define WOLFSSL_GEN_IPADD 7 +#define WOLFSSL_GEN_RID 8 +#define WOLFSSL_GEN_IA5 9 + +#ifndef OPENSSL_COEXIST + +#define GEN_OTHERNAME WOLFSSL_GEN_OTHERNAME +#define GEN_EMAIL WOLFSSL_GEN_EMAIL +#define GEN_DNS WOLFSSL_GEN_DNS +#define GEN_X400 WOLFSSL_GEN_X400 +#define GEN_DIRNAME WOLFSSL_GEN_DIRNAME +#define GEN_EDIPARTY WOLFSSL_GEN_EDIPARTY +#define GEN_URI WOLFSSL_GEN_URI +#define GEN_IPADD WOLFSSL_GEN_IPADD +#define GEN_RID WOLFSSL_GEN_RID +#define GEN_IA5 WOLFSSL_GEN_IA5 #define GENERAL_NAME WOLFSSL_GENERAL_NAME @@ -121,6 +135,9 @@ struct WOLFSSL_X509_EXTENSION { typedef struct WOLFSSL_AUTHORITY_KEYID AUTHORITY_KEYID; typedef struct WOLFSSL_BASIC_CONSTRAINTS BASIC_CONSTRAINTS; typedef struct WOLFSSL_ACCESS_DESCRIPTION ACCESS_DESCRIPTION; + +#endif /* !OPENSSL_COEXIST */ + typedef WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION) WOLFSSL_AUTHORITY_INFO_ACCESS; WOLFSSL_API WOLFSSL_BASIC_CONSTRAINTS* wolfSSL_BASIC_CONSTRAINTS_new(void); diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 4bbdf6565c..e721c71a10 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -76,8 +76,26 @@ #endif #endif +#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) + #include + #ifndef WOLFCRYPT_ONLY + #include + #endif + #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT) + #include + #endif +#endif + #ifdef OPENSSL_COEXIST - /* mode to allow wolfSSL and OpenSSL to exist together */ + /* mode to allow wolfSSL and OpenSSL to coexist without symbol conflicts */ + + #ifndef NO_OLD_SSL_NAMES + #define NO_OLD_SSL_NAMES + #endif + #ifndef NO_OLD_WC_NAMES + #define NO_OLD_WC_NAMES + #endif + #ifdef TEST_OPENSSL_COEXIST /* ./configure --enable-opensslcoexist \ @@ -94,20 +112,13 @@ #endif #elif (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) - #include #include - #ifndef WOLFCRYPT_ONLY - #include - #endif - #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT) - #include - #endif /* We need the old SSL names */ - #ifdef NO_OLD_SSL_NAMES + #if defined(NO_OLD_SSL_NAMES) && !defined(OPENSSL_COEXIST) #undef NO_OLD_SSL_NAMES #endif - #ifdef NO_OLD_WC_NAMES + #if defined(NO_OLD_WC_NAMES) && !defined(OPENSSL_COEXIST) #undef NO_OLD_WC_NAMES #endif #endif @@ -136,14 +147,14 @@ typedef struct WOLFSSL_STACK WOLFSSL_LHASH; #define DECLARE_STACK_OF(x) WOLF_STACK_OF(x); #endif -#ifndef WOLFSSL_WOLFSSL_TYPE_DEFINED -#define WOLFSSL_WOLFSSL_TYPE_DEFINED +#ifndef WOLFSSL_TYPE_DEFINED +#define WOLFSSL_TYPE_DEFINED typedef struct WOLFSSL WOLFSSL; #endif typedef struct WOLFSSL_SESSION WOLFSSL_SESSION; typedef struct WOLFSSL_METHOD WOLFSSL_METHOD; -#ifndef WOLFSSL_WOLFSSL_CTX_TYPE_DEFINED -#define WOLFSSL_WOLFSSL_CTX_TYPE_DEFINED +#ifndef WOLFSSL_CTX_TYPE_DEFINED +#define WOLFSSL_CTX_TYPE_DEFINED typedef struct WOLFSSL_CTX WOLFSSL_CTX; #endif @@ -172,11 +183,8 @@ typedef struct WOLFSSL_BY_DIR WOLFSSL_BY_DIR; #include - -#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */ -typedef struct WOLFSSL_RSA WOLFSSL_RSA; -#define WOLFSSL_RSA_TYPE_DEFINED -#endif +/* The WOLFSSL_RSA type is required in all build configurations. */ +#include #ifndef WC_RNG_TYPE_DEFINED /* guard on redeclaration */ typedef struct WC_RNG WC_RNG; @@ -243,6 +251,70 @@ typedef int (*WOLFSSL_X509_STORE_CTX_get_crl_cb)(WOLFSSL_X509_STORE_CTX *, typedef int (*WOLFSSL_X509_STORE_CTX_check_crl_cb)(WOLFSSL_X509_STORE_CTX *, WOLFSSL_X509_CRL *); +#define WOLFSSL_V_ASN1_INTEGER 0x02 +#define WOLFSSL_V_ASN1_NEG 0x100 +#define WOLFSSL_V_ASN1_NEG_INTEGER (2 | WOLFSSL_V_ASN1_NEG) +#define WOLFSSL_V_ASN1_NEG_ENUMERATED (10 | WOLFSSL_V_ASN1_NEG) + +/* Type for ASN1_print_ex */ +#define WOLFSSL_ASN1_STRFLGS_ESC_2253 1 +#define WOLFSSL_ASN1_STRFLGS_ESC_CTRL 2 +#define WOLFSSL_ASN1_STRFLGS_ESC_MSB 4 +#define WOLFSSL_ASN1_STRFLGS_ESC_QUOTE 8 +#define WOLFSSL_ASN1_STRFLGS_UTF8_CONVERT 0x10 +#define WOLFSSL_ASN1_STRFLGS_IGNORE_TYPE 0x20 +#define WOLFSSL_ASN1_STRFLGS_SHOW_TYPE 0x40 +#define WOLFSSL_ASN1_STRFLGS_DUMP_ALL 0x80 +#define WOLFSSL_ASN1_STRFLGS_DUMP_UNKNOWN 0x100 +#define WOLFSSL_ASN1_STRFLGS_DUMP_DER 0x200 +#define WOLFSSL_ASN1_STRFLGS_RFC2253 (WOLFSSL_ASN1_STRFLGS_ESC_2253 | \ + WOLFSSL_ASN1_STRFLGS_ESC_CTRL | \ + WOLFSSL_ASN1_STRFLGS_ESC_MSB | \ + WOLFSSL_ASN1_STRFLGS_UTF8_CONVERT | \ + WOLFSSL_ASN1_STRFLGS_DUMP_UNKNOWN | \ + WOLFSSL_ASN1_STRFLGS_DUMP_DER) + +#define WOLFSSL_MBSTRING_UTF8 0x1000 +#define WOLFSSL_MBSTRING_ASC 0x1001 +#define WOLFSSL_MBSTRING_BMP 0x1002 +#define WOLFSSL_MBSTRING_UNIV 0x1004 + +#define WOLFSSL_V_ASN1_EOC 0 +#define WOLFSSL_V_ASN1_BOOLEAN 1 +#define WOLFSSL_V_ASN1_OCTET_STRING 4 +#define WOLFSSL_V_ASN1_NULL 5 +#define WOLFSSL_V_ASN1_OBJECT 6 +#define WOLFSSL_V_ASN1_UTF8STRING 12 +#define WOLFSSL_V_ASN1_SEQUENCE 16 +#define WOLFSSL_V_ASN1_SET 17 +#define WOLFSSL_V_ASN1_PRINTABLESTRING 19 +#define WOLFSSL_V_ASN1_T61STRING 20 +#define WOLFSSL_V_ASN1_IA5STRING 22 +#define WOLFSSL_V_ASN1_UTCTIME 23 +#define WOLFSSL_V_ASN1_GENERALIZEDTIME 24 +#define WOLFSSL_V_ASN1_UNIVERSALSTRING 28 +#define WOLFSSL_V_ASN1_BMPSTRING 30 + + +#define WOLFSSL_V_ASN1_CONSTRUCTED 0x20 + +#define WOLFSSL_ASN1_STRING_FLAG_BITS_LEFT 0x008 +#define WOLFSSL_ASN1_STRING_FLAG_NDEF 0x010 +#define WOLFSSL_ASN1_STRING_FLAG_CONT 0x020 +#define WOLFSSL_ASN1_STRING_FLAG_MSTRING 0x040 +#define WOLFSSL_ASN1_STRING_FLAG_EMBED 0x080 + +/* X.509 PKI size limits from RFC2459 (appendix A) */ +/* internally our limit is CTC_NAME_SIZE (64) - overridden with WC_CTC_NAME_SIZE */ +#define WOLFSSL_ub_name CTC_NAME_SIZE /* 32768 */ +#define WOLFSSL_ub_common_name CTC_NAME_SIZE /* 64 */ +#define WOLFSSL_ub_locality_name CTC_NAME_SIZE /* 128 */ +#define WOLFSSL_ub_state_name CTC_NAME_SIZE /* 128 */ +#define WOLFSSL_ub_organization_name CTC_NAME_SIZE /* 64 */ +#define WOLFSSL_ub_organization_unit_name CTC_NAME_SIZE /* 64 */ +#define WOLFSSL_ub_title CTC_NAME_SIZE /* 64 */ +#define WOLFSSL_ub_email_address CTC_NAME_SIZE /* 128 */ + #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || defined(HAVE_CURL) struct WOLFSSL_OBJ_NAME { @@ -460,7 +532,7 @@ struct WOLFSSL_X509_INFO { int num; }; -#define WOLFSSL_EVP_PKEY_DEFAULT EVP_PKEY_RSA /* default key type */ +#define WOLFSSL_EVP_PKEY_DEFAULT WC_EVP_PKEY_RSA /* default key type */ #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) #define wolfSSL_SSL_MODE_RELEASE_BUFFERS 0x00000010U @@ -496,7 +568,8 @@ enum BIO_FLAGS { WOLFSSL_BIO_FLAG_READ = 0x02, WOLFSSL_BIO_FLAG_WRITE = 0x04, WOLFSSL_BIO_FLAG_IO_SPECIAL = 0x08, - WOLFSSL_BIO_FLAG_RETRY = 0x10 + WOLFSSL_BIO_FLAG_RETRY = 0x10, + WOLFSSL_BIO_FLAG_MEM_RDONLY = 0x200 }; enum BIO_CB_OPS { @@ -2435,6 +2508,83 @@ enum { #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED) + + /* Errors used in wolfSSL. utilize the values from the defines in + * wolfssl/openssl/x509.h, but without the WOLFSSL_ prefix. + */ +enum { + WOLFSSL_X509_V_OK = 0, + WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE = 7, + WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID = 9, + WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED = 10, + WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 13, + WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 14, + WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 18, + WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 20, + WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 21, + WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG = 22, + WOLFSSL_X509_V_ERR_CERT_REVOKED = 23, + WOLFSSL_X509_V_ERR_INVALID_CA = 24, + WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED = 25, + WOLFSSL_X509_V_ERR_CERT_REJECTED = 28, + WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 29, + +#ifdef HAVE_OCSP + /* OCSP Flags */ + WOLFSSL_OCSP_NOCERTS = 1, + WOLFSSL_OCSP_NOINTERN = 2, + WOLFSSL_OCSP_NOSIGS = 4, + WOLFSSL_OCSP_NOCHAIN = 8, + WOLFSSL_OCSP_NOVERIFY = 16, + WOLFSSL_OCSP_NOEXPLICIT = 32, + WOLFSSL_OCSP_NOCASIGN = 64, + WOLFSSL_OCSP_NODELEGATED = 128, + WOLFSSL_OCSP_NOCHECKS = 256, + WOLFSSL_OCSP_TRUSTOTHER = 512, + WOLFSSL_OCSP_RESPID_KEY = 1024, + WOLFSSL_OCSP_NOTIME = 2048, +#endif + + WOLFSSL_ST_CONNECT = 0x1000, + WOLFSSL_ST_ACCEPT = 0x2000, + WOLFSSL_ST_MASK = 0x0FFF, + + WOLFSSL_CB_LOOP = 0x01, + WOLFSSL_CB_EXIT = 0x02, + WOLFSSL_CB_READ = 0x04, + WOLFSSL_CB_WRITE = 0x08, + WOLFSSL_CB_HANDSHAKE_START = 0x10, + WOLFSSL_CB_HANDSHAKE_DONE = 0x20, + WOLFSSL_CB_ALERT = 0x4000, + WOLFSSL_CB_READ_ALERT = (WOLFSSL_CB_ALERT | WOLFSSL_CB_READ), + WOLFSSL_CB_WRITE_ALERT = (WOLFSSL_CB_ALERT | WOLFSSL_CB_WRITE), + WOLFSSL_CB_ACCEPT_LOOP = (WOLFSSL_ST_ACCEPT | WOLFSSL_CB_LOOP), + WOLFSSL_CB_ACCEPT_EXIT = (WOLFSSL_ST_ACCEPT | WOLFSSL_CB_EXIT), + WOLFSSL_CB_CONNECT_LOOP = (WOLFSSL_ST_CONNECT | WOLFSSL_CB_LOOP), + WOLFSSL_CB_CONNECT_EXIT = (WOLFSSL_ST_CONNECT | WOLFSSL_CB_EXIT), + WOLFSSL_CB_MODE_READ = 1, + WOLFSSL_CB_MODE_WRITE = 2, + + WOLFSSL_MODE_ENABLE_PARTIAL_WRITE = 2, + WOLFSSL_MODE_AUTO_RETRY = 3, /* wolfSSL default is to return WANT_{READ|WRITE} + * to the user. This is set by default with + * OPENWOLFSSL_COMPATIBLE_DEFAULTS. The macro + * WOLFWOLFSSL_MODE_AUTO_RETRY_ATTEMPTS is used to + * limit the possibility of an infinite retry loop + */ + WOLFSSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */ + + WOLFSSL_CRYPTO_LOCK = 1, + WOLFSSL_CRYPTO_NUM_LOCKS = 10 +}; + +#define WOLFSSL_NOTHING 1 +#define WOLFSSL_WRITING 2 +#define WOLFSSL_READING 3 +#define WOLFSSL_MAX_SSL_SESSION_ID_LENGTH 32 /* = ID_LEN */ + +#ifndef OPENSSL_COEXIST + /* for compatibility these must be macros */ #define SSL_OP_MICROSOFT_SESS_ID_BUG WOLFSSL_OP_MICROSOFT_SESS_ID_BUG @@ -2479,81 +2629,57 @@ enum { SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3) -#define SSL_NOTHING 1 -#define SSL_WRITING 2 -#define SSL_READING 3 -#define SSL_MAX_SSL_SESSION_ID_LENGTH 32 /* = ID_LEN */ +#define SSL_NOTHING WOLFSSL_NOTHING +#define SSL_WRITING WOLFSSL_WRITING +#define SSL_READING WOLFSSL_READING +#define SSL_MAX_SSL_SESSION_ID_LENGTH WOLFSSL_MAX_SSL_SESSION_ID_LENGTH -enum { #ifdef HAVE_OCSP /* OCSP Flags */ - OCSP_NOCERTS = 1, - OCSP_NOINTERN = 2, - OCSP_NOSIGS = 4, - OCSP_NOCHAIN = 8, - OCSP_NOVERIFY = 16, - OCSP_NOEXPLICIT = 32, - OCSP_NOCASIGN = 64, - OCSP_NODELEGATED = 128, - OCSP_NOCHECKS = 256, - OCSP_TRUSTOTHER = 512, - OCSP_RESPID_KEY = 1024, - OCSP_NOTIME = 2048, -#endif - - SSL_ST_CONNECT = 0x1000, - SSL_ST_ACCEPT = 0x2000, - SSL_ST_MASK = 0x0FFF, - - SSL_CB_LOOP = 0x01, - SSL_CB_EXIT = 0x02, - SSL_CB_READ = 0x04, - SSL_CB_WRITE = 0x08, - SSL_CB_HANDSHAKE_START = 0x10, - SSL_CB_HANDSHAKE_DONE = 0x20, - SSL_CB_ALERT = 0x4000, - SSL_CB_READ_ALERT = (SSL_CB_ALERT | SSL_CB_READ), - SSL_CB_WRITE_ALERT = (SSL_CB_ALERT | SSL_CB_WRITE), - SSL_CB_ACCEPT_LOOP = (SSL_ST_ACCEPT | SSL_CB_LOOP), - SSL_CB_ACCEPT_EXIT = (SSL_ST_ACCEPT | SSL_CB_EXIT), - SSL_CB_CONNECT_LOOP = (SSL_ST_CONNECT | SSL_CB_LOOP), - SSL_CB_CONNECT_EXIT = (SSL_ST_CONNECT | SSL_CB_EXIT), - SSL_CB_MODE_READ = 1, - SSL_CB_MODE_WRITE = 2, - - SSL_MODE_ENABLE_PARTIAL_WRITE = 2, - SSL_MODE_AUTO_RETRY = 3, /* wolfSSL default is to return WANT_{READ|WRITE} - * to the user. This is set by default with - * OPENSSL_COMPATIBLE_DEFAULTS. The macro - * WOLFSSL_MODE_AUTO_RETRY_ATTEMPTS is used to - * limit the possibility of an infinite retry loop - */ - SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */ - /* Errors used in wolfSSL. utilize the values from the defines in - * wolfssl/openssl/x509.h, but without the WOLFSSL_ prefix. - */ - WOLFSSL_X509_V_OK = 0, - WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE = 7, - WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID = 9, - WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED = 10, - WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 13, - WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 14, - WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 18, - WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 20, - WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 21, - WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG = 22, - WOLFSSL_X509_V_ERR_CERT_REVOKED = 23, - WOLFSSL_X509_V_ERR_INVALID_CA = 24, - WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED = 25, - WOLFSSL_X509_V_ERR_CERT_REJECTED = 28, - WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 29, - - CRYPTO_LOCK = 1, - CRYPTO_NUM_LOCKS = 10, - - ASN1_STRFLGS_ESC_MSB = 4 -}; -#endif +#define OCSP_NOCERTS WOLFSSL_OCSP_NOCERTS +#define OCSP_NOINTERN WOLFSSL_OCSP_NOINTERN +#define OCSP_NOSIGS WOLFSSL_OCSP_NOSIGS +#define OCSP_NOCHAIN WOLFSSL_OCSP_NOCHAIN +#define OCSP_NOVERIFY WOLFSSL_OCSP_NOVERIFY +#define OCSP_NOEXPLICIT WOLFSSL_OCSP_NOEXPLICIT +#define OCSP_NOCASIGN WOLFSSL_OCSP_NOCASIGN +#define OCSP_NODELEGATED WOLFSSL_OCSP_NODELEGATED +#define OCSP_NOCHECKS WOLFSSL_OCSP_NOCHECKS +#define OCSP_TRUSTOTHER WOLFSSL_OCSP_TRUSTOTHER +#define OCSP_RESPID_KEY WOLFSSL_OCSP_RESPID_KEY +#define OCSP_NOTIME WOLFSSL_OCSP_NOTIME +#endif + +#define SSL_ST_CONNECT WOLFSSL_ST_CONNECT +#define SSL_ST_ACCEPT WOLFSSL_ST_ACCEPT +#define SSL_ST_MASK WOLFSSL_ST_MASK + +#define SSL_CB_LOOP WOLFSSL_CB_LOOP +#define SSL_CB_EXIT WOLFSSL_CB_EXIT +#define SSL_CB_READ WOLFSSL_CB_READ +#define SSL_CB_WRITE WOLFSSL_CB_WRITE +#define SSL_CB_HANDSHAKE_START WOLFSSL_CB_HANDSHAKE_START +#define SSL_CB_HANDSHAKE_DONE WOLFSSL_CB_HANDSHAKE_DONE +#define SSL_CB_ALERT WOLFSSL_CB_ALERT +#define SSL_CB_READ_ALERT WOLFSSL_CB_READ_ALERT +#define SSL_CB_WRITE_ALERT WOLFSSL_CB_WRITE_ALERT +#define SSL_CB_ACCEPT_LOOP WOLFSSL_CB_ACCEPT_LOOP +#define SSL_CB_ACCEPT_EXIT WOLFSSL_CB_ACCEPT_EXIT +#define SSL_CB_CONNECT_LOOP WOLFSSL_CB_CONNECT_LOOP +#define SSL_CB_CONNECT_EXIT WOLFSSL_CB_CONNECT_EXIT +#define SSL_CB_MODE_READ WOLFSSL_CB_MODE_READ +#define SSL_CB_MODE_WRITE WOLFSSL_CB_MODE_WRITE + +#define SSL_MODE_ENABLE_PARTIAL_WRITE WOLFSSL_MODE_ENABLE_PARTIAL_WRITE +#define SSL_MODE_AUTO_RETRY WOLFSSL_MODE_AUTO_RETRY +#define SSL_MODE_RELEASE_BUFFERS WOLFSSL_MODE_RELEASE_BUFFERS + +#define CRYPTO_LOCK WOLFSSL_CRYPTO_LOCK +#define CRYPTO_NUM_LOCKS WOLFSSL_CRYPTO_NUM_LOCKS + +#endif /* !OPENSSL_COEXIST */ + +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || HAVE_WEBSERVER || HAVE_MEMCACHED */ /* extras end */ @@ -2776,8 +2902,11 @@ enum { /* ssl Constants */ /* extra begins */ #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) enum { /* ERR Constants */ - ERR_TXT_STRING = 1 + WOLFSSL_ERR_TXT_STRING = 1 }; +#ifndef OPENSSL_COEXIST +#define ERR_TXT_STRING WOLFSSL_ERR_TXT_STRING +#endif #endif #ifdef OPENSSL_EXTRA /* bio misc */ @@ -4698,7 +4827,7 @@ WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX #ifndef NO_FILESYSTEM WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_INFO)* wolfSSL_PEM_X509_INFO_read( XFILE fp, WOLF_STACK_OF(WOLFSSL_X509_INFO)* sk, - pem_password_cb* cb, void* u); + wc_pem_password_cb* cb, void* u); #endif WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_INFO)* wolfSSL_PEM_X509_INFO_read_bio( WOLFSSL_BIO* bio, WOLF_STACK_OF(WOLFSSL_X509_INFO)* sk, @@ -5214,11 +5343,11 @@ WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s); WOLFSSL_API int wolfSSL_SSL_do_handshake(WOLFSSL *s); #ifdef OPENSSL_EXTRA WOLFSSL_API int wolfSSL_OPENSSL_init_ssl(word64 opts, - const OPENSSL_INIT_SETTINGS *settings); -WOLFSSL_API OPENSSL_INIT_SETTINGS* wolfSSL_OPENSSL_INIT_new(void); -WOLFSSL_API void wolfSSL_OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS* init); + const WOLFSSL_INIT_SETTINGS *settings); +WOLFSSL_API WOLFSSL_INIT_SETTINGS* wolfSSL_OPENSSL_INIT_new(void); +WOLFSSL_API void wolfSSL_OPENSSL_INIT_free(WOLFSSL_INIT_SETTINGS* init); WOLFSSL_API int wolfSSL_OPENSSL_INIT_set_config_appname( - OPENSSL_INIT_SETTINGS* init, char* appname); + WOLFSSL_INIT_SETTINGS* init, char* appname); #endif #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L WOLFSSL_API int wolfSSL_SSL_in_init(const WOLFSSL* ssl); @@ -5372,8 +5501,14 @@ WOLFSSL_API WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a long length); WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a); WOLFSSL_API int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp); -WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength)); -WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); +WOLFSSL_API void WOLFSSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength)); +#ifndef OPENSSL_COEXIST +#define SSL_CTX_set_tmp_dh_callback WOLFSSL_CTX_set_tmp_dh_callback +#endif +WOLFSSL_API WOLF_STACK_OF(WOLFSSL_COMP) *WOLFSSL_COMP_get_compression_methods(void); +#ifndef OPENSSL_COEXIST +#define SSL_COMP_get_compression_methods WOLFSSL_COMP_get_compression_methods +#endif WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str, const char *file, const char *dir); WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509_CRL *x); WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const WOLF_STACK_OF(WOLFSSL_CIPHER)* p); @@ -5383,7 +5518,10 @@ WOLFSSL_API void wolfSSL_sk_SSL_CIPHER_free(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk); WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st); WOLFSSL_API int wolfSSL_sk_SSL_COMP_num(WOLF_STACK_OF(WOLFSSL_COMP)* sk); WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(WOLFSSL_STACK* sk, int i); -WOLFSSL_API void ERR_load_SSL_strings(void); +WOLFSSL_API void wolfSSL_ERR_load_SSL_strings(void); +#ifndef OPENSSL_COEXIST +#define ERR_load_SSL_strings wolfSSL_ERR_load_SSL_strings +#endif WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p); WOLFSSL_API const char *wolfSSL_ASN1_tag2str(int tag); @@ -5406,7 +5544,7 @@ WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* pkey, const WOLFSSL_EVP_CIPHER* enc, char* passwd, int passwdSz, wc_pem_password_cb* cb, void* ctx); WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS8_PRIV_KEY_INFO(WOLFSSL_BIO* bio, - PKCS8_PRIV_KEY_INFO* keyInfo); + WOLFSSL_PKCS8_PRIV_KEY_INFO* keyInfo); #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) WOLFSSL_API int wolfSSL_PEM_write_PKCS8PrivateKey( XFILE fp, WOLFSSL_EVP_PKEY* pkey, const WOLFSSL_EVP_CIPHER* enc, diff --git a/wolfssl/test.h b/wolfssl/test.h index bbe7d0fbe8..12597fb54a 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -29,6 +29,12 @@ #define wolfSSL_TEST_H #include + +#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */ +#if defined(OPENSSL_EXTRA) && defined(OPENSSL_COEXIST) + #error "Example apps built with OPENSSL_EXTRA can't also be built with OPENSSL_COEXIST." +#endif + #include #ifdef FUSION_RTOS diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 11803d6b60..b6ee0ba785 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -809,79 +809,156 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[]; #define WOLFSSL_MAX_NAME_CONSTRAINTS 128 #endif +#define WC_NID_undef 0 + #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) /* NIDs */ -#define NID_undef 0 -#define NID_netscape_cert_type NID_undef -#define NID_des 66 -#define NID_des3 67 -#define NID_sha256 672 -#define NID_sha384 673 -#define NID_sha512 674 -#define NID_sha512_224 1094 -#define NID_sha512_256 1095 -#define NID_pkcs7_signed 22 -#define NID_pkcs7_enveloped 23 -#define NID_pkcs7_signedAndEnveloped 24 -#define NID_pkcs9_unstructuredName 49 -#define NID_pkcs9_contentType 50 /* 1.2.840.113549.1.9.3 */ -#define NID_pkcs9_challengePassword 54 -#define NID_hw_name_oid 73 -#define NID_id_pkix_OCSP_basic 74 -#define NID_any_policy 75 -#define NID_anyExtendedKeyUsage 76 -#define NID_givenName 100 /* 2.5.4.42 */ -#define NID_initials 101 /* 2.5.4.43 */ -#define NID_title 106 -#define NID_description 107 -#define NID_basic_constraints 133 -#define NID_key_usage 129 /* 2.5.29.15 */ -#define NID_ext_key_usage 151 /* 2.5.29.37 */ -#define NID_subject_key_identifier 128 -#define NID_authority_key_identifier 149 -#define NID_private_key_usage_period 130 /* 2.5.29.16 */ -#define NID_subject_alt_name 131 -#define NID_issuer_alt_name 132 -#define NID_info_access 69 -#define NID_sinfo_access 79 /* id-pe 11 */ -#define NID_name_constraints 144 /* 2.5.29.30 */ -#define NID_crl_distribution_points 145 /* 2.5.29.31 */ -#define NID_certificate_policies 146 -#define NID_policy_mappings 147 -#define NID_policy_constraints 150 -#define NID_inhibit_any_policy 168 /* 2.5.29.54 */ -#define NID_tlsfeature 1020 /* id-pe 24 */ -#define NID_buildingName 1494 - -#define NID_dnQualifier 174 /* 2.5.4.46 */ -#define NID_commonName 14 /* CN Changed to not conflict +#define WC_NID_netscape_cert_type WC_NID_undef +#define WC_NID_des 66 +#define WC_NID_des3 67 +#define WC_NID_sha256 672 +#define WC_NID_sha384 673 +#define WC_NID_sha512 674 +#define WC_NID_sha512_224 1094 +#define WC_NID_sha512_256 1095 +#define WC_NID_pkcs7_signed 22 +#define WC_NID_pkcs7_enveloped 23 +#define WC_NID_pkcs7_signedAndEnveloped 24 +#define WC_NID_pkcs9_emailAddress 48 +#define WC_NID_pkcs9_unstructuredName 49 +#define WC_NID_pkcs9_contentType 50 /* 1.2.840.113549.1.9.3 */ +#define WC_NID_pkcs9_challengePassword 54 +#define WC_NID_hw_name_oid 73 +#define WC_NID_id_pkix_OCSP_basic 74 +#define WC_NID_any_policy 75 +#define WC_NID_anyExtendedKeyUsage 76 +#define WC_NID_givenName 100 /* 2.5.4.42 */ +#define WC_NID_initials 101 /* 2.5.4.43 */ +#define WC_NID_title 106 +#define WC_NID_description 107 +#define WC_NID_basic_constraints 133 +#define WC_NID_key_usage 129 /* 2.5.29.15 */ +#define WC_NID_ext_key_usage 151 /* 2.5.29.37 */ +#define WC_NID_subject_key_identifier 128 +#define WC_NID_authority_key_identifier 149 +#define WC_NID_private_key_usage_period 130 /* 2.5.29.16 */ +#define WC_NID_subject_alt_name 131 +#define WC_NID_issuer_alt_name 132 +#define WC_NID_info_access 69 +#define WC_NID_sinfo_access 79 /* id-pe 11 */ +#define WC_NID_name_constraints 144 /* 2.5.29.30 */ +#define WC_NID_crl_distribution_points 145 /* 2.5.29.31 */ +#define WC_NID_certificate_policies 146 +#define WC_NID_policy_mappings 147 +#define WC_NID_policy_constraints 150 +#define WC_NID_inhibit_any_policy 168 /* 2.5.29.54 */ +#define WC_NID_tlsfeature 1020 /* id-pe 24 */ +#define WC_NID_buildingName 1494 + +#define WC_NID_dnQualifier 174 /* 2.5.4.46 */ +#define WC_NID_commonName 14 /* CN Changed to not conflict * with PBE_SHA1_DES3 */ -#define NID_name 173 /* N , OID = 2.5.4.41 */ -#define NID_surname 0x04 /* SN */ -#define NID_serialNumber 0x05 /* serialNumber */ -#define NID_countryName 0x06 /* C */ -#define NID_localityName 0x07 /* L */ -#define NID_stateOrProvinceName 0x08 /* ST */ -#define NID_streetAddress ASN_STREET_ADDR /* street */ -#define NID_organizationName 0x0a /* O */ -#define NID_organizationalUnitName 0x0b /* OU */ -#define NID_jurisdictionCountryName 0xc -#define NID_jurisdictionStateOrProvinceName 0xd -#define NID_businessCategory ASN_BUS_CAT -#define NID_domainComponent ASN_DOMAIN_COMPONENT -#define NID_postalCode ASN_POSTAL_CODE /* postalCode */ -#define NID_favouriteDrink 462 -#define NID_userId 458 -#define NID_emailAddress 0x30 /* emailAddress */ -#define NID_id_on_dnsSRV 82 /* 1.3.6.1.5.5.7.8.7 */ -#define NID_ms_upn 265 /* 1.3.6.1.4.1.311.20.2.3 */ - -#define NID_X9_62_prime_field 406 /* 1.2.840.10045.1.1 */ -#endif /* OPENSSL_EXTRA */ - -#define NID_id_GostR3410_2001 811 -#define NID_id_GostR3410_2012_256 979 -#define NID_id_GostR3410_2012_512 980 +#define WC_NID_name 173 /* N , OID = 2.5.4.41 */ +#define WC_NID_surname 0x04 /* SN */ +#define WC_NID_serialNumber 0x05 /* serialNumber */ +#define WC_NID_countryName 0x06 /* C */ +#define WC_NID_localityName 0x07 /* L */ +#define WC_NID_stateOrProvinceName 0x08 /* ST */ +#define WC_NID_streetAddress ASN_STREET_ADDR /* street */ +#define WC_NID_organizationName 0x0a /* O */ +#define WC_NID_organizationalUnitName 0x0b /* OU */ +#define WC_NID_jurisdictionCountryName 0xc +#define WC_NID_jurisdictionStateOrProvinceName 0xd +#define WC_NID_businessCategory ASN_BUS_CAT +#define WC_NID_domainComponent ASN_DOMAIN_COMPONENT +#define WC_NID_postalCode ASN_POSTAL_CODE /* postalCode */ +#define WC_NID_favouriteDrink 462 +#define WC_NID_userId 458 +#define WC_NID_emailAddress 0x30 /* emailAddress */ +#define WC_NID_id_on_dnsSRV 82 /* 1.3.6.1.5.5.7.8.7 */ +#define WC_NID_ms_upn 265 /* 1.3.6.1.4.1.311.20.2.3 */ + +#define WC_NID_X9_62_prime_field 406 /* 1.2.840.10045.1.1 */ + +#define WC_NID_id_GostR3410_2001 811 +#define WC_NID_id_GostR3410_2012_256 979 +#define WC_NID_id_GostR3410_2012_512 980 + +#ifndef OPENSSL_COEXIST + +#define NID_undef WC_NID_undef +#define NID_netscape_cert_type WC_NID_netscape_cert_type +#define NID_des WC_NID_des +#define NID_des3 WC_NID_des3 +#define NID_sha256 WC_NID_sha256 +#define NID_sha384 WC_NID_sha384 +#define NID_sha512 WC_NID_sha512 +#define NID_sha512_224 WC_NID_sha512_224 +#define NID_sha512_256 WC_NID_sha512_256 +#define NID_pkcs7_signed WC_NID_pkcs7_signed +#define NID_pkcs7_enveloped WC_NID_pkcs7_enveloped +#define NID_pkcs7_signedAndEnveloped WC_NID_pkcs7_signedAndEnveloped +#define NID_pkcs9_unstructuredName WC_NID_pkcs9_unstructuredName +#define NID_pkcs9_contentType WC_NID_pkcs9_contentType +#define NID_pkcs9_challengePassword WC_NID_pkcs9_challengePassword +#define NID_hw_name_oid WC_NID_hw_name_oid +#define NID_id_pkix_OCSP_basic WC_NID_id_pkix_OCSP_basic +#define NID_any_policy WC_NID_any_policy +#define NID_anyExtendedKeyUsage WC_NID_anyExtendedKeyUsage +#define NID_givenName WC_NID_givenName +#define NID_initials WC_NID_initials +#define NID_title WC_NID_title +#define NID_description WC_NID_description +#define NID_basic_constraints WC_NID_basic_constraints +#define NID_key_usage WC_NID_key_usage +#define NID_ext_key_usage WC_NID_ext_key_usage +#define NID_subject_key_identifier WC_NID_subject_key_identifier +#define NID_authority_key_identifier WC_NID_authority_key_identifier +#define NID_private_key_usage_period WC_NID_private_key_usage_period +#define NID_subject_alt_name WC_NID_subject_alt_name +#define NID_issuer_alt_name WC_NID_issuer_alt_name +#define NID_info_access WC_NID_info_access +#define NID_sinfo_access WC_NID_sinfo_access +#define NID_name_constraints WC_NID_name_constraints +#define NID_crl_distribution_points WC_NID_crl_distribution_points +#define NID_certificate_policies WC_NID_certificate_policies +#define NID_policy_mappings WC_NID_policy_mappings +#define NID_policy_constraints WC_NID_policy_constraints +#define NID_inhibit_any_policy WC_NID_inhibit_any_policy +#define NID_tlsfeature WC_NID_tlsfeature +#define NID_buildingName WC_NID_buildingName + +#define NID_dnQualifier WC_NID_dnQualifier +#define NID_commonName WC_NID_commonName +#define NID_name WC_NID_name +#define NID_surname WC_NID_surname +#define NID_serialNumber WC_NID_serialNumber +#define NID_countryName WC_NID_countryName +#define NID_localityName WC_NID_localityName +#define NID_stateOrProvinceName WC_NID_stateOrProvinceName +#define NID_streetAddress WC_NID_streetAddress +#define NID_organizationName WC_NID_organizationName +#define NID_organizationalUnitName WC_NID_organizationalUnitName +#define NID_jurisdictionCountryName WC_NID_jurisdictionCountryName +#define NID_jurisdictionStateOrProvinceName WC_NID_jurisdictionStateOrProvinceName +#define NID_businessCategory WC_NID_businessCategory +#define NID_domainComponent WC_NID_domainComponent +#define NID_postalCode WC_NID_postalCode +#define NID_favouriteDrink WC_NID_favouriteDrink +#define NID_userId WC_NID_userId +#define NID_emailAddress WC_NID_emailAddress +#define NID_id_on_dnsSRV WC_NID_id_on_dnsSRV +#define NID_ms_upn WC_NID_ms_upn + +#define NID_X9_62_prime_field WC_NID_X9_62_prime_field + +#define NID_id_GostR3410_2001 WC_NID_id_GostR3410_2001 +#define NID_id_GostR3410_2012_256 WC_NID_id_GostR3410_2012_256 +#define NID_id_GostR3410_2012_512 WC_NID_id_GostR3410_2012_512 + +#endif /* !OPENSSL_COEXIST */ + +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ enum ECC_TYPES { diff --git a/wolfssl/wolfcrypt/pkcs7.h b/wolfssl/wolfcrypt/pkcs7.h index 80c687b051..4b086cc6b4 100644 --- a/wolfssl/wolfcrypt/pkcs7.h +++ b/wolfssl/wolfcrypt/pkcs7.h @@ -202,37 +202,42 @@ typedef struct PKCS7DecodedAttrib { typedef struct PKCS7State PKCS7State; typedef struct Pkcs7Cert Pkcs7Cert; typedef struct Pkcs7EncodedRecip Pkcs7EncodedRecip; -typedef struct PKCS7 PKCS7; -typedef struct PKCS7 PKCS7_SIGNED; typedef struct PKCS7SignerInfo PKCS7SignerInfo; +typedef struct wc_PKCS7 wc_PKCS7; +typedef struct wc_PKCS7 wc_PKCS7_SIGNED; + +#ifndef OPENSSL_COEXIST +#define PKCS7 wc_PKCS7 +#define PKCS7_SIGNED wc_PKCS7_SIGNED +#endif /* OtherRecipientInfo decrypt callback prototype */ -typedef int (*CallbackOriDecrypt)(PKCS7* pkcs7, byte* oriType, word32 oriTypeSz, +typedef int (*CallbackOriDecrypt)(wc_PKCS7* pkcs7, byte* oriType, word32 oriTypeSz, byte* oriValue, word32 oriValueSz, byte* decryptedKey, word32* decryptedKeySz, void* ctx); -typedef int (*CallbackOriEncrypt)(PKCS7* pkcs7, byte* cek, word32 cekSz, +typedef int (*CallbackOriEncrypt)(wc_PKCS7* pkcs7, byte* cek, word32 cekSz, byte* oriType, word32* oriTypeSz, byte* oriValue, word32* oriValueSz, void* ctx); -typedef int (*CallbackDecryptContent)(PKCS7* pkcs7, int encryptOID, +typedef int (*CallbackDecryptContent)(wc_PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, word32 authTagSz, byte* in, int inSz, byte* out, void* ctx); -typedef int (*CallbackWrapCEK)(PKCS7* pkcs7, byte* cek, word32 cekSz, +typedef int (*CallbackWrapCEK)(wc_PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId, word32 keyIdSz, byte* originKey, word32 originKeySz, byte* out, word32 outSz, int keyWrapAlgo, int type, int dir); /* Callbacks for supporting different stream cases */ -typedef int (*CallbackGetContent)(PKCS7* pkcs7, byte** content, void* ctx); -typedef int (*CallbackStreamOut)(PKCS7* pkcs7, const byte* output, +typedef int (*CallbackGetContent)(wc_PKCS7* pkcs7, byte** content, void* ctx); +typedef int (*CallbackStreamOut)(wc_PKCS7* pkcs7, const byte* output, word32 outputSz, void* ctx); #if defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA) /* RSA sign raw digest callback, user builds DigestInfo */ -typedef int (*CallbackRsaSignRawDigest)(PKCS7* pkcs7, byte* digest, +typedef int (*CallbackRsaSignRawDigest)(wc_PKCS7* pkcs7, byte* digest, word32 digestSz, byte* out, word32 outSz, byte* privateKey, word32 privateKeySz, int devId, int hashOID); @@ -241,7 +246,7 @@ typedef int (*CallbackRsaSignRawDigest)(PKCS7* pkcs7, byte* digest, /* Public Structure Warning: * Existing members must not be changed to maintain backwards compatibility! */ -struct PKCS7 { +struct wc_PKCS7 { WC_RNG* rng; PKCS7Attrib* signedAttribs; byte* content; /* inner content, not owner */ @@ -370,55 +375,55 @@ struct PKCS7 { /* !! NEW DATA MEMBERS MUST BE ADDED AT END !! */ }; -WOLFSSL_API PKCS7* wc_PKCS7_New(void* heap, int devId); +WOLFSSL_API wc_PKCS7* wc_PKCS7_New(void* heap, int devId); #ifdef WC_ASN_UNKNOWN_EXT_CB - WOLFSSL_API void wc_PKCS7_SetUnknownExtCallback(PKCS7* pkcs7, + WOLFSSL_API void wc_PKCS7_SetUnknownExtCallback(wc_PKCS7* pkcs7, wc_UnknownExtCallback cb); #endif -WOLFSSL_API int wc_PKCS7_Init(PKCS7* pkcs7, void* heap, int devId); -WOLFSSL_API int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* der, word32 derSz); -WOLFSSL_API int wc_PKCS7_AddCertificate(PKCS7* pkcs7, byte* der, word32 derSz); -WOLFSSL_API void wc_PKCS7_Free(PKCS7* pkcs7); +WOLFSSL_API int wc_PKCS7_Init(wc_PKCS7* pkcs7, void* heap, int devId); +WOLFSSL_API int wc_PKCS7_InitWithCert(wc_PKCS7* pkcs7, byte* der, word32 derSz); +WOLFSSL_API int wc_PKCS7_AddCertificate(wc_PKCS7* pkcs7, byte* der, word32 derSz); +WOLFSSL_API void wc_PKCS7_Free(wc_PKCS7* pkcs7); -WOLFSSL_API int wc_PKCS7_GetAttributeValue(PKCS7* pkcs7, const byte* oid, +WOLFSSL_API int wc_PKCS7_GetAttributeValue(wc_PKCS7* pkcs7, const byte* oid, word32 oidSz, byte* out, word32* outSz); -WOLFSSL_API int wc_PKCS7_SetSignerIdentifierType(PKCS7* pkcs7, int type); -WOLFSSL_API int wc_PKCS7_SetContentType(PKCS7* pkcs7, byte* contentType, +WOLFSSL_API int wc_PKCS7_SetSignerIdentifierType(wc_PKCS7* pkcs7, int type); +WOLFSSL_API int wc_PKCS7_SetContentType(wc_PKCS7* pkcs7, byte* contentType, word32 sz); WOLFSSL_API int wc_PKCS7_GetPadSize(word32 inputSz, word32 blockSz); WOLFSSL_API int wc_PKCS7_PadData(byte* in, word32 inSz, byte* out, word32 outSz, word32 blockSz); /* CMS/PKCS#7 Data */ -WOLFSSL_API int wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output, +WOLFSSL_API int wc_PKCS7_EncodeData(wc_PKCS7* pkcs7, byte* output, word32 outputSz); /* CMS/PKCS#7 SignedData */ -WOLFSSL_API int wc_PKCS7_SetCustomSKID(PKCS7* pkcs7, const byte* in, +WOLFSSL_API int wc_PKCS7_SetCustomSKID(wc_PKCS7* pkcs7, const byte* in, word16 inSz); -WOLFSSL_API int wc_PKCS7_SetDetached(PKCS7* pkcs7, word16 flag); -WOLFSSL_API int wc_PKCS7_NoDefaultSignedAttribs(PKCS7* pkcs7); -WOLFSSL_API int wc_PKCS7_SetDefaultSignedAttribs(PKCS7* pkcs7, word16 flag); -WOLFSSL_API int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_SetDetached(wc_PKCS7* pkcs7, word16 flag); +WOLFSSL_API int wc_PKCS7_NoDefaultSignedAttribs(wc_PKCS7* pkcs7); +WOLFSSL_API int wc_PKCS7_SetDefaultSignedAttribs(wc_PKCS7* pkcs7, word16 flag); +WOLFSSL_API int wc_PKCS7_EncodeSignedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz); -WOLFSSL_API int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf, +WOLFSSL_API int wc_PKCS7_EncodeSignedData_ex(wc_PKCS7* pkcs7, const byte* hashBuf, word32 hashSz, byte* outputHead, word32* outputHeadSz, byte* outputFoot, word32* outputFootSz); -WOLFSSL_API void wc_PKCS7_AllowDegenerate(PKCS7* pkcs7, word16 flag); -WOLFSSL_API int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, +WOLFSSL_API void wc_PKCS7_AllowDegenerate(wc_PKCS7* pkcs7, word16 flag); +WOLFSSL_API int wc_PKCS7_VerifySignedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz); -WOLFSSL_API int wc_PKCS7_VerifySignedData_ex(PKCS7* pkcs7, const byte* hashBuf, +WOLFSSL_API int wc_PKCS7_VerifySignedData_ex(wc_PKCS7* pkcs7, const byte* hashBuf, word32 hashSz, byte* pkiMsgHead, word32 pkiMsgHeadSz, byte* pkiMsgFoot, word32 pkiMsgFootSz); -WOLFSSL_API int wc_PKCS7_GetSignerSID(PKCS7* pkcs7, byte* out, word32* outSz); +WOLFSSL_API int wc_PKCS7_GetSignerSID(wc_PKCS7* pkcs7, byte* out, word32* outSz); /* CMS single-shot API for Signed FirmwarePkgData */ -WOLFSSL_API int wc_PKCS7_EncodeSignedFPD(PKCS7* pkcs7, byte* privateKey, +WOLFSSL_API int wc_PKCS7_EncodeSignedFPD(wc_PKCS7* pkcs7, byte* privateKey, word32 privateKeySz, int signOID, int hashOID, byte* content, word32 contentSz, @@ -427,7 +432,7 @@ WOLFSSL_API int wc_PKCS7_EncodeSignedFPD(PKCS7* pkcs7, byte* privateKey, word32 outputSz); #ifndef NO_PKCS7_ENCRYPTED_DATA /* CMS single-shot API for Signed Encrypted FirmwarePkgData */ -WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedFPD(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedFPD(wc_PKCS7* pkcs7, byte* encryptKey, word32 encryptKeySz, byte* privateKey, word32 privateKeySz, int encryptOID, int signOID, @@ -441,7 +446,7 @@ WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedFPD(PKCS7* pkcs7, #endif /* NO_PKCS7_ENCRYPTED_DATA */ #if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA) /* CMS single-shot API for Signed Compressed FirmwarePkgData */ -WOLFSSL_API int wc_PKCS7_EncodeSignedCompressedFPD(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_EncodeSignedCompressedFPD(wc_PKCS7* pkcs7, byte* privateKey, word32 privateKeySz, int signOID, int hashOID, byte* content, word32 contentSz, @@ -451,7 +456,7 @@ WOLFSSL_API int wc_PKCS7_EncodeSignedCompressedFPD(PKCS7* pkcs7, #ifndef NO_PKCS7_ENCRYPTED_DATA /* CMS single-shot API for Signed Encrypted Compressed FirmwarePkgData */ -WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(wc_PKCS7* pkcs7, byte* encryptKey, word32 encryptKeySz, byte* privateKey, word32 privateKeySz, int encryptOID, int signOID, @@ -466,80 +471,80 @@ WOLFSSL_API int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(PKCS7* pkcs7, #endif /* HAVE_LIBZ && !NO_PKCS7_COMPRESSED_DATA */ /* EnvelopedData and AuthEnvelopedData RecipientInfo functions */ -WOLFSSL_API int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, +WOLFSSL_API int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, int options); -WOLFSSL_API int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, +WOLFSSL_API int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, int keyWrapOID, int keyAgreeOID, byte* ukm, word32 ukmSz, int options); -WOLFSSL_API int wc_PKCS7_SetKey(PKCS7* pkcs7, byte* key, word32 keySz); -WOLFSSL_API int wc_PKCS7_AddRecipient_KEKRI(PKCS7* pkcs7, int keyWrapOID, +WOLFSSL_API int wc_PKCS7_SetKey(wc_PKCS7* pkcs7, byte* key, word32 keySz); +WOLFSSL_API int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek, word32 kekSz, byte* keyID, word32 keyIdSz, void* timePtr, byte* otherOID, word32 otherOIDSz, byte* other, word32 otherSz, int options); -WOLFSSL_API int wc_PKCS7_SetPassword(PKCS7* pkcs7, byte* passwd, word32 pLen); -WOLFSSL_API int wc_PKCS7_AddRecipient_PWRI(PKCS7* pkcs7, byte* passwd, +WOLFSSL_API int wc_PKCS7_SetPassword(wc_PKCS7* pkcs7, byte* passwd, word32 pLen); +WOLFSSL_API int wc_PKCS7_AddRecipient_PWRI(wc_PKCS7* pkcs7, byte* passwd, word32 pLen, byte* salt, word32 saltSz, int kdfOID, int prfOID, int iterations, int kekEncryptOID, int options); -WOLFSSL_API int wc_PKCS7_SetOriEncryptCtx(PKCS7* pkcs7, void* ctx); -WOLFSSL_API int wc_PKCS7_SetOriDecryptCtx(PKCS7* pkcs7, void* ctx); -WOLFSSL_API int wc_PKCS7_SetOriDecryptCb(PKCS7* pkcs7, CallbackOriDecrypt cb); -WOLFSSL_API int wc_PKCS7_AddRecipient_ORI(PKCS7* pkcs7, CallbackOriEncrypt cb, +WOLFSSL_API int wc_PKCS7_SetOriEncryptCtx(wc_PKCS7* pkcs7, void* ctx); +WOLFSSL_API int wc_PKCS7_SetOriDecryptCtx(wc_PKCS7* pkcs7, void* ctx); +WOLFSSL_API int wc_PKCS7_SetOriDecryptCb(wc_PKCS7* pkcs7, CallbackOriDecrypt cb); +WOLFSSL_API int wc_PKCS7_AddRecipient_ORI(wc_PKCS7* pkcs7, CallbackOriEncrypt cb, int options); -WOLFSSL_API int wc_PKCS7_SetWrapCEKCb(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_SetWrapCEKCb(wc_PKCS7* pkcs7, CallbackWrapCEK wrapCEKCb); #if defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA) -WOLFSSL_API int wc_PKCS7_SetRsaSignRawDigestCb(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_SetRsaSignRawDigestCb(wc_PKCS7* pkcs7, CallbackRsaSignRawDigest cb); #endif /* CMS/PKCS#7 EnvelopedData */ -WOLFSSL_API int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz); -WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, +WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, byte* output, word32 outputSz); /* CMS/PKCS#7 AuthEnvelopedData */ -WOLFSSL_API int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_EncodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz); -WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, +WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, byte* output, word32 outputSz); /* CMS/PKCS#7 EncryptedData */ #ifndef NO_PKCS7_ENCRYPTED_DATA -WOLFSSL_API int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_EncodeEncryptedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz); -WOLFSSL_API int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg, +WOLFSSL_API int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, byte* output, word32 outputSz); -WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCb(PKCS7* pkcs7, +WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCb(wc_PKCS7* pkcs7, CallbackDecryptContent decryptionCb); -WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCtx(PKCS7* pkcs7, void* ctx); +WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCtx(wc_PKCS7* pkcs7, void* ctx); #endif /* NO_PKCS7_ENCRYPTED_DATA */ /* stream and certs */ -WOLFSSL_LOCAL int wc_PKCS7_WriteOut(PKCS7* pkcs7, byte* output, +WOLFSSL_LOCAL int wc_PKCS7_WriteOut(wc_PKCS7* pkcs7, byte* output, const byte* input, word32 inputSz); -WOLFSSL_API int wc_PKCS7_SetStreamMode(PKCS7* pkcs7, byte flag, +WOLFSSL_API int wc_PKCS7_SetStreamMode(wc_PKCS7* pkcs7, byte flag, CallbackGetContent getContentCb, CallbackStreamOut streamOutCb, void* ctx); -WOLFSSL_API int wc_PKCS7_GetStreamMode(PKCS7* pkcs7); -WOLFSSL_API int wc_PKCS7_SetNoCerts(PKCS7* pkcs7, byte flag); -WOLFSSL_API int wc_PKCS7_GetNoCerts(PKCS7* pkcs7); +WOLFSSL_API int wc_PKCS7_GetStreamMode(wc_PKCS7* pkcs7); +WOLFSSL_API int wc_PKCS7_SetNoCerts(wc_PKCS7* pkcs7, byte flag); +WOLFSSL_API int wc_PKCS7_GetNoCerts(wc_PKCS7* pkcs7); /* CMS/PKCS#7 CompressedData */ #if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA) -WOLFSSL_API int wc_PKCS7_EncodeCompressedData(PKCS7* pkcs7, byte* output, +WOLFSSL_API int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz); -WOLFSSL_API int wc_PKCS7_DecodeCompressedData(PKCS7* pkcs7, byte* pkiMsg, +WOLFSSL_API int wc_PKCS7_DecodeCompressedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, byte* output, word32 outputSz); #endif /* HAVE_LIBZ && !NO_PKCS7_COMPRESSED_DATA */ diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index 3f39d5b4df..c51cad76b9 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -436,7 +436,7 @@ WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen, WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen, byte** out, RsaKey* key, int type, enum wc_HashType hash, int mgf, byte* label, word32 labelSz); -#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING) +#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) WOLFSSL_API int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz, RsaKey* key, int type, WC_RNG* rng); #endif diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index a0fe30ac2e..674d21b075 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -3552,7 +3552,7 @@ extern void uITRON4_free(void *p) ; * OpenSSL compat layer * --------------------------------------------------------------------------- */ -#if defined(OPENSSL_EXTRA) && !defined(OPENSSL_COEXIST) +#ifdef OPENSSL_EXTRA #undef WOLFSSL_ALWAYS_VERIFY_CB #define WOLFSSL_ALWAYS_VERIFY_CB @@ -3576,7 +3576,7 @@ extern void uITRON4_free(void *p) ; #undef WOLFSSL_SESSION_ID_CTX #define WOLFSSL_SESSION_ID_CTX -#endif /* OPENSSL_EXTRA && !OPENSSL_COEXIST */ +#endif /* OPENSSL_EXTRA */ #ifdef OPENSSL_EXTRA_X509_SMALL #undef WOLFSSL_NO_OPENSSL_RAND_CB @@ -4178,9 +4178,8 @@ extern void uITRON4_free(void *p) ; #endif #endif -#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \ - defined(OPENSSL_COEXIST) - #error "OPENSSL_EXTRA can not be defined with OPENSSL_COEXIST" +#if defined(OPENSSL_ALL) && defined(OPENSSL_COEXIST) + #error "OPENSSL_ALL can not be defined with OPENSSL_COEXIST" #endif #if !defined(NO_DSA) && defined(NO_SHA) diff --git a/wolfssl/wolfio.h b/wolfssl/wolfio.h index 2cd43c700a..dd1c1f49f9 100644 --- a/wolfssl/wolfio.h +++ b/wolfssl/wolfio.h @@ -520,9 +520,13 @@ WOLFSSL_API int wolfIO_RecvFrom(SOCKET_T sd, WOLFSSL_BIO_ADDR *addr, char *buf, #endif #endif /* WOLFSSL_NO_SOCK */ +WOLFSSL_API int wolfSSL_BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx); +WOLFSSL_API int wolfSSL_BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx); +#ifndef OPENSSL_COEXIST /* Preserve API previously exposed */ -WOLFSSL_API int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx); -WOLFSSL_API int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx); +#define BioSend wolfSSL_BioSend +#define BioReceive wolfSSL_BioReceive +#endif WOLFSSL_LOCAL int SslBioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx); WOLFSSL_LOCAL int BioReceiveInternal(WOLFSSL_BIO* biord, WOLFSSL_BIO* biowr,