diff --git a/.gitignore b/.gitignore index 09638ba..789cbdc 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,5 @@ build libwebp .DS_Store wolfssl-git +var/ + diff --git a/app/build.gradle b/app/build.gradle deleted file mode 100644 index ac284ec..0000000 --- a/app/build.gradle +++ /dev/null @@ -1,124 +0,0 @@ -apply plugin: 'com.android.application' - -android { - compileSdkVersion 25 - buildToolsVersion '25.0.2' - - defaultConfig { - applicationId 'xyz.nc.android.wc' - minSdkVersion 21 - targetSdkVersion 25 - versionCode 1 - versionName '1.0' - testInstrumentationRunner 'android.support.test.runner.AndroidJUnitRunner' - - // ndk default settings for this build - ndk { - abiFilters 'x86' - // abiFilters 'x86', 'x86_64', 'armeabi', 'armeabi-v7a', 'arm64-v8a' - } - // set these default settings - externalNativeBuild { - //arguments "-DVAR_NAME=VALUE" - //arguments '-DANDROID_TOOLCHAIN=clang' - //arguments '-DANDROID_TOOLCHAIN=clang', '-DANDROID_STL=gnustl_static', '-DANDROID_PLATFORM=android-21' - //arguments '-DANDROID_TOOLCHAIN=gcc', '-DANDROID_STL=c++_static', '-DANDROID_PLATFORM=android-22' - } - } - - buildTypes { - release { - minifyEnabled false - proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' - } - } - - // this block links Gradle to the CMake (or ndk-build) - externalNativeBuild { - // cmake build configuration - cmake { - // relative path to CMake build script - //path 'src/main/cpp/CMakeLists.txt' - - // Passes optional arguments to CMake. - //arguments "-DANDROID_ARM_NEON=TRUE", "-DANDROID_TOOLCHAIN=clang" - - // Sets optional flags for the C compiler. - //cFlags "-D_EXAMPLE_C_FLAG1", "-D_EXAMPLE_C_FLAG2" - - // Sets a flag to enable format macro constants for the C++ compiler. - //cppFlags "-D__STDC_FORMAT_MACROS" - } - } - - sourceSets { - main { - // let gradle pack the shared library into apk - //jniLibs.srcDirs = ['../wolfssl/dist'] - //jniLibs.srcDirs = ['../dist/gperf/lib'] - } - } - - productFlavors { - demo { - // different build settings - externalNativeBuild { - // ... - // targets "native-lib-demo" - } - } - paid { - externalNativeBuild { - // .. - // targets "native-lib-paid" - } - } - - - // in the future, ndk.abiFilter might also work - // arm7 { - // ndk { - // abiFilter 'armeabi-v7a' - // } - // } - // arm8 { - // ndk { - // abiFilters 'arm64-v8a' - // } - // } - // arm { - // ndk { - // abiFilter 'armeabi' - // } - // } - // x86 { - // ndk { - // abiFilter 'x86' - // } - // } - // x86_64 { - // ndk { - // abiFilter 'x86_64' - // } - // } - // mips { - // ndk { - // abiFilters 'mips', 'mips64' - // } - // } - // all { - // ndk { - // abiFilters 'mips', 'mips64', 'x86', 'x86_64' - // } - // } - - } // productFlavors - -} // android - -dependencies { - compile fileTree(dir: 'libs', include: ['*.jar']) - compile 'com.android.support:appcompat-v7:25.2.0' - testCompile 'junit:junit:4.12' -} - diff --git a/app/src/main/cpp/CMakeLists.txt b/app/src/main/cpp/CMakeLists.txt deleted file mode 100644 index 49cd9a6..0000000 --- a/app/src/main/cpp/CMakeLists.txt +++ /dev/null @@ -1,29 +0,0 @@ -cmake_minimum_required(VERSION 3.4.1) - -add_library(lib_gmath STATIC IMPORTED) -set_target_properties(lib_gmath PROPERTIES IMPORTED_LOCATION - ${distribution_DIR}/gmath/lib/${ANDROID_ABI}/libgmath.a) - -# shared lib will also be tucked into APK and sent to target -# refer to app/build.gradle, jniLibs section for that purpose. -# ${ANDROID_ABI} is handy for our purpose here. Probably this ${ANDROID_ABI} is -# the most valuable thing of this sample, the rest are pretty much normal cmake -add_library(lib_gperf SHARED IMPORTED) -set_target_properties(lib_gperf PROPERTIES IMPORTED_LOCATION - ${distribution_DIR}/gperf/lib/${ANDROID_ABI}/libgperf.so) - -# build application's shared lib -set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=gnu++11") - -add_library(hello-libs SHARED - hello-libs.cpp) - -target_include_directories(hello-libs PRIVATE - ${distribution_DIR}/gmath/include - ${distribution_DIR}/gperf/include) - -target_link_libraries(hello-libs - android - lib_gmath - lib_gperf - log) diff --git a/app/src/main/cpp/com_wolfssl_wolfcrypt_KeyGen.c b/app/src/main/cpp/com_wolfssl_wolfcrypt_KeyGen.c deleted file mode 100644 index e69de29..0000000 diff --git a/app/src/main/cpp/com_wolfssl_wolfcrypt_NTRU.c b/app/src/main/cpp/com_wolfssl_wolfcrypt_NTRU.c deleted file mode 100644 index e69de29..0000000 diff --git a/app/src/main/cpp/com_wolfssl_wolfcrypt_RSA.c b/app/src/main/cpp/com_wolfssl_wolfcrypt_RSA.c deleted file mode 100644 index e028a3a..0000000 --- a/app/src/main/cpp/com_wolfssl_wolfcrypt_RSA.c +++ /dev/null @@ -1,250 +0,0 @@ -/* com_wolfssl_wolfcrypt_RSA.c - * - * Copyright (C) 2006-2016 wolfSSL Inc. - * - * This file is part of wolfSSL. - * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - */ - -#include -#include -#include "com_wolfssl_wolfcrypt_RSA.h" -#include - -JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doSign - (JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out, - jintArray outSz, jobject keyDer, jlong keySz) -{ - int ret; - RNG rng; - RsaKey myKey; - unsigned int idx; - unsigned int tmpOut; - - /* check in and key sz */ - if ((inSz < 0) || (keySz < 0)) { - return -1; - } - - /* get pointers to our buffers */ - unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in); - if (inBuf == NULL) { - printf("problem getting in buffer address\n"); - return -1; - } - - unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out); - if (outBuf == NULL) { - printf("problem getting out buffer address\n"); - return -1; - } - - unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer); - if (keyBuf == NULL) { - printf("problem getting key buffer address\n"); - return -1; - } - - /* get output buffer size */ - (*jenv)->GetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut); - - wc_InitRng(&rng); - wc_InitRsaKey(&myKey, NULL); - - idx = 0; - - ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz); - if (ret == 0) { - ret = wc_RsaSSL_Sign(inBuf, (unsigned int)inSz, outBuf, tmpOut, - &myKey, &rng); - if (ret > 0) { - /* save and convert to 0 for success */ - (*jenv)->SetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut); - ret = 0; - } - } else { - printf("wc_RsaPrivateKeyDecode failed, ret = %d\n", ret); - } - - wc_FreeRsaKey(&myKey); - - return ret; -} - -JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doVerify - (JNIEnv* jenv, jobject jcl, jobject sig, jlong sigSz, jobject out, - jlong outSz, jobject keyDer, jlong keySz) -{ - int ret; - RsaKey myKey; - unsigned int idx; - - /* check in and key sz */ - if ((sigSz < 0) || (keySz < 0) || (outSz < 0)) { - return -1; - } - - /* get pointers to our buffers */ - unsigned char* sigBuf = (*jenv)->GetDirectBufferAddress(jenv, sig); - if (sigBuf == NULL) { - printf("problem getting sig buffer address\n"); - return -1; - } - - unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out); - if (outBuf == NULL) { - printf("problem getting out buffer address\n"); - return -1; - } - - unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer); - if (keyBuf == NULL) { - printf("problem getting key buffer address\n"); - return -1; - } - - wc_InitRsaKey(&myKey, NULL); - idx = 0; - - ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz); - if (ret == 0) { - ret = wc_RsaSSL_Verify(sigBuf, (unsigned int)sigSz, outBuf, - (unsigned int)outSz, &myKey); - if (ret < 0) { - printf("wc_RsaSSL_Verify failed, ret = %d\n", ret); - return ret; - } - } else { - printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret); - } - - wc_FreeRsaKey(&myKey); - - return ret; -} - -JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doEnc - (JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out, - jintArray outSz, jobject keyDer, jlong keySz) -{ - int ret; - RsaKey myKey; - RNG rng; - unsigned int idx; - unsigned int tmpOut; - - /* check in and key sz */ - if ((inSz < 0) || (keySz < 0)) { - return -1; - } - - /* get pointers to our buffers */ - unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in); - if (inBuf == NULL) { - printf("problem getting in buffer address\n"); - return -1; - } - - unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out); - if (outBuf == NULL) { - printf("problem getting out buffer address\n"); - return -1; - } - - unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer); - if (keyBuf == NULL) { - printf("problem getting key buffer address\n"); - return -1; - } - - /* get output buffer size */ - (*jenv)->GetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut); - - wc_InitRng(&rng); - wc_InitRsaKey(&myKey, NULL); - - idx = 0; - - ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz); - if (ret == 0) { - ret = wc_RsaPublicEncrypt(inBuf, (unsigned int)inSz, outBuf, tmpOut, - &myKey, &rng); - if (ret > 0) { - /* save and convert to 0 for success */ - (*jenv)->SetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&ret); - ret = 0; - } - } else { - printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret); - } - - wc_FreeRsaKey(&myKey); - - return ret; -} - -JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doDec - (JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out, - jlong outSz, jobject keyDer, jlong keySz) -{ - int ret; - RsaKey myKey; - unsigned int idx; - - /* check in and key sz */ - if ((inSz < 0) || (keySz < 0) || (outSz < 0)) { - return -1; - } - - /* get pointers to our buffers */ - unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in); - if (inBuf == NULL) { - printf("problem getting in buffer address\n"); - return -1; - } - - unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out); - if (outBuf == NULL) { - printf("problem getting out buffer address\n"); - return -1; - } - - unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer); - if (keyBuf == NULL) { - printf("problem getting key buffer address\n"); - return -1; - } - - wc_InitRsaKey(&myKey, NULL); - idx = 0; - - ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz); - if (ret == 0) { - ret = wc_RsaPrivateDecrypt(inBuf, (unsigned int)inSz, outBuf, - (unsigned int)outSz, &myKey); - if (ret < 0) { - printf("wc_RsaPrivateDecrypt failed, ret = %d\n", ret); - return ret; - } - } else { - printf("wc_RsaPrivateKeyDecode failed, ret = %d\n", ret); - } - - wc_FreeRsaKey(&myKey); - - return ret; -} - diff --git a/app/src/main/cpp/com_wolfssl_wolfcrypt_RSA.h b/app/src/main/cpp/com_wolfssl_wolfcrypt_RSA.h deleted file mode 100644 index 837f006..0000000 --- a/app/src/main/cpp/com_wolfssl_wolfcrypt_RSA.h +++ /dev/null @@ -1,45 +0,0 @@ -/* DO NOT EDIT THIS FILE - it is machine generated */ -#include -/* Header for class com_wolfssl_wolfcrypt_RSA */ - -#ifndef _Included_com_wolfssl_wolfcrypt_RSA -#define _Included_com_wolfssl_wolfcrypt_RSA -#ifdef __cplusplus -extern "C" { -#endif -/* - * Class: com_wolfssl_wolfcrypt_RSA - * Method: doSign - * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;[ILjava/nio/ByteBuffer;J)I - */ -JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doSign - (JNIEnv *, jobject, jobject, jlong, jobject, jintArray, jobject, jlong); - -/* - * Class: com_wolfssl_wolfcrypt_RSA - * Method: doVerify - * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLjava/nio/ByteBuffer;J)I - */ -JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doVerify - (JNIEnv *, jobject, jobject, jlong, jobject, jlong, jobject, jlong); - -/* - * Class: com_wolfssl_wolfcrypt_RSA - * Method: doEnc - * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;[ILjava/nio/ByteBuffer;J)I - */ -JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doEnc - (JNIEnv *, jobject, jobject, jlong, jobject, jintArray, jobject, jlong); - -/* - * Class: com_wolfssl_wolfcrypt_RSA - * Method: doDec - * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLjava/nio/ByteBuffer;J)I - */ -JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doDec - (JNIEnv *, jobject, jobject, jlong, jobject, jlong, jobject, jlong); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/app/src/main/java/com/wolfssl/wolfcrypt/AES.java b/app/src/main/java/com/wolfssl/wolfcrypt/AES.java deleted file mode 100644 index e69de29..0000000 diff --git a/app/src/main/java/com/wolfssl/wolfcrypt/RSA.java b/app/src/main/java/com/wolfssl/wolfcrypt/RSA.java deleted file mode 100644 index 3d84742..0000000 --- a/app/src/main/java/com/wolfssl/wolfcrypt/RSA.java +++ /dev/null @@ -1,50 +0,0 @@ -/* RSA.java - * - * Copyright (C) 2006-2016 wolfSSL Inc. - * - * This file is part of wolfSSL. - * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - */ - -package com.wolfssl.wolfcrypt; - -import java.nio.ByteBuffer; - -/** - * Wrapper for the native WolfCrypt RSA implementation, used for examples. - * This class contains a subset of the WolfCrypt RSA implementation and was - * written to be used with this package's example RSA public key callbacks. - * Usage can be found in examples/Client.java and examples/Server.java. - * - * @author wolfSSL - * @version 1.0, August 2013 - */ -public class RSA { - - public native int doSign(ByteBuffer in, long inSz, ByteBuffer out, - int[] outSz, ByteBuffer key, long keySz); - - public native int doVerify(ByteBuffer sig, long sigSz, ByteBuffer out, - long outSz, ByteBuffer keyDer, long keySz); - - public native int doEnc(ByteBuffer in, long inSz, ByteBuffer out, - int[] outSz, ByteBuffer keyDer, long keySz); - - public native int doDec(ByteBuffer in, long inSz, ByteBuffer out, - long outSz, ByteBuffer keyDer, long keySz); - -} - diff --git a/ccc/CMakeLists.txt b/ccc/CMakeLists.txt new file mode 100644 index 0000000..bd80875 --- /dev/null +++ b/ccc/CMakeLists.txt @@ -0,0 +1,6 @@ +# this CMake file is the root, and is used to create the bin folder +cmake_minimum_required(VERSION 3.4.1) + +set(CMAKE_VERBOSE_MAKEFILE on) + +add_subdirectory(src/main/cpp/wolfcrypt) diff --git a/ccc/CMakeLists.txt.old b/ccc/CMakeLists.txt.old new file mode 100644 index 0000000..6d19632 --- /dev/null +++ b/ccc/CMakeLists.txt.old @@ -0,0 +1,7 @@ +# this CMake file is the root, and is used to create the bin folder +cmake_minimum_required(VERSION 3.4.1) + +set(CMAKE_VERBOSE_MAKEFILE on) + +add_subdirectory(${CMAKE_CURRENT_SOURCE_DIR}/src/main/cpp/wolfssl-oem) +add_subdirectory(${CMAKE_CURRENT_SOURCE_DIR}/src/main/cpp/wolfcrypt) diff --git a/ccc/README_DEV.rst b/ccc/README_DEV.rst new file mode 100644 index 0000000..98d0989 --- /dev/null +++ b/ccc/README_DEV.rst @@ -0,0 +1,65 @@ +DEVELOPER README +================ + +* Generates a shared library (libwolfssl.so) + + +Requirements +------------ + + + +How To Build +------------ + +WOLFSSL + +1. $ ./get_wolfssl_src.sh +2. $ gradle build +3. prepare for distribution + - copy files from output directory to ./dist + - bulld/intermediates/cmake/release/obj/x86_64/libwolfssl.so + + + +OUPUT +----- + +bulld/intermediates/cmake/release/obj/x86_64/libwolfssl.so + + + + + + + +BUILD Information +================= + +ndk 2018 +-------- +* NDK: 18.1.5063045 +* Android Bulid tools: 28.0.3 +* CMake: 3.6.4111459 +* Gradle: 4.10.2 +* Android Gradle plugin: 3.2.1 +* SDK Target: 26 +* SDK Min: 23 + + + +gradle version +-------------- +Gradle version: Gradle 4.10.2. + +Build time: 2018-09-19 18:10:15 UTC +Revision: b4d8d5d170bb4ba516e88d7fe5647e2323d791dd + +Kotlin DSL: 1.0-rc-6 +Kotlin: 1.2.61 +Groovy: 2.4.15 +Ant: Apache Ant(TM) version 1.9.11 compiled on March 23 2018 +JVM: 1.8.0_152-release (JetBrains s.r.o 25.152-b06) +OS: Mac OS X 10.13.6 x86_64 + + diff --git a/ccc/build.gradle b/ccc/build.gradle new file mode 100644 index 0000000..e501cb0 --- /dev/null +++ b/ccc/build.gradle @@ -0,0 +1,57 @@ +apply plugin: 'com.android.library' + +android { + compileSdkVersion 28 + // a default can be used, but it is good practice to explicitly select build tools + buildToolsVersion '28.0.3' + + defaultConfig { + // applicationId 'xyz.nc.android.wc' + minSdkVersion 23 + targetSdkVersion 28 + versionCode 1 + versionName '1.0' + + externalNativeBuild { + cmake { + arguments '-DANDROID_PLATFORM=android-23', + '-DANDROID_TOOLCHAIN=clang' + // Sets optional flags for the C compiler. + // cFlags \ + // '-D_POSIX_THREADS', '-DNDEBUG', + // '-DPERSIST_SESSION_CACHE', '-DPERSIST_CERT_CACHE', '-DATOMIC_USER', + // '-DHAVE_PK_CALLBACKS', '-DNO_DSA', + // '-DNO_MD4', '-DNO_HC128', '-DNO_RABBIT', + // '-DHAVE_OCSP', '-DHAVE_CRL', '-DWOLFSSL_JNI', '-DHAVE_DH', + // '-Wall' + // explicitly build libs + //targets 'wolfssl' + } + + } + } + + + // buildTypes { + // release { + // minifyEnabled false + // proguardFiles getDefaultProguardFile('proguard-android.txt'), + // 'proguard-rules.pro' + // } + // } + externalNativeBuild { + cmake { + path 'CMakeLists.txt' + } + } +} + +dependencies { +// compile fileTree(dir: 'libs', include: ['*.jar']) +// implementation fileTree(dir: 'libs', include: ['*.jar']) + testImplementation 'junit:junit:4.12' +// implementation 'com.android.support:appcompat-v7:28.0.0' +// implementation 'com.android.support.constraint:constraint-layout:1.1.3' +// androidTestImplementation 'com.android.support.test:runner:1.0.2' +// androidTestImplementation 'com.android.support.test.espresso:espresso-core:3.0.2' +} diff --git a/ccc/dist/README.rst b/ccc/dist/README.rst new file mode 100644 index 0000000..e901a20 --- /dev/null +++ b/ccc/dist/README.rst @@ -0,0 +1,7 @@ +=========== +DIST README +=========== + +* The folder "lib" is auto generated +* The remaining folders have been hand copied for distoribution + - As of right now files are copied from the ./bulld/intermediates/cmake/release/obj/.. diff --git a/ccc/dist/android-19/arm64-v8a/libjnitest.so b/ccc/dist/android-19/arm64-v8a/libjnitest.so new file mode 100755 index 0000000..555a44a Binary files /dev/null and b/ccc/dist/android-19/arm64-v8a/libjnitest.so differ diff --git a/ccc/dist/android-19/arm64-v8a/libwolfssl.so b/ccc/dist/android-19/arm64-v8a/libwolfssl.so new file mode 100755 index 0000000..ccab2bd Binary files /dev/null and b/ccc/dist/android-19/arm64-v8a/libwolfssl.so differ diff --git a/ccc/dist/android-19/arm64-v8a/libwolfssljni.so b/ccc/dist/android-19/arm64-v8a/libwolfssljni.so new file mode 100755 index 0000000..9be8e13 Binary files /dev/null and b/ccc/dist/android-19/arm64-v8a/libwolfssljni.so differ diff --git a/ccc/dist/android-19/armeabi-v7a/libjnitest.so b/ccc/dist/android-19/armeabi-v7a/libjnitest.so new file mode 100755 index 0000000..d0218d7 Binary files /dev/null and b/ccc/dist/android-19/armeabi-v7a/libjnitest.so differ diff --git a/ccc/dist/android-19/armeabi-v7a/libwolfssl.so b/ccc/dist/android-19/armeabi-v7a/libwolfssl.so new file mode 100755 index 0000000..4ef496a Binary files /dev/null and b/ccc/dist/android-19/armeabi-v7a/libwolfssl.so differ diff --git a/ccc/dist/android-19/armeabi-v7a/libwolfssljni.so b/ccc/dist/android-19/armeabi-v7a/libwolfssljni.so new file mode 100755 index 0000000..ec8c167 Binary files /dev/null and b/ccc/dist/android-19/armeabi-v7a/libwolfssljni.so differ diff --git a/ccc/dist/android-19/armeabi/libjnitest.so b/ccc/dist/android-19/armeabi/libjnitest.so new file mode 100755 index 0000000..03dad2c Binary files /dev/null and b/ccc/dist/android-19/armeabi/libjnitest.so differ diff --git a/ccc/dist/android-19/armeabi/libwolfssl.so b/ccc/dist/android-19/armeabi/libwolfssl.so new file mode 100755 index 0000000..24f519a Binary files /dev/null and b/ccc/dist/android-19/armeabi/libwolfssl.so differ diff --git a/ccc/dist/android-19/armeabi/libwolfssljni.so b/ccc/dist/android-19/armeabi/libwolfssljni.so new file mode 100755 index 0000000..9885db0 Binary files /dev/null and b/ccc/dist/android-19/armeabi/libwolfssljni.so differ diff --git a/app/src/main/cpp/com_wolfssl_wolfcrypt_AES.c b/ccc/dist/android-19/kitkat_4.4 similarity index 100% rename from app/src/main/cpp/com_wolfssl_wolfcrypt_AES.c rename to ccc/dist/android-19/kitkat_4.4 diff --git a/ccc/dist/android-19/mips/libjnitest.so b/ccc/dist/android-19/mips/libjnitest.so new file mode 100755 index 0000000..dc045c3 Binary files /dev/null and b/ccc/dist/android-19/mips/libjnitest.so differ diff --git a/ccc/dist/android-19/mips/libwolfssl.so b/ccc/dist/android-19/mips/libwolfssl.so new file mode 100755 index 0000000..adeecb9 Binary files /dev/null and b/ccc/dist/android-19/mips/libwolfssl.so differ diff --git a/ccc/dist/android-19/mips/libwolfssljni.so b/ccc/dist/android-19/mips/libwolfssljni.so new file mode 100755 index 0000000..53c3f62 Binary files /dev/null and b/ccc/dist/android-19/mips/libwolfssljni.so differ diff --git a/ccc/dist/android-19/mips64/libjnitest.so b/ccc/dist/android-19/mips64/libjnitest.so new file mode 100755 index 0000000..ef7adaf Binary files /dev/null and b/ccc/dist/android-19/mips64/libjnitest.so differ diff --git a/ccc/dist/android-19/mips64/libwolfssl.so b/ccc/dist/android-19/mips64/libwolfssl.so new file mode 100755 index 0000000..a124370 Binary files /dev/null and b/ccc/dist/android-19/mips64/libwolfssl.so differ diff --git a/ccc/dist/android-19/mips64/libwolfssljni.so b/ccc/dist/android-19/mips64/libwolfssljni.so new file mode 100755 index 0000000..80c7711 Binary files /dev/null and b/ccc/dist/android-19/mips64/libwolfssljni.so differ diff --git a/ccc/dist/android-19/x86/libjnitest.so b/ccc/dist/android-19/x86/libjnitest.so new file mode 100755 index 0000000..87c1eb4 Binary files /dev/null and b/ccc/dist/android-19/x86/libjnitest.so differ diff --git a/ccc/dist/android-19/x86/libwolfssl.so b/ccc/dist/android-19/x86/libwolfssl.so new file mode 100755 index 0000000..37588cf Binary files /dev/null and b/ccc/dist/android-19/x86/libwolfssl.so differ diff --git a/ccc/dist/android-19/x86/libwolfssljni.so b/ccc/dist/android-19/x86/libwolfssljni.so new file mode 100755 index 0000000..0444cdc Binary files /dev/null and b/ccc/dist/android-19/x86/libwolfssljni.so differ diff --git a/ccc/dist/android-19/x86_64/libjnitest.so b/ccc/dist/android-19/x86_64/libjnitest.so new file mode 100755 index 0000000..ca77727 Binary files /dev/null and b/ccc/dist/android-19/x86_64/libjnitest.so differ diff --git a/ccc/dist/android-19/x86_64/libwolfssl.so b/ccc/dist/android-19/x86_64/libwolfssl.so new file mode 100755 index 0000000..1a23d59 Binary files /dev/null and b/ccc/dist/android-19/x86_64/libwolfssl.so differ diff --git a/ccc/dist/android-19/x86_64/libwolfssljni.so b/ccc/dist/android-19/x86_64/libwolfssljni.so new file mode 100755 index 0000000..9bb9154 Binary files /dev/null and b/ccc/dist/android-19/x86_64/libwolfssljni.so differ diff --git a/ccc/dist/android-21/arm64-v8a/libjnitest.so b/ccc/dist/android-21/arm64-v8a/libjnitest.so new file mode 100755 index 0000000..555a44a Binary files /dev/null and b/ccc/dist/android-21/arm64-v8a/libjnitest.so differ diff --git a/ccc/dist/android-21/arm64-v8a/libwolfssl.so b/ccc/dist/android-21/arm64-v8a/libwolfssl.so new file mode 100755 index 0000000..ccab2bd Binary files /dev/null and b/ccc/dist/android-21/arm64-v8a/libwolfssl.so differ diff --git a/ccc/dist/android-21/arm64-v8a/libwolfssljni.so b/ccc/dist/android-21/arm64-v8a/libwolfssljni.so new file mode 100755 index 0000000..9be8e13 Binary files /dev/null and b/ccc/dist/android-21/arm64-v8a/libwolfssljni.so differ diff --git a/ccc/dist/android-21/armeabi-v7a/libjnitest.so b/ccc/dist/android-21/armeabi-v7a/libjnitest.so new file mode 100755 index 0000000..5e70e4b Binary files /dev/null and b/ccc/dist/android-21/armeabi-v7a/libjnitest.so differ diff --git a/ccc/dist/android-21/armeabi-v7a/libwolfssl.so b/ccc/dist/android-21/armeabi-v7a/libwolfssl.so new file mode 100755 index 0000000..49c478d Binary files /dev/null and b/ccc/dist/android-21/armeabi-v7a/libwolfssl.so differ diff --git a/ccc/dist/android-21/armeabi-v7a/libwolfssljni.so b/ccc/dist/android-21/armeabi-v7a/libwolfssljni.so new file mode 100755 index 0000000..86b8bf9 Binary files /dev/null and b/ccc/dist/android-21/armeabi-v7a/libwolfssljni.so differ diff --git a/ccc/dist/android-21/armeabi/libjnitest.so b/ccc/dist/android-21/armeabi/libjnitest.so new file mode 100755 index 0000000..45a4609 Binary files /dev/null and b/ccc/dist/android-21/armeabi/libjnitest.so differ diff --git a/ccc/dist/android-21/armeabi/libwolfssl.so b/ccc/dist/android-21/armeabi/libwolfssl.so new file mode 100755 index 0000000..146e0d3 Binary files /dev/null and b/ccc/dist/android-21/armeabi/libwolfssl.so differ diff --git a/ccc/dist/android-21/armeabi/libwolfssljni.so b/ccc/dist/android-21/armeabi/libwolfssljni.so new file mode 100755 index 0000000..6ca8c9a Binary files /dev/null and b/ccc/dist/android-21/armeabi/libwolfssljni.so differ diff --git a/app/src/main/cpp/com_wolfssl_wolfcrypt_AES.h b/ccc/dist/android-21/lollipop_5.0 similarity index 100% rename from app/src/main/cpp/com_wolfssl_wolfcrypt_AES.h rename to ccc/dist/android-21/lollipop_5.0 diff --git a/ccc/dist/android-21/mips/libjnitest.so b/ccc/dist/android-21/mips/libjnitest.so new file mode 100755 index 0000000..14cae44 Binary files /dev/null and b/ccc/dist/android-21/mips/libjnitest.so differ diff --git a/ccc/dist/android-21/mips/libwolfssl.so b/ccc/dist/android-21/mips/libwolfssl.so new file mode 100755 index 0000000..9de61c7 Binary files /dev/null and b/ccc/dist/android-21/mips/libwolfssl.so differ diff --git a/ccc/dist/android-21/mips/libwolfssljni.so b/ccc/dist/android-21/mips/libwolfssljni.so new file mode 100755 index 0000000..456f2c3 Binary files /dev/null and b/ccc/dist/android-21/mips/libwolfssljni.so differ diff --git a/ccc/dist/android-21/mips64/libjnitest.so b/ccc/dist/android-21/mips64/libjnitest.so new file mode 100755 index 0000000..ef7adaf Binary files /dev/null and b/ccc/dist/android-21/mips64/libjnitest.so differ diff --git a/ccc/dist/android-21/mips64/libwolfssl.so b/ccc/dist/android-21/mips64/libwolfssl.so new file mode 100755 index 0000000..a124370 Binary files /dev/null and b/ccc/dist/android-21/mips64/libwolfssl.so differ diff --git a/ccc/dist/android-21/mips64/libwolfssljni.so b/ccc/dist/android-21/mips64/libwolfssljni.so new file mode 100755 index 0000000..80c7711 Binary files /dev/null and b/ccc/dist/android-21/mips64/libwolfssljni.so differ diff --git a/ccc/dist/android-21/x86/libjnitest.so b/ccc/dist/android-21/x86/libjnitest.so new file mode 100755 index 0000000..403f1c5 Binary files /dev/null and b/ccc/dist/android-21/x86/libjnitest.so differ diff --git a/ccc/dist/android-21/x86/libwolfssl.so b/ccc/dist/android-21/x86/libwolfssl.so new file mode 100755 index 0000000..463eb8a Binary files /dev/null and b/ccc/dist/android-21/x86/libwolfssl.so differ diff --git a/ccc/dist/android-21/x86/libwolfssljni.so b/ccc/dist/android-21/x86/libwolfssljni.so new file mode 100755 index 0000000..99fd24e Binary files /dev/null and b/ccc/dist/android-21/x86/libwolfssljni.so differ diff --git a/ccc/dist/android-21/x86_64/libjnitest.so b/ccc/dist/android-21/x86_64/libjnitest.so new file mode 100755 index 0000000..ca77727 Binary files /dev/null and b/ccc/dist/android-21/x86_64/libjnitest.so differ diff --git a/ccc/dist/android-21/x86_64/libwolfssl.so b/ccc/dist/android-21/x86_64/libwolfssl.so new file mode 100755 index 0000000..1a23d59 Binary files /dev/null and b/ccc/dist/android-21/x86_64/libwolfssl.so differ diff --git a/ccc/dist/android-21/x86_64/libwolfssljni.so b/ccc/dist/android-21/x86_64/libwolfssljni.so new file mode 100755 index 0000000..9bb9154 Binary files /dev/null and b/ccc/dist/android-21/x86_64/libwolfssljni.so differ diff --git a/ccc/dist/android-23/debug/arm64-v8a/libwolfssl.so b/ccc/dist/android-23/debug/arm64-v8a/libwolfssl.so new file mode 100755 index 0000000..c74f9a6 Binary files /dev/null and b/ccc/dist/android-23/debug/arm64-v8a/libwolfssl.so differ diff --git a/ccc/dist/android-23/debug/armeabi-v7a/libwolfssl.so b/ccc/dist/android-23/debug/armeabi-v7a/libwolfssl.so new file mode 100755 index 0000000..62a2faf Binary files /dev/null and b/ccc/dist/android-23/debug/armeabi-v7a/libwolfssl.so differ diff --git a/ccc/dist/android-23/debug/x86/libwolfssl.so b/ccc/dist/android-23/debug/x86/libwolfssl.so new file mode 100755 index 0000000..fda7c49 Binary files /dev/null and b/ccc/dist/android-23/debug/x86/libwolfssl.so differ diff --git a/ccc/dist/android-23/debug/x86_64/libwolfssl.so b/ccc/dist/android-23/debug/x86_64/libwolfssl.so new file mode 100755 index 0000000..5ce0840 Binary files /dev/null and b/ccc/dist/android-23/debug/x86_64/libwolfssl.so differ diff --git a/ccc/dist/android-23/release/arm64-v8a/libwolfssl.so b/ccc/dist/android-23/release/arm64-v8a/libwolfssl.so new file mode 100755 index 0000000..52c9c8e Binary files /dev/null and b/ccc/dist/android-23/release/arm64-v8a/libwolfssl.so differ diff --git a/ccc/dist/android-23/release/armeabi-v7a/libwolfssl.so b/ccc/dist/android-23/release/armeabi-v7a/libwolfssl.so new file mode 100755 index 0000000..e1dc221 Binary files /dev/null and b/ccc/dist/android-23/release/armeabi-v7a/libwolfssl.so differ diff --git a/ccc/dist/android-23/release/x86/libwolfssl.so b/ccc/dist/android-23/release/x86/libwolfssl.so new file mode 100755 index 0000000..d9768b0 Binary files /dev/null and b/ccc/dist/android-23/release/x86/libwolfssl.so differ diff --git a/ccc/dist/android-23/release/x86_64/libwolfssl.so b/ccc/dist/android-23/release/x86_64/libwolfssl.so new file mode 100755 index 0000000..c12edb9 Binary files /dev/null and b/ccc/dist/android-23/release/x86_64/libwolfssl.so differ diff --git a/ccc/dist/lib/arm64-v8a/libwolfssl.a b/ccc/dist/lib/arm64-v8a/libwolfssl.a new file mode 100644 index 0000000..9cc7adc Binary files /dev/null and b/ccc/dist/lib/arm64-v8a/libwolfssl.a differ diff --git a/ccc/dist/lib/armeabi-v7a/libwolfssl.a b/ccc/dist/lib/armeabi-v7a/libwolfssl.a new file mode 100644 index 0000000..0870785 Binary files /dev/null and b/ccc/dist/lib/armeabi-v7a/libwolfssl.a differ diff --git a/ccc/dist/lib/include/wolfssl/callbacks.h b/ccc/dist/lib/include/wolfssl/callbacks.h new file mode 100644 index 0000000..9f3be05 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/callbacks.h @@ -0,0 +1,83 @@ +/* callbacks.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLFSSL_CALLBACKS_H +#define WOLFSSL_CALLBACKS_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +enum { /* CALLBACK CONTSTANTS */ + MAX_PACKETNAME_SZ = 24, + MAX_CIPHERNAME_SZ = 24, + MAX_TIMEOUT_NAME_SZ = 24, + MAX_PACKETS_HANDSHAKE = 14, /* 12 for client auth plus 2 alerts */ + MAX_VALUE_SZ = 128, /* all handshake packets but Cert should + fit here */ +}; + +struct WOLFSSL; + +typedef struct handShakeInfo_st { + struct WOLFSSL* ssl; + char cipherName[MAX_CIPHERNAME_SZ + 1]; /* negotiated cipher */ + char packetNames[MAX_PACKETS_HANDSHAKE][MAX_PACKETNAME_SZ + 1]; + /* SSL packet names */ + int numberPackets; /* actual # of packets */ + int negotiationError; /* cipher/parameter err */ +} HandShakeInfo; + + +typedef struct timeval Timeval; + + +typedef struct packetInfo_st { + char packetName[MAX_PACKETNAME_SZ + 1]; /* SSL packet name */ + Timeval timestamp; /* when it occurred */ + unsigned char value[MAX_VALUE_SZ]; /* if fits, it's here */ + unsigned char* bufferValue; /* otherwise here (non 0) */ + int valueSz; /* sz of value or buffer */ +} PacketInfo; + + +typedef struct timeoutInfo_st { + char timeoutName[MAX_TIMEOUT_NAME_SZ + 1]; /* timeout Name */ + int flags; /* for future use */ + int numberPackets; /* actual # of packets */ + PacketInfo packets[MAX_PACKETS_HANDSHAKE]; /* list of all packets */ + Timeval timeoutValue; /* timer that caused it */ +} TimeoutInfo; + + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* WOLFSSL_CALLBACKS_H */ + diff --git a/ccc/dist/lib/include/wolfssl/certs_test.h b/ccc/dist/lib/include/wolfssl/certs_test.h new file mode 100644 index 0000000..2d52511 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/certs_test.h @@ -0,0 +1,2061 @@ +/* certs_test.h */ + +#ifndef WOLFSSL_CERTS_TEST_H +#define WOLFSSL_CERTS_TEST_H + +#ifdef USE_CERT_BUFFERS_1024 + +/* ./certs/1024/client-key.der, 1024-bit */ +static const unsigned char client_key_der_1024[] = +{ + 0x30, 0x82, 0x02, 0x5C, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, + 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, 0xA9, + 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, 0xEC, + 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, 0xEC, + 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, 0x94, + 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, 0x4D, + 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, 0x25, + 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, 0xCC, + 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, 0xDA, + 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, 0x77, + 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, 0x4C, + 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, 0xAE, + 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, 0x67, + 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, 0x02, + 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x13, 0x97, 0xEA, + 0xE8, 0x38, 0x78, 0x25, 0xA2, 0x5C, 0x04, 0xCE, 0x0D, 0x40, + 0x7C, 0x31, 0xE5, 0xC4, 0x70, 0xCD, 0x9B, 0x82, 0x3B, 0x58, + 0x09, 0x86, 0x3B, 0x66, 0x5F, 0xDC, 0x31, 0x90, 0xF1, 0x4F, + 0xD5, 0xDB, 0x15, 0xDD, 0xDE, 0xD7, 0x3B, 0x95, 0x93, 0x31, + 0x18, 0x31, 0x0E, 0x5E, 0xA3, 0xD6, 0xA2, 0x1A, 0x71, 0x6E, + 0x81, 0x48, 0x1C, 0x4B, 0xCF, 0xDB, 0x8E, 0x7A, 0x86, 0x61, + 0x32, 0xDC, 0xFB, 0x55, 0xC1, 0x16, 0x6D, 0x27, 0x92, 0x24, + 0x45, 0x8B, 0xF1, 0xB8, 0x48, 0xB1, 0x4B, 0x1D, 0xAC, 0xDE, + 0xDA, 0xDD, 0x8E, 0x2F, 0xC2, 0x91, 0xFB, 0xA5, 0xA9, 0x6E, + 0xF8, 0x3A, 0x6A, 0xF1, 0xFD, 0x50, 0x18, 0xEF, 0x9F, 0xE7, + 0xC3, 0xCA, 0x78, 0xEA, 0x56, 0xD3, 0xD3, 0x72, 0x5B, 0x96, + 0xDD, 0x4E, 0x06, 0x4E, 0x3A, 0xC3, 0xD9, 0xBE, 0x72, 0xB6, + 0x65, 0x07, 0x07, 0x4C, 0x01, 0x02, 0x41, 0x00, 0xFA, 0x47, + 0xD4, 0x7A, 0x7C, 0x92, 0x3C, 0x55, 0xEF, 0x81, 0xF0, 0x41, + 0x30, 0x2D, 0xA3, 0xCF, 0x8F, 0x1C, 0xE6, 0x87, 0x27, 0x05, + 0x70, 0x0D, 0xDF, 0x98, 0x35, 0xD6, 0xF1, 0x8B, 0x38, 0x2F, + 0x24, 0xB5, 0xD0, 0x84, 0xB6, 0x79, 0x4F, 0x71, 0x29, 0x94, + 0x5A, 0xF0, 0x64, 0x6A, 0xAC, 0xE7, 0x72, 0xC6, 0xED, 0x4D, + 0x59, 0x98, 0x3E, 0x67, 0x3A, 0xF3, 0x74, 0x2C, 0xF9, 0x61, + 0x17, 0x69, 0x02, 0x41, 0x00, 0xC0, 0xC1, 0x82, 0x0D, 0x0C, + 0xEB, 0xC6, 0x2F, 0xDC, 0x92, 0xF9, 0x9D, 0x82, 0x1A, 0x31, + 0xE9, 0xE9, 0xF7, 0x4B, 0xF2, 0x82, 0x87, 0x1C, 0xEE, 0x16, + 0x6A, 0xD1, 0x1D, 0x18, 0x82, 0x70, 0xF3, 0xC0, 0xB6, 0x2F, + 0xF6, 0xF3, 0xF7, 0x1D, 0xF1, 0x86, 0x23, 0xC8, 0x4E, 0xEB, + 0x8F, 0x56, 0x8E, 0x8F, 0xF5, 0xBF, 0xF1, 0xF7, 0x2B, 0xB5, + 0xCC, 0x3D, 0xC6, 0x57, 0x39, 0x0C, 0x1B, 0x54, 0x41, 0x02, + 0x41, 0x00, 0x9D, 0x7E, 0x05, 0xDE, 0xED, 0xF4, 0xB7, 0xB2, + 0xFB, 0xFC, 0x30, 0x4B, 0x55, 0x1D, 0xE3, 0x2F, 0x01, 0x47, + 0x96, 0x69, 0x05, 0xCD, 0x0E, 0x2E, 0x2C, 0xBD, 0x83, 0x63, + 0xB6, 0xAB, 0x7C, 0xB7, 0x6D, 0xCA, 0x5B, 0x64, 0xA7, 0xCE, + 0xBE, 0x86, 0xDF, 0x3B, 0x53, 0xDE, 0x61, 0xD2, 0x1E, 0xEB, + 0xA5, 0xF6, 0x37, 0xED, 0xAC, 0xAB, 0x78, 0xD9, 0x4C, 0xE7, + 0x55, 0xFB, 0xD7, 0x11, 0x99, 0xC1, 0x02, 0x40, 0x18, 0x98, + 0x18, 0x29, 0xE6, 0x1E, 0x27, 0x39, 0x70, 0x21, 0x68, 0xAC, + 0x0A, 0x2F, 0xA1, 0x72, 0xC1, 0x21, 0x86, 0x95, 0x38, 0xC6, + 0x58, 0x90, 0xA0, 0x57, 0x9C, 0xBA, 0xE3, 0xA7, 0xB1, 0x15, + 0xC8, 0xDE, 0xF6, 0x1B, 0xC2, 0x61, 0x23, 0x76, 0xEF, 0xB0, + 0x9D, 0x1C, 0x44, 0xBE, 0x13, 0x43, 0x39, 0x67, 0x17, 0xC8, + 0x9D, 0xCA, 0xFB, 0xF5, 0x45, 0x64, 0x8B, 0x38, 0x82, 0x2C, + 0xF2, 0x81, 0x02, 0x40, 0x39, 0x89, 0xE5, 0x9C, 0x19, 0x55, + 0x30, 0xBA, 0xB7, 0x48, 0x8C, 0x48, 0x14, 0x0E, 0xF4, 0x9F, + 0x7E, 0x77, 0x97, 0x43, 0xE1, 0xB4, 0x19, 0x35, 0x31, 0x23, + 0x75, 0x9C, 0x3B, 0x44, 0xAD, 0x69, 0x12, 0x56, 0xEE, 0x00, + 0x61, 0x64, 0x16, 0x66, 0xD3, 0x7C, 0x74, 0x2B, 0x15, 0xB4, + 0xA2, 0xFE, 0xBF, 0x08, 0x6B, 0x1A, 0x5D, 0x3F, 0x90, 0x12, + 0xB1, 0x05, 0x86, 0x31, 0x29, 0xDB, 0xD9, 0xE2 +}; +static const int sizeof_client_key_der_1024 = sizeof(client_key_der_1024); + +/* ./certs/1024/client-keyPub.der, 1024-bit */ +static const unsigned char client_keypub_der_1024[] = +{ + 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, + 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xBC, + 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, 0xA9, 0xEF, 0x18, + 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, 0xEC, 0xB3, 0x6D, + 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, 0xEC, 0xD1, 0x61, + 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, 0x94, 0xCA, 0xC1, + 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, 0x4D, 0xC4, 0x61, + 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, 0x25, 0xBB, 0x8D, + 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, 0xCC, 0x39, 0xA2, + 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, 0xDA, 0x4D, 0x02, + 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, 0x77, 0xC9, 0x28, + 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, 0x4C, 0xE8, 0xC1, + 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, 0xAE, 0xF6, 0x90, + 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, 0x67, 0xC8, 0xDC, + 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, 0x02, 0x03, 0x01, + 0x00, 0x01 +}; +static const int sizeof_client_keypub_der_1024 = sizeof(client_keypub_der_1024); + +/* ./certs/1024/client-cert.der, 1024-bit */ +static const unsigned char client_cert_der_1024[] = +{ + 0x30, 0x82, 0x03, 0xC5, 0x30, 0x82, 0x03, 0x2E, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xF3, 0x63, 0xB8, 0x35, + 0x1D, 0x0A, 0xD8, 0xD9, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, + 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, + 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, + 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, + 0x32, 0x30, 0x30, 0x37, 0x33, 0x37, 0x5A, 0x17, 0x0D, 0x31, + 0x39, 0x30, 0x35, 0x30, 0x38, 0x32, 0x30, 0x30, 0x37, 0x33, + 0x37, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, + 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, + 0x81, 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, + 0xA9, 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, + 0xEC, 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, + 0xEC, 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, + 0x94, 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, + 0x4D, 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, + 0x25, 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, + 0xCC, 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, + 0xDA, 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, + 0x77, 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, + 0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, + 0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, + 0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x07, 0x30, + 0x82, 0x01, 0x03, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, + 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, + 0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, + 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, 0xD5, + 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, 0xEC, + 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, + 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, + 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, + 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xF3, 0x63, 0xB8, 0x35, 0x1D, 0x0A, 0xD8, 0xD9, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, + 0x00, 0x31, 0x5E, 0xC5, 0x8C, 0x6F, 0xB7, 0xC5, 0x47, 0x1B, + 0x51, 0x5F, 0x99, 0x91, 0xA1, 0x23, 0x45, 0x3C, 0x36, 0x59, + 0x20, 0xFE, 0x90, 0x46, 0x95, 0x79, 0xE8, 0xB8, 0xD9, 0xDB, + 0x44, 0x7F, 0x63, 0x42, 0x71, 0x59, 0xD5, 0x59, 0xA5, 0x3C, + 0xD3, 0x43, 0x83, 0xA0, 0x7D, 0x1E, 0x56, 0x36, 0x02, 0x92, + 0xE2, 0x0A, 0x19, 0xF6, 0x97, 0xF2, 0x82, 0x12, 0xA6, 0xB2, + 0xBF, 0x3B, 0xB6, 0xB0, 0x07, 0xFC, 0x7A, 0x5B, 0x78, 0x22, + 0xA0, 0x31, 0xF4, 0x3D, 0xEB, 0x0A, 0xC5, 0xE4, 0xE5, 0xB4, + 0xC7, 0xBB, 0x4F, 0xA9, 0xB8, 0x37, 0x19, 0xBF, 0xC7, 0x64, + 0x9D, 0x74, 0x9E, 0x78, 0xDF, 0x09, 0xF5, 0xD6, 0xDD, 0xC2, + 0xFB, 0xCE, 0x94, 0xD5, 0xBF, 0x97, 0xB0, 0x76, 0xB5, 0xE9, + 0x10, 0x65, 0x6C, 0x48, 0x85, 0xC4, 0x1B, 0xFF, 0x5B, 0x64, + 0xC7, 0x11, 0x30, 0x06, 0xE4, 0x40, 0xF5, 0x90, 0x2B +}; +static const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024); + +/* ./certs/1024/dh1024.der, 1024-bit */ +static const unsigned char dh_key_der_1024[] = +{ + 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0xA4, 0xD2, 0xB8, + 0x6E, 0x78, 0xF5, 0xD9, 0xED, 0x2D, 0x7C, 0xDD, 0xB6, 0x16, + 0x86, 0x5A, 0x4B, 0x05, 0x76, 0x90, 0xDD, 0x66, 0x61, 0xB9, + 0x6D, 0x52, 0xA7, 0x1C, 0xAF, 0x62, 0xC6, 0x69, 0x47, 0x7B, + 0x39, 0xF2, 0xFB, 0x94, 0xEC, 0xBC, 0x79, 0xFF, 0x24, 0x5E, + 0xEF, 0x79, 0xBB, 0x59, 0xB2, 0xFC, 0xCA, 0x07, 0xD6, 0xF4, + 0xE9, 0x34, 0xF7, 0xE8, 0x38, 0xE7, 0xD7, 0x33, 0x44, 0x1D, + 0xA3, 0x64, 0x76, 0x1A, 0x84, 0x97, 0x54, 0x74, 0x40, 0x84, + 0x1F, 0x15, 0xFE, 0x7C, 0x25, 0x2A, 0x2B, 0x25, 0xFD, 0x9E, + 0xC1, 0x89, 0x33, 0x8C, 0x39, 0x25, 0x2B, 0x40, 0xE6, 0xCD, + 0xF8, 0xA8, 0xA1, 0x8A, 0x53, 0xC6, 0x47, 0xB2, 0xA0, 0xD7, + 0x8F, 0xEB, 0x2E, 0x60, 0x0A, 0x0D, 0x4B, 0xF8, 0xB4, 0x94, + 0x8C, 0x63, 0x0A, 0xAD, 0xC7, 0x10, 0xEA, 0xC7, 0xA1, 0xB9, + 0x9D, 0xF2, 0xA8, 0x37, 0x73, 0x02, 0x01, 0x02 +}; +static const int sizeof_dh_key_der_1024 = sizeof(dh_key_der_1024); + +/* ./certs/1024/dsa1024.der, 1024-bit */ +static const unsigned char dsa_key_der_1024[] = +{ + 0x30, 0x82, 0x01, 0xBC, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, + 0x00, 0xF7, 0x4B, 0xF9, 0xBB, 0x15, 0x98, 0xEB, 0xDD, 0xDE, + 0x1E, 0x4E, 0x71, 0x88, 0x85, 0xF2, 0xB7, 0xBA, 0xE2, 0x4A, + 0xDA, 0x76, 0x40, 0xCD, 0x69, 0x48, 0x9E, 0x83, 0x7C, 0x11, + 0xF7, 0x65, 0x31, 0x78, 0xF5, 0x25, 0x2D, 0xF7, 0xB7, 0xF8, + 0x52, 0x3F, 0xBE, 0xD8, 0xB6, 0xC5, 0xFE, 0x18, 0x15, 0x5B, + 0xB9, 0xD5, 0x92, 0x86, 0xBC, 0xB2, 0x17, 0x7C, 0xD8, 0xB0, + 0xBE, 0xA0, 0x7C, 0xF2, 0xD5, 0x73, 0x7A, 0x58, 0x8F, 0x8D, + 0xE5, 0x4A, 0x00, 0x99, 0x83, 0x4A, 0xC0, 0x9E, 0x16, 0x09, + 0xA1, 0x10, 0x34, 0xD5, 0x19, 0xBB, 0x63, 0xE3, 0xDD, 0x83, + 0x74, 0x7F, 0x10, 0xCA, 0x73, 0x75, 0xEE, 0x31, 0x4A, 0xDD, + 0x9F, 0xE0, 0x02, 0x6A, 0x9D, 0xEE, 0xB2, 0x4B, 0xA7, 0x6B, + 0x2A, 0x6C, 0xC7, 0x86, 0x77, 0xE8, 0x04, 0x15, 0xDC, 0x92, + 0xB4, 0x7A, 0x29, 0x1F, 0x4E, 0x83, 0x63, 0x85, 0x55, 0x02, + 0x15, 0x00, 0xD2, 0x05, 0xE4, 0x73, 0xFB, 0xC1, 0x99, 0xC5, + 0xDC, 0x68, 0xA4, 0x8D, 0x92, 0x27, 0x3D, 0xE2, 0x52, 0x5F, + 0x89, 0x8B, 0x02, 0x81, 0x81, 0x00, 0xAA, 0x21, 0x02, 0x09, + 0x43, 0x6E, 0xFB, 0xA2, 0x54, 0x14, 0x85, 0x0A, 0xF4, 0x28, + 0x7C, 0xCB, 0xCC, 0xDB, 0xF5, 0x1E, 0xA2, 0x18, 0xA9, 0x21, + 0xDE, 0x88, 0x88, 0x33, 0x8C, 0x2E, 0xEB, 0x8D, 0xA3, 0xF0, + 0x1D, 0xC8, 0x8F, 0xF6, 0x7E, 0xF8, 0xCF, 0x12, 0xF5, 0xB4, + 0xA1, 0x11, 0x6F, 0x0C, 0xD4, 0xF0, 0x06, 0xAD, 0xC4, 0xFC, + 0x14, 0x45, 0xC7, 0x94, 0x15, 0xBC, 0x19, 0x4B, 0xAE, 0xEF, + 0x93, 0x6A, 0x4F, 0xCC, 0x14, 0xD8, 0x47, 0x8B, 0x39, 0x66, + 0x87, 0x02, 0xD4, 0x28, 0x0A, 0xB8, 0xEE, 0x09, 0x37, 0xF4, + 0x00, 0xA0, 0x04, 0xA7, 0x79, 0xA7, 0xD2, 0x3C, 0xF7, 0x34, + 0x43, 0x56, 0x8E, 0xD0, 0x7C, 0xC2, 0xD8, 0x4D, 0x0F, 0x89, + 0xED, 0x14, 0xC1, 0x2C, 0x9C, 0x4C, 0x19, 0x9B, 0x9E, 0xDC, + 0x53, 0x09, 0x9F, 0xDF, 0x2D, 0xF0, 0x0C, 0x27, 0x54, 0x3A, + 0x77, 0x14, 0x2D, 0xDE, 0x02, 0x81, 0x81, 0x00, 0xE8, 0x1F, + 0x7C, 0xB7, 0xC0, 0x54, 0x51, 0xA7, 0x28, 0x2D, 0x58, 0x7C, + 0xDE, 0xD4, 0x5C, 0xDD, 0xD5, 0x76, 0x84, 0x3C, 0x36, 0x20, + 0xC0, 0xC3, 0x25, 0xD7, 0x3A, 0x38, 0xE1, 0x54, 0xC8, 0xFD, + 0x40, 0x68, 0x1A, 0x21, 0x54, 0x26, 0x39, 0x14, 0xBF, 0xF6, + 0xA3, 0x9C, 0x5E, 0xD9, 0x2B, 0xF7, 0xC9, 0x25, 0xBA, 0x00, + 0x09, 0xCB, 0x7F, 0x0C, 0x4A, 0x24, 0xFD, 0x15, 0x16, 0x15, + 0x48, 0xCD, 0x0B, 0x52, 0x44, 0x40, 0x7B, 0x90, 0x63, 0x2B, + 0x90, 0x22, 0xC5, 0x18, 0x05, 0x80, 0x53, 0xAF, 0x83, 0x1F, + 0x54, 0xE2, 0xB0, 0xA2, 0x0B, 0x5A, 0x92, 0x24, 0xE1, 0x62, + 0x28, 0x3F, 0xB7, 0xCA, 0xB9, 0x89, 0xD6, 0xA0, 0xB7, 0xAD, + 0xAE, 0x05, 0xE1, 0xC1, 0x59, 0x40, 0xED, 0x4A, 0x1B, 0x68, + 0xA7, 0x7B, 0xFB, 0xC3, 0x20, 0x81, 0xEF, 0x4B, 0xF3, 0x69, + 0x91, 0xB0, 0xCE, 0x3A, 0xB0, 0x38, 0x02, 0x14, 0x25, 0x38, + 0x3B, 0xA1, 0x19, 0x75, 0xDF, 0x9B, 0xF5, 0x72, 0x53, 0x4F, + 0x39, 0xE1, 0x1C, 0xEC, 0x13, 0x84, 0x82, 0x18 +}; +static const int sizeof_dsa_key_der_1024 = sizeof(dsa_key_der_1024); + +/* ./certs/1024/rsa1024.der, 1024-bit */ +static const unsigned char rsa_key_der_1024[] = +{ + 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, + 0x00, 0xBE, 0x70, 0x70, 0xB8, 0x04, 0x18, 0xE5, 0x28, 0xFE, + 0x66, 0xD8, 0x90, 0x88, 0xE0, 0xF1, 0xB7, 0xC3, 0xD0, 0xD2, + 0x3E, 0xE6, 0x4B, 0x94, 0x74, 0xB0, 0xFF, 0xB0, 0xF7, 0x63, + 0xA5, 0xAB, 0x7E, 0xAF, 0xB6, 0x2B, 0xB7, 0x38, 0x16, 0x1A, + 0x50, 0xBF, 0xF1, 0xCA, 0x87, 0x3A, 0xD5, 0xB0, 0xDA, 0xF8, + 0x43, 0x7A, 0x15, 0xB9, 0x7E, 0xEA, 0x2A, 0x80, 0xD2, 0x51, + 0xB0, 0x35, 0xAF, 0x07, 0xF3, 0xF2, 0x5D, 0x24, 0x3A, 0x4B, + 0x87, 0x56, 0x48, 0x1B, 0x3C, 0x24, 0x9A, 0xDA, 0x70, 0x80, + 0xBD, 0x3C, 0x8B, 0x03, 0x4A, 0x0C, 0x83, 0x71, 0xDE, 0xE3, + 0x03, 0x70, 0xA2, 0xB7, 0x60, 0x09, 0x1B, 0x5E, 0xC7, 0x3D, + 0xA0, 0x64, 0x60, 0xE3, 0xA9, 0x06, 0x8D, 0xD3, 0xFF, 0x42, + 0xBB, 0x0A, 0x94, 0x27, 0x2D, 0x57, 0x42, 0x0D, 0xB0, 0x2D, + 0xE0, 0xBA, 0x18, 0x25, 0x60, 0x92, 0x11, 0x92, 0xF3, 0x02, + 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x0E, 0xEE, 0x1D, + 0xC8, 0x2F, 0x7A, 0x0C, 0x2D, 0x44, 0x94, 0xA7, 0x91, 0xDD, + 0x49, 0x55, 0x6A, 0x04, 0xCE, 0x10, 0x4D, 0xA2, 0x1C, 0x76, + 0xCD, 0x17, 0x3B, 0x54, 0x92, 0x70, 0x9B, 0x82, 0x70, 0x72, + 0x32, 0x24, 0x07, 0x3F, 0x3C, 0x6C, 0x5F, 0xBC, 0x4C, 0xA6, + 0x86, 0x27, 0x94, 0xAD, 0x42, 0xDD, 0x87, 0xDC, 0xC0, 0x6B, + 0x44, 0x89, 0xF3, 0x3F, 0x1A, 0x3E, 0x11, 0x44, 0x84, 0x2E, + 0x69, 0x4C, 0xBB, 0x4A, 0x71, 0x1A, 0xBB, 0x9A, 0x52, 0x3C, + 0x6B, 0xDE, 0xBC, 0xB2, 0x7C, 0x51, 0xEF, 0x4F, 0x8F, 0x3A, + 0xDC, 0x50, 0x04, 0x4E, 0xB6, 0x31, 0x66, 0xA8, 0x8E, 0x06, + 0x3B, 0x51, 0xA9, 0xC1, 0x8A, 0xCB, 0xC4, 0x81, 0xCA, 0x2D, + 0x69, 0xEC, 0x88, 0xFC, 0x33, 0x88, 0xD1, 0xD4, 0x29, 0x47, + 0x87, 0x37, 0xF9, 0x6A, 0x22, 0x69, 0xB9, 0xC9, 0xFE, 0xEB, + 0x8C, 0xC5, 0x21, 0x41, 0x71, 0x02, 0x41, 0x00, 0xFD, 0x17, + 0x98, 0x42, 0x54, 0x1C, 0x23, 0xF8, 0xD7, 0x5D, 0xEF, 0x49, + 0x4F, 0xAF, 0xD9, 0x35, 0x6F, 0x08, 0xC6, 0xC7, 0x40, 0x5C, + 0x7E, 0x58, 0x86, 0xC2, 0xB2, 0x16, 0x39, 0x24, 0xC5, 0x06, + 0xB0, 0x3D, 0xAF, 0x02, 0xD2, 0x87, 0x77, 0xD2, 0x76, 0xBA, + 0xE3, 0x59, 0x60, 0x42, 0xF1, 0x16, 0xEF, 0x33, 0x0B, 0xF2, + 0x0B, 0xBA, 0x99, 0xCC, 0xB6, 0x4C, 0x46, 0x3F, 0x33, 0xE4, + 0xD4, 0x67, 0x02, 0x41, 0x00, 0xC0, 0xA0, 0x91, 0x6D, 0xFE, + 0x28, 0xE0, 0x81, 0x5A, 0x15, 0xA7, 0xC9, 0xA8, 0x98, 0xC6, + 0x0A, 0xAB, 0x00, 0xC5, 0x40, 0xC9, 0x21, 0xBB, 0xB2, 0x33, + 0x5A, 0xA7, 0xCB, 0x6E, 0xB8, 0x08, 0x56, 0x4A, 0x76, 0x28, + 0xE8, 0x6D, 0xBD, 0xF5, 0x26, 0x7B, 0xBF, 0xC5, 0x46, 0x45, + 0x0D, 0xEC, 0x7D, 0xEE, 0x82, 0xD6, 0xCA, 0x5F, 0x3D, 0x6E, + 0xCC, 0x94, 0x73, 0xCD, 0xCE, 0x86, 0x6E, 0x95, 0x95, 0x02, + 0x40, 0x38, 0xFD, 0x28, 0x1E, 0xBF, 0x5B, 0xBA, 0xC9, 0xDC, + 0x8C, 0xDD, 0x45, 0xAF, 0xB8, 0xD3, 0xFB, 0x11, 0x2E, 0x73, + 0xBC, 0x08, 0x05, 0x0B, 0xBA, 0x19, 0x56, 0x1B, 0xCD, 0x9F, + 0x3E, 0x65, 0x53, 0x15, 0x3A, 0x3E, 0x7F, 0x2F, 0x32, 0xAB, + 0xCB, 0x6B, 0x4A, 0xB7, 0xC8, 0xB7, 0x41, 0x3B, 0x92, 0x43, + 0x78, 0x46, 0x17, 0x51, 0x86, 0xC9, 0xFC, 0xEB, 0x8B, 0x8F, + 0x41, 0xCA, 0x08, 0x9B, 0xBF, 0x02, 0x41, 0x00, 0xAD, 0x9B, + 0x89, 0xB6, 0xF2, 0x8C, 0x70, 0xDA, 0xE4, 0x10, 0x04, 0x6B, + 0x11, 0x92, 0xAF, 0x5A, 0xCA, 0x08, 0x25, 0xBF, 0x60, 0x07, + 0x11, 0x1D, 0x68, 0x7F, 0x5A, 0x1F, 0x55, 0x28, 0x74, 0x0B, + 0x21, 0x8D, 0x21, 0x0D, 0x6A, 0x6A, 0xFB, 0xD9, 0xB5, 0x4A, + 0x7F, 0x47, 0xF7, 0xD0, 0xB6, 0xC6, 0x41, 0x02, 0x97, 0x07, + 0x49, 0x93, 0x1A, 0x9B, 0x33, 0x68, 0xB3, 0xA2, 0x61, 0x32, + 0xA5, 0x89, 0x02, 0x41, 0x00, 0x8F, 0xEF, 0xAD, 0xB5, 0xB0, + 0xB0, 0x7E, 0x86, 0x03, 0x43, 0x93, 0x6E, 0xDD, 0x3C, 0x2D, + 0x9B, 0x6A, 0x55, 0xFF, 0x6F, 0x3E, 0x70, 0x2A, 0xD4, 0xBF, + 0x1F, 0x8C, 0x93, 0x60, 0x9E, 0x6D, 0x2F, 0x18, 0x6C, 0x11, + 0x36, 0x98, 0x3F, 0x10, 0x78, 0xE8, 0x3E, 0x8F, 0xFE, 0x55, + 0xB9, 0x9E, 0xD5, 0x5B, 0x2E, 0x87, 0x1C, 0x58, 0xD0, 0x37, + 0x89, 0x96, 0xEC, 0x48, 0x54, 0xF5, 0x9F, 0x0F, 0xB3 +}; +static const int sizeof_rsa_key_der_1024 = sizeof(rsa_key_der_1024); + +/* ./certs/1024/ca-key.der, 1024-bit */ +static const unsigned char ca_key_der_1024[] = +{ + 0x30, 0x82, 0x02, 0x5E, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, + 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, 0x24, 0xC3, + 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, 0x16, 0x59, + 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, 0x04, 0x17, + 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, 0x50, 0x62, + 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, 0x24, 0x0B, + 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, 0xA8, 0x2E, + 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, 0xA2, 0x80, + 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, 0x54, 0xDB, + 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, 0x72, 0x27, + 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, 0x9B, 0x01, + 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, 0x94, 0x92, + 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, 0xE5, 0x88, + 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, 0x09, 0x02, + 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x52, 0x35, 0x3D, + 0x01, 0x29, 0xA4, 0x95, 0x29, 0x71, 0x9B, 0x64, 0x6A, 0x2C, + 0xC3, 0xD2, 0xB5, 0xBE, 0x6E, 0x13, 0x9C, 0x8F, 0xB6, 0x26, + 0xD8, 0x76, 0x6B, 0xBD, 0x61, 0xBC, 0x63, 0x2D, 0xD5, 0x4D, + 0xBB, 0xCC, 0xC6, 0x3B, 0x89, 0xC8, 0xCE, 0x7B, 0x9B, 0x97, + 0xE7, 0x51, 0x67, 0x61, 0xDA, 0xA9, 0x83, 0x7B, 0xC8, 0x44, + 0xF5, 0x70, 0x5E, 0x3E, 0xD0, 0x7E, 0x51, 0xB9, 0x6E, 0x13, + 0x57, 0x08, 0x5C, 0xE1, 0x67, 0x4F, 0x61, 0x5E, 0xA5, 0x09, + 0xEC, 0x11, 0xDD, 0xE4, 0xB8, 0xB4, 0xF4, 0xE0, 0x63, 0x34, + 0x4C, 0xDA, 0x32, 0x20, 0x1F, 0x85, 0x41, 0x5D, 0xBC, 0xDB, + 0x24, 0xC5, 0xAF, 0xBE, 0x02, 0x5F, 0x22, 0xF1, 0x7C, 0xCC, + 0x05, 0x56, 0xA6, 0xA6, 0x37, 0x9A, 0xEB, 0xFF, 0x52, 0x2D, + 0xBF, 0x30, 0x4B, 0x9A, 0x1D, 0xEE, 0xAB, 0x9C, 0x2C, 0xE2, + 0xC1, 0xB8, 0x9D, 0xC9, 0x31, 0x02, 0x41, 0x00, 0xE9, 0x89, + 0x16, 0xCD, 0xAC, 0x2E, 0xF2, 0x4D, 0x66, 0x17, 0xBD, 0x78, + 0x12, 0x12, 0x8D, 0x8E, 0x84, 0x24, 0xDE, 0x2D, 0x50, 0x41, + 0x85, 0x8C, 0x34, 0x09, 0xFA, 0xFB, 0x6D, 0x87, 0x51, 0x4C, + 0x13, 0x28, 0xF0, 0x60, 0x11, 0x86, 0x3D, 0xC2, 0xA4, 0xCF, + 0x5E, 0xC5, 0x6F, 0x5B, 0x11, 0x32, 0x0A, 0xB5, 0x28, 0xD0, + 0x82, 0x47, 0x44, 0x26, 0x92, 0xE2, 0x78, 0x59, 0xB4, 0x08, + 0xB3, 0xFD, 0x02, 0x41, 0x00, 0xE1, 0x75, 0xB4, 0x6A, 0xB5, + 0x8C, 0x11, 0xFB, 0xCC, 0x42, 0x02, 0xC5, 0xDA, 0x48, 0xCE, + 0x29, 0x43, 0x14, 0x01, 0x9A, 0x2C, 0xB3, 0xA4, 0xCB, 0x73, + 0xEB, 0xA1, 0x35, 0x57, 0xAD, 0xB5, 0x16, 0x17, 0x80, 0x03, + 0x5F, 0x32, 0x37, 0xBE, 0xA2, 0x6F, 0xF9, 0x31, 0x84, 0xBF, + 0x00, 0x6E, 0x8D, 0x03, 0x0E, 0x30, 0x1C, 0xD0, 0x2F, 0x37, + 0xF0, 0x7E, 0xC2, 0x64, 0xBF, 0xEE, 0x4B, 0xE8, 0xFD, 0x02, + 0x41, 0x00, 0xE1, 0x99, 0x8B, 0x2B, 0xD8, 0x9F, 0xE9, 0x76, + 0x97, 0x9F, 0x6B, 0x6B, 0x28, 0x9A, 0x3F, 0xA1, 0x63, 0x4A, + 0x72, 0x4E, 0xF7, 0xEE, 0xB3, 0xE2, 0x43, 0x0B, 0x39, 0x27, + 0xD6, 0x21, 0x18, 0x8A, 0x13, 0x20, 0x43, 0x45, 0xAA, 0xE8, + 0x31, 0x95, 0x6C, 0xBC, 0xDE, 0xE2, 0x7F, 0xB6, 0x4B, 0xA0, + 0x39, 0xF3, 0xD3, 0x9F, 0xC9, 0x9A, 0xAA, 0xDD, 0x50, 0x9B, + 0xF2, 0x83, 0x45, 0x85, 0xFA, 0xC9, 0x02, 0x41, 0x00, 0xAF, + 0xB0, 0xC7, 0x7C, 0xF8, 0x28, 0x44, 0xC3, 0x50, 0xF2, 0x87, + 0xB2, 0xA2, 0x5D, 0x65, 0xBA, 0x25, 0xB9, 0x6B, 0x5E, 0x37, + 0x43, 0x6E, 0x41, 0xD4, 0xFD, 0x63, 0x4C, 0x6C, 0x1C, 0xC3, + 0x26, 0x89, 0xFD, 0x89, 0xA3, 0x1F, 0x40, 0xED, 0x5F, 0x2B, + 0x9E, 0xA6, 0x85, 0xE9, 0x49, 0x6E, 0xDC, 0x97, 0xEA, 0xF0, + 0x77, 0x23, 0x8C, 0x08, 0x2D, 0x72, 0xBA, 0x0D, 0x44, 0xBB, + 0x6F, 0x90, 0x09, 0x02, 0x41, 0x00, 0x91, 0xE4, 0x2E, 0xCA, + 0x8C, 0x0A, 0x69, 0x2F, 0x62, 0xE2, 0x62, 0x3B, 0xA5, 0x8D, + 0x5A, 0x2C, 0x56, 0x3E, 0x7F, 0x67, 0x42, 0x92, 0x12, 0x92, + 0x5F, 0xF3, 0x97, 0xDD, 0xE1, 0xA9, 0x7F, 0xAD, 0x2E, 0x2D, + 0xF4, 0x4A, 0x57, 0xB3, 0x7A, 0x10, 0xBD, 0xD7, 0xE4, 0xEC, + 0x6A, 0x08, 0x21, 0xE9, 0xF2, 0x46, 0x49, 0xD2, 0x69, 0x47, + 0x8A, 0x20, 0x4B, 0xF2, 0xB1, 0x52, 0x83, 0xAB, 0x6F, 0x10 + +}; +static const int sizeof_ca_key_der_1024 = sizeof(ca_key_der_1024); + +/* ./certs/1024/ca-cert.der, 1024-bit */ +static const unsigned char ca_cert_der_1024[] = +{ + 0x30, 0x82, 0x03, 0xB5, 0x30, 0x82, 0x03, 0x1E, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x8F, 0x44, 0x26, 0xFF, + 0xB7, 0x43, 0xE1, 0x9A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, + 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, + 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, + 0x35, 0x30, 0x39, 0x32, 0x33, 0x31, 0x39, 0x32, 0x33, 0x33, + 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x38, 0x30, 0x36, 0x31, 0x39, + 0x31, 0x39, 0x32, 0x33, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x99, + 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, + 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, + 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, + 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, + 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, + 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, + 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, + 0x81, 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, 0x24, + 0xC3, 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, 0x16, + 0x59, 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, 0x04, + 0x17, 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, 0x50, + 0x62, 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, 0x24, + 0x0B, 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, 0xA8, + 0x2E, 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, 0xA2, + 0x80, 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, 0x54, + 0xDB, 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, 0x72, + 0x27, 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, 0x9B, + 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, 0x94, + 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, 0xE5, + 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, 0x09, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x01, 0x30, + 0x81, 0xFE, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, + 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, + 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, + 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, 0x1D, + 0x23, 0x04, 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, 0xD3, + 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, + 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0xA1, + 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, 0x0B, + 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, + 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, + 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, + 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, + 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, + 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, 0x6F, 0x6E, + 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, 0x31, 0x30, + 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x82, 0x09, 0x00, 0x8F, 0x44, 0x26, 0xFF, 0xB7, 0x43, + 0xE1, 0x9A, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, + 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, + 0x00, 0x03, 0x81, 0x81, 0x00, 0x0E, 0x46, 0xAC, 0xD8, 0x29, + 0x1D, 0x12, 0x12, 0x06, 0x0C, 0xD3, 0x3F, 0x7D, 0x58, 0x2E, + 0x0D, 0x11, 0x5E, 0x5D, 0x0D, 0xDD, 0x17, 0xC0, 0x0F, 0xAA, + 0x01, 0x4D, 0xA4, 0xC4, 0x84, 0x81, 0x6E, 0x64, 0xAE, 0xD1, + 0x5D, 0x58, 0xCD, 0x19, 0x6A, 0x74, 0xA4, 0x46, 0x2F, 0xC8, + 0x43, 0x79, 0x39, 0xC0, 0x91, 0x4B, 0x7C, 0x71, 0xEA, 0x4E, + 0x63, 0x44, 0x66, 0x15, 0x41, 0x15, 0xDE, 0x50, 0x82, 0xE3, + 0xE9, 0xD1, 0x55, 0x55, 0xCC, 0x5A, 0x38, 0x1E, 0x3A, 0x59, + 0xB3, 0x0E, 0xEE, 0x0E, 0x54, 0x4D, 0x93, 0xE7, 0xE0, 0x8E, + 0x27, 0xA5, 0x6E, 0x08, 0xB8, 0x6A, 0x39, 0xDA, 0x2D, 0x47, + 0x62, 0xC4, 0x5B, 0x89, 0xC0, 0x48, 0x48, 0x2A, 0xD5, 0xF0, + 0x55, 0x74, 0xFD, 0xA6, 0xB1, 0x68, 0x3C, 0x70, 0xA4, 0x52, + 0x24, 0x81, 0xEC, 0x4C, 0x57, 0xE0, 0xE8, 0x18, 0x73, 0x9D, + 0x0A, 0x4D, 0xD8 +}; +static const int sizeof_ca_cert_der_1024 = sizeof(ca_cert_der_1024); + +/* ./certs/1024/server-key.der, 1024-bit */ +static const unsigned char server_key_der_1024[] = +{ + 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, + 0x00, 0xAA, 0x3E, 0xA5, 0x9C, 0xD3, 0x17, 0x49, 0x65, 0x43, + 0xDE, 0xD0, 0xF3, 0x4B, 0x1C, 0xDB, 0x49, 0x0C, 0xFC, 0x7A, + 0x65, 0x05, 0x6D, 0xDE, 0x6A, 0xC4, 0xE4, 0x73, 0x2C, 0x8A, + 0x96, 0x82, 0x8F, 0x23, 0xA5, 0x06, 0x71, 0x1C, 0x06, 0x3E, + 0x2F, 0x92, 0x8D, 0x0B, 0x29, 0x34, 0x45, 0x59, 0xE9, 0xA9, + 0xBC, 0x61, 0xD7, 0x24, 0x37, 0x5D, 0xB5, 0xC4, 0x37, 0x8D, + 0xBA, 0x67, 0xB2, 0xEF, 0x03, 0x27, 0xFA, 0xC1, 0xB4, 0xCD, + 0x6B, 0x00, 0x66, 0xB4, 0xD6, 0x73, 0x70, 0x1F, 0x08, 0x3A, + 0xCC, 0x77, 0xAD, 0xE9, 0xF9, 0x34, 0xD4, 0xF3, 0xA0, 0x2D, + 0xA9, 0xE7, 0x58, 0xA9, 0xC0, 0x61, 0x84, 0xB6, 0xEC, 0x3D, + 0x0A, 0xAD, 0xFD, 0x5C, 0x86, 0x73, 0xAA, 0x6B, 0x47, 0xD8, + 0x8B, 0x2E, 0x58, 0x4B, 0x69, 0x12, 0x82, 0x26, 0x55, 0xE6, + 0x14, 0xBF, 0x55, 0x70, 0x88, 0xFE, 0xF9, 0x75, 0xE1, 0x02, + 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x0A, 0x4C, 0xC1, + 0xFE, 0x4B, 0xF3, 0x23, 0xB8, 0xA1, 0xB3, 0x90, 0x56, 0xB7, + 0xDB, 0xA6, 0x14, 0xB4, 0x59, 0x6E, 0x1A, 0x40, 0x8A, 0xD6, + 0x23, 0x05, 0x88, 0x80, 0xC3, 0x58, 0x1B, 0x25, 0x08, 0xFD, + 0xF2, 0x15, 0x02, 0xB0, 0xDC, 0x5B, 0xD4, 0xCA, 0xFC, 0x07, + 0x89, 0xD5, 0xA4, 0xC0, 0x7C, 0xD7, 0x8D, 0x13, 0x2A, 0x4E, + 0x01, 0x9F, 0x84, 0xC8, 0xBB, 0x47, 0xB2, 0xD8, 0x65, 0x45, + 0xFA, 0x84, 0x9F, 0x88, 0xD0, 0xF4, 0xF5, 0x22, 0x35, 0x77, + 0x11, 0x67, 0x1C, 0xDE, 0x5F, 0x85, 0x6D, 0x55, 0xD8, 0xA7, + 0x07, 0x15, 0x8C, 0xE1, 0xB0, 0xA7, 0x79, 0xB4, 0x47, 0x9D, + 0x70, 0xB3, 0xD2, 0xF1, 0x1F, 0x41, 0x4C, 0x65, 0x72, 0x26, + 0xEB, 0x66, 0xC8, 0x95, 0xF6, 0x6D, 0x87, 0x35, 0x53, 0xFE, + 0xB1, 0x52, 0x4D, 0x76, 0x5B, 0x61, 0x53, 0x89, 0xB1, 0x20, + 0x1A, 0x8B, 0xE4, 0x7D, 0xF1, 0x02, 0x41, 0x00, 0xD9, 0x6E, + 0xE1, 0xD9, 0x06, 0x56, 0xA1, 0xF6, 0xDF, 0x54, 0x45, 0xC5, + 0xEC, 0x6A, 0xC8, 0x2A, 0x38, 0x4E, 0x6B, 0xC6, 0xE8, 0xEA, + 0xFB, 0x6F, 0x65, 0x2D, 0xBA, 0xDE, 0x27, 0x63, 0x37, 0x21, + 0x2E, 0xA4, 0x55, 0xAB, 0xE7, 0xDB, 0xCE, 0x71, 0xE1, 0x08, + 0xFC, 0xF2, 0xCA, 0x52, 0x33, 0x55, 0xE8, 0x39, 0xB3, 0xDA, + 0xC5, 0xB0, 0x69, 0x84, 0x6E, 0xE3, 0xCF, 0x47, 0x80, 0xA6, + 0xB6, 0x85, 0x02, 0x41, 0x00, 0xC8, 0x71, 0x0D, 0x37, 0x47, + 0xE1, 0x7B, 0x21, 0x2D, 0x11, 0x2D, 0x95, 0x2E, 0xC7, 0xD0, + 0xB6, 0xD3, 0x7C, 0x5C, 0x93, 0x3C, 0x5B, 0x22, 0xE5, 0xE0, + 0x8B, 0x6D, 0x47, 0xF9, 0x14, 0x0F, 0x9E, 0x08, 0x1B, 0x53, + 0xAB, 0x0A, 0xA9, 0xE4, 0x7F, 0x40, 0xD3, 0xDF, 0x62, 0x74, + 0x10, 0xA2, 0xFE, 0x83, 0x1F, 0xCF, 0x55, 0x66, 0xEB, 0x5D, + 0xC5, 0x83, 0xBA, 0xEC, 0x9F, 0xD2, 0xB5, 0x06, 0xAD, 0x02, + 0x41, 0x00, 0xB7, 0x68, 0x19, 0xA7, 0xC7, 0xF9, 0xF1, 0x9A, + 0xDD, 0x5D, 0x27, 0x91, 0xC1, 0x4F, 0x7D, 0x52, 0x67, 0xB6, + 0x76, 0xA1, 0x0D, 0x3D, 0x91, 0x23, 0xB0, 0xB3, 0xF7, 0x49, + 0x86, 0xED, 0xE0, 0xC5, 0xE3, 0xA3, 0x09, 0x04, 0xFD, 0x89, + 0xE2, 0xC5, 0x1A, 0x6E, 0x4B, 0x77, 0xBD, 0x03, 0xC3, 0x7B, + 0xB6, 0x6C, 0x5D, 0xF2, 0xAF, 0x08, 0x94, 0xA8, 0xFA, 0x24, + 0xBD, 0x66, 0x71, 0xF5, 0xAE, 0x45, 0x02, 0x40, 0x15, 0x52, + 0xD1, 0x91, 0x1B, 0xF8, 0x84, 0xDC, 0xD6, 0xAA, 0x89, 0x2A, + 0xE1, 0xBB, 0x28, 0x1D, 0x0B, 0x0A, 0xA3, 0xDE, 0x96, 0x01, + 0x2C, 0x09, 0x40, 0x86, 0x14, 0xAE, 0x1F, 0x75, 0x5E, 0xE3, + 0xF5, 0x00, 0xD3, 0x39, 0xD2, 0xFC, 0x97, 0xEE, 0x61, 0xBB, + 0x28, 0x7C, 0x94, 0xD4, 0x60, 0x42, 0xAB, 0x38, 0x6B, 0x1A, + 0x2E, 0xC4, 0xC3, 0x49, 0x0B, 0xE6, 0x8A, 0xDD, 0xC5, 0xD0, + 0xB4, 0x51, 0x02, 0x41, 0x00, 0xA9, 0x8B, 0xA7, 0xA9, 0xEE, + 0xAE, 0xBB, 0x17, 0xCB, 0x72, 0xF2, 0x50, 0x22, 0x9D, 0xB3, + 0xDF, 0xE0, 0x40, 0x37, 0x08, 0xD5, 0x7F, 0x19, 0x58, 0x80, + 0x70, 0x79, 0x69, 0x99, 0xDF, 0x62, 0x0D, 0x21, 0xAB, 0xDD, + 0xB2, 0xCE, 0x68, 0xB3, 0x9F, 0x87, 0xAF, 0x55, 0xF4, 0xAA, + 0xE1, 0x00, 0x72, 0xBE, 0x6E, 0xC3, 0x94, 0x49, 0xDC, 0xBB, + 0x8E, 0x1A, 0x78, 0xE5, 0x49, 0x1F, 0x55, 0x41, 0xA1 +}; +static const int sizeof_server_key_der_1024 = sizeof(server_key_der_1024); + +/* ./certs/1024/server-cert.der, 1024-bit */ +static const unsigned char server_cert_der_1024[] = +{ + 0x30, 0x82, 0x03, 0xA9, 0x30, 0x82, 0x03, 0x12, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, + 0x00, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, + 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, + 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, + 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, + 0x74, 0x68, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, + 0x69, 0x6E, 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, + 0x0D, 0x31, 0x35, 0x30, 0x39, 0x32, 0x33, 0x31, 0x39, 0x32, + 0x33, 0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x38, 0x30, 0x36, + 0x31, 0x39, 0x31, 0x39, 0x32, 0x33, 0x33, 0x38, 0x5A, 0x30, + 0x81, 0x95, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, + 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0C, + 0x53, 0x75, 0x70, 0x70, 0x6F, 0x72, 0x74, 0x5F, 0x31, 0x30, + 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, + 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, + 0xAA, 0x3E, 0xA5, 0x9C, 0xD3, 0x17, 0x49, 0x65, 0x43, 0xDE, + 0xD0, 0xF3, 0x4B, 0x1C, 0xDB, 0x49, 0x0C, 0xFC, 0x7A, 0x65, + 0x05, 0x6D, 0xDE, 0x6A, 0xC4, 0xE4, 0x73, 0x2C, 0x8A, 0x96, + 0x82, 0x8F, 0x23, 0xA5, 0x06, 0x71, 0x1C, 0x06, 0x3E, 0x2F, + 0x92, 0x8D, 0x0B, 0x29, 0x34, 0x45, 0x59, 0xE9, 0xA9, 0xBC, + 0x61, 0xD7, 0x24, 0x37, 0x5D, 0xB5, 0xC4, 0x37, 0x8D, 0xBA, + 0x67, 0xB2, 0xEF, 0x03, 0x27, 0xFA, 0xC1, 0xB4, 0xCD, 0x6B, + 0x00, 0x66, 0xB4, 0xD6, 0x73, 0x70, 0x1F, 0x08, 0x3A, 0xCC, + 0x77, 0xAD, 0xE9, 0xF9, 0x34, 0xD4, 0xF3, 0xA0, 0x2D, 0xA9, + 0xE7, 0x58, 0xA9, 0xC0, 0x61, 0x84, 0xB6, 0xEC, 0x3D, 0x0A, + 0xAD, 0xFD, 0x5C, 0x86, 0x73, 0xAA, 0x6B, 0x47, 0xD8, 0x8B, + 0x2E, 0x58, 0x4B, 0x69, 0x12, 0x82, 0x26, 0x55, 0xE6, 0x14, + 0xBF, 0x55, 0x70, 0x88, 0xFE, 0xF9, 0x75, 0xE1, 0x02, 0x03, + 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x01, 0x30, 0x81, 0xFE, + 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, + 0x14, 0xD9, 0x3C, 0x35, 0xEA, 0x74, 0x0E, 0x23, 0xBE, 0x9C, + 0xFC, 0xFA, 0x29, 0x90, 0x09, 0xC1, 0xE7, 0x84, 0x16, 0x9F, + 0x7C, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, + 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, 0xD3, 0x22, 0x8F, + 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, + 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0xA1, 0x81, 0x9F, + 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, + 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, + 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, + 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, + 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, + 0x09, 0x00, 0x8F, 0x44, 0x26, 0xFF, 0xB7, 0x43, 0xE1, 0x9A, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, + 0x81, 0x81, 0x00, 0x0A, 0x04, 0xC7, 0x9A, 0xC4, 0xF6, 0x46, + 0xDB, 0xE4, 0x85, 0xD4, 0x22, 0x02, 0x12, 0x3E, 0x53, 0x27, + 0x25, 0x24, 0x8A, 0x9B, 0x2F, 0x93, 0x7F, 0xDE, 0x70, 0x94, + 0xC5, 0x6C, 0x4C, 0x26, 0x25, 0x25, 0x7A, 0xD7, 0x0F, 0x33, + 0xB9, 0x9C, 0xD2, 0x5A, 0x94, 0x7F, 0x8D, 0x30, 0x75, 0xAD, + 0x82, 0xC9, 0xBF, 0x4B, 0x6C, 0x91, 0x58, 0x7C, 0x45, 0x1A, + 0x89, 0xDF, 0x8E, 0xCA, 0x31, 0x9F, 0xAB, 0x38, 0xB3, 0xAE, + 0xC2, 0x8F, 0x14, 0x87, 0xE6, 0x1C, 0xAB, 0x12, 0x4E, 0xDF, + 0x82, 0x36, 0xC9, 0x41, 0x46, 0xC4, 0x05, 0x95, 0x88, 0x62, + 0x09, 0x72, 0x57, 0x66, 0x31, 0x80, 0xB8, 0x9C, 0x55, 0xA8, + 0xFB, 0x74, 0x01, 0x32, 0xE7, 0x5A, 0x40, 0xDF, 0x9B, 0xE4, + 0x98, 0xD7, 0x5B, 0xEA, 0x69, 0x5C, 0x14, 0x1B, 0x9B, 0x8B, + 0x08, 0x2D, 0xD9, 0x58, 0x28, 0xBE, 0xC9, 0x01, 0xE0, 0xE1, + 0xA9 +}; +static const int sizeof_server_cert_der_1024 = sizeof(server_cert_der_1024); + +#endif /* USE_CERT_BUFFERS_1024 */ + +#ifdef USE_CERT_BUFFERS_2048 + +/* ./certs/client-key.der, 2048-bit */ +static const unsigned char client_key_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, 0xFE, 0x39, 0xA4, 0x32, + 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, 0x7C, 0x74, 0x9A, + 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, 0xD6, 0xA6, 0x36, 0xB2, + 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, 0x7B, 0xC6, 0xC3, 0x44, + 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, 0x67, + 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 0x4A, 0xD2, 0x1B, 0xF7, + 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, 0xEC, 0xF1, 0x81, 0x1E, + 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, 0x65, 0xCC, 0x7F, 0x65, + 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, 0xF7, + 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, 0x3A, 0x7A, 0x78, + 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, 0x13, 0x42, 0x8D, 0xD2, + 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, 0x86, 0xDF, 0x37, 0x51, + 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, 0xA3, 0x4A, 0x35, 0xE4, + 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, 0x4E, 0x97, 0xD0, + 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, 0xAF, 0x20, 0x0B, 0x43, + 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, 0x82, 0x6F, 0x8D, 0x86, + 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, 0x72, + 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 0x73, 0xB0, 0xCE, 0xEF, + 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, 0x7B, 0xC0, 0x12, 0x03, + 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, + 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, 0x8A, + 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, 0xBB, 0xFF, 0x25, + 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, 0xD3, 0x86, 0x40, 0x18, + 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, 0x30, 0xC4, 0x97, 0x84, + 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, 0xF7, 0x7F, 0xC0, 0xAE, + 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3, 0x02, 0x03, + 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x01, 0x00, 0xA2, 0xE6, + 0xD8, 0x5F, 0x10, 0x71, 0x64, 0x08, 0x9E, 0x2E, 0x6D, 0xD1, + 0x6D, 0x1E, 0x85, 0xD2, 0x0A, 0xB1, 0x8C, 0x47, 0xCE, 0x2C, + 0x51, 0x6A, 0xA0, 0x12, 0x9E, 0x53, 0xDE, 0x91, 0x4C, 0x1D, + 0x6D, 0xEA, 0x59, 0x7B, 0xF2, 0x77, 0xAA, 0xD9, 0xC6, 0xD9, + 0x8A, 0xAB, 0xD8, 0xE1, 0x16, 0xE4, 0x63, 0x26, 0xFF, 0xB5, + 0x6C, 0x13, 0x59, 0xB8, 0xE3, 0xA5, 0xC8, 0x72, 0x17, 0x2E, + 0x0C, 0x9F, 0x6F, 0xE5, 0x59, 0x3F, 0x76, 0x6F, 0x49, 0xB1, + 0x11, 0xC2, 0x5A, 0x2E, 0x16, 0x29, 0x0D, 0xDE, 0xB7, 0x8E, + 0xDC, 0x40, 0xD5, 0xA2, 0xEE, 0xE0, 0x1E, 0xA1, 0xF4, 0xBE, + 0x97, 0xDB, 0x86, 0x63, 0x96, 0x14, 0xCD, 0x98, 0x09, 0x60, + 0x2D, 0x30, 0x76, 0x9C, 0x3C, 0xCD, 0xE6, 0x88, 0xEE, 0x47, + 0x92, 0x79, 0x0B, 0x5A, 0x00, 0xE2, 0x5E, 0x5F, 0x11, 0x7C, + 0x7D, 0xF9, 0x08, 0xB7, 0x20, 0x06, 0x89, 0x2A, 0x5D, 0xFD, + 0x00, 0xAB, 0x22, 0xE1, 0xF0, 0xB3, 0xBC, 0x24, 0xA9, 0x5E, + 0x26, 0x0E, 0x1F, 0x00, 0x2D, 0xFE, 0x21, 0x9A, 0x53, 0x5B, + 0x6D, 0xD3, 0x2B, 0xAB, 0x94, 0x82, 0x68, 0x43, 0x36, 0xD8, + 0xF6, 0x2F, 0xC6, 0x22, 0xFC, 0xB5, 0x41, 0x5D, 0x0D, 0x33, + 0x60, 0xEA, 0xA4, 0x7D, 0x7E, 0xE8, 0x4B, 0x55, 0x91, 0x56, + 0xD3, 0x5C, 0x57, 0x8F, 0x1F, 0x94, 0x17, 0x2F, 0xAA, 0xDE, + 0xE9, 0x9E, 0xA8, 0xF4, 0xCF, 0x8A, 0x4C, 0x8E, 0xA0, 0xE4, + 0x56, 0x73, 0xB2, 0xCF, 0x4F, 0x86, 0xC5, 0x69, 0x3C, 0xF3, + 0x24, 0x20, 0x8B, 0x5C, 0x96, 0x0C, 0xFA, 0x6B, 0x12, 0x3B, + 0x9A, 0x67, 0xC1, 0xDF, 0xC6, 0x96, 0xB2, 0xA5, 0xD5, 0x92, + 0x0D, 0x9B, 0x09, 0x42, 0x68, 0x24, 0x10, 0x45, 0xD4, 0x50, + 0xE4, 0x17, 0x39, 0x48, 0xD0, 0x35, 0x8B, 0x94, 0x6D, 0x11, + 0xDE, 0x8F, 0xCA, 0x59, 0x02, 0x81, 0x81, 0x00, 0xEA, 0x24, + 0xA7, 0xF9, 0x69, 0x33, 0xE9, 0x71, 0xDC, 0x52, 0x7D, 0x88, + 0x21, 0x28, 0x2F, 0x49, 0xDE, 0xBA, 0x72, 0x16, 0xE9, 0xCC, + 0x47, 0x7A, 0x88, 0x0D, 0x94, 0x57, 0x84, 0x58, 0x16, 0x3A, + 0x81, 0xB0, 0x3F, 0xA2, 0xCF, 0xA6, 0x6C, 0x1E, 0xB0, 0x06, + 0x29, 0x00, 0x8F, 0xE7, 0x77, 0x76, 0xAC, 0xDB, 0xCA, 0xC7, + 0xD9, 0x5E, 0x9B, 0x3F, 0x26, 0x90, 0x52, 0xAE, 0xFC, 0x38, + 0x90, 0x00, 0x14, 0xBB, 0xB4, 0x0F, 0x58, 0x94, 0xE7, 0x2F, + 0x6A, 0x7E, 0x1C, 0x4F, 0x41, 0x21, 0xD4, 0x31, 0x59, 0x1F, + 0x4E, 0x8A, 0x1A, 0x8D, 0xA7, 0x57, 0x6C, 0x22, 0xD8, 0xE5, + 0xF4, 0x7E, 0x32, 0xA6, 0x10, 0xCB, 0x64, 0xA5, 0x55, 0x03, + 0x87, 0xA6, 0x27, 0x05, 0x8C, 0xC3, 0xD7, 0xB6, 0x27, 0xB2, + 0x4D, 0xBA, 0x30, 0xDA, 0x47, 0x8F, 0x54, 0xD3, 0x3D, 0x8B, + 0x84, 0x8D, 0x94, 0x98, 0x58, 0xA5, 0x02, 0x81, 0x81, 0x00, + 0xD5, 0x38, 0x1B, 0xC3, 0x8F, 0xC5, 0x93, 0x0C, 0x47, 0x0B, + 0x6F, 0x35, 0x92, 0xC5, 0xB0, 0x8D, 0x46, 0xC8, 0x92, 0x18, + 0x8F, 0xF5, 0x80, 0x0A, 0xF7, 0xEF, 0xA1, 0xFE, 0x80, 0xB9, + 0xB5, 0x2A, 0xBA, 0xCA, 0x18, 0xB0, 0x5D, 0xA5, 0x07, 0xD0, + 0x93, 0x8D, 0xD8, 0x9C, 0x04, 0x1C, 0xD4, 0x62, 0x8E, 0xA6, + 0x26, 0x81, 0x01, 0xFF, 0xCE, 0x8A, 0x2A, 0x63, 0x34, 0x35, + 0x40, 0xAA, 0x6D, 0x80, 0xDE, 0x89, 0x23, 0x6A, 0x57, 0x4D, + 0x9E, 0x6E, 0xAD, 0x93, 0x4E, 0x56, 0x90, 0x0B, 0x6D, 0x9D, + 0x73, 0x8B, 0x0C, 0xAE, 0x27, 0x3D, 0xDE, 0x4E, 0xF0, 0xAA, + 0xC5, 0x6C, 0x78, 0x67, 0x6C, 0x94, 0x52, 0x9C, 0x37, 0x67, + 0x6C, 0x2D, 0xEF, 0xBB, 0xAF, 0xDF, 0xA6, 0x90, 0x3C, 0xC4, + 0x47, 0xCF, 0x8D, 0x96, 0x9E, 0x98, 0xA9, 0xB4, 0x9F, 0xC5, + 0xA6, 0x50, 0xDC, 0xB3, 0xF0, 0xFB, 0x74, 0x17, 0x02, 0x81, + 0x80, 0x5E, 0x83, 0x09, 0x62, 0xBD, 0xBA, 0x7C, 0xA2, 0xBF, + 0x42, 0x74, 0xF5, 0x7C, 0x1C, 0xD2, 0x69, 0xC9, 0x04, 0x0D, + 0x85, 0x7E, 0x3E, 0x3D, 0x24, 0x12, 0xC3, 0x18, 0x7B, 0xF3, + 0x29, 0xF3, 0x5F, 0x0E, 0x76, 0x6C, 0x59, 0x75, 0xE4, 0x41, + 0x84, 0x69, 0x9D, 0x32, 0xF3, 0xCD, 0x22, 0xAB, 0xB0, 0x35, + 0xBA, 0x4A, 0xB2, 0x3C, 0xE5, 0xD9, 0x58, 0xB6, 0x62, 0x4F, + 0x5D, 0xDE, 0xE5, 0x9E, 0x0A, 0xCA, 0x53, 0xB2, 0x2C, 0xF7, + 0x9E, 0xB3, 0x6B, 0x0A, 0x5B, 0x79, 0x65, 0xEC, 0x6E, 0x91, + 0x4E, 0x92, 0x20, 0xF6, 0xFC, 0xFC, 0x16, 0xED, 0xD3, 0x76, + 0x0C, 0xE2, 0xEC, 0x7F, 0xB2, 0x69, 0x13, 0x6B, 0x78, 0x0E, + 0x5A, 0x46, 0x64, 0xB4, 0x5E, 0xB7, 0x25, 0xA0, 0x5A, 0x75, + 0x3A, 0x4B, 0xEF, 0xC7, 0x3C, 0x3E, 0xF7, 0xFD, 0x26, 0xB8, + 0x20, 0xC4, 0x99, 0x0A, 0x9A, 0x73, 0xBE, 0xC3, 0x19, 0x02, + 0x81, 0x81, 0x00, 0xBA, 0x44, 0x93, 0x14, 0xAC, 0x34, 0x19, + 0x3B, 0x5F, 0x91, 0x60, 0xAC, 0xF7, 0xB4, 0xD6, 0x81, 0x05, + 0x36, 0x51, 0x53, 0x3D, 0xE8, 0x65, 0xDC, 0xAF, 0x2E, 0xDC, + 0x61, 0x3E, 0xC9, 0x7D, 0xB8, 0x7F, 0x87, 0xF0, 0x3B, 0x9B, + 0x03, 0x82, 0x29, 0x37, 0xCE, 0x72, 0x4E, 0x11, 0xD5, 0xB1, + 0xC1, 0x0C, 0x07, 0xA0, 0x99, 0x91, 0x4A, 0x8D, 0x7F, 0xEC, + 0x79, 0xCF, 0xF1, 0x39, 0xB5, 0xE9, 0x85, 0xEC, 0x62, 0xF7, + 0xDA, 0x7D, 0xBC, 0x64, 0x4D, 0x22, 0x3C, 0x0E, 0xF2, 0xD6, + 0x51, 0xF5, 0x87, 0xD8, 0x99, 0xC0, 0x11, 0x20, 0x5D, 0x0F, + 0x29, 0xFD, 0x5B, 0xE2, 0xAE, 0xD9, 0x1C, 0xD9, 0x21, 0x56, + 0x6D, 0xFC, 0x84, 0xD0, 0x5F, 0xED, 0x10, 0x15, 0x1C, 0x18, + 0x21, 0xE7, 0xC4, 0x3D, 0x4B, 0xD7, 0xD0, 0x9E, 0x6A, 0x95, + 0xCF, 0x22, 0xC9, 0x03, 0x7B, 0x9E, 0xE3, 0x60, 0x01, 0xFC, + 0x2F, 0x02, 0x81, 0x80, 0x11, 0xD0, 0x4B, 0xCF, 0x1B, 0x67, + 0xB9, 0x9F, 0x10, 0x75, 0x47, 0x86, 0x65, 0xAE, 0x31, 0xC2, + 0xC6, 0x30, 0xAC, 0x59, 0x06, 0x50, 0xD9, 0x0F, 0xB5, 0x70, + 0x06, 0xF7, 0xF0, 0xD3, 0xC8, 0x62, 0x7C, 0xA8, 0xDA, 0x6E, + 0xF6, 0x21, 0x3F, 0xD3, 0x7F, 0x5F, 0xEA, 0x8A, 0xAB, 0x3F, + 0xD9, 0x2A, 0x5E, 0xF3, 0x51, 0xD2, 0xC2, 0x30, 0x37, 0xE3, + 0x2D, 0xA3, 0x75, 0x0D, 0x1E, 0x4D, 0x21, 0x34, 0xD5, 0x57, + 0x70, 0x5C, 0x89, 0xBF, 0x72, 0xEC, 0x4A, 0x6E, 0x68, 0xD5, + 0xCD, 0x18, 0x74, 0x33, 0x4E, 0x8C, 0x3A, 0x45, 0x8F, 0xE6, + 0x96, 0x40, 0xEB, 0x63, 0xF9, 0x19, 0x86, 0x3A, 0x51, 0xDD, + 0x89, 0x4B, 0xB0, 0xF3, 0xF9, 0x9F, 0x5D, 0x28, 0x95, 0x38, + 0xBE, 0x35, 0xAB, 0xCA, 0x5C, 0xE7, 0x93, 0x53, 0x34, 0xA1, + 0x45, 0x5D, 0x13, 0x39, 0x65, 0x42, 0x46, 0xA1, 0x9F, 0xCD, + 0xF5, 0xBF +}; +static const int sizeof_client_key_der_2048 = sizeof(client_key_der_2048); + +/* ./certs/client-keyPub.der, 2048-bit */ +static const unsigned char client_keypub_der_2048[] = +{ + 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, + 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, + 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, 0xFE, 0x39, 0xA4, + 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, 0x7C, 0x74, + 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, 0xD6, 0xA6, 0x36, + 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, 0x7B, 0xC6, 0xC3, + 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, + 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 0x4A, 0xD2, 0x1B, + 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, 0xEC, 0xF1, 0x81, + 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, 0x65, 0xCC, 0x7F, + 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, + 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, 0x3A, 0x7A, + 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, 0x13, 0x42, 0x8D, + 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, 0x86, 0xDF, 0x37, + 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, 0xA3, 0x4A, 0x35, + 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, 0x4E, 0x97, + 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, 0xAF, 0x20, 0x0B, + 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, 0x82, 0x6F, 0x8D, + 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, + 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 0x73, 0xB0, 0xCE, + 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, 0x7B, 0xC0, 0x12, + 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, 0x3B, 0xA3, 0x3B, + 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, + 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, 0xBB, 0xFF, + 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, 0xD3, 0x86, 0x40, + 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, 0x30, 0xC4, 0x97, + 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, 0xF7, 0x7F, 0xC0, + 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3, 0x02, + 0x03, 0x01, 0x00, 0x01 +}; +static const int sizeof_client_keypub_der_2048 = sizeof(client_keypub_der_2048); + +/* ./certs/client-cert.der, 2048-bit */ +static const unsigned char client_cert_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xCA, 0x30, 0x82, 0x03, 0xB2, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xB9, 0xBC, 0x90, 0xED, + 0xAD, 0xAA, 0x0A, 0x8C, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, + 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, + 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, 0x34, + 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, + 0x32, 0x30, 0x30, 0x37, 0x33, 0x37, 0x5A, 0x17, 0x0D, 0x31, + 0x39, 0x30, 0x35, 0x30, 0x38, 0x32, 0x30, 0x30, 0x37, 0x33, + 0x37, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, + 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, + 0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, + 0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, + 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, + 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, + 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, + 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, + 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, + 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, + 0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, + 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, + 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, + 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, + 0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, + 0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, + 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, + 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, + 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, + 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, + 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, + 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, + 0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, + 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, + 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, + 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, + 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, + 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, + 0x07, 0x30, 0x82, 0x01, 0x03, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66, + 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, + 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xD3, 0x06, + 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, + 0x80, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, 0x18, + 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, 0x85, + 0x65, 0xC0, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, + 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, + 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, + 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, + 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, + 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x32, + 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, + 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, 0x34, 0x38, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, + 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, + 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, + 0x09, 0x00, 0xB9, 0xBC, 0x90, 0xED, 0xAD, 0xAA, 0x0A, 0x8C, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, + 0x82, 0x01, 0x01, 0x00, 0x33, 0x85, 0x08, 0xB4, 0x58, 0x0E, + 0xA2, 0x00, 0x03, 0x74, 0xDE, 0x77, 0xFB, 0xD1, 0x2B, 0x76, + 0x9C, 0x97, 0x90, 0x20, 0x21, 0xA2, 0xE8, 0x2E, 0x22, 0x50, + 0x26, 0x04, 0x76, 0xBA, 0x5B, 0x47, 0x79, 0xE5, 0x52, 0xF7, + 0xC4, 0x0D, 0x79, 0xFF, 0x62, 0x3F, 0x05, 0x7C, 0xC3, 0x08, + 0x6C, 0xE0, 0xB7, 0x81, 0xD0, 0xCE, 0xC6, 0xC9, 0x46, 0xB9, + 0x8E, 0x4B, 0x5F, 0x56, 0x79, 0x4B, 0x13, 0xB6, 0xD1, 0x6B, + 0x66, 0x4B, 0xCE, 0x00, 0x0D, 0xE3, 0x76, 0x5E, 0xFB, 0xCB, + 0xB5, 0x5D, 0x12, 0x31, 0x05, 0xF1, 0xBB, 0x39, 0xF6, 0x86, + 0x90, 0xCA, 0x92, 0x56, 0xA4, 0xA0, 0x75, 0x21, 0xB6, 0x1D, + 0x4C, 0x96, 0xC3, 0x45, 0xEB, 0x5A, 0x91, 0x94, 0x32, 0xD3, + 0x59, 0xB8, 0xC9, 0x73, 0x1F, 0x03, 0xA9, 0x81, 0x63, 0xE0, + 0x43, 0xC0, 0x1E, 0xC8, 0x65, 0xBE, 0x3B, 0xA7, 0x53, 0xC3, + 0x44, 0xFF, 0xB3, 0xFB, 0x47, 0x84, 0xA8, 0xB6, 0x9D, 0x00, + 0xD5, 0x6B, 0xAE, 0x87, 0xF8, 0xBB, 0x35, 0xB2, 0x6C, 0x66, + 0x0B, 0x11, 0xEE, 0x6F, 0xFE, 0x12, 0xED, 0x59, 0x79, 0xF1, + 0x3E, 0xF2, 0xD3, 0x61, 0x27, 0x8B, 0x95, 0x7E, 0x99, 0x75, + 0x8D, 0xA4, 0x9F, 0x34, 0x85, 0xF1, 0x25, 0x4D, 0x48, 0x1E, + 0x9B, 0x6B, 0x70, 0xF6, 0x66, 0xCC, 0x56, 0xB1, 0xA3, 0x02, + 0x52, 0x8A, 0x7C, 0xAA, 0xAF, 0x07, 0xDA, 0x97, 0xC6, 0x0C, + 0xA5, 0x8F, 0xED, 0xCB, 0xF5, 0xD8, 0x04, 0x5D, 0x97, 0x0A, + 0x5D, 0x5A, 0x2B, 0x49, 0xF5, 0xBD, 0x93, 0xE5, 0x23, 0x9B, + 0x99, 0xB5, 0x0C, 0xFF, 0x0C, 0x7E, 0x38, 0x82, 0xB2, 0x6E, + 0xAB, 0x8A, 0xC9, 0xA7, 0x45, 0xAB, 0xD6, 0xD7, 0x93, 0x35, + 0x70, 0x07, 0x7E, 0xC8, 0x3D, 0xA5, 0xFE, 0x33, 0x8F, 0xD9, + 0x85, 0xC0, 0xC7, 0x5A, 0x02, 0xE4, 0x7C, 0xD6, 0x35, 0x9E + +}; +static const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048); + +/* ./certs/dh2048.der, 2048-bit */ +static const unsigned char dh_key_der_2048[] = +{ + 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xB0, + 0xA1, 0x08, 0x06, 0x9C, 0x08, 0x13, 0xBA, 0x59, 0x06, 0x3C, + 0xBC, 0x30, 0xD5, 0xF5, 0x00, 0xC1, 0x4F, 0x44, 0xA7, 0xD6, + 0xEF, 0x4A, 0xC6, 0x25, 0x27, 0x1C, 0xE8, 0xD2, 0x96, 0x53, + 0x0A, 0x5C, 0x91, 0xDD, 0xA2, 0xC2, 0x94, 0x84, 0xBF, 0x7D, + 0xB2, 0x44, 0x9F, 0x9B, 0xD2, 0xC1, 0x8A, 0xC5, 0xBE, 0x72, + 0x5C, 0xA7, 0xE7, 0x91, 0xE6, 0xD4, 0x9F, 0x73, 0x07, 0x85, + 0x5B, 0x66, 0x48, 0xC7, 0x70, 0xFA, 0xB4, 0xEE, 0x02, 0xC9, + 0x3D, 0x9A, 0x4A, 0xDA, 0x3D, 0xC1, 0x46, 0x3E, 0x19, 0x69, + 0xD1, 0x17, 0x46, 0x07, 0xA3, 0x4D, 0x9F, 0x2B, 0x96, 0x17, + 0x39, 0x6D, 0x30, 0x8D, 0x2A, 0xF3, 0x94, 0xD3, 0x75, 0xCF, + 0xA0, 0x75, 0xE6, 0xF2, 0x92, 0x1F, 0x1A, 0x70, 0x05, 0xAA, + 0x04, 0x83, 0x57, 0x30, 0xFB, 0xDA, 0x76, 0x93, 0x38, 0x50, + 0xE8, 0x27, 0xFD, 0x63, 0xEE, 0x3C, 0xE5, 0xB7, 0xC8, 0x09, + 0xAE, 0x6F, 0x50, 0x35, 0x8E, 0x84, 0xCE, 0x4A, 0x00, 0xE9, + 0x12, 0x7E, 0x5A, 0x31, 0xD7, 0x33, 0xFC, 0x21, 0x13, 0x76, + 0xCC, 0x16, 0x30, 0xDB, 0x0C, 0xFC, 0xC5, 0x62, 0xA7, 0x35, + 0xB8, 0xEF, 0xB7, 0xB0, 0xAC, 0xC0, 0x36, 0xF6, 0xD9, 0xC9, + 0x46, 0x48, 0xF9, 0x40, 0x90, 0x00, 0x2B, 0x1B, 0xAA, 0x6C, + 0xE3, 0x1A, 0xC3, 0x0B, 0x03, 0x9E, 0x1B, 0xC2, 0x46, 0xE4, + 0x48, 0x4E, 0x22, 0x73, 0x6F, 0xC3, 0x5F, 0xD4, 0x9A, 0xD6, + 0x30, 0x07, 0x48, 0xD6, 0x8C, 0x90, 0xAB, 0xD4, 0xF6, 0xF1, + 0xE3, 0x48, 0xD3, 0x58, 0x4B, 0xA6, 0xB9, 0xCD, 0x29, 0xBF, + 0x68, 0x1F, 0x08, 0x4B, 0x63, 0x86, 0x2F, 0x5C, 0x6B, 0xD6, + 0xB6, 0x06, 0x65, 0xF7, 0xA6, 0xDC, 0x00, 0x67, 0x6B, 0xBB, + 0xC3, 0xA9, 0x41, 0x83, 0xFB, 0xC7, 0xFA, 0xC8, 0xE2, 0x1E, + 0x7E, 0xAF, 0x00, 0x3F, 0x93, 0x02, 0x01, 0x02 +}; +static const int sizeof_dh_key_der_2048 = sizeof(dh_key_der_2048); + +/* ./certs/dsa2048.der, 2048-bit */ +static const unsigned char dsa_key_der_2048[] = +{ + 0x30, 0x82, 0x03, 0x3F, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xCC, 0x8E, 0xC9, 0xA0, 0xD5, 0x9A, 0x27, 0x1C, + 0xDA, 0x52, 0xDF, 0xC7, 0xC0, 0xE6, 0x06, 0xA4, 0x3E, 0x8A, + 0x66, 0x49, 0xD0, 0x59, 0x33, 0x51, 0x69, 0xC4, 0x9C, 0x5E, + 0x64, 0x85, 0xC7, 0xF1, 0xAB, 0xD5, 0xD9, 0x62, 0xAC, 0xFD, + 0xA1, 0xE0, 0x1B, 0x57, 0xFF, 0x96, 0xEF, 0x0C, 0x9F, 0xC8, + 0x44, 0x87, 0xEB, 0x5C, 0x91, 0xD0, 0x46, 0x42, 0x09, 0x50, + 0x6A, 0x23, 0xCB, 0x89, 0x6F, 0x55, 0xE9, 0x6A, 0x11, 0xA9, + 0xA8, 0x32, 0xAB, 0x33, 0x0D, 0x51, 0xB5, 0x79, 0x51, 0xB4, + 0xAB, 0xA2, 0x25, 0x11, 0x8D, 0xE5, 0x24, 0xBE, 0xD8, 0xF1, + 0x9D, 0x4E, 0x12, 0x6F, 0xAC, 0x44, 0x54, 0x80, 0xA9, 0xB4, + 0x81, 0x68, 0x4E, 0x44, 0x0E, 0xB8, 0x39, 0xF3, 0xBE, 0x83, + 0x08, 0x74, 0xA2, 0xC6, 0x7A, 0xD7, 0x6A, 0x7D, 0x0A, 0x88, + 0x57, 0x83, 0x48, 0xDC, 0xCF, 0x5E, 0x6F, 0xEE, 0x68, 0x0C, + 0xF7, 0xFF, 0x03, 0x04, 0x90, 0xAA, 0xF7, 0x07, 0x98, 0xF8, + 0x67, 0x5A, 0x83, 0x23, 0x66, 0x47, 0x60, 0xC3, 0x43, 0x6E, + 0x03, 0x91, 0xAC, 0x28, 0x66, 0xCB, 0xF0, 0xD3, 0x05, 0xC8, + 0x09, 0x97, 0xB5, 0xAE, 0x01, 0x5E, 0x80, 0x3B, 0x9D, 0x4F, + 0xDE, 0x3E, 0x94, 0xFE, 0xCB, 0x82, 0xB0, 0xB1, 0xFC, 0x91, + 0x8B, 0x1D, 0x8A, 0xEE, 0xC6, 0x06, 0x1F, 0x37, 0x91, 0x48, + 0xD2, 0xF8, 0x6C, 0x5D, 0x60, 0x13, 0x83, 0xA7, 0x81, 0xAC, + 0xCA, 0x8D, 0xD0, 0x6A, 0x04, 0x0A, 0xEA, 0x3E, 0x22, 0x4E, + 0x13, 0xF1, 0x0D, 0xBB, 0x60, 0x6B, 0xCD, 0xBC, 0x5C, 0x87, + 0xA3, 0x67, 0x2B, 0x42, 0xA1, 0x9F, 0xCD, 0x39, 0x58, 0xBE, + 0x55, 0xB1, 0x93, 0x84, 0xCE, 0xB2, 0x10, 0x4E, 0xE4, 0xC3, + 0x9F, 0xB2, 0x53, 0x61, 0x01, 0x29, 0xAA, 0x96, 0xCB, 0x20, + 0x60, 0x42, 0x1D, 0xBA, 0x75, 0x4B, 0x63, 0xC1, 0x02, 0x15, + 0x00, 0xE7, 0xA5, 0x39, 0xD4, 0x6A, 0x37, 0x5E, 0x95, 0x06, + 0x39, 0x07, 0x77, 0x0A, 0xEB, 0xA0, 0x03, 0xEB, 0x78, 0x82, + 0x9B, 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD4, 0x4C, 0x71, + 0x2F, 0xEC, 0xFA, 0x32, 0xB2, 0x80, 0x7E, 0x61, 0x4A, 0x6B, + 0x5F, 0x18, 0x76, 0x43, 0xC3, 0x69, 0xBA, 0x41, 0xC7, 0xA7, + 0x1D, 0x79, 0x01, 0xEC, 0xAF, 0x34, 0x87, 0x67, 0x4F, 0x29, + 0x80, 0xA8, 0x3B, 0x87, 0xF6, 0xE8, 0xA1, 0xE8, 0xCD, 0x1B, + 0x1C, 0x86, 0x38, 0xF6, 0xD1, 0x0C, 0x46, 0x2E, 0xC8, 0xE0, + 0xC9, 0x30, 0x26, 0xD5, 0x2C, 0x7F, 0xC1, 0x08, 0xBF, 0xCC, + 0x5A, 0x82, 0x8E, 0xD4, 0xD4, 0x49, 0xAA, 0xA2, 0xFA, 0xE6, + 0xC1, 0x9D, 0xF0, 0xD9, 0x96, 0xB0, 0xFF, 0x0C, 0x5B, 0x33, + 0x8E, 0x06, 0xDD, 0x9D, 0x28, 0xA9, 0xE9, 0x80, 0x41, 0x3B, + 0xD8, 0x7A, 0x94, 0x21, 0x8F, 0x56, 0xF1, 0xA2, 0xB4, 0x2B, + 0x89, 0x1C, 0x74, 0xFF, 0x7E, 0x91, 0xDC, 0x1F, 0x91, 0x13, + 0x98, 0xAF, 0xC7, 0x06, 0xD2, 0x4C, 0x90, 0xA2, 0xBD, 0xDA, + 0x16, 0xBA, 0x65, 0xB0, 0x2D, 0x68, 0x87, 0x3C, 0x6E, 0x25, + 0x8D, 0x90, 0xC7, 0xBC, 0x0D, 0xA9, 0x43, 0x03, 0xC9, 0xBE, + 0xCF, 0x85, 0x6F, 0xDB, 0x07, 0x7B, 0x8C, 0xF8, 0xB1, 0xC2, + 0x49, 0x10, 0x69, 0x63, 0x56, 0x37, 0xC5, 0x30, 0xD2, 0xFB, + 0x71, 0x9A, 0xE8, 0x82, 0x07, 0x2E, 0x3E, 0x95, 0x50, 0xF3, + 0x73, 0xCF, 0x34, 0x5B, 0xD5, 0xAB, 0x02, 0x15, 0xF2, 0xCC, + 0xD7, 0x52, 0xC5, 0x28, 0xD8, 0x41, 0x19, 0x55, 0x6F, 0xB8, + 0x5F, 0xF1, 0x99, 0xB3, 0xC7, 0xD9, 0xB3, 0x71, 0xF4, 0x2D, + 0xDF, 0x22, 0x59, 0x35, 0x86, 0xDB, 0x39, 0xCA, 0x1B, 0x4D, + 0x35, 0x90, 0x19, 0x6B, 0x31, 0xE3, 0xC8, 0xC6, 0x09, 0xBF, + 0x7C, 0xED, 0x01, 0xB4, 0xB2, 0xF5, 0x6E, 0xDA, 0x63, 0x41, + 0x3C, 0xE6, 0x3A, 0x72, 0x2D, 0x65, 0x48, 0xF6, 0x07, 0xCD, + 0x92, 0x84, 0x8B, 0x1D, 0xA7, 0x31, 0x6B, 0xD6, 0xF0, 0xFB, + 0xD9, 0xF4, 0x02, 0x82, 0x01, 0x00, 0x66, 0x4B, 0xBB, 0xB7, + 0xC9, 0x48, 0x95, 0x0D, 0x5A, 0xA6, 0x2D, 0xA1, 0x7F, 0xDF, + 0x1F, 0x67, 0x6D, 0xED, 0x52, 0x4B, 0x16, 0x6C, 0x17, 0xC6, + 0xAE, 0xF8, 0x6A, 0xC4, 0x57, 0xED, 0x2F, 0xB3, 0xF0, 0x2A, + 0x55, 0xAB, 0xBA, 0xCA, 0xEA, 0x17, 0xE8, 0x35, 0x7C, 0xE5, + 0x31, 0x0D, 0x4A, 0x95, 0xFC, 0x43, 0x6F, 0x97, 0x3C, 0x5C, + 0x67, 0xAC, 0xBE, 0x67, 0x7F, 0xE9, 0x4E, 0xAA, 0x48, 0xB3, + 0x92, 0xA1, 0x76, 0x75, 0xEA, 0x04, 0x34, 0x7F, 0x87, 0x33, + 0x2D, 0x24, 0xB6, 0x29, 0x97, 0xE3, 0x04, 0x77, 0x93, 0x89, + 0x13, 0xDB, 0x1B, 0x93, 0xB8, 0x2C, 0x90, 0x1A, 0x09, 0x3B, + 0x26, 0xD9, 0x59, 0xF3, 0x2A, 0x09, 0x58, 0xDC, 0xAC, 0x25, + 0xB4, 0xA9, 0x45, 0x3B, 0xA2, 0x3A, 0x6C, 0x61, 0x84, 0xBF, + 0x68, 0xD4, 0xEA, 0x9B, 0xC5, 0x29, 0x48, 0x60, 0x15, 0x10, + 0x35, 0x2C, 0x44, 0x1D, 0xB5, 0x9A, 0xEE, 0xAC, 0xC1, 0x68, + 0xE8, 0x47, 0xB7, 0x41, 0x34, 0x39, 0x9A, 0xF8, 0xA5, 0x20, + 0xE9, 0x24, 0xC4, 0x2C, 0x58, 0x3F, 0x4C, 0x41, 0x30, 0x3A, + 0x14, 0x6E, 0x8D, 0xEA, 0xAD, 0xBA, 0x9B, 0x43, 0xD3, 0x98, + 0x2F, 0x83, 0xD8, 0x14, 0x67, 0xE8, 0xF8, 0xD5, 0x4F, 0xAC, + 0xE0, 0x3B, 0xBF, 0xA7, 0x54, 0x16, 0x5E, 0x49, 0x64, 0x26, + 0x54, 0xA4, 0x6B, 0x69, 0x7C, 0xBA, 0x8A, 0x83, 0xD9, 0x2E, + 0x65, 0x0A, 0xA2, 0x27, 0xEF, 0x99, 0x99, 0x08, 0xD7, 0xB5, + 0x9F, 0xA0, 0x01, 0xEF, 0x7E, 0x17, 0xBF, 0x83, 0x6B, 0x2E, + 0xDD, 0xC0, 0x39, 0x38, 0x23, 0x68, 0xB4, 0x76, 0x6B, 0xE5, + 0xCA, 0xF7, 0x7C, 0xEE, 0xC0, 0x52, 0xE2, 0xDD, 0xAD, 0x59, + 0x3A, 0x42, 0x06, 0x45, 0xB0, 0xC7, 0xC1, 0x77, 0x05, 0xB2, + 0x0C, 0x32, 0x40, 0x46, 0xAA, 0xDA, 0x79, 0x77, 0x04, 0x71, + 0xDF, 0x7A, 0x02, 0x15, 0x00, 0x98, 0xEE, 0xB9, 0x51, 0x37, + 0x3E, 0x75, 0x13, 0x13, 0x06, 0x8F, 0x94, 0xD3, 0xE6, 0xE9, + 0x00, 0xCB, 0x62, 0x6D, 0x9A +}; +static const int sizeof_dsa_key_der_2048 = sizeof(dsa_key_der_2048); + +/* ./certs/rsa2048.der, 2048-bit */ +static const unsigned char rsa_key_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xA3, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xE9, 0x8A, 0x5D, 0x15, 0xA4, 0xD4, 0x34, 0xB9, + 0x59, 0xA2, 0xDA, 0xAF, 0x74, 0xC8, 0xC9, 0x03, 0x26, 0x38, + 0xFA, 0x48, 0xFC, 0x4D, 0x30, 0x6E, 0xEA, 0x76, 0x89, 0xCE, + 0x4F, 0xF6, 0x87, 0xDE, 0x32, 0x3A, 0x46, 0x6E, 0x38, 0x12, + 0x58, 0x37, 0x22, 0x0D, 0x80, 0xAC, 0x2D, 0xAF, 0x2F, 0x12, + 0x3E, 0x62, 0x73, 0x60, 0x66, 0x68, 0x90, 0xB2, 0x6F, 0x47, + 0x17, 0x04, 0x2B, 0xCA, 0xB7, 0x26, 0xB7, 0x10, 0xC2, 0x13, + 0xF9, 0x7A, 0x62, 0x0A, 0x93, 0x32, 0x90, 0x42, 0x0D, 0x16, + 0x2E, 0xFA, 0xD7, 0x29, 0xD7, 0x9F, 0x54, 0xE4, 0xFC, 0x65, + 0x74, 0xF8, 0xF6, 0x43, 0x6B, 0x4E, 0x9E, 0x34, 0x7F, 0xCB, + 0x6B, 0x1C, 0x1A, 0xDE, 0x82, 0x81, 0xBF, 0x08, 0x5D, 0x3F, + 0xC0, 0xB6, 0xB1, 0xA8, 0xA5, 0x9C, 0x81, 0x70, 0xA7, 0x4E, + 0x32, 0x87, 0x15, 0x1C, 0x78, 0x0E, 0xF0, 0x18, 0xFE, 0xEB, + 0x4B, 0x37, 0x2B, 0xE9, 0xE1, 0xF7, 0xFA, 0x51, 0xC6, 0x58, + 0xB9, 0xD8, 0x06, 0x03, 0xED, 0xC0, 0x03, 0x18, 0x55, 0x8B, + 0x98, 0xFE, 0xB1, 0xF6, 0xD0, 0x3D, 0xFA, 0x63, 0xC0, 0x38, + 0x19, 0xC7, 0x00, 0xEF, 0x4D, 0x99, 0x60, 0xB4, 0xBA, 0xCE, + 0xE3, 0xCE, 0xD9, 0x6B, 0x2D, 0x76, 0x94, 0xFF, 0xFB, 0x77, + 0x18, 0x4A, 0xFE, 0x65, 0xF0, 0x0A, 0x91, 0x5C, 0x3B, 0x22, + 0x94, 0x85, 0xD0, 0x20, 0x18, 0x59, 0x2E, 0xA5, 0x33, 0x03, + 0xAC, 0x1B, 0x5F, 0x78, 0x32, 0x11, 0x25, 0xEE, 0x7F, 0x96, + 0x21, 0xA9, 0xD6, 0x76, 0x97, 0x8D, 0x66, 0x7E, 0xB2, 0x91, + 0xD0, 0x36, 0x2E, 0xA3, 0x1D, 0xBF, 0xF1, 0x85, 0xED, 0xC0, + 0x3E, 0x60, 0xB8, 0x5A, 0x9F, 0xAB, 0x80, 0xE0, 0xEA, 0x5D, + 0x5F, 0x75, 0x56, 0xC7, 0x4D, 0x51, 0x8E, 0xD4, 0x1F, 0x34, + 0xA6, 0x36, 0xF1, 0x30, 0x1F, 0x51, 0x99, 0x2F, 0x02, 0x03, + 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x00, 0x52, 0x11, 0x33, + 0x40, 0xC5, 0xD9, 0x64, 0x65, 0xB5, 0xE0, 0x0A, 0xA5, 0x19, + 0x8E, 0xED, 0x44, 0x54, 0x0C, 0x35, 0xB7, 0xAC, 0x21, 0x9B, + 0xE1, 0x7E, 0x37, 0x05, 0x9A, 0x20, 0x73, 0x6B, 0xAF, 0x63, + 0x4B, 0x23, 0x30, 0xDC, 0x37, 0x66, 0x14, 0x89, 0xBC, 0xE0, + 0xF8, 0xA0, 0x5D, 0x2D, 0x57, 0x65, 0xE0, 0xC6, 0xD6, 0x9B, + 0x66, 0x27, 0x62, 0xEC, 0xC3, 0xB8, 0x8C, 0xD8, 0xAE, 0xB5, + 0xC9, 0xBF, 0x0E, 0xFE, 0x84, 0x72, 0x68, 0xD5, 0x47, 0x0E, + 0x0E, 0xF8, 0xAE, 0x9D, 0x56, 0xAC, 0x4F, 0xAD, 0x88, 0xA0, + 0xA2, 0xF6, 0xFC, 0x38, 0xCD, 0x96, 0x5B, 0x5E, 0x7E, 0xB6, + 0x98, 0xBB, 0xF3, 0x8A, 0xEC, 0xFA, 0xC8, 0xB7, 0x90, 0x75, + 0xA0, 0x0E, 0x77, 0x6B, 0xFD, 0x59, 0x45, 0x5A, 0x0C, 0xFF, + 0x95, 0x8D, 0xCE, 0xFE, 0x9B, 0xF6, 0x19, 0x8E, 0x0B, 0xA1, + 0x0C, 0xEE, 0xC6, 0x79, 0xDD, 0x9D, 0x61, 0x85, 0x5C, 0x19, + 0x6C, 0x47, 0xCC, 0x08, 0xFF, 0xA5, 0x62, 0xDB, 0xE4, 0x2D, + 0x2D, 0xDD, 0x14, 0x67, 0xD6, 0x4A, 0x64, 0x2A, 0x66, 0x49, + 0x54, 0x9C, 0xE3, 0x85, 0x18, 0xE7, 0x31, 0x42, 0xE2, 0xD0, + 0x2C, 0x20, 0xA0, 0x74, 0x0F, 0x1F, 0x20, 0x89, 0xBA, 0xAB, + 0x80, 0xD8, 0x38, 0xD9, 0x46, 0x69, 0xBB, 0xEF, 0xCC, 0x8B, + 0xA1, 0x73, 0xA7, 0xF2, 0xE4, 0x38, 0x5D, 0xD6, 0x75, 0x9F, + 0x88, 0x0E, 0x56, 0xCD, 0xD8, 0x84, 0x59, 0x29, 0x73, 0xF5, + 0xA1, 0x79, 0xDA, 0x7A, 0x1F, 0xBF, 0x73, 0x83, 0xC0, 0x6D, + 0x9F, 0x8B, 0x34, 0x15, 0xC0, 0x6D, 0x69, 0x6A, 0x20, 0xE6, + 0x51, 0xCF, 0x45, 0x6E, 0xCC, 0x05, 0xC4, 0x3A, 0xC0, 0x9E, + 0xAA, 0xC1, 0x06, 0x2F, 0xAB, 0x99, 0x30, 0xE1, 0x6E, 0x9D, + 0x45, 0x7A, 0xFF, 0xA9, 0xCE, 0x70, 0xB8, 0x16, 0x1A, 0x0E, + 0x20, 0xFA, 0xC1, 0x02, 0x81, 0x81, 0x00, 0xFF, 0x30, 0x11, + 0xC2, 0x3C, 0x6B, 0xB4, 0xD6, 0x9E, 0x6B, 0xC1, 0x93, 0xD1, + 0x48, 0xCE, 0x80, 0x2D, 0xBE, 0xAF, 0xF7, 0xBA, 0xB2, 0xD7, + 0xC3, 0xC4, 0x53, 0x6E, 0x15, 0x02, 0xAA, 0x61, 0xB9, 0xEA, + 0x05, 0x9B, 0x79, 0x67, 0x0B, 0xCE, 0xD9, 0xFB, 0x98, 0x8C, + 0x1D, 0x6B, 0xF4, 0x5A, 0xA7, 0xA0, 0x5E, 0x54, 0x18, 0xE9, + 0x31, 0x44, 0x7C, 0xC7, 0x52, 0xD8, 0x6D, 0xA0, 0x3E, 0xD6, + 0x14, 0x2D, 0x7B, 0x15, 0x9D, 0x1E, 0x39, 0x87, 0x96, 0xDD, + 0xA8, 0x33, 0x55, 0x2A, 0x8E, 0x32, 0xC0, 0xC4, 0xE5, 0xB8, + 0xCB, 0xCD, 0x32, 0x8D, 0xAD, 0x7B, 0xE5, 0xC6, 0x7E, 0x4D, + 0x6F, 0xF3, 0xA4, 0xC5, 0xA6, 0x40, 0xBE, 0x90, 0x3A, 0x33, + 0x6A, 0x24, 0xB2, 0x80, 0x81, 0x12, 0xAC, 0xE3, 0x7B, 0x26, + 0x63, 0xCF, 0x88, 0xB9, 0xFF, 0x74, 0x23, 0x37, 0x52, 0xF0, + 0xC4, 0x27, 0x5D, 0x45, 0x1F, 0x02, 0x81, 0x81, 0x00, 0xEA, + 0x48, 0xA7, 0xDD, 0x73, 0x41, 0x56, 0x21, 0x15, 0xF7, 0x42, + 0x45, 0x4D, 0xA9, 0xE1, 0x66, 0x5B, 0xBD, 0x25, 0x7D, 0xF7, + 0xA8, 0x65, 0x13, 0xAE, 0x2D, 0x38, 0x11, 0xCD, 0x93, 0xFC, + 0x30, 0xA3, 0x2C, 0x44, 0xBB, 0xCF, 0xD0, 0x21, 0x8F, 0xFB, + 0xC1, 0xF9, 0xAD, 0x1D, 0xEE, 0x96, 0xCF, 0x97, 0x49, 0x60, + 0x53, 0x80, 0xA5, 0xA2, 0xF8, 0xEE, 0xB9, 0xD5, 0x77, 0x44, + 0xDD, 0xFD, 0x19, 0x2A, 0xF1, 0x81, 0xF4, 0xD9, 0x3C, 0xEC, + 0x73, 0xD0, 0x2A, 0xD8, 0x3C, 0x27, 0x87, 0x79, 0x12, 0x86, + 0xE7, 0x57, 0x0C, 0x59, 0xD1, 0x44, 0x55, 0xAE, 0xC3, 0x4D, + 0x42, 0xAD, 0xA9, 0xB3, 0x28, 0x61, 0xB4, 0x9C, 0xA6, 0x63, + 0xD3, 0x96, 0xB1, 0x75, 0x9F, 0x2A, 0x78, 0x99, 0xE3, 0x1E, + 0x71, 0x47, 0x39, 0xF4, 0x52, 0xE3, 0x66, 0xF1, 0xEB, 0x7F, + 0xEF, 0xC6, 0x81, 0x93, 0x4C, 0x99, 0xF1, 0x02, 0x81, 0x81, + 0x00, 0xC5, 0xB6, 0x20, 0x8C, 0x34, 0xF3, 0xDD, 0xF0, 0x4A, + 0x5D, 0x82, 0x65, 0x5C, 0x48, 0xE4, 0x75, 0x3A, 0xFB, 0xFA, + 0xAA, 0x1C, 0xE4, 0x63, 0x77, 0x31, 0xAC, 0xD2, 0x25, 0x45, + 0x23, 0x6D, 0x03, 0xF5, 0xE4, 0xD2, 0x48, 0x85, 0x26, 0x08, + 0xE5, 0xAA, 0xA0, 0xCE, 0x2E, 0x1D, 0x6D, 0xFC, 0xAE, 0xD2, + 0xF9, 0x42, 0x7E, 0xEA, 0x6D, 0x59, 0x7A, 0xB3, 0x93, 0xE4, + 0x4B, 0x4B, 0x54, 0x63, 0xD8, 0xCE, 0x44, 0x06, 0xC2, 0xEC, + 0x9F, 0xF6, 0x05, 0x55, 0x46, 0xF4, 0x3E, 0x8F, 0xF2, 0x0C, + 0x30, 0x7E, 0x5C, 0xDD, 0x88, 0x49, 0x3B, 0x59, 0xB9, 0x87, + 0xBC, 0xC6, 0xC5, 0x24, 0x8A, 0x10, 0x63, 0x21, 0x1F, 0x66, + 0x1A, 0x3E, 0xF4, 0x58, 0xD1, 0x6C, 0x0D, 0x40, 0xB2, 0xC0, + 0x1D, 0x63, 0x42, 0x0E, 0xC4, 0x56, 0x0E, 0xC0, 0xCC, 0xC2, + 0xD6, 0x66, 0x0E, 0xC4, 0xAB, 0xB5, 0x33, 0xF6, 0x51, 0x02, + 0x81, 0x80, 0x19, 0x7E, 0xE6, 0xA5, 0xB6, 0xD1, 0x39, 0x6A, + 0x48, 0x55, 0xAC, 0x24, 0x96, 0x9B, 0x12, 0x28, 0x6D, 0x7B, + 0x5C, 0x05, 0x25, 0x5A, 0x72, 0x05, 0x7E, 0x42, 0xF5, 0x83, + 0x1A, 0x78, 0x2C, 0x4D, 0xAE, 0xB4, 0x36, 0x96, 0xA9, 0xBA, + 0xE0, 0xAC, 0x26, 0x9D, 0xA9, 0x6A, 0x29, 0x83, 0xB9, 0x6D, + 0xC5, 0xEC, 0xFA, 0x4A, 0x9C, 0x09, 0x6A, 0x7E, 0xE4, 0x9B, + 0xDC, 0x9B, 0x2A, 0x27, 0x6E, 0x4F, 0xBA, 0xD8, 0xA5, 0x67, + 0xDB, 0xEC, 0x41, 0x5F, 0x29, 0x1C, 0x40, 0x83, 0xEB, 0x59, + 0x56, 0xD7, 0xA9, 0x4E, 0xAB, 0xAE, 0x70, 0x67, 0xD1, 0xA3, + 0xF1, 0x6C, 0xD7, 0x8F, 0x96, 0x0E, 0x8D, 0xAC, 0xAB, 0x55, + 0x58, 0x66, 0xD3, 0x1E, 0x47, 0x9B, 0xF0, 0x4C, 0xED, 0xF6, + 0x49, 0xE8, 0xE9, 0x7B, 0x32, 0x61, 0x20, 0x31, 0x95, 0x05, + 0xB2, 0xF6, 0x09, 0xEA, 0x32, 0x14, 0x0F, 0xCF, 0x9A, 0x41, + 0x02, 0x81, 0x80, 0x77, 0x3F, 0xB6, 0x14, 0x8D, 0xC5, 0x13, + 0x08, 0x7E, 0xC9, 0xC4, 0xEA, 0xD4, 0xBA, 0x0D, 0xA4, 0x9E, + 0xB3, 0x6E, 0xDE, 0x1A, 0x7A, 0xF8, 0x89, 0x88, 0xEF, 0x36, + 0x3C, 0x11, 0xBC, 0x83, 0xE8, 0x30, 0x6C, 0x81, 0x7C, 0x47, + 0xF3, 0x4D, 0xCA, 0xEA, 0x56, 0x01, 0x62, 0x55, 0x2E, 0x4B, + 0x89, 0xA9, 0xBD, 0x6F, 0x01, 0xF6, 0x74, 0x02, 0xAA, 0xE3, + 0x84, 0x66, 0x06, 0x95, 0x34, 0xA1, 0xE2, 0xCA, 0x65, 0xFE, + 0xA3, 0x2D, 0x43, 0x97, 0x95, 0x6C, 0x6F, 0xD5, 0xB4, 0x38, + 0xF6, 0xF9, 0x95, 0x30, 0xFA, 0xF8, 0x9C, 0x25, 0x2B, 0xB6, + 0x14, 0x51, 0xCC, 0x2E, 0xB3, 0x5B, 0xD6, 0xDC, 0x1A, 0xEC, + 0x2D, 0x09, 0x5B, 0x3F, 0x3A, 0xD0, 0xB8, 0x4E, 0x27, 0x1F, + 0xDC, 0x2A, 0xEE, 0xAC, 0xA9, 0x59, 0x5D, 0x07, 0x63, 0x11, + 0x83, 0x0B, 0xD4, 0x74, 0x80, 0xB6, 0x7D, 0x62, 0x45, 0xBF, + 0x56 +}; +static const int sizeof_rsa_key_der_2048 = sizeof(rsa_key_der_2048); + +/* ./certs/ca-cert.der, 2048-bit */ +static const unsigned char ca_cert_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xAA, 0x30, 0x82, 0x03, 0x92, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xB7, 0xB6, 0x90, 0x33, + 0x66, 0x1B, 0x6B, 0x23, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, + 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, + 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, + 0x32, 0x30, 0x30, 0x37, 0x33, 0x37, 0x5A, 0x17, 0x0D, 0x31, + 0x39, 0x30, 0x35, 0x30, 0x38, 0x32, 0x30, 0x30, 0x37, 0x33, + 0x37, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, + 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, + 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, + 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, 0x0C, 0xCA, 0x2D, + 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, 0x38, 0x1F, 0x4A, + 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, 0x9F, 0xDF, 0xCA, + 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, 0x66, 0xEE, 0x2A, + 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, 0x0B, 0x10, 0x98, + 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, 0xCC, 0x4F, 0xDE, + 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, 0xCA, 0x90, 0xBB, + 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, 0x95, 0xC5, 0xF1, + 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, 0xA4, 0x10, 0x41, + 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, 0x70, + 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, 0x2C, 0x7C, 0xED, + 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, 0xAC, 0xC7, 0xED, + 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, 0x49, 0x5C, 0x38, + 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, 0x53, 0x94, 0x3C, + 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, 0xD3, 0x1D, 0x13, + 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, 0xCC, 0xB8, 0x7D, + 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, 0xD8, 0x21, 0xDC, + 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, 0x1A, 0xFC, 0x7D, + 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, 0x7C, 0x05, 0x67, + 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, 0x8C, 0xB5, 0x68, + 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, 0xA0, 0x63, 0xF5, + 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, 0x17, + 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, 0x6F, 0xFE, 0xC3, + 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52, + 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9, + 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED, + 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, + 0x30, 0x81, 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, + 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, + 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, + 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, + 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, + 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, + 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, + 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, + 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, + 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xB7, 0xB6, 0x90, 0x33, 0x66, 0x1B, 0x6B, 0x23, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, + 0x01, 0x00, 0x0E, 0x93, 0x48, 0x44, 0x4A, 0x72, 0x96, 0x60, + 0x71, 0x25, 0x82, 0xA9, 0x2C, 0xCA, 0x60, 0x5B, 0xF2, 0x88, + 0x3E, 0xCF, 0x11, 0x74, 0x5A, 0x11, 0x4A, 0xDC, 0xD9, 0xD8, + 0xF6, 0x58, 0x2C, 0x05, 0xD3, 0x56, 0xD9, 0xE9, 0x8F, 0x37, + 0xEF, 0x8E, 0x3E, 0x3B, 0xFF, 0x22, 0x36, 0x00, 0xCA, 0xD8, + 0xE2, 0x96, 0x3F, 0xA7, 0xD1, 0xED, 0x1F, 0xDE, 0x7A, 0xB0, + 0xD7, 0x8F, 0x36, 0xBD, 0x41, 0x55, 0x1E, 0xD4, 0xB9, 0x86, + 0x3B, 0x87, 0x25, 0x69, 0x35, 0x60, 0x48, 0xD6, 0xE4, 0x5A, + 0x94, 0xCE, 0xA2, 0xFA, 0x70, 0x38, 0x36, 0xC4, 0x85, 0xB4, + 0x4B, 0x23, 0xFE, 0x71, 0x9E, 0x2F, 0xDB, 0x06, 0xC7, 0xB5, + 0x9C, 0x21, 0xF0, 0x3E, 0x7C, 0xEB, 0x91, 0xF8, 0x5C, 0x09, + 0xFD, 0x84, 0x43, 0xA4, 0xB3, 0x4E, 0x04, 0x0C, 0x22, 0x31, + 0x71, 0x6A, 0x48, 0xC8, 0xAB, 0xBB, 0xE8, 0xCE, 0xFA, 0x67, + 0x15, 0x1A, 0x3A, 0x82, 0x98, 0x43, 0x33, 0xB5, 0x0E, 0x1F, + 0x1E, 0x89, 0xF8, 0x37, 0xDE, 0x1B, 0xE6, 0xB5, 0xA0, 0xF4, + 0xA2, 0x8B, 0xB7, 0x1C, 0x90, 0xBA, 0x98, 0x6D, 0x94, 0x21, + 0x08, 0x80, 0x5D, 0xF3, 0xBF, 0x66, 0xAD, 0xC9, 0x72, 0x28, + 0x7A, 0x6A, 0x48, 0xEE, 0xCF, 0x63, 0x69, 0x31, 0x8C, 0xC5, + 0x8E, 0x66, 0xDA, 0x4B, 0x78, 0x65, 0xE8, 0x03, 0x3A, 0x4B, + 0xF8, 0xCC, 0x42, 0x54, 0xD3, 0x52, 0x5C, 0x2D, 0x04, 0xAE, + 0x26, 0x87, 0xE1, 0x7E, 0x40, 0xCB, 0x45, 0x41, 0x16, 0x4B, + 0x6E, 0xA3, 0x2E, 0x4A, 0x76, 0xBD, 0x29, 0x7F, 0x1C, 0x53, + 0x37, 0x06, 0xAD, 0xE9, 0x5B, 0x6A, 0xD6, 0xB7, 0x4E, 0x94, + 0xA2, 0x7C, 0xE8, 0xAC, 0x4E, 0xA6, 0x50, 0x3E, 0x2B, 0x32, + 0x9E, 0x68, 0x42, 0x1B, 0xE4, 0x59, 0x67, 0x61, 0xEA, 0xC7, + 0x9A, 0x51, 0x9C, 0x1C, 0x55, 0xA3, 0x77, 0x76 +}; +static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048); + +/* ./certs/server-key.der, 2048-bit */ +static const unsigned char server_key_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xC0, 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, + 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27, 0x01, 0x65, 0xC6, 0x45, + 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F, 0x4E, + 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, + 0x7F, 0xFE, 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, + 0xE7, 0x35, 0x2F, 0x8F, 0xE1, 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, + 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B, 0xBA, 0xE0, + 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, + 0xDA, 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, + 0x25, 0x4F, 0xE1, 0x63, 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, + 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34, 0xB3, 0xAE, 0x00, + 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73, + 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, + 0x2E, 0xB8, 0x10, 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, + 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4, 0xBB, 0x17, 0xA6, 0xF3, + 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5, 0xFD, + 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, + 0xBC, 0x23, 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, + 0xB9, 0x64, 0xC3, 0x2A, 0xD0, 0xA1, 0x96, 0x4A, 0xBC, 0xE1, + 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63, 0x78, 0x0F, + 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, + 0x77, 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, + 0x6A, 0x0D, 0xC3, 0x39, 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, + 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, 0xB3, 0x58, + 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5, + 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, + 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, + 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50, 0x01, 0xEF, 0x9F, 0xED, + 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7, 0x92, + 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, + 0xC6, 0x79, 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, + 0x95, 0x77, 0xCB, 0xC3, 0x9A, 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, + 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA, 0x67, 0x16, + 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, + 0xFB, 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, + 0x98, 0x6B, 0x65, 0x9A, 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, + 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22, 0x60, 0x2A, 0x73, + 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4, + 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, + 0x25, 0x4E, 0x9F, 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, + 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64, 0xCA, 0x9A, 0x5B, 0x05, + 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32, 0x22, + 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, + 0x74, 0xD3, 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, + 0x7A, 0x97, 0x2E, 0xD6, 0xB6, 0x19, 0xC6, 0x92, 0x26, 0xE4, + 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9, 0x78, 0x0D, + 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, + 0x41, 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, + 0xD2, 0x60, 0xF2, 0x9F, 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, + 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C, 0xE6, 0x55, 0x34, + 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A, + 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, + 0xF1, 0x58, 0x58, 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, + 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9, 0x10, 0x32, 0xB7, 0x93, + 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6, 0xB5, + 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, + 0x1B, 0xAC, 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, + 0x19, 0xB8, 0xC3, 0x60, 0xB1, 0x57, 0x48, 0x5F, 0x52, 0x4F, + 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43, 0x50, 0x3F, + 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, + 0xAD, 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, + 0x70, 0x9C, 0x0A, 0x7C, 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, + 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD, 0x15, 0x73, 0xDA, + 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0, + 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, + 0xC6, 0xB1, 0x53, 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, + 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D, 0xB7, 0x5C, 0x5C, 0x7C, + 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63, 0xB3, + 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, + 0x8E, 0x7B, 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, + 0x7D, 0xEA, 0xFE, 0x76, 0xA1, 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, + 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B, 0x5B, 0x0F, + 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, + 0xED, 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, + 0x13, 0x23, 0x4C, 0xCB, 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, + 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C, 0xC1, 0x85, 0x5F, + 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3, + 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, + 0x5F, 0x53, 0xA4, 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, + 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB, 0xD5, 0xFE, 0xF9, 0x52, + 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52, 0x2F, + 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, + 0x52, 0xDA, 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, + 0xD3, 0x18, 0x14, 0x72, 0x77, 0x5E, 0xC7, 0xA3, 0x04, 0x1F, + 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3, 0xF2, 0xB5, + 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, + 0x5F, 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, + 0x56, 0xC0, 0xD4, 0x22, 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, + 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95, 0x92, 0x31, 0x41, + 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39, + 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, + 0x22, 0x00, 0xFE, 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, + 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41, 0x56, 0x28, 0x51, 0x9E, + 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2, 0x6C, + 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, + 0xD4, 0x0C, 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, + 0xD4, 0xE6, 0xDC, 0x4C, 0xED, 0xD7, 0x16, 0x11, 0xC3, 0x3E, + 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE, 0xBB, 0x75, + 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, + 0xC5, 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, + 0x6E, 0x99, 0x87, 0xF8, 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, + 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF, 0x16, 0xCA, 0x8B, + 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC, + 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, + 0x9D, 0xE0, 0x63, 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, + 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D, 0x45, 0xF9, 0x40, 0x8C, + 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C, 0xAC, + 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, + 0xE5, 0x8A, 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, + 0x86, 0x09, 0xB8, 0xD8, 0x76, 0xA7, 0xC9, 0x1C, 0x71, 0x52, + 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD, 0x61, 0x1B, + 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, + 0x43, 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, + 0x5E, 0xCF, 0x4F, 0xFC, 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, + 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5, 0x29, 0xD0, 0x44, + 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2, + 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, + 0x7C, 0x9A, 0x1F, 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, + 0x3B, 0xF1, 0xB0 +}; +static const int sizeof_server_key_der_2048 = sizeof(server_key_der_2048); + +/* ./certs/server-cert.der, 2048-bit */ +static const unsigned char server_cert_der_2048[] = +{ + 0x30, 0x82, 0x04, 0x9E, 0x30, 0x82, 0x03, 0x86, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, + 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, + 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, + 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, + 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, + 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, + 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, + 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, + 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, + 0x31, 0x31, 0x32, 0x30, 0x30, 0x37, 0x33, 0x37, 0x5A, 0x17, + 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32, 0x30, 0x30, + 0x37, 0x33, 0x37, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, + 0x66, 0x53, 0x53, 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x07, 0x53, 0x75, 0x70, 0x70, 0x6F, + 0x72, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, + 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, + 0x82, 0x01, 0x01, 0x00, 0xC0, 0x95, 0x08, 0xE1, 0x57, 0x41, + 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27, 0x01, 0x65, + 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, + 0x2F, 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, + 0xA8, 0x67, 0x7F, 0xFE, 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, + 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1, 0xBD, 0x7B, 0xC0, + 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B, + 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, + 0x95, 0x73, 0xDA, 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, + 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63, 0x63, 0x51, 0x8B, 0x0B, + 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34, 0xB3, + 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, + 0x78, 0x73, 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, + 0x19, 0x01, 0x2E, 0xB8, 0x10, 0xE3, 0xC6, 0xCC, 0x40, 0xB4, + 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4, 0xBB, 0x17, + 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, + 0xB5, 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, + 0x5F, 0x1C, 0xBC, 0x23, 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, + 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0, 0xA1, 0x96, 0x4A, + 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63, + 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, + 0x95, 0xA1, 0x77, 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, + 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39, 0x60, 0xA4, 0xB4, 0xB0, + 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, + 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, + 0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, 0x30, 0x81, + 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98, 0x84, 0xE2, + 0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA, 0x1F, 0x0E, + 0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E, + 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, + 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, + 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, + 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, + 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xB7, 0xB6, + 0x90, 0x33, 0x66, 0x1B, 0x6B, 0x23, 0x30, 0x0C, 0x06, 0x03, + 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, + 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, + 0x51, 0xFE, 0x2A, 0xDF, 0x07, 0x7E, 0x43, 0xCA, 0x66, 0x8D, + 0x15, 0xC4, 0x2B, 0xDB, 0x57, 0xB2, 0x06, 0x6D, 0x0D, 0x90, + 0x66, 0xFF, 0xA5, 0x24, 0x9C, 0x14, 0xEF, 0x81, 0xF2, 0xA4, + 0xAB, 0x99, 0xA9, 0x6A, 0x49, 0x20, 0xA5, 0xD2, 0x71, 0xE7, + 0x1C, 0x3C, 0x99, 0x07, 0xC7, 0x47, 0xFC, 0xE8, 0x96, 0xB4, + 0xF5, 0x42, 0x30, 0xCE, 0x39, 0x01, 0x4B, 0xD1, 0xC2, 0xE8, + 0xBC, 0x95, 0x84, 0x87, 0xCE, 0x55, 0x5D, 0x97, 0x9F, 0xCF, + 0x78, 0xF3, 0x56, 0x9B, 0xA5, 0x08, 0x6D, 0xAC, 0xF6, 0xA5, + 0x5C, 0xC4, 0xEF, 0x3E, 0x2A, 0x39, 0xA6, 0x48, 0x26, 0x29, + 0x7B, 0x2D, 0xE0, 0xCD, 0xA6, 0x8C, 0x57, 0x48, 0x0B, 0xBB, + 0x31, 0x32, 0xC2, 0xBF, 0xD9, 0x43, 0x4C, 0x47, 0x25, 0x18, + 0x81, 0xA8, 0xC9, 0x33, 0x82, 0x41, 0x9B, 0xBA, 0x61, 0x86, + 0xD7, 0x84, 0x93, 0x17, 0x24, 0x25, 0x36, 0xCA, 0x4D, 0x63, + 0x6B, 0x4F, 0x95, 0x79, 0xD8, 0x60, 0xE0, 0x1E, 0xF5, 0xAC, + 0xC1, 0x8A, 0xA1, 0xB1, 0x7E, 0x85, 0x8E, 0x87, 0x20, 0x2F, + 0x08, 0x31, 0xAD, 0x5E, 0xC6, 0x4A, 0xC8, 0x61, 0xF4, 0x9E, + 0x07, 0x1E, 0xA2, 0x22, 0xED, 0x73, 0x7C, 0x85, 0xEE, 0xFA, + 0x62, 0xDC, 0x50, 0x36, 0xAA, 0xFD, 0xC7, 0x9D, 0xAA, 0x18, + 0x04, 0xFB, 0xEA, 0xCC, 0x2C, 0x68, 0x9B, 0xB3, 0xA9, 0xC2, + 0x96, 0xD8, 0xC1, 0xCC, 0x5A, 0x7E, 0xF7, 0x0D, 0x9E, 0x08, + 0xE0, 0x9D, 0x29, 0x8B, 0x84, 0x46, 0x8F, 0xD3, 0x91, 0x6A, + 0xB5, 0xB8, 0x7A, 0x5C, 0xCC, 0x4F, 0x55, 0x01, 0xB8, 0x9A, + 0x48, 0xA0, 0x94, 0x43, 0xCA, 0x25, 0x47, 0x52, 0x0A, 0xF7, + 0xF4, 0xBE, 0xB0, 0xD1, 0x71, 0x6D, 0xA5, 0x52, 0x4A, 0x65, + 0x50, 0xB2, 0xAD, 0x4E, 0x1D, 0xE0, 0x6C, 0x01, 0xD8, 0xFB, + 0x43, 0x80, 0xE6, 0xE4, 0x0C, 0x37 +}; +static const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048); + +#endif /* USE_CERT_BUFFERS_2048 */ + +#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) + +/* ./certs/ecc-client-key.der, ECC */ +static const unsigned char ecc_clikey_der_256[] = +{ + 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xF8, 0xCF, 0x92, + 0x6B, 0xBD, 0x1E, 0x28, 0xF1, 0xA8, 0xAB, 0xA1, 0x23, 0x4F, + 0x32, 0x74, 0x18, 0x88, 0x50, 0xAD, 0x7E, 0xC7, 0xEC, 0x92, + 0xF8, 0x8F, 0x97, 0x4D, 0xAF, 0x56, 0x89, 0x65, 0xC7, 0xA0, + 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, + 0x07, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, + 0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, + 0x4D, 0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, + 0xEC, 0x5A, 0x4C, 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, + 0xEF, 0xA2, 0x35, 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, + 0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, + 0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, + 0xB4 +}; +static const int sizeof_ecc_clikey_der_256 = sizeof(ecc_clikey_der_256); + +/* ./certs/ecc-client-keyPub.der, ECC */ +static const unsigned char ecc_clikeypub_der_256[] = +{ + 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, + 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, + 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, + 0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, + 0x4D, 0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, + 0xEC, 0x5A, 0x4C, 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, + 0xEF, 0xA2, 0x35, 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, + 0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, + 0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, + 0xB4 +}; +static const int sizeof_ecc_clikeypub_der_256 = sizeof(ecc_clikeypub_der_256); + +/* ./certs/client-ecc-cert.der, ECC */ +static const unsigned char cliecc_cert_der_256[] = +{ + 0x30, 0x82, 0x03, 0x09, 0x30, 0x82, 0x02, 0xAF, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE7, 0x72, 0xA6, 0x9E, + 0x13, 0x1D, 0x17, 0x5C, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, + 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, + 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, + 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, + 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, + 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, + 0x32, 0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, + 0x39, 0x30, 0x35, 0x30, 0x38, 0x32, 0x30, 0x30, 0x37, 0x33, + 0x38, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, + 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, + 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, + 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, + 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, + 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, + 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, + 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, 0x0F, 0x44, 0x50, 0x9A, + 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D, 0xF5, 0x70, 0x7B, + 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C, 0xA2, + 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, 0x12, + 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, 0x01, + 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, 0xB2, + 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, 0xB4, 0xA3, 0x81, 0xF5, + 0x30, 0x81, 0xF2, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0xEB, 0xD4, 0x4B, 0x59, 0x6B, 0x95, + 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, + 0x44, 0x5C, 0xAB, 0xF2, 0x30, 0x81, 0xC2, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xBA, 0x30, 0x81, 0xB7, 0x80, 0x14, + 0xEB, 0xD4, 0x4B, 0x59, 0x6B, 0x95, 0x61, 0x3F, 0x51, 0x57, + 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, 0x44, 0x5C, 0xAB, 0xF2, + 0xA1, 0x81, 0x93, 0xA4, 0x81, 0x90, 0x30, 0x81, 0x8D, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, + 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, + 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, + 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, + 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, + 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x82, 0x09, 0x00, 0xE7, 0x72, 0xA6, 0x9E, 0x13, 0x1D, 0x17, + 0x5C, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, + 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, + 0x30, 0x45, 0x02, 0x20, 0x43, 0x9A, 0xB6, 0x7E, 0x87, 0x8E, + 0x8C, 0xD7, 0x16, 0xF1, 0x0D, 0xD2, 0x50, 0x11, 0xA4, 0xAC, + 0xB6, 0xAC, 0x07, 0xEF, 0xE9, 0x60, 0xE1, 0x90, 0xA2, 0x5F, + 0xC9, 0x76, 0xE6, 0x54, 0x1A, 0x81, 0x02, 0x21, 0x00, 0xD6, + 0x8B, 0x7C, 0xBA, 0x53, 0x12, 0x05, 0x06, 0xFA, 0x8F, 0xC5, + 0xC7, 0x58, 0xC3, 0x9A, 0x9F, 0xA1, 0x84, 0x8C, 0xB4, 0x88, + 0x83, 0x4D, 0x6A, 0xB4, 0xB7, 0x85, 0x7A, 0xB3, 0x3C, 0xF3, + 0xDF +}; +static const int sizeof_cliecc_cert_der_256 = sizeof(cliecc_cert_der_256); + +/* ./certs/ecc-key.der, ECC */ +static const unsigned char ecc_key_der_256[] = +{ + 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x45, 0xB6, 0x69, + 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38, 0x5B, 0x72, 0xE8, + 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04, 0xFA, + 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C, 0xA0, + 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, + 0x07, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, + 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C, + 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, + 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, + 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, + 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, + 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, + 0xD8 +}; +static const int sizeof_ecc_key_der_256 = sizeof(ecc_key_der_256); + +/* ./certs/ecc-keyPub.der, ECC */ +static const unsigned char ecc_key_pub_der_256[] = +{ + 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, + 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, + 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, + 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C, + 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, + 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, + 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, + 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, + 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, + 0xD8 +}; +static const int sizeof_ecc_key_pub_der_256 = sizeof(ecc_key_pub_der_256); + +/* ./certs/server-ecc-comp.der, ECC */ +static const unsigned char serv_ecc_comp_der_256[] = +{ + 0x30, 0x82, 0x03, 0x24, 0x30, 0x82, 0x02, 0xCA, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xC3, 0xCD, 0xC5, 0xE4, + 0x24, 0x18, 0x70, 0xCA, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0xA0, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, + 0x6C, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, + 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, + 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, + 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, + 0x1E, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, 0x32, + 0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x39, + 0x30, 0x35, 0x30, 0x38, 0x32, 0x30, 0x30, 0x37, 0x33, 0x38, + 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, + 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, + 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, 0x69, 0x70, 0x74, + 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, 0x6D, 0x70, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, + 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x45, 0x43, 0x43, + 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x39, 0x30, 0x13, 0x06, 0x07, + 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x22, 0x00, + 0x02, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, + 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, + 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, + 0x16, 0xE8, 0x61, 0xA3, 0x82, 0x01, 0x09, 0x30, 0x82, 0x01, + 0x05, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x8C, 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, + 0x6E, 0xF4, 0x59, 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, + 0x5A, 0x18, 0x30, 0x81, 0xD5, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xCD, 0x30, 0x81, 0xCA, 0x80, 0x14, 0x8C, 0x38, + 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, 0x6E, 0xF4, 0x59, 0xAC, + 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, 0x5A, 0x18, 0xA1, 0x81, + 0xA6, 0xA4, 0x81, 0xA3, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, + 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, + 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, + 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xC3, 0xCD, 0xC5, 0xE4, 0x24, 0x18, 0x70, 0xCA, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, + 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, + 0x21, 0x00, 0xCA, 0x10, 0xEC, 0x8F, 0xF1, 0xEB, 0x92, 0x19, + 0x76, 0xD7, 0x16, 0x54, 0xF2, 0x21, 0x1C, 0x38, 0x0E, 0x6E, + 0x22, 0x3D, 0x95, 0xA4, 0xBD, 0xC8, 0x8C, 0xD2, 0xD8, 0x28, + 0xD3, 0x9C, 0x21, 0x6D, 0x02, 0x20, 0x71, 0x39, 0x0B, 0x0D, + 0xEC, 0x68, 0x8C, 0x64, 0xB6, 0x2C, 0x68, 0xDA, 0x03, 0xB1, + 0xD8, 0xE7, 0xD4, 0xF7, 0xCB, 0xA6, 0x73, 0x7E, 0x08, 0x00, + 0xC6, 0xB8, 0x04, 0x9D, 0x17, 0x3E, 0x66, 0x7F +}; +static const int sizeof_serv_ecc_comp_der_256 = sizeof(serv_ecc_comp_der_256); + +/* ./certs/server-ecc-rsa.der, ECC */ +static const unsigned char serv_ecc_rsa_der_256[] = +{ + 0x30, 0x82, 0x03, 0xE0, 0x30, 0x82, 0x02, 0xC8, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, + 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, + 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, + 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, + 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, + 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, + 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, + 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, + 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, + 0x31, 0x31, 0x32, 0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x17, + 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32, 0x30, 0x30, + 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x1A, 0x30, 0x18, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x11, 0x45, 0x6C, 0x6C, + 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x52, 0x53, + 0x41, 0x73, 0x69, 0x67, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x45, 0x43, 0x43, 0x2D, 0x52, + 0x53, 0x41, 0x73, 0x69, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, + 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, + 0x04, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, + 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, + 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, + 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, + 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, + 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, + 0x0B, 0x80, 0x34, 0x89, 0xD8, 0xA3, 0x81, 0xFC, 0x30, 0x81, + 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF, 0xAC, 0x7E, 0x36, 0xF9, + 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23, 0xEF, 0xB2, + 0x89, 0x30, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E, + 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, + 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, + 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, + 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, + 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xB7, 0xB6, + 0x90, 0x33, 0x66, 0x1B, 0x6B, 0x23, 0x30, 0x0C, 0x06, 0x03, + 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, + 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, + 0xAB, 0xB7, 0x78, 0xC8, 0x18, 0x6E, 0x6A, 0x27, 0x5D, 0xBB, + 0x16, 0xA1, 0xD3, 0xAE, 0xB5, 0xFD, 0x46, 0x50, 0xCF, 0xDC, + 0x82, 0xF9, 0x4A, 0x19, 0xEC, 0xBF, 0x44, 0xCD, 0xF5, 0x1F, + 0x15, 0x2C, 0x5A, 0xE9, 0x65, 0x27, 0xB2, 0xE1, 0x88, 0x62, + 0x0F, 0xBC, 0xA1, 0x3C, 0x95, 0xFB, 0x62, 0x8A, 0x71, 0xE0, + 0xC6, 0x22, 0xCE, 0x2E, 0x00, 0xCA, 0x4E, 0x7A, 0x03, 0x2A, + 0x12, 0x90, 0x98, 0x7B, 0x53, 0x9F, 0x46, 0xA0, 0xFF, 0x6B, + 0x04, 0xDC, 0x2A, 0x8D, 0xBB, 0x93, 0xE7, 0xB9, 0x0B, 0xD0, + 0x61, 0x0F, 0x62, 0x97, 0x18, 0x99, 0xBB, 0xE7, 0x1C, 0xE3, + 0xA2, 0xAB, 0x70, 0x8F, 0x32, 0x47, 0x7F, 0x1E, 0x3B, 0xCB, + 0x62, 0x55, 0x41, 0xA4, 0xAF, 0x1F, 0x01, 0x2C, 0x9B, 0xB2, + 0xCC, 0x06, 0x8D, 0x28, 0x04, 0x57, 0x5B, 0xF6, 0x32, 0xB8, + 0xE8, 0x18, 0xB6, 0x6B, 0xA1, 0xB9, 0xAA, 0x3F, 0x49, 0xEA, + 0xC1, 0x02, 0xC7, 0x92, 0xD9, 0xC7, 0x23, 0xEA, 0xA2, 0xF7, + 0x70, 0xA9, 0xDA, 0x9E, 0x5E, 0x82, 0xEF, 0x30, 0x07, 0xC7, + 0x89, 0xDA, 0xC9, 0xE0, 0xCF, 0xED, 0xE9, 0x4C, 0x34, 0xD4, + 0x72, 0x0E, 0x16, 0x49, 0x82, 0xC5, 0xA9, 0xB4, 0xA7, 0x05, + 0x07, 0xCC, 0x5D, 0xEB, 0xB4, 0xEF, 0x9A, 0x09, 0x73, 0xA2, + 0xD4, 0xB6, 0xC5, 0xBE, 0x34, 0xC0, 0xC9, 0x09, 0x29, 0xA5, + 0xD5, 0xF1, 0xE4, 0x82, 0x49, 0x70, 0xBF, 0x75, 0x79, 0x15, + 0xCD, 0xC1, 0xC8, 0xA3, 0x4D, 0x9B, 0xB4, 0xE2, 0x94, 0x5E, + 0x27, 0x61, 0xEA, 0x34, 0x69, 0x88, 0x47, 0xBD, 0x61, 0xE9, + 0x0D, 0xF3, 0x95, 0x8F, 0xFF, 0x53, 0xE7, 0x5C, 0x11, 0xE3, + 0xF4, 0xD0, 0x70, 0xAD, 0x9A, 0x73, 0x5D, 0x29, 0x30, 0xFC, + 0x23, 0x2E, 0xC0, 0x62, 0xD4, 0xD3, 0xA8, 0xCE, 0xB2, 0xE9, + 0xD3, 0xB9, 0x3F, 0x10, 0x0A, 0xF2 +}; +static const int sizeof_serv_ecc_rsa_der_256 = sizeof(serv_ecc_rsa_der_256); + +/* ./certs/server-ecc.der, ECC */ +static const unsigned char serv_ecc_der_256[] = +{ + 0x30, 0x82, 0x03, 0x10, 0x30, 0x82, 0x02, 0xB5, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xEF, 0x46, 0xC7, 0xA4, + 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8F, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, + 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, + 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, + 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, + 0x45, 0x43, 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, + 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, + 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, + 0x31, 0x31, 0x32, 0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x17, + 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32, 0x30, 0x30, + 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, + 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, + 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, + 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, + 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, + 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, + 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, + 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C, + 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, + 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, + 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, + 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, + 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, + 0xD8, 0xA3, 0x81, 0xF7, 0x30, 0x81, 0xF4, 0x30, 0x1D, 0x06, + 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, + 0x26, 0xEF, 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, + 0x4A, 0x25, 0x02, 0x23, 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, + 0xC4, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xBC, 0x30, + 0x81, 0xB9, 0x80, 0x14, 0x5D, 0x5D, 0x26, 0xEF, 0xAC, 0x7E, + 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23, + 0xEF, 0xB2, 0x89, 0x30, 0xA1, 0x81, 0x95, 0xA4, 0x81, 0x92, + 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, + 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, + 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, + 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xEF, + 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0C, 0x06, + 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, + 0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, + 0x04, 0x03, 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, + 0x00, 0xF1, 0xD0, 0xA6, 0x3E, 0x83, 0x33, 0x24, 0xD1, 0x7A, + 0x05, 0x5F, 0x1E, 0x0E, 0xBD, 0x7D, 0x6B, 0x33, 0xE9, 0xF2, + 0x86, 0xF3, 0xF3, 0x3D, 0xA9, 0xEF, 0x6A, 0x87, 0x31, 0xB3, + 0xB7, 0x7E, 0x50, 0x02, 0x21, 0x00, 0xF0, 0x60, 0xDD, 0xCE, + 0xA2, 0xDB, 0x56, 0xEC, 0xD9, 0xF4, 0xE4, 0xE3, 0x25, 0xD4, + 0xB0, 0xC9, 0x25, 0x7D, 0xCA, 0x7A, 0x5D, 0xBA, 0xC4, 0xB2, + 0xF6, 0x7D, 0x04, 0xC7, 0xBD, 0x62, 0xC9, 0x20 +}; +static const int sizeof_serv_ecc_der_256 = sizeof(serv_ecc_der_256); + +#endif /* HAVE_ECC && USE_CERT_BUFFERS_256 */ + +/* dh1024 p */ +static const unsigned char dh_p[] = +{ + 0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3, + 0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E, + 0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59, + 0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2, + 0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD, + 0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF, + 0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02, + 0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C, + 0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7, + 0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50, + 0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B, +}; + +/* dh1024 g */ +static const unsigned char dh_g[] = +{ + 0x02, +}; + +#endif /* WOLFSSL_CERTS_TEST_H */ + diff --git a/ccc/dist/lib/include/wolfssl/crl.h b/ccc/dist/lib/include/wolfssl/crl.h new file mode 100644 index 0000000..9828423 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/crl.h @@ -0,0 +1,52 @@ +/* crl.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLFSSL_CRL_H +#define WOLFSSL_CRL_H + + +#ifdef HAVE_CRL + +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + +typedef struct WOLFSSL_CRL WOLFSSL_CRL; + +WOLFSSL_LOCAL int InitCRL(WOLFSSL_CRL*, WOLFSSL_CERT_MANAGER*); +WOLFSSL_LOCAL void FreeCRL(WOLFSSL_CRL*, int dynamic); + +WOLFSSL_LOCAL int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int mon); +WOLFSSL_LOCAL int BufferLoadCRL(WOLFSSL_CRL*, const byte*, long, int); +WOLFSSL_LOCAL int CheckCertCRL(WOLFSSL_CRL*, DecodedCert*); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_CRL */ +#endif /* WOLFSSL_CRL_H */ diff --git a/ccc/dist/lib/include/wolfssl/error-ssl.h b/ccc/dist/lib/include/wolfssl/error-ssl.h new file mode 100644 index 0000000..77d964e --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/error-ssl.h @@ -0,0 +1,185 @@ +/* error-ssl.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLFSSL_ERROR_H +#define WOLFSSL_ERROR_H + +#include /* pull in wolfCrypt errors */ + +#ifdef __cplusplus + extern "C" { +#endif + +enum wolfSSL_ErrorCodes { + INPUT_CASE_ERROR = -301, /* process input state error */ + PREFIX_ERROR = -302, /* bad index to key rounds */ + MEMORY_ERROR = -303, /* out of memory */ + VERIFY_FINISHED_ERROR = -304, /* verify problem on finished */ + VERIFY_MAC_ERROR = -305, /* verify mac problem */ + PARSE_ERROR = -306, /* parse error on header */ + UNKNOWN_HANDSHAKE_TYPE = -307, /* weird handshake type */ + SOCKET_ERROR_E = -308, /* error state on socket */ + SOCKET_NODATA = -309, /* expected data, not there */ + INCOMPLETE_DATA = -310, /* don't have enough data to + complete task */ + UNKNOWN_RECORD_TYPE = -311, /* unknown type in record hdr */ + DECRYPT_ERROR = -312, /* error during decryption */ + FATAL_ERROR = -313, /* recvd alert fatal error */ + ENCRYPT_ERROR = -314, /* error during encryption */ + FREAD_ERROR = -315, /* fread problem */ + NO_PEER_KEY = -316, /* need peer's key */ + NO_PRIVATE_KEY = -317, /* need the private key */ + RSA_PRIVATE_ERROR = -318, /* error during rsa priv op */ + NO_DH_PARAMS = -319, /* server missing DH params */ + BUILD_MSG_ERROR = -320, /* build message failure */ + + BAD_HELLO = -321, /* client hello malformed */ + DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */ + WANT_READ = -323, /* want read, call again */ + NOT_READY_ERROR = -324, /* handshake layer not ready */ + PMS_VERSION_ERROR = -325, /* pre m secret version error */ + VERSION_ERROR = -326, /* record layer version error */ + WANT_WRITE = -327, /* want write, call again */ + BUFFER_ERROR = -328, /* malformed buffer input */ + VERIFY_CERT_ERROR = -329, /* verify cert error */ + VERIFY_SIGN_ERROR = -330, /* verify sign error */ + CLIENT_ID_ERROR = -331, /* psk client identity error */ + SERVER_HINT_ERROR = -332, /* psk server hint error */ + PSK_KEY_ERROR = -333, /* psk key error */ + ZLIB_INIT_ERROR = -334, /* zlib init error */ + ZLIB_COMPRESS_ERROR = -335, /* zlib compression error */ + ZLIB_DECOMPRESS_ERROR = -336, /* zlib decompression error */ + + GETTIME_ERROR = -337, /* gettimeofday failed ??? */ + GETITIMER_ERROR = -338, /* getitimer failed ??? */ + SIGACT_ERROR = -339, /* sigaction failed ??? */ + SETITIMER_ERROR = -340, /* setitimer failed ??? */ + LENGTH_ERROR = -341, /* record layer length error */ + PEER_KEY_ERROR = -342, /* can't decode peer key */ + ZERO_RETURN = -343, /* peer sent close notify */ + SIDE_ERROR = -344, /* wrong client/server type */ + NO_PEER_CERT = -345, /* peer didn't send key */ + NTRU_KEY_ERROR = -346, /* NTRU key error */ + NTRU_DRBG_ERROR = -347, /* NTRU drbg error */ + NTRU_ENCRYPT_ERROR = -348, /* NTRU encrypt error */ + NTRU_DECRYPT_ERROR = -349, /* NTRU decrypt error */ + ECC_CURVETYPE_ERROR = -350, /* Bad ECC Curve Type */ + ECC_CURVE_ERROR = -351, /* Bad ECC Curve */ + ECC_PEERKEY_ERROR = -352, /* Bad Peer ECC Key */ + ECC_MAKEKEY_ERROR = -353, /* Bad Make ECC Key */ + ECC_EXPORT_ERROR = -354, /* Bad ECC Export Key */ + ECC_SHARED_ERROR = -355, /* Bad ECC Shared Secret */ + NOT_CA_ERROR = -357, /* Not a CA cert error */ + BAD_PATH_ERROR = -358, /* Bad path for opendir */ + BAD_CERT_MANAGER_ERROR = -359, /* Bad Cert Manager */ + OCSP_CERT_REVOKED = -360, /* OCSP Certificate revoked */ + CRL_CERT_REVOKED = -361, /* CRL Certificate revoked */ + CRL_MISSING = -362, /* CRL Not loaded */ + MONITOR_SETUP_E = -363, /* CRL Monitor setup error */ + THREAD_CREATE_E = -364, /* Thread Create Error */ + OCSP_NEED_URL = -365, /* OCSP need an URL for lookup */ + OCSP_CERT_UNKNOWN = -366, /* OCSP responder doesn't know */ + OCSP_LOOKUP_FAIL = -367, /* OCSP lookup not successful */ + MAX_CHAIN_ERROR = -368, /* max chain depth exceeded */ + COOKIE_ERROR = -369, /* dtls cookie error */ + SEQUENCE_ERROR = -370, /* dtls sequence error */ + SUITES_ERROR = -371, /* suites pointer error */ + SSL_NO_PEM_HEADER = -372, /* no PEM header found */ + OUT_OF_ORDER_E = -373, /* out of order message */ + BAD_KEA_TYPE_E = -374, /* bad KEA type found */ + SANITY_CIPHER_E = -375, /* sanity check on cipher error */ + RECV_OVERFLOW_E = -376, /* RXCB returned more than rqed */ + GEN_COOKIE_E = -377, /* Generate Cookie Error */ + NO_PEER_VERIFY = -378, /* Need peer cert verify Error */ + FWRITE_ERROR = -379, /* fwrite problem */ + CACHE_MATCH_ERROR = -380, /* chache hdr match error */ + UNKNOWN_SNI_HOST_NAME_E = -381, /* Unrecognized host name Error */ + UNKNOWN_MAX_FRAG_LEN_E = -382, /* Unrecognized max frag len Error */ + KEYUSE_SIGNATURE_E = -383, /* KeyUse digSignature error */ + KEYUSE_ENCIPHER_E = -385, /* KeyUse keyEncipher error */ + EXTKEYUSE_AUTH_E = -386, /* ExtKeyUse server|client_auth */ + SEND_OOB_READ_E = -387, /* Send Cb out of bounds read */ + SECURE_RENEGOTIATION_E = -388, /* Invalid Renegotiation Info */ + SESSION_TICKET_LEN_E = -389, /* Session Ticket too large */ + SESSION_TICKET_EXPECT_E = -390, /* Session Ticket missing */ + SCR_DIFFERENT_CERT_E = -391, /* SCR Different cert error */ + SESSION_SECRET_CB_E = -392, /* Session secret Cb fcn failure */ + NO_CHANGE_CIPHER_E = -393, /* Finished before change cipher */ + SANITY_MSG_E = -394, /* Sanity check on msg order error */ + DUPLICATE_MSG_E = -395, /* Duplicate message error */ + SNI_UNSUPPORTED = -396, /* SSL 3.0 does not support SNI */ + SOCKET_PEER_CLOSED_E = -397, /* Underlying transport closed */ + + BAD_TICKET_KEY_CB_SZ = -398, /* Bad session ticket key cb size */ + BAD_TICKET_MSG_SZ = -399, /* Bad session ticket msg size */ + BAD_TICKET_ENCRYPT = -400, /* Bad user ticket encrypt */ + + DH_KEY_SIZE_E = -401, /* DH Key too small */ + SNI_ABSENT_ERROR = -402, /* No SNI request. */ + RSA_SIGN_FAULT = -403, /* RSA Sign fault */ + HANDSHAKE_SIZE_ERROR = -404, /* Handshake message too large */ + + UNKNOWN_ALPN_PROTOCOL_NAME_E = -405, /* Unrecognized protocol name Error*/ + BAD_CERTIFICATE_STATUS_ERROR = -406, /* Bad certificate status message */ + OCSP_INVALID_STATUS = -407, /* Invalid OCSP Status */ + + RSA_KEY_SIZE_E = -409, /* RSA key too small */ + ECC_KEY_SIZE_E = -410, /* ECC key too small */ + + DTLS_EXPORT_VER_E = -411, /* export version error */ + INPUT_SIZE_E = -412, /* input size too big error */ + CTX_INIT_MUTEX_E = -413, /* initialize ctx mutex error */ + EXT_MASTER_SECRET_NEEDED_E = -414, /* need EMS enabled to resume */ + DTLS_POOL_SZ_E = -415, /* exceeded DTLS pool size */ + DECODE_E = -416, /* decode handshake message error */ + /* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */ + + /* begin negotiation parameter errors */ + UNSUPPORTED_SUITE = -500, /* unsupported cipher suite */ + MATCH_SUITE_ERROR = -501, /* can't match cipher suite */ + COMPRESSION_ERROR = -502 /* compression mismatch */ + /* end negotiation parameter errors only 10 for now */ + /* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */ + + /* no error stings go down here, add above negotiation errors !!!! */ +}; + + +#ifdef WOLFSSL_CALLBACKS + enum { + MIN_PARAM_ERR = UNSUPPORTED_SUITE, + MAX_PARAM_ERR = MIN_PARAM_ERR - 10 + }; +#endif + + +WOLFSSL_LOCAL +void SetErrorString(int err, char* buff); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* wolfSSL_ERROR_H */ diff --git a/ccc/dist/lib/include/wolfssl/include.am b/ccc/dist/lib/include/wolfssl/include.am new file mode 100644 index 0000000..03883b0 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/include.am @@ -0,0 +1,31 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +include wolfssl/wolfcrypt/include.am +include wolfssl/openssl/include.am + +EXTRA_DIST+= wolfssl/sniffer_error.rc + +nobase_include_HEADERS+= \ + wolfssl/error-ssl.h \ + wolfssl/ssl.h \ + wolfssl/sniffer_error.h \ + wolfssl/sniffer.h \ + wolfssl/callbacks.h \ + wolfssl/certs_test.h \ + wolfssl/test.h \ + wolfssl/version.h \ + wolfssl/ocsp.h \ + wolfssl/crl.h + +noinst_HEADERS+= \ + wolfssl/internal.h + +# For distro build don't install options.h. +# It depends on the architecture and conflicts with Multi-Arch. +if BUILD_DISTRO +noinst_HEADERS+= wolfssl/options.h +else +nobase_include_HEADERS+= wolfssl/options.h +endif diff --git a/ccc/dist/lib/include/wolfssl/internal.h b/ccc/dist/lib/include/wolfssl/internal.h new file mode 100644 index 0000000..3859c15 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/internal.h @@ -0,0 +1,3175 @@ +/* internal.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLFSSL_INT_H +#define WOLFSSL_INT_H + + +#include +#include +#ifdef HAVE_CRL + #include +#endif +#include +#ifndef NO_DES3 + #include +#endif +#ifndef NO_HC128 + #include +#endif +#ifndef NO_RABBIT + #include +#endif +#ifdef HAVE_CHACHA + #include +#endif +#ifndef NO_ASN + #include + #include +#endif +#ifndef NO_MD5 + #include +#endif +#ifndef NO_SHA + #include +#endif +#ifndef NO_AES + #include +#endif +#ifdef HAVE_POLY1305 + #include +#endif +#ifdef HAVE_CAMELLIA + #include +#endif +#include +#ifndef NO_HMAC + #include +#endif +#ifndef NO_RC4 + #include +#endif +#ifdef HAVE_ECC + #include +#endif +#ifndef NO_SHA256 + #include +#endif +#ifdef HAVE_OCSP + #include +#endif +#ifdef WOLFSSL_SHA512 + #include +#endif + +#ifdef HAVE_AESGCM + #include +#endif + +#ifdef WOLFSSL_RIPEMD + #include +#endif + +#ifdef HAVE_IDEA + #include +#endif + +#include + +#ifdef WOLFSSL_CALLBACKS + #include + #include +#endif + +#ifdef USE_WINDOWS_API + #ifdef WOLFSSL_GAME_BUILD + #include "system/xtl.h" + #else + #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN) + /* On WinCE winsock2.h must be included before windows.h */ + #include + #endif + #include + #endif +#elif defined(THREADX) + #ifndef SINGLE_THREADED + #include "tx_api.h" + #endif +#elif defined(MICRIUM) + /* do nothing, just don't pick Unix */ +#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS) + /* do nothing */ +#elif defined(EBSNET) + /* do nothing */ +#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + /* do nothing */ +#elif defined(FREESCALE_FREE_RTOS) + #include "fsl_os_abstraction.h" +#elif defined(WOLFSSL_uITRON4) + /* do nothing */ +#elif defined(WOLFSSL_uTKERNEL2) + /* do nothing */ +#elif defined(WOLFSSL_MDK_ARM) + #if defined(WOLFSSL_MDK5) + #include "cmsis_os.h" + #else + #include + #endif +#elif defined(WOLFSSL_CMSIS_RTOS) + #include "cmsis_os.h" +#elif defined(MBED) +#elif defined(WOLFSSL_TIRTOS) + /* do nothing */ +#else + #ifndef SINGLE_THREADED + #define WOLFSSL_PTHREADS + #include + #endif + #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) + #include /* for close of BIO */ + #endif +#endif + + +#ifdef HAVE_LIBZ + #include "zlib.h" +#endif + +#ifdef WOLFSSL_ASYNC_CRYPT + #include +#endif + +#ifdef _MSC_VER + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable: 4996) +#endif + +#ifdef NO_AES + #if !defined (ALIGN16) + #define ALIGN16 + #endif +#endif + +#ifdef NO_SHA + #define SHA_DIGEST_SIZE 20 +#endif + +#ifdef NO_SHA256 + #define SHA256_DIGEST_SIZE 32 +#endif + +#ifdef NO_MD5 + #define MD5_DIGEST_SIZE 16 +#endif + + +#ifdef __cplusplus + extern "C" { +#endif + + +#ifdef USE_WINDOWS_API + typedef unsigned int SOCKET_T; +#else + typedef int SOCKET_T; +#endif + + +typedef byte word24[3]; + +/* Define or comment out the cipher suites you'd like to be compiled in + make sure to use at least one BUILD_SSL_xxx or BUILD_TLS_xxx is defined + + When adding cipher suites, add name to cipher_names, idx to cipher_name_idx + + Now that there is a maximum strength crypto build, the following BUILD_XXX + flags need to be divided into two groups selected by WOLFSSL_MAX_STRENGTH. + Those that do not use Perfect Forward Security and do not use AEAD ciphers + need to be switched off. Allowed suites use (EC)DHE, AES-GCM|CCM, or + CHACHA-POLY. +*/ + +/* Check that if WOLFSSL_MAX_STRENGTH is set that all the required options are + * not turned off. */ +#if defined(WOLFSSL_MAX_STRENGTH) && \ + ((!defined(HAVE_ECC) && (defined(NO_DH) || defined(NO_RSA))) || \ + (!defined(HAVE_AESGCM) && !defined(HAVE_AESCCM) && \ + (!defined(HAVE_POLY1305) || !defined(HAVE_CHACHA))) || \ + (defined(NO_SHA256) && !defined(WOLFSSL_SHA384)) || \ + !defined(NO_OLD_TLS)) + + #error "You are trying to build max strength with requirements disabled." +#endif + +/* Have QSH : Quantum-safe Handshake */ +#if defined(HAVE_QSH) + #define BUILD_TLS_QSH +#endif + +#ifndef WOLFSSL_MAX_STRENGTH + + #if !defined(NO_RSA) && !defined(NO_RC4) + #if defined(WOLFSSL_STATIC_RSA) + #if !defined(NO_SHA) + #define BUILD_SSL_RSA_WITH_RC4_128_SHA + #endif + #if !defined(NO_MD5) + #define BUILD_SSL_RSA_WITH_RC4_128_MD5 + #endif + #endif + #if !defined(NO_TLS) && defined(HAVE_NTRU) && !defined(NO_SHA) \ + && defined(WOLFSSL_STATIC_RSA) + #define BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA + #endif + #endif + + #if !defined(NO_RSA) && !defined(NO_DES3) + #if !defined(NO_SHA) + #if defined(WOLFSSL_STATIC_RSA) + #define BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA + #endif + #if !defined(NO_TLS) && defined(HAVE_NTRU) \ + && defined(WOLFSSL_STATIC_RSA) + #define BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA + #endif + #endif + #endif + + #if !defined(NO_RSA) && defined(HAVE_IDEA) + #if !defined(NO_SHA) && defined(WOLFSSL_STATIC_RSA) + #define BUILD_SSL_RSA_WITH_IDEA_CBC_SHA + #endif + #endif + + #if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS) + #if !defined(NO_SHA) + #if defined(WOLFSSL_STATIC_RSA) + #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA + #endif + #if defined(HAVE_NTRU) && defined(WOLFSSL_STATIC_RSA) + #define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA + #endif + #endif + #if defined(WOLFSSL_STATIC_RSA) + #if !defined (NO_SHA256) + #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 + #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 + #endif + #if defined (HAVE_AESGCM) + #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 + #if defined (WOLFSSL_SHA384) + #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 + #endif + #endif + #if defined (HAVE_AESCCM) + #define BUILD_TLS_RSA_WITH_AES_128_CCM_8 + #define BUILD_TLS_RSA_WITH_AES_256_CCM_8 + #endif + #if defined(HAVE_BLAKE2) + #define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 + #define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 + #endif + #endif + #endif + + #if defined(HAVE_CAMELLIA) && !defined(NO_TLS) + #ifndef NO_RSA + #if defined(WOLFSSL_STATIC_RSA) + #if !defined(NO_SHA) + #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + #endif + #endif + #if !defined(NO_DH) + #if !defined(NO_SHA) + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + #endif + #endif + #endif + #endif + +#if defined(WOLFSSL_STATIC_PSK) + #if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS) + #if !defined(NO_SHA) + #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA + #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 + #ifdef HAVE_AESGCM + #define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 + #endif + #ifdef HAVE_AESCCM + #define BUILD_TLS_PSK_WITH_AES_128_CCM_8 + #define BUILD_TLS_PSK_WITH_AES_256_CCM_8 + #define BUILD_TLS_PSK_WITH_AES_128_CCM + #define BUILD_TLS_PSK_WITH_AES_256_CCM + #endif + #endif + #ifdef WOLFSSL_SHA384 + #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 + #ifdef HAVE_AESGCM + #define BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 + #endif + #endif + #endif +#endif + + #if !defined(NO_TLS) && defined(HAVE_NULL_CIPHER) + #if !defined(NO_RSA) + #if defined(WOLFSSL_STATIC_RSA) + #if !defined(NO_SHA) + #define BUILD_TLS_RSA_WITH_NULL_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_RSA_WITH_NULL_SHA256 + #endif + #endif + #endif + #if !defined(NO_PSK) && defined(WOLFSSL_STATIC_PSK) + #if !defined(NO_SHA) + #define BUILD_TLS_PSK_WITH_NULL_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_PSK_WITH_NULL_SHA256 + #endif + #ifdef WOLFSSL_SHA384 + #define BUILD_TLS_PSK_WITH_NULL_SHA384 + #endif + #endif + #endif + +#if defined(WOLFSSL_STATIC_RSA) + #if !defined(NO_HC128) && !defined(NO_RSA) && !defined(NO_TLS) + #ifndef NO_MD5 + #define BUILD_TLS_RSA_WITH_HC_128_MD5 + #endif + #if !defined(NO_SHA) + #define BUILD_TLS_RSA_WITH_HC_128_SHA + #endif + #if defined(HAVE_BLAKE2) + #define BUILD_TLS_RSA_WITH_HC_128_B2B256 + #endif + #endif + + #if !defined(NO_RABBIT) && !defined(NO_TLS) && !defined(NO_RSA) + #if !defined(NO_SHA) + #define BUILD_TLS_RSA_WITH_RABBIT_SHA + #endif + #endif +#endif + + #if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \ + !defined(NO_RSA) + + #if !defined(NO_SHA) + #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + #if !defined(NO_DES3) + #define BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + #endif + #endif + #if !defined(NO_SHA256) + #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + #endif + #endif + + #if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \ + !defined(NO_AES) && !defined(NO_SHA) + #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA + #endif + + #if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS) + #ifndef NO_SHA256 + #ifndef NO_AES + #define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + #endif + #ifdef HAVE_NULL_CIPHER + #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 + #endif + #endif + #ifdef WOLFSSL_SHA384 + #ifndef NO_AES + #define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + #endif + #ifdef HAVE_NULL_CIPHER + #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 + #endif + #endif + #endif + + #if defined(HAVE_ECC) && !defined(NO_TLS) + #if !defined(NO_AES) + #if !defined(NO_SHA) + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + #endif + #endif + + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + #endif + #endif /* NO_SHA */ + #ifndef NO_SHA256 + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + #endif + #endif + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + #endif + #endif + + #ifdef WOLFSSL_SHA384 + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + #endif + #endif + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + #endif + #endif + + #if defined (HAVE_AESGCM) + #if !defined(NO_RSA) + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + #endif + #if defined(WOLFSSL_SHA384) + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + #endif + #endif + #endif + + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + #endif + + #if defined(WOLFSSL_SHA384) + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + #endif + #endif + #endif + #endif /* NO_AES */ + #if !defined(NO_RC4) + #if !defined(NO_SHA) + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA + #endif + #endif + + #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + #endif + #endif + #endif + #if !defined(NO_DES3) + #ifndef NO_SHA + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + #endif + #endif + + #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + #if defined(WOLFSSL_STATIC_DH) + #define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + #endif + #endif /* NO_SHA */ + #endif + #if defined(HAVE_NULL_CIPHER) + #if !defined(NO_SHA) + #define BUILD_TLS_ECDHE_ECDSA_WITH_NULL_SHA + #endif + #if !defined(NO_PSK) && !defined(NO_SHA256) + #define BUILD_TLS_ECDHE_PSK_WITH_NULL_SHA256 + #endif + #endif + #if !defined(NO_PSK) && !defined(NO_SHA256) && !defined(NO_AES) + #define BUILD_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + #endif + #endif + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_SHA256) + #if !defined(NO_OLD_POLY1305) + #ifdef HAVE_ECC + #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256 + #ifndef NO_RSA + #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 + #endif + #endif + #if !defined(NO_DH) && !defined(NO_RSA) + #define BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 + #endif + #endif /* NO_OLD_POLY1305 */ + #if !defined(NO_PSK) + #define BUILD_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 + #ifdef HAVE_ECC + #define BUILD_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 + #endif + #ifndef NO_DH + #define BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 + #endif + #endif /* !NO_PSK */ + #endif + +#endif /* !WOLFSSL_MAX_STRENGTH */ + +#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \ + !defined(NO_RSA) && defined(HAVE_AESGCM) + + #ifndef NO_SHA256 + #define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + #endif + + #ifdef WOLFSSL_SHA384 + #define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + #endif +#endif + +#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS) + #ifndef NO_SHA256 + #ifdef HAVE_AESGCM + #define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + #endif + #ifdef HAVE_AESCCM + #define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM + #define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM + #endif + #endif + #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM) + #define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + #endif +#endif + +#if defined(HAVE_ECC) && !defined(NO_TLS) && !defined(NO_AES) + #ifdef HAVE_AESGCM + #ifndef NO_SHA256 + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + #ifndef NO_RSA + #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + #endif + #endif + #ifdef WOLFSSL_SHA384 + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + #ifndef NO_RSA + #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + #endif + #endif + #endif + #if defined(HAVE_AESCCM) && !defined(NO_SHA256) + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 + #endif +#endif + +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_SHA256) + #ifdef HAVE_ECC + #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + #ifndef NO_RSA + #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + #endif + #endif + #if !defined(NO_DH) && !defined(NO_RSA) + #define BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + #endif +#endif + + +#if defined(BUILD_SSL_RSA_WITH_RC4_128_SHA) || \ + defined(BUILD_SSL_RSA_WITH_RC4_128_MD5) + #define BUILD_ARC4 +#endif + +#if defined(BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA) + #define BUILD_DES3 +#endif + +#if defined(BUILD_TLS_RSA_WITH_AES_128_CBC_SHA) || \ + defined(BUILD_TLS_RSA_WITH_AES_256_CBC_SHA) || \ + defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256) || \ + defined(BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256) + #undef BUILD_AES + #define BUILD_AES +#endif + +#if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) || \ + defined(BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) || \ + defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) || \ + defined(BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256) || \ + defined(BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256) || \ + defined(BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384) || \ + defined(BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) || \ + defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) || \ + defined(BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384) || \ + defined(BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384) + #define BUILD_AESGCM +#endif + +#if defined(BUILD_TLS_RSA_WITH_HC_128_SHA) || \ + defined(BUILD_TLS_RSA_WITH_HC_128_MD5) || \ + defined(BUILD_TLS_RSA_WITH_HC_128_B2B256) + #define BUILD_HC128 +#endif + +#if defined(BUILD_TLS_RSA_WITH_RABBIT_SHA) + #define BUILD_RABBIT +#endif + +#ifdef NO_DES3 + #define DES_BLOCK_SIZE 8 +#else + #undef BUILD_DES3 + #define BUILD_DES3 +#endif + +#ifdef NO_AES + #define AES_BLOCK_SIZE 16 +#else + #undef BUILD_AES + #define BUILD_AES +#endif + +#ifndef NO_RC4 + #undef BUILD_ARC4 + #define BUILD_ARC4 +#endif + +#ifdef HAVE_CHACHA + #define CHACHA20_BLOCK_SIZE 16 +#endif + +#if defined(WOLFSSL_MAX_STRENGTH) || \ + defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \ + (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) + + #define HAVE_AEAD +#endif + +#if defined(WOLFSSL_MAX_STRENGTH) || \ + defined(HAVE_ECC) || !defined(NO_DH) + + #define HAVE_PFS +#endif + +#if defined(BUILD_SSL_RSA_WITH_IDEA_CBC_SHA) + #define BUILD_IDEA +#endif + +/* actual cipher values, 2nd byte */ +enum { + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x16, + TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x39, + TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x33, + TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x34, + TLS_RSA_WITH_AES_256_CBC_SHA = 0x35, + TLS_RSA_WITH_AES_128_CBC_SHA = 0x2F, + TLS_RSA_WITH_NULL_SHA = 0x02, + TLS_PSK_WITH_AES_256_CBC_SHA = 0x8d, + TLS_PSK_WITH_AES_128_CBC_SHA256 = 0xae, + TLS_PSK_WITH_AES_256_CBC_SHA384 = 0xaf, + TLS_PSK_WITH_AES_128_CBC_SHA = 0x8c, + TLS_PSK_WITH_NULL_SHA256 = 0xb0, + TLS_PSK_WITH_NULL_SHA384 = 0xb1, + TLS_PSK_WITH_NULL_SHA = 0x2c, + SSL_RSA_WITH_RC4_128_SHA = 0x05, + SSL_RSA_WITH_RC4_128_MD5 = 0x04, + SSL_RSA_WITH_3DES_EDE_CBC_SHA = 0x0A, + SSL_RSA_WITH_IDEA_CBC_SHA = 0x07, + + /* ECC suites, first byte is 0xC0 (ECC_BYTE) */ + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0x14, + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0x13, + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0x0A, + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0x09, + TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0x11, + TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0x07, + TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x12, + TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x08, + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0x27, + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0x23, + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0x28, + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0x24, + TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0x06, + TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0x3a, + TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0x37, + + /* static ECDH, first byte is 0xC0 (ECC_BYTE) */ + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0x0F, + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0x0E, + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0x05, + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0x04, + TLS_ECDH_RSA_WITH_RC4_128_SHA = 0x0C, + TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0x02, + TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0D, + TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x03, + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0x29, + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0x25, + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0x2A, + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0x26, + + /* wolfSSL extension - eSTREAM */ + TLS_RSA_WITH_HC_128_MD5 = 0xFB, + TLS_RSA_WITH_HC_128_SHA = 0xFC, + TLS_RSA_WITH_RABBIT_SHA = 0xFD, + + /* wolfSSL extension - Blake2b 256 */ + TLS_RSA_WITH_AES_128_CBC_B2B256 = 0xF8, + TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9, + TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */ + + /* wolfSSL extension - NTRU */ + TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5, + TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6, + TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0xe7, /* clashes w/official SHA-256 */ + TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0xe8, + + /* wolfSSL extension - NTRU , Quantum-safe Handshake + first byte is 0xD0 (QSH_BYTE) */ + TLS_QSH = 0x01, + + /* SHA256 */ + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x6b, + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x67, + TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d, + TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c, + TLS_RSA_WITH_NULL_SHA256 = 0x3b, + TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0xb2, + TLS_DHE_PSK_WITH_NULL_SHA256 = 0xb4, + + /* SHA384 */ + TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0xb3, + TLS_DHE_PSK_WITH_NULL_SHA384 = 0xb5, + + /* AES-GCM */ + TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x9c, + TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x9d, + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x9e, + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f, + TLS_PSK_WITH_AES_128_GCM_SHA256 = 0xa8, + TLS_PSK_WITH_AES_256_GCM_SHA384 = 0xa9, + TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0xaa, + TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0xab, + + /* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */ + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b, + TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2c, + TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2d, + TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2e, + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x2f, + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0x30, + TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0x31, + TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0x32, + + /* AES-CCM, first byte is 0xC0 but isn't ECC, + * also, in some of the other AES-CCM suites + * there will be second byte number conflicts + * with non-ECC AES-GCM */ + TLS_RSA_WITH_AES_128_CCM_8 = 0xa0, + TLS_RSA_WITH_AES_256_CCM_8 = 0xa1, + TLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xac, + TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xae, + TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xaf, + TLS_PSK_WITH_AES_128_CCM = 0xa4, + TLS_PSK_WITH_AES_256_CCM = 0xa5, + TLS_PSK_WITH_AES_128_CCM_8 = 0xa8, + TLS_PSK_WITH_AES_256_CCM_8 = 0xa9, + TLS_DHE_PSK_WITH_AES_128_CCM = 0xa6, + TLS_DHE_PSK_WITH_AES_256_CCM = 0xa7, + + /* Camellia */ + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x41, + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x84, + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xba, + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc0, + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45, + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88, + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe, + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4, + + /* chacha20-poly1305 suites first byte is 0xCC (CHACHA_BYTE) */ + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xa8, + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xa9, + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xaa, + TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xac, + TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xab, + TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xad, + + /* chacha20-poly1305 earlier version of nonce and padding (CHACHA_BYTE) */ + TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 = 0x13, + TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256 = 0x14, + TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 = 0x15, + + /* Renegotiation Indication Extension Special Suite */ + TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff +}; + + +#ifndef WOLFSSL_SESSION_TIMEOUT + #define WOLFSSL_SESSION_TIMEOUT 500 + /* default session resumption cache timeout in seconds */ +#endif + + +#ifndef WOLFSSL_DTLS_WINDOW_WORDS + #define WOLFSSL_DTLS_WINDOW_WORDS 2 +#endif /* WOLFSSL_DTLS_WINDOW_WORDS */ +#define DTLS_WORD_BITS (sizeof(word32) * CHAR_BIT) +#define DTLS_SEQ_BITS (WOLFSSL_DTLS_WINDOW_WORDS * DTLS_WORD_BITS) +#define DTLS_SEQ_SZ (sizeof(word32) * WOLFSSL_DTLS_WINDOW_WORDS) + + +enum Misc { + ECC_BYTE = 0xC0, /* ECC first cipher suite byte */ + QSH_BYTE = 0xD0, /* Quantum-safe Handshake cipher suite */ + CHACHA_BYTE = 0xCC, /* ChaCha first cipher suite */ + + SEND_CERT = 1, + SEND_BLANK_CERT = 2, + + DTLS_MAJOR = 0xfe, /* DTLS major version number */ + DTLS_MINOR = 0xff, /* DTLS minor version number */ + DTLSv1_2_MINOR = 0xfd, /* DTLS minor version number */ + SSLv3_MAJOR = 3, /* SSLv3 and TLSv1+ major version number */ + SSLv3_MINOR = 0, /* TLSv1 minor version number */ + TLSv1_MINOR = 1, /* TLSv1 minor version number */ + TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */ + TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */ + OLD_HELLO_ID = 0x01, /* SSLv2 Client Hello Indicator */ + INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */ + NO_COMPRESSION = 0, + ZLIB_COMPRESSION = 221, /* wolfSSL zlib compression */ + HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */ + HELLO_EXT_EXTMS = 0x0017, /* ID for the extended master secret ext */ + SECRET_LEN = 48, /* pre RSA and all master */ +#if defined(WOLFSSL_MYSQL_COMPATIBLE) + ENCRYPT_LEN = 1024, /* allow larger static buffer with mysql */ +#else + ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */ +#endif + SIZEOF_SENDER = 4, /* clnt or srvr */ + FINISHED_SZ = 36, /* MD5_DIGEST_SIZE + SHA_DIGEST_SIZE */ + MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */ + MAX_MSG_EXTRA = 38 + MAX_DIGEST_SIZE, + /* max added to msg, mac + pad from */ + /* RECORD_HEADER_SZ + BLOCK_SZ (pad) + Max + digest sz + BLOC_SZ (iv) + pad byte (1) */ + MAX_COMP_EXTRA = 1024, /* max compression extra */ + MAX_MTU = 1500, /* max expected MTU */ + MAX_UDP_SIZE = 8192 - 100, /* was MAX_MTU - 100 */ + MAX_DH_SZ = 1036, /* 4096 p, pub, g + 2 byte size for each */ + MAX_STR_VERSION = 8, /* string rep of protocol version */ + + PAD_MD5 = 48, /* pad length for finished */ + PAD_SHA = 40, /* pad length for finished */ + MAX_PAD_SIZE = 256, /* maximum length of padding */ + COMPRESS_DUMMY_SIZE = 64, /* compression dummy round size */ + COMPRESS_CONSTANT = 13, /* compression calc constant */ + COMPRESS_UPPER = 55, /* compression calc numerator */ + COMPRESS_LOWER = 64, /* compression calc denominator */ + + PEM_LINE_LEN = 80, /* PEM line max + fudge */ + LENGTH_SZ = 2, /* length field for HMAC, data only */ + VERSION_SZ = 2, /* length of proctocol version */ + SEQ_SZ = 8, /* 64 bit sequence number */ + BYTE3_LEN = 3, /* up to 24 bit byte lengths */ + ALERT_SIZE = 2, /* level + description */ + VERIFY_HEADER = 2, /* always use 2 bytes */ + EXT_ID_SZ = 2, /* always use 2 bytes */ + MAX_DH_SIZE = 513, /* 4096 bit plus possible leading 0 */ + SESSION_HINT_SZ = 4, /* session timeout hint */ + + RAN_LEN = 32, /* random length */ + SEED_LEN = RAN_LEN * 2, /* tls prf seed length */ + ID_LEN = 32, /* session id length */ + COOKIE_SECRET_SZ = 14, /* dtls cookie secret size */ + MAX_COOKIE_LEN = 32, /* max dtls cookie size */ + COOKIE_SZ = 20, /* use a 20 byte cookie */ + SUITE_LEN = 2, /* cipher suite sz length */ + ENUM_LEN = 1, /* always a byte */ + OPAQUE8_LEN = 1, /* 1 byte */ + OPAQUE16_LEN = 2, /* 2 bytes */ + OPAQUE24_LEN = 3, /* 3 bytes */ + OPAQUE32_LEN = 4, /* 4 bytes */ + OPAQUE64_LEN = 8, /* 8 bytes */ + COMP_LEN = 1, /* compression length */ + CURVE_LEN = 2, /* ecc named curve length */ + SERVER_ID_LEN = 20, /* server session id length */ + + HANDSHAKE_HEADER_SZ = 4, /* type + length(3) */ + RECORD_HEADER_SZ = 5, /* type + version + len(2) */ + CERT_HEADER_SZ = 3, /* always 3 bytes */ + REQ_HEADER_SZ = 2, /* cert request header sz */ + HINT_LEN_SZ = 2, /* length of hint size field */ + TRUNCATED_HMAC_SZ = 10, /* length of hmac w/ truncated hmac extension */ + HELLO_EXT_SZ = 4, /* base length of a hello extension */ + HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */ + HELLO_EXT_SZ_SZ = 2, /* length of a hello extension size */ + HELLO_EXT_SIGALGO_SZ = 2, /* length of number of items in sigalgo list */ + HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */ + + DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */ + DTLS_RECORD_HEADER_SZ = 13, /* normal + epoch(2) + seq_num(6) */ + DTLS_HANDSHAKE_EXTRA = 8, /* diff from normal */ + DTLS_RECORD_EXTRA = 8, /* diff from normal */ + DTLS_HANDSHAKE_SEQ_SZ = 2, /* handshake header sequence number */ + DTLS_HANDSHAKE_FRAG_SZ = 3, /* fragment offset and length are 24 bit */ + DTLS_POOL_SZ = 255,/* allowed number of list items in TX pool */ + DTLS_EXPORT_PRO = 165,/* wolfSSL protocol for serialized session */ + DTLS_EXPORT_VERSION = 3, /* wolfSSL version for serialized session */ + DTLS_EXPORT_OPT_SZ = 57, /* amount of bytes used from Options */ + DTLS_EXPORT_KEY_SZ = 325 + (DTLS_SEQ_SZ * 2), + /* max amount of bytes used from Keys */ + DTLS_EXPORT_MIN_KEY_SZ = 78 + (DTLS_SEQ_SZ * 2), + /* min amount of bytes used from Keys */ + DTLS_EXPORT_SPC_SZ = 16, /* amount of bytes used from CipherSpecs */ + DTLS_EXPORT_LEN = 2, /* 2 bytes for length and protocol */ + DTLS_EXPORT_IP = 46, /* max ip size IPv4 mapped IPv6 */ + MAX_EXPORT_BUFFER = 514, /* max size of buffer for exporting */ + FINISHED_LABEL_SZ = 15, /* TLS finished label size */ + TLS_FINISHED_SZ = 12, /* TLS has a shorter size */ + EXT_MASTER_LABEL_SZ = 22, /* TLS extended master secret label sz */ + MASTER_LABEL_SZ = 13, /* TLS master secret label sz */ + KEY_LABEL_SZ = 13, /* TLS key block expansion sz */ + MAX_PRF_HALF = 256, /* Maximum half secret len */ + MAX_PRF_LABSEED = 128, /* Maximum label + seed len */ + MAX_PRF_DIG = 224, /* Maximum digest len */ + MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */ + SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */ + + RC4_KEY_SIZE = 16, /* always 128bit */ + DES_KEY_SIZE = 8, /* des */ + DES3_KEY_SIZE = 24, /* 3 des ede */ + DES_IV_SIZE = DES_BLOCK_SIZE, + AES_256_KEY_SIZE = 32, /* for 256 bit */ + AES_192_KEY_SIZE = 24, /* for 192 bit */ + AES_IV_SIZE = 16, /* always block size */ + AES_128_KEY_SIZE = 16, /* for 128 bit */ + + AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */ + AEAD_TYPE_OFFSET = 8, /* Auth Data: Type */ + AEAD_VMAJ_OFFSET = 9, /* Auth Data: Major Version */ + AEAD_VMIN_OFFSET = 10, /* Auth Data: Minor Version */ + AEAD_LEN_OFFSET = 11, /* Auth Data: Length */ + AEAD_AUTH_DATA_SZ = 13, /* Size of the data to authenticate */ + AESGCM_IMP_IV_SZ = 4, /* Size of GCM/CCM AEAD implicit IV */ + AESGCM_EXP_IV_SZ = 8, /* Size of GCM/CCM AEAD explicit IV */ + AESGCM_NONCE_SZ = AESGCM_EXP_IV_SZ + AESGCM_IMP_IV_SZ, + + CHACHA20_IMP_IV_SZ = 12, /* Size of ChaCha20 AEAD implicit IV */ + CHACHA20_NONCE_SZ = 12, /* Size of ChacCha20 nonce */ + CHACHA20_OLD_OFFSET = 4, /* Offset for seq # in old poly1305 */ + + /* For any new implicit/explicit IV size adjust AEAD_MAX_***_SZ */ + + AES_GCM_AUTH_SZ = 16, /* AES-GCM Auth Tag length */ + AES_CCM_16_AUTH_SZ = 16, /* AES-CCM-16 Auth Tag length */ + AES_CCM_8_AUTH_SZ = 8, /* AES-CCM-8 Auth Tag Length */ + + CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */ + CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */ + CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */ + CAMELLIA_IV_SIZE = 16, /* always block size */ + + CHACHA20_256_KEY_SIZE = 32, /* for 256 bit */ + CHACHA20_128_KEY_SIZE = 16, /* for 128 bit */ + CHACHA20_IV_SIZE = 12, /* 96 bits for iv */ + + POLY1305_AUTH_SZ = 16, /* 128 bits */ + + HC_128_KEY_SIZE = 16, /* 128 bits */ + HC_128_IV_SIZE = 16, /* also 128 bits */ + + RABBIT_KEY_SIZE = 16, /* 128 bits */ + RABBIT_IV_SIZE = 8, /* 64 bits for iv */ + + EVP_SALT_SIZE = 8, /* evp salt size 64 bits */ + + ECDHE_SIZE = 32, /* ECHDE server size defaults to 256 bit */ + MAX_EXPORT_ECC_SZ = 256, /* Export ANS X9.62 max future size */ + +#ifdef HAVE_QSH + /* qsh handshake sends 600+ size keys over hello extensions */ + MAX_HELLO_SZ = 2048, /* max client or server hello */ +#else + MAX_HELLO_SZ = 128, /* max client or server hello */ +#endif + MAX_CERT_VERIFY_SZ = 1024, /* max */ + CLIENT_HELLO_FIRST = 35, /* Protocol + RAN_LEN + sizeof(id_len) */ + MAX_SUITE_NAME = 48, /* maximum length of cipher suite string */ + + DTLS_TIMEOUT_INIT = 1, /* default timeout init for DTLS receive */ + DTLS_TIMEOUT_MAX = 64, /* default max timeout for DTLS receive */ + DTLS_TIMEOUT_MULTIPLIER = 2, /* default timeout multiplier for DTLS recv */ + + MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */ + MAX_PSK_KEY_LEN = 64, /* max psk key supported */ + + MAX_WOLFSSL_FILE_SIZE = 1024 * 1024 * 4, /* 4 mb file size alloc limit */ + +#if defined(FORTRESS) || defined (HAVE_STUNNEL) + MAX_EX_DATA = 3, /* allow for three items of ex_data */ +#endif + + MAX_X509_SIZE = 2048, /* max static x509 buffer size */ + CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */ + MAX_FILENAME_SZ = 256, /* max file name length */ + FILE_BUFFER_SIZE = 1024, /* default static file buffer size for input, + will use dynamic buffer if not big enough */ + + MAX_NTRU_PUB_KEY_SZ = 1027, /* NTRU max for now */ + MAX_NTRU_ENCRYPT_SZ = 1027, /* NTRU max for now */ + MAX_NTRU_BITS = 256, /* max symmetric bit strength */ + NO_SNIFF = 0, /* not sniffing */ + SNIFF = 1, /* currently sniffing */ + + HASH_SIG_SIZE = 2, /* default SHA1 RSA */ + + NO_COPY = 0, /* should we copy static buffer for write */ + COPY = 1, /* should we copy static buffer for write */ + + PREV_ORDER = -1, /* Sequence number is in previous epoch. */ + PEER_ORDER = 1, /* Peer sequence number for verify. */ + CUR_ORDER = 0 /* Current sequence number. */ +}; + + +/* Set max implicit IV size for AEAD cipher suites */ +#ifdef HAVE_CHACHA + #define AEAD_MAX_IMP_SZ 12 +#else + #define AEAD_MAX_IMP_SZ 4 +#endif + +/* Set max explicit IV size for AEAD cipher suites */ +#define AEAD_MAX_EXP_SZ 8 + + +#ifndef WOLFSSL_MAX_SUITE_SZ + #define WOLFSSL_MAX_SUITE_SZ 300 + /* 150 suites for now! */ +#endif + +/* set minimum ECC key size allowed */ +#ifndef WOLFSSL_MIN_ECC_BITS + #ifdef WOLFSSL_MAX_STRENGTH + #define WOLFSSL_MIN_ECC_BITS 256 + #else + #define WOLFSSL_MIN_ECC_BITS 224 + #endif +#endif /* WOLFSSL_MIN_ECC_BITS */ +#if (WOLFSSL_MIN_ECC_BITS % 8) + /* Some ECC keys are not divisable by 8 such as prime239v1 or sect131r1. + In these cases round down to the nearest value divisable by 8. The + restriction of being divisable by 8 is in place to match wc_ecc_size + function from wolfSSL. + */ + #error ECC minimum bit size must be a multiple of 8 +#endif +#define MIN_ECCKEY_SZ (WOLFSSL_MIN_ECC_BITS / 8) + +/* set minimum RSA key size allowed */ +#ifndef WOLFSSL_MIN_RSA_BITS + #ifdef WOLFSSL_MAX_STRENGTH + #define WOLFSSL_MIN_RSA_BITS 2048 + #else + #define WOLFSSL_MIN_RSA_BITS 1024 + #endif +#endif /* WOLFSSL_MIN_RSA_BITS */ +#if (WOLFSSL_MIN_RSA_BITS % 8) + /* This is to account for the example case of a min size of 2050 bits but + still allows 2049 bit key. So we need the measurment to be in bytes. */ + #error RSA minimum bit size must be a multiple of 8 +#endif +#define MIN_RSAKEY_SZ (WOLFSSL_MIN_RSA_BITS / 8) + +/* set minimum DH key size allowed */ +#ifndef WOLFSSL_MIN_DHKEY_BITS + #ifdef WOLFSSL_MAX_STRENGTH + #define WOLFSSL_MIN_DHKEY_BITS 2048 + #else + #define WOLFSSL_MIN_DHKEY_BITS 1024 + #endif +#endif +#if (WOLFSSL_MIN_DHKEY_BITS % 8) + #error DH minimum bit size must be multiple of 8 +#endif +#if (WOLFSSL_MIN_DHKEY_BITS > 16000) + #error DH minimum bit size must not be greater than 16000 +#endif +#define MIN_DHKEY_SZ (WOLFSSL_MIN_DHKEY_BITS / 8) + + +#ifdef SESSION_INDEX +/* Shift values for making a session index */ +#define SESSIDX_ROW_SHIFT 4 +#define SESSIDX_IDX_MASK 0x0F +#endif + + +/* max cert chain peer depth */ +#ifndef MAX_CHAIN_DEPTH + #define MAX_CHAIN_DEPTH 9 +#endif + +/* max size of a certificate message payload */ +/* assumes MAX_CHAIN_DEPTH number of certificates at 2kb per certificate */ +#ifndef MAX_CERTIFICATE_SZ + #define MAX_CERTIFICATE_SZ \ + CERT_HEADER_SZ + \ + (MAX_X509_SIZE + CERT_HEADER_SZ) * MAX_CHAIN_DEPTH +#endif + +/* max size of a handshake message, currently set to the certificate */ +#ifndef MAX_HANDSHAKE_SZ + #define MAX_HANDSHAKE_SZ MAX_CERTIFICATE_SZ +#endif + +#ifndef SESSION_TICKET_LEN + #define SESSION_TICKET_LEN 256 +#endif + +#ifndef SESSION_TICKET_HINT_DEFAULT + #define SESSION_TICKET_HINT_DEFAULT 300 +#endif + + +/* don't use extra 3/4k stack space unless need to */ +#ifdef HAVE_NTRU + #define MAX_ENCRYPT_SZ MAX_NTRU_ENCRYPT_SZ +#else + #define MAX_ENCRYPT_SZ ENCRYPT_LEN +#endif + + +/* states */ +enum states { + NULL_STATE = 0, + + SERVER_HELLOVERIFYREQUEST_COMPLETE, + SERVER_HELLO_COMPLETE, + SERVER_CERT_COMPLETE, + SERVER_KEYEXCHANGE_COMPLETE, + SERVER_HELLODONE_COMPLETE, + SERVER_FINISHED_COMPLETE, + + CLIENT_HELLO_COMPLETE, + CLIENT_KEYEXCHANGE_COMPLETE, + CLIENT_FINISHED_COMPLETE, + + HANDSHAKE_DONE +}; + + +#if defined(__GNUC__) + #define WOLFSSL_PACK __attribute__ ((packed)) +#else + #define WOLFSSL_PACK +#endif + +/* SSL Version */ +typedef struct ProtocolVersion { + byte major; + byte minor; +} WOLFSSL_PACK ProtocolVersion; + + +WOLFSSL_LOCAL ProtocolVersion MakeSSLv3(void); +WOLFSSL_LOCAL ProtocolVersion MakeTLSv1(void); +WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_1(void); +WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_2(void); + +#ifdef WOLFSSL_DTLS + WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1(void); + WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1_2(void); + + #ifdef WOLFSSL_SESSION_EXPORT + WOLFSSL_LOCAL int wolfSSL_dtls_import_internal(WOLFSSL* ssl, byte* buf, + word32 sz); + WOLFSSL_LOCAL int wolfSSL_dtls_export_internal(WOLFSSL* ssl, byte* buf, + word32 sz); + WOLFSSL_LOCAL int wolfSSL_send_session(WOLFSSL* ssl); + #endif +#endif + + +enum BIO_TYPE { + BIO_BUFFER = 1, + BIO_SOCKET = 2, + BIO_SSL = 3, + BIO_MEMORY = 4 +}; + + +/* wolfSSL BIO_METHOD type */ +struct WOLFSSL_BIO_METHOD { + byte type; /* method type */ +}; + + +/* wolfSSL BIO type */ +struct WOLFSSL_BIO { + byte type; /* method type */ + byte close; /* close flag */ + byte eof; /* eof flag */ + WOLFSSL* ssl; /* possible associated ssl */ + byte* mem; /* memory buffer */ + int memLen; /* memory buffer length */ + int fd; /* possible file descriptor */ + WOLFSSL_BIO* prev; /* previous in chain */ + WOLFSSL_BIO* next; /* next in chain */ +}; + + +/* wolfSSL method type */ +struct WOLFSSL_METHOD { + ProtocolVersion version; + byte side; /* connection side, server or client */ + byte downgrade; /* whether to downgrade version, default no */ +}; + + +/* defaults to client */ +WOLFSSL_LOCAL void InitSSL_Method(WOLFSSL_METHOD*, ProtocolVersion); + +/* for sniffer */ +WOLFSSL_LOCAL int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, + word32 size, word32 totalSz, int sniff); +WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx); + + +/* wolfSSL buffer type - internal uses "buffer" type */ +typedef WOLFSSL_BUFFER_INFO buffer; + +#ifndef NO_CERTS + /* wolfSSL DER buffer */ + typedef struct DerBuffer { + byte* buffer; + void* heap; + word32 length; + int type; /* enum CertType */ + int dynType; /* DYNAMIC_TYPE_* */ + } DerBuffer; +#endif /* !NO_CERTS */ + + +enum { + FORCED_FREE = 1, + NO_FORCED_FREE = 0 +}; + + +/* only use compression extra if using compression */ +#ifdef HAVE_LIBZ + #define COMP_EXTRA MAX_COMP_EXTRA +#else + #define COMP_EXTRA 0 +#endif + +/* only the sniffer needs space in the buffer for extra MTU record(s) */ +#ifdef WOLFSSL_SNIFFER + #define MTU_EXTRA MAX_MTU * 3 +#else + #define MTU_EXTRA 0 +#endif + + +/* embedded callbacks require large static buffers, make sure on */ +#ifdef WOLFSSL_CALLBACKS + #undef LARGE_STATIC_BUFFERS + #define LARGE_STATIC_BUFFERS +#endif + + +/* give user option to use 16K static buffers */ +#if defined(LARGE_STATIC_BUFFERS) + #define RECORD_SIZE MAX_RECORD_SIZE +#else + #ifdef WOLFSSL_DTLS + #define RECORD_SIZE MAX_MTU + #else + #define RECORD_SIZE 128 + #endif +#endif + + +/* user option to turn off 16K output option */ +/* if using small static buffers (default) and SSL_write tries to write data + larger than the record we have, dynamically get it, unless user says only + write in static buffer chunks */ +#ifndef STATIC_CHUNKS_ONLY + #define OUTPUT_RECORD_SIZE MAX_RECORD_SIZE +#else + #define OUTPUT_RECORD_SIZE RECORD_SIZE +#endif + +/* wolfSSL input buffer + + RFC 2246: + + length + The length (in bytes) of the following TLSPlaintext.fragment. + The length should not exceed 2^14. +*/ +#if defined(LARGE_STATIC_BUFFERS) + #define STATIC_BUFFER_LEN RECORD_HEADER_SZ + RECORD_SIZE + COMP_EXTRA + \ + MTU_EXTRA + MAX_MSG_EXTRA +#else + /* don't fragment memory from the record header */ + #define STATIC_BUFFER_LEN RECORD_HEADER_SZ +#endif + +typedef struct { + ALIGN16 byte staticBuffer[STATIC_BUFFER_LEN]; + byte* buffer; /* place holder for static or dynamic buffer */ + word32 length; /* total buffer length used */ + word32 idx; /* idx to part of length already consumed */ + word32 bufferSize; /* current buffer size */ + byte dynamicFlag; /* dynamic memory currently in use */ + byte offset; /* alignment offset attempt */ +} bufferStatic; + +/* Cipher Suites holder */ +typedef struct Suites { + word16 suiteSz; /* suite length in bytes */ + word16 hashSigAlgoSz; /* SigAlgo extension length in bytes */ + byte suites[WOLFSSL_MAX_SUITE_SZ]; + byte hashSigAlgo[HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */ + byte setSuites; /* user set suites from default */ + byte hashAlgo; /* selected hash algorithm */ + byte sigAlgo; /* selected sig algorithm */ +} Suites; + + +WOLFSSL_LOCAL +void InitSuites(Suites*, ProtocolVersion, word16, word16, word16, word16, + word16, word16, word16, int); +WOLFSSL_LOCAL +int SetCipherList(Suites*, const char* list); + +#ifndef PSK_TYPES_DEFINED + typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*, + unsigned int, unsigned char*, unsigned int); + typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*, + unsigned char*, unsigned int); +#endif /* PSK_TYPES_DEFINED */ +#ifdef WOLFSSL_DTLS + typedef int (*wc_dtls_export)(WOLFSSL* ssl, + unsigned char* exportBuffer, unsigned int sz, void* userCtx); +#endif + +#ifdef HAVE_NETX + WOLFSSL_LOCAL int NetX_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx); + WOLFSSL_LOCAL int NetX_Send(WOLFSSL *ssl, char *buf, int sz, void *ctx); +#endif /* HAVE_NETX */ + + +/* wolfSSL Cipher type just points back to SSL */ +struct WOLFSSL_CIPHER { + WOLFSSL* ssl; +}; + + +typedef struct OcspEntry OcspEntry; + +#ifdef NO_SHA + #define OCSP_DIGEST_SIZE SHA256_DIGEST_SIZE +#else + #define OCSP_DIGEST_SIZE SHA_DIGEST_SIZE +#endif + +#ifdef NO_ASN + /* no_asn won't have */ + typedef struct CertStatus CertStatus; +#endif + +struct OcspEntry { + OcspEntry* next; /* next entry */ + byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */ + byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */ + CertStatus* status; /* OCSP response list */ + int totalStatus; /* number on list */ +}; + + +#ifndef HAVE_OCSP + typedef struct WOLFSSL_OCSP WOLFSSL_OCSP; +#endif + +/* wolfSSL OCSP controller */ +struct WOLFSSL_OCSP { + WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */ + OcspEntry* ocspList; /* OCSP response list */ + wolfSSL_Mutex ocspLock; /* OCSP list lock */ +}; + +#ifndef MAX_DATE_SIZE +#define MAX_DATE_SIZE 32 +#endif + +typedef struct CRL_Entry CRL_Entry; + +#ifdef NO_SHA + #define CRL_DIGEST_SIZE SHA256_DIGEST_SIZE +#else + #define CRL_DIGEST_SIZE SHA_DIGEST_SIZE +#endif + +#ifdef NO_ASN + typedef struct RevokedCert RevokedCert; +#endif + +/* Complete CRL */ +struct CRL_Entry { + CRL_Entry* next; /* next entry */ + byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */ + /* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */ + /* restore the hash here if needed for optimized comparisons */ + byte lastDate[MAX_DATE_SIZE]; /* last date updated */ + byte nextDate[MAX_DATE_SIZE]; /* next update date */ + byte lastDateFormat; /* last date format */ + byte nextDateFormat; /* next date format */ + RevokedCert* certs; /* revoked cert list */ + int totalCerts; /* number on list */ +}; + + +typedef struct CRL_Monitor CRL_Monitor; + +/* CRL directory monitor */ +struct CRL_Monitor { + char* path; /* full dir path, if valid pointer we're using */ + int type; /* PEM or ASN1 type */ +}; + + +#ifndef HAVE_CRL + typedef struct WOLFSSL_CRL WOLFSSL_CRL; +#endif + +#if defined(HAVE_CRL) && defined(NO_FILESYSTEM) + #undef HAVE_CRL_MONITOR +#endif + +/* wolfSSL CRL controller */ +struct WOLFSSL_CRL { + WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */ + CRL_Entry* crlList; /* our CRL list */ + wolfSSL_Mutex crlLock; /* CRL list lock */ + CRL_Monitor monitors[2]; /* PEM and DER possible */ +#ifdef HAVE_CRL_MONITOR + pthread_cond_t cond; /* condition to signal setup */ + pthread_t tid; /* monitoring thread */ + int mfd; /* monitor fd, -1 if no init yet */ + int setup; /* thread is setup predicate */ +#endif + void* heap; /* heap hint for dynamic memory */ +}; + + +#ifdef NO_ASN + typedef struct Signer Signer; +#ifdef WOLFSSL_TRUST_PEER_CERT + typedef struct TrustedPeerCert TrustedPeerCert; +#endif +#endif + + +#ifndef CA_TABLE_SIZE + #define CA_TABLE_SIZE 11 +#endif +#ifdef WOLFSSL_TRUST_PEER_CERT + #define TP_TABLE_SIZE 11 +#endif + +/* wolfSSL Certificate Manager */ +struct WOLFSSL_CERT_MANAGER { + Signer* caTable[CA_TABLE_SIZE]; /* the CA signer table */ + void* heap; /* heap helper */ +#ifdef WOLFSSL_TRUST_PEER_CERT + TrustedPeerCert* tpTable[TP_TABLE_SIZE]; /* table of trusted peer certs */ + wolfSSL_Mutex tpLock; /* trusted peer list lock */ +#endif + WOLFSSL_CRL* crl; /* CRL checker */ + WOLFSSL_OCSP* ocsp; /* OCSP checker */ +#if !defined(NO_WOLFSSL_SERVER) && (defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ + || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)) + WOLFSSL_OCSP* ocsp_stapling; /* OCSP checker for OCSP stapling */ +#endif + char* ocspOverrideURL; /* use this responder */ + void* ocspIOCtx; /* I/O callback CTX */ + CallbackCACache caCacheCallback; /* CA cache addition callback */ + CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */ + CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */ + CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */ + wolfSSL_Mutex caLock; /* CA list lock */ + byte crlEnabled; /* is CRL on ? */ + byte crlCheckAll; /* always leaf, but all ? */ + byte ocspEnabled; /* is OCSP on ? */ + byte ocspCheckAll; /* always leaf, but all ? */ + byte ocspSendNonce; /* send the OCSP nonce ? */ + byte ocspUseOverrideURL; /* ignore cert's responder, override */ + byte ocspStaplingEnabled; /* is OCSP Stapling on ? */ + +#ifndef NO_RSA + short minRsaKeySz; /* minimum allowed RSA key size */ +#endif +#ifdef HAVE_ECC + short minEccKeySz; /* minimum allowed ECC key size */ +#endif +}; + +WOLFSSL_LOCAL int CM_SaveCertCache(WOLFSSL_CERT_MANAGER*, const char*); +WOLFSSL_LOCAL int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER*, const char*); +WOLFSSL_LOCAL int CM_MemSaveCertCache(WOLFSSL_CERT_MANAGER*, void*, int, int*); +WOLFSSL_LOCAL int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER*, const void*, int); +WOLFSSL_LOCAL int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER*); + +/* wolfSSL Sock Addr */ +struct WOLFSSL_SOCKADDR { + unsigned int sz; /* sockaddr size */ + void* sa; /* pointer to the sockaddr_in or sockaddr_in6 */ +}; + +typedef struct WOLFSSL_DTLS_CTX { + WOLFSSL_SOCKADDR peer; + int rfd; + int wfd; +} WOLFSSL_DTLS_CTX; + + +#define MAX_WRITE_IV_SZ 16 /* max size of client/server write_IV */ + +/* keys and secrets + * keep as a constant size (no additional ifdefs) for session export */ +typedef struct Keys { + byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */ + byte server_write_MAC_secret[MAX_DIGEST_SIZE]; + byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */ + byte server_write_key[AES_256_KEY_SIZE]; + byte client_write_IV[MAX_WRITE_IV_SZ]; /* max sizes */ + byte server_write_IV[MAX_WRITE_IV_SZ]; +#if defined(HAVE_AEAD) || defined(WOLFSSL_SESSION_EXPORT) + byte aead_exp_IV[AEAD_MAX_EXP_SZ]; + byte aead_enc_imp_IV[AEAD_MAX_IMP_SZ]; + byte aead_dec_imp_IV[AEAD_MAX_IMP_SZ]; +#endif + + word32 peer_sequence_number_hi; + word32 peer_sequence_number_lo; + word32 sequence_number_hi; + word32 sequence_number_lo; + +#ifdef WOLFSSL_DTLS + word32 window[WOLFSSL_DTLS_WINDOW_WORDS]; + /* Sliding window for current epoch */ + word16 nextEpoch; /* Expected epoch in next record */ + word16 nextSeq_hi; /* Expected sequence in next record */ + word32 nextSeq_lo; + + word16 curEpoch; /* Received epoch in current record */ + word16 curSeq_hi; /* Received sequence in current record */ + word32 curSeq_lo; + + word32 prevWindow[WOLFSSL_DTLS_WINDOW_WORDS]; + /* Sliding window for old epoch */ + word16 prevSeq_hi; /* Next sequence in allowed old epoch */ + word32 prevSeq_lo; + + word16 dtls_peer_handshake_number; + word16 dtls_expected_peer_handshake_number; + + word16 dtls_epoch; /* Current epoch */ + word16 dtls_sequence_number_hi; /* Current epoch */ + word32 dtls_sequence_number_lo; + word16 dtls_prev_sequence_number_hi; /* Previous epoch */ + word32 dtls_prev_sequence_number_lo; + word16 dtls_handshake_number; /* Current tx handshake seq */ +#endif + + word32 encryptSz; /* last size of encrypted data */ + word32 padSz; /* how much to advance after decrypt part */ + byte encryptionOn; /* true after change cipher spec */ + byte decryptedCur; /* only decrypt current record once */ +} Keys; + + + +/** TLS Extensions - RFC 6066 */ +#ifdef HAVE_TLS_EXTENSIONS + +typedef enum { + TLSX_SERVER_NAME = 0x0000, /* a.k.a. SNI */ + TLSX_MAX_FRAGMENT_LENGTH = 0x0001, + TLSX_TRUNCATED_HMAC = 0x0004, + TLSX_STATUS_REQUEST = 0x0005, /* a.k.a. OCSP stapling */ + TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */ + TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */ + TLSX_STATUS_REQUEST_V2 = 0x0011, /* a.k.a. OCSP stapling v2 */ + TLSX_QUANTUM_SAFE_HYBRID = 0x0018, /* a.k.a. QSH */ + TLSX_SESSION_TICKET = 0x0023, + TLSX_RENEGOTIATION_INFO = 0xff01 +} TLSX_Type; + +typedef struct TLSX { + TLSX_Type type; /* Extension Type */ + void* data; /* Extension Data */ + byte resp; /* IsResponse Flag */ + struct TLSX* next; /* List Behavior */ +} TLSX; + +WOLFSSL_LOCAL TLSX* TLSX_Find(TLSX* list, TLSX_Type type); +WOLFSSL_LOCAL void TLSX_FreeAll(TLSX* list, void* heap); +WOLFSSL_LOCAL int TLSX_SupportExtensions(WOLFSSL* ssl); +WOLFSSL_LOCAL int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isRequest); + +#ifndef NO_WOLFSSL_CLIENT +WOLFSSL_LOCAL word16 TLSX_GetRequestSize(WOLFSSL* ssl); +WOLFSSL_LOCAL word16 TLSX_WriteRequest(WOLFSSL* ssl, byte* output); +#endif + +#ifndef NO_WOLFSSL_SERVER +WOLFSSL_LOCAL word16 TLSX_GetResponseSize(WOLFSSL* ssl); +WOLFSSL_LOCAL word16 TLSX_WriteResponse(WOLFSSL* ssl, byte* output); +#endif + +WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, + byte isRequest, Suites *suites); + +#elif defined(HAVE_SNI) \ + || defined(HAVE_MAX_FRAGMENT) \ + || defined(HAVE_TRUNCATED_HMAC) \ + || defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ + || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) \ + || defined(HAVE_SUPPORTED_CURVES) \ + || defined(HAVE_ALPN) \ + || defined(HAVE_QSH) \ + || defined(HAVE_SESSION_TICKET) \ + || defined(HAVE_SECURE_RENEGOTIATION) \ + || defined(HAVE_SERVER_RENEGOTIATION_INFO) + +#error Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined. + +#endif /* HAVE_TLS_EXTENSIONS */ + +/** Server Name Indication - RFC 6066 (session 3) */ +#ifdef HAVE_SNI + +typedef struct SNI { + byte type; /* SNI Type */ + union { char* host_name; } data; /* SNI Data */ + struct SNI* next; /* List Behavior */ +#ifndef NO_WOLFSSL_SERVER + byte options; /* Behavior options */ + byte status; /* Matching result */ +#endif +} SNI; + +WOLFSSL_LOCAL int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, + word16 size, void* heap); + +#ifndef NO_WOLFSSL_SERVER +WOLFSSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type, + byte options); +WOLFSSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type); +WOLFSSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type, + void** data); +WOLFSSL_LOCAL int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, + byte type, byte* sni, word32* inOutSz); +#endif + +#endif /* HAVE_SNI */ + +/* Application-Layer Protocol Negotiation - RFC 7301 */ +#ifdef HAVE_ALPN +typedef struct ALPN { + char* protocol_name; /* ALPN protocol name */ + struct ALPN* next; /* List Behavior */ + byte options; /* Behavior options */ + byte negotiated; /* ALPN protocol negotiated or not */ +} ALPN; + +WOLFSSL_LOCAL int TLSX_ALPN_GetRequest(TLSX* extensions, + void** data, word16 *dataSz); + +WOLFSSL_LOCAL int TLSX_UseALPN(TLSX** extensions, const void* data, + word16 size, byte options, void* heap); + +WOLFSSL_LOCAL int TLSX_ALPN_SetOptions(TLSX** extensions, const byte option); + +#endif /* HAVE_ALPN */ + +/** Maximum Fragment Length Negotiation - RFC 6066 (session 4) */ +#ifdef HAVE_MAX_FRAGMENT + +WOLFSSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl, void* heap); + +#endif /* HAVE_MAX_FRAGMENT */ + +/** Truncated HMAC - RFC 6066 (session 7) */ +#ifdef HAVE_TRUNCATED_HMAC + +WOLFSSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions, void* heap); + +#endif /* HAVE_TRUNCATED_HMAC */ + +/** Certificate Status Request - RFC 6066 (session 8) */ +#ifdef HAVE_CERTIFICATE_STATUS_REQUEST + +typedef struct { + byte status_type; + byte options; + union { + OcspRequest ocsp; + } request; +} CertificateStatusRequest; + +WOLFSSL_LOCAL int TLSX_UseCertificateStatusRequest(TLSX** extensions, + byte status_type, byte options, void* heap); +WOLFSSL_LOCAL int TLSX_CSR_InitRequest(TLSX* extensions, DecodedCert* cert, + void* heap); +WOLFSSL_LOCAL void* TLSX_CSR_GetRequest(TLSX* extensions); +WOLFSSL_LOCAL int TLSX_CSR_ForceRequest(WOLFSSL* ssl); + +#endif + +/** Certificate Status Request v2 - RFC 6961 */ +#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 + +typedef struct CSRIv2 { + byte status_type; + byte options; + word16 requests; + union { + OcspRequest ocsp[1 + MAX_CHAIN_DEPTH]; + } request; + struct CSRIv2* next; +} CertificateStatusRequestItemV2; + +WOLFSSL_LOCAL int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, + byte status_type, byte options, void* heap); +WOLFSSL_LOCAL int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert, + byte isPeer, void* heap); +WOLFSSL_LOCAL void* TLSX_CSR2_GetRequest(TLSX* extensions, byte status_type, + byte index); +WOLFSSL_LOCAL int TLSX_CSR2_ForceRequest(WOLFSSL* ssl); + +#endif + +/** Supported Elliptic Curves - RFC 4492 (session 4) */ +#ifdef HAVE_SUPPORTED_CURVES + +typedef struct EllipticCurve { + word16 name; /* CurveNames */ + struct EllipticCurve* next; /* List Behavior */ +} EllipticCurve; + +WOLFSSL_LOCAL int TLSX_UseSupportedCurve(TLSX** extensions, word16 name, + void* heap); + +#ifndef NO_WOLFSSL_SERVER +WOLFSSL_LOCAL int TLSX_ValidateEllipticCurves(WOLFSSL* ssl, byte first, + byte second); +#endif + +#endif /* HAVE_SUPPORTED_CURVES */ + +/** Renegotiation Indication - RFC 5746 */ +#if defined(HAVE_SECURE_RENEGOTIATION) \ + || defined(HAVE_SERVER_RENEGOTIATION_INFO) + +enum key_cache_state { + SCR_CACHE_NULL = 0, /* empty / begin state */ + SCR_CACHE_NEEDED, /* need to cache keys */ + SCR_CACHE_COPY, /* we have a cached copy */ + SCR_CACHE_PARTIAL, /* partial restore to real keys */ + SCR_CACHE_COMPLETE /* complete restore to real keys */ +}; + +/* Additional Connection State according to rfc5746 section 3.1 */ +typedef struct SecureRenegotiation { + byte enabled; /* secure_renegotiation flag in rfc */ + byte startScr; /* server requested client to start scr */ + enum key_cache_state cache_status; /* track key cache state */ + byte client_verify_data[TLS_FINISHED_SZ]; /* cached */ + byte server_verify_data[TLS_FINISHED_SZ]; /* cached */ + byte subject_hash[SHA_DIGEST_SIZE]; /* peer cert hash */ + Keys tmp_keys; /* can't overwrite real keys yet */ +} SecureRenegotiation; + +WOLFSSL_LOCAL int TLSX_UseSecureRenegotiation(TLSX** extensions, void* heap); + +#ifdef HAVE_SERVER_RENEGOTIATION_INFO +WOLFSSL_LOCAL int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions, void* heap); +#endif + +#endif /* HAVE_SECURE_RENEGOTIATION */ + +/** Session Ticket - RFC 5077 (session 3.2) */ +#ifdef HAVE_SESSION_TICKET + +typedef struct SessionTicket { + word32 lifetime; + byte* data; + word16 size; +} SessionTicket; + +WOLFSSL_LOCAL int TLSX_UseSessionTicket(TLSX** extensions, + SessionTicket* ticket, void* heap); +WOLFSSL_LOCAL SessionTicket* TLSX_SessionTicket_Create(word32 lifetime, + byte* data, word16 size, void* heap); +WOLFSSL_LOCAL void TLSX_SessionTicket_Free(SessionTicket* ticket, void* heap); + +#endif /* HAVE_SESSION_TICKET */ + +/** Quantum-Safe-Hybrid - draft-whyte-qsh-tls12-00 */ +#ifdef HAVE_QSH + +typedef struct QSHScheme { + struct QSHScheme* next; /* List Behavior */ + byte* PK; + word16 name; /* QSHScheme Names */ + word16 PKLen; +} QSHScheme; + +typedef struct QSHkey { + struct QSHKey* next; + word16 name; + buffer pub; + buffer pri; +} QSHKey; + +typedef struct QSHSecret { + QSHScheme* list; + buffer* SerSi; + buffer* CliSi; +} QSHSecret; + +/* used in key exchange during handshake */ +WOLFSSL_LOCAL int TLSX_QSHCipher_Parse(WOLFSSL* ssl, const byte* input, + word16 length, byte isServer); +WOLFSSL_LOCAL word16 TLSX_QSHPK_Write(QSHScheme* list, byte* output); +WOLFSSL_LOCAL word16 TLSX_QSH_GetSize(QSHScheme* list, byte isRequest); + +/* used by api for setting a specific QSH scheme */ +WOLFSSL_LOCAL int TLSX_UseQSHScheme(TLSX** extensions, word16 name, + byte* pKey, word16 pKeySz, void* heap); + +/* used when parsing in QSHCipher structs */ +WOLFSSL_LOCAL int QSH_Decrypt(QSHKey* key, byte* in, word32 szIn, + byte* out, word16* szOut); +#ifndef NO_WOLFSSL_SERVER +WOLFSSL_LOCAL int TLSX_ValidateQSHScheme(TLSX** extensions, word16 name); +#endif + +#endif /* HAVE_QSH */ + + +/* wolfSSL context type */ +struct WOLFSSL_CTX { + WOLFSSL_METHOD* method; +#ifdef SINGLE_THREADED + WC_RNG* rng; /* to be shared with WOLFSSL w/o locking */ +#endif + wolfSSL_Mutex countMutex; /* reference count mutex */ + int refCount; /* reference count */ + int err; /* error code in case of mutex not created */ +#ifndef NO_DH + buffer serverDH_P; + buffer serverDH_G; +#endif +#ifndef NO_CERTS + DerBuffer* certificate; + DerBuffer* certChain; + /* chain after self, in DER, with leading size for each cert */ + DerBuffer* privateKey; + WOLFSSL_CERT_MANAGER* cm; /* our cert manager, ctx owns SSL will use */ +#endif +#ifdef KEEP_OUR_CERT + WOLFSSL_X509* ourCert; /* keep alive a X509 struct of cert */ +#endif + Suites* suites; /* make dynamic, user may not need/set */ + void* heap; /* for user memory overrides */ + byte verifyPeer; + byte verifyNone; + byte failNoCert; + byte failNoCertxPSK; /* fail if no cert with the exception of PSK*/ + byte sessionCacheOff; + byte sessionCacheFlushOff; + byte sendVerify; /* for client side */ + byte haveRSA; /* RSA available */ + byte haveECC; /* ECC available */ + byte haveDH; /* server DH parms set by user */ + byte haveNTRU; /* server private NTRU key loaded */ + byte haveECDSAsig; /* server cert signed w/ ECDSA */ + byte haveStaticECC; /* static server ECC private key */ + byte partialWrite; /* only one msg per write call */ + byte quietShutdown; /* don't send close notify */ + byte groupMessages; /* group handshake messages before sending */ + byte minDowngrade; /* minimum downgrade version */ + byte haveEMS; /* have extended master secret extension */ +#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS) + byte dtlsSctp; /* DTLS-over-SCTP mode */ + word16 dtlsMtuSz; /* DTLS MTU size */ +#endif +#ifndef NO_DH + word16 minDhKeySz; /* minimum DH key size */ +#endif +#ifndef NO_RSA + short minRsaKeySz; /* minimum RSA key size */ +#endif +#ifdef HAVE_ECC + short minEccKeySz; /* minimum ECC key size */ +#endif + CallbackIORecv CBIORecv; + CallbackIOSend CBIOSend; +#ifdef WOLFSSL_DTLS + CallbackGenCookie CBIOCookie; /* gen cookie callback */ + wc_dtls_export dtls_export; /* export function for DTLS session */ +#ifdef WOLFSSL_SESSION_EXPORT + CallbackGetPeer CBGetPeer; + CallbackSetPeer CBSetPeer; +#endif +#endif /* WOLFSSL_DTLS */ + VerifyCallback verifyCallback; /* cert verification callback */ + word32 timeout; /* session timeout */ +#ifdef HAVE_ECC + word16 eccTempKeySz; /* in octets 20 - 66 */ + word32 pkCurveOID; /* curve Ecc_Sum */ +#endif +#ifndef NO_PSK + byte havePSK; /* psk key set by user */ + wc_psk_client_callback client_psk_cb; /* client callback */ + wc_psk_server_callback server_psk_cb; /* server callback */ + char server_hint[MAX_PSK_ID_LEN]; +#endif /* NO_PSK */ +#ifdef HAVE_ANON + byte haveAnon; /* User wants to allow Anon suites */ +#endif /* HAVE_ANON */ +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + pem_password_cb passwd_cb; + void* userdata; +#endif /* OPENSSL_EXTRA */ +#ifdef HAVE_STUNNEL + void* ex_data[MAX_EX_DATA]; + CallbackSniRecv sniRecvCb; + void* sniRecvCbArg; +#endif +#ifdef HAVE_OCSP + WOLFSSL_OCSP ocsp; +#endif + int devId; /* async device id to use */ +#ifdef HAVE_TLS_EXTENSIONS + TLSX* extensions; /* RFC 6066 TLS Extensions data */ + #ifndef NO_WOLFSSL_SERVER + #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ + || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) + OcspRequest* certOcspRequest; + #endif + #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) + OcspRequest* chainOcspRequest[MAX_CHAIN_DEPTH]; + #endif + #endif + #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) + SessionTicketEncCb ticketEncCb; /* enc/dec session ticket Cb */ + void* ticketEncCtx; /* session encrypt context */ + int ticketHint; /* ticket hint in seconds */ + #endif +#endif +#ifdef ATOMIC_USER + CallbackMacEncrypt MacEncryptCb; /* Atomic User Mac/Encrypt Cb */ + CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */ +#endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + CallbackEccSign EccSignCb; /* User EccSign Callback handler */ + CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */ + CallbackEccSharedSecret EccSharedSecretCb; /* User EccVerify Callback handler */ + #endif /* HAVE_ECC */ + #ifndef NO_RSA + CallbackRsaSign RsaSignCb; /* User RsaSign Callback handler */ + CallbackRsaVerify RsaVerifyCb; /* User RsaVerify Callback handler */ + CallbackRsaEnc RsaEncCb; /* User Rsa Public Encrypt handler */ + CallbackRsaDec RsaDecCb; /* User Rsa Private Decrypt handler */ + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ +#ifdef HAVE_WOLF_EVENT + WOLF_EVENT_QUEUE event_queue; +#endif /* HAVE_WOLF_EVENT */ +}; + + +WOLFSSL_LOCAL +WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap); +WOLFSSL_LOCAL +int InitSSL_Ctx(WOLFSSL_CTX*, WOLFSSL_METHOD*, void* heap); +WOLFSSL_LOCAL +void FreeSSL_Ctx(WOLFSSL_CTX*); +WOLFSSL_LOCAL +void SSL_CtxResourceFree(WOLFSSL_CTX*); + +WOLFSSL_LOCAL +int DeriveTlsKeys(WOLFSSL* ssl); +WOLFSSL_LOCAL +int ProcessOldClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, + word32 inSz, word16 sz); +#ifndef NO_CERTS + WOLFSSL_LOCAL + int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify); + WOLFSSL_LOCAL + int AlreadySigner(WOLFSSL_CERT_MANAGER* cm, byte* hash); +#ifdef WOLFSSL_TRUST_PEER_CERT + WOLFSSL_LOCAL + int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify); + WOLFSSL_LOCAL + int AlreadyTrustedPeer(WOLFSSL_CERT_MANAGER* cm, byte* hash); +#endif +#endif + +/* All cipher suite related info + * Keep as a constant size (no ifdefs) for session export */ +typedef struct CipherSpecs { + word16 key_size; + word16 iv_size; + word16 block_size; + word16 aead_mac_size; + byte bulk_cipher_algorithm; + byte cipher_type; /* block, stream, or aead */ + byte mac_algorithm; + byte kea; /* key exchange algo */ + byte sig_algo; + byte hash_size; + byte pad_size; + byte static_ecdh; +} CipherSpecs; + + +void InitCipherSpecs(CipherSpecs* cs); + + +/* Supported Message Authentication Codes from page 43 */ +enum MACAlgorithm { + no_mac, + md5_mac, + sha_mac, + sha224_mac, + sha256_mac, /* needs to match external KDF_MacAlgorithm */ + sha384_mac, + sha512_mac, + rmd_mac, + blake2b_mac +}; + + +/* Supported Key Exchange Protocols */ +enum KeyExchangeAlgorithm { + no_kea, + rsa_kea, + diffie_hellman_kea, + fortezza_kea, + psk_kea, + dhe_psk_kea, + ecdhe_psk_kea, + ntru_kea, + ecc_diffie_hellman_kea, + ecc_static_diffie_hellman_kea /* for verify suite only */ +}; + + +/* Supported Authentication Schemes */ +enum SignatureAlgorithm { + anonymous_sa_algo, + rsa_sa_algo, + dsa_sa_algo, + ecc_dsa_sa_algo +}; + + +/* Supprted ECC Curve Types */ +enum EccCurves { + named_curve = 3 +}; + + +/* Valid client certificate request types from page 27 */ +enum ClientCertificateType { + rsa_sign = 1, + dss_sign = 2, + rsa_fixed_dh = 3, + dss_fixed_dh = 4, + rsa_ephemeral_dh = 5, + dss_ephemeral_dh = 6, + fortezza_kea_cert = 20, + ecdsa_sign = 64, + rsa_fixed_ecdh = 65, + ecdsa_fixed_ecdh = 66 +}; + + +enum CipherType { stream, block, aead }; + + + + + + +/* cipher for now */ +typedef struct Ciphers { +#ifdef BUILD_ARC4 + Arc4* arc4; +#endif +#ifdef BUILD_DES3 + Des3* des3; +#endif +#if defined(BUILD_AES) || defined(BUILD_AESGCM) + Aes* aes; +#endif +#ifdef HAVE_CAMELLIA + Camellia* cam; +#endif +#ifdef HAVE_CHACHA + ChaCha* chacha; +#endif +#ifdef HAVE_HC128 + HC128* hc128; +#endif +#ifdef BUILD_RABBIT + Rabbit* rabbit; +#endif +#ifdef HAVE_IDEA + Idea* idea; +#endif + byte setup; /* have we set it up flag for detection */ +} Ciphers; + + +#ifdef HAVE_ONE_TIME_AUTH +/* Ciphers for one time authentication such as poly1305 */ +typedef struct OneTimeAuth { +#ifdef HAVE_POLY1305 + Poly1305* poly1305; +#endif + byte setup; /* flag for if a cipher has been set */ + +} OneTimeAuth; +#endif + + +WOLFSSL_LOCAL void InitCiphers(WOLFSSL* ssl); +WOLFSSL_LOCAL void FreeCiphers(WOLFSSL* ssl); + + +/* hashes type */ +typedef struct Hashes { + #ifndef NO_OLD_TLS + byte md5[MD5_DIGEST_SIZE]; + #endif + byte sha[SHA_DIGEST_SIZE]; + #ifndef NO_SHA256 + byte sha256[SHA256_DIGEST_SIZE]; + #endif + #ifdef WOLFSSL_SHA384 + byte sha384[SHA384_DIGEST_SIZE]; + #endif + #ifdef WOLFSSL_SHA512 + byte sha512[SHA512_DIGEST_SIZE]; + #endif +} Hashes; + + +/* Static x509 buffer */ +typedef struct x509_buffer { + int length; /* actual size */ + byte buffer[MAX_X509_SIZE]; /* max static cert size */ +} x509_buffer; + + +/* wolfSSL X509_CHAIN, for no dynamic memory SESSION_CACHE */ +struct WOLFSSL_X509_CHAIN { + int count; /* total number in chain */ + x509_buffer certs[MAX_CHAIN_DEPTH]; /* only allow max depth 4 for now */ +}; + + +/* wolfSSL session type */ +struct WOLFSSL_SESSION { + word32 bornOn; /* create time in seconds */ + word32 timeout; /* timeout in seconds */ + byte sessionID[ID_LEN]; /* id for protocol */ + byte sessionIDSz; + byte masterSecret[SECRET_LEN]; /* stored secret */ + word16 haveEMS; /* ext master secret flag */ +#ifdef SESSION_CERTS + WOLFSSL_X509_CHAIN chain; /* peer cert chain, static */ + ProtocolVersion version; /* which version was used */ + byte cipherSuite0; /* first byte, normally 0 */ + byte cipherSuite; /* 2nd byte, actual suite */ +#endif +#ifndef NO_CLIENT_CACHE + word16 idLen; /* serverID length */ + byte serverID[SERVER_ID_LEN]; /* for easier client lookup */ +#endif +#ifdef HAVE_SESSION_TICKET + byte* ticket; + word16 ticketLen; + byte staticTicket[SESSION_TICKET_LEN]; + byte isDynamic; +#endif +#ifdef HAVE_STUNNEL + void* ex_data[MAX_EX_DATA]; +#endif +}; + + +WOLFSSL_LOCAL +WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte); +WOLFSSL_LOCAL +int SetSession(WOLFSSL*, WOLFSSL_SESSION*); + +typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int); + +#ifndef NO_CLIENT_CACHE + WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int); +#endif + +/* client connect state for nonblocking restart */ +enum ConnectState { + CONNECT_BEGIN = 0, + CLIENT_HELLO_SENT, + HELLO_AGAIN, /* HELLO_AGAIN s for DTLS case */ + HELLO_AGAIN_REPLY, + FIRST_REPLY_DONE, + FIRST_REPLY_FIRST, + FIRST_REPLY_SECOND, + FIRST_REPLY_THIRD, + FIRST_REPLY_FOURTH, + FINISHED_DONE, + SECOND_REPLY_DONE +}; + + +/* server accept state for nonblocking restart */ +enum AcceptState { + ACCEPT_BEGIN = 0, + ACCEPT_CLIENT_HELLO_DONE, + ACCEPT_FIRST_REPLY_DONE, + SERVER_HELLO_SENT, + CERT_SENT, + CERT_STATUS_SENT, + KEY_EXCHANGE_SENT, + CERT_REQ_SENT, + SERVER_HELLO_DONE, + ACCEPT_SECOND_REPLY_DONE, + TICKET_SENT, + CHANGE_CIPHER_SENT, + ACCEPT_FINISHED_DONE, + ACCEPT_THIRD_REPLY_DONE +}; + +/* sub-states for send/do key share (key exchange) */ +enum KeyShareState { + KEYSHARE_BEGIN = 0, + KEYSHARE_BUILD, + KEYSHARE_DO, + KEYSHARE_VERIFY, + KEYSHARE_FINALIZE, + KEYSHARE_END +}; + +/* buffers for struct WOLFSSL */ +typedef struct Buffers { + bufferStatic inputBuffer; + bufferStatic outputBuffer; + buffer domainName; /* for client check */ + buffer clearOutputBuffer; + buffer sig; /* signature data */ + buffer digest; /* digest data */ + int prevSent; /* previous plain text bytes sent + when got WANT_WRITE */ + int plainSz; /* plain text bytes in buffer to send + when got WANT_WRITE */ + byte weOwnCert; /* SSL own cert flag */ + byte weOwnCertChain; /* SSL own cert chain flag */ + byte weOwnKey; /* SSL own key flag */ + byte weOwnDH; /* SSL own dh (p,g) flag */ +#ifndef NO_DH + buffer serverDH_P; /* WOLFSSL_CTX owns, unless we own */ + buffer serverDH_G; /* WOLFSSL_CTX owns, unless we own */ + buffer serverDH_Pub; + buffer serverDH_Priv; +#endif +#ifndef NO_CERTS + DerBuffer* certificate; /* WOLFSSL_CTX owns, unless we own */ + DerBuffer* key; /* WOLFSSL_CTX owns, unless we own */ + DerBuffer* certChain; /* WOLFSSL_CTX owns, unless we own */ + /* chain after self, in DER, with leading size for each cert */ +#endif +#ifdef WOLFSSL_DTLS + WOLFSSL_DTLS_CTX dtlsCtx; /* DTLS connection context */ + #ifndef NO_WOLFSSL_SERVER + buffer dtlsCookieSecret; /* DTLS cookie secret */ + #endif /* NO_WOLFSSL_SERVER */ +#endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + buffer peerEccDsaKey; /* we own for Ecc Verify Callbacks */ + #endif /* HAVE_ECC */ + #ifndef NO_RSA + buffer peerRsaKey; /* we own for Rsa Verify Callbacks */ + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ +} Buffers; + +typedef struct Options { +#ifndef NO_PSK + wc_psk_client_callback client_psk_cb; + wc_psk_server_callback server_psk_cb; + word16 havePSK:1; /* psk key set by user */ +#endif /* NO_PSK */ + + /* on/off or small bit flags, optimize layout */ + word16 sendVerify:2; /* false = 0, true = 1, sendBlank = 2 */ + word16 sessionCacheOff:1; + word16 sessionCacheFlushOff:1; + word16 side:1; /* client or server end */ + word16 verifyPeer:1; + word16 verifyNone:1; + word16 failNoCert:1; + word16 failNoCertxPSK:1; /* fail for no cert except with PSK */ + word16 downgrade:1; /* allow downgrade of versions */ + word16 resuming:1; + word16 haveSessionId:1; /* server may not send */ + word16 tls:1; /* using TLS ? */ + word16 tls1_1:1; /* using TLSv1.1+ ? */ + word16 dtls:1; /* using datagrams ? */ + word16 connReset:1; /* has the peer reset */ + word16 isClosed:1; /* if we consider conn closed */ + word16 closeNotify:1; /* we've received a close notify */ + word16 sentNotify:1; /* we've sent a close notify */ + word16 usingCompression:1; /* are we using compression */ + word16 haveRSA:1; /* RSA available */ + word16 haveECC:1; /* ECC available */ + word16 haveDH:1; /* server DH parms set by user */ + word16 haveNTRU:1; /* server NTRU private key loaded */ + word16 haveQSH:1; /* have QSH ability */ + word16 haveECDSAsig:1; /* server ECDSA signed cert */ + word16 haveStaticECC:1; /* static server ECC private key */ + word16 havePeerCert:1; /* do we have peer's cert */ + word16 havePeerVerify:1; /* and peer's cert verify */ + word16 usingPSK_cipher:1; /* are using psk as cipher */ + word16 usingAnon_cipher:1; /* are we using an anon cipher */ + word16 sendAlertState:1; /* nonblocking resume */ + word16 partialWrite:1; /* only one msg per write call */ + word16 quietShutdown:1; /* don't send close notify */ + word16 certOnly:1; /* stop once we get cert */ + word16 groupMessages:1; /* group handshake messages */ + word16 usingNonblock:1; /* are we using nonblocking socket */ + word16 saveArrays:1; /* save array Memory for user get keys + or psk */ + word16 weOwnRng:1; /* will be true unless CTX owns */ +#ifdef HAVE_POLY1305 + word16 oldPoly:1; /* set when to use old rfc way of poly*/ +#endif +#ifdef HAVE_ANON + word16 haveAnon:1; /* User wants to allow Anon suites */ +#endif +#ifdef HAVE_SESSION_TICKET + word16 createTicket:1; /* Server to create new Ticket */ + word16 useTicket:1; /* Use Ticket not session cache */ + word16 rejectTicket:1; /* Callback rejected ticket */ +#endif +#ifdef WOLFSSL_DTLS + word16 dtlsHsRetain:1; /* DTLS retaining HS data */ +#ifdef WOLFSSL_SCTP + word16 dtlsSctp:1; /* DTLS-over-SCTP mode */ +#endif +#endif + word16 haveEMS:1; /* using extended master secret */ + + /* need full byte values for this section */ + byte processReply; /* nonblocking resume */ + byte cipherSuite0; /* first byte, normally 0 */ + byte cipherSuite; /* second byte, actual suite */ + byte serverState; + byte clientState; + byte handShakeState; + byte handShakeDone; /* at least one handshake complete */ + byte minDowngrade; /* minimum downgrade version */ + byte connectState; /* nonblocking resume */ + byte acceptState; /* nonblocking resume */ + byte keyShareState; /* sub-state for key share (key exchange). + See enum KeyShareState. */ +#ifndef NO_DH + word16 minDhKeySz; /* minimum DH key size */ + word16 dhKeySz; /* actual DH key size */ +#endif +#ifndef NO_RSA + short minRsaKeySz; /* minimum RSA key size */ +#endif +#ifdef HAVE_ECC + short minEccKeySz; /* minimum ECC key size */ +#endif + +} Options; + +typedef struct Arrays { + byte* pendingMsg; /* defrag buffer */ + word32 preMasterSz; /* differs for DH, actual size */ + word32 pendingMsgSz; /* defrag buffer size */ + word32 pendingMsgOffset; /* current offset into defrag buffer */ +#ifndef NO_PSK + word32 psk_keySz; /* actual size */ + char client_identity[MAX_PSK_ID_LEN]; + char server_hint[MAX_PSK_ID_LEN]; + byte psk_key[MAX_PSK_KEY_LEN]; +#endif + byte clientRandom[RAN_LEN]; + byte serverRandom[RAN_LEN]; + byte sessionID[ID_LEN]; + byte sessionIDSz; + byte preMasterSecret[ENCRYPT_LEN]; + byte masterSecret[SECRET_LEN]; +#ifdef WOLFSSL_DTLS + byte cookie[MAX_COOKIE_LEN]; + byte cookieSz; +#endif + byte pendingMsgType; /* defrag buffer message type */ +} Arrays; + +#ifndef ASN_NAME_MAX +#define ASN_NAME_MAX 256 +#endif + +#ifndef MAX_DATE_SZ +#define MAX_DATE_SZ 32 +#endif + +struct WOLFSSL_STACK { + unsigned long num; /* number of nodes in stack + * (saftey measure for freeing and shortcut for count) */ + union { + WOLFSSL_X509* x509; + WOLFSSL_BIO* bio; + } data; + WOLFSSL_STACK* next; +}; + + +struct WOLFSSL_X509_NAME { + char *name; + char staticName[ASN_NAME_MAX]; + int dynamicName; + int sz; +#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) + DecodedName fullName; + WOLFSSL_X509_NAME_ENTRY cnEntry; + WOLFSSL_X509* x509; /* x509 that struct belongs to */ +#endif /* OPENSSL_EXTRA */ +}; + +#ifndef EXTERNAL_SERIAL_SIZE + #define EXTERNAL_SERIAL_SIZE 32 +#endif + +#ifdef NO_ASN + typedef struct DNS_entry DNS_entry; +#endif + +struct WOLFSSL_X509 { + int version; + WOLFSSL_X509_NAME issuer; + WOLFSSL_X509_NAME subject; + int serialSz; + byte serial[EXTERNAL_SERIAL_SIZE]; + char subjectCN[ASN_NAME_MAX]; /* common name short cut */ +#ifdef WOLFSSL_SEP + int deviceTypeSz; + byte deviceType[EXTERNAL_SERIAL_SIZE]; + int hwTypeSz; + byte hwType[EXTERNAL_SERIAL_SIZE]; + int hwSerialNumSz; + byte hwSerialNum[EXTERNAL_SERIAL_SIZE]; + #ifdef OPENSSL_EXTRA + byte certPolicySet; + byte certPolicyCrit; + #endif /* OPENSSL_EXTRA */ +#endif + int notBeforeSz; + byte notBefore[MAX_DATE_SZ]; + int notAfterSz; + byte notAfter[MAX_DATE_SZ]; + int sigOID; + buffer sig; + int pubKeyOID; + buffer pubKey; + #ifdef HAVE_ECC + word32 pkCurveOID; + #endif /* HAVE_ECC */ + #ifndef NO_CERTS + DerBuffer* derCert; /* may need */ + #endif + DNS_entry* altNames; /* alt names list */ + DNS_entry* altNamesNext; /* hint for retrieval */ + void* heap; /* heap hint */ + byte dynamicMemory; /* dynamic memory flag */ + byte isCa; +#ifdef OPENSSL_EXTRA + word32 pathLength; + word16 keyUsage; + byte basicConstSet; + byte basicConstCrit; + byte basicConstPlSet; + byte subjAltNameSet; + byte subjAltNameCrit; + byte authKeyIdSet; + byte authKeyIdCrit; + byte* authKeyId; + word32 authKeyIdSz; + byte subjKeyIdSet; + byte subjKeyIdCrit; + byte* subjKeyId; + word32 subjKeyIdSz; + byte keyUsageSet; + byte keyUsageCrit; +#endif /* OPENSSL_EXTRA */ +}; + + +/* record layer header for PlainText, Compressed, and CipherText */ +typedef struct RecordLayerHeader { + byte type; + byte pvMajor; + byte pvMinor; + byte length[2]; +} RecordLayerHeader; + + +/* record layer header for DTLS PlainText, Compressed, and CipherText */ +typedef struct DtlsRecordLayerHeader { + byte type; + byte pvMajor; + byte pvMinor; + byte sequence_number[8]; /* per record */ + byte length[2]; +} DtlsRecordLayerHeader; + + +typedef struct DtlsFrag { + word32 begin; + word32 end; + struct DtlsFrag* next; +} DtlsFrag; + + +typedef struct DtlsMsg { + struct DtlsMsg* next; + byte* buf; + byte* msg; + DtlsFrag* fragList; + word32 fragSz; /* Length of fragments received */ + word32 seq; /* Handshake sequence number */ + word32 sz; /* Length of whole mesage */ + byte type; +} DtlsMsg; + + +#ifdef HAVE_NETX + + /* NETX I/O Callback default */ + typedef struct NetX_Ctx { + NX_TCP_SOCKET* nxSocket; /* send/recv socket handle */ + NX_PACKET* nxPacket; /* incoming packet handle for short reads */ + ULONG nxOffset; /* offset already read from nxPacket */ + ULONG nxWait; /* wait option flag */ + } NetX_Ctx; + +#endif + + +/* Handshake messages received from peer (plus change cipher */ +typedef struct MsgsReceived { + word16 got_hello_request:1; + word16 got_client_hello:1; + word16 got_server_hello:1; + word16 got_hello_verify_request:1; + word16 got_session_ticket:1; + word16 got_certificate:1; + word16 got_certificate_status:1; + word16 got_server_key_exchange:1; + word16 got_certificate_request:1; + word16 got_server_hello_done:1; + word16 got_certificate_verify:1; + word16 got_client_key_exchange:1; + word16 got_finished:1; + word16 got_change_cipher:1; +} MsgsReceived; + + +/* Handshake hashes */ +typedef struct HS_Hashes { + Hashes verifyHashes; + Hashes certHashes; /* for cert verify */ +#ifndef NO_OLD_TLS +#ifndef NO_SHA + Sha hashSha; /* sha hash of handshake msgs */ +#endif +#ifndef NO_MD5 + Md5 hashMd5; /* md5 hash of handshake msgs */ +#endif +#endif /* NO_OLD_TLS */ +#ifndef NO_SHA256 + Sha256 hashSha256; /* sha256 hash of handshake msgs */ +#endif +#ifdef WOLFSSL_SHA384 + Sha384 hashSha384; /* sha384 hash of handshake msgs */ +#endif +#ifdef WOLFSSL_SHA512 + Sha512 hashSha512; /* sha512 hash of handshake msgs */ +#endif +} HS_Hashes; + + +/* wolfSSL ssl type */ +struct WOLFSSL { + WOLFSSL_CTX* ctx; + Suites* suites; /* only need during handshake */ + Arrays* arrays; + HS_Hashes* hsHashes; + void* IOCB_ReadCtx; + void* IOCB_WriteCtx; + WC_RNG* rng; + void* verifyCbCtx; /* cert verify callback user ctx*/ + VerifyCallback verifyCallback; /* cert verification callback */ + void* heap; /* for user overrides */ +#ifdef WOLFSSL_STATIC_MEMORY + WOLFSSL_HEAP_HINT heap_hint; +#endif +#ifndef NO_HANDSHAKE_DONE_CB + HandShakeDoneCb hsDoneCb; /* notify user handshake done */ + void* hsDoneCtx; /* user handshake cb context */ +#endif +#ifdef WOLFSSL_ASYNC_CRYPT + AsyncCryptSSLState async; + AsyncCryptDev asyncDev; +#endif + void* sigKey; /* RsaKey or ecc_key allocated from heap */ + word32 sigType; /* Type of sigKey */ + word32 sigLen; /* Actual signature length */ + WOLFSSL_CIPHER cipher; + hmacfp hmac; + Ciphers encrypt; + Ciphers decrypt; + Buffers buffers; + WOLFSSL_SESSION session; + WOLFSSL_ALERT_HISTORY alert_history; + int error; + int rfd; /* read file descriptor */ + int wfd; /* write file descriptor */ + int rflags; /* user read flags */ + int wflags; /* user write flags */ + word32 timeout; /* session timeout */ + word32 fragOffset; /* fragment offset */ + word16 curSize; + RecordLayerHeader curRL; + MsgsReceived msgsReceived; /* peer messages received */ + ProtocolVersion version; /* negotiated version */ + ProtocolVersion chVersion; /* client hello version */ + CipherSpecs specs; + Keys keys; + Options options; +#ifdef OPENSSL_EXTRA + WOLFSSL_BIO* biord; /* socket bio read to free/close */ + WOLFSSL_BIO* biowr; /* socket bio write to free/close */ +#endif +#ifndef NO_RSA + RsaKey* peerRsaKey; + byte peerRsaKeyPresent; +#endif +#ifdef HAVE_QSH + QSHKey* QSH_Key; + QSHKey* peerQSHKey; + QSHSecret* QSH_secret; + byte isQSH; /* is the handshake a QSH? */ + byte sendQSHKeys; /* flag for if the client should sen + public keys */ + byte peerQSHKeyPresent; + byte minRequest; + byte maxRequest; + byte user_set_QSHSchemes; +#endif +#ifdef HAVE_NTRU + word16 peerNtruKeyLen; + byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ]; + byte peerNtruKeyPresent; +#endif +#ifdef HAVE_ECC + ecc_key* peerEccKey; /* peer's ECDHE key */ + ecc_key* peerEccDsaKey; /* peer's ECDSA key */ + ecc_key* eccTempKey; /* private ECDHE key */ + word32 pkCurveOID; /* curve Ecc_Sum */ + word16 eccTempKeySz; /* in octets 20 - 66 */ + byte peerEccKeyPresent; + byte peerEccDsaKeyPresent; + byte eccTempKeyPresent; +#endif +#ifdef HAVE_LIBZ + z_stream c_stream; /* compression stream */ + z_stream d_stream; /* decompression stream */ + byte didStreamInit; /* for stream init and end */ +#endif +#ifdef WOLFSSL_DTLS + int dtls_timeout_init; /* starting timeout value */ + int dtls_timeout_max; /* maximum timeout value */ + int dtls_timeout; /* current timeout value, changes */ + word32 dtls_tx_msg_list_sz; + word32 dtls_rx_msg_list_sz; + DtlsMsg* dtls_tx_msg_list; + DtlsMsg* dtls_rx_msg_list; + void* IOCB_CookieCtx; /* gen cookie ctx */ + word32 dtls_expected_rx; + wc_dtls_export dtls_export; /* export function for session */ +#ifdef WOLFSSL_SCTP + word16 dtlsMtuSz; +#endif /* WOLFSSL_SCTP */ +#endif +#ifdef WOLFSSL_CALLBACKS + HandShakeInfo handShakeInfo; /* info saved during handshake */ + TimeoutInfo timeoutInfo; /* info saved during handshake */ + byte hsInfoOn; /* track handshake info */ + byte toInfoOn; /* track timeout info */ +#endif +#ifdef HAVE_FUZZER + CallbackFuzzer fuzzerCb; /* for testing with using fuzzer */ + void* fuzzerCtx; /* user defined pointer */ +#endif +#ifdef KEEP_PEER_CERT + WOLFSSL_X509 peerCert; /* X509 peer cert */ +#endif +#ifdef KEEP_OUR_CERT + WOLFSSL_X509* ourCert; /* keep alive a X509 struct of cert. + points to ctx if not owned (owned + flag found in buffers.weOwnCert) */ +#endif + byte keepCert; /* keep certificate after handshake */ +#if defined(FORTRESS) || defined(HAVE_STUNNEL) + void* ex_data[MAX_EX_DATA]; /* external data, for Fortress */ +#endif + int devId; /* async device id to use */ +#ifdef HAVE_ONE_TIME_AUTH + OneTimeAuth auth; +#endif +#ifdef HAVE_TLS_EXTENSIONS + TLSX* extensions; /* RFC 6066 TLS Extensions data */ + #ifdef HAVE_MAX_FRAGMENT + word16 max_fragment; + #endif + #ifdef HAVE_TRUNCATED_HMAC + byte truncated_hmac; + #endif + #ifdef HAVE_CERTIFICATE_STATUS_REQUEST + byte status_request; + #endif + #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 + byte status_request_v2; + #endif + #if defined(HAVE_SECURE_RENEGOTIATION) \ + || defined(HAVE_SERVER_RENEGOTIATION_INFO) + SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */ + #endif /* user turned on */ + #ifdef HAVE_ALPN + char* alpn_client_list; /* keep the client's list */ + #endif /* of accepted protocols */ + #if !defined(NO_WOLFSSL_CLIENT) && defined(HAVE_SESSION_TICKET) + CallbackSessionTicket session_ticket_cb; + void* session_ticket_ctx; + byte expect_session_ticket; + #endif +#endif /* HAVE_TLS_EXTENSIONS */ +#ifdef HAVE_NETX + NetX_Ctx nxCtx; /* NetX IO Context */ +#endif +#ifdef SESSION_INDEX + int sessionIndex; /* Session's location in the cache. */ +#endif +#ifdef ATOMIC_USER + void* MacEncryptCtx; /* Atomic User Mac/Encrypt Callback Context */ + void* DecryptVerifyCtx; /* Atomic User Decrypt/Verify Callback Context */ +#endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + void* EccSignCtx; /* Ecc Sign Callback Context */ + void* EccVerifyCtx; /* Ecc Verify Callback Context */ + void* EccSharedSecretCtx; /* Ecc Pms Callback Context */ + #endif /* HAVE_ECC */ + #ifndef NO_RSA + void* RsaSignCtx; /* Rsa Sign Callback Context */ + void* RsaVerifyCtx; /* Rsa Verify Callback Context */ + void* RsaEncCtx; /* Rsa Public Encrypt Callback Context */ + void* RsaDecCtx; /* Rsa Private Decrypt Callback Context */ + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ +#ifdef HAVE_SECRET_CALLBACK + SessionSecretCb sessionSecretCb; + void* sessionSecretCtx; +#endif /* HAVE_SECRET_CALLBACK */ +#ifdef WOLFSSL_JNI + void* jObjectRef; /* reference to WolfSSLSession in JNI wrapper */ +#endif /* WOLFSSL_JNI */ +#ifdef HAVE_WOLF_EVENT + WOLF_EVENT event; +#endif /* HAVE_WOLF_EVENT */ +}; + + +WOLFSSL_LOCAL +int SetSSL_CTX(WOLFSSL*, WOLFSSL_CTX*); +WOLFSSL_LOCAL +int InitSSL(WOLFSSL*, WOLFSSL_CTX*); +WOLFSSL_LOCAL +void FreeSSL(WOLFSSL*, void* heap); +WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */ + + +enum { + IV_SZ = 32, /* max iv sz */ + NAME_SZ = 80 /* max one line */ +}; + + +typedef struct EncryptedInfo { + char name[NAME_SZ]; /* encryption name */ + byte iv[IV_SZ]; /* encrypted IV */ + word32 ivSz; /* encrypted IV size */ + long consumed; /* tracks PEM bytes consumed */ + byte set; /* if encryption set */ + WOLFSSL_CTX* ctx; /* CTX owner */ +} EncryptedInfo; + + +#ifndef NO_CERTS + + WOLFSSL_LOCAL int AllocDer(DerBuffer** der, word32 length, int type, void* heap); + WOLFSSL_LOCAL void FreeDer(DerBuffer** der); + + WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type, + DerBuffer** pDer, void* heap, EncryptedInfo* info, + int* eccKey); + + WOLFSSL_LOCAL int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, + long sz, int format, int type, WOLFSSL* ssl, + long* used, int userChain); + WOLFSSL_LOCAL int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format, + int type, WOLFSSL* ssl, int userChain, + WOLFSSL_CRL* crl); +#endif + + +#ifdef WOLFSSL_CALLBACKS + WOLFSSL_LOCAL + void InitHandShakeInfo(HandShakeInfo*, WOLFSSL*); + WOLFSSL_LOCAL + void FinishHandShakeInfo(HandShakeInfo*); + WOLFSSL_LOCAL + void AddPacketName(const char*, HandShakeInfo*); + + WOLFSSL_LOCAL + void InitTimeoutInfo(TimeoutInfo*); + WOLFSSL_LOCAL + void FreeTimeoutInfo(TimeoutInfo*, void*); + WOLFSSL_LOCAL + void AddPacketInfo(const char*, TimeoutInfo*, const byte*, int, void*); + WOLFSSL_LOCAL + void AddLateName(const char*, TimeoutInfo*); + WOLFSSL_LOCAL + void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info); +#endif + + +/* Record Layer Header identifier from page 12 */ +enum ContentType { + no_type = 0, + change_cipher_spec = 20, + alert = 21, + handshake = 22, + application_data = 23 +}; + + +/* handshake header, same for each message type, pgs 20/21 */ +typedef struct HandShakeHeader { + byte type; + word24 length; +} HandShakeHeader; + + +/* DTLS handshake header, same for each message type */ +typedef struct DtlsHandShakeHeader { + byte type; + word24 length; + byte message_seq[2]; /* start at 0, retransmit gets same # */ + word24 fragment_offset; /* bytes in previous fragments */ + word24 fragment_length; /* length of this fragment */ +} DtlsHandShakeHeader; + + +enum HandShakeType { + hello_request = 0, + client_hello = 1, + server_hello = 2, + hello_verify_request = 3, /* DTLS addition */ + session_ticket = 4, + certificate = 11, + server_key_exchange = 12, + certificate_request = 13, + server_hello_done = 14, + certificate_verify = 15, + client_key_exchange = 16, + finished = 20, + certificate_status = 22, + change_cipher_hs = 55, /* simulate unique handshake type for sanity + checks. record layer change_cipher + conflicts with handshake finished */ + no_shake = 255 /* used to initialize the DtlsMsg record */ +}; + + +static const byte client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 }; +static const byte server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 }; + +static const byte tls_client[FINISHED_LABEL_SZ + 1] = "client finished"; +static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished"; + + +/* internal functions */ +WOLFSSL_LOCAL int SendChangeCipher(WOLFSSL*); +WOLFSSL_LOCAL int SendTicket(WOLFSSL*); +WOLFSSL_LOCAL int DoClientTicket(WOLFSSL*, const byte*, word32); +WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int); +WOLFSSL_LOCAL int SendCertificate(WOLFSSL*); +WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*); +WOLFSSL_LOCAL int SendCertificateStatus(WOLFSSL*); +WOLFSSL_LOCAL int SendServerKeyExchange(WOLFSSL*); +WOLFSSL_LOCAL int SendBuffered(WOLFSSL*); +WOLFSSL_LOCAL int ReceiveData(WOLFSSL*, byte*, int, int); +WOLFSSL_LOCAL int SendFinished(WOLFSSL*); +WOLFSSL_LOCAL int SendAlert(WOLFSSL*, int, int); +WOLFSSL_LOCAL int ProcessReply(WOLFSSL*); + +WOLFSSL_LOCAL int SetCipherSpecs(WOLFSSL*); +WOLFSSL_LOCAL int MakeMasterSecret(WOLFSSL*); + +WOLFSSL_LOCAL int AddSession(WOLFSSL*); +WOLFSSL_LOCAL int DeriveKeys(WOLFSSL* ssl); +WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData); + +WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl); +WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl); + +WOLFSSL_LOCAL void FreeHandshakeResources(WOLFSSL* ssl); +WOLFSSL_LOCAL void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree); +WOLFSSL_LOCAL void ShrinkOutputBuffer(WOLFSSL* ssl); + +WOLFSSL_LOCAL int VerifyClientSuite(WOLFSSL* ssl); +#ifndef NO_CERTS + #ifndef NO_RSA + WOLFSSL_LOCAL int VerifyRsaSign(WOLFSSL* ssl, + byte* verifySig, word32 sigSz, + const byte* plain, word32 plainSz, + RsaKey* key); + WOLFSSL_LOCAL int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, + word32* outSz, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx); + WOLFSSL_LOCAL int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, + byte** out, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx); + WOLFSSL_LOCAL int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, + word32* outSz, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx); + WOLFSSL_LOCAL int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, + word32* outSz, RsaKey* key, const byte* keyBuf, word32 keySz, void* ctx); + #endif /* !NO_RSA */ + + #ifdef HAVE_ECC + WOLFSSL_LOCAL int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz, + byte* out, word32* outSz, ecc_key* key, byte* keyBuf, word32 keySz, + void* ctx); + WOLFSSL_LOCAL int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, + const byte* out, word32 outSz, ecc_key* key, byte* keyBuf, word32 keySz, + void* ctx); + WOLFSSL_LOCAL int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key, + ecc_key* pub_key, byte* pubKeyDer, word32* pubKeySz, byte* out, + word32* outlen, int side, void* ctx); + #endif /* HAVE_ECC */ + + #ifdef WOLFSSL_TRUST_PEER_CERT + + /* options for searching hash table for a matching trusted peer cert */ + #define WC_MATCH_SKID 0 + #define WC_MATCH_NAME 1 + + WOLFSSL_LOCAL TrustedPeerCert* GetTrustedPeer(void* vp, byte* hash, + int type); + WOLFSSL_LOCAL int MatchTrustedPeer(TrustedPeerCert* tp, + DecodedCert* cert); + #endif + + WOLFSSL_LOCAL Signer* GetCA(void* cm, byte* hash); + #ifndef NO_SKID + WOLFSSL_LOCAL Signer* GetCAByName(void* cm, byte* hash); + #endif +#endif /* !NO_CERTS */ +WOLFSSL_LOCAL int BuildTlsHandshakeHash(WOLFSSL* ssl, byte* hash, + word32* hashLen); +WOLFSSL_LOCAL int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, + const byte* sender); +WOLFSSL_LOCAL void FreeArrays(WOLFSSL* ssl, int keep); +WOLFSSL_LOCAL int CheckAvailableSize(WOLFSSL *ssl, int size); +WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength); + +#ifndef NO_TLS + WOLFSSL_LOCAL int MakeTlsMasterSecret(WOLFSSL*); + WOLFSSL_LOCAL int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, + word32 sz, int content, int verify); +#endif + +#ifndef NO_WOLFSSL_CLIENT + WOLFSSL_LOCAL int SendClientHello(WOLFSSL*); + WOLFSSL_LOCAL int SendClientKeyExchange(WOLFSSL*); + WOLFSSL_LOCAL int SendCertificateVerify(WOLFSSL*); +#endif /* NO_WOLFSSL_CLIENT */ + +#ifndef NO_WOLFSSL_SERVER + WOLFSSL_LOCAL int SendServerHello(WOLFSSL*); + WOLFSSL_LOCAL int SendServerHelloDone(WOLFSSL*); +#endif /* NO_WOLFSSL_SERVER */ + +#ifdef WOLFSSL_DTLS + WOLFSSL_LOCAL DtlsMsg* DtlsMsgNew(word32, void*); + WOLFSSL_LOCAL void DtlsMsgDelete(DtlsMsg*, void*); + WOLFSSL_LOCAL void DtlsMsgListDelete(DtlsMsg*, void*); + WOLFSSL_LOCAL int DtlsMsgSet(DtlsMsg*, word32, const byte*, byte, + word32, word32, void*); + WOLFSSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32); + WOLFSSL_LOCAL void DtlsMsgStore(WOLFSSL*, word32, const byte*, word32, + byte, word32, word32, void*); + WOLFSSL_LOCAL DtlsMsg* DtlsMsgInsert(DtlsMsg*, DtlsMsg*); + + WOLFSSL_LOCAL int DtlsMsgPoolSave(WOLFSSL*, const byte*, word32); + WOLFSSL_LOCAL int DtlsMsgPoolTimeout(WOLFSSL*); + WOLFSSL_LOCAL int VerifyForDtlsMsgPoolSend(WOLFSSL*, byte, word32); + WOLFSSL_LOCAL void DtlsMsgPoolReset(WOLFSSL*); + WOLFSSL_LOCAL int DtlsMsgPoolSend(WOLFSSL*, int); +#endif /* WOLFSSL_DTLS */ + +#ifndef NO_TLS + + +#endif /* NO_TLS */ + + +WOLFSSL_LOCAL word32 LowResTimer(void); + +#ifndef NO_CERTS + WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int); + WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap); + WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int, void* heap); + WOLFSSL_LOCAL void FreeX509(WOLFSSL_X509*); + WOLFSSL_LOCAL int CopyDecodedToX509(WOLFSSL_X509*, DecodedCert*); +#endif + +/* used by ssl.c and wolfssl_int.c */ +WOLFSSL_LOCAL void c32to24(word32 in, word24 out); + +WOLFSSL_LOCAL const char* const* GetCipherNames(void); +WOLFSSL_LOCAL int GetCipherNamesSize(void); +WOLFSSL_LOCAL const char* GetCipherNameInternal(const char* cipherName, int cipherSuite); +WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl); +WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_from_suite( + const unsigned char cipherSuite, const unsigned char cipherSuite0); + +enum encrypt_side { + ENCRYPT_SIDE_ONLY = 1, + DECRYPT_SIDE_ONLY, + ENCRYPT_AND_DECRYPT_SIDE +}; + +WOLFSSL_LOCAL int SetKeysSide(WOLFSSL*, enum encrypt_side); + + +#ifndef NO_DH + WOLFSSL_LOCAL int DhGenKeyPair(WOLFSSL* ssl, + byte* p, word32 pSz, + byte* g, word32 gSz, + byte* priv, word32* privSz, + byte* pub, word32* pubSz); + WOLFSSL_LOCAL int DhAgree(WOLFSSL* ssl, + byte* p, word32 pSz, + byte* g, word32 gSz, + byte* priv, word32* privSz, + byte* pub, word32* pubSz, + const byte* otherPub, word32 otherPubSz, + byte* agree, word32* agreeSz); +#endif + +#ifdef HAVE_ECC + WOLFSSL_LOCAL int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer); +#endif + +WOLFSSL_LOCAL int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, + const byte* input, int inSz, int type, int hashOutput, + int sizeOnly); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* wolfSSL_INT_H */ diff --git a/ccc/dist/lib/include/wolfssl/ocsp.h b/ccc/dist/lib/include/wolfssl/ocsp.h new file mode 100644 index 0000000..5331245 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/ocsp.h @@ -0,0 +1,56 @@ +/* ocsp.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +/* wolfSSL OCSP API */ + +#ifndef WOLFSSL_OCSP_H +#define WOLFSSL_OCSP_H + +#ifdef HAVE_OCSP + +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + +typedef struct WOLFSSL_OCSP WOLFSSL_OCSP; + +WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP*, WOLFSSL_CERT_MANAGER*); +WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP*, int dynamic); + +WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*, + WOLFSSL_BUFFER_INFO* responseBuffer); +WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp, + OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* HAVE_OCSP */ +#endif /* WOLFSSL_OCSP_H */ + + diff --git a/ccc/dist/lib/include/wolfssl/sniffer.h b/ccc/dist/lib/include/wolfssl/sniffer.h new file mode 100644 index 0000000..9773f79 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/sniffer.h @@ -0,0 +1,101 @@ +/* sniffer.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLFSSL_SNIFFER_H +#define WOLFSSL_SNIFFER_H + +#include + +#ifdef _WIN32 + #ifdef SSL_SNIFFER_EXPORTS + #define SSL_SNIFFER_API __declspec(dllexport) + #else + #define SSL_SNIFFER_API __declspec(dllimport) + #endif +#else + #define SSL_SNIFFER_API +#endif /* _WIN32 */ + + +#ifdef __cplusplus + extern "C" { +#endif + +/* @param typeK: (formerly keyType) was shadowing a global declaration in + * wolfssl/wolfcrypt/asn.h line 175 + */ +WOLFSSL_API +SSL_SNIFFER_API int ssl_SetPrivateKey(const char* address, int port, + const char* keyFile, int typeK, + const char* password, char* error); + +WOLFSSL_API +SSL_SNIFFER_API int ssl_SetNamedPrivateKey(const char* name, + const char* address, int port, + const char* keyFile, int typeK, + const char* password, char* error); + +WOLFSSL_API +SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length, + unsigned char** data, char* error); + +WOLFSSL_API +SSL_SNIFFER_API int ssl_FreeDecodeBuffer(unsigned char** data, char* error); + +WOLFSSL_API +SSL_SNIFFER_API int ssl_FreeZeroDecodeBuffer(unsigned char** data, int sz, + char* error); + +WOLFSSL_API +SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error); + +WOLFSSL_API +SSL_SNIFFER_API int ssl_EnableRecovery(int onOff, int maxMemory, char* error); + +WOLFSSL_API +SSL_SNIFFER_API int ssl_GetSessionStats(unsigned int* active, + unsigned int* total, + unsigned int* peak, + unsigned int* maxSessions, + unsigned int* missedData, + unsigned int* reassemblyMemory, + char* error); + +WOLFSSL_API void ssl_InitSniffer(void); + +WOLFSSL_API void ssl_FreeSniffer(void); + + +/* ssl_SetPrivateKey typeKs */ +enum { + FILETYPE_PEM = 1, + FILETYPE_DER = 2, +}; + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* wolfSSL_SNIFFER_H */ + diff --git a/ccc/dist/lib/include/wolfssl/sniffer_error.h b/ccc/dist/lib/include/wolfssl/sniffer_error.h new file mode 100644 index 0000000..0c04ba8 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/sniffer_error.h @@ -0,0 +1,125 @@ +/* sniffer_error.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLFSSL_SNIFFER_ERROR_H +#define WOLFSSL_SNIFFER_ERROR_H + +/* need to have errors as #defines since .rc files can't handle enums */ +/* need to start at 1 and go in order for same reason */ + +#define MEMORY_STR 1 +#define NEW_SERVER_STR 2 +#define IP_CHECK_STR 3 +#define SERVER_NOT_REG_STR 4 +#define TCP_CHECK_STR 5 +#define SERVER_PORT_NOT_REG_STR 6 +#define RSA_DECRYPT_STR 7 +#define RSA_DECODE_STR 8 +#define BAD_CIPHER_SPEC_STR 9 +#define SERVER_HELLO_INPUT_STR 10 + +#define BAD_SESSION_RESUME_STR 11 +#define SERVER_DID_RESUMPTION_STR 12 +#define CLIENT_HELLO_INPUT_STR 13 +#define CLIENT_RESUME_TRY_STR 14 +#define HANDSHAKE_INPUT_STR 15 +#define GOT_HELLO_VERIFY_STR 16 +#define GOT_SERVER_HELLO_STR 17 +#define GOT_CERT_REQ_STR 18 +#define GOT_SERVER_KEY_EX_STR 19 +#define GOT_CERT_STR 20 + +#define GOT_SERVER_HELLO_DONE_STR 21 +#define GOT_FINISHED_STR 22 +#define GOT_CLIENT_HELLO_STR 23 +#define GOT_CLIENT_KEY_EX_STR 24 +#define GOT_CERT_VER_STR 25 +#define GOT_UNKNOWN_HANDSHAKE_STR 26 +#define NEW_SESSION_STR 27 +#define BAD_NEW_SSL_STR 28 +#define GOT_PACKET_STR 29 +#define NO_DATA_STR 30 + +#define BAD_SESSION_STR 31 +#define GOT_OLD_CLIENT_HELLO_STR 32 +#define OLD_CLIENT_INPUT_STR 33 +#define OLD_CLIENT_OK_STR 34 +#define BAD_OLD_CLIENT_STR 35 +#define BAD_RECORD_HDR_STR 36 +#define RECORD_INPUT_STR 37 +#define GOT_HANDSHAKE_STR 38 +#define BAD_HANDSHAKE_STR 39 +#define GOT_CHANGE_CIPHER_STR 40 + +#define GOT_APP_DATA_STR 41 +#define BAD_APP_DATA_STR 42 +#define GOT_ALERT_STR 43 +#define ANOTHER_MSG_STR 44 +#define REMOVE_SESSION_STR 45 +#define KEY_FILE_STR 46 +#define BAD_IPVER_STR 47 +#define BAD_PROTO_STR 48 +#define PACKET_HDR_SHORT_STR 49 +#define GOT_UNKNOWN_RECORD_STR 50 + +#define BAD_TRACE_FILE_STR 51 +#define FATAL_ERROR_STR 52 +#define PARTIAL_INPUT_STR 53 +#define BUFFER_ERROR_STR 54 +#define PARTIAL_ADD_STR 55 +#define DUPLICATE_STR 56 +#define OUT_OF_ORDER_STR 57 +#define OVERLAP_DUPLICATE_STR 58 +#define OVERLAP_REASSEMBLY_BEGIN_STR 59 +#define OVERLAP_REASSEMBLY_END_STR 60 + +#define MISSED_CLIENT_HELLO_STR 61 +#define GOT_HELLO_REQUEST_STR 62 +#define GOT_SESSION_TICKET_STR 63 +#define BAD_INPUT_STR 64 +#define BAD_DECRYPT_TYPE 65 +#define BAD_FINISHED_MSG 66 +#define BAD_COMPRESSION_STR 67 +#define BAD_DERIVE_STR 68 +#define ACK_MISSED_STR 69 +#define BAD_DECRYPT 70 + +#define DECRYPT_KEYS_NOT_SETUP 71 +#define CLIENT_HELLO_LATE_KEY_STR 72 +#define GOT_CERT_STATUS_STR 73 +#define RSA_KEY_MISSING_STR 74 +#define NO_SECURE_RENEGOTIATION 75 + +#define BAD_SESSION_STATS 76 +#define REASSEMBLY_MAX_STR 77 +#define DROPPING_LOST_FRAG_STR 78 +#define DROPPING_PARTIAL_RECORD 79 +#define CLEAR_ACK_FAULT 80 + +#define BAD_DECRYPT_SIZE 81 +#define EXTENDED_MASTER_HASH_STR 82 +/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */ + + +#endif /* wolfSSL_SNIFFER_ERROR_H */ + diff --git a/ccc/dist/lib/include/wolfssl/sniffer_error.rc b/ccc/dist/lib/include/wolfssl/sniffer_error.rc new file mode 100644 index 0000000..947be61 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/sniffer_error.rc @@ -0,0 +1,103 @@ + +STRINGTABLE +{ + 1, "Out of Memory" + 2, "New SSL Sniffer Server Registered" + 3, "Checking IP Header" + 4, "SSL Sniffer Server Not Registered" + 5, "Checking TCP Header" + + 6, "SSL Sniffer Server Port Not Registered" + 7, "RSA Private Decrypt Error" + 8, "RSA Private Decode Error" + 9, "Set Cipher Spec Error" + 10, "Server Hello Input Malformed" + + 11, "Couldn't Resume Session Error" + 12, "Server Did Resumption" + 13, "Client Hello Input Malformed" + 14, "Client Trying to Resume" + 15, "Handshake Input Malformed" + + 16, "Got Hello Verify msg" + 17, "Got Server Hello msg" + 18, "Got Cert Request msg" + 19, "Got Server Key Exchange msg" + 20, "Got Cert msg" + + 21, "Got Server Hello Done msg" + 22, "Got Finished msg" + 23, "Got Client Hello msg" + 24, "Got Client Key Exchange msg" + 25, "Got Cert Verify msg" + + 26, "Got Unknown Handshake msg" + 27, "New SSL Sniffer Session created" + 28, "Couldn't create new SSL" + 29, "Got a Packet to decode" + 30, "No data present" + + 31, "Session Not Found" + 32, "Got an Old Client Hello msg" + 33, "Old Client Hello Input Malformed" + 34, "Old Client Hello OK" + 35, "Bad Old Client Hello" + + 36, "Bad Record Header" + 37, "Record Header Input Malformed" + 38, "Got a HandShake msg" + 39, "Bad HandShake msg" + 40, "Got a Change Cipher Spec msg" + + 41, "Got Application Data msg" + 42, "Bad Application Data" + 43, "Got an Alert msg" + 44, "Another msg to Process" + 45, "Removing Session From Table" + + 46, "Bad Key File" + 47, "Wrong IP Version" + 48, "Wrong Protocol type" + 49, "Packet Short for header processing" + 50, "Got Unknown Record Type" + + 51, "Can't Open Trace File" + 52, "Session in Fatal Error State" + 53, "Partial SSL record received" + 54, "Buffer Error, malformed input" + 55, "Added to Partial Input" + + 56, "Received a Duplicate Packet" + 57, "Received an Out of Order Packet" + 58, "Received an Overlap Duplicate Packet" + 59, "Received an Overlap Reassembly Begin Duplicate Packet" + 60, "Received an Overlap Reassembly End Duplicate Packet" + + 61, "Missed the Client Hello Entirely" + 62, "Got Hello Request msg" + 63, "Got Session Ticket msg" + 64, "Bad Input" + 65, "Bad Decrypt Type" + + 66, "Bad Finished Message Processing" + 67, "Bad Compression Type" + 68, "Bad DeriveKeys Error" + 69, "Saw ACK for Missing Packet Error" + 70, "Bad Decrypt Operation" + + 71, "Decrypt Keys Not Set Up" + 72, "Late Key Load Error" + 73, "Got Certificate Status msg" + 74, "RSA Key Missing Error" + 75, "Secure Renegotiation Not Supported" + + 76, "Get Session Stats Failure" + 77, "Reassembly Buffer Size Exceeded" + 78, "Dropping Lost Fragment" + 79, "Dropping Partial Record" + 80, "Clear ACK Fault" + + 81, "Bad Decrypt Size" + 82, "Extended Master Secret Hash Error" +} + diff --git a/ccc/dist/lib/include/wolfssl/ssl.h b/ccc/dist/lib/include/wolfssl/ssl.h new file mode 100644 index 0000000..24fee4e --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/ssl.h @@ -0,0 +1,1997 @@ +/* ssl.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +/* wolfSSL API */ + +#ifndef WOLFSSL_SSL_H +#define WOLFSSL_SSL_H + + +/* for users not using preprocessor flags*/ +#include +#include + +#ifdef HAVE_WOLF_EVENT + #include +#endif + +#ifndef NO_FILESYSTEM + #if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + #if MQX_USE_IO_OLD + #include + #else + #include + #endif + #endif +#endif + +#ifdef WOLFSSL_PREFIX + #include "prefix_ssl.h" +#endif + +#ifdef LIBWOLFSSL_VERSION_STRING + #define WOLFSSL_VERSION LIBWOLFSSL_VERSION_STRING +#endif + +#ifdef _WIN32 + /* wincrypt.h clashes */ + #undef OCSP_REQUEST + #undef OCSP_RESPONSE +#endif + + + +#ifdef __cplusplus + extern "C" { +#endif + +typedef struct WOLFSSL WOLFSSL; +typedef struct WOLFSSL_SESSION WOLFSSL_SESSION; +typedef struct WOLFSSL_METHOD WOLFSSL_METHOD; +typedef struct WOLFSSL_CTX WOLFSSL_CTX; + +typedef struct WOLFSSL_STACK WOLFSSL_STACK; +typedef struct WOLFSSL_X509 WOLFSSL_X509; +typedef struct WOLFSSL_X509_NAME WOLFSSL_X509_NAME; +typedef struct WOLFSSL_X509_NAME_ENTRY WOLFSSL_X509_NAME_ENTRY; +typedef struct WOLFSSL_X509_CHAIN WOLFSSL_X509_CHAIN; + +typedef struct WOLFSSL_CERT_MANAGER WOLFSSL_CERT_MANAGER; +typedef struct WOLFSSL_SOCKADDR WOLFSSL_SOCKADDR; + +/* redeclare guard */ +#define WOLFSSL_TYPES_DEFINED + + +#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */ +typedef struct WOLFSSL_RSA WOLFSSL_RSA; +#define WOLFSSL_RSA_TYPE_DEFINED +#endif + +#ifndef WC_RNG_TYPE_DEFINED /* guard on redeclaration */ + typedef struct WC_RNG WC_RNG; + #define WC_RNG_TYPE_DEFINED +#endif + +typedef struct WOLFSSL_DSA WOLFSSL_DSA; +typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY; +typedef struct WOLFSSL_EC_POINT WOLFSSL_EC_POINT; +typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_GROUP; +typedef struct WOLFSSL_ECDSA_SIG WOLFSSL_ECDSA_SIG; +typedef struct WOLFSSL_CIPHER WOLFSSL_CIPHER; +typedef struct WOLFSSL_X509_LOOKUP WOLFSSL_X509_LOOKUP; +typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD; +typedef struct WOLFSSL_X509_CRL WOLFSSL_X509_CRL; +typedef struct WOLFSSL_BIO WOLFSSL_BIO; +typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD; +typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION; +typedef struct WOLFSSL_ASN1_TIME WOLFSSL_ASN1_TIME; +typedef struct WOLFSSL_ASN1_INTEGER WOLFSSL_ASN1_INTEGER; +typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT; + +typedef struct WOLFSSL_ASN1_STRING WOLFSSL_ASN1_STRING; +typedef struct WOLFSSL_dynlock_value WOLFSSL_dynlock_value; +typedef struct WOLFSSL_DH WOLFSSL_DH; +typedef struct WOLFSSL_ASN1_BIT_STRING WOLFSSL_ASN1_BIT_STRING; + +#define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME + +typedef struct WOLFSSL_EVP_PKEY { + int type; /* openssh dereference */ + int save_type; /* openssh dereference */ + int pkey_sz; + union { + char* ptr; + } pkey; + #ifdef HAVE_ECC + int pkey_curve; + #endif +} WOLFSSL_EVP_PKEY; + +typedef struct WOLFSSL_MD4_CTX { + int buffer[32]; /* big enough to hold, check size in Init */ +} WOLFSSL_MD4_CTX; + + +typedef struct WOLFSSL_COMP_METHOD { + int type; /* stunnel dereference */ +} WOLFSSL_COMP_METHOD; + + +typedef struct WOLFSSL_X509_STORE { + int cache; /* stunnel dereference */ + WOLFSSL_CERT_MANAGER* cm; +} WOLFSSL_X509_STORE; + +typedef struct WOLFSSL_ALERT { + int code; + int level; +} WOLFSSL_ALERT; + +typedef struct WOLFSSL_ALERT_HISTORY { + WOLFSSL_ALERT last_rx; + WOLFSSL_ALERT last_tx; +} WOLFSSL_ALERT_HISTORY; + +typedef struct WOLFSSL_X509_REVOKED { + WOLFSSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */ +} WOLFSSL_X509_REVOKED; + + +typedef struct WOLFSSL_X509_OBJECT { + union { + char* ptr; + WOLFSSL_X509 *x509; + WOLFSSL_X509_CRL* crl; /* stunnel dereference */ + } data; +} WOLFSSL_X509_OBJECT; + +typedef struct WOLFSSL_BUFFER_INFO { + unsigned char* buffer; + unsigned int length; +} WOLFSSL_BUFFER_INFO; + +typedef struct WOLFSSL_X509_STORE_CTX { + WOLFSSL_X509_STORE* store; /* Store full of a CA cert chain */ + WOLFSSL_X509* current_cert; /* stunnel dereference */ + char* domain; /* subject CN domain name */ + void* ex_data; /* external data, for fortress build */ + void* userCtx; /* user ctx */ + int error; /* current error */ + int error_depth; /* cert depth for this error */ + int discardSessionCerts; /* so verify callback can flag for discard */ + int totalCerts; /* number of peer cert buffers */ + WOLFSSL_BUFFER_INFO* certs; /* peer certs */ +} WOLFSSL_X509_STORE_CTX; + + +/* Valid Alert types from page 16/17 */ +enum AlertDescription { + close_notify = 0, + unexpected_message = 10, + bad_record_mac = 20, + record_overflow = 22, + decompression_failure = 30, + handshake_failure = 40, + no_certificate = 41, + bad_certificate = 42, + unsupported_certificate = 43, + certificate_revoked = 44, + certificate_expired = 45, + certificate_unknown = 46, + illegal_parameter = 47, + decode_error = 50, + decrypt_error = 51, + #ifdef WOLFSSL_MYSQL_COMPATIBLE + /* catch name conflict for enum protocol with MYSQL build */ + wc_protocol_version = 70, + #else + protocol_version = 70, + #endif + no_renegotiation = 100, + unrecognized_name = 112, /**< RFC 6066, section 3 */ + bad_certificate_status_response = 113, /**< RFC 6066, section 8 */ + no_application_protocol = 120 +}; + + +enum AlertLevel { + alert_warning = 1, + alert_fatal = 2 +}; + + +typedef WOLFSSL_METHOD* (*wolfSSL_method_func)(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method_ex(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method_ex(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method_ex(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method_ex(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method_ex(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method_ex(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method_ex(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method_ex(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method_ex(void* heap); +WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_client_method_ex(void* heap); + +#ifdef WOLFSSL_DTLS + WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method_ex(void* heap); + WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method_ex(void* heap); + WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method_ex(void* heap); + WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method_ex(void* heap); +#endif +WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method(void); +WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method(void); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method(void); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method(void); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method(void); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void); +WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void); + +#ifdef WOLFSSL_DTLS + WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method(void); + WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method(void); + WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method(void); + WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void); +#endif + +#ifdef HAVE_POLY1305 + WOLFSSL_API int wolfSSL_use_old_poly(WOLFSSL*, int); +#endif + +#ifdef WOLFSSL_SESSION_EXPORT +#ifdef WOLFSSL_DTLS +typedef int (*wc_dtls_export)(WOLFSSL* ssl, + unsigned char* exportBuffer, unsigned int sz, void* userCtx); +WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf, + unsigned int sz); +WOLFSSL_API int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx, + wc_dtls_export func); +WOLFSSL_API int wolfSSL_dtls_set_export(WOLFSSL* ssl, wc_dtls_export func); +WOLFSSL_API int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf, + unsigned int* sz); +#endif /* WOLFSSL_DTLS */ +#endif /* WOLFSSL_SESSION_EXPORT */ + +#ifdef WOLFSSL_STATIC_MEMORY +#ifndef WOLFSSL_MEM_GUARD +#define WOLFSSL_MEM_GUARD + typedef struct WOLFSSL_MEM_STATS WOLFSSL_MEM_STATS; + typedef struct WOLFSSL_MEM_CONN_STATS WOLFSSL_MEM_CONN_STATS; +#endif +WOLFSSL_API int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX** ctx, + wolfSSL_method_func method, + unsigned char* buf, unsigned int sz, + int flag, int max); +WOLFSSL_API int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx, + WOLFSSL_MEM_STATS* mem_stats); +WOLFSSL_API int wolfSSL_is_static_memory(WOLFSSL* ssl, + WOLFSSL_MEM_CONN_STATS* mem_stats); +#endif + +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + +WOLFSSL_API int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX*, const char*, int); +WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, const char*, int); +WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*, + const char*); +#ifdef WOLFSSL_TRUST_PEER_CERT +WOLFSSL_API int wolfSSL_CTX_trust_peer_cert(WOLFSSL_CTX*, const char*, int); +#endif +WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *, + const char *file); +WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int); + +WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl); +WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx); +WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, int); +WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*, int); +WOLFSSL_API int wolfSSL_use_certificate_chain_file(WOLFSSL*, const char *file); +WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int); + +#ifdef WOLFSSL_DER_LOAD + WOLFSSL_API int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX*, + const char*, int); +#endif + +#ifdef HAVE_NTRU + WOLFSSL_API int wolfSSL_CTX_use_NTRUPrivateKey_file(WOLFSSL_CTX*, const char*); + /* load NTRU private key blob */ +#endif + +#ifndef WOLFSSL_PEMCERT_TODER_DEFINED + WOLFSSL_API int wolfSSL_PemCertToDer(const char*, unsigned char*, int); + #define WOLFSSL_PEMCERT_TODER_DEFINED +#endif + +#endif /* !NO_FILESYSTEM && !NO_CERTS */ + +WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*); +WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); +WOLFSSL_API int wolfSSL_set_fd (WOLFSSL*, int); +WOLFSSL_API int wolfSSL_set_write_fd (WOLFSSL*, int); +WOLFSSL_API int wolfSSL_set_read_fd (WOLFSSL*, int); +WOLFSSL_API char* wolfSSL_get_cipher_list(int priority); +WOLFSSL_API int wolfSSL_get_ciphers(char*, int); +WOLFSSL_API const char* wolfSSL_get_cipher_name(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_get_fd(const WOLFSSL*); +WOLFSSL_API void wolfSSL_set_using_nonblock(WOLFSSL*, int); +WOLFSSL_API int wolfSSL_get_using_nonblock(WOLFSSL*); +WOLFSSL_API int wolfSSL_connect(WOLFSSL*); /* please see note at top of README + if you get an error from connect */ +WOLFSSL_API int wolfSSL_write(WOLFSSL*, const void*, int); +WOLFSSL_API int wolfSSL_read(WOLFSSL*, void*, int); +WOLFSSL_API int wolfSSL_peek(WOLFSSL*, void*, int); +WOLFSSL_API int wolfSSL_accept(WOLFSSL*); +WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX*); +WOLFSSL_API void wolfSSL_free(WOLFSSL*); +WOLFSSL_API int wolfSSL_shutdown(WOLFSSL*); +WOLFSSL_API int wolfSSL_send(WOLFSSL*, const void*, int sz, int flags); +WOLFSSL_API int wolfSSL_recv(WOLFSSL*, void*, int sz, int flags); + +WOLFSSL_API void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX*, int); +WOLFSSL_API void wolfSSL_set_quiet_shutdown(WOLFSSL*, int); + +WOLFSSL_API int wolfSSL_get_error(WOLFSSL*, int); +WOLFSSL_API int wolfSSL_get_alert_history(WOLFSSL*, WOLFSSL_ALERT_HISTORY *); + +WOLFSSL_API int wolfSSL_set_session(WOLFSSL* ssl,WOLFSSL_SESSION* session); +WOLFSSL_API long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* session, long t); +WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl); +WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX *ctx, long tm); +WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL* ssl, const unsigned char*, + int, int); + +#ifdef SESSION_INDEX +WOLFSSL_API int wolfSSL_GetSessionIndex(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session); +#endif /* SESSION_INDEX */ + +#if defined(SESSION_INDEX) && defined(SESSION_CERTS) +WOLFSSL_API + WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session); +#endif /* SESSION_INDEX && SESSION_CERTS */ + +typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*); +typedef int (*pem_password_cb)(char*, int, int, void*); + +WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int, + VerifyCallback verify_callback); +WOLFSSL_API void wolfSSL_set_verify(WOLFSSL*, int, VerifyCallback verify_callback); +WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*); + +WOLFSSL_API int wolfSSL_pending(WOLFSSL*); + +WOLFSSL_API void wolfSSL_load_error_strings(void); +WOLFSSL_API int wolfSSL_library_init(void); +WOLFSSL_API long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX*, long); + +#ifdef HAVE_SECRET_CALLBACK +typedef int (*SessionSecretCb)(WOLFSSL* ssl, + void* secret, int* secretSz, void* ctx); +WOLFSSL_API int wolfSSL_set_session_secret_cb(WOLFSSL*, SessionSecretCb, void*); +#endif /* HAVE_SECRET_CALLBACK */ + +/* session cache persistence */ +WOLFSSL_API int wolfSSL_save_session_cache(const char*); +WOLFSSL_API int wolfSSL_restore_session_cache(const char*); +WOLFSSL_API int wolfSSL_memsave_session_cache(void*, int); +WOLFSSL_API int wolfSSL_memrestore_session_cache(const void*, int); +WOLFSSL_API int wolfSSL_get_session_cache_memsize(void); + +/* certificate cache persistence, uses ctx since certs are per ctx */ +WOLFSSL_API int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX*, const char*); +WOLFSSL_API int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX*, const char*); +WOLFSSL_API int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX*, void*, int, int*); +WOLFSSL_API int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX*, const void*, int); +WOLFSSL_API int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*); + +/* only supports full name from cipher_name[] delimited by : */ +WOLFSSL_API int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX*, const char*); +WOLFSSL_API int wolfSSL_set_cipher_list(WOLFSSL*, const char*); + +/* Nonblocking DTLS helper functions */ +WOLFSSL_API int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int); +WOLFSSL_API int wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int); +WOLFSSL_API int wolfSSL_dtls_got_timeout(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_dtls(WOLFSSL* ssl); + +WOLFSSL_API int wolfSSL_dtls_set_peer(WOLFSSL*, void*, unsigned int); +WOLFSSL_API int wolfSSL_dtls_get_peer(WOLFSSL*, void*, unsigned int*); + +WOLFSSL_API int wolfSSL_CTX_dtls_set_sctp(WOLFSSL_CTX*); +WOLFSSL_API int wolfSSL_dtls_set_sctp(WOLFSSL*); +WOLFSSL_API int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX*, unsigned short); +WOLFSSL_API int wolfSSL_dtls_set_mtu(WOLFSSL*, unsigned short); + +WOLFSSL_API int wolfSSL_ERR_GET_REASON(unsigned long err); +WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*); +WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char* buf, + unsigned long sz); +WOLFSSL_API const char* wolfSSL_ERR_reason_error_string(unsigned long); + +/* extras */ + +#define STACK_OF(x) WOLFSSL_STACK +WOLFSSL_API int wolfSSL_sk_X509_push(STACK_OF(WOLFSSL_X509_NAME)* sk, + WOLFSSL_X509* x509); +WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_pop(STACK_OF(WOLFSSL_X509_NAME)* sk); +WOLFSSL_API void wolfSSL_sk_X509_free(STACK_OF(WOLFSSL_X509_NAME)* sk); + +WOLFSSL_API int wolfSSL_set_ex_data(WOLFSSL*, int, void*); +WOLFSSL_API int wolfSSL_get_shutdown(const WOLFSSL*); +WOLFSSL_API int wolfSSL_set_rfd(WOLFSSL*, int); +WOLFSSL_API int wolfSSL_set_wfd(WOLFSSL*, int); +WOLFSSL_API void wolfSSL_set_shutdown(WOLFSSL*, int); +WOLFSSL_API int wolfSSL_set_session_id_context(WOLFSSL*, const unsigned char*, + unsigned int); +WOLFSSL_API void wolfSSL_set_connect_state(WOLFSSL*); +WOLFSSL_API void wolfSSL_set_accept_state(WOLFSSL*); +WOLFSSL_API int wolfSSL_session_reused(WOLFSSL*); +WOLFSSL_API void wolfSSL_SESSION_free(WOLFSSL_SESSION* session); +WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL*); + +WOLFSSL_API const char* wolfSSL_get_version(WOLFSSL*); +WOLFSSL_API int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl); +WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*); +WOLFSSL_API char* wolfSSL_CIPHER_description(WOLFSSL_CIPHER*, char*, int); +WOLFSSL_API const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher); +WOLFSSL_API const char* wolfSSL_SESSION_CIPHER_get_name(WOLFSSL_SESSION* session); +WOLFSSL_API const char* wolfSSL_get_cipher(WOLFSSL*); +WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl); + /* what's ref count */ + +WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*); +WOLFSSL_API void wolfSSL_OPENSSL_free(void*); + +WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, + char** path, int* ssl); + +WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void); +WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void); +WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); + +WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX*); +WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX*, const void*, unsigned long); +WOLFSSL_API void wolfSSL_MD4_Final(unsigned char*, WOLFSSL_MD4_CTX*); + + +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); +WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*); +WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*); +WOLFSSL_API int wolfSSL_BIO_read(WOLFSSL_BIO*, void*, int); +WOLFSSL_API int wolfSSL_BIO_write(WOLFSSL_BIO*, const void*, int); +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO*, WOLFSSL_BIO* append); +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO*); +WOLFSSL_API int wolfSSL_BIO_flush(WOLFSSL_BIO*); +WOLFSSL_API int wolfSSL_BIO_pending(WOLFSSL_BIO*); + +WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void); +WOLFSSL_API long wolfSSL_BIO_set_write_buffer_size(WOLFSSL_BIO*, long size); +WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void); +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int flag); +WOLFSSL_API int wolfSSL_BIO_eof(WOLFSSL_BIO*); + +WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void); +WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void); +WOLFSSL_API void wolfSSL_BIO_set_flags(WOLFSSL_BIO*, int); + +WOLFSSL_API int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,const unsigned char** p); +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len); + + +WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag); +WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr); + +WOLFSSL_API int wolfSSL_add_all_algorithms(void); + +WOLFSSL_API void wolfSSL_RAND_screen(void); +WOLFSSL_API const char* wolfSSL_RAND_file_name(char*, unsigned long); +WOLFSSL_API int wolfSSL_RAND_write_file(const char*); +WOLFSSL_API int wolfSSL_RAND_load_file(const char*, long); +WOLFSSL_API int wolfSSL_RAND_egd(const char*); +WOLFSSL_API int wolfSSL_RAND_seed(const void*, int); +WOLFSSL_API void wolfSSL_RAND_add(const void*, int, double); + +WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void); +WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void); +WOLFSSL_API int wolfSSL_COMP_add_compression_method(int, void*); + +WOLFSSL_API int wolfSSL_get_ex_new_index(long, void*, void*, void*, void*); + +WOLFSSL_API void wolfSSL_set_id_callback(unsigned long (*f)(void)); +WOLFSSL_API void wolfSSL_set_locking_callback(void (*f)(int, int, const char*, + int)); +WOLFSSL_API void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f) + (const char*, int)); +WOLFSSL_API void wolfSSL_set_dynlock_lock_callback(void (*f)(int, + WOLFSSL_dynlock_value*, const char*, int)); +WOLFSSL_API void wolfSSL_set_dynlock_destroy_callback(void (*f) + (WOLFSSL_dynlock_value*, const char*, int)); +WOLFSSL_API int wolfSSL_num_locks(void); + +WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get_current_cert( + WOLFSSL_X509_STORE_CTX*); +WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error(WOLFSSL_X509_STORE_CTX*); +WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error_depth(WOLFSSL_X509_STORE_CTX*); + +WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, char*, int); +WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*); +WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*); +WOLFSSL_API int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509*, int); +WOLFSSL_API int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509*, int); +WOLFSSL_API int wolfSSL_X509_get_isCA(WOLFSSL_X509*); +WOLFSSL_API int wolfSSL_X509_get_isSet_pathLength(WOLFSSL_X509*); +WOLFSSL_API unsigned int wolfSSL_X509_get_pathLength(WOLFSSL_X509*); +WOLFSSL_API unsigned int wolfSSL_X509_get_keyUsage(WOLFSSL_X509*); +WOLFSSL_API unsigned char* wolfSSL_X509_get_authorityKeyID( + WOLFSSL_X509*, unsigned char*, int*); +WOLFSSL_API unsigned char* wolfSSL_X509_get_subjectKeyID( + WOLFSSL_X509*, unsigned char*, int*); +WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*); +WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID( + WOLFSSL_X509_NAME*, int, char*, int); +WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_NID( + WOLFSSL_X509_NAME*, int, int); +WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY*); +WOLFSSL_API char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); +WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); +WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*); +WOLFSSL_API const char* wolfSSL_X509_verify_cert_error_string(long); +WOLFSSL_API int wolfSSL_X509_get_signature_type(WOLFSSL_X509*); +WOLFSSL_API int wolfSSL_X509_get_signature(WOLFSSL_X509*, unsigned char*, int*); + +WOLFSSL_API int wolfSSL_X509_LOOKUP_add_dir(WOLFSSL_X509_LOOKUP*,const char*,long); +WOLFSSL_API int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP*, const char*, + long); +WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_hash_dir(void); +WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_file(void); + +WOLFSSL_API WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE*, + WOLFSSL_X509_LOOKUP_METHOD*); +WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void); +WOLFSSL_API void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE*); +WOLFSSL_API int wolfSSL_X509_STORE_add_cert( + WOLFSSL_X509_STORE*, WOLFSSL_X509*); +WOLFSSL_API int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE*); +WOLFSSL_API int wolfSSL_X509_STORE_get_by_subject(WOLFSSL_X509_STORE_CTX*, + int, WOLFSSL_X509_NAME*, WOLFSSL_X509_OBJECT*); +WOLFSSL_API WOLFSSL_X509_STORE_CTX* wolfSSL_X509_STORE_CTX_new(void); +WOLFSSL_API int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX*, + WOLFSSL_X509_STORE*, WOLFSSL_X509*, STACK_OF(WOLFSSL_X509)*); +WOLFSSL_API void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX*); +WOLFSSL_API void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX*); + +WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL*); +WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL*); + +WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509*); +WOLFSSL_API int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKEY*); +WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX*, + int); +WOLFSSL_API void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT*); +WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*); +WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*); +WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*); + +WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*); +WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value( + WOLFSSL_X509_REVOKED*,int); +WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509*); + +WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO*, const WOLFSSL_ASN1_TIME*); + +WOLFSSL_API int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER*, + const WOLFSSL_ASN1_INTEGER*); +WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER*); + +WOLFSSL_API STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*); + +WOLFSSL_API void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX*, + STACK_OF(WOLFSSL_X509_NAME)*); +WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX*, int); +WOLFSSL_API int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void); +WOLFSSL_API void* wolfSSL_get_ex_data(const WOLFSSL*, int); + +WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX*, + void* userdata); +WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb(WOLFSSL_CTX*, pem_password_cb); + + +WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX*, + void (*)(const WOLFSSL* ssl, int type, int val)); + +WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void); +WOLFSSL_API int wolfSSL_GET_REASON(int); + +WOLFSSL_API char* wolfSSL_alert_type_string_long(int); +WOLFSSL_API char* wolfSSL_alert_desc_string_long(int); +WOLFSSL_API char* wolfSSL_state_string_long(const WOLFSSL*); + +WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long, + void(*)(int, int, void*), void*); +WOLFSSL_API void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX*, + WOLFSSL_RSA*(*)(WOLFSSL*, int, int)); + +WOLFSSL_API int wolfSSL_PEM_def_callback(char*, int num, int w, void* key); + +WOLFSSL_API long wolfSSL_CTX_sess_accept(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_connect(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_accept_good(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_connect_good(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_accept_renegotiate(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_connect_renegotiate(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_hits(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_cb_hits(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_cache_full(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_misses(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_timeouts(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_number(WOLFSSL_CTX*); +WOLFSSL_API long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX*); + +#define WOLFSSL_DEFAULT_CIPHER_LIST "" /* default all */ +#define WOLFSSL_RSA_F4 0x10001L + +enum { + OCSP_NOCERTS = 1, + OCSP_NOINTERN = 2, + OCSP_NOSIGS = 4, + OCSP_NOCHAIN = 8, + OCSP_NOVERIFY = 16, + OCSP_NOEXPLICIT = 32, + OCSP_NOCASIGN = 64, + OCSP_NODELEGATED = 128, + OCSP_NOCHECKS = 256, + OCSP_TRUSTOTHER = 512, + OCSP_RESPID_KEY = 1024, + OCSP_NOTIME = 2048, + + OCSP_CERTID = 2, + OCSP_REQUEST = 4, + OCSP_RESPONSE = 8, + OCSP_BASICRESP = 16, + + WOLFSSL_OCSP_URL_OVERRIDE = 1, + WOLFSSL_OCSP_NO_NONCE = 2, + WOLFSSL_OCSP_CHECKALL = 4, + + WOLFSSL_CRL_CHECKALL = 1, + + ASN1_GENERALIZEDTIME = 4, + + SSL_OP_MICROSOFT_SESS_ID_BUG = 1, + SSL_OP_NETSCAPE_CHALLENGE_BUG = 2, + SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3, + SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4, + SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5, + SSL_OP_MSIE_SSLV2_RSA_PADDING = 6, + SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7, + SSL_OP_TLS_D5_BUG = 8, + SSL_OP_TLS_BLOCK_PADDING_BUG = 9, + SSL_OP_TLS_ROLLBACK_BUG = 10, + SSL_OP_ALL = 11, + SSL_OP_EPHEMERAL_RSA = 12, + SSL_OP_NO_SSLv3 = 13, + SSL_OP_NO_TLSv1 = 14, + SSL_OP_PKCS1_CHECK_1 = 15, + SSL_OP_PKCS1_CHECK_2 = 16, + SSL_OP_NETSCAPE_CA_DN_BUG = 17, + SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18, + SSL_OP_SINGLE_DH_USE = 19, + SSL_OP_NO_TICKET = 20, + SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21, + SSL_OP_NO_QUERY_MTU = 22, + SSL_OP_COOKIE_EXCHANGE = 23, + SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24, + SSL_OP_SINGLE_ECDH_USE = 25, + SSL_OP_CIPHER_SERVER_PREFERENCE = 26, + + SSL_MAX_SSL_SESSION_ID_LENGTH = 32, + + EVP_R_BAD_DECRYPT = 2, + + SSL_CB_LOOP = 4, + SSL_ST_CONNECT = 5, + SSL_ST_ACCEPT = 6, + SSL_CB_ALERT = 7, + SSL_CB_READ = 8, + SSL_CB_HANDSHAKE_DONE = 9, + + SSL_MODE_ENABLE_PARTIAL_WRITE = 2, + + BIO_FLAGS_BASE64_NO_NL = 1, + BIO_CLOSE = 1, + BIO_NOCLOSE = 0, + + NID_undef = 0, + + X509_FILETYPE_PEM = 8, + X509_LU_X509 = 9, + X509_LU_CRL = 12, + + X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, + X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, + X509_V_ERR_CRL_HAS_EXPIRED = 15, + X509_V_ERR_CERT_REVOKED = 16, + X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, + X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, + X509_V_ERR_CERT_NOT_YET_VALID = 19, + X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, + X509_V_ERR_CERT_HAS_EXPIRED = 21, + X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, + X509_V_ERR_CERT_REJECTED = 23, + X509_V_OK = 0, + + XN_FLAG_SPC_EQ = (1 << 23), + XN_FLAG_ONELINE = 0, + + CRYPTO_LOCK = 1, + CRYPTO_NUM_LOCKS = 10, + + ASN1_STRFLGS_ESC_MSB = 4 +}; + +/* extras end */ + +#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) +/* wolfSSL extension, provide last error from SSL_get_error + since not using thread storage error queue */ +#include +WOLFSSL_API void wolfSSL_ERR_print_errors_fp(FILE*, int err); +#endif + +enum { /* ssl Constants */ + SSL_ERROR_NONE = 0, /* for most functions */ + SSL_FAILURE = 0, /* for some functions */ + SSL_SUCCESS = 1, + SSL_SHUTDOWN_NOT_DONE = 2, /* call wolfSSL_shutdown again to complete */ + + SSL_ALPN_NOT_FOUND = -9, + SSL_BAD_CERTTYPE = -8, + SSL_BAD_STAT = -7, + SSL_BAD_PATH = -6, + SSL_BAD_FILETYPE = -5, + SSL_BAD_FILE = -4, + SSL_NOT_IMPLEMENTED = -3, + SSL_UNKNOWN = -2, + SSL_FATAL_ERROR = -1, + + SSL_FILETYPE_ASN1 = 2, + SSL_FILETYPE_PEM = 1, + SSL_FILETYPE_DEFAULT = 2, /* ASN1 */ + SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ + + SSL_VERIFY_NONE = 0, + SSL_VERIFY_PEER = 1, + SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, + SSL_VERIFY_CLIENT_ONCE = 4, + SSL_VERIFY_FAIL_EXCEPT_PSK = 8, + + SSL_SESS_CACHE_OFF = 30, + SSL_SESS_CACHE_CLIENT = 31, + SSL_SESS_CACHE_SERVER = 32, + SSL_SESS_CACHE_BOTH = 33, + SSL_SESS_CACHE_NO_AUTO_CLEAR = 34, + SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35, + + SSL_ERROR_WANT_READ = 2, + SSL_ERROR_WANT_WRITE = 3, + SSL_ERROR_WANT_CONNECT = 7, + SSL_ERROR_WANT_ACCEPT = 8, + SSL_ERROR_SYSCALL = 5, + SSL_ERROR_WANT_X509_LOOKUP = 83, + SSL_ERROR_ZERO_RETURN = 6, + SSL_ERROR_SSL = 85, + + SSL_SENT_SHUTDOWN = 1, + SSL_RECEIVED_SHUTDOWN = 2, + SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4, + SSL_OP_NO_SSLv2 = 8, + + SSL_R_SSL_HANDSHAKE_FAILURE = 101, + SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102, + SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103, + SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104, + + PEM_BUFSIZE = 1024 +}; + + +#ifndef NO_PSK + typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*, + unsigned int, unsigned char*, unsigned int); + WOLFSSL_API void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX*, + wc_psk_client_callback); + WOLFSSL_API void wolfSSL_set_psk_client_callback(WOLFSSL*, + wc_psk_client_callback); + + WOLFSSL_API const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*); + WOLFSSL_API const char* wolfSSL_get_psk_identity(const WOLFSSL*); + + WOLFSSL_API int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX*, const char*); + WOLFSSL_API int wolfSSL_use_psk_identity_hint(WOLFSSL*, const char*); + + typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*, + unsigned char*, unsigned int); + WOLFSSL_API void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX*, + wc_psk_server_callback); + WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL*, + wc_psk_server_callback); + + #define PSK_TYPES_DEFINED +#endif /* NO_PSK */ + + +#ifdef HAVE_ANON + WOLFSSL_API int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*); +#endif /* HAVE_ANON */ + + +/* extra begins */ + +enum { /* ERR Constants */ + ERR_TXT_STRING = 1 +}; + +WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line_data(const char**, int*, + const char**, int *); + +WOLFSSL_API unsigned long wolfSSL_ERR_get_error(void); +WOLFSSL_API void wolfSSL_ERR_clear_error(void); + + +WOLFSSL_API int wolfSSL_RAND_status(void); +WOLFSSL_API int wolfSSL_RAND_bytes(unsigned char* buf, int num); +WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method(void); +WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long); +#ifndef NO_CERTS + WOLFSSL_API int wolfSSL_CTX_check_private_key(WOLFSSL_CTX*); +#endif /* !NO_CERTS */ + +WOLFSSL_API void wolfSSL_ERR_free_strings(void); +WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long); +WOLFSSL_API void wolfSSL_EVP_cleanup(void); +WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl); + +WOLFSSL_API void wolfSSL_cleanup_all_ex_data(void); +WOLFSSL_API long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode); +WOLFSSL_API long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx); +WOLFSSL_API void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m); +WOLFSSL_API long wolfSSL_SSL_get_mode(WOLFSSL* ssl); + +WOLFSSL_API long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX*, long); + +WOLFSSL_API int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX*); +WOLFSSL_API int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX*, + const unsigned char*, unsigned int); +WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl); + +WOLFSSL_API int wolfSSL_want_read(WOLFSSL*); +WOLFSSL_API int wolfSSL_want_write(WOLFSSL*); + +WOLFSSL_API int wolfSSL_BIO_printf(WOLFSSL_BIO*, const char*, ...); +WOLFSSL_API int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO*, + const WOLFSSL_ASN1_UTCTIME*); +WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_X509_REVOKED*); +WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_X509_REVOKED*, int); + +/* stunnel 4.28 needs */ +WOLFSSL_API void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX*, int); +WOLFSSL_API int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX*, int, void*); +WOLFSSL_API void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX*, + WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*)); +WOLFSSL_API void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX*, + int (*f)(WOLFSSL*, WOLFSSL_SESSION*)); +WOLFSSL_API void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX*, + void (*f)(WOLFSSL_CTX*, WOLFSSL_SESSION*)); + +WOLFSSL_API int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION*,unsigned char**); +WOLFSSL_API WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION**, + const unsigned char**, long); + +WOLFSSL_API long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION*); +WOLFSSL_API long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION*); +WOLFSSL_API int wolfSSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); + +/* extra ends */ + + +/* wolfSSL extensions */ + +/* call before SSL_connect, if verifying will add name check to + date check and signature check */ +WOLFSSL_API int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn); + +/* need to call once to load library (session cache) */ +WOLFSSL_API int wolfSSL_Init(void); +/* call when done to cleanup/free session cache mutex / resources */ +WOLFSSL_API int wolfSSL_Cleanup(void); + +/* which library version do we have */ +WOLFSSL_API const char* wolfSSL_lib_version(void); +/* which library version do we have in hex */ +WOLFSSL_API unsigned int wolfSSL_lib_version_hex(void); + +/* turn logging on, only if compiled in */ +WOLFSSL_API int wolfSSL_Debugging_ON(void); +/* turn logging off */ +WOLFSSL_API void wolfSSL_Debugging_OFF(void); + +/* do accept or connect depedning on side */ +WOLFSSL_API int wolfSSL_negotiate(WOLFSSL* ssl); +/* turn on wolfSSL data compression */ +WOLFSSL_API int wolfSSL_set_compression(WOLFSSL* ssl); + +WOLFSSL_API int wolfSSL_set_timeout(WOLFSSL*, unsigned int); +WOLFSSL_API int wolfSSL_CTX_set_timeout(WOLFSSL_CTX*, unsigned int); + +/* get wolfSSL peer X509_CHAIN */ +WOLFSSL_API WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl); +/* peer chain count */ +WOLFSSL_API int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain); +/* index cert length */ +WOLFSSL_API int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN*, int idx); +/* index cert */ +WOLFSSL_API unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN*, int idx); +/* index cert in X509 */ +WOLFSSL_API WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN*, int idx); +/* free X509 */ +WOLFSSL_API void wolfSSL_FreeX509(WOLFSSL_X509*); +/* get index cert in PEM */ +WOLFSSL_API int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN*, int idx, + unsigned char* buf, int inLen, int* outLen); +WOLFSSL_API const unsigned char* wolfSSL_get_sessionID(const WOLFSSL_SESSION* s); +WOLFSSL_API int wolfSSL_X509_get_serial_number(WOLFSSL_X509*,unsigned char*,int*); +WOLFSSL_API char* wolfSSL_X509_get_subjectCN(WOLFSSL_X509*); +WOLFSSL_API const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509*, int*); +WOLFSSL_API const unsigned char* wolfSSL_X509_notBefore(WOLFSSL_X509*); +WOLFSSL_API const unsigned char* wolfSSL_X509_notAfter(WOLFSSL_X509*); +WOLFSSL_API int wolfSSL_X509_version(WOLFSSL_X509*); + +WOLFSSL_API int wolfSSL_cmp_peer_cert_to_file(WOLFSSL*, const char*); + +WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*); + +WOLFSSL_API WOLFSSL_X509* + wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len); +#ifndef NO_FILESYSTEM + #ifndef NO_STDIO_FILESYSTEM + WOLFSSL_API WOLFSSL_X509* + wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, FILE* file); + #endif +WOLFSSL_API WOLFSSL_X509* + wolfSSL_X509_load_certificate_file(const char* fname, int format); +#endif +WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_load_certificate_buffer( + const unsigned char* buf, int sz, int format); + +#ifdef WOLFSSL_SEP + WOLFSSL_API unsigned char* + wolfSSL_X509_get_device_type(WOLFSSL_X509*, unsigned char*, int*); + WOLFSSL_API unsigned char* + wolfSSL_X509_get_hw_type(WOLFSSL_X509*, unsigned char*, int*); + WOLFSSL_API unsigned char* + wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509*, unsigned char*, int*); +#endif + +/* connect enough to get peer cert */ +WOLFSSL_API int wolfSSL_connect_cert(WOLFSSL* ssl); + + + +/* PKCS12 compatibility */ +typedef struct WC_PKCS12 WC_PKCS12; +WOLFSSL_API WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, + WC_PKCS12** pkcs12); +WOLFSSL_API int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, + WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, STACK_OF(WOLFSSL_X509)** ca); +WOLFSSL_API void wolfSSL_PKCS12_PBE_add(void); + + + +#ifndef NO_DH +/* server Diffie-Hellman parameters */ +WOLFSSL_API int wolfSSL_SetTmpDH(WOLFSSL*, const unsigned char* p, int pSz, + const unsigned char* g, int gSz); +WOLFSSL_API int wolfSSL_SetTmpDH_buffer(WOLFSSL*, const unsigned char* b, long sz, + int format); +#ifndef NO_FILESYSTEM + WOLFSSL_API int wolfSSL_SetTmpDH_file(WOLFSSL*, const char* f, int format); +#endif + +/* server ctx Diffie-Hellman parameters */ +WOLFSSL_API int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX*, const unsigned char* p, + int pSz, const unsigned char* g, int gSz); +WOLFSSL_API int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX*, const unsigned char* b, + long sz, int format); + +#ifndef NO_FILESYSTEM + WOLFSSL_API int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX*, const char* f, + int format); +#endif + +WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, unsigned short); +WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, unsigned short); +WOLFSSL_API int wolfSSL_GetDhKey_Sz(WOLFSSL*); +#endif /* NO_DH */ + +#ifndef NO_RSA +WOLFSSL_API int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX*, short); +WOLFSSL_API int wolfSSL_SetMinRsaKey_Sz(WOLFSSL*, short); +#endif /* NO_RSA */ + +#ifdef HAVE_ECC +WOLFSSL_API int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX*, short); +WOLFSSL_API int wolfSSL_SetMinEccKey_Sz(WOLFSSL*, short); +#endif /* NO_RSA */ + +WOLFSSL_API int wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL*, unsigned short); +WOLFSSL_API int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX*, unsigned short); + +/* keyblock size in bytes or -1 */ +/* need to call wolfSSL_KeepArrays before handshake to save keys */ +WOLFSSL_API int wolfSSL_get_keyblock_size(WOLFSSL*); +WOLFSSL_API int wolfSSL_get_keys(WOLFSSL*,unsigned char** ms, unsigned int* msLen, + unsigned char** sr, unsigned int* srLen, + unsigned char** cr, unsigned int* crLen); + +/* Computes EAP-TLS and EAP-TTLS keying material from the master_secret. */ +WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, + const char* label); + + +#ifndef _WIN32 + #ifndef NO_WRITEV + #ifdef __PPU + #include + #include + #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM) && \ + !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_ROWLEY_ARM) && \ + !defined(WOLFSSL_EMBOS) && !defined(WOLFSSL_FROSTED) + #include + #endif + /* allow writev style writing */ + WOLFSSL_API int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov, + int iovcnt); + #endif +#endif + + +#ifndef NO_CERTS + /* SSL_CTX versions */ + WOLFSSL_API int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*); +#ifdef WOLFSSL_TRUST_PEER_CERT + WOLFSSL_API int wolfSSL_CTX_Unload_trust_peers(WOLFSSL_CTX*); + WOLFSSL_API int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX*, + const unsigned char*, long, int); +#endif + WOLFSSL_API int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX*, + const unsigned char*, long, int); + WOLFSSL_API int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX*, + const unsigned char*, long, int); + WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX*, + const unsigned char*, long, int); + WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer_format(WOLFSSL_CTX*, + const unsigned char*, long, int); + WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX*, + const unsigned char*, long); + + /* SSL versions */ + WOLFSSL_API int wolfSSL_use_certificate_buffer(WOLFSSL*, const unsigned char*, + long, int); + WOLFSSL_API int wolfSSL_use_PrivateKey_buffer(WOLFSSL*, const unsigned char*, + long, int); + WOLFSSL_API int wolfSSL_use_certificate_chain_buffer_format(WOLFSSL*, + const unsigned char*, long, int); + WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL*, + const unsigned char*, long); + WOLFSSL_API int wolfSSL_UnloadCertsKeys(WOLFSSL*); + + #if defined(OPENSSL_EXTRA) && defined(KEEP_OUR_CERT) + WOLFSSL_API WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl); + #endif +#endif + +WOLFSSL_API int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*); +WOLFSSL_API int wolfSSL_set_group_messages(WOLFSSL*); + +/* I/O callbacks */ +typedef int (*CallbackIORecv)(WOLFSSL *ssl, char *buf, int sz, void *ctx); +typedef int (*CallbackIOSend)(WOLFSSL *ssl, char *buf, int sz, void *ctx); + +#ifdef HAVE_FUZZER +enum fuzzer_type { + FUZZ_HMAC = 0, + FUZZ_ENCRYPT = 1, + FUZZ_SIGNATURE = 2, + FUZZ_HASH = 3, + FUZZ_HEAD = 4 +}; + +typedef int (*CallbackFuzzer)(WOLFSSL* ssl, const unsigned char* buf, int sz, + int type, void* fuzzCtx); + +WOLFSSL_API void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx); +#endif + +WOLFSSL_API void wolfSSL_SetIORecv(WOLFSSL_CTX*, CallbackIORecv); +WOLFSSL_API void wolfSSL_SetIOSend(WOLFSSL_CTX*, CallbackIOSend); + +WOLFSSL_API void wolfSSL_SetIOReadCtx( WOLFSSL* ssl, void *ctx); +WOLFSSL_API void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *ctx); + +WOLFSSL_API void* wolfSSL_GetIOReadCtx( WOLFSSL* ssl); +WOLFSSL_API void* wolfSSL_GetIOWriteCtx(WOLFSSL* ssl); + +WOLFSSL_API void wolfSSL_SetIOReadFlags( WOLFSSL* ssl, int flags); +WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags); + +#ifndef WOLFSSL_USER_IO + /* default IO callbacks */ + WOLFSSL_API int EmbedReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx); + WOLFSSL_API int EmbedSend(WOLFSSL* ssl, char* buf, int sz, void* ctx); + + #ifdef HAVE_OCSP + WOLFSSL_API int EmbedOcspLookup(void*, const char*, int, unsigned char*, + int, unsigned char**); + WOLFSSL_API void EmbedOcspRespFree(void*, unsigned char*); + #endif + + #ifdef WOLFSSL_DTLS + WOLFSSL_API int EmbedReceiveFrom(WOLFSSL* ssl, char* buf, int sz, void*); + WOLFSSL_API int EmbedSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx); + WOLFSSL_API int EmbedGenerateCookie(WOLFSSL* ssl, unsigned char* buf, + int sz, void*); + #ifdef WOLFSSL_SESSION_EXPORT + WOLFSSL_API int EmbedGetPeer(WOLFSSL* ssl, char* ip, int* ipSz, + unsigned short* port, int* fam); + WOLFSSL_API int EmbedSetPeer(WOLFSSL* ssl, char* ip, int ipSz, + unsigned short port, int fam); + + typedef int (*CallbackGetPeer)(WOLFSSL* ssl, char* ip, int* ipSz, + unsigned short* port, int* fam); + typedef int (*CallbackSetPeer)(WOLFSSL* ssl, char* ip, int ipSz, + unsigned short port, int fam); + + WOLFSSL_API void wolfSSL_CTX_SetIOGetPeer(WOLFSSL_CTX*, + CallbackGetPeer); + WOLFSSL_API void wolfSSL_CTX_SetIOSetPeer(WOLFSSL_CTX*, + CallbackSetPeer); + #endif /* WOLFSSL_SESSION_EXPORT */ + #endif /* WOLFSSL_DTLS */ +#endif /* WOLFSSL_USER_IO */ + + +#ifdef HAVE_NETX + WOLFSSL_API void wolfSSL_SetIO_NetX(WOLFSSL* ssl, NX_TCP_SOCKET* nxsocket, + ULONG waitoption); +#endif + +typedef int (*CallbackGenCookie)(WOLFSSL* ssl, unsigned char* buf, int sz, + void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetGenCookie(WOLFSSL_CTX*, CallbackGenCookie); +WOLFSSL_API void wolfSSL_SetCookieCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetCookieCtx(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_DTLS_SetCookieSecret(WOLFSSL*, + const unsigned char*, + unsigned int); + + +/* I/O Callback default errors */ +enum IOerrors { + WOLFSSL_CBIO_ERR_GENERAL = -1, /* general unexpected err */ + WOLFSSL_CBIO_ERR_WANT_READ = -2, /* need to call read again */ + WOLFSSL_CBIO_ERR_WANT_WRITE = -2, /* need to call write again */ + WOLFSSL_CBIO_ERR_CONN_RST = -3, /* connection reset */ + WOLFSSL_CBIO_ERR_ISR = -4, /* interrupt */ + WOLFSSL_CBIO_ERR_CONN_CLOSE = -5, /* connection closed or epipe */ + WOLFSSL_CBIO_ERR_TIMEOUT = -6 /* socket timeout */ +}; + + +/* CA cache callbacks */ +enum { + WOLFSSL_SSLV3 = 0, + WOLFSSL_TLSV1 = 1, + WOLFSSL_TLSV1_1 = 2, + WOLFSSL_TLSV1_2 = 3, + WOLFSSL_USER_CA = 1, /* user added as trusted */ + WOLFSSL_CHAIN_CA = 2 /* added to cache from trusted chain */ +}; + +WOLFSSL_API WC_RNG* wolfSSL_GetRNG(WOLFSSL*); + +WOLFSSL_API int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX* ctx, int version); +WOLFSSL_API int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version); +WOLFSSL_API int wolfSSL_GetObjectSize(void); /* object size based on build */ +WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int); +WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*); +WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version); +WOLFSSL_API int wolfSSL_KeyPemToDer(const unsigned char*, int, + unsigned char*, int, const char*); +WOLFSSL_API int wolfSSL_CertPemToDer(const unsigned char*, int, + unsigned char*, int, int); +#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER) + #ifndef WOLFSSL_PEMPUBKEY_TODER_DEFINED + #ifndef NO_FILESYSTEM + WOLFSSL_API int wolfSSL_PemPubKeyToDer(const char* fileName, + unsigned char* derBuf, int derSz); + #endif + WOLFSSL_API int wolfSSL_PubKeyPemToDer(const unsigned char*, int, + unsigned char*, int); + #define WOLFSSL_PEMPUBKEY_TODER_DEFINED + #endif /* WOLFSSL_PEMPUBKEY_TODER_DEFINED */ +#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER*/ + +typedef void (*CallbackCACache)(unsigned char* der, int sz, int type); +typedef void (*CbMissingCRL)(const char* url); +typedef int (*CbOCSPIO)(void*, const char*, int, + unsigned char*, int, unsigned char**); +typedef void (*CbOCSPRespFree)(void*,unsigned char*); + +/* User Atomic Record Layer CallBacks */ +typedef int (*CallbackMacEncrypt)(WOLFSSL* ssl, unsigned char* macOut, + const unsigned char* macIn, unsigned int macInSz, int macContent, + int macVerify, unsigned char* encOut, const unsigned char* encIn, + unsigned int encSz, void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX*, CallbackMacEncrypt); +WOLFSSL_API void wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetMacEncryptCtx(WOLFSSL* ssl); + +typedef int (*CallbackDecryptVerify)(WOLFSSL* ssl, + unsigned char* decOut, const unsigned char* decIn, + unsigned int decSz, int content, int verify, unsigned int* padSz, + void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX*, + CallbackDecryptVerify); +WOLFSSL_API void wolfSSL_SetDecryptVerifyCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl); + +WOLFSSL_API const unsigned char* wolfSSL_GetMacSecret(WOLFSSL*, int); +WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*); +WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*); +WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*); +WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetKeySize(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetIVSize(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetSide(WOLFSSL*); +WOLFSSL_API int wolfSSL_IsTLSv1_1(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetBulkCipher(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetCipherBlockSize(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetAeadMacSize(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetHmacSize(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetHmacType(WOLFSSL*); +WOLFSSL_API int wolfSSL_GetCipherType(WOLFSSL*); +WOLFSSL_API int wolfSSL_SetTlsHmacInner(WOLFSSL*, unsigned char*, + unsigned int, int, int); + +/* Atomic User Needs */ +enum { + WOLFSSL_SERVER_END = 0, + WOLFSSL_CLIENT_END = 1, + WOLFSSL_BLOCK_TYPE = 2, + WOLFSSL_STREAM_TYPE = 3, + WOLFSSL_AEAD_TYPE = 4, + WOLFSSL_TLS_HMAC_INNER_SZ = 13 /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */ +}; + +/* for GetBulkCipher and internal use */ +enum BulkCipherAlgorithm { + wolfssl_cipher_null, + wolfssl_rc4, + wolfssl_rc2, + wolfssl_des, + wolfssl_triple_des, /* leading 3 (3des) not valid identifier */ + wolfssl_des40, + wolfssl_idea, + wolfssl_aes, + wolfssl_aes_gcm, + wolfssl_aes_ccm, + wolfssl_chacha, + wolfssl_camellia, + wolfssl_hc128, /* wolfSSL extensions */ + wolfssl_rabbit +}; + + +/* for KDF TLS 1.2 mac types */ +enum KDF_MacAlgorithm { + wolfssl_sha256 = 4, /* needs to match internal MACAlgorithm */ + wolfssl_sha384, + wolfssl_sha512 +}; + + +/* Public Key Callback support */ +typedef int (*CallbackEccSign)(WOLFSSL* ssl, + const unsigned char* in, unsigned int inSz, + unsigned char* out, unsigned int* outSz, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX*, CallbackEccSign); +WOLFSSL_API void wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl); + +typedef int (*CallbackEccVerify)(WOLFSSL* ssl, + const unsigned char* sig, unsigned int sigSz, + const unsigned char* hash, unsigned int hashSz, + const unsigned char* keyDer, unsigned int keySz, + int* result, void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX*, CallbackEccVerify); +WOLFSSL_API void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl); + +struct ecc_key; +typedef int (*CallbackEccSharedSecret)(WOLFSSL* ssl, struct ecc_key* otherKey, + unsigned char* pubKeyDer, unsigned int* pubKeySz, + unsigned char* out, unsigned int* outlen, + int side, void* ctx); /* side is WOLFSSL_CLIENT_END or WOLFSSL_SERVER_END */ +WOLFSSL_API void wolfSSL_CTX_SetEccSharedSecretCb(WOLFSSL_CTX*, CallbackEccSharedSecret); +WOLFSSL_API void wolfSSL_SetEccSharedSecretCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetEccSharedSecretCtx(WOLFSSL* ssl); + +typedef int (*CallbackRsaSign)(WOLFSSL* ssl, + const unsigned char* in, unsigned int inSz, + unsigned char* out, unsigned int* outSz, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX*, CallbackRsaSign); +WOLFSSL_API void wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl); + +typedef int (*CallbackRsaVerify)(WOLFSSL* ssl, + unsigned char* sig, unsigned int sigSz, + unsigned char** out, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX*, CallbackRsaVerify); +WOLFSSL_API void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl); + +/* RSA Public Encrypt cb */ +typedef int (*CallbackRsaEnc)(WOLFSSL* ssl, + const unsigned char* in, unsigned int inSz, + unsigned char* out, unsigned int* outSz, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX*, CallbackRsaEnc); +WOLFSSL_API void wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl); + +/* RSA Private Decrypt cb */ +typedef int (*CallbackRsaDec)(WOLFSSL* ssl, + unsigned char* in, unsigned int inSz, + unsigned char** out, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +WOLFSSL_API void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX*, CallbackRsaDec); +WOLFSSL_API void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx); +WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl); + + +#ifndef NO_CERTS + WOLFSSL_API void wolfSSL_CTX_SetCACb(WOLFSSL_CTX*, CallbackCACache); + + WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap); + WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void); + WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*); + + WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER*, const char* f, + const char* d); + WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER*, + const unsigned char* in, long sz, int format); + WOLFSSL_API int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm); +#ifdef WOLFSSL_TRUST_PEER_CERT + WOLFSSL_API int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm); +#endif + WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER*, const char* f, + int format); + WOLFSSL_API int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, + const unsigned char* buff, long sz, int format); + WOLFSSL_API int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER*, + unsigned char*, int sz); + WOLFSSL_API int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER*, + int options); + WOLFSSL_API int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER*); + WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER*, + const char*, int, int); + WOLFSSL_API int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER*, + const unsigned char*, long sz, int); + WOLFSSL_API int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER*, + CbMissingCRL); + WOLFSSL_API int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER*, + unsigned char*, int sz); + WOLFSSL_API int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER*, + int options); + WOLFSSL_API int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER*); + WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER*, + const char*); + WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER*, + CbOCSPIO, CbOCSPRespFree, void*); + + WOLFSSL_API int wolfSSL_CertManagerEnableOCSPStapling( + WOLFSSL_CERT_MANAGER* cm); + + WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options); + WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl); + WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int); + WOLFSSL_API int wolfSSL_LoadCRLBuffer(WOLFSSL*, + const unsigned char*, long sz, int); + WOLFSSL_API int wolfSSL_SetCRL_Cb(WOLFSSL*, CbMissingCRL); + WOLFSSL_API int wolfSSL_EnableOCSP(WOLFSSL*, int options); + WOLFSSL_API int wolfSSL_DisableOCSP(WOLFSSL*); + WOLFSSL_API int wolfSSL_SetOCSP_OverrideURL(WOLFSSL*, const char*); + WOLFSSL_API int wolfSSL_SetOCSP_Cb(WOLFSSL*, CbOCSPIO, CbOCSPRespFree, void*); + + WOLFSSL_API int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options); + WOLFSSL_API int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx); + WOLFSSL_API int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX*, const char*, int, int); + WOLFSSL_API int wolfSSL_CTX_LoadCRLBuffer(WOLFSSL_CTX*, + const unsigned char*, long sz, int); + WOLFSSL_API int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX*, CbMissingCRL); + WOLFSSL_API int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX*, int options); + WOLFSSL_API int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*); + WOLFSSL_API int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX*, const char*); + WOLFSSL_API int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX*, + CbOCSPIO, CbOCSPRespFree, void*); + + WOLFSSL_API int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*); +#endif /* !NO_CERTS */ + + +#ifdef SINGLE_THREADED + WOLFSSL_API int wolfSSL_CTX_new_rng(WOLFSSL_CTX*); +#endif + +/* end of handshake frees temporary arrays, if user needs for get_keys or + psk hints, call KeepArrays before handshake and then FreeArrays when done + if don't want to wait for object free */ +WOLFSSL_API void wolfSSL_KeepArrays(WOLFSSL*); +WOLFSSL_API void wolfSSL_FreeArrays(WOLFSSL*); + + +/* async additions */ +WOLFSSL_API int wolfSSL_UseAsync(WOLFSSL*, int devId); +WOLFSSL_API int wolfSSL_CTX_UseAsync(WOLFSSL_CTX*, int devId); + +/* TLS Extensions */ + +/* Server Name Indication */ +#ifdef HAVE_SNI + +/* SNI types */ +enum { + WOLFSSL_SNI_HOST_NAME = 0 +}; + +WOLFSSL_API int wolfSSL_UseSNI(WOLFSSL* ssl, unsigned char type, + const void* data, unsigned short size); +WOLFSSL_API int wolfSSL_CTX_UseSNI(WOLFSSL_CTX* ctx, unsigned char type, + const void* data, unsigned short size); + +#ifndef NO_WOLFSSL_SERVER + +/* SNI options */ +enum { + /* Do not abort the handshake if the requested SNI didn't match. */ + WOLFSSL_SNI_CONTINUE_ON_MISMATCH = 0x01, + + /* Behave as if the requested SNI matched in a case of mismatch. */ + /* In this case, the status will be set to WOLFSSL_SNI_FAKE_MATCH. */ + WOLFSSL_SNI_ANSWER_ON_MISMATCH = 0x02, + + /* Abort the handshake if the client didn't send a SNI request. */ + WOLFSSL_SNI_ABORT_ON_ABSENCE = 0x04, +}; + +WOLFSSL_API void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, unsigned char type, + unsigned char options); +WOLFSSL_API void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx, + unsigned char type, unsigned char options); + +/* SNI status */ +enum { + WOLFSSL_SNI_NO_MATCH = 0, + WOLFSSL_SNI_FAKE_MATCH = 1, /**< @see WOLFSSL_SNI_ANSWER_ON_MISMATCH */ + WOLFSSL_SNI_REAL_MATCH = 2, + WOLFSSL_SNI_FORCE_KEEP = 3 /** Used with -DWOLFSSL_ALWAYS_KEEP_SNI */ +}; + +WOLFSSL_API unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type); + +WOLFSSL_API unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl, + unsigned char type, void** data); +WOLFSSL_API int wolfSSL_SNI_GetFromBuffer( + const unsigned char* clientHello, unsigned int helloSz, + unsigned char type, unsigned char* sni, unsigned int* inOutSz); + +#endif +#endif + +/* Application-Layer Protocol Negotiation */ +#ifdef HAVE_ALPN + +/* ALPN status code */ +enum { + WOLFSSL_ALPN_NO_MATCH = 0, + WOLFSSL_ALPN_MATCH = 1, + WOLFSSL_ALPN_CONTINUE_ON_MISMATCH = 2, + WOLFSSL_ALPN_FAILED_ON_MISMATCH = 4, +}; + +enum { + WOLFSSL_MAX_ALPN_PROTO_NAME_LEN = 255, + WOLFSSL_MAX_ALPN_NUMBER = 257 +}; + +WOLFSSL_API int wolfSSL_UseALPN(WOLFSSL* ssl, char *protocol_name_list, + unsigned int protocol_name_listSz, + unsigned char options); + +WOLFSSL_API int wolfSSL_ALPN_GetProtocol(WOLFSSL* ssl, char **protocol_name, + unsigned short *size); + +WOLFSSL_API int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL* ssl, char **list, + unsigned short *listSz); +WOLFSSL_API int wolfSSL_ALPN_FreePeerProtocol(WOLFSSL* ssl, char **list); +#endif /* HAVE_ALPN */ + +/* Maximum Fragment Length */ +#ifdef HAVE_MAX_FRAGMENT + +/* Fragment lengths */ +enum { + WOLFSSL_MFL_2_9 = 1, /* 512 bytes */ + WOLFSSL_MFL_2_10 = 2, /* 1024 bytes */ + WOLFSSL_MFL_2_11 = 3, /* 2048 bytes */ + WOLFSSL_MFL_2_12 = 4, /* 4096 bytes */ + WOLFSSL_MFL_2_13 = 5 /* 8192 bytes *//* wolfSSL ONLY!!! */ +}; + +#ifndef NO_WOLFSSL_CLIENT + +WOLFSSL_API int wolfSSL_UseMaxFragment(WOLFSSL* ssl, unsigned char mfl); +WOLFSSL_API int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX* ctx, unsigned char mfl); + +#endif +#endif + +/* Truncated HMAC */ +#ifdef HAVE_TRUNCATED_HMAC +#ifndef NO_WOLFSSL_CLIENT + +WOLFSSL_API int wolfSSL_UseTruncatedHMAC(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx); + +#endif +#endif + +/* Certificate Status Request */ +/* Certificate Status Type */ +enum { + WOLFSSL_CSR_OCSP = 1 +}; + +/* Certificate Status Options (flags) */ +enum { + WOLFSSL_CSR_OCSP_USE_NONCE = 0x01 +}; + +#ifdef HAVE_CERTIFICATE_STATUS_REQUEST +#ifndef NO_WOLFSSL_CLIENT + +WOLFSSL_API int wolfSSL_UseOCSPStapling(WOLFSSL* ssl, + unsigned char status_type, unsigned char options); + +WOLFSSL_API int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx, + unsigned char status_type, unsigned char options); + +#endif +#endif + +/* Certificate Status Request v2 */ +/* Certificate Status Type */ +enum { + WOLFSSL_CSR2_OCSP = 1, + WOLFSSL_CSR2_OCSP_MULTI = 2 +}; + +/* Certificate Status v2 Options (flags) */ +enum { + WOLFSSL_CSR2_OCSP_USE_NONCE = 0x01 +}; + +#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 +#ifndef NO_WOLFSSL_CLIENT + +WOLFSSL_API int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl, + unsigned char status_type, unsigned char options); + +WOLFSSL_API int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx, + unsigned char status_type, unsigned char options); + +#endif +#endif + +/* Elliptic Curves */ +enum { +#if 0 /* Not Supported */ + WOLFSSL_ECC_SECT163K1 = 1, + WOLFSSL_ECC_SECT163R1 = 2, + WOLFSSL_ECC_SECT163R2 = 3, + WOLFSSL_ECC_SECT193R1 = 4, + WOLFSSL_ECC_SECT193R2 = 5, + WOLFSSL_ECC_SECT233K1 = 6, + WOLFSSL_ECC_SECT233R1 = 7, + WOLFSSL_ECC_SECT239K1 = 8, + WOLFSSL_ECC_SECT283K1 = 9, + WOLFSSL_ECC_SECT283R1 = 10, + WOLFSSL_ECC_SECT409K1 = 11, + WOLFSSL_ECC_SECT409R1 = 12, + WOLFSSL_ECC_SECT571K1 = 13, + WOLFSSL_ECC_SECT571R1 = 14, +#endif + WOLFSSL_ECC_SECP160K1 = 15, + WOLFSSL_ECC_SECP160R1 = 16, + WOLFSSL_ECC_SECP160R2 = 17, + WOLFSSL_ECC_SECP192K1 = 18, + WOLFSSL_ECC_SECP192R1 = 19, + WOLFSSL_ECC_SECP224K1 = 20, + WOLFSSL_ECC_SECP224R1 = 21, + WOLFSSL_ECC_SECP256K1 = 22, + WOLFSSL_ECC_SECP256R1 = 23, + WOLFSSL_ECC_SECP384R1 = 24, + WOLFSSL_ECC_SECP521R1 = 25, + WOLFSSL_ECC_BRAINPOOLP256R1 = 26, + WOLFSSL_ECC_BRAINPOOLP384R1 = 27, + WOLFSSL_ECC_BRAINPOOLP512R1 = 28, +}; + +#ifdef HAVE_SUPPORTED_CURVES +#ifndef NO_WOLFSSL_CLIENT + +WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, unsigned short name); +WOLFSSL_API int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, + unsigned short name); + +#endif +#endif + + +/* Secure Renegotiation */ +#ifdef HAVE_SECURE_RENEGOTIATION + +WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL* ssl); + +#endif + +/* Session Ticket */ +#ifdef HAVE_SESSION_TICKET + +#ifndef NO_WOLFSSL_CLIENT +WOLFSSL_API int wolfSSL_UseSessionTicket(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx); +WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL*, unsigned char*, unsigned int*); +WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL*, unsigned char*, unsigned int); +typedef int (*CallbackSessionTicket)(WOLFSSL*, const unsigned char*, int, void*); +WOLFSSL_API int wolfSSL_set_SessionTicket_cb(WOLFSSL*, + CallbackSessionTicket, void*); +#endif /* NO_WOLFSSL_CLIENT */ + +#ifndef NO_WOLFSSL_SERVER + +#define WOLFSSL_TICKET_NAME_SZ 16 +#define WOLFSSL_TICKET_IV_SZ 16 +#define WOLFSSL_TICKET_MAC_SZ 32 + +enum TicketEncRet { + WOLFSSL_TICKET_RET_FATAL = -1, /* fatal error, don't use ticket */ + WOLFSSL_TICKET_RET_OK = 0, /* ok, use ticket */ + WOLFSSL_TICKET_RET_REJECT, /* don't use ticket, but not fatal */ + WOLFSSL_TICKET_RET_CREATE /* existing ticket ok and create new one */ +}; + +typedef int (*SessionTicketEncCb)(WOLFSSL*, + unsigned char key_name[WOLFSSL_TICKET_NAME_SZ], + unsigned char iv[WOLFSSL_TICKET_IV_SZ], + unsigned char mac[WOLFSSL_TICKET_MAC_SZ], + int enc, unsigned char*, int, int*, void*); +WOLFSSL_API int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx, + SessionTicketEncCb); +WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int); +WOLFSSL_API int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*); + +#endif /* NO_WOLFSSL_SERVER */ + +#endif /* HAVE_SESSION_TICKET */ + +#ifdef HAVE_QSH +/* Quantum-safe Crypto Schemes */ +enum { + WOLFSSL_NTRU_EESS439 = 0x0101, /* max plaintext length of 65 */ + WOLFSSL_NTRU_EESS593 = 0x0102, /* max plaintext length of 86 */ + WOLFSSL_NTRU_EESS743 = 0x0103, /* max plaintext length of 106 */ + WOLFSSL_LWE_XXX = 0x0201, /* Learning With Error encryption scheme */ + WOLFSSL_HFE_XXX = 0x0301, /* Hidden Field Equation scheme */ + WOLFSSL_NULL_QSH = 0xFFFF /* QSHScheme is not used */ +}; + + +/* test if the connection is using a QSH secure connection return 1 if so */ +WOLFSSL_API int wolfSSL_isQSH(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_UseSupportedQSH(WOLFSSL* ssl, unsigned short name); +#ifndef NO_WOLFSSL_CLIENT + /* user control over sending client public key in hello + when flag = 1 will send keys if flag is 0 or function is not called + then will not send keys in the hello extension */ + WOLFSSL_API int wolfSSL_UseClientQSHKeys(WOLFSSL* ssl, unsigned char flag); +#endif +#endif + +/* TLS Extended Master Secret Extension */ +WOLFSSL_API int wolfSSL_DisableExtendedMasterSecret(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_CTX_DisableExtendedMasterSecret(WOLFSSL_CTX* ctx); + + +#define WOLFSSL_CRL_MONITOR 0x01 /* monitor this dir flag */ +#define WOLFSSL_CRL_START_MON 0x02 /* start monitoring flag */ + + +/* notify user the handshake is done */ +typedef int (*HandShakeDoneCb)(WOLFSSL*, void*); +WOLFSSL_API int wolfSSL_SetHsDoneCb(WOLFSSL*, HandShakeDoneCb, void*); + + +WOLFSSL_API int wolfSSL_PrintSessionStats(void); +WOLFSSL_API int wolfSSL_get_session_stats(unsigned int* active, + unsigned int* total, + unsigned int* peak, + unsigned int* maxSessions); +/* External facing KDF */ +WOLFSSL_API +int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, unsigned int msLen, + const unsigned char* pms, unsigned int pmsLen, + const unsigned char* cr, const unsigned char* sr, + int tls1_2, int hash_type); + +WOLFSSL_API +int wolfSSL_MakeTlsExtendedMasterSecret(unsigned char* ms, unsigned int msLen, + const unsigned char* pms, unsigned int pmsLen, + const unsigned char* sHash, unsigned int sHashLen, + int tls1_2, int hash_type); + +WOLFSSL_API +int wolfSSL_DeriveTlsKeys(unsigned char* key_data, unsigned int keyLen, + const unsigned char* ms, unsigned int msLen, + const unsigned char* sr, const unsigned char* cr, + int tls1_2, int hash_type); + +#ifdef WOLFSSL_CALLBACKS + +/* used internally by wolfSSL while OpenSSL types aren't */ +#include + +typedef int (*HandShakeCallBack)(HandShakeInfo*); +typedef int (*TimeoutCallBack)(TimeoutInfo*); + +/* wolfSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack + for diagnostics */ +WOLFSSL_API int wolfSSL_connect_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, + Timeval); +WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, + Timeval); + +#endif /* WOLFSSL_CALLBACKS */ + + +#ifdef WOLFSSL_HAVE_WOLFSCEP + WOLFSSL_API void wolfSSL_wolfSCEP(void); +#endif /* WOLFSSL_HAVE_WOLFSCEP */ + +#ifdef WOLFSSL_HAVE_CERT_SERVICE + WOLFSSL_API void wolfSSL_cert_service(void); +#endif + +#if defined(WOLFSSL_MYSQL_COMPATIBLE) +WOLFSSL_API char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* time, + char* buf, int len); +#endif /* WOLFSSL_MYSQL_COMPATIBLE */ + +#ifdef OPENSSL_EXTRA + +WOLFSSL_API int wolfSSL_get_client_random(WOLFSSL* ssl, unsigned char* out, + int outSz); + + +/*lighttp compatibility */ + +#include +struct WOLFSSL_X509_NAME_ENTRY { + WOLFSSL_ASN1_OBJECT* object; /* not defined yet */ + WOLFSSL_ASN1_STRING data; + WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ + int set; + int size; +}; + +#if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) +WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name); +WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x); +WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey); +WOLFSSL_API int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name); +WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_file(void); +/* These are to be merged shortly */ +WOLFSSL_API const char * wolf_OBJ_nid2sn(int n); +WOLFSSL_API int wolf_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o); +WOLFSSL_API int wolf_OBJ_sn2nid(const char *sn); +WOLFSSL_API WOLFSSL_X509 *PEM_read_bio_WOLFSSL_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); +WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); +WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl); +WOLFSSL_API void wolfSSL_set_app_data(WOLFSSL *ssl, void *arg); +WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne); +WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc); +WOLFSSL_API void wolfSSL_sk_X509_NAME_pop_free(STACK_OF(WOLFSSL_X509_NAME)* sk, void f (WOLFSSL_X509_NAME*)); +WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md); +WOLFSSL_API int wolfSSL_X509_check_private_key(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*); +WOLFSSL_API STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( STACK_OF(WOLFSSL_X509_NAME) *sk ); + +/* end lighttpd, mysql, have_stunnel*/ +#endif +#endif + +#if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) \ + || defined(WOLFSSL_MYSQL_COMPATIBLE) + +WOLFSSL_API char * wolf_OBJ_nid2ln(int n); +WOLFSSL_API int wolf_OBJ_txt2nid(const char *sn); +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode); +WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*); +WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp, + WOLFSSL_DH **x, pem_password_cb *cb, void *u); +WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x); + + +#endif /* HAVE_STUNNEL || HAVE_LIGHTY */ + + +#ifdef HAVE_STUNNEL + +#include + +/* SNI received callback type */ +typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg); + +WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), + void *(*r) (void *, size_t, const char *, int), void (*f) (void *)); + +WOLFSSL_API WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator, + void (*callback) (int, int, void *), void *cb_arg); + +WOLFSSL_API int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH*, int, int, + void (*callback) (int, int, void *)); + +WOLFSSL_API void wolfSSL_ERR_load_crypto_strings(void); + +WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error(void); + +WOLFSSL_API int wolfSSL_FIPS_mode(void); + +WOLFSSL_API int wolfSSL_FIPS_mode_set(int r); + +WOLFSSL_API int wolfSSL_RAND_set_rand_method(const void *meth); + +WOLFSSL_API int wolfSSL_CIPHER_get_bits(const WOLFSSL_CIPHER *c, int *alg_bits); + +WOLFSSL_API int wolfSSL_sk_X509_NAME_num(const STACK_OF(WOLFSSL_X509_NAME) *s); + +WOLFSSL_API int wolfSSL_sk_X509_num(const STACK_OF(WOLFSSL_X509) *s); + +WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int, + unsigned long); + +WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr( + const WOLFSSL_X509*); + +WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*); + +WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl); + +WOLFSSL_API int wolfSSL_version(WOLFSSL*); + +WOLFSSL_API int wolfSSL_get_state(const WOLFSSL*); + +WOLFSSL_API void* wolfSSL_sk_X509_NAME_value(const STACK_OF(WOLFSSL_X509_NAME)*, int); + +WOLFSSL_API void* wolfSSL_sk_X509_value(STACK_OF(WOLFSSL_X509)*, int); + +WOLFSSL_API STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*); + +WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx); + +WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int); + +WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*); + +WOLFSSL_API int wolfSSL_SESSION_get_ex_new_index(long,void*,void*,void*, + CRYPTO_free_func*); + +WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*); + + +WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*, + unsigned int*); + +WOLFSSL_API int wolfSSL_set_tlsext_host_name(WOLFSSL *, const char *); + +WOLFSSL_API const char* wolfSSL_get_servername(WOLFSSL *, unsigned char); + +WOLFSSL_API WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL*,WOLFSSL_CTX*); + +WOLFSSL_API VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX*); + +WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *, + CallbackSniRecv); + +WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*); + +WOLFSSL_API void WOLFSSL_ERR_remove_thread_state(void*); + +WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long); + +WOLFSSL_API void wolfSSL_THREADID_set_callback(void (*threadid_func)(void*)); + +WOLFSSL_API void wolfSSL_THREADID_set_numeric(void* id, unsigned long val); + +WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_get1_certs(WOLFSSL_X509_STORE_CTX*, + WOLFSSL_X509_NAME*); + +WOLFSSL_API void wolfSSL_sk_X509_pop_free(STACK_OF(WOLFSSL_X509)* sk, void f (WOLFSSL_X509*)); +#endif /* HAVE_STUNNEL */ + +#if defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) + +WOLFSSL_API int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx); + +#endif + +#ifdef WOLFSSL_JNI +WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr); +WOLFSSL_API void* wolfSSL_get_jobject(WOLFSSL* ssl); +#endif /* WOLFSSL_JNI */ + + +#ifdef WOLFSSL_ASYNC_CRYPT +WOLFSSL_API int wolfSSL_AsyncPoll(WOLFSSL* ssl, WOLF_EVENT_FLAG flags); +WOLFSSL_API int wolfSSL_CTX_AsyncPoll(WOLFSSL_CTX* ctx, WOLF_EVENT** events, int maxEvents, + WOLF_EVENT_FLAG flags, int* eventCount); +#endif /* WOLFSSL_ASYNC_CRYPT */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* WOLFSSL_SSL_H */ diff --git a/ccc/dist/lib/include/wolfssl/test.h b/ccc/dist/lib/include/wolfssl/test.h new file mode 100644 index 0000000..e0a3c1a --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/test.h @@ -0,0 +1,2085 @@ +/* test.h */ + +#ifndef wolfSSL_TEST_H +#define wolfSSL_TEST_H + +#include +#include +#include +#include +#include +#include +#include +#include + +#ifdef ATOMIC_USER + #include + #include + #include +#endif +#ifdef HAVE_PK_CALLBACKS + #include + #ifdef HAVE_ECC + #include + #endif /* HAVE_ECC */ +#endif /*HAVE_PK_CALLBACKS */ + +#ifdef USE_WINDOWS_API + #include + #include + #ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */ + #include + #include + #endif + #define SOCKET_T SOCKET + #define SNPRINTF _snprintf +#elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) + #include + #include "rl_net.h" + #define SOCKET_T int + typedef int socklen_t ; + static unsigned long inet_addr(const char *cp) + { + unsigned int a[4] ; unsigned long ret ; + sscanf(cp, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]) ; + ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ; + return(ret) ; + } + #if defined(HAVE_KEIL_RTX) + #define sleep(t) os_dly_wait(t/1000+1) ; + #elif defined (WOLFSSL_CMSIS_RTOS) + #define sleep(t) osDelay(t/1000+1) ; + #endif + + static int wolfssl_tcp_select(int sd, int timeout) + { return 0 ; } + #define tcp_select(sd,t) wolfssl_tcp_select(sd, t) /* avoid conflicting Keil TCP tcp_select */ +#elif defined(WOLFSSL_TIRTOS) + #include + #include + #include + #include + #include + #include + struct hostent { + char *h_name; /* official name of host */ + char **h_aliases; /* alias list */ + int h_addrtype; /* host address type */ + int h_length; /* length of address */ + char **h_addr_list; /* list of addresses from name server */ + }; + #define SOCKET_T int +#elif defined(WOLFSSL_VXWORKS) + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + #define SOCKET_T int +#else + #include + #include +#ifndef WOLFSSL_LEANPSK + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + #ifdef TEST_IPV6 + #include + #endif +#endif + #define SOCKET_T int + #ifndef SO_NOSIGPIPE + #include /* ignore SIGPIPE */ + #endif + #define SNPRINTF snprintf +#endif /* USE_WINDOWS_API */ + +#ifdef WOLFSSL_ASYNC_CRYPT + #include +#endif +#ifdef HAVE_CAVIUM + #include +#endif + +#ifdef _MSC_VER + /* disable conversion warning */ + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable:4244 4996) +#endif + +/* Buffer for benchmark tests */ +#ifndef TEST_BUFFER_SIZE +#define TEST_BUFFER_SIZE 16384 +#endif + +#ifndef WOLFSSL_HAVE_MIN + #define WOLFSSL_HAVE_MIN + static INLINE word32 min(word32 a, word32 b) + { + return a > b ? b : a; + } +#endif /* WOLFSSL_HAVE_MIN */ + +/* Socket Handling */ +#ifndef WOLFSSL_SOCKET_INVALID +#ifdef USE_WINDOWS_API + #define WOLFSSL_SOCKET_INVALID ((SOCKET_T)INVALID_SOCKET) +#elif defined(WOLFSSL_TIRTOS) + #define WOLFSSL_SOCKET_INVALID ((SOCKET_T)-1) +#else + #define WOLFSSL_SOCKET_INVALID (SOCKET_T)(0) +#endif +#endif /* WOLFSSL_SOCKET_INVALID */ + +#ifndef WOLFSSL_SOCKET_IS_INVALID +#if defined(USE_WINDOWS_API) || defined(WOLFSSL_TIRTOS) + #define WOLFSSL_SOCKET_IS_INVALID(s) ((SOCKET_T)(s) == WOLFSSL_SOCKET_INVALID) +#else + #define WOLFSSL_SOCKET_IS_INVALID(s) ((SOCKET_T)(s) < WOLFSSL_SOCKET_INVALID) +#endif +#endif /* WOLFSSL_SOCKET_IS_INVALID */ + +#if defined(__MACH__) || defined(USE_WINDOWS_API) + #ifndef _SOCKLEN_T + typedef int socklen_t; + #endif +#endif + + +/* HPUX doesn't use socklent_t for third parameter to accept, unless + _XOPEN_SOURCE_EXTENDED is defined */ +#if !defined(__hpux__) && !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM)\ + && !defined(WOLFSSL_ROWLEY_ARM) && !defined(WOLFSSL_KEIL_TCP_NET) + typedef socklen_t* ACCEPT_THIRD_T; +#else + #if defined _XOPEN_SOURCE_EXTENDED + typedef socklen_t* ACCEPT_THIRD_T; + #else + typedef int* ACCEPT_THIRD_T; + #endif +#endif + + +#ifdef USE_WINDOWS_API + #define CloseSocket(s) closesocket(s) + #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); } +#elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) + #define CloseSocket(s) closesocket(s) + #define StartTCP() +#else + #define CloseSocket(s) close(s) + #define StartTCP() +#endif + + +#ifdef SINGLE_THREADED + typedef unsigned int THREAD_RETURN; + typedef void* THREAD_TYPE; + #define WOLFSSL_THREAD +#else + #if defined(_POSIX_THREADS) && !defined(__MINGW32__) + typedef void* THREAD_RETURN; + typedef pthread_t THREAD_TYPE; + #define WOLFSSL_THREAD + #define INFINITE -1 + #define WAIT_OBJECT_0 0L + #elif defined(WOLFSSL_MDK_ARM)|| defined(WOLFSSL_KEIL_TCP_NET) + typedef unsigned int THREAD_RETURN; + typedef int THREAD_TYPE; + #define WOLFSSL_THREAD + #elif defined(WOLFSSL_TIRTOS) + typedef void THREAD_RETURN; + typedef Task_Handle THREAD_TYPE; + #define WOLFSSL_THREAD + #else + typedef unsigned int THREAD_RETURN; + typedef intptr_t THREAD_TYPE; + #define WOLFSSL_THREAD __stdcall + #endif +#endif + + +#ifdef TEST_IPV6 + typedef struct sockaddr_in6 SOCKADDR_IN_T; + #define AF_INET_V AF_INET6 +#else + typedef struct sockaddr_in SOCKADDR_IN_T; + #define AF_INET_V AF_INET +#endif + + +#define SERVER_DEFAULT_VERSION 3 +#define SERVER_DTLS_DEFAULT_VERSION (-2) +#define SERVER_INVALID_VERSION (-99) +#define CLIENT_DEFAULT_VERSION 3 +#define CLIENT_DTLS_DEFAULT_VERSION (-2) +#define CLIENT_INVALID_VERSION (-99) +#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH) + #define DEFAULT_MIN_DHKEY_BITS 2048 +#else + #define DEFAULT_MIN_DHKEY_BITS 1024 +#endif +#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH) + #define DEFAULT_MIN_RSAKEY_BITS 2048 +#else + #define DEFAULT_MIN_RSAKEY_BITS 1024 +#endif +#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH) + #define DEFAULT_MIN_ECCKEY_BITS 256 +#else + #define DEFAULT_MIN_ECCKEY_BITS 224 +#endif + +/* all certs relative to wolfSSL home directory now */ +#if defined(WOLFSSL_NO_CURRDIR) || defined(WOLFSSL_MDK_SHELL) +#define caCert "certs/ca-cert.pem" +#define eccCert "certs/server-ecc.pem" +#define eccKey "certs/ecc-key.pem" +#define svrCert "certs/server-cert.pem" +#define svrKey "certs/server-key.pem" +#define cliCert "certs/client-cert.pem" +#define cliKey "certs/client-key.pem" +#define ntruCert "certs/ntru-cert.pem" +#define ntruKey "certs/ntru-key.raw" +#define dhParam "certs/dh2048.pem" +#define cliEccKey "certs/ecc-client-key.pem" +#define cliEccCert "certs/client-ecc-cert.pem" +#define crlPemDir "certs/crl" +#ifdef HAVE_WNR + /* Whitewood netRandom default config file */ + #define wnrConfig "wnr-example.conf" +#endif +#else +#define caCert "./certs/ca-cert.pem" +#define eccCert "./certs/server-ecc.pem" +#define eccKey "./certs/ecc-key.pem" +#define svrCert "./certs/server-cert.pem" +#define svrKey "./certs/server-key.pem" +#define cliCert "./certs/client-cert.pem" +#define cliKey "./certs/client-key.pem" +#define ntruCert "./certs/ntru-cert.pem" +#define ntruKey "./certs/ntru-key.raw" +#define dhParam "./certs/dh2048.pem" +#define cliEccKey "./certs/ecc-client-key.pem" +#define cliEccCert "./certs/client-ecc-cert.pem" +#define crlPemDir "./certs/crl" +#ifdef HAVE_WNR + /* Whitewood netRandom default config file */ + #define wnrConfig "./wnr-example.conf" +#endif +#endif + +typedef struct tcp_ready { + word16 ready; /* predicate */ + word16 port; + char* srfName; /* server ready file name */ +#if defined(_POSIX_THREADS) && !defined(__MINGW32__) + pthread_mutex_t mutex; + pthread_cond_t cond; +#endif +} tcp_ready; + + +static INLINE void InitTcpReady(tcp_ready* ready) +{ + ready->ready = 0; + ready->port = 0; + ready->srfName = NULL; +#ifdef SINGLE_THREADED +#elif defined(_POSIX_THREADS) && !defined(__MINGW32__) + pthread_mutex_init(&ready->mutex, 0); + pthread_cond_init(&ready->cond, 0); +#endif +} + + +static INLINE void FreeTcpReady(tcp_ready* ready) +{ +#ifdef SINGLE_THREADED + (void)ready; +#elif defined(_POSIX_THREADS) && !defined(__MINGW32__) + pthread_mutex_destroy(&ready->mutex); + pthread_cond_destroy(&ready->cond); +#else + (void)ready; +#endif +} + +typedef WOLFSSL_METHOD* (*method_provider)(void); +typedef void (*ctx_callback)(WOLFSSL_CTX* ctx); +typedef void (*ssl_callback)(WOLFSSL* ssl); + +typedef struct callback_functions { + method_provider method; + ctx_callback ctx_ready; + ssl_callback ssl_ready; + ssl_callback on_result; +} callback_functions; + +typedef struct func_args { + int argc; + char** argv; + int return_code; + tcp_ready* signal; + callback_functions *callbacks; +} func_args; + + + + +void wait_tcp_ready(func_args*); + +typedef THREAD_RETURN WOLFSSL_THREAD THREAD_FUNC(void*); + +void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*); +void join_thread(THREAD_TYPE); + +/* wolfSSL */ +#ifndef TEST_IPV6 + static const char* const wolfSSLIP = "127.0.0.1"; +#else + static const char* const wolfSSLIP = "::1"; +#endif +static const word16 wolfSSLPort = 11111; + + +#if defined(__GNUC__) + #define WC_NORETURN __attribute__((noreturn)) +#else + #define WC_NORETURN +#endif + +static INLINE WC_NORETURN void err_sys(const char* msg) +{ + printf("wolfSSL error: %s\n", msg); + +#if !defined(__GNUC__) + /* scan-build (which pretends to be gnuc) can get confused and think the + * msg pointer can be null even when hardcoded and then it won't exit, + * making null pointer checks above the err_sys() call useless. + * We could just always exit() but some compilers will complain about no + * possible return, with gcc we know the attribute to handle that with + * WC_NORETURN. */ + if (msg) +#endif + { + exit(EXIT_FAILURE); + } +} + + +#define MY_EX_USAGE 2 + +extern int myoptind; +extern char* myoptarg; + +static INLINE int mygetopt(int argc, char** argv, const char* optstring) +{ + static char* next = NULL; + + char c; + char* cp; + + if (myoptind == 0) + next = NULL; /* we're starting new/over */ + + if (next == NULL || *next == '\0') { + if (myoptind == 0) + myoptind++; + + if (myoptind >= argc || argv[myoptind][0] != '-' || + argv[myoptind][1] == '\0') { + myoptarg = NULL; + if (myoptind < argc) + myoptarg = argv[myoptind]; + + return -1; + } + + if (strcmp(argv[myoptind], "--") == 0) { + myoptind++; + myoptarg = NULL; + + if (myoptind < argc) + myoptarg = argv[myoptind]; + + return -1; + } + + next = argv[myoptind]; + next++; /* skip - */ + myoptind++; + } + + c = *next++; + /* The C++ strchr can return a different value */ + cp = (char*)strchr(optstring, c); + + if (cp == NULL || c == ':') + return '?'; + + cp++; + + if (*cp == ':') { + if (*next != '\0') { + myoptarg = next; + next = NULL; + } + else if (myoptind < argc) { + myoptarg = argv[myoptind]; + myoptind++; + } + else + return '?'; + } + + return c; +} + + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + +static INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata) +{ + (void)rw; + (void)userdata; + strncpy(passwd, "yassl123", sz); + return 8; +} + +#endif + + +#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) + +static INLINE void ShowX509(WOLFSSL_X509* x509, const char* hdr) +{ + char* altName; + char* issuer; + char* subject; + byte serial[32]; + int ret; + int sz = sizeof(serial); + + if (x509 == NULL) { + printf("%s No Cert\n", hdr); + return; + } + + issuer = wolfSSL_X509_NAME_oneline( + wolfSSL_X509_get_issuer_name(x509), 0, 0); + subject = wolfSSL_X509_NAME_oneline( + wolfSSL_X509_get_subject_name(x509), 0, 0); + + printf("%s\n issuer : %s\n subject: %s\n", hdr, issuer, subject); + + while ( (altName = wolfSSL_X509_get_next_altname(x509)) != NULL) + printf(" altname = %s\n", altName); + + ret = wolfSSL_X509_get_serial_number(x509, serial, &sz); + if (ret == SSL_SUCCESS) { + int i; + int strLen; + char serialMsg[80]; + + /* testsuite has multiple threads writing to stdout, get output + message ready to write once */ + strLen = sprintf(serialMsg, " serial number"); + for (i = 0; i < sz; i++) + sprintf(serialMsg + strLen + (i*3), ":%02x ", serial[i]); + printf("%s\n", serialMsg); + } + + XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL); + XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL); +} + +#endif /* KEEP_PEER_CERT || SESSION_CERTS */ + + +static INLINE void showPeer(WOLFSSL* ssl) +{ + + WOLFSSL_CIPHER* cipher; +#ifdef KEEP_PEER_CERT + WOLFSSL_X509* peer = wolfSSL_get_peer_certificate(ssl); + if (peer) + ShowX509(peer, "peer's cert info:"); + else + printf("peer has no cert!\n"); + wolfSSL_FreeX509(peer); +#endif +#if defined(SHOW_CERTS) && defined(OPENSSL_EXTRA) && defined(KEEP_OUR_CERT) + ShowX509(wolfSSL_get_certificate(ssl), "our cert info:"); +#endif /* SHOW_CERTS */ + printf("SSL version is %s\n", wolfSSL_get_version(ssl)); + + cipher = wolfSSL_get_current_cipher(ssl); +#ifdef HAVE_QSH + printf("SSL cipher suite is %s%s\n", (wolfSSL_isQSH(ssl))? "QSH:": "", + wolfSSL_CIPHER_get_name(cipher)); +#else + printf("SSL cipher suite is %s\n", wolfSSL_CIPHER_get_name(cipher)); +#endif + +#if defined(SESSION_CERTS) && defined(SHOW_CERTS) + { + WOLFSSL_X509_CHAIN* chain = wolfSSL_get_peer_chain(ssl); + int count = wolfSSL_get_chain_count(chain); + int i; + + for (i = 0; i < count; i++) { + int length; + unsigned char buffer[3072]; + WOLFSSL_X509* chainX509; + + wolfSSL_get_chain_cert_pem(chain,i,buffer, sizeof(buffer), &length); + buffer[length] = 0; + printf("cert %d has length %d data = \n%s\n", i, length, buffer); + + chainX509 = wolfSSL_get_chain_X509(chain, i); + if (chainX509) + ShowX509(chainX509, "session cert info:"); + else + printf("get_chain_X509 failed\n"); + wolfSSL_FreeX509(chainX509); + } + } +#endif + (void)ssl; +} + + +static INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer, + word16 port, int udp, int sctp) +{ + int useLookup = 0; + (void)useLookup; + (void)udp; + (void)sctp; + + if (addr == NULL) + err_sys("invalid argument to build_addr, addr is NULL"); + + memset(addr, 0, sizeof(SOCKADDR_IN_T)); + +#ifndef TEST_IPV6 + /* peer could be in human readable form */ + if ( (peer != INADDR_ANY) && isalpha((int)peer[0])) { + #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) + int err; + struct hostent* entry = gethostbyname(peer, &err); + #elif defined(WOLFSSL_TIRTOS) + struct hostent* entry = DNSGetHostByName(peer); + #elif defined(WOLFSSL_VXWORKS) + struct hostent* entry = (struct hostent*)hostGetByName((char*)peer); + #else + struct hostent* entry = gethostbyname(peer); + #endif + + if (entry) { + XMEMCPY(&addr->sin_addr.s_addr, entry->h_addr_list[0], + entry->h_length); + useLookup = 1; + } + else + err_sys("no entry for host"); + } +#endif + + +#ifndef TEST_IPV6 + #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) + addr->sin_family = PF_INET; + #else + addr->sin_family = AF_INET_V; + #endif + addr->sin_port = htons(port); + if (peer == INADDR_ANY) + addr->sin_addr.s_addr = INADDR_ANY; + else { + if (!useLookup) + addr->sin_addr.s_addr = inet_addr(peer); + } +#else + addr->sin6_family = AF_INET_V; + addr->sin6_port = htons(port); + if (peer == INADDR_ANY) + addr->sin6_addr = in6addr_any; + else { + #ifdef HAVE_GETADDRINFO + struct addrinfo hints; + struct addrinfo* answer = NULL; + int ret; + char strPort[80]; + + memset(&hints, 0, sizeof(hints)); + + hints.ai_family = AF_INET_V; + if (udp) { + hints.ai_socktype = SOCK_DGRAM; + hints.ai_protocol = IPPROTO_UDP; + } + #ifdef WOLFSSL_SCTP + else if (sctp) { + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_SCTP; + } + #endif + else { + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + } + + SNPRINTF(strPort, sizeof(strPort), "%d", port); + strPort[79] = '\0'; + + ret = getaddrinfo(peer, strPort, &hints, &answer); + if (ret < 0 || answer == NULL) + err_sys("getaddrinfo failed"); + + XMEMCPY(addr, answer->ai_addr, answer->ai_addrlen); + freeaddrinfo(answer); + #else + printf("no ipv6 getaddrinfo, loopback only tests/examples\n"); + addr->sin6_addr = in6addr_loopback; + #endif + } +#endif +} + + +static INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp) +{ + if (udp) + *sockfd = socket(AF_INET_V, SOCK_DGRAM, IPPROTO_UDP); +#ifdef WOLFSSL_SCTP + else if (sctp) + *sockfd = socket(AF_INET_V, SOCK_STREAM, IPPROTO_SCTP); +#endif + else + *sockfd = socket(AF_INET_V, SOCK_STREAM, IPPROTO_TCP); + + if(WOLFSSL_SOCKET_IS_INVALID(*sockfd)) { + err_sys("socket failed\n"); + } + +#ifndef USE_WINDOWS_API +#ifdef SO_NOSIGPIPE + { + int on = 1; + socklen_t len = sizeof(on); + int res = setsockopt(*sockfd, SOL_SOCKET, SO_NOSIGPIPE, &on, len); + if (res < 0) + err_sys("setsockopt SO_NOSIGPIPE failed\n"); + } +#elif defined(WOLFSSL_MDK_ARM) || defined (WOLFSSL_TIRTOS) ||\ + defined(WOLFSSL_KEIL_TCP_NET) + /* nothing to define */ +#else /* no S_NOSIGPIPE */ + signal(SIGPIPE, SIG_IGN); +#endif /* S_NOSIGPIPE */ + +#if defined(TCP_NODELAY) + if (!udp && !sctp) + { + int on = 1; + socklen_t len = sizeof(on); + int res = setsockopt(*sockfd, IPPROTO_TCP, TCP_NODELAY, &on, len); + if (res < 0) + err_sys("setsockopt TCP_NODELAY failed\n"); + } +#endif +#endif /* USE_WINDOWS_API */ +} + +static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port, + int udp, int sctp, WOLFSSL* ssl) +{ + SOCKADDR_IN_T addr; + build_addr(&addr, ip, port, udp, sctp); + if (udp) { + wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + } + tcp_socket(sockfd, udp, sctp); + + if (!udp) { + if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) + err_sys("tcp connect failed"); + } +} + + +static INLINE void udp_connect(SOCKET_T* sockfd, void* addr, int addrSz) +{ + if (connect(*sockfd, (const struct sockaddr*)addr, addrSz) != 0) + err_sys("tcp connect failed"); +} + + +enum { + TEST_SELECT_FAIL, + TEST_TIMEOUT, + TEST_RECV_READY, + TEST_ERROR_READY +}; + + +#if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_TCP_NET) && \ + !defined(WOLFSSL_TIRTOS) +static INLINE int tcp_select(SOCKET_T socketfd, int to_sec) +{ + fd_set recvfds, errfds; + SOCKET_T nfds = socketfd + 1; + struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0}; + int result; + + FD_ZERO(&recvfds); + FD_SET(socketfd, &recvfds); + FD_ZERO(&errfds); + FD_SET(socketfd, &errfds); + + result = select(nfds, &recvfds, NULL, &errfds, &timeout); + + if (result == 0) + return TEST_TIMEOUT; + else if (result > 0) { + if (FD_ISSET(socketfd, &recvfds)) + return TEST_RECV_READY; + else if(FD_ISSET(socketfd, &errfds)) + return TEST_ERROR_READY; + } + + return TEST_SELECT_FAIL; +} +#elif defined(WOLFSSL_TIRTOS) +static INLINE int tcp_select(SOCKET_T socketfd, int to_sec) +{ + return TEST_RECV_READY; +} +#endif /* !WOLFSSL_MDK_ARM */ + + +static INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr, + int udp, int sctp) +{ + SOCKADDR_IN_T addr; + + /* don't use INADDR_ANY by default, firewall may block, make user switch + on */ + build_addr(&addr, (useAnyAddr ? INADDR_ANY : wolfSSLIP), *port, udp, sctp); + tcp_socket(sockfd, udp, sctp); + +#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_ARM)\ + && !defined(WOLFSSL_KEIL_TCP_NET) + { + int res, on = 1; + socklen_t len = sizeof(on); + res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len); + if (res < 0) + err_sys("setsockopt SO_REUSEADDR failed\n"); + } +#endif + + if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) + err_sys("tcp bind failed"); + if (!udp) { + if (listen(*sockfd, 5) != 0) + err_sys("tcp listen failed"); + } + #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS) + if (*port == 0) { + socklen_t len = sizeof(addr); + if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) { + #ifndef TEST_IPV6 + *port = ntohs(addr.sin_port); + #else + *port = ntohs(addr.sin6_port); + #endif + } + } + #endif +} + + +#if 0 +static INLINE int udp_read_connect(SOCKET_T sockfd) +{ + SOCKADDR_IN_T cliaddr; + byte b[1500]; + int n; + socklen_t len = sizeof(cliaddr); + + n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK, + (struct sockaddr*)&cliaddr, &len); + if (n > 0) { + if (connect(sockfd, (const struct sockaddr*)&cliaddr, + sizeof(cliaddr)) != 0) + err_sys("udp connect failed"); + } + else + err_sys("recvfrom failed"); + + return sockfd; +} +#endif + +static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, + int useAnyAddr, word16 port, func_args* args) +{ + SOCKADDR_IN_T addr; + + (void)args; + build_addr(&addr, (useAnyAddr ? INADDR_ANY : wolfSSLIP), port, 1, 0); + tcp_socket(sockfd, 1, 0); + + +#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_ARM) \ + && !defined(WOLFSSL_KEIL_TCP_NET) + { + int res, on = 1; + socklen_t len = sizeof(on); + res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len); + if (res < 0) + err_sys("setsockopt SO_REUSEADDR failed\n"); + } +#endif + + if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) + err_sys("tcp bind failed"); + + #if (defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API)) && !defined(WOLFSSL_TIRTOS) + if (port == 0) { + socklen_t len = sizeof(addr); + if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) { + #ifndef TEST_IPV6 + port = ntohs(addr.sin_port); + #else + port = ntohs(addr.sin6_port); + #endif + } + } + #endif + +#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) + /* signal ready to accept data */ + { + tcp_ready* ready = args->signal; + pthread_mutex_lock(&ready->mutex); + ready->ready = 1; + ready->port = port; + pthread_cond_signal(&ready->cond); + pthread_mutex_unlock(&ready->mutex); + } +#elif defined (WOLFSSL_TIRTOS) + /* Need mutex? */ + tcp_ready* ready = args->signal; + ready->ready = 1; + ready->port = port; +#endif + + *clientfd = *sockfd; +} + +static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, + func_args* args, word16 port, int useAnyAddr, + int udp, int sctp, int ready_file, int do_listen) +{ + SOCKADDR_IN_T client; + socklen_t client_len = sizeof(client); + tcp_ready* ready = NULL; + + (void) ready; /* Account for case when "ready" is not used */ + + if (udp) { + udp_accept(sockfd, clientfd, useAnyAddr, port, args); + return; + } + + if(do_listen) { + tcp_listen(sockfd, &port, useAnyAddr, udp, sctp); + + #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) + /* signal ready to tcp_accept */ + if (args) + ready = args->signal; + if (ready) { + pthread_mutex_lock(&ready->mutex); + ready->ready = 1; + ready->port = port; + pthread_cond_signal(&ready->cond); + pthread_mutex_unlock(&ready->mutex); + } + #elif defined (WOLFSSL_TIRTOS) + /* Need mutex? */ + if (args) + ready = args->signal; + if (ready) { + ready->ready = 1; + ready->port = port; + } + #endif + + if (ready_file) { + #if !defined(NO_FILESYSTEM) || defined(FORCE_BUFFER_TEST) + FILE* srf = NULL; + if (args) + ready = args->signal; + + if (ready) { + srf = fopen(ready->srfName, "w"); + + if (srf) { + /* let's write port sever is listening on to ready file + external monitor can then do ephemeral ports by passing + -p 0 to server on supported platforms with -R ready_file + client can then wait for existence of ready_file and see + which port the server is listening on. */ + fprintf(srf, "%d\n", (int)port); + fclose(srf); + } + } + #endif + } + } + + *clientfd = accept(*sockfd, (struct sockaddr*)&client, + (ACCEPT_THIRD_T)&client_len); + if(WOLFSSL_SOCKET_IS_INVALID(*clientfd)) { + err_sys("tcp accept failed"); + } +} + + +static INLINE void tcp_set_nonblocking(SOCKET_T* sockfd) +{ + #ifdef USE_WINDOWS_API + unsigned long blocking = 1; + int ret = ioctlsocket(*sockfd, FIONBIO, &blocking); + if (ret == SOCKET_ERROR) + err_sys("ioctlsocket failed"); + #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) \ + || defined (WOLFSSL_TIRTOS)|| defined(WOLFSSL_VXWORKS) + /* non blocking not supported, for now */ + #else + int flags = fcntl(*sockfd, F_GETFL, 0); + if (flags < 0) + err_sys("fcntl get failed"); + flags = fcntl(*sockfd, F_SETFL, flags | O_NONBLOCK); + if (flags < 0) + err_sys("fcntl set failed"); + #endif +} + + +#ifndef NO_PSK + +static INLINE unsigned int my_psk_client_cb(WOLFSSL* ssl, const char* hint, + char* identity, unsigned int id_max_len, unsigned char* key, + unsigned int key_max_len) +{ + (void)ssl; + (void)hint; + (void)key_max_len; + + /* identity is OpenSSL testing default for openssl s_client, keep same */ + strncpy(identity, "Client_identity", id_max_len); + + + /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using + unsigned binary */ + key[0] = 26; + key[1] = 43; + key[2] = 60; + key[3] = 77; + + return 4; /* length of key in octets or 0 for error */ +} + + +static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, + unsigned char* key, unsigned int key_max_len) +{ + (void)ssl; + (void)key_max_len; + + /* identity is OpenSSL testing default for openssl s_client, keep same */ + if (strncmp(identity, "Client_identity", 15) != 0) + return 0; + + /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using + unsigned binary */ + key[0] = 26; + key[1] = 43; + key[2] = 60; + key[3] = 77; + + return 4; /* length of key in octets or 0 for error */ +} + +#endif /* NO_PSK */ + + +#if defined(WOLFSSL_USER_CURRTIME) + extern double current_time(int reset); + +#elif defined(USE_WINDOWS_API) + + #define WIN32_LEAN_AND_MEAN + #include + + static INLINE double current_time(int reset) + { + static int init = 0; + static LARGE_INTEGER freq; + + LARGE_INTEGER count; + + if (!init) { + QueryPerformanceFrequency(&freq); + init = 1; + } + + QueryPerformanceCounter(&count); + + (void)reset; + return (double)count.QuadPart / freq.QuadPart; + } + +#elif defined(WOLFSSL_TIRTOS) + extern double current_time(); +#else + +#if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_TCP_NET) + #include + + static INLINE double current_time(int reset) + { + struct timeval tv; + gettimeofday(&tv, 0); + (void)reset; + + return (double)tv.tv_sec + (double)tv.tv_usec / 1000000; + } +#else + extern double current_time(int reset); +#endif +#endif /* USE_WINDOWS_API */ + + +#if defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(FORCE_BUFFER_TEST) + + enum { + WOLFSSL_CA = 1, + WOLFSSL_CERT = 2, + WOLFSSL_KEY = 3, + WOLFSSL_CERT_CHAIN = 4, + }; + + static INLINE void load_buffer(WOLFSSL_CTX* ctx, const char* fname, int type) + { + int format = SSL_FILETYPE_PEM; + + /* test buffer load */ + long sz = 0; + byte buff[10000]; + FILE* file = fopen(fname, "rb"); + + if (!file) + err_sys("can't open file for buffer load " + "Please run from wolfSSL home directory if not"); + fseek(file, 0, SEEK_END); + sz = ftell(file); + rewind(file); + fread(buff, sizeof(buff), 1, file); + + /* determine format */ + if (strstr(fname, ".der")) + format = SSL_FILETYPE_ASN1; + + if (type == WOLFSSL_CA) { + if (wolfSSL_CTX_load_verify_buffer(ctx, buff, sz, format) + != SSL_SUCCESS) + err_sys("can't load buffer ca file"); + } + else if (type == WOLFSSL_CERT) { + if (wolfSSL_CTX_use_certificate_buffer(ctx, buff, sz, + format) != SSL_SUCCESS) + err_sys("can't load buffer cert file"); + } + else if (type == WOLFSSL_KEY) { + if (wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, sz, + format) != SSL_SUCCESS) + err_sys("can't load buffer key file"); + } + else if (type == WOLFSSL_CERT_CHAIN) { + if (wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, buff, sz, + format) != SSL_SUCCESS) + err_sys("can't load cert chain buffer"); + } + + fclose(file); + } + +#endif /* NO_FILESYSTEM */ + +#ifdef VERIFY_CALLBACK + +static INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store) +{ + (void)preverify; + char buffer[WOLFSSL_MAX_ERROR_SZ]; + +#ifdef OPENSSL_EXTRA + WOLFSSL_X509* peer; +#endif + + printf("In verification callback, error = %d, %s\n", store->error, + wolfSSL_ERR_error_string(store->error, buffer)); +#ifdef OPENSSL_EXTRA + peer = store->current_cert; + if (peer) { + char* issuer = wolfSSL_X509_NAME_oneline( + wolfSSL_X509_get_issuer_name(peer), 0, 0); + char* subject = wolfSSL_X509_NAME_oneline( + wolfSSL_X509_get_subject_name(peer), 0, 0); + printf("\tPeer's cert info:\n issuer : %s\n subject: %s\n", issuer, + subject); + XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL); + XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL); + } + else + printf("\tPeer has no cert!\n"); +#else + printf("\tPeer certs: %d\n", store->totalCerts); + #ifdef VERIFY_CALLBACK_SHOW_PEER_CERTS + { int i; + for (i=0; itotalCerts; i++) { + WOLFSSL_BUFFER_INFO* cert = &store->certs[i]; + printf("\t\tCert %d: Ptr %p, Len %u\n", i, cert->buffer, cert->length); + } + } + #endif +#endif + + printf("\tSubject's domain name is %s\n", store->domain); + + printf("\tAllowing to continue anyway (shouldn't do this, EVER!!!)\n"); + return 1; +} + +#endif /* VERIFY_CALLBACK */ + + +static INLINE int myDateCb(int preverify, WOLFSSL_X509_STORE_CTX* store) +{ + char buffer[WOLFSSL_MAX_ERROR_SZ]; + (void)preverify; + + printf("In verification callback, error = %d, %s\n", store->error, + wolfSSL_ERR_error_string(store->error, buffer)); + printf("Subject's domain name is %s\n", store->domain); + + if (store->error == ASN_BEFORE_DATE_E || store->error == ASN_AFTER_DATE_E) { + printf("Overriding cert date error as example for bad clock testing\n"); + return 1; + } + printf("Cert error is not date error, not overriding\n"); + + return 0; +} + + +#ifdef HAVE_CRL + +static INLINE void CRL_CallBack(const char* url) +{ + printf("CRL callback url = %s\n", url); +} + +#endif + +#ifndef NO_DH +static INLINE void SetDH(WOLFSSL* ssl) +{ + /* dh1024 p */ + static unsigned char p[] = + { + 0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3, + 0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E, + 0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59, + 0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2, + 0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD, + 0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF, + 0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02, + 0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C, + 0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7, + 0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50, + 0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B, + }; + + /* dh1024 g */ + static unsigned char g[] = + { + 0x02, + }; + + wolfSSL_SetTmpDH(ssl, p, sizeof(p), g, sizeof(g)); +} + +static INLINE void SetDHCtx(WOLFSSL_CTX* ctx) +{ + /* dh1024 p */ + static unsigned char p[] = + { + 0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3, + 0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E, + 0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59, + 0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2, + 0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD, + 0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF, + 0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02, + 0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C, + 0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7, + 0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50, + 0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B, + }; + + /* dh1024 g */ + static unsigned char g[] = + { + 0x02, + }; + + wolfSSL_CTX_SetTmpDH(ctx, p, sizeof(p), g, sizeof(g)); +} +#endif /* NO_DH */ + +#ifndef NO_CERTS + +static INLINE void CaCb(unsigned char* der, int sz, int type) +{ + (void)der; + printf("Got CA cache add callback, derSz = %d, type = %d\n", sz, type); +} + +#endif /* !NO_CERTS */ + + +/* Wolf Root Directory Helper */ +/* KEIL-RL File System does not support relative directory */ +#if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_FS) && !defined(WOLFSSL_TIRTOS) + #ifndef MAX_PATH + #define MAX_PATH 256 + #endif + + /* Maximum depth to search for WolfSSL root */ + #define MAX_WOLF_ROOT_DEPTH 5 + + static INLINE int ChangeToWolfRoot(void) + { + #if !defined(NO_FILESYSTEM) || defined(FORCE_BUFFER_TEST) + int depth, res; + FILE* file; + for(depth = 0; depth <= MAX_WOLF_ROOT_DEPTH; depth++) { + file = fopen(ntruKey, "rb"); + if (file != NULL) { + fclose(file); + return depth; + } + #ifdef USE_WINDOWS_API + res = SetCurrentDirectoryA("..\\"); + #else + res = chdir("../"); + #endif + if (res < 0) { + printf("chdir to ../ failed!\n"); + break; + } + } + + err_sys("wolf root not found"); + return -1; + #else + return 0; + #endif + } +#endif /* !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_FS) && !defined(WOLFSSL_TIRTOS) */ + +#ifdef HAVE_STACK_SIZE + +typedef THREAD_RETURN WOLFSSL_THREAD (*thread_func)(void* args); + + +static INLINE void StackSizeCheck(func_args* args, thread_func tf) +{ + int ret, i, used; + unsigned char* myStack = NULL; + int stackSize = 1024*128; + pthread_attr_t myAttr; + pthread_t threadId; + +#ifdef PTHREAD_STACK_MIN + if (stackSize < PTHREAD_STACK_MIN) + stackSize = PTHREAD_STACK_MIN; +#endif + + ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize); + if (ret != 0 || myStack == NULL) + err_sys("posix_memalign failed\n"); + + XMEMSET(myStack, 0x01, stackSize); + + ret = pthread_attr_init(&myAttr); + if (ret != 0) + err_sys("attr_init failed"); + + ret = pthread_attr_setstack(&myAttr, myStack, stackSize); + if (ret != 0) + err_sys("attr_setstackaddr failed"); + + ret = pthread_create(&threadId, &myAttr, tf, args); + if (ret != 0) { + perror("pthread_create failed"); + exit(EXIT_FAILURE); + } + + ret = pthread_join(threadId, NULL); + if (ret != 0) + err_sys("pthread_join failed"); + + for (i = 0; i < stackSize; i++) { + if (myStack[i] != 0x01) { + break; + } + } + + used = stackSize - i; + printf("stack used = %d\n", used); +} + + +#endif /* HAVE_STACK_SIZE */ + + +#ifdef STACK_TRAP + +/* good settings + --enable-debug --disable-shared C_EXTRA_FLAGS="-DUSER_TIME -DTFM_TIMING_RESISTANT -DPOSITIVE_EXP_ONLY -DSTACK_TRAP" + +*/ + +#ifdef HAVE_STACK_SIZE + /* client only for now, setrlimit will fail if pthread_create() called */ + /* STACK_SIZE does pthread_create() on client */ + #error "can't use STACK_TRAP with STACK_SIZE, setrlimit will fail" +#endif /* HAVE_STACK_SIZE */ + +static INLINE void StackTrap(void) +{ + struct rlimit rl; + if (getrlimit(RLIMIT_STACK, &rl) != 0) + err_sys("getrlimit failed"); + printf("rlim_cur = %llu\n", rl.rlim_cur); + rl.rlim_cur = 1024*21; /* adjust trap size here */ + if (setrlimit(RLIMIT_STACK, &rl) != 0) { + perror("setrlimit"); + err_sys("setrlimit failed"); + } +} + +#else /* STACK_TRAP */ + +static INLINE void StackTrap(void) +{ +} + +#endif /* STACK_TRAP */ + + +#ifdef ATOMIC_USER + +/* Atomic Encrypt Context example */ +typedef struct AtomicEncCtx { + int keySetup; /* have we done key setup yet */ + Aes aes; /* for aes example */ +} AtomicEncCtx; + + +/* Atomic Decrypt Context example */ +typedef struct AtomicDecCtx { + int keySetup; /* have we done key setup yet */ + Aes aes; /* for aes example */ +} AtomicDecCtx; + + +static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut, + const unsigned char* macIn, unsigned int macInSz, int macContent, + int macVerify, unsigned char* encOut, const unsigned char* encIn, + unsigned int encSz, void* ctx) +{ + int ret; + Hmac hmac; + byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ]; + AtomicEncCtx* encCtx = (AtomicEncCtx*)ctx; + const char* tlsStr = "TLS"; + + /* example supports (d)tls aes */ + if (wolfSSL_GetBulkCipher(ssl) != wolfssl_aes) { + printf("myMacEncryptCb not using AES\n"); + return -1; + } + + if (strstr(wolfSSL_get_version(ssl), tlsStr) == NULL) { + printf("myMacEncryptCb not using (D)TLS\n"); + return -1; + } + + /* hmac, not needed if aead mode */ + wolfSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify); + + ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl), + wolfSSL_GetMacSecret(ssl, macVerify), wolfSSL_GetHmacSize(ssl)); + if (ret != 0) + return ret; + ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner)); + if (ret != 0) + return ret; + ret = wc_HmacUpdate(&hmac, macIn, macInSz); + if (ret != 0) + return ret; + ret = wc_HmacFinal(&hmac, macOut); + if (ret != 0) + return ret; + + + /* encrypt setup on first time */ + if (encCtx->keySetup == 0) { + int keyLen = wolfSSL_GetKeySize(ssl); + const byte* key; + const byte* iv; + + if (wolfSSL_GetSide(ssl) == WOLFSSL_CLIENT_END) { + key = wolfSSL_GetClientWriteKey(ssl); + iv = wolfSSL_GetClientWriteIV(ssl); + } + else { + key = wolfSSL_GetServerWriteKey(ssl); + iv = wolfSSL_GetServerWriteIV(ssl); + } + + ret = wc_AesSetKey(&encCtx->aes, key, keyLen, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("AesSetKey failed in myMacEncryptCb\n"); + return ret; + } + encCtx->keySetup = 1; + } + + /* encrypt */ + return wc_AesCbcEncrypt(&encCtx->aes, encOut, encIn, encSz); +} + + +static INLINE int myDecryptVerifyCb(WOLFSSL* ssl, + unsigned char* decOut, const unsigned char* decIn, + unsigned int decSz, int macContent, int macVerify, + unsigned int* padSz, void* ctx) +{ + AtomicDecCtx* decCtx = (AtomicDecCtx*)ctx; + int ret = 0; + int macInSz = 0; + int ivExtra = 0; + int digestSz = wolfSSL_GetHmacSize(ssl); + unsigned int pad = 0; + unsigned int padByte = 0; + Hmac hmac; + byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ]; + byte verify[MAX_DIGEST_SIZE]; + const char* tlsStr = "TLS"; + + /* example supports (d)tls aes */ + if (wolfSSL_GetBulkCipher(ssl) != wolfssl_aes) { + printf("myMacEncryptCb not using AES\n"); + return -1; + } + + if (strstr(wolfSSL_get_version(ssl), tlsStr) == NULL) { + printf("myMacEncryptCb not using (D)TLS\n"); + return -1; + } + + /*decrypt */ + if (decCtx->keySetup == 0) { + int keyLen = wolfSSL_GetKeySize(ssl); + const byte* key; + const byte* iv; + + /* decrypt is from other side (peer) */ + if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) { + key = wolfSSL_GetClientWriteKey(ssl); + iv = wolfSSL_GetClientWriteIV(ssl); + } + else { + key = wolfSSL_GetServerWriteKey(ssl); + iv = wolfSSL_GetServerWriteIV(ssl); + } + + ret = wc_AesSetKey(&decCtx->aes, key, keyLen, iv, AES_DECRYPTION); + if (ret != 0) { + printf("AesSetKey failed in myDecryptVerifyCb\n"); + return ret; + } + decCtx->keySetup = 1; + } + + /* decrypt */ + ret = wc_AesCbcDecrypt(&decCtx->aes, decOut, decIn, decSz); + if (ret != 0) + return ret; + + if (wolfSSL_GetCipherType(ssl) == WOLFSSL_AEAD_TYPE) { + *padSz = wolfSSL_GetAeadMacSize(ssl); + return 0; /* hmac, not needed if aead mode */ + } + + if (wolfSSL_GetCipherType(ssl) == WOLFSSL_BLOCK_TYPE) { + pad = *(decOut + decSz - 1); + padByte = 1; + if (wolfSSL_IsTLSv1_1(ssl)) + ivExtra = wolfSSL_GetCipherBlockSize(ssl); + } + + *padSz = wolfSSL_GetHmacSize(ssl) + pad + padByte; + macInSz = decSz - ivExtra - digestSz - pad - padByte; + + wolfSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify); + + ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl), + wolfSSL_GetMacSecret(ssl, macVerify), digestSz); + if (ret != 0) + return ret; + ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner)); + if (ret != 0) + return ret; + ret = wc_HmacUpdate(&hmac, decOut + ivExtra, macInSz); + if (ret != 0) + return ret; + ret = wc_HmacFinal(&hmac, verify); + if (ret != 0) + return ret; + + if (XMEMCMP(verify, decOut + decSz - digestSz - pad - padByte, + digestSz) != 0) { + printf("myDecryptVerify verify failed\n"); + return -1; + } + + return ret; +} + + +static INLINE void SetupAtomicUser(WOLFSSL_CTX* ctx, WOLFSSL* ssl) +{ + AtomicEncCtx* encCtx; + AtomicDecCtx* decCtx; + + encCtx = (AtomicEncCtx*)malloc(sizeof(AtomicEncCtx)); + if (encCtx == NULL) + err_sys("AtomicEncCtx malloc failed"); + memset(encCtx, 0, sizeof(AtomicEncCtx)); + + decCtx = (AtomicDecCtx*)malloc(sizeof(AtomicDecCtx)); + if (decCtx == NULL) { + free(encCtx); + err_sys("AtomicDecCtx malloc failed"); + } + memset(decCtx, 0, sizeof(AtomicDecCtx)); + + wolfSSL_CTX_SetMacEncryptCb(ctx, myMacEncryptCb); + wolfSSL_SetMacEncryptCtx(ssl, encCtx); + + wolfSSL_CTX_SetDecryptVerifyCb(ctx, myDecryptVerifyCb); + wolfSSL_SetDecryptVerifyCtx(ssl, decCtx); +} + + +static INLINE void FreeAtomicUser(WOLFSSL* ssl) +{ + AtomicEncCtx* encCtx = (AtomicEncCtx*)wolfSSL_GetMacEncryptCtx(ssl); + AtomicDecCtx* decCtx = (AtomicDecCtx*)wolfSSL_GetDecryptVerifyCtx(ssl); + + free(decCtx); + free(encCtx); +} + +#endif /* ATOMIC_USER */ + +#ifdef WOLFSSL_STATIC_MEMORY +static INLINE int wolfSSL_PrintStats(WOLFSSL_MEM_STATS* stats) +{ + word16 i; + + if (stats == NULL) { + return 0; + } + + /* print to stderr so is on the same pipe as WOLFSSL_DEBUG */ + fprintf(stderr, "Total mallocs = %d\n", stats->totalAlloc); + fprintf(stderr, "Total frees = %d\n", stats->totalFr); + fprintf(stderr, "Current mallocs = %d\n", stats->curAlloc); + fprintf(stderr, "Available IO = %d\n", stats->avaIO); + fprintf(stderr, "Max con. handshakes = %d\n", stats->maxHa); + fprintf(stderr, "Max con. IO = %d\n", stats->maxIO); + fprintf(stderr, "State of memory blocks: size : available \n"); + for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) { + fprintf(stderr, " : %d\t : %d\n", stats->blockSz[i], + stats->avaBlock[i]); + } + + return 1; +} +#endif /* WOLFSSL_STATIC_MEMORY */ + +#ifdef HAVE_PK_CALLBACKS + +#ifdef HAVE_ECC + +static INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz, + byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx) +{ + WC_RNG rng; + int ret; + word32 idx = 0; + ecc_key myKey; + + (void)ssl; + (void)ctx; + + ret = wc_InitRng(&rng); + if (ret != 0) + return ret; + + wc_ecc_init(&myKey); + + ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) + ret = wc_ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey); + wc_ecc_free(&myKey); + wc_FreeRng(&rng); + + return ret; +} + + +static INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz, + const byte* hash, word32 hashSz, const byte* key, word32 keySz, + int* result, void* ctx) +{ + int ret; + ecc_key myKey; + + (void)ssl; + (void)ctx; + + wc_ecc_init(&myKey); + + ret = wc_ecc_import_x963(key, keySz, &myKey); + if (ret == 0) + ret = wc_ecc_verify_hash(sig, sigSz, hash, hashSz, result, &myKey); + wc_ecc_free(&myKey); + + return ret; +} + +static INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey, + unsigned char* pubKeyDer, unsigned int* pubKeySz, + unsigned char* out, unsigned int* outlen, + int side, void* ctx) +{ + int ret; + ecc_key* privKey = NULL; + ecc_key* pubKey = NULL; + ecc_key tmpKey; + + (void)ssl; + (void)ctx; + + ret = wc_ecc_init(&tmpKey); + if (ret != 0) { + return ret; + } + + /* for client: create and export public key */ + if (side == WOLFSSL_CLIENT_END) { + WC_RNG rng; + + privKey = &tmpKey; + pubKey = otherKey; + + ret = wc_InitRng(&rng); + if (ret == 0) { + ret = wc_ecc_make_key_ex(&rng, 0, privKey, otherKey->dp->id); + if (ret == 0) + ret = wc_ecc_export_x963(privKey, pubKeyDer, pubKeySz); + wc_FreeRng(&rng); + } + } + + /* for server: import public key */ + else if (side == WOLFSSL_SERVER_END) { + privKey = otherKey; + pubKey = &tmpKey; + + ret = wc_ecc_import_x963_ex(pubKeyDer, *pubKeySz, pubKey, + otherKey->dp->id); + } + else { + ret = BAD_FUNC_ARG; + } + + /* generate shared secret and return it */ + if (ret == 0) { + ret = wc_ecc_shared_secret(privKey, pubKey, out, outlen); + } + + wc_ecc_free(&tmpKey); + + return ret; +} + +#endif /* HAVE_ECC */ + +#ifndef NO_RSA + +static INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, + byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx) +{ + WC_RNG rng; + int ret; + word32 idx = 0; + RsaKey myKey; + + (void)ssl; + (void)ctx; + + ret = wc_InitRng(&rng); + if (ret != 0) + return ret; + + wc_InitRsaKey(&myKey, NULL); + + ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) + ret = wc_RsaSSL_Sign(in, inSz, out, *outSz, &myKey, &rng); + if (ret > 0) { /* save and convert to 0 success */ + *outSz = ret; + ret = 0; + } + wc_FreeRsaKey(&myKey); + wc_FreeRng(&rng); + + return ret; +} + + +static INLINE int myRsaVerify(WOLFSSL* ssl, byte* sig, word32 sigSz, + byte** out, + const byte* key, word32 keySz, + void* ctx) +{ + int ret; + word32 idx = 0; + RsaKey myKey; + + (void)ssl; + (void)ctx; + + wc_InitRsaKey(&myKey, NULL); + + ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) + ret = wc_RsaSSL_VerifyInline(sig, sigSz, out, &myKey); + wc_FreeRsaKey(&myKey); + + return ret; +} + + +static INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, + byte* out, word32* outSz, const byte* key, + word32 keySz, void* ctx) +{ + int ret; + word32 idx = 0; + RsaKey myKey; + WC_RNG rng; + + (void)ssl; + (void)ctx; + + ret = wc_InitRng(&rng); + if (ret != 0) + return ret; + + wc_InitRsaKey(&myKey, NULL); + + ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) { + ret = wc_RsaPublicEncrypt(in, inSz, out, *outSz, &myKey, &rng); + if (ret > 0) { + *outSz = ret; + ret = 0; /* reset to success */ + } + } + wc_FreeRsaKey(&myKey); + wc_FreeRng(&rng); + + return ret; +} + +static INLINE int myRsaDec(WOLFSSL* ssl, byte* in, word32 inSz, + byte** out, + const byte* key, word32 keySz, void* ctx) +{ + int ret; + word32 idx = 0; + RsaKey myKey; + + (void)ssl; + (void)ctx; + + wc_InitRsaKey(&myKey, NULL); + + ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) { + #ifdef WC_RSA_BLINDING + ret = wc_RsaSetRNG(&myKey, wolfSSL_GetRNG(ssl)); + if (ret != 0) { + wc_FreeRsaKey(&myKey); + return ret; + } + #endif + ret = wc_RsaPrivateDecryptInline(in, inSz, out, &myKey); + } + wc_FreeRsaKey(&myKey); + + return ret; +} + +#endif /* NO_RSA */ + +static INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx, WOLFSSL* ssl) +{ + (void)ctx; + (void)ssl; + + #ifdef HAVE_ECC + wolfSSL_CTX_SetEccSignCb(ctx, myEccSign); + wolfSSL_CTX_SetEccVerifyCb(ctx, myEccVerify); + wolfSSL_CTX_SetEccSharedSecretCb(ctx, myEccSharedSecret); + #endif /* HAVE_ECC */ + #ifndef NO_RSA + wolfSSL_CTX_SetRsaSignCb(ctx, myRsaSign); + wolfSSL_CTX_SetRsaVerifyCb(ctx, myRsaVerify); + wolfSSL_CTX_SetRsaEncCb(ctx, myRsaEnc); + wolfSSL_CTX_SetRsaDecCb(ctx, myRsaDec); + #endif /* NO_RSA */ +} + +#endif /* HAVE_PK_CALLBACKS */ + + + + + +#if defined(__hpux__) || defined(__MINGW32__) || defined (WOLFSSL_TIRTOS) \ + || defined(_MSC_VER) + +/* HP/UX doesn't have strsep, needed by test/suites.c */ +static INLINE char* strsep(char **stringp, const char *delim) +{ + char* start; + char* end; + + start = *stringp; + if (start == NULL) + return NULL; + + if ((end = strpbrk(start, delim))) { + *end++ = '\0'; + *stringp = end; + } else { + *stringp = NULL; + } + + return start; +} + +#endif /* __hpux__ and others */ + +/* Create unique filename, len is length of tempfn name, assuming + len does not include null terminating character, + num is number of characters in tempfn name to randomize */ +static INLINE const char* mymktemp(char *tempfn, int len, int num) +{ + int x, size; + static const char alphanum[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz"; + WC_RNG rng; + byte out; + + if (tempfn == NULL || len < 1 || num < 1 || len <= num) { + printf("Bad input\n"); + return NULL; + } + + size = len - 1; + + if (wc_InitRng(&rng) != 0) { + printf("InitRng failed\n"); + return NULL; + } + + for (x = size; x > size - num; x--) { + if (wc_RNG_GenerateBlock(&rng,(byte*)&out, sizeof(out)) != 0) { + printf("RNG_GenerateBlock failed\n"); + return NULL; + } + tempfn[x] = alphanum[out % (sizeof(alphanum) - 1)]; + } + tempfn[len] = '\0'; + + wc_FreeRng(&rng); + + return tempfn; +} + + + +#if defined(HAVE_SESSION_TICKET) && defined(HAVE_CHACHA) && \ + defined(HAVE_POLY1305) + + #include + + typedef struct key_ctx { + byte name[WOLFSSL_TICKET_NAME_SZ]; /* name for this context */ + byte key[16]; /* cipher key */ + } key_ctx; + + static key_ctx myKey_ctx; + static WC_RNG myKey_rng; + + static INLINE int TicketInit(void) + { + int ret = wc_InitRng(&myKey_rng); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.key, sizeof(myKey_ctx.key)); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.name,sizeof(myKey_ctx.name)); + if (ret != 0) return ret; + + return 0; + } + + static INLINE void TicketCleanup(void) + { + wc_FreeRng(&myKey_rng); + } + + static INLINE int myTicketEncCb(WOLFSSL* ssl, + byte key_name[WOLFSSL_TICKET_NAME_SZ], + byte iv[WOLFSSL_TICKET_IV_SZ], + byte mac[WOLFSSL_TICKET_MAC_SZ], + int enc, byte* ticket, int inLen, int* outLen, + void* userCtx) + { + (void)ssl; + (void)userCtx; + + int ret; + word16 sLen = htons(inLen); + byte aad[WOLFSSL_TICKET_NAME_SZ + WOLFSSL_TICKET_IV_SZ + 2]; + int aadSz = WOLFSSL_TICKET_NAME_SZ + WOLFSSL_TICKET_IV_SZ + 2; + byte* tmp = aad; + + if (enc) { + XMEMCPY(key_name, myKey_ctx.name, WOLFSSL_TICKET_NAME_SZ); + + ret = wc_RNG_GenerateBlock(&myKey_rng, iv, WOLFSSL_TICKET_IV_SZ); + if (ret != 0) return WOLFSSL_TICKET_RET_REJECT; + + /* build aad from key name, iv, and length */ + XMEMCPY(tmp, key_name, WOLFSSL_TICKET_NAME_SZ); + tmp += WOLFSSL_TICKET_NAME_SZ; + XMEMCPY(tmp, iv, WOLFSSL_TICKET_IV_SZ); + tmp += WOLFSSL_TICKET_IV_SZ; + XMEMCPY(tmp, &sLen, 2); + + ret = wc_ChaCha20Poly1305_Encrypt(myKey_ctx.key, iv, + aad, aadSz, + ticket, inLen, + ticket, + mac); + if (ret != 0) return WOLFSSL_TICKET_RET_REJECT; + *outLen = inLen; /* no padding in this mode */ + } else { + /* decrypt */ + + /* see if we know this key */ + if (XMEMCMP(key_name, myKey_ctx.name, WOLFSSL_TICKET_NAME_SZ) != 0){ + printf("client presented unknown ticket key name "); + return WOLFSSL_TICKET_RET_FATAL; + } + + /* build aad from key name, iv, and length */ + XMEMCPY(tmp, key_name, WOLFSSL_TICKET_NAME_SZ); + tmp += WOLFSSL_TICKET_NAME_SZ; + XMEMCPY(tmp, iv, WOLFSSL_TICKET_IV_SZ); + tmp += WOLFSSL_TICKET_IV_SZ; + XMEMCPY(tmp, &sLen, 2); + + ret = wc_ChaCha20Poly1305_Decrypt(myKey_ctx.key, iv, + aad, aadSz, + ticket, inLen, + mac, + ticket); + if (ret != 0) return WOLFSSL_TICKET_RET_REJECT; + *outLen = inLen; /* no padding in this mode */ + } + + return WOLFSSL_TICKET_RET_OK; + } + +#endif /* HAVE_SESSION_TICKET && CHACHA20 && POLY1305 */ + +static INLINE word16 GetRandomPort(void) +{ + word16 port = 0; + + /* Generate random port for testing */ + WC_RNG rng; + if (wc_InitRng(&rng) == 0) { + wc_RNG_GenerateBlock(&rng, (byte*)&port, sizeof(port)); + port |= 0xC000; /* Make sure its in the 49152 - 65535 range */ + wc_FreeRng(&rng); + } + return port; +} + +#endif /* wolfSSL_TEST_H */ diff --git a/ccc/dist/lib/include/wolfssl/version.h b/ccc/dist/lib/include/wolfssl/version.h new file mode 100644 index 0000000..bd92deb --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/version.h @@ -0,0 +1,40 @@ +/* wolfssl_version.h.in + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLFSSL_VERSION_H +#define WOLFSSL_VERSION_H + + +#ifdef __cplusplus +extern "C" { +#endif + +#define LIBWOLFSSL_VERSION_STRING "3.10.0" +#define LIBWOLFSSL_VERSION_HEX 0x03010000 + +#ifdef __cplusplus +} +#endif + + +#endif /* WOLFSSL_VERSION_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/aes.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/aes.h new file mode 100644 index 0000000..b7fb2c7 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/aes.h @@ -0,0 +1,195 @@ +/* aes.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_AES_H +#define WOLF_CRYPT_AES_H + +#include + +#ifndef NO_AES + +/* included for fips @wc_fips */ +#ifdef HAVE_FIPS +#include +#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER) + #define WOLFSSL_AES_COUNTER +#endif +#if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT) + #define WOLFSSL_AES_DIRECT +#endif +#endif + +#ifndef HAVE_FIPS /* to avoid redefinition of macros */ + +#ifdef WOLFSSL_AESNI + +#include +#include +#include + +#endif /* WOLFSSL_AESNI */ + +#endif /* HAVE_FIPS */ + +#ifdef __cplusplus + extern "C" { +#endif + +#ifndef HAVE_FIPS /* to avoid redefinition of structures */ + +#ifdef WOLFSSL_ASYNC_CRYPT + #include +#endif + +enum { + AES_ENC_TYPE = 1, /* cipher unique type */ + AES_ENCRYPTION = 0, + AES_DECRYPTION = 1, + KEYWRAP_BLOCK_SIZE = 8, + AES_BLOCK_SIZE = 16 +}; + + +typedef struct Aes { + /* AESNI needs key first, rounds 2nd, not sure why yet */ + ALIGN16 word32 key[60]; + word32 rounds; + + ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ + ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */ + +#ifdef HAVE_AESGCM + ALIGN16 byte H[AES_BLOCK_SIZE]; +#ifdef GCM_TABLE + /* key-based fast multiplication table. */ + ALIGN16 byte M0[256][AES_BLOCK_SIZE]; +#endif /* GCM_TABLE */ +#endif /* HAVE_AESGCM */ +#ifdef WOLFSSL_AESNI + byte use_aesni; +#endif /* WOLFSSL_AESNI */ +#ifdef WOLFSSL_ASYNC_CRYPT + AsyncCryptDev asyncDev; + #ifdef HAVE_CAVIUM + AesType type; /* aes key type */ + #endif +#endif /* WOLFSSL_ASYNC_CRYPT */ +#ifdef WOLFSSL_AES_COUNTER + word32 left; /* unused bytes left from last call */ +#endif +#ifdef WOLFSSL_PIC32MZ_CRYPT + word32 key_ce[AES_BLOCK_SIZE*2/sizeof(word32)] ; + word32 iv_ce [AES_BLOCK_SIZE /sizeof(word32)] ; + int keylen ; +#endif +#ifdef WOLFSSL_TI_CRYPT + int keylen ; +#endif + void* heap; /* memory hint to use */ +} Aes; + + +#ifdef HAVE_AESGCM +typedef struct Gmac { + Aes aes; +} Gmac; +#endif /* HAVE_AESGCM */ +#endif /* HAVE_FIPS */ + +WOLFSSL_LOCAL int wc_InitAes_h(Aes* aes, void* h); +WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir); +WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv); +WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out, + const byte* in, word32 sz); +WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out, + const byte* in, word32 sz); + +/* AES-CTR */ +#ifdef WOLFSSL_AES_COUNTER + WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out, + const byte* in, word32 sz); +#endif +/* AES-DIRECT */ +#if defined(WOLFSSL_AES_DIRECT) + WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in); + WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in); + WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir); +#endif +#ifdef HAVE_AESGCM + WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len); + WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out, + const byte* in, word32 sz, + const byte* iv, word32 ivSz, + byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz); + WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out, + const byte* in, word32 sz, + const byte* iv, word32 ivSz, + const byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz); + + WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len); + WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz, + const byte* authIn, word32 authInSz, + byte* authTag, word32 authTagSz); +#endif /* HAVE_AESGCM */ +#ifdef HAVE_AESCCM + WOLFSSL_API int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz); + WOLFSSL_API int wc_AesCcmEncrypt(Aes* aes, byte* out, + const byte* in, word32 inSz, + const byte* nonce, word32 nonceSz, + byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz); + WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out, + const byte* in, word32 inSz, + const byte* nonce, word32 nonceSz, + const byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz); +#endif /* HAVE_AESCCM */ +#ifdef HAVE_AES_KEYWRAP + WOLFSSL_API int wc_AesKeyWrap(const byte* key, word32 keySz, + const byte* in, word32 inSz, + byte* out, word32 outSz, + const byte* iv); + WOLFSSL_API int wc_AesKeyUnWrap(const byte* key, word32 keySz, + const byte* in, word32 inSz, + byte* out, word32 outSz, + const byte* iv); +#endif /* HAVE_AES_KEYWRAP */ + +WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize); + +#ifdef WOLFSSL_ASYNC_CRYPT + WOLFSSL_API int wc_AesAsyncInit(Aes*, int); + WOLFSSL_API void wc_AesAsyncFree(Aes*); +#endif + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* NO_AES */ +#endif /* WOLF_CRYPT_AES_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/arc4.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/arc4.h new file mode 100644 index 0000000..752f1d0 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/arc4.h @@ -0,0 +1,66 @@ +/* arc4.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_ARC4_H +#define WOLF_CRYPT_ARC4_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + +#ifdef WOLFSSL_ASYNC_CRYPT + #include +#endif + +enum { + ARC4_ENC_TYPE = 4, /* cipher unique type */ + ARC4_STATE_SIZE = 256 +}; + +/* ARC4 encryption and decryption */ +typedef struct Arc4 { + byte x; + byte y; + byte state[ARC4_STATE_SIZE]; +#ifdef WOLFSSL_ASYNC_CRYPT + AsyncCryptDev asyncDev; +#endif +} Arc4; + +WOLFSSL_API void wc_Arc4Process(Arc4*, byte*, const byte*, word32); +WOLFSSL_API void wc_Arc4SetKey(Arc4*, const byte*, word32); + +#ifdef WOLFSSL_ASYNC_CRYPT + WOLFSSL_API int wc_Arc4AsyncInit(Arc4*, int); + WOLFSSL_API void wc_Arc4AsyncFree(Arc4*); +#endif + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* WOLF_CRYPT_ARC4_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/asn.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/asn.h new file mode 100644 index 0000000..fdb8dc7 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/asn.h @@ -0,0 +1,895 @@ +/* asn.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_ASN_H +#define WOLF_CRYPT_ASN_H + +#include + +#ifndef NO_ASN + +#include +#ifndef NO_RSA + #include +#endif + +/* fips declare of RsaPrivateKeyDecode @wc_fips */ +#if defined(HAVE_FIPS) && !defined(NO_RSA) + #include +#endif + +#ifndef NO_DH + #include +#endif +#ifndef NO_DSA + #include +#endif +#ifndef NO_SHA + #include +#endif +#ifndef NO_MD5 + #include +#endif +#include +#include /* public interface */ +#ifdef HAVE_ECC + #include +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +enum { + ISSUER = 0, + SUBJECT = 1, + + EXTERNAL_SERIAL_SIZE = 32, + + BEFORE = 0, + AFTER = 1 +}; + +/* ASN Tags */ +enum ASN_Tags { + ASN_BOOLEAN = 0x01, + ASN_INTEGER = 0x02, + ASN_BIT_STRING = 0x03, + ASN_OCTET_STRING = 0x04, + ASN_TAG_NULL = 0x05, + ASN_OBJECT_ID = 0x06, + ASN_ENUMERATED = 0x0a, + ASN_UTF8STRING = 0x0c, + ASN_SEQUENCE = 0x10, + ASN_SET = 0x11, + ASN_UTC_TIME = 0x17, + ASN_OTHER_TYPE = 0x00, + ASN_RFC822_TYPE = 0x01, + ASN_DNS_TYPE = 0x02, + ASN_DIR_TYPE = 0x04, + ASN_GENERALIZED_TIME = 0x18, + CRL_EXTENSIONS = 0xa0, + ASN_EXTENSIONS = 0xa3, + ASN_LONG_LENGTH = 0x80 +}; + +enum ASN_Flags{ + ASN_CONSTRUCTED = 0x20, + ASN_CONTEXT_SPECIFIC = 0x80 +}; + +enum DN_Tags { + ASN_COMMON_NAME = 0x03, /* CN */ + ASN_SUR_NAME = 0x04, /* SN */ + ASN_SERIAL_NUMBER = 0x05, /* serialNumber */ + ASN_COUNTRY_NAME = 0x06, /* C */ + ASN_LOCALITY_NAME = 0x07, /* L */ + ASN_STATE_NAME = 0x08, /* ST */ + ASN_ORG_NAME = 0x0a, /* O */ + ASN_ORGUNIT_NAME = 0x0b /* OU */ +}; + +enum PBES { + PBE_MD5_DES = 0, + PBE_SHA1_DES = 1, + PBE_SHA1_DES3 = 2, + PBE_SHA1_RC4_128 = 3, + PBES2 = 13 /* algo ID */ +}; + +enum ENCRYPTION_TYPES { + DES_TYPE = 0, + DES3_TYPE = 1, + RC4_TYPE = 2 +}; + +enum ECC_TYPES { + ECC_PREFIX_0 = 160, + ECC_PREFIX_1 = 161 +}; + +enum Misc_ASN { + ASN_NAME_MAX = 256, + MAX_SALT_SIZE = 64, /* MAX PKCS Salt length */ + MAX_IV_SIZE = 64, /* MAX PKCS Iv length */ + MAX_KEY_SIZE = 64, /* MAX PKCS Key length */ + PKCS5 = 5, /* PKCS oid tag */ + PKCS5v2 = 6, /* PKCS #5 v2.0 */ + PKCS12 = 12, /* PKCS #12 */ + MAX_UNICODE_SZ = 256, + ASN_BOOL_SIZE = 2, /* including type */ + ASN_ECC_HEADER_SZ = 2, /* String type + 1 byte len */ + ASN_ECC_CONTEXT_SZ = 2, /* Content specific type + 1 byte len */ +#ifdef NO_SHA + KEYID_SIZE = SHA256_DIGEST_SIZE, +#else + KEYID_SIZE = SHA_DIGEST_SIZE, +#endif + RSA_INTS = 8, /* RSA ints in private key */ + DSA_INTS = 5, /* DSA ints in private key */ + MIN_DATE_SIZE = 13, + MAX_DATE_SIZE = 32, + ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */ + MAX_ENCODED_SIG_SZ = 512, + MAX_SIG_SZ = 256, + MAX_ALGO_SZ = 20, + MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */ + MAX_SET_SZ = 5, /* enum(set | con) + length(4) */ + MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */ + MAX_EXP_SZ = 5, /* enum(contextspec|con|exp) + length(4) */ + MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */ + MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/ + MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + length(4) */ + MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */ + MAX_NTRU_KEY_SZ = 610, /* NTRU 112 bit public key */ + MAX_NTRU_ENC_SZ = 628, /* NTRU 112 bit DER public encoding */ + MAX_LENGTH_SZ = 4, /* Max length size for DER encoding */ + MAX_RSA_E_SZ = 16, /* Max RSA public e size */ + MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */ + MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */ + MAX_DER_DIGEST_SZ = MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ, /* Maximum DER digest size */ +#ifdef WOLFSSL_CERT_GEN + #ifdef WOLFSSL_CERT_REQ + /* Max encoded cert req attributes length */ + MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 + + MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */ + #endif + #if defined(WOLFSSL_ALT_NAMES) || defined(WOLFSSL_CERT_EXT) + MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE, + #else + MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + MAX_CA_SZ, + #endif + /* Max total extensions, id + len + others */ +#endif +#ifdef WOLFSSL_CERT_EXT + MAX_KID_SZ = 45, /* Max encoded KID length (SHA-256 case) */ + MAX_KEYUSAGE_SZ = 18, /* Max encoded Key Usage length */ + MAX_OID_SZ = 32, /* Max DER length of OID*/ + MAX_OID_STRING_SZ = 64, /* Max string length representation of OID*/ + MAX_CERTPOL_NB = CTC_MAX_CERTPOL_NB,/* Max number of Cert Policy */ + MAX_CERTPOL_SZ = CTC_MAX_CERTPOL_SZ, +#endif + OCSP_NONCE_EXT_SZ = 37, /* OCSP Nonce Extension size */ + MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */ + MAX_OCSP_NONCE_SZ = 16, /* OCSP Nonce size */ + EIGHTK_BUF = 8192, /* Tmp buffer size */ + MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2, + /* use bigger NTRU size */ + HEADER_ENCRYPTED_KEY_SIZE = 88,/* Extra header size for encrypted key */ + TRAILING_ZERO = 1, /* Used for size of zero pad */ + MIN_VERSION_SZ = 3 /* Min bytes needed for GetMyVersion */ +}; + + +enum Oid_Types { + oidHashType = 0, + oidSigType = 1, + oidKeyType = 2, + oidCurveType = 3, + oidBlkType = 4, + oidOcspType = 5, + oidCertExtType = 6, + oidCertAuthInfoType = 7, + oidCertPolicyType = 8, + oidCertAltNameType = 9, + oidCertKeyUseType = 10, + oidKdfType = 11, + oidKeyWrapType = 12, + oidCmsKeyAgreeType = 13, + oidIgnoreType +}; + + +enum Hash_Sum { + MD2h = 646, + MD5h = 649, + SHAh = 88, + SHA224h = 417, + SHA256h = 414, + SHA384h = 415, + SHA512h = 416 +}; + + +enum Block_Sum { + AES128CBCb = 414, + AES192CBCb = 434, + AES256CBCb = 454, + DESb = 69, + DES3b = 652 +}; + + +enum Key_Sum { + DSAk = 515, + RSAk = 645, + NTRUk = 274, + ECDSAk = 518 +}; + + +enum KeyWrap_Sum { + AES128_WRAP = 417, + AES192_WRAP = 437, + AES256_WRAP = 457 +}; + + +enum Key_Agree { + dhSinglePass_stdDH_sha1kdf_scheme = 464, + dhSinglePass_stdDH_sha224kdf_scheme = 188, + dhSinglePass_stdDH_sha256kdf_scheme = 189, + dhSinglePass_stdDH_sha384kdf_scheme = 190, + dhSinglePass_stdDH_sha512kdf_scheme = 191, +}; + + +enum Ecc_Sum { + ECC_SECP112R1_OID = 182, + ECC_SECP112R2_OID = 183, + ECC_SECP128R1_OID = 204, + ECC_SECP128R2_OID = 205, + ECC_SECP160R1_OID = 184, + ECC_SECP160R2_OID = 206, + ECC_SECP160K1_OID = 185, + ECC_BRAINPOOLP160R1_OID = 98, + ECC_SECP192R1_OID = 520, + ECC_PRIME192V2_OID = 521, + ECC_PRIME192V3_OID = 522, + ECC_SECP192K1_OID = 207, + ECC_BRAINPOOLP192R1_OID = 100, + ECC_SECP224R1_OID = 209, + ECC_SECP224K1_OID = 208, + ECC_BRAINPOOLP224R1_OID = 102, + ECC_PRIME239V1_OID = 523, + ECC_PRIME239V2_OID = 524, + ECC_PRIME239V3_OID = 525, + ECC_SECP256R1_OID = 526, + ECC_SECP256K1_OID = 186, + ECC_BRAINPOOLP256R1_OID = 104, + ECC_BRAINPOOLP320R1_OID = 106, + ECC_SECP384R1_OID = 210, + ECC_BRAINPOOLP384R1_OID = 108, + ECC_BRAINPOOLP512R1_OID = 110, + ECC_SECP521R1_OID = 211, +}; + + +enum KDF_Sum { + PBKDF2_OID = 660 +}; + + +enum Extensions_Sum { + BASIC_CA_OID = 133, + ALT_NAMES_OID = 131, + CRL_DIST_OID = 145, + AUTH_INFO_OID = 69, + AUTH_KEY_OID = 149, + SUBJ_KEY_OID = 128, + CERT_POLICY_OID = 146, + KEY_USAGE_OID = 129, /* 2.5.29.15 */ + INHIBIT_ANY_OID = 168, /* 2.5.29.54 */ + EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */ + NAME_CONS_OID = 144 /* 2.5.29.30 */ +}; + +enum CertificatePolicy_Sum { + CP_ANY_OID = 146 /* id-ce 32 0 */ +}; + +enum SepHardwareName_Sum { + HW_NAME_OID = 79 /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/ +}; + +enum AuthInfo_Sum { + AIA_OCSP_OID = 116, /* 1.3.6.1.5.5.7.48.1 */ + AIA_CA_ISSUER_OID = 117 /* 1.3.6.1.5.5.7.48.2 */ +}; + +enum ExtKeyUsage_Sum { /* From RFC 5280 */ + EKU_ANY_OID = 151, /* 2.5.29.37.0, anyExtendedKeyUsage */ + EKU_SERVER_AUTH_OID = 71, /* 1.3.6.1.5.5.7.3.1, id-kp-serverAuth */ + EKU_CLIENT_AUTH_OID = 72, /* 1.3.6.1.5.5.7.3.2, id-kp-clientAuth */ + EKU_OCSP_SIGN_OID = 79 /* 1.3.6.1.5.5.7.3.9, OCSPSigning */ +}; + + +enum VerifyType { + NO_VERIFY = 0, + VERIFY = 1, + VERIFY_CRL = 2, + VERIFY_OCSP = 3 +}; + +#ifdef WOLFSSL_CERT_EXT +enum KeyIdType { + SKID_TYPE = 0, + AKID_TYPE = 1 +}; +#endif + +/* Key usage extension bits */ +#define KEYUSE_DIGITAL_SIG 0x0080 +#define KEYUSE_CONTENT_COMMIT 0x0040 +#define KEYUSE_KEY_ENCIPHER 0x0020 +#define KEYUSE_DATA_ENCIPHER 0x0010 +#define KEYUSE_KEY_AGREE 0x0008 +#define KEYUSE_KEY_CERT_SIGN 0x0004 +#define KEYUSE_CRL_SIGN 0x0002 +#define KEYUSE_ENCIPHER_ONLY 0x0001 +#define KEYUSE_DECIPHER_ONLY 0x8000 + +#define EXTKEYUSE_ANY 0x08 +#define EXTKEYUSE_OCSP_SIGN 0x04 +#define EXTKEYUSE_CLIENT_AUTH 0x02 +#define EXTKEYUSE_SERVER_AUTH 0x01 + +typedef struct DNS_entry DNS_entry; + +struct DNS_entry { + DNS_entry* next; /* next on DNS list */ + char* name; /* actual DNS name */ +}; + + +typedef struct Base_entry Base_entry; + +struct Base_entry { + Base_entry* next; /* next on name base list */ + char* name; /* actual name base */ + int nameSz; /* name length */ + byte type; /* Name base type (DNS or RFC822) */ +}; + + +struct DecodedName { + char* fullName; + int fullNameLen; + int entryCount; + int cnIdx; + int cnLen; + int snIdx; + int snLen; + int cIdx; + int cLen; + int lIdx; + int lLen; + int stIdx; + int stLen; + int oIdx; + int oLen; + int ouIdx; + int ouLen; + int emailIdx; + int emailLen; + int uidIdx; + int uidLen; + int serialIdx; + int serialLen; +}; + + +typedef struct DecodedCert DecodedCert; +typedef struct DecodedName DecodedName; +typedef struct Signer Signer; +#ifdef WOLFSSL_TRUST_PEER_CERT +typedef struct TrustedPeerCert TrustedPeerCert; +#endif /* WOLFSSL_TRUST_PEER_CERT */ + + +struct DecodedCert { + byte* publicKey; + word32 pubKeySize; + int pubKeyStored; + word32 certBegin; /* offset to start of cert */ + word32 sigIndex; /* offset to start of signature */ + word32 sigLength; /* length of signature */ + word32 signatureOID; /* sum of algorithm object id */ + word32 keyOID; /* sum of key algo object id */ + int version; /* cert version, 1 or 3 */ + DNS_entry* altNames; /* alt names list of dns entries */ +#ifndef IGNORE_NAME_CONSTRAINTS + DNS_entry* altEmailNames; /* alt names list of RFC822 entries */ + Base_entry* permittedNames; /* Permitted name bases */ + Base_entry* excludedNames; /* Excluded name bases */ +#endif /* IGNORE_NAME_CONSTRAINTS */ + byte subjectHash[KEYID_SIZE]; /* hash of all Names */ + byte issuerHash[KEYID_SIZE]; /* hash of all Names */ +#ifdef HAVE_OCSP + byte issuerKeyHash[KEYID_SIZE]; /* hash of the public Key */ +#endif /* HAVE_OCSP */ + byte* signature; /* not owned, points into raw cert */ + char* subjectCN; /* CommonName */ + int subjectCNLen; /* CommonName Length */ + char subjectCNEnc; /* CommonName Encoding */ + int subjectCNStored; /* have we saved a copy we own */ + char issuer[ASN_NAME_MAX]; /* full name including common name */ + char subject[ASN_NAME_MAX]; /* full name including common name */ + int verify; /* Default to yes, but could be off */ + byte* source; /* byte buffer holder cert, NOT owner */ + word32 srcIdx; /* current offset into buffer */ + word32 maxIdx; /* max offset based on init size */ + void* heap; /* for user memory overrides */ + byte serial[EXTERNAL_SERIAL_SIZE]; /* raw serial number */ + int serialSz; /* raw serial bytes stored */ + byte* extensions; /* not owned, points into raw cert */ + int extensionsSz; /* length of cert extensions */ + word32 extensionsIdx; /* if want to go back and parse later */ + byte* extAuthInfo; /* Authority Information Access URI */ + int extAuthInfoSz; /* length of the URI */ + byte* extCrlInfo; /* CRL Distribution Points */ + int extCrlInfoSz; /* length of the URI */ + byte extSubjKeyId[KEYID_SIZE]; /* Subject Key ID */ + byte extSubjKeyIdSet; /* Set when the SKID was read from cert */ + byte extAuthKeyId[KEYID_SIZE]; /* Authority Key ID */ + byte extAuthKeyIdSet; /* Set when the AKID was read from cert */ +#ifndef IGNORE_NAME_CONSTRAINTS + byte extNameConstraintSet; +#endif /* IGNORE_NAME_CONSTRAINTS */ + byte isCA; /* CA basic constraint true */ + byte pathLengthSet; /* CA basic const path length set */ + byte pathLength; /* CA basic constraint path length */ + byte weOwnAltNames; /* altNames haven't been given to copy */ + byte extKeyUsageSet; + word16 extKeyUsage; /* Key usage bitfield */ + byte extExtKeyUsageSet; /* Extended Key Usage */ + byte extExtKeyUsage; /* Extended Key usage bitfield */ +#ifdef OPENSSL_EXTRA + byte extBasicConstSet; + byte extBasicConstCrit; + byte extSubjAltNameSet; + byte extSubjAltNameCrit; + byte extAuthKeyIdCrit; +#ifndef IGNORE_NAME_CONSTRAINTS + byte extNameConstraintCrit; +#endif /* IGNORE_NAME_CONSTRAINTS */ + byte extSubjKeyIdCrit; + byte extKeyUsageCrit; + byte extExtKeyUsageCrit; + byte* extExtKeyUsageSrc; + word32 extExtKeyUsageSz; + word32 extExtKeyUsageCount; + byte* extAuthKeyIdSrc; + word32 extAuthKeyIdSz; + byte* extSubjKeyIdSrc; + word32 extSubjKeyIdSz; +#endif +#ifdef HAVE_ECC + word32 pkCurveOID; /* Public Key's curve OID */ +#endif /* HAVE_ECC */ + byte* beforeDate; + int beforeDateLen; + byte* afterDate; + int afterDateLen; +#ifdef HAVE_PKCS7 + byte* issuerRaw; /* pointer to issuer inside source */ + int issuerRawLen; +#endif +#ifndef IGNORE_NAME_CONSTRAINT + byte* subjectRaw; /* pointer to subject inside source */ + int subjectRawLen; +#endif +#if defined(WOLFSSL_CERT_GEN) + /* easy access to subject info for other sign */ + char* subjectSN; + int subjectSNLen; + char subjectSNEnc; + char* subjectC; + int subjectCLen; + char subjectCEnc; + char* subjectL; + int subjectLLen; + char subjectLEnc; + char* subjectST; + int subjectSTLen; + char subjectSTEnc; + char* subjectO; + int subjectOLen; + char subjectOEnc; + char* subjectOU; + int subjectOULen; + char subjectOUEnc; + char* subjectEmail; + int subjectEmailLen; +#endif /* WOLFSSL_CERT_GEN */ +#ifdef OPENSSL_EXTRA + DecodedName issuerName; + DecodedName subjectName; +#endif /* OPENSSL_EXTRA */ +#ifdef WOLFSSL_SEP + int deviceTypeSz; + byte* deviceType; + int hwTypeSz; + byte* hwType; + int hwSerialNumSz; + byte* hwSerialNum; + #ifdef OPENSSL_EXTRA + byte extCertPolicySet; + byte extCertPolicyCrit; + #endif /* OPENSSL_EXTRA */ +#endif /* WOLFSSL_SEP */ +#ifdef WOLFSSL_CERT_EXT + char extCertPolicies[MAX_CERTPOL_NB][MAX_CERTPOL_SZ]; + int extCertPoliciesNb; +#endif /* WOLFSSL_CERT_EXT */ +}; + +extern const char* BEGIN_CERT; +extern const char* END_CERT; +extern const char* BEGIN_CERT_REQ; +extern const char* END_CERT_REQ; +extern const char* BEGIN_DH_PARAM; +extern const char* END_DH_PARAM; +extern const char* BEGIN_X509_CRL; +extern const char* END_X509_CRL; +extern const char* BEGIN_RSA_PRIV; +extern const char* END_RSA_PRIV; +extern const char* BEGIN_PRIV_KEY; +extern const char* END_PRIV_KEY; +extern const char* BEGIN_ENC_PRIV_KEY; +extern const char* END_ENC_PRIV_KEY; +extern const char* BEGIN_EC_PRIV; +extern const char* END_EC_PRIV; +extern const char* BEGIN_DSA_PRIV; +extern const char* END_DSA_PRIV; +extern const char* BEGIN_PUB_KEY; +extern const char* END_PUB_KEY; + +#ifdef NO_SHA + #define SIGNER_DIGEST_SIZE SHA256_DIGEST_SIZE +#else + #define SIGNER_DIGEST_SIZE SHA_DIGEST_SIZE +#endif + +/* CA Signers */ +/* if change layout change PERSIST_CERT_CACHE functions too */ +struct Signer { + word32 pubKeySize; + word32 keyOID; /* key type */ + word16 keyUsage; + byte pathLength; + byte pathLengthSet; + byte* publicKey; + int nameLen; + char* name; /* common name */ +#ifndef IGNORE_NAME_CONSTRAINTS + Base_entry* permittedNames; + Base_entry* excludedNames; +#endif /* IGNORE_NAME_CONSTRAINTS */ + byte subjectNameHash[SIGNER_DIGEST_SIZE]; + /* sha hash of names in certificate */ + #ifndef NO_SKID + byte subjectKeyIdHash[SIGNER_DIGEST_SIZE]; + /* sha hash of names in certificate */ + #endif + Signer* next; +}; + + +#ifdef WOLFSSL_TRUST_PEER_CERT +/* used for having trusted peer certs rather then CA */ +struct TrustedPeerCert { + int nameLen; + char* name; /* common name */ + #ifndef IGNORE_NAME_CONSTRAINTS + Base_entry* permittedNames; + Base_entry* excludedNames; + #endif /* IGNORE_NAME_CONSTRAINTS */ + byte subjectNameHash[SIGNER_DIGEST_SIZE]; + /* sha hash of names in certificate */ + #ifndef NO_SKID + byte subjectKeyIdHash[SIGNER_DIGEST_SIZE]; + /* sha hash of names in certificate */ + #endif + word32 sigLen; + byte* sig; + struct TrustedPeerCert* next; +}; +#endif /* WOLFSSL_TRUST_PEER_CERT */ + + +/* for testing or custom openssl wrappers */ +#if defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) + #define WOLFSSL_ASN_API WOLFSSL_API +#else + #define WOLFSSL_ASN_API WOLFSSL_LOCAL +#endif + +WOLFSSL_ASN_API void FreeAltNames(DNS_entry*, void*); +#ifndef IGNORE_NAME_CONSTRAINTS + WOLFSSL_ASN_API void FreeNameSubtrees(Base_entry*, void*); +#endif /* IGNORE_NAME_CONSTRAINTS */ +WOLFSSL_ASN_API void InitDecodedCert(DecodedCert*, byte*, word32, void*); +WOLFSSL_ASN_API void FreeDecodedCert(DecodedCert*); +WOLFSSL_ASN_API int ParseCert(DecodedCert*, int type, int verify, void* cm); + +WOLFSSL_LOCAL int ParseCertRelative(DecodedCert*,int type,int verify,void* cm); +WOLFSSL_LOCAL int DecodeToKey(DecodedCert*, int verify); + +WOLFSSL_LOCAL Signer* MakeSigner(void*); +WOLFSSL_LOCAL void FreeSigner(Signer*, void*); +WOLFSSL_LOCAL void FreeSignerTable(Signer**, int, void*); +#ifdef WOLFSSL_TRUST_PEER_CERT +WOLFSSL_LOCAL void FreeTrustedPeer(TrustedPeerCert*, void*); +WOLFSSL_LOCAL void FreeTrustedPeerTable(TrustedPeerCert**, int, void*); +#endif /* WOLFSSL_TRUST_PEER_CERT */ + +WOLFSSL_ASN_API int ToTraditional(byte* buffer, word32 length); +WOLFSSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*,int); +WOLFSSL_LOCAL int DecryptContent(byte* input, word32 sz,const char* psw,int pswSz); + +typedef struct tm wolfssl_tm; +#if defined(WOLFSSL_MYSQL_COMPATIBLE) +WOLFSSL_LOCAL int GetTimeString(byte* date, int format, char* buf, int len); +#endif +WOLFSSL_LOCAL int ExtractDate(const unsigned char* date, unsigned char format, + wolfssl_tm* certTime, int* idx); +WOLFSSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType); + +/* ASN.1 helper functions */ +#ifdef WOLFSSL_CERT_GEN +WOLFSSL_ASN_API int SetName(byte* output, word32 outputSz, CertName* name); +#endif +WOLFSSL_LOCAL int GetShortInt(const byte* input, word32* inOutIdx, int* number, + word32 maxIdx); +WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx); +WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx); +WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx); +WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx, + int* version, word32 maxIdx); +WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, + word32 maxIdx); +#ifdef HAVE_OID_ENCODING + WOLFSSL_LOCAL int EncodeObjectId(const word16* in, word32 inSz, + byte* out, word32* outSz); +#endif +#ifdef HAVE_OID_DECODING + WOLFSSL_LOCAL int DecodeObjectId(const byte* in, word32 inSz, + word16* out, word32* outSz); +#endif +WOLFSSL_LOCAL int GetObjectId(const byte* input, word32* inOutIdx, word32* oid, + word32 oidType, word32 maxIdx); +WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, + word32 oidType, word32 maxIdx); +WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output); +WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output); +WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output); +WOLFSSL_LOCAL word32 SetImplicit(byte tag,byte number,word32 len,byte* output); +WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output); +WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output); +WOLFSSL_LOCAL word32 SetAlgoID(int algoOID,byte* output,int type,int curveSz); +WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header); +WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output); +WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx, + byte* serial, int* serialSz, word32 maxIdx); +WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash, + int maxIdx); +WOLFSSL_LOCAL int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der); + +#ifdef HAVE_ECC + /* ASN sig helpers */ + WOLFSSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, + mp_int* s); + WOLFSSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, + mp_int* r, mp_int* s); +#endif + +#ifdef WOLFSSL_CERT_GEN + +enum cert_enums { + NAME_ENTRIES = 8, + JOINT_LEN = 2, + EMAIL_JOINT_LEN = 9, + RSA_KEY = 10, + NTRU_KEY = 11, + ECC_KEY = 12 +}; + +#ifndef WOLFSSL_PEMCERT_TODER_DEFINED +#ifndef NO_FILESYSTEM +/* forward from wolfSSL */ +WOLFSSL_API +int wolfSSL_PemCertToDer(const char* fileName,unsigned char* derBuf,int derSz); +#define WOLFSSL_PEMCERT_TODER_DEFINED +#endif +#endif + +#endif /* WOLFSSL_CERT_GEN */ + + + +/* for pointer use */ +typedef struct CertStatus CertStatus; + +#ifdef HAVE_OCSP + +enum Ocsp_Response_Status { + OCSP_SUCCESSFUL = 0, /* Response has valid confirmations */ + OCSP_MALFORMED_REQUEST = 1, /* Illegal confirmation request */ + OCSP_INTERNAL_ERROR = 2, /* Internal error in issuer */ + OCSP_TRY_LATER = 3, /* Try again later */ + OCSP_SIG_REQUIRED = 5, /* Must sign the request (4 is skipped) */ + OCSP_UNAUTHROIZED = 6 /* Request unauthorized */ +}; + + +enum Ocsp_Cert_Status { + CERT_GOOD = 0, + CERT_REVOKED = 1, + CERT_UNKNOWN = 2 +}; + + +enum Ocsp_Sums { + OCSP_BASIC_OID = 117, + OCSP_NONCE_OID = 118 +}; + + +typedef struct OcspRequest OcspRequest; +typedef struct OcspResponse OcspResponse; + + +struct CertStatus { + CertStatus* next; + + byte serial[EXTERNAL_SERIAL_SIZE]; + int serialSz; + + int status; + + byte thisDate[MAX_DATE_SIZE]; + byte nextDate[MAX_DATE_SIZE]; + byte thisDateFormat; + byte nextDateFormat; + + byte* rawOcspResponse; + word32 rawOcspResponseSz; +}; + + +struct OcspResponse { + int responseStatus; /* return code from Responder */ + + byte* response; /* Pointer to beginning of OCSP Response */ + word32 responseSz; /* length of the OCSP Response */ + + byte producedDate[MAX_DATE_SIZE]; + /* Date at which this response was signed */ + byte producedDateFormat; /* format of the producedDate */ + byte* issuerHash; + byte* issuerKeyHash; + + byte* cert; + word32 certSz; + + byte* sig; /* Pointer to sig in source */ + word32 sigSz; /* Length in octets for the sig */ + word32 sigOID; /* OID for hash used for sig */ + + CertStatus* status; /* certificate status to fill out */ + + byte* nonce; /* pointer to nonce inside ASN.1 response */ + int nonceSz; /* length of the nonce string */ + + byte* source; /* pointer to source buffer, not owned */ + word32 maxIdx; /* max offset based on init size */ +}; + + +struct OcspRequest { + byte issuerHash[KEYID_SIZE]; + byte issuerKeyHash[KEYID_SIZE]; + byte* serial; /* copy of the serial number in source cert */ + int serialSz; + byte* url; /* copy of the extAuthInfo in source cert */ + int urlSz; + + byte nonce[MAX_OCSP_NONCE_SZ]; + int nonceSz; + void* heap; +}; + + +WOLFSSL_LOCAL void InitOcspResponse(OcspResponse*, CertStatus*, byte*, word32); +WOLFSSL_LOCAL int OcspResponseDecode(OcspResponse*, void*, void* heap); + +WOLFSSL_LOCAL int InitOcspRequest(OcspRequest*, DecodedCert*, byte, void*); +WOLFSSL_LOCAL void FreeOcspRequest(OcspRequest*); +WOLFSSL_LOCAL int EncodeOcspRequest(OcspRequest*, byte*, word32); +WOLFSSL_LOCAL word32 EncodeOcspRequestExtensions(OcspRequest*, byte*, word32); + + +WOLFSSL_LOCAL int CompareOcspReqResp(OcspRequest*, OcspResponse*); + + +#endif /* HAVE_OCSP */ + + +/* for pointer use */ +typedef struct RevokedCert RevokedCert; + +#ifdef HAVE_CRL + +struct RevokedCert { + byte serialNumber[EXTERNAL_SERIAL_SIZE]; + int serialSz; + RevokedCert* next; +}; + +typedef struct DecodedCRL DecodedCRL; + +struct DecodedCRL { + word32 certBegin; /* offset to start of cert */ + word32 sigIndex; /* offset to start of signature */ + word32 sigLength; /* length of signature */ + word32 signatureOID; /* sum of algorithm object id */ + byte* signature; /* pointer into raw source, not owned */ + byte issuerHash[SIGNER_DIGEST_SIZE]; /* issuer hash */ + byte crlHash[SIGNER_DIGEST_SIZE]; /* raw crl data hash */ + byte lastDate[MAX_DATE_SIZE]; /* last date updated */ + byte nextDate[MAX_DATE_SIZE]; /* next update date */ + byte lastDateFormat; /* format of last date */ + byte nextDateFormat; /* format of next date */ + RevokedCert* certs; /* revoked cert list */ + int totalCerts; /* number on list */ + void* heap; +}; + +WOLFSSL_LOCAL void InitDecodedCRL(DecodedCRL*, void* heap); +WOLFSSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm); +WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*); + + +#endif /* HAVE_CRL */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* !NO_ASN */ +#endif /* WOLF_CRYPT_ASN_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/asn_public.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/asn_public.h new file mode 100644 index 0000000..c9d9545 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/asn_public.h @@ -0,0 +1,288 @@ +/* asn_public.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_ASN_PUBLIC_H +#define WOLF_CRYPT_ASN_PUBLIC_H + +#include +#ifdef HAVE_ECC + #include +#endif +#if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) + #include +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +/* Certificate file Type */ +enum CertType { + CERT_TYPE = 0, + PRIVATEKEY_TYPE, + DH_PARAM_TYPE, + CRL_TYPE, + CA_TYPE, + ECC_PRIVATEKEY_TYPE, + DSA_PRIVATEKEY_TYPE, + CERTREQ_TYPE, + DSA_TYPE, + ECC_TYPE, + RSA_TYPE, + PUBLICKEY_TYPE, + RSA_PUBLICKEY_TYPE, + ECC_PUBLICKEY_TYPE, + TRUSTED_PEER_TYPE +}; + + +/* Signature type, by OID sum */ +enum Ctc_SigType { + CTC_SHAwDSA = 517, + CTC_MD2wRSA = 646, + CTC_MD5wRSA = 648, + CTC_SHAwRSA = 649, + CTC_SHAwECDSA = 520, + CTC_SHA224wRSA = 658, + CTC_SHA224wECDSA = 527, + CTC_SHA256wRSA = 655, + CTC_SHA256wECDSA = 524, + CTC_SHA384wRSA = 656, + CTC_SHA384wECDSA = 525, + CTC_SHA512wRSA = 657, + CTC_SHA512wECDSA = 526 +}; + +enum Ctc_Encoding { + CTC_UTF8 = 0x0c, /* utf8 */ + CTC_PRINTABLE = 0x13 /* printable */ +}; + +enum Ctc_Misc { + CTC_COUNTRY_SIZE = 2, + CTC_NAME_SIZE = 64, + CTC_DATE_SIZE = 32, + CTC_MAX_ALT_SIZE = 16384, /* may be huge */ + CTC_SERIAL_SIZE = 8, +#ifdef WOLFSSL_CERT_EXT + /* AKID could contains: hash + (Option) AuthCertIssuer,AuthCertSerialNum + * We support only hash */ + CTC_MAX_SKID_SIZE = 32, /* SHA256_DIGEST_SIZE */ + CTC_MAX_AKID_SIZE = 32, /* SHA256_DIGEST_SIZE */ + CTC_MAX_CERTPOL_SZ = 64, + CTC_MAX_CERTPOL_NB = 2 /* Max number of Certificate Policy */ +#endif /* WOLFSSL_CERT_EXT */ +}; + +#ifdef WOLFSSL_CERT_GEN + +#ifndef HAVE_ECC + typedef struct ecc_key ecc_key; +#endif +#ifdef NO_RSA + typedef struct RsaKey RsaKey; +#endif + +typedef struct CertName { + char country[CTC_NAME_SIZE]; + char countryEnc; + char state[CTC_NAME_SIZE]; + char stateEnc; + char locality[CTC_NAME_SIZE]; + char localityEnc; + char sur[CTC_NAME_SIZE]; + char surEnc; + char org[CTC_NAME_SIZE]; + char orgEnc; + char unit[CTC_NAME_SIZE]; + char unitEnc; + char commonName[CTC_NAME_SIZE]; + char commonNameEnc; + char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */ +} CertName; + + +/* for user to fill for certificate generation */ +typedef struct Cert { + int version; /* x509 version */ + byte serial[CTC_SERIAL_SIZE]; /* serial number */ + int sigType; /* signature algo type */ + CertName issuer; /* issuer info */ + int daysValid; /* validity days */ + int selfSigned; /* self signed flag */ + CertName subject; /* subject info */ + int isCA; /* is this going to be a CA */ + /* internal use only */ + int bodySz; /* pre sign total size */ + int keyType; /* public key type of subject */ +#ifdef WOLFSSL_ALT_NAMES + byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */ + int altNamesSz; /* altNames size in bytes */ + byte beforeDate[CTC_DATE_SIZE]; /* before date copy */ + int beforeDateSz; /* size of copy */ + byte afterDate[CTC_DATE_SIZE]; /* after date copy */ + int afterDateSz; /* size of copy */ +#endif +#ifdef WOLFSSL_CERT_EXT + byte skid[CTC_MAX_SKID_SIZE]; /* Subject Key Identifier */ + int skidSz; /* SKID size in bytes */ + byte akid[CTC_MAX_AKID_SIZE]; /* Authority Key Identifier */ + int akidSz; /* AKID size in bytes */ + word16 keyUsage; /* Key Usage */ + char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ]; + word16 certPoliciesNb; /* Number of Cert Policy */ +#endif +#ifdef WOLFSSL_CERT_REQ + char challengePw[CTC_NAME_SIZE]; +#endif + void* heap; /* heap hint */ +} Cert; +#endif /* WOLFSSL_CERT_GEN */ + + +#ifdef WOLFSSL_CERT_GEN + + + +/* Initialize and Set Certificate defaults: + version = 3 (0x2) + serial = 0 (Will be randomly generated) + sigType = SHA_WITH_RSA + issuer = blank + daysValid = 500 + selfSigned = 1 (true) use subject as issuer + subject = blank + isCA = 0 (false) + keyType = RSA_KEY (default) +*/ +WOLFSSL_API void wc_InitCert(Cert*); +WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, + ecc_key*, WC_RNG*); +#ifdef WOLFSSL_CERT_REQ + WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz, + RsaKey*, ecc_key*); +#endif +WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer, + word32 derSz, RsaKey*, ecc_key*, WC_RNG*); +WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, + WC_RNG*); +WOLFSSL_API int wc_SetIssuer(Cert*, const char*); +WOLFSSL_API int wc_SetSubject(Cert*, const char*); +#ifdef WOLFSSL_ALT_NAMES + WOLFSSL_API int wc_SetAltNames(Cert*, const char*); +#endif +WOLFSSL_API int wc_SetIssuerBuffer(Cert*, const byte*, int); +WOLFSSL_API int wc_SetSubjectBuffer(Cert*, const byte*, int); +WOLFSSL_API int wc_SetAltNamesBuffer(Cert*, const byte*, int); +WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int); + +#ifdef WOLFSSL_CERT_EXT +WOLFSSL_API int wc_SetAuthKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, + ecc_key *eckey); +WOLFSSL_API int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz); +WOLFSSL_API int wc_SetAuthKeyId(Cert *cert, const char* file); +WOLFSSL_API int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, + ecc_key *eckey); +WOLFSSL_API int wc_SetSubjectKeyId(Cert *cert, const char* file); + +#ifdef HAVE_NTRU +WOLFSSL_API int wc_SetSubjectKeyIdFromNtruPublicKey(Cert *cert, byte *ntruKey, + word16 ntruKeySz); +#endif + +/* Set the KeyUsage. + * Value is a string separated tokens with ','. Accepted tokens are : + * digitalSignature,nonRepudiation,contentCommitment,keyCertSign,cRLSign, + * dataEncipherment,keyAgreement,keyEncipherment,encipherOnly and decipherOnly. + * + * nonRepudiation and contentCommitment are for the same usage. + */ +WOLFSSL_API int wc_SetKeyUsage(Cert *cert, const char *value); + +#endif /* WOLFSSL_CERT_EXT */ + + #ifdef HAVE_NTRU + WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, + const byte* ntruKey, word16 keySz, + WC_RNG*); + #endif + +#endif /* WOLFSSL_CERT_GEN */ + +#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER) + #ifndef WOLFSSL_PEMPUBKEY_TODER_DEFINED + #ifndef NO_FILESYSTEM + /* forward from wolfssl */ + WOLFSSL_API int wolfSSL_PemPubKeyToDer(const char* fileName, + unsigned char* derBuf, int derSz); + #endif + + /* forward from wolfssl */ + WOLFSSL_API int wolfSSL_PubKeyPemToDer(const unsigned char*, int, + unsigned char*, int); + #define WOLFSSL_PEMPUBKEY_TODER_DEFINED + #endif /* WOLFSSL_PEMPUBKEY_TODER_DEFINED */ +#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */ + +#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || !defined(NO_DSA) + WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output, + word32 outputSz, int type); + WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, + word32 outputSz, byte *cipherIno, int type); +#endif + +#ifdef HAVE_ECC + /* private key helpers */ + WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*, + ecc_key*, word32); + WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen); + + /* public key helper */ + WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*, + ecc_key*, word32); + #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) + WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key*, byte* output, + word32 inLen, int with_AlgCurve); + #endif +#endif + +/* DER encode signature */ +WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest, + word32 digSz, int hashOID); +WOLFSSL_API int wc_GetCTC_HashOID(int type); + +/* Time */ +/* Returns seconds (Epoch/UTC) + * timePtr: is "time_t", which is typically "long" + * Example: + long lTime; + rc = wc_GetTime(&lTime, (word32)sizeof(lTime)); +*/ +WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_ASN_PUBLIC_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/blake2-impl.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/blake2-impl.h new file mode 100644 index 0000000..3830c33 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/blake2-impl.h @@ -0,0 +1,155 @@ +/* + BLAKE2 reference source code package - reference C implementations + + Written in 2012 by Samuel Neves + + To the extent possible under law, the author(s) have dedicated all copyright + and related and neighboring rights to this software to the public domain + worldwide. This software is distributed without any warranty. + + You should have received a copy of the CC0 Public Domain Dedication along with + this software. If not, see . +*/ +/* blake2-impl.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLFCRYPT_BLAKE2_IMPL_H +#define WOLFCRYPT_BLAKE2_IMPL_H + +#include + +static INLINE word32 load32( const void *src ) +{ +#if defined(LITTLE_ENDIAN_ORDER) + return *( word32 * )( src ); +#else + const byte *p = ( byte * )src; + word32 w = *p++; + w |= ( word32 )( *p++ ) << 8; + w |= ( word32 )( *p++ ) << 16; + w |= ( word32 )( *p++ ) << 24; + return w; +#endif +} + +static INLINE word64 load64( const void *src ) +{ +#if defined(LITTLE_ENDIAN_ORDER) + return *( word64 * )( src ); +#else + const byte *p = ( byte * )src; + word64 w = *p++; + w |= ( word64 )( *p++ ) << 8; + w |= ( word64 )( *p++ ) << 16; + w |= ( word64 )( *p++ ) << 24; + w |= ( word64 )( *p++ ) << 32; + w |= ( word64 )( *p++ ) << 40; + w |= ( word64 )( *p++ ) << 48; + w |= ( word64 )( *p++ ) << 56; + return w; +#endif +} + +static INLINE void store32( void *dst, word32 w ) +{ +#if defined(LITTLE_ENDIAN_ORDER) + *( word32 * )( dst ) = w; +#else + byte *p = ( byte * )dst; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; +#endif +} + +static INLINE void store64( void *dst, word64 w ) +{ +#if defined(LITTLE_ENDIAN_ORDER) + *( word64 * )( dst ) = w; +#else + byte *p = ( byte * )dst; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; +#endif +} + +static INLINE word64 load48( const void *src ) +{ + const byte *p = ( const byte * )src; + word64 w = *p++; + w |= ( word64 )( *p++ ) << 8; + w |= ( word64 )( *p++ ) << 16; + w |= ( word64 )( *p++ ) << 24; + w |= ( word64 )( *p++ ) << 32; + w |= ( word64 )( *p++ ) << 40; + return w; +} + +static INLINE void store48( void *dst, word64 w ) +{ + byte *p = ( byte * )dst; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; +} + +static INLINE word32 rotl32( const word32 w, const unsigned c ) +{ + return ( w << c ) | ( w >> ( 32 - c ) ); +} + +static INLINE word64 rotl64( const word64 w, const unsigned c ) +{ + return ( w << c ) | ( w >> ( 64 - c ) ); +} + +static INLINE word32 rotr32( const word32 w, const unsigned c ) +{ + return ( w >> c ) | ( w << ( 32 - c ) ); +} + +static INLINE word64 rotr64( const word64 w, const unsigned c ) +{ + return ( w >> c ) | ( w << ( 64 - c ) ); +} + +/* prevents compiler optimizing out memset() */ +static INLINE void secure_zero_memory( void *v, word64 n ) +{ + volatile byte *p = ( volatile byte * )v; + + while( n-- ) *p++ = 0; +} + +#endif /* WOLFCRYPT_BLAKE2_IMPL_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/blake2-int.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/blake2-int.h new file mode 100644 index 0000000..0d62eaf --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/blake2-int.h @@ -0,0 +1,184 @@ +/* + BLAKE2 reference source code package - reference C implementations + + Written in 2012 by Samuel Neves + + To the extent possible under law, the author(s) have dedicated all copyright + and related and neighboring rights to this software to the public domain + worldwide. This software is distributed without any warranty. + + You should have received a copy of the CC0 Public Domain Dedication along with + this software. If not, see . +*/ +/* blake2-int.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + + +#ifndef WOLFCRYPT_BLAKE2_INT_H +#define WOLFCRYPT_BLAKE2_INT_H + +#include + + +#if defined(_MSC_VER) + #define ALIGN(x) __declspec(align(x)) +#elif defined(__GNUC__) + #define ALIGN(x) __attribute__((aligned(x))) +#else + #define ALIGN(x) +#endif + + +#if defined(__cplusplus) + extern "C" { +#endif + + enum blake2s_constant + { + BLAKE2S_BLOCKBYTES = 64, + BLAKE2S_OUTBYTES = 32, + BLAKE2S_KEYBYTES = 32, + BLAKE2S_SALTBYTES = 8, + BLAKE2S_PERSONALBYTES = 8 + }; + + enum blake2b_constant + { + BLAKE2B_BLOCKBYTES = 128, + BLAKE2B_OUTBYTES = 64, + BLAKE2B_KEYBYTES = 64, + BLAKE2B_SALTBYTES = 16, + BLAKE2B_PERSONALBYTES = 16 + }; + +#pragma pack(push, 1) + typedef struct __blake2s_param + { + byte digest_length; /* 1 */ + byte key_length; /* 2 */ + byte fanout; /* 3 */ + byte depth; /* 4 */ + word32 leaf_length; /* 8 */ + byte node_offset[6];/* 14 */ + byte node_depth; /* 15 */ + byte inner_length; /* 16 */ + /* byte reserved[0]; */ + byte salt[BLAKE2B_SALTBYTES]; /* 24 */ + byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */ + } blake2s_param; + + ALIGN( 64 ) typedef struct __blake2s_state + { + word32 h[8]; + word32 t[2]; + word32 f[2]; + byte buf[2 * BLAKE2S_BLOCKBYTES]; + word64 buflen; + byte last_node; + } blake2s_state ; + + typedef struct __blake2b_param + { + byte digest_length; /* 1 */ + byte key_length; /* 2 */ + byte fanout; /* 3 */ + byte depth; /* 4 */ + word32 leaf_length; /* 8 */ + word64 node_offset; /* 16 */ + byte node_depth; /* 17 */ + byte inner_length; /* 18 */ + byte reserved[14]; /* 32 */ + byte salt[BLAKE2B_SALTBYTES]; /* 48 */ + byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */ + } blake2b_param; + + ALIGN( 64 ) typedef struct __blake2b_state + { + word64 h[8]; + word64 t[2]; + word64 f[2]; + byte buf[2 * BLAKE2B_BLOCKBYTES]; + word64 buflen; + byte last_node; + } blake2b_state; + + typedef struct __blake2sp_state + { + blake2s_state S[8][1]; + blake2s_state R[1]; + byte buf[8 * BLAKE2S_BLOCKBYTES]; + word64 buflen; + } blake2sp_state; + + typedef struct __blake2bp_state + { + blake2b_state S[4][1]; + blake2b_state R[1]; + byte buf[4 * BLAKE2B_BLOCKBYTES]; + word64 buflen; + } blake2bp_state; +#pragma pack(pop) + + /* Streaming API */ + int blake2s_init( blake2s_state *S, const byte outlen ); + int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key, const byte keylen ); + int blake2s_init_param( blake2s_state *S, const blake2s_param *P ); + int blake2s_update( blake2s_state *S, const byte *in, word64 inlen ); + int blake2s_final( blake2s_state *S, byte *out, byte outlen ); + + int blake2b_init( blake2b_state *S, const byte outlen ); + int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, const byte keylen ); + int blake2b_init_param( blake2b_state *S, const blake2b_param *P ); + int blake2b_update( blake2b_state *S, const byte *in, word64 inlen ); + int blake2b_final( blake2b_state *S, byte *out, byte outlen ); + + int blake2sp_init( blake2sp_state *S, const byte outlen ); + int blake2sp_init_key( blake2sp_state *S, const byte outlen, const void *key, const byte keylen ); + int blake2sp_update( blake2sp_state *S, const byte *in, word64 inlen ); + int blake2sp_final( blake2sp_state *S, byte *out, byte outlen ); + + int blake2bp_init( blake2bp_state *S, const byte outlen ); + int blake2bp_init_key( blake2bp_state *S, const byte outlen, const void *key, const byte keylen ); + int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen ); + int blake2bp_final( blake2bp_state *S, byte *out, byte outlen ); + + /* Simple API */ + int blake2s( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); + int blake2b( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); + + int blake2sp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); + int blake2bp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); + + static INLINE int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ) + { + return blake2b( out, in, key, outlen, inlen, keylen ); + } + + + +#if defined(__cplusplus) + } +#endif + +#endif /* WOLFCRYPT_BLAKE2_INT_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/blake2.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/blake2.h new file mode 100644 index 0000000..ccad86c --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/blake2.h @@ -0,0 +1,72 @@ +/* blake2.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + + +#ifndef WOLF_CRYPT_BLAKE2_H +#define WOLF_CRYPT_BLAKE2_H + +#include + +#ifdef HAVE_BLAKE2 + +#include + +/* call old functions if using fips for the sake of hmac @wc_fips */ +#ifdef HAVE_FIPS + /* Since hmac can call blake functions provide original calls */ + #define wc_InitBlake2b InitBlake2b + #define wc_Blake2bUpdate Blake2bUpdate + #define wc_Blake2bFinal Blake2bFinal +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +/* in bytes, variable digest size up to 512 bits (64 bytes) */ +enum { + BLAKE2B_ID = 7, /* hash type unique */ + BLAKE2B_256 = 32 /* 256 bit type, SSL default */ +}; + + +/* BLAKE2b digest */ +typedef struct Blake2b { + blake2b_state S[1]; /* our state */ + word32 digestSz; /* digest size used on init */ +} Blake2b; + + +WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32); +WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32); +WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32); + + + +#ifdef __cplusplus + } +#endif + +#endif /* HAVE_BLAKE2 */ +#endif /* WOLF_CRYPT_BLAKE2_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/camellia.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/camellia.h new file mode 100644 index 0000000..923d5a9 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/camellia.h @@ -0,0 +1,97 @@ +/* camellia.h ver 1.2.0 + * + * Copyright (c) 2006,2007 + * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer as + * the first lines of this file unmodified. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* camellia.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_CAMELLIA_H +#define WOLF_CRYPT_CAMELLIA_H + +#include + +#ifdef HAVE_CAMELLIA + +#ifdef __cplusplus + extern "C" { +#endif + +enum { + CAMELLIA_BLOCK_SIZE = 16 +}; + +#define CAMELLIA_TABLE_BYTE_LEN 272 +#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / sizeof(word32)) + +typedef word32 KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; + +typedef struct Camellia { + word32 keySz; + KEY_TABLE_TYPE key; + word32 reg[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ + word32 tmp[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ +} Camellia; + + +WOLFSSL_API int wc_CamelliaSetKey(Camellia* cam, + const byte* key, word32 len, const byte* iv); +WOLFSSL_API int wc_CamelliaSetIV(Camellia* cam, const byte* iv); +WOLFSSL_API void wc_CamelliaEncryptDirect(Camellia* cam, byte* out, + const byte* in); +WOLFSSL_API void wc_CamelliaDecryptDirect(Camellia* cam, byte* out, + const byte* in); +WOLFSSL_API void wc_CamelliaCbcEncrypt(Camellia* cam, + byte* out, const byte* in, word32 sz); +WOLFSSL_API void wc_CamelliaCbcDecrypt(Camellia* cam, + byte* out, const byte* in, word32 sz); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_CAMELLIA */ +#endif /* WOLF_CRYPT_CAMELLIA_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/chacha.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/chacha.h new file mode 100644 index 0000000..68427eb --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/chacha.h @@ -0,0 +1,66 @@ +/* chacha.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_CHACHA_H +#define WOLF_CRYPT_CHACHA_H + +#include + +#ifdef HAVE_CHACHA + +#ifdef __cplusplus + extern "C" { +#endif + +/* Size of the IV */ +#define CHACHA_IV_WORDS 3 +#define CHACHA_IV_BYTES (CHACHA_IV_WORDS * sizeof(word32)) + +/* Size of ChaCha chunks */ +#define CHACHA_CHUNK_WORDS 16 +#define CHACHA_CHUNK_BYTES (CHACHA_CHUNK_WORDS * sizeof(word32)) + +enum { + CHACHA_ENC_TYPE = 7 /* cipher unique type */ +}; + +typedef struct ChaCha { + word32 X[CHACHA_CHUNK_WORDS]; /* state of cipher */ +} ChaCha; + +/** + * IV(nonce) changes with each record + * counter is for what value the block counter should start ... usually 0 + */ +WOLFSSL_API int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter); + +WOLFSSL_API int wc_Chacha_Process(ChaCha* ctx, byte* cipher, const byte* plain, + word32 msglen); +WOLFSSL_API int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_CHACHA */ +#endif /* WOLF_CRYPT_CHACHA_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/chacha20_poly1305.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/chacha20_poly1305.h new file mode 100644 index 0000000..47df004 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/chacha20_poly1305.h @@ -0,0 +1,80 @@ +/* chacha20_poly1305.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* This implementation of the ChaCha20-Poly1305 AEAD is based on "ChaCha20 + * and Poly1305 for IETF protocols" (draft-irtf-cfrg-chacha20-poly1305-10): + * https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-10 + */ + +#ifndef WOLF_CRYPT_CHACHA20_POLY1305_H +#define WOLF_CRYPT_CHACHA20_POLY1305_H + +#include + +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + +#ifdef __cplusplus + extern "C" { +#endif + +#define CHACHA20_POLY1305_AEAD_KEYSIZE 32 +#define CHACHA20_POLY1305_AEAD_IV_SIZE 12 +#define CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE 16 + +enum { + CHACHA20_POLY_1305_ENC_TYPE = 8 /* cipher unique type */ +}; + + /* + * The IV for this implementation is 96 bits to give the most flexibility. + * + * Some protocols may have unique per-invocation inputs that are not + * 96-bit in length. For example, IPsec may specify a 64-bit nonce. In + * such a case, it is up to the protocol document to define how to + * transform the protocol nonce into a 96-bit nonce, for example by + * concatenating a constant value. + */ + +WOLFSSL_API +int wc_ChaCha20Poly1305_Encrypt( + const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], + const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], + const byte* inAAD, const word32 inAADLen, + const byte* inPlaintext, const word32 inPlaintextLen, + byte* outCiphertext, + byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]); + +WOLFSSL_API +int wc_ChaCha20Poly1305_Decrypt( + const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], + const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], + const byte* inAAD, const word32 inAADLen, + const byte* inCiphertext, const word32 inCiphertextLen, + const byte inAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE], + byte* outPlaintext); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_CHACHA && HAVE_POLY1305 */ +#endif /* WOLF_CRYPT_CHACHA20_POLY1305_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/cmac.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/cmac.h new file mode 100644 index 0000000..9845a43 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/cmac.h @@ -0,0 +1,79 @@ +/* cmac.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_CMAC_H +#define WOLF_CRYPT_CMAC_H + +#include +#include + +#if !defined(NO_AES) && defined(WOLFSSL_CMAC) + +#ifdef __cplusplus + extern "C" { +#endif + +typedef struct Cmac { + Aes aes; + byte buffer[AES_BLOCK_SIZE]; /* partially stored block */ + byte digest[AES_BLOCK_SIZE]; /* running digest */ + byte k1[AES_BLOCK_SIZE]; + byte k2[AES_BLOCK_SIZE]; + word32 bufferSz; + word32 totalSz; +} Cmac; + + +typedef enum CmacType { + WC_CMAC_AES = 1 +} CmacType; + + +WOLFSSL_API +int wc_InitCmac(Cmac* cmac, + const byte* key, word32 keySz, + int type, void* unused); +WOLFSSL_API +int wc_CmacUpdate(Cmac* cmac, + const byte* in, word32 inSz); +WOLFSSL_API +int wc_CmacFinal(Cmac* cmac, + byte* out, word32* outSz); + +WOLFSSL_API +int wc_AesCmacGenerate(byte* out, word32* outSz, + const byte* in, word32 inSz, + const byte* key, word32 keySz); + +WOLFSSL_API +int wc_AesCmacVerify(const byte* check, word32 checkSz, + const byte* in, word32 inSz, + const byte* key, word32 keySz); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* NO_AES && WOLFSSL_CMAC */ +#endif /* WOLF_CRYPT_CMAC_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/coding.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/coding.h new file mode 100644 index 0000000..5395cc2 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/coding.h @@ -0,0 +1,77 @@ +/* coding.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_CODING_H +#define WOLF_CRYPT_CODING_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out, + word32* outLen); + +#if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(WOLFSSL_KEY_GEN) \ + || defined(WOLFSSL_CERT_GEN) || defined(HAVE_WEBSERVER) || !defined(NO_DSA) + #ifndef WOLFSSL_BASE64_ENCODE + #define WOLFSSL_BASE64_ENCODE + #endif +#endif + + +#ifdef WOLFSSL_BASE64_ENCODE + enum Escaped { + WC_STD_ENC = 0, /* normal \n line ending encoding */ + WC_ESC_NL_ENC, /* use escape sequence encoding */ + WC_NO_NL_ENC /* no encoding at all */ + }; /* Encoding types */ + + /* encode isn't */ + WOLFSSL_API + int Base64_Encode(const byte* in, word32 inLen, byte* out, + word32* outLen); + WOLFSSL_API + int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, + word32* outLen); + WOLFSSL_API + int Base64_Encode_NoNl(const byte* in, word32 inLen, byte* out, + word32* outLen); +#endif + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS) + WOLFSSL_API + int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen); + WOLFSSL_API + int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen); +#endif + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_CODING_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/compress.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/compress.h new file mode 100644 index 0000000..27ead35 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/compress.h @@ -0,0 +1,49 @@ +/* compress.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_COMPRESS_H +#define WOLF_CRYPT_COMPRESS_H + +#include + +#ifdef HAVE_LIBZ + +#ifdef __cplusplus + extern "C" { +#endif + + +#define COMPRESS_FIXED 1 + + +WOLFSSL_API int wc_Compress(byte*, word32, const byte*, word32, word32); +WOLFSSL_API int wc_DeCompress(byte*, word32, const byte*, word32); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* HAVE_LIBZ */ +#endif /* WOLF_CRYPT_COMPRESS_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/curve25519.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/curve25519.h new file mode 100644 index 0000000..d3a39ea --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/curve25519.h @@ -0,0 +1,145 @@ +/* curve25519.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_CURVE25519_H +#define WOLF_CRYPT_CURVE25519_H + +#include + +#ifdef HAVE_CURVE25519 + +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + +#define CURVE25519_KEYSIZE 32 + +/* curve25519 set type */ +typedef struct { + int size; /* The size of the curve in octets */ + const char* name; /* name of this curve */ +} curve25519_set_type; + + +/* ECC point, the internal structure is Little endian + * the mathematical functions used the endianess */ +typedef struct { + byte point[CURVE25519_KEYSIZE]; + #ifdef FREESCALE_LTC_ECC + byte pointY[CURVE25519_KEYSIZE]; + #endif +}ECPoint; + +/* A CURVE25519 Key */ +typedef struct { + int idx; /* Index into the ecc_sets[] for the parameters of + this curve if -1, this key is using user supplied + curve in dp */ + const curve25519_set_type* dp; /* domain parameters, either points to + curves (idx >= 0) or user supplied */ + ECPoint p; /* public key */ + ECPoint k; /* private key */ +} curve25519_key; + +enum { + EC25519_LITTLE_ENDIAN=0, + EC25519_BIG_ENDIAN=1 +}; + +WOLFSSL_API +int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key); + +WOLFSSL_API +int wc_curve25519_shared_secret(curve25519_key* private_key, + curve25519_key* public_key, + byte* out, word32* outlen); + +WOLFSSL_API +int wc_curve25519_shared_secret_ex(curve25519_key* private_key, + curve25519_key* public_key, + byte* out, word32* outlen, int endian); + +WOLFSSL_API +int wc_curve25519_init(curve25519_key* key); + +WOLFSSL_API +void wc_curve25519_free(curve25519_key* key); + + +/* raw key helpers */ +WOLFSSL_API +int wc_curve25519_import_private(const byte* priv, word32 privSz, + curve25519_key* key); +WOLFSSL_API +int wc_curve25519_import_private_ex(const byte* priv, word32 privSz, + curve25519_key* key, int endian); + +WOLFSSL_API +int wc_curve25519_import_private_raw(const byte* priv, word32 privSz, + const byte* pub, word32 pubSz, curve25519_key* key); +WOLFSSL_API +int wc_curve25519_import_private_raw_ex(const byte* priv, word32 privSz, + const byte* pub, word32 pubSz, + curve25519_key* key, int endian); +WOLFSSL_API +int wc_curve25519_export_private_raw(curve25519_key* key, byte* out, + word32* outLen); +WOLFSSL_API +int wc_curve25519_export_private_raw_ex(curve25519_key* key, byte* out, + word32* outLen, int endian); + +WOLFSSL_API +int wc_curve25519_import_public(const byte* in, word32 inLen, + curve25519_key* key); +WOLFSSL_API +int wc_curve25519_import_public_ex(const byte* in, word32 inLen, + curve25519_key* key, int endian); + +WOLFSSL_API +int wc_curve25519_export_public(curve25519_key* key, byte* out, word32* outLen); +WOLFSSL_API +int wc_curve25519_export_public_ex(curve25519_key* key, byte* out, + word32* outLen, int endian); + +WOLFSSL_API +int wc_curve25519_export_key_raw(curve25519_key* key, + byte* priv, word32 *privSz, + byte* pub, word32 *pubSz); +WOLFSSL_API +int wc_curve25519_export_key_raw_ex(curve25519_key* key, + byte* priv, word32 *privSz, + byte* pub, word32 *pubSz, + int endian); +/* size helper */ +WOLFSSL_API +int wc_curve25519_size(curve25519_key* key); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_CURVE25519 */ +#endif /* WOLF_CRYPT_CURVE25519_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/des3.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/des3.h new file mode 100644 index 0000000..db12cc9 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/des3.h @@ -0,0 +1,117 @@ +/* des3.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_DES3_H +#define WOLF_CRYPT_DES3_H + +#include + +#ifndef NO_DES3 + +#ifdef HAVE_FIPS +/* included for fips @wc_fips */ +#include +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +#ifndef HAVE_FIPS /* to avoid redefinition of macros */ + +#ifdef WOLFSSL_ASYNC_CRYPT + #include +#endif + +enum { + DES_ENC_TYPE = 2, /* cipher unique type */ + DES3_ENC_TYPE = 3, /* cipher unique type */ + DES_BLOCK_SIZE = 8, + DES_KS_SIZE = 32, + + DES_ENCRYPTION = 0, + DES_DECRYPTION = 1 +}; + +#define DES_IVLEN 8 +#define DES_KEYLEN 8 +#define DES3_IVLEN 8 +#define DES3_KEYLEN 24 + + +#if defined(STM32F2_CRYPTO) || defined(STM32F4_CRYPTO) +enum { + DES_CBC = 0, + DES_ECB = 1 +}; +#endif + + +/* DES encryption and decryption */ +typedef struct Des { + word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ + word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ + word32 key[DES_KS_SIZE]; +} Des; + + +/* DES3 encryption and decryption */ +typedef struct Des3 { + word32 key[3][DES_KS_SIZE]; + word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ + word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ +#ifdef WOLFSSL_ASYNC_CRYPT + AsyncCryptDev asyncDev; +#endif +} Des3; +#endif /* HAVE_FIPS */ + +WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key, + const byte* iv, int dir); +WOLFSSL_API void wc_Des_SetIV(Des* des, const byte* iv); +WOLFSSL_API int wc_Des_CbcEncrypt(Des* des, byte* out, + const byte* in, word32 sz); +WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out, + const byte* in, word32 sz); +WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out, + const byte* in, word32 sz); + +WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key, + const byte* iv,int dir); +WOLFSSL_API int wc_Des3_SetIV(Des3* des, const byte* iv); +WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out, + const byte* in,word32 sz); +WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out, + const byte* in,word32 sz); + +#ifdef WOLFSSL_ASYNC_CRYPT + WOLFSSL_API int wc_Des3AsyncInit(Des3*, int); + WOLFSSL_API void wc_Des3AsyncFree(Des3*); +#endif + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_DES3 */ +#endif /* WOLF_CRYPT_DES3_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/dh.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/dh.h new file mode 100644 index 0000000..6ac7be6 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/dh.h @@ -0,0 +1,67 @@ +/* dh.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_DH_H +#define WOLF_CRYPT_DH_H + +#include + +#ifndef NO_DH + +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +/* Diffie-Hellman Key */ +typedef struct DhKey { + mp_int p, g; /* group parameters */ +} DhKey; + + +WOLFSSL_API void wc_InitDhKey(DhKey* key); +WOLFSSL_API void wc_FreeDhKey(DhKey* key); + +WOLFSSL_API int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng, byte* priv, + word32* privSz, byte* pub, word32* pubSz); +WOLFSSL_API int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz, + const byte* priv, word32 privSz, const byte* otherPub, + word32 pubSz); + +WOLFSSL_API int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, + word32); +WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, + word32 gSz); +WOLFSSL_API int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, + word32* pInOutSz, byte* g, word32* gInOutSz); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_DH */ +#endif /* WOLF_CRYPT_DH_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/dsa.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/dsa.h new file mode 100644 index 0000000..a8d14bb --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/dsa.h @@ -0,0 +1,83 @@ +/* dsa.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_DSA_H +#define WOLF_CRYPT_DSA_H + +#include + +#ifndef NO_DSA + +#include +#include + +/* for DSA reverse compatibility */ +#define InitDsaKey wc_InitDsaKey +#define FreeDsaKey wc_FreeDsaKey +#define DsaSign wc_DsaSign +#define DsaVerify wc_DsaVerify +#define DsaPublicKeyDecode wc_DsaPublicKeyDecode +#define DsaPrivateKeyDecode wc_DsaPrivateKeyDecode +#define DsaKeyToDer wc_DsaKeyToDer + +#ifdef __cplusplus + extern "C" { +#endif + + +enum { + DSA_PUBLIC = 0, + DSA_PRIVATE = 1 +}; + +/* DSA */ +typedef struct DsaKey { + mp_int p, q, g, y, x; + int type; /* public or private */ + void* heap; /* memory hint */ +} DsaKey; + +WOLFSSL_API void wc_InitDsaKey(DsaKey* key); +WOLFSSL_API int wc_InitDsaKey_h(DsaKey* key, void* h); +WOLFSSL_API void wc_FreeDsaKey(DsaKey* key); +WOLFSSL_API int wc_DsaSign(const byte* digest, byte* out, + DsaKey* key, WC_RNG* rng); +WOLFSSL_API int wc_DsaVerify(const byte* digest, const byte* sig, + DsaKey* key, int* answer); +WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, + DsaKey*, word32); +WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, + DsaKey*, word32); +WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen); + +#ifdef WOLFSSL_KEY_GEN +WOLFSSL_API int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa); +WOLFSSL_API int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa); +#endif + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_DSA */ +#endif /* WOLF_CRYPT_DSA_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/ecc.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/ecc.h new file mode 100644 index 0000000..060e5f8 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/ecc.h @@ -0,0 +1,477 @@ +/* ecc.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_ECC_H +#define WOLF_CRYPT_ECC_H + +#include + +#ifdef HAVE_ECC + +#include +#include + +#ifdef HAVE_X963_KDF + #include +#endif + +#ifdef WOLFSSL_ASYNC_CRYPT + #include +#endif + +#ifdef WOLFSSL_ATECC508A + #include +#endif /* WOLFSSL_ATECC508A */ + + +#ifdef __cplusplus + extern "C" { +#endif + +enum { + ECC_PUBLICKEY = 1, + ECC_PRIVATEKEY = 2, + ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */ + SIG_HEADER_SZ = 6, /* ECC signature header size */ + ECC_BUFSIZE = 256, /* for exported keys temp buffer */ + ECC_MINSIZE = 20, /* MIN Private Key size */ + ECC_MAXSIZE = 66, /* MAX Private Key size */ + ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/ + ECC_MAX_PAD_SZ = 4, /* ECC maximum padding size */ + ECC_MAX_OID_LEN = 16, +}; + +/* Curve Types */ +typedef enum ecc_curve_id { + ECC_CURVE_DEF, /* NIST or SECP */ + + /* NIST Prime Curves */ + ECC_SECP192R1, + ECC_PRIME192V2, + ECC_PRIME192V3, + ECC_PRIME239V1, + ECC_PRIME239V2, + ECC_PRIME239V3, + ECC_SECP256R1, + + /* SECP Curves */ + ECC_SECP112R1, + ECC_SECP112R2, + ECC_SECP128R1, + ECC_SECP128R2, + ECC_SECP160R1, + ECC_SECP160R2, + ECC_SECP224R1, + ECC_SECP384R1, + ECC_SECP521R1, + + /* Koblitz */ + ECC_SECP160K1, + ECC_SECP192K1, + ECC_SECP224K1, + ECC_SECP256K1, + + /* Brainpool Curves */ + ECC_BRAINPOOLP160R1, + ECC_BRAINPOOLP192R1, + ECC_BRAINPOOLP224R1, + ECC_BRAINPOOLP256R1, + ECC_BRAINPOOLP320R1, + ECC_BRAINPOOLP384R1, + ECC_BRAINPOOLP512R1, +} ecc_curve_id; + +#ifdef HAVE_OID_ENCODING +typedef word16 ecc_oid_t; +#else +typedef byte ecc_oid_t; + /* OID encoded with ASN scheme: + first element = (oid[0] * 40) + oid[1] + if any element > 127 then MSB 0x80 indicates additional byte */ +#endif + +/* ECC set type defined a GF(p) curve */ +typedef struct { + int size; /* The size of the curve in octets */ + int id; /* id of this curve */ + const char* name; /* name of this curve */ + const char* prime; /* prime that defines the field, curve is in (hex) */ + const char* Af; /* fields A param (hex) */ + const char* Bf; /* fields B param (hex) */ + const char* order; /* order of the curve (hex) */ + const char* Gx; /* x coordinate of the base point on curve (hex) */ + const char* Gy; /* y coordinate of the base point on curve (hex) */ + const ecc_oid_t* oid; + word32 oidSz; + word32 oidSum; /* sum of encoded OID bytes */ + int cofactor; +} ecc_set_type; + + +/* Use this as the key->idx if a custom ecc_set is used for key->dp */ +#define ECC_CUSTOM_IDX (-1) + + +/* Determine max ECC bits based on enabled curves */ +#if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) + #define MAX_ECC_BITS 521 +#elif defined(HAVE_ECC512) + #define MAX_ECC_BITS 512 +#elif defined(HAVE_ECC384) + #define MAX_ECC_BITS 384 +#elif defined(HAVE_ECC320) + #define MAX_ECC_BITS 320 +#elif defined(HAVE_ECC239) + #define MAX_ECC_BITS 239 +#elif defined(HAVE_ECC224) + #define MAX_ECC_BITS 224 +#elif !defined(NO_ECC256) + #define MAX_ECC_BITS 256 +#elif defined(HAVE_ECC192) + #define MAX_ECC_BITS 192 +#elif defined(HAVE_ECC160) + #define MAX_ECC_BITS 160 +#elif defined(HAVE_ECC128) + #define MAX_ECC_BITS 128 +#elif defined(HAVE_ECC112) + #define MAX_ECC_BITS 112 +#endif + + + +#ifdef ALT_ECC_SIZE + +/* Note on ALT_ECC_SIZE: + * The fast math code uses an array of a fixed size to store the big integers. + * By default, the array is big enough for RSA keys. There is a size, + * FP_MAX_BITS which can be used to make the array smaller when one wants ECC + * but not RSA. Some people want fast math sized for both RSA and ECC, where + * ECC won't use as much as RSA. The flag ALT_ECC_SIZE switches in an alternate + * ecc_point structure that uses an alternate fp_int that has a shorter array + * of fp_digits. + * + * Now, without ALT_ECC_SIZE, the ecc_point has three single item arrays of + * mp_ints for the components of the point. With ALT_ECC_SIZE, the components + * of the point are pointers that are set to each of a three item array of + * alt_fp_ints. While an mp_int will have 4096 bits of digit inside the + * structure, the alt_fp_int will only have 528 bits. A size value was added + * in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The + * functions fp_zero() and fp_copy() use the size parameter. An int needs to + * be initialized before using it instead of just fp_zeroing it, the init will + * call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the + * number of bits used in the alternate FP_INT. + * + * Do not enable ALT_ECC_SIZE and disable fast math in the configuration. + */ + +#ifndef USE_FAST_MATH + #error USE_FAST_MATH must be defined to use ALT_ECC_SIZE +#endif + +/* determine max bits required for ECC math */ +#ifndef FP_MAX_BITS_ECC + /* check alignment */ + #if ((MAX_ECC_BITS * 2) % DIGIT_BIT) == 0 + /* max bits is double */ + #define FP_MAX_BITS_ECC (MAX_ECC_BITS * 2) + #else + /* max bits is doubled, plus one digit of fudge */ + #define FP_MAX_BITS_ECC ((MAX_ECC_BITS * 2) + DIGIT_BIT) + #endif +#else + /* verify alignment */ + #if FP_MAX_BITS_ECC % CHAR_BIT + #error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT + #endif +#endif + +/* determine buffer size */ +#define FP_SIZE_ECC (FP_MAX_BITS_ECC/DIGIT_BIT) + + +/* This needs to match the size of the fp_int struct, except the + * fp_digit array will be shorter. */ +typedef struct alt_fp_int { + int used, sign, size; + fp_digit dp[FP_SIZE_ECC]; +} alt_fp_int; +#endif /* ALT_ECC_SIZE */ + +/* A point on an ECC curve, stored in Jacbobian format such that (x,y,z) => + (x/z^2, y/z^3, 1) when interpreted as affine */ +typedef struct { +#ifndef ALT_ECC_SIZE + mp_int x[1]; /* The x coordinate */ + mp_int y[1]; /* The y coordinate */ + mp_int z[1]; /* The z coordinate */ +#else + mp_int* x; /* The x coordinate */ + mp_int* y; /* The y coordinate */ + mp_int* z; /* The z coordinate */ + alt_fp_int xyz[3]; +#endif +} ecc_point; + + +/* An ECC Key */ +typedef struct ecc_key { + int type; /* Public or Private */ + int idx; /* Index into the ecc_sets[] for the parameters of + this curve if -1, this key is using user supplied + curve in dp */ + const ecc_set_type* dp; /* domain parameters, either points to NIST + curves (idx >= 0) or user supplied */ + void* heap; /* heap hint */ +#ifdef WOLFSSL_ATECC508A + int slot; /* Key Slot Number (-1 unknown) */ + byte pubkey[PUB_KEY_SIZE]; +#else + ecc_point pubkey; /* public key */ + mp_int k; /* private key */ +#endif + +#ifdef WOLFSSL_ASYNC_CRYPT + AsyncCryptDev asyncDev; +#endif +} ecc_key; + + +/* ECC predefined curve sets */ +extern const ecc_set_type ecc_sets[]; + + +WOLFSSL_API +int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key); +WOLFSSL_API +int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, + int curve_id); +WOLFSSL_API +int wc_ecc_check_key(ecc_key* key); + +#ifdef HAVE_ECC_DHE +WOLFSSL_API +int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, + word32* outlen); +#ifndef WOLFSSL_ATECC508A +WOLFSSL_API +int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point, + byte* out, word32 *outlen); +#endif /* !WOLFSSL_ATECC508A */ +#endif /* HAVE_ECC_DHE */ + +#ifdef HAVE_ECC_SIGN +WOLFSSL_API +int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, + WC_RNG* rng, ecc_key* key); +WOLFSSL_API +int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, + ecc_key* key, mp_int *r, mp_int *s); +#endif /* HAVE_ECC_SIGN */ + +#ifdef HAVE_ECC_VERIFY +WOLFSSL_API +int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, + word32 hashlen, int* stat, ecc_key* key); +WOLFSSL_API +int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, + word32 hashlen, int* stat, ecc_key* key); +#endif /* HAVE_ECC_VERIFY */ + +WOLFSSL_API +int wc_ecc_init(ecc_key* key); +WOLFSSL_API +int wc_ecc_init_ex(ecc_key* key, void* heap, int devId); +WOLFSSL_API +void wc_ecc_free(ecc_key* key); +WOLFSSL_API +void wc_ecc_fp_free(void); + +WOLFSSL_API +int wc_ecc_is_valid_idx(int n); + +#ifndef WOLFSSL_ATECC508A + +WOLFSSL_API +ecc_point* wc_ecc_new_point(void); +WOLFSSL_API +ecc_point* wc_ecc_new_point_h(void* h); +WOLFSSL_API +void wc_ecc_del_point(ecc_point* p); +WOLFSSL_API +void wc_ecc_del_point_h(ecc_point* p, void* h); +WOLFSSL_API +int wc_ecc_copy_point(ecc_point* p, ecc_point *r); +WOLFSSL_API +int wc_ecc_cmp_point(ecc_point* a, ecc_point *b); +WOLFSSL_API +int wc_ecc_point_is_at_infinity(ecc_point *p); +WOLFSSL_API +int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, + mp_int* a, mp_int* modulus, int map); +WOLFSSL_LOCAL +int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R, + mp_int* a, mp_int* modulus, int map, void* heap); +#endif /* !WOLFSSL_ATECC508A */ + + +#ifdef HAVE_ECC_KEY_EXPORT +/* ASN key helpers */ +WOLFSSL_API +int wc_ecc_export_x963(ecc_key*, byte* out, word32* outLen); +WOLFSSL_API +int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed); + /* extended functionality with compressed option */ +#endif /* HAVE_ECC_KEY_EXPORT */ + +#ifdef HAVE_ECC_KEY_IMPORT +WOLFSSL_API +int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key); +WOLFSSL_API +int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, + int curve_id); +WOLFSSL_API +int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, + word32 pubSz, ecc_key* key); +WOLFSSL_API +int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, + const byte* pub, word32 pubSz, ecc_key* key, int curve_id); +WOLFSSL_API +int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen); +WOLFSSL_API +int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy, + const char* d, const char* curveName); +WOLFSSL_API +int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy, + const char* d, int curve_id); +#endif /* HAVE_ECC_KEY_IMPORT */ + +#ifdef HAVE_ECC_KEY_EXPORT +WOLFSSL_API +int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen); +#endif /* HAVE_ECC_KEY_EXPORT */ + +#ifdef HAVE_ECC_KEY_EXPORT + +WOLFSSL_API +int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, + byte* out, word32* outLen); +#endif /* HAVE_ECC_KEY_EXPORT */ + + +#ifdef HAVE_ECC_KEY_IMPORT +WOLFSSL_API +int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, + ecc_point* point); +#endif /* HAVE_ECC_KEY_IMPORT */ + +/* size helper */ +WOLFSSL_API +int wc_ecc_size(ecc_key* key); +WOLFSSL_API +int wc_ecc_sig_size(ecc_key* key); + +WOLFSSL_API +int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz); + +#ifdef WOLFSSL_CUSTOM_CURVES + WOLFSSL_API + int wc_ecc_set_custom_curve(ecc_key* key, const ecc_set_type* dp); +#endif + +#ifdef HAVE_ECC_ENCRYPT +/* ecc encrypt */ + +enum ecEncAlgo { + ecAES_128_CBC = 1, /* default */ + ecAES_256_CBC = 2 +}; + +enum ecKdfAlgo { + ecHKDF_SHA256 = 1, /* default */ + ecHKDF_SHA1 = 2 +}; + +enum ecMacAlgo { + ecHMAC_SHA256 = 1, /* default */ + ecHMAC_SHA1 = 2 +}; + +enum { + KEY_SIZE_128 = 16, + KEY_SIZE_256 = 32, + IV_SIZE_64 = 8, + IV_SIZE_128 = 16, + EXCHANGE_SALT_SZ = 16, + EXCHANGE_INFO_SZ = 23 +}; + +enum ecFlags { + REQ_RESP_CLIENT = 1, + REQ_RESP_SERVER = 2 +}; + + +typedef struct ecEncCtx ecEncCtx; + +WOLFSSL_API +ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng); +WOLFSSL_API +ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap); +WOLFSSL_API +void wc_ecc_ctx_free(ecEncCtx*); +WOLFSSL_API +int wc_ecc_ctx_reset(ecEncCtx*, WC_RNG*); /* reset for use again w/o alloc/free */ + +WOLFSSL_API +const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*); +WOLFSSL_API +int wc_ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt); +WOLFSSL_API +int wc_ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz); + +WOLFSSL_API +int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); +WOLFSSL_API +int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); + +#endif /* HAVE_ECC_ENCRYPT */ + +#ifdef HAVE_X963_KDF +WOLFSSL_API int wc_X963_KDF(enum wc_HashType type, const byte* secret, + word32 secretSz, const byte* sinfo, word32 sinfoSz, + byte* out, word32 outSz); +#endif + +#ifdef WOLFSSL_ASYNC_CRYPT + WOLFSSL_API int wc_ecc_async_handle(ecc_key* key, + WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event); + WOLFSSL_API int wc_ecc_async_wait(int ret, ecc_key* key); +#endif + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_ECC */ +#endif /* WOLF_CRYPT_ECC_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/ed25519.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/ed25519.h new file mode 100644 index 0000000..ea88603 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/ed25519.h @@ -0,0 +1,113 @@ +/* ed25519.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_ED25519_H +#define WOLF_CRYPT_ED25519_H + +#include + +#ifdef HAVE_ED25519 + +#include +#include +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +/* info about EdDSA curve specifically ed25519, defined as an elliptic curve + over GF(p) */ +/* + 32, key size + "ED25519", curve name + "2^255-19", prime number + "SHA512", hash function + "-121665/121666", value of d +*/ + +#define ED25519_KEY_SIZE 32 /* private key only */ +#define ED25519_SIG_SIZE 64 + +#define ED25519_PUB_KEY_SIZE 32 /* compressed */ +/* both private and public key */ +#define ED25519_PRV_KEY_SIZE (ED25519_PUB_KEY_SIZE+ED25519_KEY_SIZE) + +/* An ED25519 Key */ +typedef struct { + byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */ + byte k[ED25519_PRV_KEY_SIZE]; /* private key : 32 secret -- 32 public */ +#ifdef FREESCALE_LTC_ECC + /* uncompressed point coordinates */ + byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */ + byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */ +#endif +} ed25519_key; + + +WOLFSSL_API +int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key); +WOLFSSL_API +int wc_ed25519_sign_msg(const byte* in, word32 inlen, byte* out, + word32 *outlen, ed25519_key* key); +WOLFSSL_API +int wc_ed25519_verify_msg(byte* sig, word32 siglen, const byte* msg, + word32 msglen, int* stat, ed25519_key* key); +WOLFSSL_API +int wc_ed25519_init(ed25519_key* key); +WOLFSSL_API +void wc_ed25519_free(ed25519_key* key); +WOLFSSL_API +int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key); +WOLFSSL_API +int wc_ed25519_import_private_key(const byte* priv, word32 privSz, + const byte* pub, word32 pubSz, ed25519_key* key); +WOLFSSL_API +int wc_ed25519_export_public(ed25519_key*, byte* out, word32* outLen); +WOLFSSL_API +int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen); +WOLFSSL_API +int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen); +WOLFSSL_API +int wc_ed25519_export_key(ed25519_key* key, + byte* priv, word32 *privSz, + byte* pub, word32 *pubSz); + +/* size helper */ +WOLFSSL_API +int wc_ed25519_size(ed25519_key* key); +WOLFSSL_API +int wc_ed25519_priv_size(ed25519_key* key); +WOLFSSL_API +int wc_ed25519_pub_size(ed25519_key* key); +WOLFSSL_API +int wc_ed25519_sig_size(ed25519_key* key); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_ED25519 */ +#endif /* WOLF_CRYPT_ED25519_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/error-crypt.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/error-crypt.h new file mode 100644 index 0000000..9ebdc5d --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/error-crypt.h @@ -0,0 +1,198 @@ +/* error-crypt.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_ERROR_H +#define WOLF_CRYPT_ERROR_H + +#include + +#ifdef HAVE_FIPS + #include +#endif /* HAVE_FIPS */ + +#ifdef __cplusplus + extern "C" { +#endif + + +/* error codes, add string for new errors !!! */ +enum { + MAX_CODE_E = -100, /* errors -101 - -299 */ + OPEN_RAN_E = -101, /* opening random device error */ + READ_RAN_E = -102, /* reading random device error */ + WINCRYPT_E = -103, /* windows crypt init error */ + CRYPTGEN_E = -104, /* windows crypt generation error */ + RAN_BLOCK_E = -105, /* reading random device would block */ + BAD_MUTEX_E = -106, /* Bad mutex operation */ + WC_TIMEOUT_E = -107, /* timeout error */ + WC_PENDING_E = -108, /* wolfCrypt operation pending (would block) */ + WC_NOT_PENDING_E = -109, /* wolfCrypt operation not pending */ + + MP_INIT_E = -110, /* mp_init error state */ + MP_READ_E = -111, /* mp_read error state */ + MP_EXPTMOD_E = -112, /* mp_exptmod error state */ + MP_TO_E = -113, /* mp_to_xxx error state, can't convert */ + MP_SUB_E = -114, /* mp_sub error state, can't subtract */ + MP_ADD_E = -115, /* mp_add error state, can't add */ + MP_MUL_E = -116, /* mp_mul error state, can't multiply */ + MP_MULMOD_E = -117, /* mp_mulmod error state, can't multiply mod */ + MP_MOD_E = -118, /* mp_mod error state, can't mod */ + MP_INVMOD_E = -119, /* mp_invmod error state, can't inv mod */ + MP_CMP_E = -120, /* mp_cmp error state */ + MP_ZERO_E = -121, /* got a mp zero result, not expected */ + + MEMORY_E = -125, /* out of memory error */ + VAR_STATE_CHANGE_E = -126, /* var state modified by different thread */ + + RSA_WRONG_TYPE_E = -130, /* RSA wrong block type for RSA function */ + RSA_BUFFER_E = -131, /* RSA buffer error, output too small or + input too large */ + BUFFER_E = -132, /* output buffer too small or input too large */ + ALGO_ID_E = -133, /* setting algo id error */ + PUBLIC_KEY_E = -134, /* setting public key error */ + DATE_E = -135, /* setting date validity error */ + SUBJECT_E = -136, /* setting subject name error */ + ISSUER_E = -137, /* setting issuer name error */ + CA_TRUE_E = -138, /* setting CA basic constraint true error */ + EXTENSIONS_E = -139, /* setting extensions error */ + + ASN_PARSE_E = -140, /* ASN parsing error, invalid input */ + ASN_VERSION_E = -141, /* ASN version error, invalid number */ + ASN_GETINT_E = -142, /* ASN get big int error, invalid data */ + ASN_RSA_KEY_E = -143, /* ASN key init error, invalid input */ + ASN_OBJECT_ID_E = -144, /* ASN object id error, invalid id */ + ASN_TAG_NULL_E = -145, /* ASN tag error, not null */ + ASN_EXPECT_0_E = -146, /* ASN expect error, not zero */ + ASN_BITSTR_E = -147, /* ASN bit string error, wrong id */ + ASN_UNKNOWN_OID_E = -148, /* ASN oid error, unknown sum id */ + ASN_DATE_SZ_E = -149, /* ASN date error, bad size */ + ASN_BEFORE_DATE_E = -150, /* ASN date error, current date before */ + ASN_AFTER_DATE_E = -151, /* ASN date error, current date after */ + ASN_SIG_OID_E = -152, /* ASN signature error, mismatched oid */ + ASN_TIME_E = -153, /* ASN time error, unknown time type */ + ASN_INPUT_E = -154, /* ASN input error, not enough data */ + ASN_SIG_CONFIRM_E = -155, /* ASN sig error, confirm failure */ + ASN_SIG_HASH_E = -156, /* ASN sig error, unsupported hash type */ + ASN_SIG_KEY_E = -157, /* ASN sig error, unsupported key type */ + ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */ + ASN_NTRU_KEY_E = -159, /* ASN ntru key decode error, invalid input */ + ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */ + + ECC_BAD_ARG_E = -170, /* ECC input argument of wrong type */ + ASN_ECC_KEY_E = -171, /* ASN ECC bad input */ + ECC_CURVE_OID_E = -172, /* Unsupported ECC OID curve type */ + BAD_FUNC_ARG = -173, /* Bad function argument provided */ + NOT_COMPILED_IN = -174, /* Feature not compiled in */ + UNICODE_SIZE_E = -175, /* Unicode password too big */ + NO_PASSWORD = -176, /* no password provided by user */ + ALT_NAME_E = -177, /* alt name size problem, too big */ + + AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */ + AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */ + + ASYNC_INIT_E = -182, /* Async Init type error */ + + COMPRESS_INIT_E = -183, /* Compress init error */ + COMPRESS_E = -184, /* Compress error */ + DECOMPRESS_INIT_E = -185, /* DeCompress init error */ + DECOMPRESS_E = -186, /* DeCompress error */ + + BAD_ALIGN_E = -187, /* Bad alignment for operation, no alloc */ + ASN_NO_SIGNER_E = -188, /* ASN no signer to confirm failure */ + ASN_CRL_CONFIRM_E = -189, /* ASN CRL signature confirm failure */ + ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */ + ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */ + + BAD_STATE_E = -192, /* Bad state operation */ + BAD_PADDING_E = -193, /* Bad padding, msg not correct length */ + + REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */ + + PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */ + PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */ + FIPS_NOT_ALLOWED_E = -197, /* FIPS not allowed error */ + ASN_NAME_INVALID_E = -198, /* ASN name constraint error */ + + RNG_FAILURE_E = -199, /* RNG Failed, Reinitialize */ + HMAC_MIN_KEYLEN_E = -200, /* FIPS Mode HMAC Minimum Key Length error */ + RSA_PAD_E = -201, /* RSA Padding Error */ + LENGTH_ONLY_E = -202, /* Returning output length only */ + + IN_CORE_FIPS_E = -203, /* In Core Integrity check failure */ + AES_KAT_FIPS_E = -204, /* AES KAT failure */ + DES3_KAT_FIPS_E = -205, /* DES3 KAT failure */ + HMAC_KAT_FIPS_E = -206, /* HMAC KAT failure */ + RSA_KAT_FIPS_E = -207, /* RSA KAT failure */ + DRBG_KAT_FIPS_E = -208, /* HASH DRBG KAT failure */ + DRBG_CONT_FIPS_E = -209, /* HASH DRBG Continuous test failure */ + AESGCM_KAT_FIPS_E = -210, /* AESGCM KAT failure */ + THREAD_STORE_KEY_E = -211, /* Thread local storage key create failure */ + THREAD_STORE_SET_E = -212, /* Thread local storage key set failure */ + + MAC_CMP_FAILED_E = -213, /* MAC comparison failed */ + IS_POINT_E = -214, /* ECC is point on curve failed */ + ECC_INF_E = -215, /* ECC point infinity error */ + ECC_PRIV_KEY_E = -216, /* ECC private key not valid error */ + + SRP_CALL_ORDER_E = -217, /* SRP function called in the wrong order. */ + SRP_VERIFY_E = -218, /* SRP proof verification failed. */ + SRP_BAD_KEY_E = -219, /* SRP bad ephemeral values. */ + + ASN_NO_SKID = -220, /* ASN no Subject Key Identifier found */ + ASN_NO_AKID = -221, /* ASN no Authority Key Identifier found */ + ASN_NO_KEYUSAGE = -223, /* ASN no Key Usage found */ + SKID_E = -224, /* setting Subject Key Identifier error */ + AKID_E = -225, /* setting Authority Key Identifier error */ + KEYUSAGE_E = -226, /* Bad Key Usage value */ + CERTPOLICIES_E = -227, /* setting Certificate Policies error */ + + WC_INIT_E = -228, /* wolfcrypt failed to initialize */ + SIG_VERIFY_E = -229, /* wolfcrypt signature verify error */ + BAD_COND_E = -230, /* Bad condition variable operation */ + SIG_TYPE_E = -231, /* Signature Type not enabled/available */ + HASH_TYPE_E = -232, /* Hash Type not enabled/available */ + + WC_KEY_SIZE_E = -234, /* Key size error, either too small or large */ + ASN_COUNTRY_SIZE_E = -235, /* ASN Cert Gen, invalid country code size */ + MISSING_RNG_E = -236, /* RNG required but not provided */ + ASN_PATHLEN_SIZE_E = -237, /* ASN CA path length too large error */ + ASN_PATHLEN_INV_E = -238, /* ASN CA path length inversion error */ + + BAD_KEYWRAP_ALG_E = -239, + BAD_KEYWRAP_IV_E = -240, /* Decrypted AES key wrap IV incorrect */ + + MIN_CODE_E = -300 /* errors -101 - -299 */ + + /* add new companion error id strings for any new error codes + wolfcrypt/src/error.c !!! */ +}; + + +WOLFSSL_API void wc_ErrorString(int err, char* buff); +WOLFSSL_API const char* wc_GetErrorString(int error); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif +#endif /* WOLF_CRYPT_ERROR_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/fe_operations.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/fe_operations.h new file mode 100644 index 0000000..ae15dab --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/fe_operations.h @@ -0,0 +1,135 @@ +/* fe_operations.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_FE_OPERATIONS_H +#define WOLF_CRYPT_FE_OPERATIONS_H + +#include + +#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519) + +#ifndef CURVED25519_SMALL + #include +#endif +#include + +/* +fe means field element. +Here the field is \Z/(2^255-19). +An element t, entries t[0]...t[9], represents the integer +t[0]+2^26 t[1]+2^51 t[2]+2^77 t[3]+2^102 t[4]+...+2^230 t[9]. +Bounds on each t[i] vary depending on context. +*/ + +#ifdef CURVED25519_SMALL + #define F25519_SIZE 32 + typedef byte fe[32]; +#else + typedef int32_t fe[10]; +#endif + +#if! defined FREESCALE_LTC_ECC +WOLFSSL_LOCAL int curve25519(byte * q, byte * n, byte * p); +#endif +WOLFSSL_LOCAL void fe_copy(fe, const fe); +WOLFSSL_LOCAL void fe_add(fe, const fe, const fe); +WOLFSSL_LOCAL void fe_neg(fe,const fe); +WOLFSSL_LOCAL void fe_sub(fe, const fe, const fe); +WOLFSSL_LOCAL void fe_invert(fe, const fe); +WOLFSSL_LOCAL void fe_mul(fe,const fe,const fe); + +/* default to be faster but take more memory */ +#ifndef CURVED25519_SMALL + +/* Based On Daniel J Bernstein's curve25519 and ed25519 Public Domain ref10 + work. */ + +WOLFSSL_LOCAL void fe_0(fe); +WOLFSSL_LOCAL void fe_1(fe); +WOLFSSL_LOCAL int fe_isnonzero(const fe); +WOLFSSL_LOCAL int fe_isnegative(const fe); +WOLFSSL_LOCAL void fe_tobytes(unsigned char *, const fe); +WOLFSSL_LOCAL void fe_sq(fe, const fe); +WOLFSSL_LOCAL void fe_sq2(fe,const fe); +WOLFSSL_LOCAL void fe_frombytes(fe,const unsigned char *); +WOLFSSL_LOCAL void fe_cswap(fe,fe,unsigned int); +WOLFSSL_LOCAL void fe_mul121666(fe,fe); +WOLFSSL_LOCAL void fe_cmov(fe,const fe,unsigned int); +WOLFSSL_LOCAL void fe_pow22523(fe,const fe); + +/* 64 type needed for SHA512 */ +WOLFSSL_LOCAL uint64_t load_3(const unsigned char *in); +WOLFSSL_LOCAL uint64_t load_4(const unsigned char *in); +#endif /* not defined CURVED25519_SMALL */ + +/* Use less memory and only 32bit types or less, but is slower + Based on Daniel Beer's public domain work. */ +#ifdef CURVED25519_SMALL +static const byte c25519_base_x[F25519_SIZE] = {9}; +static const byte f25519_zero[F25519_SIZE] = {0}; +static const byte f25519_one[F25519_SIZE] = {1}; +static const byte fprime_zero[F25519_SIZE] = {0}; +static const byte fprime_one[F25519_SIZE] = {1}; + +WOLFSSL_LOCAL void fe_load(byte *x, word32 c); +WOLFSSL_LOCAL void fe_normalize(byte *x); +WOLFSSL_LOCAL void fe_inv__distinct(byte *r, const byte *x); + +/* Conditional copy. If condition == 0, then zero is copied to dst. If + * condition == 1, then one is copied to dst. Any other value results in + * undefined behavior. + */ +WOLFSSL_LOCAL void fe_select(byte *dst, const byte *zero, const byte *one, + byte condition); + +/* Multiply a point by a small constant. The two pointers are not + * required to be distinct. + * + * The constant must be less than 2^24. + */ +WOLFSSL_LOCAL void fe_mul_c(byte *r, const byte *a, word32 b); +WOLFSSL_LOCAL void fe_mul__distinct(byte *r, const byte *a, const byte *b); + +/* Compute one of the square roots of the field element, if the element + * is square. The other square is -r. + * + * If the input is not square, the returned value is a valid field + * element, but not the correct answer. If you don't already know that + * your element is square, you should square the return value and test. + */ +WOLFSSL_LOCAL void fe_sqrt(byte *r, const byte *x); + +/* Conditional copy. If condition == 0, then zero is copied to dst. If + * condition == 1, then one is copied to dst. Any other value results in + * undefined behavior. + */ +WOLFSSL_LOCAL void fprime_select(byte *dst, const byte *zero, const byte *one, + byte condition); +WOLFSSL_LOCAL void fprime_add(byte *r, const byte *a, const byte *modulus); +WOLFSSL_LOCAL void fprime_sub(byte *r, const byte *a, const byte *modulus); +WOLFSSL_LOCAL void fprime_mul(byte *r, const byte *a, const byte *b, + const byte *modulus); +WOLFSSL_LOCAL void fprime_copy(byte *x, const byte *a); +#endif /* CURVED25519_SMALL */ +#endif /* HAVE_CURVE25519 or HAVE_ED25519 */ +#endif /* WOLF_CRYPT_FE_OPERATIONS_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/fips_test.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/fips_test.h new file mode 100644 index 0000000..5b3a2c1 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/fips_test.h @@ -0,0 +1,59 @@ +/* fips_test.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_FIPS_TEST_H +#define WOLF_CRYPT_FIPS_TEST_H + +#include + + +#ifdef __cplusplus + extern "C" { +#endif + +/* Known Answer Test string inputs are hex, internal */ +CYASSL_LOCAL int DoKnownAnswerTests(char*, int); + + +/* FIPS failure callback */ +typedef void(*wolfCrypt_fips_cb)(int ok, int err, const char* hash); + +/* Public set function */ +CYASSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf); + +/* Public get status functions */ +CYASSL_API int wolfCrypt_GetStatus_fips(void); +CYASSL_API const char* wolfCrypt_GetCoreHash_fips(void); + +#ifdef HAVE_FORCE_FIPS_FAILURE + /* Public function to force failure mode for operational testing */ + CYASSL_API int wolfCrypt_SetStatus_fips(int); +#endif + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_FIPS_TEST_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/ge_operations.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/ge_operations.h new file mode 100644 index 0000000..c079b36 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/ge_operations.h @@ -0,0 +1,116 @@ +/* ge_operations.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + /* Based On Daniel J Bernstein's ed25519 Public Domain ref10 work. */ + +#ifndef WOLF_CRYPT_GE_OPERATIONS_H +#define WOLF_CRYPT_GE_OPERATIONS_H + +#include + +#ifdef HAVE_ED25519 + +#ifndef CURVED25519_SMALL + #include +#endif +#include + +/* +ge means group element. + +Here the group is the set of pairs (x,y) of field elements (see fe.h) +satisfying -x^2 + y^2 = 1 + d x^2y^2 +where d = -121665/121666. + +Representations: + ge_p2 (projective): (X:Y:Z) satisfying x=X/Z, y=Y/Z + ge_p3 (extended): (X:Y:Z:T) satisfying x=X/Z, y=Y/Z, XY=ZT + ge_p1p1 (completed): ((X:Z),(Y:T)) satisfying x=X/Z, y=Y/T + ge_precomp (Duif): (y+x,y-x,2dxy) +*/ + + +typedef struct { + fe X; + fe Y; + fe Z; +} ge_p2; + +typedef struct { + fe X; + fe Y; + fe Z; + fe T; +} ge_p3; + +WOLFSSL_LOCAL int ge_compress_key(byte* out, const byte* xIn, const byte* yIn, + word32 keySz); +WOLFSSL_LOCAL int ge_frombytes_negate_vartime(ge_p3 *,const unsigned char *); + +WOLFSSL_LOCAL int ge_double_scalarmult_vartime(ge_p2 *,const unsigned char *, + const ge_p3 *,const unsigned char *); +WOLFSSL_LOCAL void ge_scalarmult_base(ge_p3 *,const unsigned char *); +WOLFSSL_LOCAL void sc_reduce(byte* s); +WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b, + const byte* c); +WOLFSSL_LOCAL void ge_tobytes(unsigned char *,const ge_p2 *); +WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *,const ge_p3 *); + +#ifndef CURVED25519_SMALL +typedef struct { + fe X; + fe Y; + fe Z; + fe T; +} ge_p1p1; + +typedef struct { + fe yplusx; + fe yminusx; + fe xy2d; +} ge_precomp; + +typedef struct { + fe YplusX; + fe YminusX; + fe Z; + fe T2d; +} ge_cached; + +WOLFSSL_LOCAL void ge_p2_0(ge_p2 *); +WOLFSSL_LOCAL void ge_p3_0(ge_p3 *); +WOLFSSL_LOCAL void ge_precomp_0(ge_precomp *); +WOLFSSL_LOCAL void ge_p3_to_p2(ge_p2 *,const ge_p3 *); +WOLFSSL_LOCAL void ge_p3_to_cached(ge_cached *,const ge_p3 *); +WOLFSSL_LOCAL void ge_p1p1_to_p2(ge_p2 *,const ge_p1p1 *); +WOLFSSL_LOCAL void ge_p1p1_to_p3(ge_p3 *,const ge_p1p1 *); +WOLFSSL_LOCAL void ge_p2_dbl(ge_p1p1 *,const ge_p2 *); +WOLFSSL_LOCAL void ge_p3_dbl(ge_p1p1 *,const ge_p3 *); + +WOLFSSL_LOCAL void ge_madd(ge_p1p1 *,const ge_p3 *,const ge_precomp *); +WOLFSSL_LOCAL void ge_msub(ge_p1p1 *,const ge_p3 *,const ge_precomp *); +WOLFSSL_LOCAL void ge_add(ge_p1p1 *,const ge_p3 *,const ge_cached *); +WOLFSSL_LOCAL void ge_sub(ge_p1p1 *,const ge_p3 *,const ge_cached *); +#endif /* no CURVED25519_SMALL */ +#endif /* HAVE_ED25519 */ +#endif /* WOLF_CRYPT_GE_OPERATIONS_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/hash.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/hash.h new file mode 100644 index 0000000..fa1883b --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/hash.h @@ -0,0 +1,174 @@ +/* hash.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_HASH_H +#define WOLF_CRYPT_HASH_H + +#include + +#ifndef NO_MD5 + #include +#endif +#ifndef NO_SHA + #include +#endif +#if defined(WOLFSSL_SHA224) || !defined(NO_SHA256) + #include +#endif +#if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) + #include +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +/* Hash types */ +enum wc_HashType { + WC_HASH_TYPE_NONE = 0, + WC_HASH_TYPE_MD2 = 1, + WC_HASH_TYPE_MD4 = 2, + WC_HASH_TYPE_MD5 = 3, + WC_HASH_TYPE_SHA = 4, /* SHA-1 (not old SHA-0) */ + WC_HASH_TYPE_SHA224 = 9, + WC_HASH_TYPE_SHA256 = 5, + WC_HASH_TYPE_SHA384 = 6, + WC_HASH_TYPE_SHA512 = 7, + WC_HASH_TYPE_MD5_SHA = 8, +}; + +typedef union { + #ifndef NO_MD5 + Md5 md5; + #endif + #ifndef NO_SHA + Sha sha; + #endif + #ifdef WOLFSSL_SHA224 + Sha224 sha224; + #endif + #ifndef NO_SHA256 + Sha256 sha256; + #endif + #ifdef WOLFSSL_SHA384 + Sha384 sha384; + #endif + #ifdef WOLFSSL_SHA512 + Sha512 sha512; + #endif +} wc_HashAlg; + +/* Find largest possible digest size + Note if this gets up to the size of 80 or over check smallstack build */ +#if defined(WOLFSSL_SHA512) + #define WC_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE +#elif defined(WOLFSSL_SHA384) + #define WC_MAX_DIGEST_SIZE SHA384_DIGEST_SIZE +#elif !defined(NO_SHA256) + #define WC_MAX_DIGEST_SIZE SHA256_DIGEST_SIZE +#elif defined(WOLFSSL_SHA224) + #define WC_MAX_DIGEST_SIZE SHA224_DIGEST_SIZE +#elif !defined(NO_SHA) + #define WC_MAX_DIGEST_SIZE SHA_DIGEST_SIZE +#elif !defined(NO_MD5) + #define WC_MAX_DIGEST_SIZE MD5_DIGEST_SIZE +#else + #define WC_MAX_DIGEST_SIZE 64 /* default to max size of 64 */ +#endif + +#if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC) +WOLFSSL_API int wc_HashGetOID(enum wc_HashType hash_type); +#endif + +WOLFSSL_API int wc_HashGetDigestSize(enum wc_HashType hash_type); +WOLFSSL_API int wc_Hash(enum wc_HashType hash_type, + const byte* data, word32 data_len, + byte* hash, word32 hash_len); + +/* generic hash operation wrappers */ +WOLFSSL_API int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type); +WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, + const byte* data, word32 dataSz); +WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, + byte* out); + + +#ifndef NO_MD5 +#include +WOLFSSL_API void wc_Md5GetHash(Md5*, byte*); +WOLFSSL_API void wc_Md5RestorePos(Md5*, Md5*); +#if defined(WOLFSSL_TI_HASH) + WOLFSSL_API void wc_Md5Free(Md5*); +#else + #define wc_Md5Free(d) +#endif +#endif + +#ifndef NO_SHA +#include +WOLFSSL_API int wc_ShaGetHash(Sha*, byte*); +WOLFSSL_API void wc_ShaRestorePos(Sha*, Sha*); +WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*); +#if defined(WOLFSSL_TI_HASH) + WOLFSSL_API void wc_ShaFree(Sha*); +#else + #define wc_ShaFree(d) +#endif +#endif + +#ifndef NO_SHA256 +#include +WOLFSSL_API int wc_Sha256GetHash(Sha256*, byte*); +WOLFSSL_API void wc_Sha256RestorePos(Sha256*, Sha256*); +WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*); +#if defined(WOLFSSL_TI_HASH) + WOLFSSL_API void wc_Sha256Free(Sha256*); +#else + #define wc_Sha256Free(d) +#endif + + #if defined(WOLFSSL_SHA224) + WOLFSSL_API int wc_Sha224GetHash(Sha224*, byte*); + WOLFSSL_API int wc_Sha224Hash(const byte*, word32, byte*); + #define wc_Sha224Free(d) + #endif /* defined(WOLFSSL_SHA224) */ +#endif + +#ifdef WOLFSSL_SHA512 +#include +WOLFSSL_API int wc_Sha512GetHash(Sha512*, byte*); +WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*); +#define wc_Sha512Free(d) + + #if defined(WOLFSSL_SHA384) + WOLFSSL_API int wc_Sha384GetHash(Sha384*, byte*); + WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*); + #define wc_Sha384Free(d) + #endif /* defined(WOLFSSL_SHA384) */ +#endif /* WOLFSSL_SHA512 */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_HASH_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/hc128.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/hc128.h new file mode 100644 index 0000000..1b2578b --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/hc128.h @@ -0,0 +1,63 @@ +/* hc128.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_HC128_H +#define WOLF_CRYPT_HC128_H + +#include + +#ifndef NO_HC128 + +#ifdef __cplusplus + extern "C" { +#endif + +enum { + HC128_ENC_TYPE = 6 /* cipher unique type */ +}; + +/* HC-128 stream cipher */ +typedef struct HC128 { + word32 T[1024]; /* P[i] = T[i]; Q[i] = T[1024 + i ]; */ + word32 X[16]; + word32 Y[16]; + word32 counter1024; /* counter1024 = i mod 1024 at the ith step */ + word32 key[8]; + word32 iv[8]; +#ifdef XSTREAM_ALIGN + void* heap; /* heap hint, currently XMALLOC only used with aligning */ +#endif +} HC128; + + +WOLFSSL_API int wc_Hc128_Process(HC128*, byte*, const byte*, word32); +WOLFSSL_API int wc_Hc128_SetKey(HC128*, const byte* key, const byte* iv); + +WOLFSSL_LOCAL int wc_Hc128_SetHeap(HC128* ctx, void* heap); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_HC128 */ +#endif /* WOLF_CRYPT_HC128_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/hmac.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/hmac.h new file mode 100644 index 0000000..1d49306 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/hmac.h @@ -0,0 +1,201 @@ +/* hmac.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef NO_HMAC + +#ifndef WOLF_CRYPT_HMAC_H +#define WOLF_CRYPT_HMAC_H + +#include + +#ifndef NO_MD5 + #include +#endif + +#ifndef NO_SHA + #include +#endif + +#if !defined(NO_SHA256) || defined(WOLFSSL_SHA224) + #include +#endif + +#ifdef WOLFSSL_SHA512 + #include +#endif + +#ifdef HAVE_BLAKE2 + #include +#endif + +#ifdef HAVE_FIPS +/* for fips */ + #include +#endif + + +#ifdef __cplusplus + extern "C" { +#endif +#ifndef HAVE_FIPS + +#ifdef WOLFSSL_ASYNC_CRYPT + #include +#endif + +enum { + HMAC_FIPS_MIN_KEY = 14, /* 112 bit key length minimum */ + + IPAD = 0x36, + OPAD = 0x5C, + +/* If any hash is not enabled, add the ID here. */ +#ifdef NO_MD5 + MD5 = 0, +#endif +#ifdef NO_SHA + SHA = 1, +#endif +#ifdef NO_SHA256 + SHA256 = 2, +#endif +#ifndef WOLFSSL_SHA512 + SHA512 = 4, +#endif +#ifndef WOLFSSL_SHA384 + SHA384 = 5, +#endif +#ifndef HAVE_BLAKE2 + BLAKE2B_ID = 7, +#endif +#ifndef WOLFSSL_SHA224 + SHA224 = 8, +#endif + +/* Select the largest available hash for the buffer size. */ +#if defined(WOLFSSL_SHA512) + MAX_DIGEST_SIZE = SHA512_DIGEST_SIZE, + HMAC_BLOCK_SIZE = SHA512_BLOCK_SIZE +#elif defined(HAVE_BLAKE2) + MAX_DIGEST_SIZE = BLAKE2B_OUTBYTES, + HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES, +#elif defined(WOLFSSL_SHA384) + MAX_DIGEST_SIZE = SHA384_DIGEST_SIZE, + HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE +#elif !defined(NO_SHA256) + MAX_DIGEST_SIZE = SHA256_DIGEST_SIZE, + HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE +#elif defined(WOLFSSL_SHA224) + MAX_DIGEST_SIZE = SHA224_DIGEST_SIZE, + HMAC_BLOCK_SIZE = SHA224_BLOCK_SIZE +#elif !defined(NO_SHA) + MAX_DIGEST_SIZE = SHA_DIGEST_SIZE, + HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE +#elif !defined(NO_MD5) + MAX_DIGEST_SIZE = MD5_DIGEST_SIZE, + HMAC_BLOCK_SIZE = MD5_BLOCK_SIZE +#else + #error "You have to have some kind of hash if you want to use HMAC." +#endif +}; + + +/* hash union */ +typedef union { + #ifndef NO_MD5 + Md5 md5; + #endif + #ifndef NO_SHA + Sha sha; + #endif + #ifdef WOLFSSL_SHA224 + Sha224 sha224; + #endif + #ifndef NO_SHA256 + Sha256 sha256; + #endif + #ifdef WOLFSSL_SHA384 + Sha384 sha384; + #endif + #ifdef WOLFSSL_SHA512 + Sha512 sha512; + #endif + #ifdef HAVE_BLAKE2 + Blake2b blake2b; + #endif +} Hash; + +/* Hmac digest */ +typedef struct Hmac { + Hash hash; + word32 ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ + word32 opad[HMAC_BLOCK_SIZE / sizeof(word32)]; + word32 innerHash[MAX_DIGEST_SIZE / sizeof(word32)]; + void* heap; /* heap hint */ + byte macType; /* md5 sha or sha256 */ + byte innerHashKeyed; /* keyed flag */ +#ifdef WOLFSSL_ASYNC_CRYPT + AsyncCryptDev asyncDev; + #ifdef HAVE_CAVIUM + word16 keyLen; /* hmac key length */ + word16 dataLen; + HashType type; /* hmac key type */ + byte* data; /* buffered input data for one call */ + #endif /* HAVE_CAVIUM */ +#endif /* WOLFSSL_ASYNC_CRYPT */ +} Hmac; + +#endif /* HAVE_FIPS */ + +/* does init */ +WOLFSSL_API int wc_HmacSetKey(Hmac*, int type, const byte* key, word32 keySz); +WOLFSSL_API int wc_HmacUpdate(Hmac*, const byte*, word32); +WOLFSSL_API int wc_HmacFinal(Hmac*, byte*); +WOLFSSL_API int wc_HmacSizeByType(int type); +#ifdef WOLFSSL_ASYNC_CRYPT + WOLFSSL_API int wc_HmacAsyncInit(Hmac*, int); + WOLFSSL_API void wc_HmacAsyncFree(Hmac*); +#endif + + + +WOLFSSL_API int wolfSSL_GetHmacMaxSize(void); + + +#ifdef HAVE_HKDF + +WOLFSSL_API int wc_HKDF(int type, const byte* inKey, word32 inKeySz, + const byte* salt, word32 saltSz, + const byte* info, word32 infoSz, + byte* out, word32 outSz); + +#endif /* HAVE_HKDF */ + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_HMAC_H */ + +#endif /* NO_HMAC */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/idea.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/idea.h new file mode 100644 index 0000000..de6ad76 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/idea.h @@ -0,0 +1,67 @@ +/* idea.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_IDEA_H +#define WOLF_CRYPT_IDEA_H + +#include + +#ifdef HAVE_IDEA + +#ifdef __cplusplus + extern "C" { +#endif + +enum { + IDEA_MODULO = 0x10001, /* 2^16+1 */ + IDEA_2EXP16 = 0x10000, /* 2^16 */ + IDEA_MASK = 0xFFFF, /* 16 bits set to one */ + IDEA_ROUNDS = 8, /* number of rounds for IDEA */ + IDEA_SK_NUM = (6*IDEA_ROUNDS + 4), /* number of subkeys */ + IDEA_KEY_SIZE = 16, /* size of key in bytes */ + IDEA_BLOCK_SIZE = 8, /* size of IDEA blocks in bytes */ + IDEA_IV_SIZE = 8, /* size of IDEA IV in bytes */ + IDEA_ENCRYPTION = 0, + IDEA_DECRYPTION = 1 +}; + +/* IDEA encryption and decryption */ +typedef struct Idea { + word32 reg[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ + word32 tmp[IDEA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ + word16 skey[IDEA_SK_NUM]; /* 832 bits expanded key */ +} Idea; + +WOLFSSL_API int wc_IdeaSetKey(Idea *idea, const byte* key, word16 keySz, + const byte *iv, int dir); +WOLFSSL_API int wc_IdeaSetIV(Idea *idea, const byte* iv); +WOLFSSL_API void wc_IdeaCipher(Idea *idea, byte* out, const byte* in); +WOLFSSL_API int wc_IdeaCbcEncrypt(Idea *idea, byte* out, + const byte* in, word32 len); +WOLFSSL_API int wc_IdeaCbcDecrypt(Idea *idea, byte* out, + const byte* in, word32 len); +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_IDEA */ +#endif /* WOLF_CRYPT_IDEA_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/include.am b/ccc/dist/lib/include/wolfssl/wolfcrypt/include.am new file mode 100644 index 0000000..7c9c0fb --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/include.am @@ -0,0 +1,73 @@ +# vim:ft=automake +# All paths should be given relative to the root + +nobase_include_HEADERS+= \ + wolfssl/wolfcrypt/aes.h \ + wolfssl/wolfcrypt/arc4.h \ + wolfssl/wolfcrypt/asn.h \ + wolfssl/wolfcrypt/asn_public.h \ + wolfssl/wolfcrypt/poly1305.h \ + wolfssl/wolfcrypt/camellia.h \ + wolfssl/wolfcrypt/cmac.h \ + wolfssl/wolfcrypt/coding.h \ + wolfssl/wolfcrypt/compress.h \ + wolfssl/wolfcrypt/des3.h \ + wolfssl/wolfcrypt/dh.h \ + wolfssl/wolfcrypt/dsa.h \ + wolfssl/wolfcrypt/ecc.h \ + wolfssl/wolfcrypt/curve25519.h \ + wolfssl/wolfcrypt/ed25519.h \ + wolfssl/wolfcrypt/fe_operations.h \ + wolfssl/wolfcrypt/ge_operations.h \ + wolfssl/wolfcrypt/error-crypt.h \ + wolfssl/wolfcrypt/fips_test.h \ + wolfssl/wolfcrypt/hash.h \ + wolfssl/wolfcrypt/hc128.h \ + wolfssl/wolfcrypt/hmac.h \ + wolfssl/wolfcrypt/integer.h \ + wolfssl/wolfcrypt/md2.h \ + wolfssl/wolfcrypt/md4.h \ + wolfssl/wolfcrypt/md5.h \ + wolfssl/wolfcrypt/misc.h \ + wolfssl/wolfcrypt/pkcs7.h \ + wolfssl/wolfcrypt/wc_encrypt.h \ + wolfssl/wolfcrypt/wc_port.h \ + wolfssl/wolfcrypt/pwdbased.h \ + wolfssl/wolfcrypt/rabbit.h \ + wolfssl/wolfcrypt/chacha.h \ + wolfssl/wolfcrypt/chacha20_poly1305.h \ + wolfssl/wolfcrypt/random.h \ + wolfssl/wolfcrypt/ripemd.h \ + wolfssl/wolfcrypt/rsa.h \ + wolfssl/wolfcrypt/settings.h \ + wolfssl/wolfcrypt/sha256.h \ + wolfssl/wolfcrypt/sha512.h \ + wolfssl/wolfcrypt/sha.h \ + wolfssl/wolfcrypt/signature.h \ + wolfssl/wolfcrypt/blake2.h \ + wolfssl/wolfcrypt/blake2-int.h \ + wolfssl/wolfcrypt/blake2-impl.h \ + wolfssl/wolfcrypt/tfm.h \ + wolfssl/wolfcrypt/srp.h \ + wolfssl/wolfcrypt/idea.h \ + wolfssl/wolfcrypt/types.h \ + wolfssl/wolfcrypt/visibility.h \ + wolfssl/wolfcrypt/logging.h \ + wolfssl/wolfcrypt/memory.h \ + wolfssl/wolfcrypt/mpi_class.h \ + wolfssl/wolfcrypt/mpi_superclass.h \ + wolfssl/wolfcrypt/mem_track.h \ + wolfssl/wolfcrypt/wolfevent.h \ + wolfssl/wolfcrypt/pkcs12.h + +noinst_HEADERS+= \ + wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h \ + wolfssl/wolfcrypt/port/ti/ti-hash.h \ + wolfssl/wolfcrypt/port/ti/ti-ccm.h \ + wolfssl/wolfcrypt/port/nrf51.h \ + wolfssl/wolfcrypt/port/nxp/ksdk_port.h \ + wolfssl/wolfcrypt/port/atmel/atmel.h + +if BUILD_CAVIUM +noinst_HEADERS+= wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h +endif diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/integer.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/integer.h new file mode 100644 index 0000000..c965330 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/integer.h @@ -0,0 +1,353 @@ +/* integer.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* + * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca, + * http://math.libtomcrypt.com + */ + + +#ifndef WOLF_CRYPT_INTEGER_H +#define WOLF_CRYPT_INTEGER_H + +/* may optionally use fast math instead, not yet supported on all platforms and + may not be faster on all +*/ +#include /* will set MP_xxBIT if not default */ +#ifdef USE_FAST_MATH + #include +#else + +#include + +#ifndef CHAR_BIT + #include +#endif + +#include + +#ifndef MIN + #define MIN(x,y) ((x)<(y)?(x):(y)) +#endif + +#ifndef MAX + #define MAX(x,y) ((x)>(y)?(x):(y)) +#endif + +#ifdef __cplusplus +extern "C" { + +/* C++ compilers don't like assigning void * to mp_digit * */ +#define OPT_CAST(x) (x *) + +#else + +/* C on the other hand doesn't care */ +#define OPT_CAST(x) + +#endif + + +/* detect 64-bit mode if possible */ +#if defined(__x86_64__) + #if !(defined(MP_64BIT) && defined(MP_16BIT) && defined(MP_8BIT)) + #define MP_64BIT + #endif +#endif +/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */ +#if defined(MP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T) + #undef MP_64BIT +#endif + + +/* allow user to define on mp_digit, mp_word, DIGIT_BIT types */ +#ifndef WOLFSSL_BIGINT_TYPES + +/* some default configurations. + * + * A "mp_digit" must be able to hold DIGIT_BIT + 1 bits + * A "mp_word" must be able to hold 2*DIGIT_BIT + 1 bits + * + * At the very least a mp_digit must be able to hold 7 bits + * [any size beyond that is ok provided it doesn't overflow the data type] + */ +#ifdef MP_8BIT + typedef unsigned char mp_digit; + typedef unsigned short mp_word; +#elif defined(MP_16BIT) || defined(NO_64BIT) + typedef unsigned short mp_digit; + typedef unsigned int mp_word; + #define DIGIT_BIT 12 +#elif defined(MP_64BIT) + /* for GCC only on supported platforms */ + typedef unsigned long long mp_digit; /* 64 bit type, 128 uses mode(TI) */ + typedef unsigned long mp_word __attribute__ ((mode(TI))); + + #define DIGIT_BIT 60 +#else + /* this is the default case, 28-bit digits */ + + #if defined(_MSC_VER) || defined(__BORLANDC__) + typedef unsigned __int64 ulong64; + #else + typedef unsigned long long ulong64; + #endif + + typedef unsigned int mp_digit; /* long could be 64 now, changed TAO */ + typedef ulong64 mp_word; + +#ifdef MP_31BIT + /* this is an extension that uses 31-bit digits */ + #define DIGIT_BIT 31 +#else + /* default case is 28-bit digits, defines MP_28BIT as a handy test macro */ + #define DIGIT_BIT 28 + #define MP_28BIT +#endif +#endif + +#endif /* WOLFSSL_BIGINT_TYPES */ + +/* otherwise the bits per digit is calculated automatically from the size of + a mp_digit */ +#ifndef DIGIT_BIT + #define DIGIT_BIT ((int)((CHAR_BIT * sizeof(mp_digit) - 1))) + /* bits per digit */ +#endif + +#define MP_DIGIT_BIT DIGIT_BIT +#define MP_MASK ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1)) +#define MP_DIGIT_MAX MP_MASK + +/* equalities */ +#define MP_LT -1 /* less than */ +#define MP_EQ 0 /* equal to */ +#define MP_GT 1 /* greater than */ + +#define MP_ZPOS 0 /* positive integer */ +#define MP_NEG 1 /* negative */ + +#define MP_OKAY 0 /* ok result */ +#define MP_MEM -2 /* out of mem */ +#define MP_VAL -3 /* invalid input */ +#define MP_NOT_INF -4 /* point not at infinity */ +#define MP_RANGE MP_NOT_INF + +#define MP_YES 1 /* yes response */ +#define MP_NO 0 /* no response */ + +/* Primality generation flags */ +#define LTM_PRIME_BBS 0x0001 /* BBS style prime */ +#define LTM_PRIME_SAFE 0x0002 /* Safe prime (p-1)/2 == prime */ +#define LTM_PRIME_2MSB_ON 0x0008 /* force 2nd MSB to 1 */ + +typedef int mp_err; + +/* define this to use lower memory usage routines (exptmods mostly) */ +#define MP_LOW_MEM + +/* default precision */ +#ifndef MP_PREC + #ifndef MP_LOW_MEM + #define MP_PREC 32 /* default digits of precision */ + #else + #define MP_PREC 1 /* default digits of precision */ + #endif +#endif + +/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - + BITS_PER_DIGIT*2) */ +#define MP_WARRAY (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1)) + +/* the infamous mp_int structure */ +typedef struct { + int used, alloc, sign; + mp_digit *dp; +#ifdef WOLFSSL_ASYNC_CRYPT + byte* dpraw; /* Used for hardware crypto */ +#endif +} mp_int; + +/* callback for mp_prime_random, should fill dst with random bytes and return + how many read [up to len] */ +typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat); + + +#define USED(m) ((m)->used) +#define DIGIT(m,k) ((m)->dp[(k)]) +#define SIGN(m) ((m)->sign) + + +/* ---> Basic Manipulations <--- */ +#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO) +#define mp_isone(a) \ + (((((a)->used == 1)) && ((a)->dp[0] == 1u)) ? MP_YES : MP_NO) +#define mp_iseven(a) \ + (((a)->used > 0 && (((a)->dp[0] & 1u) == 0u)) ? MP_YES : MP_NO) +#define mp_isodd(a) \ + (((a)->used > 0 && (((a)->dp[0] & 1u) == 1u)) ? MP_YES : MP_NO) +#define mp_isneg(a) (((a)->sign != MP_ZPOS) ? MP_YES : MP_NO) + +/* number of primes */ +#ifdef MP_8BIT + #define PRIME_SIZE 31 +#else + #define PRIME_SIZE 256 +#endif + +#define mp_prime_random(a, t, size, bbs, cb, dat) \ + mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat) + +#define mp_read_raw(mp, str, len) mp_read_signed_bin((mp), (str), (len)) +#define mp_raw_size(mp) mp_signed_bin_size(mp) +#define mp_toraw(mp, str) mp_to_signed_bin((mp), (str)) +#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len)) +#define mp_mag_size(mp) mp_unsigned_bin_size(mp) +#define mp_tomag(mp, str) mp_to_unsigned_bin((mp), (str)) + +#define mp_tobinary(M, S) mp_toradix((M), (S), 2) +#define mp_tooctal(M, S) mp_toradix((M), (S), 8) +#define mp_todecimal(M, S) mp_toradix((M), (S), 10) +#define mp_tohex(M, S) mp_toradix((M), (S), 16) + +#define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1) + +extern const char *mp_s_rmap; + +/* 6 functions needed by Rsa */ +int mp_init (mp_int * a); +void mp_clear (mp_int * a); +void mp_forcezero(mp_int * a); +int mp_unsigned_bin_size(mp_int * a); +int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c); +int mp_to_unsigned_bin (mp_int * a, unsigned char *b); +int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y); +/* end functions needed by Rsa */ + +/* functions added to support above needed, removed TOOM and KARATSUBA */ +int mp_count_bits (mp_int * a); +int mp_leading_bit (mp_int * a); +int mp_init_copy (mp_int * a, mp_int * b); +int mp_copy (mp_int * a, mp_int * b); +int mp_grow (mp_int * a, int size); +int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d); +void mp_zero (mp_int * a); +void mp_clamp (mp_int * a); +void mp_exch (mp_int * a, mp_int * b); +void mp_rshd (mp_int * a, int b); +void mp_rshb (mp_int * a, int b); +int mp_mod_2d (mp_int * a, int b, mp_int * c); +int mp_mul_2d (mp_int * a, int b, mp_int * c); +int mp_lshd (mp_int * a, int b); +int mp_abs (mp_int * a, mp_int * b); +int mp_invmod (mp_int * a, mp_int * b, mp_int * c); +int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c); +int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c); +int mp_cmp_mag (mp_int * a, mp_int * b); +int mp_cmp (mp_int * a, mp_int * b); +int mp_cmp_d(mp_int * a, mp_digit b); +void mp_set (mp_int * a, mp_digit b); +int mp_is_bit_set (mp_int * a, mp_digit b); +int mp_mod (mp_int * a, mp_int * b, mp_int * c); +int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d); +int mp_div_2(mp_int * a, mp_int * b); +int mp_add (mp_int * a, mp_int * b, mp_int * c); +int s_mp_add (mp_int * a, mp_int * b, mp_int * c); +int s_mp_sub (mp_int * a, mp_int * b, mp_int * c); +int mp_sub (mp_int * a, mp_int * b, mp_int * c); +int mp_reduce_is_2k_l(mp_int *a); +int mp_reduce_is_2k(mp_int *a); +int mp_dr_is_modulus(mp_int *a); +int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int); +int mp_montgomery_setup (mp_int * n, mp_digit * rho); +int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho); +int mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho); +void mp_dr_setup(mp_int *a, mp_digit *d); +int mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k); +int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d); +int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs); +int s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs); +int mp_reduce_2k_setup_l(mp_int *a, mp_int *d); +int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d); +int mp_reduce (mp_int * x, mp_int * m, mp_int * mu); +int mp_reduce_setup (mp_int * a, mp_int * b); +int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode); +int mp_montgomery_calc_normalization (mp_int * a, mp_int * b); +int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs); +int s_mp_sqr (mp_int * a, mp_int * b); +int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs); +int fast_s_mp_sqr (mp_int * a, mp_int * b); +int mp_init_size (mp_int * a, int size); +int mp_div_3 (mp_int * a, mp_int *c, mp_digit * d); +int mp_mul_2(mp_int * a, mp_int * b); +int mp_mul (mp_int * a, mp_int * b, mp_int * c); +int mp_sqr (mp_int * a, mp_int * b); +int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d); +int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d); +int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d); +int mp_mul_d (mp_int * a, mp_digit b, mp_int * c); +int mp_2expt (mp_int * a, int b); +int mp_set_bit (mp_int * a, int b); +int mp_reduce_2k_setup(mp_int *a, mp_digit *d); +int mp_add_d (mp_int* a, mp_digit b, mp_int* c); +int mp_set_int (mp_int * a, unsigned long b); +int mp_sub_d (mp_int * a, mp_digit b, mp_int * c); +/* end support added functions */ + +/* added */ +int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e, + mp_int* f); +int mp_toradix (mp_int *a, char *str, int radix); +int mp_radix_size (mp_int * a, int radix, int *size); + +#ifdef WOLFSSL_DEBUG_MATH + void mp_dump(const char* desc, mp_int* a, byte verbose); +#else + #define mp_dump(desc, a, verbose) +#endif + +#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) + int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c); +#endif +#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) + int mp_read_radix(mp_int* a, const char* str, int radix); +#endif + +#ifdef WOLFSSL_KEY_GEN + int mp_prime_is_prime (mp_int * a, int t, int *result); + int mp_gcd (mp_int * a, mp_int * b, mp_int * c); + int mp_lcm (mp_int * a, mp_int * b, mp_int * c); + int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap); +#endif + +int mp_cnt_lsb(mp_int *a); +int mp_mod_d(mp_int* a, mp_digit b, mp_digit* c); + +#ifdef __cplusplus + } +#endif + + +#endif /* USE_FAST_MATH */ + +#endif /* WOLF_CRYPT_INTEGER_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/logging.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/logging.h new file mode 100644 index 0000000..29bf0ab --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/logging.h @@ -0,0 +1,78 @@ +/* logging.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* submitted by eof */ + + +#ifndef WOLFSSL_LOGGING_H +#define WOLFSSL_LOGGING_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +enum CYA_Log_Levels { + ERROR_LOG = 0, + INFO_LOG, + ENTER_LOG, + LEAVE_LOG, + OTHER_LOG +}; + +typedef void (*wolfSSL_Logging_cb)(const int logLevel, + const char *const logMessage); + +WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function); + +#ifdef DEBUG_WOLFSSL + /* a is prepended to m and b is appended, creating a log msg a + m + b */ + #define WOLFSSL_LOG_CAT(a, m, b) #a " " m " " #b + + void WOLFSSL_ENTER(const char* msg); + void WOLFSSL_LEAVE(const char* msg, int ret); + #define WOLFSSL_STUB(m) \ + WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented)) + + void WOLFSSL_ERROR(int); + void WOLFSSL_MSG(const char* msg); + void WOLFSSL_BUFFER(byte* buffer, word32 length); + +#else /* DEBUG_WOLFSSL */ + + #define WOLFSSL_ENTER(m) + #define WOLFSSL_LEAVE(m, r) + #define WOLFSSL_STUB(m) + + #define WOLFSSL_ERROR(e) + #define WOLFSSL_MSG(m) + #define WOLFSSL_BUFFER(b, l) + +#endif /* DEBUG_WOLFSSL */ + +#ifdef __cplusplus +} +#endif +#endif /* WOLFSSL_LOGGING_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/md2.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/md2.h new file mode 100644 index 0000000..a86995e --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/md2.h @@ -0,0 +1,65 @@ +/* md2.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_MD2_H +#define WOLF_CRYPT_MD2_H + +#include + +#ifdef WOLFSSL_MD2 + +#ifdef __cplusplus + extern "C" { +#endif + +/* in bytes */ +enum { + MD2 = 6, /* hash type unique */ + MD2_BLOCK_SIZE = 16, + MD2_DIGEST_SIZE = 16, + MD2_PAD_SIZE = 16, + MD2_X_SIZE = 48 +}; + + +/* Md2 digest */ +typedef struct Md2 { + word32 count; /* bytes % PAD_SIZE */ + byte X[MD2_X_SIZE]; + byte C[MD2_BLOCK_SIZE]; + byte buffer[MD2_BLOCK_SIZE]; +} Md2; + + +WOLFSSL_API void wc_InitMd2(Md2*); +WOLFSSL_API void wc_Md2Update(Md2*, const byte*, word32); +WOLFSSL_API void wc_Md2Final(Md2*, byte*); +WOLFSSL_API int wc_Md2Hash(const byte*, word32, byte*); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLFSSL_MD2 */ +#endif /* WOLF_CRYPT_MD2_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/md4.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/md4.h new file mode 100644 index 0000000..7b2688e --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/md4.h @@ -0,0 +1,63 @@ +/* md4.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_MD4_H +#define WOLF_CRYPT_MD4_H + +#include + +#ifndef NO_MD4 + +#ifdef __cplusplus + extern "C" { +#endif + +/* in bytes */ +enum { + MD4_BLOCK_SIZE = 64, + MD4_DIGEST_SIZE = 16, + MD4_PAD_SIZE = 56 +}; + + +/* MD4 digest */ +typedef struct Md4 { + word32 buffLen; /* in bytes */ + word32 loLen; /* length in bytes */ + word32 hiLen; /* length in bytes */ + word32 digest[MD4_DIGEST_SIZE / sizeof(word32)]; + word32 buffer[MD4_BLOCK_SIZE / sizeof(word32)]; +} Md4; + + +WOLFSSL_API void wc_InitMd4(Md4*); +WOLFSSL_API void wc_Md4Update(Md4*, const byte*, word32); +WOLFSSL_API void wc_Md4Final(Md4*, byte*); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_MD4 */ +#endif /* WOLF_CRYPT_MD4_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/md5.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/md5.h new file mode 100644 index 0000000..17783b1 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/md5.h @@ -0,0 +1,86 @@ +/* md5.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_MD5_H +#define WOLF_CRYPT_MD5_H + +#include + +#ifndef NO_MD5 + +#ifdef HAVE_FIPS + #define wc_InitMd5 InitMd5 + #define wc_Md5Update Md5Update + #define wc_Md5Final Md5Final + #define wc_Md5Hash Md5Hash +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +/* in bytes */ +enum { +#if defined(STM32F2_HASH) || defined(STM32F4_HASH) + MD5_REG_SIZE = 4, /* STM32 register size, bytes */ +#endif + MD5 = 0, /* hash type unique */ + MD5_BLOCK_SIZE = 64, + MD5_DIGEST_SIZE = 16, + MD5_PAD_SIZE = 56 +}; + +#if defined(WOLFSSL_PIC32MZ_HASH) +#include "port/pic32/pic32mz-crypt.h" +#endif + +#ifndef WOLFSSL_TI_HASH + +/* MD5 digest */ +typedef struct Md5 { + word32 buffLen; /* in bytes */ + word32 loLen; /* length in bytes */ + word32 hiLen; /* length in bytes */ + word32 buffer[MD5_BLOCK_SIZE / sizeof(word32)]; + #if !defined(WOLFSSL_PIC32MZ_HASH) + word32 digest[MD5_DIGEST_SIZE / sizeof(word32)]; + #else + word32 digest[PIC32_HASH_SIZE / sizeof(word32)]; + pic32mz_desc desc ; /* Crypt Engine descriptor */ + #endif +} Md5; + +#else /* WOLFSSL_TI_HASH */ + #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" +#endif + +WOLFSSL_API void wc_InitMd5(Md5*); +WOLFSSL_API void wc_Md5Update(Md5*, const byte*, word32); +WOLFSSL_API void wc_Md5Final(Md5*, byte*); +WOLFSSL_API int wc_Md5Hash(const byte*, word32, byte*); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_MD5 */ +#endif /* WOLF_CRYPT_MD5_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/mem_track.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/mem_track.h new file mode 100644 index 0000000..beb280b --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/mem_track.h @@ -0,0 +1,232 @@ +/* mem_track.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* The memory tracker overrides the wolfSSL memory callback system and uses a + * static to track the total, peak and currently allocated bytes. + * + * If you are already using the memory callbacks then enabling this will + * override the memory callbacks and prevent your memory callbacks from + * working. This assumes malloc() and free() are available. Feel free to + * customize this for your needs. + + * The enable this feature define the following: + * #define USE_WOLFSSL_MEMORY + * #define WOLFSSL_TRACK_MEMORY + * + * On startup call: + * InitMemoryTracker(); + * + * When ready to dump the memory report call: + * ShowMemoryTracker(); + * + * Report example: + * total Allocs = 228 + * total Bytes = 93442 + * peak Bytes = 8840 + * current Bytes = 0 + * + * + * You can also: + * #define WOLFSSL_DEBUG_MEMORY + * + * To print every alloc/free along with the function and line number. + * Example output: + * Alloc: 0x7fa14a500010 -> 120 at wc_InitRng:496 + * Free: 0x7fa14a500010 -> 120 at wc_FreeRng:606 + */ + + +#ifndef WOLFSSL_MEM_TRACK_H +#define WOLFSSL_MEM_TRACK_H + +#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY) + + #include "wolfssl/wolfcrypt/logging.h" + + typedef struct memoryStats { + size_t totalAllocs; /* number of allocations */ + size_t totalBytes; /* total number of bytes allocated */ + size_t peakBytes; /* concurrent max bytes */ + size_t currentBytes; /* total current bytes in use */ + } memoryStats; + + typedef struct memHint { + size_t thisSize; /* size of this memory */ + void* thisMemory; /* actual memory for user */ + } memHint; + + typedef struct memoryTrack { + union { + memHint hint; + byte alignit[16]; /* make sure we have strong alignment */ + } u; + } memoryTrack; + + #if defined(WOLFSSL_TRACK_MEMORY) + #define DO_MEM_STATS + static memoryStats ourMemStats; + #endif + + /* if defined to not using inline then declare function prototypes */ + #ifdef NO_INLINE + #define STATIC + WOLFSSL_LOCAL void* TrackMalloc(size_t sz); + WOLFSSL_LOCAL void TrackFree(void* ptr); + WOLFSSL_LOCAL void* TrackRealloc(void* ptr, size_t sz); + WOLFSSL_LOCAL int InitMemoryTracker(void); + WOLFSSL_LOCAL void ShowMemoryTracker(void); + #else + #define STATIC static + #endif + +#ifdef WOLFSSL_DEBUG_MEMORY + STATIC INLINE void* TrackMalloc(size_t sz, const char* func, unsigned int line) +#else + STATIC INLINE void* TrackMalloc(size_t sz) +#endif + { + memoryTrack* mt; + + if (sz == 0) + return NULL; + + mt = (memoryTrack*)malloc(sizeof(memoryTrack) + sz); + if (mt == NULL) + return NULL; + + mt->u.hint.thisSize = sz; + mt->u.hint.thisMemory = (byte*)mt + sizeof(memoryTrack); + +#ifdef WOLFSSL_DEBUG_MEMORY + printf("Alloc: %p -> %u at %s:%d\n", mt->u.hint.thisMemory, (word32)sz, func, line); +#endif + +#ifdef DO_MEM_STATS + ourMemStats.totalAllocs++; + ourMemStats.totalBytes += sz; + ourMemStats.currentBytes += sz; + if (ourMemStats.currentBytes > ourMemStats.peakBytes) + ourMemStats.peakBytes = ourMemStats.currentBytes; +#endif + + return mt->u.hint.thisMemory; + } + + +#ifdef WOLFSSL_DEBUG_MEMORY + STATIC INLINE void TrackFree(void* ptr, const char* func, unsigned int line) +#else + STATIC INLINE void TrackFree(void* ptr) +#endif + { + memoryTrack* mt; + + if (ptr == NULL) { + return; + } + + mt = (memoryTrack*)ptr; + --mt; /* same as minus sizeof(memoryTrack), removes header */ + +#ifdef DO_MEM_STATS + ourMemStats.currentBytes -= mt->u.hint.thisSize; +#endif + +#ifdef WOLFSSL_DEBUG_MEMORY + printf("Free: %p -> %u at %s:%d\n", ptr, (word32)mt->u.hint.thisSize, func, line); +#endif + + free(mt); + } + + +#ifdef WOLFSSL_DEBUG_MEMORY + STATIC INLINE void* TrackRealloc(void* ptr, size_t sz, const char* func, unsigned int line) +#else + STATIC INLINE void* TrackRealloc(void* ptr, size_t sz) +#endif + { + #ifdef WOLFSSL_DEBUG_MEMORY + void* ret = TrackMalloc(sz, func, line); + #else + void* ret = TrackMalloc(sz); + #endif + + if (ptr) { + /* if realloc is bigger, don't overread old ptr */ + memoryTrack* mt = (memoryTrack*)ptr; + --mt; /* same as minus sizeof(memoryTrack), removes header */ + + if (mt->u.hint.thisSize < sz) + sz = mt->u.hint.thisSize; + } + + if (ret && ptr) + XMEMCPY(ret, ptr, sz); + + if (ret) { + #ifdef WOLFSSL_DEBUG_MEMORY + TrackFree(ptr, func, line); + #else + TrackFree(ptr); + #endif + } + + return ret; + } + + STATIC INLINE int InitMemoryTracker(void) + { + int ret = wolfSSL_SetAllocators(TrackMalloc, TrackFree, TrackRealloc); + if (ret < 0) { + printf("wolfSSL SetAllocators failed for track memory\n"); + return ret; + } + + #ifdef DO_MEM_STATS + ourMemStats.totalAllocs = 0; + ourMemStats.totalBytes = 0; + ourMemStats.peakBytes = 0; + ourMemStats.currentBytes = 0; + #endif + + return ret; + } + + STATIC INLINE void ShowMemoryTracker(void) + { + #ifdef DO_MEM_STATS + printf("total Allocs = %9lu\n", + (unsigned long)ourMemStats.totalAllocs); + printf("total Bytes = %9lu\n", + (unsigned long)ourMemStats.totalBytes); + printf("peak Bytes = %9lu\n", + (unsigned long)ourMemStats.peakBytes); + printf("current Bytes = %9lu\n", + (unsigned long)ourMemStats.currentBytes); + #endif + } + +#endif /* USE_WOLFSSL_MEMORY */ + +#endif /* WOLFSSL_MEM_TRACK_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/memory.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/memory.h new file mode 100644 index 0000000..96dce8b --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/memory.h @@ -0,0 +1,185 @@ +/* memory.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* submitted by eof */ + + +#ifndef WOLFSSL_MEMORY_H +#define WOLFSSL_MEMORY_H + +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + +#ifdef WOLFSSL_STATIC_MEMORY + #ifdef WOLFSSL_DEBUG_MEMORY + typedef void *(*wolfSSL_Malloc_cb)(size_t size, void* heap, int type, const char* func, unsigned int line); + typedef void (*wolfSSL_Free_cb)(void *ptr, void* heap, int type, const char* func, unsigned int line); + typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size, void* heap, int type, const char* func, unsigned int line); + WOLFSSL_API void* wolfSSL_Malloc(size_t size, void* heap, int type, const char* func, unsigned int line); + WOLFSSL_API void wolfSSL_Free(void *ptr, void* heap, int type, const char* func, unsigned int line); + WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type, const char* func, unsigned int line); + #else + typedef void *(*wolfSSL_Malloc_cb)(size_t size, void* heap, int type); + typedef void (*wolfSSL_Free_cb)(void *ptr, void* heap, int type); + typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size, void* heap, int type); + WOLFSSL_API void* wolfSSL_Malloc(size_t size, void* heap, int type); + WOLFSSL_API void wolfSSL_Free(void *ptr, void* heap, int type); + WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type); + #endif /* WOLFSSL_DEBUG_MEMORY */ +#else + #ifdef WOLFSSL_DEBUG_MEMORY + typedef void *(*wolfSSL_Malloc_cb)(size_t size, const char* func, unsigned int line); + typedef void (*wolfSSL_Free_cb)(void *ptr, const char* func, unsigned int line); + typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size, const char* func, unsigned int line); + + /* Public in case user app wants to use XMALLOC/XFREE */ + WOLFSSL_API void* wolfSSL_Malloc(size_t size, const char* func, unsigned int line); + WOLFSSL_API void wolfSSL_Free(void *ptr, const char* func, unsigned int line); + WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, const char* func, unsigned int line); + #else + typedef void *(*wolfSSL_Malloc_cb)(size_t size); + typedef void (*wolfSSL_Free_cb)(void *ptr); + typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size); + /* Public in case user app wants to use XMALLOC/XFREE */ + WOLFSSL_API void* wolfSSL_Malloc(size_t size); + WOLFSSL_API void wolfSSL_Free(void *ptr); + WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size); + #endif /* WOLFSSL_DEBUG_MEMORY */ +#endif /* WOLFSSL_STATIC_MEMORY */ + +/* Public set function */ +WOLFSSL_API int wolfSSL_SetAllocators(wolfSSL_Malloc_cb malloc_function, + wolfSSL_Free_cb free_function, + wolfSSL_Realloc_cb realloc_function); + +#ifdef WOLFSSL_STATIC_MEMORY + #define WOLFSSL_STATIC_TIMEOUT 1 + #ifndef WOLFSSL_STATIC_ALIGN + #define WOLFSSL_STATIC_ALIGN 16 + #endif + #ifndef WOLFMEM_MAX_BUCKETS + #define WOLFMEM_MAX_BUCKETS 9 + #endif + #define WOLFMEM_DEF_BUCKETS 9 /* number of default memory blocks */ + #define WOLFMEM_IO_SZ 16992 /* 16 byte aligned */ + #ifndef WOLFMEM_BUCKETS + /* default size of chunks of memory to seperate into + * having session certs enabled makes a 21k SSL struct */ + #ifndef SESSION_CERTS + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,16128 + #else + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,21056 + #endif + #endif + #ifndef WOLFMEM_DIST + #define WOLFMEM_DIST 8,4,4,12,4,5,2,1,1 + #endif + + /* flags for loading static memory (one hot bit) */ + #define WOLFMEM_GENERAL 0x01 + #define WOLFMEM_IO_POOL 0x02 + #define WOLFMEM_IO_POOL_FIXED 0x04 + #define WOLFMEM_TRACK_STATS 0x08 + + #ifndef WOLFSSL_MEM_GUARD + #define WOLFSSL_MEM_GUARD + typedef struct WOLFSSL_MEM_STATS WOLFSSL_MEM_STATS; + typedef struct WOLFSSL_MEM_CONN_STATS WOLFSSL_MEM_CONN_STATS; + #endif + + struct WOLFSSL_MEM_CONN_STATS { + word32 peakMem; /* peak memory usage */ + word32 curMem; /* current memory usage */ + word32 peakAlloc; /* peak memory allocations */ + word32 curAlloc; /* current memory allocations */ + word32 totalAlloc;/* total memory allocations for lifetime */ + word32 totalFr; /* total frees for lifetime */ + }; + + struct WOLFSSL_MEM_STATS { + word32 curAlloc; /* current memory allocations */ + word32 totalAlloc;/* total memory allocations for lifetime */ + word32 totalFr; /* total frees for lifetime */ + word32 totalUse; /* total amount of memory used in blocks */ + word32 avaIO; /* available IO specific pools */ + word32 maxHa; /* max number of concurent handshakes allowed */ + word32 maxIO; /* max number of concurent IO connections allowed */ + word32 blockSz[WOLFMEM_MAX_BUCKETS]; /* block sizes in stacks */ + word32 avaBlock[WOLFMEM_MAX_BUCKETS];/* ava block sizes */ + word32 usedBlock[WOLFMEM_MAX_BUCKETS]; + int flag; /* flag used */ + }; + + typedef struct wc_Memory wc_Memory; /* internal structure for mem bucket */ + typedef struct WOLFSSL_HEAP { + wc_Memory* ava[WOLFMEM_MAX_BUCKETS]; + wc_Memory* io; /* list of buffers to use for IO */ + word32 maxHa; /* max concurent handshakes */ + word32 curHa; + word32 maxIO; /* max concurrent IO connections */ + word32 curIO; + word32 sizeList[WOLFMEM_MAX_BUCKETS];/* memory sizes in ava list */ + word32 distList[WOLFMEM_MAX_BUCKETS];/* general distribution */ + word32 inUse; /* amount of memory currently in use */ + word32 ioUse; + word32 alloc; /* total number of allocs */ + word32 frAlc; /* total number of frees */ + int flag; + wolfSSL_Mutex memory_mutex; + } WOLFSSL_HEAP; + + /* structure passed into XMALLOC as heap hint + * having this abstraction allows tracking statistics of individual ssl's + */ + typedef struct WOLFSSL_HEAP_HINT { + WOLFSSL_HEAP* memory; + WOLFSSL_MEM_CONN_STATS* stats; /* hold individual connection stats */ + wc_Memory* outBuf; /* set if using fixed io buffers */ + wc_Memory* inBuf; + byte haFlag; /* flag used for checking handshake count */ + } WOLFSSL_HEAP_HINT; + + WOLFSSL_API int wc_LoadStaticMemory(WOLFSSL_HEAP_HINT** pHint, + unsigned char* buf, unsigned int sz, int flag, int max); + + WOLFSSL_LOCAL int wolfSSL_init_memory_heap(WOLFSSL_HEAP* heap); + WOLFSSL_LOCAL int wolfSSL_load_static_memory(byte* buffer, word32 sz, + int flag, WOLFSSL_HEAP* heap); + WOLFSSL_LOCAL int wolfSSL_GetMemStats(WOLFSSL_HEAP* heap, + WOLFSSL_MEM_STATS* stats); + WOLFSSL_LOCAL int SetFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io); + WOLFSSL_LOCAL int FreeFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io); + + WOLFSSL_API int wolfSSL_StaticBufferSz(byte* buffer, word32 sz, int flag); + WOLFSSL_API int wolfSSL_MemoryPaddingSz(void); +#endif /* WOLFSSL_STATIC_MEMORY */ + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLFSSL_MEMORY_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/misc.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/misc.h new file mode 100644 index 0000000..959b2d8 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/misc.h @@ -0,0 +1,79 @@ +/* misc.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_MISC_H +#define WOLF_CRYPT_MISC_H + + +#include + + +#ifdef __cplusplus + extern "C" { +#endif + + +#ifdef NO_INLINE +WOLFSSL_LOCAL +word32 rotlFixed(word32, word32); +WOLFSSL_LOCAL +word32 rotrFixed(word32, word32); + +WOLFSSL_LOCAL +word32 ByteReverseWord32(word32); +WOLFSSL_LOCAL +void ByteReverseWords(word32*, const word32*, word32); + +WOLFSSL_LOCAL +void XorWords(wolfssl_word*, const wolfssl_word*, word32); +WOLFSSL_LOCAL +void xorbuf(void*, const void*, word32); + +WOLFSSL_LOCAL +void ForceZero(const void*, word32); + +WOLFSSL_LOCAL +int ConstantCompare(const byte*, const byte*, int); + +#ifdef WORD64_AVAILABLE +WOLFSSL_LOCAL +word64 rotlFixed64(word64, word64); +WOLFSSL_LOCAL +word64 rotrFixed64(word64, word64); + +WOLFSSL_LOCAL +word64 ByteReverseWord64(word64); +WOLFSSL_LOCAL +void ByteReverseWords64(word64*, const word64*, word32); +#endif /* WORD64_AVAILABLE */ + +#endif /* NO_INLINE */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* WOLF_CRYPT_MISC_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/mpi_class.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/mpi_class.h new file mode 100644 index 0000000..32b95f1 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/mpi_class.h @@ -0,0 +1,1019 @@ +/* mpi_class.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#if !(defined(LTM1) && defined(LTM2) && defined(LTM3)) +#if defined(LTM2) +#define LTM3 +#endif +#if defined(LTM1) +#define LTM2 +#endif +#define LTM1 + +#if defined(LTM_ALL) +#define BN_ERROR_C +#define BN_FAST_MP_INVMOD_C +#define BN_FAST_MP_MONTGOMERY_REDUCE_C +#define BN_FAST_S_MP_MUL_DIGS_C +#define BN_FAST_S_MP_MUL_HIGH_DIGS_C +#define BN_FAST_S_MP_SQR_C +#define BN_MP_2EXPT_C +#define BN_MP_ABS_C +#define BN_MP_ADD_C +#define BN_MP_ADD_D_C +#define BN_MP_ADDMOD_C +#define BN_MP_AND_C +#define BN_MP_CLAMP_C +#define BN_MP_CLEAR_C +#define BN_MP_CLEAR_MULTI_C +#define BN_MP_CMP_C +#define BN_MP_CMP_D_C +#define BN_MP_CMP_MAG_C +#define BN_MP_CNT_LSB_C +#define BN_MP_COPY_C +#define BN_MP_COUNT_BITS_C +#define BN_MP_DIV_C +#define BN_MP_DIV_2_C +#define BN_MP_DIV_2D_C +#define BN_MP_DIV_3_C +#define BN_MP_DIV_D_C +#define BN_MP_DR_IS_MODULUS_C +#define BN_MP_DR_REDUCE_C +#define BN_MP_DR_SETUP_C +#define BN_MP_EXCH_C +#define BN_MP_EXPT_D_C +#define BN_MP_EXPTMOD_C +#define BN_MP_EXPTMOD_FAST_C +#define BN_MP_EXTEUCLID_C +#define BN_MP_FREAD_C +#define BN_MP_FWRITE_C +#define BN_MP_GCD_C +#define BN_MP_GET_INT_C +#define BN_MP_GROW_C +#define BN_MP_INIT_C +#define BN_MP_INIT_COPY_C +#define BN_MP_INIT_MULTI_C +#define BN_MP_INIT_SET_C +#define BN_MP_INIT_SET_INT_C +#define BN_MP_INIT_SIZE_C +#define BN_MP_INVMOD_C +#define BN_MP_INVMOD_SLOW_C +#define BN_MP_IS_SQUARE_C +#define BN_MP_JACOBI_C +#define BN_MP_KARATSUBA_MUL_C +#define BN_MP_KARATSUBA_SQR_C +#define BN_MP_LCM_C +#define BN_MP_LSHD_C +#define BN_MP_MOD_C +#define BN_MP_MOD_2D_C +#define BN_MP_MOD_D_C +#define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C +#define BN_MP_MONTGOMERY_REDUCE_C +#define BN_MP_MONTGOMERY_SETUP_C +#define BN_MP_MUL_C +#define BN_MP_MUL_2_C +#define BN_MP_MUL_2D_C +#define BN_MP_MUL_D_C +#define BN_MP_MULMOD_C +#define BN_MP_N_ROOT_C +#define BN_MP_NEG_C +#define BN_MP_OR_C +#define BN_MP_PRIME_FERMAT_C +#define BN_MP_PRIME_IS_DIVISIBLE_C +#define BN_MP_PRIME_IS_PRIME_C +#define BN_MP_PRIME_MILLER_RABIN_C +#define BN_MP_PRIME_NEXT_PRIME_C +#define BN_MP_PRIME_RABIN_MILLER_TRIALS_C +#define BN_MP_PRIME_RANDOM_EX_C +#define BN_MP_RADIX_SIZE_C +#define BN_MP_RADIX_SMAP_C +#define BN_MP_RAND_C +#define BN_MP_READ_RADIX_C +#define BN_MP_READ_SIGNED_BIN_C +#define BN_MP_READ_UNSIGNED_BIN_C +#define BN_MP_REDUCE_C +#define BN_MP_REDUCE_2K_C +#define BN_MP_REDUCE_2K_L_C +#define BN_MP_REDUCE_2K_SETUP_C +#define BN_MP_REDUCE_2K_SETUP_L_C +#define BN_MP_REDUCE_IS_2K_C +#define BN_MP_REDUCE_IS_2K_L_C +#define BN_MP_REDUCE_SETUP_C +#define BN_MP_RSHD_C +#define BN_MP_SET_C +#define BN_MP_SET_INT_C +#define BN_MP_SHRINK_C +#define BN_MP_SIGNED_BIN_SIZE_C +#define BN_MP_SQR_C +#define BN_MP_SQRMOD_C +#define BN_MP_SQRT_C +#define BN_MP_SUB_C +#define BN_MP_SUB_D_C +#define BN_MP_SUBMOD_C +#define BN_MP_TO_SIGNED_BIN_C +#define BN_MP_TO_SIGNED_BIN_N_C +#define BN_MP_TO_UNSIGNED_BIN_C +#define BN_MP_TO_UNSIGNED_BIN_N_C +#define BN_MP_TOOM_MUL_C +#define BN_MP_TOOM_SQR_C +#define BN_MP_TORADIX_C +#define BN_MP_TORADIX_N_C +#define BN_MP_UNSIGNED_BIN_SIZE_C +#define BN_MP_XOR_C +#define BN_MP_ZERO_C +#define BN_PRIME_TAB_C +#define BN_REVERSE_C +#define BN_S_MP_ADD_C +#define BN_S_MP_EXPTMOD_C +#define BN_S_MP_MUL_DIGS_C +#define BN_S_MP_MUL_HIGH_DIGS_C +#define BN_S_MP_SQR_C +#define BN_S_MP_SUB_C +#define BNCORE_C +#endif + +#if defined(BN_ERROR_C) + #define BN_MP_ERROR_TO_STRING_C +#endif + +#if defined(BN_FAST_MP_INVMOD_C) + #define BN_MP_ISEVEN_C + #define BN_MP_INIT_MULTI_C + #define BN_MP_COPY_C + #define BN_MP_MOD_C + #define BN_MP_SET_C + #define BN_MP_DIV_2_C + #define BN_MP_ISODD_C + #define BN_MP_SUB_C + #define BN_MP_CMP_C + #define BN_MP_ISZERO_C + #define BN_MP_CMP_D_C + #define BN_MP_ADD_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_FAST_MP_MONTGOMERY_REDUCE_C) + #define BN_MP_GROW_C + #define BN_MP_RSHD_C + #define BN_MP_CLAMP_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_FAST_S_MP_MUL_DIGS_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_FAST_S_MP_SQR_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_2EXPT_C) + #define BN_MP_ZERO_C + #define BN_MP_GROW_C +#endif + +#if defined(BN_MP_ABS_C) + #define BN_MP_COPY_C +#endif + +#if defined(BN_MP_ADD_C) + #define BN_S_MP_ADD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_ADD_D_C) + #define BN_MP_GROW_C + #define BN_MP_SUB_D_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_ADDMOD_C) + #define BN_MP_INIT_C + #define BN_MP_ADD_C + #define BN_MP_CLEAR_C + #define BN_MP_MOD_C +#endif + +#if defined(BN_MP_AND_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_CLAMP_C) +#endif + +#if defined(BN_MP_CLEAR_C) +#endif + +#if defined(BN_MP_CLEAR_MULTI_C) + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_CMP_C) + #define BN_MP_CMP_MAG_C +#endif + +#if defined(BN_MP_CMP_D_C) +#endif + +#if defined(BN_MP_CMP_MAG_C) +#endif + +#if defined(BN_MP_CNT_LSB_C) + #define BN_MP_ISZERO_C +#endif + +#if defined(BN_MP_COPY_C) + #define BN_MP_GROW_C +#endif + +#if defined(BN_MP_COUNT_BITS_C) +#endif + +#if defined(BN_MP_DIV_C) + #define BN_MP_ISZERO_C + #define BN_MP_CMP_MAG_C + #define BN_MP_COPY_C + #define BN_MP_ZERO_C + #define BN_MP_INIT_MULTI_C + #define BN_MP_SET_C + #define BN_MP_COUNT_BITS_C + #define BN_MP_ABS_C + #define BN_MP_MUL_2D_C + #define BN_MP_CMP_C + #define BN_MP_SUB_C + #define BN_MP_ADD_C + #define BN_MP_DIV_2D_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_MULTI_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_INIT_C + #define BN_MP_INIT_COPY_C + #define BN_MP_LSHD_C + #define BN_MP_RSHD_C + #define BN_MP_MUL_D_C + #define BN_MP_CLAMP_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_DIV_2_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_DIV_2D_C) + #define BN_MP_COPY_C + #define BN_MP_ZERO_C + #define BN_MP_INIT_C + #define BN_MP_MOD_2D_C + #define BN_MP_CLEAR_C + #define BN_MP_RSHD_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C +#endif + +#if defined(BN_MP_DIV_3_C) + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_DIV_D_C) + #define BN_MP_ISZERO_C + #define BN_MP_COPY_C + #define BN_MP_DIV_2D_C + #define BN_MP_DIV_3_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_DR_IS_MODULUS_C) +#endif + +#if defined(BN_MP_DR_REDUCE_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_DR_SETUP_C) +#endif + +#if defined(BN_MP_EXCH_C) +#endif + +#if defined(BN_MP_EXPT_D_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_SET_C + #define BN_MP_SQR_C + #define BN_MP_CLEAR_C + #define BN_MP_MUL_C +#endif + +#if defined(BN_MP_EXPTMOD_C) + #define BN_MP_INIT_C + #define BN_MP_INVMOD_C + #define BN_MP_CLEAR_C + #define BN_MP_ABS_C + #define BN_MP_CLEAR_MULTI_C + #define BN_MP_REDUCE_IS_2K_L_C + #define BN_S_MP_EXPTMOD_C + #define BN_MP_DR_IS_MODULUS_C + #define BN_MP_REDUCE_IS_2K_C + #define BN_MP_ISODD_C + #define BN_MP_EXPTMOD_FAST_C +#endif + +#if defined(BN_MP_EXPTMOD_FAST_C) + #define BN_MP_COUNT_BITS_C + #define BN_MP_INIT_C + #define BN_MP_CLEAR_C + #define BN_MP_MONTGOMERY_SETUP_C + #define BN_FAST_MP_MONTGOMERY_REDUCE_C + #define BN_MP_MONTGOMERY_REDUCE_C + #define BN_MP_DR_SETUP_C + #define BN_MP_DR_REDUCE_C + #define BN_MP_REDUCE_2K_SETUP_C + #define BN_MP_REDUCE_2K_C + #define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C + #define BN_MP_MULMOD_C + #define BN_MP_SET_C + #define BN_MP_MOD_C + #define BN_MP_COPY_C + #define BN_MP_SQR_C + #define BN_MP_MUL_C + #define BN_MP_EXCH_C +#endif + +#if defined(BN_MP_EXTEUCLID_C) + #define BN_MP_INIT_MULTI_C + #define BN_MP_SET_C + #define BN_MP_COPY_C + #define BN_MP_ISZERO_C + #define BN_MP_DIV_C + #define BN_MP_MUL_C + #define BN_MP_SUB_C + #define BN_MP_NEG_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_FREAD_C) + #define BN_MP_ZERO_C + #define BN_MP_S_RMAP_C + #define BN_MP_MUL_D_C + #define BN_MP_ADD_D_C + #define BN_MP_CMP_D_C +#endif + +#if defined(BN_MP_FWRITE_C) + #define BN_MP_RADIX_SIZE_C + #define BN_MP_TORADIX_C +#endif + +#if defined(BN_MP_GCD_C) + #define BN_MP_ISZERO_C + #define BN_MP_ABS_C + #define BN_MP_ZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_CNT_LSB_C + #define BN_MP_DIV_2D_C + #define BN_MP_CMP_MAG_C + #define BN_MP_EXCH_C + #define BN_S_MP_SUB_C + #define BN_MP_MUL_2D_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_GET_INT_C) +#endif + +#if defined(BN_MP_GROW_C) +#endif + +#if defined(BN_MP_INIT_C) +#endif + +#if defined(BN_MP_INIT_COPY_C) + #define BN_MP_COPY_C +#endif + +#if defined(BN_MP_INIT_MULTI_C) + #define BN_MP_ERR_C + #define BN_MP_INIT_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_INIT_SET_C) + #define BN_MP_INIT_C + #define BN_MP_SET_C +#endif + +#if defined(BN_MP_INIT_SET_INT_C) + #define BN_MP_INIT_C + #define BN_MP_SET_INT_C +#endif + +#if defined(BN_MP_INIT_SIZE_C) + #define BN_MP_INIT_C +#endif + +#if defined(BN_MP_INVMOD_C) + #define BN_MP_ISZERO_C + #define BN_MP_ISODD_C + #define BN_FAST_MP_INVMOD_C + #define BN_MP_INVMOD_SLOW_C +#endif + +#if defined(BN_MP_INVMOD_SLOW_C) + #define BN_MP_ISZERO_C + #define BN_MP_INIT_MULTI_C + #define BN_MP_MOD_C + #define BN_MP_COPY_C + #define BN_MP_ISEVEN_C + #define BN_MP_SET_C + #define BN_MP_DIV_2_C + #define BN_MP_ISODD_C + #define BN_MP_ADD_C + #define BN_MP_SUB_C + #define BN_MP_CMP_C + #define BN_MP_CMP_D_C + #define BN_MP_CMP_MAG_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_IS_SQUARE_C) + #define BN_MP_MOD_D_C + #define BN_MP_INIT_SET_INT_C + #define BN_MP_MOD_C + #define BN_MP_GET_INT_C + #define BN_MP_SQRT_C + #define BN_MP_SQR_C + #define BN_MP_CMP_MAG_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_JACOBI_C) + #define BN_MP_CMP_D_C + #define BN_MP_ISZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_CNT_LSB_C + #define BN_MP_DIV_2D_C + #define BN_MP_MOD_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_KARATSUBA_MUL_C) + #define BN_MP_MUL_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_SUB_C + #define BN_MP_ADD_C + #define BN_MP_LSHD_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_KARATSUBA_SQR_C) + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_SQR_C + #define BN_MP_SUB_C + #define BN_S_MP_ADD_C + #define BN_MP_LSHD_C + #define BN_MP_ADD_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_LCM_C) + #define BN_MP_INIT_MULTI_C + #define BN_MP_GCD_C + #define BN_MP_CMP_MAG_C + #define BN_MP_DIV_C + #define BN_MP_MUL_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_LSHD_C) + #define BN_MP_GROW_C + #define BN_MP_RSHD_C +#endif + +#if defined(BN_MP_MOD_C) + #define BN_MP_INIT_C + #define BN_MP_DIV_C + #define BN_MP_CLEAR_C + #define BN_MP_ADD_C + #define BN_MP_EXCH_C +#endif + +#if defined(BN_MP_MOD_2D_C) + #define BN_MP_ZERO_C + #define BN_MP_COPY_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_MOD_D_C) + #define BN_MP_DIV_D_C +#endif + +#if defined(BN_MP_MONTGOMERY_CALC_NORMALIZATION_C) + #define BN_MP_COUNT_BITS_C + #define BN_MP_2EXPT_C + #define BN_MP_SET_C + #define BN_MP_MUL_2_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_MONTGOMERY_REDUCE_C) + #define BN_FAST_MP_MONTGOMERY_REDUCE_C + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C + #define BN_MP_RSHD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_MONTGOMERY_SETUP_C) +#endif + +#if defined(BN_MP_MUL_C) + #define BN_MP_TOOM_MUL_C + #define BN_MP_KARATSUBA_MUL_C + #define BN_FAST_S_MP_MUL_DIGS_C + #define BN_S_MP_MUL_C + #define BN_S_MP_MUL_DIGS_C +#endif + +#if defined(BN_MP_MUL_2_C) + #define BN_MP_GROW_C +#endif + +#if defined(BN_MP_MUL_2D_C) + #define BN_MP_COPY_C + #define BN_MP_GROW_C + #define BN_MP_LSHD_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_MUL_D_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_MULMOD_C) + #define BN_MP_INIT_C + #define BN_MP_MUL_C + #define BN_MP_CLEAR_C + #define BN_MP_MOD_C +#endif + +#if defined(BN_MP_N_ROOT_C) + #define BN_MP_INIT_C + #define BN_MP_SET_C + #define BN_MP_COPY_C + #define BN_MP_EXPT_D_C + #define BN_MP_MUL_C + #define BN_MP_SUB_C + #define BN_MP_MUL_D_C + #define BN_MP_DIV_C + #define BN_MP_CMP_C + #define BN_MP_SUB_D_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_NEG_C) + #define BN_MP_COPY_C + #define BN_MP_ISZERO_C +#endif + +#if defined(BN_MP_OR_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_FERMAT_C) + #define BN_MP_CMP_D_C + #define BN_MP_INIT_C + #define BN_MP_EXPTMOD_C + #define BN_MP_CMP_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_IS_DIVISIBLE_C) + #define BN_MP_MOD_D_C +#endif + +#if defined(BN_MP_PRIME_IS_PRIME_C) + #define BN_MP_CMP_D_C + #define BN_MP_PRIME_IS_DIVISIBLE_C + #define BN_MP_INIT_C + #define BN_MP_SET_C + #define BN_MP_PRIME_MILLER_RABIN_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_MILLER_RABIN_C) + #define BN_MP_CMP_D_C + #define BN_MP_INIT_COPY_C + #define BN_MP_SUB_D_C + #define BN_MP_CNT_LSB_C + #define BN_MP_DIV_2D_C + #define BN_MP_EXPTMOD_C + #define BN_MP_CMP_C + #define BN_MP_SQRMOD_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_NEXT_PRIME_C) + #define BN_MP_CMP_D_C + #define BN_MP_SET_C + #define BN_MP_SUB_D_C + #define BN_MP_ISEVEN_C + #define BN_MP_MOD_D_C + #define BN_MP_INIT_C + #define BN_MP_ADD_D_C + #define BN_MP_PRIME_MILLER_RABIN_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_RABIN_MILLER_TRIALS_C) +#endif + +#if defined(BN_MP_PRIME_RANDOM_EX_C) + #define BN_MP_READ_UNSIGNED_BIN_C + #define BN_MP_PRIME_IS_PRIME_C + #define BN_MP_SUB_D_C + #define BN_MP_DIV_2_C + #define BN_MP_MUL_2_C + #define BN_MP_ADD_D_C +#endif + +#if defined(BN_MP_RADIX_SIZE_C) + #define BN_MP_COUNT_BITS_C + #define BN_MP_INIT_COPY_C + #define BN_MP_ISZERO_C + #define BN_MP_DIV_D_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_RADIX_SMAP_C) + #define BN_MP_S_RMAP_C +#endif + +#if defined(BN_MP_RAND_C) + #define BN_MP_ZERO_C + #define BN_MP_ADD_D_C + #define BN_MP_LSHD_C +#endif + +#if defined(BN_MP_READ_RADIX_C) + #define BN_MP_ZERO_C + #define BN_MP_S_RMAP_C + #define BN_MP_RADIX_SMAP_C + #define BN_MP_MUL_D_C + #define BN_MP_ADD_D_C + #define BN_MP_ISZERO_C +#endif + +#if defined(BN_MP_READ_SIGNED_BIN_C) + #define BN_MP_READ_UNSIGNED_BIN_C +#endif + +#if defined(BN_MP_READ_UNSIGNED_BIN_C) + #define BN_MP_GROW_C + #define BN_MP_ZERO_C + #define BN_MP_MUL_2D_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_REDUCE_C) + #define BN_MP_REDUCE_SETUP_C + #define BN_MP_INIT_COPY_C + #define BN_MP_RSHD_C + #define BN_MP_MUL_C + #define BN_S_MP_MUL_HIGH_DIGS_C + #define BN_FAST_S_MP_MUL_HIGH_DIGS_C + #define BN_MP_MOD_2D_C + #define BN_S_MP_MUL_DIGS_C + #define BN_MP_SUB_C + #define BN_MP_CMP_D_C + #define BN_MP_SET_C + #define BN_MP_LSHD_C + #define BN_MP_ADD_C + #define BN_MP_CMP_C + #define BN_S_MP_SUB_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_REDUCE_2K_C) + #define BN_MP_INIT_C + #define BN_MP_COUNT_BITS_C + #define BN_MP_DIV_2D_C + #define BN_MP_MUL_D_C + #define BN_S_MP_ADD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_REDUCE_2K_L_C) + #define BN_MP_INIT_C + #define BN_MP_COUNT_BITS_C + #define BN_MP_DIV_2D_C + #define BN_MP_MUL_C + #define BN_S_MP_ADD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_REDUCE_2K_SETUP_C) + #define BN_MP_INIT_C + #define BN_MP_COUNT_BITS_C + #define BN_MP_2EXPT_C + #define BN_MP_CLEAR_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_REDUCE_2K_SETUP_L_C) + #define BN_MP_INIT_C + #define BN_MP_2EXPT_C + #define BN_MP_COUNT_BITS_C + #define BN_S_MP_SUB_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_REDUCE_IS_2K_C) + #define BN_MP_REDUCE_2K_C + #define BN_MP_COUNT_BITS_C +#endif + +#if defined(BN_MP_REDUCE_IS_2K_L_C) +#endif + +#if defined(BN_MP_REDUCE_SETUP_C) + #define BN_MP_2EXPT_C + #define BN_MP_DIV_C +#endif + +#if defined(BN_MP_RSHD_C) + #define BN_MP_ZERO_C +#endif + +#if defined(BN_MP_SET_C) + #define BN_MP_ZERO_C +#endif + +#if defined(BN_MP_SET_INT_C) + #define BN_MP_ZERO_C + #define BN_MP_MUL_2D_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_SHRINK_C) +#endif + +#if defined(BN_MP_SIGNED_BIN_SIZE_C) + #define BN_MP_UNSIGNED_BIN_SIZE_C +#endif + +#if defined(BN_MP_SQR_C) + #define BN_MP_TOOM_SQR_C + #define BN_MP_KARATSUBA_SQR_C + #define BN_FAST_S_MP_SQR_C + #define BN_S_MP_SQR_C +#endif + +#if defined(BN_MP_SQRMOD_C) + #define BN_MP_INIT_C + #define BN_MP_SQR_C + #define BN_MP_CLEAR_C + #define BN_MP_MOD_C +#endif + +#if defined(BN_MP_SQRT_C) + #define BN_MP_N_ROOT_C + #define BN_MP_ISZERO_C + #define BN_MP_ZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_RSHD_C + #define BN_MP_DIV_C + #define BN_MP_ADD_C + #define BN_MP_DIV_2_C + #define BN_MP_CMP_MAG_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_SUB_C) + #define BN_S_MP_ADD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_SUB_D_C) + #define BN_MP_GROW_C + #define BN_MP_ADD_D_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_SUBMOD_C) + #define BN_MP_INIT_C + #define BN_MP_SUB_C + #define BN_MP_CLEAR_C + #define BN_MP_MOD_C +#endif + +#if defined(BN_MP_TO_SIGNED_BIN_C) + #define BN_MP_TO_UNSIGNED_BIN_C +#endif + +#if defined(BN_MP_TO_SIGNED_BIN_N_C) + #define BN_MP_SIGNED_BIN_SIZE_C + #define BN_MP_TO_SIGNED_BIN_C +#endif + +#if defined(BN_MP_TO_UNSIGNED_BIN_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_ISZERO_C + #define BN_MP_DIV_2D_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_TO_UNSIGNED_BIN_N_C) + #define BN_MP_UNSIGNED_BIN_SIZE_C + #define BN_MP_TO_UNSIGNED_BIN_C +#endif + +#if defined(BN_MP_TOOM_MUL_C) + #define BN_MP_INIT_MULTI_C + #define BN_MP_MOD_2D_C + #define BN_MP_COPY_C + #define BN_MP_RSHD_C + #define BN_MP_MUL_C + #define BN_MP_MUL_2_C + #define BN_MP_ADD_C + #define BN_MP_SUB_C + #define BN_MP_DIV_2_C + #define BN_MP_MUL_2D_C + #define BN_MP_MUL_D_C + #define BN_MP_DIV_3_C + #define BN_MP_LSHD_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_TOOM_SQR_C) + #define BN_MP_INIT_MULTI_C + #define BN_MP_MOD_2D_C + #define BN_MP_COPY_C + #define BN_MP_RSHD_C + #define BN_MP_SQR_C + #define BN_MP_MUL_2_C + #define BN_MP_ADD_C + #define BN_MP_SUB_C + #define BN_MP_DIV_2_C + #define BN_MP_MUL_2D_C + #define BN_MP_MUL_D_C + #define BN_MP_DIV_3_C + #define BN_MP_LSHD_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_TORADIX_C) + #define BN_MP_ISZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_DIV_D_C + #define BN_MP_CLEAR_C + #define BN_MP_S_RMAP_C +#endif + +#if defined(BN_MP_TORADIX_N_C) + #define BN_MP_ISZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_DIV_D_C + #define BN_MP_CLEAR_C + #define BN_MP_S_RMAP_C +#endif + +#if defined(BN_MP_UNSIGNED_BIN_SIZE_C) + #define BN_MP_COUNT_BITS_C +#endif + +#if defined(BN_MP_XOR_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_ZERO_C) +#endif + +#if defined(BN_PRIME_TAB_C) +#endif + +#if defined(BN_REVERSE_C) +#endif + +#if defined(BN_S_MP_ADD_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_S_MP_EXPTMOD_C) + #define BN_MP_COUNT_BITS_C + #define BN_MP_INIT_C + #define BN_MP_CLEAR_C + #define BN_MP_REDUCE_SETUP_C + #define BN_MP_REDUCE_C + #define BN_MP_REDUCE_2K_SETUP_L_C + #define BN_MP_REDUCE_2K_L_C + #define BN_MP_MOD_C + #define BN_MP_COPY_C + #define BN_MP_SQR_C + #define BN_MP_MUL_C + #define BN_MP_SET_C + #define BN_MP_EXCH_C +#endif + +#if defined(BN_S_MP_MUL_DIGS_C) + #define BN_FAST_S_MP_MUL_DIGS_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_S_MP_MUL_HIGH_DIGS_C) + #define BN_FAST_S_MP_MUL_HIGH_DIGS_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_S_MP_SQR_C) + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_S_MP_SUB_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BNCORE_C) +#endif + +#ifdef LTM3 +#define LTM_LAST +#endif +#include "mpi_superclass.h" +#include "mpi_class.h" +#else +#define LTM_LAST +#endif + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/mpi_superclass.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/mpi_superclass.h new file mode 100644 index 0000000..aa09bed --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/mpi_superclass.h @@ -0,0 +1,96 @@ +/* mpi_superclass.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +/* super class file for PK algos */ + +/* default ... include all MPI */ +#define LTM_ALL + +/* RSA only (does not support DH/DSA/ECC) */ +/* #define SC_RSA_1 */ + +/* For reference.... On an Athlon64 optimizing for speed... + + LTM's mpi.o with all functions [striped] is 142KiB in size. + +*/ + +/* Works for RSA only, mpi.o is 68KiB */ +#ifdef SC_RSA_1 + #define BN_MP_SHRINK_C + #define BN_MP_LCM_C + #define BN_MP_PRIME_RANDOM_EX_C + #define BN_MP_INVMOD_C + #define BN_MP_GCD_C + #define BN_MP_MOD_C + #define BN_MP_MULMOD_C + #define BN_MP_ADDMOD_C + #define BN_MP_EXPTMOD_C + #define BN_MP_SET_INT_C + #define BN_MP_INIT_MULTI_C + #define BN_MP_CLEAR_MULTI_C + #define BN_MP_UNSIGNED_BIN_SIZE_C + #define BN_MP_TO_UNSIGNED_BIN_C + #define BN_MP_MOD_D_C + #define BN_MP_PRIME_RABIN_MILLER_TRIALS_C + #define BN_REVERSE_C + #define BN_PRIME_TAB_C + + /* other modifiers */ + #define BN_MP_DIV_SMALL /* Slower division, not critical */ + + /* here we are on the last pass so we turn things off. The functions classes are still there + * but we remove them specifically from the build. This also invokes tweaks in functions + * like removing support for even moduli, etc... + */ +#ifdef LTM_LAST + #undef BN_MP_TOOM_MUL_C + #undef BN_MP_TOOM_SQR_C + #undef BN_MP_KARATSUBA_MUL_C + #undef BN_MP_KARATSUBA_SQR_C + #undef BN_MP_REDUCE_C + #undef BN_MP_REDUCE_SETUP_C + #undef BN_MP_DR_IS_MODULUS_C + #undef BN_MP_DR_SETUP_C + #undef BN_MP_DR_REDUCE_C + #undef BN_MP_REDUCE_IS_2K_C + #undef BN_MP_REDUCE_2K_SETUP_C + #undef BN_MP_REDUCE_2K_C + #undef BN_S_MP_EXPTMOD_C + #undef BN_MP_DIV_3_C + #undef BN_S_MP_MUL_HIGH_DIGS_C + #undef BN_FAST_S_MP_MUL_HIGH_DIGS_C + #undef BN_FAST_MP_INVMOD_C + + /* To safely undefine these you have to make sure your RSA key won't exceed the Comba threshold + * which is roughly 255 digits [7140 bits for 32-bit machines, 15300 bits for 64-bit machines] + * which means roughly speaking you can handle up to 2536-bit RSA keys with these defined without + * trouble. + */ + #undef BN_S_MP_MUL_DIGS_C + #undef BN_S_MP_SQR_C + #undef BN_MP_MONTGOMERY_REDUCE_C +#endif + +#endif + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/pkcs12.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/pkcs12.h new file mode 100644 index 0000000..934f784 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/pkcs12.h @@ -0,0 +1,60 @@ +/* pkcs12.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_PKCS12_H +#define WOLF_CRYPT_PKCS12_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + +#ifndef WOLFSSL_TYPES_DEFINED /* do not redeclare from ssl.h */ + typedef struct WC_PKCS12 WC_PKCS12; +#endif + +typedef struct WC_DerCertList { /* dereferenced in ssl.c */ + byte* buffer; + word32 bufferSz; + struct WC_DerCertList* next; +} WC_DerCertList; + + + +WOLFSSL_API WC_PKCS12* wc_PKCS12_new(void); +WOLFSSL_API void wc_PKCS12_free(WC_PKCS12* pkcs12); +WOLFSSL_API int wc_d2i_PKCS12(const byte* der, word32 derSz, WC_PKCS12* pkcs12); +WOLFSSL_API int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, + byte** pkey, word32* pkeySz, byte** cert, word32* certSz, + WC_DerCertList** ca); + +WOLFSSL_LOCAL int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap); +WOLFSSL_LOCAL void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_PKCS12_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/pkcs7.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/pkcs7.h new file mode 100644 index 0000000..5ffab85 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/pkcs7.h @@ -0,0 +1,157 @@ +/* pkcs7.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_PKCS7_H +#define WOLF_CRYPT_PKCS7_H + +#include + +#ifdef HAVE_PKCS7 + +#ifndef NO_ASN + #include +#endif +#include +#include +#ifndef NO_AES + #include +#endif +#ifndef NO_DES3 + #include +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +/* PKCS#7 content types, ref RFC 2315 (Section 14) */ +enum PKCS7_TYPES { + PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */ + DATA = 651, /* 1.2.840.113549.1.7.1 */ + SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */ + ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */ + SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */ + DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */ + ENCRYPTED_DATA = 656 /* 1.2.840.113549.1.7.6 */ +}; + +enum Pkcs7_Misc { + PKCS7_NONCE_SZ = 16, + MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */ + MAX_CONTENT_KEY_LEN = 32, /* highest current cipher is AES-256-CBC */ + MAX_CONTENT_IV_SIZE = 16, /* highest current is AES128 */ +#ifndef NO_AES + MAX_CONTENT_BLOCK_LEN = AES_BLOCK_SIZE, +#else + MAX_CONTENT_BLOCK_LEN = DES_BLOCK_SIZE, +#endif + MAX_RECIP_SZ = MAX_VERSION_SZ + + MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ + + MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ +}; + + +typedef struct PKCS7Attrib { + byte* oid; + word32 oidSz; + byte* value; + word32 valueSz; +} PKCS7Attrib; + + +typedef struct PKCS7DecodedAttrib { + byte* oid; + word32 oidSz; + byte* value; + word32 valueSz; + struct PKCS7DecodedAttrib* next; +} PKCS7DecodedAttrib; + + +typedef struct PKCS7 { + byte* content; /* inner content, not owner */ + word32 contentSz; /* content size */ + int contentOID; /* PKCS#7 content type OID sum */ + + WC_RNG* rng; + + int hashOID; + int encryptOID; /* key encryption algorithm OID */ + int keyWrapOID; /* key wrap algorithm OID */ + int keyAgreeOID; /* key agreement algorithm OID */ + + void* heap; /* heap hint for dynamic memory */ + byte* singleCert; /* recipient cert, DER, not owner */ + word32 singleCertSz; /* size of recipient cert buffer, bytes */ + byte issuerHash[KEYID_SIZE]; /* hash of all alt Names */ + byte* issuer; /* issuer name of singleCert */ + word32 issuerSz; /* length of issuer name */ + byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */ + word32 issuerSnSz; /* length of serial number */ + + byte publicKey[512]; + word32 publicKeySz; + word32 publicKeyOID; /* key OID (RSAk, ECDSAk, etc) */ + byte* privateKey; /* private key, DER, not owner */ + word32 privateKeySz; /* size of private key buffer, bytes */ + + PKCS7Attrib* signedAttribs; + word32 signedAttribsSz; + + /* Enveloped-data optional ukm, not owner */ + byte* ukm; + word32 ukmSz; + + /* Encrypted-data Content Type */ + byte* encryptionKey; /* block cipher encryption key */ + word32 encryptionKeySz; /* size of key buffer, bytes */ + PKCS7Attrib* unprotectedAttribs; /* optional */ + word32 unprotectedAttribsSz; + PKCS7DecodedAttrib* decodedAttrib; /* linked list of decoded attribs */ +} PKCS7; + + +WOLFSSL_API int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz); +WOLFSSL_API void wc_PKCS7_Free(PKCS7* pkcs7); +WOLFSSL_API int wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output, + word32 outputSz); +WOLFSSL_API int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, + byte* output, word32 outputSz); +WOLFSSL_API int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, + byte* pkiMsg, word32 pkiMsgSz); +WOLFSSL_API int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, + byte* output, word32 outputSz); +WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, + word32 pkiMsgSz, byte* output, + word32 outputSz); +WOLFSSL_API int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, + byte* output, word32 outputSz); +WOLFSSL_API int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg, + word32 pkiMsgSz, byte* output, + word32 outputSz); +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_PKCS7 */ +#endif /* WOLF_CRYPT_PKCS7_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/poly1305.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/poly1305.h new file mode 100644 index 0000000..75e30d7 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/poly1305.h @@ -0,0 +1,94 @@ +/* poly1305.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_POLY1305_H +#define WOLF_CRYPT_POLY1305_H + +#include + +#ifdef HAVE_POLY1305 + +#ifdef __cplusplus + extern "C" { +#endif + +/* auto detect between 32bit / 64bit */ +#if defined(__SIZEOF_INT128__) && defined(__LP64__) +#define WC_HAS_SIZEOF_INT128_64BIT +#endif + +#if defined(_MSC_VER) && defined(_M_X64) +#define WC_HAS_MSVC_64BIT +#endif + +#if (defined(__GNUC__) && defined(__LP64__) && \ + ((__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)))) +#define WC_HAS_GCC_4_4_64BIT +#endif + +#if (defined(WC_HAS_SIZEOF_INT128_64BIT) || defined(WC_HAS_MSVC_64BIT) || \ + defined(WC_HAS_GCC_4_4_64BIT)) +#define POLY130564 +#else +#define POLY130532 +#endif + +enum { + POLY1305 = 7, + POLY1305_BLOCK_SIZE = 16, + POLY1305_DIGEST_SIZE = 16, +}; + +#define WC_POLY1305_PAD_SZ 16 +#define WC_POLY1305_MAC_SZ 16 + +/* Poly1305 state */ +typedef struct Poly1305 { +#if defined(POLY130564) + word64 r[3]; + word64 h[3]; + word64 pad[2]; +#else + word32 r[5]; + word32 h[5]; + word32 pad[4]; +#endif + size_t leftover; + unsigned char buffer[POLY1305_BLOCK_SIZE]; + unsigned char final; +} Poly1305; + + +/* does init */ + +WOLFSSL_API int wc_Poly1305SetKey(Poly1305* poly1305, const byte* key, word32 kySz); +WOLFSSL_API int wc_Poly1305Update(Poly1305* poly1305, const byte*, word32); +WOLFSSL_API int wc_Poly1305Final(Poly1305* poly1305, byte* tag); +WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz, + byte* input, word32 sz, byte* tag, word32 tagSz); +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* HAVE_POLY1305 */ +#endif /* WOLF_CRYPT_POLY1305_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/pwdbased.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/pwdbased.h new file mode 100644 index 0000000..8e055c4 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/pwdbased.h @@ -0,0 +1,75 @@ +/* pwdbased.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_PWDBASED_H +#define WOLF_CRYPT_PWDBASED_H + +#include + +#ifndef NO_PWDBASED + +#ifndef NO_MD5 + #include /* for hash type */ +#endif + +#include + +#ifdef __cplusplus + extern "C" { +#endif + +/* + * hashType renamed to typeH to avoid shadowing global declaration here: + * wolfssl/wolfcrypt/asn.h line 173 in enum Oid_Types + */ +WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen, + const byte* salt, int sLen, int iterations, int kLen, + int typeH); +WOLFSSL_API int wc_PBKDF2(byte* output, const byte* passwd, int pLen, + const byte* salt, int sLen, int iterations, int kLen, + int typeH); +WOLFSSL_API int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int pLen, + const byte* salt, int sLen, int iterations, + int kLen, int typeH, int purpose); +WOLFSSL_API int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd,int passLen, + const byte* salt, int saltLen, int iterations, int kLen, + int hashType, int id, void* heap); + +#ifdef HAVE_SCRYPT +WOLFSSL_API int wc_scrypt(byte* output, const byte* passwd, int passLen, + const byte* salt, int saltLen, int cost, + int blockSize, int parallel, int dkLen); +#endif + +/* helper functions */ +WOLFSSL_LOCAL int GetDigestSize(int typeH); +WOLFSSL_LOCAL int GetPKCS12HashSizes(int typeH, word32* v, word32* u); +WOLFSSL_LOCAL int DoPKCS12Hash(int typeH, byte* buffer, word32 totalLen, + byte* Ai, word32 u, int iterations); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_PWDBASED */ +#endif /* WOLF_CRYPT_PWDBASED_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/rabbit.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/rabbit.h new file mode 100644 index 0000000..fea0ec1 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/rabbit.h @@ -0,0 +1,69 @@ +/* rabbit.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_RABBIT_H +#define WOLF_CRYPT_RABBIT_H + +#include + +#ifndef NO_RABBIT + +#ifdef __cplusplus + extern "C" { +#endif + + +enum { + RABBIT_ENC_TYPE = 5 /* cipher unique type */ +}; + + +/* Rabbit Context */ +typedef struct RabbitCtx { + word32 x[8]; + word32 c[8]; + word32 carry; +} RabbitCtx; + + +/* Rabbit stream cipher */ +typedef struct Rabbit { + RabbitCtx masterCtx; + RabbitCtx workCtx; +#ifdef XSTREAM_ALIGN + void* heap; /* heap hint, currently XMALLOC only used with aligning */ +#endif +} Rabbit; + + +WOLFSSL_API int wc_RabbitProcess(Rabbit*, byte*, const byte*, word32); +WOLFSSL_API int wc_RabbitSetKey(Rabbit*, const byte* key, const byte* iv); + +WOLFSSL_LOCAL int wc_Rabbit_SetHeap(Rabbit* ctx, void* heap); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_RABBIT */ +#endif /* WOLF_CRYPT_RABBIT_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/random.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/random.h new file mode 100644 index 0000000..1669a6e --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/random.h @@ -0,0 +1,179 @@ +/* random.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_RANDOM_H +#define WOLF_CRYPT_RANDOM_H + +#include + +#ifdef HAVE_FIPS +/* for fips @wc_fips */ +#include +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +/* Maximum generate block length */ +#define RNG_MAX_BLOCK_LEN (0x10000) + +#ifndef HAVE_FIPS /* avoid redefining structs and macros */ + +#if defined(WOLFSSL_FORCE_RC4_DRBG) && defined(NO_RC4) + #error Cannot have WOLFSSL_FORCE_RC4_DRBG and NO_RC4 defined. +#endif /* WOLFSSL_FORCE_RC4_DRBG && NO_RC4 */ + + +/* RNG supports the following sources (in order): + * 1. CUSTOM_RAND_GENERATE_BLOCK: Defines name of function as RNG source and + * bypasses the P-RNG. + * 2. HAVE_HASHDRBG && !NO_SHA256 (SHA256 enabled): Uses SHA256 based P-RNG + * seeded via wc_GenerateSeed. This is the default source. + * 3. !NO_RC4 (RC4 enabled): Uses RC4 + */ + +#if defined(CUSTOM_RAND_GENERATE_BLOCK) + /* To use define the following: + * #define CUSTOM_RAND_GENERATE_BLOCK myRngFunc + * extern int myRngFunc(byte* output, word32 sz); + */ +#elif (defined(HAVE_HASHDRBG) || defined(NO_RC4)) + #ifdef NO_SHA256 + #error "Hash DRBG requires SHA-256." + #endif /* NO_SHA256 */ + + #include +#else + #include +#endif + + +#ifdef HAVE_WNR + #include +#endif + +#if defined(USE_WINDOWS_API) + #if defined(_WIN64) + typedef unsigned __int64 ProviderHandle; + /* type HCRYPTPROV, avoid #include */ + #else + typedef unsigned long ProviderHandle; + #endif +#endif + + +/* OS specific seeder */ +typedef struct OS_Seed { + #if defined(USE_WINDOWS_API) + ProviderHandle handle; + #else + int fd; + #endif +} OS_Seed; + + +#ifndef WC_RNG_TYPE_DEFINED /* guard on redeclaration */ + typedef struct WC_RNG WC_RNG; + #define WC_RNG_TYPE_DEFINED +#endif + +#if (defined(HAVE_HASHDRBG) || defined(NO_RC4)) && !defined(CUSTOM_RAND_GENERATE_BLOCK) + +#define DRBG_SEED_LEN (440/8) + + +struct DRBG; /* Private DRBG state */ + + +/* Hash-based Deterministic Random Bit Generator */ +struct WC_RNG { + struct DRBG* drbg; + OS_Seed seed; + void* heap; + byte status; +}; + + + +#else /* (HAVE_HASHDRBG || NO_RC4) && !CUSTOM_RAND_GENERATE_BLOCK */ + +#ifdef WOLFSSL_ASYNC_CRYPT + #include +#endif + +/* secure Random Number Generator */ + + +struct WC_RNG { + OS_Seed seed; +#ifndef NO_RC4 + Arc4 cipher; +#endif +#ifdef WOLFSSL_ASYNC_CRYPT + AsyncCryptDev asyncDev; +#endif +}; + + + +#endif /* (HAVE_HASHDRBG || NO_RC4) && !CUSTOM_RAND_GENERATE_BLOCK */ +#endif /* HAVE_FIPS */ + +/* NO_OLD_RNGNAME removes RNG struct name to prevent possible type conflicts, + * can't be used with CTaoCrypt FIPS */ +#if !defined(NO_OLD_RNGNAME) && !defined(HAVE_FIPS) + #define RNG WC_RNG +#endif + +WOLFSSL_LOCAL +int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz); + + +#ifdef HAVE_WNR + /* Whitewood netRandom client library */ + WOLFSSL_API int wc_InitNetRandom(const char*, wnr_hmac_key, int); + WOLFSSL_API int wc_FreeNetRandom(void); +#endif /* HAVE_WNR */ + + +WOLFSSL_API int wc_InitRng(WC_RNG*); +WOLFSSL_API int wc_InitRng_ex(WC_RNG* rng, void* heap); +WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz); +WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*); +WOLFSSL_API int wc_FreeRng(WC_RNG*); + + +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + WOLFSSL_API int wc_RNG_HealthTest(int reseed, + const byte* entropyA, word32 entropyASz, + const byte* entropyB, word32 entropyBSz, + byte* output, word32 outputSz); +#endif /* HAVE_HASHDRBG || NO_RC4 */ + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_RANDOM_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/ripemd.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/ripemd.h new file mode 100644 index 0000000..5845d59 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/ripemd.h @@ -0,0 +1,64 @@ +/* ripemd.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_RIPEMD_H +#define WOLF_CRYPT_RIPEMD_H + +#include + +#ifdef WOLFSSL_RIPEMD + +#ifdef __cplusplus + extern "C" { +#endif + + +/* in bytes */ +enum { + RIPEMD = 3, /* hash type unique */ + RIPEMD_BLOCK_SIZE = 64, + RIPEMD_DIGEST_SIZE = 20, + RIPEMD_PAD_SIZE = 56 +}; + + +/* RipeMd 160 digest */ +typedef struct RipeMd { + word32 buffLen; /* in bytes */ + word32 loLen; /* length in bytes */ + word32 hiLen; /* length in bytes */ + word32 digest[RIPEMD_DIGEST_SIZE / sizeof(word32)]; + word32 buffer[RIPEMD_BLOCK_SIZE / sizeof(word32)]; +} RipeMd; + + +WOLFSSL_API void wc_InitRipeMd(RipeMd*); +WOLFSSL_API void wc_RipeMdUpdate(RipeMd*, const byte*, word32); +WOLFSSL_API void wc_RipeMdFinal(RipeMd*, byte*); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLFSSL_RIPEMD */ +#endif /* WOLF_CRYPT_RIPEMD_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/rsa.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/rsa.h new file mode 100644 index 0000000..d7f5cca --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/rsa.h @@ -0,0 +1,179 @@ +/* rsa.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_RSA_H +#define WOLF_CRYPT_RSA_H + +#include + +#ifndef NO_RSA + +/* allow for user to plug in own crypto */ +#if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA)) + #include "user_rsa.h" +#else + +#ifdef HAVE_FIPS +/* for fips @wc_fips */ +#include +#if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN) + #define WOLFSSL_KEY_GEN +#endif +#else + #include + #include +#endif /* HAVE_FIPS */ + +/* header file needed for OAEP padding */ +#include + +#ifdef __cplusplus + extern "C" { +#endif + +/* avoid redefinition of structs */ +#if !defined(HAVE_FIPS) + +#ifdef WOLFSSL_ASYNC_CRYPT + #include +#endif + +enum { + RSA_PUBLIC = 0, + RSA_PRIVATE = 1, + + RSA_TYPE_UNKNOWN = -1, + RSA_PUBLIC_ENCRYPT = 0, + RSA_PUBLIC_DECRYPT = 1, + RSA_PRIVATE_ENCRYPT = 2, + RSA_PRIVATE_DECRYPT = 3, + + RSA_BLOCK_TYPE_1 = 1, + RSA_BLOCK_TYPE_2 = 2, + + RSA_MIN_SIZE = 512, + RSA_MAX_SIZE = 4096, + + RSA_MIN_PAD_SZ = 11 /* separator + 0 + pad value + 8 pads */ +}; + + +/* RSA */ +typedef struct RsaKey { + mp_int n, e, d, p, q, dP, dQ, u; + int type; /* public or private */ + void* heap; /* for user memory overrides */ + int state; + byte* tmp; /* temp buffer for async RSA */ + word32 tmpLen; + byte tmpIsAlloc; +#ifdef WC_RSA_BLINDING + WC_RNG* rng; /* for PrivateDecrypt blinding */ +#endif +#ifdef WOLFSSL_ASYNC_CRYPT + AsyncCryptDev asyncDev; +#endif /* WOLFSSL_ASYNC_CRYPT */ +} RsaKey; +#endif /*HAVE_FIPS */ + +WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); +WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); +WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); + +WOLFSSL_LOCAL int wc_RsaFunction(const byte* in, word32 inLen, byte* out, + word32* outLen, int type, RsaKey* key, WC_RNG* rng); + +WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key, WC_RNG* rng); +WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, + RsaKey* key); +WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key); +WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key, WC_RNG* rng); +WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, + RsaKey* key); +WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key); +WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key); + +#ifndef HAVE_FIPS /* to avoid asn duplicate symbols @wc_fips */ +WOLFSSL_API int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, + RsaKey*, word32); +WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, + RsaKey*, word32); +WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, + const byte* e, word32 eSz, RsaKey* key); +#ifdef WOLFSSL_KEY_GEN + WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen); +#endif + +WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng); + +/* + choice of padding added after fips, so not available when using fips RSA + */ + +/* Mask Generation Function Identifiers */ +#define WC_MGF1NONE 0 +#define WC_MGF1SHA1 26 +#define WC_MGF1SHA224 4 +#define WC_MGF1SHA256 1 +#define WC_MGF1SHA384 2 +#define WC_MGF1SHA512 3 + +/* Padding types */ +#define WC_RSA_PKCSV15_PAD 0 +#define WC_RSA_OAEP_PAD 1 + +WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key, WC_RNG* rng, int type, + enum wc_HashType hash, int mgf, byte* label, word32 lableSz); +WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen, + byte* out, word32 outLen, RsaKey* key, int type, + enum wc_HashType hash, int mgf, byte* label, word32 lableSz); +WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen, + byte** out, RsaKey* key, int type, enum wc_HashType hash, + int mgf, byte* label, word32 lableSz); +#endif /* HAVE_FIPS*/ +WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*, + word32*); + +#ifdef WOLFSSL_KEY_GEN + WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen); + WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng); +#endif + +#ifdef WOLFSSL_ASYNC_CRYPT + WOLFSSL_API int wc_RsaAsyncHandle(RsaKey* key, WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event); + WOLFSSL_API int wc_RsaAsyncWait(int ret, RsaKey* key); +#endif + +#endif /* HAVE_USER_RSA */ + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_RSA */ +#endif /* WOLF_CRYPT_RSA_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/settings.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/settings.h new file mode 100644 index 0000000..734e756 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/settings.h @@ -0,0 +1,1503 @@ +/* settings.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef WOLF_CRYPT_SETTINGS_H +#define WOLF_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using PIC32MZ Crypto Engine */ +/* #define WOLFSSL_MICROCHIP_PIC32MZ */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS+ TCP */ +/* #define FREERTOS_TCP */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define WOLFSSL_LWIP */ + +/* Uncomment next line if building wolfSSL for a game console */ +/* #define WOLFSSL_GAME_BUILD */ + +/* Uncomment next line if building wolfSSL for LSR */ +/* #define WOLFSSL_LSR */ + +/* Uncomment next line if building for Freescale Classic MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if building for Freescale KSDK MQX/RTCS/MFS */ +/* #define FREESCALE_KSDK_MQX */ + +/* Uncomment next line if building for Freescale KSDK Bare Metal */ +/* #define FREESCALE_KSDK_BM */ + +/* Uncomment next line if building for Freescale KSDK FreeRTOS (old name FREESCALE_FREE_RTOS) */ +/* #define FREESCALE_KSDK_FREERTOS */ + +/* Uncomment next line if using STM32F2 */ +/* #define WOLFSSL_STM32F2 */ + +/* Uncomment next line if using QL SEP settings */ +/* #define WOLFSSL_QL */ + +/* Uncomment next line if building for EROAD */ +/* #define WOLFSSL_EROAD */ + +/* Uncomment next line if building for IAR EWARM */ +/* #define WOLFSSL_IAR_ARM */ + +/* Uncomment next line if building for Rowley CrossWorks ARM */ +/* #define WOLFSSL_ROWLEY_ARM */ + +/* Uncomment next line if using TI-RTOS settings */ +/* #define WOLFSSL_TIRTOS */ + +/* Uncomment next line if building with PicoTCP */ +/* #define WOLFSSL_PICOTCP */ + +/* Uncomment next line if building for PicoTCP demo bundle */ +/* #define WOLFSSL_PICOTCP_DEMO */ + +/* Uncomment next line if building for uITRON4 */ +/* #define WOLFSSL_uITRON4 */ + +/* Uncomment next line if building for uT-Kernel */ +/* #define WOLFSSL_uTKERNEL2 */ + +/* Uncomment next line if using Max Strength build */ +/* #define WOLFSSL_MAX_STRENGTH */ + +/* Uncomment next line if building for VxWorks */ +/* #define WOLFSSL_VXWORKS */ + +/* Uncomment next line if building for Nordic nRF5x platofrm */ +/* #define WOLFSSL_NRF5x */ + +/* Uncomment next line to enable deprecated less secure static DH suites */ +/* #define WOLFSSL_STATIC_DH */ + +/* Uncomment next line to enable deprecated less secure static RSA suites */ +/* #define WOLFSSL_STATIC_RSA */ + +/* Uncomment next line if building for ARDUINO */ +/* Uncomment both lines if building for ARDUINO on INTEL_GALILEO */ +/* #define WOLFSSL_ARDUINO */ +/* #define INTEL_GALILEO */ + +/* Uncomment next line to enable asynchronous crypto WC_PENDING_E */ +/* #define WOLFSSL_ASYNC_CRYPT */ + +/* Uncomment next line if building for uTasker */ +/* #define WOLFSSL_UTASKER */ + +/* Uncomment next line if building for embOS */ +/* #define WOLFSSL_EMBOS */ + +/* Uncomment next line if building for RIOT-OS */ +/* #define WOLFSSL_RIOT_OS */ + +#include + +#ifdef WOLFSSL_USER_SETTINGS + #include +#endif + + +/* make sure old RNG name is used with CTaoCrypt FIPS */ +#ifdef HAVE_FIPS + #define WC_RNG RNG + /* blinding adds API not available yet in FIPS mode */ + #undef WC_RSA_BLINDING +#endif + + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */ + #define WOLFSSL_LWIP + #define NO_WRITEV + #define SINGLE_THREADED + #define WOLFSSL_USER_IO + #define NO_FILESYSTEM +#endif + +#if defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_ROWLEY_ARM) + #define NO_MAIN_DRIVER + #define SINGLE_THREADED + #if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_4096) + #define USE_CERT_BUFFERS_1024 + #endif + #define BENCH_EMBEDDED + #define NO_FILESYSTEM + #define NO_WRITEV + #define WOLFSSL_USER_IO + #define BENCH_EMBEDDED +#endif + +#ifdef MICROCHIP_PIC32 + /* #define WOLFSSL_MICROCHIP_PIC32MZ */ + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define WOLFSSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define NEED_AES_TABLES + #define WOLFSSL_HAVE_MIN +#endif + +#ifdef WOLFSSL_MICROCHIP_PIC32MZ + #define WOLFSSL_PIC32MZ_CE + #define WOLFSSL_PIC32MZ_CRYPT + #define HAVE_AES_ENGINE + #define WOLFSSL_PIC32MZ_RNG + /* #define WOLFSSL_PIC32MZ_HASH */ + #define WOLFSSL_AES_COUNTER + #define HAVE_AESGCM + #define NO_BIG_INT +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "system/system_services.h" + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define WOLFSSL_USER_IO + #define NO_FILESYSTEM + #define NO_CERT + #if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_4096) + #define USE_CERT_BUFFERS_1024 + #endif + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + /* Allows use of DH with fixed points if uncommented and NO_DH is removed */ + /* WOLFSSL_DH_CONST */ + #define NO_DSA + #define NO_HC128 + #define HAVE_ECC + #define NO_SESSION_CACHE + #define WOLFSSL_CMSIS_RTOS +#endif + + +#ifdef WOLFSSL_EROAD + #define FREESCALE_MQX + #define FREESCALE_MMCAU + #define SINGLE_THREADED + #define NO_STDIO_FILESYSTEM + #define WOLFSSL_LEANPSK + #define HAVE_NULL_CIPHER + #define NO_OLD_TLS + #define NO_ASN + #define NO_BIG_INT + #define NO_RSA + #define NO_DSA + #define NO_DH + /* Allows use of DH with fixed points if uncommented and NO_DH is removed */ + /* WOLFSSL_DH_CONST */ + #define NO_CERTS + #define NO_PWDBASED + #define NO_DES3 + #define NO_MD4 + #define NO_RC4 + #define NO_MD5 + #define NO_SESSION_CACHE + #define NO_MAIN_DRIVER +#endif + +#ifdef WOLFSSL_PICOTCP + #ifndef errno + #define errno pico_err + #endif + #include "pico_defines.h" + #include "pico_stack.h" + #include "pico_constants.h" + #include "pico_protocol.h" + #define CUSTOM_RAND_GENERATE pico_rand +#endif + +#ifdef WOLFSSL_PICOTCP_DEMO + #define WOLFSSL_STM32 + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define XMALLOC(s, h, type) PICO_ZALLOC((s)) + #define XFREE(p, h, type) PICO_FREE((p)) + #define SINGLE_THREADED + #define NO_WRITEV + #define WOLFSSL_USER_IO + #define NO_DEV_RANDOM + #define NO_FILESYSTEM +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +#ifdef WOLFSSL_VXWORKS + /* VxWorks simulator incorrectly detects building for i386 */ + #ifdef VXWORKS_SIM + #define TFM_NO_ASM + #endif + #define WOLFSSL_PTHREADS + #define WOLFSSL_HAVE_MIN + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define NO_MAIN_DRIVER + #define NO_DEV_RANDOM + #define NO_WRITEV +#endif + + +#ifdef WOLFSSL_ARDUINO + #define NO_WRITEV + #define NO_WOLFSSL_DIR + #define SINGLE_THREADED + #define NO_DEV_RANDOM + #ifndef INTEL_GALILEO /* Galileo has time.h compatibility */ + #define TIME_OVERRIDES /* must define XTIME and XGMTIME externally */ + #endif + #define WOLFSSL_USER_IO + #define HAVE_ECC + #define NO_DH + #define NO_SESSION_CACHE + #define USE_SLOW_SHA + #define NO_WOLFSSL_SERVER + #define NO_ERROR_STRINGS +#endif + + +#ifdef WOLFSSL_UTASKER + /* uTasker configuration - used for fnRandom() */ + #include "config.h" + + #define SINGLE_THREADED + #define NO_WOLFSSL_DIR + #define WOLFSSL_HAVE_MIN + #define NO_WRITEV + + #define HAVE_ECC + #define ALT_ECC_SIZE + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define ECC_TIMING_RESISTANT + + /* used in wolfCrypt test */ + #define NO_MAIN_DRIVER + #define USE_CERT_BUFFERS_2048 + + /* uTasker port uses RAW sockets, use I/O callbacks + * See wolfSSL uTasker example for sample callbacks */ + #define WOLFSSL_USER_IO + + /* uTasker filesystem not ported */ + #define NO_FILESYSTEM + + /* uTasker RNG is abstracted, calls HW RNG when available */ + #define CUSTOM_RAND_GENERATE fnRandom + #define CUSTOM_RAND_TYPE unsigned short + + /* user needs to define XTIME to function that provides + * seconds since Unix epoch */ + #ifndef XTIME + #error XTIME must be defined in wolfSSL settings.h + /* #define XTIME fnSecondsSinceEpoch */ + #endif + + /* use uTasker std library replacements where available */ + #define STRING_USER + #define XMEMCPY(d,s,l) uMemcpy((d),(s),(l)) + #define XMEMSET(b,c,l) uMemset((b),(c),(l)) + #define XMEMCMP(s1,s2,n) uMemcmp((s1),(s2),(n)) + #define XMEMMOVE(d,s,l) memmove((d),(s),(l)) + + #define XSTRLEN(s1) uStrlen((s1)) + #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n)) + #define XSTRSTR(s1,s2) strstr((s1),(s2)) + #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n)) + #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n)) + #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n)) + #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n)) + #if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN) + #define XSTRTOK strtok_r + #endif +#endif + +#ifdef WOLFSSL_EMBOS + #define NO_FILESYSTEM /* Not ported at this time */ + #define USE_CERT_BUFFERS_2048 /* use when NO_FILESYSTEM */ + #define NO_MAIN_DRIVER + #define NO_RC4 + #define SINGLE_THREADED /* Not ported at this time */ +#endif + +#ifdef WOLFSSL_RIOT_OS + #define NO_WRITEV + #define TFM_NO_ASM + #define USE_FAST_MATH + #define NO_FILE_SYSTEM + #define USE_CERT_BUFFERS_2048 + #define HAVE_ECC +#endif + +#ifdef WOLFSSL_NRF5x + #define SIZEOF_LONG 4 + #define SIZEOF_LONG_LONG 8 + #define NO_ASN_TIME + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_MAIN_DRIVER + #define NO_WRITEV + #define SINGLE_THREADED + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define USE_WOLFSSL_MEMORY + #define WOLFSSL_NRF51 + #define WOLFSSL_USER_IO + #define NO_SESSION_CACHE +#endif + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \ + !defined(FREERTOS_TCP) && !defined(EBSNET) && !defined(WOLFSSL_EROAD) && \ + !defined(WOLFSSL_UTASKER) + #define USE_WINDOWS_API +#endif + +#if defined(WOLFSSL_uITRON4) + +#define XMALLOC_USER +#include +#define ITRON_POOL_SIZE 1024*20 +extern int uITRON4_minit(size_t poolsz) ; +extern void *uITRON4_malloc(size_t sz) ; +extern void *uITRON4_realloc(void *p, size_t sz) ; +extern void uITRON4_free(void *p) ; + +#define XMALLOC(sz, heap, type) uITRON4_malloc(sz) +#define XREALLOC(p, sz, heap, type) uITRON4_realloc(p, sz) +#define XFREE(p, heap, type) uITRON4_free(p) +#endif + +#if defined(WOLFSSL_uTKERNEL2) +#define WOLFSSL_CLOSESOCKET +#define XMALLOC_USER +int uTKernel_init_mpool(unsigned int sz) ; /* initializing malloc pool */ +void *uTKernel_malloc(unsigned int sz) ; +void *uTKernel_realloc(void *p, unsigned int sz) ; +void uTKernel_free(void *p) ; +#define XMALLOC(s, h, type) uTKernel_malloc((s)) +#define XREALLOC(p, n, h, t) uTKernel_realloc((p), (n)) +#define XFREE(p, h, type) uTKernel_free((p)) + +#include +#include "tm/tmonitor.h" +static char *fgets(char *buff, int sz, FILE *fp) +/*static char * gets(char *buff)*/ +{ + char * p = buff ; + *p = '\0' ; + while(1) { + *p = tm_getchar(-1) ; + tm_putchar(*p) ; + if(*p == '\r') { + tm_putchar('\n') ; + *p = '\0' ; + break ; + } + p ++ ; + } + return buff ; +} + +#endif + + +#if defined(WOLFSSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #include "FreeRTOS.h" + + /* FreeRTOS pvPortRealloc() only in AVR32_UC3 port */ + #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #endif + + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef HAVE_SHA512 + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #endif + #ifndef HAVE_DH + #ifndef NO_DH + #define NO_DH + #endif + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "semphr.h" + #endif +#endif + +#ifdef FREERTOS_TCP + +#if !defined(NO_WOLFSSL_MEMORY) && !defined(XMALLOC_USER) +#define XMALLOC(s, h, type) pvPortMalloc((s)) +#define XFREE(p, h, type) vPortFree((p)) +#endif + +#define WOLFSSL_GENSEED_FORTEST + +#define NO_WOLFSSL_DIR +#define NO_WRITEV +#define WOLFSSL_HAVE_MIN +#define USE_FAST_MATH +#define TFM_TIMING_RESISTANT +#define NO_MAIN_DRIVER + +#endif + +#ifdef WOLFSSL_TIRTOS + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_WOLFSSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_CERT_BUFFERS_2048 + #define NO_ERROR_STRINGS + #define USER_TIME + #define HAVE_ECC + #define HAVE_ALPN + #define HAVE_TLS_EXTENSIONS + #define HAVE_AESGCM + #define HAVE_SUPPORTED_CURVES + #define ALT_ECC_SIZE + + #ifdef __IAR_SYSTEMS_ICC__ + #pragma diag_suppress=Pa089 + #elif !defined(__GNUC__) + /* Suppress the sslpro warning */ + #pragma diag_suppress=11 + #endif + + #include +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_WOLFSSL */ + #define NO_WOLFSSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef WOLFSSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef WOLFSSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define WOLFSSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + /* Allows use of DH with fixed points if uncommented and NO_DH is removed */ + /* WOLFSSL_DH_CONST */ + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_WOLFSSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define WOLFSSL_LWIP + #include /* for tcp errno */ + #define WOLFSSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef WOLFSSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef WOLFSSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef WOLFSSL_SMALL_STACK + #define WOLFSSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define FREESCALE_COMMON + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #if MQX_USE_IO_OLD + #include "fio.h" + #else + #include "nio.h" + #endif + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef FREESCALE_KSDK_MQX + #define FREESCALE_COMMON + #include + #ifndef NO_FILESYSTEM + #if MQX_USE_IO_OLD + #include + #else + #include + #include + #endif + #endif + #ifndef SINGLE_THREADED + #include + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + #define XREALLOC(p, n, h, t) _mem_realloc((p), (n)) /* since MQX 4.1.2 */ + + #define MQX_FILE_PTR FILE * + #define IO_SEEK_SET SEEK_SET + #define IO_SEEK_END SEEK_END +#endif /* FREESCALE_KSDK_MQX */ + +#if defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS) + /* Allows use of DH with fixed points if uncommented and NO_DH is removed */ + /* WOLFSSL_DH_CONST */ + /* Allows use of DH with fixed points if uncommented and NO_DH is removed */ + /* WOLFSSL_DH_CONST */ + /* Allows use of DH with fixed points if uncommented and NO_DH is removed */ + /* WOLFSSL_DH_CONST */ + #define NO_FILESYSTEM + #define WOLFSSL_CRYPT_HW_MUTEX 1 + + #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #endif + + //#define USER_TICKS + /* Allows use of DH with fixed points if uncommented and NO_DH is removed */ + /* WOLFSSL_DH_CONST */ + #define WOLFSSL_LWIP + #define FREERTOS_TCP + + #define FREESCALE_FREE_RTOS + #define FREERTOS_SOCKET_ERROR ( -1 ) + #define FREERTOS_EWOULDBLOCK ( -2 ) + #define FREERTOS_EINVAL ( -4 ) + #define FREERTOS_EADDRNOTAVAIL ( -5 ) + #define FREERTOS_EADDRINUSE ( -6 ) + #define FREERTOS_ENOBUFS ( -7 ) + #define FREERTOS_ENOPROTOOPT ( -8 ) +#endif /* FREESCALE_FREE_RTOS || FREESCALE_KSDK_FREERTOS */ + +#ifdef FREESCALE_KSDK_BM + #define FREESCALE_COMMON + #define WOLFSSL_USER_IO + #define SINGLE_THREADED + #define NO_FILESYSTEM + #define USER_TICKS +#endif /* FREESCALE_KSDK_BM */ + +#ifdef FREESCALE_COMMON + #define SIZEOF_LONG_LONG 8 + + /* disable features */ + #undef NO_WRITEV + #define NO_WRITEV + #undef NO_DEV_RANDOM + #define NO_DEV_RANDOM + #undef NO_RABBIT + #define NO_RABBIT + #undef NO_WOLFSSL_DIR + #define NO_WOLFSSL_DIR + #undef NO_RC4 + #define NO_RC4 + + /* enable features */ + #undef USE_FAST_MATH + #define USE_FAST_MATH + + #define USE_CERT_BUFFERS_2048 + #define BENCH_EMBEDDED + + #define TFM_TIMING_RESISTANT + #define ECC_TIMING_RESISTANT + + #undef HAVE_ECC + #define HAVE_ECC + #ifndef NO_AES + #undef HAVE_AESCCM + #define HAVE_AESCCM + #undef HAVE_AESGCM + #define HAVE_AESGCM + #undef WOLFSSL_AES_COUNTER + #define WOLFSSL_AES_COUNTER + #undef WOLFSSL_AES_DIRECT + #define WOLFSSL_AES_DIRECT + #endif + + #include "fsl_common.h" + + /* random seed */ + #define NO_OLD_RNGNAME + #if defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0) + #define FREESCALE_KSDK_2_0_TRNG + #elif defined(FSL_FEATURE_SOC_RNG_COUNT) && (FSL_FEATURE_SOC_RNG_COUNT > 0) + #define FREESCALE_KSDK_2_0_RNGA + #elif !defined(FREESCALE_KSDK_BM) && !defined(FREESCALE_FREE_RTOS) && !defined(FREESCALE_KSDK_FREERTOS) + #define FREESCALE_RNGA + #define RNGA_INSTANCE (0) + /* defaulting to K70 RNGA, user should change if different */ + /* #define FREESCALE_K53_RNGB */ + #define FREESCALE_K70_RNGA + #endif + + /* HW crypto */ + /* automatic enable based on Kinetis feature */ + /* if case manual selection is required, for example for benchmarking purposes, + * just define FREESCALE_USE_MMCAU or FREESCALE_USE_LTC or none of these two macros (for software only) + * both can be enabled simultaneously as LTC has priority over MMCAU in source code. + */ + /* #define FSL_HW_CRYPTO_MANUAL_SELECTION */ + #ifndef FSL_HW_CRYPTO_MANUAL_SELECTION + #if defined(FSL_FEATURE_SOC_MMCAU_COUNT) && FSL_FEATURE_SOC_MMCAU_COUNT + #define FREESCALE_USE_MMCAU + #endif + + #if defined(FSL_FEATURE_SOC_LTC_COUNT) && FSL_FEATURE_SOC_LTC_COUNT + #define FREESCALE_USE_LTC + #endif + #else + /* #define FREESCALE_USE_MMCAU */ + /* #define FREESCALE_USE_LTC */ + #endif +#endif /* FREESCALE_COMMON */ + +#ifdef FREESCALE_USE_MMCAU + /* AES and DES */ + #define FREESCALE_MMCAU + /* MD5, SHA-1 and SHA-256 */ + #define FREESCALE_MMCAU_SHA +#endif /* FREESCALE_USE_MMCAU */ + +#ifdef FREESCALE_USE_LTC + #if defined(FSL_FEATURE_SOC_LTC_COUNT) && FSL_FEATURE_SOC_LTC_COUNT + #define FREESCALE_LTC + #define LTC_BASE LTC0 + + #if defined(FSL_FEATURE_LTC_HAS_DES) && FSL_FEATURE_LTC_HAS_DES + #define FREESCALE_LTC_DES + #endif + + #if defined(FSL_FEATURE_LTC_HAS_GCM) && FSL_FEATURE_LTC_HAS_GCM + #define FREESCALE_LTC_AES_GCM + #endif + + #if defined(FSL_FEATURE_LTC_HAS_SHA) && FSL_FEATURE_LTC_HAS_SHA + #define FREESCALE_LTC_SHA + #endif + + #if defined(FSL_FEATURE_LTC_HAS_PKHA) && FSL_FEATURE_LTC_HAS_PKHA + #define FREESCALE_LTC_ECC + #define FREESCALE_LTC_TFM + + /* the LTC PKHA hardware limit is 2048 bits (256 bytes) for integer arithmetic. + the LTC_MAX_INT_BYTES defines the size of local variables that hold big integers. */ + #ifndef LTC_MAX_INT_BYTES + #define LTC_MAX_INT_BYTES (256) + #endif + + /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined. + * In such a case both software and hardware algorithm + * for TFM is linked in. The decision for which algorithm is used is determined at runtime + * from size of inputs. If inputs and result can fit into LTC (see LTC_MAX_INT_BYTES) + * then we call hardware algorithm, otherwise we call software algorithm. + * + * Chinese reminder theorem is used to break RSA 4096 exponentiations (both public and private key) + * into several computations with 2048-bit modulus and exponents. + */ + /* #define FREESCALE_LTC_TFM_RSA_4096_ENABLE */ + + /* ECC-384, ECC-256, ECC-224 and ECC-192 have been enabled with LTC PKHA acceleration */ + #ifdef HAVE_ECC + #undef ECC_TIMING_RESISTANT + #define ECC_TIMING_RESISTANT + + /* the LTC PKHA hardware limit is 512 bits (64 bytes) for ECC. + the LTC_MAX_ECC_BITS defines the size of local variables that hold ECC parameters + and point coordinates */ + #ifndef LTC_MAX_ECC_BITS + #define LTC_MAX_ECC_BITS (384) + #endif + + /* Enable curves up to 384 bits */ + #if !defined(ECC_USER_CURVES) && !defined(HAVE_ALL_CURVES) + #define ECC_USER_CURVES + #define HAVE_ECC192 + #define HAVE_ECC224 + #undef NO_ECC256 + #define HAVE_ECC384 + #endif + + /* enable features */ + #undef HAVE_CURVE25519 + #define HAVE_CURVE25519 + #undef HAVE_ED25519 + #define HAVE_ED25519 + #undef WOLFSSL_SHA512 + #define WOLFSSL_SHA512 + #endif + #endif + #endif +#endif /* FREESCALE_USE_LTC */ + +#ifdef FREESCALE_LTC_TFM_RSA_4096_ENABLE + #undef USE_CERT_BUFFERS_2048 + #define USE_CERT_BUFFERS_4096 + #define FP_MAX_BITS (8192) + + #undef NO_DH + #define NO_DH + #undef NO_DSA + #define NO_DSA +#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ + +/* if LTC has AES engine but doesn't have GCM, use software with LTC AES ECB mode */ +#if defined(FREESCALE_USE_LTC) && !defined(FREESCALE_LTC_AES_GCM) + #define GCM_TABLE +#endif + +#ifdef WOLFSSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_WOLFSSL_DIR + #undef NO_RABBIT + #define NO_RABBIT + #undef NO_64BIT + #define NO_64BIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #if !defined(__GNUC__) && !defined(__ICCARM__) + #define KEIL_INTRINSICS + #endif + #define NO_OLD_RNGNAME + #ifdef WOLFSSL_STM32_CUBEMX + #include "stm32f2xx_hal.h" + #ifndef STM32_HAL_TIMEOUT + #define STM32_HAL_TIMEOUT 0xFF + #endif + #else + #include "stm32f2xx.h" + #include "stm32f2xx_cryp.h" + #include "stm32f2xx_hash.h" + #endif /* WOLFSSL_STM32_CUBEMX */ +#endif + +#ifdef WOLFSSL_STM32F4 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_WOLFSSL_DIR + #undef NO_RABBIT + #define NO_RABBIT + #undef NO_64BIT + #define NO_64BIT + #define STM32F4_RNG + #define STM32F4_CRYPTO + #define NO_OLD_RNGNAME + #if !defined(__GNUC__) && !defined(__ICCARM__) + #define KEIL_INTRINSICS + #endif + #ifdef WOLFSSL_STM32_CUBEMX + #include "stm32f4xx_hal.h" + #ifndef STM32_HAL_TIMEOUT + #define STM32_HAL_TIMEOUT 0xFF + #endif + #else + #include "stm32f4xx.h" + #include "stm32f4xx_cryp.h" + #include "stm32f4xx_hash.h" + #endif /* WOLFSSL_STM32_CUBEMX */ +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define WOLFSSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == WOLFSSL_TRACE_LEVEL_DBG) + #define DEBUG_WOLFSSL + #else + #undef DEBUG_WOLFSSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define WOLFSSL_USER_IO + #else + #undef WOLFSSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define WOLFSSL_DER_LOAD + #else + #undef WOLFSSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define WOLFSSL_DTLS + #else + #undef WOLFSSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define WOLFSSL_CALLBACKS + #else + #undef WOLFSSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef WOLFSSL_QL + #ifndef WOLFSSL_SEP + #define WOLFSSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef WOLFSSL_DER_LOAD + #define WOLFSSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* WOLFSSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) + #define USE_WOLFSSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGN + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGN + #else + #define XSTREAM_ALIGN + #endif +#endif + +#ifdef WOLFSSL_SGX + #define WOLFCRYPT_ONLY /* limitation until IO resolved */ + #define SINGLE_THREADED + #define NO_ASN_TIME /* can not use headers such as windows.h */ + + /* options used in created example */ + #define HAVE_AESGCM + #define USE_CERT_BUFFERS_2048 + #define USE_FAST_MATH + #define NO_RC4 + #define NO_DES3 + #define NO_SHA + #define NO_MD5 +#endif /* WOLFSSL_SGX */ + +/* FreeScale MMCAU hardware crypto has 4 byte alignment. + However, fsl_mmcau.h gives API with no alignment requirements (4 byte alignment is managed internally by fsl_mmcau.c) */ +#ifdef FREESCALE_MMCAU + #define WOLFSSL_MMCAU_ALIGNMENT 0 +#endif + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prevent easy alignment. + This hint tries to help as much as possible. */ +#ifndef WOLFSSL_GENERAL_ALIGNMENT + #ifdef WOLFSSL_AESNI + #define WOLFSSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGN) + #define WOLFSSL_GENERAL_ALIGNMENT 4 + #elif defined(FREESCALE_MMCAU) + #define WOLFSSL_GENERAL_ALIGNMENT WOLFSSL_MMCAU_ALIGNMENT + #else + #define WOLFSSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#if defined(WOLFSSL_GENERAL_ALIGNMENT) && (WOLFSSL_GENERAL_ALIGNMENT > 0) + #if defined(_MSC_VER) + #define XGEN_ALIGN __declspec(align(WOLFSSL_GENERAL_ALIGNMENT)) + #elif defined(__GNUC__) + #define XGEN_ALIGN __attribute__((aligned(WOLFSSL_GENERAL_ALIGNMENT))) + #else + #define XGEN_ALIGN + #endif +#else + #define XGEN_ALIGN +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + + +#ifdef __INTEL_COMPILER + #pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */ +#endif + +/* user can specify what curves they want with ECC_USER_CURVES otherwise + * all curves are on by default for now */ +#ifndef ECC_USER_CURVES + #ifndef HAVE_ALL_CURVES + #define HAVE_ALL_CURVES + #endif +#endif + +/* ECC Configs */ +#ifdef HAVE_ECC + /* By default enable Sign, Verify, DHE, Key Import and Key Export unless explicitly disabled */ + #ifndef NO_ECC_SIGN + #undef HAVE_ECC_SIGN + #define HAVE_ECC_SIGN + #endif + #ifndef NO_ECC_VERIFY + #undef HAVE_ECC_VERIFY + #define HAVE_ECC_VERIFY + #endif + #ifndef NO_ECC_DHE + #undef HAVE_ECC_DHE + #define HAVE_ECC_DHE + #endif + #ifndef NO_ECC_KEY_IMPORT + #undef HAVE_ECC_KEY_IMPORT + #define HAVE_ECC_KEY_IMPORT + #endif + #ifndef NO_ECC_KEY_EXPORT + #undef HAVE_ECC_KEY_EXPORT + #define HAVE_ECC_KEY_EXPORT + #endif +#endif /* HAVE_ECC */ + +/* Curve255519 Configs */ +#ifdef HAVE_CURVE25519 + /* By default enable shared secret, key export and import */ + #ifndef NO_CURVE25519_SHARED_SECRET + #undef HAVE_CURVE25519_SHARED_SECRET + #define HAVE_CURVE25519_SHARED_SECRET + #endif + #ifndef NO_CURVE25519_KEY_EXPORT + #undef HAVE_CURVE25519_KEY_EXPORT + #define HAVE_CURVE25519_KEY_EXPORT + #endif + #ifndef NO_CURVE25519_KEY_IMPORT + #undef HAVE_CURVE25519_KEY_IMPORT + #define HAVE_CURVE25519_KEY_IMPORT + #endif +#endif /* HAVE_CURVE25519 */ + +/* Ed255519 Configs */ +#ifdef HAVE_ED25519 + /* By default enable sign, verify, key export and import */ + #ifndef NO_ED25519_SIGN + #undef HAVE_ED25519_SIGN + #define HAVE_ED25519_SIGN + #endif + #ifndef NO_ED25519_VERIFY + #undef HAVE_ED25519_VERIFY + #define HAVE_ED25519_VERIFY + #endif + #ifndef NO_ED25519_KEY_EXPORT + #undef HAVE_ED25519_KEY_EXPORT + #define HAVE_ED25519_KEY_EXPORT + #endif + #ifndef NO_ED25519_KEY_IMPORT + #undef HAVE_ED25519_KEY_IMPORT + #define HAVE_ED25519_KEY_IMPORT + #endif +#endif /* HAVE_ED25519 */ + +/* AES Config */ +#ifndef NO_AES + /* By default enable all AES key sizes, decryption and CBC */ + #ifndef AES_MAX_KEY_SIZE + #undef AES_MAX_KEY_SIZE + #define AES_MAX_KEY_SIZE 256 + #endif + #ifndef NO_AES_DECRYPT + #undef HAVE_AES_DECRYPT + #define HAVE_AES_DECRYPT + #endif + #ifndef NO_AES_CBC + #undef HAVE_AES_CBC + #define HAVE_AES_CBC + #else + #ifndef WOLFCRYPT_ONLY + #error "AES CBC is required for TLS and can only be disabled for WOLFCRYPT_ONLY builds" + #endif + #endif +#endif + +/* if desktop type system and fastmath increase default max bits */ +#ifdef WOLFSSL_X86_64_BUILD + #ifdef USE_FAST_MATH + #ifndef FP_MAX_BITS + #define FP_MAX_BITS 8192 + #endif + #endif +#endif + +/* If using the max strength build, ensure OLD TLS is disabled. */ +#ifdef WOLFSSL_MAX_STRENGTH + #undef NO_OLD_TLS + #define NO_OLD_TLS +#endif + +/* If not forcing ARC4 as the DRBG or using custom RNG block gen, enable Hash_DRBG */ +#undef HAVE_HASHDRBG +#if !defined(WOLFSSL_FORCE_RC4_DRBG) && !defined(CUSTOM_RAND_GENERATE_BLOCK) + #define HAVE_HASHDRBG +#endif + + +/* sniffer requires: + * static RSA cipher suites + * session stats and peak stats + */ +#ifdef WOLFSSL_SNIFFER + #ifndef WOLFSSL_STATIC_RSA + #define WOLFSSL_STATIC_RSA + #endif + #ifndef WOLFSSL_SESSION_STATS + #define WOLFSSL_SESSION_STATS + #endif + #ifndef WOLFSSL_PEAK_SESSIONS + #define WOLFSSL_PEAK_SESSIONS + #endif +#endif + +/* Decode Public Key extras on by default, user can turn off with + * WOLFSSL_NO_DECODE_EXTRA */ +#ifndef WOLFSSL_NO_DECODE_EXTRA + #ifndef RSA_DECODE_EXTRA + #define RSA_DECODE_EXTRA + #endif + #ifndef ECC_DECODE_EXTRA + #define ECC_DECODE_EXTRA + #endif +#endif + +/* C Sharp wrapper defines */ +#ifdef HAVE_CSHARP + #ifndef WOLFSSL_DTLS + #define WOLFSSL_DTLS + #endif + #undef NO_PSK + #undef NO_SHA256 + #undef NO_DH +#endif + +/* Asynchronous Crypto */ +#ifdef WOLFSSL_ASYNC_CRYPT + /* Make sure wolf events are enabled */ + #undef HAVE_WOLF_EVENT + #define HAVE_WOLF_EVENT + + #if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \ + !defined(WOLFSSL_ASYNC_CRYPT_TEST) + #error No async hardware defined with WOLFSSL_ASYNC_CRYPT! + #endif +#endif /* WOLFSSL_ASYNC_CRYPT */ + +/* leantls checks */ +#ifdef WOLFSSL_LEANTLS + #ifndef HAVE_ECC + #error leantls build needs ECC + #endif +#endif /* WOLFSSL_LEANTLS*/ + +/* restriction with static memory */ +#ifdef WOLFSSL_STATIC_MEMORY + #if defined(HAVE_IO_POOL) || defined(XMALLOC_USER) || defined(NO_WOLFSSL_MEMORY) + #error static memory cannot be used with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY + #endif + #ifndef USE_FAST_MATH + #error static memory requires fast math please define USE_FAST_MATH + #endif + #ifdef WOLFSSL_SMALL_STACK + #error static memory does not support small stack please undefine + #endif +#endif /* WOLFSSL_STATIC_MEMORY */ + +#ifdef HAVE_AES_KEYWRAP + #ifndef WOLFSSL_AES_DIRECT + #error AES key wrap requires AES direct please define WOLFSSL_AES_DIRECT + #endif +#endif + +#ifdef HAVE_PKCS7 + #ifndef HAVE_AES_KEYWRAP + #error PKCS7 requires AES key wrap please define HAVE_AES_KEYWRAP + #endif + #ifndef HAVE_X963_KDF + #error PKCS7 requires X963 KDF please define HAVE_X963_KDF + #endif +#endif + + +/* Place any other flags or defines here */ + +#if defined(WOLFSSL_MYSQL_COMPATIBLE) && defined(_WIN32) \ + && defined(HAVE_GMTIME_R) + #undef HAVE_GMTIME_R /* don't trust macro with windows */ +#endif /* WOLFSSL_MYSQL_COMPATIBLE */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/sha.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/sha.h new file mode 100644 index 0000000..6dbd91b --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/sha.h @@ -0,0 +1,95 @@ +/* sha.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_SHA_H +#define WOLF_CRYPT_SHA_H + +#include + +#ifndef NO_SHA + +#ifdef HAVE_FIPS +/* for fips @wc_fips */ +#include +#endif + +#ifdef FREESCALE_LTC_SHA + #include "fsl_ltc.h" +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +#ifndef HAVE_FIPS /* avoid redefining structs */ +/* in bytes */ +enum { +#if defined(STM32F2_HASH) || defined(STM32F4_HASH) + SHA_REG_SIZE = 4, /* STM32 register size, bytes */ +#endif + SHA = 1, /* hash type unique */ + SHA_BLOCK_SIZE = 64, + SHA_DIGEST_SIZE = 20, + SHA_PAD_SIZE = 56 +}; + +#ifdef WOLFSSL_PIC32MZ_HASH +#include "port/pic32/pic32mz-crypt.h" +#endif + +#ifndef WOLFSSL_TI_HASH + +/* Sha digest */ +typedef struct Sha { + #ifdef FREESCALE_LTC_SHA + ltc_hash_ctx_t ctx; + #else + word32 buffLen; /* in bytes */ + word32 loLen; /* length in bytes */ + word32 hiLen; /* length in bytes */ + word32 buffer[SHA_BLOCK_SIZE / sizeof(word32)]; + #ifndef WOLFSSL_PIC32MZ_HASH + word32 digest[SHA_DIGEST_SIZE / sizeof(word32)]; + #else + word32 digest[PIC32_HASH_SIZE / sizeof(word32)]; + pic32mz_desc desc; /* Crypt Engine descriptor */ + #endif + #endif /* FREESCALE_LTC_SHA */ +} Sha; + +#else /* WOLFSSL_TI_HASH */ + #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" +#endif + +#endif /* HAVE_FIPS */ + +WOLFSSL_API int wc_InitSha(Sha*); +WOLFSSL_API int wc_ShaUpdate(Sha*, const byte*, word32); +WOLFSSL_API int wc_ShaFinal(Sha*, byte*); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_SHA */ +#endif /* WOLF_CRYPT_SHA_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/sha256.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/sha256.h new file mode 100644 index 0000000..790d87c --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/sha256.h @@ -0,0 +1,113 @@ +/* sha256.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* code submitted by raphael.huck@efixo.com */ + +#ifndef WOLF_CRYPT_SHA256_H +#define WOLF_CRYPT_SHA256_H + +#include + +#ifndef NO_SHA256 + +#ifdef HAVE_FIPS + /* for fips @wc_fips */ + #include +#endif + +#ifdef FREESCALE_LTC_SHA + #include "fsl_ltc.h" +#endif + + +#ifdef __cplusplus + extern "C" { +#endif + +#ifndef HAVE_FIPS /* avoid redefinition of structs */ +#ifdef WOLFSSL_PIC32MZ_HASH + #include "port/pic32/pic32mz-crypt.h" +#endif + +/* in bytes */ +enum { + SHA256 = 2, /* hash type unique */ + SHA256_BLOCK_SIZE = 64, + SHA256_DIGEST_SIZE = 32, + SHA256_PAD_SIZE = 56 +}; + +#ifndef WOLFSSL_TI_HASH + +/* Sha256 digest */ +typedef struct Sha256 { +#ifdef FREESCALE_LTC_SHA + ltc_hash_ctx_t ctx; +#else + word32 buffLen; /* in bytes */ + word32 loLen; /* length in bytes */ + word32 hiLen; /* length in bytes */ + ALIGN16 word32 digest[SHA256_DIGEST_SIZE / sizeof(word32)]; + ALIGN16 word32 buffer[SHA256_BLOCK_SIZE / sizeof(word32)]; + #ifdef WOLFSSL_PIC32MZ_HASH + pic32mz_desc desc ; /* Crypt Engine descriptor */ + #endif +#endif /* FREESCALE_LTC_SHA */ +} Sha256; + +#else /* WOLFSSL_TI_HASH */ + #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" +#endif + +#endif /* HAVE_FIPS */ + +WOLFSSL_API int wc_InitSha256(Sha256*); +WOLFSSL_API int wc_Sha256Update(Sha256*, const byte*, word32); +WOLFSSL_API int wc_Sha256Final(Sha256*, byte*); + +#ifdef WOLFSSL_SHA224 + +#ifndef HAVE_FIPS /* avoid redefinition of structs */ +/* in bytes */ +enum { + SHA224 = 8, /* hash type unique */ + SHA224_BLOCK_SIZE = SHA256_BLOCK_SIZE, + SHA224_DIGEST_SIZE = 28, + SHA224_PAD_SIZE = SHA256_PAD_SIZE +}; + +typedef Sha256 Sha224; +#endif /* HAVE_FIPS */ + +WOLFSSL_API int wc_InitSha224(Sha224*); +WOLFSSL_API int wc_Sha224Update(Sha224*, const byte*, word32); +WOLFSSL_API int wc_Sha224Final(Sha224*, byte*); + +#endif /* WOLFSSL_SHA224 */ + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* NO_SHA256 */ +#endif /* WOLF_CRYPT_SHA256_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/sha512.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/sha512.h new file mode 100644 index 0000000..2f53772 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/sha512.h @@ -0,0 +1,95 @@ +/* sha512.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_SHA512_H +#define WOLF_CRYPT_SHA512_H + +#include + +#ifdef WOLFSSL_SHA512 + +/* for fips @wc_fips */ +#ifdef HAVE_FIPS + #define CYASSL_SHA512 + #if defined(WOLFSSL_SHA384) + #define CYASSL_SHA384 + #endif + #include +#endif + +#ifdef __cplusplus + extern "C" { +#endif + +#ifndef HAVE_FIPS /* avoid redefinition of structs */ + +/* in bytes */ +enum { + SHA512 = 4, /* hash type unique */ + SHA512_BLOCK_SIZE = 128, + SHA512_DIGEST_SIZE = 64, + SHA512_PAD_SIZE = 112 +}; + + +/* Sha512 digest */ +typedef struct Sha512 { + word32 buffLen; /* in bytes */ + word64 loLen; /* length in bytes */ + word64 hiLen; /* length in bytes */ + word64 digest[SHA512_DIGEST_SIZE / sizeof(word64)]; + word64 buffer[SHA512_BLOCK_SIZE / sizeof(word64)]; +} Sha512; + +#endif /* HAVE_FIPS */ + +WOLFSSL_API int wc_InitSha512(Sha512*); +WOLFSSL_API int wc_Sha512Update(Sha512*, const byte*, word32); +WOLFSSL_API int wc_Sha512Final(Sha512*, byte*); + +#if defined(WOLFSSL_SHA384) + +#ifndef HAVE_FIPS /* avoid redefinition of structs */ +/* in bytes */ +enum { + SHA384 = 5, /* hash type unique */ + SHA384_BLOCK_SIZE = SHA512_BLOCK_SIZE, + SHA384_DIGEST_SIZE = 48, + SHA384_PAD_SIZE = SHA512_PAD_SIZE +}; + +typedef Sha512 Sha384; +#endif /* HAVE_FIPS */ + +WOLFSSL_API int wc_InitSha384(Sha384*); +WOLFSSL_API int wc_Sha384Update(Sha384*, const byte*, word32); +WOLFSSL_API int wc_Sha384Final(Sha384*, byte*); + +#endif /* WOLFSSL_SHA384 */ + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLFSSL_SHA512 */ +#endif /* WOLF_CRYPT_SHA512_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/signature.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/signature.h new file mode 100644 index 0000000..da5c061 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/signature.h @@ -0,0 +1,61 @@ +/* signature.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifndef WOLF_CRYPT_SIGNATURE_H +#define WOLF_CRYPT_SIGNATURE_H + +#include +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + +enum wc_SignatureType { + WC_SIGNATURE_TYPE_NONE = 0, + WC_SIGNATURE_TYPE_ECC = 1, + WC_SIGNATURE_TYPE_RSA = 2, + WC_SIGNATURE_TYPE_RSA_W_ENC = 3, /* Adds DER header via wc_EncodeSignature */ +}; + +WOLFSSL_API int wc_SignatureGetSize(enum wc_SignatureType sig_type, + const void* key, word32 key_len); + +WOLFSSL_API int wc_SignatureVerify( + enum wc_HashType hash_type, enum wc_SignatureType sig_type, + const byte* data, word32 data_len, + const byte* sig, word32 sig_len, + const void* key, word32 key_len); + +WOLFSSL_API int wc_SignatureGenerate( + enum wc_HashType hash_type, enum wc_SignatureType sig_type, + const byte* data, word32 data_len, + byte* sig, word32 *sig_len, + const void* key, word32 key_len, + WC_RNG* rng); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_SIGNATURE_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/srp.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/srp.h new file mode 100644 index 0000000..1e94694 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/srp.h @@ -0,0 +1,304 @@ +/* srp.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifdef WOLFCRYPT_HAVE_SRP + +#ifndef WOLFCRYPT_SRP_H +#define WOLFCRYPT_SRP_H + +#include +#include +#include +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + +/* Select the largest available hash for the buffer size. */ +#if defined(WOLFSSL_SHA512) + #define SRP_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE +#elif defined(WOLFSSL_SHA384) + #define SRP_MAX_DIGEST_SIZE SHA384_DIGEST_SIZE +#elif !defined(NO_SHA256) + #define SRP_MAX_DIGEST_SIZE SHA256_DIGEST_SIZE +#elif !defined(NO_SHA) + #define SRP_MAX_DIGEST_SIZE SHA_DIGEST_SIZE +#else + #error "You have to have some kind of SHA hash if you want to use SRP." +#endif + +/* Set the minimum number of bits acceptable in an SRP modulus */ +#define SRP_MODULUS_MIN_BITS 512 + +/* Set the minimum number of bits acceptable for private keys (RFC 5054) */ +#define SRP_PRIVATE_KEY_MIN_BITS 256 + +/** + * SRP side, client or server. + */ +typedef enum { + SRP_CLIENT_SIDE = 0, + SRP_SERVER_SIDE = 1, +} SrpSide; + +/** + * SRP hash type, SHA[1|256|384|512]. + */ +typedef enum { + SRP_TYPE_SHA = 1, + SRP_TYPE_SHA256 = 2, + SRP_TYPE_SHA384 = 3, + SRP_TYPE_SHA512 = 4, +} SrpType; + +/** + * SRP hash struct. + */ +typedef struct { + byte type; + union { + #ifndef NO_SHA + Sha sha; + #endif + #ifndef NO_SHA256 + Sha256 sha256; + #endif + #ifdef WOLFSSL_SHA384 + Sha384 sha384; + #endif + #ifdef WOLFSSL_SHA512 + Sha512 sha512; + #endif + } data; +} SrpHash; + +typedef struct Srp { + SrpSide side; /**< Client or Server, @see SrpSide. */ + SrpType type; /**< Hash type, @see SrpType. */ + byte* user; /**< Username, login. */ + word32 userSz; /**< Username length. */ + byte* salt; /**< Small salt. */ + word32 saltSz; /**< Salt length. */ + mp_int N; /**< Modulus. N = 2q+1, [q, N] are primes.*/ + mp_int g; /**< Generator. A generator modulo N. */ + byte k[SRP_MAX_DIGEST_SIZE]; /**< Multiplier parameter. k = H(N, g) */ + mp_int auth; /**< Client: x = H(salt + H(user:pswd)) */ + /**< Server: v = g ^ x % N */ + mp_int priv; /**< Private ephemeral value. */ + SrpHash client_proof; /**< Client proof. Sent to the Server. */ + SrpHash server_proof; /**< Server proof. Sent to the Client. */ + byte* key; /**< Session key. */ + word32 keySz; /**< Session key length. */ + int (*keyGenFunc_cb) (struct Srp* srp, byte* secret, word32 size); + /**< Function responsible for generating the session key. */ + /**< It MUST use XMALLOC with type DYNAMIC_TYPE_SRP to allocate the */ + /**< key buffer for this structure and set keySz to the buffer size. */ + /**< The default function used by this implementation is a modified */ + /**< version of t_mgf1 that uses the proper hash function according */ + /**< to srp->type. */ + void* heap; /**< heap hint pointer */ +} Srp; + +/** + * Initializes the Srp struct for usage. + * + * @param[out] srp the Srp structure to be initialized. + * @param[in] type the hash type to be used. + * @param[in] side the side of the communication. + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpInit(Srp* srp, SrpType type, SrpSide side); + +/** + * Releases the Srp struct resources after usage. + * + * @param[in,out] srp the Srp structure to be terminated. + */ +WOLFSSL_API void wc_SrpTerm(Srp* srp); + +/** + * Sets the username. + * + * This function MUST be called after wc_SrpInit. + * + * @param[in,out] srp the Srp structure. + * @param[in] username the buffer containing the username. + * @param[in] size the username size in bytes + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size); + + +/** + * Sets the srp parameters based on the username. + * + * This function MUST be called after wc_SrpSetUsername. + * + * @param[in,out] srp the Srp structure. + * @param[in] N the Modulus. N = 2q+1, [q, N] are primes. + * @param[in] nSz the N size in bytes. + * @param[in] g the Generator modulo N. + * @param[in] gSz the g size in bytes + * @param[in] salt a small random salt. Specific for each username. + * @param[in] saltSz the salt size in bytes + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpSetParams(Srp* srp, const byte* N, word32 nSz, + const byte* g, word32 gSz, + const byte* salt, word32 saltSz); + +/** + * Sets the password. + * + * Setting the password does not persists the clear password data in the + * srp structure. The client calculates x = H(salt + H(user:pswd)) and stores + * it in the auth field. + * + * This function MUST be called after wc_SrpSetParams and is CLIENT SIDE ONLY. + * + * @param[in,out] srp the Srp structure. + * @param[in] password the buffer containing the password. + * @param[in] size the password size in bytes. + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size); + +/** + * Sets the verifier. + * + * This function MUST be called after wc_SrpSetParams and is SERVER SIDE ONLY. + * + * @param[in,out] srp the Srp structure. + * @param[in] verifier the buffer containing the verifier. + * @param[in] size the verifier size in bytes. + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size); + +/** + * Gets the verifier. + * + * The client calculates the verifier with v = g ^ x % N. + * This function MAY be called after wc_SrpSetPassword and is CLIENT SIDE ONLY. + * + * @param[in,out] srp the Srp structure. + * @param[out] verifier the buffer to write the verifier. + * @param[in,out] size the buffer size in bytes. Will be updated with the + * verifier size. + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size); + +/** + * Sets the private ephemeral value. + * + * The private ephemeral value is known as: + * a at the client side. a = random() + * b at the server side. b = random() + * This function is handy for unit test cases or if the developer wants to use + * an external random source to set the ephemeral value. + * This function MAY be called before wc_SrpGetPublic. + * + * @param[in,out] srp the Srp structure. + * @param[in] priv the ephemeral value. + * @param[in] size the private size in bytes. + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size); + +/** + * Gets the public ephemeral value. + * + * The public ephemeral value is known as: + * A at the client side. A = g ^ a % N + * B at the server side. B = (k * v + (g ˆ b % N)) % N + * This function MUST be called after wc_SrpSetPassword or wc_SrpSetVerifier. + * + * @param[in,out] srp the Srp structure. + * @param[out] pub the buffer to write the public ephemeral value. + * @param[in,out] size the the buffer size in bytes. Will be updated with + * the ephemeral value size. + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size); + + +/** + * Computes the session key. + * + * The key can be accessed at srp->key after success. + * + * @param[in,out] srp the Srp structure. + * @param[in] clientPubKey the client's public ephemeral value. + * @param[in] clientPubKeySz the client's public ephemeral value size. + * @param[in] serverPubKey the server's public ephemeral value. + * @param[in] serverPubKeySz the server's public ephemeral value size. + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpComputeKey(Srp* srp, + byte* clientPubKey, word32 clientPubKeySz, + byte* serverPubKey, word32 serverPubKeySz); + +/** + * Gets the proof. + * + * This function MUST be called after wc_SrpComputeKey. + * + * @param[in,out] srp the Srp structure. + * @param[out] proof the buffer to write the proof. + * @param[in,out] size the buffer size in bytes. Will be updated with the + * proof size. + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpGetProof(Srp* srp, byte* proof, word32* size); + +/** + * Verifies the peers proof. + * + * This function MUST be called before wc_SrpGetSessionKey. + * + * @param[in,out] srp the Srp structure. + * @param[in] proof the peers proof. + * @param[in] size the proof size in bytes. + * + * @return 0 on success, {@literal <} 0 on error. @see error-crypt.h + */ +WOLFSSL_API int wc_SrpVerifyPeersProof(Srp* srp, byte* proof, word32 size); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLFCRYPT_SRP_H */ +#endif /* WOLFCRYPT_HAVE_SRP */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/tfm.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/tfm.h new file mode 100644 index 0000000..c7cf9fa --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/tfm.h @@ -0,0 +1,711 @@ +/* tfm.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +/* + * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca, + * http://math.libtomcrypt.com + */ + + +/** + * Edited by Moisés Guimarães (moises.guimaraes@phoebus.com.br) + * to fit CyaSSL's needs. + */ + + +#ifndef WOLF_CRYPT_TFM_H +#define WOLF_CRYPT_TFM_H + +#include +#ifndef CHAR_BIT + #include +#endif + +#include + +#ifdef __cplusplus + extern "C" { +#endif + +#ifndef MIN + #define MIN(x,y) ((x)<(y)?(x):(y)) +#endif + +#ifndef MAX + #define MAX(x,y) ((x)>(y)?(x):(y)) +#endif + + +#ifndef NO_64BIT +/* autodetect x86-64 and make sure we are using 64-bit digits with x86-64 asm */ +#if defined(__x86_64__) + #if defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM) + #error x86-64 detected, x86-32/SSE2/ARM optimizations are not valid! + #endif + #if !defined(TFM_X86_64) && !defined(TFM_NO_ASM) + #define TFM_X86_64 + #endif +#endif +#if defined(TFM_X86_64) + #if !defined(FP_64BIT) + #define FP_64BIT + #endif +#endif +/* use 64-bit digit even if not using asm on x86_64 */ +#if defined(__x86_64__) && !defined(FP_64BIT) + #define FP_64BIT +#endif +/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */ +#if defined(FP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T) + #undef FP_64BIT + #undef TFM_X86_64 +#endif +#endif /* NO_64BIT */ + +/* try to detect x86-32 */ +#if defined(__i386__) && !defined(TFM_SSE2) + #if defined(TFM_X86_64) || defined(TFM_ARM) + #error x86-32 detected, x86-64/ARM optimizations are not valid! + #endif + #if !defined(TFM_X86) && !defined(TFM_NO_ASM) + #define TFM_X86 + #endif +#endif + +/* make sure we're 32-bit for x86-32/sse/arm/ppc32 */ +#if (defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM) || defined(TFM_PPC32)) && defined(FP_64BIT) + #warning x86-32, SSE2 and ARM, PPC32 optimizations require 32-bit digits (undefining) + #undef FP_64BIT +#endif + +/* multi asms? */ +#ifdef TFM_X86 + #define TFM_ASM +#endif +#ifdef TFM_X86_64 + #ifdef TFM_ASM + #error TFM_ASM already defined! + #endif + #define TFM_ASM +#endif +#ifdef TFM_SSE2 + #ifdef TFM_ASM + #error TFM_ASM already defined! + #endif + #define TFM_ASM +#endif +#ifdef TFM_ARM + #ifdef TFM_ASM + #error TFM_ASM already defined! + #endif + #define TFM_ASM +#endif +#ifdef TFM_PPC32 + #ifdef TFM_ASM + #error TFM_ASM already defined! + #endif + #define TFM_ASM +#endif +#ifdef TFM_PPC64 + #ifdef TFM_ASM + #error TFM_ASM already defined! + #endif + #define TFM_ASM +#endif +#ifdef TFM_AVR32 + #ifdef TFM_ASM + #error TFM_ASM already defined! + #endif + #define TFM_ASM +#endif + +/* we want no asm? */ +#ifdef TFM_NO_ASM + #undef TFM_X86 + #undef TFM_X86_64 + #undef TFM_SSE2 + #undef TFM_ARM + #undef TFM_PPC32 + #undef TFM_PPC64 + #undef TFM_AVR32 + #undef TFM_ASM +#endif + +/* ECC helpers */ +#ifdef TFM_ECC192 + #ifdef FP_64BIT + #define TFM_MUL3 + #define TFM_SQR3 + #else + #define TFM_MUL6 + #define TFM_SQR6 + #endif +#endif + +#ifdef TFM_ECC224 + #ifdef FP_64BIT + #define TFM_MUL4 + #define TFM_SQR4 + #else + #define TFM_MUL7 + #define TFM_SQR7 + #endif +#endif + +#ifdef TFM_ECC256 + #ifdef FP_64BIT + #define TFM_MUL4 + #define TFM_SQR4 + #else + #define TFM_MUL8 + #define TFM_SQR8 + #endif +#endif + +#ifdef TFM_ECC384 + #ifdef FP_64BIT + #define TFM_MUL6 + #define TFM_SQR6 + #else + #define TFM_MUL12 + #define TFM_SQR12 + #endif +#endif + +#ifdef TFM_ECC521 + #ifdef FP_64BIT + #define TFM_MUL9 + #define TFM_SQR9 + #else + #define TFM_MUL17 + #define TFM_SQR17 + #endif +#endif + + +/* allow user to define on fp_digit, fp_word types */ +#ifndef WOLFSSL_BIGINT_TYPES + +/* some default configurations. + */ +#if defined(FP_64BIT) + /* for GCC only on supported platforms */ + typedef unsigned long long fp_digit; /* 64bit, 128 uses mode(TI) below */ + #define SIZEOF_FP_DIGIT 8 + typedef unsigned long fp_word __attribute__ ((mode(TI))); +#else + + #ifndef NO_64BIT + #if defined(_MSC_VER) || defined(__BORLANDC__) + typedef unsigned __int64 ulong64; + #else + typedef unsigned long long ulong64; + #endif + typedef unsigned int fp_digit; + #define SIZEOF_FP_DIGIT 4 + typedef ulong64 fp_word; + #define FP_32BIT + #else + /* some procs like coldfire prefer not to place multiply into 64bit type + even though it exists */ + typedef unsigned short fp_digit; + #define SIZEOF_FP_DIGIT 2 + typedef unsigned int fp_word; + #endif +#endif + +#endif /* WOLFSSL_BIGINT_TYPES */ + +/* # of digits this is */ +#define DIGIT_BIT ((CHAR_BIT) * SIZEOF_FP_DIGIT) + +/* Max size of any number in bits. Basically the largest size you will be + * multiplying should be half [or smaller] of FP_MAX_SIZE-four_digit + * + * It defaults to 4096-bits [allowing multiplications up to 2048x2048 bits ] + */ + + +#ifndef FP_MAX_BITS + #define FP_MAX_BITS 4096 +#endif +#define FP_MAX_SIZE (FP_MAX_BITS+(8*DIGIT_BIT)) + +/* will this lib work? */ +#if (CHAR_BIT & 7) + #error CHAR_BIT must be a multiple of eight. +#endif +#if FP_MAX_BITS % CHAR_BIT + #error FP_MAX_BITS must be a multiple of CHAR_BIT +#endif + +#define FP_MASK (fp_digit)(-1) +#define FP_SIZE (FP_MAX_SIZE/DIGIT_BIT) + +/* signs */ +#define FP_ZPOS 0 +#define FP_NEG 1 + +/* return codes */ +#define FP_OKAY 0 +#define FP_VAL -1 +#define FP_MEM -2 +#define FP_NOT_INF -3 + +/* equalities */ +#define FP_LT -1 /* less than */ +#define FP_EQ 0 /* equal to */ +#define FP_GT 1 /* greater than */ + +/* replies */ +#define FP_YES 1 /* yes response */ +#define FP_NO 0 /* no response */ + +/* a FP type */ +typedef struct { + int used, + sign; +#ifdef ALT_ECC_SIZE + int size; +#endif + fp_digit dp[FP_SIZE]; +#ifdef WOLFSSL_ASYNC_CRYPT + byte *dpraw; /* Used for hardware crypto */ +#endif +} fp_int; + +/* externally define this symbol to ignore the default settings, useful for changing the build from the make process */ +#ifndef TFM_ALREADY_SET + +/* do we want the large set of small multiplications ? + Enable these if you are going to be doing a lot of small (<= 16 digit) multiplications say in ECC + Or if you're on a 64-bit machine doing RSA as a 1024-bit integer == 16 digits ;-) + */ +/* need to refactor the function */ +/*#define TFM_SMALL_SET */ + +/* do we want huge code + Enable these if you are doing 20, 24, 28, 32, 48, 64 digit multiplications (useful for RSA) + Less important on 64-bit machines as 32 digits == 2048 bits + */ +#if 0 +#define TFM_MUL3 +#define TFM_MUL4 +#define TFM_MUL6 +#define TFM_MUL7 +#define TFM_MUL8 +#define TFM_MUL9 +#define TFM_MUL12 +#define TFM_MUL17 +#endif +#ifdef TFM_HUGE_SET +#define TFM_MUL20 +#define TFM_MUL24 +#define TFM_MUL28 +#define TFM_MUL32 +#if (FP_MAX_BITS >= 6144) && defined(FP_64BIT) + #define TFM_MUL48 +#endif +#if (FP_MAX_BITS >= 8192) && defined(FP_64BIT) + #define TFM_MUL64 +#endif +#endif + +#if 0 +#define TFM_SQR3 +#define TFM_SQR4 +#define TFM_SQR6 +#define TFM_SQR7 +#define TFM_SQR8 +#define TFM_SQR9 +#define TFM_SQR12 +#define TFM_SQR17 +#endif +#ifdef TFM_HUGE_SET +#define TFM_SQR20 +#define TFM_SQR24 +#define TFM_SQR28 +#define TFM_SQR32 +#define TFM_SQR48 +#define TFM_SQR64 +#endif + +/* Optional math checks (enable WOLFSSL_DEBUG_MATH to print info) */ +/* #define TFM_CHECK */ + +/* Is the target a P4 Prescott + */ +/* #define TFM_PRESCOTT */ + +/* Do we want timing resistant fp_exptmod() ? + * This makes it slower but also timing invariant with respect to the exponent + */ +/* #define TFM_TIMING_RESISTANT */ + +#endif /* TFM_ALREADY_SET */ + +/* functions */ + +/* returns a TFM ident string useful for debugging... */ +/*const char *fp_ident(void);*/ + +/* initialize [or zero] an fp int */ +#ifdef ALT_ECC_SIZE + void fp_init(fp_int *a); + void fp_zero(fp_int *a); + void fp_clear(fp_int *a); /* uses ForceZero to clear sensitive memory */ +#else + #define fp_init(a) (void)XMEMSET((a), 0, sizeof(fp_int)) + #define fp_zero(a) fp_init(a) + #define fp_clear(a) ForceZero((a), sizeof(fp_int)); +#endif + +/* zero/even/odd ? */ +#define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO) +#define fp_isone(a) \ + ((((a)->used == 1) && ((a)->dp[0] == 1)) ? FP_YES : FP_NO) +#define fp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? FP_YES : FP_NO) +#define fp_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? FP_YES : FP_NO) +#define fp_isneg(a) (((a)->sign != 0) ? FP_YES : FP_NO) + +/* set to a small digit */ +void fp_set(fp_int *a, fp_digit b); + +/* check if a bit is set */ +int fp_is_bit_set(fp_int *a, fp_digit b); +/* set the b bit to 1 */ +int fp_set_bit (fp_int * a, fp_digit b); + +/* copy from a to b */ +#ifndef ALT_ECC_SIZE + #define fp_copy(a, b) (void)(((a) != (b)) ? ((void)XMEMCPY((b), (a), sizeof(fp_int))) : (void)0) + #define fp_init_copy(a, b) fp_copy(b, a) +#else + void fp_copy(fp_int *a, fp_int *b); + void fp_init_copy(fp_int *a, fp_int *b); +#endif + +/* clamp digits */ +#define fp_clamp(a) { while ((a)->used && (a)->dp[(a)->used-1] == 0) --((a)->used); (a)->sign = (a)->used ? (a)->sign : FP_ZPOS; } + +/* negate and absolute */ +#define fp_neg(a, b) { fp_copy(a, b); (b)->sign ^= 1; fp_clamp(b); } +#define fp_abs(a, b) { fp_copy(a, b); (b)->sign = 0; } + +/* right shift x digits */ +void fp_rshd(fp_int *a, int x); + +/* right shift x bits */ +void fp_rshb(fp_int *a, int x); + +/* left shift x digits */ +void fp_lshd(fp_int *a, int x); + +/* signed comparison */ +int fp_cmp(fp_int *a, fp_int *b); + +/* unsigned comparison */ +int fp_cmp_mag(fp_int *a, fp_int *b); + +/* power of 2 operations */ +void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d); +void fp_mod_2d(fp_int *a, int b, fp_int *c); +void fp_mul_2d(fp_int *a, int b, fp_int *c); +void fp_2expt (fp_int *a, int b); +void fp_mul_2(fp_int *a, fp_int *c); +void fp_div_2(fp_int *a, fp_int *c); + +/* Counts the number of lsbs which are zero before the first zero bit */ +int fp_cnt_lsb(fp_int *a); + +/* c = a + b */ +void fp_add(fp_int *a, fp_int *b, fp_int *c); + +/* c = a - b */ +void fp_sub(fp_int *a, fp_int *b, fp_int *c); + +/* c = a * b */ +void fp_mul(fp_int *a, fp_int *b, fp_int *c); + +/* b = a*a */ +void fp_sqr(fp_int *a, fp_int *b); + +/* a/b => cb + d == a */ +int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d); + +/* c = a mod b, 0 <= c < b */ +int fp_mod(fp_int *a, fp_int *b, fp_int *c); + +/* compare against a single digit */ +int fp_cmp_d(fp_int *a, fp_digit b); + +/* c = a + b */ +void fp_add_d(fp_int *a, fp_digit b, fp_int *c); + +/* c = a - b */ +void fp_sub_d(fp_int *a, fp_digit b, fp_int *c); + +/* c = a * b */ +void fp_mul_d(fp_int *a, fp_digit b, fp_int *c); + +/* a/b => cb + d == a */ +/*int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d);*/ + +/* c = a mod b, 0 <= c < b */ +/*int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c);*/ + +/* ---> number theory <--- */ +/* d = a + b (mod c) */ +/*int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);*/ + +/* d = a - b (mod c) */ +/*int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);*/ + +/* d = a * b (mod c) */ +int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d); + +/* d = a - b (mod c) */ +int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d); + +/* d = a + b (mod c) */ +int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d); + +/* c = a * a (mod b) */ +int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c); + +/* c = 1/a (mod b) */ +int fp_invmod(fp_int *a, fp_int *b, fp_int *c); + +/* c = (a, b) */ +/*void fp_gcd(fp_int *a, fp_int *b, fp_int *c);*/ + +/* c = [a, b] */ +/*void fp_lcm(fp_int *a, fp_int *b, fp_int *c);*/ + +/* setups the montgomery reduction */ +int fp_montgomery_setup(fp_int *a, fp_digit *mp); + +/* computes a = B**n mod b without division or multiplication useful for + * normalizing numbers in a Montgomery system. + */ +void fp_montgomery_calc_normalization(fp_int *a, fp_int *b); + +/* computes x/R == x (mod N) via Montgomery Reduction */ +void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp); + +/* d = a**b (mod c) */ +int fp_exptmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d); + +/* primality stuff */ + +/* perform a Miller-Rabin test of a to the base b and store result in "result" */ +/*void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result);*/ + +#define FP_PRIME_SIZE 256 +/* 256 trial divisions + 8 Miller-Rabins, returns FP_YES if probable prime */ +/*int fp_isprime(fp_int *a);*/ +/* extended version of fp_isprime, do 't' Miller-Rabins instead of only 8 */ +/*int fp_isprime_ex(fp_int *a, int t);*/ + +/* Primality generation flags */ +/*#define TFM_PRIME_BBS 0x0001 */ /* BBS style prime */ +/*#define TFM_PRIME_SAFE 0x0002 */ /* Safe prime (p-1)/2 == prime */ +/*#define TFM_PRIME_2MSB_OFF 0x0004 */ /* force 2nd MSB to 0 */ +/*#define TFM_PRIME_2MSB_ON 0x0008 */ /* force 2nd MSB to 1 */ + +/* callback for fp_prime_random, should fill dst with random bytes and return how many read [up to len] */ +/*typedef int tfm_prime_callback(unsigned char *dst, int len, void *dat);*/ + +/*#define fp_prime_random(a, t, size, bbs, cb, dat) fp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?TFM_PRIME_BBS:0, cb, dat)*/ + +/*int fp_prime_random_ex(fp_int *a, int t, int size, int flags, tfm_prime_callback cb, void *dat);*/ + +/* radix conversions */ +int fp_count_bits(fp_int *a); +int fp_leading_bit(fp_int *a); + +int fp_unsigned_bin_size(fp_int *a); +void fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c); +void fp_to_unsigned_bin(fp_int *a, unsigned char *b); +int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b); + +/*int fp_signed_bin_size(fp_int *a);*/ +/*void fp_read_signed_bin(fp_int *a, const unsigned char *b, int c);*/ +/*void fp_to_signed_bin(fp_int *a, unsigned char *b);*/ + +/*int fp_read_radix(fp_int *a, char *str, int radix);*/ +/*int fp_toradix(fp_int *a, char *str, int radix);*/ +/*int fp_toradix_n(fp_int * a, char *str, int radix, int maxlen);*/ + + +/* VARIOUS LOW LEVEL STUFFS */ +void s_fp_add(fp_int *a, fp_int *b, fp_int *c); +void s_fp_sub(fp_int *a, fp_int *b, fp_int *c); +void fp_reverse(unsigned char *s, int len); + +void fp_mul_comba(fp_int *a, fp_int *b, fp_int *c); + +void fp_mul_comba_small(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba3(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba4(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba6(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba7(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba8(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba9(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba12(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba17(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba20(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba24(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba28(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba32(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba48(fp_int *a, fp_int *b, fp_int *c); +void fp_mul_comba64(fp_int *a, fp_int *b, fp_int *c); +void fp_sqr_comba(fp_int *a, fp_int *b); +void fp_sqr_comba_small(fp_int *a, fp_int *b); +void fp_sqr_comba3(fp_int *a, fp_int *b); +void fp_sqr_comba4(fp_int *a, fp_int *b); +void fp_sqr_comba6(fp_int *a, fp_int *b); +void fp_sqr_comba7(fp_int *a, fp_int *b); +void fp_sqr_comba8(fp_int *a, fp_int *b); +void fp_sqr_comba9(fp_int *a, fp_int *b); +void fp_sqr_comba12(fp_int *a, fp_int *b); +void fp_sqr_comba17(fp_int *a, fp_int *b); +void fp_sqr_comba20(fp_int *a, fp_int *b); +void fp_sqr_comba24(fp_int *a, fp_int *b); +void fp_sqr_comba28(fp_int *a, fp_int *b); +void fp_sqr_comba32(fp_int *a, fp_int *b); +void fp_sqr_comba48(fp_int *a, fp_int *b); +void fp_sqr_comba64(fp_int *a, fp_int *b); + +/*extern const char *fp_s_rmap;*/ + + +/** + * Used by wolfSSL + */ + +/* Types */ +typedef fp_digit mp_digit; +typedef fp_word mp_word; +typedef fp_int mp_int; + +/* Constants */ +#define MP_LT FP_LT /* less than */ +#define MP_EQ FP_EQ /* equal to */ +#define MP_GT FP_GT /* greater than */ +#define MP_VAL FP_VAL /* invalid */ +#define MP_MEM FP_MEM /* memory error */ +#define MP_NOT_INF FP_NOT_INF /* point not at infinity */ +#define MP_OKAY FP_OKAY /* ok result */ +#define MP_NO FP_NO /* yes/no result */ +#define MP_YES FP_YES /* yes/no result */ + +/* Prototypes */ +#define mp_zero(a) fp_zero(a) +#define mp_isone(a) fp_isone(a) +#define mp_iseven(a) fp_iseven(a) +#define mp_isneg(a) fp_isneg(a) +int mp_init (mp_int * a); +void mp_clear (mp_int * a); +#define mp_forcezero(a) fp_clear(a) +int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e, mp_int* f); + +int mp_add (mp_int * a, mp_int * b, mp_int * c); +int mp_sub (mp_int * a, mp_int * b, mp_int * c); +int mp_add_d (mp_int * a, mp_digit b, mp_int * c); + +int mp_mul (mp_int * a, mp_int * b, mp_int * c); +int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d); +int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d); +int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d); +int mp_mod(mp_int *a, mp_int *b, mp_int *c); +int mp_invmod(mp_int *a, mp_int *b, mp_int *c); +int mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y); +int mp_mul_2d(mp_int *a, int b, mp_int *c); + + +int mp_cmp(mp_int *a, mp_int *b); +int mp_cmp_d(mp_int *a, mp_digit b); + +int mp_unsigned_bin_size(mp_int * a); +int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c); +int mp_to_unsigned_bin (mp_int * a, unsigned char *b); + +int mp_sub_d(fp_int *a, fp_digit b, fp_int *c); +int mp_copy(fp_int* a, fp_int* b); +int mp_isodd(mp_int* a); +int mp_iszero(mp_int* a); +int mp_count_bits(mp_int *a); +int mp_leading_bit(mp_int *a); +int mp_set_int(mp_int *a, mp_digit b); +int mp_is_bit_set (mp_int * a, mp_digit b); +int mp_set_bit (mp_int * a, mp_digit b); +void mp_rshb(mp_int *a, int x); +int mp_toradix (mp_int *a, char *str, int radix); +int mp_radix_size (mp_int * a, int radix, int *size); + +#ifdef WOLFSSL_DEBUG_MATH + void mp_dump(const char* desc, mp_int* a, byte verbose); +#else + #define mp_dump(desc, a, verbose) +#endif + +#ifdef HAVE_ECC + int mp_read_radix(mp_int* a, const char* str, int radix); + void mp_set(fp_int *a, fp_digit b); + int mp_sqr(fp_int *a, fp_int *b); + int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp); + int mp_montgomery_setup(fp_int *a, fp_digit *rho); + int mp_div_2(fp_int * a, fp_int * b); + int mp_init_copy(fp_int * a, fp_int * b); +#endif + +#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) + int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c); + int mp_montgomery_calc_normalization(mp_int *a, mp_int *b); +#endif + +#ifdef WOLFSSL_KEY_GEN +int mp_gcd(fp_int *a, fp_int *b, fp_int *c); +int mp_lcm(fp_int *a, fp_int *b, fp_int *c); +int mp_prime_is_prime(mp_int* a, int t, int* result); +int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap); +int mp_exch(mp_int *a, mp_int *b); +#endif /* WOLFSSL_KEY_GEN */ + +int mp_cnt_lsb(fp_int *a); +int mp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d); +int mp_mod_d(fp_int* a, fp_digit b, fp_digit* c); +int mp_lshd (mp_int * a, int b); + +WOLFSSL_API word32 CheckRunTimeFastMath(void); + +/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math FP_SIZE + must match, return 1 if a match otherwise 0 */ +#define CheckFastMathSettings() (FP_SIZE == CheckRunTimeFastMath()) +#ifdef __cplusplus + } +#endif + +#endif /* WOLF_CRYPT_TFM_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/types.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/types.h new file mode 100644 index 0000000..ac20cae --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/types.h @@ -0,0 +1,421 @@ +/* types.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_TYPES_H +#define WOLF_CRYPT_TYPES_H + + #include + #include + + #ifdef __cplusplus + extern "C" { + #endif + + + #if defined(WORDS_BIGENDIAN) + #define BIG_ENDIAN_ORDER + #endif + + #ifndef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #ifndef WOLFSSL_TYPES + #ifndef byte + typedef unsigned char byte; + #endif + typedef unsigned short word16; + typedef unsigned int word32; + #endif + + + /* try to set SIZEOF_LONG or LONG_LONG if user didn't */ + #if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) + #if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG) + #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) \ + || defined(__mips64) || defined(__x86_64__)) + /* long should be 64bit */ + #define SIZEOF_LONG 8 + #elif defined(__i386__) || defined(__CORTEX_M3__) + /* long long should be 64bit */ + #define SIZEOF_LONG_LONG 8 + #endif + #endif + #endif + + + #if defined(_MSC_VER) || defined(__BCPLUSPLUS__) + #define WORD64_AVAILABLE + #define W64LIT(x) x##ui64 + typedef unsigned __int64 word64; + #elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8 + #define WORD64_AVAILABLE + #define W64LIT(x) x##LL + typedef unsigned long word64; + #elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8 + #define WORD64_AVAILABLE + #define W64LIT(x) x##LL + typedef unsigned long long word64; + #elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8 + #define WORD64_AVAILABLE + #define W64LIT(x) x##LL + typedef unsigned long long word64; + #else + #define MP_16BIT /* for mp_int, mp_word needs to be twice as big as + mp_digit, no 64 bit type so make mp_digit 16 bit */ + #endif + + + /* These platforms have 64-bit CPU registers. */ + #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \ + defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \ + defined(__aarch64__) + typedef word64 wolfssl_word; + #define WC_64BIT_CPU + #else + typedef word32 wolfssl_word; + #ifdef WORD64_AVAILABLE + #define WOLFCRYPT_SLOW_WORD64 + #endif + #endif + + + enum { + WOLFSSL_WORD_SIZE = sizeof(wolfssl_word), + WOLFSSL_BIT_SIZE = 8, + WOLFSSL_WORD_BITS = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE + }; + + #define WOLFSSL_MAX_16BIT 0xffffU + + /* use inlining if compiler allows */ + #ifndef INLINE + #ifndef NO_INLINE + #ifdef _MSC_VER + #define INLINE __inline + #elif defined(__GNUC__) + #ifdef WOLFSSL_VXWORKS + #define INLINE __inline__ + #else + #define INLINE inline + #endif + #elif defined(__IAR_SYSTEMS_ICC__) + #define INLINE inline + #elif defined(THREADX) + #define INLINE _Inline + #else + #define INLINE + #endif + #else + #define INLINE + #endif + #endif + + + /* set up rotate style */ + #if (defined(_MSC_VER) || defined(__BCPLUSPLUS__)) && !defined(WOLFSSL_SGX) + #define INTEL_INTRINSICS + #define FAST_ROTATE + #elif defined(__MWERKS__) && TARGET_CPU_PPC + #define PPC_INTRINSICS + #define FAST_ROTATE + #elif defined(__GNUC__) && defined(__i386__) + /* GCC does peephole optimizations which should result in using rotate + instructions */ + #define FAST_ROTATE + #endif + + + /* set up thread local storage if available */ + #ifdef HAVE_THREAD_LS + #if defined(_MSC_VER) + #define THREAD_LS_T __declspec(thread) + /* Thread local storage only in FreeRTOS v8.2.1 and higher */ + #elif defined(FREERTOS) + #define THREAD_LS_T + #else + #define THREAD_LS_T __thread + #endif + #else + #define THREAD_LS_T + #endif + + + /* Micrium will use Visual Studio for compilation but not the Win32 API */ + #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \ + !defined(FREERTOS_TCP) && !defined(EBSNET) && !defined(WOLFSSL_UTASKER) + #define USE_WINDOWS_API + #endif + + + /* idea to add global alloc override by Moises Guimaraes */ + /* default to libc stuff */ + /* XREALLOC is used once in normal math lib, not in fast math lib */ + /* XFREE on some embeded systems doesn't like free(0) so test */ + #if defined(HAVE_IO_POOL) + WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type); + WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type); + WOLFSSL_API void XFREE(void *p, void* heap, int type); + #elif defined(XMALLOC_USER) + /* prototypes for user heap override functions */ + #include /* for size_t */ + extern void *XMALLOC(size_t n, void* heap, int type); + extern void *XREALLOC(void *p, size_t n, void* heap, int type); + extern void XFREE(void *p, void* heap, int type); + #elif defined(NO_WOLFSSL_MEMORY) + /* just use plain C stdlib stuff if desired */ + #include + #define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s))) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));} + #define XREALLOC(p, n, h, t) realloc((p), (n)) + #elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \ + && !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \ + && !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \ + && !defined(WOLFSSL_LEANPSK) && !defined(FREERTOS) && !defined(FREERTOS_TCP)\ + && !defined(WOLFSSL_uITRON4) && !defined(WOLFSSL_uTKERNEL2) + /* default C runtime, can install different routines at runtime via cbs */ + #include + #ifdef WOLFSSL_STATIC_MEMORY + #ifdef WOLFSSL_DEBUG_MEMORY + #define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);} + #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__) + #else + #define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t)) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));} + #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t)) + #endif /* WOLFSSL_DEBUG_MEMORY */ + #else + #ifdef WOLFSSL_DEBUG_MEMORY + #define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__)) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);} + #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__) + #else + #define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s))) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));} + #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n)) + #endif /* WOLFSSL_DEBUG_MEMORY */ + #endif /* WOLFSSL_STATIC_MEMORY */ + #endif + + + #ifndef STRING_USER + #include + char* mystrnstr(const char* s1, const char* s2, unsigned int n); + + #define XMEMCPY(d,s,l) memcpy((d),(s),(l)) + #define XMEMSET(b,c,l) memset((b),(c),(l)) + #define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n)) + #define XMEMMOVE(d,s,l) memmove((d),(s),(l)) + + #define XSTRLEN(s1) strlen((s1)) + #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n)) + /* strstr, strncmp, and strncat only used by wolfSSL proper, + * not required for wolfCrypt only */ + #define XSTRSTR(s1,s2) strstr((s1),(s2)) + #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n)) + #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n)) + #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n)) + #ifndef USE_WINDOWS_API + #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n)) + #else + #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n)) + #endif + + #if defined(WOLFSSL_MYSQL_COMPATIBLE) + #ifndef USE_WINDOWS_API + #define XSNPRINTF snprintf + #else + #define XSNPRINTF _snprintf + #endif + #endif /* WOLFSSL_MYSQL_COMPATIBLE */ + + #if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN) + /* use only Thread Safe version of strtok */ + #ifndef USE_WINDOWS_API + #define XSTRTOK strtok_r + #else + #define XSTRTOK strtok_s + + #ifdef __MINGW32__ + #pragma GCC diagnostic push + #pragma GCC diagnostic warning "-Wcpp" + #warning "MinGW may be missing strtok_s. You can find a public domain implementation here: https://github.com/fletcher/MultiMarkdown-4/blob/master/strtok.c" + #pragma GCC diagnostic pop + #endif + #endif + #endif + #endif + + #ifndef CTYPE_USER + #include + #if defined(HAVE_ECC) || defined(HAVE_OCSP) || defined(WOLFSSL_KEY_GEN) + #define XTOUPPER(c) toupper((c)) + #define XISALPHA(c) isalpha((c)) + #endif + /* needed by wolfSSL_check_domain_name() */ + #define XTOLOWER(c) tolower((c)) + #endif + + + /* memory allocation types for user hints */ + enum { + DYNAMIC_TYPE_CA = 1, + DYNAMIC_TYPE_CERT = 2, + DYNAMIC_TYPE_KEY = 3, + DYNAMIC_TYPE_FILE = 4, + DYNAMIC_TYPE_SUBJECT_CN = 5, + DYNAMIC_TYPE_PUBLIC_KEY = 6, + DYNAMIC_TYPE_SIGNER = 7, + DYNAMIC_TYPE_NONE = 8, + DYNAMIC_TYPE_BIGINT = 9, + DYNAMIC_TYPE_RSA = 10, + DYNAMIC_TYPE_METHOD = 11, + DYNAMIC_TYPE_OUT_BUFFER = 12, + DYNAMIC_TYPE_IN_BUFFER = 13, + DYNAMIC_TYPE_INFO = 14, + DYNAMIC_TYPE_DH = 15, + DYNAMIC_TYPE_DOMAIN = 16, + DYNAMIC_TYPE_SSL = 17, + DYNAMIC_TYPE_CTX = 18, + DYNAMIC_TYPE_WRITEV = 19, + DYNAMIC_TYPE_OPENSSL = 20, + DYNAMIC_TYPE_DSA = 21, + DYNAMIC_TYPE_CRL = 22, + DYNAMIC_TYPE_REVOKED = 23, + DYNAMIC_TYPE_CRL_ENTRY = 24, + DYNAMIC_TYPE_CERT_MANAGER = 25, + DYNAMIC_TYPE_CRL_MONITOR = 26, + DYNAMIC_TYPE_OCSP_STATUS = 27, + DYNAMIC_TYPE_OCSP_ENTRY = 28, + DYNAMIC_TYPE_ALTNAME = 29, + DYNAMIC_TYPE_SUITES = 30, + DYNAMIC_TYPE_CIPHER = 31, + DYNAMIC_TYPE_RNG = 32, + DYNAMIC_TYPE_ARRAYS = 33, + DYNAMIC_TYPE_DTLS_POOL = 34, + DYNAMIC_TYPE_SOCKADDR = 35, + DYNAMIC_TYPE_LIBZ = 36, + DYNAMIC_TYPE_ECC = 37, + DYNAMIC_TYPE_TMP_BUFFER = 38, + DYNAMIC_TYPE_DTLS_MSG = 39, + DYNAMIC_TYPE_ASYNC_TMP = 40, + DYNAMIC_TYPE_ASYNC_RSA = 41, + DYNAMIC_TYPE_X509 = 42, + DYNAMIC_TYPE_TLSX = 43, + DYNAMIC_TYPE_OCSP = 44, + DYNAMIC_TYPE_SIGNATURE = 45, + DYNAMIC_TYPE_HASHES = 46, + DYNAMIC_TYPE_SRP = 47, + DYNAMIC_TYPE_COOKIE_PWD = 48, + DYNAMIC_TYPE_USER_CRYPTO = 49, + DYNAMIC_TYPE_OCSP_REQUEST = 50, + DYNAMIC_TYPE_X509_EXT = 51, + DYNAMIC_TYPE_X509_STORE = 52, + DYNAMIC_TYPE_X509_CTX = 53, + DYNAMIC_TYPE_URL = 54, + DYNAMIC_TYPE_DTLS_FRAG = 55, + DYNAMIC_TYPE_DTLS_BUFFER = 56, + DYNAMIC_TYPE_SESSION_TICK = 57, + DYNAMIC_TYPE_PKCS = 58, + DYNAMIC_TYPE_MUTEX = 59, + DYNAMIC_TYPE_PKCS7 = 60 + }; + + /* max error buffer string size */ + enum { + WOLFSSL_MAX_ERROR_SZ = 80 + }; + + /* stack protection */ + enum { + MIN_STACK_BUFFER = 8 + }; + + + + /* settings detection for compile vs runtime math incompatibilities */ + enum { + #if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG) + CTC_SETTINGS = 0x0 + #elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8) + CTC_SETTINGS = 0x1 + #elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8) + CTC_SETTINGS = 0x2 + #elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4) + CTC_SETTINGS = 0x4 + #elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG) + CTC_SETTINGS = 0x8 + #elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8) + CTC_SETTINGS = 0x10 + #elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8) + CTC_SETTINGS = 0x20 + #elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4) + CTC_SETTINGS = 0x40 + #else + #error "bad math long / long long settings" + #endif + }; + + + WOLFSSL_API word32 CheckRunTimeSettings(void); + + /* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long + types need to match at compile time and run time, CheckCtcSettings will + return 1 if a match otherwise 0 */ + #define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings()) + + /* invalid device id */ + #define INVALID_DEVID -2 + + + /* AESNI requires alignment and ARMASM gains some performance from it */ + #if defined(WOLFSSL_AESNI) || defined(WOLFSSL_ARMASM) + #if !defined (ALIGN16) + #if defined (__GNUC__) + #define ALIGN16 __attribute__ ( (aligned (16))) + #elif defined(_MSC_VER) + /* disable align warning, we want alignment ! */ + #pragma warning(disable: 4324) + #define ALIGN16 __declspec (align (16)) + #else + #define ALIGN16 + #endif + #endif + #else + #ifndef ALIGN16 + #define ALIGN16 + #endif + #endif /* WOLFSSL_AESNI or WOLFSSL_ARMASM */ + + #ifdef WOLFSSL_RIOT_OS + #define EXIT_TEST(ret) exit(ret) + #else + #define EXIT_TEST(ret) return ret + #endif + + #ifdef __cplusplus + } /* extern "C" */ + #endif + +#endif /* WOLF_CRYPT_TYPES_H */ diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/visibility.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/visibility.h new file mode 100644 index 0000000..d77cfde --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/visibility.h @@ -0,0 +1,76 @@ +/* visibility.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* Visibility control macros */ + +#ifndef WOLF_CRYPT_VISIBILITY_H +#define WOLF_CRYPT_VISIBILITY_H + + +/* for compatibility and so that fips is using same name of macro @wc_fips */ +#ifdef HAVE_FIPS + #include + #define WOLFSSL_API CYASSL_API + #define WOLFSSL_LOCAL CYASSL_LOCAL +#else + +/* WOLFSSL_API is used for the public API symbols. + It either imports or exports (or does nothing for static builds) + + WOLFSSL_LOCAL is used for non-API symbols (private). +*/ + +#if defined(BUILDING_WOLFSSL) + #if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY + #define WOLFSSL_API __attribute__ ((visibility("default"))) + #define WOLFSSL_LOCAL __attribute__ ((visibility("hidden"))) + #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550) + #define WOLFSSL_API __global + #define WOLFSSL_LOCAL __hidden + #elif defined(_MSC_VER) || defined(__MINGW32__) + #if defined(WOLFSSL_DLL) + #define WOLFSSL_API __declspec(dllexport) + #else + #define WOLFSSL_API + #endif + #define WOLFSSL_LOCAL + #else + #define WOLFSSL_API + #define WOLFSSL_LOCAL + #endif /* HAVE_VISIBILITY */ +#else /* BUILDING_WOLFSSL */ + #if defined(_MSC_VER) || defined(__MINGW32__) + #if defined(WOLFSSL_DLL) + #define WOLFSSL_API __declspec(dllimport) + #else + #define WOLFSSL_API + #endif + #define WOLFSSL_LOCAL + #else + #define WOLFSSL_API + #define WOLFSSL_LOCAL + #endif +#endif /* BUILDING_WOLFSSL */ + +#endif /* HAVE_FIPS */ +#endif /* WOLF_CRYPT_VISIBILITY_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/wc_encrypt.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/wc_encrypt.h new file mode 100644 index 0000000..4cbc9f4 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/wc_encrypt.h @@ -0,0 +1,63 @@ +/* wc_encrypt.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_ENCRYPT_H +#define WOLF_CRYPT_ENCRYPT_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + +#ifndef NO_AES +WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz, + const byte* key, word32 keySz, + const byte* iv); +WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz, + const byte* key, word32 keySz, + const byte* iv); +#endif /* !NO_AES */ + + +#ifndef NO_DES3 +WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out, + const byte* in, word32 sz, + const byte* key, const byte* iv); +WOLFSSL_API int wc_Des_CbcEncryptWithKey(byte* out, + const byte* in, word32 sz, + const byte* key, const byte* iv); +WOLFSSL_API int wc_Des3_CbcEncryptWithKey(byte* out, + const byte* in, word32 sz, + const byte* key, const byte* iv); +WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out, + const byte* in, word32 sz, + const byte* key, const byte* iv); +#endif /* !NO_DES3 */ + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_ENCRYPT_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/wc_port.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/wc_port.h new file mode 100644 index 0000000..db8d1ee --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/wc_port.h @@ -0,0 +1,278 @@ +/* wc_port.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + + +#ifndef WOLF_CRYPT_PORT_H +#define WOLF_CRYPT_PORT_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +#ifdef USE_WINDOWS_API + #ifdef WOLFSSL_GAME_BUILD + #include "system/xtl.h" + #else + #ifndef WIN32_LEAN_AND_MEAN + #define WIN32_LEAN_AND_MEAN + #endif + #ifndef WOLFCRYPT_ONLY + #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN) + /* On WinCE winsock2.h must be included before windows.h */ + #include + #endif + #include + #endif + #endif /* WOLFCRYPT_ONLY */ +#elif defined(THREADX) + #ifndef SINGLE_THREADED + #include "tx_api.h" + #endif +#elif defined(MICRIUM) + /* do nothing, just don't pick Unix */ +#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS) + /* do nothing */ +#elif defined(EBSNET) + /* do nothing */ +#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + /* do nothing */ +#elif defined(FREESCALE_FREE_RTOS) + #include "fsl_os_abstraction.h" +#elif defined(WOLFSSL_uITRON4) + #include "kernel.h" +#elif defined(WOLFSSL_uTKERNEL2) + #include "tk/tkernel.h" +#elif defined(WOLFSSL_MDK_ARM) + #if defined(WOLFSSL_MDK5) + #include "cmsis_os.h" + #else + #include + #endif +#elif defined(WOLFSSL_CMSIS_RTOS) + #include "cmsis_os.h" +#elif defined(WOLFSSL_TIRTOS) + #include + #include +#elif defined(WOLFSSL_FROSTED) + #include +#else + #ifndef SINGLE_THREADED + #define WOLFSSL_PTHREADS + #include + #endif + #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) + #include /* for close of BIO */ + #endif +#endif + +/* For FIPS keep the function names the same */ +#ifdef HAVE_FIPS +#define wc_InitMutex InitMutex +#define wc_FreeMutex FreeMutex +#define wc_LockMutex LockMutex +#define wc_UnLockMutex UnLockMutex +#endif /* HAVE_FIPS */ + +#ifdef SINGLE_THREADED + typedef int wolfSSL_Mutex; +#else /* MULTI_THREADED */ + /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */ + #if defined(FREERTOS) + typedef xSemaphoreHandle wolfSSL_Mutex; + #elif defined(FREERTOS_TCP) + #include "FreeRTOS.h" + #include "semphr.h" + typedef SemaphoreHandle_t wolfSSL_Mutex; + #elif defined(WOLFSSL_SAFERTOS) + typedef struct wolfSSL_Mutex { + signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES]; + xSemaphoreHandle mutex; + } wolfSSL_Mutex; + #elif defined(USE_WINDOWS_API) + typedef CRITICAL_SECTION wolfSSL_Mutex; + #elif defined(WOLFSSL_PTHREADS) + typedef pthread_mutex_t wolfSSL_Mutex; + #elif defined(THREADX) + typedef TX_MUTEX wolfSSL_Mutex; + #elif defined(MICRIUM) + typedef OS_MUTEX wolfSSL_Mutex; + #elif defined(EBSNET) + typedef RTP_MUTEX wolfSSL_Mutex; + #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + typedef MUTEX_STRUCT wolfSSL_Mutex; + #elif defined(FREESCALE_FREE_RTOS) + typedef mutex_t wolfSSL_Mutex; + #elif defined(WOLFSSL_uITRON4) + typedef struct wolfSSL_Mutex { + T_CSEM sem ; + ID id ; + } wolfSSL_Mutex; + #elif defined(WOLFSSL_uTKERNEL2) + typedef struct wolfSSL_Mutex { + T_CSEM sem ; + ID id ; + } wolfSSL_Mutex; + #elif defined(WOLFSSL_MDK_ARM) + #if defined(WOLFSSL_CMSIS_RTOS) + typedef osMutexId wolfSSL_Mutex; + #else + typedef OS_MUT wolfSSL_Mutex; + #endif + #elif defined(WOLFSSL_CMSIS_RTOS) + typedef osMutexId wolfSSL_Mutex; + #elif defined(WOLFSSL_TIRTOS) + typedef ti_sysbios_knl_Semaphore_Handle wolfSSL_Mutex; + #elif defined(WOLFSSL_FROSTED) + typedef mutex_t * wolfSSL_Mutex; + #else + #error Need a mutex type in multithreaded mode + #endif /* USE_WINDOWS_API */ +#endif /* SINGLE_THREADED */ + +/* Enable crypt HW mutex for Freescale MMCAU */ +#if defined(FREESCALE_MMCAU) + #ifndef WOLFSSL_CRYPT_HW_MUTEX + #define WOLFSSL_CRYPT_HW_MUTEX 1 + #endif +#endif /* FREESCALE_MMCAU */ + +#ifndef WOLFSSL_CRYPT_HW_MUTEX + #define WOLFSSL_CRYPT_HW_MUTEX 0 +#endif + +#if WOLFSSL_CRYPT_HW_MUTEX + /* wolfSSL_CryptHwMutexInit is called on first wolfSSL_CryptHwMutexLock, + however it's recommended to call this directly on Hw init to avoid possible + race condition where two calls to wolfSSL_CryptHwMutexLock are made at + the same time. */ + int wolfSSL_CryptHwMutexInit(void); + int wolfSSL_CryptHwMutexLock(void); + int wolfSSL_CryptHwMutexUnLock(void); +#else + /* Define stubs, since HW mutex is disabled */ + #define wolfSSL_CryptHwMutexInit() 0 /* Success */ + #define wolfSSL_CryptHwMutexLock() 0 /* Success */ + #define wolfSSL_CryptHwMutexUnLock() 0 /* Success */ +#endif /* WOLFSSL_CRYPT_HW_MUTEX */ + +/* Mutex functions */ +WOLFSSL_API int wc_InitMutex(wolfSSL_Mutex*); +WOLFSSL_API wolfSSL_Mutex* wc_InitAndAllocMutex(void); +WOLFSSL_API int wc_FreeMutex(wolfSSL_Mutex*); +WOLFSSL_API int wc_LockMutex(wolfSSL_Mutex*); +WOLFSSL_API int wc_UnLockMutex(wolfSSL_Mutex*); + +/* main crypto initialization function */ +WOLFSSL_API int wolfCrypt_Init(void); + +/* filesystem abstraction layer, used by ssl.c */ +#ifndef NO_FILESYSTEM + +#if defined(EBSNET) + #define XFILE int + #define XFOPEN(NAME, MODE) vf_open((const char *)NAME, VO_RDONLY, 0); + #define XFSEEK vf_lseek + #define XFTELL vf_tell + #define XREWIND vf_rewind + #define XFREAD(BUF, SZ, AMT, FD) vf_read(FD, BUF, SZ*AMT) + #define XFWRITE(BUF, SZ, AMT, FD) vf_write(FD, BUF, SZ*AMT) + #define XFCLOSE vf_close + #define XSEEK_END VSEEK_END + #define XBADFILE -1 +#elif defined(LSR_FS) + #include + #define XFILE struct fs_file* + #define XFOPEN(NAME, MODE) fs_open((char*)NAME); + #define XFSEEK(F, O, W) (void)F + #define XFTELL(F) (F)->len + #define XREWIND(F) (void)F + #define XFREAD(BUF, SZ, AMT, F) fs_read(F, (char*)BUF, SZ*AMT) + #define XFWRITE(BUF, SZ, AMT, F) fs_write(F, (char*)BUF, SZ*AMT) + #define XFCLOSE fs_close + #define XSEEK_END 0 + #define XBADFILE NULL +#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + #define XFILE MQX_FILE_PTR + #define XFOPEN fopen + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND(F) fseek(F, 0, IO_SEEK_SET) + #define XFREAD fread + #define XFWRITE fwrite + #define XFCLOSE fclose + #define XSEEK_END IO_SEEK_END + #define XBADFILE NULL +#elif defined(MICRIUM) + #include + #define XFILE FS_FILE* + #define XFOPEN fs_fopen + #define XFSEEK fs_fseek + #define XFTELL fs_ftell + #define XREWIND fs_rewind + #define XFREAD fs_fread + #define XFWRITE fs_fwrite + #define XFCLOSE fs_fclose + #define XSEEK_END FS_SEEK_END + #define XBADFILE NULL +#else + /* stdio, default case */ + #include + #define XFILE FILE* + #if defined(WOLFSSL_MDK_ARM) + extern FILE * wolfSSL_fopen(const char *name, const char *mode) ; + #define XFOPEN wolfSSL_fopen + #else + #define XFOPEN fopen + #endif + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND rewind + #define XFREAD fread + #define XFWRITE fwrite + #define XFCLOSE fclose + #define XSEEK_END SEEK_END + #define XBADFILE NULL +#endif + +#endif /* NO_FILESYSTEM */ + + +/* Windows API defines its own min() macro. */ +#if defined(USE_WINDOWS_API) + #if defined(min) || defined(WOLFSSL_MYSQL_COMPATIBLE) + #define WOLFSSL_HAVE_MIN + #endif /* min */ + #if defined(max) || defined(WOLFSSL_MYSQL_COMPATIBLE) + #define WOLFSSL_HAVE_MAX + #endif /* max */ +#endif /* USE_WINDOWS_API */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* WOLF_CRYPT_PORT_H */ + diff --git a/ccc/dist/lib/include/wolfssl/wolfcrypt/wolfevent.h b/ccc/dist/lib/include/wolfssl/wolfcrypt/wolfevent.h new file mode 100644 index 0000000..5dbf164 --- /dev/null +++ b/ccc/dist/lib/include/wolfssl/wolfcrypt/wolfevent.h @@ -0,0 +1,103 @@ +/* wolfevent.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifndef _WOLF_EVENT_H_ +#define _WOLF_EVENT_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#ifndef SINGLE_THREADED + #include +#endif + +typedef struct WOLFSSL WOLFSSL; +typedef struct WOLF_EVENT WOLF_EVENT; +typedef struct WOLFSSL_CTX WOLFSSL_CTX; + +typedef unsigned short WOLF_EVENT_FLAG; + +typedef enum WOLF_EVENT_TYPE { + WOLF_EVENT_TYPE_NONE, + #ifdef WOLFSSL_ASYNC_CRYPT + WOLF_EVENT_TYPE_ASYNC_ANY, + WOLF_EVENT_TYPE_ASYNC_WOLFSSL, + WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT, + WOLF_EVENT_TYPE_ASYNC_FIRST = WOLF_EVENT_TYPE_ASYNC_WOLFSSL, + WOLF_EVENT_TYPE_ASYNC_LAST = WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT, + #endif +} WOLF_EVENT_TYPE; + +struct WOLF_EVENT { + /* double linked list */ + WOLF_EVENT* next; + WOLF_EVENT* prev; + + void* context; +#ifdef HAVE_CAVIUM + word64 reqId; +#endif + int ret; /* Async return code */ + WOLF_EVENT_TYPE type; + WOLF_EVENT_FLAG pending:1; + WOLF_EVENT_FLAG done:1; + /* Future event flags can go here */ +}; + +enum WOLF_POLL_FLAGS { + WOLF_POLL_FLAG_CHECK_HW = 0x01, +}; + +typedef struct { + WOLF_EVENT* head; /* head of queue */ + WOLF_EVENT* tail; /* tail of queue */ +#ifndef SINGLE_THREADED + wolfSSL_Mutex lock; /* queue lock */ +#endif + int count; +} WOLF_EVENT_QUEUE; + + +#ifdef HAVE_WOLF_EVENT + +/* Event */ +WOLFSSL_API int wolfEvent_Init(WOLF_EVENT* event, WOLF_EVENT_TYPE type, void* context); +WOLFSSL_API int wolfEvent_Poll(WOLF_EVENT* event, WOLF_EVENT_FLAG flags); + +/* Event Queue */ +WOLFSSL_API int wolfEventQueue_Init(WOLF_EVENT_QUEUE* queue); +WOLFSSL_API int wolfEventQueue_Push(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event); +WOLFSSL_API int wolfEventQueue_Pop(WOLF_EVENT_QUEUE* queue, WOLF_EVENT** event); +WOLFSSL_API int wolfEventQueue_Remove(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event); +WOLFSSL_API int wolfEventQueue_Poll(WOLF_EVENT_QUEUE* queue, void* context_filter, + WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags, int* eventCount); +WOLFSSL_API int wolfEventQueue_Count(WOLF_EVENT_QUEUE* queue); +WOLFSSL_API void wolfEventQueue_Free(WOLF_EVENT_QUEUE* queue); + +#endif /* HAVE_WOLF_EVENT */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* _WOLF_EVENT_H_ */ diff --git a/ccc/dist/lib/x86/libwolfssl.a b/ccc/dist/lib/x86/libwolfssl.a new file mode 100644 index 0000000..9f86e15 Binary files /dev/null and b/ccc/dist/lib/x86/libwolfssl.a differ diff --git a/ccc/dist/lib/x86_64/libwolfssl.a b/ccc/dist/lib/x86_64/libwolfssl.a new file mode 100644 index 0000000..ed4e331 Binary files /dev/null and b/ccc/dist/lib/x86_64/libwolfssl.a differ diff --git a/ccc/dist/libccc-jni/arm64-v8a/libccc-jni.so b/ccc/dist/libccc-jni/arm64-v8a/libccc-jni.so new file mode 100755 index 0000000..53b2ab9 Binary files /dev/null and b/ccc/dist/libccc-jni/arm64-v8a/libccc-jni.so differ diff --git a/ccc/dist/libccc-jni/armeabi-v7a/libccc-jni.so b/ccc/dist/libccc-jni/armeabi-v7a/libccc-jni.so new file mode 100755 index 0000000..a3c0baa Binary files /dev/null and b/ccc/dist/libccc-jni/armeabi-v7a/libccc-jni.so differ diff --git a/ccc/dist/libccc-jni/x86/libccc-jni.so b/ccc/dist/libccc-jni/x86/libccc-jni.so new file mode 100755 index 0000000..589e7a5 Binary files /dev/null and b/ccc/dist/libccc-jni/x86/libccc-jni.so differ diff --git a/ccc/dist/libccc-jni/x86_64/libccc-jni.so b/ccc/dist/libccc-jni/x86_64/libccc-jni.so new file mode 100755 index 0000000..86d35cf Binary files /dev/null and b/ccc/dist/libccc-jni/x86_64/libccc-jni.so differ diff --git a/ccc/docs/Android-wolfcrypt.mk b/ccc/docs/Android-wolfcrypt.mk new file mode 100644 index 0000000..9228f86 --- /dev/null +++ b/ccc/docs/Android-wolfcrypt.mk @@ -0,0 +1,42 @@ +ROOT_PATH := $(call my-dir) + +################################################################################ + +include $(CLEAR_VARS) + +LOCAL_MODULE := libwolfssl +LOCAL_PATH := ../../src/.libs +LOCAL_SRC_FILES := libwolfssl.a + +include $(PREBUILT_STATIC_LIBRARY) + +################################################################################ + +include $(CLEAR_VARS) + +LOCAL_MODULE := libwolfcrypt-jni +LOCAL_PATH := $(ROOT_PATH) +LOCAL_C_INCLUDES := $(LOCAL_PATH)/include ../../../wolfssl +LOCAL_SRC_FILES := jni_fips.c \ + jni_native_struct.c \ + jni_aes.c \ + jni_des3.c \ + jni_md5.c \ + jni_sha.c \ + jni_hmac.c \ + jni_rng.c \ + jni_rsa.c \ + jni_dh.c \ + jni_ecc.c \ + jni_asn.c \ + jni_logging.c + +LOCAL_CFLAGS := -DHAVE_CONFIG_H -Wall -Wno-unused +LOCAL_LDLIBS := -llog + +LOCAL_STATIC_LIBRARIES := libwolfssl + +include $(BUILD_SHARED_LIBRARY) + +################################################################################ + diff --git a/ccc/docs/Android-wolfssl.mk b/ccc/docs/Android-wolfssl.mk new file mode 100644 index 0000000..5d962da --- /dev/null +++ b/ccc/docs/Android-wolfssl.mk @@ -0,0 +1,100 @@ +TOP_PATH := $(call my-dir)/.. + +WOLFSSL_DIR := wolfssl + +# Build wolfSSL shared library +include $(CLEAR_VARS) +LOCAL_PATH := $(TOP_PATH)/$(WOLFSSL_DIR) +LOCAL_MODULE := libwolfssl +LOCAL_EXPORT_C_INCLUDES := $(LOCAL_PATH) +LOCAL_C_INCLUDES := $(LOCAL_PATH) +LOCAL_CFLAGS := -DOPENSSL_EXTRA -DWOLFSSL_DTLS -D_POSIX_THREADS -DNDEBUG \ + -DPERSIST_SESSION_CACHE -DPERSIST_CERT_CACHE -DATOMIC_USER \ + -DHAVE_PK_CALLBACKS -DNO_DSA -DHAVE_ECC -DTFM_ECC256 \ + -DECC_SHAMIR -DNO_MD4 -DNO_HC128 -DNO_RABBIT \ + -DHAVE_OCSP -DHAVE_CRL -DWOLFSSL_JNI -DHAVE_DH \ + -Wall +LOCAL_SRC_FILES := src/crl.c \ + src/internal.c \ + src/io.c \ + src/keys.c \ + src/ocsp.c \ + src/sniffer.c \ + src/ssl.c \ + src/tls.c \ + wolfcrypt/src/aes.c \ + wolfcrypt/src/arc4.c \ + wolfcrypt/src/asm.c \ + wolfcrypt/src/asn.c \ + wolfcrypt/src/blake2b.c \ + wolfcrypt/src/camellia.c \ + wolfcrypt/src/chacha.c \ + wolfcrypt/src/chacha20_poly1305.c \ + wolfcrypt/src/coding.c \ + wolfcrypt/src/compress.c \ + wolfcrypt/src/curve25519.c \ + wolfcrypt/src/des3.c \ + wolfcrypt/src/dh.c \ + wolfcrypt/src/dsa.c \ + wolfcrypt/src/ecc.c \ + wolfcrypt/src/ecc_fp.c \ + wolfcrypt/src/ed25519.c \ + wolfcrypt/src/error.c \ + wolfcrypt/src/fe_low_mem.c \ + wolfcrypt/src/fe_operations.c \ + wolfcrypt/src/ge_low_mem.c \ + wolfcrypt/src/ge_operations.c \ + wolfcrypt/src/hash.c \ + wolfcrypt/src/hc128.c \ + wolfcrypt/src/hmac.c \ + wolfcrypt/src/idea.c \ + wolfcrypt/src/integer.c \ + wolfcrypt/src/logging.c \ + wolfcrypt/src/md2.c \ + wolfcrypt/src/md4.c \ + wolfcrypt/src/md5.c \ + wolfcrypt/src/memory.c \ + wolfcrypt/src/misc.c \ + wolfcrypt/src/pkcs7.c \ + wolfcrypt/src/pkcs12.c \ + wolfcrypt/src/poly1305.c \ + wolfcrypt/src/pwdbased.c \ + wolfcrypt/src/rabbit.c \ + wolfcrypt/src/random.c \ + wolfcrypt/src/ripemd.c \ + wolfcrypt/src/rsa.c \ + wolfcrypt/src/sha.c \ + wolfcrypt/src/sha256.c \ + wolfcrypt/src/sha512.c \ + wolfcrypt/src/srp.c \ + wolfcrypt/src/tfm.c \ + wolfcrypt/src/wc_encrypt.c \ + wolfcrypt/src/wc_port.c +include $(BUILD_SHARED_LIBRARY) + + +## Build wolfSSL JNI library +include $(CLEAR_VARS) +LOCAL_PATH := $(TOP_PATH)/wolfssljni +LOCAL_MODULE := libwolfssljni +LOCAL_EXPORT_C_INCLUDES := $(LOCAL_PATH)/native +LOCAL_C_INCLUDES := $(LOCAL_PATH)/native +LOCAL_SRC_FILES := native/com_wolfssl_WolfSSL.c \ + native/com_wolfssl_WolfSSLContext.c \ + native/com_wolfssl_WolfSSLSession.c \ + native/com_wolfssl_wolfcrypt_ECC.c \ + native/com_wolfssl_wolfcrypt_RSA.c +LOCAL_CFLAGS := -Wall -Os -DWOLFSSL_DTLS -DHAVE_ECC +LOCAL_SHARED_LIBRARIES := libwolfssl +include $(BUILD_SHARED_LIBRARY) + + +include $(CLEAR_VARS) +LOCAL_PATH := $(TOP_PATH)/jni +LOCAL_MODULE := libjnitest +LOCAL_C_INCLUDES := $(LOCAL_PATH) +LOCAL_SRC_FILES := jnitest.c +LOCAL_CFLAGS := -Wall +LOCAL_SHARED_LIBRARIES := libwolfssl +include $(BUILD_SHARED_LIBRARY) + diff --git a/ccc/docs/Application.mk b/ccc/docs/Application.mk new file mode 100644 index 0000000..6beb2de --- /dev/null +++ b/ccc/docs/Application.mk @@ -0,0 +1,5 @@ +# +APP_ABI := all +#APP_ABI := armeabi armeabi-v7a x86 x86_64 +#APP_ABI := mips mips64 arm64-v8a +#APP_ABI := arm64-v8a \ No newline at end of file diff --git a/ccc/get_wolfssl_src.sh b/ccc/get_wolfssl_src.sh new file mode 100755 index 0000000..7f68c0e --- /dev/null +++ b/ccc/get_wolfssl_src.sh @@ -0,0 +1,20 @@ +#!/bin/sh +# from src/main/cpp/ +# +if [[ -z $1 ]]; then + echo "ERROR: missing parameter: branch to checkout required" + echo + echo "Known working branches:" + echo " v3.10.0-stable" + echo + exit +fi + +CD=`pwd` +cd src/main/cpp/wolfssl-oem +git clone https://github.com/wolfSSL/wolfssl.git wolfssl-git +cd wolfssl-git +git checkout $1 +git checkout -b building +cd $CD + diff --git a/app/proguard-rules.pro b/ccc/proguard-rules.pro similarity index 100% rename from app/proguard-rules.pro rename to ccc/proguard-rules.pro diff --git a/ccc/src/androidTest/java/io/malloc/android/tests/crypto/AesTest.java.bak b/ccc/src/androidTest/java/io/malloc/android/tests/crypto/AesTest.java.bak new file mode 100644 index 0000000..6a0c275 --- /dev/null +++ b/ccc/src/androidTest/java/io/malloc/android/tests/crypto/AesTest.java.bak @@ -0,0 +1,26 @@ +package io.malloc.android.tests.crypto; + +import android.content.Context; +import android.support.test.InstrumentationRegistry; +import android.support.test.runner.AndroidJUnit4; + +import org.junit.Test; +import org.junit.runner.RunWith; + +import static org.junit.Assert.*; + +/** + * Instrumented test, which will execute on an Android device. + * + * @see Testing documentation + */ +@RunWith(AndroidJUnit4.class) +public class ExampleInstrumentedTest { + @Test + public void useAppContext() { + // Context of the app under test. + Context appContext = InstrumentationRegistry.getTargetContext(); + + assertEquals("io.malloc.android.tests.crypto", appContext.getPackageName()); + } +} diff --git a/wolfcrypt/src/main/AndroidManifest.xml b/ccc/src/main/AndroidManifest.xml similarity index 84% rename from wolfcrypt/src/main/AndroidManifest.xml rename to ccc/src/main/AndroidManifest.xml index de1e181..42a742c 100644 --- a/wolfcrypt/src/main/AndroidManifest.xml +++ b/ccc/src/main/AndroidManifest.xml @@ -1,5 +1,5 @@ + package="io.malloc.android.lib.ccc"> diff --git a/ccc/src/main/cpp/CMakeLists.txt.old.del b/ccc/src/main/cpp/CMakeLists.txt.old.del new file mode 100644 index 0000000..c90c802 --- /dev/null +++ b/ccc/src/main/cpp/CMakeLists.txt.old.del @@ -0,0 +1,3 @@ +# this CMake file is the root, and is used to create the bin folder +# add_subdirectory(wolfssl-oem) +# add_subdirectory(wolfcrypt) diff --git a/ccc/src/main/cpp/ccc/jni/jni_aes-c.c b/ccc/src/main/cpp/ccc/jni/jni_aes-c.c new file mode 100644 index 0000000..fcfa2cc --- /dev/null +++ b/ccc/src/main/cpp/ccc/jni/jni_aes-c.c @@ -0,0 +1,3 @@ +/* +JNI Wrapper code for the CCC cipher AES-C + */ \ No newline at end of file diff --git a/ccc/src/main/cpp/ccc/nc-wc/aes-c.c b/ccc/src/main/cpp/ccc/nc-wc/aes-c.c new file mode 100644 index 0000000..bbd0133 --- /dev/null +++ b/ccc/src/main/cpp/ccc/nc-wc/aes-c.c @@ -0,0 +1,3 @@ +/* + Apply some patches to wolfssl AES ... or just create my own...dunno yet + */ \ No newline at end of file diff --git a/ccc/src/main/cpp/ccc/nc/aes1024.c b/ccc/src/main/cpp/ccc/nc/aes1024.c new file mode 100644 index 0000000..6bfde63 --- /dev/null +++ b/ccc/src/main/cpp/ccc/nc/aes1024.c @@ -0,0 +1,3 @@ +/* +AES 1024 bit keys ... discover best method to have AES 1024 bit keys +*/ \ No newline at end of file diff --git a/ccc/src/main/cpp/ccc/nc/aes512.c b/ccc/src/main/cpp/ccc/nc/aes512.c new file mode 100644 index 0000000..24bd42a --- /dev/null +++ b/ccc/src/main/cpp/ccc/nc/aes512.c @@ -0,0 +1,3 @@ +/* +AES 512 bit keys ... discover best method to have AES 512 bit keys +*/ \ No newline at end of file diff --git a/ccc/src/main/cpp/ccc/patches/aes-s_box.patch.c b/ccc/src/main/cpp/ccc/patches/aes-s_box.patch.c new file mode 100644 index 0000000..834fb40 --- /dev/null +++ b/ccc/src/main/cpp/ccc/patches/aes-s_box.patch.c @@ -0,0 +1,3 @@ +/* +?? patch WolfSSL aes.c to allow for n # of s-box itterations ?? + */ \ No newline at end of file diff --git a/ccc/src/main/cpp/wolfcrypt/CMakeLists.txt b/ccc/src/main/cpp/wolfcrypt/CMakeLists.txt new file mode 100644 index 0000000..69c74bf --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/CMakeLists.txt @@ -0,0 +1,41 @@ +# create a build target of "ccc-jni" +# library is a SHARED (not STATIC), to be used with JNI +add_library( ccc-jni + SHARED + jni/jni_fips.c + jni/jni_native_struct.c + jni/jni_aes.c + jni/jni_des3.c + jni/jni_md5.c + jni/jni_sha.c + # jni/jni_hmac.c + jni/jni_rng.c + jni/jni_rsa.c + jni/jni_dh.c + jni/jni_ecc.c + jni/jni_asn.c + jni/jni_logging.c + jni/jni_chacha.c + jni/jni_curve25519.c + jni/jni_ed25519.c + jni/jni_error.c ) + +# add wolfssl library usage, link to the static library +add_library( wolfssl-oem + STATIC + IMPORTED ) +set_target_properties( wolfssl-oem PROPERTIES IMPORTED_LOCATION + "${CMAKE_SOURCE_DIR}/dist/lib/${ANDROID_ABI}/libwolfssl.a") + +# .h files are located at ./dist/lib/include/wolfssl, ./dist/lib/include/wolfssl/wolfcrypt +include_directories( jni/include + ${CMAKE_SOURCE_DIR}/dist/lib/include ) + +# set(distribution_DIR ${CMAKE_SOURCE_DIR}/dist) + +set_target_properties( ccc-jni + PROPERTIES + ARCHIVE_OUTPUT_DIRECTORY + "${CMAKE_SOURCE_DIR}/dist/ccc-jni/${ANDROID_ABI}" ) + +target_link_libraries( ccc-jni wolfssl-oem ) \ No newline at end of file diff --git a/ccc/src/main/cpp/wolfcrypt/CMakeLists.txt.old b/ccc/src/main/cpp/wolfcrypt/CMakeLists.txt.old new file mode 100644 index 0000000..575fd29 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/CMakeLists.txt.old @@ -0,0 +1,41 @@ +# create a build target of "wolfcrypt-jni" +# library is a SHARED (not STATIC) +# add all the source code +add_library(wolfcrypt-jni SHARED + jni/jni_aes.c + jni/jni_asn.c + jni/jni_chacha.c + jni/jni_curve25519.c + jni/jni_des3.c + jni/jni_dh.c + jni/jni_ecc.c + jni/jni_ed25519.c + jni/jni_error.c +# jni/jni_fips.c + jni/jni_hmac.c + jni/jni_logging.c + jni/jni_md5.c + jni/jni_native_struct.c + jni/jni_rng.c + jni/jni_rsa.c + jni/jni_sha.c) + +# .h files are located at wolfssl/wolfssl, wolfssl/wolfssl/wolfcrypt +# the source files are looking for wolfssl/wolfcrypt/settings.h +# wolfssl-git/wolfssl/wolfcrypt/settings.h +# therefore give the root of the search path to the find the files +include_directories( jni/include + ../wolfssl-oem/wolfssl-git + ../wolfssl-oem/wolfssl-git/wolfssl + ../wolfssl-oem/wolfssl-git/wolfssl/wolfcrypt ) + +# include_directories( jni/include +# ../wolfssl-oem/wolfssl-git +# ../wolfssl-oem/wolfssl-git/wolfssl +# ../wolfssl-oem/wolfssl-git/wolfssl/wolfcrypt ) + +set(distribution_DIR ${CMAKE_SOURCE_DIR}/dist) +set_target_properties(wolfcrypt-jni + PROPERTIES + ARCHIVE_OUTPUT_DIRECTORY + "${CMAKE_SOURCE_DIR}/dist/lib/${ANDROID_ABI}") diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Aes.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Aes.h new file mode 100644 index 0000000..54533b3 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Aes.h @@ -0,0 +1,59 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Aes */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Aes +#define _Included_com_wolfssl_wolfcrypt_Aes +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Aes_NULL +#define com_wolfssl_wolfcrypt_Aes_NULL 0LL +#undef com_wolfssl_wolfcrypt_Aes_KEY_SIZE_128 +#define com_wolfssl_wolfcrypt_Aes_KEY_SIZE_128 16L +#undef com_wolfssl_wolfcrypt_Aes_KEY_SIZE_192 +#define com_wolfssl_wolfcrypt_Aes_KEY_SIZE_192 24L +#undef com_wolfssl_wolfcrypt_Aes_KEY_SIZE_256 +#define com_wolfssl_wolfcrypt_Aes_KEY_SIZE_256 32L +#undef com_wolfssl_wolfcrypt_Aes_BLOCK_SIZE +#define com_wolfssl_wolfcrypt_Aes_BLOCK_SIZE 16L +#undef com_wolfssl_wolfcrypt_Aes_ENCRYPT_MODE +#define com_wolfssl_wolfcrypt_Aes_ENCRYPT_MODE 0L +#undef com_wolfssl_wolfcrypt_Aes_DECRYPT_MODE +#define com_wolfssl_wolfcrypt_Aes_DECRYPT_MODE 1L +/* + * Class: com_wolfssl_wolfcrypt_Aes + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Aes_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Aes + * Method: native_set_key + * Signature: ([B[BI)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Aes_native_1set_1key + (JNIEnv *, jobject, jbyteArray, jbyteArray, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Aes + * Method: native_update + * Signature: (I[BII[BI)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Aes_native_1update__I_3BII_3BI + (JNIEnv *, jobject, jint, jbyteArray, jint, jint, jbyteArray, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Aes + * Method: native_update + * Signature: (ILjava/nio/ByteBuffer;IILjava/nio/ByteBuffer;I)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Aes_native_1update__ILjava_nio_ByteBuffer_2IILjava_nio_ByteBuffer_2I + (JNIEnv *, jobject, jint, jobject, jint, jint, jobject, jint); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Asn.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Asn.h new file mode 100644 index 0000000..0c478d5 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Asn.h @@ -0,0 +1,39 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Asn */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Asn +#define _Included_com_wolfssl_wolfcrypt_Asn +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Asn_MAX_ENCODED_SIG_SIZE +#define com_wolfssl_wolfcrypt_Asn_MAX_ENCODED_SIG_SIZE 512L +/* + * Class: com_wolfssl_wolfcrypt_Asn + * Method: encodeSignature + * Signature: (Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;JI)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Asn_encodeSignature__Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2JI + (JNIEnv *, jclass, jobject, jobject, jlong, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Asn + * Method: encodeSignature + * Signature: ([B[BJI)J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Asn_encodeSignature___3B_3BJI + (JNIEnv *, jclass, jbyteArray, jbyteArray, jlong, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Asn + * Method: getCTC_HashOID + * Signature: (I)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Asn_getCTC_1HashOID + (JNIEnv *, jclass, jint); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Chacha.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Chacha.h new file mode 100644 index 0000000..5488033 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Chacha.h @@ -0,0 +1,63 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Chacha */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Chacha +#define _Included_com_wolfssl_wolfcrypt_Chacha +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Chacha_NULL +#define com_wolfssl_wolfcrypt_Chacha_NULL 0LL +/* + * Class: com_wolfssl_wolfcrypt_Chacha + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Chacha_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Chacha + * Method: wc_Chacha_init + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1init + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Chacha + * Method: wc_Chacha_free + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1free + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Chacha + * Method: wc_Chacha_process + * Signature: ([B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1process + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Chacha + * Method: wc_Chacha_setKey + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1setKey + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Chacha + * Method: wc_Chacha_setIV + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1setIV + (JNIEnv *, jobject, jbyteArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Curve25519.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Curve25519.h new file mode 100644 index 0000000..27b7d6d --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Curve25519.h @@ -0,0 +1,111 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Curve25519 */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Curve25519 +#define _Included_com_wolfssl_wolfcrypt_Curve25519 +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Curve25519_NULL +#define com_wolfssl_wolfcrypt_Curve25519_NULL 0LL +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_init + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1init + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_free + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1free + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_make_key + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;I)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1make_1key + (JNIEnv *, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_make_key_ex + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;II)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1make_1key_1ex + (JNIEnv *, jobject, jobject, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_check_key + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1check_1key + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_make_shared_secret + * Signature: (Lcom/wolfssl/wolfcrypt/Curve25519;)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1make_1shared_1secret + (JNIEnv *, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_import_private + * Signature: ([B[B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1import_1private + (JNIEnv *, jobject, jbyteArray, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_import_private_only + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1import_1private_1only + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_import_public + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1import_1public + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_export_private + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1export_1private + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Curve25519 + * Method: wc_curve25519_export_public + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1export_1public + (JNIEnv *, jobject); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Des3.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Des3.h new file mode 100644 index 0000000..e006b1f --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Des3.h @@ -0,0 +1,55 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Des3 */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Des3 +#define _Included_com_wolfssl_wolfcrypt_Des3 +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Des3_NULL +#define com_wolfssl_wolfcrypt_Des3_NULL 0LL +#undef com_wolfssl_wolfcrypt_Des3_KEY_SIZE +#define com_wolfssl_wolfcrypt_Des3_KEY_SIZE 24L +#undef com_wolfssl_wolfcrypt_Des3_BLOCK_SIZE +#define com_wolfssl_wolfcrypt_Des3_BLOCK_SIZE 8L +#undef com_wolfssl_wolfcrypt_Des3_ENCRYPT_MODE +#define com_wolfssl_wolfcrypt_Des3_ENCRYPT_MODE 0L +#undef com_wolfssl_wolfcrypt_Des3_DECRYPT_MODE +#define com_wolfssl_wolfcrypt_Des3_DECRYPT_MODE 1L +/* + * Class: com_wolfssl_wolfcrypt_Des3 + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Des3_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Des3 + * Method: native_set_key + * Signature: ([B[BI)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Des3_native_1set_1key + (JNIEnv *, jobject, jbyteArray, jbyteArray, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Des3 + * Method: native_update + * Signature: (I[BII[BI)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Des3_native_1update__I_3BII_3BI + (JNIEnv *, jobject, jint, jbyteArray, jint, jint, jbyteArray, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Des3 + * Method: native_update + * Signature: (ILjava/nio/ByteBuffer;IILjava/nio/ByteBuffer;I)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Des3_native_1update__ILjava_nio_ByteBuffer_2IILjava_nio_ByteBuffer_2I + (JNIEnv *, jobject, jint, jobject, jint, jint, jobject, jint); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Dh.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Dh.h new file mode 100644 index 0000000..a6d4ce8 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Dh.h @@ -0,0 +1,63 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Dh */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Dh +#define _Included_com_wolfssl_wolfcrypt_Dh +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Dh_NULL +#define com_wolfssl_wolfcrypt_Dh_NULL 0LL +/* + * Class: com_wolfssl_wolfcrypt_Dh + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Dh_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Dh + * Method: wc_InitDhKey + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Dh_wc_1InitDhKey + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Dh + * Method: wc_FreeDhKey + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Dh_wc_1FreeDhKey + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Dh + * Method: wc_DhSetKey + * Signature: ([B[B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Dh_wc_1DhSetKey + (JNIEnv *, jobject, jbyteArray, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Dh + * Method: wc_DhGenerateKeyPair + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;I)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Dh_wc_1DhGenerateKeyPair + (JNIEnv *, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Dh + * Method: wc_DhAgree + * Signature: ([B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Dh_wc_1DhAgree + (JNIEnv *, jobject, jbyteArray, jbyteArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Ecc.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Ecc.h new file mode 100644 index 0000000..709b93f --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Ecc.h @@ -0,0 +1,183 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Ecc */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Ecc +#define _Included_com_wolfssl_wolfcrypt_Ecc +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Ecc_NULL +#define com_wolfssl_wolfcrypt_Ecc_NULL 0LL +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Ecc_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_init + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1init + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_free + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1free + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_make_key + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;I)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1make_1key + (JNIEnv *, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_make_key_ex + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;ILjava/lang/String;)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1make_1key_1ex + (JNIEnv *, jobject, jobject, jint, jstring); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_check_key + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1check_1key + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_shared_secret + * Signature: (Lcom/wolfssl/wolfcrypt/Ecc;)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1shared_1secret + (JNIEnv *, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_import_private + * Signature: ([B[BLjava/lang/String;)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1import_1private + (JNIEnv *, jobject, jbyteArray, jbyteArray, jstring); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_export_private + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1export_1private + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_import_x963 + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1import_1x963 + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_export_x963 + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1export_1x963 + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_EccPrivateKeyDecode + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1EccPrivateKeyDecode + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_EccKeyToDer + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1EccKeyToDer + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_EccPublicKeyDecode + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1EccPublicKeyDecode + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_EccPublicKeyToDer + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1EccPublicKeyToDer + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_sign_hash + * Signature: ([BLcom/wolfssl/wolfcrypt/Rng;)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1sign_1hash + (JNIEnv *, jobject, jbyteArray, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_verify_hash + * Signature: ([B[B)Z + */ +JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1verify_1hash + (JNIEnv *, jobject, jbyteArray, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_get_curve_size_from_name + * Signature: (Ljava/lang/String;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1get_1curve_1size_1from_1name + (JNIEnv *, jclass, jstring); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_private_key_to_pkcs8 + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1private_1key_1to_1pkcs8 + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_get_curve_name_from_id + * Signature: (I)Ljava/lang/String; + */ +JNIEXPORT jstring JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1get_1curve_1name_1from_1id + (JNIEnv *, jclass, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Ecc + * Method: wc_ecc_get_curve_id_from_params + * Signature: (I[B[B[B[B[B[BI)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1get_1curve_1id_1from_1params + (JNIEnv *, jclass, jint, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jint); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Ed25519.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Ed25519.h new file mode 100644 index 0000000..4d5d293 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Ed25519.h @@ -0,0 +1,119 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Ed25519 */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Ed25519 +#define _Included_com_wolfssl_wolfcrypt_Ed25519 +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Ed25519_NULL +#define com_wolfssl_wolfcrypt_Ed25519_NULL 0LL +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_init + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1init + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_free + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1free + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_make_key + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;I)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1make_1key + (JNIEnv *, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_check_key + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1check_1key + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_import_private + * Signature: ([B[B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1import_1private + (JNIEnv *, jobject, jbyteArray, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_import_private_only + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1import_1private_1only + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_import_public + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1import_1public + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_sign_msg + * Signature: ([B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1sign_1msg + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_verify_msg + * Signature: ([B[B)Z + */ +JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1verify_1msg + (JNIEnv *, jobject, jbyteArray, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_export_private + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1export_1private + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_export_private_only + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1export_1private_1only + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Ed25519 + * Method: wc_ed25519_export_public + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1export_1public + (JNIEnv *, jobject); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Fips.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Fips.h new file mode 100644 index 0000000..67bad9c --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Fips.h @@ -0,0 +1,821 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Fips */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Fips +#define _Included_com_wolfssl_wolfcrypt_Fips +#ifdef __cplusplus +extern "C" { +#endif +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: wolfCrypt_SetCb_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Fips/ErrorCallback;)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Fips_wolfCrypt_1SetCb_1fips + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: wolfCrypt_GetCoreHash_fips + * Signature: ()Ljava/lang/String; + */ +JNIEXPORT jstring JNICALL Java_com_wolfssl_wolfcrypt_Fips_wolfCrypt_1GetCoreHash_1fips + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: enabled + * Signature: ()Z + */ +JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_Fips_enabled + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: getFipsVersion + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_getFipsVersion + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesSetKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;I)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesSetKey_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2I + (JNIEnv *, jclass, jobject, jobject, jlong, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesSetKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;[BJ[BI)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesSetKey_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3BJ_3BI + (JNIEnv *, jclass, jobject, jbyteArray, jlong, jbyteArray, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesSetIV_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesSetIV_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2 + (JNIEnv *, jclass, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesSetIV_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;[B)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesSetIV_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B + (JNIEnv *, jclass, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesCbcEncrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesCbcEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesCbcEncrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;[B[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesCbcEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesCbcDecrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesCbcDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesCbcDecrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;[B[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesCbcDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesGcmSetKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmSetKey_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesGcmSetKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmSetKey_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesGcmEncrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLjava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jobject, jlong, jobject, jlong, jobject, jlong, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesGcmEncrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;[B[BJ[BJ[BJ[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B_3BJ_3BJ_3BJ_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jbyteArray, jlong, jbyteArray, jlong, jbyteArray, jlong, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesGcmDecrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLjava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jobject, jlong, jobject, jlong, jobject, jlong, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: AesGcmDecrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Aes;[B[BJ[BJ[BJ[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B_3BJ_3BJ_3BJ_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jbyteArray, jlong, jbyteArray, jlong, jbyteArray, jlong, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Des3_SetKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Des3;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;I)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1SetKey_1fips__Lcom_wolfssl_wolfcrypt_Des3_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2I + (JNIEnv *, jclass, jobject, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Des3_SetKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Des3;[B[BI)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1SetKey_1fips__Lcom_wolfssl_wolfcrypt_Des3_2_3B_3BI + (JNIEnv *, jclass, jobject, jbyteArray, jbyteArray, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Des3_SetIV_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Des3;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1SetIV_1fips__Lcom_wolfssl_wolfcrypt_Des3_2Ljava_nio_ByteBuffer_2 + (JNIEnv *, jclass, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Des3_SetIV_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Des3;[B)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1SetIV_1fips__Lcom_wolfssl_wolfcrypt_Des3_2_3B + (JNIEnv *, jclass, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Des3_CbcEncrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Des3;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1CbcEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Des3_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Des3_CbcEncrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Des3;[B[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1CbcEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Des3_2_3B_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Des3_CbcDecrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Des3;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1CbcDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Des3_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Des3_CbcDecrypt_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Des3;[B[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1CbcDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Des3_2_3B_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: HmacSetKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Hmac;ILjava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacSetKey_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2ILjava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jint, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: HmacSetKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Hmac;I[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacSetKey_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2I_3BJ + (JNIEnv *, jclass, jobject, jint, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: HmacUpdate_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Hmac;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacUpdate_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: HmacUpdate_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Hmac;[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacUpdate_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: HmacFinal_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Hmac;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacFinal_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2Ljava_nio_ByteBuffer_2 + (JNIEnv *, jclass, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: HmacFinal_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Hmac;[B)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacFinal_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2_3B + (JNIEnv *, jclass, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: InitRng_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitRng_1fips + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: FreeRng_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_FreeRng_1fips + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RNG_GenerateBlock_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RNG_1GenerateBlock_1fips__Lcom_wolfssl_wolfcrypt_Rng_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RNG_GenerateBlock_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RNG_1GenerateBlock_1fips__Lcom_wolfssl_wolfcrypt_Rng_2_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RNG_HealthTest_fips + * Signature: (ILjava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLjava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RNG_1HealthTest_1fips__ILjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jint, jobject, jlong, jobject, jlong, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RNG_HealthTest_fips + * Signature: (I[BJ[BJ[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RNG_1HealthTest_1fips__I_3BJ_3BJ_3BJ + (JNIEnv *, jclass, jint, jbyteArray, jlong, jbyteArray, jlong, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: InitRsaKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Rsa;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitRsaKey_1fips + (JNIEnv *, jclass, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: FreeRsaKey_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Rsa;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_FreeRsaKey_1fips + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaSSL_Sign_fips + * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLcom/wolfssl/wolfcrypt/Rsa;Lcom/wolfssl/wolfcrypt/Rng;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaSSL_1Sign_1fips__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Rsa_2Lcom_wolfssl_wolfcrypt_Rng_2 + (JNIEnv *, jclass, jobject, jlong, jobject, jlong, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaSSL_Sign_fips + * Signature: ([BJ[BJLcom/wolfssl/wolfcrypt/Rsa;Lcom/wolfssl/wolfcrypt/Rng;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaSSL_1Sign_1fips___3BJ_3BJLcom_wolfssl_wolfcrypt_Rsa_2Lcom_wolfssl_wolfcrypt_Rng_2 + (JNIEnv *, jclass, jbyteArray, jlong, jbyteArray, jlong, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaSSL_Verify_fips + * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLcom/wolfssl/wolfcrypt/Rsa;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaSSL_1Verify_1fips__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Rsa_2 + (JNIEnv *, jclass, jobject, jlong, jobject, jlong, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaSSL_Verify_fips + * Signature: ([BJ[BJLcom/wolfssl/wolfcrypt/Rsa;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaSSL_1Verify_1fips___3BJ_3BJLcom_wolfssl_wolfcrypt_Rsa_2 + (JNIEnv *, jclass, jbyteArray, jlong, jbyteArray, jlong, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaEncryptSize_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Rsa;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaEncryptSize_1fips + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaPrivateKeyDecode_fips + * Signature: (Ljava/nio/ByteBuffer;[JLcom/wolfssl/wolfcrypt/Rsa;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPrivateKeyDecode_1fips__Ljava_nio_ByteBuffer_2_3JLcom_wolfssl_wolfcrypt_Rsa_2J + (JNIEnv *, jclass, jobject, jlongArray, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaPrivateKeyDecode_fips + * Signature: ([B[JLcom/wolfssl/wolfcrypt/Rsa;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPrivateKeyDecode_1fips___3B_3JLcom_wolfssl_wolfcrypt_Rsa_2J + (JNIEnv *, jclass, jbyteArray, jlongArray, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaPublicKeyDecode_fips + * Signature: (Ljava/nio/ByteBuffer;[JLcom/wolfssl/wolfcrypt/Rsa;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPublicKeyDecode_1fips__Ljava_nio_ByteBuffer_2_3JLcom_wolfssl_wolfcrypt_Rsa_2J + (JNIEnv *, jclass, jobject, jlongArray, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaPublicKeyDecode_fips + * Signature: ([B[JLcom/wolfssl/wolfcrypt/Rsa;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPublicKeyDecode_1fips___3B_3JLcom_wolfssl_wolfcrypt_Rsa_2J + (JNIEnv *, jclass, jbyteArray, jlongArray, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: InitSha_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitSha_1fips + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ShaUpdate_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ShaUpdate_1fips__Lcom_wolfssl_wolfcrypt_Sha_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ShaUpdate_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha;[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ShaUpdate_1fips__Lcom_wolfssl_wolfcrypt_Sha_2_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ShaFinal_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ShaFinal_1fips__Lcom_wolfssl_wolfcrypt_Sha_2Ljava_nio_ByteBuffer_2 + (JNIEnv *, jclass, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ShaFinal_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha;[B)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ShaFinal_1fips__Lcom_wolfssl_wolfcrypt_Sha_2_3B + (JNIEnv *, jclass, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: InitSha256_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha256;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitSha256_1fips + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha256Update_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha256;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha256Update_1fips__Lcom_wolfssl_wolfcrypt_Sha256_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha256Update_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha256;[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha256Update_1fips__Lcom_wolfssl_wolfcrypt_Sha256_2_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha256Final_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha256;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha256Final_1fips__Lcom_wolfssl_wolfcrypt_Sha256_2Ljava_nio_ByteBuffer_2 + (JNIEnv *, jclass, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha256Final_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha256;[B)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha256Final_1fips__Lcom_wolfssl_wolfcrypt_Sha256_2_3B + (JNIEnv *, jclass, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: InitSha384_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha384;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitSha384_1fips + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha384Update_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha384;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha384Update_1fips__Lcom_wolfssl_wolfcrypt_Sha384_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha384Update_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha384;[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha384Update_1fips__Lcom_wolfssl_wolfcrypt_Sha384_2_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha384Final_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha384;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha384Final_1fips__Lcom_wolfssl_wolfcrypt_Sha384_2Ljava_nio_ByteBuffer_2 + (JNIEnv *, jclass, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha384Final_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha384;[B)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha384Final_1fips__Lcom_wolfssl_wolfcrypt_Sha384_2_3B + (JNIEnv *, jclass, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: InitSha512_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha512;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitSha512_1fips + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha512Update_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha512;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha512Update_1fips__Lcom_wolfssl_wolfcrypt_Sha512_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha512Update_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha512;[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha512Update_1fips__Lcom_wolfssl_wolfcrypt_Sha512_2_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha512Final_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha512;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha512Final_1fips__Lcom_wolfssl_wolfcrypt_Sha512_2Ljava_nio_ByteBuffer_2 + (JNIEnv *, jclass, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Sha512Final_fips + * Signature: (Lcom/wolfssl/wolfcrypt/Sha512;[B)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha512Final_1fips__Lcom_wolfssl_wolfcrypt_Sha512_2_3B + (JNIEnv *, jclass, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: wolfCrypt_GetStatus_fips + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_wolfCrypt_1GetStatus_1fips + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: wolfCrypt_SetStatus_fips + * Signature: (I)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_wolfCrypt_1SetStatus_1fips + (JNIEnv *, jclass, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaPublicEncrypt_fips + * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLcom/wolfssl/wolfcrypt/Rsa;Lcom/wolfssl/wolfcrypt/Rng;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPublicEncrypt_1fips__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Rsa_2Lcom_wolfssl_wolfcrypt_Rng_2 + (JNIEnv *, jclass, jobject, jlong, jobject, jlong, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaPublicEncrypt_fips + * Signature: ([BJ[BJLcom/wolfssl/wolfcrypt/Rsa;Lcom/wolfssl/wolfcrypt/Rng;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPublicEncrypt_1fips___3BJ_3BJLcom_wolfssl_wolfcrypt_Rsa_2Lcom_wolfssl_wolfcrypt_Rng_2 + (JNIEnv *, jclass, jbyteArray, jlong, jbyteArray, jlong, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaPrivateDecrypt_fips + * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;JLcom/wolfssl/wolfcrypt/Rsa;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPrivateDecrypt_1fips__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Rsa_2 + (JNIEnv *, jclass, jobject, jlong, jobject, jlong, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: RsaPrivateDecrypt_fips + * Signature: ([BJ[BJLcom/wolfssl/wolfcrypt/Rsa;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPrivateDecrypt_1fips___3BJ_3BJLcom_wolfssl_wolfcrypt_Rsa_2 + (JNIEnv *, jclass, jbyteArray, jlong, jbyteArray, jlong, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: InitMd5 + * Signature: (Lcom/wolfssl/wolfcrypt/Md5;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitMd5 + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Md5Update + * Signature: (Lcom/wolfssl/wolfcrypt/Md5;Ljava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Md5Update__Lcom_wolfssl_wolfcrypt_Md5_2Ljava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Md5Update + * Signature: (Lcom/wolfssl/wolfcrypt/Md5;[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Md5Update__Lcom_wolfssl_wolfcrypt_Md5_2_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Md5Final + * Signature: (Lcom/wolfssl/wolfcrypt/Md5;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Md5Final__Lcom_wolfssl_wolfcrypt_Md5_2Ljava_nio_ByteBuffer_2 + (JNIEnv *, jclass, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: Md5Final + * Signature: (Lcom/wolfssl/wolfcrypt/Md5;[B)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Md5Final__Lcom_wolfssl_wolfcrypt_Md5_2_3B + (JNIEnv *, jclass, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: InitDhKey + * Signature: (Lcom/wolfssl/wolfcrypt/Dh;)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitDhKey + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: FreeDhKey + * Signature: (Lcom/wolfssl/wolfcrypt/Dh;)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Fips_FreeDhKey + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhGenerateKeyPair + * Signature: (Lcom/wolfssl/wolfcrypt/Dh;Lcom/wolfssl/wolfcrypt/Rng;Ljava/nio/ByteBuffer;[JLjava/nio/ByteBuffer;[J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhGenerateKeyPair__Lcom_wolfssl_wolfcrypt_Dh_2Lcom_wolfssl_wolfcrypt_Rng_2Ljava_nio_ByteBuffer_2_3JLjava_nio_ByteBuffer_2_3J + (JNIEnv *, jclass, jobject, jobject, jobject, jlongArray, jobject, jlongArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhGenerateKeyPair + * Signature: (Lcom/wolfssl/wolfcrypt/Dh;Lcom/wolfssl/wolfcrypt/Rng;[B[J[B[J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhGenerateKeyPair__Lcom_wolfssl_wolfcrypt_Dh_2Lcom_wolfssl_wolfcrypt_Rng_2_3B_3J_3B_3J + (JNIEnv *, jclass, jobject, jobject, jbyteArray, jlongArray, jbyteArray, jlongArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhAgree + * Signature: (Lcom/wolfssl/wolfcrypt/Dh;Ljava/nio/ByteBuffer;[JLjava/nio/ByteBuffer;JLjava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhAgree__Lcom_wolfssl_wolfcrypt_Dh_2Ljava_nio_ByteBuffer_2_3JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlongArray, jobject, jlong, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhAgree + * Signature: (Lcom/wolfssl/wolfcrypt/Dh;[B[J[BJ[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhAgree__Lcom_wolfssl_wolfcrypt_Dh_2_3B_3J_3BJ_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlongArray, jbyteArray, jlong, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhKeyDecode + * Signature: (Ljava/nio/ByteBuffer;[JLcom/wolfssl/wolfcrypt/Dh;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhKeyDecode__Ljava_nio_ByteBuffer_2_3JLcom_wolfssl_wolfcrypt_Dh_2J + (JNIEnv *, jclass, jobject, jlongArray, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhKeyDecode + * Signature: ([B[JLcom/wolfssl/wolfcrypt/Dh;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhKeyDecode___3B_3JLcom_wolfssl_wolfcrypt_Dh_2J + (JNIEnv *, jclass, jbyteArray, jlongArray, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhSetKey + * Signature: (Lcom/wolfssl/wolfcrypt/Dh;Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhSetKey__Lcom_wolfssl_wolfcrypt_Dh_2Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J + (JNIEnv *, jclass, jobject, jobject, jlong, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhSetKey + * Signature: (Lcom/wolfssl/wolfcrypt/Dh;[BJ[BJ)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhSetKey__Lcom_wolfssl_wolfcrypt_Dh_2_3BJ_3BJ + (JNIEnv *, jclass, jobject, jbyteArray, jlong, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhParamsLoad + * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;[JLjava/nio/ByteBuffer;[J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhParamsLoad__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2_3JLjava_nio_ByteBuffer_2_3J + (JNIEnv *, jclass, jobject, jlong, jobject, jlongArray, jobject, jlongArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: DhParamsLoad + * Signature: ([BJ[B[J[B[J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhParamsLoad___3BJ_3B_3J_3B_3J + (JNIEnv *, jclass, jbyteArray, jlong, jbyteArray, jlongArray, jbyteArray, jlongArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ecc_init + * Signature: (Lcom/wolfssl/wolfcrypt/Ecc;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1init + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ecc_free + * Signature: (Lcom/wolfssl/wolfcrypt/Ecc;)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1free + (JNIEnv *, jclass, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ecc_make_key + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;ILcom/wolfssl/wolfcrypt/Ecc;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1make_1key + (JNIEnv *, jclass, jobject, jint, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ecc_shared_secret + * Signature: (Lcom/wolfssl/wolfcrypt/Ecc;Lcom/wolfssl/wolfcrypt/Ecc;Ljava/nio/ByteBuffer;[J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1shared_1secret__Lcom_wolfssl_wolfcrypt_Ecc_2Lcom_wolfssl_wolfcrypt_Ecc_2Ljava_nio_ByteBuffer_2_3J + (JNIEnv *, jclass, jobject, jobject, jobject, jlongArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ecc_shared_secret + * Signature: (Lcom/wolfssl/wolfcrypt/Ecc;Lcom/wolfssl/wolfcrypt/Ecc;[B[J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1shared_1secret__Lcom_wolfssl_wolfcrypt_Ecc_2Lcom_wolfssl_wolfcrypt_Ecc_2_3B_3J + (JNIEnv *, jclass, jobject, jobject, jbyteArray, jlongArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ecc_import_x963 + * Signature: (Ljava/nio/ByteBuffer;JLcom/wolfssl/wolfcrypt/Ecc;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1import_1x963__Ljava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Ecc_2 + (JNIEnv *, jclass, jobject, jlong, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ecc_import_x963 + * Signature: ([BJLcom/wolfssl/wolfcrypt/Ecc;)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1import_1x963___3BJLcom_wolfssl_wolfcrypt_Ecc_2 + (JNIEnv *, jclass, jbyteArray, jlong, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ecc_export_x963 + * Signature: (Lcom/wolfssl/wolfcrypt/Ecc;Ljava/nio/ByteBuffer;[J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1export_1x963__Lcom_wolfssl_wolfcrypt_Ecc_2Ljava_nio_ByteBuffer_2_3J + (JNIEnv *, jclass, jobject, jobject, jlongArray); + +/* + * Class: com_wolfssl_wolfcrypt_Fips + * Method: ecc_export_x963 + * Signature: (Lcom/wolfssl/wolfcrypt/Ecc;[B[J)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1export_1x963__Lcom_wolfssl_wolfcrypt_Ecc_2_3B_3J + (JNIEnv *, jclass, jobject, jbyteArray, jlongArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Fips_ErrorCallback.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Fips_ErrorCallback.h new file mode 100644 index 0000000..f81ae8a --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Fips_ErrorCallback.h @@ -0,0 +1,13 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Fips_ErrorCallback */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Fips_ErrorCallback +#define _Included_com_wolfssl_wolfcrypt_Fips_ErrorCallback +#ifdef __cplusplus +extern "C" { +#endif +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Hmac.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Hmac.h new file mode 100644 index 0000000..f2e4460 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Hmac.h @@ -0,0 +1,119 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Hmac */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Hmac +#define _Included_com_wolfssl_wolfcrypt_Hmac +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Hmac_NULL +#define com_wolfssl_wolfcrypt_Hmac_NULL 0LL +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: wc_HmacSetKey + * Signature: (I[B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacSetKey + (JNIEnv *, jobject, jint, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: wc_HmacUpdate + * Signature: (B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacUpdate__B + (JNIEnv *, jobject, jbyte); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: wc_HmacUpdate + * Signature: ([BII)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacUpdate___3BII + (JNIEnv *, jobject, jbyteArray, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: wc_HmacUpdate + * Signature: (Ljava/nio/ByteBuffer;II)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacUpdate__Ljava_nio_ByteBuffer_2II + (JNIEnv *, jobject, jobject, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: wc_HmacFinal + * Signature: ()[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacFinal + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: wc_HmacSizeByType + * Signature: (I)I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacSizeByType + (JNIEnv *, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: getCodeMd5 + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Hmac_getCodeMd5 + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: getCodeSha + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Hmac_getCodeSha + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: getCodeSha256 + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Hmac_getCodeSha256 + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: getCodeSha384 + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Hmac_getCodeSha384 + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: getCodeSha512 + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Hmac_getCodeSha512 + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: getCodeBlake2b + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Hmac_getCodeBlake2b + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Hmac + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Hmac_mallocNativeStruct + (JNIEnv *, jobject); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Logging.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Logging.h new file mode 100644 index 0000000..96b390e --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Logging.h @@ -0,0 +1,29 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Logging */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Logging +#define _Included_com_wolfssl_wolfcrypt_Logging +#ifdef __cplusplus +extern "C" { +#endif +/* + * Class: com_wolfssl_wolfcrypt_Logging + * Method: wolfSSL_Debugging_ON + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Logging_wolfSSL_1Debugging_1ON + (JNIEnv *, jclass); + +/* + * Class: com_wolfssl_wolfcrypt_Logging + * Method: wolfSSL_Debugging_OFF + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Logging_wolfSSL_1Debugging_1OFF + (JNIEnv *, jclass); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Md5.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Md5.h new file mode 100644 index 0000000..4410124 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Md5.h @@ -0,0 +1,67 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Md5 */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Md5 +#define _Included_com_wolfssl_wolfcrypt_Md5 +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Md5_NULL +#define com_wolfssl_wolfcrypt_Md5_NULL 0LL +#undef com_wolfssl_wolfcrypt_Md5_TYPE +#define com_wolfssl_wolfcrypt_Md5_TYPE 0L +#undef com_wolfssl_wolfcrypt_Md5_DIGEST_SIZE +#define com_wolfssl_wolfcrypt_Md5_DIGEST_SIZE 16L +/* + * Class: com_wolfssl_wolfcrypt_Md5 + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Md5_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Md5 + * Method: native_init + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Md5_native_1init + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Md5 + * Method: native_update + * Signature: (Ljava/nio/ByteBuffer;II)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Md5_native_1update__Ljava_nio_ByteBuffer_2II + (JNIEnv *, jobject, jobject, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Md5 + * Method: native_update + * Signature: ([BII)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Md5_native_1update___3BII + (JNIEnv *, jobject, jbyteArray, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Md5 + * Method: native_final + * Signature: (Ljava/nio/ByteBuffer;I)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Md5_native_1final__Ljava_nio_ByteBuffer_2I + (JNIEnv *, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Md5 + * Method: native_final + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Md5_native_1final___3B + (JNIEnv *, jobject, jbyteArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_NativeStruct.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_NativeStruct.h new file mode 100644 index 0000000..9681005 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_NativeStruct.h @@ -0,0 +1,23 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_NativeStruct */ + +#ifndef _Included_com_wolfssl_wolfcrypt_NativeStruct +#define _Included_com_wolfssl_wolfcrypt_NativeStruct +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_NativeStruct_NULL +#define com_wolfssl_wolfcrypt_NativeStruct_NULL 0LL +/* + * Class: com_wolfssl_wolfcrypt_NativeStruct + * Method: xfree + * Signature: (J)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_NativeStruct_xfree + (JNIEnv *, jobject, jlong); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Rng.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Rng.h new file mode 100644 index 0000000..b707f51 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Rng.h @@ -0,0 +1,55 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Rng */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Rng +#define _Included_com_wolfssl_wolfcrypt_Rng +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Rng_NULL +#define com_wolfssl_wolfcrypt_Rng_NULL 0LL +/* + * Class: com_wolfssl_wolfcrypt_Rng + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Rng_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rng + * Method: initRng + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rng_initRng + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rng + * Method: freeRng + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rng_freeRng + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rng + * Method: rngGenerateBlock + * Signature: (Ljava/nio/ByteBuffer;II)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rng_rngGenerateBlock__Ljava_nio_ByteBuffer_2II + (JNIEnv *, jobject, jobject, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Rng + * Method: rngGenerateBlock + * Signature: ([BII)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rng_rngGenerateBlock___3BII + (JNIEnv *, jobject, jbyteArray, jint, jint); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Rsa.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Rsa.h new file mode 100644 index 0000000..dce6a68 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Rsa.h @@ -0,0 +1,151 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Rsa */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Rsa +#define _Included_com_wolfssl_wolfcrypt_Rsa +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Rsa_NULL +#define com_wolfssl_wolfcrypt_Rsa_NULL 0LL +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Rsa_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaPublicKeyDecodeRaw + * Signature: (Ljava/nio/ByteBuffer;JLjava/nio/ByteBuffer;J)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPublicKeyDecodeRaw__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J + (JNIEnv *, jobject, jobject, jlong, jobject, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaPublicKeyDecodeRaw + * Signature: ([BJ[BJ)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPublicKeyDecodeRaw___3BJ_3BJ + (JNIEnv *, jobject, jbyteArray, jlong, jbyteArray, jlong); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: RsaFlattenPublicKey + * Signature: (Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_RsaFlattenPublicKey__Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2 + (JNIEnv *, jobject, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: RsaFlattenPublicKey + * Signature: ([B[J[B[J)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_RsaFlattenPublicKey___3B_3J_3B_3J + (JNIEnv *, jobject, jbyteArray, jlongArray, jbyteArray, jlongArray); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: MakeRsaKey + * Signature: (IJLcom/wolfssl/wolfcrypt/Rng;)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_MakeRsaKey + (JNIEnv *, jobject, jint, jlong, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_InitRsaKey + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1InitRsaKey + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_FreeRsaKey + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1FreeRsaKey + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaSetRNG + * Signature: (Lcom/wolfssl/wolfcrypt/Rng;)Z + */ +JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaSetRNG + (JNIEnv *, jobject, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaPrivateKeyDecode + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPrivateKeyDecode + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaPrivateKeyDecodePKCS8 + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPrivateKeyDecodePKCS8 + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaPublicKeyDecode + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPublicKeyDecode + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaEncryptSize + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaEncryptSize + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaPublicEncrypt + * Signature: ([BLcom/wolfssl/wolfcrypt/Rng;)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPublicEncrypt + (JNIEnv *, jobject, jbyteArray, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaPrivateDecrypt + * Signature: ([B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPrivateDecrypt + (JNIEnv *, jobject, jbyteArray); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaSSL_Sign + * Signature: ([BLcom/wolfssl/wolfcrypt/Rng;)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaSSL_1Sign + (JNIEnv *, jobject, jbyteArray, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Rsa + * Method: wc_RsaSSL_Verify + * Signature: ([B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaSSL_1Verify + (JNIEnv *, jobject, jbyteArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha.h new file mode 100644 index 0000000..4c934c6 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha.h @@ -0,0 +1,67 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Sha */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Sha +#define _Included_com_wolfssl_wolfcrypt_Sha +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Sha_NULL +#define com_wolfssl_wolfcrypt_Sha_NULL 0LL +#undef com_wolfssl_wolfcrypt_Sha_TYPE +#define com_wolfssl_wolfcrypt_Sha_TYPE 1L +#undef com_wolfssl_wolfcrypt_Sha_DIGEST_SIZE +#define com_wolfssl_wolfcrypt_Sha_DIGEST_SIZE 20L +/* + * Class: com_wolfssl_wolfcrypt_Sha + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Sha_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Sha + * Method: native_init + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha_native_1init + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Sha + * Method: native_update + * Signature: (Ljava/nio/ByteBuffer;II)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha_native_1update__Ljava_nio_ByteBuffer_2II + (JNIEnv *, jobject, jobject, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha + * Method: native_update + * Signature: ([BII)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha_native_1update___3BII + (JNIEnv *, jobject, jbyteArray, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha + * Method: native_final + * Signature: (Ljava/nio/ByteBuffer;I)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha_native_1final__Ljava_nio_ByteBuffer_2I + (JNIEnv *, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha + * Method: native_final + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha_native_1final___3B + (JNIEnv *, jobject, jbyteArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha256.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha256.h new file mode 100644 index 0000000..04f0545 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha256.h @@ -0,0 +1,67 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Sha256 */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Sha256 +#define _Included_com_wolfssl_wolfcrypt_Sha256 +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Sha256_NULL +#define com_wolfssl_wolfcrypt_Sha256_NULL 0LL +#undef com_wolfssl_wolfcrypt_Sha256_TYPE +#define com_wolfssl_wolfcrypt_Sha256_TYPE 2L +#undef com_wolfssl_wolfcrypt_Sha256_DIGEST_SIZE +#define com_wolfssl_wolfcrypt_Sha256_DIGEST_SIZE 32L +/* + * Class: com_wolfssl_wolfcrypt_Sha256 + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Sha256_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Sha256 + * Method: native_init + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha256_native_1init + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Sha256 + * Method: native_update + * Signature: (Ljava/nio/ByteBuffer;II)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha256_native_1update__Ljava_nio_ByteBuffer_2II + (JNIEnv *, jobject, jobject, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha256 + * Method: native_update + * Signature: ([BII)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha256_native_1update___3BII + (JNIEnv *, jobject, jbyteArray, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha256 + * Method: native_final + * Signature: (Ljava/nio/ByteBuffer;I)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha256_native_1final__Ljava_nio_ByteBuffer_2I + (JNIEnv *, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha256 + * Method: native_final + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha256_native_1final___3B + (JNIEnv *, jobject, jbyteArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha384.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha384.h new file mode 100644 index 0000000..e3590ad --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha384.h @@ -0,0 +1,67 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Sha384 */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Sha384 +#define _Included_com_wolfssl_wolfcrypt_Sha384 +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Sha384_NULL +#define com_wolfssl_wolfcrypt_Sha384_NULL 0LL +#undef com_wolfssl_wolfcrypt_Sha384_TYPE +#define com_wolfssl_wolfcrypt_Sha384_TYPE 5L +#undef com_wolfssl_wolfcrypt_Sha384_DIGEST_SIZE +#define com_wolfssl_wolfcrypt_Sha384_DIGEST_SIZE 48L +/* + * Class: com_wolfssl_wolfcrypt_Sha384 + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Sha384_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Sha384 + * Method: native_init + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha384_native_1init + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Sha384 + * Method: native_update + * Signature: (Ljava/nio/ByteBuffer;II)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha384_native_1update__Ljava_nio_ByteBuffer_2II + (JNIEnv *, jobject, jobject, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha384 + * Method: native_update + * Signature: ([BII)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha384_native_1update___3BII + (JNIEnv *, jobject, jbyteArray, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha384 + * Method: native_final + * Signature: (Ljava/nio/ByteBuffer;I)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha384_native_1final__Ljava_nio_ByteBuffer_2I + (JNIEnv *, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha384 + * Method: native_final + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha384_native_1final___3B + (JNIEnv *, jobject, jbyteArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha512.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha512.h new file mode 100644 index 0000000..31d1ec0 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_Sha512.h @@ -0,0 +1,67 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_Sha512 */ + +#ifndef _Included_com_wolfssl_wolfcrypt_Sha512 +#define _Included_com_wolfssl_wolfcrypt_Sha512 +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_Sha512_NULL +#define com_wolfssl_wolfcrypt_Sha512_NULL 0LL +#undef com_wolfssl_wolfcrypt_Sha512_TYPE +#define com_wolfssl_wolfcrypt_Sha512_TYPE 4L +#undef com_wolfssl_wolfcrypt_Sha512_DIGEST_SIZE +#define com_wolfssl_wolfcrypt_Sha512_DIGEST_SIZE 64L +/* + * Class: com_wolfssl_wolfcrypt_Sha512 + * Method: mallocNativeStruct + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Sha512_mallocNativeStruct + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Sha512 + * Method: native_init + * Signature: ()V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha512_native_1init + (JNIEnv *, jobject); + +/* + * Class: com_wolfssl_wolfcrypt_Sha512 + * Method: native_update + * Signature: (Ljava/nio/ByteBuffer;II)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha512_native_1update__Ljava_nio_ByteBuffer_2II + (JNIEnv *, jobject, jobject, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha512 + * Method: native_update + * Signature: ([BII)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha512_native_1update___3BII + (JNIEnv *, jobject, jbyteArray, jint, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha512 + * Method: native_final + * Signature: (Ljava/nio/ByteBuffer;I)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha512_native_1final__Ljava_nio_ByteBuffer_2I + (JNIEnv *, jobject, jobject, jint); + +/* + * Class: com_wolfssl_wolfcrypt_Sha512 + * Method: native_final + * Signature: ([B)V + */ +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Sha512_native_1final___3B + (JNIEnv *, jobject, jbyteArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_WolfCrypt.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_WolfCrypt.h new file mode 100644 index 0000000..a420e33 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_WolfCrypt.h @@ -0,0 +1,31 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_WolfCrypt */ + +#ifndef _Included_com_wolfssl_wolfcrypt_WolfCrypt +#define _Included_com_wolfssl_wolfcrypt_WolfCrypt +#ifdef __cplusplus +extern "C" { +#endif +#undef com_wolfssl_wolfcrypt_WolfCrypt_SUCCESS +#define com_wolfssl_wolfcrypt_WolfCrypt_SUCCESS 0L +#undef com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_128_BITS +#define com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_128_BITS 16L +#undef com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_160_BITS +#define com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_160_BITS 20L +#undef com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_192_BITS +#define com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_192_BITS 24L +#undef com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_256_BITS +#define com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_256_BITS 32L +#undef com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_384_BITS +#define com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_384_BITS 48L +#undef com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_512_BITS +#define com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_512_BITS 64L +#undef com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_1024_BITS +#define com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_1024_BITS 128L +#undef com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_2048_BITS +#define com_wolfssl_wolfcrypt_WolfCrypt_SIZE_OF_2048_BITS 256L +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_WolfCryptError.h b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_WolfCryptError.h new file mode 100644 index 0000000..365c509 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/com_wolfssl_wolfcrypt_WolfCryptError.h @@ -0,0 +1,21 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_wolfcrypt_WolfCryptError */ + +#ifndef _Included_com_wolfssl_wolfcrypt_WolfCryptError +#define _Included_com_wolfssl_wolfcrypt_WolfCryptError +#ifdef __cplusplus +extern "C" { +#endif +/* + * Class: com_wolfssl_wolfcrypt_WolfCryptError + * Method: wc_GetErrorString + * Signature: (I)Ljava/lang/String; + */ +JNIEXPORT jstring JNICALL Java_com_wolfssl_wolfcrypt_WolfCryptError_wc_1GetErrorString + (JNIEnv *, jclass, jint); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/wolfcrypt_jni_NativeStruct.h b/ccc/src/main/cpp/wolfcrypt/jni/include/wolfcrypt_jni_NativeStruct.h new file mode 100644 index 0000000..3d08635 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/wolfcrypt_jni_NativeStruct.h @@ -0,0 +1,45 @@ +/* wolfcrypt_jni_NativeStruct.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfCrypt. + * + * wolfCrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfCrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ +#include + +#ifndef _Included_wolfcrypt_jni_NativeStruct +#define _Included_wolfcrypt_jni_NativeStruct +#ifdef __cplusplus +extern "C" { +#endif + +void* getNativeStruct(JNIEnv* env, jobject this); + +void setByteArrayMember( + JNIEnv* env, jobject this, const char* name, jobject value); + +byte* getDirectBufferAddress(JNIEnv* env, jobject buffer); +word32 getDirectBufferLimit(JNIEnv* env, jobject buffer); +void setDirectBufferLimit(JNIEnv* env, jobject buffer, jint limit); + +byte* getByteArray(JNIEnv* env, jbyteArray array); +void releaseByteArray(JNIEnv* env, jbyteArray array, byte* elements, jint abort); +word32 getByteArrayLength(JNIEnv* env, jbyteArray array); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/wolfcrypt_jni_debug.h b/ccc/src/main/cpp/wolfcrypt/jni/include/wolfcrypt_jni_debug.h new file mode 100644 index 0000000..2816456 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/wolfcrypt_jni_debug.h @@ -0,0 +1,77 @@ +/* wolfcrypt_jni_debug.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfCrypt. + * + * wolfCrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfCrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef _Included_wolfcrypt_jni_debug +#define _Included_wolfcrypt_jni_debug +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef WOLFCRYPT_JNI_DEBUG_ON + +#define LogStr printf + +static inline void LogHex(byte* data, word32 offset, word32 length) +{ + #define LINE_LEN 16 + + word32 i; + + printf("\t"); + + if (!data) { + printf("NULL\n"); + return; + } + + data += offset; + + for (i = 0; i < LINE_LEN; i++) { + if (i < length) + printf("%02x ", data[i]); + else + printf(" "); + } + + printf("| "); + + for (i = 0; i < LINE_LEN; i++) + if (i < length) + printf("%c", 31 < data[i] && data[i] < 127 ? data[i] : '.'); + + printf("\n"); + + if (length > LINE_LEN) + LogHex(data, LINE_LEN, length - LINE_LEN); +} + +#else + +#define LogStr(...) + +#define LogHex(...) + +#endif + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/include/wolfcrypt_jni_error.h b/ccc/src/main/cpp/wolfcrypt/jni/include/wolfcrypt_jni_error.h new file mode 100644 index 0000000..02c2982 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/include/wolfcrypt_jni_error.h @@ -0,0 +1,47 @@ +/* wolfcrypt_jni_error.h + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfCrypt. + * + * wolfCrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfCrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef _Included_wolfcrypt_jni_error +#define _Included_wolfcrypt_jni_error + +#pragma GCC diagnostic ignored "-Wpointer-to-int-cast" + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +void throwWolfCryptExceptionFromError(JNIEnv* env, int code); + +#define throwWolfCryptException(env, msg) (*env)->ThrowNew(env, \ + (*env)->FindClass(env, "com/wolfssl/wolfcrypt/WolfCryptException"), msg) + +#define throwNotCompiledInException(env) \ + throwWolfCryptExceptionFromError(env, NOT_COMPILED_IN) + +#define throwOutOfMemoryException(env, msg) (*env)->ThrowNew(env, \ + (*env)->FindClass(env, "java/lang/OutOfMemoryError"), msg) + +#ifdef __cplusplus +} +#endif +#endif diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_aes.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_aes.c new file mode 100644 index 0000000..0ccf049 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_aes.c @@ -0,0 +1,217 @@ +/* jni_aes.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Aes_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifndef NO_AES + ret = (jlong) XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Aes object"); + + LogStr("new Aes() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Aes_native_1set_1key( + JNIEnv* env, jobject this, jbyteArray key_object, jbyteArray iv_object, + jint opmode) +{ +#ifndef NO_AES + int ret = 0; + Aes* aes = NULL; + byte* key = NULL; + byte* iv = NULL; + word32 keySz = 0; + + aes = (Aes*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + key = getByteArray(env, key_object); + iv = getByteArray(env, iv_object); + keySz = getByteArrayLength(env, key_object); + + ret = (!aes || !key) /* iv is optional */ + ? BAD_FUNC_ARG + : wc_AesSetKey(aes, key, keySz, iv, opmode); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_AesSetKey(aes=%p, key=%p, iv=%p, opmode) = %d\n", + aes, key, iv, ret); + + releaseByteArray(env, key_object, key, JNI_ABORT); + releaseByteArray(env, iv_object, iv, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Aes_native_1update__I_3BII_3BI( + JNIEnv* env, jobject this, jint opmode, + jbyteArray input_object, jint offset, jint length, + jbyteArray output_object, jint outputOffset) +{ +#ifndef NO_AES + int ret = 0; + Aes* aes = NULL; + byte* input = NULL; + byte* output = NULL; + + aes = (Aes*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return 0; + } + + input = getByteArray(env, input_object); + output = getByteArray(env, output_object); + + if (!aes || !input || !output) { + ret = BAD_FUNC_ARG; /* NULL sanitizers */ + } + else if (offset < 0 || length < 0 || outputOffset < 0) { + ret = BAD_FUNC_ARG; /* signed sanizizers */ + } + else if (offset + length > getByteArrayLength(env, input_object)) { + ret = BUFFER_E; /* buffer overflow check */ + } + else if (outputOffset + length > getByteArrayLength(env, output_object)) { + ret = BUFFER_E; /* buffer overflow check */ + } + else if (opmode == AES_ENCRYPTION) { + ret = wc_AesCbcEncrypt(aes, output+outputOffset, input+offset, length); + LogStr("wc_AesCbcEncrypt(aes=%p, out, in, inSz) = %d\n", aes, ret); + } + else { + ret = wc_AesCbcDecrypt(aes, output+outputOffset, input+offset, length); + LogStr("wc_AesCbcDecrypt(aes=%p, out, in, inSz) = %d\n", aes, ret); + } + + LogStr("input[%u]: [%p]\n", (word32)length, input + offset); + LogHex((byte*) input, offset, length); + LogStr("output[%u]: [%p]\n", (word32)length, output + outputOffset); + LogHex((byte*) output, outputOffset, length); + + releaseByteArray(env, input_object, input, JNI_ABORT); + releaseByteArray(env, output_object, output, ret); + + if (ret != 0) { + throwWolfCryptExceptionFromError(env, ret); + ret = 0; /* 0 bytes stored in output */ + } + else { + ret = length; + } +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Aes_native_1update__ILjava_nio_ByteBuffer_2IILjava_nio_ByteBuffer_2I( + JNIEnv* env, jobject this, jint opmode, + jobject input_object, jint offset, jint length, + jobject output_object, jint outputOffset) +{ + int ret = 0; + +#ifndef NO_AES + Aes* aes = NULL; + byte* input = NULL; + byte* output = NULL; + + aes = (Aes*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return 0; + } + + input = getDirectBufferAddress(env, input_object); + output = getDirectBufferAddress(env, output_object); + + if (!aes || !input || !output) { + ret = BAD_FUNC_ARG; /* NULL sanitizers */ + } + else if (offset < 0 || length < 0) { + ret = BAD_FUNC_ARG; /* signed sanizizers */ + } + else if (offset + length > getDirectBufferLimit(env, input_object)) { + ret = BUFFER_E; /* buffer overflow check */ + } + else if (outputOffset + length > getDirectBufferLimit(env, output_object)) { + ret = BUFFER_E; /* buffer overflow check */ + } + else if (opmode == AES_ENCRYPTION) { + ret = wc_AesCbcEncrypt(aes, output, input + offset, length); + LogStr("wc_AesCbcEncrypt(aes=%p, out, in, inSz) = %d\n", aes, ret); + } + else { + ret = wc_AesCbcDecrypt(aes, output, input + offset, length); + LogStr("wc_AesCbcDecrypt(aes=%p, out, in, inSz) = %d\n", aes, ret); + } + + if (ret != 0) { + throwWolfCryptExceptionFromError(env, ret); + ret = 0; /* 0 bytes stored in output */ + } + else { + ret = length; + } + + LogStr("input[%u]: [%p]\n", (word32)length, input + offset); + LogHex((byte*) input, offset, length); + LogStr("output[%u]: [%p]\n", (word32)length, output); + LogHex((byte*) output, 0, length); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_asn.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_asn.c new file mode 100644 index 0000000..c1dccc5 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_asn.c @@ -0,0 +1,71 @@ +/* jni_asn.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Asn_encodeSignature__Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2JI( + JNIEnv* env, jclass class, jobject encoded_object, jobject hash_object, + jlong hashSize, jint hashOID) +{ + byte* encoded = getDirectBufferAddress(env, encoded_object); + byte* hash = getDirectBufferAddress(env, hash_object); + + if (!encoded || !hash) + throwWolfCryptExceptionFromError(env, BAD_FUNC_ARG); + else + setDirectBufferLimit(env, encoded_object, + wc_EncodeSignature(encoded, hash, hashSize, hashOID)); +} + +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Asn_encodeSignature___3B_3BJI( + JNIEnv* env, jclass class, jbyteArray encoded_object, + jbyteArray hash_object, jlong hashSize, jint hashOID) +{ + byte* encoded = getByteArray(env, encoded_object); + byte* hash = getByteArray(env, hash_object); + jlong ret = 0; + + ret = (!encoded || !hash) + ? BAD_FUNC_ARG + : wc_EncodeSignature(encoded, hash, hashSize, hashOID); + + releaseByteArray(env, encoded_object, encoded, ret < 0); + releaseByteArray(env, hash_object, hash, ret < 0); + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Asn_getCTC_1HashOID( + JNIEnv* env, jclass class, jint type) +{ + return wc_GetCTC_HashOID(type); +} diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_chacha.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_chacha.c new file mode 100644 index 0000000..5650565 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_chacha.c @@ -0,0 +1,222 @@ +/* jni_Chacha.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Chacha_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + void* ret = 0; + +#ifdef HAVE_CHACHA + ret = XMALLOC(sizeof(ChaCha), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (ret == NULL) + throwOutOfMemoryException(env, "Failed to allocate ChaCha object"); + + LogStr("new ChaCha() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return (jlong) ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1init( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_CHACHA + int ret = 0; + ChaCha* chacha = (ChaCha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!chacha) + ? BAD_FUNC_ARG + : 0; + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("Chacha_init(ChaCha=%p) = %d\n", chacha, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1free( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_CHACHA + ChaCha* chacha = (ChaCha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception */ + return; + } + + if (chacha) + XFREE(chacha, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + LogStr("Chacha_free(chacha=%p)\n", chacha); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1setIV + (JNIEnv* env, jobject this, jbyteArray iv_object) +{ +#if defined(HAVE_CHACHA) + int ret = 0; + ChaCha* chacha = NULL; + byte* iv = NULL; + + chacha = (ChaCha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + iv = getByteArray(env, iv_object); + + if (!chacha || !iv) { + ret = BAD_FUNC_ARG; + } else { + ret = wc_Chacha_SetIV(chacha, iv, 0); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Chacha_SetIV(chacha=%p) = %d\n", chacha, ret); + + releaseByteArray(env, iv_object, iv, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1setKey + (JNIEnv* env, jobject this, jbyteArray key_object) +{ +#if defined(HAVE_CHACHA) + int ret = 0; + ChaCha* chacha = NULL; + byte* key = NULL; + word32 keySz = 0; + + chacha = (ChaCha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + key = getByteArray(env, key_object); + keySz = getByteArrayLength(env, key_object); + + if (!chacha || !key) { + ret = BAD_FUNC_ARG; + } else { + ret = wc_Chacha_SetKey(chacha, key, keySz); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Chacha_SetKey(chacha=%p) = %d\n", chacha, ret); + + releaseByteArray(env, key_object, key, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Chacha_wc_1Chacha_1process( + JNIEnv* env, jobject this, jbyteArray input_obj) +{ + jbyteArray result = NULL; + +#ifdef HAVE_CHACHA + int ret = 0; + ChaCha* chacha = NULL; + byte* input = NULL; + int inputSz = 0; + byte* output = NULL; + + chacha = (ChaCha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + input = getByteArray(env, input_obj); + inputSz = getByteArrayLength(env, input_obj); + + if (input == NULL) { + return NULL; + } + + output = XMALLOC(inputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!chacha) + ? BAD_FUNC_ARG + : wc_Chacha_Process(chacha, output, input, inputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, inputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, inputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate memory for Chacha_process"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_Chacha_Process() = %d\n", output, ret); + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + return result; +} diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_curve25519.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_curve25519.c new file mode 100644 index 0000000..8f1f739 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_curve25519.c @@ -0,0 +1,421 @@ +/* jni_curve25519.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +#define MAX_CURVE25519_PRIVATE_DER_SZ 128 + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Curve25519_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + void* ret = 0; + +#ifdef HAVE_CURVE25519 + ret = XMALLOC(sizeof(curve25519_key), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (ret == NULL) + throwOutOfMemoryException(env, "Failed to allocate Curve25519 object"); + + LogStr("new Curve25519() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return (jlong) ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1init( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_CURVE25519 + int ret = 0; + curve25519_key* curve25519 = (curve25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!curve25519) + ? BAD_FUNC_ARG + : wc_curve25519_init(curve25519); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("curve25519_init(curve25519=%p) = %d\n", curve25519, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1free( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_CURVE25519 + curve25519_key* curve25519 = (curve25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception */ + return; + } + + if (curve25519) + wc_curve25519_free(curve25519); + + LogStr("curve25519_free(curve25519=%p)\n", curve25519); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1make_1key( + JNIEnv* env, jobject this, jobject rng_object, jint size) +{ +#ifdef HAVE_CURVE25519 + int ret = 0; + curve25519_key* curve25519 = NULL; + RNG* rng = NULL; + + curve25519 = (curve25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!curve25519 || !rng) + ? BAD_FUNC_ARG + : wc_curve25519_make_key(rng, size, curve25519); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("curve25519_make_key(rng, size, curve25519=%p) = %d\n", curve25519, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1import_1private + (JNIEnv* env, jobject this, jbyteArray priv_object, + jbyteArray pub_object) +{ +#if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_IMPORT) + int ret = 0; + curve25519_key* curve25519 = NULL; + byte* priv = NULL; + byte* pub = NULL; + word32 privSz = 0, pubSz = 0; + + curve25519 = (curve25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + priv = getByteArray(env, priv_object); + privSz = getByteArrayLength(env, priv_object); + pub = getByteArray(env, pub_object); + pubSz = getByteArrayLength(env, pub_object); + + /* pub may be null if only importing private key */ + if (!curve25519 || !priv) { + ret = BAD_FUNC_ARG; + } else { + /* detect, and later skip, leading zero byte */ + ret = wc_curve25519_import_private_raw(priv, privSz, pub, + pubSz, curve25519); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_curve25519_import_private_key(curve25519=%p) = %d\n", curve25519, ret); + + releaseByteArray(env, priv_object, priv, JNI_ABORT); + releaseByteArray(env, pub_object, pub, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + + JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1import_1private_1only + (JNIEnv* env, jobject this, jbyteArray priv_object) +{ +#if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_IMPORT) + int ret = 0; + curve25519_key* curve25519 = NULL; + byte* priv = NULL; + word32 privSz = 0; + + curve25519 = (curve25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + priv = getByteArray(env, priv_object); + privSz = getByteArrayLength(env, priv_object); + + /* pub may be null if only importing private key */ + if (!curve25519 || !priv) { + ret = BAD_FUNC_ARG; + } else { + /* detect, and later skip, leading zero byte */ + ret = wc_curve25519_import_private(priv, privSz, curve25519); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_curve25519_import_private_key(curve25519=%p) = %d\n", curve25519, ret); + + releaseByteArray(env, priv_object, priv, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1import_1public + (JNIEnv* env, jobject this, jbyteArray pub_object) +{ +#if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_IMPORT) + int ret = 0; + curve25519_key* curve25519 = NULL; + byte* pub = NULL; + word32 pubSz = 0; + + curve25519 = (curve25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + pub = getByteArray(env, pub_object); + pubSz = getByteArrayLength(env, pub_object); + + if (!curve25519 || !pub) { + ret = BAD_FUNC_ARG; + } else { + /* detect, and later skip, leading zero byte */ + ret = wc_curve25519_import_public(pub, pubSz, curve25519); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_curve25519_import_public(curve25519=%p) = %d\n", curve25519, ret); + + releaseByteArray(env, pub_object, pub, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1export_1private( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#ifdef HAVE_CURVE25519_KEY_EXPORT + int ret = 0; + curve25519_key* curve25519 = NULL; + byte* output = NULL; + word32 outputSz = 0; + + curve25519 = (curve25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + outputSz = wc_curve25519_size(curve25519); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!curve25519) + ? BAD_FUNC_ARG + : wc_curve25519_export_private_raw(curve25519, output, &outputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_curve25519_export_private(curve25519, output=%p, outputSz) = %d\n", output, ret); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1export_1public ( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#ifdef HAVE_CURVE25519_KEY_EXPORT + int ret = 0; + curve25519_key* curve25519 = NULL; + byte* output = NULL; + word32 outputSz = 0; + + curve25519 = (curve25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + outputSz = wc_curve25519_size(curve25519); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!curve25519) + ? BAD_FUNC_ARG + : wc_curve25519_export_public(curve25519, output, &outputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_curve25519_export_public(curve25519, output=%p, outputSz) = %d\n", output, ret); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Curve25519_wc_1curve25519_1make_1shared_1secret( + JNIEnv* env, jobject this, jobject pub_object) +{ + jbyteArray result = NULL; + +#ifdef HAVE_CURVE25519_SHARED_SECRET + int ret = 0; + curve25519_key* curve25519 = NULL; + curve25519_key* pub = NULL; + byte* output = NULL; + word32 outputSz = 0; + + curve25519 = (curve25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + pub = (curve25519_key*) getNativeStruct(env, pub_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + outputSz = wc_curve25519_size(curve25519); + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, + "Failed to allocate shared secret buffer"); + return result; + } + + ret = (!curve25519 || !pub) + ? BAD_FUNC_ARG + : wc_curve25519_shared_secret(curve25519, pub, output, &outputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate shared secret"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_curve25519_shared_secret(priv, pub, output=%p, outputSz) = %d\n", + output, ret); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_des3.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_des3.c new file mode 100644 index 0000000..da8d41b --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_des3.c @@ -0,0 +1,214 @@ +/* jni_des3.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Des3_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifndef NO_DES3 + ret = (jlong) XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Des3 object"); + + LogStr("new Des3() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Des3_native_1set_1key( + JNIEnv* env, jobject this, jbyteArray key_object, jbyteArray iv_object, + jint opmode) +{ +#ifndef NO_DES3 + int ret = 0; + Des3* des = NULL; + byte* key = NULL; + byte* iv = NULL; + + des = (Des3*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + key = getByteArray(env, key_object); + iv = getByteArray(env, iv_object); + + ret = (!des || !key) /* iv is optional */ + ? BAD_FUNC_ARG + : wc_Des3_SetKey(des, key, iv, opmode); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Des3SetKey(Des3=%p, key, iv, opmode) = %d\n", des, ret); + + releaseByteArray(env, key_object, key, JNI_ABORT); + releaseByteArray(env, iv_object, iv, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Des3_native_1update__I_3BII_3BI( + JNIEnv* env, jobject this, jint opmode, + jbyteArray input_object, jint offset, jint length, + jbyteArray output_object, jint outputOffset) +{ + int ret = 0; + +#ifndef NO_DES3 + Des3* des = NULL; + byte* input = NULL; + byte* output = NULL; + + des = (Des3*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return 0; + } + + input = getByteArray(env, input_object); + output = getByteArray(env, output_object); + + if (!des || !input || !output) { + ret = BAD_FUNC_ARG; /* NULL sanitizers */ + } + else if (offset < 0 || length < 0 || outputOffset < 0) { + ret = BAD_FUNC_ARG; /* signed sanizizers */ + } + else if (offset + length > getByteArrayLength(env, input_object)) { + ret = BUFFER_E; /* buffer overflow check */ + } + else if (outputOffset + length > getByteArrayLength(env, output_object)) { + ret = BUFFER_E; /* buffer overflow check */ + } + else if (opmode == DES_ENCRYPTION) { + ret = wc_Des3_CbcEncrypt(des, output+outputOffset,input+offset, length); + LogStr("wc_Des3CbcEncrypt(des=%p, out, in, inSz) = %d\n", des, ret); + } + else { + ret = wc_Des3_CbcDecrypt(des, output+outputOffset,input+offset, length); + LogStr("wc_Des3CbcDecrypt(des=%p, out, in, inSz) = %d\n", des, ret); + } + + LogStr("input[%u]: [%p]\n", (word32)length, input + offset); + LogHex((byte*) input, offset, length); + LogStr("output[%u]: [%p]\n", (word32)length, output + outputOffset); + LogHex((byte*) output, outputOffset, length); + + releaseByteArray(env, input_object, input, JNI_ABORT); + releaseByteArray(env, output_object, output, ret); + + if (ret != 0) { + throwWolfCryptExceptionFromError(env, ret); + ret = 0; /* 0 bytes stored in output */ + } + else { + ret = length; + } +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Des3_native_1update__ILjava_nio_ByteBuffer_2IILjava_nio_ByteBuffer_2I( + JNIEnv* env, jobject this, jint opmode, + jobject input_object, jint offset, jint length, + jobject output_object, jint outputOffset) +{ + int ret = 0; + +#ifndef NO_DES3 + Des3* des = NULL; + byte* input = NULL; + byte* output = NULL; + + des = (Des3*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return 0; + } + + input = getDirectBufferAddress(env, input_object); + output = getDirectBufferAddress(env, output_object); + + if (!des || !input || !output) { + ret = BAD_FUNC_ARG; /* NULL sanitizers */ + } + else if (offset < 0 || length < 0) { + ret = BAD_FUNC_ARG; /* signed sanizizers */ + } + else if (offset + length > getDirectBufferLimit(env, input_object)) { + ret = BUFFER_E; /* buffer overflow check */ + } + else if (outputOffset + length > getDirectBufferLimit(env, output_object)) { + ret = BUFFER_E; /* buffer overflow check */ + } + else if (opmode == DES_ENCRYPTION) { + ret = wc_Des3_CbcEncrypt(des, output, input + offset, length); + LogStr("wc_Des3CbcEncrypt(des=%p, out, in, inSz) = %d\n", des, ret); + } + else { + ret = wc_Des3_CbcDecrypt(des, output, input + offset, length); + LogStr("wc_Des3CbcDecrypt(des=%p, out, in, inSz) = %d\n", des, ret); + } + + if (ret != 0) { + throwWolfCryptExceptionFromError(env, ret); + ret = 0; /* 0 bytes stored in output */ + } + else { + ret = length; + } + + LogStr("input[%u]: [%p]\n", (word32)length, input + offset); + LogHex((byte*) input, offset, length); + LogStr("output[%u]: [%p]\n", (word32)length, output); + LogHex((byte*) output, 0, length); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_dh.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_dh.c new file mode 100644 index 0000000..007531b --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_dh.c @@ -0,0 +1,356 @@ +/* jni_dh.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +JNIEXPORT jlong JNICALL Java_com_wolfssl_wolfcrypt_Dh_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifndef NO_DH + ret = (jlong) XMALLOC(sizeof(DhKey), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Dh object"); + + LogStr("new Dh() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Dh_wc_1InitDhKey( + JNIEnv* env, jobject this) +{ +#ifndef NO_DH + DhKey* key = (DhKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception */ + return; + } + + wc_InitDhKey(key); + + LogStr("wc_InitDhKey(key=%p)\n", key); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Dh_wc_1FreeDhKey( + JNIEnv* env, jobject this) +{ +#ifndef NO_DH + DhKey* key = (DhKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception */ + return; + } + + wc_FreeDhKey(key); + + LogStr("wc_FreeDhKey(key=%p)\n", key); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Dh_wc_1DhSetKey( + JNIEnv* env, jobject this, jbyteArray p_object, jbyteArray g_object) +{ +#ifndef NO_DH + int ret = 0; + DhKey* key = NULL; + byte* p = NULL; + byte* g = NULL; + word32 pSz = 0, gSz = 0; + + key = (DhKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + p = getByteArray(env, p_object); + pSz = getByteArrayLength(env, p_object); + g = getByteArray(env, g_object); + gSz = getByteArrayLength(env, g_object); + + ret = (!key || !p || !g) + ? BAD_FUNC_ARG + : wc_DhSetKey(key, p, pSz, g, gSz); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_DhSetKey(key=%p, p, pSz, g, gSz) = %d\n", key, ret); + LogStr("p[%u]: [%p]\n", (word32)pSz, p); + LogHex((byte*) p, 0, pSz); + LogStr("g[%u]: [%p]\n", (word32)gSz, g); + LogHex((byte*) g, 0, gSz); + + releaseByteArray(env, p_object, p, JNI_ABORT); + releaseByteArray(env, g_object, g, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Dh_wc_1DhGenerateKeyPair( + JNIEnv* env, jobject this, jobject rng_object, jint size) +{ +#ifndef NO_DH + int ret = 0; + DhKey* key = NULL; + RNG* rng = NULL; + byte* priv = NULL; + byte* pub = NULL; + word32 privSz = size; + word32 pubSz = size; + int lBitPriv = 0, lBitPub = 0; + byte lBit[1] = { 0x00 }; + int exceptionThrown = 0; + + key = (DhKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + if (!key || !rng || (size < 0)) + ret = BAD_FUNC_ARG; + + if (ret == 0) { + + priv = XMALLOC(privSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (priv == NULL) { + throwOutOfMemoryException(env, + "Failed to allocate private key buffer"); + return; + } + + pub = XMALLOC(pubSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (pub == NULL) { + XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + throwOutOfMemoryException(env, + "Failed to allocate public key buffer"); + return; + } + + ret = wc_DhGenerateKeyPair(key, rng, priv, &privSz, pub, &pubSz); + } + + if (ret == 0) { + + /* keys should be positive, if leading bit is set, add zero byte */ + if (priv[0] & 0x80) + lBitPriv = 1; + + if (pub[0] & 0x80) + lBitPub = 1; + + jbyteArray privateKey = (*env)->NewByteArray(env, lBitPriv + privSz); + jbyteArray publicKey = (*env)->NewByteArray(env, lBitPub + pubSz); + + if (privateKey) { + if (lBitPriv) { + (*env)->SetByteArrayRegion(env, privateKey, 0, 1, + (const jbyte*)lBit); + (*env)->SetByteArrayRegion(env, privateKey, 1, privSz, + (const jbyte*)priv); + } else { + (*env)->SetByteArrayRegion(env, privateKey, 0, privSz, + (const jbyte*)priv); + } + + setByteArrayMember(env, this, "privateKey", privateKey); + if ((*env)->ExceptionOccurred(env)) { + /* if exception raised, skip any additional JNI functions */ + exceptionThrown = 1; + } + + } else { + throwWolfCryptException(env, "Failed to allocate privateKey"); + } + + if (publicKey && (exceptionThrown == 0)) { + if (lBitPub) { + (*env)->SetByteArrayRegion(env, publicKey, 0, 1, + (const jbyte*)lBit); + (*env)->SetByteArrayRegion(env, publicKey, 1, pubSz, + (const jbyte*)pub); + } else { + (*env)->SetByteArrayRegion(env, publicKey, 0, pubSz, + (const jbyte*)pub); + } + + setByteArrayMember(env, this, "publicKey", publicKey); + } else { + throwWolfCryptException(env, "Failed to allocate publicKey"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_DhGenerateKeyPair(key, rng, priv, privSz, pub, pubSz) = %d\n", + ret); + LogStr("private[%u]: [%p]\n", privSz, priv); + LogHex(priv, 0, privSz); + LogStr("public[%u]: [%p]\n", pubSz, pub); + LogHex(pub, 0, pubSz); + + if (priv) + XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (pub) + XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Dh_wc_1DhCheckPubKey( + JNIEnv* env, jobject this, jbyteArray pub_object) +{ +#ifndef NO_DH + int ret = 0; + DhKey* key = NULL; + byte* pub = NULL; + word32 pubSz = 0; + + key = (DhKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + pub = getByteArray(env, pub_object); + pubSz = getByteArrayLength(env, pub_object); + + // ret = (!key || !pub) + // ? BAD_FUNC_ARG + // : wc_DhCheckPubKey(key, pub, pubSz); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_DhCheckPubKey(key=%p, pub, pubSz) = %d\n", key, ret); + LogStr("p[%u]: [%p]\n", (word32)pubSz, pub); + LogHex((byte*) pub, 0, pubSz); + + releaseByteArray(env, pub_object, pub, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Dh_wc_1DhAgree( + JNIEnv* env, jobject this, jbyteArray priv_object, jbyteArray pub_object) +{ + jbyteArray result = NULL; + +#ifndef NO_DH + int ret = 0; + DhKey* key = NULL; + byte* priv = NULL; + byte* pub = NULL; + byte* secret = NULL; + word32 privSz = 0, pubSz = 0, secretSz = 0; + + key = (DhKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + priv = getByteArray(env, priv_object); + privSz = getByteArrayLength(env, priv_object); + pub = getByteArray(env, pub_object); + pubSz = getByteArrayLength(env, pub_object); + secretSz = pubSz; + + secret = XMALLOC(pubSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (secret == NULL) { + throwOutOfMemoryException(env, "Failed to allocate private key buffer"); + + releaseByteArray(env, priv_object, priv, JNI_ABORT); + releaseByteArray(env, pub_object, pub, JNI_ABORT); + + return result; + } + + ret = (!key || !priv || !pub) + ? BAD_FUNC_ARG + : wc_DhAgree(key, secret, &secretSz, priv, privSz, pub, pubSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, secretSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, secretSz, + (const jbyte*)secret); + } else { + throwWolfCryptException(env, "Failed to allocate shared secret"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_DhAgree(key, secret, secretSz, priv, privSz, pub, pubSz) = %d\n", + ret); + LogStr("secret[%u]: [%p]\n", secretSz, secret); + LogHex(secret, 0, secretSz); + + XFREE(secret, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + releaseByteArray(env, priv_object, priv, JNI_ABORT); + releaseByteArray(env, pub_object, pub, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif + + return result; +} diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_ecc.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_ecc.c new file mode 100644 index 0000000..ac3c3f0 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_ecc.c @@ -0,0 +1,932 @@ +/* jni_ecc.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +#define MAX_ECC_PRIVATE_DER_SZ 128 + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + void* ret = 0; + +#ifdef HAVE_ECC + ret = XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (ret == NULL) + throwOutOfMemoryException(env, "Failed to allocate Ecc object"); + + LogStr("new Ecc() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return (jlong) ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1init( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_ECC + int ret = 0; + ecc_key* ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!ecc) + ? BAD_FUNC_ARG + : wc_ecc_init(ecc); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("ecc_init(ecc=%p) = %d\n", ecc, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1free( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_ECC + ecc_key* ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception */ + return; + } + + if (ecc) + wc_ecc_free(ecc); + + LogStr("ecc_free(ecc=%p)\n", ecc); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1make_1key( + JNIEnv* env, jobject this, jobject rng_object, jint size) +{ +#ifdef HAVE_ECC + int ret = 0; + ecc_key* ecc = NULL; + RNG* rng = NULL; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!ecc || !rng) + ? BAD_FUNC_ARG + : wc_ecc_make_key(rng, size, ecc); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("ecc_make_key(rng, size, ecc=%p) = %d\n", ecc, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1make_1key_1ex + (JNIEnv* env, jobject this, jobject rng_object, jint size, + jstring curveName) +{ +#ifdef HAVE_ECC + int ret = 0; + ecc_key* ecc = NULL; + RNG* rng = NULL; + const char* name = (*env)->GetStringUTFChars(env, curveName, 0); + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + (*env)->ReleaseStringUTFChars(env, curveName, name); + return; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + (*env)->ReleaseStringUTFChars(env, curveName, name); + return; + } + + ret = (!ecc || !rng || !curveName || !name) + ? BAD_FUNC_ARG + : wc_ecc_get_curve_id_from_name(name); + + (*env)->ReleaseStringUTFChars(env, curveName, name); + + if (ret < 0) { + throwWolfCryptException(env, "ECC curve unsupported or not enabled"); + + } else { + ret = wc_ecc_make_key_ex(rng, size, ecc, ret); + + if (ret < 0) { + throwWolfCryptExceptionFromError(env, ret); + } + } + + LogStr("ecc_make_key_ex(rng, size, ecc=%p) = %d\n", ecc, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1check_1key( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_ECC + int ret = 0; + ecc_key* ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!ecc) + ? BAD_FUNC_ARG + : wc_ecc_check_key(ecc); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ecc_check_key(ecc=%p) = %d\n", ecc, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1import_1private + (JNIEnv* env, jobject this, jbyteArray priv_object, + jbyteArray pub_object, jstring curveName) +{ +#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) + int ret = 0; + word32 idx = 0; + ecc_key* ecc = NULL; + byte* priv = NULL; + byte* pub = NULL; + word32 privSz = 0, pubSz = 0; + const char* name = NULL; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + priv = getByteArray(env, priv_object); + privSz = getByteArrayLength(env, priv_object); + pub = getByteArray(env, pub_object); + pubSz = getByteArrayLength(env, pub_object); + + /* pub may be null if only importing private key */ + if (!ecc || !priv) { + ret = BAD_FUNC_ARG; + + } else { + /* detect, and later skip, leading zero byte */ + if (priv[0] == 0) + idx = 1; + + if (curveName != NULL) { + name = (*env)->GetStringUTFChars(env, curveName, 0); + ret = wc_ecc_get_curve_id_from_name(name); + (*env)->ReleaseStringUTFChars(env, curveName, name); + + if (ret > 0) { + /* import with curve id, ret stores curve id */ + ret = wc_ecc_import_private_key_ex(priv + idx, privSz - idx, pub, + pubSz, ecc, ret); + } else { + /* unsupported curve name */ + ret = BAD_FUNC_ARG; + } + + } else { + ret = wc_ecc_import_private_key(priv + idx, privSz - idx, pub, + pubSz, ecc); + } + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ecc_import_private_key(ecc=%p) = %d\n", ecc, ret); + + releaseByteArray(env, priv_object, priv, JNI_ABORT); + releaseByteArray(env, pub_object, pub, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1export_1private( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#ifdef HAVE_ECC_KEY_EXPORT + int ret = 0; + ecc_key* ecc = NULL; + byte* output = NULL; + word32 outputSz = 0; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + outputSz = wc_ecc_size(ecc); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!ecc) + ? BAD_FUNC_ARG + : wc_ecc_export_private_only(ecc, output, &outputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_ecc_export_x963(ecc, output=%p, outputSz) = %d\n", output, ret); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1import_1x963( + JNIEnv* env, jobject this, jbyteArray key_object) +{ +#ifdef HAVE_ECC_KEY_IMPORT + int ret = 0; + ecc_key* ecc = NULL; + byte* key = NULL; + word32 keySz = 0; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + key = getByteArray(env, key_object); + keySz = getByteArrayLength(env, key_object); + + ret = (!ecc || !key) + ? BAD_FUNC_ARG + : wc_ecc_import_x963(key, keySz, ecc); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("ecc_import_x963(key, keySz, ecc=%p) = %d\n", ecc, ret); + + releaseByteArray(env, key_object, key, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1export_1x963( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#ifdef HAVE_ECC_KEY_EXPORT + int ret = 0; + ecc_key* ecc = NULL; + byte* output = NULL; + word32 outputSz = 0; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + /* get size */ + wc_ecc_export_x963(ecc, NULL, &outputSz); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!ecc) + ? BAD_FUNC_ARG + : wc_ecc_export_x963(ecc, output, &outputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_ecc_export_x963(ecc, output=%p, outputSz) = %d\n", output, ret); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1EccPrivateKeyDecode( + JNIEnv* env, jobject this, jbyteArray key_object) +{ +#if defined(HAVE_ECC) && !defined(NO_ASN) + int ret = 0; + word32 idx = 0; + ecc_key* ecc = NULL; + byte* key = NULL; + word32 keySz = 0; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + key = getByteArray(env, key_object); + keySz = getByteArrayLength(env, key_object); + + ret = (!ecc || !key) + ? BAD_FUNC_ARG + : wc_EccPrivateKeyDecode(key, &idx, ecc, keySz); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_EccPrivateKeyDecode(key, keySz, ecc=%p) = %d\n", ecc, ret); + + releaseByteArray(env, key_object, key, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1EccKeyToDer( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#if defined(HAVE_ECC) && !defined(NO_ASN) && defined(WOLFSSL_KEY_GEN) + int ret = 0; + ecc_key* ecc; + byte* output = NULL; + word32 outputSz = 256; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!ecc) + ? BAD_FUNC_ARG + : wc_EccKeyToDer(ecc, output, outputSz); + + if (ret >= 0) { + outputSz = ret; + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_EccKeyToDer(ecc, output=%p, outputSz) = %d\n", output, ret); + LogStr("output[%u]: [%p]\n", outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1EccPublicKeyDecode( + JNIEnv* env, jobject this, jbyteArray key_object) +{ +#if defined(HAVE_ECC) && !defined(NO_ASN) + int ret = 0; + word32 idx = 0; + ecc_key* ecc = NULL; + byte* key = NULL; + word32 keySz = 0; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + key = getByteArray(env, key_object); + keySz = getByteArrayLength(env, key_object); + + ret = (!ecc || !key) + ? BAD_FUNC_ARG + : wc_EccPublicKeyDecode(key, &idx, ecc, keySz); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_EccPublicKeyDecode(key, keySz, ecc=%p) = %d\n", ecc, ret); + + releaseByteArray(env, key_object, key, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1EccPublicKeyToDer( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#if !defined(NO_ASN) && (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) + int ret = 0; + ecc_key* ecc = NULL; + byte* output = NULL; + word32 outputSz = 256; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!ecc) + ? BAD_FUNC_ARG + : wc_EccPublicKeyToDer(ecc, output, outputSz, 1); + + if (ret >= 0) { + outputSz = ret; + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_EccPublicKeyToDer(ecc, out=%p, outSz) = %d\n", output, ret); + LogStr("output[%u]: [%p]\n", outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1shared_1secret( + JNIEnv* env, jobject this, jobject pub_object) +{ + jbyteArray result = NULL; + +#ifdef HAVE_ECC_DHE + int ret = 0; + ecc_key* ecc = NULL; + ecc_key* pub = NULL; + byte* output = NULL; + word32 outputSz = 0; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + pub = (ecc_key*) getNativeStruct(env, pub_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + outputSz = wc_ecc_size(ecc); + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, + "Failed to allocate shared secret buffer"); + return result; + } + + ret = (!ecc || !pub) + ? BAD_FUNC_ARG + : wc_ecc_shared_secret(ecc, pub, output, &outputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate shared secret"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_ecc_shared_secret(priv, pub, output=%p, outputSz) = %d\n", + output, ret); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1sign_1hash( + JNIEnv* env, jobject this, jbyteArray hash_object, jobject rng_object) +{ + jbyteArray result = NULL; + +#ifdef HAVE_ECC_SIGN + int ret = 0; + ecc_key* ecc = NULL; + RNG* rng = NULL; + byte* hash = NULL; + byte* signature = NULL; + word32 hashSz = 0, signatureSz = 0; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + hash = getByteArray(env, hash_object); + hashSz = getByteArrayLength(env, hash_object); + signatureSz = wc_ecc_sig_size(ecc); + + signature = XMALLOC(signatureSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (signature == NULL) { + throwOutOfMemoryException(env, "Failed to allocate signature buffer"); + + releaseByteArray(env, hash_object, hash, JNI_ABORT); + + return result; + } + + ret = (!ecc || !rng || !hash) + ? BAD_FUNC_ARG + : wc_ecc_sign_hash(hash, hashSz, signature, &signatureSz, rng, ecc); + + if (ret == 0) { + result = (*env)->NewByteArray(env, signatureSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, signatureSz, + (const jbyte*)signature); + } else { + throwWolfCryptException(env, "Failed to allocate signature"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_ecc_sign_hash(input, inSz, output, &outSz, rng, ecc) = %d\n", + ret); + LogStr("signature[%u]: [%p]\n", (word32)signatureSz, signature); + LogHex((byte*) signature, 0, signatureSz); + + XFREE(signature, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + releaseByteArray(env, hash_object, hash, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jboolean JNICALL +Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1verify_1hash( + JNIEnv* env, jobject this, jbyteArray hash_object, + jbyteArray signature_object) +{ + jlong ret = 0; + +#ifdef HAVE_ECC_VERIFY + int status = 0; + ecc_key* ecc = NULL; + byte* hash = NULL; + byte* signature = NULL; + word32 hashSz = 0, signatureSz = 0; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return 0; + } + + hash = getByteArray(env, hash_object); + hashSz = getByteArrayLength(env, hash_object); + + signature = getByteArray(env, signature_object); + signatureSz = getByteArrayLength(env, signature_object); + + ret = (!ecc || !hash || !signature) + ? BAD_FUNC_ARG + : wc_ecc_verify_hash(signature, signatureSz, hash,hashSz, &status, ecc); + + if (ret == 0) { + ret = status; + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr( + "wc_ecc_verify_hash(sig, sigSz, hash, hashSz, &status, ecc); = %lu\n", + ret); + + releaseByteArray(env, hash_object, hash, JNI_ABORT); + releaseByteArray(env, signature_object, signature, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1get_1curve_1size_1from_1name + (JNIEnv* env, jobject this, jstring curveName) +{ + jint ret = 0; +#ifdef HAVE_ECC + const char* name; + + if (curveName == NULL) { + ret = BAD_FUNC_ARG; + } else { + name = (*env)->GetStringUTFChars(env, curveName, 0); + ret = wc_ecc_get_curve_size_from_name(name); + (*env)->ReleaseStringUTFChars(env, curveName, name); + } + +#else + throwNotCompiledInException(env); +#endif + return ret; +} + +JNIEXPORT jstring JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1get_1curve_1name_1from_1id + (JNIEnv* env, jclass this, jint curve_id) +{ + jstring name = NULL; +#ifdef HAVE_ECC + const char* tmp = NULL; + + tmp = wc_ecc_get_curve_name_from_id(curve_id); + if (tmp != NULL) { + name = (*env)->NewStringUTF(env, tmp); + } + +#else + throwNotCompiledInException(env); +#endif + + return name; +} + +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1private_1key_1to_1pkcs8 + (JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#if defined(HAVE_ECC) && defined(WOLFSSL_KEY_GEN) + int ret = 0; + ecc_key* ecc = NULL; + byte* derKey = NULL; + byte* pkcs8 = NULL; + word32 derKeySz = MAX_ECC_PRIVATE_DER_SZ; + word32 pkcs8Sz = 0; + + int algoID = 0; + word32 oidSz = 0; + const byte* curveOID = NULL; + + ecc = (ecc_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + derKey = XMALLOC(derKeySz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (derKey == NULL) { + throwOutOfMemoryException(env, "Failed to allocate DER key buffer"); + return result; + } + + /* get pkcs8 output size, into pkcs8Sz */ + ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, derKey, derKeySz, algoID, + curveOID, oidSz); + + pkcs8 = XMALLOC(pkcs8Sz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (pkcs8 == NULL) { + XFREE(derKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + throwOutOfMemoryException(env, "Failed to allocate PKCS8 key buffer"); + return result; + } + + ret = (!ecc) + ? BAD_FUNC_ARG + : wc_EccPrivateKeyToDer(ecc, derKey, derKeySz); + + if (ret >= 0) { + derKeySz = ret; + algoID = ECDSAk; + ret = wc_ecc_get_oid(ecc->dp->oidSum, &curveOID, &oidSz); + } + + if (ret >= 0) { + ret = wc_CreatePKCS8Key(pkcs8, &pkcs8Sz, derKey, derKeySz, + algoID, curveOID, oidSz); + } + + if (ret >= 0) { + result = (*env)->NewByteArray(env, ret); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, ret, + (const jbyte*) pkcs8); + } + } + + XFREE(derKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(pkcs8, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (ret < 0) { + throwWolfCryptExceptionFromError(env, ret); + } +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1get_1curve_1id_1from_1params + (JNIEnv* env, jclass this, jint fieldSz, jbyteArray prime_object, + jbyteArray af_object, jbyteArray bf_object, jbyteArray order_object, + jbyteArray gx_object, jbyteArray gy_object, jint cofactor) +{ + int ret = 0; +#ifdef HAVE_ECC + byte* prime = getByteArray(env, prime_object); + word32 primeSz = getByteArrayLength(env, prime_object); + byte* Af = getByteArray(env, af_object); + word32 AfSz = getByteArrayLength(env, af_object); + byte* Bf = getByteArray(env, bf_object); + word32 BfSz = getByteArrayLength(env, bf_object); + byte* order = getByteArray(env, order_object); + word32 orderSz = getByteArrayLength(env, order_object); + byte* Gx = getByteArray(env, gx_object); + word32 GxSz = getByteArrayLength(env, gx_object); + byte* Gy = getByteArray(env, gy_object); + word32 GySz = getByteArrayLength(env, gy_object); + + ret = (!prime || !Af || !Bf || !order || !Gx || !Gy) + ? BAD_FUNC_ARG + : wc_ecc_get_curve_id_from_params(fieldSz, prime, primeSz, + Af, AfSz, Bf, BfSz, order, orderSz, Gx, GxSz, + Gy, GySz, cofactor); + + if (ret < 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ecc_get_curve_id_from_params() = %d\n", ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_ed25519.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_ed25519.c new file mode 100644 index 0000000..4236103 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_ed25519.c @@ -0,0 +1,532 @@ +/* jni_ed25519.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +#define MAX_ED25519_PRIVATE_DER_SZ 128 + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Ed25519_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + void* ret = 0; + +#ifdef HAVE_ED25519 + ret = XMALLOC(sizeof(ed25519_key), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (ret == NULL) + throwOutOfMemoryException(env, "Failed to allocate Ed25519 object"); + + LogStr("new Ed25519() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return (jlong) ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1init( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_ED25519 + int ret = 0; + ed25519_key* ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!ed25519) + ? BAD_FUNC_ARG + : wc_ed25519_init(ed25519); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("ed25519_init(ed25519=%p) = %d\n", ed25519, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1free( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_ED25519 + ed25519_key* ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception */ + return; + } + + if (ed25519) + wc_ed25519_free(ed25519); + + LogStr("ed25519_free(ed25519=%p)\n", ed25519); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1make_1key( + JNIEnv* env, jobject this, jobject rng_object, jint size) +{ +#ifdef HAVE_ED25519 + int ret = 0; + ed25519_key* ed25519 = NULL; + RNG* rng = NULL; + + ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!ed25519 || !rng) + ? BAD_FUNC_ARG + : wc_ed25519_make_key(rng, size, ed25519); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("ed25519_make_key(rng, size, ed25519=%p) = %d\n", ed25519, ret); +#else + throwNotCompiledInException(env); +#endif +} + + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1check_1key( + JNIEnv* env, jobject this) +{ +#ifdef HAVE_ED25519 + int ret = 0; + ed25519_key* ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!ed25519) + ? BAD_FUNC_ARG + : wc_ed25519_check_key(ed25519); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ed25519_check_key(ed25519=%p) = %d\n", ed25519, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1import_1private + (JNIEnv* env, jobject this, jbyteArray priv_object, jbyteArray pub_object) +{ +#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT) + int ret = 0; + ed25519_key* ed25519 = NULL; + byte* priv = NULL; + byte* pub = NULL; + word32 privSz = 0, pubSz = 0; + + ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + priv = getByteArray(env, priv_object); + privSz = getByteArrayLength(env, priv_object); + pub = getByteArray(env, pub_object); + pubSz = getByteArrayLength(env, pub_object); + + /* pub may be null if only importing private key */ + if (!ed25519 || !priv) { + ret = BAD_FUNC_ARG; + } else { + /* detect, and later skip, leading zero byte */ + if (!pub) + ret = wc_ed25519_import_private_only(priv, privSz, ed25519); + else + ret = wc_ed25519_import_private_key(priv, privSz, pub, + pubSz, ed25519); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ed25519_import_private_key(ed25519=%p) = %d\n", ed25519, ret); + + releaseByteArray(env, priv_object, priv, JNI_ABORT); + releaseByteArray(env, pub_object, pub, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1import_1public + (JNIEnv* env, jobject this, jbyteArray pub_object) +{ +#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT) + int ret = 0; + ed25519_key* ed25519 = NULL; + byte* pub = NULL; + word32 pubSz = 0; + + ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + pub = getByteArray(env, pub_object); + pubSz = getByteArrayLength(env, pub_object); + + if (!ed25519 || !pub) { + ret = BAD_FUNC_ARG; + } else { + ret = wc_ed25519_import_public(pub, pubSz, ed25519); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ed25519_import_public(ed25519=%p) = %d\n", ed25519, ret); + + releaseByteArray(env, pub_object, pub, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1import_1private_1only + (JNIEnv* env, jobject this, jbyteArray priv_object) +{ +#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT) + int ret = 0; + ed25519_key* ed25519 = NULL; + byte* priv = NULL; + word32 privSz = 0; + + ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + priv = getByteArray(env, priv_object); + privSz = getByteArrayLength(env, priv_object); + + if (!ed25519 || !priv) { + ret = BAD_FUNC_ARG; + } else { + /* detect, and later skip, leading zero byte */ + ret = wc_ed25519_import_private_only(priv, privSz, ed25519); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ed25519_import_private_key(ed25519=%p) = %d\n", ed25519, ret); + + releaseByteArray(env, priv_object, priv, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1export_1private( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#ifdef HAVE_ED25519_KEY_EXPORT + int ret = 0; + ed25519_key* ed25519 = NULL; + byte* output = NULL; + word32 outputSz = 0; + + ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + outputSz = 2 * wc_ed25519_priv_size(ed25519); /* Export private + public */ + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!ed25519) + ? BAD_FUNC_ARG + : wc_ed25519_export_private(ed25519, output, &outputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_ed25519_export_x963(ed25519, output=%p, outputSz) = %d\n", output, ret); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1export_1private_1only( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#ifdef HAVE_ED25519_KEY_EXPORT + int ret = 0; + ed25519_key* ed25519 = NULL; + byte* output = NULL; + word32 outputSz = 0; + + ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + outputSz = wc_ed25519_size(ed25519); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!ed25519) + ? BAD_FUNC_ARG + : wc_ed25519_export_private_only(ed25519, output, &outputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_ed25519_export_x963(ed25519, output=%p, outputSz) = %d\n", output, ret); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1export_1public( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#ifdef HAVE_ED25519_KEY_EXPORT + int ret = 0; + ed25519_key* ed25519 = NULL; + byte* output = NULL; + word32 outputSz = 0; + + ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + outputSz = wc_ed25519_size(ed25519); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate key buffer"); + return result; + } + + ret = (!ed25519) + ? BAD_FUNC_ARG + : wc_ed25519_export_public(ed25519, output, &outputSz); + + if (ret == 0) { + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_ed25519_export_x963(ed25519, output=%p, outputSz) = %d\n", output, ret); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + + +JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1sign_1msg + (JNIEnv* env, jobject this, jbyteArray msg_in) +{ + jbyteArray result = NULL; +#if defined(HAVE_ED25519) && defined(HAVE_ED25519_SIGN) + int ret = 0; + word32 len = 0, outlen = ED25519_SIG_SIZE; + ed25519_key* ed25519 = NULL; + byte* msg = NULL; + byte* output = NULL; + + ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + msg = getByteArray(env, msg_in); + len = getByteArrayLength(env, msg_in); + output = XMALLOC(outlen, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ed25519) { + ret = BAD_FUNC_ARG; + } else { + ret = wc_ed25519_sign_msg(msg, len, output, &outlen, ed25519); + } + + if (ret == 0) { + result = (*env)->NewByteArray(env, outlen); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outlen, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate key"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_ed25519_sign_msg(ed25519=%p) = %d\n", ed25519, ret); + printf("wc_ed25519_sign_msg(ed25519=%p) = %d\n", ed25519, ret); + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + releaseByteArray(env, msg_in, msg, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif + return result; +} + + +JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_Ed25519_wc_1ed25519_1verify_1msg + (JNIEnv* env, jobject this, jbyteArray sig_in, jbyteArray msg_in) +{ + int result = -1; +#if defined(HAVE_ED25519) && defined(HAVE_ED25519_SIGN) + int ret = 0; + word32 msglen, siglen; + ed25519_key* ed25519 = NULL; + byte* sig = NULL; + byte* msg = NULL; + + + ed25519 = (ed25519_key*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return result; + } + sig = getByteArray(env, sig_in); + msg = getByteArray(env, msg_in); + msglen = getByteArrayLength(env, msg_in); + siglen = getByteArrayLength(env, msg_in); + + if (!ed25519) { + ret = BAD_FUNC_ARG; + } else { + ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen, &result, ed25519); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ed25519_verify_msg(ed25519=%p) = %d\n", ed25519, ret); + + releaseByteArray(env, sig_in, sig, JNI_ABORT); + releaseByteArray(env, msg_in, msg, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif + return result; +} + diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_error.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_error.c new file mode 100644 index 0000000..538973f --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_error.c @@ -0,0 +1,77 @@ +/* jni_error.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif + +#include +#include + +JNIEXPORT jstring JNICALL Java_com_wolfssl_wolfcrypt_WolfCryptError_wc_1GetErrorString + (JNIEnv* env, jclass obj, jint error) +{ + return (*env)->NewStringUTF(env, wc_GetErrorString(error)); +} + +void throwWolfCryptExceptionFromError(JNIEnv* env, int code) +{ + jclass class = NULL; + jobject exception = NULL; + jmethodID constructor = NULL; + + if (code == MEMORY_E) { + throwOutOfMemoryException( + env, "Failed to allocate memory in the native wolfcrypt library"); + + return; + } + + class = (*env)->FindClass(env, "com/wolfssl/wolfcrypt/WolfCryptException"); + /* FindClass may throw exception */ + if ((*env)->ExceptionOccurred(env)) { + return; + } + + if (class) { + constructor = (*env)->GetMethodID(env, class, "", "(I)V"); + /* GetMethodID may throw exception */ + if ((*env)->ExceptionOccurred(env)) { + return; + } + + if (constructor) { + exception = (*env)->NewObject(env, class, constructor, code); + /* NewObject may throw exception */ + if ((*env)->ExceptionOccurred(env)) { + return; + } + + if (exception) { + (*env)->Throw(env, exception); + return; + } + } + } + + throwWolfCryptException(env, wc_GetErrorString(code)); +} + diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_fips.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_fips.c new file mode 100644 index 0000000..f8398a3 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_fips.c @@ -0,0 +1,3650 @@ +/* jni_fips.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif + +#ifdef HAVE_FIPS + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include +#endif + +#include + +#include +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +#ifdef HAVE_FIPS +extern JavaVM* g_vm; +static jobject g_errCb; +#endif + +void NativeErrorCallback(const int ok, const int err, const char * const hash) +{ +#ifdef HAVE_FIPS + JNIEnv* env; + jclass class; + jmethodID method; + jint ret; + + ret = (int) ((*g_vm)->GetEnv(g_vm, (void**) &env, JNI_VERSION_1_6)); + if (ret == JNI_EDETACHED) { +#ifdef __ANDROID__ + ret = (*g_vm)->AttachCurrentThread(g_vm, &env, NULL); +#else + ret = (*g_vm)->AttachCurrentThread(g_vm, (void**) &env, NULL); +#endif + if (ret) { + printf("Failed to attach JNIEnv to thread\n"); + return; + } + } + else if (ret != JNI_OK) { + printf("Unable to get JNIEnv from JavaVM\n"); + return; + } + + if (JNIGlobalRefType != (*env)->GetObjectRefType(env, g_errCb)) + throwWolfCryptException(env, "Invalid errorCallback reference"); + else if (!(class = (*env)->GetObjectClass(env, g_errCb))) + throwWolfCryptException(env, "Failed to get callback class"); + else if (!(method = (*env)->GetMethodID(env, class, "errorCallback", + "(IILjava/lang/String;)V"))) + throwWolfCryptException(env, "Failed to get method ID"); + else + (*env)->CallVoidMethod(env, g_errCb, method, ok, err, + (*env)->NewStringUTF(env, hash)); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Fips_wolfCrypt_1SetCb_1fips( + JNIEnv* env, jclass class, jobject callback) +{ +#ifdef HAVE_FIPS + if ((g_errCb = (*env)->NewGlobalRef(env, callback))) + wolfCrypt_SetCb_fips(NativeErrorCallback); + else + throwWolfCryptException(env, "Failed to store global error callback"); +#endif +} + +JNIEXPORT jstring JNICALL Java_com_wolfssl_wolfcrypt_Fips_wolfCrypt_1GetCoreHash_1fips( + JNIEnv* env, jclass class) +{ + #ifdef HAVE_FIPS + return (*env)->NewStringUTF(env, wolfCrypt_GetCoreHash_fips()); + #else + return NULL; + #endif +} + +JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_Fips_enabled + (JNIEnv* env, jclass class) +{ + #ifdef HAVE_FIPS + return JNI_TRUE; + #else + return JNI_FALSE; + #endif +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_getFipsVersion +(JNIEnv* env, jclass this) +{ + jint result = 0; + #if defined(HAVE_FIPS) + #ifdef HAVE_FIPS_VERSION + result = HAVE_FIPS_VERSION; + #else + result = 1; + #endif + #endif + return result; +} + +/* + * ### FIPS Aprooved Security Methods ########################################## + */ + +/* + * wolfCrypt FIPS API - Symmetric encrypt/decrypt Service + */ + +/* AES */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesSetKey_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2I( + JNIEnv* env, jclass class, jobject aes_object, jobject key_buffer, + jlong size, jobject iv_buffer, jint dir) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_AES) + + Aes* aes = NULL; + byte* key = NULL; + byte* iv = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + key = getDirectBufferAddress(env, key_buffer); + iv = getDirectBufferAddress(env, iv_buffer); + + if (!aes || !key) + return BAD_FUNC_ARG; + + ret = AesSetKey_fips(aes, key, size, iv, dir); + + LogStr("AesSetKey_fips(aes=%p, key, iv, %s) = %d\n", aes, + dir ? "dec" : "enc", ret); + LogStr("key[%u]: [%p]\n", (word32)size, key); + LogHex(key, 0, size); + LogStr("iv[%u]: [%p]\n", (word32)AES_BLOCK_SIZE, iv); + LogHex(iv, 0, AES_BLOCK_SIZE); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesSetKey_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3BJ_3BI( + JNIEnv* env, jclass class, jobject aes_object, jbyteArray key_buffer, + jlong size, jbyteArray iv_buffer, jint dir) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_AES) + + Aes* aes = NULL; + byte* key = NULL; + byte* iv = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + key = getByteArray(env, key_buffer); + iv = getByteArray(env, iv_buffer); + + ret = (!aes || !key) ? BAD_FUNC_ARG + : AesSetKey_fips(aes, key, size, iv, dir); + + LogStr("AesSetKey_fips(aes=%p, key, iv, %s) = %d\n", aes, + dir ? "dec" : "enc", ret); + LogStr("key[%u]: [%p]\n", (word32)size, key); + LogHex(key, 0, size); + LogStr("iv[%u]: [%p]\n", (word32)AES_BLOCK_SIZE, iv); + LogHex(iv, 0, AES_BLOCK_SIZE); + + releaseByteArray(env, key_buffer, key, 1); + releaseByteArray(env, iv_buffer, iv, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesSetIV_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2( + JNIEnv* env, jclass class, jobject aes_object, jobject iv_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_AES) + + Aes* aes = NULL; + byte* iv = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + iv = getDirectBufferAddress(env, iv_buffer); + + if (!aes || !iv) + return BAD_FUNC_ARG; + + ret = AesSetIV_fips(aes, iv); + + LogStr("AesSetIV_fips(aes=%p, iv) = %d\n", aes, ret); + LogStr("iv[%u]: [%p]\n", (word32)AES_BLOCK_SIZE, iv); + LogHex(iv, 0, AES_BLOCK_SIZE); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesSetIV_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B( + JNIEnv* env, jclass class, jobject aes_object, jbyteArray iv_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_AES) + + Aes* aes = NULL; + byte* iv = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + iv = getByteArray(env, iv_buffer); + + ret = (!aes || !iv) ? BAD_FUNC_ARG + : AesSetIV_fips(aes, iv); + + LogStr("AesSetIV_fips(aes=%p, iv) = %d\n", aes, ret); + LogStr("iv[%u]: [%p]\n", (word32)AES_BLOCK_SIZE, iv); + LogHex(iv, 0, AES_BLOCK_SIZE); + + releaseByteArray(env, iv_buffer, iv, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesCbcEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject aes_object, jobject out_buffer, + jobject in_buffer, jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_AES) + + Aes* aes = NULL; + byte* out = NULL; + byte* in = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getDirectBufferAddress(env, out_buffer); + in = getDirectBufferAddress(env, in_buffer); + + if (!aes || !out || !in) + return BAD_FUNC_ARG; + + ret = AesCbcEncrypt_fips(aes, out, in, (word32) size); + + LogStr("AesCbcEncrypt_fips(aes=%p, out, in) = %d\n", aes, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesCbcEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B_3BJ( + JNIEnv* env, jclass class, jobject aes_object, jbyteArray out_buffer, + jbyteArray in_buffer, jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_AES) + + Aes* aes = NULL; + byte* out = NULL; + byte* in = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getByteArray(env, out_buffer); + in = getByteArray(env, in_buffer); + + ret = (!aes || !out || !in) + ? BAD_FUNC_ARG + : AesCbcEncrypt_fips(aes, out, in, (word32) size); + + LogStr("AesCbcEncrypt_fips(aes=%p, out, in) = %d\n", aes, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + + releaseByteArray(env, out_buffer, out, ret); + releaseByteArray(env, in_buffer, in, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesCbcDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject aes_object, jobject out_buffer, + jobject in_buffer, jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_AES) + + Aes* aes = NULL; + byte* out = NULL; + byte* in = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getDirectBufferAddress(env, out_buffer); + in = getDirectBufferAddress(env, in_buffer); + + if (!aes || !out || !in) + return BAD_FUNC_ARG; + + ret = AesCbcDecrypt_fips(aes, out, in, (word32) size); + + LogStr("AesCbcDecrypt_fips(aes=%p, out, in) = %d\n", aes, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesCbcDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B_3BJ( + JNIEnv* env, jclass class, jobject aes_object, jbyteArray out_buffer, + jbyteArray in_buffer, jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_AES) + + Aes* aes = NULL; + byte* out = NULL; + byte* in = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getByteArray(env, out_buffer); + in = getByteArray(env, in_buffer); + + ret = (!aes || !out || !in) + ? BAD_FUNC_ARG + : AesCbcDecrypt_fips(aes, out, in, (word32) size); + + LogStr("AesCbcDecrypt_fips(aes=%p, out, in) = %d\n", aes, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + + releaseByteArray(env, out_buffer, out, ret); + releaseByteArray(env, in_buffer, in, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmSetKey_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject aes_object, jobject key_buffer, + jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_AESGCM) + + Aes* aes = NULL; + byte* key = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + key = getDirectBufferAddress(env, key_buffer); + + if (!aes || !key) + return BAD_FUNC_ARG; + + ret = AesGcmSetKey_fips(aes, key, size); + + LogStr("AesGcmSetKey_fips(aes=%p, key) = %d\n", aes, ret); + LogStr("key[%u]: [%p]\n", (word32)size, key); + LogHex(key, 0, size); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmSetKey_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3BJ( + JNIEnv* env, jclass class, jobject aes_object, jbyteArray key_buffer, + jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_AESGCM) + + Aes* aes = NULL; + byte* key = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + key = getByteArray(env, key_buffer); + + ret = (!aes || !key) ? BAD_FUNC_ARG + : AesGcmSetKey_fips(aes, key, size); + + LogStr("AesGcmSetKey_fips(aes=%p, key) = %d\n", aes, ret); + LogStr("key[%u]: [%p]\n", (word32)size, key); + LogHex(key, 0, size); + + releaseByteArray(env, key_buffer, key, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject aes_object, jobject out_buffer, + jobject in_buffer, jlong size, jobject iv_buffer, jlong ivSz, + jobject authTag_buffer, jlong authTagSz, jobject authIn_buffer, + jlong authInSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_AESGCM) + + Aes* aes = NULL; + byte* out = NULL; + byte* in = NULL; + byte* iv = NULL; + byte* authTag = NULL; + byte* authIn = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getDirectBufferAddress(env, out_buffer); + in = getDirectBufferAddress(env, in_buffer); + iv = getDirectBufferAddress(env, iv_buffer); + authTag = getDirectBufferAddress(env, authTag_buffer); + authIn = getDirectBufferAddress(env, authIn_buffer); + + if (!aes || !out || !in || (!iv && ivSz) || (!authTag && authTagSz) + || (!authIn && authInSz)) + return BAD_FUNC_ARG; + + ret = AesGcmEncrypt_fips(aes, out, in, (word32) size, iv, (word32) ivSz, + authTag, (word32) authTagSz, authIn, (word32) authInSz); + + LogStr( + "AesGcmEncrypt_fips(aes=%p, out, in, iv, authTag, authIn) = %d\n", + aes, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + LogStr("iv[%u]: [%p]\n", (word32)ivSz, iv); + LogHex(iv, 0, ivSz); + LogStr("authTag[%u]: [%p]\n", (word32)authTagSz, authTag); + LogHex(authTag, 0, authTagSz); + LogStr("authIn[%u]: [%p]\n", (word32)authInSz, authIn); + LogHex(authIn, 0, authInSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B_3BJ_3BJ_3BJ_3BJ( + JNIEnv* env, jclass class, jobject aes_object, jbyteArray out_buffer, + jbyteArray in_buffer, jlong size, jbyteArray iv_buffer, jlong ivSz, + jbyteArray authTag_buffer, jlong authTagSz, jbyteArray authIn_buffer, + jlong authInSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_AESGCM) + + Aes* aes = NULL; + byte* out = NULL; + byte* in = NULL; + byte* iv = NULL; + byte* authTag = NULL; + byte* authIn = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getByteArray(env, out_buffer); + in = getByteArray(env, in_buffer); + iv = getByteArray(env, iv_buffer); + authTag = getByteArray(env, authTag_buffer); + authIn = getByteArray(env, authIn_buffer); + + if (!aes || !out || !in || (!iv && ivSz) || (!authTag && authTagSz) + || (!authIn && authInSz)) + ret = BAD_FUNC_ARG; + else + ret = AesGcmEncrypt_fips(aes, out, in, (word32) size, iv, (word32) ivSz, + authTag, (word32) authTagSz, authIn, (word32) authInSz); + + LogStr( + "AesGcmEncrypt_fips(aes=%p, out, in, iv, authTag, authIn) = %d\n", + aes, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + LogStr("iv[%u]: [%p]\n", (word32)ivSz, iv); + LogHex(iv, 0, ivSz); + LogStr("authTag[%u]: [%p]\n", (word32)authTagSz, authTag); + LogHex(authTag, 0, authTagSz); + LogStr("authIn[%u]: [%p]\n", (word32)authInSz, authIn); + LogHex(authIn, 0, authInSz); + + releaseByteArray(env, out_buffer, out, ret); + releaseByteArray(env, in_buffer, in, 1); + releaseByteArray(env, iv_buffer, iv, 1); + releaseByteArray(env, authTag_buffer, authTag, ret); + releaseByteArray(env, authIn_buffer, authIn, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject aes_object, jobject out_buffer, + jobject in_buffer, jlong size, jobject iv_buffer, jlong ivSz, + jobject authTag_buffer, jlong authTagSz, jobject authIn_buffer, + jlong authInSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_AESGCM) + + Aes* aes = NULL; + byte* out = NULL; + byte* in = NULL; + byte* iv = NULL; + byte* authTag = NULL; + byte* authIn = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getDirectBufferAddress(env, out_buffer); + in = getDirectBufferAddress(env, in_buffer); + iv = getDirectBufferAddress(env, iv_buffer); + authTag = getDirectBufferAddress(env, authTag_buffer); + authIn = getDirectBufferAddress(env, authIn_buffer); + + if (!aes || !out || !in || (!iv && ivSz) || (!authTag && authTagSz) + || (!authIn && authInSz)) + return BAD_FUNC_ARG; + + ret = AesGcmDecrypt_fips(aes, out, in, (word32) size, iv, (word32) ivSz, + authTag, (word32) authTagSz, authIn, (word32) authInSz); + + LogStr( + "AesGcmDecrypt_fips(aes=%p, out, in, iv, authTag, authIn) = %d\n", + aes, ret); + LogStr("in[%u]: [%p]\n", (word32)AES_BLOCK_SIZE, in); + LogHex(in, 0, AES_BLOCK_SIZE); + LogStr("out[%u]: [%p]\n", (word32)AES_BLOCK_SIZE, out); + LogHex(out, 0, AES_BLOCK_SIZE); + LogStr("iv[%u]: [%p]\n", (word32)ivSz, iv); + LogHex(iv, 0, ivSz); + LogStr("authTag[%u]: [%p]\n", (word32)authTagSz, authTag); + LogHex(authTag, 0, authTagSz); + LogStr("authIn[%u]: [%p]\n", (word32)authInSz, authIn); + LogHex(authIn, 0, authInSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_AesGcmDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Aes_2_3B_3BJ_3BJ_3BJ_3BJ( + JNIEnv* env, jclass class, jobject aes_object, jbyteArray out_buffer, + jbyteArray in_buffer, jlong size, jbyteArray iv_buffer, jlong ivSz, + jbyteArray authTag_buffer, jlong authTagSz, jbyteArray authIn_buffer, + jlong authInSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_AESGCM) + + Aes* aes = NULL; + byte* out = NULL; + byte* in = NULL; + byte* iv = NULL; + byte* authTag = NULL; + byte* authIn = NULL; + + aes = (Aes*) getNativeStruct(env, aes_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getByteArray(env, out_buffer); + in = getByteArray(env, in_buffer); + iv = getByteArray(env, iv_buffer); + authTag = getByteArray(env, authTag_buffer); + authIn = getByteArray(env, authIn_buffer); + + if (!aes || !out || !in || (!iv && ivSz) || (!authTag && authTagSz) + || (!authIn && authInSz)) + ret = BAD_FUNC_ARG; + else + ret = AesGcmDecrypt_fips(aes, out, in, (word32) size, iv, (word32) ivSz, + authTag, (word32) authTagSz, authIn, (word32) authInSz); + + LogStr( + "AesGcmDecrypt_fips(aes=%p, out, in, iv, authTag, authIn) = %d\n", + aes, ret); + LogStr("in[%u]: [%p]\n", (word32)AES_BLOCK_SIZE, in); + LogHex(in, 0, AES_BLOCK_SIZE); + LogStr("out[%u]: [%p]\n", (word32)AES_BLOCK_SIZE, out); + LogHex(out, 0, AES_BLOCK_SIZE); + LogStr("iv[%u]: [%p]\n", (word32)ivSz, iv); + LogHex(iv, 0, ivSz); + LogStr("authTag[%u]: [%p]\n", (word32)authTagSz, authTag); + LogHex(authTag, 0, authTagSz); + LogStr("authIn[%u]: [%p]\n", (word32)authInSz, authIn); + LogHex(authIn, 0, authInSz); + + releaseByteArray(env, out_buffer, out, ret); + releaseByteArray(env, in_buffer, in, 1); + releaseByteArray(env, iv_buffer, iv, 1); + releaseByteArray(env, authTag_buffer, authTag, ret); + releaseByteArray(env, authIn_buffer, authIn, 1); + +#endif + + return ret; +} + +/* DES3 */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1SetKey_1fips__Lcom_wolfssl_wolfcrypt_Des3_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2I( + JNIEnv* env, jclass class, jobject des_object, jobject key_buffer, + jobject iv_buffer, jint dir) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DES3) + + Des3* des = NULL; + byte* key = NULL; + byte* iv = NULL; + + des = (Des3*) getNativeStruct(env, des_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + key = getDirectBufferAddress(env, key_buffer); + iv = getDirectBufferAddress(env, iv_buffer); + + if (!des || !key) + return BAD_FUNC_ARG; + + ret = Des3_SetKey_fips(des, key, iv, dir); + + LogStr("Des3_SetKey_fips(des=%p, key, iv, %s) = %d\n", des, + dir ? "dec" : "enc", ret); + LogStr("key[%u]: [%p]\n", (word32)DES3_KEYLEN, key); + LogHex(key, 0, DES3_KEYLEN); + LogStr("iv[%u]: [%p]\n", (word32)DES3_IVLEN, iv); + LogHex(iv, 0, DES3_IVLEN); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1SetKey_1fips__Lcom_wolfssl_wolfcrypt_Des3_2_3B_3BI( + JNIEnv* env, jclass class, jobject des_object, jbyteArray key_buffer, + jbyteArray iv_buffer, jint dir) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DES3) + + Des3* des = NULL; + byte* key = NULL; + byte* iv = NULL; + + des = (Des3*) getNativeStruct(env, des_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + key = getByteArray(env, key_buffer); + iv = getByteArray(env, iv_buffer); + + ret = (!des || !key) ? BAD_FUNC_ARG + : Des3_SetKey_fips(des, key, iv, dir); + + LogStr("Des3_SetKey_fips(des=%p, key, iv, %s) = %d\n", des, + dir ? "dec" : "enc", ret); + LogStr("key[%u]: [%p]\n", (word32)DES3_KEYLEN, key); + LogHex(key, 0, DES3_KEYLEN); + LogStr("iv[%u]: [%p]\n", (word32)DES3_IVLEN, iv); + LogHex(iv, 0, DES3_IVLEN); + + releaseByteArray(env, key_buffer, key, 1); + releaseByteArray(env, iv_buffer, iv, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1SetIV_1fips__Lcom_wolfssl_wolfcrypt_Des3_2Ljava_nio_ByteBuffer_2( + JNIEnv* env, jclass class, jobject des_object, jobject iv_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DES3) + + Des3* des = NULL; + byte* iv = NULL; + + des = (Des3*) getNativeStruct(env, des_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + iv = getDirectBufferAddress(env, iv_buffer); + + if (!des || !iv) + return BAD_FUNC_ARG; + ret = Des3_SetIV_fips(des, iv); + + LogStr("Des3_SetIV_fips(des=%p, iv) = %d\n", des, ret); + LogStr("iv[%u]: [%p]\n", (word32)DES_BLOCK_SIZE, iv); + LogHex(iv, 0, DES_BLOCK_SIZE); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1SetIV_1fips__Lcom_wolfssl_wolfcrypt_Des3_2_3B( + JNIEnv* env, jclass class, jobject des_object, jbyteArray iv_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DES3) + + Des3* des = NULL; + byte* iv = NULL; + + des = (Des3*) getNativeStruct(env, des_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + iv = getByteArray(env, iv_buffer); + + ret = (!des || !iv) ? BAD_FUNC_ARG + : Des3_SetIV_fips(des, iv); + + LogStr("Des3_SetIV_fips(des=%p, iv) = %d\n", des, ret); + LogStr("iv[%u]: [%p]\n", (word32)DES_BLOCK_SIZE, iv); + LogHex(iv, 0, DES_BLOCK_SIZE); + + releaseByteArray(env, iv_buffer, iv, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1CbcEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Des3_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject des_object, jobject out_buffer, + jobject in_buffer, jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DES3) + + Des3* des = NULL; + byte* out = NULL; + byte* in = NULL; + + des = (Des3*) getNativeStruct(env, des_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getDirectBufferAddress(env, out_buffer); + in = getDirectBufferAddress(env, in_buffer); + + if (!des || !out || !in) + return BAD_FUNC_ARG; + + ret = Des3_CbcEncrypt_fips(des, out, in, (word32) size); + + LogStr("Des3_CbcEncrypt_fips(des=%p, out, in) = %d\n", des, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1CbcEncrypt_1fips__Lcom_wolfssl_wolfcrypt_Des3_2_3B_3BJ( + JNIEnv* env, jclass class, jobject des_object, jbyteArray out_buffer, + jbyteArray in_buffer, jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DES3) + + Des3* des = NULL; + byte* out = NULL; + byte* in = NULL; + + des = (Des3*) getNativeStruct(env, des_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getByteArray(env, out_buffer); + in = getByteArray(env, in_buffer); + + ret = (!des || !out || !in) ? BAD_FUNC_ARG + : Des3_CbcEncrypt_fips(des, out, in, + (word32) size); + + LogStr("Des3_CbcEncrypt_fips(des=%p, out, in) = %d\n", des, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + + releaseByteArray(env, out_buffer, out, ret); + releaseByteArray(env, in_buffer, in, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1CbcDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Des3_2Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject des_object, jobject out_buffer, + jobject in_buffer, jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DES3) + + Des3* des = NULL; + byte* out = NULL; + byte* in = NULL; + + des = (Des3*) getNativeStruct(env, des_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getDirectBufferAddress(env, out_buffer); + in = getDirectBufferAddress(env, in_buffer); + + if (!des || !out || !in) + return BAD_FUNC_ARG; + + ret = Des3_CbcDecrypt_fips(des, out, in, (word32) size); + + LogStr("Des3_CbcDecrypt_fips(des=%p, out, in) = %d\n", des, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Des3_1CbcDecrypt_1fips__Lcom_wolfssl_wolfcrypt_Des3_2_3B_3BJ( + JNIEnv* env, jclass class, jobject des_object, jbyteArray out_buffer, + jbyteArray in_buffer, jlong size) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DES3) + + Des3* des = NULL; + byte* out = NULL; + byte* in = NULL; + + des = (Des3*) getNativeStruct(env, des_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + out = getByteArray(env, out_buffer); + in = getByteArray(env, in_buffer); + + ret = (!des || !out || !in) ? BAD_FUNC_ARG + : Des3_CbcDecrypt_fips(des, out, in, (word32) size); + + LogStr("Des3_CbcDecrypt_fips(des=%p, out, in) = %d\n", des, ret); + LogStr("in[%u]: [%p]\n", (word32)size, in); + LogHex(in, 0, size); + LogStr("out[%u]: [%p]\n", (word32)size, out); + LogHex(out, 0, size); + + releaseByteArray(env, out_buffer, out, ret); + releaseByteArray(env, in_buffer, in, 1); + +#endif + + return ret; +} + +/* + * wolfCrypt FIPS API - Keyed hash Service + */ + +/* HMAC */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacSetKey_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2ILjava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject hmac_object, jint type, + jobject key_buffer, jlong keySz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_HMAC) + + Hmac* hmac = NULL; + byte* key = NULL; + + hmac = (Hmac*) getNativeStruct(env, hmac_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + key = getDirectBufferAddress(env, key_buffer); + + if (!hmac || !key) + return BAD_FUNC_ARG; + + ret = HmacSetKey_fips(hmac, type, key, keySz); + + LogStr("HmacSetKey_fips(hmac=%p, type=%d, key, keySz) = %d\n", hmac, type, + ret); + LogStr("key[%u]: [%p]\n", (word32)keySz, key); + LogHex(key, 0, keySz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacSetKey_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2I_3BJ( + JNIEnv* env, jclass class, jobject hmac_object, jint type, + jbyteArray key_buffer, jlong keySz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_HMAC) + + Hmac* hmac = NULL; + byte* key = NULL; + + hmac = (Hmac*) getNativeStruct(env, hmac_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + key = getByteArray(env, key_buffer); + + ret = (!hmac || !key) ? BAD_FUNC_ARG + : HmacSetKey_fips(hmac, type, key, keySz); + + LogStr("HmacSetKey_fips(hmac=%p, type=%d, key, keySz) = %d\n", hmac, type, + ret); + LogStr("key[%u]: [%p]\n", (word32)keySz, key); + LogHex(key, 0, keySz); + + releaseByteArray(env, key_buffer, key, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacUpdate_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject hmac_object, jobject data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_HMAC) + + Hmac* hmac = NULL; + byte* data = NULL; + + hmac = (Hmac*) getNativeStruct(env, hmac_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + data = getDirectBufferAddress(env, data_buffer); + + if (!hmac || !data) + return BAD_FUNC_ARG; + + ret = HmacUpdate_fips(hmac, data, len); + + LogStr("HmacUpdate_fips(hmac=%p, data, len) = %d\n", hmac, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacUpdate_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2_3BJ( + JNIEnv* env, jclass class, jobject hmac_object, jbyteArray data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_HMAC) + + Hmac* hmac = NULL; + byte* data = NULL; + + hmac = (Hmac*) getNativeStruct(env, hmac_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + data = getByteArray(env, data_buffer); + + ret = (!hmac || !data) ? BAD_FUNC_ARG + : HmacUpdate_fips(hmac, data, len); + + LogStr("HmacUpdate_fips(hmac=%p, data, len) = %d\n", hmac, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + + releaseByteArray(env, data_buffer, data, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacFinal_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2Ljava_nio_ByteBuffer_2( + JNIEnv* env, jclass class, jobject hmac_object, jobject hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_HMAC) + + Hmac* hmac = NULL; + byte* hash = NULL; + + hmac = (Hmac*) getNativeStruct(env, hmac_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + hash = getDirectBufferAddress(env, hash_buffer); + + if (!hmac || !hash) + return BAD_FUNC_ARG; + + ret = HmacFinal_fips(hmac, hash); + + LogStr("HmacFinal_fips(hmac=%p, hash) = %d\n", hmac, ret); + LogStr("hash[%u]: [%p]\n", (word32)MD5_DIGEST_SIZE, hash); + LogHex(hash, 0, MD5_DIGEST_SIZE); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_HmacFinal_1fips__Lcom_wolfssl_wolfcrypt_Hmac_2_3B( + JNIEnv* env, jclass class, jobject hmac_object, jbyteArray hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_HMAC) + + Hmac* hmac = NULL; + byte* hash = NULL; + + hmac = (Hmac*) getNativeStruct(env, hmac_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + hash = getByteArray(env, hash_buffer); + + ret = (!hmac || !hash) ? BAD_FUNC_ARG + : HmacFinal_fips(hmac, hash); + + LogStr("HmacFinal_fips(hmac=%p, hash) = %d\n", hmac, ret); + LogStr("hash[%u]: [%p]\n", (word32)MD5_DIGEST_SIZE, hash); + LogHex(hash, 0, MD5_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); + +#endif + + return ret; +} + +/* + * wolfCrypt FIPS API - Random number generation Service + */ + +/* RNG */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitRng_1fips( + JNIEnv* env, jclass class, jobject rng_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) + + RNG* rng = (RNG*) getNativeStruct(env, rng_object); + if ((!rng) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + ret = InitRng_fips(rng); + + LogStr("InitRng_fips(rng=%p) = %d\n", rng, ret); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_FreeRng_1fips( + JNIEnv* env, jclass class, jobject rng_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) + + RNG* rng = (RNG*) getNativeStruct(env, rng_object); + if ((!rng) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + ret = FreeRng_fips(rng); + + LogStr("FreeRng_fips(rng=%p) = %d\n", rng, ret); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RNG_1GenerateBlock_1fips__Lcom_wolfssl_wolfcrypt_Rng_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject rng_object, jobject buf_buffer, + jlong bufSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) + + RNG* rng = NULL; + byte* buf = NULL; + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + buf = getDirectBufferAddress(env, buf_buffer); + + if (!rng || !buf) + return BAD_FUNC_ARG; + + ret = RNG_GenerateBlock_fips(rng, buf, bufSz); + + LogStr("RNG_GenerateBlock_fips(rng=%p, buf, bufSz) = %d\n", rng, ret); + LogStr("output[%u]: [%p]\n", (word32)bufSz, buf); + LogHex(buf, 0, bufSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RNG_1GenerateBlock_1fips__Lcom_wolfssl_wolfcrypt_Rng_2_3BJ( + JNIEnv* env, jclass class, jobject rng_object, jbyteArray buf_buffer, + jlong bufSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) + + RNG* rng = NULL; + byte* buf = NULL; + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + buf = getByteArray(env, buf_buffer); + + ret = (!rng || !buf) ? BAD_FUNC_ARG + : RNG_GenerateBlock_fips(rng, buf, bufSz); + + LogStr("RNG_GenerateBlock_fips(rng=%p, buf, bufSz) = %d\n", rng, ret); + LogStr("output[%u]: [%p]\n", (word32)bufSz, buf); + LogHex(buf, 0, bufSz); + + releaseByteArray(env, buf_buffer, buf, ret); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RNG_1HealthTest_1fips__ILjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jint reseed, jobject entropyA_object, + jlong entropyASz, jobject entropyB_object, jlong entropyBSz, + jobject output_object, jlong outputSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) + + const byte* entropyA = getDirectBufferAddress(env, entropyA_object); + const byte* entropyB = getDirectBufferAddress(env, entropyB_object); + byte* output = getDirectBufferAddress(env, output_object); + + if (!entropyA || (reseed && !entropyB) || !output) + return BAD_FUNC_ARG; + + ret = RNG_HealthTest_fips(reseed, entropyA, entropyASz, entropyB, + entropyBSz, output, outputSz); + + LogStr("RNG_HealthTest_fips(reseed=%d, entropyA, entropyASz, " + "entropyB, entropyBSz, output, outputSz) = %d\n", reseed, ret); + LogStr("entropyA[%u]: [%p]\n", (word32)entropyASz, entropyA); + LogHex((byte*) entropyA, 0, entropyASz); + LogStr("entropyB[%u]: [%p]\n", (word32)entropyBSz, entropyB); + LogHex((byte*) entropyB, 0, entropyBSz); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex(output, 0, outputSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RNG_1HealthTest_1fips__I_3BJ_3BJ_3BJ( + JNIEnv* env, jclass class, jint reseed, jbyteArray entropyA_object, + jlong entropyASz, jbyteArray entropyB_object, jlong entropyBSz, + jbyteArray output_object, jlong outputSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) + + const byte* entropyA = getByteArray(env, entropyA_object); + const byte* entropyB = getByteArray(env, entropyB_object); + byte* output = getByteArray(env, output_object); + + ret = (!entropyA || (reseed && !entropyB) || !output) + ? BAD_FUNC_ARG + : RNG_HealthTest_fips(reseed, entropyA, entropyASz, entropyB, + entropyBSz, output, outputSz); + + LogStr("RNG_HealthTest_fips(reseed=%d, entropyA, entropyASz, " + "entropyB, entropyBSz, output, outputSz) = %d\n", reseed, ret); + LogStr("entropyA[%u]: [%p]\n", (word32)entropyASz, entropyA); + LogHex((byte*) entropyA, 0, entropyASz); + LogStr("entropyB[%u]: [%p]\n", (word32)entropyBSz, entropyB); + LogHex((byte*) entropyB, 0, entropyBSz); + LogStr("output[%u]: [%p]\n", (word32)outputSz, output); + LogHex(output, 0, outputSz); + + releaseByteArray(env, entropyA_object, (byte*)entropyA, 1); + releaseByteArray(env, entropyB_object, (byte*)entropyB, 1); + releaseByteArray(env, output_object, output, ret); + +#endif + + return ret; +} + +/* + * wolfCrypt FIPS API - Digital signature Service + */ + +/* RSA */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitRsaKey_1fips( + JNIEnv* env, jclass class, jobject rsa_object, jobject heap_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + RsaKey* key = NULL; + void* heap = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + heap = getDirectBufferAddress(env, heap_object); + + ret = InitRsaKey_fips(key, heap); + + LogStr("InitRsaKey_fips(key=%p, heap=%p) = %d\n", key, heap, ret); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_FreeRsaKey_1fips( + JNIEnv* env, jclass class, jobject rsa_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + RsaKey* key = (RsaKey*) getNativeStruct(env, rsa_object); + + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + ret = FreeRsaKey_fips(key); + + LogStr("FreeRsaKey_fips(key=%p) = %d\n", key, ret); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaSSL_1Sign_1fips__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Rsa_2Lcom_wolfssl_wolfcrypt_Rng_2( + JNIEnv* env, jclass class, jobject in_object, jlong inLen, + jobject out_object, jlong outLen, jobject rsa_object, jobject rng_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + byte* in = NULL; + byte* out = NULL; + RsaKey* key = NULL; + RNG* rng = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + rng = (RNG*) getNativeStruct(env, rsa_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + in = getDirectBufferAddress(env, in_object); + out = getDirectBufferAddress(env, out_object); + + /** + * Providing an rng is optional. RNG_GenerateBlock will return BAD_FUNC_ARG + * on a NULL rng if an RNG is needed by RsaPad. + */ + if (!in || !out) + return BAD_FUNC_ARG; + + ret = RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng); + + LogStr("RsaSSL_Sign_fips(in, inLen, out, outLen, key=%p, rng=%p) = %d\n", + key, rng, ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex((byte*) in, 0, inLen); + LogStr("out[%u]: [%p]\n", (word32)outLen, out); + LogHex((byte*) out, 0, outLen); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaSSL_1Sign_1fips___3BJ_3BJLcom_wolfssl_wolfcrypt_Rsa_2Lcom_wolfssl_wolfcrypt_Rng_2( + JNIEnv* env, jclass class, jbyteArray in_object, jlong inLen, + jbyteArray out_object, jlong outLen, jobject rsa_object, jobject rng_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + byte* in = NULL; + byte* out = NULL; + RsaKey* key = NULL; + RNG* rng = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + rng = (RNG*) getNativeStruct(env, rsa_object); + if ((*env)->ExceptionOccurred(env)) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + in = getByteArray(env, in_object); + out = getByteArray(env, out_object); + + /** + * Providing an rng is optional. RNG_GenerateBlock will return BAD_FUNC_ARG + * on a NULL rng if an RNG is needed by RsaPad. + */ + ret = (!in || !out) + ? BAD_FUNC_ARG + : RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng); + + LogStr("RsaSSL_Sign_fips(in, inLen, out, outLen, key=%p, rng=%p) = %d\n", + key, rng, ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex((byte*) in, 0, inLen); + LogStr("out[%u]: [%p]\n", (word32)outLen, out); + LogHex((byte*) out, 0, outLen); + + releaseByteArray(env, in_object, in, 1); + releaseByteArray(env, out_object, out, ret); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaSSL_1Verify_1fips__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Rsa_2( + JNIEnv* env, jclass class, jobject in_object, jlong inLen, + jobject out_object, jlong outLen, jobject rsa_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + byte* in = NULL; + byte* out = NULL; + RsaKey* key = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + in = getDirectBufferAddress(env, in_object); + out = getDirectBufferAddress(env, out_object); + + if (!in || !out) + return BAD_FUNC_ARG; + + ret = RsaSSL_Verify_fips(in, inLen, out, outLen, key); + + LogStr("RsaSSL_Verify_fips(in, inLen, out, outLen, key=%p) = %d\n", key, + ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex((byte*) in, 0, inLen); + LogStr("out[%u]: [%p]\n", (word32)outLen, out); + LogHex((byte*) out, 0, outLen); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaSSL_1Verify_1fips___3BJ_3BJLcom_wolfssl_wolfcrypt_Rsa_2( + JNIEnv* env, jclass class, jbyteArray in_object, jlong inLen, + jbyteArray out_object, jlong outLen, jobject rsa_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + byte* in = NULL; + byte* out = NULL; + RsaKey* key = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + in = getByteArray(env, in_object); + out = getByteArray(env, out_object); + + ret = (!in || !out) + ? BAD_FUNC_ARG + : RsaSSL_Verify_fips(in, inLen, out, outLen, key); + + LogStr("RsaSSL_Verify_fips(in, inLen, out, outLen, key=%p) = %d\n", key, + ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex((byte*) in, 0, inLen); + LogStr("out[%u]: [%p]\n", (word32)outLen, out); + LogHex((byte*) out, 0, outLen); + + releaseByteArray(env, in_object, in, 1); + releaseByteArray(env, out_object, out, ret < 0); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaEncryptSize_1fips( + JNIEnv* env, jclass class, jobject rsa_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + RsaKey* key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + ret = RsaEncryptSize_fips(key); + + LogStr("RsaEncryptSize_fips(key=%p) = %d\n", key, ret); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPrivateKeyDecode_1fips__Ljava_nio_ByteBuffer_2_3JLcom_wolfssl_wolfcrypt_Rsa_2J( + JNIEnv* env, jclass class, jobject input_object, jlongArray inOutIdx, + jobject rsa_object, jlong inSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + jlong tmpIdx; + byte* input = NULL; + RsaKey* key = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + input = getDirectBufferAddress(env, input_object); + if (!input) + return BAD_FUNC_ARG; + + (*env)->GetLongArrayRegion(env, inOutIdx, 0, 1, &tmpIdx); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + #if (HAVE_FIPS_VERSION >= 2) + ret = 0; RsaPrivateKeyDecode(input, (word32*) &tmpIdx, key, inSz); + #else + ret = 0; RsaPrivateKeyDecode_fips(input, (word32*) &tmpIdx, key, inSz); + #endif + + (*env)->SetLongArrayRegion(env, inOutIdx, 0, 1, &tmpIdx); + + LogStr("RsaPrivateKeyDecode_fips(input, inOutIdx, key=%p, inSz) = %d\n", + key, ret); + LogStr("input[%u]: [%p]\n", (word32)inSz, input); + LogHex((byte*) input, 0, inSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPrivateKeyDecode_1fips___3B_3JLcom_wolfssl_wolfcrypt_Rsa_2J( + JNIEnv* env, jclass class, jbyteArray input_object, jlongArray inOutIdx, + jobject rsa_object, jlong inSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + jlong tmpIdx; + byte* input = NULL; + RsaKey* key = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + /* prevent additional JNI calls with pending exception */ + return BAD_FUNC_ARG; + } + + input = getByteArray(env, input_object); + + (*env)->GetLongArrayRegion(env, inOutIdx, 0, 1, &tmpIdx); + if ((*env)->ExceptionOccurred(env)) { + releaseByteArray(env, input_object, input, 1); + return BAD_FUNC_ARG; + } + + #if (HAVE_FIPS_VERSION >= 2) + ret = (!input || !key) + ? BAD_FUNC_ARG + : RsaPrivateKeyDecode(input, (word32*) &tmpIdx, key, inSz); + #else + ret = (!input || !key) + ? BAD_FUNC_ARG + : RsaPrivateKeyDecode_fips(input, (word32*) &tmpIdx, key, inSz); + #endif + + (*env)->SetLongArrayRegion(env, inOutIdx, 0, 1, &tmpIdx); + + LogStr("RsaPrivateKeyDecode_fips(input, inOutIdx, key=%p, inSz) = %d\n", + key, ret); + LogStr("input[%u]: [%p]\n", (word32)inSz, input); + LogHex((byte*) input, 0, inSz); + + releaseByteArray(env, input_object, input, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPublicKeyDecode_1fips__Ljava_nio_ByteBuffer_2_3JLcom_wolfssl_wolfcrypt_Rsa_2J( + JNIEnv* env, jclass class, jobject input_object, jlongArray inOutIdx, + jobject rsa_object, jlong inSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + jlong tmpIdx; + byte* input = NULL; + RsaKey* key = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + input = getDirectBufferAddress(env, input_object); + if (!input) + return BAD_FUNC_ARG; + + (*env)->GetLongArrayRegion(env, inOutIdx, 0, 1, &tmpIdx); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + #if (HAVE_FIPS_VERSION >= 2) + ret = RsaPublicKeyDecode(input, (word32*) &tmpIdx, key, inSz); + #else + ret = RsaPublicKeyDecode_fips(input, (word32*) &tmpIdx, key, inSz); + #endif + + (*env)->SetLongArrayRegion(env, inOutIdx, 0, 1, &tmpIdx); + + LogStr("RsaPublicKeyDecode_fips(input, inOutIdx, key=%p, inSz) = %d\n", key, + ret); + LogStr("input[%u]: [%p]\n", (word32)inSz, input); + LogHex((byte*) input, 0, inSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPublicKeyDecode_1fips___3B_3JLcom_wolfssl_wolfcrypt_Rsa_2J( + JNIEnv* env, jclass class, jbyteArray input_object, jlongArray inOutIdx, + jobject rsa_object, jlong inSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + jlong tmpIdx; + byte* input = NULL; + RsaKey* key = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + input = getByteArray(env, input_object); + + (*env)->GetLongArrayRegion(env, inOutIdx, 0, 1, &tmpIdx); + if ((*env)->ExceptionOccurred(env)) { + releaseByteArray(env, input_object, input, 1); + return BAD_FUNC_ARG; + } + #if (HAVE_FIPS_VERSION >= 2) + ret = (!input) + ? BAD_FUNC_ARG + : RsaPublicKeyDecode(input, (word32*) &tmpIdx, key, inSz); + #else + ret = (!input) + ? BAD_FUNC_ARG + : RsaPublicKeyDecode_fips(input, (word32*) &tmpIdx, key, inSz); + #endif + + (*env)->SetLongArrayRegion(env, inOutIdx, 0, 1, &tmpIdx); + + LogStr("RsaPublicKeyDecode_fips(input, inOutIdx, key=%p, inSz) = %d\n", key, + ret); + LogStr("input[%u]: [%p]\n", (word32)inSz, input); + LogHex((byte*) input, 0, inSz); + + releaseByteArray(env, input_object, input, 1); + +#endif + + return ret; +} + +/* + * wolfCrypt FIPS API - Message digest Service + */ + +/* SHA */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitSha_1fips( + JNIEnv* env, jclass class, jobject sha_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA) + + Sha* sha = (Sha*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + ret = InitSha_fips(sha); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ShaUpdate_1fips__Lcom_wolfssl_wolfcrypt_Sha_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject sha_object, jobject data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA) + + Sha* sha = NULL; + byte* data = NULL; + + sha = (Sha*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getDirectBufferAddress(env, data_buffer); + if (!data) + return BAD_FUNC_ARG; + + ret = ShaUpdate_fips(sha, data, len); + + LogStr("ShaUpdate_fips(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ShaUpdate_1fips__Lcom_wolfssl_wolfcrypt_Sha_2_3BJ( + JNIEnv* env, jclass class, jobject sha_object, jbyteArray data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA) + + Sha* sha = NULL; + byte* data = NULL; + + sha = (Sha*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getByteArray(env, data_buffer); + + ret = (!data) ? BAD_FUNC_ARG + : ShaUpdate_fips(sha, data, len); + + LogStr("ShaUpdate_fips(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + + releaseByteArray(env, data_buffer, data, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ShaFinal_1fips__Lcom_wolfssl_wolfcrypt_Sha_2Ljava_nio_ByteBuffer_2( + JNIEnv* env, jclass class, jobject sha_object, jobject hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA) + + Sha* sha = NULL; + byte* hash = NULL; + + sha = (Sha*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getDirectBufferAddress(env, hash_buffer); + if (!hash) + return BAD_FUNC_ARG; + + ret = ShaFinal_fips(sha, hash); + + LogStr("ShaFinal_fips(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA_DIGEST_SIZE); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ShaFinal_1fips__Lcom_wolfssl_wolfcrypt_Sha_2_3B( + JNIEnv* env, jclass class, jobject sha_object, jbyteArray hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA) + + Sha* sha = NULL; + byte* hash = NULL; + + sha = (Sha*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getByteArray(env, hash_buffer); + + ret = (!hash) ? BAD_FUNC_ARG + : ShaFinal_fips(sha, hash); + + LogStr("ShaFinal_fips(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); + +#endif + + return ret; +} + +/* SHA256 */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitSha256_1fips( + JNIEnv* env, jclass class, jobject sha_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA256) + + Sha256* sha = (Sha256*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + ret = InitSha256_fips(sha); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha256Update_1fips__Lcom_wolfssl_wolfcrypt_Sha256_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject sha_object, jobject data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA256) + + Sha256* sha = NULL; + byte* data = NULL; + + sha = (Sha256*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getDirectBufferAddress(env, data_buffer); + if (!data) + return BAD_FUNC_ARG; + + ret = Sha256Update_fips(sha, data, len); + + LogStr("Sha256Update_fips(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha256Update_1fips__Lcom_wolfssl_wolfcrypt_Sha256_2_3BJ( + JNIEnv* env, jclass class, jobject sha_object, jbyteArray data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA256) + + Sha256* sha = NULL; + byte* data = NULL; + + sha = (Sha256*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getByteArray(env, data_buffer); + + ret = (!data) ? BAD_FUNC_ARG + : Sha256Update_fips(sha, data, len); + + LogStr("Sha256Update_fips(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + + releaseByteArray(env, data_buffer, data, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha256Final_1fips__Lcom_wolfssl_wolfcrypt_Sha256_2Ljava_nio_ByteBuffer_2( + JNIEnv* env, jclass class, jobject sha_object, jobject hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA256) + + Sha256* sha = NULL; + byte* hash = NULL; + + sha = (Sha256*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getDirectBufferAddress(env, hash_buffer); + if (!hash) + return BAD_FUNC_ARG; + + ret = Sha256Final_fips(sha, hash); + + LogStr("Sha256Final_fips(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA256_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA256_DIGEST_SIZE); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha256Final_1fips__Lcom_wolfssl_wolfcrypt_Sha256_2_3B( + JNIEnv* env, jclass class, jobject sha_object, jbyteArray hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_SHA256) + + Sha256* sha = NULL; + byte* hash = NULL; + + sha = (Sha256*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getByteArray(env, hash_buffer); + ret = (!hash) ? BAD_FUNC_ARG + : Sha256Final_fips(sha, hash); + + LogStr("Sha256Final_fips(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA256_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA256_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); + +#endif + + return ret; +} + +/* SHA384 */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitSha384_1fips( + JNIEnv* env, jclass class, jobject sha_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha384* sha = (Sha384*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + ret = InitSha384_fips(sha); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha384Update_1fips__Lcom_wolfssl_wolfcrypt_Sha384_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject sha_object, jobject data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha384* sha = NULL; + byte* data = NULL; + + sha = (Sha384*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getDirectBufferAddress(env, data_buffer); + if (!data) + return BAD_FUNC_ARG; + + ret = Sha384Update_fips(sha, data, len); + + LogStr("Sha384Update_fips(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha384Update_1fips__Lcom_wolfssl_wolfcrypt_Sha384_2_3BJ( + JNIEnv* env, jclass class, jobject sha_object, jbyteArray data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha384* sha = NULL; + byte* data = NULL; + + sha = (Sha384*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getByteArray(env, data_buffer); + ret = (!data) ? BAD_FUNC_ARG + : Sha384Update_fips(sha, data, len); + + LogStr("Sha384Update_fips(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + + releaseByteArray(env, data_buffer, data, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha384Final_1fips__Lcom_wolfssl_wolfcrypt_Sha384_2Ljava_nio_ByteBuffer_2( + JNIEnv* env, jclass class, jobject sha_object, jobject hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha384* sha = NULL; + byte* hash = NULL; + + sha = (Sha384*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getDirectBufferAddress(env, hash_buffer); + if (!hash) + return BAD_FUNC_ARG; + + ret = Sha384Final_fips(sha, hash); + + LogStr("Sha384Final_fips(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA384_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA384_DIGEST_SIZE); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha384Final_1fips__Lcom_wolfssl_wolfcrypt_Sha384_2_3B( + JNIEnv* env, jclass class, jobject sha_object, jbyteArray hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha384* sha = NULL; + byte* hash = NULL; + + sha = (Sha384*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getByteArray(env, hash_buffer); + ret = (!hash) ? BAD_FUNC_ARG + : Sha384Final_fips(sha, hash); + + LogStr("Sha384Final_fips(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA384_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA384_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); + +#endif + + return ret; +} + +/* SHA512 */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitSha512_1fips( + JNIEnv* env, jclass class, jobject sha_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha512* sha = (Sha512*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + ret = InitSha512_fips(sha); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha512Update_1fips__Lcom_wolfssl_wolfcrypt_Sha512_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject sha_object, jobject data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha512* sha = NULL; + byte* data = NULL; + + sha = (Sha512*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getDirectBufferAddress(env, data_buffer); + if (!data) + return BAD_FUNC_ARG; + + ret = Sha512Update_fips(sha, data, len); + + LogStr("Sha512Update_fips(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha512Update_1fips__Lcom_wolfssl_wolfcrypt_Sha512_2_3BJ( + JNIEnv* env, jclass class, jobject sha_object, jbyteArray data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha512* sha = NULL; + byte* data = NULL; + + sha = (Sha512*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getByteArray(env, data_buffer); + ret = (!data) ? BAD_FUNC_ARG + : Sha512Update_fips(sha, data, len); + + LogStr("Sha512Update_fips(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + + releaseByteArray(env, data_buffer, data, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha512Final_1fips__Lcom_wolfssl_wolfcrypt_Sha512_2Ljava_nio_ByteBuffer_2( + JNIEnv* env, jclass class, jobject sha_object, jobject hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha512* sha = NULL; + byte* hash = NULL; + + sha = (Sha512*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getDirectBufferAddress(env, hash_buffer); + if (!hash) + return BAD_FUNC_ARG; + + ret = Sha512Final_fips(sha, hash); + + LogStr("Sha512Final_fips(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA512_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA512_DIGEST_SIZE); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Sha512Final_1fips__Lcom_wolfssl_wolfcrypt_Sha512_2_3B( + JNIEnv* env, jclass class, jobject sha_object, jbyteArray hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(WOLFSSL_SHA512) + + Sha512* sha = NULL; + byte* hash = NULL; + + sha = (Sha512*) getNativeStruct(env, sha_object); + if ((!sha) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getByteArray(env, hash_buffer); + ret = (!hash) ? BAD_FUNC_ARG + : Sha512Final_fips(sha, hash); + + LogStr("Sha512Final_fips(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA512_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA512_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); + +#endif + + return ret; +} + +/* + * wolfCrypt FIPS API - Show status Service + */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_wolfCrypt_1GetStatus_1fips( + JNIEnv* env, jclass class) +{ +#ifdef HAVE_FIPS + return (jint) wolfCrypt_GetStatus_fips(); +#else + return NOT_COMPILED_IN; +#endif +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_wolfCrypt_1SetStatus_1fips( + JNIEnv* env, jclass class, jint status) +{ +#ifdef HAVE_FORCE_FIPS_FAILURE + return (jint) wolfCrypt_SetStatus_fips(status); +#else + return NOT_COMPILED_IN; +#endif +} + +/* + * ### FIPS Allowed Security Methods ########################################### + */ + +/* + * wolfCrypt FIPS API - Key transport Service + */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPublicEncrypt_1fips__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Rsa_2Lcom_wolfssl_wolfcrypt_Rng_2( + JNIEnv* env, jclass class, jobject in_object, jlong inLen, + jobject out_object, jlong outLen, jobject rsa_object, jobject rng_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + byte* in = NULL; + byte* out = NULL; + RsaKey* key = NULL; + RNG* rng = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + in = getDirectBufferAddress(env, in_object); + out = getDirectBufferAddress(env, out_object); + + /** + * Providing an rng is optional. RNG_GenerateBlock will return BAD_FUNC_ARG + * on a NULL rng if an RNG is needed by RsaPad. + */ + if (!in || !out) + return BAD_FUNC_ARG; + + ret = RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng); + + LogStr( + "RsaPublicEncrypt_fips(in, inLen, out, outLen, key=%p, rng=%p) = %d\n", + key, rng, ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex((byte*) in, 0, inLen); + LogStr("out[%u]: [%p]\n", (word32)outLen, out); + LogHex((byte*) out, 0, outLen); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPublicEncrypt_1fips___3BJ_3BJLcom_wolfssl_wolfcrypt_Rsa_2Lcom_wolfssl_wolfcrypt_Rng_2( + JNIEnv* env, jclass class, jbyteArray in_object, jlong inLen, + jbyteArray out_object, jlong outLen, jobject rsa_object, jobject rng_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + byte* in = NULL; + byte* out = NULL; + RsaKey* key = NULL; + RNG* rng = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + in = getByteArray(env, in_object); + out = getByteArray(env, out_object); + + /** + * Providing an rng is optional. RNG_GenerateBlock will return BAD_FUNC_ARG + * on a NULL rng if an RNG is needed by RsaPad. + */ + ret = (!in || !out) + ? BAD_FUNC_ARG + : RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng); + + LogStr( + "RsaPublicEncrypt_fips(in, inLen, out, outLen, key=%p, rng=%p) = %d\n", + key, rng, ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex((byte*) in, 0, inLen); + LogStr("out[%u]: [%p]\n", (word32)outLen, out); + LogHex((byte*) out, 0, outLen); + + releaseByteArray(env, in_object, in, 1); + releaseByteArray(env, out_object, out, ret < 0); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPrivateDecrypt_1fips__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Rsa_2( + JNIEnv* env, jclass class, jobject in_object, jlong inLen, + jobject out_object, jlong outLen, jobject rsa_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + byte* in = NULL; + byte* out = NULL; + RsaKey* key = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + in = getDirectBufferAddress(env, in_object); + out = getDirectBufferAddress(env, out_object); + + if (!in || !out) + return BAD_FUNC_ARG; + + ret = RsaPrivateDecrypt_fips(in, inLen, out, outLen, key); + + LogStr("RsaPrivateDecrypt_fips(in, inLen, out, outLen, key=%p) = %d\n", key, + ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex((byte*) in, 0, inLen); + LogStr("out[%u]: [%p]\n", (word32)outLen, out); + LogHex((byte*) out, 0, outLen); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_RsaPrivateDecrypt_1fips___3BJ_3BJLcom_wolfssl_wolfcrypt_Rsa_2( + JNIEnv* env, jclass class, jbyteArray in_object, jlong inLen, + jbyteArray out_object, jlong outLen, jobject rsa_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_RSA) + + byte* in = NULL; + byte* out = NULL; + RsaKey* key = NULL; + + key = (RsaKey*) getNativeStruct(env, rsa_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + in = getByteArray(env, in_object); + out = getByteArray(env, out_object); + + ret = (!in || !out) + ? BAD_FUNC_ARG + : RsaPrivateDecrypt_fips(in, inLen, out, outLen, key); + + LogStr("RsaPrivateDecrypt_fips(in, inLen, out, outLen, key=%p) = %d\n", key, + ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex((byte*) in, 0, inLen); + LogStr("out[%u]: [%p]\n", (word32)outLen, out); + LogHex((byte*) out, 0, outLen); + + releaseByteArray(env, in_object, in, 1); + releaseByteArray(env, out_object, out, ret < 0); + +#endif + + return ret; +} + +/* + * wolfCrypt FIPS API - Message digest MD5 Service + */ + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitMd5_1fips( + JNIEnv* env, jclass class, jobject md5_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_MD5) + + Md5* md5 = (Md5*) getNativeStruct(env, md5_object); + if ((!md5) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + InitMd5(md5); + ret = com_wolfssl_wolfcrypt_WolfCrypt_SUCCESS; + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Md5Update__Lcom_wolfssl_wolfcrypt_Md5_2Ljava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject md5_object, jobject data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_MD5) + + Md5* md5 = NULL; + byte* data = NULL; + + md5 = (Md5*) getNativeStruct(env, md5_object); + if ((!md5) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getDirectBufferAddress(env, data_buffer); + if (!data) + return BAD_FUNC_ARG; + + Md5Update(md5, data, len); + ret = com_wolfssl_wolfcrypt_WolfCrypt_SUCCESS; + + LogStr("Md5Update_fips(md5=%p, data, len) = %d\n", md5, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Md5Update__Lcom_wolfssl_wolfcrypt_Md5_2_3BJ( + JNIEnv* env, jclass class, jobject md5_object, jbyteArray data_buffer, + jlong len) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_MD5) + + Md5* md5 = NULL; + byte* data = NULL; + + md5 = (Md5*) getNativeStruct(env, md5_object); + if ((!md5) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + data = getByteArray(env, data_buffer); + if (!data) + ret = BAD_FUNC_ARG; + else { + Md5Update(md5, data, len); + ret = com_wolfssl_wolfcrypt_WolfCrypt_SUCCESS; + } + + LogStr("Md5Update_fips(md5=%p, data, len) = %d\n", md5, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + + releaseByteArray(env, data_buffer, data, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Md5Final__Lcom_wolfssl_wolfcrypt_Md5_2Ljava_nio_ByteBuffer_2( + JNIEnv* env, jclass class, jobject md5_object, jobject hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_MD5) + + Md5* md5 = NULL; + byte* hash = NULL; + + md5 = (Md5*) getNativeStruct(env, md5_object); + if ((!md5) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getDirectBufferAddress(env, hash_buffer); + if (!hash) + return BAD_FUNC_ARG; + + Md5Final(md5, hash); + ret = com_wolfssl_wolfcrypt_WolfCrypt_SUCCESS; + + LogStr("Md5Final_fips(md5=%p, hash) = %d\n", md5, ret); + LogStr("hash[%u]: [%p]\n", (word32)MD5_DIGEST_SIZE, hash); + LogHex(hash, 0, MD5_DIGEST_SIZE); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_Md5Final__Lcom_wolfssl_wolfcrypt_Md5_2_3B( + JNIEnv* env, jclass class, jobject md5_object, jbyteArray hash_buffer) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_MD5) + + Md5* md5 = NULL; + byte* hash = NULL; + + md5 = (Md5*) getNativeStruct(env, md5_object); + if ((!md5) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + hash = getByteArray(env, hash_buffer); + if (!hash) + ret = BAD_FUNC_ARG; + else { + Md5Final(md5, hash); + ret = com_wolfssl_wolfcrypt_WolfCrypt_SUCCESS; + } + + LogStr("Md5Final_fips(md5=%p, hash) = %d\n", md5, ret); + LogStr("hash[%u]: [%p]\n", (word32)MD5_DIGEST_SIZE, hash); + LogHex(hash, 0, MD5_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); + +#endif + + return ret; +} + +/* + * wolfCrypt FIPS API - Key agreement Service + */ + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Fips_InitDhKey( + JNIEnv* env, jclass class, jobject key_object) +{ +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return; + } + + InitDhKey(key); + +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Fips_FreeDhKey( + JNIEnv* env, jclass class, jobject key_object) +{ +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return; + } + + FreeDhKey(key); + +#endif +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhGenerateKeyPair__Lcom_wolfssl_wolfcrypt_Dh_2Lcom_wolfssl_wolfcrypt_Rng_2Ljava_nio_ByteBuffer_2_3JLjava_nio_ByteBuffer_2_3J( + JNIEnv* env, jclass class, jobject key_object, jobject rng_object, + jobject priv_buffer, jlongArray privSz, jobject pub_buffer, + jlongArray pubSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = NULL; + RNG* rng = NULL; + byte* priv = NULL; + byte* pub = NULL; + jlong tmpPrivSz, tmpPubSz; + + key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((!rng) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + priv = getDirectBufferAddress(env, priv_buffer); + pub = getDirectBufferAddress(env, pub_buffer); + + if (!priv || !pub) + return BAD_FUNC_ARG; + + (*env)->GetLongArrayRegion(env, privSz, 0, 1, &tmpPrivSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + (*env)->GetLongArrayRegion(env, pubSz, 0, 1, &tmpPubSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + ret = DhGenerateKeyPair(key, rng, priv, (word32*) &tmpPrivSz, + pub, (word32*) &tmpPubSz); + + (*env)->SetLongArrayRegion(env, privSz, 0, 1, &tmpPrivSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + (*env)->SetLongArrayRegion(env, pubSz, 0, 1, &tmpPubSz); + /* no more JNI calls, not checking for exception */ + + LogStr("DhGenerateKeyPair(key=%p, rng=%p, priv, privSz, pub, pubSz) = %d\n", + key, rng, ret); + LogStr("priv[%u]: [%p]\n", (word32)tmpPrivSz, priv); + LogHex(priv, 0, tmpPrivSz); + LogStr("pub[%u]: [%p]\n", (word32)tmpPubSz, pub); + LogHex(pub, 0, tmpPubSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhGenerateKeyPair__Lcom_wolfssl_wolfcrypt_Dh_2Lcom_wolfssl_wolfcrypt_Rng_2_3B_3J_3B_3J( + JNIEnv* env, jclass class, jobject key_object, jobject rng_object, + jbyteArray priv_buffer, jlongArray privSz, jbyteArray pub_buffer, + jlongArray pubSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = NULL; + RNG* rng = NULL; + byte* priv = NULL; + byte* pub = NULL; + jlong tmpPrivSz, tmpPubSz; + + key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((!rng) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + (*env)->GetLongArrayRegion(env, privSz, 0, 1, &tmpPrivSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + (*env)->GetLongArrayRegion(env, pubSz, 0, 1, &tmpPubSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + priv = getByteArray(env, priv_buffer); + pub = getByteArray(env, pub_buffer); + + ret = (!priv || !pub) + ? BAD_FUNC_ARG + : DhGenerateKeyPair(key, rng, priv, (word32*) &tmpPrivSz, + pub, (word32*) &tmpPubSz); + + (*env)->SetLongArrayRegion(env, privSz, 0, 1, &tmpPrivSz); + if ((*env)->ExceptionOccurred(env)) { + releaseByteArray(env, priv_buffer, priv, ret < 0); + releaseByteArray(env, pub_buffer, pub, ret < 0); + return BAD_FUNC_ARG; + } + + (*env)->SetLongArrayRegion(env, pubSz, 0, 1, &tmpPubSz); + + LogStr("DhGenerateKeyPair(key=%p, rng=%p, priv, privSz, pub, pubSz) = %d\n", + key, rng, ret); + LogStr("priv[%u]: [%p]\n", (word32)tmpPrivSz, priv); + LogHex(priv, 0, tmpPrivSz); + LogStr("pub[%u]: [%p]\n", (word32)tmpPubSz, pub); + LogHex(pub, 0, tmpPubSz); + + releaseByteArray(env, priv_buffer, priv, ret < 0); + releaseByteArray(env, pub_buffer, pub, ret < 0); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhAgree__Lcom_wolfssl_wolfcrypt_Dh_2Ljava_nio_ByteBuffer_2_3JLjava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject key_object, jobject agree_buffer, + jlongArray agreeSz, jobject priv_buffer, jlong privSz, jobject pub_buffer, + jlong pubSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = NULL; + byte* agree = NULL; + byte* priv = NULL; + byte* pub = NULL; + jlong tmpAgreeSz; + + key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + agree = getDirectBufferAddress(env, agree_buffer); + priv = getDirectBufferAddress(env, priv_buffer); + pub = getDirectBufferAddress(env, pub_buffer); + + if (!agree || !priv || !pub) + return BAD_FUNC_ARG; + + (*env)->GetLongArrayRegion(env, agreeSz, 0, 1, &tmpAgreeSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + ret = DhAgree(key, agree, (word32*) &tmpAgreeSz, priv, privSz, pub, pubSz); + + (*env)->SetLongArrayRegion(env, agreeSz, 0, 1, &tmpAgreeSz); + + LogStr("DhAgree(key=%p, agree, agreeSz, priv, privSz, pub, pubSz) = %d\n", + key, ret); + LogStr("agree[%u]: [%p]\n", (word32)tmpAgreeSz, agree); + LogHex(agree, 0, tmpAgreeSz); + LogStr("priv[%u]: [%p]\n", (word32)privSz, priv); + LogHex(priv, 0, privSz); + LogStr("pub[%u]: [%p]\n", (word32)pubSz, pub); + LogHex(pub, 0, pubSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhAgree__Lcom_wolfssl_wolfcrypt_Dh_2_3B_3J_3BJ_3BJ( + JNIEnv* env, jclass class, jobject key_object, jbyteArray agree_buffer, + jlongArray agreeSz, jbyteArray priv_buffer, jlong privSz, jbyteArray pub_buffer, + jlong pubSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = NULL; + byte* agree = NULL; + byte* priv = NULL; + byte* pub = NULL; + jlong tmpAgreeSz; + + key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + (*env)->GetLongArrayRegion(env, agreeSz, 0, 1, &tmpAgreeSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + agree = getByteArray(env, agree_buffer); + priv = getByteArray(env, priv_buffer); + pub = getByteArray(env, pub_buffer); + + ret = (!key || !agree || !priv || !pub) + ? BAD_FUNC_ARG + : DhAgree(key, agree, (word32*) &tmpAgreeSz, priv, privSz, pub, pubSz); + + (*env)->SetLongArrayRegion(env, agreeSz, 0, 1, &tmpAgreeSz); + + LogStr("DhAgree(key=%p, agree, agreeSz, priv, privSz, pub, pubSz) = %d\n", + key, ret); + LogStr("agree[%u]: [%p]\n", (word32)tmpAgreeSz, agree); + LogHex(agree, 0, tmpAgreeSz); + LogStr("priv[%u]: [%p]\n", (word32)privSz, priv); + LogHex(priv, 0, privSz); + LogStr("pub[%u]: [%p]\n", (word32)pubSz, pub); + LogHex(pub, 0, pubSz); + + releaseByteArray(env, agree_buffer, agree, ret < 0); + releaseByteArray(env, priv_buffer, priv, 1); + releaseByteArray(env, pub_buffer, pub, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhKeyDecode__Ljava_nio_ByteBuffer_2_3JLcom_wolfssl_wolfcrypt_Dh_2J( + JNIEnv* env, jclass class, jobject input_buffer, jlongArray inOutIdx, + jobject key_object, jlong inSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = NULL; + byte* input = NULL; + jlong tmpInOutIdx; + + key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + input = getDirectBufferAddress(env, input_buffer); + if (!input) + return BAD_FUNC_ARG; + + (*env)->GetLongArrayRegion(env, inOutIdx, 0, 1, &tmpInOutIdx); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + ret = DhKeyDecode(input, (word32*) &tmpInOutIdx, key, inSz); + + (*env)->SetLongArrayRegion(env, inOutIdx, 0, 1, &tmpInOutIdx); + + LogStr("DhKeyDecode(input, &inOutIdx, key=%p, inSz) = %d\n", key, ret); + LogStr("input[%u]: [%p]\n", (word32)inSz, input); + LogHex(input, 0, inSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhKeyDecode___3B_3JLcom_wolfssl_wolfcrypt_Dh_2J( + JNIEnv* env, jclass class, jbyteArray input_buffer, jlongArray inOutIdx, + jobject key_object, jlong inSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = NULL; + byte* input = NULL; + jlong tmpInOutIdx; + + key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + (*env)->GetLongArrayRegion(env, inOutIdx, 0, 1, &tmpInOutIdx); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + input = getByteArray(env, input_buffer); + ret = (!input) + ? BAD_FUNC_ARG + : DhKeyDecode(input, (word32*) &tmpInOutIdx, key, inSz); + + (*env)->SetLongArrayRegion(env, inOutIdx, 0, 1, &tmpInOutIdx); + + LogStr("DhKeyDecode(input, &inOutIdx, key=%p, inSz) = %d\n", key, ret); + LogStr("input[%u]: [%p]\n", (word32)inSz, input); + LogHex(input, 0, inSz); + + releaseByteArray(env, input_buffer, input, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhSetKey__Lcom_wolfssl_wolfcrypt_Dh_2Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J( + JNIEnv* env, jclass class, jobject key_object, jobject p_buffer, jlong pSz, + jobject g_buffer, jlong gSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = NULL; + byte* p = NULL; + byte* g = NULL; + + key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + p = getDirectBufferAddress(env, p_buffer); + g = getDirectBufferAddress(env, g_buffer); + + if (!p || !g) + return BAD_FUNC_ARG; + + ret = DhSetKey(key, p, pSz, g, gSz); + + LogStr("DhSetKey(key=%p, p, pSz, g, gSz) = %d\n", key, ret); + LogStr("p[%u]: [%p]\n", (word32)pSz, p); + LogHex(p, 0, pSz); + LogStr("g[%u]: [%p]\n", (word32)gSz, g); + LogHex(g, 0, gSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhSetKey__Lcom_wolfssl_wolfcrypt_Dh_2_3BJ_3BJ( + JNIEnv* env, jclass class, jobject key_object, jbyteArray p_buffer, jlong pSz, + jbyteArray g_buffer, jlong gSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + DhKey* key = NULL; + byte* p = NULL; + byte* g = NULL; + + key = (DhKey*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + p = getByteArray(env, p_buffer); + g = getByteArray(env, g_buffer); + + ret = (!p || !g) + ? BAD_FUNC_ARG + : DhSetKey(key, p, pSz, g, gSz); + + LogStr("DhSetKey(key=%p, p, pSz, g, gSz) = %d\n", key, ret); + LogStr("p[%u]: [%p]\n", (word32)pSz, p); + LogHex(p, 0, pSz); + LogStr("g[%u]: [%p]\n", (word32)gSz, g); + LogHex(g, 0, gSz); + + releaseByteArray(env, p_buffer, p, 1); + releaseByteArray(env, g_buffer, g, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhParamsLoad__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2_3JLjava_nio_ByteBuffer_2_3J( + JNIEnv* env, jclass class, jobject input_buffer, jlong inSz, + jobject p_buffer, jlongArray pInOutSz, jobject g_buffer, + jlongArray gInOutSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + byte* input = getDirectBufferAddress(env, input_buffer); + byte* p = getDirectBufferAddress(env, p_buffer); + byte* g = getDirectBufferAddress(env, g_buffer); + jlong tmpPInOutSz, tmpGInOutSz; + + if (!input || !p || !g) + return BAD_FUNC_ARG; + + (*env)->GetLongArrayRegion(env, pInOutSz, 0, 1, &tmpPInOutSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + (*env)->GetLongArrayRegion(env, gInOutSz, 0, 1, &tmpGInOutSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + ret = DhParamsLoad(input, inSz, p, (word32*) &tmpPInOutSz, + g, (word32*) &tmpGInOutSz); + + (*env)->SetLongArrayRegion(env, pInOutSz, 0, 1, &tmpPInOutSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + (*env)->SetLongArrayRegion(env, gInOutSz, 0, 1, &tmpGInOutSz); + + LogStr("DhParamsLoad(input, inSz, p, &pInOutSz, g, &gInOutSz) = %d\n", ret); + LogStr("input[%u]: [%p]\n", (word32)inSz, input); + LogHex(input, 0, inSz); + LogStr("p[%u]: [%p]\n", (word32)tmpPInOutSz, p); + LogHex(p, 0, tmpPInOutSz); + LogStr("g[%u]: [%p]\n", (word32)tmpGInOutSz, g); + LogHex(g, 0, tmpGInOutSz); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_DhParamsLoad___3BJ_3B_3J_3B_3J( + JNIEnv* env, jclass class, jbyteArray input_buffer, jlong inSz, + jbyteArray p_buffer, jlongArray pInOutSz, jbyteArray g_buffer, + jlongArray gInOutSz) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && !defined(NO_DH) + + byte* input = NULL; + byte* p = NULL; + byte* g = NULL; + jlong tmpPInOutSz, tmpGInOutSz; + + (*env)->GetLongArrayRegion(env, pInOutSz, 0, 1, &tmpPInOutSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + (*env)->GetLongArrayRegion(env, gInOutSz, 0, 1, &tmpGInOutSz); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + input = getByteArray(env, input_buffer); + p = getByteArray(env, p_buffer); + g = getByteArray(env, g_buffer); + + ret = (!input || !p || !g) + ? BAD_FUNC_ARG + : DhParamsLoad(input, inSz, p, (word32*) &tmpPInOutSz, + g, (word32*) &tmpGInOutSz); + + (*env)->SetLongArrayRegion(env, pInOutSz, 0, 1, &tmpPInOutSz); + if ((*env)->ExceptionOccurred(env)) { + releaseByteArray(env, input_buffer, input, 1); + releaseByteArray(env, p_buffer, p, 1); + releaseByteArray(env, g_buffer, g, 1); + return BAD_FUNC_ARG; + } + + (*env)->SetLongArrayRegion(env, gInOutSz, 0, 1, &tmpGInOutSz); + + LogStr("DhParamsLoad(input, inSz, p, &pInOutSz, g, &gInOutSz) = %d\n", ret); + LogStr("input[%u]: [%p]\n", (word32)inSz, input); + LogHex(input, 0, inSz); + LogStr("p[%u]: [%p]\n", (word32)tmpPInOutSz, p); + LogHex(p, 0, tmpPInOutSz); + LogStr("g[%u]: [%p]\n", (word32)tmpGInOutSz, g); + LogHex(g, 0, tmpGInOutSz); + + releaseByteArray(env, input_buffer, input, 1); + releaseByteArray(env, p_buffer, p, 1); + releaseByteArray(env, g_buffer, g, 1); + +#endif + + return ret; +} + +JNIEXPORT int JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1init( + JNIEnv *env, jclass class, jobject key_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_ECC) + + ecc_key* key = (ecc_key*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + ret = ecc_init(key); + + LogStr("ecc_init(key=%p) = %d\n", key, ret); + +#endif + + return ret; + +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1free( + JNIEnv *env, jclass class, jobject key_object) +{ +#if defined(HAVE_FIPS) && defined(HAVE_ECC) + + ecc_key* key = (ecc_key*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return; + } + + ecc_free(key); + + LogStr("ecc_free(key=%p)\n", key); + +#endif +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1make_1key( + JNIEnv* env, jclass class, jobject rng_object, jint keysize, + jobject key_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_ECC) + + ecc_key* key = NULL; + RNG* rng = NULL; + + key = (ecc_key*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((!rng) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + ret = ecc_make_key(rng, keysize, key); + + LogStr("ecc_make_key(rng=%p, keysize=%d, key=%p) = %d\n", rng, keysize, key, + ret); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1shared_1secret__Lcom_wolfssl_wolfcrypt_Ecc_2Lcom_wolfssl_wolfcrypt_Ecc_2Ljava_nio_ByteBuffer_2_3J( + JNIEnv* env, jclass class, jobject priv_object, jobject pub_object, + jobject out_buffer, jlongArray outlen) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_ECC) + + ecc_key* priv = NULL; + ecc_key* pub = NULL; + byte* out = NULL; + jlong tmpOutLen; + + priv = (ecc_key*) getNativeStruct(env, priv_object); + if ((!priv) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + pub = (ecc_key*) getNativeStruct(env, pub_object); + if ((!pub) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + out = getDirectBufferAddress(env, out_buffer); + if (!out) + return BAD_FUNC_ARG; + + (*env)->GetLongArrayRegion(env, outlen, 0, 1, &tmpOutLen); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + ret = ecc_shared_secret(priv, pub, out, (word32*) &tmpOutLen); + + (*env)->SetLongArrayRegion(env, outlen, 0, 1, &tmpOutLen); + + LogStr("ecc_shared_secret(priv=%p, pub=%p, out, outLen) = %d\n", priv, pub, + ret); + LogStr("out[%u]: [%p]\n", (word32)tmpOutLen, out); + LogHex(out, 0, tmpOutLen); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1shared_1secret__Lcom_wolfssl_wolfcrypt_Ecc_2Lcom_wolfssl_wolfcrypt_Ecc_2_3B_3J( + JNIEnv* env, jclass class, jobject priv_object, jobject pub_object, + jbyteArray out_buffer, jlongArray outlen) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_ECC) + + ecc_key* priv = NULL; + ecc_key* pub = NULL; + byte* out = NULL; + jlong tmpOutLen; + + priv = (ecc_key*) getNativeStruct(env, priv_object); + if ((!priv) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + pub = (ecc_key*) getNativeStruct(env, pub_object); + if ((!pub) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + LogStr("ecc_shared_secret(priv=%p, pub=%p, out, outLen) = %d\n", priv, pub, + ret); + + out = getByteArray(env, out_buffer); + if (!out) + ret = BAD_FUNC_ARG; + else { + (*env)->GetLongArrayRegion(env, outlen, 0, 1, &tmpOutLen); + if ((*env)->ExceptionOccurred(env)) { + releaseByteArray(env, out_buffer, out, 1); + return BAD_FUNC_ARG; + } + + ret = ecc_shared_secret(priv, pub, out, (word32*) &tmpOutLen); + + (*env)->SetLongArrayRegion(env, outlen, 0, 1, &tmpOutLen); + + LogStr("out[%u]: [%p]\n", (word32)tmpOutLen, out); + LogHex(out, 0, tmpOutLen); + } + + releaseByteArray(env, out_buffer, out, ret); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1import_1x963__Ljava_nio_ByteBuffer_2JLcom_wolfssl_wolfcrypt_Ecc_2( + JNIEnv* env, jclass class, jobject in_buffer, jlong inLen, + jobject key_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_ECC) + + ecc_key* key = NULL; + byte* in = NULL; + + key = (ecc_key*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + in = getDirectBufferAddress(env, in_buffer); + if (!in) + return BAD_FUNC_ARG; + + ret = ecc_import_x963(in, inLen, key); + + LogStr("ecc_import_x963(in, inLen, key=%p) = %d\n", key, ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex(in, 0, inLen); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1import_1x963___3BJLcom_wolfssl_wolfcrypt_Ecc_2( + JNIEnv* env, jclass class, jbyteArray in_buffer, jlong inLen, + jobject key_object) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_ECC) + + ecc_key* key = NULL; + byte* in = NULL; + + key = (ecc_key*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + in = getByteArray(env, in_buffer); + + ret = (!in) ? BAD_FUNC_ARG + : ecc_import_x963(in, inLen, key); + + LogStr("ecc_import_x963(in, inLen, key=%p) = %d\n", key, ret); + LogStr("in[%u]: [%p]\n", (word32)inLen, in); + LogHex(in, 0, inLen); + + releaseByteArray(env, in_buffer, in, 1); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1export_1x963__Lcom_wolfssl_wolfcrypt_Ecc_2Ljava_nio_ByteBuffer_2_3J( + JNIEnv* env, jclass class, jobject key_object, jobject out_buffer, + jlongArray outLen) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_ECC) + + ecc_key* key = NULL; + byte* out = NULL; + jlong tmpOutLen; + + key = (ecc_key*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + out = getDirectBufferAddress(env, out_buffer); + if (!out) + return BAD_FUNC_ARG; + + (*env)->GetLongArrayRegion(env, outLen, 0, 1, &tmpOutLen); + if ((*env)->ExceptionOccurred(env)) { + return BAD_FUNC_ARG; + } + + ret = ecc_export_x963(key, out, (word32*) &tmpOutLen); + + (*env)->SetLongArrayRegion(env, outLen, 0, 1, &tmpOutLen); + + LogStr("ecc_export_x963(key=%p, out, outLen) = %d\n", key, ret); + LogStr("out[%u]: [%p]\n", (word32)tmpOutLen, out); + LogHex(out, 0, tmpOutLen); + +#endif + + return ret; +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Fips_ecc_1export_1x963__Lcom_wolfssl_wolfcrypt_Ecc_2_3B_3J( + JNIEnv* env, jclass class, jobject key_object, jbyteArray out_buffer, + jlongArray outLen) +{ + jint ret = NOT_COMPILED_IN; + +#if defined(HAVE_FIPS) && defined(HAVE_ECC) + + ecc_key* key = NULL; + byte* out = NULL; + jlong tmpOutLen; + + key = (ecc_key*) getNativeStruct(env, key_object); + if ((!key) || ((*env)->ExceptionOccurred(env))) { + return BAD_FUNC_ARG; + } + + out = getByteArray(env, out_buffer); + + LogStr("ecc_export_x963(key=%p, out, outLen) = %d\n", key, ret); + + if (!out) { + ret = BAD_FUNC_ARG; + } else { + (*env)->GetLongArrayRegion(env, outLen, 0, 1, &tmpOutLen); + if ((*env)->ExceptionOccurred(env)) { + releaseByteArray(env, out_buffer, out, 1); + return BAD_FUNC_ARG; + } + + ret = ecc_export_x963(key, out, (word32*) &tmpOutLen); + + (*env)->SetLongArrayRegion(env, outLen, 0, 1, &tmpOutLen); + + LogStr("out[%u]: [%p]\n", (word32)tmpOutLen, out); + LogHex(out, 0, tmpOutLen); + } + + + releaseByteArray(env, out_buffer, out, ret); + +#endif + + return ret; +} + diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_hmac.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_hmac.c new file mode 100644 index 0000000..49c9de4 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_hmac.c @@ -0,0 +1,359 @@ +/* jni_hmac.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +#if (HAVE_FIPS_VERSION >= 2) + #define MAX_DIGEST_SIZE WC_MAX_DIGEST_SIZE +#endif + +/* copy from cyassl/hmac.c */ +static WC_INLINE int GetHashSizeByType(int type) +{ + if (!(type == WC_MD5 || type == WC_SHA || type == WC_SHA256 + || type == WC_SHA384 || type == WC_SHA512 || type == BLAKE2B_ID)) + return BAD_FUNC_ARG; + + switch (type) { + #ifndef NO_MD5 + case WC_MD5: + return MD5_DIGEST_SIZE; + break; + #endif + + #ifndef NO_SHA + case WC_SHA: + return SHA_DIGEST_SIZE; + break; + #endif + + #ifndef NO_SHA256 + case WC_SHA256: + return SHA256_DIGEST_SIZE; + break; + #endif + + #if defined(CYASSL_SHA384) || defined(WOLFSSL_SHA384) + case WC_SHA384: + return SHA384_DIGEST_SIZE; + break; + #endif + + #if defined(CYASSL_SHA512) || defined(WOLFSSL_SHA512) + case WC_SHA512: + return SHA512_DIGEST_SIZE; + break; + #endif + + #ifdef HAVE_BLAKE2 + case BLAKE2B_ID: + return BLAKE2B_OUTBYTES; + break; + #endif + + default: + return BAD_FUNC_ARG; + break; + } +} + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifndef NO_HMAC + ret = (jlong) XMALLOC(sizeof(Hmac), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Hmac object"); + + LogStr("new Hmac() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacSetKey( + JNIEnv* env, jobject this, jint type, jbyteArray key_object) +{ +#ifndef NO_HMAC + int ret = 0; + Hmac* hmac = NULL; + byte* key = NULL; + word32 keySz = 0; + + hmac = (Hmac*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + key = getByteArray(env, key_object); + keySz = getByteArrayLength(env, key_object); + + ret = (!hmac || !key) + ? BAD_FUNC_ARG + : wc_HmacSetKey(hmac, type, key, keySz); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("HmacInit(hmac=%p) = %d\n", hmac, ret); + + releaseByteArray(env, key_object, key, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacUpdate__B( + JNIEnv* env, jobject this, jbyte data) +{ +#ifndef NO_HMAC + int ret = 0; + Hmac* hmac = (Hmac*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!hmac) + ? BAD_FUNC_ARG + : wc_HmacUpdate(hmac, (const byte*)&data, 1); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_HmacUpdate(hmac=%p, data, 1) = %d\n", hmac, ret); + LogStr("data: %02x\n", data); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacUpdate___3BII( + JNIEnv* env, jobject this, jbyteArray data_object, jint offset, jint length) +{ +#ifndef NO_HMAC + int ret = 0; + Hmac* hmac = NULL; + byte* data = NULL; + + hmac = (Hmac*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getByteArray(env, data_object); + + ret = (!hmac || !data) + ? BAD_FUNC_ARG + : wc_HmacUpdate(hmac, data + offset, length); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_HmacUpdate(hmac=%p, data, length) = %d\n", hmac, ret); + LogStr("data[%u]: [%p]\n", (word32)length, data + offset); + LogHex((byte*) data, offset, length); + + releaseByteArray(env, data_object, data, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacUpdate__Ljava_nio_ByteBuffer_2II( + JNIEnv* env, jobject this, jobject data_object, jint offset, jint length) +{ +#ifndef NO_HMAC + int ret = 0; + Hmac* hmac = NULL; + byte* data = NULL; + + hmac = (Hmac*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getDirectBufferAddress(env, data_object); + + ret = (!hmac || !data) + ? BAD_FUNC_ARG + : wc_HmacUpdate(hmac, data + offset, length); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_HmacUpdate(hmac=%p, data, length) = %d\n", hmac, ret); + LogStr("data[%u]: [%p]\n", (word32)length, data + offset); + LogHex((byte*) data, offset, length); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacFinal( + JNIEnv* env, jobject this) +{ + jbyteArray result = NULL; + +#ifndef NO_HMAC + int ret = 0; + Hmac* hmac = NULL; + int hmacSz = 0; + byte tmp[MAX_DIGEST_SIZE]; + + hmac = (Hmac*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + hmacSz = GetHashSizeByType(hmac->macType); + + if (hmacSz < 0) { + throwWolfCryptExceptionFromError(env, ret); + return result; + } + + ret = (!hmac) + ? BAD_FUNC_ARG + : wc_HmacFinal(hmac, tmp); + + if (ret == 0) { + result = (*env)->NewByteArray(env, hmacSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, hmacSz, + (const jbyte*) tmp); + } else { + throwWolfCryptException(env, "Failed to allocate hmac"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_HmacFinal(hmac=%p, result) = %d\n", hmac, ret); + LogStr("result[%u]: [%p]\n", (word32)hmacSz, tmp); + LogHex(tmp, 0, hmacSz); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_wc_1HmacSizeByType( + JNIEnv* env, jobject this, jint type) +{ + jint result = 0; + +#ifndef NO_HMAC + int ret = GetHashSizeByType(type); + + if (ret < 0) + throwWolfCryptExceptionFromError(env, ret); + else + result = ret; + + LogStr("wc_HmacSizeByType(type=%d) = %d\n", type, ret); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_getCodeMd5( + JNIEnv* env, jobject this) +{ + jint result = WC_MD5; + LogStr("WC_MD5 = %d\n", result); + return result; +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_getCodeSha( + JNIEnv* env, jobject this) +{ + jint result = WC_SHA; + LogStr("WC_SHA = %d\n", result); + return result; +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_getCodeSha256( + JNIEnv* env, jobject this) +{ + jint result = WC_SHA256; + LogStr("WC_SHA256 = %d\n", result); + return result; +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_getCodeSha384( + JNIEnv* env, jobject this) +{ + jint result = WC_SHA384; + LogStr("WC_SHA384 = %d\n", result); + return result; +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_getCodeSha512( + JNIEnv* env, jobject this) +{ + jint result = WC_SHA512; + LogStr("WC_SHA512 = %d\n", result); + return result; +} + +JNIEXPORT jint JNICALL +Java_com_wolfssl_wolfcrypt_Hmac_getCodeBlake2b( + JNIEnv* env, jobject this) +{ + jint result = BLAKE2B_ID; + LogStr("BLAKE2B_ID = %d", result); + return result; +} diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_logging.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_logging.c new file mode 100644 index 0000000..b8d729a --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_logging.c @@ -0,0 +1,42 @@ +/* jni_logging.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include + +#include + +int wolfSSL_Debugging_ON(void); +void wolfSSL_Debugging_OFF(void); + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Logging_wolfSSL_1Debugging_1ON + (JNIEnv* env, jclass class) +{ + return wolfSSL_Debugging_ON(); +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Logging_wolfSSL_1Debugging_1OFF + (JNIEnv* env, jclass class) +{ + wolfSSL_Debugging_OFF(); +} diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_md5.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_md5.c new file mode 100644 index 0000000..3de42a1 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_md5.c @@ -0,0 +1,201 @@ +/* jni_md5.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include +#include + +#include +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Md5_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifndef NO_MD5 + ret = (jlong) XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Md5 object"); + + LogStr("new Md5() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Md5_native_1init( + JNIEnv* env, jobject this) +{ +#ifndef NO_MD5 + Md5* md5 = (Md5*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + if (!md5) { + throwWolfCryptExceptionFromError(env, BAD_FUNC_ARG); + } else { + wc_InitMd5(md5); + } +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Md5_native_1update__Ljava_nio_ByteBuffer_2II( + JNIEnv* env, jobject this, jobject data_buffer, jint position, jint len) +{ +#ifndef NO_MD5 + Md5* md5 = NULL; + byte* data = NULL; + + md5 = (Md5*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getDirectBufferAddress(env, data_buffer); + + if (!md5 || !data) { + throwWolfCryptExceptionFromError(env, BAD_FUNC_ARG); + } else { + wc_Md5Update(md5, data + position, len); + } + + LogStr("wc_Md5Update(md5=%p, data, len)\n", md5); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Md5_native_1update___3BII( + JNIEnv* env, jobject this, jbyteArray data_buffer, jint offset, jint len) +{ +#ifndef NO_MD5 + Md5* md5 = NULL; + byte* data = NULL; + jsize bufSz = (*env)->GetArrayLength(env, data_buffer); + + md5 = (Md5*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getByteArray(env, data_buffer); + + if (!md5 || !data || (offset > bufSz)) { + throwWolfCryptExceptionFromError(env, BAD_FUNC_ARG); + } else { + wc_Md5Update(md5, data + offset, len); + } + + LogStr("wc_Md5Update(md5=%p, data, len)\n", md5); + LogStr("data[%u]: [%p]\n", (word32)len, data + offset); + LogHex(data, offset, len); + + releaseByteArray(env, data_buffer, data, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Md5_native_1final__Ljava_nio_ByteBuffer_2I( + JNIEnv* env, jobject this, jobject hash_buffer, jint position) +{ +#ifndef NO_MD5 + Md5* md5 = NULL; + byte* hash = NULL; + + md5 = (Md5*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getDirectBufferAddress(env, hash_buffer); + + if (!md5 || !hash) { + throwWolfCryptExceptionFromError(env, BAD_FUNC_ARG); + } else { + wc_Md5Final(md5, hash + position); + } + + LogStr("wc_Md5Final(md5=%p, hash)\n", md5); + LogStr("hash[%u]: [%p]\n", (word32)MD5_DIGEST_SIZE, hash); + LogHex(hash, 0, MD5_DIGEST_SIZE); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Md5_native_1final___3B( + JNIEnv* env, jobject this, jbyteArray hash_buffer) +{ +#ifndef NO_MD5 + Md5* md5 = NULL; + byte* hash = NULL; + + md5 = (Md5*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getByteArray(env, hash_buffer); + + if (!md5 || !hash) { + throwWolfCryptExceptionFromError(env, BAD_FUNC_ARG); + } else { + wc_Md5Final(md5, hash); + } + + LogStr("wc_Md5Final(md5=%p, hash)\n", md5); + LogStr("hash[%u]: [%p]\n", (word32)MD5_DIGEST_SIZE, hash); + LogHex(hash, 0, MD5_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, 0); +#else + throwNotCompiledInException(env); +#endif +} + diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_native_struct.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_native_struct.c new file mode 100644 index 0000000..3fc0713 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_native_struct.c @@ -0,0 +1,157 @@ +/* jni_native_struct.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +#pragma GCC diagnostic ignored "-Wint-to-pointer-cast" + +JavaVM* g_vm = NULL; + +/* called when native library is loaded */ +jint JNI_OnLoad(JavaVM* vm, void* reserved) +{ + /* store JavaVM */ + g_vm = vm; + return JNI_VERSION_1_6; +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_NativeStruct_xfree( + JNIEnv* env, jobject this, jlong ptr) +{ + LogStr("Freeing (%p)\n", (void*)ptr); + + XFREE((void*)ptr, NULL, DYNAMIC_TYPE_TMP_BUFFER); +} + +/* + * Utilitary functions + */ +void* getNativeStruct(JNIEnv* env, jobject this) +{ + jclass class; + jfieldID field; + jlong nativeStruct = 0; + + if (this) { + class = (*env)->GetObjectClass(env, this); + field = (*env)->GetFieldID(env, class, "pointer", "J"); + + /* GetFieldID may throw exception */ + if ((*env)->ExceptionOccurred(env)) { + (*env)->ExceptionDescribe(env); + (*env)->ExceptionClear(env); + + } else { + nativeStruct = (*env)->GetLongField(env, this, field); + } + + if (!nativeStruct) + throwWolfCryptException(env, "Failed to retrieve native struct"); + + return (void*) nativeStruct; + } + + return NULL; +} + +void setByteArrayMember( + JNIEnv* env, jobject this, const char* name, jbyteArray value) +{ + jclass class; + jfieldID field; + + class = (*env)->GetObjectClass(env, this); + field = (*env)->GetFieldID(env, class, name, "[B"); + + /* GetFieldID may throw an exception */ + if ((*env)->ExceptionOccurred(env)) { + return; + } + + (*env)->SetObjectField(env, this, field, (jobject)value); +} + +byte* getDirectBufferAddress(JNIEnv* env, jobject buffer) +{ + return buffer ? (*env)->GetDirectBufferAddress(env, buffer) : NULL; +} + +word32 getDirectBufferLimit(JNIEnv* env, jobject buffer) +{ + jclass class; + jmethodID method; + + class = (*env)->GetObjectClass(env, buffer); + method = (*env)->GetMethodID(env, class, "limit", "()I"); + + /* GetMethodID may throw an exception */ + if ((*env)->ExceptionOccurred(env)) { + (*env)->ExceptionDescribe(env); + (*env)->ExceptionClear(env); + return 0; + } + + return (word32) (*env)->CallIntMethod(env, buffer, method); +} + +void setDirectBufferLimit(JNIEnv* env, jobject buffer, jint limit) +{ + jclass class; + jmethodID method; + + class = (*env)->GetObjectClass(env, buffer); + method = (*env)->GetMethodID(env, class, "limit", "(I)Ljava/nio/Buffer;"); + + /* GetMethodID may throw an exception */ + if ((*env)->ExceptionOccurred(env)) { + return; + } + + /* may throw exception */ + (*env)->CallObjectMethod(env, buffer, method, limit); +} + +byte* getByteArray(JNIEnv* env, jbyteArray array) +{ + return array ? (byte*)(*env)->GetByteArrayElements(env, array, NULL) : NULL; +} + +void releaseByteArray(JNIEnv* env, jbyteArray array, byte* elements, jint abort) +{ + if (elements) + (*env)->ReleaseByteArrayElements(env, array, (jbyte*) elements, + abort ? JNI_ABORT : 0); +} + +word32 getByteArrayLength(JNIEnv* env, jbyteArray array) +{ + return array ? (*env)->GetArrayLength(env, array) : 0; +} diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_rng.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_rng.c new file mode 100644 index 0000000..fdf0f7e --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_rng.c @@ -0,0 +1,169 @@ +/* jni_rng.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include +#include + +#include +#include +#include + + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Rng_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifndef WC_NO_RNG + ret = (jlong) XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Rng object"); + + LogStr("new Rng() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rng_initRng( + JNIEnv* env, jobject this) +{ +#ifndef WC_NO_RNG + int ret = 0; + RNG* rng = (RNG*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!rng) + ? BAD_FUNC_ARG + : wc_InitRng(rng); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_InitRng(rng=%p) = %d\n", rng, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rng_freeRng( + JNIEnv* env, jobject this) +{ +#ifndef WC_NO_RNG + int ret = 0; + RNG* rng = (RNG*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!rng) + ? BAD_FUNC_ARG + : wc_FreeRng(rng); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_FreeRng(rng=%p) = %d\n", rng, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rng_rngGenerateBlock__Ljava_nio_ByteBuffer_2II( + JNIEnv* env, jobject this, jobject buffer_buffer, jint position, jint size) +{ +#ifndef WC_NO_RNG + int ret = 0; + RNG* rng = NULL; + byte* buffer = NULL; + + rng = (RNG*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + buffer = getDirectBufferAddress(env, buffer_buffer); + + ret = (!rng || !buffer) + ? BAD_FUNC_ARG + : wc_RNG_GenerateBlock(rng, buffer + position, size); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_RNG_GenerateBlock(rng=%p, buffer, size) = %d\n", rng, ret); + LogStr("output[%u]: [%p]\n", (word32)size, buffer); + LogHex(buf, 0, size); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rng_rngGenerateBlock___3BII( + JNIEnv* env, jobject this, jbyteArray buffer_buffer, jint offset, + jint length) +{ +#ifndef WC_NO_RNG + int ret = 0; + RNG* rng = NULL; + byte* buffer = NULL; + + rng = (RNG*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + buffer = getByteArray(env, buffer_buffer); + + ret = (!rng || !buffer) + ? BAD_FUNC_ARG + : wc_RNG_GenerateBlock(rng, buffer + offset, length); + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_RNG_GenerateBlock(rng=%p, buffer, length) = %d\n", rng, ret); + LogStr("output[%u]: [%p]\n", (word32)length, buf); + LogHex(buffer, 0, length); + + releaseByteArray(env, buffer_buffer, buffer, ret); +#else + throwNotCompiledInException(env); +#endif +} + diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_rsa.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_rsa.c new file mode 100644 index 0000000..f918152 --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_rsa.c @@ -0,0 +1,784 @@ +/* jni_rsa.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include +#include +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifndef NO_RSA + ret = (jlong) XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Rsa object"); + + LogStr("new Rsa() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_MakeRsaKey( + JNIEnv *env, jobject this, jint size, jlong e, jobject rng_object) +{ +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) + int ret = 0; + RsaKey* key = NULL; + RNG* rng = NULL; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!key || !rng) + ? BAD_FUNC_ARG + : wc_MakeRsaKey(key, size, e, rng); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("MakeRsaKey(%d, %lu) = %d\n", size, e, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPublicKeyDecodeRaw__Ljava_nio_ByteBuffer_2JLjava_nio_ByteBuffer_2J( + JNIEnv* env, jobject this, jobject n_object, jlong nSize, jobject e_object, + jlong eSize) +{ +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + byte* n = NULL; + byte* e = NULL; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + n = getDirectBufferAddress(env, n_object); + e = getDirectBufferAddress(env, e_object); + + ret = (!key || !n || !e) + ? BAD_FUNC_ARG + : wc_RsaPublicKeyDecodeRaw(n, nSize, e, eSize, key); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_RsaPublicKeyDecodeRaw(n, nSz, e, eSz) = %d\n", ret); + LogStr("n[%u]: [%p]\n", (word32)nSize, n); + LogHex((byte*) n, 0, nSize); + LogStr("e[%u]: [%p]\n", (word32)eSize, e); + LogHex((byte*) e, 0, eSize); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPublicKeyDecodeRaw___3BJ_3BJ( + JNIEnv* env, jobject this, jbyteArray n_object, jlong nSize, + jbyteArray e_object, jlong eSize) +{ +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + byte* n = NULL; + byte* e = NULL; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + n = getByteArray(env, n_object); + e = getByteArray(env, e_object); + + ret = (!key || !n || !e) + ? BAD_FUNC_ARG + : wc_RsaPublicKeyDecodeRaw(n, nSize, e, eSize, key); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_RsaPublicKeyDecodeRaw(n, nSz, e, eSz) = %d\n", ret); + LogStr("n[%u]: [%p]\n", (word32)nSize, n); + LogHex((byte*) n, 0, nSize); + LogStr("e[%u]: [%p]\n", (word32)eSize, e); + LogHex((byte*) e, 0, eSize); + + releaseByteArray(env, n_object, n, JNI_ABORT); + releaseByteArray(env, e_object, e, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_RsaFlattenPublicKey__Ljava_nio_ByteBuffer_2Ljava_nio_ByteBuffer_2( + JNIEnv* env, jobject this, jobject n_object, jobject e_object) +{ +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + byte* n = NULL; + byte* e = NULL; + word32 nSize = 0, eSize = 0; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + n = getDirectBufferAddress(env, n_object); + e = getDirectBufferAddress(env, e_object); + nSize = n ? getDirectBufferLimit(env, n_object) : 0; + eSize = e ? getDirectBufferLimit(env, e_object) : 0; + + ret = (!key || !n || !e) + ? BAD_FUNC_ARG + : wc_RsaFlattenPublicKey(key, e, &eSize, n, &nSize); + + if (ret != 0) { + throwWolfCryptExceptionFromError(env, ret); + } else { + + setDirectBufferLimit(env, n_object, nSize); + if ((*env)->ExceptionOccurred(env)) { + return; + } + + setDirectBufferLimit(env, e_object, eSize); + if ((*env)->ExceptionOccurred(env)) { + return; + } + } + + LogStr("RsaFlattenPublicKey(key, e, eSz, n, nSz) = %d\n", ret); + LogStr("n[%u]: [%p]\n", (word32)nSize, n); + LogHex((byte*) n, 0, nSize); + LogStr("e[%u]: [%p]\n", (word32)eSize, e); + LogHex((byte*) e, 0, eSize); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_RsaFlattenPublicKey___3B_3J_3B_3J( + JNIEnv* env, jobject this, jbyteArray n_object, jlongArray nSize, + jbyteArray e_object, jlongArray eSize) +{ +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + byte* n = NULL; + byte* e = NULL; + jlong nSz; + jlong eSz; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + n = getByteArray(env, n_object); + e = getByteArray(env, e_object); + + (*env)->GetLongArrayRegion(env, nSize, 0, 1, &nSz); + if ((*env)->ExceptionOccurred(env)) { + return; + } + + (*env)->GetLongArrayRegion(env, eSize, 0, 1, &eSz); + if ((*env)->ExceptionOccurred(env)) { + releaseByteArray(env, n_object, n, ret); + return; + } + + ret = (!key || !n || !e) + ? BAD_FUNC_ARG + : wc_RsaFlattenPublicKey(key, e, (word32*) &eSz, n, (word32*) &nSz); + + if (ret != 0) { + throwWolfCryptExceptionFromError(env, ret); + } else { + + (*env)->SetLongArrayRegion(env, nSize, 0, 1, &nSz); + if ((*env)->ExceptionOccurred(env)) { + releaseByteArray(env, n_object, n, ret); + releaseByteArray(env, e_object, e, ret); + return; + } + + (*env)->SetLongArrayRegion(env, eSize, 0, 1, &eSz); + if ((*env)->ExceptionOccurred(env)) { + releaseByteArray(env, n_object, n, ret); + releaseByteArray(env, e_object, e, ret); + return; + } + } + + LogStr("RsaFlattenPublicKey(key, e, eSz, n, nSz) = %d\n", ret); + LogStr("n[%u]: [%p]\n", (word32)nSz, n); + LogHex((byte*) n, 0, nSz); + LogStr("e[%u]: [%p]\n", (word32)eSz, e); + LogHex((byte*) e, 0, eSz); + + releaseByteArray(env, n_object, n, ret); + releaseByteArray(env, e_object, e, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1InitRsaKey( + JNIEnv* env, jobject this) +{ +#ifndef NO_RSA + int ret = 0; + RsaKey* key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!key) + ? BAD_FUNC_ARG + : wc_InitRsaKey(key, NULL); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("RsaInitKey(key) = %d\n", ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1FreeRsaKey( + JNIEnv* env, jobject this) +{ +#ifndef NO_RSA + int ret = 0; + RsaKey* key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!key) + ? BAD_FUNC_ARG + : wc_FreeRsaKey(key); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_FreeRsaKey(key) = %d\n", ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jboolean JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaSetRNG( + JNIEnv* env, jobject this, jobject rng_object) +{ +#ifndef NO_RSA + +#ifdef WC_RSA_BLINDING + int ret = 0; + RsaKey* key = NULL; + RNG* rng = NULL; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return JNI_FALSE; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return JNI_FALSE; + } + + ret = (key == NULL) + ? BAD_FUNC_ARG + : wc_RsaSetRNG(key, rng); + + LogStr("wc_RsaSetRNG(key, rng) = %d\n", ret); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + else + return JNI_TRUE; +#endif + +#else + throwNotCompiledInException(env); +#endif + + return JNI_FALSE; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPrivateKeyDecode( + JNIEnv* env, jobject this, jbyteArray key_object) +{ +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + byte* k = NULL; + word32 kSz = 0, index = 0; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + k = getByteArray(env, key_object); + kSz = getByteArrayLength(env, key_object); + + ret = (!key || !k) + ? BAD_FUNC_ARG + : wc_RsaPrivateKeyDecode(k, &index, key, kSz); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_RsaPrivateKeyDecode(k, kSize, key) = %d\n", ret); + LogStr("key[%u]: [%p]\n", (word32)kSz, k); + LogHex((byte*) k, 0, kSz); + + releaseByteArray(env, key_object, k, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPrivateKeyDecodePKCS8 + (JNIEnv* env, jobject this, jbyteArray key_object) +{ +#ifndef NO_RSA + int ret = 0; + int length = 0; + RsaKey* key = NULL; + byte* k = NULL; + word32 kSz = 0, offset = 0; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + k = getByteArray(env, key_object); + kSz = getByteArrayLength(env, key_object); + + if (!key || !k) { + ret = BAD_FUNC_ARG; + } else { + // length = wc_GetPkcs8TraditionalOffset(k, &offset, kSz); + + ret = (length < 0) + ? length + : wc_RsaPrivateKeyDecode(k, &offset, key, kSz); + } + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_RsaPrivateKeyDecodePKCS8(k, kSize, key) = %d\n", ret); + LogStr("key[%u]: [%p]\n", (word32)kSz, k); + LogHex((byte*) k, 0, kSz); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPublicKeyDecode + (JNIEnv* env, jobject this, jbyteArray key_object) +{ +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + byte* k = NULL; + word32 kSz = 0, index = 0; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + k = getByteArray(env, key_object); + kSz = getByteArrayLength(env, key_object); + + ret = (!key || !k) + ? BAD_FUNC_ARG + : wc_RsaPublicKeyDecode(k, &index, key, kSz); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_RsaPublicKeyDecode(k, kSize, key) = %d\n", ret); + LogStr("key[%u]: [%p]\n", (word32)kSz, k); + LogHex((byte*) k, 0, kSz); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaEncryptSize + (JNIEnv* env, jobject this) +{ + jint ret = 0; + +#ifndef NO_RSA + RsaKey* key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return 0; + } + + ret = (!key) + ? BAD_FUNC_ARG + : wc_RsaEncryptSize(key); + + if (ret < 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_RsaEncryptSize(key=%p) = %d\n", key, ret); + +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPublicEncrypt( + JNIEnv* env, jobject this, jbyteArray plaintext_object, jobject rng_object) +{ + jbyteArray result = NULL; + +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + RNG* rng = NULL; + byte* plaintext = NULL; + byte* output = NULL; + word32 size = 0, outputSz = 0; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + plaintext = getByteArray(env, plaintext_object); + size = getByteArrayLength(env, plaintext_object); + outputSz = wc_RsaEncryptSize(key); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate ciphertext buffer"); + + releaseByteArray(env, plaintext_object, plaintext, JNI_ABORT); + + return result; + } + + ret = (!key || !rng || !plaintext) + ? BAD_FUNC_ARG + : wc_RsaPublicEncrypt(plaintext, size, output, outputSz, key, rng); + + if (ret >= 0) { + outputSz = ret; + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate ciphertext"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_RsaPublicEncrypt(in, inSz, out, outSz, key=, rng) = %d\n", ret); + LogStr("output[%u]: [%p]\n", outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + releaseByteArray(env, plaintext_object, plaintext, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaPrivateDecrypt( + JNIEnv* env, jobject this, jbyteArray ciphertext_object) +{ + jbyteArray result = NULL; + +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + byte* ciphertext = NULL; + byte* output = NULL; + word32 size = 0, outputSz = 0; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + ciphertext = getByteArray(env, ciphertext_object); + size = getByteArrayLength(env, ciphertext_object); + outputSz = wc_RsaEncryptSize(key); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate plaintext buffer"); + + releaseByteArray(env, ciphertext_object, ciphertext, JNI_ABORT); + + return result; + } + + ret = (!key || !ciphertext) + ? BAD_FUNC_ARG + : wc_RsaPrivateDecrypt(ciphertext, size, output, outputSz, key); + + if (ret >= 0) { + outputSz = ret; + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate plaintext"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_RsaPrivateDecrypt(in, inSz, out, outSz, key) = %d\n", ret); + LogStr("output[%u]: [%p]\n", outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + releaseByteArray(env, ciphertext_object, ciphertext, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaSSL_1Sign( + JNIEnv* env, jobject this, jbyteArray data_object, jobject rng_object) +{ + jbyteArray result = NULL; + +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + RNG* rng = NULL; + byte* data = NULL; + byte* output = NULL; + word32 size = 0, outputSz = 0; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + rng = (RNG*) getNativeStruct(env, rng_object); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + data = getByteArray(env, data_object); + size = getByteArrayLength(env, data_object); + outputSz = wc_RsaEncryptSize(key); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate signature buffer"); + + releaseByteArray(env, data_object, data, JNI_ABORT); + + return result; + } + + ret = (!key || !rng || !data) + ? BAD_FUNC_ARG + : wc_RsaSSL_Sign(data, size, output, outputSz, key, rng); + + if (ret >= 0) { + outputSz = ret; + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate signature"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_RsaSSL_Sign(in, inSz, out, outSz, key, rng) = %d\n", ret); + LogStr("output[%u]: [%p]\n", outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + releaseByteArray(env, data_object, data, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif + + return result; +} + +JNIEXPORT jbyteArray JNICALL +Java_com_wolfssl_wolfcrypt_Rsa_wc_1RsaSSL_1Verify( + JNIEnv* env, jobject this, jbyteArray signature_object) +{ + jbyteArray result = NULL; + +#ifndef NO_RSA + int ret = 0; + RsaKey* key = NULL; + byte* signature = NULL; + byte* output = NULL; + word32 size = 0, outputSz = 0; + + key = (RsaKey*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return NULL; + } + + signature = getByteArray(env, signature_object); + size = getByteArrayLength(env, signature_object); + outputSz = wc_RsaEncryptSize(key); + + output = XMALLOC(outputSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (output == NULL) { + throwOutOfMemoryException(env, "Failed to allocate verify buffer"); + + releaseByteArray(env, signature_object, signature, JNI_ABORT); + + return result; + } + + ret = (!key || !signature) + ? BAD_FUNC_ARG + : wc_RsaSSL_Verify(signature, size, output, outputSz, key); + + if (ret >= 0) { + outputSz = ret; + result = (*env)->NewByteArray(env, outputSz); + + if (result) { + (*env)->SetByteArrayRegion(env, result, 0, outputSz, + (const jbyte*) output); + } else { + throwWolfCryptException(env, "Failed to allocate verify"); + } + } else { + throwWolfCryptExceptionFromError(env, ret); + } + + LogStr("wc_RsaSSL_Verify(in, inSz, out, outSz, key) = %d\n", ret); + LogStr("output[%u]: [%p]\n", outputSz, output); + LogHex((byte*) output, 0, outputSz); + + XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + releaseByteArray(env, signature_object, signature, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif + + return result; +} diff --git a/ccc/src/main/cpp/wolfcrypt/jni/jni_sha.c b/ccc/src/main/cpp/wolfcrypt/jni/jni_sha.c new file mode 100644 index 0000000..91c329a --- /dev/null +++ b/ccc/src/main/cpp/wolfcrypt/jni/jni_sha.c @@ -0,0 +1,747 @@ +/* jni_sha.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef __ANDROID__ + #include +#endif +#include +#include +#include +#include + +#include +#include +#include + +/* #define WOLFCRYPT_JNI_DEBUG_ON */ +#include + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Sha_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifndef NO_SHA + ret = (jlong) XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Sha object"); + + LogStr("new Sha() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Sha256_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifndef NO_SHA256 + ret = (jlong) XMALLOC(sizeof(Sha256), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Sha256 object"); + + LogStr("new Sha256() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Sha384_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifdef WOLFSSL_SHA512 + ret = (jlong) XMALLOC(sizeof(Sha384), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Sha384 object"); + + LogStr("new Sha384() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT jlong JNICALL +Java_com_wolfssl_wolfcrypt_Sha512_mallocNativeStruct( + JNIEnv* env, jobject this) +{ + jlong ret = 0; + +#ifdef WOLFSSL_SHA512 + ret = (jlong) XMALLOC(sizeof(Sha512), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (!ret) + throwOutOfMemoryException(env, "Failed to allocate Sha512 object"); + + LogStr("new Sha512() = %p\n", (void*)ret); +#else + throwNotCompiledInException(env); +#endif + + return ret; +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha_native_1init( + JNIEnv* env, jobject this) +{ +#ifndef NO_SHA + int ret = 0; + Sha* sha = (Sha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!sha) + ? BAD_FUNC_ARG + : wc_InitSha(sha); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha_native_1update__Ljava_nio_ByteBuffer_2II( + JNIEnv* env, jobject this, jobject data_buffer, jint position, jint len) +{ +#ifndef NO_SHA + int ret = 0; + Sha* sha = NULL; + byte* data = NULL; + + sha = (Sha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getDirectBufferAddress(env, data_buffer); + + ret = (!sha || !data) + ? BAD_FUNC_ARG + : wc_ShaUpdate(sha, data + position, len); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ShaUpdate(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha_native_1update___3BII( + JNIEnv* env, jobject this, jbyteArray data_buffer, jint offset, jint len) +{ +#ifndef NO_SHA + int ret = 0; + Sha* sha = NULL; + byte* data = NULL; + word32 dataSz = 0; + + sha = (Sha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getByteArray(env, data_buffer); + dataSz = getByteArrayLength(env, data_buffer); + + ret = (!sha || !data || ((offset + len) > dataSz)) + ? BAD_FUNC_ARG + : wc_ShaUpdate(sha, data + offset, len); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ShaUpdate_fips(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + + releaseByteArray(env, data_buffer, data, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha_native_1final__Ljava_nio_ByteBuffer_2I( + JNIEnv* env, jobject this, jobject hash_buffer, jint position) +{ +#ifndef NO_SHA + int ret = 0; + Sha* sha = NULL; + byte* hash = NULL; + + sha = (Sha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getDirectBufferAddress(env, hash_buffer); + + ret = (!sha || !hash) + ? BAD_FUNC_ARG + : wc_ShaFinal(sha, hash + position); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ShaFinal(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA_DIGEST_SIZE); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha_native_1final___3B( + JNIEnv* env, jobject this, jbyteArray hash_buffer) +{ +#ifndef NO_SHA + int ret = 0; + Sha* sha = NULL; + byte* hash = NULL; + + sha = (Sha*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getByteArray(env, hash_buffer); + + ret = (!sha || !hash) + ? BAD_FUNC_ARG + : wc_ShaFinal(sha, hash); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_ShaFinal(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha256_native_1init( + JNIEnv* env, jobject this) +{ +#ifndef NO_SHA256 + int ret = 0; + Sha256* sha = (Sha256*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!sha) + ? BAD_FUNC_ARG + : wc_InitSha256(sha); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha256_native_1update__Ljava_nio_ByteBuffer_2II( + JNIEnv* env, jobject this, jobject data_buffer, jint position, jint len) +{ +#ifndef NO_SHA256 + int ret = 0; + Sha256* sha = NULL; + byte* data = NULL; + + sha = (Sha256*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getDirectBufferAddress(env, data_buffer); + + ret = (!sha || !data) + ? BAD_FUNC_ARG + : wc_Sha256Update(sha, data + position, len); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha256Update(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha256_native_1update___3BII( + JNIEnv* env, jobject this, jbyteArray data_buffer, jint offset, + jint len) +{ +#ifndef NO_SHA256 + int ret = 0; + Sha256* sha = NULL; + byte* data = NULL; + word32 dataSz = 0; + + sha = (Sha256*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getByteArray(env, data_buffer); + dataSz = getByteArrayLength(env, data_buffer); + + ret = (!sha || !data || ((offset + len) > dataSz)) + ? BAD_FUNC_ARG + : wc_Sha256Update(sha, data + offset, len); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha256Update(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); + + releaseByteArray(env, data_buffer, data, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha256_native_1final__Ljava_nio_ByteBuffer_2I( + JNIEnv* env, jobject this, jobject hash_buffer, jint position) +{ +#ifndef NO_SHA256 + int ret = 0; + Sha256* sha = NULL; + byte* hash = NULL; + + sha = (Sha256*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getDirectBufferAddress(env, hash_buffer); + + ret = (!sha || !hash) + ? BAD_FUNC_ARG + : wc_Sha256Final(sha, hash + position); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha256Final(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA256_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA256_DIGEST_SIZE); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha256_native_1final___3B( + JNIEnv* env, jobject this, jbyteArray hash_buffer) +{ +#ifndef NO_SHA256 + int ret = 0; + Sha256* sha = NULL; + byte* hash = NULL; + + sha = (Sha256*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getByteArray(env, hash_buffer); + + ret = (!sha || !hash) + ? BAD_FUNC_ARG + : wc_Sha256Final(sha, hash); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha256Final(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA256_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA256_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha384_native_1init( + JNIEnv* env, jobject this) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha384* sha = (Sha384*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!sha) + ? BAD_FUNC_ARG + : wc_InitSha384(sha); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha384_native_1update__Ljava_nio_ByteBuffer_2II( + JNIEnv* env, jobject this, jobject data_buffer, jint position, jint len) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha384* sha = NULL; + byte* data = NULL; + + sha = (Sha384*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getDirectBufferAddress(env, data_buffer); + + ret = (!sha || !data) + ? BAD_FUNC_ARG + : wc_Sha384Update(sha, data + position, len); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha384Update(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha384_native_1update___3BII( + JNIEnv* env, jobject this, jbyteArray data_buffer, jint offset, + jint len) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha384* sha = NULL; + byte* data = NULL; + word32 dataSz = 0; + + sha = (Sha384*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getByteArray(env, data_buffer); + dataSz = getByteArrayLength(env, data_buffer); + + ret = (!sha || !data || ((offset + len) > dataSz)) + ? BAD_FUNC_ARG + : wc_Sha384Update(sha, data + offset, len); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha384Update(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data + offset); + LogHex(data, offset, len); + + releaseByteArray(env, data_buffer, data, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha384_native_1final__Ljava_nio_ByteBuffer_2I( + JNIEnv* env, jobject this, jobject hash_buffer, jint position) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha384* sha = NULL; + byte* hash = NULL; + + sha = (Sha384*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getDirectBufferAddress(env, hash_buffer); + + ret = (!sha || !hash) + ? BAD_FUNC_ARG + : wc_Sha384Final(sha, hash + position); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha384Final(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA384_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA384_DIGEST_SIZE); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha384_native_1final___3B( + JNIEnv* env, jobject this, jbyteArray hash_buffer) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha384* sha = NULL; + byte* hash = NULL; + + sha = (Sha384*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getByteArray(env, hash_buffer); + + ret = (!sha || !hash) + ? BAD_FUNC_ARG + : wc_Sha384Final(sha, hash); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha384Final(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA384_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA384_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha512_native_1init( + JNIEnv* env, jobject this) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha512* sha = (Sha512*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + ret = (!sha) + ? BAD_FUNC_ARG + : wc_InitSha512(sha); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha512_native_1update__Ljava_nio_ByteBuffer_2II( + JNIEnv* env, jobject this, jobject data_buffer, jint position, jint len) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha512* sha = NULL; + byte* data = NULL; + + sha = (Sha512*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getDirectBufferAddress(env, data_buffer); + + ret = (!sha || !data) + ? BAD_FUNC_ARG + : wc_Sha512Update(sha, data + position, len); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha512Update(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data); + LogHex(data, 0, len); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha512_native_1update___3BII( + JNIEnv* env, jobject this, jbyteArray data_buffer, jint offset, + jint len) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha512* sha = NULL; + byte* data = NULL; + word32 dataSz = 0; + + sha = (Sha512*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + data = getByteArray(env, data_buffer); + dataSz = getByteArrayLength(env, data_buffer); + + ret = (!sha || !data || ((offset + len) > dataSz)) + ? BAD_FUNC_ARG + : wc_Sha512Update(sha, data + offset, len); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha512Update(sha=%p, data, len) = %d\n", sha, ret); + LogStr("data[%u]: [%p]\n", (word32)len, data + offset); + LogHex(data, offset, len); + + releaseByteArray(env, data_buffer, data, JNI_ABORT); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha512_native_1final__Ljava_nio_ByteBuffer_2I( + JNIEnv* env, jobject this, jobject hash_buffer, jint position) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha512* sha = NULL; + byte* hash = NULL; + + sha = (Sha512*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getDirectBufferAddress(env, hash_buffer); + + ret = (!sha || !hash) + ? BAD_FUNC_ARG + : wc_Sha512Final(sha, hash + position); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha512Final(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA512_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA512_DIGEST_SIZE); +#else + throwNotCompiledInException(env); +#endif +} + +JNIEXPORT void JNICALL +Java_com_wolfssl_wolfcrypt_Sha512_native_1final___3B( + JNIEnv* env, jobject this, jbyteArray hash_buffer) +{ +#ifdef WOLFSSL_SHA512 + int ret = 0; + Sha512* sha = NULL; + byte* hash = NULL; + + sha = (Sha512*) getNativeStruct(env, this); + if ((*env)->ExceptionOccurred(env)) { + /* getNativeStruct may throw exception, prevent throwing another */ + return; + } + + hash = getByteArray(env, hash_buffer); + + ret = (!sha || !hash) + ? BAD_FUNC_ARG + : wc_Sha512Final(sha, hash); + + if (ret != 0) + throwWolfCryptExceptionFromError(env, ret); + + LogStr("wc_Sha512Final(sha=%p, hash) = %d\n", sha, ret); + LogStr("hash[%u]: [%p]\n", (word32)SHA512_DIGEST_SIZE, hash); + LogHex(hash, 0, SHA512_DIGEST_SIZE); + + releaseByteArray(env, hash_buffer, hash, ret); +#else + throwNotCompiledInException(env); +#endif +} + diff --git a/ccc/src/main/java/com/wolfssl/wolfcrypt/Aes.java b/ccc/src/main/java/com/wolfssl/wolfcrypt/Aes.java new file mode 100644 index 0000000..8b07532 --- /dev/null +++ b/ccc/src/main/java/com/wolfssl/wolfcrypt/Aes.java @@ -0,0 +1,61 @@ +/* Aes.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Aes implementation. + * + * @author Moisés Guimarães + * @version 2.0, March 2017 + */ +public class Aes extends BlockCipher { + + public static final int KEY_SIZE_128 = 16; + public static final int KEY_SIZE_192 = 24; + public static final int KEY_SIZE_256 = 32; + public static final int BLOCK_SIZE = 16; + public static final int ENCRYPT_MODE = 0; + public static final int DECRYPT_MODE = 1; + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + + private int opmode; + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + protected native void native_set_key(byte[] key, byte[] iv, int opmode); + + protected native int native_update(int opmode, byte[] input, int offset, + int length, byte[] output, int outputOffset); + + protected native int native_update(int opmode, ByteBuffer input, + int offset, int length, ByteBuffer output, int outputOffset); + + public Aes() { + } + + public Aes(byte[] key, byte[] iv, int opmode) { + setKey(key, iv, opmode); + } +} \ No newline at end of file diff --git a/ccc/src/main/java/com/wolfssl/wolfcrypt/BlockCipher.java b/ccc/src/main/java/com/wolfssl/wolfcrypt/BlockCipher.java new file mode 100644 index 0000000..2171b8a --- /dev/null +++ b/ccc/src/main/java/com/wolfssl/wolfcrypt/BlockCipher.java @@ -0,0 +1,113 @@ +/* BlockCipher.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +import javax.crypto.ShortBufferException; + +/** + * Common API for block ciphers. + * + * @author Moisés Guimarães + * @version 1.0, March 2017 + */ +public abstract class BlockCipher extends NativeStruct { + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + + private int opmode; + + protected abstract void native_set_key(byte[] key, byte[] iv, int opmode); + + protected abstract int native_update(int opmode, byte[] input, int offset, + int length, byte[] output, int outputOffset); + + protected abstract int native_update(int opmode, ByteBuffer input, + int offset, int length, ByteBuffer output, int outputOffset); + + public void setKey(byte[] key, byte[] iv, int opmode) { + native_set_key(key, iv, opmode); + + this.opmode = opmode; + state = WolfCryptState.READY; + } + + public void willUseKey() { + if (state != WolfCryptState.READY) + throw new IllegalStateException( + "No available key to perform the opperation."); + } + + public byte[] update(byte[] input) { + return update(input, 0, input.length); + } + + public byte[] update(byte[] input, int offset, int length) { + willUseKey(); + + byte[] output = new byte[input.length]; + + native_update(opmode, input, offset, length, output, 0); + + return output; + } + + public int update(byte[] input, int offset, int length, byte[] output, + int outputOffset) throws ShortBufferException { + willUseKey(); + + if (outputOffset + length > output.length) + throw new ShortBufferException( + "output buffer is too small to hold the result."); + + return native_update(opmode, input, offset, length, output, + outputOffset); + } + + public int update(ByteBuffer input, ByteBuffer output) + throws ShortBufferException { + willUseKey(); + + int ret = 0; + + if (output.remaining() < input.remaining()) + throw new ShortBufferException( + "output buffer is too small to hold the result."); + + ret = native_update(opmode, input, input.position(), input.remaining(), + output, output.position()); + + input.position(input.position() + ret); + output.position(output.position() + ret); + + return ret; + } + + @Override + public void releaseNativeStruct() { + + /* reset state first, then free */ + state = WolfCryptState.UNINITIALIZED; + setNativeStruct(NULL); + } +} diff --git a/ccc/src/main/java/com/wolfssl/wolfcrypt/Logging.java b/ccc/src/main/java/com/wolfssl/wolfcrypt/Logging.java new file mode 100644 index 0000000..78f9893 --- /dev/null +++ b/ccc/src/main/java/com/wolfssl/wolfcrypt/Logging.java @@ -0,0 +1,35 @@ +/* Logging.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +/** + * Wrapper for the native WolfCrypt Logging implementation. + * + * @author Moisés Guimarães + * @version 1.0, March 2016 + */ +public class Logging extends WolfObject { + + public static native int wolfSSL_Debugging_ON(); + public static native void wolfSSL_Debugging_OFF(); + +} diff --git a/ccc/src/main/java/com/wolfssl/wolfcrypt/NativeStruct.java b/ccc/src/main/java/com/wolfssl/wolfcrypt/NativeStruct.java new file mode 100644 index 0000000..1457d98 --- /dev/null +++ b/ccc/src/main/java/com/wolfssl/wolfcrypt/NativeStruct.java @@ -0,0 +1,74 @@ +/* NativeStruct.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +/** + * Wrapper for the native WolfCrypt structs. + * + * @author Moisés Guimarães + * @version 1.0, February 2015 + */ +public abstract class NativeStruct extends WolfObject { + + public static final long NULL = 0; + + protected NativeStruct() { + setNativeStruct(mallocNativeStruct()); + } + + /* points to the internal native structure */ + private long pointer; + + public long getNativeStruct() { + return this.pointer; + } + + protected void setNativeStruct(long nativeStruct) { + if (this.pointer != NULL) + xfree(this.pointer); + + this.pointer = nativeStruct; + } + + /** + * Releases the host data stored in a NativeStruct. + * + * This method provides a way to release host data without depending on the + * garbage collector to get around to releasing it. Derived objects whose + * native data structures have their own free functions, should be override + * this method to call that function. + */ + public void releaseNativeStruct() { + setNativeStruct(NULL); + } + + protected abstract long mallocNativeStruct() throws OutOfMemoryError; + + private native void xfree(long pointer); + + @Override + protected void finalize() throws Throwable { + releaseNativeStruct(); + + super.finalize(); + } +} diff --git a/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCrypt.java b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCrypt.java new file mode 100644 index 0000000..dc5e7ea --- /dev/null +++ b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCrypt.java @@ -0,0 +1,46 @@ +/* WolfCrypt.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +/** + * Main wrapper for the native WolfCrypt implementation. + * + * @author Moisés Guimarães + * @version 1.0, February 2015 + */ +public class WolfCrypt extends WolfObject { + + public static final int SUCCESS = 0; + public static final int FAILURE = -1; + + public static final int SIZE_OF_128_BITS = 16; + public static final int SIZE_OF_160_BITS = 20; + public static final int SIZE_OF_192_BITS = 24; + public static final int SIZE_OF_256_BITS = 32; + public static final int SIZE_OF_384_BITS = 48; + public static final int SIZE_OF_512_BITS = 64; + public static final int SIZE_OF_1024_BITS = 128; + public static final int SIZE_OF_2048_BITS = 256; + + private WolfCrypt() { + } +} diff --git a/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCryptError.java b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCryptError.java new file mode 100644 index 0000000..d68675e --- /dev/null +++ b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCryptError.java @@ -0,0 +1,242 @@ +/* WolfCryptError.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.util.*; + +public enum WolfCryptError { + + NO_ERROR_FOUND (-1), + + /* error codes match /wolfssl/wolfcrypt/error-crypt.h */ + MAX_CODE_E (-100), /* errors -101 - -299 */ + OPEN_RAN_E (-101), /* opening random device error */ + READ_RAN_E (-102), /* reading random device error */ + WINCRYPT_E (-103), /* windows crypt init error */ + CRYPTGEN_E (-104), /* windows crypt generation error */ + RAN_BLOCK_E (-105), /* reading random device would block */ + BAD_MUTEX_E (-106), /* Bad mutex operation */ + WC_TIMEOUT_E (-107), /* timeout error */ + WC_PENDING_E (-108), /* wolfCrypt operation pending (would block) */ + WC_NOT_PENDING_E (-109), /* wolfCrypt operation not pending */ + + MP_INIT_E (-110), /* mp_init error state */ + MP_READ_E (-111), /* mp_read error state */ + MP_EXPTMOD_E (-112), /* mp_exptmod error state */ + MP_TO_E (-113), /* mp_to_xxx error state, can't convert */ + MP_SUB_E (-114), /* mp_sub error state, can't subtract */ + MP_ADD_E (-115), /* mp_add error state, can't add */ + MP_MUL_E (-116), /* mp_mul error state, can't multiply */ + MP_MULMOD_E (-117), /* mp_mulmod error state, can't multiply mod */ + MP_MOD_E (-118), /* mp_mod error state, can't mod */ + MP_INVMOD_E (-119), /* mp_invmod error state, can't inv mod */ + MP_CMP_E (-120), /* mp_cmp error state */ + MP_ZERO_E (-121), /* got a mp zero result, not expected */ + + MEMORY_E (-125), /* out of memory error */ + VAR_STATE_CHANGE_E (-126), /* var state modified by different thread */ + + RSA_WRONG_TYPE_E (-130), /* RSA wrong block type for RSA function */ + RSA_BUFFER_E (-131), /* RSA buffer error, output too small or + input too large */ + BUFFER_E (-132), /* output buffer too small or input too large */ + ALGO_ID_E (-133), /* setting algo id error */ + PUBLIC_KEY_E (-134), /* setting public key error */ + DATE_E (-135), /* setting date validity error */ + SUBJECT_E (-136), /* setting subject name error */ + ISSUER_E (-137), /* setting issuer name error */ + CA_TRUE_E (-138), /* setting CA basic constraint true error */ + EXTENSIONS_E (-139), /* setting extensions error */ + + ASN_PARSE_E (-140), /* ASN parsing error, invalid input */ + ASN_VERSION_E (-141), /* ASN version error, invalid number */ + ASN_GETINT_E (-142), /* ASN get big int error, invalid data */ + ASN_RSA_KEY_E (-143), /* ASN key init error, invalid input */ + ASN_OBJECT_ID_E (-144), /* ASN object id error, invalid id */ + ASN_TAG_NULL_E (-145), /* ASN tag error, not null */ + ASN_EXPECT_0_E (-146), /* ASN expect error, not zero */ + ASN_BITSTR_E (-147), /* ASN bit string error, wrong id */ + ASN_UNKNOWN_OID_E (-148), /* ASN oid error, unknown sum id */ + ASN_DATE_SZ_E (-149), /* ASN date error, bad size */ + ASN_BEFORE_DATE_E (-150), /* ASN date error, current date before */ + ASN_AFTER_DATE_E (-151), /* ASN date error, current date after */ + ASN_SIG_OID_E (-152), /* ASN signature error, mismatched oid */ + ASN_TIME_E (-153), /* ASN time error, unknown time type */ + ASN_INPUT_E (-154), /* ASN input error, not enough data */ + ASN_SIG_CONFIRM_E (-155), /* ASN sig error, confirm failure */ + ASN_SIG_HASH_E (-156), /* ASN sig error, unsupported hash type */ + ASN_SIG_KEY_E (-157), /* ASN sig error, unsupported key type */ + ASN_DH_KEY_E (-158), /* ASN key init error, invalid input */ + ASN_NTRU_KEY_E (-159), /* ASN ntru key decode error, invalid input */ + ASN_CRIT_EXT_E (-160), /* ASN unsupported critical extension */ + ASN_ALT_NAME_E (-161), /* ASN alternate name error */ + ASN_NO_PEM_HEADER (-162), /* ASN no PEM header found */ + + ECC_BAD_ARG_E (-170), /* ECC input argument of wrong type */ + ASN_ECC_KEY_E (-171), /* ASN ECC bad input */ + ECC_CURVE_OID_E (-172), /* Unsupported ECC OID curve type */ + BAD_FUNC_ARG (-173), /* Bad function argument provided */ + NOT_COMPILED_IN (-174), /* Feature not compiled in */ + UNICODE_SIZE_E (-175), /* Unicode password too big */ + NO_PASSWORD (-176), /* no password provided by user */ + ALT_NAME_E (-177), /* alt name size problem, too big */ + BAD_OCSP_RESPONDER (-178), /* missing key usage extensions */ + + AES_GCM_AUTH_E (-180), /* AES-GCM Authentication check failure */ + AES_CCM_AUTH_E (-181), /* AES-CCM Authentication check failure */ + + ASYNC_INIT_E (-182), /* Async Init type error */ + + COMPRESS_INIT_E (-183), /* Compress init error */ + COMPRESS_E (-184), /* Compress error */ + DECOMPRESS_INIT_E (-185), /* DeCompress init error */ + DECOMPRESS_E (-186), /* DeCompress error */ + + BAD_ALIGN_E (-187), /* Bad alignment for operation, no alloc */ + ASN_NO_SIGNER_E (-188), /* ASN no signer to confirm failure */ + ASN_CRL_CONFIRM_E (-189), /* ASN CRL signature confirm failure */ + ASN_CRL_NO_SIGNER_E (-190), /* ASN CRL no signer to confirm failure */ + ASN_OCSP_CONFIRM_E (-191), /* ASN OCSP signature confirm failure */ + + BAD_STATE_E (-192), /* Bad state operation */ + BAD_PADDING_E (-193), /* Bad padding, msg not correct length */ + + REQ_ATTRIBUTE_E (-194), /* setting cert request attributes error */ + + PKCS7_OID_E (-195), /* PKCS#7, mismatched OID error */ + PKCS7_RECIP_E (-196), /* PKCS#7, recipient error */ + FIPS_NOT_ALLOWED_E (-197), /* FIPS not allowed error */ + ASN_NAME_INVALID_E (-198), /* ASN name constraint error */ + + RNG_FAILURE_E (-199), /* RNG Failed, Reinitialize */ + HMAC_MIN_KEYLEN_E (-200), /* FIPS Mode HMAC Minimum Key Length error */ + RSA_PAD_E (-201), /* RSA Padding Error */ + LENGTH_ONLY_E (-202), /* Returning output length only */ + + IN_CORE_FIPS_E (-203), /* In Core Integrity check failure */ + AES_KAT_FIPS_E (-204), /* AES KAT failure */ + DES3_KAT_FIPS_E (-205), /* DES3 KAT failure */ + HMAC_KAT_FIPS_E (-206), /* HMAC KAT failure */ + RSA_KAT_FIPS_E (-207), /* RSA KAT failure */ + DRBG_KAT_FIPS_E (-208), /* HASH DRBG KAT failure */ + DRBG_CONT_FIPS_E (-209), /* HASH DRBG Continuous test failure */ + AESGCM_KAT_FIPS_E (-210), /* AESGCM KAT failure */ + THREAD_STORE_KEY_E (-211), /* Thread local storage key create failure */ + THREAD_STORE_SET_E (-212), /* Thread local storage key set failure */ + + MAC_CMP_FAILED_E (-213), /* MAC comparison failed */ + IS_POINT_E (-214), /* ECC is point on curve failed */ + ECC_INF_E (-215), /* ECC point infinity error */ + ECC_PRIV_KEY_E (-216), /* ECC private key not valid error */ + ECC_OUT_OF_RANGE_E (-217), /* ECC key component out of range */ + + SRP_CALL_ORDER_E (-218), /* SRP function called in the wrong order. */ + SRP_VERIFY_E (-219), /* SRP proof verification failed. */ + SRP_BAD_KEY_E (-220), /* SRP bad ephemeral values. */ + + ASN_NO_SKID (-221), /* ASN no Subject Key Identifier found */ + ASN_NO_AKID (-222), /* ASN no Authority Key Identifier found */ + ASN_NO_KEYUSAGE (-223), /* ASN no Key Usage found */ + SKID_E (-224), /* setting Subject Key Identifier error */ + AKID_E (-225), /* setting Authority Key Identifier error */ + KEYUSAGE_E (-226), /* Bad Key Usage value */ + CERTPOLICIES_E (-227), /* setting Certificate Policies error */ + + WC_INIT_E (-228), /* wolfcrypt failed to initialize */ + SIG_VERIFY_E (-229), /* wolfcrypt signature verify error */ + BAD_COND_E (-230), /* Bad condition variable operation */ + SIG_TYPE_E (-231), /* Signature Type not enabled/available */ + HASH_TYPE_E (-232), /* Hash Type not enabled/available */ + + WC_KEY_SIZE_E (-234), /* Key size error, either too small or large */ + ASN_COUNTRY_SIZE_E (-235), /* ASN Cert Gen, invalid country code size */ + MISSING_RNG_E (-236), /* RNG required but not provided */ + ASN_PATHLEN_SIZE_E (-237), /* ASN CA path length too large error */ + ASN_PATHLEN_INV_E (-238), /* ASN CA path length inversion error */ + + BAD_KEYWRAP_ALG_E (-239), + BAD_KEYWRAP_IV_E (-240), /* Decrypted AES key wrap IV incorrect */ + WC_CLEANUP_E (-241), /* wolfcrypt cleanup failed */ + ECC_CDH_KAT_FIPS_E (-242), /* ECC CDH Known Answer Test failure */ + DH_CHECK_PUB_E (-243), /* DH Check Pub Key error */ + BAD_PATH_ERROR (-244), /* Bad path for opendir */ + + ASYNC_OP_E (-245), /* Async operation error */ + + ECC_PRIVATEONLY_E (-246), /* Invalid use of private only ECC key*/ + EXTKEYUSAGE_E (-247), /* Bad Extended Key Usage value */ + WC_HW_E (-248), /* Error with hardware crypto use */ + WC_HW_WAIT_E (-249), /* Hardware waiting on resource */ + + PSS_SALTLEN_E (-250), /* PSS length of salt is to long for hash */ + PRIME_GEN_E (-251), /* Failure finding a prime. */ + BER_INDEF_E (-252), /* Cannot decode indefinite length BER. */ + RSA_OUT_OF_RANGE_E (-253), /* Ciphertext to decrypt out of range. */ + RSAPSS_PAT_FIPS_E (-254), /* RSA-PSS PAT failure */ + ECDSA_PAT_FIPS_E (-255), /* ECDSA PAT failure */ + DH_KAT_FIPS_E (-256), /* DH KAT failure */ + + WC_LAST_E (-256), /* Update this to indicate last error */ + + MIN_CODE_E (-300); /* errors -101 - -299 */ + + private final int code; + + private static final Map intToErrMap = + new HashMap(); + + static { + for (WolfCryptError err : WolfCryptError.values()) { + intToErrMap.put(err.code, err); + } + } + + private WolfCryptError(int code) { + this.code = code; + } + + public int getCode() { + return this.code; + } + + public String getDescription() { + if (this == WolfCryptError.NO_ERROR_FOUND) + return "No error code found in JNI WolfCryptError enum"; + return wc_GetErrorString(this.code); + } + + public static WolfCryptError fromInt(int code) { + WolfCryptError err = intToErrMap.get(Integer.valueOf(code)); + + if (err == null) + return WolfCryptError.NO_ERROR_FOUND; + + return err; + } + + private static native String wc_GetErrorString(int error); + + @Override + public String toString() { + return "(" + code + ") " + this.getDescription(); + } +} diff --git a/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCryptException.java b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCryptException.java new file mode 100644 index 0000000..3c2f8d6 --- /dev/null +++ b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCryptException.java @@ -0,0 +1,65 @@ +/* WolfCryptException.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import com.wolfssl.wolfcrypt.WolfCryptError; + +/** + * WolfCrypt exceptions. + * + * @author Moisés Guimarães + * @version 1.0, February 2015 + */ +public class WolfCryptException extends RuntimeException { + + private static final long serialVersionUID = 142053665132156225L; + private WolfCryptError error; + private int code; + + public WolfCryptException(String reason) { + super(reason); + } + + public WolfCryptException(int code) { + super(WolfCryptError.fromInt(code).getDescription()); + + this.error = WolfCryptError.fromInt(code); + this.code = code; + } + + public WolfCryptException(String reason, Throwable cause) { + super(reason, cause); + } + + public WolfCryptException(Throwable cause) { + super(cause); + } + + public WolfCryptError getError() { + return this.error; + } + + public int getCode() { + return this.code; + } +} + diff --git a/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCryptState.java b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCryptState.java new file mode 100644 index 0000000..35dadc6 --- /dev/null +++ b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfCryptState.java @@ -0,0 +1,7 @@ +package com.wolfssl.wolfcrypt; + +public enum WolfCryptState { + UNINITIALIZED, + INITIALIZED, + READY; +} diff --git a/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfObject.java b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfObject.java new file mode 100644 index 0000000..87792a3 --- /dev/null +++ b/ccc/src/main/java/com/wolfssl/wolfcrypt/WolfObject.java @@ -0,0 +1,40 @@ +/* WolfObject.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +/** + * Loader for the native WolfCrypt implementation. + * All classes in this package must inherit from it. + * + * @author Moisés Guimarães + * @version 1.0, March 2015 + */ +public class WolfObject { + + static { + System.loadLibrary("wolfcrypt-jni"); + } + + protected WolfObject() { + } + +} diff --git a/ccc/src/main/java/io/malloc/ccc/CAES.java b/ccc/src/main/java/io/malloc/ccc/CAES.java new file mode 100644 index 0000000..5d3a9dd --- /dev/null +++ b/ccc/src/main/java/io/malloc/ccc/CAES.java @@ -0,0 +1,10 @@ +/* +AES : Copius S-Box Changes + +This class contains a wrapper around the AES mods, for example +the ability to perform n # of s-box iterations + +AES-512 possible? +AES-1024 possible?? + +*/ diff --git a/ccc/src/main/java/io/malloc/ccc/CopiusCipherChain.java b/ccc/src/main/java/io/malloc/ccc/CopiusCipherChain.java new file mode 100644 index 0000000..68d2ab9 --- /dev/null +++ b/ccc/src/main/java/io/malloc/ccc/CopiusCipherChain.java @@ -0,0 +1,10 @@ +// Copius Cipher Chain +// +// Features the ability to use a 6-digit PIN to corispond with a chain of cipher +// algorithms. +// +// 123456 == Blowfish, ChaCha, AES-128, RSA-2048, NTRU, AES-CCC +// +// Always wrap last with AES-CCC so that mass decryption isn't possible. +// We don't want the crypto to be detected or cracked auto-magically +// \ No newline at end of file diff --git a/ccc/src/main/java/io/malloc/ccc/jni/JniCAES.java b/ccc/src/main/java/io/malloc/ccc/jni/JniCAES.java new file mode 100644 index 0000000..cd6c6eb --- /dev/null +++ b/ccc/src/main/java/io/malloc/ccc/jni/JniCAES.java @@ -0,0 +1,5 @@ +/* + +Wrapper to make calls to the c-aes.c file. + + */ \ No newline at end of file diff --git a/ccc/src/main/res/values/strings.xml b/ccc/src/main/res/values/strings.xml new file mode 100644 index 0000000..a770ae2 --- /dev/null +++ b/ccc/src/main/res/values/strings.xml @@ -0,0 +1,3 @@ + + WolfSSL JNI Lib + diff --git a/ccc/src/test/java/com/wolfssl/wolfcrypt/test/AesTest.java.bak b/ccc/src/test/java/com/wolfssl/wolfcrypt/test/AesTest.java.bak new file mode 100644 index 0000000..e2742f9 --- /dev/null +++ b/ccc/src/test/java/com/wolfssl/wolfcrypt/test/AesTest.java.bak @@ -0,0 +1,421 @@ +/* AesTest.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt.test; + +import static org.junit.Assert.*; + +import java.nio.ByteBuffer; + +import javax.crypto.ShortBufferException; + +import org.junit.Assume; +import org.junit.BeforeClass; +import org.junit.Test; + +import com.wolfssl.wolfcrypt.Aes; +import com.wolfssl.wolfcrypt.NativeStruct; +import com.wolfssl.wolfcrypt.WolfCryptError; +import com.wolfssl.wolfcrypt.WolfCryptException; + +public class AesTest { + + private static final byte[] KEY = Util + .h2b("00112233445566778899AABBCCDDEEFF"); + private static final byte[] IV = Util + .h2b("000102030405060708090A0B0C0D0E0F"); + + @BeforeClass + public static void checkAvailability() { + try { + new Aes(); + } catch (WolfCryptException e) { + if (e.getError() == WolfCryptError.NOT_COMPILED_IN) + System.out.println("Aes test skipped: " + e.getError()); + Assume.assumeNoException(e); + } + } + + @Test + public void constructorShouldInitializeNativeStruct() { + assertNotEquals(NativeStruct.NULL, new Aes().getNativeStruct()); + } + + @Test + public void checkSetKeyParams() { + /* iv is optional, should not raise. */ + Aes aes = new Aes(KEY, null, Aes.ENCRYPT_MODE); + + try { + aes.setKey(null, IV, Aes.ENCRYPT_MODE); + fail("key should not be null."); + } catch (WolfCryptException e) { + /* test must throw */ + } + + aes.setKey(KEY, IV, Aes.ENCRYPT_MODE); + aes.releaseNativeStruct(); + + try { + aes.setKey(KEY, IV, Aes.ENCRYPT_MODE); + fail("native struct should not be null."); + } catch (WolfCryptException e) { + /* test must throw */ + } + } + + @Test + public void checkUpdateParams() throws ShortBufferException { + Aes enc = new Aes(KEY, IV, Aes.ENCRYPT_MODE); + Aes dec = new Aes(KEY, IV, Aes.DECRYPT_MODE); + byte[] input = new byte[Aes.BLOCK_SIZE]; + byte[] output = new byte[Aes.BLOCK_SIZE]; + + enc.update(input); + dec.update(input); + + try { + enc.update(null, 0, Aes.BLOCK_SIZE, output, 0); + fail("input should not be null."); + } catch (WolfCryptException e) { + /* test must throw */ + } + + try { + dec.update(null, 0, Aes.BLOCK_SIZE, output, 0); + fail("input should not be null."); + } catch (WolfCryptException e) { + /* test must throw */ + } + + try { + enc.update(input, 0, Aes.BLOCK_SIZE, null, 0); + fail("output should not be null."); + } catch (NullPointerException e) { + /* test must throw */ + } + + try { + dec.update(input, 0, Aes.BLOCK_SIZE, null, 0); + fail("output should not be null."); + } catch (NullPointerException e) { + /* test must throw */ + } + + enc.update(input, 0, Aes.BLOCK_SIZE, output, 0); + dec.update(input, 0, Aes.BLOCK_SIZE, output, 0); + + enc.releaseNativeStruct(); + dec.releaseNativeStruct(); + + try { + enc.update(input, 0, Aes.BLOCK_SIZE, output, 0); + fail("native struct should not be null."); + } catch (IllegalStateException e) { + /* test must throw */ + } + + try { + dec.update(input, 0, Aes.BLOCK_SIZE, output, 0); + fail("native struct should not be null."); + } catch (IllegalStateException e) { + /* test must throw */ + } + } + + @Test(expected = WolfCryptException.class) + public void inputShouldNotBeNull() { + Aes aes = new Aes(); + + try { + aes.setKey(Util.h2b("2b7e151628aed2a6abf7158809cf4f3c"), null, + Aes.ENCRYPT_MODE); + } catch (WolfCryptException e) { + if (e.getError() == WolfCryptError.BAD_FUNC_ARG) + fail("iv should be optional when setting key."); + } + + aes.setKey(null, null, Aes.ENCRYPT_MODE); + } + + @Test(expected = ShortBufferException.class) + public void updateShouldMatchUsingByteByffer() throws ShortBufferException { + String[] keys = new String[] { + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", }; + String[] ivs = new String[] { + "000102030405060708090A0B0C0D0E0F", + "7649ABAC8119B246CEE98E9B12E9197D", + "5086CB9B507219EE95DB113A917678B2", + "73BED6B8E3C1743B7116E69E22229516", + "000102030405060708090A0B0C0D0E0F", + "4F021DB243BC633D7178183A9FA071E8", + "B4D9ADA9AD7DEDF4E5E738763F69145A", + "571B242012FB7AE07FA9BAAC3DF102E0", + "000102030405060708090A0B0C0D0E0F", + "F58C4C04D6E5F1BA779EABFB5F7BFBD6", + "9CFC4E967EDB808D679F777BC6702C7D", + "39F23369A9D9BACFA530E26304231461" }; + String[] inputs = new String[] { + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710", + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710", + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710" }; + String[] outputs = new String[] { + "7649abac8119b246cee98e9b12e9197d", + "5086cb9b507219ee95db113a917678b2", + "73bed6b8e3c1743b7116e69e22229516", + "3ff1caa1681fac09120eca307586e1a7", + "4f021db243bc633d7178183a9fa071e8", + "b4d9ada9ad7dedf4e5e738763f69145a", + "571b242012fb7ae07fa9baac3df102e0", + "08b0e27988598881d920a9e64f5615cd", + "f58c4c04d6e5f1ba779eabfb5f7bfbd6", + "9cfc4e967edb808d679f777bc6702c7d", + "39f23369a9d9bacfa530e26304231461", + "b2eb05e2c39be9fcda6c19078c6a9d1b" }; + + ByteBuffer input = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + ByteBuffer output = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + ByteBuffer plain = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + ByteBuffer cipher = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + + for (int i = 0; i < inputs.length; i++) { + Aes enc = new Aes(Util.h2b(keys[i]), Util.h2b(ivs[i]), + Aes.ENCRYPT_MODE); + Aes dec = new Aes(Util.h2b(keys[i]), Util.h2b(ivs[i]), + Aes.DECRYPT_MODE); + + input.put(Util.h2b(inputs[i])).rewind(); + output.put(Util.h2b(outputs[i])).rewind(); + + try { + assertEquals(Aes.BLOCK_SIZE, enc.update(input, cipher)); + assertEquals(Aes.BLOCK_SIZE, dec.update(output, plain)); + } catch (ShortBufferException e) { + e.printStackTrace(); + fail(); + } + + assertEquals(Aes.BLOCK_SIZE, input.position()); + assertEquals(0, input.remaining()); + assertEquals(Aes.BLOCK_SIZE, output.position()); + assertEquals(0, output.remaining()); + assertEquals(Aes.BLOCK_SIZE, cipher.position()); + assertEquals(0, cipher.remaining()); + assertEquals(Aes.BLOCK_SIZE, plain.position()); + assertEquals(0, plain.remaining()); + + input.rewind(); + output.rewind(); + cipher.rewind(); + plain.rewind(); + + assertEquals(output, cipher); + assertEquals(input, plain); + + /* tests ShortBufferException */ + if (i == inputs.length - 1) { + cipher.position(cipher.limit()); + enc.update(input, cipher); + } + } + } + + @Test(expected = ShortBufferException.class) + public void updateShouldMatchUsingByteArray() throws ShortBufferException { + String[] keys = new String[] { + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", }; + String[] ivs = new String[] { + "000102030405060708090A0B0C0D0E0F", + "7649ABAC8119B246CEE98E9B12E9197D", + "5086CB9B507219EE95DB113A917678B2", + "73BED6B8E3C1743B7116E69E22229516", + "000102030405060708090A0B0C0D0E0F", + "4F021DB243BC633D7178183A9FA071E8", + "B4D9ADA9AD7DEDF4E5E738763F69145A", + "571B242012FB7AE07FA9BAAC3DF102E0", + "000102030405060708090A0B0C0D0E0F", + "F58C4C04D6E5F1BA779EABFB5F7BFBD6", + "9CFC4E967EDB808D679F777BC6702C7D", + "39F23369A9D9BACFA530E26304231461" }; + String[] inputs = new String[] { + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710", + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710", + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710" }; + String[] outputs = new String[] { + "7649abac8119b246cee98e9b12e9197d", + "5086cb9b507219ee95db113a917678b2", + "73bed6b8e3c1743b7116e69e22229516", + "3ff1caa1681fac09120eca307586e1a7", + "4f021db243bc633d7178183a9fa071e8", + "b4d9ada9ad7dedf4e5e738763f69145a", + "571b242012fb7ae07fa9baac3df102e0", + "08b0e27988598881d920a9e64f5615cd", + "f58c4c04d6e5f1ba779eabfb5f7bfbd6", + "9cfc4e967edb808d679f777bc6702c7d", + "39f23369a9d9bacfa530e26304231461", + "b2eb05e2c39be9fcda6c19078c6a9d1b" }; + + for (int i = 0; i < inputs.length; i++) { + Aes enc = new Aes(Util.h2b(keys[i]), Util.h2b(ivs[i]), + Aes.ENCRYPT_MODE); + Aes dec = new Aes(Util.h2b(keys[i]), Util.h2b(ivs[i]), + Aes.DECRYPT_MODE); + + byte[] input = Util.h2b(inputs[i]); + byte[] output = Util.h2b(outputs[i]); + byte[] cipher = new byte[Aes.BLOCK_SIZE]; + byte[] plain = new byte[Aes.BLOCK_SIZE]; + + if (i % 2 == 0) { + cipher = enc.update(input, 0, input.length); + plain = dec.update(output, 0, output.length); + } else { + try { + assertEquals(Aes.BLOCK_SIZE, + enc.update(input, 0, input.length, cipher, 0)); + assertEquals(Aes.BLOCK_SIZE, + dec.update(output, 0, output.length, plain, 0)); + } catch (ShortBufferException e) { + e.printStackTrace(); + fail(); + } + } + + assertArrayEquals(output, cipher); + assertArrayEquals(input, plain); + + /* tests ShortBufferException */ + if (i == inputs.length - 1) + enc.update(input, 0, input.length, cipher, Aes.BLOCK_SIZE); + } + } + + @Test + public void releaseAndReInitObject() { + + byte[] key = Util.h2b("2b7e151628aed2a6abf7158809cf4f3c"); + byte[] iv = Util.h2b("000102030405060708090A0B0C0D0E0F"); + byte[] in = Util.h2b("6bc1bee22e409f96e93d7e117393172a"); + byte[] expected = Util.h2b("7649abac8119b246cee98e9b12e9197d"); + + byte[] cipher = null; + byte[] plain = null; + + Aes enc = new Aes(key, iv, Aes.ENCRYPT_MODE); + cipher = enc.update(in, 0, in.length); + assertArrayEquals(expected, cipher); + + Aes dec = new Aes(key, iv, Aes.DECRYPT_MODE); + plain = dec.update(cipher, 0, cipher.length); + assertArrayEquals(in, plain); + + /* free objects */ + enc.releaseNativeStruct(); + dec.releaseNativeStruct(); + + /* try to re-init and re-use them */ + enc = new Aes(key, iv, Aes.ENCRYPT_MODE); + cipher = enc.update(in, 0, in.length); + assertArrayEquals(expected, cipher); + + dec = new Aes(key, iv, Aes.DECRYPT_MODE); + plain = dec.update(cipher, 0, cipher.length); + assertArrayEquals(in, plain); + + /* free again */ + enc.releaseNativeStruct(); + dec.releaseNativeStruct(); + } + + @Test + public void reuseObject() { + + byte[] key = Util.h2b("2b7e151628aed2a6abf7158809cf4f3c"); + byte[] iv = Util.h2b("000102030405060708090A0B0C0D0E0F"); + byte[] in = Util.h2b("6bc1bee22e409f96e93d7e117393172a"); + byte[] in2 = Util.h2b("ae2d8a571e03ac9c9eb76fac45af8e51"); + byte[] expected = Util.h2b("7649abac8119b246cee98e9b12e9197d"); + byte[] expected2 = Util.h2b("5086cb9b507219ee95db113a917678b2"); + + byte[] cipher = null; + byte[] plain = null; + + Aes enc = new Aes(key, iv, Aes.ENCRYPT_MODE); + cipher = enc.update(in, 0, in.length); + assertArrayEquals(expected, cipher); + + Aes dec = new Aes(key, iv, Aes.DECRYPT_MODE); + plain = dec.update(cipher, 0, cipher.length); + assertArrayEquals(in, plain); + + /* now, try to reuse existing enc/dec objects */ + cipher = enc.update(in2, 0, in2.length); + assertArrayEquals(expected2, cipher); + + plain = dec.update(cipher, 0, cipher.length); + assertArrayEquals(in2, plain); + + /* free again */ + enc.releaseNativeStruct(); + dec.releaseNativeStruct(); + } +} + diff --git a/ccc/src/test/java/com/wolfssl/wolfcrypt/test/Util.java b/ccc/src/test/java/com/wolfssl/wolfcrypt/test/Util.java new file mode 100644 index 0000000..e73ed65 --- /dev/null +++ b/ccc/src/test/java/com/wolfssl/wolfcrypt/test/Util.java @@ -0,0 +1,50 @@ +/* UtilTest.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt.test; + +public class Util { + public static byte[] h2b(String s) { + int len = s.length(); + byte[] data = new byte[len / 2]; + + for (int i = 0; i < len; i += 2) { + data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character + .digit(s.charAt(i + 1), 16)); + } + + return data; + } + + final protected static char[] hexArray = "0123456789ABCDEF".toCharArray(); + + public static String b2h(byte[] bytes) { + char[] hexChars = new char[bytes.length * 2]; + + for (int j = 0; j < bytes.length; j++) { + int v = bytes[j] & 0xFF; + hexChars[j * 2] = hexArray[v >>> 4]; + hexChars[j * 2 + 1] = hexArray[v & 0x0F]; + } + + return new String(hexChars); + } +} diff --git a/ccc/src/test/java/com/wolfssl/wolfcrypt/test/fips/AesFipsTest.java.bak b/ccc/src/test/java/com/wolfssl/wolfcrypt/test/fips/AesFipsTest.java.bak new file mode 100644 index 0000000..932de0e --- /dev/null +++ b/ccc/src/test/java/com/wolfssl/wolfcrypt/test/fips/AesFipsTest.java.bak @@ -0,0 +1,622 @@ +/* AesFipsTest.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt.test.fips; + +import static org.junit.Assert.*; + +import java.nio.ByteBuffer; + +import org.junit.Test; + +import com.wolfssl.wolfcrypt.Aes; +import com.wolfssl.wolfcrypt.WolfCrypt; +import com.wolfssl.wolfcrypt.Fips; + +import com.wolfssl.wolfcrypt.test.Util; + +public class AesFipsTest extends FipsTest { + private ByteBuffer input = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + private ByteBuffer output = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + private ByteBuffer cipher = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + private ByteBuffer plain = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + private ByteBuffer key = ByteBuffer.allocateDirect(Aes.KEY_SIZE_256); + private ByteBuffer iv = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + private ByteBuffer aad = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + private ByteBuffer tag = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + private ByteBuffer expected = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + + @Test + public void setKeyShouldReturnZeroUsingByteBuffer() { + key.put(Util.h2b("00112233445566778899aabbccddeeff")).rewind(); + iv.put(Util.h2b("ffeeddccbbaa99887766554433221100")).rewind(); + + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(new Aes(), key, + Aes.KEY_SIZE_128, iv, Aes.ENCRYPT_MODE)); + } + + @Test + public void setKeyShouldReturnZeroUsingByteArray() { + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(new Aes(), + Util.h2b("00112233445566778899aabbccddeeff"), Aes.KEY_SIZE_128, + Util.h2b("ffeeddccbbaa99887766554433221100"), Aes.ENCRYPT_MODE)); + } + + @Test + public void setKeyWithNullIVShouldReturnZeroUsingByteBuffer() { + key.put(Util.h2b("00112233445566778899aabbccddeeff")).rewind(); + + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(new Aes(), key, + Aes.KEY_SIZE_128, null, Aes.ENCRYPT_MODE)); + } + + @Test + public void setKeyWithNullIVShouldReturnZeroUsingByteArray() { + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(new Aes(), + Util.h2b("00112233445566778899aabbccddeeff"), Aes.KEY_SIZE_128, + null, Aes.ENCRYPT_MODE)); + } + + @Test + public void setIVShouldReturnZeroUsingByteBuffer() { + iv.put(Util.h2b("00112233445566778899aabbccddeeff")).rewind(); + + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetIV_fips(new Aes(), iv)); + } + + @Test + public void setIVShouldReturnZeroUsingByteArray() { + assertEquals( + WolfCrypt.SUCCESS, + Fips.AesSetIV_fips(new Aes(), + Util.h2b("00112233445566778899aabbccddeeff"))); + } + + @Test + public void cbcEncryptDecryptShouldMatchUsingByteByffer() { + String[] keys = new String[] { + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", }; + String[] ivs = new String[] { "000102030405060708090A0B0C0D0E0F", + "7649ABAC8119B246CEE98E9B12E9197D", + "5086CB9B507219EE95DB113A917678B2", + "73BED6B8E3C1743B7116E69E22229516", + "000102030405060708090A0B0C0D0E0F", + "4F021DB243BC633D7178183A9FA071E8", + "B4D9ADA9AD7DEDF4E5E738763F69145A", + "571B242012FB7AE07FA9BAAC3DF102E0", + "000102030405060708090A0B0C0D0E0F", + "F58C4C04D6E5F1BA779EABFB5F7BFBD6", + "9CFC4E967EDB808D679F777BC6702C7D", + "39F23369A9D9BACFA530E26304231461" }; + String[] inputs = new String[] { "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710", + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710", + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710" }; + String[] outputs = new String[] { "7649abac8119b246cee98e9b12e9197d", + "5086cb9b507219ee95db113a917678b2", + "73bed6b8e3c1743b7116e69e22229516", + "3ff1caa1681fac09120eca307586e1a7", + "4f021db243bc633d7178183a9fa071e8", + "b4d9ada9ad7dedf4e5e738763f69145a", + "571b242012fb7ae07fa9baac3df102e0", + "08b0e27988598881d920a9e64f5615cd", + "f58c4c04d6e5f1ba779eabfb5f7bfbd6", + "9cfc4e967edb808d679f777bc6702c7d", + "39f23369a9d9bacfa530e26304231461", + "b2eb05e2c39be9fcda6c19078c6a9d1b" }; + + for (int i = 0; i < inputs.length; i++) { + Aes enc = new Aes(); + Aes dec = new Aes(); + + key.put(Util.h2b(keys[i])).rewind(); + iv.put(Util.h2b(ivs[i])).rewind(); + input.put(Util.h2b(inputs[i])).rewind(); + output.put(Util.h2b(outputs[i])).rewind(); + + if (i % 2 == 0) { + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(enc, key, + keys[i].length() / 2, iv, Aes.ENCRYPT_MODE)); + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(dec, key, + keys[i].length() / 2, iv, Aes.DECRYPT_MODE)); + } else { + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(enc, key, + keys[i].length() / 2, null, Aes.ENCRYPT_MODE)); + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetIV_fips(enc, iv)); + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(dec, key, + keys[i].length() / 2, null, Aes.DECRYPT_MODE)); + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetIV_fips(dec, iv)); + } + + assertEquals(WolfCrypt.SUCCESS, + Fips.AesCbcEncrypt_fips(enc, cipher, input, Aes.BLOCK_SIZE)); + assertEquals(WolfCrypt.SUCCESS, + Fips.AesCbcDecrypt_fips(dec, plain, output, Aes.BLOCK_SIZE)); + + assertEquals(output, cipher); + assertEquals(input, plain); + } + } + + @Test + public void cbcEncryptDecryptShouldMatchUsingByteArray() { + String[] keys = new String[] { + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "2b7e151628aed2a6abf7158809cf4f3c", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", }; + String[] ivs = new String[] { "000102030405060708090A0B0C0D0E0F", + "7649ABAC8119B246CEE98E9B12E9197D", + "5086CB9B507219EE95DB113A917678B2", + "73BED6B8E3C1743B7116E69E22229516", + "000102030405060708090A0B0C0D0E0F", + "4F021DB243BC633D7178183A9FA071E8", + "B4D9ADA9AD7DEDF4E5E738763F69145A", + "571B242012FB7AE07FA9BAAC3DF102E0", + "000102030405060708090A0B0C0D0E0F", + "F58C4C04D6E5F1BA779EABFB5F7BFBD6", + "9CFC4E967EDB808D679F777BC6702C7D", + "39F23369A9D9BACFA530E26304231461" }; + String[] inputs = new String[] { "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710", + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710", + "6bc1bee22e409f96e93d7e117393172a", + "ae2d8a571e03ac9c9eb76fac45af8e51", + "30c81c46a35ce411e5fbc1191a0a52ef", + "f69f2445df4f9b17ad2b417be66c3710" }; + String[] outputs = new String[] { "7649abac8119b246cee98e9b12e9197d", + "5086cb9b507219ee95db113a917678b2", + "73bed6b8e3c1743b7116e69e22229516", + "3ff1caa1681fac09120eca307586e1a7", + "4f021db243bc633d7178183a9fa071e8", + "b4d9ada9ad7dedf4e5e738763f69145a", + "571b242012fb7ae07fa9baac3df102e0", + "08b0e27988598881d920a9e64f5615cd", + "f58c4c04d6e5f1ba779eabfb5f7bfbd6", + "9cfc4e967edb808d679f777bc6702c7d", + "39f23369a9d9bacfa530e26304231461", + "b2eb05e2c39be9fcda6c19078c6a9d1b" }; + + for (int i = 0; i < inputs.length; i++) { + Aes enc = new Aes(); + Aes dec = new Aes(); + + byte[] key = Util.h2b(keys[i]); + byte[] iv = Util.h2b(ivs[i]); + byte[] input = Util.h2b(inputs[i]); + byte[] output = Util.h2b(outputs[i]); + byte[] cipher = new byte[Aes.BLOCK_SIZE]; + byte[] plain = new byte[Aes.BLOCK_SIZE]; + + if (i % 2 == 0) { + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(enc, key, + keys[i].length() / 2, iv, Aes.ENCRYPT_MODE)); + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(dec, key, + keys[i].length() / 2, iv, Aes.DECRYPT_MODE)); + } else { + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(enc, key, + keys[i].length() / 2, null, Aes.ENCRYPT_MODE)); + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetIV_fips(enc, iv)); + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(dec, key, + keys[i].length() / 2, null, Aes.DECRYPT_MODE)); + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetIV_fips(dec, iv)); + } + + assertEquals(WolfCrypt.SUCCESS, + Fips.AesCbcEncrypt_fips(enc, cipher, input, Aes.BLOCK_SIZE)); + assertEquals(WolfCrypt.SUCCESS, + Fips.AesCbcDecrypt_fips(dec, plain, output, Aes.BLOCK_SIZE)); + + assertArrayEquals(output, cipher); + assertArrayEquals(input, plain); + } + } + + @Test + public void cbcGFSboxShouldMatchUsingByteByffer() { + ByteBuffer null_key = ByteBuffer.allocateDirect(Aes.KEY_SIZE_128); + ByteBuffer null_iv = ByteBuffer.allocateDirect(Aes.BLOCK_SIZE); + + String[] testinput = new String[] { "f34481ec3cc627bacd5dc3fb08f273e6", + "9798c4640bad75c7c3227db910174e72", + "96ab5c2ff612d9dfaae8c31f30c42168", + "6a118a874519e64e9963798a503f1d35", + "cb9fceec81286ca3e989bd979b0cb284", + "b26aeb1874e47ca8358ff22378f09144", + "58c8e00b2631686d54eab84b91f0aca1" }; + String[] cipherText = new String[] { + "0336763e966d92595a567cc9ce537f5e", + "a9a1631bf4996954ebc093957b234589", + "ff4f8391a6a40ca5b25d23bedd44a597", + "dc43be40be0e53712f7e2bf5ca707209", + "92beedab1895a94faa69b632e5cc47ce", + "459264f4798f6a78bacb89c15ed3d601", + "08a4e2efec8a8e3312ca7460b9040bbf" }; + + for (int i = 0; i < testinput.length; i++) { + Aes enc = new Aes(); + Aes dec = new Aes(); + + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(enc, null_key, + Aes.KEY_SIZE_128, null_iv, Aes.ENCRYPT_MODE)); + + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(dec, null_key, + Aes.KEY_SIZE_128, null_iv, Aes.DECRYPT_MODE)); + + input.put(Util.h2b(testinput[i])).rewind(); + cipher.put(Util.h2b(cipherText[i])).rewind(); + + assertEquals(WolfCrypt.SUCCESS, + Fips.AesCbcEncrypt_fips(enc, output, input, Aes.BLOCK_SIZE)); + assertEquals(WolfCrypt.SUCCESS, + Fips.AesCbcDecrypt_fips(dec, plain, output, Aes.BLOCK_SIZE)); + + assertEquals(output, cipher); + assertEquals(plain, input); + } + } + + @Test + public void cbcGFSboxShouldMatchUsingByteArray() { + byte[] null_key = new byte[Aes.KEY_SIZE_128]; + byte[] null_iv = new byte[Aes.BLOCK_SIZE]; + + String[] testinput = new String[] { "f34481ec3cc627bacd5dc3fb08f273e6", + "9798c4640bad75c7c3227db910174e72", + "96ab5c2ff612d9dfaae8c31f30c42168", + "6a118a874519e64e9963798a503f1d35", + "cb9fceec81286ca3e989bd979b0cb284", + "b26aeb1874e47ca8358ff22378f09144", + "58c8e00b2631686d54eab84b91f0aca1" }; + String[] cipherText = new String[] { + "0336763e966d92595a567cc9ce537f5e", + "a9a1631bf4996954ebc093957b234589", + "ff4f8391a6a40ca5b25d23bedd44a597", + "dc43be40be0e53712f7e2bf5ca707209", + "92beedab1895a94faa69b632e5cc47ce", + "459264f4798f6a78bacb89c15ed3d601", + "08a4e2efec8a8e3312ca7460b9040bbf" }; + + for (int i = 0; i < testinput.length; i++) { + Aes enc = new Aes(); + Aes dec = new Aes(); + + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(enc, null_key, + Aes.KEY_SIZE_128, null_iv, Aes.ENCRYPT_MODE)); + + assertEquals(WolfCrypt.SUCCESS, Fips.AesSetKey_fips(dec, null_key, + Aes.KEY_SIZE_128, null_iv, Aes.DECRYPT_MODE)); + + byte[] input = Util.h2b(testinput[i]); + byte[] output = new byte[Aes.BLOCK_SIZE]; + byte[] cipher = Util.h2b(cipherText[i]); + byte[] plain = new byte[Aes.BLOCK_SIZE]; + + assertEquals(WolfCrypt.SUCCESS, + Fips.AesCbcEncrypt_fips(enc, output, input, Aes.BLOCK_SIZE)); + assertEquals(WolfCrypt.SUCCESS, + Fips.AesCbcDecrypt_fips(dec, plain, output, Aes.BLOCK_SIZE)); + + assertArrayEquals(output, cipher); + assertArrayEquals(plain, input); + } + } + + @Test + public void gcmEncrypShouldMatchUsingByteByffer() { + String[] keys = new String[] { + "96f309d0f15ba970e114a9216e75a14f89e28948ce7d98bd37f0beefe36803b0", + "3872431f89eba694cbc9b12d10d11b707a4248e7ff90a4bbcd271df7ff33c3a8", + "aa36f0adfc3ad79db40d38afdc33bf571ea96eb7089663e554ac566c55e33dc1", + "1f2d3edaaf6e24001bb69473a79dc16751c3dab75614f884a6da8f46e1f808b6", + + "513d69b62ccc6cb6b131e03492573629", + "04dbdd3f6ebc283f37fe36de20e63698", + "95941019ce0633ddaac39d68af55bf18", + "e9035018a50f6d2cb214aa15eca13126", + + "f8c95f4a4f44f92016d20d4a8ee1b47f", + "f77762d953ef07850ab8b3ea3dffa99c", + "64d649c62c8de598147d9017d48b7d0c", + "e9bbcbbad3a20de306849cd4181d1c21", + + "1efd683cd9a6e3fd068d00a2086428d9", + "b53b39c72229968600981245c3902a5b", + "33edf6422d6ee7a6f1a2c62c6aa80623", + "50b9ab1a45cff2b4ac61acbb91748d81", + + "3ef0c62ba7b10cc6e0d01fc854c4609f", + "8226a43fbfb627931ae9a3f0fff1eff6", + "5bbc573d4321d87fe0fae055e51cd802", + "e4028e15a43405906157983504cfe178" }; + + String[] ivs = new String[] { "811c5a119f1970526314ef17", + "b4d3d1fb3f2a55822c38c345", "8bff1992ae8cf8245eb04d0d", + "021d039481a4712f38b72310", + + "a82cac133e4275214db28e23", "81829bce889b58e5699d1d30", + "81d6e884204d1c2ffbbc5281", "6c40b2da03098cd8fae9d284", + + "d14e58a20ab9cfdb9c99c948", "babcba15888e47b4ae465fbb", + "2c03617cc30ab9ad74e1625e", "b5a59cea040d1c5f847b8aa6", + + "502a695532b76998a07619e1", "b7e2fa5f3ff3c93d2b4520a3", + "3d28f90d13864a877d6b28ab", "63d4165ec16f7ec664957685", + + "5c7ef507f57213c8b3bccd80", "298b3aa17bc1d522119801a0", + "a754307e21bd8830bf8e0494", "1dd60ff9a9ff83e50b25c5a0" }; + String[] inputs = new String[] { "", "", "", "", + + "", "", "", "", + + "", "", "", "", + + "8e05e5f209b6d46825bd8e72184807d7", "b018e93ddedb38ffbf37418eb558d358", + "96b670847652abf972d0c577cc6a13d4", + "d0699f6f202211d31078265a5a590ae9", + + "8e611f5465a95e51ea994b423d308c52", + "6adb192878975ce52b747039018af60b", + "77302190044e1d3bcb8036c10fab4591", + "3287a23fac53b1639dcda92c2aefe195" }; + String[] outputs = new String[] { "", "", "", "", + + "", "", "", "", + + "", "", "", "", + + "bb4141881dd0c0df656fdf6d6f916809", "1b99b39eabcdb1dd565fa6c653762eca", + "fba1cdcdaaa30015ec73ad958bff8de5", + "4d75780fb52c2210b2dce23e0a607961", + + "0d9a84e2d05a66fae22736f28e2b95af", + "2376bc94980bd00b371fca9b577d6066", + "8e8e0d23e5428e17f0dd5098aa8f8cf4", + "04cf6283c6e07abb37dd2165b71fbc12" }; + String[] aads = new String[] { "", "", "", "", + + "", "", "", "", + + "014988a49cd6db5822c7747d44ce6984", "8aaec71a1a6f3ca115852da562bfe193", + "0a9268d9f2a0fa55222c4189079c7853", + "ba7b822fb592e4e07b7cdb848acb82c3", + + "", "", "", "", + + "1eebc1ba027aa7d50ea8b41ac32c4e30", + "d2986fca8fae3099a23a00460e92ab69", + "00a9374ccaa5daf1377b7baf24ca6b5e", + "e7cd6994591b7e01ecc0c238becc5922", }; + String[] tags = new String[] { "0721bfff18ffd1d609dc20e098fa70a7", + "0d58d2774c552fc03cb45b580b4d3c8a", + "01956880ce3e7b3bdbab6d9fbb691e41", + "ed074dc1d766f54ddbaddce9c63f1212", + + "6242db189f62e0ae57954c6885c07b94", + "b094a8f4583d41dd1eb6ae6701bb1017", + "a1be2cb5bc80569ff4168112315b24d9", + "1d11b3eaf1e8606d1d0577e0c8867e9f", + + "82c81a197a76807b3ea6edce89c39027", + "20e124243540872d6adc4aef5415fcf4", + "a3f9767e82f8427fc45af8337938967d", + "75ce87c22470d988c7dd9ed9261a6091", + + "36918c3eb5361630b688cb8c01f8503f", + "a940164de93740514e4d55a1ed94989c", + "518e12768a606656f82e59d44e72e0da", + "2d0234814f68f2190335df7974a99959", + + "954391c2a4c0dd61ed04ef1c81c3f137", + "c3b76f298cffa0357122492e26beec49", + "75e96073645aca257413f333f2de1e1d", + "87e193b79faf3757ccb0ff1396df5e81" }; + + for (int i = 0; i < keys.length; i++) { + Aes enc = new Aes(); + + key.put(Util.h2b(keys[i])).rewind(); + iv.put(Util.h2b(ivs[i])).rewind(); + input.put(Util.h2b(inputs[i])).rewind(); + output.put(Util.h2b(outputs[i])).rewind(); + aad.put(Util.h2b(aads[i])).rewind(); + expected.put(Util.h2b(tags[i])).rewind(); + + assertEquals(WolfCrypt.SUCCESS, + Fips.AesGcmSetKey_fips(enc, key, keys[i].length() / 2)); + + assertEquals(WolfCrypt.SUCCESS, Fips.AesGcmEncrypt_fips(enc, + cipher, input, inputs[i].length() / 2, iv, + ivs[i].length() / 2, tag, tags[i].length() / 2, aad, + aads[i].length() / 2)); + + assertEquals(expected, tag); + assertEquals(output, cipher); + } + } + + @Test + public void gcmEncrypShouldMatchUsingByteArray() { + String[] keys = new String[] { + "96f309d0f15ba970e114a9216e75a14f89e28948ce7d98bd37f0beefe36803b0", + "3872431f89eba694cbc9b12d10d11b707a4248e7ff90a4bbcd271df7ff33c3a8", + "aa36f0adfc3ad79db40d38afdc33bf571ea96eb7089663e554ac566c55e33dc1", + "1f2d3edaaf6e24001bb69473a79dc16751c3dab75614f884a6da8f46e1f808b6", + + "513d69b62ccc6cb6b131e03492573629", + "04dbdd3f6ebc283f37fe36de20e63698", + "95941019ce0633ddaac39d68af55bf18", + "e9035018a50f6d2cb214aa15eca13126", + + "f8c95f4a4f44f92016d20d4a8ee1b47f", + "f77762d953ef07850ab8b3ea3dffa99c", + "64d649c62c8de598147d9017d48b7d0c", + "e9bbcbbad3a20de306849cd4181d1c21", + + "1efd683cd9a6e3fd068d00a2086428d9", + "b53b39c72229968600981245c3902a5b", + "33edf6422d6ee7a6f1a2c62c6aa80623", + "50b9ab1a45cff2b4ac61acbb91748d81", + + "3ef0c62ba7b10cc6e0d01fc854c4609f", + "8226a43fbfb627931ae9a3f0fff1eff6", + "5bbc573d4321d87fe0fae055e51cd802", + "e4028e15a43405906157983504cfe178" }; + + String[] ivs = new String[] { "811c5a119f1970526314ef17", + "b4d3d1fb3f2a55822c38c345", "8bff1992ae8cf8245eb04d0d", + "021d039481a4712f38b72310", + + "a82cac133e4275214db28e23", "81829bce889b58e5699d1d30", + "81d6e884204d1c2ffbbc5281", "6c40b2da03098cd8fae9d284", + + "d14e58a20ab9cfdb9c99c948", "babcba15888e47b4ae465fbb", + "2c03617cc30ab9ad74e1625e", "b5a59cea040d1c5f847b8aa6", + + "502a695532b76998a07619e1", "b7e2fa5f3ff3c93d2b4520a3", + "3d28f90d13864a877d6b28ab", "63d4165ec16f7ec664957685", + + "5c7ef507f57213c8b3bccd80", "298b3aa17bc1d522119801a0", + "a754307e21bd8830bf8e0494", "1dd60ff9a9ff83e50b25c5a0" }; + String[] inputs = new String[] { "", "", "", "", + + "", "", "", "", + + "", "", "", "", + + "8e05e5f209b6d46825bd8e72184807d7", "b018e93ddedb38ffbf37418eb558d358", + "96b670847652abf972d0c577cc6a13d4", + "d0699f6f202211d31078265a5a590ae9", + + "8e611f5465a95e51ea994b423d308c52", + "6adb192878975ce52b747039018af60b", + "77302190044e1d3bcb8036c10fab4591", + "3287a23fac53b1639dcda92c2aefe195" }; + String[] outputs = new String[] { "", "", "", "", + + "", "", "", "", + + "", "", "", "", + + "bb4141881dd0c0df656fdf6d6f916809", "1b99b39eabcdb1dd565fa6c653762eca", + "fba1cdcdaaa30015ec73ad958bff8de5", + "4d75780fb52c2210b2dce23e0a607961", + + "0d9a84e2d05a66fae22736f28e2b95af", + "2376bc94980bd00b371fca9b577d6066", + "8e8e0d23e5428e17f0dd5098aa8f8cf4", + "04cf6283c6e07abb37dd2165b71fbc12" }; + String[] aads = new String[] { "", "", "", "", + + "", "", "", "", + + "014988a49cd6db5822c7747d44ce6984", "8aaec71a1a6f3ca115852da562bfe193", + "0a9268d9f2a0fa55222c4189079c7853", + "ba7b822fb592e4e07b7cdb848acb82c3", + + "", "", "", "", + + "1eebc1ba027aa7d50ea8b41ac32c4e30", + "d2986fca8fae3099a23a00460e92ab69", + "00a9374ccaa5daf1377b7baf24ca6b5e", + "e7cd6994591b7e01ecc0c238becc5922", }; + String[] tags = new String[] { "0721bfff18ffd1d609dc20e098fa70a7", + "0d58d2774c552fc03cb45b580b4d3c8a", + "01956880ce3e7b3bdbab6d9fbb691e41", + "ed074dc1d766f54ddbaddce9c63f1212", + + "6242db189f62e0ae57954c6885c07b94", + "b094a8f4583d41dd1eb6ae6701bb1017", + "a1be2cb5bc80569ff4168112315b24d9", + "1d11b3eaf1e8606d1d0577e0c8867e9f", + + "82c81a197a76807b3ea6edce89c39027", + "20e124243540872d6adc4aef5415fcf4", + "a3f9767e82f8427fc45af8337938967d", + "75ce87c22470d988c7dd9ed9261a6091", + + "36918c3eb5361630b688cb8c01f8503f", + "a940164de93740514e4d55a1ed94989c", + "518e12768a606656f82e59d44e72e0da", + "2d0234814f68f2190335df7974a99959", + + "954391c2a4c0dd61ed04ef1c81c3f137", + "c3b76f298cffa0357122492e26beec49", + "75e96073645aca257413f333f2de1e1d", + "87e193b79faf3757ccb0ff1396df5e81" }; + + for (int i = 0; i < keys.length; i++) { + Aes enc = new Aes(); + + byte[] cipher = new byte[outputs[i].length() / 2]; + byte[] key = Util.h2b(keys[i]); + byte[] iv = Util.h2b(ivs[i]); + byte[] input = Util.h2b(inputs[i]); + byte[] output = Util.h2b(outputs[i]); + byte[] tag = new byte[tags[i].length() / 2]; + byte[] aad = Util.h2b(aads[i]); + byte[] expected = Util.h2b(tags[i]); + + assertEquals(WolfCrypt.SUCCESS, + Fips.AesGcmSetKey_fips(enc, key, keys[i].length() / 2)); + + assertEquals(WolfCrypt.SUCCESS, Fips.AesGcmEncrypt_fips(enc, + cipher, input, inputs[i].length() / 2, iv, + ivs[i].length() / 2, tag, tags[i].length() / 2, aad, + aads[i].length() / 2)); + + assertArrayEquals(expected, tag); + assertArrayEquals(output, cipher); + } + } +} diff --git a/init.sh b/init.sh old mode 100644 new mode 100755 diff --git a/settings.gradle b/settings.gradle index a91bf52..544736e 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1,3 +1,2 @@ -include ':wolfssl' -// include ':app' -//includ ':wolfcrypt' +//include ':wolfssl' +include ':ccc' diff --git a/wolfcrypt/build.gradle b/wolfcrypt/build.gradle deleted file mode 100644 index 32eea06..0000000 --- a/wolfcrypt/build.gradle +++ /dev/null @@ -1,40 +0,0 @@ -apply plugin: 'com.android.library' - -android { - compileSdkVersion 23 - buildToolsVersion "23.0.3" - - defaultConfig { - minSdkVersion 13 - targetSdkVersion 23 - versionCode 1 - versionName "1.0" - - externalNativeBuild { - cmake { - arguments '-DANDROID_PLATFORM=android-9', - '-DANDROID_TOOLCHAIN=clang' - // explicitly build libs - targets 'gmath', 'gperf' - } - - } - } - buildTypes { - release { - minifyEnabled false - proguardFiles getDefaultProguardFile('proguard-android.txt'), - 'proguard-rules.pro' - } - } - externalNativeBuild { - cmake { - path 'src/main/cpp/CMakeLists.txt' - } - } -} - -dependencies { - compile fileTree(dir: 'libs', include: ['*.jar']) - compile 'com.android.support:appcompat-v7:23.4.0' -} diff --git a/wolfcrypt/dist/wolfcrypt.so b/wolfcrypt/dist/wolfcrypt.so deleted file mode 100644 index e69de29..0000000 diff --git a/wolfcrypt/proguard-rules.pro b/wolfcrypt/proguard-rules.pro deleted file mode 100644 index b7420a7..0000000 --- a/wolfcrypt/proguard-rules.pro +++ /dev/null @@ -1,17 +0,0 @@ -# Add project specific ProGuard rules here. -# By default, the flags in this file are appended to flags specified -# in /Users/gfan/dev/sdk_current/tools/proguard/proguard-android.txt -# You can edit the include path and order by changing the proguardFiles -# directive in build.gradle. -# -# For more details, see -# http://developer.android.com/guide/developing/tools/proguard.html - -# Add any project specific keep options here: - -# If your project uses WebView with JS, uncomment the following -# and specify the fully qualified class name to the JavaScript interface -# class: -#-keepclassmembers class fqcn.of.javascript.interface.for.webview { -# public *; -#} diff --git a/wolfcrypt/src/main/cpp/CMakeLists.txt b/wolfcrypt/src/main/cpp/CMakeLists.txt deleted file mode 100644 index 63881e5..0000000 --- a/wolfcrypt/src/main/cpp/CMakeLists.txt +++ /dev/null @@ -1,12 +0,0 @@ -cmake_minimum_required(VERSION 3.4.1) - -set(CMAKE_VERBOSE_MAKEFILE on) - -set(lib_src_DIR ${CMAKE_CURRENT_SOURCE_DIR}) - -set(lib_build_DIR $ENV{HOME}/tmp) -file(MAKE_DIRECTORY ${lib_build_DIR}) - -add_subdirectory(${lib_src_DIR}/gmath ${lib_build_DIR}/gmath) -add_subdirectory(${lib_src_DIR}/gperf ${lib_build_DIR}/gperf) - diff --git a/wolfcrypt/src/main/cpp/gmath/CMakeLists.txt b/wolfcrypt/src/main/cpp/gmath/CMakeLists.txt deleted file mode 100644 index a044171..0000000 --- a/wolfcrypt/src/main/cpp/gmath/CMakeLists.txt +++ /dev/null @@ -1,23 +0,0 @@ -cmake_minimum_required(VERSION 3.4.1) - -set(CMAKE_VERBOSE_MAKEFILE on) - -add_library(gmath STATIC src/gmath.c) - -# copy out the lib binary... need to leave the static lib around to pass gradle check -set(distribution_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../../../../../distribution) -set_target_properties(gmath - PROPERTIES - ARCHIVE_OUTPUT_DIRECTORY - "${distribution_DIR}/gmath/lib/${ANDROID_ABI}") - -# copy out lib header file... -add_custom_command(TARGET gmath POST_BUILD - COMMAND "${CMAKE_COMMAND}" -E - copy "${CMAKE_CURRENT_SOURCE_DIR}/src/gmath.h" - "${distribution_DIR}/gmath/include/gmath.h" -# **** the following 2 lines are for potential future debug purpose **** -# COMMAND "${CMAKE_COMMAND}" -E -# remove_directory "${CMAKE_CURRENT_BINARY_DIR}" - COMMENT "Copying gmath to output directory") - diff --git a/wolfcrypt/src/main/cpp/gmath/src/gmath.c b/wolfcrypt/src/main/cpp/gmath/src/gmath.c deleted file mode 100644 index f691d8c..0000000 --- a/wolfcrypt/src/main/cpp/gmath/src/gmath.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#include -#include "gmath.h" - -#if defined(__GNUC__) && __GNUC__ >= 4 -#define GMATH_EXPORT __attribute__((visibility("default"))) -#elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x590) -#define GMATH_EXPORT __attribute__((visibility("default"))) -#else -#define GMATH_EXPORT -#endif - -#define LOGE(...) \ - ((void)__android_log_print(ANDROID_LOG_ERROR, "gmath::", __VA_ARGS__)) - -/* - * return 2 ^ n with multiplication implementation - */ -GMATH_EXPORT unsigned gpower(unsigned n) { - if (n == 0) - return 1; - if (n > 31) { - LOGE("error from power(%d): integer overflow", n); - return 0; - } - unsigned val = gpower(n>>1) * gpower (n>>1); - if (n & 1) - val *= 2; - return val; -} - diff --git a/wolfcrypt/src/main/cpp/gmath/src/gmath.h b/wolfcrypt/src/main/cpp/gmath/src/gmath.h deleted file mode 100644 index 60ea677..0000000 --- a/wolfcrypt/src/main/cpp/gmath/src/gmath.h +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#ifndef __POWER_HPP__ -#define __POWER_HPP__ -/* - * return pow(2, n) - */ -#ifdef __cplusplus -extern "C" -#endif // __cplusplus - unsigned gpower(unsigned n); - -#endif //__POWER_HPP__ diff --git a/wolfcrypt/src/main/cpp/gperf/CMakeLists.txt b/wolfcrypt/src/main/cpp/gperf/CMakeLists.txt deleted file mode 100644 index f3b1974..0000000 --- a/wolfcrypt/src/main/cpp/gperf/CMakeLists.txt +++ /dev/null @@ -1,18 +0,0 @@ -cmake_minimum_required(VERSION 3.4.1) - -set(CMAKE_VERBOSE_MAKEFILE on) - -add_library(gperf SHARED src/gperf.c) - -# copy out the lib binary and remove generated files -set(distribution_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../../../../../distribution) -set_target_properties(gperf - PROPERTIES - LIBRARY_OUTPUT_DIRECTORY - "${distribution_DIR}/gperf/lib/${ANDROID_ABI}") -add_custom_command(TARGET gperf POST_BUILD - COMMAND "${CMAKE_COMMAND}" -E - copy "${CMAKE_CURRENT_SOURCE_DIR}/src/gperf.h" - "${distribution_DIR}/gperf/include/gperf.h" - COMMENT "Copying gperf to output directory") - diff --git a/wolfcrypt/src/main/cpp/gperf/src/gperf.c b/wolfcrypt/src/main/cpp/gperf/src/gperf.c deleted file mode 100644 index 1b733ad..0000000 --- a/wolfcrypt/src/main/cpp/gperf/src/gperf.c +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#include -#include "gperf.h" - -#if defined(__GNUC__) && __GNUC__ >= 4 -#define GPERF_EXPORT __attribute__((visibility("default"))) -#elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x590) -#define GPERF_EXPORT __attribute__((visibility("default"))) -#else -#define GPERF_EXPORT -#endif - -/* - * return current ticks - */ -GPERF_EXPORT uint64_t GetTicks(void) { - struct timeval Time; - uint64_t cur_tick = (uint64_t) 1000000; - - gettimeofday( &Time, NULL ); - cur_tick *= Time.tv_sec; - - return (cur_tick + Time.tv_usec); -} - diff --git a/wolfcrypt/src/main/cpp/gperf/src/gperf.h b/wolfcrypt/src/main/cpp/gperf/src/gperf.h deleted file mode 100644 index c7933c7..0000000 --- a/wolfcrypt/src/main/cpp/gperf/src/gperf.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#ifndef __GPERF_HPP__ -#define __GPERF_HPP__ - -#include - -/* - * return current system ticks - */ -#ifdef __cplusplus -extern "C" -#endif // __cplusplus -uint64_t GetTicks(void); - -#endif //__GPERF_HPP__ diff --git a/wolfcrypt/src/main/res/values/strings.xml b/wolfcrypt/src/main/res/values/strings.xml deleted file mode 100644 index de20b15..0000000 --- a/wolfcrypt/src/main/res/values/strings.xml +++ /dev/null @@ -1,3 +0,0 @@ - - J3G BuildLibs - diff --git a/wolfssl/dist/lib_2018-11-10/arm64-v8a/libwolfssl.a b/wolfssl/dist/lib_2018-11-10/arm64-v8a/libwolfssl.a new file mode 100644 index 0000000..9cc7adc Binary files /dev/null and b/wolfssl/dist/lib_2018-11-10/arm64-v8a/libwolfssl.a differ diff --git a/wolfssl/dist/lib_2018-11-10/armeabi-v7a/libwolfssl.a b/wolfssl/dist/lib_2018-11-10/armeabi-v7a/libwolfssl.a new file mode 100644 index 0000000..0870785 Binary files /dev/null and b/wolfssl/dist/lib_2018-11-10/armeabi-v7a/libwolfssl.a differ diff --git a/wolfssl/dist/lib_2018-11-10/x86/libwolfssl.a b/wolfssl/dist/lib_2018-11-10/x86/libwolfssl.a new file mode 100644 index 0000000..9f86e15 Binary files /dev/null and b/wolfssl/dist/lib_2018-11-10/x86/libwolfssl.a differ diff --git a/wolfssl/dist/lib_2018-11-10/x86_64/libwolfssl.a b/wolfssl/dist/lib_2018-11-10/x86_64/libwolfssl.a new file mode 100644 index 0000000..ed4e331 Binary files /dev/null and b/wolfssl/dist/lib_2018-11-10/x86_64/libwolfssl.a differ diff --git a/wolfssl/src/main/cpp/wolfssl-oem/CMakeLists.txt b/wolfssl/src/main/cpp/wolfssl-oem/CMakeLists.txt index c462751..e6b3b3d 100644 --- a/wolfssl/src/main/cpp/wolfssl-oem/CMakeLists.txt +++ b/wolfssl/src/main/cpp/wolfssl-oem/CMakeLists.txt @@ -1,7 +1,7 @@ # create a build target of "wolfssl" # library is a SHARED (not STATIC) # add all the source code -add_library(wolfssl SHARED +add_library(wolfssl STATIC wolfssl-git/src/crl.c wolfssl-git/src/internal.c wolfssl-git/src/io.c