Elijah P / CyaSSL

CyaSSL changed for NucleoF401RE board: implemented random and time functions for build. (Has trouble with wildcard domains like *.google.com, *.yahoo.com)

Fork of CyaSSL by wolf SSL

cyassl/ssl.h@4:e505054279ed, 2015-01-14 (annotated)

Committer:
Vanger
Date:
Wed Jan 14 22:07:14 2015 +0000
Revision:
4:e505054279ed
Parent:
0:1239e9b70ca2 
Implemented some platform specific functions in the Cyassl library code: time functions, seed random functions, and also changed the settings.h file to define settings specific to the platform being used

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 0:1239e9b70ca2 1 /* ssl.h
wolfSSL 0:1239e9b70ca2 2 *
wolfSSL 0:1239e9b70ca2 3 * Copyright (C) 2006-2014 wolfSSL Inc.
wolfSSL 0:1239e9b70ca2 4 *
wolfSSL 0:1239e9b70ca2 5 * This file is part of CyaSSL.
wolfSSL 0:1239e9b70ca2 6 *
wolfSSL 0:1239e9b70ca2 7 * CyaSSL is free software; you can redistribute it and/or modify
wolfSSL 0:1239e9b70ca2 8 * it under the terms of the GNU General Public License as published by
wolfSSL 0:1239e9b70ca2 9 * the Free Software Foundation; either version 2 of the License, or
wolfSSL 0:1239e9b70ca2 10 * (at your option) any later version.
wolfSSL 0:1239e9b70ca2 11 *
wolfSSL 0:1239e9b70ca2 12 * CyaSSL is distributed in the hope that it will be useful,
wolfSSL 0:1239e9b70ca2 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL 0:1239e9b70ca2 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL 0:1239e9b70ca2 15 * GNU General Public License for more details.
wolfSSL 0:1239e9b70ca2 16 *
wolfSSL 0:1239e9b70ca2 17 * You should have received a copy of the GNU General Public License
wolfSSL 0:1239e9b70ca2 18 * along with this program; if not, write to the Free Software
wolfSSL 0:1239e9b70ca2 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
wolfSSL 0:1239e9b70ca2 20 */
wolfSSL 0:1239e9b70ca2 21
wolfSSL 0:1239e9b70ca2 22
wolfSSL 0:1239e9b70ca2 23 /* CyaSSL API */
wolfSSL 0:1239e9b70ca2 24
wolfSSL 0:1239e9b70ca2 25 #ifndef CYASSL_SSL_H
wolfSSL 0:1239e9b70ca2 26 #define CYASSL_SSL_H
wolfSSL 0:1239e9b70ca2 27
wolfSSL 0:1239e9b70ca2 28
wolfSSL 0:1239e9b70ca2 29 /* for users not using preprocessor flags*/
wolfSSL 0:1239e9b70ca2 30 #include <cyassl/ctaocrypt/settings.h>
wolfSSL 0:1239e9b70ca2 31 #include <cyassl/version.h>
wolfSSL 0:1239e9b70ca2 32
wolfSSL 0:1239e9b70ca2 33
wolfSSL 0:1239e9b70ca2 34 #ifndef NO_FILESYSTEM
wolfSSL 0:1239e9b70ca2 35 #ifdef FREESCALE_MQX
wolfSSL 0:1239e9b70ca2 36 #include <fio.h>
wolfSSL 0:1239e9b70ca2 37 #else
wolfSSL 0:1239e9b70ca2 38 #include <stdio.h> /* ERR_printf */
wolfSSL 0:1239e9b70ca2 39 #endif
wolfSSL 0:1239e9b70ca2 40 #endif
wolfSSL 0:1239e9b70ca2 41
wolfSSL 0:1239e9b70ca2 42 #ifdef YASSL_PREFIX
wolfSSL 0:1239e9b70ca2 43 #include "prefix_ssl.h"
wolfSSL 0:1239e9b70ca2 44 #endif
wolfSSL 0:1239e9b70ca2 45
wolfSSL 0:1239e9b70ca2 46 #ifdef LIBCYASSL_VERSION_STRING
wolfSSL 0:1239e9b70ca2 47 #define CYASSL_VERSION LIBCYASSL_VERSION_STRING
wolfSSL 0:1239e9b70ca2 48 #endif
wolfSSL 0:1239e9b70ca2 49
wolfSSL 0:1239e9b70ca2 50 #ifdef _WIN32
wolfSSL 0:1239e9b70ca2 51 /* wincrypt.h clashes */
wolfSSL 0:1239e9b70ca2 52 #undef OCSP_REQUEST
wolfSSL 0:1239e9b70ca2 53 #undef OCSP_RESPONSE
wolfSSL 0:1239e9b70ca2 54 #endif
wolfSSL 0:1239e9b70ca2 55
wolfSSL 0:1239e9b70ca2 56
wolfSSL 0:1239e9b70ca2 57
wolfSSL 0:1239e9b70ca2 58 #ifdef __cplusplus
wolfSSL 0:1239e9b70ca2 59 extern "C" {
wolfSSL 0:1239e9b70ca2 60 #endif
wolfSSL 0:1239e9b70ca2 61
wolfSSL 0:1239e9b70ca2 62 typedef struct CYASSL CYASSL;
wolfSSL 0:1239e9b70ca2 63 typedef struct CYASSL_SESSION CYASSL_SESSION;
wolfSSL 0:1239e9b70ca2 64 typedef struct CYASSL_METHOD CYASSL_METHOD;
wolfSSL 0:1239e9b70ca2 65 typedef struct CYASSL_CTX CYASSL_CTX;
wolfSSL 0:1239e9b70ca2 66
wolfSSL 0:1239e9b70ca2 67 typedef struct CYASSL_X509 CYASSL_X509;
wolfSSL 0:1239e9b70ca2 68 typedef struct CYASSL_X509_NAME CYASSL_X509_NAME;
wolfSSL 0:1239e9b70ca2 69 typedef struct CYASSL_X509_CHAIN CYASSL_X509_CHAIN;
wolfSSL 0:1239e9b70ca2 70
wolfSSL 0:1239e9b70ca2 71 typedef struct CYASSL_CERT_MANAGER CYASSL_CERT_MANAGER;
wolfSSL 0:1239e9b70ca2 72 typedef struct CYASSL_SOCKADDR CYASSL_SOCKADDR;
wolfSSL 0:1239e9b70ca2 73
wolfSSL 0:1239e9b70ca2 74 /* redeclare guard */
wolfSSL 0:1239e9b70ca2 75 #define CYASSL_TYPES_DEFINED
wolfSSL 0:1239e9b70ca2 76
wolfSSL 0:1239e9b70ca2 77
wolfSSL 0:1239e9b70ca2 78 typedef struct CYASSL_RSA CYASSL_RSA;
wolfSSL 0:1239e9b70ca2 79 typedef struct CYASSL_DSA CYASSL_DSA;
wolfSSL 0:1239e9b70ca2 80 typedef struct CYASSL_CIPHER CYASSL_CIPHER;
wolfSSL 0:1239e9b70ca2 81 typedef struct CYASSL_X509_LOOKUP CYASSL_X509_LOOKUP;
wolfSSL 0:1239e9b70ca2 82 typedef struct CYASSL_X509_LOOKUP_METHOD CYASSL_X509_LOOKUP_METHOD;
wolfSSL 0:1239e9b70ca2 83 typedef struct CYASSL_X509_CRL CYASSL_X509_CRL;
wolfSSL 0:1239e9b70ca2 84 typedef struct CYASSL_BIO CYASSL_BIO;
wolfSSL 0:1239e9b70ca2 85 typedef struct CYASSL_BIO_METHOD CYASSL_BIO_METHOD;
wolfSSL 0:1239e9b70ca2 86 typedef struct CYASSL_X509_EXTENSION CYASSL_X509_EXTENSION;
wolfSSL 0:1239e9b70ca2 87 typedef struct CYASSL_ASN1_TIME CYASSL_ASN1_TIME;
wolfSSL 0:1239e9b70ca2 88 typedef struct CYASSL_ASN1_INTEGER CYASSL_ASN1_INTEGER;
wolfSSL 0:1239e9b70ca2 89 typedef struct CYASSL_ASN1_OBJECT CYASSL_ASN1_OBJECT;
wolfSSL 0:1239e9b70ca2 90 typedef struct CYASSL_ASN1_STRING CYASSL_ASN1_STRING;
wolfSSL 0:1239e9b70ca2 91 typedef struct CYASSL_dynlock_value CYASSL_dynlock_value;
wolfSSL 0:1239e9b70ca2 92
wolfSSL 0:1239e9b70ca2 93 #define CYASSL_ASN1_UTCTIME CYASSL_ASN1_TIME
wolfSSL 0:1239e9b70ca2 94
wolfSSL 0:1239e9b70ca2 95 typedef struct CYASSL_EVP_PKEY {
wolfSSL 0:1239e9b70ca2 96 int type; /* openssh dereference */
wolfSSL 0:1239e9b70ca2 97 int save_type; /* openssh dereference */
wolfSSL 0:1239e9b70ca2 98 int pkey_sz;
wolfSSL 0:1239e9b70ca2 99 union {
wolfSSL 0:1239e9b70ca2 100 char* ptr;
wolfSSL 0:1239e9b70ca2 101 } pkey;
wolfSSL 0:1239e9b70ca2 102 #ifdef HAVE_ECC
wolfSSL 0:1239e9b70ca2 103 int pkey_curve;
wolfSSL 0:1239e9b70ca2 104 #endif
wolfSSL 0:1239e9b70ca2 105 } CYASSL_EVP_PKEY;
wolfSSL 0:1239e9b70ca2 106
wolfSSL 0:1239e9b70ca2 107 typedef struct CYASSL_MD4_CTX {
wolfSSL 0:1239e9b70ca2 108 int buffer[32]; /* big enough to hold, check size in Init */
wolfSSL 0:1239e9b70ca2 109 } CYASSL_MD4_CTX;
wolfSSL 0:1239e9b70ca2 110
wolfSSL 0:1239e9b70ca2 111
wolfSSL 0:1239e9b70ca2 112 typedef struct CYASSL_COMP_METHOD {
wolfSSL 0:1239e9b70ca2 113 int type; /* stunnel dereference */
wolfSSL 0:1239e9b70ca2 114 } CYASSL_COMP_METHOD;
wolfSSL 0:1239e9b70ca2 115
wolfSSL 0:1239e9b70ca2 116
wolfSSL 0:1239e9b70ca2 117 typedef struct CYASSL_X509_STORE {
wolfSSL 0:1239e9b70ca2 118 int cache; /* stunnel dereference */
wolfSSL 0:1239e9b70ca2 119 CYASSL_CERT_MANAGER* cm;
wolfSSL 0:1239e9b70ca2 120 } CYASSL_X509_STORE;
wolfSSL 0:1239e9b70ca2 121
wolfSSL 0:1239e9b70ca2 122 typedef struct CYASSL_ALERT {
wolfSSL 0:1239e9b70ca2 123 int code;
wolfSSL 0:1239e9b70ca2 124 int level;
wolfSSL 0:1239e9b70ca2 125 } CYASSL_ALERT;
wolfSSL 0:1239e9b70ca2 126
wolfSSL 0:1239e9b70ca2 127 typedef struct CYASSL_ALERT_HISTORY {
wolfSSL 0:1239e9b70ca2 128 CYASSL_ALERT last_rx;
wolfSSL 0:1239e9b70ca2 129 CYASSL_ALERT last_tx;
wolfSSL 0:1239e9b70ca2 130 } CYASSL_ALERT_HISTORY;
wolfSSL 0:1239e9b70ca2 131
wolfSSL 0:1239e9b70ca2 132 typedef struct CYASSL_X509_REVOKED {
wolfSSL 0:1239e9b70ca2 133 CYASSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */
wolfSSL 0:1239e9b70ca2 134 } CYASSL_X509_REVOKED;
wolfSSL 0:1239e9b70ca2 135
wolfSSL 0:1239e9b70ca2 136
wolfSSL 0:1239e9b70ca2 137 typedef struct CYASSL_X509_OBJECT {
wolfSSL 0:1239e9b70ca2 138 union {
wolfSSL 0:1239e9b70ca2 139 char* ptr;
wolfSSL 0:1239e9b70ca2 140 CYASSL_X509_CRL* crl; /* stunnel dereference */
wolfSSL 0:1239e9b70ca2 141 } data;
wolfSSL 0:1239e9b70ca2 142 } CYASSL_X509_OBJECT;
wolfSSL 0:1239e9b70ca2 143
wolfSSL 0:1239e9b70ca2 144
wolfSSL 0:1239e9b70ca2 145 typedef struct CYASSL_X509_STORE_CTX {
wolfSSL 0:1239e9b70ca2 146 CYASSL_X509_STORE* store; /* Store full of a CA cert chain */
wolfSSL 0:1239e9b70ca2 147 CYASSL_X509* current_cert; /* stunnel dereference */
wolfSSL 0:1239e9b70ca2 148 char* domain; /* subject CN domain name */
wolfSSL 0:1239e9b70ca2 149 void* ex_data; /* external data, for fortress build */
wolfSSL 0:1239e9b70ca2 150 void* userCtx; /* user ctx */
wolfSSL 0:1239e9b70ca2 151 int error; /* current error */
wolfSSL 0:1239e9b70ca2 152 int error_depth; /* cert depth for this error */
wolfSSL 0:1239e9b70ca2 153 int discardSessionCerts; /* so verify callback can flag for discard */
wolfSSL 0:1239e9b70ca2 154 } CYASSL_X509_STORE_CTX;
wolfSSL 0:1239e9b70ca2 155
wolfSSL 0:1239e9b70ca2 156
wolfSSL 0:1239e9b70ca2 157 /* Valid Alert types from page 16/17 */
wolfSSL 0:1239e9b70ca2 158 enum AlertDescription {
wolfSSL 0:1239e9b70ca2 159 close_notify = 0,
wolfSSL 0:1239e9b70ca2 160 unexpected_message = 10,
wolfSSL 0:1239e9b70ca2 161 bad_record_mac = 20,
wolfSSL 0:1239e9b70ca2 162 decompression_failure = 30,
wolfSSL 0:1239e9b70ca2 163 handshake_failure = 40,
wolfSSL 0:1239e9b70ca2 164 no_certificate = 41,
wolfSSL 0:1239e9b70ca2 165 bad_certificate = 42,
wolfSSL 0:1239e9b70ca2 166 unsupported_certificate = 43,
wolfSSL 0:1239e9b70ca2 167 certificate_revoked = 44,
wolfSSL 0:1239e9b70ca2 168 certificate_expired = 45,
wolfSSL 0:1239e9b70ca2 169 certificate_unknown = 46,
wolfSSL 0:1239e9b70ca2 170 illegal_parameter = 47,
wolfSSL 0:1239e9b70ca2 171 decrypt_error = 51,
wolfSSL 0:1239e9b70ca2 172 protocol_version = 70,
wolfSSL 0:1239e9b70ca2 173 no_renegotiation = 100,
wolfSSL 0:1239e9b70ca2 174 unrecognized_name = 112
wolfSSL 0:1239e9b70ca2 175 };
wolfSSL 0:1239e9b70ca2 176
wolfSSL 0:1239e9b70ca2 177
wolfSSL 0:1239e9b70ca2 178 enum AlertLevel {
wolfSSL 0:1239e9b70ca2 179 alert_warning = 1,
wolfSSL 0:1239e9b70ca2 180 alert_fatal = 2
wolfSSL 0:1239e9b70ca2 181 };
wolfSSL 0:1239e9b70ca2 182
wolfSSL 0:1239e9b70ca2 183
wolfSSL 0:1239e9b70ca2 184 CYASSL_API CYASSL_METHOD *CyaSSLv3_server_method(void);
wolfSSL 0:1239e9b70ca2 185 CYASSL_API CYASSL_METHOD *CyaSSLv3_client_method(void);
wolfSSL 0:1239e9b70ca2 186 CYASSL_API CYASSL_METHOD *CyaTLSv1_server_method(void);
wolfSSL 0:1239e9b70ca2 187 CYASSL_API CYASSL_METHOD *CyaTLSv1_client_method(void);
wolfSSL 0:1239e9b70ca2 188 CYASSL_API CYASSL_METHOD *CyaTLSv1_1_server_method(void);
wolfSSL 0:1239e9b70ca2 189 CYASSL_API CYASSL_METHOD *CyaTLSv1_1_client_method(void);
wolfSSL 0:1239e9b70ca2 190 CYASSL_API CYASSL_METHOD *CyaTLSv1_2_server_method(void);
wolfSSL 0:1239e9b70ca2 191 CYASSL_API CYASSL_METHOD *CyaTLSv1_2_client_method(void);
wolfSSL 0:1239e9b70ca2 192
wolfSSL 0:1239e9b70ca2 193 #ifdef CYASSL_DTLS
wolfSSL 0:1239e9b70ca2 194 CYASSL_API CYASSL_METHOD *CyaDTLSv1_client_method(void);
wolfSSL 0:1239e9b70ca2 195 CYASSL_API CYASSL_METHOD *CyaDTLSv1_server_method(void);
wolfSSL 0:1239e9b70ca2 196 CYASSL_API CYASSL_METHOD *CyaDTLSv1_2_client_method(void);
wolfSSL 0:1239e9b70ca2 197 CYASSL_API CYASSL_METHOD *CyaDTLSv1_2_server_method(void);
wolfSSL 0:1239e9b70ca2 198 #endif
wolfSSL 0:1239e9b70ca2 199
wolfSSL 0:1239e9b70ca2 200 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
wolfSSL 0:1239e9b70ca2 201
wolfSSL 0:1239e9b70ca2 202 CYASSL_API int CyaSSL_CTX_use_certificate_file(CYASSL_CTX*, const char*, int);
wolfSSL 0:1239e9b70ca2 203 CYASSL_API int CyaSSL_CTX_use_PrivateKey_file(CYASSL_CTX*, const char*, int);
wolfSSL 0:1239e9b70ca2 204 CYASSL_API int CyaSSL_CTX_load_verify_locations(CYASSL_CTX*, const char*,
wolfSSL 0:1239e9b70ca2 205 const char*);
wolfSSL 0:1239e9b70ca2 206 CYASSL_API int CyaSSL_CTX_use_certificate_chain_file(CYASSL_CTX *,
wolfSSL 0:1239e9b70ca2 207 const char *file);
wolfSSL 0:1239e9b70ca2 208 CYASSL_API int CyaSSL_CTX_use_RSAPrivateKey_file(CYASSL_CTX*, const char*, int);
wolfSSL 0:1239e9b70ca2 209
wolfSSL 0:1239e9b70ca2 210 CYASSL_API int CyaSSL_use_certificate_file(CYASSL*, const char*, int);
wolfSSL 0:1239e9b70ca2 211 CYASSL_API int CyaSSL_use_PrivateKey_file(CYASSL*, const char*, int);
wolfSSL 0:1239e9b70ca2 212 CYASSL_API int CyaSSL_use_certificate_chain_file(CYASSL*, const char *file);
wolfSSL 0:1239e9b70ca2 213 CYASSL_API int CyaSSL_use_RSAPrivateKey_file(CYASSL*, const char*, int);
wolfSSL 0:1239e9b70ca2 214
wolfSSL 0:1239e9b70ca2 215 #ifdef CYASSL_DER_LOAD
wolfSSL 0:1239e9b70ca2 216 CYASSL_API int CyaSSL_CTX_der_load_verify_locations(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 217 const char*, int);
wolfSSL 0:1239e9b70ca2 218 #endif
wolfSSL 0:1239e9b70ca2 219
wolfSSL 0:1239e9b70ca2 220 #ifdef HAVE_NTRU
wolfSSL 0:1239e9b70ca2 221 CYASSL_API int CyaSSL_CTX_use_NTRUPrivateKey_file(CYASSL_CTX*, const char*);
wolfSSL 0:1239e9b70ca2 222 /* load NTRU private key blob */
wolfSSL 0:1239e9b70ca2 223 #endif
wolfSSL 0:1239e9b70ca2 224
wolfSSL 0:1239e9b70ca2 225 CYASSL_API int CyaSSL_PemCertToDer(const char*, unsigned char*, int);
wolfSSL 0:1239e9b70ca2 226
wolfSSL 0:1239e9b70ca2 227 #endif /* !NO_FILESYSTEM && !NO_CERTS */
wolfSSL 0:1239e9b70ca2 228
wolfSSL 0:1239e9b70ca2 229 CYASSL_API CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD*);
wolfSSL 0:1239e9b70ca2 230 CYASSL_API CYASSL* CyaSSL_new(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 231 CYASSL_API int CyaSSL_set_fd (CYASSL*, int);
wolfSSL 0:1239e9b70ca2 232 CYASSL_API int CyaSSL_get_fd(const CYASSL*);
wolfSSL 0:1239e9b70ca2 233 CYASSL_API void CyaSSL_set_using_nonblock(CYASSL*, int);
wolfSSL 0:1239e9b70ca2 234 CYASSL_API int CyaSSL_get_using_nonblock(CYASSL*);
wolfSSL 0:1239e9b70ca2 235 CYASSL_API int CyaSSL_connect(CYASSL*); /* please see note at top of README
wolfSSL 0:1239e9b70ca2 236 if you get an error from connect */
wolfSSL 0:1239e9b70ca2 237 CYASSL_API int CyaSSL_write(CYASSL*, const void*, int);
wolfSSL 0:1239e9b70ca2 238 CYASSL_API int CyaSSL_read(CYASSL*, void*, int);
wolfSSL 0:1239e9b70ca2 239 CYASSL_API int CyaSSL_peek(CYASSL*, void*, int);
wolfSSL 0:1239e9b70ca2 240 CYASSL_API int CyaSSL_accept(CYASSL*);
wolfSSL 0:1239e9b70ca2 241 CYASSL_API void CyaSSL_CTX_free(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 242 CYASSL_API void CyaSSL_free(CYASSL*);
wolfSSL 0:1239e9b70ca2 243 CYASSL_API int CyaSSL_shutdown(CYASSL*);
wolfSSL 0:1239e9b70ca2 244 CYASSL_API int CyaSSL_send(CYASSL*, const void*, int sz, int flags);
wolfSSL 0:1239e9b70ca2 245 CYASSL_API int CyaSSL_recv(CYASSL*, void*, int sz, int flags);
wolfSSL 0:1239e9b70ca2 246
wolfSSL 0:1239e9b70ca2 247 CYASSL_API void CyaSSL_CTX_set_quiet_shutdown(CYASSL_CTX*, int);
wolfSSL 0:1239e9b70ca2 248 CYASSL_API void CyaSSL_set_quiet_shutdown(CYASSL*, int);
wolfSSL 0:1239e9b70ca2 249
wolfSSL 0:1239e9b70ca2 250 CYASSL_API int CyaSSL_get_error(CYASSL*, int);
wolfSSL 0:1239e9b70ca2 251 CYASSL_API int CyaSSL_get_alert_history(CYASSL*, CYASSL_ALERT_HISTORY *);
wolfSSL 0:1239e9b70ca2 252
wolfSSL 0:1239e9b70ca2 253 CYASSL_API int CyaSSL_set_session(CYASSL* ssl,CYASSL_SESSION* session);
wolfSSL 0:1239e9b70ca2 254 CYASSL_API CYASSL_SESSION* CyaSSL_get_session(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 255 CYASSL_API void CyaSSL_flush_sessions(CYASSL_CTX *ctx, long tm);
wolfSSL 0:1239e9b70ca2 256 CYASSL_API int CyaSSL_SetServerID(CYASSL* ssl, const unsigned char*,
wolfSSL 0:1239e9b70ca2 257 int, int);
wolfSSL 0:1239e9b70ca2 258
wolfSSL 0:1239e9b70ca2 259 #ifdef SESSION_INDEX
wolfSSL 0:1239e9b70ca2 260 CYASSL_API int CyaSSL_GetSessionIndex(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 261 CYASSL_API int CyaSSL_GetSessionAtIndex(int index, CYASSL_SESSION* session);
wolfSSL 0:1239e9b70ca2 262 #endif /* SESSION_INDEX */
wolfSSL 0:1239e9b70ca2 263
wolfSSL 0:1239e9b70ca2 264 #if defined(SESSION_INDEX) && defined(SESSION_CERTS)
wolfSSL 0:1239e9b70ca2 265 CYASSL_API
wolfSSL 0:1239e9b70ca2 266 CYASSL_X509_CHAIN* CyaSSL_SESSION_get_peer_chain(CYASSL_SESSION* session);
wolfSSL 0:1239e9b70ca2 267 #endif /* SESSION_INDEX && SESSION_CERTS */
wolfSSL 0:1239e9b70ca2 268
wolfSSL 0:1239e9b70ca2 269 typedef int (*VerifyCallback)(int, CYASSL_X509_STORE_CTX*);
wolfSSL 0:1239e9b70ca2 270 typedef int (*pem_password_cb)(char*, int, int, void*);
wolfSSL 0:1239e9b70ca2 271
wolfSSL 0:1239e9b70ca2 272 CYASSL_API void CyaSSL_CTX_set_verify(CYASSL_CTX*, int,
wolfSSL 0:1239e9b70ca2 273 VerifyCallback verify_callback);
wolfSSL 0:1239e9b70ca2 274 CYASSL_API void CyaSSL_set_verify(CYASSL*, int, VerifyCallback verify_callback);
wolfSSL 0:1239e9b70ca2 275 CYASSL_API void CyaSSL_SetCertCbCtx(CYASSL*, void*);
wolfSSL 0:1239e9b70ca2 276
wolfSSL 0:1239e9b70ca2 277 CYASSL_API int CyaSSL_pending(CYASSL*);
wolfSSL 0:1239e9b70ca2 278
wolfSSL 0:1239e9b70ca2 279 CYASSL_API void CyaSSL_load_error_strings(void);
wolfSSL 0:1239e9b70ca2 280 CYASSL_API int CyaSSL_library_init(void);
wolfSSL 0:1239e9b70ca2 281 CYASSL_API long CyaSSL_CTX_set_session_cache_mode(CYASSL_CTX*, long);
wolfSSL 0:1239e9b70ca2 282
wolfSSL 0:1239e9b70ca2 283 /* session cache persistence */
wolfSSL 0:1239e9b70ca2 284 CYASSL_API int CyaSSL_save_session_cache(const char*);
wolfSSL 0:1239e9b70ca2 285 CYASSL_API int CyaSSL_restore_session_cache(const char*);
wolfSSL 0:1239e9b70ca2 286 CYASSL_API int CyaSSL_memsave_session_cache(void*, int);
wolfSSL 0:1239e9b70ca2 287 CYASSL_API int CyaSSL_memrestore_session_cache(const void*, int);
wolfSSL 0:1239e9b70ca2 288 CYASSL_API int CyaSSL_get_session_cache_memsize(void);
wolfSSL 0:1239e9b70ca2 289
wolfSSL 0:1239e9b70ca2 290 /* certificate cache persistence, uses ctx since certs are per ctx */
wolfSSL 0:1239e9b70ca2 291 CYASSL_API int CyaSSL_CTX_save_cert_cache(CYASSL_CTX*, const char*);
wolfSSL 0:1239e9b70ca2 292 CYASSL_API int CyaSSL_CTX_restore_cert_cache(CYASSL_CTX*, const char*);
wolfSSL 0:1239e9b70ca2 293 CYASSL_API int CyaSSL_CTX_memsave_cert_cache(CYASSL_CTX*, void*, int, int*);
wolfSSL 0:1239e9b70ca2 294 CYASSL_API int CyaSSL_CTX_memrestore_cert_cache(CYASSL_CTX*, const void*, int);
wolfSSL 0:1239e9b70ca2 295 CYASSL_API int CyaSSL_CTX_get_cert_cache_memsize(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 296
wolfSSL 0:1239e9b70ca2 297 /* only supports full name from cipher_name[] delimited by : */
wolfSSL 0:1239e9b70ca2 298 CYASSL_API int CyaSSL_CTX_set_cipher_list(CYASSL_CTX*, const char*);
wolfSSL 0:1239e9b70ca2 299 CYASSL_API int CyaSSL_set_cipher_list(CYASSL*, const char*);
wolfSSL 0:1239e9b70ca2 300
wolfSSL 0:1239e9b70ca2 301 /* Nonblocking DTLS helper functions */
wolfSSL 0:1239e9b70ca2 302 CYASSL_API int CyaSSL_dtls_get_current_timeout(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 303 CYASSL_API int CyaSSL_dtls_set_timeout_init(CYASSL* ssl, int);
wolfSSL 0:1239e9b70ca2 304 CYASSL_API int CyaSSL_dtls_set_timeout_max(CYASSL* ssl, int);
wolfSSL 0:1239e9b70ca2 305 CYASSL_API int CyaSSL_dtls_got_timeout(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 306 CYASSL_API int CyaSSL_dtls(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 307
wolfSSL 0:1239e9b70ca2 308 CYASSL_API int CyaSSL_dtls_set_peer(CYASSL*, void*, unsigned int);
wolfSSL 0:1239e9b70ca2 309 CYASSL_API int CyaSSL_dtls_get_peer(CYASSL*, void*, unsigned int*);
wolfSSL 0:1239e9b70ca2 310
wolfSSL 0:1239e9b70ca2 311 CYASSL_API int CyaSSL_ERR_GET_REASON(int err);
wolfSSL 0:1239e9b70ca2 312 CYASSL_API char* CyaSSL_ERR_error_string(unsigned long,char*);
wolfSSL 0:1239e9b70ca2 313 CYASSL_API void CyaSSL_ERR_error_string_n(unsigned long e, char* buf,
wolfSSL 0:1239e9b70ca2 314 unsigned long sz);
wolfSSL 0:1239e9b70ca2 315
wolfSSL 0:1239e9b70ca2 316 /* extras */
wolfSSL 0:1239e9b70ca2 317
wolfSSL 0:1239e9b70ca2 318 #define STACK_OF(x) x
wolfSSL 0:1239e9b70ca2 319
wolfSSL 0:1239e9b70ca2 320 CYASSL_API int CyaSSL_set_ex_data(CYASSL*, int, void*);
wolfSSL 0:1239e9b70ca2 321 CYASSL_API int CyaSSL_get_shutdown(const CYASSL*);
wolfSSL 0:1239e9b70ca2 322 CYASSL_API int CyaSSL_set_rfd(CYASSL*, int);
wolfSSL 0:1239e9b70ca2 323 CYASSL_API int CyaSSL_set_wfd(CYASSL*, int);
wolfSSL 0:1239e9b70ca2 324 CYASSL_API void CyaSSL_set_shutdown(CYASSL*, int);
wolfSSL 0:1239e9b70ca2 325 CYASSL_API int CyaSSL_set_session_id_context(CYASSL*, const unsigned char*,
wolfSSL 0:1239e9b70ca2 326 unsigned int);
wolfSSL 0:1239e9b70ca2 327 CYASSL_API void CyaSSL_set_connect_state(CYASSL*);
wolfSSL 0:1239e9b70ca2 328 CYASSL_API void CyaSSL_set_accept_state(CYASSL*);
wolfSSL 0:1239e9b70ca2 329 CYASSL_API int CyaSSL_session_reused(CYASSL*);
wolfSSL 0:1239e9b70ca2 330 CYASSL_API void CyaSSL_SESSION_free(CYASSL_SESSION* session);
wolfSSL 0:1239e9b70ca2 331 CYASSL_API int CyaSSL_is_init_finished(CYASSL*);
wolfSSL 0:1239e9b70ca2 332
wolfSSL 0:1239e9b70ca2 333 CYASSL_API const char* CyaSSL_get_version(CYASSL*);
wolfSSL 0:1239e9b70ca2 334 CYASSL_API int CyaSSL_get_current_cipher_suite(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 335 CYASSL_API CYASSL_CIPHER* CyaSSL_get_current_cipher(CYASSL*);
wolfSSL 0:1239e9b70ca2 336 CYASSL_API char* CyaSSL_CIPHER_description(CYASSL_CIPHER*, char*, int);
wolfSSL 0:1239e9b70ca2 337 CYASSL_API const char* CyaSSL_CIPHER_get_name(const CYASSL_CIPHER* cipher);
wolfSSL 0:1239e9b70ca2 338 CYASSL_API const char* CyaSSL_get_cipher(CYASSL*);
wolfSSL 0:1239e9b70ca2 339 CYASSL_API CYASSL_SESSION* CyaSSL_get1_session(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 340 /* what's ref count */
wolfSSL 0:1239e9b70ca2 341
wolfSSL 0:1239e9b70ca2 342 CYASSL_API void CyaSSL_X509_free(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 343 CYASSL_API void CyaSSL_OPENSSL_free(void*);
wolfSSL 0:1239e9b70ca2 344
wolfSSL 0:1239e9b70ca2 345 CYASSL_API int CyaSSL_OCSP_parse_url(char* url, char** host, char** port,
wolfSSL 0:1239e9b70ca2 346 char** path, int* ssl);
wolfSSL 0:1239e9b70ca2 347
wolfSSL 0:1239e9b70ca2 348 CYASSL_API CYASSL_METHOD* CyaSSLv23_client_method(void);
wolfSSL 0:1239e9b70ca2 349 CYASSL_API CYASSL_METHOD* CyaSSLv2_client_method(void);
wolfSSL 0:1239e9b70ca2 350 CYASSL_API CYASSL_METHOD* CyaSSLv2_server_method(void);
wolfSSL 0:1239e9b70ca2 351
wolfSSL 0:1239e9b70ca2 352 CYASSL_API void CyaSSL_MD4_Init(CYASSL_MD4_CTX*);
wolfSSL 0:1239e9b70ca2 353 CYASSL_API void CyaSSL_MD4_Update(CYASSL_MD4_CTX*, const void*, unsigned long);
wolfSSL 0:1239e9b70ca2 354 CYASSL_API void CyaSSL_MD4_Final(unsigned char*, CYASSL_MD4_CTX*);
wolfSSL 0:1239e9b70ca2 355
wolfSSL 0:1239e9b70ca2 356
wolfSSL 0:1239e9b70ca2 357 CYASSL_API CYASSL_BIO* CyaSSL_BIO_new(CYASSL_BIO_METHOD*);
wolfSSL 0:1239e9b70ca2 358 CYASSL_API int CyaSSL_BIO_free(CYASSL_BIO*);
wolfSSL 0:1239e9b70ca2 359 CYASSL_API int CyaSSL_BIO_free_all(CYASSL_BIO*);
wolfSSL 0:1239e9b70ca2 360 CYASSL_API int CyaSSL_BIO_read(CYASSL_BIO*, void*, int);
wolfSSL 0:1239e9b70ca2 361 CYASSL_API int CyaSSL_BIO_write(CYASSL_BIO*, const void*, int);
wolfSSL 0:1239e9b70ca2 362 CYASSL_API CYASSL_BIO* CyaSSL_BIO_push(CYASSL_BIO*, CYASSL_BIO* append);
wolfSSL 0:1239e9b70ca2 363 CYASSL_API CYASSL_BIO* CyaSSL_BIO_pop(CYASSL_BIO*);
wolfSSL 0:1239e9b70ca2 364 CYASSL_API int CyaSSL_BIO_flush(CYASSL_BIO*);
wolfSSL 0:1239e9b70ca2 365 CYASSL_API int CyaSSL_BIO_pending(CYASSL_BIO*);
wolfSSL 0:1239e9b70ca2 366
wolfSSL 0:1239e9b70ca2 367 CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_f_buffer(void);
wolfSSL 0:1239e9b70ca2 368 CYASSL_API long CyaSSL_BIO_set_write_buffer_size(CYASSL_BIO*, long size);
wolfSSL 0:1239e9b70ca2 369 CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_f_ssl(void);
wolfSSL 0:1239e9b70ca2 370 CYASSL_API CYASSL_BIO* CyaSSL_BIO_new_socket(int sfd, int flag);
wolfSSL 0:1239e9b70ca2 371 CYASSL_API int CyaSSL_BIO_eof(CYASSL_BIO*);
wolfSSL 0:1239e9b70ca2 372
wolfSSL 0:1239e9b70ca2 373 CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_s_mem(void);
wolfSSL 0:1239e9b70ca2 374 CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_f_base64(void);
wolfSSL 0:1239e9b70ca2 375 CYASSL_API void CyaSSL_BIO_set_flags(CYASSL_BIO*, int);
wolfSSL 0:1239e9b70ca2 376
wolfSSL 0:1239e9b70ca2 377 CYASSL_API int CyaSSL_BIO_get_mem_data(CYASSL_BIO* bio,const unsigned char** p);
wolfSSL 0:1239e9b70ca2 378 CYASSL_API CYASSL_BIO* CyaSSL_BIO_new_mem_buf(void* buf, int len);
wolfSSL 0:1239e9b70ca2 379
wolfSSL 0:1239e9b70ca2 380
wolfSSL 0:1239e9b70ca2 381 CYASSL_API long CyaSSL_BIO_set_ssl(CYASSL_BIO*, CYASSL*, int flag);
wolfSSL 0:1239e9b70ca2 382 CYASSL_API void CyaSSL_set_bio(CYASSL*, CYASSL_BIO* rd, CYASSL_BIO* wr);
wolfSSL 0:1239e9b70ca2 383
wolfSSL 0:1239e9b70ca2 384 CYASSL_API int CyaSSL_add_all_algorithms(void);
wolfSSL 0:1239e9b70ca2 385
wolfSSL 0:1239e9b70ca2 386 CYASSL_API void CyaSSL_RAND_screen(void);
wolfSSL 0:1239e9b70ca2 387 CYASSL_API const char* CyaSSL_RAND_file_name(char*, unsigned long);
wolfSSL 0:1239e9b70ca2 388 CYASSL_API int CyaSSL_RAND_write_file(const char*);
wolfSSL 0:1239e9b70ca2 389 CYASSL_API int CyaSSL_RAND_load_file(const char*, long);
wolfSSL 0:1239e9b70ca2 390 CYASSL_API int CyaSSL_RAND_egd(const char*);
wolfSSL 0:1239e9b70ca2 391 CYASSL_API int CyaSSL_RAND_seed(const void*, int);
wolfSSL 0:1239e9b70ca2 392 CYASSL_API void CyaSSL_RAND_add(const void*, int, double);
wolfSSL 0:1239e9b70ca2 393
wolfSSL 0:1239e9b70ca2 394 CYASSL_API CYASSL_COMP_METHOD* CyaSSL_COMP_zlib(void);
wolfSSL 0:1239e9b70ca2 395 CYASSL_API CYASSL_COMP_METHOD* CyaSSL_COMP_rle(void);
wolfSSL 0:1239e9b70ca2 396 CYASSL_API int CyaSSL_COMP_add_compression_method(int, void*);
wolfSSL 0:1239e9b70ca2 397
wolfSSL 0:1239e9b70ca2 398 CYASSL_API int CyaSSL_get_ex_new_index(long, void*, void*, void*, void*);
wolfSSL 0:1239e9b70ca2 399
wolfSSL 0:1239e9b70ca2 400 CYASSL_API void CyaSSL_set_id_callback(unsigned long (*f)(void));
wolfSSL 0:1239e9b70ca2 401 CYASSL_API void CyaSSL_set_locking_callback(void (*f)(int, int, const char*,
wolfSSL 0:1239e9b70ca2 402 int));
wolfSSL 0:1239e9b70ca2 403 CYASSL_API void CyaSSL_set_dynlock_create_callback(CYASSL_dynlock_value* (*f)
wolfSSL 0:1239e9b70ca2 404 (const char*, int));
wolfSSL 0:1239e9b70ca2 405 CYASSL_API void CyaSSL_set_dynlock_lock_callback(void (*f)(int,
wolfSSL 0:1239e9b70ca2 406 CYASSL_dynlock_value*, const char*, int));
wolfSSL 0:1239e9b70ca2 407 CYASSL_API void CyaSSL_set_dynlock_destroy_callback(void (*f)
wolfSSL 0:1239e9b70ca2 408 (CYASSL_dynlock_value*, const char*, int));
wolfSSL 0:1239e9b70ca2 409 CYASSL_API int CyaSSL_num_locks(void);
wolfSSL 0:1239e9b70ca2 410
wolfSSL 0:1239e9b70ca2 411 CYASSL_API CYASSL_X509* CyaSSL_X509_STORE_CTX_get_current_cert(
wolfSSL 0:1239e9b70ca2 412 CYASSL_X509_STORE_CTX*);
wolfSSL 0:1239e9b70ca2 413 CYASSL_API int CyaSSL_X509_STORE_CTX_get_error(CYASSL_X509_STORE_CTX*);
wolfSSL 0:1239e9b70ca2 414 CYASSL_API int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX*);
wolfSSL 0:1239e9b70ca2 415
wolfSSL 0:1239e9b70ca2 416 CYASSL_API char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME*, char*, int);
wolfSSL 0:1239e9b70ca2 417 CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 418 CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 419 CYASSL_API int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509*, int);
wolfSSL 0:1239e9b70ca2 420 CYASSL_API int CyaSSL_X509_ext_get_critical_by_NID(CYASSL_X509*, int);
wolfSSL 0:1239e9b70ca2 421 CYASSL_API int CyaSSL_X509_get_isCA(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 422 CYASSL_API int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 423 CYASSL_API unsigned int CyaSSL_X509_get_pathLength(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 424 CYASSL_API unsigned int CyaSSL_X509_get_keyUsage(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 425 CYASSL_API unsigned char* CyaSSL_X509_get_authorityKeyID(
wolfSSL 0:1239e9b70ca2 426 CYASSL_X509*, unsigned char*, int*);
wolfSSL 0:1239e9b70ca2 427 CYASSL_API unsigned char* CyaSSL_X509_get_subjectKeyID(
wolfSSL 0:1239e9b70ca2 428 CYASSL_X509*, unsigned char*, int*);
wolfSSL 0:1239e9b70ca2 429 CYASSL_API int CyaSSL_X509_NAME_entry_count(CYASSL_X509_NAME*);
wolfSSL 0:1239e9b70ca2 430 CYASSL_API int CyaSSL_X509_NAME_get_text_by_NID(
wolfSSL 0:1239e9b70ca2 431 CYASSL_X509_NAME*, int, char*, int);
wolfSSL 0:1239e9b70ca2 432 CYASSL_API int CyaSSL_X509_verify_cert(CYASSL_X509_STORE_CTX*);
wolfSSL 0:1239e9b70ca2 433 CYASSL_API const char* CyaSSL_X509_verify_cert_error_string(long);
wolfSSL 0:1239e9b70ca2 434 CYASSL_API int CyaSSL_X509_get_signature_type(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 435 CYASSL_API int CyaSSL_X509_get_signature(CYASSL_X509*, unsigned char*, int*);
wolfSSL 0:1239e9b70ca2 436
wolfSSL 0:1239e9b70ca2 437 CYASSL_API int CyaSSL_X509_LOOKUP_add_dir(CYASSL_X509_LOOKUP*,const char*,long);
wolfSSL 0:1239e9b70ca2 438 CYASSL_API int CyaSSL_X509_LOOKUP_load_file(CYASSL_X509_LOOKUP*, const char*,
wolfSSL 0:1239e9b70ca2 439 long);
wolfSSL 0:1239e9b70ca2 440 CYASSL_API CYASSL_X509_LOOKUP_METHOD* CyaSSL_X509_LOOKUP_hash_dir(void);
wolfSSL 0:1239e9b70ca2 441 CYASSL_API CYASSL_X509_LOOKUP_METHOD* CyaSSL_X509_LOOKUP_file(void);
wolfSSL 0:1239e9b70ca2 442
wolfSSL 0:1239e9b70ca2 443 CYASSL_API CYASSL_X509_LOOKUP* CyaSSL_X509_STORE_add_lookup(CYASSL_X509_STORE*,
wolfSSL 0:1239e9b70ca2 444 CYASSL_X509_LOOKUP_METHOD*);
wolfSSL 0:1239e9b70ca2 445 CYASSL_API CYASSL_X509_STORE* CyaSSL_X509_STORE_new(void);
wolfSSL 0:1239e9b70ca2 446 CYASSL_API void CyaSSL_X509_STORE_free(CYASSL_X509_STORE*);
wolfSSL 0:1239e9b70ca2 447 CYASSL_API int CyaSSL_X509_STORE_add_cert(
wolfSSL 0:1239e9b70ca2 448 CYASSL_X509_STORE*, CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 449 CYASSL_API int CyaSSL_X509_STORE_set_default_paths(CYASSL_X509_STORE*);
wolfSSL 0:1239e9b70ca2 450 CYASSL_API int CyaSSL_X509_STORE_get_by_subject(CYASSL_X509_STORE_CTX*,
wolfSSL 0:1239e9b70ca2 451 int, CYASSL_X509_NAME*, CYASSL_X509_OBJECT*);
wolfSSL 0:1239e9b70ca2 452 CYASSL_API CYASSL_X509_STORE_CTX* CyaSSL_X509_STORE_CTX_new(void);
wolfSSL 0:1239e9b70ca2 453 CYASSL_API int CyaSSL_X509_STORE_CTX_init(CYASSL_X509_STORE_CTX*,
wolfSSL 0:1239e9b70ca2 454 CYASSL_X509_STORE*, CYASSL_X509*, STACK_OF(CYASSL_X509)*);
wolfSSL 0:1239e9b70ca2 455 CYASSL_API void CyaSSL_X509_STORE_CTX_free(CYASSL_X509_STORE_CTX*);
wolfSSL 0:1239e9b70ca2 456 CYASSL_API void CyaSSL_X509_STORE_CTX_cleanup(CYASSL_X509_STORE_CTX*);
wolfSSL 0:1239e9b70ca2 457
wolfSSL 0:1239e9b70ca2 458 CYASSL_API CYASSL_ASN1_TIME* CyaSSL_X509_CRL_get_lastUpdate(CYASSL_X509_CRL*);
wolfSSL 0:1239e9b70ca2 459 CYASSL_API CYASSL_ASN1_TIME* CyaSSL_X509_CRL_get_nextUpdate(CYASSL_X509_CRL*);
wolfSSL 0:1239e9b70ca2 460
wolfSSL 0:1239e9b70ca2 461 CYASSL_API CYASSL_EVP_PKEY* CyaSSL_X509_get_pubkey(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 462 CYASSL_API int CyaSSL_X509_CRL_verify(CYASSL_X509_CRL*, CYASSL_EVP_PKEY*);
wolfSSL 0:1239e9b70ca2 463 CYASSL_API void CyaSSL_X509_STORE_CTX_set_error(CYASSL_X509_STORE_CTX*,
wolfSSL 0:1239e9b70ca2 464 int);
wolfSSL 0:1239e9b70ca2 465 CYASSL_API void CyaSSL_X509_OBJECT_free_contents(CYASSL_X509_OBJECT*);
wolfSSL 0:1239e9b70ca2 466 CYASSL_API void CyaSSL_EVP_PKEY_free(CYASSL_EVP_PKEY*);
wolfSSL 0:1239e9b70ca2 467 CYASSL_API int CyaSSL_X509_cmp_current_time(const CYASSL_ASN1_TIME*);
wolfSSL 0:1239e9b70ca2 468 CYASSL_API int CyaSSL_sk_X509_REVOKED_num(CYASSL_X509_REVOKED*);
wolfSSL 0:1239e9b70ca2 469
wolfSSL 0:1239e9b70ca2 470 CYASSL_API CYASSL_X509_REVOKED* CyaSSL_X509_CRL_get_REVOKED(CYASSL_X509_CRL*);
wolfSSL 0:1239e9b70ca2 471 CYASSL_API CYASSL_X509_REVOKED* CyaSSL_sk_X509_REVOKED_value(
wolfSSL 0:1239e9b70ca2 472 CYASSL_X509_REVOKED*,int);
wolfSSL 0:1239e9b70ca2 473 CYASSL_API CYASSL_ASN1_INTEGER* CyaSSL_X509_get_serialNumber(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 474
wolfSSL 0:1239e9b70ca2 475 CYASSL_API int CyaSSL_ASN1_TIME_print(CYASSL_BIO*, const CYASSL_ASN1_TIME*);
wolfSSL 0:1239e9b70ca2 476
wolfSSL 0:1239e9b70ca2 477 CYASSL_API int CyaSSL_ASN1_INTEGER_cmp(const CYASSL_ASN1_INTEGER*,
wolfSSL 0:1239e9b70ca2 478 const CYASSL_ASN1_INTEGER*);
wolfSSL 0:1239e9b70ca2 479 CYASSL_API long CyaSSL_ASN1_INTEGER_get(const CYASSL_ASN1_INTEGER*);
wolfSSL 0:1239e9b70ca2 480
wolfSSL 0:1239e9b70ca2 481 CYASSL_API STACK_OF(CYASSL_X509_NAME)* CyaSSL_load_client_CA_file(const char*);
wolfSSL 0:1239e9b70ca2 482
wolfSSL 0:1239e9b70ca2 483 CYASSL_API void CyaSSL_CTX_set_client_CA_list(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 484 STACK_OF(CYASSL_X509_NAME)*);
wolfSSL 0:1239e9b70ca2 485 CYASSL_API void* CyaSSL_X509_STORE_CTX_get_ex_data(CYASSL_X509_STORE_CTX*, int);
wolfSSL 0:1239e9b70ca2 486 CYASSL_API int CyaSSL_get_ex_data_X509_STORE_CTX_idx(void);
wolfSSL 0:1239e9b70ca2 487 CYASSL_API void* CyaSSL_get_ex_data(const CYASSL*, int);
wolfSSL 0:1239e9b70ca2 488
wolfSSL 0:1239e9b70ca2 489 CYASSL_API void CyaSSL_CTX_set_default_passwd_cb_userdata(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 490 void* userdata);
wolfSSL 0:1239e9b70ca2 491 CYASSL_API void CyaSSL_CTX_set_default_passwd_cb(CYASSL_CTX*, pem_password_cb);
wolfSSL 0:1239e9b70ca2 492
wolfSSL 0:1239e9b70ca2 493
wolfSSL 0:1239e9b70ca2 494 CYASSL_API void CyaSSL_CTX_set_info_callback(CYASSL_CTX*, void (*)(void));
wolfSSL 0:1239e9b70ca2 495
wolfSSL 0:1239e9b70ca2 496 CYASSL_API unsigned long CyaSSL_ERR_peek_error(void);
wolfSSL 0:1239e9b70ca2 497 CYASSL_API int CyaSSL_GET_REASON(int);
wolfSSL 0:1239e9b70ca2 498
wolfSSL 0:1239e9b70ca2 499 CYASSL_API char* CyaSSL_alert_type_string_long(int);
wolfSSL 0:1239e9b70ca2 500 CYASSL_API char* CyaSSL_alert_desc_string_long(int);
wolfSSL 0:1239e9b70ca2 501 CYASSL_API char* CyaSSL_state_string_long(CYASSL*);
wolfSSL 0:1239e9b70ca2 502
wolfSSL 0:1239e9b70ca2 503 CYASSL_API CYASSL_RSA* CyaSSL_RSA_generate_key(int, unsigned long,
wolfSSL 0:1239e9b70ca2 504 void(*)(int, int, void*), void*);
wolfSSL 0:1239e9b70ca2 505 CYASSL_API void CyaSSL_CTX_set_tmp_rsa_callback(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 506 CYASSL_RSA*(*)(CYASSL*, int, int));
wolfSSL 0:1239e9b70ca2 507
wolfSSL 0:1239e9b70ca2 508 CYASSL_API int CyaSSL_PEM_def_callback(char*, int num, int w, void* key);
wolfSSL 0:1239e9b70ca2 509
wolfSSL 0:1239e9b70ca2 510 CYASSL_API long CyaSSL_CTX_sess_accept(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 511 CYASSL_API long CyaSSL_CTX_sess_connect(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 512 CYASSL_API long CyaSSL_CTX_sess_accept_good(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 513 CYASSL_API long CyaSSL_CTX_sess_connect_good(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 514 CYASSL_API long CyaSSL_CTX_sess_accept_renegotiate(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 515 CYASSL_API long CyaSSL_CTX_sess_connect_renegotiate(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 516 CYASSL_API long CyaSSL_CTX_sess_hits(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 517 CYASSL_API long CyaSSL_CTX_sess_cb_hits(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 518 CYASSL_API long CyaSSL_CTX_sess_cache_full(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 519 CYASSL_API long CyaSSL_CTX_sess_misses(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 520 CYASSL_API long CyaSSL_CTX_sess_timeouts(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 521 CYASSL_API long CyaSSL_CTX_sess_number(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 522 CYASSL_API long CyaSSL_CTX_sess_get_cache_size(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 523
wolfSSL 0:1239e9b70ca2 524 #define CYASSL_DEFAULT_CIPHER_LIST "" /* default all */
wolfSSL 0:1239e9b70ca2 525 #define CYASSL_RSA_F4 0x10001L
wolfSSL 0:1239e9b70ca2 526
wolfSSL 0:1239e9b70ca2 527 enum {
wolfSSL 0:1239e9b70ca2 528 OCSP_NOCERTS = 1,
wolfSSL 0:1239e9b70ca2 529 OCSP_NOINTERN = 2,
wolfSSL 0:1239e9b70ca2 530 OCSP_NOSIGS = 4,
wolfSSL 0:1239e9b70ca2 531 OCSP_NOCHAIN = 8,
wolfSSL 0:1239e9b70ca2 532 OCSP_NOVERIFY = 16,
wolfSSL 0:1239e9b70ca2 533 OCSP_NOEXPLICIT = 32,
wolfSSL 0:1239e9b70ca2 534 OCSP_NOCASIGN = 64,
wolfSSL 0:1239e9b70ca2 535 OCSP_NODELEGATED = 128,
wolfSSL 0:1239e9b70ca2 536 OCSP_NOCHECKS = 256,
wolfSSL 0:1239e9b70ca2 537 OCSP_TRUSTOTHER = 512,
wolfSSL 0:1239e9b70ca2 538 OCSP_RESPID_KEY = 1024,
wolfSSL 0:1239e9b70ca2 539 OCSP_NOTIME = 2048,
wolfSSL 0:1239e9b70ca2 540
wolfSSL 0:1239e9b70ca2 541 OCSP_CERTID = 2,
wolfSSL 0:1239e9b70ca2 542 OCSP_REQUEST = 4,
wolfSSL 0:1239e9b70ca2 543 OCSP_RESPONSE = 8,
wolfSSL 0:1239e9b70ca2 544 OCSP_BASICRESP = 16,
wolfSSL 0:1239e9b70ca2 545
wolfSSL 0:1239e9b70ca2 546 CYASSL_OCSP_URL_OVERRIDE = 1,
wolfSSL 0:1239e9b70ca2 547 CYASSL_OCSP_NO_NONCE = 2,
wolfSSL 0:1239e9b70ca2 548
wolfSSL 0:1239e9b70ca2 549 CYASSL_CRL_CHECKALL = 1,
wolfSSL 0:1239e9b70ca2 550
wolfSSL 0:1239e9b70ca2 551 ASN1_GENERALIZEDTIME = 4,
wolfSSL 0:1239e9b70ca2 552
wolfSSL 0:1239e9b70ca2 553 SSL_OP_MICROSOFT_SESS_ID_BUG = 1,
wolfSSL 0:1239e9b70ca2 554 SSL_OP_NETSCAPE_CHALLENGE_BUG = 2,
wolfSSL 0:1239e9b70ca2 555 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3,
wolfSSL 0:1239e9b70ca2 556 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4,
wolfSSL 0:1239e9b70ca2 557 SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5,
wolfSSL 0:1239e9b70ca2 558 SSL_OP_MSIE_SSLV2_RSA_PADDING = 6,
wolfSSL 0:1239e9b70ca2 559 SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7,
wolfSSL 0:1239e9b70ca2 560 SSL_OP_TLS_D5_BUG = 8,
wolfSSL 0:1239e9b70ca2 561 SSL_OP_TLS_BLOCK_PADDING_BUG = 9,
wolfSSL 0:1239e9b70ca2 562 SSL_OP_TLS_ROLLBACK_BUG = 10,
wolfSSL 0:1239e9b70ca2 563 SSL_OP_ALL = 11,
wolfSSL 0:1239e9b70ca2 564 SSL_OP_EPHEMERAL_RSA = 12,
wolfSSL 0:1239e9b70ca2 565 SSL_OP_NO_SSLv3 = 13,
wolfSSL 0:1239e9b70ca2 566 SSL_OP_NO_TLSv1 = 14,
wolfSSL 0:1239e9b70ca2 567 SSL_OP_PKCS1_CHECK_1 = 15,
wolfSSL 0:1239e9b70ca2 568 SSL_OP_PKCS1_CHECK_2 = 16,
wolfSSL 0:1239e9b70ca2 569 SSL_OP_NETSCAPE_CA_DN_BUG = 17,
wolfSSL 0:1239e9b70ca2 570 SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18,
wolfSSL 0:1239e9b70ca2 571 SSL_OP_SINGLE_DH_USE = 19,
wolfSSL 0:1239e9b70ca2 572 SSL_OP_NO_TICKET = 20,
wolfSSL 0:1239e9b70ca2 573 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21,
wolfSSL 0:1239e9b70ca2 574 SSL_OP_NO_QUERY_MTU = 22,
wolfSSL 0:1239e9b70ca2 575 SSL_OP_COOKIE_EXCHANGE = 23,
wolfSSL 0:1239e9b70ca2 576 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24,
wolfSSL 0:1239e9b70ca2 577 SSL_OP_SINGLE_ECDH_USE = 25,
wolfSSL 0:1239e9b70ca2 578 SSL_OP_CIPHER_SERVER_PREFERENCE = 26,
wolfSSL 0:1239e9b70ca2 579
wolfSSL 0:1239e9b70ca2 580 SSL_MAX_SSL_SESSION_ID_LENGTH = 32,
wolfSSL 0:1239e9b70ca2 581
wolfSSL 0:1239e9b70ca2 582 EVP_R_BAD_DECRYPT = 2,
wolfSSL 0:1239e9b70ca2 583
wolfSSL 0:1239e9b70ca2 584 SSL_CB_LOOP = 4,
wolfSSL 0:1239e9b70ca2 585 SSL_ST_CONNECT = 5,
wolfSSL 0:1239e9b70ca2 586 SSL_ST_ACCEPT = 6,
wolfSSL 0:1239e9b70ca2 587 SSL_CB_ALERT = 7,
wolfSSL 0:1239e9b70ca2 588 SSL_CB_READ = 8,
wolfSSL 0:1239e9b70ca2 589 SSL_CB_HANDSHAKE_DONE = 9,
wolfSSL 0:1239e9b70ca2 590
wolfSSL 0:1239e9b70ca2 591 SSL_MODE_ENABLE_PARTIAL_WRITE = 2,
wolfSSL 0:1239e9b70ca2 592
wolfSSL 0:1239e9b70ca2 593 BIO_FLAGS_BASE64_NO_NL = 1,
wolfSSL 0:1239e9b70ca2 594 BIO_CLOSE = 1,
wolfSSL 0:1239e9b70ca2 595 BIO_NOCLOSE = 0,
wolfSSL 0:1239e9b70ca2 596
wolfSSL 0:1239e9b70ca2 597 NID_undef = 0,
wolfSSL 0:1239e9b70ca2 598
wolfSSL 0:1239e9b70ca2 599 X509_FILETYPE_PEM = 8,
wolfSSL 0:1239e9b70ca2 600 X509_LU_X509 = 9,
wolfSSL 0:1239e9b70ca2 601 X509_LU_CRL = 12,
wolfSSL 0:1239e9b70ca2 602
wolfSSL 0:1239e9b70ca2 603 X509_V_ERR_CRL_SIGNATURE_FAILURE = 13,
wolfSSL 0:1239e9b70ca2 604 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14,
wolfSSL 0:1239e9b70ca2 605 X509_V_ERR_CRL_HAS_EXPIRED = 15,
wolfSSL 0:1239e9b70ca2 606 X509_V_ERR_CERT_REVOKED = 16,
wolfSSL 0:1239e9b70ca2 607 X509_V_ERR_CERT_CHAIN_TOO_LONG = 17,
wolfSSL 0:1239e9b70ca2 608 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18,
wolfSSL 0:1239e9b70ca2 609 X509_V_ERR_CERT_NOT_YET_VALID = 19,
wolfSSL 0:1239e9b70ca2 610 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20,
wolfSSL 0:1239e9b70ca2 611 X509_V_ERR_CERT_HAS_EXPIRED = 21,
wolfSSL 0:1239e9b70ca2 612 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22,
wolfSSL 0:1239e9b70ca2 613
wolfSSL 0:1239e9b70ca2 614 X509_V_OK = 0,
wolfSSL 0:1239e9b70ca2 615
wolfSSL 0:1239e9b70ca2 616 CRYPTO_LOCK = 1,
wolfSSL 0:1239e9b70ca2 617 CRYPTO_NUM_LOCKS = 10
wolfSSL 0:1239e9b70ca2 618 };
wolfSSL 0:1239e9b70ca2 619
wolfSSL 0:1239e9b70ca2 620 /* extras end */
wolfSSL 0:1239e9b70ca2 621
wolfSSL 0:1239e9b70ca2 622 #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
wolfSSL 0:1239e9b70ca2 623 /* CyaSSL extension, provide last error from SSL_get_error
wolfSSL 0:1239e9b70ca2 624 since not using thread storage error queue */
wolfSSL 0:1239e9b70ca2 625 CYASSL_API void CyaSSL_ERR_print_errors_fp(FILE*, int err);
wolfSSL 0:1239e9b70ca2 626 #endif
wolfSSL 0:1239e9b70ca2 627
wolfSSL 0:1239e9b70ca2 628 enum { /* ssl Constants */
wolfSSL 0:1239e9b70ca2 629 SSL_ERROR_NONE = 0, /* for most functions */
wolfSSL 0:1239e9b70ca2 630 SSL_FAILURE = 0, /* for some functions */
wolfSSL 0:1239e9b70ca2 631 SSL_SUCCESS = 1,
wolfSSL 0:1239e9b70ca2 632
wolfSSL 0:1239e9b70ca2 633 SSL_BAD_CERTTYPE = -8,
wolfSSL 0:1239e9b70ca2 634 SSL_BAD_STAT = -7,
wolfSSL 0:1239e9b70ca2 635 SSL_BAD_PATH = -6,
wolfSSL 0:1239e9b70ca2 636 SSL_BAD_FILETYPE = -5,
wolfSSL 0:1239e9b70ca2 637 SSL_BAD_FILE = -4,
wolfSSL 0:1239e9b70ca2 638 SSL_NOT_IMPLEMENTED = -3,
wolfSSL 0:1239e9b70ca2 639 SSL_UNKNOWN = -2,
wolfSSL 0:1239e9b70ca2 640 SSL_FATAL_ERROR = -1,
wolfSSL 0:1239e9b70ca2 641
wolfSSL 0:1239e9b70ca2 642 SSL_FILETYPE_ASN1 = 2,
wolfSSL 0:1239e9b70ca2 643 SSL_FILETYPE_PEM = 1,
wolfSSL 0:1239e9b70ca2 644 SSL_FILETYPE_DEFAULT = 2, /* ASN1 */
wolfSSL 0:1239e9b70ca2 645 SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */
wolfSSL 0:1239e9b70ca2 646
wolfSSL 0:1239e9b70ca2 647 SSL_VERIFY_NONE = 0,
wolfSSL 0:1239e9b70ca2 648 SSL_VERIFY_PEER = 1,
wolfSSL 0:1239e9b70ca2 649 SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2,
wolfSSL 0:1239e9b70ca2 650 SSL_VERIFY_CLIENT_ONCE = 4,
wolfSSL 0:1239e9b70ca2 651
wolfSSL 0:1239e9b70ca2 652 SSL_SESS_CACHE_OFF = 30,
wolfSSL 0:1239e9b70ca2 653 SSL_SESS_CACHE_CLIENT = 31,
wolfSSL 0:1239e9b70ca2 654 SSL_SESS_CACHE_SERVER = 32,
wolfSSL 0:1239e9b70ca2 655 SSL_SESS_CACHE_BOTH = 33,
wolfSSL 0:1239e9b70ca2 656 SSL_SESS_CACHE_NO_AUTO_CLEAR = 34,
wolfSSL 0:1239e9b70ca2 657 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35,
wolfSSL 0:1239e9b70ca2 658
wolfSSL 0:1239e9b70ca2 659 SSL_ERROR_WANT_READ = 2,
wolfSSL 0:1239e9b70ca2 660 SSL_ERROR_WANT_WRITE = 3,
wolfSSL 0:1239e9b70ca2 661 SSL_ERROR_WANT_CONNECT = 7,
wolfSSL 0:1239e9b70ca2 662 SSL_ERROR_WANT_ACCEPT = 8,
wolfSSL 0:1239e9b70ca2 663 SSL_ERROR_SYSCALL = 5,
wolfSSL 0:1239e9b70ca2 664 SSL_ERROR_WANT_X509_LOOKUP = 83,
wolfSSL 0:1239e9b70ca2 665 SSL_ERROR_ZERO_RETURN = 6,
wolfSSL 0:1239e9b70ca2 666 SSL_ERROR_SSL = 85,
wolfSSL 0:1239e9b70ca2 667
wolfSSL 0:1239e9b70ca2 668 SSL_SENT_SHUTDOWN = 1,
wolfSSL 0:1239e9b70ca2 669 SSL_RECEIVED_SHUTDOWN = 2,
wolfSSL 0:1239e9b70ca2 670 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4,
wolfSSL 0:1239e9b70ca2 671 SSL_OP_NO_SSLv2 = 8,
wolfSSL 0:1239e9b70ca2 672
wolfSSL 0:1239e9b70ca2 673 SSL_R_SSL_HANDSHAKE_FAILURE = 101,
wolfSSL 0:1239e9b70ca2 674 SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102,
wolfSSL 0:1239e9b70ca2 675 SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103,
wolfSSL 0:1239e9b70ca2 676 SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104,
wolfSSL 0:1239e9b70ca2 677
wolfSSL 0:1239e9b70ca2 678 PEM_BUFSIZE = 1024
wolfSSL 0:1239e9b70ca2 679 };
wolfSSL 0:1239e9b70ca2 680
wolfSSL 0:1239e9b70ca2 681
wolfSSL 0:1239e9b70ca2 682 #ifndef NO_PSK
wolfSSL 0:1239e9b70ca2 683 typedef unsigned int (*psk_client_callback)(CYASSL*, const char*, char*,
wolfSSL 0:1239e9b70ca2 684 unsigned int, unsigned char*, unsigned int);
wolfSSL 0:1239e9b70ca2 685 CYASSL_API void CyaSSL_CTX_set_psk_client_callback(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 686 psk_client_callback);
wolfSSL 0:1239e9b70ca2 687 CYASSL_API void CyaSSL_set_psk_client_callback(CYASSL*,psk_client_callback);
wolfSSL 0:1239e9b70ca2 688
wolfSSL 0:1239e9b70ca2 689 CYASSL_API const char* CyaSSL_get_psk_identity_hint(const CYASSL*);
wolfSSL 0:1239e9b70ca2 690 CYASSL_API const char* CyaSSL_get_psk_identity(const CYASSL*);
wolfSSL 0:1239e9b70ca2 691
wolfSSL 0:1239e9b70ca2 692 CYASSL_API int CyaSSL_CTX_use_psk_identity_hint(CYASSL_CTX*, const char*);
wolfSSL 0:1239e9b70ca2 693 CYASSL_API int CyaSSL_use_psk_identity_hint(CYASSL*, const char*);
wolfSSL 0:1239e9b70ca2 694
wolfSSL 0:1239e9b70ca2 695 typedef unsigned int (*psk_server_callback)(CYASSL*, const char*,
wolfSSL 0:1239e9b70ca2 696 unsigned char*, unsigned int);
wolfSSL 0:1239e9b70ca2 697 CYASSL_API void CyaSSL_CTX_set_psk_server_callback(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 698 psk_server_callback);
wolfSSL 0:1239e9b70ca2 699 CYASSL_API void CyaSSL_set_psk_server_callback(CYASSL*,psk_server_callback);
wolfSSL 0:1239e9b70ca2 700
wolfSSL 0:1239e9b70ca2 701 #define PSK_TYPES_DEFINED
wolfSSL 0:1239e9b70ca2 702 #endif /* NO_PSK */
wolfSSL 0:1239e9b70ca2 703
wolfSSL 0:1239e9b70ca2 704
wolfSSL 0:1239e9b70ca2 705 /* extra begins */
wolfSSL 0:1239e9b70ca2 706
wolfSSL 0:1239e9b70ca2 707 enum { /* ERR Constants */
wolfSSL 0:1239e9b70ca2 708 ERR_TXT_STRING = 1
wolfSSL 0:1239e9b70ca2 709 };
wolfSSL 0:1239e9b70ca2 710
wolfSSL 0:1239e9b70ca2 711 CYASSL_API unsigned long CyaSSL_ERR_get_error_line_data(const char**, int*,
wolfSSL 0:1239e9b70ca2 712 const char**, int *);
wolfSSL 0:1239e9b70ca2 713
wolfSSL 0:1239e9b70ca2 714 CYASSL_API unsigned long CyaSSL_ERR_get_error(void);
wolfSSL 0:1239e9b70ca2 715 CYASSL_API void CyaSSL_ERR_clear_error(void);
wolfSSL 0:1239e9b70ca2 716
wolfSSL 0:1239e9b70ca2 717
wolfSSL 0:1239e9b70ca2 718 CYASSL_API int CyaSSL_RAND_status(void);
wolfSSL 0:1239e9b70ca2 719 CYASSL_API int CyaSSL_RAND_bytes(unsigned char* buf, int num);
wolfSSL 0:1239e9b70ca2 720 CYASSL_API CYASSL_METHOD *CyaSSLv23_server_method(void);
wolfSSL 0:1239e9b70ca2 721 CYASSL_API long CyaSSL_CTX_set_options(CYASSL_CTX*, long);
wolfSSL 0:1239e9b70ca2 722 #ifndef NO_CERTS
wolfSSL 0:1239e9b70ca2 723 CYASSL_API int CyaSSL_CTX_check_private_key(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 724 #endif /* !NO_CERTS */
wolfSSL 0:1239e9b70ca2 725
wolfSSL 0:1239e9b70ca2 726 CYASSL_API void CyaSSL_ERR_free_strings(void);
wolfSSL 0:1239e9b70ca2 727 CYASSL_API void CyaSSL_ERR_remove_state(unsigned long);
wolfSSL 0:1239e9b70ca2 728 CYASSL_API void CyaSSL_EVP_cleanup(void);
wolfSSL 0:1239e9b70ca2 729
wolfSSL 0:1239e9b70ca2 730 CYASSL_API void CyaSSL_cleanup_all_ex_data(void);
wolfSSL 0:1239e9b70ca2 731 CYASSL_API long CyaSSL_CTX_set_mode(CYASSL_CTX* ctx, long mode);
wolfSSL 0:1239e9b70ca2 732 CYASSL_API long CyaSSL_CTX_get_mode(CYASSL_CTX* ctx);
wolfSSL 0:1239e9b70ca2 733 CYASSL_API void CyaSSL_CTX_set_default_read_ahead(CYASSL_CTX* ctx, int m);
wolfSSL 0:1239e9b70ca2 734
wolfSSL 0:1239e9b70ca2 735 CYASSL_API long CyaSSL_CTX_sess_set_cache_size(CYASSL_CTX*, long);
wolfSSL 0:1239e9b70ca2 736
wolfSSL 0:1239e9b70ca2 737 CYASSL_API int CyaSSL_CTX_set_default_verify_paths(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 738 CYASSL_API int CyaSSL_CTX_set_session_id_context(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 739 const unsigned char*, unsigned int);
wolfSSL 0:1239e9b70ca2 740 CYASSL_API CYASSL_X509* CyaSSL_get_peer_certificate(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 741
wolfSSL 0:1239e9b70ca2 742 CYASSL_API int CyaSSL_want_read(CYASSL*);
wolfSSL 0:1239e9b70ca2 743 CYASSL_API int CyaSSL_want_write(CYASSL*);
wolfSSL 0:1239e9b70ca2 744
wolfSSL 0:1239e9b70ca2 745 CYASSL_API int CyaSSL_BIO_printf(CYASSL_BIO*, const char*, ...);
wolfSSL 0:1239e9b70ca2 746 CYASSL_API int CyaSSL_ASN1_UTCTIME_print(CYASSL_BIO*,
wolfSSL 0:1239e9b70ca2 747 const CYASSL_ASN1_UTCTIME*);
wolfSSL 0:1239e9b70ca2 748 CYASSL_API int CyaSSL_sk_num(CYASSL_X509_REVOKED*);
wolfSSL 0:1239e9b70ca2 749 CYASSL_API void* CyaSSL_sk_value(CYASSL_X509_REVOKED*, int);
wolfSSL 0:1239e9b70ca2 750
wolfSSL 0:1239e9b70ca2 751 /* stunnel 4.28 needs */
wolfSSL 0:1239e9b70ca2 752 CYASSL_API void* CyaSSL_CTX_get_ex_data(const CYASSL_CTX*, int);
wolfSSL 0:1239e9b70ca2 753 CYASSL_API int CyaSSL_CTX_set_ex_data(CYASSL_CTX*, int, void*);
wolfSSL 0:1239e9b70ca2 754 CYASSL_API void CyaSSL_CTX_sess_set_get_cb(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 755 CYASSL_SESSION*(*f)(CYASSL*, unsigned char*, int, int*));
wolfSSL 0:1239e9b70ca2 756 CYASSL_API void CyaSSL_CTX_sess_set_new_cb(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 757 int (*f)(CYASSL*, CYASSL_SESSION*));
wolfSSL 0:1239e9b70ca2 758 CYASSL_API void CyaSSL_CTX_sess_set_remove_cb(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 759 void (*f)(CYASSL_CTX*, CYASSL_SESSION*));
wolfSSL 0:1239e9b70ca2 760
wolfSSL 0:1239e9b70ca2 761 CYASSL_API int CyaSSL_i2d_SSL_SESSION(CYASSL_SESSION*,unsigned char**);
wolfSSL 0:1239e9b70ca2 762 CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**,
wolfSSL 0:1239e9b70ca2 763 const unsigned char**, long);
wolfSSL 0:1239e9b70ca2 764
wolfSSL 0:1239e9b70ca2 765 CYASSL_API long CyaSSL_SESSION_get_timeout(const CYASSL_SESSION*);
wolfSSL 0:1239e9b70ca2 766 CYASSL_API long CyaSSL_SESSION_get_time(const CYASSL_SESSION*);
wolfSSL 0:1239e9b70ca2 767 CYASSL_API int CyaSSL_CTX_get_ex_new_index(long, void*, void*, void*, void*);
wolfSSL 0:1239e9b70ca2 768
wolfSSL 0:1239e9b70ca2 769 /* extra ends */
wolfSSL 0:1239e9b70ca2 770
wolfSSL 0:1239e9b70ca2 771
wolfSSL 0:1239e9b70ca2 772 /* CyaSSL extensions */
wolfSSL 0:1239e9b70ca2 773
wolfSSL 0:1239e9b70ca2 774 /* call before SSL_connect, if verifying will add name check to
wolfSSL 0:1239e9b70ca2 775 date check and signature check */
wolfSSL 0:1239e9b70ca2 776 CYASSL_API int CyaSSL_check_domain_name(CYASSL* ssl, const char* dn);
wolfSSL 0:1239e9b70ca2 777
wolfSSL 0:1239e9b70ca2 778 /* need to call once to load library (session cache) */
wolfSSL 0:1239e9b70ca2 779 CYASSL_API int CyaSSL_Init(void);
wolfSSL 0:1239e9b70ca2 780 /* call when done to cleanup/free session cache mutex / resources */
wolfSSL 0:1239e9b70ca2 781 CYASSL_API int CyaSSL_Cleanup(void);
wolfSSL 0:1239e9b70ca2 782
wolfSSL 0:1239e9b70ca2 783 /* turn logging on, only if compiled in */
wolfSSL 0:1239e9b70ca2 784 CYASSL_API int CyaSSL_Debugging_ON(void);
wolfSSL 0:1239e9b70ca2 785 /* turn logging off */
wolfSSL 0:1239e9b70ca2 786 CYASSL_API void CyaSSL_Debugging_OFF(void);
wolfSSL 0:1239e9b70ca2 787
wolfSSL 0:1239e9b70ca2 788 /* do accept or connect depedning on side */
wolfSSL 0:1239e9b70ca2 789 CYASSL_API int CyaSSL_negotiate(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 790 /* turn on CyaSSL data compression */
wolfSSL 0:1239e9b70ca2 791 CYASSL_API int CyaSSL_set_compression(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 792
wolfSSL 0:1239e9b70ca2 793 CYASSL_API int CyaSSL_set_timeout(CYASSL*, unsigned int);
wolfSSL 0:1239e9b70ca2 794 CYASSL_API int CyaSSL_CTX_set_timeout(CYASSL_CTX*, unsigned int);
wolfSSL 0:1239e9b70ca2 795
wolfSSL 0:1239e9b70ca2 796 /* get CyaSSL peer X509_CHAIN */
wolfSSL 0:1239e9b70ca2 797 CYASSL_API CYASSL_X509_CHAIN* CyaSSL_get_peer_chain(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 798 /* peer chain count */
wolfSSL 0:1239e9b70ca2 799 CYASSL_API int CyaSSL_get_chain_count(CYASSL_X509_CHAIN* chain);
wolfSSL 0:1239e9b70ca2 800 /* index cert length */
wolfSSL 0:1239e9b70ca2 801 CYASSL_API int CyaSSL_get_chain_length(CYASSL_X509_CHAIN*, int idx);
wolfSSL 0:1239e9b70ca2 802 /* index cert */
wolfSSL 0:1239e9b70ca2 803 CYASSL_API unsigned char* CyaSSL_get_chain_cert(CYASSL_X509_CHAIN*, int idx);
wolfSSL 0:1239e9b70ca2 804 /* index cert in X509 */
wolfSSL 0:1239e9b70ca2 805 CYASSL_API CYASSL_X509* CyaSSL_get_chain_X509(CYASSL_X509_CHAIN*, int idx);
wolfSSL 0:1239e9b70ca2 806 /* free X509 */
wolfSSL 0:1239e9b70ca2 807 CYASSL_API void CyaSSL_FreeX509(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 808 /* get index cert in PEM */
wolfSSL 0:1239e9b70ca2 809 CYASSL_API int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN*, int idx,
wolfSSL 0:1239e9b70ca2 810 unsigned char* buffer, int inLen, int* outLen);
wolfSSL 0:1239e9b70ca2 811 CYASSL_API const unsigned char* CyaSSL_get_sessionID(const CYASSL_SESSION* s);
wolfSSL 0:1239e9b70ca2 812 CYASSL_API int CyaSSL_X509_get_serial_number(CYASSL_X509*,unsigned char*,int*);
wolfSSL 0:1239e9b70ca2 813 CYASSL_API char* CyaSSL_X509_get_subjectCN(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 814 CYASSL_API const unsigned char* CyaSSL_X509_get_der(CYASSL_X509*, int*);
wolfSSL 0:1239e9b70ca2 815 CYASSL_API const unsigned char* CyaSSL_X509_notBefore(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 816 CYASSL_API const unsigned char* CyaSSL_X509_notAfter(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 817 CYASSL_API int CyaSSL_X509_version(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 818 CYASSL_API
wolfSSL 0:1239e9b70ca2 819
wolfSSL 0:1239e9b70ca2 820 CYASSL_API int CyaSSL_cmp_peer_cert_to_file(CYASSL*, const char*);
wolfSSL 0:1239e9b70ca2 821
wolfSSL 0:1239e9b70ca2 822 CYASSL_API char* CyaSSL_X509_get_next_altname(CYASSL_X509*);
wolfSSL 0:1239e9b70ca2 823
wolfSSL 0:1239e9b70ca2 824 CYASSL_API CYASSL_X509*
wolfSSL 0:1239e9b70ca2 825 CyaSSL_X509_d2i(CYASSL_X509** x509, const unsigned char* in, int len);
wolfSSL 0:1239e9b70ca2 826 #ifndef NO_FILESYSTEM
wolfSSL 0:1239e9b70ca2 827 #ifndef NO_STDIO_FILESYSTEM
wolfSSL 0:1239e9b70ca2 828 CYASSL_API CYASSL_X509*
wolfSSL 0:1239e9b70ca2 829 CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file);
wolfSSL 0:1239e9b70ca2 830 #endif
wolfSSL 0:1239e9b70ca2 831 CYASSL_API CYASSL_X509*
wolfSSL 0:1239e9b70ca2 832 CyaSSL_X509_load_certificate_file(const char* fname, int format);
wolfSSL 0:1239e9b70ca2 833 #endif
wolfSSL 0:1239e9b70ca2 834
wolfSSL 0:1239e9b70ca2 835 #ifdef CYASSL_SEP
wolfSSL 0:1239e9b70ca2 836 CYASSL_API unsigned char*
wolfSSL 0:1239e9b70ca2 837 CyaSSL_X509_get_device_type(CYASSL_X509*, unsigned char*, int*);
wolfSSL 0:1239e9b70ca2 838 CYASSL_API unsigned char*
wolfSSL 0:1239e9b70ca2 839 CyaSSL_X509_get_hw_type(CYASSL_X509*, unsigned char*, int*);
wolfSSL 0:1239e9b70ca2 840 CYASSL_API unsigned char*
wolfSSL 0:1239e9b70ca2 841 CyaSSL_X509_get_hw_serial_number(CYASSL_X509*, unsigned char*, int*);
wolfSSL 0:1239e9b70ca2 842 #endif
wolfSSL 0:1239e9b70ca2 843
wolfSSL 0:1239e9b70ca2 844 /* connect enough to get peer cert */
wolfSSL 0:1239e9b70ca2 845 CYASSL_API int CyaSSL_connect_cert(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 846
wolfSSL 0:1239e9b70ca2 847 /* XXX This should be #ifndef NO_DH */
wolfSSL 0:1239e9b70ca2 848 #ifndef NO_CERTS
wolfSSL 0:1239e9b70ca2 849 /* server Diffie-Hellman parameters */
wolfSSL 0:1239e9b70ca2 850 CYASSL_API int CyaSSL_SetTmpDH(CYASSL*, const unsigned char* p, int pSz,
wolfSSL 0:1239e9b70ca2 851 const unsigned char* g, int gSz);
wolfSSL 0:1239e9b70ca2 852 CYASSL_API int CyaSSL_SetTmpDH_buffer(CYASSL*, const unsigned char* b, long sz,
wolfSSL 0:1239e9b70ca2 853 int format);
wolfSSL 0:1239e9b70ca2 854 CYASSL_API int CyaSSL_SetTmpEC_DHE_Sz(CYASSL*, unsigned short);
wolfSSL 0:1239e9b70ca2 855 #ifndef NO_FILESYSTEM
wolfSSL 0:1239e9b70ca2 856 CYASSL_API int CyaSSL_SetTmpDH_file(CYASSL*, const char* f, int format);
wolfSSL 0:1239e9b70ca2 857 #endif
wolfSSL 0:1239e9b70ca2 858
wolfSSL 0:1239e9b70ca2 859 /* server ctx Diffie-Hellman parameters */
wolfSSL 0:1239e9b70ca2 860 CYASSL_API int CyaSSL_CTX_SetTmpDH(CYASSL_CTX*, const unsigned char* p,
wolfSSL 0:1239e9b70ca2 861 int pSz, const unsigned char* g, int gSz);
wolfSSL 0:1239e9b70ca2 862 CYASSL_API int CyaSSL_CTX_SetTmpDH_buffer(CYASSL_CTX*, const unsigned char* b,
wolfSSL 0:1239e9b70ca2 863 long sz, int format);
wolfSSL 0:1239e9b70ca2 864 CYASSL_API int CyaSSL_CTX_SetTmpEC_DHE_Sz(CYASSL_CTX*, unsigned short);
wolfSSL 0:1239e9b70ca2 865
wolfSSL 0:1239e9b70ca2 866 #ifndef NO_FILESYSTEM
wolfSSL 0:1239e9b70ca2 867 CYASSL_API int CyaSSL_CTX_SetTmpDH_file(CYASSL_CTX*, const char* f,
wolfSSL 0:1239e9b70ca2 868 int format);
wolfSSL 0:1239e9b70ca2 869 #endif
wolfSSL 0:1239e9b70ca2 870 #endif
wolfSSL 0:1239e9b70ca2 871
wolfSSL 0:1239e9b70ca2 872 /* keyblock size in bytes or -1 */
wolfSSL 0:1239e9b70ca2 873 /* need to call CyaSSL_KeepArrays before handshake to save keys */
wolfSSL 0:1239e9b70ca2 874 CYASSL_API int CyaSSL_get_keyblock_size(CYASSL*);
wolfSSL 0:1239e9b70ca2 875 CYASSL_API int CyaSSL_get_keys(CYASSL*,unsigned char** ms, unsigned int* msLen,
wolfSSL 0:1239e9b70ca2 876 unsigned char** sr, unsigned int* srLen,
wolfSSL 0:1239e9b70ca2 877 unsigned char** cr, unsigned int* crLen);
wolfSSL 0:1239e9b70ca2 878
wolfSSL 0:1239e9b70ca2 879 /* Computes EAP-TLS and EAP-TTLS keying material from the master_secret. */
wolfSSL 0:1239e9b70ca2 880 CYASSL_API int CyaSSL_make_eap_keys(CYASSL*, void* key, unsigned int len,
wolfSSL 0:1239e9b70ca2 881 const char* label);
wolfSSL 0:1239e9b70ca2 882
wolfSSL 0:1239e9b70ca2 883
wolfSSL 0:1239e9b70ca2 884 #ifndef _WIN32
wolfSSL 0:1239e9b70ca2 885 #ifndef NO_WRITEV
wolfSSL 0:1239e9b70ca2 886 #ifdef __PPU
wolfSSL 0:1239e9b70ca2 887 #include <sys/types.h>
wolfSSL 0:1239e9b70ca2 888 #include <sys/socket.h>
wolfSSL 0:1239e9b70ca2 889 #elif !defined(CYASSL_MDK_ARM)
wolfSSL 0:1239e9b70ca2 890 #include <sys/uio.h>
wolfSSL 0:1239e9b70ca2 891 #endif
wolfSSL 0:1239e9b70ca2 892 /* allow writev style writing */
wolfSSL 0:1239e9b70ca2 893 CYASSL_API int CyaSSL_writev(CYASSL* ssl, const struct iovec* iov,
wolfSSL 0:1239e9b70ca2 894 int iovcnt);
wolfSSL 0:1239e9b70ca2 895 #endif
wolfSSL 0:1239e9b70ca2 896 #endif
wolfSSL 0:1239e9b70ca2 897
wolfSSL 0:1239e9b70ca2 898
wolfSSL 0:1239e9b70ca2 899 #ifndef NO_CERTS
wolfSSL 0:1239e9b70ca2 900 /* SSL_CTX versions */
wolfSSL 0:1239e9b70ca2 901 CYASSL_API int CyaSSL_CTX_UnloadCAs(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 902 CYASSL_API int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 903 const unsigned char*, long, int);
wolfSSL 0:1239e9b70ca2 904 CYASSL_API int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 905 const unsigned char*, long, int);
wolfSSL 0:1239e9b70ca2 906 CYASSL_API int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 907 const unsigned char*, long, int);
wolfSSL 0:1239e9b70ca2 908 CYASSL_API int CyaSSL_CTX_use_certificate_chain_buffer(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 909 const unsigned char*, long);
wolfSSL 0:1239e9b70ca2 910
wolfSSL 0:1239e9b70ca2 911 /* SSL versions */
wolfSSL 0:1239e9b70ca2 912 CYASSL_API int CyaSSL_use_certificate_buffer(CYASSL*, const unsigned char*,
wolfSSL 0:1239e9b70ca2 913 long, int);
wolfSSL 0:1239e9b70ca2 914 CYASSL_API int CyaSSL_use_PrivateKey_buffer(CYASSL*, const unsigned char*,
wolfSSL 0:1239e9b70ca2 915 long, int);
wolfSSL 0:1239e9b70ca2 916 CYASSL_API int CyaSSL_use_certificate_chain_buffer(CYASSL*,
wolfSSL 0:1239e9b70ca2 917 const unsigned char*, long);
wolfSSL 0:1239e9b70ca2 918 CYASSL_API int CyaSSL_UnloadCertsKeys(CYASSL*);
wolfSSL 0:1239e9b70ca2 919 #endif
wolfSSL 0:1239e9b70ca2 920
wolfSSL 0:1239e9b70ca2 921 CYASSL_API int CyaSSL_CTX_set_group_messages(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 922 CYASSL_API int CyaSSL_set_group_messages(CYASSL*);
wolfSSL 0:1239e9b70ca2 923
wolfSSL 0:1239e9b70ca2 924 /* I/O callbacks */
wolfSSL 0:1239e9b70ca2 925 typedef int (*CallbackIORecv)(CYASSL *ssl, char *buf, int sz, void *ctx);
wolfSSL 0:1239e9b70ca2 926 typedef int (*CallbackIOSend)(CYASSL *ssl, char *buf, int sz, void *ctx);
wolfSSL 0:1239e9b70ca2 927
wolfSSL 0:1239e9b70ca2 928 CYASSL_API void CyaSSL_SetIORecv(CYASSL_CTX*, CallbackIORecv);
wolfSSL 0:1239e9b70ca2 929 CYASSL_API void CyaSSL_SetIOSend(CYASSL_CTX*, CallbackIOSend);
wolfSSL 0:1239e9b70ca2 930
wolfSSL 0:1239e9b70ca2 931 CYASSL_API void CyaSSL_SetIOReadCtx( CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 932 CYASSL_API void CyaSSL_SetIOWriteCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 933
wolfSSL 0:1239e9b70ca2 934 CYASSL_API void* CyaSSL_GetIOReadCtx( CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 935 CYASSL_API void* CyaSSL_GetIOWriteCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 936
wolfSSL 0:1239e9b70ca2 937 CYASSL_API void CyaSSL_SetIOReadFlags( CYASSL* ssl, int flags);
wolfSSL 0:1239e9b70ca2 938 CYASSL_API void CyaSSL_SetIOWriteFlags(CYASSL* ssl, int flags);
wolfSSL 0:1239e9b70ca2 939
wolfSSL 0:1239e9b70ca2 940 #ifdef HAVE_NETX
wolfSSL 0:1239e9b70ca2 941 CYASSL_API void CyaSSL_SetIO_NetX(CYASSL* ssl, NX_TCP_SOCKET* nxsocket,
wolfSSL 0:1239e9b70ca2 942 ULONG waitoption);
wolfSSL 0:1239e9b70ca2 943 #endif
wolfSSL 0:1239e9b70ca2 944
wolfSSL 0:1239e9b70ca2 945 typedef int (*CallbackGenCookie)(CYASSL* ssl, unsigned char* buf, int sz,
wolfSSL 0:1239e9b70ca2 946 void* ctx);
wolfSSL 0:1239e9b70ca2 947 CYASSL_API void CyaSSL_CTX_SetGenCookie(CYASSL_CTX*, CallbackGenCookie);
wolfSSL 0:1239e9b70ca2 948 CYASSL_API void CyaSSL_SetCookieCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 949 CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 950
wolfSSL 0:1239e9b70ca2 951
wolfSSL 0:1239e9b70ca2 952 /* I/O Callback default errors */
wolfSSL 0:1239e9b70ca2 953 enum IOerrors {
wolfSSL 0:1239e9b70ca2 954 CYASSL_CBIO_ERR_GENERAL = -1, /* general unexpected err */
wolfSSL 0:1239e9b70ca2 955 CYASSL_CBIO_ERR_WANT_READ = -2, /* need to call read again */
wolfSSL 0:1239e9b70ca2 956 CYASSL_CBIO_ERR_WANT_WRITE = -2, /* need to call write again */
wolfSSL 0:1239e9b70ca2 957 CYASSL_CBIO_ERR_CONN_RST = -3, /* connection reset */
wolfSSL 0:1239e9b70ca2 958 CYASSL_CBIO_ERR_ISR = -4, /* interrupt */
wolfSSL 0:1239e9b70ca2 959 CYASSL_CBIO_ERR_CONN_CLOSE = -5, /* connection closed or epipe */
wolfSSL 0:1239e9b70ca2 960 CYASSL_CBIO_ERR_TIMEOUT = -6 /* socket timeout */
wolfSSL 0:1239e9b70ca2 961 };
wolfSSL 0:1239e9b70ca2 962
wolfSSL 0:1239e9b70ca2 963
wolfSSL 0:1239e9b70ca2 964 /* CA cache callbacks */
wolfSSL 0:1239e9b70ca2 965 enum {
wolfSSL 0:1239e9b70ca2 966 CYASSL_SSLV3 = 0,
wolfSSL 0:1239e9b70ca2 967 CYASSL_TLSV1 = 1,
wolfSSL 0:1239e9b70ca2 968 CYASSL_TLSV1_1 = 2,
wolfSSL 0:1239e9b70ca2 969 CYASSL_TLSV1_2 = 3,
wolfSSL 0:1239e9b70ca2 970 CYASSL_USER_CA = 1, /* user added as trusted */
wolfSSL 0:1239e9b70ca2 971 CYASSL_CHAIN_CA = 2 /* added to cache from trusted chain */
wolfSSL 0:1239e9b70ca2 972 };
wolfSSL 0:1239e9b70ca2 973
wolfSSL 0:1239e9b70ca2 974 CYASSL_API int CyaSSL_GetObjectSize(void); /* object size based on build */
wolfSSL 0:1239e9b70ca2 975 CYASSL_API int CyaSSL_SetVersion(CYASSL* ssl, int version);
wolfSSL 0:1239e9b70ca2 976 CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*,
wolfSSL 0:1239e9b70ca2 977 int, const char*);
wolfSSL 0:1239e9b70ca2 978 CYASSL_API int CyaSSL_CertPemToDer(const unsigned char*, int sz, unsigned char*,
wolfSSL 0:1239e9b70ca2 979 int, int);
wolfSSL 0:1239e9b70ca2 980
wolfSSL 0:1239e9b70ca2 981 typedef void (*CallbackCACache)(unsigned char* der, int sz, int type);
wolfSSL 0:1239e9b70ca2 982 typedef void (*CbMissingCRL)(const char* url);
wolfSSL 0:1239e9b70ca2 983 typedef int (*CbOCSPIO)(void*, const char*, int,
wolfSSL 0:1239e9b70ca2 984 unsigned char*, int, unsigned char**);
wolfSSL 0:1239e9b70ca2 985 typedef void (*CbOCSPRespFree)(void*,unsigned char*);
wolfSSL 0:1239e9b70ca2 986
wolfSSL 0:1239e9b70ca2 987 /* User Atomic Record Layer CallBacks */
wolfSSL 0:1239e9b70ca2 988 typedef int (*CallbackMacEncrypt)(CYASSL* ssl, unsigned char* macOut,
wolfSSL 0:1239e9b70ca2 989 const unsigned char* macIn, unsigned int macInSz, int macContent,
wolfSSL 0:1239e9b70ca2 990 int macVerify, unsigned char* encOut, const unsigned char* encIn,
wolfSSL 0:1239e9b70ca2 991 unsigned int encSz, void* ctx);
wolfSSL 0:1239e9b70ca2 992 CYASSL_API void CyaSSL_CTX_SetMacEncryptCb(CYASSL_CTX*, CallbackMacEncrypt);
wolfSSL 0:1239e9b70ca2 993 CYASSL_API void CyaSSL_SetMacEncryptCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 994 CYASSL_API void* CyaSSL_GetMacEncryptCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 995
wolfSSL 0:1239e9b70ca2 996 typedef int (*CallbackDecryptVerify)(CYASSL* ssl,
wolfSSL 0:1239e9b70ca2 997 unsigned char* decOut, const unsigned char* decIn,
wolfSSL 0:1239e9b70ca2 998 unsigned int decSz, int content, int verify, unsigned int* padSz,
wolfSSL 0:1239e9b70ca2 999 void* ctx);
wolfSSL 0:1239e9b70ca2 1000 CYASSL_API void CyaSSL_CTX_SetDecryptVerifyCb(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 1001 CallbackDecryptVerify);
wolfSSL 0:1239e9b70ca2 1002 CYASSL_API void CyaSSL_SetDecryptVerifyCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 1003 CYASSL_API void* CyaSSL_GetDecryptVerifyCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 1004
wolfSSL 0:1239e9b70ca2 1005 CYASSL_API const unsigned char* CyaSSL_GetMacSecret(CYASSL*, int);
wolfSSL 0:1239e9b70ca2 1006 CYASSL_API const unsigned char* CyaSSL_GetClientWriteKey(CYASSL*);
wolfSSL 0:1239e9b70ca2 1007 CYASSL_API const unsigned char* CyaSSL_GetClientWriteIV(CYASSL*);
wolfSSL 0:1239e9b70ca2 1008 CYASSL_API const unsigned char* CyaSSL_GetServerWriteKey(CYASSL*);
wolfSSL 0:1239e9b70ca2 1009 CYASSL_API const unsigned char* CyaSSL_GetServerWriteIV(CYASSL*);
wolfSSL 0:1239e9b70ca2 1010 CYASSL_API int CyaSSL_GetKeySize(CYASSL*);
wolfSSL 0:1239e9b70ca2 1011 CYASSL_API int CyaSSL_GetIVSize(CYASSL*);
wolfSSL 0:1239e9b70ca2 1012 CYASSL_API int CyaSSL_GetSide(CYASSL*);
wolfSSL 0:1239e9b70ca2 1013 CYASSL_API int CyaSSL_IsTLSv1_1(CYASSL*);
wolfSSL 0:1239e9b70ca2 1014 CYASSL_API int CyaSSL_GetBulkCipher(CYASSL*);
wolfSSL 0:1239e9b70ca2 1015 CYASSL_API int CyaSSL_GetCipherBlockSize(CYASSL*);
wolfSSL 0:1239e9b70ca2 1016 CYASSL_API int CyaSSL_GetAeadMacSize(CYASSL*);
wolfSSL 0:1239e9b70ca2 1017 CYASSL_API int CyaSSL_GetHmacSize(CYASSL*);
wolfSSL 0:1239e9b70ca2 1018 CYASSL_API int CyaSSL_GetHmacType(CYASSL*);
wolfSSL 0:1239e9b70ca2 1019 CYASSL_API int CyaSSL_GetCipherType(CYASSL*);
wolfSSL 0:1239e9b70ca2 1020 CYASSL_API int CyaSSL_SetTlsHmacInner(CYASSL*, unsigned char*,
wolfSSL 0:1239e9b70ca2 1021 unsigned int, int, int);
wolfSSL 0:1239e9b70ca2 1022
wolfSSL 0:1239e9b70ca2 1023 /* Atomic User Needs */
wolfSSL 0:1239e9b70ca2 1024 enum {
wolfSSL 0:1239e9b70ca2 1025 CYASSL_SERVER_END = 0,
wolfSSL 0:1239e9b70ca2 1026 CYASSL_CLIENT_END = 1,
wolfSSL 0:1239e9b70ca2 1027 CYASSL_BLOCK_TYPE = 2,
wolfSSL 0:1239e9b70ca2 1028 CYASSL_STREAM_TYPE = 3,
wolfSSL 0:1239e9b70ca2 1029 CYASSL_AEAD_TYPE = 4,
wolfSSL 0:1239e9b70ca2 1030 CYASSL_TLS_HMAC_INNER_SZ = 13 /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */
wolfSSL 0:1239e9b70ca2 1031 };
wolfSSL 0:1239e9b70ca2 1032
wolfSSL 0:1239e9b70ca2 1033 /* for GetBulkCipher and internal use */
wolfSSL 0:1239e9b70ca2 1034 enum BulkCipherAlgorithm {
wolfSSL 0:1239e9b70ca2 1035 cyassl_cipher_null,
wolfSSL 0:1239e9b70ca2 1036 cyassl_rc4,
wolfSSL 0:1239e9b70ca2 1037 cyassl_rc2,
wolfSSL 0:1239e9b70ca2 1038 cyassl_des,
wolfSSL 0:1239e9b70ca2 1039 cyassl_triple_des, /* leading 3 (3des) not valid identifier */
wolfSSL 0:1239e9b70ca2 1040 cyassl_des40,
wolfSSL 0:1239e9b70ca2 1041 cyassl_idea,
wolfSSL 0:1239e9b70ca2 1042 cyassl_aes,
wolfSSL 0:1239e9b70ca2 1043 cyassl_aes_gcm,
wolfSSL 0:1239e9b70ca2 1044 cyassl_aes_ccm,
wolfSSL 0:1239e9b70ca2 1045 cyassl_camellia,
wolfSSL 0:1239e9b70ca2 1046 cyassl_hc128, /* CyaSSL extensions */
wolfSSL 0:1239e9b70ca2 1047 cyassl_rabbit
wolfSSL 0:1239e9b70ca2 1048 };
wolfSSL 0:1239e9b70ca2 1049
wolfSSL 0:1239e9b70ca2 1050
wolfSSL 0:1239e9b70ca2 1051 /* Public Key Callback support */
wolfSSL 0:1239e9b70ca2 1052 typedef int (*CallbackEccSign)(CYASSL* ssl,
wolfSSL 0:1239e9b70ca2 1053 const unsigned char* in, unsigned int inSz,
wolfSSL 0:1239e9b70ca2 1054 unsigned char* out, unsigned int* outSz,
wolfSSL 0:1239e9b70ca2 1055 const unsigned char* keyDer, unsigned int keySz,
wolfSSL 0:1239e9b70ca2 1056 void* ctx);
wolfSSL 0:1239e9b70ca2 1057 CYASSL_API void CyaSSL_CTX_SetEccSignCb(CYASSL_CTX*, CallbackEccSign);
wolfSSL 0:1239e9b70ca2 1058 CYASSL_API void CyaSSL_SetEccSignCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 1059 CYASSL_API void* CyaSSL_GetEccSignCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 1060
wolfSSL 0:1239e9b70ca2 1061 typedef int (*CallbackEccVerify)(CYASSL* ssl,
wolfSSL 0:1239e9b70ca2 1062 const unsigned char* sig, unsigned int sigSz,
wolfSSL 0:1239e9b70ca2 1063 const unsigned char* hash, unsigned int hashSz,
wolfSSL 0:1239e9b70ca2 1064 const unsigned char* keyDer, unsigned int keySz,
wolfSSL 0:1239e9b70ca2 1065 int* result, void* ctx);
wolfSSL 0:1239e9b70ca2 1066 CYASSL_API void CyaSSL_CTX_SetEccVerifyCb(CYASSL_CTX*, CallbackEccVerify);
wolfSSL 0:1239e9b70ca2 1067 CYASSL_API void CyaSSL_SetEccVerifyCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 1068 CYASSL_API void* CyaSSL_GetEccVerifyCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 1069
wolfSSL 0:1239e9b70ca2 1070 typedef int (*CallbackRsaSign)(CYASSL* ssl,
wolfSSL 0:1239e9b70ca2 1071 const unsigned char* in, unsigned int inSz,
wolfSSL 0:1239e9b70ca2 1072 unsigned char* out, unsigned int* outSz,
wolfSSL 0:1239e9b70ca2 1073 const unsigned char* keyDer, unsigned int keySz,
wolfSSL 0:1239e9b70ca2 1074 void* ctx);
wolfSSL 0:1239e9b70ca2 1075 CYASSL_API void CyaSSL_CTX_SetRsaSignCb(CYASSL_CTX*, CallbackRsaSign);
wolfSSL 0:1239e9b70ca2 1076 CYASSL_API void CyaSSL_SetRsaSignCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 1077 CYASSL_API void* CyaSSL_GetRsaSignCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 1078
wolfSSL 0:1239e9b70ca2 1079 typedef int (*CallbackRsaVerify)(CYASSL* ssl,
wolfSSL 0:1239e9b70ca2 1080 unsigned char* sig, unsigned int sigSz,
wolfSSL 0:1239e9b70ca2 1081 unsigned char** out,
wolfSSL 0:1239e9b70ca2 1082 const unsigned char* keyDer, unsigned int keySz,
wolfSSL 0:1239e9b70ca2 1083 void* ctx);
wolfSSL 0:1239e9b70ca2 1084 CYASSL_API void CyaSSL_CTX_SetRsaVerifyCb(CYASSL_CTX*, CallbackRsaVerify);
wolfSSL 0:1239e9b70ca2 1085 CYASSL_API void CyaSSL_SetRsaVerifyCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 1086 CYASSL_API void* CyaSSL_GetRsaVerifyCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 1087
wolfSSL 0:1239e9b70ca2 1088 /* RSA Public Encrypt cb */
wolfSSL 0:1239e9b70ca2 1089 typedef int (*CallbackRsaEnc)(CYASSL* ssl,
wolfSSL 0:1239e9b70ca2 1090 const unsigned char* in, unsigned int inSz,
wolfSSL 0:1239e9b70ca2 1091 unsigned char* out, unsigned int* outSz,
wolfSSL 0:1239e9b70ca2 1092 const unsigned char* keyDer, unsigned int keySz,
wolfSSL 0:1239e9b70ca2 1093 void* ctx);
wolfSSL 0:1239e9b70ca2 1094 CYASSL_API void CyaSSL_CTX_SetRsaEncCb(CYASSL_CTX*, CallbackRsaEnc);
wolfSSL 0:1239e9b70ca2 1095 CYASSL_API void CyaSSL_SetRsaEncCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 1096 CYASSL_API void* CyaSSL_GetRsaEncCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 1097
wolfSSL 0:1239e9b70ca2 1098 /* RSA Private Decrypt cb */
wolfSSL 0:1239e9b70ca2 1099 typedef int (*CallbackRsaDec)(CYASSL* ssl,
wolfSSL 0:1239e9b70ca2 1100 unsigned char* in, unsigned int inSz,
wolfSSL 0:1239e9b70ca2 1101 unsigned char** out,
wolfSSL 0:1239e9b70ca2 1102 const unsigned char* keyDer, unsigned int keySz,
wolfSSL 0:1239e9b70ca2 1103 void* ctx);
wolfSSL 0:1239e9b70ca2 1104 CYASSL_API void CyaSSL_CTX_SetRsaDecCb(CYASSL_CTX*, CallbackRsaDec);
wolfSSL 0:1239e9b70ca2 1105 CYASSL_API void CyaSSL_SetRsaDecCtx(CYASSL* ssl, void *ctx);
wolfSSL 0:1239e9b70ca2 1106 CYASSL_API void* CyaSSL_GetRsaDecCtx(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 1107
wolfSSL 0:1239e9b70ca2 1108
wolfSSL 0:1239e9b70ca2 1109 #ifndef NO_CERTS
wolfSSL 0:1239e9b70ca2 1110 CYASSL_API void CyaSSL_CTX_SetCACb(CYASSL_CTX*, CallbackCACache);
wolfSSL 0:1239e9b70ca2 1111
wolfSSL 0:1239e9b70ca2 1112 CYASSL_API CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void);
wolfSSL 0:1239e9b70ca2 1113 CYASSL_API void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER*);
wolfSSL 0:1239e9b70ca2 1114
wolfSSL 0:1239e9b70ca2 1115 CYASSL_API int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER*, const char* f,
wolfSSL 0:1239e9b70ca2 1116 const char* d);
wolfSSL 0:1239e9b70ca2 1117 CYASSL_API int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm);
wolfSSL 0:1239e9b70ca2 1118 CYASSL_API int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER*, const char* f,
wolfSSL 0:1239e9b70ca2 1119 int format);
wolfSSL 0:1239e9b70ca2 1120 CYASSL_API int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm,
wolfSSL 0:1239e9b70ca2 1121 const unsigned char* buff, long sz, int format);
wolfSSL 0:1239e9b70ca2 1122 CYASSL_API int CyaSSL_CertManagerCheckCRL(CYASSL_CERT_MANAGER*,
wolfSSL 0:1239e9b70ca2 1123 unsigned char*, int sz);
wolfSSL 0:1239e9b70ca2 1124 CYASSL_API int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER*,
wolfSSL 0:1239e9b70ca2 1125 int options);
wolfSSL 0:1239e9b70ca2 1126 CYASSL_API int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER*);
wolfSSL 0:1239e9b70ca2 1127 CYASSL_API int CyaSSL_CertManagerLoadCRL(CYASSL_CERT_MANAGER*, const char*,
wolfSSL 0:1239e9b70ca2 1128 int, int);
wolfSSL 0:1239e9b70ca2 1129 CYASSL_API int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER*,
wolfSSL 0:1239e9b70ca2 1130 CbMissingCRL);
wolfSSL 0:1239e9b70ca2 1131 CYASSL_API int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER*,
wolfSSL 0:1239e9b70ca2 1132 unsigned char*, int sz);
wolfSSL 0:1239e9b70ca2 1133 CYASSL_API int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER*,
wolfSSL 0:1239e9b70ca2 1134 int options);
wolfSSL 0:1239e9b70ca2 1135 CYASSL_API int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER*);
wolfSSL 0:1239e9b70ca2 1136 CYASSL_API int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER*,
wolfSSL 0:1239e9b70ca2 1137 const char*);
wolfSSL 0:1239e9b70ca2 1138 CYASSL_API int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER*,
wolfSSL 0:1239e9b70ca2 1139 CbOCSPIO, CbOCSPRespFree, void*);
wolfSSL 0:1239e9b70ca2 1140
wolfSSL 0:1239e9b70ca2 1141 CYASSL_API int CyaSSL_EnableCRL(CYASSL* ssl, int options);
wolfSSL 0:1239e9b70ca2 1142 CYASSL_API int CyaSSL_DisableCRL(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 1143 CYASSL_API int CyaSSL_LoadCRL(CYASSL*, const char*, int, int);
wolfSSL 0:1239e9b70ca2 1144 CYASSL_API int CyaSSL_SetCRL_Cb(CYASSL*, CbMissingCRL);
wolfSSL 0:1239e9b70ca2 1145 CYASSL_API int CyaSSL_EnableOCSP(CYASSL*, int options);
wolfSSL 0:1239e9b70ca2 1146 CYASSL_API int CyaSSL_DisableOCSP(CYASSL*);
wolfSSL 0:1239e9b70ca2 1147 CYASSL_API int CyaSSL_SetOCSP_OverrideURL(CYASSL*, const char*);
wolfSSL 0:1239e9b70ca2 1148 CYASSL_API int CyaSSL_SetOCSP_Cb(CYASSL*, CbOCSPIO, CbOCSPRespFree, void*);
wolfSSL 0:1239e9b70ca2 1149
wolfSSL 0:1239e9b70ca2 1150 CYASSL_API int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options);
wolfSSL 0:1239e9b70ca2 1151 CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx);
wolfSSL 0:1239e9b70ca2 1152 CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int);
wolfSSL 0:1239e9b70ca2 1153 CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL);
wolfSSL 0:1239e9b70ca2 1154 CYASSL_API int CyaSSL_CTX_EnableOCSP(CYASSL_CTX*, int options);
wolfSSL 0:1239e9b70ca2 1155 CYASSL_API int CyaSSL_CTX_DisableOCSP(CYASSL_CTX*);
wolfSSL 0:1239e9b70ca2 1156 CYASSL_API int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX*, const char*);
wolfSSL 0:1239e9b70ca2 1157 CYASSL_API int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX*,
wolfSSL 0:1239e9b70ca2 1158 CbOCSPIO, CbOCSPRespFree, void*);
wolfSSL 0:1239e9b70ca2 1159 #endif /* !NO_CERTS */
wolfSSL 0:1239e9b70ca2 1160
wolfSSL 0:1239e9b70ca2 1161 /* end of handshake frees temporary arrays, if user needs for get_keys or
wolfSSL 0:1239e9b70ca2 1162 psk hints, call KeepArrays before handshake and then FreeArrays when done
wolfSSL 0:1239e9b70ca2 1163 if don't want to wait for object free */
wolfSSL 0:1239e9b70ca2 1164 CYASSL_API void CyaSSL_KeepArrays(CYASSL*);
wolfSSL 0:1239e9b70ca2 1165 CYASSL_API void CyaSSL_FreeArrays(CYASSL*);
wolfSSL 0:1239e9b70ca2 1166
wolfSSL 0:1239e9b70ca2 1167
wolfSSL 0:1239e9b70ca2 1168 /* cavium additions */
wolfSSL 0:1239e9b70ca2 1169 CYASSL_API int CyaSSL_UseCavium(CYASSL*, int devId);
wolfSSL 0:1239e9b70ca2 1170 CYASSL_API int CyaSSL_CTX_UseCavium(CYASSL_CTX*, int devId);
wolfSSL 0:1239e9b70ca2 1171
wolfSSL 0:1239e9b70ca2 1172 /* TLS Extensions */
wolfSSL 0:1239e9b70ca2 1173
wolfSSL 0:1239e9b70ca2 1174 /* Server Name Indication */
wolfSSL 0:1239e9b70ca2 1175 #ifdef HAVE_SNI
wolfSSL 0:1239e9b70ca2 1176 /* SNI types */
wolfSSL 0:1239e9b70ca2 1177 enum {
wolfSSL 0:1239e9b70ca2 1178 CYASSL_SNI_HOST_NAME = 0
wolfSSL 0:1239e9b70ca2 1179 };
wolfSSL 0:1239e9b70ca2 1180
wolfSSL 0:1239e9b70ca2 1181 CYASSL_API int CyaSSL_UseSNI(CYASSL* ssl, unsigned char type, const void* data,
wolfSSL 0:1239e9b70ca2 1182 unsigned short size);
wolfSSL 0:1239e9b70ca2 1183 CYASSL_API int CyaSSL_CTX_UseSNI(CYASSL_CTX* ctx, unsigned char type,
wolfSSL 0:1239e9b70ca2 1184 const void* data, unsigned short size);
wolfSSL 0:1239e9b70ca2 1185
wolfSSL 0:1239e9b70ca2 1186 #ifndef NO_CYASSL_SERVER
wolfSSL 0:1239e9b70ca2 1187 /* SNI options */
wolfSSL 0:1239e9b70ca2 1188 enum {
wolfSSL 0:1239e9b70ca2 1189 CYASSL_SNI_CONTINUE_ON_MISMATCH = 0x01, /* do not abort on mismatch flag */
wolfSSL 0:1239e9b70ca2 1190 CYASSL_SNI_ANSWER_ON_MISMATCH = 0x02 /* fake match on mismatch flag */
wolfSSL 0:1239e9b70ca2 1191 };
wolfSSL 0:1239e9b70ca2 1192
wolfSSL 0:1239e9b70ca2 1193 CYASSL_API void CyaSSL_SNI_SetOptions(CYASSL* ssl, unsigned char type,
wolfSSL 0:1239e9b70ca2 1194 unsigned char options);
wolfSSL 0:1239e9b70ca2 1195 CYASSL_API void CyaSSL_CTX_SNI_SetOptions(CYASSL_CTX* ctx, unsigned char type,
wolfSSL 0:1239e9b70ca2 1196 unsigned char options);
wolfSSL 0:1239e9b70ca2 1197
wolfSSL 0:1239e9b70ca2 1198 /* SNI status */
wolfSSL 0:1239e9b70ca2 1199 enum {
wolfSSL 0:1239e9b70ca2 1200 CYASSL_SNI_NO_MATCH = 0,
wolfSSL 0:1239e9b70ca2 1201 CYASSL_SNI_FAKE_MATCH = 1, /* if CYASSL_SNI_ANSWER_ON_MISMATCH is enabled */
wolfSSL 0:1239e9b70ca2 1202 CYASSL_SNI_REAL_MATCH = 2
wolfSSL 0:1239e9b70ca2 1203 };
wolfSSL 0:1239e9b70ca2 1204
wolfSSL 0:1239e9b70ca2 1205 CYASSL_API unsigned char CyaSSL_SNI_Status(CYASSL* ssl, unsigned char type);
wolfSSL 0:1239e9b70ca2 1206
wolfSSL 0:1239e9b70ca2 1207 CYASSL_API unsigned short CyaSSL_SNI_GetRequest(CYASSL *ssl, unsigned char type,
wolfSSL 0:1239e9b70ca2 1208 void** data);
wolfSSL 0:1239e9b70ca2 1209
wolfSSL 0:1239e9b70ca2 1210 CYASSL_API int CyaSSL_SNI_GetFromBuffer(
wolfSSL 0:1239e9b70ca2 1211 const unsigned char* clientHello, unsigned int helloSz,
wolfSSL 0:1239e9b70ca2 1212 unsigned char type, unsigned char* sni, unsigned int* inOutSz);
wolfSSL 0:1239e9b70ca2 1213
wolfSSL 0:1239e9b70ca2 1214 #endif /* NO_CYASSL_SERVER */
wolfSSL 0:1239e9b70ca2 1215 #endif /* HAVE_SNI */
wolfSSL 0:1239e9b70ca2 1216
wolfSSL 0:1239e9b70ca2 1217 /* Maximum Fragment Length */
wolfSSL 0:1239e9b70ca2 1218 #ifdef HAVE_MAX_FRAGMENT
wolfSSL 0:1239e9b70ca2 1219 /* Fragment lengths */
wolfSSL 0:1239e9b70ca2 1220 enum {
wolfSSL 0:1239e9b70ca2 1221 CYASSL_MFL_2_9 = 1, /* 512 bytes */
wolfSSL 0:1239e9b70ca2 1222 CYASSL_MFL_2_10 = 2, /* 1024 bytes */
wolfSSL 0:1239e9b70ca2 1223 CYASSL_MFL_2_11 = 3, /* 2048 bytes */
wolfSSL 0:1239e9b70ca2 1224 CYASSL_MFL_2_12 = 4, /* 4096 bytes */
wolfSSL 0:1239e9b70ca2 1225 CYASSL_MFL_2_13 = 5 /* 8192 bytes *//* CyaSSL ONLY!!! */
wolfSSL 0:1239e9b70ca2 1226 };
wolfSSL 0:1239e9b70ca2 1227
wolfSSL 0:1239e9b70ca2 1228 #ifndef NO_CYASSL_CLIENT
wolfSSL 0:1239e9b70ca2 1229
wolfSSL 0:1239e9b70ca2 1230 CYASSL_API int CyaSSL_UseMaxFragment(CYASSL* ssl, unsigned char mfl);
wolfSSL 0:1239e9b70ca2 1231 CYASSL_API int CyaSSL_CTX_UseMaxFragment(CYASSL_CTX* ctx, unsigned char mfl);
wolfSSL 0:1239e9b70ca2 1232
wolfSSL 0:1239e9b70ca2 1233 #endif /* NO_CYASSL_CLIENT */
wolfSSL 0:1239e9b70ca2 1234 #endif /* HAVE_MAX_FRAGMENT */
wolfSSL 0:1239e9b70ca2 1235
wolfSSL 0:1239e9b70ca2 1236 /* Truncated HMAC */
wolfSSL 0:1239e9b70ca2 1237 #ifdef HAVE_TRUNCATED_HMAC
wolfSSL 0:1239e9b70ca2 1238 #ifndef NO_CYASSL_CLIENT
wolfSSL 0:1239e9b70ca2 1239
wolfSSL 0:1239e9b70ca2 1240 CYASSL_API int CyaSSL_UseTruncatedHMAC(CYASSL* ssl);
wolfSSL 0:1239e9b70ca2 1241 CYASSL_API int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx);
wolfSSL 0:1239e9b70ca2 1242
wolfSSL 0:1239e9b70ca2 1243 #endif /* NO_CYASSL_CLIENT */
wolfSSL 0:1239e9b70ca2 1244 #endif /* HAVE_TRUNCATED_HMAC */
wolfSSL 0:1239e9b70ca2 1245
wolfSSL 0:1239e9b70ca2 1246 /* Elliptic Curves */
wolfSSL 0:1239e9b70ca2 1247 #ifdef HAVE_SUPPORTED_CURVES
wolfSSL 0:1239e9b70ca2 1248
wolfSSL 0:1239e9b70ca2 1249 enum {
wolfSSL 0:1239e9b70ca2 1250 CYASSL_ECC_SECP160R1 = 0x10,
wolfSSL 0:1239e9b70ca2 1251 CYASSL_ECC_SECP192R1 = 0x13,
wolfSSL 0:1239e9b70ca2 1252 CYASSL_ECC_SECP224R1 = 0x15,
wolfSSL 0:1239e9b70ca2 1253 CYASSL_ECC_SECP256R1 = 0x17,
wolfSSL 0:1239e9b70ca2 1254 CYASSL_ECC_SECP384R1 = 0x18,
wolfSSL 0:1239e9b70ca2 1255 CYASSL_ECC_SECP521R1 = 0x19
wolfSSL 0:1239e9b70ca2 1256 };
wolfSSL 0:1239e9b70ca2 1257
wolfSSL 0:1239e9b70ca2 1258 #ifndef NO_CYASSL_CLIENT
wolfSSL 0:1239e9b70ca2 1259
wolfSSL 0:1239e9b70ca2 1260 CYASSL_API int CyaSSL_UseSupportedCurve(CYASSL* ssl, unsigned short name);
wolfSSL 0:1239e9b70ca2 1261 CYASSL_API int CyaSSL_CTX_UseSupportedCurve(CYASSL_CTX* ctx,
wolfSSL 0:1239e9b70ca2 1262 unsigned short name);
wolfSSL 0:1239e9b70ca2 1263
wolfSSL 0:1239e9b70ca2 1264 #endif /* NO_CYASSL_CLIENT */
wolfSSL 0:1239e9b70ca2 1265 #endif /* HAVE_SUPPORTED_CURVES */
wolfSSL 0:1239e9b70ca2 1266
wolfSSL 0:1239e9b70ca2 1267
wolfSSL 0:1239e9b70ca2 1268 #define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */
wolfSSL 0:1239e9b70ca2 1269 #define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */
wolfSSL 0:1239e9b70ca2 1270
wolfSSL 0:1239e9b70ca2 1271 #ifdef CYASSL_CALLBACKS
wolfSSL 0:1239e9b70ca2 1272
wolfSSL 0:1239e9b70ca2 1273 /* used internally by CyaSSL while OpenSSL types aren't */
wolfSSL 0:1239e9b70ca2 1274 #include <cyassl/callbacks.h>
wolfSSL 0:1239e9b70ca2 1275
wolfSSL 0:1239e9b70ca2 1276 typedef int (*HandShakeCallBack)(HandShakeInfo*);
wolfSSL 0:1239e9b70ca2 1277 typedef int (*TimeoutCallBack)(TimeoutInfo*);
wolfSSL 0:1239e9b70ca2 1278
wolfSSL 0:1239e9b70ca2 1279 /* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack
wolfSSL 0:1239e9b70ca2 1280 for diagnostics */
wolfSSL 0:1239e9b70ca2 1281 CYASSL_API int CyaSSL_connect_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack,
wolfSSL 0:1239e9b70ca2 1282 Timeval);
wolfSSL 0:1239e9b70ca2 1283 CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack,
wolfSSL 0:1239e9b70ca2 1284 Timeval);
wolfSSL 0:1239e9b70ca2 1285
wolfSSL 0:1239e9b70ca2 1286 #endif /* CYASSL_CALLBACKS */
wolfSSL 0:1239e9b70ca2 1287
wolfSSL 0:1239e9b70ca2 1288
wolfSSL 0:1239e9b70ca2 1289 #ifdef CYASSL_HAVE_WOLFSCEP
wolfSSL 0:1239e9b70ca2 1290 CYASSL_API void CyaSSL_wolfSCEP(void);
wolfSSL 0:1239e9b70ca2 1291 #endif /* CYASSL_HAVE_WOLFSCEP */
wolfSSL 0:1239e9b70ca2 1292
wolfSSL 0:1239e9b70ca2 1293 #ifdef CYASSL_HAVE_CERT_SERVICE
wolfSSL 0:1239e9b70ca2 1294 CYASSL_API void CyaSSL_cert_service(void);
wolfSSL 0:1239e9b70ca2 1295 #endif
wolfSSL 0:1239e9b70ca2 1296
wolfSSL 0:1239e9b70ca2 1297
wolfSSL 0:1239e9b70ca2 1298 #ifdef __cplusplus
wolfSSL 0:1239e9b70ca2 1299 } /* extern "C" */
wolfSSL 0:1239e9b70ca2 1300 #endif
wolfSSL 0:1239e9b70ca2 1301
wolfSSL 0:1239e9b70ca2 1302
wolfSSL 0:1239e9b70ca2 1303 #endif /* CYASSL_SSL_H */
wolfSSL 0:1239e9b70ca2 1304
wolfSSL 0:1239e9b70ca2 1305