wolfSSL SSL/TLS library, support up to TLS1.3
Embed:
(wiki syntax)
Show/hide line numbers
ssl.h
Go to the documentation of this file.
00001 /* ssl.h 00002 * 00003 * Copyright (C) 2006-2017 wolfSSL Inc. 00004 * 00005 * This file is part of wolfSSL. 00006 * 00007 * wolfSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * wolfSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 00020 */ 00021 /*! 00022 \file ../wolfssl/ssl.h 00023 \brief Header file containing key wolfSSL API 00024 */ 00025 00026 /* wolfSSL API */ 00027 00028 #ifndef WOLFSSL_SSL_H 00029 #define WOLFSSL_SSL_H 00030 00031 00032 /* for users not using preprocessor flags*/ 00033 #include <wolfcrypt/settings.h> 00034 #include <wolfssl/version.h> 00035 #include <wolfcrypt/logging.h> 00036 #include <wolfcrypt/asn_public.h> 00037 00038 #ifdef HAVE_WOLF_EVENT 00039 #include <wolfcrypt/wolfevent.h> 00040 #endif 00041 00042 #ifndef NO_FILESYSTEM 00043 #if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) 00044 #if MQX_USE_IO_OLD 00045 #include <fio.h> 00046 #else 00047 #include <nio.h> 00048 #endif 00049 #endif 00050 #endif 00051 00052 #ifdef WOLFSSL_PREFIX 00053 #include "prefix_ssl.h" 00054 #endif 00055 00056 #ifdef LIBWOLFSSL_VERSION_STRING 00057 #define WOLFSSL_VERSION LIBWOLFSSL_VERSION_STRING 00058 #endif 00059 00060 #ifdef _WIN32 00061 /* wincrypt.h clashes */ 00062 #undef OCSP_REQUEST 00063 #undef OCSP_RESPONSE 00064 #endif 00065 00066 #ifdef OPENSSL_COEXIST 00067 /* mode to allow wolfSSL and OpenSSL to exist together */ 00068 #ifdef TEST_OPENSSL_COEXIST 00069 /* 00070 ./configure --enable-opensslcoexist \ 00071 CFLAGS="-I/usr/local/opt/openssl/include -DTEST_OPENSSL_COEXIST" \ 00072 LDFLAGS="-L/usr/local/opt/openssl/lib -lcrypto" 00073 */ 00074 #include <openssl/ssl.h> 00075 #include <openssl/rand.h> 00076 #include <openssl/err.h> 00077 #include <openssl/ec.h> 00078 #include <openssl/hmac.h> 00079 #include <openssl/bn.h> 00080 #endif 00081 00082 /* make sure old names are disabled */ 00083 #ifndef NO_OLD_SSL_NAMES 00084 #define NO_OLD_SSL_NAMES 00085 #endif 00086 #ifndef NO_OLD_WC_NAMES 00087 #define NO_OLD_WC_NAMES 00088 #endif 00089 00090 #elif (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 00091 #include <wolfssl/openssl/bn.h> 00092 #include <wolfssl/openssl/hmac.h> 00093 00094 /* We need the old SSL names */ 00095 #ifdef NO_OLD_SSL_NAMES 00096 #undef NO_OLD_SSL_NAMES 00097 #endif 00098 #ifdef NO_OLD_WC_NAMES 00099 #undef NO_OLD_WC_NAMES 00100 #endif 00101 #endif 00102 00103 00104 #ifdef __cplusplus 00105 extern "C" { 00106 #endif 00107 00108 #ifndef WOLFSSL_WOLFSSL_TYPE_DEFINED 00109 #define WOLFSSL_WOLFSSL_TYPE_DEFINED 00110 typedef struct WOLFSSL WOLFSSL; 00111 #endif 00112 typedef struct WOLFSSL_SESSION WOLFSSL_SESSION; 00113 typedef struct WOLFSSL_METHOD WOLFSSL_METHOD; 00114 #ifndef WOLFSSL_WOLFSSL_CTX_TYPE_DEFINED 00115 #define WOLFSSL_WOLFSSL_CTX_TYPE_DEFINED 00116 typedef struct WOLFSSL_CTX WOLFSSL_CTX; 00117 #endif 00118 00119 typedef struct WOLFSSL_STACK WOLFSSL_STACK; 00120 typedef struct WOLFSSL_X509 WOLFSSL_X509; 00121 typedef struct WOLFSSL_X509_NAME WOLFSSL_X509_NAME; 00122 typedef struct WOLFSSL_X509_NAME_ENTRY WOLFSSL_X509_NAME_ENTRY; 00123 typedef struct WOLFSSL_X509_CHAIN WOLFSSL_X509_CHAIN; 00124 typedef struct WC_PKCS12 WOLFSSL_X509_PKCS12; 00125 00126 typedef struct WOLFSSL_CERT_MANAGER WOLFSSL_CERT_MANAGER; 00127 typedef struct WOLFSSL_SOCKADDR WOLFSSL_SOCKADDR; 00128 typedef struct WOLFSSL_CRL WOLFSSL_CRL; 00129 00130 typedef void *WOLFSSL_X509_STORE_CTX_verify_cb; /* verify callback */ 00131 00132 /* redeclare guard */ 00133 #define WOLFSSL_TYPES_DEFINED 00134 00135 #include <wolfssl/wolfio.h > 00136 00137 00138 #ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */ 00139 typedef struct WOLFSSL_RSA WOLFSSL_RSA; 00140 #define WOLFSSL_RSA_TYPE_DEFINED 00141 #endif 00142 00143 #ifndef WC_RNG_TYPE_DEFINED /* guard on redeclaration */ 00144 typedef struct WC_RNG WC_RNG; 00145 #define WC_RNG_TYPE_DEFINED 00146 #endif 00147 00148 #ifndef WOLFSSL_DSA_TYPE_DEFINED /* guard on redeclaration */ 00149 typedef struct WOLFSSL_DSA WOLFSSL_DSA; 00150 #define WOLFSSL_DSA_TYPE_DEFINED 00151 #endif 00152 00153 #ifndef WOLFSSL_EC_TYPE_DEFINED /* guard on redeclaration */ 00154 typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY; 00155 typedef struct WOLFSSL_EC_POINT WOLFSSL_EC_POINT; 00156 typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_GROUP; 00157 #define WOLFSSL_EC_TYPE_DEFINED 00158 #endif 00159 00160 #ifndef WOLFSSL_ECDSA_TYPE_DEFINED /* guard on redeclaration */ 00161 typedef struct WOLFSSL_ECDSA_SIG WOLFSSL_ECDSA_SIG; 00162 #define WOLFSSL_ECDSA_TYPE_DEFINED 00163 #endif 00164 00165 typedef struct WOLFSSL_CIPHER WOLFSSL_CIPHER; 00166 typedef struct WOLFSSL_X509_LOOKUP WOLFSSL_X509_LOOKUP; 00167 typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD; 00168 typedef struct WOLFSSL_CRL WOLFSSL_X509_CRL; 00169 typedef struct WOLFSSL_X509_STORE WOLFSSL_X509_STORE; 00170 typedef struct WOLFSSL_X509_VERIFY_PARAM WOLFSSL_X509_VERIFY_PARAM; 00171 typedef struct WOLFSSL_BIO WOLFSSL_BIO; 00172 typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD; 00173 typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION; 00174 typedef struct WOLFSSL_ASN1_TIME WOLFSSL_ASN1_TIME; 00175 typedef struct WOLFSSL_ASN1_INTEGER WOLFSSL_ASN1_INTEGER; 00176 typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT; 00177 00178 typedef struct WOLFSSL_ASN1_STRING WOLFSSL_ASN1_STRING; 00179 typedef struct WOLFSSL_dynlock_value WOLFSSL_dynlock_value; 00180 typedef struct WOLFSSL_DH WOLFSSL_DH; 00181 typedef struct WOLFSSL_ASN1_BIT_STRING WOLFSSL_ASN1_BIT_STRING; 00182 00183 #define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME 00184 #define WOLFSSL_ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME 00185 00186 #define WOLFSSL_ASN1_INTEGER_MAX 20 00187 struct WOLFSSL_ASN1_INTEGER { 00188 /* size can be increased set at 20 for tag, length then to hold at least 16 00189 * byte type */ 00190 unsigned char intData[WOLFSSL_ASN1_INTEGER_MAX]; 00191 /* ASN_INTEGER | LENGTH | hex of number */ 00192 unsigned char negative; /* negative number flag */ 00193 00194 unsigned char* data; 00195 unsigned int dataMax; /* max size of data buffer */ 00196 unsigned int isDynamic:1; /* flag for if data pointer dynamic (1 is yes 0 is no) */ 00197 }; 00198 00199 struct WOLFSSL_ASN1_TIME { 00200 /* MAX_DATA_SIZE is 32 */ 00201 unsigned char data[32 + 2]; 00202 /* ASN_TIME | LENGTH | date bytes */ 00203 }; 00204 00205 struct WOLFSSL_ASN1_STRING { 00206 int length; 00207 int type; /* type of string i.e. CTC_UTF8 */ 00208 char* data; 00209 long flags; 00210 }; 00211 00212 #define WOLFSSL_MAX_SNAME 40 00213 struct WOLFSSL_ASN1_OBJECT { 00214 void* heap; 00215 unsigned char* obj; 00216 /* sName is short name i.e sha256 rather than oid (null terminated) */ 00217 char sName[WOLFSSL_MAX_SNAME]; 00218 int type; /* oid */ 00219 int grp; /* type of OID, i.e. oidCertPolicyType */ 00220 unsigned int objSz; 00221 unsigned char dynamic; /* if 1 then obj was dynamiclly created, 0 otherwise */ 00222 struct d { /* derefrenced */ 00223 WOLFSSL_ASN1_STRING ia5_internal; 00224 WOLFSSL_ASN1_STRING* ia5; /* points to ia5_internal */ 00225 WOLFSSL_ASN1_STRING* dNSName; 00226 WOLFSSL_ASN1_STRING* iPAddress; 00227 } d; 00228 }; 00229 00230 struct WOLFSSL_EVP_PKEY { 00231 void* heap; 00232 int type; /* openssh dereference */ 00233 int save_type; /* openssh dereference */ 00234 int pkey_sz; 00235 union { 00236 char* ptr; /* der format of key / or raw for NTRU */ 00237 } pkey; 00238 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 00239 #ifndef NO_RSA 00240 WOLFSSL_RSA* rsa; 00241 byte ownRsa; /* if struct owns RSA and should free it */ 00242 #endif 00243 #ifdef HAVE_ECC 00244 WOLFSSL_EC_KEY* ecc; 00245 byte ownEcc; /* if struct owns ECC and should free it */ 00246 #endif 00247 WC_RNG rng; 00248 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 00249 #ifdef HAVE_ECC 00250 int pkey_curve; 00251 #endif 00252 }; 00253 typedef struct WOLFSSL_EVP_PKEY WOLFSSL_PKCS8_PRIV_KEY_INFO; 00254 00255 #ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */ 00256 typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY; 00257 typedef char WOLFSSL_EVP_MD; 00258 #define WOLFSSL_EVP_TYPE_DEFINED 00259 #endif 00260 00261 #define WOLFSSL_EVP_PKEY_DEFAULT EVP_PKEY_RSA /* default key type */ 00262 00263 00264 enum BIO_TYPE { 00265 WOLFSSL_BIO_BUFFER = 1, 00266 WOLFSSL_BIO_SOCKET = 2, 00267 WOLFSSL_BIO_SSL = 3, 00268 WOLFSSL_BIO_MEMORY = 4, 00269 WOLFSSL_BIO_BIO = 5, 00270 WOLFSSL_BIO_FILE = 6, 00271 WOLFSSL_BIO_BASE64 = 7 00272 }; 00273 00274 enum BIO_FLAGS { 00275 WOLFSSL_BIO_FLAG_BASE64_NO_NL = 0x01, 00276 WOLFSSL_BIO_FLAG_READ = 0x02, 00277 WOLFSSL_BIO_FLAG_WRITE = 0x04, 00278 WOLFSSL_BIO_FLAG_IO_SPECIAL = 0x08, 00279 WOLFSSL_BIO_FLAG_RETRY = 0x10 00280 }; 00281 00282 typedef struct WOLFSSL_BUF_MEM { 00283 char* data; /* dereferenced */ 00284 size_t length; /* current length */ 00285 size_t max; /* maximum length */ 00286 } WOLFSSL_BUF_MEM; 00287 00288 typedef struct WOLFSSL_COMP_METHOD { 00289 int type; /* stunnel dereference */ 00290 } WOLFSSL_COMP_METHOD; 00291 00292 struct WOLFSSL_X509_LOOKUP_METHOD { 00293 int type; 00294 }; 00295 00296 struct WOLFSSL_X509_LOOKUP { 00297 WOLFSSL_X509_STORE *store; 00298 }; 00299 00300 struct WOLFSSL_X509_STORE { 00301 int cache; /* stunnel dereference */ 00302 WOLFSSL_CERT_MANAGER* cm; 00303 WOLFSSL_X509_LOOKUP lookup; 00304 #ifdef OPENSSL_EXTRA 00305 int isDynamic; 00306 #endif 00307 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) 00308 WOLFSSL_X509_CRL *crl; 00309 #endif 00310 }; 00311 00312 #ifdef OPENSSL_EXTRA 00313 #define WOLFSSL_USE_CHECK_TIME 0x2 00314 #define WOLFSSL_NO_CHECK_TIME 0x200000 00315 #define WOLFSSL_NO_WILDCARDS 0x4 00316 struct WOLFSSL_X509_VERIFY_PARAM { 00317 time_t check_time; 00318 unsigned long flags; 00319 }; 00320 #endif 00321 00322 typedef struct WOLFSSL_ALERT { 00323 int code; 00324 int level; 00325 } WOLFSSL_ALERT; 00326 00327 typedef struct WOLFSSL_ALERT_HISTORY { 00328 WOLFSSL_ALERT last_rx; 00329 WOLFSSL_ALERT last_tx; 00330 } WOLFSSL_ALERT_HISTORY; 00331 00332 typedef struct WOLFSSL_X509_REVOKED { 00333 WOLFSSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */ 00334 } WOLFSSL_X509_REVOKED; 00335 00336 00337 typedef struct WOLFSSL_X509_OBJECT { 00338 union { 00339 char* ptr; 00340 WOLFSSL_X509 *x509; 00341 WOLFSSL_X509_CRL* crl; /* stunnel dereference */ 00342 } data; 00343 } WOLFSSL_X509_OBJECT; 00344 00345 typedef struct WOLFSSL_BUFFER_INFO { 00346 unsigned char* buffer; 00347 unsigned int length; 00348 } WOLFSSL_BUFFER_INFO; 00349 00350 typedef struct WOLFSSL_X509_STORE_CTX { 00351 WOLFSSL_X509_STORE* store; /* Store full of a CA cert chain */ 00352 WOLFSSL_X509* current_cert; /* stunnel dereference */ 00353 WOLFSSL_X509* current_issuer; /* asio dereference */ 00354 WOLFSSL_X509_CHAIN* sesChain; /* pointer to WOLFSSL_SESSION peer chain */ 00355 WOLFSSL_STACK* chain; 00356 #ifdef OPENSSL_EXTRA 00357 WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */ 00358 #endif 00359 char* domain; /* subject CN domain name */ 00360 void* ex_data; /* external data, for fortress build */ 00361 void* userCtx; /* user ctx */ 00362 int error; /* current error */ 00363 int error_depth; /* index of cert depth for this error */ 00364 int discardSessionCerts; /* so verify callback can flag for discard */ 00365 int totalCerts; /* number of peer cert buffers */ 00366 WOLFSSL_BUFFER_INFO* certs; /* peer certs */ 00367 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb; /* verify callback */ 00368 } WOLFSSL_X509_STORE_CTX; 00369 00370 typedef char* WOLFSSL_STRING; 00371 00372 /* Valid Alert types from page 16/17 00373 * Add alert string to the function wolfSSL_alert_type_string_long in src/ssl.c 00374 */ 00375 enum AlertDescription { 00376 close_notify = 0, 00377 unexpected_message = 10, 00378 bad_record_mac = 20, 00379 record_overflow = 22, 00380 decompression_failure = 30, 00381 handshake_failure = 40, 00382 no_certificate = 41, 00383 bad_certificate = 42, 00384 unsupported_certificate = 43, 00385 certificate_revoked = 44, 00386 certificate_expired = 45, 00387 certificate_unknown = 46, 00388 illegal_parameter = 47, 00389 decode_error = 50, 00390 decrypt_error = 51, 00391 #ifdef WOLFSSL_MYSQL_COMPATIBLE 00392 /* catch name conflict for enum protocol with MYSQL build */ 00393 wc_protocol_version = 70, 00394 #else 00395 protocol_version = 70, 00396 #endif 00397 no_renegotiation = 100, 00398 unsupported_extension = 110, /**< RFC 5246, section 7.2.2 */ 00399 unrecognized_name = 112, /**< RFC 6066, section 3 */ 00400 bad_certificate_status_response = 113, /**< RFC 6066, section 8 */ 00401 unknown_psk_identity = 115, /**< RFC 4279, section 2 */ 00402 no_application_protocol = 120 00403 }; 00404 00405 00406 enum AlertLevel { 00407 alert_warning = 1, 00408 alert_fatal = 2 00409 }; 00410 00411 /* Maximum master key length (SECRET_LEN) */ 00412 #define WOLFSSL_MAX_MASTER_KEY_LENGTH 48 00413 /* Maximum number of groups that can be set */ 00414 #define WOLFSSL_MAX_GROUP_COUNT 10 00415 00416 typedef WOLFSSL_METHOD* (*wolfSSL_method_func)(void* heap); 00417 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method_ex(void* heap); 00418 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method_ex(void* heap); 00419 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method_ex(void* heap); 00420 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method_ex(void* heap); 00421 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method_ex(void* heap); 00422 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method_ex(void* heap); 00423 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method_ex(void* heap); 00424 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method_ex(void* heap); 00425 #ifdef WOLFSSL_TLS13 00426 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_server_method_ex(void* heap); 00427 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_client_method_ex(void* heap); 00428 #endif 00429 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method_ex(void* heap); 00430 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_client_method_ex(void* heap); 00431 00432 #ifdef WOLFSSL_DTLS 00433 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method_ex(void* heap); 00434 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method_ex(void* heap); 00435 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method_ex(void* heap); 00436 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method_ex(void* heap); 00437 #endif 00438 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_method(void); 00439 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method(void); 00440 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method(void); 00441 WOLFSSL_API WOLFSSL_METHOD* wolfTLSv1_method(void); 00442 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method(void); 00443 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method(void); 00444 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_method(void); 00445 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void); 00446 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method(void); 00447 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_method(void); 00448 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void); 00449 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void); 00450 #ifdef WOLFSSL_TLS13 00451 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_server_method(void); 00452 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_client_method(void); 00453 #endif 00454 00455 #ifdef WOLFSSL_DTLS 00456 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method(void); 00457 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method(void); 00458 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method(void); 00459 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void); 00460 #endif 00461 00462 #ifdef HAVE_POLY1305 00463 WOLFSSL_API int wolfSSL_use_old_poly(WOLFSSL*, int); 00464 #endif 00465 00466 #ifdef WOLFSSL_SESSION_EXPORT 00467 #ifdef WOLFSSL_DTLS 00468 00469 #ifndef WOLFSSL_DTLS_EXPORT_TYPES 00470 typedef int (*wc_dtls_export)(WOLFSSL* ssl, 00471 unsigned char* exportBuffer, unsigned int sz, void* userCtx); 00472 #define WOLFSSL_DTLS_EXPORT_TYPES 00473 #endif /* WOLFSSL_DTLS_EXPORT_TYPES */ 00474 00475 WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf, 00476 unsigned int sz); 00477 WOLFSSL_API int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx, 00478 wc_dtls_export func); 00479 WOLFSSL_API int wolfSSL_dtls_set_export(WOLFSSL* ssl, wc_dtls_export func); 00480 WOLFSSL_API int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf, 00481 unsigned int* sz); 00482 #endif /* WOLFSSL_DTLS */ 00483 #endif /* WOLFSSL_SESSION_EXPORT */ 00484 00485 #ifdef WOLFSSL_STATIC_MEMORY 00486 #ifndef WOLFSSL_MEM_GUARD 00487 #define WOLFSSL_MEM_GUARD 00488 typedef struct WOLFSSL_MEM_STATS WOLFSSL_MEM_STATS; 00489 typedef struct WOLFSSL_MEM_CONN_STATS WOLFSSL_MEM_CONN_STATS; 00490 #endif 00491 WOLFSSL_API int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX** ctx, 00492 wolfSSL_method_func method, 00493 unsigned char* buf, unsigned int sz, 00494 int flag, int max); 00495 WOLFSSL_API int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx, 00496 WOLFSSL_MEM_STATS* mem_stats); 00497 WOLFSSL_API int wolfSSL_is_static_memory(WOLFSSL* ssl, 00498 WOLFSSL_MEM_CONN_STATS* mem_stats); 00499 #endif 00500 00501 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) 00502 00503 WOLFSSL_API int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX*, const char*, int); 00504 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, const char*, int); 00505 WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*, 00506 const char*); 00507 #ifdef WOLFSSL_TRUST_PEER_CERT 00508 WOLFSSL_API int wolfSSL_CTX_trust_peer_cert(WOLFSSL_CTX*, const char*, int); 00509 #endif 00510 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *, 00511 const char *file); 00512 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX *, 00513 const char *file, int format); 00514 WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int); 00515 00516 WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl); 00517 WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx); 00518 WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); 00519 WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, int); 00520 WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*, int); 00521 WOLFSSL_API int wolfSSL_use_certificate_chain_file(WOLFSSL*, const char *file); 00522 WOLFSSL_API int wolfSSL_use_certificate_chain_file_format(WOLFSSL*, 00523 const char *file, int format); 00524 WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int); 00525 00526 #ifdef WOLFSSL_DER_LOAD 00527 WOLFSSL_API int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX*, 00528 const char*, int); 00529 #endif 00530 00531 #ifdef HAVE_NTRU 00532 WOLFSSL_API int wolfSSL_CTX_use_NTRUPrivateKey_file(WOLFSSL_CTX*, const char*); 00533 /* load NTRU private key blob */ 00534 #endif 00535 00536 #endif /* !NO_FILESYSTEM && !NO_CERTS */ 00537 00538 WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*); 00539 WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); 00540 WOLFSSL_API int wolfSSL_is_server(WOLFSSL*); 00541 WOLFSSL_API WOLFSSL* wolfSSL_write_dup(WOLFSSL*); 00542 WOLFSSL_API int wolfSSL_set_fd (WOLFSSL*, int); 00543 WOLFSSL_API int wolfSSL_set_write_fd (WOLFSSL*, int); 00544 WOLFSSL_API int wolfSSL_set_read_fd (WOLFSSL*, int); 00545 WOLFSSL_API char* wolfSSL_get_cipher_list(int priority); 00546 WOLFSSL_API char* wolfSSL_get_cipher_list_ex(WOLFSSL* ssl, int priority); 00547 WOLFSSL_API int wolfSSL_get_ciphers(char*, int); 00548 WOLFSSL_API const char* wolfSSL_get_cipher_name(WOLFSSL* ssl); 00549 WOLFSSL_API const char* wolfSSL_get_cipher_name_from_suite(const unsigned char, 00550 const unsigned char); 00551 WOLFSSL_API const char* wolfSSL_get_shared_ciphers(WOLFSSL* ssl, char* buf, 00552 int len); 00553 WOLFSSL_API const char* wolfSSL_get_curve_name(WOLFSSL* ssl); 00554 WOLFSSL_API int wolfSSL_get_fd(const WOLFSSL*); 00555 /* please see note at top of README if you get an error from connect */ 00556 WOLFSSL_API int wolfSSL_connect(WOLFSSL*); 00557 WOLFSSL_API int wolfSSL_write(WOLFSSL*, const void*, int); 00558 WOLFSSL_API int wolfSSL_read(WOLFSSL*, void*, int); 00559 WOLFSSL_API int wolfSSL_peek(WOLFSSL*, void*, int); 00560 WOLFSSL_API int wolfSSL_accept(WOLFSSL*); 00561 #ifdef WOLFSSL_TLS13 00562 WOLFSSL_API int wolfSSL_send_hrr_cookie(WOLFSSL* ssl, 00563 const unsigned char* secret, unsigned int secretSz); 00564 WOLFSSL_API int wolfSSL_CTX_no_ticket_TLSv13(WOLFSSL_CTX* ctx); 00565 WOLFSSL_API int wolfSSL_no_ticket_TLSv13(WOLFSSL* ssl); 00566 WOLFSSL_API int wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX* ctx); 00567 WOLFSSL_API int wolfSSL_no_dhe_psk(WOLFSSL* ssl); 00568 WOLFSSL_API int wolfSSL_update_keys(WOLFSSL* ssl); 00569 WOLFSSL_API int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx); 00570 WOLFSSL_API int wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl); 00571 WOLFSSL_API int wolfSSL_request_certificate(WOLFSSL* ssl); 00572 00573 WOLFSSL_API int wolfSSL_preferred_group(WOLFSSL* ssl); 00574 WOLFSSL_API int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups, 00575 int count); 00576 WOLFSSL_API int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count); 00577 00578 WOLFSSL_API int wolfSSL_connect_TLSv13(WOLFSSL*); 00579 WOLFSSL_API int wolfSSL_accept_TLSv13(WOLFSSL*); 00580 00581 #ifdef WOLFSSL_EARLY_DATA 00582 WOLFSSL_API int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx, 00583 unsigned int sz); 00584 WOLFSSL_API int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz); 00585 WOLFSSL_API int wolfSSL_write_early_data(WOLFSSL*, const void*, int, int*); 00586 WOLFSSL_API int wolfSSL_read_early_data(WOLFSSL*, void*, int, int*); 00587 #endif 00588 #endif 00589 WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX*); 00590 WOLFSSL_API void wolfSSL_free(WOLFSSL*); 00591 WOLFSSL_API int wolfSSL_shutdown(WOLFSSL*); 00592 WOLFSSL_API int wolfSSL_send(WOLFSSL*, const void*, int sz, int flags); 00593 WOLFSSL_API int wolfSSL_recv(WOLFSSL*, void*, int sz, int flags); 00594 00595 WOLFSSL_API void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX*, int); 00596 WOLFSSL_API void wolfSSL_set_quiet_shutdown(WOLFSSL*, int); 00597 00598 WOLFSSL_API int wolfSSL_get_error(WOLFSSL*, int); 00599 WOLFSSL_API int wolfSSL_get_alert_history(WOLFSSL*, WOLFSSL_ALERT_HISTORY *); 00600 00601 WOLFSSL_API int wolfSSL_set_session(WOLFSSL*, WOLFSSL_SESSION*); 00602 WOLFSSL_API long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION*, long); 00603 WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL*); 00604 WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX*, long); 00605 WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL*, const unsigned char*, int, int); 00606 00607 #if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) 00608 WOLFSSL_API int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO**, size_t, 00609 WOLFSSL_BIO**, size_t); 00610 00611 WOLFSSL_API WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO*, WOLFSSL_RSA**); 00612 WOLFSSL_API int wolfSSL_CTX_use_certificate_ASN1(WOLFSSL_CTX*, 00613 int, const unsigned char*); 00614 WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX*, WOLFSSL_RSA*); 00615 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO*, WOLFSSL_EVP_PKEY**); 00616 #endif /* OPENSSL_ALL || WOLFSSL_ASIO */ 00617 00618 #ifdef SESSION_INDEX 00619 WOLFSSL_API int wolfSSL_GetSessionIndex(WOLFSSL* ssl); 00620 WOLFSSL_API int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session); 00621 #endif /* SESSION_INDEX */ 00622 00623 #if defined(SESSION_INDEX) && defined(SESSION_CERTS) 00624 WOLFSSL_API 00625 WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session); 00626 #endif /* SESSION_INDEX && SESSION_CERTS */ 00627 00628 typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*); 00629 #ifdef OPENSSL_EXTRA 00630 typedef void (CallbackInfoState)(const WOLFSSL*, int, int); 00631 00632 typedef struct WOLFSSL_CRYPTO_EX_DATA { 00633 WOLFSSL_STACK* data; 00634 } WOLFSSL_CRYPTO_EX_DATA; 00635 00636 typedef int (WOLFSSL_CRYPTO_EX_new)(void* p, void* ptr, 00637 WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); 00638 typedef int (WOLFSSL_CRYPTO_EX_dup)(WOLFSSL_CRYPTO_EX_DATA* out, 00639 WOLFSSL_CRYPTO_EX_DATA* in, void* inPtr, int idx, long argV, void* arg); 00640 typedef void (WOLFSSL_CRYPTO_EX_free)(void* p, void* ptr, 00641 WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); 00642 00643 WOLFSSL_API int wolfSSL_get_ex_new_index(long argValue, void* arg, 00644 WOLFSSL_CRYPTO_EX_new* a, WOLFSSL_CRYPTO_EX_dup* b, 00645 WOLFSSL_CRYPTO_EX_free* c); 00646 #endif 00647 00648 WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int, 00649 VerifyCallback verify_callback); 00650 WOLFSSL_API void wolfSSL_set_verify(WOLFSSL*, int, VerifyCallback verify_callback); 00651 WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*); 00652 00653 WOLFSSL_API int wolfSSL_pending(WOLFSSL*); 00654 00655 WOLFSSL_API void wolfSSL_load_error_strings(void); 00656 WOLFSSL_API int wolfSSL_library_init(void); 00657 WOLFSSL_API long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX*, long); 00658 00659 #ifdef HAVE_SECRET_CALLBACK 00660 typedef int (*SessionSecretCb)(WOLFSSL* ssl, 00661 void* secret, int* secretSz, void* ctx); 00662 WOLFSSL_API int wolfSSL_set_session_secret_cb(WOLFSSL*, SessionSecretCb, void*); 00663 #endif /* HAVE_SECRET_CALLBACK */ 00664 00665 /* session cache persistence */ 00666 WOLFSSL_API int wolfSSL_save_session_cache(const char*); 00667 WOLFSSL_API int wolfSSL_restore_session_cache(const char*); 00668 WOLFSSL_API int wolfSSL_memsave_session_cache(void*, int); 00669 WOLFSSL_API int wolfSSL_memrestore_session_cache(const void*, int); 00670 WOLFSSL_API int wolfSSL_get_session_cache_memsize(void); 00671 00672 /* certificate cache persistence, uses ctx since certs are per ctx */ 00673 WOLFSSL_API int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX*, const char*); 00674 WOLFSSL_API int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX*, const char*); 00675 WOLFSSL_API int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX*, void*, int, int*); 00676 WOLFSSL_API int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX*, const void*, int); 00677 WOLFSSL_API int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*); 00678 00679 /* only supports full name from cipher_name[] delimited by : */ 00680 WOLFSSL_API int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX*, const char*); 00681 WOLFSSL_API int wolfSSL_set_cipher_list(WOLFSSL*, const char*); 00682 00683 /* Nonblocking DTLS helper functions */ 00684 WOLFSSL_API void wolfSSL_dtls_set_using_nonblock(WOLFSSL*, int); 00685 WOLFSSL_API int wolfSSL_dtls_get_using_nonblock(WOLFSSL*); 00686 #define wolfSSL_set_using_nonblock wolfSSL_dtls_set_using_nonblock 00687 #define wolfSSL_get_using_nonblock wolfSSL_dtls_get_using_nonblock 00688 /* The old names are deprecated. */ 00689 WOLFSSL_API int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl); 00690 WOLFSSL_API int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int); 00691 WOLFSSL_API int wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int); 00692 WOLFSSL_API int wolfSSL_dtls_got_timeout(WOLFSSL* ssl); 00693 WOLFSSL_API int wolfSSL_dtls(WOLFSSL* ssl); 00694 00695 WOLFSSL_API int wolfSSL_dtls_set_peer(WOLFSSL*, void*, unsigned int); 00696 WOLFSSL_API int wolfSSL_dtls_get_peer(WOLFSSL*, void*, unsigned int*); 00697 00698 WOLFSSL_API int wolfSSL_CTX_dtls_set_sctp(WOLFSSL_CTX*); 00699 WOLFSSL_API int wolfSSL_dtls_set_sctp(WOLFSSL*); 00700 WOLFSSL_API int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX*, unsigned short); 00701 WOLFSSL_API int wolfSSL_dtls_set_mtu(WOLFSSL*, unsigned short); 00702 00703 WOLFSSL_API int wolfSSL_dtls_get_drop_stats(WOLFSSL*, 00704 unsigned int*, unsigned int*); 00705 WOLFSSL_API int wolfSSL_CTX_mcast_set_member_id(WOLFSSL_CTX*, unsigned short); 00706 WOLFSSL_API int wolfSSL_set_secret(WOLFSSL*, unsigned short, 00707 const unsigned char*, unsigned int, 00708 const unsigned char*, const unsigned char*, 00709 const unsigned char*); 00710 WOLFSSL_API int wolfSSL_mcast_read(WOLFSSL*, unsigned short*, void*, int); 00711 WOLFSSL_API int wolfSSL_mcast_peer_add(WOLFSSL*, unsigned short, int); 00712 WOLFSSL_API int wolfSSL_mcast_peer_known(WOLFSSL*, unsigned short); 00713 WOLFSSL_API int wolfSSL_mcast_get_max_peers(void); 00714 typedef int (*CallbackMcastHighwater)(unsigned short peerId, 00715 unsigned int maxSeq, 00716 unsigned int curSeq, void* ctx); 00717 WOLFSSL_API int wolfSSL_CTX_mcast_set_highwater_cb(WOLFSSL_CTX*, 00718 unsigned int, 00719 unsigned int, 00720 unsigned int, 00721 CallbackMcastHighwater); 00722 WOLFSSL_API int wolfSSL_mcast_set_highwater_ctx(WOLFSSL*, void*); 00723 00724 WOLFSSL_API int wolfSSL_ERR_GET_REASON(unsigned long err); 00725 WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*); 00726 WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char* buf, 00727 unsigned long sz); 00728 WOLFSSL_API const char* wolfSSL_ERR_reason_error_string(unsigned long); 00729 00730 /* extras */ 00731 00732 #ifndef WOLF_STACK_OF 00733 #define WOLF_STACK_OF(x) WOLFSSL_STACK 00734 #endif 00735 #ifndef DECLARE_STACK_OF 00736 #define DECLARE_STACK_OF(x) WOLF_STACK_OF(x); 00737 #endif 00738 00739 WOLFSSL_API int wolfSSL_sk_X509_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, 00740 WOLFSSL_X509* x509); 00741 WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_pop(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk); 00742 WOLFSSL_API void wolfSSL_sk_X509_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk); 00743 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_sk_GENERAL_NAME_value( 00744 WOLFSSL_STACK* sk, int i); 00745 WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_num(WOLFSSL_STACK* sk); 00746 WOLFSSL_API void wolfSSL_sk_GENERAL_NAME_pop_free(WOLFSSL_STACK* sk, 00747 void f (WOLFSSL_ASN1_OBJECT*)); 00748 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void); 00749 WOLFSSL_API void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj); 00750 WOLFSSL_API int wolfSSL_sk_ASN1_OBJECT_push(WOLF_STACK_OF(WOLFSSL_ASN1_OBJEXT)* sk, 00751 WOLFSSL_ASN1_OBJECT* obj); 00752 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_sk_ASN1_OBJCET_pop( 00753 WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk); 00754 WOLFSSL_API void wolfSSL_sk_ASN1_OBJECT_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk); 00755 WOLFSSL_API int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *in); 00756 00757 WOLFSSL_API int wolfSSL_set_ex_data(WOLFSSL*, int, void*); 00758 WOLFSSL_API int wolfSSL_get_shutdown(const WOLFSSL*); 00759 WOLFSSL_API int wolfSSL_set_rfd(WOLFSSL*, int); 00760 WOLFSSL_API int wolfSSL_set_wfd(WOLFSSL*, int); 00761 WOLFSSL_API void wolfSSL_set_shutdown(WOLFSSL*, int); 00762 WOLFSSL_API int wolfSSL_set_session_id_context(WOLFSSL*, const unsigned char*, 00763 unsigned int); 00764 WOLFSSL_API void wolfSSL_set_connect_state(WOLFSSL*); 00765 WOLFSSL_API void wolfSSL_set_accept_state(WOLFSSL*); 00766 WOLFSSL_API int wolfSSL_session_reused(WOLFSSL*); 00767 WOLFSSL_API void wolfSSL_SESSION_free(WOLFSSL_SESSION* session); 00768 WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL*); 00769 00770 WOLFSSL_API const char* wolfSSL_get_version(WOLFSSL*); 00771 WOLFSSL_API int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl); 00772 WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*); 00773 WOLFSSL_API char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER*, char*, int); 00774 WOLFSSL_API const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher); 00775 WOLFSSL_API const char* wolfSSL_SESSION_CIPHER_get_name(WOLFSSL_SESSION* session); 00776 WOLFSSL_API const char* wolfSSL_get_cipher(WOLFSSL*); 00777 WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl); 00778 /* what's ref count */ 00779 00780 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_new(void); 00781 00782 WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, 00783 char** path, int* ssl); 00784 00785 WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void); 00786 WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void); 00787 WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); 00788 00789 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); 00790 WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*); 00791 WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*); 00792 WOLFSSL_API int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz); 00793 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_next(WOLFSSL_BIO* bio); 00794 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_find_type(WOLFSSL_BIO* bio, int type); 00795 WOLFSSL_API int wolfSSL_BIO_read(WOLFSSL_BIO*, void*, int); 00796 WOLFSSL_API int wolfSSL_BIO_write(WOLFSSL_BIO*, const void*, int); 00797 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO*, WOLFSSL_BIO* append); 00798 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO*); 00799 WOLFSSL_API int wolfSSL_BIO_flush(WOLFSSL_BIO*); 00800 WOLFSSL_API int wolfSSL_BIO_pending(WOLFSSL_BIO*); 00801 00802 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void); 00803 WOLFSSL_API long wolfSSL_BIO_set_write_buffer_size(WOLFSSL_BIO*, long size); 00804 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void); 00805 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int flag); 00806 WOLFSSL_API int wolfSSL_BIO_eof(WOLFSSL_BIO*); 00807 00808 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void); 00809 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void); 00810 WOLFSSL_API void wolfSSL_BIO_set_flags(WOLFSSL_BIO*, int); 00811 00812 WOLFSSL_API int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,void* p); 00813 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len); 00814 00815 00816 WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag); 00817 WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag); 00818 WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr); 00819 00820 #ifndef NO_FILESYSTEM 00821 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_file(void); 00822 #endif 00823 00824 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_bio(void); 00825 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void); 00826 00827 WOLFSSL_API long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, void *parg); 00828 WOLFSSL_API long wolfSSL_BIO_int_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, int iarg); 00829 00830 WOLFSSL_API int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size); 00831 WOLFSSL_API int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2); 00832 WOLFSSL_API int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b); 00833 WOLFSSL_API int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf); 00834 WOLFSSL_API int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num); 00835 WOLFSSL_API int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num); 00836 WOLFSSL_API int wolfSSL_BIO_reset(WOLFSSL_BIO *bio); 00837 00838 WOLFSSL_API int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs); 00839 WOLFSSL_API int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name); 00840 WOLFSSL_API long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v); 00841 WOLFSSL_API long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m); 00842 00843 WOLFSSL_API void wolfSSL_RAND_screen(void); 00844 WOLFSSL_API const char* wolfSSL_RAND_file_name(char*, unsigned long); 00845 WOLFSSL_API int wolfSSL_RAND_write_file(const char*); 00846 WOLFSSL_API int wolfSSL_RAND_load_file(const char*, long); 00847 WOLFSSL_API int wolfSSL_RAND_egd(const char*); 00848 WOLFSSL_API int wolfSSL_RAND_seed(const void*, int); 00849 WOLFSSL_API void wolfSSL_RAND_Cleanup(void); 00850 WOLFSSL_API void wolfSSL_RAND_add(const void*, int, double); 00851 WOLFSSL_API int wolfSSL_RAND_poll(void); 00852 00853 WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void); 00854 WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void); 00855 WOLFSSL_API int wolfSSL_COMP_add_compression_method(int, void*); 00856 00857 WOLFSSL_API unsigned long wolfSSL_thread_id(void); 00858 WOLFSSL_API void wolfSSL_set_id_callback(unsigned long (*f)(void)); 00859 WOLFSSL_API void wolfSSL_set_locking_callback(void (*f)(int, int, const char*, 00860 int)); 00861 WOLFSSL_API void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f) 00862 (const char*, int)); 00863 WOLFSSL_API void wolfSSL_set_dynlock_lock_callback(void (*f)(int, 00864 WOLFSSL_dynlock_value*, const char*, int)); 00865 WOLFSSL_API void wolfSSL_set_dynlock_destroy_callback(void (*f) 00866 (WOLFSSL_dynlock_value*, const char*, int)); 00867 WOLFSSL_API int wolfSSL_num_locks(void); 00868 00869 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get_current_cert( 00870 WOLFSSL_X509_STORE_CTX*); 00871 WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error(WOLFSSL_X509_STORE_CTX*); 00872 WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error_depth(WOLFSSL_X509_STORE_CTX*); 00873 00874 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_verify_cb(WOLFSSL_X509_STORE_CTX *ctx, 00875 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb); 00876 WOLFSSL_API int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* n, 00877 unsigned char** out); 00878 WOLFSSL_API int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); 00879 WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, char*, int); 00880 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*); 00881 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*); 00882 WOLFSSL_API int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509*, int); 00883 WOLFSSL_API int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509*, int); 00884 WOLFSSL_API int wolfSSL_X509_get_isCA(WOLFSSL_X509*); 00885 WOLFSSL_API int wolfSSL_X509_get_isSet_pathLength(WOLFSSL_X509*); 00886 WOLFSSL_API unsigned int wolfSSL_X509_get_pathLength(WOLFSSL_X509*); 00887 WOLFSSL_API unsigned int wolfSSL_X509_get_keyUsage(WOLFSSL_X509*); 00888 WOLFSSL_API unsigned char* wolfSSL_X509_get_authorityKeyID( 00889 WOLFSSL_X509*, unsigned char*, int*); 00890 WOLFSSL_API unsigned char* wolfSSL_X509_get_subjectKeyID( 00891 WOLFSSL_X509*, unsigned char*, int*); 00892 WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*); 00893 WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID( 00894 WOLFSSL_X509_NAME*, int, char*, int); 00895 WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_NID( 00896 WOLFSSL_X509_NAME*, int, int); 00897 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY*); 00898 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void); 00899 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type); 00900 WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); 00901 WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, 00902 const void* data, int dataSz); 00903 WOLFSSL_API unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); 00904 WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); 00905 WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*); 00906 WOLFSSL_API const char* wolfSSL_X509_verify_cert_error_string(long); 00907 WOLFSSL_API int wolfSSL_X509_get_signature_type(WOLFSSL_X509*); 00908 WOLFSSL_API int wolfSSL_X509_get_signature(WOLFSSL_X509*, unsigned char*, int*); 00909 00910 WOLFSSL_API int wolfSSL_X509_LOOKUP_add_dir(WOLFSSL_X509_LOOKUP*,const char*,long); 00911 WOLFSSL_API int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP*, const char*, 00912 long); 00913 WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_hash_dir(void); 00914 WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_file(void); 00915 00916 WOLFSSL_API WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE*, 00917 WOLFSSL_X509_LOOKUP_METHOD*); 00918 WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void); 00919 WOLFSSL_API void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE*); 00920 WOLFSSL_API int wolfSSL_X509_STORE_add_cert( 00921 WOLFSSL_X509_STORE*, WOLFSSL_X509*); 00922 WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get_chain( 00923 WOLFSSL_X509_STORE_CTX* ctx); 00924 WOLFSSL_API int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store, 00925 unsigned long flag); 00926 WOLFSSL_API int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE*); 00927 WOLFSSL_API int wolfSSL_X509_STORE_get_by_subject(WOLFSSL_X509_STORE_CTX*, 00928 int, WOLFSSL_X509_NAME*, WOLFSSL_X509_OBJECT*); 00929 WOLFSSL_API WOLFSSL_X509_STORE_CTX* wolfSSL_X509_STORE_CTX_new(void); 00930 WOLFSSL_API int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX*, 00931 WOLFSSL_X509_STORE*, WOLFSSL_X509*, WOLF_STACK_OF(WOLFSSL_X509)*); 00932 WOLFSSL_API void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX*); 00933 WOLFSSL_API void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX*); 00934 00935 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL*); 00936 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL*); 00937 00938 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509*); 00939 WOLFSSL_API int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKEY*); 00940 WOLFSSL_API void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT*); 00941 WOLFSSL_API WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_d2i_PKCS8_PKEY_bio( 00942 WOLFSSL_BIO* bio, WOLFSSL_PKCS8_PRIV_KEY_INFO** pkey); 00943 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio, 00944 WOLFSSL_EVP_PKEY** out); 00945 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** key, 00946 unsigned char** in, long inSz); 00947 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, 00948 WOLFSSL_EVP_PKEY** out, const unsigned char **in, long inSz); 00949 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** key, 00950 unsigned char** in, long inSz); 00951 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new_ex(void* heap); 00952 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new(void); 00953 WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*); 00954 WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*); 00955 #ifdef OPENSSL_EXTRA 00956 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX*, 00957 unsigned long flags, 00958 time_t t); 00959 #endif 00960 WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*); 00961 WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value( 00962 WOLFSSL_X509_REVOKED*,int); 00963 WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509*); 00964 WOLFSSL_API void wolfSSL_ASN1_INTEGER_free(WOLFSSL_ASN1_INTEGER*); 00965 WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_new(void); 00966 00967 WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO*, const WOLFSSL_ASN1_TIME*); 00968 00969 WOLFSSL_API char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, 00970 char* buf, int len); 00971 WOLFSSL_API int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER*, 00972 const WOLFSSL_ASN1_INTEGER*); 00973 WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER*); 00974 00975 #ifdef OPENSSL_EXTRA 00976 WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai, 00977 WOLFSSL_BIGNUM *bn); 00978 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*); 00979 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME*, time_t, 00980 int, long); 00981 #endif 00982 00983 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list( 00984 const WOLFSSL_CTX *s); 00985 WOLFSSL_API void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX*, 00986 WOLF_STACK_OF(WOLFSSL_X509_NAME)*); 00987 WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX*, int); 00988 WOLFSSL_API int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void); 00989 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error( 00990 WOLFSSL_X509_STORE_CTX* ctx, int er); 00991 WOLFSSL_API void* wolfSSL_get_ex_data(const WOLFSSL*, int); 00992 00993 WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX*, 00994 void* userdata); 00995 WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb(WOLFSSL_CTX*, 00996 pem_password_cb*); 00997 WOLFSSL_API pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX *ctx); 00998 WOLFSSL_API void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx); 00999 01000 WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX*, 01001 void (*)(const WOLFSSL* ssl, int type, int val)); 01002 01003 WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void); 01004 WOLFSSL_API int wolfSSL_GET_REASON(int); 01005 01006 WOLFSSL_API const char* wolfSSL_alert_type_string_long(int); 01007 WOLFSSL_API const char* wolfSSL_alert_desc_string_long(int); 01008 WOLFSSL_API const char* wolfSSL_state_string_long(const WOLFSSL*); 01009 01010 WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long, 01011 void(*)(int, int, void*), void*); 01012 WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r, 01013 const unsigned char **pp, long len); 01014 WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPrivateKey(WOLFSSL_RSA**, 01015 const unsigned char**, long); 01016 WOLFSSL_API int wolfSSL_i2d_RSAPublicKey(WOLFSSL_RSA *r, const unsigned char **pp); 01017 WOLFSSL_API int wolfSSL_i2d_RSAPrivateKey(WOLFSSL_RSA *r, unsigned char **pp); 01018 WOLFSSL_API void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX *, 01019 WOLFSSL_RSA *(*)(WOLFSSL *, int, int)); 01020 01021 WOLFSSL_API int wolfSSL_PEM_def_callback(char*, int num, int w, void* key); 01022 01023 WOLFSSL_API long wolfSSL_CTX_sess_accept(WOLFSSL_CTX*); 01024 WOLFSSL_API long wolfSSL_CTX_sess_connect(WOLFSSL_CTX*); 01025 WOLFSSL_API long wolfSSL_CTX_sess_accept_good(WOLFSSL_CTX*); 01026 WOLFSSL_API long wolfSSL_CTX_sess_connect_good(WOLFSSL_CTX*); 01027 WOLFSSL_API long wolfSSL_CTX_sess_accept_renegotiate(WOLFSSL_CTX*); 01028 WOLFSSL_API long wolfSSL_CTX_sess_connect_renegotiate(WOLFSSL_CTX*); 01029 WOLFSSL_API long wolfSSL_CTX_sess_hits(WOLFSSL_CTX*); 01030 WOLFSSL_API long wolfSSL_CTX_sess_cb_hits(WOLFSSL_CTX*); 01031 WOLFSSL_API long wolfSSL_CTX_sess_cache_full(WOLFSSL_CTX*); 01032 WOLFSSL_API long wolfSSL_CTX_sess_misses(WOLFSSL_CTX*); 01033 WOLFSSL_API long wolfSSL_CTX_sess_timeouts(WOLFSSL_CTX*); 01034 WOLFSSL_API long wolfSSL_CTX_sess_number(WOLFSSL_CTX*); 01035 01036 WOLFSSL_API long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX*, WOLFSSL_X509*); 01037 WOLFSSL_API long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX*, long); 01038 WOLFSSL_API long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX*); 01039 01040 WOLFSSL_API long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX*); 01041 WOLFSSL_API int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*); 01042 WOLFSSL_API int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX*, int v); 01043 WOLFSSL_API long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX*, void* arg); 01044 WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg( 01045 WOLFSSL_CTX*, void* arg); 01046 WOLFSSL_API int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX*, WOLFSSL_X509*); 01047 WOLFSSL_API int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX*, char*); 01048 WOLFSSL_API int wolfSSL_CTX_set_srp_username(WOLFSSL_CTX*, char*); 01049 01050 WOLFSSL_API long wolfSSL_set_options(WOLFSSL *s, long op); 01051 WOLFSSL_API long wolfSSL_get_options(const WOLFSSL *s); 01052 WOLFSSL_API long wolfSSL_clear_options(WOLFSSL *s, long op); 01053 WOLFSSL_API long wolfSSL_clear_num_renegotiations(WOLFSSL *s); 01054 WOLFSSL_API long wolfSSL_total_renegotiations(WOLFSSL *s); 01055 WOLFSSL_API long wolfSSL_set_tmp_dh(WOLFSSL *s, WOLFSSL_DH *dh); 01056 WOLFSSL_API long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg); 01057 WOLFSSL_API long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type); 01058 WOLFSSL_API long wolfSSL_set_tlsext_status_exts(WOLFSSL *s, void *arg); 01059 WOLFSSL_API long wolfSSL_get_tlsext_status_ids(WOLFSSL *s, void *arg); 01060 WOLFSSL_API long wolfSSL_set_tlsext_status_ids(WOLFSSL *s, void *arg); 01061 WOLFSSL_API long wolfSSL_get_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char **resp); 01062 WOLFSSL_API long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *resp, int len); 01063 01064 WOLFSSL_API void wolfSSL_CONF_modules_unload(int all); 01065 WOLFSSL_API long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg); 01066 WOLFSSL_API long wolfSSL_get_verify_result(const WOLFSSL *ssl); 01067 01068 #define WOLFSSL_DEFAULT_CIPHER_LIST "" /* default all */ 01069 01070 enum { 01071 WOLFSSL_OCSP_URL_OVERRIDE = 1, 01072 WOLFSSL_OCSP_NO_NONCE = 2, 01073 WOLFSSL_OCSP_CHECKALL = 4, 01074 01075 WOLFSSL_CRL_CHECKALL = 1, 01076 WOLFSSL_CRL_CHECK = 27, 01077 }; 01078 01079 #ifdef OPENSSL_EXTRA 01080 /* seperated out from other enums because of size */ 01081 enum { 01082 SSL_OP_MICROSOFT_SESS_ID_BUG = 0x00000001, 01083 SSL_OP_NETSCAPE_CHALLENGE_BUG = 0x00000002, 01084 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 0x00000004, 01085 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 0x00000008, 01086 SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 0x00000010, 01087 SSL_OP_MSIE_SSLV2_RSA_PADDING = 0x00000020, 01088 SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 0x00000040, 01089 SSL_OP_TLS_D5_BUG = 0x00000080, 01090 SSL_OP_TLS_BLOCK_PADDING_BUG = 0x00000100, 01091 SSL_OP_TLS_ROLLBACK_BUG = 0x00000200, 01092 SSL_OP_ALL = 0x00000400, 01093 SSL_OP_EPHEMERAL_RSA = 0x00000800, 01094 SSL_OP_NO_SSLv3 = 0x00001000, 01095 SSL_OP_NO_TLSv1 = 0x00002000, 01096 SSL_OP_PKCS1_CHECK_1 = 0x00004000, 01097 SSL_OP_PKCS1_CHECK_2 = 0x00008000, 01098 SSL_OP_NETSCAPE_CA_DN_BUG = 0x00010000, 01099 SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 0x00020000, 01100 SSL_OP_SINGLE_DH_USE = 0x00040000, 01101 SSL_OP_NO_TICKET = 0x00080000, 01102 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 0x00100000, 01103 SSL_OP_NO_QUERY_MTU = 0x00200000, 01104 SSL_OP_COOKIE_EXCHANGE = 0x00400000, 01105 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 0x00800000, 01106 SSL_OP_SINGLE_ECDH_USE = 0x01000000, 01107 SSL_OP_CIPHER_SERVER_PREFERENCE = 0x02000000, 01108 SSL_OP_NO_TLSv1_1 = 0x04000000, 01109 SSL_OP_NO_TLSv1_2 = 0x08000000, 01110 SSL_OP_NO_COMPRESSION = 0x10000000, 01111 SSL_OP_NO_TLSv1_3 = 0x20000000, 01112 }; 01113 01114 enum { 01115 #ifdef HAVE_OCSP 01116 /* OCSP Flags */ 01117 OCSP_NOCERTS = 1, 01118 OCSP_NOINTERN = 2, 01119 OCSP_NOSIGS = 4, 01120 OCSP_NOCHAIN = 8, 01121 OCSP_NOVERIFY = 16, 01122 OCSP_NOEXPLICIT = 32, 01123 OCSP_NOCASIGN = 64, 01124 OCSP_NODELEGATED = 128, 01125 OCSP_NOCHECKS = 256, 01126 OCSP_TRUSTOTHER = 512, 01127 OCSP_RESPID_KEY = 1024, 01128 OCSP_NOTIME = 2048, 01129 01130 /* OCSP Types */ 01131 OCSP_CERTID = 2, 01132 OCSP_REQUEST = 4, 01133 OCSP_RESPONSE = 8, 01134 OCSP_BASICRESP = 16, 01135 #endif 01136 01137 ASN1_GENERALIZEDTIME = 4, 01138 SSL_MAX_SSL_SESSION_ID_LENGTH = 32, 01139 01140 EVP_R_BAD_DECRYPT = 2, 01141 01142 SSL_ST_CONNECT = 0x1000, 01143 SSL_ST_ACCEPT = 0x2000, 01144 SSL_ST_MASK = 0x0FFF, 01145 01146 SSL_CB_LOOP = 0x01, 01147 SSL_CB_EXIT = 0x02, 01148 SSL_CB_READ = 0x04, 01149 SSL_CB_WRITE = 0x08, 01150 SSL_CB_HANDSHAKE_START = 0x10, 01151 SSL_CB_HANDSHAKE_DONE = 0x20, 01152 SSL_CB_ALERT = 0x4000, 01153 SSL_CB_READ_ALERT = (SSL_CB_ALERT | SSL_CB_READ), 01154 SSL_CB_WRITE_ALERT = (SSL_CB_ALERT | SSL_CB_WRITE), 01155 SSL_CB_ACCEPT_LOOP = (SSL_ST_ACCEPT | SSL_CB_LOOP), 01156 SSL_CB_ACCEPT_EXIT = (SSL_ST_ACCEPT | SSL_CB_EXIT), 01157 SSL_CB_CONNECT_LOOP = (SSL_ST_CONNECT | SSL_CB_LOOP), 01158 SSL_CB_CONNECT_EXIT = (SSL_ST_CONNECT | SSL_CB_EXIT), 01159 SSL_CB_MODE_READ = 1, 01160 SSL_CB_MODE_WRITE = 2, 01161 01162 SSL_MODE_ENABLE_PARTIAL_WRITE = 2, 01163 01164 BIO_FLAGS_BASE64_NO_NL = 1, 01165 BIO_CLOSE = 1, 01166 BIO_NOCLOSE = 0, 01167 01168 NID_undef = 0, 01169 01170 X509_FILETYPE_PEM = 8, 01171 X509_LU_X509 = 9, 01172 X509_LU_CRL = 12, 01173 01174 X509_V_OK = 0, 01175 X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, 01176 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, 01177 X509_V_ERR_CRL_HAS_EXPIRED = 15, 01178 X509_V_ERR_CERT_REVOKED = 16, 01179 X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, 01180 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, 01181 X509_V_ERR_CERT_NOT_YET_VALID = 19, 01182 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, 01183 X509_V_ERR_CERT_HAS_EXPIRED = 21, 01184 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, 01185 X509_V_ERR_CERT_REJECTED = 23, 01186 /* Required for Nginx */ 01187 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 24, 01188 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN = 25, 01189 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 26, 01190 X509_V_ERR_CERT_UNTRUSTED = 27, 01191 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 28, 01192 X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 29, 01193 /* additional X509_V_ERR_* enums not used in wolfSSL */ 01194 X509_V_ERR_UNABLE_TO_GET_CRL, 01195 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE, 01196 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE, 01197 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY, 01198 X509_V_ERR_CERT_SIGNATURE_FAILURE, 01199 X509_V_ERR_CRL_NOT_YET_VALID, 01200 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD, 01201 X509_V_ERR_OUT_OF_MEM, 01202 X509_V_ERR_INVALID_CA, 01203 X509_V_ERR_PATH_LENGTH_EXCEEDED, 01204 X509_V_ERR_INVALID_PURPOSE, 01205 X509_V_ERR_AKID_SKID_MISMATCH, 01206 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH, 01207 X509_V_ERR_KEYUSAGE_NO_CERTSIGN, 01208 X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER, 01209 X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION, 01210 X509_V_ERR_KEYUSAGE_NO_CRL_SIGN, 01211 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION, 01212 X509_V_ERR_INVALID_NON_CA, 01213 X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED, 01214 X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE, 01215 X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED, 01216 X509_V_ERR_INVALID_EXTENSION, 01217 X509_V_ERR_INVALID_POLICY_EXTENSION, 01218 X509_V_ERR_NO_EXPLICIT_POLICY, 01219 X509_V_ERR_UNNESTED_RESOURCE, 01220 01221 X509_R_CERT_ALREADY_IN_HASH_TABLE, 01222 01223 XN_FLAG_SPC_EQ = (1 << 23), 01224 XN_FLAG_ONELINE = 0, 01225 XN_FLAG_RFC2253 = 1, 01226 01227 CRYPTO_LOCK = 1, 01228 CRYPTO_NUM_LOCKS = 10, 01229 01230 ASN1_STRFLGS_ESC_MSB = 4 01231 }; 01232 #endif 01233 01234 /* extras end */ 01235 01236 #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) 01237 /* wolfSSL extension, provide last error from SSL_get_error 01238 since not using thread storage error queue */ 01239 #include <stdio.h> 01240 WOLFSSL_API void wolfSSL_ERR_print_errors_fp(XFILE, int err); 01241 #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) 01242 WOLFSSL_API void wolfSSL_ERR_dump_errors_fp(XFILE fp); 01243 #endif 01244 #endif 01245 01246 01247 #ifndef NO_OLD_SSL_NAMES 01248 #define SSL_ERROR_NONE WOLFSSL_ERROR_NONE 01249 #define SSL_FAILURE WOLFSSL_FAILURE 01250 #define SSL_SUCCESS WOLFSSL_SUCCESS 01251 #define SSL_SHUTDOWN_NOT_DONE WOLFSSL_SHUTDOWN_NOT_DONE 01252 01253 #define SSL_ALPN_NOT_FOUND WOLFSSL_ALPN_NOT_FOUND 01254 #define SSL_BAD_CERTTYPE WOLFSSL_BAD_CERTTYPE 01255 #define SSL_BAD_STAT WOLFSSL_BAD_STAT 01256 #define SSL_BAD_PATH WOLFSSL_BAD_PATH 01257 #define SSL_BAD_FILETYPE WOLFSSL_BAD_FILETYPE 01258 #define SSL_BAD_FILE WOLFSSL_BAD_FILE 01259 #define SSL_NOT_IMPLEMENTED WOLFSSL_NOT_IMPLEMENTED 01260 #define SSL_UNKNOWN WOLFSSL_UNKNOWN 01261 #define SSL_FATAL_ERROR WOLFSSL_FATAL_ERROR 01262 01263 #define SSL_FILETYPE_ASN1 WOLFSSL_FILETYPE_ASN1 01264 #define SSL_FILETYPE_PEM WOLFSSL_FILETYPE_PEM 01265 #define SSL_FILETYPE_DEFAULT WOLFSSL_FILETYPE_DEFAULT 01266 #define SSL_FILETYPE_RAW WOLFSSL_FILETYPE_RAW 01267 01268 #define SSL_VERIFY_NONE WOLFSSL_VERIFY_NONE 01269 #define SSL_VERIFY_PEER WOLFSSL_VERIFY_PEER 01270 #define SSL_VERIFY_FAIL_IF_NO_PEER_CERT WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT 01271 #define SSL_VERIFY_CLIENT_ONCE WOLFSSL_VERIFY_CLIENT_ONCE 01272 #define SSL_VERIFY_FAIL_EXCEPT_PSK WOLFSSL_VERIFY_FAIL_EXCEPT_PSK 01273 01274 #define SSL_SESS_CACHE_OFF WOLFSSL_SESS_CACHE_OFF 01275 #define SSL_SESS_CACHE_CLIENT WOLFSSL_SESS_CACHE_CLIENT 01276 #define SSL_SESS_CACHE_SERVER WOLFSSL_SESS_CACHE_SERVER 01277 #define SSL_SESS_CACHE_BOTH WOLFSSL_SESS_CACHE_BOTH 01278 #define SSL_SESS_CACHE_NO_AUTO_CLEAR WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR 01279 #define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP 01280 #define SSL_SESS_CACHE_NO_INTERNAL_STORE WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE 01281 #define SSL_SESS_CACHE_NO_INTERNAL WOLFSSL_SESS_CACHE_NO_INTERNAL 01282 01283 #define SSL_ERROR_WANT_READ WOLFSSL_ERROR_WANT_READ 01284 #define SSL_ERROR_WANT_WRITE WOLFSSL_ERROR_WANT_WRITE 01285 #define SSL_ERROR_WANT_CONNECT WOLFSSL_ERROR_WANT_CONNECT 01286 #define SSL_ERROR_WANT_ACCEPT WOLFSSL_ERROR_WANT_ACCEPT 01287 #define SSL_ERROR_SYSCALL WOLFSSL_ERROR_SYSCALL 01288 #define SSL_ERROR_WANT_X509_LOOKUP WOLFSSL_ERROR_WANT_X509_LOOKUP 01289 #define SSL_ERROR_ZERO_RETURN WOLFSSL_ERROR_ZERO_RETURN 01290 #define SSL_ERROR_SSL WOLFSSL_ERROR_SSL 01291 01292 #define SSL_SENT_SHUTDOWN WOLFSSL_SENT_SHUTDOWN 01293 #define SSL_RECEIVED_SHUTDOWN WOLFSSL_RECEIVED_SHUTDOWN 01294 #define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER WOLFSSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 01295 #define SSL_OP_NO_SSLv2 WOLFSSL_OP_NO_SSLv2 01296 01297 #define SSL_R_SSL_HANDSHAKE_FAILURE WOLFSSL_R_SSL_HANDSHAKE_FAILURE 01298 #define SSL_R_TLSV1_ALERT_UNKNOWN_CA WOLFSSL_R_TLSV1_ALERT_UNKNOWN_CA 01299 #define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN WOLFSSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 01300 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE WOLFSSL_R_SSLV3_ALERT_BAD_CERTIFICATE 01301 01302 #define PEM_BUFSIZE WOLF_PEM_BUFSIZE 01303 #endif 01304 01305 enum { /* ssl Constants */ 01306 WOLFSSL_ERROR_NONE = 0, /* for most functions */ 01307 WOLFSSL_FAILURE = 0, /* for some functions */ 01308 WOLFSSL_SUCCESS = 1, 01309 WOLFSSL_SHUTDOWN_NOT_DONE = 2, /* call wolfSSL_shutdown again to complete */ 01310 01311 WOLFSSL_ALPN_NOT_FOUND = -9, 01312 WOLFSSL_BAD_CERTTYPE = -8, 01313 WOLFSSL_BAD_STAT = -7, 01314 WOLFSSL_BAD_PATH = -6, 01315 WOLFSSL_BAD_FILETYPE = -5, 01316 WOLFSSL_BAD_FILE = -4, 01317 WOLFSSL_NOT_IMPLEMENTED = -3, 01318 WOLFSSL_UNKNOWN = -2, 01319 WOLFSSL_FATAL_ERROR = -1, 01320 01321 WOLFSSL_FILETYPE_ASN1 = 2, 01322 WOLFSSL_FILETYPE_PEM = 1, 01323 WOLFSSL_FILETYPE_DEFAULT = 2, /* ASN1 */ 01324 WOLFSSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ 01325 01326 WOLFSSL_VERIFY_NONE = 0, 01327 WOLFSSL_VERIFY_PEER = 1, 01328 WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, 01329 WOLFSSL_VERIFY_CLIENT_ONCE = 4, 01330 WOLFSSL_VERIFY_FAIL_EXCEPT_PSK = 8, 01331 01332 WOLFSSL_SESS_CACHE_OFF = 0x0000, 01333 WOLFSSL_SESS_CACHE_CLIENT = 0x0001, 01334 WOLFSSL_SESS_CACHE_SERVER = 0x0002, 01335 WOLFSSL_SESS_CACHE_BOTH = 0x0003, 01336 WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR = 0x0008, 01337 WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 0x0100, 01338 WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE = 0x0200, 01339 WOLFSSL_SESS_CACHE_NO_INTERNAL = 0x0300, 01340 01341 WOLFSSL_ERROR_WANT_READ = 2, 01342 WOLFSSL_ERROR_WANT_WRITE = 3, 01343 WOLFSSL_ERROR_WANT_CONNECT = 7, 01344 WOLFSSL_ERROR_WANT_ACCEPT = 8, 01345 WOLFSSL_ERROR_SYSCALL = 5, 01346 WOLFSSL_ERROR_WANT_X509_LOOKUP = 83, 01347 WOLFSSL_ERROR_ZERO_RETURN = 6, 01348 WOLFSSL_ERROR_SSL = 85, 01349 01350 WOLFSSL_SENT_SHUTDOWN = 1, 01351 WOLFSSL_RECEIVED_SHUTDOWN = 2, 01352 WOLFSSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4, 01353 WOLFSSL_OP_NO_SSLv2 = 8, 01354 01355 WOLFSSL_R_SSL_HANDSHAKE_FAILURE = 101, 01356 WOLFSSL_R_TLSV1_ALERT_UNKNOWN_CA = 102, 01357 WOLFSSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103, 01358 WOLFSSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104, 01359 01360 WOLF_PEM_BUFSIZE = 1024 01361 }; 01362 01363 #ifndef NO_PSK 01364 typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*, 01365 unsigned int, unsigned char*, unsigned int); 01366 WOLFSSL_API void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX*, 01367 wc_psk_client_callback); 01368 WOLFSSL_API void wolfSSL_set_psk_client_callback(WOLFSSL*, 01369 wc_psk_client_callback); 01370 01371 WOLFSSL_API const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*); 01372 WOLFSSL_API const char* wolfSSL_get_psk_identity(const WOLFSSL*); 01373 01374 WOLFSSL_API int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX*, const char*); 01375 WOLFSSL_API int wolfSSL_use_psk_identity_hint(WOLFSSL*, const char*); 01376 01377 typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*, 01378 unsigned char*, unsigned int); 01379 WOLFSSL_API void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX*, 01380 wc_psk_server_callback); 01381 WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL*, 01382 wc_psk_server_callback); 01383 01384 #define PSK_TYPES_DEFINED 01385 #endif /* NO_PSK */ 01386 01387 01388 #ifdef HAVE_ANON 01389 WOLFSSL_API int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*); 01390 #endif /* HAVE_ANON */ 01391 01392 01393 /* extra begins */ 01394 #ifdef OPENSSL_EXTRA 01395 enum { /* ERR Constants */ 01396 ERR_TXT_STRING = 1 01397 }; 01398 01399 /* bio misc */ 01400 enum { 01401 WOLFSSL_BIO_ERROR = -1, 01402 WOLFSSL_BIO_UNSET = -2, 01403 WOLFSSL_BIO_SIZE = 17000 /* default BIO write size if not set */ 01404 }; 01405 #endif 01406 01407 WOLFSSL_API void wolfSSL_ERR_put_error(int lib, int fun, int err, 01408 const char* file, int line); 01409 WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line(const char**, int*); 01410 WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line_data(const char**, int*, 01411 const char**, int *); 01412 01413 WOLFSSL_API unsigned long wolfSSL_ERR_get_error(void); 01414 WOLFSSL_API void wolfSSL_ERR_clear_error(void); 01415 01416 01417 WOLFSSL_API int wolfSSL_RAND_status(void); 01418 WOLFSSL_API int wolfSSL_RAND_pseudo_bytes(unsigned char* buf, int num); 01419 WOLFSSL_API int wolfSSL_RAND_bytes(unsigned char* buf, int num); 01420 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method(void); 01421 WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long); 01422 WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx); 01423 WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long); 01424 01425 #ifndef NO_CERTS 01426 WOLFSSL_API int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX*); 01427 #endif /* !NO_CERTS */ 01428 01429 WOLFSSL_API void wolfSSL_ERR_free_strings(void); 01430 WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long); 01431 WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl); 01432 WOLFSSL_API int wolfSSL_state(WOLFSSL* ssl); 01433 01434 WOLFSSL_API void wolfSSL_cleanup_all_ex_data(void); 01435 WOLFSSL_API long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode); 01436 WOLFSSL_API long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx); 01437 WOLFSSL_API void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m); 01438 WOLFSSL_API long wolfSSL_SSL_get_mode(WOLFSSL* ssl); 01439 01440 01441 WOLFSSL_API int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX*); 01442 WOLFSSL_API int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX*, 01443 const unsigned char*, unsigned int); 01444 WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl); 01445 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*); 01446 01447 WOLFSSL_API int wolfSSL_want_read(WOLFSSL*); 01448 WOLFSSL_API int wolfSSL_want_write(WOLFSSL*); 01449 01450 WOLFSSL_API int wolfSSL_BIO_printf(WOLFSSL_BIO*, const char*, ...); 01451 WOLFSSL_API int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO*, 01452 const WOLFSSL_ASN1_UTCTIME*); 01453 WOLFSSL_API int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO*, 01454 const WOLFSSL_ASN1_GENERALIZEDTIME*); 01455 WOLFSSL_API void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_GENERALIZEDTIME*); 01456 WOLFSSL_API int wolfSSL_sk_num(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)*); 01457 WOLFSSL_API void* wolfSSL_sk_value(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)*, int); 01458 01459 /* stunnel 4.28 needs */ 01460 WOLFSSL_API void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX*, int); 01461 WOLFSSL_API int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX*, int, void*); 01462 WOLFSSL_API void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX*, 01463 WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*)); 01464 WOLFSSL_API void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX*, 01465 int (*f)(WOLFSSL*, WOLFSSL_SESSION*)); 01466 WOLFSSL_API void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX*, 01467 void (*f)(WOLFSSL_CTX*, WOLFSSL_SESSION*)); 01468 01469 WOLFSSL_API int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION*,unsigned char**); 01470 WOLFSSL_API WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION**, 01471 const unsigned char**, long); 01472 01473 WOLFSSL_API long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION*); 01474 WOLFSSL_API long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION*); 01475 WOLFSSL_API int wolfSSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); 01476 01477 /* extra ends */ 01478 01479 01480 /* wolfSSL extensions */ 01481 01482 /* call before SSL_connect, if verifying will add name check to 01483 date check and signature check */ 01484 WOLFSSL_API int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn); 01485 01486 /* need to call once to load library (session cache) */ 01487 WOLFSSL_API int wolfSSL_Init(void); 01488 /* call when done to cleanup/free session cache mutex / resources */ 01489 WOLFSSL_API int wolfSSL_Cleanup(void); 01490 01491 /* which library version do we have */ 01492 WOLFSSL_API const char* wolfSSL_lib_version(void); 01493 /* which library version do we have in hex */ 01494 WOLFSSL_API unsigned int wolfSSL_lib_version_hex(void); 01495 01496 /* do accept or connect depedning on side */ 01497 WOLFSSL_API int wolfSSL_negotiate(WOLFSSL* ssl); 01498 /* turn on wolfSSL data compression */ 01499 WOLFSSL_API int wolfSSL_set_compression(WOLFSSL* ssl); 01500 01501 WOLFSSL_API int wolfSSL_set_timeout(WOLFSSL*, unsigned int); 01502 WOLFSSL_API int wolfSSL_CTX_set_timeout(WOLFSSL_CTX*, unsigned int); 01503 01504 /* get wolfSSL peer X509_CHAIN */ 01505 WOLFSSL_API WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl); 01506 #ifdef WOLFSSL_ALT_CERT_CHAINS 01507 WOLFSSL_API int wolfSSL_is_peer_alt_cert_chain(const WOLFSSL* ssl); 01508 /* get wolfSSL alternate peer X509_CHAIN */ 01509 WOLFSSL_API WOLFSSL_X509_CHAIN* wolfSSL_get_peer_alt_chain(WOLFSSL* ssl); 01510 #endif 01511 /* peer chain count */ 01512 WOLFSSL_API int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain); 01513 /* index cert length */ 01514 WOLFSSL_API int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN*, int idx); 01515 /* index cert */ 01516 WOLFSSL_API unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN*, int idx); 01517 /* index cert in X509 */ 01518 WOLFSSL_API WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN*, int idx); 01519 /* free X509 */ 01520 #define wolfSSL_FreeX509(x509) wolfSSL_X509_free((x509)) 01521 WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*); 01522 /* get index cert in PEM */ 01523 WOLFSSL_API int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN*, int idx, 01524 unsigned char* buf, int inLen, int* outLen); 01525 WOLFSSL_API const unsigned char* wolfSSL_get_sessionID(const WOLFSSL_SESSION* s); 01526 WOLFSSL_API int wolfSSL_X509_get_serial_number(WOLFSSL_X509*,unsigned char*,int*); 01527 WOLFSSL_API char* wolfSSL_X509_get_subjectCN(WOLFSSL_X509*); 01528 WOLFSSL_API const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509*, int*); 01529 WOLFSSL_API const unsigned char* wolfSSL_X509_notBefore(WOLFSSL_X509*); 01530 WOLFSSL_API const unsigned char* wolfSSL_X509_notAfter(WOLFSSL_X509*); 01531 WOLFSSL_API int wolfSSL_X509_version(WOLFSSL_X509*); 01532 01533 WOLFSSL_API int wolfSSL_cmp_peer_cert_to_file(WOLFSSL*, const char*); 01534 01535 WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*); 01536 01537 WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509, 01538 const unsigned char** in, int len); 01539 WOLFSSL_API WOLFSSL_X509* 01540 wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len); 01541 WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out); 01542 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl, 01543 const unsigned char *in, int len); 01544 #ifndef NO_FILESYSTEM 01545 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE file, WOLFSSL_X509_CRL **crl); 01546 #endif 01547 WOLFSSL_API void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl); 01548 01549 #ifndef NO_FILESYSTEM 01550 #ifndef NO_STDIO_FILESYSTEM 01551 WOLFSSL_API WOLFSSL_X509* 01552 wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file); 01553 #endif 01554 WOLFSSL_API WOLFSSL_X509* 01555 wolfSSL_X509_load_certificate_file(const char* fname, int format); 01556 #endif 01557 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_load_certificate_buffer( 01558 const unsigned char* buf, int sz, int format); 01559 01560 #ifdef WOLFSSL_SEP 01561 WOLFSSL_API unsigned char* 01562 wolfSSL_X509_get_device_type(WOLFSSL_X509*, unsigned char*, int*); 01563 WOLFSSL_API unsigned char* 01564 wolfSSL_X509_get_hw_type(WOLFSSL_X509*, unsigned char*, int*); 01565 WOLFSSL_API unsigned char* 01566 wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509*, unsigned char*, int*); 01567 #endif 01568 01569 /* connect enough to get peer cert */ 01570 WOLFSSL_API int wolfSSL_connect_cert(WOLFSSL* ssl); 01571 01572 01573 01574 /* PKCS12 compatibility */ 01575 typedef struct WC_PKCS12 WC_PKCS12; 01576 WOLFSSL_API WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, 01577 WC_PKCS12** pkcs12); 01578 #ifndef NO_FILESYSTEM 01579 WOLFSSL_API WOLFSSL_X509_PKCS12* wolfSSL_d2i_PKCS12_fp(XFILE fp, 01580 WOLFSSL_X509_PKCS12** pkcs12); 01581 #endif 01582 WOLFSSL_API int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, 01583 WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, 01584 WOLF_STACK_OF(WOLFSSL_X509)** ca); 01585 WOLFSSL_API WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name, 01586 WOLFSSL_EVP_PKEY* pkey, WOLFSSL_X509* cert, 01587 WOLF_STACK_OF(WOLFSSL_X509)* ca, 01588 int keyNID, int certNID, int itt, int macItt, int keytype); 01589 WOLFSSL_API void wolfSSL_PKCS12_PBE_add(void); 01590 01591 01592 01593 #ifndef NO_DH 01594 /* server Diffie-Hellman parameters */ 01595 WOLFSSL_API int wolfSSL_SetTmpDH(WOLFSSL*, const unsigned char* p, int pSz, 01596 const unsigned char* g, int gSz); 01597 WOLFSSL_API int wolfSSL_SetTmpDH_buffer(WOLFSSL*, const unsigned char* b, long sz, 01598 int format); 01599 #ifndef NO_FILESYSTEM 01600 WOLFSSL_API int wolfSSL_SetTmpDH_file(WOLFSSL*, const char* f, int format); 01601 #endif 01602 01603 /* server ctx Diffie-Hellman parameters */ 01604 WOLFSSL_API int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX*, const unsigned char* p, 01605 int pSz, const unsigned char* g, int gSz); 01606 WOLFSSL_API int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX*, const unsigned char* b, 01607 long sz, int format); 01608 01609 #ifndef NO_FILESYSTEM 01610 WOLFSSL_API int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX*, const char* f, 01611 int format); 01612 #endif 01613 01614 WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, unsigned short); 01615 WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, unsigned short); 01616 WOLFSSL_API int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX*, unsigned short); 01617 WOLFSSL_API int wolfSSL_SetMaxDhKey_Sz(WOLFSSL*, unsigned short); 01618 WOLFSSL_API int wolfSSL_GetDhKey_Sz(WOLFSSL*); 01619 #endif /* NO_DH */ 01620 01621 #ifndef NO_RSA 01622 WOLFSSL_API int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX*, short); 01623 WOLFSSL_API int wolfSSL_SetMinRsaKey_Sz(WOLFSSL*, short); 01624 #endif /* NO_RSA */ 01625 01626 #ifdef HAVE_ECC 01627 WOLFSSL_API int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX*, short); 01628 WOLFSSL_API int wolfSSL_SetMinEccKey_Sz(WOLFSSL*, short); 01629 #endif /* NO_RSA */ 01630 01631 WOLFSSL_API int wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL*, unsigned short); 01632 WOLFSSL_API int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX*, unsigned short); 01633 01634 /* keyblock size in bytes or -1 */ 01635 /* need to call wolfSSL_KeepArrays before handshake to save keys */ 01636 WOLFSSL_API int wolfSSL_get_keyblock_size(WOLFSSL*); 01637 WOLFSSL_API int wolfSSL_get_keys(WOLFSSL*,unsigned char** ms, unsigned int* msLen, 01638 unsigned char** sr, unsigned int* srLen, 01639 unsigned char** cr, unsigned int* crLen); 01640 01641 /* Computes EAP-TLS and EAP-TTLS keying material from the master_secret. */ 01642 WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, 01643 const char* label); 01644 01645 01646 #ifndef _WIN32 01647 #ifndef NO_WRITEV 01648 #ifdef __PPU 01649 #include <sys/types.h> 01650 #include <sys/socket.h> 01651 #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM) && \ 01652 !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_ROWLEY_ARM) && \ 01653 !defined(WOLFSSL_EMBOS) && !defined(WOLFSSL_FROSTED) && \ 01654 !defined(WOLFSSL_CHIBIOS) 01655 #include <sys/uio.h> 01656 #endif 01657 /* allow writev style writing */ 01658 WOLFSSL_API int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov, 01659 int iovcnt); 01660 #endif 01661 #endif 01662 01663 01664 #ifndef NO_CERTS 01665 /* SSL_CTX versions */ 01666 WOLFSSL_API int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*); 01667 #ifdef WOLFSSL_TRUST_PEER_CERT 01668 WOLFSSL_API int wolfSSL_CTX_Unload_trust_peers(WOLFSSL_CTX*); 01669 WOLFSSL_API int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX*, 01670 const unsigned char*, long, int); 01671 #endif 01672 WOLFSSL_API int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX*, 01673 const unsigned char*, long, int); 01674 WOLFSSL_API int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX*, 01675 const unsigned char*, long, int); 01676 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX*, 01677 const unsigned char*, long, int); 01678 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer_format(WOLFSSL_CTX*, 01679 const unsigned char*, long, int); 01680 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX*, 01681 const unsigned char*, long); 01682 01683 /* SSL versions */ 01684 WOLFSSL_API int wolfSSL_use_certificate_buffer(WOLFSSL*, const unsigned char*, 01685 long, int); 01686 WOLFSSL_API int wolfSSL_use_PrivateKey_buffer(WOLFSSL*, const unsigned char*, 01687 long, int); 01688 WOLFSSL_API int wolfSSL_use_certificate_chain_buffer_format(WOLFSSL*, 01689 const unsigned char*, long, int); 01690 WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL*, 01691 const unsigned char*, long); 01692 WOLFSSL_API int wolfSSL_UnloadCertsKeys(WOLFSSL*); 01693 01694 #if defined(OPENSSL_EXTRA) && defined(KEEP_OUR_CERT) 01695 WOLFSSL_API WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl); 01696 #endif 01697 #endif 01698 01699 WOLFSSL_API int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*); 01700 WOLFSSL_API int wolfSSL_set_group_messages(WOLFSSL*); 01701 01702 01703 #ifdef HAVE_FUZZER 01704 enum fuzzer_type { 01705 FUZZ_HMAC = 0, 01706 FUZZ_ENCRYPT = 1, 01707 FUZZ_SIGNATURE = 2, 01708 FUZZ_HASH = 3, 01709 FUZZ_HEAD = 4 01710 }; 01711 01712 typedef int (*CallbackFuzzer)(WOLFSSL* ssl, const unsigned char* buf, int sz, 01713 int type, void* fuzzCtx); 01714 01715 WOLFSSL_API void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx); 01716 #endif 01717 01718 01719 WOLFSSL_API int wolfSSL_DTLS_SetCookieSecret(WOLFSSL*, 01720 const unsigned char*, 01721 unsigned int); 01722 01723 01724 /* I/O Callback default errors */ 01725 enum IOerrors { 01726 WOLFSSL_CBIO_ERR_GENERAL = -1, /* general unexpected err */ 01727 WOLFSSL_CBIO_ERR_WANT_READ = -2, /* need to call read again */ 01728 WOLFSSL_CBIO_ERR_WANT_WRITE = -2, /* need to call write again */ 01729 WOLFSSL_CBIO_ERR_CONN_RST = -3, /* connection reset */ 01730 WOLFSSL_CBIO_ERR_ISR = -4, /* interrupt */ 01731 WOLFSSL_CBIO_ERR_CONN_CLOSE = -5, /* connection closed or epipe */ 01732 WOLFSSL_CBIO_ERR_TIMEOUT = -6 /* socket timeout */ 01733 }; 01734 01735 01736 /* CA cache callbacks */ 01737 enum { 01738 WOLFSSL_SSLV3 = 0, 01739 WOLFSSL_TLSV1 = 1, 01740 WOLFSSL_TLSV1_1 = 2, 01741 WOLFSSL_TLSV1_2 = 3, 01742 WOLFSSL_TLSV1_3 = 4, 01743 WOLFSSL_USER_CA = 1, /* user added as trusted */ 01744 WOLFSSL_CHAIN_CA = 2 /* added to cache from trusted chain */ 01745 }; 01746 01747 WOLFSSL_API WC_RNG* wolfSSL_GetRNG(WOLFSSL*); 01748 01749 WOLFSSL_API int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX* ctx, int version); 01750 WOLFSSL_API int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version); 01751 WOLFSSL_API int wolfSSL_GetObjectSize(void); /* object size based on build */ 01752 WOLFSSL_API int wolfSSL_CTX_GetObjectSize(void); 01753 WOLFSSL_API int wolfSSL_METHOD_GetObjectSize(void); 01754 WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int); 01755 WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*); 01756 WOLFSSL_API int wolfSSL_GetVersion(WOLFSSL* ssl); 01757 WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version); 01758 01759 /* moved to asn.c, old names kept for backwards compatability */ 01760 #define wolfSSL_KeyPemToDer wc_KeyPemToDer 01761 #define wolfSSL_CertPemToDer wc_CertPemToDer 01762 #define wolfSSL_PemPubKeyToDer wc_PemPubKeyToDer 01763 #define wolfSSL_PubKeyPemToDer wc_PubKeyPemToDer 01764 #define wolfSSL_PemCertToDer wc_PemCertToDer 01765 01766 01767 typedef void (*CallbackCACache)(unsigned char* der, int sz, int type); 01768 typedef void (*CbMissingCRL)(const char* url); 01769 typedef int (*CbOCSPIO)(void*, const char*, int, 01770 unsigned char*, int, unsigned char**); 01771 typedef void (*CbOCSPRespFree)(void*,unsigned char*); 01772 01773 #ifdef HAVE_CRL_IO 01774 typedef int (*CbCrlIO)(WOLFSSL_CRL* crl, const char* url, int urlSz); 01775 #endif 01776 01777 /* User Atomic Record Layer CallBacks */ 01778 typedef int (*CallbackMacEncrypt)(WOLFSSL* ssl, unsigned char* macOut, 01779 const unsigned char* macIn, unsigned int macInSz, int macContent, 01780 int macVerify, unsigned char* encOut, const unsigned char* encIn, 01781 unsigned int encSz, void* ctx); 01782 WOLFSSL_API void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX*, CallbackMacEncrypt); 01783 WOLFSSL_API void wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx); 01784 WOLFSSL_API void* wolfSSL_GetMacEncryptCtx(WOLFSSL* ssl); 01785 01786 typedef int (*CallbackDecryptVerify)(WOLFSSL* ssl, 01787 unsigned char* decOut, const unsigned char* decIn, 01788 unsigned int decSz, int content, int verify, unsigned int* padSz, 01789 void* ctx); 01790 WOLFSSL_API void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX*, 01791 CallbackDecryptVerify); 01792 WOLFSSL_API void wolfSSL_SetDecryptVerifyCtx(WOLFSSL* ssl, void *ctx); 01793 WOLFSSL_API void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl); 01794 01795 WOLFSSL_API const unsigned char* wolfSSL_GetMacSecret(WOLFSSL*, int); 01796 WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*); 01797 WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*); 01798 WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*); 01799 WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*); 01800 WOLFSSL_API int wolfSSL_GetKeySize(WOLFSSL*); 01801 WOLFSSL_API int wolfSSL_GetIVSize(WOLFSSL*); 01802 WOLFSSL_API int wolfSSL_GetSide(WOLFSSL*); 01803 WOLFSSL_API int wolfSSL_IsTLSv1_1(WOLFSSL*); 01804 WOLFSSL_API int wolfSSL_GetBulkCipher(WOLFSSL*); 01805 WOLFSSL_API int wolfSSL_GetCipherBlockSize(WOLFSSL*); 01806 WOLFSSL_API int wolfSSL_GetAeadMacSize(WOLFSSL*); 01807 WOLFSSL_API int wolfSSL_GetHmacSize(WOLFSSL*); 01808 WOLFSSL_API int wolfSSL_GetHmacType(WOLFSSL*); 01809 WOLFSSL_API int wolfSSL_GetCipherType(WOLFSSL*); 01810 WOLFSSL_API int wolfSSL_SetTlsHmacInner(WOLFSSL*, unsigned char*, 01811 unsigned int, int, int); 01812 01813 /* Atomic User Needs */ 01814 enum { 01815 WOLFSSL_SERVER_END = 0, 01816 WOLFSSL_CLIENT_END = 1, 01817 WOLFSSL_NEITHER_END = 3, 01818 WOLFSSL_BLOCK_TYPE = 2, 01819 WOLFSSL_STREAM_TYPE = 3, 01820 WOLFSSL_AEAD_TYPE = 4, 01821 WOLFSSL_TLS_HMAC_INNER_SZ = 13 /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */ 01822 }; 01823 01824 /* for GetBulkCipher and internal use */ 01825 enum BulkCipherAlgorithm { 01826 wolfssl_cipher_null, 01827 wolfssl_rc4, 01828 wolfssl_rc2, 01829 wolfssl_des, 01830 wolfssl_triple_des, /* leading 3 (3des) not valid identifier */ 01831 wolfssl_des40, 01832 #ifdef HAVE_IDEA 01833 wolfssl_idea, 01834 #endif 01835 wolfssl_aes, 01836 wolfssl_aes_gcm, 01837 wolfssl_aes_ccm, 01838 wolfssl_chacha, 01839 wolfssl_camellia, 01840 wolfssl_hc128, /* wolfSSL extensions */ 01841 wolfssl_rabbit 01842 }; 01843 01844 01845 /* for KDF TLS 1.2 mac types */ 01846 enum KDF_MacAlgorithm { 01847 wolfssl_sha256 = 4, /* needs to match internal MACAlgorithm */ 01848 wolfssl_sha384, 01849 wolfssl_sha512 01850 }; 01851 01852 01853 /* Public Key Callback support */ 01854 #ifdef HAVE_PK_CALLBACKS 01855 #ifdef HAVE_ECC 01856 01857 struct ecc_key; 01858 01859 typedef int (*CallbackEccKeyGen)(WOLFSSL* ssl, struct ecc_key* key, 01860 unsigned int keySz, int ecc_curve, void* ctx); 01861 WOLFSSL_API void wolfSSL_CTX_SetEccKeyGenCb(WOLFSSL_CTX*, CallbackEccKeyGen); 01862 WOLFSSL_API void wolfSSL_SetEccKeyGenCtx(WOLFSSL* ssl, void *ctx); 01863 WOLFSSL_API void* wolfSSL_GetEccKeyGenCtx(WOLFSSL* ssl); 01864 01865 typedef int (*CallbackEccSign)(WOLFSSL* ssl, 01866 const unsigned char* in, unsigned int inSz, 01867 unsigned char* out, unsigned int* outSz, 01868 const unsigned char* keyDer, unsigned int keySz, 01869 void* ctx); 01870 WOLFSSL_API void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX*, CallbackEccSign); 01871 WOLFSSL_API void wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx); 01872 WOLFSSL_API void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl); 01873 01874 typedef int (*CallbackEccVerify)(WOLFSSL* ssl, 01875 const unsigned char* sig, unsigned int sigSz, 01876 const unsigned char* hash, unsigned int hashSz, 01877 const unsigned char* keyDer, unsigned int keySz, 01878 int* result, void* ctx); 01879 WOLFSSL_API void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX*, CallbackEccVerify); 01880 WOLFSSL_API void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx); 01881 WOLFSSL_API void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl); 01882 01883 typedef int (*CallbackEccSharedSecret)(WOLFSSL* ssl, struct ecc_key* otherKey, 01884 unsigned char* pubKeyDer, unsigned int* pubKeySz, 01885 unsigned char* out, unsigned int* outlen, 01886 int side, void* ctx); /* side is WOLFSSL_CLIENT_END or WOLFSSL_SERVER_END */ 01887 WOLFSSL_API void wolfSSL_CTX_SetEccSharedSecretCb(WOLFSSL_CTX*, CallbackEccSharedSecret); 01888 WOLFSSL_API void wolfSSL_SetEccSharedSecretCtx(WOLFSSL* ssl, void *ctx); 01889 WOLFSSL_API void* wolfSSL_GetEccSharedSecretCtx(WOLFSSL* ssl); 01890 #endif 01891 01892 #ifndef NO_DH 01893 /* Public DH Key Callback support */ 01894 struct DhKey; 01895 typedef int (*CallbackDhAgree)(WOLFSSL* ssl, struct DhKey* key, 01896 const unsigned char* priv, unsigned int privSz, 01897 const unsigned char* otherPubKeyDer, unsigned int otherPubKeySz, 01898 unsigned char* out, unsigned int* outlen, 01899 void* ctx); 01900 WOLFSSL_API void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX*, CallbackDhAgree); 01901 WOLFSSL_API void wolfSSL_SetDhAgreeCtx(WOLFSSL* ssl, void *ctx); 01902 WOLFSSL_API void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl); 01903 #endif /* !NO_DH */ 01904 01905 #ifdef HAVE_ED25519 01906 struct ed25519_key; 01907 typedef int (*CallbackEd25519Sign)(WOLFSSL* ssl, 01908 const unsigned char* in, unsigned int inSz, 01909 unsigned char* out, unsigned int* outSz, 01910 const unsigned char* keyDer, unsigned int keySz, 01911 void* ctx); 01912 WOLFSSL_API void wolfSSL_CTX_SetEd25519SignCb(WOLFSSL_CTX*, 01913 CallbackEd25519Sign); 01914 WOLFSSL_API void wolfSSL_SetEd25519SignCtx(WOLFSSL* ssl, void *ctx); 01915 WOLFSSL_API void* wolfSSL_GetEd25519SignCtx(WOLFSSL* ssl); 01916 01917 typedef int (*CallbackEd25519Verify)(WOLFSSL* ssl, 01918 const unsigned char* sig, unsigned int sigSz, 01919 const unsigned char* msg, unsigned int msgSz, 01920 const unsigned char* keyDer, unsigned int keySz, 01921 int* result, void* ctx); 01922 WOLFSSL_API void wolfSSL_CTX_SetEd25519VerifyCb(WOLFSSL_CTX*, 01923 CallbackEd25519Verify); 01924 WOLFSSL_API void wolfSSL_SetEd25519VerifyCtx(WOLFSSL* ssl, void *ctx); 01925 WOLFSSL_API void* wolfSSL_GetEd25519VerifyCtx(WOLFSSL* ssl); 01926 #endif 01927 01928 #ifdef HAVE_CURVE25519 01929 struct curve25519_key; 01930 01931 typedef int (*CallbackX25519KeyGen)(WOLFSSL* ssl, struct curve25519_key* key, 01932 unsigned int keySz, void* ctx); 01933 WOLFSSL_API void wolfSSL_CTX_SetX25519KeyGenCb(WOLFSSL_CTX*, CallbackX25519KeyGen); 01934 WOLFSSL_API void wolfSSL_SetX25519KeyGenCtx(WOLFSSL* ssl, void *ctx); 01935 WOLFSSL_API void* wolfSSL_GetX25519KeyGenCtx(WOLFSSL* ssl); 01936 01937 typedef int (*CallbackX25519SharedSecret)(WOLFSSL* ssl, 01938 struct curve25519_key* otherKey, 01939 unsigned char* pubKeyDer, unsigned int* pubKeySz, 01940 unsigned char* out, unsigned int* outlen, 01941 int side, void* ctx); 01942 /* side is WOLFSSL_CLIENT_END or WOLFSSL_SERVER_END */ 01943 WOLFSSL_API void wolfSSL_CTX_SetX25519SharedSecretCb(WOLFSSL_CTX*, 01944 CallbackX25519SharedSecret); 01945 WOLFSSL_API void wolfSSL_SetX25519SharedSecretCtx(WOLFSSL* ssl, void *ctx); 01946 WOLFSSL_API void* wolfSSL_GetX25519SharedSecretCtx(WOLFSSL* ssl); 01947 #endif 01948 01949 #ifndef NO_RSA 01950 typedef int (*CallbackRsaSign)(WOLFSSL* ssl, 01951 const unsigned char* in, unsigned int inSz, 01952 unsigned char* out, unsigned int* outSz, 01953 const unsigned char* keyDer, unsigned int keySz, 01954 void* ctx); 01955 WOLFSSL_API void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX*, CallbackRsaSign); 01956 WOLFSSL_API void wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx); 01957 WOLFSSL_API void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl); 01958 01959 typedef int (*CallbackRsaVerify)(WOLFSSL* ssl, 01960 unsigned char* sig, unsigned int sigSz, 01961 unsigned char** out, 01962 const unsigned char* keyDer, unsigned int keySz, 01963 void* ctx); 01964 WOLFSSL_API void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX*, CallbackRsaVerify); 01965 WOLFSSL_API void wolfSSL_CTX_SetRsaSignCheckCb(WOLFSSL_CTX*, CallbackRsaVerify); 01966 WOLFSSL_API void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx); 01967 WOLFSSL_API void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl); 01968 01969 #ifdef WC_RSA_PSS 01970 typedef int (*CallbackRsaPssSign)(WOLFSSL* ssl, 01971 const unsigned char* in, unsigned int inSz, 01972 unsigned char* out, unsigned int* outSz, 01973 int hash, int mgf, 01974 const unsigned char* keyDer, unsigned int keySz, 01975 void* ctx); 01976 WOLFSSL_API void wolfSSL_CTX_SetRsaPssSignCb(WOLFSSL_CTX*, CallbackRsaPssSign); 01977 WOLFSSL_API void wolfSSL_SetRsaPssSignCtx(WOLFSSL* ssl, void *ctx); 01978 WOLFSSL_API void* wolfSSL_GetRsaPssSignCtx(WOLFSSL* ssl); 01979 01980 typedef int (*CallbackRsaPssVerify)(WOLFSSL* ssl, 01981 unsigned char* sig, unsigned int sigSz, 01982 unsigned char** out, 01983 int hash, int mgf, 01984 const unsigned char* keyDer, unsigned int keySz, 01985 void* ctx); 01986 WOLFSSL_API void wolfSSL_CTX_SetRsaPssVerifyCb(WOLFSSL_CTX*, 01987 CallbackRsaPssVerify); 01988 WOLFSSL_API void wolfSSL_CTX_SetRsaPssSignCheckCb(WOLFSSL_CTX*, 01989 CallbackRsaPssVerify); 01990 WOLFSSL_API void wolfSSL_SetRsaPssVerifyCtx(WOLFSSL* ssl, void *ctx); 01991 WOLFSSL_API void* wolfSSL_GetRsaPssVerifyCtx(WOLFSSL* ssl); 01992 #endif 01993 01994 /* RSA Public Encrypt cb */ 01995 typedef int (*CallbackRsaEnc)(WOLFSSL* ssl, 01996 const unsigned char* in, unsigned int inSz, 01997 unsigned char* out, unsigned int* outSz, 01998 const unsigned char* keyDer, unsigned int keySz, 01999 void* ctx); 02000 WOLFSSL_API void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX*, CallbackRsaEnc); 02001 WOLFSSL_API void wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx); 02002 WOLFSSL_API void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl); 02003 02004 /* RSA Private Decrypt cb */ 02005 typedef int (*CallbackRsaDec)(WOLFSSL* ssl, 02006 unsigned char* in, unsigned int inSz, 02007 unsigned char** out, 02008 const unsigned char* keyDer, unsigned int keySz, 02009 void* ctx); 02010 WOLFSSL_API void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX*, CallbackRsaDec); 02011 WOLFSSL_API void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx); 02012 WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl); 02013 #endif 02014 #endif /* HAVE_PK_CALLBACKS */ 02015 02016 #ifndef NO_CERTS 02017 WOLFSSL_API void wolfSSL_CTX_SetCACb(WOLFSSL_CTX*, CallbackCACache); 02018 02019 WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CTX_GetCertManager(WOLFSSL_CTX*); 02020 02021 WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap); 02022 WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void); 02023 WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*); 02024 02025 WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER*, const char* f, 02026 const char* d); 02027 WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER*, 02028 const unsigned char* in, long sz, int format); 02029 WOLFSSL_API int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm); 02030 #ifdef WOLFSSL_TRUST_PEER_CERT 02031 WOLFSSL_API int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm); 02032 #endif 02033 WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER*, const char* f, 02034 int format); 02035 WOLFSSL_API int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, 02036 const unsigned char* buff, long sz, int format); 02037 WOLFSSL_API int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER*, 02038 unsigned char*, int sz); 02039 WOLFSSL_API int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER*, 02040 int options); 02041 WOLFSSL_API int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER*); 02042 WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER*, 02043 const char*, int, int); 02044 WOLFSSL_API int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER*, 02045 const unsigned char*, long sz, int); 02046 WOLFSSL_API int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER*, 02047 CbMissingCRL); 02048 #ifdef HAVE_CRL_IO 02049 WOLFSSL_API int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER*, 02050 CbCrlIO); 02051 #endif 02052 WOLFSSL_API int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER*, 02053 unsigned char*, int sz); 02054 WOLFSSL_API int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER*, 02055 int options); 02056 WOLFSSL_API int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER*); 02057 WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER*, 02058 const char*); 02059 WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER*, 02060 CbOCSPIO, CbOCSPRespFree, void*); 02061 02062 WOLFSSL_API int wolfSSL_CertManagerEnableOCSPStapling( 02063 WOLFSSL_CERT_MANAGER* cm); 02064 WOLFSSL_API int wolfSSL_CertManagerDisableOCSPStapling( 02065 WOLFSSL_CERT_MANAGER* cm); 02066 02067 WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options); 02068 WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl); 02069 WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int); 02070 WOLFSSL_API int wolfSSL_LoadCRLBuffer(WOLFSSL*, 02071 const unsigned char*, long sz, int); 02072 WOLFSSL_API int wolfSSL_SetCRL_Cb(WOLFSSL*, CbMissingCRL); 02073 #ifdef HAVE_CRL_IO 02074 WOLFSSL_API int wolfSSL_SetCRL_IOCb(WOLFSSL* ssl, CbCrlIO cb); 02075 #endif 02076 WOLFSSL_API int wolfSSL_EnableOCSP(WOLFSSL*, int options); 02077 WOLFSSL_API int wolfSSL_DisableOCSP(WOLFSSL*); 02078 WOLFSSL_API int wolfSSL_SetOCSP_OverrideURL(WOLFSSL*, const char*); 02079 WOLFSSL_API int wolfSSL_SetOCSP_Cb(WOLFSSL*, CbOCSPIO, CbOCSPRespFree, void*); 02080 WOLFSSL_API int wolfSSL_EnableOCSPStapling(WOLFSSL*); 02081 WOLFSSL_API int wolfSSL_DisableOCSPStapling(WOLFSSL*); 02082 02083 WOLFSSL_API int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options); 02084 WOLFSSL_API int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx); 02085 WOLFSSL_API int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX*, const char*, int, int); 02086 WOLFSSL_API int wolfSSL_CTX_LoadCRLBuffer(WOLFSSL_CTX*, 02087 const unsigned char*, long sz, int); 02088 WOLFSSL_API int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX*, CbMissingCRL); 02089 #ifdef HAVE_CRL_IO 02090 WOLFSSL_API int wolfSSL_CTX_SetCRL_IOCb(WOLFSSL_CTX*, CbCrlIO); 02091 #endif 02092 02093 WOLFSSL_API int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX*, int options); 02094 WOLFSSL_API int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*); 02095 WOLFSSL_API int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX*, const char*); 02096 WOLFSSL_API int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX*, 02097 CbOCSPIO, CbOCSPRespFree, void*); 02098 WOLFSSL_API int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*); 02099 WOLFSSL_API int wolfSSL_CTX_DisableOCSPStapling(WOLFSSL_CTX*); 02100 #endif /* !NO_CERTS */ 02101 02102 02103 #ifdef SINGLE_THREADED 02104 WOLFSSL_API int wolfSSL_CTX_new_rng(WOLFSSL_CTX*); 02105 #endif 02106 02107 /* end of handshake frees temporary arrays, if user needs for get_keys or 02108 psk hints, call KeepArrays before handshake and then FreeArrays when done 02109 if don't want to wait for object free */ 02110 WOLFSSL_API void wolfSSL_KeepArrays(WOLFSSL*); 02111 WOLFSSL_API void wolfSSL_FreeArrays(WOLFSSL*); 02112 02113 WOLFSSL_API int wolfSSL_KeepHandshakeResources(WOLFSSL* ssl); 02114 WOLFSSL_API int wolfSSL_FreeHandshakeResources(WOLFSSL* ssl); 02115 02116 WOLFSSL_API int wolfSSL_CTX_UseClientSuites(WOLFSSL_CTX* ctx); 02117 WOLFSSL_API int wolfSSL_UseClientSuites(WOLFSSL* ssl); 02118 02119 /* async additions */ 02120 #define wolfSSL_UseAsync wolfSSL_SetDevId 02121 #define wolfSSL_CTX_UseAsync wolfSSL_CTX_SetDevId 02122 WOLFSSL_API int wolfSSL_SetDevId(WOLFSSL*, int devId); 02123 WOLFSSL_API int wolfSSL_CTX_SetDevId(WOLFSSL_CTX*, int devId); 02124 02125 /* helpers to get device id and heap */ 02126 WOLFSSL_API int wolfSSL_CTX_GetDevId(WOLFSSL_CTX* ctx, WOLFSSL* ssl); 02127 WOLFSSL_API void* wolfSSL_CTX_GetHeap(WOLFSSL_CTX* ctx, WOLFSSL* ssl); 02128 02129 /* TLS Extensions */ 02130 02131 /* Server Name Indication */ 02132 #ifdef HAVE_SNI 02133 02134 /* SNI types */ 02135 enum { 02136 WOLFSSL_SNI_HOST_NAME = 0 02137 }; 02138 02139 WOLFSSL_API int wolfSSL_UseSNI(WOLFSSL* ssl, unsigned char type, 02140 const void* data, unsigned short size); 02141 WOLFSSL_API int wolfSSL_CTX_UseSNI(WOLFSSL_CTX* ctx, unsigned char type, 02142 const void* data, unsigned short size); 02143 02144 #ifndef NO_WOLFSSL_SERVER 02145 02146 /* SNI options */ 02147 enum { 02148 /* Do not abort the handshake if the requested SNI didn't match. */ 02149 WOLFSSL_SNI_CONTINUE_ON_MISMATCH = 0x01, 02150 02151 /* Behave as if the requested SNI matched in a case of mismatch. */ 02152 /* In this case, the status will be set to WOLFSSL_SNI_FAKE_MATCH. */ 02153 WOLFSSL_SNI_ANSWER_ON_MISMATCH = 0x02, 02154 02155 /* Abort the handshake if the client didn't send a SNI request. */ 02156 WOLFSSL_SNI_ABORT_ON_ABSENCE = 0x04, 02157 }; 02158 02159 WOLFSSL_API void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, unsigned char type, 02160 unsigned char options); 02161 WOLFSSL_API void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx, 02162 unsigned char type, unsigned char options); 02163 WOLFSSL_API int wolfSSL_SNI_GetFromBuffer( 02164 const unsigned char* clientHello, unsigned int helloSz, 02165 unsigned char type, unsigned char* sni, unsigned int* inOutSz); 02166 02167 #endif /* NO_WOLFSSL_SERVER */ 02168 02169 /* SNI status */ 02170 enum { 02171 WOLFSSL_SNI_NO_MATCH = 0, 02172 WOLFSSL_SNI_FAKE_MATCH = 1, /**< @see WOLFSSL_SNI_ANSWER_ON_MISMATCH */ 02173 WOLFSSL_SNI_REAL_MATCH = 2, 02174 WOLFSSL_SNI_FORCE_KEEP = 3 /** Used with -DWOLFSSL_ALWAYS_KEEP_SNI */ 02175 }; 02176 02177 WOLFSSL_API unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type); 02178 02179 WOLFSSL_API unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl, 02180 unsigned char type, void** data); 02181 02182 #endif /* HAVE_SNI */ 02183 02184 /* Application-Layer Protocol Negotiation */ 02185 #ifdef HAVE_ALPN 02186 02187 /* ALPN status code */ 02188 enum { 02189 WOLFSSL_ALPN_NO_MATCH = 0, 02190 WOLFSSL_ALPN_MATCH = 1, 02191 WOLFSSL_ALPN_CONTINUE_ON_MISMATCH = 2, 02192 WOLFSSL_ALPN_FAILED_ON_MISMATCH = 4, 02193 }; 02194 02195 enum { 02196 WOLFSSL_MAX_ALPN_PROTO_NAME_LEN = 255, 02197 WOLFSSL_MAX_ALPN_NUMBER = 257 02198 }; 02199 02200 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 02201 typedef int (*CallbackALPNSelect)(WOLFSSL* ssl, const unsigned char** out, 02202 unsigned char* outLen, const unsigned char* in, unsigned int inLen, 02203 void *arg); 02204 #endif 02205 02206 WOLFSSL_API int wolfSSL_UseALPN(WOLFSSL* ssl, char *protocol_name_list, 02207 unsigned int protocol_name_listSz, 02208 unsigned char options); 02209 02210 WOLFSSL_API int wolfSSL_ALPN_GetProtocol(WOLFSSL* ssl, char **protocol_name, 02211 unsigned short *size); 02212 02213 WOLFSSL_API int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL* ssl, char **list, 02214 unsigned short *listSz); 02215 WOLFSSL_API int wolfSSL_ALPN_FreePeerProtocol(WOLFSSL* ssl, char **list); 02216 #endif /* HAVE_ALPN */ 02217 02218 /* Maximum Fragment Length */ 02219 #ifdef HAVE_MAX_FRAGMENT 02220 02221 /* Fragment lengths */ 02222 enum { 02223 WOLFSSL_MFL_2_9 = 1, /* 512 bytes */ 02224 WOLFSSL_MFL_2_10 = 2, /* 1024 bytes */ 02225 WOLFSSL_MFL_2_11 = 3, /* 2048 bytes */ 02226 WOLFSSL_MFL_2_12 = 4, /* 4096 bytes */ 02227 WOLFSSL_MFL_2_13 = 5 /* 8192 bytes *//* wolfSSL ONLY!!! */ 02228 }; 02229 02230 #ifndef NO_WOLFSSL_CLIENT 02231 02232 WOLFSSL_API int wolfSSL_UseMaxFragment(WOLFSSL* ssl, unsigned char mfl); 02233 WOLFSSL_API int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX* ctx, unsigned char mfl); 02234 02235 #endif 02236 #endif 02237 02238 /* Truncated HMAC */ 02239 #ifdef HAVE_TRUNCATED_HMAC 02240 #ifndef NO_WOLFSSL_CLIENT 02241 02242 WOLFSSL_API int wolfSSL_UseTruncatedHMAC(WOLFSSL* ssl); 02243 WOLFSSL_API int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx); 02244 02245 #endif 02246 #endif 02247 02248 /* Certificate Status Request */ 02249 /* Certificate Status Type */ 02250 enum { 02251 WOLFSSL_CSR_OCSP = 1 02252 }; 02253 02254 /* Certificate Status Options (flags) */ 02255 enum { 02256 WOLFSSL_CSR_OCSP_USE_NONCE = 0x01 02257 }; 02258 02259 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST 02260 #ifndef NO_WOLFSSL_CLIENT 02261 02262 WOLFSSL_API int wolfSSL_UseOCSPStapling(WOLFSSL* ssl, 02263 unsigned char status_type, unsigned char options); 02264 02265 WOLFSSL_API int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx, 02266 unsigned char status_type, unsigned char options); 02267 02268 #endif 02269 #endif 02270 02271 /* Certificate Status Request v2 */ 02272 /* Certificate Status Type */ 02273 enum { 02274 WOLFSSL_CSR2_OCSP = 1, 02275 WOLFSSL_CSR2_OCSP_MULTI = 2 02276 }; 02277 02278 /* Certificate Status v2 Options (flags) */ 02279 enum { 02280 WOLFSSL_CSR2_OCSP_USE_NONCE = 0x01 02281 }; 02282 02283 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 02284 #ifndef NO_WOLFSSL_CLIENT 02285 02286 WOLFSSL_API int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl, 02287 unsigned char status_type, unsigned char options); 02288 02289 WOLFSSL_API int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx, 02290 unsigned char status_type, unsigned char options); 02291 02292 #endif 02293 #endif 02294 02295 /* Named Groups */ 02296 enum { 02297 #if 0 /* Not Supported */ 02298 WOLFSSL_ECC_SECT163K1 = 1, 02299 WOLFSSL_ECC_SECT163R1 = 2, 02300 WOLFSSL_ECC_SECT163R2 = 3, 02301 WOLFSSL_ECC_SECT193R1 = 4, 02302 WOLFSSL_ECC_SECT193R2 = 5, 02303 WOLFSSL_ECC_SECT233K1 = 6, 02304 WOLFSSL_ECC_SECT233R1 = 7, 02305 WOLFSSL_ECC_SECT239K1 = 8, 02306 WOLFSSL_ECC_SECT283K1 = 9, 02307 WOLFSSL_ECC_SECT283R1 = 10, 02308 WOLFSSL_ECC_SECT409K1 = 11, 02309 WOLFSSL_ECC_SECT409R1 = 12, 02310 WOLFSSL_ECC_SECT571K1 = 13, 02311 WOLFSSL_ECC_SECT571R1 = 14, 02312 #endif 02313 WOLFSSL_ECC_SECP160K1 = 15, 02314 WOLFSSL_ECC_SECP160R1 = 16, 02315 WOLFSSL_ECC_SECP160R2 = 17, 02316 WOLFSSL_ECC_SECP192K1 = 18, 02317 WOLFSSL_ECC_SECP192R1 = 19, 02318 WOLFSSL_ECC_SECP224K1 = 20, 02319 WOLFSSL_ECC_SECP224R1 = 21, 02320 WOLFSSL_ECC_SECP256K1 = 22, 02321 WOLFSSL_ECC_SECP256R1 = 23, 02322 WOLFSSL_ECC_SECP384R1 = 24, 02323 WOLFSSL_ECC_SECP521R1 = 25, 02324 WOLFSSL_ECC_BRAINPOOLP256R1 = 26, 02325 WOLFSSL_ECC_BRAINPOOLP384R1 = 27, 02326 WOLFSSL_ECC_BRAINPOOLP512R1 = 28, 02327 WOLFSSL_ECC_X25519 = 29, 02328 #ifdef WOLFSSL_TLS13 02329 /* Not implemented. */ 02330 WOLFSSL_ECC_X448 = 30, 02331 02332 WOLFSSL_FFDHE_2048 = 256, 02333 WOLFSSL_FFDHE_3072 = 257, 02334 WOLFSSL_FFDHE_4096 = 258, 02335 WOLFSSL_FFDHE_6144 = 259, 02336 WOLFSSL_FFDHE_8192 = 260, 02337 #endif 02338 }; 02339 02340 enum { 02341 WOLFSSL_EC_PF_UNCOMPRESSED = 0, 02342 #if 0 /* Not Supported */ 02343 WOLFSSL_EC_PF_X962_COMP_PRIME = 1, 02344 WOLFSSL_EC_PF_X962_COMP_CHAR2 = 2, 02345 #endif 02346 }; 02347 02348 #ifdef HAVE_SUPPORTED_CURVES 02349 #ifndef NO_WOLFSSL_CLIENT 02350 02351 WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, unsigned short name); 02352 WOLFSSL_API int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, 02353 unsigned short name); 02354 02355 #endif 02356 #endif 02357 02358 #ifdef WOLFSSL_TLS13 02359 WOLFSSL_API int wolfSSL_UseKeyShare(WOLFSSL* ssl, unsigned short group); 02360 WOLFSSL_API int wolfSSL_NoKeyShares(WOLFSSL* ssl); 02361 #endif 02362 02363 02364 /* Secure Renegotiation */ 02365 #ifdef HAVE_SECURE_RENEGOTIATION 02366 02367 WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl); 02368 WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL* ssl); 02369 02370 #endif 02371 02372 /* Session Ticket */ 02373 #ifdef HAVE_SESSION_TICKET 02374 02375 #ifndef NO_WOLFSSL_CLIENT 02376 WOLFSSL_API int wolfSSL_UseSessionTicket(WOLFSSL* ssl); 02377 WOLFSSL_API int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx); 02378 WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL*, unsigned char*, unsigned int*); 02379 WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL*, const unsigned char*, unsigned int); 02380 typedef int (*CallbackSessionTicket)(WOLFSSL*, const unsigned char*, int, void*); 02381 WOLFSSL_API int wolfSSL_set_SessionTicket_cb(WOLFSSL*, 02382 CallbackSessionTicket, void*); 02383 #endif /* NO_WOLFSSL_CLIENT */ 02384 02385 02386 #define WOLFSSL_TICKET_NAME_SZ 16 02387 #define WOLFSSL_TICKET_IV_SZ 16 02388 #define WOLFSSL_TICKET_MAC_SZ 32 02389 02390 enum TicketEncRet { 02391 WOLFSSL_TICKET_RET_FATAL = -1, /* fatal error, don't use ticket */ 02392 WOLFSSL_TICKET_RET_OK = 0, /* ok, use ticket */ 02393 WOLFSSL_TICKET_RET_REJECT, /* don't use ticket, but not fatal */ 02394 WOLFSSL_TICKET_RET_CREATE /* existing ticket ok and create new one */ 02395 }; 02396 02397 #ifndef NO_WOLFSSL_SERVER 02398 02399 typedef int (*SessionTicketEncCb)(WOLFSSL*, 02400 unsigned char key_name[WOLFSSL_TICKET_NAME_SZ], 02401 unsigned char iv[WOLFSSL_TICKET_IV_SZ], 02402 unsigned char mac[WOLFSSL_TICKET_MAC_SZ], 02403 int enc, unsigned char*, int, int*, void*); 02404 WOLFSSL_API int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx, 02405 SessionTicketEncCb); 02406 WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int); 02407 WOLFSSL_API int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*); 02408 02409 #endif /* NO_WOLFSSL_SERVER */ 02410 02411 #endif /* HAVE_SESSION_TICKET */ 02412 02413 #ifdef HAVE_QSH 02414 /* Quantum-safe Crypto Schemes */ 02415 enum { 02416 WOLFSSL_NTRU_EESS439 = 0x0101, /* max plaintext length of 65 */ 02417 WOLFSSL_NTRU_EESS593 = 0x0102, /* max plaintext length of 86 */ 02418 WOLFSSL_NTRU_EESS743 = 0x0103, /* max plaintext length of 106 */ 02419 WOLFSSL_LWE_XXX = 0x0201, /* Learning With Error encryption scheme */ 02420 WOLFSSL_HFE_XXX = 0x0301, /* Hidden Field Equation scheme */ 02421 WOLFSSL_NULL_QSH = 0xFFFF /* QSHScheme is not used */ 02422 }; 02423 02424 02425 /* test if the connection is using a QSH secure connection return 1 if so */ 02426 WOLFSSL_API int wolfSSL_isQSH(WOLFSSL* ssl); 02427 WOLFSSL_API int wolfSSL_UseSupportedQSH(WOLFSSL* ssl, unsigned short name); 02428 #ifndef NO_WOLFSSL_CLIENT 02429 /* user control over sending client public key in hello 02430 when flag = 1 will send keys if flag is 0 or function is not called 02431 then will not send keys in the hello extension */ 02432 WOLFSSL_API int wolfSSL_UseClientQSHKeys(WOLFSSL* ssl, unsigned char flag); 02433 #endif 02434 02435 #endif /* QSH */ 02436 02437 /* TLS Extended Master Secret Extension */ 02438 WOLFSSL_API int wolfSSL_DisableExtendedMasterSecret(WOLFSSL* ssl); 02439 WOLFSSL_API int wolfSSL_CTX_DisableExtendedMasterSecret(WOLFSSL_CTX* ctx); 02440 02441 02442 #define WOLFSSL_CRL_MONITOR 0x01 /* monitor this dir flag */ 02443 #define WOLFSSL_CRL_START_MON 0x02 /* start monitoring flag */ 02444 02445 02446 /* notify user the handshake is done */ 02447 typedef int (*HandShakeDoneCb)(WOLFSSL*, void*); 02448 WOLFSSL_API int wolfSSL_SetHsDoneCb(WOLFSSL*, HandShakeDoneCb, void*); 02449 02450 02451 WOLFSSL_API int wolfSSL_PrintSessionStats(void); 02452 WOLFSSL_API int wolfSSL_get_session_stats(unsigned int* active, 02453 unsigned int* total, 02454 unsigned int* peak, 02455 unsigned int* maxSessions); 02456 /* External facing KDF */ 02457 WOLFSSL_API 02458 int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, unsigned int msLen, 02459 const unsigned char* pms, unsigned int pmsLen, 02460 const unsigned char* cr, const unsigned char* sr, 02461 int tls1_2, int hash_type); 02462 02463 WOLFSSL_API 02464 int wolfSSL_MakeTlsExtendedMasterSecret(unsigned char* ms, unsigned int msLen, 02465 const unsigned char* pms, unsigned int pmsLen, 02466 const unsigned char* sHash, unsigned int sHashLen, 02467 int tls1_2, int hash_type); 02468 02469 WOLFSSL_API 02470 int wolfSSL_DeriveTlsKeys(unsigned char* key_data, unsigned int keyLen, 02471 const unsigned char* ms, unsigned int msLen, 02472 const unsigned char* sr, const unsigned char* cr, 02473 int tls1_2, int hash_type); 02474 02475 #ifdef WOLFSSL_CALLBACKS 02476 02477 /* used internally by wolfSSL while OpenSSL types aren't */ 02478 #include <wolfssl/callbacks.h> 02479 02480 typedef int (*HandShakeCallBack)(HandShakeInfo*); 02481 typedef int (*TimeoutCallBack)(TimeoutInfo*); 02482 02483 /* wolfSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack 02484 for diagnostics */ 02485 WOLFSSL_API int wolfSSL_connect_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, 02486 Timeval); 02487 WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, 02488 Timeval); 02489 02490 #endif /* WOLFSSL_CALLBACKS */ 02491 02492 02493 #ifdef WOLFSSL_HAVE_WOLFSCEP 02494 WOLFSSL_API void wolfSSL_wolfSCEP(void); 02495 #endif /* WOLFSSL_HAVE_WOLFSCEP */ 02496 02497 #ifdef WOLFSSL_HAVE_CERT_SERVICE 02498 WOLFSSL_API void wolfSSL_cert_service(void); 02499 #endif 02500 02501 #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 02502 /* Smaller subset of X509 compatibility functions. Avoid increasing the size of 02503 * this subset and its memory usage */ 02504 02505 #include <wolfssl/openssl/asn1.h> 02506 struct WOLFSSL_X509_NAME_ENTRY { 02507 WOLFSSL_ASN1_OBJECT* object; /* not defined yet */ 02508 WOLFSSL_ASN1_STRING data; 02509 WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ 02510 int nid; /* i.e. ASN_COMMON_NAME */ 02511 int set; 02512 int size; 02513 }; 02514 #endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 02515 02516 02517 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) 02518 02519 enum { 02520 WOLFSSL_SYS_ACCEPT = 0, 02521 WOLFSSL_SYS_BIND, 02522 WOLFSSL_SYS_CONNECT, 02523 WOLFSSL_SYS_FOPEN, 02524 WOLFSSL_SYS_FREAD, 02525 WOLFSSL_SYS_GETADDRINFO, 02526 WOLFSSL_SYS_GETSOCKOPT, 02527 WOLFSSL_SYS_GETSOCKNAME, 02528 WOLFSSL_SYS_GETHOSTBYNAME, 02529 WOLFSSL_SYS_GETNAMEINFO, 02530 WOLFSSL_SYS_GETSERVBYNAME, 02531 WOLFSSL_SYS_IOCTLSOCKET, 02532 WOLFSSL_SYS_LISTEN, 02533 WOLFSSL_SYS_OPENDIR, 02534 WOLFSSL_SYS_SETSOCKOPT, 02535 WOLFSSL_SYS_SOCKET 02536 }; 02537 02538 /* Object functions */ 02539 WOLFSSL_API const char * wolfSSL_OBJ_nid2sn(int n); 02540 WOLFSSL_API int wolfSSL_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o); 02541 WOLFSSL_API int wolfSSL_OBJ_sn2nid(const char *sn); 02542 02543 WOLFSSL_API char* wolfSSL_OBJ_nid2ln(int n); 02544 WOLFSSL_API int wolfSSL_OBJ_txt2nid(const char *sn); 02545 02546 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj(int n); 02547 WOLFSSL_API int wolfSSL_OBJ_obj2txt(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a, int no_name); 02548 02549 WOLFSSL_API void wolfSSL_OBJ_cleanup(void); 02550 /* end of object functions */ 02551 02552 WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error_line(const char **file, int *line); 02553 WOLFSSL_API long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt); 02554 WOLFSSL_API long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt,void* pt); 02555 02556 #ifndef NO_CERTS 02557 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID( 02558 WOLFSSL_X509_NAME_ENTRY** out, int nid, int type, 02559 unsigned char* data, int dataSz); 02560 WOLFSSL_API int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name, 02561 WOLFSSL_X509_NAME_ENTRY* entry, int idx, int set); 02562 WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x, 02563 const WOLFSSL_X509_NAME* y); 02564 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void); 02565 WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl); 02566 WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, 02567 int nid, int* c, int* idx); 02568 WOLFSSL_API int wolfSSL_X509_digest(const WOLFSSL_X509* x509, 02569 const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len); 02570 WOLFSSL_API int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509); 02571 WOLFSSL_API int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der, 02572 int derSz); 02573 WOLFSSL_API int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey); 02574 WOLFSSL_API int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl, 02575 unsigned char* der, long derSz); 02576 WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_get_privatekey(const WOLFSSL *ssl); 02577 #ifndef NO_RSA 02578 WOLFSSL_API int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL* ssl, unsigned char* der, 02579 long derSz); 02580 #endif 02581 #endif /* NO_CERTS */ 02582 02583 WOLFSSL_API WOLFSSL_DH *wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r); 02584 02585 WOLFSSL_API int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses, 02586 unsigned char* out, int outSz); 02587 WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses); 02588 02589 WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, 02590 WOLFSSL_X509_STORE* str); 02591 WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); 02592 #if !defined(NO_FILESYSTEM) 02593 WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(XFILE fp, 02594 WOLFSSL_X509** x509); 02595 #endif 02596 WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, 02597 WOLFSSL_X509** x509); 02598 WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx); 02599 02600 WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b); 02601 WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl, 02602 unsigned char *out, size_t outlen); 02603 WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl, 02604 unsigned char* out, size_t outSz); 02605 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey); 02606 WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); 02607 WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX 02608 (WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); 02609 #ifndef NO_FILESYSTEM 02610 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_X509_CRL(XFILE fp, WOLFSSL_X509_CRL **x, 02611 pem_password_cb *cb, void *u); 02612 #endif 02613 02614 /*lighttp compatibility */ 02615 02616 struct WOLFSSL_ASN1_BIT_STRING { 02617 int length; 02618 int type; 02619 char* data; 02620 long flags; 02621 }; 02622 02623 02624 #if defined(OPENSSL_EXTRA) \ 02625 || defined(OPENSSL_ALL) \ 02626 || defined(HAVE_LIGHTY) \ 02627 || defined(WOLFSSL_MYSQL_COMPATIBLE) \ 02628 || defined(HAVE_STUNNEL) \ 02629 || defined(WOLFSSL_NGINX) \ 02630 || defined(WOLFSSL_HAPROXY) 02631 WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne); 02632 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void); 02633 WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name); 02634 WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x); 02635 WOLFSSL_API int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name); 02636 /* These are to be merged shortly */ 02637 WOLFSSL_API void wolfSSL_set_verify_depth(WOLFSSL *ssl,int depth); 02638 WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl); 02639 WOLFSSL_API int wolfSSL_set_app_data(WOLFSSL *ssl, void *arg); 02640 WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne); 02641 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc); 02642 WOLFSSL_API void wolfSSL_sk_X509_NAME_pop_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, void f (WOLFSSL_X509_NAME*)); 02643 WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md); 02644 WOLFSSL_API unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, unsigned char *md); 02645 WOLFSSL_API unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n, unsigned char *md); 02646 WOLFSSL_API unsigned char *wolfSSL_SHA512(const unsigned char *d, size_t n, unsigned char *md); 02647 WOLFSSL_API int wolfSSL_X509_check_private_key(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*); 02648 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk ); 02649 WOLFSSL_API int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509); 02650 02651 #ifndef NO_FILESYSTEM 02652 WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c); 02653 WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp); 02654 #endif 02655 02656 #endif /* OPENSSL_EXTRA || OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 02657 02658 #endif /* OPENSSL_EXTRA || OPENSSL_ALL */ 02659 02660 02661 #if defined(OPENSSL_ALL) \ 02662 || defined(HAVE_STUNNEL) \ 02663 || defined(HAVE_LIGHTY) \ 02664 || defined(WOLFSSL_MYSQL_COMPATIBLE) \ 02665 || defined(WOLFSSL_HAPROXY) \ 02666 || defined(OPENSSL_EXTRA) 02667 02668 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode); 02669 WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*); 02670 WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp, 02671 WOLFSSL_DH **x, pem_password_cb *cb, void *u); 02672 WOLFSSL_API WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, 02673 WOLFSSL_DSA **x, pem_password_cb *cb, void *u); 02674 WOLFSSL_API int wolfSSL_PEM_write_bio_X509_REQ(WOLFSSL_BIO *bp,WOLFSSL_X509 *x); 02675 WOLFSSL_API int wolfSSL_PEM_write_bio_X509_AUX(WOLFSSL_BIO *bp,WOLFSSL_X509 *x); 02676 WOLFSSL_API int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x); 02677 02678 #endif /* HAVE_STUNNEL || HAVE_LIGHTY */ 02679 02680 02681 #if defined(OPENSSL_ALL) \ 02682 || defined(HAVE_STUNNEL) \ 02683 || defined(WOLFSSL_NGINX) \ 02684 || defined(WOLFSSL_HAPROXY) \ 02685 || defined(OPENSSL_EXTRA) \ 02686 || defined(HAVE_LIGHTY) 02687 02688 #include <wolfssl/openssl/crypto.h> 02689 02690 /* SNI received callback type */ 02691 typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg); 02692 02693 WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), 02694 void *(*r) (void *, size_t, const char *, int), void (*f) (void *)); 02695 02696 WOLFSSL_API void wolfSSL_CRYPTO_cleanup_all_ex_data(void); 02697 02698 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn); 02699 WOLFSSL_API WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator, 02700 void (*callback) (int, int, void *), void *cb_arg); 02701 02702 WOLFSSL_API int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH*, int, int, 02703 void (*callback) (int, int, void *)); 02704 02705 WOLFSSL_API void wolfSSL_ERR_load_crypto_strings(void); 02706 02707 WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error(void); 02708 02709 WOLFSSL_API int wolfSSL_FIPS_mode(void); 02710 02711 WOLFSSL_API int wolfSSL_FIPS_mode_set(int r); 02712 02713 WOLFSSL_API int wolfSSL_RAND_set_rand_method(const void *meth); 02714 02715 WOLFSSL_API int wolfSSL_CIPHER_get_bits(const WOLFSSL_CIPHER *c, int *alg_bits); 02716 02717 WOLFSSL_API int wolfSSL_sk_X509_NAME_num(const WOLF_STACK_OF(WOLFSSL_X509_NAME) *s); 02718 02719 WOLFSSL_API int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s); 02720 02721 WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int, 02722 unsigned long); 02723 02724 WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr( 02725 const WOLFSSL_X509*); 02726 02727 WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*); 02728 02729 WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl); 02730 02731 WOLFSSL_API int wolfSSL_version(WOLFSSL*); 02732 02733 WOLFSSL_API int wolfSSL_get_state(const WOLFSSL*); 02734 02735 WOLFSSL_API void* wolfSSL_sk_X509_NAME_value(const WOLF_STACK_OF(WOLFSSL_X509_NAME)*, int); 02736 02737 WOLFSSL_API void* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)*, int); 02738 02739 WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int); 02740 02741 WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*); 02742 02743 WOLFSSL_API int wolfSSL_SESSION_get_ex_new_index(long,void*,void*,void*, 02744 CRYPTO_free_func*); 02745 02746 WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*); 02747 02748 02749 WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*, 02750 unsigned int*); 02751 02752 WOLFSSL_API int wolfSSL_set_tlsext_host_name(WOLFSSL *, const char *); 02753 02754 WOLFSSL_API const char* wolfSSL_get_servername(WOLFSSL *, unsigned char); 02755 02756 WOLFSSL_API WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL*,WOLFSSL_CTX*); 02757 02758 WOLFSSL_API VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX*); 02759 02760 WOLFSSL_API VerifyCallback wolfSSL_get_verify_callback(WOLFSSL*); 02761 02762 WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *, 02763 CallbackSniRecv); 02764 WOLFSSL_API int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX *, 02765 CallbackSniRecv); 02766 02767 WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*); 02768 02769 WOLFSSL_API void wolfSSL_ERR_remove_thread_state(void*); 02770 02771 /* support for depricated old name */ 02772 #define WOLFSSL_ERR_remove_thread_state wolfSSL_ERR_remove_thread_state 02773 02774 #ifndef NO_FILESYSTEM 02775 WOLFSSL_API void wolfSSL_print_all_errors_fp(XFILE *fp); 02776 #endif 02777 02778 WOLFSSL_API void wolfSSL_THREADID_set_callback(void (*threadid_func)(void*)); 02779 02780 WOLFSSL_API void wolfSSL_THREADID_set_numeric(void* id, unsigned long val); 02781 02782 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs( 02783 WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_NAME*); 02784 02785 WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void f (WOLFSSL_X509*)); 02786 #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */ 02787 02788 #if defined(OPENSSL_ALL) || \ 02789 defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ 02790 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 02791 02792 WOLFSSL_API int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx); 02793 02794 #endif 02795 02796 #ifdef WOLFSSL_JNI 02797 WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr); 02798 WOLFSSL_API void* wolfSSL_get_jobject(WOLFSSL* ssl); 02799 #endif /* WOLFSSL_JNI */ 02800 02801 02802 #ifdef WOLFSSL_ASYNC_CRYPT 02803 WOLFSSL_API int wolfSSL_AsyncPoll(WOLFSSL* ssl, WOLF_EVENT_FLAG flags); 02804 WOLFSSL_API int wolfSSL_CTX_AsyncPoll(WOLFSSL_CTX* ctx, WOLF_EVENT** events, int maxEvents, 02805 WOLF_EVENT_FLAG flags, int* eventCount); 02806 #endif /* WOLFSSL_ASYNC_CRYPT */ 02807 02808 #ifdef OPENSSL_EXTRA 02809 WOLFSSL_API int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, char* names); 02810 02811 typedef void (*SSL_Msg_Cb)(int write_p, int version, int content_type, 02812 const void *buf, size_t len, WOLFSSL *ssl, void *arg); 02813 02814 WOLFSSL_API int wolfSSL_CTX_set_msg_callback(WOLFSSL_CTX *ctx, SSL_Msg_Cb cb); 02815 WOLFSSL_API int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb); 02816 WOLFSSL_API int wolfSSL_CTX_set_msg_callback_arg(WOLFSSL_CTX *ctx, void* arg); 02817 WOLFSSL_API int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg); 02818 WOLFSSL_API unsigned long wolfSSL_ERR_peek_error_line_data(const char **file, 02819 int *line, const char **data, int *flags); 02820 WOLFSSL_API int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, 02821 const unsigned char *protos, unsigned int protos_len); 02822 WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data, 02823 size_t siz, const char* file, int line); 02824 WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); 02825 #endif 02826 02827 #if defined(OPENSSL_ALL) \ 02828 || defined(WOLFSSL_NGINX) \ 02829 || defined(WOLFSSL_HAPROXY) \ 02830 || defined(OPENSSL_EXTRA) 02831 WOLFSSL_API void wolfSSL_OPENSSL_config(char *config_name); 02832 #endif 02833 02834 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 02835 /* Not an OpenSSL API. */ 02836 WOLFSSL_LOCAL int wolfSSL_get_ocsp_response(WOLFSSL* ssl, byte** response); 02837 /* Not an OpenSSL API. */ 02838 WOLFSSL_LOCAL char* wolfSSL_get_ocsp_url(WOLFSSL* ssl); 02839 /* Not an OpenSSL API. */ 02840 WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url); 02841 #endif 02842 02843 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ 02844 || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) 02845 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl); 02846 WOLFSSL_API int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a, 02847 void *b, void *c); 02848 WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx); 02849 WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx, 02850 void *data); 02851 02852 WOLFSSL_API int wolfSSL_X509_NAME_digest(const WOLFSSL_X509_NAME *data, 02853 const WOLFSSL_EVP_MD *type, unsigned char *md, unsigned int *len); 02854 02855 WOLFSSL_API long wolfSSL_SSL_CTX_get_timeout(const WOLFSSL_CTX *ctx); 02856 WOLFSSL_API int wolfSSL_SSL_CTX_set_tmp_ecdh(WOLFSSL_CTX *ctx, 02857 WOLFSSL_EC_KEY *ecdh); 02858 WOLFSSL_API int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *, 02859 WOLFSSL_SESSION *c); 02860 02861 WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s); 02862 WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s); 02863 WOLFSSL_API int wolfSSL_SSL_do_handshake(WOLFSSL *s); 02864 WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL *a); /* #define in OpenSSL */ 02865 #ifndef NO_SESSION_CACHE 02866 WOLFSSL_API WOLFSSL_SESSION *wolfSSL_SSL_get0_session(const WOLFSSL *s); 02867 #endif 02868 WOLFSSL_API int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk, 02869 size_t chklen, unsigned int flags, char **peername); 02870 02871 WOLFSSL_API int wolfSSL_i2a_ASN1_INTEGER(WOLFSSL_BIO *bp, 02872 const WOLFSSL_ASN1_INTEGER *a); 02873 02874 #ifdef HAVE_SESSION_TICKET 02875 WOLFSSL_API int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *, int (*)( 02876 WOLFSSL *ssl, unsigned char *name, unsigned char *iv, 02877 WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc)); 02878 #endif 02879 02880 #if defined(HAVE_OCSP) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) || \ 02881 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 02882 WOLFSSL_API int wolfSSL_CTX_get_extra_chain_certs(WOLFSSL_CTX* ctx, 02883 WOLF_STACK_OF(X509)** chain); 02884 WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, 02885 int(*)(WOLFSSL*, void*)); 02886 02887 WOLFSSL_API int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, 02888 WOLFSSL_X509_STORE_CTX *ctx, WOLFSSL_X509 *x); 02889 02890 WOLFSSL_API void wolfSSL_X509_email_free(WOLF_STACK_OF(WOLFSSL_STRING) *sk); 02891 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_STRING) *wolfSSL_X509_get1_ocsp(WOLFSSL_X509 *x); 02892 02893 WOLFSSL_API int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer, 02894 WOLFSSL_X509 *subject); 02895 02896 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x); 02897 02898 WOLFSSL_API char* wolfSSL_sk_WOLFSSL_STRING_value( 02899 WOLF_STACK_OF(WOLFSSL_STRING)* strings, int idx); 02900 #endif /* HAVE_OCSP */ 02901 02902 WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio, 02903 WOLFSSL_X509 *cert); 02904 02905 #endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || 02906 OPENSSL_EXTRA || HAVE_LIGHTY*/ 02907 02908 WOLFSSL_API void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, 02909 const unsigned char **data, unsigned int *len); 02910 WOLFSSL_API int wolfSSL_select_next_proto(unsigned char **out, 02911 unsigned char *outlen, 02912 const unsigned char *in, unsigned int inlen, 02913 const unsigned char *client, 02914 unsigned int client_len); 02915 WOLFSSL_API void wolfSSL_CTX_set_alpn_select_cb(WOLFSSL_CTX *ctx, 02916 int (*cb) (WOLFSSL *ssl, 02917 const unsigned char **out, 02918 unsigned char *outlen, 02919 const unsigned char *in, 02920 unsigned int inlen, 02921 void *arg), void *arg); 02922 WOLFSSL_API void wolfSSL_CTX_set_next_protos_advertised_cb(WOLFSSL_CTX *s, 02923 int (*cb) (WOLFSSL *ssl, 02924 const unsigned char **out, 02925 unsigned int *outlen, 02926 void *arg), void *arg); 02927 WOLFSSL_API void wolfSSL_CTX_set_next_proto_select_cb(WOLFSSL_CTX *s, 02928 int (*cb) (WOLFSSL *ssl, 02929 unsigned char **out, 02930 unsigned char *outlen, 02931 const unsigned char *in, 02932 unsigned int inlen, 02933 void *arg), void *arg); 02934 WOLFSSL_API void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char **data, 02935 unsigned *len); 02936 02937 02938 #ifdef OPENSSL_EXTRA 02939 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 02940 WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context( 02941 const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length); 02942 WOLFSSL_API size_t SSL_get_finished(const WOLFSSL *s, void *buf, size_t count); 02943 WOLFSSL_API size_t SSL_get_peer_finished(const WOLFSSL *s, void *buf, size_t count); 02944 #endif 02945 02946 WOLFSSL_API int SSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid, unsigned int sid_len); 02947 WOLFSSL_API int SSL_SESSION_set1_id_context(WOLFSSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len); 02948 WOLFSSL_API void *X509_get0_tbs_sigalg(const WOLFSSL_X509 *x); 02949 WOLFSSL_API void X509_ALGOR_get0(WOLFSSL_ASN1_OBJECT **paobj, int *pptype, const void **ppval, const void *algor); 02950 WOLFSSL_API void *X509_get_X509_PUBKEY(void * x); 02951 WOLFSSL_API int X509_PUBKEY_get0_param(WOLFSSL_ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, void **pa, WOLFSSL_EVP_PKEY *pub); 02952 WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a); 02953 WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength)); 02954 WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); 02955 WOLFSSL_API int X509_STORE_load_locations(WOLFSSL_X509_STORE *ctx, const char *file, const char *dir); 02956 WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509_CRL *x); 02957 WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const void * p); 02958 WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st); 02959 WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx); 02960 WOLFSSL_API void ERR_load_SSL_strings(void); 02961 WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p); 02962 02963 WOLFSSL_API const char *wolfSSL_ASN1_tag2str(int tag); 02964 WOLFSSL_API int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, unsigned long flags); 02965 WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, 02966 WOLFSSL_ASN1_TIME **out); 02967 WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp); 02968 #endif /* OPENSSL_EXTRA */ 02969 02970 #ifdef HAVE_PK_CALLBACKS 02971 WOLFSSL_API int wolfSSL_CTX_IsPrivatePkSet(WOLFSSL_CTX* ctx); 02972 #endif 02973 02974 #ifdef __cplusplus 02975 } /* extern "C" */ 02976 #endif 02977 02978 02979 #endif /* WOLFSSL_SSL_H */ 02980
Generated on Wed Jul 13 2022 01:38:47 by 1.7.2