WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

OpenSSL Compatibility functions on PR#942.

pull/942/head
Go Hosohara 2017-10-02 18:07:49 +09:00
parent 68371c8e66
commit 9c9978ce9f
16 changed files with 1106 additions and 388 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
examples/echoclient/echoclient.h
View File

@ -26,6 +26,5 @@
void echoclient_test(void* args);
#endif /* WOLFSSL_ECHOCLIENT_H */

7
src/internal.c
View File

@ -39,6 +39,9 @@
#define WOLFSSL_MISC_INCLUDED
#include <wolfcrypt/src/misc.c>
#endif
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA)
#include <wolfssl/wolfcrypt/srp.h>
#endif
#ifdef HAVE_LIBZ
#include "zlib.h"
@ -2752,8 +2755,10 @@ void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
if (name->dynamicName)
XFREE(name->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
#ifdef OPENSSL_EXTRA
if (name->fullName.fullName != NULL)
if (name->fullName.fullName != NULL){
XFREE(name->fullName.fullName, heap, DYNAMIC_TYPE_X509);
name->fullName.fullName = NULL;
}
#endif /* OPENSSL_EXTRA */
}
(void)heap;

413
src/ssl.c
View File

@ -87,6 +87,11 @@
#ifdef WOLFSSL_SHA512
#include <wolfssl/wolfcrypt/sha512.h>
#endif
#if defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256) \
&& !defined(WC_NO_RNG)
#include <wolfssl/wolfcrypt/srp.h>
#include <wolfssl/wolfcrypt/random.h>
#endif
#endif
#ifdef NO_ASN
@ -249,7 +254,6 @@ int wolfSSL_send_session(WOLFSSL* ssl)
static volatile int initRefCount = 0;
static wolfSSL_Mutex count_mutex; /* init ref count mutex */
/* Create a new WOLFSSL_CTX struct and return the pointer to created struct.
WOLFSSL_METHOD pointer passed in is given to ctx to manage.
This function frees the passed in WOLFSSL_METHOD struct on failure and on
@ -284,12 +288,24 @@ WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap)
wolfSSL_CTX_free(ctx);
ctx = NULL;
}
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
&& !defined(NO_SHA256) && !defined(WC_NO_RNG)
ctx->srp = (Srp*) XMALLOC(sizeof(Srp), heap, DYNAMIC_TYPE_SRP);
if (ctx->srp == NULL){
WOLFSSL_MSG("Init CTX failed");
wolfSSL_CTX_free(ctx);
return NULL;
}
XMEMSET(ctx->srp, 0, sizeof(Srp));
#endif
}
else {
WOLFSSL_MSG("Alloc CTX failed, method freed");
XFREE(method, heap, DYNAMIC_TYPE_METHOD);
}
WOLFSSL_LEAVE("WOLFSSL_CTX_new", 0);
return ctx;
}
@ -309,8 +325,19 @@ WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
void wolfSSL_CTX_free(WOLFSSL_CTX* ctx)
{
WOLFSSL_ENTER("SSL_CTX_free");
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
&& !defined(NO_SHA256) && !defined(WC_NO_RNG)
if (ctx->srp != NULL){
if (ctx->srp_password != NULL){
XFREE(ctx->srp_password, ctx->heap, DYNAMIC_TYPE_SRP);
}
wc_SrpTerm(ctx->srp);
XFREE(ctx->srp, ctx->heap, DYNAMIC_TYPE_SRP);
}
#endif
if (ctx)
FreeSSL_Ctx(ctx);
WOLFSSL_LEAVE("SSL_CTX_free", 0);
}
@ -11020,6 +11047,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return s->ca_names;
}
#if !defined(NO_RSA) && !defined(NO_CERTS)
WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char* fname)
{
WOLFSSL_STACK *list = NULL;
@ -11070,6 +11098,53 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return list;
}
int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509)
{
WOLFSSL_STACK *node = NULL;
WOLFSSL_X509_NAME *subjectName = NULL;
WOLFSSL_ENTER("wolfSSL_CTX_add_client_CA");
if (ctx == NULL || x509 == NULL){
WOLFSSL_MSG("Bad argument");
return SSL_FAILURE;
}
subjectName = wolfSSL_X509_get_subject_name(x509);
if (subjectName == NULL){
WOLFSSL_MSG("invalid x509 data");
return SSL_FAILURE;
}
/* Alloc stack struct */
node = (WOLF_STACK_OF(WOLFSSL_X509_NAME)*)XMALLOC(
sizeof(WOLF_STACK_OF(WOLFSSL_X509_NAME)),
NULL, DYNAMIC_TYPE_OPENSSL);
if (node == NULL){
WOLFSSL_MSG("memory allocation error");
return SSL_FAILURE;
}
XMEMSET(node, 0, sizeof(WOLF_STACK_OF(WOLFSSL_X509_NAME)));
/* Alloc and copy WOLFSSL_X509_NAME */
node->data.name = (WOLFSSL_X509_NAME*)XMALLOC(
sizeof(WOLFSSL_X509_NAME),
NULL, DYNAMIC_TYPE_OPENSSL);
if (node->data.name == NULL) {
XFREE(node, NULL, DYNAMIC_TYPE_OPENSSL);
WOLFSSL_MSG("memory allocation error");
return SSL_FAILURE;
}
XMEMCPY(node->data.name, subjectName, sizeof(WOLFSSL_X509_NAME));
XMEMSET(subjectName, 0, sizeof(WOLFSSL_X509_NAME));
/* push new node onto head of stack */
node->num = (ctx->ca_names == NULL) ? 1 : ctx->ca_names->num + 1;
node->next = ctx->ca_names;
ctx->ca_names = node;
return SSL_SUCCESS;
}
#endif
int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX* ctx)
{
@ -11078,6 +11153,154 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return WOLFSSL_NOT_IMPLEMENTED;
}
#if defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256) \
&& !defined(WC_NO_RNG)
static const byte srp_N[] = {
0xEE, 0xAF, 0x0A, 0xB9, 0xAD, 0xB3, 0x8D, 0xD6, 0x9C, 0x33, 0xF8,
0x0A, 0xFA, 0x8F, 0xC5, 0xE8, 0x60, 0x72, 0x61, 0x87, 0x75, 0xFF,
0x3C, 0x0B, 0x9E, 0xA2, 0x31, 0x4C, 0x9C, 0x25, 0x65, 0x76, 0xD6,
0x74, 0xDF, 0x74, 0x96, 0xEA, 0x81, 0xD3, 0x38, 0x3B, 0x48, 0x13,
0xD6, 0x92, 0xC6, 0xE0, 0xE0, 0xD5, 0xD8, 0xE2, 0x50, 0xB9, 0x8B,
0xE4, 0x8E, 0x49, 0x5C, 0x1D, 0x60, 0x89, 0xDA, 0xD1, 0x5D, 0xC7,
0xD7, 0xB4, 0x61, 0x54, 0xD6, 0xB6, 0xCE, 0x8E, 0xF4, 0xAD, 0x69,
0xB1, 0x5D, 0x49, 0x82, 0x55, 0x9B, 0x29, 0x7B, 0xCF, 0x18, 0x85,
0xC5, 0x29, 0xF5, 0x66, 0x66, 0x0E, 0x57, 0xEC, 0x68, 0xED, 0xBC,
0x3C, 0x05, 0x72, 0x6C, 0xC0, 0x2F, 0xD4, 0xCB, 0xF4, 0x97, 0x6E,
0xAA, 0x9A, 0xFD, 0x51, 0x38, 0xFE, 0x83, 0x76, 0x43, 0x5B, 0x9F,
0xC6, 0x1D, 0x2F, 0xC0, 0xEB, 0x06, 0xE3
};
static const byte srp_g[] = {
0x02
};
int wolfSSL_CTX_set_srp_username(WOLFSSL_CTX* ctx, char* username)
{
int r = 0;
int srp_side = 0;
WC_RNG rng;
byte salt[SRP_SALT_SIZE];
WOLFSSL_ENTER("wolfSSL_CTX_set_srp_username");
if (ctx == NULL || ctx->srp == NULL || username==NULL)
return SSL_FAILURE;
if (ctx->method->side == WOLFSSL_SERVER_END){
srp_side = SRP_SERVER_SIDE;
} else if (ctx->method->side == WOLFSSL_CLIENT_END){
srp_side = SRP_CLIENT_SIDE;
} else {
WOLFSSL_MSG("Init CTX failed");
return SSL_FAILURE;
}
if (wc_SrpInit(ctx->srp, SRP_TYPE_SHA256, srp_side) < 0){
WOLFSSL_MSG("Init CTX failed");
XFREE(ctx->srp, ctx->heap, DYNAMIC_TYPE_SRP);
wolfSSL_CTX_free(ctx);
return SSL_FAILURE;
}
r = wc_SrpSetUsername(ctx->srp, (const byte*)username,
(word32)XSTRLEN(username));
if (r < 0) {
WOLFSSL_MSG("fail to set srp username.");
return SSL_FAILURE;
}
/* if wolfSSL_CTX_set_srp_password has already been called, */
/* execute wc_SrpSetPassword here */
if (ctx->srp_password != NULL){
if (wc_InitRng(&rng) < 0){
WOLFSSL_MSG("wc_InitRng failed");
return SSL_FAILURE;
}
XMEMSET(salt, 0, sizeof(salt)/sizeof(salt[0]));
if (wc_RNG_GenerateBlock(&rng, salt,
sizeof(salt)/sizeof(salt[0])) < 0){
WOLFSSL_MSG("wc_RNG_GenerateBlock failed");
wc_FreeRng(&rng);
return SSL_FAILURE;
}
if (wc_SrpSetParams(ctx->srp, srp_N, sizeof(srp_N)/sizeof(srp_N[0]),
srp_g, sizeof(srp_g)/sizeof(srp_g[0]),
salt, sizeof(salt)/sizeof(salt[0])) < 0){
WOLFSSL_MSG("wc_SrpSetParam failed");
wc_FreeRng(&rng);
return SSL_FAILURE;
}
r = wc_SrpSetPassword(ctx->srp,
(const byte*)ctx->srp_password,
(word32)XSTRLEN((char *)ctx->srp_password));
if (r < 0) {
WOLFSSL_MSG("fail to set srp password.");
return SSL_FAILURE;
}
wc_FreeRng(&rng);
XFREE(ctx->srp_password, ctx->heap, DYNAMIC_TYPE_SRP);
ctx->srp_password = NULL;
}
return SSL_SUCCESS;
}
int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX* ctx, char* password)
{
int r;
WC_RNG rng;
byte salt[SRP_SALT_SIZE];
WOLFSSL_ENTER("wolfSSL_CTX_set_srp_password");
if (ctx == NULL || ctx->srp == NULL || password == NULL)
return SSL_FAILURE;
if (ctx->srp->user != NULL){
if (wc_InitRng(&rng) < 0){
WOLFSSL_MSG("wc_InitRng failed");
return SSL_FAILURE;
}
XMEMSET(salt, 0, sizeof(salt)/sizeof(salt[0]));
if (wc_RNG_GenerateBlock(&rng, salt,
sizeof(salt)/sizeof(salt[0])) < 0){
WOLFSSL_MSG("wc_RNG_GenerateBlock failed");
wc_FreeRng(&rng);
return SSL_FAILURE;
}
if (wc_SrpSetParams(ctx->srp, srp_N, sizeof(srp_N)/sizeof(srp_N[0]),
srp_g, sizeof(srp_g)/sizeof(srp_g[0]),
salt, sizeof(salt)/sizeof(salt[0])) < 0){
WOLFSSL_MSG("wc_SrpSetParam failed");
wc_FreeRng(&rng);
return SSL_FAILURE;
}
r = wc_SrpSetPassword(ctx->srp, (const byte*)password,
(word32)XSTRLEN(password));
if (r < 0) {
WOLFSSL_MSG("wc_SrpSetPassword failed.");
wc_FreeRng(&rng);
return SSL_FAILURE;
}
if (ctx->srp_password != NULL){
XFREE(ctx->srp_password,NULL,
DYNAMIC_TYPE_SRP);
ctx->srp_password = NULL;
}
wc_FreeRng(&rng);
} else {
/* save password for wolfSSL_set_srp_username */
if (ctx->srp_password != NULL)
XFREE(ctx->srp_password,ctx->heap, DYNAMIC_TYPE_SRP);
ctx->srp_password = XMALLOC(XSTRLEN(password) + 1,
ctx->heap,
DYNAMIC_TYPE_SRP);
if (ctx->srp_password == NULL){
WOLFSSL_MSG("memory allocation error");
return SSL_FAILURE;
}
XMEMCPY(ctx->srp_password, password, XSTRLEN(password) + 1);
}
return SSL_SUCCESS;
}
#endif /* WOLFCRYPT_HAVE_SRP && !NO_SHA256 && !WC_NO_RNG */
/* keyblock size in bytes or -1 */
int wolfSSL_get_keyblock_size(WOLFSSL* ssl)
@ -14553,6 +14776,7 @@ void wolfSSL_sk_X509_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk) {
}
XFREE(sk, NULL, DYNAMIC_TYPE_X509);
}
#endif /* NO_CERTS && OPENSSL_EXTRA */
WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const byte* in, int len)
@ -16230,7 +16454,16 @@ int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX* ctx,
ctx->error = 0;
ctx->error_depth = 0;
ctx->discardSessionCerts = 0;
return WOLFSSL_SUCCESS;
#ifdef OPENSSL_EXTRA
ctx->param = (WOLFSSL_X509_VERIFY_PARAM*)XMALLOC(
sizeof(WOLFSSL_X509_VERIFY_PARAM),
NULL,DYNAMIC_TYPE_OPENSSL);
if (ctx->param == NULL){
WOLFSSL_MSG("wolfSSL_X509_STORE_CTX_init failed");
return SSL_FATAL_ERROR;
}
#endif
return SSL_SUCCESS;
}
return WOLFSSL_FATAL_ERROR;
}
@ -16245,6 +16478,11 @@ void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX* ctx)
wolfSSL_FreeX509(ctx->current_cert);
if (ctx->chain != NULL)
wolfSSL_sk_X509_free(ctx->chain);
#ifdef OPENSSL_EXTRA
if (ctx->param != NULL){
XFREE(ctx->param,NULL,DYNAMIC_TYPE_OPENSSL);
}
#endif
XFREE(ctx, NULL, DYNAMIC_TYPE_X509_CTX);
}
}
@ -16328,6 +16566,17 @@ void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX* ctx, int err)
(void)err;
}
#ifdef OPENSSL_EXTRA
void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX* ctx,
unsigned long flags,
time_t t)
{
(void)flags;
ctx->param->check_time = t;
ctx->param->flags |= WOLFSSL_USE_CHECK_TIME;
}
#endif
void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT* obj)
{
@ -16475,6 +16724,94 @@ char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, char* buf, int len)
}
#endif /* WOLFSSL_MYSQL_COMPATIBLE */
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) \
&& !defined(USER_TIME) && !defined(TIME_OVERRIDES) && !defined(NO_FILESYSTEM)
WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME *s, time_t t,
int offset_day, long offset_sec)
{
const int sec_per_day = 24*60*60;
struct tm* ts = NULL;
struct tm* tmpTime = NULL;
time_t t_adj = 0;
time_t offset_day_sec = 0;
#if defined(NEED_TMP_TIME)
struct tm tmpTimeStorage;
tmpTime = &tmpTimeStorage;
#else
(void)tmpTime;
#endif
WOLFSSL_ENTER("wolfSSL_ASN1_TIME_adj");
if (s == NULL){
s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
DYNAMIC_TYPE_OPENSSL);
if (s == NULL){
return NULL;
}
}
/* compute GMT time with offset */
offset_day_sec = offset_day * sec_per_day;
t_adj = t + offset_day_sec + offset_sec;
ts = (struct tm *)XGMTIME(&t_adj, tmpTime);
if (ts == NULL){
WOLFSSL_MSG("failed to get time data.");
XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL);
return NULL;
}
/* create ASN1 time notation */
/* UTC Time */
if (ts->tm_year >= 50 && ts->tm_year < 150){
char utc_str[ASN_UTC_TIME_SIZE];
int utc_year = 0,utc_mon,utc_day,utc_hour,utc_min,utc_sec;
byte *data_ptr = NULL;
if (ts->tm_year >= 50 && ts->tm_year < 100){
utc_year = ts->tm_year;
} else if (ts->tm_year >= 100 && ts->tm_year < 150){
utc_year = ts->tm_year - 100;
}
utc_mon = ts->tm_mon + 1;
utc_day = ts->tm_mday;
utc_hour = ts->tm_hour;
utc_min = ts->tm_min;
utc_sec = ts->tm_sec;
XSNPRINTF((char *)utc_str, ASN_UTC_TIME_SIZE,
"%02d%02d%02d%02d%02d%02dZ",
utc_year, utc_mon, utc_day, utc_hour, utc_min, utc_sec);
data_ptr = s->data;
*data_ptr = (byte) ASN_UTC_TIME; data_ptr++;
*data_ptr = (byte) ASN_UTC_TIME_SIZE; data_ptr++;
XMEMCPY(data_ptr,(byte *)utc_str, ASN_UTC_TIME_SIZE);
/* GeneralizedTime */
} else {
char gt_str[ASN_GENERALIZED_TIME_SIZE];
int gt_year,gt_mon,gt_day,gt_hour,gt_min,gt_sec;
byte *data_ptr = NULL;
gt_year = ts->tm_year + 1900;
gt_mon = ts->tm_mon + 1;
gt_day = ts->tm_mday;
gt_hour = ts->tm_hour;
gt_min = ts->tm_min;
gt_sec = ts->tm_sec;
XSNPRINTF((char *)gt_str, ASN_GENERALIZED_TIME_SIZE,
"%4d%02d%02d%02d%02d%02dZ",
gt_year, gt_mon, gt_day, gt_hour, gt_min,gt_sec);
data_ptr = s->data;
*data_ptr = (byte) ASN_GENERALIZED_TIME; data_ptr++;
*data_ptr = (byte) ASN_GENERALIZED_TIME_SIZE; data_ptr++;
XMEMCPY(data_ptr,(byte *)gt_str, ASN_GENERALIZED_TIME_SIZE);
}
return s;
}
#endif /* OPENSSL_EXTRA && !NO_ASN_TIME && !USER_TIME */
/* && !TIME_OVERRIDES && !NO_FILESYSTEM */
int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a,
const WOLFSSL_ASN1_INTEGER* b)
@ -16766,17 +17103,31 @@ WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st)
return WOLFSSL_FAILURE;
}
/*** TBD ***/
WOLFSSL_API long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type)
#ifdef OPENSSL_EXTRA
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type)
{
(void)s;
(void)type;
WOLFSSL_STUB("wolfSSL_set_tlsext_status_type");
return WOLFSSL_FAILURE;
}
WOLFSSL_ENTER("wolfSSL_set_tlsext_status_type");
if (s == NULL){
return BAD_FUNC_ARG;
}
if (type == TLSEXT_STATUSTYPE_ocsp){
int r = 0;
r = TLSX_UseCertificateStatusRequest(&s->extensions, type,
0, s->heap, s->devId);
return (long)r;
} else {
WOLFSSL_MSG(
"SSL_set_tlsext_status_type only supports TLSEXT_STATUSTYPE_ocsp type.");
return SSL_FAILURE;
}
}
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */
#endif /* OPENSSL_EXTRA */
/*** TBD ***/
WOLFSSL_API long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg)
{
(void)s;
@ -18786,6 +19137,46 @@ void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx)
WOLFSSL_MSG("wolfSSL_BN_CTX_start TBD");
}
WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(WOLFSSL_BIGNUM *r,
WOLFSSL_BIGNUM *a,
const WOLFSSL_BIGNUM *n,
WOLFSSL_BN_CTX *ctx)
{
WOLFSSL_ENTER("wolfSSL_BN_mod_inverse");
/* ctx is not used */
(void)ctx;
/* check parameter */
if (r == NULL) {
r = wolfSSL_BN_new();
if (r == NULL){
WOLFSSL_MSG("WolfSSL_BN_new() failed");
return NULL;
}
}
if (a == NULL) {
WOLFSSL_MSG("a NULL error");
return NULL;
}
if (n == NULL) {
WOLFSSL_MSG("n NULL error");
return NULL;
}
/* Compute inverse of a modulo n and return r */
if (mp_invmod((mp_int *)a->internal,(mp_int *)n->internal,
(mp_int*)r->internal) == MP_VAL){
WOLFSSL_MSG("mp_invmod() error");
return NULL;
}
return r;
}
#ifndef NO_DH
static void InitwolfSSL_DH(WOLFSSL_DH* dh)

268
tests/api.c
View File

@ -154,6 +154,11 @@
#endif
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
&& !defined(NO_SHA256) && !defined(RC_NO_RNG)
#include <wolfssl/wolfcrypt/srp.h>
#endif
/* enable testing buffer load functions */
#ifndef USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_2048
@ -304,7 +309,6 @@ static void test_wolfSSL_CTX_new(WOLFSSL_METHOD *method)
AssertNotNull(method);
AssertNotNull(ctx = wolfSSL_CTX_new(method));
wolfSSL_CTX_free(ctx);
}
#endif
@ -2392,6 +2396,24 @@ static void test_wolfSSL_PKCS12(void)
#endif /* OPENSSL_EXTRA */
}
/* Testing functions dealing with PKCS5 */
static void test_wolfSSL_PKCS5(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA) && !defined(NO_PWDBASED)
const char *passwd = "pass1234";
const unsigned char *salt = (unsigned char *)"salt1234";
unsigned char *out = (unsigned char *)XMALLOC(WC_SHA_DIGEST_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
int ret = 0;
AssertNotNull(out);
ret = PKCS5_PBKDF2_HMAC_SHA1(passwd,(int)XSTRLEN(passwd), salt,
(int)XSTRLEN((const char *) salt), 10,
WC_SHA_DIGEST_SIZE,out);
AssertIntEQ(ret, SSL_SUCCESS);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SHA) */
}
/* Testing function wolfSSL_CTX_SetMinVersion; sets the minimum downgrade
* version allowed.
@ -9946,6 +9968,72 @@ static void test_wolfSSL_X509_LOOKUP_load_file(void)
!defined(NO_FILESYSTEM) && !defined(NO_RSA) */
}
static void test_wolfSSL_X509_STORE_CTX_set_time(void)
{
#if defined(OPENSSL_EXTRA)
WOLFSSL_X509_STORE_CTX* ctx;
time_t ctime;
printf(testingFmt, "wolfSSL_X509_set_time()");
AssertNotNull(ctx = wolfSSL_X509_STORE_CTX_new());
ctime = 365*24*60*60;
wolfSSL_X509_STORE_CTX_set_time(ctx, 0, ctime);
AssertTrue(
(ctx->param->flags & WOLFSSL_USE_CHECK_TIME) == WOLFSSL_USE_CHECK_TIME);
AssertTrue(ctx->param->check_time == ctime);
wolfSSL_X509_STORE_CTX_free(ctx);
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA */
}
static void test_wolfSSL_CTX_set_client_CA_list(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS)
WOLFSSL_CTX* ctx;
WOLF_STACK_OF(WOLFSSL_X509_NAME)* names = NULL;
WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_list = NULL;
printf(testingFmt, "wolfSSL_CTX_set_client_CA_list()");
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
names = wolfSSL_load_client_CA_file(cliCertFile);
AssertNotNull(names);
wolfSSL_CTX_set_client_CA_list(ctx,names);
AssertNotNull(ca_list = wolfSSL_SSL_CTX_get_client_CA_list(ctx));
wolfSSL_CTX_free(ctx);
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS */
}
static void test_wolfSSL_CTX_add_client_CA(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS)
WOLFSSL_CTX* ctx;
WOLFSSL_X509* x509;
WOLFSSL_X509* x509_a;
WOLF_STACK_OF(WOLFSSLX509_NAME)* ca_list;
int ret = 0;
printf(testingFmt, "wolfSSL_CTX_add_client_CA()");
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
/* Add client cert */
AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
ret = wolfSSL_CTX_add_client_CA(ctx, x509);
AssertIntEQ(ret ,SSL_SUCCESS);
AssertNotNull(ca_list = wolfSSL_SSL_CTX_get_client_CA_list(ctx));
/* Add another client cert */
AssertNotNull(x509_a = wolfSSL_X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
AssertIntEQ(wolfSSL_CTX_add_client_CA(ctx, x509_a),SSL_SUCCESS);
wolfSSL_X509_free(x509);
wolfSSL_X509_free(x509_a);
wolfSSL_CTX_free(ctx);
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS */
}
static void test_wolfSSL_X509_NID(void)
{
@ -10022,6 +10110,64 @@ static void test_wolfSSL_X509_NID(void)
#endif
}
static void test_wolfSSL_CTX_set_srp_username(void)
{
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
&& !defined(NO_SHA256) && !defined(WC_NO_RNG)
WOLFSSL_CTX* ctx;
const char *username = "TESTUSER";
const char *password = "TESTPASSWORD";
int r;
printf(testingFmt, "wolfSSL_CTX_set_srp_username()");
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
AssertNotNull(ctx);
r = wolfSSL_CTX_set_srp_username(ctx, (char *)username);
AssertIntEQ(r,SSL_SUCCESS);
wolfSSL_CTX_free(ctx);
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
AssertNotNull(ctx);
r = wolfSSL_CTX_set_srp_password(ctx, (char *)password);
AssertIntEQ(r,SSL_SUCCESS);
r = wolfSSL_CTX_set_srp_username(ctx, (char *)username);
AssertIntEQ(r,SSL_SUCCESS);
wolfSSL_CTX_free(ctx);
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
/* && !NO_SHA256 && !WC_NO_RNG */
}
static void test_wolfSSL_CTX_set_srp_password(void)
{
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
&& !defined(NO_SHA256) && !defined(WC_NO_RNG)
WOLFSSL_CTX* ctx;
const char *username = "TESTUSER";
const char *password = "TESTPASSWORD";
int r;
printf(testingFmt, "wolfSSL_CTX_set_srp_password()");
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
AssertNotNull(ctx);
r = wolfSSL_CTX_set_srp_password(ctx, (char *)password);
AssertIntEQ(r,SSL_SUCCESS);
wolfSSL_CTX_free(ctx);
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
AssertNotNull(ctx);
r = wolfSSL_CTX_set_srp_username(ctx, (char *)username);
AssertIntEQ(r,SSL_SUCCESS);
r = wolfSSL_CTX_set_srp_password(ctx, (char *)password);
AssertIntEQ(r,SSL_SUCCESS);
wolfSSL_CTX_free(ctx);
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
/* && !NO_SHA256 && !WC_NO_RNG */
}
static void test_wolfSSL_BN(void)
{
@ -10063,6 +10209,14 @@ static void test_wolfSSL_BN(void)
AssertIntEQ(BN_bn2bin(d, value), WOLFSSL_SUCCESS);
AssertIntEQ((int)(value[0] & 0x04), 4);
/* BN_mod_inverse test */
value[0] = 0;
BIGNUM *r = BN_new();
BIGNUM *val = BN_mod_inverse(r,b,c,NULL);
AssertIntEQ(BN_bn2bin(r, value), 1);
AssertIntEQ((int)(value[0] & 0x03), 3);
BN_free(val);
BN_free(a);
BN_free(b);
BN_free(c);
@ -10130,6 +10284,27 @@ static void test_wolfSSL_set_options(void)
!defined(NO_FILESYSTEM) && !defined(NO_RSA) */
}
/* Testing wolfSSL_set_tlsext_status_type funciton.
* PRE: OPENSSL and HAVE_CERTIFICATE_STATUS_REQUEST defined.
*/
static void test_wolfSSL_set_tlsext_status_type(void){
#if defined(OPENSSL_EXTRA) && defined(HAVE_CERTIFICATE_STATUS_REQUEST)
SSL* ssl;
SSL_CTX* ctx;
printf(testingFmt, "wolfSSL_set_tlsext_status_type()");
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
AssertNotNull(ssl = SSL_new(ctx));
AssertTrue(SSL_set_tlsext_status_type(ssl,TLSEXT_STATUSTYPE_ocsp)
== SSL_SUCCESS);
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && HAVE_CERTIFICATE_STATUS_REQUEST */
}
static void test_wolfSSL_PEM_read_bio(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
@ -10355,15 +10530,94 @@ static void test_wolfSSL_DES_ecb_encrypt(void)
int ret1 = 0;
int ret2 = 0;
wolfSSL_DES_ecb_encrypt(&output1,&back1,&key,DES_DECRYPT);
ret1 = memcmp((unsigned char *) back1,(unsigned char *) input1,sizeof(WOLFSSL_DES_cblock));
ret1 = XMEMCMP((unsigned char *) back1,(unsigned char *) input1,sizeof(WOLFSSL_DES_cblock));
AssertIntEQ(ret1,0);
wolfSSL_DES_ecb_encrypt(&output2,&back2,&key,DES_DECRYPT);
ret2 = memcmp((unsigned char *) back2,(unsigned char *) input2,sizeof(WOLFSSL_DES_cblock));
ret2 = XMEMCMP((unsigned char *) back2,(unsigned char *) input2,sizeof(WOLFSSL_DES_cblock));
AssertIntEQ(ret2,0);
printf(resultFmt, passed);
#endif
}
static void test_wolfSSL_ASN1_TIME_adj(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN1_TIME) \
&& !defined(USER_TIME) && !defined(TIME_OVERRIDES)
const int year = 365*24*60*60;
const int day = 24*60*60;
const int hour = 60*60;
const int min = 60;
const byte asn_utc_time = 0x17;
const byte asn_gen_time = 0x18;
WOLFSSL_ASN1_TIME *asn_time, *s;
int offset_day;
long offset_sec;
char date_str[20];
printf(testingFmt, "wolfSSL_ASN1_TIME_adj()");
s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
DYNAMIC_TYPE_OPENSSL);
/* UTC notation test */
/* 2000/2/15 20:30:00 */
time_t t = (time_t)30 * year + 45 * day + 20 * hour + 30 * min + 7 * day;
offset_day = 7;
offset_sec = 45 * min;
/* offset_sec = -45 * min;*/
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
AssertTrue(asn_time->data[0] == asn_utc_time);
XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
AssertIntEQ(0, XMEMCMP(date_str, "000222211500Z", 13));
/* negative offset */
offset_sec = -45 * min;
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
AssertTrue(asn_time->data[0] == asn_utc_time);
XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
AssertIntEQ(0, XMEMCMP(date_str, "000222194500Z", 13));
XFREE(s,NULL,DYNAMIC_TYPE_OPENSSL);
XMEMSET(date_str, 0, sizeof(date_str));
s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
DYNAMIC_TYPE_OPENSSL);
/* GeneralizedTime notation test */
/* 2055/03/01 09:00:00 */
t = (time_t)85 * year + 59 * day + 9 * hour + 21 * day;
offset_day = 12;
offset_sec = 10 * min;
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
AssertTrue(asn_time->data[0] == asn_gen_time);
XSTRNCPY(date_str,(const char*) &asn_time->data+2, 15);
AssertIntEQ(0, XMEMCMP(date_str, "20550313091000Z", 15));
XFREE(s,NULL,DYNAMIC_TYPE_OPENSSL);
XMEMSET(date_str, 0, sizeof(date_str));
/* if WOLFSSL_ASN1_TIME struct is not allocated */
s = NULL;
t = (time_t)30 * year + 45 * day + 20 * hour + 30 * min + 15 + 7 * day;
offset_day = 7;
offset_sec = 45 * min;
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
AssertTrue(asn_time->data[0] == asn_utc_time);
XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
AssertIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
XFREE(asn_time,NULL,DYNAMIC_TYPE_OPENSSL);
asn_time = wolfSSL_ASN1_TIME_adj(NULL, t, offset_day, offset_sec);
AssertTrue(asn_time->data[0] == asn_utc_time);
XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
AssertIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
XFREE(asn_time,NULL,DYNAMIC_TYPE_OPENSSL);
printf(resultFmt, passed);
#endif
}
/*----------------------------------------------------------------------------*
| wolfCrypt ASN
*----------------------------------------------------------------------------*/
@ -10924,6 +11178,7 @@ void ApiTest(void)
/* X509 tests */
test_wolfSSL_X509_NAME_get_entry();
test_wolfSSL_PKCS12();
test_wolfSSL_PKCS5();
/*OCSP Stapling. */
AssertIntEQ(test_wolfSSL_UseOCSPStapling(), WOLFSSL_SUCCESS);
@ -10947,11 +11202,18 @@ void ApiTest(void)
test_wolfSSL_X509_STORE_set_flags();
test_wolfSSL_X509_LOOKUP_load_file();
test_wolfSSL_X509_NID();
test_wolfSSL_X509_STORE_CTX_set_time();
test_wolfSSL_BN();
test_wolfSSL_set_options();
test_wolfSSL_PEM_read_bio();
test_wolfSSL_BIO();
test_wolfSSL_DES_ecb_encrypt();
test_wolfSSL_set_tlsext_status_type();
test_wolfSSL_ASN1_TIME_adj();
test_wolfSSL_CTX_set_client_CA_list();
test_wolfSSL_CTX_add_client_CA();
test_wolfSSL_CTX_set_srp_username();
test_wolfSSL_CTX_set_srp_password();
AssertIntEQ(test_wolfSSL_Cleanup(), WOLFSSL_SUCCESS);
/* wolfCrypt ASN tests */

374
wolfcrypt/src/asn.c
View File

@ -111,357 +111,7 @@ ASN Options:
#endif
#endif
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
#pragma warning(disable: 4996)
#endif
#define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
#ifndef NO_ASN_TIME
#if defined(USER_TIME)
/* Use our gmtime and time_t/struct tm types.
Only needs seconds since EPOCH using XTIME function.
time_t XTIME(time_t * timer) {}
*/
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#define USE_WOLF_TIME_T
#elif defined(TIME_OVERRIDES)
/* Override XTIME() and XGMTIME() functionality.
Requires user to provide these functions:
time_t XTIME(time_t * timer) {}
struct tm* XGMTIME(const time_t* timer, struct tm* tmp) {}
*/
#ifndef HAVE_TIME_T_TYPE
#define USE_WOLF_TIME_T
#endif
#ifndef HAVE_TM_TYPE
#define USE_WOLF_TM
#endif
#define NEED_TMP_TIME
#elif defined(HAVE_RTP_SYS)
/* uses parital <time.h> structures */
#define XTIME(tl) (0)
#define XGMTIME(c, t) rtpsys_gmtime((c))
#elif defined(MICRIUM)
#include <clk.h>
#include <time.h>
#define XTIME(t1) micrium_time((t1))
#define WOLFSSL_GMTIME
#elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)
#include <time.h>
#define XTIME(t1) pic32_time((t1))
#define XGMTIME(c, t) gmtime((c))
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
#define XTIME(t1) mqx_time((t1))
#define HAVE_GMTIME_R
#elif defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) || \
defined(FREESCALE_KSDK_FREERTOS)
#include <time.h>
#ifndef XTIME
/*extern time_t ksdk_time(time_t* timer);*/
#define XTIME(t1) ksdk_time((t1))
#endif
#define XGMTIME(c, t) gmtime((c))
#elif defined(WOLFSSL_ATMEL)
#define XTIME(t1) atmel_get_curr_time_and_date((t1))
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#define USE_WOLF_TIME_T
#elif defined(IDIRECT_DEV_TIME)
/*Gets the timestamp from cloak software owned by VT iDirect
in place of time() from <time.h> */
#include <time.h>
#define XTIME(t1) idirect_time((t1))
#define XGMTIME(c, t) gmtime((c))
#elif defined(_WIN32_WCE)
#include <windows.h>
#define XTIME(t1) windows_time((t1))
#define WOLFSSL_GMTIME
#else
/* default */
/* uses complete <time.h> facility */
#include <time.h>
#endif
/* Map default time functions */
#if !defined(XTIME) && !defined(TIME_OVERRIDES) && !defined(USER_TIME)
#define XTIME(tl) time((tl))
#endif
#if !defined(XGMTIME) && !defined(TIME_OVERRIDES)
#if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R)
#define XGMTIME(c, t) gmtime((c))
#else
#define XGMTIME(c, t) gmtime_r((c), (t))
#define NEED_TMP_TIME
#endif
#endif
#if !defined(XVALIDATE_DATE) && !defined(HAVE_VALIDATE_DATE)
#define USE_WOLF_VALIDDATE
#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
#endif
/* wolf struct tm and time_t */
#if defined(USE_WOLF_TM)
struct tm {
int tm_sec; /* seconds after the minute [0-60] */
int tm_min; /* minutes after the hour [0-59] */
int tm_hour; /* hours since midnight [0-23] */
int tm_mday; /* day of the month [1-31] */
int tm_mon; /* months since January [0-11] */
int tm_year; /* years since 1900 */
int tm_wday; /* days since Sunday [0-6] */
int tm_yday; /* days since January 1 [0-365] */
int tm_isdst; /* Daylight Savings Time flag */
long tm_gmtoff; /* offset from CUT in seconds */
char *tm_zone; /* timezone abbreviation */
};
#endif /* USE_WOLF_TM */
#if defined(USE_WOLF_TIME_T)
typedef long time_t;
#endif
/* forward declarations */
#if defined(USER_TIME)
struct tm* gmtime(const time_t* timer);
extern time_t XTIME(time_t * timer);
#ifdef STACK_TRAP
/* for stack trap tracking, don't call os gmtime on OS X/linux,
uses a lot of stack spce */
extern time_t time(time_t * timer);
#define XTIME(tl) time((tl))
#endif /* STACK_TRAP */
#elif defined(TIME_OVERRIDES)
extern time_t XTIME(time_t * timer);
extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp);
#elif defined(WOLFSSL_GMTIME)
struct tm* gmtime(const time_t* timer);
#endif
#if defined(_WIN32_WCE)
time_t windows_time(time_t* timer)
{
SYSTEMTIME sysTime;
FILETIME fTime;
ULARGE_INTEGER intTime;
time_t localTime;
if (timer == NULL)
timer = &localTime;
GetSystemTime(&sysTime);
SystemTimeToFileTime(&sysTime, &fTime);
XMEMCPY(&intTime, &fTime, sizeof(FILETIME));
/* subtract EPOCH */
intTime.QuadPart -= 0x19db1ded53e8000;
/* to secs */
intTime.QuadPart /= 10000000;
*timer = (time_t)intTime.QuadPart;
return *timer;
}
#endif /* _WIN32_WCE */
#if defined(WOLFSSL_GMTIME)
struct tm* gmtime(const time_t* timer)
{
#define YEAR0 1900
#define EPOCH_YEAR 1970
#define SECS_DAY (24L * 60L * 60L)
#define LEAPYEAR(year) (!((year) % 4) && (((year) % 100) || !((year) %400)))
#define YEARSIZE(year) (LEAPYEAR(year) ? 366 : 365)
static const int _ytab[2][12] =
{
{31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
{31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}
};
static struct tm st_time;
struct tm* ret = &st_time;
time_t secs = *timer;
unsigned long dayclock, dayno;
int year = EPOCH_YEAR;
dayclock = (unsigned long)secs % SECS_DAY;
dayno = (unsigned long)secs / SECS_DAY;
ret->tm_sec = (int) dayclock % 60;
ret->tm_min = (int)(dayclock % 3600) / 60;
ret->tm_hour = (int) dayclock / 3600;
ret->tm_wday = (int) (dayno + 4) % 7; /* day 0 a Thursday */
while(dayno >= (unsigned long)YEARSIZE(year)) {
dayno -= YEARSIZE(year);
year++;
}
ret->tm_year = year - YEAR0;
ret->tm_yday = (int)dayno;
ret->tm_mon = 0;
while(dayno >= (unsigned long)_ytab[LEAPYEAR(year)][ret->tm_mon]) {
dayno -= _ytab[LEAPYEAR(year)][ret->tm_mon];
ret->tm_mon++;
}
ret->tm_mday = (int)++dayno;
ret->tm_isdst = 0;
return ret;
}
#endif /* WOLFSSL_GMTIME */
#if defined(HAVE_RTP_SYS)
#define YEAR0 1900
struct tm* rtpsys_gmtime(const time_t* timer) /* has a gmtime() but hangs */
{
static struct tm st_time;
struct tm* ret = &st_time;
DC_RTC_CALENDAR cal;
dc_rtc_time_get(&cal, TRUE);
ret->tm_year = cal.year - YEAR0; /* gm starts at 1900 */
ret->tm_mon = cal.month - 1; /* gm starts at 0 */
ret->tm_mday = cal.day;
ret->tm_hour = cal.hour;
ret->tm_min = cal.minute;
ret->tm_sec = cal.second;
return ret;
}
#endif /* HAVE_RTP_SYS */
#if defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)
/*
* time() is just a stub in Microchip libraries. We need our own
* implementation. Use SNTP client to get seconds since epoch.
*/
time_t pic32_time(time_t* timer)
{
#ifdef MICROCHIP_TCPIP_V5
DWORD sec = 0;
#else
uint32_t sec = 0;
#endif
time_t localTime;
if (timer == NULL)
timer = &localTime;
#ifdef MICROCHIP_MPLAB_HARMONY
sec = TCPIP_SNTP_UTCSecondsGet();
#else
sec = SNTPGetUTCSeconds();
#endif
*timer = (time_t) sec;
return *timer;
}
#endif /* MICROCHIP_TCPIP || MICROCHIP_TCPIP_V5 */
#if defined(MICRIUM)
time_t micrium_time(time_t* timer)
{
CLK_TS_SEC sec;
Clk_GetTS_Unix(&sec);
return (time_t) sec;
}
#endif /* MICRIUM */
#if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
time_t mqx_time(time_t* timer)
{
time_t localTime;
TIME_STRUCT time_s;
if (timer == NULL)
timer = &localTime;
_time_get(&time_s);
*timer = (time_t) time_s.SECONDS;
return *timer;
}
#endif /* FREESCALE_MQX || FREESCALE_KSDK_MQX */
#if defined(WOLFSSL_TIRTOS)
time_t XTIME(time_t * timer)
{
time_t sec = 0;
sec = (time_t) Seconds_get();
if (timer != NULL)
*timer = sec;
return sec;
}
#endif /* WOLFSSL_TIRTOS */
#if defined(WOLFSSL_XILINX)
#include "xrtcpsu.h"
time_t XTIME(time_t * timer)
{
time_t sec = 0;
XRtcPsu_Config* con;
XRtcPsu rtc;
con = XRtcPsu_LookupConfig(XPAR_XRTCPSU_0_DEVICE_ID);
if (con != NULL) {
if (XRtcPsu_CfgInitialize(&rtc, con, con->BaseAddr) == XST_SUCCESS) {
sec = (time_t)XRtcPsu_GetCurrentTime(&rtc);
}
else {
WOLFSSL_MSG("Unable to initialize RTC");
}
}
if (timer != NULL)
*timer = sec;
return sec;
}
#endif /* WOLFSSL_TIRTOS */
/* two byte date/time, add to value */
static INLINE void GetTime(int* value, const byte* date, int* idx)
{
@ -472,26 +122,14 @@ static INLINE void GetTime(int* value, const byte* date, int* idx)
*idx = i;
}
#if defined(IDIRECT_DEV_TIME)
extern time_t getTimestamp();
time_t idirect_time(time_t * timer)
{
time_t sec = getTimestamp();
if (timer != NULL)
*timer = sec;
return sec;
}
#endif /* IDIRECT_DEV_TIME */
#endif /* !NO_ASN_TIME */
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
#pragma warning(disable: 4996)
#endif
#define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx)

24
wolfcrypt/src/evp.c
View File

@ -764,3 +764,27 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx,
#endif /* WOLFSSL_EVP_INCLUDED */
#if defined(OPENSSL_EXTRA) && !defined(NO_PWDBASED) && !defined(NO_SHA)
WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
const unsigned char *salt,
int saltlen, int iter,
int keylen, unsigned char *out)
{
const char *nostring = "";
int ret = 0;
if (pass == NULL){
passlen = 0;
pass = nostring;
} else if (passlen == -1){
passlen = (int)XSTRLEN(pass);
}
ret = wc_PBKDF2((byte*)out, (byte*)pass, passlen, (byte*)salt, saltlen,
iter, keylen, WC_SHA);
if (ret == 0)
return SSL_SUCCESS;
else
return SSL_FAILURE;
}
#endif /* OPENSSL_EXTRA && !NO_PWDBASED !NO_SHA*/

1
wolfcrypt/src/srp.c
View File

@ -269,7 +269,6 @@ void wc_SrpTerm(Srp* srp)
if (srp) {
mp_clear(&srp->N); mp_clear(&srp->g);
mp_clear(&srp->auth); mp_clear(&srp->priv);
if (srp->salt) {
ForceZero(srp->salt, srp->saltSz);
XFREE(srp->salt, srp->heap, DYNAMIC_TYPE_SRP);

206
wolfcrypt/src/wc_port.c
View File

@ -1174,6 +1174,212 @@ int wolfSSL_CryptHwMutexUnLock(void) {
#endif
#ifndef NO_ASN_TIME
#if defined(_WIN32_WCE)
time_t windows_time(time_t* timer)
{
SYSTEMTIME sysTime;
FILETIME fTime;
ULARGE_INTEGER intTime;
time_t localTime;
if (timer == NULL)
timer = &localTime;
GetSystemTime(&sysTime);
SystemTimeToFileTime(&sysTime, &fTime);
XMEMCPY(&intTime, &fTime, sizeof(FILETIME));
/* subtract EPOCH */
intTime.QuadPart -= 0x19db1ded53e8000;
/* to secs */
intTime.QuadPart /= 10000000;
*timer = (time_t)intTime.QuadPart;
return *timer;
}
#endif /* _WIN32_WCE */
#if defined(WOLFSSL_GMTIME)
struct tm* gmtime(const time_t* timer)
{
#define YEAR0 1900
#define EPOCH_YEAR 1970
#define SECS_DAY (24L * 60L * 60L)
#define LEAPYEAR(year) (!((year) % 4) && (((year) % 100) || !((year) %400)))
#define YEARSIZE(year) (LEAPYEAR(year) ? 366 : 365)
static const int _ytab[2][12] =
{
{31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
{31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}
};
static struct tm st_time;
struct tm* ret = &st_time;
time_t secs = *timer;
unsigned long dayclock, dayno;
int year = EPOCH_YEAR;
dayclock = (unsigned long)secs % SECS_DAY;
dayno = (unsigned long)secs / SECS_DAY;
ret->tm_sec = (int) dayclock % 60;
ret->tm_min = (int)(dayclock % 3600) / 60;
ret->tm_hour = (int) dayclock / 3600;
ret->tm_wday = (int) (dayno + 4) % 7; /* day 0 a Thursday */
while(dayno >= (unsigned long)YEARSIZE(year)) {
dayno -= YEARSIZE(year);
year++;
}
ret->tm_year = year - YEAR0;
ret->tm_yday = (int)dayno;
ret->tm_mon = 0;
while(dayno >= (unsigned long)_ytab[LEAPYEAR(year)][ret->tm_mon]) {
dayno -= _ytab[LEAPYEAR(year)][ret->tm_mon];
ret->tm_mon++;
}
ret->tm_mday = (int)++dayno;
ret->tm_isdst = 0;
return ret;
}
#endif /* WOLFSSL_GMTIME */
#if defined(HAVE_RTP_SYS)
#define YEAR0 1900
struct tm* rtpsys_gmtime(const time_t* timer) /* has a gmtime() but hangs */
{
static struct tm st_time;
struct tm* ret = &st_time;
DC_RTC_CALENDAR cal;
dc_rtc_time_get(&cal, TRUE);
ret->tm_year = cal.year - YEAR0; /* gm starts at 1900 */
ret->tm_mon = cal.month - 1; /* gm starts at 0 */
ret->tm_mday = cal.day;
ret->tm_hour = cal.hour;
ret->tm_min = cal.minute;
ret->tm_sec = cal.second;
return ret;
}
#endif /* HAVE_RTP_SYS */
#if defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)
/*
* time() is just a stub in Microchip libraries. We need our own
* implementation. Use SNTP client to get seconds since epoch.
*/
time_t pic32_time(time_t* timer)
{
#ifdef MICROCHIP_TCPIP_V5
DWORD sec = 0;
#else
uint32_t sec = 0;
#endif
time_t localTime;
if (timer == NULL)
timer = &localTime;
#ifdef MICROCHIP_MPLAB_HARMONY
sec = TCPIP_SNTP_UTCSecondsGet();
#else
sec = SNTPGetUTCSeconds();
#endif
*timer = (time_t) sec;
return *timer;
}
#endif /* MICROCHIP_TCPIP || MICROCHIP_TCPIP_V5 */
#if defined(MICRIUM)
time_t micrium_time(time_t* timer)
{
CLK_TS_SEC sec;
Clk_GetTS_Unix(&sec);
return (time_t) sec;
}
#endif /* MICRIUM */
#if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
time_t mqx_time(time_t* timer)
{
time_t localTime;
TIME_STRUCT time_s;
if (timer == NULL)
timer = &localTime;
_time_get(&time_s);
*timer = (time_t) time_s.SECONDS;
return *timer;
}
#endif /* FREESCALE_MQX || FREESCALE_KSDK_MQX */
#if defined(WOLFSSL_TIRTOS)
time_t XTIME(time_t * timer)
{
time_t sec = 0;
sec = (time_t) Seconds_get();
if (timer != NULL)
*timer = sec;
return sec;
}
#endif /* WOLFSSL_TIRTOS */
#if defined(WOLFSSL_XILINX)
#include "xrtcpsu.h"
time_t XTIME(time_t * timer)
{
time_t sec = 0;
XRtcPsu_Config* con;
XRtcPsu rtc;
con = XRtcPsu_LookupConfig(XPAR_XRTCPSU_0_DEVICE_ID);
if (con != NULL) {
if (XRtcPsu_CfgInitialize(&rtc, con, con->BaseAddr) == XST_SUCCESS) {
sec = (time_t)XRtcPsu_GetCurrentTime(&rtc);
}
else {
WOLFSSL_MSG("Unable to initialize RTC");
}
}
if (timer != NULL)
*timer = sec;
return sec;
}
#endif /* WOLFSSL_XILINX */
#endif /* !NO_ASN_TIME */
#if defined(WOLFSSL_TI_CRYPT) || defined(WOLFSSL_TI_HASH)
#include <wolfcrypt/src/port/ti/ti-ccm.c> /* initialize and Mutex for TI Crypt Engine */

10
wolfssl/internal.h
View File

@ -178,6 +178,12 @@
#include <wolfssl/wolfcrypt/async.h>
#endif
#ifdef OPENSSL_EXTRA
#ifdef WOLFCRYPT_HAVE_SRP
#include <wolfssl/wolfcrypt/srp.h>
#endif
#endif
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
#pragma warning(disable: 4996)
@ -2417,6 +2423,10 @@ struct WOLFSSL_CTX {
int (*new_sess_cb)(WOLFSSL*, WOLFSSL_SESSION*);
void (*rem_sess_cb)(WOLFSSL_CTX*, WOLFSSL_SESSION*);
#endif
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256)
Srp* srp; /* TLS Secure Remote Password Protocol*/
byte* srp_password;
#endif
};

5
wolfssl/openssl/bn.h
View File

@ -84,7 +84,8 @@ WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM*,
WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx);
WOLFSSL_API void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*,
const WOLFSSL_BIGNUM*, WOLFSSL_BN_CTX *ctx);
typedef WOLFSSL_BIGNUM BIGNUM;
typedef WOLFSSL_BN_CTX BN_CTX;
typedef WOLFSSL_BN_GENCB BN_GENCB;
@ -144,6 +145,8 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_CTX_get wolfSSL_BN_CTX_get
#define BN_CTX_start wolfSSL_BN_CTX_start
#define BN_mod_inverse wolfSSL_BN_mod_inverse
#ifdef __cplusplus
} /* extern "C" */
#endif

9
wolfssl/openssl/evp.h
View File

@ -51,6 +51,7 @@
#ifdef HAVE_IDEA
#include <wolfssl/wolfcrypt/idea.h>
#endif
#include <wolfssl/wolfcrypt/pwdbased.h>
#ifdef __cplusplus
extern "C" {
@ -351,6 +352,12 @@ WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, i
WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest);
WOLFSSL_API int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char * pass, int passlen,
const unsigned char * salt,
int saltlen, int iter,
int keylen, unsigned char *out);
#define EVP_CIPH_STREAM_CIPHER WOLFSSL_EVP_CIPH_STREAM_CIPHER
#define EVP_CIPH_ECB_MODE WOLFSSL_EVP_CIPH_ECB_MODE
#define EVP_CIPH_CBC_MODE WOLFSSL_EVP_CIPH_CBC_MODE
@ -479,6 +486,8 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_add_digest wolfSSL_EVP_add_digest
#define EVP_add_cipher wolfSSL_EVP_add_cipher
#define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1
#ifndef EVP_MAX_MD_SIZE
#define EVP_MAX_MD_SIZE 64 /* sha512 */
#endif

11
wolfssl/openssl/ssl.h
View File

@ -337,6 +337,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define ASN1_TIME_print wolfSSL_ASN1_TIME_print
#define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print
#define ASN1_TIME_adj wolfSSL_ASN1_TIME_adj
#define ASN1_INTEGER_cmp wolfSSL_ASN1_INTEGER_cmp
#define ASN1_INTEGER_get wolfSSL_ASN1_INTEGER_get
@ -550,6 +551,8 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define BIO_write_filename wolfSSL_BIO_write_filename
#define BIO_set_mem_eof_return wolfSSL_BIO_set_mem_eof_return
#define TLSEXT_STATUSTYPE_ocsp 1
#define SSL_set_options wolfSSL_set_options
#define SSL_get_options wolfSSL_get_options
#define SSL_set_tmp_dh wolfSSL_set_tmp_dh
@ -617,6 +620,9 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK
#define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL
#define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME
#define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX)
#include <wolfssl/openssl/asn1.h>
@ -805,6 +811,11 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY */
#define X509_STORE_CTX_set_time wolfSSL_X509_STORE_CTX_set_time
#define SSL_CTX_add_client_CA wolfSSL_CTX_add_client_CA
#define SSL_CTX_set_srp_password wolfSSL_CTX_set_srp_password
#define SSL_CTX_set_srp_username wolfSSL_CTX_set_srp_username
#ifdef __cplusplus
} /* extern "C" */
#endif

24
wolfssl/ssl.h
View File

@ -160,6 +160,7 @@ typedef struct WOLFSSL_X509_LOOKUP WOLFSSL_X509_LOOKUP;
typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD;
typedef struct WOLFSSL_X509_CRL WOLFSSL_X509_CRL;
typedef struct WOLFSSL_X509_STORE WOLFSSL_X509_STORE;
typedef struct WOLFSSL_X509_VERIFY_PARAM WOLFSSL_X509_VERIFY_PARAM;
typedef struct WOLFSSL_BIO WOLFSSL_BIO;
typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD;
typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION;
@ -220,6 +221,15 @@ struct WOLFSSL_X509_STORE {
#endif
};
#ifdef OPENSSL_EXTRA
#define WOLFSSL_USE_CHECK_TIME 0x2
#define WOLFSSL_NO_CHECK_TIME 0x200000
struct WOLFSSL_X509_VERIFY_PARAM {
time_t check_time;
unsigned long flags;
};
#endif
typedef struct WOLFSSL_ALERT {
int code;
int level;
@ -252,6 +262,9 @@ typedef struct WOLFSSL_X509_STORE_CTX {
WOLFSSL_X509_STORE* store; /* Store full of a CA cert chain */
WOLFSSL_X509* current_cert; /* stunnel dereference */
WOLFSSL_STACK* chain;
#ifdef OPENSSL_EXTRA
WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */
#endif
char* domain; /* subject CN domain name */
void* ex_data; /* external data, for fortress build */
void* userCtx; /* user ctx */
@ -778,7 +791,9 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new(void);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*);
WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*);
WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX*,
unsigned long flags,
time_t t);
WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*);
WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value(
WOLFSSL_X509_REVOKED*,int);
@ -794,6 +809,8 @@ WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER*);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
WOLFSSL_BIGNUM *bn);
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*);
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME*, time_t,
int, long);
#endif
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list(
@ -850,6 +867,9 @@ WOLFSSL_API int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX*, int v);
WOLFSSL_API long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX*, void* arg);
WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(
WOLFSSL_CTX*, void* arg);
WOLFSSL_API int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX*, WOLFSSL_X509*);
WOLFSSL_API int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX*, char*);
WOLFSSL_API int wolfSSL_CTX_set_srp_username(WOLFSSL_CTX*, char*);
WOLFSSL_API unsigned long wolfSSL_set_options(WOLFSSL *s, unsigned long op);
WOLFSSL_API unsigned long wolfSSL_get_options(const WOLFSSL *s);
@ -864,7 +884,7 @@ WOLFSSL_API long wolfSSL_set_tlsext_status_ids(WOLFSSL *s, void *arg);
WOLFSSL_API long wolfSSL_get_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char **resp);
WOLFSSL_API long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *resp, int len);
WOLFSSL_API void wolfSSL_CONF_modules_unload(int all);
WOLFSSL_API void wolfSSL_CONF_modules_unload(int all);
WOLFSSL_API long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg);
WOLFSSL_API long wolfSSL_get_verify_result(const WOLFSSL *ssl);

3
wolfssl/wolfcrypt/asn.h
View File

@ -87,6 +87,9 @@ enum ASN_Tags {
ASN_LONG_LENGTH = 0x80
};
#define ASN_UTC_TIME_SIZE 14
#define ASN_GENERALIZED_TIME_SIZE 16
enum ASN_Flags {
ASN_CONSTRUCTED = 0x20,
ASN_CONTEXT_SPECIFIC = 0x80

4
wolfssl/wolfcrypt/srp.h
View File

@ -54,6 +54,9 @@
/* Set the minimum number of bits acceptable for private keys (RFC 5054) */
#define SRP_PRIVATE_KEY_MIN_BITS 256
/* salt size for SRP password */
#define SRP_SALT_SIZE 16
/**
* SRP side, client or server.
*/
@ -72,6 +75,7 @@ typedef enum {
SRP_TYPE_SHA512 = 4,
} SrpType;
/**
* SRP hash struct.
*/

134
wolfssl/wolfcrypt/wc_port.h
View File

@ -322,6 +322,140 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif /* max */
#endif /* USE_WINDOWS_API */
/* Time functions */
#ifndef NO_ASN_TIME
#if defined(USER_TIME)
/* Use our gmtime and time_t/struct tm types.
Only needs seconds since EPOCH using XTIME function.
time_t XTIME(time_t * timer) {}
*/
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#define USE_WOLF_TIME_T
#elif defined(TIME_OVERRIDES)
/* Override XTIME() and XGMTIME() functionality.
Requires user to provide these functions:
time_t XTIME(time_t * timer) {}
struct tm* XGMTIME(const time_t* timer, struct tm* tmp) {}
*/
#ifndef HAVE_TIME_T_TYPE
#define USE_WOLF_TIME_T
#endif
#ifndef HAVE_TM_TYPE
#define USE_WOLF_TM
#endif
#define NEED_TMP_TIME
#elif defined(HAVE_RTP_SYS)
/* uses parital <time.h> structures */
#define XTIME(tl) (0)
#define XGMTIME(c, t) rtpsys_gmtime((c))
#elif defined(MICRIUM)
#include <clk.h>
#include <time.h>
#define XTIME(t1) micrium_time((t1))
#define WOLFSSL_GMTIME
#elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)
#include <time.h>
#define XTIME(t1) pic32_time((t1))
#define XGMTIME(c, t) gmtime((c))
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
#define XTIME(t1) mqx_time((t1))
#define HAVE_GMTIME_R
#elif defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS)
#include <time.h>
#ifndef XTIME
/*extern time_t ksdk_time(time_t* timer);*/
#define XTIME(t1) ksdk_time((t1))
#endif
#define XGMTIME(c, t) gmtime((c))
#elif defined(WOLFSSL_ATMEL)
#define XTIME(t1) atmel_get_curr_time_and_date((t1))
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#define USE_WOLF_TIME_T
#elif defined(IDIRECT_DEV_TIME)
/*Gets the timestamp from cloak software owned by VT iDirect
in place of time() from <time.h> */
#include <time.h>
#define XTIME(t1) idirect_time((t1))
#define XGMTIME(c, t) gmtime((c))
#elif defined(_WIN32_WCE)
#include <windows.h>
#define XTIME(t1) windows_time((t1))
#define WOLFSSL_GMTIME
#else
/* default */
/* uses complete <time.h> facility */
#include <time.h>
#endif
/* Map default time functions */
#if !defined(XTIME) && !defined(TIME_OVERRIDES) && !defined(USER_TIME)
#define XTIME(tl) time((tl))
#endif
#if !defined(XGMTIME) && !defined(TIME_OVERRIDES)
#if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R)
#define XGMTIME(c, t) gmtime((c))
#else
#define XGMTIME(c, t) gmtime_r((c), (t))
#define NEED_TMP_TIME
#endif
#endif
#if !defined(XVALIDATE_DATE) && !defined(HAVE_VALIDATE_DATE)
#define USE_WOLF_VALIDDATE
#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
#endif
/* wolf struct tm and time_t */
#if defined(USE_WOLF_TM)
struct tm {
int tm_sec; /* seconds after the minute [0-60] */
int tm_min; /* minutes after the hour [0-59] */
int tm_hour; /* hours since midnight [0-23] */
int tm_mday; /* day of the month [1-31] */
int tm_mon; /* months since January [0-11] */
int tm_year; /* years since 1900 */
int tm_wday; /* days since Sunday [0-6] */
int tm_yday; /* days since January 1 [0-365] */
int tm_isdst; /* Daylight Savings Time flag */
long tm_gmtoff; /* offset from CUT in seconds */
char *tm_zone; /* timezone abbreviation */
};
#endif /* USE_WOLF_TM */
#if defined(USE_WOLF_TIME_T)
typedef long time_t;
#endif
/* forward declarations */
#if defined(USER_TIME)
struct tm* gmtime(const time_t* timer);
extern time_t XTIME(time_t * timer);
#ifdef STACK_TRAP
/* for stack trap tracking, don't call os gmtime on OS X/linux,
uses a lot of stack spce */
extern time_t time(time_t * timer);
#define XTIME(tl) time((tl))
#endif /* STACK_TRAP */
#elif defined(TIME_OVERRIDES)
extern time_t XTIME(time_t * timer);
extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp);
#elif defined(WOLFSSL_GMTIME)
struct tm* gmtime(const time_t* timer);
#endif
#endif /* NO_ASN_TIME */
#ifdef __cplusplus
} /* extern "C" */